{ "name": "aws", "description": "A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.", "keywords": [ "pulumi", "aws" ], "homepage": "https://pulumi.io", "license": "Apache-2.0", "attribution": "This Pulumi package is based on the [`aws` Terraform Provider](https://github.com/hashicorp/terraform-provider-aws).", "repository": "https://github.com/pulumi/pulumi-aws", "meta": { "moduleFormat": "(.*)(?:/[^/]*)" }, "language": { "csharp": { "packageReferences": { "Pulumi": "3.*" }, "namespaces": { "accessanalyzer": "AccessAnalyzer", "account": "Account", "acm": "Acm", "acmpca": "Acmpca", "alb": "Alb", "amp": "Amp", "amplify": "Amplify", "apigateway": "ApiGateway", "apigatewayv2": "ApiGatewayV2", "appautoscaling": "AppAutoScaling", "appconfig": "AppConfig", "appfabric": "AppFabric", "appflow": "AppFlow", "appintegrations": "AppIntegrations", "applicationinsights": "ApplicationInsights", "applicationloadbalancing": "ApplicationLoadBalancing", "appmesh": "AppMesh", "apprunner": "AppRunner", "appstream": "AppStream", "appsync": "AppSync", "athena": "Athena", "auditmanager": "Auditmanager", "autoscaling": "AutoScaling", "autoscalingplans": "AutoScalingPlans", "aws": "Aws", "backup": "Backup", "batch": "Batch", "bcmdata": "BcmData", "bedrock": "Bedrock", "bedrockfoundation": "BedrockFoundation", "bedrockmodel": "BedrockModel", "budgets": "Budgets", "cfg": "Cfg", "chatbot": "Chatbot", "chime": "Chime", "chimesdkmediapipelines": "ChimeSDKMediaPipelines", "cleanrooms": "CleanRooms", "cloud9": "Cloud9", "cloudcontrol": "CloudControl", "cloudformation": "CloudFormation", "cloudfront": "CloudFront", "cloudhsmv2": "CloudHsmV2", "cloudsearch": "CloudSearch", "cloudtrail": "CloudTrail", "cloudwatch": "CloudWatch", "codeartifact": "CodeArtifact", "codebuild": "CodeBuild", "codecatalyst": "CodeCatalyst", "codecommit": "CodeCommit", "codedeploy": "CodeDeploy", "codeguruprofiler": "CodeGuruProfiler", "codegurureviewer": "CodeGuruReviewer", "codepipeline": "CodePipeline", "codestarconnections": "CodeStarConnections", "codestarnotifications": "CodeStarNotifications", "cognito": "Cognito", "comprehend": "Comprehend", "connect": "Connect", "controltower": "ControlTower", "costexplorer": "CostExplorer", "cur": "Cur", "customerprofiles": "CustomerProfiles", "dataexchange": "DataExchange", "datapipeline": "DataPipeline", "datasync": "DataSync", "datazone": "DataZone", "dax": "Dax", "detective": "Detective", "devicefarm": "DeviceFarm", "devopsguru": "DevOpsGuru", "directconnect": "DirectConnect", "directoryservice": "DirectoryService", "dlm": "Dlm", "dms": "Dms", "docdb": "DocDB", "drs": "Drs", "dynamodb": "DynamoDB", "ebs": "Ebs", "ec2": "Ec2", "ec2clientvpn": "Ec2ClientVpn", "ec2transitgateway": "Ec2TransitGateway", "ecr": "Ecr", "ecrpublic": "EcrPublic", "ecs": "Ecs", "efs": "Efs", "eks": "Eks", "elasticache": "ElastiCache", "elasticbeanstalk": "ElasticBeanstalk", "elasticloadbalancing": "ElasticLoadBalancing", "elasticloadbalancingv2": "ElasticLoadBalancingV2", "elasticsearch": "ElasticSearch", "elastictranscoder": "ElasticTranscoder", "elb": "Elb", "emr": "Emr", "emrcontainers": "EmrContainers", "emrserverless": "EmrServerless", "evidently": "Evidently", "finspace": "FinSpace", "fis": "Fis", "fms": "Fms", "fsx": "Fsx", "gamelift": "GameLift", "glacier": "Glacier", "globalaccelerator": "GlobalAccelerator", "glue": "Glue", "grafana": "Grafana", "guardduty": "GuardDuty", "iam": "Iam", "identitystore": "IdentityStore", "imagebuilder": "ImageBuilder", "index": "index", "inspector": "Inspector", "inspector2": "Inspector2", "iot": "Iot", "ivs": "Ivs", "ivschat": "IvsChat", "kendra": "Kendra", "keyspaces": "Keyspaces", "kinesis": "Kinesis", "kinesisanalyticsv2": "KinesisAnalyticsV2", "kms": "Kms", "lakeformation": "LakeFormation", "lambda": "Lambda", "lb": "LB", "lex": "Lex", "licensemanager": "LicenseManager", "lightsail": "LightSail", "location": "Location", "m2": "M2", "macie": "Macie", "macie2": "Macie2", "mediaconvert": "MediaConvert", "medialive": "MediaLive", "mediapackage": "MediaPackage", "mediastore": "MediaStore", "memorydb": "MemoryDb", "mq": "Mq", "msk": "Msk", "mskconnect": "MskConnect", "mwaa": "Mwaa", "neptune": "Neptune", "networkfirewall": "NetworkFirewall", "networkmanager": "NetworkManager", "networkmonitor": "NetworkMonitor", "oam": "Oam", "opensearch": "OpenSearch", "opensearchingest": "OpenSearchIngest", "opsworks": "OpsWorks", "organizations": "Organizations", "outposts": "Outposts", "paymentcryptography": "PaymentCryptography", "pinpoint": "Pinpoint", "pipes": "Pipes", "polly": "Polly", "pricing": "Pricing", "qldb": "Qldb", "quicksight": "Quicksight", "ram": "Ram", "rbin": "Rbin", "rds": "Rds", "redshift": "RedShift", "redshiftdata": "RedshiftData", "redshiftserverless": "RedshiftServerless", "rekognition": "Rekognition", "resourceexplorer": "ResourceExplorer", "resourcegroups": "ResourceGroups", "resourcegroupstaggingapi": "ResourceGroupsTaggingApi", "rolesanywhere": "RolesAnywhere", "route53": "Route53", "route53domains": "Route53Domains", "route53recoverycontrol": "Route53RecoveryControl", "route53recoveryreadiness": "Route53RecoveryReadiness", "rum": "Rum", "s3": "S3", "s3control": "S3Control", "s3outposts": "S3Outposts", "sagemaker": "Sagemaker", "scheduler": "Scheduler", "schemas": "Schemas", "secretsmanager": "SecretsManager", "securityhub": "SecurityHub", "securitylake": "SecurityLake", "serverlessrepository": "ServerlessRepository", "servicecatalog": "ServiceCatalog", "servicediscovery": "ServiceDiscovery", "servicequotas": "ServiceQuotas", "ses": "Ses", "sesv2": "SesV2", "sfn": "Sfn", "shield": "Shield", "signer": "Signer", "simpledb": "SimpleDB", "sns": "Sns", "sqs": "Sqs", "ssm": "Ssm", "ssmcontacts": "SsmContacts", "ssmincidents": "SsmIncidents", "ssoadmin": "SsoAdmin", "storagegateway": "StorageGateway", "swf": "Swf", "synthetics": "Synthetics", "timestreamwrite": "TimestreamWrite", "transcribe": "Transcribe", "transfer": "Transfer", "verifiedaccess": "VerifiedAccess", "verifiedpermissions": "VerifiedPermissions", "vpc": "Vpc", "vpclattice": "VpcLattice", "waf": "Waf", "wafregional": "WafRegional", "wafv2": "WafV2", "worklink": "WorkLink", "workspaces": "Workspaces", "xray": "Xray" }, "compatibility": "tfbridge20", "respectSchemaVersion": true }, "go": { "importBasePath": "github.com/pulumi/pulumi-aws/sdk/v6/go/aws", "generateResourceContainerTypes": true, "generateExtraInputTypes": true, "respectSchemaVersion": true }, "nodejs": { "packageDescription": "A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.", "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-aws)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-aws` repo](https://github.com/pulumi/pulumi-aws/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-aws` repo](https://github.com/hashicorp/terraform-provider-aws/issues).", "dependencies": { "@pulumi/pulumi": "^3.0.0", "builtin-modules": "3.0.0", "mime": "^2.0.0", "resolve": "^1.7.1" }, "devDependencies": { "@types/mime": "^2.0.0", "@types/node": "^10.0.0" }, "compatibility": "tfbridge20", "disableUnionOutputTypes": true, "respectSchemaVersion": true }, "python": { "requires": { "pulumi": "\u003e=3.0.0,\u003c4.0.0" }, "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-aws)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-aws` repo](https://github.com/pulumi/pulumi-aws/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-aws` repo](https://github.com/hashicorp/terraform-provider-aws/issues).", "compatibility": "tfbridge20", "respectSchemaVersion": true, "pyproject": { "enabled": true }, "inputTypes": "classes-and-dicts" } }, "config": { "variables": { "accessKey": { "type": "string", "description": "The access key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "allowedAccountIds": { "type": "array", "items": { "type": "string" } }, "assumeRole": { "$ref": "#/types/aws:config/assumeRole:assumeRole" }, "assumeRoleWithWebIdentity": { "$ref": "#/types/aws:config/assumeRoleWithWebIdentity:assumeRoleWithWebIdentity" }, "customCaBundle": { "type": "string", "description": "File containing custom root and intermediate certificates. Can also be configured using the `AWS_CA_BUNDLE` environment\nvariable. (Setting `ca_bundle` in the shared config file is not supported.)\n" }, "defaultTags": { "$ref": "#/types/aws:config/defaultTags:defaultTags", "description": "Configuration block with settings to default resource tags across all resources.\n" }, "ec2MetadataServiceEndpoint": { "type": "string", "description": "Address of the EC2 metadata service endpoint to use. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT` environment variable.\n" }, "ec2MetadataServiceEndpointMode": { "type": "string", "description": "Protocol to use with EC2 metadata service endpoint.Valid values are `IPv4` and `IPv6`. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE` environment variable.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:config/endpoints:endpoints" } }, "forbiddenAccountIds": { "type": "array", "items": { "type": "string" } }, "httpProxy": { "type": "string", "description": "URL of a proxy to use for HTTP requests when accessing the AWS API. Can also be set using the `HTTP_PROXY` or\n`http_proxy` environment variables.\n" }, "httpsProxy": { "type": "string", "description": "URL of a proxy to use for HTTPS requests when accessing the AWS API. Can also be set using the `HTTPS_PROXY` or\n`https_proxy` environment variables.\n" }, "ignoreTags": { "$ref": "#/types/aws:config/ignoreTags:ignoreTags", "description": "Configuration block with settings to ignore resource tags across all resources.\n" }, "insecure": { "type": "boolean", "description": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted, default value is `false`\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.\n" }, "noProxy": { "type": "string", "description": "Comma-separated list of hosts that should not use HTTP or HTTPS proxies. Can also be set using the `NO_PROXY` or\n`no_proxy` environment variables.\n" }, "profile": { "type": "string", "description": "The profile for API operations. If not set, the default profile created with `aws configure` will be used.\n" }, "region": { "type": "string", "$ref": "#/types/aws:index/region:Region", "description": "The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.\n", "defaultInfo": { "environment": [ "AWS_REGION", "AWS_DEFAULT_REGION" ] } }, "retryMode": { "type": "string", "description": "Specifies how retries are attempted. Valid values are `standard` and `adaptive`. Can also be configured using the\n`AWS_RETRY_MODE` environment variable.\n" }, "s3UsEast1RegionalEndpoint": { "type": "string", "description": "Specifies whether S3 API calls in the `us-east-1` region use the legacy global endpoint or a regional endpoint. Valid\nvalues are `legacy` or `regional`. Can also be configured using the `AWS_S3_US_EAST_1_REGIONAL_ENDPOINT` environment\nvariable or the `s3_us_east_1_regional_endpoint` shared config file parameter\n" }, "s3UsePathStyle": { "type": "boolean", "description": "Set this to true to enable the request to use path-style addressing, i.e., https://s3.amazonaws.com/BUCKET/KEY. By\ndefault, the S3 client will use virtual hosted bucket addressing when possible (https://BUCKET.s3.amazonaws.com/KEY).\nSpecific to the Amazon S3 service.\n" }, "secretKey": { "type": "string", "description": "The secret key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "sharedConfigFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared config files. If not set, defaults to [~/.aws/config].\n" }, "sharedCredentialsFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared credentials files. If not set, defaults to [~/.aws/credentials].\n" }, "skipCredentialsValidation": { "type": "boolean", "description": "Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS\navailable/implemented.\n", "default": false }, "skipMetadataApiCheck": { "type": "boolean", "description": "Skip the AWS Metadata API check. Used for AWS API implementations that do not have a metadata api endpoint.\n" }, "skipRegionValidation": { "type": "boolean", "description": "Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are\nnot public (yet).\n", "default": true }, "skipRequestingAccountId": { "type": "boolean", "description": "Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.\n" }, "stsRegion": { "type": "string", "description": "The region where AWS STS operations will take place. Examples are us-east-1 and us-west-2.\n" }, "token": { "type": "string", "description": "session token. A session token is only required if you are using temporary security credentials.\n", "secret": true }, "tokenBucketRateLimiterCapacity": { "type": "integer", "description": "The capacity of the AWS SDK's token bucket rate limiter.\n" }, "useDualstackEndpoint": { "type": "boolean", "description": "Resolve an endpoint with DualStack capability\n" }, "useFipsEndpoint": { "type": "boolean", "description": "Resolve an endpoint with FIPS capability\n" } } }, "types": { "aws:accessanalyzer/AnalyzerConfiguration:AnalyzerConfiguration": { "properties": { "unusedAccess": { "$ref": "#/types/aws:accessanalyzer/AnalyzerConfigurationUnusedAccess:AnalyzerConfigurationUnusedAccess", "description": "A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:accessanalyzer/AnalyzerConfigurationUnusedAccess:AnalyzerConfigurationUnusedAccess": { "properties": { "unusedAccessAge": { "type": "integer", "description": "The specified access age in days for which to generate findings for unused access.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:accessanalyzer/ArchiveRuleFilter:ArchiveRuleFilter": { "properties": { "contains": { "type": "array", "items": { "type": "string" }, "description": "Contains comparator.\n" }, "criteria": { "type": "string", "description": "Filter criteria.\n" }, "eqs": { "type": "array", "items": { "type": "string" }, "description": "Equals comparator.\n" }, "exists": { "type": "string", "description": "Boolean comparator.\n" }, "neqs": { "type": "array", "items": { "type": "string" }, "description": "Not Equals comparator.\n" } }, "type": "object", "required": [ "criteria" ], "language": { "nodejs": { "requiredOutputs": [ "contains", "criteria", "eqs", "exists", "neqs" ] } } }, "aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption": { "properties": { "domainName": { "type": "string", "description": "Fully qualified domain name (FQDN) in the certificate.\n" }, "resourceRecordName": { "type": "string", "description": "The name of the DNS record to create to validate the certificate\n" }, "resourceRecordType": { "type": "string", "description": "The type of DNS record to create\n" }, "resourceRecordValue": { "type": "string", "description": "The value the DNS record needs to have\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "resourceRecordName", "resourceRecordType", "resourceRecordValue" ] } } }, "aws:acm/CertificateOptions:CertificateOptions": { "properties": { "certificateTransparencyLoggingPreference": { "type": "string", "description": "Whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details.\n" } }, "type": "object" }, "aws:acm/CertificateRenewalSummary:CertificateRenewalSummary": { "properties": { "renewalStatus": { "type": "string", "description": "The status of ACM's managed renewal of the certificate\n" }, "renewalStatusReason": { "type": "string", "description": "The reason that a renewal request was unsuccessful or is pending\n" }, "updatedAt": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "renewalStatus", "renewalStatusReason", "updatedAt" ] } } }, "aws:acm/CertificateValidationOption:CertificateValidationOption": { "properties": { "domainName": { "type": "string", "description": "Fully qualified domain name (FQDN) in the certificate.\n", "willReplaceOnChanges": true }, "validationDomain": { "type": "string", "description": "Domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `domain_name` value or a superdomain of the `domain_name` value. For example, if you request a certificate for `\"testing.example.com\"`, you can specify `\"example.com\"` for this value.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "domainName", "validationDomain" ] }, "aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration": { "properties": { "keyAlgorithm": { "type": "string", "description": "Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).\n", "willReplaceOnChanges": true }, "signingAlgorithm": { "type": "string", "description": "Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html).\n", "willReplaceOnChanges": true }, "subject": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfigurationSubject:CertificateAuthorityCertificateAuthorityConfigurationSubject", "description": "Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "keyAlgorithm", "signingAlgorithm", "subject" ] }, "aws:acmpca/CertificateAuthorityCertificateAuthorityConfigurationSubject:CertificateAuthorityCertificateAuthorityConfigurationSubject": { "properties": { "commonName": { "type": "string", "description": "Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true }, "country": { "type": "string", "description": "Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length.\n", "willReplaceOnChanges": true }, "distinguishedNameQualifier": { "type": "string", "description": "Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true }, "generationQualifier": { "type": "string", "description": "Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length.\n", "willReplaceOnChanges": true }, "givenName": { "type": "string", "description": "First name. Must be less than or equal to 16 characters in length.\n", "willReplaceOnChanges": true }, "initials": { "type": "string", "description": "Concatenation that typically contains the first letter of the `given_name`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length.\n", "willReplaceOnChanges": true }, "locality": { "type": "string", "description": "Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length.\n", "willReplaceOnChanges": true }, "organization": { "type": "string", "description": "Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true }, "organizationalUnit": { "type": "string", "description": "Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true }, "pseudonym": { "type": "string", "description": "Typically a shortened version of a longer `given_name`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length.\n", "willReplaceOnChanges": true }, "surname": { "type": "string", "description": "Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length.\n", "willReplaceOnChanges": true }, "title": { "type": "string", "description": "Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration": { "properties": { "crlConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfigurationCrlConfiguration:CertificateAuthorityRevocationConfigurationCrlConfiguration", "description": "Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below.\n" }, "ocspConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfigurationOcspConfiguration:CertificateAuthorityRevocationConfigurationOcspConfiguration", "description": "Nested argument containing configuration of\nthe custom OCSP responder endpoint. Defined below.\n" } }, "type": "object" }, "aws:acmpca/CertificateAuthorityRevocationConfigurationCrlConfiguration:CertificateAuthorityRevocationConfigurationCrlConfiguration": { "properties": { "customCname": { "type": "string", "description": "Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length.\n" }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`.\n" }, "expirationInDays": { "type": "integer", "description": "Number of days until a certificate expires. Must be between 1 and 5000.\n" }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket that contains the CRL. If you do not provide a value for the `custom_cname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length.\n" }, "s3ObjectAcl": { "type": "string", "description": "Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "s3ObjectAcl" ] } } }, "aws:acmpca/CertificateAuthorityRevocationConfigurationOcspConfiguration:CertificateAuthorityRevocationConfigurationOcspConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Boolean value that specifies whether a custom OCSP responder is enabled.\n" }, "ocspCustomCname": { "type": "string", "description": "CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:acmpca/CertificateValidity:CertificateValidity": { "properties": { "type": { "type": "string", "description": "Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type", "value" ] }, "aws:acmpca/getCertificateAuthorityRevocationConfiguration:getCertificateAuthorityRevocationConfiguration": { "properties": { "crlConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfigurationCrlConfiguration:getCertificateAuthorityRevocationConfigurationCrlConfiguration" }, "description": "Nested attribute containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority.\n" }, "ocspConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfigurationOcspConfiguration:getCertificateAuthorityRevocationConfigurationOcspConfiguration" } } }, "type": "object", "required": [ "crlConfigurations", "ocspConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:acmpca/getCertificateAuthorityRevocationConfigurationCrlConfiguration:getCertificateAuthorityRevocationConfigurationCrlConfiguration": { "properties": { "customCname": { "type": "string", "description": "Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point.\n" }, "enabled": { "type": "boolean", "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled.\n" }, "expirationInDays": { "type": "integer", "description": "Number of days until a certificate expires.\n" }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket that contains the CRL.\n" }, "s3ObjectAcl": { "type": "string", "description": "Whether the CRL is publicly readable or privately held in the CRL Amazon S3 bucket.\n" } }, "type": "object", "required": [ "customCname", "enabled", "expirationInDays", "s3BucketName", "s3ObjectAcl" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:acmpca/getCertificateAuthorityRevocationConfigurationOcspConfiguration:getCertificateAuthorityRevocationConfigurationOcspConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Boolean value that specifies whether a custom OCSP responder is enabled.\n" }, "ocspCustomCname": { "type": "string", "description": "A CNAME specifying a customized OCSP domain.\n" } }, "type": "object", "required": [ "enabled", "ocspCustomCname" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/IpAddressType:IpAddressType": { "type": "string", "enum": [ { "name": "Ipv4", "value": "ipv4" }, { "name": "Dualstack", "value": "dualstack" } ] }, "aws:alb/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:alb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "description": "Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. Detailed below.\n" }, "authenticateOidc": { "$ref": "#/types/aws:alb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "description": "Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. Detailed below.\n" }, "fixedResponse": { "$ref": "#/types/aws:alb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n" }, "forward": { "$ref": "#/types/aws:alb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if `type` is `forward`.\nCannot be specified with `target_group_arn`.\nDetailed below.\n" }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between `1` and `50000`.\nDefaults to the position in the list of actions.\n" }, "redirect": { "$ref": "#/types/aws:alb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Configuration block for creating a redirect action. Required if `type` is `redirect`. Detailed below.\n" }, "targetGroupArn": { "type": "string", "description": "ARN of the Target Group to which to route traffic.\nSpecify only if `type` is `forward` and you want to route to a single target group.\nTo route to one or more target groups, use a `forward` block instead.\nCannot be specified with `forward`.\n" }, "type": { "type": "string", "description": "Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:alb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "Behavior if the user is not authenticated. Valid values are `deny`, `allow` and `authenticate`.\n" }, "scope": { "type": "string", "description": "Set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "Name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "Maximum duration of the authentication session, in seconds.\n" }, "userPoolArn": { "type": "string", "description": "ARN of the Cognito user pool.\n" }, "userPoolClientId": { "type": "string", "description": "ID of the Cognito user pool client.\n" }, "userPoolDomain": { "type": "string", "description": "Domain prefix or fully-qualified domain name of the Cognito user pool.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:alb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "authorizationEndpoint": { "type": "string", "description": "Authorization endpoint of the IdP.\n" }, "clientId": { "type": "string", "description": "OAuth 2.0 client identifier.\n" }, "clientSecret": { "type": "string", "description": "OAuth 2.0 client secret.\n", "secret": true }, "issuer": { "type": "string", "description": "OIDC issuer identifier of the IdP.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "Behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "Set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "Name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "Maximum duration of the authentication session, in seconds.\n" }, "tokenEndpoint": { "type": "string", "description": "Token endpoint of the IdP.\n" }, "userInfoEndpoint": { "type": "string", "description": "User info endpoint of the IdP.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:alb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "Content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n\nThe following arguments are optional:\n" }, "messageBody": { "type": "string", "description": "Message body.\n" }, "statusCode": { "type": "string", "description": "HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n" } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:alb/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:alb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "Configuration block for target group stickiness for the rule. Detailed below.\n" }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "Set of 1-5 target group blocks. Detailed below.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "targetGroups" ] }, "aws:alb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n\nThe following arguments are optional:\n" }, "enabled": { "type": "boolean", "description": "Whether target group stickiness is enabled. Default is `false`.\n" } }, "type": "object", "required": [ "duration" ] }, "aws:alb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the target group.\n\nThe following arguments are optional:\n" }, "weight": { "type": "integer", "description": "Weight. The range is 0 to 999.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:alb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n" }, "path": { "type": "string", "description": "Absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n" }, "port": { "type": "string", "description": "Port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n" }, "protocol": { "type": "string", "description": "Protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n" }, "query": { "type": "string", "description": "Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n" }, "statusCode": { "type": "string", "description": "HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:alb/ListenerMutualAuthentication:ListenerMutualAuthentication": { "properties": { "ignoreClientCertificateExpiry": { "type": "boolean", "description": "Whether client certificate expiry is ignored. Default is `false`.\n" }, "mode": { "type": "string", "description": "Valid values are `off`, `verify` and `passthrough`.\n" }, "trustStoreArn": { "type": "string", "description": "ARN of the elbv2 Trust Store.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:alb/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:alb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n" }, "authenticateOidc": { "$ref": "#/types/aws:alb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n" }, "fixedResponse": { "$ref": "#/types/aws:alb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n" }, "forward": { "$ref": "#/types/aws:alb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if `type` is `forward`.\nCannot be specified with `target_group_arn`.\n" }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between `1` and `50000`.\nDefaults to the position in the list of actions.\n" }, "redirect": { "$ref": "#/types/aws:alb/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n" }, "targetGroupArn": { "type": "string", "description": "ARN of the Target Group to which to route traffic.\nSpecify only if `type` is `forward` and you want to route to a single target group.\nTo route to one or more target groups, use a `forward` block instead.\nCannot be specified with `forward`.\n" }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:alb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n" }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n" }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n" }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n" } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:alb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n" }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n" }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "secret": true }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n" }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n" }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n" } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:alb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n" }, "messageBody": { "type": "string", "description": "The message body.\n" }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n" } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:alb/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:alb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n" }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n" } }, "type": "object", "required": [ "targetGroups" ] }, "aws:alb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n" }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n" } }, "type": "object", "required": [ "duration" ] }, "aws:alb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:alb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n" }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n" }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n" }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n" }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n" }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:alb/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "hostHeader": { "$ref": "#/types/aws:alb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n" }, "httpHeader": { "$ref": "#/types/aws:alb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n" }, "httpRequestMethod": { "$ref": "#/types/aws:alb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n" }, "pathPattern": { "$ref": "#/types/aws:alb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n" }, "sourceIp": { "$ref": "#/types/aws:alb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n\n\u003e **NOTE::** Exactly one of `host_header`, `http_header`, `http_request_method`, `path_pattern`, `query_string` or `source_ip` must be set per condition.\n" } }, "type": "object" }, "aws:alb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:alb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n" } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:alb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:alb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:alb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n" }, "value": { "type": "string", "description": "Query string value pattern to match.\n" } }, "type": "object", "required": [ "value" ] }, "aws:alb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "S3 bucket name to store the logs in.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n" }, "prefix": { "type": "string", "description": "S3 bucket prefix. Logs are stored in the root if not configured.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:alb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs": { "properties": { "bucket": { "type": "string", "description": "S3 bucket name to store the logs in.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `connection_logs`. Defaults to `false`, even when `bucket` is specified.\n" }, "prefix": { "type": "string", "description": "S3 bucket prefix. Logs are stored in the root if not configured.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "Allocation ID of the Elastic IP address for an internet-facing load balancer.\n" }, "ipv6Address": { "type": "string", "description": "IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.\n" }, "outpostId": { "type": "string" }, "privateIpv4Address": { "type": "string", "description": "Private IPv4 address for an internal load balancer.\n" }, "subnetId": { "type": "string", "description": "ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n" } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredOutputs": [ "outpostId", "subnetId" ] } } }, "aws:alb/LoadBalancerType:LoadBalancerType": { "type": "string", "enum": [ { "name": "Application", "value": "application" }, { "name": "Network", "value": "network" } ] }, "aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Whether health checks are enabled. Defaults to `true`.\n" }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive health check successes required before considering a target healthy. The range is 2-10. Defaults to 3.\n" }, "interval": { "type": "integer", "description": "Approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. For `lambda` target groups, it needs to be greater than the timeout of the underlying `lambda`. Defaults to 30.\n" }, "matcher": { "type": "string", "description": "The HTTP or gRPC codes to use when checking for a successful response from a target.\nThe `health_check.protocol` must be one of `HTTP` or `HTTPS` or the `target_type` must be `lambda`.\nValues can be comma-separated individual values (e.g., \"200,202\") or a range of values (e.g., \"200-299\").\n* For gRPC-based target groups (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocol_version` is `GRPC`), values can be between `0` and `99`. The default is `12`.\n* When used with an Application Load Balancer (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocol_version` is not `GRPC`), values can be between `200` and `499`. The default is `200`.\n* When used with a Network Load Balancer (i.e., the `protocol` is one of `TCP`, `TCP_UDP`, `UDP`, or `TLS`), values can be between `200` and `599`. The default is `200-399`.\n* When the `target_type` is `lambda`, values can be between `200` and `499`. The default is `200`.\n" }, "path": { "type": "string", "description": "Destination for the health check request. Required for HTTP/HTTPS ALB and HTTP NLB. Only applies to HTTP/HTTPS.\n* For HTTP and HTTPS health checks, the default is `/`.\n* For gRPC health checks, the default is `/Amazon Web Services.ALB/healthcheck`.\n" }, "port": { "type": "string", "description": "The port the load balancer uses when performing health checks on targets.\nValid values are either `traffic-port`, to use the same port as the target group, or a valid port number between `1` and `65536`.\nDefault is `traffic-port`.\n" }, "protocol": { "type": "string", "description": "Protocol the load balancer uses when performing health checks on targets.\nMust be one of `TCP`, `HTTP`, or `HTTPS`.\nThe `TCP` protocol is not supported for health checks if the protocol of the target group is `HTTP` or `HTTPS`.\nDefault is `HTTP`.\nCannot be specified when the `target_type` is `lambda`.\n" }, "timeout": { "type": "integer", "description": "Amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is lambda, the default is 30 seconds.\n" }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. Defaults to 3.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:alb/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "Only used when the type is `lb_cookie`. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n" }, "cookieName": { "type": "string", "description": "Name of the application based cookie. AWSALB, AWSALBAPP, and AWSALBTG prefixes are reserved and cannot be used. Only needed when type is `app_cookie`.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`.\n" }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible values are `lb_cookie`, `app_cookie` for ALBs, `source_ip` for NLBs, and `source_ip_dest_ip`, `source_ip_dest_ip_proto` for GWLBs.\n" } }, "type": "object", "required": [ "type" ] }, "aws:alb/TargetGroupTargetFailover:TargetGroupTargetFailover": { "properties": { "onDeregistration": { "type": "string", "description": "Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance`.\n" }, "onUnhealthy": { "type": "string", "description": "Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance`.\n" } }, "type": "object", "required": [ "onDeregistration", "onUnhealthy" ] }, "aws:alb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth": { "properties": { "dnsFailover": { "$ref": "#/types/aws:alb/TargetGroupTargetGroupHealthDnsFailover:TargetGroupTargetGroupHealthDnsFailover", "description": "Block to configure DNS Failover requirements. See DNS Failover below for details on attributes.\n" }, "unhealthyStateRouting": { "$ref": "#/types/aws:alb/TargetGroupTargetGroupHealthUnhealthyStateRouting:TargetGroupTargetGroupHealthUnhealthyStateRouting", "description": "Block to configure Unhealthy State Routing requirements. See Unhealthy State Routing below for details on attributes.\n" } }, "type": "object" }, "aws:alb/TargetGroupTargetGroupHealthDnsFailover:TargetGroupTargetGroupHealthDnsFailover": { "properties": { "minimumHealthyTargetsCount": { "type": "string", "description": "The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to the maximum number of targets. The default is `off`.\n" }, "minimumHealthyTargetsPercentage": { "type": "string", "description": "The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to `100`. The default is `off`.\n" } }, "type": "object" }, "aws:alb/TargetGroupTargetGroupHealthUnhealthyStateRouting:TargetGroupTargetGroupHealthUnhealthyStateRouting": { "properties": { "minimumHealthyTargetsCount": { "type": "integer", "description": "The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `1` to the maximum number of targets. The default is `1`.\n" }, "minimumHealthyTargetsPercentage": { "type": "string", "description": "The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from `1` to `100`. The default is `off`.\n" } }, "type": "object" }, "aws:alb/TargetGroupTargetHealthState:TargetGroupTargetHealthState": { "properties": { "enableUnhealthyConnectionTermination": { "type": "boolean", "description": "Indicates whether the load balancer terminates connections to unhealthy targets. Possible values are `true` or `false`. Default: `true`.\n" } }, "type": "object", "required": [ "enableUnhealthyConnectionTermination" ] }, "aws:alb/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" } }, "forwards": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionForward:getListenerDefaultActionForward" } }, "order": { "type": "integer" }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" } }, "targetGroupArn": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "forwards", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" } }, "onUnauthenticatedRequest": { "type": "string" }, "scope": { "type": "string" }, "sessionCookieName": { "type": "string" }, "sessionTimeout": { "type": "integer" }, "userPoolArn": { "type": "string" }, "userPoolClientId": { "type": "string" }, "userPoolDomain": { "type": "string" } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" } }, "authorizationEndpoint": { "type": "string" }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "issuer": { "type": "string" }, "onUnauthenticatedRequest": { "type": "string" }, "scope": { "type": "string" }, "sessionCookieName": { "type": "string" }, "sessionTimeout": { "type": "integer" }, "tokenEndpoint": { "type": "string" }, "userInfoEndpoint": { "type": "string" } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string" }, "messageBody": { "type": "string" }, "statusCode": { "type": "string" } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionForward:getListenerDefaultActionForward": { "properties": { "stickinesses": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionForwardStickiness:getListenerDefaultActionForwardStickiness" } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:alb/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup" } } }, "type": "object", "required": [ "stickinesses", "targetGroups" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionForwardStickiness:getListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "duration", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "arn", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string" }, "path": { "type": "string" }, "port": { "type": "string", "description": "Port of the listener. Required if `arn` is not set.\n" }, "protocol": { "type": "string" }, "query": { "type": "string" }, "statusCode": { "type": "string" } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getListenerMutualAuthentication:getListenerMutualAuthentication": { "properties": { "ignoreClientCertificateExpiry": { "type": "boolean" }, "mode": { "type": "string" }, "trustStoreArn": { "type": "string" } }, "type": "object", "required": [ "ignoreClientCertificateExpiry", "mode", "trustStoreArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string" }, "enabled": { "type": "boolean" }, "prefix": { "type": "string" } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getLoadBalancerConnectionLog:getLoadBalancerConnectionLog": { "properties": { "bucket": { "type": "string" }, "enabled": { "type": "boolean" }, "prefix": { "type": "string" } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string" }, "ipv6Address": { "type": "string" }, "outpostId": { "type": "string" }, "privateIpv4Address": { "type": "string" }, "subnetId": { "type": "string" } }, "type": "object", "required": [ "allocationId", "ipv6Address", "outpostId", "privateIpv4Address", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean" }, "healthyThreshold": { "type": "integer" }, "interval": { "type": "integer" }, "matcher": { "type": "string" }, "path": { "type": "string" }, "port": { "type": "string" }, "protocol": { "type": "string" }, "timeout": { "type": "integer" }, "unhealthyThreshold": { "type": "integer" } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:alb/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer" }, "cookieName": { "type": "string" }, "enabled": { "type": "boolean" }, "type": { "type": "string" } }, "type": "object", "required": [ "cookieDuration", "cookieName", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:amp/ScraperDestination:ScraperDestination": { "properties": { "amp": { "$ref": "#/types/aws:amp/ScraperDestinationAmp:ScraperDestinationAmp", "description": "Configuration block for an Amazon Managed Prometheus workspace destination. See `amp`.\n" } }, "type": "object" }, "aws:amp/ScraperDestinationAmp:ScraperDestinationAmp": { "properties": { "workspaceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the prometheus workspace.\n" } }, "type": "object", "required": [ "workspaceArn" ] }, "aws:amp/ScraperSource:ScraperSource": { "properties": { "eks": { "$ref": "#/types/aws:amp/ScraperSourceEks:ScraperSourceEks", "description": "Configuration block for an EKS cluster source. See `eks`.\n" } }, "type": "object" }, "aws:amp/ScraperSourceEks:ScraperSourceEks": { "properties": { "clusterArn": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of the security group IDs for the Amazon EKS cluster VPC configuration.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs. Must be in at least two different availability zones.\n" } }, "type": "object", "required": [ "clusterArn", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "clusterArn", "securityGroupIds", "subnetIds" ] } } }, "aws:amp/ScraperTimeouts:ScraperTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:amp/WorkspaceLoggingConfiguration:WorkspaceLoggingConfiguration": { "properties": { "logGroupArn": { "type": "string", "description": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.\n" } }, "type": "object", "required": [ "logGroupArn" ] }, "aws:amplify/AppAutoBranchCreationConfig:AppAutoBranchCreationConfig": { "properties": { "basicAuthCredentials": { "type": "string", "description": "Basic authorization credentials for the autocreated branch.\n", "secret": true }, "buildSpec": { "type": "string", "description": "Build specification (build spec) for the autocreated branch.\n" }, "enableAutoBuild": { "type": "boolean", "description": "Enables auto building for the autocreated branch.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for the autocreated branch.\n" }, "enablePerformanceMode": { "type": "boolean", "description": "Enables performance mode for the branch.\n", "willReplaceOnChanges": true }, "enablePullRequestPreview": { "type": "boolean", "description": "Enables pull request previews for the autocreated branch.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the autocreated branch.\n" }, "framework": { "type": "string", "description": "Framework for the autocreated branch.\n" }, "pullRequestEnvironmentName": { "type": "string", "description": "Amplify environment name for the pull request.\n" }, "stage": { "type": "string", "description": "Describes the current stage for the autocreated branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`.\n" } }, "type": "object" }, "aws:amplify/AppCustomRule:AppCustomRule": { "properties": { "condition": { "type": "string", "description": "Condition for a URL rewrite or redirect rule, such as a country code.\n" }, "source": { "type": "string", "description": "Source pattern for a URL rewrite or redirect rule.\n" }, "status": { "type": "string", "description": "Status code for a URL rewrite or redirect rule. Valid values: `200`, `301`, `302`, `404`, `404-200`.\n" }, "target": { "type": "string", "description": "Target pattern for a URL rewrite or redirect rule.\n" } }, "type": "object", "required": [ "source", "target" ] }, "aws:amplify/AppProductionBranch:AppProductionBranch": { "properties": { "branchName": { "type": "string", "description": "Branch name for the production branch.\n" }, "lastDeployTime": { "type": "string", "description": "Last deploy time of the production branch.\n" }, "status": { "type": "string", "description": "Status of the production branch.\n" }, "thumbnailUrl": { "type": "string", "description": "Thumbnail URL for the production branch.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "branchName", "lastDeployTime", "status", "thumbnailUrl" ] } } }, "aws:amplify/DomainAssociationCertificateSettings:DomainAssociationCertificateSettings": { "properties": { "certificateVerificationDnsRecord": { "type": "string", "description": "DNS records for certificate verification in a space-delimited format (`\u003crecord\u003e CNAME \u003ctarget\u003e`).\n" }, "customCertificateArn": { "type": "string", "description": "The Amazon resource name (ARN) for the custom certificate.\n" }, "type": { "type": "string", "description": "The certificate type. Valid values are `AMPLIFY_MANAGED` and `CUSTOM`.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "certificateVerificationDnsRecord", "type" ] } } }, "aws:amplify/DomainAssociationSubDomain:DomainAssociationSubDomain": { "properties": { "branchName": { "type": "string", "description": "Branch name setting for the subdomain.\n" }, "dnsRecord": { "type": "string", "description": "DNS record for the subdomain in a space-prefixed and space-delimited format (` CNAME \u003ctarget\u003e`).\n" }, "prefix": { "type": "string", "description": "Prefix setting for the subdomain.\n" }, "verified": { "type": "boolean", "description": "Verified status of the subdomain.\n" } }, "type": "object", "required": [ "branchName", "prefix" ], "language": { "nodejs": { "requiredOutputs": [ "branchName", "dnsRecord", "prefix", "verified" ] } } }, "aws:apigateway/AccountThrottleSetting:AccountThrottleSetting": { "properties": { "burstLimit": { "type": "integer", "description": "Absolute maximum number of times API Gateway allows the API to be called per second (RPS).\n" }, "rateLimit": { "type": "number", "description": "Number of times API Gateway allows the API to be called per second on average (RPS).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "burstLimit", "rateLimit" ] } } }, "aws:apigateway/DeploymentCanarySettings:DeploymentCanarySettings": { "properties": { "percentTraffic": { "type": "number", "description": "Percentage (0.0-100.0) of traffic routed to the canary deployment.\n" }, "stageVariableOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values.\n" }, "useStageCache": { "type": "boolean", "description": "Boolean flag to indicate whether the canary release deployment uses the stage cache or not.\n" } }, "type": "object" }, "aws:apigateway/DocumentationPartLocation:DocumentationPartLocation": { "properties": { "method": { "type": "string", "description": "HTTP verb of a method. The default value is `*` for any method.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the targeted API entity.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "URL path of the target. The default value is `/` for the root resource.\n", "willReplaceOnChanges": true }, "statusCode": { "type": "string", "description": "HTTP status code of a response. The default value is `*` for any status code.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of API entity to which the documentation content appliesE.g., `API`, `METHOD` or `REQUEST_BODY`\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration": { "properties": { "types": { "type": "string", "description": "List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE` or `REGIONAL`. If unspecified, defaults to `EDGE`. Must be declared as `REGIONAL` in non-Commercial partitions. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs.\n" } }, "type": "object", "required": [ "types" ] }, "aws:apigateway/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication": { "properties": { "truststoreUri": { "type": "string", "description": "Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.\n" }, "truststoreVersion": { "type": "string", "description": "Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.\n" } }, "type": "object", "required": [ "truststoreUri" ] }, "aws:apigateway/IntegrationTlsConfig:IntegrationTlsConfig": { "properties": { "insecureSkipVerification": { "type": "boolean", "description": "Whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a [supported certificate authority](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-supported-certificate-authorities-for-http-endpoints.html). This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate's expiration date, hostname, and presence of a root certificate authority. Supported only for `HTTP` and `HTTP_PROXY` integrations.\n" } }, "type": "object" }, "aws:apigateway/MethodSettingsSettings:MethodSettingsSettings": { "properties": { "cacheDataEncrypted": { "type": "boolean", "description": "Whether the cached responses are encrypted.\n" }, "cacheTtlInSeconds": { "type": "integer", "description": "Time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.\n" }, "cachingEnabled": { "type": "boolean", "description": "Whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.\n" }, "dataTraceEnabled": { "type": "boolean", "description": "Whether data trace logging is enabled for this method, which effects the log entries pushed to Amazon CloudWatch Logs.\n" }, "loggingLevel": { "type": "string", "description": "Logging level for this method, which effects the log entries pushed to Amazon CloudWatch Logs. The available levels are `OFF`, `ERROR`, and `INFO`.\n" }, "metricsEnabled": { "type": "boolean", "description": "Whether Amazon CloudWatch metrics are enabled for this method.\n" }, "requireAuthorizationForCacheControl": { "type": "boolean", "description": "Whether authorization is required for a cache invalidation request.\n" }, "throttlingBurstLimit": { "type": "integer", "description": "Throttling burst limit. Default: `-1` (throttling disabled).\n" }, "throttlingRateLimit": { "type": "number", "description": "Throttling rate limit. Default: `-1` (throttling disabled).\n" }, "unauthorizedCacheControlHeaderStrategy": { "type": "string", "description": "How to handle unauthorized requests for cache invalidation. The available values are `FAIL_WITH_403`, `SUCCEED_WITH_RESPONSE_HEADER`, `SUCCEED_WITHOUT_RESPONSE_HEADER`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cacheDataEncrypted", "cacheTtlInSeconds", "cachingEnabled", "dataTraceEnabled", "loggingLevel", "metricsEnabled", "requireAuthorizationForCacheControl", "unauthorizedCacheControlHeaderStrategy" ] } } }, "aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration": { "properties": { "types": { "type": "string", "description": "List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE`, `REGIONAL` or `PRIVATE`. If unspecified, defaults to `EDGE`. If set to `PRIVATE` recommend to set `put_rest_api_mode` = `merge` to not cause the endpoints and associated Route53 records to be deleted. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs.\n" }, "vpcEndpointIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Endpoint identifiers. It is only supported for `PRIVATE` endpoint type. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `vpcEndpointIds` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is provided and is different than the OpenAPI value, **the argument value will override the OpenAPI value**.\n" } }, "type": "object", "required": [ "types" ], "language": { "nodejs": { "requiredOutputs": [ "types", "vpcEndpointIds" ] } } }, "aws:apigateway/StageAccessLogSettings:StageAccessLogSettings": { "properties": { "destinationArn": { "type": "string", "description": "ARN of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-`. Automatically removes trailing `:*` if present.\n" }, "format": { "type": "string", "description": "Formatting and values recorded in the logs.\nFor more information on configuring the log format rules visit the AWS [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html)\n" } }, "type": "object", "required": [ "destinationArn", "format" ] }, "aws:apigateway/StageCanarySettings:StageCanarySettings": { "properties": { "percentTraffic": { "type": "number", "description": "Percent `0.0` - `100.0` of traffic to divert to the canary deployment.\n" }, "stageVariableOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of overridden stage `variables` (including new variables) for the canary deployment.\n" }, "useStageCache": { "type": "boolean", "description": "Whether the canary deployment uses the stage cache. Defaults to false.\n" } }, "type": "object" }, "aws:apigateway/UsagePlanApiStage:UsagePlanApiStage": { "properties": { "apiId": { "type": "string", "description": "API Id of the associated API stage in a usage plan.\n" }, "stage": { "type": "string", "description": "API stage name of the associated API stage in a usage plan.\n" }, "throttles": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStageThrottle:UsagePlanApiStageThrottle" }, "description": "The throttling limits of the usage plan.\n" } }, "type": "object", "required": [ "apiId", "stage" ] }, "aws:apigateway/UsagePlanApiStageThrottle:UsagePlanApiStageThrottle": { "properties": { "burstLimit": { "type": "integer", "description": "The API request burst limit, the maximum rate limit over a time ranging from one to a few seconds, depending upon whether the underlying token bucket is at its full capacity.\n" }, "path": { "type": "string", "description": "Method to apply the throttle settings for. Specfiy the path and method, for example `/test/GET`.\n" }, "rateLimit": { "type": "number", "description": "The API request steady-state rate limit.\n" } }, "type": "object", "required": [ "path" ] }, "aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings": { "properties": { "limit": { "type": "integer", "description": "Maximum number of requests that can be made in a given time period.\n" }, "offset": { "type": "integer", "description": "Number of requests subtracted from the given limit in the initial time period.\n" }, "period": { "type": "string", "description": "Time period in which the limit applies. Valid values are \"DAY\", \"WEEK\" or \"MONTH\".\n" } }, "type": "object", "required": [ "limit", "period" ] }, "aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings": { "properties": { "burstLimit": { "type": "integer" }, "rateLimit": { "type": "number" } }, "type": "object" }, "aws:apigateway/getDomainNameEndpointConfiguration:getDomainNameEndpointConfiguration": { "properties": { "types": { "type": "array", "items": { "type": "string" }, "description": "List of endpoint types.\n" } }, "type": "object", "required": [ "types" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:apigateway/getRestApiEndpointConfiguration:getRestApiEndpointConfiguration": { "properties": { "types": { "type": "array", "items": { "type": "string" } }, "vpcEndpointIds": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "types", "vpcEndpointIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration": { "properties": { "allowCredentials": { "type": "boolean", "description": "Whether credentials are included in the CORS request.\n" }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed HTTP headers.\n" }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed HTTP methods.\n" }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed origins.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of exposed HTTP headers.\n" }, "maxAge": { "type": "integer", "description": "Number of seconds that the browser should cache preflight request results.\n" } }, "type": "object" }, "aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration": { "properties": { "audiences": { "type": "array", "items": { "type": "string" }, "description": "List of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list.\n" }, "issuer": { "type": "string", "description": "Base domain of the identity provider that issues JSON Web Tokens, such as the `endpoint` attribute of the `aws.cognito.UserPool` resource.\n" } }, "type": "object" }, "aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration": { "properties": { "certificateArn": { "type": "string", "description": "ARN of an AWS-managed certificate that will be used by the endpoint for the domain name. AWS Certificate Manager is the only supported source. Use the `aws.acm.Certificate` resource to configure an ACM certificate.\n" }, "endpointType": { "type": "string", "description": "Endpoint type. Valid values: `REGIONAL`.\n" }, "hostedZoneId": { "type": "string", "description": "Amazon Route 53 Hosted Zone ID of the endpoint.\n" }, "ownershipVerificationCertificateArn": { "type": "string", "description": "ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificate_arn` is issued via an ACM Private CA or `mutual_tls_authentication` is configured with an ACM-imported certificate.)\n" }, "securityPolicy": { "type": "string", "description": "Transport Layer Security (TLS) version of the [security policy](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html) for the domain name. Valid values: `TLS_1_2`.\n" }, "targetDomainName": { "type": "string", "description": "Target domain name.\n" } }, "type": "object", "required": [ "certificateArn", "endpointType", "securityPolicy" ], "language": { "nodejs": { "requiredOutputs": [ "certificateArn", "endpointType", "hostedZoneId", "ownershipVerificationCertificateArn", "securityPolicy", "targetDomainName" ] } } }, "aws:apigatewayv2/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication": { "properties": { "truststoreUri": { "type": "string", "description": "Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version.\n" }, "truststoreVersion": { "type": "string", "description": "Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket.\n" } }, "type": "object", "required": [ "truststoreUri" ] }, "aws:apigatewayv2/IntegrationResponseParameter:IntegrationResponseParameter": { "properties": { "mappings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map. The key of this map identifies the location of the request parameter to change, and how to change it. The corresponding value specifies the new data for the parameter.\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details.\n" }, "statusCode": { "type": "string", "description": "HTTP status code in the range 200-599.\n" } }, "type": "object", "required": [ "mappings", "statusCode" ] }, "aws:apigatewayv2/IntegrationTlsConfig:IntegrationTlsConfig": { "properties": { "serverNameToVerify": { "type": "string", "description": "If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.\n" } }, "type": "object" }, "aws:apigatewayv2/RouteRequestParameter:RouteRequestParameter": { "properties": { "requestParameterKey": { "type": "string", "description": "Request parameter key. This is a [request data mapping parameter](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-data-mapping.html#websocket-mapping-request-parameters).\n" }, "required": { "type": "boolean", "description": "Boolean whether or not the parameter is required.\n" } }, "type": "object", "required": [ "requestParameterKey", "required" ] }, "aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings": { "properties": { "destinationArn": { "type": "string", "description": "ARN of the CloudWatch Logs log group to receive access logs. Any trailing `:*` is trimmed from the ARN.\n" }, "format": { "type": "string", "description": "Single line [format](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#apigateway-cloudwatch-log-formats) of the access logs of data. Refer to log settings for [HTTP](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-logging-variables.html) or [Websocket](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-logging.html).\n" } }, "type": "object", "required": [ "destinationArn", "format" ] }, "aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings": { "properties": { "dataTraceEnabled": { "type": "boolean", "description": "Whether data trace logging is enabled for the default route. Affects the log entries pushed to Amazon CloudWatch Logs.\nDefaults to `false`. Supported only for WebSocket APIs.\n" }, "detailedMetricsEnabled": { "type": "boolean", "description": "Whether detailed metrics are enabled for the default route. Defaults to `false`.\n" }, "loggingLevel": { "type": "string", "description": "Logging level for the default route. Affects the log entries pushed to Amazon CloudWatch Logs.\nValid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration.\n" }, "throttlingBurstLimit": { "type": "integer", "description": "Throttling burst limit for the default route.\n" }, "throttlingRateLimit": { "type": "number", "description": "Throttling rate limit for the default route.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "loggingLevel" ] } } }, "aws:apigatewayv2/StageRouteSetting:StageRouteSetting": { "properties": { "dataTraceEnabled": { "type": "boolean", "description": "Whether data trace logging is enabled for the route. Affects the log entries pushed to Amazon CloudWatch Logs.\nDefaults to `false`. Supported only for WebSocket APIs.\n" }, "detailedMetricsEnabled": { "type": "boolean", "description": "Whether detailed metrics are enabled for the route. Defaults to `false`.\n" }, "loggingLevel": { "type": "string", "description": "Logging level for the route. Affects the log entries pushed to Amazon CloudWatch Logs.\nValid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration.\n" }, "routeKey": { "type": "string", "description": "Route key.\n" }, "throttlingBurstLimit": { "type": "integer", "description": "Throttling burst limit for the route.\n" }, "throttlingRateLimit": { "type": "number", "description": "Throttling rate limit for the route.\n" } }, "type": "object", "required": [ "routeKey" ], "language": { "nodejs": { "requiredOutputs": [ "loggingLevel", "routeKey" ] } } }, "aws:apigatewayv2/getApiCorsConfiguration:getApiCorsConfiguration": { "properties": { "allowCredentials": { "type": "boolean", "description": "Whether credentials are included in the CORS request.\n" }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed HTTP headers.\n" }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed HTTP methods.\n" }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Set of allowed origins.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of exposed HTTP headers.\n" }, "maxAge": { "type": "integer", "description": "Number of seconds that the browser should cache preflight request results.\n" } }, "type": "object", "required": [ "allowCredentials", "allowHeaders", "allowMethods", "allowOrigins", "exposeHeaders", "maxAge" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration": { "properties": { "adjustmentType": { "type": "string", "description": "Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "cooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "metricAggregationType": { "type": "string", "description": "Aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer", "description": "Minimum number to adjust your scalable dimension as a result of a scaling activity. If the adjustment type is PercentChangeInCapacity, the scaling policy changes the scalable dimension of the scalable target by this amount.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfigurationStepAdjustment:PolicyStepScalingPolicyConfigurationStepAdjustment" }, "description": "Set of adjustments that manage scaling. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsPolicy = new aws.appautoscaling.Policy(\"ecs_policy\", {stepScalingPolicyConfiguration: {\n stepAdjustments: [\n {\n metricIntervalLowerBound: \"1\",\n metricIntervalUpperBound: \"2\",\n scalingAdjustment: -1,\n },\n {\n metricIntervalLowerBound: \"2\",\n metricIntervalUpperBound: \"3\",\n scalingAdjustment: 1,\n },\n ],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_policy = aws.appautoscaling.Policy(\"ecs_policy\", step_scaling_policy_configuration={\n \"step_adjustments\": [\n {\n \"metric_interval_lower_bound\": \"1\",\n \"metric_interval_upper_bound\": \"2\",\n \"scaling_adjustment\": -1,\n },\n {\n \"metric_interval_lower_bound\": \"2\",\n \"metric_interval_upper_bound\": \"3\",\n \"scaling_adjustment\": 1,\n },\n ],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsPolicy = new Aws.AppAutoScaling.Policy(\"ecs_policy\", new()\n {\n StepScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationArgs\n {\n StepAdjustments = new[]\n {\n new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs\n {\n MetricIntervalLowerBound = \"1\",\n MetricIntervalUpperBound = \"2\",\n ScalingAdjustment = -1,\n },\n new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs\n {\n MetricIntervalLowerBound = \"2\",\n MetricIntervalUpperBound = \"3\",\n ScalingAdjustment = 1,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewPolicy(ctx, \"ecs_policy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tStepScalingPolicyConfiguration: \u0026appautoscaling.PolicyStepScalingPolicyConfigurationArgs{\n\t\t\t\tStepAdjustments: appautoscaling.PolicyStepScalingPolicyConfigurationStepAdjustmentArray{\n\t\t\t\t\t\u0026appautoscaling.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs{\n\t\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"1\"),\n\t\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"2\"),\n\t\t\t\t\t\tScalingAdjustment: int(-1),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026appautoscaling.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs{\n\t\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"2\"),\n\t\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"3\"),\n\t\t\t\t\t\tScalingAdjustment: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n ecsPolicy:\n type: aws:appautoscaling:Policy\n name: ecs_policy\n properties:\n stepScalingPolicyConfiguration:\n stepAdjustments:\n - metricIntervalLowerBound: 1\n metricIntervalUpperBound: 2\n scalingAdjustment: -1\n - metricIntervalLowerBound: 2\n metricIntervalUpperBound: 3\n scalingAdjustment: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" } }, "type": "object" }, "aws:appautoscaling/PolicyStepScalingPolicyConfigurationStepAdjustment:PolicyStepScalingPolicyConfigurationStepAdjustment": { "properties": { "metricIntervalLowerBound": { "type": "string", "description": "Lower bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as negative infinity.\n" }, "metricIntervalUpperBound": { "type": "string", "description": "Upper bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as infinity. The upper bound must be greater than the lower bound.\n" }, "scalingAdjustment": { "type": "integer", "description": "Number of members by which to scale, when the adjustment bounds are breached. A positive value scales up. A negative value scales down.\n" } }, "type": "object", "required": [ "scalingAdjustment" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration": { "properties": { "customizedMetricSpecification": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification", "description": "Custom CloudWatch metric. Documentation can be found at: [AWS Customized Metric Specification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_CustomizedMetricSpecification.html). See supported fields below.\n" }, "disableScaleIn": { "type": "boolean", "description": "Whether scale in by the target tracking policy is disabled. If the value is true, scale in is disabled and the target tracking policy won't remove capacity from the scalable resource. Otherwise, scale in is enabled and the target tracking policy can remove capacity from the scalable resource. The default value is `false`.\n" }, "predefinedMetricSpecification": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification", "description": "Predefined metric. See supported fields below.\n" }, "scaleInCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scale in activity completes before another scale in activity can start.\n" }, "scaleOutCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scale out activity completes before another scale out activity can start.\n" }, "targetValue": { "type": "number", "description": "Target value for the metric.\n" } }, "type": "object", "required": [ "targetValue" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "metrics": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric" }, "description": "Metrics to include, as a metric data query.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" }, "statistic": { "type": "string", "description": "Statistic of the metric. Valid values: `Average`, `Minimum`, `Maximum`, `SampleCount`, and `Sum`.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object" }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric": { "properties": { "expression": { "type": "string", "description": "Math expression used on the returned metric. You must specify either `expression` or `metric_stat`, but not both.\n" }, "id": { "type": "string", "description": "Short name for the metric used in target tracking scaling policy.\n" }, "label": { "type": "string", "description": "Human-readable label for this metric or expression.\n" }, "metricStat": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat", "description": "Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metric_stat`, but not both.\n" }, "returnData": { "type": "boolean", "description": "Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true\n" } }, "type": "object", "required": [ "id" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat": { "properties": { "metric": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric", "description": "Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions.\n" }, "stat": { "type": "string", "description": "Statistic of the metrics to return.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object", "required": [ "metric", "stat" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension:PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification:PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "Metric type.\n" }, "resourceLabel": { "type": "string", "description": "Reserved for future use if the `predefined_metric_type` is not `ALBRequestCountPerTarget`. If the `predefined_metric_type` is `ALBRequestCountPerTarget`, you must specify this argument. Documentation can be found at: [AWS Predefined Scaling Metric Specification](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html). Must be less than or equal to 1023 characters in length.\n" } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction": { "properties": { "maxCapacity": { "type": "integer", "description": "Maximum capacity. At least one of `max_capacity` or `min_capacity` must be set.\n" }, "minCapacity": { "type": "integer", "description": "Minimum capacity. At least one of `min_capacity` or `max_capacity` must be set.\n" } }, "type": "object" }, "aws:appconfig/ConfigurationProfileValidator:ConfigurationProfileValidator": { "properties": { "content": { "type": "string", "description": "Either the JSON Schema content or the ARN of an AWS Lambda function.\n", "secret": true }, "type": { "type": "string", "description": "Type of validator. Valid values: `JSON_SCHEMA` and `LAMBDA`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:appconfig/EnvironmentMonitor:EnvironmentMonitor": { "properties": { "alarmArn": { "type": "string", "description": "ARN of the Amazon CloudWatch alarm.\n" }, "alarmRoleArn": { "type": "string", "description": "ARN of an IAM role for AWS AppConfig to monitor `alarm_arn`.\n" } }, "type": "object", "required": [ "alarmArn" ] }, "aws:appconfig/EventIntegrationEventFilter:EventIntegrationEventFilter": { "properties": { "source": { "type": "string", "description": "Source of the events.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "source" ] }, "aws:appconfig/ExtensionActionPoint:ExtensionActionPoint": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionActionPointAction:ExtensionActionPointAction" }, "description": "An action defines the tasks the extension performs during the AppConfig workflow. Detailed below.\n" }, "point": { "type": "string", "description": "The point at which to perform the defined actions. Valid points are `PRE_CREATE_HOSTED_CONFIGURATION_VERSION`, `PRE_START_DEPLOYMENT`, `ON_DEPLOYMENT_START`, `ON_DEPLOYMENT_STEP`, `ON_DEPLOYMENT_BAKING`, `ON_DEPLOYMENT_COMPLETE`, `ON_DEPLOYMENT_ROLLED_BACK`.\n" } }, "type": "object", "required": [ "actions", "point" ] }, "aws:appconfig/ExtensionActionPointAction:ExtensionActionPointAction": { "properties": { "description": { "type": "string", "description": "Information about the action.\n" }, "name": { "type": "string", "description": "The action name.\n" }, "roleArn": { "type": "string", "description": "An Amazon Resource Name (ARN) for an Identity and Access Management assume role.\n" }, "uri": { "type": "string", "description": "The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus.\n" } }, "type": "object", "required": [ "name", "roleArn", "uri" ] }, "aws:appconfig/ExtensionParameter:ExtensionParameter": { "properties": { "description": { "type": "string", "description": "Information about the parameter.\n" }, "name": { "type": "string", "description": "The parameter name.\n" }, "required": { "type": "boolean", "description": "Determines if a parameter value must be specified in the extension association.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appconfig/getConfigurationProfileValidator:getConfigurationProfileValidator": { "properties": { "content": { "type": "string", "description": "Either the JSON Schema content or the ARN of an AWS Lambda function.\n" }, "type": { "type": "string", "description": "Type of validator. Valid values: JSON_SCHEMA and LAMBDA.\n" } }, "type": "object", "required": [ "content", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appconfig/getEnvironmentMonitor:getEnvironmentMonitor": { "properties": { "alarmArn": { "type": "string", "description": "ARN of the Amazon CloudWatch alarm.\n" }, "alarmRoleArn": { "type": "string", "description": "ARN of an IAM role for AWS AppConfig to monitor.\n" } }, "type": "object", "required": [ "alarmArn", "alarmRoleArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appfabric/AppAuthorizationConnectionAuthRequest:AppAuthorizationConnectionAuthRequest": { "properties": { "code": { "type": "string", "description": "The authorization code returned by the application after permission is granted in the application OAuth page (after clicking on the AuthURL)..\n" }, "redirectUri": { "type": "string", "description": "The redirect URL that is specified in the AuthURL and the application client.\n" } }, "type": "object", "required": [ "code", "redirectUri" ] }, "aws:appfabric/AppAuthorizationConnectionTenant:AppAuthorizationConnectionTenant": { "properties": { "tenantDisplayName": { "type": "string" }, "tenantIdentifier": { "type": "string" } }, "type": "object", "required": [ "tenantDisplayName", "tenantIdentifier" ] }, "aws:appfabric/AppAuthorizationConnectionTimeouts:AppAuthorizationConnectionTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:appfabric/AppAuthorizationCredential:AppAuthorizationCredential": { "properties": { "apiKeyCredentials": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationCredentialApiKeyCredential:AppAuthorizationCredentialApiKeyCredential" }, "description": "Contains API key credential information.\n" }, "oauth2Credential": { "$ref": "#/types/aws:appfabric/AppAuthorizationCredentialOauth2Credential:AppAuthorizationCredentialOauth2Credential", "description": "Contains OAuth2 client credential information.\n" } }, "type": "object" }, "aws:appfabric/AppAuthorizationCredentialApiKeyCredential:AppAuthorizationCredentialApiKeyCredential": { "properties": { "apiKey": { "type": "string", "description": "Contains API key credential information.\n", "secret": true } }, "type": "object", "required": [ "apiKey" ] }, "aws:appfabric/AppAuthorizationCredentialOauth2Credential:AppAuthorizationCredentialOauth2Credential": { "properties": { "clientId": { "type": "string", "description": "The client ID of the client application.\n" }, "clientSecret": { "type": "string", "description": "The client secret of the client application.\n", "secret": true } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appfabric/AppAuthorizationTenant:AppAuthorizationTenant": { "properties": { "tenantDisplayName": { "type": "string", "description": "The display name of the tenant.\n" }, "tenantIdentifier": { "type": "string", "description": "The ID of the application tenant.\n" } }, "type": "object", "required": [ "tenantDisplayName", "tenantIdentifier" ] }, "aws:appfabric/AppAuthorizationTimeouts:AppAuthorizationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:appfabric/IngestionDestinationDestinationConfiguration:IngestionDestinationDestinationConfiguration": { "properties": { "auditLog": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfigurationAuditLog:IngestionDestinationDestinationConfigurationAuditLog", "description": "Contains information about an audit log processing configuration.\n" } }, "type": "object" }, "aws:appfabric/IngestionDestinationDestinationConfigurationAuditLog:IngestionDestinationDestinationConfigurationAuditLog": { "properties": { "destination": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestination:IngestionDestinationDestinationConfigurationAuditLogDestination", "description": "Contains information about an audit log destination. Only one destination (Firehose Stream) or (S3 Bucket) can be specified.\n" } }, "type": "object" }, "aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestination:IngestionDestinationDestinationConfigurationAuditLogDestination": { "properties": { "firehoseStream": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestinationFirehoseStream:IngestionDestinationDestinationConfigurationAuditLogDestinationFirehoseStream", "description": "Contains information about an Amazon Data Firehose delivery stream.\n" }, "s3Bucket": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestinationS3Bucket:IngestionDestinationDestinationConfigurationAuditLogDestinationS3Bucket", "description": "Contains information about an Amazon S3 bucket.\n" } }, "type": "object" }, "aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestinationFirehoseStream:IngestionDestinationDestinationConfigurationAuditLogDestinationFirehoseStream": { "properties": { "streamName": { "type": "string" } }, "type": "object", "required": [ "streamName" ] }, "aws:appfabric/IngestionDestinationDestinationConfigurationAuditLogDestinationS3Bucket:IngestionDestinationDestinationConfigurationAuditLogDestinationS3Bucket": { "properties": { "bucketName": { "type": "string" }, "prefix": { "type": "string", "description": "The object key to use.\n" } }, "type": "object", "required": [ "bucketName" ] }, "aws:appfabric/IngestionDestinationProcessingConfiguration:IngestionDestinationProcessingConfiguration": { "properties": { "auditLog": { "$ref": "#/types/aws:appfabric/IngestionDestinationProcessingConfigurationAuditLog:IngestionDestinationProcessingConfigurationAuditLog", "description": "Contains information about an audit log processing configuration.\n" } }, "type": "object" }, "aws:appfabric/IngestionDestinationProcessingConfigurationAuditLog:IngestionDestinationProcessingConfigurationAuditLog": { "properties": { "format": { "type": "string", "description": "The format in which the audit logs need to be formatted. Valid values: `json`, `parquet`.\n" }, "schema": { "type": "string", "description": "The event schema in which the audit logs need to be formatted. Valid values: `ocsf`, `raw`.\n" } }, "type": "object", "required": [ "format", "schema" ] }, "aws:appfabric/IngestionDestinationTimeouts:IngestionDestinationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfig:ConnectorProfileConnectorProfileConfig": { "properties": { "connectorProfileCredentials": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentials", "description": "The connector-specific credentials required by each connector. See Connector Profile Credentials for more details.\n" }, "connectorProfileProperties": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileProperties:ConnectorProfileConnectorProfileConfigConnectorProfileProperties", "description": "The connector-specific properties of the profile configuration. See Connector Profile Properties for more details.\n" } }, "type": "object", "required": [ "connectorProfileCredentials", "connectorProfileProperties" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentials": { "properties": { "amplitude": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude", "description": "The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details.\n" }, "customConnector": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector", "description": "The connector-specific profile credentials required when using the custom connector. See Custom Connector Profile Credentials for more details.\n" }, "datadog": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog", "description": "Connector-specific credentials required when using Datadog. See Datadog Connector Profile Credentials for more details.\n" }, "dynatrace": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace", "description": "The connector-specific credentials required when using Dynatrace. See Dynatrace Connector Profile Credentials for more details.\n" }, "googleAnalytics": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics", "description": "The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details.\n" }, "honeycode": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode", "description": "The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details.\n" }, "inforNexus": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus", "description": "The connector-specific credentials required when using Infor Nexus. See Infor Nexus Connector Profile Credentials for more details.\n" }, "marketo": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo", "description": "Connector-specific credentials required when using Marketo. See Marketo Connector Profile Credentials for more details.\n" }, "redshift": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift", "description": "Connector-specific credentials required when using Amazon Redshift. See Redshift Connector Profile Credentials for more details.\n" }, "salesforce": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce", "description": "The connector-specific credentials required when using Salesforce. See Salesforce Connector Profile Credentials for more details.\n" }, "sapoData": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData", "description": "The connector-specific credentials required when using SAPOData. See SAPOData Connector Profile Credentials for more details.\n" }, "serviceNow": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow", "description": "The connector-specific credentials required when using ServiceNow. See ServiceNow Connector Profile Credentials for more details.\n" }, "singular": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular", "description": "Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details.\n" }, "slack": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack", "description": "Connector-specific credentials required when using Slack. See Slack Connector Profile Credentials for more details.\n" }, "snowflake": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake", "description": "The connector-specific credentials required when using Snowflake. See Snowflake Connector Profile Credentials for more details.\n" }, "trendmicro": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro", "description": "The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details.\n" }, "veeva": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva", "description": "Connector-specific credentials required when using Veeva. See Veeva Connector Profile Credentials for more details.\n" }, "zendesk": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk", "description": "Connector-specific credentials required when using Zendesk. See Zendesk Connector Profile Credentials for more details.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude": { "properties": { "apiKey": { "type": "string" }, "secretKey": { "type": "string", "description": "The Secret Access Key portion of the credentials.\n", "secret": true } }, "type": "object", "required": [ "apiKey", "secretKey" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector": { "properties": { "apiKey": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey" }, "authenticationType": { "type": "string", "description": "The authentication type that the custom connector uses for authenticating while creating a connector profile. One of: `APIKEY`, `BASIC`, `CUSTOM`, `OAUTH2`.\n" }, "basic": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic", "description": "Basic credentials that are required for the authentication of the user.\n" }, "custom": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom", "description": "If the connector uses the custom authentication mechanism, this holds the required credentials.\n" }, "oauth2": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2", "description": "OAuth 2.0 credentials required for the authentication of the user.\n" } }, "type": "object", "required": [ "authenticationType" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey": { "properties": { "apiKey": { "type": "string" }, "apiSecretKey": { "type": "string" } }, "type": "object", "required": [ "apiKey" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom": { "properties": { "credentialsMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that holds custom authentication credentials.\n", "secret": true }, "customAuthenticationType": { "type": "string", "description": "The custom authentication type that the connector uses.\n" } }, "type": "object", "required": [ "customAuthenticationType" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest" }, "refreshToken": { "type": "string" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog": { "properties": { "apiKey": { "type": "string" }, "applicationKey": { "type": "string", "description": "Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API.\n" } }, "type": "object", "required": [ "apiKey", "applicationKey" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace": { "properties": { "apiToken": { "type": "string", "description": "The API tokens used by Dynatrace API to authenticate various API calls.\n" } }, "type": "object", "required": [ "apiToken" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest" }, "refreshToken": { "type": "string" } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode": { "properties": { "accessToken": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest" }, "refreshToken": { "type": "string" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus": { "properties": { "accessKeyId": { "type": "string", "description": "The Access Key portion of the credentials.\n" }, "datakey": { "type": "string", "description": "Encryption keys used to encrypt data.\n" }, "secretAccessKey": { "type": "string", "description": "The secret key used to sign requests.\n", "secret": true }, "userId": { "type": "string", "description": "Identifier for the user.\n" } }, "type": "object", "required": [ "accessKeyId", "datakey", "secretAccessKey", "userId" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest" } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientCredentialsArn": { "type": "string", "description": "The secret manager ARN, which contains the client ID and client secret of the connected app.\n" }, "jwtToken": { "type": "string", "description": "A JSON web token (JWT) that authorizes access to Salesforce records.\n" }, "oauth2GrantType": { "type": "string" }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest" }, "refreshToken": { "type": "string" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData": { "properties": { "basicAuthCredentials": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials", "description": "The SAPOData basic authentication credentials.\n" }, "oauthCredentials": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials", "description": "The SAPOData OAuth type authentication credentials.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string" }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest" }, "refreshToken": { "type": "string" } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular": { "properties": { "apiKey": { "type": "string" } }, "type": "object", "required": [ "apiKey" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest" } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro": { "properties": { "apiSecretKey": { "type": "string", "secret": true } }, "type": "object", "required": [ "apiSecretKey" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva": { "properties": { "password": { "type": "string", "secret": true }, "username": { "type": "string" } }, "type": "object", "required": [ "password", "username" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk": { "properties": { "accessToken": { "type": "string", "secret": true }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "oauthRequest": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest" } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest:ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest": { "properties": { "authCode": { "type": "string", "description": "The code provided by the connector when it has been authenticated via the connected app.\n" }, "redirectUri": { "type": "string", "description": "The URL to which the authentication server redirects the browser after authorization has been granted.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfileProperties:ConnectorProfileConnectorProfileConfigConnectorProfileProperties": { "properties": { "amplitude": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude", "description": "The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details.\n" }, "customConnector": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector", "description": "The connector-specific profile properties required when using the custom connector. See Custom Connector Profile Properties for more details.\n" }, "datadog": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog", "description": "Connector-specific properties required when using Datadog. See Generic Connector Profile Properties for more details.\n" }, "dynatrace": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace", "description": "The connector-specific properties required when using Dynatrace. See Generic Connector Profile Properties for more details.\n" }, "googleAnalytics": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics", "description": "The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details.\n" }, "honeycode": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode", "description": "The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details.\n" }, "inforNexus": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus", "description": "The connector-specific properties required when using Infor Nexus. See Generic Connector Profile Properties for more details.\n" }, "marketo": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo", "description": "Connector-specific properties required when using Marketo. See Generic Connector Profile Properties for more details.\n" }, "redshift": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift", "description": "Connector-specific properties required when using Amazon Redshift. See Redshift Connector Profile Properties for more details.\n" }, "salesforce": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce", "description": "The connector-specific properties required when using Salesforce. See Salesforce Connector Profile Properties for more details.\n" }, "sapoData": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData", "description": "The connector-specific properties required when using SAPOData. See SAPOData Connector Profile Properties for more details.\n" }, "serviceNow": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow", "description": "The connector-specific properties required when using ServiceNow. See Generic Connector Profile Properties for more details.\n" }, "singular": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular", "description": "Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details.\n" }, "slack": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack", "description": "Connector-specific properties required when using Slack. See Generic Connector Profile Properties for more details.\n" }, "snowflake": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake", "description": "The connector-specific properties required when using Snowflake. See Snowflake Connector Profile Properties for more details.\n" }, "trendmicro": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro", "description": "The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details.\n" }, "veeva": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva", "description": "Connector-specific properties required when using Veeva. See Generic Connector Profile Properties for more details.\n" }, "zendesk": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk", "description": "Connector-specific properties required when using Zendesk. See Generic Connector Profile Properties for more details.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude": { "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector": { "properties": { "oauth2Properties": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties", "description": "The OAuth 2.0 properties required for OAuth 2.0 authentication.\n" }, "profileProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of properties that are required to create a profile for the custom connector.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties": { "properties": { "oauth2GrantType": { "type": "string" }, "tokenUrl": { "type": "string" }, "tokenUrlCustomProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request.\n" } }, "type": "object", "required": [ "oauth2GrantType", "tokenUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics": { "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode": { "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift": { "properties": { "bucketName": { "type": "string" }, "bucketPrefix": { "type": "string" }, "clusterIdentifier": { "type": "string", "description": "The unique ID that's assigned to an Amazon Redshift cluster.\n" }, "dataApiRoleArn": { "type": "string", "description": "ARN of the IAM role that permits AppFlow to access the database through Data API.\n" }, "databaseName": { "type": "string", "description": "The name of an Amazon Redshift database.\n" }, "databaseUrl": { "type": "string", "description": "The JDBC URL of the Amazon Redshift cluster.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role.\n" } }, "type": "object", "required": [ "bucketName", "roleArn" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce": { "properties": { "instanceUrl": { "type": "string" }, "isSandboxEnvironment": { "type": "boolean", "description": "Indicates whether the connector profile applies to a sandbox or production environment.\n" } }, "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData": { "properties": { "applicationHostUrl": { "type": "string", "description": "The location of the SAPOData resource.\n" }, "applicationServicePath": { "type": "string", "description": "The application path to catalog service.\n" }, "clientNumber": { "type": "string", "description": "The client number for the client creating the connection.\n" }, "logonLanguage": { "type": "string", "description": "The logon language of SAPOData instance.\n" }, "oauthProperties": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties", "description": "The SAPOData OAuth properties required for OAuth type authentication.\n" }, "portNumber": { "type": "integer", "description": "The port number of the SAPOData instance.\n" }, "privateLinkServiceName": { "type": "string" } }, "type": "object", "required": [ "applicationHostUrl", "applicationServicePath", "clientNumber", "portNumber" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties": { "properties": { "authCodeUrl": { "type": "string", "description": "The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication.\n" }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The OAuth scopes required for OAuth type authentication.\n" }, "tokenUrl": { "type": "string" } }, "type": "object", "required": [ "authCodeUrl", "oauthScopes", "tokenUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular": { "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake": { "properties": { "accountName": { "type": "string", "description": "The name of the account.\n" }, "bucketName": { "type": "string" }, "bucketPrefix": { "type": "string" }, "privateLinkServiceName": { "type": "string" }, "region": { "type": "string", "description": "AWS Region of the Snowflake account.\n" }, "stage": { "type": "string", "description": "Name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: `\u003cDatabase\u003e.\u003cSchema\u003e.\u003cStage Name\u003e`.\n" }, "warehouse": { "type": "string", "description": "The name of the Snowflake warehouse.\n" } }, "type": "object", "required": [ "bucketName", "stage", "warehouse" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro": { "type": "object" }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk:ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk": { "properties": { "instanceUrl": { "type": "string" } }, "type": "object", "required": [ "instanceUrl" ] }, "aws:appflow/FlowDestinationFlowConfig:FlowDestinationFlowConfig": { "properties": { "apiVersion": { "type": "string", "description": "API version that the destination connector uses.\n" }, "connectorProfileName": { "type": "string", "description": "Name of the connector profile. This name must be unique for each connector profile in the AWS account.\n" }, "connectorType": { "type": "string", "description": "Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`.\n" }, "destinationConnectorProperties": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorProperties:FlowDestinationFlowConfigDestinationConnectorProperties", "description": "This stores the information that is required to query a particular connector. See Destination Connector Properties for more information.\n" } }, "type": "object", "required": [ "connectorType", "destinationConnectorProperties" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorProperties:FlowDestinationFlowConfigDestinationConnectorProperties": { "properties": { "customConnector": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector", "description": "Properties that are required to query the custom Connector. See Custom Connector Destination Properties for more details.\n" }, "customerProfiles": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles", "description": "Properties that are required to query Amazon Connect Customer Profiles. See Customer Profiles Destination Properties for more details.\n" }, "eventBridge": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge:FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge", "description": "Properties that are required to query Amazon EventBridge. See Generic Destination Properties for more details.\n" }, "honeycode": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode:FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode", "description": "Properties that are required to query Amazon Honeycode. See Generic Destination Properties for more details.\n" }, "lookoutMetrics": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics:FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics" }, "marketo": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo:FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo", "description": "Properties that are required to query Marketo. See Generic Destination Properties for more details.\n" }, "redshift": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift:FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift", "description": "Properties that are required to query Amazon Redshift. See Redshift Destination Properties for more details.\n" }, "s3": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3:FlowDestinationFlowConfigDestinationConnectorPropertiesS3", "description": "Properties that are required to query Amazon S3. See S3 Destination Properties for more details.\n" }, "salesforce": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce:FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce", "description": "Properties that are required to query Salesforce. See Salesforce Destination Properties for more details.\n" }, "sapoData": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData", "description": "Properties that are required to query SAPOData. See SAPOData Destination Properties for more details.\n" }, "snowflake": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake:FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake", "description": "Properties that are required to query Snowflake. See Snowflake Destination Properties for more details.\n" }, "upsolver": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver", "description": "Properties that are required to query Upsolver. See Upsolver Destination Properties for more details.\n" }, "zendesk": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk:FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk", "description": "Properties that are required to query Zendesk. See Zendesk Destination Properties for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "s3" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector": { "properties": { "customProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "entityName": { "type": "string" }, "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig" }, "idFieldNames": { "type": "array", "items": { "type": "string" } }, "writeOperationType": { "type": "string" } }, "type": "object", "required": [ "entityName" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles:FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles": { "properties": { "domainName": { "type": "string", "description": "Unique name of the Amazon Connect Customer Profiles domain.\n" }, "objectTypeName": { "type": "string", "description": "Object specified in the Amazon Connect Customer Profiles flow destination.\n" } }, "type": "object", "required": [ "domainName" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge:FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig" }, "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode:FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig" }, "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics:FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics": { "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo:FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig" }, "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift:FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift": { "properties": { "bucketPrefix": { "type": "string" }, "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig" }, "intermediateBucketName": { "type": "string" }, "object": { "type": "string" } }, "type": "object", "required": [ "intermediateBucketName", "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3:FlowDestinationFlowConfigDestinationConnectorPropertiesS3": { "properties": { "bucketName": { "type": "string" }, "bucketPrefix": { "type": "string" }, "s3OutputFormatConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig" } }, "type": "object", "required": [ "bucketName" ], "language": { "nodejs": { "requiredOutputs": [ "bucketName", "bucketPrefix", "s3OutputFormatConfig" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig": { "properties": { "aggregationConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig", "description": "Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details.\n" }, "fileType": { "type": "string", "description": "File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`.\n" }, "prefixConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig", "description": "Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details.\n" }, "preserveSourceDataTyping": { "type": "boolean", "description": "Whether the data types from the source system need to be preserved (Only valid for `Parquet` file type)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aggregationConfig", "prefixConfig", "preserveSourceDataTyping" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig": { "properties": { "aggregationType": { "type": "string", "description": "Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`.\n" }, "targetFileSize": { "type": "integer", "description": "The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. Integer value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aggregationType", "targetFileSize" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig": { "properties": { "prefixFormat": { "type": "string", "description": "Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`.\n" }, "prefixHierarchies": { "type": "array", "items": { "type": "string" }, "description": "Determines whether the destination file path includes either or both of the selected elements. Valid values are `EXECUTION_ID` and `SCHEMA_VERSION`\n" }, "prefixType": { "type": "string", "description": "Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "prefixHierarchies" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce:FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig" }, "idFieldNames": { "type": "array", "items": { "type": "string" } }, "object": { "type": "string" }, "writeOperationType": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig" }, "idFieldNames": { "type": "array", "items": { "type": "string" } }, "objectPath": { "type": "string" }, "successResponseHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig", "description": "Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. See Success Response Handling Config for more details.\n" }, "writeOperationType": { "type": "string" } }, "type": "object", "required": [ "objectPath" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake:FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake": { "properties": { "bucketPrefix": { "type": "string" }, "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig" }, "intermediateBucketName": { "type": "string" }, "object": { "type": "string" } }, "type": "object", "required": [ "intermediateBucketName", "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver": { "properties": { "bucketName": { "type": "string" }, "bucketPrefix": { "type": "string" }, "s3OutputFormatConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig" } }, "type": "object", "required": [ "bucketName", "s3OutputFormatConfig" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig": { "properties": { "aggregationConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig", "description": "Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details.\n" }, "fileType": { "type": "string", "description": "File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`.\n" }, "prefixConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig", "description": "Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details.\n" } }, "type": "object", "required": [ "prefixConfig" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig": { "properties": { "aggregationType": { "type": "string", "description": "Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`.\n" } }, "type": "object" }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig": { "properties": { "prefixFormat": { "type": "string", "description": "Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`.\n" }, "prefixHierarchies": { "type": "array", "items": { "type": "string" }, "description": "Determines whether the destination file path includes either or both of the selected elements. Valid values are `EXECUTION_ID` and `SCHEMA_VERSION`\n" }, "prefixType": { "type": "string", "description": "Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`.\n" } }, "type": "object", "required": [ "prefixType" ], "language": { "nodejs": { "requiredOutputs": [ "prefixHierarchies", "prefixType" ] } } }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk:FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk": { "properties": { "errorHandlingConfig": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig" }, "idFieldNames": { "type": "array", "items": { "type": "string" } }, "object": { "type": "string" }, "writeOperationType": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig:FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket.\n" }, "bucketPrefix": { "type": "string", "description": "Amazon S3 bucket prefix.\n" }, "failOnFirstDestinationError": { "type": "boolean", "description": "If the flow should fail after the first instance of a failure when attempting to place data in the destination.\n" } }, "type": "object" }, "aws:appflow/FlowMetadataCatalogConfig:FlowMetadataCatalogConfig": { "properties": { "glueDataCatalog": { "$ref": "#/types/aws:appflow/FlowMetadataCatalogConfigGlueDataCatalog:FlowMetadataCatalogConfigGlueDataCatalog" } }, "type": "object" }, "aws:appflow/FlowMetadataCatalogConfigGlueDataCatalog:FlowMetadataCatalogConfigGlueDataCatalog": { "properties": { "databaseName": { "type": "string", "description": "The name of an existing Glue database to store the metadata tables that Amazon AppFlow creates.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants AppFlow the permissions it needs to create Data Catalog tables, databases, and partitions.\n" }, "tablePrefix": { "type": "string", "description": "A naming prefix for each Data Catalog table that Amazon AppFlow creates\n" } }, "type": "object", "required": [ "databaseName", "roleArn", "tablePrefix" ] }, "aws:appflow/FlowSourceFlowConfig:FlowSourceFlowConfig": { "properties": { "apiVersion": { "type": "string", "description": "API version that the destination connector uses.\n" }, "connectorProfileName": { "type": "string", "description": "Name of the connector profile. This name must be unique for each connector profile in the AWS account.\n" }, "connectorType": { "type": "string", "description": "Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`.\n" }, "incrementalPullConfig": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigIncrementalPullConfig:FlowSourceFlowConfigIncrementalPullConfig", "description": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. See Incremental Pull Config for more details.\n" }, "sourceConnectorProperties": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorProperties:FlowSourceFlowConfigSourceConnectorProperties", "description": "Information that is required to query a particular source connector. See Source Connector Properties for details.\n" } }, "type": "object", "required": [ "connectorType", "sourceConnectorProperties" ] }, "aws:appflow/FlowSourceFlowConfigIncrementalPullConfig:FlowSourceFlowConfigIncrementalPullConfig": { "properties": { "datetimeTypeFieldName": { "type": "string", "description": "Field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.\n" } }, "type": "object" }, "aws:appflow/FlowSourceFlowConfigSourceConnectorProperties:FlowSourceFlowConfigSourceConnectorProperties": { "properties": { "amplitude": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesAmplitude:FlowSourceFlowConfigSourceConnectorPropertiesAmplitude", "description": "Information that is required for querying Amplitude. See Generic Source Properties for more details.\n" }, "customConnector": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector:FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector", "description": "Properties that are applied when the custom connector is being used as a source. See Custom Connector Source Properties.\n" }, "datadog": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesDatadog:FlowSourceFlowConfigSourceConnectorPropertiesDatadog", "description": "Information that is required for querying Datadog. See Generic Source Properties for more details.\n" }, "dynatrace": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesDynatrace:FlowSourceFlowConfigSourceConnectorPropertiesDynatrace", "description": "Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "googleAnalytics": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics:FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics", "description": "Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`.\n" }, "inforNexus": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesInforNexus:FlowSourceFlowConfigSourceConnectorPropertiesInforNexus", "description": "Information that is required for querying Infor Nexus. See Generic Source Properties for more details.\n" }, "marketo": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesMarketo:FlowSourceFlowConfigSourceConnectorPropertiesMarketo", "description": "Information that is required for querying Marketo. See Generic Source Properties for more details.\n" }, "s3": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesS3:FlowSourceFlowConfigSourceConnectorPropertiesS3", "description": "Information that is required for querying Amazon S3. See S3 Source Properties for more details.\n" }, "salesforce": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSalesforce:FlowSourceFlowConfigSourceConnectorPropertiesSalesforce", "description": "Information that is required for querying Salesforce. See Salesforce Source Properties for more details.\n" }, "sapoData": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSapoData:FlowSourceFlowConfigSourceConnectorPropertiesSapoData", "description": "Information that is required for querying SAPOData as a flow source. See SAPO Source Properties for more details.\n" }, "serviceNow": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesServiceNow:FlowSourceFlowConfigSourceConnectorPropertiesServiceNow", "description": "Information that is required for querying ServiceNow. See Generic Source Properties for more details.\n" }, "singular": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSingular:FlowSourceFlowConfigSourceConnectorPropertiesSingular", "description": "Information that is required for querying Singular. See Generic Source Properties for more details.\n" }, "slack": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSlack:FlowSourceFlowConfigSourceConnectorPropertiesSlack", "description": "Information that is required for querying Slack. See Generic Source Properties for more details.\n" }, "trendmicro": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro:FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro", "description": "Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "veeva": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesVeeva:FlowSourceFlowConfigSourceConnectorPropertiesVeeva", "description": "Information that is required for querying Veeva. See Veeva Source Properties for more details.\n" }, "zendesk": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesZendesk:FlowSourceFlowConfigSourceConnectorPropertiesZendesk", "description": "Information that is required for querying Zendesk. See Generic Source Properties for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "s3" ] } } }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesAmplitude:FlowSourceFlowConfigSourceConnectorPropertiesAmplitude": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector:FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector": { "properties": { "customProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "entityName": { "type": "string" } }, "type": "object", "required": [ "entityName" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesDatadog:FlowSourceFlowConfigSourceConnectorPropertiesDatadog": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesDynatrace:FlowSourceFlowConfigSourceConnectorPropertiesDynatrace": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics:FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesInforNexus:FlowSourceFlowConfigSourceConnectorPropertiesInforNexus": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesMarketo:FlowSourceFlowConfigSourceConnectorPropertiesMarketo": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesS3:FlowSourceFlowConfigSourceConnectorPropertiesS3": { "properties": { "bucketName": { "type": "string", "willReplaceOnChanges": true }, "bucketPrefix": { "type": "string", "willReplaceOnChanges": true }, "s3InputFormatConfig": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig:FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig", "description": "When you use Amazon S3 as the source, the configuration format that you provide the flow input data. See S3 Input Format Config for details.\n" } }, "type": "object", "required": [ "bucketName", "bucketPrefix" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig:FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig": { "properties": { "s3InputFileType": { "type": "string", "description": "File type that Amazon AppFlow gets from your Amazon S3 bucket. Valid values are `CSV` and `JSON`.\n" } }, "type": "object" }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSalesforce:FlowSourceFlowConfigSourceConnectorPropertiesSalesforce": { "properties": { "enableDynamicFieldUpdate": { "type": "boolean", "description": "Flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.\n" }, "includeDeletedRecords": { "type": "boolean", "description": "Whether Amazon AppFlow includes deleted files in the flow run.\n" }, "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSapoData:FlowSourceFlowConfigSourceConnectorPropertiesSapoData": { "properties": { "objectPath": { "type": "string" } }, "type": "object", "required": [ "objectPath" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesServiceNow:FlowSourceFlowConfigSourceConnectorPropertiesServiceNow": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSingular:FlowSourceFlowConfigSourceConnectorPropertiesSingular": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesSlack:FlowSourceFlowConfigSourceConnectorPropertiesSlack": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro:FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesVeeva:FlowSourceFlowConfigSourceConnectorPropertiesVeeva": { "properties": { "documentType": { "type": "string", "description": "Document type specified in the Veeva document extract flow.\n" }, "includeAllVersions": { "type": "boolean", "description": "Boolean value to include All Versions of files in Veeva document extract flow.\n" }, "includeRenditions": { "type": "boolean", "description": "Boolean value to include file renditions in Veeva document extract flow.\n" }, "includeSourceFiles": { "type": "boolean", "description": "Boolean value to include source files in Veeva document extract flow.\n" }, "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowSourceFlowConfigSourceConnectorPropertiesZendesk:FlowSourceFlowConfigSourceConnectorPropertiesZendesk": { "properties": { "object": { "type": "string" } }, "type": "object", "required": [ "object" ] }, "aws:appflow/FlowTask:FlowTask": { "properties": { "connectorOperators": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowTaskConnectorOperator:FlowTaskConnectorOperator" }, "description": "Operation to be performed on the provided source fields. See Connector Operator for details.\n" }, "destinationField": { "type": "string", "description": "Field in a destination connector, or a field value against which Amazon AppFlow validates a source field.\n" }, "sourceFields": { "type": "array", "items": { "type": "string" }, "description": "Source fields to which a particular task is applied.\n" }, "taskProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map used to store task-related information. The execution service looks for particular information based on the `TaskType`. Valid keys are `VALUE`, `VALUES`, `DATA_TYPE`, `UPPER_BOUND`, `LOWER_BOUND`, `SOURCE_DATA_TYPE`, `DESTINATION_DATA_TYPE`, `VALIDATION_ACTION`, `MASK_VALUE`, `MASK_LENGTH`, `TRUNCATE_LENGTH`, `MATH_OPERATION_FIELDS_ORDER`, `CONCAT_FORMAT`, `SUBFIELD_CATEGORY_MAP`, and `EXCLUDE_SOURCE_FIELDS_LIST`.\n" }, "taskType": { "type": "string", "description": "Particular task implementation that Amazon AppFlow performs. Valid values are `Arithmetic`, `Filter`, `Map`, `Map_all`, `Mask`, `Merge`, `Passthrough`, `Truncate`, and `Validate`.\n" } }, "type": "object", "required": [ "taskType" ], "language": { "nodejs": { "requiredOutputs": [ "sourceFields", "taskType" ] } } }, "aws:appflow/FlowTaskConnectorOperator:FlowTaskConnectorOperator": { "properties": { "amplitude": { "type": "string", "description": "Operation to be performed on the provided Amplitude source fields. The only valid value is `BETWEEN`.\n" }, "customConnector": { "type": "string", "description": "Operators supported by the custom connector. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "datadog": { "type": "string", "description": "Operation to be performed on the provided Datadog source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "dynatrace": { "type": "string", "description": "Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "googleAnalytics": { "type": "string", "description": "Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`.\n" }, "inforNexus": { "type": "string", "description": "Operation to be performed on the provided Infor Nexus source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "marketo": { "type": "string", "description": "Operation to be performed on the provided Marketo source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "s3": { "type": "string", "description": "Operation to be performed on the provided Amazon S3 source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "salesforce": { "type": "string", "description": "Operation to be performed on the provided Salesforce source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "sapoData": { "type": "string", "description": "Operation to be performed on the provided SAPOData source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "serviceNow": { "type": "string", "description": "Operation to be performed on the provided ServiceNow source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "singular": { "type": "string", "description": "Operation to be performed on the provided Singular source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "slack": { "type": "string", "description": "Operation to be performed on the provided Slack source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "trendmicro": { "type": "string", "description": "Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "veeva": { "type": "string", "description": "Operation to be performed on the provided Veeva source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" }, "zendesk": { "type": "string", "description": "Operation to be performed on the provided Zendesk source fields. Valid values are `PROJECTION`, `GREATER_THAN`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`.\n" } }, "type": "object" }, "aws:appflow/FlowTriggerConfig:FlowTriggerConfig": { "properties": { "triggerProperties": { "$ref": "#/types/aws:appflow/FlowTriggerConfigTriggerProperties:FlowTriggerConfigTriggerProperties", "description": "Configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type. See Scheduled Trigger Properties for details.\n" }, "triggerType": { "type": "string", "description": "Type of flow trigger. Valid values are `Scheduled`, `Event`, and `OnDemand`.\n" } }, "type": "object", "required": [ "triggerType" ], "language": { "nodejs": { "requiredOutputs": [ "triggerProperties", "triggerType" ] } } }, "aws:appflow/FlowTriggerConfigTriggerProperties:FlowTriggerConfigTriggerProperties": { "properties": { "scheduled": { "$ref": "#/types/aws:appflow/FlowTriggerConfigTriggerPropertiesScheduled:FlowTriggerConfigTriggerPropertiesScheduled" } }, "type": "object" }, "aws:appflow/FlowTriggerConfigTriggerPropertiesScheduled:FlowTriggerConfigTriggerPropertiesScheduled": { "properties": { "dataPullMode": { "type": "string", "description": "Whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. Valid values are `Incremental` and `Complete`.\n" }, "firstExecutionFrom": { "type": "string", "description": "Date range for the records to import from the connector in the first flow run. Must be a valid RFC3339 timestamp.\n" }, "scheduleEndTime": { "type": "string", "description": "Scheduled end time for a schedule-triggered flow. Must be a valid RFC3339 timestamp.\n" }, "scheduleExpression": { "type": "string", "description": "Scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)`.\n" }, "scheduleOffset": { "type": "integer", "description": "Optional offset that is added to the time interval for a schedule-triggered flow. Maximum value of 36000.\n" }, "scheduleStartTime": { "type": "string", "description": "Scheduled start time for a schedule-triggered flow. Must be a valid RFC3339 timestamp.\n" }, "timezone": { "type": "string", "description": "Time zone used when referring to the date and time of a scheduled-triggered flow, such as `America/New_York`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appflow.Flow;\nimport com.pulumi.aws.appflow.FlowArgs;\nimport com.pulumi.aws.appflow.inputs.FlowTriggerConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Flow(\"example\", FlowArgs.builder()\n .triggerConfig(FlowTriggerConfigArgs.builder()\n .scheduled(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appflow:Flow\n properties:\n triggerConfig:\n scheduled:\n - scheduleExpression: rate(1minutes)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" } }, "type": "object", "required": [ "scheduleExpression" ] }, "aws:appintegrations/DataIntegrationScheduleConfig:DataIntegrationScheduleConfig": { "properties": { "firstExecutionFrom": { "type": "string", "description": "The start date for objects to import in the first flow run as an Unix/epoch timestamp in milliseconds or in ISO-8601 format. This needs to be a time in the past, meaning that the data created or updated before this given date will not be downloaded.\n", "willReplaceOnChanges": true }, "object": { "type": "string", "description": "The name of the object to pull from the data source. Examples of objects in Salesforce include `Case`, `Account`, or `Lead`.\n", "willReplaceOnChanges": true }, "scheduleExpression": { "type": "string", "description": "How often the data should be pulled from data source. Examples include `rate(1 hour)`, `rate(3 hours)`, `rate(1 day)`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "firstExecutionFrom", "object", "scheduleExpression" ] }, "aws:appintegrations/getEventIntegrationEventFilter:getEventIntegrationEventFilter": { "properties": { "source": { "type": "string", "description": "The source of the events.\n" } }, "type": "object", "required": [ "source" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:applicationloadbalancing/IpAddressType:IpAddressType": { "type": "string", "enum": [ { "name": "Ipv4", "value": "ipv4" }, { "name": "Dualstack", "value": "dualstack" } ] }, "aws:applicationloadbalancing/LoadBalancerType:LoadBalancerType": { "type": "string", "enum": [ { "name": "Application", "value": "application" }, { "name": "Network", "value": "network" } ] }, "aws:appmesh/GatewayRouteSpec:GatewayRouteSpec": { "properties": { "grpcRoute": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecGrpcRoute:GatewayRouteSpecGrpcRoute", "description": "Specification of a gRPC gateway route.\n" }, "http2Route": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2Route:GatewayRouteSpecHttp2Route", "description": "Specification of an HTTP/2 gateway route.\n" }, "httpRoute": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRoute:GatewayRouteSpecHttpRoute", "description": "Specification of an HTTP gateway route.\n" }, "priority": { "type": "integer", "description": "Priority for the gateway route, between `0` and `1000`.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecGrpcRoute:GatewayRouteSpecGrpcRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecGrpcRouteAction:GatewayRouteSpecGrpcRouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecGrpcRouteMatch:GatewayRouteSpecGrpcRouteMatch", "description": "Criteria for determining a request match.\n" } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/GatewayRouteSpecGrpcRouteAction:GatewayRouteSpecGrpcRouteAction": { "properties": { "target": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecGrpcRouteActionTarget:GatewayRouteSpecGrpcRouteActionTarget", "description": "Target that traffic is routed to when a request matches the gateway route.\n" } }, "type": "object", "required": [ "target" ] }, "aws:appmesh/GatewayRouteSpecGrpcRouteActionTarget:GatewayRouteSpecGrpcRouteActionTarget": { "properties": { "port": { "type": "integer", "description": "The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners.\n" }, "virtualService": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecGrpcRouteActionTargetVirtualService:GatewayRouteSpecGrpcRouteActionTargetVirtualService", "description": "Virtual service gateway route target.\n" } }, "type": "object", "required": [ "virtualService" ] }, "aws:appmesh/GatewayRouteSpecGrpcRouteActionTargetVirtualService:GatewayRouteSpecGrpcRouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string", "description": "Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualServiceName" ] }, "aws:appmesh/GatewayRouteSpecGrpcRouteMatch:GatewayRouteSpecGrpcRouteMatch": { "properties": { "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "serviceName": { "type": "string", "description": "Fully qualified domain name for the service to match from the request.\n" } }, "type": "object", "required": [ "serviceName" ] }, "aws:appmesh/GatewayRouteSpecHttp2Route:GatewayRouteSpecHttp2Route": { "properties": { "action": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteAction:GatewayRouteSpecHttp2RouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatch:GatewayRouteSpecHttp2RouteMatch", "description": "Criteria for determining a request match.\n" } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteAction:GatewayRouteSpecHttp2RouteAction": { "properties": { "rewrite": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionRewrite:GatewayRouteSpecHttp2RouteActionRewrite", "description": "Gateway route action to rewrite.\n" }, "target": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionTarget:GatewayRouteSpecHttp2RouteActionTarget", "description": "Target that traffic is routed to when a request matches the gateway route.\n" } }, "type": "object", "required": [ "target" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionRewrite:GatewayRouteSpecHttp2RouteActionRewrite": { "properties": { "hostname": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionRewriteHostname:GatewayRouteSpecHttp2RouteActionRewriteHostname", "description": "Host name to rewrite.\n" }, "path": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionRewritePath:GatewayRouteSpecHttp2RouteActionRewritePath", "description": "Exact path to rewrite.\n" }, "prefix": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionRewritePrefix:GatewayRouteSpecHttp2RouteActionRewritePrefix", "description": "Specified beginning characters to rewrite.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionRewriteHostname:GatewayRouteSpecHttp2RouteActionRewriteHostname": { "properties": { "defaultTargetHostname": { "type": "string", "description": "Default target host name to write to. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object", "required": [ "defaultTargetHostname" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionRewritePath:GatewayRouteSpecHttp2RouteActionRewritePath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" } }, "type": "object", "required": [ "exact" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionRewritePrefix:GatewayRouteSpecHttp2RouteActionRewritePrefix": { "properties": { "defaultPrefix": { "type": "string", "description": "Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`.\n" }, "value": { "type": "string", "description": "Value used to replace the incoming route prefix when rewritten.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionTarget:GatewayRouteSpecHttp2RouteActionTarget": { "properties": { "port": { "type": "integer", "description": "The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners.\n" }, "virtualService": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteActionTargetVirtualService:GatewayRouteSpecHttp2RouteActionTargetVirtualService", "description": "Virtual service gateway route target.\n" } }, "type": "object", "required": [ "virtualService" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteActionTargetVirtualService:GatewayRouteSpecHttp2RouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string", "description": "Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualServiceName" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatch:GatewayRouteSpecHttp2RouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeader:GatewayRouteSpecHttp2RouteMatchHeader" }, "description": "Client request headers to match on.\n" }, "hostname": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchHostname:GatewayRouteSpecHttp2RouteMatchHostname", "description": "Host name to match on.\n" }, "path": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchPath:GatewayRouteSpecHttp2RouteMatchPath", "description": "Client request path to match on.\n" }, "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "prefix": { "type": "string", "description": "Path to match requests with. This parameter must always start with `/`, which by itself matches all requests to the virtual service name.\n" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchQueryParameter:GatewayRouteSpecHttp2RouteMatchQueryParameter" }, "description": "Client request query parameters to match on.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeader:GatewayRouteSpecHttp2RouteMatchHeader": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` method and value. Default is `false`.\n" }, "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeaderMatch:GatewayRouteSpecHttp2RouteMatchHeaderMatch", "description": "Method and value to match the header value sent with a request. Specify one match method.\n" }, "name": { "type": "string", "description": "Name for the HTTP header in the client request that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeaderMatch:GatewayRouteSpecHttp2RouteMatchHeaderMatch": { "properties": { "exact": { "type": "string", "description": "Header value sent by the client must match the specified value exactly.\n" }, "prefix": { "type": "string", "description": "Header value sent by the client must begin with the specified characters.\n" }, "range": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeaderMatchRange:GatewayRouteSpecHttp2RouteMatchHeaderMatchRange", "description": "Object that specifies the range of numbers that the header value sent by the client must be included in.\n" }, "regex": { "type": "string", "description": "Header value sent by the client must include the specified characters.\n" }, "suffix": { "type": "string", "description": "Header value sent by the client must end with the specified characters.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchHeaderMatchRange:GatewayRouteSpecHttp2RouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer", "description": "End of the range.\n" }, "start": { "type": "integer", "description": "Start of the range.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchHostname:GatewayRouteSpecHttp2RouteMatchHostname": { "properties": { "exact": { "type": "string", "description": "Exact host name to match on.\n" }, "suffix": { "type": "string", "description": "Specified ending characters of the host name to match on.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchPath:GatewayRouteSpecHttp2RouteMatchPath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" }, "regex": { "type": "string", "description": "The regex used to match the path.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchQueryParameter:GatewayRouteSpecHttp2RouteMatchQueryParameter": { "properties": { "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttp2RouteMatchQueryParameterMatch:GatewayRouteSpecHttp2RouteMatchQueryParameterMatch", "description": "The query parameter to match on.\n" }, "name": { "type": "string", "description": "Name for the query parameter that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/GatewayRouteSpecHttp2RouteMatchQueryParameterMatch:GatewayRouteSpecHttp2RouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string", "description": "The exact query parameter to match on.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRoute:GatewayRouteSpecHttpRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteAction:GatewayRouteSpecHttpRouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatch:GatewayRouteSpecHttpRouteMatch", "description": "Criteria for determining a request match.\n" } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteAction:GatewayRouteSpecHttpRouteAction": { "properties": { "rewrite": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionRewrite:GatewayRouteSpecHttpRouteActionRewrite", "description": "Gateway route action to rewrite.\n" }, "target": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionTarget:GatewayRouteSpecHttpRouteActionTarget", "description": "Target that traffic is routed to when a request matches the gateway route.\n" } }, "type": "object", "required": [ "target" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteActionRewrite:GatewayRouteSpecHttpRouteActionRewrite": { "properties": { "hostname": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionRewriteHostname:GatewayRouteSpecHttpRouteActionRewriteHostname", "description": "Host name to rewrite.\n" }, "path": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionRewritePath:GatewayRouteSpecHttpRouteActionRewritePath", "description": "Exact path to rewrite.\n" }, "prefix": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionRewritePrefix:GatewayRouteSpecHttpRouteActionRewritePrefix", "description": "Specified beginning characters to rewrite.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteActionRewriteHostname:GatewayRouteSpecHttpRouteActionRewriteHostname": { "properties": { "defaultTargetHostname": { "type": "string", "description": "Default target host name to write to. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object", "required": [ "defaultTargetHostname" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteActionRewritePath:GatewayRouteSpecHttpRouteActionRewritePath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" } }, "type": "object", "required": [ "exact" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteActionRewritePrefix:GatewayRouteSpecHttpRouteActionRewritePrefix": { "properties": { "defaultPrefix": { "type": "string", "description": "Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`.\n" }, "value": { "type": "string", "description": "Value used to replace the incoming route prefix when rewritten.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteActionTarget:GatewayRouteSpecHttpRouteActionTarget": { "properties": { "port": { "type": "integer", "description": "The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners.\n" }, "virtualService": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteActionTargetVirtualService:GatewayRouteSpecHttpRouteActionTargetVirtualService", "description": "Virtual service gateway route target.\n" } }, "type": "object", "required": [ "virtualService" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteActionTargetVirtualService:GatewayRouteSpecHttpRouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string", "description": "Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualServiceName" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteMatch:GatewayRouteSpecHttpRouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchHeader:GatewayRouteSpecHttpRouteMatchHeader" }, "description": "Client request headers to match on.\n" }, "hostname": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchHostname:GatewayRouteSpecHttpRouteMatchHostname", "description": "Host name to match on.\n" }, "path": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchPath:GatewayRouteSpecHttpRouteMatchPath", "description": "Client request path to match on.\n" }, "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "prefix": { "type": "string", "description": "Path to match requests with. This parameter must always start with `/`, which by itself matches all requests to the virtual service name.\n" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchQueryParameter:GatewayRouteSpecHttpRouteMatchQueryParameter" }, "description": "Client request query parameters to match on.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchHeader:GatewayRouteSpecHttpRouteMatchHeader": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` method and value. Default is `false`.\n" }, "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchHeaderMatch:GatewayRouteSpecHttpRouteMatchHeaderMatch", "description": "Method and value to match the header value sent with a request. Specify one match method.\n" }, "name": { "type": "string", "description": "Name for the HTTP header in the client request that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchHeaderMatch:GatewayRouteSpecHttpRouteMatchHeaderMatch": { "properties": { "exact": { "type": "string", "description": "Header value sent by the client must match the specified value exactly.\n" }, "prefix": { "type": "string", "description": "Header value sent by the client must begin with the specified characters.\n" }, "range": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchHeaderMatchRange:GatewayRouteSpecHttpRouteMatchHeaderMatchRange", "description": "Object that specifies the range of numbers that the header value sent by the client must be included in.\n" }, "regex": { "type": "string", "description": "Header value sent by the client must include the specified characters.\n" }, "suffix": { "type": "string", "description": "Header value sent by the client must end with the specified characters.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchHeaderMatchRange:GatewayRouteSpecHttpRouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer", "description": "End of the range.\n" }, "start": { "type": "integer", "description": "Start of the range.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchHostname:GatewayRouteSpecHttpRouteMatchHostname": { "properties": { "exact": { "type": "string", "description": "Exact host name to match on.\n" }, "suffix": { "type": "string", "description": "Specified ending characters of the host name to match on.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchPath:GatewayRouteSpecHttpRouteMatchPath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" }, "regex": { "type": "string", "description": "The regex used to match the path.\n" } }, "type": "object" }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchQueryParameter:GatewayRouteSpecHttpRouteMatchQueryParameter": { "properties": { "match": { "$ref": "#/types/aws:appmesh/GatewayRouteSpecHttpRouteMatchQueryParameterMatch:GatewayRouteSpecHttpRouteMatchQueryParameterMatch", "description": "The query parameter to match on.\n" }, "name": { "type": "string", "description": "Name for the query parameter that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/GatewayRouteSpecHttpRouteMatchQueryParameterMatch:GatewayRouteSpecHttpRouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string", "description": "The exact query parameter to match on.\n" } }, "type": "object" }, "aws:appmesh/MeshSpec:MeshSpec": { "properties": { "egressFilter": { "$ref": "#/types/aws:appmesh/MeshSpecEgressFilter:MeshSpecEgressFilter", "description": "Egress filter rules for the service mesh.\n" }, "serviceDiscovery": { "$ref": "#/types/aws:appmesh/MeshSpecServiceDiscovery:MeshSpecServiceDiscovery", "description": "The service discovery information for the service mesh.\n" } }, "type": "object" }, "aws:appmesh/MeshSpecEgressFilter:MeshSpecEgressFilter": { "properties": { "type": { "type": "string", "description": "Egress filter type. By default, the type is `DROP_ALL`. Valid values are `ALLOW_ALL` and `DROP_ALL`.\n" } }, "type": "object" }, "aws:appmesh/MeshSpecServiceDiscovery:MeshSpecServiceDiscovery": { "properties": { "ipPreference": { "type": "string", "description": "The IP version to use to control traffic within the mesh. Valid values are `IPv6_PREFERRED`, `IPv4_PREFERRED`, `IPv4_ONLY`, and `IPv6_ONLY`.\n" } }, "type": "object" }, "aws:appmesh/RouteSpec:RouteSpec": { "properties": { "grpcRoute": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRoute:RouteSpecGrpcRoute", "description": "GRPC routing information for the route.\n" }, "http2Route": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2Route:RouteSpecHttp2Route", "description": "HTTP/2 routing information for the route.\n" }, "httpRoute": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRoute:RouteSpecHttpRoute", "description": "HTTP routing information for the route.\n" }, "priority": { "type": "integer", "description": "Priority for the route, between `0` and `1000`.\nRoutes are matched based on the specified value, where `0` is the highest priority.\n" }, "tcpRoute": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRoute:RouteSpecTcpRoute", "description": "TCP routing information for the route.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecGrpcRoute:RouteSpecGrpcRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteAction:RouteSpecGrpcRouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteMatch:RouteSpecGrpcRouteMatch", "description": "Criteria for determining an gRPC request match.\n" }, "retryPolicy": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteRetryPolicy:RouteSpecGrpcRouteRetryPolicy", "description": "Retry policy.\n" }, "timeout": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteTimeout:RouteSpecGrpcRouteTimeout", "description": "Types of timeouts.\n" } }, "type": "object", "required": [ "action" ] }, "aws:appmesh/RouteSpecGrpcRouteAction:RouteSpecGrpcRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteActionWeightedTarget:RouteSpecGrpcRouteActionWeightedTarget" }, "description": "Targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n" } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecGrpcRouteActionWeightedTarget:RouteSpecGrpcRouteActionWeightedTarget": { "properties": { "port": { "type": "integer", "description": "The targeted port of the weighted object.\n" }, "virtualNode": { "type": "string", "description": "Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length.\n" }, "weight": { "type": "integer", "description": "Relative weight of the weighted target. An integer between 0 and 100.\n" } }, "type": "object", "required": [ "virtualNode", "weight" ], "language": { "nodejs": { "requiredOutputs": [ "port", "virtualNode", "weight" ] } } }, "aws:appmesh/RouteSpecGrpcRouteMatch:RouteSpecGrpcRouteMatch": { "properties": { "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteMatchMetadata:RouteSpecGrpcRouteMatchMetadata" }, "description": "Data to match from the gRPC request.\n" }, "methodName": { "type": "string", "description": "Method name to match from the request. If you specify a name, you must also specify a `service_name`.\n" }, "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "prefix": { "type": "string" }, "serviceName": { "type": "string", "description": "Fully qualified domain name for the service to match from the request.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecGrpcRouteMatchMetadata:RouteSpecGrpcRouteMatchMetadata": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` criteria. Default is `false`.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteMatchMetadataMatch:RouteSpecGrpcRouteMatchMetadataMatch", "description": "Data to match from the request.\n" }, "name": { "type": "string", "description": "Name of the route. Must be between 1 and 50 characters in length.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecGrpcRouteMatchMetadataMatch:RouteSpecGrpcRouteMatchMetadataMatch": { "properties": { "exact": { "type": "string", "description": "Value sent by the client must match the specified value exactly. Must be between 1 and 255 characters in length.\n" }, "prefix": { "type": "string", "description": "Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length.\n" }, "range": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteMatchMetadataMatchRange:RouteSpecGrpcRouteMatchMetadataMatchRange", "description": "Object that specifies the range of numbers that the value sent by the client must be included in.\n" }, "regex": { "type": "string", "description": "Value sent by the client must include the specified characters. Must be between 1 and 255 characters in length.\n" }, "suffix": { "type": "string", "description": "Value sent by the client must end with the specified characters. Must be between 1 and 255 characters in length.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecGrpcRouteMatchMetadataMatchRange:RouteSpecGrpcRouteMatchMetadataMatchRange": { "properties": { "end": { "type": "integer", "description": "End of the range.\n" }, "start": { "type": "integer", "description": "Start of the range.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/RouteSpecGrpcRouteRetryPolicy:RouteSpecGrpcRouteRetryPolicy": { "properties": { "grpcRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of gRPC retry events.\nValid values: `cancelled`, `deadline-exceeded`, `internal`, `resource-exhausted`, `unavailable`.\n" }, "httpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of HTTP retry events.\nValid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream).\n" }, "maxRetries": { "type": "integer", "description": "Maximum number of retries.\n" }, "perRetryTimeout": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteRetryPolicyPerRetryTimeout:RouteSpecGrpcRouteRetryPolicyPerRetryTimeout", "description": "Per-retry timeout.\n" }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of TCP retry events. The only valid value is `connection-error`.\n" } }, "type": "object", "required": [ "maxRetries", "perRetryTimeout" ] }, "aws:appmesh/RouteSpecGrpcRouteRetryPolicyPerRetryTimeout:RouteSpecGrpcRouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string", "description": "Retry unit. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Retry value.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecGrpcRouteTimeout:RouteSpecGrpcRouteTimeout": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteTimeoutIdle:RouteSpecGrpcRouteTimeoutIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/RouteSpecGrpcRouteTimeoutPerRequest:RouteSpecGrpcRouteTimeoutPerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecGrpcRouteTimeoutIdle:RouteSpecGrpcRouteTimeoutIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecGrpcRouteTimeoutPerRequest:RouteSpecGrpcRouteTimeoutPerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttp2Route:RouteSpecHttp2Route": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteAction:RouteSpecHttp2RouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatch:RouteSpecHttp2RouteMatch", "description": "Criteria for determining an HTTP request match.\n" }, "retryPolicy": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteRetryPolicy:RouteSpecHttp2RouteRetryPolicy", "description": "Retry policy.\n" }, "timeout": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteTimeout:RouteSpecHttp2RouteTimeout", "description": "Types of timeouts.\n" } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/RouteSpecHttp2RouteAction:RouteSpecHttp2RouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteActionWeightedTarget:RouteSpecHttp2RouteActionWeightedTarget" }, "description": "Targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n" } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecHttp2RouteActionWeightedTarget:RouteSpecHttp2RouteActionWeightedTarget": { "properties": { "port": { "type": "integer", "description": "The targeted port of the weighted object.\n" }, "virtualNode": { "type": "string", "description": "Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length.\n" }, "weight": { "type": "integer", "description": "Relative weight of the weighted target. An integer between 0 and 100.\n" } }, "type": "object", "required": [ "virtualNode", "weight" ], "language": { "nodejs": { "requiredOutputs": [ "port", "virtualNode", "weight" ] } } }, "aws:appmesh/RouteSpecHttp2RouteMatch:RouteSpecHttp2RouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchHeader:RouteSpecHttp2RouteMatchHeader" }, "description": "Client request headers to match on.\n" }, "method": { "type": "string", "description": "Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`.\n" }, "path": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchPath:RouteSpecHttp2RouteMatchPath", "description": "Client request path to match on.\n" }, "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "prefix": { "type": "string", "description": "Path with which to match requests.\nThis parameter must always start with /, which by itself matches all requests to the virtual router service name.\n" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchQueryParameter:RouteSpecHttp2RouteMatchQueryParameter" }, "description": "Client request query parameters to match on.\n" }, "scheme": { "type": "string", "description": "Client request header scheme to match on. Valid values: `http`, `https`.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttp2RouteMatchHeader:RouteSpecHttp2RouteMatchHeader": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` method and value. Default is `false`.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchHeaderMatch:RouteSpecHttp2RouteMatchHeaderMatch", "description": "Method and value to match the header value sent with a request. Specify one match method.\n" }, "name": { "type": "string", "description": "Name for the HTTP header in the client request that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecHttp2RouteMatchHeaderMatch:RouteSpecHttp2RouteMatchHeaderMatch": { "properties": { "exact": { "type": "string", "description": "Header value sent by the client must match the specified value exactly.\n" }, "prefix": { "type": "string", "description": "Header value sent by the client must begin with the specified characters.\n" }, "range": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchHeaderMatchRange:RouteSpecHttp2RouteMatchHeaderMatchRange", "description": "Object that specifies the range of numbers that the header value sent by the client must be included in.\n" }, "regex": { "type": "string", "description": "Header value sent by the client must include the specified characters.\n" }, "suffix": { "type": "string", "description": "Header value sent by the client must end with the specified characters.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttp2RouteMatchHeaderMatchRange:RouteSpecHttp2RouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer", "description": "End of the range.\n" }, "start": { "type": "integer", "description": "Start of the range.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/RouteSpecHttp2RouteMatchPath:RouteSpecHttp2RouteMatchPath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" }, "regex": { "type": "string", "description": "The regex used to match the path.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttp2RouteMatchQueryParameter:RouteSpecHttp2RouteMatchQueryParameter": { "properties": { "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteMatchQueryParameterMatch:RouteSpecHttp2RouteMatchQueryParameterMatch", "description": "The query parameter to match on.\n" }, "name": { "type": "string", "description": "Name for the query parameter that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecHttp2RouteMatchQueryParameterMatch:RouteSpecHttp2RouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string", "description": "The exact query parameter to match on.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttp2RouteRetryPolicy:RouteSpecHttp2RouteRetryPolicy": { "properties": { "httpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of HTTP retry events.\nValid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream).\n" }, "maxRetries": { "type": "integer", "description": "Maximum number of retries.\n" }, "perRetryTimeout": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteRetryPolicyPerRetryTimeout:RouteSpecHttp2RouteRetryPolicyPerRetryTimeout", "description": "Per-retry timeout.\n" }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of TCP retry events. The only valid value is `connection-error`.\n\nYou must specify at least one value for `http_retry_events`, or at least one value for `tcp_retry_events`.\n" } }, "type": "object", "required": [ "maxRetries", "perRetryTimeout" ] }, "aws:appmesh/RouteSpecHttp2RouteRetryPolicyPerRetryTimeout:RouteSpecHttp2RouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string", "description": "Retry unit. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Retry value.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttp2RouteTimeout:RouteSpecHttp2RouteTimeout": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteTimeoutIdle:RouteSpecHttp2RouteTimeoutIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/RouteSpecHttp2RouteTimeoutPerRequest:RouteSpecHttp2RouteTimeoutPerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttp2RouteTimeoutIdle:RouteSpecHttp2RouteTimeoutIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttp2RouteTimeoutPerRequest:RouteSpecHttp2RouteTimeoutPerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttpRoute:RouteSpecHttpRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteAction:RouteSpecHttpRouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatch:RouteSpecHttpRouteMatch", "description": "Criteria for determining an HTTP request match.\n" }, "retryPolicy": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteRetryPolicy:RouteSpecHttpRouteRetryPolicy", "description": "Retry policy.\n" }, "timeout": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteTimeout:RouteSpecHttpRouteTimeout", "description": "Types of timeouts.\n" } }, "type": "object", "required": [ "action", "match" ] }, "aws:appmesh/RouteSpecHttpRouteAction:RouteSpecHttpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteActionWeightedTarget:RouteSpecHttpRouteActionWeightedTarget" }, "description": "Targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n" } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecHttpRouteActionWeightedTarget:RouteSpecHttpRouteActionWeightedTarget": { "properties": { "port": { "type": "integer", "description": "The targeted port of the weighted object.\n" }, "virtualNode": { "type": "string", "description": "Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length.\n" }, "weight": { "type": "integer", "description": "Relative weight of the weighted target. An integer between 0 and 100.\n" } }, "type": "object", "required": [ "virtualNode", "weight" ], "language": { "nodejs": { "requiredOutputs": [ "port", "virtualNode", "weight" ] } } }, "aws:appmesh/RouteSpecHttpRouteMatch:RouteSpecHttpRouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeader:RouteSpecHttpRouteMatchHeader" }, "description": "Client request headers to match on.\n" }, "method": { "type": "string", "description": "Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`.\n" }, "path": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchPath:RouteSpecHttpRouteMatchPath", "description": "Client request path to match on.\n" }, "port": { "type": "integer", "description": "The port number to match from the request.\n" }, "prefix": { "type": "string", "description": "Path with which to match requests.\nThis parameter must always start with /, which by itself matches all requests to the virtual router service name.\n" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchQueryParameter:RouteSpecHttpRouteMatchQueryParameter" }, "description": "Client request query parameters to match on.\n" }, "scheme": { "type": "string", "description": "Client request header scheme to match on. Valid values: `http`, `https`.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteMatchHeader:RouteSpecHttpRouteMatchHeader": { "properties": { "invert": { "type": "boolean", "description": "If `true`, the match is on the opposite of the `match` method and value. Default is `false`.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeaderMatch:RouteSpecHttpRouteMatchHeaderMatch", "description": "Method and value to match the header value sent with a request. Specify one match method.\n" }, "name": { "type": "string", "description": "Name for the HTTP header in the client request that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecHttpRouteMatchHeaderMatch:RouteSpecHttpRouteMatchHeaderMatch": { "properties": { "exact": { "type": "string", "description": "Header value sent by the client must match the specified value exactly.\n" }, "prefix": { "type": "string", "description": "Header value sent by the client must begin with the specified characters.\n" }, "range": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchHeaderMatchRange:RouteSpecHttpRouteMatchHeaderMatchRange", "description": "Object that specifies the range of numbers that the header value sent by the client must be included in.\n" }, "regex": { "type": "string", "description": "Header value sent by the client must include the specified characters.\n" }, "suffix": { "type": "string", "description": "Header value sent by the client must end with the specified characters.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteMatchHeaderMatchRange:RouteSpecHttpRouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer", "description": "End of the range.\n" }, "start": { "type": "integer", "description": "Start of the range.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:appmesh/RouteSpecHttpRouteMatchPath:RouteSpecHttpRouteMatchPath": { "properties": { "exact": { "type": "string", "description": "The exact path to match on.\n" }, "regex": { "type": "string", "description": "The regex used to match the path.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteMatchQueryParameter:RouteSpecHttpRouteMatchQueryParameter": { "properties": { "match": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteMatchQueryParameterMatch:RouteSpecHttpRouteMatchQueryParameterMatch", "description": "The query parameter to match on.\n" }, "name": { "type": "string", "description": "Name for the query parameter that will be matched on.\n" } }, "type": "object", "required": [ "name" ] }, "aws:appmesh/RouteSpecHttpRouteMatchQueryParameterMatch:RouteSpecHttpRouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string", "description": "The exact query parameter to match on.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteRetryPolicy:RouteSpecHttpRouteRetryPolicy": { "properties": { "httpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of HTTP retry events.\nValid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream).\n" }, "maxRetries": { "type": "integer", "description": "Maximum number of retries.\n" }, "perRetryTimeout": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteRetryPolicyPerRetryTimeout:RouteSpecHttpRouteRetryPolicyPerRetryTimeout", "description": "Per-retry timeout.\n" }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" }, "description": "List of TCP retry events. The only valid value is `connection-error`.\n\nYou must specify at least one value for `http_retry_events`, or at least one value for `tcp_retry_events`.\n" } }, "type": "object", "required": [ "maxRetries", "perRetryTimeout" ] }, "aws:appmesh/RouteSpecHttpRouteRetryPolicyPerRetryTimeout:RouteSpecHttpRouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string", "description": "Retry unit. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Retry value.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttpRouteTimeout:RouteSpecHttpRouteTimeout": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteTimeoutIdle:RouteSpecHttpRouteTimeoutIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/RouteSpecHttpRouteTimeoutPerRequest:RouteSpecHttpRouteTimeoutPerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecHttpRouteTimeoutIdle:RouteSpecHttpRouteTimeoutIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecHttpRouteTimeoutPerRequest:RouteSpecHttpRouteTimeoutPerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/RouteSpecTcpRoute:RouteSpecTcpRoute": { "properties": { "action": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteAction:RouteSpecTcpRouteAction", "description": "Action to take if a match is determined.\n" }, "match": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteMatch:RouteSpecTcpRouteMatch" }, "timeout": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteTimeout:RouteSpecTcpRouteTimeout", "description": "Types of timeouts.\n" } }, "type": "object", "required": [ "action" ] }, "aws:appmesh/RouteSpecTcpRouteAction:RouteSpecTcpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteActionWeightedTarget:RouteSpecTcpRouteActionWeightedTarget" }, "description": "Targets that traffic is routed to when a request matches the route.\nYou can specify one or more targets and their relative weights with which to distribute traffic.\n" } }, "type": "object", "required": [ "weightedTargets" ] }, "aws:appmesh/RouteSpecTcpRouteActionWeightedTarget:RouteSpecTcpRouteActionWeightedTarget": { "properties": { "port": { "type": "integer", "description": "The targeted port of the weighted object.\n" }, "virtualNode": { "type": "string", "description": "Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length.\n" }, "weight": { "type": "integer", "description": "Relative weight of the weighted target. An integer between 0 and 100.\n" } }, "type": "object", "required": [ "virtualNode", "weight" ], "language": { "nodejs": { "requiredOutputs": [ "port", "virtualNode", "weight" ] } } }, "aws:appmesh/RouteSpecTcpRouteMatch:RouteSpecTcpRouteMatch": { "properties": { "port": { "type": "integer" } }, "type": "object" }, "aws:appmesh/RouteSpecTcpRouteTimeout:RouteSpecTcpRouteTimeout": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/RouteSpecTcpRouteTimeoutIdle:RouteSpecTcpRouteTimeoutIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" } }, "type": "object" }, "aws:appmesh/RouteSpecTcpRouteTimeoutIdle:RouteSpecTcpRouteTimeoutIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualGatewaySpec:VirtualGatewaySpec": { "properties": { "backendDefaults": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaults:VirtualGatewaySpecBackendDefaults", "description": "Defaults for backends.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListener:VirtualGatewaySpecListener" }, "description": "Listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener.\n" }, "logging": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecLogging:VirtualGatewaySpecLogging", "description": "Inbound and outbound access logging information for the virtual gateway.\n" } }, "type": "object", "required": [ "listeners" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaults:VirtualGatewaySpecBackendDefaults": { "properties": { "clientPolicy": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicy:VirtualGatewaySpecBackendDefaultsClientPolicy", "description": "Default client policy for virtual gateway backends.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicy:VirtualGatewaySpecBackendDefaultsClientPolicy": { "properties": { "tls": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTls:VirtualGatewaySpecBackendDefaultsClientPolicyTls", "description": "Transport Layer Security (TLS) client policy.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTls:VirtualGatewaySpecBackendDefaultsClientPolicyTls": { "properties": { "certificate": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate", "description": "Listener's TLS certificate.\n" }, "enforce": { "type": "boolean", "description": "Whether the policy is enforced. Default is `true`.\n" }, "ports": { "type": "array", "items": { "type": "integer" }, "description": "One or more ports that the policy is enforced for.\n" }, "validation": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation", "description": "Listener's Transport Layer Security (TLS) validation context.\n" } }, "type": "object", "required": [ "validation" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile", "description": "Local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds", "description": "A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" }, "privateKey": { "type": "string", "description": "Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain", "privateKey" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds:VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation": { "properties": { "subjectAlternativeNames": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames", "description": "SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.\n" }, "trust": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust", "description": "TLS validation context trust.\n" } }, "type": "object", "required": [ "trust" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames": { "properties": { "match": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch", "description": "Criteria for determining a SAN's match.\n" } }, "type": "object", "required": [ "match" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" }, "description": "Values sent must match the specified values exactly.\n" } }, "type": "object", "required": [ "exacts" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust": { "properties": { "acm": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm", "description": "TLS validation context trust for an AWS Certificate Manager (ACM) certificate.\n" }, "file": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile", "description": "TLS validation context trust for a local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds", "description": "TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" }, "description": "One or more ACM ARNs.\n" } }, "type": "object", "required": [ "certificateAuthorityArns" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain" ] }, "aws:appmesh/VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds:VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualGatewaySpecListener:VirtualGatewaySpecListener": { "properties": { "connectionPool": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerConnectionPool:VirtualGatewaySpecListenerConnectionPool", "description": "Connection pool information for the listener.\n" }, "healthCheck": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerHealthCheck:VirtualGatewaySpecListenerHealthCheck", "description": "Health check information for the listener.\n" }, "portMapping": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerPortMapping:VirtualGatewaySpecListenerPortMapping", "description": "Port mapping information for the listener.\n" }, "tls": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTls:VirtualGatewaySpecListenerTls", "description": "Transport Layer Security (TLS) properties for the listener\n" } }, "type": "object", "required": [ "portMapping" ] }, "aws:appmesh/VirtualGatewaySpecListenerConnectionPool:VirtualGatewaySpecListenerConnectionPool": { "properties": { "grpc": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerConnectionPoolGrpc:VirtualGatewaySpecListenerConnectionPoolGrpc", "description": "Connection pool information for gRPC listeners.\n" }, "http": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerConnectionPoolHttp:VirtualGatewaySpecListenerConnectionPoolHttp", "description": "Connection pool information for HTTP listeners.\n" }, "http2": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerConnectionPoolHttp2:VirtualGatewaySpecListenerConnectionPoolHttp2", "description": "Connection pool information for HTTP2 listeners.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecListenerConnectionPoolGrpc:VirtualGatewaySpecListenerConnectionPoolGrpc": { "properties": { "maxRequests": { "type": "integer", "description": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxRequests" ] }, "aws:appmesh/VirtualGatewaySpecListenerConnectionPoolHttp2:VirtualGatewaySpecListenerConnectionPoolHttp2": { "properties": { "maxRequests": { "type": "integer", "description": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxRequests" ] }, "aws:appmesh/VirtualGatewaySpecListenerConnectionPoolHttp:VirtualGatewaySpecListenerConnectionPoolHttp": { "properties": { "maxConnections": { "type": "integer", "description": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`.\n" }, "maxPendingRequests": { "type": "integer", "description": "Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxConnections" ] }, "aws:appmesh/VirtualGatewaySpecListenerHealthCheck:VirtualGatewaySpecListenerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks that must occur before declaring listener healthy.\n" }, "intervalMillis": { "type": "integer", "description": "Time period in milliseconds between each health check execution.\n" }, "path": { "type": "string", "description": "Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`.\n" }, "port": { "type": "integer", "description": "Destination port for the health check request. This port must match the port defined in the `port_mapping` for the listener.\n" }, "protocol": { "type": "string", "description": "Protocol for the health check request. Valid values are `http`, `http2`, and `grpc`.\n" }, "timeoutMillis": { "type": "integer", "description": "Amount of time to wait when receiving a response from the health check, in milliseconds.\n" }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.\n" } }, "type": "object", "required": [ "healthyThreshold", "intervalMillis", "protocol", "timeoutMillis", "unhealthyThreshold" ], "language": { "nodejs": { "requiredOutputs": [ "healthyThreshold", "intervalMillis", "port", "protocol", "timeoutMillis", "unhealthyThreshold" ] } } }, "aws:appmesh/VirtualGatewaySpecListenerPortMapping:VirtualGatewaySpecListenerPortMapping": { "properties": { "port": { "type": "integer", "description": "Port used for the port mapping.\n" }, "protocol": { "type": "string", "description": "Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`.\n" } }, "type": "object", "required": [ "port", "protocol" ] }, "aws:appmesh/VirtualGatewaySpecListenerTls:VirtualGatewaySpecListenerTls": { "properties": { "certificate": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsCertificate:VirtualGatewaySpecListenerTlsCertificate", "description": "Listener's TLS certificate.\n" }, "mode": { "type": "string", "description": "Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`.\n" }, "validation": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidation:VirtualGatewaySpecListenerTlsValidation", "description": "Listener's Transport Layer Security (TLS) validation context.\n" } }, "type": "object", "required": [ "certificate", "mode" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsCertificate:VirtualGatewaySpecListenerTlsCertificate": { "properties": { "acm": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsCertificateAcm:VirtualGatewaySpecListenerTlsCertificateAcm", "description": "An AWS Certificate Manager (ACM) certificate.\n" }, "file": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsCertificateFile:VirtualGatewaySpecListenerTlsCertificateFile", "description": "Local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsCertificateSds:VirtualGatewaySpecListenerTlsCertificateSds", "description": "A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecListenerTlsCertificateAcm:VirtualGatewaySpecListenerTlsCertificateAcm": { "properties": { "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" } }, "type": "object", "required": [ "certificateArn" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsCertificateFile:VirtualGatewaySpecListenerTlsCertificateFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" }, "privateKey": { "type": "string", "description": "Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain", "privateKey" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsCertificateSds:VirtualGatewaySpecListenerTlsCertificateSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidation:VirtualGatewaySpecListenerTlsValidation": { "properties": { "subjectAlternativeNames": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames:VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames", "description": "SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.\n" }, "trust": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrust:VirtualGatewaySpecListenerTlsValidationTrust", "description": "TLS validation context trust.\n" } }, "type": "object", "required": [ "trust" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames:VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames": { "properties": { "match": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch:VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch", "description": "Criteria for determining a SAN's match.\n" } }, "type": "object", "required": [ "match" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch:VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" }, "description": "Values sent must match the specified values exactly.\n" } }, "type": "object", "required": [ "exacts" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrust:VirtualGatewaySpecListenerTlsValidationTrust": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrustFile:VirtualGatewaySpecListenerTlsValidationTrustFile", "description": "TLS validation context trust for a local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrustSds:VirtualGatewaySpecListenerTlsValidationTrustSds", "description": "TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrustFile:VirtualGatewaySpecListenerTlsValidationTrustFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain" ] }, "aws:appmesh/VirtualGatewaySpecListenerTlsValidationTrustSds:VirtualGatewaySpecListenerTlsValidationTrustSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualGatewaySpecLogging:VirtualGatewaySpecLogging": { "properties": { "accessLog": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecLoggingAccessLog:VirtualGatewaySpecLoggingAccessLog", "description": "Access log configuration for a virtual gateway.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecLoggingAccessLog:VirtualGatewaySpecLoggingAccessLog": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecLoggingAccessLogFile:VirtualGatewaySpecLoggingAccessLogFile", "description": "File object to send virtual gateway access logs to.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecLoggingAccessLogFile:VirtualGatewaySpecLoggingAccessLogFile": { "properties": { "format": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecLoggingAccessLogFileFormat:VirtualGatewaySpecLoggingAccessLogFileFormat", "description": "The specified format for the logs.\n" }, "path": { "type": "string", "description": "File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "path" ] }, "aws:appmesh/VirtualGatewaySpecLoggingAccessLogFileFormat:VirtualGatewaySpecLoggingAccessLogFileFormat": { "properties": { "jsons": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpecLoggingAccessLogFileFormatJson:VirtualGatewaySpecLoggingAccessLogFileFormatJson" }, "description": "The logging format for JSON.\n" }, "text": { "type": "string", "description": "The logging format for text. Must be between 1 and 1000 characters in length.\n" } }, "type": "object" }, "aws:appmesh/VirtualGatewaySpecLoggingAccessLogFileFormatJson:VirtualGatewaySpecLoggingAccessLogFileFormatJson": { "properties": { "key": { "type": "string", "description": "The specified key for the JSON. Must be between 1 and 100 characters in length.\n" }, "value": { "type": "string", "description": "The specified value for the JSON. Must be between 1 and 100 characters in length.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:appmesh/VirtualNodeSpec:VirtualNodeSpec": { "properties": { "backendDefaults": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaults:VirtualNodeSpecBackendDefaults", "description": "Defaults for backends.\n" }, "backends": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackend:VirtualNodeSpecBackend" }, "description": "Backends to which the virtual node is expected to send outbound traffic.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListener:VirtualNodeSpecListener" }, "description": "Listeners from which the virtual node is expected to receive inbound traffic.\n" }, "logging": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLogging:VirtualNodeSpecLogging", "description": "Inbound and outbound access logging information for the virtual node.\n" }, "serviceDiscovery": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscovery:VirtualNodeSpecServiceDiscovery", "description": "Service discovery information for the virtual node.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackend:VirtualNodeSpecBackend": { "properties": { "virtualService": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualService:VirtualNodeSpecBackendVirtualService", "description": "Virtual service to use as a backend for a virtual node.\n" } }, "type": "object", "required": [ "virtualService" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaults:VirtualNodeSpecBackendDefaults": { "properties": { "clientPolicy": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicy:VirtualNodeSpecBackendDefaultsClientPolicy", "description": "Default client policy for virtual service backends. See above for details.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicy:VirtualNodeSpecBackendDefaultsClientPolicy": { "properties": { "tls": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTls:VirtualNodeSpecBackendDefaultsClientPolicyTls", "description": "Transport Layer Security (TLS) client policy.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTls:VirtualNodeSpecBackendDefaultsClientPolicyTls": { "properties": { "certificate": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate", "description": "Listener's TLS certificate.\n" }, "enforce": { "type": "boolean", "description": "Whether the policy is enforced. Default is `true`.\n" }, "ports": { "type": "array", "items": { "type": "integer" }, "description": "One or more ports that the policy is enforced for.\n" }, "validation": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation", "description": "Listener's Transport Layer Security (TLS) validation context.\n" } }, "type": "object", "required": [ "validation" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile", "description": "Local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds", "description": "A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" }, "privateKey": { "type": "string", "description": "Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain", "privateKey" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds:VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation": { "properties": { "subjectAlternativeNames": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames", "description": "SANs for a TLS validation context.\n" }, "trust": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust", "description": "TLS validation context trust.\n" } }, "type": "object", "required": [ "trust" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames": { "properties": { "match": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch", "description": "Criteria for determining a SAN's match.\n" } }, "type": "object", "required": [ "match" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" }, "description": "Values sent must match the specified values exactly.\n" } }, "type": "object", "required": [ "exacts" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust": { "properties": { "acm": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm", "description": "TLS validation context trust for an AWS Certificate Manager (ACM) certificate.\n" }, "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile", "description": "TLS validation context trust for a local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds", "description": "TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" }, "description": "One or more ACM ARNs.\n" } }, "type": "object", "required": [ "certificateAuthorityArns" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain" ] }, "aws:appmesh/VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds:VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualService:VirtualNodeSpecBackendVirtualService": { "properties": { "clientPolicy": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicy:VirtualNodeSpecBackendVirtualServiceClientPolicy", "description": "Client policy for the backend.\n" }, "virtualServiceName": { "type": "string", "description": "Name of the virtual service that is acting as a virtual node backend. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualServiceName" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicy:VirtualNodeSpecBackendVirtualServiceClientPolicy": { "properties": { "tls": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTls:VirtualNodeSpecBackendVirtualServiceClientPolicyTls", "description": "Transport Layer Security (TLS) client policy.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTls:VirtualNodeSpecBackendVirtualServiceClientPolicyTls": { "properties": { "certificate": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate", "description": "Listener's TLS certificate.\n" }, "enforce": { "type": "boolean", "description": "Whether the policy is enforced. Default is `true`.\n" }, "ports": { "type": "array", "items": { "type": "integer" }, "description": "One or more ports that the policy is enforced for.\n" }, "validation": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation", "description": "Listener's Transport Layer Security (TLS) validation context.\n" } }, "type": "object", "required": [ "validation" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile", "description": "Local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds", "description": "A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" }, "privateKey": { "type": "string", "description": "Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain", "privateKey" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation": { "properties": { "subjectAlternativeNames": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames", "description": "SANs for a TLS validation context.\n" }, "trust": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust", "description": "TLS validation context trust.\n" } }, "type": "object", "required": [ "trust" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames": { "properties": { "match": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch", "description": "Criteria for determining a SAN's match.\n" } }, "type": "object", "required": [ "match" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" }, "description": "Values sent must match the specified values exactly.\n" } }, "type": "object", "required": [ "exacts" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust": { "properties": { "acm": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm", "description": "TLS validation context trust for an AWS Certificate Manager (ACM) certificate.\n" }, "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile", "description": "TLS validation context trust for a local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds", "description": "TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" }, "description": "One or more ACM ARNs.\n" } }, "type": "object", "required": [ "certificateAuthorityArns" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain" ] }, "aws:appmesh/VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds:VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecListener:VirtualNodeSpecListener": { "properties": { "connectionPool": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerConnectionPool:VirtualNodeSpecListenerConnectionPool", "description": "Connection pool information for the listener.\n" }, "healthCheck": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerHealthCheck:VirtualNodeSpecListenerHealthCheck", "description": "Health check information for the listener.\n" }, "outlierDetection": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerOutlierDetection:VirtualNodeSpecListenerOutlierDetection", "description": "Outlier detection information for the listener.\n" }, "portMapping": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerPortMapping:VirtualNodeSpecListenerPortMapping", "description": "Port mapping information for the listener.\n" }, "timeout": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeout:VirtualNodeSpecListenerTimeout", "description": "Timeouts for different protocols.\n" }, "tls": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTls:VirtualNodeSpecListenerTls", "description": "Transport Layer Security (TLS) properties for the listener\n" } }, "type": "object", "required": [ "portMapping" ] }, "aws:appmesh/VirtualNodeSpecListenerConnectionPool:VirtualNodeSpecListenerConnectionPool": { "properties": { "grpc": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerConnectionPoolGrpc:VirtualNodeSpecListenerConnectionPoolGrpc", "description": "Connection pool information for gRPC listeners.\n" }, "http2s": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerConnectionPoolHttp2:VirtualNodeSpecListenerConnectionPoolHttp2" }, "description": "Connection pool information for HTTP2 listeners.\n" }, "https": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerConnectionPoolHttp:VirtualNodeSpecListenerConnectionPoolHttp" }, "description": "Connection pool information for HTTP listeners.\n" }, "tcps": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerConnectionPoolTcp:VirtualNodeSpecListenerConnectionPoolTcp" }, "description": "Connection pool information for TCP listeners.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerConnectionPoolGrpc:VirtualNodeSpecListenerConnectionPoolGrpc": { "properties": { "maxRequests": { "type": "integer", "description": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxRequests" ] }, "aws:appmesh/VirtualNodeSpecListenerConnectionPoolHttp2:VirtualNodeSpecListenerConnectionPoolHttp2": { "properties": { "maxRequests": { "type": "integer", "description": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxRequests" ] }, "aws:appmesh/VirtualNodeSpecListenerConnectionPoolHttp:VirtualNodeSpecListenerConnectionPoolHttp": { "properties": { "maxConnections": { "type": "integer", "description": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`.\n" }, "maxPendingRequests": { "type": "integer", "description": "Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxConnections" ] }, "aws:appmesh/VirtualNodeSpecListenerConnectionPoolTcp:VirtualNodeSpecListenerConnectionPoolTcp": { "properties": { "maxConnections": { "type": "integer", "description": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`.\n" } }, "type": "object", "required": [ "maxConnections" ] }, "aws:appmesh/VirtualNodeSpecListenerHealthCheck:VirtualNodeSpecListenerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks that must occur before declaring listener healthy.\n" }, "intervalMillis": { "type": "integer", "description": "Time period in milliseconds between each health check execution.\n" }, "path": { "type": "string", "description": "Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`.\n" }, "port": { "type": "integer", "description": "Destination port for the health check request. This port must match the port defined in the `port_mapping` for the listener.\n" }, "protocol": { "type": "string", "description": "Protocol for the health check request. Valid values are `http`, `http2`, `tcp` and `grpc`.\n" }, "timeoutMillis": { "type": "integer", "description": "Amount of time to wait when receiving a response from the health check, in milliseconds.\n" }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.\n" } }, "type": "object", "required": [ "healthyThreshold", "intervalMillis", "protocol", "timeoutMillis", "unhealthyThreshold" ], "language": { "nodejs": { "requiredOutputs": [ "healthyThreshold", "intervalMillis", "port", "protocol", "timeoutMillis", "unhealthyThreshold" ] } } }, "aws:appmesh/VirtualNodeSpecListenerOutlierDetection:VirtualNodeSpecListenerOutlierDetection": { "properties": { "baseEjectionDuration": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration:VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration", "description": "Base amount of time for which a host is ejected.\n" }, "interval": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerOutlierDetectionInterval:VirtualNodeSpecListenerOutlierDetectionInterval", "description": "Time interval between ejection sweep analysis.\n" }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value.\nMinimum value of `0`. Maximum value of `100`.\n" }, "maxServerErrors": { "type": "integer", "description": "Number of consecutive `5xx` errors required for ejection. Minimum value of `1`.\n" } }, "type": "object", "required": [ "baseEjectionDuration", "interval", "maxEjectionPercent", "maxServerErrors" ] }, "aws:appmesh/VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration:VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerOutlierDetectionInterval:VirtualNodeSpecListenerOutlierDetectionInterval": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerPortMapping:VirtualNodeSpecListenerPortMapping": { "properties": { "port": { "type": "integer", "description": "Port used for the port mapping.\n" }, "protocol": { "type": "string", "description": "Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`.\n" } }, "type": "object", "required": [ "port", "protocol" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeout:VirtualNodeSpecListenerTimeout": { "properties": { "grpc": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutGrpc:VirtualNodeSpecListenerTimeoutGrpc", "description": "Timeouts for gRPC listeners.\n" }, "http": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttp:VirtualNodeSpecListenerTimeoutHttp", "description": "Timeouts for HTTP listeners.\n" }, "http2": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2:VirtualNodeSpecListenerTimeoutHttp2", "description": "Timeouts for HTTP2 listeners.\n" }, "tcp": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutTcp:VirtualNodeSpecListenerTimeoutTcp", "description": "Timeouts for TCP listeners.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTimeoutGrpc:VirtualNodeSpecListenerTimeoutGrpc": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutGrpcIdle:VirtualNodeSpecListenerTimeoutGrpcIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutGrpcPerRequest:VirtualNodeSpecListenerTimeoutGrpcPerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTimeoutGrpcIdle:VirtualNodeSpecListenerTimeoutGrpcIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutGrpcPerRequest:VirtualNodeSpecListenerTimeoutGrpcPerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2:VirtualNodeSpecListenerTimeoutHttp2": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2Idle:VirtualNodeSpecListenerTimeoutHttp2Idle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2PerRequest:VirtualNodeSpecListenerTimeoutHttp2PerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2Idle:VirtualNodeSpecListenerTimeoutHttp2Idle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttp2PerRequest:VirtualNodeSpecListenerTimeoutHttp2PerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttp:VirtualNodeSpecListenerTimeoutHttp": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttpIdle:VirtualNodeSpecListenerTimeoutHttpIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" }, "perRequest": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutHttpPerRequest:VirtualNodeSpecListenerTimeoutHttpPerRequest", "description": "Per request timeout.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttpIdle:VirtualNodeSpecListenerTimeoutHttpIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutHttpPerRequest:VirtualNodeSpecListenerTimeoutHttpPerRequest": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTimeoutTcp:VirtualNodeSpecListenerTimeoutTcp": { "properties": { "idle": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTimeoutTcpIdle:VirtualNodeSpecListenerTimeoutTcpIdle", "description": "Idle timeout. An idle timeout bounds the amount of time that a connection may be idle.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTimeoutTcpIdle:VirtualNodeSpecListenerTimeoutTcpIdle": { "properties": { "unit": { "type": "string", "description": "Unit of time. Valid values: `ms`, `s`.\n" }, "value": { "type": "integer", "description": "Number of time units. Minimum value of `0`.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:appmesh/VirtualNodeSpecListenerTls:VirtualNodeSpecListenerTls": { "properties": { "certificate": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsCertificate:VirtualNodeSpecListenerTlsCertificate", "description": "Listener's TLS certificate.\n" }, "mode": { "type": "string", "description": "Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`.\n" }, "validation": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidation:VirtualNodeSpecListenerTlsValidation", "description": "Listener's Transport Layer Security (TLS) validation context.\n" } }, "type": "object", "required": [ "certificate", "mode" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsCertificate:VirtualNodeSpecListenerTlsCertificate": { "properties": { "acm": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsCertificateAcm:VirtualNodeSpecListenerTlsCertificateAcm", "description": "An AWS Certificate Manager (ACM) certificate.\n" }, "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsCertificateFile:VirtualNodeSpecListenerTlsCertificateFile", "description": "Local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsCertificateSds:VirtualNodeSpecListenerTlsCertificateSds", "description": "A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTlsCertificateAcm:VirtualNodeSpecListenerTlsCertificateAcm": { "properties": { "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" } }, "type": "object", "required": [ "certificateArn" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsCertificateFile:VirtualNodeSpecListenerTlsCertificateFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" }, "privateKey": { "type": "string", "description": "Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain", "privateKey" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsCertificateSds:VirtualNodeSpecListenerTlsCertificateSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsValidation:VirtualNodeSpecListenerTlsValidation": { "properties": { "subjectAlternativeNames": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames:VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames", "description": "SANs for a TLS validation context.\n" }, "trust": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidationTrust:VirtualNodeSpecListenerTlsValidationTrust", "description": "TLS validation context trust.\n" } }, "type": "object", "required": [ "trust" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames:VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames": { "properties": { "match": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch", "description": "Criteria for determining a SAN's match.\n" } }, "type": "object", "required": [ "match" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch:VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" }, "description": "Values sent must match the specified values exactly.\n" } }, "type": "object", "required": [ "exacts" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsValidationTrust:VirtualNodeSpecListenerTlsValidationTrust": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidationTrustFile:VirtualNodeSpecListenerTlsValidationTrustFile", "description": "TLS validation context trust for a local file certificate.\n" }, "sds": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecListenerTlsValidationTrustSds:VirtualNodeSpecListenerTlsValidationTrustSds", "description": "TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecListenerTlsValidationTrustFile:VirtualNodeSpecListenerTlsValidationTrustFile": { "properties": { "certificateChain": { "type": "string", "description": "Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "certificateChain" ] }, "aws:appmesh/VirtualNodeSpecListenerTlsValidationTrustSds:VirtualNodeSpecListenerTlsValidationTrustSds": { "properties": { "secretName": { "type": "string", "description": "Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:appmesh/VirtualNodeSpecLogging:VirtualNodeSpecLogging": { "properties": { "accessLog": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLog:VirtualNodeSpecLoggingAccessLog", "description": "Access log configuration for a virtual node.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecLoggingAccessLog:VirtualNodeSpecLoggingAccessLog": { "properties": { "file": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLogFile:VirtualNodeSpecLoggingAccessLogFile", "description": "File object to send virtual node access logs to.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecLoggingAccessLogFile:VirtualNodeSpecLoggingAccessLogFile": { "properties": { "format": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLogFileFormat:VirtualNodeSpecLoggingAccessLogFileFormat", "description": "The specified format for the logs.\n" }, "path": { "type": "string", "description": "File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "path" ] }, "aws:appmesh/VirtualNodeSpecLoggingAccessLogFileFormat:VirtualNodeSpecLoggingAccessLogFileFormat": { "properties": { "jsons": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecLoggingAccessLogFileFormatJson:VirtualNodeSpecLoggingAccessLogFileFormatJson" }, "description": "The logging format for JSON.\n" }, "text": { "type": "string", "description": "The logging format for text. Must be between 1 and 1000 characters in length.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecLoggingAccessLogFileFormatJson:VirtualNodeSpecLoggingAccessLogFileFormatJson": { "properties": { "key": { "type": "string", "description": "The specified key for the JSON. Must be between 1 and 100 characters in length.\n" }, "value": { "type": "string", "description": "The specified value for the JSON. Must be between 1 and 100 characters in length.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:appmesh/VirtualNodeSpecServiceDiscovery:VirtualNodeSpecServiceDiscovery": { "properties": { "awsCloudMap": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscoveryAwsCloudMap:VirtualNodeSpecServiceDiscoveryAwsCloudMap", "description": "Any AWS Cloud Map information for the virtual node.\n" }, "dns": { "$ref": "#/types/aws:appmesh/VirtualNodeSpecServiceDiscoveryDns:VirtualNodeSpecServiceDiscoveryDns", "description": "DNS service name for the virtual node.\n" } }, "type": "object" }, "aws:appmesh/VirtualNodeSpecServiceDiscoveryAwsCloudMap:VirtualNodeSpecServiceDiscoveryAwsCloudMap": { "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "String map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.\n" }, "namespaceName": { "type": "string", "description": "Name of the AWS Cloud Map namespace to use.\nUse the `aws.servicediscovery.HttpNamespace` resource to configure a Cloud Map namespace. Must be between 1 and 1024 characters in length.\n" }, "serviceName": { "type": "string", "description": "Name of the AWS Cloud Map service to use. Use the `aws.servicediscovery.Service` resource to configure a Cloud Map service. Must be between 1 and 1024 characters in length.\n" } }, "type": "object", "required": [ "namespaceName", "serviceName" ] }, "aws:appmesh/VirtualNodeSpecServiceDiscoveryDns:VirtualNodeSpecServiceDiscoveryDns": { "properties": { "hostname": { "type": "string", "description": "DNS host name for your virtual node.\n" }, "ipPreference": { "type": "string", "description": "The preferred IP version that this virtual node uses. Valid values: `IPv6_PREFERRED`, `IPv4_PREFERRED`, `IPv4_ONLY`, `IPv6_ONLY`.\n" }, "responseType": { "type": "string", "description": "The DNS response type for the virtual node. Valid values: `LOADBALANCER`, `ENDPOINTS`.\n" } }, "type": "object", "required": [ "hostname" ] }, "aws:appmesh/VirtualRouterSpec:VirtualRouterSpec": { "properties": { "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/VirtualRouterSpecListener:VirtualRouterSpecListener" }, "description": "Listeners that the virtual router is expected to receive inbound traffic from.\nCurrently only one listener is supported per virtual router.\n" } }, "type": "object" }, "aws:appmesh/VirtualRouterSpecListener:VirtualRouterSpecListener": { "properties": { "portMapping": { "$ref": "#/types/aws:appmesh/VirtualRouterSpecListenerPortMapping:VirtualRouterSpecListenerPortMapping", "description": "Port mapping information for the listener.\n" } }, "type": "object", "required": [ "portMapping" ] }, "aws:appmesh/VirtualRouterSpecListenerPortMapping:VirtualRouterSpecListenerPortMapping": { "properties": { "port": { "type": "integer", "description": "Port used for the port mapping.\n" }, "protocol": { "type": "string", "description": "Protocol used for the port mapping. Valid values are `http`,`http2`, `tcp` and `grpc`.\n" } }, "type": "object", "required": [ "port", "protocol" ] }, "aws:appmesh/VirtualServiceSpec:VirtualServiceSpec": { "properties": { "provider": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProvider:VirtualServiceSpecProvider", "description": "App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router.\n" } }, "type": "object" }, "aws:appmesh/VirtualServiceSpecProvider:VirtualServiceSpecProvider": { "properties": { "virtualNode": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProviderVirtualNode:VirtualServiceSpecProviderVirtualNode", "description": "Virtual node associated with a virtual service.\n" }, "virtualRouter": { "$ref": "#/types/aws:appmesh/VirtualServiceSpecProviderVirtualRouter:VirtualServiceSpecProviderVirtualRouter", "description": "Virtual router associated with a virtual service.\n" } }, "type": "object" }, "aws:appmesh/VirtualServiceSpecProviderVirtualNode:VirtualServiceSpecProviderVirtualNode": { "properties": { "virtualNodeName": { "type": "string", "description": "Name of the virtual node that is acting as a service provider. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualNodeName" ] }, "aws:appmesh/VirtualServiceSpecProviderVirtualRouter:VirtualServiceSpecProviderVirtualRouter": { "properties": { "virtualRouterName": { "type": "string", "description": "Name of the virtual router that is acting as a service provider. Must be between 1 and 255 characters in length.\n" } }, "type": "object", "required": [ "virtualRouterName" ] }, "aws:appmesh/getGatewayRouteSpec:getGatewayRouteSpec": { "properties": { "grpcRoutes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecGrpcRoute:getGatewayRouteSpecGrpcRoute" } }, "http2Routes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2Route:getGatewayRouteSpecHttp2Route" } }, "httpRoutes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRoute:getGatewayRouteSpecHttpRoute" } }, "priority": { "type": "integer" } }, "type": "object", "required": [ "grpcRoutes", "http2Routes", "httpRoutes", "priority" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecGrpcRoute:getGatewayRouteSpecGrpcRoute": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecGrpcRouteAction:getGatewayRouteSpecGrpcRouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecGrpcRouteMatch:getGatewayRouteSpecGrpcRouteMatch" } } }, "type": "object", "required": [ "actions", "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecGrpcRouteAction:getGatewayRouteSpecGrpcRouteAction": { "properties": { "targets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecGrpcRouteActionTarget:getGatewayRouteSpecGrpcRouteActionTarget" } } }, "type": "object", "required": [ "targets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecGrpcRouteActionTarget:getGatewayRouteSpecGrpcRouteActionTarget": { "properties": { "port": { "type": "integer" }, "virtualServices": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecGrpcRouteActionTargetVirtualService:getGatewayRouteSpecGrpcRouteActionTargetVirtualService" } } }, "type": "object", "required": [ "port", "virtualServices" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecGrpcRouteActionTargetVirtualService:getGatewayRouteSpecGrpcRouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string" } }, "type": "object", "required": [ "virtualServiceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecGrpcRouteMatch:getGatewayRouteSpecGrpcRouteMatch": { "properties": { "port": { "type": "integer" }, "serviceName": { "type": "string" } }, "type": "object", "required": [ "port", "serviceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2Route:getGatewayRouteSpecHttp2Route": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteAction:getGatewayRouteSpecHttp2RouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatch:getGatewayRouteSpecHttp2RouteMatch" } } }, "type": "object", "required": [ "actions", "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteAction:getGatewayRouteSpecHttp2RouteAction": { "properties": { "rewrites": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewrite:getGatewayRouteSpecHttp2RouteActionRewrite" } }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionTarget:getGatewayRouteSpecHttp2RouteActionTarget" } } }, "type": "object", "required": [ "rewrites", "targets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewrite:getGatewayRouteSpecHttp2RouteActionRewrite": { "properties": { "hostnames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewriteHostname:getGatewayRouteSpecHttp2RouteActionRewriteHostname" } }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewritePath:getGatewayRouteSpecHttp2RouteActionRewritePath" } }, "prefixes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewritePrefix:getGatewayRouteSpecHttp2RouteActionRewritePrefix" } } }, "type": "object", "required": [ "hostnames", "paths", "prefixes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewriteHostname:getGatewayRouteSpecHttp2RouteActionRewriteHostname": { "properties": { "defaultTargetHostname": { "type": "string" } }, "type": "object", "required": [ "defaultTargetHostname" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewritePath:getGatewayRouteSpecHttp2RouteActionRewritePath": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionRewritePrefix:getGatewayRouteSpecHttp2RouteActionRewritePrefix": { "properties": { "defaultPrefix": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "defaultPrefix", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionTarget:getGatewayRouteSpecHttp2RouteActionTarget": { "properties": { "port": { "type": "integer" }, "virtualServices": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteActionTargetVirtualService:getGatewayRouteSpecHttp2RouteActionTargetVirtualService" } } }, "type": "object", "required": [ "port", "virtualServices" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteActionTargetVirtualService:getGatewayRouteSpecHttp2RouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string" } }, "type": "object", "required": [ "virtualServiceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatch:getGatewayRouteSpecHttp2RouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeader:getGatewayRouteSpecHttp2RouteMatchHeader" } }, "hostnames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHostname:getGatewayRouteSpecHttp2RouteMatchHostname" } }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchPath:getGatewayRouteSpecHttp2RouteMatchPath" } }, "port": { "type": "integer" }, "prefix": { "type": "string" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchQueryParameter:getGatewayRouteSpecHttp2RouteMatchQueryParameter" } } }, "type": "object", "required": [ "headers", "hostnames", "paths", "port", "prefix", "queryParameters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeader:getGatewayRouteSpecHttp2RouteMatchHeader": { "properties": { "invert": { "type": "boolean" }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeaderMatch:getGatewayRouteSpecHttp2RouteMatchHeaderMatch" } }, "name": { "type": "string", "description": "Name of the gateway route.\n" } }, "type": "object", "required": [ "invert", "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeaderMatch:getGatewayRouteSpecHttp2RouteMatchHeaderMatch": { "properties": { "exact": { "type": "string" }, "prefix": { "type": "string" }, "ranges": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeaderMatchRange:getGatewayRouteSpecHttp2RouteMatchHeaderMatchRange" } }, "regex": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "prefix", "ranges", "regex", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHeaderMatchRange:getGatewayRouteSpecHttp2RouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer" }, "start": { "type": "integer" } }, "type": "object", "required": [ "end", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchHostname:getGatewayRouteSpecHttp2RouteMatchHostname": { "properties": { "exact": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchPath:getGatewayRouteSpecHttp2RouteMatchPath": { "properties": { "exact": { "type": "string" }, "regex": { "type": "string" } }, "type": "object", "required": [ "exact", "regex" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchQueryParameter:getGatewayRouteSpecHttp2RouteMatchQueryParameter": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttp2RouteMatchQueryParameterMatch:getGatewayRouteSpecHttp2RouteMatchQueryParameterMatch" } }, "name": { "type": "string", "description": "Name of the gateway route.\n" } }, "type": "object", "required": [ "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttp2RouteMatchQueryParameterMatch:getGatewayRouteSpecHttp2RouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRoute:getGatewayRouteSpecHttpRoute": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteAction:getGatewayRouteSpecHttpRouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatch:getGatewayRouteSpecHttpRouteMatch" } } }, "type": "object", "required": [ "actions", "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteAction:getGatewayRouteSpecHttpRouteAction": { "properties": { "rewrites": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionRewrite:getGatewayRouteSpecHttpRouteActionRewrite" } }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionTarget:getGatewayRouteSpecHttpRouteActionTarget" } } }, "type": "object", "required": [ "rewrites", "targets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionRewrite:getGatewayRouteSpecHttpRouteActionRewrite": { "properties": { "hostnames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionRewriteHostname:getGatewayRouteSpecHttpRouteActionRewriteHostname" } }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionRewritePath:getGatewayRouteSpecHttpRouteActionRewritePath" } }, "prefixes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionRewritePrefix:getGatewayRouteSpecHttpRouteActionRewritePrefix" } } }, "type": "object", "required": [ "hostnames", "paths", "prefixes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionRewriteHostname:getGatewayRouteSpecHttpRouteActionRewriteHostname": { "properties": { "defaultTargetHostname": { "type": "string" } }, "type": "object", "required": [ "defaultTargetHostname" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionRewritePath:getGatewayRouteSpecHttpRouteActionRewritePath": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionRewritePrefix:getGatewayRouteSpecHttpRouteActionRewritePrefix": { "properties": { "defaultPrefix": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "defaultPrefix", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionTarget:getGatewayRouteSpecHttpRouteActionTarget": { "properties": { "port": { "type": "integer" }, "virtualServices": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteActionTargetVirtualService:getGatewayRouteSpecHttpRouteActionTargetVirtualService" } } }, "type": "object", "required": [ "port", "virtualServices" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteActionTargetVirtualService:getGatewayRouteSpecHttpRouteActionTargetVirtualService": { "properties": { "virtualServiceName": { "type": "string" } }, "type": "object", "required": [ "virtualServiceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatch:getGatewayRouteSpecHttpRouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeader:getGatewayRouteSpecHttpRouteMatchHeader" } }, "hostnames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchHostname:getGatewayRouteSpecHttpRouteMatchHostname" } }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchPath:getGatewayRouteSpecHttpRouteMatchPath" } }, "port": { "type": "integer" }, "prefix": { "type": "string" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchQueryParameter:getGatewayRouteSpecHttpRouteMatchQueryParameter" } } }, "type": "object", "required": [ "headers", "hostnames", "paths", "port", "prefix", "queryParameters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeader:getGatewayRouteSpecHttpRouteMatchHeader": { "properties": { "invert": { "type": "boolean" }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeaderMatch:getGatewayRouteSpecHttpRouteMatchHeaderMatch" } }, "name": { "type": "string", "description": "Name of the gateway route.\n" } }, "type": "object", "required": [ "invert", "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeaderMatch:getGatewayRouteSpecHttpRouteMatchHeaderMatch": { "properties": { "exact": { "type": "string" }, "prefix": { "type": "string" }, "ranges": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeaderMatchRange:getGatewayRouteSpecHttpRouteMatchHeaderMatchRange" } }, "regex": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "prefix", "ranges", "regex", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchHeaderMatchRange:getGatewayRouteSpecHttpRouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer" }, "start": { "type": "integer" } }, "type": "object", "required": [ "end", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchHostname:getGatewayRouteSpecHttpRouteMatchHostname": { "properties": { "exact": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchPath:getGatewayRouteSpecHttpRouteMatchPath": { "properties": { "exact": { "type": "string" }, "regex": { "type": "string" } }, "type": "object", "required": [ "exact", "regex" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchQueryParameter:getGatewayRouteSpecHttpRouteMatchQueryParameter": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpecHttpRouteMatchQueryParameterMatch:getGatewayRouteSpecHttpRouteMatchQueryParameterMatch" } }, "name": { "type": "string", "description": "Name of the gateway route.\n" } }, "type": "object", "required": [ "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getGatewayRouteSpecHttpRouteMatchQueryParameterMatch:getGatewayRouteSpecHttpRouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getMeshSpec:getMeshSpec": { "properties": { "egressFilters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getMeshSpecEgressFilter:getMeshSpecEgressFilter" } }, "serviceDiscoveries": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getMeshSpecServiceDiscovery:getMeshSpecServiceDiscovery" } } }, "type": "object", "required": [ "egressFilters", "serviceDiscoveries" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getMeshSpecEgressFilter:getMeshSpecEgressFilter": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getMeshSpecServiceDiscovery:getMeshSpecServiceDiscovery": { "properties": { "ipPreference": { "type": "string" } }, "type": "object", "required": [ "ipPreference" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpec:getRouteSpec": { "properties": { "grpcRoutes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRoute:getRouteSpecGrpcRoute" } }, "http2Routes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2Route:getRouteSpecHttp2Route" } }, "httpRoutes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRoute:getRouteSpecHttpRoute" } }, "priority": { "type": "integer" }, "tcpRoutes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRoute:getRouteSpecTcpRoute" } } }, "type": "object", "required": [ "grpcRoutes", "http2Routes", "httpRoutes", "priority", "tcpRoutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRoute:getRouteSpecGrpcRoute": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteAction:getRouteSpecGrpcRouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteMatch:getRouteSpecGrpcRouteMatch" } }, "retryPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteRetryPolicy:getRouteSpecGrpcRouteRetryPolicy" } }, "timeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteTimeout:getRouteSpecGrpcRouteTimeout" } } }, "type": "object", "required": [ "actions", "matches", "retryPolicies", "timeouts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteAction:getRouteSpecGrpcRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteActionWeightedTarget:getRouteSpecGrpcRouteActionWeightedTarget" } } }, "type": "object", "required": [ "weightedTargets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteActionWeightedTarget:getRouteSpecGrpcRouteActionWeightedTarget": { "properties": { "port": { "type": "integer" }, "virtualNode": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "port", "virtualNode", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteMatch:getRouteSpecGrpcRouteMatch": { "properties": { "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteMatchMetadata:getRouteSpecGrpcRouteMatchMetadata" } }, "methodName": { "type": "string" }, "port": { "type": "integer" }, "prefix": { "type": "string" }, "serviceName": { "type": "string" } }, "type": "object", "required": [ "metadatas", "methodName", "port", "prefix", "serviceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteMatchMetadata:getRouteSpecGrpcRouteMatchMetadata": { "properties": { "invert": { "type": "boolean" }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteMatchMetadataMatch:getRouteSpecGrpcRouteMatchMetadataMatch" } }, "name": { "type": "string", "description": "Name of the route.\n" } }, "type": "object", "required": [ "invert", "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteMatchMetadataMatch:getRouteSpecGrpcRouteMatchMetadataMatch": { "properties": { "exact": { "type": "string" }, "prefix": { "type": "string" }, "ranges": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteMatchMetadataMatchRange:getRouteSpecGrpcRouteMatchMetadataMatchRange" } }, "regex": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "prefix", "ranges", "regex", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteMatchMetadataMatchRange:getRouteSpecGrpcRouteMatchMetadataMatchRange": { "properties": { "end": { "type": "integer" }, "start": { "type": "integer" } }, "type": "object", "required": [ "end", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteRetryPolicy:getRouteSpecGrpcRouteRetryPolicy": { "properties": { "grpcRetryEvents": { "type": "array", "items": { "type": "string" } }, "httpRetryEvents": { "type": "array", "items": { "type": "string" } }, "maxRetries": { "type": "integer" }, "perRetryTimeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteRetryPolicyPerRetryTimeout:getRouteSpecGrpcRouteRetryPolicyPerRetryTimeout" } }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "grpcRetryEvents", "httpRetryEvents", "maxRetries", "perRetryTimeouts", "tcpRetryEvents" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteRetryPolicyPerRetryTimeout:getRouteSpecGrpcRouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteTimeout:getRouteSpecGrpcRouteTimeout": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteTimeoutIdle:getRouteSpecGrpcRouteTimeoutIdle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecGrpcRouteTimeoutPerRequest:getRouteSpecGrpcRouteTimeoutPerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteTimeoutIdle:getRouteSpecGrpcRouteTimeoutIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecGrpcRouteTimeoutPerRequest:getRouteSpecGrpcRouteTimeoutPerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2Route:getRouteSpecHttp2Route": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteAction:getRouteSpecHttp2RouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatch:getRouteSpecHttp2RouteMatch" } }, "retryPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteRetryPolicy:getRouteSpecHttp2RouteRetryPolicy" } }, "timeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteTimeout:getRouteSpecHttp2RouteTimeout" } } }, "type": "object", "required": [ "actions", "matches", "retryPolicies", "timeouts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteAction:getRouteSpecHttp2RouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteActionWeightedTarget:getRouteSpecHttp2RouteActionWeightedTarget" } } }, "type": "object", "required": [ "weightedTargets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteActionWeightedTarget:getRouteSpecHttp2RouteActionWeightedTarget": { "properties": { "port": { "type": "integer" }, "virtualNode": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "port", "virtualNode", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatch:getRouteSpecHttp2RouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchHeader:getRouteSpecHttp2RouteMatchHeader" } }, "method": { "type": "string" }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchPath:getRouteSpecHttp2RouteMatchPath" } }, "port": { "type": "integer" }, "prefix": { "type": "string" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchQueryParameter:getRouteSpecHttp2RouteMatchQueryParameter" } }, "scheme": { "type": "string" } }, "type": "object", "required": [ "headers", "method", "paths", "port", "prefix", "queryParameters", "scheme" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchHeader:getRouteSpecHttp2RouteMatchHeader": { "properties": { "invert": { "type": "boolean" }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchHeaderMatch:getRouteSpecHttp2RouteMatchHeaderMatch" } }, "name": { "type": "string", "description": "Name of the route.\n" } }, "type": "object", "required": [ "invert", "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchHeaderMatch:getRouteSpecHttp2RouteMatchHeaderMatch": { "properties": { "exact": { "type": "string" }, "prefix": { "type": "string" }, "ranges": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchHeaderMatchRange:getRouteSpecHttp2RouteMatchHeaderMatchRange" } }, "regex": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "prefix", "ranges", "regex", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchHeaderMatchRange:getRouteSpecHttp2RouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer" }, "start": { "type": "integer" } }, "type": "object", "required": [ "end", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchPath:getRouteSpecHttp2RouteMatchPath": { "properties": { "exact": { "type": "string" }, "regex": { "type": "string" } }, "type": "object", "required": [ "exact", "regex" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchQueryParameter:getRouteSpecHttp2RouteMatchQueryParameter": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteMatchQueryParameterMatch:getRouteSpecHttp2RouteMatchQueryParameterMatch" } }, "name": { "type": "string", "description": "Name of the route.\n" } }, "type": "object", "required": [ "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteMatchQueryParameterMatch:getRouteSpecHttp2RouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteRetryPolicy:getRouteSpecHttp2RouteRetryPolicy": { "properties": { "httpRetryEvents": { "type": "array", "items": { "type": "string" } }, "maxRetries": { "type": "integer" }, "perRetryTimeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteRetryPolicyPerRetryTimeout:getRouteSpecHttp2RouteRetryPolicyPerRetryTimeout" } }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "httpRetryEvents", "maxRetries", "perRetryTimeouts", "tcpRetryEvents" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteRetryPolicyPerRetryTimeout:getRouteSpecHttp2RouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteTimeout:getRouteSpecHttp2RouteTimeout": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteTimeoutIdle:getRouteSpecHttp2RouteTimeoutIdle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttp2RouteTimeoutPerRequest:getRouteSpecHttp2RouteTimeoutPerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteTimeoutIdle:getRouteSpecHttp2RouteTimeoutIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttp2RouteTimeoutPerRequest:getRouteSpecHttp2RouteTimeoutPerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRoute:getRouteSpecHttpRoute": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteAction:getRouteSpecHttpRouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatch:getRouteSpecHttpRouteMatch" } }, "retryPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteRetryPolicy:getRouteSpecHttpRouteRetryPolicy" } }, "timeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteTimeout:getRouteSpecHttpRouteTimeout" } } }, "type": "object", "required": [ "actions", "matches", "retryPolicies", "timeouts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteAction:getRouteSpecHttpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteActionWeightedTarget:getRouteSpecHttpRouteActionWeightedTarget" } } }, "type": "object", "required": [ "weightedTargets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteActionWeightedTarget:getRouteSpecHttpRouteActionWeightedTarget": { "properties": { "port": { "type": "integer" }, "virtualNode": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "port", "virtualNode", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatch:getRouteSpecHttpRouteMatch": { "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchHeader:getRouteSpecHttpRouteMatchHeader" } }, "method": { "type": "string" }, "paths": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchPath:getRouteSpecHttpRouteMatchPath" } }, "port": { "type": "integer" }, "prefix": { "type": "string" }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchQueryParameter:getRouteSpecHttpRouteMatchQueryParameter" } }, "scheme": { "type": "string" } }, "type": "object", "required": [ "headers", "method", "paths", "port", "prefix", "queryParameters", "scheme" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchHeader:getRouteSpecHttpRouteMatchHeader": { "properties": { "invert": { "type": "boolean" }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchHeaderMatch:getRouteSpecHttpRouteMatchHeaderMatch" } }, "name": { "type": "string", "description": "Name of the route.\n" } }, "type": "object", "required": [ "invert", "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchHeaderMatch:getRouteSpecHttpRouteMatchHeaderMatch": { "properties": { "exact": { "type": "string" }, "prefix": { "type": "string" }, "ranges": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchHeaderMatchRange:getRouteSpecHttpRouteMatchHeaderMatchRange" } }, "regex": { "type": "string" }, "suffix": { "type": "string" } }, "type": "object", "required": [ "exact", "prefix", "ranges", "regex", "suffix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchHeaderMatchRange:getRouteSpecHttpRouteMatchHeaderMatchRange": { "properties": { "end": { "type": "integer" }, "start": { "type": "integer" } }, "type": "object", "required": [ "end", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchPath:getRouteSpecHttpRouteMatchPath": { "properties": { "exact": { "type": "string" }, "regex": { "type": "string" } }, "type": "object", "required": [ "exact", "regex" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchQueryParameter:getRouteSpecHttpRouteMatchQueryParameter": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteMatchQueryParameterMatch:getRouteSpecHttpRouteMatchQueryParameterMatch" } }, "name": { "type": "string", "description": "Name of the route.\n" } }, "type": "object", "required": [ "matches", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteMatchQueryParameterMatch:getRouteSpecHttpRouteMatchQueryParameterMatch": { "properties": { "exact": { "type": "string" } }, "type": "object", "required": [ "exact" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteRetryPolicy:getRouteSpecHttpRouteRetryPolicy": { "properties": { "httpRetryEvents": { "type": "array", "items": { "type": "string" } }, "maxRetries": { "type": "integer" }, "perRetryTimeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteRetryPolicyPerRetryTimeout:getRouteSpecHttpRouteRetryPolicyPerRetryTimeout" } }, "tcpRetryEvents": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "httpRetryEvents", "maxRetries", "perRetryTimeouts", "tcpRetryEvents" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteRetryPolicyPerRetryTimeout:getRouteSpecHttpRouteRetryPolicyPerRetryTimeout": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteTimeout:getRouteSpecHttpRouteTimeout": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteTimeoutIdle:getRouteSpecHttpRouteTimeoutIdle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecHttpRouteTimeoutPerRequest:getRouteSpecHttpRouteTimeoutPerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteTimeoutIdle:getRouteSpecHttpRouteTimeoutIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecHttpRouteTimeoutPerRequest:getRouteSpecHttpRouteTimeoutPerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRoute:getRouteSpecTcpRoute": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRouteAction:getRouteSpecTcpRouteAction" } }, "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRouteMatch:getRouteSpecTcpRouteMatch" } }, "timeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRouteTimeout:getRouteSpecTcpRouteTimeout" } } }, "type": "object", "required": [ "actions", "matches", "timeouts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRouteAction:getRouteSpecTcpRouteAction": { "properties": { "weightedTargets": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRouteActionWeightedTarget:getRouteSpecTcpRouteActionWeightedTarget" } } }, "type": "object", "required": [ "weightedTargets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRouteActionWeightedTarget:getRouteSpecTcpRouteActionWeightedTarget": { "properties": { "port": { "type": "integer" }, "virtualNode": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "port", "virtualNode", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRouteMatch:getRouteSpecTcpRouteMatch": { "properties": { "port": { "type": "integer" } }, "type": "object", "required": [ "port" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRouteTimeout:getRouteSpecTcpRouteTimeout": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getRouteSpecTcpRouteTimeoutIdle:getRouteSpecTcpRouteTimeoutIdle" } } }, "type": "object", "required": [ "idles" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getRouteSpecTcpRouteTimeoutIdle:getRouteSpecTcpRouteTimeoutIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpec:getVirtualGatewaySpec": { "properties": { "backendDefaults": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefault:getVirtualGatewaySpecBackendDefault" } }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListener:getVirtualGatewaySpecListener" } }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecLogging:getVirtualGatewaySpecLogging" } } }, "type": "object", "required": [ "backendDefaults", "listeners", "loggings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefault:getVirtualGatewaySpecBackendDefault": { "properties": { "clientPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicy:getVirtualGatewaySpecBackendDefaultClientPolicy" } } }, "type": "object", "required": [ "clientPolicies" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicy:getVirtualGatewaySpecBackendDefaultClientPolicy": { "properties": { "tls": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTl:getVirtualGatewaySpecBackendDefaultClientPolicyTl" } } }, "type": "object", "required": [ "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTl:getVirtualGatewaySpecBackendDefaultClientPolicyTl": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificate:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificate" } }, "enforce": { "type": "boolean" }, "ports": { "type": "array", "items": { "type": "integer" } }, "validations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidation:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidation" } } }, "type": "object", "required": [ "certificates", "enforce", "ports", "validations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificate:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificate": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateFile:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateSd:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateSd" } } }, "type": "object", "required": [ "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateFile:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateFile": { "properties": { "certificateChain": { "type": "string" }, "privateKey": { "type": "string" } }, "type": "object", "required": [ "certificateChain", "privateKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateSd:getVirtualGatewaySpecBackendDefaultClientPolicyTlCertificateSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidation:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidation": { "properties": { "subjectAlternativeNames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName" } }, "trusts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrust:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrust" } } }, "type": "object", "required": [ "subjectAlternativeNames", "trusts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch" } } }, "type": "object", "required": [ "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "exacts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrust:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrust": { "properties": { "acms": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustAcm:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustAcm" } }, "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustFile:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustSd:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustSd" } } }, "type": "object", "required": [ "acms", "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustAcm:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "certificateAuthorityArns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustFile:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustFile": { "properties": { "certificateChain": { "type": "string" } }, "type": "object", "required": [ "certificateChain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustSd:getVirtualGatewaySpecBackendDefaultClientPolicyTlValidationTrustSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListener:getVirtualGatewaySpecListener": { "properties": { "connectionPools": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerConnectionPool:getVirtualGatewaySpecListenerConnectionPool" } }, "healthChecks": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerHealthCheck:getVirtualGatewaySpecListenerHealthCheck" } }, "portMappings": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerPortMapping:getVirtualGatewaySpecListenerPortMapping" } }, "tls": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTl:getVirtualGatewaySpecListenerTl" } } }, "type": "object", "required": [ "connectionPools", "healthChecks", "portMappings", "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerConnectionPool:getVirtualGatewaySpecListenerConnectionPool": { "properties": { "grpcs": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolGrpc:getVirtualGatewaySpecListenerConnectionPoolGrpc" } }, "http2s": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolHttp2:getVirtualGatewaySpecListenerConnectionPoolHttp2" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolHttp:getVirtualGatewaySpecListenerConnectionPoolHttp" } } }, "type": "object", "required": [ "grpcs", "https", "http2s" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolGrpc:getVirtualGatewaySpecListenerConnectionPoolGrpc": { "properties": { "maxRequests": { "type": "integer" } }, "type": "object", "required": [ "maxRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolHttp2:getVirtualGatewaySpecListenerConnectionPoolHttp2": { "properties": { "maxRequests": { "type": "integer" } }, "type": "object", "required": [ "maxRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerConnectionPoolHttp:getVirtualGatewaySpecListenerConnectionPoolHttp": { "properties": { "maxConnections": { "type": "integer" }, "maxPendingRequests": { "type": "integer" } }, "type": "object", "required": [ "maxConnections", "maxPendingRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerHealthCheck:getVirtualGatewaySpecListenerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer" }, "intervalMillis": { "type": "integer" }, "path": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "timeoutMillis": { "type": "integer" }, "unhealthyThreshold": { "type": "integer" } }, "type": "object", "required": [ "healthyThreshold", "intervalMillis", "path", "port", "protocol", "timeoutMillis", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerPortMapping:getVirtualGatewaySpecListenerPortMapping": { "properties": { "port": { "type": "integer" }, "protocol": { "type": "string" } }, "type": "object", "required": [ "port", "protocol" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTl:getVirtualGatewaySpecListenerTl": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlCertificate:getVirtualGatewaySpecListenerTlCertificate" } }, "mode": { "type": "string" }, "validations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidation:getVirtualGatewaySpecListenerTlValidation" } } }, "type": "object", "required": [ "certificates", "mode", "validations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlCertificate:getVirtualGatewaySpecListenerTlCertificate": { "properties": { "acms": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlCertificateAcm:getVirtualGatewaySpecListenerTlCertificateAcm" } }, "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlCertificateFile:getVirtualGatewaySpecListenerTlCertificateFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlCertificateSd:getVirtualGatewaySpecListenerTlCertificateSd" } } }, "type": "object", "required": [ "acms", "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlCertificateAcm:getVirtualGatewaySpecListenerTlCertificateAcm": { "properties": { "certificateArn": { "type": "string" } }, "type": "object", "required": [ "certificateArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlCertificateFile:getVirtualGatewaySpecListenerTlCertificateFile": { "properties": { "certificateChain": { "type": "string" }, "privateKey": { "type": "string" } }, "type": "object", "required": [ "certificateChain", "privateKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlCertificateSd:getVirtualGatewaySpecListenerTlCertificateSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidation:getVirtualGatewaySpecListenerTlValidation": { "properties": { "subjectAlternativeNames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidationSubjectAlternativeName:getVirtualGatewaySpecListenerTlValidationSubjectAlternativeName" } }, "trusts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrust:getVirtualGatewaySpecListenerTlValidationTrust" } } }, "type": "object", "required": [ "subjectAlternativeNames", "trusts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidationSubjectAlternativeName:getVirtualGatewaySpecListenerTlValidationSubjectAlternativeName": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidationSubjectAlternativeNameMatch:getVirtualGatewaySpecListenerTlValidationSubjectAlternativeNameMatch" } } }, "type": "object", "required": [ "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidationSubjectAlternativeNameMatch:getVirtualGatewaySpecListenerTlValidationSubjectAlternativeNameMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "exacts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrust:getVirtualGatewaySpecListenerTlValidationTrust": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrustFile:getVirtualGatewaySpecListenerTlValidationTrustFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrustSd:getVirtualGatewaySpecListenerTlValidationTrustSd" } } }, "type": "object", "required": [ "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrustFile:getVirtualGatewaySpecListenerTlValidationTrustFile": { "properties": { "certificateChain": { "type": "string" } }, "type": "object", "required": [ "certificateChain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecListenerTlValidationTrustSd:getVirtualGatewaySpecListenerTlValidationTrustSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecLogging:getVirtualGatewaySpecLogging": { "properties": { "accessLogs": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecLoggingAccessLog:getVirtualGatewaySpecLoggingAccessLog" } } }, "type": "object", "required": [ "accessLogs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecLoggingAccessLog:getVirtualGatewaySpecLoggingAccessLog": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFile:getVirtualGatewaySpecLoggingAccessLogFile" } } }, "type": "object", "required": [ "files" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFile:getVirtualGatewaySpecLoggingAccessLogFile": { "properties": { "formats": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFileFormat:getVirtualGatewaySpecLoggingAccessLogFileFormat" } }, "path": { "type": "string" } }, "type": "object", "required": [ "formats", "path" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFileFormat:getVirtualGatewaySpecLoggingAccessLogFileFormat": { "properties": { "jsons": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFileFormatJson:getVirtualGatewaySpecLoggingAccessLogFileFormatJson" } }, "text": { "type": "string" } }, "type": "object", "required": [ "jsons", "text" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualGatewaySpecLoggingAccessLogFileFormatJson:getVirtualGatewaySpecLoggingAccessLogFileFormatJson": { "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "key", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpec:getVirtualNodeSpec": { "properties": { "backendDefaults": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefault:getVirtualNodeSpecBackendDefault" } }, "backends": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackend:getVirtualNodeSpecBackend" } }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListener:getVirtualNodeSpecListener" } }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecLogging:getVirtualNodeSpecLogging" } }, "serviceDiscoveries": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecServiceDiscovery:getVirtualNodeSpecServiceDiscovery" } } }, "type": "object", "required": [ "backends", "backendDefaults", "listeners", "loggings", "serviceDiscoveries" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackend:getVirtualNodeSpecBackend": { "properties": { "virtualServices": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualService:getVirtualNodeSpecBackendVirtualService" } } }, "type": "object", "required": [ "virtualServices" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefault:getVirtualNodeSpecBackendDefault": { "properties": { "clientPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicy:getVirtualNodeSpecBackendDefaultClientPolicy" } } }, "type": "object", "required": [ "clientPolicies" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicy:getVirtualNodeSpecBackendDefaultClientPolicy": { "properties": { "tls": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTl:getVirtualNodeSpecBackendDefaultClientPolicyTl" } } }, "type": "object", "required": [ "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTl:getVirtualNodeSpecBackendDefaultClientPolicyTl": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificate:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificate" } }, "enforce": { "type": "boolean" }, "ports": { "type": "array", "items": { "type": "integer" } }, "validations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidation:getVirtualNodeSpecBackendDefaultClientPolicyTlValidation" } } }, "type": "object", "required": [ "certificates", "enforce", "ports", "validations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificate:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificate": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateFile:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateSd:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateSd" } } }, "type": "object", "required": [ "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateFile:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateFile": { "properties": { "certificateChain": { "type": "string" }, "privateKey": { "type": "string" } }, "type": "object", "required": [ "certificateChain", "privateKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateSd:getVirtualNodeSpecBackendDefaultClientPolicyTlCertificateSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidation:getVirtualNodeSpecBackendDefaultClientPolicyTlValidation": { "properties": { "subjectAlternativeNames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName" } }, "trusts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrust:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrust" } } }, "type": "object", "required": [ "subjectAlternativeNames", "trusts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeName": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch" } } }, "type": "object", "required": [ "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationSubjectAlternativeNameMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "exacts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrust:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrust": { "properties": { "acms": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustAcm:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustAcm" } }, "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustFile:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustSd:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustSd" } } }, "type": "object", "required": [ "acms", "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustAcm:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "certificateAuthorityArns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustFile:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustFile": { "properties": { "certificateChain": { "type": "string" } }, "type": "object", "required": [ "certificateChain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustSd:getVirtualNodeSpecBackendDefaultClientPolicyTlValidationTrustSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualService:getVirtualNodeSpecBackendVirtualService": { "properties": { "clientPolicies": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicy:getVirtualNodeSpecBackendVirtualServiceClientPolicy" } }, "virtualServiceName": { "type": "string" } }, "type": "object", "required": [ "clientPolicies", "virtualServiceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicy:getVirtualNodeSpecBackendVirtualServiceClientPolicy": { "properties": { "tls": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTl:getVirtualNodeSpecBackendVirtualServiceClientPolicyTl" } } }, "type": "object", "required": [ "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTl:getVirtualNodeSpecBackendVirtualServiceClientPolicyTl": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificate:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificate" } }, "enforce": { "type": "boolean" }, "ports": { "type": "array", "items": { "type": "integer" } }, "validations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidation:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidation" } } }, "type": "object", "required": [ "certificates", "enforce", "ports", "validations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificate:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificate": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateFile:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateSd:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateSd" } } }, "type": "object", "required": [ "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateFile:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateFile": { "properties": { "certificateChain": { "type": "string" }, "privateKey": { "type": "string" } }, "type": "object", "required": [ "certificateChain", "privateKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateSd:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlCertificateSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidation:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidation": { "properties": { "subjectAlternativeNames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeName:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeName" } }, "trusts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrust:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrust" } } }, "type": "object", "required": [ "subjectAlternativeNames", "trusts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeName:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeName": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeNameMatch" } } }, "type": "object", "required": [ "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationSubjectAlternativeNameMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "exacts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrust:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrust": { "properties": { "acms": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustAcm:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustAcm" } }, "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustFile:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustSd:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustSd" } } }, "type": "object", "required": [ "acms", "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustAcm:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustAcm": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "certificateAuthorityArns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustFile:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustFile": { "properties": { "certificateChain": { "type": "string" } }, "type": "object", "required": [ "certificateChain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustSd:getVirtualNodeSpecBackendVirtualServiceClientPolicyTlValidationTrustSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListener:getVirtualNodeSpecListener": { "properties": { "connectionPools": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerConnectionPool:getVirtualNodeSpecListenerConnectionPool" } }, "healthChecks": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerHealthCheck:getVirtualNodeSpecListenerHealthCheck" } }, "outlierDetections": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerOutlierDetection:getVirtualNodeSpecListenerOutlierDetection" } }, "portMappings": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerPortMapping:getVirtualNodeSpecListenerPortMapping" } }, "timeouts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeout:getVirtualNodeSpecListenerTimeout" } }, "tls": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTl:getVirtualNodeSpecListenerTl" } } }, "type": "object", "required": [ "connectionPools", "healthChecks", "outlierDetections", "portMappings", "timeouts", "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerConnectionPool:getVirtualNodeSpecListenerConnectionPool": { "properties": { "grpcs": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerConnectionPoolGrpc:getVirtualNodeSpecListenerConnectionPoolGrpc" } }, "http2s": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerConnectionPoolHttp2:getVirtualNodeSpecListenerConnectionPoolHttp2" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerConnectionPoolHttp:getVirtualNodeSpecListenerConnectionPoolHttp" } }, "tcps": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerConnectionPoolTcp:getVirtualNodeSpecListenerConnectionPoolTcp" } } }, "type": "object", "required": [ "grpcs", "https", "http2s", "tcps" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerConnectionPoolGrpc:getVirtualNodeSpecListenerConnectionPoolGrpc": { "properties": { "maxRequests": { "type": "integer" } }, "type": "object", "required": [ "maxRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerConnectionPoolHttp2:getVirtualNodeSpecListenerConnectionPoolHttp2": { "properties": { "maxRequests": { "type": "integer" } }, "type": "object", "required": [ "maxRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerConnectionPoolHttp:getVirtualNodeSpecListenerConnectionPoolHttp": { "properties": { "maxConnections": { "type": "integer" }, "maxPendingRequests": { "type": "integer" } }, "type": "object", "required": [ "maxConnections", "maxPendingRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerConnectionPoolTcp:getVirtualNodeSpecListenerConnectionPoolTcp": { "properties": { "maxConnections": { "type": "integer" } }, "type": "object", "required": [ "maxConnections" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerHealthCheck:getVirtualNodeSpecListenerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer" }, "intervalMillis": { "type": "integer" }, "path": { "type": "string" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "timeoutMillis": { "type": "integer" }, "unhealthyThreshold": { "type": "integer" } }, "type": "object", "required": [ "healthyThreshold", "intervalMillis", "path", "port", "protocol", "timeoutMillis", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerOutlierDetection:getVirtualNodeSpecListenerOutlierDetection": { "properties": { "baseEjectionDurations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration:getVirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration" } }, "intervals": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerOutlierDetectionInterval:getVirtualNodeSpecListenerOutlierDetectionInterval" } }, "maxEjectionPercent": { "type": "integer" }, "maxServerErrors": { "type": "integer" } }, "type": "object", "required": [ "baseEjectionDurations", "intervals", "maxEjectionPercent", "maxServerErrors" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration:getVirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerOutlierDetectionInterval:getVirtualNodeSpecListenerOutlierDetectionInterval": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerPortMapping:getVirtualNodeSpecListenerPortMapping": { "properties": { "port": { "type": "integer" }, "protocol": { "type": "string" } }, "type": "object", "required": [ "port", "protocol" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeout:getVirtualNodeSpecListenerTimeout": { "properties": { "grpcs": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpc:getVirtualNodeSpecListenerTimeoutGrpc" } }, "http2s": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2:getVirtualNodeSpecListenerTimeoutHttp2" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp:getVirtualNodeSpecListenerTimeoutHttp" } }, "tcps": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutTcp:getVirtualNodeSpecListenerTimeoutTcp" } } }, "type": "object", "required": [ "grpcs", "https", "http2s", "tcps" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpc:getVirtualNodeSpecListenerTimeoutGrpc": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpcIdle:getVirtualNodeSpecListenerTimeoutGrpcIdle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpcPerRequest:getVirtualNodeSpecListenerTimeoutGrpcPerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpcIdle:getVirtualNodeSpecListenerTimeoutGrpcIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutGrpcPerRequest:getVirtualNodeSpecListenerTimeoutGrpcPerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2:getVirtualNodeSpecListenerTimeoutHttp2": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2Idle:getVirtualNodeSpecListenerTimeoutHttp2Idle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2PerRequest:getVirtualNodeSpecListenerTimeoutHttp2PerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2Idle:getVirtualNodeSpecListenerTimeoutHttp2Idle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp2PerRequest:getVirtualNodeSpecListenerTimeoutHttp2PerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttp:getVirtualNodeSpecListenerTimeoutHttp": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttpIdle:getVirtualNodeSpecListenerTimeoutHttpIdle" } }, "perRequests": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutHttpPerRequest:getVirtualNodeSpecListenerTimeoutHttpPerRequest" } } }, "type": "object", "required": [ "idles", "perRequests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttpIdle:getVirtualNodeSpecListenerTimeoutHttpIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutHttpPerRequest:getVirtualNodeSpecListenerTimeoutHttpPerRequest": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutTcp:getVirtualNodeSpecListenerTimeoutTcp": { "properties": { "idles": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTimeoutTcpIdle:getVirtualNodeSpecListenerTimeoutTcpIdle" } } }, "type": "object", "required": [ "idles" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTimeoutTcpIdle:getVirtualNodeSpecListenerTimeoutTcpIdle": { "properties": { "unit": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTl:getVirtualNodeSpecListenerTl": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlCertificate:getVirtualNodeSpecListenerTlCertificate" } }, "mode": { "type": "string" }, "validations": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidation:getVirtualNodeSpecListenerTlValidation" } } }, "type": "object", "required": [ "certificates", "mode", "validations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlCertificate:getVirtualNodeSpecListenerTlCertificate": { "properties": { "acms": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlCertificateAcm:getVirtualNodeSpecListenerTlCertificateAcm" } }, "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlCertificateFile:getVirtualNodeSpecListenerTlCertificateFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlCertificateSd:getVirtualNodeSpecListenerTlCertificateSd" } } }, "type": "object", "required": [ "acms", "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlCertificateAcm:getVirtualNodeSpecListenerTlCertificateAcm": { "properties": { "certificateArn": { "type": "string" } }, "type": "object", "required": [ "certificateArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlCertificateFile:getVirtualNodeSpecListenerTlCertificateFile": { "properties": { "certificateChain": { "type": "string" }, "privateKey": { "type": "string" } }, "type": "object", "required": [ "certificateChain", "privateKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlCertificateSd:getVirtualNodeSpecListenerTlCertificateSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidation:getVirtualNodeSpecListenerTlValidation": { "properties": { "subjectAlternativeNames": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidationSubjectAlternativeName:getVirtualNodeSpecListenerTlValidationSubjectAlternativeName" } }, "trusts": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidationTrust:getVirtualNodeSpecListenerTlValidationTrust" } } }, "type": "object", "required": [ "subjectAlternativeNames", "trusts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidationSubjectAlternativeName:getVirtualNodeSpecListenerTlValidationSubjectAlternativeName": { "properties": { "matches": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecListenerTlValidationSubjectAlternativeNameMatch" } } }, "type": "object", "required": [ "matches" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidationSubjectAlternativeNameMatch:getVirtualNodeSpecListenerTlValidationSubjectAlternativeNameMatch": { "properties": { "exacts": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "exacts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidationTrust:getVirtualNodeSpecListenerTlValidationTrust": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidationTrustFile:getVirtualNodeSpecListenerTlValidationTrustFile" } }, "sds": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecListenerTlValidationTrustSd:getVirtualNodeSpecListenerTlValidationTrustSd" } } }, "type": "object", "required": [ "files", "sds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidationTrustFile:getVirtualNodeSpecListenerTlValidationTrustFile": { "properties": { "certificateChain": { "type": "string" } }, "type": "object", "required": [ "certificateChain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecListenerTlValidationTrustSd:getVirtualNodeSpecListenerTlValidationTrustSd": { "properties": { "secretName": { "type": "string" } }, "type": "object", "required": [ "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecLogging:getVirtualNodeSpecLogging": { "properties": { "accessLogs": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecLoggingAccessLog:getVirtualNodeSpecLoggingAccessLog" } } }, "type": "object", "required": [ "accessLogs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecLoggingAccessLog:getVirtualNodeSpecLoggingAccessLog": { "properties": { "files": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecLoggingAccessLogFile:getVirtualNodeSpecLoggingAccessLogFile" } } }, "type": "object", "required": [ "files" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecLoggingAccessLogFile:getVirtualNodeSpecLoggingAccessLogFile": { "properties": { "formats": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecLoggingAccessLogFileFormat:getVirtualNodeSpecLoggingAccessLogFileFormat" } }, "path": { "type": "string" } }, "type": "object", "required": [ "formats", "path" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecLoggingAccessLogFileFormat:getVirtualNodeSpecLoggingAccessLogFileFormat": { "properties": { "jsons": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecLoggingAccessLogFileFormatJson:getVirtualNodeSpecLoggingAccessLogFileFormatJson" } }, "text": { "type": "string" } }, "type": "object", "required": [ "jsons", "text" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecLoggingAccessLogFileFormatJson:getVirtualNodeSpecLoggingAccessLogFileFormatJson": { "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "key", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecServiceDiscovery:getVirtualNodeSpecServiceDiscovery": { "properties": { "awsCloudMaps": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecServiceDiscoveryAwsCloudMap:getVirtualNodeSpecServiceDiscoveryAwsCloudMap" } }, "dns": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpecServiceDiscoveryDn:getVirtualNodeSpecServiceDiscoveryDn" } } }, "type": "object", "required": [ "awsCloudMaps", "dns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecServiceDiscoveryAwsCloudMap:getVirtualNodeSpecServiceDiscoveryAwsCloudMap": { "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" } }, "namespaceName": { "type": "string" }, "serviceName": { "type": "string" } }, "type": "object", "required": [ "attributes", "namespaceName", "serviceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualNodeSpecServiceDiscoveryDn:getVirtualNodeSpecServiceDiscoveryDn": { "properties": { "hostname": { "type": "string" }, "ipPreference": { "type": "string" }, "responseType": { "type": "string" } }, "type": "object", "required": [ "hostname", "ipPreference", "responseType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualRouterSpec:getVirtualRouterSpec": { "properties": { "listeners": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualRouterSpecListener:getVirtualRouterSpecListener" } } }, "type": "object", "required": [ "listeners" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualRouterSpecListener:getVirtualRouterSpecListener": { "properties": { "portMappings": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualRouterSpecListenerPortMapping:getVirtualRouterSpecListenerPortMapping" } } }, "type": "object", "required": [ "portMappings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualRouterSpecListenerPortMapping:getVirtualRouterSpecListenerPortMapping": { "properties": { "port": { "type": "integer" }, "protocol": { "type": "string" } }, "type": "object", "required": [ "port", "protocol" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualServiceSpec:getVirtualServiceSpec": { "properties": { "providers": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualServiceSpecProvider:getVirtualServiceSpecProvider" } } }, "type": "object", "required": [ "providers" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualServiceSpecProvider:getVirtualServiceSpecProvider": { "properties": { "virtualNodes": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualServiceSpecProviderVirtualNode:getVirtualServiceSpecProviderVirtualNode" } }, "virtualRouters": { "type": "array", "items": { "$ref": "#/types/aws:appmesh/getVirtualServiceSpecProviderVirtualRouter:getVirtualServiceSpecProviderVirtualRouter" } } }, "type": "object", "required": [ "virtualNodes", "virtualRouters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualServiceSpecProviderVirtualNode:getVirtualServiceSpecProviderVirtualNode": { "properties": { "virtualNodeName": { "type": "string" } }, "type": "object", "required": [ "virtualNodeName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appmesh/getVirtualServiceSpecProviderVirtualRouter:getVirtualServiceSpecProviderVirtualRouter": { "properties": { "virtualRouterName": { "type": "string" } }, "type": "object", "required": [ "virtualRouterName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:apprunner/CustomDomainAssociationCertificateValidationRecord:CustomDomainAssociationCertificateValidationRecord": { "properties": { "name": { "type": "string", "description": "Certificate CNAME record name.\n" }, "status": { "type": "string", "description": "Current state of the certificate CNAME record validation. It should change to `SUCCESS` after App Runner completes validation with your DNS.\n" }, "type": { "type": "string", "description": "Record type, always `CNAME`.\n" }, "value": { "type": "string", "description": "Certificate CNAME record value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name", "status", "type", "value" ] } } }, "aws:apprunner/DeploymentTimeouts:DeploymentTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:apprunner/ObservabilityConfigurationTraceConfiguration:ObservabilityConfigurationTraceConfiguration": { "properties": { "vendor": { "type": "string", "description": "Implementation provider chosen for tracing App Runner services. Valid values: `AWSXRAY`.\n" } }, "type": "object" }, "aws:apprunner/ServiceEncryptionConfiguration:ServiceEncryptionConfiguration": { "properties": { "kmsKey": { "type": "string", "description": "ARN of the KMS key used for encryption.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "kmsKey" ] }, "aws:apprunner/ServiceHealthCheckConfiguration:ServiceHealthCheckConfiguration": { "properties": { "healthyThreshold": { "type": "integer", "description": "Number of consecutive checks that must succeed before App Runner decides that the service is healthy. Defaults to 1. Minimum value of 1. Maximum value of 20.\n" }, "interval": { "type": "integer", "description": "Time interval, in seconds, between health checks. Defaults to 5. Minimum value of 1. Maximum value of 20.\n" }, "path": { "type": "string", "description": "URL to send requests to for health checks. Defaults to `/`. Minimum length of 0. Maximum length of 51200.\n" }, "protocol": { "type": "string", "description": "IP protocol that App Runner uses to perform health checks for your service. Valid values: `TCP`, `HTTP`. Defaults to `TCP`. If you set protocol to `HTTP`, App Runner sends health check requests to the HTTP path specified by `path`.\n" }, "timeout": { "type": "integer", "description": "Time, in seconds, to wait for a health check response before deciding it failed. Defaults to 2. Minimum value of 1. Maximum value of 20.\n" }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive checks that must fail before App Runner decides that the service is unhealthy. Defaults to 5. Minimum value of 1. Maximum value of 20.\n" } }, "type": "object" }, "aws:apprunner/ServiceInstanceConfiguration:ServiceInstanceConfiguration": { "properties": { "cpu": { "type": "string", "description": "Number of CPU units reserved for each instance of your App Runner service represented as a String. Defaults to `1024`. Valid values: `256|512|1024|2048|4096|(0.25|0.5|1|2|4) vCPU`.\n" }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that provides permissions to your App Runner service. These are permissions that your code needs when it calls any AWS APIs.\n" }, "memory": { "type": "string", "description": "Amount of memory, in MB or GB, reserved for each instance of your App Runner service. Defaults to `2048`. Valid values: `512|1024|2048|3072|4096|6144|8192|10240|12288|(0.5|1|2|3|4|6|8|10|12) GB`.\n" } }, "type": "object" }, "aws:apprunner/ServiceNetworkConfiguration:ServiceNetworkConfiguration": { "properties": { "egressConfiguration": { "$ref": "#/types/aws:apprunner/ServiceNetworkConfigurationEgressConfiguration:ServiceNetworkConfigurationEgressConfiguration", "description": "Network configuration settings for outbound message traffic. See Egress Configuration below for more details.\n" }, "ingressConfiguration": { "$ref": "#/types/aws:apprunner/ServiceNetworkConfigurationIngressConfiguration:ServiceNetworkConfigurationIngressConfiguration", "description": "Network configuration settings for inbound network traffic. See Ingress Configuration below for more details.\n" }, "ipAddressType": { "type": "string", "description": "App Runner provides you with the option to choose between Internet Protocol version 4 (IPv4) and dual stack (IPv4 and IPv6) for your incoming public network configuration. Valid values: `IPV4`, `DUAL_STACK`. Default: `IPV4`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "egressConfiguration", "ingressConfiguration" ] } } }, "aws:apprunner/ServiceNetworkConfigurationEgressConfiguration:ServiceNetworkConfigurationEgressConfiguration": { "properties": { "egressType": { "type": "string", "description": "The type of egress configuration. Valid values are: `DEFAULT` and `VPC`.\n" }, "vpcConnectorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to associate with your App Runner service. Only valid when `EgressType = VPC`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "egressType" ] } } }, "aws:apprunner/ServiceNetworkConfigurationIngressConfiguration:ServiceNetworkConfigurationIngressConfiguration": { "properties": { "isPubliclyAccessible": { "type": "boolean", "description": "Specifies whether your App Runner service is publicly accessible. To make the service publicly accessible set it to True. To make the service privately accessible, from only within an Amazon VPC set it to False.\n" } }, "type": "object" }, "aws:apprunner/ServiceObservabilityConfiguration:ServiceObservabilityConfiguration": { "properties": { "observabilityConfigurationArn": { "type": "string", "description": "ARN of the observability configuration that is associated with the service. Specified only when `observability_enabled` is `true`.\n" }, "observabilityEnabled": { "type": "boolean", "description": "When `true`, an observability configuration resource is associated with the service.\n" } }, "type": "object", "required": [ "observabilityEnabled" ] }, "aws:apprunner/ServiceSourceConfiguration:ServiceSourceConfiguration": { "properties": { "authenticationConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationAuthenticationConfiguration:ServiceSourceConfigurationAuthenticationConfiguration", "description": "Describes resources needed to authenticate access to some source repositories. See Authentication Configuration below for more details.\n" }, "autoDeploymentsEnabled": { "type": "boolean", "description": "Whether continuous integration from the source repository is enabled for the App Runner service. If set to `true`, each repository change (source code commit or new image version) starts a deployment. Defaults to `true`.\n" }, "codeRepository": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationCodeRepository:ServiceSourceConfigurationCodeRepository", "description": "Description of a source code repository. See Code Repository below for more details.\n" }, "imageRepository": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationImageRepository:ServiceSourceConfigurationImageRepository", "description": "Description of a source image repository. See Image Repository below for more details.\n" } }, "type": "object" }, "aws:apprunner/ServiceSourceConfigurationAuthenticationConfiguration:ServiceSourceConfigurationAuthenticationConfiguration": { "properties": { "accessRoleArn": { "type": "string", "description": "ARN of the IAM role that grants the App Runner service access to a source repository. Required for ECR image repositories (but not for ECR Public)\n" }, "connectionArn": { "type": "string", "description": "ARN of the App Runner connection that enables the App Runner service to connect to a source repository. Required for GitHub code repositories.\n" } }, "type": "object" }, "aws:apprunner/ServiceSourceConfigurationCodeRepository:ServiceSourceConfigurationCodeRepository": { "properties": { "codeConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationCodeRepositoryCodeConfiguration:ServiceSourceConfigurationCodeRepositoryCodeConfiguration", "description": "Configuration for building and running the service from a source code repository. See Code Configuration below for more details.\n" }, "repositoryUrl": { "type": "string", "description": "Location of the repository that contains the source code.\n" }, "sourceCodeVersion": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationCodeRepositorySourceCodeVersion:ServiceSourceConfigurationCodeRepositorySourceCodeVersion", "description": "Version that should be used within the source code repository. See Source Code Version below for more details.\n" }, "sourceDirectory": { "type": "string", "description": "The path of the directory that stores source code and configuration files. The build and start commands also execute from here. The path is absolute from root and, if not specified, defaults to the repository root.\n" } }, "type": "object", "required": [ "repositoryUrl", "sourceCodeVersion" ], "language": { "nodejs": { "requiredOutputs": [ "repositoryUrl", "sourceCodeVersion", "sourceDirectory" ] } } }, "aws:apprunner/ServiceSourceConfigurationCodeRepositoryCodeConfiguration:ServiceSourceConfigurationCodeRepositoryCodeConfiguration": { "properties": { "codeConfigurationValues": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues:ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues", "description": "Basic configuration for building and running the App Runner service. Use this parameter to quickly launch an App Runner service without providing an apprunner.yaml file in the source code repository (or ignoring the file if it exists). See Code Configuration Values below for more details.\n" }, "configurationSource": { "type": "string", "description": "Source of the App Runner configuration. Valid values: `REPOSITORY`, `API`. Values are interpreted as follows:\n* `REPOSITORY` - App Runner reads configuration values from the apprunner.yaml file in the\nsource code repository and ignores the CodeConfigurationValues parameter.\n* `API` - App Runner uses configuration values provided in the CodeConfigurationValues\nparameter and ignores the apprunner.yaml file in the source code repository.\n" } }, "type": "object", "required": [ "configurationSource" ] }, "aws:apprunner/ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues:ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues": { "properties": { "buildCommand": { "type": "string", "description": "Command App Runner runs to build your application.\n" }, "port": { "type": "string", "description": "Port that your application listens to in the container. Defaults to `\"8080\"`.\n" }, "runtime": { "type": "string", "description": "Runtime environment type for building and running an App Runner service. Represents a programming language runtime. Valid values: `PYTHON_3`, `NODEJS_12`, `NODEJS_14`, `NODEJS_16`, `CORRETTO_8`, `CORRETTO_11`, `GO_1`, `DOTNET_6`, `PHP_81`, `RUBY_31`.\n" }, "runtimeEnvironmentSecrets": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store.\n" }, "runtimeEnvironmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid.\n" }, "startCommand": { "type": "string", "description": "Command App Runner runs to start your application.\n" } }, "type": "object", "required": [ "runtime" ] }, "aws:apprunner/ServiceSourceConfigurationCodeRepositorySourceCodeVersion:ServiceSourceConfigurationCodeRepositorySourceCodeVersion": { "properties": { "type": { "type": "string", "description": "Type of version identifier. For a git-based repository, branches represent versions. Valid values: `BRANCH`.\n" }, "value": { "type": "string", "description": "Source code version. For a git-based repository, a branch name maps to a specific version. App Runner uses the most recent commit to the branch.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:apprunner/ServiceSourceConfigurationImageRepository:ServiceSourceConfigurationImageRepository": { "properties": { "imageConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfigurationImageRepositoryImageConfiguration:ServiceSourceConfigurationImageRepositoryImageConfiguration", "description": "Configuration for running the identified image. See Image Configuration below for more details.\n" }, "imageIdentifier": { "type": "string", "description": "Identifier of an image. For an image in Amazon Elastic Container Registry (Amazon ECR), this is an image name. For the\nimage name format, see Pulling an image in the Amazon ECR User Guide.\n" }, "imageRepositoryType": { "type": "string", "description": "Type of the image repository. This reflects the repository provider and whether the repository is private or public. Valid values: `ECR` , `ECR_PUBLIC`.\n" } }, "type": "object", "required": [ "imageIdentifier", "imageRepositoryType" ] }, "aws:apprunner/ServiceSourceConfigurationImageRepositoryImageConfiguration:ServiceSourceConfigurationImageRepositoryImageConfiguration": { "properties": { "port": { "type": "string", "description": "Port that your application listens to in the container. Defaults to `\"8080\"`.\n" }, "runtimeEnvironmentSecrets": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store.\n" }, "runtimeEnvironmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid.\n" }, "startCommand": { "type": "string", "description": "Command App Runner runs to start the application in the source image. If specified, this command overrides the Docker image’s default start command.\n" } }, "type": "object" }, "aws:apprunner/VpcIngressConnectionIngressVpcConfiguration:VpcIngressConnectionIngressVpcConfiguration": { "properties": { "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint that your App Runner service connects to.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that is used for the VPC endpoint.\n" } }, "type": "object" }, "aws:appstream/DirectoryConfigServiceAccountCredentials:DirectoryConfigServiceAccountCredentials": { "properties": { "accountName": { "type": "string", "description": "User name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.\n" }, "accountPassword": { "type": "string", "description": "Password for the account.\n", "secret": true } }, "type": "object", "required": [ "accountName", "accountPassword" ] }, "aws:appstream/FleetComputeCapacity:FleetComputeCapacity": { "properties": { "available": { "type": "integer", "description": "Number of currently available instances that can be used to stream sessions.\n" }, "desiredInstances": { "type": "integer", "description": "Desired number of streaming instances.\n" }, "desiredSessions": { "type": "integer", "description": "Desired number of user sessions for a multi-session fleet. This is not allowed for single-session fleets.\n" }, "inUse": { "type": "integer", "description": "Number of instances in use for streaming.\n" }, "running": { "type": "integer", "description": "Total number of simultaneous streaming instances that are running.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "available", "inUse", "running" ] } } }, "aws:appstream/FleetDomainJoinInfo:FleetDomainJoinInfo": { "properties": { "directoryName": { "type": "string", "description": "Fully qualified name of the directory (for example, corp.example.com).\n" }, "organizationalUnitDistinguishedName": { "type": "string", "description": "Distinguished name of the organizational unit for computer accounts.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "directoryName", "organizationalUnitDistinguishedName" ] } } }, "aws:appstream/FleetVpcConfig:FleetVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the security groups for the fleet or image builder.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds" ] } } }, "aws:appstream/ImageBuilderAccessEndpoint:ImageBuilderAccessEndpoint": { "properties": { "endpointType": { "type": "string", "description": "Type of interface endpoint. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AccessEndpoint.html).\n" }, "vpceId": { "type": "string", "description": "Identifier (ID) of the interface VPC endpoint.\n" } }, "type": "object", "required": [ "endpointType" ], "language": { "nodejs": { "requiredOutputs": [ "endpointType", "vpceId" ] } } }, "aws:appstream/ImageBuilderDomainJoinInfo:ImageBuilderDomainJoinInfo": { "properties": { "directoryName": { "type": "string", "description": "Fully qualified name of the directory (for example, corp.example.com).\n" }, "organizationalUnitDistinguishedName": { "type": "string", "description": "Distinguished name of the organizational unit for computer accounts.\n" } }, "type": "object" }, "aws:appstream/ImageBuilderVpcConfig:ImageBuilderVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the security groups for the image builder or image builder.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifier of the subnet to which a network interface is attached from the image builder instance.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds" ] } } }, "aws:appstream/StackAccessEndpoint:StackAccessEndpoint": { "properties": { "endpointType": { "type": "string", "description": "Type of the interface endpoint.\nSee the [`AccessEndpoint` AWS API documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AccessEndpoint.html) for valid values.\n" }, "vpceId": { "type": "string", "description": "ID of the VPC in which the interface endpoint is used.\n" } }, "type": "object", "required": [ "endpointType" ], "language": { "nodejs": { "requiredOutputs": [ "endpointType", "vpceId" ] } } }, "aws:appstream/StackApplicationSettings:StackApplicationSettings": { "properties": { "enabled": { "type": "boolean", "description": "Whether application settings should be persisted.\n" }, "settingsGroup": { "type": "string", "description": "Name of the settings group.\nRequired when `enabled` is `true`.\nCan be up to 100 characters.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:appstream/StackStorageConnector:StackStorageConnector": { "properties": { "connectorType": { "type": "string", "description": "Type of storage connector.\nValid values are `HOMEFOLDERS`, `GOOGLE_DRIVE`, or `ONE_DRIVE`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "Names of the domains for the account.\n" }, "resourceIdentifier": { "type": "string", "description": "ARN of the storage connector.\n" } }, "type": "object", "required": [ "connectorType" ], "language": { "nodejs": { "requiredOutputs": [ "connectorType", "domains", "resourceIdentifier" ] } } }, "aws:appstream/StackStreamingExperienceSettings:StackStreamingExperienceSettings": { "properties": { "preferredProtocol": { "type": "string", "description": "The preferred protocol that you want to use while streaming your application.\nValid values are `TCP` and `UDP`.\n" } }, "type": "object" }, "aws:appstream/StackUserSetting:StackUserSetting": { "properties": { "action": { "type": "string", "description": "Action that is enabled or disabled.\nValid values are `CLIPBOARD_COPY_FROM_LOCAL_DEVICE`, `CLIPBOARD_COPY_TO_LOCAL_DEVICE`, `FILE_UPLOAD`, `FILE_DOWNLOAD`, `PRINTING_TO_LOCAL_DEVICE`, `DOMAIN_PASSWORD_SIGNIN`, or `DOMAIN_SMART_CARD_SIGNIN`.\n" }, "permission": { "type": "string", "description": "Whether the action is enabled or disabled.\nValid values are `ENABLED` or `DISABLED`.\n" } }, "type": "object", "required": [ "action", "permission" ] }, "aws:appstream/getImageApplication:getImageApplication": { "properties": { "appBlockArn": { "type": "string", "description": "The app block ARN of the application.\n" }, "arn": { "type": "string", "description": "Arn of the image being searched for. Cannot be used with name_regex or name.\n" }, "createdTime": { "type": "string", "description": "Time at which this image was created.\n" }, "description": { "type": "string", "description": "Description of image.\n" }, "displayName": { "type": "string", "description": "Image name to display.\n" }, "enabled": { "type": "boolean", "description": "Bool based on if the application is enabled.\n" }, "iconS3Locations": { "type": "array", "items": { "$ref": "#/types/aws:appstream/getImageApplicationIconS3Location:getImageApplicationIconS3Location" }, "description": "A list named icon_s3_location that contains the following:\n" }, "iconUrl": { "type": "string", "description": "URL of the application icon. This URL may be time-limited.\n" }, "instanceFamilies": { "type": "array", "items": { "type": "string" }, "description": "List of the instance families of the application.\n" }, "launchParameters": { "type": "string", "description": "Arguments that are passed to the application at it's launch.\n" }, "launchPath": { "type": "string", "description": "Path to the application's excecutable in the instance.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "String to string map that contains additional attributes used to describe the application.\n* `Name` - Name of the application.\n" }, "name": { "type": "string", "description": "Name of the image being searched for. Cannot be used with name_regex or arn.\n" }, "platforms": { "type": "array", "items": { "type": "string" }, "description": "Array of strings describing the platforms on which the application can run.\nValues will be from: WINDOWS | WINDOWS_SERVER_2016 | WINDOWS_SERVER_2019 | WINDOWS_SERVER_2022 | AMAZON_LINUX2\n" }, "workingDirectory": { "type": "string", "description": "Working directory for the application.\n" } }, "type": "object", "required": [ "appBlockArn", "arn", "createdTime", "description", "displayName", "enabled", "iconS3Locations", "iconUrl", "instanceFamilies", "launchParameters", "launchPath", "metadata", "name", "platforms", "workingDirectory" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appstream/getImageApplicationIconS3Location:getImageApplicationIconS3Location": { "properties": { "s3Bucket": { "type": "string", "description": "S3 bucket of the S3 object.\n" }, "s3Key": { "type": "string", "description": "S3 key of the S3 object.\n" } }, "type": "object", "required": [ "s3Bucket", "s3Key" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appstream/getImageImagePermission:getImageImagePermission": { "properties": { "allowFleet": { "type": "boolean", "description": "Boolean indicating if the image can be used for a fleet.\n" }, "allowImageBuilder": { "type": "boolean", "description": "indicated whether the image can be used for an image builder.\n" } }, "type": "object", "required": [ "allowFleet", "allowImageBuilder" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appstream/getImageStateChangeReason:getImageStateChangeReason": { "properties": { "code": { "type": "string" }, "message": { "type": "string" } }, "type": "object", "required": [ "code", "message" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig": { "properties": { "deltaSyncConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfigDeltaSyncConfig:DataSourceDynamodbConfigDeltaSyncConfig", "description": "The DeltaSyncConfig for a versioned data source. See `delta_sync_config` Block for details.\n" }, "region": { "type": "string", "description": "AWS region of the DynamoDB table. Defaults to current region.\n" }, "tableName": { "type": "string", "description": "Name of the DynamoDB table.\n" }, "useCallerCredentials": { "type": "boolean", "description": "Set to `true` to use Amazon Cognito credentials with this data source.\n" }, "versioned": { "type": "boolean", "description": "Detects Conflict Detection and Resolution with this data source.\n" } }, "type": "object", "required": [ "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "region", "tableName" ] } } }, "aws:appsync/DataSourceDynamodbConfigDeltaSyncConfig:DataSourceDynamodbConfigDeltaSyncConfig": { "properties": { "baseTableTtl": { "type": "integer", "description": "The number of minutes that an Item is stored in the data source.\n" }, "deltaSyncTableName": { "type": "string", "description": "The table name.\n" }, "deltaSyncTableTtl": { "type": "integer", "description": "The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.\n" } }, "type": "object", "required": [ "deltaSyncTableName" ] }, "aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig": { "properties": { "endpoint": { "type": "string", "description": "HTTP endpoint of the Elasticsearch domain.\n" }, "region": { "type": "string", "description": "AWS region of Elasticsearch domain. Defaults to current region.\n" } }, "type": "object", "required": [ "endpoint" ], "language": { "nodejs": { "requiredOutputs": [ "endpoint", "region" ] } } }, "aws:appsync/DataSourceEventBridgeConfig:DataSourceEventBridgeConfig": { "properties": { "eventBusArn": { "type": "string", "description": "ARN for the EventBridge bus.\n" } }, "type": "object", "required": [ "eventBusArn" ] }, "aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig": { "properties": { "authorizationConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfigAuthorizationConfig:DataSourceHttpConfigAuthorizationConfig", "description": "Authorization configuration in case the HTTP endpoint requires authorization. See `authorization_config` Block for details.\n" }, "endpoint": { "type": "string", "description": "HTTP URL.\n" } }, "type": "object", "required": [ "endpoint" ] }, "aws:appsync/DataSourceHttpConfigAuthorizationConfig:DataSourceHttpConfigAuthorizationConfig": { "properties": { "authorizationType": { "type": "string", "description": "Authorization type that the HTTP endpoint requires. Default values is `AWS_IAM`.\n" }, "awsIamConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfigAuthorizationConfigAwsIamConfig:DataSourceHttpConfigAuthorizationConfigAwsIamConfig", "description": "Identity and Access Management (IAM) settings. See `aws_iam_config` Block for details.\n" } }, "type": "object" }, "aws:appsync/DataSourceHttpConfigAuthorizationConfigAwsIamConfig:DataSourceHttpConfigAuthorizationConfigAwsIamConfig": { "properties": { "signingRegion": { "type": "string", "description": "Signing Amazon Web Services Region for IAM authorization.\n" }, "signingServiceName": { "type": "string", "description": "Signing service name for IAM authorization.\n" } }, "type": "object" }, "aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig": { "properties": { "functionArn": { "type": "string", "description": "ARN for the Lambda function.\n" } }, "type": "object", "required": [ "functionArn" ] }, "aws:appsync/DataSourceOpensearchserviceConfig:DataSourceOpensearchserviceConfig": { "properties": { "endpoint": { "type": "string", "description": "HTTP endpoint of the OpenSearch domain.\n" }, "region": { "type": "string", "description": "AWS region of the OpenSearch domain. Defaults to current region.\n" } }, "type": "object", "required": [ "endpoint" ], "language": { "nodejs": { "requiredOutputs": [ "endpoint", "region" ] } } }, "aws:appsync/DataSourceRelationalDatabaseConfig:DataSourceRelationalDatabaseConfig": { "properties": { "httpEndpointConfig": { "$ref": "#/types/aws:appsync/DataSourceRelationalDatabaseConfigHttpEndpointConfig:DataSourceRelationalDatabaseConfigHttpEndpointConfig", "description": "Amazon RDS HTTP endpoint configuration. See `http_endpoint_config` Block for details.\n" }, "sourceType": { "type": "string", "description": "Source type for the relational database. Valid values: `RDS_HTTP_ENDPOINT`.\n" } }, "type": "object" }, "aws:appsync/DataSourceRelationalDatabaseConfigHttpEndpointConfig:DataSourceRelationalDatabaseConfigHttpEndpointConfig": { "properties": { "awsSecretStoreArn": { "type": "string", "description": "AWS secret store ARN for database credentials.\n" }, "databaseName": { "type": "string", "description": "Logical database name.\n" }, "dbClusterIdentifier": { "type": "string", "description": "Amazon RDS cluster identifier.\n" }, "region": { "type": "string", "description": "AWS Region for RDS HTTP endpoint. Defaults to current region.\n" }, "schema": { "type": "string", "description": "Logical schema name.\n" } }, "type": "object", "required": [ "awsSecretStoreArn", "dbClusterIdentifier" ], "language": { "nodejs": { "requiredOutputs": [ "awsSecretStoreArn", "dbClusterIdentifier", "region" ] } } }, "aws:appsync/FunctionRuntime:FunctionRuntime": { "properties": { "name": { "type": "string", "description": "The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`.\n" }, "runtimeVersion": { "type": "string", "description": "The version of the runtime to use. Currently, the only allowed version is `1.0.0`.\n" } }, "type": "object", "required": [ "name", "runtimeVersion" ] }, "aws:appsync/FunctionSyncConfig:FunctionSyncConfig": { "properties": { "conflictDetection": { "type": "string", "description": "Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`.\n" }, "conflictHandler": { "type": "string", "description": "Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`.\n" }, "lambdaConflictHandlerConfig": { "$ref": "#/types/aws:appsync/FunctionSyncConfigLambdaConflictHandlerConfig:FunctionSyncConfigLambdaConflictHandlerConfig", "description": "Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See `lambda_conflict_handler_config` Block for details.\n" } }, "type": "object" }, "aws:appsync/FunctionSyncConfigLambdaConflictHandlerConfig:FunctionSyncConfigLambdaConflictHandlerConfig": { "properties": { "lambdaConflictHandlerArn": { "type": "string", "description": "ARN for the Lambda function to use as the Conflict Handler.\n" } }, "type": "object" }, "aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider": { "properties": { "authenticationType": { "type": "string", "description": "Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`\n" }, "lambdaAuthorizerConfig": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig:GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig", "description": "Nested argument containing Lambda authorizer configuration. See `lambda_authorizer_config` Block for details.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig:GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. See `openid_connect_config` Block for details.\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProviderUserPoolConfig:GraphQLApiAdditionalAuthenticationProviderUserPoolConfig", "description": "Amazon Cognito User Pool configuration. See `user_pool_config` Block for details.\n" } }, "type": "object", "required": [ "authenticationType" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig:GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig": { "properties": { "authorizerResultTtlInSeconds": { "type": "integer", "description": "Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600.\n" }, "authorizerUri": { "type": "string", "description": "ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`.\n" }, "identityValidationExpression": { "type": "string", "description": "Regular expression for validation of tokens before the Lambda function is called.\n" } }, "type": "object", "required": [ "authorizerUri" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig:GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig": { "properties": { "authTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being authenticated.\n" }, "clientId": { "type": "string", "description": "Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.\n" }, "iatTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being issued to a user.\n" }, "issuer": { "type": "string", "description": "Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.\n" } }, "type": "object", "required": [ "issuer" ] }, "aws:appsync/GraphQLApiAdditionalAuthenticationProviderUserPoolConfig:GraphQLApiAdditionalAuthenticationProviderUserPoolConfig": { "properties": { "appIdClientRegex": { "type": "string", "description": "Regular expression for validating the incoming Amazon Cognito User Pool app client ID.\n" }, "awsRegion": { "type": "string", "description": "AWS region in which the user pool was created.\n" }, "userPoolId": { "type": "string", "description": "User pool ID.\n" } }, "type": "object", "required": [ "userPoolId" ], "language": { "nodejs": { "requiredOutputs": [ "awsRegion", "userPoolId" ] } } }, "aws:appsync/GraphQLApiLambdaAuthorizerConfig:GraphQLApiLambdaAuthorizerConfig": { "properties": { "authorizerResultTtlInSeconds": { "type": "integer", "description": "Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600.\n" }, "authorizerUri": { "type": "string", "description": "ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`.\n" }, "identityValidationExpression": { "type": "string", "description": "Regular expression for validation of tokens before the Lambda function is called.\n" } }, "type": "object", "required": [ "authorizerUri" ] }, "aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig": { "properties": { "cloudwatchLogsRoleArn": { "type": "string", "description": "Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.\n" }, "excludeVerboseContent": { "type": "boolean", "description": "Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values: `true`, `false`. Default value: `false`\n" }, "fieldLogLevel": { "type": "string", "description": "Field logging level. Valid values: `ALL`, `ERROR`, `NONE`.\n" } }, "type": "object", "required": [ "cloudwatchLogsRoleArn", "fieldLogLevel" ] }, "aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig": { "properties": { "authTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being authenticated.\n" }, "clientId": { "type": "string", "description": "Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.\n" }, "iatTtl": { "type": "integer", "description": "Number of milliseconds a token is valid after being issued to a user.\n" }, "issuer": { "type": "string", "description": "Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.\n" } }, "type": "object", "required": [ "issuer" ] }, "aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig": { "properties": { "appIdClientRegex": { "type": "string", "description": "Regular expression for validating the incoming Amazon Cognito User Pool app client ID.\n" }, "awsRegion": { "type": "string", "description": "AWS region in which the user pool was created.\n" }, "defaultAction": { "type": "string", "description": "Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid: `ALLOW` and `DENY`\n" }, "userPoolId": { "type": "string", "description": "User pool ID.\n" } }, "type": "object", "required": [ "defaultAction", "userPoolId" ], "language": { "nodejs": { "requiredOutputs": [ "awsRegion", "defaultAction", "userPoolId" ] } } }, "aws:appsync/ResolverCachingConfig:ResolverCachingConfig": { "properties": { "cachingKeys": { "type": "array", "items": { "type": "string" }, "description": "The caching keys for a resolver that has caching activated. Valid values are entries from the $context.arguments, $context.source, and $context.identity maps.\n" }, "ttl": { "type": "integer", "description": "The TTL in seconds for a resolver that has caching activated. Valid values are between `1` and `3600` seconds.\n" } }, "type": "object" }, "aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig": { "properties": { "functions": { "type": "array", "items": { "type": "string" }, "description": "A list of Function objects.\n" } }, "type": "object" }, "aws:appsync/ResolverRuntime:ResolverRuntime": { "properties": { "name": { "type": "string", "description": "The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`.\n" }, "runtimeVersion": { "type": "string", "description": "The version of the runtime to use. Currently, the only allowed version is `1.0.0`.\n" } }, "type": "object", "required": [ "name", "runtimeVersion" ] }, "aws:appsync/ResolverSyncConfig:ResolverSyncConfig": { "properties": { "conflictDetection": { "type": "string", "description": "Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`.\n" }, "conflictHandler": { "type": "string", "description": "Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`.\n" }, "lambdaConflictHandlerConfig": { "$ref": "#/types/aws:appsync/ResolverSyncConfigLambdaConflictHandlerConfig:ResolverSyncConfigLambdaConflictHandlerConfig", "description": "Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See Lambda Conflict Handler Config.\n" } }, "type": "object" }, "aws:appsync/ResolverSyncConfigLambdaConflictHandlerConfig:ResolverSyncConfigLambdaConflictHandlerConfig": { "properties": { "lambdaConflictHandlerArn": { "type": "string", "description": "ARN for the Lambda function to use as the Conflict Handler.\n" } }, "type": "object" }, "aws:athena/DatabaseAclConfiguration:DatabaseAclConfiguration": { "properties": { "s3AclOption": { "type": "string", "description": "Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`.\n\n\u003e **NOTE:** When Athena queries are executed, result files may be created in the specified bucket. Consider using `force_destroy` on the bucket too in order to avoid any problems when destroying the bucket.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3AclOption" ] }, "aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration": { "properties": { "encryptionOption": { "type": "string", "description": "Type of key; one of `SSE_S3`, `SSE_KMS`, `CSE_KMS`\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "KMS key ARN or ID; required for key types `SSE_KMS` and `CSE_KMS`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "encryptionOption" ] }, "aws:athena/WorkgroupConfiguration:WorkgroupConfiguration": { "properties": { "bytesScannedCutoffPerQuery": { "type": "integer", "description": "Integer for the upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. Must be at least `10485760`.\n" }, "enforceWorkgroupConfiguration": { "type": "boolean", "description": "Boolean whether the settings for the workgroup override client-side settings. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html). Defaults to `true`.\n" }, "engineVersion": { "$ref": "#/types/aws:athena/WorkgroupConfigurationEngineVersion:WorkgroupConfigurationEngineVersion", "description": "Configuration block for the Athena Engine Versioning. For more information, see [Athena Engine Versioning](https://docs.aws.amazon.com/athena/latest/ug/engine-versions.html). See Engine Version below.\n" }, "executionRole": { "type": "string", "description": "Role used in a notebook session for accessing the user's resources.\n" }, "publishCloudwatchMetricsEnabled": { "type": "boolean", "description": "Boolean whether Amazon CloudWatch metrics are enabled for the workgroup. Defaults to `true`.\n" }, "requesterPaysEnabled": { "type": "boolean", "description": "If set to true , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to false , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is false . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the Amazon Simple Storage Service Developer Guide.\n" }, "resultConfiguration": { "$ref": "#/types/aws:athena/WorkgroupConfigurationResultConfiguration:WorkgroupConfigurationResultConfiguration", "description": "Configuration block with result settings. See Result Configuration below.\n" } }, "type": "object" }, "aws:athena/WorkgroupConfigurationEngineVersion:WorkgroupConfigurationEngineVersion": { "properties": { "effectiveEngineVersion": { "type": "string", "description": "The engine version on which the query runs. If `selected_engine_version` is set to `AUTO`, the effective engine version is chosen by Athena.\n" }, "selectedEngineVersion": { "type": "string", "description": "Requested engine version. Defaults to `AUTO`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "effectiveEngineVersion" ] } } }, "aws:athena/WorkgroupConfigurationResultConfiguration:WorkgroupConfigurationResultConfiguration": { "properties": { "aclConfiguration": { "$ref": "#/types/aws:athena/WorkgroupConfigurationResultConfigurationAclConfiguration:WorkgroupConfigurationResultConfigurationAclConfiguration", "description": "That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/WorkgroupConfigurationResultConfigurationEncryptionConfiguration:WorkgroupConfigurationResultConfigurationEncryptionConfiguration", "description": "Configuration block with encryption settings. See Encryption Configuration below.\n" }, "expectedBucketOwner": { "type": "string", "description": "AWS account ID that you expect to be the owner of the Amazon S3 bucket.\n" }, "outputLocation": { "type": "string", "description": "Location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/`. For more information, see [Queries and Query Result Files](https://docs.aws.amazon.com/athena/latest/ug/querying.html).\n" } }, "type": "object" }, "aws:athena/WorkgroupConfigurationResultConfigurationAclConfiguration:WorkgroupConfigurationResultConfigurationAclConfiguration": { "properties": { "s3AclOption": { "type": "string", "description": "Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`.\n" } }, "type": "object", "required": [ "s3AclOption" ] }, "aws:athena/WorkgroupConfigurationResultConfigurationEncryptionConfiguration:WorkgroupConfigurationResultConfigurationEncryptionConfiguration": { "properties": { "encryptionOption": { "type": "string", "description": "Whether Amazon S3 server-side encryption with Amazon S3-managed keys (`SSE_S3`), server-side encryption with KMS-managed keys (`SSE_KMS`), or client-side encryption with KMS-managed keys (`CSE_KMS`) is used. If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup.\n" }, "kmsKeyArn": { "type": "string", "description": "For `SSE_KMS` and `CSE_KMS`, this is the KMS key ARN.\n" } }, "type": "object" }, "aws:auditmanager/AssessmentAssessmentReportsDestination:AssessmentAssessmentReportsDestination": { "properties": { "destination": { "type": "string", "description": "Destination of the assessment report. This value be in the form `s3://{bucket_name}`.\n" }, "destinationType": { "type": "string", "description": "Destination type. Currently, `S3` is the only valid value.\n" } }, "type": "object", "required": [ "destination", "destinationType" ] }, "aws:auditmanager/AssessmentRole:AssessmentRole": { "properties": { "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\n" }, "roleType": { "type": "string", "description": "Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`.\n" } }, "type": "object", "required": [ "roleArn", "roleType" ] }, "aws:auditmanager/AssessmentRolesAll:AssessmentRolesAll": { "properties": { "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\n" }, "roleType": { "type": "string", "description": "Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`.\n" } }, "type": "object", "required": [ "roleArn", "roleType" ] }, "aws:auditmanager/AssessmentScope:AssessmentScope": { "properties": { "awsAccounts": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentScopeAwsAccount:AssessmentScopeAwsAccount" }, "description": "Amazon Web Services accounts that are in scope for the assessment. See `aws_accounts` below.\n" }, "awsServices": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentScopeAwsService:AssessmentScopeAwsService" }, "description": "Amazon Web Services services that are included in the scope of the assessment. See `aws_services` below.\n" } }, "type": "object" }, "aws:auditmanager/AssessmentScopeAwsAccount:AssessmentScopeAwsAccount": { "properties": { "id": { "type": "string", "description": "Identifier for the Amazon Web Services account.\n" } }, "type": "object", "required": [ "id" ] }, "aws:auditmanager/AssessmentScopeAwsService:AssessmentScopeAwsService": { "properties": { "serviceName": { "type": "string", "description": "Name of the Amazon Web Service.\n" } }, "type": "object", "required": [ "serviceName" ] }, "aws:auditmanager/ControlControlMappingSource:ControlControlMappingSource": { "properties": { "sourceDescription": { "type": "string", "description": "Description of the source.\n" }, "sourceFrequency": { "type": "string", "description": "Frequency of evidence collection. Valid values are `DAILY`, `WEEKLY`, or `MONTHLY`.\n" }, "sourceId": { "type": "string" }, "sourceKeyword": { "$ref": "#/types/aws:auditmanager/ControlControlMappingSourceSourceKeyword:ControlControlMappingSourceSourceKeyword", "description": "The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names. See `source_keyword` below.\n" }, "sourceName": { "type": "string", "description": "Name of the source.\n" }, "sourceSetUpOption": { "type": "string", "description": "The setup option for the data source. This option reflects if the evidence collection is automated or manual. Valid values are `System_Controls_Mapping` (automated) and `Procedural_Controls_Mapping` (manual).\n" }, "sourceType": { "type": "string", "description": "Type of data source for evidence collection. If `source_set_up_option` is manual, the only valid value is `MANUAL`. If `source_set_up_option` is automated, valid values are `AWS_Cloudtrail`, `AWS_Config`, `AWS_Security_Hub`, or `AWS_API_Call`.\n\nThe following arguments are optional:\n" }, "troubleshootingText": { "type": "string", "description": "Instructions for troubleshooting the control.\n" } }, "type": "object", "required": [ "sourceName", "sourceSetUpOption", "sourceType" ], "language": { "nodejs": { "requiredOutputs": [ "sourceId", "sourceName", "sourceSetUpOption", "sourceType" ] } } }, "aws:auditmanager/ControlControlMappingSourceSourceKeyword:ControlControlMappingSourceSourceKeyword": { "properties": { "keywordInputType": { "type": "string", "description": "Input method for the keyword. Valid values are `SELECT_FROM_LIST`.\n" }, "keywordValue": { "type": "string", "description": "The value of the keyword that's used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call. See the [Audit Manager supported control data sources documentation](https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources.html) for more information.\n" } }, "type": "object", "required": [ "keywordInputType", "keywordValue" ] }, "aws:auditmanager/FrameworkControlSet:FrameworkControlSet": { "properties": { "controls": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/FrameworkControlSetControl:FrameworkControlSetControl" }, "description": "Configuration block(s) for the controls within the control set. See `controls` Block below for details.\n" }, "id": { "type": "string", "description": "Unique identifier for the framework.\n" }, "name": { "type": "string", "description": "Name of the control set.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "id", "name" ] } } }, "aws:auditmanager/FrameworkControlSetControl:FrameworkControlSetControl": { "properties": { "id": { "type": "string", "description": "Unique identifier of the control.\n" } }, "type": "object", "required": [ "id" ] }, "aws:auditmanager/getControlControlMappingSource:getControlControlMappingSource": { "properties": { "sourceDescription": { "type": "string" }, "sourceFrequency": { "type": "string" }, "sourceId": { "type": "string" }, "sourceKeyword": { "$ref": "#/types/aws:auditmanager/getControlControlMappingSourceSourceKeyword:getControlControlMappingSourceSourceKeyword" }, "sourceName": { "type": "string" }, "sourceSetUpOption": { "type": "string" }, "sourceType": { "type": "string" }, "troubleshootingText": { "type": "string" } }, "type": "object", "required": [ "sourceDescription", "sourceFrequency", "sourceId", "sourceName", "sourceSetUpOption", "sourceType", "troubleshootingText" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:auditmanager/getControlControlMappingSourceSourceKeyword:getControlControlMappingSourceSourceKeyword": { "properties": { "keywordInputType": { "type": "string" }, "keywordValue": { "type": "string" } }, "type": "object", "required": [ "keywordInputType", "keywordValue" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:auditmanager/getFrameworkControlSet:getFrameworkControlSet": { "properties": { "controls": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/getFrameworkControlSetControl:getFrameworkControlSetControl" } }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the framework.\n" } }, "type": "object", "required": [ "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:auditmanager/getFrameworkControlSetControl:getFrameworkControlSetControl": { "properties": { "id": { "type": "string" } }, "type": "object", "required": [ "id" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook": { "properties": { "defaultResult": { "type": "string", "willReplaceOnChanges": true }, "heartbeatTimeout": { "type": "integer", "willReplaceOnChanges": true }, "lifecycleTransition": { "type": "string", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "notificationMetadata": { "type": "string", "willReplaceOnChanges": true }, "notificationTargetArn": { "type": "string", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "lifecycleTransition", "name" ], "language": { "nodejs": { "requiredOutputs": [ "defaultResult", "lifecycleTransition", "name" ] } } }, "aws:autoscaling/GroupInstanceMaintenancePolicy:GroupInstanceMaintenancePolicy": { "properties": { "maxHealthyPercentage": { "type": "integer", "description": "Specifies the upper limit on the number of instances that are in the InService or Pending state with a healthy status during an instance replacement activity.\n" }, "minHealthyPercentage": { "type": "integer", "description": "Specifies the lower limit on the number of instances that must be in the InService state with a healthy status during an instance replacement activity.\n" } }, "type": "object", "required": [ "maxHealthyPercentage", "minHealthyPercentage" ] }, "aws:autoscaling/GroupInstanceRefresh:GroupInstanceRefresh": { "properties": { "preferences": { "$ref": "#/types/aws:autoscaling/GroupInstanceRefreshPreferences:GroupInstanceRefreshPreferences", "description": "Override default parameters for Instance Refresh.\n" }, "strategy": { "type": "string", "description": "Strategy to use for instance refresh. The only allowed value is `Rolling`. See [StartInstanceRefresh Action](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_StartInstanceRefresh.html#API_StartInstanceRefresh_RequestParameters) for more information.\n" }, "triggers": { "type": "array", "items": { "type": "string" }, "description": "Set of additional property names that will trigger an Instance Refresh. A refresh will always be triggered by a change in any of `launch_configuration`, `launch_template`, or `mixed_instances_policy`.\n\n\u003e **NOTE:** A refresh is started when any of the following Auto Scaling Group properties change: `launch_configuration`, `launch_template`, `mixed_instances_policy`. Additional properties can be specified in the `triggers` property of `instance_refresh`.\n\n\u003e **NOTE:** A refresh will not start when `version = \"$Latest\"` is configured in the `launch_template` block. To trigger the instance refresh when a launch template is changed, configure `version` to use the `latest_version` attribute of the `aws.ec2.LaunchTemplate` resource.\n\n\u003e **NOTE:** Auto Scaling Groups support up to one active instance refresh at a time. When this resource is updated, any existing refresh is cancelled.\n\n\u003e **NOTE:** Depending on health check settings and group size, an instance refresh may take a long time or fail. This resource does not wait for the instance refresh to complete.\n" } }, "type": "object", "required": [ "strategy" ] }, "aws:autoscaling/GroupInstanceRefreshPreferences:GroupInstanceRefreshPreferences": { "properties": { "alarmSpecification": { "$ref": "#/types/aws:autoscaling/GroupInstanceRefreshPreferencesAlarmSpecification:GroupInstanceRefreshPreferencesAlarmSpecification", "description": "Alarm Specification for Instance Refresh.\n" }, "autoRollback": { "type": "boolean", "description": "Automatically rollback if instance refresh fails. Defaults to `false`. This option may only be set to `true` when specifying a `launch_template` or `mixed_instances_policy`.\n" }, "checkpointDelay": { "type": "string", "description": "Number of seconds to wait after a checkpoint. Defaults to `3600`.\n" }, "checkpointPercentages": { "type": "array", "items": { "type": "integer" }, "description": "List of percentages for each checkpoint. Values must be unique and in ascending order. To replace all instances, the final number must be `100`.\n" }, "instanceWarmup": { "type": "string", "description": "Number of seconds until a newly launched instance is configured and ready to use. Default behavior is to use the Auto Scaling Group's health check grace period.\n" }, "maxHealthyPercentage": { "type": "integer", "description": "Amount of capacity in the Auto Scaling group that can be in service and healthy, or pending, to support your workload when an instance refresh is in place, as a percentage of the desired capacity of the Auto Scaling group. Values must be between `100` and `200`, defaults to `100`.\n" }, "minHealthyPercentage": { "type": "integer", "description": "Amount of capacity in the Auto Scaling group that must remain healthy during an instance refresh to allow the operation to continue, as a percentage of the desired capacity of the Auto Scaling group. Defaults to `90`.\n" }, "scaleInProtectedInstances": { "type": "string", "description": "Behavior when encountering instances protected from scale in are found. Available behaviors are `Refresh`, `Ignore`, and `Wait`. Default is `Ignore`.\n" }, "skipMatching": { "type": "boolean", "description": "Replace instances that already have your desired configuration. Defaults to `false`.\n" }, "standbyInstances": { "type": "string", "description": "Behavior when encountering instances in the `Standby` state in are found. Available behaviors are `Terminate`, `Ignore`, and `Wait`. Default is `Ignore`.\n" } }, "type": "object" }, "aws:autoscaling/GroupInstanceRefreshPreferencesAlarmSpecification:GroupInstanceRefreshPreferencesAlarmSpecification": { "properties": { "alarms": { "type": "array", "items": { "type": "string" }, "description": "List of Cloudwatch alarms. If any of these alarms goes into ALARM state, Instance Refresh is failed.\n" } }, "type": "object" }, "aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "ID of the launch template. Conflicts with `name`.\n" }, "name": { "type": "string", "description": "Name of the launch template. Conflicts with `id`.\n" }, "version": { "type": "string", "description": "Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "name", "version" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy": { "properties": { "instancesDistribution": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyInstancesDistribution:GroupMixedInstancesPolicyInstancesDistribution", "description": "Nested argument containing settings on how to mix on-demand and Spot instances in the Auto Scaling group. Defined below.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplate:GroupMixedInstancesPolicyLaunchTemplate", "description": "Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below.\n" } }, "type": "object", "required": [ "launchTemplate" ], "language": { "nodejs": { "requiredOutputs": [ "instancesDistribution", "launchTemplate" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyInstancesDistribution:GroupMixedInstancesPolicyInstancesDistribution": { "properties": { "onDemandAllocationStrategy": { "type": "string", "description": "Strategy to use when launching on-demand instances. Valid values: `prioritized`, `lowest-price`. Default: `prioritized`.\n" }, "onDemandBaseCapacity": { "type": "integer", "description": "Absolute minimum amount of desired capacity that must be fulfilled by on-demand instances. Default: `0`.\n" }, "onDemandPercentageAboveBaseCapacity": { "type": "integer", "description": "Percentage split between on-demand and Spot instances above the base on-demand capacity. Default: `100`.\n" }, "spotAllocationStrategy": { "type": "string", "description": "How to allocate capacity across the Spot pools. Valid values: `lowest-price`, `capacity-optimized`, `capacity-optimized-prioritized`, and `price-capacity-optimized`. Default: `lowest-price`.\n" }, "spotInstancePools": { "type": "integer", "description": "Number of Spot pools per availability zone to allocate capacity. EC2 Auto Scaling selects the cheapest Spot pools and evenly allocates Spot capacity across the number of Spot pools that you specify. Only available with `spot_allocation_strategy` set to `lowest-price`. Otherwise it must be set to `0`, if it has been defined before. Default: `2`.\n" }, "spotMaxPrice": { "type": "string", "description": "Maximum price per unit hour that the user is willing to pay for the Spot instances. Default: an empty string which means the on-demand price.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "onDemandAllocationStrategy", "onDemandBaseCapacity", "onDemandPercentageAboveBaseCapacity", "spotAllocationStrategy", "spotInstancePools" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplate:GroupMixedInstancesPolicyLaunchTemplate": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification", "description": "Override the instance launch template specification in the Launch Template.\n" }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverride:GroupMixedInstancesPolicyLaunchTemplateOverride" }, "description": "List of nested arguments provides the ability to specify multiple instance types. This will override the same parameter in the launch template. For on-demand instances, Auto Scaling considers the order of preference of instance types to launch based on the order specified in the overrides list. Defined below.\n" } }, "type": "object", "required": [ "launchTemplateSpecification" ], "language": { "nodejs": { "requiredOutputs": [ "launchTemplateSpecification", "overrides" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template. Conflicts with `launch_template_name`.\n" }, "launchTemplateName": { "type": "string", "description": "Name of the launch template. Conflicts with `launch_template_id`.\n" }, "version": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "launchTemplateId", "launchTemplateName", "version" ] } } }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverride:GroupMixedInstancesPolicyLaunchTemplateOverride": { "properties": { "instanceRequirements": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements", "description": "Override the instance type in the Launch Template with instance types that satisfy the requirements.\n" }, "instanceType": { "type": "string", "description": "Override the instance type in the Launch Template.\n" }, "launchTemplateSpecification": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification", "description": "Override the instance launch template specification in the Launch Template.\n" }, "weightedCapacity": { "type": "string", "description": "Number of capacity units, which gives the instance type a proportional weight to other instance types.\n" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements": { "properties": { "acceleratorCount": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount", "description": "Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum.\n" }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator manufacturer names. Default is any manufacturer.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* nvidia\n* xilinx\n```\n" }, "acceleratorNames": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator names. Default is any acclerator.\n\n```\nValid names:\n* a100 - NVIDIA A100 GPUs\n* v100 - NVIDIA V100 GPUs\n* k80 - NVIDIA K80 GPUs\n* t4 - NVIDIA T4 GPUs\n* m60 - NVIDIA M60 GPUs\n* radeon-pro-v520 - AMD Radeon Pro V520 GPUs\n* vu9p - Xilinx VU9P FPGAs\n```\n" }, "acceleratorTotalMemoryMib": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib", "description": "Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum.\n" }, "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator types. Default is any accelerator type.\n\n```\nValid types:\n* fpga\n* gpu\n* inference\n```\n" }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types.\n\n\u003e **NOTE:** If you specify `allowed_instance_types`, you can't specify `excluded_instance_types`.\n" }, "bareMetal": { "type": "string", "description": "Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "baselineEbsBandwidthMbps": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps", "description": "Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum.\n" }, "burstablePerformance": { "type": "string", "description": "Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "cpuManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of CPU manufacturer names. Default is any manufacturer.\n\n\u003e **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* intel\n```\n" }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types.\n\n\u003e **NOTE:** If you specify `excluded_instance_types`, you can't specify `allowed_instance_types`.\n" }, "instanceGenerations": { "type": "array", "items": { "type": "string" }, "description": "List of instance generation names. Default is any generation.\n\n```\nValid names:\n* current - Recommended for best performance.\n* previous - For existing applications optimized for older instance types.\n```\n" }, "localStorage": { "type": "string", "description": "Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`.\n" }, "localStorageTypes": { "type": "array", "items": { "type": "string" }, "description": "List of local storage type names. Default any storage type.\n\n```\nValue names:\n* hdd - hard disk drive\n* ssd - solid state drive\n```\n" }, "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spot_max_price_percentage_over_lowest_price`\n" }, "memoryGibPerVcpu": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu", "description": "Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum.\n" }, "memoryMib": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib", "description": "Block describing the minimum and maximum amount of memory (MiB). Default is no maximum.\n" }, "networkBandwidthGbps": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps", "description": "Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum.\n" }, "networkInterfaceCount": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount", "description": "Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum.\n" }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "Price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20.\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n" }, "requireHibernateSupport": { "type": "boolean", "description": "Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`.\n" }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "Price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `max_spot_price_as_percentage_of_optimal_on_demand_price`\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n" }, "totalLocalStorageGb": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb", "description": "Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum.\n" }, "vcpuCount": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount", "description": "Block describing the minimum and maximum number of vCPUs. Default is no maximum.\n" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount:GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object" }, "aws:autoscaling/GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification:GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template. Conflicts with `launch_template_name`.\n" }, "launchTemplateName": { "type": "string", "description": "Name of the launch template. Conflicts with `launch_template_id`.\n" }, "version": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "launchTemplateId", "launchTemplateName", "version" ] } } }, "aws:autoscaling/GroupTag:GroupTag": { "properties": { "key": { "type": "string", "description": "Key\n" }, "propagateAtLaunch": { "type": "boolean", "description": "Enables propagation of the tag to\nAmazon EC2 instances launched via this ASG\n\nTo declare multiple tags, additional `tag` blocks can be specified.\n\n\u003e **NOTE:** Other AWS APIs may automatically add special tags to their associated Auto Scaling Group for management purposes, such as ECS Capacity Providers adding the `AmazonECSManaged` tag. These generally should be included in the configuration so the provider does not attempt to remove them and so if the `min_size` was greater than zero on creation, that these tag(s) are applied to any initial EC2 Instances in the Auto Scaling Group. If these tag(s) were missing in the Auto Scaling Group configuration on creation, affected EC2 Instances missing the tags may require manual intervention of adding the tags to ensure they work properly with the other AWS service.\n" }, "value": { "type": "string", "description": "Value\n" } }, "type": "object", "required": [ "key", "propagateAtLaunch", "value" ] }, "aws:autoscaling/GroupTrafficSource:GroupTrafficSource": { "properties": { "identifier": { "type": "string", "description": "Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n" }, "type": { "type": "string", "description": "Provides additional context for the value of Identifier.\nThe following lists the valid values:\n`elb` if `identifier` is the name of a Classic Load Balancer.\n`elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n`vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:autoscaling/GroupWarmPool:GroupWarmPool": { "properties": { "instanceReusePolicy": { "$ref": "#/types/aws:autoscaling/GroupWarmPoolInstanceReusePolicy:GroupWarmPoolInstanceReusePolicy", "description": "Whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.\n" }, "maxGroupPreparedCapacity": { "type": "integer", "description": "Total maximum number of instances that are allowed to be in the warm pool or in any state except Terminated for the Auto Scaling group.\n" }, "minSize": { "type": "integer", "description": "Minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.\n" }, "poolState": { "type": "string", "description": "Sets the instance state to transition to after the lifecycle hooks finish. Valid values are: Stopped (default), Running or Hibernated.\n" } }, "type": "object" }, "aws:autoscaling/GroupWarmPoolInstanceReusePolicy:GroupWarmPoolInstanceReusePolicy": { "properties": { "reuseOnScaleIn": { "type": "boolean", "description": "Whether instances in the Auto Scaling group can be returned to the warm pool on scale in.\n" } }, "type": "object" }, "aws:autoscaling/Metric:Metric": { "description": "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", "type": "string", "enum": [ { "value": "GroupMinSize" }, { "value": "GroupMaxSize" }, { "value": "GroupDesiredCapacity" }, { "value": "GroupInServiceInstances" }, { "value": "GroupInServiceCapacity" }, { "value": "GroupPendingInstances" }, { "value": "GroupPendingCapacity" }, { "value": "GroupStandbyInstances" }, { "value": "GroupStandbyCapacity" }, { "value": "GroupTerminatingInstances" }, { "value": "GroupTerminatingCapacity" }, { "value": "GroupTotalInstances" }, { "value": "GroupTotalCapacity" }, { "value": "WarmPoolDesiredCapacity" }, { "value": "WarmPoolWarmedCapacity" }, { "value": "WarmPoolPendingCapacity" }, { "value": "WarmPoolTerminatingCapacity" }, { "value": "WarmPoolTotalCapacity" }, { "value": "GroupAndWarmPoolDesiredCapacity" }, { "value": "GroupAndWarmPoolTotalCapacity" } ] }, "aws:autoscaling/MetricsGranularity:MetricsGranularity": { "description": "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html", "type": "string", "enum": [ { "name": "OneMinute", "value": "1Minute" } ] }, "aws:autoscaling/NotificationType:NotificationType": { "description": "See https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_NotificationConfiguration.html", "type": "string", "enum": [ { "name": "InstanceLaunch", "value": "autoscaling:EC2_INSTANCE_LAUNCH" }, { "name": "InstanceTerminate", "value": "autoscaling:EC2_INSTANCE_TERMINATE" }, { "name": "InstanceLaunchError", "value": "autoscaling:EC2_INSTANCE_LAUNCH_ERROR" }, { "name": "InstanceTerminateError", "value": "autoscaling:EC2_INSTANCE_TERMINATE_ERROR" }, { "name": "TestNotification", "value": "autoscaling:TEST_NOTIFICATION" } ] }, "aws:autoscaling/PolicyPredictiveScalingConfiguration:PolicyPredictiveScalingConfiguration": { "properties": { "maxCapacityBreachBehavior": { "type": "string", "description": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Valid values are `HonorMaxCapacity` or `IncreaseMaxCapacity`. Default is `HonorMaxCapacity`.\n" }, "maxCapacityBuffer": { "type": "string", "description": "Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. Valid range is `0` to `100`. If set to `0`, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity.\n" }, "metricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecification", "description": "This structure includes the metrics and target utilization to use for predictive scaling.\n" }, "mode": { "type": "string", "description": "Predictive scaling mode. Valid values are `ForecastAndScale` and `ForecastOnly`. Default is `ForecastOnly`.\n" }, "schedulingBufferTime": { "type": "string", "description": "Amount of time, in seconds, by which the instance launch time can be advanced. Minimum is `0`.\n" } }, "type": "object", "required": [ "metricSpecification" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecification": { "properties": { "customizedCapacityMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification", "description": "Customized capacity metric specification. The field is only valid when you use `customized_load_metric_specification`\n" }, "customizedLoadMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification", "description": "Customized load metric specification.\n" }, "customizedScalingMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification", "description": "Customized scaling metric specification.\n" }, "predefinedLoadMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification", "description": "Predefined load metric specification.\n" }, "predefinedMetricPairSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification", "description": "Metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use.\n" }, "predefinedScalingMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification", "description": "Predefined scaling metric specification.\n" }, "targetValue": { "type": "number", "description": "Target value for the metric.\n" } }, "type": "object", "required": [ "targetValue" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification": { "properties": { "metricDataQueries": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery" }, "description": "List of up to 10 structures that defines custom capacity metric in predictive scaling policy\n" } }, "type": "object", "required": [ "metricDataQueries" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery": { "properties": { "expression": { "type": "string", "description": "Math expression used on the returned metric. You must specify either `expression` or `metric_stat`, but not both.\n" }, "id": { "type": "string", "description": "Short name for the metric used in predictive scaling policy.\n" }, "label": { "type": "string", "description": "Human-readable label for this metric or expression.\n" }, "metricStat": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat", "description": "Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metric_stat`, but not both.\n" }, "returnData": { "type": "boolean", "description": "Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true\n" } }, "type": "object", "required": [ "id" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat": { "properties": { "metric": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric", "description": "Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions.\n" }, "stat": { "type": "string", "description": "Statistic of the metrics to return.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object", "required": [ "metric", "stat" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification": { "properties": { "metricDataQueries": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery" }, "description": "List of up to 10 structures that defines custom load metric in predictive scaling policy\n" } }, "type": "object", "required": [ "metricDataQueries" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery": { "properties": { "expression": { "type": "string", "description": "Math expression used on the returned metric. You must specify either `expression` or `metric_stat`, but not both.\n" }, "id": { "type": "string", "description": "Short name for the metric used in predictive scaling policy.\n" }, "label": { "type": "string", "description": "Human-readable label for this metric or expression.\n" }, "metricStat": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat", "description": "Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metric_stat`, but not both.\n" }, "returnData": { "type": "boolean", "description": "Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true\n" } }, "type": "object", "required": [ "id" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat": { "properties": { "metric": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric", "description": "Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions.\n" }, "stat": { "type": "string", "description": "Statistic of the metrics to return.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object", "required": [ "metric", "stat" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification": { "properties": { "metricDataQueries": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery" }, "description": "List of up to 10 structures that defines custom scaling metric in predictive scaling policy\n" } }, "type": "object", "required": [ "metricDataQueries" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery": { "properties": { "expression": { "type": "string", "description": "Math expression used on the returned metric. You must specify either `expression` or `metric_stat`, but not both.\n" }, "id": { "type": "string", "description": "Short name for the metric used in predictive scaling policy.\n" }, "label": { "type": "string", "description": "Human-readable label for this metric or expression.\n" }, "metricStat": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat", "description": "Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metric_stat`, but not both.\n" }, "returnData": { "type": "boolean", "description": "Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true\n" } }, "type": "object", "required": [ "id" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat": { "properties": { "metric": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric", "description": "Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions.\n" }, "stat": { "type": "string", "description": "Statistic of the metrics to return.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object", "required": [ "metric", "stat" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension:PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "Metric type. Valid values are `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`, or `ALBTargetGroupRequestCount`.\n" }, "resourceLabel": { "type": "string", "description": "Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information.\n" } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "Which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization`, the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric. Valid values are `ASGCPUUtilization`, `ASGNetworkIn`, `ASGNetworkOut`, or `ALBRequestCount`.\n" }, "resourceLabel": { "type": "string", "description": "Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information.\n" } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:autoscaling/PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification:PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "Describes a scaling metric for a predictive scaling policy. Valid values are `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, or `ALBRequestCountPerTarget`.\n" }, "resourceLabel": { "type": "string", "description": "Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information.\n" } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment": { "properties": { "metricIntervalLowerBound": { "type": "string", "description": "Lower bound for the\ndifference between the alarm threshold and the CloudWatch metric.\nWithout a value, AWS will treat this bound as negative infinity.\n" }, "metricIntervalUpperBound": { "type": "string", "description": "Upper bound for the\ndifference between the alarm threshold and the CloudWatch metric.\nWithout a value, AWS will treat this bound as positive infinity. The upper bound\nmust be greater than the lower bound.\n\nNotice the bounds are **relative** to the alarm threshold, meaning that the starting point is not 0%, but the alarm threshold. Check the official [docs](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-steps) for a detailed example.\n\nThe following arguments are only available to \"TargetTrackingScaling\" type policies:\n" }, "scalingAdjustment": { "type": "integer", "description": "Number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" } }, "type": "object", "required": [ "scalingAdjustment" ] }, "aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration": { "properties": { "customizedMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecification:PolicyTargetTrackingConfigurationCustomizedMetricSpecification", "description": "Customized metric. Conflicts with `predefined_metric_specification`.\n" }, "disableScaleIn": { "type": "boolean", "description": "Whether scale in by the target tracking policy is disabled.\n" }, "predefinedMetricSpecification": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationPredefinedMetricSpecification:PolicyTargetTrackingConfigurationPredefinedMetricSpecification", "description": "Predefined metric. Conflicts with `customized_metric_specification`.\n" }, "targetValue": { "type": "number", "description": "Target value for the metric.\n" } }, "type": "object", "required": [ "targetValue" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecification:PolicyTargetTrackingConfigurationCustomizedMetricSpecification": { "properties": { "metricDimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "metrics": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric" }, "description": "Metrics to include, as a metric data query.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" }, "statistic": { "type": "string", "description": "Statistic of the metric.\n" }, "unit": { "type": "string", "description": "Unit of the metric.\n" } }, "type": "object" }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric": { "properties": { "expression": { "type": "string", "description": "Math expression used on the returned metric. You must specify either `expression` or `metric_stat`, but not both.\n" }, "id": { "type": "string", "description": "Short name for the metric used in target tracking scaling policy.\n" }, "label": { "type": "string", "description": "Human-readable label for this metric or expression.\n" }, "metricStat": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat", "description": "Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metric_stat`, but not both.\n" }, "returnData": { "type": "boolean", "description": "Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true\n" } }, "type": "object", "required": [ "id" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat": { "properties": { "metric": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric", "description": "Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions.\n" }, "stat": { "type": "string", "description": "Statistic of the metrics to return.\n" }, "unit": { "type": "string", "description": "Unit of the metrics to return.\n" } }, "type": "object", "required": [ "metric", "stat" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension:PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension": { "properties": { "name": { "type": "string", "description": "Name of the dimension.\n" }, "value": { "type": "string", "description": "Value of the dimension.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:autoscaling/PolicyTargetTrackingConfigurationPredefinedMetricSpecification:PolicyTargetTrackingConfigurationPredefinedMetricSpecification": { "properties": { "predefinedMetricType": { "type": "string", "description": "Metric type.\n" }, "resourceLabel": { "type": "string", "description": "Identifies the resource associated with the metric type.\n" } }, "type": "object", "required": [ "predefinedMetricType" ] }, "aws:autoscaling/TagTag:TagTag": { "properties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "propagateAtLaunch": { "type": "boolean", "description": "Whether to propagate the tags to instances launched by the ASG.\n" }, "value": { "type": "string", "description": "Tag value.\n" } }, "type": "object", "required": [ "key", "propagateAtLaunch", "value" ] }, "aws:autoscaling/TrafficSourceAttachmentTrafficSource:TrafficSourceAttachmentTrafficSource": { "properties": { "identifier": { "type": "string", "description": "Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Provides additional context for the value of `identifier`.\nThe following lists the valid values:\n`elb` if `identifier` is the name of a Classic Load Balancer.\n`elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n`vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "identifier", "type" ] }, "aws:autoscaling/getAmiIdsFilter:getAmiIdsFilter": { "properties": { "name": { "type": "string", "description": "Name of the DescribeAutoScalingGroup filter. The recommended values are: `tag-key`, `tag-value`, and `tag:\u003ctag name\u003e`\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Value of the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:autoscaling/getGroupInstanceMaintenancePolicy:getGroupInstanceMaintenancePolicy": { "properties": { "maxHealthyPercentage": { "type": "integer", "description": "Specifies the upper limit on the number of instances that are in the InService or Pending state with a healthy status during an instance replacement activity.\n" }, "minHealthyPercentage": { "type": "integer", "description": "Specifies the lower limit on the number of instances that must be in the InService state with a healthy status during an instance replacement activity.\n" } }, "type": "object", "required": [ "maxHealthyPercentage", "minHealthyPercentage" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupLaunchTemplate:getGroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "ID of the launch template.\n" }, "name": { "type": "string", "description": "Specify the exact name of the desired autoscaling group.\n" }, "version": { "type": "string", "description": "Template version.\n" } }, "type": "object", "required": [ "id", "name", "version" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicy:getGroupMixedInstancesPolicy": { "properties": { "instancesDistributions": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyInstancesDistribution:getGroupMixedInstancesPolicyInstancesDistribution" }, "description": "List of instances distribution objects.\n" }, "launchTemplates": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplate:getGroupMixedInstancesPolicyLaunchTemplate" }, "description": "List of launch templates along with the overrides.\n" } }, "type": "object", "required": [ "instancesDistributions", "launchTemplates" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyInstancesDistribution:getGroupMixedInstancesPolicyInstancesDistribution": { "properties": { "onDemandAllocationStrategy": { "type": "string", "description": "Strategy used when launching on-demand instances.\n" }, "onDemandBaseCapacity": { "type": "integer", "description": "Absolute minimum amount of desired capacity that must be fulfilled by on-demand instances.\n" }, "onDemandPercentageAboveBaseCapacity": { "type": "integer" }, "spotAllocationStrategy": { "type": "string", "description": "Strategy used when launching Spot instances.\n" }, "spotInstancePools": { "type": "integer", "description": "Number of Spot pools per availability zone to allocate capacity.\n" }, "spotMaxPrice": { "type": "string", "description": "Maximum price per unit hour that the user is willing to pay for the Spot instances.\n" } }, "type": "object", "required": [ "onDemandAllocationStrategy", "onDemandBaseCapacity", "onDemandPercentageAboveBaseCapacity", "spotAllocationStrategy", "spotInstancePools", "spotMaxPrice" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplate:getGroupMixedInstancesPolicyLaunchTemplate": { "properties": { "launchTemplateSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:getGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification" }, "description": "List of overriding launch template specification objects.\n" }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverride:getGroupMixedInstancesPolicyLaunchTemplateOverride" }, "description": "List of properties overriding the same properties in the launch template.\n" } }, "type": "object", "required": [ "launchTemplateSpecifications", "overrides" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification:getGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template.\n" }, "launchTemplateName": { "type": "string", "description": "Name of the launch template.\n" }, "version": { "type": "string", "description": "Template version.\n" } }, "type": "object", "required": [ "launchTemplateId", "launchTemplateName", "version" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverride:getGroupMixedInstancesPolicyLaunchTemplateOverride": { "properties": { "instanceRequirements": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirement:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirement" }, "description": "List of instance requirements objects.\n* `accelerator_count - List of objects describing the minimum and maximum number of accelerators for an instance type.\n" }, "instanceType": { "type": "string", "description": "Overriding instance type.\n" }, "launchTemplateSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification:getGroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification" }, "description": "List of overriding launch template specification objects.\n" }, "weightedCapacity": { "type": "string", "description": "Number of capacity units, which gives the instance type a proportional weight to other instance types.\n" } }, "type": "object", "required": [ "instanceRequirements", "instanceType", "launchTemplateSpecifications", "weightedCapacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirement:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirement": { "properties": { "acceleratorCounts": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorCount" } }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator manufacturer names.\n" }, "acceleratorNames": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator names.\n" }, "acceleratorTotalMemoryMibs": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorTotalMemoryMib:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorTotalMemoryMib" }, "description": "List of objects describing the minimum and maximum total memory of the accelerators.\n" }, "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator types.\n" }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to apply the specified attributes against.\n" }, "bareMetal": { "type": "string", "description": "Indicates whether bare metal instances are included, excluded, or required.\n" }, "baselineEbsBandwidthMbps": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementBaselineEbsBandwidthMbp:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementBaselineEbsBandwidthMbp" }, "description": "List of objects describing the minimum and maximum baseline EBS bandwidth (Mbps).\n" }, "burstablePerformance": { "type": "string", "description": "Indicates whether burstable performance instance types are included, excluded, or required.\n" }, "cpuManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of CPU manufacturer names.\n" }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of excluded instance types.\n" }, "instanceGenerations": { "type": "array", "items": { "type": "string" }, "description": "List of instance generation names.\n" }, "localStorage": { "type": "string", "description": "Indicates whether instance types with instance store volumes are included, excluded, or required.\n" }, "localStorageTypes": { "type": "array", "items": { "type": "string" }, "description": "List of local storage type names.\n" }, "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "type": "integer", "description": "Price protection threshold for Spot Instances.\n" }, "memoryGibPerVcpus": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryGibPerVcpus:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryGibPerVcpus" }, "description": "List of objects describing the minimum and maximum amount of memory (GiB) per vCPU.\n" }, "memoryMibs": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryMib:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryMib" }, "description": "List of objects describing the minimum and maximum amount of memory (MiB).\n" }, "networkBandwidthGbps": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkBandwidthGbp:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkBandwidthGbp" }, "description": "List of objects describing the minimum and maximum amount of network bandwidth (Gbps).\n" }, "networkInterfaceCounts": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkInterfaceCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkInterfaceCount" }, "description": "List of objects describing the minimum and maximum amount of network interfaces.\n" }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "Price protection threshold for On-Demand Instances.\n" }, "requireHibernateSupport": { "type": "boolean", "description": "Indicates whether instance types must support On-Demand Instance Hibernation.\n" }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "Price protection threshold for Spot Instances.\n" }, "totalLocalStorageGbs": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementTotalLocalStorageGb:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementTotalLocalStorageGb" }, "description": "List of objects describing the minimum and maximum total storage (GB).\n" }, "vcpuCounts": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementVcpuCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementVcpuCount" }, "description": "List of objects describing the minimum and maximum number of vCPUs.\n" } }, "type": "object", "required": [ "acceleratorCounts", "acceleratorManufacturers", "acceleratorNames", "acceleratorTotalMemoryMibs", "acceleratorTypes", "allowedInstanceTypes", "bareMetal", "baselineEbsBandwidthMbps", "burstablePerformance", "cpuManufacturers", "excludedInstanceTypes", "instanceGenerations", "localStorage", "localStorageTypes", "maxSpotPriceAsPercentageOfOptimalOnDemandPrice", "memoryGibPerVcpus", "memoryMibs", "networkBandwidthGbps", "networkInterfaceCounts", "onDemandMaxPricePercentageOverLowestPrice", "requireHibernateSupport", "spotMaxPricePercentageOverLowestPrice", "totalLocalStorageGbs", "vcpuCounts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorTotalMemoryMib:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementBaselineEbsBandwidthMbp:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementBaselineEbsBandwidthMbp": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryGibPerVcpus:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryGibPerVcpus": { "properties": { "max": { "type": "number", "description": "Maximum.\n" }, "min": { "type": "number", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryMib:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkBandwidthGbp:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkBandwidthGbp": { "properties": { "max": { "type": "number", "description": "Maximum.\n" }, "min": { "type": "number", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkInterfaceCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementNetworkInterfaceCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementTotalLocalStorageGb:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementTotalLocalStorageGb": { "properties": { "max": { "type": "number", "description": "Maximum.\n" }, "min": { "type": "number", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementVcpuCount:getGroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementVcpuCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification:getGroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template.\n" }, "launchTemplateName": { "type": "string", "description": "Name of the launch template.\n" }, "version": { "type": "string", "description": "Template version.\n" } }, "type": "object", "required": [ "launchTemplateId", "launchTemplateName", "version" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupTag:getGroupTag": { "properties": { "key": { "type": "string", "description": "Key.\n" }, "propagateAtLaunch": { "type": "boolean", "description": "Whether the tag is propagated to Amazon EC2 instances launched via this ASG.\n" }, "value": { "type": "string", "description": "Value.\n" } }, "type": "object", "required": [ "key", "propagateAtLaunch", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupTrafficSource:getGroupTrafficSource": { "properties": { "identifier": { "type": "string", "description": "Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n" }, "type": { "type": "string", "description": "Traffic source type.\n" } }, "type": "object", "required": [ "identifier", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupWarmPool:getGroupWarmPool": { "properties": { "instanceReusePolicies": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getGroupWarmPoolInstanceReusePolicy:getGroupWarmPoolInstanceReusePolicy" }, "description": "List of instance reuse policy objects.\n" }, "maxGroupPreparedCapacity": { "type": "integer" }, "minSize": { "type": "integer", "description": "Minimum number of instances to maintain in the warm pool.\n" }, "poolState": { "type": "string", "description": "Instance state to transition to after the lifecycle actions are complete.\n" } }, "type": "object", "required": [ "instanceReusePolicies", "maxGroupPreparedCapacity", "minSize", "poolState" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscaling/getGroupWarmPoolInstanceReusePolicy:getGroupWarmPoolInstanceReusePolicy": { "properties": { "reuseOnScaleIn": { "type": "boolean", "description": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in.\n" } }, "type": "object", "required": [ "reuseOnScaleIn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:autoscalingplans/ScalingPlanApplicationSource:ScalingPlanApplicationSource": { "properties": { "cloudformationStackArn": { "type": "string", "description": "ARN of a AWS CloudFormation stack.\n" }, "tagFilters": { "type": "array", "items": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanApplicationSourceTagFilter:ScalingPlanApplicationSourceTagFilter" }, "description": "Set of tags.\n" } }, "type": "object" }, "aws:autoscalingplans/ScalingPlanApplicationSourceTagFilter:ScalingPlanApplicationSourceTagFilter": { "properties": { "key": { "type": "string", "description": "Tag key.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Tag values.\n" } }, "type": "object", "required": [ "key" ] }, "aws:autoscalingplans/ScalingPlanScalingInstruction:ScalingPlanScalingInstruction": { "properties": { "customizedLoadMetricSpecification": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstructionCustomizedLoadMetricSpecification:ScalingPlanScalingInstructionCustomizedLoadMetricSpecification", "description": "Customized load metric to use for predictive scaling. You must specify either `customized_load_metric_specification` or `predefined_load_metric_specification` when configuring predictive scaling.\nMore details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedLoadMetricSpecification.html).\n" }, "disableDynamicScaling": { "type": "boolean", "description": "Boolean controlling whether dynamic scaling by AWS Auto Scaling is disabled. Defaults to `false`.\n" }, "maxCapacity": { "type": "integer", "description": "Maximum capacity of the resource. The exception to this upper limit is if you specify a non-default setting for `predictive_scaling_max_capacity_behavior`.\n" }, "minCapacity": { "type": "integer", "description": "Minimum capacity of the resource.\n" }, "predefinedLoadMetricSpecification": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstructionPredefinedLoadMetricSpecification:ScalingPlanScalingInstructionPredefinedLoadMetricSpecification", "description": "Predefined load metric to use for predictive scaling. You must specify either `predefined_load_metric_specification` or `customized_load_metric_specification` when configuring predictive scaling.\nMore details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedLoadMetricSpecification.html).\n" }, "predictiveScalingMaxCapacityBehavior": { "type": "string", "description": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity specified for the resource.\nValid values: `SetForecastCapacityToMaxCapacity`, `SetMaxCapacityAboveForecastCapacity`, `SetMaxCapacityToForecastCapacity`.\n" }, "predictiveScalingMaxCapacityBuffer": { "type": "integer", "description": "Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity.\n" }, "predictiveScalingMode": { "type": "string", "description": "Predictive scaling mode. Valid values: `ForecastAndScale`, `ForecastOnly`.\n" }, "resourceId": { "type": "string", "description": "ID of the resource. This string consists of the resource type and unique identifier.\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension associated with the resource. Valid values: `autoscaling:autoScalingGroup:DesiredCapacity`, `dynamodb:index:ReadCapacityUnits`, `dynamodb:index:WriteCapacityUnits`, `dynamodb:table:ReadCapacityUnits`, `dynamodb:table:WriteCapacityUnits`, `ecs:service:DesiredCount`, `ec2:spot-fleet-request:TargetCapacity`, `rds:cluster:ReadReplicaCount`.\n" }, "scalingPolicyUpdateBehavior": { "type": "string", "description": "Controls whether a resource's externally created scaling policies are kept or replaced. Valid values: `KeepExternalPolicies`, `ReplaceExternalPolicies`. Defaults to `KeepExternalPolicies`.\n" }, "scheduledActionBufferTime": { "type": "integer", "description": "Amount of time, in seconds, to buffer the run time of scheduled scaling actions when scaling out.\n" }, "serviceNamespace": { "type": "string", "description": "Namespace of the AWS service. Valid values: `autoscaling`, `dynamodb`, `ecs`, `ec2`, `rds`.\n" }, "targetTrackingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfiguration:ScalingPlanScalingInstructionTargetTrackingConfiguration" }, "description": "Structure that defines new target tracking configurations. Each of these structures includes a specific scaling metric and a target value for the metric, along with various parameters to use with dynamic scaling.\nMore details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_TargetTrackingConfiguration.html).\n" } }, "type": "object", "required": [ "maxCapacity", "minCapacity", "resourceId", "scalableDimension", "serviceNamespace", "targetTrackingConfigurations" ], "language": { "nodejs": { "requiredOutputs": [ "maxCapacity", "minCapacity", "predictiveScalingMaxCapacityBuffer", "resourceId", "scalableDimension", "serviceNamespace", "targetTrackingConfigurations" ] } } }, "aws:autoscalingplans/ScalingPlanScalingInstructionCustomizedLoadMetricSpecification:ScalingPlanScalingInstructionCustomizedLoadMetricSpecification": { "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" }, "statistic": { "type": "string", "description": "Statistic of the metric. Currently, the value must always be `Sum`.\n" }, "unit": { "type": "string", "description": "Unit of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace", "statistic" ] }, "aws:autoscalingplans/ScalingPlanScalingInstructionPredefinedLoadMetricSpecification:ScalingPlanScalingInstructionPredefinedLoadMetricSpecification": { "properties": { "predefinedLoadMetricType": { "type": "string", "description": "Metric type. Valid values: `ALBTargetGroupRequestCount`, `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`.\n" }, "resourceLabel": { "type": "string", "description": "Identifies the resource associated with the metric type.\n" } }, "type": "object", "required": [ "predefinedLoadMetricType" ] }, "aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfiguration:ScalingPlanScalingInstructionTargetTrackingConfiguration": { "properties": { "customizedScalingMetricSpecification": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification:ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification", "description": "Customized metric. You can specify either `customized_scaling_metric_specification` or `predefined_scaling_metric_specification`.\nMore details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedScalingMetricSpecification.html).\n" }, "disableScaleIn": { "type": "boolean", "description": "Boolean indicating whether scale in by the target tracking scaling policy is disabled. Defaults to `false`.\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "Estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics.\nThis value is used only if the resource is an Auto Scaling group.\n" }, "predefinedScalingMetricSpecification": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification:ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification", "description": "Predefined metric. You can specify either `predefined_scaling_metric_specification` or `customized_scaling_metric_specification`.\nMore details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html).\n" }, "scaleInCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scale in activity completes before another scale in activity can start.\nThis value is not used if the scalable resource is an Auto Scaling group.\n" }, "scaleOutCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.\nThis value is not used if the scalable resource is an Auto Scaling group.\n" }, "targetValue": { "type": "number", "description": "Target value for the metric.\n" } }, "type": "object", "required": [ "targetValue" ] }, "aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification:ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification": { "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Dimensions of the metric.\n" }, "metricName": { "type": "string", "description": "Name of the metric.\n" }, "namespace": { "type": "string", "description": "Namespace of the metric.\n" }, "statistic": { "type": "string", "description": "Statistic of the metric. Valid values: `Average`, `Maximum`, `Minimum`, `SampleCount`, `Sum`.\n" }, "unit": { "type": "string", "description": "Unit of the metric.\n" } }, "type": "object", "required": [ "metricName", "namespace", "statistic" ] }, "aws:autoscalingplans/ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification:ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification": { "properties": { "predefinedScalingMetricType": { "type": "string", "description": "Metric type. Valid values: `ALBRequestCountPerTarget`, `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, `DynamoDBReadCapacityUtilization`, `DynamoDBWriteCapacityUtilization`, `ECSServiceAverageCPUUtilization`, `ECSServiceAverageMemoryUtilization`, `EC2SpotFleetRequestAverageCPUUtilization`, `EC2SpotFleetRequestAverageNetworkIn`, `EC2SpotFleetRequestAverageNetworkOut`, `RDSReaderAverageCPUUtilization`, `RDSReaderAverageDatabaseConnections`.\n" }, "resourceLabel": { "type": "string", "description": "Identifies the resource associated with the metric type.\n" } }, "type": "object", "required": [ "predefinedScalingMetricType" ] }, "aws:backup/FrameworkControl:FrameworkControl": { "properties": { "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:backup/FrameworkControlInputParameter:FrameworkControlInputParameter" }, "description": "One or more input parameter blocks. An example of a control with two parameters is: \"backup plan frequency is at least daily and the retention period is at least 1 year\". The first parameter is daily. The second parameter is 1 year. Detailed below.\n" }, "name": { "type": "string", "description": "The name of a control. This name is between 1 and 256 characters.\n" }, "scope": { "$ref": "#/types/aws:backup/FrameworkControlScope:FrameworkControlScope", "description": "The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. Detailed below.\n" } }, "type": "object", "required": [ "name" ] }, "aws:backup/FrameworkControlInputParameter:FrameworkControlInputParameter": { "properties": { "name": { "type": "string", "description": "The name of a parameter, for example, BackupPlanFrequency.\n" }, "value": { "type": "string", "description": "The value of parameter, for example, hourly.\n" } }, "type": "object" }, "aws:backup/FrameworkControlScope:FrameworkControlScope": { "properties": { "complianceResourceIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of the only AWS resource that you want your control scope to contain. Minimum number of 1 item. Maximum number of 100 items.\n" }, "complianceResourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Describes whether the control scope includes one or more types of resources, such as EFS or RDS.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "complianceResourceIds", "complianceResourceTypes" ] } } }, "aws:backup/PlanAdvancedBackupSetting:PlanAdvancedBackupSetting": { "properties": { "backupOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies the backup option for a selected resource. This option is only available for Windows VSS backup jobs. Set to `{ WindowsVSS = \"enabled\" }` to enable Windows VSS backup option and create a VSS Windows backup.\n" }, "resourceType": { "type": "string", "description": "The type of AWS resource to be backed up. For VSS Windows backups, the only supported resource type is Amazon EC2. Valid values: `EC2`.\n" } }, "type": "object", "required": [ "backupOptions", "resourceType" ] }, "aws:backup/PlanRule:PlanRule": { "properties": { "completionWindow": { "type": "integer", "description": "The amount of time in minutes AWS Backup attempts a backup before canceling the job and returning an error.\n" }, "copyActions": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRuleCopyAction:PlanRuleCopyAction" }, "description": "Configuration block(s) with copy operation settings. Detailed below.\n" }, "enableContinuousBackup": { "type": "boolean", "description": "Enable continuous backups for supported resources.\n" }, "lifecycle": { "$ref": "#/types/aws:backup/PlanRuleLifecycle:PlanRuleLifecycle", "description": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Fields documented below.\n" }, "recoveryPointTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" }, "ruleName": { "type": "string", "description": "An display name for a backup rule.\n" }, "schedule": { "type": "string", "description": "A CRON expression specifying when AWS Backup initiates a backup job.\n" }, "startWindow": { "type": "integer", "description": "The amount of time in minutes before beginning a backup.\n" }, "targetVaultName": { "type": "string", "description": "The name of a logical container where backups are stored.\n" } }, "type": "object", "required": [ "ruleName", "targetVaultName" ] }, "aws:backup/PlanRuleCopyAction:PlanRuleCopyAction": { "properties": { "destinationVaultArn": { "type": "string", "description": "An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup.\n" }, "lifecycle": { "$ref": "#/types/aws:backup/PlanRuleCopyActionLifecycle:PlanRuleCopyActionLifecycle", "description": "The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. Fields documented above.\n" } }, "type": "object", "required": [ "destinationVaultArn" ] }, "aws:backup/PlanRuleCopyActionLifecycle:PlanRuleCopyActionLifecycle": { "properties": { "coldStorageAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is moved to cold storage.\n" }, "deleteAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after`.\n" }, "optInToArchiveForSupportedResources": { "type": "boolean", "description": "This setting will instruct your backup plan to transition supported resources to archive (cold) storage tier in accordance with your lifecycle settings.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "optInToArchiveForSupportedResources" ] } } }, "aws:backup/PlanRuleLifecycle:PlanRuleLifecycle": { "properties": { "coldStorageAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is moved to cold storage.\n" }, "deleteAfter": { "type": "integer", "description": "Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after`.\n" }, "optInToArchiveForSupportedResources": { "type": "boolean", "description": "This setting will instruct your backup plan to transition supported resources to archive (cold) storage tier in accordance with your lifecycle settings.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "optInToArchiveForSupportedResources" ] } } }, "aws:backup/ReportPlanReportDeliveryChannel:ReportPlanReportDeliveryChannel": { "properties": { "formats": { "type": "array", "items": { "type": "string" }, "description": "A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV.\n" }, "s3BucketName": { "type": "string", "description": "The unique name of the S3 bucket that receives your reports.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for where Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix.\n" } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:backup/ReportPlanReportSetting:ReportPlanReportSetting": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of accounts a report covers.\n" }, "frameworkArns": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Amazon Resource Names (ARNs) of the frameworks a report covers.\n" }, "numberOfFrameworks": { "type": "integer", "description": "Specifies the number of frameworks a report covers.\n" }, "organizationUnits": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of Organizational Units a report covers.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of regions a report covers.\n" }, "reportTemplate": { "type": "string", "description": "Identifies the report template for the report. Reports are built using a report template. The report templates are: `RESOURCE_COMPLIANCE_REPORT` | `CONTROL_COMPLIANCE_REPORT` | `BACKUP_JOB_REPORT` | `COPY_JOB_REPORT` | `RESTORE_JOB_REPORT`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "reportTemplate" ] }, "aws:backup/SelectionCondition:SelectionCondition": { "properties": { "stringEquals": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionConditionStringEqual:SelectionConditionStringEqual" }, "willReplaceOnChanges": true }, "stringLikes": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionConditionStringLike:SelectionConditionStringLike" }, "willReplaceOnChanges": true }, "stringNotEquals": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionConditionStringNotEqual:SelectionConditionStringNotEqual" }, "willReplaceOnChanges": true }, "stringNotLikes": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionConditionStringNotLike:SelectionConditionStringNotLike" }, "willReplaceOnChanges": true } }, "type": "object" }, "aws:backup/SelectionConditionStringEqual:SelectionConditionStringEqual": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:backup/SelectionConditionStringLike:SelectionConditionStringLike": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:backup/SelectionConditionStringNotEqual:SelectionConditionStringNotEqual": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:backup/SelectionConditionStringNotLike:SelectionConditionStringNotLike": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:backup/SelectionSelectionTag:SelectionSelectionTag": { "properties": { "key": { "type": "string", "description": "The key in a key-value pair.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "An operation, such as `StringEquals`, that is applied to a key-value pair used to filter resources in a selection.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value in a key-value pair.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "type", "value" ] }, "aws:backup/getFrameworkControl:getFrameworkControl": { "properties": { "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:backup/getFrameworkControlInputParameter:getFrameworkControlInputParameter" }, "description": "One or more input parameter blocks. An example of a control with two parameters is: \"backup plan frequency is at least daily and the retention period is at least 1 year\". The first parameter is daily. The second parameter is 1 year. Detailed below.\n" }, "name": { "type": "string", "description": "Backup framework name.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:backup/getFrameworkControlScope:getFrameworkControlScope" }, "description": "Scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. Detailed below.\n" } }, "type": "object", "required": [ "inputParameters", "name", "scopes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getFrameworkControlInputParameter:getFrameworkControlInputParameter": { "properties": { "name": { "type": "string", "description": "Backup framework name.\n" }, "value": { "type": "string", "description": "Value of parameter, for example, hourly.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getFrameworkControlScope:getFrameworkControlScope": { "properties": { "complianceResourceIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of the only AWS resource that you want your control scope to contain.\n" }, "complianceResourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Describes whether the control scope includes one or more types of resources, such as EFS or RDS.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided.\n" } }, "type": "object", "required": [ "complianceResourceIds", "complianceResourceTypes", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getPlanRule:getPlanRule": { "properties": { "completionWindow": { "type": "integer" }, "copyActions": { "type": "array", "items": { "$ref": "#/types/aws:backup/getPlanRuleCopyAction:getPlanRuleCopyAction" } }, "enableContinuousBackup": { "type": "boolean" }, "lifecycles": { "type": "array", "items": { "$ref": "#/types/aws:backup/getPlanRuleLifecycle:getPlanRuleLifecycle" } }, "recoveryPointTags": { "type": "object", "additionalProperties": { "type": "string" } }, "ruleName": { "type": "string" }, "schedule": { "type": "string" }, "startWindow": { "type": "integer" }, "targetVaultName": { "type": "string" } }, "type": "object", "required": [ "completionWindow", "copyActions", "enableContinuousBackup", "lifecycles", "ruleName", "schedule", "startWindow", "targetVaultName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getPlanRuleCopyAction:getPlanRuleCopyAction": { "properties": { "destinationVaultArn": { "type": "string" }, "lifecycles": { "type": "array", "items": { "$ref": "#/types/aws:backup/getPlanRuleCopyActionLifecycle:getPlanRuleCopyActionLifecycle" } } }, "type": "object", "required": [ "destinationVaultArn", "lifecycles" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getPlanRuleCopyActionLifecycle:getPlanRuleCopyActionLifecycle": { "properties": { "coldStorageAfter": { "type": "integer" }, "deleteAfter": { "type": "integer" }, "optInToArchiveForSupportedResources": { "type": "boolean" } }, "type": "object", "required": [ "coldStorageAfter", "deleteAfter", "optInToArchiveForSupportedResources" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getPlanRuleLifecycle:getPlanRuleLifecycle": { "properties": { "coldStorageAfter": { "type": "integer" }, "deleteAfter": { "type": "integer" }, "optInToArchiveForSupportedResources": { "type": "boolean" } }, "type": "object", "required": [ "coldStorageAfter", "deleteAfter", "optInToArchiveForSupportedResources" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getReportPlanReportDeliveryChannel:getReportPlanReportDeliveryChannel": { "properties": { "formats": { "type": "array", "items": { "type": "string" }, "description": "List of the format of your reports: CSV, JSON, or both.\n" }, "s3BucketName": { "type": "string", "description": "Unique name of the S3 bucket that receives your reports.\n" }, "s3KeyPrefix": { "type": "string", "description": "Prefix for where Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name.\n" } }, "type": "object", "required": [ "formats", "s3BucketName", "s3KeyPrefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:backup/getReportPlanReportSetting:getReportPlanReportSetting": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Specifies the list of accounts a report covers.\n" }, "frameworkArns": { "type": "array", "items": { "type": "string" }, "description": "ARNs of the frameworks a report covers.\n" }, "numberOfFrameworks": { "type": "integer", "description": "Specifies the number of frameworks a report covers.\n" }, "organizationUnits": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Specifies the list of Organizational Units a report covers.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Specifies the list of regions a report covers.\n" }, "reportTemplate": { "type": "string", "description": "Identifies the report template for the report. Reports are built using a report template.\n" } }, "type": "object", "required": [ "accounts", "frameworkArns", "numberOfFrameworks", "organizationUnits", "regions", "reportTemplate" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources": { "properties": { "allocationStrategy": { "type": "string", "description": "The allocation strategy to use for the compute resource in case not enough instances of the best fitting instance type can be allocated. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-allocationStrategy). Defaults to `BEST_FIT`. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "bidPercentage": { "type": "integer", "description": "Integer of maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20% (`20`), then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. If you leave this field empty, the default value is 100% of the On-Demand price. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "desiredVcpus": { "type": "integer", "description": "The desired number of EC2 vCPUS in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "ec2Configurations": { "type": "array", "items": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResourcesEc2Configuration:ComputeEnvironmentComputeResourcesEc2Configuration" }, "description": "Provides information used to select Amazon Machine Images (AMIs) for EC2 instances in the compute environment. If Ec2Configuration isn't specified, the default is ECS_AL2. This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified.\n", "willReplaceOnChanges": true }, "ec2KeyPair": { "type": "string", "description": "The EC2 key pair that is used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "imageId": { "type": "string", "description": "The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, use `ec2_configuration` `image_id_override` instead)\n" }, "instanceRole": { "type": "string", "description": "The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of instance types that may be launched. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "launchTemplate": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResourcesLaunchTemplate:ComputeEnvironmentComputeResourcesLaunchTemplate", "description": "The launch template to use for your compute resources. See details below. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n", "willReplaceOnChanges": true }, "maxVcpus": { "type": "integer", "description": "The maximum number of EC2 vCPUs that an environment can reach.\n" }, "minVcpus": { "type": "integer", "description": "The minimum number of EC2 vCPUs that an environment should maintain. For `EC2` or `SPOT` compute environments, if the parameter is not explicitly defined, a `0` default value will be set. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "placementGroup": { "type": "string", "description": "The Amazon EC2 placement group to associate with your compute resources.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 security group that are associated with instances launched in the compute environment. This parameter is required for Fargate compute environments.\n" }, "spotIamFleetRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment. This parameter is required for SPOT compute environments. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n", "willReplaceOnChanges": true }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnets into which the compute resources are launched.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pair tags to be applied to resources that are launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.\n" }, "type": { "type": "string", "description": "The type of compute environment. Valid items are `EC2`, `SPOT`, `FARGATE` or `FARGATE_SPOT`.\n" } }, "type": "object", "required": [ "maxVcpus", "subnets", "type" ], "language": { "nodejs": { "requiredOutputs": [ "desiredVcpus", "ec2Configurations", "maxVcpus", "subnets", "type" ] } } }, "aws:batch/ComputeEnvironmentComputeResourcesEc2Configuration:ComputeEnvironmentComputeResourcesEc2Configuration": { "properties": { "imageIdOverride": { "type": "string", "description": "The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `image_id` argument in the `compute_resources` block.\n" }, "imageType": { "type": "string", "description": "The image type to match with the instance type to select an AMI. If the `image_id_override` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) (`ECS_AL2`) is used.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "imageIdOverride" ] } } }, "aws:batch/ComputeEnvironmentComputeResourcesLaunchTemplate:ComputeEnvironmentComputeResourcesLaunchTemplate": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n" }, "launchTemplateName": { "type": "string", "description": "Name of the launch template.\n" }, "version": { "type": "string", "description": "The version number of the launch template. Default: The default version of the launch template.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "version" ] } } }, "aws:batch/ComputeEnvironmentEksConfiguration:ComputeEnvironmentEksConfiguration": { "properties": { "eksClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EKS cluster.\n", "willReplaceOnChanges": true }, "kubernetesNamespace": { "type": "string", "description": "The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "eksClusterArn", "kubernetesNamespace" ] }, "aws:batch/ComputeEnvironmentUpdatePolicy:ComputeEnvironmentUpdatePolicy": { "properties": { "jobExecutionTimeoutMinutes": { "type": "integer", "description": "Specifies the job timeout (in minutes) when the compute environment infrastructure is updated.\n" }, "terminateJobsOnUpdate": { "type": "boolean", "description": "Specifies whether jobs are automatically terminated when the computer environment infrastructure is updated.\n" } }, "type": "object", "required": [ "jobExecutionTimeoutMinutes", "terminateJobsOnUpdate" ] }, "aws:batch/JobDefinitionEksProperties:JobDefinitionEksProperties": { "properties": { "podProperties": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodProperties:JobDefinitionEksPropertiesPodProperties", "description": "Properties for the Kubernetes pod resources of a job. See `pod_properties` below.\n" } }, "type": "object", "required": [ "podProperties" ] }, "aws:batch/JobDefinitionEksPropertiesPodProperties:JobDefinitionEksPropertiesPodProperties": { "properties": { "containers": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesContainers:JobDefinitionEksPropertiesPodPropertiesContainers", "description": "Properties of the container that's used on the Amazon EKS pod. See containers below.\n" }, "dnsPolicy": { "type": "string", "description": "DNS policy for the pod. The default value is `ClusterFirst`. If the `host_network` argument is not specified, the default is `ClusterFirstWithHostNet`. `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see Pod's DNS policy in the Kubernetes documentation.\n" }, "hostNetwork": { "type": "boolean", "description": "Whether the pod uses the hosts' network IP address. The default value is `true`. Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections.\n" }, "imagePullSecrets": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesImagePullSecret:JobDefinitionEksPropertiesPodPropertiesImagePullSecret" }, "description": "List of Kubernetes secret resources. See `image_pull_secret` below.\n" }, "metadata": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesMetadata:JobDefinitionEksPropertiesPodPropertiesMetadata", "description": "Metadata about the Kubernetes pod.\n" }, "serviceAccountName": { "type": "string", "description": "Name of the service account that's used to run the pod.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesVolume:JobDefinitionEksPropertiesPodPropertiesVolume" }, "description": "Volumes for a job definition that uses Amazon EKS resources. AWS Batch supports emptyDir, hostPath, and secret volume types.\n" } }, "type": "object", "required": [ "containers" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesContainers:JobDefinitionEksPropertiesPodPropertiesContainers": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Array of arguments to the entrypoint. If this isn't specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container's environment.\n" }, "commands": { "type": "array", "items": { "type": "string" }, "description": "Entrypoint for the container. This isn't run within a shell. If this isn't specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container's environment.\n" }, "envs": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersEnv:JobDefinitionEksPropertiesPodPropertiesContainersEnv" }, "description": "Environment variables to pass to a container. See EKS Environment below.\n" }, "image": { "type": "string", "description": "Docker image used to start the container.\n" }, "imagePullPolicy": { "type": "string", "description": "Image pull policy for the container. Supported values are `Always`, `IfNotPresent`, and `Never`.\n" }, "name": { "type": "string", "description": "Name of the container. If the name isn't specified, the default name \"Default\" is used. Each container in a pod must have a unique name.\n" }, "resources": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersResources:JobDefinitionEksPropertiesPodPropertiesContainersResources", "description": "Type and amount of resources to assign to a container. The supported resources include `memory`, `cpu`, and `nvidia.com/gpu`.\n" }, "securityContext": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersSecurityContext:JobDefinitionEksPropertiesPodPropertiesContainersSecurityContext", "description": "Security context for a job.\n" }, "volumeMounts": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersVolumeMount:JobDefinitionEksPropertiesPodPropertiesContainersVolumeMount" }, "description": "Volume mounts for the container.\n" } }, "type": "object", "required": [ "image" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersEnv:JobDefinitionEksPropertiesPodPropertiesContainersEnv": { "properties": { "name": { "type": "string", "description": "Name of the job definition.\n" }, "value": { "type": "string", "description": "Value of the environment variable.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersResources:JobDefinitionEksPropertiesPodPropertiesContainersResources": { "properties": { "limits": { "type": "object", "additionalProperties": { "type": "string" } }, "requests": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersSecurityContext:JobDefinitionEksPropertiesPodPropertiesContainersSecurityContext": { "properties": { "privileged": { "type": "boolean" }, "readOnlyRootFileSystem": { "type": "boolean" }, "runAsGroup": { "type": "integer" }, "runAsNonRoot": { "type": "boolean" }, "runAsUser": { "type": "integer" } }, "type": "object" }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesContainersVolumeMount:JobDefinitionEksPropertiesPodPropertiesContainersVolumeMount": { "properties": { "mountPath": { "type": "string" }, "name": { "type": "string", "description": "Name of the job definition.\n" }, "readOnly": { "type": "boolean" } }, "type": "object", "required": [ "mountPath", "name" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesImagePullSecret:JobDefinitionEksPropertiesPodPropertiesImagePullSecret": { "properties": { "name": { "type": "string", "description": "Unique identifier.\n" } }, "type": "object", "required": [ "name" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesMetadata:JobDefinitionEksPropertiesPodPropertiesMetadata": { "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesVolume:JobDefinitionEksPropertiesPodPropertiesVolume": { "properties": { "emptyDir": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeEmptyDir:JobDefinitionEksPropertiesPodPropertiesVolumeEmptyDir" }, "hostPath": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeHostPath:JobDefinitionEksPropertiesPodPropertiesVolumeHostPath" }, "name": { "type": "string", "description": "Name of the job definition.\n" }, "secret": { "$ref": "#/types/aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeSecret:JobDefinitionEksPropertiesPodPropertiesVolumeSecret" } }, "type": "object" }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeEmptyDir:JobDefinitionEksPropertiesPodPropertiesVolumeEmptyDir": { "properties": { "medium": { "type": "string", "description": "Medium to store the volume. The default value is an empty string, which uses the storage of the node.\n" }, "sizeLimit": { "type": "string", "description": "Maximum size of the volume. By default, there's no maximum size defined.\n" } }, "type": "object", "required": [ "sizeLimit" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeHostPath:JobDefinitionEksPropertiesPodPropertiesVolumeHostPath": { "properties": { "path": { "type": "string", "description": "Path of the file or directory on the host to mount into containers on the pod.\n" } }, "type": "object", "required": [ "path" ] }, "aws:batch/JobDefinitionEksPropertiesPodPropertiesVolumeSecret:JobDefinitionEksPropertiesPodPropertiesVolumeSecret": { "properties": { "optional": { "type": "boolean", "description": "Whether the secret or the secret's keys must be defined.\n" }, "secretName": { "type": "string", "description": "Name of the secret. The name must be allowed as a DNS subdomain name.\n" } }, "type": "object", "required": [ "secretName" ] }, "aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy": { "properties": { "attempts": { "type": "integer", "description": "Number of times to move a job to the `RUNNABLE` status. You may specify between `1` and `10` attempts.\n" }, "evaluateOnExits": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategyEvaluateOnExit:JobDefinitionRetryStrategyEvaluateOnExit" }, "description": "Evaluate on exit conditions under which the job should be retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. You may specify up to 5 configuration blocks.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:batch/JobDefinitionRetryStrategyEvaluateOnExit:JobDefinitionRetryStrategyEvaluateOnExit": { "properties": { "action": { "type": "string", "description": "Action to take if all of the specified conditions are met. The values are not case sensitive. Valid values: `retry`, `exit`.\n" }, "onExitCode": { "type": "string", "description": "Glob pattern to match against the decimal representation of the exit code returned for a job.\n" }, "onReason": { "type": "string", "description": "Glob pattern to match against the reason returned for a job.\n" }, "onStatusReason": { "type": "string", "description": "Glob pattern to match against the status reason returned for a job.\n" } }, "type": "object", "required": [ "action" ] }, "aws:batch/JobDefinitionTimeout:JobDefinitionTimeout": { "properties": { "attemptDurationSeconds": { "type": "integer", "description": "Time duration in seconds after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is `60` seconds.\n" } }, "type": "object" }, "aws:batch/JobQueueComputeEnvironmentOrder:JobQueueComputeEnvironmentOrder": { "properties": { "computeEnvironment": { "type": "string", "description": "The Amazon Resource Name (ARN) of the compute environment.\n" }, "order": { "type": "integer", "description": "The order of the compute environment. Compute environments are tried in ascending order. For example, if two compute environments are associated with a job queue, the compute environment with a lower order integer value is tried for job placement first.\n" } }, "type": "object", "required": [ "computeEnvironment", "order" ] }, "aws:batch/JobQueueTimeouts:JobQueueTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:batch/SchedulingPolicyFairSharePolicy:SchedulingPolicyFairSharePolicy": { "properties": { "computeReservation": { "type": "integer", "description": "A value used to reserve some of the available maximum vCPU for fair share identifiers that have not yet been used. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html).\n" }, "shareDecaySeconds": { "type": "integer" }, "shareDistributions": { "type": "array", "items": { "$ref": "#/types/aws:batch/SchedulingPolicyFairSharePolicyShareDistribution:SchedulingPolicyFairSharePolicyShareDistribution" }, "description": "One or more share distribution blocks which define the weights for the fair share identifiers for the fair share policy. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). The `share_distribution` block is documented below.\n" } }, "type": "object" }, "aws:batch/SchedulingPolicyFairSharePolicyShareDistribution:SchedulingPolicyFairSharePolicyShareDistribution": { "properties": { "shareIdentifier": { "type": "string", "description": "A fair share identifier or fair share identifier prefix. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html).\n" }, "weightFactor": { "type": "number", "description": "The weight factor for the fair share identifier. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html).\n" } }, "type": "object", "required": [ "shareIdentifier" ] }, "aws:batch/getComputeEnvironmentUpdatePolicy:getComputeEnvironmentUpdatePolicy": { "properties": { "jobExecutionTimeoutMinutes": { "type": "integer" }, "terminateJobsOnUpdate": { "type": "boolean" } }, "type": "object", "required": [ "jobExecutionTimeoutMinutes", "terminateJobsOnUpdate" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksProperty:getJobDefinitionEksProperty": { "properties": { "podProperties": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodProperty:getJobDefinitionEksPropertyPodProperty" }, "description": "The properties for the Kubernetes pod resources of a job.\n" } }, "type": "object", "required": [ "podProperties" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodProperty:getJobDefinitionEksPropertyPodProperty": { "properties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyContainer:getJobDefinitionEksPropertyPodPropertyContainer" }, "description": "The properties of the container that's used on the Amazon EKS pod. Array of EksContainer objects.\n" }, "dnsPolicy": { "type": "string", "description": "The DNS policy for the pod. The default value is ClusterFirst. If the hostNetwork parameter is not specified, the default is ClusterFirstWithHostNet. ClusterFirst indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node.\n" }, "hostNetwork": { "type": "boolean", "description": "Indicates if the pod uses the hosts' network IP address. The default value is true. Setting this to false enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections.\n" }, "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyMetadata:getJobDefinitionEksPropertyPodPropertyMetadata" }, "description": "Metadata about the Kubernetes pod.\n" }, "serviceAccountName": { "type": "boolean", "description": "The name of the service account that's used to run the pod.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyVolume:getJobDefinitionEksPropertyPodPropertyVolume" }, "description": "A list of data volumes used in a job.\n" } }, "type": "object", "required": [ "containers", "dnsPolicy", "hostNetwork", "metadatas", "serviceAccountName", "volumes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyContainer:getJobDefinitionEksPropertyPodPropertyContainer": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "An array of arguments to the entrypoint\n" }, "commands": { "type": "array", "items": { "type": "string" }, "description": "The command that's passed to the container.\n" }, "envs": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyContainerEnv:getJobDefinitionEksPropertyPodPropertyContainerEnv" }, "description": "The environment variables to pass to a container. Array of EksContainerEnvironmentVariable objects.\n" }, "image": { "type": "string", "description": "The image used to start a container.\n" }, "imagePullPolicy": { "type": "string", "description": "The image pull policy for the container.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyContainerResource:getJobDefinitionEksPropertyPodPropertyContainerResource" }, "description": "The type and amount of resources to assign to a container.\n" }, "securityContexts": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyContainerSecurityContext:getJobDefinitionEksPropertyPodPropertyContainerSecurityContext" }, "description": "The security context for a job.\n" }, "volumeMounts": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyContainerVolumeMount:getJobDefinitionEksPropertyPodPropertyContainerVolumeMount" }, "description": "The volume mounts for the container.\n" } }, "type": "object", "required": [ "args", "commands", "envs", "image", "imagePullPolicy", "name", "resources", "securityContexts", "volumeMounts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyContainerEnv:getJobDefinitionEksPropertyPodPropertyContainerEnv": { "properties": { "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "value": { "type": "string", "description": "The quantity of the specified resource to reserve for the container.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyContainerResource:getJobDefinitionEksPropertyPodPropertyContainerResource": { "properties": { "limits": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The type and quantity of the resources to reserve for the container.\n" }, "requests": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The type and quantity of the resources to request for the container.\n" } }, "type": "object", "required": [ "limits", "requests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyContainerSecurityContext:getJobDefinitionEksPropertyPodPropertyContainerSecurityContext": { "properties": { "privileged": { "type": "boolean", "description": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user).\n" }, "readOnlyRootFileSystem": { "type": "boolean" }, "runAsGroup": { "type": "integer", "description": "When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn't specified, the default is the group that's specified in the image metadata.\n" }, "runAsNonRoot": { "type": "boolean", "description": "When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn't specified, so such rule is enforced.\n" }, "runAsUser": { "type": "integer", "description": "When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn't specified, the default is the user that's specified in the image metadata.\n" } }, "type": "object", "required": [ "privileged", "readOnlyRootFileSystem", "runAsGroup", "runAsNonRoot", "runAsUser" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyContainerVolumeMount:getJobDefinitionEksPropertyPodPropertyContainerVolumeMount": { "properties": { "mountPath": { "type": "string", "description": "The path on the container where the volume is mounted.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "readOnly": { "type": "boolean", "description": "If this value is true, the container has read-only access to the volume.\n" } }, "type": "object", "required": [ "mountPath", "name", "readOnly" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyMetadata:getJobDefinitionEksPropertyPodPropertyMetadata": { "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs used to identify, sort, and organize cube resources.\n" } }, "type": "object", "required": [ "labels" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyVolume:getJobDefinitionEksPropertyPodPropertyVolume": { "properties": { "emptyDirs": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeEmptyDir:getJobDefinitionEksPropertyPodPropertyVolumeEmptyDir" }, "description": "Specifies the configuration of a Kubernetes emptyDir volume.\n" }, "hostPaths": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeHostPath:getJobDefinitionEksPropertyPodPropertyVolumeHostPath" }, "description": "The path for the device on the host container instance.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "secrets": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeSecret:getJobDefinitionEksPropertyPodPropertyVolumeSecret" }, "description": "Specifies the configuration of a Kubernetes secret volume.\n" } }, "type": "object", "required": [ "emptyDirs", "hostPaths", "name", "secrets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeEmptyDir:getJobDefinitionEksPropertyPodPropertyVolumeEmptyDir": { "properties": { "medium": { "type": "string", "description": "The medium to store the volume.\n" }, "sizeLimit": { "type": "string", "description": "The maximum size of the volume. By default, there's no maximum size defined.\n" } }, "type": "object", "required": [ "medium", "sizeLimit" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeHostPath:getJobDefinitionEksPropertyPodPropertyVolumeHostPath": { "properties": { "path": { "type": "string", "description": "The path of the file or directory on the host to mount into containers on the pod.\n" } }, "type": "object", "required": [ "path" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionEksPropertyPodPropertyVolumeSecret:getJobDefinitionEksPropertyPodPropertyVolumeSecret": { "properties": { "optional": { "type": "boolean", "description": "Specifies whether the secret or the secret's keys must be defined.\n" }, "secretName": { "type": "string", "description": "The name of the secret. The name must be allowed as a DNS subdomain name\n" } }, "type": "object", "required": [ "optional", "secretName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodeProperty:getJobDefinitionNodeProperty": { "properties": { "mainNode": { "type": "integer", "description": "Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.\n" }, "nodeRangeProperties": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangeProperty:getJobDefinitionNodePropertyNodeRangeProperty" }, "description": "A list of node ranges and their properties that are associated with a multi-node parallel job.\n" }, "numNodes": { "type": "integer", "description": "The number of nodes that are associated with a multi-node parallel job.\n" } }, "type": "object", "required": [ "mainNode", "nodeRangeProperties", "numNodes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangeProperty:getJobDefinitionNodePropertyNodeRangeProperty": { "properties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainer:getJobDefinitionNodePropertyNodeRangePropertyContainer" }, "description": "The container details for the node range.\n" }, "targetNodes": { "type": "string", "description": "The range of nodes, using node index values. A range of 0:3 indicates nodes with index values of 0 through 3. I\n" } }, "type": "object", "required": [ "containers", "targetNodes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainer:getJobDefinitionNodePropertyNodeRangePropertyContainer": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "The command that's passed to the container.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerEnvironment:getJobDefinitionNodePropertyNodeRangePropertyContainerEnvironment" }, "description": "The environment variables to pass to a container.\n" }, "ephemeralStorages": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerEphemeralStorage:getJobDefinitionNodePropertyNodeRangePropertyContainerEphemeralStorage" }, "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role.\n" }, "fargatePlatformConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerFargatePlatformConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerFargatePlatformConfiguration" }, "description": "The platform configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.\n" }, "image": { "type": "string", "description": "The image used to start a container.\n" }, "instanceType": { "type": "string", "description": "The instance type to use for a multi-node parallel job.\n" }, "jobRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.\n" }, "linuxParameters": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameter:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameter" }, "description": "Linux-specific modifications that are applied to the container.\n" }, "logConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfiguration" }, "description": "The log configuration specification for the container.\n" }, "mountPoints": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerMountPoint:getJobDefinitionNodePropertyNodeRangePropertyContainerMountPoint" }, "description": "The mount points for data volumes in your container.\n" }, "networkConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerNetworkConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerNetworkConfiguration" }, "description": "The network configuration for jobs that are running on Fargate resources.\n" }, "privileged": { "type": "boolean", "description": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user).\n" }, "readonlyRootFilesystem": { "type": "boolean", "description": "When this parameter is true, the container is given read-only access to its root file system.\n" }, "resourceRequirements": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerResourceRequirement:getJobDefinitionNodePropertyNodeRangePropertyContainerResourceRequirement" }, "description": "The type and amount of resources to assign to a container.\n" }, "runtimePlatforms": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerRuntimePlatform:getJobDefinitionNodePropertyNodeRangePropertyContainerRuntimePlatform" }, "description": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.\n" }, "secrets": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerSecret:getJobDefinitionNodePropertyNodeRangePropertyContainerSecret" }, "description": "The secrets for the container.\n" }, "ulimits": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerUlimit:getJobDefinitionNodePropertyNodeRangePropertyContainerUlimit" }, "description": "A list of ulimits to set in the container.\n" }, "user": { "type": "string", "description": "The user name to use inside the container.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolume:getJobDefinitionNodePropertyNodeRangePropertyContainerVolume" }, "description": "A list of data volumes used in a job.\n" } }, "type": "object", "required": [ "commands", "environments", "ephemeralStorages", "executionRoleArn", "fargatePlatformConfigurations", "image", "instanceType", "jobRoleArn", "linuxParameters", "logConfigurations", "mountPoints", "networkConfigurations", "privileged", "readonlyRootFilesystem", "resourceRequirements", "runtimePlatforms", "secrets", "ulimits", "user", "volumes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerEnvironment:getJobDefinitionNodePropertyNodeRangePropertyContainerEnvironment": { "properties": { "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "value": { "type": "string", "description": "The quantity of the specified resource to reserve for the container.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerEphemeralStorage:getJobDefinitionNodePropertyNodeRangePropertyContainerEphemeralStorage": { "properties": { "sizeInGib": { "type": "integer" } }, "type": "object", "required": [ "sizeInGib" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerFargatePlatformConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerFargatePlatformConfiguration": { "properties": { "platformVersion": { "type": "string", "description": "The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources.\n" } }, "type": "object", "required": [ "platformVersion" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameter:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameter": { "properties": { "devices": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterDevice:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterDevice" }, "description": "Any of the host devices to expose to the container.\n" }, "initProcessEnabled": { "type": "boolean", "description": "If true, run an init process inside the container that forwards signals and reaps processes.\n" }, "maxSwap": { "type": "integer", "description": "The total amount of swap memory (in MiB) a container can use.\n" }, "sharedMemorySize": { "type": "integer", "description": "The value for the size (in MiB) of the `/dev/shm` volume.\n" }, "swappiness": { "type": "integer", "description": "You can use this parameter to tune a container's memory swappiness behavior.\n" }, "tmpfs": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterTmpf:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterTmpf" }, "description": "The container path, mount options, and size (in MiB) of the tmpfs mount.\n" } }, "type": "object", "required": [ "devices", "initProcessEnabled", "maxSwap", "sharedMemorySize", "swappiness", "tmpfs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterDevice:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterDevice": { "properties": { "containerPath": { "type": "string", "description": "The absolute file path in the container where the tmpfs volume is mounted.\n" }, "hostPath": { "type": "string", "description": "The path for the device on the host container instance.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "The explicit permissions to provide to the container for the device.\n" } }, "type": "object", "required": [ "containerPath", "hostPath", "permissions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterTmpf:getJobDefinitionNodePropertyNodeRangePropertyContainerLinuxParameterTmpf": { "properties": { "containerPath": { "type": "string", "description": "The absolute file path in the container where the tmpfs volume is mounted.\n" }, "mountOptions": { "type": "array", "items": { "type": "string" }, "description": "The list of tmpfs volume mount options.\n" }, "size": { "type": "integer", "description": "The size (in MiB) of the tmpfs volume.\n" } }, "type": "object", "required": [ "containerPath", "mountOptions", "size" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfiguration": { "properties": { "logDriver": { "type": "string", "description": "The log driver to use for the container.\n" }, "options": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The configuration options to send to the log driver.\n" }, "secretOptions": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfigurationSecretOption:getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfigurationSecretOption" }, "description": "The secrets to pass to the log configuration.\n" } }, "type": "object", "required": [ "logDriver", "options", "secretOptions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfigurationSecretOption:getJobDefinitionNodePropertyNodeRangePropertyContainerLogConfigurationSecretOption": { "properties": { "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "valueFrom": { "type": "string", "description": "The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n" } }, "type": "object", "required": [ "name", "valueFrom" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerMountPoint:getJobDefinitionNodePropertyNodeRangePropertyContainerMountPoint": { "properties": { "containerPath": { "type": "string", "description": "The absolute file path in the container where the tmpfs volume is mounted.\n" }, "readOnly": { "type": "boolean", "description": "If this value is true, the container has read-only access to the volume.\n" }, "sourceVolume": { "type": "string", "description": "The name of the volume to mount.\n" } }, "type": "object", "required": [ "containerPath", "readOnly", "sourceVolume" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerNetworkConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Indicates whether the job has a public IP address.\n" } }, "type": "object", "required": [ "assignPublicIp" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerResourceRequirement:getJobDefinitionNodePropertyNodeRangePropertyContainerResourceRequirement": { "properties": { "type": { "type": "string", "description": "The type of resource to assign to a container. The supported resources include `GPU`, `MEMORY`, and `VCPU`.\n" }, "value": { "type": "string", "description": "The quantity of the specified resource to reserve for the container.\n" } }, "type": "object", "required": [ "type", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerRuntimePlatform:getJobDefinitionNodePropertyNodeRangePropertyContainerRuntimePlatform": { "properties": { "cpuArchitecture": { "type": "string", "description": "The vCPU architecture. The default value is X86_64. Valid values are X86_64 and ARM64.\n" }, "operatingSystemFamily": { "type": "string", "description": "The operating system for the compute environment. V\n" } }, "type": "object", "required": [ "cpuArchitecture", "operatingSystemFamily" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerSecret:getJobDefinitionNodePropertyNodeRangePropertyContainerSecret": { "properties": { "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "valueFrom": { "type": "string", "description": "The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n" } }, "type": "object", "required": [ "name", "valueFrom" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerUlimit:getJobDefinitionNodePropertyNodeRangePropertyContainerUlimit": { "properties": { "hardLimit": { "type": "integer", "description": "The hard limit for the ulimit type.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "softLimit": { "type": "integer", "description": "The soft limit for the ulimit type.\n" } }, "type": "object", "required": [ "hardLimit", "name", "softLimit" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolume:getJobDefinitionNodePropertyNodeRangePropertyContainerVolume": { "properties": { "efsVolumeConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfiguration" }, "description": "This parameter is specified when you're using an Amazon Elastic File System file system for job storage.\n" }, "hosts": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeHost:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeHost" }, "description": "The contents of the host parameter determine whether your data volume persists on the host container instance and where it's stored.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" } }, "type": "object", "required": [ "efsVolumeConfigurations", "hosts", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfiguration:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfiguration": { "properties": { "authorizationConfigs": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfigurationAuthorizationConfig:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfigurationAuthorizationConfig" }, "description": "The authorization configuration details for the Amazon EFS file system.\n" }, "fileSystemId": { "type": "string", "description": "The Amazon EFS file system ID to use.\n" }, "rootDirectory": { "type": "string", "description": "The directory within the Amazon EFS file system to mount as the root directory inside the host.\n" }, "transitEncryption": { "type": "string", "description": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server\n" }, "transitEncryptionPort": { "type": "integer", "description": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server.\n" } }, "type": "object", "required": [ "authorizationConfigs", "fileSystemId", "rootDirectory", "transitEncryption", "transitEncryptionPort" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfigurationAuthorizationConfig:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeEfsVolumeConfigurationAuthorizationConfig": { "properties": { "accessPointId": { "type": "string", "description": "The Amazon EFS access point ID to use.\n" }, "iam": { "type": "string", "description": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system.\n" } }, "type": "object", "required": [ "accessPointId", "iam" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeHost:getJobDefinitionNodePropertyNodeRangePropertyContainerVolumeHost": { "properties": { "sourcePath": { "type": "string", "description": "The path on the host container instance that's presented to the container.\n" } }, "type": "object", "required": [ "sourcePath" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionRetryStrategy:getJobDefinitionRetryStrategy": { "properties": { "attempts": { "type": "integer", "description": "The number of times to move a job to the RUNNABLE status.\n" }, "evaluateOnExits": { "type": "array", "items": { "$ref": "#/types/aws:batch/getJobDefinitionRetryStrategyEvaluateOnExit:getJobDefinitionRetryStrategyEvaluateOnExit" }, "description": "Array of up to 5 objects that specify the conditions where jobs are retried or failed.\n" } }, "type": "object", "required": [ "attempts", "evaluateOnExits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionRetryStrategyEvaluateOnExit:getJobDefinitionRetryStrategyEvaluateOnExit": { "properties": { "action": { "type": "string", "description": "Specifies the action to take if all of the specified conditions (onStatusReason, onReason, and onExitCode) are met. The values aren't case sensitive.\n" }, "onExitCode": { "type": "string", "description": "Contains a glob pattern to match against the decimal representation of the ExitCode returned for a job.\n" }, "onReason": { "type": "string", "description": "Contains a glob pattern to match against the Reason returned for a job.\n" }, "onStatusReason": { "type": "string", "description": "Contains a glob pattern to match against the StatusReason returned for a job.\n" } }, "type": "object", "required": [ "action", "onExitCode", "onReason", "onStatusReason" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobDefinitionTimeout:getJobDefinitionTimeout": { "properties": { "attemptDurationSeconds": { "type": "integer", "description": "The job timeout time (in seconds) that's measured from the job attempt's startedAt timestamp.\n" } }, "type": "object", "required": [ "attemptDurationSeconds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getJobQueueComputeEnvironmentOrder:getJobQueueComputeEnvironmentOrder": { "properties": { "computeEnvironment": { "type": "string" }, "order": { "type": "integer" } }, "type": "object", "required": [ "computeEnvironment", "order" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getSchedulingPolicyFairSharePolicy:getSchedulingPolicyFairSharePolicy": { "properties": { "computeReservation": { "type": "integer", "description": "Value used to reserve some of the available maximum vCPU for fair share identifiers that have not yet been used. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html).\n" }, "shareDecaySeconds": { "type": "integer" }, "shareDistributions": { "type": "array", "items": { "$ref": "#/types/aws:batch/getSchedulingPolicyFairSharePolicyShareDistribution:getSchedulingPolicyFairSharePolicyShareDistribution" }, "description": "One or more share distribution blocks which define the weights for the fair share identifiers for the fair share policy. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). The `share_distribution` block is documented below.\n" } }, "type": "object", "required": [ "computeReservation", "shareDecaySeconds", "shareDistributions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:batch/getSchedulingPolicyFairSharePolicyShareDistribution:getSchedulingPolicyFairSharePolicyShareDistribution": { "properties": { "shareIdentifier": { "type": "string", "description": "Fair share identifier or fair share identifier prefix. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html).\n" }, "weightFactor": { "type": "number", "description": "Weight factor for the fair share identifier. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html).\n" } }, "type": "object", "required": [ "shareIdentifier", "weightFactor" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bcmdata/ExportExport:ExportExport": { "properties": { "dataQueries": { "type": "array", "items": { "$ref": "#/types/aws:bcmdata/ExportExportDataQuery:ExportExportDataQuery" }, "description": "Data query for this specific data export. See the `data_query` argument reference below.\n" }, "description": { "type": "string", "description": "Description for this specific data export.\n" }, "destinationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bcmdata/ExportExportDestinationConfiguration:ExportExportDestinationConfiguration" }, "description": "Destination configuration for this specific data export. See the `destination_configurations` argument reference below.\n" }, "exportArn": { "type": "string", "description": "Amazon Resource Name (ARN) for this export.\n" }, "name": { "type": "string", "description": "Name of this specific data export.\n" }, "refreshCadences": { "type": "array", "items": { "$ref": "#/types/aws:bcmdata/ExportExportRefreshCadence:ExportExportRefreshCadence" }, "description": "Cadence for Amazon Web Services to update the export in your S3 bucket. See the `refresh_cadence` argument reference below.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "exportArn", "name" ] } } }, "aws:bcmdata/ExportExportDataQuery:ExportExportDataQuery": { "properties": { "queryStatement": { "type": "string", "description": "Query statement.\n" }, "tableConfigurations": { "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Table configuration.\n" } }, "type": "object", "required": [ "queryStatement" ] }, "aws:bcmdata/ExportExportDestinationConfiguration:ExportExportDestinationConfiguration": { "properties": { "s3Destinations": { "type": "array", "items": { "$ref": "#/types/aws:bcmdata/ExportExportDestinationConfigurationS3Destination:ExportExportDestinationConfigurationS3Destination" }, "description": "Object that describes the destination of the data exports file. See the `s3_destination` argument reference below.\n" } }, "type": "object" }, "aws:bcmdata/ExportExportDestinationConfigurationS3Destination:ExportExportDestinationConfigurationS3Destination": { "properties": { "s3Bucket": { "type": "string", "description": "Name of the Amazon S3 bucket used as the destination of a data export file.\n" }, "s3OutputConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bcmdata/ExportExportDestinationConfigurationS3DestinationS3OutputConfiguration:ExportExportDestinationConfigurationS3DestinationS3OutputConfiguration" }, "description": "Output configuration for the data export. See the `s3_output_configurations` argument reference below.\n" }, "s3Prefix": { "type": "string", "description": "S3 path prefix you want prepended to the name of your data export.\n" }, "s3Region": { "type": "string", "description": "S3 bucket region.\n" } }, "type": "object", "required": [ "s3Bucket", "s3Prefix", "s3Region" ] }, "aws:bcmdata/ExportExportDestinationConfigurationS3DestinationS3OutputConfiguration:ExportExportDestinationConfigurationS3DestinationS3OutputConfiguration": { "properties": { "compression": { "type": "string", "description": "Compression type for the data export. Valid values `GZIP`, `PARQUET`.\n" }, "format": { "type": "string", "description": "File format for the data export. Valid values `TEXT_OR_CSV` or `PARQUET`.\n" }, "outputType": { "type": "string", "description": "Output type for the data export. Valid value `CUSTOM`.\n" }, "overwrite": { "type": "string", "description": "The rule to follow when generating a version of the data export file. You have the choice to overwrite the previous version or to be delivered in addition to the previous versions. Overwriting exports can save on Amazon S3 storage costs. Creating new export versions allows you to track the changes in cost and usage data over time. Valid values `CREATE_NEW_REPORT` or `OVERWRITE_REPORT`.\n" } }, "type": "object", "required": [ "compression", "format", "outputType", "overwrite" ] }, "aws:bcmdata/ExportExportRefreshCadence:ExportExportRefreshCadence": { "properties": { "frequency": { "type": "string", "description": "Frequency that data exports are updated. The export refreshes each time the source data updates, up to three times daily. Valid values `SYNCHRONOUS`.\n" } }, "type": "object", "required": [ "frequency" ] }, "aws:bcmdata/ExportTimeouts:ExportTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupActionGroupExecutor:AgentAgentActionGroupActionGroupExecutor": { "properties": { "customControl": { "type": "string", "description": "Custom control method for handling the information elicited from the user. Valid values: `RETURN_CONTROL`.\nTo skip using a Lambda function and instead return the predicted action group, in addition to the parameters and information required for it, in the `InvokeAgent` response, specify `RETURN_CONTROL`.\nOnly one of `custom_control` or `lambda` can be specified.\n" }, "lambda": { "type": "string", "description": "ARN of the Lambda function containing the business logic that is carried out upon invoking the action.\nOnly one of `lambda` or `custom_control` can be specified.\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupApiSchema:AgentAgentActionGroupApiSchema": { "properties": { "payload": { "type": "string", "description": "JSON or YAML-formatted payload defining the OpenAPI schema for the action group.\nOnly one of `payload` or `s3` can be specified.\n" }, "s3": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupApiSchemaS3:AgentAgentActionGroupApiSchemaS3", "description": "Details about the S3 object containing the OpenAPI schema for the action group. See `s3` Block for details.\nOnly one of `s3` or `payload` can be specified.\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupApiSchemaS3:AgentAgentActionGroupApiSchemaS3": { "properties": { "s3BucketName": { "type": "string", "description": "Name of the S3 bucket.\n" }, "s3ObjectKey": { "type": "string", "description": "S3 object key containing the resource.\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupFunctionSchema:AgentAgentActionGroupFunctionSchema": { "properties": { "memberFunctions": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctions:AgentAgentActionGroupFunctionSchemaMemberFunctions", "description": "Contains a list of functions.\nEach function describes and action in the action group.\nSee `member_functions` Block for details.\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctions:AgentAgentActionGroupFunctionSchemaMemberFunctions": { "properties": { "functions": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctionsFunction:AgentAgentActionGroupFunctionSchemaMemberFunctionsFunction" }, "description": "Functions that each define an action in the action group. See `functions` Block for details.\n" } }, "type": "object" }, "aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctionsFunction:AgentAgentActionGroupFunctionSchemaMemberFunctionsFunction": { "properties": { "description": { "type": "string", "description": "Description of the function and its purpose.\n" }, "name": { "type": "string", "description": "Name for the function.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameter:AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameter" }, "description": "Parameters that the agent elicits from the user to fulfill the function. See `parameters` Block for details.\n" } }, "type": "object", "required": [ "name" ] }, "aws:bedrock/AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameter:AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameter": { "properties": { "description": { "type": "string", "description": "Description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.\n" }, "mapBlockKey": { "type": "string", "description": "Name of the parameter.\n\n**Note:** The argument name `map_block_key` may seem out of context, but is necessary for backward compatibility reasons in the provider.\n" }, "required": { "type": "boolean", "description": "Whether the parameter is required for the agent to complete the function for action group invocation.\n" }, "type": { "type": "string", "description": "Data type of the parameter. Valid values: `string`, `number`, `integer`, `boolean`, `array`.\n" } }, "type": "object", "required": [ "mapBlockKey", "type" ] }, "aws:bedrock/AgentAgentAliasRoutingConfiguration:AgentAgentAliasRoutingConfiguration": { "properties": { "agentVersion": { "type": "string", "description": "Version of the agent with which the alias is associated.\n" }, "provisionedThroughput": { "type": "string", "description": "ARN of the Provisioned Throughput assigned to the agent alias.\n" } }, "type": "object", "required": [ "agentVersion", "provisionedThroughput" ] }, "aws:bedrock/AgentAgentAliasTimeouts:AgentAgentAliasTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:bedrock/AgentAgentPromptOverrideConfiguration:AgentAgentPromptOverrideConfiguration": { "properties": { "overrideLambda": { "type": "string", "description": "ARN of the Lambda function to use when parsing the raw foundation model output in parts of the agent sequence. If you specify this field, at least one of the `prompt_configurations` block must contain a `parser_mode` value that is set to `OVERRIDDEN`.\n" }, "promptConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentPromptOverrideConfigurationPromptConfiguration:AgentAgentPromptOverrideConfigurationPromptConfiguration" }, "description": "Configurations to override a prompt template in one part of an agent sequence. See `prompt_configurations` Block for details.\n" } }, "type": "object", "required": [ "overrideLambda", "promptConfigurations" ] }, "aws:bedrock/AgentAgentPromptOverrideConfigurationPromptConfiguration:AgentAgentPromptOverrideConfigurationPromptConfiguration": { "properties": { "basePromptTemplate": { "type": "string", "description": "prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html).\n" }, "inferenceConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentPromptOverrideConfigurationPromptConfigurationInferenceConfiguration:AgentAgentPromptOverrideConfigurationPromptConfigurationInferenceConfiguration" }, "description": "Inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `prompt_type`. For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html). See `inference_configuration` Block for details.\n" }, "parserMode": { "type": "string", "description": "Whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the `prompt_type`. If you set the argument as `OVERRIDDEN`, the `override_lambda` argument in the `prompt_override_configuration` block must be specified with the ARN of a Lambda function. Valid values: `DEFAULT`, `OVERRIDDEN`.\n" }, "promptCreationMode": { "type": "string", "description": "Whether to override the default prompt template for this `prompt_type`. Set this argument to `OVERRIDDEN` to use the prompt that you provide in the `base_prompt_template`. If you leave it as `DEFAULT`, the agent uses a default prompt template. Valid values: `DEFAULT`, `OVERRIDDEN`.\n" }, "promptState": { "type": "string", "description": "Whether to allow the agent to carry out the step specified in the `prompt_type`. If you set this argument to `DISABLED`, the agent skips that step. Valid Values: `ENABLED`, `DISABLED`.\n" }, "promptType": { "type": "string", "description": "Step in the agent sequence that this prompt configuration applies to. Valid values: `PRE_PROCESSING`, `ORCHESTRATION`, `POST_PROCESSING`, `KNOWLEDGE_BASE_RESPONSE_GENERATION`.\n" } }, "type": "object", "required": [ "basePromptTemplate", "inferenceConfigurations", "parserMode", "promptCreationMode", "promptState", "promptType" ] }, "aws:bedrock/AgentAgentPromptOverrideConfigurationPromptConfigurationInferenceConfiguration:AgentAgentPromptOverrideConfigurationPromptConfigurationInferenceConfiguration": { "properties": { "maxLength": { "type": "integer", "description": "Maximum number of tokens to allow in the generated response.\n" }, "stopSequences": { "type": "array", "items": { "type": "string" }, "description": "List of stop sequences. A stop sequence is a sequence of characters that causes the model to stop generating the response.\n" }, "temperature": { "type": "number", "description": "Likelihood of the model selecting higher-probability options while generating a response. A lower value makes the model more likely to choose higher-probability options, while a higher value makes the model more likely to choose lower-probability options.\n" }, "topK": { "type": "integer", "description": "Number of top most-likely candidates, between 0 and 500, from which the model chooses the next token in the sequence.\n" }, "topP": { "type": "number", "description": "Top percentage of the probability distribution of next tokens, between 0 and 1 (denoting 0% and 100%), from which the model chooses the next token in the sequence.\n" } }, "type": "object", "required": [ "maxLength", "stopSequences", "temperature", "topK", "topP" ] }, "aws:bedrock/AgentAgentTimeouts:AgentAgentTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:bedrock/AgentDataSourceDataSourceConfiguration:AgentDataSourceDataSourceConfiguration": { "properties": { "s3Configuration": { "$ref": "#/types/aws:bedrock/AgentDataSourceDataSourceConfigurationS3Configuration:AgentDataSourceDataSourceConfigurationS3Configuration", "description": "Details about the configuration of the S3 object containing the data source. See `s3_data_source_configuration` block for details.\n" }, "type": { "type": "string", "description": "Type of storage for the data source. Valid values: `S3`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:bedrock/AgentDataSourceDataSourceConfigurationS3Configuration:AgentDataSourceDataSourceConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "ARN of the bucket that contains the data source.\n" }, "bucketOwnerAccountId": { "type": "string", "description": "Bucket account owner ID for the S3 bucket.\n" }, "inclusionPrefixes": { "type": "array", "items": { "type": "string" }, "description": "List of S3 prefixes that define the object containing the data sources. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html).\n" } }, "type": "object", "required": [ "bucketArn" ] }, "aws:bedrock/AgentDataSourceServerSideEncryptionConfiguration:AgentDataSourceServerSideEncryptionConfiguration": { "properties": { "kmsKeyArn": { "type": "string", "description": "ARN of the AWS KMS key used to encrypt the resource.\n" } }, "type": "object" }, "aws:bedrock/AgentDataSourceTimeouts:AgentDataSourceTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:bedrock/AgentDataSourceVectorIngestionConfiguration:AgentDataSourceVectorIngestionConfiguration": { "properties": { "chunkingConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceVectorIngestionConfigurationChunkingConfiguration:AgentDataSourceVectorIngestionConfigurationChunkingConfiguration", "description": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. See `chunking_configuration` block for details.\n" } }, "type": "object" }, "aws:bedrock/AgentDataSourceVectorIngestionConfigurationChunkingConfiguration:AgentDataSourceVectorIngestionConfigurationChunkingConfiguration": { "properties": { "chunkingStrategy": { "type": "string", "description": "Option for chunking your source data, either in fixed-sized chunks or as one chunk. Valid values: `FIX_SIZE`, `NONE`.\n" }, "fixedSizeChunkingConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceVectorIngestionConfigurationChunkingConfigurationFixedSizeChunkingConfiguration:AgentDataSourceVectorIngestionConfigurationChunkingConfigurationFixedSizeChunkingConfiguration", "description": "Configurations for when you choose fixed-size chunking. If you set the chunking_strategy as `NONE`, exclude this field. See `fixed_size_chunking_configuration` for details.\n" } }, "type": "object", "required": [ "chunkingStrategy" ] }, "aws:bedrock/AgentDataSourceVectorIngestionConfigurationChunkingConfigurationFixedSizeChunkingConfiguration:AgentDataSourceVectorIngestionConfigurationChunkingConfigurationFixedSizeChunkingConfiguration": { "properties": { "maxTokens": { "type": "integer", "description": "Maximum number of tokens to include in a chunk.\n" }, "overlapPercentage": { "type": "integer", "description": "Percentage of overlap between adjacent chunks of a data source.\n" } }, "type": "object", "required": [ "maxTokens", "overlapPercentage" ] }, "aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfiguration": { "properties": { "type": { "type": "string", "description": "Type of data that the data source is converted into for the knowledge base. Valid Values: `VECTOR`.\n" }, "vectorKnowledgeBaseConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfiguration", "description": "Details about the embeddings model that'sused to convert the data source. See `vector_knowledge_base_configuration` block for details.\n" } }, "type": "object", "required": [ "type" ] }, "aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfiguration": { "properties": { "embeddingModelArn": { "type": "string", "description": "ARN of the model used to create vector embeddings for the knowledge base.\n" } }, "type": "object", "required": [ "embeddingModelArn" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfiguration:AgentKnowledgeBaseStorageConfiguration": { "properties": { "opensearchServerlessConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfiguration:AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfiguration", "description": "The storage configuration of the knowledge base in Amazon OpenSearch Service. See `opensearch_serverless_configuration` block for details.\n" }, "pineconeConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationPineconeConfiguration:AgentKnowledgeBaseStorageConfigurationPineconeConfiguration", "description": "The storage configuration of the knowledge base in Pinecone. See `pinecone_configuration` block for details.\n" }, "rdsConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationRdsConfiguration:AgentKnowledgeBaseStorageConfigurationRdsConfiguration", "description": "Details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup.html). See `rds_configuration` block for details.\n" }, "redisEnterpriseCloudConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration:AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration", "description": "The storage configuration of the knowledge base in Redis Enterprise Cloud. See `redis_enterprise_cloud_configuration` block for details.\n" }, "type": { "type": "string", "description": "Vector store service in which the knowledge base is stored. Valid Values: `OPENSEARCH_SERVERLESS`, `PINECONE`, `REDIS_ENTERPRISE_CLOUD`, `RDS`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfiguration:AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfiguration": { "properties": { "collectionArn": { "type": "string", "description": "ARN of the OpenSearch Service vector store.\n" }, "fieldMapping": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMapping", "description": "The names of the fields to which to map information about the vector store. This block supports the following arguments:\n" }, "vectorIndexName": { "type": "string", "description": "Name of the vector store.\n" } }, "type": "object", "required": [ "collectionArn", "vectorIndexName" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMapping": { "properties": { "metadataField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores metadata about the vector store.\n" }, "textField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.\n" }, "vectorField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.\n" } }, "type": "object" }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationPineconeConfiguration:AgentKnowledgeBaseStorageConfigurationPineconeConfiguration": { "properties": { "connectionString": { "type": "string", "description": "Endpoint URL for your index management page.\n" }, "credentialsSecretArn": { "type": "string", "description": "ARN of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.\n" }, "fieldMapping": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationPineconeConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationPineconeConfigurationFieldMapping", "description": "The names of the fields to which to map information about the vector store. This block supports the following arguments:\n" }, "namespace": { "type": "string", "description": "Namespace to be used to write new data to your database.\n" } }, "type": "object", "required": [ "connectionString", "credentialsSecretArn" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationPineconeConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationPineconeConfigurationFieldMapping": { "properties": { "metadataField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores metadata about the vector store.\n" }, "textField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.\n" } }, "type": "object" }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationRdsConfiguration:AgentKnowledgeBaseStorageConfigurationRdsConfiguration": { "properties": { "credentialsSecretArn": { "type": "string", "description": "ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.\n" }, "databaseName": { "type": "string", "description": "Name of your Amazon RDS database.\n" }, "fieldMapping": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping", "description": "Names of the fields to which to map information about the vector store. This block supports the following arguments:\n" }, "resourceArn": { "type": "string", "description": "ARN of the vector store.\n" }, "tableName": { "type": "string", "description": "Name of the table in the database.\n" } }, "type": "object", "required": [ "credentialsSecretArn", "databaseName", "resourceArn", "tableName" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping": { "properties": { "metadataField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores metadata about the vector store.\n" }, "primaryKeyField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the ID for each entry.\n" }, "textField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.\n" }, "vectorField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.\n" } }, "type": "object", "required": [ "metadataField", "primaryKeyField", "textField", "vectorField" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration:AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration": { "properties": { "credentialsSecretArn": { "type": "string", "description": "ARN of the secret that you created in AWS Secrets Manager that is linked to your Redis Enterprise Cloud database.\n" }, "endpoint": { "type": "string", "description": "Endpoint URL of the Redis Enterprise Cloud database.\n" }, "fieldMapping": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationFieldMapping", "description": "The names of the fields to which to map information about the vector store. This block supports the following arguments:\n" }, "vectorIndexName": { "type": "string", "description": "Name of the vector index.\n" } }, "type": "object", "required": [ "credentialsSecretArn", "endpoint", "vectorIndexName" ] }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationFieldMapping": { "properties": { "metadataField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores metadata about the vector store.\n" }, "textField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.\n" }, "vectorField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.\n" } }, "type": "object" }, "aws:bedrock/AgentKnowledgeBaseTimeouts:AgentKnowledgeBaseTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:bedrock/CustomModelOutputDataConfig:CustomModelOutputDataConfig": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the output data is stored.\n" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:bedrock/CustomModelTimeouts:CustomModelTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:bedrock/CustomModelTrainingDataConfig:CustomModelTrainingDataConfig": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the training data is stored.\n" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:bedrock/CustomModelTrainingMetric:CustomModelTrainingMetric": { "properties": { "trainingLoss": { "type": "number", "description": "Loss metric associated with the customization job.\n" } }, "type": "object", "required": [ "trainingLoss" ] }, "aws:bedrock/CustomModelValidationDataConfig:CustomModelValidationDataConfig": { "properties": { "validators": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/CustomModelValidationDataConfigValidator:CustomModelValidationDataConfigValidator" }, "description": "Information about the validators.\n" } }, "type": "object" }, "aws:bedrock/CustomModelValidationDataConfigValidator:CustomModelValidationDataConfigValidator": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the validation data is stored.\n" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:bedrock/CustomModelValidationMetric:CustomModelValidationMetric": { "properties": { "validationLoss": { "type": "number", "description": "The validation loss associated with the validator.\n" } }, "type": "object", "required": [ "validationLoss" ] }, "aws:bedrock/CustomModelVpcConfig:CustomModelVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "VPC configuration security group IDs.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "VPC configuration subnets.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ] }, "aws:bedrock/ProvisionedModelThroughputTimeouts:ProvisionedModelThroughputTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:bedrock/getCustomModelOutputDataConfig:getCustomModelOutputDataConfig": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the validation data is stored..\n" } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelTrainingDataConfig:getCustomModelTrainingDataConfig": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the validation data is stored..\n" } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelTrainingMetric:getCustomModelTrainingMetric": { "properties": { "trainingLoss": { "type": "number", "description": "Loss metric associated with the customization job.\n" } }, "type": "object", "required": [ "trainingLoss" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelValidationDataConfig:getCustomModelValidationDataConfig": { "properties": { "validators": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/getCustomModelValidationDataConfigValidator:getCustomModelValidationDataConfigValidator" }, "description": "Information about the validators.\n" } }, "type": "object", "required": [ "validators" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelValidationDataConfigValidator:getCustomModelValidationDataConfigValidator": { "properties": { "s3Uri": { "type": "string", "description": "The S3 URI where the validation data is stored..\n" } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelValidationMetric:getCustomModelValidationMetric": { "properties": { "validationLoss": { "type": "number", "description": "The validation loss associated with the validator.\n" } }, "type": "object", "required": [ "validationLoss" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrock/getCustomModelsModelSummary:getCustomModelsModelSummary": { "properties": { "creationTime": { "type": "string", "description": "Creation time of the model.\n" }, "modelArn": { "type": "string", "description": "The ARN of the custom model.\n" }, "modelName": { "type": "string", "description": "The name of the custom model.\n" } }, "type": "object", "required": [ "creationTime", "modelArn", "modelName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrockfoundation/getModelsModelSummary:getModelsModelSummary": { "properties": { "customizationsSupporteds": { "type": "array", "items": { "type": "string" }, "description": "Customizations that the model supports.\n" }, "inferenceTypesSupporteds": { "type": "array", "items": { "type": "string" }, "description": "Inference types that the model supports.\n" }, "inputModalities": { "type": "array", "items": { "type": "string" }, "description": "Input modalities that the model supports.\n" }, "modelArn": { "type": "string", "description": "Model ARN.\n" }, "modelId": { "type": "string", "description": "Model identifier.\n" }, "modelName": { "type": "string", "description": "Model name.\n" }, "outputModalities": { "type": "array", "items": { "type": "string" }, "description": "Output modalities that the model supports.\n" }, "providerName": { "type": "string", "description": "Model provider name.\n" }, "responseStreamingSupported": { "type": "boolean", "description": "Indicates whether the model supports streaming.\n" } }, "type": "object", "required": [ "customizationsSupporteds", "inferenceTypesSupporteds", "inputModalities", "modelArn", "modelId", "modelName", "outputModalities", "providerName", "responseStreamingSupported" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfig:InvocationLoggingConfigurationLoggingConfig": { "properties": { "cloudwatchConfig": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigCloudwatchConfig:InvocationLoggingConfigurationLoggingConfigCloudwatchConfig", "description": "CloudWatch logging configuration.\n" }, "embeddingDataDeliveryEnabled": { "type": "boolean", "description": "Set to include embeddings data in the log delivery.\n" }, "imageDataDeliveryEnabled": { "type": "boolean", "description": "Set to include image data in the log delivery.\n" }, "s3Config": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigS3Config:InvocationLoggingConfigurationLoggingConfigS3Config", "description": "S3 configuration for storing log data.\n" }, "textDataDeliveryEnabled": { "type": "boolean", "description": "Set to include text data in the log delivery.\n" } }, "type": "object", "required": [ "embeddingDataDeliveryEnabled", "imageDataDeliveryEnabled", "textDataDeliveryEnabled" ] }, "aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigCloudwatchConfig:InvocationLoggingConfigurationLoggingConfigCloudwatchConfig": { "properties": { "largeDataDeliveryS3Config": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigCloudwatchConfigLargeDataDeliveryS3Config:InvocationLoggingConfigurationLoggingConfigCloudwatchConfigLargeDataDeliveryS3Config", "description": "S3 configuration for delivering a large amount of data.\n" }, "logGroupName": { "type": "string", "description": "Log group name.\n" }, "roleArn": { "type": "string", "description": "The role ARN.\n" } }, "type": "object" }, "aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigCloudwatchConfigLargeDataDeliveryS3Config:InvocationLoggingConfigurationLoggingConfigCloudwatchConfigLargeDataDeliveryS3Config": { "properties": { "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "keyPrefix": { "type": "string", "description": "S3 prefix.\n" } }, "type": "object" }, "aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfigS3Config:InvocationLoggingConfigurationLoggingConfigS3Config": { "properties": { "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "keyPrefix": { "type": "string", "description": "S3 prefix.\n" } }, "type": "object" }, "aws:budgets/BudgetActionActionThreshold:BudgetActionActionThreshold": { "properties": { "actionThresholdType": { "type": "string", "description": "The type of threshold for a notification. Valid values are `PERCENTAGE` or `ABSOLUTE_VALUE`.\n" }, "actionThresholdValue": { "type": "number", "description": "The threshold of a notification.\n" } }, "type": "object", "required": [ "actionThresholdType", "actionThresholdValue" ] }, "aws:budgets/BudgetActionDefinition:BudgetActionDefinition": { "properties": { "iamActionDefinition": { "$ref": "#/types/aws:budgets/BudgetActionDefinitionIamActionDefinition:BudgetActionDefinitionIamActionDefinition", "description": "The AWS Identity and Access Management (IAM) action definition details. See IAM Action Definition.\n" }, "scpActionDefinition": { "$ref": "#/types/aws:budgets/BudgetActionDefinitionScpActionDefinition:BudgetActionDefinitionScpActionDefinition", "description": "The service control policies (SCPs) action definition details. See SCP Action Definition.\n" }, "ssmActionDefinition": { "$ref": "#/types/aws:budgets/BudgetActionDefinitionSsmActionDefinition:BudgetActionDefinitionSsmActionDefinition", "description": "The AWS Systems Manager (SSM) action definition details. See SSM Action Definition.\n" } }, "type": "object" }, "aws:budgets/BudgetActionDefinitionIamActionDefinition:BudgetActionDefinitionIamActionDefinition": { "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of groups to be attached. There must be at least one group.\n" }, "policyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the policy to be attached.\n" }, "roles": { "type": "array", "items": { "type": "string" }, "description": "A list of roles to be attached. There must be at least one role.\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of users to be attached. There must be at least one user.\n" } }, "type": "object", "required": [ "policyArn" ] }, "aws:budgets/BudgetActionDefinitionScpActionDefinition:BudgetActionDefinitionScpActionDefinition": { "properties": { "policyId": { "type": "string", "description": "The policy ID attached.\n" }, "targetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target IDs.\n" } }, "type": "object", "required": [ "policyId", "targetIds" ] }, "aws:budgets/BudgetActionDefinitionSsmActionDefinition:BudgetActionDefinitionSsmActionDefinition": { "properties": { "actionSubType": { "type": "string", "description": "The action subType. Valid values are `STOP_EC2_INSTANCES` or `STOP_RDS_INSTANCES`.\n" }, "instanceIds": { "type": "array", "items": { "type": "string" }, "description": "The EC2 and RDS instance IDs.\n" }, "region": { "type": "string", "description": "The Region to run the SSM document.\n" } }, "type": "object", "required": [ "actionSubType", "instanceIds", "region" ] }, "aws:budgets/BudgetActionSubscriber:BudgetActionSubscriber": { "properties": { "address": { "type": "string", "description": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n" }, "subscriptionType": { "type": "string", "description": "The type of notification that AWS sends to a subscriber. Valid values are `SNS` or `EMAIL`.\n" } }, "type": "object", "required": [ "address", "subscriptionType" ] }, "aws:budgets/BudgetAutoAdjustData:BudgetAutoAdjustData": { "properties": { "autoAdjustType": { "type": "string", "description": "(Required) - The string that defines whether your budget auto-adjusts based on historical or forecasted data. Valid values: `FORECAST`,`HISTORICAL`\n" }, "historicalOptions": { "$ref": "#/types/aws:budgets/BudgetAutoAdjustDataHistoricalOptions:BudgetAutoAdjustDataHistoricalOptions", "description": "(Optional) - Configuration block of Historical Options. Required for `auto_adjust_type` of `HISTORICAL` Configuration block that defines the historical data that your auto-adjusting budget is based on.\n" }, "lastAutoAdjustTime": { "type": "string", "description": "(Optional) - The last time that your budget was auto-adjusted.\n" } }, "type": "object", "required": [ "autoAdjustType" ], "language": { "nodejs": { "requiredOutputs": [ "autoAdjustType", "lastAutoAdjustTime" ] } } }, "aws:budgets/BudgetAutoAdjustDataHistoricalOptions:BudgetAutoAdjustDataHistoricalOptions": { "properties": { "budgetAdjustmentPeriod": { "type": "integer", "description": "(Required) - The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount.\n" }, "lookbackAvailablePeriods": { "type": "integer", "description": "(Optional) - The integer that describes how many budget periods in your BudgetAdjustmentPeriod are included in the calculation of your current budget limit. If the first budget period in your BudgetAdjustmentPeriod has no cost data, then that budget period isn’t included in the average that determines your budget limit. You can’t set your own LookBackAvailablePeriods. The value is automatically calculated from the `budget_adjustment_period` and your historical cost data.\n" } }, "type": "object", "required": [ "budgetAdjustmentPeriod" ], "language": { "nodejs": { "requiredOutputs": [ "budgetAdjustmentPeriod", "lookbackAvailablePeriods" ] } } }, "aws:budgets/BudgetCostFilter:BudgetCostFilter": { "properties": { "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:budgets/BudgetCostTypes:BudgetCostTypes": { "properties": { "includeCredit": { "type": "boolean", "description": "A boolean value whether to include credits in the cost budget. Defaults to `true`\n" }, "includeDiscount": { "type": "boolean", "description": "Whether a budget includes discounts. Defaults to `true`\n" }, "includeOtherSubscription": { "type": "boolean", "description": "A boolean value whether to include other subscription costs in the cost budget. Defaults to `true`\n" }, "includeRecurring": { "type": "boolean", "description": "A boolean value whether to include recurring costs in the cost budget. Defaults to `true`\n" }, "includeRefund": { "type": "boolean", "description": "A boolean value whether to include refunds in the cost budget. Defaults to `true`\n" }, "includeSubscription": { "type": "boolean", "description": "A boolean value whether to include subscriptions in the cost budget. Defaults to `true`\n" }, "includeSupport": { "type": "boolean", "description": "A boolean value whether to include support costs in the cost budget. Defaults to `true`\n" }, "includeTax": { "type": "boolean", "description": "A boolean value whether to include tax in the cost budget. Defaults to `true`\n" }, "includeUpfront": { "type": "boolean", "description": "A boolean value whether to include upfront costs in the cost budget. Defaults to `true`\n" }, "useAmortized": { "type": "boolean", "description": "Whether a budget uses the amortized rate. Defaults to `false`\n" }, "useBlended": { "type": "boolean", "description": "A boolean value whether to use blended costs in the cost budget. Defaults to `false`\n" } }, "type": "object" }, "aws:budgets/BudgetNotification:BudgetNotification": { "properties": { "comparisonOperator": { "type": "string", "description": "(Required) Comparison operator to use to evaluate the condition. Can be `LESS_THAN`, `EQUAL_TO` or `GREATER_THAN`.\n" }, "notificationType": { "type": "string", "description": "(Required) What kind of budget value to notify on. Can be `ACTUAL` or `FORECASTED`\n" }, "subscriberEmailAddresses": { "type": "array", "items": { "type": "string" }, "description": "(Optional) E-Mail addresses to notify. Either this or `subscriber_sns_topic_arns` is required.\n" }, "subscriberSnsTopicArns": { "type": "array", "items": { "type": "string" }, "description": "(Optional) SNS topics to notify. Either this or `subscriber_email_addresses` is required.\n" }, "threshold": { "type": "number", "description": "(Required) Threshold when the notification should be sent.\n" }, "thresholdType": { "type": "string", "description": "(Required) What kind of threshold is defined. Can be `PERCENTAGE` OR `ABSOLUTE_VALUE`.\n" } }, "type": "object", "required": [ "comparisonOperator", "notificationType", "threshold", "thresholdType" ] }, "aws:budgets/BudgetPlannedLimit:BudgetPlannedLimit": { "properties": { "amount": { "type": "string", "description": "(Required) The amount of cost or usage being measured for a budget.\n" }, "startTime": { "type": "string", "description": "(Required) The start time of the budget limit. Format: `2017-01-01_12:00`. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n" }, "unit": { "type": "string", "description": "(Required) The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" } }, "type": "object", "required": [ "amount", "startTime", "unit" ] }, "aws:budgets/getBudgetAutoAdjustData:getBudgetAutoAdjustData": { "properties": { "autoAdjustType": { "type": "string", "description": "(Required) - The string that defines whether your budget auto-adjusts based on historical or forecasted data. Valid values: `FORECAST`,`HISTORICAL`.\n" }, "historicalOptions": { "type": "array", "items": { "$ref": "#/types/aws:budgets/getBudgetAutoAdjustDataHistoricalOption:getBudgetAutoAdjustDataHistoricalOption" }, "description": "(Optional) - Configuration block of Historical Options. Required for `auto_adjust_type` of `HISTORICAL` Configuration block that defines the historical data that your auto-adjusting budget is based on.\n" }, "lastAutoAdjustTime": { "type": "string", "description": "(Optional) - The last time that your budget was auto-adjusted.\n" } }, "type": "object", "required": [ "autoAdjustType", "historicalOptions", "lastAutoAdjustTime" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetAutoAdjustDataHistoricalOption:getBudgetAutoAdjustDataHistoricalOption": { "properties": { "budgetAdjustmentPeriod": { "type": "integer", "description": "(Required) - The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount.\n" }, "lookbackAvailablePeriods": { "type": "integer", "description": "(Optional) - The integer that describes how many budget periods in your BudgetAdjustmentPeriod are included in the calculation of your current budget limit. If the first budget period in your BudgetAdjustmentPeriod has no cost data, then that budget period isn’t included in the average that determines your budget limit. You can’t set your own LookBackAvailablePeriods. The value is automatically calculated from the `budget_adjustment_period` and your historical cost data.\n" } }, "type": "object", "required": [ "budgetAdjustmentPeriod", "lookbackAvailablePeriods" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetBudgetLimit:getBudgetBudgetLimit": { "properties": { "amount": { "type": "string", "description": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" }, "unit": { "type": "string", "description": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold, such as USD or GBP. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" } }, "type": "object", "required": [ "amount", "unit" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetCalculatedSpend:getBudgetCalculatedSpend": { "properties": { "actualSpends": { "type": "array", "items": { "$ref": "#/types/aws:budgets/getBudgetCalculatedSpendActualSpend:getBudgetCalculatedSpendActualSpend" } } }, "type": "object", "required": [ "actualSpends" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetCalculatedSpendActualSpend:getBudgetCalculatedSpendActualSpend": { "properties": { "amount": { "type": "string", "description": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" }, "unit": { "type": "string", "description": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold, such as USD or GBP. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" } }, "type": "object", "required": [ "amount", "unit" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetCostFilter:getBudgetCostFilter": { "properties": { "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n\nThe following arguments are optional:\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetCostType:getBudgetCostType": { "properties": { "includeCredit": { "type": "boolean", "description": "A boolean value whether to include credits in the cost budget. Defaults to `true`.\n" }, "includeDiscount": { "type": "boolean", "description": "Whether a budget includes discounts. Defaults to `true`.\n" }, "includeOtherSubscription": { "type": "boolean", "description": "A boolean value whether to include other subscription costs in the cost budget. Defaults to `true`.\n" }, "includeRecurring": { "type": "boolean", "description": "A boolean value whether to include recurring costs in the cost budget. Defaults to `true`.\n" }, "includeRefund": { "type": "boolean", "description": "A boolean value whether to include refunds in the cost budget. Defaults to `true`.\n" }, "includeSubscription": { "type": "boolean", "description": "A boolean value whether to include subscriptions in the cost budget. Defaults to `true`.\n" }, "includeSupport": { "type": "boolean", "description": "A boolean value whether to include support costs in the cost budget. Defaults to `true`.\n" }, "includeTax": { "type": "boolean", "description": "A boolean value whether to include tax in the cost budget. Defaults to `true`.\n" }, "includeUpfront": { "type": "boolean", "description": "A boolean value whether to include upfront costs in the cost budget. Defaults to `true`.\n" }, "useAmortized": { "type": "boolean", "description": "Whether a budget uses the amortized rate. Defaults to `false`.\n" }, "useBlended": { "type": "boolean", "description": "A boolean value whether to use blended costs in the cost budget. Defaults to `false`.\n" } }, "type": "object", "required": [ "includeCredit", "includeDiscount", "includeOtherSubscription", "includeRecurring", "includeRefund", "includeSubscription", "includeSupport", "includeTax", "includeUpfront", "useAmortized", "useBlended" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetNotification:getBudgetNotification": { "properties": { "comparisonOperator": { "type": "string", "description": "(Required) Comparison operator to use to evaluate the condition. Can be `LESS_THAN`, `EQUAL_TO` or `GREATER_THAN`.\n" }, "notificationType": { "type": "string", "description": "(Required) What kind of budget value to notify on. Can be `ACTUAL` or `FORECASTED`.\n" }, "subscriberEmailAddresses": { "type": "array", "items": { "type": "string" }, "description": "(Optional) E-Mail addresses to notify. Either this or `subscriber_sns_topic_arns` is required.\n" }, "subscriberSnsTopicArns": { "type": "array", "items": { "type": "string" }, "description": "(Optional) SNS topics to notify. Either this or `subscriber_email_addresses` is required.\n" }, "threshold": { "type": "number", "description": "(Required) Threshold when the notification should be sent.\n" }, "thresholdType": { "type": "string", "description": "(Required) What kind of threshold is defined. Can be `PERCENTAGE` OR `ABSOLUTE_VALUE`.\n" } }, "type": "object", "required": [ "comparisonOperator", "notificationType", "subscriberEmailAddresses", "subscriberSnsTopicArns", "threshold", "thresholdType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:budgets/getBudgetPlannedLimit:getBudgetPlannedLimit": { "properties": { "amount": { "type": "string", "description": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" }, "startTime": { "type": "string", "description": "(Required) The start time of the budget limit. Format: `2017-01-01_12:00`. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n" }, "unit": { "type": "string", "description": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold, such as USD or GBP. Length Constraints: Minimum length of `1`. Maximum length of `2147483647`.\n" } }, "type": "object", "required": [ "amount", "startTime", "unit" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource": { "properties": { "accountIds": { "type": "array", "items": { "type": "string" }, "description": "List of 12-digit account IDs of the account(s) being aggregated.\n" }, "allRegions": { "type": "boolean", "description": "If true, aggregate existing AWS Config regions and future regions.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of source regions being aggregated.\n\nEither `regions` or `all_regions` (as true) must be specified.\n" } }, "type": "object", "required": [ "accountIds" ] }, "aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource": { "properties": { "allRegions": { "type": "boolean", "description": "If true, aggregate existing AWS Config regions and future regions.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of source regions being aggregated.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.\n\nEither `regions` or `all_regions` (as true) must be specified.\n" } }, "type": "object", "required": [ "roleArn" ] }, "aws:cfg/ConformancePackInputParameter:ConformancePackInputParameter": { "properties": { "parameterName": { "type": "string", "description": "The input key.\n" }, "parameterValue": { "type": "string", "description": "The input value.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties": { "properties": { "deliveryFrequency": { "type": "string", "description": "The frequency with which AWS Config recurringly delivers configuration snapshotsE.g., `One_Hour` or `Three_Hours`. Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents).\n" } }, "type": "object" }, "aws:cfg/OrganizationConformancePackInputParameter:OrganizationConformancePackInputParameter": { "properties": { "parameterName": { "type": "string", "description": "The input key.\n" }, "parameterValue": { "type": "string", "description": "The input value.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup": { "properties": { "allSupported": { "type": "boolean", "description": "Specifies whether AWS Config records configuration changes for every supported type of regional resource (which includes any new type that will become supported in the future). Conflicts with `resource_types`. Defaults to `true`.\n" }, "exclusionByResourceTypes": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RecorderRecordingGroupExclusionByResourceType:RecorderRecordingGroupExclusionByResourceType" }, "description": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.To use this option, you must set the useOnly field of RecordingStrategy to `EXCLUSION_BY_RESOURCE_TYPES` Requires `all_supported = false`. Conflicts with `resource_types`.\n" }, "includeGlobalResourceTypes": { "type": "boolean", "description": "Specifies whether AWS Config includes all supported types of _global resources_ with the resources that it records. Requires `all_supported = true`. Conflicts with `resource_types`.\n" }, "recordingStrategies": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RecorderRecordingGroupRecordingStrategy:RecorderRecordingGroupRecordingStrategy" }, "description": "Recording Strategy. Detailed below.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. In order to use this attribute, `all_supported` must be set to false.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "exclusionByResourceTypes", "recordingStrategies" ] } } }, "aws:cfg/RecorderRecordingGroupExclusionByResourceType:RecorderRecordingGroupExclusionByResourceType": { "properties": { "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list that specifies the types of AWS resources for which AWS Config excludes records configuration changes. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.\n" } }, "type": "object" }, "aws:cfg/RecorderRecordingGroupRecordingStrategy:RecorderRecordingGroupRecordingStrategy": { "properties": { "useOnly": { "type": "string" } }, "type": "object" }, "aws:cfg/RecorderRecordingMode:RecorderRecordingMode": { "properties": { "recordingFrequency": { "type": "string", "description": "Default reecording frequency. `CONTINUOUS` or `DAILY`.\n" }, "recordingModeOverride": { "$ref": "#/types/aws:cfg/RecorderRecordingModeRecordingModeOverride:RecorderRecordingModeRecordingModeOverride", "description": "Recording mode overrides. Detailed below.\n" } }, "type": "object" }, "aws:cfg/RecorderRecordingModeRecordingModeOverride:RecorderRecordingModeRecordingModeOverride": { "properties": { "description": { "type": "string", "description": "A description you provide of the override.\n" }, "recordingFrequency": { "type": "string", "description": "The recording frequency for the resources in the override block. `CONTINUOUS` or `DAILY`.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list that specifies the types of AWS resources for which the override applies to. See [restrictions in the AWS Docs](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingModeOverride.html)\n" } }, "type": "object", "required": [ "recordingFrequency", "resourceTypes" ] }, "aws:cfg/RemediationConfigurationExecutionControls:RemediationConfigurationExecutionControls": { "properties": { "ssmControls": { "$ref": "#/types/aws:cfg/RemediationConfigurationExecutionControlsSsmControls:RemediationConfigurationExecutionControlsSsmControls", "description": "Configuration block for SSM controls. See below.\n" } }, "type": "object" }, "aws:cfg/RemediationConfigurationExecutionControlsSsmControls:RemediationConfigurationExecutionControlsSsmControls": { "properties": { "concurrentExecutionRatePercentage": { "type": "integer", "description": "Maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. The default value is 10%.\n" }, "errorPercentage": { "type": "integer", "description": "Percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. The default is 50%.\n" } }, "type": "object" }, "aws:cfg/RemediationConfigurationParameter:RemediationConfigurationParameter": { "properties": { "name": { "type": "string", "description": "Name of the attribute.\n" }, "resourceValue": { "type": "string", "description": "Value is dynamic and changes at run-time.\n" }, "staticValue": { "type": "string", "description": "Value is static and does not change at run-time.\n" }, "staticValues": { "type": "array", "items": { "type": "string" }, "description": "List of static values.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "name", "staticValues" ] } } }, "aws:cfg/RuleEvaluationMode:RuleEvaluationMode": { "properties": { "mode": { "type": "string", "description": "The mode of an evaluation.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "mode" ] } } }, "aws:cfg/RuleScope:RuleScope": { "properties": { "complianceResourceId": { "type": "string", "description": "The IDs of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `compliance_resource_types`.\n" }, "complianceResourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types of only those AWS resources that you want to trigger an evaluation for the ruleE.g., `AWS::EC2::Instance`. You can only specify one type if you also specify a resource ID for `compliance_resource_id`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.\n" }, "tagKey": { "type": "string", "description": "The tag key that is applied to only those AWS resources that you want you want to trigger an evaluation for the rule.\n" }, "tagValue": { "type": "string", "description": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.\n" } }, "type": "object" }, "aws:cfg/RuleSource:RuleSource": { "properties": { "customPolicyDetails": { "$ref": "#/types/aws:cfg/RuleSourceCustomPolicyDetails:RuleSourceCustomPolicyDetails", "description": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY`. See Custom Policy Details Below.\n" }, "owner": { "type": "string", "description": "Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS`, `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g., via the `aws.lambda.Permission` resource.\n" }, "sourceDetails": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RuleSourceSourceDetail:RuleSourceSourceDetail" }, "description": "Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. See Source Detail Below.\n" }, "sourceIdentifier": { "type": "string", "description": "For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `aws.lambda.Function` resource.\n" } }, "type": "object", "required": [ "owner" ] }, "aws:cfg/RuleSourceCustomPolicyDetails:RuleSourceCustomPolicyDetails": { "properties": { "enableDebugLogDelivery": { "type": "boolean", "description": "The boolean expression for enabling debug logging for your Config Custom Policy rule. The default value is `false`.\n" }, "policyRuntime": { "type": "string", "description": "The runtime system for your Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://github.com/aws-cloudformation/cloudformation-guard).\n" }, "policyText": { "type": "string", "description": "The policy definition containing the logic for your Config Custom Policy rule.\n" } }, "type": "object", "required": [ "policyRuntime", "policyText" ] }, "aws:cfg/RuleSourceSourceDetail:RuleSourceSourceDetail": { "properties": { "eventSource": { "type": "string", "description": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWSresources. This defaults to `aws.config` and is the only valid value.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The frequency that you want AWS Config to run evaluations for a rule that istriggered periodically. If specified, requires `message_type` to be `ScheduledNotification`.\n" }, "messageType": { "type": "string", "description": "The type of notification that triggers AWS Config to run an evaluation for a rule. You canspecify the following notification types:\n* `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n* `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n* `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `maximum_execution_frequency`.\n* `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n" } }, "type": "object" }, "aws:chime/SdkvoiceGlobalSettingsVoiceConnector:SdkvoiceGlobalSettingsVoiceConnector": { "properties": { "cdrBucket": { "type": "string", "description": "The S3 bucket that stores the Voice Connector's call detail records.\n" } }, "type": "object" }, "aws:chime/SdkvoiceSipMediaApplicationEndpoints:SdkvoiceSipMediaApplicationEndpoints": { "properties": { "lambdaArn": { "type": "string", "description": "Valid Amazon Resource Name (ARN) of the Lambda function, version, or alias. The function must be created in the same AWS Region as the SIP media application.\n" } }, "type": "object", "required": [ "lambdaArn" ] }, "aws:chime/SdkvoiceSipRuleTargetApplication:SdkvoiceSipRuleTargetApplication": { "properties": { "awsRegion": { "type": "string", "description": "The AWS Region of the target application.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "Priority of the SIP media application in the target list.\n" }, "sipMediaApplicationId": { "type": "string", "description": "The SIP media application ID.\n" } }, "type": "object", "required": [ "awsRegion", "priority", "sipMediaApplicationId" ] }, "aws:chime/SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration:SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration": { "properties": { "kmsKeyArn": { "type": "string", "description": "ARN for KMS Key.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "kmsKeyArn" ] }, "aws:chime/VoiceConnectorGroupConnector:VoiceConnectorGroupConnector": { "properties": { "priority": { "type": "integer", "description": "The priority associated with the Amazon Chime Voice Connector, with 1 being the highest priority. Higher priority Amazon Chime Voice Connectors are attempted first.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n" } }, "type": "object", "required": [ "priority", "voiceConnectorId" ] }, "aws:chime/VoiceConnectorOrganizationRoute:VoiceConnectorOrganizationRoute": { "properties": { "host": { "type": "string", "description": "The FQDN or IP address to contact for origination traffic.\n" }, "port": { "type": "integer", "description": "The designated origination route port. Defaults to `5060`.\n" }, "priority": { "type": "integer", "description": "The priority associated with the host, with 1 being the highest priority. Higher priority hosts are attempted first.\n" }, "protocol": { "type": "string", "description": "The protocol to use for the origination route. Encryption-enabled Amazon Chime Voice Connectors use TCP protocol by default.\n" }, "weight": { "type": "integer", "description": "The weight associated with the host. If hosts are equal in priority, calls are redistributed among them based on their relative weight.\n" } }, "type": "object", "required": [ "host", "priority", "protocol", "weight" ] }, "aws:chime/VoiceConnectorStreamingMediaInsightsConfiguration:VoiceConnectorStreamingMediaInsightsConfiguration": { "properties": { "configurationArn": { "type": "string", "description": "The media insights configuration that will be invoked by the Voice Connector.\n" }, "disabled": { "type": "boolean", "description": "When `true`, the media insights configuration is not enabled. Defaults to `false`.\n" } }, "type": "object" }, "aws:chime/VoiceConnectorTerminationCredentialsCredential:VoiceConnectorTerminationCredentialsCredential": { "properties": { "password": { "type": "string", "description": "RFC2617 compliant password associated with the SIP credentials.\n", "secret": true }, "username": { "type": "string", "description": "RFC2617 compliant username associated with the SIP credentials.\n" } }, "type": "object", "required": [ "password", "username" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElement:MediaInsightsPipelineConfigurationElement": { "properties": { "amazonTranscribeCallAnalyticsProcessorConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration:MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration", "description": "Configuration for Amazon Transcribe Call Analytics processor.\n" }, "amazonTranscribeProcessorConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration:MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration", "description": "Configuration for Amazon Transcribe processor.\n" }, "kinesisDataStreamSinkConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration:MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration", "description": "Configuration for Kinesis Data Stream sink.\n" }, "lambdaFunctionSinkConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration:MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration", "description": "Configuration for Lambda Function sink.\n" }, "s3RecordingSinkConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration:MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration", "description": "Configuration for S3 recording sink.\n" }, "snsTopicSinkConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration:MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration", "description": "Configuration for SNS Topic sink.\n" }, "sqsQueueSinkConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration:MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration", "description": "Configuration for SQS Queue sink.\n" }, "type": { "type": "string", "description": "Element type.\n" }, "voiceAnalyticsProcessorConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration:MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration", "description": "Configuration for Voice analytics processor.\n" } }, "type": "object", "required": [ "type" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration:MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration": { "properties": { "callAnalyticsStreamCategories": { "type": "array", "items": { "type": "string" }, "description": "Filter for category events to be delivered to insights target.\n" }, "contentIdentificationType": { "type": "string", "description": "Labels all personally identifiable information (PII) identified in Utterance events.\n" }, "contentRedactionType": { "type": "string", "description": "Redacts all personally identifiable information (PII) identified in Utterance events.\n" }, "enablePartialResultsStabilization": { "type": "boolean", "description": "Enables partial result stabilization in Utterance events.\n" }, "filterPartialResults": { "type": "boolean", "description": "Filters partial Utterance events from delivery to the insights target.\n" }, "languageCode": { "type": "string", "description": "Language code for the transcription model.\n" }, "languageModelName": { "type": "string", "description": "Name of custom language model for transcription.\n" }, "partialResultsStability": { "type": "string", "description": "Level of stability to use when partial results stabilization is enabled.\n" }, "piiEntityTypes": { "type": "string", "description": "Types of personally identifiable information (PII) to redact from an Utterance event.\n" }, "postCallAnalyticsSettings": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings:MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings", "description": "Settings for post call analytics.\n" }, "vocabularyFilterMethod": { "type": "string", "description": "Method for applying a vocabulary filter to Utterance events.\n" }, "vocabularyFilterName": { "type": "string", "description": "Name of the custom vocabulary filter to use when processing Utterance events.\n" }, "vocabularyName": { "type": "string", "description": "Name of the custom vocabulary to use when processing Utterance events.\n" } }, "type": "object", "required": [ "languageCode" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings:MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings": { "properties": { "contentRedactionOutput": { "type": "string", "description": "Should output be redacted.\n" }, "dataAccessRoleArn": { "type": "string", "description": "ARN of the role used by AWS Transcribe to upload your post call analysis.\n" }, "outputEncryptionKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the output.\n" }, "outputLocation": { "type": "string", "description": "The Amazon S3 location where you want your Call Analytics post-call transcription output stored.\n" } }, "type": "object", "required": [ "dataAccessRoleArn", "outputLocation" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration:MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration": { "properties": { "contentIdentificationType": { "type": "string", "description": "Labels all personally identifiable information (PII) identified in Transcript events.\n" }, "contentRedactionType": { "type": "string", "description": "Redacts all personally identifiable information (PII) identified in Transcript events.\n" }, "enablePartialResultsStabilization": { "type": "boolean", "description": "Enables partial result stabilization in Transcript events.\n" }, "filterPartialResults": { "type": "boolean", "description": "Filters partial Utterance events from delivery to the insights target.\n" }, "languageCode": { "type": "string", "description": "Language code for the transcription model.\n" }, "languageModelName": { "type": "string", "description": "Name of custom language model for transcription.\n" }, "partialResultsStability": { "type": "string", "description": "Level of stability to use when partial results stabilization is enabled.\n" }, "piiEntityTypes": { "type": "string", "description": "Types of personally identifiable information (PII) to redact from a Transcript event.\n" }, "showSpeakerLabel": { "type": "boolean", "description": "Enables speaker partitioning (diarization) in your Transcript events.\n" }, "vocabularyFilterMethod": { "type": "string", "description": "Method for applying a vocabulary filter to Transcript events.\n" }, "vocabularyFilterName": { "type": "string", "description": "Name of the custom vocabulary filter to use when processing Transcript events.\n" }, "vocabularyName": { "type": "string", "description": "Name of the custom vocabulary to use when processing Transcript events.\n" } }, "type": "object", "required": [ "languageCode" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration:MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration": { "properties": { "insightsTarget": { "type": "string", "description": "Kinesis Data Stream to deliver results.\n" } }, "type": "object", "required": [ "insightsTarget" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration:MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration": { "properties": { "insightsTarget": { "type": "string", "description": "Lambda Function to deliver results.\n" } }, "type": "object", "required": [ "insightsTarget" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration:MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration": { "properties": { "destination": { "type": "string", "description": "S3 URI to deliver recordings.\n" } }, "type": "object" }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration:MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration": { "properties": { "insightsTarget": { "type": "string", "description": "SNS topic to deliver results.\n" } }, "type": "object", "required": [ "insightsTarget" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration:MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration": { "properties": { "insightsTarget": { "type": "string", "description": "SQS queue to deliver results.\n" } }, "type": "object", "required": [ "insightsTarget" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration:MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration": { "properties": { "speakerSearchStatus": { "type": "string", "description": "Enable speaker search.\n" }, "voiceToneAnalysisStatus": { "type": "string", "description": "Enable voice tone analysis.\n" } }, "type": "object", "required": [ "speakerSearchStatus", "voiceToneAnalysisStatus" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfiguration": { "properties": { "disabled": { "type": "boolean", "description": "Disables real time alert rules.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule" }, "description": "Collection of real time alert rules\n" } }, "type": "object", "required": [ "rules" ], "language": { "nodejs": { "requiredOutputs": [ "disabled", "rules" ] } } }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule": { "properties": { "issueDetectionConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration", "description": "Configuration for an issue detection rule.\n" }, "keywordMatchConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration", "description": "Configuration for a keyword match rule.\n" }, "sentimentConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration", "description": "Configuration for a sentiment rule.\n" }, "type": { "type": "string", "description": "Rule type.\n" } }, "type": "object", "required": [ "type" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration": { "properties": { "ruleName": { "type": "string", "description": "Rule name.\n" } }, "type": "object", "required": [ "ruleName" ] }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration": { "properties": { "keywords": { "type": "array", "items": { "type": "string" }, "description": "Collection of keywords to match.\n" }, "negate": { "type": "boolean", "description": "Negate the rule.\n" }, "ruleName": { "type": "string", "description": "Rule name.\n" } }, "type": "object", "required": [ "keywords", "ruleName" ], "language": { "nodejs": { "requiredOutputs": [ "keywords", "negate", "ruleName" ] } } }, "aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration": { "properties": { "ruleName": { "type": "string", "description": "Rule name.\n" }, "sentimentType": { "type": "string", "description": "Sentiment type to match.\n" }, "timePeriod": { "type": "integer", "description": "Analysis interval.\n" } }, "type": "object", "required": [ "ruleName", "sentimentType", "timePeriod" ] }, "aws:cleanrooms/CollaborationDataEncryptionMetadata:CollaborationDataEncryptionMetadata": { "properties": { "allowClearText": { "type": "boolean", "willReplaceOnChanges": true }, "allowDuplicates": { "type": "boolean", "willReplaceOnChanges": true }, "allowJoinsOnColumnsWithDifferentNames": { "type": "boolean", "willReplaceOnChanges": true }, "preserveNulls": { "type": "boolean", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allowClearText", "allowDuplicates", "allowJoinsOnColumnsWithDifferentNames", "preserveNulls" ] }, "aws:cleanrooms/CollaborationMember:CollaborationMember": { "properties": { "accountId": { "type": "string", "willReplaceOnChanges": true }, "displayName": { "type": "string", "willReplaceOnChanges": true }, "memberAbilities": { "type": "array", "items": { "type": "string" }, "willReplaceOnChanges": true }, "status": { "type": "string" } }, "type": "object", "required": [ "accountId", "displayName", "memberAbilities" ], "language": { "nodejs": { "requiredOutputs": [ "accountId", "displayName", "memberAbilities", "status" ] } } }, "aws:cleanrooms/ConfiguredTableTableReference:ConfiguredTableTableReference": { "properties": { "databaseName": { "type": "string", "willReplaceOnChanges": true }, "tableName": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName", "tableName" ] }, "aws:cloudformation/CloudFormationTypeLoggingConfig:CloudFormationTypeLoggingConfig": { "properties": { "logGroupName": { "type": "string", "description": "Name of the CloudWatch Log Group where CloudFormation sends error logging information when invoking the type's handlers.\n", "willReplaceOnChanges": true }, "logRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role CloudFormation assumes when sending error logging information to CloudWatch Logs.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "logGroupName", "logRoleArn" ] }, "aws:cloudformation/StackSetAutoDeployment:StackSetAutoDeployment": { "properties": { "enabled": { "type": "boolean", "description": "Whether or not auto-deployment is enabled.\n" }, "retainStacksOnAccountRemoval": { "type": "boolean", "description": "Whether or not to retain stacks when the account is removed.\n" } }, "type": "object" }, "aws:cloudformation/StackSetInstanceDeploymentTargets:StackSetInstanceDeploymentTargets": { "properties": { "accountFilterType": { "type": "string", "description": "Limit deployment targets to individual accounts or include additional accounts with provided OUs. Valid values: `INTERSECTION`, `DIFFERENCE`, `UNION`, `NONE`.\n", "willReplaceOnChanges": true }, "accounts": { "type": "array", "items": { "type": "string" }, "description": "List of accounts to deploy stack set updates.\n", "willReplaceOnChanges": true }, "accountsUrl": { "type": "string", "description": "S3 URL of the file containing the list of accounts.\n", "willReplaceOnChanges": true }, "organizationalUnitIds": { "type": "array", "items": { "type": "string" }, "description": "Organization root ID or organizational unit (OU) IDs to which StackSets deploys.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:cloudformation/StackSetInstanceOperationPreferences:StackSetInstanceOperationPreferences": { "properties": { "concurrencyMode": { "type": "string", "description": "Specifies how the concurrency level behaves during the operation execution. Valid values are `STRICT_FAILURE_TOLERANCE` and `SOFT_FAILURE_TOLERANCE`.\n" }, "failureToleranceCount": { "type": "integer", "description": "Number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.\n" }, "failureTolerancePercentage": { "type": "integer", "description": "Percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.\n" }, "maxConcurrentCount": { "type": "integer", "description": "Maximum number of accounts in which to perform this operation at one time.\n" }, "maxConcurrentPercentage": { "type": "integer", "description": "Maximum percentage of accounts in which to perform this operation at one time.\n" }, "regionConcurrencyType": { "type": "string", "description": "Concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. Valid values are `SEQUENTIAL` and `PARALLEL`.\n" }, "regionOrders": { "type": "array", "items": { "type": "string" }, "description": "Order of the Regions in where you want to perform the stack operation.\n" } }, "type": "object" }, "aws:cloudformation/StackSetInstanceStackInstanceSummary:StackSetInstanceStackInstanceSummary": { "properties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n" }, "organizationalUnitId": { "type": "string", "description": "Organizational unit ID in which the stack is deployed.\n" }, "stackId": { "type": "string", "description": "Stack identifier.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "accountId", "organizationalUnitId", "stackId" ] } } }, "aws:cloudformation/StackSetManagedExecution:StackSetManagedExecution": { "properties": { "active": { "type": "boolean", "description": "When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false.\n" } }, "type": "object" }, "aws:cloudformation/StackSetOperationPreferences:StackSetOperationPreferences": { "properties": { "failureToleranceCount": { "type": "integer", "description": "The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.\n" }, "failureTolerancePercentage": { "type": "integer", "description": "The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.\n" }, "maxConcurrentCount": { "type": "integer", "description": "The maximum number of accounts in which to perform this operation at one time.\n" }, "maxConcurrentPercentage": { "type": "integer", "description": "The maximum percentage of accounts in which to perform this operation at one time.\n" }, "regionConcurrencyType": { "type": "string", "description": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.\n" }, "regionOrders": { "type": "array", "items": { "type": "string" }, "description": "The order of the Regions in where you want to perform the stack operation.\n" } }, "type": "object" }, "aws:cloudformation/getCloudFormationTypeLoggingConfig:getCloudFormationTypeLoggingConfig": { "properties": { "logGroupName": { "type": "string", "description": "Name of the CloudWatch Log Group where CloudFormation sends error logging information when invoking the type's handlers.\n" }, "logRoleArn": { "type": "string", "description": "ARN of the IAM Role CloudFormation assumes when sending error logging information to CloudWatch Logs.\n" } }, "type": "object", "required": [ "logGroupName", "logRoleArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOrigin:CachePolicyParametersInCacheKeyAndForwardedToOrigin": { "properties": { "cookiesConfig": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig", "description": "Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n" }, "enableAcceptEncodingBrotli": { "type": "boolean", "description": "Flag determines whether the Accept-Encoding HTTP header is included in the cache key and in requests that CloudFront sends to the origin.\n" }, "enableAcceptEncodingGzip": { "type": "boolean", "description": "Whether the Accept-Encoding HTTP header is included in the cache key and in requests sent to the origin by CloudFront.\n" }, "headersConfig": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig", "description": "Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n" }, "queryStringsConfig": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig", "description": "Whether any URL query strings in viewer requests are included in the cache key. It also automatically includes these query strings in requests that CloudFront sends to the origin. Please refer to the Query String Config for more information.\n" } }, "type": "object", "required": [ "cookiesConfig", "headersConfig", "queryStringsConfig" ] }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig": { "properties": { "cookieBehavior": { "type": "string", "description": "Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `cookie_behavior` are `none`, `whitelist`, `allExcept`, and `all`.\n" }, "cookies": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies:CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies", "description": "Object that contains a list of cookie names. See Items for more information.\n" } }, "type": "object", "required": [ "cookieBehavior" ] }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies:CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names, such as cookies, headers, or query strings.\n" } }, "type": "object" }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig": { "properties": { "headerBehavior": { "type": "string", "description": "Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `header_behavior` are `none` and `whitelist`.\n" }, "headers": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders:CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders", "description": "Object contains a list of header names. See Items for more information.\n" } }, "type": "object" }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders:CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names, such as cookies, headers, or query strings.\n" } }, "type": "object" }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig:CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig": { "properties": { "queryStringBehavior": { "type": "string", "description": "Whether URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `query_string_behavior` are `none`, `whitelist`, `allExcept`, and `all`.\n" }, "queryStrings": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings:CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings", "description": "Configuration parameter that contains a list of query string names. See Items for more information.\n" } }, "type": "object", "required": [ "queryStringBehavior" ] }, "aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings:CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names, such as cookies, headers, or query strings.\n" } }, "type": "object" }, "aws:cloudfront/ContinuousDeploymentPolicyStagingDistributionDnsNames:ContinuousDeploymentPolicyStagingDistributionDnsNames": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "A list of CloudFront domain names for the staging distribution.\n" }, "quantity": { "type": "integer", "description": "Number of CloudFront domain names in the staging distribution.\n" } }, "type": "object", "required": [ "quantity" ] }, "aws:cloudfront/ContinuousDeploymentPolicyTrafficConfig:ContinuousDeploymentPolicyTrafficConfig": { "properties": { "singleHeaderConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig:ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig", "description": "Determines which HTTP requests are sent to the staging distribution. See `single_header_config`.\n" }, "singleWeightConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig:ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig", "description": "Contains the percentage of traffic to send to the staging distribution. See `single_weight_config`.\n" }, "type": { "type": "string", "description": "Type of traffic configuration. Valid values are `SingleWeight` and `SingleHeader`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig:ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig": { "properties": { "header": { "type": "string", "description": "Request header name to send to the staging distribution. The header must contain the prefix `aws-cf-cd-`.\n" }, "value": { "type": "string", "description": "Request header value.\n" } }, "type": "object", "required": [ "header", "value" ] }, "aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig:ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig": { "properties": { "sessionStickinessConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig:ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig", "description": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to the staging distribution, while others are sent to the primary distribution. Define the session duration using TTL values. See `session_stickiness_config`.\n" }, "weight": { "type": "number", "description": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between `0` and `.15`.\n" } }, "type": "object", "required": [ "weight" ] }, "aws:cloudfront/ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig:ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig": { "properties": { "idleTtl": { "type": "integer", "description": "The amount of time in seconds after which sessions will cease if no requests are received. Valid values are `300` – `3600` (5–60 minutes). The value must be less than or equal to `maximum_ttl`.\n" }, "maximumTtl": { "type": "integer", "description": "The maximum amount of time in seconds to consider requests from the viewer as being part of the same session. Valid values are `300` – `3600` (5–60 minutes). The value must be greater than or equal to `idle_ttl`.\n" } }, "type": "object", "required": [ "idleTtl", "maximumTtl" ] }, "aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse": { "properties": { "errorCachingMinTtl": { "type": "integer", "description": "Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.\n" }, "errorCode": { "type": "integer", "description": "4xx or 5xx HTTP status code that you want to customize.\n" }, "responseCode": { "type": "integer", "description": "HTTP status code that you want CloudFront to return with the custom error page to the viewer.\n" }, "responsePagePath": { "type": "string", "description": "Path of the custom error page (for example, `/custom_404.html`).\n" } }, "type": "object", "required": [ "errorCode" ] }, "aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior": { "properties": { "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.\n" }, "cachePolicyId": { "type": "string", "description": "Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `default_cache_behavior` either `cache_policy_id` or `forwarded_values` must be set.\n" }, "cachedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls whether CloudFront caches the response to requests using the specified HTTP methods.\n" }, "compress": { "type": "boolean", "description": "Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`).\n" }, "defaultTtl": { "type": "integer", "description": "Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header.\n" }, "fieldLevelEncryptionId": { "type": "string", "description": "Field level encryption configuration ID.\n" }, "forwardedValues": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValues:DistributionDefaultCacheBehaviorForwardedValues", "description": "The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).\n" }, "functionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorFunctionAssociation:DistributionDefaultCacheBehaviorFunctionAssociation" }, "description": "A config block that triggers a cloudfront function with specific actions (maximum 2).\n" }, "lambdaFunctionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorLambdaFunctionAssociation:DistributionDefaultCacheBehaviorLambdaFunctionAssociation" }, "description": "A config block that triggers a lambda function with specific actions (maximum 4).\n" }, "maxTtl": { "type": "integer", "description": "Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers.\n" }, "minTtl": { "type": "integer", "description": "Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.\n" }, "originRequestPolicyId": { "type": "string", "description": "Unique identifier of the origin request policy that is attached to the behavior.\n" }, "realtimeLogConfigArn": { "type": "string", "description": "ARN of the real-time log configuration that is attached to this cache behavior.\n" }, "responseHeadersPolicyId": { "type": "string", "description": "Identifier for a response headers policy.\n" }, "smoothStreaming": { "type": "boolean", "description": "Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.\n" }, "targetOriginId": { "type": "string", "description": "Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.\n" }, "trustedKeyGroups": { "type": "array", "items": { "type": "string" }, "description": "List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.\n" }, "trustedSigners": { "type": "array", "items": { "type": "string" }, "description": "List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.\n" }, "viewerProtocolPolicy": { "type": "string", "description": "Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`.\n" } }, "type": "object", "required": [ "allowedMethods", "cachedMethods", "targetOriginId", "viewerProtocolPolicy" ], "language": { "nodejs": { "requiredOutputs": [ "allowedMethods", "cachedMethods", "defaultTtl", "maxTtl", "targetOriginId", "trustedKeyGroups", "trustedSigners", "viewerProtocolPolicy" ] } } }, "aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValues:DistributionDefaultCacheBehaviorForwardedValues": { "properties": { "cookies": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValuesCookies:DistributionDefaultCacheBehaviorForwardedValuesCookies", "description": "The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).\n" }, "headers": { "type": "array", "items": { "type": "string" }, "description": "Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers.\n" }, "queryString": { "type": "boolean", "description": "Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.\n" }, "queryStringCacheKeys": { "type": "array", "items": { "type": "string" }, "description": "When specified, along with a value of `true` for `query_string`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `query_string`, all query string keys are cached.\n" } }, "type": "object", "required": [ "cookies", "queryString" ], "language": { "nodejs": { "requiredOutputs": [ "cookies", "headers", "queryString", "queryStringCacheKeys" ] } } }, "aws:cloudfront/DistributionDefaultCacheBehaviorForwardedValuesCookies:DistributionDefaultCacheBehaviorForwardedValuesCookies": { "properties": { "forward": { "type": "string", "description": "Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelisted_names`.\n" }, "whitelistedNames": { "type": "array", "items": { "type": "string" }, "description": "If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin.\n" } }, "type": "object", "required": [ "forward" ], "language": { "nodejs": { "requiredOutputs": [ "forward", "whitelistedNames" ] } } }, "aws:cloudfront/DistributionDefaultCacheBehaviorFunctionAssociation:DistributionDefaultCacheBehaviorFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`.\n" }, "functionArn": { "type": "string", "description": "ARN of the CloudFront function.\n" } }, "type": "object", "required": [ "eventType", "functionArn" ] }, "aws:cloudfront/DistributionDefaultCacheBehaviorLambdaFunctionAssociation:DistributionDefaultCacheBehaviorLambdaFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`.\n" }, "includeBody": { "type": "boolean", "description": "When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`.\n" }, "lambdaArn": { "type": "string", "description": "ARN of the Lambda function.\n" } }, "type": "object", "required": [ "eventType", "lambdaArn" ] }, "aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig": { "properties": { "bucket": { "type": "string", "description": "Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com`.\n" }, "includeCookies": { "type": "boolean", "description": "Whether to include cookies in access logs (default: `false`).\n" }, "prefix": { "type": "string", "description": "Prefix to the access log filenames for this distribution, for example, `myprefix/`.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior": { "properties": { "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.\n" }, "cachePolicyId": { "type": "string", "description": "Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `default_cache_behavior` either `cache_policy_id` or `forwarded_values` must be set.\n" }, "cachedMethods": { "type": "array", "items": { "type": "string" }, "description": "Controls whether CloudFront caches the response to requests using the specified HTTP methods.\n" }, "compress": { "type": "boolean", "description": "Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`).\n" }, "defaultTtl": { "type": "integer", "description": "Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header.\n" }, "fieldLevelEncryptionId": { "type": "string", "description": "Field level encryption configuration ID.\n" }, "forwardedValues": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValues:DistributionOrderedCacheBehaviorForwardedValues", "description": "The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).\n" }, "functionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorFunctionAssociation:DistributionOrderedCacheBehaviorFunctionAssociation" }, "description": "A config block that triggers a cloudfront function with specific actions (maximum 2).\n" }, "lambdaFunctionAssociations": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorLambdaFunctionAssociation:DistributionOrderedCacheBehaviorLambdaFunctionAssociation" }, "description": "A config block that triggers a lambda function with specific actions (maximum 4).\n" }, "maxTtl": { "type": "integer", "description": "Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers.\n" }, "minTtl": { "type": "integer", "description": "Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.\n" }, "originRequestPolicyId": { "type": "string", "description": "Unique identifier of the origin request policy that is attached to the behavior.\n" }, "pathPattern": { "type": "string", "description": "Pattern (for example, `images/*.jpg`) that specifies which requests you want this cache behavior to apply to.\n" }, "realtimeLogConfigArn": { "type": "string", "description": "ARN of the real-time log configuration that is attached to this cache behavior.\n" }, "responseHeadersPolicyId": { "type": "string", "description": "Identifier for a response headers policy.\n" }, "smoothStreaming": { "type": "boolean", "description": "Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.\n" }, "targetOriginId": { "type": "string", "description": "Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.\n" }, "trustedKeyGroups": { "type": "array", "items": { "type": "string" }, "description": "List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.\n" }, "trustedSigners": { "type": "array", "items": { "type": "string" }, "description": "List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.\n" }, "viewerProtocolPolicy": { "type": "string", "description": "Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`.\n" } }, "type": "object", "required": [ "allowedMethods", "cachedMethods", "pathPattern", "targetOriginId", "viewerProtocolPolicy" ], "language": { "nodejs": { "requiredOutputs": [ "allowedMethods", "cachedMethods", "defaultTtl", "maxTtl", "pathPattern", "targetOriginId", "viewerProtocolPolicy" ] } } }, "aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValues:DistributionOrderedCacheBehaviorForwardedValues": { "properties": { "cookies": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValuesCookies:DistributionOrderedCacheBehaviorForwardedValuesCookies", "description": "The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).\n" }, "headers": { "type": "array", "items": { "type": "string" }, "description": "Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers.\n" }, "queryString": { "type": "boolean", "description": "Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.\n" }, "queryStringCacheKeys": { "type": "array", "items": { "type": "string" }, "description": "When specified, along with a value of `true` for `query_string`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `query_string`, all query string keys are cached.\n" } }, "type": "object", "required": [ "cookies", "queryString" ], "language": { "nodejs": { "requiredOutputs": [ "cookies", "headers", "queryString", "queryStringCacheKeys" ] } } }, "aws:cloudfront/DistributionOrderedCacheBehaviorForwardedValuesCookies:DistributionOrderedCacheBehaviorForwardedValuesCookies": { "properties": { "forward": { "type": "string", "description": "Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelisted_names`.\n" }, "whitelistedNames": { "type": "array", "items": { "type": "string" }, "description": "If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin.\n" } }, "type": "object", "required": [ "forward" ] }, "aws:cloudfront/DistributionOrderedCacheBehaviorFunctionAssociation:DistributionOrderedCacheBehaviorFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`.\n" }, "functionArn": { "type": "string", "description": "ARN of the CloudFront function.\n" } }, "type": "object", "required": [ "eventType", "functionArn" ] }, "aws:cloudfront/DistributionOrderedCacheBehaviorLambdaFunctionAssociation:DistributionOrderedCacheBehaviorLambdaFunctionAssociation": { "properties": { "eventType": { "type": "string", "description": "Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`.\n" }, "includeBody": { "type": "boolean", "description": "When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`.\n" }, "lambdaArn": { "type": "string", "description": "ARN of the Lambda function.\n" } }, "type": "object", "required": [ "eventType", "lambdaArn" ] }, "aws:cloudfront/DistributionOrigin:DistributionOrigin": { "properties": { "connectionAttempts": { "type": "integer", "description": "Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.\n" }, "connectionTimeout": { "type": "integer", "description": "Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.\n" }, "customHeaders": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginCustomHeader:DistributionOriginCustomHeader" }, "description": "One or more sub-resources with `name` and `value` parameters that specify header data that will be sent to the origin (multiples allowed).\n" }, "customOriginConfig": { "$ref": "#/types/aws:cloudfront/DistributionOriginCustomOriginConfig:DistributionOriginCustomOriginConfig", "description": "The CloudFront custom origin configuration information. If an S3 origin is required, use `origin_access_control_id` or `s3_origin_config` instead.\n" }, "domainName": { "type": "string", "description": "Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`.\n" }, "originAccessControlId": { "type": "string", "description": "Unique identifier of a [CloudFront origin access control][8] for this origin.\n" }, "originId": { "type": "string" }, "originPath": { "type": "string", "description": "Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.\n" }, "originShield": { "$ref": "#/types/aws:cloudfront/DistributionOriginOriginShield:DistributionOriginOriginShield", "description": "CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the Amazon CloudFront Developer Guide.\n" }, "s3OriginConfig": { "$ref": "#/types/aws:cloudfront/DistributionOriginS3OriginConfig:DistributionOriginS3OriginConfig", "description": "CloudFront S3 origin configuration information. If a custom origin is required, use `custom_origin_config` instead.\n" } }, "type": "object", "required": [ "domainName", "originId" ] }, "aws:cloudfront/DistributionOriginCustomHeader:DistributionOriginCustomHeader": { "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "name", "value" ] }, "aws:cloudfront/DistributionOriginCustomOriginConfig:DistributionOriginCustomOriginConfig": { "properties": { "httpPort": { "type": "integer", "description": "HTTP port the custom origin listens on.\n" }, "httpsPort": { "type": "integer", "description": "HTTPS port the custom origin listens on.\n" }, "originKeepaliveTimeout": { "type": "integer", "description": "The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `5`.\n" }, "originProtocolPolicy": { "type": "string", "description": "Origin protocol policy to apply to your origin. One of `http-only`, `https-only`, or `match-viewer`.\n" }, "originReadTimeout": { "type": "integer", "description": "The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `30`.\n" }, "originSslProtocols": { "type": "array", "items": { "type": "string" }, "description": "List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: `SSLv3`, `TLSv1`, `TLSv1.1`, `TLSv1.2`. For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the Amazon CloudFront Developer Guide.\n" } }, "type": "object", "required": [ "httpPort", "httpsPort", "originProtocolPolicy", "originSslProtocols" ] }, "aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup": { "properties": { "failoverCriteria": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroupFailoverCriteria:DistributionOriginGroupFailoverCriteria", "description": "The failover criteria for when to failover to the secondary origin.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroupMember:DistributionOriginGroupMember" }, "description": "Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.\n" }, "originId": { "type": "string" } }, "type": "object", "required": [ "failoverCriteria", "members", "originId" ] }, "aws:cloudfront/DistributionOriginGroupFailoverCriteria:DistributionOriginGroupFailoverCriteria": { "properties": { "statusCodes": { "type": "array", "items": { "type": "integer" }, "description": "List of HTTP status codes for the origin group.\n" } }, "type": "object", "required": [ "statusCodes" ] }, "aws:cloudfront/DistributionOriginGroupMember:DistributionOriginGroupMember": { "properties": { "originId": { "type": "string" } }, "type": "object", "required": [ "originId" ] }, "aws:cloudfront/DistributionOriginOriginShield:DistributionOriginOriginShield": { "properties": { "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "originShieldRegion": { "type": "string", "description": "AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2`.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:cloudfront/DistributionOriginS3OriginConfig:DistributionOriginS3OriginConfig": { "properties": { "originAccessIdentity": { "type": "string", "description": "The CloudFront origin access identity to associate with the origin.\n" } }, "type": "object", "required": [ "originAccessIdentity" ] }, "aws:cloudfront/DistributionRestrictions:DistributionRestrictions": { "properties": { "geoRestriction": { "$ref": "#/types/aws:cloudfront/DistributionRestrictionsGeoRestriction:DistributionRestrictionsGeoRestriction" } }, "type": "object", "required": [ "geoRestriction" ] }, "aws:cloudfront/DistributionRestrictionsGeoRestriction:DistributionRestrictionsGeoRestriction": { "properties": { "locations": { "type": "array", "items": { "type": "string" }, "description": "[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (`whitelist`) or not distribute your content (`blacklist`). If the type is specified as `none` an empty array can be used.\n" }, "restrictionType": { "type": "string", "description": "Method that you want to use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist`.\n" } }, "type": "object", "required": [ "restrictionType" ], "language": { "nodejs": { "requiredOutputs": [ "locations", "restrictionType" ] } } }, "aws:cloudfront/DistributionTrustedKeyGroup:DistributionTrustedKeyGroup": { "properties": { "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedKeyGroupItem:DistributionTrustedKeyGroupItem" }, "description": "List of nested attributes for each trusted signer\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled", "items" ] } } }, "aws:cloudfront/DistributionTrustedKeyGroupItem:DistributionTrustedKeyGroupItem": { "properties": { "keyGroupId": { "type": "string", "description": "ID of the key group that contains the public keys.\n" }, "keyPairIds": { "type": "array", "items": { "type": "string" }, "description": "Set of active CloudFront key pairs associated with the signer account\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "keyGroupId", "keyPairIds" ] } } }, "aws:cloudfront/DistributionTrustedSigner:DistributionTrustedSigner": { "properties": { "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedSignerItem:DistributionTrustedSignerItem" }, "description": "List of nested attributes for each trusted signer\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled", "items" ] } } }, "aws:cloudfront/DistributionTrustedSignerItem:DistributionTrustedSignerItem": { "properties": { "awsAccountNumber": { "type": "string", "description": "AWS account ID or `self`\n" }, "keyPairIds": { "type": "array", "items": { "type": "string" }, "description": "Set of active CloudFront key pairs associated with the signer account\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "awsAccountNumber", "keyPairIds" ] } } }, "aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate": { "properties": { "acmCertificateArn": { "type": "string", "description": "ARN of the [AWS Certificate Manager](https://aws.amazon.com/certificate-manager/) certificate that you wish to use with this distribution. Specify this, `cloudfront_default_certificate`, or `iam_certificate_id`. The ACM certificate must be in US-EAST-1.\n" }, "cloudfrontDefaultCertificate": { "type": "boolean", "description": "`true` if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, `acm_certificate_arn`, or `iam_certificate_id`.\n" }, "iamCertificateId": { "type": "string", "description": "IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, `acm_certificate_arn`, or `cloudfront_default_certificate`.\n" }, "minimumProtocolVersion": { "type": "string", "description": "Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if `cloudfront_default_certificate = false`. See all possible values in [this](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) table under \"Security policy.\" Some examples include: `TLSv1.2_2019` and `TLSv1.2_2021`. Default: `TLSv1`. **NOTE**: If you are using a custom certificate (specified with `acm_certificate_arn` or `iam_certificate_id`), and have specified `sni-only` in `ssl_support_method`, `TLSv1` or later must be specified. If you have specified `vip` in `ssl_support_method`, only `SSLv3` or `TLSv1` can be specified. If you have specified `cloudfront_default_certificate`, `TLSv1` must be specified.\n" }, "sslSupportMethod": { "type": "string", "description": "How you want CloudFront to serve HTTPS requests. One of `vip`, `sni-only`, or `static-ip`. Required if you specify `acm_certificate_arn` or `iam_certificate_id`. **NOTE:** `vip` causes CloudFront to use a dedicated IP address and may incur extra charges.\n" } }, "type": "object" }, "aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfig:FieldLevelEncryptionConfigContentTypeProfileConfig": { "properties": { "contentTypeProfiles": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles:FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles", "description": "Object that contains an attribute `items` that contains the list of configurations for a field-level encryption content type-profile. See Content Type Profile.\n" }, "forwardWhenContentTypeIsUnknown": { "type": "boolean", "description": "specifies what to do when an unknown content type is provided for the profile. If true, content is forwarded without being encrypted when the content type is unknown. If false (the default), an error is returned when the content type is unknown.\n" } }, "type": "object", "required": [ "contentTypeProfiles", "forwardWhenContentTypeIsUnknown" ] }, "aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles:FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem:FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem" } } }, "type": "object", "required": [ "items" ] }, "aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem:FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem": { "properties": { "contentType": { "type": "string", "description": "he content type for a field-level encryption content type-profile mapping. Valid value is `application/x-www-form-urlencoded`.\n" }, "format": { "type": "string", "description": "The format for a field-level encryption content type-profile mapping. Valid value is `URLEncoded`.\n" }, "profileId": { "type": "string" } }, "type": "object", "required": [ "contentType", "format" ] }, "aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfig:FieldLevelEncryptionConfigQueryArgProfileConfig": { "properties": { "forwardWhenQueryArgProfileIsUnknown": { "type": "boolean", "description": "Flag to set if you want a request to be forwarded to the origin even if the profile specified by the field-level encryption query argument, fle-profile, is unknown.\n" }, "queryArgProfiles": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles:FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles", "description": "Object that contains an attribute `items` that contains the list ofrofiles specified for query argument-profile mapping for field-level encryption. see Query Arg Profile.\n" } }, "type": "object", "required": [ "forwardWhenQueryArgProfileIsUnknown" ] }, "aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles:FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem:FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem" } } }, "type": "object" }, "aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem:FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem": { "properties": { "profileId": { "type": "string" }, "queryArg": { "type": "string", "description": "Query argument for field-level encryption query argument-profile mapping.\n" } }, "type": "object", "required": [ "profileId", "queryArg" ] }, "aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntities:FieldLevelEncryptionProfileEncryptionEntities": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntitiesItem:FieldLevelEncryptionProfileEncryptionEntitiesItem" } } }, "type": "object" }, "aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntitiesItem:FieldLevelEncryptionProfileEncryptionEntitiesItem": { "properties": { "fieldPatterns": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns:FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns", "description": "Object that contains an attribute `items` that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.\n" }, "providerId": { "type": "string", "description": "The provider associated with the public key being used for encryption.\n" }, "publicKeyId": { "type": "string", "description": "The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.\n" } }, "type": "object", "required": [ "fieldPatterns", "providerId", "publicKeyId" ] }, "aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns:FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/KeyValueStoreTimeouts:KeyValueStoreTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:cloudfront/MonitoringSubscriptionMonitoringSubscription:MonitoringSubscriptionMonitoringSubscription": { "properties": { "realtimeMetricsSubscriptionConfig": { "$ref": "#/types/aws:cloudfront/MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig:MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig", "description": "A subscription configuration for additional CloudWatch metrics. See below.\n" } }, "type": "object", "required": [ "realtimeMetricsSubscriptionConfig" ] }, "aws:cloudfront/MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig:MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig": { "properties": { "realtimeMetricsSubscriptionStatus": { "type": "string", "description": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. See below.\n" } }, "type": "object", "required": [ "realtimeMetricsSubscriptionStatus" ] }, "aws:cloudfront/OriginRequestPolicyCookiesConfig:OriginRequestPolicyCookiesConfig": { "properties": { "cookieBehavior": { "type": "string" }, "cookies": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyCookiesConfigCookies:OriginRequestPolicyCookiesConfigCookies" } }, "type": "object", "required": [ "cookieBehavior" ] }, "aws:cloudfront/OriginRequestPolicyCookiesConfigCookies:OriginRequestPolicyCookiesConfigCookies": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/OriginRequestPolicyHeadersConfig:OriginRequestPolicyHeadersConfig": { "properties": { "headerBehavior": { "type": "string" }, "headers": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyHeadersConfigHeaders:OriginRequestPolicyHeadersConfigHeaders" } }, "type": "object" }, "aws:cloudfront/OriginRequestPolicyHeadersConfigHeaders:OriginRequestPolicyHeadersConfigHeaders": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/OriginRequestPolicyQueryStringsConfig:OriginRequestPolicyQueryStringsConfig": { "properties": { "queryStringBehavior": { "type": "string" }, "queryStrings": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyQueryStringsConfigQueryStrings:OriginRequestPolicyQueryStringsConfigQueryStrings" } }, "type": "object", "required": [ "queryStringBehavior" ] }, "aws:cloudfront/OriginRequestPolicyQueryStringsConfigQueryStrings:OriginRequestPolicyQueryStringsConfigQueryStrings": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/RealtimeLogConfigEndpoint:RealtimeLogConfigEndpoint": { "properties": { "kinesisStreamConfig": { "$ref": "#/types/aws:cloudfront/RealtimeLogConfigEndpointKinesisStreamConfig:RealtimeLogConfigEndpointKinesisStreamConfig", "description": "The Amazon Kinesis data stream configuration.\n" }, "streamType": { "type": "string", "description": "The type of data stream where real-time log data is sent. The only valid value is `Kinesis`.\n" } }, "type": "object", "required": [ "kinesisStreamConfig", "streamType" ] }, "aws:cloudfront/RealtimeLogConfigEndpointKinesisStreamConfig:RealtimeLogConfigEndpointKinesisStreamConfig": { "properties": { "roleArn": { "type": "string", "description": "The ARN of an IAM role that CloudFront can use to send real-time log data to the Kinesis data stream.\nSee the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) for more information.\n" }, "streamArn": { "type": "string", "description": "The ARN of the Kinesis data stream.\n" } }, "type": "object", "required": [ "roleArn", "streamArn" ] }, "aws:cloudfront/ResponseHeadersPolicyCorsConfig:ResponseHeadersPolicyCorsConfig": { "properties": { "accessControlAllowCredentials": { "type": "boolean", "description": "A Boolean value that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n" }, "accessControlAllowHeaders": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders:ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders", "description": "Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n" }, "accessControlAllowMethods": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowMethods:ResponseHeadersPolicyCorsConfigAccessControlAllowMethods", "description": "Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL`\n" }, "accessControlAllowOrigins": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins:ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins", "description": "Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n" }, "accessControlExposeHeaders": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders:ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders", "description": "Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n" }, "accessControlMaxAgeSec": { "type": "integer", "description": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n" }, "originOverride": { "type": "boolean", "description": "A Boolean value that determines how CloudFront behaves for the HTTP response header.\n" } }, "type": "object", "required": [ "accessControlAllowCredentials", "accessControlAllowHeaders", "accessControlAllowMethods", "accessControlAllowOrigins", "originOverride" ] }, "aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders:ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowMethods:ResponseHeadersPolicyCorsConfigAccessControlAllowMethods": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins:ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders:ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfig:ResponseHeadersPolicyCustomHeadersConfig": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfigItem:ResponseHeadersPolicyCustomHeadersConfigItem" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfigItem:ResponseHeadersPolicyCustomHeadersConfigItem": { "properties": { "header": { "type": "string" }, "override": { "type": "boolean" }, "value": { "type": "string", "description": "The value for the HTTP response header.\n" } }, "type": "object", "required": [ "header", "override", "value" ] }, "aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfig:ResponseHeadersPolicyRemoveHeadersConfig": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfigItem:ResponseHeadersPolicyRemoveHeadersConfigItem" } } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfigItem:ResponseHeadersPolicyRemoveHeadersConfigItem": { "properties": { "header": { "type": "string" } }, "type": "object", "required": [ "header" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfig:ResponseHeadersPolicySecurityHeadersConfig": { "properties": { "contentSecurityPolicy": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy:ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy", "description": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. See Content Security Policy for more information.\n" }, "contentTypeOptions": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions:ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions", "description": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff`. See Content Type Options for more information.\n" }, "frameOptions": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigFrameOptions:ResponseHeadersPolicySecurityHeadersConfigFrameOptions", "description": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header’s value. See Frame Options for more information.\n" }, "referrerPolicy": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy:ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy", "description": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header’s value. See Referrer Policy for more information.\n" }, "strictTransportSecurity": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity:ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity", "description": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header’s value. See Strict Transport Security for more information.\n" }, "xssProtection": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigXssProtection:ResponseHeadersPolicySecurityHeadersConfigXssProtection", "description": "Determine whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header’s value. See XSS Protection for more information.\n" } }, "type": "object" }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy:ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy": { "properties": { "contentSecurityPolicy": { "type": "string", "description": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "contentSecurityPolicy", "override" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions:ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions": { "properties": { "override": { "type": "boolean", "description": "Whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "override" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigFrameOptions:ResponseHeadersPolicySecurityHeadersConfigFrameOptions": { "properties": { "frameOption": { "type": "string", "description": "The value of the `X-Frame-Options` HTTP response header. Valid values: `DENY` | `SAMEORIGIN`\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "frameOption", "override" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy:ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy": { "properties": { "override": { "type": "boolean", "description": "Whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "referrerPolicy": { "type": "string", "description": "The value of the `Referrer-Policy` HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`\n" } }, "type": "object", "required": [ "override", "referrerPolicy" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity:ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity": { "properties": { "accessControlMaxAgeSec": { "type": "integer", "description": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.\n" }, "includeSubdomains": { "type": "boolean", "description": "Whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "preload": { "type": "boolean", "description": "Whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.\n" } }, "type": "object", "required": [ "accessControlMaxAgeSec", "override" ] }, "aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfigXssProtection:ResponseHeadersPolicySecurityHeadersConfigXssProtection": { "properties": { "modeBlock": { "type": "boolean", "description": "Whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "protection": { "type": "boolean", "description": "A Boolean value that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true`, the value of the `X-XSS-Protection` header is `1`. When this setting is `false`, the value of the `X-XSS-Protection` header is `0`.\n" }, "reportUri": { "type": "string", "description": "A reporting URI, which CloudFront uses as the value of the report directive in the `X-XSS-Protection` header. You cannot specify a `report_uri` when `mode_block` is `true`.\n" } }, "type": "object", "required": [ "override", "protection" ] }, "aws:cloudfront/ResponseHeadersPolicyServerTimingHeadersConfig:ResponseHeadersPolicyServerTimingHeadersConfig": { "properties": { "enabled": { "type": "boolean", "description": "A Whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.\n" }, "samplingRate": { "type": "number", "description": "A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.\n" } }, "type": "object", "required": [ "enabled", "samplingRate" ] }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOrigin:getCachePolicyParametersInCacheKeyAndForwardedToOrigin": { "properties": { "cookiesConfigs": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig" }, "description": "Object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n" }, "enableAcceptEncodingBrotli": { "type": "boolean", "description": "A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n" }, "enableAcceptEncodingGzip": { "type": "boolean", "description": "A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n" }, "headersConfigs": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig" }, "description": "Object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n" }, "queryStringsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig" }, "description": "Object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Query String Config for more information.\n" } }, "type": "object", "required": [ "cookiesConfigs", "enableAcceptEncodingBrotli", "enableAcceptEncodingGzip", "headersConfigs", "queryStringsConfigs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig": { "properties": { "cookieBehavior": { "type": "string", "description": "Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are `none`, `whitelist`, `allExcept`, `all`.\n" }, "cookies": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookie:getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookie" }, "description": "Object that contains a list of cookie names. See Items for more information.\n" } }, "type": "object", "required": [ "cookieBehavior", "cookies" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookie:getCachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookie": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names (`cookies`, `headers`, or `query_strings`).\n" } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig": { "properties": { "headerBehavior": { "type": "string", "description": "Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are `none`, `whitelist`.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeader:getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeader" }, "description": "Object that contains a list of header names. See Items for more information.\n" } }, "type": "object", "required": [ "headerBehavior", "headers" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeader:getCachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeader": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names (`cookies`, `headers`, or `query_strings`).\n" } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig:getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig": { "properties": { "queryStringBehavior": { "type": "string", "description": "Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are `none`, `whitelist`, `allExcept`, `all`.\n" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryString:getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryString" }, "description": "Object that contains a list of query string names. See Items for more information.\n" } }, "type": "object", "required": [ "queryStringBehavior", "queryStrings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryString:getCachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryString": { "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "List of item names (`cookies`, `headers`, or `query_strings`).\n" } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyCookiesConfig:getOriginRequestPolicyCookiesConfig": { "properties": { "cookieBehavior": { "type": "string" }, "cookies": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyCookiesConfigCookie:getOriginRequestPolicyCookiesConfigCookie" } } }, "type": "object", "required": [ "cookieBehavior", "cookies" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyCookiesConfigCookie:getOriginRequestPolicyCookiesConfigCookie": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyHeadersConfig:getOriginRequestPolicyHeadersConfig": { "properties": { "headerBehavior": { "type": "string" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyHeadersConfigHeader:getOriginRequestPolicyHeadersConfigHeader" } } }, "type": "object", "required": [ "headerBehavior", "headers" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyHeadersConfigHeader:getOriginRequestPolicyHeadersConfigHeader": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyQueryStringsConfig:getOriginRequestPolicyQueryStringsConfig": { "properties": { "queryStringBehavior": { "type": "string" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyQueryStringsConfigQueryString:getOriginRequestPolicyQueryStringsConfigQueryString" } } }, "type": "object", "required": [ "queryStringBehavior", "queryStrings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getOriginRequestPolicyQueryStringsConfigQueryString:getOriginRequestPolicyQueryStringsConfigQueryString": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getRealtimeLogConfigEndpoint:getRealtimeLogConfigEndpoint": { "properties": { "kinesisStreamConfigs": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getRealtimeLogConfigEndpointKinesisStreamConfig:getRealtimeLogConfigEndpointKinesisStreamConfig" }, "description": "(Required) Amazon Kinesis data stream configuration.\n" }, "streamType": { "type": "string", "description": "(Required) Type of data stream where real-time log data is sent. The only valid value is `Kinesis`.\n" } }, "type": "object", "required": [ "kinesisStreamConfigs", "streamType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getRealtimeLogConfigEndpointKinesisStreamConfig:getRealtimeLogConfigEndpointKinesisStreamConfig": { "properties": { "roleArn": { "type": "string", "description": "(Required) ARN of an IAM role that CloudFront can use to send real-time log data to the Kinesis data stream.\nSee the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) for more information.\n" }, "streamArn": { "type": "string", "description": "(Required) ARN of the Kinesis data stream.\n" } }, "type": "object", "required": [ "roleArn", "streamArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCorsConfig:getResponseHeadersPolicyCorsConfig": { "properties": { "accessControlAllowCredentials": { "type": "boolean", "description": "A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.\n" }, "accessControlAllowHeaders": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowHeader:getResponseHeadersPolicyCorsConfigAccessControlAllowHeader" }, "description": "Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.\n" }, "accessControlAllowMethods": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowMethod:getResponseHeadersPolicyCorsConfigAccessControlAllowMethod" }, "description": "Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL`\n" }, "accessControlAllowOrigins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowOrigin:getResponseHeadersPolicyCorsConfigAccessControlAllowOrigin" }, "description": "Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.\n" }, "accessControlExposeHeaders": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlExposeHeader:getResponseHeadersPolicyCorsConfigAccessControlExposeHeader" }, "description": "Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.\n" }, "accessControlMaxAgeSec": { "type": "integer", "description": "A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.\n" }, "originOverride": { "type": "boolean" } }, "type": "object", "required": [ "accessControlAllowCredentials", "accessControlAllowHeaders", "accessControlAllowMethods", "accessControlAllowOrigins", "accessControlExposeHeaders", "accessControlMaxAgeSec", "originOverride" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowHeader:getResponseHeadersPolicyCorsConfigAccessControlAllowHeader": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowMethod:getResponseHeadersPolicyCorsConfigAccessControlAllowMethod": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlAllowOrigin:getResponseHeadersPolicyCorsConfigAccessControlAllowOrigin": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCorsConfigAccessControlExposeHeader:getResponseHeadersPolicyCorsConfigAccessControlExposeHeader": { "properties": { "items": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCustomHeadersConfig:getResponseHeadersPolicyCustomHeadersConfig": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCustomHeadersConfigItem:getResponseHeadersPolicyCustomHeadersConfigItem" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyCustomHeadersConfigItem:getResponseHeadersPolicyCustomHeadersConfigItem": { "properties": { "header": { "type": "string", "description": "The HTTP header name.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "value": { "type": "string", "description": "Value for the HTTP response header.\n" } }, "type": "object", "required": [ "header", "override", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyRemoveHeadersConfig:getResponseHeadersPolicyRemoveHeadersConfig": { "properties": { "items": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyRemoveHeadersConfigItem:getResponseHeadersPolicyRemoveHeadersConfigItem" } } }, "type": "object", "required": [ "items" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyRemoveHeadersConfigItem:getResponseHeadersPolicyRemoveHeadersConfigItem": { "properties": { "header": { "type": "string", "description": "The HTTP header name.\n" } }, "type": "object", "required": [ "header" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfig:getResponseHeadersPolicySecurityHeadersConfig": { "properties": { "contentSecurityPolicies": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy:getResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy" }, "description": "The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.\n" }, "contentTypeOptions": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigContentTypeOption:getResponseHeadersPolicySecurityHeadersConfigContentTypeOption" }, "description": "A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.\n" }, "frameOptions": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigFrameOption:getResponseHeadersPolicySecurityHeadersConfigFrameOption" }, "description": "Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.\n" }, "referrerPolicies": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigReferrerPolicy:getResponseHeadersPolicySecurityHeadersConfigReferrerPolicy" }, "description": "Value of the Referrer-Policy HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`\n" }, "strictTransportSecurities": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity:getResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity" }, "description": "Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.\n" }, "xssProtections": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigXssProtection:getResponseHeadersPolicySecurityHeadersConfigXssProtection" }, "description": "Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.\n" } }, "type": "object", "required": [ "contentSecurityPolicies", "contentTypeOptions", "frameOptions", "referrerPolicies", "strictTransportSecurities", "xssProtections" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy:getResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy": { "properties": { "contentSecurityPolicy": { "type": "string", "description": "The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "contentSecurityPolicy", "override" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigContentTypeOption:getResponseHeadersPolicySecurityHeadersConfigContentTypeOption": { "properties": { "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "override" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigFrameOption:getResponseHeadersPolicySecurityHeadersConfigFrameOption": { "properties": { "frameOption": { "type": "string", "description": "Value of the X-Frame-Options HTTP response header. Valid values: `DENY` | `SAMEORIGIN`\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" } }, "type": "object", "required": [ "frameOption", "override" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigReferrerPolicy:getResponseHeadersPolicySecurityHeadersConfigReferrerPolicy": { "properties": { "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "referrerPolicy": { "type": "string", "description": "Value of the Referrer-Policy HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`\n" } }, "type": "object", "required": [ "override", "referrerPolicy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity:getResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity": { "properties": { "accessControlMaxAgeSec": { "type": "integer", "description": "A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.\n" }, "includeSubdomains": { "type": "boolean", "description": "Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "preload": { "type": "boolean", "description": "Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.\n" } }, "type": "object", "required": [ "accessControlMaxAgeSec", "includeSubdomains", "override", "preload" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfigXssProtection:getResponseHeadersPolicySecurityHeadersConfigXssProtection": { "properties": { "modeBlock": { "type": "boolean", "description": "Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.\n" }, "override": { "type": "boolean", "description": "Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.\n" }, "protection": { "type": "boolean", "description": "Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.\n" }, "reportUri": { "type": "string", "description": "Whether CloudFront sets a reporting URI in the X-XSS-Protection header.\n" } }, "type": "object", "required": [ "modeBlock", "override", "protection", "reportUri" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudfront/getResponseHeadersPolicyServerTimingHeadersConfig:getResponseHeadersPolicyServerTimingHeadersConfig": { "properties": { "enabled": { "type": "boolean", "description": "Whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.\n" }, "samplingRate": { "type": "number", "description": "Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.\n" } }, "type": "object", "required": [ "enabled", "samplingRate" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate": { "properties": { "awsHardwareCertificate": { "type": "string", "description": "The HSM hardware certificate issued (signed) by AWS CloudHSM.\n" }, "clusterCertificate": { "type": "string", "description": "The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner.\n" }, "clusterCsr": { "type": "string", "description": "The certificate signing request (CSR). Available only in `UNINITIALIZED` state after an HSM instance is added to the cluster.\n" }, "hsmCertificate": { "type": "string", "description": "The HSM certificate issued (signed) by the HSM hardware.\n" }, "manufacturerHardwareCertificate": { "type": "string", "description": "The HSM hardware certificate issued (signed) by the hardware manufacturer.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "awsHardwareCertificate", "clusterCertificate", "clusterCsr", "hsmCertificate", "manufacturerHardwareCertificate" ] } } }, "aws:cloudhsmv2/getClusterClusterCertificate:getClusterClusterCertificate": { "properties": { "awsHardwareCertificate": { "type": "string", "description": "The HSM hardware certificate issued (signed) by AWS CloudHSM.\n" }, "clusterCertificate": { "type": "string", "description": "The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner.\n" }, "clusterCsr": { "type": "string", "description": "The certificate signing request (CSR). Available only in UNINITIALIZED state.\n" }, "hsmCertificate": { "type": "string", "description": "The HSM certificate issued (signed) by the HSM hardware.\n" }, "manufacturerHardwareCertificate": { "type": "string", "description": "The HSM hardware certificate issued (signed) by the hardware manufacturer.\nThe number of available cluster certificates may vary depending on state of the cluster.\n" } }, "type": "object", "required": [ "awsHardwareCertificate", "clusterCertificate", "clusterCsr", "hsmCertificate", "manufacturerHardwareCertificate" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cloudsearch/DomainEndpointOptions:DomainEndpointOptions": { "properties": { "enforceHttps": { "type": "boolean", "description": "Enables or disables the requirement that all requests to the domain arrive over HTTPS.\n" }, "tlsSecurityPolicy": { "type": "string", "description": "The minimum required TLS version. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DomainEndpointOptions.html) for valid values.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enforceHttps", "tlsSecurityPolicy" ] } } }, "aws:cloudsearch/DomainIndexField:DomainIndexField": { "properties": { "analysisScheme": { "type": "string", "description": "The analysis scheme you want to use for a `text` field. The analysis scheme specifies the language-specific text processing options that are used during indexing.\n" }, "defaultValue": { "type": "string", "description": "The default value for the field. This value is used when no value is specified for the field in the document data.\n" }, "facet": { "type": "boolean", "description": "You can get facet information by enabling this.\n" }, "highlight": { "type": "boolean", "description": "You can highlight information.\n" }, "name": { "type": "string", "description": "A unique name for the field. Field names must begin with a letter and be at least 3 and no more than 64 characters long. The allowed characters are: `a`-`z` (lower-case letters), `0`-`9`, and `_` (underscore). The name `score` is reserved and cannot be used as a field name.\n" }, "return": { "type": "boolean", "description": "You can enable returning the value of all searchable fields.\n" }, "search": { "type": "boolean", "description": "You can set whether this index should be searchable or not.\n" }, "sort": { "type": "boolean", "description": "You can enable the property to be sortable.\n" }, "sourceFields": { "type": "string", "description": "A comma-separated list of source fields to map to the field. Specifying a source field copies data from one field to another, enabling you to use the same source data in different ways by configuring different options for the fields.\n" }, "type": { "type": "string", "description": "The field type. Valid values: `date`, `date-array`, `double`, `double-array`, `int`, `int-array`, `literal`, `literal-array`, `text`, `text-array`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:cloudsearch/DomainScalingParameters:DomainScalingParameters": { "properties": { "desiredInstanceType": { "type": "string", "description": "The instance type that you want to preconfigure for your domain. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ScalingParameters.html) for valid values.\n" }, "desiredPartitionCount": { "type": "integer", "description": "The number of partitions you want to preconfigure for your domain. Only valid when you select `search.2xlarge` as the instance type.\n" }, "desiredReplicationCount": { "type": "integer", "description": "The number of replicas you want to preconfigure for each index partition.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "desiredInstanceType", "desiredPartitionCount", "desiredReplicationCount" ] } } }, "aws:cloudtrail/EventDataStoreAdvancedEventSelector:EventDataStoreAdvancedEventSelector": { "properties": { "fieldSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/EventDataStoreAdvancedEventSelectorFieldSelector:EventDataStoreAdvancedEventSelectorFieldSelector" }, "description": "Specifies the selector statements in an advanced event selector. Fields documented below.\n" }, "name": { "type": "string", "description": "Specifies the name of the advanced event selector.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "fieldSelectors", "name" ] } } }, "aws:cloudtrail/EventDataStoreAdvancedEventSelectorFieldSelector:EventDataStoreAdvancedEventSelectorFieldSelector": { "properties": { "endsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the last few characters of the event record field specified as the value of `field`.\n" }, "equals": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields.\n" }, "field": { "type": "string", "description": "Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`.\n" }, "notEndsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`.\n" }, "notEquals": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the exact value of the event record field specified as the value of `field`.\n" }, "notStartsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`.\n" }, "startsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the first few characters of the event record field specified as the value of `field`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endsWiths", "equals", "field", "notEndsWiths", "notEquals", "notStartsWiths", "startsWiths" ] } } }, "aws:cloudtrail/TrailAdvancedEventSelector:TrailAdvancedEventSelector": { "properties": { "fieldSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailAdvancedEventSelectorFieldSelector:TrailAdvancedEventSelectorFieldSelector" }, "description": "Specifies the selector statements in an advanced event selector. Fields documented below.\n" }, "name": { "type": "string", "description": "Name of the trail.\n" } }, "type": "object", "required": [ "fieldSelectors" ] }, "aws:cloudtrail/TrailAdvancedEventSelectorFieldSelector:TrailAdvancedEventSelectorFieldSelector": { "properties": { "endsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the last few characters of the event record field specified as the value of `field`.\n" }, "equals": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields.\n" }, "field": { "type": "string", "description": "Field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`.\n" }, "notEndsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`.\n" }, "notEquals": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the exact value of the event record field specified as the value of `field`.\n" }, "notStartsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`.\n" }, "startsWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of values that includes events that match the first few characters of the event record field specified as the value of `field`.\n" } }, "type": "object", "required": [ "field" ] }, "aws:cloudtrail/TrailEventSelector:TrailEventSelector": { "properties": { "dataResources": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelectorDataResource:TrailEventSelectorDataResource" }, "description": "Configuration block for data events. See details below.\n" }, "excludeManagementEventSources": { "type": "array", "items": { "type": "string" }, "description": "A set of event sources to exclude. Valid values include: `kms.amazonaws.com` and `rdsdata.amazonaws.com`. `include_management_events` must be set to`true` to allow this.\n" }, "includeManagementEvents": { "type": "boolean", "description": "Whether to include management events for your trail. Defaults to `true`.\n" }, "readWriteType": { "type": "string", "description": "Type of events to log. Valid values are `ReadOnly`, `WriteOnly`, `All`. Default value is `All`.\n" } }, "type": "object" }, "aws:cloudtrail/TrailEventSelectorDataResource:TrailEventSelectorDataResource": { "properties": { "type": { "type": "string", "description": "Resource type in which you want to log data events. You can specify only the following value: \"AWS::S3::Object\", \"AWS::Lambda::Function\" and \"AWS::DynamoDB::Table\".\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of ARN strings or partial ARN strings to specify selectors for data audit events over data resources. ARN list is specific to single-valued `type`. For example, `arn:aws:s3:::\u003cbucket name\u003e/` for all objects in a bucket, `arn:aws:s3:::\u003cbucket name\u003e/key` for specific objects, `arn:aws:lambda` for all lambda events within an account, `arn:aws:lambda:\u003cregion\u003e:\u003caccount number\u003e:function:\u003cfunction name\u003e` for a specific Lambda function, `arn:aws:dynamodb` for all DDB events for all tables within an account, or `arn:aws:dynamodb:\u003cregion\u003e:\u003caccount number\u003e:table/\u003ctable name\u003e` for a specific DynamoDB table.\n" } }, "type": "object", "required": [ "type", "values" ] }, "aws:cloudtrail/TrailInsightSelector:TrailInsightSelector": { "properties": { "insightType": { "type": "string", "description": "Type of insights to log on a trail. Valid values are: `ApiCallRateInsight` and `ApiErrorRateInsight`.\n" } }, "type": "object", "required": [ "insightType" ] }, "aws:cloudwatch/CompositeAlarmActionsSuppressor:CompositeAlarmActionsSuppressor": { "properties": { "alarm": { "type": "string", "description": "Can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.\n" }, "extensionPeriod": { "type": "integer", "description": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n" }, "waitPeriod": { "type": "integer", "description": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n" } }, "type": "object", "required": [ "alarm", "extensionPeriod", "waitPeriod" ] }, "aws:cloudwatch/EventConnectionAuthParameters:EventConnectionAuthParameters": { "properties": { "apiKey": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersApiKey:EventConnectionAuthParametersApiKey", "description": "Parameters used for API_KEY authorization. An API key to include in the header for each authentication request. A maximum of 1 are allowed. Conflicts with `basic` and `oauth`. Documented below.\n" }, "basic": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersBasic:EventConnectionAuthParametersBasic", "description": "Parameters used for BASIC authorization. A maximum of 1 are allowed. Conflicts with `api_key` and `oauth`. Documented below.\n" }, "invocationHttpParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParameters:EventConnectionAuthParametersInvocationHttpParameters", "description": "Invocation Http Parameters are additional credentials used to sign each Invocation of the ApiDestination created from this Connection. If the ApiDestination Rule Target has additional HttpParameters, the values will be merged together, with the Connection Invocation Http Parameters taking precedence. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below.\n" }, "oauth": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauth:EventConnectionAuthParametersOauth", "description": "Parameters used for OAUTH_CLIENT_CREDENTIALS authorization. A maximum of 1 are allowed. Conflicts with `basic` and `api_key`. Documented below.\n" } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersApiKey:EventConnectionAuthParametersApiKey": { "properties": { "key": { "type": "string", "description": "Header Name.\n" }, "value": { "type": "string", "description": "Header Value. Created and stored in AWS Secrets Manager.\n", "secret": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:cloudwatch/EventConnectionAuthParametersBasic:EventConnectionAuthParametersBasic": { "properties": { "password": { "type": "string", "description": "A password for the authorization. Created and stored in AWS Secrets Manager.\n", "secret": true }, "username": { "type": "string", "description": "A username for the authorization.\n" } }, "type": "object", "required": [ "password", "username" ] }, "aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParameters:EventConnectionAuthParametersInvocationHttpParameters": { "properties": { "bodies": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersBody:EventConnectionAuthParametersInvocationHttpParametersBody" }, "description": "Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersHeader:EventConnectionAuthParametersInvocationHttpParametersHeader" }, "description": "Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersQueryString:EventConnectionAuthParametersInvocationHttpParametersQueryString" }, "description": "Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersBody:EventConnectionAuthParametersInvocationHttpParametersBody": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersHeader:EventConnectionAuthParametersInvocationHttpParametersHeader": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersInvocationHttpParametersQueryString:EventConnectionAuthParametersInvocationHttpParametersQueryString": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersOauth:EventConnectionAuthParametersOauth": { "properties": { "authorizationEndpoint": { "type": "string", "description": "The URL to the authorization endpoint.\n" }, "clientParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauthClientParameters:EventConnectionAuthParametersOauthClientParameters", "description": "Contains the client parameters for OAuth authorization. Contains the following two parameters.\n" }, "httpMethod": { "type": "string", "description": "A password for the authorization. Created and stored in AWS Secrets Manager.\n" }, "oauthHttpParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParameters:EventConnectionAuthParametersOauthOauthHttpParameters", "description": "OAuth Http Parameters are additional credentials used to sign the request to the authorization endpoint to exchange the OAuth Client information for an access token. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below.\n" } }, "type": "object", "required": [ "authorizationEndpoint", "httpMethod", "oauthHttpParameters" ] }, "aws:cloudwatch/EventConnectionAuthParametersOauthClientParameters:EventConnectionAuthParametersOauthClientParameters": { "properties": { "clientId": { "type": "string", "description": "The client ID for the credentials to use for authorization. Created and stored in AWS Secrets Manager.\n" }, "clientSecret": { "type": "string", "description": "The client secret for the credentials to use for authorization. Created and stored in AWS Secrets Manager.\n", "secret": true } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParameters:EventConnectionAuthParametersOauthOauthHttpParameters": { "properties": { "bodies": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersBody:EventConnectionAuthParametersOauthOauthHttpParametersBody" }, "description": "Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersHeader:EventConnectionAuthParametersOauthOauthHttpParametersHeader" }, "description": "Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersQueryString:EventConnectionAuthParametersOauthOauthHttpParametersQueryString" }, "description": "Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following:\n" } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersBody:EventConnectionAuthParametersOauthOauthHttpParametersBody": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersHeader:EventConnectionAuthParametersOauthOauthHttpParametersHeader": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventConnectionAuthParametersOauthOauthHttpParametersQueryString:EventConnectionAuthParametersOauthOauthHttpParametersQueryString": { "properties": { "isValueSecret": { "type": "boolean", "description": "Specified whether the value is secret.\n" }, "key": { "type": "string", "description": "The key for the parameter.\n" }, "value": { "type": "string", "description": "The value associated with the key. Created and stored in AWS Secrets Manager if is secret.\n", "secret": true } }, "type": "object" }, "aws:cloudwatch/EventEndpointEventBus:EventEndpointEventBus": { "properties": { "eventBusArn": { "type": "string", "description": "The ARN of the event bus the endpoint is associated with.\n" } }, "type": "object", "required": [ "eventBusArn" ] }, "aws:cloudwatch/EventEndpointReplicationConfig:EventEndpointReplicationConfig": { "properties": { "state": { "type": "string", "description": "The state of event replication. Valid values: `ENABLED`, `DISABLED`. The default state is `ENABLED`, which means you must supply a `role_arn`. If you don't have a `role_arn` or you don't want event replication enabled, set `state` to `DISABLED`.\n" } }, "type": "object" }, "aws:cloudwatch/EventEndpointRoutingConfig:EventEndpointRoutingConfig": { "properties": { "failoverConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfigFailoverConfig:EventEndpointRoutingConfigFailoverConfig", "description": "Parameters used for failover. This includes what triggers failover and what happens when it's triggered. Documented below.\n" } }, "type": "object", "required": [ "failoverConfig" ] }, "aws:cloudwatch/EventEndpointRoutingConfigFailoverConfig:EventEndpointRoutingConfigFailoverConfig": { "properties": { "primary": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfigFailoverConfigPrimary:EventEndpointRoutingConfigFailoverConfigPrimary", "description": "Parameters used for the primary Region. Documented below.\n" }, "secondary": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfigFailoverConfigSecondary:EventEndpointRoutingConfigFailoverConfigSecondary", "description": "Parameters used for the secondary Region, the Region that events are routed to when failover is triggered or event replication is enabled. Documented below.\n" } }, "type": "object", "required": [ "primary", "secondary" ] }, "aws:cloudwatch/EventEndpointRoutingConfigFailoverConfigPrimary:EventEndpointRoutingConfigFailoverConfigPrimary": { "properties": { "healthCheck": { "type": "string", "description": "The ARN of the health check used by the endpoint to determine whether failover is triggered.\n" } }, "type": "object" }, "aws:cloudwatch/EventEndpointRoutingConfigFailoverConfigSecondary:EventEndpointRoutingConfigFailoverConfigSecondary": { "properties": { "route": { "type": "string", "description": "The name of the secondary Region.\n" } }, "type": "object" }, "aws:cloudwatch/EventPermissionCondition:EventPermissionCondition": { "properties": { "key": { "type": "string", "description": "Key for the condition. Valid values: `aws:PrincipalOrgID`.\n" }, "type": { "type": "string", "description": "Type of condition. Value values: `StringEquals`.\n" }, "value": { "type": "string", "description": "Value for the key.\n" } }, "type": "object", "required": [ "key", "type", "value" ] }, "aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget": { "properties": { "arraySize": { "type": "integer", "description": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.\n" }, "jobAttempts": { "type": "integer", "description": "The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.\n" }, "jobDefinition": { "type": "string", "description": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.\n" }, "jobName": { "type": "string", "description": "The name to use for this execution of the job, if the target is an AWS Batch job.\n" } }, "type": "object", "required": [ "jobDefinition", "jobName" ] }, "aws:cloudwatch/EventTargetDeadLetterConfig:EventTargetDeadLetterConfig": { "properties": { "arn": { "type": "string", "description": "ARN of the SQS queue specified as the target for the dead-letter queue.\n" } }, "type": "object" }, "aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget": { "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTargetCapacityProviderStrategy:EventTargetEcsTargetCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the task. If a `capacity_provider_strategy` specified, the `launch_type` parameter must be omitted. If no `capacity_provider_strategy` or `launch_type` is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the task.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.\n" }, "group": { "type": "string", "description": "Specifies an ECS task group for the task. The maximum length is 255 characters.\n" }, "launchType": { "type": "string", "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: `EC2`, `EXTERNAL`, or `FARGATE`.\n" }, "networkConfiguration": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTargetNetworkConfiguration:EventTargetEcsTargetNetworkConfiguration", "description": "Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if `launch_type` is `FARGATE` because the awsvpc mode is required for Fargate tasks.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTargetOrderedPlacementStrategy:EventTargetEcsTargetOrderedPlacementStrategy" }, "description": "An array of placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTargetPlacementConstraint:EventTargetEcsTargetPlacementConstraint" }, "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.\n" }, "platformVersion": { "type": "string", "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0`. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see [AWS Fargate Platform Versions](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: `TASK_DEFINITION`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to ecs resources.\n" }, "taskCount": { "type": "integer", "description": "The number of tasks to create based on the TaskDefinition. Defaults to `1`.\n" }, "taskDefinitionArn": { "type": "string", "description": "The ARN of the task definition to use if the event target is an Amazon ECS cluster.\n" } }, "type": "object", "required": [ "taskDefinitionArn" ] }, "aws:cloudwatch/EventTargetEcsTargetCapacityProviderStrategy:EventTargetEcsTargetCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`.\n" }, "capacityProvider": { "type": "string", "description": "Short name of the capacity provider.\n" }, "weight": { "type": "integer", "description": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:cloudwatch/EventTargetEcsTargetNetworkConfiguration:EventTargetEcsTargetNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Defaults to `false`.\n\nFor more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html)\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnets associated with the task or service.\n" } }, "type": "object", "required": [ "subnets" ] }, "aws:cloudwatch/EventTargetEcsTargetOrderedPlacementStrategy:EventTargetEcsTargetOrderedPlacementStrategy": { "properties": { "field": { "type": "string", "description": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host`, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone`. For the `binpack` placement strategy, valid values are `cpu` and `memory`. For the `random` placement strategy, this field is not used. For more information, see [Amazon ECS task placement strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html).\n" }, "type": { "type": "string", "description": "Type of placement strategy. The only valid values at this time are `binpack`, `random` and `spread`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:cloudwatch/EventTargetEcsTargetPlacementConstraint:EventTargetEcsTargetPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "Cluster Query Language expression to apply to the constraint. Does not need to be specified for the `distinctInstance` type. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html).\n" }, "type": { "type": "string", "description": "Type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:cloudwatch/EventTargetHttpTarget:EventTargetHttpTarget": { "properties": { "headerParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Enables you to specify HTTP headers to add to the request.\n" }, "pathParameterValues": { "type": "array", "items": { "type": "string" }, "description": "The list of values that correspond sequentially to any path variables in your endpoint ARN (for example `arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*`).\n" }, "queryStringParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Represents keys/values of query string parameters that are appended to the invoked endpoint.\n" } }, "type": "object" }, "aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer": { "properties": { "inputPaths": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs specified in the form of JSONPath (for example, time = $.time)\n* You can have as many as 100 key-value pairs.\n* You must use JSON dot notation, not bracket notation.\n* The keys can't start with \"AWS\".\n" }, "inputTemplate": { "type": "string", "description": "Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.\n" } }, "type": "object", "required": [ "inputTemplate" ] }, "aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget": { "properties": { "partitionKeyPath": { "type": "string", "description": "The JSON path to be extracted from the event and used as the partition key.\n" } }, "type": "object" }, "aws:cloudwatch/EventTargetRedshiftTarget:EventTargetRedshiftTarget": { "properties": { "database": { "type": "string", "description": "The name of the database.\n" }, "dbUser": { "type": "string", "description": "The database user name.\n" }, "secretsManagerArn": { "type": "string", "description": "The name or ARN of the secret that enables access to the database.\n" }, "sql": { "type": "string", "description": "The SQL statement text to run.\n" }, "statementName": { "type": "string", "description": "The name of the SQL statement.\n" }, "withEvent": { "type": "boolean", "description": "Indicates whether to send an event back to EventBridge after the SQL statement runs.\n" } }, "type": "object", "required": [ "database" ] }, "aws:cloudwatch/EventTargetRetryPolicy:EventTargetRetryPolicy": { "properties": { "maximumEventAgeInSeconds": { "type": "integer", "description": "The age in seconds to continue to make retry attempts.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "maximum number of retry attempts to make before the request fails\n" } }, "type": "object" }, "aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget": { "properties": { "key": { "type": "string", "description": "Can be either `tag:tag-key` or `InstanceIds`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "If Key is `tag:tag-key`, Values is a list of tag values. If Key is `InstanceIds`, Values is a list of Amazon EC2 instance IDs.\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:cloudwatch/EventTargetSagemakerPipelineTarget:EventTargetSagemakerPipelineTarget": { "properties": { "pipelineParameterLists": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetSagemakerPipelineTargetPipelineParameterList:EventTargetSagemakerPipelineTargetPipelineParameterList" }, "description": "List of Parameter names and values for SageMaker Model Building Pipeline execution.\n" } }, "type": "object" }, "aws:cloudwatch/EventTargetSagemakerPipelineTargetPipelineParameterList:EventTargetSagemakerPipelineTargetPipelineParameterList": { "properties": { "name": { "type": "string", "description": "Name of parameter to start execution of a SageMaker Model Building Pipeline.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget": { "properties": { "messageGroupId": { "type": "string", "description": "The FIFO message group ID to use as the target.\n" } }, "type": "object" }, "aws:cloudwatch/InternetMonitorHealthEventsConfig:InternetMonitorHealthEventsConfig": { "properties": { "availabilityScoreThreshold": { "type": "number", "description": "The health event threshold percentage set for availability scores.\n" }, "performanceScoreThreshold": { "type": "number", "description": "The health event threshold percentage set for performance scores.\n" } }, "type": "object" }, "aws:cloudwatch/InternetMonitorInternetMeasurementsLogDelivery:InternetMonitorInternetMeasurementsLogDelivery": { "properties": { "s3Config": { "$ref": "#/types/aws:cloudwatch/InternetMonitorInternetMeasurementsLogDeliveryS3Config:InternetMonitorInternetMeasurementsLogDeliveryS3Config" } }, "type": "object" }, "aws:cloudwatch/InternetMonitorInternetMeasurementsLogDeliveryS3Config:InternetMonitorInternetMeasurementsLogDeliveryS3Config": { "properties": { "bucketName": { "type": "string" }, "bucketPrefix": { "type": "string" }, "logDeliveryStatus": { "type": "string" } }, "type": "object", "required": [ "bucketName" ] }, "aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation": { "properties": { "defaultValue": { "type": "string", "description": "The value to emit when a filter pattern does not match a log event. Conflicts with `dimensions`.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of fields to use as dimensions for the metric. Up to 3 dimensions are allowed. Conflicts with `default_value`.\n" }, "name": { "type": "string", "description": "The name of the CloudWatch metric to which the monitored log information should be published (e.g., `ErrorCount`)\n" }, "namespace": { "type": "string", "description": "The destination namespace of the CloudWatch metric.\n" }, "unit": { "type": "string", "description": "The unit to assign to the metric. If you omit this, the unit is set as `None`.\n" }, "value": { "type": "string", "description": "What to publish to the metric. For example, if you're counting the occurrences of a particular term like \"Error\", the value will be \"1\" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event.\n" } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery": { "properties": { "accountId": { "type": "string", "description": "The ID of the account where the metrics are located, if this is a cross-account alarm.\n" }, "expression": { "type": "string", "description": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the id of the other metrics to refer to those metrics, and can also use the id of other expressions to use the result of those expressions. For more information about metric math expressions, see Metric Math Syntax and Functions in the [Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax).\n" }, "id": { "type": "string", "description": "A short name used to tie this object to the results in the response. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.\n" }, "label": { "type": "string", "description": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents.\n" }, "metric": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQueryMetric:MetricAlarmMetricQueryMetric", "description": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n" }, "period": { "type": "integer", "description": "Granularity in seconds of returned data points.\nFor metrics with regular resolution, valid values are any multiple of `60`.\nFor high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`.\n" }, "returnData": { "type": "boolean", "description": "Specify exactly one `metric_query` to be `true` to use that `metric_query` result as the alarm.\n\n\u003e **NOTE:** You must specify either `metric` or `expression`. Not both.\n" } }, "type": "object", "required": [ "id" ] }, "aws:cloudwatch/MetricAlarmMetricQueryMetric:MetricAlarmMetricQueryMetric": { "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricName": { "type": "string", "description": "The name for this metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "namespace": { "type": "string", "description": "The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "period": { "type": "integer", "description": "Granularity in seconds of returned data points.\nFor metrics with regular resolution, valid values are any multiple of `60`.\nFor high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`.\n" }, "stat": { "type": "string", "description": "The statistic to apply to this metric.\nSee docs for [supported statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html).\n" }, "unit": { "type": "string", "description": "The unit for this metric.\n" } }, "type": "object", "required": [ "metricName", "period", "stat" ] }, "aws:cloudwatch/MetricStreamExcludeFilter:MetricStreamExcludeFilter": { "properties": { "metricNames": { "type": "array", "items": { "type": "string" }, "description": "An array that defines the metrics you want to exclude for this metric namespace\n" }, "namespace": { "type": "string", "description": "Name of the metric namespace in the filter.\n" } }, "type": "object", "required": [ "namespace" ] }, "aws:cloudwatch/MetricStreamIncludeFilter:MetricStreamIncludeFilter": { "properties": { "metricNames": { "type": "array", "items": { "type": "string" }, "description": "An array that defines the metrics you want to include for this metric namespace\n" }, "namespace": { "type": "string", "description": "Name of the metric namespace in the filter.\n" } }, "type": "object", "required": [ "namespace" ] }, "aws:cloudwatch/MetricStreamStatisticsConfiguration:MetricStreamStatisticsConfiguration": { "properties": { "additionalStatistics": { "type": "array", "items": { "type": "string" }, "description": "The additional statistics to stream for the metrics listed in `include_metrics`.\n" }, "includeMetrics": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamStatisticsConfigurationIncludeMetric:MetricStreamStatisticsConfigurationIncludeMetric" }, "description": "An array that defines the metrics that are to have additional statistics streamed. See details below.\n" } }, "type": "object", "required": [ "additionalStatistics", "includeMetrics" ] }, "aws:cloudwatch/MetricStreamStatisticsConfigurationIncludeMetric:MetricStreamStatisticsConfigurationIncludeMetric": { "properties": { "metricName": { "type": "string", "description": "The name of the metric.\n" }, "namespace": { "type": "string" } }, "type": "object", "required": [ "metricName", "namespace" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatement:getLogDataProtectionPolicyDocumentStatement": { "properties": { "dataIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "Set of at least 1 sensitive data identifiers that you want to mask. Read more in [Types of data that you can protect](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html).\n" }, "operation": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperation:getLogDataProtectionPolicyDocumentStatementOperation", "description": "Configures the data protection operation applied by this statement.\n" }, "sid": { "type": "string", "description": "Name of this statement.\n" } }, "type": "object", "required": [ "dataIdentifiers", "operation" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperation:getLogDataProtectionPolicyDocumentStatementOperation": { "properties": { "audit": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAudit:getLogDataProtectionPolicyDocumentStatementOperationAudit", "description": "Configures the detection of sensitive data.\n" }, "deidentify": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationDeidentify:getLogDataProtectionPolicyDocumentStatementOperationDeidentify", "description": "Configures the masking of sensitive data.\n\n\u003e Every policy statement must specify exactly one operation.\n" } }, "type": "object" }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAudit:getLogDataProtectionPolicyDocumentStatementOperationAudit": { "properties": { "findingsDestination": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination", "description": "Configures destinations to send audit findings to.\n" } }, "type": "object", "required": [ "findingsDestination" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs", "description": "Configures CloudWatch Logs as a findings destination.\n" }, "firehose": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose", "description": "Configures Kinesis Firehose as a findings destination.\n" }, "s3": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3", "description": "Configures S3 as a findings destination.\n" } }, "type": "object" }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs": { "properties": { "logGroup": { "type": "string", "description": "Name of the CloudWatch Log Group to send findings to.\n" } }, "type": "object", "required": [ "logGroup" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose": { "properties": { "deliveryStream": { "type": "string", "description": "Name of the Kinesis Firehose Delivery Stream to send findings to.\n" } }, "type": "object", "required": [ "deliveryStream" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3:getLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 Bucket to send findings to.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationDeidentify:getLogDataProtectionPolicyDocumentStatementOperationDeidentify": { "properties": { "maskConfig": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig:getLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig", "description": "An empty object that configures masking.\n" } }, "type": "object", "required": [ "maskConfig" ] }, "aws:cloudwatch/getLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig:getLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig": { "type": "object" }, "aws:codeartifact/RepositoryExternalConnections:RepositoryExternalConnections": { "properties": { "externalConnectionName": { "type": "string", "description": "The name of the external connection associated with a repository.\n" }, "packageFormat": { "type": "string" }, "status": { "type": "string" } }, "type": "object", "required": [ "externalConnectionName" ], "language": { "nodejs": { "requiredOutputs": [ "externalConnectionName", "packageFormat", "status" ] } } }, "aws:codeartifact/RepositoryUpstream:RepositoryUpstream": { "properties": { "repositoryName": { "type": "string", "description": "The name of an upstream repository.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "aws:codebuild/ProjectArtifacts:ProjectArtifacts": { "properties": { "artifactIdentifier": { "type": "string", "description": "Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification.\n" }, "bucketOwnerAccess": { "type": "string", "description": "Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket.\n" }, "encryptionDisabled": { "type": "boolean", "description": "Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`.\n" }, "location": { "type": "string", "description": "Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored. If `type` is set to `S3`, this is the name of the output bucket.\n" }, "name": { "type": "string", "description": "Name of the project. If `type` is set to `S3`, this is the name of the output artifact object\n" }, "namespaceType": { "type": "string", "description": "Namespace to use in storing build artifacts. If `type` is set to `S3`, then valid values are `BUILD_ID`, `NONE`.\n" }, "overrideArtifactName": { "type": "boolean", "description": "Whether a name specified in the build specification overrides the artifact name.\n" }, "packaging": { "type": "string", "description": "Type of build output artifact to create. If `type` is set to `S3`, valid values are `NONE`, `ZIP`\n" }, "path": { "type": "string", "description": "If `type` is set to `S3`, this is the path to the output artifact.\n" }, "type": { "type": "string", "description": "Build output artifact's type. Valid values: `CODEPIPELINE`, `NO_ARTIFACTS`, `S3`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectBuildBatchConfig:ProjectBuildBatchConfig": { "properties": { "combineArtifacts": { "type": "boolean", "description": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.\n" }, "restrictions": { "$ref": "#/types/aws:codebuild/ProjectBuildBatchConfigRestrictions:ProjectBuildBatchConfigRestrictions", "description": "Configuration block specifying the restrictions for the batch build. Detailed below.\n" }, "serviceRole": { "type": "string", "description": "Specifies the service role ARN for the batch build project.\n" }, "timeoutInMins": { "type": "integer", "description": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.\n" } }, "type": "object", "required": [ "serviceRole" ] }, "aws:codebuild/ProjectBuildBatchConfigRestrictions:ProjectBuildBatchConfigRestrictions": { "properties": { "computeTypesAlloweds": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the AWS CodeBuild User Guide for these values.\n" }, "maximumBuildsAllowed": { "type": "integer", "description": "Specifies the maximum number of builds allowed.\n" } }, "type": "object" }, "aws:codebuild/ProjectCache:ProjectCache": { "properties": { "location": { "type": "string", "description": "Location where the AWS CodeBuild project stores cached resources. For type `S3`, the value must be a valid S3 bucket name/prefix.\n" }, "modes": { "type": "array", "items": { "type": "string" }, "description": "Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: `LOCAL_SOURCE_CACHE`, `LOCAL_DOCKER_LAYER_CACHE`, `LOCAL_CUSTOM_CACHE`.\n" }, "type": { "type": "string", "description": "Type of storage that will be used for the AWS CodeBuild project cache. Valid values: `NO_CACHE`, `LOCAL`, `S3`. Defaults to `NO_CACHE`.\n" } }, "type": "object" }, "aws:codebuild/ProjectEnvironment:ProjectEnvironment": { "properties": { "certificate": { "type": "string", "description": "ARN of the S3 bucket, path prefix and object key that contains the PEM-encoded certificate.\n" }, "computeType": { "type": "string", "description": "Information about the compute resources the build project will use. Valid values: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE`, `BUILD_GENERAL1_2XLARGE`, `BUILD_LAMBDA_1GB`, `BUILD_LAMBDA_2GB`, `BUILD_LAMBDA_4GB`, `BUILD_LAMBDA_8GB`, `BUILD_LAMBDA_10GB`. `BUILD_GENERAL1_SMALL` is only valid if `type` is set to `LINUX_CONTAINER`. When `type` is set to `LINUX_GPU_CONTAINER`, `compute_type` must be `BUILD_GENERAL1_LARGE`. When `type` is set to `LINUX_LAMBDA_CONTAINER` or `ARM_LAMBDA_CONTAINER`, `compute_type` must be `BUILD_LAMBDA_XGB`.`\n" }, "environmentVariables": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectEnvironmentEnvironmentVariable:ProjectEnvironmentEnvironmentVariable" }, "description": "Configuration block. Detailed below.\n" }, "image": { "type": "string", "description": "Docker image to use for this build project. Valid values include Docker images provided by CodeBuild, and full Docker repository URIs such as those for ECR (e.g., `137112412989.dkr.ecr.us-west-2.amazonaws.com/amazonlinux:latest`).\n" }, "imagePullCredentialsType": { "type": "string", "description": "Type of credentials AWS CodeBuild uses to pull images in your build. Valid values: `CODEBUILD`, `SERVICE_ROLE`. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CodeBuild credentials. Defaults to `CODEBUILD`.\n" }, "privilegedMode": { "type": "boolean", "description": "Whether to enable running the Docker daemon inside a Docker container. Defaults to `false`.\n" }, "registryCredential": { "$ref": "#/types/aws:codebuild/ProjectEnvironmentRegistryCredential:ProjectEnvironmentRegistryCredential", "description": "Configuration block. Detailed below.\n" }, "type": { "type": "string", "description": "Type of build environment to use for related builds. Valid values: `LINUX_CONTAINER`, `LINUX_GPU_CONTAINER`, `WINDOWS_CONTAINER` (deprecated), `WINDOWS_SERVER_2019_CONTAINER`, `ARM_CONTAINER`, `LINUX_LAMBDA_CONTAINER`, `ARM_LAMBDA_CONTAINER`. For additional information, see the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html).\n" } }, "type": "object", "required": [ "computeType", "image", "type" ] }, "aws:codebuild/ProjectEnvironmentEnvironmentVariable:ProjectEnvironmentEnvironmentVariable": { "properties": { "name": { "type": "string", "description": "Environment variable's name or key.\n" }, "type": { "type": "string", "description": "Type of environment variable. Valid values: `PARAMETER_STORE`, `PLAINTEXT`, `SECRETS_MANAGER`.\n" }, "value": { "type": "string", "description": "Environment variable's value.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:codebuild/ProjectEnvironmentRegistryCredential:ProjectEnvironmentRegistryCredential": { "properties": { "credential": { "type": "string", "description": "ARN or name of credentials created using AWS Secrets Manager.\n" }, "credentialProvider": { "type": "string", "description": "Service that created the credentials to access a private Docker registry. Valid value: `SECRETS_MANAGER` (AWS Secrets Manager).\n" } }, "type": "object", "required": [ "credential", "credentialProvider" ] }, "aws:codebuild/ProjectFileSystemLocation:ProjectFileSystemLocation": { "properties": { "identifier": { "type": "string", "description": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD\\_. For example, if you specify my-efs for identifier, a new environment variable is create named CODEBUILD_MY-EFS.\n" }, "location": { "type": "string", "description": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path`.\n" }, "mountOptions": { "type": "string", "description": "The mount options for a file system created by AWS EFS.\n" }, "mountPoint": { "type": "string", "description": "The location in the container where you mount the file system.\n" }, "type": { "type": "string", "description": "The type of the file system. The one supported type is `EFS`.\n" } }, "type": "object" }, "aws:codebuild/ProjectLogsConfig:ProjectLogsConfig": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:codebuild/ProjectLogsConfigCloudwatchLogs:ProjectLogsConfigCloudwatchLogs", "description": "Configuration block. Detailed below.\n" }, "s3Logs": { "$ref": "#/types/aws:codebuild/ProjectLogsConfigS3Logs:ProjectLogsConfigS3Logs", "description": "Configuration block. Detailed below.\n" } }, "type": "object" }, "aws:codebuild/ProjectLogsConfigCloudwatchLogs:ProjectLogsConfigCloudwatchLogs": { "properties": { "groupName": { "type": "string", "description": "Group name of the logs in CloudWatch Logs.\n" }, "status": { "type": "string", "description": "Current status of logs in CloudWatch Logs for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `ENABLED`.\n" }, "streamName": { "type": "string", "description": "Prefix of the log stream name of the logs in CloudWatch Logs.\n" } }, "type": "object" }, "aws:codebuild/ProjectLogsConfigS3Logs:ProjectLogsConfigS3Logs": { "properties": { "bucketOwnerAccess": { "type": "string", "description": "Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket.\n" }, "encryptionDisabled": { "type": "boolean", "description": "Whether to disable encrypting S3 logs. Defaults to `false`.\n" }, "location": { "type": "string", "description": "Name of the S3 bucket and the path prefix for S3 logs. Must be set if status is `ENABLED`, otherwise it must be empty.\n" }, "status": { "type": "string", "description": "Current status of logs in S3 for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `DISABLED`.\n" } }, "type": "object" }, "aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact": { "properties": { "artifactIdentifier": { "type": "string", "description": "Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification.\n" }, "bucketOwnerAccess": { "type": "string", "description": "Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. The CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket.\n" }, "encryptionDisabled": { "type": "boolean", "description": "Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`.\n" }, "location": { "type": "string", "description": "Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output bucket. If `path` is not specified, `location` can specify the path of the output artifact in the output bucket.\n" }, "name": { "type": "string", "description": "Name of the project. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output artifact object.\n" }, "namespaceType": { "type": "string", "description": "Namespace to use in storing build artifacts. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `BUILD_ID` or `NONE`.\n" }, "overrideArtifactName": { "type": "boolean", "description": "Whether a name specified in the build specification overrides the artifact name.\n" }, "packaging": { "type": "string", "description": "Type of build output artifact to create. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `NONE` or `ZIP`.\n" }, "path": { "type": "string", "description": "Along with `namespace_type` and `name`, the pattern that AWS CodeBuild uses to name and store the output artifact. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the path to the output artifact.\n" }, "type": { "type": "string", "description": "Build output artifact's type. Valid values `CODEPIPELINE`, `NO_ARTIFACTS`, and `S3`.\n" } }, "type": "object", "required": [ "artifactIdentifier", "type" ] }, "aws:codebuild/ProjectSecondarySource:ProjectSecondarySource": { "properties": { "buildStatusConfig": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceBuildStatusConfig:ProjectSecondarySourceBuildStatusConfig", "description": "Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. `build_status_config` blocks are documented below.\n" }, "buildspec": { "type": "string", "description": "The build spec declaration to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. It can either be a path to a file residing in the repository to be built or a local file path leveraging the `file()` built-in.\n" }, "gitCloneDepth": { "type": "integer", "description": "Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details.\n" }, "gitSubmodulesConfig": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceGitSubmodulesConfig:ProjectSecondarySourceGitSubmodulesConfig", "description": "Configuration block. Detailed below.\n" }, "insecureSsl": { "type": "boolean", "description": "Ignore SSL warnings when connecting to source control.\n" }, "location": { "type": "string", "description": "Location of the source code from git or s3.\n" }, "reportBuildStatus": { "type": "boolean", "description": "Whether to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket.\n" }, "sourceIdentifier": { "type": "string", "description": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.\n" }, "type": { "type": "string", "description": "Type of repository that contains the source code to be built. Valid values: `BITBUCKET`, `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `GITLAB`, `GITLAB_SELF_MANAGED`, `NO_SOURCE`, `S3`.\n" } }, "type": "object", "required": [ "sourceIdentifier", "type" ] }, "aws:codebuild/ProjectSecondarySourceBuildStatusConfig:ProjectSecondarySourceBuildStatusConfig": { "properties": { "context": { "type": "string", "description": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n" }, "targetUrl": { "type": "string", "description": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n" } }, "type": "object" }, "aws:codebuild/ProjectSecondarySourceGitSubmodulesConfig:ProjectSecondarySourceGitSubmodulesConfig": { "properties": { "fetchSubmodules": { "type": "boolean", "description": "Whether to fetch Git submodules for the AWS CodeBuild build project.\n" } }, "type": "object", "required": [ "fetchSubmodules" ] }, "aws:codebuild/ProjectSecondarySourceVersion:ProjectSecondarySourceVersion": { "properties": { "sourceIdentifier": { "type": "string", "description": "An identifier for a source in the build project.\n" }, "sourceVersion": { "type": "string", "description": "The source version for the corresponding source identifier. See [AWS docs](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectSourceVersion.html#CodeBuild-Type-ProjectSourceVersion-sourceVersion) for more details.\n" } }, "type": "object", "required": [ "sourceIdentifier", "sourceVersion" ] }, "aws:codebuild/ProjectSource:ProjectSource": { "properties": { "buildStatusConfig": { "$ref": "#/types/aws:codebuild/ProjectSourceBuildStatusConfig:ProjectSourceBuildStatusConfig", "description": "Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. `build_status_config` blocks are documented below.\n" }, "buildspec": { "type": "string", "description": "Build specification to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. Also, if a non-default buildspec file name or file path aside from the root is used, it must be specified.\n" }, "gitCloneDepth": { "type": "integer", "description": "Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details.\n" }, "gitSubmodulesConfig": { "$ref": "#/types/aws:codebuild/ProjectSourceGitSubmodulesConfig:ProjectSourceGitSubmodulesConfig", "description": "Configuration block. Detailed below.\n" }, "insecureSsl": { "type": "boolean", "description": "Ignore SSL warnings when connecting to source control.\n" }, "location": { "type": "string", "description": "Location of the source code from git or s3.\n" }, "reportBuildStatus": { "type": "boolean", "description": "Whether to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket.\n" }, "type": { "type": "string", "description": "Type of repository that contains the source code to be built. Valid values: `BITBUCKET`, `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `GITLAB`, `GITLAB_SELF_MANAGED`, `NO_SOURCE`, `S3`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ProjectSourceBuildStatusConfig:ProjectSourceBuildStatusConfig": { "properties": { "context": { "type": "string", "description": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n" }, "targetUrl": { "type": "string", "description": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n" } }, "type": "object" }, "aws:codebuild/ProjectSourceGitSubmodulesConfig:ProjectSourceGitSubmodulesConfig": { "properties": { "fetchSubmodules": { "type": "boolean", "description": "Whether to fetch Git submodules for the AWS CodeBuild build project.\n" } }, "type": "object", "required": [ "fetchSubmodules" ] }, "aws:codebuild/ProjectVpcConfig:ProjectVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs to assign to running builds.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs within which to run builds.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC within which to run builds.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnets", "vpcId" ] }, "aws:codebuild/ReportGroupExportConfig:ReportGroupExportConfig": { "properties": { "s3Destination": { "$ref": "#/types/aws:codebuild/ReportGroupExportConfigS3Destination:ReportGroupExportConfigS3Destination", "description": "contains information about the S3 bucket where the run of a report is exported. see S3 Destination documented below.\n" }, "type": { "type": "string", "description": "The export configuration type. Valid values are `S3` and `NO_EXPORT`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:codebuild/ReportGroupExportConfigS3Destination:ReportGroupExportConfigS3Destination": { "properties": { "bucket": { "type": "string", "description": "The name of the S3 bucket where the raw data of a report are exported.\n" }, "encryptionDisabled": { "type": "boolean", "description": "A boolean value that specifies if the results of a report are encrypted.\n**Note: the API does not currently allow setting encryption as disabled**\n" }, "encryptionKey": { "type": "string", "description": "The encryption key for the report's encrypted raw data. The KMS key ARN.\n" }, "packaging": { "type": "string", "description": "The type of build output artifact to create. Valid values are: `NONE` (default) and `ZIP`.\n" }, "path": { "type": "string", "description": "The path to the exported report's raw data results.\n" } }, "type": "object", "required": [ "bucket", "encryptionKey" ] }, "aws:codebuild/WebhookFilterGroup:WebhookFilterGroup": { "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroupFilter:WebhookFilterGroupFilter" }, "description": "A webhook filter for the group. Filter blocks are documented below.\n" } }, "type": "object" }, "aws:codebuild/WebhookFilterGroupFilter:WebhookFilterGroupFilter": { "properties": { "excludeMatchedPattern": { "type": "boolean", "description": "If set to `true`, the specified filter does *not* trigger a build. Defaults to `false`.\n" }, "pattern": { "type": "string", "description": "For a filter that uses `EVENT` type, a comma-separated string that specifies one event: `PUSH`, `PULL_REQUEST_CREATED`, `PULL_REQUEST_UPDATED`, `PULL_REQUEST_REOPENED`. `PULL_REQUEST_MERGED`, `WORKFLOW_JOB_QUEUED` works with GitHub \u0026 GitHub Enterprise only. For a filter that uses any of the other filter types, a regular expression.\n" }, "type": { "type": "string", "description": "The webhook filter group's type. Valid values for this parameter are: `EVENT`, `BASE_REF`, `HEAD_REF`, `ACTOR_ACCOUNT_ID`, `FILE_PATH`, `COMMIT_MESSAGE`, `WORKFLOW_NAME`, `TAG_NAME`, `RELEASE_NAME`. At least one filter group must specify `EVENT` as its type.\n" } }, "type": "object", "required": [ "pattern", "type" ] }, "aws:codebuild/WebhookScopeConfiguration:WebhookScopeConfiguration": { "properties": { "domain": { "type": "string", "description": "The domain of the GitHub Enterprise organization. Required if your project's source type is GITHUB_ENTERPRISE.\n" }, "name": { "type": "string", "description": "The name of either the enterprise or organization.\n" }, "scope": { "type": "string", "description": "The type of scope for a GitHub webhook. Valid values for this parameter are: `GITHUB_ORGANIZATION`, `GITHUB_GLOBAL`.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "aws:codecatalyst/DevEnvironmentIdes:DevEnvironmentIdes": { "properties": { "name": { "type": "string", "description": "The name of the IDE. Valid values include Cloud9, IntelliJ, PyCharm, GoLand, and VSCode.\n" }, "runtime": { "type": "string", "description": "A link to the IDE runtime image. This parameter is not required if the name is VSCode. Values of the runtime can be for example public.ecr.aws/jetbrains/py,public.ecr.aws/jetbrains/go\n" } }, "type": "object" }, "aws:codecatalyst/DevEnvironmentPersistentStorage:DevEnvironmentPersistentStorage": { "properties": { "size": { "type": "integer", "description": "The size of the persistent storage in gigabytes (specifically GiB). Valid values for storage are based on memory sizes in 16GB increments. Valid values are 16, 32, and 64.\n" } }, "type": "object", "required": [ "size" ] }, "aws:codecatalyst/DevEnvironmentRepository:DevEnvironmentRepository": { "properties": { "branchName": { "type": "string", "description": "The name of the branch in a source repository.\n\npersistent storage (` persistent_storage`) supports the following:\n" }, "repositoryName": { "type": "string", "description": "The name of the source repository.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "aws:codecatalyst/getDevEnvironmentIde:getDevEnvironmentIde": { "properties": { "name": { "type": "string" }, "runtime": { "type": "string" } }, "type": "object", "required": [ "name", "runtime" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codecatalyst/getDevEnvironmentPersistentStorage:getDevEnvironmentPersistentStorage": { "properties": { "size": { "type": "integer" } }, "type": "object", "required": [ "size" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codecatalyst/getDevEnvironmentRepository:getDevEnvironmentRepository": { "properties": { "branchName": { "type": "string" }, "repositoryName": { "type": "string" } }, "type": "object", "required": [ "branchName", "repositoryName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codecommit/TriggerTrigger:TriggerTrigger": { "properties": { "branches": { "type": "array", "items": { "type": "string" }, "description": "The branches that will be included in the trigger configuration. If no branches are specified, the trigger will apply to all branches.\n", "willReplaceOnChanges": true }, "customData": { "type": "string", "description": "Any custom data associated with the trigger that will be included in the information sent to the target of the trigger.\n", "willReplaceOnChanges": true }, "destinationArn": { "type": "string", "description": "The ARN of the resource that is the target for a trigger. For example, the ARN of a topic in Amazon Simple Notification Service (SNS).\n", "willReplaceOnChanges": true }, "events": { "type": "array", "items": { "type": "string" }, "description": "The repository events that will cause the trigger to run actions in another service, such as sending a notification through Amazon Simple Notification Service (SNS). If no events are specified, the trigger will run for all repository events. Event types include: `all`, `updateReference`, `createReference`, `deleteReference`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the trigger.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "destinationArn", "events", "name" ] }, "aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts": { "properties": { "type": { "type": "string", "description": "The type can either be `FLEET_PERCENT` or `HOST_COUNT`.\n", "willReplaceOnChanges": true }, "value": { "type": "integer", "description": "The value when the type is `FLEET_PERCENT` represents the minimum number of healthy instances as\na percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the\ndeployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\nWhen the type is `HOST_COUNT`, the value represents the minimum number of healthy instances as an absolute value.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig": { "properties": { "timeBasedCanary": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedCanary:DeploymentConfigTrafficRoutingConfigTimeBasedCanary", "description": "The time based canary configuration information. If `type` is `TimeBasedLinear`, use `time_based_linear` instead.\n", "willReplaceOnChanges": true }, "timeBasedLinear": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedLinear:DeploymentConfigTrafficRoutingConfigTimeBasedLinear", "description": "The time based linear configuration information. If `type` is `TimeBasedCanary`, use `time_based_canary` instead.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of traffic routing config. One of `TimeBasedCanary`, `TimeBasedLinear`, `AllAtOnce`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedCanary:DeploymentConfigTrafficRoutingConfigTimeBasedCanary": { "properties": { "interval": { "type": "integer", "description": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.\n", "willReplaceOnChanges": true }, "percentage": { "type": "integer", "description": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codedeploy/DeploymentConfigTrafficRoutingConfigTimeBasedLinear:DeploymentConfigTrafficRoutingConfigTimeBasedLinear": { "properties": { "interval": { "type": "integer", "description": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.\n", "willReplaceOnChanges": true }, "percentage": { "type": "integer", "description": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration": { "properties": { "alarms": { "type": "array", "items": { "type": "string" }, "description": "A list of alarms configured for the deployment group. _A maximum of 10 alarms can be added to a deployment group_.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the alarm configuration is enabled. This option is useful when you want to temporarily deactivate alarm monitoring for a deployment group without having to add the same alarms again later.\n" }, "ignorePollAlarmFailure": { "type": "boolean", "description": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from CloudWatch. The default value is `false`.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether a defined automatic rollback configuration is currently enabled for this Deployment Group. If you enable automatic rollback, you must specify at least one event type.\n" }, "events": { "type": "array", "items": { "type": "string" }, "description": "The event type or types that trigger a rollback. Supported types are `DEPLOYMENT_FAILURE`, `DEPLOYMENT_STOP_ON_ALARM` and `DEPLOYMENT_STOP_ON_REQUEST`.\n\n_Only one `auto_rollback_configuration` is allowed_.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig": { "properties": { "deploymentReadyOption": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption:DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption", "description": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment (documented below).\n" }, "greenFleetProvisioningOption": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption:DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption", "description": "Information about how instances are provisioned for a replacement environment in a blue/green deployment (documented below).\n" }, "terminateBlueInstancesOnDeploymentSuccess": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess:DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess", "description": "Information about whether to terminate instances in the original fleet during a blue/green deployment (documented below).\n\n_Only one `blue_green_deployment_config` is allowed_.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "greenFleetProvisioningOption" ] } } }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption:DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption": { "properties": { "actionOnTimeout": { "type": "string", "description": "When to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n* `CONTINUE_DEPLOYMENT`: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n* `STOP_DEPLOYMENT`: Do not register new instances with load balancer unless traffic is rerouted manually. If traffic is not rerouted manually before the end of the specified wait period, the deployment status is changed to Stopped.\n" }, "waitTimeInMinutes": { "type": "integer", "description": "The number of minutes to wait before the status of a blue/green deployment changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `action_on_timeout`.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption:DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption": { "properties": { "action": { "type": "string", "description": "The method used to add instances to a replacement environment.\n* `DISCOVER_EXISTING`: Use instances that already exist or will be created manually.\n* `COPY_AUTO_SCALING_GROUP`: Use settings from a specified **Auto Scaling** group to define and create instances in a new Auto Scaling group. _Exactly one Auto Scaling group must be specified_ when selecting `COPY_AUTO_SCALING_GROUP`. Use `autoscaling_groups` to specify the Auto Scaling group.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess:DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess": { "properties": { "action": { "type": "string", "description": "The action to take on instances in the original environment after a successful blue/green deployment.\n* `TERMINATE`: Instances are terminated after a specified wait time.\n* `KEEP_ALIVE`: Instances are left running after they are deregistered from the load balancer and removed from the deployment group.\n" }, "terminationWaitTimeInMinutes": { "type": "integer", "description": "The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle": { "properties": { "deploymentOption": { "type": "string", "description": "Indicates whether to route deployment traffic behind a load balancer. Valid Values are `WITH_TRAFFIC_CONTROL` or `WITHOUT_TRAFFIC_CONTROL`. Default is `WITHOUT_TRAFFIC_CONTROL`.\n" }, "deploymentType": { "type": "string", "description": "Indicates whether to run an in-place deployment or a blue/green deployment. Valid Values are `IN_PLACE` or `BLUE_GREEN`. Default is `IN_PLACE`.\n\n_Only one `deployment_style` is allowed_.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n" }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n" }, "value": { "type": "string", "description": "The value of the tag filter.\n\nMultiple occurrences of `ec2_tag_filter` are allowed, where any instance that matches to at least one of the tag filters is selected.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet": { "properties": { "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSetEc2TagFilter:DeploymentGroupEc2TagSetEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEc2TagSetEc2TagFilter:DeploymentGroupEc2TagSetEc2TagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n" }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n" }, "value": { "type": "string", "description": "The value of the tag filter.\n\nMultiple occurrences of `ec2_tag_filter` are allowed, where any instance that matches to at least one of the tag filters is selected.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService": { "properties": { "clusterName": { "type": "string", "description": "The name of the ECS cluster.\n" }, "serviceName": { "type": "string", "description": "The name of the ECS service.\n" } }, "type": "object", "required": [ "clusterName", "serviceName" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo": { "properties": { "elbInfos": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoElbInfo:DeploymentGroupLoadBalancerInfoElbInfo" }, "description": "The Classic Elastic Load Balancer to use in a deployment. Conflicts with `target_group_info` and `target_group_pair_info`.\n" }, "targetGroupInfos": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupInfo:DeploymentGroupLoadBalancerInfoTargetGroupInfo" }, "description": "The (Application/Network Load Balancer) target group to use in a deployment. Conflicts with `elb_info` and `target_group_pair_info`.\n" }, "targetGroupPairInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfo:DeploymentGroupLoadBalancerInfoTargetGroupPairInfo", "description": "The (Application/Network Load Balancer) target group pair to use in a deployment. Conflicts with `elb_info` and `target_group_info`.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoElbInfo:DeploymentGroupLoadBalancerInfoElbInfo": { "properties": { "name": { "type": "string", "description": "The name of the load balancer that will be used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment completes.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupInfo:DeploymentGroupLoadBalancerInfoTargetGroupInfo": { "properties": { "name": { "type": "string", "description": "The name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfo:DeploymentGroupLoadBalancerInfoTargetGroupPairInfo": { "properties": { "prodTrafficRoute": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute", "description": "Configuration block for the production traffic route (documented below).\n" }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup" }, "description": "Configuration blocks for a target group within a target group pair (documented below).\n" }, "testTrafficRoute": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute", "description": "Configuration block for the test traffic route (documented below).\n" } }, "type": "object", "required": [ "prodTrafficRoute", "targetGroups" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute": { "properties": { "listenerArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the load balancer listeners. Must contain exactly one listener ARN.\n" } }, "type": "object", "required": [ "listenerArns" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup": { "properties": { "name": { "type": "string", "description": "Name of the target group.\n" } }, "type": "object", "required": [ "name" ] }, "aws:codedeploy/DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute:DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute": { "properties": { "listenerArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the load balancer listeners.\n" } }, "type": "object", "required": [ "listenerArns" ] }, "aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter": { "properties": { "key": { "type": "string", "description": "The key of the tag filter.\n" }, "type": { "type": "string", "description": "The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`.\n" }, "value": { "type": "string", "description": "The value of the tag filter.\n" } }, "type": "object" }, "aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration": { "properties": { "triggerEvents": { "type": "array", "items": { "type": "string" }, "description": "The event type or types for which notifications are triggered. Some values that are supported: `DeploymentStart`, `DeploymentSuccess`, `DeploymentFailure`, `DeploymentStop`, `DeploymentRollback`, `InstanceStart`, `InstanceSuccess`, `InstanceFailure`. See [the CodeDeploy documentation](http://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-sns-event-notifications-create-trigger.html) for all possible values.\n" }, "triggerName": { "type": "string", "description": "The name of the notification trigger.\n" }, "triggerTargetArn": { "type": "string", "description": "The ARN of the SNS topic through which notifications are sent.\n" } }, "type": "object", "required": [ "triggerEvents", "triggerName", "triggerTargetArn" ] }, "aws:codeguruprofiler/ProfilingGroupAgentOrchestrationConfig:ProfilingGroupAgentOrchestrationConfig": { "properties": { "profilingEnabled": { "type": "boolean", "description": "(Required) Boolean that specifies whether the profiling agent collects profiling data or\n" } }, "type": "object", "required": [ "profilingEnabled" ] }, "aws:codeguruprofiler/getProfilingGroupAgentOrchestrationConfig:getProfilingGroupAgentOrchestrationConfig": { "properties": { "profilingEnabled": { "type": "boolean" } }, "type": "object", "required": [ "profilingEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codeguruprofiler/getProfilingGroupProfilingStatus:getProfilingGroupProfilingStatus": { "properties": { "latestAgentOrchestratedAt": { "type": "string" }, "latestAgentProfileReportedAt": { "type": "string" }, "latestAggregatedProfiles": { "type": "array", "items": { "$ref": "#/types/aws:codeguruprofiler/getProfilingGroupProfilingStatusLatestAggregatedProfile:getProfilingGroupProfilingStatusLatestAggregatedProfile" } } }, "type": "object", "required": [ "latestAgentOrchestratedAt", "latestAgentProfileReportedAt", "latestAggregatedProfiles" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codeguruprofiler/getProfilingGroupProfilingStatusLatestAggregatedProfile:getProfilingGroupProfilingStatusLatestAggregatedProfile": { "properties": { "period": { "type": "string" }, "start": { "type": "string" } }, "type": "object", "required": [ "period", "start" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:codegurureviewer/RepositoryAssociationKmsKeyDetails:RepositoryAssociationKmsKeyDetails": { "properties": { "encryptionOption": { "type": "string", "description": "The encryption option for a repository association. It is either owned by AWS Key Management Service (KMS) (`AWS_OWNED_CMK`) or customer managed (`CUSTOMER_MANAGED_CMK`).\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS KMS key that is associated with a repository association.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codegurureviewer/RepositoryAssociationRepository:RepositoryAssociationRepository": { "properties": { "bitbucket": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepositoryBitbucket:RepositoryAssociationRepositoryBitbucket", "willReplaceOnChanges": true }, "codecommit": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepositoryCodecommit:RepositoryAssociationRepositoryCodecommit", "willReplaceOnChanges": true }, "githubEnterpriseServer": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepositoryGithubEnterpriseServer:RepositoryAssociationRepositoryGithubEnterpriseServer", "willReplaceOnChanges": true }, "s3Bucket": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepositoryS3Bucket:RepositoryAssociationRepositoryS3Bucket", "willReplaceOnChanges": true } }, "type": "object" }, "aws:codegurureviewer/RepositoryAssociationRepositoryBitbucket:RepositoryAssociationRepositoryBitbucket": { "properties": { "connectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.\n" }, "name": { "type": "string", "description": "The name of the third party source repository.\n" }, "owner": { "type": "string", "description": "The username for the account that owns the repository.\n" } }, "type": "object", "required": [ "connectionArn", "name", "owner" ] }, "aws:codegurureviewer/RepositoryAssociationRepositoryCodecommit:RepositoryAssociationRepositoryCodecommit": { "properties": { "name": { "type": "string", "description": "The name of the AWS CodeCommit repository.\n" } }, "type": "object", "required": [ "name" ] }, "aws:codegurureviewer/RepositoryAssociationRepositoryGithubEnterpriseServer:RepositoryAssociationRepositoryGithubEnterpriseServer": { "properties": { "connectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.\n" }, "name": { "type": "string", "description": "The name of the third party source repository.\n" }, "owner": { "type": "string", "description": "The username for the account that owns the repository.\n" } }, "type": "object", "required": [ "connectionArn", "name", "owner" ] }, "aws:codegurureviewer/RepositoryAssociationRepositoryS3Bucket:RepositoryAssociationRepositoryS3Bucket": { "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`.\n" }, "name": { "type": "string", "description": "The name of the repository in the S3 bucket.\n" } }, "type": "object", "required": [ "bucketName", "name" ] }, "aws:codegurureviewer/RepositoryAssociationS3RepositoryDetail:RepositoryAssociationS3RepositoryDetail": { "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`.\n" }, "codeArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationS3RepositoryDetailCodeArtifact:RepositoryAssociationS3RepositoryDetailCodeArtifact" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucketName", "codeArtifacts" ] } } }, "aws:codegurureviewer/RepositoryAssociationS3RepositoryDetailCodeArtifact:RepositoryAssociationS3RepositoryDetailCodeArtifact": { "properties": { "buildArtifactsObjectKey": { "type": "string" }, "sourceCodeArtifactsObjectKey": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "buildArtifactsObjectKey", "sourceCodeArtifactsObjectKey" ] } } }, "aws:codepipeline/CustomActionTypeConfigurationProperty:CustomActionTypeConfigurationProperty": { "properties": { "description": { "type": "string", "description": "The description of the action configuration property.\n" }, "key": { "type": "boolean", "description": "Whether the configuration property is a key.\n" }, "name": { "type": "string", "description": "The name of the action configuration property.\n" }, "queryable": { "type": "boolean", "description": "Indicates that the property will be used in conjunction with PollForJobs.\n" }, "required": { "type": "boolean", "description": "Whether the configuration property is a required value.\n" }, "secret": { "type": "boolean", "description": "Whether the configuration property is secret.\n" }, "type": { "type": "string", "description": "The type of the configuration property. Valid values: `String`, `Number`, `Boolean`\n" } }, "type": "object", "required": [ "key", "name", "required", "secret" ] }, "aws:codepipeline/CustomActionTypeInputArtifactDetails:CustomActionTypeInputArtifactDetails": { "properties": { "maximumCount": { "type": "integer", "description": "The maximum number of artifacts allowed for the action type. Min: 0, Max: 5\n" }, "minimumCount": { "type": "integer", "description": "The minimum number of artifacts allowed for the action type. Min: 0, Max: 5\n" } }, "type": "object", "required": [ "maximumCount", "minimumCount" ] }, "aws:codepipeline/CustomActionTypeOutputArtifactDetails:CustomActionTypeOutputArtifactDetails": { "properties": { "maximumCount": { "type": "integer", "description": "The maximum number of artifacts allowed for the action type. Min: 0, Max: 5\n" }, "minimumCount": { "type": "integer", "description": "The minimum number of artifacts allowed for the action type. Min: 0, Max: 5\n" } }, "type": "object", "required": [ "maximumCount", "minimumCount" ] }, "aws:codepipeline/CustomActionTypeSettings:CustomActionTypeSettings": { "properties": { "entityUrlTemplate": { "type": "string", "description": "The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system.\n" }, "executionUrlTemplate": { "type": "string", "description": "The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system.\n" }, "revisionUrlTemplate": { "type": "string", "description": "The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.\n" }, "thirdPartyConfigurationUrl": { "type": "string", "description": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.\n" } }, "type": "object" }, "aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore": { "properties": { "encryptionKey": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStoreEncryptionKey:PipelineArtifactStoreEncryptionKey", "description": "The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An `encryption_key` block is documented below.\n" }, "location": { "type": "string", "description": "The location where AWS CodePipeline stores artifacts for a pipeline; currently only `S3` is supported.\n" }, "region": { "type": "string", "description": "The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline.\n" }, "type": { "type": "string", "description": "The type of the artifact store, such as Amazon S3\n" } }, "type": "object", "required": [ "location", "type" ] }, "aws:codepipeline/PipelineArtifactStoreEncryptionKey:PipelineArtifactStoreEncryptionKey": { "properties": { "id": { "type": "string", "description": "The KMS key ARN or ID\n" }, "type": { "type": "string", "description": "The type of key; currently only `KMS` is supported\n" } }, "type": "object", "required": [ "id", "type" ] }, "aws:codepipeline/PipelineStage:PipelineStage": { "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStageAction:PipelineStageAction" }, "description": "The action(s) to include in the stage. Defined as an `action` block below\n" }, "name": { "type": "string", "description": "The name of the stage.\n" } }, "type": "object", "required": [ "actions", "name" ] }, "aws:codepipeline/PipelineStageAction:PipelineStageAction": { "properties": { "category": { "type": "string", "description": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are `Approval`, `Build`, `Deploy`, `Invoke`, `Source` and `Test`.\n" }, "configuration": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of the action declaration's configuration. Configurations options for action types and providers can be found in the [Pipeline Structure Reference](http://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) and [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation.\n" }, "inputArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of artifact names to be worked on.\n" }, "name": { "type": "string", "description": "The action declaration's name.\n" }, "namespace": { "type": "string", "description": "The namespace all output variables will be accessed from.\n" }, "outputArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of artifact names to output. Output artifact names must be unique within a pipeline.\n" }, "owner": { "type": "string", "description": "The creator of the action being called. Possible values are `AWS`, `Custom` and `ThirdParty`.\n" }, "provider": { "type": "string", "description": "The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation.\n" }, "region": { "type": "string", "description": "The region in which to run the action.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline.\n" }, "runOrder": { "type": "integer", "description": "The order in which actions are run.\n" }, "timeoutInMinutes": { "type": "integer" }, "version": { "type": "string", "description": "A string that identifies the action type.\n" } }, "type": "object", "required": [ "category", "name", "owner", "provider", "version" ], "language": { "nodejs": { "requiredOutputs": [ "category", "name", "owner", "provider", "region", "runOrder", "version" ] } } }, "aws:codepipeline/PipelineTrigger:PipelineTrigger": { "properties": { "gitConfiguration": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfiguration:PipelineTriggerGitConfiguration", "description": "Provides the filter criteria and the source stage for the repository event that starts the pipeline. For more information, refer to the [AWS documentation](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-filter.html). A `git_configuration` block is documented below.\n" }, "providerType": { "type": "string", "description": "The source provider for the event. Possible value is `CodeStarSourceConnection`.\n" } }, "type": "object", "required": [ "gitConfiguration", "providerType" ] }, "aws:codepipeline/PipelineTriggerGitConfiguration:PipelineTriggerGitConfiguration": { "properties": { "pullRequests": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPullRequest:PipelineTriggerGitConfigurationPullRequest" }, "description": "The field where the repository event that will start the pipeline is specified as pull requests. A `pull_request` block is documented below.\n" }, "pushes": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPush:PipelineTriggerGitConfigurationPush" }, "description": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details. A `push` block is documented below.\n" }, "sourceActionName": { "type": "string", "description": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n" } }, "type": "object", "required": [ "sourceActionName" ] }, "aws:codepipeline/PipelineTriggerGitConfigurationPullRequest:PipelineTriggerGitConfigurationPullRequest": { "properties": { "branches": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPullRequestBranches:PipelineTriggerGitConfigurationPullRequestBranches", "description": "The field that specifies to filter on branches for the pull request trigger configuration. A `branches` block is documented below.\n" }, "events": { "type": "array", "items": { "type": "string" }, "description": "A list that specifies which pull request events to filter on (opened, updated, closed) for the trigger configuration. Possible values are `OPEN`, `UPDATED ` and `CLOSED`.\n" }, "filePaths": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPullRequestFilePaths:PipelineTriggerGitConfigurationPullRequestFilePaths", "description": "The field that specifies to filter on file paths for the pull request trigger configuration. A `file_paths` block is documented below.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPullRequestBranches:PipelineTriggerGitConfigurationPullRequestBranches": { "properties": { "excludes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.\n" }, "includes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPullRequestFilePaths:PipelineTriggerGitConfigurationPullRequestFilePaths": { "properties": { "excludes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.\n" }, "includes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPush:PipelineTriggerGitConfigurationPush": { "properties": { "branches": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPushBranches:PipelineTriggerGitConfigurationPushBranches", "description": "The field that specifies to filter on branches for the push trigger configuration. A `branches` block is documented below.\n" }, "filePaths": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPushFilePaths:PipelineTriggerGitConfigurationPushFilePaths", "description": "The field that specifies to filter on file paths for the push trigger configuration. A `file_paths` block is documented below.\n" }, "tags": { "$ref": "#/types/aws:codepipeline/PipelineTriggerGitConfigurationPushTags:PipelineTriggerGitConfigurationPushTags", "description": "The field that contains the details for the Git tags trigger configuration. A `tags` block is documented below.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPushBranches:PipelineTriggerGitConfigurationPushBranches": { "properties": { "excludes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.\n" }, "includes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPushFilePaths:PipelineTriggerGitConfigurationPushFilePaths": { "properties": { "excludes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.\n" }, "includes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.\n" } }, "type": "object" }, "aws:codepipeline/PipelineTriggerGitConfigurationPushTags:PipelineTriggerGitConfigurationPushTags": { "properties": { "excludes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.\n" }, "includes": { "type": "array", "items": { "type": "string" }, "description": "A list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.\n" } }, "type": "object" }, "aws:codepipeline/PipelineVariable:PipelineVariable": { "properties": { "defaultValue": { "type": "string", "description": "The default value of a pipeline-level variable.\n" }, "description": { "type": "string", "description": "The description of a pipeline-level variable.\n\n\u003e **Note:** The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n" }, "name": { "type": "string", "description": "The name of a pipeline-level variable.\n" } }, "type": "object", "required": [ "name" ] }, "aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration": { "properties": { "allowedIpRange": { "type": "string", "description": "A valid CIDR block for `IP` filtering. Required for `IP`.\n", "willReplaceOnChanges": true }, "secretToken": { "type": "string", "description": "The shared secret for the GitHub repository webhook. Set this as `secret` in your `github_repository_webhook`'s `configuration` block. Required for `GITHUB_HMAC`.\n", "secret": true, "willReplaceOnChanges": true } }, "type": "object" }, "aws:codepipeline/WebhookFilter:WebhookFilter": { "properties": { "jsonPath": { "type": "string", "description": "The [JSON path](https://github.com/json-path/JsonPath) to filter on.\n" }, "matchEquals": { "type": "string", "description": "The value to match on (e.g., `refs/heads/{Branch}`). See [AWS docs](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_WebhookFilterRule.html) for details.\n" } }, "type": "object", "required": [ "jsonPath", "matchEquals" ] }, "aws:codestarconnections/HostVpcConfiguration:HostVpcConfiguration": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "ID of the security group or security groups associated with the Amazon VPC connected to the infrastructure where your provider type is installed.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of the subnet or subnets associated with the Amazon VPC connected to the infrastructure where your provider type is installed.\n" }, "tlsCertificate": { "type": "string", "description": "The value of the Transport Layer Security (TLS) certificate associated with the infrastructure where your provider type is installed.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon VPC connected to the infrastructure where your provider type is installed.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds", "vpcId" ] }, "aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget": { "properties": { "address": { "type": "string", "description": "The ARN of notification rule target. For example, a SNS Topic ARN.\n" }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "type": { "type": "string", "description": "The type of the notification target. Default value is `SNS`.\n" } }, "type": "object", "required": [ "address" ], "language": { "nodejs": { "requiredOutputs": [ "address", "status" ] } } }, "aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider": { "properties": { "clientId": { "type": "string", "description": "The client ID for the Amazon Cognito Identity User Pool.\n" }, "providerName": { "type": "string", "description": "The provider name for an Amazon Cognito Identity User Pool.\n" }, "serverSideTokenCheck": { "type": "boolean", "description": "Whether server-side token validation is enabled for the identity provider’s token or not.\n" } }, "type": "object" }, "aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping": { "properties": { "ambiguousRoleResolution": { "type": "string", "description": "Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type. `Required` if you specify Token or Rules as the Type.\n" }, "identityProvider": { "type": "string", "description": "A string identifying the identity provider, for example, \"graph.facebook.com\" or \"cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id\". Depends on `cognito_identity_providers` set on `aws.cognito.IdentityPool` resource or a `aws.cognito.IdentityProvider` resource.\n" }, "mappingRules": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMappingMappingRule:IdentityPoolRoleAttachmentRoleMappingMappingRule" }, "description": "The Rules Configuration to be used for mapping users to roles. You can specify up to 25 rules per identity provider. Rules are evaluated in order. The first one to match specifies the role.\n" }, "type": { "type": "string", "description": "The role mapping type.\n" } }, "type": "object", "required": [ "identityProvider", "type" ] }, "aws:cognito/IdentityPoolRoleAttachmentRoleMappingMappingRule:IdentityPoolRoleAttachmentRoleMappingMappingRule": { "properties": { "claim": { "type": "string", "description": "The claim name that must be present in the token, for example, \"isAdmin\" or \"paid\".\n" }, "matchType": { "type": "string", "description": "The match condition that specifies how closely the claim value in the IdP token must match Value.\n" }, "roleArn": { "type": "string", "description": "The role ARN.\n" }, "value": { "type": "string", "description": "A brief string that the claim must match, for example, \"paid\" or \"yes\".\n" } }, "type": "object", "required": [ "claim", "matchType", "roleArn", "value" ] }, "aws:cognito/ManagedUserPoolClientAnalyticsConfiguration:ManagedUserPoolClientAnalyticsConfiguration": { "properties": { "applicationArn": { "type": "string", "description": "Application ARN for an Amazon Pinpoint application. It conflicts with `external_id` and `role_arn`.\n" }, "applicationId": { "type": "string", "description": "Unique identifier for an Amazon Pinpoint application.\n" }, "externalId": { "type": "string", "description": "ID for the Analytics Configuration and conflicts with `application_arn`.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. It conflicts with `application_arn`.\n" }, "userDataShared": { "type": "boolean", "description": "If `user_data_shared` is set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "roleArn", "userDataShared" ] } } }, "aws:cognito/ManagedUserPoolClientTokenValidityUnits:ManagedUserPoolClientTokenValidityUnits": { "properties": { "accessToken": { "type": "string", "description": "Time unit for the value in `access_token_validity` and defaults to `hours`.\n" }, "idToken": { "type": "string", "description": "Time unit for the value in `id_token_validity`, and it defaults to `hours`.\n" }, "refreshToken": { "type": "string", "description": "Time unit for the value in `refresh_token_validity` and defaults to `days`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "accessToken", "idToken", "refreshToken" ] } } }, "aws:cognito/ResourceServerScope:ResourceServerScope": { "properties": { "scopeDescription": { "type": "string", "description": "The scope description.\n" }, "scopeName": { "type": "string", "description": "The scope name.\n" } }, "type": "object", "required": [ "scopeDescription", "scopeName" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfiguration:RiskConfigurationAccountTakeoverRiskConfiguration": { "properties": { "actions": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActions:RiskConfigurationAccountTakeoverRiskConfigurationActions", "description": "Account takeover risk configuration actions. See details below.\n" }, "notifyConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration", "description": "The notify configuration used to construct email notifications. See details below.\n" } }, "type": "object", "required": [ "actions", "notifyConfiguration" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActions:RiskConfigurationAccountTakeoverRiskConfigurationActions": { "properties": { "highAction": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction", "description": "Action to take for a high risk. See action block below.\n" }, "lowAction": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction", "description": "Action to take for a low risk. See action block below.\n" }, "mediumAction": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction", "description": "Action to take for a medium risk. See action block below.\n" } }, "type": "object" }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction": { "properties": { "eventAction": { "type": "string" }, "notify": { "type": "boolean", "description": "Whether to send a notification.\n" } }, "type": "object", "required": [ "eventAction", "notify" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction": { "properties": { "eventAction": { "type": "string" }, "notify": { "type": "boolean", "description": "Whether to send a notification.\n" } }, "type": "object", "required": [ "eventAction", "notify" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction:RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction": { "properties": { "eventAction": { "type": "string" }, "notify": { "type": "boolean", "description": "Whether to send a notification.\n" } }, "type": "object", "required": [ "eventAction", "notify" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration": { "properties": { "blockEmail": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail", "description": "Email template used when a detected risk event is blocked. See notify email type below.\n" }, "from": { "type": "string", "description": "The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.\n" }, "mfaEmail": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail", "description": "The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk. See notify email type below.\n" }, "noActionEmail": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail", "description": "The email template used when a detected risk event is allowed. See notify email type below.\n" }, "replyTo": { "type": "string", "description": "The destination to which the receiver of an email should reply to.\n" }, "sourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.\n" } }, "type": "object", "required": [ "sourceArn" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail": { "properties": { "htmlBody": { "type": "string", "description": "The email HTML body.\n" }, "subject": { "type": "string", "description": "The email subject.\n" }, "textBody": { "type": "string", "description": "The email text body.\n" } }, "type": "object", "required": [ "htmlBody", "subject", "textBody" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail": { "properties": { "htmlBody": { "type": "string", "description": "The email HTML body.\n" }, "subject": { "type": "string", "description": "The email subject.\n" }, "textBody": { "type": "string", "description": "The email text body.\n" } }, "type": "object", "required": [ "htmlBody", "subject", "textBody" ] }, "aws:cognito/RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail:RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail": { "properties": { "htmlBody": { "type": "string", "description": "The email HTML body.\n" }, "subject": { "type": "string", "description": "The email subject.\n" }, "textBody": { "type": "string", "description": "The email text body.\n" } }, "type": "object", "required": [ "htmlBody", "subject", "textBody" ] }, "aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfiguration:RiskConfigurationCompromisedCredentialsRiskConfiguration": { "properties": { "actions": { "$ref": "#/types/aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfigurationActions:RiskConfigurationCompromisedCredentialsRiskConfigurationActions", "description": "The compromised credentials risk configuration actions. See details below.\n" }, "eventFilters": { "type": "array", "items": { "type": "string" }, "description": "Perform the action for these events. The default is to perform all events if no event filter is specified. Valid values are `SIGN_IN`, `PASSWORD_CHANGE`, and `SIGN_UP`.\n" } }, "type": "object", "required": [ "actions" ], "language": { "nodejs": { "requiredOutputs": [ "actions", "eventFilters" ] } } }, "aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfigurationActions:RiskConfigurationCompromisedCredentialsRiskConfigurationActions": { "properties": { "eventAction": { "type": "string", "description": "The event action. Valid values are `BLOCK` or `NO_ACTION`.\n" } }, "type": "object", "required": [ "eventAction" ] }, "aws:cognito/RiskConfigurationRiskExceptionConfiguration:RiskConfigurationRiskExceptionConfiguration": { "properties": { "blockedIpRangeLists": { "type": "array", "items": { "type": "string" }, "description": "Overrides the risk decision to always block the pre-authentication requests.\nThe IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.\nCan contain a maximum of 200 items.\n" }, "skippedIpRangeLists": { "type": "array", "items": { "type": "string" }, "description": "Risk detection isn't performed on the IP addresses in this range list.\nThe IP range is in CIDR notation.\nCan contain a maximum of 200 items.\n" } }, "type": "object" }, "aws:cognito/UserPoolAccountRecoverySetting:UserPoolAccountRecoverySetting": { "properties": { "recoveryMechanisms": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolAccountRecoverySettingRecoveryMechanism:UserPoolAccountRecoverySettingRecoveryMechanism" }, "description": "List of Account Recovery Options of the following structure:\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recoveryMechanisms" ] } } }, "aws:cognito/UserPoolAccountRecoverySettingRecoveryMechanism:UserPoolAccountRecoverySettingRecoveryMechanism": { "properties": { "name": { "type": "string", "description": "Recovery method for a user. Can be of the following: `verified_email`, `verified_phone_number`, and `admin_only`.\n" }, "priority": { "type": "integer", "description": "Positive integer specifying priority of a method with 1 being the highest priority.\n" } }, "type": "object", "required": [ "name", "priority" ] }, "aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig": { "properties": { "allowAdminCreateUserOnly": { "type": "boolean", "description": "Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.\n" }, "inviteMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfigInviteMessageTemplate:UserPoolAdminCreateUserConfigInviteMessageTemplate", "description": "Invite message template structure. Detailed below.\n" } }, "type": "object" }, "aws:cognito/UserPoolAdminCreateUserConfigInviteMessageTemplate:UserPoolAdminCreateUserConfigInviteMessageTemplate": { "properties": { "emailMessage": { "type": "string", "description": "Message template for email messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively.\n" }, "emailSubject": { "type": "string", "description": "Subject line for email messages.\n" }, "smsMessage": { "type": "string", "description": "Message template for SMS messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively.\n" } }, "type": "object" }, "aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration": { "properties": { "applicationArn": { "type": "string", "description": "Application ARN for an Amazon Pinpoint application. Conflicts with `external_id` and `role_arn`.\n" }, "applicationId": { "type": "string", "description": "Application ID for an Amazon Pinpoint application.\n" }, "externalId": { "type": "string", "description": "ID for the Analytics Configuration. Conflicts with `application_arn`.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with `application_arn`.\n" }, "userDataShared": { "type": "boolean", "description": "If set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "roleArn", "userDataShared" ] } } }, "aws:cognito/UserPoolClientTokenValidityUnits:UserPoolClientTokenValidityUnits": { "properties": { "accessToken": { "type": "string", "description": "Time unit in for the value in `access_token_validity`, defaults to `hours`.\n" }, "idToken": { "type": "string", "description": "Time unit in for the value in `id_token_validity`, defaults to `hours`.\n" }, "refreshToken": { "type": "string", "description": "Time unit in for the value in `refresh_token_validity`, defaults to `days`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "accessToken", "idToken", "refreshToken" ] } } }, "aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration": { "properties": { "challengeRequiredOnNewDevice": { "type": "boolean", "description": "Whether a challenge is required on a new device. Only applicable to a new device.\n" }, "deviceOnlyRememberedOnUserPrompt": { "type": "boolean", "description": "Whether a device is only remembered on user prompt. `false` equates to \"Always\" remember, `true` is \"User Opt In,\" and not using a `device_configuration` block is \"No.\"\n" } }, "type": "object" }, "aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration": { "properties": { "configurationSet": { "type": "string", "description": "Email configuration set name from SES.\n" }, "emailSendingAccount": { "type": "string", "description": "Email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. Required to be `DEVELOPER` if `from_email_address` is set.\n" }, "fromEmailAddress": { "type": "string", "description": "Sender’s email address or sender’s display name with their email address (e.g., `john@example.com`, `John Smith \u003cjohn@example.com\u003e` or `\\\"John Smith Ph.D.\\\" \u003cjohn@example.com\u003e`). Escaped double quotes are required around display names that contain certain characters as specified in [RFC 5322](https://tools.ietf.org/html/rfc5322).\n" }, "replyToEmailAddress": { "type": "string", "description": "REPLY-TO email address.\n" }, "sourceArn": { "type": "string", "description": "ARN of the SES verified email identity to use. Required if `email_sending_account` is set to `DEVELOPER`.\n" } }, "type": "object" }, "aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig": { "properties": { "createAuthChallenge": { "type": "string", "description": "ARN of the lambda creating an authentication challenge.\n" }, "customEmailSender": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfigCustomEmailSender:UserPoolLambdaConfigCustomEmailSender", "description": "A custom email sender AWS Lambda trigger. See custom_email_sender Below.\n" }, "customMessage": { "type": "string", "description": "Custom Message AWS Lambda trigger.\n" }, "customSmsSender": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfigCustomSmsSender:UserPoolLambdaConfigCustomSmsSender", "description": "A custom SMS sender AWS Lambda trigger. See custom_sms_sender Below.\n" }, "defineAuthChallenge": { "type": "string", "description": "Defines the authentication challenge.\n" }, "kmsKeyId": { "type": "string", "description": "The Amazon Resource Name of Key Management Service Customer master keys. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender.\n" }, "postAuthentication": { "type": "string", "description": "Post-authentication AWS Lambda trigger.\n" }, "postConfirmation": { "type": "string", "description": "Post-confirmation AWS Lambda trigger.\n" }, "preAuthentication": { "type": "string", "description": "Pre-authentication AWS Lambda trigger.\n" }, "preSignUp": { "type": "string", "description": "Pre-registration AWS Lambda trigger.\n" }, "preTokenGeneration": { "type": "string", "description": "Allow to customize identity token claims before token generation. Set this parameter for legacy purposes; for new instances of pre token generation triggers, set the lambda_arn of `pre_token_generation_config`.\n" }, "preTokenGenerationConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfigPreTokenGenerationConfig:UserPoolLambdaConfigPreTokenGenerationConfig", "description": "Allow to customize access tokens. See pre_token_configuration_type\n" }, "userMigration": { "type": "string", "description": "User migration Lambda config type.\n" }, "verifyAuthChallengeResponse": { "type": "string", "description": "Verifies the authentication challenge response.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "preTokenGeneration", "preTokenGenerationConfig" ] } } }, "aws:cognito/UserPoolLambdaConfigCustomEmailSender:UserPoolLambdaConfigCustomEmailSender": { "properties": { "lambdaArn": { "type": "string", "description": "The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send email notifications to users.\n" }, "lambdaVersion": { "type": "string", "description": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information Amazon Cognito passes to your custom email Lambda function. The only supported value is `V1_0`.\n" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ] }, "aws:cognito/UserPoolLambdaConfigCustomSmsSender:UserPoolLambdaConfigCustomSmsSender": { "properties": { "lambdaArn": { "type": "string", "description": "The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send SMS notifications to users.\n" }, "lambdaVersion": { "type": "string", "description": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information Amazon Cognito passes to your custom SMS Lambda function. The only supported value is `V1_0`.\n" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ] }, "aws:cognito/UserPoolLambdaConfigPreTokenGenerationConfig:UserPoolLambdaConfigPreTokenGenerationConfig": { "properties": { "lambdaArn": { "type": "string" }, "lambdaVersion": { "type": "string" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ] }, "aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy": { "properties": { "minimumLength": { "type": "integer", "description": "Minimum length of the password policy that you have set.\n" }, "requireLowercase": { "type": "boolean", "description": "Whether you have required users to use at least one lowercase letter in their password.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether you have required users to use at least one number in their password.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether you have required users to use at least one symbol in their password.\n" }, "requireUppercase": { "type": "boolean", "description": "Whether you have required users to use at least one uppercase letter in their password.\n" }, "temporaryPasswordValidityDays": { "type": "integer", "description": "In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator.\n" } }, "type": "object" }, "aws:cognito/UserPoolSchema:UserPoolSchema": { "properties": { "attributeDataType": { "type": "string", "description": "Attribute data type. Must be one of `Boolean`, `Number`, `String`, `DateTime`.\n" }, "developerOnlyAttribute": { "type": "boolean", "description": "Whether the attribute type is developer only.\n" }, "mutable": { "type": "boolean", "description": "Whether the attribute can be changed once it has been created.\n" }, "name": { "type": "string", "description": "Name of the attribute.\n" }, "numberAttributeConstraints": { "$ref": "#/types/aws:cognito/UserPoolSchemaNumberAttributeConstraints:UserPoolSchemaNumberAttributeConstraints", "description": "Configuration block for the constraints for an attribute of the number type. Detailed below.\n" }, "required": { "type": "boolean", "description": "Whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.\n" }, "stringAttributeConstraints": { "$ref": "#/types/aws:cognito/UserPoolSchemaStringAttributeConstraints:UserPoolSchemaStringAttributeConstraints", "description": "Constraints for an attribute of the string type. Detailed below.\n" } }, "type": "object", "required": [ "attributeDataType", "name" ] }, "aws:cognito/UserPoolSchemaNumberAttributeConstraints:UserPoolSchemaNumberAttributeConstraints": { "properties": { "maxValue": { "type": "string", "description": "Maximum value of an attribute that is of the number data type.\n" }, "minValue": { "type": "string", "description": "Minimum value of an attribute that is of the number data type.\n" } }, "type": "object" }, "aws:cognito/UserPoolSchemaStringAttributeConstraints:UserPoolSchemaStringAttributeConstraints": { "properties": { "maxLength": { "type": "string", "description": "Maximum length of an attribute value of the string type.\n" }, "minLength": { "type": "string", "description": "Minimum length of an attribute value of the string type.\n" } }, "type": "object" }, "aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration": { "properties": { "externalId": { "type": "string", "description": "External ID used in IAM role trust relationships. For more information about using external IDs, see [How to Use an External ID When Granting Access to Your AWS Resources to a Third Party](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html).\n" }, "snsCallerArn": { "type": "string", "description": "ARN of the Amazon SNS caller. This is usually the IAM role that you've given Cognito permission to assume.\n" }, "snsRegion": { "type": "string", "description": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region. Amazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html).\n" } }, "type": "object", "required": [ "externalId", "snsCallerArn" ], "language": { "nodejs": { "requiredOutputs": [ "externalId", "snsCallerArn", "snsRegion" ] } } }, "aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Boolean whether to enable software token Multi-Factor (MFA) tokens, such as Time-based One-Time Password (TOTP). To disable software token MFA When `sms_configuration` is not present, the `mfa_configuration` argument must be set to `OFF` and the `software_token_mfa_configuration` configuration block must be fully removed.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:cognito/UserPoolUserAttributeUpdateSettings:UserPoolUserAttributeUpdateSettings": { "properties": { "attributesRequireVerificationBeforeUpdates": { "type": "array", "items": { "type": "string" }, "description": "A list of attributes requiring verification before update. If set, the provided value(s) must also be set in `auto_verified_attributes`. Valid values: `email`, `phone_number`.\n" } }, "type": "object", "required": [ "attributesRequireVerificationBeforeUpdates" ] }, "aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns": { "properties": { "advancedSecurityMode": { "type": "string", "description": "Mode for advanced security, must be one of `OFF`, `AUDIT` or `ENFORCED`.\n" } }, "type": "object", "required": [ "advancedSecurityMode" ] }, "aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration": { "properties": { "caseSensitive": { "type": "boolean", "description": "Whether username case sensitivity will be applied for all users in the user pool through Cognito APIs.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "caseSensitive" ] }, "aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate": { "properties": { "defaultEmailOption": { "type": "string", "description": "Default email option. Must be either `CONFIRM_WITH_CODE` or `CONFIRM_WITH_LINK`. Defaults to `CONFIRM_WITH_CODE`.\n" }, "emailMessage": { "type": "string", "description": "Email message template. Must contain the `{####}` placeholder. Conflicts with `email_verification_message` argument.\n" }, "emailMessageByLink": { "type": "string", "description": "Email message template for sending a confirmation link to the user, it must contain the `{##Click Here##}` placeholder.\n" }, "emailSubject": { "type": "string", "description": "Subject line for the email message template. Conflicts with `email_verification_subject` argument.\n" }, "emailSubjectByLink": { "type": "string", "description": "Subject line for the email message template for sending a confirmation link to the user.\n" }, "smsMessage": { "type": "string", "description": "SMS message template. Must contain the `{####}` placeholder. Conflicts with `sms_verification_message` argument.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "emailMessage", "emailMessageByLink", "emailSubject", "emailSubjectByLink", "smsMessage" ] } } }, "aws:cognito/getIdentityPoolCognitoIdentityProvider:getIdentityPoolCognitoIdentityProvider": { "properties": { "clientId": { "type": "string" }, "providerName": { "type": "string" }, "serverSideTokenCheck": { "type": "boolean" } }, "type": "object", "required": [ "clientId", "providerName", "serverSideTokenCheck" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserGroupsGroup:getUserGroupsGroup": { "properties": { "description": { "type": "string", "description": "Description of the user group.\n" }, "groupName": { "type": "string", "description": "Name of the user group.\n" }, "precedence": { "type": "integer", "description": "Precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role to be associated with the user group.\n" } }, "type": "object", "required": [ "description", "groupName", "precedence", "roleArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolAccountRecoverySetting:getUserPoolAccountRecoverySetting": { "properties": { "recoveryMechanisms": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolAccountRecoverySettingRecoveryMechanism:getUserPoolAccountRecoverySettingRecoveryMechanism" } } }, "type": "object", "required": [ "recoveryMechanisms" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolAccountRecoverySettingRecoveryMechanism:getUserPoolAccountRecoverySettingRecoveryMechanism": { "properties": { "name": { "type": "string", "description": "- Name of the attribute.\n" }, "priority": { "type": "integer", "description": "- Priority of this mechanism in the recovery process (lower numbers are higher priority).\n" } }, "type": "object", "required": [ "name", "priority" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolAdminCreateUserConfig:getUserPoolAdminCreateUserConfig": { "properties": { "allowAdminCreateUserOnly": { "type": "boolean", "description": "- Whether only admins can create users.\n" }, "inviteMessageTemplates": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolAdminCreateUserConfigInviteMessageTemplate:getUserPoolAdminCreateUserConfigInviteMessageTemplate" } }, "unusedAccountValidityDays": { "type": "integer", "description": "- Number of days an unconfirmed user account remains valid.\n* invite_message_template - Templates for invitation messages.\n" } }, "type": "object", "required": [ "allowAdminCreateUserOnly", "inviteMessageTemplates", "unusedAccountValidityDays" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolAdminCreateUserConfigInviteMessageTemplate:getUserPoolAdminCreateUserConfigInviteMessageTemplate": { "properties": { "emailMessage": { "type": "string", "description": "- Email message content.\n" }, "emailSubject": { "type": "string", "description": "- Email message subject.\n" }, "smsMessage": { "type": "string", "description": "- SMS message content.\n" } }, "type": "object", "required": [ "emailMessage", "emailSubject", "smsMessage" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolClientAnalyticsConfiguration:getUserPoolClientAnalyticsConfiguration": { "properties": { "applicationArn": { "type": "string", "description": "(Optional) Application ARN for an Amazon Pinpoint application. Conflicts with `external_id` and `role_arn`.\n" }, "applicationId": { "type": "string", "description": "(Optional) Application ID for an Amazon Pinpoint application.\n" }, "externalId": { "type": "string", "description": "(Optional) ID for the Analytics Configuration. Conflicts with `application_arn`.\n" }, "roleArn": { "type": "string", "description": "(Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with `application_arn`.\n" }, "userDataShared": { "type": "boolean", "description": "(Optional) If set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.\n" } }, "type": "object", "required": [ "applicationArn", "applicationId", "externalId", "roleArn", "userDataShared" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolClientTokenValidityUnit:getUserPoolClientTokenValidityUnit": { "properties": { "accessToken": { "type": "string", "description": "(Optional) Time unit in for the value in `access_token_validity`, defaults to `hours`.\n" }, "idToken": { "type": "string", "description": "(Optional) Time unit in for the value in `id_token_validity`, defaults to `hours`.\n" }, "refreshToken": { "type": "string", "description": "(Optional) Time unit in for the value in `refresh_token_validity`, defaults to `days`.\n" } }, "type": "object", "required": [ "accessToken", "idToken", "refreshToken" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolDeviceConfiguration:getUserPoolDeviceConfiguration": { "properties": { "challengeRequiredOnNewDevice": { "type": "boolean", "description": "- Whether a challenge is required on new devices.\n" }, "deviceOnlyRememberedOnUserPrompt": { "type": "boolean", "description": "- Whether devices are only remembered if the user prompts it.\n" } }, "type": "object", "required": [ "challengeRequiredOnNewDevice", "deviceOnlyRememberedOnUserPrompt" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolEmailConfiguration:getUserPoolEmailConfiguration": { "properties": { "configurationSet": { "type": "string", "description": "- Configuration set used for sending emails.\n" }, "emailSendingAccount": { "type": "string", "description": "- Email sending account.\n" }, "from": { "type": "string", "description": "- Email sender address.\n" }, "replyToEmailAddress": { "type": "string", "description": "- Reply-to email address.\n" }, "sourceArn": { "type": "string", "description": "- Source Amazon Resource Name (ARN) for emails.\n" } }, "type": "object", "required": [ "configurationSet", "emailSendingAccount", "from", "replyToEmailAddress", "sourceArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolLambdaConfig:getUserPoolLambdaConfig": { "properties": { "createAuthChallenge": { "type": "string" }, "customEmailSenders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolLambdaConfigCustomEmailSender:getUserPoolLambdaConfigCustomEmailSender" } }, "customMessage": { "type": "string" }, "customSmsSenders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolLambdaConfigCustomSmsSender:getUserPoolLambdaConfigCustomSmsSender" } }, "defineAuthChallenge": { "type": "string" }, "kmsKeyId": { "type": "string" }, "postAuthentication": { "type": "string" }, "postConfirmation": { "type": "string" }, "preAuthentication": { "type": "string" }, "preSignUp": { "type": "string" }, "preTokenGeneration": { "type": "string" }, "preTokenGenerationConfigs": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolLambdaConfigPreTokenGenerationConfig:getUserPoolLambdaConfigPreTokenGenerationConfig" } }, "userMigration": { "type": "string" }, "verifyAuthChallengeResponse": { "type": "string" } }, "type": "object", "required": [ "createAuthChallenge", "customEmailSenders", "customMessage", "customSmsSenders", "defineAuthChallenge", "kmsKeyId", "postAuthentication", "postConfirmation", "preAuthentication", "preSignUp", "preTokenGeneration", "preTokenGenerationConfigs", "userMigration", "verifyAuthChallengeResponse" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolLambdaConfigCustomEmailSender:getUserPoolLambdaConfigCustomEmailSender": { "properties": { "lambdaArn": { "type": "string", "description": "- ARN of the Lambda function.\n" }, "lambdaVersion": { "type": "string", "description": "- Version of the Lambda function.\n" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolLambdaConfigCustomSmsSender:getUserPoolLambdaConfigCustomSmsSender": { "properties": { "lambdaArn": { "type": "string", "description": "- ARN of the Lambda function.\n" }, "lambdaVersion": { "type": "string", "description": "- Version of the Lambda function.\n" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolLambdaConfigPreTokenGenerationConfig:getUserPoolLambdaConfigPreTokenGenerationConfig": { "properties": { "lambdaArn": { "type": "string", "description": "- ARN of the Lambda function.\n" }, "lambdaVersion": { "type": "string", "description": "- Version of the Lambda function.\n" } }, "type": "object", "required": [ "lambdaArn", "lambdaVersion" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolSchemaAttribute:getUserPoolSchemaAttribute": { "properties": { "attributeDataType": { "type": "string", "description": "- Data type of the attribute (e.g., string, number).\n" }, "developerOnlyAttribute": { "type": "boolean", "description": "- Whether the attribute is for developer use only.\n" }, "mutable": { "type": "boolean", "description": "- Whether the attribute can be changed after user creation.\n" }, "name": { "type": "string", "description": "- Name of the attribute.\n" }, "numberAttributeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolSchemaAttributeNumberAttributeConstraint:getUserPoolSchemaAttributeNumberAttributeConstraint" } }, "required": { "type": "boolean", "description": "- Whether the attribute is required during user registration.\n* number_attribute_constraints - Constraints for numeric attributes.\n* string_attribute_constraints - Constraints for string attributes.\n" }, "stringAttributeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:cognito/getUserPoolSchemaAttributeStringAttributeConstraint:getUserPoolSchemaAttributeStringAttributeConstraint" } } }, "type": "object", "required": [ "attributeDataType", "developerOnlyAttribute", "mutable", "name", "numberAttributeConstraints", "required", "stringAttributeConstraints" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolSchemaAttributeNumberAttributeConstraint:getUserPoolSchemaAttributeNumberAttributeConstraint": { "properties": { "maxValue": { "type": "string", "description": "- Maximum allowed value.\n" }, "minValue": { "type": "string", "description": "- Minimum allowed value.\n" } }, "type": "object", "required": [ "maxValue", "minValue" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:cognito/getUserPoolSchemaAttributeStringAttributeConstraint:getUserPoolSchemaAttributeStringAttributeConstraint": { "properties": { "maxLength": { "type": "string", "description": "- Maximum allowed length.\n" }, "minLength": { "type": "string", "description": "- Minimum allowed length.\n" } }, "type": "object", "required": [ "maxLength", "minLength" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:comprehend/DocumentClassifierInputDataConfig:DocumentClassifierInputDataConfig": { "properties": { "augmentedManifests": { "type": "array", "items": { "$ref": "#/types/aws:comprehend/DocumentClassifierInputDataConfigAugmentedManifest:DocumentClassifierInputDataConfigAugmentedManifest" }, "description": "List of training datasets produced by Amazon SageMaker Ground Truth.\nUsed if `data_format` is `AUGMENTED_MANIFEST`.\nSee the `augmented_manifests` Configuration Block section below.\n" }, "dataFormat": { "type": "string", "description": "The format for the training data.\nOne of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`.\n" }, "labelDelimiter": { "type": "string", "description": "Delimiter between labels when training a multi-label classifier.\nValid values are `|`, `~`, `!`, `@`, `#`, `$`, `%`, `^`, `*`, `-`, `_`, `+`, `=`, `\\`, `:`, `;`, `\u003e`, `?`, `/`, `\u003cspace\u003e`, and `\u003ctab\u003e`.\nDefault is `|`.\n" }, "s3Uri": { "type": "string", "description": "Location of training documents.\nUsed if `data_format` is `COMPREHEND_CSV`.\n" }, "testS3Uri": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "labelDelimiter" ] } } }, "aws:comprehend/DocumentClassifierInputDataConfigAugmentedManifest:DocumentClassifierInputDataConfigAugmentedManifest": { "properties": { "annotationDataS3Uri": { "type": "string", "description": "Location of annotation files.\n" }, "attributeNames": { "type": "array", "items": { "type": "string" }, "description": "The JSON attribute that contains the annotations for the training documents.\n" }, "documentType": { "type": "string", "description": "Type of augmented manifest.\nOne of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`.\n" }, "s3Uri": { "type": "string", "description": "Location of augmented manifest file.\n" }, "sourceDocumentsS3Uri": { "type": "string", "description": "Location of source PDF files.\n" }, "split": { "type": "string", "description": "Purpose of data in augmented manifest.\nOne of `TRAIN` or `TEST`.\n" } }, "type": "object", "required": [ "attributeNames", "s3Uri" ] }, "aws:comprehend/DocumentClassifierOutputDataConfig:DocumentClassifierOutputDataConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "KMS Key used to encrypt the output documents.\nCan be a KMS Key ID, a KMS Key ARN, a KMS Alias name, or a KMS Alias ARN.\n" }, "outputS3Uri": { "type": "string", "description": "Full path for the output documents.\n" }, "s3Uri": { "type": "string", "description": "Destination path for the output documents.\nThe full path to the output file will be returned in `output_s3_uri`.\n" } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredOutputs": [ "outputS3Uri", "s3Uri" ] } } }, "aws:comprehend/DocumentClassifierVpcConfig:DocumentClassifierVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of VPC subnets.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnets" ] }, "aws:comprehend/EntityRecognizerInputDataConfig:EntityRecognizerInputDataConfig": { "properties": { "annotations": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfigAnnotations:EntityRecognizerInputDataConfigAnnotations", "description": "Specifies location of the document annotation data.\nSee the `annotations` Configuration Block section below.\nOne of `annotations` or `entity_list` is required.\n" }, "augmentedManifests": { "type": "array", "items": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfigAugmentedManifest:EntityRecognizerInputDataConfigAugmentedManifest" }, "description": "List of training datasets produced by Amazon SageMaker Ground Truth.\nUsed if `data_format` is `AUGMENTED_MANIFEST`.\nSee the `augmented_manifests` Configuration Block section below.\n" }, "dataFormat": { "type": "string", "description": "The format for the training data.\nOne of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`.\n" }, "documents": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfigDocuments:EntityRecognizerInputDataConfigDocuments", "description": "Specifies a collection of training documents.\nUsed if `data_format` is `COMPREHEND_CSV`.\nSee the `documents` Configuration Block section below.\n" }, "entityList": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfigEntityList:EntityRecognizerInputDataConfigEntityList", "description": "Specifies location of the entity list data.\nSee the `entity_list` Configuration Block section below.\nOne of `entity_list` or `annotations` is required.\n" }, "entityTypes": { "type": "array", "items": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfigEntityType:EntityRecognizerInputDataConfigEntityType" }, "description": "Set of entity types to be recognized.\nHas a maximum of 25 items.\nSee the `entity_types` Configuration Block section below.\n" } }, "type": "object", "required": [ "entityTypes" ] }, "aws:comprehend/EntityRecognizerInputDataConfigAnnotations:EntityRecognizerInputDataConfigAnnotations": { "properties": { "s3Uri": { "type": "string", "description": "Location of training annotations.\n" }, "testS3Uri": { "type": "string" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:comprehend/EntityRecognizerInputDataConfigAugmentedManifest:EntityRecognizerInputDataConfigAugmentedManifest": { "properties": { "annotationDataS3Uri": { "type": "string", "description": "Location of annotation files.\n" }, "attributeNames": { "type": "array", "items": { "type": "string" }, "description": "The JSON attribute that contains the annotations for the training documents.\n" }, "documentType": { "type": "string", "description": "Type of augmented manifest.\nOne of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`.\n" }, "s3Uri": { "type": "string", "description": "Location of augmented manifest file.\n" }, "sourceDocumentsS3Uri": { "type": "string", "description": "Location of source PDF files.\n" }, "split": { "type": "string", "description": "Purpose of data in augmented manifest.\nOne of `TRAIN` or `TEST`.\n" } }, "type": "object", "required": [ "attributeNames", "s3Uri" ] }, "aws:comprehend/EntityRecognizerInputDataConfigDocuments:EntityRecognizerInputDataConfigDocuments": { "properties": { "inputFormat": { "type": "string", "description": "Specifies how the input files should be processed.\nOne of `ONE_DOC_PER_LINE` or `ONE_DOC_PER_FILE`.\n" }, "s3Uri": { "type": "string", "description": "Location of training documents.\n" }, "testS3Uri": { "type": "string" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:comprehend/EntityRecognizerInputDataConfigEntityList:EntityRecognizerInputDataConfigEntityList": { "properties": { "s3Uri": { "type": "string", "description": "Location of entity list.\n" } }, "type": "object", "required": [ "s3Uri" ] }, "aws:comprehend/EntityRecognizerInputDataConfigEntityType:EntityRecognizerInputDataConfigEntityType": { "properties": { "type": { "type": "string", "description": "An entity type to be matched by the Entity Recognizer.\nCannot contain a newline (`\\n`), carriage return (`\\r`), or tab (`\\t`).\n" } }, "type": "object", "required": [ "type" ] }, "aws:comprehend/EntityRecognizerVpcConfig:EntityRecognizerVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of VPC subnets.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnets" ] }, "aws:config/assumeRole:assumeRole": { "properties": { "duration": { "type": "string", "description": "The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m.\n" }, "externalId": { "type": "string", "description": "A unique identifier that might be required when you assume a role in another account.\n" }, "policy": { "type": "string", "description": "IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.\n" }, "policyArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls.\n" }, "sessionName": { "type": "string", "description": "An identifier for the assumed role session.\n" }, "sourceIdentity": { "type": "string", "description": "Source identity specified by the principal assuming the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Assume role session tags.\n" }, "transitiveTagKeys": { "type": "array", "items": { "type": "string" }, "description": "Assume role session tag keys to pass to any subsequent sessions.\n" } }, "type": "object" }, "aws:config/assumeRoleWithWebIdentity:assumeRoleWithWebIdentity": { "properties": { "duration": { "type": "string", "description": "The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m.\n" }, "policy": { "type": "string", "description": "IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.\n" }, "policyArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls.\n" }, "sessionName": { "type": "string", "description": "An identifier for the assumed role session.\n" }, "webIdentityToken": { "type": "string" }, "webIdentityTokenFile": { "type": "string" } }, "type": "object" }, "aws:config/defaultTags:defaultTags": { "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource tags to default across all resources\n" } }, "type": "object" }, "aws:config/endpoints:endpoints": { "properties": { "accessanalyzer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "account": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "acm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "acmpca": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amg": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amp": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amplify": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apigateway": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apigatewayv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appautoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appconfig": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appfabric": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appflow": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appintegrations": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appintegrationsservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationautoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationinsights": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationsignals": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appmesh": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appregistry": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apprunner": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appstream": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appsync": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "athena": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "auditmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "autoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "autoscalingplans": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "backup": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "batch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bcmdataexports": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "beanstalk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bedrock": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bedrockagent": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "budgets": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ce": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chatbot": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chime": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chimesdkmediapipelines": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chimesdkvoice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cleanrooms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloud9": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudcontrol": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudcontrolapi": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudformation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudfront": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudfrontkeyvaluestore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudhsm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudhsmv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudsearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudtrail": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchevents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchevidently": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchlog": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchlogs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchobservabilityaccessmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchrum": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codeartifact": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codebuild": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codecatalyst": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codecommit": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codedeploy": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codeguruprofiler": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codegurureviewer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codepipeline": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codestarconnections": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codestarnotifications": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidentity": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidentityprovider": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidp": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "comprehend": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "computeoptimizer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "config": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "configservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "connect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "connectcases": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "controltower": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costandusagereportservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costexplorer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costoptimizationhub": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cur": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "customerprofiles": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databasemigration": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databasemigrationservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databrew": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dataexchange": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datapipeline": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datasync": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datazone": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dax": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "deploy": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "detective": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "devicefarm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "devopsguru": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "directconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "directoryservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dlm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "docdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "docdbelastic": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "drs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ds": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dynamodb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ec2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecr": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecrpublic": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "efs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "eks": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticache": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticbeanstalk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticloadbalancing": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticloadbalancingv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticsearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticsearchservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elastictranscoder": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elbv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emr": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emrcontainers": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emrserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "es": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "eventbridge": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "events": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "evidently": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "finspace": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "firehose": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fsx": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "gamelift": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "glacier": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "globalaccelerator": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "glue": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "gluedatabrew": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "grafana": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "greengrass": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "groundstation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "guardduty": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "healthlake": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iam": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "identitystore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "imagebuilder": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspector": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspector2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspectorv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "internetmonitor": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iot": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iotanalytics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iotevents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ivs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ivschat": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kafka": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kafkaconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kendra": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "keyspaces": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisanalytics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisanalyticsv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisvideo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lakeformation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lambda": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "launchwizard": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lex": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelbuilding": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelbuildingservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodels": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelsv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexv2models": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "licensemanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lightsail": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "location": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "locationservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "logs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lookoutmetrics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "m2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "macie2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "managedgrafana": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediaconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediaconvert": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "medialive": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediapackage": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediapackagev2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediastore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "memorydb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mq": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "msk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mwaa": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "neptune": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "neptunegraph": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkfirewall": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkmonitor": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "oam": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchingestion": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opsworks": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "organizations": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "osis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "outposts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "paymentcryptography": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pcaconnectorad": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pinpoint": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pipes": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "polly": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pricing": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "prometheus": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "prometheusservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "qbusiness": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "qldb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "quicksight": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ram": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rbin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rds": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "recyclebin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshift": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftdata": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftdataapiservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rekognition": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourceexplorer2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroups": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroupstagging": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroupstaggingapi": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rolesanywhere": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53domains": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53profiles": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53recoverycontrolconfig": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53recoveryreadiness": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53resolver": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rum": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3api": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3control": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3outposts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sagemaker": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "scheduler": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "schemas": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "secretsmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "securityhub": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "securitylake": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessapplicationrepository": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessapprepo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessrepo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicecatalog": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicecatalogappregistry": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicediscovery": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicequotas": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ses": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sesv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sfn": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "shield": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "signer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "simpledb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sns": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sqs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmcontacts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmincidents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmsap": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sso": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssoadmin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "stepfunctions": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "storagegateway": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "swf": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "synthetics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "timestreaminfluxdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "timestreamwrite": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transcribe": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transcribeservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transfer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "verifiedpermissions": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "vpclattice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "waf": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wafregional": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wafv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wellarchitected": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "worklink": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "workspaces": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "workspacesweb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "xray": { "type": "string", "description": "Use this to override the default service endpoint URL\n" } }, "type": "object" }, "aws:config/ignoreTags:ignoreTags": { "properties": { "keyPrefixes": { "type": "array", "items": { "type": "string" }, "description": "Resource tag key prefixes to ignore across all resources.\n" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "Resource tag keys to ignore across all resources.\n" } }, "type": "object" }, "aws:connect/BotAssociationLexBot:BotAssociationLexBot": { "properties": { "lexRegion": { "type": "string", "description": "The Region that the Amazon Lex (V1) bot was created in. Defaults to current region.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Amazon Lex (V1) bot.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "lexRegion", "name" ] } } }, "aws:connect/HoursOfOperationConfig:HoursOfOperationConfig": { "properties": { "day": { "type": "string", "description": "Specifies the day that the hours of operation applies to.\n" }, "endTime": { "$ref": "#/types/aws:connect/HoursOfOperationConfigEndTime:HoursOfOperationConfigEndTime", "description": "A end time block specifies the time that your contact center closes. The `end_time` is documented below.\n" }, "startTime": { "$ref": "#/types/aws:connect/HoursOfOperationConfigStartTime:HoursOfOperationConfigStartTime", "description": "A start time block specifies the time that your contact center opens. The `start_time` is documented below.\n" } }, "type": "object", "required": [ "day", "endTime", "startTime" ] }, "aws:connect/HoursOfOperationConfigEndTime:HoursOfOperationConfigEndTime": { "properties": { "hours": { "type": "integer", "description": "Specifies the hour of closing.\n" }, "minutes": { "type": "integer", "description": "Specifies the minute of closing.\n" } }, "type": "object", "required": [ "hours", "minutes" ] }, "aws:connect/HoursOfOperationConfigStartTime:HoursOfOperationConfigStartTime": { "properties": { "hours": { "type": "integer", "description": "Specifies the hour of opening.\n" }, "minutes": { "type": "integer", "description": "Specifies the minute of opening.\n" } }, "type": "object", "required": [ "hours", "minutes" ] }, "aws:connect/InstanceStorageConfigStorageConfig:InstanceStorageConfigStorageConfig": { "properties": { "kinesisFirehoseConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigKinesisFirehoseConfig:InstanceStorageConfigStorageConfigKinesisFirehoseConfig", "description": "A block that specifies the configuration of the Kinesis Firehose delivery stream. Documented below.\n" }, "kinesisStreamConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigKinesisStreamConfig:InstanceStorageConfigStorageConfigKinesisStreamConfig", "description": "A block that specifies the configuration of the Kinesis data stream. Documented below.\n" }, "kinesisVideoStreamConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigKinesisVideoStreamConfig:InstanceStorageConfigStorageConfigKinesisVideoStreamConfig", "description": "A block that specifies the configuration of the Kinesis video stream. Documented below.\n" }, "s3Config": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigS3Config:InstanceStorageConfigStorageConfigS3Config", "description": "A block that specifies the configuration of S3 Bucket. Documented below.\n" }, "storageType": { "type": "string", "description": "A valid storage type. Valid Values: `S3` | `KINESIS_VIDEO_STREAM` | `KINESIS_STREAM` | `KINESIS_FIREHOSE`.\n" } }, "type": "object", "required": [ "storageType" ] }, "aws:connect/InstanceStorageConfigStorageConfigKinesisFirehoseConfig:InstanceStorageConfigStorageConfigKinesisFirehoseConfig": { "properties": { "firehoseArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the delivery stream.\n" } }, "type": "object", "required": [ "firehoseArn" ] }, "aws:connect/InstanceStorageConfigStorageConfigKinesisStreamConfig:InstanceStorageConfigStorageConfigKinesisStreamConfig": { "properties": { "streamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the data stream.\n" } }, "type": "object", "required": [ "streamArn" ] }, "aws:connect/InstanceStorageConfigStorageConfigKinesisVideoStreamConfig:InstanceStorageConfigStorageConfigKinesisVideoStreamConfig": { "properties": { "encryptionConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig:InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig", "description": "The encryption configuration. Documented below.\n" }, "prefix": { "type": "string", "description": "The prefix of the video stream. Minimum length of `1`. Maximum length of `128`. When read from the state, the value returned is `\u003cprefix\u003e-connect-\u003cconnect_instance_alias\u003e-contact-` since the API appends additional details to the `prefix`.\n" }, "retentionPeriodHours": { "type": "integer", "description": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. Minimum value of `0`. Maximum value of `87600`. A value of `0`, indicates that the stream does not persist data.\n" } }, "type": "object", "required": [ "encryptionConfig", "prefix", "retentionPeriodHours" ] }, "aws:connect/InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig:InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig": { "properties": { "encryptionType": { "type": "string", "description": "The type of encryption. Valid Values: `KMS`.\n" }, "keyId": { "type": "string", "description": "The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID.\n" } }, "type": "object", "required": [ "encryptionType", "keyId" ] }, "aws:connect/InstanceStorageConfigStorageConfigS3Config:InstanceStorageConfigStorageConfigS3Config": { "properties": { "bucketName": { "type": "string", "description": "The S3 bucket name.\n" }, "bucketPrefix": { "type": "string", "description": "The S3 bucket prefix.\n" }, "encryptionConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig:InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig", "description": "The encryption configuration. Documented below.\n" } }, "type": "object", "required": [ "bucketName", "bucketPrefix" ] }, "aws:connect/InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig:InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig": { "properties": { "encryptionType": { "type": "string", "description": "The type of encryption. Valid Values: `KMS`.\n" }, "keyId": { "type": "string", "description": "The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID.\n" } }, "type": "object", "required": [ "encryptionType", "keyId" ] }, "aws:connect/PhoneNumberStatus:PhoneNumberStatus": { "properties": { "message": { "type": "string", "description": "The status message.\n" }, "status": { "type": "string", "description": "The status of the phone number. Valid Values: `CLAIMED` | `IN_PROGRESS` | `FAILED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "message", "status" ] } } }, "aws:connect/QueueOutboundCallerConfig:QueueOutboundCallerConfig": { "properties": { "outboundCallerIdName": { "type": "string", "description": "Specifies the caller ID name.\n" }, "outboundCallerIdNumberId": { "type": "string", "description": "Specifies the caller ID number.\n" }, "outboundFlowId": { "type": "string", "description": "Specifies outbound whisper flow to be used during an outbound call.\n" } }, "type": "object" }, "aws:connect/QuickConnectQuickConnectConfig:QuickConnectQuickConnectConfig": { "properties": { "phoneConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfigPhoneConfig:QuickConnectQuickConnectConfigPhoneConfig" }, "description": "Specifies the phone configuration of the Quick Connect. This is required only if `quick_connect_type` is `PHONE_NUMBER`. The `phone_config` block is documented below.\n" }, "queueConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfigQueueConfig:QuickConnectQuickConnectConfigQueueConfig" }, "description": "Specifies the queue configuration of the Quick Connect. This is required only if `quick_connect_type` is `QUEUE`. The `queue_config` block is documented below.\n" }, "quickConnectType": { "type": "string", "description": "Specifies the configuration type of the quick connect. valid values are `PHONE_NUMBER`, `QUEUE`, `USER`.\n" }, "userConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfigUserConfig:QuickConnectQuickConnectConfigUserConfig" }, "description": "Specifies the user configuration of the Quick Connect. This is required only if `quick_connect_type` is `USER`. The `user_config` block is documented below.\n" } }, "type": "object", "required": [ "quickConnectType" ] }, "aws:connect/QuickConnectQuickConnectConfigPhoneConfig:QuickConnectQuickConnectConfigPhoneConfig": { "properties": { "phoneNumber": { "type": "string", "description": "Specifies the phone number in in E.164 format.\n" } }, "type": "object", "required": [ "phoneNumber" ] }, "aws:connect/QuickConnectQuickConnectConfigQueueConfig:QuickConnectQuickConnectConfigQueueConfig": { "properties": { "contactFlowId": { "type": "string", "description": "Specifies the identifier of the contact flow.\n" }, "queueId": { "type": "string", "description": "Specifies the identifier for the queue.\n" } }, "type": "object", "required": [ "contactFlowId", "queueId" ] }, "aws:connect/QuickConnectQuickConnectConfigUserConfig:QuickConnectQuickConnectConfigUserConfig": { "properties": { "contactFlowId": { "type": "string", "description": "Specifies the identifier of the contact flow.\n" }, "userId": { "type": "string", "description": "Specifies the identifier for the user.\n" } }, "type": "object", "required": [ "contactFlowId", "userId" ] }, "aws:connect/RoutingProfileMediaConcurrency:RoutingProfileMediaConcurrency": { "properties": { "channel": { "type": "string", "description": "Specifies the channels that agents can handle in the Contact Control Panel (CCP). Valid values are `VOICE`, `CHAT`, `TASK`.\n" }, "concurrency": { "type": "integer", "description": "Specifies the number of contacts an agent can have on a channel simultaneously. Valid Range for `VOICE`: Minimum value of 1. Maximum value of 1. Valid Range for `CHAT`: Minimum value of 1. Maximum value of 10. Valid Range for `TASK`: Minimum value of 1. Maximum value of 10.\n" } }, "type": "object", "required": [ "channel", "concurrency" ] }, "aws:connect/RoutingProfileQueueConfig:RoutingProfileQueueConfig": { "properties": { "channel": { "type": "string", "description": "Specifies the channels agents can handle in the Contact Control Panel (CCP) for this routing profile. Valid values are `VOICE`, `CHAT`, `TASK`.\n" }, "delay": { "type": "integer", "description": "Specifies the delay, in seconds, that a contact should be in the queue before they are routed to an available agent\n" }, "priority": { "type": "integer", "description": "Specifies the order in which contacts are to be handled for the queue.\n" }, "queueArn": { "type": "string", "description": "ARN for the queue.\n" }, "queueId": { "type": "string", "description": "Specifies the identifier for the queue.\n" }, "queueName": { "type": "string", "description": "Name for the queue.\n" } }, "type": "object", "required": [ "channel", "delay", "priority", "queueId" ], "language": { "nodejs": { "requiredOutputs": [ "channel", "delay", "priority", "queueArn", "queueId", "queueName" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPath:UserHierarchyGroupHierarchyPath": { "properties": { "levelFives": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPathLevelFife:UserHierarchyGroupHierarchyPathLevelFife" }, "description": "A block that defines the details of level five. The level block is documented below.\n" }, "levelFours": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPathLevelFour:UserHierarchyGroupHierarchyPathLevelFour" }, "description": "A block that defines the details of level four. The level block is documented below.\n" }, "levelOnes": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPathLevelOne:UserHierarchyGroupHierarchyPathLevelOne" }, "description": "A block that defines the details of level one. The level block is documented below.\n" }, "levelThrees": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPathLevelThree:UserHierarchyGroupHierarchyPathLevelThree" }, "description": "A block that defines the details of level three. The level block is documented below.\n" }, "levelTwos": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPathLevelTwo:UserHierarchyGroupHierarchyPathLevelTwo" }, "description": "A block that defines the details of level two. The level block is documented below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "levelFives", "levelFours", "levelOnes", "levelThrees", "levelTwos" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPathLevelFife:UserHierarchyGroupHierarchyPathLevelFife": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPathLevelFour:UserHierarchyGroupHierarchyPathLevelFour": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPathLevelOne:UserHierarchyGroupHierarchyPathLevelOne": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPathLevelThree:UserHierarchyGroupHierarchyPathLevelThree": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyGroupHierarchyPathLevelTwo:UserHierarchyGroupHierarchyPathLevelTwo": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructure:UserHierarchyStructureHierarchyStructure": { "properties": { "levelFive": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructureLevelFive:UserHierarchyStructureHierarchyStructureLevelFive", "description": "A block that defines the details of level five. The level block is documented below.\n\nEach level block supports the following arguments:\n" }, "levelFour": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructureLevelFour:UserHierarchyStructureHierarchyStructureLevelFour", "description": "A block that defines the details of level four. The level block is documented below.\n" }, "levelOne": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructureLevelOne:UserHierarchyStructureHierarchyStructureLevelOne", "description": "A block that defines the details of level one. The level block is documented below.\n" }, "levelThree": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructureLevelThree:UserHierarchyStructureHierarchyStructureLevelThree", "description": "A block that defines the details of level three. The level block is documented below.\n" }, "levelTwo": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructureLevelTwo:UserHierarchyStructureHierarchyStructureLevelTwo", "description": "A block that defines the details of level two. The level block is documented below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "levelFive", "levelFour", "levelOne", "levelThree", "levelTwo" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructureLevelFive:UserHierarchyStructureHierarchyStructureLevelFive": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructureLevelFour:UserHierarchyStructureHierarchyStructureLevelFour": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructureLevelOne:UserHierarchyStructureHierarchyStructureLevelOne": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructureLevelThree:UserHierarchyStructureHierarchyStructureLevelThree": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserHierarchyStructureHierarchyStructureLevelTwo:UserHierarchyStructureHierarchyStructureLevelTwo": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:connect/UserIdentityInfo:UserIdentityInfo": { "properties": { "email": { "type": "string", "description": "The email address. If you are using SAML for identity management and include this parameter, an error is returned. Note that updates to the `email` is supported. From the [UpdateUserIdentityInfo API documentation](https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserIdentityInfo.html) it is strongly recommended to limit who has the ability to invoke `UpdateUserIdentityInfo`. Someone with that ability can change the login credentials of other users by changing their email address. This poses a security risk to your organization. They can change the email address of a user to the attacker's email address, and then reset the password through email. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide.\n" }, "firstName": { "type": "string", "description": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100.\n" }, "lastName": { "type": "string", "description": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100.\n" } }, "type": "object" }, "aws:connect/UserPhoneConfig:UserPhoneConfig": { "properties": { "afterContactWorkTimeLimit": { "type": "integer", "description": "The After Call Work (ACW) timeout setting, in seconds. Minimum value of 0.\n" }, "autoAccept": { "type": "boolean", "description": "When Auto-Accept Call is enabled for an available agent, the agent connects to contacts automatically.\n" }, "deskPhoneNumber": { "type": "string", "description": "The phone number for the user's desk phone. Required if `phone_type` is set as `DESK_PHONE`.\n" }, "phoneType": { "type": "string", "description": "The phone type. Valid values are `DESK_PHONE` and `SOFT_PHONE`.\n" } }, "type": "object", "required": [ "phoneType" ] }, "aws:connect/getBotAssociationLexBot:getBotAssociationLexBot": { "properties": { "lexRegion": { "type": "string", "description": "Region that the Amazon Lex (V1) bot was created in.\n" }, "name": { "type": "string", "description": "Name of the Amazon Lex (V1) bot.\n" } }, "type": "object", "required": [ "lexRegion", "name" ], "language": { "nodejs": { "requiredInputs": [ "name" ] } } }, "aws:connect/getHoursOfOperationConfig:getHoursOfOperationConfig": { "properties": { "day": { "type": "string", "description": "Day that the hours of operation applies to.\n" }, "endTimes": { "type": "array", "items": { "$ref": "#/types/aws:connect/getHoursOfOperationConfigEndTime:getHoursOfOperationConfigEndTime" }, "description": "End time block specifies the time that your contact center closes. The `end_time` is documented below.\n" }, "startTimes": { "type": "array", "items": { "$ref": "#/types/aws:connect/getHoursOfOperationConfigStartTime:getHoursOfOperationConfigStartTime" }, "description": "Start time block specifies the time that your contact center opens. The `start_time` is documented below.\n" } }, "type": "object", "required": [ "day", "endTimes", "startTimes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getHoursOfOperationConfigEndTime:getHoursOfOperationConfigEndTime": { "properties": { "hours": { "type": "integer", "description": "Hour of opening.\n" }, "minutes": { "type": "integer", "description": "Minute of opening.\n" } }, "type": "object", "required": [ "hours", "minutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getHoursOfOperationConfigStartTime:getHoursOfOperationConfigStartTime": { "properties": { "hours": { "type": "integer", "description": "Hour of opening.\n" }, "minutes": { "type": "integer", "description": "Minute of opening.\n" } }, "type": "object", "required": [ "hours", "minutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfig:getInstanceStorageConfigStorageConfig": { "properties": { "kinesisFirehoseConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigKinesisFirehoseConfig:getInstanceStorageConfigStorageConfigKinesisFirehoseConfig" }, "description": "A block that specifies the configuration of the Kinesis Firehose delivery stream. Documented below.\n" }, "kinesisStreamConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigKinesisStreamConfig:getInstanceStorageConfigStorageConfigKinesisStreamConfig" }, "description": "A block that specifies the configuration of the Kinesis data stream. Documented below.\n" }, "kinesisVideoStreamConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigKinesisVideoStreamConfig:getInstanceStorageConfigStorageConfigKinesisVideoStreamConfig" }, "description": "A block that specifies the configuration of the Kinesis video stream. Documented below.\n" }, "s3Configs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigS3Config:getInstanceStorageConfigStorageConfigS3Config" }, "description": "A block that specifies the configuration of S3 Bucket. Documented below.\n" }, "storageType": { "type": "string", "description": "A valid storage type. Valid Values: `S3` | `KINESIS_VIDEO_STREAM` | `KINESIS_STREAM` | `KINESIS_FIREHOSE`.\n" } }, "type": "object", "required": [ "kinesisFirehoseConfigs", "kinesisStreamConfigs", "kinesisVideoStreamConfigs", "s3Configs", "storageType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigKinesisFirehoseConfig:getInstanceStorageConfigStorageConfigKinesisFirehoseConfig": { "properties": { "firehoseArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the delivery stream.\n" } }, "type": "object", "required": [ "firehoseArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigKinesisStreamConfig:getInstanceStorageConfigStorageConfigKinesisStreamConfig": { "properties": { "streamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the data stream.\n" } }, "type": "object", "required": [ "streamArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigKinesisVideoStreamConfig:getInstanceStorageConfigStorageConfigKinesisVideoStreamConfig": { "properties": { "encryptionConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig:getInstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig" }, "description": "The encryption configuration. Documented below.\n" }, "prefix": { "type": "string", "description": "The prefix of the video stream. Minimum length of `1`. Maximum length of `128`. When read from the state, the value returned is `\u003cprefix\u003e-connect-\u003cconnect_instance_alias\u003e-contact-` since the API appends additional details to the `prefix`.\n" }, "retentionPeriodHours": { "type": "integer", "description": "The number of hours to retain the data in a data store associated with the stream. Minimum value of `0`. Maximum value of `87600`. A value of `0` indicates that the stream does not persist data.\n" } }, "type": "object", "required": [ "encryptionConfigs", "prefix", "retentionPeriodHours" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig:getInstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig": { "properties": { "encryptionType": { "type": "string", "description": "The type of encryption. Valid Values: `KMS`.\n" }, "keyId": { "type": "string", "description": "The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID.\n" } }, "type": "object", "required": [ "encryptionType", "keyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigS3Config:getInstanceStorageConfigStorageConfigS3Config": { "properties": { "bucketName": { "type": "string", "description": "The S3 bucket name.\n" }, "bucketPrefix": { "type": "string", "description": "The S3 bucket prefix.\n" }, "encryptionConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfigS3ConfigEncryptionConfig:getInstanceStorageConfigStorageConfigS3ConfigEncryptionConfig" }, "description": "The encryption configuration. Documented below.\n" } }, "type": "object", "required": [ "bucketName", "bucketPrefix", "encryptionConfigs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getInstanceStorageConfigStorageConfigS3ConfigEncryptionConfig:getInstanceStorageConfigStorageConfigS3ConfigEncryptionConfig": { "properties": { "encryptionType": { "type": "string", "description": "The type of encryption. Valid Values: `KMS`.\n" }, "keyId": { "type": "string", "description": "The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID.\n" } }, "type": "object", "required": [ "encryptionType", "keyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getQueueOutboundCallerConfig:getQueueOutboundCallerConfig": { "properties": { "outboundCallerIdName": { "type": "string", "description": "Specifies the caller ID name.\n" }, "outboundCallerIdNumberId": { "type": "string", "description": "Specifies the caller ID number.\n" }, "outboundFlowId": { "type": "string", "description": "Outbound whisper flow to be used during an outbound call.\n" } }, "type": "object", "required": [ "outboundCallerIdName", "outboundCallerIdNumberId", "outboundFlowId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getQuickConnectQuickConnectConfig:getQuickConnectQuickConnectConfig": { "properties": { "phoneConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getQuickConnectQuickConnectConfigPhoneConfig:getQuickConnectQuickConnectConfigPhoneConfig" }, "description": "Phone configuration of the Quick Connect. This is returned only if `quick_connect_type` is `PHONE_NUMBER`. The `phone_config` block is documented below.\n" }, "queueConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getQuickConnectQuickConnectConfigQueueConfig:getQuickConnectQuickConnectConfigQueueConfig" }, "description": "Queue configuration of the Quick Connect. This is returned only if `quick_connect_type` is `QUEUE`. The `queue_config` block is documented below.\n" }, "quickConnectType": { "type": "string", "description": "Configuration type of the Quick Connect. Valid values are `PHONE_NUMBER`, `QUEUE`, `USER`.\n" }, "userConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/getQuickConnectQuickConnectConfigUserConfig:getQuickConnectQuickConnectConfigUserConfig" }, "description": "User configuration of the Quick Connect. This is returned only if `quick_connect_type` is `USER`. The `user_config` block is documented below.\n" } }, "type": "object", "required": [ "phoneConfigs", "queueConfigs", "quickConnectType", "userConfigs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getQuickConnectQuickConnectConfigPhoneConfig:getQuickConnectQuickConnectConfigPhoneConfig": { "properties": { "phoneNumber": { "type": "string", "description": "Phone number in in E.164 format.\n" } }, "type": "object", "required": [ "phoneNumber" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getQuickConnectQuickConnectConfigQueueConfig:getQuickConnectQuickConnectConfigQueueConfig": { "properties": { "contactFlowId": { "type": "string", "description": "Identifier of the contact flow.\n" }, "queueId": { "type": "string", "description": "Identifier for the queue.\n" } }, "type": "object", "required": [ "contactFlowId", "queueId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getQuickConnectQuickConnectConfigUserConfig:getQuickConnectQuickConnectConfigUserConfig": { "properties": { "contactFlowId": { "type": "string", "description": "Identifier of the contact flow.\n" }, "userId": { "type": "string", "description": "Identifier for the user.\n" } }, "type": "object", "required": [ "contactFlowId", "userId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getRoutingProfileMediaConcurrency:getRoutingProfileMediaConcurrency": { "properties": { "channel": { "type": "string", "description": "Channels agents can handle in the Contact Control Panel (CCP) for this routing profile. Valid values are `VOICE`, `CHAT`, `TASK`.\n" }, "concurrency": { "type": "integer", "description": "Number of contacts an agent can have on a channel simultaneously. Valid Range for `VOICE`: Minimum value of 1. Maximum value of 1. Valid Range for `CHAT`: Minimum value of 1. Maximum value of 10. Valid Range for `TASK`: Minimum value of 1. Maximum value of 10.\n" } }, "type": "object", "required": [ "channel", "concurrency" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getRoutingProfileQueueConfig:getRoutingProfileQueueConfig": { "properties": { "channel": { "type": "string", "description": "Channels agents can handle in the Contact Control Panel (CCP) for this routing profile. Valid values are `VOICE`, `CHAT`, `TASK`.\n" }, "delay": { "type": "integer", "description": "Delay, in seconds, that a contact should be in the queue before they are routed to an available agent\n" }, "priority": { "type": "integer", "description": "Order in which contacts are to be handled for the queue.\n" }, "queueArn": { "type": "string", "description": "ARN for the queue.\n" }, "queueId": { "type": "string", "description": "Identifier for the queue.\n" }, "queueName": { "type": "string", "description": "Name for the queue.\n" } }, "type": "object", "required": [ "channel", "delay", "priority", "queueArn", "queueId", "queueName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPath:getUserHierarchyGroupHierarchyPath": { "properties": { "levelFives": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPathLevelFife:getUserHierarchyGroupHierarchyPathLevelFife" }, "description": "Details of level five. See below.\n" }, "levelFours": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPathLevelFour:getUserHierarchyGroupHierarchyPathLevelFour" }, "description": "Details of level four. See below.\n" }, "levelOnes": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPathLevelOne:getUserHierarchyGroupHierarchyPathLevelOne" }, "description": "Details of level one. See below.\n" }, "levelThrees": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPathLevelThree:getUserHierarchyGroupHierarchyPathLevelThree" }, "description": "Details of level three. See below.\n" }, "levelTwos": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPathLevelTwo:getUserHierarchyGroupHierarchyPathLevelTwo" }, "description": "Details of level two. See below.\n" } }, "type": "object", "required": [ "levelFives", "levelFours", "levelOnes", "levelThrees", "levelTwos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPathLevelFife:getUserHierarchyGroupHierarchyPathLevelFife": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPathLevelFour:getUserHierarchyGroupHierarchyPathLevelFour": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPathLevelOne:getUserHierarchyGroupHierarchyPathLevelOne": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPathLevelThree:getUserHierarchyGroupHierarchyPathLevelThree": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyGroupHierarchyPathLevelTwo:getUserHierarchyGroupHierarchyPathLevelTwo": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy group.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy group.\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructure:getUserHierarchyStructureHierarchyStructure": { "properties": { "levelFives": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructureLevelFife:getUserHierarchyStructureHierarchyStructureLevelFife" }, "description": "Details of level five. See below.\n" }, "levelFours": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructureLevelFour:getUserHierarchyStructureHierarchyStructureLevelFour" }, "description": "Details of level four. See below.\n" }, "levelOnes": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructureLevelOne:getUserHierarchyStructureHierarchyStructureLevelOne" }, "description": "Details of level one. See below.\n" }, "levelThrees": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructureLevelThree:getUserHierarchyStructureHierarchyStructureLevelThree" }, "description": "Details of level three. See below.\n" }, "levelTwos": { "type": "array", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructureLevelTwo:getUserHierarchyStructureHierarchyStructureLevelTwo" }, "description": "Details of level two. See below.\n" } }, "type": "object", "required": [ "levelFives", "levelFours", "levelOnes", "levelThrees", "levelTwos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructureLevelFife:getUserHierarchyStructureHierarchyStructureLevelFife": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "Name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructureLevelFour:getUserHierarchyStructureHierarchyStructureLevelFour": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "Name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructureLevelOne:getUserHierarchyStructureHierarchyStructureLevelOne": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "Name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructureLevelThree:getUserHierarchyStructureHierarchyStructureLevelThree": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "Name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserHierarchyStructureHierarchyStructureLevelTwo:getUserHierarchyStructureHierarchyStructureLevelTwo": { "properties": { "arn": { "type": "string", "description": "ARN of the hierarchy level.\n" }, "id": { "type": "string", "description": "The identifier of the hierarchy level.\n" }, "name": { "type": "string", "description": "Name of the user hierarchy level. Must not be more than 50 characters.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserIdentityInfo:getUserIdentityInfo": { "properties": { "email": { "type": "string", "description": "The email address.\n" }, "firstName": { "type": "string", "description": "The first name.\n" }, "lastName": { "type": "string", "description": "The last name.\n" } }, "type": "object", "required": [ "email", "firstName", "lastName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:connect/getUserPhoneConfig:getUserPhoneConfig": { "properties": { "afterContactWorkTimeLimit": { "type": "integer", "description": "The After Call Work (ACW) timeout setting, in seconds.\n" }, "autoAccept": { "type": "boolean", "description": "When Auto-Accept Call is enabled for an available agent, the agent connects to contacts automatically.\n" }, "deskPhoneNumber": { "type": "string", "description": "The phone number for the user's desk phone.\n" }, "phoneType": { "type": "string", "description": "The phone type. Valid values are `DESK_PHONE` and `SOFT_PHONE`.\n" } }, "type": "object", "required": [ "afterContactWorkTimeLimit", "autoAccept", "deskPhoneNumber", "phoneType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:controltower/ControlTowerControlParameter:ControlTowerControlParameter": { "properties": { "key": { "type": "string", "description": "The name of the parameter.\n" }, "value": { "type": "string", "description": "The value of the parameter.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:controltower/LandingZoneDriftStatus:LandingZoneDriftStatus": { "properties": { "status": { "type": "string", "description": "The drift status of the landing zone.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "status" ] } } }, "aws:costexplorer/AnomalySubscriptionSubscriber:AnomalySubscriptionSubscriber": { "properties": { "address": { "type": "string", "description": "The address of the subscriber. If type is `SNS`, this will be the arn of the sns topic. If type is `EMAIL`, this will be the destination email address.\n" }, "type": { "type": "string", "description": "The type of subscription. Valid Values: `SNS` | `EMAIL`.\n" } }, "type": "object", "required": [ "address", "type" ] }, "aws:costexplorer/AnomalySubscriptionThresholdExpression:AnomalySubscriptionThresholdExpression": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionAnd:AnomalySubscriptionThresholdExpressionAnd" }, "description": "Return results that match both Dimension objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionCostCategory:AnomalySubscriptionThresholdExpressionCostCategory", "description": "Configuration block for the filter that's based on values. See Cost Category below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionDimension:AnomalySubscriptionThresholdExpressionDimension", "description": "Configuration block for the specific Dimension to use for.\n" }, "not": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionNot:AnomalySubscriptionThresholdExpressionNot", "description": "Return results that match both Dimension object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionOr:AnomalySubscriptionThresholdExpressionOr" }, "description": "Return results that match both Dimension object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionTags:AnomalySubscriptionThresholdExpressionTags", "description": "Configuration block for the specific Tag to use for. See Tags below.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionAnd:AnomalySubscriptionThresholdExpressionAnd": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionAndCostCategory:AnomalySubscriptionThresholdExpressionAndCostCategory", "description": "Configuration block for the filter that's based on values. See Cost Category below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionAndDimension:AnomalySubscriptionThresholdExpressionAndDimension", "description": "Configuration block for the specific Dimension to use for.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionAndTags:AnomalySubscriptionThresholdExpressionAndTags", "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionAndCostCategory:AnomalySubscriptionThresholdExpressionAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionAndDimension:AnomalySubscriptionThresholdExpressionAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionAndTags:AnomalySubscriptionThresholdExpressionAndTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionCostCategory:AnomalySubscriptionThresholdExpressionCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionDimension:AnomalySubscriptionThresholdExpressionDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionNot:AnomalySubscriptionThresholdExpressionNot": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionNotCostCategory:AnomalySubscriptionThresholdExpressionNotCostCategory", "description": "Configuration block for the filter that's based on values. See Cost Category below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionNotDimension:AnomalySubscriptionThresholdExpressionNotDimension", "description": "Configuration block for the specific Dimension to use for.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionNotTags:AnomalySubscriptionThresholdExpressionNotTags", "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionNotCostCategory:AnomalySubscriptionThresholdExpressionNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionNotDimension:AnomalySubscriptionThresholdExpressionNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionNotTags:AnomalySubscriptionThresholdExpressionNotTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionOr:AnomalySubscriptionThresholdExpressionOr": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionOrCostCategory:AnomalySubscriptionThresholdExpressionOrCostCategory", "description": "Configuration block for the filter that's based on values. See Cost Category below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionOrDimension:AnomalySubscriptionThresholdExpressionOrDimension", "description": "Configuration block for the specific Dimension to use for.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpressionOrTags:AnomalySubscriptionThresholdExpressionOrTags", "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionOrCostCategory:AnomalySubscriptionThresholdExpressionOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionOrDimension:AnomalySubscriptionThresholdExpressionOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionOrTags:AnomalySubscriptionThresholdExpressionOrTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/AnomalySubscriptionThresholdExpressionTags:AnomalySubscriptionThresholdExpressionTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRule:CostCategoryRule": { "properties": { "inheritedValue": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleInheritedValue:CostCategoryRuleInheritedValue", "description": "Configuration block for the value the line item is categorized as if the line item contains the matched dimension. See below.\n" }, "rule": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRule:CostCategoryRuleRule", "description": "Configuration block for the `Expression` object used to categorize costs. See below.\n" }, "type": { "type": "string", "description": "You can define the CostCategoryRule rule type as either `REGULAR` or `INHERITED_VALUE`.\n" }, "value": { "type": "string", "description": "Default value for the cost category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleInheritedValue:CostCategoryRuleInheritedValue": { "properties": { "dimensionKey": { "type": "string", "description": "Key to extract cost category values.\n" }, "dimensionName": { "type": "string", "description": "Name of the dimension that's used to group costs. If you specify `LINKED_ACCOUNT_NAME`, the cost category value is based on account name. If you specify `TAG`, the cost category value will be based on the value of the specified tag key. Valid values are `LINKED_ACCOUNT_NAME`, `TAG`\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRule:CostCategoryRuleRule": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAnd:CostCategoryRuleRuleAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleCostCategory:CostCategoryRuleRuleCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleDimension:CostCategoryRuleRuleDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "not": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNot:CostCategoryRuleRuleNot", "description": "Return results that match both `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOr:CostCategoryRuleRuleOr" }, "description": "Return results that match both `Dimension` object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleTags:CostCategoryRuleRuleTags", "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAnd:CostCategoryRuleRuleAnd": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndAnd:CostCategoryRuleRuleAndAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndCostCategory:CostCategoryRuleRuleAndCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndDimension:CostCategoryRuleRuleAndDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "not": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndNot:CostCategoryRuleRuleAndNot", "description": "Return results that match both `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndOr:CostCategoryRuleRuleAndOr" }, "description": "Return results that match both `Dimension` object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndTags:CostCategoryRuleRuleAndTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndAnd:CostCategoryRuleRuleAndAnd": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndAndCostCategory:CostCategoryRuleRuleAndAndCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndAndDimension:CostCategoryRuleRuleAndAndDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndAndTags:CostCategoryRuleRuleAndAndTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndAndCostCategory:CostCategoryRuleRuleAndAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndAndDimension:CostCategoryRuleRuleAndAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndAndTags:CostCategoryRuleRuleAndAndTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndCostCategory:CostCategoryRuleRuleAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndDimension:CostCategoryRuleRuleAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndNot:CostCategoryRuleRuleAndNot": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndNotCostCategory:CostCategoryRuleRuleAndNotCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndNotDimension:CostCategoryRuleRuleAndNotDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndNotTags:CostCategoryRuleRuleAndNotTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndNotCostCategory:CostCategoryRuleRuleAndNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndNotDimension:CostCategoryRuleRuleAndNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndNotTags:CostCategoryRuleRuleAndNotTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndOr:CostCategoryRuleRuleAndOr": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndOrCostCategory:CostCategoryRuleRuleAndOrCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndOrDimension:CostCategoryRuleRuleAndOrDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleAndOrTags:CostCategoryRuleRuleAndOrTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndOrCostCategory:CostCategoryRuleRuleAndOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndOrDimension:CostCategoryRuleRuleAndOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndOrTags:CostCategoryRuleRuleAndOrTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleAndTags:CostCategoryRuleRuleAndTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleCostCategory:CostCategoryRuleRuleCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleDimension:CostCategoryRuleRuleDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNot:CostCategoryRuleRuleNot": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotAnd:CostCategoryRuleRuleNotAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotCostCategory:CostCategoryRuleRuleNotCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotDimension:CostCategoryRuleRuleNotDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "not": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotNot:CostCategoryRuleRuleNotNot", "description": "Return results that match both `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotOr:CostCategoryRuleRuleNotOr" }, "description": "Return results that match both `Dimension` object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotTags:CostCategoryRuleRuleNotTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotAnd:CostCategoryRuleRuleNotAnd": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotAndCostCategory:CostCategoryRuleRuleNotAndCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotAndDimension:CostCategoryRuleRuleNotAndDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotAndTags:CostCategoryRuleRuleNotAndTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotAndCostCategory:CostCategoryRuleRuleNotAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotAndDimension:CostCategoryRuleRuleNotAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotAndTags:CostCategoryRuleRuleNotAndTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotCostCategory:CostCategoryRuleRuleNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotDimension:CostCategoryRuleRuleNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotNot:CostCategoryRuleRuleNotNot": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotNotCostCategory:CostCategoryRuleRuleNotNotCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotNotDimension:CostCategoryRuleRuleNotNotDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotNotTags:CostCategoryRuleRuleNotNotTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotNotCostCategory:CostCategoryRuleRuleNotNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotNotDimension:CostCategoryRuleRuleNotNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotNotTags:CostCategoryRuleRuleNotNotTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotOr:CostCategoryRuleRuleNotOr": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotOrCostCategory:CostCategoryRuleRuleNotOrCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotOrDimension:CostCategoryRuleRuleNotOrDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleNotOrTags:CostCategoryRuleRuleNotOrTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotOrCostCategory:CostCategoryRuleRuleNotOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotOrDimension:CostCategoryRuleRuleNotOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotOrTags:CostCategoryRuleRuleNotOrTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleNotTags:CostCategoryRuleRuleNotTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOr:CostCategoryRuleRuleOr": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrAnd:CostCategoryRuleRuleOrAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrCostCategory:CostCategoryRuleRuleOrCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrDimension:CostCategoryRuleRuleOrDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "not": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrNot:CostCategoryRuleRuleOrNot", "description": "Return results that match both `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrOr:CostCategoryRuleRuleOrOr" }, "description": "Return results that match both `Dimension` object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrTags:CostCategoryRuleRuleOrTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrAnd:CostCategoryRuleRuleOrAnd": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrAndCostCategory:CostCategoryRuleRuleOrAndCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrAndDimension:CostCategoryRuleRuleOrAndDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrAndTags:CostCategoryRuleRuleOrAndTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrAndCostCategory:CostCategoryRuleRuleOrAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrAndDimension:CostCategoryRuleRuleOrAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrAndTags:CostCategoryRuleRuleOrAndTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrCostCategory:CostCategoryRuleRuleOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrDimension:CostCategoryRuleRuleOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrNot:CostCategoryRuleRuleOrNot": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrNotCostCategory:CostCategoryRuleRuleOrNotCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrNotDimension:CostCategoryRuleRuleOrNotDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrNotTags:CostCategoryRuleRuleOrNotTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrNotCostCategory:CostCategoryRuleRuleOrNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrNotDimension:CostCategoryRuleRuleOrNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrNotTags:CostCategoryRuleRuleOrNotTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrOr:CostCategoryRuleRuleOrOr": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrOrCostCategory:CostCategoryRuleRuleOrOrCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrOrDimension:CostCategoryRuleRuleOrOrDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/CostCategoryRuleRuleOrOrTags:CostCategoryRuleRuleOrOrTags", "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrOrCostCategory:CostCategoryRuleRuleOrOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrOrDimension:CostCategoryRuleRuleOrOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrOrTags:CostCategoryRuleRuleOrOrTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleOrTags:CostCategoryRuleRuleOrTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategoryRuleRuleTags:CostCategoryRuleRuleTags": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/CostCategorySplitChargeRule:CostCategorySplitChargeRule": { "properties": { "method": { "type": "string", "description": "Method that's used to define how to split your source costs across your targets. Valid values are `FIXED`, `PROPORTIONAL`, `EVEN`\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategorySplitChargeRuleParameter:CostCategorySplitChargeRuleParameter" }, "description": "Configuration block for the parameters for a split charge method. This is only required for the `FIXED` method. See below.\n" }, "source": { "type": "string", "description": "Cost Category value that you want to split.\n" }, "targets": { "type": "array", "items": { "type": "string" }, "description": "Cost Category values that you want to split costs across. These values can't be used as a source in other split charge rules.\n" } }, "type": "object", "required": [ "method", "source", "targets" ] }, "aws:costexplorer/CostCategorySplitChargeRuleParameter:CostCategorySplitChargeRuleParameter": { "properties": { "type": { "type": "string", "description": "Parameter type.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object" }, "aws:costexplorer/getCostCategoryRule:getCostCategoryRule": { "properties": { "inheritedValues": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleInheritedValue:getCostCategoryRuleInheritedValue" }, "description": "Configuration block for the value the line item is categorized as if the line item contains the matched dimension. See below.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRule:getCostCategoryRuleRule" }, "description": "Configuration block for the `Expression` object used to categorize costs. See below.\n" }, "type": { "type": "string", "description": "Parameter type.\n" }, "value": { "type": "string", "description": "Default value for the cost category.\n" } }, "type": "object", "required": [ "inheritedValues", "rules", "type", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleInheritedValue:getCostCategoryRuleInheritedValue": { "properties": { "dimensionKey": { "type": "string", "description": "Key to extract cost category values.\n" }, "dimensionName": { "type": "string", "description": "Name of the dimension that's used to group costs. If you specify `LINKED_ACCOUNT_NAME`, the cost category value is based on account name. If you specify `TAG`, the cost category value will be based on the value of the specified tag key. Valid values are `LINKED_ACCOUNT_NAME`, `TAG`\n" } }, "type": "object", "required": [ "dimensionKey", "dimensionName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRule:getCostCategoryRuleRule": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAnd:getCostCategoryRuleRuleAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleCostCategory:getCostCategoryRuleRuleCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleDimension:getCostCategoryRuleRuleDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "nots": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNot:getCostCategoryRuleRuleNot" }, "description": "Return results that do not match the `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOr:getCostCategoryRuleRuleOr" }, "description": "Return results that match either `Dimension` object.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleTag:getCostCategoryRuleRuleTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "ands", "costCategories", "dimensions", "nots", "ors", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAnd:getCostCategoryRuleRuleAnd": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndAnd:getCostCategoryRuleRuleAndAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndCostCategory:getCostCategoryRuleRuleAndCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndDimension:getCostCategoryRuleRuleAndDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "nots": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndNot:getCostCategoryRuleRuleAndNot" }, "description": "Return results that do not match the `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndOr:getCostCategoryRuleRuleAndOr" }, "description": "Return results that match either `Dimension` object.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndTag:getCostCategoryRuleRuleAndTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "ands", "costCategories", "dimensions", "nots", "ors", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndAnd:getCostCategoryRuleRuleAndAnd": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndAndCostCategory:getCostCategoryRuleRuleAndAndCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndAndDimension:getCostCategoryRuleRuleAndAndDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndAndTag:getCostCategoryRuleRuleAndAndTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndAndCostCategory:getCostCategoryRuleRuleAndAndCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndAndDimension:getCostCategoryRuleRuleAndAndDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndAndTag:getCostCategoryRuleRuleAndAndTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndCostCategory:getCostCategoryRuleRuleAndCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndDimension:getCostCategoryRuleRuleAndDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndNot:getCostCategoryRuleRuleAndNot": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndNotCostCategory:getCostCategoryRuleRuleAndNotCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndNotDimension:getCostCategoryRuleRuleAndNotDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndNotTag:getCostCategoryRuleRuleAndNotTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndNotCostCategory:getCostCategoryRuleRuleAndNotCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndNotDimension:getCostCategoryRuleRuleAndNotDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndNotTag:getCostCategoryRuleRuleAndNotTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndOr:getCostCategoryRuleRuleAndOr": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndOrCostCategory:getCostCategoryRuleRuleAndOrCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndOrDimension:getCostCategoryRuleRuleAndOrDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleAndOrTag:getCostCategoryRuleRuleAndOrTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndOrCostCategory:getCostCategoryRuleRuleAndOrCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndOrDimension:getCostCategoryRuleRuleAndOrDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndOrTag:getCostCategoryRuleRuleAndOrTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleAndTag:getCostCategoryRuleRuleAndTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleCostCategory:getCostCategoryRuleRuleCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleDimension:getCostCategoryRuleRuleDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNot:getCostCategoryRuleRuleNot": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotAnd:getCostCategoryRuleRuleNotAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotCostCategory:getCostCategoryRuleRuleNotCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotDimension:getCostCategoryRuleRuleNotDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "nots": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotNot:getCostCategoryRuleRuleNotNot" }, "description": "Return results that do not match the `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotOr:getCostCategoryRuleRuleNotOr" }, "description": "Return results that match either `Dimension` object.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotTag:getCostCategoryRuleRuleNotTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "ands", "costCategories", "dimensions", "nots", "ors", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotAnd:getCostCategoryRuleRuleNotAnd": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotAndCostCategory:getCostCategoryRuleRuleNotAndCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotAndDimension:getCostCategoryRuleRuleNotAndDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotAndTag:getCostCategoryRuleRuleNotAndTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotAndCostCategory:getCostCategoryRuleRuleNotAndCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotAndDimension:getCostCategoryRuleRuleNotAndDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotAndTag:getCostCategoryRuleRuleNotAndTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotCostCategory:getCostCategoryRuleRuleNotCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotDimension:getCostCategoryRuleRuleNotDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotNot:getCostCategoryRuleRuleNotNot": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotNotCostCategory:getCostCategoryRuleRuleNotNotCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotNotDimension:getCostCategoryRuleRuleNotNotDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotNotTag:getCostCategoryRuleRuleNotNotTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotNotCostCategory:getCostCategoryRuleRuleNotNotCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotNotDimension:getCostCategoryRuleRuleNotNotDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotNotTag:getCostCategoryRuleRuleNotNotTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotOr:getCostCategoryRuleRuleNotOr": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotOrCostCategory:getCostCategoryRuleRuleNotOrCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotOrDimension:getCostCategoryRuleRuleNotOrDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleNotOrTag:getCostCategoryRuleRuleNotOrTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotOrCostCategory:getCostCategoryRuleRuleNotOrCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotOrDimension:getCostCategoryRuleRuleNotOrDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotOrTag:getCostCategoryRuleRuleNotOrTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleNotTag:getCostCategoryRuleRuleNotTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOr:getCostCategoryRuleRuleOr": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrAnd:getCostCategoryRuleRuleOrAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrCostCategory:getCostCategoryRuleRuleOrCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrDimension:getCostCategoryRuleRuleOrDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "nots": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrNot:getCostCategoryRuleRuleOrNot" }, "description": "Return results that do not match the `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrOr:getCostCategoryRuleRuleOrOr" }, "description": "Return results that match either `Dimension` object.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrTag:getCostCategoryRuleRuleOrTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "ands", "costCategories", "dimensions", "nots", "ors", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrAnd:getCostCategoryRuleRuleOrAnd": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrAndCostCategory:getCostCategoryRuleRuleOrAndCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrAndDimension:getCostCategoryRuleRuleOrAndDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrAndTag:getCostCategoryRuleRuleOrAndTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrAndCostCategory:getCostCategoryRuleRuleOrAndCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrAndDimension:getCostCategoryRuleRuleOrAndDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrAndTag:getCostCategoryRuleRuleOrAndTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrCostCategory:getCostCategoryRuleRuleOrCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrDimension:getCostCategoryRuleRuleOrDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrNot:getCostCategoryRuleRuleOrNot": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrNotCostCategory:getCostCategoryRuleRuleOrNotCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrNotDimension:getCostCategoryRuleRuleOrNotDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrNotTag:getCostCategoryRuleRuleOrNotTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrNotCostCategory:getCostCategoryRuleRuleOrNotCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrNotDimension:getCostCategoryRuleRuleOrNotDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrNotTag:getCostCategoryRuleRuleOrNotTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrOr:getCostCategoryRuleRuleOrOr": { "properties": { "costCategories": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrOrCostCategory:getCostCategoryRuleRuleOrOrCostCategory" }, "description": "Configuration block for the filter that's based on `CostCategory` values. See below.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrOrDimension:getCostCategoryRuleRuleOrOrDimension" }, "description": "Configuration block for the specific `Dimension` to use for `Expression`. See below.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRuleRuleOrOrTag:getCostCategoryRuleRuleOrOrTag" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategories", "dimensions", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrOrCostCategory:getCostCategoryRuleRuleOrOrCostCategory": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrOrDimension:getCostCategoryRuleRuleOrOrDimension": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrOrTag:getCostCategoryRuleRuleOrOrTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleOrTag:getCostCategoryRuleRuleOrTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategoryRuleRuleTag:getCostCategoryRuleRuleTag": { "properties": { "key": { "type": "string", "description": "Key for the tag.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "key", "matchOptions", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategorySplitChargeRule:getCostCategorySplitChargeRule": { "properties": { "method": { "type": "string", "description": "Method that's used to define how to split your source costs across your targets. Valid values are `FIXED`, `PROPORTIONAL`, `EVEN`\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getCostCategorySplitChargeRuleParameter:getCostCategorySplitChargeRuleParameter" }, "description": "Configuration block for the parameters for a split charge method. This is only required for the `FIXED` method. See below.\n" }, "source": { "type": "string", "description": "Cost Category value that you want to split.\n" }, "targets": { "type": "array", "items": { "type": "string" }, "description": "Cost Category values that you want to split costs across. These values can't be used as a source in other split charge rules.\n" } }, "type": "object", "required": [ "method", "parameters", "source", "targets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getCostCategorySplitChargeRuleParameter:getCostCategorySplitChargeRuleParameter": { "properties": { "type": { "type": "string", "description": "Parameter type.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Parameter values.\n" } }, "type": "object", "required": [ "type", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:costexplorer/getTagsFilter:getTagsFilter": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getTagsFilterAnd:getTagsFilterAnd" }, "description": "Return results that match both `Dimension` objects.\n" }, "costCategory": { "$ref": "#/types/aws:costexplorer/getTagsFilterCostCategory:getTagsFilterCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See `cost_category` block below for details.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/getTagsFilterDimension:getTagsFilterDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details.\n" }, "not": { "$ref": "#/types/aws:costexplorer/getTagsFilterNot:getTagsFilterNot", "description": "Return results that match both `Dimension` object.\n" }, "ors": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getTagsFilterOr:getTagsFilterOr" }, "description": "Return results that match both `Dimension` object.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/getTagsFilterTags:getTagsFilterTags", "description": "Tags that match your request.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterAnd:getTagsFilterAnd": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/getTagsFilterAndCostCategory:getTagsFilterAndCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See `cost_category` block below for details.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/getTagsFilterAndDimension:getTagsFilterAndDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/getTagsFilterAndTags:getTagsFilterAndTags", "description": "Tags that match your request.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterAndCostCategory:getTagsFilterAndCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterAndDimension:getTagsFilterAndDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterAndTags:getTagsFilterAndTags": { "properties": { "key": { "type": "string" }, "matchOptions": { "type": "array", "items": { "type": "string" } }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:costexplorer/getTagsFilterCostCategory:getTagsFilterCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterDimension:getTagsFilterDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterNot:getTagsFilterNot": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/getTagsFilterNotCostCategory:getTagsFilterNotCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See `cost_category` block below for details.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/getTagsFilterNotDimension:getTagsFilterNotDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/getTagsFilterNotTags:getTagsFilterNotTags", "description": "Tags that match your request.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterNotCostCategory:getTagsFilterNotCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterNotDimension:getTagsFilterNotDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterNotTags:getTagsFilterNotTags": { "properties": { "key": { "type": "string" }, "matchOptions": { "type": "array", "items": { "type": "string" } }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:costexplorer/getTagsFilterOr:getTagsFilterOr": { "properties": { "costCategory": { "$ref": "#/types/aws:costexplorer/getTagsFilterOrCostCategory:getTagsFilterOrCostCategory", "description": "Configuration block for the filter that's based on `CostCategory` values. See `cost_category` block below for details.\n" }, "dimension": { "$ref": "#/types/aws:costexplorer/getTagsFilterOrDimension:getTagsFilterOrDimension", "description": "Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details.\n" }, "tags": { "$ref": "#/types/aws:costexplorer/getTagsFilterOrTags:getTagsFilterOrTags", "description": "Tags that match your request.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterOrCostCategory:getTagsFilterOrCostCategory": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterOrDimension:getTagsFilterOrDimension": { "properties": { "key": { "type": "string", "description": "Unique name of the Cost Category.\n" }, "matchOptions": { "type": "array", "items": { "type": "string" }, "description": "Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Specific value of the Cost Category.\n" } }, "type": "object" }, "aws:costexplorer/getTagsFilterOrTags:getTagsFilterOrTags": { "properties": { "key": { "type": "string" }, "matchOptions": { "type": "array", "items": { "type": "string" } }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:costexplorer/getTagsFilterTags:getTagsFilterTags": { "properties": { "key": { "type": "string" }, "matchOptions": { "type": "array", "items": { "type": "string" } }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:costexplorer/getTagsSortBy:getTagsSortBy": { "properties": { "key": { "type": "string", "description": "key that's used to sort the data. Valid values are: `BlendedCost`, `UnblendedCost`, `AmortizedCost`, `NetAmortizedCost`, `NetUnblendedCost`, `UsageQuantity`, `NormalizedUsageAmount`.\n" }, "sortOrder": { "type": "string", "description": "order that's used to sort the data. Valid values are: `ASCENDING`, `DESCENDING`.\n" } }, "type": "object" }, "aws:costexplorer/getTagsTimePeriod:getTagsTimePeriod": { "properties": { "end": { "type": "string", "description": "Beginning of the time period.\n" }, "start": { "type": "string", "description": "End of the time period.\n" } }, "type": "object", "required": [ "end", "start" ] }, "aws:customerprofiles/DomainMatching:DomainMatching": { "properties": { "autoMerging": { "$ref": "#/types/aws:customerprofiles/DomainMatchingAutoMerging:DomainMatchingAutoMerging", "description": "A block that specifies the configuration about the auto-merging process. Documented below.\n" }, "enabled": { "type": "boolean", "description": "The flag that enables the matching process of duplicate profiles.\n" }, "exportingConfig": { "$ref": "#/types/aws:customerprofiles/DomainMatchingExportingConfig:DomainMatchingExportingConfig", "description": "A block that specifies the configuration for exporting Identity Resolution results. Documented below.\n" }, "jobSchedule": { "$ref": "#/types/aws:customerprofiles/DomainMatchingJobSchedule:DomainMatchingJobSchedule", "description": "A block that specifies the day and time when you want to start the Identity Resolution Job every week. Documented below.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "autoMerging", "enabled" ] } } }, "aws:customerprofiles/DomainMatchingAutoMerging:DomainMatchingAutoMerging": { "properties": { "conflictResolution": { "$ref": "#/types/aws:customerprofiles/DomainMatchingAutoMergingConflictResolution:DomainMatchingAutoMergingConflictResolution", "description": "A block that specifies how the auto-merging process should resolve conflicts between different profiles. Documented below.\n" }, "consolidation": { "$ref": "#/types/aws:customerprofiles/DomainMatchingAutoMergingConsolidation:DomainMatchingAutoMergingConsolidation", "description": "A block that specifies a list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged. Documented below.\n* `min_allowed_confidence_score_for_merging ` - (Optional) A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means higher similarity required to merge profiles.\n" }, "enabled": { "type": "boolean", "description": "The flag that enables the auto-merging of duplicate profiles.\n" }, "minAllowedConfidenceScoreForMerging": { "type": "number" } }, "type": "object", "required": [ "enabled" ] }, "aws:customerprofiles/DomainMatchingAutoMergingConflictResolution:DomainMatchingAutoMergingConflictResolution": { "properties": { "conflictResolvingModel": { "type": "string", "description": "How the auto-merging process should resolve conflicts between different profiles. Valid values are `RECENCY` and `SOURCE`\n" }, "sourceName": { "type": "string", "description": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel`.\n" } }, "type": "object", "required": [ "conflictResolvingModel" ] }, "aws:customerprofiles/DomainMatchingAutoMergingConsolidation:DomainMatchingAutoMergingConsolidation": { "properties": { "matchingAttributesLists": { "type": "array", "items": { "type": "array", "items": { "type": "string" } }, "description": "A list of matching criteria.\n" } }, "type": "object", "required": [ "matchingAttributesLists" ] }, "aws:customerprofiles/DomainMatchingExportingConfig:DomainMatchingExportingConfig": { "properties": { "s3Exporting": { "$ref": "#/types/aws:customerprofiles/DomainMatchingExportingConfigS3Exporting:DomainMatchingExportingConfigS3Exporting" } }, "type": "object" }, "aws:customerprofiles/DomainMatchingExportingConfigS3Exporting:DomainMatchingExportingConfigS3Exporting": { "properties": { "s3BucketName": { "type": "string", "description": "The name of the S3 bucket where Identity Resolution Jobs write result files.\n" }, "s3KeyName": { "type": "string", "description": "The S3 key name of the location where Identity Resolution Jobs write result files.\n" } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:customerprofiles/DomainMatchingJobSchedule:DomainMatchingJobSchedule": { "properties": { "dayOfTheWeek": { "type": "string", "description": "The day when the Identity Resolution Job should run every week.\n" }, "time": { "type": "string", "description": "The time when the Identity Resolution Job should run every week.\n" } }, "type": "object", "required": [ "dayOfTheWeek", "time" ] }, "aws:customerprofiles/DomainRuleBasedMatching:DomainRuleBasedMatching": { "properties": { "attributeTypesSelector": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatchingAttributeTypesSelector:DomainRuleBasedMatchingAttributeTypesSelector", "description": "A block that configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles. Documented below.\n" }, "conflictResolution": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatchingConflictResolution:DomainRuleBasedMatchingConflictResolution", "description": "A block that specifies how the auto-merging process should resolve conflicts between different profiles. Documented below.\n" }, "enabled": { "type": "boolean", "description": "The flag that enables the rule-based matching process of duplicate profiles.\n" }, "exportingConfig": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatchingExportingConfig:DomainRuleBasedMatchingExportingConfig", "description": "A block that specifies the configuration for exporting Identity Resolution results. Documented below.\n" }, "matchingRules": { "type": "array", "items": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatchingMatchingRule:DomainRuleBasedMatchingMatchingRule" }, "description": "A block that configures how the rule-based matching process should match profiles. You can have up to 15 `rule` in the `natching_rules`. Documented below.\n" }, "maxAllowedRuleLevelForMatching": { "type": "integer", "description": "Indicates the maximum allowed rule level for matching.\n" }, "maxAllowedRuleLevelForMerging": { "type": "integer", "description": "Indicates the maximum allowed rule level for merging.\n" }, "status": { "type": "string" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "status" ] } } }, "aws:customerprofiles/DomainRuleBasedMatchingAttributeTypesSelector:DomainRuleBasedMatchingAttributeTypesSelector": { "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "The `Address` type. You can choose from `Address`, `BusinessAddress`, `MaillingAddress`, and `ShippingAddress`.\n" }, "attributeMatchingModel": { "type": "string", "description": "Configures the `AttributeMatchingModel`, you can either choose `ONE_TO_ONE` or `MANY_TO_MANY`.\n" }, "emailAddresses": { "type": "array", "items": { "type": "string" }, "description": "The `Email` type. You can choose from `EmailAddress`, `BusinessEmailAddress` and `PersonalEmailAddress`.\n" }, "phoneNumbers": { "type": "array", "items": { "type": "string" }, "description": "The `PhoneNumber` type. You can choose from `PhoneNumber`, `HomePhoneNumber`, and `MobilePhoneNumber`.\n" } }, "type": "object", "required": [ "attributeMatchingModel" ] }, "aws:customerprofiles/DomainRuleBasedMatchingConflictResolution:DomainRuleBasedMatchingConflictResolution": { "properties": { "conflictResolvingModel": { "type": "string", "description": "How the auto-merging process should resolve conflicts between different profiles. Valid values are `RECENCY` and `SOURCE`\n" }, "sourceName": { "type": "string", "description": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel`.\n" } }, "type": "object", "required": [ "conflictResolvingModel" ] }, "aws:customerprofiles/DomainRuleBasedMatchingExportingConfig:DomainRuleBasedMatchingExportingConfig": { "properties": { "s3Exporting": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatchingExportingConfigS3Exporting:DomainRuleBasedMatchingExportingConfigS3Exporting" } }, "type": "object" }, "aws:customerprofiles/DomainRuleBasedMatchingExportingConfigS3Exporting:DomainRuleBasedMatchingExportingConfigS3Exporting": { "properties": { "s3BucketName": { "type": "string", "description": "The name of the S3 bucket where Identity Resolution Jobs write result files.\n" }, "s3KeyName": { "type": "string", "description": "The S3 key name of the location where Identity Resolution Jobs write result files.\n" } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:customerprofiles/DomainRuleBasedMatchingMatchingRule:DomainRuleBasedMatchingMatchingRule": { "properties": { "rules": { "type": "array", "items": { "type": "string" }, "description": "A single rule level of the `match_rules`. Configures how the rule-based matching process should match profiles.\n" } }, "type": "object", "required": [ "rules" ] }, "aws:customerprofiles/ProfileAddress:ProfileAddress": { "properties": { "address1": { "type": "string", "description": "The first line of a customer address.\n" }, "address2": { "type": "string", "description": "The second line of a customer address.\n" }, "address3": { "type": "string", "description": "The third line of a customer address.\n" }, "address4": { "type": "string", "description": "The fourth line of a customer address.\n" }, "city": { "type": "string", "description": "The city in which a customer lives.\n" }, "country": { "type": "string", "description": "The country in which a customer lives.\n" }, "county": { "type": "string", "description": "The county in which a customer lives.\n" }, "postalCode": { "type": "string", "description": "The postal code of a customer address.\n" }, "province": { "type": "string", "description": "The province in which a customer lives.\n" }, "state": { "type": "string", "description": "The state in which a customer lives.\n" } }, "type": "object" }, "aws:customerprofiles/ProfileBillingAddress:ProfileBillingAddress": { "properties": { "address1": { "type": "string", "description": "The first line of a customer address.\n" }, "address2": { "type": "string", "description": "The second line of a customer address.\n" }, "address3": { "type": "string", "description": "The third line of a customer address.\n" }, "address4": { "type": "string", "description": "The fourth line of a customer address.\n" }, "city": { "type": "string", "description": "The city in which a customer lives.\n" }, "country": { "type": "string", "description": "The country in which a customer lives.\n" }, "county": { "type": "string", "description": "The county in which a customer lives.\n" }, "postalCode": { "type": "string", "description": "The postal code of a customer address.\n" }, "province": { "type": "string", "description": "The province in which a customer lives.\n" }, "state": { "type": "string", "description": "The state in which a customer lives.\n" } }, "type": "object" }, "aws:customerprofiles/ProfileMailingAddress:ProfileMailingAddress": { "properties": { "address1": { "type": "string", "description": "The first line of a customer address.\n" }, "address2": { "type": "string", "description": "The second line of a customer address.\n" }, "address3": { "type": "string", "description": "The third line of a customer address.\n" }, "address4": { "type": "string", "description": "The fourth line of a customer address.\n" }, "city": { "type": "string", "description": "The city in which a customer lives.\n" }, "country": { "type": "string", "description": "The country in which a customer lives.\n" }, "county": { "type": "string", "description": "The county in which a customer lives.\n" }, "postalCode": { "type": "string", "description": "The postal code of a customer address.\n" }, "province": { "type": "string", "description": "The province in which a customer lives.\n" }, "state": { "type": "string", "description": "The state in which a customer lives.\n" } }, "type": "object" }, "aws:customerprofiles/ProfileShippingAddress:ProfileShippingAddress": { "properties": { "address1": { "type": "string", "description": "The first line of a customer address.\n" }, "address2": { "type": "string", "description": "The second line of a customer address.\n" }, "address3": { "type": "string", "description": "The third line of a customer address.\n" }, "address4": { "type": "string", "description": "The fourth line of a customer address.\n" }, "city": { "type": "string", "description": "The city in which a customer lives.\n" }, "country": { "type": "string", "description": "The country in which a customer lives.\n" }, "county": { "type": "string", "description": "The county in which a customer lives.\n" }, "postalCode": { "type": "string", "description": "The postal code of a customer address.\n" }, "province": { "type": "string", "description": "The province in which a customer lives.\n" }, "state": { "type": "string", "description": "The state in which a customer lives.\n" } }, "type": "object" }, "aws:datapipeline/PipelineDefinitionParameterObject:PipelineDefinitionParameterObject": { "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterObjectAttribute:PipelineDefinitionParameterObjectAttribute" }, "description": "Configuration block for attributes of the parameter object. See below\n" }, "id": { "type": "string", "description": "ID of the parameter object.\n" } }, "type": "object", "required": [ "id" ] }, "aws:datapipeline/PipelineDefinitionParameterObjectAttribute:PipelineDefinitionParameterObjectAttribute": { "properties": { "key": { "type": "string", "description": "Field identifier.\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "key", "stringValue" ] }, "aws:datapipeline/PipelineDefinitionParameterValue:PipelineDefinitionParameterValue": { "properties": { "id": { "type": "string", "description": "ID of the parameter value.\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "id", "stringValue" ] }, "aws:datapipeline/PipelineDefinitionPipelineObject:PipelineDefinitionPipelineObject": { "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionPipelineObjectField:PipelineDefinitionPipelineObjectField" }, "description": "Configuration block for Key-value pairs that define the properties of the object. See below\n" }, "id": { "type": "string", "description": "ID of the object.\n" }, "name": { "type": "string", "description": "ARN of the storage connector.\n" } }, "type": "object", "required": [ "id", "name" ] }, "aws:datapipeline/PipelineDefinitionPipelineObjectField:PipelineDefinitionPipelineObjectField": { "properties": { "key": { "type": "string", "description": "Field identifier.\n" }, "refValue": { "type": "string", "description": "Field value, expressed as the identifier of another object\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "key" ] }, "aws:datapipeline/getPipelineDefinitionParameterObject:getPipelineDefinitionParameterObject": { "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionParameterObjectAttribute:getPipelineDefinitionParameterObjectAttribute" } }, "id": { "type": "string", "description": "ID of the object.\n" } }, "type": "object", "required": [ "attributes", "id" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:datapipeline/getPipelineDefinitionParameterObjectAttribute:getPipelineDefinitionParameterObjectAttribute": { "properties": { "key": { "type": "string", "description": "Field identifier.\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "key", "stringValue" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:datapipeline/getPipelineDefinitionParameterValue:getPipelineDefinitionParameterValue": { "properties": { "id": { "type": "string", "description": "ID of the object.\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "id", "stringValue" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:datapipeline/getPipelineDefinitionPipelineObject:getPipelineDefinitionPipelineObject": { "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionPipelineObjectField:getPipelineDefinitionPipelineObjectField" }, "description": "Key-value pairs that define the properties of the object. See below\n" }, "id": { "type": "string", "description": "ID of the object.\n" }, "name": { "type": "string", "description": "ARN of the storage connector.\n" } }, "type": "object", "required": [ "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:datapipeline/getPipelineDefinitionPipelineObjectField:getPipelineDefinitionPipelineObjectField": { "properties": { "key": { "type": "string", "description": "Field identifier.\n" }, "refValue": { "type": "string", "description": "Field value, expressed as the identifier of another object\n" }, "stringValue": { "type": "string", "description": "Field value, expressed as a String.\n" } }, "type": "object", "required": [ "key", "refValue", "stringValue" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config": { "properties": { "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the EC2 Security Groups that are associated with the EFS Mount Target.\n", "willReplaceOnChanges": true }, "subnetArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EC2 Subnet that is associated with the EFS Mount Target.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "securityGroupArns", "subnetArn" ] }, "aws:datasync/FsxOpenZfsFileSystemProtocol:FsxOpenZfsFileSystemProtocol": { "properties": { "nfs": { "$ref": "#/types/aws:datasync/FsxOpenZfsFileSystemProtocolNfs:FsxOpenZfsFileSystemProtocolNfs", "description": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system. See below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "nfs" ] }, "aws:datasync/FsxOpenZfsFileSystemProtocolNfs:FsxOpenZfsFileSystemProtocolNfs": { "properties": { "mountOptions": { "$ref": "#/types/aws:datasync/FsxOpenZfsFileSystemProtocolNfsMountOptions:FsxOpenZfsFileSystemProtocolNfsMountOptions", "description": "Represents the mount options that are available for DataSync to access an NFS location. See below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "mountOptions" ] }, "aws:datasync/FsxOpenZfsFileSystemProtocolNfsMountOptions:FsxOpenZfsFileSystemProtocolNfsMountOptions": { "properties": { "version": { "type": "string", "description": "The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC`\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:datasync/LocationAzureBlobSasConfiguration:LocationAzureBlobSasConfiguration": { "properties": { "token": { "type": "string", "description": "A SAS token that provides permissions to access your Azure Blob Storage.\n" } }, "type": "object", "required": [ "token" ] }, "aws:datasync/LocationFsxOntapFileSystemProtocol:LocationFsxOntapFileSystemProtocol": { "properties": { "nfs": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocolNfs:LocationFsxOntapFileSystemProtocolNfs", "description": "Network File System (NFS) protocol that DataSync uses to access your FSx ONTAP file system. See NFS below.\n", "willReplaceOnChanges": true }, "smb": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocolSmb:LocationFsxOntapFileSystemProtocolSmb", "description": "Server Message Block (SMB) protocol that DataSync uses to access your FSx ONTAP file system. See [SMB] (#smb) below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:datasync/LocationFsxOntapFileSystemProtocolNfs:LocationFsxOntapFileSystemProtocolNfs": { "properties": { "mountOptions": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocolNfsMountOptions:LocationFsxOntapFileSystemProtocolNfsMountOptions", "description": "Mount options that are available for DataSync to access an NFS location. See NFS Mount Options below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "mountOptions" ] }, "aws:datasync/LocationFsxOntapFileSystemProtocolNfsMountOptions:LocationFsxOntapFileSystemProtocolNfsMountOptions": { "properties": { "version": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" }, "aws:datasync/LocationFsxOntapFileSystemProtocolSmb:LocationFsxOntapFileSystemProtocolSmb": { "properties": { "domain": { "type": "string", "description": "Fully qualified domain name of the Microsoft Active Directory (AD) that your storage virtual machine belongs to.\n", "willReplaceOnChanges": true }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocolSmbMountOptions:LocationFsxOntapFileSystemProtocolSmbMountOptions", "description": "Mount options that are available for DataSync to access an SMB location. See SMB Mount Options below.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "Password of a user who has permission to access your SVM.\n", "secret": true, "willReplaceOnChanges": true }, "user": { "type": "string", "description": "Username that can mount the location and access the files, folders, and metadata that you need in the SVM.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "mountOptions", "password", "user" ] }, "aws:datasync/LocationFsxOntapFileSystemProtocolSmbMountOptions:LocationFsxOntapFileSystemProtocolSmbMountOptions": { "properties": { "version": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" }, "aws:datasync/LocationHdfsNameNode:LocationHdfsNameNode": { "properties": { "hostname": { "type": "string", "description": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.\n" }, "port": { "type": "integer", "description": "The port that the NameNode uses to listen to client requests.\n" } }, "type": "object", "required": [ "hostname", "port" ] }, "aws:datasync/LocationHdfsQopConfiguration:LocationHdfsQopConfiguration": { "properties": { "dataTransferProtection": { "type": "string", "description": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`.\n" }, "rpcProtection": { "type": "string", "description": "The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dataTransferProtection", "rpcProtection" ] } } }, "aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions": { "properties": { "version": { "type": "string", "description": "The specific SMB version that you want DataSync to use for mounting your SMB share. Valid values: `AUTOMATIC`, `SMB2`, and `SMB3`. Default: `AUTOMATIC`\n" } }, "type": "object" }, "aws:datasync/NfsLocationMountOptions:NfsLocationMountOptions": { "properties": { "version": { "type": "string", "description": "The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC`\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig": { "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "List of Amazon Resource Names (ARNs) of the DataSync Agents used to connect to the NFS server.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "agentArns" ] }, "aws:datasync/S3LocationS3Config:S3LocationS3Config": { "properties": { "bucketAccessRoleArn": { "type": "string", "description": "ARN of the IAM Role used to connect to the S3 Bucket.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucketAccessRoleArn" ] }, "aws:datasync/TaskExcludes:TaskExcludes": { "properties": { "filterType": { "type": "string", "description": "The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`.\n" }, "value": { "type": "string", "description": "A single filter string that consists of the patterns to exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`\n" } }, "type": "object" }, "aws:datasync/TaskIncludes:TaskIncludes": { "properties": { "filterType": { "type": "string", "description": "The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`.\n" }, "value": { "type": "string", "description": "A single filter string that consists of the patterns to include. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`\n" } }, "type": "object" }, "aws:datasync/TaskOptions:TaskOptions": { "properties": { "atime": { "type": "string", "description": "A file metadata that shows the last time a file was accessed (that is when the file was read or written to). If set to `BEST_EFFORT`, the DataSync Task attempts to preserve the original (that is, the version before sync `PREPARING` phase) `atime` attribute on all source files. Valid values: `BEST_EFFORT`, `NONE`. Default: `BEST_EFFORT`.\n" }, "bytesPerSecond": { "type": "integer", "description": "Limits the bandwidth utilized. For example, to set a maximum of 1 MB, set this value to `1048576`. Value values: `-1` or greater. Default: `-1` (unlimited).\n" }, "gid": { "type": "string", "description": "Group identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID).\n" }, "logLevel": { "type": "string", "description": "Determines the type of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide. Valid values: `OFF`, `BASIC`, `TRANSFER`. Default: `OFF`.\n" }, "mtime": { "type": "string", "description": "A file metadata that indicates the last time a file was modified (written to) before the sync `PREPARING` phase. Value values: `NONE`, `PRESERVE`. Default: `PRESERVE`.\n" }, "objectTags": { "type": "string", "description": "Specifies whether object tags are maintained when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the NONE value. Valid values: `PRESERVE`, `NONE`. Default value: `PRESERVE`.\n" }, "overwriteMode": { "type": "string", "description": "Determines whether files at the destination should be overwritten or preserved when copying files. Valid values: `ALWAYS`, `NEVER`. Default: `ALWAYS`.\n" }, "posixPermissions": { "type": "string", "description": "Determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. Valid values: `NONE`, `PRESERVE`. Default: `PRESERVE`.\n" }, "preserveDeletedFiles": { "type": "string", "description": "Whether files deleted in the source should be removed or preserved in the destination file system. Valid values: `PRESERVE`, `REMOVE`. Default: `PRESERVE`.\n" }, "preserveDevices": { "type": "string", "description": "Whether the DataSync Task should preserve the metadata of block and character devices in the source files system, and recreate the files with that device name and metadata on the destination. The DataSync Task can’t sync the actual contents of such devices, because many of the devices are non-terminal and don’t return an end of file (EOF) marker. Valid values: `NONE`, `PRESERVE`. Default: `NONE` (ignore special devices).\n" }, "securityDescriptorCopyFlags": { "type": "string", "description": "Determines which components of the SMB security descriptor are copied from source to destination objects. This value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. Valid values: `NONE`, `OWNER_DACL`, `OWNER_DACL_SACL`. Default: `OWNER_DACL`.\n" }, "taskQueueing": { "type": "string", "description": "Determines whether tasks should be queued before executing the tasks. Valid values: `ENABLED`, `DISABLED`. Default `ENABLED`.\n" }, "transferMode": { "type": "string", "description": "Determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location. Valid values: `CHANGED`, `ALL`. Default: `CHANGED`\n" }, "uid": { "type": "string", "description": "User identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID).\n" }, "verifyMode": { "type": "string", "description": "Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`, `ONLY_FILES_TRANSFERRED`. Default: `POINT_IN_TIME_CONSISTENT`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityDescriptorCopyFlags" ] } } }, "aws:datasync/TaskSchedule:TaskSchedule": { "properties": { "scheduleExpression": { "type": "string", "description": "Specifies the schedule you want your task to use for repeated executions. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html).\n" } }, "type": "object", "required": [ "scheduleExpression" ] }, "aws:datasync/TaskTaskReportConfig:TaskTaskReportConfig": { "properties": { "outputType": { "type": "string", "description": "Specifies the type of task report you'd like. Valid values: `SUMMARY_ONLY` and `STANDARD`.\n" }, "reportLevel": { "type": "string", "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`.\n" }, "reportOverrides": { "$ref": "#/types/aws:datasync/TaskTaskReportConfigReportOverrides:TaskTaskReportConfigReportOverrides", "description": "Configuration block containing the configuration of the reporting level for aspects of your task report. See `report_overrides` below.\n" }, "s3Destination": { "$ref": "#/types/aws:datasync/TaskTaskReportConfigS3Destination:TaskTaskReportConfigS3Destination", "description": "Configuration block containing the configuration for the Amazon S3 bucket where DataSync uploads your task report. See `s3_destination` below.\n" }, "s3ObjectVersioning": { "type": "string", "description": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you enable versioning on your bucket. Keep in mind that setting this to INCLUDE can increase the duration of your task execution. Valid values: `INCLUDE` and `NONE`.\n" } }, "type": "object", "required": [ "s3Destination" ] }, "aws:datasync/TaskTaskReportConfigReportOverrides:TaskTaskReportConfigReportOverrides": { "properties": { "deletedOverride": { "type": "string", "description": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`.\n" }, "skippedOverride": { "type": "string", "description": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to skip during your transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`.\n" }, "transferredOverride": { "type": "string", "description": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`.\n" }, "verifiedOverride": { "type": "string", "description": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to verify at the end of your transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`.\n\n\u003e **NOTE:** If any `report_overrides` are set to the same value as `task_report_config.report_level`, they will always be flagged as changed. Only set overrides to a value that differs from `task_report_config.report_level`.\n" } }, "type": "object" }, "aws:datasync/TaskTaskReportConfigS3Destination:TaskTaskReportConfigS3Destination": { "properties": { "bucketAccessRoleArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the IAM policy that allows DataSync to upload a task report to your S3 bucket.\n" }, "s3BucketArn": { "type": "string", "description": "Specifies the ARN of the S3 bucket where DataSync uploads your report.\n" }, "subdirectory": { "type": "string", "description": "Specifies a bucket prefix for your report.\n" } }, "type": "object", "required": [ "bucketAccessRoleArn", "s3BucketArn" ] }, "aws:datazone/DomainSingleSignOn:DomainSingleSignOn": { "properties": { "type": { "type": "string" }, "userAssignment": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:datazone/DomainTimeouts:DomainTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:datazone/ProjectFailureReason:ProjectFailureReason": { "properties": { "code": { "type": "string" }, "message": { "type": "string" } }, "type": "object", "required": [ "code", "message" ] }, "aws:datazone/ProjectTimeouts:ProjectTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:dax/ClusterNode:ClusterNode": { "properties": { "address": { "type": "string" }, "availabilityZone": { "type": "string" }, "id": { "type": "string" }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "availabilityZone", "id", "port" ] } } }, "aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. Defaults to `false`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:dax/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the parameter.\n" }, "value": { "type": "string", "description": "The value for the parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:devicefarm/DevicePoolRule:DevicePoolRule": { "properties": { "attribute": { "type": "string", "description": "The rule's stringified attribute. Valid values are: `APPIUM_VERSION`, `ARN`, `AVAILABILITY`, `FLEET_TYPE`, `FORM_FACTOR`, `INSTANCE_ARN`, `INSTANCE_LABELS`, `MANUFACTURER`, `MODEL`, `OS_VERSION`, `PLATFORM`, `REMOTE_ACCESS_ENABLED`, `REMOTE_DEBUG_ENABLED`.\n" }, "operator": { "type": "string", "description": "Specifies how Device Farm compares the rule's attribute to the value. For the operators that are supported by each attribute. Valid values are: `EQUALS`, `NOT_IN`, `IN`, `GREATER_THAN`, `GREATER_THAN_OR_EQUALS`, `LESS_THAN`, `LESS_THAN_OR_EQUALS`, `CONTAINS`.\n" }, "value": { "type": "string", "description": "The rule's value.\n" } }, "type": "object" }, "aws:devicefarm/TestGridProjectVpcConfig:TestGridProjectVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs in your Amazon VPC.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs in your Amazon VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon VPC.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds", "vpcId" ] }, "aws:devopsguru/EventSourcesConfigEventSource:EventSourcesConfigEventSource": { "properties": { "amazonCodeGuruProfilers": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/EventSourcesConfigEventSourceAmazonCodeGuruProfiler:EventSourcesConfigEventSourceAmazonCodeGuruProfiler" }, "description": "Stores whether DevOps Guru is configured to consume recommendations which are generated from AWS CodeGuru Profiler. See `amazon_code_guru_profiler` below.\n" } }, "type": "object" }, "aws:devopsguru/EventSourcesConfigEventSourceAmazonCodeGuruProfiler:EventSourcesConfigEventSourceAmazonCodeGuruProfiler": { "properties": { "status": { "type": "string", "description": "Status of the CodeGuru Profiler integration. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:devopsguru/NotificationChannelFilters:NotificationChannelFilters": { "properties": { "messageTypes": { "type": "array", "items": { "type": "string" }, "description": "Events to receive notifications for. Valid values are `NEW_INSIGHT`, `CLOSED_INSIGHT`, `NEW_ASSOCIATION`, `SEVERITY_UPGRADED`, and `NEW_RECOMMENDATION`.\n" }, "severities": { "type": "array", "items": { "type": "string" }, "description": "Severity levels to receive notifications for. Valid values are `LOW`, `MEDIUM`, and `HIGH`.\n" } }, "type": "object" }, "aws:devopsguru/NotificationChannelSns:NotificationChannelSns": { "properties": { "topicArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.\n" } }, "type": "object", "required": [ "topicArn" ] }, "aws:devopsguru/ResourceCollectionCloudformation:ResourceCollectionCloudformation": { "properties": { "stackNames": { "type": "array", "items": { "type": "string" }, "description": "Array of the names of the AWS CloudFormation stacks. If `type` is `AWS_SERVICE` (all acccount resources) this array should be a single item containing a wildcard (`\"*\"`).\n" } }, "type": "object", "required": [ "stackNames" ] }, "aws:devopsguru/ResourceCollectionTags:ResourceCollectionTags": { "properties": { "appBoundaryKey": { "type": "string", "description": "An AWS tag key that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this key make up your DevOps Guru application and analysis boundary. The key must begin with the prefix `DevOps-Guru-`. Any casing can be used for the prefix, but the associated tags __must use the same casing__ in their tag key.\n" }, "tagValues": { "type": "array", "items": { "type": "string" }, "description": "Array of tag values. These can be used to further filter for specific resources within the application boundary. To analyze all resources tagged with the `app_boundary_key` regardless of the corresponding tag value, this array should be a single item containing a wildcard (`\"*\"`).\n" } }, "type": "object", "required": [ "appBoundaryKey", "tagValues" ] }, "aws:devopsguru/ServiceIntegrationKmsServerSideEncryption:ServiceIntegrationKmsServerSideEncryption": { "properties": { "kmsKeyId": { "type": "string", "description": "KMS key ID. This value can be a key ID, key ARN, alias name, or alias ARN.\n" }, "optInStatus": { "type": "string", "description": "Specifies whether KMS integration is enabled. Valid values are `DISABLED` and `ENABLED`.\n" }, "type": { "type": "string", "description": "Type of KMS key used. Valid values are `CUSTOMER_MANAGED_KEY` and `AWS_OWNED_KMS_KEY`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId", "optInStatus", "type" ] } } }, "aws:devopsguru/ServiceIntegrationLogsAnomalyDetection:ServiceIntegrationLogsAnomalyDetection": { "properties": { "optInStatus": { "type": "string", "description": "Specifies if DevOps Guru is configured to perform log anomaly detection on CloudWatch log groups. Valid values are `DISABLED` and `ENABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "optInStatus" ] } } }, "aws:devopsguru/ServiceIntegrationOpsCenter:ServiceIntegrationOpsCenter": { "properties": { "optInStatus": { "type": "string", "description": "Specifies if DevOps Guru is enabled to create an AWS Systems Manager OpsItem for each created insight. Valid values are `DISABLED` and `ENABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "optInStatus" ] } } }, "aws:devopsguru/getNotificationChannelFilter:getNotificationChannelFilter": { "properties": { "messageTypes": { "type": "array", "items": { "type": "string" }, "description": "Events to receive notifications for.\n" }, "severities": { "type": "array", "items": { "type": "string" }, "description": "Severity levels to receive notifications for.\n" } }, "type": "object", "required": [ "messageTypes", "severities" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:devopsguru/getNotificationChannelSn:getNotificationChannelSn": { "properties": { "topicArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.\n" } }, "type": "object", "required": [ "topicArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:devopsguru/getResourceCollectionCloudformation:getResourceCollectionCloudformation": { "properties": { "stackNames": { "type": "array", "items": { "type": "string" }, "description": "Array of the names of the AWS CloudFormation stacks.\n" } }, "type": "object", "required": [ "stackNames" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:devopsguru/getResourceCollectionTag:getResourceCollectionTag": { "properties": { "appBoundaryKey": { "type": "string", "description": "An AWS tag key that is used to identify the AWS resources that DevOps Guru analyzes.\n" }, "tagValues": { "type": "array", "items": { "type": "string" }, "description": "Array of tag values.\n" } }, "type": "object", "required": [ "appBoundaryKey", "tagValues" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:directconnect/getRouterConfigurationRouter:getRouterConfigurationRouter": { "properties": { "platform": { "type": "string", "description": "Router platform\n" }, "routerTypeIdentifier": { "type": "string", "description": "ID of the Router Type. For example: `CiscoSystemsInc-2900SeriesRouters-IOS124`\n\nThere is currently no AWS API to retrieve the full list of `router_type_identifier` values. Here is a list of known `RouterType` objects that can be used:\n\n```json\n{\n\"routerTypes\": [\n{\"platform\":\"2900 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-2900SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"3700 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-3700SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"7200 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-7200SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"Nexus 7000 Series Switches\",\"routerTypeIdentifier\":\"CiscoSystemsInc-Nexus7000SeriesSwitches-NXOS51\",\"software\":\"NX-OS 5.1+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-switch-cisco-nexus-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"Nexus 9K+ Series Switches\",\"routerTypeIdentifier\":\"CiscoSystemsInc-Nexus9KSeriesSwitches-NXOS93\",\"software\":\"NX-OS 9.3+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-switch-cisco-nexus-generic.xslt\",\"xsltTemplateNameForMacSec\":\"customer-switch-cisco-nexus-generic-macsec.xslt\"},\n{\"platform\":\"M/MX Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-MMXSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"customer-router-juniper-generic-macsec.xslt\"},\n{\"platform\":\"SRX Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-SRXSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"T Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-TSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"PA-3000+ and 5000+ series\",\"routerTypeIdentifier\":\"PaloAltoNetworks-PA3000and5000series-PANOS803\",\"software\":\"PAN-OS 8.0.3+\",\"vendor\":\"Palo Alto Networks\",\"xsltTemplateName\":\"customer-router-palo-alto-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"}]\n}\n```\n" }, "software": { "type": "string", "description": "Router operating system\n" }, "vendor": { "type": "string", "description": "Router vendor\n" }, "xsltTemplateName": { "type": "string", "description": "Router XSLT Template Name\n" }, "xsltTemplateNameForMacSec": { "type": "string" } }, "type": "object", "required": [ "platform", "routerTypeIdentifier", "software", "vendor", "xsltTemplateName", "xsltTemplateNameForMacSec" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "connectIps": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the AD Connector servers.\n" }, "customerDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The DNS IP addresses of the domain to connect to.\n", "willReplaceOnChanges": true }, "customerUsername": { "type": "string", "description": "The username corresponding to the password provided.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The identifier of the VPC that the directory is in.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "connectIps", "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ] } } }, "aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs).\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The identifier of the VPC that the directory is in.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "subnetIds", "vpcId" ] } } }, "aws:directoryservice/ServiceRegionVpcSettings:ServiceRegionVpcSettings": { "properties": { "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets for the directory servers.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The identifier of the VPC in which to create the directory.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "subnetIds", "vpcId" ] }, "aws:directoryservice/SharedDirectoryTarget:SharedDirectoryTarget": { "properties": { "id": { "type": "string", "description": "Identifier of the directory consumer account.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of identifier to be used in the `id` field. Valid value is `ACCOUNT`. Default is `ACCOUNT`.\n" } }, "type": "object", "required": [ "id" ] }, "aws:directoryservice/getDirectoryConnectSetting:getDirectoryConnectSetting": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "connectIps": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the AD Connector servers.\n" }, "customerDnsIps": { "type": "array", "items": { "type": "string" }, "description": "DNS IP addresses of the domain to connect to.\n" }, "customerUsername": { "type": "string", "description": "Username corresponding to the password provided.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the subnets for the connector servers (2 subnets in 2 different AZs).\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that the connector is in.\n" } }, "type": "object", "required": [ "availabilityZones", "connectIps", "customerDnsIps", "customerUsername", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:directoryservice/getDirectoryRadiusSetting:getDirectoryRadiusSetting": { "properties": { "authenticationProtocol": { "type": "string", "description": "The protocol specified for your RADIUS endpoints.\n" }, "displayLabel": { "type": "string", "description": "Display label.\n" }, "radiusPort": { "type": "integer", "description": "Port that your RADIUS server is using for communications.\n" }, "radiusRetries": { "type": "integer", "description": "Maximum number of times that communication with the RADIUS server is attempted.\n" }, "radiusServers": { "type": "array", "items": { "type": "string" }, "description": "Set of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.\n" }, "radiusTimeout": { "type": "integer", "description": "Amount of time, in seconds, to wait for the RADIUS server to respond.\n" }, "useSameUsername": { "type": "boolean", "description": "Not currently used.\n" } }, "type": "object", "required": [ "authenticationProtocol", "displayLabel", "radiusPort", "radiusRetries", "radiusServers", "radiusTimeout", "useSameUsername" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:directoryservice/getDirectoryVpcSetting:getDirectoryVpcSetting": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the subnets for the connector servers (2 subnets in 2 different AZs).\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that the connector is in.\n" } }, "type": "object", "required": [ "availabilityZones", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails": { "properties": { "action": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsAction:LifecyclePolicyPolicyDetailsAction", "description": "The actions to be performed when the event-based policy is triggered. You can specify only one action per policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `action` configuration block.\n" }, "eventSource": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsEventSource:LifecyclePolicyPolicyDetailsEventSource", "description": "The event that triggers the event-based policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `event_source` configuration block.\n" }, "parameters": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsParameters:LifecyclePolicyPolicyDetailsParameters" }, "policyType": { "type": "string", "description": "The valid target resource types and actions a policy can manage. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account. Default value is `EBS_SNAPSHOT_MANAGEMENT`.\n" }, "resourceLocations": { "type": "string", "description": "The location of the resources to backup. If the source resources are located in an AWS Region, specify `CLOUD`. If the source resources are located on an Outpost in your account, specify `OUTPOST`. If you specify `OUTPOST`, Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account. Valid values are `CLOUD` and `OUTPOST`.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types that should be targeted by the lifecycle policy. Valid values are `VOLUME` and `INSTANCE`.\n" }, "schedules": { "type": "array", "items": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsSchedule:LifecyclePolicyPolicyDetailsSchedule" }, "description": "See the `schedule` configuration block.\n" }, "targetTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tag keys and their values. Any resources that match the `resource_types` and are tagged with _any_ of these tags will be targeted.\n\n\u003e Note: You cannot have overlapping lifecycle policies that share the same `target_tags`. Pulumi is unable to detect this at plan time but it will fail during apply.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "resourceLocations" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsAction:LifecyclePolicyPolicyDetailsAction": { "properties": { "crossRegionCopies": { "type": "array", "items": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopy:LifecyclePolicyPolicyDetailsActionCrossRegionCopy" }, "description": "The rule for copying shared snapshots across Regions. See the `cross_region_copy` configuration block.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "crossRegionCopies", "name" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopy:LifecyclePolicyPolicyDetailsActionCrossRegionCopy": { "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration:LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration", "description": "The encryption settings for the copied snapshot. See the `encryption_configuration` block. Max of 1 per action.\n" }, "retainRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule:LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule" }, "target": { "type": "string" } }, "type": "object", "required": [ "encryptionConfiguration", "target" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration:LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration": { "properties": { "cmkArn": { "type": "string" }, "encrypted": { "type": "boolean" } }, "type": "object" }, "aws:dlm/LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule:LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule": { "properties": { "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object", "required": [ "interval", "intervalUnit" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsEventSource:LifecyclePolicyPolicyDetailsEventSource": { "properties": { "parameters": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsEventSourceParameters:LifecyclePolicyPolicyDetailsEventSourceParameters" }, "type": { "type": "string", "description": "The source of the event. Currently only managed CloudWatch Events rules are supported. Valid values are `MANAGED_CWE`.\n" } }, "type": "object", "required": [ "parameters", "type" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsEventSourceParameters:LifecyclePolicyPolicyDetailsEventSourceParameters": { "properties": { "descriptionRegex": { "type": "string", "description": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n" }, "eventType": { "type": "string", "description": "The type of event. Currently, only `shareSnapshot` events are supported.\n" }, "snapshotOwners": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.\n" } }, "type": "object", "required": [ "descriptionRegex", "eventType", "snapshotOwners" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsParameters:LifecyclePolicyPolicyDetailsParameters": { "properties": { "excludeBootVolume": { "type": "boolean", "description": "Indicates whether to exclude the root volume from snapshots created using CreateSnapshots. The default is `false`.\n" }, "noReboot": { "type": "boolean", "description": "Applies to AMI lifecycle policies only. Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).\n" } }, "type": "object" }, "aws:dlm/LifecyclePolicyPolicyDetailsSchedule:LifecyclePolicyPolicyDetailsSchedule": { "properties": { "copyTags": { "type": "boolean", "willReplaceOnChanges": true }, "createRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleCreateRule:LifecyclePolicyPolicyDetailsScheduleCreateRule", "description": "See the `create_rule` block. Max of 1 per schedule.\n" }, "crossRegionCopyRules": { "type": "array", "items": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule" }, "description": "See the `cross_region_copy_rule` block. Max of 3 per schedule.\n" }, "deprecateRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleDeprecateRule:LifecyclePolicyPolicyDetailsScheduleDeprecateRule" }, "fastRestoreRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleFastRestoreRule:LifecyclePolicyPolicyDetailsScheduleFastRestoreRule", "description": "See the `fast_restore_rule` block. Max of 1 per schedule.\n" }, "name": { "type": "string" }, "retainRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleRetainRule:LifecyclePolicyPolicyDetailsScheduleRetainRule" }, "shareRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleShareRule:LifecyclePolicyPolicyDetailsScheduleShareRule", "description": "See the `share_rule` block. Max of 1 per schedule.\n" }, "tagsToAdd": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.\n" }, "variableTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tag keys and variable values, where the values are determined when the policy is executed. Only `$(instance-id)` or `$(timestamp)` are valid values. Can only be used when `resource_types` is `INSTANCE`.\n" } }, "type": "object", "required": [ "createRule", "name", "retainRule" ], "language": { "nodejs": { "requiredOutputs": [ "copyTags", "createRule", "name", "retainRule" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleCreateRule:LifecyclePolicyPolicyDetailsScheduleCreateRule": { "properties": { "cronExpression": { "type": "string", "description": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. Conflicts with `interval`, `interval_unit`, and `times`.\n" }, "interval": { "type": "integer" }, "intervalUnit": { "type": "string" }, "location": { "type": "string", "description": "Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD`. To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL`. If you omit this parameter, `CLOUD` is used by default. If the policy targets resources in an AWS Region, then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost. Valid values are `CLOUD` and `OUTPOST_LOCAL`.\n" }, "times": { "type": "string", "description": "A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1. Conflicts with `cron_expression`. Must be set if `interval` is set.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "intervalUnit", "location", "times" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule": { "properties": { "cmkArn": { "type": "string" }, "copyTags": { "type": "boolean" }, "deprecateRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule" }, "encrypted": { "type": "boolean" }, "retainRule": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule" }, "target": { "type": "string" } }, "type": "object", "required": [ "encrypted", "target" ], "language": { "nodejs": { "requiredOutputs": [ "copyTags", "encrypted", "target" ] } } }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule": { "properties": { "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object", "required": [ "interval", "intervalUnit" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule:LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule": { "properties": { "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object", "required": [ "interval", "intervalUnit" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleDeprecateRule:LifecyclePolicyPolicyDetailsScheduleDeprecateRule": { "properties": { "count": { "type": "integer" }, "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object" }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleFastRestoreRule:LifecyclePolicyPolicyDetailsScheduleFastRestoreRule": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The Availability Zones in which to enable fast snapshot restore.\n" }, "count": { "type": "integer" }, "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object", "required": [ "availabilityZones" ] }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleRetainRule:LifecyclePolicyPolicyDetailsScheduleRetainRule": { "properties": { "count": { "type": "integer" }, "interval": { "type": "integer" }, "intervalUnit": { "type": "string" } }, "type": "object" }, "aws:dlm/LifecyclePolicyPolicyDetailsScheduleShareRule:LifecyclePolicyPolicyDetailsScheduleShareRule": { "properties": { "targetAccounts": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the AWS accounts with which to share the snapshots.\n" }, "unshareInterval": { "type": "integer" }, "unshareIntervalUnit": { "type": "string" } }, "type": "object", "required": [ "targetAccounts" ] }, "aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings": { "properties": { "endpointUri": { "type": "string", "description": "Endpoint for the OpenSearch cluster.\n", "willReplaceOnChanges": true }, "errorRetryDuration": { "type": "integer", "description": "Maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster. Default is `300`.\n", "willReplaceOnChanges": true }, "fullLoadErrorPercentage": { "type": "integer", "description": "Maximum percentage of records that can fail to be written before a full load operation stops. Default is `10`.\n", "willReplaceOnChanges": true }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM Role with permissions to write to the OpenSearch cluster.\n", "willReplaceOnChanges": true }, "useNewMappingType": { "type": "boolean", "description": "Enable to migrate documentation using the documentation type `_doc`. OpenSearch and an Elasticsearch clusters only support the _doc documentation type in versions 7.x and later. The default value is `false`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "endpointUri", "serviceAccessRoleArn" ] }, "aws:dms/EndpointKafkaSettings:EndpointKafkaSettings": { "properties": { "broker": { "type": "string", "description": "Kafka broker location. Specify in the form broker-hostname-or-ip:port.\n" }, "includeControlDetails": { "type": "boolean", "description": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. Default is `false`.\n" }, "includeNullAndEmpty": { "type": "boolean", "description": "Include NULL and empty columns for records migrated to the endpoint. Default is `false`.\n" }, "includePartitionValue": { "type": "boolean", "description": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type`. Default is `false`.\n" }, "includeTableAlterOperations": { "type": "boolean", "description": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table`, `drop-table`, `add-column`, `drop-column`, and `rename-column`. Default is `false`.\n" }, "includeTransactionDetails": { "type": "boolean", "description": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id`, previous `transaction_id`, and `transaction_record_id` (the record offset within a transaction). Default is `false`.\n" }, "messageFormat": { "type": "string", "description": "Output format for the records created on the endpoint. Message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).\n" }, "messageMaxBytes": { "type": "integer", "description": "Maximum size in bytes for records created on the endpoint Default is `1,000,000`.\n" }, "noHexPrefix": { "type": "boolean", "description": "Set this optional parameter to true to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `no_hex_prefix` endpoint setting to enable migration of RAW data type columns without adding the `'0x'` prefix.\n" }, "partitionIncludeSchemaTable": { "type": "boolean", "description": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type`. Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. Default is `false`.\n" }, "saslPassword": { "type": "string", "description": "Secure password you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.\n", "secret": true }, "saslUsername": { "type": "string", "description": "Secure user name you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.\n" }, "securityProtocol": { "type": "string", "description": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption`, `ssl-authentication`, and `sasl-ssl`. `sasl-ssl` requires `sasl_username` and `sasl_password`.\n" }, "sslCaCertificateArn": { "type": "string", "description": "ARN for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.\n" }, "sslClientCertificateArn": { "type": "string", "description": "ARN of the client certificate used to securely connect to a Kafka target endpoint.\n" }, "sslClientKeyArn": { "type": "string", "description": "ARN for the client private key used to securely connect to a Kafka target endpoint.\n" }, "sslClientKeyPassword": { "type": "string", "description": "Password for the client private key used to securely connect to a Kafka target endpoint.\n", "secret": true }, "topic": { "type": "string", "description": "Kafka topic for migration. Default is `kafka-default-topic`.\n" } }, "type": "object", "required": [ "broker" ] }, "aws:dms/EndpointKinesisSettings:EndpointKinesisSettings": { "properties": { "includeControlDetails": { "type": "boolean", "description": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. Default is `false`.\n" }, "includeNullAndEmpty": { "type": "boolean", "description": "Include NULL and empty columns in the target. Default is `false`.\n" }, "includePartitionValue": { "type": "boolean", "description": "Shows the partition value within the Kinesis message output, unless the partition type is schema-table-type. Default is `false`.\n" }, "includeTableAlterOperations": { "type": "boolean", "description": "Includes any data definition language (DDL) operations that change the table in the control data. Default is `false`.\n" }, "includeTransactionDetails": { "type": "boolean", "description": "Provides detailed transaction information from the source database. Default is `false`.\n" }, "messageFormat": { "type": "string", "description": "Output format for the records created. Default is `json`. Valid values are `json` and `json-unformatted` (a single line with no tab).\n", "willReplaceOnChanges": true }, "partitionIncludeSchemaTable": { "type": "boolean", "description": "Prefixes schema and table names to partition values, when the partition type is primary-key-type. Default is `false`.\n" }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM Role with permissions to write to the Kinesis data stream.\n" }, "streamArn": { "type": "string", "description": "ARN of the Kinesis data stream.\n" } }, "type": "object" }, "aws:dms/EndpointMongodbSettings:EndpointMongodbSettings": { "properties": { "authMechanism": { "type": "string", "description": "Authentication mechanism to access the MongoDB source endpoint. Default is `default`.\n" }, "authSource": { "type": "string", "description": "Authentication database name. Not used when `auth_type` is `no`. Default is `admin`.\n" }, "authType": { "type": "string", "description": "Authentication type to access the MongoDB source endpoint. Default is `password`.\n" }, "docsToInvestigate": { "type": "string", "description": "Number of documents to preview to determine the document organization. Use this setting when `nesting_level` is set to `one`. Default is `1000`.\n" }, "extractDocId": { "type": "string", "description": "Document ID. Use this setting when `nesting_level` is set to `none`. Default is `false`.\n" }, "nestingLevel": { "type": "string", "description": "Specifies either document or table mode. Default is `none`. Valid values are `one` (table mode) and `none` (document mode).\n" } }, "type": "object" }, "aws:dms/EndpointPostgresSettings:EndpointPostgresSettings": { "properties": { "afterConnectScript": { "type": "string", "description": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n" }, "babelfishDatabaseName": { "type": "string", "description": "The Babelfish for Aurora PostgreSQL database name for the endpoint.\n" }, "captureDdls": { "type": "boolean", "description": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts.\n" }, "databaseMode": { "type": "string", "description": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.\n" }, "ddlArtifactsSchema": { "type": "string", "description": "Sets the schema in which the operational DDL database artifacts are created. Default is `public`.\n" }, "executeTimeout": { "type": "integer", "description": "Sets the client statement timeout for the PostgreSQL instance, in seconds. Default value is `60`.\n" }, "failTasksOnLobTruncation": { "type": "boolean", "description": "When set to `true`, this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize`. Default is `false`.\n" }, "heartbeatEnable": { "type": "boolean", "description": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source.\n" }, "heartbeatFrequency": { "type": "integer", "description": "Sets the WAL heartbeat frequency (in minutes). Default value is `5`.\n" }, "heartbeatSchema": { "type": "string", "description": "Sets the schema in which the heartbeat artifacts are created. Default value is `public`.\n" }, "mapBooleanAsBoolean": { "type": "boolean", "description": "You can use PostgreSQL endpoint settings to map a boolean as a boolean from your PostgreSQL source to a Amazon Redshift target. Default value is `false`.\n" }, "mapJsonbAsClob": { "type": "boolean", "description": "Optional When true, DMS migrates JSONB values as CLOB.\n" }, "mapLongVarcharAs": { "type": "string", "description": "Optional When true, DMS migrates LONG values as VARCHAR.\n" }, "maxFileSize": { "type": "integer", "description": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL. Default is `32,768 KB`.\n" }, "pluginName": { "type": "string", "description": "Specifies the plugin to use to create a replication slot. Valid values: `pglogical`, `test_decoding`.\n" }, "slotName": { "type": "string", "description": "Sets the name of a previously created logical replication slot for a CDC load of the PostgreSQL source instance.\n" } }, "type": "object" }, "aws:dms/EndpointRedisSettings:EndpointRedisSettings": { "properties": { "authPassword": { "type": "string", "description": "The password provided with the auth-role and auth-token options of the AuthType setting for a Redis target endpoint.\n", "secret": true }, "authType": { "type": "string", "description": "The type of authentication to perform when connecting to a Redis target. Options include `none`, `auth-token`, and `auth-role`. The `auth-token` option requires an `auth_password` value to be provided. The `auth-role` option requires `auth_user_name` and `auth_password` values to be provided.\n" }, "authUserName": { "type": "string", "description": "The username provided with the `auth-role` option of the AuthType setting for a Redis target endpoint.\n" }, "port": { "type": "integer", "description": "Transmission Control Protocol (TCP) port for the endpoint.\n" }, "serverName": { "type": "string", "description": "Fully qualified domain name of the endpoint.\n" }, "sslCaCertificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.\n" }, "sslSecurityProtocol": { "type": "string", "description": "The plaintext option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database. Options include `plaintext`, `ssl-encryption`. The default is `ssl-encryption`.\n" } }, "type": "object", "required": [ "authType", "port", "serverName" ] }, "aws:dms/EndpointRedshiftSettings:EndpointRedshiftSettings": { "properties": { "bucketFolder": { "type": "string", "description": "Custom S3 Bucket Object prefix for intermediate storage.\n" }, "bucketName": { "type": "string", "description": "Custom S3 Bucket name for intermediate storage.\n" }, "encryptionMode": { "type": "string", "description": "The server-side encryption mode that you want to encrypt your intermediate .csv object files copied to S3. Defaults to `SSE_S3`. Valid values are `SSE_S3` and `SSE_KMS`.\n" }, "serverSideEncryptionKmsKeyId": { "type": "string", "description": "ARN or Id of KMS Key to use when `encryption_mode` is `SSE_KMS`.\n" }, "serviceAccessRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role with permissions to read from or write to the S3 Bucket for intermediate storage.\n" } }, "type": "object" }, "aws:dms/EndpointS3Settings:EndpointS3Settings": { "properties": { "addColumnName": { "type": "boolean", "description": "Whether to add column name information to the .csv output file. Default is `false`.\n" }, "bucketFolder": { "type": "string", "description": "S3 object prefix.\n" }, "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "cannedAclForObjects": { "type": "string", "description": "Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`.\n" }, "cdcInsertsAndUpdates": { "type": "boolean", "description": "Whether to write insert and update operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcInsertsOnly": { "type": "boolean", "description": "Whether to write insert operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcMaxBatchInterval": { "type": "integer", "description": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. Default is `60`.\n" }, "cdcMinFileSize": { "type": "integer", "description": "Minimum file size condition as defined in kilobytes to output a file to Amazon S3. Default is `32000`. **NOTE:** Previously, this setting was measured in megabytes but now represents kilobytes. Update configurations accordingly.\n" }, "cdcPath": { "type": "string", "description": "Folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `cdc_path` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later.\n" }, "compressionType": { "type": "string", "description": "Set to compress target files. Default is `NONE`. Valid values are `GZIP` and `NONE`.\n" }, "csvDelimiter": { "type": "string", "description": "Delimiter used to separate columns in the source files. Default is `,`.\n" }, "csvNoSupValue": { "type": "string", "description": "String to use for all columns not included in the supplemental log.\n" }, "csvNullValue": { "type": "string", "description": "String to as null when writing to the target.\n" }, "csvRowDelimiter": { "type": "string", "description": "Delimiter used to separate rows in the source files. Default is `\\n`.\n" }, "dataFormat": { "type": "string", "description": "Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. Default is `csv`.\n" }, "dataPageSize": { "type": "integer", "description": "Size of one data page in bytes. Default is `1048576` (1 MiB).\n" }, "datePartitionDelimiter": { "type": "string", "description": "Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. Default is `SLASH`.\n" }, "datePartitionEnabled": { "type": "boolean", "description": "Partition S3 bucket folders based on transaction commit dates. Default is `false`.\n" }, "datePartitionSequence": { "type": "string", "description": "Date format to use during folder partitioning. Use this parameter when `date_partition_enabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. Default is `YYYYMMDD`.\n" }, "dictPageSizeLimit": { "type": "integer", "description": "Maximum size in bytes of an encoded dictionary page of a column. Default is `1048576` (1 MiB).\n" }, "enableStatistics": { "type": "boolean", "description": "Whether to enable statistics for Parquet pages and row groups. Default is `true`.\n" }, "encodingType": { "type": "string", "description": "Type of encoding to use. Value values are `rle_dictionary`, `plain`, and `plain_dictionary`. Default is `rle_dictionary`.\n" }, "encryptionMode": { "type": "string", "description": "Server-side encryption mode that you want to encrypt your .csv or .parquet object files copied to S3. Valid values are `SSE_S3` and `SSE_KMS`. Default is `SSE_S3`.\n" }, "externalTableDefinition": { "type": "string", "description": "JSON document that describes how AWS DMS should interpret the data.\n" }, "glueCatalogGeneration": { "type": "boolean", "description": "Whether to integrate AWS Glue Data Catalog with an Amazon S3 target. See [Using AWS Glue Data Catalog with an Amazon S3 target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.GlueCatalog) for more information. Default is `false`.\n" }, "ignoreHeaderRows": { "type": "integer", "description": "When this value is set to `1`, DMS ignores the first row header in a .csv file. Default is `0`.\n" }, "includeOpForFullLoad": { "type": "boolean", "description": "Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`.\n" }, "maxFileSize": { "type": "integer", "description": "Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. Default is `1048576` (1 GB).\n" }, "parquetTimestampInMillisecond": { "type": "boolean", "description": "Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`.\n" }, "parquetVersion": { "type": "string", "description": "Version of the .parquet file format. Default is `parquet-1-0`. Valid values are `parquet-1-0` and `parquet-2-0`.\n" }, "preserveTransactions": { "type": "boolean", "description": "Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdc_path`. Default is `false`.\n" }, "rfc4180": { "type": "boolean", "description": "For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`.\n" }, "rowGroupLength": { "type": "integer", "description": "Number of rows in a row group. Default is `10000`.\n" }, "serverSideEncryptionKmsKeyId": { "type": "string", "description": "ARN or Id of KMS Key to use when `encryption_mode` is `SSE_KMS`.\n" }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM Role with permissions to read from or write to the S3 Bucket.\n" }, "timestampColumnName": { "type": "string", "description": "Column to add with timestamp information to the endpoint data for an Amazon S3 target.\n" }, "useCsvNoSupValue": { "type": "boolean", "description": "Whether to use `csv_no_sup_value` for columns not included in the supplemental log.\n" }, "useTaskStartTimeForFullLoadTimestamp": { "type": "boolean", "description": "When set to true, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to true, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time. When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`.\n" } }, "type": "object" }, "aws:dms/ReplicationConfigComputeConfig:ReplicationConfigComputeConfig": { "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the DMS Serverless replication using this configuration will run. The default value is a random.\n", "willReplaceOnChanges": true }, "dnsNameServers": { "type": "string", "description": "A list of custom DNS name servers supported for the DMS Serverless replication to access your source or target database.\n" }, "kmsKeyId": { "type": "string", "description": "An Key Management Service (KMS) key Amazon Resource Name (ARN) that is used to encrypt the data during DMS Serverless replication. If you don't specify a value for the KmsKeyId parameter, DMS uses your default encryption key.\n", "willReplaceOnChanges": true }, "maxCapacityUnits": { "type": "integer", "description": "Specifies the maximum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 2 DCUs as the minimum value allowed. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384.\n" }, "minCapacityUnits": { "type": "integer", "description": "Specifies the minimum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. If this value isn't set DMS scans the current activity of available source tables to identify an optimum setting for this parameter.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n- Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.\n- Format: `ddd:hh24:mi-ddd:hh24:mi`\n- Valid Days: `mon, tue, wed, thu, fri, sat, sun`\n- Constraints: Minimum 30-minute window.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "Specifies a subnet group identifier to associate with the DMS Serverless replication.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies the virtual private cloud (VPC) security group to use with the DMS Serverless replication. The VPC security group must work with the VPC containing the replication.\n" } }, "type": "object", "required": [ "replicationSubnetGroupId" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZone", "kmsKeyId", "multiAz", "preferredMaintenanceWindow", "replicationSubnetGroupId", "vpcSecurityGroupIds" ] } } }, "aws:dms/getEndpointElasticsearchSetting:getEndpointElasticsearchSetting": { "properties": { "endpointUri": { "type": "string" }, "errorRetryDuration": { "type": "integer" }, "fullLoadErrorPercentage": { "type": "integer" }, "serviceAccessRoleArn": { "type": "string" } }, "type": "object", "required": [ "endpointUri", "errorRetryDuration", "fullLoadErrorPercentage", "serviceAccessRoleArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointKafkaSetting:getEndpointKafkaSetting": { "properties": { "broker": { "type": "string" }, "includeControlDetails": { "type": "boolean" }, "includeNullAndEmpty": { "type": "boolean" }, "includePartitionValue": { "type": "boolean" }, "includeTableAlterOperations": { "type": "boolean" }, "includeTransactionDetails": { "type": "boolean" }, "messageFormat": { "type": "string" }, "messageMaxBytes": { "type": "integer" }, "noHexPrefix": { "type": "boolean" }, "partitionIncludeSchemaTable": { "type": "boolean" }, "saslPassword": { "type": "string" }, "saslUsername": { "type": "string" }, "securityProtocol": { "type": "string" }, "sslCaCertificateArn": { "type": "string" }, "sslClientCertificateArn": { "type": "string" }, "sslClientKeyArn": { "type": "string" }, "sslClientKeyPassword": { "type": "string" }, "topic": { "type": "string" } }, "type": "object", "required": [ "broker", "includeControlDetails", "includeNullAndEmpty", "includePartitionValue", "includeTableAlterOperations", "includeTransactionDetails", "messageFormat", "messageMaxBytes", "noHexPrefix", "partitionIncludeSchemaTable", "saslPassword", "saslUsername", "securityProtocol", "sslCaCertificateArn", "sslClientCertificateArn", "sslClientKeyArn", "sslClientKeyPassword", "topic" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointKinesisSetting:getEndpointKinesisSetting": { "properties": { "includeControlDetails": { "type": "boolean" }, "includeNullAndEmpty": { "type": "boolean" }, "includePartitionValue": { "type": "boolean" }, "includeTableAlterOperations": { "type": "boolean" }, "includeTransactionDetails": { "type": "boolean" }, "messageFormat": { "type": "string" }, "partitionIncludeSchemaTable": { "type": "boolean" }, "serviceAccessRoleArn": { "type": "string" }, "streamArn": { "type": "string" } }, "type": "object", "required": [ "includeControlDetails", "includeNullAndEmpty", "includePartitionValue", "includeTableAlterOperations", "includeTransactionDetails", "messageFormat", "partitionIncludeSchemaTable", "serviceAccessRoleArn", "streamArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointMongodbSetting:getEndpointMongodbSetting": { "properties": { "authMechanism": { "type": "string" }, "authSource": { "type": "string" }, "authType": { "type": "string" }, "docsToInvestigate": { "type": "string" }, "extractDocId": { "type": "string" }, "nestingLevel": { "type": "string" } }, "type": "object", "required": [ "authMechanism", "authSource", "authType", "docsToInvestigate", "extractDocId", "nestingLevel" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointPostgresSetting:getEndpointPostgresSetting": { "properties": { "afterConnectScript": { "type": "string" }, "babelfishDatabaseName": { "type": "string" }, "captureDdls": { "type": "boolean" }, "databaseMode": { "type": "string" }, "ddlArtifactsSchema": { "type": "string" }, "executeTimeout": { "type": "integer" }, "failTasksOnLobTruncation": { "type": "boolean" }, "heartbeatEnable": { "type": "boolean" }, "heartbeatFrequency": { "type": "integer" }, "heartbeatSchema": { "type": "string" }, "mapBooleanAsBoolean": { "type": "boolean" }, "mapJsonbAsClob": { "type": "boolean" }, "mapLongVarcharAs": { "type": "string" }, "maxFileSize": { "type": "integer" }, "pluginName": { "type": "string" }, "slotName": { "type": "string" } }, "type": "object", "required": [ "afterConnectScript", "babelfishDatabaseName", "captureDdls", "databaseMode", "ddlArtifactsSchema", "executeTimeout", "failTasksOnLobTruncation", "heartbeatEnable", "heartbeatFrequency", "heartbeatSchema", "mapBooleanAsBoolean", "mapJsonbAsClob", "mapLongVarcharAs", "maxFileSize", "pluginName", "slotName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointRedisSetting:getEndpointRedisSetting": { "properties": { "authPassword": { "type": "string" }, "authType": { "type": "string" }, "authUserName": { "type": "string" }, "port": { "type": "integer" }, "serverName": { "type": "string" }, "sslCaCertificateArn": { "type": "string" }, "sslSecurityProtocol": { "type": "string" } }, "type": "object", "required": [ "authPassword", "authType", "authUserName", "port", "serverName", "sslCaCertificateArn", "sslSecurityProtocol" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointRedshiftSetting:getEndpointRedshiftSetting": { "properties": { "bucketFolder": { "type": "string" }, "bucketName": { "type": "string" }, "encryptionMode": { "type": "string" }, "serverSideEncryptionKmsKeyId": { "type": "string" }, "serviceAccessRoleArn": { "type": "string" } }, "type": "object", "required": [ "bucketFolder", "bucketName", "encryptionMode", "serverSideEncryptionKmsKeyId", "serviceAccessRoleArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dms/getEndpointS3Setting:getEndpointS3Setting": { "properties": { "addColumnName": { "type": "boolean" }, "bucketFolder": { "type": "string" }, "bucketName": { "type": "string" }, "cannedAclForObjects": { "type": "string" }, "cdcInsertsAndUpdates": { "type": "boolean" }, "cdcInsertsOnly": { "type": "boolean" }, "cdcMaxBatchInterval": { "type": "integer" }, "cdcMinFileSize": { "type": "integer" }, "cdcPath": { "type": "string" }, "compressionType": { "type": "string" }, "csvDelimiter": { "type": "string" }, "csvNoSupValue": { "type": "string" }, "csvNullValue": { "type": "string" }, "csvRowDelimiter": { "type": "string" }, "dataFormat": { "type": "string" }, "dataPageSize": { "type": "integer" }, "datePartitionDelimiter": { "type": "string" }, "datePartitionEnabled": { "type": "boolean" }, "datePartitionSequence": { "type": "string" }, "dictPageSizeLimit": { "type": "integer" }, "enableStatistics": { "type": "boolean" }, "encodingType": { "type": "string" }, "encryptionMode": { "type": "string" }, "externalTableDefinition": { "type": "string" }, "glueCatalogGeneration": { "type": "boolean" }, "ignoreHeaderRows": { "type": "integer" }, "ignoreHeadersRow": { "type": "integer" }, "includeOpForFullLoad": { "type": "boolean" }, "maxFileSize": { "type": "integer" }, "parquetTimestampInMillisecond": { "type": "boolean" }, "parquetVersion": { "type": "string" }, "preserveTransactions": { "type": "boolean" }, "rfc4180": { "type": "boolean" }, "rowGroupLength": { "type": "integer" }, "serverSideEncryptionKmsKeyId": { "type": "string" }, "serviceAccessRoleArn": { "type": "string" }, "timestampColumnName": { "type": "string" }, "useCsvNoSupValue": { "type": "boolean" }, "useTaskStartTimeForFullLoadTimestamp": { "type": "boolean" } }, "type": "object", "required": [ "addColumnName", "bucketFolder", "bucketName", "cannedAclForObjects", "cdcInsertsAndUpdates", "cdcInsertsOnly", "cdcMaxBatchInterval", "cdcMinFileSize", "cdcPath", "compressionType", "csvDelimiter", "csvNoSupValue", "csvNullValue", "csvRowDelimiter", "dataFormat", "dataPageSize", "datePartitionDelimiter", "datePartitionEnabled", "datePartitionSequence", "dictPageSizeLimit", "enableStatistics", "encodingType", "encryptionMode", "externalTableDefinition", "glueCatalogGeneration", "ignoreHeaderRows", "ignoreHeadersRow", "includeOpForFullLoad", "maxFileSize", "parquetTimestampInMillisecond", "parquetVersion", "preserveTransactions", "rfc4180", "rowGroupLength", "serverSideEncryptionKmsKeyId", "serviceAccessRoleArn", "timestampColumnName", "useCsvNoSupValue", "useTaskStartTimeForFullLoadTimestamp" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n" }, "name": { "type": "string", "description": "The name of the DocumentDB parameter.\n" }, "value": { "type": "string", "description": "The value of the DocumentDB parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:docdb/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime": { "properties": { "restoreToTime": { "type": "string", "description": "The date and time to restore from. Value must be a time in Universal Coordinated Time (UTC) format and must be before the latest restorable time for the DB instance. Cannot be specified with `use_latest_restorable_time`.\n", "willReplaceOnChanges": true }, "restoreType": { "type": "string", "description": "The type of restore to be performed. Valid values are `full-copy`, `copy-on-write`.\n", "willReplaceOnChanges": true }, "sourceClusterIdentifier": { "type": "string", "description": "The identifier of the source DB cluster from which to restore. Must match the identifier of an existing DB cluster.\n", "willReplaceOnChanges": true }, "useLatestRestorableTime": { "type": "boolean", "description": "A boolean value that indicates whether the DB cluster is restored from the latest backup time. Defaults to `false`. Cannot be specified with `restore_to_time`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "sourceClusterIdentifier" ] }, "aws:docdb/ElasticClusterTimeouts:ElasticClusterTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:docdb/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember": { "properties": { "dbClusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of member DB Cluster.\n" }, "isWriter": { "type": "boolean", "description": "Whether the member is the primary DB Cluster.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dbClusterArn", "isWriter" ] } } }, "aws:drs/ReplicationConfigurationTemplatePitPolicy:ReplicationConfigurationTemplatePitPolicy": { "properties": { "enabled": { "type": "boolean", "description": "Whether this rule is enabled or not.\n" }, "interval": { "type": "integer", "description": "How often, in the chosen units, a snapshot should be taken.\n" }, "retentionDuration": { "type": "integer", "description": "Duration to retain a snapshot for, in the chosen `units`.\n" }, "ruleId": { "type": "integer", "description": "ID of the rule. Valid values are integers.\n" }, "units": { "type": "string", "description": "Units used to measure the `interval` and `retention_duration`. Valid values are `MINUTE`, `HOUR`, and `DAY`.\n" } }, "type": "object", "required": [ "interval", "retentionDuration", "units" ] }, "aws:drs/ReplicationConfigurationTemplateTimeouts:ReplicationConfigurationTemplateTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:dynamodb/GlobalTableReplica:GlobalTableReplica": { "properties": { "regionName": { "type": "string", "description": "AWS region name of replica DynamoDB TableE.g., `us-east-1`\n" } }, "type": "object", "required": [ "regionName" ] }, "aws:dynamodb/TableAttribute:TableAttribute": { "properties": { "name": { "type": "string", "description": "Name of the attribute\n" }, "type": { "type": "string", "description": "Attribute type. Valid values are `S` (string), `N` (number), `B` (binary).\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex": { "properties": { "hashKey": { "type": "string", "description": "Name of the hash key in the index; must be defined as an attribute in the resource.\n" }, "name": { "type": "string", "description": "Name of the index.\n" }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "description": "Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table.\n" }, "projectionType": { "type": "string", "description": "One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hash_key and sort_key attributes , `INCLUDE` projects into the index all of the attributes that are defined in `non_key_attributes` in addition to the attributes that that`KEYS_ONLY` project.\n" }, "rangeKey": { "type": "string", "description": "Name of the range key; must be defined\n" }, "readCapacity": { "type": "integer", "description": "Number of read units for this index. Must be set if billing_mode is set to PROVISIONED.\n" }, "writeCapacity": { "type": "integer", "description": "Number of write units for this index. Must be set if billing_mode is set to PROVISIONED.\n" } }, "type": "object", "required": [ "hashKey", "name", "projectionType" ] }, "aws:dynamodb/TableImportTable:TableImportTable": { "properties": { "inputCompressionType": { "type": "string", "description": "Type of compression to be used on the input coming from the imported table.\nValid values are `GZIP`, `ZSTD` and `NONE`.\n" }, "inputFormat": { "type": "string", "description": "The format of the source data.\nValid values are `CSV`, `DYNAMODB_JSON`, and `ION`.\n" }, "inputFormatOptions": { "$ref": "#/types/aws:dynamodb/TableImportTableInputFormatOptions:TableImportTableInputFormatOptions", "description": "Describe the format options for the data that was imported into the target table.\nThere is one value, `csv`.\nSee below.\n" }, "s3BucketSource": { "$ref": "#/types/aws:dynamodb/TableImportTableS3BucketSource:TableImportTableS3BucketSource", "description": "Values for the S3 bucket the source file is imported from.\nSee below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "inputFormat", "s3BucketSource" ] }, "aws:dynamodb/TableImportTableInputFormatOptions:TableImportTableInputFormatOptions": { "properties": { "csv": { "$ref": "#/types/aws:dynamodb/TableImportTableInputFormatOptionsCsv:TableImportTableInputFormatOptionsCsv", "description": "This block contains the processing options for the CSV file being imported:\n" } }, "type": "object" }, "aws:dynamodb/TableImportTableInputFormatOptionsCsv:TableImportTableInputFormatOptionsCsv": { "properties": { "delimiter": { "type": "string", "description": "The delimiter used for separating items in the CSV file being imported.\n" }, "headerLists": { "type": "array", "items": { "type": "string" }, "description": "List of the headers used to specify a common header for all source CSV files being imported.\n" } }, "type": "object" }, "aws:dynamodb/TableImportTableS3BucketSource:TableImportTableS3BucketSource": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket that is being imported from.\n" }, "bucketOwner": { "type": "string", "description": "The account number of the S3 bucket that is being imported from.\n" }, "keyPrefix": { "type": "string", "description": "The key prefix shared by all S3 Objects that are being imported.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex": { "properties": { "name": { "type": "string", "description": "Name of the index\n", "willReplaceOnChanges": true }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" }, "description": "Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table.\n", "willReplaceOnChanges": true }, "projectionType": { "type": "string", "description": "One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hash_key and sort_key attributes , `INCLUDE` projects into the index all of the attributes that are defined in `non_key_attributes` in addition to the attributes that that`KEYS_ONLY` project.\n", "willReplaceOnChanges": true }, "rangeKey": { "type": "string", "description": "Name of the range key.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "projectionType", "rangeKey" ] }, "aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable point-in-time recovery. It can take 10 minutes to enable for new tables. If the `point_in_time_recovery` block is not provided, this defaults to `false`.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:dynamodb/TableReplica:TableReplica": { "properties": { "arn": { "type": "string", "description": "ARN of the table\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.\n" }, "pointInTimeRecovery": { "type": "boolean", "description": "Whether to enable Point In Time Recovery for the replica. Default is `false`.\n" }, "propagateTags": { "type": "boolean", "description": "Whether to propagate the global table's tags to a replica. Default is `false`. Changes to tags only move in one direction: from global (source) to replica. In other words, tag drift on a replica will not trigger an update. Tag or replica changes on the global table, whether from drift or configuration changes, are propagated to replicas. Changing from `true` to `false` on a subsequent `apply` means replica tags are left as they were, unmanaged, not deleted.\n" }, "regionName": { "type": "string", "description": "Region name of the replica.\n" }, "streamArn": { "type": "string", "description": "ARN of the Table Stream. Only available when `stream_enabled = true`\n" }, "streamLabel": { "type": "string", "description": "Timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not a unique identifier for the stream on its own. However, the combination of AWS customer ID, table name and this field is guaranteed to be unique. It can be used for creating CloudWatch Alarms. Only available when `stream_enabled = true`.\n" } }, "type": "object", "required": [ "regionName" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "kmsKeyArn", "regionName", "streamArn", "streamLabel" ] } } }, "aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK). If `enabled` is `false` then server-side encryption is set to AWS-_owned_ key (shown as `DEFAULT` in the AWS console). Potentially confusingly, if `enabled` is `true` and no `kms_key_arn` is specified then server-side encryption is set to the _default_ KMS-_managed_ key (shown as `KMS` in the AWS console). The [AWS KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) explains the difference between AWS-_owned_ and KMS-_managed_ keys.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "kmsKeyArn" ] } } }, "aws:dynamodb/TableTtl:TableTtl": { "properties": { "attributeName": { "type": "string", "description": "Name of the table attribute to store the TTL timestamp in.\nRequired if `enabled` is `true`, must not be set otherwise.\n" }, "enabled": { "type": "boolean", "description": "Whether TTL is enabled.\nDefault value is `false`.\n" } }, "type": "object" }, "aws:dynamodb/getTableAttribute:getTableAttribute": { "properties": { "name": { "type": "string", "description": "Name of the DynamoDB table.\n" }, "type": { "type": "string" } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableGlobalSecondaryIndex:getTableGlobalSecondaryIndex": { "properties": { "hashKey": { "type": "string" }, "name": { "type": "string", "description": "Name of the DynamoDB table.\n" }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" } }, "projectionType": { "type": "string" }, "rangeKey": { "type": "string" }, "readCapacity": { "type": "integer" }, "writeCapacity": { "type": "integer" } }, "type": "object", "required": [ "hashKey", "name", "nonKeyAttributes", "projectionType", "rangeKey", "readCapacity", "writeCapacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableLocalSecondaryIndex:getTableLocalSecondaryIndex": { "properties": { "name": { "type": "string", "description": "Name of the DynamoDB table.\n" }, "nonKeyAttributes": { "type": "array", "items": { "type": "string" } }, "projectionType": { "type": "string" }, "rangeKey": { "type": "string" } }, "type": "object", "required": [ "name", "nonKeyAttributes", "projectionType", "rangeKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTablePointInTimeRecovery:getTablePointInTimeRecovery": { "properties": { "enabled": { "type": "boolean" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableReplica:getTableReplica": { "properties": { "kmsKeyArn": { "type": "string" }, "regionName": { "type": "string" } }, "type": "object", "required": [ "kmsKeyArn", "regionName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption": { "properties": { "enabled": { "type": "boolean" }, "kmsKeyArn": { "type": "string" } }, "type": "object", "required": [ "enabled", "kmsKeyArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:dynamodb/getTableTtl:getTableTtl": { "properties": { "attributeName": { "type": "string" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "attributeName", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ebs/FastSnapshotRestoreTimeouts:FastSnapshotRestoreTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:ebs/SnapshotImportClientData:SnapshotImportClientData": { "properties": { "comment": { "type": "string", "description": "A user-defined comment about the disk upload.\n", "willReplaceOnChanges": true }, "uploadEnd": { "type": "string", "description": "The time that the disk upload ends.\n" }, "uploadSize": { "type": "number", "description": "The size of the uploaded disk image, in GiB.\n" }, "uploadStart": { "type": "string", "description": "The time that the disk upload starts.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "uploadEnd", "uploadSize", "uploadStart" ] } } }, "aws:ebs/SnapshotImportDiskContainer:SnapshotImportDiskContainer": { "properties": { "description": { "type": "string", "description": "The description of the disk image being imported.\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of the disk image being imported. One of `VHD` or `VMDK`.\n", "willReplaceOnChanges": true }, "url": { "type": "string", "description": "The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon S3 URL (s3://..). One of `url` or `user_bucket` must be set.\n", "willReplaceOnChanges": true }, "userBucket": { "$ref": "#/types/aws:ebs/SnapshotImportDiskContainerUserBucket:SnapshotImportDiskContainerUserBucket", "description": "The Amazon S3 bucket for the disk image. One of `url` or `user_bucket` must be set. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "format" ] }, "aws:ebs/SnapshotImportDiskContainerUserBucket:SnapshotImportDiskContainerUserBucket": { "properties": { "s3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket where the disk image is located.\n", "willReplaceOnChanges": true }, "s3Key": { "type": "string", "description": "The file name of the disk image.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3Bucket", "s3Key" ] }, "aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html).\nFor example, if matching against the `size` filter, use:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tenOrTwentyGbVolumes = aws.ebs.getEbsVolumes({\n filters: [{\n name: \"size\",\n values: [\n \"10\",\n \"20\",\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nten_or_twenty_gb_volumes = aws.ebs.get_ebs_volumes(filters=[{\n \"name\": \"size\",\n \"values\": [\n \"10\",\n \"20\",\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tenOrTwentyGbVolumes = Aws.Ebs.GetEbsVolumes.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ebs.Inputs.GetEbsVolumesFilterInputArgs\n {\n Name = \"size\",\n Values = new[]\n {\n \"10\",\n \"20\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.GetEbsVolumes(ctx, \u0026ebs.GetEbsVolumesArgs{\n\t\t\tFilters: []ebs.GetEbsVolumesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"size\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"10\",\n\t\t\t\t\t\t\"20\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport com.pulumi.aws.ebs.inputs.GetEbsVolumesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var tenOrTwentyGbVolumes = EbsFunctions.getEbsVolumes(GetEbsVolumesArgs.builder()\n .filters(GetEbsVolumesFilterArgs.builder()\n .name(\"size\")\n .values( \n \"10\",\n \"20\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n tenOrTwentyGbVolumes:\n fn::invoke:\n Function: aws:ebs:getEbsVolumes\n Arguments:\n filters:\n - name: size\n values:\n - '10'\n - '20'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nEBS Volume IDs will be selected if any one of the given values match.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getSnapshotFilter:getSnapshotFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ebs/getVolumeFilter:getVolumeFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n" }, "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n" }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n" }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n" }, "outpostArn": { "type": "string", "description": "ARN of the Outpost on which the snapshot is stored.\n\n\u003e **Note:** You can specify `encrypted` or `snapshot_id` but not both.\n" }, "snapshotId": { "type": "string", "description": "ID of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n" }, "throughput": { "type": "integer", "description": "Throughput that the EBS volume supports, in MiB/s. Only valid for `volume_type` of `gp3`.\n" }, "volumeSize": { "type": "integer", "description": "Size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n" }, "volumeType": { "type": "string", "description": "Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "outpostArn", "snapshotId", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n" }, "virtualName": { "type": "string", "description": "Name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "virtualName" ] } } }, "aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "ARN of the Outpost on which the snapshot is stored.\n\n\u003e **Note:** You can specify `encrypted` or `snapshot_id` but not both.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "ID of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "description": "Throughput that the EBS volume supports, in MiB/s. Only valid for `volume_type` of `gp3`.\n", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "description": "Size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "throughput", "volumeSize" ] } } }, "aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n" }, "virtualName": { "type": "string", "description": "Name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n" } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Boolean controlling whether the EBS volumes created to\nsupport each created instance will be deleted once that instance is terminated.\n" }, "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n" }, "encrypted": { "type": "boolean", "description": "Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshot_id`.\n" }, "iops": { "type": "integer", "description": "Number of I/O operations per second the\ncreated volumes will support.\n" }, "outpostArn": { "type": "string", "description": "ARN of the Outpost on which the snapshot is stored.\n\n\u003e **Note:** You can specify `encrypted` or `snapshot_id` but not both.\n" }, "snapshotId": { "type": "string", "description": "ID of an EBS snapshot that will be used to initialize the created\nEBS volumes. If set, the `volume_size` attribute must be at least as large as the referenced\nsnapshot.\n" }, "throughput": { "type": "integer", "description": "Throughput that the EBS volume supports, in MiB/s. Only valid for `volume_type` of `gp3`.\n" }, "volumeSize": { "type": "integer", "description": "Size of created volumes in GiB.\nIf `snapshot_id` is set and `volume_size` is omitted then the volume will have the same size\nas the selected snapshot.\n" }, "volumeType": { "type": "string", "description": "Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "outpostArn", "snapshotId", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Path at which the device is exposed to created instances.\n" }, "virtualName": { "type": "string", "description": "Name for the ephemeral device, of the form \"ephemeralN\" where\n*N* is a volume number starting from zero.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "virtualName" ] } } }, "aws:ec2/CapacityBlockReservationTimeouts:CapacityBlockReservationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress": { "properties": { "action": { "type": "string", "description": "The action to take.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a valid network mask.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n" }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n\n\u003e For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml).\n" }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0.\n" }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress": { "properties": { "action": { "type": "string", "description": "The action to take.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a valid network mask.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n" }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n\n\u003e For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml).\n" }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0.\n" }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute": { "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block of the route.\n" }, "coreNetworkArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a core network.\n" }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination of the route.\n\nOne of the following target arguments must be supplied:\n" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The Ipv6 CIDR block of the route\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of a VPC Endpoint. This route must be removed prior to VPC Endpoint deletion.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n\nNote that the default route, mapping the VPC's CIDR block to \"local\", is created implicitly and cannot be specified.\n" } }, "type": "object" }, "aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n" }, "description": { "type": "string", "description": "Description of this rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is `icmp`)\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints)\n" }, "protocol": { "type": "string", "description": "Protocol. If you select a protocol of \"-1\" (semantically equivalent to `all`, which is not a valid value here), you must specify a `from_port` and `to_port` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml).\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this egress rule.\n" }, "toPort": { "type": "integer", "description": "End range port (or ICMP code if protocol is `icmp`).\n" } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n" }, "description": { "type": "string", "description": "Description of the security group.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is `icmp`)\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of prefix list IDs (for allowing access to VPC endpoints)\n" }, "protocol": { "type": "string", "description": "Protocol. If you select a protocol of \"-1\" (semantically equivalent to `all`, which is not a valid value here), you must specify a `from_port` and `to_port` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml).\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this egress rule.\n" }, "toPort": { "type": "integer", "description": "End range port (or ICMP code if protocol is `icmp`).\n" } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/EipDomainNameTimeouts:EipDomainNameTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:ec2/FleetFleetInstanceSet:FleetFleetInstanceSet": { "properties": { "instanceIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the instances.\n" }, "instanceType": { "type": "string", "description": "The instance type.\n" }, "lifecycle": { "type": "string", "description": "Indicates if the instance that was launched is a Spot Instance or On-Demand Instance.\n" }, "platform": { "type": "string", "description": "The value is `Windows` for Windows instances. Otherwise, the value is blank.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "instanceIds", "instanceType", "lifecycle", "platform" ] } } }, "aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigLaunchTemplateSpecification:FleetLaunchTemplateConfigLaunchTemplateSpecification", "description": "Nested argument containing EC2 Launch Template to use. Defined below.\n" }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverride:FleetLaunchTemplateConfigOverride" }, "description": "Nested argument(s) containing parameters to override the same parameters in the Launch Template. Defined below.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigLaunchTemplateSpecification:FleetLaunchTemplateConfigLaunchTemplateSpecification": { "properties": { "launchTemplateId": { "type": "string", "description": "The ID of the launch template.\n" }, "launchTemplateName": { "type": "string", "description": "The name of the launch template.\n" }, "version": { "type": "string", "description": "The launch template version number, `$Latest`, or `$Default.`\n" } }, "type": "object", "required": [ "version" ] }, "aws:ec2/FleetLaunchTemplateConfigOverride:FleetLaunchTemplateConfigOverride": { "properties": { "availabilityZone": { "type": "string", "description": "Availability Zone in which to launch the instances.\n" }, "instanceRequirements": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirements:FleetLaunchTemplateConfigOverrideInstanceRequirements", "description": "Override the instance type in the Launch Template with instance types that satisfy the requirements.\n" }, "instanceType": { "type": "string", "description": "Instance type.\n" }, "maxPrice": { "type": "string", "description": "Maximum price per unit hour that you are willing to pay for a Spot Instance.\n" }, "priority": { "type": "number", "description": "Priority for the launch template override. If `on_demand_options` `allocation_strategy` is set to `prioritized`, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. Valid values are whole numbers starting at 0.\n" }, "subnetId": { "type": "string", "description": "ID of the subnet in which to launch the instances.\n" }, "weightedCapacity": { "type": "number", "description": "Number of units provided by the specified instance type.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirements:FleetLaunchTemplateConfigOverrideInstanceRequirements": { "properties": { "acceleratorCount": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount", "description": "Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum limits.\n" }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator manufacturer names. Default is any manufacturer.\n" }, "acceleratorNames": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator names. Default is any acclerator.\n" }, "acceleratorTotalMemoryMib": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib:FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib", "description": "Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum.\n" }, "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "The accelerator types that must be on the instance type. Default is any accelerator type.\n" }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards,represented by an asterisk (\\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. Default is any instance type.\n\nIf you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`.\n" }, "bareMetal": { "type": "string", "description": "Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "baselineEbsBandwidthMbps": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps:FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps", "description": "Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum.\n" }, "burstablePerformance": { "type": "string", "description": "Indicates whether burstable performance T instance types are `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "cpuManufacturers": { "type": "array", "items": { "type": "string" }, "description": "The CPU manufacturers to include. Default is any manufacturer.\n\u003e **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template.\n" }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types.\n\nIf you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`.\n" }, "instanceGenerations": { "type": "array", "items": { "type": "string" }, "description": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Valid values are `current` and `previous`. Default is `current` and `previous` generation instance types.\n" }, "localStorage": { "type": "string", "description": "Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`.\n" }, "localStorageTypes": { "type": "array", "items": { "type": "string" }, "description": "List of local storage type names. Valid values are `hdd` and `ssd`. Default any storage type.\n" }, "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spot_max_price_percentage_over_lowest_price`\n" }, "memoryGibPerVcpu": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu:FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu", "description": "Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum.\n" }, "memoryMib": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib:FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib", "description": "The minimum and maximum amount of memory per vCPU, in GiB. Default is no minimum or maximum limits.\n" }, "networkBandwidthGbps": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps:FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps", "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is No minimum or maximum.\n" }, "networkInterfaceCount": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount", "description": "Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum.\n" }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20.\n\nIf you set `target_capacity_unit_type` to `vcpu` or `memory-mib`, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n" }, "requireHibernateSupport": { "type": "boolean", "description": "Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`.\n" }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `max_spot_price_as_percentage_of_optimal_on_demand_price`\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n" }, "totalLocalStorageGb": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb:FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb", "description": "Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum.\n" }, "vcpuCount": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount", "description": "Block describing the minimum and maximum number of vCPUs. Default is no maximum.\n" } }, "type": "object", "required": [ "memoryMib", "vcpuCount" ] }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount": { "properties": { "max": { "type": "integer", "description": "Maximum. Set to `0` to exclude instance types with accelerators.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib:FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer", "description": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "integer", "description": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps:FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps": { "properties": { "max": { "type": "integer", "description": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter..\n" }, "min": { "type": "integer", "description": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter..\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu:FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu": { "properties": { "max": { "type": "number", "description": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "number", "description": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib:FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib": { "properties": { "max": { "type": "integer", "description": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "integer", "description": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0`.\n" } }, "type": "object", "required": [ "min" ] }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps:FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps": { "properties": { "max": { "type": "number", "description": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "number", "description": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount": { "properties": { "max": { "type": "integer", "description": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "integer", "description": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb:FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb": { "properties": { "max": { "type": "number", "description": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "number", "description": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.\n" } }, "type": "object" }, "aws:ec2/FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount:FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount": { "properties": { "max": { "type": "integer", "description": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.\n" }, "min": { "type": "integer", "description": "The minimum number of vCPUs. To specify no minimum limit, specify `0`.\n" } }, "type": "object", "required": [ "min" ] }, "aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions": { "properties": { "allocationStrategy": { "type": "string", "description": "The order of the launch template overrides to use in fulfilling On-Demand capacity. Valid values: `lowestPrice`, `prioritized`. Default: `lowestPrice`.\n", "willReplaceOnChanges": true }, "capacityReservationOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptionsCapacityReservationOptions:FleetOnDemandOptionsCapacityReservationOptions", "description": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity. Supported only for fleets of type `instant`.\n" }, "maxTotalPrice": { "type": "string", "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n" }, "minTargetCapacity": { "type": "integer", "description": "The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances. Supported only for fleets of type `instant`.\nIf you specify `min_target_capacity`, at least one of the following must be specified: `single_availability_zone` or `single_instance_type`.\n" }, "singleAvailabilityZone": { "type": "boolean", "description": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. Supported only for fleets of type `instant`.\n" }, "singleInstanceType": { "type": "boolean", "description": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. Supported only for fleets of type `instant`.\n" } }, "type": "object" }, "aws:ec2/FleetOnDemandOptionsCapacityReservationOptions:FleetOnDemandOptionsCapacityReservationOptions": { "properties": { "usageStrategy": { "type": "string", "description": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity. Valid values: `use-capacity-reservations-first`.\n" } }, "type": "object" }, "aws:ec2/FleetSpotOptions:FleetSpotOptions": { "properties": { "allocationStrategy": { "type": "string", "description": "How to allocate the target capacity across the Spot pools. Valid values: `diversified`, `lowestPrice`, `capacity-optimized`, `capacity-optimized-prioritized` and `price-capacity-optimized`. Default: `lowestPrice`.\n", "willReplaceOnChanges": true }, "instanceInterruptionBehavior": { "type": "string", "description": "Behavior when a Spot Instance is interrupted. Valid values: `hibernate`, `stop`, `terminate`. Default: `terminate`.\n", "willReplaceOnChanges": true }, "instancePoolsToUseCount": { "type": "integer", "description": "Number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot `allocation_strategy` is set to `lowestPrice`. Default: `1`.\n", "willReplaceOnChanges": true }, "maintenanceStrategies": { "$ref": "#/types/aws:ec2/FleetSpotOptionsMaintenanceStrategies:FleetSpotOptionsMaintenanceStrategies", "description": "Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below.\n" } }, "type": "object" }, "aws:ec2/FleetSpotOptionsMaintenanceStrategies:FleetSpotOptionsMaintenanceStrategies": { "properties": { "capacityRebalance": { "$ref": "#/types/aws:ec2/FleetSpotOptionsMaintenanceStrategiesCapacityRebalance:FleetSpotOptionsMaintenanceStrategiesCapacityRebalance", "description": "Nested argument containing the capacity rebalance for your fleet request. Defined below.\n" } }, "type": "object" }, "aws:ec2/FleetSpotOptionsMaintenanceStrategiesCapacityRebalance:FleetSpotOptionsMaintenanceStrategiesCapacityRebalance": { "properties": { "replacementStrategy": { "type": "string", "description": "The replacement strategy to use. Only available for fleets of `type` set to `maintain`. Valid values: `launch`.\n", "willReplaceOnChanges": true }, "terminationDelay": { "type": "integer" } }, "type": "object" }, "aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification": { "properties": { "defaultTargetCapacityType": { "type": "string", "description": "Default target capacity type. Valid values: `on-demand`, `spot`.\n", "willReplaceOnChanges": true }, "onDemandTargetCapacity": { "type": "integer", "description": "The number of On-Demand units to request.\n", "willReplaceOnChanges": true }, "spotTargetCapacity": { "type": "integer", "description": "The number of Spot units to request.\n", "willReplaceOnChanges": true }, "targetCapacityUnitType": { "type": "string", "description": "The unit for the target capacity.\nIf you specify `target_capacity_unit_type`, `instance_requirements` must be specified.\n", "willReplaceOnChanges": true }, "totalTargetCapacity": { "type": "integer", "description": "The number of units to request, filled using `default_target_capacity_type`.\n" } }, "type": "object", "required": [ "defaultTargetCapacityType", "totalTargetCapacity" ] }, "aws:ec2/FlowLogDestinationOptions:FlowLogDestinationOptions": { "properties": { "fileFormat": { "type": "string", "description": "The format for the flow log. Default value: `plain-text`. Valid values: `plain-text`, `parquet`.\n", "willReplaceOnChanges": true }, "hiveCompatiblePartitions": { "type": "boolean", "description": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. Default value: `false`.\n", "willReplaceOnChanges": true }, "perHourPartition": { "type": "boolean", "description": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. Default value: `false`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/InstanceCapacityReservationSpecification:InstanceCapacityReservationSpecification": { "properties": { "capacityReservationPreference": { "type": "string", "description": "Indicates the instance's Capacity Reservation preferences. Can be `\"open\"` or `\"none\"`. (Default: `\"open\"`).\n" }, "capacityReservationTarget": { "$ref": "#/types/aws:ec2/InstanceCapacityReservationSpecificationCapacityReservationTarget:InstanceCapacityReservationSpecificationCapacityReservationTarget", "description": "Information about the target Capacity Reservation. See Capacity Reservation Target below for more details.\n\nFor more information, see the documentation on [Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html).\n" } }, "type": "object" }, "aws:ec2/InstanceCapacityReservationSpecificationCapacityReservationTarget:InstanceCapacityReservationSpecificationCapacityReservationTarget": { "properties": { "capacityReservationId": { "type": "string", "description": "ID of the Capacity Reservation in which to run the instance.\n" }, "capacityReservationResourceGroupArn": { "type": "string", "description": "ARN of the Capacity Reservation resource group in which to run the instance.\n" } }, "type": "object" }, "aws:ec2/InstanceCpuOptions:InstanceCpuOptions": { "properties": { "amdSevSnp": { "type": "string", "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`.\n", "willReplaceOnChanges": true }, "coreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "willReplaceOnChanges": true }, "threadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n\nFor more information, see the documentation on [Optimizing CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "amdSevSnp", "coreCount", "threadsPerCore" ] } } }, "aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "Credit option for CPU usage. Valid values include `standard` or `unlimited`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default.\n" } }, "type": "object" }, "aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed on instance termination. Defaults to `true`.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "Name of the device to mount.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. Defaults to `false`. Cannot be used with `snapshot_id`. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volume_type of `io1`, `io2` or `gp3`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "Snapshot ID to mount.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the device.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" }, "throughput": { "type": "integer", "description": "Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volume_type` of `gp3`.\n", "willReplaceOnChanges": true }, "volumeId": { "type": "string", "description": "ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`.\n\n\u003e **NOTE:** Currently, changes to the `ebs_block_device` configuration of _existing_ resources cannot be automatically detected by this provider. To manage changes and attachments of an EBS block to an instance, use the `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources instead. If you use `ebs_block_device` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, treating additional block devices as drift. For this reason, `ebs_block_device` cannot be mixed with external `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources for a given instance.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "tagsAll", "throughput", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/InstanceEnclaveOptions:InstanceEnclaveOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`.\n\nFor more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Name of the block device to mount on the instance.\n" }, "noDevice": { "type": "boolean", "description": "Suppresses the specified device included in the AMI's block device mapping.\n" }, "virtualName": { "type": "string", "description": "[Instance Store Device Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`).\n\nEach AWS Instance type has a different set of Instance Store block devices available for attachment. AWS [publishes a list](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes) of which ephemeral devices are available on each type. The devices are always identified by the `virtual_name` in the format `ephemeral{0..N}`.\n" } }, "type": "object", "required": [ "deviceName" ] }, "aws:ec2/InstanceInstanceMarketOptions:InstanceInstanceMarketOptions": { "properties": { "marketType": { "type": "string", "description": "Type of market for the instance. Valid value is `spot`. Defaults to `spot`. Required if `spot_options` is specified.\n", "willReplaceOnChanges": true }, "spotOptions": { "$ref": "#/types/aws:ec2/InstanceInstanceMarketOptionsSpotOptions:InstanceInstanceMarketOptionsSpotOptions", "description": "Block to configure the options for Spot Instances. See Spot Options below for details on attributes.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "marketType", "spotOptions" ] } } }, "aws:ec2/InstanceInstanceMarketOptionsSpotOptions:InstanceInstanceMarketOptionsSpotOptions": { "properties": { "instanceInterruptionBehavior": { "type": "string", "description": "The behavior when a Spot Instance is interrupted. Valid values include `hibernate`, `stop`, `terminate` . The default is `terminate`.\n", "willReplaceOnChanges": true }, "maxPrice": { "type": "string", "description": "The maximum hourly price that you're willing to pay for a Spot Instance.\n", "willReplaceOnChanges": true }, "spotInstanceType": { "type": "string", "description": "The Spot Instance request type. Valid values include `one-time`, `persistent`. Persistent Spot Instance requests are only supported when the instance interruption behavior is either hibernate or stop. The default is `one-time`.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "instanceInterruptionBehavior", "maxPrice", "spotInstanceType", "validUntil" ] } } }, "aws:ec2/InstanceLaunchTemplate:InstanceLaunchTemplate": { "properties": { "id": { "type": "string", "description": "ID of the launch template. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the launch template. Conflicts with `id`.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Template version. Can be a specific version number, `$Latest` or `$Default`. The default value is `$Default`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "name" ] } } }, "aws:ec2/InstanceMaintenanceOptions:InstanceMaintenanceOptions": { "properties": { "autoRecovery": { "type": "string", "description": "Automatic recovery behavior of the Instance. Can be `\"default\"` or `\"disabled\"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoRecovery" ] } } }, "aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Valid values include `enabled` or `disabled`. Defaults to `enabled`.\n" }, "httpProtocolIpv6": { "type": "string", "description": "Whether the IPv6 endpoint for the instance metadata service is enabled. Defaults to `disabled`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from `1` to `64`. Defaults to `1`.\n" }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Valid values include `optional` or `required`. Defaults to `optional`.\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Valid values include `enabled` or `disabled`. Defaults to `disabled`.\n\nFor more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ] } } }, "aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance.\n", "willReplaceOnChanges": true }, "deviceIndex": { "type": "integer", "description": "Integer index of the network interface attachment. Limited by instance type.\n", "willReplaceOnChanges": true }, "networkCardIndex": { "type": "integer", "description": "Integer index of the network card. Limited by instance type. The default index is `0`.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "ID of the network interface to attach.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceIndex", "networkInterfaceId" ] }, "aws:ec2/InstancePlatform:InstancePlatform": { "type": "string", "enum": [ { "name": "LinuxUnix", "value": "Linux/UNIX" }, { "name": "RedHatEnterpriseLinux", "value": "Red Hat Enterprise Linux" }, { "name": "SuseLinux", "value": "SUSE Linux" }, { "name": "Windows", "value": "Windows" }, { "name": "WindowsWithSqlServer", "value": "Windows with SQL Server" }, { "name": "WindowsWithSqlServerEnterprise", "value": "Windows with SQL Server Enterprise" }, { "name": "WindowsWithSqlServerStandard", "value": "Windows with SQL Server Standard" }, { "name": "WindowsWithSqlServerWeb", "value": "Windows with SQL Server Web" } ] }, "aws:ec2/InstancePrivateDnsNameOptions:InstancePrivateDnsNameOptions": { "properties": { "enableResourceNameDnsARecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.\n" }, "enableResourceNameDnsAaaaRecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.\n" }, "hostnameType": { "type": "string", "description": "Type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enableResourceNameDnsARecord", "enableResourceNameDnsAaaaRecord", "hostnameType" ] } } }, "aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed on instance termination. Defaults to `true`.\n" }, "deviceName": { "type": "string", "description": "Device name, e.g., `/dev/sdh` or `xvdh`.\n" }, "encrypted": { "type": "boolean", "description": "Whether to enable volume encryption. Defaults to `false`. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volume_type of `io1`, `io2` or `gp3`.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the device.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" }, "throughput": { "type": "integer", "description": "Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volume_type` of `gp3`.\n" }, "volumeId": { "type": "string", "description": "ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume in gibibytes (GiB).\n" }, "volumeType": { "type": "string", "description": "Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to the volume type that the AMI uses.\n\nModifying the `encrypted` or `kms_key_id` settings of the `root_block_device` requires resource replacement.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "tagsAll", "throughput", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/InstanceType:InstanceType": { "type": "string", "enum": [ { "name": "A1_2XLarge", "value": "a1.2xlarge" }, { "name": "A1_4XLarge", "value": "a1.4xlarge" }, { "name": "A1_Large", "value": "a1.large" }, { "name": "A1_Medium", "value": "a1.medium" }, { "name": "A1_Metal", "value": "a1.metal" }, { "name": "A1_XLarge", "value": "a1.xlarge" }, { "name": "C1_Medium", "value": "c1.medium" }, { "name": "C1_XLarge", "value": "c1.xlarge" }, { "name": "C3_2XLarge", "value": "c3.2xlarge" }, { "name": "C3_4XLarge", "value": "c3.4xlarge" }, { "name": "C3_8XLarge", "value": "c3.8xlarge" }, { "name": "C3_Large", "value": "c3.large" }, { "name": "C3_XLarge", "value": "c3.xlarge" }, { "name": "C4_2XLarge", "value": "c4.2xlarge" }, { "name": "C4_4XLarge", "value": "c4.4xlarge" }, { "name": "C4_8XLarge", "value": "c4.8xlarge" }, { "name": "C4_Large", "value": "c4.large" }, { "name": "C4_XLarge", "value": "c4.xlarge" }, { "name": "C5_12XLarge", "value": "c5.12xlarge" }, { "name": "C5_18XLarge", "value": "c5.18xlarge" }, { "name": "C5_24XLarge", "value": "c5.24xlarge" }, { "name": "C5_2XLarge", "value": "c5.2xlarge" }, { "name": "C5_4XLarge", "value": "c5.4xlarge" }, { "name": "C5_9XLarge", "value": "c5.9xlarge" }, { "name": "C5_Large", "value": "c5.large" }, { "name": "C5_Metal", "value": "c5.metal" }, { "name": "C5_XLarge", "value": "c5.xlarge" }, { "name": "C5a_12XLarge", "value": "c5a.12xlarge" }, { "name": "C5a_16XLarge", "value": "c5a.16xlarge" }, { "name": "C5a_24XLarge", "value": "c5a.24xlarge" }, { "name": "C5a_2XLarge", "value": "c5a.2xlarge" }, { "name": "C5a_4XLarge", "value": "c5a.4xlarge" }, { "name": "C5a_8XLarge", "value": "c5a.8xlarge" }, { "name": "C5a_Large", "value": "c5a.large" }, { "name": "C5a_XLarge", "value": "c5a.xlarge" }, { "name": "C5ad_12XLarge", "value": "c5ad.12xlarge" }, { "name": "C5ad_16XLarge", "value": "c5ad.16xlarge" }, { "name": "C5ad_24XLarge", "value": "c5ad.24xlarge" }, { "name": "C5ad_2XLarge", "value": "c5ad.2xlarge" }, { "name": "C5ad_4XLarge", "value": "c5ad.4xlarge" }, { "name": "C5ad_8XLarge", "value": "c5ad.8xlarge" }, { "name": "C5ad_Large", "value": "c5ad.large" }, { "name": "C5ad_XLarge", "value": "c5ad.xlarge" }, { "name": "C5d_12XLarge", "value": "c5d.12xlarge" }, { "name": "C5d_18XLarge", "value": "c5d.18xlarge" }, { "name": "C5d_24XLarge", "value": "c5d.24xlarge" }, { "name": "C5d_2XLarge", "value": "c5d.2xlarge" }, { "name": "C5d_4XLarge", "value": "c5d.4xlarge" }, { "name": "C5d_9XLarge", "value": "c5d.9xlarge" }, { "name": "C5d_Large", "value": "c5d.large" }, { "name": "C5d_Metal", "value": "c5d.metal" }, { "name": "C5d_XLarge", "value": "c5d.xlarge" }, { "name": "C5n_18XLarge", "value": "c5n.18xlarge" }, { "name": "C5n_2XLarge", "value": "c5n.2xlarge" }, { "name": "C5n_4XLarge", "value": "c5n.4xlarge" }, { "name": "C5n_9XLarge", "value": "c5n.9xlarge" }, { "name": "C5n_Large", "value": "c5n.large" }, { "name": "C5n_Metal", "value": "c5n.metal" }, { "name": "C5n_XLarge", "value": "c5n.xlarge" }, { "name": "C6a_12XLarge", "value": "c6a.12xlarge" }, { "name": "C6a_16XLarge", "value": "c6a.16xlarge" }, { "name": "C6a_24XLarge", "value": "c6a.24xlarge" }, { "name": "C6a_2XLarge", "value": "c6a.2xlarge" }, { "name": "C6a_32XLarge", "value": "c6a.32xlarge" }, { "name": "C6a_48XLarge", "value": "c6a.48xlarge" }, { "name": "C6a_4XLarge", "value": "c6a.4xlarge" }, { "name": "C6a_8XLarge", "value": "c6a.8xlarge" }, { "name": "C6a_Large", "value": "c6a.large" }, { "name": "C6a_Metal", "value": "c6a.metal" }, { "name": "C6a_XLarge", "value": "c6a.xlarge" }, { "name": "C6g_12XLarge", "value": "c6g.12xlarge" }, { "name": "C6g_16XLarge", "value": "c6g.16xlarge" }, { "name": "C6g_2XLarge", "value": "c6g.2xlarge" }, { "name": "C6g_4XLarge", "value": "c6g.4xlarge" }, { "name": "C6g_8XLarge", "value": "c6g.8xlarge" }, { "name": "C6g_Large", "value": "c6g.large" }, { "name": "C6g_Medium", "value": "c6g.medium" }, { "name": "C6g_Metal", "value": "c6g.metal" }, { "name": "C6g_XLarge", "value": "c6g.xlarge" }, { "name": "C6gd_12XLarge", "value": "c6gd.12xlarge" }, { "name": "C6gd_16XLarge", "value": "c6gd.16xlarge" }, { "name": "C6gd_2XLarge", "value": "c6gd.2xlarge" }, { "name": "C6gd_4XLarge", "value": "c6gd.4xlarge" }, { "name": "C6gd_8XLarge", "value": "c6gd.8xlarge" }, { "name": "C6gd_Large", "value": "c6gd.large" }, { "name": "C6gd_Medium", "value": "c6gd.medium" }, { "name": "C6gd_Metal", "value": "c6gd.metal" }, { "name": "C6gd_XLarge", "value": "c6gd.xlarge" }, { "name": "C6gn_12XLarge", "value": "c6gn.12xlarge" }, { "name": "C6gn_16XLarge", "value": "c6gn.16xlarge" }, { "name": "C6gn_2XLarge", "value": "c6gn.2xlarge" }, { "name": "C6gn_4XLarge", "value": "c6gn.4xlarge" }, { "name": "C6gn_8XLarge", "value": "c6gn.8xlarge" }, { "name": "C6gn_Large", "value": "c6gn.large" }, { "name": "C6gn_Medium", "value": "c6gn.medium" }, { "name": "C6gn_XLarge", "value": "c6gn.xlarge" }, { "name": "C6i_12XLarge", "value": "c6i.12xlarge" }, { "name": "C6i_16XLarge", "value": "c6i.16xlarge" }, { "name": "C6i_24XLarge", "value": "c6i.24xlarge" }, { "name": "C6i_2XLarge", "value": "c6i.2xlarge" }, { "name": "C6i_32XLarge", "value": "c6i.32xlarge" }, { "name": "C6i_4XLarge", "value": "c6i.4xlarge" }, { "name": "C6i_8XLarge", "value": "c6i.8xlarge" }, { "name": "C6i_Large", "value": "c6i.large" }, { "name": "C6i_Metal", "value": "c6i.metal" }, { "name": "C6i_XLarge", "value": "c6i.xlarge" }, { "name": "C6id_12XLarge", "value": "c6id.12xlarge" }, { "name": "C6id_16XLarge", "value": "c6id.16xlarge" }, { "name": "C6id_24XLarge", "value": "c6id.24xlarge" }, { "name": "C6id_2XLarge", "value": "c6id.2xlarge" }, { "name": "C6id_32XLarge", "value": "c6id.32xlarge" }, { "name": "C6id_4XLarge", "value": "c6id.4xlarge" }, { "name": "C6id_8XLarge", "value": "c6id.8xlarge" }, { "name": "C6id_Large", "value": "c6id.large" }, { "name": "C6id_Metal", "value": "c6id.metal" }, { "name": "C6id_XLarge", "value": "c6id.xlarge" }, { "name": "C6in_12XLarge", "value": "c6in.12xlarge" }, { "name": "C6in_16XLarge", "value": "c6in.16xlarge" }, { "name": "C6in_24XLarge", "value": "c6in.24xlarge" }, { "name": "C6in_2XLarge", "value": "c6in.2xlarge" }, { "name": "C6in_32XLarge", "value": "c6in.32xlarge" }, { "name": "C6in_4XLarge", "value": "c6in.4xlarge" }, { "name": "C6in_8XLarge", "value": "c6in.8xlarge" }, { "name": "C6in_Large", "value": "c6in.large" }, { "name": "C6in_Metal", "value": "c6in.metal" }, { "name": "C6in_XLarge", "value": "c6in.xlarge" }, { "name": "C7a_12XLarge", "value": "c7a.12xlarge" }, { "name": "C7a_16XLarge", "value": "c7a.16xlarge" }, { "name": "C7a_24XLarge", "value": "c7a.24xlarge" }, { "name": "C7a_2XLarge", "value": "c7a.2xlarge" }, { "name": "C7a_32XLarge", "value": "c7a.32xlarge" }, { "name": "C7a_48XLarge", "value": "c7a.48xlarge" }, { "name": "C7a_4XLarge", "value": "c7a.4xlarge" }, { "name": "C7a_8XLarge", "value": "c7a.8xlarge" }, { "name": "C7a_Large", "value": "c7a.large" }, { "name": "C7a_Medium", "value": "c7a.medium" }, { "name": "C7a_Metal_48xl", "value": "c7a.metal-48xl" }, { "name": "C7a_XLarge", "value": "c7a.xlarge" }, { "name": "C7g_12XLarge", "value": "c7g.12xlarge" }, { "name": "C7g_16XLarge", "value": "c7g.16xlarge" }, { "name": "C7g_2XLarge", "value": "c7g.2xlarge" }, { "name": "C7g_4XLarge", "value": "c7g.4xlarge" }, { "name": "C7g_8XLarge", "value": "c7g.8xlarge" }, { "name": "C7g_Large", "value": "c7g.large" }, { "name": "C7g_Medium", "value": "c7g.medium" }, { "name": "C7g_Metal", "value": "c7g.metal" }, { "name": "C7g_XLarge", "value": "c7g.xlarge" }, { "name": "C7gd_12XLarge", "value": "c7gd.12xlarge" }, { "name": "C7gd_16XLarge", "value": "c7gd.16xlarge" }, { "name": "C7gd_2XLarge", "value": "c7gd.2xlarge" }, { "name": "C7gd_4XLarge", "value": "c7gd.4xlarge" }, { "name": "C7gd_8XLarge", "value": "c7gd.8xlarge" }, { "name": "C7gd_Large", "value": "c7gd.large" }, { "name": "C7gd_Medium", "value": "c7gd.medium" }, { "name": "C7gd_Metal", "value": "c7gd.metal" }, { "name": "C7gd_XLarge", "value": "c7gd.xlarge" }, { "name": "C7gn_12XLarge", "value": "c7gn.12xlarge" }, { "name": "C7gn_16XLarge", "value": "c7gn.16xlarge" }, { "name": "C7gn_2XLarge", "value": "c7gn.2xlarge" }, { "name": "C7gn_4XLarge", "value": "c7gn.4xlarge" }, { "name": "C7gn_8XLarge", "value": "c7gn.8xlarge" }, { "name": "C7gn_Large", "value": "c7gn.large" }, { "name": "C7gn_Medium", "value": "c7gn.medium" }, { "name": "C7gn_Metal", "value": "c7gn.metal" }, { "name": "C7gn_XLarge", "value": "c7gn.xlarge" }, { "name": "C7i_12XLarge", "value": "c7i.12xlarge" }, { "name": "C7i_16XLarge", "value": "c7i.16xlarge" }, { "name": "C7i_24XLarge", "value": "c7i.24xlarge" }, { "name": "C7i_2XLarge", "value": "c7i.2xlarge" }, { "name": "C7i_48XLarge", "value": "c7i.48xlarge" }, { "name": "C7i_4XLarge", "value": "c7i.4xlarge" }, { "name": "C7i_8XLarge", "value": "c7i.8xlarge" }, { "name": "C7i_Large", "value": "c7i.large" }, { "name": "C7i_Metal_24xl", "value": "c7i.metal-24xl" }, { "name": "C7i_Metal_48xl", "value": "c7i.metal-48xl" }, { "name": "C7i_XLarge", "value": "c7i.xlarge" }, { "name": "D2_2XLarge", "value": "d2.2xlarge" }, { "name": "D2_4XLarge", "value": "d2.4xlarge" }, { "name": "D2_8XLarge", "value": "d2.8xlarge" }, { "name": "D2_XLarge", "value": "d2.xlarge" }, { "name": "D3_2XLarge", "value": "d3.2xlarge" }, { "name": "D3_4XLarge", "value": "d3.4xlarge" }, { "name": "D3_8XLarge", "value": "d3.8xlarge" }, { "name": "D3_XLarge", "value": "d3.xlarge" }, { "name": "D3en_12XLarge", "value": "d3en.12xlarge" }, { "name": "D3en_2XLarge", "value": "d3en.2xlarge" }, { "name": "D3en_4XLarge", "value": "d3en.4xlarge" }, { "name": "D3en_6XLarge", "value": "d3en.6xlarge" }, { "name": "D3en_8XLarge", "value": "d3en.8xlarge" }, { "name": "D3en_XLarge", "value": "d3en.xlarge" }, { "name": "Dl1_24XLarge", "value": "dl1.24xlarge" }, { "name": "Dl2q_24XLarge", "value": "dl2q.24xlarge" }, { "name": "F1_16XLarge", "value": "f1.16xlarge" }, { "name": "F1_2XLarge", "value": "f1.2xlarge" }, { "name": "F1_4XLarge", "value": "f1.4xlarge" }, { "name": "G3_16XLarge", "value": "g3.16xlarge" }, { "name": "G3_4XLarge", "value": "g3.4xlarge" }, { "name": "G3_8XLarge", "value": "g3.8xlarge" }, { "name": "G3s_XLarge", "value": "g3s.xlarge" }, { "name": "G4ad_16XLarge", "value": "g4ad.16xlarge" }, { "name": "G4ad_2XLarge", "value": "g4ad.2xlarge" }, { "name": "G4ad_4XLarge", "value": "g4ad.4xlarge" }, { "name": "G4ad_8XLarge", "value": "g4ad.8xlarge" }, { "name": "G4ad_XLarge", "value": "g4ad.xlarge" }, { "name": "G4dn_12XLarge", "value": "g4dn.12xlarge" }, { "name": "G4dn_16XLarge", "value": "g4dn.16xlarge" }, { "name": "G4dn_2XLarge", "value": "g4dn.2xlarge" }, { "name": "G4dn_4XLarge", "value": "g4dn.4xlarge" }, { "name": "G4dn_8XLarge", "value": "g4dn.8xlarge" }, { "name": "G4dn_Metal", "value": "g4dn.metal" }, { "name": "G4dn_XLarge", "value": "g4dn.xlarge" }, { "name": "G5_12XLarge", "value": "g5.12xlarge" }, { "name": "G5_16XLarge", "value": "g5.16xlarge" }, { "name": "G5_24XLarge", "value": "g5.24xlarge" }, { "name": "G5_2XLarge", "value": "g5.2xlarge" }, { "name": "G5_48XLarge", "value": "g5.48xlarge" }, { "name": "G5_4XLarge", "value": "g5.4xlarge" }, { "name": "G5_8XLarge", "value": "g5.8xlarge" }, { "name": "G5_XLarge", "value": "g5.xlarge" }, { "name": "G5g_16XLarge", "value": "g5g.16xlarge" }, { "name": "G5g_2XLarge", "value": "g5g.2xlarge" }, { "name": "G5g_4XLarge", "value": "g5g.4xlarge" }, { "name": "G5g_8XLarge", "value": "g5g.8xlarge" }, { "name": "G5g_Metal", "value": "g5g.metal" }, { "name": "G5g_XLarge", "value": "g5g.xlarge" }, { "name": "G6_12XLarge", "value": "g6.12xlarge" }, { "name": "G6_16XLarge", "value": "g6.16xlarge" }, { "name": "G6_24XLarge", "value": "g6.24xlarge" }, { "name": "G6_2XLarge", "value": "g6.2xlarge" }, { "name": "G6_48XLarge", "value": "g6.48xlarge" }, { "name": "G6_4XLarge", "value": "g6.4xlarge" }, { "name": "G6_8XLarge", "value": "g6.8xlarge" }, { "name": "G6_XLarge", "value": "g6.xlarge" }, { "name": "Gr6_4XLarge", "value": "gr6.4xlarge" }, { "name": "Gr6_8XLarge", "value": "gr6.8xlarge" }, { "name": "H1_16XLarge", "value": "h1.16xlarge" }, { "name": "H1_2XLarge", "value": "h1.2xlarge" }, { "name": "H1_4XLarge", "value": "h1.4xlarge" }, { "name": "H1_8XLarge", "value": "h1.8xlarge" }, { "name": "I2_2XLarge", "value": "i2.2xlarge" }, { "name": "I2_4XLarge", "value": "i2.4xlarge" }, { "name": "I2_8XLarge", "value": "i2.8xlarge" }, { "name": "I2_XLarge", "value": "i2.xlarge" }, { "name": "I3_16XLarge", "value": "i3.16xlarge" }, { "name": "I3_2XLarge", "value": "i3.2xlarge" }, { "name": "I3_4XLarge", "value": "i3.4xlarge" }, { "name": "I3_8XLarge", "value": "i3.8xlarge" }, { "name": "I3_Large", "value": "i3.large" }, { "name": "I3_Metal", "value": "i3.metal" }, { "name": "I3_XLarge", "value": "i3.xlarge" }, { "name": "I3en_12XLarge", "value": "i3en.12xlarge" }, { "name": "I3en_24XLarge", "value": "i3en.24xlarge" }, { "name": "I3en_2XLarge", "value": "i3en.2xlarge" }, { "name": "I3en_3XLarge", "value": "i3en.3xlarge" }, { "name": "I3en_6XLarge", "value": "i3en.6xlarge" }, { "name": "I3en_Large", "value": "i3en.large" }, { "name": "I3en_Metal", "value": "i3en.metal" }, { "name": "I3en_XLarge", "value": "i3en.xlarge" }, { "name": "I4g_16XLarge", "value": "i4g.16xlarge" }, { "name": "I4g_2XLarge", "value": "i4g.2xlarge" }, { "name": "I4g_4XLarge", "value": "i4g.4xlarge" }, { "name": "I4g_8XLarge", "value": "i4g.8xlarge" }, { "name": "I4g_Large", "value": "i4g.large" }, { "name": "I4g_XLarge", "value": "i4g.xlarge" }, { "name": "I4i_12XLarge", "value": "i4i.12xlarge" }, { "name": "I4i_16XLarge", "value": "i4i.16xlarge" }, { "name": "I4i_24XLarge", "value": "i4i.24xlarge" }, { "name": "I4i_2XLarge", "value": "i4i.2xlarge" }, { "name": "I4i_32XLarge", "value": "i4i.32xlarge" }, { "name": "I4i_4XLarge", "value": "i4i.4xlarge" }, { "name": "I4i_8XLarge", "value": "i4i.8xlarge" }, { "name": "I4i_Large", "value": "i4i.large" }, { "name": "I4i_Metal", "value": "i4i.metal" }, { "name": "I4i_XLarge", "value": "i4i.xlarge" }, { "name": "Im4gn_16XLarge", "value": "im4gn.16xlarge" }, { "name": "Im4gn_2XLarge", "value": "im4gn.2xlarge" }, { "name": "Im4gn_4XLarge", "value": "im4gn.4xlarge" }, { "name": "Im4gn_8XLarge", "value": "im4gn.8xlarge" }, { "name": "Im4gn_Large", "value": "im4gn.large" }, { "name": "Im4gn_XLarge", "value": "im4gn.xlarge" }, { "name": "Inf1_24XLarge", "value": "inf1.24xlarge" }, { "name": "Inf1_2XLarge", "value": "inf1.2xlarge" }, { "name": "Inf1_6XLarge", "value": "inf1.6xlarge" }, { "name": "Inf1_XLarge", "value": "inf1.xlarge" }, { "name": "Inf2_24XLarge", "value": "inf2.24xlarge" }, { "name": "Inf2_48XLarge", "value": "inf2.48xlarge" }, { "name": "Inf2_8XLarge", "value": "inf2.8xlarge" }, { "name": "Inf2_XLarge", "value": "inf2.xlarge" }, { "name": "Is4gen_2XLarge", "value": "is4gen.2xlarge" }, { "name": "Is4gen_4XLarge", "value": "is4gen.4xlarge" }, { "name": "Is4gen_8XLarge", "value": "is4gen.8xlarge" }, { "name": "Is4gen_Large", "value": "is4gen.large" }, { "name": "Is4gen_Medium", "value": "is4gen.medium" }, { "name": "Is4gen_XLarge", "value": "is4gen.xlarge" }, { "name": "M1_Large", "value": "m1.large" }, { "name": "M1_Medium", "value": "m1.medium" }, { "name": "M1_Small", "value": "m1.small" }, { "name": "M1_XLarge", "value": "m1.xlarge" }, { "name": "M2_2XLarge", "value": "m2.2xlarge" }, { "name": "M2_4XLarge", "value": "m2.4xlarge" }, { "name": "M2_XLarge", "value": "m2.xlarge" }, { "name": "M3_2XLarge", "value": "m3.2xlarge" }, { "name": "M3_Large", "value": "m3.large" }, { "name": "M3_Medium", "value": "m3.medium" }, { "name": "M3_XLarge", "value": "m3.xlarge" }, { "name": "M4_10XLarge", "value": "m4.10xlarge" }, { "name": "M4_16XLarge", "value": "m4.16xlarge" }, { "name": "M4_2XLarge", "value": "m4.2xlarge" }, { "name": "M4_4XLarge", "value": "m4.4xlarge" }, { "name": "M4_Large", "value": "m4.large" }, { "name": "M4_XLarge", "value": "m4.xlarge" }, { "name": "M5_12XLarge", "value": "m5.12xlarge" }, { "name": "M5_16XLarge", "value": "m5.16xlarge" }, { "name": "M5_24XLarge", "value": "m5.24xlarge" }, { "name": "M5_2XLarge", "value": "m5.2xlarge" }, { "name": "M5_4XLarge", "value": "m5.4xlarge" }, { "name": "M5_8XLarge", "value": "m5.8xlarge" }, { "name": "M5_Large", "value": "m5.large" }, { "name": "M5_Metal", "value": "m5.metal" }, { "name": "M5_XLarge", "value": "m5.xlarge" }, { "name": "M5a_12XLarge", "value": "m5a.12xlarge" }, { "name": "M5a_16XLarge", "value": "m5a.16xlarge" }, { "name": "M5a_24XLarge", "value": "m5a.24xlarge" }, { "name": "M5a_2XLarge", "value": "m5a.2xlarge" }, { "name": "M5a_4XLarge", "value": "m5a.4xlarge" }, { "name": "M5a_8XLarge", "value": "m5a.8xlarge" }, { "name": "M5a_Large", "value": "m5a.large" }, { "name": "M5a_XLarge", "value": "m5a.xlarge" }, { "name": "M5ad_12XLarge", "value": "m5ad.12xlarge" }, { "name": "M5ad_16XLarge", "value": "m5ad.16xlarge" }, { "name": "M5ad_24XLarge", "value": "m5ad.24xlarge" }, { "name": "M5ad_2XLarge", "value": "m5ad.2xlarge" }, { "name": "M5ad_4XLarge", "value": "m5ad.4xlarge" }, { "name": "M5ad_8XLarge", "value": "m5ad.8xlarge" }, { "name": "M5ad_Large", "value": "m5ad.large" }, { "name": "M5ad_XLarge", "value": "m5ad.xlarge" }, { "name": "M5d_12XLarge", "value": "m5d.12xlarge" }, { "name": "M5d_16XLarge", "value": "m5d.16xlarge" }, { "name": "M5d_24XLarge", "value": "m5d.24xlarge" }, { "name": "M5d_2XLarge", "value": "m5d.2xlarge" }, { "name": "M5d_4XLarge", "value": "m5d.4xlarge" }, { "name": "M5d_8XLarge", "value": "m5d.8xlarge" }, { "name": "M5d_Large", "value": "m5d.large" }, { "name": "M5d_Metal", "value": "m5d.metal" }, { "name": "M5d_XLarge", "value": "m5d.xlarge" }, { "name": "M5dn_12XLarge", "value": "m5dn.12xlarge" }, { "name": "M5dn_16XLarge", "value": "m5dn.16xlarge" }, { "name": "M5dn_24XLarge", "value": "m5dn.24xlarge" }, { "name": "M5dn_2XLarge", "value": "m5dn.2xlarge" }, { "name": "M5dn_4XLarge", "value": "m5dn.4xlarge" }, { "name": "M5dn_8XLarge", "value": "m5dn.8xlarge" }, { "name": "M5dn_Large", "value": "m5dn.large" }, { "name": "M5dn_Metal", "value": "m5dn.metal" }, { "name": "M5dn_XLarge", "value": "m5dn.xlarge" }, { "name": "M5n_12XLarge", "value": "m5n.12xlarge" }, { "name": "M5n_16XLarge", "value": "m5n.16xlarge" }, { "name": "M5n_24XLarge", "value": "m5n.24xlarge" }, { "name": "M5n_2XLarge", "value": "m5n.2xlarge" }, { "name": "M5n_4XLarge", "value": "m5n.4xlarge" }, { "name": "M5n_8XLarge", "value": "m5n.8xlarge" }, { "name": "M5n_Large", "value": "m5n.large" }, { "name": "M5n_Metal", "value": "m5n.metal" }, { "name": "M5n_XLarge", "value": "m5n.xlarge" }, { "name": "M5zn_12XLarge", "value": "m5zn.12xlarge" }, { "name": "M5zn_2XLarge", "value": "m5zn.2xlarge" }, { "name": "M5zn_3XLarge", "value": "m5zn.3xlarge" }, { "name": "M5zn_6XLarge", "value": "m5zn.6xlarge" }, { "name": "M5zn_Large", "value": "m5zn.large" }, { "name": "M5zn_Metal", "value": "m5zn.metal" }, { "name": "M5zn_XLarge", "value": "m5zn.xlarge" }, { "name": "M6a_12XLarge", "value": "m6a.12xlarge" }, { "name": "M6a_16XLarge", "value": "m6a.16xlarge" }, { "name": "M6a_24XLarge", "value": "m6a.24xlarge" }, { "name": "M6a_2XLarge", "value": "m6a.2xlarge" }, { "name": "M6a_32XLarge", "value": "m6a.32xlarge" }, { "name": "M6a_48XLarge", "value": "m6a.48xlarge" }, { "name": "M6a_4XLarge", "value": "m6a.4xlarge" }, { "name": "M6a_8XLarge", "value": "m6a.8xlarge" }, { "name": "M6a_Large", "value": "m6a.large" }, { "name": "M6a_Metal", "value": "m6a.metal" }, { "name": "M6a_XLarge", "value": "m6a.xlarge" }, { "name": "M6g_12XLarge", "value": "m6g.12xlarge" }, { "name": "M6g_16XLarge", "value": "m6g.16xlarge" }, { "name": "M6g_2XLarge", "value": "m6g.2xlarge" }, { "name": "M6g_4XLarge", "value": "m6g.4xlarge" }, { "name": "M6g_8XLarge", "value": "m6g.8xlarge" }, { "name": "M6g_Large", "value": "m6g.large" }, { "name": "M6g_Medium", "value": "m6g.medium" }, { "name": "M6g_Metal", "value": "m6g.metal" }, { "name": "M6g_XLarge", "value": "m6g.xlarge" }, { "name": "M6gd_12XLarge", "value": "m6gd.12xlarge" }, { "name": "M6gd_16XLarge", "value": "m6gd.16xlarge" }, { "name": "M6gd_2XLarge", "value": "m6gd.2xlarge" }, { "name": "M6gd_4XLarge", "value": "m6gd.4xlarge" }, { "name": "M6gd_8XLarge", "value": "m6gd.8xlarge" }, { "name": "M6gd_Large", "value": "m6gd.large" }, { "name": "M6gd_Medium", "value": "m6gd.medium" }, { "name": "M6gd_Metal", "value": "m6gd.metal" }, { "name": "M6gd_XLarge", "value": "m6gd.xlarge" }, { "name": "M6i_12XLarge", "value": "m6i.12xlarge" }, { "name": "M6i_16XLarge", "value": "m6i.16xlarge" }, { "name": "M6i_24XLarge", "value": "m6i.24xlarge" }, { "name": "M6i_2XLarge", "value": "m6i.2xlarge" }, { "name": "M6i_32XLarge", "value": "m6i.32xlarge" }, { "name": "M6i_4XLarge", "value": "m6i.4xlarge" }, { "name": "M6i_8XLarge", "value": "m6i.8xlarge" }, { "name": "M6i_Large", "value": "m6i.large" }, { "name": "M6i_Metal", "value": "m6i.metal" }, { "name": "M6i_XLarge", "value": "m6i.xlarge" }, { "name": "M6id_12XLarge", "value": "m6id.12xlarge" }, { "name": "M6id_16XLarge", "value": "m6id.16xlarge" }, { "name": "M6id_24XLarge", "value": "m6id.24xlarge" }, { "name": "M6id_2XLarge", "value": "m6id.2xlarge" }, { "name": "M6id_32XLarge", "value": "m6id.32xlarge" }, { "name": "M6id_4XLarge", "value": "m6id.4xlarge" }, { "name": "M6id_8XLarge", "value": "m6id.8xlarge" }, { "name": "M6id_Large", "value": "m6id.large" }, { "name": "M6id_Metal", "value": "m6id.metal" }, { "name": "M6id_XLarge", "value": "m6id.xlarge" }, { "name": "M6idn_12XLarge", "value": "m6idn.12xlarge" }, { "name": "M6idn_16XLarge", "value": "m6idn.16xlarge" }, { "name": "M6idn_24XLarge", "value": "m6idn.24xlarge" }, { "name": "M6idn_2XLarge", "value": "m6idn.2xlarge" }, { "name": "M6idn_32XLarge", "value": "m6idn.32xlarge" }, { "name": "M6idn_4XLarge", "value": "m6idn.4xlarge" }, { "name": "M6idn_8XLarge", "value": "m6idn.8xlarge" }, { "name": "M6idn_Large", "value": "m6idn.large" }, { "name": "M6idn_Metal", "value": "m6idn.metal" }, { "name": "M6idn_XLarge", "value": "m6idn.xlarge" }, { "name": "M6in_12XLarge", "value": "m6in.12xlarge" }, { "name": "M6in_16XLarge", "value": "m6in.16xlarge" }, { "name": "M6in_24XLarge", "value": "m6in.24xlarge" }, { "name": "M6in_2XLarge", "value": "m6in.2xlarge" }, { "name": "M6in_32XLarge", "value": "m6in.32xlarge" }, { "name": "M6in_4XLarge", "value": "m6in.4xlarge" }, { "name": "M6in_8XLarge", "value": "m6in.8xlarge" }, { "name": "M6in_Large", "value": "m6in.large" }, { "name": "M6in_Metal", "value": "m6in.metal" }, { "name": "M6in_XLarge", "value": "m6in.xlarge" }, { "name": "M7a_12XLarge", "value": "m7a.12xlarge" }, { "name": "M7a_16XLarge", "value": "m7a.16xlarge" }, { "name": "M7a_24XLarge", "value": "m7a.24xlarge" }, { "name": "M7a_2XLarge", "value": "m7a.2xlarge" }, { "name": "M7a_32XLarge", "value": "m7a.32xlarge" }, { "name": "M7a_48XLarge", "value": "m7a.48xlarge" }, { "name": "M7a_4XLarge", "value": "m7a.4xlarge" }, { "name": "M7a_8XLarge", "value": "m7a.8xlarge" }, { "name": "M7a_Large", "value": "m7a.large" }, { "name": "M7a_Medium", "value": "m7a.medium" }, { "name": "M7a_Metal_48xl", "value": "m7a.metal-48xl" }, { "name": "M7a_XLarge", "value": "m7a.xlarge" }, { "name": "M7g_12XLarge", "value": "m7g.12xlarge" }, { "name": "M7g_16XLarge", "value": "m7g.16xlarge" }, { "name": "M7g_2XLarge", "value": "m7g.2xlarge" }, { "name": "M7g_4XLarge", "value": "m7g.4xlarge" }, { "name": "M7g_8XLarge", "value": "m7g.8xlarge" }, { "name": "M7g_Large", "value": "m7g.large" }, { "name": "M7g_Medium", "value": "m7g.medium" }, { "name": "M7g_Metal", "value": "m7g.metal" }, { "name": "M7g_XLarge", "value": "m7g.xlarge" }, { "name": "M7gd_12XLarge", "value": "m7gd.12xlarge" }, { "name": "M7gd_16XLarge", "value": "m7gd.16xlarge" }, { "name": "M7gd_2XLarge", "value": "m7gd.2xlarge" }, { "name": "M7gd_4XLarge", "value": "m7gd.4xlarge" }, { "name": "M7gd_8XLarge", "value": "m7gd.8xlarge" }, { "name": "M7gd_Large", "value": "m7gd.large" }, { "name": "M7gd_Medium", "value": "m7gd.medium" }, { "name": "M7gd_Metal", "value": "m7gd.metal" }, { "name": "M7gd_XLarge", "value": "m7gd.xlarge" }, { "name": "M7i_flex_2XLarge", "value": "m7i-flex.2xlarge" }, { "name": "M7i_flex_4XLarge", "value": "m7i-flex.4xlarge" }, { "name": "M7i_flex_8XLarge", "value": "m7i-flex.8xlarge" }, { "name": "M7i_flex_Large", "value": "m7i-flex.large" }, { "name": "M7i_flex_XLarge", "value": "m7i-flex.xlarge" }, { "name": "M7i_12XLarge", "value": "m7i.12xlarge" }, { "name": "M7i_16XLarge", "value": "m7i.16xlarge" }, { "name": "M7i_24XLarge", "value": "m7i.24xlarge" }, { "name": "M7i_2XLarge", "value": "m7i.2xlarge" }, { "name": "M7i_48XLarge", "value": "m7i.48xlarge" }, { "name": "M7i_4XLarge", "value": "m7i.4xlarge" }, { "name": "M7i_8XLarge", "value": "m7i.8xlarge" }, { "name": "M7i_Large", "value": "m7i.large" }, { "name": "M7i_Metal_24xl", "value": "m7i.metal-24xl" }, { "name": "M7i_Metal_48xl", "value": "m7i.metal-48xl" }, { "name": "M7i_XLarge", "value": "m7i.xlarge" }, { "name": "Mac1_Metal", "value": "mac1.metal" }, { "name": "Mac2_m2_Metal", "value": "mac2-m2.metal" }, { "name": "Mac2_m2pro_Metal", "value": "mac2-m2pro.metal" }, { "name": "Mac2_Metal", "value": "mac2.metal" }, { "name": "P2_16XLarge", "value": "p2.16xlarge" }, { "name": "P2_8XLarge", "value": "p2.8xlarge" }, { "name": "P2_XLarge", "value": "p2.xlarge" }, { "name": "P3_16XLarge", "value": "p3.16xlarge" }, { "name": "P3_2XLarge", "value": "p3.2xlarge" }, { "name": "P3_8XLarge", "value": "p3.8xlarge" }, { "name": "P3dn_24XLarge", "value": "p3dn.24xlarge" }, { "name": "P4d_24XLarge", "value": "p4d.24xlarge" }, { "name": "P5_48XLarge", "value": "p5.48xlarge" }, { "name": "R3_2XLarge", "value": "r3.2xlarge" }, { "name": "R3_4XLarge", "value": "r3.4xlarge" }, { "name": "R3_8XLarge", "value": "r3.8xlarge" }, { "name": "R3_Large", "value": "r3.large" }, { "name": "R3_XLarge", "value": "r3.xlarge" }, { "name": "R4_16XLarge", "value": "r4.16xlarge" }, { "name": "R4_2XLarge", "value": "r4.2xlarge" }, { "name": "R4_4XLarge", "value": "r4.4xlarge" }, { "name": "R4_8XLarge", "value": "r4.8xlarge" }, { "name": "R4_Large", "value": "r4.large" }, { "name": "R4_XLarge", "value": "r4.xlarge" }, { "name": "R5_12XLarge", "value": "r5.12xlarge" }, { "name": "R5_16XLarge", "value": "r5.16xlarge" }, { "name": "R5_24XLarge", "value": "r5.24xlarge" }, { "name": "R5_2XLarge", "value": "r5.2xlarge" }, { "name": "R5_4XLarge", "value": "r5.4xlarge" }, { "name": "R5_8XLarge", "value": "r5.8xlarge" }, { "name": "R5_Large", "value": "r5.large" }, { "name": "R5_Metal", "value": "r5.metal" }, { "name": "R5_XLarge", "value": "r5.xlarge" }, { "name": "R5a_12XLarge", "value": "r5a.12xlarge" }, { "name": "R5a_16XLarge", "value": "r5a.16xlarge" }, { "name": "R5a_24XLarge", "value": "r5a.24xlarge" }, { "name": "R5a_2XLarge", "value": "r5a.2xlarge" }, { "name": "R5a_4XLarge", "value": "r5a.4xlarge" }, { "name": "R5a_8XLarge", "value": "r5a.8xlarge" }, { "name": "R5a_Large", "value": "r5a.large" }, { "name": "R5a_XLarge", "value": "r5a.xlarge" }, { "name": "R5ad_12XLarge", "value": "r5ad.12xlarge" }, { "name": "R5ad_16XLarge", "value": "r5ad.16xlarge" }, { "name": "R5ad_24XLarge", "value": "r5ad.24xlarge" }, { "name": "R5ad_2XLarge", "value": "r5ad.2xlarge" }, { "name": "R5ad_4XLarge", "value": "r5ad.4xlarge" }, { "name": "R5ad_8XLarge", "value": "r5ad.8xlarge" }, { "name": "R5ad_Large", "value": "r5ad.large" }, { "name": "R5ad_XLarge", "value": "r5ad.xlarge" }, { "name": "R5b_12XLarge", "value": "r5b.12xlarge" }, { "name": "R5b_16XLarge", "value": "r5b.16xlarge" }, { "name": "R5b_24XLarge", "value": "r5b.24xlarge" }, { "name": "R5b_2XLarge", "value": "r5b.2xlarge" }, { "name": "R5b_4XLarge", "value": "r5b.4xlarge" }, { "name": "R5b_8XLarge", "value": "r5b.8xlarge" }, { "name": "R5b_Large", "value": "r5b.large" }, { "name": "R5b_Metal", "value": "r5b.metal" }, { "name": "R5b_XLarge", "value": "r5b.xlarge" }, { "name": "R5d_12XLarge", "value": "r5d.12xlarge" }, { "name": "R5d_16XLarge", "value": "r5d.16xlarge" }, { "name": "R5d_24XLarge", "value": "r5d.24xlarge" }, { "name": "R5d_2XLarge", "value": "r5d.2xlarge" }, { "name": "R5d_4XLarge", "value": "r5d.4xlarge" }, { "name": "R5d_8XLarge", "value": "r5d.8xlarge" }, { "name": "R5d_Large", "value": "r5d.large" }, { "name": "R5d_Metal", "value": "r5d.metal" }, { "name": "R5d_XLarge", "value": "r5d.xlarge" }, { "name": "R5dn_12XLarge", "value": "r5dn.12xlarge" }, { "name": "R5dn_16XLarge", "value": "r5dn.16xlarge" }, { "name": "R5dn_24XLarge", "value": "r5dn.24xlarge" }, { "name": "R5dn_2XLarge", "value": "r5dn.2xlarge" }, { "name": "R5dn_4XLarge", "value": "r5dn.4xlarge" }, { "name": "R5dn_8XLarge", "value": "r5dn.8xlarge" }, { "name": "R5dn_Large", "value": "r5dn.large" }, { "name": "R5dn_Metal", "value": "r5dn.metal" }, { "name": "R5dn_XLarge", "value": "r5dn.xlarge" }, { "name": "R5n_12XLarge", "value": "r5n.12xlarge" }, { "name": "R5n_16XLarge", "value": "r5n.16xlarge" }, { "name": "R5n_24XLarge", "value": "r5n.24xlarge" }, { "name": "R5n_2XLarge", "value": "r5n.2xlarge" }, { "name": "R5n_4XLarge", "value": "r5n.4xlarge" }, { "name": "R5n_8XLarge", "value": "r5n.8xlarge" }, { "name": "R5n_Large", "value": "r5n.large" }, { "name": "R5n_Metal", "value": "r5n.metal" }, { "name": "R5n_XLarge", "value": "r5n.xlarge" }, { "name": "R6a_12XLarge", "value": "r6a.12xlarge" }, { "name": "R6a_16XLarge", "value": "r6a.16xlarge" }, { "name": "R6a_24XLarge", "value": "r6a.24xlarge" }, { "name": "R6a_2XLarge", "value": "r6a.2xlarge" }, { "name": "R6a_32XLarge", "value": "r6a.32xlarge" }, { "name": "R6a_48XLarge", "value": "r6a.48xlarge" }, { "name": "R6a_4XLarge", "value": "r6a.4xlarge" }, { "name": "R6a_8XLarge", "value": "r6a.8xlarge" }, { "name": "R6a_Large", "value": "r6a.large" }, { "name": "R6a_Metal", "value": "r6a.metal" }, { "name": "R6a_XLarge", "value": "r6a.xlarge" }, { "name": "R6g_12XLarge", "value": "r6g.12xlarge" }, { "name": "R6g_16XLarge", "value": "r6g.16xlarge" }, { "name": "R6g_2XLarge", "value": "r6g.2xlarge" }, { "name": "R6g_4XLarge", "value": "r6g.4xlarge" }, { "name": "R6g_8XLarge", "value": "r6g.8xlarge" }, { "name": "R6g_Large", "value": "r6g.large" }, { "name": "R6g_Medium", "value": "r6g.medium" }, { "name": "R6g_Metal", "value": "r6g.metal" }, { "name": "R6g_XLarge", "value": "r6g.xlarge" }, { "name": "R6gd_12XLarge", "value": "r6gd.12xlarge" }, { "name": "R6gd_16XLarge", "value": "r6gd.16xlarge" }, { "name": "R6gd_2XLarge", "value": "r6gd.2xlarge" }, { "name": "R6gd_4XLarge", "value": "r6gd.4xlarge" }, { "name": "R6gd_8XLarge", "value": "r6gd.8xlarge" }, { "name": "R6gd_Large", "value": "r6gd.large" }, { "name": "R6gd_Medium", "value": "r6gd.medium" }, { "name": "R6gd_Metal", "value": "r6gd.metal" }, { "name": "R6gd_XLarge", "value": "r6gd.xlarge" }, { "name": "R6i_12XLarge", "value": "r6i.12xlarge" }, { "name": "R6i_16XLarge", "value": "r6i.16xlarge" }, { "name": "R6i_24XLarge", "value": "r6i.24xlarge" }, { "name": "R6i_2XLarge", "value": "r6i.2xlarge" }, { "name": "R6i_32XLarge", "value": "r6i.32xlarge" }, { "name": "R6i_4XLarge", "value": "r6i.4xlarge" }, { "name": "R6i_8XLarge", "value": "r6i.8xlarge" }, { "name": "R6i_Large", "value": "r6i.large" }, { "name": "R6i_Metal", "value": "r6i.metal" }, { "name": "R6i_XLarge", "value": "r6i.xlarge" }, { "name": "R6id_12XLarge", "value": "r6id.12xlarge" }, { "name": "R6id_16XLarge", "value": "r6id.16xlarge" }, { "name": "R6id_24XLarge", "value": "r6id.24xlarge" }, { "name": "R6id_2XLarge", "value": "r6id.2xlarge" }, { "name": "R6id_32XLarge", "value": "r6id.32xlarge" }, { "name": "R6id_4XLarge", "value": "r6id.4xlarge" }, { "name": "R6id_8XLarge", "value": "r6id.8xlarge" }, { "name": "R6id_Large", "value": "r6id.large" }, { "name": "R6id_Metal", "value": "r6id.metal" }, { "name": "R6id_XLarge", "value": "r6id.xlarge" }, { "name": "R6idn_12XLarge", "value": "r6idn.12xlarge" }, { "name": "R6idn_16XLarge", "value": "r6idn.16xlarge" }, { "name": "R6idn_24XLarge", "value": "r6idn.24xlarge" }, { "name": "R6idn_2XLarge", "value": "r6idn.2xlarge" }, { "name": "R6idn_32XLarge", "value": "r6idn.32xlarge" }, { "name": "R6idn_4XLarge", "value": "r6idn.4xlarge" }, { "name": "R6idn_8XLarge", "value": "r6idn.8xlarge" }, { "name": "R6idn_Large", "value": "r6idn.large" }, { "name": "R6idn_Metal", "value": "r6idn.metal" }, { "name": "R6idn_XLarge", "value": "r6idn.xlarge" }, { "name": "R6in_12XLarge", "value": "r6in.12xlarge" }, { "name": "R6in_16XLarge", "value": "r6in.16xlarge" }, { "name": "R6in_24XLarge", "value": "r6in.24xlarge" }, { "name": "R6in_2XLarge", "value": "r6in.2xlarge" }, { "name": "R6in_32XLarge", "value": "r6in.32xlarge" }, { "name": "R6in_4XLarge", "value": "r6in.4xlarge" }, { "name": "R6in_8XLarge", "value": "r6in.8xlarge" }, { "name": "R6in_Large", "value": "r6in.large" }, { "name": "R6in_Metal", "value": "r6in.metal" }, { "name": "R6in_XLarge", "value": "r6in.xlarge" }, { "name": "R7a_12XLarge", "value": "r7a.12xlarge" }, { "name": "R7a_16XLarge", "value": "r7a.16xlarge" }, { "name": "R7a_24XLarge", "value": "r7a.24xlarge" }, { "name": "R7a_2XLarge", "value": "r7a.2xlarge" }, { "name": "R7a_32XLarge", "value": "r7a.32xlarge" }, { "name": "R7a_48XLarge", "value": "r7a.48xlarge" }, { "name": "R7a_4XLarge", "value": "r7a.4xlarge" }, { "name": "R7a_8XLarge", "value": "r7a.8xlarge" }, { "name": "R7a_Large", "value": "r7a.large" }, { "name": "R7a_Medium", "value": "r7a.medium" }, { "name": "R7a_Metal_48xl", "value": "r7a.metal-48xl" }, { "name": "R7a_XLarge", "value": "r7a.xlarge" }, { "name": "R7g_12XLarge", "value": "r7g.12xlarge" }, { "name": "R7g_16XLarge", "value": "r7g.16xlarge" }, { "name": "R7g_2XLarge", "value": "r7g.2xlarge" }, { "name": "R7g_4XLarge", "value": "r7g.4xlarge" }, { "name": "R7g_8XLarge", "value": "r7g.8xlarge" }, { "name": "R7g_Large", "value": "r7g.large" }, { "name": "R7g_Medium", "value": "r7g.medium" }, { "name": "R7g_Metal", "value": "r7g.metal" }, { "name": "R7g_XLarge", "value": "r7g.xlarge" }, { "name": "R7gd_12XLarge", "value": "r7gd.12xlarge" }, { "name": "R7gd_16XLarge", "value": "r7gd.16xlarge" }, { "name": "R7gd_2XLarge", "value": "r7gd.2xlarge" }, { "name": "R7gd_4XLarge", "value": "r7gd.4xlarge" }, { "name": "R7gd_8XLarge", "value": "r7gd.8xlarge" }, { "name": "R7gd_Large", "value": "r7gd.large" }, { "name": "R7gd_Medium", "value": "r7gd.medium" }, { "name": "R7gd_Metal", "value": "r7gd.metal" }, { "name": "R7gd_XLarge", "value": "r7gd.xlarge" }, { "name": "R7i_12XLarge", "value": "r7i.12xlarge" }, { "name": "R7i_16XLarge", "value": "r7i.16xlarge" }, { "name": "R7i_24XLarge", "value": "r7i.24xlarge" }, { "name": "R7i_2XLarge", "value": "r7i.2xlarge" }, { "name": "R7i_48XLarge", "value": "r7i.48xlarge" }, { "name": "R7i_4XLarge", "value": "r7i.4xlarge" }, { "name": "R7i_8XLarge", "value": "r7i.8xlarge" }, { "name": "R7i_Large", "value": "r7i.large" }, { "name": "R7i_Metal_24xl", "value": "r7i.metal-24xl" }, { "name": "R7i_Metal_48xl", "value": "r7i.metal-48xl" }, { "name": "R7i_XLarge", "value": "r7i.xlarge" }, { "name": "R7iz_12XLarge", "value": "r7iz.12xlarge" }, { "name": "R7iz_16XLarge", "value": "r7iz.16xlarge" }, { "name": "R7iz_2XLarge", "value": "r7iz.2xlarge" }, { "name": "R7iz_32XLarge", "value": "r7iz.32xlarge" }, { "name": "R7iz_4XLarge", "value": "r7iz.4xlarge" }, { "name": "R7iz_8XLarge", "value": "r7iz.8xlarge" }, { "name": "R7iz_Large", "value": "r7iz.large" }, { "name": "R7iz_Metal_16xl", "value": "r7iz.metal-16xl" }, { "name": "R7iz_Metal_32xl", "value": "r7iz.metal-32xl" }, { "name": "R7iz_XLarge", "value": "r7iz.xlarge" }, { "name": "T1_Micro", "value": "t1.micro" }, { "name": "T2_2XLarge", "value": "t2.2xlarge" }, { "name": "T2_Large", "value": "t2.large" }, { "name": "T2_Medium", "value": "t2.medium" }, { "name": "T2_Micro", "value": "t2.micro" }, { "name": "T2_Nano", "value": "t2.nano" }, { "name": "T2_Small", "value": "t2.small" }, { "name": "T2_XLarge", "value": "t2.xlarge" }, { "name": "T3_2XLarge", "value": "t3.2xlarge" }, { "name": "T3_Large", "value": "t3.large" }, { "name": "T3_Medium", "value": "t3.medium" }, { "name": "T3_Micro", "value": "t3.micro" }, { "name": "T3_Nano", "value": "t3.nano" }, { "name": "T3_Small", "value": "t3.small" }, { "name": "T3_XLarge", "value": "t3.xlarge" }, { "name": "T3a_2XLarge", "value": "t3a.2xlarge" }, { "name": "T3a_Large", "value": "t3a.large" }, { "name": "T3a_Medium", "value": "t3a.medium" }, { "name": "T3a_Micro", "value": "t3a.micro" }, { "name": "T3a_Nano", "value": "t3a.nano" }, { "name": "T3a_Small", "value": "t3a.small" }, { "name": "T3a_XLarge", "value": "t3a.xlarge" }, { "name": "T4g_2XLarge", "value": "t4g.2xlarge" }, { "name": "T4g_Large", "value": "t4g.large" }, { "name": "T4g_Medium", "value": "t4g.medium" }, { "name": "T4g_Micro", "value": "t4g.micro" }, { "name": "T4g_Nano", "value": "t4g.nano" }, { "name": "T4g_Small", "value": "t4g.small" }, { "name": "T4g_XLarge", "value": "t4g.xlarge" }, { "name": "Trn1_2XLarge", "value": "trn1.2xlarge" }, { "name": "Trn1_32XLarge", "value": "trn1.32xlarge" }, { "name": "Trn1n_32XLarge", "value": "trn1n.32xlarge" }, { "name": "U_12tb1_112XLarge", "value": "u-12tb1.112xlarge" }, { "name": "U_18tb1_112XLarge", "value": "u-18tb1.112xlarge" }, { "name": "U_24tb1_112XLarge", "value": "u-24tb1.112xlarge" }, { "name": "U_3tb1_56XLarge", "value": "u-3tb1.56xlarge" }, { "name": "U_6tb1_112XLarge", "value": "u-6tb1.112xlarge" }, { "name": "U_6tb1_56XLarge", "value": "u-6tb1.56xlarge" }, { "name": "U_9tb1_112XLarge", "value": "u-9tb1.112xlarge" }, { "name": "Vt1_24XLarge", "value": "vt1.24xlarge" }, { "name": "Vt1_3XLarge", "value": "vt1.3xlarge" }, { "name": "Vt1_6XLarge", "value": "vt1.6xlarge" }, { "name": "X1_16XLarge", "value": "x1.16xlarge" }, { "name": "X1_32XLarge", "value": "x1.32xlarge" }, { "name": "X1e_16XLarge", "value": "x1e.16xlarge" }, { "name": "X1e_2XLarge", "value": "x1e.2xlarge" }, { "name": "X1e_32XLarge", "value": "x1e.32xlarge" }, { "name": "X1e_4XLarge", "value": "x1e.4xlarge" }, { "name": "X1e_8XLarge", "value": "x1e.8xlarge" }, { "name": "X1e_XLarge", "value": "x1e.xlarge" }, { "name": "X2gd_12XLarge", "value": "x2gd.12xlarge" }, { "name": "X2gd_16XLarge", "value": "x2gd.16xlarge" }, { "name": "X2gd_2XLarge", "value": "x2gd.2xlarge" }, { "name": "X2gd_4XLarge", "value": "x2gd.4xlarge" }, { "name": "X2gd_8XLarge", "value": "x2gd.8xlarge" }, { "name": "X2gd_Large", "value": "x2gd.large" }, { "name": "X2gd_Medium", "value": "x2gd.medium" }, { "name": "X2gd_Metal", "value": "x2gd.metal" }, { "name": "X2gd_XLarge", "value": "x2gd.xlarge" }, { "name": "X2idn_16XLarge", "value": "x2idn.16xlarge" }, { "name": "X2idn_24XLarge", "value": "x2idn.24xlarge" }, { "name": "X2idn_32XLarge", "value": "x2idn.32xlarge" }, { "name": "X2idn_Metal", "value": "x2idn.metal" }, { "name": "X2iedn_16XLarge", "value": "x2iedn.16xlarge" }, { "name": "X2iedn_24XLarge", "value": "x2iedn.24xlarge" }, { "name": "X2iedn_2XLarge", "value": "x2iedn.2xlarge" }, { "name": "X2iedn_32XLarge", "value": "x2iedn.32xlarge" }, { "name": "X2iedn_4XLarge", "value": "x2iedn.4xlarge" }, { "name": "X2iedn_8XLarge", "value": "x2iedn.8xlarge" }, { "name": "X2iedn_Metal", "value": "x2iedn.metal" }, { "name": "X2iedn_XLarge", "value": "x2iedn.xlarge" }, { "name": "X2iezn_12XLarge", "value": "x2iezn.12xlarge" }, { "name": "X2iezn_2XLarge", "value": "x2iezn.2xlarge" }, { "name": "X2iezn_4XLarge", "value": "x2iezn.4xlarge" }, { "name": "X2iezn_6XLarge", "value": "x2iezn.6xlarge" }, { "name": "X2iezn_8XLarge", "value": "x2iezn.8xlarge" }, { "name": "X2iezn_Metal", "value": "x2iezn.metal" }, { "name": "Z1d_12XLarge", "value": "z1d.12xlarge" }, { "name": "Z1d_2XLarge", "value": "z1d.2xlarge" }, { "name": "Z1d_3XLarge", "value": "z1d.3xlarge" }, { "name": "Z1d_6XLarge", "value": "z1d.6xlarge" }, { "name": "Z1d_Large", "value": "z1d.large" }, { "name": "Z1d_Metal", "value": "z1d.metal" }, { "name": "Z1d_XLarge", "value": "z1d.xlarge" }, { "name": "U_12tb1Metal", "value": "u-12tb1.metal", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "U_6tb1Metal", "value": "u-6tb1.metal", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "U_9tb1Metal", "value": "u-9tb1.metal", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "Hs1_8XLarge", "value": "hs1.8xlarge", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "M5as_XLarge", "value": "m5ad.xlarge", "deprecationMessage": "Has a typo, use M5ad_XLarge instead" }, { "name": "C7a_Metal", "value": "c7a.metal-48xl", "deprecationMessage": "Use C7a_Metal_48xl instead" }, { "name": "M7a_Metal", "value": "m7a.metal-48xl", "deprecationMessage": "Use M7a_Metal_48xl instead" }, { "name": "Cc2_8XLarge", "value": "cc2.8xlarge", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "G2_2XLarge", "value": "g2.2xlarge", "deprecationMessage": "This instancetype has been deprecated" }, { "name": "G2_8XLarge", "value": "g2.8xlarge", "deprecationMessage": "This instancetype has been deprecated" } ] }, "aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "noDevice": { "type": "boolean", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "snapshotId", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "willReplaceOnChanges": true }, "noDevice": { "type": "boolean", "willReplaceOnChanges": true }, "virtualName": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ] }, "aws:ec2/LaunchConfigurationMetadataOptions:LaunchConfigurationMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "The state of the metadata service: `enabled`, `disabled`.\n", "willReplaceOnChanges": true }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests.\n", "willReplaceOnChanges": true }, "httpTokens": { "type": "string", "description": "If session tokens are required: `optional`, `required`.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ] } } }, "aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encrypted", "iops", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "The name of the device to mount.\n" }, "ebs": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMappingEbs:LaunchTemplateBlockDeviceMappingEbs", "description": "Configure EBS volume properties.\n" }, "noDevice": { "type": "string", "description": "Suppresses the specified device included in the AMI's block device mapping.\n" }, "virtualName": { "type": "string", "description": "The [Instance Store Device\nName](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames)\n(e.g., `\"ephemeral0\"`).\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateBlockDeviceMappingEbs:LaunchTemplateBlockDeviceMappingEbs": { "properties": { "deleteOnTermination": { "type": "string", "description": "Whether the volume should be destroyed on instance termination.\nSee [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/preserving-volumes-on-termination.html) for more information.\n" }, "encrypted": { "type": "string", "description": "Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume.\nCannot be used with `snapshot_id`.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html).\nThis must be set with a `volume_type` of `\"io1/io2/gp3\"`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume.\n`encrypted` must be set to `true` when this is set.\n" }, "snapshotId": { "type": "string", "description": "The Snapshot ID to mount.\n" }, "throughput": { "type": "integer", "description": "The throughput to provision for a `gp3` volume in MiB/s (specified as an integer, e.g., 500), with a maximum of 1,000 MiB/s.\n" }, "volumeSize": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "volumeType": { "type": "string", "description": "The volume type.\nCan be one of `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification": { "properties": { "capacityReservationPreference": { "type": "string", "description": "Indicates the instance's Capacity Reservation preferences. Can be `open` or `none`. (Default `none`).\n" }, "capacityReservationTarget": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget", "description": "Used to target a specific Capacity Reservation:\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget": { "properties": { "capacityReservationId": { "type": "string", "description": "The ID of the Capacity Reservation in which to run the instance.\n" }, "capacityReservationResourceGroupArn": { "type": "string", "description": "The ARN of the Capacity Reservation resource group in which to run the instance.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions": { "properties": { "amdSevSnp": { "type": "string", "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`.\n" }, "coreCount": { "type": "integer", "description": "The number of CPU cores for the instance.\n" }, "threadsPerCore": { "type": "integer", "description": "The number of threads per CPU core.\nTo disable Intel Hyper-Threading Technology for the instance, specify a value of 1.\nOtherwise, specify the default value of 2.\n\nBoth number of CPU cores and threads per core must be specified. Valid number of CPU cores and threads per core for the instance type can be found in the [CPU Options Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html?shortFooter=true#cpu-options-supported-instances-values)\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "The credit option for CPU usage.\nCan be `standard` or `unlimited`.\nT3 instances are launched as `unlimited` by default.\nT2 instances are launched as `standard` by default.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification": { "properties": { "type": { "type": "string", "description": "The [Elastic GPU Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-graphics.html#elastic-graphics-basics)\n" } }, "type": "object", "required": [ "type" ] }, "aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator": { "properties": { "type": { "type": "string", "description": "Accelerator type.\n" } }, "type": "object", "required": [ "type" ] }, "aws:ec2/LaunchTemplateEnclaveOptions:LaunchTemplateEnclaveOptions": { "properties": { "enabled": { "type": "boolean", "description": "If set to `true`, Nitro Enclaves will be enabled on the instance.\n\nFor more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html).\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions": { "properties": { "configured": { "type": "boolean", "description": "If set to `true`, the launched EC2 instance will hibernation enabled.\n" } }, "type": "object", "required": [ "configured" ] }, "aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the instance profile. Conflicts with `name`.\n" }, "name": { "type": "string", "description": "The name of the instance profile.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions": { "properties": { "marketType": { "type": "string", "description": "The market type. Can be `spot`.\n" }, "spotOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptionsSpotOptions:LaunchTemplateInstanceMarketOptionsSpotOptions", "description": "The options for [Spot Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html)\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceMarketOptionsSpotOptions:LaunchTemplateInstanceMarketOptionsSpotOptions": { "properties": { "blockDurationMinutes": { "type": "integer", "description": "The required duration in minutes. This value must be a multiple of 60.\n" }, "instanceInterruptionBehavior": { "type": "string", "description": "The behavior when a Spot Instance is interrupted. Can be `hibernate`,\n`stop`, or `terminate`. (Default: `terminate`).\n" }, "maxPrice": { "type": "string", "description": "The maximum hourly price you're willing to pay for the Spot Instances.\n" }, "spotInstanceType": { "type": "string", "description": "The Spot Instance request type. Can be `one-time`, or `persistent`.\n" }, "validUntil": { "type": "string", "description": "The end date of the request.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "validUntil" ] } } }, "aws:ec2/LaunchTemplateInstanceRequirements:LaunchTemplateInstanceRequirements": { "properties": { "acceleratorCount": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsAcceleratorCount:LaunchTemplateInstanceRequirementsAcceleratorCount", "description": "Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum.\n" }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator manufacturer names. Default is any manufacturer.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* nvidia\n* xilinx\n```\n" }, "acceleratorNames": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator names. Default is any acclerator.\n\n```\nValid names:\n* a100 - NVIDIA A100 GPUs\n* v100 - NVIDIA V100 GPUs\n* k80 - NVIDIA K80 GPUs\n* t4 - NVIDIA T4 GPUs\n* m60 - NVIDIA M60 GPUs\n* radeon-pro-v520 - AMD Radeon Pro V520 GPUs\n* vu9p - Xilinx VU9P FPGAs\n```\n" }, "acceleratorTotalMemoryMib": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib:LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib", "description": "Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum.\n" }, "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator types. Default is any accelerator type.\n\n```\nValid types:\n* fpga\n* gpu\n* inference\n```\n" }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types.\n\n\u003e **NOTE:** If you specify `allowed_instance_types`, you can't specify `excluded_instance_types`.\n" }, "bareMetal": { "type": "string", "description": "Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "baselineEbsBandwidthMbps": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps:LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps", "description": "Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum.\n" }, "burstablePerformance": { "type": "string", "description": "Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`.\n" }, "cpuManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of CPU manufacturer names. Default is any manufacturer.\n\n\u003e **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* intel\n```\n" }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types.\n\n\u003e **NOTE:** If you specify `excluded_instance_types`, you can't specify `allowed_instance_types`.\n" }, "instanceGenerations": { "type": "array", "items": { "type": "string" }, "description": "List of instance generation names. Default is any generation.\n\n```\nValid names:\n* current - Recommended for best performance.\n* previous - For existing applications optimized for older instance types.\n```\n" }, "localStorage": { "type": "string", "description": "Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`.\n" }, "localStorageTypes": { "type": "array", "items": { "type": "string" }, "description": "List of local storage type names. Default any storage type.\n\n```\nValue names:\n* hdd - hard disk drive\n* ssd - solid state drive\n```\n" }, "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spot_max_price_percentage_over_lowest_price`\n" }, "memoryGibPerVcpu": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsMemoryGibPerVcpu:LaunchTemplateInstanceRequirementsMemoryGibPerVcpu", "description": "Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum.\n" }, "memoryMib": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsMemoryMib:LaunchTemplateInstanceRequirementsMemoryMib", "description": "Block describing the minimum and maximum amount of memory (MiB). Default is no maximum.\n" }, "networkBandwidthGbps": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsNetworkBandwidthGbps:LaunchTemplateInstanceRequirementsNetworkBandwidthGbps", "description": "Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum.\n" }, "networkInterfaceCount": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsNetworkInterfaceCount:LaunchTemplateInstanceRequirementsNetworkInterfaceCount", "description": "Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum.\n" }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20.\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n" }, "requireHibernateSupport": { "type": "boolean", "description": "Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`.\n" }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `max_spot_price_as_percentage_of_optimal_on_demand_price`\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n" }, "totalLocalStorageGb": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsTotalLocalStorageGb:LaunchTemplateInstanceRequirementsTotalLocalStorageGb", "description": "Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum.\n" }, "vcpuCount": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirementsVcpuCount:LaunchTemplateInstanceRequirementsVcpuCount", "description": "Block describing the minimum and maximum number of vCPUs. Default is no maximum.\n" } }, "type": "object", "required": [ "memoryMib", "vcpuCount" ] }, "aws:ec2/LaunchTemplateInstanceRequirementsAcceleratorCount:LaunchTemplateInstanceRequirementsAcceleratorCount": { "properties": { "max": { "type": "integer", "description": "Maximum. Set to `0` to exclude instance types with accelerators.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib:LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps:LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsMemoryGibPerVcpu:LaunchTemplateInstanceRequirementsMemoryGibPerVcpu": { "properties": { "max": { "type": "number", "description": "Maximum. May be a decimal number, e.g. `0.5`.\n" }, "min": { "type": "number", "description": "Minimum. May be a decimal number, e.g. `0.5`.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsMemoryMib:LaunchTemplateInstanceRequirementsMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "min" ] }, "aws:ec2/LaunchTemplateInstanceRequirementsNetworkBandwidthGbps:LaunchTemplateInstanceRequirementsNetworkBandwidthGbps": { "properties": { "max": { "type": "number", "description": "Maximum.\n" }, "min": { "type": "number", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsNetworkInterfaceCount:LaunchTemplateInstanceRequirementsNetworkInterfaceCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsTotalLocalStorageGb:LaunchTemplateInstanceRequirementsTotalLocalStorageGb": { "properties": { "max": { "type": "number", "description": "Maximum. May be a decimal number, e.g. `0.5`.\n" }, "min": { "type": "number", "description": "Minimum. May be a decimal number, e.g. `0.5`.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateInstanceRequirementsVcpuCount:LaunchTemplateInstanceRequirementsVcpuCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n" }, "min": { "type": "integer", "description": "Minimum.\n" } }, "type": "object", "required": [ "min" ] }, "aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification": { "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n" } }, "type": "object", "required": [ "licenseConfigurationArn" ] }, "aws:ec2/LaunchTemplateMaintenanceOptions:LaunchTemplateMaintenanceOptions": { "properties": { "autoRecovery": { "type": "string", "description": "Disables the automatic recovery behavior of your instance or sets it to default. Can be `\"default\"` or `\"disabled\"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"` or `\"disabled\"`. (Default: `\"enabled\"`).\n" }, "httpProtocolIpv6": { "type": "string", "description": "Enables or disables the IPv6 endpoint for the instance metadata service. Can be `\"enabled\"` or `\"disabled\"`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`).\n" }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `\"optional\"` or `\"required\"`. (Default: `\"optional\"`).\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Can be `\"enabled\"` or `\"disabled\"`.\n\nFor more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpEndpoint", "httpProtocolIpv6", "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ] } } }, "aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring": { "properties": { "enabled": { "type": "boolean", "description": "If `true`, the launched EC2 instance will have detailed monitoring enabled.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface": { "properties": { "associateCarrierIpAddress": { "type": "string", "description": "Associate a Carrier IP address with `eth0` for a new network interface.\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface.\nBoolean value, can be left unset.\n" }, "associatePublicIpAddress": { "type": "string", "description": "Associate a public ip address with the network interface.\nBoolean value, can be left unset.\n" }, "deleteOnTermination": { "type": "string", "description": "Whether the network interface should be destroyed on instance termination.\n" }, "description": { "type": "string", "description": "Description of the network interface.\n" }, "deviceIndex": { "type": "integer", "description": "The integer index of the network interface attachment.\n" }, "interfaceType": { "type": "string", "description": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa`.\n" }, "ipv4AddressCount": { "type": "integer", "description": "The number of secondary private IPv4 addresses to assign to a network interface. Conflicts with `ipv4_addresses`\n" }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more private IPv4 addresses to associate. Conflicts with `ipv4_address_count`\n" }, "ipv4PrefixCount": { "type": "integer", "description": "The number of IPv4 prefixes to be automatically assigned to the network interface. Conflicts with `ipv4_prefixes`\n" }, "ipv4Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 prefixes to be assigned to the network interface. Conflicts with `ipv4_prefix_count`\n" }, "ipv6AddressCount": { "type": "integer", "description": "The number of IPv6 addresses to assign to a network interface. Conflicts with `ipv6_addresses`\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Conflicts with `ipv6_address_count`\n" }, "ipv6PrefixCount": { "type": "integer", "description": "The number of IPv6 prefixes to be automatically assigned to the network interface. Conflicts with `ipv6_prefixes`\n" }, "ipv6Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv6 prefixes to be assigned to the network interface. Conflicts with `ipv6_prefix_count`\n" }, "networkCardIndex": { "type": "integer", "description": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach.\n" }, "primaryIpv6": { "type": "string" }, "privateIpAddress": { "type": "string", "description": "The primary private IPv4 address.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate.\n" }, "subnetId": { "type": "string", "description": "The VPC Subnet ID to associate.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement": { "properties": { "affinity": { "type": "string", "description": "The affinity setting for an instance on a Dedicated Host.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the instance.\n" }, "groupName": { "type": "string", "description": "The name of the placement group for the instance.\n" }, "hostId": { "type": "string", "description": "The ID of the Dedicated Host for the instance.\n" }, "hostResourceGroupArn": { "type": "string", "description": "The ARN of the Host Resource Group in which to launch instances.\n" }, "partitionNumber": { "type": "integer", "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.\n" }, "spreadDomain": { "type": "string", "description": "Reserved for future use.\n" }, "tenancy": { "type": "string", "description": "The tenancy of the instance (if the instance is running in a VPC). Can be `default`, `dedicated`, or `host`.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplatePrivateDnsNameOptions:LaunchTemplatePrivateDnsNameOptions": { "properties": { "enableResourceNameDnsARecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.\n" }, "enableResourceNameDnsAaaaRecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.\n" }, "hostnameType": { "type": "string", "description": "The type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`.\n" } }, "type": "object" }, "aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification": { "properties": { "resourceType": { "type": "string", "description": "The type of resource to tag.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "type": "object" }, "aws:ec2/ManagedPrefixListEntry:ManagedPrefixListEntry": { "properties": { "cidr": { "type": "string", "description": "CIDR block of this entry.\n" }, "description": { "type": "string", "description": "Description of this entry. Due to API limitations, updating only the description of an existing entry requires temporarily removing and re-adding the entry.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:ec2/NetworkAclEgress:NetworkAclEgress": { "properties": { "action": { "type": "string", "description": "The action to take.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n\n\u003e Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml\n" }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n" }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/NetworkAclIngress:NetworkAclIngress": { "properties": { "action": { "type": "string", "description": "The action to take.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block to match. This must be a\nvalid network mask.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "integer", "description": "The ICMP type code to be used. Default 0.\n\n\u003e Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml\n" }, "icmpType": { "type": "integer", "description": "The ICMP type to be used. Default 0.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block.\n" }, "protocol": { "type": "string", "description": "The protocol to match. If using the -1 'all'\nprotocol, you must specify a from and to port of 0.\n" }, "ruleNo": { "type": "integer", "description": "The rule number. Used for ordering.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "type": "object", "required": [ "action", "fromPort", "protocol", "ruleNo", "toPort" ] }, "aws:ec2/NetworkInsightsAnalysisAlternatePathHint:NetworkInsightsAnalysisAlternatePathHint": { "properties": { "componentArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the component.\n" }, "componentId": { "type": "string", "description": "The ID of the component.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "componentArn", "componentId" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanation:NetworkInsightsAnalysisExplanation": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationAclRule:NetworkInsightsAnalysisExplanationAclRule" } }, "acls": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationAcl:NetworkInsightsAnalysisExplanationAcl" } }, "address": { "type": "string" }, "addresses": { "type": "array", "items": { "type": "string" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationAttachedTo:NetworkInsightsAnalysisExplanationAttachedTo" } }, "availabilityZones": { "type": "array", "items": { "type": "string" } }, "cidrs": { "type": "array", "items": { "type": "string" } }, "classicLoadBalancerListeners": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationClassicLoadBalancerListener:NetworkInsightsAnalysisExplanationClassicLoadBalancerListener" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationComponent:NetworkInsightsAnalysisExplanationComponent" } }, "customerGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationCustomerGateway:NetworkInsightsAnalysisExplanationCustomerGateway" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationDestinationVpc:NetworkInsightsAnalysisExplanationDestinationVpc" } }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationDestination:NetworkInsightsAnalysisExplanationDestination" } }, "direction": { "type": "string" }, "elasticLoadBalancerListeners": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationElasticLoadBalancerListener:NetworkInsightsAnalysisExplanationElasticLoadBalancerListener" } }, "explanationCode": { "type": "string" }, "ingressRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationIngressRouteTable:NetworkInsightsAnalysisExplanationIngressRouteTable" } }, "internetGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationInternetGateway:NetworkInsightsAnalysisExplanationInternetGateway" } }, "loadBalancerArn": { "type": "string" }, "loadBalancerListenerPort": { "type": "integer" }, "loadBalancerTargetGroup": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup" } }, "loadBalancerTargetGroups": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup" } }, "loadBalancerTargetPort": { "type": "integer" }, "missingComponent": { "type": "string" }, "natGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationNatGateway:NetworkInsightsAnalysisExplanationNatGateway" } }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationNetworkInterface:NetworkInsightsAnalysisExplanationNetworkInterface" } }, "packetField": { "type": "string" }, "port": { "type": "integer" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationPortRange:NetworkInsightsAnalysisExplanationPortRange" } }, "prefixLists": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationPrefixList:NetworkInsightsAnalysisExplanationPrefixList" } }, "protocols": { "type": "array", "items": { "type": "string" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationRouteTableRoute:NetworkInsightsAnalysisExplanationRouteTableRoute" } }, "routeTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationRouteTable:NetworkInsightsAnalysisExplanationRouteTable" } }, "securityGroup": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroup:NetworkInsightsAnalysisExplanationSecurityGroup" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroupRule:NetworkInsightsAnalysisExplanationSecurityGroupRule" } }, "securityGroups": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroup:NetworkInsightsAnalysisExplanationSecurityGroup" } }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSourceVpc:NetworkInsightsAnalysisExplanationSourceVpc" } }, "state": { "type": "string" }, "subnetRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSubnetRouteTable:NetworkInsightsAnalysisExplanationSubnetRouteTable" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSubnet:NetworkInsightsAnalysisExplanationSubnet" } }, "transitGatewayAttachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayAttachment:NetworkInsightsAnalysisExplanationTransitGatewayAttachment" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute:NetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute" } }, "transitGatewayRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayRouteTable:NetworkInsightsAnalysisExplanationTransitGatewayRouteTable" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationTransitGateway:NetworkInsightsAnalysisExplanationTransitGateway" } }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationVpcEndpoint:NetworkInsightsAnalysisExplanationVpcEndpoint" } }, "vpcPeeringConnections": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationVpcPeeringConnection:NetworkInsightsAnalysisExplanationVpcPeeringConnection" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationVpc:NetworkInsightsAnalysisExplanationVpc" } }, "vpnConnections": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationVpnConnection:NetworkInsightsAnalysisExplanationVpnConnection" } }, "vpnGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationVpnGateway:NetworkInsightsAnalysisExplanationVpnGateway" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aclRules", "acls", "address", "addresses", "attachedTos", "availabilityZones", "cidrs", "classicLoadBalancerListeners", "components", "customerGateways", "destinationVpcs", "destinations", "direction", "elasticLoadBalancerListeners", "explanationCode", "ingressRouteTables", "internetGateways", "loadBalancerArn", "loadBalancerListenerPort", "loadBalancerTargetGroup", "loadBalancerTargetGroups", "loadBalancerTargetPort", "missingComponent", "natGateways", "networkInterfaces", "packetField", "port", "portRanges", "prefixLists", "protocols", "routeTableRoutes", "routeTables", "securityGroup", "securityGroupRules", "securityGroups", "sourceVpcs", "state", "subnetRouteTables", "subnets", "transitGatewayAttachments", "transitGatewayRouteTableRoutes", "transitGatewayRouteTables", "transitGateways", "vpcEndpoints", "vpcPeeringConnections", "vpcs", "vpnConnections", "vpnGateways" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationAcl:NetworkInsightsAnalysisExplanationAcl": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationAclRule:NetworkInsightsAnalysisExplanationAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationAclRulePortRange:NetworkInsightsAnalysisExplanationAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationAclRulePortRange:NetworkInsightsAnalysisExplanationAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationAttachedTo:NetworkInsightsAnalysisExplanationAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationClassicLoadBalancerListener:NetworkInsightsAnalysisExplanationClassicLoadBalancerListener": { "properties": { "instancePort": { "type": "integer" }, "loadBalancerPort": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "instancePort", "loadBalancerPort" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationComponent:NetworkInsightsAnalysisExplanationComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationCustomerGateway:NetworkInsightsAnalysisExplanationCustomerGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationDestination:NetworkInsightsAnalysisExplanationDestination": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationDestinationVpc:NetworkInsightsAnalysisExplanationDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationElasticLoadBalancerListener:NetworkInsightsAnalysisExplanationElasticLoadBalancerListener": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationIngressRouteTable:NetworkInsightsAnalysisExplanationIngressRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationInternetGateway:NetworkInsightsAnalysisExplanationInternetGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationNatGateway:NetworkInsightsAnalysisExplanationNatGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationNetworkInterface:NetworkInsightsAnalysisExplanationNetworkInterface": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationPortRange:NetworkInsightsAnalysisExplanationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationPrefixList:NetworkInsightsAnalysisExplanationPrefixList": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationRouteTable:NetworkInsightsAnalysisExplanationRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationRouteTableRoute:NetworkInsightsAnalysisExplanationRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroup:NetworkInsightsAnalysisExplanationSecurityGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroupRule:NetworkInsightsAnalysisExplanationSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroupRulePortRange:NetworkInsightsAnalysisExplanationSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSecurityGroupRulePortRange:NetworkInsightsAnalysisExplanationSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSourceVpc:NetworkInsightsAnalysisExplanationSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSubnet:NetworkInsightsAnalysisExplanationSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationSubnetRouteTable:NetworkInsightsAnalysisExplanationSubnetRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationTransitGateway:NetworkInsightsAnalysisExplanationTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayAttachment:NetworkInsightsAnalysisExplanationTransitGatewayAttachment": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayRouteTable:NetworkInsightsAnalysisExplanationTransitGatewayRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute:NetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationVpc:NetworkInsightsAnalysisExplanationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationVpcEndpoint:NetworkInsightsAnalysisExplanationVpcEndpoint": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationVpcPeeringConnection:NetworkInsightsAnalysisExplanationVpcPeeringConnection": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationVpnConnection:NetworkInsightsAnalysisExplanationVpnConnection": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisExplanationVpnGateway:NetworkInsightsAnalysisExplanationVpnGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponent:NetworkInsightsAnalysisForwardPathComponent": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentAclRule:NetworkInsightsAnalysisForwardPathComponentAclRule" } }, "additionalDetails": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentAdditionalDetail:NetworkInsightsAnalysisForwardPathComponentAdditionalDetail" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentAttachedTo:NetworkInsightsAnalysisForwardPathComponentAttachedTo" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentComponent:NetworkInsightsAnalysisForwardPathComponentComponent" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentDestinationVpc:NetworkInsightsAnalysisForwardPathComponentDestinationVpc" } }, "inboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeader:NetworkInsightsAnalysisForwardPathComponentInboundHeader" } }, "outboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeader:NetworkInsightsAnalysisForwardPathComponentOutboundHeader" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentRouteTableRoute:NetworkInsightsAnalysisForwardPathComponentRouteTableRoute" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentSecurityGroupRule:NetworkInsightsAnalysisForwardPathComponentSecurityGroupRule" } }, "sequenceNumber": { "type": "integer" }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentSourceVpc:NetworkInsightsAnalysisForwardPathComponentSourceVpc" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentSubnet:NetworkInsightsAnalysisForwardPathComponentSubnet" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute:NetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentTransitGateway:NetworkInsightsAnalysisForwardPathComponentTransitGateway" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentVpc:NetworkInsightsAnalysisForwardPathComponentVpc" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aclRules", "additionalDetails", "attachedTos", "components", "destinationVpcs", "inboundHeaders", "outboundHeaders", "routeTableRoutes", "securityGroupRules", "sequenceNumber", "sourceVpcs", "subnets", "transitGatewayRouteTableRoutes", "transitGateways", "vpcs" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentAclRule:NetworkInsightsAnalysisForwardPathComponentAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentAclRulePortRange:NetworkInsightsAnalysisForwardPathComponentAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentAclRulePortRange:NetworkInsightsAnalysisForwardPathComponentAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentAdditionalDetail:NetworkInsightsAnalysisForwardPathComponentAdditionalDetail": { "properties": { "additionalDetailType": { "type": "string" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent:NetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "additionalDetailType", "components" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent:NetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentAttachedTo:NetworkInsightsAnalysisForwardPathComponentAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentComponent:NetworkInsightsAnalysisForwardPathComponentComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentDestinationVpc:NetworkInsightsAnalysisForwardPathComponentDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeader:NetworkInsightsAnalysisForwardPathComponentInboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange:NetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange:NetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange:NetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange:NetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeader:NetworkInsightsAnalysisForwardPathComponentOutboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange:NetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange:NetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange:NetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange:NetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentRouteTableRoute:NetworkInsightsAnalysisForwardPathComponentRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentSecurityGroupRule:NetworkInsightsAnalysisForwardPathComponentSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange:NetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange:NetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentSourceVpc:NetworkInsightsAnalysisForwardPathComponentSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentSubnet:NetworkInsightsAnalysisForwardPathComponentSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentTransitGateway:NetworkInsightsAnalysisForwardPathComponentTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute:NetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ] } } }, "aws:ec2/NetworkInsightsAnalysisForwardPathComponentVpc:NetworkInsightsAnalysisForwardPathComponentVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponent:NetworkInsightsAnalysisReturnPathComponent": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentAclRule:NetworkInsightsAnalysisReturnPathComponentAclRule" } }, "additionalDetails": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentAdditionalDetail:NetworkInsightsAnalysisReturnPathComponentAdditionalDetail" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentAttachedTo:NetworkInsightsAnalysisReturnPathComponentAttachedTo" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentComponent:NetworkInsightsAnalysisReturnPathComponentComponent" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentDestinationVpc:NetworkInsightsAnalysisReturnPathComponentDestinationVpc" } }, "inboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeader:NetworkInsightsAnalysisReturnPathComponentInboundHeader" } }, "outboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeader:NetworkInsightsAnalysisReturnPathComponentOutboundHeader" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentRouteTableRoute:NetworkInsightsAnalysisReturnPathComponentRouteTableRoute" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentSecurityGroupRule:NetworkInsightsAnalysisReturnPathComponentSecurityGroupRule" } }, "sequenceNumber": { "type": "integer" }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentSourceVpc:NetworkInsightsAnalysisReturnPathComponentSourceVpc" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentSubnet:NetworkInsightsAnalysisReturnPathComponentSubnet" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute:NetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentTransitGateway:NetworkInsightsAnalysisReturnPathComponentTransitGateway" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentVpc:NetworkInsightsAnalysisReturnPathComponentVpc" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aclRules", "additionalDetails", "attachedTos", "components", "destinationVpcs", "inboundHeaders", "outboundHeaders", "routeTableRoutes", "securityGroupRules", "sequenceNumber", "sourceVpcs", "subnets", "transitGatewayRouteTableRoutes", "transitGateways", "vpcs" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentAclRule:NetworkInsightsAnalysisReturnPathComponentAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentAclRulePortRange:NetworkInsightsAnalysisReturnPathComponentAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentAclRulePortRange:NetworkInsightsAnalysisReturnPathComponentAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentAdditionalDetail:NetworkInsightsAnalysisReturnPathComponentAdditionalDetail": { "properties": { "additionalDetailType": { "type": "string" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent:NetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "additionalDetailType", "components" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent:NetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentAttachedTo:NetworkInsightsAnalysisReturnPathComponentAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentComponent:NetworkInsightsAnalysisReturnPathComponentComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentDestinationVpc:NetworkInsightsAnalysisReturnPathComponentDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeader:NetworkInsightsAnalysisReturnPathComponentInboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange:NetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange:NetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange:NetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange:NetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeader:NetworkInsightsAnalysisReturnPathComponentOutboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange:NetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange:NetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange:NetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange:NetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentRouteTableRoute:NetworkInsightsAnalysisReturnPathComponentRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentSecurityGroupRule:NetworkInsightsAnalysisReturnPathComponentSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange:NetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange:NetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "from", "to" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentSourceVpc:NetworkInsightsAnalysisReturnPathComponentSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentSubnet:NetworkInsightsAnalysisReturnPathComponentSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentTransitGateway:NetworkInsightsAnalysisReturnPathComponentTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute:NetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ] } } }, "aws:ec2/NetworkInsightsAnalysisReturnPathComponentVpc:NetworkInsightsAnalysisReturnPathComponentVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "id": { "type": "string", "description": "ID of the Network Insights Analysis.\n" }, "name": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name" ] } } }, "aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment": { "properties": { "attachmentId": { "type": "string" }, "deviceIndex": { "type": "integer", "description": "Integer to define the devices index.\n" }, "instance": { "type": "string", "description": "ID of the instance to attach to.\n" } }, "type": "object", "required": [ "deviceIndex", "instance" ], "language": { "nodejs": { "requiredOutputs": [ "attachmentId", "deviceIndex", "instance" ] } } }, "aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.\n" } }, "type": "object" }, "aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.\n" } }, "type": "object" }, "aws:ec2/PlacementStrategy:PlacementStrategy": { "description": "The strategy of the placement group determines how the instances are organized within the group.\nSee https://docs.aws.amazon.com/cli/latest/reference/ec2/create-placement-group.html", "type": "string", "enum": [ { "name": "Spread", "description": "A `spread` placement group places instances on distinct hardware.", "value": "spread" }, { "name": "Cluster", "description": "A `cluster` placement group is a logical grouping of instances within a single\nAvailability Zone that benefit from low network latency, high network throughput.", "value": "cluster" } ] }, "aws:ec2/ProtocolType:ProtocolType": { "type": "string", "enum": [ { "name": "All", "value": "all" }, { "name": "TCP", "value": "tcp" }, { "name": "UDP", "value": "udp" }, { "name": "ICMP", "value": "icmp" } ] }, "aws:ec2/RouteTableRoute:RouteTableRoute": { "properties": { "carrierGatewayId": { "type": "string", "description": "Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.\n" }, "cidrBlock": { "type": "string", "description": "The CIDR block of the route.\n" }, "coreNetworkArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a core network.\n" }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination of the route.\n\nOne of the following target arguments must be supplied:\n" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway, virtual private gateway, or `local`. `local` routes cannot be created but can be adopted or imported. See the example above.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The Ipv6 CIDR block of the route.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of a Outpost local gateway.\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of a VPC Endpoint.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n\nNote that the default route, mapping the VPC's CIDR block to \"local\", is created implicitly and cannot be specified.\n" } }, "type": "object" }, "aws:ec2/SecurityGroupEgress:SecurityGroupEgress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n" }, "description": { "type": "string", "description": "Description of this egress rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is `icmp`)\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of Prefix List IDs.\n" }, "protocol": { "type": "string", "description": "Protocol. If you select a protocol of `-1` (semantically equivalent to `all`, which is not a valid value here), you must specify a `from_port` and `to_port` equal to 0. The supported values are defined in the `IpProtocol` argument in the [IpPermission](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IpPermission.html) API reference.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this egress rule.\n" }, "toPort": { "type": "integer", "description": "End range port (or ICMP code if protocol is `icmp`).\n\nThe following arguments are optional:\n\n\u003e **Note** Although `cidr_blocks`, `ipv6_cidr_blocks`, `prefix_list_ids`, and `security_groups` are all marked as optional, you _must_ provide one of them in order to configure the destination of the traffic.\n" } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/SecurityGroupIngress:SecurityGroupIngress": { "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks.\n" }, "description": { "type": "string", "description": "Description of this ingress rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is `icmp` or `icmpv6`).\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of Prefix List IDs.\n" }, "protocol": { "type": "string", "description": "Protocol. If you select a protocol of `-1` (semantically equivalent to `all`, which is not a valid value here), you must specify a `from_port` and `to_port` equal to 0. The supported values are defined in the `IpProtocol` argument on the [IpPermission](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IpPermission.html) API reference.\n\nThe following arguments are optional:\n\n\u003e **Note** Although `cidr_blocks`, `ipv6_cidr_blocks`, `prefix_list_ids`, and `security_groups` are all marked as optional, you _must_ provide one of them in order to configure the source of the traffic.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this ingress rule.\n" }, "toPort": { "type": "integer", "description": "End range port (or ICMP code if protocol is `icmp`).\n" } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ] }, "aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification": { "properties": { "ami": { "type": "string", "willReplaceOnChanges": true }, "associatePublicIpAddress": { "type": "boolean" }, "availabilityZone": { "type": "string", "description": "The availability zone in which to place the request.\n", "willReplaceOnChanges": true }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationEbsBlockDevice:SpotFleetRequestLaunchSpecificationEbsBlockDevice" } }, "ebsOptimized": { "type": "boolean" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationEphemeralBlockDevice:SpotFleetRequestLaunchSpecificationEphemeralBlockDevice" }, "willReplaceOnChanges": true }, "iamInstanceProfile": { "type": "string", "willReplaceOnChanges": true }, "iamInstanceProfileArn": { "type": "string", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to request.\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "willReplaceOnChanges": true }, "monitoring": { "type": "boolean" }, "placementGroup": { "type": "string", "willReplaceOnChanges": true }, "placementTenancy": { "type": "string", "willReplaceOnChanges": true }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecificationRootBlockDevice:SpotFleetRequestLaunchSpecificationRootBlockDevice" } }, "spotPrice": { "type": "string", "description": "The maximum bid price per unit hour.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The subnet in which to launch the requested instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" } }, "weightedCapacity": { "type": "string", "description": "The capacity added to the fleet by a fulfilled request.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "ami", "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ami", "availabilityZone", "ebsBlockDevices", "ephemeralBlockDevices", "instanceType", "keyName", "placementGroup", "rootBlockDevices", "subnetId", "vpcSecurityGroupIds" ] } } }, "aws:ec2/SpotFleetRequestLaunchSpecificationEbsBlockDevice:SpotFleetRequestLaunchSpecificationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotFleetRequestLaunchSpecificationEphemeralBlockDevice:SpotFleetRequestLaunchSpecificationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string" }, "virtualName": { "type": "string" } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:ec2/SpotFleetRequestLaunchSpecificationRootBlockDevice:SpotFleetRequestLaunchSpecificationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encrypted", "iops", "kmsKeyId", "throughput", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig": { "properties": { "launchTemplateSpecification": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification:SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification", "description": "Launch template specification. See Launch Template Specification below for more details.\n" }, "overrides": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverride:SpotFleetRequestLaunchTemplateConfigOverride" }, "description": "One or more override configurations. See Overrides below for more details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "launchTemplateSpecification" ] }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification:SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification": { "properties": { "id": { "type": "string", "description": "The ID of the launch template. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the launch template. Conflicts with `id`.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Template version. Unlike the autoscaling equivalent, does not support `$Latest` or `$Default`, so use the launch_template resource's attribute, e.g., `\"${aws_launch_template.foo.latest_version}\"`. It will use the default version if omitted.\n\n**Note:** The specified launch template can specify only a subset of the\ninputs of `aws.ec2.LaunchTemplate`. There are limitations on\nwhat you can specify as spot fleet does not support all the attributes that are supported by autoscaling groups. [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#launch-templates-spot-fleet) is currently sparse, but at least `instance_initiated_shutdown_behavior` is confirmed unsupported.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverride:SpotFleetRequestLaunchTemplateConfigOverride": { "properties": { "availabilityZone": { "type": "string", "description": "The availability zone in which to place the request.\n", "willReplaceOnChanges": true }, "instanceRequirements": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirements:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirements", "description": "The instance requirements. See below.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to request.\n", "willReplaceOnChanges": true }, "priority": { "type": "number", "description": "The priority for the launch template override. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority.\n", "willReplaceOnChanges": true }, "spotPrice": { "type": "string", "description": "The maximum spot bid for this override request.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The subnet in which to launch the requested instance.\n", "willReplaceOnChanges": true }, "weightedCapacity": { "type": "number", "description": "The capacity added to the fleet by a fulfilled request.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "priority", "spotPrice", "subnetId", "weightedCapacity" ] } } }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirements:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirements": { "properties": { "acceleratorCount": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount", "description": "Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator manufacturer names. Default is any manufacturer.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* nvidia\n* xilinx\n```\n", "willReplaceOnChanges": true }, "acceleratorNames": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator names. Default is any acclerator.\n\n```\nValid names:\n* a100 - NVIDIA A100 GPUs\n* v100 - NVIDIA V100 GPUs\n* k80 - NVIDIA K80 GPUs\n* t4 - NVIDIA T4 GPUs\n* m60 - NVIDIA M60 GPUs\n* radeon-pro-v520 - AMD Radeon Pro V520 GPUs\n* vu9p - Xilinx VU9P FPGAs\n```\n", "willReplaceOnChanges": true }, "acceleratorTotalMemoryMib": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib", "description": "Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "List of accelerator types. Default is any accelerator type.\n\n```\nValid types:\n* fpga\n* gpu\n* inference\n```\n", "willReplaceOnChanges": true }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types.\n\n\u003e **NOTE:** If you specify `allowed_instance_types`, you can't specify `excluded_instance_types`.\n", "willReplaceOnChanges": true }, "bareMetal": { "type": "string", "description": "Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`.\n", "willReplaceOnChanges": true }, "baselineEbsBandwidthMbps": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps", "description": "Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "burstablePerformance": { "type": "string", "description": "Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`.\n", "willReplaceOnChanges": true }, "cpuManufacturers": { "type": "array", "items": { "type": "string" }, "description": "List of CPU manufacturer names. Default is any manufacturer.\n\n\u003e **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template.\n\n```\nValid names:\n* amazon-web-services\n* amd\n* intel\n```\n", "willReplaceOnChanges": true }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types.\n\n\u003e **NOTE:** If you specify `excluded_instance_types`, you can't specify `allowed_instance_types`.\n", "willReplaceOnChanges": true }, "instanceGenerations": { "type": "array", "items": { "type": "string" }, "description": "List of instance generation names. Default is any generation.\n\n```\nValid names:\n* current - Recommended for best performance.\n* previous - For existing applications optimized for older instance types.\n```\n", "willReplaceOnChanges": true }, "localStorage": { "type": "string", "description": "Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`.\n", "willReplaceOnChanges": true }, "localStorageTypes": { "type": "array", "items": { "type": "string" }, "description": "List of local storage type names. Default any storage type.\n\n```\nValue names:\n* hdd - hard disk drive\n* ssd - solid state drive\n```\n", "willReplaceOnChanges": true }, "memoryGibPerVcpu": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu", "description": "Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "memoryMib": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib", "description": "Block describing the minimum and maximum amount of memory (MiB). Default is no maximum.\n", "willReplaceOnChanges": true }, "networkBandwidthGbps": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps", "description": "Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "networkInterfaceCount": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount", "description": "Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20.\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n", "willReplaceOnChanges": true }, "requireHibernateSupport": { "type": "boolean", "description": "Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`.\n", "willReplaceOnChanges": true }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer", "description": "The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100.\n\nIf you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price.\n", "willReplaceOnChanges": true }, "totalLocalStorageGb": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb", "description": "Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum.\n", "willReplaceOnChanges": true }, "vcpuCount": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount", "description": "Block describing the minimum and maximum number of vCPUs. Default is no maximum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount": { "properties": { "max": { "type": "integer", "description": "Maximum. Set to `0` to exclude instance types with accelerators.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps": { "properties": { "max": { "type": "integer", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu": { "properties": { "max": { "type": "number", "description": "Maximum. May be a decimal number, e.g. `0.5`.\n", "willReplaceOnChanges": true }, "min": { "type": "number", "description": "Minimum. May be a decimal number, e.g. `0.5`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib": { "properties": { "max": { "type": "integer", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps": { "properties": { "max": { "type": "number", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "number", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb": { "properties": { "max": { "type": "number", "description": "Maximum. May be a decimal number, e.g. `0.5`.\n", "willReplaceOnChanges": true }, "min": { "type": "number", "description": "Minimum. May be a decimal number, e.g. `0.5`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount:SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount": { "properties": { "max": { "type": "integer", "description": "Maximum.\n", "willReplaceOnChanges": true }, "min": { "type": "integer", "description": "Minimum.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotFleetRequestSpotMaintenanceStrategies:SpotFleetRequestSpotMaintenanceStrategies": { "properties": { "capacityRebalance": { "$ref": "#/types/aws:ec2/SpotFleetRequestSpotMaintenanceStrategiesCapacityRebalance:SpotFleetRequestSpotMaintenanceStrategiesCapacityRebalance", "description": "Nested argument containing the capacity rebalance for your fleet request. Defined below.\n" } }, "type": "object" }, "aws:ec2/SpotFleetRequestSpotMaintenanceStrategiesCapacityRebalance:SpotFleetRequestSpotMaintenanceStrategiesCapacityRebalance": { "properties": { "replacementStrategy": { "type": "string", "description": "The replacement strategy to use. Only available for spot fleets with `fleet_type` set to `maintain`. Valid values: `launch`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/SpotInstanceRequestCapacityReservationSpecification:SpotInstanceRequestCapacityReservationSpecification": { "properties": { "capacityReservationPreference": { "type": "string", "description": "Indicates the instance's Capacity Reservation preferences. Can be `\"open\"` or `\"none\"`. (Default: `\"open\"`).\n" }, "capacityReservationTarget": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCapacityReservationSpecificationCapacityReservationTarget:SpotInstanceRequestCapacityReservationSpecificationCapacityReservationTarget", "description": "Information about the target Capacity Reservation. See Capacity Reservation Target below for more details.\n\nFor more information, see the documentation on [Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html).\n" } }, "type": "object" }, "aws:ec2/SpotInstanceRequestCapacityReservationSpecificationCapacityReservationTarget:SpotInstanceRequestCapacityReservationSpecificationCapacityReservationTarget": { "properties": { "capacityReservationId": { "type": "string", "description": "ID of the Capacity Reservation in which to run the instance.\n" }, "capacityReservationResourceGroupArn": { "type": "string", "description": "ARN of the Capacity Reservation resource group in which to run the instance.\n" } }, "type": "object" }, "aws:ec2/SpotInstanceRequestCpuOptions:SpotInstanceRequestCpuOptions": { "properties": { "amdSevSnp": { "type": "string", "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`.\n", "willReplaceOnChanges": true }, "coreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "willReplaceOnChanges": true }, "threadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n\nFor more information, see the documentation on [Optimizing CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "amdSevSnp", "coreCount", "threadsPerCore" ] } } }, "aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification": { "properties": { "cpuCredits": { "type": "string", "description": "Credit option for CPU usage. Valid values include `standard` or `unlimited`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default.\n" } }, "type": "object" }, "aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed on instance termination. Defaults to `true`.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "Name of the device to mount.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. Defaults to `false`. Cannot be used with `snapshot_id`. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volume_type of `io1`, `io2` or `gp3`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "Snapshot ID to mount.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the device.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" }, "throughput": { "type": "integer", "description": "Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volume_type` of `gp3`.\n", "willReplaceOnChanges": true }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "Size of the volume in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`.\n\n\u003e **NOTE:** Currently, changes to the `ebs_block_device` configuration of _existing_ resources cannot be automatically detected by this provider. To manage changes and attachments of an EBS block to an instance, use the `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources instead. If you use `ebs_block_device` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, treating additional block devices as drift. For this reason, `ebs_block_device` cannot be mixed with external `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources for a given instance.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "tagsAll", "throughput", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/SpotInstanceRequestEnclaveOptions:SpotInstanceRequestEnclaveOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`.\n\nFor more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Name of the block device to mount on the instance.\n" }, "noDevice": { "type": "boolean", "description": "Suppresses the specified device included in the AMI's block device mapping.\n" }, "virtualName": { "type": "string", "description": "[Instance Store Device Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`).\n\nEach AWS Instance type has a different set of Instance Store block devices available for attachment. AWS [publishes a list](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes) of which ephemeral devices are available on each type. The devices are always identified by the `virtual_name` in the format `ephemeral{0..N}`.\n" } }, "type": "object", "required": [ "deviceName" ] }, "aws:ec2/SpotInstanceRequestLaunchTemplate:SpotInstanceRequestLaunchTemplate": { "properties": { "id": { "type": "string", "description": "ID of the launch template. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the launch template. Conflicts with `id`.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Template version. Can be a specific version number, `$Latest` or `$Default`. The default value is `$Default`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "name" ] } } }, "aws:ec2/SpotInstanceRequestMaintenanceOptions:SpotInstanceRequestMaintenanceOptions": { "properties": { "autoRecovery": { "type": "string", "description": "Automatic recovery behavior of the Instance. Can be `\"default\"` or `\"disabled\"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoRecovery" ] } } }, "aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions": { "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Valid values include `enabled` or `disabled`. Defaults to `enabled`.\n" }, "httpProtocolIpv6": { "type": "string", "description": "Whether the IPv6 endpoint for the instance metadata service is enabled. Defaults to `disabled`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from `1` to `64`. Defaults to `1`.\n" }, "httpTokens": { "type": "string", "description": "Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Valid values include `optional` or `required`. Defaults to `optional`.\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Valid values include `enabled` or `disabled`. Defaults to `disabled`.\n\nFor more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ] } } }, "aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance.\n", "willReplaceOnChanges": true }, "deviceIndex": { "type": "integer", "description": "Integer index of the network interface attachment. Limited by instance type.\n", "willReplaceOnChanges": true }, "networkCardIndex": { "type": "integer", "description": "Integer index of the network card. Limited by instance type. The default index is `0`.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "ID of the network interface to attach.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceIndex", "networkInterfaceId" ] }, "aws:ec2/SpotInstanceRequestPrivateDnsNameOptions:SpotInstanceRequestPrivateDnsNameOptions": { "properties": { "enableResourceNameDnsARecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.\n" }, "enableResourceNameDnsAaaaRecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.\n" }, "hostnameType": { "type": "string", "description": "Type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enableResourceNameDnsARecord", "enableResourceNameDnsAaaaRecord", "hostnameType" ] } } }, "aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the volume should be destroyed on instance termination. Defaults to `true`.\n" }, "deviceName": { "type": "string" }, "encrypted": { "type": "boolean", "description": "Whether to enable volume encryption. Defaults to `false`. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volume_type of `io1`, `io2` or `gp3`.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the device.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" }, "throughput": { "type": "integer", "description": "Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volume_type` of `gp3`.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "Size of the volume in gibibytes (GiB).\n" }, "volumeType": { "type": "string", "description": "Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to the volume type that the AMI uses.\n\nModifying the `encrypted` or `kms_key_id` settings of the `root_block_device` requires resource replacement.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "deviceName", "encrypted", "iops", "kmsKeyId", "tagsAll", "throughput", "volumeId", "volumeSize", "volumeType" ] } } }, "aws:ec2/Tenancy:Tenancy": { "type": "string", "enum": [ { "name": "Default", "value": "default" }, { "name": "Dedicated", "value": "dedicated" } ] }, "aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange": { "properties": { "fromPort": { "type": "integer", "description": "Starting port of the range\n" }, "toPort": { "type": "integer", "description": "Ending port of the range\n" } }, "type": "object" }, "aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange": { "properties": { "fromPort": { "type": "integer", "description": "Starting port of the range\n" }, "toPort": { "type": "integer", "description": "Ending port of the range\n" } }, "type": "object" }, "aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry": { "properties": { "dnsName": { "type": "string", "description": "The DNS name.\n" }, "hostedZoneId": { "type": "string", "description": "The ID of the private hosted zone.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "hostedZoneId" ] } } }, "aws:ec2/VpcEndpointDnsOptions:VpcEndpointDnsOptions": { "properties": { "dnsRecordIpType": { "type": "string", "description": "The DNS records created for the endpoint. Valid values are `ipv4`, `dualstack`, `service-defined`, and `ipv6`.\n" }, "privateDnsOnlyForInboundResolverEndpoint": { "type": "boolean", "description": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is `false`. Can only be specified if private_dns_enabled is `true`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsRecordIpType" ] } } }, "aws:ec2/VpcEndpointServicePrivateDnsNameConfiguration:VpcEndpointServicePrivateDnsNameConfiguration": { "properties": { "name": { "type": "string", "description": "Name of the record subdomain the service provider needs to create.\n" }, "state": { "type": "string", "description": "Verification state of the VPC endpoint service. Consumers of the endpoint service can use the private name only when the state is `verified`.\n" }, "type": { "type": "string", "description": "Endpoint service verification type, for example `TXT`.\n" }, "value": { "type": "string", "description": "Value the service provider adds to the private DNS name domain record before verification.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name", "state", "type", "value" ] } } }, "aws:ec2/VpcEndpointSubnetConfiguration:VpcEndpointSubnetConfiguration": { "properties": { "ipv4": { "type": "string", "description": "The IPv4 address to assign to the endpoint network interface in the subnet. You must provide an IPv4 address if the VPC endpoint supports IPv4.\n" }, "ipv6": { "type": "string", "description": "The IPv6 address to assign to the endpoint network interface in the subnet. You must provide an IPv6 address if the VPC endpoint supports IPv6.\n" }, "subnetId": { "type": "string" } }, "type": "object" }, "aws:ec2/VpcIpamOperatingRegion:VpcIpamOperatingRegion": { "properties": { "regionName": { "type": "string", "description": "The name of the Region you want to add to the IPAM.\n" } }, "type": "object", "required": [ "regionName" ] }, "aws:ec2/VpcIpamPoolCidrCidrAuthorizationContext:VpcIpamPoolCidrCidrAuthorizationContext": { "properties": { "message": { "type": "string", "description": "The plain-text authorization message for the prefix and account.\n", "willReplaceOnChanges": true }, "signature": { "type": "string", "description": "The signed authorization message for the prefix and account.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2/VpcIpamResourceDiscoveryOperatingRegion:VpcIpamResourceDiscoveryOperatingRegion": { "properties": { "regionName": { "type": "string", "description": "The name of the Region you want to add to the IPAM.\n" } }, "type": "object", "required": [ "regionName" ] }, "aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC.\n" } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Indicates whether a local VPC can resolve public DNS hostnames to\nprivate IP addresses when queried from instances in a peer VPC.\n" } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Indicates whether a local VPC can resolve public DNS hostnames to\nprivate IP addresses when queried from instances in a peer VPC.\n" } }, "type": "object" }, "aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester": { "properties": { "allowRemoteVpcDnsResolution": { "type": "boolean", "description": "Allow a local VPC to resolve public DNS hostnames to\nprivate IP addresses when queried from instances in the peer VPC.\n" } }, "type": "object" }, "aws:ec2/VpnConnectionRoute:VpnConnectionRoute": { "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer data center.\n" }, "source": { "type": "string", "description": "Indicates how the routes were provided.\n" }, "state": { "type": "string", "description": "The current state of the static route.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destinationCidrBlock", "source", "state" ] } } }, "aws:ec2/VpnConnectionTunnel1LogOptions:VpnConnectionTunnel1LogOptions": { "properties": { "cloudwatchLogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel1LogOptionsCloudwatchLogOptions:VpnConnectionTunnel1LogOptionsCloudwatchLogOptions", "description": "Options for sending VPN tunnel logs to CloudWatch. See CloudWatch Log Options below for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLogOptions" ] } } }, "aws:ec2/VpnConnectionTunnel1LogOptionsCloudwatchLogOptions:VpnConnectionTunnel1LogOptionsCloudwatchLogOptions": { "properties": { "logEnabled": { "type": "boolean", "description": "Enable or disable VPN tunnel logging feature. The default is `false`.\n" }, "logGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.\n" }, "logOutputFormat": { "type": "string", "description": "Set log format. Default format is json. Possible values are: `json` and `text`. The default is `json`.\n" } }, "type": "object" }, "aws:ec2/VpnConnectionTunnel2LogOptions:VpnConnectionTunnel2LogOptions": { "properties": { "cloudwatchLogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel2LogOptionsCloudwatchLogOptions:VpnConnectionTunnel2LogOptionsCloudwatchLogOptions", "description": "Options for sending VPN tunnel logs to CloudWatch. See CloudWatch Log Options below for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLogOptions" ] } } }, "aws:ec2/VpnConnectionTunnel2LogOptionsCloudwatchLogOptions:VpnConnectionTunnel2LogOptionsCloudwatchLogOptions": { "properties": { "logEnabled": { "type": "boolean", "description": "Enable or disable VPN tunnel logging feature. The default is `false`.\n" }, "logGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.\n" }, "logOutputFormat": { "type": "string", "description": "Set log format. Default format is json. Possible values are: `json` and `text`. The default is `json`.\n" } }, "type": "object" }, "aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry": { "properties": { "acceptedRouteCount": { "type": "integer", "description": "The number of accepted routes.\n" }, "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.\n" }, "lastStatusChange": { "type": "string", "description": "The date and time of the last change in status.\n" }, "outsideIpAddress": { "type": "string", "description": "The Internet-routable IP address of the virtual private gateway's outside interface.\n" }, "status": { "type": "string", "description": "The status of the VPN tunnel.\n" }, "statusMessage": { "type": "string", "description": "If an error occurs, a description of the error.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "acceptedRouteCount", "certificateArn", "lastStatusChange", "outsideIpAddress", "status", "statusMessage" ] } } }, "aws:ec2/getAmiBlockDeviceMapping:getAmiBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "Physical name of the device.\n" }, "ebs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map containing EBS information, if the device is EBS based. Unlike most object attributes, these are accessed directly (e.g., `ebs.volume_size` or `ebs[\"volume_size\"]`) rather than accessed through the first element of a list (e.g., `ebs[0].volume_size`).\n" }, "noDevice": { "type": "string", "description": "Suppresses the specified device included in the block device mapping of the AMI.\n" }, "virtualName": { "type": "string", "description": "Virtual device name (for instance stores).\n" } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getAmiFilter:getAmiFilter": { "properties": { "name": { "type": "string", "description": "Name of the AMI that was provided during image creation.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getAmiIdsFilter:getAmiIdsFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getAmiProductCode:getAmiProductCode": { "properties": { "productCodeId": { "type": "string" }, "productCodeType": { "type": "string" } }, "type": "object", "required": [ "productCodeId", "productCodeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getCoipPoolFilter:getCoipPoolFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA COIP Pool will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA COIP Pool will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getDedicatedHostFilter:getDedicatedHostFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. A host will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getEipsFilter:getEipsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. An Elastic IP will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getElasticIpFilter:getElasticIpFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceCreditSpecification:getInstanceCreditSpecification": { "properties": { "cpuCredits": { "type": "string" } }, "type": "object", "required": [ "cpuCredits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceEbsBlockDevice:getInstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "If the root block device will be deleted on termination.\n" }, "deviceName": { "type": "string", "description": "Physical name of the device.\n" }, "encrypted": { "type": "boolean", "description": "If the EBS volume is encrypted.\n" }, "iops": { "type": "integer", "description": "`0` If the volume is not a provisioned IOPS image, otherwise the supported IOPS count.\n" }, "kmsKeyId": { "type": "string" }, "snapshotId": { "type": "string", "description": "ID of the snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Instance.\n" }, "throughput": { "type": "integer", "description": "Throughput of the volume, in MiB/s.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n" }, "volumeType": { "type": "string", "description": "Type of the volume.\n" } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "kmsKeyId", "snapshotId", "tags", "throughput", "volumeId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceEnclaveOption:getInstanceEnclaveOption": { "properties": { "enabled": { "type": "boolean", "description": "Whether Nitro Enclaves are enabled.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceEphemeralBlockDevice:getInstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Physical name of the device.\n" }, "noDevice": { "type": "boolean", "description": "Whether the specified device included in the device mapping was suppressed or not (Boolean).\n" }, "virtualName": { "type": "string", "description": "Virtual device name.\n" } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceFilter:getInstanceFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceMaintenanceOption:getInstanceMaintenanceOption": { "properties": { "autoRecovery": { "type": "string", "description": "Automatic recovery behavior of the instance.\n" } }, "type": "object", "required": [ "autoRecovery" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceMetadataOption:getInstanceMetadataOption": { "properties": { "httpEndpoint": { "type": "string", "description": "State of the metadata service: `enabled`, `disabled`.\n" }, "httpProtocolIpv6": { "type": "string", "description": "Whether the IPv6 endpoint for the instance metadata service is `enabled` or `disabled`\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "Desired HTTP PUT response hop limit for instance metadata requests.\n" }, "httpTokens": { "type": "string", "description": "If session tokens are required: `optional`, `required`.\n" }, "instanceMetadataTags": { "type": "string", "description": "If access to instance tags is allowed from the metadata service: `enabled`, `disabled`.\n" } }, "type": "object", "required": [ "httpEndpoint", "httpProtocolIpv6", "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstancePrivateDnsNameOption:getInstancePrivateDnsNameOption": { "properties": { "enableResourceNameDnsARecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.\n" }, "enableResourceNameDnsAaaaRecord": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.\n" }, "hostnameType": { "type": "string", "description": "Type of hostname for EC2 instances.\n" } }, "type": "object", "required": [ "enableResourceNameDnsARecord", "enableResourceNameDnsAaaaRecord", "hostnameType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceRootBlockDevice:getInstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "If the root block device will be deleted on termination.\n" }, "deviceName": { "type": "string", "description": "Physical name of the device.\n" }, "encrypted": { "type": "boolean", "description": "If the EBS volume is encrypted.\n" }, "iops": { "type": "integer", "description": "`0` If the volume is not a provisioned IOPS image, otherwise the supported IOPS count.\n" }, "kmsKeyId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Instance.\n" }, "throughput": { "type": "integer", "description": "Throughput of the volume, in MiB/s.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n" }, "volumeType": { "type": "string", "description": "Type of the volume.\n" } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "kmsKeyId", "tags", "throughput", "volumeId", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeFpga:getInstanceTypeFpga": { "properties": { "count": { "type": "integer" }, "manufacturer": { "type": "string" }, "memorySize": { "type": "integer", "description": "Size of the instance memory, in MiB.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "count", "manufacturer", "memorySize", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeGpus:getInstanceTypeGpus": { "properties": { "count": { "type": "integer" }, "manufacturer": { "type": "string" }, "memorySize": { "type": "integer", "description": "Size of the instance memory, in MiB.\n" }, "name": { "type": "string" } }, "type": "object", "required": [ "count", "manufacturer", "memorySize", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeInferenceAccelerator:getInstanceTypeInferenceAccelerator": { "properties": { "count": { "type": "integer" }, "manufacturer": { "type": "string" }, "name": { "type": "string" } }, "type": "object", "required": [ "count", "manufacturer", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeInstanceDisk:getInstanceTypeInstanceDisk": { "properties": { "count": { "type": "integer" }, "size": { "type": "integer" }, "type": { "type": "string" } }, "type": "object", "required": [ "count", "size", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter. The `location` filter depends on the top-level `location_type` argument and if not specified, defaults to the current region.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter. The `location` filter depends on the top-level `location_type` argument and if not specified, defaults to the current region.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstanceTypesFilter:getInstanceTypesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInstancesFilter:getInstancesFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getInternetGatewayAttachment:getInternetGatewayAttachment": { "properties": { "state": { "type": "string", "description": "Current state of the attachment between the gateway and the VPC. Present only if a VPC is attached\n" }, "vpcId": { "type": "string", "description": "ID of an attached VPC.\n" } }, "type": "object", "required": [ "state", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn Internet Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getKeyPairFilter:getKeyPairFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeKeyPairs API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLaunchConfigurationEbsBlockDevice:getLaunchConfigurationEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the EBS Volume will be deleted on instance termination.\n" }, "deviceName": { "type": "string", "description": "Name of the device.\n" }, "encrypted": { "type": "boolean", "description": "Whether the volume is Encrypted.\n" }, "iops": { "type": "integer", "description": "Provisioned IOPs of the volume.\n" }, "noDevice": { "type": "boolean", "description": "Whether the device in the block device mapping of the AMI is suppressed.\n" }, "snapshotId": { "type": "string", "description": "Snapshot ID of the mount.\n" }, "throughput": { "type": "integer", "description": "Throughput of the volume.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume.\n" }, "volumeType": { "type": "string", "description": "Type of the volume.\n" } }, "type": "object", "required": [ "deleteOnTermination", "deviceName", "encrypted", "iops", "noDevice", "snapshotId", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchConfigurationEphemeralBlockDevice:getLaunchConfigurationEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string", "description": "Name of the device.\n" }, "virtualName": { "type": "string", "description": "Virtual Name of the device.\n" } }, "type": "object", "required": [ "deviceName", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchConfigurationMetadataOption:getLaunchConfigurationMetadataOption": { "properties": { "httpEndpoint": { "type": "string", "description": "State of the metadata service: `enabled`, `disabled`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests.\n" }, "httpTokens": { "type": "string", "description": "If session tokens are required: `optional`, `required`.\n" } }, "type": "object", "required": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchConfigurationRootBlockDevice:getLaunchConfigurationRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether the EBS Volume will be deleted on instance termination.\n" }, "encrypted": { "type": "boolean", "description": "Whether the volume is Encrypted.\n" }, "iops": { "type": "integer", "description": "Provisioned IOPs of the volume.\n" }, "throughput": { "type": "integer", "description": "Throughput of the volume.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume.\n" }, "volumeType": { "type": "string", "description": "Type of the volume.\n" } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateBlockDeviceMapping:getLaunchTemplateBlockDeviceMapping": { "properties": { "deviceName": { "type": "string" }, "ebs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateBlockDeviceMappingEb:getLaunchTemplateBlockDeviceMappingEb" } }, "noDevice": { "type": "string" }, "virtualName": { "type": "string" } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateBlockDeviceMappingEb:getLaunchTemplateBlockDeviceMappingEb": { "properties": { "deleteOnTermination": { "type": "string" }, "encrypted": { "type": "string" }, "iops": { "type": "integer" }, "kmsKeyId": { "type": "string" }, "snapshotId": { "type": "string" }, "throughput": { "type": "integer" }, "volumeSize": { "type": "integer" }, "volumeType": { "type": "string" } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "kmsKeyId", "snapshotId", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateCapacityReservationSpecification:getLaunchTemplateCapacityReservationSpecification": { "properties": { "capacityReservationPreference": { "type": "string" }, "capacityReservationTargets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:getLaunchTemplateCapacityReservationSpecificationCapacityReservationTarget" } } }, "type": "object", "required": [ "capacityReservationPreference", "capacityReservationTargets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateCapacityReservationSpecificationCapacityReservationTarget:getLaunchTemplateCapacityReservationSpecificationCapacityReservationTarget": { "properties": { "capacityReservationId": { "type": "string" }, "capacityReservationResourceGroupArn": { "type": "string" } }, "type": "object", "required": [ "capacityReservationId", "capacityReservationResourceGroupArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateCpuOption:getLaunchTemplateCpuOption": { "properties": { "amdSevSnp": { "type": "string" }, "coreCount": { "type": "integer" }, "threadsPerCore": { "type": "integer" } }, "type": "object", "required": [ "amdSevSnp", "coreCount", "threadsPerCore" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateCreditSpecification:getLaunchTemplateCreditSpecification": { "properties": { "cpuCredits": { "type": "string" } }, "type": "object", "required": [ "cpuCredits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateElasticGpuSpecification:getLaunchTemplateElasticGpuSpecification": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateElasticInferenceAccelerator:getLaunchTemplateElasticInferenceAccelerator": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateEnclaveOption:getLaunchTemplateEnclaveOption": { "properties": { "enabled": { "type": "boolean" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLaunchTemplateHibernationOption:getLaunchTemplateHibernationOption": { "properties": { "configured": { "type": "boolean" } }, "type": "object", "required": [ "configured" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateIamInstanceProfile:getLaunchTemplateIamInstanceProfile": { "properties": { "arn": { "type": "string" }, "name": { "type": "string", "description": "Name of the launch template.\n" } }, "type": "object", "required": [ "arn", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceMarketOption:getLaunchTemplateInstanceMarketOption": { "properties": { "marketType": { "type": "string" }, "spotOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceMarketOptionSpotOption:getLaunchTemplateInstanceMarketOptionSpotOption" } } }, "type": "object", "required": [ "marketType", "spotOptions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceMarketOptionSpotOption:getLaunchTemplateInstanceMarketOptionSpotOption": { "properties": { "blockDurationMinutes": { "type": "integer" }, "instanceInterruptionBehavior": { "type": "string" }, "maxPrice": { "type": "string" }, "spotInstanceType": { "type": "string" }, "validUntil": { "type": "string" } }, "type": "object", "required": [ "blockDurationMinutes", "instanceInterruptionBehavior", "maxPrice", "spotInstanceType", "validUntil" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirement:getLaunchTemplateInstanceRequirement": { "properties": { "acceleratorCounts": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementAcceleratorCount:getLaunchTemplateInstanceRequirementAcceleratorCount" } }, "acceleratorManufacturers": { "type": "array", "items": { "type": "string" } }, "acceleratorNames": { "type": "array", "items": { "type": "string" } }, "acceleratorTotalMemoryMibs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementAcceleratorTotalMemoryMib:getLaunchTemplateInstanceRequirementAcceleratorTotalMemoryMib" } }, "acceleratorTypes": { "type": "array", "items": { "type": "string" } }, "allowedInstanceTypes": { "type": "array", "items": { "type": "string" } }, "bareMetal": { "type": "string" }, "baselineEbsBandwidthMbps": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementBaselineEbsBandwidthMbp:getLaunchTemplateInstanceRequirementBaselineEbsBandwidthMbp" } }, "burstablePerformance": { "type": "string" }, "cpuManufacturers": { "type": "array", "items": { "type": "string" } }, "excludedInstanceTypes": { "type": "array", "items": { "type": "string" } }, "instanceGenerations": { "type": "array", "items": { "type": "string" } }, "localStorage": { "type": "string" }, "localStorageTypes": { "type": "array", "items": { "type": "string" } }, "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "type": "integer" }, "memoryGibPerVcpus": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementMemoryGibPerVcpus:getLaunchTemplateInstanceRequirementMemoryGibPerVcpus" } }, "memoryMibs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementMemoryMib:getLaunchTemplateInstanceRequirementMemoryMib" } }, "networkBandwidthGbps": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementNetworkBandwidthGbp:getLaunchTemplateInstanceRequirementNetworkBandwidthGbp" } }, "networkInterfaceCounts": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementNetworkInterfaceCount:getLaunchTemplateInstanceRequirementNetworkInterfaceCount" } }, "onDemandMaxPricePercentageOverLowestPrice": { "type": "integer" }, "requireHibernateSupport": { "type": "boolean" }, "spotMaxPricePercentageOverLowestPrice": { "type": "integer" }, "totalLocalStorageGbs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementTotalLocalStorageGb:getLaunchTemplateInstanceRequirementTotalLocalStorageGb" } }, "vcpuCounts": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirementVcpuCount:getLaunchTemplateInstanceRequirementVcpuCount" } } }, "type": "object", "required": [ "acceleratorCounts", "acceleratorManufacturers", "acceleratorNames", "acceleratorTotalMemoryMibs", "acceleratorTypes", "allowedInstanceTypes", "bareMetal", "baselineEbsBandwidthMbps", "burstablePerformance", "cpuManufacturers", "excludedInstanceTypes", "instanceGenerations", "localStorage", "localStorageTypes", "maxSpotPriceAsPercentageOfOptimalOnDemandPrice", "memoryGibPerVcpus", "memoryMibs", "networkBandwidthGbps", "networkInterfaceCounts", "onDemandMaxPricePercentageOverLowestPrice", "requireHibernateSupport", "spotMaxPricePercentageOverLowestPrice", "totalLocalStorageGbs", "vcpuCounts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementAcceleratorCount:getLaunchTemplateInstanceRequirementAcceleratorCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementAcceleratorTotalMemoryMib:getLaunchTemplateInstanceRequirementAcceleratorTotalMemoryMib": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementBaselineEbsBandwidthMbp:getLaunchTemplateInstanceRequirementBaselineEbsBandwidthMbp": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementMemoryGibPerVcpus:getLaunchTemplateInstanceRequirementMemoryGibPerVcpus": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementMemoryMib:getLaunchTemplateInstanceRequirementMemoryMib": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementNetworkBandwidthGbp:getLaunchTemplateInstanceRequirementNetworkBandwidthGbp": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementNetworkInterfaceCount:getLaunchTemplateInstanceRequirementNetworkInterfaceCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementTotalLocalStorageGb:getLaunchTemplateInstanceRequirementTotalLocalStorageGb": { "properties": { "max": { "type": "number" }, "min": { "type": "number" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateInstanceRequirementVcpuCount:getLaunchTemplateInstanceRequirementVcpuCount": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateLicenseSpecification:getLaunchTemplateLicenseSpecification": { "properties": { "licenseConfigurationArn": { "type": "string" } }, "type": "object", "required": [ "licenseConfigurationArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateMaintenanceOption:getLaunchTemplateMaintenanceOption": { "properties": { "autoRecovery": { "type": "string" } }, "type": "object", "required": [ "autoRecovery" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateMetadataOption:getLaunchTemplateMetadataOption": { "properties": { "httpEndpoint": { "type": "string" }, "httpProtocolIpv6": { "type": "string" }, "httpPutResponseHopLimit": { "type": "integer" }, "httpTokens": { "type": "string" }, "instanceMetadataTags": { "type": "string" } }, "type": "object", "required": [ "httpEndpoint", "httpProtocolIpv6", "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateMonitoring:getLaunchTemplateMonitoring": { "properties": { "enabled": { "type": "boolean" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateNetworkInterface:getLaunchTemplateNetworkInterface": { "properties": { "associateCarrierIpAddress": { "type": "string" }, "associatePublicIpAddress": { "type": "boolean" }, "deleteOnTermination": { "type": "boolean" }, "description": { "type": "string" }, "deviceIndex": { "type": "integer" }, "interfaceType": { "type": "string" }, "ipv4AddressCount": { "type": "integer" }, "ipv4Addresses": { "type": "array", "items": { "type": "string" } }, "ipv4PrefixCount": { "type": "integer" }, "ipv4Prefixes": { "type": "array", "items": { "type": "string" } }, "ipv6AddressCount": { "type": "integer" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" } }, "ipv6PrefixCount": { "type": "integer" }, "ipv6Prefixes": { "type": "array", "items": { "type": "string" } }, "networkCardIndex": { "type": "integer" }, "networkInterfaceId": { "type": "string" }, "primaryIpv6": { "type": "string" }, "privateIpAddress": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnetId": { "type": "string" } }, "type": "object", "required": [ "associateCarrierIpAddress", "description", "deviceIndex", "interfaceType", "ipv4AddressCount", "ipv4Addresses", "ipv4PrefixCount", "ipv4Prefixes", "ipv6AddressCount", "ipv6Addresses", "ipv6PrefixCount", "ipv6Prefixes", "networkCardIndex", "networkInterfaceId", "primaryIpv6", "privateIpAddress", "securityGroups", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplatePlacement:getLaunchTemplatePlacement": { "properties": { "affinity": { "type": "string" }, "availabilityZone": { "type": "string" }, "groupName": { "type": "string" }, "hostId": { "type": "string" }, "hostResourceGroupArn": { "type": "string" }, "partitionNumber": { "type": "integer" }, "spreadDomain": { "type": "string" }, "tenancy": { "type": "string" } }, "type": "object", "required": [ "affinity", "availabilityZone", "groupName", "hostId", "hostResourceGroupArn", "partitionNumber", "spreadDomain", "tenancy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplatePrivateDnsNameOption:getLaunchTemplatePrivateDnsNameOption": { "properties": { "enableResourceNameDnsARecord": { "type": "boolean" }, "enableResourceNameDnsAaaaRecord": { "type": "boolean" }, "hostnameType": { "type": "string" } }, "type": "object", "required": [ "enableResourceNameDnsARecord", "enableResourceNameDnsAaaaRecord", "hostnameType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLaunchTemplateTagSpecification:getLaunchTemplateTagSpecification": { "properties": { "resourceType": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Launch Template.\n" } }, "type": "object", "required": [ "resourceType", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA local gateway route table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Local Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getManagedPrefixListEntry:getManagedPrefixListEntry": { "properties": { "cidr": { "type": "string" }, "description": { "type": "string" } }, "type": "object", "required": [ "cidr", "description" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getManagedPrefixListFilter:getManagedPrefixListFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [DescribeManagedPrefixLists](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html) API Reference.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getManagedPrefixListsFilter:getManagedPrefixListsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA managed prefix list will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNatGatewayFilter:getNatGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn Nat Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNatGatewaysFilter:getNatGatewaysFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Nat Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInsightsAnalysisAlternatePathHint:getNetworkInsightsAnalysisAlternatePathHint": { "properties": { "componentArn": { "type": "string" }, "componentId": { "type": "string" } }, "type": "object", "required": [ "componentArn", "componentId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanation:getNetworkInsightsAnalysisExplanation": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationAclRule:getNetworkInsightsAnalysisExplanationAclRule" } }, "acls": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationAcl:getNetworkInsightsAnalysisExplanationAcl" } }, "address": { "type": "string" }, "addresses": { "type": "array", "items": { "type": "string" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationAttachedTo:getNetworkInsightsAnalysisExplanationAttachedTo" } }, "availabilityZones": { "type": "array", "items": { "type": "string" } }, "cidrs": { "type": "array", "items": { "type": "string" } }, "classicLoadBalancerListeners": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationClassicLoadBalancerListener:getNetworkInsightsAnalysisExplanationClassicLoadBalancerListener" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationComponent:getNetworkInsightsAnalysisExplanationComponent" } }, "customerGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationCustomerGateway:getNetworkInsightsAnalysisExplanationCustomerGateway" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationDestinationVpc:getNetworkInsightsAnalysisExplanationDestinationVpc" } }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationDestination:getNetworkInsightsAnalysisExplanationDestination" } }, "direction": { "type": "string" }, "elasticLoadBalancerListeners": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationElasticLoadBalancerListener:getNetworkInsightsAnalysisExplanationElasticLoadBalancerListener" } }, "explanationCode": { "type": "string" }, "ingressRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationIngressRouteTable:getNetworkInsightsAnalysisExplanationIngressRouteTable" } }, "internetGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationInternetGateway:getNetworkInsightsAnalysisExplanationInternetGateway" } }, "loadBalancerArn": { "type": "string" }, "loadBalancerListenerPort": { "type": "integer" }, "loadBalancerTargetGroup": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup" } }, "loadBalancerTargetGroups": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup" } }, "loadBalancerTargetPort": { "type": "integer" }, "missingComponent": { "type": "string" }, "natGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationNatGateway:getNetworkInsightsAnalysisExplanationNatGateway" } }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationNetworkInterface:getNetworkInsightsAnalysisExplanationNetworkInterface" } }, "packetField": { "type": "string" }, "port": { "type": "integer" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationPortRange:getNetworkInsightsAnalysisExplanationPortRange" } }, "prefixLists": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationPrefixList:getNetworkInsightsAnalysisExplanationPrefixList" } }, "protocols": { "type": "array", "items": { "type": "string" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationRouteTableRoute:getNetworkInsightsAnalysisExplanationRouteTableRoute" } }, "routeTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationRouteTable:getNetworkInsightsAnalysisExplanationRouteTable" } }, "securityGroup": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroup:getNetworkInsightsAnalysisExplanationSecurityGroup" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroupRule:getNetworkInsightsAnalysisExplanationSecurityGroupRule" } }, "securityGroups": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroup:getNetworkInsightsAnalysisExplanationSecurityGroup" } }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSourceVpc:getNetworkInsightsAnalysisExplanationSourceVpc" } }, "state": { "type": "string" }, "subnetRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSubnetRouteTable:getNetworkInsightsAnalysisExplanationSubnetRouteTable" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSubnet:getNetworkInsightsAnalysisExplanationSubnet" } }, "transitGatewayAttachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayAttachment:getNetworkInsightsAnalysisExplanationTransitGatewayAttachment" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute" } }, "transitGatewayRouteTables": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayRouteTable:getNetworkInsightsAnalysisExplanationTransitGatewayRouteTable" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationTransitGateway:getNetworkInsightsAnalysisExplanationTransitGateway" } }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationVpcEndpoint:getNetworkInsightsAnalysisExplanationVpcEndpoint" } }, "vpcPeeringConnections": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationVpcPeeringConnection:getNetworkInsightsAnalysisExplanationVpcPeeringConnection" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationVpc:getNetworkInsightsAnalysisExplanationVpc" } }, "vpnConnections": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationVpnConnection:getNetworkInsightsAnalysisExplanationVpnConnection" } }, "vpnGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationVpnGateway:getNetworkInsightsAnalysisExplanationVpnGateway" } } }, "type": "object", "required": [ "acls", "aclRules", "address", "addresses", "attachedTos", "availabilityZones", "cidrs", "classicLoadBalancerListeners", "components", "customerGateways", "destinations", "destinationVpcs", "direction", "elasticLoadBalancerListeners", "explanationCode", "ingressRouteTables", "internetGateways", "loadBalancerArn", "loadBalancerListenerPort", "loadBalancerTargetGroup", "loadBalancerTargetGroups", "loadBalancerTargetPort", "missingComponent", "natGateways", "networkInterfaces", "packetField", "port", "portRanges", "prefixLists", "protocols", "routeTables", "routeTableRoutes", "securityGroup", "securityGroupRules", "securityGroups", "sourceVpcs", "state", "subnets", "subnetRouteTables", "transitGateways", "transitGatewayAttachments", "transitGatewayRouteTables", "transitGatewayRouteTableRoutes", "vpcs", "vpcEndpoints", "vpcPeeringConnections", "vpnConnections", "vpnGateways" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationAcl:getNetworkInsightsAnalysisExplanationAcl": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationAclRule:getNetworkInsightsAnalysisExplanationAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationAclRulePortRange:getNetworkInsightsAnalysisExplanationAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "required": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationAclRulePortRange:getNetworkInsightsAnalysisExplanationAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationAttachedTo:getNetworkInsightsAnalysisExplanationAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationClassicLoadBalancerListener:getNetworkInsightsAnalysisExplanationClassicLoadBalancerListener": { "properties": { "instancePort": { "type": "integer" }, "loadBalancerPort": { "type": "integer" } }, "type": "object", "required": [ "instancePort", "loadBalancerPort" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationComponent:getNetworkInsightsAnalysisExplanationComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationCustomerGateway:getNetworkInsightsAnalysisExplanationCustomerGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationDestination:getNetworkInsightsAnalysisExplanationDestination": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationDestinationVpc:getNetworkInsightsAnalysisExplanationDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationElasticLoadBalancerListener:getNetworkInsightsAnalysisExplanationElasticLoadBalancerListener": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationIngressRouteTable:getNetworkInsightsAnalysisExplanationIngressRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationInternetGateway:getNetworkInsightsAnalysisExplanationInternetGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup:getNetworkInsightsAnalysisExplanationLoadBalancerTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationNatGateway:getNetworkInsightsAnalysisExplanationNatGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationNetworkInterface:getNetworkInsightsAnalysisExplanationNetworkInterface": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationPortRange:getNetworkInsightsAnalysisExplanationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationPrefixList:getNetworkInsightsAnalysisExplanationPrefixList": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationRouteTable:getNetworkInsightsAnalysisExplanationRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationRouteTableRoute:getNetworkInsightsAnalysisExplanationRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "required": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroup:getNetworkInsightsAnalysisExplanationSecurityGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroupRule:getNetworkInsightsAnalysisExplanationSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroupRulePortRange:getNetworkInsightsAnalysisExplanationSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "required": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSecurityGroupRulePortRange:getNetworkInsightsAnalysisExplanationSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSourceVpc:getNetworkInsightsAnalysisExplanationSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSubnet:getNetworkInsightsAnalysisExplanationSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationSubnetRouteTable:getNetworkInsightsAnalysisExplanationSubnetRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationTransitGateway:getNetworkInsightsAnalysisExplanationTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayAttachment:getNetworkInsightsAnalysisExplanationTransitGatewayAttachment": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayRouteTable:getNetworkInsightsAnalysisExplanationTransitGatewayRouteTable": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "required": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationVpc:getNetworkInsightsAnalysisExplanationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationVpcEndpoint:getNetworkInsightsAnalysisExplanationVpcEndpoint": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationVpcPeeringConnection:getNetworkInsightsAnalysisExplanationVpcPeeringConnection": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationVpnConnection:getNetworkInsightsAnalysisExplanationVpnConnection": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisExplanationVpnGateway:getNetworkInsightsAnalysisExplanationVpnGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisFilter:getNetworkInsightsAnalysisFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponent:getNetworkInsightsAnalysisForwardPathComponent": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAclRule:getNetworkInsightsAnalysisForwardPathComponentAclRule" } }, "additionalDetails": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAdditionalDetail:getNetworkInsightsAnalysisForwardPathComponentAdditionalDetail" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAttachedTo:getNetworkInsightsAnalysisForwardPathComponentAttachedTo" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentComponent:getNetworkInsightsAnalysisForwardPathComponentComponent" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentDestinationVpc:getNetworkInsightsAnalysisForwardPathComponentDestinationVpc" } }, "inboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeader:getNetworkInsightsAnalysisForwardPathComponentInboundHeader" } }, "outboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeader:getNetworkInsightsAnalysisForwardPathComponentOutboundHeader" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentRouteTableRoute:getNetworkInsightsAnalysisForwardPathComponentRouteTableRoute" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRule:getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRule" } }, "sequenceNumber": { "type": "integer" }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSourceVpc:getNetworkInsightsAnalysisForwardPathComponentSourceVpc" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSubnet:getNetworkInsightsAnalysisForwardPathComponentSubnet" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentTransitGateway:getNetworkInsightsAnalysisForwardPathComponentTransitGateway" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentVpc:getNetworkInsightsAnalysisForwardPathComponentVpc" } } }, "type": "object", "required": [ "aclRules", "additionalDetails", "attachedTos", "components", "destinationVpcs", "inboundHeaders", "outboundHeaders", "routeTableRoutes", "securityGroupRules", "sequenceNumber", "sourceVpcs", "subnets", "transitGateways", "transitGatewayRouteTableRoutes", "vpcs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAclRule:getNetworkInsightsAnalysisForwardPathComponentAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAclRulePortRange:getNetworkInsightsAnalysisForwardPathComponentAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "required": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAclRulePortRange:getNetworkInsightsAnalysisForwardPathComponentAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAdditionalDetail:getNetworkInsightsAnalysisForwardPathComponentAdditionalDetail": { "properties": { "additionalDetailType": { "type": "string" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent:getNetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent" } } }, "type": "object", "required": [ "additionalDetailType", "components" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent:getNetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentAttachedTo:getNetworkInsightsAnalysisForwardPathComponentAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentComponent:getNetworkInsightsAnalysisForwardPathComponentComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentDestinationVpc:getNetworkInsightsAnalysisForwardPathComponentDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeader:getNetworkInsightsAnalysisForwardPathComponentInboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange:getNetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange:getNetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange" } } }, "type": "object", "required": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange:getNetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange:getNetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeader:getNetworkInsightsAnalysisForwardPathComponentOutboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange:getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange:getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange" } } }, "type": "object", "required": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange:getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange:getNetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentRouteTableRoute:getNetworkInsightsAnalysisForwardPathComponentRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "required": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRule:getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange:getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "required": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange:getNetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSourceVpc:getNetworkInsightsAnalysisForwardPathComponentSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentSubnet:getNetworkInsightsAnalysisForwardPathComponentSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentTransitGateway:getNetworkInsightsAnalysisForwardPathComponentTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "required": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisForwardPathComponentVpc:getNetworkInsightsAnalysisForwardPathComponentVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponent:getNetworkInsightsAnalysisReturnPathComponent": { "properties": { "aclRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAclRule:getNetworkInsightsAnalysisReturnPathComponentAclRule" } }, "additionalDetails": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAdditionalDetail:getNetworkInsightsAnalysisReturnPathComponentAdditionalDetail" } }, "attachedTos": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAttachedTo:getNetworkInsightsAnalysisReturnPathComponentAttachedTo" } }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentComponent:getNetworkInsightsAnalysisReturnPathComponentComponent" } }, "destinationVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentDestinationVpc:getNetworkInsightsAnalysisReturnPathComponentDestinationVpc" } }, "inboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeader:getNetworkInsightsAnalysisReturnPathComponentInboundHeader" } }, "outboundHeaders": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeader:getNetworkInsightsAnalysisReturnPathComponentOutboundHeader" } }, "routeTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentRouteTableRoute:getNetworkInsightsAnalysisReturnPathComponentRouteTableRoute" } }, "securityGroupRules": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRule:getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRule" } }, "sequenceNumber": { "type": "integer" }, "sourceVpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSourceVpc:getNetworkInsightsAnalysisReturnPathComponentSourceVpc" } }, "subnets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSubnet:getNetworkInsightsAnalysisReturnPathComponentSubnet" } }, "transitGatewayRouteTableRoutes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute" } }, "transitGateways": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentTransitGateway:getNetworkInsightsAnalysisReturnPathComponentTransitGateway" } }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentVpc:getNetworkInsightsAnalysisReturnPathComponentVpc" } } }, "type": "object", "required": [ "aclRules", "additionalDetails", "attachedTos", "components", "destinationVpcs", "inboundHeaders", "outboundHeaders", "routeTableRoutes", "securityGroupRules", "sequenceNumber", "sourceVpcs", "subnets", "transitGateways", "transitGatewayRouteTableRoutes", "vpcs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAclRule:getNetworkInsightsAnalysisReturnPathComponentAclRule": { "properties": { "cidr": { "type": "string" }, "egress": { "type": "boolean" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAclRulePortRange:getNetworkInsightsAnalysisReturnPathComponentAclRulePortRange" } }, "protocol": { "type": "string" }, "ruleAction": { "type": "string" }, "ruleNumber": { "type": "integer" } }, "type": "object", "required": [ "cidr", "egress", "portRanges", "protocol", "ruleAction", "ruleNumber" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAclRulePortRange:getNetworkInsightsAnalysisReturnPathComponentAclRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAdditionalDetail:getNetworkInsightsAnalysisReturnPathComponentAdditionalDetail": { "properties": { "additionalDetailType": { "type": "string" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent:getNetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent" } } }, "type": "object", "required": [ "additionalDetailType", "components" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent:getNetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentAttachedTo:getNetworkInsightsAnalysisReturnPathComponentAttachedTo": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentComponent:getNetworkInsightsAnalysisReturnPathComponentComponent": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentDestinationVpc:getNetworkInsightsAnalysisReturnPathComponentDestinationVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeader:getNetworkInsightsAnalysisReturnPathComponentInboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange:getNetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange:getNetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange" } } }, "type": "object", "required": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange:getNetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange:getNetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeader:getNetworkInsightsAnalysisReturnPathComponentOutboundHeader": { "properties": { "destinationAddresses": { "type": "array", "items": { "type": "string" } }, "destinationPortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange:getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange" } }, "protocol": { "type": "string" }, "sourceAddresses": { "type": "array", "items": { "type": "string" } }, "sourcePortRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange:getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange" } } }, "type": "object", "required": [ "destinationAddresses", "destinationPortRanges", "protocol", "sourceAddresses", "sourcePortRanges" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange:getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange:getNetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentRouteTableRoute:getNetworkInsightsAnalysisReturnPathComponentRouteTableRoute": { "properties": { "destinationCidr": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyInternetGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "instanceId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "origin": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "type": "object", "required": [ "destinationCidr", "destinationPrefixListId", "egressOnlyInternetGatewayId", "gatewayId", "instanceId", "natGatewayId", "networkInterfaceId", "origin", "transitGatewayId", "vpcPeeringConnectionId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRule:getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRule": { "properties": { "cidr": { "type": "string" }, "direction": { "type": "string" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange:getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange" } }, "prefixListId": { "type": "string" }, "protocol": { "type": "string" }, "securityGroupId": { "type": "string" } }, "type": "object", "required": [ "cidr", "direction", "portRanges", "prefixListId", "protocol", "securityGroupId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange:getNetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange": { "properties": { "from": { "type": "integer" }, "to": { "type": "integer" } }, "type": "object", "required": [ "from", "to" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSourceVpc:getNetworkInsightsAnalysisReturnPathComponentSourceVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentSubnet:getNetworkInsightsAnalysisReturnPathComponentSubnet": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentTransitGateway:getNetworkInsightsAnalysisReturnPathComponentTransitGateway": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute:getNetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute": { "properties": { "attachmentId": { "type": "string" }, "destinationCidr": { "type": "string" }, "prefixListId": { "type": "string" }, "resourceId": { "type": "string" }, "resourceType": { "type": "string" }, "routeOrigin": { "type": "string" }, "state": { "type": "string" } }, "type": "object", "required": [ "attachmentId", "destinationCidr", "prefixListId", "resourceId", "resourceType", "routeOrigin", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsAnalysisReturnPathComponentVpc:getNetworkInsightsAnalysisReturnPathComponentVpc": { "properties": { "arn": { "type": "string", "description": "ARN of the selected Network Insights Analysis.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference.\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInsightsPathFilter:getNetworkInsightsPathFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsPaths`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html) API Reference.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInterfaceAssociation:getNetworkInterfaceAssociation": { "properties": { "allocationId": { "type": "string", "description": "Allocation ID.\n" }, "associationId": { "type": "string", "description": "Association ID.\n" }, "carrierIp": { "type": "string", "description": "Carrier IP address associated with the network interface. This attribute is only set when the network interface is in a subnet which is associated with a Wavelength Zone.\n" }, "customerOwnedIp": { "type": "string", "description": "Customer-owned IP address.\n" }, "ipOwnerId": { "type": "string", "description": "ID of the Elastic IP address owner.\n" }, "publicDnsName": { "type": "string", "description": "Public DNS name.\n" }, "publicIp": { "type": "string", "description": "Address of the Elastic IP address bound to the network interface.\n" } }, "type": "object", "required": [ "allocationId", "associationId", "carrierIp", "customerOwnedIp", "ipOwnerId", "publicDnsName", "publicIp" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInterfaceAttachment:getNetworkInterfaceAttachment": { "properties": { "attachmentId": { "type": "string" }, "deviceIndex": { "type": "integer" }, "instanceId": { "type": "string" }, "instanceOwnerId": { "type": "string" } }, "type": "object", "required": [ "attachmentId", "deviceIndex", "instanceId", "instanceOwnerId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getPrefixListFilter:getPrefixListFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getPublicIpv4PoolPoolAddressRange:getPublicIpv4PoolPoolAddressRange": { "properties": { "addressCount": { "type": "integer", "description": "Number of addresses in the range.\n" }, "availableAddressCount": { "type": "integer", "description": "Number of available addresses in the range.\n" }, "firstAddress": { "type": "string", "description": "First address in the range.\n" }, "lastAddress": { "type": "string", "description": "Last address in the range.\n" } }, "type": "object", "required": [ "addressCount", "availableAddressCount", "firstAddress", "lastAddress" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getPublicIpv4PoolsFilter:getPublicIpv4PoolsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. Pool IDs will be selected if any one of the given values match.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getRouteTableAssociation:getRouteTableAssociation": { "properties": { "gatewayId": { "type": "string", "description": "ID of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "main": { "type": "boolean", "description": "Whether the association is due to the main route table.\n" }, "routeTableAssociationId": { "type": "string", "description": "Association ID.\n" }, "routeTableId": { "type": "string", "description": "ID of the specific Route Table to retrieve.\n" }, "subnetId": { "type": "string", "description": "ID of a Subnet which is connected to the Route Table (not exported if not passed as a parameter).\n" } }, "type": "object", "required": [ "gatewayId", "main", "routeTableAssociationId", "routeTableId", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getRouteTableFilter:getRouteTableFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. A Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getRouteTableRoute:getRouteTableRoute": { "properties": { "carrierGatewayId": { "type": "string", "description": "ID of the Carrier Gateway.\n" }, "cidrBlock": { "type": "string", "description": "CIDR block of the route.\n" }, "coreNetworkArn": { "type": "string", "description": "ARN of the core network.\n" }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination of the route.\n" }, "egressOnlyGatewayId": { "type": "string", "description": "ID of the Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "ID of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "instanceId": { "type": "string", "description": "EC2 instance ID.\n" }, "ipv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block of the route.\n" }, "localGatewayId": { "type": "string", "description": "Local Gateway ID.\n" }, "natGatewayId": { "type": "string", "description": "NAT Gateway ID.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the elastic network interface (eni) to use.\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway ID.\n" }, "vpcEndpointId": { "type": "string", "description": "VPC Endpoint ID.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "VPC Peering ID.\n" } }, "type": "object", "required": [ "carrierGatewayId", "cidrBlock", "coreNetworkArn", "destinationPrefixListId", "egressOnlyGatewayId", "gatewayId", "instanceId", "ipv6CidrBlock", "localGatewayId", "natGatewayId", "networkInterfaceId", "transitGatewayId", "vpcEndpointId", "vpcPeeringConnectionId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getRouteTablesFilter:getRouteTablesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Security Group will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSpotPriceFilter:getSpotPriceFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSubnetFilter:getSubnetFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. A subnet will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getSubnetsFilter:getSubnetsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html).\nFor example, if matching against tag `Name`, use:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.ec2.getSubnets({\n filters: [{\n name: \"tag:Name\",\n values: [\"\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.ec2.get_subnets(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\n\t\t\tFilters: []ec2.GetSubnetsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: tag:Name\n values:\n -\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nSubnet IDs will be selected if any one of the given values match.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getTransitGatewayRouteTablesFilter:getTransitGatewayRouteTablesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Transit Gateway Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcCidrBlockAssociation:getVpcCidrBlockAssociation": { "properties": { "associationId": { "type": "string", "description": "Association ID for the IPv4 CIDR block.\n" }, "cidrBlock": { "type": "string", "description": "Cidr block of the desired VPC.\n" }, "state": { "type": "string", "description": "Current state of the desired VPC.\nCan be either `\"pending\"` or `\"available\"`.\n" } }, "type": "object", "required": [ "associationId", "cidrBlock", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values for filtering.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcEndpointDnsEntry:getVpcEndpointDnsEntry": { "properties": { "dnsName": { "type": "string", "description": "DNS name.\n" }, "hostedZoneId": { "type": "string", "description": "ID of the private hosted zone.\n" } }, "type": "object", "required": [ "dnsName", "hostedZoneId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcEndpointDnsOption:getVpcEndpointDnsOption": { "properties": { "dnsRecordIpType": { "type": "string", "description": "The DNS records created for the endpoint.\n" }, "privateDnsOnlyForInboundResolverEndpoint": { "type": "boolean", "description": "Indicates whether to enable private DNS only for inbound endpoints.\n" } }, "type": "object", "required": [ "dnsRecordIpType", "privateDnsOnlyForInboundResolverEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC Endpoint will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcFilter:getVpcFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIamPoolCidrsFilter:getVpcIamPoolCidrsFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIamPoolCidrsIpamPoolCidr:getVpcIamPoolCidrsIpamPoolCidr": { "properties": { "cidr": { "type": "string", "description": "A network CIDR.\n" }, "state": { "type": "string", "description": "The provisioning state of that CIDR.\n" } }, "type": "object", "required": [ "cidr", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcIamPoolFilter:getVpcIamPoolFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter. Filter names are case-sensitive.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The filter values. Filter values are case-sensitive.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIamPoolsFilter:getVpcIamPoolsFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter. Filter names are case-sensitive.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The filter values. Filter values are case-sensitive.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIamPoolsIpamPool:getVpcIamPoolsIpamPool": { "properties": { "addressFamily": { "type": "string", "description": "IP protocol assigned to this pool.\n" }, "allocationDefaultNetmaskLength": { "type": "integer", "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is `10.0.0.0/8` and you enter 16 here, new allocations will default to `10.0.0.0/16`.\n" }, "allocationMaxNetmaskLength": { "type": "integer", "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationMinNetmaskLength": { "type": "integer", "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n" }, "arn": { "type": "string", "description": "ARN of the pool\n" }, "autoImport": { "type": "boolean", "description": "If enabled, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM.\n" }, "awsService": { "type": "string", "description": "Limits which service in AWS that the pool can be used in. `ec2` for example, allows users to use space for Elastic IP addresses and VPCs.\n" }, "description": { "type": "string", "description": "Description for the IPAM pool.\n" }, "id": { "type": "string", "description": "ID of the IPAM pool.\n" }, "ipamScopeId": { "type": "string", "description": "ID of the scope the pool belongs to.\n" }, "ipamScopeType": { "type": "string" }, "locale": { "type": "string", "description": "Locale is the Region where your pool is available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region.\n" }, "poolDepth": { "type": "integer" }, "publiclyAdvertisable": { "type": "boolean", "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet.\n" }, "sourceIpamPoolId": { "type": "string", "description": "ID of the source IPAM pool.\n" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n" } }, "type": "object", "required": [ "addressFamily", "allocationDefaultNetmaskLength", "allocationMaxNetmaskLength", "allocationMinNetmaskLength", "allocationResourceTags", "arn", "autoImport", "awsService", "description", "id", "ipamScopeId", "ipamScopeType", "locale", "poolDepth", "publiclyAdvertisable", "sourceIpamPoolId", "state", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcIpamPoolCidrsFilter:getVpcIpamPoolCidrsFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIpamPoolCidrsIpamPoolCidr:getVpcIpamPoolCidrsIpamPoolCidr": { "properties": { "cidr": { "type": "string", "description": "A network CIDR.\n" }, "state": { "type": "string", "description": "The provisioning state of that CIDR.\n" } }, "type": "object", "required": [ "cidr", "state" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcIpamPoolFilter:getVpcIpamPoolFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter. Filter names are case-sensitive.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The filter values. Filter values are case-sensitive.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIpamPoolsFilter:getVpcIpamPoolsFilter": { "properties": { "name": { "type": "string", "description": "The name of the filter. Filter names are case-sensitive.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The filter values. Filter values are case-sensitive.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcIpamPoolsIpamPool:getVpcIpamPoolsIpamPool": { "properties": { "addressFamily": { "type": "string", "description": "IP protocol assigned to this pool.\n" }, "allocationDefaultNetmaskLength": { "type": "integer", "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is `10.0.0.0/8` and you enter 16 here, new allocations will default to `10.0.0.0/16`.\n" }, "allocationMaxNetmaskLength": { "type": "integer", "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationMinNetmaskLength": { "type": "integer", "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n" }, "arn": { "type": "string", "description": "ARN of the pool\n" }, "autoImport": { "type": "boolean", "description": "If enabled, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM.\n" }, "awsService": { "type": "string", "description": "Limits which service in AWS that the pool can be used in. `ec2` for example, allows users to use space for Elastic IP addresses and VPCs.\n" }, "description": { "type": "string", "description": "Description for the IPAM pool.\n" }, "id": { "type": "string", "description": "ID of the IPAM pool.\n" }, "ipamScopeId": { "type": "string", "description": "ID of the scope the pool belongs to.\n" }, "ipamScopeType": { "type": "string" }, "locale": { "type": "string", "description": "Locale is the Region where your pool is available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region.\n" }, "poolDepth": { "type": "integer" }, "publiclyAdvertisable": { "type": "boolean", "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet.\n" }, "sourceIpamPoolId": { "type": "string", "description": "ID of the source IPAM pool.\n" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n" } }, "type": "object", "required": [ "addressFamily", "allocationDefaultNetmaskLength", "allocationMaxNetmaskLength", "allocationMinNetmaskLength", "allocationResourceTags", "arn", "autoImport", "awsService", "description", "id", "ipamScopeId", "ipamScopeType", "locale", "poolDepth", "publiclyAdvertisable", "sourceIpamPoolId", "state", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcPeeringConnectionCidrBlockSet:getVpcPeeringConnectionCidrBlockSet": { "properties": { "cidrBlock": { "type": "string", "description": "Primary CIDR block of the requester VPC of the specific VPC Peering Connection to retrieve.\n" } }, "type": "object", "required": [ "cidrBlock" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC Peering Connection will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcPeeringConnectionIpv6CidrBlockSet:getVpcPeeringConnectionIpv6CidrBlockSet": { "properties": { "ipv6CidrBlock": { "type": "string" } }, "type": "object", "required": [ "ipv6CidrBlock" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcPeeringConnectionPeerCidrBlockSet:getVpcPeeringConnectionPeerCidrBlockSet": { "properties": { "cidrBlock": { "type": "string", "description": "Primary CIDR block of the requester VPC of the specific VPC Peering Connection to retrieve.\n" } }, "type": "object", "required": [ "cidrBlock" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcPeeringConnectionPeerIpv6CidrBlockSet:getVpcPeeringConnectionPeerIpv6CidrBlockSet": { "properties": { "ipv6CidrBlock": { "type": "string" } }, "type": "object", "required": [ "ipv6CidrBlock" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2/getVpcPeeringConnectionsFilter:getVpcPeeringConnectionsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC Peering Connection will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpcsFilter:getVpcsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPC will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA VPN Gateway will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption": { "properties": { "activeDirectoryId": { "type": "string", "description": "The ID of the Active Directory to be used for authentication if type is `directory-service-authentication`.\n", "willReplaceOnChanges": true }, "rootCertificateChainArn": { "type": "string", "description": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM). Only necessary when type is set to `certificate-authentication`.\n", "willReplaceOnChanges": true }, "samlProviderArn": { "type": "string", "description": "The ARN of the IAM SAML identity provider if type is `federated-authentication`.\n", "willReplaceOnChanges": true }, "selfServiceSamlProviderArn": { "type": "string", "description": "The ARN of the IAM SAML identity provider for the self service portal if type is `federated-authentication`.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of client authentication to be used. Specify `certificate-authentication` to use certificate-based authentication, `directory-service-authentication` to use Active Directory authentication, or `federated-authentication` to use Federated Authentication via SAML 2.0.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:ec2clientvpn/EndpointClientConnectOptions:EndpointClientConnectOptions": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether client connect options are enabled. The default is `false` (not enabled).\n" }, "lambdaFunctionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled", "lambdaFunctionArn" ] } } }, "aws:ec2clientvpn/EndpointClientLoginBannerOptions:EndpointClientLoginBannerOptions": { "properties": { "bannerText": { "type": "string", "description": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.\n" }, "enabled": { "type": "boolean", "description": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established. The default is `false` (not enabled).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bannerText", "enabled" ] } } }, "aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions": { "properties": { "cloudwatchLogGroup": { "type": "string", "description": "The name of the CloudWatch Logs log group.\n" }, "cloudwatchLogStream": { "type": "string", "description": "The name of the CloudWatch Logs log stream to which the connection data is published.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether connection logging is enabled.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLogStream", "enabled" ] } } }, "aws:ec2clientvpn/getEndpointAuthenticationOption:getEndpointAuthenticationOption": { "properties": { "activeDirectoryId": { "type": "string" }, "rootCertificateChainArn": { "type": "string" }, "samlProviderArn": { "type": "string" }, "selfServiceSamlProviderArn": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "activeDirectoryId", "rootCertificateChainArn", "samlProviderArn", "selfServiceSamlProviderArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2clientvpn/getEndpointClientConnectOption:getEndpointClientConnectOption": { "properties": { "enabled": { "type": "boolean" }, "lambdaFunctionArn": { "type": "string" } }, "type": "object", "required": [ "enabled", "lambdaFunctionArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2clientvpn/getEndpointClientLoginBannerOption:getEndpointClientLoginBannerOption": { "properties": { "bannerText": { "type": "string" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "bannerText", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2clientvpn/getEndpointConnectionLogOption:getEndpointConnectionLogOption": { "properties": { "cloudwatchLogGroup": { "type": "string" }, "cloudwatchLogStream": { "type": "string" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "cloudwatchLogGroup", "cloudwatchLogStream", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2clientvpn/getEndpointFilter:getEndpointFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnEndpoints.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. An endpoint will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/InstanceConnectEndpointTimeouts:InstanceConnectEndpointTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:ec2transitgateway/PeeringAttachmentOptions:PeeringAttachmentOptions": { "properties": { "dynamicRouting": { "type": "string", "description": "Indicates whether dynamic routing is enabled or disabled.. Supports `enable` and `disable`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ec2transitgateway/getAttachmentFilter:getAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getAttachmentsFilter:getAttachmentsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html)\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getConnectFilter:getConnectFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getConnectPeerFilter:getConnectPeerFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getMulticastDomainAssociation:getMulticastDomainAssociation": { "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet associated with the transit gateway multicast domain.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the transit gateway attachment.\n" } }, "type": "object", "required": [ "subnetId", "transitGatewayAttachmentId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2transitgateway/getMulticastDomainFilter:getMulticastDomainFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayMulticastDomains.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. A multicast domain will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getMulticastDomainMember:getMulticastDomainMember": { "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n" }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID.\n" } }, "type": "object", "required": [ "groupIpAddress", "networkInterfaceId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2transitgateway/getMulticastDomainSource:getMulticastDomainSource": { "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n" }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID.\n" } }, "type": "object", "required": [ "groupIpAddress", "networkInterfaceId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nAn EC2 Transit Gateway Peering Attachment be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getPeeringAttachmentsFilter:getPeeringAttachmentsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html)\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTableAssociationsFilter:getRouteTableAssociationsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTableAssociations.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Transit Gateway Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTablePropagationsFilter:getRouteTablePropagationsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTablePropagations.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nA Transit Gateway Route Table will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTableRoutesFilter:getRouteTableRoutesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayRoutes.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getRouteTableRoutesRoute:getRouteTableRoutesRoute": { "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR used for route destination matches.\n" }, "prefixListId": { "type": "string", "description": "The ID of the prefix list used for destination matches.\n" }, "state": { "type": "string", "description": "The current state of the route, can be `active`, `deleted`, `pending`, `blackhole`, `deleting`.\n" }, "transitGatewayRouteTableAnnouncementId": { "type": "string", "description": "The id of the transit gateway route table announcement, most of the time it is an empty string.\n" }, "type": { "type": "string", "description": "The type of the route, can be `propagated` or `static`.\n" } }, "type": "object", "required": [ "destinationCidrBlock", "prefixListId", "state", "transitGatewayRouteTableAnnouncementId", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getVpcAttachmentsFilter:getVpcAttachmentsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayVpcAttachments.html)\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of one or more values for the filter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ecr/RegistryScanningConfigurationRule:RegistryScanningConfigurationRule": { "properties": { "repositoryFilters": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RegistryScanningConfigurationRuleRepositoryFilter:RegistryScanningConfigurationRuleRepositoryFilter" }, "description": "One or more repository filter blocks, containing a `filter` (required string filtering repositories, see pattern regex [here](https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ScanningRepositoryFilter.html)) and a `filter_type` (required string, currently only `WILDCARD` is supported).\n" }, "scanFrequency": { "type": "string", "description": "The frequency that scans are performed at for a private registry. Can be `SCAN_ON_PUSH`, `CONTINUOUS_SCAN`, or `MANUAL`.\n" } }, "type": "object", "required": [ "repositoryFilters", "scanFrequency" ] }, "aws:ecr/RegistryScanningConfigurationRuleRepositoryFilter:RegistryScanningConfigurationRuleRepositoryFilter": { "properties": { "filter": { "type": "string" }, "filterType": { "type": "string" } }, "type": "object", "required": [ "filter", "filterType" ] }, "aws:ecr/ReplicationConfigurationReplicationConfiguration:ReplicationConfigurationReplicationConfiguration": { "properties": { "rules": { "type": "array", "items": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfigurationRule:ReplicationConfigurationReplicationConfigurationRule" }, "description": "The replication rules for a replication configuration. A maximum of 10 are allowed per `replication_configuration`. See Rule\n" } }, "type": "object", "required": [ "rules" ] }, "aws:ecr/ReplicationConfigurationReplicationConfigurationRule:ReplicationConfigurationReplicationConfigurationRule": { "properties": { "destinations": { "type": "array", "items": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfigurationRuleDestination:ReplicationConfigurationReplicationConfigurationRuleDestination" }, "description": "the details of a replication destination. A maximum of 25 are allowed per `rule`. See Destination.\n" }, "repositoryFilters": { "type": "array", "items": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfigurationRuleRepositoryFilter:ReplicationConfigurationReplicationConfigurationRuleRepositoryFilter" }, "description": "filters for a replication rule. See Repository Filter.\n" } }, "type": "object", "required": [ "destinations" ] }, "aws:ecr/ReplicationConfigurationReplicationConfigurationRuleDestination:ReplicationConfigurationReplicationConfigurationRuleDestination": { "properties": { "region": { "type": "string", "description": "A Region to replicate to.\n" }, "registryId": { "type": "string", "description": "The account ID of the destination registry to replicate to.\n" } }, "type": "object", "required": [ "region", "registryId" ] }, "aws:ecr/ReplicationConfigurationReplicationConfigurationRuleRepositoryFilter:ReplicationConfigurationReplicationConfigurationRuleRepositoryFilter": { "properties": { "filter": { "type": "string", "description": "The repository filter details.\n" }, "filterType": { "type": "string", "description": "The repository filter type. The only supported value is `PREFIX_MATCH`, which is a repository name prefix specified with the filter parameter.\n" } }, "type": "object", "required": [ "filter", "filterType" ] }, "aws:ecr/RepositoryEncryptionConfiguration:RepositoryEncryptionConfiguration": { "properties": { "encryptionType": { "type": "string", "description": "The encryption type to use for the repository. Valid values are `AES256` or `KMS`. Defaults to `AES256`.\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "The ARN of the KMS key to use when `encryption_type` is `KMS`. If not specified, uses the default AWS managed key for ECR.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKey" ] } } }, "aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration": { "properties": { "scanOnPush": { "type": "boolean", "description": "Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false).\n" } }, "type": "object", "required": [ "scanOnPush" ] }, "aws:ecr/getLifecyclePolicyDocumentRule:getLifecyclePolicyDocumentRule": { "properties": { "action": { "$ref": "#/types/aws:ecr/getLifecyclePolicyDocumentRuleAction:getLifecyclePolicyDocumentRuleAction", "description": "Specifies the action type.\n" }, "description": { "type": "string", "description": "Describes the purpose of a rule within a lifecycle policy.\n" }, "priority": { "type": "integer", "description": "Sets the order in which rules are evaluated, lowest to highest. When you add rules to a lifecycle policy, you must give them each a unique value for `priority`. Values do not need to be sequential across rules in a policy. A rule with a `tag_status` value of \"any\" must have the highest value for `priority` and be evaluated last.\n" }, "selection": { "$ref": "#/types/aws:ecr/getLifecyclePolicyDocumentRuleSelection:getLifecyclePolicyDocumentRuleSelection", "description": "Collects parameters describing the selection criteria for the ECR lifecycle policy:\n" } }, "type": "object", "required": [ "priority" ] }, "aws:ecr/getLifecyclePolicyDocumentRuleAction:getLifecyclePolicyDocumentRuleAction": { "properties": { "type": { "type": "string", "description": "The supported value is `expire`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:ecr/getLifecyclePolicyDocumentRuleSelection:getLifecyclePolicyDocumentRuleSelection": { "properties": { "countNumber": { "type": "integer", "description": "Specify a count number. If the `count_type` used is \"imageCountMoreThan\", then the value is the maximum number of images that you want to retain in your repository. If the `count_type` used is \"sinceImagePushed\", then the value is the maximum age limit for your images.\n" }, "countType": { "type": "string", "description": "Specify a count type to apply to the images. If `count_type` is set to \"imageCountMoreThan\", you also specify `count_number` to create a rule that sets a limit on the number of images that exist in your repository. If `count_type` is set to \"sinceImagePushed\", you also specify `count_unit` and `count_number` to specify a time limit on the images that exist in your repository.\n" }, "countUnit": { "type": "string", "description": "Specify a count unit of days to indicate that as the unit of time, in addition to `count_number`, which is the number of days.\n" }, "tagPatternLists": { "type": "array", "items": { "type": "string" }, "description": "You must specify a comma-separated list of image tag patterns that may contain wildcards (\\*) on which to take action with your lifecycle policy. For example, if your images are tagged as `prod`, `prod1`, `prod2`, and so on, you would use the tag pattern list `[\"prod\\*\"]` to specify all of them. If you specify multiple tags, only the images with all specified tags are selected. There is a maximum limit of four wildcards (\\*) per string. For example, `[\"*test*1*2*3\", \"test*1*2*3*\"]` is valid but `[\"test*1*2*3*4*5*6\"]` is invalid.\n" }, "tagPrefixLists": { "type": "array", "items": { "type": "string" }, "description": "You must specify a comma-separated list of image tag prefixes on which to take action with your lifecycle policy. For example, if your images are tagged as `prod`, `prod1`, `prod2`, and so on, you would use the tag prefix \"prod\" to specify all of them. If you specify multiple tags, only images with all specified tags are selected.\n" }, "tagStatus": { "type": "string", "description": "Determines whether the lifecycle policy rule that you are adding specifies a tag for an image. Acceptable options are \"tagged\", \"untagged\", or \"any\". If you specify \"any\", then all images have the rule applied to them. If you specify \"tagged\", then you must also specify a `tag_prefix_list` value. If you specify \"untagged\", then you must omit `tag_prefix_list`.\n" } }, "type": "object", "required": [ "countNumber", "countType", "tagStatus" ] }, "aws:ecr/getRepositoryEncryptionConfiguration:getRepositoryEncryptionConfiguration": { "properties": { "encryptionType": { "type": "string", "description": "Encryption type to use for the repository, either `AES256` or `KMS`.\n" }, "kmsKey": { "type": "string", "description": "If `encryption_type` is `KMS`, the ARN of the KMS key used.\n" } }, "type": "object", "required": [ "encryptionType", "kmsKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ecr/getRepositoryImageScanningConfiguration:getRepositoryImageScanningConfiguration": { "properties": { "scanOnPush": { "type": "boolean", "description": "Whether images are scanned after being pushed to the repository.\n" } }, "type": "object", "required": [ "scanOnPush" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ecrpublic/RepositoryCatalogData:RepositoryCatalogData": { "properties": { "aboutText": { "type": "string", "description": "A detailed description of the contents of the repository. It is publicly visible in the Amazon ECR Public Gallery. The text must be in markdown format.\n" }, "architectures": { "type": "array", "items": { "type": "string" }, "description": "The system architecture that the images in the repository are compatible with. On the Amazon ECR Public Gallery, the following supported architectures will appear as badges on the repository and are used as search filters: `ARM`, `ARM 64`, `x86`, `x86-64`\n" }, "description": { "type": "string", "description": "A short description of the contents of the repository. This text appears in both the image details and also when searching for repositories on the Amazon ECR Public Gallery.\n" }, "logoImageBlob": { "type": "string", "description": "The base64-encoded repository logo payload. (Only visible for verified accounts) Note that drift detection is disabled for this attribute.\n" }, "operatingSystems": { "type": "array", "items": { "type": "string" }, "description": "The operating systems that the images in the repository are compatible with. On the Amazon ECR Public Gallery, the following supported operating systems will appear as badges on the repository and are used as search filters: `Linux`, `Windows`\n" }, "usageText": { "type": "string", "description": "Detailed information on how to use the contents of the repository. It is publicly visible in the Amazon ECR Public Gallery. The usage text provides context, support information, and additional usage details for users of the repository. The text must be in markdown format.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "logoImageBlob" ] } } }, "aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider": { "properties": { "autoScalingGroupArn": { "type": "string", "description": "ARN of the associated auto scaling group.\n", "willReplaceOnChanges": true }, "managedDraining": { "type": "string", "description": "Enables or disables a graceful shutdown of instances without disturbing workloads. Valid values are `ENABLED` and `DISABLED`. The default value is `ENABLED` when a capacity provider is created.\n" }, "managedScaling": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProviderManagedScaling:CapacityProviderAutoScalingGroupProviderManagedScaling", "description": "Configuration block defining the parameters of the auto scaling. Detailed below.\n" }, "managedTerminationProtection": { "type": "string", "description": "Enables or disables container-aware termination of instances in the auto scaling group when scale-in happens. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object", "required": [ "autoScalingGroupArn" ], "language": { "nodejs": { "requiredOutputs": [ "autoScalingGroupArn", "managedDraining", "managedScaling", "managedTerminationProtection" ] } } }, "aws:ecs/CapacityProviderAutoScalingGroupProviderManagedScaling:CapacityProviderAutoScalingGroupProviderManagedScaling": { "properties": { "instanceWarmupPeriod": { "type": "integer", "description": "Period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of 300 seconds is used.\n" }, "maximumScalingStepSize": { "type": "integer", "description": "Maximum step adjustment size. A number between 1 and 10,000.\n" }, "minimumScalingStepSize": { "type": "integer", "description": "Minimum step adjustment size. A number between 1 and 10,000.\n" }, "status": { "type": "string", "description": "Whether auto scaling is managed by ECS. Valid values are `ENABLED` and `DISABLED`.\n" }, "targetCapacity": { "type": "integer", "description": "Target utilization for the capacity provider. A number between 1 and 100.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "instanceWarmupPeriod", "maximumScalingStepSize", "minimumScalingStepSize", "status", "targetCapacity" ] } } }, "aws:ecs/ClusterCapacityProvidersDefaultCapacityProviderStrategy:ClusterCapacityProvidersDefaultCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`.\n" }, "capacityProvider": { "type": "string", "description": "Name of the capacity provider.\n" }, "weight": { "type": "integer", "description": "The relative percentage of the total number of launched tasks that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` count of tasks has been satisfied. Defaults to `0`.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:ecs/ClusterConfiguration:ClusterConfiguration": { "properties": { "executeCommandConfiguration": { "$ref": "#/types/aws:ecs/ClusterConfigurationExecuteCommandConfiguration:ClusterConfigurationExecuteCommandConfiguration", "description": "Details of the execute command configuration. See `execute_command_configuration` Block for details.\n" }, "managedStorageConfiguration": { "$ref": "#/types/aws:ecs/ClusterConfigurationManagedStorageConfiguration:ClusterConfigurationManagedStorageConfiguration", "description": "Details of the managed storage configuration. See `managed_storage_configuration` Block for details.\n" } }, "type": "object" }, "aws:ecs/ClusterConfigurationExecuteCommandConfiguration:ClusterConfigurationExecuteCommandConfiguration": { "properties": { "kmsKeyId": { "type": "string", "description": "AWS Key Management Service key ID to encrypt the data between the local client and the container.\n" }, "logConfiguration": { "$ref": "#/types/aws:ecs/ClusterConfigurationExecuteCommandConfigurationLogConfiguration:ClusterConfigurationExecuteCommandConfigurationLogConfiguration", "description": "Log configuration for the results of the execute command actions. Required when `logging` is `OVERRIDE`. See `log_configuration` Block for details.\n" }, "logging": { "type": "string", "description": "Log setting to use for redirecting logs for your execute command results. Valid values: `NONE`, `DEFAULT`, `OVERRIDE`.\n" } }, "type": "object" }, "aws:ecs/ClusterConfigurationExecuteCommandConfigurationLogConfiguration:ClusterConfigurationExecuteCommandConfigurationLogConfiguration": { "properties": { "cloudWatchEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption on the CloudWatch logs. If not specified, encryption will be disabled.\n" }, "cloudWatchLogGroupName": { "type": "string", "description": "The name of the CloudWatch log group to send logs to.\n" }, "s3BucketEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption on the logs sent to S3. If not specified, encryption will be disabled.\n" }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket to send logs to.\n" }, "s3KeyPrefix": { "type": "string", "description": "Optional folder in the S3 bucket to place logs in.\n" } }, "type": "object" }, "aws:ecs/ClusterConfigurationManagedStorageConfiguration:ClusterConfigurationManagedStorageConfiguration": { "properties": { "fargateEphemeralStorageKmsKeyId": { "type": "string", "description": "AWS Key Management Service key ID for the Fargate ephemeral storage.\n" }, "kmsKeyId": { "type": "string", "description": "AWS Key Management Service key ID to encrypt the managed storage.\n" } }, "type": "object" }, "aws:ecs/ClusterServiceConnectDefaults:ClusterServiceConnectDefaults": { "properties": { "namespace": { "type": "string", "description": "ARN of the `aws.servicediscovery.HttpNamespace` that's used when you create a service and don't specify a Service Connect configuration.\n" } }, "type": "object", "required": [ "namespace" ] }, "aws:ecs/ClusterSetting:ClusterSetting": { "properties": { "name": { "type": "string", "description": "Name of the setting to manage. Valid values: `containerInsights`.\n" }, "value": { "type": "string", "description": "Value to assign to the setting. Valid values: `enabled`, `disabled`.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:ecs/ServiceAlarms:ServiceAlarms": { "properties": { "alarmNames": { "type": "array", "items": { "type": "string" }, "description": "One or more CloudWatch alarm names.\n" }, "enable": { "type": "boolean", "description": "Whether to use the CloudWatch alarm option in the service deployment process.\n" }, "rollback": { "type": "boolean", "description": "Whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.\n" } }, "type": "object", "required": [ "alarmNames", "enable", "rollback" ] }, "aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "Number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined.\n" }, "capacityProvider": { "type": "string", "description": "Short name of the capacity provider.\n" }, "weight": { "type": "integer", "description": "Relative percentage of the total number of launched tasks that should use the specified capacity provider.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker": { "properties": { "enable": { "type": "boolean", "description": "Whether to enable the deployment circuit breaker logic for the service.\n" }, "rollback": { "type": "boolean", "description": "Whether to enable Amazon ECS to roll back the service if a service deployment fails. If rollback is enabled, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.\n" } }, "type": "object", "required": [ "enable", "rollback" ] }, "aws:ecs/ServiceDeploymentController:ServiceDeploymentController": { "properties": { "type": { "type": "string", "description": "Type of deployment controller. Valid values: `CODE_DEPLOY`, `ECS`, `EXTERNAL`. Default: `ECS`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer": { "properties": { "containerName": { "type": "string", "description": "Name of the container to associate with the load balancer (as it appears in a container definition).\n" }, "containerPort": { "type": "integer", "description": "Port on the container to associate with the load balancer.\n\n\u003e **Version note:** Multiple `load_balancer` configuration block support was added in version 2.22.0 of the provider. This allows configuration of [ECS service support for multiple target groups](https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-ecs-services-now-support-multiple-load-balancer-target-groups/).\n" }, "elbName": { "type": "string", "description": "Name of the ELB (Classic) to associate with the service.\n" }, "targetGroupArn": { "type": "string", "description": "ARN of the Load Balancer target group to associate with the service.\n" } }, "type": "object", "required": [ "containerName", "containerPort" ] }, "aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`.\n\nFor more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html)\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "Subnets associated with the task or service.\n" } }, "type": "object", "required": [ "subnets" ] }, "aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy": { "properties": { "field": { "type": "string", "description": "For the `spread` placement strategy, valid values are `instanceId` (or `host`,\nwhich has the same effect), or any platform or custom attribute that is applied to a container instance.\nFor the `binpack` type, valid values are `memory` and `cpu`. For the `random` type, this attribute is not\nneeded. For more information, see [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html).\n\n\u003e **Note:** for `spread`, `host` and `instanceId` will be normalized, by AWS, to be `instanceId`. This means the statefile will show `instanceId` but your config will differ if you use `host`.\n" }, "type": { "type": "string", "description": "Type of placement strategy. Must be one of: `binpack`, `random`, or `spread`\n" } }, "type": "object", "required": [ "type" ] }, "aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint": { "properties": { "expression": { "type": "string", "description": "Cluster Query Language expression to apply to the constraint. Does not need to be specified for the `distinctInstance` type. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html).\n" }, "type": { "type": "string", "description": "Type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:ecs/ServiceServiceConnectConfiguration:ServiceServiceConnectConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Whether to use Service Connect with this service.\n" }, "logConfiguration": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationLogConfiguration:ServiceServiceConnectConfigurationLogConfiguration", "description": "Log configuration for the container. See below.\n" }, "namespace": { "type": "string", "description": "Namespace name or ARN of the `aws.servicediscovery.HttpNamespace` for use with Service Connect.\n" }, "services": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationService:ServiceServiceConnectConfigurationService" }, "description": "List of Service Connect service objects. See below.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:ecs/ServiceServiceConnectConfigurationLogConfiguration:ServiceServiceConnectConfigurationLogConfiguration": { "properties": { "logDriver": { "type": "string", "description": "Log driver to use for the container.\n" }, "options": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration options to send to the log driver.\n" }, "secretOptions": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationLogConfigurationSecretOption:ServiceServiceConnectConfigurationLogConfigurationSecretOption" }, "description": "Secrets to pass to the log configuration. See below.\n" } }, "type": "object", "required": [ "logDriver" ], "language": { "nodejs": { "requiredOutputs": [ "logDriver", "options" ] } } }, "aws:ecs/ServiceServiceConnectConfigurationLogConfigurationSecretOption:ServiceServiceConnectConfigurationLogConfigurationSecretOption": { "properties": { "name": { "type": "string", "description": "Name of the secret.\n" }, "valueFrom": { "type": "string", "description": "Secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n" } }, "type": "object", "required": [ "name", "valueFrom" ] }, "aws:ecs/ServiceServiceConnectConfigurationService:ServiceServiceConnectConfigurationService": { "properties": { "clientAlias": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationServiceClientAlias:ServiceServiceConnectConfigurationServiceClientAlias" }, "description": "List of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1. See below.\n" }, "discoveryName": { "type": "string", "description": "Name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service.\n" }, "ingressPortOverride": { "type": "integer", "description": "Port number for the Service Connect proxy to listen on.\n" }, "portName": { "type": "string", "description": "Name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.\n" }, "timeout": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationServiceTimeout:ServiceServiceConnectConfigurationServiceTimeout", "description": "Configuration timeouts for Service Connect\n" }, "tls": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationServiceTls:ServiceServiceConnectConfigurationServiceTls", "description": "Configuration for enabling Transport Layer Security (TLS)\n" } }, "type": "object", "required": [ "portName" ] }, "aws:ecs/ServiceServiceConnectConfigurationServiceClientAlias:ServiceServiceConnectConfigurationServiceClientAlias": { "properties": { "dnsName": { "type": "string", "description": "Name that you use in the applications of client tasks to connect to this service.\n" }, "port": { "type": "integer", "description": "Listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n" } }, "type": "object", "required": [ "port" ] }, "aws:ecs/ServiceServiceConnectConfigurationServiceTimeout:ServiceServiceConnectConfigurationServiceTimeout": { "properties": { "idleTimeoutSeconds": { "type": "integer", "description": "Amount of time in seconds a connection will stay active while idle. A value of 0 can be set to disable idleTimeout.\n" }, "perRequestTimeoutSeconds": { "type": "integer", "description": "Amount of time in seconds for the upstream to respond with a complete response per request. A value of 0 can be set to disable perRequestTimeout. Can only be set when appProtocol isn't TCP.\n" } }, "type": "object" }, "aws:ecs/ServiceServiceConnectConfigurationServiceTls:ServiceServiceConnectConfigurationServiceTls": { "properties": { "issuerCertAuthority": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfigurationServiceTlsIssuerCertAuthority:ServiceServiceConnectConfigurationServiceTlsIssuerCertAuthority", "description": "Details of the certificate authority which will issue the certificate.\n" }, "kmsKey": { "type": "string", "description": "KMS key used to encrypt the private key in Secrets Manager.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM Role that's associated with the Service Connect TLS.\n" } }, "type": "object", "required": [ "issuerCertAuthority" ] }, "aws:ecs/ServiceServiceConnectConfigurationServiceTlsIssuerCertAuthority:ServiceServiceConnectConfigurationServiceTlsIssuerCertAuthority": { "properties": { "awsPcaAuthorityArn": { "type": "string", "description": "ARN of the `aws.acmpca.CertificateAuthority` used to create the TLS Certificates.\n" } }, "type": "object", "required": [ "awsPcaAuthorityArn" ] }, "aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries": { "properties": { "containerName": { "type": "string", "description": "Container name value, already specified in the task definition, to be used for your service discovery service.\n" }, "containerPort": { "type": "integer", "description": "Port value, already specified in the task definition, to be used for your service discovery service.\n" }, "port": { "type": "integer", "description": "Port value used if your Service Discovery service specified an SRV record.\n" }, "registryArn": { "type": "string", "description": "ARN of the Service Registry. The currently supported service registry is Amazon Route 53 Auto Naming Service(`aws.servicediscovery.Service`). For more information, see [Service](https://docs.aws.amazon.com/Route53/latest/APIReference/API_autonaming_Service.html)\n" } }, "type": "object", "required": [ "registryArn" ] }, "aws:ecs/ServiceVolumeConfiguration:ServiceVolumeConfiguration": { "properties": { "managedEbsVolume": { "$ref": "#/types/aws:ecs/ServiceVolumeConfigurationManagedEbsVolume:ServiceVolumeConfigurationManagedEbsVolume", "description": "Configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. See below.\n" }, "name": { "type": "string", "description": "Name of the volume.\n" } }, "type": "object", "required": [ "managedEbsVolume", "name" ] }, "aws:ecs/ServiceVolumeConfigurationManagedEbsVolume:ServiceVolumeConfigurationManagedEbsVolume": { "properties": { "encrypted": { "type": "boolean", "description": "Whether the volume should be encrypted. Default value is `true`.\n" }, "fileSystemType": { "type": "string", "description": "Linux filesystem type for the volume. For volumes created from a snapshot, same filesystem type must be specified that the volume was using when the snapshot was created. Valid values are `ext3`, `ext4`, `xfs`. Default value is `xfs`.\n" }, "iops": { "type": "integer", "description": "Number of I/O operations per second (IOPS).\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the Amazon Web Services Key Management Service key to use for Amazon EBS encryption.\n" }, "roleArn": { "type": "string", "description": "Amazon ECS infrastructure IAM role that is used to manage your Amazon Web Services infrastructure. Recommended using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role.\n" }, "sizeInGb": { "type": "integer", "description": "Size of the volume in GiB. You must specify either a `size_in_gb` or a `snapshot_id`. You can optionally specify a volume size greater than or equal to the snapshot size.\n" }, "snapshotId": { "type": "string", "description": "Snapshot that Amazon ECS uses to create the volume. You must specify either a `size_in_gb` or a `snapshot_id`.\n" }, "throughput": { "type": "integer", "description": "Throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s.\n" }, "volumeType": { "type": "string", "description": "Volume type.\n" } }, "type": "object", "required": [ "roleArn" ] }, "aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage": { "properties": { "sizeInGib": { "type": "integer", "description": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "sizeInGib" ] }, "aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator": { "properties": { "deviceName": { "type": "string", "description": "Elastic Inference accelerator device name. The deviceName must also be referenced in a container definition as a ResourceRequirement.\n", "willReplaceOnChanges": true }, "deviceType": { "type": "string", "description": "Elastic Inference accelerator type to use.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName", "deviceType" ] }, "aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "Cluster Query Language expression to apply to the constraint. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of constraint. Use `memberOf` to restrict selection to a group of valid candidates. Note that `distinctInstance` is not supported in task definitions.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration": { "properties": { "containerName": { "type": "string", "description": "Name of the container that will serve as the App Mesh proxy.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified a key-value mapping.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Proxy type. The default value is `APPMESH`. The only supported value is `APPMESH`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "containerName" ] }, "aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform": { "properties": { "cpuArchitecture": { "type": "string", "description": "Must be set to either `X86_64` or `ARM64`; see [cpu architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform)\n", "willReplaceOnChanges": true }, "operatingSystemFamily": { "type": "string", "description": "If the `requires_compatibilities` is `FARGATE` this field is required; must be set to a valid option from the [operating system family in the runtime platform](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) setting\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume": { "properties": { "configureAtLaunch": { "type": "boolean", "description": "Whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n", "willReplaceOnChanges": true }, "dockerVolumeConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeDockerVolumeConfiguration:TaskDefinitionVolumeDockerVolumeConfiguration", "description": "Configuration block to configure a docker volume. Detailed below.\n", "willReplaceOnChanges": true }, "efsVolumeConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeEfsVolumeConfiguration:TaskDefinitionVolumeEfsVolumeConfiguration", "description": "Configuration block for an EFS volume. Detailed below.\n", "willReplaceOnChanges": true }, "fsxWindowsFileServerVolumeConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeFsxWindowsFileServerVolumeConfiguration:TaskDefinitionVolumeFsxWindowsFileServerVolumeConfiguration", "description": "Configuration block for an FSX Windows File Server volume. Detailed below.\n", "willReplaceOnChanges": true }, "hostPath": { "type": "string", "description": "Path on the host container instance that is presented to the container. If not set, ECS will create a nonpersistent data volume that starts empty and is deleted after the task has finished.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the volume. This name is referenced in the `sourceVolume`\nparameter of container definition in the `mountPoints` section.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "configureAtLaunch", "name" ] } } }, "aws:ecs/TaskDefinitionVolumeDockerVolumeConfiguration:TaskDefinitionVolumeDockerVolumeConfiguration": { "properties": { "autoprovision": { "type": "boolean", "description": "If this value is `true`, the Docker volume is created if it does not already exist. *Note*: This field is only used if the scope is `shared`.\n", "willReplaceOnChanges": true }, "driver": { "type": "string", "description": "Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement.\n", "willReplaceOnChanges": true }, "driverOpts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Docker driver specific options.\n", "willReplaceOnChanges": true }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of custom metadata to add to your Docker volume.\n", "willReplaceOnChanges": true }, "scope": { "type": "string", "description": "Scope for the Docker volume, which determines its lifecycle, either `task` or `shared`. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "scope" ] } } }, "aws:ecs/TaskDefinitionVolumeEfsVolumeConfiguration:TaskDefinitionVolumeEfsVolumeConfiguration": { "properties": { "authorizationConfig": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig", "description": "Configuration block for authorization for the Amazon EFS file system. Detailed below.\n", "willReplaceOnChanges": true }, "fileSystemId": { "type": "string", "description": "ID of the EFS File System.\n", "willReplaceOnChanges": true }, "rootDirectory": { "type": "string", "description": "Directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter. This argument is ignored when using `authorization_config`.\n", "willReplaceOnChanges": true }, "transitEncryption": { "type": "string", "description": "Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used.\n", "willReplaceOnChanges": true }, "transitEncryptionPort": { "type": "integer", "description": "Port to use for transit encryption. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "fileSystemId" ] }, "aws:ecs/TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig": { "properties": { "accessPointId": { "type": "string", "description": "Access point ID to use. If an access point is specified, the root directory value will be relative to the directory set for the access point. If specified, transit encryption must be enabled in the EFSVolumeConfiguration.\n", "willReplaceOnChanges": true }, "iam": { "type": "string", "description": "Whether or not to use the Amazon ECS task IAM role defined in a task definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ecs/TaskDefinitionVolumeFsxWindowsFileServerVolumeConfiguration:TaskDefinitionVolumeFsxWindowsFileServerVolumeConfiguration": { "properties": { "authorizationConfig": { "$ref": "#/types/aws:ecs/TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfig", "description": "Configuration block for authorization for the Amazon FSx for Windows File Server file system detailed below.\n", "willReplaceOnChanges": true }, "fileSystemId": { "type": "string", "description": "The Amazon FSx for Windows File Server file system ID to use.\n", "willReplaceOnChanges": true }, "rootDirectory": { "type": "string", "description": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "authorizationConfig", "fileSystemId", "rootDirectory" ] }, "aws:ecs/TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfig:TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfig": { "properties": { "credentialsParameter": { "type": "string", "description": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or AWS Systems Manager Parameter Store parameter. The ARNs refer to the stored credentials.\n", "willReplaceOnChanges": true }, "domain": { "type": "string", "description": "A fully qualified domain name hosted by an AWS Directory Service Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "credentialsParameter", "domain" ] }, "aws:ecs/TaskSetCapacityProviderStrategy:TaskSetCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined.\n", "willReplaceOnChanges": true }, "capacityProvider": { "type": "string", "description": "The short name or full Amazon Resource Name (ARN) of the capacity provider.\n", "willReplaceOnChanges": true }, "weight": { "type": "integer", "description": "The relative percentage of the total number of launched tasks that should use the specified capacity provider.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "capacityProvider", "weight" ] }, "aws:ecs/TaskSetLoadBalancer:TaskSetLoadBalancer": { "properties": { "containerName": { "type": "string", "description": "The name of the container to associate with the load balancer (as it appears in a container definition).\n", "willReplaceOnChanges": true }, "containerPort": { "type": "integer", "description": "The port on the container to associate with the load balancer. Defaults to `0` if not specified.\n\n\u003e **Note:** Specifying multiple `load_balancer` configurations is still not supported by AWS for ECS task set.\n", "willReplaceOnChanges": true }, "loadBalancerName": { "type": "string", "description": "The name of the ELB (Classic) to associate with the service.\n", "willReplaceOnChanges": true }, "targetGroupArn": { "type": "string", "description": "The ARN of the Load Balancer target group to associate with the service.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "containerName" ] }, "aws:ecs/TaskSetNetworkConfiguration:TaskSetNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Whether to assign a public IP address to the ENI (`FARGATE` launch type only). Valid values are `true` or `false`. Default `false`.\n\nFor more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html).\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. Maximum of 5.\n", "willReplaceOnChanges": true }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnets associated with the task or service. Maximum of 16.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "subnets" ] }, "aws:ecs/TaskSetScale:TaskSetScale": { "properties": { "unit": { "type": "string", "description": "The unit of measure for the scale value. Default: `PERCENT`.\n" }, "value": { "type": "number", "description": "The value, specified as a percent total of a service's `desiredCount`, to scale the task set. Defaults to `0` if not specified. Accepted values are numbers between 0.0 and 100.0.\n" } }, "type": "object" }, "aws:ecs/TaskSetServiceRegistries:TaskSetServiceRegistries": { "properties": { "containerName": { "type": "string", "description": "The container name value, already specified in the task definition, to be used for your service discovery service.\n", "willReplaceOnChanges": true }, "containerPort": { "type": "integer", "description": "The port value, already specified in the task definition, to be used for your service discovery service.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port value used if your Service Discovery service specified an SRV record.\n", "willReplaceOnChanges": true }, "registryArn": { "type": "string", "description": "The ARN of the Service Registry. The currently supported service registry is Amazon Route 53 Auto Naming Service(`aws.servicediscovery.Service` resource). For more information, see [Service](https://docs.aws.amazon.com/Route53/latest/APIReference/API_autonaming_Service.html).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "registryArn" ] }, "aws:ecs/getClusterServiceConnectDefault:getClusterServiceConnectDefault": { "properties": { "namespace": { "type": "string" } }, "type": "object", "required": [ "namespace" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ecs/getClusterSetting:getClusterSetting": { "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ecs/getTaskExecutionCapacityProviderStrategy:getTaskExecutionCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`.\n" }, "capacityProvider": { "type": "string", "description": "Name of the capacity provider.\n" }, "weight": { "type": "integer", "description": "The relative percentage of the total number of launched tasks that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` count of tasks has been satisfied. Defaults to `0`.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:ecs/getTaskExecutionNetworkConfiguration:getTaskExecutionNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`.\n\nFor more information, see the [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) documentation.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "Subnets associated with the task or service.\n" } }, "type": "object", "required": [ "subnets" ] }, "aws:ecs/getTaskExecutionOverrides:getTaskExecutionOverrides": { "properties": { "containerOverrides": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionOverridesContainerOverride:getTaskExecutionOverridesContainerOverride" }, "description": "One or more container overrides that are sent to a task. See below.\n" }, "cpu": { "type": "string", "description": "The CPU override for the task.\n" }, "executionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the task execution role override for the task.\n" }, "inferenceAcceleratorOverrides": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionOverridesInferenceAcceleratorOverride:getTaskExecutionOverridesInferenceAcceleratorOverride" }, "description": "Elastic Inference accelerator override for the task. See below.\n" }, "memory": { "type": "string", "description": "The memory override for the task.\n" }, "taskRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the role that containers in this task can assume.\n" } }, "type": "object" }, "aws:ecs/getTaskExecutionOverridesContainerOverride:getTaskExecutionOverridesContainerOverride": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "The command to send to the container that overrides the default command from the Docker image or the task definition.\n" }, "cpu": { "type": "integer", "description": "The number of cpu units reserved for the container, instead of the default value from the task definition.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionOverridesContainerOverrideEnvironment:getTaskExecutionOverridesContainerOverrideEnvironment" }, "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. See below.\n" }, "memory": { "type": "integer", "description": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed.\n" }, "memoryReservation": { "type": "integer", "description": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition.\n" }, "name": { "type": "string", "description": "The name of the container that receives the override. This parameter is required if any override is specified.\n" }, "resourceRequirements": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionOverridesContainerOverrideResourceRequirement:getTaskExecutionOverridesContainerOverrideResourceRequirement" }, "description": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. See below.\n" } }, "type": "object", "required": [ "name" ] }, "aws:ecs/getTaskExecutionOverridesContainerOverrideEnvironment:getTaskExecutionOverridesContainerOverrideEnvironment": { "properties": { "key": { "type": "string", "description": "The name of the key-value pair. For environment variables, this is the name of the environment variable.\n" }, "value": { "type": "string", "description": "The value of the key-value pair. For environment variables, this is the value of the environment variable.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:ecs/getTaskExecutionOverridesContainerOverrideResourceRequirement:getTaskExecutionOverridesContainerOverrideResourceRequirement": { "properties": { "type": { "type": "string", "description": "The type of resource to assign to a container. Valid values are `GPU` or `InferenceAccelerator`.\n" }, "value": { "type": "string", "description": "The value for the specified resource type. If the `GPU` type is used, the value is the number of physical GPUs the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. If the `InferenceAccelerator` type is used, the value matches the `deviceName` for an InferenceAccelerator specified in a task definition.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:ecs/getTaskExecutionOverridesInferenceAcceleratorOverride:getTaskExecutionOverridesInferenceAcceleratorOverride": { "properties": { "deviceName": { "type": "string", "description": "The Elastic Inference accelerator device name to override for the task. This parameter must match a deviceName specified in the task definition.\n" }, "deviceType": { "type": "string", "description": "The Elastic Inference accelerator type to use.\n" } }, "type": "object" }, "aws:ecs/getTaskExecutionPlacementConstraint:getTaskExecutionPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance`.\n" }, "type": { "type": "string", "description": "The type of constraint. Valid values are `distinctInstance` or `memberOf`. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.\n" } }, "type": "object", "required": [ "type" ] }, "aws:ecs/getTaskExecutionPlacementStrategy:getTaskExecutionPlacementStrategy": { "properties": { "field": { "type": "string", "description": "The field to apply the placement strategy against.\n" }, "type": { "type": "string", "description": "The type of placement strategy. Valid values are `random`, `spread`, and `binpack`.\n\nFor more information, see the [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html) documentation.\n" } }, "type": "object", "required": [ "type" ] }, "aws:efs/AccessPointPosixUser:AccessPointPosixUser": { "properties": { "gid": { "type": "integer", "description": "POSIX group ID used for all file system operations using this access point.\n", "willReplaceOnChanges": true }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "Secondary POSIX group IDs used for all file system operations using this access point.\n", "willReplaceOnChanges": true }, "uid": { "type": "integer", "description": "POSIX user ID used for all file system operations using this access point.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:efs/AccessPointRootDirectory:AccessPointRootDirectory": { "properties": { "creationInfo": { "$ref": "#/types/aws:efs/AccessPointRootDirectoryCreationInfo:AccessPointRootDirectoryCreationInfo", "description": "POSIX IDs and permissions to apply to the access point's Root Directory. See Creation Info below.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide `creation_info`.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "creationInfo", "path" ] } } }, "aws:efs/AccessPointRootDirectoryCreationInfo:AccessPointRootDirectoryCreationInfo": { "properties": { "ownerGid": { "type": "integer", "description": "POSIX group ID to apply to the `root_directory`.\n", "willReplaceOnChanges": true }, "ownerUid": { "type": "integer", "description": "POSIX user ID to apply to the `root_directory`.\n", "willReplaceOnChanges": true }, "permissions": { "type": "string", "description": "POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "ownerGid", "ownerUid", "permissions" ] }, "aws:efs/BackupPolicyBackupPolicy:BackupPolicyBackupPolicy": { "properties": { "status": { "type": "string", "description": "A status of the backup policy. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy": { "properties": { "transitionToArchive": { "type": "string", "description": "Indicates how long it takes to transition files to the archive storage class. Requires transition_to_ia, Elastic Throughput and General Purpose performance mode. Valid values: `AFTER_1_DAY`, `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, `AFTER_90_DAYS`, `AFTER_180_DAYS`, `AFTER_270_DAYS`, or `AFTER_365_DAYS`.\n" }, "transitionToIa": { "type": "string", "description": "Indicates how long it takes to transition files to the IA storage class. Valid values: `AFTER_1_DAY`, `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, `AFTER_90_DAYS`, `AFTER_180_DAYS`, `AFTER_270_DAYS`, or `AFTER_365_DAYS`.\n" }, "transitionToPrimaryStorageClass": { "type": "string", "description": "Describes the policy used to transition a file from infequent access storage to primary storage. Valid values: `AFTER_1_ACCESS`.\n" } }, "type": "object" }, "aws:efs/FileSystemProtection:FileSystemProtection": { "properties": { "replicationOverwrite": { "type": "string", "description": "Indicates whether replication overwrite protection is enabled. Valid values: `ENABLED` or `DISABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "replicationOverwrite" ] } } }, "aws:efs/FileSystemSizeInByte:FileSystemSizeInByte": { "properties": { "value": { "type": "integer", "description": "The latest known metered size (in bytes) of data stored in the file system.\n" }, "valueInIa": { "type": "integer", "description": "The latest known metered size (in bytes) of data stored in the Infrequent Access storage class.\n" }, "valueInStandard": { "type": "integer", "description": "The latest known metered size (in bytes) of data stored in the Standard storage class.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "value", "valueInIa", "valueInStandard" ] } } }, "aws:efs/ReplicationConfigurationDestination:ReplicationConfigurationDestination": { "properties": { "availabilityZoneName": { "type": "string", "description": "The availability zone in which the replica should be created. If specified, the replica will be created with One Zone storage. If omitted, regional storage will be used.\n", "willReplaceOnChanges": true }, "fileSystemId": { "type": "string", "description": "The ID of the destination file system for the replication. If no ID is provided, then EFS creates a new file system with the default settings.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The Key ID, ARN, alias, or alias ARN of the KMS key that should be used to encrypt the replica file system. If omitted, the default KMS key for EFS `/aws/elasticfilesystem` will be used.\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "The region in which the replica should be created.\n", "willReplaceOnChanges": true }, "status": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "fileSystemId", "region", "status" ] } } }, "aws:efs/getAccessPointPosixUser:getAccessPointPosixUser": { "properties": { "gid": { "type": "integer", "description": "Group ID\n" }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "Secondary group IDs\n" }, "uid": { "type": "integer", "description": "User Id\n" } }, "type": "object", "required": [ "gid", "secondaryGids", "uid" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getAccessPointRootDirectory:getAccessPointRootDirectory": { "properties": { "creationInfos": { "type": "array", "items": { "$ref": "#/types/aws:efs/getAccessPointRootDirectoryCreationInfo:getAccessPointRootDirectoryCreationInfo" }, "description": "Single element list containing information on the creation permissions of the directory\n" }, "path": { "type": "string", "description": "Path exposed as the root directory\n" } }, "type": "object", "required": [ "creationInfos", "path" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getAccessPointRootDirectoryCreationInfo:getAccessPointRootDirectoryCreationInfo": { "properties": { "ownerGid": { "type": "integer", "description": "POSIX owner group ID\n" }, "ownerUid": { "type": "integer", "description": "POSIX owner user ID\n" }, "permissions": { "type": "string", "description": "POSIX permissions mode\n" } }, "type": "object", "required": [ "ownerGid", "ownerUid", "permissions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getFileSystemLifecyclePolicy:getFileSystemLifecyclePolicy": { "properties": { "transitionToArchive": { "type": "string" }, "transitionToIa": { "type": "string" }, "transitionToPrimaryStorageClass": { "type": "string" } }, "type": "object", "required": [ "transitionToArchive", "transitionToIa", "transitionToPrimaryStorageClass" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:efs/getFileSystemProtection:getFileSystemProtection": { "properties": { "replicationOverwrite": { "type": "string" } }, "type": "object", "required": [ "replicationOverwrite" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/AccessPolicyAssociationAccessScope:AccessPolicyAssociationAccessScope": { "properties": { "namespaces": { "type": "array", "items": { "type": "string" }, "description": "The namespaces to which the access scope applies when type is namespace.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Valid values are `namespace` or `cluster`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:eks/ClusterAccessConfig:ClusterAccessConfig": { "properties": { "authenticationMode": { "type": "string", "description": "The authentication mode for the cluster. Valid values are `CONFIG_MAP`, `API` or `API_AND_CONFIG_MAP`\n" }, "bootstrapClusterCreatorAdminPermissions": { "type": "boolean", "description": "Whether or not to bootstrap the access config values to the cluster. Default is `false`.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "authenticationMode" ] } } }, "aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority": { "properties": { "data": { "type": "string", "description": "Base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "data" ] } } }, "aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig": { "properties": { "provider": { "$ref": "#/types/aws:eks/ClusterEncryptionConfigProvider:ClusterEncryptionConfigProvider", "description": "Configuration block with provider for encryption. Detailed below.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "List of strings with resources to be encrypted. Valid values: `secrets`.\n" } }, "type": "object", "required": [ "provider", "resources" ] }, "aws:eks/ClusterEncryptionConfigProvider:ClusterEncryptionConfigProvider": { "properties": { "keyArn": { "type": "string", "description": "ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see [Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html).\n" } }, "type": "object", "required": [ "keyArn" ] }, "aws:eks/ClusterIdentity:ClusterIdentity": { "properties": { "oidcs": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentityOidc:ClusterIdentityOidc" }, "description": "Nested block containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. Detailed below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "oidcs" ] } } }, "aws:eks/ClusterIdentityOidc:ClusterIdentityOidc": { "properties": { "issuer": { "type": "string", "description": "Issuer URL for the OpenID Connect identity provider.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "issuer" ] } } }, "aws:eks/ClusterKubernetesNetworkConfig:ClusterKubernetesNetworkConfig": { "properties": { "ipFamily": { "type": "string", "description": "The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.\n", "willReplaceOnChanges": true }, "serviceIpv4Cidr": { "type": "string", "description": "The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:\n\n* Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.\n\n* Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n\n* Between /24 and /12.\n", "willReplaceOnChanges": true }, "serviceIpv6Cidr": { "type": "string", "description": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified `ipv6` for ipFamily when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipFamily", "serviceIpv4Cidr", "serviceIpv6Cidr" ] } } }, "aws:eks/ClusterOutpostConfig:ClusterOutpostConfig": { "properties": { "controlPlaneInstanceType": { "type": "string", "description": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:\n\n* 1–20 nodes, then we recommend specifying a large instance type.\n\n* 21–100 nodes, then we recommend specifying an xlarge instance type.\n\n* 101–250 nodes, then we recommend specifying a 2xlarge instance type.\n\nFor a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.\n", "willReplaceOnChanges": true }, "controlPlanePlacement": { "$ref": "#/types/aws:eks/ClusterOutpostConfigControlPlanePlacement:ClusterOutpostConfigControlPlanePlacement", "description": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost.\nThe `control_plane_placement` configuration block supports the following arguments:\n" }, "outpostArns": { "type": "array", "items": { "type": "string" }, "description": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.\n" } }, "type": "object", "required": [ "controlPlaneInstanceType", "outpostArns" ] }, "aws:eks/ClusterOutpostConfigControlPlanePlacement:ClusterOutpostConfigControlPlanePlacement": { "properties": { "groupName": { "type": "string", "description": "The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "groupName" ] }, "aws:eks/ClusterVpcConfig:ClusterVpcConfig": { "properties": { "clusterSecurityGroupId": { "type": "string", "description": "Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.\n" }, "endpointPrivateAccess": { "type": "boolean", "description": "Whether the Amazon EKS private API server endpoint is enabled. Default is `false`.\n" }, "endpointPublicAccess": { "type": "boolean", "description": "Whether the Amazon EKS public API server endpoint is enabled. Default is `true`.\n" }, "publicAccessCidrs": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with `0.0.0.0/0`. The provider will only perform drift detection of its value when present in a configuration.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC associated with your cluster.\n" } }, "type": "object", "required": [ "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "clusterSecurityGroupId", "publicAccessCidrs", "subnetIds", "vpcId" ] } } }, "aws:eks/FargateProfileSelector:FargateProfileSelector": { "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels for selection.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "Kubernetes namespace for selection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "namespace" ] }, "aws:eks/IdentityProviderConfigOidc:IdentityProviderConfigOidc": { "properties": { "clientId": { "type": "string", "description": "Client ID for the OpenID Connect identity provider.\n", "willReplaceOnChanges": true }, "groupsClaim": { "type": "string", "description": "The JWT claim that the provider will use to return groups.\n", "willReplaceOnChanges": true }, "groupsPrefix": { "type": "string", "description": "A prefix that is prepended to group claims e.g., `oidc:`.\n", "willReplaceOnChanges": true }, "identityProviderConfigName": { "type": "string", "description": "The name of the identity provider config.\n", "willReplaceOnChanges": true }, "issuerUrl": { "type": "string", "description": "Issuer URL for the OpenID Connect identity provider.\n", "willReplaceOnChanges": true }, "requiredClaims": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key value pairs that describe required claims in the identity token.\n", "willReplaceOnChanges": true }, "usernameClaim": { "type": "string", "description": "The JWT claim that the provider will use as the username.\n", "willReplaceOnChanges": true }, "usernamePrefix": { "type": "string", "description": "A prefix that is prepended to username claims.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "clientId", "identityProviderConfigName", "issuerUrl" ] }, "aws:eks/NodeGroupLaunchTemplate:NodeGroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "Identifier of the EC2 Launch Template. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the EC2 Launch Template. Conflicts with `id`.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "EC2 Launch Template version number. While the API accepts values like `$Default` and `$Latest`, the API will convert the value to the associated version number (e.g., `1`) on read and the provider will show a difference on next plan. Using the `default_version` or `latest_version` attribute of the `aws.ec2.LaunchTemplate` resource or data source is recommended for this argument.\n" } }, "type": "object", "required": [ "version" ], "language": { "nodejs": { "requiredOutputs": [ "id", "name", "version" ] } } }, "aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess": { "properties": { "ec2SshKey": { "type": "string", "description": "EC2 Key Pair name that provides access for remote communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify `source_security_group_ids` when you create an EKS Node Group, either port 3389 for Windows, or port 22 for all other operating systems is opened on the worker nodes to the Internet (0.0.0.0/0). For Windows nodes, this will allow you to use RDP, for all others this allows you to SSH into the worker nodes.\n", "willReplaceOnChanges": true }, "sourceSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify `ec2_ssh_key`, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:eks/NodeGroupResource:NodeGroupResource": { "properties": { "autoscalingGroups": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResourceAutoscalingGroup:NodeGroupResourceAutoscalingGroup" }, "description": "List of objects containing information about AutoScaling Groups.\n" }, "remoteAccessSecurityGroupId": { "type": "string", "description": "Identifier of the remote access EC2 Security Group.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoscalingGroups", "remoteAccessSecurityGroupId" ] } } }, "aws:eks/NodeGroupResourceAutoscalingGroup:NodeGroupResourceAutoscalingGroup": { "properties": { "name": { "type": "string", "description": "Name of the AutoScaling Group.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name" ] } } }, "aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig": { "properties": { "desiredSize": { "type": "integer", "description": "Desired number of worker nodes.\n" }, "maxSize": { "type": "integer", "description": "Maximum number of worker nodes.\n" }, "minSize": { "type": "integer", "description": "Minimum number of worker nodes.\n" } }, "type": "object", "required": [ "desiredSize", "maxSize", "minSize" ] }, "aws:eks/NodeGroupTaint:NodeGroupTaint": { "properties": { "effect": { "type": "string", "description": "The effect of the taint. Valid values: `NO_SCHEDULE`, `NO_EXECUTE`, `PREFER_NO_SCHEDULE`.\n" }, "key": { "type": "string", "description": "The key of the taint. Maximum length of 63.\n" }, "value": { "type": "string", "description": "The value of the taint. Maximum length of 63.\n" } }, "type": "object", "required": [ "effect", "key" ] }, "aws:eks/NodeGroupUpdateConfig:NodeGroupUpdateConfig": { "properties": { "maxUnavailable": { "type": "integer", "description": "Desired max number of unavailable worker nodes during node group update.\n" }, "maxUnavailablePercentage": { "type": "integer", "description": "Desired max percentage of unavailable worker nodes during node group update.\n" } }, "type": "object" }, "aws:eks/getClusterAccessConfig:getClusterAccessConfig": { "properties": { "authenticationMode": { "type": "string", "description": "Values returned are `CONFIG_MAP`, `API` or `API_AND_CONFIG_MAP`\n" }, "bootstrapClusterCreatorAdminPermissions": { "type": "boolean", "description": "Default to `true`.\n" } }, "type": "object", "required": [ "authenticationMode", "bootstrapClusterCreatorAdminPermissions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterCertificateAuthority:getClusterCertificateAuthority": { "properties": { "data": { "type": "string", "description": "The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster.\n" } }, "type": "object", "required": [ "data" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterIdentity:getClusterIdentity": { "properties": { "oidcs": { "type": "array", "items": { "$ref": "#/types/aws:eks/getClusterIdentityOidc:getClusterIdentityOidc" }, "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster.\n" } }, "type": "object", "required": [ "oidcs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterIdentityOidc:getClusterIdentityOidc": { "properties": { "issuer": { "type": "string", "description": "Issuer URL for the OpenID Connect identity provider.\n" } }, "type": "object", "required": [ "issuer" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterKubernetesNetworkConfig:getClusterKubernetesNetworkConfig": { "properties": { "ipFamily": { "type": "string", "description": "`ipv4` or `ipv6`.\n" }, "serviceIpv4Cidr": { "type": "string", "description": "The CIDR block to assign Kubernetes pod and service IP addresses from if `ipv4` was specified when the cluster was created.\n" }, "serviceIpv6Cidr": { "type": "string", "description": "The CIDR block to assign Kubernetes pod and service IP addresses from if `ipv6` was specified when the cluster was created. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.\n" } }, "type": "object", "required": [ "ipFamily", "serviceIpv4Cidr", "serviceIpv6Cidr" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterOutpostConfig:getClusterOutpostConfig": { "properties": { "controlPlaneInstanceType": { "type": "string", "description": "The Amazon EC2 instance type for all Kubernetes control plane instances.\n" }, "controlPlanePlacements": { "type": "array", "items": { "$ref": "#/types/aws:eks/getClusterOutpostConfigControlPlanePlacement:getClusterOutpostConfigControlPlanePlacement" }, "description": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost.\n" }, "outpostArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs of the Outposts hosting the EKS cluster. Only a single ARN is supported currently.\n" } }, "type": "object", "required": [ "controlPlaneInstanceType", "controlPlanePlacements", "outpostArns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterOutpostConfigControlPlanePlacement:getClusterOutpostConfigControlPlanePlacement": { "properties": { "groupName": { "type": "string", "description": "The name of the placement group for the Kubernetes control plane instances.\n" } }, "type": "object", "required": [ "groupName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getClusterVpcConfig:getClusterVpcConfig": { "properties": { "clusterSecurityGroupId": { "type": "string", "description": "The cluster security group that was created by Amazon EKS for the cluster.\n" }, "endpointPrivateAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS private API server endpoint is enabled.\n" }, "endpointPublicAccess": { "type": "boolean", "description": "Indicates whether or not the Amazon EKS public API server endpoint is enabled.\n" }, "publicAccessCidrs": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs\n" }, "vpcId": { "type": "string", "description": "The VPC associated with your cluster.\n" } }, "type": "object", "required": [ "clusterSecurityGroupId", "endpointPrivateAccess", "endpointPublicAccess", "publicAccessCidrs", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupLaunchTemplate:getNodeGroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "The ID of the launch template.\n" }, "name": { "type": "string", "description": "Name of the AutoScaling Group.\n" }, "version": { "type": "string", "description": "Kubernetes version.\n" } }, "type": "object", "required": [ "id", "name", "version" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupRemoteAccess:getNodeGroupRemoteAccess": { "properties": { "ec2SshKey": { "type": "string", "description": "EC2 Key Pair name that provides access for SSH communication with the worker nodes in the EKS Node Group.\n" }, "sourceSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes.\n" } }, "type": "object", "required": [ "ec2SshKey", "sourceSecurityGroupIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupResource:getNodeGroupResource": { "properties": { "autoscalingGroups": { "type": "array", "items": { "$ref": "#/types/aws:eks/getNodeGroupResourceAutoscalingGroup:getNodeGroupResourceAutoscalingGroup" }, "description": "List of objects containing information about AutoScaling Groups.\n" }, "remoteAccessSecurityGroupId": { "type": "string", "description": "Identifier of the remote access EC2 Security Group.\n" } }, "type": "object", "required": [ "autoscalingGroups", "remoteAccessSecurityGroupId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupResourceAutoscalingGroup:getNodeGroupResourceAutoscalingGroup": { "properties": { "name": { "type": "string", "description": "Name of the AutoScaling Group.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupScalingConfig:getNodeGroupScalingConfig": { "properties": { "desiredSize": { "type": "integer", "description": "Desired number of worker nodes.\n" }, "maxSize": { "type": "integer", "description": "Maximum number of worker nodes.\n" }, "minSize": { "type": "integer", "description": "Minimum number of worker nodes.\n" } }, "type": "object", "required": [ "desiredSize", "maxSize", "minSize" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:eks/getNodeGroupTaint:getNodeGroupTaint": { "properties": { "effect": { "type": "string", "description": "The effect of the taint.\n" }, "key": { "type": "string", "description": "The key of the taint.\n" }, "value": { "type": "string", "description": "The value of the taint.\n" } }, "type": "object", "required": [ "effect", "key", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticache/ClusterCacheNode:ClusterCacheNode": { "properties": { "address": { "type": "string" }, "availabilityZone": { "type": "string", "description": "Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone. Changing this value will re-create the resource.\n" }, "id": { "type": "string" }, "outpostArn": { "type": "string" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcached the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`. Changing this value will re-create the resource.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "availabilityZone", "id", "outpostArn", "port" ] } } }, "aws:elasticache/ClusterLogDeliveryConfiguration:ClusterLogDeliveryConfiguration": { "properties": { "destination": { "type": "string", "description": "Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource.\n" }, "destinationType": { "type": "string", "description": "For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`.\n" }, "logFormat": { "type": "string", "description": "Valid values are `json` or `text`\n" }, "logType": { "type": "string", "description": "Valid values are `slow-log` or `engine-log`. Max 1 of each.\n" } }, "type": "object", "required": [ "destination", "destinationType", "logFormat", "logType" ] }, "aws:elasticache/GlobalReplicationGroupGlobalNodeGroup:GlobalReplicationGroupGlobalNodeGroup": { "properties": { "globalNodeGroupId": { "type": "string", "description": "The ID of the global node group.\n" }, "slots": { "type": "string", "description": "The keyspace for this node group.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "globalNodeGroupId", "slots" ] } } }, "aws:elasticache/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n" }, "value": { "type": "string", "description": "The value of the ElastiCache parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:elasticache/ReplicationGroupLogDeliveryConfiguration:ReplicationGroupLogDeliveryConfiguration": { "properties": { "destination": { "type": "string", "description": "Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource.\n" }, "destinationType": { "type": "string", "description": "For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`.\n" }, "logFormat": { "type": "string", "description": "Valid values are `json` or `text`\n" }, "logType": { "type": "string", "description": "Valid values are `slow-log` or `engine-log`. Max 1 of each.\n" } }, "type": "object", "required": [ "destination", "destinationType", "logFormat", "logType" ] }, "aws:elasticache/ServerlessCacheCacheUsageLimits:ServerlessCacheCacheUsageLimits": { "properties": { "dataStorage": { "$ref": "#/types/aws:elasticache/ServerlessCacheCacheUsageLimitsDataStorage:ServerlessCacheCacheUsageLimitsDataStorage", "description": "The maximum data storage limit in the cache, expressed in Gigabytes. See Data Storage config for more details.\n" }, "ecpuPerSeconds": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ServerlessCacheCacheUsageLimitsEcpuPerSecond:ServerlessCacheCacheUsageLimitsEcpuPerSecond" }, "description": "The configuration for the number of ElastiCache Processing Units (ECPU) the cache can consume per second.See config block for more details.\n" } }, "type": "object" }, "aws:elasticache/ServerlessCacheCacheUsageLimitsDataStorage:ServerlessCacheCacheUsageLimitsDataStorage": { "properties": { "maximum": { "type": "integer" }, "minimum": { "type": "integer" }, "unit": { "type": "string", "description": "The unit that the storage is measured in, in GB.\n" } }, "type": "object", "required": [ "unit" ] }, "aws:elasticache/ServerlessCacheCacheUsageLimitsEcpuPerSecond:ServerlessCacheCacheUsageLimitsEcpuPerSecond": { "properties": { "maximum": { "type": "integer" }, "minimum": { "type": "integer" } }, "type": "object" }, "aws:elasticache/ServerlessCacheEndpoint:ServerlessCacheEndpoint": { "properties": { "address": { "type": "string", "description": "The DNS hostname of the cache node.\n" }, "port": { "type": "integer", "description": "The port number that the cache engine is listening on. Set as integer.\n" } }, "type": "object", "required": [ "address", "port" ] }, "aws:elasticache/ServerlessCacheReaderEndpoint:ServerlessCacheReaderEndpoint": { "properties": { "address": { "type": "string", "description": "The DNS hostname of the cache node.\n" }, "port": { "type": "integer", "description": "The port number that the cache engine is listening on. Set as integer.\n" } }, "type": "object", "required": [ "address", "port" ] }, "aws:elasticache/ServerlessCacheTimeouts:ServerlessCacheTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:elasticache/UserAuthenticationMode:UserAuthenticationMode": { "properties": { "passwordCount": { "type": "integer" }, "passwords": { "type": "array", "items": { "type": "string" }, "description": "Specifies the passwords to use for authentication if `type` is set to `password`.\n", "secret": true }, "type": { "type": "string", "description": "Specifies the authentication type. Possible options are: `password`, `no-password-required` or `iam`.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "passwordCount", "type" ] } } }, "aws:elasticache/getClusterCacheNode:getClusterCacheNode": { "properties": { "address": { "type": "string" }, "availabilityZone": { "type": "string", "description": "Availability Zone for the cache cluster.\n" }, "id": { "type": "string" }, "outpostArn": { "type": "string" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will\naccept connections.\n" } }, "type": "object", "required": [ "address", "availabilityZone", "id", "outpostArn", "port" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticache/getClusterLogDeliveryConfiguration:getClusterLogDeliveryConfiguration": { "properties": { "destination": { "type": "string" }, "destinationType": { "type": "string" }, "logFormat": { "type": "string" }, "logType": { "type": "string" } }, "type": "object", "required": [ "destination", "destinationType", "logFormat", "logType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticache/getReplicationGroupLogDeliveryConfiguration:getReplicationGroupLogDeliveryConfiguration": { "properties": { "destination": { "type": "string" }, "destinationType": { "type": "string" }, "logFormat": { "type": "string" }, "logType": { "type": "string" } }, "type": "object", "required": [ "destination", "destinationType", "logFormat", "logType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticache/getUserAuthenticationMode:getUserAuthenticationMode": { "properties": { "passwordCount": { "type": "integer" }, "type": { "type": "string" } }, "type": "object" }, "aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle": { "properties": { "deleteSourceFromS3": { "type": "boolean", "description": "Set to `true` to delete a version's source bundle from S3 when the application version is deleted.\n" }, "maxAgeInDays": { "type": "integer", "description": "The number of days to retain an application version ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.).\n" }, "maxCount": { "type": "integer", "description": "The maximum number of application versions to retain ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.).\n" }, "serviceRole": { "type": "string", "description": "The ARN of an IAM service role under which the application version is deleted. Elastic Beanstalk must have permission to assume this role.\n" } }, "type": "object", "required": [ "serviceRole" ] }, "aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Template.\n" }, "namespace": { "type": "string" }, "resource": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "namespace": { "type": "string" }, "resource": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting": { "properties": { "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "namespace": { "type": "string" }, "resource": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "name", "namespace", "value" ] }, "aws:elasticbeanstalk/getApplicationAppversionLifecycle:getApplicationAppversionLifecycle": { "properties": { "deleteSourceFromS3": { "type": "boolean", "description": "Specifies whether delete a version's source bundle from S3 when the application version is deleted.\n" }, "maxAgeInDays": { "type": "integer", "description": "Number of days to retain an application version.\n" }, "maxCount": { "type": "integer", "description": "Maximum number of application versions to retain.\n" }, "serviceRole": { "type": "string", "description": "ARN of an IAM service role under which the application version is deleted. Elastic Beanstalk must have permission to assume this role.\n" } }, "type": "object", "required": [ "deleteSourceFromS3", "maxAgeInDays", "maxCount", "serviceRole" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether advanced security is enabled.\n", "willReplaceOnChanges": true }, "internalUserDatabaseEnabled": { "type": "boolean", "description": "Whether the internal user database is enabled. If not set, defaults to `false` by the AWS API.\n" }, "masterUserOptions": { "$ref": "#/types/aws:elasticsearch/DomainAdvancedSecurityOptionsMasterUserOptions:DomainAdvancedSecurityOptionsMasterUserOptions", "description": "Configuration block for the main user. Detailed below.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:elasticsearch/DomainAdvancedSecurityOptionsMasterUserOptions:DomainAdvancedSecurityOptionsMasterUserOptions": { "properties": { "masterUserArn": { "type": "string", "description": "ARN for the main user. Only specify if `internal_user_database_enabled` is not set or set to `false`.\n" }, "masterUserName": { "type": "string", "description": "Main user's username, which is stored in the Amazon Elasticsearch Service domain's internal database. Only specify if `internal_user_database_enabled` is set to `true`.\n" }, "masterUserPassword": { "type": "string", "description": "Main user's password, which is stored in the Amazon Elasticsearch Service domain's internal database. Only specify if `internal_user_database_enabled` is set to `true`.\n", "secret": true } }, "type": "object" }, "aws:elasticsearch/DomainAutoTuneOptions:DomainAutoTuneOptions": { "properties": { "desiredState": { "type": "string", "description": "The Auto-Tune desired state for the domain. Valid values: `ENABLED` or `DISABLED`.\n" }, "maintenanceSchedules": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainAutoTuneOptionsMaintenanceSchedule:DomainAutoTuneOptionsMaintenanceSchedule" }, "description": "Configuration block for Auto-Tune maintenance windows. Can be specified multiple times for each maintenance window. Detailed below.\n" }, "rollbackOnDisable": { "type": "string", "description": "Whether to roll back to default Auto-Tune settings when disabling Auto-Tune. Valid values: `DEFAULT_ROLLBACK` or `NO_ROLLBACK`.\n" } }, "type": "object", "required": [ "desiredState" ], "language": { "nodejs": { "requiredOutputs": [ "desiredState", "maintenanceSchedules", "rollbackOnDisable" ] } } }, "aws:elasticsearch/DomainAutoTuneOptionsMaintenanceSchedule:DomainAutoTuneOptionsMaintenanceSchedule": { "properties": { "cronExpressionForRecurrence": { "type": "string", "description": "A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.\n" }, "duration": { "$ref": "#/types/aws:elasticsearch/DomainAutoTuneOptionsMaintenanceScheduleDuration:DomainAutoTuneOptionsMaintenanceScheduleDuration", "description": "Configuration block for the duration of the Auto-Tune maintenance window. Detailed below.\n" }, "startAt": { "type": "string", "description": "Date and time at which to start the Auto-Tune maintenance schedule in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" } }, "type": "object", "required": [ "cronExpressionForRecurrence", "duration", "startAt" ] }, "aws:elasticsearch/DomainAutoTuneOptionsMaintenanceScheduleDuration:DomainAutoTuneOptionsMaintenanceScheduleDuration": { "properties": { "unit": { "type": "string", "description": "The unit of time specifying the duration of an Auto-Tune maintenance window. Valid values: `HOURS`.\n" }, "value": { "type": "integer", "description": "An integer specifying the value of the duration of an Auto-Tune maintenance window.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:elasticsearch/DomainClusterConfig:DomainClusterConfig": { "properties": { "coldStorageOptions": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfigColdStorageOptions:DomainClusterConfigColdStorageOptions", "description": "Configuration block containing cold storage configuration. Detailed below.\n" }, "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated main nodes in the cluster.\n" }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Whether dedicated main nodes are enabled for the cluster.\n" }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated main nodes in the cluster.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n" }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n" }, "warmCount": { "type": "integer", "description": "Number of warm nodes in the cluster. Valid values are between `2` and `150`. `warm_count` can be only and must be set when `warm_enabled` is set to `true`.\n" }, "warmEnabled": { "type": "boolean", "description": "Whether to enable warm storage.\n" }, "warmType": { "type": "string", "description": "Instance type for the Elasticsearch cluster's warm nodes. Valid values are `ultrawarm1.medium.elasticsearch`, `ultrawarm1.large.elasticsearch` and `ultrawarm1.xlarge.elasticsearch`. `warm_type` can be only and must be set when `warm_enabled` is set to `true`.\n" }, "zoneAwarenessConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig", "description": "Configuration block containing zone awareness settings. Detailed below.\n" }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Whether zone awareness is enabled, set to `true` for multi-az deployment. To enable awareness with three Availability Zones, the `availability_zone_count` within the `zone_awareness_config` must be set to `3`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "coldStorageOptions" ] } } }, "aws:elasticsearch/DomainClusterConfigColdStorageOptions:DomainClusterConfigColdStorageOptions": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable cold storage for an Elasticsearch domain. Defaults to `false`. Master and ultrawarm nodes must be enabled for cold storage.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:elasticsearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of Availability Zones for the domain to use with `zone_awareness_enabled`. Defaults to `2`. Valid values: `2` or `3`.\n" } }, "type": "object" }, "aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether Amazon Cognito authentication with Kibana is enabled or not.\n" }, "identityPoolId": { "type": "string", "description": "ID of the Cognito Identity Pool to use.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that has the AmazonESCognitoAccess policy attached.\n" }, "userPoolId": { "type": "string", "description": "ID of the Cognito User Pool to use.\n" } }, "type": "object", "required": [ "identityPoolId", "roleArn", "userPoolId" ] }, "aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions": { "properties": { "customEndpoint": { "type": "string", "description": "Fully qualified domain for your custom endpoint.\n" }, "customEndpointCertificateArn": { "type": "string", "description": "ACM certificate ARN for your custom endpoint.\n" }, "customEndpointEnabled": { "type": "boolean", "description": "Whether to enable custom endpoint for the Elasticsearch domain.\n" }, "enforceHttps": { "type": "boolean", "description": "Whether or not to require HTTPS. Defaults to `true`.\n" }, "tlsSecurityPolicy": { "type": "string", "description": "Name of the TLS security policy that needs to be applied to the HTTPS endpoint. Valid values: `Policy-Min-TLS-1-0-2019-07` and `Policy-Min-TLS-1-2-2019-07`. The provider will only perform drift detection if a configuration value is provided.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "tlsSecurityPolicy" ] } } }, "aws:elasticsearch/DomainEbsOptions:DomainEbsOptions": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n" }, "iops": { "type": "integer", "description": "Baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the GP3 and Provisioned IOPS EBS volume types.\n" }, "throughput": { "type": "integer", "description": "Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type.\n" }, "volumeSize": { "type": "integer", "description": "Size of EBS volumes attached to data nodes (in GiB).\n" }, "volumeType": { "type": "string", "description": "Type of EBS volumes attached to data nodes.\n" } }, "type": "object", "required": [ "ebsEnabled" ], "language": { "nodejs": { "requiredOutputs": [ "ebsEnabled", "iops", "throughput", "volumeType" ] } } }, "aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. If the `encrypt_at_rest` block is not provided then this defaults to `false`. Enabling encryption on new domains requires `elasticsearch_version` 5.1 or greater.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ARN to encrypt the Elasticsearch domain with. If not specified then it defaults to using the `aws/es` service KMS key. Note that KMS will accept a KMS key ID but will return the key ARN. To prevent the provider detecting unwanted changes, use the key ARN instead.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "kmsKeyId" ] } } }, "aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "ARN of the Cloudwatch log group to which log needs to be published.\n" }, "enabled": { "type": "boolean", "description": "Whether given log publishing option is enabled or not.\n" }, "logType": { "type": "string", "description": "Type of Elasticsearch log. Valid values: `INDEX_SLOW_LOGS`, `SEARCH_SLOW_LOGS`, `ES_APPLICATION_LOGS`, `AUDIT_LOGS`.\n" } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "logType" ] }, "aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable node-to-node encryption. If the `node_to_node_encryption` block is not provided then this defaults to `false`. Enabling node-to-node encryption of a new domain requires an `elasticsearch_version` of `6.0` or greater.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:elasticsearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether SAML authentication is enabled.\n" }, "idp": { "$ref": "#/types/aws:elasticsearch/DomainSamlOptionsSamlOptionsIdp:DomainSamlOptionsSamlOptionsIdp", "description": "Information from your identity provider.\n" }, "masterBackendRole": { "type": "string", "description": "This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.\n" }, "masterUserName": { "type": "string", "description": "This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.\n", "secret": true }, "rolesKey": { "type": "string", "description": "Element of the SAML assertion to use for backend roles. Default is roles.\n" }, "sessionTimeoutMinutes": { "type": "integer", "description": "Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.\n" }, "subjectKey": { "type": "string", "description": "Custom SAML attribute to use for user names. Default is an empty string - `\"\"`. This will cause Elasticsearch to use the `NameID` element of the `Subject`, which is the default location for name identifiers in the SAML specification.\n" } }, "type": "object" }, "aws:elasticsearch/DomainSamlOptionsSamlOptionsIdp:DomainSamlOptionsSamlOptionsIdp": { "properties": { "entityId": { "type": "string", "description": "The unique Entity ID of the application in SAML Identity Provider.\n" }, "metadataContent": { "type": "string", "description": "The Metadata of the SAML application in xml format.\n" } }, "type": "object", "required": [ "entityId", "metadataContent" ] }, "aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily snapshot of the indices in the domain.\n" } }, "type": "object", "required": [ "automatedSnapshotStartHour" ] }, "aws:elasticsearch/DomainVpcOptions:DomainVpcOptions": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "If the domain was created inside a VPC, the names of the availability zones the configured `subnet_ids` were created inside.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoints. If omitted, the default Security Group for the VPC will be used.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the Elasticsearch domain endpoints to be created in.\n" }, "vpcId": { "type": "string", "description": "If the domain was created inside a VPC, the ID of the VPC.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "vpcId" ] } } }, "aws:elasticsearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The list of security group IDs associated with the VPC endpoints for the domain. If you do not provide a security group ID, elasticsearch Service uses the default security group for the VPC.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs associated with the VPC endpoints for the domain. If your domain uses multiple Availability Zones, you need to provide two subnet IDs, one per zone. Otherwise, provide only one.\n" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:elasticsearch/getDomainAdvancedSecurityOption:getDomainAdvancedSecurityOption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" }, "internalUserDatabaseEnabled": { "type": "boolean", "description": "Whether the internal user database is enabled.\n" } }, "type": "object", "required": [ "enabled", "internalUserDatabaseEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainAutoTuneOption:getDomainAutoTuneOption": { "properties": { "desiredState": { "type": "string", "description": "The Auto-Tune desired state for the domain.\n" }, "maintenanceSchedules": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainAutoTuneOptionMaintenanceSchedule:getDomainAutoTuneOptionMaintenanceSchedule" }, "description": "A list of the nested configurations for the Auto-Tune maintenance windows of the domain.\n" }, "rollbackOnDisable": { "type": "string", "description": "Whether the domain is set to roll back to default Auto-Tune settings when disabling Auto-Tune.\n" } }, "type": "object", "required": [ "desiredState", "maintenanceSchedules", "rollbackOnDisable" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainAutoTuneOptionMaintenanceSchedule:getDomainAutoTuneOptionMaintenanceSchedule": { "properties": { "cronExpressionForRecurrence": { "type": "string", "description": "Cron expression for an Auto-Tune maintenance schedule.\n" }, "durations": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainAutoTuneOptionMaintenanceScheduleDuration:getDomainAutoTuneOptionMaintenanceScheduleDuration" }, "description": "Configuration block for the duration of the Auto-Tune maintenance window.\n" }, "startAt": { "type": "string", "description": "Date and time at which the Auto-Tune maintenance schedule starts in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" } }, "type": "object", "required": [ "cronExpressionForRecurrence", "durations", "startAt" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainAutoTuneOptionMaintenanceScheduleDuration:getDomainAutoTuneOptionMaintenanceScheduleDuration": { "properties": { "unit": { "type": "string", "description": "Unit of time.\n" }, "value": { "type": "integer", "description": "Duration of an Auto-Tune maintenance window.\n" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainClusterConfig:getDomainClusterConfig": { "properties": { "coldStorageOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainClusterConfigColdStorageOption:getDomainClusterConfigColdStorageOption" }, "description": "Configuration block containing cold storage configuration.\n" }, "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated master nodes in the cluster.\n" }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Indicates whether dedicated master nodes are enabled for the cluster.\n" }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated master nodes in the cluster.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n" }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n" }, "warmCount": { "type": "integer", "description": "The number of warm nodes in the cluster.\n" }, "warmEnabled": { "type": "boolean", "description": "Warm storage is enabled.\n" }, "warmType": { "type": "string", "description": "The instance type for the Elasticsearch cluster's warm nodes.\n" }, "zoneAwarenessConfigs": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig" }, "description": "Configuration block containing zone awareness settings.\n" }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Indicates whether zone awareness is enabled.\n" } }, "type": "object", "required": [ "coldStorageOptions", "dedicatedMasterCount", "dedicatedMasterEnabled", "dedicatedMasterType", "instanceCount", "instanceType", "warmCount", "warmEnabled", "warmType", "zoneAwarenessConfigs", "zoneAwarenessEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainClusterConfigColdStorageOption:getDomainClusterConfigColdStorageOption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of availability zones used.\n" } }, "type": "object", "required": [ "availabilityZoneCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainCognitoOption:getDomainCognitoOption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" }, "identityPoolId": { "type": "string", "description": "The Cognito Identity pool used by the domain.\n" }, "roleArn": { "type": "string", "description": "The IAM Role with the AmazonESCognitoAccess policy attached.\n" }, "userPoolId": { "type": "string", "description": "The Cognito User pool used by the domain.\n" } }, "type": "object", "required": [ "enabled", "identityPoolId", "roleArn", "userPoolId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainEbsOption:getDomainEbsOption": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n" }, "iops": { "type": "integer", "description": "The baseline input/output (I/O) performance of EBS volumes attached to data nodes.\n" }, "throughput": { "type": "integer", "description": "The throughput (in MiB/s) of the EBS volumes attached to data nodes.\n" }, "volumeSize": { "type": "integer", "description": "The size of EBS volumes attached to data nodes (in GB).\n" }, "volumeType": { "type": "string", "description": "The type of EBS volumes attached to data nodes.\n" } }, "type": "object", "required": [ "ebsEnabled", "iops", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" }, "kmsKeyId": { "type": "string", "description": "The KMS key id used to encrypt data at rest.\n" } }, "type": "object", "required": [ "enabled", "kmsKeyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainLogPublishingOption:getDomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "The CloudWatch Log Group where the logs are published.\n" }, "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" }, "logType": { "type": "string", "description": "The type of Elasticsearch log being published.\n" } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "enabled", "logType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether node to node encryption is enabled.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainSnapshotOption:getDomainSnapshotOption": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily snapshot of the indices in the domain.\n" } }, "type": "object", "required": [ "automatedSnapshotStartHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elasticsearch/getDomainVpcOption:getDomainVpcOption": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The availability zones used by the domain.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security groups used by the domain.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The subnets used by the domain.\n" }, "vpcId": { "type": "string", "description": "The VPC used by the domain.\n" } }, "type": "object", "required": [ "availabilityZones", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig": { "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists.\n" }, "storageClass": { "type": "string", "description": "The Amazon S3 storage class, `Standard` or `ReducedRedundancy`, that you want Elastic Transcoder to assign to the files and playlists that it stores in your Amazon S3 bucket.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucket" ] } } }, "aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission": { "properties": { "accesses": { "type": "array", "items": { "type": "string" }, "description": "The permission that you want to give to the AWS user that you specified in `content_config_permissions.grantee`. Valid values are `Read`, `ReadAcp`, `WriteAcp` or `FullControl`.\n" }, "grantee": { "type": "string", "description": "The AWS user or group that you want to have access to transcoded files and playlists.\n" }, "granteeType": { "type": "string", "description": "Specify the type of value that appears in the `content_config_permissions.grantee` object. Valid values are `Canonical`, `Email` or `Group`.\n" } }, "type": "object" }, "aws:elastictranscoder/PipelineNotifications:PipelineNotifications": { "properties": { "completed": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder has finished processing a job in this pipeline.\n" }, "error": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters an error condition while processing a job in this pipeline.\n" }, "progressing": { "type": "string", "description": "The topic ARN for the Amazon Simple Notification Service (Amazon SNS) topic that you want to notify when Elastic Transcoder has started to process a job in this pipeline.\n" }, "warning": { "type": "string", "description": "The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters a warning condition while processing a job in this pipeline.\n\nThe `thumbnail_config` object specifies information about the Amazon S3 bucket in\nwhich you want Elastic Transcoder to save thumbnail files: which bucket to use,\nwhich users you want to have access to the files, the type of access you want\nusers to have, and the storage class that you want to assign to the files. If\nyou specify values for `content_config`, you must also specify values for\n`thumbnail_config` even if you don't want to create thumbnails. (You control\nwhether to create thumbnails when you create a job. For more information, see\nThumbnailPattern in the topic Create Job.) If you specify values for\n`content_config` and `thumbnail_config`, omit the OutputBucket object.\n" } }, "type": "object" }, "aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig": { "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files.\n" }, "storageClass": { "type": "string", "description": "The Amazon S3 storage class, Standard or ReducedRedundancy, that you want Elastic Transcoder to assign to the thumbnails that it stores in your Amazon S3 bucket.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucket" ] } } }, "aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission": { "properties": { "accesses": { "type": "array", "items": { "type": "string" }, "description": "The permission that you want to give to the AWS user that you specified in `thumbnail_config_permissions.grantee`. Valid values are `Read`, `ReadAcp`, `WriteAcp` or `FullControl`.\n" }, "grantee": { "type": "string", "description": "The AWS user or group that you want to have access to thumbnail files.\n" }, "granteeType": { "type": "string", "description": "Specify the type of value that appears in the `thumbnail_config_permissions.grantee` object. Valid values are `Canonical`, `Email` or `Group`.\n" } }, "type": "object" }, "aws:elastictranscoder/PresetAudio:PresetAudio": { "properties": { "audioPackingMode": { "type": "string", "description": "The method of organizing audio channels and tracks. Use Audio:Channels to specify the number of channels in your output, and Audio:AudioPackingMode to specify the number of tracks and their relation to the channels. If you do not specify an Audio:AudioPackingMode, Elastic Transcoder uses SingleTrack.\n", "willReplaceOnChanges": true }, "bitRate": { "type": "string", "description": "The bit rate of the audio stream in the output file, in kilobits/second. Enter an integer between 64 and 320, inclusive.\n", "willReplaceOnChanges": true }, "channels": { "type": "string", "description": "The number of audio channels in the output file\n", "willReplaceOnChanges": true }, "codec": { "type": "string", "description": "The audio codec for the output file. Valid values are `AAC`, `flac`, `mp2`, `mp3`, `pcm`, and `vorbis`.\n", "willReplaceOnChanges": true }, "sampleRate": { "type": "string", "description": "The sample rate of the audio stream in the output file, in hertz. Valid values are: `auto`, `22050`, `32000`, `44100`, `48000`, `96000`\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitRate" ] } } }, "aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions": { "properties": { "bitDepth": { "type": "string", "description": "The bit depth of a sample is how many bits of information are included in the audio samples. Valid values are `16` and `24`. (FLAC/PCM Only)\n", "willReplaceOnChanges": true }, "bitOrder": { "type": "string", "description": "The order the bits of a PCM sample are stored in. The supported value is LittleEndian. (PCM Only)\n", "willReplaceOnChanges": true }, "profile": { "type": "string", "description": "If you specified AAC for Audio:Codec, choose the AAC profile for the output file.\n", "willReplaceOnChanges": true }, "signed": { "type": "string", "description": "Whether audio samples are represented with negative and positive numbers (signed) or only positive numbers (unsigned). The supported value is Signed. (PCM Only)\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitDepth", "bitOrder", "profile", "signed" ] } } }, "aws:elastictranscoder/PresetThumbnails:PresetThumbnails": { "properties": { "aspectRatio": { "type": "string", "description": "The aspect ratio of thumbnails. The following values are valid: auto, 1:1, 4:3, 3:2, 16:9\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of thumbnails, if any. Valid formats are jpg and png.\n", "willReplaceOnChanges": true }, "interval": { "type": "string", "description": "The approximate number of seconds between thumbnails. The value must be an integer. The actual interval can vary by several seconds from one thumbnail to the next.\n", "willReplaceOnChanges": true }, "maxHeight": { "type": "string", "description": "The maximum height of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 3072, inclusive.\n", "willReplaceOnChanges": true }, "maxWidth": { "type": "string", "description": "The maximum width of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 4096, inclusive.\n", "willReplaceOnChanges": true }, "paddingPolicy": { "type": "string", "description": "When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of thumbnails to make the total size of the thumbnails match the values that you specified for thumbnail MaxWidth and MaxHeight settings.\n", "willReplaceOnChanges": true }, "resolution": { "type": "string", "description": "The width and height of thumbnail files in pixels, in the format WidthxHeight, where both values are even integers. The values cannot exceed the width and height that you specified in the Video:Resolution object. (To better control resolution and aspect ratio of thumbnails, we recommend that you use the thumbnail values `max_width`, `max_height`, `sizing_policy`, and `padding_policy` instead of `resolution` and `aspect_ratio`. The two groups of settings are mutually exclusive. Do not use them together)\n", "willReplaceOnChanges": true }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of thumbnails. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, and `ShrinkToFill`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:elastictranscoder/PresetVideo:PresetVideo": { "properties": { "aspectRatio": { "type": "string", "description": "The display aspect ratio of the video in the output file. Valid values are: `auto`, `1:1`, `4:3`, `3:2`, `16:9`. (Note; to better control resolution and aspect ratio of output videos, we recommend that you use the values `max_width`, `max_height`, `sizing_policy`, `padding_policy`, and `display_aspect_ratio` instead of `resolution` and `aspect_ratio`.)\n", "willReplaceOnChanges": true }, "bitRate": { "type": "string", "description": "The bit rate of the video stream in the output file, in kilobits/second. You can configure variable bit rate or constant bit rate encoding.\n", "willReplaceOnChanges": true }, "codec": { "type": "string", "description": "The video codec for the output file. Valid values are `gif`, `H.264`, `mpeg2`, `vp8`, and `vp9`.\n", "willReplaceOnChanges": true }, "displayAspectRatio": { "type": "string", "description": "The value that Elastic Transcoder adds to the metadata in the output file. If you set DisplayAspectRatio to auto, Elastic Transcoder chooses an aspect ratio that ensures square pixels. If you specify another option, Elastic Transcoder sets that value in the output file.\n", "willReplaceOnChanges": true }, "fixedGop": { "type": "string", "description": "Whether to use a fixed value for Video:FixedGOP. Not applicable for containers of type gif. Valid values are true and false. Also known as, Fixed Number of Frames Between Keyframes.\n", "willReplaceOnChanges": true }, "frameRate": { "type": "string", "description": "The frames per second for the video stream in the output file. The following values are valid: `auto`, `10`, `15`, `23.97`, `24`, `25`, `29.97`, `30`, `50`, `60`.\n", "willReplaceOnChanges": true }, "keyframesMaxDist": { "type": "string", "description": "The maximum number of frames between key frames. Not applicable for containers of type gif.\n", "willReplaceOnChanges": true }, "maxFrameRate": { "type": "string", "description": "If you specify auto for FrameRate, Elastic Transcoder uses the frame rate of the input video for the frame rate of the output video, up to the maximum frame rate. If you do not specify a MaxFrameRate, Elastic Transcoder will use a default of 30.\n", "willReplaceOnChanges": true }, "maxHeight": { "type": "string", "description": "The maximum height of the output video in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 96 and 3072, inclusive.\n", "willReplaceOnChanges": true }, "maxWidth": { "type": "string", "description": "The maximum width of the output video in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 128 and 4096, inclusive.\n", "willReplaceOnChanges": true }, "paddingPolicy": { "type": "string", "description": "When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of the output video to make the total size of the output video match the values that you specified for `max_width` and `max_height`.\n", "willReplaceOnChanges": true }, "resolution": { "type": "string", "description": "The width and height of the video in the output file, in pixels. Valid values are `auto` and `widthxheight`. (see note for `aspect_ratio`)\n", "willReplaceOnChanges": true }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of the output video. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, `ShrinkToFill`.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitRate", "maxFrameRate" ] } } }, "aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark": { "properties": { "horizontalAlign": { "type": "string", "description": "The horizontal position of the watermark unless you specify a nonzero value for `horzontal_offset`.\n", "willReplaceOnChanges": true }, "horizontalOffset": { "type": "string", "description": "The amount by which you want the horizontal position of the watermark to be offset from the position specified by `horizontal_align`.\n", "willReplaceOnChanges": true }, "id": { "type": "string", "description": "A unique identifier for the settings for one watermark. The value of Id can be up to 40 characters long. You can specify settings for up to four watermarks.\n", "willReplaceOnChanges": true }, "maxHeight": { "type": "string", "description": "The maximum height of the watermark.\n", "willReplaceOnChanges": true }, "maxWidth": { "type": "string", "description": "The maximum width of the watermark.\n", "willReplaceOnChanges": true }, "opacity": { "type": "string", "description": "A percentage that indicates how much you want a watermark to obscure the video in the location where it appears.\n", "willReplaceOnChanges": true }, "sizingPolicy": { "type": "string", "description": "A value that controls scaling of the watermark. Valid values are: `Fit`, `Stretch`, `ShrinkToFit`\n", "willReplaceOnChanges": true }, "target": { "type": "string", "description": "A value that determines how Elastic Transcoder interprets values that you specified for `video_watermarks.horizontal_offset`, `video_watermarks.vertical_offset`, `video_watermarks.max_width`, and `video_watermarks.max_height`. Valid values are `Content` and `Frame`.\n", "willReplaceOnChanges": true }, "verticalAlign": { "type": "string", "description": "The vertical position of the watermark unless you specify a nonzero value for `vertical_align`. Valid values are `Top`, `Bottom`, `Center`.\n", "willReplaceOnChanges": true }, "verticalOffset": { "type": "string", "description": "The amount by which you want the vertical position of the watermark to be offset from the position specified by `vertical_align`\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "The S3 bucket name to store the logs in.\n" }, "bucketPrefix": { "type": "string", "description": "The S3 bucket prefix. Logs are stored in the root if not configured.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Default is `true`\n" }, "interval": { "type": "integer", "description": "The publishing interval in minutes. Valid values: `5` and `60`. Default: `60`\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared healthy.\n" }, "interval": { "type": "integer", "description": "The interval between checks.\n" }, "target": { "type": "string", "description": "The target of the check. Valid pattern is \"${PROTOCOL}:${PORT}${PATH}\", where PROTOCOL\nvalues are:\n* `HTTP`, `HTTPS` - PORT and PATH are required\n* `TCP`, `SSL` - PORT is required, PATH is not supported\n" }, "timeout": { "type": "integer", "description": "The length of time before the check times out.\n" }, "unhealthyThreshold": { "type": "integer", "description": "The number of checks before the instance is declared unhealthy.\n" } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ] }, "aws:elb/LoadBalancerListener:LoadBalancerListener": { "properties": { "instancePort": { "type": "integer", "description": "The port on the instance to route to\n" }, "instanceProtocol": { "type": "string", "description": "The protocol to use to the instance. Valid\nvalues are `HTTP`, `HTTPS`, `TCP`, or `SSL`\n" }, "lbPort": { "type": "integer", "description": "The port to listen on for the load balancer\n" }, "lbProtocol": { "type": "string", "description": "The protocol to listen on. Valid values are `HTTP`,\n`HTTPS`, `TCP`, or `SSL`\n" }, "sslCertificateId": { "type": "string", "description": "The ARN of an SSL certificate you have\nuploaded to AWS IAM. **Note ECDSA-specific restrictions below. Only valid when `lb_protocol` is either HTTPS or SSL**\n" } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol" ] }, "aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute": { "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "type": "object" }, "aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute": { "properties": { "name": { "type": "string", "description": "The name of the attribute\n" }, "value": { "type": "string", "description": "The value of the attribute\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:elb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string" }, "bucketPrefix": { "type": "string" }, "enabled": { "type": "boolean" }, "interval": { "type": "integer" } }, "type": "object", "required": [ "bucket", "bucketPrefix", "enabled", "interval" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elb/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck": { "properties": { "healthyThreshold": { "type": "integer" }, "interval": { "type": "integer" }, "target": { "type": "string" }, "timeout": { "type": "integer" }, "unhealthyThreshold": { "type": "integer" } }, "type": "object", "required": [ "healthyThreshold", "interval", "target", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:elb/getLoadBalancerListener:getLoadBalancerListener": { "properties": { "instancePort": { "type": "integer" }, "instanceProtocol": { "type": "string" }, "lbPort": { "type": "integer" }, "lbProtocol": { "type": "string" }, "sslCertificateId": { "type": "string" } }, "type": "object", "required": [ "instancePort", "instanceProtocol", "lbPort", "lbProtocol", "sslCertificateId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emr/BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange:BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange": { "properties": { "maxRange": { "type": "integer", "description": "The final port in the range of TCP ports.\n" }, "minRange": { "type": "integer", "description": "The first port in the range of TCP ports.\n" } }, "type": "object", "required": [ "maxRange", "minRange" ] }, "aws:emr/ClusterAutoTerminationPolicy:ClusterAutoTerminationPolicy": { "properties": { "idleTimeout": { "type": "integer", "description": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of `60` seconds and a maximum of `604800` seconds (seven days).\n" } }, "type": "object" }, "aws:emr/ClusterBootstrapAction:ClusterBootstrapAction": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "List of command line arguments to pass to the bootstrap action script.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the bootstrap action.\n" }, "path": { "type": "string", "description": "Location of the script to run during a bootstrap action. Can be either a location in Amazon S3 or on a local file system.\n" } }, "type": "object", "required": [ "name", "path" ] }, "aws:emr/ClusterCoreInstanceFleet:ClusterCoreInstanceFleet": { "properties": { "id": { "type": "string", "description": "ID of the cluster.\n" }, "instanceTypeConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetInstanceTypeConfig:ClusterCoreInstanceFleetInstanceTypeConfig" }, "description": "Configuration block for instance fleet.\n", "willReplaceOnChanges": true }, "launchSpecifications": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetLaunchSpecifications:ClusterCoreInstanceFleetLaunchSpecifications", "description": "Configuration block for launch specification.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance fleet.\n", "willReplaceOnChanges": true }, "provisionedOnDemandCapacity": { "type": "integer" }, "provisionedSpotCapacity": { "type": "integer" }, "targetOnDemandCapacity": { "type": "integer", "description": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision.\n", "willReplaceOnChanges": true }, "targetSpotCapacity": { "type": "integer", "description": "Target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "provisionedOnDemandCapacity", "provisionedSpotCapacity" ] } } }, "aws:emr/ClusterCoreInstanceFleetInstanceTypeConfig:ClusterCoreInstanceFleetInstanceTypeConfig": { "properties": { "bidPrice": { "type": "string", "description": "Bid price for each EC2 Spot instance type as defined by `instance_type`. Expressed in USD. If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "bidPriceAsPercentageOfOnDemandPrice": { "type": "number", "description": "Bid price, as a percentage of On-Demand price, for each EC2 Spot instance as defined by `instance_type`. Expressed as a number (for example, 20 specifies 20%). If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetInstanceTypeConfigConfiguration:ClusterCoreInstanceFleetInstanceTypeConfigConfiguration" }, "description": "Configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster. List of `configuration` blocks.\n", "willReplaceOnChanges": true }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetInstanceTypeConfigEbsConfig:ClusterCoreInstanceFleetInstanceTypeConfigEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "EC2 instance type, such as m4.xlarge.\n", "willReplaceOnChanges": true }, "weightedCapacity": { "type": "integer", "description": "Number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `aws.emr.InstanceFleet`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "instanceType" ] } } }, "aws:emr/ClusterCoreInstanceFleetInstanceTypeConfigConfiguration:ClusterCoreInstanceFleetInstanceTypeConfigConfiguration": { "properties": { "classification": { "type": "string", "description": "Classification within a configuration.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of properties specified within a configuration classification.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/ClusterCoreInstanceFleetInstanceTypeConfigEbsConfig:ClusterCoreInstanceFleetInstanceTypeConfigEbsConfig": { "properties": { "iops": { "type": "integer", "description": "Number of I/O operations per second (IOPS) that the volume supports.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "Volume size, in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Volume type. Valid options are `gp3`, `gp2`, `io1`, `standard`, `st1` and `sc1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "Number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterCoreInstanceFleetLaunchSpecifications:ClusterCoreInstanceFleetLaunchSpecifications": { "properties": { "onDemandSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetLaunchSpecificationsOnDemandSpecification:ClusterCoreInstanceFleetLaunchSpecificationsOnDemandSpecification" }, "description": "Configuration block for on demand instances launch specifications.\n", "willReplaceOnChanges": true }, "spotSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecification:ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecification" }, "description": "Configuration block for spot instances launch specifications.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/ClusterCoreInstanceFleetLaunchSpecificationsOnDemandSpecification:ClusterCoreInstanceFleetLaunchSpecificationsOnDemandSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies the strategy to use in launching On-Demand instance fleets. Currently, the only option is `lowest-price` (the default), which launches the lowest price first.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy" ] }, "aws:emr/ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecification:ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies the strategy to use in launching Spot instance fleets. Valid values include `capacity-optimized`, `diversified`, `lowest-price`, `price-capacity-optimized`. See the [AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html#emr-instance-fleet-allocation-strategy) for details on each strategy type.\n", "willReplaceOnChanges": true }, "blockDurationMinutes": { "type": "integer", "description": "Defined duration for Spot instances (also known as Spot blocks) in minutes. When specified, the Spot instance does not terminate before the defined duration expires, and defined duration pricing for Spot instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\n", "willReplaceOnChanges": true }, "timeoutAction": { "type": "string", "description": "Action to take when TargetSpotCapacity has not been fulfilled when the TimeoutDurationMinutes has expired; that is, when all Spot instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND`. SWITCH_TO_ON_DEMAND specifies that if no Spot instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.\n", "willReplaceOnChanges": true }, "timeoutDurationMinutes": { "type": "integer", "description": "Spot provisioning timeout period in minutes. If Spot instances are not provisioned within this time period, the TimeOutAction is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy", "timeoutAction", "timeoutDurationMinutes" ] }, "aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup": { "properties": { "autoscalingPolicy": { "type": "string", "description": "String containing the [EMR Auto Scaling Policy](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html) JSON.\n" }, "bidPrice": { "type": "string", "description": "Bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "willReplaceOnChanges": true }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroupEbsConfig:ClusterCoreInstanceGroupEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "willReplaceOnChanges": true }, "id": { "type": "string", "description": "Core node type Instance Group ID, if using Instance Group for this node type.\n" }, "instanceCount": { "type": "integer", "description": "Target number of instances for the instance group. Must be at least 1. Defaults to 1.\n" }, "instanceType": { "type": "string", "description": "EC2 instance type for all instances in the instance group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance group.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "id", "instanceType" ] } } }, "aws:emr/ClusterCoreInstanceGroupEbsConfig:ClusterCoreInstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "Number of I/O operations per second (IOPS) that the volume supports.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "Volume size, in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "description": "The throughput, in mebibyte per second (MiB/s).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Volume type. Valid options are `gp3`, `gp2`, `io1`, `standard`, `st1` and `sc1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "Number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterEc2Attributes:ClusterEc2Attributes": { "properties": { "additionalMasterSecurityGroups": { "type": "string", "description": "String containing a comma separated list of additional Amazon EC2 security group IDs for the master node.\n", "willReplaceOnChanges": true }, "additionalSlaveSecurityGroups": { "type": "string", "description": "String containing a comma separated list of additional Amazon EC2 security group IDs for the slave nodes as a comma separated string.\n", "willReplaceOnChanges": true }, "emrManagedMasterSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 EMR-Managed security group for the master node.\n", "willReplaceOnChanges": true }, "emrManagedSlaveSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 EMR-Managed security group for the slave nodes.\n", "willReplaceOnChanges": true }, "instanceProfile": { "type": "string", "description": "Instance Profile for EC2 instances of the cluster assume this role.\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "Amazon EC2 key pair that can be used to ssh to the master node as the user called `hadoop`.\n", "willReplaceOnChanges": true }, "serviceAccessSecurityGroup": { "type": "string", "description": "Identifier of the Amazon EC2 service-access security group - required when the cluster runs on a private subnet.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "VPC subnet id where you want the job flow to launch. Cannot specify the `cc1.4xlarge` instance type for nodes of a job flow launched in an Amazon VPC.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC subnet id-s where you want the job flow to launch. Amazon EMR identifies the best Availability Zone to launch instances according to your fleet specifications.\n\n\u003e **NOTE on EMR-Managed security groups:** These security groups will have any missing inbound or outbound access rules added and maintained by AWS, to ensure proper communication between instances in a cluster. The EMR service will maintain these rules for groups provided in `emr_managed_master_security_group` and `emr_managed_slave_security_group`; attempts to remove the required rules may succeed, only for the EMR service to re-add them in a matter of minutes. This may cause this provider to fail to destroy an environment that contains an EMR cluster, because the EMR service does not revoke rules added on deletion, leaving a cyclic dependency between the security groups that prevents their deletion. To avoid this, use the `revoke_rules_on_delete` optional attribute for any Security Group used in `emr_managed_master_security_group` and `emr_managed_slave_security_group`. See [Amazon EMR-Managed Security Groups](http://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-man-sec-groups.html) for more information about the EMR-managed security group rules.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceProfile" ], "language": { "nodejs": { "requiredOutputs": [ "emrManagedMasterSecurityGroup", "emrManagedSlaveSecurityGroup", "instanceProfile", "serviceAccessSecurityGroup", "subnetId", "subnetIds" ] } } }, "aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes": { "properties": { "adDomainJoinPassword": { "type": "string", "description": "Active Directory password for `ad_domain_join_user`. This provider cannot perform drift detection of this configuration.\n", "secret": true, "willReplaceOnChanges": true }, "adDomainJoinUser": { "type": "string", "description": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain. This provider cannot perform drift detection of this configuration.\n", "willReplaceOnChanges": true }, "crossRealmTrustPrincipalPassword": { "type": "string", "description": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms. This provider cannot perform drift detection of this configuration.\n", "secret": true, "willReplaceOnChanges": true }, "kdcAdminPassword": { "type": "string", "description": "Password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. This provider cannot perform drift detection of this configuration.\n", "secret": true, "willReplaceOnChanges": true }, "realm": { "type": "string", "description": "Name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL`\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "kdcAdminPassword", "realm" ] }, "aws:emr/ClusterMasterInstanceFleet:ClusterMasterInstanceFleet": { "properties": { "id": { "type": "string", "description": "ID of the cluster.\n" }, "instanceTypeConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetInstanceTypeConfig:ClusterMasterInstanceFleetInstanceTypeConfig" }, "description": "Configuration block for instance fleet.\n", "willReplaceOnChanges": true }, "launchSpecifications": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetLaunchSpecifications:ClusterMasterInstanceFleetLaunchSpecifications", "description": "Configuration block for launch specification.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance fleet.\n", "willReplaceOnChanges": true }, "provisionedOnDemandCapacity": { "type": "integer" }, "provisionedSpotCapacity": { "type": "integer" }, "targetOnDemandCapacity": { "type": "integer", "description": "Target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision.\n", "willReplaceOnChanges": true }, "targetSpotCapacity": { "type": "integer", "description": "Target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "provisionedOnDemandCapacity", "provisionedSpotCapacity" ] } } }, "aws:emr/ClusterMasterInstanceFleetInstanceTypeConfig:ClusterMasterInstanceFleetInstanceTypeConfig": { "properties": { "bidPrice": { "type": "string", "description": "Bid price for each EC2 Spot instance type as defined by `instance_type`. Expressed in USD. If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "bidPriceAsPercentageOfOnDemandPrice": { "type": "number", "description": "Bid price, as a percentage of On-Demand price, for each EC2 Spot instance as defined by `instance_type`. Expressed as a number (for example, 20 specifies 20%). If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetInstanceTypeConfigConfiguration:ClusterMasterInstanceFleetInstanceTypeConfigConfiguration" }, "description": "Configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster. List of `configuration` blocks.\n", "willReplaceOnChanges": true }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetInstanceTypeConfigEbsConfig:ClusterMasterInstanceFleetInstanceTypeConfigEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "EC2 instance type, such as m4.xlarge.\n", "willReplaceOnChanges": true }, "weightedCapacity": { "type": "integer", "description": "Number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `aws.emr.InstanceFleet`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "instanceType" ] } } }, "aws:emr/ClusterMasterInstanceFleetInstanceTypeConfigConfiguration:ClusterMasterInstanceFleetInstanceTypeConfigConfiguration": { "properties": { "classification": { "type": "string", "description": "Classification within a configuration.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of properties specified within a configuration classification.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/ClusterMasterInstanceFleetInstanceTypeConfigEbsConfig:ClusterMasterInstanceFleetInstanceTypeConfigEbsConfig": { "properties": { "iops": { "type": "integer", "description": "Number of I/O operations per second (IOPS) that the volume supports.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "Volume size, in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Volume type. Valid options are `gp3`, `gp2`, `io1`, `standard`, `st1` and `sc1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "Number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterMasterInstanceFleetLaunchSpecifications:ClusterMasterInstanceFleetLaunchSpecifications": { "properties": { "onDemandSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetLaunchSpecificationsOnDemandSpecification:ClusterMasterInstanceFleetLaunchSpecificationsOnDemandSpecification" }, "description": "Configuration block for on demand instances launch specifications.\n", "willReplaceOnChanges": true }, "spotSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleetLaunchSpecificationsSpotSpecification:ClusterMasterInstanceFleetLaunchSpecificationsSpotSpecification" }, "description": "Configuration block for spot instances launch specifications.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/ClusterMasterInstanceFleetLaunchSpecificationsOnDemandSpecification:ClusterMasterInstanceFleetLaunchSpecificationsOnDemandSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies the strategy to use in launching On-Demand instance fleets. Currently, the only option is `lowest-price` (the default), which launches the lowest price first.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy" ] }, "aws:emr/ClusterMasterInstanceFleetLaunchSpecificationsSpotSpecification:ClusterMasterInstanceFleetLaunchSpecificationsSpotSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies the strategy to use in launching Spot instance fleets. Valid values include `capacity-optimized`, `diversified`, `lowest-price`, `price-capacity-optimized`. See the [AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html#emr-instance-fleet-allocation-strategy) for details on each strategy type.\n", "willReplaceOnChanges": true }, "blockDurationMinutes": { "type": "integer", "description": "Defined duration for Spot instances (also known as Spot blocks) in minutes. When specified, the Spot instance does not terminate before the defined duration expires, and defined duration pricing for Spot instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\n", "willReplaceOnChanges": true }, "timeoutAction": { "type": "string", "description": "Action to take when TargetSpotCapacity has not been fulfilled when the TimeoutDurationMinutes has expired; that is, when all Spot instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND`. SWITCH_TO_ON_DEMAND specifies that if no Spot instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.\n", "willReplaceOnChanges": true }, "timeoutDurationMinutes": { "type": "integer", "description": "Spot provisioning timeout period in minutes. If Spot instances are not provisioned within this time period, the TimeOutAction is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy", "timeoutAction", "timeoutDurationMinutes" ] }, "aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup": { "properties": { "bidPrice": { "type": "string", "description": "Bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "willReplaceOnChanges": true }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroupEbsConfig:ClusterMasterInstanceGroupEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "willReplaceOnChanges": true }, "id": { "type": "string", "description": "Master node type Instance Group ID, if using Instance Group for this node type.\n" }, "instanceCount": { "type": "integer", "description": "Target number of instances for the instance group. Must be 1 or 3. Defaults to 1. Launching with multiple master nodes is only supported in EMR version 5.23.0+, and requires this resource's `core_instance_group` to be configured. Public (Internet accessible) instances must be created in VPC subnets that have map public IP on launch enabled. Termination protection is automatically enabled when launched with multiple master nodes and this provider must have the `termination_protection = false` configuration applied before destroying this resource.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "EC2 instance type for all instances in the instance group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance group.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "id", "instanceType" ] } } }, "aws:emr/ClusterMasterInstanceGroupEbsConfig:ClusterMasterInstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "Number of I/O operations per second (IOPS) that the volume supports.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "Volume size, in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "description": "The throughput, in mebibyte per second (MiB/s).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Volume type. Valid options are `gp3`, `gp2`, `io1`, `standard`, `st1` and `sc1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "Number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ClusterPlacementGroupConfig:ClusterPlacementGroupConfig": { "properties": { "instanceRole": { "type": "string", "description": "Role of the instance in the cluster. Valid Values: `MASTER`, `CORE`, `TASK`.\n", "willReplaceOnChanges": true }, "placementStrategy": { "type": "string", "description": "EC2 Placement Group strategy associated with instance role. Valid Values: `SPREAD`, `PARTITION`, `CLUSTER`, `NONE`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceRole" ], "language": { "nodejs": { "requiredOutputs": [ "instanceRole", "placementStrategy" ] } } }, "aws:emr/ClusterStep:ClusterStep": { "properties": { "actionOnFailure": { "type": "string", "description": "Action to take if the step fails. Valid values: `TERMINATE_JOB_FLOW`, `TERMINATE_CLUSTER`, `CANCEL_AND_WAIT`, and `CONTINUE`\n", "willReplaceOnChanges": true }, "hadoopJarStep": { "$ref": "#/types/aws:emr/ClusterStepHadoopJarStep:ClusterStepHadoopJarStep", "description": "JAR file used for the step. See below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the step.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "actionOnFailure", "hadoopJarStep", "name" ] }, "aws:emr/ClusterStepHadoopJarStep:ClusterStepHadoopJarStep": { "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "List of command line arguments passed to the JAR file's main function when executed.\n", "willReplaceOnChanges": true }, "jar": { "type": "string", "description": "Path to a JAR file run during the step.\n", "willReplaceOnChanges": true }, "mainClass": { "type": "string", "description": "Name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value map of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "jar" ] }, "aws:emr/InstanceFleetInstanceTypeConfig:InstanceFleetInstanceTypeConfig": { "properties": { "bidPrice": { "type": "string", "description": "The bid price for each EC2 Spot instance type as defined by `instance_type`. Expressed in USD. If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "bidPriceAsPercentageOfOnDemandPrice": { "type": "number", "description": "The bid price, as a percentage of On-Demand price, for each EC2 Spot instance as defined by `instance_type`. Expressed as a number (for example, 20 specifies 20%). If neither `bid_price` nor `bid_price_as_percentage_of_on_demand_price` is provided, `bid_price_as_percentage_of_on_demand_price` defaults to 100%.\n", "willReplaceOnChanges": true }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetInstanceTypeConfigConfiguration:InstanceFleetInstanceTypeConfigConfiguration" }, "description": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster. List of `configuration` blocks.\n", "willReplaceOnChanges": true }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetInstanceTypeConfigEbsConfig:InstanceFleetInstanceTypeConfigEbsConfig" }, "description": "Configuration block(s) for EBS volumes attached to each instance in the instance group. Detailed below.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "An EC2 instance type, such as m4.xlarge.\n", "willReplaceOnChanges": true }, "weightedCapacity": { "type": "integer", "description": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `aws.emr.InstanceFleet`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceType" ], "language": { "nodejs": { "requiredOutputs": [ "ebsConfigs", "instanceType" ] } } }, "aws:emr/InstanceFleetInstanceTypeConfigConfiguration:InstanceFleetInstanceTypeConfigConfiguration": { "properties": { "classification": { "type": "string", "description": "The classification within a configuration.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of properties specified within a configuration classification\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/InstanceFleetInstanceTypeConfigEbsConfig:InstanceFleetInstanceTypeConfigEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB).\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The volume type. Valid options are `gp2`, `io1`, `standard` and `st1`. See [EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html).\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS volumes with this configuration to attach to each EC2 instance in the instance group (default is 1)\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/InstanceFleetLaunchSpecifications:InstanceFleetLaunchSpecifications": { "properties": { "onDemandSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetLaunchSpecificationsOnDemandSpecification:InstanceFleetLaunchSpecificationsOnDemandSpecification" }, "description": "Configuration block for on demand instances launch specifications\n", "willReplaceOnChanges": true }, "spotSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetLaunchSpecificationsSpotSpecification:InstanceFleetLaunchSpecificationsSpotSpecification" }, "description": "Configuration block for spot instances launch specifications\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emr/InstanceFleetLaunchSpecificationsOnDemandSpecification:InstanceFleetLaunchSpecificationsOnDemandSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies one of the following strategies to launch Spot Instance fleets: `price-capacity-optimized`, `capacity-optimized`, `lowest-price`, or `diversified`. For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy" ] }, "aws:emr/InstanceFleetLaunchSpecificationsSpotSpecification:InstanceFleetLaunchSpecificationsSpotSpecification": { "properties": { "allocationStrategy": { "type": "string", "description": "Specifies one of the following strategies to launch Spot Instance fleets: `price-capacity-optimized`, `capacity-optimized`, `lowest-price`, or `diversified`. For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html).\n", "willReplaceOnChanges": true }, "blockDurationMinutes": { "type": "integer", "description": "The defined duration for Spot instances (also known as Spot blocks) in minutes. When specified, the Spot instance does not terminate before the defined duration expires, and defined duration pricing for Spot instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\n", "willReplaceOnChanges": true }, "timeoutAction": { "type": "string", "description": "The action to take when TargetSpotCapacity has not been fulfilled when the TimeoutDurationMinutes has expired; that is, when all Spot instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND`. SWITCH_TO_ON_DEMAND specifies that if no Spot instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.\n", "willReplaceOnChanges": true }, "timeoutDurationMinutes": { "type": "integer", "description": "The spot provisioning timeout period in minutes. If Spot instances are not provisioned within this time period, the TimeOutAction is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "allocationStrategy", "timeoutAction", "timeoutDurationMinutes" ] }, "aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig": { "properties": { "iops": { "type": "integer", "description": "The number of I/O operations per second (IOPS) that the volume supports.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The volume type. Valid options are 'gp2', 'io1' and 'standard'.\n", "willReplaceOnChanges": true }, "volumesPerInstance": { "type": "integer", "description": "The number of EBS Volumes to attach per instance.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:emr/ManagedScalingPolicyComputeLimit:ManagedScalingPolicyComputeLimit": { "properties": { "maximumCapacityUnits": { "type": "integer", "description": "The upper boundary of EC2 units. It is measured through VCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.\n", "willReplaceOnChanges": true }, "maximumCoreCapacityUnits": { "type": "integer", "description": "The upper boundary of EC2 units for core node type in a cluster. It is measured through VCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.\n", "willReplaceOnChanges": true }, "maximumOndemandCapacityUnits": { "type": "integer", "description": "The upper boundary of On-Demand EC2 units. It is measured through VCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot instances.\n", "willReplaceOnChanges": true }, "minimumCapacityUnits": { "type": "integer", "description": "The lower boundary of EC2 units. It is measured through VCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.\n", "willReplaceOnChanges": true }, "unitType": { "type": "string", "description": "The unit type used for specifying a managed scaling policy. Valid Values: `InstanceFleetUnits` | `Instances` | `VCPU`\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "maximumCapacityUnits", "minimumCapacityUnits", "unitType" ] }, "aws:emr/getReleaseLabelsFilters:getReleaseLabelsFilters": { "properties": { "application": { "type": "string", "description": "Optional release label application filter. For example, `Spark@2.1.0` or `Spark`.\n" }, "prefix": { "type": "string", "description": "Optional release label version prefix filter. For example, `emr-5`.\n" } }, "type": "object" }, "aws:emr/getSupportedInstanceTypesSupportedInstanceType:getSupportedInstanceTypesSupportedInstanceType": { "properties": { "architecture": { "type": "string", "description": "CPU architecture.\n" }, "ebsOptimizedAvailable": { "type": "boolean", "description": "Indicates whether the instance type supports Amazon EBS optimization.\n" }, "ebsOptimizedByDefault": { "type": "boolean", "description": "Indicates whether the instance type uses Amazon EBS optimization by default.\n" }, "ebsStorageOnly": { "type": "boolean", "description": "Indicates whether the instance type only supports Amazon EBS.\n" }, "instanceFamilyId": { "type": "string", "description": "The Amazon EC2 family and generation for the instance type.\n" }, "is64BitsOnly": { "type": "boolean", "description": "Indicates whether the instance type only supports 64-bit architecture.\n" }, "memoryGb": { "type": "number", "description": "Memory that is available to Amazon EMR from the instance type.\n" }, "numberOfDisks": { "type": "integer", "description": "Number of disks for the instance type.\n" }, "storageGb": { "type": "integer", "description": "Storage capacity of the instance type.\n" }, "type": { "type": "string", "description": "Amazon EC2 instance type. For example, `m5.xlarge`.\n" }, "vcpu": { "type": "integer", "description": "The number of vCPUs available for the instance type.\n" } }, "type": "object", "required": [ "architecture", "ebsOptimizedAvailable", "ebsOptimizedByDefault", "ebsStorageOnly", "instanceFamilyId", "is64BitsOnly", "memoryGb", "numberOfDisks", "storageGb", "type", "vcpu" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emrcontainers/JobTemplateJobTemplateData:JobTemplateJobTemplateData": { "properties": { "configurationOverrides": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverrides:JobTemplateJobTemplateDataConfigurationOverrides", "description": "The configuration settings that are used to override defaults configuration.\n", "willReplaceOnChanges": true }, "executionRoleArn": { "type": "string", "description": "The execution role ARN of the job run.\n", "willReplaceOnChanges": true }, "jobDriver": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataJobDriver:JobTemplateJobTemplateDataJobDriver", "description": "Specify the driver that the job runs on. Exactly one of the two available job drivers is required, either sparkSqlJobDriver or sparkSubmitJobDriver.\n", "willReplaceOnChanges": true }, "jobTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to jobs started using the job template.\n", "willReplaceOnChanges": true }, "releaseLabel": { "type": "string", "description": "The release version of Amazon EMR.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "executionRoleArn", "jobDriver", "releaseLabel" ] }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverrides:JobTemplateJobTemplateDataConfigurationOverrides": { "properties": { "applicationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesApplicationConfiguration:JobTemplateJobTemplateDataConfigurationOverridesApplicationConfiguration" }, "description": "The configurations for the application running by the job run.\n", "willReplaceOnChanges": true }, "monitoringConfiguration": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfiguration", "description": "The configurations for monitoring.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesApplicationConfiguration:JobTemplateJobTemplateDataConfigurationOverridesApplicationConfiguration": { "properties": { "classification": { "type": "string", "description": "The classification within a configuration.\n", "willReplaceOnChanges": true }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesApplicationConfigurationConfiguration:JobTemplateJobTemplateDataConfigurationOverridesApplicationConfigurationConfiguration" }, "description": "A list of additional configurations to apply within a configuration object.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of properties specified within a configuration classification.\n" } }, "type": "object", "required": [ "classification" ] }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesApplicationConfigurationConfiguration:JobTemplateJobTemplateDataConfigurationOverridesApplicationConfigurationConfiguration": { "properties": { "classification": { "type": "string", "description": "The classification within a configuration.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of properties specified within a configuration classification.\n" } }, "type": "object" }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfiguration": { "properties": { "cloudWatchMonitoringConfiguration": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationCloudWatchMonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationCloudWatchMonitoringConfiguration", "description": "Monitoring configurations for CloudWatch.\n", "willReplaceOnChanges": true }, "persistentAppUi": { "type": "string", "description": "Monitoring configurations for the persistent application UI.\n", "willReplaceOnChanges": true }, "s3MonitoringConfiguration": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationS3MonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationS3MonitoringConfiguration", "description": "Amazon S3 configuration for monitoring log publishing.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationCloudWatchMonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationCloudWatchMonitoringConfiguration": { "properties": { "logGroupName": { "type": "string", "description": "The name of the log group for log publishing.\n", "willReplaceOnChanges": true }, "logStreamNamePrefix": { "type": "string", "description": "The specified name prefix for log streams.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "logGroupName" ] }, "aws:emrcontainers/JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationS3MonitoringConfiguration:JobTemplateJobTemplateDataConfigurationOverridesMonitoringConfigurationS3MonitoringConfiguration": { "properties": { "logUri": { "type": "string", "description": "Amazon S3 destination URI for log publishing.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "logUri" ] }, "aws:emrcontainers/JobTemplateJobTemplateDataJobDriver:JobTemplateJobTemplateDataJobDriver": { "properties": { "sparkSqlJobDriver": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataJobDriverSparkSqlJobDriver:JobTemplateJobTemplateDataJobDriverSparkSqlJobDriver", "description": "The job driver for job type.\n", "willReplaceOnChanges": true }, "sparkSubmitJobDriver": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateDataJobDriverSparkSubmitJobDriver:JobTemplateJobTemplateDataJobDriverSparkSubmitJobDriver", "description": "The job driver parameters specified for spark submit.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emrcontainers/JobTemplateJobTemplateDataJobDriverSparkSqlJobDriver:JobTemplateJobTemplateDataJobDriverSparkSqlJobDriver": { "properties": { "entryPoint": { "type": "string", "description": "The SQL file to be executed.\n", "willReplaceOnChanges": true }, "sparkSqlParameters": { "type": "string", "description": "The Spark parameters to be included in the Spark SQL command.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emrcontainers/JobTemplateJobTemplateDataJobDriverSparkSubmitJobDriver:JobTemplateJobTemplateDataJobDriverSparkSubmitJobDriver": { "properties": { "entryPoint": { "type": "string", "description": "The entry point of job application.\n", "willReplaceOnChanges": true }, "entryPointArguments": { "type": "array", "items": { "type": "string" }, "description": "The arguments for job application.\n", "willReplaceOnChanges": true }, "sparkSubmitParameters": { "type": "string", "description": "The Spark submit parameters that are used for job runs.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "entryPoint" ] }, "aws:emrcontainers/VirtualClusterContainerProvider:VirtualClusterContainerProvider": { "properties": { "id": { "type": "string", "description": "The name of the container provider that is running your EMR Containers cluster\n", "willReplaceOnChanges": true }, "info": { "$ref": "#/types/aws:emrcontainers/VirtualClusterContainerProviderInfo:VirtualClusterContainerProviderInfo", "description": "Nested list containing information about the configuration of the container provider\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of the container provider\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "id", "info", "type" ] }, "aws:emrcontainers/VirtualClusterContainerProviderInfo:VirtualClusterContainerProviderInfo": { "properties": { "eksInfo": { "$ref": "#/types/aws:emrcontainers/VirtualClusterContainerProviderInfoEksInfo:VirtualClusterContainerProviderInfoEksInfo", "description": "Nested list containing EKS-specific information about the cluster where the EMR Containers cluster is running\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "eksInfo" ] }, "aws:emrcontainers/VirtualClusterContainerProviderInfoEksInfo:VirtualClusterContainerProviderInfoEksInfo": { "properties": { "namespace": { "type": "string", "description": "The namespace where the EMR Containers cluster is running\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:emrcontainers/getVirtualClusterContainerProvider:getVirtualClusterContainerProvider": { "properties": { "id": { "type": "string", "description": "The name of the container provider that is running your EMR Containers cluster\n" }, "infos": { "type": "array", "items": { "$ref": "#/types/aws:emrcontainers/getVirtualClusterContainerProviderInfo:getVirtualClusterContainerProviderInfo" }, "description": "Nested list containing information about the configuration of the container provider\n" }, "type": { "type": "string", "description": "The type of the container provider\n" } }, "type": "object", "required": [ "id", "infos", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emrcontainers/getVirtualClusterContainerProviderInfo:getVirtualClusterContainerProviderInfo": { "properties": { "eksInfos": { "type": "array", "items": { "$ref": "#/types/aws:emrcontainers/getVirtualClusterContainerProviderInfoEksInfo:getVirtualClusterContainerProviderInfoEksInfo" }, "description": "Nested list containing EKS-specific information about the cluster where the EMR Containers cluster is running\n" } }, "type": "object", "required": [ "eksInfos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emrcontainers/getVirtualClusterContainerProviderInfoEksInfo:getVirtualClusterContainerProviderInfoEksInfo": { "properties": { "namespace": { "type": "string", "description": "The namespace where the EMR Containers cluster is running\n" } }, "type": "object", "required": [ "namespace" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:emrserverless/ApplicationAutoStartConfiguration:ApplicationAutoStartConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables the application to automatically start on job submission. Defaults to `true`.\n" } }, "type": "object" }, "aws:emrserverless/ApplicationAutoStopConfiguration:ApplicationAutoStopConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to `true`.\n" }, "idleTimeoutMinutes": { "type": "integer", "description": "The amount of idle time in minutes after which your application will automatically stop. Defaults to `15` minutes.\n" } }, "type": "object" }, "aws:emrserverless/ApplicationImageConfiguration:ApplicationImageConfiguration": { "properties": { "imageUri": { "type": "string", "description": "The image URI.\n" } }, "type": "object", "required": [ "imageUri" ] }, "aws:emrserverless/ApplicationInitialCapacity:ApplicationInitialCapacity": { "properties": { "initialCapacityConfig": { "$ref": "#/types/aws:emrserverless/ApplicationInitialCapacityInitialCapacityConfig:ApplicationInitialCapacityInitialCapacityConfig", "description": "The initial capacity configuration per worker.\n" }, "initialCapacityType": { "type": "string", "description": "The worker type for an analytics framework. For Spark applications, the key can either be set to `Driver` or `Executor`. For Hive applications, it can be set to `HiveDriver` or `TezTask`.\n" } }, "type": "object", "required": [ "initialCapacityType" ] }, "aws:emrserverless/ApplicationInitialCapacityInitialCapacityConfig:ApplicationInitialCapacityInitialCapacityConfig": { "properties": { "workerConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationInitialCapacityInitialCapacityConfigWorkerConfiguration:ApplicationInitialCapacityInitialCapacityConfigWorkerConfiguration", "description": "The resource configuration of the initial capacity configuration.\n" }, "workerCount": { "type": "integer", "description": "The number of workers in the initial capacity configuration.\n" } }, "type": "object", "required": [ "workerCount" ] }, "aws:emrserverless/ApplicationInitialCapacityInitialCapacityConfigWorkerConfiguration:ApplicationInitialCapacityInitialCapacityConfigWorkerConfiguration": { "properties": { "cpu": { "type": "string", "description": "The CPU requirements for every worker instance of the worker type.\n" }, "disk": { "type": "string", "description": "The disk requirements for every worker instance of the worker type.\n" }, "memory": { "type": "string", "description": "The memory requirements for every worker instance of the worker type.\n" } }, "type": "object", "required": [ "cpu", "memory" ], "language": { "nodejs": { "requiredOutputs": [ "cpu", "disk", "memory" ] } } }, "aws:emrserverless/ApplicationInteractiveConfiguration:ApplicationInteractiveConfiguration": { "properties": { "livyEndpointEnabled": { "type": "boolean", "description": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs.\n" }, "studioEnabled": { "type": "boolean", "description": "Enables you to connect an application to Amazon EMR Studio to run interactive workloads in a notebook.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "livyEndpointEnabled", "studioEnabled" ] } } }, "aws:emrserverless/ApplicationMaximumCapacity:ApplicationMaximumCapacity": { "properties": { "cpu": { "type": "string", "description": "The maximum allowed CPU for an application.\n" }, "disk": { "type": "string", "description": "The maximum allowed disk for an application.\n" }, "memory": { "type": "string", "description": "The maximum allowed resources for an application.\n" } }, "type": "object", "required": [ "cpu", "memory" ], "language": { "nodejs": { "requiredOutputs": [ "cpu", "disk", "memory" ] } } }, "aws:emrserverless/ApplicationNetworkConfiguration:ApplicationNetworkConfiguration": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The array of security group Ids for customer VPC connectivity.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The array of subnet Ids for customer VPC connectivity.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:evidently/FeatureEvaluationRule:FeatureEvaluationRule": { "properties": { "name": { "type": "string", "description": "The name for the new feature. Minimum length of `1`. Maximum length of `127`.\n" }, "type": { "type": "string", "description": "This value is `aws.evidently.splits` if this is an evaluation rule for a launch, and it is `aws.evidently.onlineab` if this is an evaluation rule for an experiment.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name", "type" ] } } }, "aws:evidently/FeatureVariation:FeatureVariation": { "properties": { "name": { "type": "string", "description": "The name of the variation. Minimum length of `1`. Maximum length of `127`.\n" }, "value": { "$ref": "#/types/aws:evidently/FeatureVariationValue:FeatureVariationValue", "description": "A block that specifies the value assigned to this variation. Detailed below\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:evidently/FeatureVariationValue:FeatureVariationValue": { "properties": { "boolValue": { "type": "string", "description": "If this feature uses the Boolean variation type, this field contains the Boolean value of this variation.\n" }, "doubleValue": { "type": "string", "description": "If this feature uses the double integer variation type, this field contains the double integer value of this variation.\n" }, "longValue": { "type": "string", "description": "If this feature uses the long variation type, this field contains the long value of this variation. Minimum value of `-9007199254740991`. Maximum value of `9007199254740991`.\n" }, "stringValue": { "type": "string", "description": "If this feature uses the string variation type, this field contains the string value of this variation. Minimum length of `0`. Maximum length of `512`.\n" } }, "type": "object" }, "aws:evidently/LaunchExecution:LaunchExecution": { "properties": { "endedTime": { "type": "string", "description": "The date and time that the launch ended.\n" }, "startedTime": { "type": "string", "description": "The date and time that the launch started.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endedTime", "startedTime" ] } } }, "aws:evidently/LaunchGroup:LaunchGroup": { "properties": { "description": { "type": "string", "description": "Specifies the description of the launch group.\n" }, "feature": { "type": "string", "description": "Specifies the name of the feature that the launch is using.\n" }, "name": { "type": "string", "description": "Specifies the name of the lahnch group.\n" }, "variation": { "type": "string", "description": "Specifies the feature variation to use for this launch group.\n" } }, "type": "object", "required": [ "feature", "name", "variation" ] }, "aws:evidently/LaunchMetricMonitor:LaunchMetricMonitor": { "properties": { "metricDefinition": { "$ref": "#/types/aws:evidently/LaunchMetricMonitorMetricDefinition:LaunchMetricMonitorMetricDefinition", "description": "A block that defines the metric. Detailed below.\n" } }, "type": "object", "required": [ "metricDefinition" ] }, "aws:evidently/LaunchMetricMonitorMetricDefinition:LaunchMetricMonitorMetricDefinition": { "properties": { "entityIdKey": { "type": "string", "description": "Specifies the entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID`.\n" }, "eventPattern": { "type": "string", "description": "Specifies The EventBridge event pattern that defines how the metric is recorded.\n" }, "name": { "type": "string", "description": "Specifies the name for the metric.\n" }, "unitLabel": { "type": "string", "description": "Specifies a label for the units that the metric is measuring.\n" }, "valueKey": { "type": "string", "description": "Specifies the value that is tracked to produce the metric.\n" } }, "type": "object", "required": [ "entityIdKey", "name", "valueKey" ] }, "aws:evidently/LaunchScheduledSplitsConfig:LaunchScheduledSplitsConfig": { "properties": { "steps": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchScheduledSplitsConfigStep:LaunchScheduledSplitsConfigStep" }, "description": "One or up to six blocks that define the traffic allocation percentages among the feature variations during each step of the launch. This also defines the start time of each step. Detailed below.\n" } }, "type": "object", "required": [ "steps" ] }, "aws:evidently/LaunchScheduledSplitsConfigStep:LaunchScheduledSplitsConfigStep": { "properties": { "groupWeights": { "type": "object", "additionalProperties": { "type": "integer" }, "description": "The traffic allocation percentages among the feature variations during one step of a launch. This is a set of key-value pairs. The keys are variation names. The values represent the percentage of traffic to allocate to that variation during this step. For more information, refer to the [AWS documentation for ScheduledSplitConfig groupWeights](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ScheduledSplitConfig.html).\n" }, "segmentOverrides": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchScheduledSplitsConfigStepSegmentOverride:LaunchScheduledSplitsConfigStepSegmentOverride" }, "description": "One or up to six blocks that specify different traffic splits for one or more audience segments. A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age. Detailed below.\n" }, "startTime": { "type": "string", "description": "Specifies the date and time that this step of the launch starts.\n" } }, "type": "object", "required": [ "groupWeights", "startTime" ] }, "aws:evidently/LaunchScheduledSplitsConfigStepSegmentOverride:LaunchScheduledSplitsConfigStepSegmentOverride": { "properties": { "evaluationOrder": { "type": "integer", "description": "Specifies a number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.\n" }, "segment": { "type": "string", "description": "The name or ARN of the segment to use.\n" }, "weights": { "type": "object", "additionalProperties": { "type": "integer" }, "description": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.\n" } }, "type": "object", "required": [ "evaluationOrder", "segment", "weights" ] }, "aws:evidently/ProjectDataDelivery:ProjectDataDelivery": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:evidently/ProjectDataDeliveryCloudwatchLogs:ProjectDataDeliveryCloudwatchLogs", "description": "A block that defines the CloudWatch Log Group that stores the evaluation events. See below.\n" }, "s3Destination": { "$ref": "#/types/aws:evidently/ProjectDataDeliveryS3Destination:ProjectDataDeliveryS3Destination", "description": "A block that defines the S3 bucket and prefix that stores the evaluation events. See below.\n" } }, "type": "object" }, "aws:evidently/ProjectDataDeliveryCloudwatchLogs:ProjectDataDeliveryCloudwatchLogs": { "properties": { "logGroup": { "type": "string", "description": "The name of the log group where the project stores evaluation events.\n" } }, "type": "object" }, "aws:evidently/ProjectDataDeliveryS3Destination:ProjectDataDeliveryS3Destination": { "properties": { "bucket": { "type": "string", "description": "The name of the bucket in which Evidently stores evaluation events.\n" }, "prefix": { "type": "string", "description": "The bucket prefix in which Evidently stores evaluation events.\n" } }, "type": "object" }, "aws:finspace/KxClusterAutoScalingConfiguration:KxClusterAutoScalingConfiguration": { "properties": { "autoScalingMetric": { "type": "string", "description": "Metric your cluster will track in order to scale in and out. For example, CPU_UTILIZATION_PERCENTAGE is the average CPU usage across all nodes in a cluster.\n", "willReplaceOnChanges": true }, "maxNodeCount": { "type": "integer", "description": "Highest number of nodes to scale. Cannot be greater than 5\n", "willReplaceOnChanges": true }, "metricTarget": { "type": "number", "description": "Desired value of chosen `auto_scaling_metric`. When metric drops below this value, cluster will scale in. When metric goes above this value, cluster will scale out. Can be set between 0 and 100 percent.\n", "willReplaceOnChanges": true }, "minNodeCount": { "type": "integer", "description": "Lowest number of nodes to scale. Must be at least 1 and less than the `max_node_count`. If nodes in cluster belong to multiple availability zones, then `min_node_count` must be at least 3.\n", "willReplaceOnChanges": true }, "scaleInCooldownSeconds": { "type": "number", "description": "Duration in seconds that FinSpace will wait after a scale in event before initiating another scaling event.\n", "willReplaceOnChanges": true }, "scaleOutCooldownSeconds": { "type": "number", "description": "Duration in seconds that FinSpace will wait after a scale out event before initiating another scaling event.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "autoScalingMetric", "maxNodeCount", "metricTarget", "minNodeCount", "scaleInCooldownSeconds", "scaleOutCooldownSeconds" ] }, "aws:finspace/KxClusterCacheStorageConfiguration:KxClusterCacheStorageConfiguration": { "properties": { "size": { "type": "integer", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of KDB database. The following types are available:\n* HDB - Historical Database. The data is only accessible with read-only permissions from one of the FinSpace managed KX databases mounted to the cluster.\n* RDB - Realtime Database. This type of database captures all the data from a ticker plant and stores it in memory until the end of day, after which it writes all of its data to a disk and reloads the HDB. This cluster type requires local storage for temporary storage of data during the savedown process. If you specify this field in your request, you must provide the `savedownStorageConfiguration` parameter.\n* GATEWAY - A gateway cluster allows you to access data across processes in kdb systems. It allows you to create your own routing logic using the initialization scripts and custom code. This type of cluster does not require a writable local storage.\n* GP - A general purpose cluster allows you to quickly iterate on code during development by granting greater access to system commands and enabling a fast reload of custom code. This cluster type can optionally mount databases including cache and savedown storage. For this cluster type, the node count is fixed at 1. It does not support autoscaling and supports only `SINGLE` AZ mode.\n* Tickerplant – A tickerplant cluster allows you to subscribe to feed handlers based on IAM permissions. It can publish to RDBs, other Tickerplants, and real-time subscribers (RTS). Tickerplants can persist messages to log, which is readable by any RDB environment. It supports only single-node that is only one kdb process.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:finspace/KxClusterCapacityConfiguration:KxClusterCapacityConfiguration": { "properties": { "nodeCount": { "type": "integer", "description": "Number of instances running in a cluster. Must be at least 1 and at most 5.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "Determines the hardware of the host computer used for your cluster instance. Each node type offers different memory and storage capabilities. Choose a node type based on the requirements of the application or software that you plan to run on your instance.\n\nYou can only specify one of the following values:\n* kx.s.large – The node type with a configuration of 12 GiB memory and 2 vCPUs.\n* kx.s.xlarge – The node type with a configuration of 27 GiB memory and 4 vCPUs.\n* kx.s.2xlarge – The node type with a configuration of 54 GiB memory and 8 vCPUs.\n* kx.s.4xlarge – The node type with a configuration of 108 GiB memory and 16 vCPUs.\n* kx.s.8xlarge – The node type with a configuration of 216 GiB memory and 32 vCPUs.\n* kx.s.16xlarge – The node type with a configuration of 432 GiB memory and 64 vCPUs.\n* kx.s.32xlarge – The node type with a configuration of 864 GiB memory and 128 vCPUs.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "nodeCount", "nodeType" ] }, "aws:finspace/KxClusterCode:KxClusterCode": { "properties": { "s3Bucket": { "type": "string", "description": "Unique name for the S3 bucket.\n" }, "s3Key": { "type": "string", "description": "Full S3 path (excluding bucket) to the .zip file that contains the code to be loaded onto the cluster when it’s started.\n" }, "s3ObjectVersion": { "type": "string", "description": "Version of an S3 Object.\n" } }, "type": "object", "required": [ "s3Bucket", "s3Key" ] }, "aws:finspace/KxClusterDatabase:KxClusterDatabase": { "properties": { "cacheConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterDatabaseCacheConfiguration:KxClusterDatabaseCacheConfiguration" }, "description": "Configuration details for the disk cache to increase performance reading from a KX database mounted to the cluster. See cache_configurations.\n" }, "changesetId": { "type": "string", "description": "A unique identifier of the changeset that is associated with the cluster.\n" }, "databaseName": { "type": "string", "description": "Name of the KX database.\n", "willReplaceOnChanges": true }, "dataviewName": { "type": "string", "description": "The name of the dataview to be used for caching historical data on disk. You cannot update to a different dataview name once a cluster is created. Use `lifecycle` `ignore_changes` for database to prevent any undesirable behaviors.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName" ] }, "aws:finspace/KxClusterDatabaseCacheConfiguration:KxClusterDatabaseCacheConfiguration": { "properties": { "cacheType": { "type": "string", "description": "Type of disk cache.\n", "willReplaceOnChanges": true }, "dbPaths": { "type": "array", "items": { "type": "string" }, "description": "Paths within the database to cache.\n" } }, "type": "object", "required": [ "cacheType" ] }, "aws:finspace/KxClusterSavedownStorageConfiguration:KxClusterSavedownStorageConfiguration": { "properties": { "size": { "type": "integer", "description": "Size of temporary storage in gigabytes. Must be between 10 and 16000.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of writeable storage space for temporarily storing your savedown data. The valid values are:\n* SDS01 - This type represents 3000 IOPS and io2 ebs volume type.\n", "willReplaceOnChanges": true }, "volumeName": { "type": "string", "description": "The name of the kdb volume that you want to use as writeable save-down storage for clusters.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:finspace/KxClusterScalingGroupConfiguration:KxClusterScalingGroupConfiguration": { "properties": { "cpu": { "type": "number", "description": "The number of vCPUs that you want to reserve for each node of this kdb cluster on the scaling group host.\n", "willReplaceOnChanges": true }, "memoryLimit": { "type": "integer", "description": "An optional hard limit on the amount of memory a kdb cluster can use.\n", "willReplaceOnChanges": true }, "memoryReservation": { "type": "integer", "description": "A reservation of the minimum amount of memory that should be available on the scaling group for a kdb cluster to be successfully placed in a scaling group.\n", "willReplaceOnChanges": true }, "nodeCount": { "type": "integer", "description": "The number of kdb cluster nodes.\n", "willReplaceOnChanges": true }, "scalingGroupName": { "type": "string", "description": "A unique identifier for the kdb scaling group.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "memoryReservation", "nodeCount", "scalingGroupName" ] }, "aws:finspace/KxClusterTickerplantLogConfiguration:KxClusterTickerplantLogConfiguration": { "properties": { "tickerplantLogVolumes": { "type": "array", "items": { "type": "string" }, "willReplaceOnChanges": true } }, "type": "object", "required": [ "tickerplantLogVolumes" ] }, "aws:finspace/KxClusterVpcConfiguration:KxClusterVpcConfiguration": { "properties": { "ipAddressType": { "type": "string", "description": "IP address type for cluster network configuration parameters. The following type is available: IP_V4 - IP address version 4.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Unique identifier of the VPC security group applied to the VPC endpoint ENI for the cluster.\n* `subnet_ids `- (Required) Identifier of the subnet that the Privatelink VPC endpoint uses to connect to the cluster.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of the VPC endpoint\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "ipAddressType", "securityGroupIds", "subnetIds", "vpcId" ] }, "aws:finspace/KxDataviewSegmentConfiguration:KxDataviewSegmentConfiguration": { "properties": { "dbPaths": { "type": "array", "items": { "type": "string" }, "description": "The database path of the data that you want to place on each selected volume. Each segment must have a unique database path for each volume.\n" }, "onDemand": { "type": "boolean", "description": "Enables on-demand caching on the selected database path when a particular file or a column of the database is accessed. When on demand caching is **True**, dataviews perform minimal loading of files on the filesystem as needed. When it is set to **False**, everything is cached. The default value is **False**.\n", "willReplaceOnChanges": true }, "volumeName": { "type": "string", "description": "The name of the volume that you want to attach to a dataview. This volume must be in the same availability zone as the dataview that you are attaching to.\n" } }, "type": "object", "required": [ "dbPaths", "volumeName" ] }, "aws:finspace/KxEnvironmentCustomDnsConfiguration:KxEnvironmentCustomDnsConfiguration": { "properties": { "customDnsServerIp": { "type": "string", "description": "IP address of the DNS server.\n" }, "customDnsServerName": { "type": "string", "description": "Name of the DNS server.\n" } }, "type": "object", "required": [ "customDnsServerIp", "customDnsServerName" ] }, "aws:finspace/KxEnvironmentTransitGatewayConfiguration:KxEnvironmentTransitGatewayConfiguration": { "properties": { "attachmentNetworkAclConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfiguration:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfiguration" }, "description": "Rules that define how you manage outbound traffic from kdb network to your internal network. Defined below.\n" }, "routableCidrSpace": { "type": "string", "description": "Routing CIDR on behalf of KX environment. It could be any “/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer’s transit gateway routing table so that the traffics could be routed to KX network.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of the transit gateway created by the customer to connect outbound traffics from KX network to your internal network.\n" } }, "type": "object", "required": [ "routableCidrSpace", "transitGatewayId" ] }, "aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfiguration:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfiguration": { "properties": { "cidrBlock": { "type": "string", "description": "The IPv4 network range to allow or deny, in CIDR notation. The specified CIDR block is modified to its canonical form. For example, `100.68.0.18/18` will be converted to `100.68.0.0/18`.\n" }, "icmpTypeCode": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCode:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCode", "description": "Defines the ICMP protocol that consists of the ICMP type and code. Defined below.\n" }, "portRange": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRange:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRange", "description": "Range of ports the rule applies to. Defined below.\n" }, "protocol": { "type": "string", "description": "Protocol number. A value of `1` means all the protocols.\n" }, "ruleAction": { "type": "string", "description": "Indicates whether to `allow` or `deny` the traffic that matches the rule.\n" }, "ruleNumber": { "type": "integer", "description": "Rule number for the entry. All the network ACL entries are processed in ascending order by rule number.\n" } }, "type": "object", "required": [ "cidrBlock", "protocol", "ruleAction", "ruleNumber" ] }, "aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCode:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCode": { "properties": { "code": { "type": "integer", "description": "ICMP code. A value of `-1` means all codes for the specified ICMP type.\n" }, "type": { "type": "integer", "description": "ICMP type. A value of `-1` means all types.\n" } }, "type": "object", "required": [ "code", "type" ] }, "aws:finspace/KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRange:KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRange": { "properties": { "from": { "type": "integer", "description": "First port in the range.\n" }, "to": { "type": "integer", "description": "Last port in the range.\n" } }, "type": "object", "required": [ "from", "to" ] }, "aws:finspace/KxVolumeAttachedCluster:KxVolumeAttachedCluster": { "properties": { "clusterName": { "type": "string", "willReplaceOnChanges": true }, "clusterStatus": { "type": "string", "willReplaceOnChanges": true }, "clusterType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "clusterName", "clusterStatus", "clusterType" ] }, "aws:finspace/KxVolumeNas1Configuration:KxVolumeNas1Configuration": { "properties": { "size": { "type": "integer", "description": "The size of the network attached storage.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of the network attached storage.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "size", "type" ] }, "aws:fis/ExperimentTemplateAction:ExperimentTemplateAction": { "properties": { "actionId": { "type": "string", "description": "ID of the action. To find out what actions are supported see [AWS FIS actions reference](https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html).\n" }, "description": { "type": "string", "description": "Description of the action.\n" }, "name": { "type": "string", "description": "Friendly name of the action.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateActionParameter:ExperimentTemplateActionParameter" }, "description": "Parameter(s) for the action, if applicable. See below.\n" }, "startAfters": { "type": "array", "items": { "type": "string" }, "description": "Set of action names that must complete before this action can be executed.\n" }, "target": { "$ref": "#/types/aws:fis/ExperimentTemplateActionTarget:ExperimentTemplateActionTarget", "description": "Action's target, if applicable. See below.\n" } }, "type": "object", "required": [ "actionId", "name" ] }, "aws:fis/ExperimentTemplateActionParameter:ExperimentTemplateActionParameter": { "properties": { "key": { "type": "string", "description": "Parameter name.\n" }, "value": { "type": "string", "description": "Parameter value.\n\nFor a list of parameters supported by each action, see [AWS FIS actions reference](https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html).\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:fis/ExperimentTemplateActionTarget:ExperimentTemplateActionTarget": { "properties": { "key": { "type": "string", "description": "Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/actions.html#action-targets) for more details.\n" }, "value": { "type": "string", "description": "Target name, referencing a corresponding target.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:fis/ExperimentTemplateExperimentOptions:ExperimentTemplateExperimentOptions": { "properties": { "accountTargeting": { "type": "string", "description": "Specifies the account targeting setting for experiment options. Supports `single-account` and `multi-account`.\n" }, "emptyTargetResolutionMode": { "type": "string", "description": "Specifies the empty target resolution mode for experiment options. Supports `fail` and `skip`.\n" } }, "type": "object" }, "aws:fis/ExperimentTemplateLogConfiguration:ExperimentTemplateLogConfiguration": { "properties": { "cloudwatchLogsConfiguration": { "$ref": "#/types/aws:fis/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration:ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration", "description": "The configuration for experiment logging to Amazon CloudWatch Logs. See below.\n" }, "logSchemaVersion": { "type": "integer", "description": "The schema version. See [documentation](https://docs.aws.amazon.com/fis/latest/userguide/monitoring-logging.html#experiment-log-schema) for the list of schema versions.\n" }, "s3Configuration": { "$ref": "#/types/aws:fis/ExperimentTemplateLogConfigurationS3Configuration:ExperimentTemplateLogConfigurationS3Configuration", "description": "The configuration for experiment logging to Amazon S3. See below.\n" } }, "type": "object", "required": [ "logSchemaVersion" ] }, "aws:fis/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration:ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration": { "properties": { "logGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.\n" } }, "type": "object", "required": [ "logGroupArn" ] }, "aws:fis/ExperimentTemplateLogConfigurationS3Configuration:ExperimentTemplateLogConfigurationS3Configuration": { "properties": { "bucketName": { "type": "string", "description": "The name of the destination bucket.\n" }, "prefix": { "type": "string", "description": "The bucket prefix.\n" } }, "type": "object", "required": [ "bucketName" ] }, "aws:fis/ExperimentTemplateStopCondition:ExperimentTemplateStopCondition": { "properties": { "source": { "type": "string", "description": "Source of the condition. One of `none`, `aws:cloudwatch:alarm`.\n" }, "value": { "type": "string", "description": "ARN of the CloudWatch alarm. Required if the source is a CloudWatch alarm.\n" } }, "type": "object", "required": [ "source" ] }, "aws:fis/ExperimentTemplateTarget:ExperimentTemplateTarget": { "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateTargetFilter:ExperimentTemplateTargetFilter" }, "description": "Filter(s) for the target. Filters can be used to select resources based on specific attributes returned by the respective describe action of the resource type. For more information, see [Targets for AWS FIS](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters). See below.\n" }, "name": { "type": "string", "description": "Friendly name given to the target.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource type parameters.\n\n\u003e **NOTE:** The `target` configuration block requires either `resource_arns` or `resource_tag`.\n" }, "resourceArns": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of the resources to target with an action. Conflicts with `resource_tag`.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateTargetResourceTag:ExperimentTemplateTargetResourceTag" }, "description": "Tag(s) the resources need to have to be considered a valid target for an action. Conflicts with `resource_arns`. See below.\n" }, "resourceType": { "type": "string", "description": "AWS resource type. The resource type must be supported for the specified action. To find out what resource types are supported, see [Targets for AWS FIS](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#resource-types).\n" }, "selectionMode": { "type": "string", "description": "Scopes the identified resources. Valid values are `ALL` (all identified resources), `COUNT(n)` (randomly select `n` of the identified resources), `PERCENT(n)` (randomly select `n` percent of the identified resources).\n" } }, "type": "object", "required": [ "name", "resourceType", "selectionMode" ] }, "aws:fis/ExperimentTemplateTargetFilter:ExperimentTemplateTargetFilter": { "properties": { "path": { "type": "string", "description": "Attribute path for the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of attribute values for the filter.\n\n\u003e **NOTE:** Values specified in a `filter` are joined with an `OR` clause, while values across multiple `filter` blocks are joined with an `AND` clause. For more information, see [Targets for AWS FIS](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters).\n" } }, "type": "object", "required": [ "path", "values" ] }, "aws:fis/ExperimentTemplateTargetResourceTag:ExperimentTemplateTargetResourceTag": { "properties": { "key": { "type": "string", "description": "Tag key.\n" }, "value": { "type": "string", "description": "Tag value.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:fms/PolicyExcludeMap:PolicyExcludeMap": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.\n" }, "orgunits": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `include_map`, AWS Firewall Manager applies the policy to all accounts specified by the `include_map`, and does not evaluate any `exclude_map` specifications. If you do not specify an `include_map`, then Firewall Manager applies the policy to all accounts except for those specified by the `exclude_map`.\n" } }, "type": "object" }, "aws:fms/PolicyIncludeMap:PolicyIncludeMap": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.\n" }, "orgunits": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `include_map`, AWS Firewall Manager applies the policy to all accounts specified by the `include_map`, and does not evaluate any `exclude_map` specifications. If you do not specify an `include_map`, then Firewall Manager applies the policy to all accounts except for those specified by the `exclude_map`.\n" } }, "type": "object" }, "aws:fms/PolicySecurityServicePolicyData:PolicySecurityServicePolicyData": { "properties": { "managedServiceData": { "type": "string", "description": "Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).\n" }, "policyOption": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyDataPolicyOption:PolicySecurityServicePolicyDataPolicyOption", "description": "Contains the Network Firewall firewall policy options to configure a centralized deployment model. Documented below.\n" }, "type": { "type": "string", "description": "The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).\n" } }, "type": "object", "required": [ "type" ] }, "aws:fms/PolicySecurityServicePolicyDataPolicyOption:PolicySecurityServicePolicyDataPolicyOption": { "properties": { "networkFirewallPolicy": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyDataPolicyOptionNetworkFirewallPolicy:PolicySecurityServicePolicyDataPolicyOptionNetworkFirewallPolicy", "description": "Defines the deployment model to use for the firewall policy. Documented below.\n" }, "thirdPartyFirewallPolicy": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyDataPolicyOptionThirdPartyFirewallPolicy:PolicySecurityServicePolicyDataPolicyOptionThirdPartyFirewallPolicy" } }, "type": "object" }, "aws:fms/PolicySecurityServicePolicyDataPolicyOptionNetworkFirewallPolicy:PolicySecurityServicePolicyDataPolicyOptionNetworkFirewallPolicy": { "properties": { "firewallDeploymentModel": { "type": "string", "description": "Defines the deployment model to use for the third-party firewall policy. Valid values are `CENTRALIZED` and `DISTRIBUTED`.\n" } }, "type": "object" }, "aws:fms/PolicySecurityServicePolicyDataPolicyOptionThirdPartyFirewallPolicy:PolicySecurityServicePolicyDataPolicyOptionThirdPartyFirewallPolicy": { "properties": { "firewallDeploymentModel": { "type": "string", "description": "Defines the deployment model to use for the third-party firewall policy. Valid values are `CENTRALIZED` and `DISTRIBUTED`.\n" } }, "type": "object" }, "aws:fms/ResourceSetResourceSet:ResourceSetResourceSet": { "properties": { "description": { "type": "string", "description": "Description of the resource set.\n" }, "id": { "type": "string", "description": "Unique identifier for the resource set. It's returned in the responses to create and list commands. You provide it to operations like update and delete.\n" }, "lastUpdateTime": { "type": "string", "description": "Last time that the reosurce set was changed.\n" }, "name": { "type": "string", "description": "Descriptive name of the resource set. You can't change the name of a resource set after you create it.\n" }, "resourceSetStatus": { "type": "string", "description": "Indicates whether the resource set is in or out of the admin's Region scope. Valid values are `ACTIVE` (Admin can manage and delete the resource set) or `OUT_OF_ADMIN_SCOPE` (Admin can view the resource set, but theyy can't edit or delete the resource set.)\n" }, "resourceTypeLists": { "type": "array", "items": { "type": "string" }, "description": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.\n" }, "updateToken": { "type": "string" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "id", "lastUpdateTime", "name", "resourceSetStatus", "updateToken" ] } } }, "aws:fms/ResourceSetTimeouts:ResourceSetTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:fsx/DataRepositoryAssociationS3:DataRepositoryAssociationS3": { "properties": { "autoExportPolicy": { "$ref": "#/types/aws:fsx/DataRepositoryAssociationS3AutoExportPolicy:DataRepositoryAssociationS3AutoExportPolicy", "description": "Specifies the type of updated objects that will be automatically exported from your file system to the linked S3 bucket. See the `events` configuration block.\n" }, "autoImportPolicy": { "$ref": "#/types/aws:fsx/DataRepositoryAssociationS3AutoImportPolicy:DataRepositoryAssociationS3AutoImportPolicy", "description": "Specifies the type of updated objects that will be automatically imported from the linked S3 bucket to your file system. See the `events` configuration block.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoExportPolicy", "autoImportPolicy" ] } } }, "aws:fsx/DataRepositoryAssociationS3AutoExportPolicy:DataRepositoryAssociationS3AutoExportPolicy": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "A list of file event types to automatically export to your linked S3 bucket or import from the linked S3 bucket. Valid values are `NEW`, `CHANGED`, `DELETED`. Max of 3.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "events" ] } } }, "aws:fsx/DataRepositoryAssociationS3AutoImportPolicy:DataRepositoryAssociationS3AutoImportPolicy": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "A list of file event types to automatically export to your linked S3 bucket or import from the linked S3 bucket. Valid values are `NEW`, `CHANGED`, `DELETED`. Max of 3.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "events" ] } } }, "aws:fsx/FileCacheDataRepositoryAssociation:FileCacheDataRepositoryAssociation": { "properties": { "associationId": { "type": "string" }, "dataRepositoryPath": { "type": "string", "description": "The path to the S3 or NFS data repository that links to the cache.\n" }, "dataRepositorySubdirectories": { "type": "array", "items": { "type": "string" }, "description": "A list of NFS Exports that will be linked with this data repository association. The Export paths are in the format /exportpath1. To use this parameter, you must configure DataRepositoryPath as the domain name of the NFS file system. The NFS file system domain name in effect is the root of the subdirectories. Note that DataRepositorySubdirectories is not supported for S3 data repositories. Max of 500.\n" }, "fileCacheId": { "type": "string", "description": "The system-generated, unique ID of the cache.\n" }, "fileCachePath": { "type": "string", "description": "A path on the cache that points to a high-level directory (such as /ns1/) or subdirectory (such as /ns1/subdir/) that will be mapped 1-1 with DataRepositoryPath. The leading forward slash in the name is required. Two data repository associations cannot have overlapping cache paths. For example, if a data repository is associated with cache path /ns1/, then you cannot link another data repository with cache path /ns1/ns2. This path specifies where in your cache files will be exported from. This cache directory can be linked to only one data repository, and no data repository other can be linked to the directory. Note: The cache path can only be set to root (/) on an NFS DRA when DataRepositorySubdirectories is specified. If you specify root (/) as the cache path, you can create only one DRA on the cache. The cache path cannot be set to root (/) for an S3 DRA.\n" }, "fileSystemId": { "type": "string" }, "fileSystemPath": { "type": "string" }, "importedFileChunkSize": { "type": "integer" }, "nfs": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheDataRepositoryAssociationNf:FileCacheDataRepositoryAssociationNf" }, "description": "(Optional) See the `nfs` configuration block.\n" }, "resourceArn": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file cache. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object", "required": [ "dataRepositoryPath", "fileCachePath" ], "language": { "nodejs": { "requiredOutputs": [ "associationId", "dataRepositoryPath", "fileCacheId", "fileCachePath", "fileSystemId", "fileSystemPath", "importedFileChunkSize", "resourceArn", "tags" ] } } }, "aws:fsx/FileCacheDataRepositoryAssociationNf:FileCacheDataRepositoryAssociationNf": { "properties": { "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 2 IP addresses of DNS servers used to resolve the NFS file system domain name. The provided IP addresses can either be the IP addresses of a DNS forwarder or resolver that the customer manages and runs inside the customer VPC, or the IP addresses of the on-premises DNS servers.\n" }, "version": { "type": "string", "description": "The version of the NFS (Network File System) protocol of the NFS data repository. The only supported value is NFS3, which indicates that the data repository must support the NFSv3 protocol. The only supported value is `NFS3`.\n" } }, "type": "object", "required": [ "version" ] }, "aws:fsx/FileCacheLustreConfiguration:FileCacheLustreConfiguration": { "properties": { "deploymentType": { "type": "string", "description": "Specifies the cache deployment type. The only supported value is `CACHE_1`.\n", "willReplaceOnChanges": true }, "logConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheLustreConfigurationLogConfiguration:FileCacheLustreConfigurationLogConfiguration" } }, "metadataConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheLustreConfigurationMetadataConfiguration:FileCacheLustreConfigurationMetadataConfiguration" }, "description": "The configuration for a Lustre MDT (Metadata Target) storage volume. See the `metadata_configuration` block.\n", "willReplaceOnChanges": true }, "mountName": { "type": "string" }, "perUnitStorageThroughput": { "type": "integer", "description": "Provisions the amount of read and write throughput for each 1 tebibyte (TiB) of cache storage capacity, in MB/s/TiB. The only supported value is `1000`.\n", "willReplaceOnChanges": true }, "weeklyMaintenanceStartTime": { "type": "string", "description": "A recurring weekly time, in the format `D:HH:MM`. `D` is the day of the week, for which `1` represents Monday and `7` represents Sunday. `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, 1:05:00 specifies maintenance at 5 AM Monday. See the [ISO week date](https://en.wikipedia.org/wiki/ISO_week_date) for more information.\n" } }, "type": "object", "required": [ "deploymentType", "metadataConfigurations", "perUnitStorageThroughput" ], "language": { "nodejs": { "requiredOutputs": [ "deploymentType", "logConfigurations", "metadataConfigurations", "mountName", "perUnitStorageThroughput" ] } } }, "aws:fsx/FileCacheLustreConfigurationLogConfiguration:FileCacheLustreConfigurationLogConfiguration": { "properties": { "destination": { "type": "string" }, "level": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destination", "level" ] } } }, "aws:fsx/FileCacheLustreConfigurationMetadataConfiguration:FileCacheLustreConfigurationMetadataConfiguration": { "properties": { "storageCapacity": { "type": "integer", "description": "The storage capacity of the Lustre MDT (Metadata Target) storage volume in gibibytes (GiB). The only supported value is `2400` GiB.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "storageCapacity" ] }, "aws:fsx/LustreFileSystemLogConfiguration:LustreFileSystemLogConfiguration": { "properties": { "destination": { "type": "string", "description": "The Amazon Resource Name (ARN) that specifies the destination of the logs. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. If you do not provide a destination, Amazon FSx will create and use a log stream in the CloudWatch Logs `/aws/fsx/lustre` log group.\n" }, "level": { "type": "string", "description": "Sets which data repository events are logged by Amazon FSx. Valid values are `WARN_ONLY`, `FAILURE_ONLY`, `ERROR_ONLY`, `WARN_ERROR` and `DISABLED`. Default value is `DISABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "destination" ] } } }, "aws:fsx/LustreFileSystemMetadataConfiguration:LustreFileSystemMetadataConfiguration": { "properties": { "iops": { "type": "integer", "description": "Amount of IOPS provisioned for metadata. This parameter should only be used when the mode is set to `USER_PROVISIONED`. Valid Values are `1500`,`3000`,`6000` and `12000` through `192000` in increments of `12000`.\n" }, "mode": { "type": "string", "description": "Mode for the metadata configuration of the file system. Valid values are `AUTOMATIC`, and `USER_PROVISIONED`.\n\n!\u003e **WARNING:** Updating the value of `iops` from a higher to a lower value will force a recreation of the resource. Any data on the file system will be lost when recreating.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops", "mode" ] } } }, "aws:fsx/LustreFileSystemRootSquashConfiguration:LustreFileSystemRootSquashConfiguration": { "properties": { "noSquashNids": { "type": "array", "items": { "type": "string" }, "description": "When root squash is enabled, you can optionally specify an array of NIDs of clients for which root squash does not apply. A client NID is a Lustre Network Identifier used to uniquely identify a client. You can specify the NID as either a single address or a range of addresses: 1. A single address is described in standard Lustre NID format by specifying the client’s IP address followed by the Lustre network ID (for example, 10.0.1.6@tcp). 2. An address range is described using a dash to separate the range (for example, 10.0.[2-10].[1-255]@tcp).\n" }, "rootSquash": { "type": "string", "description": "You enable root squash by setting a user ID (UID) and group ID (GID) for the file system in the format UID:GID (for example, 365534:65534). The UID and GID values can range from 0 to 4294967294.\n" } }, "type": "object" }, "aws:fsx/OntapFileSystemDiskIopsConfiguration:OntapFileSystemDiskIopsConfiguration": { "properties": { "iops": { "type": "integer", "description": "The total number of SSD IOPS provisioned for the file system.\n" }, "mode": { "type": "string", "description": "Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops" ] } } }, "aws:fsx/OntapFileSystemEndpoint:OntapFileSystemEndpoint": { "properties": { "interclusters": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapFileSystemEndpointIntercluster:OntapFileSystemEndpointIntercluster" }, "description": "An endpoint for managing your file system by setting up NetApp SnapMirror with other ONTAP systems. See Endpoint.\n" }, "managements": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapFileSystemEndpointManagement:OntapFileSystemEndpointManagement" }, "description": "An endpoint for managing your file system using the NetApp ONTAP CLI and NetApp ONTAP API. See Endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "interclusters", "managements" ] } } }, "aws:fsx/OntapFileSystemEndpointIntercluster:OntapFileSystemEndpointIntercluster": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the file system. You can mount your file system using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the file system endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapFileSystemEndpointManagement:OntapFileSystemEndpointManagement": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the file system. You can mount your file system using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the file system endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfiguration": { "properties": { "netbiosName": { "type": "string", "description": "The NetBIOS name of the Active Directory computer object that will be created for your SVM. This is often the same as the SVM name but can be different. AWS limits to 15 characters because of standard NetBIOS naming limits.\n" }, "selfManagedActiveDirectoryConfiguration": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration" } }, "type": "object" }, "aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration": { "properties": { "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.\n" }, "domainName": { "type": "string", "description": "The fully qualified domain name of the self-managed AD directory. For example, `corp.example.com`.\n" }, "fileSystemAdministratorsGroup": { "type": "string", "description": "The name of the domain group whose members are granted administrative privileges for the SVM. The group that you specify must already exist in your domain. Defaults to `Domain Admins`.\n" }, "organizationalUnitDistinguishedName": { "type": "string", "description": "The fully qualified distinguished name of the organizational unit within your self-managed AD directory that the Windows File Server instance will join. For example, `OU=FSx,DC=yourdomain,DC=corp,DC=com`. Only accepts OU as the direct parent of the SVM. If none is provided, the SVM is created in the default location of your self-managed AD directory. To learn more, see [RFC 2253](https://tools.ietf.org/html/rfc2253).\n" }, "password": { "type": "string", "description": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n", "secret": true }, "username": { "type": "string", "description": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n" } }, "type": "object", "required": [ "dnsIps", "domainName", "password", "username" ] }, "aws:fsx/OntapStorageVirtualMachineEndpoint:OntapStorageVirtualMachineEndpoint": { "properties": { "iscsis": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpointIscsi:OntapStorageVirtualMachineEndpointIscsi" }, "description": "An endpoint for accessing data on your storage virtual machine via iSCSI protocol. See Endpoint.\n" }, "managements": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpointManagement:OntapStorageVirtualMachineEndpointManagement" }, "description": "An endpoint for managing your file system using the NetApp ONTAP CLI and NetApp ONTAP API. See Endpoint.\n" }, "nfs": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpointNf:OntapStorageVirtualMachineEndpointNf" }, "description": "An endpoint for accessing data on your storage virtual machine via NFS protocol. See Endpoint.\n" }, "smbs": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpointSmb:OntapStorageVirtualMachineEndpointSmb" }, "description": "An endpoint for accessing data on your storage virtual machine via SMB protocol. This is only set if an active_directory_configuration has been set. See Endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iscsis", "managements", "nfs", "smbs" ] } } }, "aws:fsx/OntapStorageVirtualMachineEndpointIscsi:OntapStorageVirtualMachineEndpointIscsi": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the storage virtual machine. You can mount your storage virtual machine using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the storage virtual machine endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapStorageVirtualMachineEndpointManagement:OntapStorageVirtualMachineEndpointManagement": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the storage virtual machine. You can mount your storage virtual machine using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the storage virtual machine endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapStorageVirtualMachineEndpointNf:OntapStorageVirtualMachineEndpointNf": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the storage virtual machine. You can mount your storage virtual machine using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the storage virtual machine endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapStorageVirtualMachineEndpointSmb:OntapStorageVirtualMachineEndpointSmb": { "properties": { "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the storage virtual machine. You can mount your storage virtual machine using its DNS name.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IP addresses of the storage virtual machine endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dnsName", "ipAddresses" ] } } }, "aws:fsx/OntapVolumeAggregateConfiguration:OntapVolumeAggregateConfiguration": { "properties": { "aggregates": { "type": "array", "items": { "type": "string" }, "description": "Used to specify the names of the aggregates on which the volume will be created. Each aggregate needs to be in the format aggrX where X is the number of the aggregate.\n", "willReplaceOnChanges": true }, "constituentsPerAggregate": { "type": "integer", "description": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. the default value is `8`.\n", "willReplaceOnChanges": true }, "totalConstituents": { "type": "integer", "description": "The total amount of constituents for a `FLEXGROUP` volume. This would equal constituents_per_aggregate x aggregates.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "aggregates", "constituentsPerAggregate", "totalConstituents" ] } } }, "aws:fsx/OntapVolumeSnaplockConfiguration:OntapVolumeSnaplockConfiguration": { "properties": { "auditLogVolume": { "type": "boolean", "description": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false`.\n" }, "autocommitPeriod": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfigurationAutocommitPeriod:OntapVolumeSnaplockConfigurationAutocommitPeriod", "description": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume. See `autocommit_period` Block for details.\n" }, "privilegedDelete": { "type": "string", "description": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Valid values: `DISABLED`, `ENABLED`, `PERMANENTLY_DISABLED`. The default value is `DISABLED`.\n" }, "retentionPeriod": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriod:OntapVolumeSnaplockConfigurationRetentionPeriod", "description": "The retention period of an FSx for ONTAP SnapLock volume. See `retention_period` Block for details.\n" }, "snaplockType": { "type": "string", "description": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. Valid values: `COMPLIANCE`, `ENTERPRISE`.\n", "willReplaceOnChanges": true }, "volumeAppendModeEnabled": { "type": "boolean", "description": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. The default value is `false`.\n" } }, "type": "object", "required": [ "snaplockType" ], "language": { "nodejs": { "requiredOutputs": [ "autocommitPeriod", "retentionPeriod", "snaplockType" ] } } }, "aws:fsx/OntapVolumeSnaplockConfigurationAutocommitPeriod:OntapVolumeSnaplockConfigurationAutocommitPeriod": { "properties": { "type": { "type": "string", "description": "The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`.\n" }, "value": { "type": "integer", "description": "The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriod:OntapVolumeSnaplockConfigurationRetentionPeriod": { "properties": { "defaultRetention": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention:OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention", "description": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period. See `default_retention` Block for details.\n" }, "maximumRetention": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention:OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention", "description": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See `maximum_retention` Block for details.\n" }, "minimumRetention": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention:OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention", "description": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See `minimum_retention` Block for details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "defaultRetention", "maximumRetention", "minimumRetention" ] } } }, "aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention:OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention": { "properties": { "type": { "type": "string", "description": "The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`.\n" }, "value": { "type": "integer", "description": "The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention:OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention": { "properties": { "type": { "type": "string", "description": "The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`.\n" }, "value": { "type": "integer", "description": "The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:fsx/OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention:OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention": { "properties": { "type": { "type": "string", "description": "The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`.\n" }, "value": { "type": "integer", "description": "The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:fsx/OntapVolumeTieringPolicy:OntapVolumeTieringPolicy": { "properties": { "coolingPeriod": { "type": "integer", "description": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with `AUTO` and `SNAPSHOT_ONLY` tiering policies only. Valid values are whole numbers between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY`.\n" }, "name": { "type": "string", "description": "Specifies the tiering policy for the ONTAP volume for moving data to the capacity pool storage. Valid values are `SNAPSHOT_ONLY`, `AUTO`, `ALL`, `NONE`. Default value is `SNAPSHOT_ONLY`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "coolingPeriod", "name" ] } } }, "aws:fsx/OpenZfsFileSystemDiskIopsConfiguration:OpenZfsFileSystemDiskIopsConfiguration": { "properties": { "iops": { "type": "integer", "description": "The total number of SSD IOPS provisioned for the file system.\n" }, "mode": { "type": "string", "description": "Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops" ] } } }, "aws:fsx/OpenZfsFileSystemRootVolumeConfiguration:OpenZfsFileSystemRootVolumeConfiguration": { "properties": { "copyTagsToSnapshots": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n", "willReplaceOnChanges": true }, "dataCompressionType": { "type": "string", "description": "Method used to compress the data on the volume. Valid values are `LZ4`, `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume.\n" }, "nfsExports": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfigurationNfsExports:OpenZfsFileSystemRootVolumeConfigurationNfsExports", "description": "NFS export configuration for the root volume. Exactly 1 item. See `nfs_exports` Block for details.\n" }, "readOnly": { "type": "boolean", "description": "specifies whether the volume is read-only. Default is false.\n" }, "recordSizeKib": { "type": "integer", "description": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB.\n" }, "userAndGroupQuotas": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfigurationUserAndGroupQuota:OpenZfsFileSystemRootVolumeConfigurationUserAndGroupQuota" }, "description": "Specify how much storage users or groups can use on the volume. Maximum of 100 items. See `user_and_group_quotas` Block for details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "readOnly", "userAndGroupQuotas" ] } } }, "aws:fsx/OpenZfsFileSystemRootVolumeConfigurationNfsExports:OpenZfsFileSystemRootVolumeConfigurationNfsExports": { "properties": { "clientConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfigurationNfsExportsClientConfiguration:OpenZfsFileSystemRootVolumeConfigurationNfsExportsClientConfiguration" }, "description": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See `client_configurations` Block for details.\n" } }, "type": "object", "required": [ "clientConfigurations" ] }, "aws:fsx/OpenZfsFileSystemRootVolumeConfigurationNfsExportsClientConfiguration:OpenZfsFileSystemRootVolumeConfigurationNfsExportsClientConfiguration": { "properties": { "clients": { "type": "string", "description": "A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client.\n" }, "options": { "type": "array", "items": { "type": "string" }, "description": "The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default.\n" } }, "type": "object", "required": [ "clients", "options" ] }, "aws:fsx/OpenZfsFileSystemRootVolumeConfigurationUserAndGroupQuota:OpenZfsFileSystemRootVolumeConfigurationUserAndGroupQuota": { "properties": { "id": { "type": "integer", "description": "The ID of the user or group. Valid values between `0` and `2147483647`\n" }, "storageCapacityQuotaGib": { "type": "integer", "description": "The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647`\n" }, "type": { "type": "string", "description": "A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`.\n" } }, "type": "object", "required": [ "id", "storageCapacityQuotaGib", "type" ] }, "aws:fsx/OpenZfsVolumeNfsExports:OpenZfsVolumeNfsExports": { "properties": { "clientConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsVolumeNfsExportsClientConfiguration:OpenZfsVolumeNfsExportsClientConfiguration" }, "description": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See `client_configurations` Block below for details.\n" } }, "type": "object", "required": [ "clientConfigurations" ] }, "aws:fsx/OpenZfsVolumeNfsExportsClientConfiguration:OpenZfsVolumeNfsExportsClientConfiguration": { "properties": { "clients": { "type": "string", "description": "A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client.\n" }, "options": { "type": "array", "items": { "type": "string" }, "description": "The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default.\n" } }, "type": "object", "required": [ "clients", "options" ] }, "aws:fsx/OpenZfsVolumeOriginSnapshot:OpenZfsVolumeOriginSnapshot": { "properties": { "copyStrategy": { "type": "string", "description": "Specifies the strategy used when copying data from the snapshot to the new volume. Valid values are `CLONE`, `FULL_COPY`, `INCREMENTAL_COPY`.\n" }, "snapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the origin snapshot.\n" } }, "type": "object", "required": [ "copyStrategy", "snapshotArn" ] }, "aws:fsx/OpenZfsVolumeUserAndGroupQuota:OpenZfsVolumeUserAndGroupQuota": { "properties": { "id": { "type": "integer", "description": "The ID of the user or group. Valid values between `0` and `2147483647`\n" }, "storageCapacityQuotaGib": { "type": "integer", "description": "The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647`\n* `Type` - (Required) - A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`.\n" }, "type": { "type": "string" } }, "type": "object", "required": [ "id", "storageCapacityQuotaGib", "type" ] }, "aws:fsx/WindowsFileSystemAuditLogConfiguration:WindowsFileSystemAuditLogConfiguration": { "properties": { "auditLogDestination": { "type": "string", "description": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN. Can be specified when `file_access_audit_log_level` and `file_share_access_audit_log_level` are not set to `DISABLED`. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must begin with the `aws-fsx` prefix. If you do not provide a destination in `audit_log_destionation`, Amazon FSx will create and use a log stream in the CloudWatch Logs /aws/fsx/windows log group.\n" }, "fileAccessAuditLogLevel": { "type": "string", "description": "Sets which attempt type is logged by Amazon FSx for file and folder accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`.\n" }, "fileShareAccessAuditLogLevel": { "type": "string", "description": "Sets which attempt type is logged by Amazon FSx for file share accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "auditLogDestination" ] } } }, "aws:fsx/WindowsFileSystemDiskIopsConfiguration:WindowsFileSystemDiskIopsConfiguration": { "properties": { "iops": { "type": "integer", "description": "The total number of SSD IOPS provisioned for the file system.\n" }, "mode": { "type": "string", "description": "Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops" ] } } }, "aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory": { "properties": { "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of up to two IP addresses of DNS servers or domain controllers in the self-managed AD directory. The IP addresses need to be either in the same VPC CIDR range as the file system or in the private IP version 4 (IPv4) address ranges as specified in [RFC 1918](https://tools.ietf.org/html/rfc1918).\n" }, "domainName": { "type": "string", "description": "The fully qualified domain name of the self-managed AD directory. For example, `corp.example.com`.\n" }, "fileSystemAdministratorsGroup": { "type": "string", "description": "The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, and setting audit controls (audit ACLs) on files and folders. The group that you specify must already exist in your domain. Defaults to `Domain Admins`.\n" }, "organizationalUnitDistinguishedName": { "type": "string", "description": "The fully qualified distinguished name of the organizational unit within your self-managed AD directory that the Windows File Server instance will join. For example, `OU=FSx,DC=yourdomain,DC=corp,DC=com`. Only accepts OU as the direct parent of the file system. If none is provided, the FSx file system is created in the default location of your self-managed AD directory. To learn more, see [RFC 2253](https://tools.ietf.org/html/rfc2253).\n" }, "password": { "type": "string", "description": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n", "secret": true }, "username": { "type": "string", "description": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.\n" } }, "type": "object", "required": [ "dnsIps", "domainName", "password", "username" ] }, "aws:fsx/getOntapFileSystemDiskIopsConfiguration:getOntapFileSystemDiskIopsConfiguration": { "properties": { "iops": { "type": "integer", "description": "The total number of SSD IOPS provisioned for the file system.\n" }, "mode": { "type": "string", "description": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.\n" } }, "type": "object", "required": [ "iops", "mode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapFileSystemEndpoint:getOntapFileSystemEndpoint": { "properties": { "interclusters": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapFileSystemEndpointIntercluster:getOntapFileSystemEndpointIntercluster" }, "description": "A FileSystemEndpoint for managing your file system by setting up NetApp SnapMirror with other ONTAP systems. See FileSystemEndpoint below.\n" }, "managements": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapFileSystemEndpointManagement:getOntapFileSystemEndpointManagement" }, "description": "A FileSystemEndpoint for managing your file system using the NetApp ONTAP CLI and NetApp ONTAP API. See FileSystemEndpoint below.\n" } }, "type": "object", "required": [ "interclusters", "managements" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapFileSystemEndpointIntercluster:getOntapFileSystemEndpointIntercluster": { "properties": { "dnsName": { "type": "string", "description": "DNS name for the file system.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapFileSystemEndpointManagement:getOntapFileSystemEndpointManagement": { "properties": { "dnsName": { "type": "string", "description": "DNS name for the file system.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineActiveDirectoryConfiguration:getOntapStorageVirtualMachineActiveDirectoryConfiguration": { "properties": { "netbiosName": { "type": "string", "description": "The NetBIOS name of the AD computer object to which the SVM is joined.\n" }, "selfManagedActiveDirectoryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration:getOntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration" } } }, "type": "object", "required": [ "netbiosName", "selfManagedActiveDirectoryConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration:getOntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfiguration": { "properties": { "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.\n" }, "domainName": { "type": "string", "description": "The fully qualified domain name of the self-managed AD directory.\n" }, "fileSystemAdministratorsGroup": { "type": "string", "description": "The name of the domain group whose members have administrative privileges for the FSx file system.\n" }, "organizationalUnitDistinguishedName": { "type": "string", "description": "The fully qualified distinguished name of the organizational unit within the self-managed AD directory to which the Windows File Server or ONTAP storage virtual machine (SVM) instance is joined.\n" }, "username": { "type": "string", "description": "The user name for the service account on your self-managed AD domain that FSx uses to join to your AD domain.\n" } }, "type": "object", "required": [ "dnsIps", "domainName", "fileSystemAdministratorsGroup", "organizationalUnitDistinguishedName", "username" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineEndpoint:getOntapStorageVirtualMachineEndpoint": { "properties": { "iscsis": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineEndpointIscsi:getOntapStorageVirtualMachineEndpointIscsi" } }, "managements": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineEndpointManagement:getOntapStorageVirtualMachineEndpointManagement" }, "description": "An endpoint for managing SVMs using the NetApp ONTAP CLI, NetApp ONTAP API, or NetApp CloudManager. See SVM Endpoint below.\n" }, "nfs": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineEndpointNf:getOntapStorageVirtualMachineEndpointNf" }, "description": "An endpoint for connecting using the Network File System (NFS) protocol. See SVM Endpoint below.\n" }, "smbs": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineEndpointSmb:getOntapStorageVirtualMachineEndpointSmb" }, "description": "An endpoint for connecting using the Server Message Block (SMB) protocol. See SVM Endpoint below.\n" } }, "type": "object", "required": [ "iscsis", "managements", "nfs", "smbs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineEndpointIscsi:getOntapStorageVirtualMachineEndpointIscsi": { "properties": { "dnsName": { "type": "string" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineEndpointManagement:getOntapStorageVirtualMachineEndpointManagement": { "properties": { "dnsName": { "type": "string" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineEndpointNf:getOntapStorageVirtualMachineEndpointNf": { "properties": { "dnsName": { "type": "string" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineEndpointSmb:getOntapStorageVirtualMachineEndpointSmb": { "properties": { "dnsName": { "type": "string" }, "ipAddresses": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dnsName", "ipAddresses" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachineFilter:getOntapStorageVirtualMachineFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/fsx/latest/APIReference/API_StorageVirtualMachineFilter.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. An SVM will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:fsx/getOntapStorageVirtualMachineLifecycleTransitionReason:getOntapStorageVirtualMachineLifecycleTransitionReason": { "properties": { "message": { "type": "string", "description": "A detailed message.\n" } }, "type": "object", "required": [ "message" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getOntapStorageVirtualMachinesFilter:getOntapStorageVirtualMachinesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/fsx/latest/APIReference/API_StorageVirtualMachineFilter.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field. An SVM will be selected if any one of the given values matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:fsx/getOpenZfsSnapshotFilter:getOpenZfsSnapshotFilter": { "properties": { "name": { "type": "string", "description": "Name of the snapshot.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:fsx/getWindowsFileSystemAuditLogConfiguration:getWindowsFileSystemAuditLogConfiguration": { "properties": { "auditLogDestination": { "type": "string" }, "fileAccessAuditLogLevel": { "type": "string" }, "fileShareAccessAuditLogLevel": { "type": "string" } }, "type": "object", "required": [ "auditLogDestination", "fileAccessAuditLogLevel", "fileShareAccessAuditLogLevel" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:fsx/getWindowsFileSystemDiskIopsConfiguration:getWindowsFileSystemDiskIopsConfiguration": { "properties": { "iops": { "type": "integer" }, "mode": { "type": "string" } }, "type": "object", "required": [ "iops", "mode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy": { "properties": { "fleetId": { "type": "string", "description": "ID of the GameLift Fleet to point the alias to.\n" }, "message": { "type": "string", "description": "Message text to be used with the `TERMINAL` routing strategy.\n" }, "type": { "type": "string", "description": "Type of routing strategyE.g., `SIMPLE` or `TERMINAL`\n" } }, "type": "object", "required": [ "type" ] }, "aws:gamelift/BuildStorageLocation:BuildStorageLocation": { "properties": { "bucket": { "type": "string", "description": "Name of your S3 bucket.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "Name of the zip file containing your build files.\n", "willReplaceOnChanges": true }, "objectVersion": { "type": "string", "description": "A specific version of the file. If not set, the latest version of the file is retrieved.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN of the access role that allows Amazon GameLift to access your S3 bucket.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucket", "key", "roleArn" ] }, "aws:gamelift/FleetCertificateConfiguration:FleetCertificateConfiguration": { "properties": { "certificateType": { "type": "string", "description": "Indicates whether a TLS/SSL certificate is generated for a fleet. Valid values are `DISABLED` and `GENERATED`. Default value is `DISABLED`.\n" } }, "type": "object" }, "aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission": { "properties": { "fromPort": { "type": "integer", "description": "Starting value for a range of allowed port numbers.\n" }, "ipRange": { "type": "string", "description": "Range of allowed IP addresses expressed in CIDR notationE.g., `000.000.000.000/[subnet mask]` or `0.0.0.0/[subnet mask]`.\n" }, "protocol": { "type": "string", "description": "Network communication protocol used by the fleetE.g., `TCP` or `UDP`\n" }, "toPort": { "type": "integer", "description": "Ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than `from_port`.\n" } }, "type": "object", "required": [ "fromPort", "ipRange", "protocol", "toPort" ] }, "aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy": { "properties": { "newGameSessionsPerCreator": { "type": "integer", "description": "Maximum number of game sessions that an individual can create during the policy period.\n" }, "policyPeriodInMinutes": { "type": "integer", "description": "Time span used in evaluating the resource creation limit policy.\n" } }, "type": "object" }, "aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration": { "properties": { "gameSessionActivationTimeoutSeconds": { "type": "integer", "description": "Maximum amount of time (in seconds) that a game session can remain in status `ACTIVATING`.\n" }, "maxConcurrentGameSessionActivations": { "type": "integer", "description": "Maximum number of game sessions with status `ACTIVATING` to allow on an instance simultaneously.\n" }, "serverProcesses": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfigurationServerProcess:FleetRuntimeConfigurationServerProcess" }, "description": "Collection of server process configurations that describe which server processes to run on each instance in a fleet. See below.\n" } }, "type": "object" }, "aws:gamelift/FleetRuntimeConfigurationServerProcess:FleetRuntimeConfigurationServerProcess": { "properties": { "concurrentExecutions": { "type": "integer", "description": "Number of server processes using this configuration to run concurrently on an instance.\n" }, "launchPath": { "type": "string", "description": "Location of the server executable in a game build. All game builds are installed on instances at the root : for Windows instances `C:\\game`, and for Linux instances `/local/game`.\n" }, "parameters": { "type": "string", "description": "Optional list of parameters to pass to the server executable on launch.\n" } }, "type": "object", "required": [ "concurrentExecutions", "launchPath" ] }, "aws:gamelift/GameServerGroupAutoScalingPolicy:GameServerGroupAutoScalingPolicy": { "properties": { "estimatedInstanceWarmup": { "type": "integer", "description": "Length of time, in seconds, it takes for a new instance to start\nnew game server processes and register with GameLift FleetIQ.\nSpecifying a warm-up time can be useful, particularly with game servers that take a long time to start up,\nbecause it avoids prematurely starting new instances. Defaults to `60`.\n", "willReplaceOnChanges": true }, "targetTrackingConfiguration": { "$ref": "#/types/aws:gamelift/GameServerGroupAutoScalingPolicyTargetTrackingConfiguration:GameServerGroupAutoScalingPolicyTargetTrackingConfiguration" } }, "type": "object", "required": [ "targetTrackingConfiguration" ], "language": { "nodejs": { "requiredOutputs": [ "estimatedInstanceWarmup", "targetTrackingConfiguration" ] } } }, "aws:gamelift/GameServerGroupAutoScalingPolicyTargetTrackingConfiguration:GameServerGroupAutoScalingPolicyTargetTrackingConfiguration": { "properties": { "targetValue": { "type": "number", "description": "Desired value to use with a game server group target-based scaling policy.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "targetValue" ] }, "aws:gamelift/GameServerGroupInstanceDefinition:GameServerGroupInstanceDefinition": { "properties": { "instanceType": { "type": "string", "description": "An EC2 instance type.\n" }, "weightedCapacity": { "type": "string", "description": "Instance weighting that indicates how much this instance type contributes\nto the total capacity of a game server group.\nInstance weights are used by GameLift FleetIQ to calculate the instance type's cost per unit hour and better identify\nthe most cost-effective options.\n" } }, "type": "object", "required": [ "instanceType" ] }, "aws:gamelift/GameServerGroupLaunchTemplate:GameServerGroupLaunchTemplate": { "properties": { "id": { "type": "string", "description": "A unique identifier for an existing EC2 launch template.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A readable identifier for an existing EC2 launch template.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "The version of the EC2 launch template to use. If none is set, the default is the first version created.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "name" ] } } }, "aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy": { "properties": { "maximumIndividualPlayerLatencyMilliseconds": { "type": "integer", "description": "Maximum latency value that is allowed for any player.\n" }, "policyDurationSeconds": { "type": "integer", "description": "Length of time that the policy is enforced while placing a new game session. Absence of value for this attribute means that the policy is enforced until the queue times out.\n" } }, "type": "object", "required": [ "maximumIndividualPlayerLatencyMilliseconds" ] }, "aws:gamelift/MatchmakingConfigurationGameProperty:MatchmakingConfigurationGameProperty": { "properties": { "key": { "type": "string", "description": "A game property key\n" }, "value": { "type": "string", "description": "A game property value.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:gamelift/ScriptStorageLocation:ScriptStorageLocation": { "properties": { "bucket": { "type": "string", "description": "Name of your S3 bucket.\n" }, "key": { "type": "string", "description": "Name of the zip file containing your script files.\n" }, "objectVersion": { "type": "string", "description": "A specific version of the file. If not set, the latest version of the file is retrieved.\n" }, "roleArn": { "type": "string", "description": "ARN of the access role that allows Amazon GameLift to access your S3 bucket.\n" } }, "type": "object", "required": [ "bucket", "key", "roleArn" ] }, "aws:glacier/VaultNotification:VaultNotification": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "You can configure a vault to publish a notification for `ArchiveRetrievalCompleted` and `InventoryRetrievalCompleted` events.\n" }, "snsTopic": { "type": "string", "description": "The SNS Topic ARN.\n" } }, "type": "object", "required": [ "events", "snsTopic" ] }, "aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes": { "properties": { "flowLogsEnabled": { "type": "boolean", "description": "Indicates whether flow logs are enabled. Defaults to `false`. Valid values: `true`, `false`.\n" }, "flowLogsS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket for the flow logs. Required if `flow_logs_enabled` is `true`.\n" }, "flowLogsS3Prefix": { "type": "string", "description": "The prefix for the location in the Amazon S3 bucket for the flow logs. Required if `flow_logs_enabled` is `true`.\n" } }, "type": "object" }, "aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet": { "properties": { "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n" }, "ipFamily": { "type": "string", "description": "The type of IP addresses included in this IP set.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipAddresses", "ipFamily" ] } } }, "aws:globalaccelerator/CrossAccountAttachmentResource:CrossAccountAttachmentResource": { "properties": { "cidrBlock": { "type": "string", "description": "IP address range, in CIDR format, that is specified as resource.\n" }, "endpointId": { "type": "string", "description": "The endpoint ID for the endpoint that is specified as a AWS resource.\n" }, "region": { "type": "string", "description": "The AWS Region where a shared endpoint resource is located.\n" } }, "type": "object" }, "aws:globalaccelerator/CustomRoutingAcceleratorAttributes:CustomRoutingAcceleratorAttributes": { "properties": { "flowLogsEnabled": { "type": "boolean", "description": "Indicates whether flow logs are enabled. Defaults to `false`. Valid values: `true`, `false`.\n" }, "flowLogsS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket for the flow logs. Required if `flow_logs_enabled` is `true`.\n" }, "flowLogsS3Prefix": { "type": "string", "description": "The prefix for the location in the Amazon S3 bucket for the flow logs. Required if `flow_logs_enabled` is `true`.\n" } }, "type": "object" }, "aws:globalaccelerator/CustomRoutingAcceleratorIpSet:CustomRoutingAcceleratorIpSet": { "properties": { "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n" }, "ipFamily": { "type": "string", "description": "The type of IP addresses included in this IP set.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipAddresses", "ipFamily" ] } } }, "aws:globalaccelerator/CustomRoutingEndpointGroupDestinationConfiguration:CustomRoutingEndpointGroupDestinationConfiguration": { "properties": { "fromPort": { "type": "integer", "description": "The first port, inclusive, in the range of ports for the endpoint group that is associated with a custom routing accelerator.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The protocol for the endpoint group that is associated with a custom routing accelerator. The protocol can be either `\"TCP\"` or `\"UDP\"`.\n" }, "toPort": { "type": "integer", "description": "The last port, inclusive, in the range of ports for the endpoint group that is associated with a custom routing accelerator.\n" } }, "type": "object", "required": [ "fromPort", "protocols", "toPort" ] }, "aws:globalaccelerator/CustomRoutingEndpointGroupEndpointConfiguration:CustomRoutingEndpointGroupEndpointConfiguration": { "properties": { "endpointId": { "type": "string", "description": "An ID for the endpoint. For custom routing accelerators, this is the virtual private cloud (VPC) subnet ID.\n" } }, "type": "object" }, "aws:globalaccelerator/CustomRoutingListenerPortRange:CustomRoutingListenerPortRange": { "properties": { "fromPort": { "type": "integer", "description": "The first port in the range of ports, inclusive.\n" }, "toPort": { "type": "integer", "description": "The last port in the range of ports, inclusive.\n" } }, "type": "object" }, "aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration": { "properties": { "clientIpPreservationEnabled": { "type": "boolean", "description": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. See the [AWS documentation](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) for more details. The default value is `false`.\n**Note:** When client IP address preservation is enabled, the Global Accelerator service creates an EC2 Security Group in the VPC named `GlobalAccelerator` that must be deleted (potentially outside of the provider) before the VPC will successfully delete. If this EC2 Security Group is not deleted, the provider will retry the VPC deletion for a few minutes before reporting a `DependencyViolation` error. This cannot be resolved by re-running the provider.\n" }, "endpointId": { "type": "string", "description": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID.\n" }, "weight": { "type": "integer", "description": "The weight associated with the endpoint. When you add weights to endpoints, you configure AWS Global Accelerator to route traffic based on proportions that you specify.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "clientIpPreservationEnabled" ] } } }, "aws:globalaccelerator/EndpointGroupPortOverride:EndpointGroupPortOverride": { "properties": { "endpointPort": { "type": "integer", "description": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.\n" }, "listenerPort": { "type": "integer", "description": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.\n" } }, "type": "object", "required": [ "endpointPort", "listenerPort" ] }, "aws:globalaccelerator/ListenerPortRange:ListenerPortRange": { "properties": { "fromPort": { "type": "integer", "description": "The first port in the range of ports, inclusive.\n" }, "toPort": { "type": "integer", "description": "The last port in the range of ports, inclusive.\n" } }, "type": "object" }, "aws:globalaccelerator/getAcceleratorAttribute:getAcceleratorAttribute": { "properties": { "flowLogsEnabled": { "type": "boolean" }, "flowLogsS3Bucket": { "type": "string" }, "flowLogsS3Prefix": { "type": "string" } }, "type": "object", "required": [ "flowLogsEnabled", "flowLogsS3Bucket", "flowLogsS3Prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:globalaccelerator/getAcceleratorIpSet:getAcceleratorIpSet": { "properties": { "ipAddresses": { "type": "array", "items": { "type": "string" } }, "ipFamily": { "type": "string" } }, "type": "object", "required": [ "ipAddresses", "ipFamily" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:globalaccelerator/getCustomRoutingAcceleratorAttribute:getCustomRoutingAcceleratorAttribute": { "properties": { "flowLogsEnabled": { "type": "boolean" }, "flowLogsS3Bucket": { "type": "string" }, "flowLogsS3Prefix": { "type": "string" } }, "type": "object", "required": [ "flowLogsEnabled", "flowLogsS3Bucket", "flowLogsS3Prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:globalaccelerator/getCustomRoutingAcceleratorIpSet:getCustomRoutingAcceleratorIpSet": { "properties": { "ipAddresses": { "type": "array", "items": { "type": "string" } }, "ipFamily": { "type": "string" } }, "type": "object", "required": [ "ipAddresses", "ipFamily" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/CatalogDatabaseCreateTableDefaultPermission:CatalogDatabaseCreateTableDefaultPermission": { "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "The permissions that are granted to the principal.\n" }, "principal": { "$ref": "#/types/aws:glue/CatalogDatabaseCreateTableDefaultPermissionPrincipal:CatalogDatabaseCreateTableDefaultPermissionPrincipal", "description": "The principal who is granted permissions.. See `principal` below.\n" } }, "type": "object" }, "aws:glue/CatalogDatabaseCreateTableDefaultPermissionPrincipal:CatalogDatabaseCreateTableDefaultPermissionPrincipal": { "properties": { "dataLakePrincipalIdentifier": { "type": "string", "description": "An identifier for the Lake Formation principal.\n" } }, "type": "object" }, "aws:glue/CatalogDatabaseFederatedDatabase:CatalogDatabaseFederatedDatabase": { "properties": { "connectionName": { "type": "string", "description": "Name of the connection to the external metastore.\n" }, "identifier": { "type": "string", "description": "Unique identifier for the federated database.\n" } }, "type": "object" }, "aws:glue/CatalogDatabaseTargetDatabase:CatalogDatabaseTargetDatabase": { "properties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog in which the database resides.\n" }, "databaseName": { "type": "string", "description": "Name of the catalog database.\n" }, "region": { "type": "string", "description": "Region of the target database.\n" } }, "type": "object", "required": [ "catalogId", "databaseName" ] }, "aws:glue/CatalogTableOpenTableFormatInput:CatalogTableOpenTableFormatInput": { "properties": { "icebergInput": { "$ref": "#/types/aws:glue/CatalogTableOpenTableFormatInputIcebergInput:CatalogTableOpenTableFormatInputIcebergInput", "description": "Configuration block for iceberg table config. See `iceberg_input` below.\n" } }, "type": "object", "required": [ "icebergInput" ] }, "aws:glue/CatalogTableOpenTableFormatInputIcebergInput:CatalogTableOpenTableFormatInputIcebergInput": { "properties": { "metadataOperation": { "type": "string", "description": "A required metadata operation. Can only be set to CREATE.\n" }, "version": { "type": "string", "description": "The table version for the Iceberg table. Defaults to 2.\n" } }, "type": "object", "required": [ "metadataOperation" ] }, "aws:glue/CatalogTablePartitionIndex:CatalogTablePartitionIndex": { "properties": { "indexName": { "type": "string", "description": "Name of the partition index.\n" }, "indexStatus": { "type": "string" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "Keys for the partition index.\n" } }, "type": "object", "required": [ "indexName", "keys" ], "language": { "nodejs": { "requiredOutputs": [ "indexName", "indexStatus", "keys" ] } } }, "aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n" }, "name": { "type": "string", "description": "Name of the Partition Key.\n" }, "type": { "type": "string", "description": "Datatype of data in the Partition Key.\n" } }, "type": "object", "required": [ "name" ] }, "aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor": { "properties": { "additionalLocations": { "type": "array", "items": { "type": "string" }, "description": "List of locations that point to the path where a Delta table is located.\n" }, "bucketColumns": { "type": "array", "items": { "type": "string" }, "description": "List of reducer grouping columns, clustering columns, and bucketing columns in the table.\n" }, "columns": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorColumn:CatalogTableStorageDescriptorColumn" }, "description": "Configuration block for columns in the table. See `columns` below.\n" }, "compressed": { "type": "boolean", "description": "Whether the data in the table is compressed.\n" }, "inputFormat": { "type": "string", "description": "Input format: SequenceFileInputFormat (binary), or TextInputFormat, or a custom format.\n" }, "location": { "type": "string", "description": "Physical location of the table. By default this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.\n" }, "numberOfBuckets": { "type": "integer", "description": "Must be specified if the table contains any dimension columns.\n" }, "outputFormat": { "type": "string", "description": "Output format: SequenceFileOutputFormat (binary), or IgnoreKeyTextOutputFormat, or a custom format.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-supplied properties in key-value form.\n" }, "schemaReference": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSchemaReference:CatalogTableStorageDescriptorSchemaReference", "description": "Object that references a schema stored in the AWS Glue Schema Registry. When creating a table, you can pass an empty list of columns for the schema, and instead use a schema reference. See Schema Reference below.\n" }, "serDeInfo": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSerDeInfo:CatalogTableStorageDescriptorSerDeInfo", "description": "Configuration block for serialization and deserialization (\"SerDe\") information. See `ser_de_info` below.\n" }, "skewedInfo": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSkewedInfo:CatalogTableStorageDescriptorSkewedInfo", "description": "Configuration block with information about values that appear very frequently in a column (skewed values). See `skewed_info` below.\n" }, "sortColumns": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSortColumn:CatalogTableStorageDescriptorSortColumn" }, "description": "Configuration block for the sort order of each bucket in the table. See `sort_columns` below.\n" }, "storedAsSubDirectories": { "type": "boolean", "description": "Whether the table data is stored in subdirectories.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "columns" ] } } }, "aws:glue/CatalogTableStorageDescriptorColumn:CatalogTableStorageDescriptorColumn": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n" }, "name": { "type": "string", "description": "Name of the Column.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs defining properties associated with the column.\n" }, "type": { "type": "string", "description": "Datatype of data in the Column.\n" } }, "type": "object", "required": [ "name" ] }, "aws:glue/CatalogTableStorageDescriptorSchemaReference:CatalogTableStorageDescriptorSchemaReference": { "properties": { "schemaId": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptorSchemaReferenceSchemaId:CatalogTableStorageDescriptorSchemaReferenceSchemaId", "description": "Configuration block that contains schema identity fields. Either this or the `schema_version_id` has to be provided. See `schema_id` below.\n" }, "schemaVersionId": { "type": "string", "description": "Unique ID assigned to a version of the schema. Either this or the `schema_id` has to be provided.\n" }, "schemaVersionNumber": { "type": "integer", "description": "Version number of the schema.\n" } }, "type": "object", "required": [ "schemaVersionNumber" ] }, "aws:glue/CatalogTableStorageDescriptorSchemaReferenceSchemaId:CatalogTableStorageDescriptorSchemaReferenceSchemaId": { "properties": { "registryName": { "type": "string", "description": "Name of the schema registry that contains the schema. Must be provided when `schema_name` is specified and conflicts with `schema_arn`.\n" }, "schemaArn": { "type": "string", "description": "ARN of the schema. One of `schema_arn` or `schema_name` has to be provided.\n" }, "schemaName": { "type": "string", "description": "Name of the schema. One of `schema_arn` or `schema_name` has to be provided.\n" } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorSerDeInfo:CatalogTableStorageDescriptorSerDeInfo": { "properties": { "name": { "type": "string", "description": "Name of the SerDe.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of initialization parameters for the SerDe, in key-value form.\n" }, "serializationLibrary": { "type": "string", "description": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe`.\n" } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorSkewedInfo:CatalogTableStorageDescriptorSkewedInfo": { "properties": { "skewedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "List of names of columns that contain skewed values.\n" }, "skewedColumnValueLocationMaps": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of values that appear so frequently as to be considered skewed.\n" }, "skewedColumnValues": { "type": "array", "items": { "type": "string" }, "description": "Map of skewed values to the columns that contain them.\n" } }, "type": "object" }, "aws:glue/CatalogTableStorageDescriptorSortColumn:CatalogTableStorageDescriptorSortColumn": { "properties": { "column": { "type": "string", "description": "Name of the column.\n" }, "sortOrder": { "type": "integer", "description": "Whether the column is sorted in ascending (`1`) or descending order (`0`).\n" } }, "type": "object", "required": [ "column", "sortOrder" ] }, "aws:glue/CatalogTableTargetTable:CatalogTableTargetTable": { "properties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog in which the table resides.\n" }, "databaseName": { "type": "string", "description": "Name of the catalog database that contains the target table.\n" }, "name": { "type": "string", "description": "Name of the target table.\n" }, "region": { "type": "string", "description": "Region of the target table.\n" } }, "type": "object", "required": [ "catalogId", "databaseName", "name" ] }, "aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier": { "properties": { "allowSingleColumn": { "type": "boolean", "description": "Enables the processing of files that contain only one column.\n" }, "containsHeader": { "type": "string", "description": "Indicates whether the CSV file contains a header. This can be one of \"ABSENT\", \"PRESENT\", or \"UNKNOWN\".\n" }, "customDatatypeConfigured": { "type": "boolean", "description": "Enables the custom datatype to be configured.\n" }, "customDatatypes": { "type": "array", "items": { "type": "string" }, "description": "A list of supported custom datatypes. Valid values are `BINARY`, `BOOLEAN`, `DATE`, `DECIMAL`, `DOUBLE`, `FLOAT`, `INT`, `LONG`, `SHORT`, `STRING`, `TIMESTAMP`.\n" }, "delimiter": { "type": "string", "description": "The delimiter used in the CSV to separate columns.\n" }, "disableValueTrimming": { "type": "boolean", "description": "Specifies whether to trim column values.\n" }, "headers": { "type": "array", "items": { "type": "string" }, "description": "A list of strings representing column names.\n" }, "quoteSymbol": { "type": "string", "description": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.\n" }, "serde": { "type": "string", "description": "The SerDe for processing CSV. Valid values are `OpenCSVSerDe`, `LazySimpleSerDe`, `None`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "serde" ] } } }, "aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier": { "properties": { "classification": { "type": "string", "description": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, Amazon CloudWatch Logs, and so on.\n" }, "customPatterns": { "type": "string", "description": "Custom grok patterns used by this classifier.\n" }, "grokPattern": { "type": "string", "description": "The grok pattern used by this classifier.\n" } }, "type": "object", "required": [ "classification", "grokPattern" ] }, "aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier": { "properties": { "jsonPath": { "type": "string", "description": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath`, as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json).\n" } }, "type": "object", "required": [ "jsonPath" ] }, "aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier": { "properties": { "classification": { "type": "string", "description": "An identifier of the data format that the classifier matches.\n" }, "rowTag": { "type": "string", "description": "The XML tag designating the element that contains each record in an XML document being parsed. Note that this cannot identify a self-closing element (closed by `/\u003e`). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `\u003crow item_a=\"A\" item_b=\"B\"\u003e\u003c/row\u003e` is okay, but `\u003crow item_a=\"A\" item_b=\"B\" /\u003e` is not).\n" } }, "type": "object", "required": [ "classification", "rowTag" ] }, "aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements": { "properties": { "availabilityZone": { "type": "string", "description": "The availability zone of the connection. This field is redundant and implied by `subnet_id`, but is currently an api requirement.\n" }, "securityGroupIdLists": { "type": "array", "items": { "type": "string" }, "description": "The security group ID list used by the connection.\n" }, "subnetId": { "type": "string", "description": "The subnet ID used by the connection.\n" } }, "type": "object" }, "aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a Catalog connection type paired with a `NETWORK` Connection type.\n" }, "databaseName": { "type": "string", "description": "The name of the Glue database to be synchronized.\n" }, "dlqEventQueueArn": { "type": "string", "description": "A valid Amazon SQS ARN.\n\n\u003e **Note:** `deletion_behavior` of catalog target doesn't support `DEPRECATE_IN_DATABASE`.\n\n\u003e **Note:** `configuration` for catalog target crawlers will have `{ ... \"Grouping\": { \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"} }` by default.\n" }, "eventQueueArn": { "type": "string", "description": "A valid Amazon SQS ARN.\n" }, "tables": { "type": "array", "items": { "type": "string" }, "description": "A list of catalog tables to be synchronized.\n" } }, "type": "object", "required": [ "databaseName", "tables" ] }, "aws:glue/CrawlerDeltaTarget:CrawlerDeltaTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the Delta table target.\n" }, "createNativeDeltaTable": { "type": "boolean", "description": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.\n" }, "deltaTables": { "type": "array", "items": { "type": "string" }, "description": "A list of the Amazon S3 paths to the Delta tables.\n" }, "writeManifest": { "type": "boolean", "description": "Specifies whether to write the manifest files to the Delta table path.\n" } }, "type": "object", "required": [ "deltaTables", "writeManifest" ] }, "aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget": { "properties": { "path": { "type": "string", "description": "The name of the DynamoDB table to crawl.\n" }, "scanAll": { "type": "boolean", "description": "Indicates whether to scan all the records, or to sample rows from the table. Scanning all the records can take a long time when the table is not a high throughput table. defaults to `true`.\n" }, "scanRate": { "type": "number", "description": "The percentage of the configured read capacity units to use by the AWS Glue crawler. The valid values are null or a value between 0.1 to 1.5.\n" } }, "type": "object", "required": [ "path" ] }, "aws:glue/CrawlerHudiTarget:CrawlerHudiTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the Hudi target.\n" }, "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n" }, "maximumTraversalDepth": { "type": "integer", "description": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. Valid values are between `1` and `20`.\n" }, "paths": { "type": "array", "items": { "type": "string" }, "description": "One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix.\n" } }, "type": "object", "required": [ "maximumTraversalDepth", "paths" ] }, "aws:glue/CrawlerIcebergTarget:CrawlerIcebergTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the Iceberg target.\n" }, "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n" }, "maximumTraversalDepth": { "type": "integer", "description": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time. Valid values are between `1` and `20`.\n" }, "paths": { "type": "array", "items": { "type": "string" }, "description": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix.\n" } }, "type": "object", "required": [ "maximumTraversalDepth", "paths" ] }, "aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the JDBC target.\n" }, "enableAdditionalMetadatas": { "type": "array", "items": { "type": "string" }, "description": "Specify a value of `RAWTYPES` or `COMMENTS` to enable additional metadata intable responses. `RAWTYPES` provides the native-level datatype. `COMMENTS` provides comments associated with a column or table in the database.\n" }, "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n" }, "path": { "type": "string", "description": "The path of the JDBC target.\n" } }, "type": "object", "required": [ "connectionName", "path" ] }, "aws:glue/CrawlerLakeFormationConfiguration:CrawlerLakeFormationConfiguration": { "properties": { "accountId": { "type": "string", "description": "Required for cross account crawls. For same account crawls as the target data, this can omitted.\n" }, "useLakeFormationCredentials": { "type": "boolean", "description": "Specifies whether to use Lake Formation credentials for the crawler instead of the IAM role credentials.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "accountId" ] } } }, "aws:glue/CrawlerLineageConfiguration:CrawlerLineageConfiguration": { "properties": { "crawlerLineageSettings": { "type": "string", "description": "Specifies whether data lineage is enabled for the crawler. Valid values are: `ENABLE` and `DISABLE`. Default value is `DISABLE`.\n" } }, "type": "object" }, "aws:glue/CrawlerMongodbTarget:CrawlerMongodbTarget": { "properties": { "connectionName": { "type": "string", "description": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.\n" }, "path": { "type": "string", "description": "The path of the Amazon DocumentDB or MongoDB target (database/collection).\n" }, "scanAll": { "type": "boolean", "description": "Indicates whether to scan all the records, or to sample rows from the table. Scanning all the records can take a long time when the table is not a high throughput table. Default value is `true`.\n" } }, "type": "object", "required": [ "connectionName", "path" ] }, "aws:glue/CrawlerRecrawlPolicy:CrawlerRecrawlPolicy": { "properties": { "recrawlBehavior": { "type": "string", "description": "Specifies whether to crawl the entire dataset again, crawl only folders that were added since the last crawler run, or crawl what S3 notifies the crawler of via SQS. Valid Values are: `CRAWL_EVENT_MODE`, `CRAWL_EVERYTHING` and `CRAWL_NEW_FOLDERS_ONLY`. Default value is `CRAWL_EVERYTHING`.\n" } }, "type": "object" }, "aws:glue/CrawlerS3Target:CrawlerS3Target": { "properties": { "connectionName": { "type": "string", "description": "The name of a connection which allows crawler to access data in S3 within a VPC.\n" }, "dlqEventQueueArn": { "type": "string", "description": "The ARN of the dead-letter SQS queue.\n" }, "eventQueueArn": { "type": "string", "description": "The ARN of the SQS queue to receive S3 notifications from.\n" }, "exclusions": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns used to exclude from the crawl.\n" }, "path": { "type": "string", "description": "The path to the Amazon S3 target.\n" }, "sampleSize": { "type": "integer", "description": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.\n" } }, "type": "object", "required": [ "path" ] }, "aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy": { "properties": { "deleteBehavior": { "type": "string", "description": "The deletion behavior when the crawler finds a deleted object. Valid values: `LOG`, `DELETE_FROM_DATABASE`, or `DEPRECATE_IN_DATABASE`. Defaults to `DEPRECATE_IN_DATABASE`.\n" }, "updateBehavior": { "type": "string", "description": "The update behavior when the crawler finds a changed schema. Valid values: `LOG` or `UPDATE_IN_DATABASE`. Defaults to `UPDATE_IN_DATABASE`.\n" } }, "type": "object" }, "aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettings:DataCatalogEncryptionSettingsDataCatalogEncryptionSettings": { "properties": { "connectionPasswordEncryption": { "$ref": "#/types/aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryption:DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryption", "description": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of CreateConnection or UpdateConnection and store it in the ENCRYPTED_PASSWORD field in the connection properties. You can enable catalog encryption or only password encryption. see Connection Password Encryption.\n" }, "encryptionAtRest": { "$ref": "#/types/aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest:DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest", "description": "Specifies the encryption-at-rest configuration for the Data Catalog. see Encryption At Rest.\n" } }, "type": "object", "required": [ "connectionPasswordEncryption", "encryptionAtRest" ] }, "aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryption:DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryption": { "properties": { "awsKmsKeyId": { "type": "string", "description": "A KMS key ARN that is used to encrypt the connection password. If connection password protection is enabled, the caller of CreateConnection and UpdateConnection needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog.\n" }, "returnConnectionPasswordEncrypted": { "type": "boolean", "description": "When set to `true`, passwords remain encrypted in the responses of GetConnection and GetConnections. This encryption takes effect independently of the catalog encryption.\n" } }, "type": "object", "required": [ "returnConnectionPasswordEncrypted" ] }, "aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest:DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest": { "properties": { "catalogEncryptionMode": { "type": "string", "description": "The encryption-at-rest mode for encrypting Data Catalog data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-KMS-WITH-SERVICE-ROLE`.\n" }, "catalogEncryptionServiceRole": { "type": "string", "description": "The ARN of the AWS IAM role used for accessing encrypted Data Catalog data.\n" }, "sseAwsKmsKeyId": { "type": "string", "description": "The ARN of the AWS KMS key to use for encryption at rest.\n" } }, "type": "object", "required": [ "catalogEncryptionMode" ] }, "aws:glue/DataQualityRulesetTargetTable:DataQualityRulesetTargetTable": { "properties": { "catalogId": { "type": "string", "description": "The catalog id where the AWS Glue table exists.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the database where the AWS Glue table exists.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "Name of the AWS Glue table.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName", "tableName" ] }, "aws:glue/JobCommand:JobCommand": { "properties": { "name": { "type": "string", "description": "The name of the job command. Defaults to `glueetl`. Use `pythonshell` for Python Shell Job Type, `glueray` for Ray Job Type, or `gluestreaming` for Streaming Job Type. `max_capacity` needs to be set if `pythonshell` is chosen.\n" }, "pythonVersion": { "type": "string", "description": "The Python version being used to execute a Python shell job. Allowed values are 2, 3 or 3.9. Version 3 refers to Python 3.6.\n" }, "runtime": { "type": "string", "description": "In Ray jobs, runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html#author-job-ray-runtimes) in the Glue Developer Guide.\n" }, "scriptLocation": { "type": "string", "description": "Specifies the S3 path to a script that executes a job.\n" } }, "type": "object", "required": [ "scriptLocation" ], "language": { "nodejs": { "requiredOutputs": [ "pythonVersion", "runtime", "scriptLocation" ] } } }, "aws:glue/JobExecutionProperty:JobExecutionProperty": { "properties": { "maxConcurrentRuns": { "type": "integer", "description": "The maximum number of concurrent runs allowed for a job. The default is 1.\n" } }, "type": "object" }, "aws:glue/JobNotificationProperty:JobNotificationProperty": { "properties": { "notifyDelayAfter": { "type": "integer", "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification.\n" } }, "type": "object" }, "aws:glue/MLTransformInputRecordTable:MLTransformInputRecordTable": { "properties": { "catalogId": { "type": "string", "description": "A unique identifier for the AWS Glue Data Catalog.\n" }, "connectionName": { "type": "string", "description": "The name of the connection to the AWS Glue Data Catalog.\n" }, "databaseName": { "type": "string", "description": "A database name in the AWS Glue Data Catalog.\n" }, "tableName": { "type": "string", "description": "A table name in the AWS Glue Data Catalog.\n" } }, "type": "object", "required": [ "databaseName", "tableName" ] }, "aws:glue/MLTransformParameters:MLTransformParameters": { "properties": { "findMatchesParameters": { "$ref": "#/types/aws:glue/MLTransformParametersFindMatchesParameters:MLTransformParametersFindMatchesParameters", "description": "The parameters for the find matches algorithm. see Find Matches Parameters.\n" }, "transformType": { "type": "string", "description": "The type of machine learning transform. For information about the types of machine learning transforms, see [Creating Machine Learning Transforms](http://docs.aws.amazon.com/glue/latest/dg/add-job-machine-learning-transform.html).\n" } }, "type": "object", "required": [ "findMatchesParameters", "transformType" ] }, "aws:glue/MLTransformParametersFindMatchesParameters:MLTransformParametersFindMatchesParameters": { "properties": { "accuracyCostTradeOff": { "type": "number", "description": "The value that is selected when tuning your transform for a balance between accuracy and cost.\n" }, "enforceProvidedLabels": { "type": "boolean", "description": "The value to switch on or off to force the output to match the provided labels from users.\n" }, "precisionRecallTradeOff": { "type": "number", "description": "The value selected when tuning your transform for a balance between precision and recall.\n" }, "primaryKeyColumnName": { "type": "string", "description": "The name of a column that uniquely identifies rows in the source table.\n" } }, "type": "object" }, "aws:glue/MLTransformSchema:MLTransformSchema": { "properties": { "dataType": { "type": "string", "description": "The type of data in the column.\n" }, "name": { "type": "string", "description": "The name you assign to this ML Transform. It must be unique in your account.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dataType", "name" ] } } }, "aws:glue/PartitionIndexPartitionIndex:PartitionIndexPartitionIndex": { "properties": { "indexName": { "type": "string", "description": "Name of the partition index.\n", "willReplaceOnChanges": true }, "indexStatus": { "type": "string" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "Keys for the partition index.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "indexStatus" ] } } }, "aws:glue/PartitionStorageDescriptor:PartitionStorageDescriptor": { "properties": { "bucketColumns": { "type": "array", "items": { "type": "string" }, "description": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.\n" }, "columns": { "type": "array", "items": { "$ref": "#/types/aws:glue/PartitionStorageDescriptorColumn:PartitionStorageDescriptorColumn" }, "description": "A list of the Columns in the table.\n" }, "compressed": { "type": "boolean", "description": "True if the data in the table is compressed, or False if not.\n" }, "inputFormat": { "type": "string", "description": "The input format: SequenceFileInputFormat (binary), or TextInputFormat, or a custom format.\n" }, "location": { "type": "string", "description": "The physical location of the table. By default this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.\n" }, "numberOfBuckets": { "type": "integer", "description": "Must be specified if the table contains any dimension columns.\n" }, "outputFormat": { "type": "string", "description": "The output format: SequenceFileOutputFormat (binary), or IgnoreKeyTextOutputFormat, or a custom format.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-supplied properties in key-value form.\n" }, "serDeInfo": { "$ref": "#/types/aws:glue/PartitionStorageDescriptorSerDeInfo:PartitionStorageDescriptorSerDeInfo", "description": "Serialization/deserialization (SerDe) information.\n" }, "skewedInfo": { "$ref": "#/types/aws:glue/PartitionStorageDescriptorSkewedInfo:PartitionStorageDescriptorSkewedInfo", "description": "Information about values that appear very frequently in a column (skewed values).\n" }, "sortColumns": { "type": "array", "items": { "$ref": "#/types/aws:glue/PartitionStorageDescriptorSortColumn:PartitionStorageDescriptorSortColumn" }, "description": "A list of Order objects specifying the sort order of each bucket in the table.\n" }, "storedAsSubDirectories": { "type": "boolean", "description": "True if the table data is stored in subdirectories, or False if not.\n" } }, "type": "object" }, "aws:glue/PartitionStorageDescriptorColumn:PartitionStorageDescriptorColumn": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n" }, "name": { "type": "string" }, "type": { "type": "string", "description": "The datatype of data in the Column.\n" } }, "type": "object", "required": [ "name" ] }, "aws:glue/PartitionStorageDescriptorSerDeInfo:PartitionStorageDescriptorSerDeInfo": { "properties": { "name": { "type": "string", "description": "Name of the SerDe.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of initialization parameters for the SerDe, in key-value form.\n" }, "serializationLibrary": { "type": "string", "description": "Usually the class that implements the SerDe. An example is: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe.\n" } }, "type": "object" }, "aws:glue/PartitionStorageDescriptorSkewedInfo:PartitionStorageDescriptorSkewedInfo": { "properties": { "skewedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "A list of names of columns that contain skewed values.\n" }, "skewedColumnValueLocationMaps": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of values that appear so frequently as to be considered skewed.\n" }, "skewedColumnValues": { "type": "array", "items": { "type": "string" }, "description": "A map of skewed values to the columns that contain them.\n" } }, "type": "object" }, "aws:glue/PartitionStorageDescriptorSortColumn:PartitionStorageDescriptorSortColumn": { "properties": { "column": { "type": "string", "description": "The name of the column.\n" }, "sortOrder": { "type": "integer", "description": "Indicates that the column is sorted in ascending order (== 1), or in descending order (==0).\n" } }, "type": "object", "required": [ "column", "sortOrder" ] }, "aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration": { "properties": { "cloudwatchEncryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationCloudwatchEncryption:SecurityConfigurationEncryptionConfigurationCloudwatchEncryption", "willReplaceOnChanges": true }, "jobBookmarksEncryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption:SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption", "willReplaceOnChanges": true }, "s3Encryption": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfigurationS3Encryption:SecurityConfigurationEncryptionConfigurationS3Encryption", "description": "A `s3_encryption ` block as described below, which contains encryption configuration for S3 data.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "cloudwatchEncryption", "jobBookmarksEncryption", "s3Encryption" ] }, "aws:glue/SecurityConfigurationEncryptionConfigurationCloudwatchEncryption:SecurityConfigurationEncryptionConfigurationCloudwatchEncryption": { "properties": { "cloudwatchEncryptionMode": { "type": "string", "description": "Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:glue/SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption:SecurityConfigurationEncryptionConfigurationJobBookmarksEncryption": { "properties": { "jobBookmarksEncryptionMode": { "type": "string", "description": "Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:glue/SecurityConfigurationEncryptionConfigurationS3Encryption:SecurityConfigurationEncryptionConfigurationS3Encryption": { "properties": { "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n", "willReplaceOnChanges": true }, "s3EncryptionMode": { "type": "string", "description": "Encryption mode to use for S3 data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-S3`. Default value: `DISABLED`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:glue/TriggerAction:TriggerAction": { "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Arguments to be passed to the job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.\n" }, "crawlerName": { "type": "string", "description": "The name of the crawler to be executed. Conflicts with `job_name`.\n" }, "jobName": { "type": "string", "description": "The name of a job to be executed. Conflicts with `crawler_name`.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/TriggerActionNotificationProperty:TriggerActionNotificationProperty", "description": "Specifies configuration properties of a job run notification. See Notification Property details below.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration structure to be used with this action.\n" }, "timeout": { "type": "integer", "description": "The job run timeout in minutes. It overrides the timeout value of the job.\n" } }, "type": "object" }, "aws:glue/TriggerActionNotificationProperty:TriggerActionNotificationProperty": { "properties": { "notifyDelayAfter": { "type": "integer", "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification.\n" } }, "type": "object" }, "aws:glue/TriggerEventBatchingCondition:TriggerEventBatchingCondition": { "properties": { "batchSize": { "type": "integer", "description": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.\n" }, "batchWindow": { "type": "integer", "description": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received. Default value is `900`.\n" } }, "type": "object", "required": [ "batchSize" ] }, "aws:glue/TriggerPredicate:TriggerPredicate": { "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerPredicateCondition:TriggerPredicateCondition" }, "description": "A list of the conditions that determine when the trigger will fire. See Conditions.\n" }, "logical": { "type": "string", "description": "How to handle multiple conditions. Defaults to `AND`. Valid values are `AND` or `ANY`.\n" } }, "type": "object", "required": [ "conditions" ] }, "aws:glue/TriggerPredicateCondition:TriggerPredicateCondition": { "properties": { "crawlState": { "type": "string", "description": "The condition crawl state. Currently, the values supported are `RUNNING`, `SUCCEEDED`, `CANCELLED`, and `FAILED`. If this is specified, `crawler_name` must also be specified. Conflicts with `state`.\n" }, "crawlerName": { "type": "string", "description": "The name of the crawler to watch. If this is specified, `crawl_state` must also be specified. Conflicts with `job_name`.\n" }, "jobName": { "type": "string", "description": "The name of the job to watch. If this is specified, `state` must also be specified. Conflicts with `crawler_name`.\n" }, "logicalOperator": { "type": "string", "description": "A logical operator. Defaults to `EQUALS`.\n" }, "state": { "type": "string", "description": "The condition job state. Currently, the values supported are `SUCCEEDED`, `STOPPED`, `TIMEOUT` and `FAILED`. If this is specified, `job_name` must also be specified. Conflicts with `crawler_state`.\n" } }, "type": "object" }, "aws:glue/UserDefinedFunctionResourceUri:UserDefinedFunctionResourceUri": { "properties": { "resourceType": { "type": "string", "description": "The type of the resource. can be one of `JAR`, `FILE`, and `ARCHIVE`.\n" }, "uri": { "type": "string", "description": "The URI for accessing the resource.\n" } }, "type": "object", "required": [ "resourceType", "uri" ] }, "aws:glue/getCatalogTablePartitionIndex:getCatalogTablePartitionIndex": { "properties": { "indexName": { "type": "string", "description": "Name of the partition index.\n" }, "indexStatus": { "type": "string" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "Keys for the partition index.\n" } }, "type": "object", "required": [ "indexName", "indexStatus", "keys" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTablePartitionKey:getCatalogTablePartitionKey": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n" }, "name": { "type": "string", "description": "Name of the table.\n" }, "type": { "type": "string", "description": "Datatype of data in the Column.\n" } }, "type": "object", "required": [ "comment", "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptor:getCatalogTableStorageDescriptor": { "properties": { "additionalLocations": { "type": "array", "items": { "type": "string" }, "description": "List of locations that point to the path where a Delta table is located\n" }, "bucketColumns": { "type": "array", "items": { "type": "string" }, "description": "List of reducer grouping columns, clustering columns, and bucketing columns in the table.\n" }, "columns": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorColumn:getCatalogTableStorageDescriptorColumn" }, "description": "Configuration block for columns in the table. See `columns` below.\n" }, "compressed": { "type": "boolean", "description": "Whether the data in the table is compressed.\n" }, "inputFormat": { "type": "string", "description": "Input format: SequenceFileInputFormat (binary), or TextInputFormat, or a custom format.\n" }, "location": { "type": "string", "description": "Physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.\n" }, "numberOfBuckets": { "type": "integer", "description": "Is if the table contains any dimension columns.\n" }, "outputFormat": { "type": "string", "description": "Output format: SequenceFileOutputFormat (binary), or IgnoreKeyTextOutputFormat, or a custom format.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of initialization parameters for the SerDe, in key-value form.\n" }, "schemaReferences": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorSchemaReference:getCatalogTableStorageDescriptorSchemaReference" }, "description": "Object that references a schema stored in the AWS Glue Schema Registry. See `schema_reference` below.\n" }, "serDeInfos": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorSerDeInfo:getCatalogTableStorageDescriptorSerDeInfo" }, "description": "Configuration block for serialization and deserialization (\"SerDe\") information. See `ser_de_info` below.\n" }, "skewedInfos": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorSkewedInfo:getCatalogTableStorageDescriptorSkewedInfo" }, "description": "Configuration block with information about values that appear very frequently in a column (skewed values). See `skewed_info` below.\n" }, "sortColumns": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorSortColumn:getCatalogTableStorageDescriptorSortColumn" }, "description": "Configuration block for the sort order of each bucket in the table. See `sort_columns` below.\n" }, "storedAsSubDirectories": { "type": "boolean", "description": "Whether the table data is stored in subdirectories.\n" } }, "type": "object", "required": [ "additionalLocations", "bucketColumns", "columns", "compressed", "inputFormat", "location", "numberOfBuckets", "outputFormat", "parameters", "schemaReferences", "serDeInfos", "skewedInfos", "sortColumns", "storedAsSubDirectories" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorColumn:getCatalogTableStorageDescriptorColumn": { "properties": { "comment": { "type": "string", "description": "Free-form text comment.\n" }, "name": { "type": "string", "description": "Name of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of initialization parameters for the SerDe, in key-value form.\n" }, "type": { "type": "string", "description": "Datatype of data in the Column.\n" } }, "type": "object", "required": [ "comment", "name", "parameters", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorSchemaReference:getCatalogTableStorageDescriptorSchemaReference": { "properties": { "schemaIds": { "type": "array", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptorSchemaReferenceSchemaId:getCatalogTableStorageDescriptorSchemaReferenceSchemaId" }, "description": "Configuration block that contains schema identity fields. See `schema_id` below.\n" }, "schemaVersionId": { "type": "string", "description": "Unique ID assigned to a version of the schema.\n" }, "schemaVersionNumber": { "type": "integer", "description": "Version number of the schema.\n" } }, "type": "object", "required": [ "schemaIds", "schemaVersionId", "schemaVersionNumber" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorSchemaReferenceSchemaId:getCatalogTableStorageDescriptorSchemaReferenceSchemaId": { "properties": { "registryName": { "type": "string", "description": "Name of the schema registry that contains the schema.\n" }, "schemaArn": { "type": "string", "description": "ARN of the schema.\n" }, "schemaName": { "type": "string", "description": "Name of the schema.\n" } }, "type": "object", "required": [ "registryName", "schemaArn", "schemaName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorSerDeInfo:getCatalogTableStorageDescriptorSerDeInfo": { "properties": { "name": { "type": "string", "description": "Name of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of initialization parameters for the SerDe, in key-value form.\n" }, "serializationLibrary": { "type": "string", "description": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe`.\n" } }, "type": "object", "required": [ "name", "parameters", "serializationLibrary" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorSkewedInfo:getCatalogTableStorageDescriptorSkewedInfo": { "properties": { "skewedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "List of names of columns that contain skewed values.\n" }, "skewedColumnValueLocationMaps": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of values that appear so frequently as to be considered skewed.\n" }, "skewedColumnValues": { "type": "array", "items": { "type": "string" }, "description": "Map of skewed values to the columns that contain them.\n" } }, "type": "object", "required": [ "skewedColumnNames", "skewedColumnValueLocationMaps", "skewedColumnValues" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableStorageDescriptorSortColumn:getCatalogTableStorageDescriptorSortColumn": { "properties": { "column": { "type": "string", "description": "Name of the column.\n" }, "sortOrder": { "type": "integer", "description": "Whether the column is sorted in ascending (`1`) or descending order (`0`).\n" } }, "type": "object", "required": [ "column", "sortOrder" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getCatalogTableTargetTable:getCatalogTableTargetTable": { "properties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database where the table metadata resides. If omitted, this defaults to the current AWS Account ID.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides.\n" }, "name": { "type": "string", "description": "Name of the table.\n" }, "region": { "type": "string", "description": "Region of the target table.\n" } }, "type": "object", "required": [ "catalogId", "databaseName", "name", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getConnectionPhysicalConnectionRequirement:getConnectionPhysicalConnectionRequirement": { "properties": { "availabilityZone": { "type": "string" }, "securityGroupIdLists": { "type": "array", "items": { "type": "string" } }, "subnetId": { "type": "string" } }, "type": "object", "required": [ "availabilityZone", "securityGroupIdLists", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSetting:getDataCatalogEncryptionSettingsDataCatalogEncryptionSetting": { "properties": { "connectionPasswordEncryptions": { "type": "array", "items": { "$ref": "#/types/aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingConnectionPasswordEncryption:getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingConnectionPasswordEncryption" }, "description": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of CreateConnection or UpdateConnection and store it in the ENCRYPTED_PASSWORD field in the connection properties. You can enable catalog encryption or only password encryption. see Connection Password Encryption.\n" }, "encryptionAtRests": { "type": "array", "items": { "$ref": "#/types/aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest:getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest" }, "description": "Encryption-at-rest configuration for the Data Catalog. see Encryption At Rest.\n" } }, "type": "object", "required": [ "connectionPasswordEncryptions", "encryptionAtRests" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingConnectionPasswordEncryption:getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingConnectionPasswordEncryption": { "properties": { "awsKmsKeyId": { "type": "string", "description": "KMS key ARN that is used to encrypt the connection password.\n" }, "returnConnectionPasswordEncrypted": { "type": "boolean", "description": "When set to `true`, passwords remain encrypted in the responses of GetConnection and GetConnections. This encryption takes effect independently of the catalog encryption.\n" } }, "type": "object", "required": [ "awsKmsKeyId", "returnConnectionPasswordEncrypted" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest:getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest": { "properties": { "catalogEncryptionMode": { "type": "string", "description": "The encryption-at-rest mode for encrypting Data Catalog data.\n" }, "catalogEncryptionServiceRole": { "type": "string", "description": "The ARN of the AWS IAM role used for accessing encrypted Data Catalog data.\n" }, "sseAwsKmsKeyId": { "type": "string", "description": "ARN of the AWS KMS key to use for encryption at rest.\n" } }, "type": "object", "required": [ "catalogEncryptionMode", "catalogEncryptionServiceRole", "sseAwsKmsKeyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:glue/getScriptDagEdge:getScriptDagEdge": { "properties": { "source": { "type": "string", "description": "ID of the node at which the edge starts.\n" }, "target": { "type": "string", "description": "ID of the node at which the edge ends.\n" }, "targetParameter": { "type": "string", "description": "Target of the edge.\n" } }, "type": "object", "required": [ "source", "target" ] }, "aws:glue/getScriptDagNode:getScriptDagNode": { "properties": { "args": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagNodeArg:getScriptDagNodeArg" }, "description": "Nested configuration an argument or property of a node. Defined below.\n" }, "id": { "type": "string", "description": "Node identifier that is unique within the node's graph.\n" }, "lineNumber": { "type": "integer", "description": "Line number of the node.\n" }, "nodeType": { "type": "string", "description": "Type of node this is.\n" } }, "type": "object", "required": [ "args", "id", "nodeType" ] }, "aws:glue/getScriptDagNodeArg:getScriptDagNodeArg": { "properties": { "name": { "type": "string", "description": "Name of the argument or property.\n" }, "param": { "type": "boolean", "description": "Boolean if the value is used as a parameter. Defaults to `false`.\n" }, "value": { "type": "string", "description": "Value of the argument or property.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:grafana/WorkspaceNetworkAccessControl:WorkspaceNetworkAccessControl": { "properties": { "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "An array of prefix list IDs.\n" }, "vpceIds": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon VPC endpoint IDs for the workspace. The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the com.amazonaws.[region].grafana-workspace service endpoint). Other VPC endpoints will be ignored.\n" } }, "type": "object", "required": [ "prefixListIds", "vpceIds" ] }, "aws:grafana/WorkspaceVpcConfiguration:WorkspaceVpcConfiguration": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ] }, "aws:guardduty/DetectorDatasources:DetectorDatasources": { "properties": { "kubernetes": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesKubernetes:DetectorDatasourcesKubernetes", "description": "Configures [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).\nSee Kubernetes and Kubernetes Audit Logs below for more details.\n" }, "malwareProtection": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesMalwareProtection:DetectorDatasourcesMalwareProtection", "description": "Configures [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html).\nSee Malware Protection, Scan EC2 instance with findings and EBS volumes below for more details.\n" }, "s3Logs": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesS3Logs:DetectorDatasourcesS3Logs", "description": "Configures [S3 protection](https://docs.aws.amazon.com/guardduty/latest/ug/s3-protection.html).\nSee S3 Logs below for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kubernetes", "malwareProtection", "s3Logs" ] } } }, "aws:guardduty/DetectorDatasourcesKubernetes:DetectorDatasourcesKubernetes": { "properties": { "auditLogs": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesKubernetesAuditLogs:DetectorDatasourcesKubernetesAuditLogs", "description": "Configures Kubernetes audit logs as a data source for [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).\nSee Kubernetes Audit Logs below for more details.\n" } }, "type": "object", "required": [ "auditLogs" ] }, "aws:guardduty/DetectorDatasourcesKubernetesAuditLogs:DetectorDatasourcesKubernetesAuditLogs": { "properties": { "enable": { "type": "boolean", "description": "If true, enables Kubernetes audit logs as a data source for [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).\nDefaults to `true`.\n" } }, "type": "object", "required": [ "enable" ] }, "aws:guardduty/DetectorDatasourcesMalwareProtection:DetectorDatasourcesMalwareProtection": { "properties": { "scanEc2InstanceWithFindings": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindings:DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindings", "description": "Configure whether [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) is enabled as data source for EC2 instances with findings for the detector.\nSee Scan EC2 instance with findings below for more details.\n" } }, "type": "object", "required": [ "scanEc2InstanceWithFindings" ] }, "aws:guardduty/DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindings:DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindings": { "properties": { "ebsVolumes": { "$ref": "#/types/aws:guardduty/DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes:DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes", "description": "Configure whether scanning EBS volumes is enabled as data source for the detector for instances with findings.\nSee EBS volumes below for more details.\n" } }, "type": "object", "required": [ "ebsVolumes" ] }, "aws:guardduty/DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes:DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes": { "properties": { "enable": { "type": "boolean", "description": "If true, enables [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) as data source for the detector.\nDefaults to `true`.\n" } }, "type": "object", "required": [ "enable" ] }, "aws:guardduty/DetectorDatasourcesS3Logs:DetectorDatasourcesS3Logs": { "properties": { "enable": { "type": "boolean", "description": "If true, enables [S3 protection](https://docs.aws.amazon.com/guardduty/latest/ug/s3-protection.html).\nDefaults to `true`.\n" } }, "type": "object", "required": [ "enable" ] }, "aws:guardduty/DetectorFeatureAdditionalConfiguration:DetectorFeatureAdditionalConfiguration": { "properties": { "name": { "type": "string", "description": "The name of the additional configuration for a feature. Valid values: `EKS_ADDON_MANAGEMENT`, `ECS_FARGATE_AGENT_MANAGEMENT`, `EC2_AGENT_MANAGEMENT`. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorAdditionalConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the additional configuration. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object", "required": [ "name", "status" ] }, "aws:guardduty/FilterFindingCriteria:FilterFindingCriteria": { "properties": { "criterions": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/FilterFindingCriteriaCriterion:FilterFindingCriteriaCriterion" } } }, "type": "object", "required": [ "criterions" ] }, "aws:guardduty/FilterFindingCriteriaCriterion:FilterFindingCriteriaCriterion": { "properties": { "equals": { "type": "array", "items": { "type": "string" }, "description": "List of string values to be evaluated.\n" }, "field": { "type": "string", "description": "The name of the field to be evaluated. The full list of field names can be found in [AWS documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria).\n" }, "greaterThan": { "type": "string", "description": "A value to be evaluated. Accepts either an integer or a date in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "greaterThanOrEqual": { "type": "string", "description": "A value to be evaluated. Accepts either an integer or a date in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "lessThan": { "type": "string", "description": "A value to be evaluated. Accepts either an integer or a date in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "lessThanOrEqual": { "type": "string", "description": "A value to be evaluated. Accepts either an integer or a date in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "notEquals": { "type": "array", "items": { "type": "string" }, "description": "List of string values to be evaluated.\n" } }, "type": "object", "required": [ "field" ] }, "aws:guardduty/MalwareProtectionPlanAction:MalwareProtectionPlanAction": { "properties": { "taggings": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanActionTagging:MalwareProtectionPlanActionTagging" }, "description": "Indicates whether the scanned S3 object will have tags about the scan result. See `tagging` below.\n" } }, "type": "object", "required": [ "taggings" ] }, "aws:guardduty/MalwareProtectionPlanActionTagging:MalwareProtectionPlanActionTagging": { "properties": { "status": { "type": "string", "description": "Indicates whether or not the tags will added. Valid values are `DISABLED` and `ENABLED`. Defaults to `DISABLED`\n" } }, "type": "object", "required": [ "status" ] }, "aws:guardduty/MalwareProtectionPlanProtectedResource:MalwareProtectionPlanProtectedResource": { "properties": { "s3Bucket": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanProtectedResourceS3Bucket:MalwareProtectionPlanProtectedResourceS3Bucket", "description": "Information about the protected S3 bucket resource. See `s3_bucket` below.\n" } }, "type": "object" }, "aws:guardduty/MalwareProtectionPlanProtectedResourceS3Bucket:MalwareProtectionPlanProtectedResourceS3Bucket": { "properties": { "bucketName": { "type": "string", "description": "Name of the S3 bucket.\n" }, "objectPrefixes": { "type": "array", "items": { "type": "string" }, "description": "The list of object prefixes that specify the S3 objects that will be scanned.\n" } }, "type": "object", "required": [ "bucketName" ], "language": { "nodejs": { "requiredOutputs": [ "bucketName", "objectPrefixes" ] } } }, "aws:guardduty/OrganizationConfigurationDatasources:OrganizationConfigurationDatasources": { "properties": { "kubernetes": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesKubernetes:OrganizationConfigurationDatasourcesKubernetes", "description": "Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.\n" }, "malwareProtection": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtection:OrganizationConfigurationDatasourcesMalwareProtection", "description": "Enable Malware Protection automatically for new member accounts.\n" }, "s3Logs": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesS3Logs:OrganizationConfigurationDatasourcesS3Logs", "description": "Enable S3 Protection automatically for new member accounts.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kubernetes", "malwareProtection", "s3Logs" ] } } }, "aws:guardduty/OrganizationConfigurationDatasourcesKubernetes:OrganizationConfigurationDatasourcesKubernetes": { "properties": { "auditLogs": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesKubernetesAuditLogs:OrganizationConfigurationDatasourcesKubernetesAuditLogs", "description": "Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).\nSee Kubernetes Audit Logs below for more details.\n" } }, "type": "object", "required": [ "auditLogs" ] }, "aws:guardduty/OrganizationConfigurationDatasourcesKubernetesAuditLogs:OrganizationConfigurationDatasourcesKubernetesAuditLogs": { "properties": { "enable": { "type": "boolean", "description": "If true, enables Kubernetes audit logs as a data source for [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).\nDefaults to `true`.\n" } }, "type": "object", "required": [ "enable" ] }, "aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtection:OrganizationConfigurationDatasourcesMalwareProtection": { "properties": { "scanEc2InstanceWithFindings": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindings:OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindings", "description": "Configure whether [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) for EC2 instances with findings should be auto-enabled for new members joining the organization.\nSee Scan EC2 instance with findings below for more details.\n" } }, "type": "object", "required": [ "scanEc2InstanceWithFindings" ] }, "aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindings:OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindings": { "properties": { "ebsVolumes": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes:OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes", "description": "Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization\nSee EBS volumes below for more details.\n" } }, "type": "object", "required": [ "ebsVolumes" ] }, "aws:guardduty/OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes:OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes": { "properties": { "autoEnable": { "type": "boolean", "description": "If true, enables [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) for all new accounts joining the organization.\nDefaults to `true`.\n" } }, "type": "object", "required": [ "autoEnable" ] }, "aws:guardduty/OrganizationConfigurationDatasourcesS3Logs:OrganizationConfigurationDatasourcesS3Logs": { "properties": { "autoEnable": { "type": "boolean", "description": "Set to `true` if you want S3 data event logs to be automatically enabled for new members of the organization. Default: `false`\n" } }, "type": "object", "required": [ "autoEnable" ] }, "aws:guardduty/OrganizationConfigurationFeatureAdditionalConfiguration:OrganizationConfigurationFeatureAdditionalConfiguration": { "properties": { "autoEnable": { "type": "string", "description": "The status of the additional configuration that will be configured for the organization. Valid values: `NEW`, `ALL`, `NONE`.\n" }, "name": { "type": "string", "description": "The name of the additional configuration for a feature that will be configured for the organization. Valid values: `EKS_ADDON_MANAGEMENT`, `ECS_FARGATE_AGENT_MANAGEMENT`, `EC2_AGENT_MANAGEMENT`. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorAdditionalConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "autoEnable", "name" ] }, "aws:guardduty/getDetectorFeature:getDetectorFeature": { "properties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/getDetectorFeatureAdditionalConfiguration:getDetectorFeatureAdditionalConfiguration" }, "description": "Additional feature configuration.\n" }, "name": { "type": "string", "description": "The name of the detector feature.\n" }, "status": { "type": "string", "description": "Current status of the detector.\n" } }, "type": "object", "required": [ "additionalConfigurations", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:guardduty/getDetectorFeatureAdditionalConfiguration:getDetectorFeatureAdditionalConfiguration": { "properties": { "name": { "type": "string", "description": "The name of the detector feature.\n" }, "status": { "type": "string", "description": "Current status of the detector.\n" } }, "type": "object", "required": [ "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/ManagedPolicy:ManagedPolicy": { "type": "string", "enum": [ { "name": "APIGatewayServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy" }, { "name": "AWSAccountActivityAccess", "value": "arn:aws:iam::aws:policy/AWSAccountActivityAccess" }, { "name": "AWSAccountManagementFullAccess", "value": "arn:aws:iam::aws:policy/AWSAccountManagementFullAccess" }, { "name": "AWSAccountManagementReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess" }, { "name": "AWSAccountUsageReportAccess", "value": "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess" }, { "name": "AWSAgentlessDiscoveryService", "value": "arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService" }, { "name": "AWSAppFabricFullAccess", "value": "arn:aws:iam::aws:policy/AWSAppFabricFullAccess" }, { "name": "AWSAppFabricReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSAppFabricReadOnlyAccess" }, { "name": "AWSAppFabricServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAppFabricServiceRolePolicy" }, { "name": "AWSAppMeshEnvoyAccess", "value": "arn:aws:iam::aws:policy/AWSAppMeshEnvoyAccess" }, { "name": "AWSAppMeshFullAccess", "value": "arn:aws:iam::aws:policy/AWSAppMeshFullAccess" }, { "name": "AWSAppMeshPreviewEnvoyAccess", "value": "arn:aws:iam::aws:policy/AWSAppMeshPreviewEnvoyAccess" }, { "name": "AWSAppMeshPreviewServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshPreviewServiceRolePolicy" }, { "name": "AWSAppMeshReadOnly", "value": "arn:aws:iam::aws:policy/AWSAppMeshReadOnly" }, { "name": "AWSAppMeshServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy" }, { "name": "AWSAppRunnerFullAccess", "value": "arn:aws:iam::aws:policy/AWSAppRunnerFullAccess" }, { "name": "AWSAppRunnerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSAppRunnerReadOnlyAccess" }, { "name": "AWSAppRunnerServicePolicyForECRAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSAppRunnerServicePolicyForECRAccess" }, { "name": "AWSAppSyncAdministrator", "value": "arn:aws:iam::aws:policy/AWSAppSyncAdministrator" }, { "name": "AWSAppSyncInvokeFullAccess", "value": "arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess" }, { "name": "AWSAppSyncPushToCloudWatchLogs", "value": "arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs" }, { "name": "AWSAppSyncSchemaAuthor", "value": "arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor" }, { "name": "AWSAppSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAppSyncServiceRolePolicy" }, { "name": "AWSApplicationAutoScalingCustomResourcePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy" }, { "name": "AWSApplicationAutoscalingAppStreamFleetPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy" }, { "name": "AWSApplicationAutoscalingCassandraTablePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingCassandraTablePolicy" }, { "name": "AWSApplicationAutoscalingComprehendEndpointPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy" }, { "name": "AWSApplicationAutoscalingDynamoDBTablePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy" }, { "name": "AWSApplicationAutoscalingEC2SpotFleetRequestPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy" }, { "name": "AWSApplicationAutoscalingECSServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy" }, { "name": "AWSApplicationAutoscalingEMRInstanceGroupPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy" }, { "name": "AWSApplicationAutoscalingElastiCacheRGPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingElastiCacheRGPolicy" }, { "name": "AWSApplicationAutoscalingKafkaClusterPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingKafkaClusterPolicy" }, { "name": "AWSApplicationAutoscalingLambdaConcurrencyPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy" }, { "name": "AWSApplicationAutoscalingNeptuneClusterPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingNeptuneClusterPolicy" }, { "name": "AWSApplicationAutoscalingRDSClusterPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy" }, { "name": "AWSApplicationAutoscalingSageMakerEndpointPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy" }, { "name": "AWSApplicationDiscoveryAgentAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess" }, { "name": "AWSApplicationDiscoveryAgentlessCollectorAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentlessCollectorAccess" }, { "name": "AWSApplicationDiscoveryServiceFullAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess" }, { "name": "AWSApplicationMigrationAgentInstallationPolicy", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationAgentInstallationPolicy" }, { "name": "AWSApplicationMigrationAgentPolicy", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationAgentPolicy" }, { "name": "AWSApplicationMigrationAgentPolicy_v2", "value": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationAgentPolicy_v2" }, { "name": "AWSApplicationMigrationConversionServerPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationConversionServerPolicy" }, { "name": "AWSApplicationMigrationEC2Access", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationEC2Access" }, { "name": "AWSApplicationMigrationFullAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationFullAccess" }, { "name": "AWSApplicationMigrationMGHAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationMGHAccess" }, { "name": "AWSApplicationMigrationReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationReadOnlyAccess" }, { "name": "AWSApplicationMigrationReplicationServerPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationReplicationServerPolicy" }, { "name": "AWSApplicationMigrationSSMAccess", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationSSMAccess" }, { "name": "AWSApplicationMigrationServiceEc2InstancePolicy", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationServiceEc2InstancePolicy" }, { "name": "AWSApplicationMigrationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationMigrationServiceRolePolicy" }, { "name": "AWSApplicationMigrationVCenterClientPolicy", "value": "arn:aws:iam::aws:policy/AWSApplicationMigrationVCenterClientPolicy" }, { "name": "AWSArtifactAccountSync", "value": "arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync" }, { "name": "AWSArtifactReportsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSArtifactReportsReadOnlyAccess" }, { "name": "AWSArtifactServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSArtifactServiceRolePolicy" }, { "name": "AWSAuditManagerAdministratorAccess", "value": "arn:aws:iam::aws:policy/AWSAuditManagerAdministratorAccess" }, { "name": "AWSAuditManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy" }, { "name": "AWSAutoScalingPlansEC2AutoScalingPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy" }, { "name": "AWSBackupAuditAccess", "value": "arn:aws:iam::aws:policy/AWSBackupAuditAccess" }, { "name": "AWSBackupDataTransferAccess", "value": "arn:aws:iam::aws:policy/AWSBackupDataTransferAccess" }, { "name": "AWSBackupFullAccess", "value": "arn:aws:iam::aws:policy/AWSBackupFullAccess" }, { "name": "AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync", "value": "arn:aws:iam::aws:policy/service-role/AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync" }, { "name": "AWSBackupOperatorAccess", "value": "arn:aws:iam::aws:policy/AWSBackupOperatorAccess" }, { "name": "AWSBackupOrganizationAdminAccess", "value": "arn:aws:iam::aws:policy/AWSBackupOrganizationAdminAccess" }, { "name": "AWSBackupRestoreAccessForSAPHANA", "value": "arn:aws:iam::aws:policy/AWSBackupRestoreAccessForSAPHANA" }, { "name": "AWSBackupServiceLinkedRolePolicyForBackup", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackup" }, { "name": "AWSBackupServiceLinkedRolePolicyForBackupTest", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackupTest" }, { "name": "AWSBackupServiceRolePolicyForBackup", "value": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup" }, { "name": "AWSBackupServiceRolePolicyForRestores", "value": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores" }, { "name": "AWSBackupServiceRolePolicyForS3Backup", "value": "arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Backup" }, { "name": "AWSBackupServiceRolePolicyForS3Restore", "value": "arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Restore" }, { "name": "AWSBatchFullAccess", "value": "arn:aws:iam::aws:policy/AWSBatchFullAccess" }, { "name": "AWSBatchServiceEventTargetRole", "value": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole" }, { "name": "AWSBatchServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole" }, { "name": "AWSBillingConductorFullAccess", "value": "arn:aws:iam::aws:policy/AWSBillingConductorFullAccess" }, { "name": "AWSBillingConductorReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSBillingConductorReadOnlyAccess" }, { "name": "AWSBillingReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess" }, { "name": "AWSBudgetsActionsWithAWSResourceControlAccess", "value": "arn:aws:iam::aws:policy/AWSBudgetsActionsWithAWSResourceControlAccess" }, { "name": "AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM", "value": "arn:aws:iam::aws:policy/AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM" }, { "name": "AWSBudgetsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSBudgetsReadOnlyAccess" }, { "name": "AWSBugBustFullAccess", "value": "arn:aws:iam::aws:policy/AWSBugBustFullAccess" }, { "name": "AWSBugBustPlayerAccess", "value": "arn:aws:iam::aws:policy/AWSBugBustPlayerAccess" }, { "name": "AWSBugBustServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSBugBustServiceRolePolicy" }, { "name": "AWSCertificateManagerFullAccess", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess" }, { "name": "AWSCertificateManagerPrivateCAAuditor", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor" }, { "name": "AWSCertificateManagerPrivateCAFullAccess", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess" }, { "name": "AWSCertificateManagerPrivateCAPrivilegedUser", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAPrivilegedUser" }, { "name": "AWSCertificateManagerPrivateCAReadOnly", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly" }, { "name": "AWSCertificateManagerPrivateCAUser", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser" }, { "name": "AWSCertificateManagerReadOnly", "value": "arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly" }, { "name": "AWSChatbotServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSChatbotServiceLinkedRolePolicy" }, { "name": "AWSCleanRoomsFullAccess", "value": "arn:aws:iam::aws:policy/AWSCleanRoomsFullAccess" }, { "name": "AWSCleanRoomsFullAccessNoQuerying", "value": "arn:aws:iam::aws:policy/AWSCleanRoomsFullAccessNoQuerying" }, { "name": "AWSCleanRoomsMLFullAccess", "value": "arn:aws:iam::aws:policy/AWSCleanRoomsMLFullAccess" }, { "name": "AWSCleanRoomsMLReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCleanRoomsMLReadOnlyAccess" }, { "name": "AWSCleanRoomsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCleanRoomsReadOnlyAccess" }, { "name": "AWSCloud9Administrator", "value": "arn:aws:iam::aws:policy/AWSCloud9Administrator" }, { "name": "AWSCloud9EnvironmentMember", "value": "arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember" }, { "name": "AWSCloud9SSMInstanceProfile", "value": "arn:aws:iam::aws:policy/AWSCloud9SSMInstanceProfile" }, { "name": "AWSCloud9ServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy" }, { "name": "AWSCloud9User", "value": "arn:aws:iam::aws:policy/AWSCloud9User" }, { "name": "AWSCloudFormationFullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudFormationFullAccess" }, { "name": "AWSCloudFormationReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess" }, { "name": "AWSCloudFrontLogger", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger" }, { "name": "AWSCloudHSMFullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess" }, { "name": "AWSCloudHSMReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess" }, { "name": "AWSCloudHSMRole", "value": "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole" }, { "name": "AWSCloudTrailFullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudTrailFullAccess", "deprecationMessage": "No longer supported. Use CloudTrail_FullAccess instead." }, { "name": "AWSCloudTrailReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess", "deprecationMessage": "No longer supported. Use CloudTrail_ReadOnlyAccess instead." }, { "name": "AWSCloudWatchLambdaInsightsExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/AWSCloudWatchLambdaInsightsExecutionRolePolicy", "deprecationMessage": "No longer supported. Use CloudWatchLambdaInsightsExecutionRolePolicy instead." }, { "name": "AWSCloudMapDiscoverInstanceAccess", "value": "arn:aws:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess" }, { "name": "AWSCloudMapFullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudMapFullAccess" }, { "name": "AWSCloudMapReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCloudMapReadOnlyAccess" }, { "name": "AWSCloudMapRegisterInstanceAccess", "value": "arn:aws:iam::aws:policy/AWSCloudMapRegisterInstanceAccess" }, { "name": "AWSCloudShellFullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudShellFullAccess" }, { "name": "CloudTrail_FullAccess", "value": "arn:aws:iam::aws:policy/AWSCloudTrail_FullAccess" }, { "name": "CloudTrail_ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCloudTrail_ReadOnlyAccess" }, { "name": "AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy" }, { "name": "AWSCodeArtifactAdminAccess", "value": "arn:aws:iam::aws:policy/AWSCodeArtifactAdminAccess" }, { "name": "AWSCodeArtifactReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCodeArtifactReadOnlyAccess" }, { "name": "AWSCodeBuildAdminAccess", "value": "arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess" }, { "name": "AWSCodeBuildDeveloperAccess", "value": "arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess" }, { "name": "AWSCodeBuildReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess" }, { "name": "AWSCodeCommitFullAccess", "value": "arn:aws:iam::aws:policy/AWSCodeCommitFullAccess" }, { "name": "AWSCodeCommitPowerUser", "value": "arn:aws:iam::aws:policy/AWSCodeCommitPowerUser" }, { "name": "AWSCodeCommitReadOnly", "value": "arn:aws:iam::aws:policy/AWSCodeCommitReadOnly" }, { "name": "AWSCodeDeployDeployerAccess", "value": "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess" }, { "name": "AWSCodeDeployFullAccess", "value": "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess" }, { "name": "AWSCodeDeployReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess" }, { "name": "AWSCodeDeployRole", "value": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole" }, { "name": "AWSCodeDeployRoleForCloudFormation", "value": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForCloudFormation" }, { "name": "AWSCodeDeployRoleForECS", "value": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS" }, { "name": "AWSCodeDeployRoleForECSLimited", "value": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECSLimited" }, { "name": "AWSCodeDeployRoleForLambda", "value": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda" }, { "name": "AWSCodeDeployRoleForLambdaLimited", "value": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited" }, { "name": "AWSCodePipelineApproverAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess" }, { "name": "AWSCodePipelineCustomActionAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess" }, { "name": "AWSCodePipelineFullAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipelineFullAccess", "deprecationMessage": "No longer supported. Use CodePipeline_FullAccess instead." }, { "name": "AWSCodePipelineReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess", "deprecationMessage": "No longer supported. Use CodePipeline_ReadOnlyAccess instead." }, { "name": "CodePipeline_FullAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipeline_FullAccess" }, { "name": "CodePipeline_ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSCodePipeline_ReadOnlyAccess" }, { "name": "AWSCodeStarFullAccess", "value": "arn:aws:iam::aws:policy/AWSCodeStarFullAccess" }, { "name": "AWSCodeStarNotificationsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSCodeStarNotificationsServiceRolePolicy" }, { "name": "AWSCodeStarServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole" }, { "name": "AWS_ConfigRole", "value": "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole" }, { "name": "AWSConfigRole", "value": "arn:aws:iam::aws:policy/service-role/AWSConfigRole", "deprecationMessage": "This has been deprecated in favour of `AWS_ConfigRole`" }, { "name": "AWSCompromisedKeyQuarantine", "value": "arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantine" }, { "name": "AWSCompromisedKeyQuarantineV2", "value": "arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantineV2" }, { "name": "AWSConfigMultiAccountSetupPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigMultiAccountSetupPolicy" }, { "name": "AWSConfigRemediationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigRemediationServiceRolePolicy" }, { "name": "AWSConfigRoleForOrganizations", "value": "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations" }, { "name": "AWSConfigRulesExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole" }, { "name": "AWSConfigServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy" }, { "name": "AWSConfigUserAccess", "value": "arn:aws:iam::aws:policy/AWSConfigUserAccess" }, { "name": "AWSConnector", "value": "arn:aws:iam::aws:policy/AWSConnector" }, { "name": "AWSControlTowerAccountServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSControlTowerAccountServiceRolePolicy" }, { "name": "AWSControlTowerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy" }, { "name": "AWSCostAndUsageReportAutomationPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSCostAndUsageReportAutomationPolicy" }, { "name": "AWSDMSFleetAdvisorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDMSFleetAdvisorServiceRolePolicy" }, { "name": "AWSDMSServerlessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDMSServerlessServiceRolePolicy" }, { "name": "AWSDataExchangeFullAccess", "value": "arn:aws:iam::aws:policy/AWSDataExchangeFullAccess" }, { "name": "AWSDataExchangeProviderFullAccess", "value": "arn:aws:iam::aws:policy/AWSDataExchangeProviderFullAccess" }, { "name": "AWSDataExchangeReadOnly", "value": "arn:aws:iam::aws:policy/AWSDataExchangeReadOnly" }, { "name": "AWSDataExchangeSubscriberFullAccess", "value": "arn:aws:iam::aws:policy/AWSDataExchangeSubscriberFullAccess" }, { "name": "AWSDataLifecycleManagerSSMFullAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerSSMFullAccess" }, { "name": "AWSDataLifecycleManagerServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole" }, { "name": "AWSDataLifecycleManagerServiceRoleForAMIManagement", "value": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRoleForAMIManagement" }, { "name": "AWSDataPipelineRole", "value": "arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AWSDataPipeline_FullAccess", "value": "arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess" }, { "name": "AWSDataPipeline_PowerUser", "value": "arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser" }, { "name": "AWSDataSyncDiscoveryServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDataSyncDiscoveryServiceRolePolicy" }, { "name": "AWSDataSyncFullAccess", "value": "arn:aws:iam::aws:policy/AWSDataSyncFullAccess" }, { "name": "AWSDataSyncReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSDataSyncReadOnlyAccess" }, { "name": "AWSDeepLensLambdaFunctionAccessPolicy", "value": "arn:aws:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy" }, { "name": "AWSDeepLensServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy" }, { "name": "AWSDeepRacerAccountAdminAccess", "value": "arn:aws:iam::aws:policy/AWSDeepRacerAccountAdminAccess" }, { "name": "AWSDeepRacerCloudFormationAccessPolicy", "value": "arn:aws:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy" }, { "name": "AWSDeepRacerDefaultMultiUserAccess", "value": "arn:aws:iam::aws:policy/AWSDeepRacerDefaultMultiUserAccess" }, { "name": "AWSDeepRacerFullAccess", "value": "arn:aws:iam::aws:policy/AWSDeepRacerFullAccess" }, { "name": "AWSDeepRacerRoboMakerAccessPolicy", "value": "arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy" }, { "name": "AWSDeepRacerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy" }, { "name": "AWSDenyAll", "value": "arn:aws:iam::aws:policy/AWSDenyAll" }, { "name": "AWSDeviceFarmFullAccess", "value": "arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess" }, { "name": "AWSDeviceFarmServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmServiceRolePolicy" }, { "name": "AWSDeviceFarmTestGridServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmTestGridServiceRolePolicy" }, { "name": "AWSDirectConnectFullAccess", "value": "arn:aws:iam::aws:policy/AWSDirectConnectFullAccess" }, { "name": "AWSDirectConnectReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess" }, { "name": "AWSDirectConnectServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy" }, { "name": "AWSDirectoryServiceFullAccess", "value": "arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess" }, { "name": "AWSDirectoryServiceReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess" }, { "name": "AWSDiscoveryContinuousExportFirehosePolicy", "value": "arn:aws:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy" }, { "name": "AWSEC2CapacityReservationFleetRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2CapacityReservationFleetRolePolicy" }, { "name": "AWSEC2FleetServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy" }, { "name": "AWSEC2SpotFleetServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy" }, { "name": "AWSEC2SpotServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy" }, { "name": "AWSECRPullThroughCache_ServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy" }, { "name": "AWSElasticBeanstalkCustomPlatformforEC2Role", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role" }, { "name": "AWSElasticBeanstalkEnhancedHealth", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth" }, { "name": "AWSElasticBeanstalkFullAccess", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess", "deprecationMessage": "This policy is deprecated. Please use the AWS managed policy AdministratorAccess-AWSElasticBeanstalk instead." }, { "name": "AWSElasticBeanstalkMaintenance", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance" }, { "name": "AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy" }, { "name": "AWSElasticBeanstalkManagedUpdatesServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy" }, { "name": "AWSElasticBeanstalkMulticontainerDocker", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker" }, { "name": "AWSElasticBeanstalkReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess", "deprecationMessage": "This policy is deprecated. Please use the AWS managed policy AWSElasticBeanstalkReadOnly instead." }, { "name": "AWSElasticBeanstalkReadOnly", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnly" }, { "name": "AWSElasticBeanstalkRoleCWL", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCWL" }, { "name": "AWSElasticBeanstalkRoleCore", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCore" }, { "name": "AWSElasticBeanstalkRoleECS", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleECS" }, { "name": "AWSElasticBeanstalkRoleRDS", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleRDS" }, { "name": "AWSElasticBeanstalkRoleSNS", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleSNS" }, { "name": "AWSElasticBeanstalkRoleWorkerTier", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleWorkerTier" }, { "name": "AWSElasticBeanstalkService", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService" }, { "name": "AWSElasticBeanstalkServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy" }, { "name": "AWSElasticBeanstalkWebTier", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier" }, { "name": "AWSElasticBeanstakWorkerTier", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier", "deprecationMessage": "This has been deprecated in favour of `AWSElasticBeanstalkWorkerTier`" }, { "name": "AWSElasticBeanstalkWorkerTier", "value": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier" }, { "name": "AWSElasticDisasterRecoveryAgentInstallationPolicy", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryAgentInstallationPolicy" }, { "name": "AWSElasticDisasterRecoveryAgentPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy" }, { "name": "AWSElasticDisasterRecoveryConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess" }, { "name": "AWSElasticDisasterRecoveryConsoleFullAccess_v2", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess_v2" }, { "name": "AWSElasticDisasterRecoveryConversionServerPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy" }, { "name": "AWSElasticDisasterRecoveryCrossAccountReplicationPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryCrossAccountReplicationPolicy" }, { "name": "AWSElasticDisasterRecoveryEc2InstancePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryEc2InstancePolicy" }, { "name": "AWSElasticDisasterRecoveryFailbackInstallationPolicy", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryFailbackInstallationPolicy" }, { "name": "AWSElasticDisasterRecoveryFailbackPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy" }, { "name": "AWSElasticDisasterRecoveryLaunchActionsPolicy", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryLaunchActionsPolicy" }, { "name": "AWSElasticDisasterRecoveryNetworkReplicationPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryNetworkReplicationPolicy" }, { "name": "AWSElasticDisasterRecoveryReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryReadOnlyAccess" }, { "name": "AWSElasticDisasterRecoveryRecoveryInstancePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy" }, { "name": "AWSElasticDisasterRecoveryReplicationServerPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy" }, { "name": "AWSElasticDisasterRecoveryServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticDisasterRecoveryServiceRolePolicy" }, { "name": "AWSElasticDisasterRecoveryStagingAccountPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy" }, { "name": "AWSElasticDisasterRecoveryStagingAccountPolicy_v2", "value": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy_v2" }, { "name": "AWSElasticLoadBalancingClassicServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy" }, { "name": "AWSElasticLoadBalancingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy" }, { "name": "AWSElementalMediaConvertFullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaConvertFullAccess" }, { "name": "AWSElementalMediaConvertReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaConvertReadOnly" }, { "name": "AWSElementalMediaLiveFullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaLiveFullAccess" }, { "name": "AWSElementalMediaLiveReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaLiveReadOnly" }, { "name": "AWSElementalMediaPackageFullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaPackageFullAccess" }, { "name": "AWSElementalMediaPackageReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaPackageReadOnly" }, { "name": "AWSElementalMediaPackageV2FullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaPackageV2FullAccess" }, { "name": "AWSElementalMediaPackageV2ReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaPackageV2ReadOnly" }, { "name": "AWSElementalMediaStoreFullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaStoreFullAccess" }, { "name": "AWSElementalMediaStoreReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaStoreReadOnly" }, { "name": "AWSElementalMediaTailorFullAccess", "value": "arn:aws:iam::aws:policy/AWSElementalMediaTailorFullAccess" }, { "name": "AWSElementalMediaTailorReadOnly", "value": "arn:aws:iam::aws:policy/AWSElementalMediaTailorReadOnly" }, { "name": "AWSEnhancedClassicNetworkingMangementPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy" }, { "name": "AWSEntityResolutionConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSEntityResolutionConsoleFullAccess" }, { "name": "AWSEntityResolutionConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSEntityResolutionConsoleReadOnlyAccess" }, { "name": "AWSFMAdminFullAccess", "value": "arn:aws:iam::aws:policy/AWSFMAdminFullAccess" }, { "name": "AWSFMAdminReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSFMAdminReadOnlyAccess" }, { "name": "AWSFMMemberReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSFMMemberReadOnlyAccess" }, { "name": "AWSFaultInjectionSimulatorEC2Access", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEC2Access" }, { "name": "AWSFaultInjectionSimulatorECSAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorECSAccess" }, { "name": "AWSFaultInjectionSimulatorEKSAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEKSAccess" }, { "name": "AWSFaultInjectionSimulatorNetworkAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorNetworkAccess" }, { "name": "AWSFaultInjectionSimulatorRDSAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorRDSAccess" }, { "name": "AWSFaultInjectionSimulatorSSMAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorSSMAccess" }, { "name": "AWSFinSpaceServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSFinSpaceServiceRolePolicy" }, { "name": "AWSForWordPressPluginPolicy", "value": "arn:aws:iam::aws:policy/AWSForWordPressPluginPolicy" }, { "name": "AWSGitSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSGitSyncServiceRolePolicy" }, { "name": "AWSGlobalAcceleratorSLRPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy" }, { "name": "AWSGlueConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSGlueConsoleFullAccess" }, { "name": "AWSGlueConsoleSageMakerNotebookFullAccess", "value": "arn:aws:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess" }, { "name": "AWSGlueDataBrewServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole" }, { "name": "AWSGlueSchemaRegistryFullAccess", "value": "arn:aws:iam::aws:policy/AWSGlueSchemaRegistryFullAccess" }, { "name": "AWSGlueSchemaRegistryReadonlyAccess", "value": "arn:aws:iam::aws:policy/AWSGlueSchemaRegistryReadonlyAccess" }, { "name": "AWSGlueServiceNotebookRole", "value": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceNotebookRole" }, { "name": "AWSGlueServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole" }, { "name": "AWSGrafanaAccountAdministrator", "value": "arn:aws:iam::aws:policy/AWSGrafanaAccountAdministrator" }, { "name": "AWSGrafanaConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSGrafanaConsoleReadOnlyAccess" }, { "name": "AWSGrafanaWorkspacePermissionManagement", "value": "arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagement" }, { "name": "AWSGrafanaWorkspacePermissionManagementV2", "value": "arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagementV2" }, { "name": "AWSGreengrassFullAccess", "value": "arn:aws:iam::aws:policy/AWSGreengrassFullAccess" }, { "name": "AWSGreengrassFullccess", "value": "arn:aws:iam::aws:policy/AWSGreengrassFullAccess", "deprecationMessage": "Please use AWSGreengrassFullAccess instead" }, { "name": "AWSGreengrassReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSGreengrassReadOnlyAccess" }, { "name": "AWSGreengrassResourceAccessRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy" }, { "name": "AWSGroundStationAgentInstancePolicy", "value": "arn:aws:iam::aws:policy/AWSGroundStationAgentInstancePolicy" }, { "name": "AWSHealthFullAccess", "value": "arn:aws:iam::aws:policy/AWSHealthFullAccess" }, { "name": "AWSHealthImagingFullAccess", "value": "arn:aws:iam::aws:policy/AWSHealthImagingFullAccess" }, { "name": "AWSHealthImagingReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSHealthImagingReadOnlyAccess" }, { "name": "AWSHealth_EventProcessorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSHealth_EventProcessorServiceRolePolicy" }, { "name": "AWSIAMIdentityCenterAllowListForIdentityContext", "value": "arn:aws:iam::aws:policy/AWSIAMIdentityCenterAllowListForIdentityContext" }, { "name": "AWSIPAMServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIPAMServiceRolePolicy" }, { "name": "AWSIQContractServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIQContractServiceRolePolicy" }, { "name": "AWSIQFullAccess", "value": "arn:aws:iam::aws:policy/AWSIQFullAccess" }, { "name": "AWSIQPermissionServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIQPermissionServiceRolePolicy" }, { "name": "AWSIdentitySyncFullAccess", "value": "arn:aws:iam::aws:policy/AWSIdentitySyncFullAccess" }, { "name": "AWSIdentitySyncReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIdentitySyncReadOnlyAccess" }, { "name": "AWSImageBuilderFullAccess", "value": "arn:aws:iam::aws:policy/AWSImageBuilderFullAccess" }, { "name": "AWSImageBuilderReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSImageBuilderReadOnlyAccess" }, { "name": "AWSImportExportFullAccess", "value": "arn:aws:iam::aws:policy/AWSImportExportFullAccess" }, { "name": "AWSImportExportReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess" }, { "name": "AWSIncidentManagerIncidentAccessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/AWSIncidentManagerIncidentAccessServiceRolePolicy" }, { "name": "AWSIncidentManagerResolverAccess", "value": "arn:aws:iam::aws:policy/AWSIncidentManagerResolverAccess" }, { "name": "AWSIncidentManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIncidentManagerServiceRolePolicy" }, { "name": "AWSIoT1ClickFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoT1ClickFullAccess" }, { "name": "AWSIoT1ClickReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoT1ClickReadOnlyAccess" }, { "name": "AWSIoTAnalyticsFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTAnalyticsFullAccess" }, { "name": "AWSIoTAnalyticsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess" }, { "name": "AWSIoTConfigAccess", "value": "arn:aws:iam::aws:policy/AWSIoTConfigAccess" }, { "name": "AWSIoTConfigReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess" }, { "name": "AWSIoTDataAccess", "value": "arn:aws:iam::aws:policy/AWSIoTDataAccess" }, { "name": "AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction" }, { "name": "AWSIoTDeviceDefenderAudit", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit" }, { "name": "AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction" }, { "name": "AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction" }, { "name": "AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction" }, { "name": "AWSIoTDeviceDefenderUpdateCACertMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction" }, { "name": "AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction" }, { "name": "AWSIoTDeviceTesterForFreeRTOSFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTDeviceTesterForFreeRTOSFullAccess" }, { "name": "AWSIoTDeviceTesterForGreengrassFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTDeviceTesterForGreengrassFullAccess" }, { "name": "AWSIoTEventsFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTEventsFullAccess" }, { "name": "AWSIoTEventsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoTEventsReadOnlyAccess" }, { "name": "AWSIoTFleetHubFederationAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTFleetHubFederationAccess" }, { "name": "AWSIoTFleetwiseServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTFleetwiseServiceRolePolicy" }, { "name": "AWSIoTFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTFullAccess" }, { "name": "AWSIoTLogging", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTLogging" }, { "name": "AWSIoTOTAUpdate", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTOTAUpdate" }, { "name": "AWSIoTRuleActions", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions" }, { "name": "AWSIoTSiteWiseConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess" }, { "name": "AWSIoTSiteWiseFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTSiteWiseFullAccess" }, { "name": "AWSIoTSiteWiseMonitorPortalAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTSiteWiseMonitorPortalAccess" }, { "name": "AWSIoTSiteWiseMonitorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy" }, { "name": "AWSIoTSiteWiseReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess" }, { "name": "AWSIoTThingsRegistration", "value": "arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration" }, { "name": "AWSIoTTwinMakerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTTwinMakerServiceRolePolicy" }, { "name": "AWSIoTWirelessDataAccess", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessDataAccess" }, { "name": "AWSIoTWirelessFullAccess", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessFullAccess" }, { "name": "AWSIoTWirelessFullPublishAccess", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessFullPublishAccess" }, { "name": "AWSIoTWirelessGatewayCertManager", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessGatewayCertManager" }, { "name": "AWSIoTWirelessLogging", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessLogging" }, { "name": "AWSIoTWirelessReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSIoTWirelessReadOnlyAccess" }, { "name": "AWSIotRoboRunnerFullAccess", "value": "arn:aws:iam::aws:policy/AWSIotRoboRunnerFullAccess" }, { "name": "AWSIotRoboRunnerReadOnly", "value": "arn:aws:iam::aws:policy/AWSIotRoboRunnerReadOnly" }, { "name": "AWSIotRoboRunnerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSIotRoboRunnerServiceRolePolicy" }, { "name": "AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy" }, { "name": "AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy" }, { "name": "AWSKeyManagementServicePowerUser", "value": "arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser" }, { "name": "AWSLakeFormationCrossAccountManager", "value": "arn:aws:iam::aws:policy/AWSLakeFormationCrossAccountManager" }, { "name": "AWSLakeFormationDataAdmin", "value": "arn:aws:iam::aws:policy/AWSLakeFormationDataAdmin" }, { "name": "AWSLambdaBasicExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" }, { "name": "AWSLambdaDynamoDBExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole" }, { "name": "AWSLambdaENIManagementAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess" }, { "name": "AWSLambdaExecute", "value": "arn:aws:iam::aws:policy/AWSLambdaExecute" }, { "name": "AWSLambdaFullAccess", "value": "arn:aws:iam::aws:policy/AWSLambdaFullAccess", "deprecationMessage": "This has been deprecated in favour of `LambdaFullAccess`" }, { "name": "LambdaFullAccess", "value": "arn:aws:iam::aws:policy/AWSLambda_FullAccess" }, { "name": "AWSLambdaInvocationDynamoDB", "value": "arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB" }, { "name": "AWSLambdaKinesisExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole" }, { "name": "AWSLambdaReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess", "deprecationMessage": "This has been deprecated in favour of `LambdaReadOnlyAccess`" }, { "name": "LambdaReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess" }, { "name": "AWSLambdaMSKExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaMSKExecutionRole" }, { "name": "AWSLambdaReplicator", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLambdaReplicator" }, { "name": "AWSLambdaRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaRole" }, { "name": "AWSLambdaSQSQueueExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole" }, { "name": "AWSLambdaVPCAccessExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" }, { "name": "AWSLicenseManagerConsumptionPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy" }, { "name": "AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy" }, { "name": "AWSLicenseManagerMasterAccountRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy" }, { "name": "AWSLicenseManagerMemberAccountRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy" }, { "name": "AWSLicenseManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy" }, { "name": "AWSLicenseManagerUserSubscriptionsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy" }, { "name": "AWSM2ServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSM2ServicePolicy" }, { "name": "AWSMSKReplicatorExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AWSMSKReplicatorExecutionRole" }, { "name": "AWSManagedServicesDeploymentToolkitPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServicesDeploymentToolkitPolicy" }, { "name": "AWSManagedServices_ContactsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_ContactsServiceRolePolicy" }, { "name": "AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy" }, { "name": "AWSManagedServices_EventsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_EventsServiceRolePolicy" }, { "name": "AWSMarketplaceAmiIngestion", "value": "arn:aws:iam::aws:policy/AWSMarketplaceAmiIngestion" }, { "name": "AWSMarketplaceDeploymentServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceDeploymentServiceRolePolicy" }, { "name": "AWSMarketplaceFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceFullAccess" }, { "name": "AWSMarketplaceGetEntitlements", "value": "arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements" }, { "name": "AWSMarketplaceImageBuildFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceImageBuildFullAccess" }, { "name": "AWSMarketplaceLicenseManagementServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceLicenseManagementServiceRolePolicy" }, { "name": "AWSMarketplaceManageSubscriptions", "value": "arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions" }, { "name": "AWSMarketplaceMeteringFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess" }, { "name": "AWSMarketplaceMeteringRegisterUsage", "value": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage" }, { "name": "AWSMarketplaceProcurementSystemAdminFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceProcurementSystemAdminFullAccess" }, { "name": "AWSMarketplacePurchaseOrdersServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplacePurchaseOrdersServiceRolePolicy" }, { "name": "AWSMarketplaceReadonly", "value": "arn:aws:iam::aws:policy/AWSMarketplaceRead-only" }, { "name": "AWSMarketplaceResaleAuthorizationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceResaleAuthorizationServiceRolePolicy" }, { "name": "AWSMarketplaceSellerFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess" }, { "name": "AWSMarketplaceSellerProductsFullAccess", "value": "arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsFullAccess" }, { "name": "AWSMarketplaceSellerProductsReadOnly", "value": "arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsReadOnly" }, { "name": "AWSMediaConnectServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMediaConnectServicePolicy" }, { "name": "AWSMediaTailorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMediaTailorServiceRolePolicy" }, { "name": "AWSMigrationHubDMSAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDMSAccess" }, { "name": "AWSMigrationHubDiscoveryAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess" }, { "name": "AWSMigrationHubFullAccess", "value": "arn:aws:iam::aws:policy/AWSMigrationHubFullAccess" }, { "name": "AWSMigrationHubOrchestratorConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess" }, { "name": "AWSMigrationHubOrchestratorInstanceRolePolicy", "value": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy" }, { "name": "AWSMigrationHubOrchestratorPlugin", "value": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorPlugin" }, { "name": "AWSMigrationHubOrchestratorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubOrchestratorServiceRolePolicy" }, { "name": "AWSMigrationHubRefactorSpacesEnvironmentsWithoutBridgesFullAccess", "value": "arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess" }, { "name": "AWSMigrationHubRefactorSpacesSSMAutomationPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubRefactorSpaces-SSMAutomationPolicy" }, { "name": "AWSMigrationHubRefactorSpacesFullAccess", "value": "arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpacesFullAccess" }, { "name": "AWSMigrationHubRefactorSpacesServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubRefactorSpacesServiceRolePolicy" }, { "name": "AWSMigrationHubSMSAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubSMSAccess" }, { "name": "AWSMigrationHubStrategyCollector", "value": "arn:aws:iam::aws:policy/AWSMigrationHubStrategyCollector" }, { "name": "AWSMigrationHubStrategyConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess" }, { "name": "AWSMigrationHubStrategyServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubStrategyServiceRolePolicy" }, { "name": "AWSMobileHub_FullAccess", "value": "arn:aws:iam::aws:policy/AWSMobileHub_FullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AWSMobileHub_ReadOnly", "value": "arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AWSMobileHub_ServiceUseOnly", "value": "arn:aws:iam::aws:policy/service-role/AWSMobileHub_ServiceUseOnly", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AWSNetworkFirewallServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkFirewallServiceRolePolicy" }, { "name": "AWSNetworkManagerCloudWANServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerCloudWANServiceRolePolicy" }, { "name": "AWSNetworkManagerFullAccess", "value": "arn:aws:iam::aws:policy/AWSNetworkManagerFullAccess" }, { "name": "AWSNetworkManagerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSNetworkManagerReadOnlyAccess" }, { "name": "AWSNetworkManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerServiceRolePolicy" }, { "name": "AWSOpsWorksCMInstanceProfileRole", "value": "arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole" }, { "name": "AWSOpsWorksCMServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole" }, { "name": "AWSOpsWorksCloudWatchLogs", "value": "arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs" }, { "name": "AWSOpsWorksFullAccess", "value": "arn:aws:iam::aws:policy/AWSOpsWorksFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Please use OpsWorks_FullAccess instead." }, { "name": "AWSOpsWorksInstanceRegistration", "value": "arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration" }, { "name": "AWSOpsWorksRegisterCLI", "value": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksRegisterCLI_EC2 or AWSOpsWorksRegisterCLI_OnPremises instead." }, { "name": "AWSOpsWorksRole", "value": "arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksCMServiceRole instead." }, { "name": "AWSQuickSightDescribeRD", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Please use AWSQuickSightDescribeRDS instead." }, { "name": "AWSOpsWorksRegisterCLI_EC2", "value": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_EC2" }, { "name": "AWSOpsWorksRegisterCLI_OnPremises", "value": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_OnPremises" }, { "name": "OpsWorks_FullAccess", "value": "arn:aws:iam::aws:policy/AWSOpsWorks_FullAccess" }, { "name": "AWSOrganizationsFullAccess", "value": "arn:aws:iam::aws:policy/AWSOrganizationsFullAccess" }, { "name": "AWSOrganizationsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSOrganizationsReadOnlyAccess" }, { "name": "AWSOrganizationsServiceTrustPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy" }, { "name": "AWSOutpostsAuthorizeServerPolicy", "value": "arn:aws:iam::aws:policy/AWSOutpostsAuthorizeServerPolicy" }, { "name": "AWSOutpostsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSOutpostsServiceRolePolicy" }, { "name": "AWSPanoramaApplianceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceRolePolicy" }, { "name": "AWSPanoramaApplianceServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceServiceRolePolicy" }, { "name": "AWSPanoramaFullAccess", "value": "arn:aws:iam::aws:policy/AWSPanoramaFullAccess" }, { "name": "AWSPanoramaGreengrassGroupRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSPanoramaGreengrassGroupRolePolicy" }, { "name": "AWSPanoramaSageMakerRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSPanoramaSageMakerRolePolicy" }, { "name": "AWSPanoramaServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy" }, { "name": "AWSPanoramaServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSPanoramaServiceRolePolicy" }, { "name": "AWSPriceListServiceFullAccess", "value": "arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess" }, { "name": "AWSPrivateCAAuditor", "value": "arn:aws:iam::aws:policy/AWSPrivateCAAuditor" }, { "name": "AWSPrivateCAFullAccess", "value": "arn:aws:iam::aws:policy/AWSPrivateCAFullAccess" }, { "name": "AWSPrivateCAPrivilegedUser", "value": "arn:aws:iam::aws:policy/AWSPrivateCAPrivilegedUser" }, { "name": "AWSPrivateCAReadOnly", "value": "arn:aws:iam::aws:policy/AWSPrivateCAReadOnly" }, { "name": "AWSPrivateCAUser", "value": "arn:aws:iam::aws:policy/AWSPrivateCAUser" }, { "name": "AWSPrivateMarketplaceAdminFullAccess", "value": "arn:aws:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess" }, { "name": "AWSPrivateMarketplaceRequests", "value": "arn:aws:iam::aws:policy/AWSPrivateMarketplaceRequests" }, { "name": "AWSPrivateNetworksServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSPrivateNetworksServiceRolePolicy" }, { "name": "AWSProtonCodeBuildProvisioningBasicAccess", "value": "arn:aws:iam::aws:policy/AWSProtonCodeBuildProvisioningBasicAccess" }, { "name": "AWSProtonCodeBuildProvisioningServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonCodeBuildProvisioningServiceRolePolicy" }, { "name": "AWSProtonDeveloperAccess", "value": "arn:aws:iam::aws:policy/AWSProtonDeveloperAccess" }, { "name": "AWSProtonFullAccess", "value": "arn:aws:iam::aws:policy/AWSProtonFullAccess" }, { "name": "AWSProtonReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSProtonReadOnlyAccess" }, { "name": "AWSProtonServiceGitSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonServiceGitSyncServiceRolePolicy" }, { "name": "AWSProtonSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonSyncServiceRolePolicy" }, { "name": "AWSPurchaseOrdersServiceRolePolicy", "value": "arn:aws:iam::aws:policy/AWSPurchaseOrdersServiceRolePolicy" }, { "name": "AWSQuickSightDescribeRDS", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS" }, { "name": "AWSQuickSightDescribeRedshift", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift" }, { "name": "AWSQuickSightElasticsearchPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightElasticsearchPolicy" }, { "name": "AWSQuickSightIoTAnalyticsAccess", "value": "arn:aws:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess" }, { "name": "AWSQuickSightListIAM", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM" }, { "name": "AWSQuickSightSageMakerPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightSageMakerPolicy" }, { "name": "AWSQuickSightTimestreamPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSQuickSightTimestreamPolicy" }, { "name": "AWSQuicksightAthenaAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess" }, { "name": "AWSQuicksightOpenSearchPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSQuicksightOpenSearchPolicy" }, { "name": "AWSReachabilityAnalyzerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSReachabilityAnalyzerServiceRolePolicy" }, { "name": "AWSRefactoringToolkitFullAccess", "value": "arn:aws:iam::aws:policy/AWSRefactoringToolkitFullAccess" }, { "name": "AWSRefactoringToolkitSidecarPolicy", "value": "arn:aws:iam::aws:policy/AWSRefactoringToolkitSidecarPolicy" }, { "name": "AWSRepostSpaceSupportOperationsPolicy", "value": "arn:aws:iam::aws:policy/AWSRepostSpaceSupportOperationsPolicy" }, { "name": "AWSResilienceHubAsssessmentExecutionPolicy", "value": "arn:aws:iam::aws:policy/AWSResilienceHubAsssessmentExecutionPolicy" }, { "name": "AWSResourceAccessManagerFullAccess", "value": "arn:aws:iam::aws:policy/AWSResourceAccessManagerFullAccess" }, { "name": "AWSResourceAccessManagerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSResourceAccessManagerReadOnlyAccess" }, { "name": "AWSResourceAccessManagerResourceShareParticipantAccess", "value": "arn:aws:iam::aws:policy/AWSResourceAccessManagerResourceShareParticipantAccess" }, { "name": "AWSResourceAccessManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy" }, { "name": "AWSResourceExplorerFullAccess", "value": "arn:aws:iam::aws:policy/AWSResourceExplorerFullAccess" }, { "name": "AWSResourceExplorerOrganizationsAccess", "value": "arn:aws:iam::aws:policy/AWSResourceExplorerOrganizationsAccess" }, { "name": "AWSResourceExplorerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess" }, { "name": "AWSResourceExplorerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy" }, { "name": "AWSResourceGroupsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSResourceGroupsReadOnlyAccess" }, { "name": "AWSRoboMakerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSRoboMakerReadOnlyAccess" }, { "name": "AWSRoboMakerServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy" }, { "name": "AWSRoboMakerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/AWSRoboMakerServiceRolePolicy" }, { "name": "AWSRoboMaker_FullAccess", "value": "arn:aws:iam::aws:policy/AWSRoboMaker_FullAccess" }, { "name": "AWSRolesAnywhereServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSRolesAnywhereServicePolicy" }, { "name": "AWSS3OnOutpostsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSS3OnOutpostsServiceRolePolicy" }, { "name": "AWSSSMForSAPServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSSMForSAPServiceLinkedRolePolicy" }, { "name": "AWSSSMOpsInsightsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSSMOpsInsightsServiceRolePolicy" }, { "name": "AWSSSODirectoryAdministrator", "value": "arn:aws:iam::aws:policy/AWSSSODirectoryAdministrator" }, { "name": "AWSSSODirectoryReadOnly", "value": "arn:aws:iam::aws:policy/AWSSSODirectoryReadOnly" }, { "name": "AWSSSOMasterAccountAdministrator", "value": "arn:aws:iam::aws:policy/AWSSSOMasterAccountAdministrator" }, { "name": "AWSSSOMemberAccountAdministrator", "value": "arn:aws:iam::aws:policy/AWSSSOMemberAccountAdministrator" }, { "name": "AWSSSOReadOnly", "value": "arn:aws:iam::aws:policy/AWSSSOReadOnly" }, { "name": "AWSSSOServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy" }, { "name": "AWSSavingsPlansFullAccess", "value": "arn:aws:iam::aws:policy/AWSSavingsPlansFullAccess" }, { "name": "AWSSavingsPlansReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSSavingsPlansReadOnlyAccess" }, { "name": "AWSSecurityHubFullAccess", "value": "arn:aws:iam::aws:policy/AWSSecurityHubFullAccess" }, { "name": "AWSSecurityHubOrganizationsAccess", "value": "arn:aws:iam::aws:policy/AWSSecurityHubOrganizationsAccess" }, { "name": "AWSSecurityHubReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess" }, { "name": "AWSSecurityHubServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy" }, { "name": "AWSServiceCatalogAdminFullAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogAdminFullAccess" }, { "name": "AWSServiceCatalogAdminReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogAdminReadOnlyAccess" }, { "name": "AWSServiceCatalogAppRegistryFullAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryFullAccess" }, { "name": "AWSServiceCatalogAppRegistryReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryReadOnlyAccess" }, { "name": "AWSServiceCatalogAppRegistryServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogAppRegistryServiceRolePolicy" }, { "name": "AWSServiceCatalogEndUserFullAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess" }, { "name": "AWSServiceCatalogEndUserReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSServiceCatalogEndUserReadOnlyAccess" }, { "name": "AWSServiceCatalogOrgsDataSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogOrgsDataSyncServiceRolePolicy" }, { "name": "AWSServiceCatalogSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogSyncServiceRolePolicy" }, { "name": "AWSServiceRoleForAmazonEKSNodegroup", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonEKSNodegroup" }, { "name": "AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy" }, { "name": "AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy" }, { "name": "AWSServiceRoleForCodeGuruProfiler", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeGuru-Profiler" }, { "name": "AWSServiceRoleForCodeWhispererPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeWhispererPolicy" }, { "name": "AWSServiceRoleForEC2ScheduledInstances", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances" }, { "name": "AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy" }, { "name": "AWSServiceRoleForImageBuilder", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForImageBuilder" }, { "name": "AWSServiceRoleForIoTSiteWise", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise" }, { "name": "AWSServiceRoleForLogDeliveryPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForLogDeliveryPolicy" }, { "name": "AWSServiceRoleForMonitronPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForMonitronPolicy" }, { "name": "AWSServiceRoleForNeptuneGraphPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForNeptuneGraphPolicy" }, { "name": "AWSServiceRoleForPrivateMarketplaceAdminPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForPrivateMarketplaceAdminPolicy" }, { "name": "AWSServiceRoleForSMS", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForSMS" }, { "name": "AWSServiceRolePolicyForBackupReports", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupReports" }, { "name": "AWSServiceRolePolicyForBackupRestoreTesting", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupRestoreTesting" }, { "name": "AWSShieldDRTAccessPolicy", "value": "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy" }, { "name": "AWSShieldServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSShieldServiceRolePolicy" }, { "name": "AWSStepFunctionsConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess" }, { "name": "AWSStepFunctionsFullAccess", "value": "arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess" }, { "name": "AWSStepFunctionsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess" }, { "name": "AWSStorageGatewayFullAccess", "value": "arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess" }, { "name": "AWSStorageGatewayReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess" }, { "name": "AWSStorageGatewayServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSStorageGatewayServiceRolePolicy" }, { "name": "AWSSupplyChainFederationAdminAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSSupplyChainFederationAdminAccess" }, { "name": "AWSSupportAccess", "value": "arn:aws:iam::aws:policy/AWSSupportAccess" }, { "name": "AWSSupportAppFullAccess", "value": "arn:aws:iam::aws:policy/AWSSupportAppFullAccess" }, { "name": "AWSSupportAppReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSSupportAppReadOnlyAccess" }, { "name": "AWSSupportPlansFullAccess", "value": "arn:aws:iam::aws:policy/AWSSupportPlansFullAccess" }, { "name": "AWSSupportPlansReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSSupportPlansReadOnlyAccess" }, { "name": "AWSSupportServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy" }, { "name": "AWSSystemsManagerAccountDiscoveryServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy" }, { "name": "AWSSystemsManagerChangeManagementServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerChangeManagementServicePolicy" }, { "name": "AWSSystemsManagerForSAPFullAccess", "value": "arn:aws:iam::aws:policy/AWSSystemsManagerForSAPFullAccess" }, { "name": "AWSSystemsManagerForSAPReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSSystemsManagerForSAPReadOnlyAccess" }, { "name": "AWSSystemsManagerOpsDataSyncServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerOpsDataSyncServiceRolePolicy" }, { "name": "AWSThinkboxAWSPortalAdminPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy" }, { "name": "AWSThinkboxAWSPortalGatewayPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy" }, { "name": "AWSThinkboxAWSPortalWorkerPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalWorkerPolicy" }, { "name": "AWSThinkboxAssetServerPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxAssetServerPolicy" }, { "name": "AWSThinkboxDeadlineResourceTrackerAccessPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAccessPolicy" }, { "name": "AWSThinkboxDeadlineResourceTrackerAdminPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAdminPolicy" }, { "name": "AWSThinkboxDeadlineSpotEventPluginAdminPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginAdminPolicy" }, { "name": "AWSThinkboxDeadlineSpotEventPluginWorkerPolicy", "value": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginWorkerPolicy" }, { "name": "AWSTransferConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSTransferConsoleFullAccess" }, { "name": "AWSTransferFullAccess", "value": "arn:aws:iam::aws:policy/AWSTransferFullAccess" }, { "name": "AWSTransferLoggingAccess", "value": "arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess" }, { "name": "AWSTransferReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSTransferReadOnlyAccess" }, { "name": "AWSTrustedAdvisorPriorityFullAccess", "value": "arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess" }, { "name": "AWSTrustedAdvisorPriorityReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityReadOnlyAccess" }, { "name": "AWSTrustedAdvisorReportingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy" }, { "name": "AWSTrustedAdvisorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy" }, { "name": "AWSUserNotificationsServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSUserNotificationsServiceLinkedRolePolicy" }, { "name": "AWSVPCS2SVpnServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCS2SVpnServiceRolePolicy" }, { "name": "AWSVPCTransitGatewayServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy" }, { "name": "AWSVPCVerifiedAccessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCVerifiedAccessServiceRolePolicy" }, { "name": "AWSVendorInsightsAssessorFullAccess", "value": "arn:aws:iam::aws:policy/AWSVendorInsightsAssessorFullAccess" }, { "name": "AWSVendorInsightsAssessorReadOnly", "value": "arn:aws:iam::aws:policy/AWSVendorInsightsAssessorReadOnly" }, { "name": "AWSVendorInsightsVendorFullAccess", "value": "arn:aws:iam::aws:policy/AWSVendorInsightsVendorFullAccess" }, { "name": "AWSVendorInsightsVendorReadOnly", "value": "arn:aws:iam::aws:policy/AWSVendorInsightsVendorReadOnly" }, { "name": "AWSVpcLatticeServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSVpcLatticeServiceRolePolicy" }, { "name": "AWSWAFConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AWSWAFConsoleFullAccess" }, { "name": "AWSWAFConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSWAFConsoleReadOnlyAccess" }, { "name": "AWSWAFFullAccess", "value": "arn:aws:iam::aws:policy/AWSWAFFullAccess" }, { "name": "AWSWAFReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess" }, { "name": "AWSWellArchitectedDiscoveryServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedDiscoveryServiceRolePolicy" }, { "name": "AWSWellArchitectedOrganizationsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedOrganizationsServiceRolePolicy" }, { "name": "AWSWickrFullAccess", "value": "arn:aws:iam::aws:policy/AWSWickrFullAccess" }, { "name": "AWSXRayDaemonWriteAccess", "value": "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess" }, { "name": "AWSXrayCrossAccountSharingConfiguration", "value": "arn:aws:iam::aws:policy/AWSXrayCrossAccountSharingConfiguration" }, { "name": "AWSXrayFullAccess", "value": "arn:aws:iam::aws:policy/AWSXrayFullAccess" }, { "name": "AWSXrayReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess" }, { "name": "AWSXrayWriteOnlyAccess", "value": "arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess" }, { "name": "AWSZonalAutoshiftPracticeRunSLRPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSZonalAutoshiftPracticeRunSLRPolicy" }, { "name": "AWSrePostPrivateCloudWatchAccess", "value": "arn:aws:iam::aws:policy/aws-service-role/AWSrePostPrivateCloudWatchAccess" }, { "name": "AccessAnalyzerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy" }, { "name": "AdministratorAccess", "value": "arn:aws:iam::aws:policy/AdministratorAccess" }, { "name": "AdministratorAccessAWSElasticBeanstalk", "value": "arn:aws:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk" }, { "name": "AdministratorAccessAmplify", "value": "arn:aws:iam::aws:policy/AdministratorAccess-Amplify" }, { "name": "AlexaForBusinessDeviceSetup", "value": "arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup" }, { "name": "AlexaForBusinessFullAccess", "value": "arn:aws:iam::aws:policy/AlexaForBusinessFullAccess" }, { "name": "AlexaForBusinessGatewayExecution", "value": "arn:aws:iam::aws:policy/AlexaForBusinessGatewayExecution" }, { "name": "AlexaForBusinessLifesizeDelegatedAccessPolicy", "value": "arn:aws:iam::aws:policy/AlexaForBusinessLifesizeDelegatedAccessPolicy" }, { "name": "AlexaForBusinessNetworkProfileServicePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy" }, { "name": "AlexaForBusinessPolyDelegatedAccessPolicy", "value": "arn:aws:iam::aws:policy/AlexaForBusinessPolyDelegatedAccessPolicy" }, { "name": "AlexaForBusinessReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess" }, { "name": "AmazonAPIGatewayAdministrator", "value": "arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator" }, { "name": "AmazonAPIGatewayInvokeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess" }, { "name": "AmazonAPIGatewayPushToCloudWatchLogs", "value": "arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs" }, { "name": "AmazonAppFlowFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAppFlowFullAccess" }, { "name": "AmazonAppFlowReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonAppFlowReadOnlyAccess" }, { "name": "AmazonAppStreamFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAppStreamFullAccess" }, { "name": "AmazonAppStreamPCAAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonAppStreamPCAAccess" }, { "name": "AmazonAppStreamReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess" }, { "name": "AmazonAppStreamServiceAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess" }, { "name": "AmazonAthenaFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAthenaFullAccess" }, { "name": "AmazonAugmentedAIFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAugmentedAIFullAccess" }, { "name": "AmazonAugmentedAIHumanLoopFullAccess", "value": "arn:aws:iam::aws:policy/AmazonAugmentedAIHumanLoopFullAccess" }, { "name": "AmazonAugmentedAIIntegratedAPIAccess", "value": "arn:aws:iam::aws:policy/AmazonAugmentedAIIntegratedAPIAccess" }, { "name": "AmazonBedrockFullAccess", "value": "arn:aws:iam::aws:policy/AmazonBedrockFullAccess" }, { "name": "AmazonBedrockReadOnly", "value": "arn:aws:iam::aws:policy/AmazonBedrockReadOnly" }, { "name": "AmazonBraketFullAccess", "value": "arn:aws:iam::aws:policy/AmazonBraketFullAccess" }, { "name": "AmazonBraketJobsExecutionPolicy", "value": "arn:aws:iam::aws:policy/AmazonBraketJobsExecutionPolicy" }, { "name": "AmazonBraketServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonBraketServiceRolePolicy" }, { "name": "AmazonChimeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonChimeFullAccess" }, { "name": "AmazonChimeReadOnly", "value": "arn:aws:iam::aws:policy/AmazonChimeReadOnly" }, { "name": "AmazonChimeSDK", "value": "arn:aws:iam::aws:policy/AmazonChimeSDK" }, { "name": "AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy" }, { "name": "AmazonChimeSDKMessagingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMessagingServiceRolePolicy" }, { "name": "AmazonChimeServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeServiceRolePolicy" }, { "name": "AmazonChimeTranscriptionServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeTranscriptionServiceLinkedRolePolicy" }, { "name": "AmazonChimeUserManagement", "value": "arn:aws:iam::aws:policy/AmazonChimeUserManagement" }, { "name": "AmazonChimeVoiceConnectorServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy" }, { "name": "AmazonCloudDirectoryFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess" }, { "name": "AmazonCloudDirectoryReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess" }, { "name": "AmazonCloudWatchEvidentlyFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyFullAccess" }, { "name": "AmazonCloudWatchEvidentlyReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyReadOnlyAccess" }, { "name": "AmazonCloudWatchEvidentlyServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchEvidentlyServiceRolePolicy" }, { "name": "AmazonCloudWatchRUMFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudWatchRUMFullAccess" }, { "name": "AmazonCloudWatchRUMReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCloudWatchRUMReadOnlyAccess" }, { "name": "AmazonCloudWatchRUMServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchRUMServiceRolePolicy" }, { "name": "AmazonCodeCatalystFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeCatalystFullAccess" }, { "name": "AmazonCodeCatalystReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeCatalystReadOnlyAccess" }, { "name": "AmazonCodeCatalystSupportAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonCodeCatalystSupportAccess" }, { "name": "AmazonCodeGuruProfilerAgentAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerAgentAccess" }, { "name": "AmazonCodeGuruProfilerFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerFullAccess" }, { "name": "AmazonCodeGuruProfilerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerReadOnlyAccess" }, { "name": "AmazonCodeGuruReviewerFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruReviewerFullAccess" }, { "name": "AmazonCodeGuruReviewerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruReviewerReadOnlyAccess" }, { "name": "AmazonCodeGuruReviewerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy" }, { "name": "AmazonCodeGuruSecurityFullAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruSecurityFullAccess" }, { "name": "AmazonCodeGuruSecurityScanAccess", "value": "arn:aws:iam::aws:policy/AmazonCodeGuruSecurityScanAccess" }, { "name": "AmazonCognitoDeveloperAuthenticatedIdentities", "value": "arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities" }, { "name": "AmazonCognitoIdpEmailServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy" }, { "name": "AmazonCognitoIdpServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpServiceRolePolicy" }, { "name": "AmazonCognitoPowerUser", "value": "arn:aws:iam::aws:policy/AmazonCognitoPowerUser" }, { "name": "AmazonCognitoReadOnly", "value": "arn:aws:iam::aws:policy/AmazonCognitoReadOnly" }, { "name": "AmazonCognitoUnAuthedIdentitiesSessionPolicy", "value": "arn:aws:iam::aws:policy/AmazonCognitoUnAuthedIdentitiesSessionPolicy" }, { "name": "AmazonCognitoUnauthenticatedIdentities", "value": "arn:aws:iam::aws:policy/AmazonCognitoUnauthenticatedIdentities" }, { "name": "AmazonConnectCampaignsServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectCampaignsServiceLinkedRolePolicy" }, { "name": "AmazonConnectReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonConnectReadOnlyAccess" }, { "name": "AmazonConnectServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy" }, { "name": "AmazonConnectSynchronizationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectSynchronizationServiceRolePolicy" }, { "name": "AmazonConnectVoiceIDFullAccess", "value": "arn:aws:iam::aws:policy/AmazonConnectVoiceIDFullAccess" }, { "name": "AmazonConnect_FullAccess", "value": "arn:aws:iam::aws:policy/AmazonConnect_FullAccess" }, { "name": "AmazonDMSCloudWatchLogsRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole" }, { "name": "AmazonDMSRedshiftS3Role", "value": "arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role" }, { "name": "AmazonDMSVPCManagementRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole" }, { "name": "AmazonDRSVPCManagement", "value": "arn:aws:iam::aws:policy/AmazonDRSVPCManagement" }, { "name": "AmazonDataZoneDomainExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneDomainExecutionRolePolicy" }, { "name": "AmazonDataZoneEnvironmentRolePermissionsBoundary", "value": "arn:aws:iam::aws:policy/AmazonDataZoneEnvironmentRolePermissionsBoundary" }, { "name": "AmazonDataZoneFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDataZoneFullAccess" }, { "name": "AmazonDataZoneFullUserAccess", "value": "arn:aws:iam::aws:policy/AmazonDataZoneFullUserAccess" }, { "name": "AmazonDataZoneGlueManageAccessRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneGlueManageAccessRolePolicy" }, { "name": "AmazonDataZoneRedshiftGlueProvisioningPolicy", "value": "arn:aws:iam::aws:policy/AmazonDataZoneRedshiftGlueProvisioningPolicy" }, { "name": "AmazonDataZoneRedshiftManageAccessRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneRedshiftManageAccessRolePolicy" }, { "name": "AmazonDetectiveFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDetectiveFullAccess" }, { "name": "AmazonDetectiveInvestigatorAccess", "value": "arn:aws:iam::aws:policy/AmazonDetectiveInvestigatorAccess" }, { "name": "AmazonDetectiveMemberAccess", "value": "arn:aws:iam::aws:policy/AmazonDetectiveMemberAccess" }, { "name": "AmazonDetectiveOrganizationsAccess", "value": "arn:aws:iam::aws:policy/AmazonDetectiveOrganizationsAccess" }, { "name": "AmazonDetectiveServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonDetectiveServiceLinkedRolePolicy" }, { "name": "AmazonDevOpsGuruConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDevOpsGuruConsoleFullAccess" }, { "name": "AmazonDevOpsGuruFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDevOpsGuruFullAccess" }, { "name": "AmazonDevOpsGuruOrganizationsAccess", "value": "arn:aws:iam::aws:policy/AmazonDevOpsGuruOrganizationsAccess" }, { "name": "AmazonDevOpsGuruReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonDevOpsGuruReadOnlyAccess" }, { "name": "AmazonDevOpsGuruServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonDevOpsGuruServiceRolePolicy" }, { "name": "AmazonDocDBElasticServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonDocDB-ElasticServiceRolePolicy" }, { "name": "AmazonDocDBConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDocDBConsoleFullAccess" }, { "name": "AmazonDocDBElasticFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDocDBElasticFullAccess" }, { "name": "AmazonDocDBElasticReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonDocDBElasticReadOnlyAccess" }, { "name": "AmazonDocDBFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDocDBFullAccess" }, { "name": "AmazonDocDBReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonDocDBReadOnlyAccess" }, { "name": "AmazonDynamoDBFullAccess", "value": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess" }, { "name": "AmazonDynamoDBFullAccesswithDataPipeline", "value": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline" }, { "name": "AmazonDynamoDBReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess" }, { "name": "AmazonEBSCSIDriverPolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy" }, { "name": "AmazonEC2ContainerRegistryFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess" }, { "name": "AmazonEC2ContainerRegistryPowerUser", "value": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser" }, { "name": "AmazonEC2ContainerRegistryReadOnly", "value": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly" }, { "name": "AmazonEC2ContainerServiceAutoscaleRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole" }, { "name": "AmazonEC2ContainerServiceEventsRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole" }, { "name": "AmazonEC2ContainerServiceFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AmazonECS_FullAccess instead." }, { "name": "AmazonEC2ContainerServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole" }, { "name": "AmazonEC2ContainerServiceforEC2Role", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" }, { "name": "AmazonEC2FullAccess", "value": "arn:aws:iam::aws:policy/AmazonEC2FullAccess" }, { "name": "AmazonEC2ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess" }, { "name": "AmazonEC2ReportsAccess", "value": "arn:aws:iam::aws:policy/AmazonEC2ReportsAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AmazonEC2RolePolicyForLaunchWizard", "value": "arn:aws:iam::aws:policy/AmazonEC2RolePolicyForLaunchWizard" }, { "name": "AmazonEC2RoleforAWSCodeDeploy", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy" }, { "name": "AmazonEC2RoleforAWSCodeDeployLimited", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeployLimited" }, { "name": "AmazonEC2RoleforDataPipelineRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole" }, { "name": "AmazonEC2RoleforSSM", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM" }, { "name": "AmazonEC2SpotFleetAutoscaleRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole" }, { "name": "AmazonEC2SpotFleetRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AmazonEC2SpotFleetTaggingRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole" }, { "name": "AmazonECSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonECS_FullAccess" }, { "name": "AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity", "value": "arn:aws:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity" }, { "name": "AmazonECSInfrastructureRolePolicyForVolumes", "value": "arn:aws:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForVolumes" }, { "name": "AmazonECSServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy" }, { "name": "AmazonECSTaskExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" }, { "name": "AmazonEFSCSIDriverPolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonEFSCSIDriverPolicy" }, { "name": "AmazonEKSClusterPolicy", "value": "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" }, { "name": "AmazonEKSConnectorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSConnectorServiceRolePolicy" }, { "name": "AmazonEKSFargatePodExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy" }, { "name": "AmazonEKSForFargateServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSForFargateServiceRolePolicy" }, { "name": "AmazonEKSLocalOutpostClusterPolicy", "value": "arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy" }, { "name": "AmazonEKSLocalOutpostServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy" }, { "name": "AmazonEKSServicePolicy", "value": "arn:aws:iam::aws:policy/AmazonEKSServicePolicy" }, { "name": "AmazonEKSServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSServiceRolePolicy" }, { "name": "AmazonEKSVPCResourceController", "value": "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController" }, { "name": "AmazonEKSWorkerNodePolicy", "value": "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" }, { "name": "AmazonEKS_CNI_Policy", "value": "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" }, { "name": "AmazonEMRCleanupPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy" }, { "name": "AmazonEMRContainersServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRContainersServiceRolePolicy" }, { "name": "AmazonEMRFullAccessPolicy_v2", "value": "arn:aws:iam::aws:policy/AmazonEMRFullAccessPolicy_v2" }, { "name": "AmazonEMRReadOnlyAccessPolicy_v2", "value": "arn:aws:iam::aws:policy/AmazonEMRReadOnlyAccessPolicy_v2" }, { "name": "AmazonEMRServerlessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRServerlessServiceRolePolicy" }, { "name": "AmazonEMRServicePolicy_v2", "value": "arn:aws:iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" }, { "name": "AmazonESCognitoAccess", "value": "arn:aws:iam::aws:policy/AmazonESCognitoAccess" }, { "name": "AmazonESFullAccess", "value": "arn:aws:iam::aws:policy/AmazonESFullAccess" }, { "name": "AmazonESReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonESReadOnlyAccess" }, { "name": "AmazonElastiCacheFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess" }, { "name": "AmazonElastiCacheReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess" }, { "name": "AmazonElasticContainerRegistryPublicFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicFullAccess" }, { "name": "AmazonElasticContainerRegistryPublicPowerUser", "value": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser" }, { "name": "AmazonElasticContainerRegistryPublicReadOnly", "value": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly" }, { "name": "AmazonElasticFileSystemClientFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess" }, { "name": "AmazonElasticFileSystemClientReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadOnlyAccess" }, { "name": "AmazonElasticFileSystemClientReadWriteAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess" }, { "name": "AmazonElasticFileSystemFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess" }, { "name": "AmazonElasticFileSystemReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess" }, { "name": "AmazonElasticFileSystemServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonElasticFileSystemServiceRolePolicy" }, { "name": "AmazonElasticFileSystemsUtils", "value": "arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils" }, { "name": "AmazonElasticMapReduceEditorsRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole" }, { "name": "AmazonElasticMapReduceFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess" }, { "name": "AmazonElasticMapReducePlacementGroupPolicy", "value": "arn:aws:iam::aws:policy/AmazonElasticMapReducePlacementGroupPolicy" }, { "name": "AmazonElasticMapReduceReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess" }, { "name": "AmazonElasticMapReduceRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole" }, { "name": "AmazonElasticMapReduceforAutoScalingRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" }, { "name": "AmazonElasticMapReduceforEC2Role", "value": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role" }, { "name": "AmazonElasticTranscoderFullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_FullAccess instead." }, { "name": "AmazonElasticTranscoderJobsSubmitter", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_JobsSubmitter instead." }, { "name": "AmazonElasticTranscoderReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_ReadOnlyAccess instead." }, { "name": "AmazonElasticTranscoderRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole" }, { "name": "ElasticTranscoder_FullAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_FullAccess" }, { "name": "ElasticTranscoder_JobsSubmitter", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter" }, { "name": "ElasticTranscoder_ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess" }, { "name": "AmazonElasticsearchServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy" }, { "name": "AmazonEventBridgeApiDestinationsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy" }, { "name": "AmazonEventBridgeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess" }, { "name": "AmazonEventBridgePipesFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgePipesFullAccess" }, { "name": "AmazonEventBridgePipesOperatorAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgePipesOperatorAccess" }, { "name": "AmazonEventBridgePipesReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgePipesReadOnlyAccess" }, { "name": "AmazonEventBridgeReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeReadOnlyAccess" }, { "name": "AmazonEventBridgeSchedulerFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerFullAccess" }, { "name": "AmazonEventBridgeSchedulerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerReadOnlyAccess" }, { "name": "AmazonEventBridgeSchemasFullAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeSchemasFullAccess" }, { "name": "AmazonEventBridgeSchemasReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonEventBridgeSchemasReadOnlyAccess" }, { "name": "AmazonEventBridgeSchemasServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy" }, { "name": "AmazonFISServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonFISServiceRolePolicy" }, { "name": "AmazonFSxConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonFSxConsoleFullAccess" }, { "name": "AmazonFSxConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess" }, { "name": "AmazonFSxFullAccess", "value": "arn:aws:iam::aws:policy/AmazonFSxFullAccess" }, { "name": "AmazonFSxReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonFSxReadOnlyAccess" }, { "name": "AmazonFSxServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy" }, { "name": "AmazonForecastFullAccess", "value": "arn:aws:iam::aws:policy/AmazonForecastFullAccess" }, { "name": "AmazonFraudDetectorFullAccessPolicy", "value": "arn:aws:iam::aws:policy/AmazonFraudDetectorFullAccessPolicy" }, { "name": "AmazonFreeRTOSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonFreeRTOSFullAccess" }, { "name": "AmazonFreeRTOSOTAUpdate", "value": "arn:aws:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate" }, { "name": "AmazonGlacierFullAccess", "value": "arn:aws:iam::aws:policy/AmazonGlacierFullAccess" }, { "name": "AmazonGlacierReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess" }, { "name": "AmazonGrafanaAthenaAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess" }, { "name": "AmazonGrafanaCloudWatchAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaCloudWatchAccess" }, { "name": "AmazonGrafanaRedshiftAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess" }, { "name": "AmazonGrafanaServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonGrafanaServiceLinkedRolePolicy" }, { "name": "AmazonGuardDutyFullAccess", "value": "arn:aws:iam::aws:policy/AmazonGuardDutyFullAccess" }, { "name": "AmazonGuardDutyMalwareProtectionServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyMalwareProtectionServiceRolePolicy" }, { "name": "AmazonGuardDutyReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonGuardDutyReadOnlyAccess" }, { "name": "AmazonGuardDutyServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy" }, { "name": "AmazonHealthLakeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonHealthLakeFullAccess" }, { "name": "AmazonHealthLakeReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonHealthLakeReadOnlyAccess" }, { "name": "AmazonHoneycodeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeFullAccess" }, { "name": "AmazonHoneycodeReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeReadOnlyAccess" }, { "name": "AmazonHoneycodeServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonHoneycodeServiceRolePolicy" }, { "name": "AmazonHoneycodeTeamAssociationFullAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationFullAccess" }, { "name": "AmazonHoneycodeTeamAssociationReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationReadOnlyAccess" }, { "name": "AmazonHoneycodeWorkbookFullAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookFullAccess" }, { "name": "AmazonHoneycodeWorkbookReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookReadOnlyAccess" }, { "name": "AmazonInspector2AgentlessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2AgentlessServiceRolePolicy" }, { "name": "AmazonInspector2FullAccess", "value": "arn:aws:iam::aws:policy/AmazonInspector2FullAccess" }, { "name": "AmazonInspector2ManagedCisPolicy", "value": "arn:aws:iam::aws:policy/AmazonInspector2ManagedCisPolicy" }, { "name": "AmazonInspector2ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonInspector2ReadOnlyAccess" }, { "name": "AmazonInspector2ServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2ServiceRolePolicy" }, { "name": "AmazonInspectorFullAccess", "value": "arn:aws:iam::aws:policy/AmazonInspectorFullAccess" }, { "name": "AmazonInspectorReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess" }, { "name": "AmazonInspectorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy" }, { "name": "AmazonKendraFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKendraFullAccess" }, { "name": "AmazonKendraReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonKendraReadOnlyAccess" }, { "name": "AmazonKeyspacesFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKeyspacesFullAccess" }, { "name": "AmazonKeyspacesReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess" }, { "name": "AmazonKeyspacesReadOnlyAccess_v2", "value": "arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess_v2" }, { "name": "AmazonKinesisAnalyticsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess" }, { "name": "AmazonKinesisAnalyticsReadOnly", "value": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly" }, { "name": "AmazonKinesisFirehoseFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess" }, { "name": "AmazonKinesisFirehoseReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess" }, { "name": "AmazonKinesisFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisFullAccess" }, { "name": "AmazonKinesisReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess" }, { "name": "AmazonKinesisVideoStreamsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess" }, { "name": "AmazonKinesisVideoStreamsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess" }, { "name": "AmazonLaunchWizard_Fullaccess", "value": "arn:aws:iam::aws:policy/AmazonLaunchWizard_Fullaccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AmazonLaunchWizardFullAccessV2", "value": "arn:aws:iam::aws:policy/AmazonLaunchWizardFullAccessV2" }, { "name": "AmazonLexChannelsAccess", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexChannelsAccess" }, { "name": "AmazonLexFullAccess", "value": "arn:aws:iam::aws:policy/AmazonLexFullAccess" }, { "name": "AmazonLexReadOnly", "value": "arn:aws:iam::aws:policy/AmazonLexReadOnly" }, { "name": "AmazonLexReplicationPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexReplicationPolicy" }, { "name": "AmazonLexRunBotsOnly", "value": "arn:aws:iam::aws:policy/AmazonLexRunBotsOnly" }, { "name": "AmazonLexV2BotPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexV2BotPolicy" }, { "name": "AmazonLookoutEquipmentFullAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutEquipmentFullAccess" }, { "name": "AmazonLookoutEquipmentReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutEquipmentReadOnlyAccess" }, { "name": "AmazonLookoutMetricsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutMetricsFullAccess" }, { "name": "AmazonLookoutMetricsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutMetricsReadOnlyAccess" }, { "name": "AmazonLookoutVisionConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleFullAccess" }, { "name": "AmazonLookoutVisionConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleReadOnlyAccess" }, { "name": "AmazonLookoutVisionFullAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutVisionFullAccess" }, { "name": "AmazonLookoutVisionReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonLookoutVisionReadOnlyAccess" }, { "name": "AmazonMCSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMCSFullAccess" }, { "name": "AmazonMCSReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMCSReadOnlyAccess" }, { "name": "AmazonMQApiFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMQApiFullAccess" }, { "name": "AmazonMQApiReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMQApiReadOnlyAccess" }, { "name": "AmazonMQFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMQFullAccess" }, { "name": "AmazonMQReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMQReadOnlyAccess" }, { "name": "AmazonMQServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonMQServiceRolePolicy" }, { "name": "AmazonMSKConnectReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMSKConnectReadOnlyAccess" }, { "name": "AmazonMSKFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMSKFullAccess" }, { "name": "AmazonMSKReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMSKReadOnlyAccess" }, { "name": "AmazonMWAAServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonMWAAServiceRolePolicy" }, { "name": "AmazonMachineLearningBatchPredictionsAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess" }, { "name": "AmazonMachineLearningCreateOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess" }, { "name": "AmazonMachineLearningFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess" }, { "name": "AmazonMachineLearningManageRealTimeEndpointOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess" }, { "name": "AmazonMachineLearningReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess" }, { "name": "AmazonMachineLearningRealTimePredictionOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess" }, { "name": "AmazonMachineLearningRoleforRedshiftDataSource", "value": "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource", "deprecationMessage": "This policy is deprecated. Use AmazonMachineLearningRoleforRedshiftDataSourceV3 instead." }, { "name": "AmazonMachineLearningRoleforRedshiftDataSourceV3", "value": "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSourceV3" }, { "name": "AmazonMacieFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMacieFullAccess" }, { "name": "AmazonMacieHandshakeRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonMacieHandshakeRole" }, { "name": "AmazonMacieReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMacieReadOnlyAccess" }, { "name": "AmazonMacieServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonMacieServiceRole" }, { "name": "AmazonMacieServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy" }, { "name": "AmazonManagedBlockchainConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess" }, { "name": "AmazonManagedBlockchainFullAccess", "value": "arn:aws:iam::aws:policy/AmazonManagedBlockchainFullAccess" }, { "name": "AmazonManagedBlockchainReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess" }, { "name": "AmazonManagedBlockchainServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonManagedBlockchainServiceRolePolicy" }, { "name": "AmazonMechanicalTurkFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess" }, { "name": "AmazonMechanicalTurkReadOnly", "value": "arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly" }, { "name": "AmazonMemoryDBFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMemoryDBFullAccess" }, { "name": "AmazonMemoryDBReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMemoryDBReadOnlyAccess" }, { "name": "AmazonMobileAnalyticsFinancialReportAccess", "value": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess" }, { "name": "AmazonMobileAnalyticsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess" }, { "name": "AmazonMobileAnalyticsNonfinancialReportAccess", "value": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess" }, { "name": "AmazonMobileAnalyticsWriteOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess" }, { "name": "AmazonMonitronFullAccess", "value": "arn:aws:iam::aws:policy/AmazonMonitronFullAccess" }, { "name": "AmazonNimbleStudioLaunchProfileWorker", "value": "arn:aws:iam::aws:policy/AmazonNimbleStudio-LaunchProfileWorker" }, { "name": "AmazonNimbleStudioStudioAdmin", "value": "arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioAdmin" }, { "name": "AmazonNimbleStudioStudioUser", "value": "arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioUser" }, { "name": "AmazonOmicsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonOmicsFullAccess" }, { "name": "AmazonOmicsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonOmicsReadOnlyAccess" }, { "name": "AmazonOneEnterpriseFullAccess", "value": "arn:aws:iam::aws:policy/AmazonOneEnterpriseFullAccess" }, { "name": "AmazonOneEnterpriseInstallerAccess", "value": "arn:aws:iam::aws:policy/AmazonOneEnterpriseInstallerAccess" }, { "name": "AmazonOneEnterpriseReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonOneEnterpriseReadOnlyAccess" }, { "name": "AmazonOpenSearchDashboardsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchDashboardsServiceRolePolicy" }, { "name": "AmazonOpenSearchIngestionFullAccess", "value": "arn:aws:iam::aws:policy/AmazonOpenSearchIngestionFullAccess" }, { "name": "AmazonOpenSearchIngestionReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonOpenSearchIngestionReadOnlyAccess" }, { "name": "AmazonOpenSearchIngestionServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchIngestionServiceRolePolicy" }, { "name": "AmazonOpenSearchServerlessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServerlessServiceRolePolicy" }, { "name": "AmazonOpenSearchServiceCognitoAccess", "value": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceCognitoAccess" }, { "name": "AmazonOpenSearchServiceFullAccess", "value": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceFullAccess" }, { "name": "AmazonOpenSearchServiceReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceReadOnlyAccess" }, { "name": "AmazonOpenSearchServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServiceRolePolicy" }, { "name": "AmazonPersonalizeFullAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonPersonalizeFullAccess" }, { "name": "AmazonPollyFullAccess", "value": "arn:aws:iam::aws:policy/AmazonPollyFullAccess" }, { "name": "AmazonPollyReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess" }, { "name": "AmazonPrometheusConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonPrometheusConsoleFullAccess" }, { "name": "AmazonPrometheusFullAccess", "value": "arn:aws:iam::aws:policy/AmazonPrometheusFullAccess" }, { "name": "AmazonPrometheusQueryAccess", "value": "arn:aws:iam::aws:policy/AmazonPrometheusQueryAccess" }, { "name": "AmazonPrometheusRemoteWriteAccess", "value": "arn:aws:iam::aws:policy/AmazonPrometheusRemoteWriteAccess" }, { "name": "AmazonPrometheusScraperServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonPrometheusScraperServiceRolePolicy" }, { "name": "AmazonQFullAccess", "value": "arn:aws:iam::aws:policy/AmazonQFullAccess" }, { "name": "AmazonQLDBConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonQLDBConsoleFullAccess" }, { "name": "AmazonQLDBFullAccess", "value": "arn:aws:iam::aws:policy/AmazonQLDBFullAccess" }, { "name": "AmazonQLDBReadOnly", "value": "arn:aws:iam::aws:policy/AmazonQLDBReadOnly" }, { "name": "AmazonRDSBetaServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy" }, { "name": "AmazonRDSCustomInstanceProfileRolePolicy", "value": "arn:aws:iam::aws:policy/AmazonRDSCustomInstanceProfileRolePolicy" }, { "name": "AmazonRDSCustomPreviewServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy" }, { "name": "AmazonRDSCustomServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy" }, { "name": "AmazonRDSDataFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRDSDataFullAccess" }, { "name": "AmazonRDSDirectoryServiceAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess" }, { "name": "AmazonRDSEnhancedMonitoringRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole" }, { "name": "AmazonRDSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRDSFullAccess" }, { "name": "AmazonRDSPerformanceInsightsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsFullAccess" }, { "name": "AmazonRDSPerformanceInsightsReadOnly", "value": "arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsReadOnly" }, { "name": "AmazonRDSPreviewServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy" }, { "name": "AmazonRDSReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess" }, { "name": "AmazonRDSServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy" }, { "name": "AmazonRedshiftAllCommandsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess" }, { "name": "AmazonRedshiftDataFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRedshiftDataFullAccess" }, { "name": "AmazonRedshiftFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRedshiftFullAccess" }, { "name": "AmazonRedshiftQueryEditor", "value": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor" }, { "name": "AmazonRedshiftQueryEditorV2FullAccess", "value": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess" }, { "name": "AmazonRedshiftQueryEditorV2NoSharing", "value": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing" }, { "name": "AmazonRedshiftQueryEditorV2ReadSharing", "value": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing" }, { "name": "AmazonRedshiftQueryEditorV2ReadWriteSharing", "value": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing" }, { "name": "AmazonRedshiftReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess" }, { "name": "AmazonRedshiftServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy" }, { "name": "AmazonRekognitionCustomLabelsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRekognitionCustomLabelsFullAccess" }, { "name": "AmazonRekognitionFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRekognitionFullAccess" }, { "name": "AmazonRekognitionReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess" }, { "name": "AmazonRekognitionServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonRekognitionServiceRole" }, { "name": "AmazonRoute53AutoNamingFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingFullAccess" }, { "name": "AmazonRoute53AutoNamingReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess" }, { "name": "AmazonRoute53AutoNamingRegistrantAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess" }, { "name": "AmazonRoute53DomainsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess" }, { "name": "AmazonRoute53DomainsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess" }, { "name": "AmazonRoute53FullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53FullAccess" }, { "name": "AmazonRoute53ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess" }, { "name": "AmazonRoute53RecoveryClusterFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterFullAccess" }, { "name": "AmazonRoute53RecoveryClusterReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterReadOnlyAccess" }, { "name": "AmazonRoute53RecoveryControlConfigFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigFullAccess" }, { "name": "AmazonRoute53RecoveryControlConfigReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigReadOnlyAccess" }, { "name": "AmazonRoute53RecoveryReadinessFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessFullAccess" }, { "name": "AmazonRoute53RecoveryReadinessReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessReadOnlyAccess" }, { "name": "AmazonRoute53ResolverFullAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53ResolverFullAccess" }, { "name": "AmazonRoute53ResolverReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess" }, { "name": "AmazonS3FullAccess", "value": "arn:aws:iam::aws:policy/AmazonS3FullAccess" }, { "name": "AmazonS3ObjectLambdaExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonS3ObjectLambdaExecutionRolePolicy" }, { "name": "AmazonS3OutpostsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonS3OutpostsFullAccess" }, { "name": "AmazonS3OutpostsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonS3OutpostsReadOnlyAccess" }, { "name": "AmazonS3ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess" }, { "name": "AmazonSESFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSESFullAccess" }, { "name": "AmazonSESReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess" }, { "name": "AmazonSNSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSNSFullAccess" }, { "name": "AmazonSNSReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess" }, { "name": "AmazonSNSRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonSNSRole" }, { "name": "AmazonSQSFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSQSFullAccess" }, { "name": "AmazonSQSReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess" }, { "name": "AmazonSSMAutomationApproverAccess", "value": "arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess" }, { "name": "AmazonSSMAutomationRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole" }, { "name": "AmazonSSMDirectoryServiceAccess", "value": "arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess" }, { "name": "AmazonSSMFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSSMFullAccess" }, { "name": "AmazonSSMMaintenanceWindowRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole" }, { "name": "AmazonSSMManagedEC2InstanceDefaultPolicy", "value": "arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy" }, { "name": "AmazonSSMManagedInstanceCore", "value": "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" }, { "name": "AmazonSSMPatchAssociation", "value": "arn:aws:iam::aws:policy/AmazonSSMPatchAssociation" }, { "name": "AmazonSSMReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess" }, { "name": "AmazonSSMServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy" }, { "name": "AmazonSageMakerAdminServiceCatalogProductsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy" }, { "name": "AmazonSageMakerCanvasAIServicesAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasAIServicesAccess" }, { "name": "AmazonSageMakerCanvasBedrockAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasBedrockAccess" }, { "name": "AmazonSageMakerCanvasDataPrepFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasDataPrepFullAccess" }, { "name": "AmazonSageMakerCanvasDirectDeployAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasDirectDeployAccess" }, { "name": "AmazonSageMakerCanvasForecastAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasForecastAccess" }, { "name": "AmazonSageMakerCanvasFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasFullAccess" }, { "name": "AmazonSageMakerClusterInstanceRolePolicy", "value": "arn:aws:iam::aws:policy/AmazonSageMakerClusterInstanceRolePolicy" }, { "name": "AmazonSageMakerCoreServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerCoreServiceRolePolicy" }, { "name": "AmazonSageMakerEdgeDeviceFleetPolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerEdgeDeviceFleetPolicy" }, { "name": "AmazonSageMakerFeatureStoreAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerFeatureStoreAccess" }, { "name": "AmazonSageMakerFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerFullAccess" }, { "name": "AmazonSageMakerGeospatialExecutionRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialExecutionRole" }, { "name": "AmazonSageMakerGeospatialFullAccess", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialFullAccess" }, { "name": "AmazonSageMakerGroundTruthExecution", "value": "arn:aws:iam::aws:policy/AmazonSageMakerGroundTruthExecution" }, { "name": "AmazonSageMakerMechanicalTurkAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerMechanicalTurkAccess" }, { "name": "AmazonSageMakerModelGovernanceUseAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerModelGovernanceUseAccess" }, { "name": "AmazonSageMakerModelRegistryFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSageMakerModelRegistryFullAccess" }, { "name": "AmazonSageMakerNotebooksServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy" }, { "name": "AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy" }, { "name": "AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy" }, { "name": "AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy" }, { "name": "AmazonSageMakerPipelinesIntegrations", "value": "arn:aws:iam::aws:policy/AmazonSageMakerPipelinesIntegrations" }, { "name": "AmazonSageMakerReadOnly", "value": "arn:aws:iam::aws:policy/AmazonSageMakerReadOnly" }, { "name": "AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy", "value": "arn:aws:iam::aws:policy/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy" }, { "name": "AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy" }, { "name": "AmazonSecurityLakeAdministrator", "value": "arn:aws:iam::aws:policy/AmazonSecurityLakeAdministrator" }, { "name": "AmazonSecurityLakeMetastoreManager", "value": "arn:aws:iam::aws:policy/service-role/AmazonSecurityLakeMetastoreManager" }, { "name": "AmazonSecurityLakePermissionsBoundary", "value": "arn:aws:iam::aws:policy/AmazonSecurityLakePermissionsBoundary" }, { "name": "AmazonSumerianFullAccess", "value": "arn:aws:iam::aws:policy/AmazonSumerianFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "AmazonTextractFullAccess", "value": "arn:aws:iam::aws:policy/AmazonTextractFullAccess" }, { "name": "AmazonTextractServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AmazonTextractServiceRole" }, { "name": "AmazonTimestreamConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AmazonTimestreamConsoleFullAccess" }, { "name": "AmazonTimestreamFullAccess", "value": "arn:aws:iam::aws:policy/AmazonTimestreamFullAccess" }, { "name": "AmazonTimestreamInfluxDBFullAccess", "value": "arn:aws:iam::aws:policy/AmazonTimestreamInfluxDBFullAccess" }, { "name": "AmazonTimestreamInfluxDBServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonTimestreamInfluxDBServiceRolePolicy" }, { "name": "AmazonTimestreamReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonTimestreamReadOnlyAccess" }, { "name": "AmazonTranscribeFullAccess", "value": "arn:aws:iam::aws:policy/AmazonTranscribeFullAccess" }, { "name": "AmazonTranscribeReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess" }, { "name": "AmazonVPCCrossAccountNetworkInterfaceOperations", "value": "arn:aws:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations" }, { "name": "AmazonVPCFullAccess", "value": "arn:aws:iam::aws:policy/AmazonVPCFullAccess" }, { "name": "AmazonVPCNetworkAccessAnalyzerFullAccessPolicy", "value": "arn:aws:iam::aws:policy/AmazonVPCNetworkAccessAnalyzerFullAccessPolicy" }, { "name": "AmazonVPCReachabilityAnalyzerFullAccessPolicy", "value": "arn:aws:iam::aws:policy/AmazonVPCReachabilityAnalyzerFullAccessPolicy" }, { "name": "AmazonVPCReachabilityAnalyzerPathComponentReadPolicy", "value": "arn:aws:iam::aws:policy/AmazonVPCReachabilityAnalyzerPathComponentReadPolicy" }, { "name": "AmazonVPCReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess" }, { "name": "AmazonWorkDocsFullAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkDocsFullAccess" }, { "name": "AmazonWorkDocsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkDocsReadOnlyAccess" }, { "name": "AmazonWorkMailEventsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy" }, { "name": "AmazonWorkMailFullAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkMailFullAccess" }, { "name": "AmazonWorkMailMessageFlowFullAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowFullAccess" }, { "name": "AmazonWorkMailMessageFlowReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowReadOnlyAccess" }, { "name": "AmazonWorkMailReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess" }, { "name": "AmazonWorkSpacesAdmin", "value": "arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin" }, { "name": "AmazonWorkSpacesApplicationManagerAdminAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess" }, { "name": "AmazonWorkSpacesSelfServiceAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" }, { "name": "AmazonWorkSpacesServiceAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" }, { "name": "AmazonWorkSpacesWebReadOnly", "value": "arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly" }, { "name": "AmazonWorkSpacesWebServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy" }, { "name": "AmazonWorkspacesPCAAccess", "value": "arn:aws:iam::aws:policy/AmazonWorkspacesPCAAccess" }, { "name": "AmazonZocaloFullAccess", "value": "arn:aws:iam::aws:policy/AmazonZocaloFullAccess" }, { "name": "AmazonZocaloReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess" }, { "name": "AmplifyBackendDeployFullAccess", "value": "arn:aws:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess" }, { "name": "AppIntegrationsServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AppIntegrationsServiceLinkedRolePolicy" }, { "name": "AppRunnerNetworkingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AppRunnerNetworkingServiceRolePolicy" }, { "name": "AppRunnerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AppRunnerServiceRolePolicy" }, { "name": "ApplicationAutoScalingForAmazonAppStreamAccess", "value": "arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess" }, { "name": "ApplicationDiscoveryServiceContinuousExportServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy" }, { "name": "AutoScalingConsoleFullAccess", "value": "arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess" }, { "name": "AutoScalingConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess" }, { "name": "AutoScalingFullAccess", "value": "arn:aws:iam::aws:policy/AutoScalingFullAccess" }, { "name": "AutoScalingNotificationAccessRole", "value": "arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole" }, { "name": "AutoScalingReadOnlyAccess", "value": "arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess" }, { "name": "AutoScalingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy" }, { "name": "AwsGlueDataBrewFullAccessPolicy", "value": "arn:aws:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy" }, { "name": "AwsGlueSessionUserRestrictedNotebookPolicy", "value": "arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedNotebookPolicy" }, { "name": "AwsGlueSessionUserRestrictedNotebookServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedNotebookServiceRole" }, { "name": "AwsGlueSessionUserRestrictedPolicy", "value": "arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedPolicy" }, { "name": "AwsGlueSessionUserRestrictedServiceRole", "value": "arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedServiceRole" }, { "name": "BatchServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/BatchServiceRolePolicy" }, { "name": "Billing", "value": "arn:aws:iam::aws:policy/job-function/Billing" }, { "name": "CertificateManagerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CertificateManagerServiceRolePolicy" }, { "name": "ClientVPNServiceConnectionsRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceConnectionsRolePolicy" }, { "name": "ClientVPNServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy" }, { "name": "CloudFormationStackSetsOrgAdminServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy" }, { "name": "CloudFormationStackSetsOrgMemberServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy" }, { "name": "CloudFrontFullAccess", "value": "arn:aws:iam::aws:policy/CloudFrontFullAccess" }, { "name": "CloudFrontReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess" }, { "name": "CloudHSMServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy" }, { "name": "CloudSearchFullAccess", "value": "arn:aws:iam::aws:policy/CloudSearchFullAccess" }, { "name": "CloudSearchReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess" }, { "name": "CloudTrailServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy" }, { "name": "CloudWatchCrossAccountAccess", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudWatch-CrossAccountAccess" }, { "name": "CloudWatchActionsEC2Access", "value": "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access" }, { "name": "CloudWatchAgentAdminPolicy", "value": "arn:aws:iam::aws:policy/CloudWatchAgentAdminPolicy" }, { "name": "CloudWatchAgentServerPolicy", "value": "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy" }, { "name": "CloudWatchApplicationInsightsFullAccess", "value": "arn:aws:iam::aws:policy/CloudWatchApplicationInsightsFullAccess" }, { "name": "CloudWatchApplicationInsightsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudWatchApplicationInsightsReadOnlyAccess" }, { "name": "CloudWatchApplicationSignalsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchApplicationSignalsServiceRolePolicy" }, { "name": "CloudWatchAutomaticDashboardsAccess", "value": "arn:aws:iam::aws:policy/CloudWatchAutomaticDashboardsAccess" }, { "name": "CloudWatchCrossAccountSharingConfiguration", "value": "arn:aws:iam::aws:policy/CloudWatchCrossAccountSharingConfiguration" }, { "name": "CloudWatchEventsBuiltInTargetExecutionAccess", "value": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess" }, { "name": "CloudWatchEventsFullAccess", "value": "arn:aws:iam::aws:policy/CloudWatchEventsFullAccess" }, { "name": "CloudWatchEventsInvocationAccess", "value": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess" }, { "name": "CloudWatchEventsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess" }, { "name": "CloudWatchEventsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy" }, { "name": "CloudWatchFullAccess", "value": "arn:aws:iam::aws:policy/CloudWatchFullAccess" }, { "name": "CloudWatchFullAccessV2", "value": "arn:aws:iam::aws:policy/CloudWatchFullAccessV2" }, { "name": "CloudWatchInternetMonitorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchInternetMonitorServiceRolePolicy" }, { "name": "CloudWatchLambdaInsightsExecutionRolePolicy", "value": "arn:aws:iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy" }, { "name": "CloudWatchLogsCrossAccountSharingConfiguration", "value": "arn:aws:iam::aws:policy/CloudWatchLogsCrossAccountSharingConfiguration" }, { "name": "CloudWatchLogsFullAccess", "value": "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess" }, { "name": "CloudWatchLogsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess" }, { "name": "CloudWatchNetworkMonitorServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchNetworkMonitorServiceRolePolicy" }, { "name": "CloudWatchReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess" }, { "name": "CloudWatchSyntheticsFullAccess", "value": "arn:aws:iam::aws:policy/CloudWatchSyntheticsFullAccess" }, { "name": "CloudWatchSyntheticsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CloudWatchSyntheticsReadOnlyAccess" }, { "name": "CloudwatchApplicationInsightsServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy" }, { "name": "ComprehendDataAccessRolePolicy", "value": "arn:aws:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy" }, { "name": "ComprehendFullAccess", "value": "arn:aws:iam::aws:policy/ComprehendFullAccess" }, { "name": "ComprehendMedicalFullAccess", "value": "arn:aws:iam::aws:policy/ComprehendMedicalFullAccess" }, { "name": "ComprehendReadOnly", "value": "arn:aws:iam::aws:policy/ComprehendReadOnly" }, { "name": "ComputeOptimizerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ComputeOptimizerReadOnlyAccess" }, { "name": "ComputeOptimizerServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ComputeOptimizerServiceRolePolicy" }, { "name": "ConfigConformsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ConfigConformsServiceRolePolicy" }, { "name": "CostOptimizationHubAdminAccess", "value": "arn:aws:iam::aws:policy/CostOptimizationHubAdminAccess" }, { "name": "CostOptimizationHubReadOnlyAccess", "value": "arn:aws:iam::aws:policy/CostOptimizationHubReadOnlyAccess" }, { "name": "CostOptimizationHubServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CostOptimizationHubServiceRolePolicy" }, { "name": "CustomerProfilesServiceLinkedRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/CustomerProfilesServiceLinkedRolePolicy" }, { "name": "DAXServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/DAXServiceRolePolicy" }, { "name": "DataScientist", "value": "arn:aws:iam::aws:policy/job-function/DataScientist" }, { "name": "DatabaseAdministrator", "value": "arn:aws:iam::aws:policy/job-function/DatabaseAdministrator" }, { "name": "DynamoDBCloudWatchContributorInsightsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy" }, { "name": "DynamoDBKinesisReplicationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBKinesisReplicationServiceRolePolicy" }, { "name": "DynamoDBReplicationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy" }, { "name": "EC2FastLaunchServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/EC2FastLaunchServiceRolePolicy" }, { "name": "EC2FleetTimeShiftableServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/EC2FleetTimeShiftableServiceRolePolicy" }, { "name": "EC2ImageBuilderLifecycleExecutionPolicy", "value": "arn:aws:iam::aws:policy/service-role/EC2ImageBuilderLifecycleExecutionPolicy" }, { "name": "EC2InstanceConnect", "value": "arn:aws:iam::aws:policy/EC2InstanceConnect" }, { "name": "EC2InstanceProfileForImageBuilder", "value": "arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder" }, { "name": "EC2InstanceProfileForImageBuilderECRContainerBuilds", "value": "arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds" }, { "name": "ECRReplicationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ECRReplicationServiceRolePolicy" }, { "name": "EMRDescribeClusterPolicyForEMRWAL", "value": "arn:aws:iam::aws:policy/aws-service-role/EMRDescribeClusterPolicyForEMRWAL" }, { "name": "Ec2ImageBuilderCrossAccountDistributionAccess", "value": "arn:aws:iam::aws:policy/Ec2ImageBuilderCrossAccountDistributionAccess" }, { "name": "Ec2InstanceConnectEndpoint", "value": "arn:aws:iam::aws:policy/aws-service-role/Ec2InstanceConnectEndpoint" }, { "name": "ElastiCacheServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy" }, { "name": "ElasticLoadBalancingFullAccess", "value": "arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess" }, { "name": "ElasticLoadBalancingReadOnly", "value": "arn:aws:iam::aws:policy/ElasticLoadBalancingReadOnly" }, { "name": "ElementalActivationsDownloadSoftwareAccess", "value": "arn:aws:iam::aws:policy/ElementalActivationsDownloadSoftwareAccess" }, { "name": "ElementalActivationsFullAccess", "value": "arn:aws:iam::aws:policy/ElementalActivationsFullAccess" }, { "name": "ElementalActivationsGenerateLicenses", "value": "arn:aws:iam::aws:policy/ElementalActivationsGenerateLicenses" }, { "name": "ElementalActivationsReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ElementalActivationsReadOnlyAccess" }, { "name": "ElementalAppliancesSoftwareFullAccess", "value": "arn:aws:iam::aws:policy/ElementalAppliancesSoftwareFullAccess" }, { "name": "ElementalAppliancesSoftwareReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ElementalAppliancesSoftwareReadOnlyAccess" }, { "name": "ElementalSupportCenterFullAccess", "value": "arn:aws:iam::aws:policy/ElementalSupportCenterFullAccess" }, { "name": "FMSServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/FMSServiceRolePolicy" }, { "name": "FSxDeleteServiceLinkedRoleAccess", "value": "arn:aws:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess" }, { "name": "FusionDevInternalServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/FusionDevInternalServiceRolePolicy", "deprecationMessage": "This policy is deprecated and will be removed in a future release." }, { "name": "GameLiftGameServerGroupPolicy", "value": "arn:aws:iam::aws:policy/GameLiftGameServerGroupPolicy" }, { "name": "GlobalAcceleratorFullAccess", "value": "arn:aws:iam::aws:policy/GlobalAcceleratorFullAccess" }, { "name": "GlobalAcceleratorReadOnlyAccess", "value": "arn:aws:iam::aws:policy/GlobalAcceleratorReadOnlyAccess" }, { "name": "GreengrassOTAUpdateArtifactAccess", "value": "arn:aws:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess" }, { "name": "GroundTruthSyntheticConsoleFullAccess", "value": "arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleFullAccess" }, { "name": "GroundTruthSyntheticConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleReadOnlyAccess" }, { "name": "Health_OrganizationsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/Health_OrganizationsServiceRolePolicy" }, { "name": "IAMAccessAdvisorReadOnly", "value": "arn:aws:iam::aws:policy/IAMAccessAdvisorReadOnly" }, { "name": "IAMAccessAnalyzerFullAccess", "value": "arn:aws:iam::aws:policy/IAMAccessAnalyzerFullAccess" }, { "name": "IAMAccessAnalyzerReadOnlyAccess", "value": "arn:aws:iam::aws:policy/IAMAccessAnalyzerReadOnlyAccess" }, { "name": "IAMFullAccess", "value": "arn:aws:iam::aws:policy/IAMFullAccess" }, { "name": "IAMReadOnlyAccess", "value": "arn:aws:iam::aws:policy/IAMReadOnlyAccess" }, { "name": "IAMSelfManageServiceSpecificCredentials", "value": "arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials" }, { "name": "IAMUserChangePassword", "value": "arn:aws:iam::aws:policy/IAMUserChangePassword" }, { "name": "IAMUserSSHKeys", "value": "arn:aws:iam::aws:policy/IAMUserSSHKeys" }, { "name": "IVSFullAccess", "value": "arn:aws:iam::aws:policy/IVSFullAccess" }, { "name": "IVSReadOnlyAccess", "value": "arn:aws:iam::aws:policy/IVSReadOnlyAccess" }, { "name": "IVSRecordToS3", "value": "arn:aws:iam::aws:policy/aws-service-role/IVSRecordToS3" }, { "name": "KafkaConnectServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/KafkaConnectServiceRolePolicy" }, { "name": "KafkaServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy" }, { "name": "KeyspacesReplicationServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/KeyspacesReplicationServiceRolePolicy" }, { "name": "LakeFormationDataAccessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/LakeFormationDataAccessServiceRolePolicy" }, { "name": "LexBotPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/LexBotPolicy" }, { "name": "LexChannelPolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy" }, { "name": "LightsailExportAccess", "value": "arn:aws:iam::aws:policy/aws-service-role/LightsailExportAccess" }, { "name": "MediaConnectGatewayInstanceRolePolicy", "value": "arn:aws:iam::aws:policy/MediaConnectGatewayInstanceRolePolicy" }, { "name": "MediaPackageServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MediaPackageServiceRolePolicy" }, { "name": "MemoryDBServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MemoryDBServiceRolePolicy" }, { "name": "MigrationHubDMSAccessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubDMSAccessServiceRolePolicy" }, { "name": "MigrationHubSMSAccessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubSMSAccessServiceRolePolicy" }, { "name": "MigrationHubServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubServiceRolePolicy" }, { "name": "MonitronServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/MonitronServiceRolePolicy" }, { "name": "NeptuneConsoleFullAccess", "value": "arn:aws:iam::aws:policy/NeptuneConsoleFullAccess" }, { "name": "NeptuneFullAccess", "value": "arn:aws:iam::aws:policy/NeptuneFullAccess" }, { "name": "NeptuneGraphReadOnlyAccess", "value": "arn:aws:iam::aws:policy/NeptuneGraphReadOnlyAccess" }, { "name": "NeptuneReadOnlyAccess", "value": "arn:aws:iam::aws:policy/NeptuneReadOnlyAccess" }, { "name": "NetworkAdministrator", "value": "arn:aws:iam::aws:policy/job-function/NetworkAdministrator" }, { "name": "OAMFullAccess", "value": "arn:aws:iam::aws:policy/OAMFullAccess" }, { "name": "OAMReadOnlyAccess", "value": "arn:aws:iam::aws:policy/OAMReadOnlyAccess" }, { "name": "PartnerCentralAccountManagementUserRoleAssociation", "value": "arn:aws:iam::aws:policy/PartnerCentralAccountManagementUserRoleAssociation" }, { "name": "PowerUserAccess", "value": "arn:aws:iam::aws:policy/PowerUserAccess" }, { "name": "QuickSightAccessForS3StorageManagementAnalyticsReadOnly", "value": "arn:aws:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly" }, { "name": "RDSCloudHsmAuthorizationRole", "value": "arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole" }, { "name": "ROSAAmazonEBSCSIDriverOperatorPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAAmazonEBSCSIDriverOperatorPolicy" }, { "name": "ROSACloudNetworkConfigOperatorPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSACloudNetworkConfigOperatorPolicy" }, { "name": "ROSAControlPlaneOperatorPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAControlPlaneOperatorPolicy" }, { "name": "ROSAImageRegistryOperatorPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAImageRegistryOperatorPolicy" }, { "name": "ROSAIngressOperatorPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAIngressOperatorPolicy" }, { "name": "ROSAInstallerPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAInstallerPolicy" }, { "name": "ROSAKMSProviderPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAKMSProviderPolicy" }, { "name": "ROSAKubeControllerPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAKubeControllerPolicy" }, { "name": "ROSAManageSubscription", "value": "arn:aws:iam::aws:policy/ROSAManageSubscription" }, { "name": "ROSANodePoolManagementPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSANodePoolManagementPolicy" }, { "name": "ROSASRESupportPolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSASRESupportPolicy" }, { "name": "ROSAWorkerInstancePolicy", "value": "arn:aws:iam::aws:policy/service-role/ROSAWorkerInstancePolicy" }, { "name": "ReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ReadOnlyAccess" }, { "name": "ResourceGroupsServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ResourceGroupsServiceRolePolicy" }, { "name": "ResourceGroupsandTagEditorFullAccess", "value": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess" }, { "name": "ResourceGroupsandTagEditorReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess" }, { "name": "Route53RecoveryReadinessServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/Route53RecoveryReadinessServiceRolePolicy" }, { "name": "Route53ResolverServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/Route53ResolverServiceRolePolicy" }, { "name": "S3StorageLensServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/S3StorageLensServiceRolePolicy" }, { "name": "SecretsManagerReadWrite", "value": "arn:aws:iam::aws:policy/SecretsManagerReadWrite" }, { "name": "SecurityAudit", "value": "arn:aws:iam::aws:policy/SecurityAudit" }, { "name": "SecurityLakeServiceLinkedRole", "value": "arn:aws:iam::aws:policy/aws-service-role/SecurityLakeServiceLinkedRole" }, { "name": "ServerMigrationConnector", "value": "arn:aws:iam::aws:policy/ServerMigrationConnector" }, { "name": "ServerMigrationServiceRole", "value": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AWSServerMigration_ServiceRole instead." }, { "name": "ServiceCatalogAdminFullAccess", "value": "arn:aws:iam::aws:policy/ServiceCatalogAdminFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminFullAccess instead." }, { "name": "ServiceCatalogAdminReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminReadOnlyAccess instead." }, { "name": "ServiceCatalogEndUserAccess", "value": "arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserReadOnlyAccess instead." }, { "name": "ServiceCatalogEndUserFullAccess", "value": "arn:aws:iam::aws:policy/ServiceCatalogEndUserFullAccess", "deprecationMessage": "This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserFullAccess instead." }, { "name": "ServerMigrationServiceConsoleFullAccess", "value": "arn:aws:iam::aws:policy/ServerMigrationServiceConsoleFullAccess" }, { "name": "ServerMigrationServiceLaunchRole", "value": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole" }, { "name": "ServerMigrationServiceRoleForInstanceValidation", "value": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRoleForInstanceValidation" }, { "name": "AWSServerMigration_ServiceRole", "value": "arn:aws:iam::aws:policy/service-role/ServerMigration_ServiceRole" }, { "name": "ServiceQuotasFullAccess", "value": "arn:aws:iam::aws:policy/ServiceQuotasFullAccess" }, { "name": "ServiceQuotasReadOnlyAccess", "value": "arn:aws:iam::aws:policy/ServiceQuotasReadOnlyAccess" }, { "name": "ServiceQuotasServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/ServiceQuotasServiceRolePolicy" }, { "name": "SimpleWorkflowFullAccess", "value": "arn:aws:iam::aws:policy/SimpleWorkflowFullAccess" }, { "name": "SupportUser", "value": "arn:aws:iam::aws:policy/job-function/SupportUser" }, { "name": "SystemAdministrator", "value": "arn:aws:iam::aws:policy/job-function/SystemAdministrator" }, { "name": "TranslateFullAccess", "value": "arn:aws:iam::aws:policy/TranslateFullAccess" }, { "name": "TranslateReadOnly", "value": "arn:aws:iam::aws:policy/TranslateReadOnly" }, { "name": "VMImportExportRoleForAWSConnector", "value": "arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector" }, { "name": "VPCLatticeFullAccess", "value": "arn:aws:iam::aws:policy/VPCLatticeFullAccess" }, { "name": "VPCLatticeReadOnlyAccess", "value": "arn:aws:iam::aws:policy/VPCLatticeReadOnlyAccess" }, { "name": "VPCLatticeServicesInvokeAccess", "value": "arn:aws:iam::aws:policy/VPCLatticeServicesInvokeAccess" }, { "name": "ViewOnlyAccess", "value": "arn:aws:iam::aws:policy/job-function/ViewOnlyAccess" }, { "name": "WAFLoggingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy" }, { "name": "WAFRegionalLoggingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy" }, { "name": "WAFV2LoggingServiceRolePolicy", "value": "arn:aws:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy" }, { "name": "WellArchitectedConsoleFullAccess", "value": "arn:aws:iam::aws:policy/WellArchitectedConsoleFullAccess" }, { "name": "WellArchitectedConsoleReadOnlyAccess", "value": "arn:aws:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess" }, { "name": "WorkLinkServiceRolePolicy", "value": "arn:aws:iam::aws:policy/WorkLinkServiceRolePolicy" } ] }, "aws:iam/RoleInlinePolicy:RoleInlinePolicy": { "properties": { "name": { "type": "string", "description": "Name of the role policy.\n" }, "policy": { "type": "string", "description": "Policy document as a JSON formatted string.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name" ] } } }, "aws:iam/getAccessKeysAccessKey:getAccessKeysAccessKey": { "properties": { "accessKeyId": { "type": "string", "description": "Access key ID.\n" }, "createDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.\n" }, "status": { "type": "string", "description": "Access key status. Possible values are `Active` and `Inactive`.\n" } }, "type": "object", "required": [ "accessKeyId", "createDate", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/getGroupUser:getGroupUser": { "properties": { "arn": { "type": "string", "description": "User ARN.\n" }, "path": { "type": "string", "description": "Path to the IAM user.\n" }, "userId": { "type": "string", "description": "Stable and unique string identifying the IAM user.\n" }, "userName": { "type": "string", "description": "Name of the IAM user.\n" } }, "type": "object", "required": [ "arn", "path", "userId", "userName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of actions that this statement either allows or denies. For example, `[\"ec2:RunInstances\", \"s3:*\"]`.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementCondition:getPolicyDocumentStatementCondition" }, "description": "Configuration block for a condition. Detailed below.\n" }, "effect": { "type": "string", "description": "Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.\n" }, "notActions": { "type": "array", "items": { "type": "string" }, "description": "List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.\n" }, "notPrincipals": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementNotPrincipal:getPolicyDocumentStatementNotPrincipal" }, "description": "Like `principals` except these are principals that the statement does *not* apply to.\n" }, "notResources": { "type": "array", "items": { "type": "string" }, "description": "List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.\n" }, "principals": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatementPrincipal:getPolicyDocumentStatementPrincipal" }, "description": "Configuration block for principals. Detailed below.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `not_resources`.\n" }, "sid": { "type": "string", "description": "Sid (statement ID) is an identifier for a policy statement.\n" } }, "type": "object" }, "aws:iam/getPolicyDocumentStatementCondition:getPolicyDocumentStatementCondition": { "properties": { "test": { "type": "string", "description": "Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an \"OR\" boolean operation.\n" }, "variable": { "type": "string", "description": "Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.\n" } }, "type": "object", "required": [ "test", "values", "variable" ] }, "aws:iam/getPolicyDocumentStatementNotPrincipal:getPolicyDocumentStatementNotPrincipal": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" }, "description": "List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.\n" }, "type": { "type": "string", "description": "Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.\n" } }, "type": "object", "required": [ "identifiers", "type" ] }, "aws:iam/getPolicyDocumentStatementPrincipal:getPolicyDocumentStatementPrincipal": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" }, "description": "List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.\n" }, "type": { "type": "string", "description": "Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.\n" } }, "type": "object", "required": [ "identifiers", "type" ] }, "aws:iam/getPrincipalPolicySimulationContext:getPrincipalPolicySimulationContext": { "properties": { "key": { "type": "string", "description": "The context _condition key_ to set.\n\nIf you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service.\n" }, "type": { "type": "string", "description": "An IAM value type that determines how the policy simulator will interpret the strings given in `values`.\n\nFor more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "A set of one or more values for this context entry.\n" } }, "type": "object", "required": [ "key", "type", "values" ] }, "aws:iam/getPrincipalPolicySimulationResult:getPrincipalPolicySimulationResult": { "properties": { "actionName": { "type": "string", "description": "The name of the single IAM action used for this particular request.\n" }, "allowed": { "type": "boolean", "description": "`true` if `decision` is \"allowed\", and `false` otherwise.\n" }, "decision": { "type": "string", "description": "The raw decision determined from all of the policies in scope; either \"allowed\", \"explicitDeny\", or \"implicitDeny\".\n" }, "decisionDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arbitrary metadata entries returned by the policy simulator for this request.\n" }, "matchedStatements": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPrincipalPolicySimulationResultMatchedStatement:getPrincipalPolicySimulationResultMatchedStatement" }, "description": "A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `source_policy_id` and `source_policy_type` to identify one of the policies.\n" }, "missingContextKeys": { "type": "array", "items": { "type": "string" }, "description": "A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource.\n" } }, "type": "object", "required": [ "actionName", "allowed", "decision", "decisionDetails", "matchedStatements", "missingContextKeys", "resourceArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/getPrincipalPolicySimulationResultMatchedStatement:getPrincipalPolicySimulationResultMatchedStatement": { "properties": { "sourcePolicyId": { "type": "string", "description": "Identifier of one of the policies used as input to the simulation.\n" }, "sourcePolicyType": { "type": "string", "description": "The type of the policy identified in source_policy_id.\n" } }, "type": "object", "required": [ "sourcePolicyId", "sourcePolicyType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:iam/getRoleRoleLastUsed:getRoleRoleLastUsed": { "properties": { "lastUsedDate": { "type": "string", "description": "The date and time, in RFC 3339 format, that the role was last used.\n" }, "region": { "type": "string", "description": "The name of the AWS Region in which the role was last used.\n" } }, "type": "object", "required": [ "lastUsedDate", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/GroupExternalId:GroupExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "issuer" ] } } }, "aws:identitystore/UserAddresses:UserAddresses": { "properties": { "country": { "type": "string", "description": "The country that this address is in.\n" }, "formatted": { "type": "string", "description": "The name that is typically displayed when the address is shown for display.\n" }, "locality": { "type": "string", "description": "The address locality.\n" }, "postalCode": { "type": "string", "description": "The postal code of the address.\n" }, "primary": { "type": "boolean", "description": "When `true`, this is the primary address associated with the user.\n" }, "region": { "type": "string", "description": "The region of the address.\n" }, "streetAddress": { "type": "string", "description": "The street of the address.\n" }, "type": { "type": "string", "description": "The type of address.\n" } }, "type": "object" }, "aws:identitystore/UserEmails:UserEmails": { "properties": { "primary": { "type": "boolean", "description": "When `true`, this is the primary email associated with the user.\n" }, "type": { "type": "string", "description": "The type of email.\n" }, "value": { "type": "string", "description": "The email address. This value must be unique across the identity store.\n" } }, "type": "object" }, "aws:identitystore/UserExternalId:UserExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "issuer" ] } } }, "aws:identitystore/UserName:UserName": { "properties": { "familyName": { "type": "string", "description": "The family name of the user.\n" }, "formatted": { "type": "string", "description": "The name that is typically displayed when the name is shown for display.\n" }, "givenName": { "type": "string", "description": "The given name of the user.\n\nThe following arguments are optional:\n" }, "honorificPrefix": { "type": "string", "description": "The honorific prefix of the user.\n" }, "honorificSuffix": { "type": "string", "description": "The honorific suffix of the user.\n" }, "middleName": { "type": "string", "description": "The middle name of the user.\n" } }, "type": "object", "required": [ "familyName", "givenName" ] }, "aws:identitystore/UserPhoneNumbers:UserPhoneNumbers": { "properties": { "primary": { "type": "boolean", "description": "When `true`, this is the primary phone number associated with the user.\n" }, "type": { "type": "string", "description": "The type of phone number.\n" }, "value": { "type": "string", "description": "The user's phone number.\n" } }, "type": "object" }, "aws:identitystore/getGroupAlternateIdentifier:getGroupAlternateIdentifier": { "properties": { "externalId": { "$ref": "#/types/aws:identitystore/getGroupAlternateIdentifierExternalId:getGroupAlternateIdentifierExternalId", "description": "Configuration block for filtering by the identifier issued by an external identity provider. Detailed below.\n" }, "uniqueAttribute": { "$ref": "#/types/aws:identitystore/getGroupAlternateIdentifierUniqueAttribute:getGroupAlternateIdentifierUniqueAttribute", "description": "An entity attribute that's unique to a specific entity. Detailed below.\n\n\u003e Exactly one of the above arguments must be provided.\n" } }, "type": "object" }, "aws:identitystore/getGroupAlternateIdentifierExternalId:getGroupAlternateIdentifierExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "required": [ "id", "issuer" ] }, "aws:identitystore/getGroupAlternateIdentifierUniqueAttribute:getGroupAlternateIdentifierUniqueAttribute": { "properties": { "attributePath": { "type": "string", "description": "Attribute path that is used to specify which attribute name to search. For example: `DisplayName`. Refer to the [Group data type](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html).\n" }, "attributeValue": { "type": "string", "description": "Value for an attribute.\n" } }, "type": "object", "required": [ "attributePath", "attributeValue" ] }, "aws:identitystore/getGroupExternalId:getGroupExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "required": [ "id", "issuer" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getGroupFilter:getGroupFilter": { "properties": { "attributePath": { "type": "string", "description": "Attribute path that is used to specify which attribute name to search. Currently, `DisplayName` is the only valid attribute path.\n" }, "attributeValue": { "type": "string", "description": "Value for an attribute.\n" } }, "type": "object", "required": [ "attributePath", "attributeValue" ] }, "aws:identitystore/getGroupsGroup:getGroupsGroup": { "properties": { "description": { "type": "string", "description": "Description of the specified group.\n" }, "displayName": { "type": "string", "description": "Group's display name.\n" }, "externalIds": { "type": "array", "items": { "$ref": "#/types/aws:identitystore/getGroupsGroupExternalId:getGroupsGroupExternalId" }, "description": "List of identifiers issued to this resource by an external identity provider.\n" }, "groupId": { "type": "string", "description": "Identifier of the group in the Identity Store.\n" }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On (SSO) Instance.\n" } }, "type": "object", "required": [ "description", "displayName", "externalIds", "groupId", "identityStoreId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getGroupsGroupExternalId:getGroupsGroupExternalId": { "properties": { "id": { "type": "string", "description": "Identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "Issuer for an external identifier.\n" } }, "type": "object", "required": [ "id", "issuer" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getUserAddress:getUserAddress": { "properties": { "country": { "type": "string", "description": "The country that this address is in.\n" }, "formatted": { "type": "string", "description": "The name that is typically displayed when the name is shown for display.\n" }, "locality": { "type": "string", "description": "The address locality.\n" }, "postalCode": { "type": "string", "description": "The postal code of the address.\n" }, "primary": { "type": "boolean", "description": "When `true`, this is the primary phone number associated with the user.\n" }, "region": { "type": "string", "description": "The region of the address.\n" }, "streetAddress": { "type": "string", "description": "The street of the address.\n" }, "type": { "type": "string", "description": "The type of phone number.\n" } }, "type": "object", "required": [ "country", "formatted", "locality", "postalCode", "primary", "region", "streetAddress", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getUserAlternateIdentifier:getUserAlternateIdentifier": { "properties": { "externalId": { "$ref": "#/types/aws:identitystore/getUserAlternateIdentifierExternalId:getUserAlternateIdentifierExternalId", "description": "Configuration block for filtering by the identifier issued by an external identity provider. Detailed below.\n" }, "uniqueAttribute": { "$ref": "#/types/aws:identitystore/getUserAlternateIdentifierUniqueAttribute:getUserAlternateIdentifierUniqueAttribute", "description": "An entity attribute that's unique to a specific entity. Detailed below.\n\n\u003e Exactly one of the above arguments must be provided.\n" } }, "type": "object" }, "aws:identitystore/getUserAlternateIdentifierExternalId:getUserAlternateIdentifierExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "required": [ "id", "issuer" ] }, "aws:identitystore/getUserAlternateIdentifierUniqueAttribute:getUserAlternateIdentifierUniqueAttribute": { "properties": { "attributePath": { "type": "string", "description": "Attribute path that is used to specify which attribute name to search. For example: `UserName`. Refer to the [User data type](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html).\n" }, "attributeValue": { "type": "string", "description": "Value for an attribute.\n" } }, "type": "object", "required": [ "attributePath", "attributeValue" ] }, "aws:identitystore/getUserEmail:getUserEmail": { "properties": { "primary": { "type": "boolean", "description": "When `true`, this is the primary phone number associated with the user.\n" }, "type": { "type": "string", "description": "The type of phone number.\n" }, "value": { "type": "string", "description": "The user's phone number.\n" } }, "type": "object", "required": [ "primary", "type", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getUserExternalId:getUserExternalId": { "properties": { "id": { "type": "string", "description": "The identifier issued to this resource by an external identity provider.\n" }, "issuer": { "type": "string", "description": "The issuer for an external identifier.\n" } }, "type": "object", "required": [ "id", "issuer" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getUserFilter:getUserFilter": { "properties": { "attributePath": { "type": "string", "description": "Attribute path that is used to specify which attribute name to search. Currently, `UserName` is the only valid attribute path.\n" }, "attributeValue": { "type": "string", "description": "Value for an attribute.\n" } }, "type": "object", "required": [ "attributePath", "attributeValue" ] }, "aws:identitystore/getUserName:getUserName": { "properties": { "familyName": { "type": "string", "description": "The family name of the user.\n" }, "formatted": { "type": "string", "description": "The name that is typically displayed when the name is shown for display.\n" }, "givenName": { "type": "string", "description": "The given name of the user.\n" }, "honorificPrefix": { "type": "string", "description": "The honorific prefix of the user.\n" }, "honorificSuffix": { "type": "string", "description": "The honorific suffix of the user.\n" }, "middleName": { "type": "string", "description": "The middle name of the user.\n" } }, "type": "object", "required": [ "familyName", "formatted", "givenName", "honorificPrefix", "honorificSuffix", "middleName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:identitystore/getUserPhoneNumber:getUserPhoneNumber": { "properties": { "primary": { "type": "boolean", "description": "When `true`, this is the primary phone number associated with the user.\n" }, "type": { "type": "string", "description": "The type of phone number.\n" }, "value": { "type": "string", "description": "The user's phone number.\n" } }, "type": "object", "required": [ "primary", "type", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/ContainerRecipeComponent:ContainerRecipeComponent": { "properties": { "componentArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Component to associate.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeComponentParameter:ContainerRecipeComponentParameter" }, "description": "Configuration block(s) for parameters to configure the component. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "componentArn" ] }, "aws:imagebuilder/ContainerRecipeComponentParameter:ContainerRecipeComponentParameter": { "properties": { "name": { "type": "string", "description": "The name of the component parameter.\n" }, "value": { "type": "string", "description": "The value for the named component parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:imagebuilder/ContainerRecipeInstanceConfiguration:ContainerRecipeInstanceConfiguration": { "properties": { "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeInstanceConfigurationBlockDeviceMapping:ContainerRecipeInstanceConfigurationBlockDeviceMapping" }, "description": "Configuration block(s) with block device mappings for the container recipe. Detailed below.\n", "willReplaceOnChanges": true }, "image": { "type": "string", "description": "The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ContainerRecipeInstanceConfigurationBlockDeviceMapping:ContainerRecipeInstanceConfigurationBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "Name of the device. For example, `/dev/sda` or `/dev/xvdb`.\n", "willReplaceOnChanges": true }, "ebs": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeInstanceConfigurationBlockDeviceMappingEbs:ContainerRecipeInstanceConfigurationBlockDeviceMappingEbs", "description": "Configuration block with Elastic Block Storage (EBS) block device mapping settings. Detailed below.\n", "willReplaceOnChanges": true }, "noDevice": { "type": "boolean", "description": "Set to `true` to remove a mapping from the parent image.\n", "willReplaceOnChanges": true }, "virtualName": { "type": "string", "description": "Virtual device name. For example, `ephemeral0`. Instance store volumes are numbered starting from 0.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ContainerRecipeInstanceConfigurationBlockDeviceMappingEbs:ContainerRecipeInstanceConfigurationBlockDeviceMappingEbs": { "properties": { "deleteOnTermination": { "type": "string", "description": "Whether to delete the volume on termination. Defaults to unset, which is the value inherited from the parent image.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "string", "description": "Whether to encrypt the volume. Defaults to unset, which is the value inherited from the parent image.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Number of Input/Output (I/O) operations per second to provision for an `io1` or `io2` volume.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key for encryption.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "Identifier of the EC2 Volume Snapshot.\n", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "description": "For GP3 volumes only. The throughput in MiB/s that the volume supports.\n", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "Type of the volume. For example, `gp2` or `io2`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ContainerRecipeTargetRepository:ContainerRecipeTargetRepository": { "properties": { "repositoryName": { "type": "string", "description": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location.\n" }, "service": { "type": "string", "description": "The service in which this image is registered. Valid values: `ECR`.\n" } }, "type": "object", "required": [ "repositoryName", "service" ] }, "aws:imagebuilder/DistributionConfigurationDistribution:DistributionConfigurationDistribution": { "properties": { "amiDistributionConfiguration": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionAmiDistributionConfiguration:DistributionConfigurationDistributionAmiDistributionConfiguration", "description": "Configuration block with Amazon Machine Image (AMI) distribution settings. Detailed below.\n" }, "containerDistributionConfiguration": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionContainerDistributionConfiguration:DistributionConfigurationDistributionContainerDistributionConfiguration", "description": "Configuration block with container distribution settings. Detailed below.\n" }, "fastLaunchConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfiguration:DistributionConfigurationDistributionFastLaunchConfiguration" }, "description": "Set of Windows faster-launching configurations to use for AMI distribution. Detailed below.\n" }, "launchTemplateConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionLaunchTemplateConfiguration:DistributionConfigurationDistributionLaunchTemplateConfiguration" }, "description": "Set of launch template configuration settings that apply to image distribution. Detailed below.\n" }, "licenseConfigurationArns": { "type": "array", "items": { "type": "string" }, "description": "Set of Amazon Resource Names (ARNs) of License Manager License Configurations.\n" }, "region": { "type": "string", "description": "AWS Region for the distribution.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "region" ] }, "aws:imagebuilder/DistributionConfigurationDistributionAmiDistributionConfiguration:DistributionConfigurationDistributionAmiDistributionConfiguration": { "properties": { "amiTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to apply to the distributed AMI.\n" }, "description": { "type": "string", "description": "Description to apply to the distributed AMI.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key to encrypt the distributed AMI.\n" }, "launchPermission": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission:DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission", "description": "Configuration block of EC2 launch permissions to apply to the distributed AMI. Detailed below.\n" }, "name": { "type": "string", "description": "Name to apply to the distributed AMI.\n" }, "targetAccountIds": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Account identifiers to distribute the AMI.\n" } }, "type": "object" }, "aws:imagebuilder/DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission:DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission": { "properties": { "organizationArns": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Organization ARNs to assign.\n" }, "organizationalUnitArns": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Organizational Unit ARNs to assign.\n" }, "userGroups": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 launch permission user groups to assign. Use `all` to distribute a public AMI.\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Account identifiers to assign.\n" } }, "type": "object" }, "aws:imagebuilder/DistributionConfigurationDistributionContainerDistributionConfiguration:DistributionConfigurationDistributionContainerDistributionConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" }, "description": "Set of tags that are attached to the container distribution configuration.\n" }, "description": { "type": "string", "description": "Description of the container distribution configuration.\n" }, "targetRepository": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository:DistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository", "description": "Configuration block with the destination repository for the container distribution configuration.\n" } }, "type": "object", "required": [ "targetRepository" ] }, "aws:imagebuilder/DistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository:DistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository": { "properties": { "repositoryName": { "type": "string", "description": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location.\n" }, "service": { "type": "string", "description": "The service in which this image is registered. Valid values: `ECR`.\n" } }, "type": "object", "required": [ "repositoryName", "service" ] }, "aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfiguration:DistributionConfigurationDistributionFastLaunchConfiguration": { "properties": { "accountId": { "type": "string", "description": "The owner account ID for the fast-launch enabled Windows AMI.\n" }, "enabled": { "type": "boolean", "description": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.\n" }, "launchTemplate": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate:DistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate", "description": "Configuration block for the launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots. Detailed below.\n" }, "maxParallelLaunches": { "type": "integer", "description": "The maximum number of parallel instances that are launched for creating resources.\n" }, "snapshotConfiguration": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration:DistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration", "description": "Configuration block for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled. Detailed below.\n" } }, "type": "object", "required": [ "accountId", "enabled" ] }, "aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate:DistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate": { "properties": { "launchTemplateId": { "type": "string", "description": "The ID of the launch template to use for faster launching for a Windows AMI.\n" }, "launchTemplateName": { "type": "string", "description": "The name of the launch template to use for faster launching for a Windows AMI.\n" }, "launchTemplateVersion": { "type": "string", "description": "The version of the launch template to use for faster launching for a Windows AMI.\n" } }, "type": "object" }, "aws:imagebuilder/DistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration:DistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration": { "properties": { "targetResourceCount": { "type": "integer", "description": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.\n" } }, "type": "object" }, "aws:imagebuilder/DistributionConfigurationDistributionLaunchTemplateConfiguration:DistributionConfigurationDistributionLaunchTemplateConfiguration": { "properties": { "accountId": { "type": "string", "description": "The account ID that this configuration applies to.\n" }, "default": { "type": "boolean", "description": "Indicates whether to set the specified Amazon EC2 launch template as the default launch template. Defaults to `true`.\n" }, "launchTemplateId": { "type": "string", "description": "The ID of the Amazon EC2 launch template to use.\n" } }, "type": "object", "required": [ "launchTemplateId" ] }, "aws:imagebuilder/ImageImageScanningConfiguration:ImageImageScanningConfiguration": { "properties": { "ecrConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageScanningConfigurationEcrConfiguration:ImageImageScanningConfigurationEcrConfiguration", "description": "Configuration block with ECR configuration. Detailed below.\n" }, "imageScanningEnabled": { "type": "boolean", "description": "Indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image. Defaults to `false`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ecrConfiguration" ] } } }, "aws:imagebuilder/ImageImageScanningConfigurationEcrConfiguration:ImageImageScanningConfigurationEcrConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" }, "description": "Set of tags for Image Builder to apply to the output container image that that Amazon Inspector scans.\n" }, "repositoryName": { "type": "string", "description": "The name of the container repository that Amazon Inspector scans to identify findings for your container images.\n" } }, "type": "object" }, "aws:imagebuilder/ImageImageTestsConfiguration:ImageImageTestsConfiguration": { "properties": { "imageTestsEnabled": { "type": "boolean", "description": "Whether image tests are enabled. Defaults to `true`.\n", "willReplaceOnChanges": true }, "timeoutMinutes": { "type": "integer", "description": "Number of minutes before image tests time out. Valid values are between `60` and `1440`. Defaults to `720`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ImageOutputResource:ImageOutputResource": { "properties": { "amis": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageOutputResourceAmi:ImageOutputResourceAmi" }, "description": "Set of objects with each Amazon Machine Image (AMI) created.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageOutputResourceContainer:ImageOutputResourceContainer" }, "description": "Set of objects with each container image created and stored in the output repository.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "amis", "containers" ] } } }, "aws:imagebuilder/ImageOutputResourceAmi:ImageOutputResourceAmi": { "properties": { "accountId": { "type": "string", "description": "Account identifier of the AMI.\n" }, "description": { "type": "string", "description": "Description of the AMI.\n" }, "image": { "type": "string", "description": "Identifier of the AMI.\n" }, "name": { "type": "string", "description": "Name of the AMI.\n" }, "region": { "type": "string", "description": "Region of the container image.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "accountId", "description", "image", "name", "region" ] } } }, "aws:imagebuilder/ImageOutputResourceContainer:ImageOutputResourceContainer": { "properties": { "imageUris": { "type": "array", "items": { "type": "string" }, "description": "Set of URIs for created containers.\n" }, "region": { "type": "string", "description": "Region of the container image.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "imageUris", "region" ] } } }, "aws:imagebuilder/ImagePipelineImageScanningConfiguration:ImagePipelineImageScanningConfiguration": { "properties": { "ecrConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageScanningConfigurationEcrConfiguration:ImagePipelineImageScanningConfigurationEcrConfiguration", "description": "Configuration block with ECR configuration for image scanning. Detailed below.\n" }, "imageScanningEnabled": { "type": "boolean", "description": "Whether image scans are enabled. Defaults to `false`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ecrConfiguration" ] } } }, "aws:imagebuilder/ImagePipelineImageScanningConfigurationEcrConfiguration:ImagePipelineImageScanningConfigurationEcrConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" } }, "repositoryName": { "type": "string", "description": "The name of the repository to scan\n" } }, "type": "object" }, "aws:imagebuilder/ImagePipelineImageTestsConfiguration:ImagePipelineImageTestsConfiguration": { "properties": { "imageTestsEnabled": { "type": "boolean", "description": "Whether image tests are enabled. Defaults to `true`.\n" }, "timeoutMinutes": { "type": "integer", "description": "Number of minutes before image tests time out. Valid values are between `60` and `1440`. Defaults to `720`.\n" } }, "type": "object" }, "aws:imagebuilder/ImagePipelineSchedule:ImagePipelineSchedule": { "properties": { "pipelineExecutionStartCondition": { "type": "string", "description": "Condition when the pipeline should trigger a new image build. Valid values are `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` and `EXPRESSION_MATCH_ONLY`. Defaults to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE`.\n" }, "scheduleExpression": { "type": "string", "description": "Cron expression of how often the pipeline start condition is evaluated. For example, `cron(0 0 * * ? *)` is evaluated every day at midnight UTC. Configurations using the five field syntax that was previously accepted by the API, such as `cron(0 0 * * *)`, must be updated to the six field syntax. For more information, see the [Image Builder User Guide](https://docs.aws.amazon.com/imagebuilder/latest/userguide/cron-expressions.html).\n\nThe following arguments are optional:\n" }, "timezone": { "type": "string", "description": "The timezone that applies to the scheduling expression. For example, \"Etc/UTC\", \"America/Los_Angeles\" in the [IANA timezone format](https://www.joda.org/joda-time/timezones.html). If not specified this defaults to UTC.\n" } }, "type": "object", "required": [ "scheduleExpression" ], "language": { "nodejs": { "requiredOutputs": [ "scheduleExpression", "timezone" ] } } }, "aws:imagebuilder/ImagePipelineWorkflow:ImagePipelineWorkflow": { "properties": { "onFailure": { "type": "string", "description": "The action to take if the workflow fails. Must be one of `CONTINUE` or `ABORT`.\n" }, "parallelGroup": { "type": "string", "description": "The parallel group in which to run a test Workflow.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImagePipelineWorkflowParameter:ImagePipelineWorkflowParameter" }, "description": "Configuration block for the workflow parameters. Detailed below.\n" }, "workflowArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Workflow.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "workflowArn" ] }, "aws:imagebuilder/ImagePipelineWorkflowParameter:ImagePipelineWorkflowParameter": { "properties": { "name": { "type": "string", "description": "The name of the Workflow parameter.\n" }, "value": { "type": "string", "description": "The value of the Workflow parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:imagebuilder/ImageRecipeBlockDeviceMapping:ImageRecipeBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "Name of the device. For example, `/dev/sda` or `/dev/xvdb`.\n", "willReplaceOnChanges": true }, "ebs": { "$ref": "#/types/aws:imagebuilder/ImageRecipeBlockDeviceMappingEbs:ImageRecipeBlockDeviceMappingEbs", "description": "Configuration block with Elastic Block Storage (EBS) block device mapping settings. Detailed below.\n", "willReplaceOnChanges": true }, "noDevice": { "type": "boolean", "description": "Set to `true` to remove a mapping from the parent image.\n", "willReplaceOnChanges": true }, "virtualName": { "type": "string", "description": "Virtual device name. For example, `ephemeral0`. Instance store volumes are numbered starting from 0.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ImageRecipeBlockDeviceMappingEbs:ImageRecipeBlockDeviceMappingEbs": { "properties": { "deleteOnTermination": { "type": "string", "description": "Whether to delete the volume on termination. Defaults to unset, which is the value inherited from the parent image.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "string", "description": "Whether to encrypt the volume. Defaults to unset, which is the value inherited from the parent image.\n", "willReplaceOnChanges": true }, "iops": { "type": "integer", "description": "Number of Input/Output (I/O) operations per second to provision for an `io1` or `io2` volume.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key for encryption.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "Identifier of the EC2 Volume Snapshot.\n", "willReplaceOnChanges": true }, "throughput": { "type": "integer", "description": "For GP3 volumes only. The throughput in MiB/s that the volume supports.\n", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "Type of the volume. For example, `gp2` or `io2`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:imagebuilder/ImageRecipeComponent:ImageRecipeComponent": { "properties": { "componentArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Component to associate.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeComponentParameter:ImageRecipeComponentParameter" }, "description": "Configuration block(s) for parameters to configure the component. Detailed below.\n" } }, "type": "object", "required": [ "componentArn" ] }, "aws:imagebuilder/ImageRecipeComponentParameter:ImageRecipeComponentParameter": { "properties": { "name": { "type": "string", "description": "The name of the component parameter.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value for the named component parameter.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "value" ] }, "aws:imagebuilder/ImageRecipeSystemsManagerAgent:ImageRecipeSystemsManagerAgent": { "properties": { "uninstallAfterBuild": { "type": "boolean", "description": "Whether to remove the Systems Manager Agent after the image has been built. Defaults to `false`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "uninstallAfterBuild" ] }, "aws:imagebuilder/ImageWorkflow:ImageWorkflow": { "properties": { "onFailure": { "type": "string", "description": "The action to take if the workflow fails. Must be one of `CONTINUE` or `ABORT`.\n", "willReplaceOnChanges": true }, "parallelGroup": { "type": "string", "description": "The parallel group in which to run a test Workflow.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageWorkflowParameter:ImageWorkflowParameter" }, "description": "Configuration block for the workflow parameters. Detailed below.\n", "willReplaceOnChanges": true }, "workflowArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Workflow.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "workflowArn" ] }, "aws:imagebuilder/ImageWorkflowParameter:ImageWorkflowParameter": { "properties": { "name": { "type": "string", "description": "The name of the Workflow parameter.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value of the Workflow parameter.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "value" ] }, "aws:imagebuilder/InfrastructureConfigurationInstanceMetadataOptions:InfrastructureConfigurationInstanceMetadataOptions": { "properties": { "httpPutResponseHopLimit": { "type": "integer", "description": "The number of hops that an instance can traverse to reach its destonation.\n" }, "httpTokens": { "type": "string", "description": "Whether a signed token is required for instance metadata retrieval requests. Valid values: `required`, `optional`.\n" } }, "type": "object" }, "aws:imagebuilder/InfrastructureConfigurationLogging:InfrastructureConfigurationLogging": { "properties": { "s3Logs": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationLoggingS3Logs:InfrastructureConfigurationLoggingS3Logs", "description": "Configuration block with S3 logging settings. Detailed below.\n" } }, "type": "object", "required": [ "s3Logs" ] }, "aws:imagebuilder/InfrastructureConfigurationLoggingS3Logs:InfrastructureConfigurationLoggingS3Logs": { "properties": { "s3BucketName": { "type": "string", "description": "Name of the S3 Bucket.\n\nThe following arguments are optional:\n" }, "s3KeyPrefix": { "type": "string", "description": "Prefix to use for S3 logs. Defaults to `/`.\n" } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:imagebuilder/getComponentsFilter:getComponentsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListComponents API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponents.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:imagebuilder/getContainerRecipeComponent:getContainerRecipeComponent": { "properties": { "componentArn": { "type": "string", "description": "ARN of the Image Builder Component.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeComponentParameter:getContainerRecipeComponentParameter" }, "description": "Set of parameters that are used to configure the component.\n" } }, "type": "object", "required": [ "componentArn", "parameters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipeComponentParameter:getContainerRecipeComponentParameter": { "properties": { "name": { "type": "string", "description": "Name of the container recipe.\n" }, "value": { "type": "string", "description": "Value of the component parameter.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipeInstanceConfiguration:getContainerRecipeInstanceConfiguration": { "properties": { "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeInstanceConfigurationBlockDeviceMapping:getContainerRecipeInstanceConfigurationBlockDeviceMapping" }, "description": "Set of objects with block device mappings for the instance configuration.\n" }, "image": { "type": "string", "description": "AMI ID of the base image for container build and test instance.\n" } }, "type": "object", "required": [ "blockDeviceMappings", "image" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipeInstanceConfigurationBlockDeviceMapping:getContainerRecipeInstanceConfigurationBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "Name of the device. For example, `/dev/sda` or `/dev/xvdb`.\n" }, "ebs": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeInstanceConfigurationBlockDeviceMappingEb:getContainerRecipeInstanceConfigurationBlockDeviceMappingEb" }, "description": "Single list of object with Elastic Block Storage (EBS) block device mapping settings.\n" }, "noDevice": { "type": "string", "description": "Whether to remove a mapping from the parent image.\n" }, "virtualName": { "type": "string", "description": "Virtual device name. For example, `ephemeral0`. Instance store volumes are numbered starting from 0.\n" } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipeInstanceConfigurationBlockDeviceMappingEb:getContainerRecipeInstanceConfigurationBlockDeviceMappingEb": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether to delete the volume on termination. Defaults to unset, which is the value inherited from the parent image.\n" }, "encrypted": { "type": "boolean", "description": "Whether to encrypt the volume. Defaults to unset, which is the value inherited from the parent image.\n" }, "iops": { "type": "integer", "description": "Number of Input/Output (I/O) operations per second to provision for an `io1` or `io2` volume.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key used to encrypt the container image.\n" }, "snapshotId": { "type": "string", "description": "Identifier of the EC2 Volume Snapshot.\n" }, "throughput": { "type": "integer", "description": "For GP3 volumes only. The throughput in MiB/s that the volume supports.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n" }, "volumeType": { "type": "string", "description": "Type of the volume. For example, `gp2` or `io2`.\n" } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "kmsKeyId", "snapshotId", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipeTargetRepository:getContainerRecipeTargetRepository": { "properties": { "repositoryName": { "type": "string", "description": "Name of the container repository where the output container image is stored. The name is prefixed by the repository location.\n" }, "service": { "type": "string", "description": "Service in which this image is registered.\n" } }, "type": "object", "required": [ "repositoryName", "service" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getContainerRecipesFilter:getContainerRecipesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListContainerRecipes API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListContainerRecipes.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:imagebuilder/getDistributionConfigurationDistribution:getDistributionConfigurationDistribution": { "properties": { "amiDistributionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionAmiDistributionConfiguration:getDistributionConfigurationDistributionAmiDistributionConfiguration" }, "description": "Nested list of AMI distribution configuration.\n" }, "containerDistributionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionContainerDistributionConfiguration:getDistributionConfigurationDistributionContainerDistributionConfiguration" }, "description": "Nested list of container distribution configurations.\n" }, "fastLaunchConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfiguration:getDistributionConfigurationDistributionFastLaunchConfiguration" }, "description": "Nested list of Windows faster-launching configurations to use for AMI distribution.\n" }, "launchTemplateConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionLaunchTemplateConfiguration:getDistributionConfigurationDistributionLaunchTemplateConfiguration" }, "description": "Nested list of launch template configurations.\n" }, "licenseConfigurationArns": { "type": "array", "items": { "type": "string" }, "description": "Set of Amazon Resource Names (ARNs) of License Manager License Configurations.\n" }, "region": { "type": "string", "description": "AWS Region of distribution.\n" } }, "type": "object", "required": [ "amiDistributionConfigurations", "containerDistributionConfigurations", "fastLaunchConfigurations", "launchTemplateConfigurations", "licenseConfigurationArns", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionAmiDistributionConfiguration:getDistributionConfigurationDistributionAmiDistributionConfiguration": { "properties": { "amiTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to apply to distributed AMI.\n" }, "description": { "type": "string", "description": "Description of the container distribution configuration.\n" }, "kmsKeyId": { "type": "string", "description": "ARN of Key Management Service (KMS) Key to encrypt AMI.\n" }, "launchPermissions": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission:getDistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission" }, "description": "Nested list of EC2 launch permissions.\n" }, "name": { "type": "string", "description": "Name of the distribution configuration.\n" }, "targetAccountIds": { "type": "array", "items": { "type": "string" }, "description": "Set of target AWS Account identifiers.\n" } }, "type": "object", "required": [ "amiTags", "description", "kmsKeyId", "launchPermissions", "name", "targetAccountIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission:getDistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission": { "properties": { "organizationArns": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Organization ARNs.\n" }, "organizationalUnitArns": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Organizational Unit ARNs.\n" }, "userGroups": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 launch permission user groups.\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS Account identifiers.\n" } }, "type": "object", "required": [ "organizationArns", "organizationalUnitArns", "userGroups", "userIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionContainerDistributionConfiguration:getDistributionConfigurationDistributionContainerDistributionConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" }, "description": "Set of tags that are attached to the container distribution configuration.\n" }, "description": { "type": "string", "description": "Description of the container distribution configuration.\n" }, "targetRepositories": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository:getDistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository" }, "description": "Set of destination repositories for the container distribution configuration.\n" } }, "type": "object", "required": [ "containerTags", "description", "targetRepositories" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository:getDistributionConfigurationDistributionContainerDistributionConfigurationTargetRepository": { "properties": { "repositoryName": { "type": "string", "description": "Name of the container repository where the output container image is stored.\n" }, "service": { "type": "string", "description": "Service in which the image is registered.\n" } }, "type": "object", "required": [ "repositoryName", "service" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfiguration:getDistributionConfigurationDistributionFastLaunchConfiguration": { "properties": { "accountId": { "type": "string", "description": "The account ID that this configuration applies to.\n" }, "enabled": { "type": "boolean", "description": "A Boolean that represents the current state of faster launching for the Windows AMI.\n" }, "launchTemplates": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate:getDistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate" }, "description": "Nested list of launch templates that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.\n" }, "maxParallelLaunches": { "type": "integer", "description": "The maximum number of parallel instances that are launched for creating resources.\n" }, "snapshotConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration:getDistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration" }, "description": "Nested list of configurations for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.\n" } }, "type": "object", "required": [ "accountId", "enabled", "launchTemplates", "maxParallelLaunches", "snapshotConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate:getDistributionConfigurationDistributionFastLaunchConfigurationLaunchTemplate": { "properties": { "launchTemplateId": { "type": "string", "description": "ID of the Amazon EC2 launch template.\n" }, "launchTemplateName": { "type": "string", "description": "The name of the launch template to use for faster launching for a Windows AMI.\n" }, "launchTemplateVersion": { "type": "string", "description": "The version of the launch template to use for faster launching for a Windows AMI.\n" } }, "type": "object", "required": [ "launchTemplateId", "launchTemplateName", "launchTemplateVersion" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration:getDistributionConfigurationDistributionFastLaunchConfigurationSnapshotConfiguration": { "properties": { "targetResourceCount": { "type": "integer", "description": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.\n" } }, "type": "object", "required": [ "targetResourceCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationDistributionLaunchTemplateConfiguration:getDistributionConfigurationDistributionLaunchTemplateConfiguration": { "properties": { "accountId": { "type": "string", "description": "The account ID that this configuration applies to.\n" }, "default": { "type": "boolean", "description": "Whether the specified Amazon EC2 launch template is set as the default launch template.\n" }, "launchTemplateId": { "type": "string", "description": "ID of the Amazon EC2 launch template.\n" } }, "type": "object", "required": [ "accountId", "default", "launchTemplateId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getDistributionConfigurationsFilter:getDistributionConfigurationsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListDistributionConfigurations API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListDistributionConfigurations.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:imagebuilder/getImageImageScanningConfiguration:getImageImageScanningConfiguration": { "properties": { "ecrConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageImageScanningConfigurationEcrConfiguration:getImageImageScanningConfigurationEcrConfiguration" }, "description": "Configuration block with ECR configuration.\n" }, "imageScanningEnabled": { "type": "boolean", "description": "Indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.\n" } }, "type": "object", "required": [ "ecrConfigurations", "imageScanningEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageImageScanningConfigurationEcrConfiguration:getImageImageScanningConfigurationEcrConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" }, "description": "Set of tags for Image Builder to apply to the output container image that that Amazon Inspector scans.\n" }, "repositoryName": { "type": "string", "description": "The name of the container repository that Amazon Inspector scans to identify findings for your container images.\n" } }, "type": "object", "required": [ "containerTags", "repositoryName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageImageTestsConfiguration:getImageImageTestsConfiguration": { "properties": { "imageTestsEnabled": { "type": "boolean", "description": "Whether image tests are enabled.\n" }, "timeoutMinutes": { "type": "integer", "description": "Number of minutes before image tests time out.\n" } }, "type": "object", "required": [ "imageTestsEnabled", "timeoutMinutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageOutputResource:getImageOutputResource": { "properties": { "amis": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageOutputResourceAmi:getImageOutputResourceAmi" }, "description": "Set of objects with each Amazon Machine Image (AMI) created.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageOutputResourceContainer:getImageOutputResourceContainer" }, "description": "Set of objects with each container image created and stored in the output repository.\n" } }, "type": "object", "required": [ "amis", "containers" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageOutputResourceAmi:getImageOutputResourceAmi": { "properties": { "accountId": { "type": "string", "description": "Account identifier of the AMI.\n" }, "description": { "type": "string", "description": "Description of the AMI.\n" }, "image": { "type": "string", "description": "Identifier of the AMI.\n" }, "name": { "type": "string", "description": "Name of the AMI.\n" }, "region": { "type": "string", "description": "Region of the container image.\n" } }, "type": "object", "required": [ "accountId", "description", "image", "name", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageOutputResourceContainer:getImageOutputResourceContainer": { "properties": { "imageUris": { "type": "array", "items": { "type": "string" }, "description": "Set of URIs for created containers.\n" }, "region": { "type": "string", "description": "Region of the container image.\n" } }, "type": "object", "required": [ "imageUris", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImagePipelineImageScanningConfiguration:getImagePipelineImageScanningConfiguration": { "properties": { "ecrConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelineImageScanningConfigurationEcrConfiguration:getImagePipelineImageScanningConfigurationEcrConfiguration" }, "description": "List if an object with ecr configuration for image scanning\n" }, "imageScanningEnabled": { "type": "boolean", "description": "Whether image scanning is enabled.\n" } }, "type": "object", "required": [ "ecrConfigurations", "imageScanningEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImagePipelineImageScanningConfigurationEcrConfiguration:getImagePipelineImageScanningConfigurationEcrConfiguration": { "properties": { "containerTags": { "type": "array", "items": { "type": "string" }, "description": "Tags that are added to the output containers that are scanned\n" }, "repositoryName": { "type": "string", "description": "The name of the container repository that Amazon Inspector scans\n" } }, "type": "object", "required": [ "containerTags", "repositoryName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImagePipelineImageTestsConfiguration:getImagePipelineImageTestsConfiguration": { "properties": { "imageTestsEnabled": { "type": "boolean", "description": "Whether image tests are enabled.\n" }, "timeoutMinutes": { "type": "integer", "description": "Number of minutes before image tests time out.\n" } }, "type": "object", "required": [ "imageTestsEnabled", "timeoutMinutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImagePipelineSchedule:getImagePipelineSchedule": { "properties": { "pipelineExecutionStartCondition": { "type": "string", "description": "Condition when the pipeline should trigger a new image build.\n" }, "scheduleExpression": { "type": "string", "description": "Cron expression of how often the pipeline start condition is evaluated.\n" } }, "type": "object", "required": [ "pipelineExecutionStartCondition", "scheduleExpression" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImagePipelinesFilter:getImagePipelinesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListImagePipelines API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelines.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:imagebuilder/getImageRecipeBlockDeviceMapping:getImageRecipeBlockDeviceMapping": { "properties": { "deviceName": { "type": "string", "description": "Name of the device. For example, `/dev/sda` or `/dev/xvdb`.\n" }, "ebs": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipeBlockDeviceMappingEb:getImageRecipeBlockDeviceMappingEb" }, "description": "Single list of object with Elastic Block Storage (EBS) block device mapping settings.\n" }, "noDevice": { "type": "string", "description": "Whether to remove a mapping from the parent image.\n" }, "virtualName": { "type": "string", "description": "Virtual device name. For example, `ephemeral0`. Instance store volumes are numbered starting from 0.\n" } }, "type": "object", "required": [ "deviceName", "ebs", "noDevice", "virtualName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageRecipeBlockDeviceMappingEb:getImageRecipeBlockDeviceMappingEb": { "properties": { "deleteOnTermination": { "type": "boolean", "description": "Whether to delete the volume on termination. Defaults to unset, which is the value inherited from the parent image.\n" }, "encrypted": { "type": "boolean", "description": "Whether to encrypt the volume. Defaults to unset, which is the value inherited from the parent image.\n" }, "iops": { "type": "integer", "description": "Number of Input/Output (I/O) operations per second to provision for an `io1` or `io2` volume.\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the Key Management Service (KMS) Key for encryption.\n" }, "snapshotId": { "type": "string", "description": "Identifier of the EC2 Volume Snapshot.\n" }, "throughput": { "type": "integer", "description": "For GP3 volumes only. The throughput in MiB/s that the volume supports.\n" }, "volumeSize": { "type": "integer", "description": "Size of the volume, in GiB.\n" }, "volumeType": { "type": "string", "description": "Type of the volume. For example, `gp2` or `io2`.\n" } }, "type": "object", "required": [ "deleteOnTermination", "encrypted", "iops", "kmsKeyId", "snapshotId", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageRecipeComponent:getImageRecipeComponent": { "properties": { "componentArn": { "type": "string", "description": "ARN of the Image Builder Component.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipeComponentParameter:getImageRecipeComponentParameter" }, "description": "Set of parameters that are used to configure the component.\n" } }, "type": "object", "required": [ "componentArn", "parameters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageRecipeComponentParameter:getImageRecipeComponentParameter": { "properties": { "name": { "type": "string", "description": "Name of the image recipe.\n" }, "value": { "type": "string", "description": "Value of the component parameter.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getImageRecipesFilter:getImageRecipesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListImageRecipes API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageRecipes.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:imagebuilder/getInfrastructureConfigurationInstanceMetadataOption:getInfrastructureConfigurationInstanceMetadataOption": { "properties": { "httpPutResponseHopLimit": { "type": "integer", "description": "Number of hops that an instance can traverse to reach its destonation.\n" }, "httpTokens": { "type": "string", "description": "Whether a signed token is required for instance metadata retrieval requests.\n" } }, "type": "object", "required": [ "httpPutResponseHopLimit", "httpTokens" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getInfrastructureConfigurationLogging:getInfrastructureConfigurationLogging": { "properties": { "s3Logs": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getInfrastructureConfigurationLoggingS3Log:getInfrastructureConfigurationLoggingS3Log" }, "description": "Nested list of S3 logs settings.\n" } }, "type": "object", "required": [ "s3Logs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getInfrastructureConfigurationLoggingS3Log:getInfrastructureConfigurationLoggingS3Log": { "properties": { "s3BucketName": { "type": "string", "description": "Name of the S3 Bucket for logging.\n" }, "s3KeyPrefix": { "type": "string", "description": "Key prefix for S3 Bucket logging.\n" } }, "type": "object", "required": [ "s3BucketName", "s3KeyPrefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:imagebuilder/getInfrastructureConfigurationsFilter:getInfrastructureConfigurationsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Image Builder ListInfrastructureConfigurations API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListInfrastructureConfigurations.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:index/ProviderAssumeRole:ProviderAssumeRole": { "properties": { "duration": { "type": "string", "description": "The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m.\n" }, "externalId": { "type": "string", "description": "A unique identifier that might be required when you assume a role in another account.\n" }, "policy": { "type": "string", "description": "IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.\n" }, "policyArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls.\n" }, "sessionName": { "type": "string", "description": "An identifier for the assumed role session.\n" }, "sourceIdentity": { "type": "string", "description": "Source identity specified by the principal assuming the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Assume role session tags.\n" }, "transitiveTagKeys": { "type": "array", "items": { "type": "string" }, "description": "Assume role session tag keys to pass to any subsequent sessions.\n" } }, "type": "object" }, "aws:index/ProviderAssumeRoleWithWebIdentity:ProviderAssumeRoleWithWebIdentity": { "properties": { "duration": { "type": "string", "description": "The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m.\n" }, "policy": { "type": "string", "description": "IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.\n" }, "policyArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls.\n" }, "sessionName": { "type": "string", "description": "An identifier for the assumed role session.\n" }, "webIdentityToken": { "type": "string" }, "webIdentityTokenFile": { "type": "string" } }, "type": "object" }, "aws:index/ProviderDefaultTags:ProviderDefaultTags": { "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource tags to default across all resources\n" } }, "type": "object" }, "aws:index/ProviderEndpoint:ProviderEndpoint": { "properties": { "accessanalyzer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "account": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "acm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "acmpca": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amg": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amp": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "amplify": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apigateway": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apigatewayv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appautoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appconfig": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appfabric": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appflow": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appintegrations": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appintegrationsservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationautoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationinsights": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "applicationsignals": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appmesh": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appregistry": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "apprunner": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appstream": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "appsync": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "athena": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "auditmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "autoscaling": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "autoscalingplans": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "backup": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "batch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bcmdataexports": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "beanstalk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bedrock": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "bedrockagent": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "budgets": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ce": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chatbot": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chime": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chimesdkmediapipelines": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "chimesdkvoice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cleanrooms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloud9": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudcontrol": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudcontrolapi": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudformation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudfront": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudfrontkeyvaluestore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudhsm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudhsmv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudsearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudtrail": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchevents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchevidently": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchlog": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchlogs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchobservabilityaccessmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cloudwatchrum": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codeartifact": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codebuild": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codecatalyst": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codecommit": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codedeploy": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codeguruprofiler": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codegurureviewer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codepipeline": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codestarconnections": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "codestarnotifications": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidentity": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidentityprovider": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cognitoidp": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "comprehend": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "computeoptimizer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "config": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "configservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "connect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "connectcases": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "controltower": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costandusagereportservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costexplorer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "costoptimizationhub": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "cur": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "customerprofiles": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databasemigration": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databasemigrationservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "databrew": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dataexchange": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datapipeline": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datasync": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "datazone": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dax": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "deploy": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "detective": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "devicefarm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "devopsguru": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "directconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "directoryservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dlm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "docdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "docdbelastic": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "drs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ds": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "dynamodb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ec2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecr": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecrpublic": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ecs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "efs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "eks": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticache": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticbeanstalk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticloadbalancing": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticloadbalancingv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticsearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elasticsearchservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elastictranscoder": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "elbv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emr": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emrcontainers": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "emrserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "es": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "eventbridge": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "events": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "evidently": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "finspace": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "firehose": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "fsx": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "gamelift": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "glacier": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "globalaccelerator": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "glue": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "gluedatabrew": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "grafana": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "greengrass": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "groundstation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "guardduty": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "healthlake": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iam": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "identitystore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "imagebuilder": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspector": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspector2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "inspectorv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "internetmonitor": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iot": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iotanalytics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "iotevents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ivs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ivschat": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kafka": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kafkaconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kendra": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "keyspaces": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisanalytics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisanalyticsv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kinesisvideo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "kms": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lakeformation": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lambda": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "launchwizard": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lex": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelbuilding": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelbuildingservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodels": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexmodelsv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lexv2models": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "licensemanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lightsail": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "location": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "locationservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "logs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "lookoutmetrics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "m2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "macie2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "managedgrafana": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediaconnect": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediaconvert": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "medialive": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediapackage": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediapackagev2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mediastore": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "memorydb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mq": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "msk": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "mwaa": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "neptune": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "neptunegraph": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkfirewall": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "networkmonitor": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "oam": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearch": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchingestion": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opensearchservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "opsworks": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "organizations": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "osis": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "outposts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "paymentcryptography": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pcaconnectorad": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pinpoint": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pipes": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "polly": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "pricing": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "prometheus": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "prometheusservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "qbusiness": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "qldb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "quicksight": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ram": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rbin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rds": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "recyclebin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshift": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftdata": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftdataapiservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "redshiftserverless": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rekognition": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourceexplorer2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroups": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroupstagging": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "resourcegroupstaggingapi": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rolesanywhere": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53domains": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53profiles": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53recoverycontrolconfig": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53recoveryreadiness": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "route53resolver": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "rum": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3api": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3control": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "s3outposts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sagemaker": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "scheduler": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "schemas": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "secretsmanager": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "securityhub": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "securitylake": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessapplicationrepository": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessapprepo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "serverlessrepo": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicecatalog": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicecatalogappregistry": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicediscovery": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "servicequotas": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ses": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sesv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sfn": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "shield": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "signer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "simpledb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sns": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sqs": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssm": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmcontacts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmincidents": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssmsap": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sso": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "ssoadmin": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "stepfunctions": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "storagegateway": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "sts": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "swf": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "synthetics": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "timestreaminfluxdb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "timestreamwrite": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transcribe": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transcribeservice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "transfer": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "verifiedpermissions": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "vpclattice": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "waf": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wafregional": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wafv2": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "wellarchitected": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "worklink": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "workspaces": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "workspacesweb": { "type": "string", "description": "Use this to override the default service endpoint URL\n" }, "xray": { "type": "string", "description": "Use this to override the default service endpoint URL\n" } }, "type": "object" }, "aws:index/ProviderIgnoreTags:ProviderIgnoreTags": { "properties": { "keyPrefixes": { "type": "array", "items": { "type": "string" }, "description": "Resource tag key prefixes to ignore across all resources.\n" }, "keys": { "type": "array", "items": { "type": "string" }, "description": "Resource tag keys to ignore across all resources.\n" } }, "type": "object" }, "aws:index/Region:Region": { "description": "A Region represents any valid Amazon region that may be targeted with deployments.", "type": "string", "enum": [ { "name": "AFSouth1", "value": "af-south-1" }, { "name": "APEast1", "value": "ap-east-1" }, { "name": "APNortheast1", "value": "ap-northeast-1" }, { "name": "APNortheast2", "value": "ap-northeast-2" }, { "name": "APNortheast3", "value": "ap-northeast-3" }, { "name": "APSouth1", "value": "ap-south-1" }, { "name": "APSouth2", "value": "ap-south-2" }, { "name": "APSoutheast1", "value": "ap-southeast-1" }, { "name": "APSoutheast2", "value": "ap-southeast-2" }, { "name": "APSoutheast3", "value": "ap-southeast-3" }, { "name": "APSoutheast4", "value": "ap-southeast-4" }, { "name": "CACentral", "value": "ca-central-1" }, { "name": "CAWest1", "value": "ca-west-1" }, { "name": "CNNorth1", "value": "cn-north-1" }, { "name": "CNNorthwest1", "value": "cn-northwest-1" }, { "name": "EUCentral1", "value": "eu-central-1" }, { "name": "EUCentral2", "value": "eu-central-2" }, { "name": "EUNorth1", "value": "eu-north-1" }, { "name": "EUSouth1", "value": "eu-south-1" }, { "name": "EUSouth2", "value": "eu-south-2" }, { "name": "EUWest1", "value": "eu-west-1" }, { "name": "EUWest2", "value": "eu-west-2" }, { "name": "EUWest3", "value": "eu-west-3" }, { "name": "MECentral1", "value": "me-central-1" }, { "name": "MESouth1", "value": "me-south-1" }, { "name": "SAEast1", "value": "sa-east-1" }, { "name": "USGovEast1", "value": "us-gov-east-1" }, { "name": "USGovWest1", "value": "us-gov-west-1" }, { "name": "USEast1", "value": "us-east-1" }, { "name": "USEast2", "value": "us-east-2" }, { "name": "USWest1", "value": "us-west-1" }, { "name": "USWest2", "value": "us-west-2" } ] }, "aws:index/getAvailabilityZoneFilter:getAvailabilityZoneFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:index/getAvailabilityZonesFilter:getAvailabilityZonesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:index/getRegionsFilter:getRegionsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1].\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:inspector/AssessmentTemplateEventSubscription:AssessmentTemplateEventSubscription": { "properties": { "event": { "type": "string", "description": "The event for which you want to receive SNS notifications. Valid values are `ASSESSMENT_RUN_STARTED`, `ASSESSMENT_RUN_COMPLETED`, `ASSESSMENT_RUN_STATE_CHANGED`, and `FINDING_REPORTED`.\n" }, "topicArn": { "type": "string", "description": "The ARN of the SNS topic to which notifications are sent.\n" } }, "type": "object", "required": [ "event", "topicArn" ] }, "aws:inspector2/OrganizationConfigurationAutoEnable:OrganizationConfigurationAutoEnable": { "properties": { "ec2": { "type": "boolean", "description": "Whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.\n" }, "ecr": { "type": "boolean", "description": "Whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.\n" }, "lambda": { "type": "boolean", "description": "Whether Lambda Function scans are automatically enabled for new members of your Amazon Inspector organization.\n" }, "lambdaCode": { "type": "boolean", "description": "Whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. **Note:** Lambda code scanning requires Lambda standard scanning to be activated. Consequently, if you are setting this argument to `true`, you must also set the `lambda` argument to `true`. See [Scanning AWS Lambda functions with Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/scanning-lambda.html#lambda-code-scans) for more information.\n" } }, "type": "object", "required": [ "ec2", "ecr" ] }, "aws:iot/BillingGroupMetadata:BillingGroupMetadata": { "properties": { "creationDate": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "creationDate" ] } } }, "aws:iot/BillingGroupProperties:BillingGroupProperties": { "properties": { "description": { "type": "string", "description": "A description of the Billing Group.\n" } }, "type": "object" }, "aws:iot/CaCertificateRegistrationConfig:CaCertificateRegistrationConfig": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the role.\n" }, "templateBody": { "type": "string", "description": "The template body.\n" }, "templateName": { "type": "string", "description": "The name of the provisioning template.\n" } }, "type": "object" }, "aws:iot/CaCertificateValidity:CaCertificateValidity": { "properties": { "notAfter": { "type": "string", "description": "The certificate is not valid after this date.\n" }, "notBefore": { "type": "string", "description": "The certificate is not valid before this date.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "notAfter", "notBefore" ] } } }, "aws:iot/DomainConfigurationAuthorizerConfig:DomainConfigurationAuthorizerConfig": { "properties": { "allowAuthorizerOverride": { "type": "boolean", "description": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.\n" }, "defaultAuthorizerName": { "type": "string", "description": "The name of the authorization service for a domain configuration.\n" } }, "type": "object" }, "aws:iot/DomainConfigurationTlsConfig:DomainConfigurationTlsConfig": { "properties": { "securityPolicy": { "type": "string", "description": "The security policy for a domain configuration.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityPolicy" ] } } }, "aws:iot/IndexingConfigurationThingGroupIndexingConfiguration:IndexingConfigurationThingGroupIndexingConfiguration": { "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/aws:iot/IndexingConfigurationThingGroupIndexingConfigurationCustomField:IndexingConfigurationThingGroupIndexingConfigurationCustomField" }, "description": "A list of thing group fields to index. This list cannot contain any managed fields. See below.\n" }, "managedFields": { "type": "array", "items": { "$ref": "#/types/aws:iot/IndexingConfigurationThingGroupIndexingConfigurationManagedField:IndexingConfigurationThingGroupIndexingConfigurationManagedField" }, "description": "Contains fields that are indexed and whose types are already known by the Fleet Indexing service. See below.\n" }, "thingGroupIndexingMode": { "type": "string", "description": "Thing group indexing mode. Valid values: `OFF`, `ON`.\n" } }, "type": "object", "required": [ "thingGroupIndexingMode" ], "language": { "nodejs": { "requiredOutputs": [ "managedFields", "thingGroupIndexingMode" ] } } }, "aws:iot/IndexingConfigurationThingGroupIndexingConfigurationCustomField:IndexingConfigurationThingGroupIndexingConfigurationCustomField": { "properties": { "name": { "type": "string", "description": "The name of the field.\n" }, "type": { "type": "string", "description": "The data type of the field. Valid values: `Number`, `String`, `Boolean`.\n" } }, "type": "object" }, "aws:iot/IndexingConfigurationThingGroupIndexingConfigurationManagedField:IndexingConfigurationThingGroupIndexingConfigurationManagedField": { "properties": { "name": { "type": "string", "description": "The name of the field.\n" }, "type": { "type": "string", "description": "The data type of the field. Valid values: `Number`, `String`, `Boolean`.\n" } }, "type": "object" }, "aws:iot/IndexingConfigurationThingIndexingConfiguration:IndexingConfigurationThingIndexingConfiguration": { "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfigurationCustomField:IndexingConfigurationThingIndexingConfigurationCustomField" }, "description": "Contains custom field names and their data type. See below.\n" }, "deviceDefenderIndexingMode": { "type": "string", "description": "Device Defender indexing mode. Valid values: `VIOLATIONS`, `OFF`. Default: `OFF`.\n" }, "filter": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfigurationFilter:IndexingConfigurationThingIndexingConfigurationFilter", "description": "Required if `named_shadow_indexing_mode` is `ON`. Enables to add named shadows filtered by `filter` to fleet indexing configuration.\n" }, "managedFields": { "type": "array", "items": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfigurationManagedField:IndexingConfigurationThingIndexingConfigurationManagedField" }, "description": "Contains fields that are indexed and whose types are already known by the Fleet Indexing service. See below.\n" }, "namedShadowIndexingMode": { "type": "string", "description": "[Named shadow](https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html) indexing mode. Valid values: `ON`, `OFF`. Default: `OFF`.\n" }, "thingConnectivityIndexingMode": { "type": "string", "description": "Thing connectivity indexing mode. Valid values: `STATUS`, `OFF`. Default: `OFF`.\n" }, "thingIndexingMode": { "type": "string", "description": "Thing indexing mode. Valid values: `REGISTRY`, `REGISTRY_AND_SHADOW`, `OFF`.\n" } }, "type": "object", "required": [ "thingIndexingMode" ], "language": { "nodejs": { "requiredOutputs": [ "filter", "managedFields", "thingIndexingMode" ] } } }, "aws:iot/IndexingConfigurationThingIndexingConfigurationCustomField:IndexingConfigurationThingIndexingConfigurationCustomField": { "properties": { "name": { "type": "string", "description": "The name of the field.\n" }, "type": { "type": "string", "description": "The data type of the field. Valid values: `Number`, `String`, `Boolean`.\n" } }, "type": "object" }, "aws:iot/IndexingConfigurationThingIndexingConfigurationFilter:IndexingConfigurationThingIndexingConfigurationFilter": { "properties": { "namedShadowNames": { "type": "array", "items": { "type": "string" }, "description": "List of shadow names that you select to index.\n" } }, "type": "object" }, "aws:iot/IndexingConfigurationThingIndexingConfigurationManagedField:IndexingConfigurationThingIndexingConfigurationManagedField": { "properties": { "name": { "type": "string", "description": "The name of the field.\n" }, "type": { "type": "string", "description": "The data type of the field. Valid values: `Number`, `String`, `Boolean`.\n" } }, "type": "object" }, "aws:iot/ProvisioningTemplatePreProvisioningHook:ProvisioningTemplatePreProvisioningHook": { "properties": { "payloadVersion": { "type": "string", "description": "The version of the payload that was sent to the target function. The only valid (and the default) payload version is `\"2020-04-01\"`.\n" }, "targetArn": { "type": "string", "description": "The ARN of the target function.\n" } }, "type": "object", "required": [ "targetArn" ] }, "aws:iot/ThingGroupMetadata:ThingGroupMetadata": { "properties": { "creationDate": { "type": "string" }, "parentGroupName": { "type": "string", "description": "The name of the parent Thing Group.\n" }, "rootToParentGroups": { "type": "array", "items": { "$ref": "#/types/aws:iot/ThingGroupMetadataRootToParentGroup:ThingGroupMetadataRootToParentGroup" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "creationDate", "parentGroupName", "rootToParentGroups" ] } } }, "aws:iot/ThingGroupMetadataRootToParentGroup:ThingGroupMetadataRootToParentGroup": { "properties": { "groupArn": { "type": "string" }, "groupName": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "groupArn", "groupName" ] } } }, "aws:iot/ThingGroupProperties:ThingGroupProperties": { "properties": { "attributePayload": { "$ref": "#/types/aws:iot/ThingGroupPropertiesAttributePayload:ThingGroupPropertiesAttributePayload", "description": "The Thing Group attributes. Defined below.\n" }, "description": { "type": "string", "description": "A description of the Thing Group.\n" } }, "type": "object" }, "aws:iot/ThingGroupPropertiesAttributePayload:ThingGroupPropertiesAttributePayload": { "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map.\n" } }, "type": "object" }, "aws:iot/ThingTypeProperties:ThingTypeProperties": { "properties": { "description": { "type": "string", "description": "The description of the thing type.\n", "willReplaceOnChanges": true }, "searchableAttributes": { "type": "array", "items": { "type": "string" }, "description": "A list of searchable thing attribute names.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "searchableAttributes" ] } } }, "aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm": { "properties": { "alarmName": { "type": "string", "description": "The CloudWatch alarm name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n" }, "stateReason": { "type": "string", "description": "The reason for the alarm change.\n" }, "stateValue": { "type": "string", "description": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.\n" } }, "type": "object", "required": [ "alarmName", "roleArn", "stateReason", "stateValue" ] }, "aws:iot/TopicRuleCloudwatchLog:TopicRuleCloudwatchLog": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to CloudWatch via a batch call.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch log group name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n" } }, "type": "object", "required": [ "logGroupName", "roleArn" ] }, "aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric": { "properties": { "metricName": { "type": "string", "description": "The CloudWatch metric name.\n" }, "metricNamespace": { "type": "string", "description": "The CloudWatch metric namespace name.\n" }, "metricTimestamp": { "type": "string", "description": "An optional Unix timestamp (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp).\n" }, "metricUnit": { "type": "string", "description": "The metric unit (supported units can be found here: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit)\n" }, "metricValue": { "type": "string", "description": "The CloudWatch metric value.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch metric.\n" } }, "type": "object", "required": [ "metricName", "metricNamespace", "metricUnit", "metricValue", "roleArn" ] }, "aws:iot/TopicRuleDestinationVpcConfiguration:TopicRuleDestinationVpcConfiguration": { "properties": { "roleArn": { "type": "string", "description": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups of the VPC destination.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The subnet IDs of the VPC destination.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "roleArn", "subnetIds", "vpcId" ] }, "aws:iot/TopicRuleDynamodb:TopicRuleDynamodb": { "properties": { "hashKeyField": { "type": "string", "description": "The hash key name.\n" }, "hashKeyType": { "type": "string", "description": "The hash key type. Valid values are \"STRING\" or \"NUMBER\".\n" }, "hashKeyValue": { "type": "string", "description": "The hash key value.\n" }, "operation": { "type": "string", "description": "The operation. Valid values are \"INSERT\", \"UPDATE\", or \"DELETE\".\n" }, "payloadField": { "type": "string", "description": "The action payload.\n" }, "rangeKeyField": { "type": "string", "description": "The range key name.\n" }, "rangeKeyType": { "type": "string", "description": "The range key type. Valid values are \"STRING\" or \"NUMBER\".\n" }, "rangeKeyValue": { "type": "string", "description": "The range key value.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n" }, "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n" } }, "type": "object", "required": [ "hashKeyField", "hashKeyValue", "roleArn", "tableName" ] }, "aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2": { "properties": { "putItem": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2PutItem:TopicRuleDynamodbv2PutItem", "description": "Configuration block with DynamoDB Table to which the message will be written. Nested arguments below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n" } }, "type": "object", "required": [ "roleArn" ] }, "aws:iot/TopicRuleDynamodbv2PutItem:TopicRuleDynamodbv2PutItem": { "properties": { "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n" } }, "type": "object", "required": [ "tableName" ] }, "aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch": { "properties": { "endpoint": { "type": "string", "description": "The endpoint of your Elasticsearch domain.\n" }, "id": { "type": "string", "description": "The unique identifier for the document you are storing.\n" }, "index": { "type": "string", "description": "The Elasticsearch index where you want to store your data.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that has access to Elasticsearch.\n" }, "type": { "type": "string", "description": "The type of document you are storing.\n" } }, "type": "object", "required": [ "endpoint", "id", "index", "roleArn", "type" ] }, "aws:iot/TopicRuleErrorAction:TopicRuleErrorAction": { "properties": { "cloudwatchAlarm": { "$ref": "#/types/aws:iot/TopicRuleErrorActionCloudwatchAlarm:TopicRuleErrorActionCloudwatchAlarm" }, "cloudwatchLogs": { "$ref": "#/types/aws:iot/TopicRuleErrorActionCloudwatchLogs:TopicRuleErrorActionCloudwatchLogs" }, "cloudwatchMetric": { "$ref": "#/types/aws:iot/TopicRuleErrorActionCloudwatchMetric:TopicRuleErrorActionCloudwatchMetric" }, "dynamodb": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodb:TopicRuleErrorActionDynamodb" }, "dynamodbv2": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodbv2:TopicRuleErrorActionDynamodbv2" }, "elasticsearch": { "$ref": "#/types/aws:iot/TopicRuleErrorActionElasticsearch:TopicRuleErrorActionElasticsearch" }, "firehose": { "$ref": "#/types/aws:iot/TopicRuleErrorActionFirehose:TopicRuleErrorActionFirehose" }, "http": { "$ref": "#/types/aws:iot/TopicRuleErrorActionHttp:TopicRuleErrorActionHttp" }, "iotAnalytics": { "$ref": "#/types/aws:iot/TopicRuleErrorActionIotAnalytics:TopicRuleErrorActionIotAnalytics" }, "iotEvents": { "$ref": "#/types/aws:iot/TopicRuleErrorActionIotEvents:TopicRuleErrorActionIotEvents" }, "kafka": { "$ref": "#/types/aws:iot/TopicRuleErrorActionKafka:TopicRuleErrorActionKafka" }, "kinesis": { "$ref": "#/types/aws:iot/TopicRuleErrorActionKinesis:TopicRuleErrorActionKinesis" }, "lambda": { "$ref": "#/types/aws:iot/TopicRuleErrorActionLambda:TopicRuleErrorActionLambda" }, "republish": { "$ref": "#/types/aws:iot/TopicRuleErrorActionRepublish:TopicRuleErrorActionRepublish" }, "s3": { "$ref": "#/types/aws:iot/TopicRuleErrorActionS3:TopicRuleErrorActionS3" }, "sns": { "$ref": "#/types/aws:iot/TopicRuleErrorActionSns:TopicRuleErrorActionSns" }, "sqs": { "$ref": "#/types/aws:iot/TopicRuleErrorActionSqs:TopicRuleErrorActionSqs" }, "stepFunctions": { "$ref": "#/types/aws:iot/TopicRuleErrorActionStepFunctions:TopicRuleErrorActionStepFunctions" }, "timestream": { "$ref": "#/types/aws:iot/TopicRuleErrorActionTimestream:TopicRuleErrorActionTimestream" } }, "type": "object" }, "aws:iot/TopicRuleErrorActionCloudwatchAlarm:TopicRuleErrorActionCloudwatchAlarm": { "properties": { "alarmName": { "type": "string", "description": "The CloudWatch alarm name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n" }, "stateReason": { "type": "string", "description": "The reason for the alarm change.\n" }, "stateValue": { "type": "string", "description": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.\n" } }, "type": "object", "required": [ "alarmName", "roleArn", "stateReason", "stateValue" ] }, "aws:iot/TopicRuleErrorActionCloudwatchLogs:TopicRuleErrorActionCloudwatchLogs": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to CloudWatch via a batch call.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch log group name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch alarm.\n" } }, "type": "object", "required": [ "logGroupName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionCloudwatchMetric:TopicRuleErrorActionCloudwatchMetric": { "properties": { "metricName": { "type": "string", "description": "The CloudWatch metric name.\n" }, "metricNamespace": { "type": "string", "description": "The CloudWatch metric namespace name.\n" }, "metricTimestamp": { "type": "string", "description": "An optional Unix timestamp (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp).\n" }, "metricUnit": { "type": "string", "description": "The metric unit (supported units can be found here: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit)\n" }, "metricValue": { "type": "string", "description": "The CloudWatch metric value.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that allows access to the CloudWatch metric.\n" } }, "type": "object", "required": [ "metricName", "metricNamespace", "metricUnit", "metricValue", "roleArn" ] }, "aws:iot/TopicRuleErrorActionDynamodb:TopicRuleErrorActionDynamodb": { "properties": { "hashKeyField": { "type": "string", "description": "The hash key name.\n" }, "hashKeyType": { "type": "string", "description": "The hash key type. Valid values are \"STRING\" or \"NUMBER\".\n" }, "hashKeyValue": { "type": "string", "description": "The hash key value.\n" }, "operation": { "type": "string", "description": "The operation. Valid values are \"INSERT\", \"UPDATE\", or \"DELETE\".\n" }, "payloadField": { "type": "string", "description": "The action payload.\n" }, "rangeKeyField": { "type": "string", "description": "The range key name.\n" }, "rangeKeyType": { "type": "string", "description": "The range key type. Valid values are \"STRING\" or \"NUMBER\".\n" }, "rangeKeyValue": { "type": "string", "description": "The range key value.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n" }, "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n" } }, "type": "object", "required": [ "hashKeyField", "hashKeyValue", "roleArn", "tableName" ] }, "aws:iot/TopicRuleErrorActionDynamodbv2:TopicRuleErrorActionDynamodbv2": { "properties": { "putItem": { "$ref": "#/types/aws:iot/TopicRuleErrorActionDynamodbv2PutItem:TopicRuleErrorActionDynamodbv2PutItem", "description": "Configuration block with DynamoDB Table to which the message will be written. Nested arguments below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the DynamoDB table.\n" } }, "type": "object", "required": [ "roleArn" ] }, "aws:iot/TopicRuleErrorActionDynamodbv2PutItem:TopicRuleErrorActionDynamodbv2PutItem": { "properties": { "tableName": { "type": "string", "description": "The name of the DynamoDB table.\n" } }, "type": "object", "required": [ "tableName" ] }, "aws:iot/TopicRuleErrorActionElasticsearch:TopicRuleErrorActionElasticsearch": { "properties": { "endpoint": { "type": "string", "description": "The endpoint of your Elasticsearch domain.\n" }, "id": { "type": "string", "description": "The unique identifier for the document you are storing.\n" }, "index": { "type": "string", "description": "The Elasticsearch index where you want to store your data.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that has access to Elasticsearch.\n" }, "type": { "type": "string", "description": "The type of document you are storing.\n" } }, "type": "object", "required": [ "endpoint", "id", "index", "roleArn", "type" ] }, "aws:iot/TopicRuleErrorActionFirehose:TopicRuleErrorActionFirehose": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to Kinesis Firehose via a batch call.\n" }, "deliveryStreamName": { "type": "string", "description": "The delivery stream name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that grants access to the Amazon Kinesis Firehose stream.\n" }, "separator": { "type": "string", "description": "A character separator that is used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).\n" } }, "type": "object", "required": [ "deliveryStreamName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionHttp:TopicRuleErrorActionHttp": { "properties": { "confirmationUrl": { "type": "string", "description": "The HTTPS URL used to verify ownership of `url`.\n" }, "httpHeaders": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleErrorActionHttpHttpHeader:TopicRuleErrorActionHttpHttpHeader" }, "description": "Custom HTTP header IoT Core should send. It is possible to define more than one custom header.\n" }, "url": { "type": "string", "description": "The HTTPS URL.\n" } }, "type": "object", "required": [ "url" ] }, "aws:iot/TopicRuleErrorActionHttpHttpHeader:TopicRuleErrorActionHttpHttpHeader": { "properties": { "key": { "type": "string", "description": "The name of the HTTP header.\n" }, "value": { "type": "string", "description": "The value of the HTTP header.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:iot/TopicRuleErrorActionIotAnalytics:TopicRuleErrorActionIotAnalytics": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to IoT Analytics via a batch call.\n" }, "channelName": { "type": "string", "description": "Name of AWS IOT Analytics channel.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "channelName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionIotEvents:TopicRuleErrorActionIotEvents": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to IoT Events via a batch call.\n" }, "inputName": { "type": "string", "description": "The name of the AWS IoT Events input.\n" }, "messageId": { "type": "string", "description": "Use this to ensure that only one input (message) with a given messageId is processed by an AWS IoT Events detector.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "inputName", "roleArn" ] }, "aws:iot/TopicRuleErrorActionKafka:TopicRuleErrorActionKafka": { "properties": { "clientProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Apache Kafka producer client. For more info, see the [AWS documentation](https://docs.aws.amazon.com/iot/latest/developerguide/apache-kafka-rule-action.html).\n" }, "destinationArn": { "type": "string", "description": "The ARN of Kafka action's VPC `aws.iot.TopicRuleDestination`.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleErrorActionKafkaHeader:TopicRuleErrorActionKafkaHeader" }, "description": "The list of Kafka headers that you specify. Nested arguments below.\n" }, "key": { "type": "string", "description": "The Kafka message key.\n" }, "partition": { "type": "string", "description": "The Kafka message partition.\n" }, "topic": { "type": "string", "description": "The Kafka topic for messages to be sent to the Kafka broker.\n" } }, "type": "object", "required": [ "clientProperties", "destinationArn", "topic" ] }, "aws:iot/TopicRuleErrorActionKafkaHeader:TopicRuleErrorActionKafkaHeader": { "properties": { "key": { "type": "string", "description": "The key of the Kafka header.\n" }, "value": { "type": "string", "description": "The value of the Kafka header.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:iot/TopicRuleErrorActionKinesis:TopicRuleErrorActionKinesis": { "properties": { "partitionKey": { "type": "string", "description": "The partition key.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.\n" }, "streamName": { "type": "string", "description": "The name of the Amazon Kinesis stream.\n" } }, "type": "object", "required": [ "roleArn", "streamName" ] }, "aws:iot/TopicRuleErrorActionLambda:TopicRuleErrorActionLambda": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function.\n" } }, "type": "object", "required": [ "functionArn" ] }, "aws:iot/TopicRuleErrorActionRepublish:TopicRuleErrorActionRepublish": { "properties": { "qos": { "type": "integer", "description": "The Quality of Service (QoS) level to use when republishing messages. Valid values are 0 or 1. The default value is 0.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "topic": { "type": "string", "description": "The name of the MQTT topic the message should be republished to.\n" } }, "type": "object", "required": [ "roleArn", "topic" ] }, "aws:iot/TopicRuleErrorActionS3:TopicRuleErrorActionS3": { "properties": { "bucketName": { "type": "string", "description": "The Amazon S3 bucket name.\n" }, "cannedAcl": { "type": "string", "description": "The Amazon S3 canned ACL that controls access to the object identified by the object key. [Valid values](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl).\n" }, "key": { "type": "string", "description": "The object key.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "bucketName", "key", "roleArn" ] }, "aws:iot/TopicRuleErrorActionSns:TopicRuleErrorActionSns": { "properties": { "messageFormat": { "type": "string", "description": "The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\".\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "targetArn": { "type": "string", "description": "The ARN of the SNS topic.\n" } }, "type": "object", "required": [ "roleArn", "targetArn" ] }, "aws:iot/TopicRuleErrorActionSqs:TopicRuleErrorActionSqs": { "properties": { "queueUrl": { "type": "string", "description": "The URL of the Amazon SQS queue.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "useBase64": { "type": "boolean", "description": "Specifies whether to use Base64 encoding.\n" } }, "type": "object", "required": [ "queueUrl", "roleArn", "useBase64" ] }, "aws:iot/TopicRuleErrorActionStepFunctions:TopicRuleErrorActionStepFunctions": { "properties": { "executionNamePrefix": { "type": "string", "description": "The prefix used to generate, along with a UUID, the unique state machine execution name.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to start execution of the state machine.\n" }, "stateMachineName": { "type": "string", "description": "The name of the Step Functions state machine whose execution will be started.\n" } }, "type": "object", "required": [ "roleArn", "stateMachineName" ] }, "aws:iot/TopicRuleErrorActionTimestream:TopicRuleErrorActionTimestream": { "properties": { "databaseName": { "type": "string", "description": "The name of an Amazon Timestream database.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleErrorActionTimestreamDimension:TopicRuleErrorActionTimestreamDimension" }, "description": "Configuration blocks with metadata attributes of the time series that are written in each measure record. Nested arguments below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role that grants permission to write to the Amazon Timestream database table.\n" }, "tableName": { "type": "string", "description": "The name of the database table into which to write the measure records.\n" }, "timestamp": { "$ref": "#/types/aws:iot/TopicRuleErrorActionTimestreamTimestamp:TopicRuleErrorActionTimestreamTimestamp", "description": "Configuration block specifying an application-defined value to replace the default value assigned to the Timestream record's timestamp in the time column. Nested arguments below.\n" } }, "type": "object", "required": [ "databaseName", "dimensions", "roleArn", "tableName" ] }, "aws:iot/TopicRuleErrorActionTimestreamDimension:TopicRuleErrorActionTimestreamDimension": { "properties": { "name": { "type": "string", "description": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.\n" }, "value": { "type": "string", "description": "The value to write in this column of the database record.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:iot/TopicRuleErrorActionTimestreamTimestamp:TopicRuleErrorActionTimestreamTimestamp": { "properties": { "unit": { "type": "string", "description": "The precision of the timestamp value that results from the expression described in value. Valid values: `SECONDS`, `MILLISECONDS`, `MICROSECONDS`, `NANOSECONDS`.\n" }, "value": { "type": "string", "description": "An expression that returns a long epoch time value.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:iot/TopicRuleFirehose:TopicRuleFirehose": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to Kinesis Firehose via a batch call.\n" }, "deliveryStreamName": { "type": "string", "description": "The delivery stream name.\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that grants access to the Amazon Kinesis Firehose stream.\n" }, "separator": { "type": "string", "description": "A character separator that is used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).\n" } }, "type": "object", "required": [ "deliveryStreamName", "roleArn" ] }, "aws:iot/TopicRuleHttp:TopicRuleHttp": { "properties": { "confirmationUrl": { "type": "string", "description": "The HTTPS URL used to verify ownership of `url`.\n" }, "httpHeaders": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleHttpHttpHeader:TopicRuleHttpHttpHeader" }, "description": "Custom HTTP header IoT Core should send. It is possible to define more than one custom header.\n" }, "url": { "type": "string", "description": "The HTTPS URL.\n" } }, "type": "object", "required": [ "url" ] }, "aws:iot/TopicRuleHttpHttpHeader:TopicRuleHttpHttpHeader": { "properties": { "key": { "type": "string", "description": "The name of the HTTP header.\n" }, "value": { "type": "string", "description": "The value of the HTTP header.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to IoT Analytics via a batch call.\n" }, "channelName": { "type": "string", "description": "Name of AWS IOT Analytics channel.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "channelName", "roleArn" ] }, "aws:iot/TopicRuleIotEvent:TopicRuleIotEvent": { "properties": { "batchMode": { "type": "boolean", "description": "The payload that contains a JSON array of records will be sent to IoT Events via a batch call.\n" }, "inputName": { "type": "string", "description": "The name of the AWS IoT Events input.\n" }, "messageId": { "type": "string", "description": "Use this to ensure that only one input (message) with a given messageId is processed by an AWS IoT Events detector.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "inputName", "roleArn" ] }, "aws:iot/TopicRuleKafka:TopicRuleKafka": { "properties": { "clientProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Apache Kafka producer client. For more info, see the [AWS documentation](https://docs.aws.amazon.com/iot/latest/developerguide/apache-kafka-rule-action.html).\n" }, "destinationArn": { "type": "string", "description": "The ARN of Kafka action's VPC `aws.iot.TopicRuleDestination`.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKafkaHeader:TopicRuleKafkaHeader" }, "description": "The list of Kafka headers that you specify. Nested arguments below.\n" }, "key": { "type": "string", "description": "The Kafka message key.\n" }, "partition": { "type": "string", "description": "The Kafka message partition.\n" }, "topic": { "type": "string", "description": "The Kafka topic for messages to be sent to the Kafka broker.\n" } }, "type": "object", "required": [ "clientProperties", "destinationArn", "topic" ] }, "aws:iot/TopicRuleKafkaHeader:TopicRuleKafkaHeader": { "properties": { "key": { "type": "string", "description": "The key of the Kafka header.\n" }, "value": { "type": "string", "description": "The value of the Kafka header.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:iot/TopicRuleKinesis:TopicRuleKinesis": { "properties": { "partitionKey": { "type": "string", "description": "The partition key.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.\n" }, "streamName": { "type": "string", "description": "The name of the Amazon Kinesis stream.\n" } }, "type": "object", "required": [ "roleArn", "streamName" ] }, "aws:iot/TopicRuleLambda:TopicRuleLambda": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function.\n" } }, "type": "object", "required": [ "functionArn" ] }, "aws:iot/TopicRuleRepublish:TopicRuleRepublish": { "properties": { "qos": { "type": "integer", "description": "The Quality of Service (QoS) level to use when republishing messages. Valid values are 0 or 1. The default value is 0.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "topic": { "type": "string", "description": "The name of the MQTT topic the message should be republished to.\n" } }, "type": "object", "required": [ "roleArn", "topic" ] }, "aws:iot/TopicRuleS3:TopicRuleS3": { "properties": { "bucketName": { "type": "string", "description": "The Amazon S3 bucket name.\n" }, "cannedAcl": { "type": "string", "description": "The Amazon S3 canned ACL that controls access to the object identified by the object key. [Valid values](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl).\n" }, "key": { "type": "string", "description": "The object key.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" } }, "type": "object", "required": [ "bucketName", "key", "roleArn" ] }, "aws:iot/TopicRuleSns:TopicRuleSns": { "properties": { "messageFormat": { "type": "string", "description": "The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\".\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "targetArn": { "type": "string", "description": "The ARN of the SNS topic.\n" } }, "type": "object", "required": [ "roleArn", "targetArn" ] }, "aws:iot/TopicRuleSqs:TopicRuleSqs": { "properties": { "queueUrl": { "type": "string", "description": "The URL of the Amazon SQS queue.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access.\n" }, "useBase64": { "type": "boolean", "description": "Specifies whether to use Base64 encoding.\n" } }, "type": "object", "required": [ "queueUrl", "roleArn", "useBase64" ] }, "aws:iot/TopicRuleStepFunction:TopicRuleStepFunction": { "properties": { "executionNamePrefix": { "type": "string", "description": "The prefix used to generate, along with a UUID, the unique state machine execution name.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role that grants access to start execution of the state machine.\n" }, "stateMachineName": { "type": "string", "description": "The name of the Step Functions state machine whose execution will be started.\n" } }, "type": "object", "required": [ "roleArn", "stateMachineName" ] }, "aws:iot/TopicRuleTimestream:TopicRuleTimestream": { "properties": { "databaseName": { "type": "string", "description": "The name of an Amazon Timestream database.\n" }, "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleTimestreamDimension:TopicRuleTimestreamDimension" }, "description": "Configuration blocks with metadata attributes of the time series that are written in each measure record. Nested arguments below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role that grants permission to write to the Amazon Timestream database table.\n" }, "tableName": { "type": "string", "description": "The name of the database table into which to write the measure records.\n" }, "timestamp": { "$ref": "#/types/aws:iot/TopicRuleTimestreamTimestamp:TopicRuleTimestreamTimestamp", "description": "Configuration block specifying an application-defined value to replace the default value assigned to the Timestream record's timestamp in the time column. Nested arguments below.\n" } }, "type": "object", "required": [ "databaseName", "dimensions", "roleArn", "tableName" ] }, "aws:iot/TopicRuleTimestreamDimension:TopicRuleTimestreamDimension": { "properties": { "name": { "type": "string", "description": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.\n" }, "value": { "type": "string", "description": "The value to write in this column of the database record.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:iot/TopicRuleTimestreamTimestamp:TopicRuleTimestreamTimestamp": { "properties": { "unit": { "type": "string", "description": "The precision of the timestamp value that results from the expression described in value. Valid values: `SECONDS`, `MILLISECONDS`, `MICROSECONDS`, `NANOSECONDS`.\n" }, "value": { "type": "string", "description": "An expression that returns a long epoch time value.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:ivs/RecordingConfigurationDestinationConfiguration:RecordingConfigurationDestinationConfiguration": { "properties": { "s3": { "$ref": "#/types/aws:ivs/RecordingConfigurationDestinationConfigurationS3:RecordingConfigurationDestinationConfigurationS3", "description": "S3 destination configuration where recorded videos will be stored.\n" } }, "type": "object", "required": [ "s3" ] }, "aws:ivs/RecordingConfigurationDestinationConfigurationS3:RecordingConfigurationDestinationConfigurationS3": { "properties": { "bucketName": { "type": "string", "description": "S3 bucket name where recorded videos will be stored.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "bucketName" ] }, "aws:ivs/RecordingConfigurationThumbnailConfiguration:RecordingConfigurationThumbnailConfiguration": { "properties": { "recordingMode": { "type": "string", "description": "Thumbnail recording mode. Valid values: `DISABLED`, `INTERVAL`.\n" }, "targetIntervalSeconds": { "type": "integer", "description": "The targeted thumbnail-generation interval in seconds.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recordingMode", "targetIntervalSeconds" ] } } }, "aws:ivschat/LoggingConfigurationDestinationConfiguration:LoggingConfigurationDestinationConfiguration": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfigurationCloudwatchLogs:LoggingConfigurationDestinationConfigurationCloudwatchLogs", "description": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.\n" }, "firehose": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfigurationFirehose:LoggingConfigurationDestinationConfigurationFirehose", "description": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.\n" }, "s3": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfigurationS3:LoggingConfigurationDestinationConfigurationS3", "description": "An Amazon S3 destination configuration where chat activity will be logged.\n" } }, "type": "object" }, "aws:ivschat/LoggingConfigurationDestinationConfigurationCloudwatchLogs:LoggingConfigurationDestinationConfigurationCloudwatchLogs": { "properties": { "logGroupName": { "type": "string", "description": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.\n" } }, "type": "object", "required": [ "logGroupName" ] }, "aws:ivschat/LoggingConfigurationDestinationConfigurationFirehose:LoggingConfigurationDestinationConfigurationFirehose": { "properties": { "deliveryStreamName": { "type": "string", "description": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.\n" } }, "type": "object", "required": [ "deliveryStreamName" ] }, "aws:ivschat/LoggingConfigurationDestinationConfigurationS3:LoggingConfigurationDestinationConfigurationS3": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket where chat activity will be logged.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "bucketName" ] }, "aws:ivschat/RoomMessageReviewHandler:RoomMessageReviewHandler": { "properties": { "fallbackResult": { "type": "string", "description": "The fallback behavior (whether the message\nis allowed or denied) if the handler does not return a valid response,\nencounters an error, or times out. Valid values: `ALLOW`, `DENY`.\n" }, "uri": { "type": "string", "description": "ARN of the lambda message review handler function.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "fallbackResult" ] } } }, "aws:kendra/DataSourceConfiguration:DataSourceConfiguration": { "properties": { "s3Configuration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationS3Configuration:DataSourceConfigurationS3Configuration", "description": "A block that provides the configuration information to connect to an Amazon S3 bucket as your data source. Detailed below.\n" }, "webCrawlerConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfiguration:DataSourceConfigurationWebCrawlerConfiguration", "description": "A block that provides the configuration information required for Amazon Kendra Web Crawler. Detailed below.\n" } }, "type": "object" }, "aws:kendra/DataSourceConfigurationS3Configuration:DataSourceConfigurationS3Configuration": { "properties": { "accessControlListConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationS3ConfigurationAccessControlListConfiguration:DataSourceConfigurationS3ConfigurationAccessControlListConfiguration", "description": "A block that provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html). Detailed below.\n" }, "bucketName": { "type": "string", "description": "The name of the bucket that contains the documents.\n" }, "documentsMetadataConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationS3ConfigurationDocumentsMetadataConfiguration:DataSourceConfigurationS3ConfigurationDocumentsMetadataConfiguration", "description": "A block that defines the Document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document. Detailed below.\n" }, "exclusionPatterns": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns for documents that should not be indexed. If a document that matches an inclusion prefix or inclusion pattern also matches an exclusion pattern, the document is not indexed. Refer to [Exclusion Patterns for more examples](https://docs.aws.amazon.com/kendra/latest/dg/API_S3DataSourceConfiguration.html#Kendra-Type-S3DataSourceConfiguration-ExclusionPatterns).\n" }, "inclusionPatterns": { "type": "array", "items": { "type": "string" }, "description": "A list of glob patterns for documents that should be indexed. If a document that matches an inclusion pattern also matches an exclusion pattern, the document is not indexed. Refer to [Inclusion Patterns for more examples](https://docs.aws.amazon.com/kendra/latest/dg/API_S3DataSourceConfiguration.html#Kendra-Type-S3DataSourceConfiguration-InclusionPatterns).\n" }, "inclusionPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of S3 prefixes for the documents that should be included in the index.\n" } }, "type": "object", "required": [ "bucketName" ] }, "aws:kendra/DataSourceConfigurationS3ConfigurationAccessControlListConfiguration:DataSourceConfigurationS3ConfigurationAccessControlListConfiguration": { "properties": { "keyPath": { "type": "string", "description": "Path to the AWS S3 bucket that contains the ACL files.\n" } }, "type": "object" }, "aws:kendra/DataSourceConfigurationS3ConfigurationDocumentsMetadataConfiguration:DataSourceConfigurationS3ConfigurationDocumentsMetadataConfiguration": { "properties": { "s3Prefix": { "type": "string", "description": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `s3_prefix` to include only the desired metadata files.\n" } }, "type": "object" }, "aws:kendra/DataSourceConfigurationWebCrawlerConfiguration:DataSourceConfigurationWebCrawlerConfiguration": { "properties": { "authenticationConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfiguration:DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfiguration", "description": "A block with the configuration information required to connect to websites using authentication. You can connect to websites using basic authentication of user name and password. You use a secret in AWS Secrets Manager to store your authentication credentials. You must provide the website host name and port number. For example, the host name of `https://a.example.com/page1.html` is `\"a.example.com\"` and the port is `443`, the standard port for HTTPS. Detailed below.\n" }, "crawlDepth": { "type": "integer", "description": "Specifies the number of levels in a website that you want to crawl. The first level begins from the website seed or starting point URL. For example, if a website has 3 levels – index level (i.e. seed in this example), sections level, and subsections level – and you are only interested in crawling information up to the sections level (i.e. levels 0-1), you can set your depth to 1. The default crawl depth is set to `2`. Minimum value of `0`. Maximum value of `10`.\n" }, "maxContentSizePerPageInMegaBytes": { "type": "number", "description": "The maximum size (in MB) of a webpage or attachment to crawl. Files larger than this size (in MB) are skipped/not crawled. The default maximum size of a webpage or attachment is set to `50` MB. Minimum value of `1.0e-06`. Maximum value of `50`.\n" }, "maxLinksPerPage": { "type": "integer", "description": "The maximum number of URLs on a webpage to include when crawling a website. This number is per webpage. As a website’s webpages are crawled, any URLs the webpages link to are also crawled. URLs on a webpage are crawled in order of appearance. The default maximum links per page is `100`. Minimum value of `1`. Maximum value of `1000`.\n" }, "maxUrlsPerMinuteCrawlRate": { "type": "integer", "description": "The maximum number of URLs crawled per website host per minute. The default maximum number of URLs crawled per website host per minute is `300`. Minimum value of `1`. Maximum value of `300`.\n" }, "proxyConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationProxyConfiguration:DataSourceConfigurationWebCrawlerConfigurationProxyConfiguration", "description": "Configuration information required to connect to your internal websites via a web proxy. You must provide the website host name and port number. For example, the host name of `https://a.example.com/page1.html` is `\"a.example.com\"` and the port is `443`, the standard port for HTTPS. Web proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html). Detailed below.\n" }, "urlExclusionPatterns": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index. Array Members: Minimum number of `0` items. Maximum number of `100` items. Length Constraints: Minimum length of `1`. Maximum length of `150`.\n" }, "urlInclusionPatterns": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index. Array Members: Minimum number of `0` items. Maximum number of `100` items. Length Constraints: Minimum length of `1`. Maximum length of `150`.\n" }, "urls": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrls:DataSourceConfigurationWebCrawlerConfigurationUrls", "description": "A block that specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl. You can include website subdomains. You can list up to `100` seed URLs and up to `3` sitemap URLs. You can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling. When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index. Detailed below.\n" } }, "type": "object", "required": [ "urls" ] }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfiguration:DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfiguration": { "properties": { "basicAuthentications": { "type": "array", "items": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthentication:DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthentication" }, "description": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials. The list includes the name and port number of the website host. Detailed below.\n" } }, "type": "object" }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthentication:DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthentication": { "properties": { "credentials": { "type": "string", "description": "Your secret ARN, which you can create in AWS Secrets Manager. You use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.\n" }, "host": { "type": "string", "description": "The name of the website host you want to connect to using authentication credentials. For example, the host name of `https://a.example.com/page1.html` is `\"a.example.com\"`.\n" }, "port": { "type": "integer", "description": "The port number of the website host you want to connect to using authentication credentials. For example, the port for `https://a.example.com/page1.html` is `443`, the standard port for HTTPS.\n" } }, "type": "object", "required": [ "credentials", "host", "port" ] }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationProxyConfiguration:DataSourceConfigurationWebCrawlerConfigurationProxyConfiguration": { "properties": { "credentials": { "type": "string", "description": "Your secret ARN, which you can create in AWS Secrets Manager. The credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.\n" }, "host": { "type": "string", "description": "The name of the website host you want to connect to via a web proxy server. For example, the host name of `https://a.example.com/page1.html` is `\"a.example.com\"`.\n" }, "port": { "type": "integer", "description": "The port number of the website host you want to connect to via a web proxy server. For example, the port for `https://a.example.com/page1.html` is `443`, the standard port for HTTPS.\n" } }, "type": "object", "required": [ "host", "port" ] }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrls:DataSourceConfigurationWebCrawlerConfigurationUrls": { "properties": { "seedUrlConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfiguration:DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfiguration", "description": "A block that specifies the configuration of the seed or starting point URLs of the websites you want to crawl. You can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the webpages link to. You can list up to `100` seed URLs. Detailed below.\n" }, "siteMapsConfiguration": { "$ref": "#/types/aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfiguration:DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfiguration", "description": "A block that specifies the configuration of the sitemap URLs of the websites you want to crawl. Only URLs belonging to the same website host names are crawled. You can list up to `3` sitemap URLs. Detailed below.\n" } }, "type": "object" }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfiguration:DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfiguration": { "properties": { "seedUrls": { "type": "array", "items": { "type": "string" }, "description": "The list of seed or starting point URLs of the websites you want to crawl. The list can include a maximum of `100` seed URLs. Array Members: Minimum number of `0` items. Maximum number of `100` items. Length Constraints: Minimum length of `1`. Maximum length of `2048`.\n" }, "webCrawlerMode": { "type": "string", "description": "The default mode is set to `HOST_ONLY`. You can choose one of the following modes:\n* `HOST_ONLY` – crawl only the website host names. For example, if the seed URL is `\"abc.example.com\"`, then only URLs with host name `\"abc.example.com\"` are crawled.\n* `SUBDOMAINS` – crawl the website host names with subdomains. For example, if the seed URL is `\"abc.example.com\"`, then `\"a.abc.example.com\"` and `\"b.abc.example.com\"` are also crawled.\n* `EVERYTHING` – crawl the website host names with subdomains and other domains that the webpages link to.\n" } }, "type": "object", "required": [ "seedUrls" ] }, "aws:kendra/DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfiguration:DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfiguration": { "properties": { "siteMaps": { "type": "array", "items": { "type": "string" }, "description": "The list of sitemap URLs of the websites you want to crawl. The list can include a maximum of `3` sitemap URLs.\n" } }, "type": "object", "required": [ "siteMaps" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfiguration:DataSourceCustomDocumentEnrichmentConfiguration": { "properties": { "inlineConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfiguration:DataSourceCustomDocumentEnrichmentConfigurationInlineConfiguration" }, "description": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra. Minimum number of `0` items. Maximum number of `100` items. Detailed below.\n" }, "postExtractionHookConfiguration": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfiguration:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfiguration", "description": "A block that specifies the configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation). Detailed below.\n" }, "preExtractionHookConfiguration": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfiguration:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfiguration", "description": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation). Detailed below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to run `pre_extraction_hook_configuration` and `post_extraction_hook_configuration` for altering document metadata and content during the document ingestion process. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfiguration:DataSourceCustomDocumentEnrichmentConfigurationInlineConfiguration": { "properties": { "condition": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationCondition:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationCondition", "description": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra. See condition.\n" }, "documentContentDeletion": { "type": "boolean", "description": "`TRUE` to delete content if the condition used for the target attribute is met.\n" }, "target": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTarget:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTarget", "description": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value. Detailed below.\n" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationCondition:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationCondition": { "properties": { "conditionDocumentAttributeKey": { "type": "string", "description": "The identifier of the document attribute used for the condition. For example, `_source_uri` could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. Amazon Kendra currently does not support `_document_body` as an attribute key used for the condition.\n" }, "conditionOnValue": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationConditionConditionOnValue", "description": "The value used by the operator. For example, you can specify the value 'financial' for strings in the `_source_uri` field that partially match or contain this value. See condition_on_value.\n" }, "operator": { "type": "string", "description": "The condition operator. For example, you can use `Contains` to partially match a string. Valid Values: `GreaterThan` | `GreaterThanOrEquals` | `LessThan` | `LessThanOrEquals` | `Equals` | `NotEquals` | `Contains` | `NotContains` | `Exists` | `NotExists` | `BeginsWith`.\n" } }, "type": "object", "required": [ "conditionDocumentAttributeKey", "operator" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationConditionConditionOnValue": { "properties": { "dateValue": { "type": "string", "description": "A date expressed as an ISO 8601 string. It is important for the time zone to be included in the ISO 8601 date-time format. As of this writing only UTC is supported. For example, `2012-03-25T12:30:10+00:00`.\n" }, "longValue": { "type": "integer", "description": "A long integer value.\n" }, "stringListValues": { "type": "array", "items": { "type": "string" }, "description": "A list of strings.\n" }, "stringValue": { "type": "string" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTarget:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTarget": { "properties": { "targetDocumentAttributeKey": { "type": "string", "description": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.\n" }, "targetDocumentAttributeValue": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTargetTargetDocumentAttributeValue:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTargetTargetDocumentAttributeValue", "description": "The target value you want to create for the target attribute. For example, 'Finance' could be the target value for the target attribute key 'Department'. See target_document_attribute_value.\n" }, "targetDocumentAttributeValueDeletion": { "type": "boolean", "description": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE`. To create a target value (`TargetDocumentAttributeValue`), set this to `FALSE`.\n" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTargetTargetDocumentAttributeValue:DataSourceCustomDocumentEnrichmentConfigurationInlineConfigurationTargetTargetDocumentAttributeValue": { "properties": { "dateValue": { "type": "string", "description": "A date expressed as an ISO 8601 string. It is important for the time zone to be included in the ISO 8601 date-time format. As of this writing only UTC is supported. For example, `2012-03-25T12:30:10+00:00`.\n" }, "longValue": { "type": "integer", "description": "A long integer value.\n" }, "stringListValues": { "type": "array", "items": { "type": "string" }, "description": "A list of strings.\n" }, "stringValue": { "type": "string" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfiguration:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfiguration": { "properties": { "invocationCondition": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationCondition:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationCondition", "description": "A block that specifies the condition used for when a Lambda function should be invoked. For example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time. See invocation_condition.\n" }, "lambdaArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a Lambda Function that can manipulate your document metadata fields or attributes and content.\n" }, "s3Bucket": { "type": "string", "description": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda).\n" } }, "type": "object", "required": [ "lambdaArn", "s3Bucket" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationCondition:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationCondition": { "properties": { "conditionDocumentAttributeKey": { "type": "string", "description": "The identifier of the document attribute used for the condition. For example, `_source_uri` could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. Amazon Kendra currently does not support `_document_body` as an attribute key used for the condition.\n" }, "conditionOnValue": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationConditionConditionOnValue", "description": "The value used by the operator. For example, you can specify the value 'financial' for strings in the `_source_uri` field that partially match or contain this value. See condition_on_value.\n" }, "operator": { "type": "string", "description": "The condition operator. For example, you can use `Contains` to partially match a string. Valid Values: `GreaterThan` | `GreaterThanOrEquals` | `LessThan` | `LessThanOrEquals` | `Equals` | `NotEquals` | `Contains` | `NotContains` | `Exists` | `NotExists` | `BeginsWith`.\n" } }, "type": "object", "required": [ "conditionDocumentAttributeKey", "operator" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationPostExtractionHookConfigurationInvocationConditionConditionOnValue": { "properties": { "dateValue": { "type": "string", "description": "A date expressed as an ISO 8601 string. It is important for the time zone to be included in the ISO 8601 date-time format. As of this writing only UTC is supported. For example, `2012-03-25T12:30:10+00:00`.\n" }, "longValue": { "type": "integer", "description": "A long integer value.\n" }, "stringListValues": { "type": "array", "items": { "type": "string" }, "description": "A list of strings.\n" }, "stringValue": { "type": "string" } }, "type": "object" }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfiguration:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfiguration": { "properties": { "invocationCondition": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationCondition:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationCondition", "description": "A block that specifies the condition used for when a Lambda function should be invoked. For example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time. See invocation_condition.\n" }, "lambdaArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a Lambda Function that can manipulate your document metadata fields or attributes and content.\n" }, "s3Bucket": { "type": "string", "description": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda).\n" } }, "type": "object", "required": [ "lambdaArn", "s3Bucket" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationCondition:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationCondition": { "properties": { "conditionDocumentAttributeKey": { "type": "string", "description": "The identifier of the document attribute used for the condition. For example, `_source_uri` could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. Amazon Kendra currently does not support `_document_body` as an attribute key used for the condition.\n" }, "conditionOnValue": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationConditionConditionOnValue", "description": "The value used by the operator. For example, you can specify the value 'financial' for strings in the `_source_uri` field that partially match or contain this value. See condition_on_value.\n" }, "operator": { "type": "string", "description": "The condition operator. For example, you can use `Contains` to partially match a string. Valid Values: `GreaterThan` | `GreaterThanOrEquals` | `LessThan` | `LessThanOrEquals` | `Equals` | `NotEquals` | `Contains` | `NotContains` | `Exists` | `NotExists` | `BeginsWith`.\n" } }, "type": "object", "required": [ "conditionDocumentAttributeKey", "operator" ] }, "aws:kendra/DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationConditionConditionOnValue:DataSourceCustomDocumentEnrichmentConfigurationPreExtractionHookConfigurationInvocationConditionConditionOnValue": { "properties": { "dateValue": { "type": "string", "description": "A date expressed as an ISO 8601 string. It is important for the time zone to be included in the ISO 8601 date-time format. As of this writing only UTC is supported. For example, `2012-03-25T12:30:10+00:00`.\n" }, "longValue": { "type": "integer", "description": "A long integer value.\n" }, "stringListValues": { "type": "array", "items": { "type": "string" }, "description": "A list of strings.\n" }, "stringValue": { "type": "string" } }, "type": "object" }, "aws:kendra/ExperienceConfiguration:ExperienceConfiguration": { "properties": { "contentSourceConfiguration": { "$ref": "#/types/aws:kendra/ExperienceConfigurationContentSourceConfiguration:ExperienceConfigurationContentSourceConfiguration", "description": "The identifiers of your data sources and FAQs. Or, you can specify that you want to use documents indexed via the `BatchPutDocument API`. The provider will only perform drift detection of its value when present in a configuration. Detailed below.\n" }, "userIdentityConfiguration": { "$ref": "#/types/aws:kendra/ExperienceConfigurationUserIdentityConfiguration:ExperienceConfigurationUserIdentityConfiguration", "description": "The AWS SSO field name that contains the identifiers of your users, such as their emails. Detailed below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "contentSourceConfiguration" ] } } }, "aws:kendra/ExperienceConfigurationContentSourceConfiguration:ExperienceConfigurationContentSourceConfiguration": { "properties": { "dataSourceIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the data sources you want to use for your Amazon Kendra experience. Maximum number of 100 items.\n" }, "directPutContent": { "type": "boolean", "description": "Whether to use documents you indexed directly using the `BatchPutDocument API`. Defaults to `false`.\n" }, "faqIds": { "type": "array", "items": { "type": "string" }, "description": "The identifier of the FAQs that you want to use for your Amazon Kendra experience. Maximum number of 100 items.\n" } }, "type": "object" }, "aws:kendra/ExperienceConfigurationUserIdentityConfiguration:ExperienceConfigurationUserIdentityConfiguration": { "properties": { "identityAttributeName": { "type": "string", "description": "The AWS SSO field name that contains the identifiers of your users, such as their emails.\n" } }, "type": "object", "required": [ "identityAttributeName" ] }, "aws:kendra/ExperienceEndpoint:ExperienceEndpoint": { "properties": { "endpoint": { "type": "string", "description": "The endpoint of your Amazon Kendra experience.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint for your Amazon Kendra experience.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endpoint", "endpointType" ] } } }, "aws:kendra/FaqS3Path:FaqS3Path": { "properties": { "bucket": { "type": "string", "description": "The name of the S3 bucket that contains the file.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The name of the file.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucket", "key" ] }, "aws:kendra/IndexCapacityUnits:IndexCapacityUnits": { "properties": { "queryCapacityUnits": { "type": "integer", "description": "The amount of extra query capacity for an index and GetQuerySuggestions capacity. For more information, refer to [QueryCapacityUnits](https://docs.aws.amazon.com/kendra/latest/dg/API_CapacityUnitsConfiguration.html#Kendra-Type-CapacityUnitsConfiguration-QueryCapacityUnits).\n" }, "storageCapacityUnits": { "type": "integer", "description": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. Minimum value of 0.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "queryCapacityUnits", "storageCapacityUnits" ] } } }, "aws:kendra/IndexDocumentMetadataConfigurationUpdate:IndexDocumentMetadataConfigurationUpdate": { "properties": { "name": { "type": "string", "description": "The name of the index field. Minimum length of 1. Maximum length of 30.\n" }, "relevance": { "$ref": "#/types/aws:kendra/IndexDocumentMetadataConfigurationUpdateRelevance:IndexDocumentMetadataConfigurationUpdateRelevance", "description": "A block that provides manual tuning parameters to determine how the field affects the search results. Detailed below\n" }, "search": { "$ref": "#/types/aws:kendra/IndexDocumentMetadataConfigurationUpdateSearch:IndexDocumentMetadataConfigurationUpdateSearch", "description": "A block that provides information about how the field is used during a search. Documented below. Detailed below\n" }, "type": { "type": "string", "description": "The data type of the index field. Valid values are `STRING_VALUE`, `STRING_LIST_VALUE`, `LONG_VALUE`, `DATE_VALUE`.\n" } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredOutputs": [ "name", "relevance", "search", "type" ] } } }, "aws:kendra/IndexDocumentMetadataConfigurationUpdateRelevance:IndexDocumentMetadataConfigurationUpdateRelevance": { "properties": { "duration": { "type": "string", "description": "Specifies the time period that the boost applies to. For more information, refer to [Duration](https://docs.aws.amazon.com/kendra/latest/dg/API_Relevance.html#Kendra-Type-Relevance-Duration).\n" }, "freshness": { "type": "boolean", "description": "Indicates that this field determines how \"fresh\" a document is. For more information, refer to [Freshness](https://docs.aws.amazon.com/kendra/latest/dg/API_Relevance.html#Kendra-Type-Relevance-Freshness).\n" }, "importance": { "type": "integer", "description": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers. Minimum value of 1. Maximum value of 10.\n" }, "rankOrder": { "type": "string", "description": "Determines how values should be interpreted. For more information, refer to [RankOrder](https://docs.aws.amazon.com/kendra/latest/dg/API_Relevance.html#Kendra-Type-Relevance-RankOrder).\n" }, "valuesImportanceMap": { "type": "object", "additionalProperties": { "type": "integer" }, "description": "A list of values that should be given a different boost when they appear in the result list. For more information, refer to [ValueImportanceMap](https://docs.aws.amazon.com/kendra/latest/dg/API_Relevance.html#Kendra-Type-Relevance-ValueImportanceMap).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "duration", "freshness", "importance", "rankOrder", "valuesImportanceMap" ] } } }, "aws:kendra/IndexDocumentMetadataConfigurationUpdateSearch:IndexDocumentMetadataConfigurationUpdateSearch": { "properties": { "displayable": { "type": "boolean", "description": "Determines whether the field is returned in the query response. The default is `true`.\n" }, "facetable": { "type": "boolean", "description": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false`.\n" }, "searchable": { "type": "boolean", "description": "Determines whether the field is used in the search. If the Searchable field is true, you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for `string` fields and `false` for `number` and `date` fields.\n" }, "sortable": { "type": "boolean", "description": "Determines whether the field can be used to sort the results of a query. If you specify sorting on a field that does not have Sortable set to true, Amazon Kendra returns an exception. The default is `false`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "displayable", "facetable", "searchable", "sortable" ] } } }, "aws:kendra/IndexIndexStatistic:IndexIndexStatistic": { "properties": { "faqStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexIndexStatisticFaqStatistic:IndexIndexStatisticFaqStatistic" }, "description": "A block that specifies the number of question and answer topics in the index. Detailed below.\n" }, "textDocumentStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexIndexStatisticTextDocumentStatistic:IndexIndexStatisticTextDocumentStatistic" }, "description": "A block that specifies the number of text documents indexed. Detailed below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "faqStatistics", "textDocumentStatistics" ] } } }, "aws:kendra/IndexIndexStatisticFaqStatistic:IndexIndexStatisticFaqStatistic": { "properties": { "indexedQuestionAnswersCount": { "type": "integer", "description": "The total number of FAQ questions and answers contained in the index.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "indexedQuestionAnswersCount" ] } } }, "aws:kendra/IndexIndexStatisticTextDocumentStatistic:IndexIndexStatisticTextDocumentStatistic": { "properties": { "indexedTextBytes": { "type": "integer", "description": "The total size, in bytes, of the indexed documents.\n" }, "indexedTextDocumentsCount": { "type": "integer", "description": "The number of text documents indexed.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "indexedTextBytes", "indexedTextDocumentsCount" ] } } }, "aws:kendra/IndexServerSideEncryptionConfiguration:IndexServerSideEncryptionConfiguration": { "properties": { "kmsKeyId": { "type": "string", "description": "The identifier of the AWS KMScustomer master key (CMK). Amazon Kendra doesn't support asymmetric CMKs.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:kendra/IndexUserGroupResolutionConfiguration:IndexUserGroupResolutionConfiguration": { "properties": { "userGroupResolutionMode": { "type": "string", "description": "The identity store provider (mode) you want to use to fetch access levels of groups and users. AWS Single Sign-On is currently the only available mode. Your users and groups must exist in an AWS SSO identity source in order to use this mode. Valid Values are `AWS_SSO` or `NONE`.\n" } }, "type": "object", "required": [ "userGroupResolutionMode" ] }, "aws:kendra/IndexUserTokenConfigurations:IndexUserTokenConfigurations": { "properties": { "jsonTokenTypeConfiguration": { "$ref": "#/types/aws:kendra/IndexUserTokenConfigurationsJsonTokenTypeConfiguration:IndexUserTokenConfigurationsJsonTokenTypeConfiguration", "description": "A block that specifies the information about the JSON token type configuration. Detailed below.\n" }, "jwtTokenTypeConfiguration": { "$ref": "#/types/aws:kendra/IndexUserTokenConfigurationsJwtTokenTypeConfiguration:IndexUserTokenConfigurationsJwtTokenTypeConfiguration", "description": "A block that specifies the information about the JWT token type configuration. Detailed below.\n" } }, "type": "object" }, "aws:kendra/IndexUserTokenConfigurationsJsonTokenTypeConfiguration:IndexUserTokenConfigurationsJsonTokenTypeConfiguration": { "properties": { "groupAttributeField": { "type": "string", "description": "The group attribute field. Minimum length of 1. Maximum length of 2048.\n" }, "userNameAttributeField": { "type": "string", "description": "The user name attribute field. Minimum length of 1. Maximum length of 2048.\n" } }, "type": "object", "required": [ "groupAttributeField", "userNameAttributeField" ] }, "aws:kendra/IndexUserTokenConfigurationsJwtTokenTypeConfiguration:IndexUserTokenConfigurationsJwtTokenTypeConfiguration": { "properties": { "claimRegex": { "type": "string", "description": "The regular expression that identifies the claim. Minimum length of 1. Maximum length of 100.\n" }, "groupAttributeField": { "type": "string", "description": "The group attribute field. Minimum length of 1. Maximum length of 100.\n" }, "issuer": { "type": "string", "description": "The issuer of the token. Minimum length of 1. Maximum length of 65.\n" }, "keyLocation": { "type": "string", "description": "The location of the key. Valid values are `URL` or `SECRET_MANAGER`\n" }, "secretsManagerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret.\n" }, "url": { "type": "string", "description": "The signing key URL. Valid pattern is `^(https?|ftp|file):\\/\\/([^\\s]*)`\n" }, "userNameAttributeField": { "type": "string", "description": "The user name attribute field. Minimum length of 1. Maximum length of 100.\n" } }, "type": "object", "required": [ "keyLocation" ] }, "aws:kendra/QuerySuggestionsBlockListSourceS3Path:QuerySuggestionsBlockListSourceS3Path": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket that contains the file.\n" }, "key": { "type": "string", "description": "Name of the file.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "aws:kendra/ThesaurusSourceS3Path:ThesaurusSourceS3Path": { "properties": { "bucket": { "type": "string", "description": "The name of the S3 bucket that contains the file.\n" }, "key": { "type": "string", "description": "The name of the file.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "aws:kendra/getExperienceConfiguration:getExperienceConfiguration": { "properties": { "contentSourceConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getExperienceConfigurationContentSourceConfiguration:getExperienceConfigurationContentSourceConfiguration" }, "description": "The identifiers of your data sources and FAQs. This is the content you want to use for your Amazon Kendra Experience. Documented below.\n" }, "userIdentityConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getExperienceConfigurationUserIdentityConfiguration:getExperienceConfigurationUserIdentityConfiguration" }, "description": "The AWS SSO field name that contains the identifiers of your users, such as their emails. Documented below.\n" } }, "type": "object", "required": [ "contentSourceConfigurations", "userIdentityConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getExperienceConfigurationContentSourceConfiguration:getExperienceConfigurationContentSourceConfiguration": { "properties": { "dataSourceIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of the data sources you want to use for your Amazon Kendra Experience.\n" }, "directPutContent": { "type": "boolean", "description": "Whether to use documents you indexed directly using the `BatchPutDocument API`.\n" }, "faqIds": { "type": "array", "items": { "type": "string" }, "description": "Identifier of the FAQs that you want to use for your Amazon Kendra Experience.\n" } }, "type": "object", "required": [ "dataSourceIds", "directPutContent", "faqIds" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getExperienceConfigurationUserIdentityConfiguration:getExperienceConfigurationUserIdentityConfiguration": { "properties": { "identityAttributeName": { "type": "string", "description": "The AWS SSO field name that contains the identifiers of your users, such as their emails.\n" } }, "type": "object", "required": [ "identityAttributeName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getExperienceEndpoint:getExperienceEndpoint": { "properties": { "endpoint": { "type": "string", "description": "Endpoint of your Amazon Kendra Experience.\n" }, "endpointType": { "type": "string", "description": "Type of endpoint for your Amazon Kendra Experience.\n" } }, "type": "object", "required": [ "endpoint", "endpointType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getFaqS3Path:getFaqS3Path": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket that contains the file.\n" }, "key": { "type": "string", "description": "Name of the file.\n" } }, "type": "object", "required": [ "bucket", "key" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexCapacityUnit:getIndexCapacityUnit": { "properties": { "queryCapacityUnits": { "type": "integer", "description": "The amount of extra query capacity for an index and GetQuerySuggestions capacity. For more information, refer to [QueryCapacityUnits](https://docs.aws.amazon.com/kendra/latest/APIReference/API_CapacityUnitsConfiguration.html#Kendra-Type-CapacityUnitsConfiguration-QueryCapacityUnits).\n" }, "storageCapacityUnits": { "type": "integer", "description": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. Minimum value of 0.\n" } }, "type": "object", "required": [ "queryCapacityUnits", "storageCapacityUnits" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexDocumentMetadataConfigurationUpdate:getIndexDocumentMetadataConfigurationUpdate": { "properties": { "name": { "type": "string", "description": "Name of the index field. Minimum length of 1. Maximum length of 30.\n" }, "relevances": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexDocumentMetadataConfigurationUpdateRelevance:getIndexDocumentMetadataConfigurationUpdateRelevance" }, "description": "Block that provides manual tuning parameters to determine how the field affects the search results. Documented below.\n" }, "searches": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexDocumentMetadataConfigurationUpdateSearch:getIndexDocumentMetadataConfigurationUpdateSearch" }, "description": "Block that provides information about how the field is used during a search. Documented below.\n" }, "type": { "type": "string", "description": "Data type of the index field. Valid values are `STRING_VALUE`, `STRING_LIST_VALUE`, `LONG_VALUE`, `DATE_VALUE`.\n" } }, "type": "object", "required": [ "name", "relevances", "searches", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexDocumentMetadataConfigurationUpdateRelevance:getIndexDocumentMetadataConfigurationUpdateRelevance": { "properties": { "duration": { "type": "string", "description": "Time period that the boost applies to. For more information, refer to [Duration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_Relevance.html#Kendra-Type-Relevance-Duration).\n" }, "freshness": { "type": "boolean", "description": "How \"fresh\" a document is. For more information, refer to [Freshness](https://docs.aws.amazon.com/kendra/latest/APIReference/API_Relevance.html#Kendra-Type-Relevance-Freshness).\n" }, "importance": { "type": "integer", "description": "Relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers. Minimum value of 1. Maximum value of 10.\n" }, "rankOrder": { "type": "string", "description": "Determines how values should be interpreted. For more information, refer to [RankOrder](https://docs.aws.amazon.com/kendra/latest/APIReference/API_Relevance.html#Kendra-Type-Relevance-RankOrder).\n" }, "valuesImportanceMap": { "type": "object", "additionalProperties": { "type": "integer" }, "description": "A list of values that should be given a different boost when they appear in the result list. For more information, refer to [ValueImportanceMap](https://docs.aws.amazon.com/kendra/latest/APIReference/API_Relevance.html#Kendra-Type-Relevance-ValueImportanceMap).\n" } }, "type": "object", "required": [ "duration", "freshness", "importance", "rankOrder", "valuesImportanceMap" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexDocumentMetadataConfigurationUpdateSearch:getIndexDocumentMetadataConfigurationUpdateSearch": { "properties": { "displayable": { "type": "boolean", "description": "Determines whether the field is returned in the query response. The default is `true`.\n" }, "facetable": { "type": "boolean", "description": "Whether the field can be used to create search facets, a count of results for each value in the field. The default is `false`.\n" }, "searchable": { "type": "boolean", "description": "Determines whether the field is used in the search. If the Searchable field is true, you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for `string` fields and `false` for `number` and `date` fields.\n" }, "sortable": { "type": "boolean", "description": "Determines whether the field can be used to sort the results of a query. If you specify sorting on a field that does not have Sortable set to true, Amazon Kendra returns an exception. The default is `false`.\n" } }, "type": "object", "required": [ "displayable", "facetable", "searchable", "sortable" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexIndexStatistic:getIndexIndexStatistic": { "properties": { "faqStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexIndexStatisticFaqStatistic:getIndexIndexStatisticFaqStatistic" }, "description": "Block that specifies the number of question and answer topics in the index. Documented below.\n" }, "textDocumentStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexIndexStatisticTextDocumentStatistic:getIndexIndexStatisticTextDocumentStatistic" }, "description": "A block that specifies the number of text documents indexed.\n" } }, "type": "object", "required": [ "faqStatistics", "textDocumentStatistics" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexIndexStatisticFaqStatistic:getIndexIndexStatisticFaqStatistic": { "properties": { "indexedQuestionAnswersCount": { "type": "integer", "description": "The total number of FAQ questions and answers contained in the index.\n" } }, "type": "object", "required": [ "indexedQuestionAnswersCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexIndexStatisticTextDocumentStatistic:getIndexIndexStatisticTextDocumentStatistic": { "properties": { "indexedTextBytes": { "type": "integer", "description": "Total size, in bytes, of the indexed documents.\n" }, "indexedTextDocumentsCount": { "type": "integer", "description": "The number of text documents indexed.\n" } }, "type": "object", "required": [ "indexedTextBytes", "indexedTextDocumentsCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexServerSideEncryptionConfiguration:getIndexServerSideEncryptionConfiguration": { "properties": { "kmsKeyId": { "type": "string", "description": "Identifier of the AWS KMScustomer master key (CMK). Amazon Kendra doesn't support asymmetric CMKs.\n" } }, "type": "object", "required": [ "kmsKeyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexUserGroupResolutionConfiguration:getIndexUserGroupResolutionConfiguration": { "properties": { "userGroupResolutionMode": { "type": "string", "description": "The identity store provider (mode) you want to use to fetch access levels of groups and users. AWS Single Sign-On is currently the only available mode. Your users and groups must exist in an AWS SSO identity source in order to use this mode. Valid Values are `AWS_SSO` or `NONE`.\n" } }, "type": "object", "required": [ "userGroupResolutionMode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexUserTokenConfiguration:getIndexUserTokenConfiguration": { "properties": { "jsonTokenTypeConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexUserTokenConfigurationJsonTokenTypeConfiguration:getIndexUserTokenConfigurationJsonTokenTypeConfiguration" }, "description": "A block that specifies the information about the JSON token type configuration.\n" }, "jwtTokenTypeConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kendra/getIndexUserTokenConfigurationJwtTokenTypeConfiguration:getIndexUserTokenConfigurationJwtTokenTypeConfiguration" }, "description": "A block that specifies the information about the JWT token type configuration.\n" } }, "type": "object", "required": [ "jsonTokenTypeConfigurations", "jwtTokenTypeConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexUserTokenConfigurationJsonTokenTypeConfiguration:getIndexUserTokenConfigurationJsonTokenTypeConfiguration": { "properties": { "groupAttributeField": { "type": "string", "description": "The group attribute field.\n" }, "userNameAttributeField": { "type": "string", "description": "The user name attribute field.\n" } }, "type": "object", "required": [ "groupAttributeField", "userNameAttributeField" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getIndexUserTokenConfigurationJwtTokenTypeConfiguration:getIndexUserTokenConfigurationJwtTokenTypeConfiguration": { "properties": { "claimRegex": { "type": "string", "description": "Regular expression that identifies the claim.\n" }, "groupAttributeField": { "type": "string", "description": "The group attribute field.\n" }, "issuer": { "type": "string", "description": "Issuer of the token.\n" }, "keyLocation": { "type": "string", "description": "Location of the key. Valid values are `URL` or `SECRET_MANAGER`\n" }, "secretsManagerArn": { "type": "string", "description": "ARN of the secret.\n" }, "url": { "type": "string", "description": "Signing key URL.\n" }, "userNameAttributeField": { "type": "string", "description": "The user name attribute field.\n" } }, "type": "object", "required": [ "claimRegex", "groupAttributeField", "issuer", "keyLocation", "secretsManagerArn", "url", "userNameAttributeField" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getQuerySuggestionsBlockListSourceS3Path:getQuerySuggestionsBlockListSourceS3Path": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket that contains the file.\n" }, "key": { "type": "string", "description": "Name of the file.\n" } }, "type": "object", "required": [ "bucket", "key" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kendra/getThesaurusSourceS3Path:getThesaurusSourceS3Path": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket that contains the file.\n" }, "key": { "type": "string", "description": "Name of the file.\n" } }, "type": "object", "required": [ "bucket", "key" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:keyspaces/TableCapacitySpecification:TableCapacitySpecification": { "properties": { "readCapacityUnits": { "type": "integer", "description": "The throughput capacity specified for read operations defined in read capacity units (RCUs).\n" }, "throughputMode": { "type": "string", "description": "The read/write throughput capacity mode for a table. Valid values: `PAY_PER_REQUEST`, `PROVISIONED`. The default value is `PAY_PER_REQUEST`.\n" }, "writeCapacityUnits": { "type": "integer", "description": "The throughput capacity specified for write operations defined in write capacity units (WCUs).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "throughputMode" ] } } }, "aws:keyspaces/TableClientSideTimestamps:TableClientSideTimestamps": { "properties": { "status": { "type": "string", "description": "Shows how to enable client-side timestamps settings for the specified table. Valid values: `ENABLED`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:keyspaces/TableComment:TableComment": { "properties": { "message": { "type": "string", "description": "A description of the table.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "message" ] } } }, "aws:keyspaces/TableEncryptionSpecification:TableEncryptionSpecification": { "properties": { "kmsKeyIdentifier": { "type": "string", "description": "The Amazon Resource Name (ARN) of the customer managed KMS key.\n" }, "type": { "type": "string", "description": "The encryption option specified for the table. Valid values: `AWS_OWNED_KMS_KEY`, `CUSTOMER_MANAGED_KMS_KEY`. The default value is `AWS_OWNED_KMS_KEY`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:keyspaces/TablePointInTimeRecovery:TablePointInTimeRecovery": { "properties": { "status": { "type": "string", "description": "Valid values: `ENABLED`, `DISABLED`. The default value is `DISABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "status" ] } } }, "aws:keyspaces/TableSchemaDefinition:TableSchemaDefinition": { "properties": { "clusteringKeys": { "type": "array", "items": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinitionClusteringKey:TableSchemaDefinitionClusteringKey" }, "description": "The columns that are part of the clustering key of the table.\n", "willReplaceOnChanges": true }, "columns": { "type": "array", "items": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinitionColumn:TableSchemaDefinitionColumn" }, "description": "The regular columns of the table.\n" }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinitionPartitionKey:TableSchemaDefinitionPartitionKey" }, "description": "The columns that are part of the partition key of the table .\n", "willReplaceOnChanges": true }, "staticColumns": { "type": "array", "items": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinitionStaticColumn:TableSchemaDefinitionStaticColumn" }, "description": "The columns that have been defined as `STATIC`. Static columns store values that are shared by all rows in the same partition.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "columns", "partitionKeys" ] }, "aws:keyspaces/TableSchemaDefinitionClusteringKey:TableSchemaDefinitionClusteringKey": { "properties": { "name": { "type": "string", "description": "The name of the clustering key column.\n", "willReplaceOnChanges": true }, "orderBy": { "type": "string", "description": "The order modifier. Valid values: `ASC`, `DESC`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "orderBy" ] }, "aws:keyspaces/TableSchemaDefinitionColumn:TableSchemaDefinitionColumn": { "properties": { "name": { "type": "string", "description": "The name of the column.\n" }, "type": { "type": "string", "description": "The data type of the column. See the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) for a list of available data types.\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:keyspaces/TableSchemaDefinitionPartitionKey:TableSchemaDefinitionPartitionKey": { "properties": { "name": { "type": "string", "description": "The name of the partition key column.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ] }, "aws:keyspaces/TableSchemaDefinitionStaticColumn:TableSchemaDefinitionStaticColumn": { "properties": { "name": { "type": "string", "description": "The name of the static column.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ] }, "aws:keyspaces/TableTtl:TableTtl": { "properties": { "status": { "type": "string", "description": "Valid values: `ENABLED`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n" }, "logStreamArn": { "type": "string", "description": "The ARN of the CloudWatch Log Stream.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to send application messages.\n" } }, "type": "object", "required": [ "logStreamArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "id", "logStreamArn", "roleArn" ] } } }, "aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n" }, "kinesisFirehose": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsKinesisFirehose:AnalyticsApplicationInputsKinesisFirehose", "description": "The Kinesis Firehose configuration for the streaming source. Conflicts with `kinesis_stream`.\nSee Kinesis Firehose below for more details.\n" }, "kinesisStream": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsKinesisStream:AnalyticsApplicationInputsKinesisStream", "description": "The Kinesis Stream configuration for the streaming source. Conflicts with `kinesis_firehose`.\nSee Kinesis Stream below for more details.\n" }, "namePrefix": { "type": "string", "description": "The Name Prefix to use when creating an in-application stream.\n" }, "parallelism": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsParallelism:AnalyticsApplicationInputsParallelism", "description": "The number of Parallel in-application streams to create.\nSee Parallelism below for more details.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsProcessingConfiguration:AnalyticsApplicationInputsProcessingConfiguration", "description": "The Processing Configuration to transform records as they are received from the stream.\nSee Processing Configuration below for more details.\n" }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchema:AnalyticsApplicationInputsSchema", "description": "The Schema format of the data in the streaming source. See Source Schema below for more details.\n" }, "startingPositionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsStartingPositionConfiguration:AnalyticsApplicationInputsStartingPositionConfiguration" }, "description": "The point at which the application starts processing records from the streaming source.\nSee Starting Position Configuration below for more details.\n" }, "streamNames": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "namePrefix", "schema" ], "language": { "nodejs": { "requiredOutputs": [ "id", "namePrefix", "parallelism", "schema", "startingPositionConfigurations", "streamNames" ] } } }, "aws:kinesis/AnalyticsApplicationInputsKinesisFirehose:AnalyticsApplicationInputsKinesisFirehose": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Firehose delivery stream.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsKinesisStream:AnalyticsApplicationInputsKinesisStream": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Stream.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsParallelism:AnalyticsApplicationInputsParallelism": { "properties": { "count": { "type": "integer", "description": "The Count of streams.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "count" ] } } }, "aws:kinesis/AnalyticsApplicationInputsProcessingConfiguration:AnalyticsApplicationInputsProcessingConfiguration": { "properties": { "lambda": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsProcessingConfigurationLambda:AnalyticsApplicationInputsProcessingConfigurationLambda", "description": "The Lambda function configuration. See Lambda below for more details.\n" } }, "type": "object", "required": [ "lambda" ] }, "aws:kinesis/AnalyticsApplicationInputsProcessingConfigurationLambda:AnalyticsApplicationInputsProcessingConfigurationLambda": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Lambda function.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the Lambda function.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationInputsSchema:AnalyticsApplicationInputsSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordColumn:AnalyticsApplicationInputsSchemaRecordColumn" }, "description": "The Record Column mapping for the streaming source data element.\nSee Record Columns below for more details.\n" }, "recordEncoding": { "type": "string", "description": "The Encoding of the record in the streaming source.\n" }, "recordFormat": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormat:AnalyticsApplicationInputsSchemaRecordFormat", "description": "The Record Format and mapping information to schematize a record.\nSee Record Format below for more details.\n" } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordColumn:AnalyticsApplicationInputsSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "The Mapping reference to the data element.\n" }, "name": { "type": "string", "description": "Name of the column.\n" }, "sqlType": { "type": "string", "description": "The SQL Type of the column.\n" } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormat:AnalyticsApplicationInputsSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParameters:AnalyticsApplicationInputsSchemaRecordFormatMappingParameters", "description": "The Mapping Information for the record format.\nSee Mapping Parameters below for more details.\n" }, "recordFormatType": { "type": "string", "description": "The type of Record Format. Can be `CSV` or `JSON`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recordFormatType" ] } } }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParameters:AnalyticsApplicationInputsSchemaRecordFormatMappingParameters": { "properties": { "csv": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv", "description": "Mapping information when the record format uses delimiters.\nSee CSV Mapping Parameters below for more details.\n" }, "json": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson", "description": "Mapping information when JSON is the record format on the streaming source.\nSee JSON Mapping Parameters below for more details.\n" } }, "type": "object" }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsv": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The Column Delimiter.\n" }, "recordRowDelimiter": { "type": "string", "description": "The Row Delimiter.\n" } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesis/AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson:AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJson": { "properties": { "recordRowPath": { "type": "string", "description": "Path to the top-level parent that contains the records.\n" } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesis/AnalyticsApplicationInputsStartingPositionConfiguration:AnalyticsApplicationInputsStartingPositionConfiguration": { "properties": { "startingPosition": { "type": "string", "description": "The starting position on the stream. Valid values: `LAST_STOPPED_POINT`, `NOW`, `TRIM_HORIZON`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "startingPosition" ] } } }, "aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n" }, "kinesisFirehose": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputKinesisFirehose:AnalyticsApplicationOutputKinesisFirehose", "description": "The Kinesis Firehose configuration for the destination stream. Conflicts with `kinesis_stream`.\nSee Kinesis Firehose below for more details.\n" }, "kinesisStream": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputKinesisStream:AnalyticsApplicationOutputKinesisStream", "description": "The Kinesis Stream configuration for the destination stream. Conflicts with `kinesis_firehose`.\nSee Kinesis Stream below for more details.\n" }, "lambda": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputLambda:AnalyticsApplicationOutputLambda", "description": "The Lambda function destination. See Lambda below for more details.\n" }, "name": { "type": "string", "description": "The Name of the in-application stream.\n" }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutputSchema:AnalyticsApplicationOutputSchema", "description": "The Schema format of the data written to the destination. See Destination Schema below for more details.\n" } }, "type": "object", "required": [ "name", "schema" ], "language": { "nodejs": { "requiredOutputs": [ "id", "name", "schema" ] } } }, "aws:kinesis/AnalyticsApplicationOutputKinesisFirehose:AnalyticsApplicationOutputKinesisFirehose": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Firehose delivery stream.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputKinesisStream:AnalyticsApplicationOutputKinesisStream": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Kinesis Stream.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the stream.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputLambda:AnalyticsApplicationOutputLambda": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Lambda function.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM Role used to access the Lambda function.\n" } }, "type": "object", "required": [ "resourceArn", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationOutputSchema:AnalyticsApplicationOutputSchema": { "properties": { "recordFormatType": { "type": "string", "description": "The Format Type of the records on the output stream. Can be `CSV` or `JSON`.\n" } }, "type": "object", "required": [ "recordFormatType" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources": { "properties": { "id": { "type": "string", "description": "The ARN of the Kinesis Analytics Application.\n" }, "s3": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesS3:AnalyticsApplicationReferenceDataSourcesS3", "description": "The S3 configuration for the reference data source. See S3 Reference below for more details.\n" }, "schema": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchema:AnalyticsApplicationReferenceDataSourcesSchema", "description": "The Schema format of the data in the streaming source. See Source Schema below for more details.\n" }, "tableName": { "type": "string", "description": "The in-application Table Name.\n" } }, "type": "object", "required": [ "s3", "schema", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "id", "s3", "schema", "tableName" ] } } }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesS3:AnalyticsApplicationReferenceDataSourcesS3": { "properties": { "bucketArn": { "type": "string", "description": "The S3 Bucket ARN.\n" }, "fileKey": { "type": "string", "description": "The File Key name containing reference data.\n" }, "roleArn": { "type": "string", "description": "The IAM Role ARN to read the data.\n" } }, "type": "object", "required": [ "bucketArn", "fileKey", "roleArn" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchema:AnalyticsApplicationReferenceDataSourcesSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn:AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn" }, "description": "The Record Column mapping for the streaming source data element.\nSee Record Columns below for more details.\n" }, "recordEncoding": { "type": "string", "description": "The Encoding of the record in the streaming source.\n" }, "recordFormat": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat", "description": "The Record Format and mapping information to schematize a record.\nSee Record Format below for more details.\n" } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn:AnalyticsApplicationReferenceDataSourcesSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "The Mapping reference to the data element.\n" }, "name": { "type": "string", "description": "Name of the column.\n" }, "sqlType": { "type": "string", "description": "The SQL Type of the column.\n" } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters", "description": "The Mapping Information for the record format.\nSee Mapping Parameters below for more details.\n" }, "recordFormatType": { "type": "string", "description": "The type of Record Format. Can be `CSV` or `JSON`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recordFormatType" ] } } }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParameters": { "properties": { "csv": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv", "description": "Mapping information when the record format uses delimiters.\nSee CSV Mapping Parameters below for more details.\n" }, "json": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson", "description": "Mapping information when JSON is the record format on the streaming source.\nSee JSON Mapping Parameters below for more details.\n" } }, "type": "object" }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersCsv": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The Column Delimiter.\n" }, "recordRowDelimiter": { "type": "string", "description": "The Row Delimiter.\n" } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesis/AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson:AnalyticsApplicationReferenceDataSourcesSchemaRecordFormatMappingParametersJson": { "properties": { "recordRowPath": { "type": "string", "description": "Path to the top-level parent that contains the records.\n" } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration": { "properties": { "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds between 0 to 900, before delivering it to the destination. The default value is 300s.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs between 1 to 100, before delivering it to the destination. The default value is 5MB.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "clusterEndpoint": { "type": "string", "description": "The endpoint to use when communicating with the cluster. Conflicts with `domain_arn`.\n" }, "domainArn": { "type": "string", "description": "The ARN of the Amazon ES domain. The pattern needs to be `arn:.*`. Conflicts with `cluster_endpoint`.\n" }, "indexName": { "type": "string", "description": "The Elasticsearch index name.\n" }, "indexRotationPeriod": { "type": "string", "description": "The Elasticsearch index rotation period. Index rotation appends a timestamp to the IndexName to facilitate expiration of old data. Valid values are `NoRotation`, `OneHour`, `OneDay`, `OneWeek`, and `OneMonth`. The default value is `OneDay`.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Amazon Elasticsearch, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon ES Configuration API and for indexing documents. The IAM role must have permission for `DescribeElasticsearchDomain`, `DescribeElasticsearchDomains`, and `DescribeElasticsearchDomainConfig`. The pattern needs to be `arn:.*`.\n" }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedDocumentsOnly` and `AllDocuments`. Default value is `FailedDocumentsOnly`.\n", "willReplaceOnChanges": true }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationS3Configuration:FirehoseDeliveryStreamElasticsearchConfigurationS3Configuration", "description": "The S3 Configuration. See `s3_configuration` block below for details.\n" }, "typeName": { "type": "string", "description": "The Elasticsearch type name with maximum length of 100 characters.\n" }, "vpcConfig": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationVpcConfig:FirehoseDeliveryStreamElasticsearchConfigurationVpcConfig", "description": "The VPC configuration for the delivery stream to connect to Elastic Search associated with the VPC. See `vpc_config` block below for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "indexName", "roleArn", "s3Configuration" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "indexName", "roleArn", "s3Configuration" ] } } }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationS3Configuration:FirehoseDeliveryStreamElasticsearchConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamElasticsearchConfigurationVpcConfig:FirehoseDeliveryStreamElasticsearchConfigurationVpcConfig": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon EC2 configuration API and for creating network interfaces. Make sure role has necessary [IAM permissions](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-es-vpc)\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "roleArn", "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "roleArn", "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer" }, "bufferingSize": { "type": "integer" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "customTimeZone": { "type": "string", "description": "The time zone you prefer. Valid values are `UTC` or a non-3-letter IANA time zones (for example, `America/Los_Angeles`). Default value is `UTC`.\n" }, "dataFormatConversionConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration", "description": "Nested argument for the serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3. See `data_format_conversion_configuration` block below for details.\n" }, "dynamicPartitioningConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration", "description": "The configuration for dynamic partitioning. Required when using [dynamic partitioning](https://docs.aws.amazon.com/firehose/latest/dev/dynamic-partitioning.html). See `dynamic_partitioning_configuration` block below for details.\n", "willReplaceOnChanges": true }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "fileExtension": { "type": "string", "description": "The file extension to override the default file extension (for example, `.json`).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "roleArn": { "type": "string" }, "s3BackupConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration", "description": "The configuration for backup in Amazon S3. Required if `s3_backup_mode` is `Enabled`. Supports the same fields as `s3_configuration` object.\n" }, "s3BackupMode": { "type": "string", "description": "The Amazon S3 backup mode. Valid values are `Disabled` and `Enabled`. Default value is `Disabled`.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Defaults to `true`. Set it to `false` if you want to disable format conversion while preserving the configuration details.\n" }, "inputFormatConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration", "description": "Specifies the deserializer that you want Kinesis Data Firehose to use to convert the format of your data from JSON. See `input_format_configuration` block below for details.\n" }, "outputFormatConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration", "description": "Specifies the serializer that you want Kinesis Data Firehose to use to convert the format of your data to the Parquet or ORC format. See `output_format_configuration` block below for details.\n" }, "schemaConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration", "description": "Specifies the AWS Glue Data Catalog table that contains the column information. See `schema_configuration` block below for details.\n" } }, "type": "object", "required": [ "inputFormatConfiguration", "outputFormatConfiguration", "schemaConfiguration" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfiguration": { "properties": { "deserializer": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer", "description": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. See `deserializer` block below for details.\n" } }, "type": "object", "required": [ "deserializer" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializer": { "properties": { "hiveJsonSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe", "description": "Specifies the native Hive / HCatalog JsonSerDe. More details below. See `hive_json_ser_de` block below for details.\n" }, "openXJsonSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe", "description": "Specifies the OpenX SerDe. See `open_x_json_ser_de` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerHiveJsonSerDe": { "properties": { "timestampFormats": { "type": "array", "items": { "type": "string" }, "description": "A list of how you want Kinesis Data Firehose to parse the date and time stamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html). You can also use the special value millis to parse time stamps in epoch milliseconds. If you don't specify a format, Kinesis Data Firehose uses java.sql.Timestamp::valueOf by default.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationInputFormatConfigurationDeserializerOpenXJsonSerDe": { "properties": { "caseInsensitive": { "type": "boolean", "description": "When set to true, which is the default, Kinesis Data Firehose converts JSON keys to lowercase before deserializing them.\n" }, "columnToJsonKeyMappings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, timestamp is a Hive keyword. If you have a JSON key named timestamp, set this parameter to `{ ts = \"timestamp\" }` to map this key to a column named ts.\n" }, "convertDotsInJsonKeysToUnderscores": { "type": "boolean", "description": "When set to `true`, specifies that the names of the keys include dots and that you want Kinesis Data Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option. Defaults to `false`.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfiguration": { "properties": { "serializer": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer", "description": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. See `serializer` block below for details.\n" } }, "type": "object", "required": [ "serializer" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializer": { "properties": { "orcSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe", "description": "Specifies converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://orc.apache.org/docs/). See `orc_ser_de` block below for details.\n" }, "parquetSerDe": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe", "description": "Specifies converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://parquet.apache.org/docs/). More details below.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerOrcSerDe": { "properties": { "blockSizeBytes": { "type": "integer", "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.\n" }, "bloomFilterColumns": { "type": "array", "items": { "type": "string" }, "description": "A list of column names for which you want Kinesis Data Firehose to create bloom filters.\n" }, "bloomFilterFalsePositiveProbability": { "type": "number", "description": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is `0.05`, the minimum is `0`, and the maximum is `1`.\n" }, "compression": { "type": "string", "description": "The compression code to use over data blocks. The default is `SNAPPY`.\n" }, "dictionaryKeyThreshold": { "type": "number", "description": "A float that represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to `1`.\n" }, "enablePadding": { "type": "boolean", "description": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false`.\n" }, "formatVersion": { "type": "string", "description": "The version of the file to write. The possible values are `V0_11` and `V0_12`. The default is `V0_12`.\n" }, "paddingTolerance": { "type": "number", "description": "A float between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is `0.05`, which means 5 percent of stripe size. For the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task. Kinesis Data Firehose ignores this parameter when `enable_padding` is `false`.\n" }, "rowIndexStride": { "type": "integer", "description": "The number of rows between index entries. The default is `10000` and the minimum is `1000`.\n" }, "stripeSizeBytes": { "type": "integer", "description": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationOutputFormatConfigurationSerializerParquetSerDe": { "properties": { "blockSizeBytes": { "type": "integer", "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.\n" }, "compression": { "type": "string", "description": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED`, `SNAPPY`, and `GZIP`, with the default being `SNAPPY`. Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.\n" }, "enableDictionaryCompression": { "type": "boolean", "description": "Indicates whether to enable dictionary compression.\n" }, "maxPaddingBytes": { "type": "integer", "description": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `0`.\n" }, "pageSizeBytes": { "type": "integer", "description": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.\n" }, "writerVersion": { "type": "string", "description": "Indicates the version of row format to output. The possible values are `V1` and `V2`. The default is `V1`.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfigurationSchemaConfiguration": { "properties": { "catalogId": { "type": "string", "description": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.\n" }, "databaseName": { "type": "string", "description": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n" }, "region": { "type": "string", "description": "If you don't specify an AWS Region, the default is the current region.\n" }, "roleArn": { "type": "string", "description": "The role that Kinesis Data Firehose can use to access AWS Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.\n" }, "tableName": { "type": "string", "description": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n" }, "versionId": { "type": "string", "description": "Specifies the table version for the output data schema. Defaults to `LATEST`.\n" } }, "type": "object", "required": [ "databaseName", "roleArn", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "region", "roleArn", "tableName" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables dynamic partitioning. Defaults to `false`.\n", "willReplaceOnChanges": true }, "retryDuration": { "type": "integer", "description": "Total amount of seconds Firehose spends on retries. Valid values between 0 and 7200. Default is 300.\n\n\u003e **NOTE:** You can enable dynamic partitioning only when you create a new delivery stream. Once you enable dynamic partitioning on a delivery stream, it cannot be disabled on this delivery stream. Therefore, the provider will recreate the resource whenever dynamic partitioning is enabled or disabled.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfiguration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer" }, "bufferingSize": { "type": "integer" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamExtendedS3ConfigurationS3BackupConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfiguration:FirehoseDeliveryStreamHttpEndpointConfiguration": { "properties": { "accessKey": { "type": "string", "description": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.\n", "secret": true }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamHttpEndpointConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "name": { "type": "string", "description": "The HTTP endpoint name.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "requestConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfiguration", "description": "The request configuration. See `request_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "Total amount of seconds Firehose spends on retries. This duration starts after the initial attempt fails, It does not include the time periods during which Firehose waits for acknowledgment from the specified destination after each attempt. Valid values between `0` and `7200`. Default is `300`.\n" }, "roleArn": { "type": "string", "description": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs. The pattern needs to be `arn:.*`.\n" }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedDataOnly` and `AllData`. Default value is `FailedDataOnly`.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationS3Configuration:FirehoseDeliveryStreamHttpEndpointConfigurationS3Configuration", "description": "The S3 Configuration. See `s3_configuration` block below for details.\n" }, "secretsManagerConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationSecretsManagerConfiguration", "description": "The Secret Manager Configuration. See `secrets_manager_configuration` block below for details.\n" }, "url": { "type": "string", "description": "The HTTP endpoint URL to which Kinesis Firehose sends your data.\n" } }, "type": "object", "required": [ "s3Configuration", "url" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "requestConfiguration", "s3Configuration", "secretsManagerConfiguration", "url" ] } } }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamHttpEndpointConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamHttpEndpointConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfiguration": { "properties": { "commonAttributes": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttribute:FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttribute" }, "description": "Describes the metadata sent to the HTTP endpoint destination. See `common_attributes` block below for details.\n" }, "contentEncoding": { "type": "string", "description": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. Valid values are `NONE` and `GZIP`. Default value is `NONE`.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttribute:FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttribute": { "properties": { "name": { "type": "string", "description": "The name of the HTTP endpoint common attribute.\n" }, "value": { "type": "string", "description": "The value of the HTTP endpoint common attribute.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationS3Configuration:FirehoseDeliveryStreamHttpEndpointConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamHttpEndpointConfigurationSecretsManagerConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the Secrets Manager configuration.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role the stream assumes.\n" }, "secretArn": { "type": "string", "description": "The ARN of the Secrets Manager secret. This value is required if `enabled` is true.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration": { "properties": { "kinesisStreamArn": { "type": "string", "description": "The kinesis stream used as the source of the firehose delivery stream.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role that provides access to the source Kinesis stream.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "kinesisStreamArn", "roleArn" ] }, "aws:kinesis/FirehoseDeliveryStreamMskSourceConfiguration:FirehoseDeliveryStreamMskSourceConfiguration": { "properties": { "authenticationConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamMskSourceConfigurationAuthenticationConfiguration:FirehoseDeliveryStreamMskSourceConfigurationAuthenticationConfiguration", "description": "The authentication configuration of the Amazon MSK cluster. See `authentication_configuration` block below for details.\n", "willReplaceOnChanges": true }, "mskClusterArn": { "type": "string", "description": "The ARN of the Amazon MSK cluster.\n", "willReplaceOnChanges": true }, "topicName": { "type": "string", "description": "The topic name within the Amazon MSK cluster.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "authenticationConfiguration", "mskClusterArn", "topicName" ] }, "aws:kinesis/FirehoseDeliveryStreamMskSourceConfigurationAuthenticationConfiguration:FirehoseDeliveryStreamMskSourceConfigurationAuthenticationConfiguration": { "properties": { "connectivity": { "type": "string", "description": "The type of connectivity used to access the Amazon MSK cluster. Valid values: `PUBLIC`, `PRIVATE`.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role used to access the Amazon MSK cluster.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "connectivity", "roleArn" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfiguration:FirehoseDeliveryStreamOpensearchConfiguration": { "properties": { "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds between 0 to 900, before delivering it to the destination. The default value is 300s.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs between 1 to 100, before delivering it to the destination. The default value is 5MB.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "clusterEndpoint": { "type": "string", "description": "The endpoint to use when communicating with the cluster. Conflicts with `domain_arn`.\n" }, "documentIdOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationDocumentIdOptions:FirehoseDeliveryStreamOpensearchConfigurationDocumentIdOptions", "description": "The method for setting up document ID. See [`document_id_options` block] below for details.\n" }, "domainArn": { "type": "string", "description": "The ARN of the Amazon ES domain. The pattern needs to be `arn:.*`. Conflicts with `cluster_endpoint`.\n" }, "indexName": { "type": "string", "description": "The OpenSearch index name.\n" }, "indexRotationPeriod": { "type": "string", "description": "The OpenSearch index rotation period. Index rotation appends a timestamp to the IndexName to facilitate expiration of old data. Valid values are `NoRotation`, `OneHour`, `OneDay`, `OneWeek`, and `OneMonth`. The default value is `OneDay`.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Amazon OpenSearch, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon ES Configuration API and for indexing documents. The IAM role must have permission for `DescribeDomain`, `DescribeDomains`, and `DescribeDomainConfig`. The pattern needs to be `arn:.*`.\n" }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedDocumentsOnly` and `AllDocuments`. Default value is `FailedDocumentsOnly`.\n", "willReplaceOnChanges": true }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationS3Configuration:FirehoseDeliveryStreamOpensearchConfigurationS3Configuration", "description": "The S3 Configuration. See `s3_configuration` block below for details.\n" }, "typeName": { "type": "string", "description": "The Elasticsearch type name with maximum length of 100 characters. Types are deprecated in OpenSearch_1.1. TypeName must be empty.\n" }, "vpcConfig": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationVpcConfig:FirehoseDeliveryStreamOpensearchConfigurationVpcConfig", "description": "The VPC configuration for the delivery stream to connect to OpenSearch associated with the VPC. See `vpc_config` block below for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "indexName", "roleArn", "s3Configuration" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "indexName", "roleArn", "s3Configuration" ] } } }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationDocumentIdOptions:FirehoseDeliveryStreamOpensearchConfigurationDocumentIdOptions": { "properties": { "defaultDocumentIdFormat": { "type": "string", "description": "The method for setting up document ID. Valid values: `FIREHOSE_DEFAULT`, `NO_DOCUMENT_ID`.\n" } }, "type": "object", "required": [ "defaultDocumentIdFormat" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfiguration:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationS3Configuration:FirehoseDeliveryStreamOpensearchConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchConfigurationVpcConfig:FirehoseDeliveryStreamOpensearchConfigurationVpcConfig": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon EC2 configuration API and for creating network interfaces. Make sure role has necessary [IAM permissions](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-es-vpc)\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "roleArn", "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "roleArn", "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfiguration": { "properties": { "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds between 0 to 900, before delivering it to the destination. The default value is 300s.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs between 1 to 100, before delivering it to the destination. The default value is 5MB.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchserverlessConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "collectionEndpoint": { "type": "string", "description": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.\n" }, "indexName": { "type": "string", "description": "The Serverless offering for Amazon OpenSearch Service index name.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time, in seconds between 0 to 7200, during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents. The pattern needs to be `arn:.*`.\n" }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedDocumentsOnly` and `AllDocuments`. Default value is `FailedDocumentsOnly`.\n", "willReplaceOnChanges": true }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationS3Configuration:FirehoseDeliveryStreamOpensearchserverlessConfigurationS3Configuration", "description": "The S3 Configuration. See `s3_configuration` block below for details.\n" }, "vpcConfig": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationVpcConfig:FirehoseDeliveryStreamOpensearchserverlessConfigurationVpcConfig", "description": "The VPC configuration for the delivery stream to connect to OpenSearch Serverless associated with the VPC. See `vpc_config` block below for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "collectionEndpoint", "indexName", "roleArn", "s3Configuration" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "collectionEndpoint", "indexName", "roleArn", "s3Configuration" ] } } }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchserverlessConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationS3Configuration:FirehoseDeliveryStreamOpensearchserverlessConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfigurationVpcConfig:FirehoseDeliveryStreamOpensearchserverlessConfigurationVpcConfig": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the IAM role to be assumed by Firehose for calling the Amazon EC2 configuration API and for creating network interfaces. Make sure role has necessary [IAM permissions](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-es-vpc)\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with Kinesis Firehose.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "roleArn", "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "roleArn", "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration": { "properties": { "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "clusterJdbcurl": { "type": "string", "description": "The jdbcurl of the redshift cluster.\n" }, "copyOptions": { "type": "string", "description": "Copy options for copying the data from the s3 intermediate bucket into redshift, for example to change the default delimiter. For valid values, see the [AWS documentation](http://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html)\n" }, "dataTableColumns": { "type": "string", "description": "The data table columns that will be targeted by the copy command.\n" }, "dataTableName": { "type": "string", "description": "The name of the table in the redshift cluster that the s3 bucket will copy to.\n" }, "password": { "type": "string", "description": "The password for the username above. This value is required if `secrets_manager_configuration` is not provided.\n", "secret": true }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of DurationInSeconds is 0 (zero) or if the first delivery attempt takes longer than the current value.\n" }, "roleArn": { "type": "string", "description": "The arn of the role the stream assumes.\n" }, "s3BackupConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration", "description": "The configuration for backup in Amazon S3. Required if `s3_backup_mode` is `Enabled`. Supports the same fields as `s3_configuration` object.\n`secrets_manager_configuration` - (Optional) The Secrets Manager configuration. See `secrets_manager_configuration` block below for details. This value is required if `username` and `password` are not provided.\n" }, "s3BackupMode": { "type": "string", "description": "The Amazon S3 backup mode. Valid values are `Disabled` and `Enabled`. Default value is `Disabled`.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3Configuration:FirehoseDeliveryStreamRedshiftConfigurationS3Configuration", "description": "The S3 Configuration. See s3_configuration below for details.\n" }, "secretsManagerConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamRedshiftConfigurationSecretsManagerConfiguration" }, "username": { "type": "string", "description": "The username that the firehose delivery stream will assume. It is strongly recommended that the username and password provided is used exclusively for Amazon Kinesis Firehose purposes, and that the permissions for the account are restricted for Amazon Redshift INSERT permissions. This value is required if `secrets_manager_configuration` is not provided.\n" } }, "type": "object", "required": [ "clusterJdbcurl", "dataTableName", "roleArn", "s3Configuration" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "clusterJdbcurl", "dataTableName", "roleArn", "s3Configuration", "secretsManagerConfiguration" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamRedshiftConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfiguration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer" }, "bufferingSize": { "type": "integer" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3Configuration:FirehoseDeliveryStreamRedshiftConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamRedshiftConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamRedshiftConfigurationSecretsManagerConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the Secrets Manager configuration.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role the stream assumes.\n" }, "secretArn": { "type": "string", "description": "The ARN of the Secrets Manager secret. This value is required if `enabled` is true.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. Default is `false`.\n" }, "keyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the encryption key. Required when `key_type` is `CUSTOMER_MANAGED_CMK`.\n" }, "keyType": { "type": "string", "description": "Type of encryption key. Default is `AWS_OWNED_CMK`. Valid values are `AWS_OWNED_CMK` and `CUSTOMER_MANAGED_CMK`\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfiguration:FirehoseDeliveryStreamSnowflakeConfiguration": { "properties": { "accountUrl": { "type": "string", "description": "The URL of the Snowflake account. Format: https://[account_identifier].snowflakecomputing.com.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSnowflakeConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "contentColumnName": { "type": "string", "description": "The name of the content column.\n" }, "dataLoadingOption": { "type": "string", "description": "The data loading option.\n" }, "database": { "type": "string", "description": "The Snowflake database name.\n" }, "keyPassphrase": { "type": "string", "description": "The passphrase for the private key.\n", "secret": true }, "metadataColumnName": { "type": "string", "description": "The name of the metadata column.\n" }, "privateKey": { "type": "string", "description": "The private key for authentication. This value is required if `secrets_manager_configuration` is not provided.\n", "secret": true }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfiguration", "description": "The processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Snowflake, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 60s. There will be no retry if the value is 0.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role.\n" }, "s3BackupMode": { "type": "string", "description": "The S3 backup mode.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationS3Configuration:FirehoseDeliveryStreamSnowflakeConfigurationS3Configuration", "description": "The S3 configuration. See `s3_configuration` block below for details.\n" }, "schema": { "type": "string", "description": "The Snowflake schema name.\n" }, "secretsManagerConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSecretsManagerConfiguration", "description": "The Secrets Manager configuration. See `secrets_manager_configuration` block below for details. This value is required if `user` and `private_key` are not provided.\n" }, "snowflakeRoleConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeRoleConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeRoleConfiguration", "description": "The configuration for Snowflake role.\n" }, "snowflakeVpcConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeVpcConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeVpcConfiguration", "description": "The VPC configuration for Snowflake.\n" }, "table": { "type": "string", "description": "The Snowflake table name.\n" }, "user": { "type": "string", "description": "The user for authentication. This value is required if `secrets_manager_configuration` is not provided.\n" } }, "type": "object", "required": [ "accountUrl", "database", "roleArn", "s3Configuration", "schema", "table" ], "language": { "nodejs": { "requiredOutputs": [ "accountUrl", "cloudwatchLoggingOptions", "database", "roleArn", "s3Configuration", "schema", "secretsManagerConfiguration", "table" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSnowflakeConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSnowflakeConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationS3Configuration:FirehoseDeliveryStreamSnowflakeConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSecretsManagerConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the Secrets Manager configuration.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role the stream assumes.\n" }, "secretArn": { "type": "string", "description": "The ARN of the Secrets Manager secret. This value is required if `enabled` is true.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeRoleConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeRoleConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Whether the Snowflake role is enabled.\n" }, "snowflakeRole": { "type": "string", "description": "The Snowflake role.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeVpcConfiguration:FirehoseDeliveryStreamSnowflakeConfigurationSnowflakeVpcConfiguration": { "properties": { "privateLinkVpceId": { "type": "string", "description": "The VPCE ID for Firehose to privately connect with Snowflake.\n" } }, "type": "object", "required": [ "privateLinkVpceId" ] }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration": { "properties": { "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds between 0 to 60, before delivering it to the destination. The default value is 60s.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs between 1 to 5, before delivering it to the destination. The default value is 5MB.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "hecAcknowledgmentTimeout": { "type": "integer", "description": "The amount of time, in seconds between 180 and 600, that Kinesis Firehose waits to receive an acknowledgment from Splunk after it sends it data.\n" }, "hecEndpoint": { "type": "string", "description": "The HTTP Event Collector (HEC) endpoint to which Kinesis Firehose sends your data.\n" }, "hecEndpointType": { "type": "string", "description": "The HEC endpoint type. Valid values are `Raw` or `Event`. The default value is `Raw`.\n" }, "hecToken": { "type": "string", "description": "The GUID that you obtain from your Splunk cluster when you create a new HEC endpoint. This value is required if `secrets_manager_configuration` is not provided.\n" }, "processingConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration:FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration", "description": "The data processing configuration. See `processing_configuration` block below for details.\n" }, "retryDuration": { "type": "integer", "description": "After an initial failure to deliver to Splunk, the total amount of time, in seconds between 0 to 7200, during which Firehose re-attempts delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. The default value is 300s. There will be no retry if the value is 0.\n" }, "s3BackupMode": { "type": "string", "description": "Defines how documents should be delivered to Amazon S3. Valid values are `FailedEventsOnly` and `AllEvents`. Default value is `FailedEventsOnly`.\n`secrets_manager_configuration` - (Optional) The Secrets Manager configuration. See `secrets_manager_configuration` block below for details. This value is required if `hec_token` is not provided.\n" }, "s3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationS3Configuration:FirehoseDeliveryStreamSplunkConfigurationS3Configuration", "description": "The S3 Configuration. See `s3_configuration` block below for details.\n" }, "secretsManagerConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamSplunkConfigurationSecretsManagerConfiguration" } }, "type": "object", "required": [ "hecEndpoint", "s3Configuration" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptions", "hecEndpoint", "s3Configuration", "secretsManagerConfiguration" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration:FirehoseDeliveryStreamSplunkConfigurationProcessingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables data processing.\n" }, "processors": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor" }, "description": "Specifies the data processors as multiple blocks. See `processors` block below for details.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessor": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter" }, "description": "Specifies the processor parameters as multiple blocks. See `parameters` block below for details.\n" }, "type": { "type": "string", "description": "The type of processor. Valid Values: `RecordDeAggregation`, `Lambda`, `MetadataExtraction`, `AppendDelimiterToRecord`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" } }, "type": "object", "required": [ "type" ] }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter:FirehoseDeliveryStreamSplunkConfigurationProcessingConfigurationProcessorParameter": { "properties": { "parameterName": { "type": "string", "description": "Parameter name. Valid Values: `LambdaArn`, `NumberOfRetries`, `MetadataExtractionQuery`, `JsonParsingEngine`, `RoleArn`, `BufferSizeInMBs`, `BufferIntervalInSeconds`, `SubRecordType`, `Delimiter`. Validation is done against [AWS SDK constants](https://docs.aws.amazon.com/sdk-for-go/api/service/firehose/#pkg-constants); so that values not explicitly listed may also work.\n" }, "parameterValue": { "type": "string", "description": "Parameter value. Must be between 1 and 512 length (inclusive). When providing a Lambda ARN, you should specify the resource version as well.\n\n\u003e **NOTE:** Parameters with default values, including `NumberOfRetries`(default: 3), `RoleArn`(default: firehose role ARN), `BufferSizeInMBs`(default: 1), and `BufferIntervalInSeconds`(default: 60), are not stored in Pulumi state. To prevent perpetual differences, it is therefore recommended to only include parameters with non-default values.\n" } }, "type": "object", "required": [ "parameterName", "parameterValue" ] }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationS3Configuration:FirehoseDeliveryStreamSplunkConfigurationS3Configuration": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket\n" }, "bufferingInterval": { "type": "integer", "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300.\n" }, "bufferingSize": { "type": "integer", "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\nWe recommend setting SizeInMBs to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec set SizeInMBs to be 10 MB or higher.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationCloudwatchLoggingOptions", "description": "The CloudWatch Logging Options for the delivery stream. See `cloudwatch_logging_options` block below for details.\n" }, "compressionFormat": { "type": "string", "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED`. Other supported values are `GZIP`, `ZIP`, `Snappy`, \u0026 `HADOOP_SNAPPY`.\n" }, "errorOutputPrefix": { "type": "string", "description": "Prefix added to failed records before writing them to S3. Not currently supported for `redshift` destination. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html).\n" }, "kmsKeyArn": { "type": "string", "description": "Specifies the KMS key ARN the stream will use to encrypt data. If not set, no encryption will\nbe used.\n" }, "prefix": { "type": "string", "description": "The \"YYYY/MM/DD/HH\" time format prefix is automatically used for delivered S3 files. You can specify an extra prefix to be added in front of the time format prefix. Note that if the prefix ends with a slash, it appears as a folder in the S3 bucket\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS credentials.\n" } }, "type": "object", "required": [ "bucketArn", "roleArn" ], "language": { "nodejs": { "requiredOutputs": [ "bucketArn", "cloudwatchLoggingOptions", "roleArn" ] } } }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationCloudwatchLoggingOptions:FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationCloudwatchLoggingOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the logging. Defaults to `false`.\n" }, "logGroupName": { "type": "string", "description": "The CloudWatch group name for logging. This value is required if `enabled` is true.\n" }, "logStreamName": { "type": "string", "description": "The CloudWatch log stream name for logging. This value is required if `enabled` is true.\n" } }, "type": "object" }, "aws:kinesis/FirehoseDeliveryStreamSplunkConfigurationSecretsManagerConfiguration:FirehoseDeliveryStreamSplunkConfigurationSecretsManagerConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "Enables or disables the Secrets Manager configuration.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the role the stream assumes.\n" }, "secretArn": { "type": "string", "description": "The ARN of the Secrets Manager secret. This value is required if `enabled` is true.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:kinesis/StreamStreamModeDetails:StreamStreamModeDetails": { "properties": { "streamMode": { "type": "string", "description": "Specifies the capacity mode of the stream. Must be either `PROVISIONED` or `ON_DEMAND`.\n" } }, "type": "object", "required": [ "streamMode" ] }, "aws:kinesis/getStreamStreamModeDetail:getStreamStreamModeDetail": { "properties": { "streamMode": { "type": "string", "description": "Capacity mode of the stream. Either `ON_DEMAND` or `PROVISIONED`.\n" } }, "type": "object", "required": [ "streamMode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfiguration:ApplicationApplicationConfiguration": { "properties": { "applicationCodeConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfiguration:ApplicationApplicationConfigurationApplicationCodeConfiguration", "description": "The code location and type parameters for the application.\n" }, "applicationSnapshotConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationSnapshotConfiguration:ApplicationApplicationConfigurationApplicationSnapshotConfiguration", "description": "Describes whether snapshots are enabled for a Flink-based application.\n" }, "environmentProperties": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationEnvironmentProperties:ApplicationApplicationConfigurationEnvironmentProperties", "description": "Describes execution properties for a Flink-based application.\n" }, "flinkApplicationConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfiguration", "description": "The configuration of a Flink-based application.\n" }, "runConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfiguration:ApplicationApplicationConfigurationRunConfiguration", "description": "Describes the starting properties for a Flink-based application.\n" }, "sqlApplicationConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfiguration:ApplicationApplicationConfigurationSqlApplicationConfiguration", "description": "The configuration of a SQL-based application.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationVpcConfiguration:ApplicationApplicationConfigurationVpcConfiguration", "description": "The VPC configuration of a Flink-based application.\n" } }, "type": "object", "required": [ "applicationCodeConfiguration" ], "language": { "nodejs": { "requiredOutputs": [ "applicationCodeConfiguration", "applicationSnapshotConfiguration", "flinkApplicationConfiguration", "runConfiguration" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfiguration:ApplicationApplicationConfigurationApplicationCodeConfiguration": { "properties": { "codeContent": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContent:ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContent", "description": "The location and type of the application code.\n" }, "codeContentType": { "type": "string", "description": "Specifies whether the code content is in text or zip format. Valid values: `PLAINTEXT`, `ZIPFILE`.\n" } }, "type": "object", "required": [ "codeContentType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContent:ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContent": { "properties": { "s3ContentLocation": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocation:ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocation", "description": "Information about the Amazon S3 bucket containing the application code.\n" }, "textContent": { "type": "string", "description": "The text-format code for the application.\n" } }, "type": "object" }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocation:ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocation": { "properties": { "bucketArn": { "type": "string", "description": "The ARN for the S3 bucket containing the application code.\n" }, "fileKey": { "type": "string", "description": "The file key for the object containing the application code.\n" }, "objectVersion": { "type": "string", "description": "The version of the object containing the application code.\n" } }, "type": "object", "required": [ "bucketArn", "fileKey" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationApplicationSnapshotConfiguration:ApplicationApplicationConfigurationApplicationSnapshotConfiguration": { "properties": { "snapshotsEnabled": { "type": "boolean", "description": "Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application.\n" } }, "type": "object", "required": [ "snapshotsEnabled" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationEnvironmentProperties:ApplicationApplicationConfigurationEnvironmentProperties": { "properties": { "propertyGroups": { "type": "array", "items": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroup:ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroup" }, "description": "Describes the execution property groups.\n" } }, "type": "object", "required": [ "propertyGroups" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroup:ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroup": { "properties": { "propertyGroupId": { "type": "string", "description": "The key of the application execution property key-value map.\n" }, "propertyMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Application execution property key-value map.\n" } }, "type": "object", "required": [ "propertyGroupId", "propertyMap" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfiguration": { "properties": { "checkpointConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfiguration", "description": "Describes an application's checkpointing configuration.\n" }, "monitoringConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfiguration", "description": "Describes configuration parameters for CloudWatch logging for an application.\n" }, "parallelismConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfiguration", "description": "Describes parameters for how an application executes multiple tasks simultaneously.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "checkpointConfiguration", "monitoringConfiguration", "parallelismConfiguration" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfiguration": { "properties": { "checkpointInterval": { "type": "integer", "description": "Describes the interval in milliseconds between checkpoint operations.\n" }, "checkpointingEnabled": { "type": "boolean", "description": "Describes whether checkpointing is enabled for a Flink-based Kinesis Data Analytics application.\n" }, "configurationType": { "type": "string", "description": "Describes whether the application uses Kinesis Data Analytics' default checkpointing behavior. Valid values: `CUSTOM`, `DEFAULT`. Set this attribute to `CUSTOM` in order for any specified `checkpointing_enabled`, `checkpoint_interval`, or `min_pause_between_checkpoints` attribute values to be effective. If this attribute is set to `DEFAULT`, the application will always use the following values:\n* `checkpointing_enabled = true`\n* `checkpoint_interval = 60000`\n* `min_pause_between_checkpoints = 5000`\n" }, "minPauseBetweenCheckpoints": { "type": "integer", "description": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start.\n" } }, "type": "object", "required": [ "configurationType" ], "language": { "nodejs": { "requiredOutputs": [ "checkpointInterval", "checkpointingEnabled", "configurationType", "minPauseBetweenCheckpoints" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfiguration": { "properties": { "configurationType": { "type": "string", "description": "Describes whether to use the default CloudWatch logging configuration for an application. Valid values: `CUSTOM`, `DEFAULT`. Set this attribute to `CUSTOM` in order for any specified `log_level` or `metrics_level` attribute values to be effective.\n" }, "logLevel": { "type": "string", "description": "Describes the verbosity of the CloudWatch Logs for an application. Valid values: `DEBUG`, `ERROR`, `INFO`, `WARN`.\n" }, "metricsLevel": { "type": "string", "description": "Describes the granularity of the CloudWatch Logs for an application. Valid values: `APPLICATION`, `OPERATOR`, `PARALLELISM`, `TASK`.\n" } }, "type": "object", "required": [ "configurationType" ], "language": { "nodejs": { "requiredOutputs": [ "configurationType", "logLevel", "metricsLevel" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfiguration:ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfiguration": { "properties": { "autoScalingEnabled": { "type": "boolean", "description": "Describes whether the Kinesis Data Analytics service can increase the parallelism of the application in response to increased throughput.\n" }, "configurationType": { "type": "string", "description": "Describes whether the application uses the default parallelism for the Kinesis Data Analytics service. Valid values: `CUSTOM`, `DEFAULT`. Set this attribute to `CUSTOM` in order for any specified `auto_scaling_enabled`, `parallelism`, or `parallelism_per_kpu` attribute values to be effective.\n" }, "parallelism": { "type": "integer", "description": "Describes the initial number of parallel tasks that a Flink-based Kinesis Data Analytics application can perform.\n" }, "parallelismPerKpu": { "type": "integer", "description": "Describes the number of parallel tasks that a Flink-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application.\n" } }, "type": "object", "required": [ "configurationType" ], "language": { "nodejs": { "requiredOutputs": [ "autoScalingEnabled", "configurationType", "parallelism", "parallelismPerKpu" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfiguration:ApplicationApplicationConfigurationRunConfiguration": { "properties": { "applicationRestoreConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfigurationApplicationRestoreConfiguration:ApplicationApplicationConfigurationRunConfigurationApplicationRestoreConfiguration", "description": "The restore behavior of a restarting application.\n" }, "flinkRunConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfigurationFlinkRunConfiguration:ApplicationApplicationConfigurationRunConfigurationFlinkRunConfiguration", "description": "The starting parameters for a Flink-based Kinesis Data Analytics application.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "applicationRestoreConfiguration", "flinkRunConfiguration" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfigurationApplicationRestoreConfiguration:ApplicationApplicationConfigurationRunConfigurationApplicationRestoreConfiguration": { "properties": { "applicationRestoreType": { "type": "string", "description": "Specifies how the application should be restored. Valid values: `RESTORE_FROM_CUSTOM_SNAPSHOT`, `RESTORE_FROM_LATEST_SNAPSHOT`, `SKIP_RESTORE_FROM_SNAPSHOT`.\n" }, "snapshotName": { "type": "string", "description": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for `application_restore_type`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "applicationRestoreType" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationRunConfigurationFlinkRunConfiguration:ApplicationApplicationConfigurationRunConfigurationFlinkRunConfiguration": { "properties": { "allowNonRestoredState": { "type": "boolean", "description": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. Default is `false`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "allowNonRestoredState" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfiguration:ApplicationApplicationConfigurationSqlApplicationConfiguration": { "properties": { "input": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInput", "description": "The input stream used by the application.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutput" }, "description": "The destination streams used by the application.\n" }, "referenceDataSource": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSource:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSource", "description": "The reference data source used by the application.\n" } }, "type": "object" }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInput": { "properties": { "inAppStreamNames": { "type": "array", "items": { "type": "string" } }, "inputId": { "type": "string" }, "inputParallelism": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelism:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelism", "description": "Describes the number of in-application streams to create.\n" }, "inputProcessingConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfiguration:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfiguration", "description": "The input processing configuration for the input.\nAn input processor transforms records as they are received from the stream, before the application's SQL code executes.\n" }, "inputSchema": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchema", "description": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n" }, "inputStartingPositionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputStartingPositionConfiguration:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputStartingPositionConfiguration" }, "description": "The point at which the application starts processing records from the streaming source.\n" }, "kinesisFirehoseInput": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisFirehoseInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisFirehoseInput", "description": "If the streaming source is a Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.\n" }, "kinesisStreamsInput": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInput", "description": "If the streaming source is a Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).\n" }, "namePrefix": { "type": "string", "description": "The name prefix to use when creating an in-application stream.\n" } }, "type": "object", "required": [ "inputSchema", "namePrefix" ], "language": { "nodejs": { "requiredOutputs": [ "inAppStreamNames", "inputId", "inputParallelism", "inputSchema", "inputStartingPositionConfigurations", "namePrefix" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelism:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelism": { "properties": { "count": { "type": "integer", "description": "The number of in-application streams to create.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "count" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfiguration:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfiguration": { "properties": { "inputLambdaProcessor": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfigurationInputLambdaProcessor:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfigurationInputLambdaProcessor", "description": "Describes the Lambda function that is used to preprocess the records in the stream before being processed by your application code.\n" } }, "type": "object", "required": [ "inputLambdaProcessor" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfigurationInputLambdaProcessor:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputProcessingConfigurationInputLambdaProcessor": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the Lambda function that operates on records in the stream.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumn:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumn" }, "description": "Describes the mapping of each data element in the streaming source to the corresponding column in the in-application stream.\n" }, "recordEncoding": { "type": "string", "description": "Specifies the encoding of the records in the streaming source. For example, `UTF-8`.\n" }, "recordFormat": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormat:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormat", "description": "Specifies the format of the records on the streaming source.\n" } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumn:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "A reference to the data element in the streaming input or the reference data source.\n" }, "name": { "type": "string", "description": "The name of the column that is created in the in-application input stream or reference table.\n" }, "sqlType": { "type": "string", "description": "The type of column created in the in-application input stream or reference table.\n" } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormat:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParameters", "description": "Provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.\n" }, "recordFormatType": { "type": "string", "description": "The type of record format. Valid values: `CSV`, `JSON`.\n" } }, "type": "object", "required": [ "mappingParameters", "recordFormatType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParameters": { "properties": { "csvMappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParameters", "description": "Provides additional mapping information when the record format uses delimiters (for example, CSV).\n" }, "jsonMappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersJsonMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersJsonMappingParameters", "description": "Provides additional mapping information when JSON is the record format on the streaming source.\n" } }, "type": "object" }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParameters": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The column delimiter. For example, in a CSV format, a comma (`,`) is the typical column delimiter.\n" }, "recordRowDelimiter": { "type": "string", "description": "The row delimiter. For example, in a CSV format, `\\n` is the typical row delimiter.\n" } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersJsonMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersJsonMappingParameters": { "properties": { "recordRowPath": { "type": "string", "description": "The path to the top-level parent that contains the records.\n" } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputStartingPositionConfiguration:ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputStartingPositionConfiguration": { "properties": { "inputStartingPosition": { "type": "string", "description": "The starting position on the stream. Valid values: `LAST_STOPPED_POINT`, `NOW`, `TRIM_HORIZON`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "inputStartingPosition" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisFirehoseInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisFirehoseInput": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the delivery stream.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInput:ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInput": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the input Kinesis data stream to read.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutput": { "properties": { "destinationSchema": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchema", "description": "Describes the data format when records are written to the destination.\n" }, "kinesisFirehoseOutput": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutput", "description": "Identifies a Kinesis Data Firehose delivery stream as the destination.\n" }, "kinesisStreamsOutput": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisStreamsOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisStreamsOutput", "description": "Identifies a Kinesis data stream as the destination.\n" }, "lambdaOutput": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutput", "description": "Identifies a Lambda function as the destination.\n" }, "name": { "type": "string", "description": "The name of the in-application stream.\n" }, "outputId": { "type": "string" } }, "type": "object", "required": [ "destinationSchema", "name" ], "language": { "nodejs": { "requiredOutputs": [ "destinationSchema", "name", "outputId" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchema": { "properties": { "recordFormatType": { "type": "string", "description": "Specifies the format of the records on the output stream. Valid values: `CSV`, `JSON`.\n" } }, "type": "object", "required": [ "recordFormatType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutput": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the destination delivery stream to write to.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisStreamsOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisStreamsOutput": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the destination Kinesis data stream to write to.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutput:ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutput": { "properties": { "resourceArn": { "type": "string", "description": "The ARN of the destination Lambda function to write to.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSource:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSource": { "properties": { "referenceId": { "type": "string" }, "referenceSchema": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchema", "description": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.\n" }, "s3ReferenceDataSource": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSource:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSource", "description": "Identifies the S3 bucket and object that contains the reference data.\n" }, "tableName": { "type": "string", "description": "The name of the in-application table to create.\n" } }, "type": "object", "required": [ "referenceSchema", "s3ReferenceDataSource", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "referenceId", "referenceSchema", "s3ReferenceDataSource", "tableName" ] } } }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchema:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchema": { "properties": { "recordColumns": { "type": "array", "items": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumn:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumn" }, "description": "Describes the mapping of each data element in the streaming source to the corresponding column in the in-application stream.\n" }, "recordEncoding": { "type": "string", "description": "Specifies the encoding of the records in the streaming source. For example, `UTF-8`.\n" }, "recordFormat": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormat:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormat", "description": "Specifies the format of the records on the streaming source.\n" } }, "type": "object", "required": [ "recordColumns", "recordFormat" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumn:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumn": { "properties": { "mapping": { "type": "string", "description": "A reference to the data element in the streaming input or the reference data source.\n" }, "name": { "type": "string", "description": "The name of the column that is created in the in-application input stream or reference table.\n" }, "sqlType": { "type": "string", "description": "The type of column created in the in-application input stream or reference table.\n" } }, "type": "object", "required": [ "name", "sqlType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormat:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormat": { "properties": { "mappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParameters", "description": "Provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.\n" }, "recordFormatType": { "type": "string", "description": "The type of record format. Valid values: `CSV`, `JSON`.\n" } }, "type": "object", "required": [ "mappingParameters", "recordFormatType" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParameters": { "properties": { "csvMappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersCsvMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersCsvMappingParameters", "description": "Provides additional mapping information when the record format uses delimiters (for example, CSV).\n" }, "jsonMappingParameters": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParameters", "description": "Provides additional mapping information when JSON is the record format on the streaming source.\n" } }, "type": "object" }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersCsvMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersCsvMappingParameters": { "properties": { "recordColumnDelimiter": { "type": "string", "description": "The column delimiter. For example, in a CSV format, a comma (`,`) is the typical column delimiter.\n" }, "recordRowDelimiter": { "type": "string", "description": "The row delimiter. For example, in a CSV format, `\\n` is the typical row delimiter.\n" } }, "type": "object", "required": [ "recordColumnDelimiter", "recordRowDelimiter" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParameters:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParameters": { "properties": { "recordRowPath": { "type": "string", "description": "The path to the top-level parent that contains the records.\n" } }, "type": "object", "required": [ "recordRowPath" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSource:ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSource": { "properties": { "bucketArn": { "type": "string", "description": "The ARN of the S3 bucket.\n" }, "fileKey": { "type": "string", "description": "The object key name containing the reference data.\n" } }, "type": "object", "required": [ "bucketArn", "fileKey" ] }, "aws:kinesisanalyticsv2/ApplicationApplicationConfigurationVpcConfiguration:ApplicationApplicationConfigurationVpcConfiguration": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The Security Group IDs used by the VPC configuration.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The Subnet IDs used by the VPC configuration.\n" }, "vpcConfigurationId": { "type": "string" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds", "vpcConfigurationId", "vpcId" ] } } }, "aws:kinesisanalyticsv2/ApplicationCloudwatchLoggingOptions:ApplicationCloudwatchLoggingOptions": { "properties": { "cloudwatchLoggingOptionId": { "type": "string" }, "logStreamArn": { "type": "string", "description": "The ARN of the CloudWatch log stream to receive application messages.\n" } }, "type": "object", "required": [ "logStreamArn" ], "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLoggingOptionId", "logStreamArn" ] } } }, "aws:kms/GrantConstraint:GrantConstraint": { "properties": { "encryptionContextEquals": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that must match the encryption context in subsequent cryptographic operation requests. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint. Conflicts with `encryption_context_subset`.\n", "willReplaceOnChanges": true }, "encryptionContextSubset": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs that must be included in the encryption context of subsequent cryptographic operation requests. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs. Conflicts with `encryption_context_equals`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:kms/getKeyMultiRegionConfiguration:getKeyMultiRegionConfiguration": { "properties": { "multiRegionKeyType": { "type": "string", "description": "Indicates whether the KMS key is a `PRIMARY` or `REPLICA` key.\n" }, "primaryKeys": { "type": "array", "items": { "$ref": "#/types/aws:kms/getKeyMultiRegionConfigurationPrimaryKey:getKeyMultiRegionConfigurationPrimaryKey" }, "description": "The key ARN and Region of the primary key. This is the current KMS key if it is the primary key.\n" }, "replicaKeys": { "type": "array", "items": { "$ref": "#/types/aws:kms/getKeyMultiRegionConfigurationReplicaKey:getKeyMultiRegionConfigurationReplicaKey" }, "description": "The key ARNs and Regions of all replica keys. Includes the current KMS key if it is a replica key.\n" } }, "type": "object", "required": [ "multiRegionKeyType", "primaryKeys", "replicaKeys" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kms/getKeyMultiRegionConfigurationPrimaryKey:getKeyMultiRegionConfigurationPrimaryKey": { "properties": { "arn": { "type": "string", "description": "The key ARN of a primary or replica key of a multi-Region key.\n" }, "region": { "type": "string", "description": "The AWS Region of a primary or replica key in a multi-Region key.\n" } }, "type": "object", "required": [ "arn", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kms/getKeyMultiRegionConfigurationReplicaKey:getKeyMultiRegionConfigurationReplicaKey": { "properties": { "arn": { "type": "string", "description": "The key ARN of a primary or replica key of a multi-Region key.\n" }, "region": { "type": "string", "description": "The AWS Region of a primary or replica key in a multi-Region key.\n" } }, "type": "object", "required": [ "arn", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kms/getKeyXksKeyConfiguration:getKeyXksKeyConfiguration": { "properties": { "id": { "type": "string", "description": "The globally unique identifier for the key\n" } }, "type": "object", "required": [ "id" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:kms/getSecretSecret:getSecretSecret": { "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" } }, "grantTokens": { "type": "array", "items": { "type": "string" } }, "name": { "type": "string" }, "payload": { "type": "string" } }, "type": "object", "required": [ "name", "payload" ] }, "aws:kms/getSecretsSecret:getSecretsSecret": { "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the Encryption Context for the secret.\n" }, "encryptionAlgorithm": { "type": "string", "description": "The encryption algorithm that will be used to decrypt the ciphertext. This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. Valid Values: SYMMETRIC_DEFAULT | RSAES_OAEP_SHA_1 | RSAES_OAEP_SHA_256 | SM2PKE\n" }, "grantTokens": { "type": "array", "items": { "type": "string" }, "description": "An optional list of Grant Tokens for the secret.\n" }, "keyId": { "type": "string", "description": "Specifies the KMS key that AWS KMS uses to decrypt the ciphertext. This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.\n\nFor more information on `context` and `grant_tokens` see the [KMS\nConcepts](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html)\n" }, "name": { "type": "string", "description": "Name to export this secret under in the attributes.\n" }, "payload": { "type": "string", "description": "Base64 encoded payload, as returned from a KMS encrypt operation.\n" } }, "type": "object", "required": [ "name", "payload" ] }, "aws:lakeformation/DataCellsFilterTableData:DataCellsFilterTableData": { "properties": { "columnNames": { "type": "array", "items": { "type": "string" }, "description": "A list of column names and/or nested column attributes.\n" }, "columnWildcard": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableDataColumnWildcard:DataCellsFilterTableDataColumnWildcard", "description": "A wildcard with exclusions. See Column Wildcard below for details.\n" }, "databaseName": { "type": "string", "description": "The name of the database.\n" }, "name": { "type": "string", "description": "The name of the data cells filter.\n" }, "rowFilter": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableDataRowFilter:DataCellsFilterTableDataRowFilter", "description": "A PartiQL predicate. See Row Filter below for details.\n" }, "tableCatalogId": { "type": "string", "description": "The ID of the Data Catalog.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n" }, "versionId": { "type": "string", "description": "ID of the data cells filter version.\n" } }, "type": "object", "required": [ "databaseName", "name", "tableCatalogId", "tableName" ], "language": { "nodejs": { "requiredOutputs": [ "columnNames", "databaseName", "name", "tableCatalogId", "tableName", "versionId" ] } } }, "aws:lakeformation/DataCellsFilterTableDataColumnWildcard:DataCellsFilterTableDataColumnWildcard": { "properties": { "excludedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Excludes column names. Any column with this name will be excluded.\n" } }, "type": "object" }, "aws:lakeformation/DataCellsFilterTableDataRowFilter:DataCellsFilterTableDataRowFilter": { "properties": { "allRowsWildcard": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableDataRowFilterAllRowsWildcard:DataCellsFilterTableDataRowFilterAllRowsWildcard", "description": "(Optional) A wildcard that matches all rows.\n" }, "filterExpression": { "type": "string", "description": "(Optional) A filter expression.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "filterExpression" ] } } }, "aws:lakeformation/DataCellsFilterTableDataRowFilterAllRowsWildcard:DataCellsFilterTableDataRowFilterAllRowsWildcard": { "type": "object" }, "aws:lakeformation/DataCellsFilterTimeouts:DataCellsFilterTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lakeformation/DataLakeSettingsCreateDatabaseDefaultPermission:DataLakeSettingsCreateDatabaseDefaultPermission": { "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions that are granted to the principal. Valid values may include `ALL`, `SELECT`, `ALTER`, `DROP`, `DELETE`, `INSERT`, `DESCRIBE`, and `CREATE_TABLE`. For more details, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n" }, "principal": { "type": "string", "description": "Principal who is granted permissions. To enforce metadata and underlying data access control only by IAM on new databases and tables set `principal` to `IAM_ALLOWED_PRINCIPALS` and `permissions` to `[\"ALL\"]`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "permissions", "principal" ] } } }, "aws:lakeformation/DataLakeSettingsCreateTableDefaultPermission:DataLakeSettingsCreateTableDefaultPermission": { "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions that are granted to the principal. Valid values may include `ALL`, `SELECT`, `ALTER`, `DROP`, `DELETE`, `INSERT`, and `DESCRIBE`. For more details, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n" }, "principal": { "type": "string", "description": "Principal who is granted permissions. To enforce metadata and underlying data access control only by IAM on new databases and tables set `principal` to `IAM_ALLOWED_PRINCIPALS` and `permissions` to `[\"ALL\"]`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "permissions", "principal" ] } } }, "aws:lakeformation/PermissionsDataCellsFilter:PermissionsDataCellsFilter": { "properties": { "databaseName": { "type": "string", "description": "The name of the database.\n" }, "name": { "type": "string", "description": "The name of the data cells filter.\n" }, "tableCatalogId": { "type": "string", "description": "The ID of the Data Catalog.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n" } }, "type": "object", "required": [ "databaseName", "name", "tableCatalogId", "tableName" ] }, "aws:lakeformation/PermissionsDataLocation:PermissionsDataLocation": { "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) that uniquely identifies the data location resource.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true }, "catalogId": { "type": "string", "description": "Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "arn" ], "language": { "nodejs": { "requiredOutputs": [ "arn", "catalogId" ] } } }, "aws:lakeformation/PermissionsDatabase:PermissionsDatabase": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the database resource. Unique to the Data Catalog.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "name" ] } } }, "aws:lakeformation/PermissionsLfTag:PermissionsLfTag": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The key-name for the tag.\n", "willReplaceOnChanges": true }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of possible values an attribute can take.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "values" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "key", "values" ] } } }, "aws:lakeformation/PermissionsLfTagPolicy:PermissionsLfTagPolicy": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "expressions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/PermissionsLfTagPolicyExpression:PermissionsLfTagPolicyExpression" }, "description": "A list of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See `expression` below.\n\nThe following argument is optional:\n" }, "resourceType": { "type": "string", "description": "The resource type for which the tag policy applies. Valid values are `DATABASE` and `TABLE`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "expressions", "resourceType" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "expressions", "resourceType" ] } } }, "aws:lakeformation/PermissionsLfTagPolicyExpression:PermissionsLfTagPolicyExpression": { "properties": { "key": { "type": "string", "description": "The key-name of an LF-Tag.\n", "willReplaceOnChanges": true }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of possible values of an LF-Tag.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "values" ] }, "aws:lakeformation/PermissionsTable:PermissionsTable": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the database for the table. Unique to a Data Catalog.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the table.\n", "willReplaceOnChanges": true }, "wildcard": { "type": "boolean", "description": "Whether to use a wildcard representing every table under a database. Defaults to `false`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "name" ] } } }, "aws:lakeformation/PermissionsTableWithColumns:PermissionsTableWithColumns": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "columnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the database for the table with columns resource. Unique to the Data Catalog.\n", "willReplaceOnChanges": true }, "excludedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table to exclude. If `excluded_column_names` is included, `wildcard` must be set to `true` to avoid the provider reporting a difference.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the table resource.\n", "willReplaceOnChanges": true }, "wildcard": { "type": "boolean", "description": "Whether to use a column wildcard. If `excluded_column_names` is included, `wildcard` must be set to `true` to avoid the provider reporting a difference.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName", "name" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "name" ] } } }, "aws:lakeformation/ResourceLfTagDatabase:ResourceLfTagDatabase": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "name": { "type": "string", "description": "Name of the database resource. Unique to the Data Catalog.\n\nThe following argument is optional:\n" } }, "type": "object", "required": [ "name" ] }, "aws:lakeformation/ResourceLfTagLfTag:ResourceLfTagLfTag": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "key": { "type": "string", "description": "Key name for an existing LF-tag.\n" }, "value": { "type": "string", "description": "Value from the possible values for the LF-tag.\n\nThe following argument is optional:\n" } }, "type": "object", "required": [ "key", "value" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "key", "value" ] } } }, "aws:lakeformation/ResourceLfTagTable:ResourceLfTagTable": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "databaseName": { "type": "string", "description": "Name of the database for the table. Unique to a Data Catalog.\n" }, "name": { "type": "string", "description": "Name of the table.\n" }, "wildcard": { "type": "boolean", "description": "Whether to use a wildcard representing every table under a database. Defaults to `false`.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "databaseName" ] }, "aws:lakeformation/ResourceLfTagTableWithColumns:ResourceLfTagTableWithColumns": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "columnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table.\n" }, "columnWildcard": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTableWithColumnsColumnWildcard:ResourceLfTagTableWithColumnsColumnWildcard", "description": "Option to add column wildcard. See Column Wildcard for more details.\n" }, "databaseName": { "type": "string", "description": "Name of the database for the table with columns resource. Unique to the Data Catalog.\n" }, "name": { "type": "string", "description": "Name of the table resource.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "databaseName", "name" ] }, "aws:lakeformation/ResourceLfTagTableWithColumnsColumnWildcard:ResourceLfTagTableWithColumnsColumnWildcard": { "properties": { "excludedColumnNames": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:lakeformation/ResourceLfTagTimeouts:ResourceLfTagTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:lakeformation/ResourceLfTagsDatabase:ResourceLfTagsDatabase": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the database resource. Unique to the Data Catalog.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "name" ] } } }, "aws:lakeformation/ResourceLfTagsLfTag:ResourceLfTagsLfTag": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "Key name for an existing LF-tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Value from the possible values for the LF-tag.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "key", "value" ] } } }, "aws:lakeformation/ResourceLfTagsTable:ResourceLfTagsTable": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the database for the table. Unique to a Data Catalog.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the table.\n", "willReplaceOnChanges": true }, "wildcard": { "type": "boolean", "description": "Whether to use a wildcard representing every table under a database. Defaults to `false`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "name" ] } } }, "aws:lakeformation/ResourceLfTagsTableWithColumns:ResourceLfTagsTableWithColumns": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n", "willReplaceOnChanges": true }, "columnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the database for the table with columns resource. Unique to the Data Catalog.\n", "willReplaceOnChanges": true }, "excludedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table to exclude. If `excluded_column_names` is included, `wildcard` must be set to `true` to avoid the provider reporting a difference.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the table resource.\n", "willReplaceOnChanges": true }, "wildcard": { "type": "boolean", "description": "Whether to use a column wildcard. If `excluded_column_names` is included, `wildcard` must be set to `true` to avoid the provider reporting a difference.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "databaseName", "name" ], "language": { "nodejs": { "requiredOutputs": [ "catalogId", "databaseName", "name" ] } } }, "aws:lakeformation/getDataLakeSettingsCreateDatabaseDefaultPermission:getDataLakeSettingsCreateDatabaseDefaultPermission": { "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions granted to the principal.\n" }, "principal": { "type": "string", "description": "Principal who is granted permissions.\n" } }, "type": "object", "required": [ "permissions", "principal" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lakeformation/getDataLakeSettingsCreateTableDefaultPermission:getDataLakeSettingsCreateTableDefaultPermission": { "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions granted to the principal.\n" }, "principal": { "type": "string", "description": "Principal who is granted permissions.\n" } }, "type": "object", "required": [ "permissions", "principal" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lakeformation/getPermissionsDataCellsFilter:getPermissionsDataCellsFilter": { "properties": { "databaseName": { "type": "string", "description": "The name of the database.\n" }, "name": { "type": "string", "description": "The name of the data cells filter.\n" }, "tableCatalogId": { "type": "string", "description": "The ID of the Data Catalog.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n" } }, "type": "object", "required": [ "databaseName", "name", "tableCatalogId", "tableName" ] }, "aws:lakeformation/getPermissionsDataLocation:getPermissionsDataLocation": { "properties": { "arn": { "type": "string", "description": "ARN that uniquely identifies the data location resource.\n\nThe following argument is optional:\n" }, "catalogId": { "type": "string", "description": "Identifier for the Data Catalog where the location is registered with Lake Formation. By default, it is the account ID of the caller.\n" } }, "type": "object", "required": [ "arn", "catalogId" ], "language": { "nodejs": { "requiredInputs": [ "arn" ] } } }, "aws:lakeformation/getPermissionsDatabase:getPermissionsDatabase": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "name": { "type": "string", "description": "Name of the database resource. Unique to the Data Catalog.\n\nThe following argument is optional:\n" } }, "type": "object", "required": [ "catalogId", "name" ], "language": { "nodejs": { "requiredInputs": [ "name" ] } } }, "aws:lakeformation/getPermissionsLfTag:getPermissionsLfTag": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "key": { "type": "string", "description": "Key-name for the tag.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of possible values an attribute can take.\n\nThe following argument is optional:\n" } }, "type": "object", "required": [ "catalogId", "key", "values" ], "language": { "nodejs": { "requiredInputs": [ "key", "values" ] } } }, "aws:lakeformation/getPermissionsLfTagPolicy:getPermissionsLfTagPolicy": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "expressions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/getPermissionsLfTagPolicyExpression:getPermissionsLfTagPolicyExpression" }, "description": "List of tag conditions that apply to the resource's tag policy. Configuration block for tag conditions that apply to the policy. See `expression` below.\n\nThe following argument is optional:\n" }, "resourceType": { "type": "string", "description": "Resource type for which the tag policy applies. Valid values are `DATABASE` and `TABLE`.\n" } }, "type": "object", "required": [ "catalogId", "expressions", "resourceType" ], "language": { "nodejs": { "requiredInputs": [ "expressions", "resourceType" ] } } }, "aws:lakeformation/getPermissionsLfTagPolicyExpression:getPermissionsLfTagPolicyExpression": { "properties": { "key": { "type": "string", "description": "Key-name of an LF-Tag.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of possible values of an LF-Tag.\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:lakeformation/getPermissionsTable:getPermissionsTable": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "databaseName": { "type": "string", "description": "Name of the database for the table. Unique to a Data Catalog.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the table. At least one of `name` or `wildcard` is required.\n" }, "wildcard": { "type": "boolean", "description": "Whether to use a wildcard representing every table under a database. At least one of `name` or `wildcard` is required. Defaults to `false`.\n" } }, "type": "object", "required": [ "catalogId", "databaseName", "name" ], "language": { "nodejs": { "requiredInputs": [ "databaseName" ] } } }, "aws:lakeformation/getPermissionsTableWithColumns:getPermissionsTableWithColumns": { "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, it is the account ID of the caller.\n" }, "columnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table. At least one of `column_names` or `excluded_column_names` is required.\n" }, "databaseName": { "type": "string", "description": "Name of the database for the table with columns resource. Unique to the Data Catalog.\n" }, "excludedColumnNames": { "type": "array", "items": { "type": "string" }, "description": "Set of column names for the table to exclude. At least one of `column_names` or `excluded_column_names` is required.\n" }, "name": { "type": "string", "description": "Name of the table resource.\n\nThe following arguments are optional:\n" }, "wildcard": { "type": "boolean", "description": "Whether to use a wildcard representing every table under a database. At least one of `name` or `wildcard` is required. Defaults to `false`.\n" } }, "type": "object", "required": [ "catalogId", "databaseName", "name" ], "language": { "nodejs": { "requiredInputs": [ "databaseName", "name" ] } } }, "aws:lambda/AliasRoutingConfig:AliasRoutingConfig": { "properties": { "additionalVersionWeights": { "type": "object", "additionalProperties": { "type": "number" }, "description": "A map that defines the proportion of events that should be sent to different versions of a lambda function.\n" } }, "type": "object" }, "aws:lambda/CodeSigningConfigAllowedPublishers:CodeSigningConfigAllowedPublishers": { "properties": { "signingProfileVersionArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.\n" } }, "type": "object", "required": [ "signingProfileVersionArns" ] }, "aws:lambda/CodeSigningConfigPolicies:CodeSigningConfigPolicies": { "properties": { "untrustedArtifactOnDeployment": { "type": "string", "description": "Code signing configuration policy for deployment validation failure. If you set the policy to Enforce, Lambda blocks the deployment request if code-signing validation checks fail. If you set the policy to Warn, Lambda allows the deployment and creates a CloudWatch log. Valid values: `Warn`, `Enforce`. Default value: `Warn`.\n" } }, "type": "object", "required": [ "untrustedArtifactOnDeployment" ] }, "aws:lambda/EventSourceMappingAmazonManagedKafkaEventSourceConfig:EventSourceMappingAmazonManagedKafkaEventSourceConfig": { "properties": { "consumerGroupId": { "type": "string", "description": "A Kafka consumer group ID between 1 and 200 characters for use when creating this event source mapping. If one is not specified, this value will be automatically generated. See [AmazonManagedKafkaEventSourceConfig Syntax](https://docs.aws.amazon.com/lambda/latest/dg/API_AmazonManagedKafkaEventSourceConfig.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "consumerGroupId" ] } } }, "aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig": { "properties": { "onFailure": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfigOnFailure:EventSourceMappingDestinationConfigOnFailure", "description": "The destination configuration for failed invocations. Detailed below.\n" } }, "type": "object" }, "aws:lambda/EventSourceMappingDestinationConfigOnFailure:EventSourceMappingDestinationConfigOnFailure": { "properties": { "destinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the destination resource.\n" } }, "type": "object", "required": [ "destinationArn" ] }, "aws:lambda/EventSourceMappingDocumentDbEventSourceConfig:EventSourceMappingDocumentDbEventSourceConfig": { "properties": { "collectionName": { "type": "string", "description": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.\n" }, "databaseName": { "type": "string", "description": "The name of the database to consume within the DocumentDB cluster.\n" }, "fullDocument": { "type": "string", "description": "Determines what DocumentDB sends to your event stream during document update operations. If set to `UpdateLookup`, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes. Valid values: `UpdateLookup`, `Default`.\n" } }, "type": "object", "required": [ "databaseName" ] }, "aws:lambda/EventSourceMappingFilterCriteria:EventSourceMappingFilterCriteria": { "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:lambda/EventSourceMappingFilterCriteriaFilter:EventSourceMappingFilterCriteriaFilter" }, "description": "A set of up to 5 filter. If an event satisfies at least one, Lambda sends the event to the function or adds it to the next batch. Detailed below.\n" } }, "type": "object" }, "aws:lambda/EventSourceMappingFilterCriteriaFilter:EventSourceMappingFilterCriteriaFilter": { "properties": { "pattern": { "type": "string", "description": "A filter pattern up to 4096 characters. See [Filter Rule Syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax).\n" } }, "type": "object" }, "aws:lambda/EventSourceMappingScalingConfig:EventSourceMappingScalingConfig": { "properties": { "maximumConcurrency": { "type": "integer", "description": "Limits the number of concurrent instances that the Amazon SQS event source can invoke. Must be greater than or equal to `2`. See [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency). You need to raise a [Service Quota Ticket](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) to increase the concurrency beyond 1000.\n" } }, "type": "object" }, "aws:lambda/EventSourceMappingSelfManagedEventSource:EventSourceMappingSelfManagedEventSource": { "properties": { "endpoints": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of endpoints for the self managed source. For Kafka self-managed sources, the key should be `KAFKA_BOOTSTRAP_SERVERS` and the value should be a string with a comma separated list of broker endpoints.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "endpoints" ] }, "aws:lambda/EventSourceMappingSelfManagedKafkaEventSourceConfig:EventSourceMappingSelfManagedKafkaEventSourceConfig": { "properties": { "consumerGroupId": { "type": "string", "description": "A Kafka consumer group ID between 1 and 200 characters for use when creating this event source mapping. If one is not specified, this value will be automatically generated. See [SelfManagedKafkaEventSourceConfig Syntax](https://docs.aws.amazon.com/lambda/latest/dg/API_SelfManagedKafkaEventSourceConfig.html).\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "consumerGroupId" ] } } }, "aws:lambda/EventSourceMappingSourceAccessConfiguration:EventSourceMappingSourceAccessConfiguration": { "properties": { "type": { "type": "string", "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/lambda/latest/api/API_SourceAccessConfiguration.html).\n" }, "uri": { "type": "string", "description": "The URI for this configuration. For type `VPC_SUBNET` the value should be `subnet:subnet_id` where `subnet_id` is the value you would find in an aws.ec2.Subnet resource's id attribute. For type `VPC_SECURITY_GROUP` the value should be `security_group:security_group_id` where `security_group_id` is the value you would find in an aws.ec2.SecurityGroup resource's id attribute.\n" } }, "type": "object", "required": [ "type", "uri" ] }, "aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig": { "properties": { "targetArn": { "type": "string", "description": "ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the `sns:Publish` or `sqs:SendMessage` action on this ARN, depending on which service is targeted.\n" } }, "type": "object", "required": [ "targetArn" ] }, "aws:lambda/FunctionEnvironment:FunctionEnvironment": { "properties": { "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.\n" } }, "type": "object" }, "aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage": { "properties": { "size": { "type": "integer", "description": "The size of the Lambda function Ephemeral storage(`/tmp`) represented in MB. The minimum supported `ephemeral_storage` value defaults to `512`MB and the maximum supported value is `10240`MB.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "size" ] } } }, "aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig": { "properties": { "onFailure": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfigOnFailure:FunctionEventInvokeConfigDestinationConfigOnFailure", "description": "Configuration block with destination configuration for failed asynchronous invocations. See below for details.\n" }, "onSuccess": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfigOnSuccess:FunctionEventInvokeConfigDestinationConfigOnSuccess", "description": "Configuration block with destination configuration for successful asynchronous invocations. See below for details.\n" } }, "type": "object" }, "aws:lambda/FunctionEventInvokeConfigDestinationConfigOnFailure:FunctionEventInvokeConfigDestinationConfigOnFailure": { "properties": { "destination": { "type": "string", "description": "Amazon Resource Name (ARN) of the destination resource. See the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) for acceptable resource types and associated IAM permissions.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:lambda/FunctionEventInvokeConfigDestinationConfigOnSuccess:FunctionEventInvokeConfigDestinationConfigOnSuccess": { "properties": { "destination": { "type": "string", "description": "Amazon Resource Name (ARN) of the destination resource. See the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) for acceptable resource types and associated IAM permissions.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig": { "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.\n" }, "localMountPath": { "type": "string", "description": "Path where the function can access the file system, starting with /mnt/.\n" } }, "type": "object", "required": [ "arn", "localMountPath" ] }, "aws:lambda/FunctionImageConfig:FunctionImageConfig": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "Parameters that you want to pass in with `entry_point`.\n" }, "entryPoints": { "type": "array", "items": { "type": "string" }, "description": "Entry point to your application, which is typically the location of the runtime executable.\n" }, "workingDirectory": { "type": "string", "description": "Working directory.\n" } }, "type": "object" }, "aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig": { "properties": { "applicationLogLevel": { "type": "string", "description": "for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.\n" }, "logFormat": { "type": "string", "description": "select between `Text` and structured `JSON` format for your function's logs.\n" }, "logGroup": { "type": "string", "description": "the CloudWatch log group your function sends logs to.\n" }, "systemLogLevel": { "type": "string", "description": "for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as `ERROR`, `DEBUG`, or `INFO`.\n" } }, "type": "object", "required": [ "logFormat" ], "language": { "nodejs": { "requiredOutputs": [ "logFormat", "logGroup" ] } } }, "aws:lambda/FunctionSnapStart:FunctionSnapStart": { "properties": { "applyOn": { "type": "string", "description": "Conditions where snap start is enabled. Valid values are `PublishedVersions`.\n" }, "optimizationStatus": { "type": "string", "description": "Optimization status of the snap start configuration. Valid values are `On` and `Off`.\n" } }, "type": "object", "required": [ "applyOn" ], "language": { "nodejs": { "requiredOutputs": [ "applyOn", "optimizationStatus" ] } } }, "aws:lambda/FunctionTracingConfig:FunctionTracingConfig": { "properties": { "mode": { "type": "string", "description": "Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are `PassThrough` and `Active`. If `PassThrough`, Lambda will only trace the request from an upstream service if it contains a tracing header with \"sampled=1\". If `Active`, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:lambda/FunctionUrlCors:FunctionUrlCors": { "properties": { "allowCredentials": { "type": "boolean", "description": "Whether to allow cookies or other credentials in requests to the function URL. The default is `false`.\n" }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "The HTTP headers that origins can include in requests to the function URL. For example: `[\"date\", \"keep-alive\", \"x-custom-header\"]`.\n" }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "The HTTP methods that are allowed when calling the function URL. For example: `[\"GET\", \"POST\", \"DELETE\"]`, or the wildcard character (`[\"*\"]`).\n" }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "The origins that can access the function URL. You can list any number of specific origins (or the wildcard character (`\"*\"`)), separated by a comma. For example: `[\"https://www.example.com\", \"http://localhost:60905\"]`.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "The HTTP headers in your function response that you want to expose to origins that call the function URL.\n" }, "maxAge": { "type": "integer", "description": "The maximum amount of time, in seconds, that web browsers can cache results of a preflight request. By default, this is set to `0`, which means that the browser doesn't cache results. The maximum value is `86400`.\n" } }, "type": "object" }, "aws:lambda/FunctionVpcConfig:FunctionVpcConfig": { "properties": { "ipv6AllowedForDualStack": { "type": "boolean", "description": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is `false`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs associated with the Lambda function.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs associated with the Lambda function.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:lambda/Runtime:Runtime": { "description": "See https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html", "type": "string", "enum": [ { "name": "Dotnet6", "value": "dotnet6" }, { "name": "Dotnet7", "value": "dotnet7" }, { "name": "Dotnet8", "value": "dotnet8" }, { "name": "Java11", "value": "java11" }, { "name": "Java17", "value": "java17" }, { "name": "Java21", "value": "java21" }, { "name": "Java8AL2", "value": "java8.al2" }, { "name": "NodeJS16dX", "value": "nodejs16.x" }, { "name": "NodeJS18dX", "value": "nodejs18.x" }, { "name": "NodeJS20dX", "value": "nodejs20.x" }, { "name": "CustomAL2", "value": "provided.al2" }, { "name": "CustomAL2023", "value": "provided.al2023" }, { "name": "Python3d10", "value": "python3.10" }, { "name": "Python3d11", "value": "python3.11" }, { "name": "Python3d12", "value": "python3.12" }, { "name": "Python3d8", "value": "python3.8" }, { "name": "Python3d9", "value": "python3.9" }, { "name": "Ruby3d2", "value": "ruby3.2" }, { "name": "Dotnet5d0", "value": "dotnet5.0", "deprecationMessage": "This runtime is now deprecated" }, { "name": "DotnetCore2d1", "value": "dotnetcore2.1", "deprecationMessage": "This runtime is now deprecated" }, { "name": "DotnetCore3d1", "value": "dotnetcore3.1", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Go1dx", "value": "go1.x", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Java8", "value": "java8", "deprecationMessage": "This runtime is now deprecated" }, { "name": "NodeJS10dX", "value": "nodejs10.x", "deprecationMessage": "This runtime is now deprecated" }, { "name": "NodeJS12dX", "value": "nodejs12.x", "deprecationMessage": "This runtime is now deprecated" }, { "name": "NodeJS14dX", "value": "nodejs14.x", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Custom", "value": "provided", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Python2d7", "value": "python2.7", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Python3d6", "value": "python3.6", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Python3d7", "value": "python3.7", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Ruby2d5", "value": "ruby2.5", "deprecationMessage": "This runtime is now deprecated" }, { "name": "Ruby2d7", "value": "ruby2.7", "deprecationMessage": "This runtime is now deprecated" } ] }, "aws:lambda/getCodeSigningConfigAllowedPublisher:getCodeSigningConfigAllowedPublisher": { "properties": { "signingProfileVersionArns": { "type": "array", "items": { "type": "string" }, "description": "The ARN for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.\n" } }, "type": "object", "required": [ "signingProfileVersionArns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getCodeSigningConfigPolicy:getCodeSigningConfigPolicy": { "properties": { "untrustedArtifactOnDeployment": { "type": "string", "description": "Code signing configuration policy for deployment validation failure.\n" } }, "type": "object", "required": [ "untrustedArtifactOnDeployment" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionDeadLetterConfig:getFunctionDeadLetterConfig": { "properties": { "targetArn": { "type": "string" } }, "type": "object", "required": [ "targetArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionEnvironment:getFunctionEnvironment": { "properties": { "variables": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "variables" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionEphemeralStorage:getFunctionEphemeralStorage": { "properties": { "size": { "type": "integer" } }, "type": "object", "required": [ "size" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionFileSystemConfig:getFunctionFileSystemConfig": { "properties": { "arn": { "type": "string", "description": "Unqualified (no `:QUALIFIER` or `:VERSION` suffix) ARN identifying your Lambda Function. See also `qualified_arn`.\n" }, "localMountPath": { "type": "string" } }, "type": "object", "required": [ "arn", "localMountPath" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionLoggingConfig:getFunctionLoggingConfig": { "properties": { "applicationLogLevel": { "type": "string" }, "logFormat": { "type": "string" }, "logGroup": { "type": "string" }, "systemLogLevel": { "type": "string" } }, "type": "object", "required": [ "applicationLogLevel", "logFormat", "logGroup", "systemLogLevel" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionTracingConfig:getFunctionTracingConfig": { "properties": { "mode": { "type": "string" } }, "type": "object", "required": [ "mode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionUrlCor:getFunctionUrlCor": { "properties": { "allowCredentials": { "type": "boolean" }, "allowHeaders": { "type": "array", "items": { "type": "string" } }, "allowMethods": { "type": "array", "items": { "type": "string" } }, "allowOrigins": { "type": "array", "items": { "type": "string" } }, "exposeHeaders": { "type": "array", "items": { "type": "string" } }, "maxAge": { "type": "integer" } }, "type": "object", "required": [ "allowCredentials", "allowHeaders", "allowMethods", "allowOrigins", "exposeHeaders", "maxAge" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lambda/getFunctionVpcConfig:getFunctionVpcConfig": { "properties": { "ipv6AllowedForDualStack": { "type": "boolean" }, "securityGroupIds": { "type": "array", "items": { "type": "string" } }, "subnetIds": { "type": "array", "items": { "type": "string" } }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "ipv6AllowedForDualStack", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:lb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito", "description": "Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. Detailed below.\n" }, "authenticateOidc": { "$ref": "#/types/aws:lb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc", "description": "Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. Detailed below.\n" }, "fixedResponse": { "$ref": "#/types/aws:lb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n" }, "forward": { "$ref": "#/types/aws:lb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if `type` is `forward`.\nCannot be specified with `target_group_arn`.\nDetailed below.\n" }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between `1` and `50000`.\nDefaults to the position in the list of actions.\n" }, "redirect": { "$ref": "#/types/aws:lb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect", "description": "Configuration block for creating a redirect action. Required if `type` is `redirect`. Detailed below.\n" }, "targetGroupArn": { "type": "string", "description": "ARN of the Target Group to which to route traffic.\nSpecify only if `type` is `forward` and you want to route to a single target group.\nTo route to one or more target groups, use a `forward` block instead.\nCannot be specified with `forward`.\n" }, "type": { "type": "string", "description": "Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:lb/ListenerDefaultActionAuthenticateCognito:ListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "Behavior if the user is not authenticated. Valid values are `deny`, `allow` and `authenticate`.\n" }, "scope": { "type": "string", "description": "Set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "Name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "Maximum duration of the authentication session, in seconds.\n" }, "userPoolArn": { "type": "string", "description": "ARN of the Cognito user pool.\n" }, "userPoolClientId": { "type": "string", "description": "ID of the Cognito user pool client.\n" }, "userPoolDomain": { "type": "string", "description": "Domain prefix or fully-qualified domain name of the Cognito user pool.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:lb/ListenerDefaultActionAuthenticateOidc:ListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "authorizationEndpoint": { "type": "string", "description": "Authorization endpoint of the IdP.\n" }, "clientId": { "type": "string", "description": "OAuth 2.0 client identifier.\n" }, "clientSecret": { "type": "string", "description": "OAuth 2.0 client secret.\n", "secret": true }, "issuer": { "type": "string", "description": "OIDC issuer identifier of the IdP.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "Behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "Set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "Name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "Maximum duration of the authentication session, in seconds.\n" }, "tokenEndpoint": { "type": "string", "description": "Token endpoint of the IdP.\n" }, "userInfoEndpoint": { "type": "string", "description": "User info endpoint of the IdP.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:lb/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "Content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n\nThe following arguments are optional:\n" }, "messageBody": { "type": "string", "description": "Message body.\n" }, "statusCode": { "type": "string", "description": "HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n" } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:lb/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:lb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness", "description": "Configuration block for target group stickiness for the rule. Detailed below.\n" }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "Set of 1-5 target group blocks. Detailed below.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "targetGroups" ] }, "aws:lb/ListenerDefaultActionForwardStickiness:ListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n\nThe following arguments are optional:\n" }, "enabled": { "type": "boolean", "description": "Whether target group stickiness is enabled. Default is `false`.\n" } }, "type": "object", "required": [ "duration" ] }, "aws:lb/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the target group.\n\nThe following arguments are optional:\n" }, "weight": { "type": "integer", "description": "Weight. The range is 0 to 999.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:lb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { "type": "string", "description": "Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n" }, "path": { "type": "string", "description": "Absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n" }, "port": { "type": "string", "description": "Port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n" }, "protocol": { "type": "string", "description": "Protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n" }, "query": { "type": "string", "description": "Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n" }, "statusCode": { "type": "string", "description": "HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:lb/ListenerMutualAuthentication:ListenerMutualAuthentication": { "properties": { "ignoreClientCertificateExpiry": { "type": "boolean", "description": "Whether client certificate expiry is ignored. Default is `false`.\n" }, "mode": { "type": "string", "description": "Valid values are `off`, `verify` and `passthrough`.\n" }, "trustStoreArn": { "type": "string", "description": "ARN of the elbv2 Trust Store.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:lb/ListenerRuleAction:ListenerRuleAction": { "properties": { "authenticateCognito": { "$ref": "#/types/aws:lb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito", "description": "Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.\n" }, "authenticateOidc": { "$ref": "#/types/aws:lb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc", "description": "Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.\n" }, "fixedResponse": { "$ref": "#/types/aws:lb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.\n" }, "forward": { "$ref": "#/types/aws:lb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if `type` is `forward`.\nCannot be specified with `target_group_arn`.\n" }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between `1` and `50000`.\nDefaults to the position in the list of actions.\n" }, "redirect": { "$ref": "#/types/aws:lb/ListenerRuleActionRedirect:ListenerRuleActionRedirect", "description": "Information for creating a redirect action. Required if `type` is `redirect`.\n" }, "targetGroupArn": { "type": "string", "description": "ARN of the Target Group to which to route traffic.\nSpecify only if `type` is `forward` and you want to route to a single target group.\nTo route to one or more target groups, use a `forward` block instead.\nCannot be specified with `forward`.\n" }, "type": { "type": "string", "description": "The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "order", "type" ] } } }, "aws:lb/ListenerRuleActionAuthenticateCognito:ListenerRuleActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n" }, "userPoolArn": { "type": "string", "description": "The ARN of the Cognito user pool.\n" }, "userPoolClientId": { "type": "string", "description": "The ID of the Cognito user pool client.\n" }, "userPoolDomain": { "type": "string", "description": "The domain prefix or fully-qualified domain name of the Cognito user pool.\n" } }, "type": "object", "required": [ "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredOutputs": [ "onUnauthenticatedRequest", "userPoolArn", "userPoolClientId", "userPoolDomain" ] } } }, "aws:lb/ListenerRuleActionAuthenticateOidc:ListenerRuleActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The query parameters to include in the redirect request to the authorization endpoint. Max: 10.\n" }, "authorizationEndpoint": { "type": "string", "description": "The authorization endpoint of the IdP.\n" }, "clientId": { "type": "string", "description": "The OAuth 2.0 client identifier.\n" }, "clientSecret": { "type": "string", "description": "The OAuth 2.0 client secret.\n", "secret": true }, "issuer": { "type": "string", "description": "The OIDC issuer identifier of the IdP.\n" }, "onUnauthenticatedRequest": { "type": "string", "description": "The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate`\n" }, "scope": { "type": "string", "description": "The set of user claims to be requested from the IdP.\n" }, "sessionCookieName": { "type": "string", "description": "The name of the cookie used to maintain session information.\n" }, "sessionTimeout": { "type": "integer", "description": "The maximum duration of the authentication session, in seconds.\n" }, "tokenEndpoint": { "type": "string", "description": "The token endpoint of the IdP.\n" }, "userInfoEndpoint": { "type": "string", "description": "The user info endpoint of the IdP.\n" } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredOutputs": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "tokenEndpoint", "userInfoEndpoint" ] } } }, "aws:lb/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "contentType": { "type": "string", "description": "The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`.\n" }, "messageBody": { "type": "string", "description": "The message body.\n" }, "statusCode": { "type": "string", "description": "The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`.\n" } }, "type": "object", "required": [ "contentType" ], "language": { "nodejs": { "requiredOutputs": [ "contentType", "statusCode" ] } } }, "aws:lb/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "stickiness": { "$ref": "#/types/aws:lb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness", "description": "The target group stickiness for the rule.\n" }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "One or more target groups block.\n" } }, "type": "object", "required": [ "targetGroups" ] }, "aws:lb/ListenerRuleActionForwardStickiness:ListenerRuleActionForwardStickiness": { "properties": { "duration": { "type": "integer", "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).\n" }, "enabled": { "type": "boolean", "description": "Indicates whether target group stickiness is enabled.\n" } }, "type": "object", "required": [ "duration" ] }, "aws:lb/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target group.\n" }, "weight": { "type": "integer", "description": "The weight. The range is 0 to 999.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:lb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { "type": "string", "description": "The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.\n" }, "path": { "type": "string", "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`.\n" }, "port": { "type": "string", "description": "The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n" }, "protocol": { "type": "string", "description": "The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n" }, "query": { "type": "string", "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\". Defaults to `#{query}`.\n" }, "statusCode": { "type": "string", "description": "The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`).\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:lb/ListenerRuleCondition:ListenerRuleCondition": { "properties": { "hostHeader": { "$ref": "#/types/aws:lb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader", "description": "Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.\n" }, "httpHeader": { "$ref": "#/types/aws:lb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader", "description": "HTTP headers to match. HTTP Header block fields documented below.\n" }, "httpRequestMethod": { "$ref": "#/types/aws:lb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod", "description": "Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.\n" }, "pathPattern": { "$ref": "#/types/aws:lb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern", "description": "Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition.\n" }, "queryStrings": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString" }, "description": "Query strings to match. Query String block fields documented below.\n" }, "sourceIp": { "$ref": "#/types/aws:lb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp", "description": "Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead.\n\n\u003e **NOTE::** Exactly one of `host_header`, `http_header`, `http_request_method`, `path_pattern`, `query_string` or `source_ip` must be set per condition.\n" } }, "type": "object" }, "aws:lb/ListenerRuleConditionHostHeader:ListenerRuleConditionHostHeader": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:lb/ListenerRuleConditionHttpHeader:ListenerRuleConditionHttpHeader": { "properties": { "httpHeaderName": { "type": "string", "description": "Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.\n" } }, "type": "object", "required": [ "httpHeaderName", "values" ] }, "aws:lb/ListenerRuleConditionHttpRequestMethod:ListenerRuleConditionHttpRequestMethod": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:lb/ListenerRuleConditionPathPattern:ListenerRuleConditionPathPattern": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:lb/ListenerRuleConditionQueryString:ListenerRuleConditionQueryString": { "properties": { "key": { "type": "string", "description": "Query string key pattern to match.\n" }, "value": { "type": "string", "description": "Query string value pattern to match.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lb/ListenerRuleConditionSourceIp:ListenerRuleConditionSourceIp": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string", "description": "S3 bucket name to store the logs in.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `access_logs`. Defaults to `false`, even when `bucket` is specified.\n" }, "prefix": { "type": "string", "description": "S3 bucket prefix. Logs are stored in the root if not configured.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:lb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs": { "properties": { "bucket": { "type": "string", "description": "S3 bucket name to store the logs in.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `connection_logs`. Defaults to `false`, even when `bucket` is specified.\n" }, "prefix": { "type": "string", "description": "S3 bucket prefix. Logs are stored in the root if not configured.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string", "description": "Allocation ID of the Elastic IP address for an internet-facing load balancer.\n" }, "ipv6Address": { "type": "string", "description": "IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.\n" }, "outpostId": { "type": "string" }, "privateIpv4Address": { "type": "string", "description": "Private IPv4 address for an internal load balancer.\n" }, "subnetId": { "type": "string", "description": "ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.\n" } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredOutputs": [ "outpostId", "subnetId" ] } } }, "aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Whether health checks are enabled. Defaults to `true`.\n" }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive health check successes required before considering a target healthy. The range is 2-10. Defaults to 3.\n" }, "interval": { "type": "integer", "description": "Approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. For `lambda` target groups, it needs to be greater than the timeout of the underlying `lambda`. Defaults to 30.\n" }, "matcher": { "type": "string", "description": "The HTTP or gRPC codes to use when checking for a successful response from a target.\nThe `health_check.protocol` must be one of `HTTP` or `HTTPS` or the `target_type` must be `lambda`.\nValues can be comma-separated individual values (e.g., \"200,202\") or a range of values (e.g., \"200-299\").\n* For gRPC-based target groups (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocol_version` is `GRPC`), values can be between `0` and `99`. The default is `12`.\n* When used with an Application Load Balancer (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocol_version` is not `GRPC`), values can be between `200` and `499`. The default is `200`.\n* When used with a Network Load Balancer (i.e., the `protocol` is one of `TCP`, `TCP_UDP`, `UDP`, or `TLS`), values can be between `200` and `599`. The default is `200-399`.\n* When the `target_type` is `lambda`, values can be between `200` and `499`. The default is `200`.\n" }, "path": { "type": "string", "description": "Destination for the health check request. Required for HTTP/HTTPS ALB and HTTP NLB. Only applies to HTTP/HTTPS.\n* For HTTP and HTTPS health checks, the default is `/`.\n* For gRPC health checks, the default is `/Amazon Web Services.ALB/healthcheck`.\n" }, "port": { "type": "string", "description": "The port the load balancer uses when performing health checks on targets.\nValid values are either `traffic-port`, to use the same port as the target group, or a valid port number between `1` and `65536`.\nDefault is `traffic-port`.\n" }, "protocol": { "type": "string", "description": "Protocol the load balancer uses when performing health checks on targets.\nMust be one of `TCP`, `HTTP`, or `HTTPS`.\nThe `TCP` protocol is not supported for health checks if the protocol of the target group is `HTTP` or `HTTPS`.\nDefault is `HTTP`.\nCannot be specified when the `target_type` is `lambda`.\n" }, "timeout": { "type": "integer", "description": "Amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is lambda, the default is 30 seconds.\n" }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. Defaults to 3.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "matcher", "path", "timeout" ] } } }, "aws:lb/TargetGroupStickiness:TargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer", "description": "Only used when the type is `lb_cookie`. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n" }, "cookieName": { "type": "string", "description": "Name of the application based cookie. AWSALB, AWSALBAPP, and AWSALBTG prefixes are reserved and cannot be used. Only needed when type is `app_cookie`.\n" }, "enabled": { "type": "boolean", "description": "Boolean to enable / disable `stickiness`. Default is `true`.\n" }, "type": { "type": "string", "description": "The type of sticky sessions. The only current possible values are `lb_cookie`, `app_cookie` for ALBs, `source_ip` for NLBs, and `source_ip_dest_ip`, `source_ip_dest_ip_proto` for GWLBs.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lb/TargetGroupTargetFailover:TargetGroupTargetFailover": { "properties": { "onDeregistration": { "type": "string", "description": "Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance`.\n" }, "onUnhealthy": { "type": "string", "description": "Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance`.\n" } }, "type": "object", "required": [ "onDeregistration", "onUnhealthy" ] }, "aws:lb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth": { "properties": { "dnsFailover": { "$ref": "#/types/aws:lb/TargetGroupTargetGroupHealthDnsFailover:TargetGroupTargetGroupHealthDnsFailover", "description": "Block to configure DNS Failover requirements. See DNS Failover below for details on attributes.\n" }, "unhealthyStateRouting": { "$ref": "#/types/aws:lb/TargetGroupTargetGroupHealthUnhealthyStateRouting:TargetGroupTargetGroupHealthUnhealthyStateRouting", "description": "Block to configure Unhealthy State Routing requirements. See Unhealthy State Routing below for details on attributes.\n" } }, "type": "object" }, "aws:lb/TargetGroupTargetGroupHealthDnsFailover:TargetGroupTargetGroupHealthDnsFailover": { "properties": { "minimumHealthyTargetsCount": { "type": "string", "description": "The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to the maximum number of targets. The default is `off`.\n" }, "minimumHealthyTargetsPercentage": { "type": "string", "description": "The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to `100`. The default is `off`.\n" } }, "type": "object" }, "aws:lb/TargetGroupTargetGroupHealthUnhealthyStateRouting:TargetGroupTargetGroupHealthUnhealthyStateRouting": { "properties": { "minimumHealthyTargetsCount": { "type": "integer", "description": "The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `1` to the maximum number of targets. The default is `1`.\n" }, "minimumHealthyTargetsPercentage": { "type": "string", "description": "The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from `1` to `100`. The default is `off`.\n" } }, "type": "object" }, "aws:lb/TargetGroupTargetHealthState:TargetGroupTargetHealthState": { "properties": { "enableUnhealthyConnectionTermination": { "type": "boolean", "description": "Indicates whether the load balancer terminates connections to unhealthy targets. Possible values are `true` or `false`. Default: `true`.\n" } }, "type": "object", "required": [ "enableUnhealthyConnectionTermination" ] }, "aws:lb/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "authenticateCognitos": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito" } }, "authenticateOidcs": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc" } }, "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" } }, "forwards": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionForward:getListenerDefaultActionForward" } }, "order": { "type": "integer" }, "redirects": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect" } }, "targetGroupArn": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "authenticateCognitos", "authenticateOidcs", "fixedResponses", "forwards", "order", "redirects", "targetGroupArn", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionAuthenticateCognito:getListenerDefaultActionAuthenticateCognito": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" } }, "onUnauthenticatedRequest": { "type": "string" }, "scope": { "type": "string" }, "sessionCookieName": { "type": "string" }, "sessionTimeout": { "type": "integer" }, "userPoolArn": { "type": "string" }, "userPoolClientId": { "type": "string" }, "userPoolDomain": { "type": "string" } }, "type": "object", "required": [ "authenticationRequestExtraParams", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "userPoolArn", "userPoolClientId", "userPoolDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionAuthenticateOidc:getListenerDefaultActionAuthenticateOidc": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" } }, "authorizationEndpoint": { "type": "string" }, "clientId": { "type": "string" }, "clientSecret": { "type": "string", "secret": true }, "issuer": { "type": "string" }, "onUnauthenticatedRequest": { "type": "string" }, "scope": { "type": "string" }, "sessionCookieName": { "type": "string" }, "sessionTimeout": { "type": "integer" }, "tokenEndpoint": { "type": "string" }, "userInfoEndpoint": { "type": "string" } }, "type": "object", "required": [ "authenticationRequestExtraParams", "authorizationEndpoint", "clientId", "clientSecret", "issuer", "onUnauthenticatedRequest", "scope", "sessionCookieName", "sessionTimeout", "tokenEndpoint", "userInfoEndpoint" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "contentType": { "type": "string" }, "messageBody": { "type": "string" }, "statusCode": { "type": "string" } }, "type": "object", "required": [ "contentType", "messageBody", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionForward:getListenerDefaultActionForward": { "properties": { "stickinesses": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionForwardStickiness:getListenerDefaultActionForwardStickiness" } }, "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:lb/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup" } } }, "type": "object", "required": [ "stickinesses", "targetGroups" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionForwardStickiness:getListenerDefaultActionForwardStickiness": { "properties": { "duration": { "type": "integer" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "duration", "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup": { "properties": { "arn": { "type": "string", "description": "ARN of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "arn", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { "type": "string" }, "path": { "type": "string" }, "port": { "type": "string", "description": "Port of the listener. Required if `arn` is not set.\n" }, "protocol": { "type": "string" }, "query": { "type": "string" }, "statusCode": { "type": "string" } }, "type": "object", "required": [ "host", "path", "port", "protocol", "query", "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getListenerMutualAuthentication:getListenerMutualAuthentication": { "properties": { "ignoreClientCertificateExpiry": { "type": "boolean" }, "mode": { "type": "string" }, "trustStoreArn": { "type": "string" } }, "type": "object", "required": [ "ignoreClientCertificateExpiry", "mode", "trustStoreArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs": { "properties": { "bucket": { "type": "string" }, "enabled": { "type": "boolean" }, "prefix": { "type": "string" } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getLoadBalancerConnectionLog:getLoadBalancerConnectionLog": { "properties": { "bucket": { "type": "string" }, "enabled": { "type": "boolean" }, "prefix": { "type": "string" } }, "type": "object", "required": [ "bucket", "enabled", "prefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping": { "properties": { "allocationId": { "type": "string" }, "ipv6Address": { "type": "string" }, "outpostId": { "type": "string" }, "privateIpv4Address": { "type": "string" }, "subnetId": { "type": "string" } }, "type": "object", "required": [ "allocationId", "ipv6Address", "outpostId", "privateIpv4Address", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getTargetGroupHealthCheck:getTargetGroupHealthCheck": { "properties": { "enabled": { "type": "boolean" }, "healthyThreshold": { "type": "integer" }, "interval": { "type": "integer" }, "matcher": { "type": "string" }, "path": { "type": "string" }, "port": { "type": "string" }, "protocol": { "type": "string" }, "timeout": { "type": "integer" }, "unhealthyThreshold": { "type": "integer" } }, "type": "object", "required": [ "enabled", "healthyThreshold", "interval", "matcher", "path", "port", "protocol", "timeout", "unhealthyThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lb/getTargetGroupStickiness:getTargetGroupStickiness": { "properties": { "cookieDuration": { "type": "integer" }, "cookieName": { "type": "string" }, "enabled": { "type": "boolean" }, "type": { "type": "string" } }, "type": "object", "required": [ "cookieDuration", "cookieName", "enabled", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:lex/BotAbortStatement:BotAbortStatement": { "properties": { "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotAbortStatementMessage:BotAbortStatementMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "messages" ] }, "aws:lex/BotAbortStatementMessage:BotAbortStatementMessage": { "properties": { "content": { "type": "string", "description": "The text of the message.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response.\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/BotAliasConversationLogs:BotAliasConversationLogs": { "properties": { "iamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role used to write your logs to CloudWatch Logs or an S3 bucket. Must be between 20 and 2048 characters in length.\n" }, "logSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotAliasConversationLogsLogSetting:BotAliasConversationLogsLogSetting" }, "description": "The settings for your conversation logs. You can log text, audio, or both. Attributes are documented under log_settings.\n" } }, "type": "object", "required": [ "iamRoleArn" ] }, "aws:lex/BotAliasConversationLogsLogSetting:BotAliasConversationLogsLogSetting": { "properties": { "destination": { "type": "string", "description": "The destination where logs are delivered. Options are `CLOUDWATCH_LOGS` or `S3`.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key used to encrypt audio logs in an S3 bucket. This can only be specified when `destination` is set to `S3`. Must be between 20 and 2048 characters in length.\n" }, "logType": { "type": "string", "description": "The type of logging that is enabled. Options are `AUDIO` or `TEXT`.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or S3 bucket where the logs are delivered. Must be less than or equal to 2048 characters in length.\n" }, "resourcePrefix": { "type": "string", "description": "The prefix of the S3 object key for `AUDIO` logs or the log stream name for `TEXT` logs.\n" } }, "type": "object", "required": [ "destination", "logType", "resourceArn" ], "language": { "nodejs": { "requiredOutputs": [ "destination", "logType", "resourceArn", "resourcePrefix" ] } } }, "aws:lex/BotClarificationPrompt:BotClarificationPrompt": { "properties": { "maxAttempts": { "type": "integer", "description": "The number of times to prompt the user for information.\n" }, "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotClarificationPromptMessage:BotClarificationPromptMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "maxAttempts", "messages" ] }, "aws:lex/BotClarificationPromptMessage:BotClarificationPromptMessage": { "properties": { "content": { "type": "string", "description": "The text of the message.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response.\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/BotIntent:BotIntent": { "properties": { "intentName": { "type": "string", "description": "The name of the intent. Must be less than or equal to 100 characters in length.\n" }, "intentVersion": { "type": "string", "description": "The version of the intent. Must be less than or equal to 64 characters in length.\n" } }, "type": "object", "required": [ "intentName", "intentVersion" ] }, "aws:lex/IntentConclusionStatement:IntentConclusionStatement": { "properties": { "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentConclusionStatementMessage:IntentConclusionStatementMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "messages" ] }, "aws:lex/IntentConclusionStatementMessage:IntentConclusionStatementMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/IntentConfirmationPrompt:IntentConfirmationPrompt": { "properties": { "maxAttempts": { "type": "integer", "description": "The number of times to prompt the user for information. Must be a number between 1 and 5 (inclusive).\n" }, "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentConfirmationPromptMessage:IntentConfirmationPromptMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "maxAttempts", "messages" ] }, "aws:lex/IntentConfirmationPromptMessage:IntentConfirmationPromptMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/IntentDialogCodeHook:IntentDialogCodeHook": { "properties": { "messageVersion": { "type": "string", "description": "The version of the request-response that you want Amazon Lex to use\nto invoke your Lambda function. For more information, see\n[Using Lambda Functions](https://docs.aws.amazon.com/lex/latest/dg/using-lambda.html). Must be less than or equal to 5 characters in length.\n" }, "uri": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda function.\n" } }, "type": "object", "required": [ "messageVersion", "uri" ] }, "aws:lex/IntentFollowUpPrompt:IntentFollowUpPrompt": { "properties": { "prompt": { "$ref": "#/types/aws:lex/IntentFollowUpPromptPrompt:IntentFollowUpPromptPrompt", "description": "Prompts for information from the user. Attributes are documented under prompt.\n" }, "rejectionStatement": { "$ref": "#/types/aws:lex/IntentFollowUpPromptRejectionStatement:IntentFollowUpPromptRejectionStatement", "description": "If the user answers \"no\" to the question defined in the prompt field,\nAmazon Lex responds with this statement to acknowledge that the intent was canceled. Attributes are\ndocumented below under statement.\n" } }, "type": "object", "required": [ "prompt", "rejectionStatement" ] }, "aws:lex/IntentFollowUpPromptPrompt:IntentFollowUpPromptPrompt": { "properties": { "maxAttempts": { "type": "integer", "description": "The number of times to prompt the user for information. Must be a number between 1 and 5 (inclusive).\n" }, "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentFollowUpPromptPromptMessage:IntentFollowUpPromptPromptMessage" }, "description": "A set of messages, each of which provides a message string and its type.\nYou can specify the message string in plain text or in Speech Synthesis Markup Language (SSML).\nAttributes are documented under message. Must contain between 1 and 15 messages.\n" }, "responseCard": { "type": "string", "description": "The response card. Amazon Lex will substitute session attributes and\nslot values into the response card. For more information, see\n[Example: Using a Response Card](https://docs.aws.amazon.com/lex/latest/dg/ex-resp-card.html). Must be less than or equal to 50000 characters in length.\n" } }, "type": "object", "required": [ "maxAttempts", "messages" ] }, "aws:lex/IntentFollowUpPromptPromptMessage:IntentFollowUpPromptPromptMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/IntentFollowUpPromptRejectionStatement:IntentFollowUpPromptRejectionStatement": { "properties": { "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentFollowUpPromptRejectionStatementMessage:IntentFollowUpPromptRejectionStatementMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "messages" ] }, "aws:lex/IntentFollowUpPromptRejectionStatementMessage:IntentFollowUpPromptRejectionStatementMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/IntentFulfillmentActivity:IntentFulfillmentActivity": { "properties": { "codeHook": { "$ref": "#/types/aws:lex/IntentFulfillmentActivityCodeHook:IntentFulfillmentActivityCodeHook", "description": "A description of the Lambda function that is run to fulfill the intent.\nRequired if type is CodeHook. Attributes are documented under code_hook.\n" }, "type": { "type": "string", "description": "How the intent should be fulfilled, either by running a Lambda function or by\nreturning the slot data to the client application. Type can be either `ReturnIntent` or `CodeHook`, as documented [here](https://docs.aws.amazon.com/lex/latest/dg/API_FulfillmentActivity.html).\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/IntentFulfillmentActivityCodeHook:IntentFulfillmentActivityCodeHook": { "properties": { "messageVersion": { "type": "string", "description": "The version of the request-response that you want Amazon Lex to use\nto invoke your Lambda function. For more information, see\n[Using Lambda Functions](https://docs.aws.amazon.com/lex/latest/dg/using-lambda.html). Must be less than or equal to 5 characters in length.\n" }, "uri": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lambda function.\n" } }, "type": "object", "required": [ "messageVersion", "uri" ] }, "aws:lex/IntentRejectionStatement:IntentRejectionStatement": { "properties": { "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentRejectionStatementMessage:IntentRejectionStatementMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "messages" ] }, "aws:lex/IntentRejectionStatementMessage:IntentRejectionStatementMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/IntentSlot:IntentSlot": { "properties": { "description": { "type": "string", "description": "A description of the bot. Must be less than or equal to 200 characters in length.\n" }, "name": { "type": "string", "description": "The name of the intent slot that you want to create. The name is case sensitive. Must be less than or equal to 100 characters in length.\n" }, "priority": { "type": "integer", "description": "Directs Lex the order in which to elicit this slot value from the user.\nFor example, if the intent has two slots with priorities 1 and 2, AWS Lex first elicits a value for\nthe slot with priority 1. If multiple slots share the same priority, the order in which Lex elicits\nvalues is arbitrary. Must be between 1 and 100.\n" }, "responseCard": { "type": "string", "description": "The response card. Amazon Lex will substitute session attributes and\nslot values into the response card. For more information, see\n[Example: Using a Response Card](https://docs.aws.amazon.com/lex/latest/dg/ex-resp-card.html). Must be less than or equal to 50000 characters in length.\n" }, "sampleUtterances": { "type": "array", "items": { "type": "string" }, "description": "If you know a specific pattern with which users might respond to\nan Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This\nis optional. In most cases, Amazon Lex is capable of understanding user utterances. Must have between 1 and 10 items in the list, and each item must be less than or equal to 200 characters in length.\n" }, "slotConstraint": { "type": "string", "description": "Specifies whether the slot is required or optional.\n" }, "slotType": { "type": "string", "description": "The type of the slot, either a custom slot type that you defined or one of\nthe built-in slot types. Must be less than or equal to 100 characters in length.\n" }, "slotTypeVersion": { "type": "string", "description": "The version of the slot type. Must be less than or equal to 64 characters in length.\n" }, "valueElicitationPrompt": { "$ref": "#/types/aws:lex/IntentSlotValueElicitationPrompt:IntentSlotValueElicitationPrompt", "description": "The prompt that Amazon Lex uses to elicit the slot value\nfrom the user. Attributes are documented under prompt.\n" } }, "type": "object", "required": [ "name", "slotConstraint", "slotType" ] }, "aws:lex/IntentSlotValueElicitationPrompt:IntentSlotValueElicitationPrompt": { "properties": { "maxAttempts": { "type": "integer", "description": "The number of times to prompt the user for information. Must be a number between 1 and 5 (inclusive).\n" }, "messages": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentSlotValueElicitationPromptMessage:IntentSlotValueElicitationPromptMessage" } }, "responseCard": { "type": "string" } }, "type": "object", "required": [ "maxAttempts", "messages" ] }, "aws:lex/IntentSlotValueElicitationPromptMessage:IntentSlotValueElicitationPromptMessage": { "properties": { "content": { "type": "string", "description": "The text of the message. Must be less than or equal to 1000 characters in length.\n" }, "contentType": { "type": "string", "description": "The content type of the message string.\n" }, "groupNumber": { "type": "integer", "description": "Identifies the message group that the message belongs to. When a group\nis assigned to a message, Amazon Lex returns one message from each group in the response. Must be a number between 1 and 5 (inclusive).\n" } }, "type": "object", "required": [ "content", "contentType" ] }, "aws:lex/SlotTypeEnumerationValue:SlotTypeEnumerationValue": { "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "Additional values related to the slot type value. Each item must be less than or equal to 140 characters in length.\n" }, "value": { "type": "string", "description": "The value of the slot type. Must be less than or equal to 140 characters in length.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsBotDataPrivacy:V2modelsBotDataPrivacy": { "properties": { "childDirected": { "type": "boolean", "description": "(Required) - For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying true or false in the childDirected field.\n" } }, "type": "object", "required": [ "childDirected" ] }, "aws:lex/V2modelsBotLocaleTimeouts:V2modelsBotLocaleTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lex/V2modelsBotLocaleVoiceSettings:V2modelsBotLocaleVoiceSettings": { "properties": { "engine": { "type": "string", "description": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. Valid values are `standard` and `neural`. If not specified, the default is `standard`.\n" }, "voiceId": { "type": "string", "description": "Identifier of the Amazon Polly voice to use.\n" } }, "type": "object", "required": [ "voiceId" ], "language": { "nodejs": { "requiredOutputs": [ "engine", "voiceId" ] } } }, "aws:lex/V2modelsBotMember:V2modelsBotMember": { "properties": { "aliasId": { "type": "string", "description": "(Required) - Alias ID of a bot that is a member of this network of bots.\n" }, "aliasName": { "type": "string", "description": "(Required) - Alias name of a bot that is a member of this network of bots.\n" }, "id": { "type": "string", "description": "(Required) - Unique ID of a bot that is a member of this network of bots.\n" }, "name": { "type": "string", "description": "Name of the bot. The bot name must be unique in the account that creates the bot. Type String. Length Constraints: Minimum length of 1. Maximum length of 100.\n" }, "version": { "type": "string", "description": "(Required) - Version of a bot that is a member of this network of bots.\n" } }, "type": "object", "required": [ "aliasId", "aliasName", "id", "name", "version" ] }, "aws:lex/V2modelsBotTimeouts:V2modelsBotTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lex/V2modelsBotVersionLocaleSpecification:V2modelsBotVersionLocaleSpecification": { "properties": { "sourceBotVersion": { "type": "string" } }, "type": "object", "required": [ "sourceBotVersion" ] }, "aws:lex/V2modelsBotVersionTimeouts:V2modelsBotVersionTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSetting:V2modelsIntentClosingSetting": { "properties": { "active": { "type": "boolean", "description": "Whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the active field isn't specified, the default is true.\n" }, "closingResponse": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponse:V2modelsIntentClosingSettingClosingResponse", "description": "Configuration block for response that Amazon Lex sends to the user when the intent is complete. See `closing_response`.\n" }, "conditional": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditional:V2modelsIntentClosingSettingConditional", "description": "Configuration block for list of conditional branches associated with the intent's closing response. These branches are executed when the `next_step` attribute is set to `EvalutateConditional`. See `conditional`.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingNextStep:V2modelsIntentClosingSettingNextStep", "description": "Next step that the bot executes after playing the intent's closing response. See `next_step`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingClosingResponse:V2modelsIntentClosingSettingClosingResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroup:V2modelsIntentClosingSettingClosingResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroup:V2modelsIntentClosingSettingClosingResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariation:V2modelsIntentClosingSettingClosingResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariation:V2modelsIntentClosingSettingClosingResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingClosingResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingClosingResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditional:V2modelsIntentClosingSettingConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranch:V2modelsIntentClosingSettingConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranch:V2modelsIntentClosingSettingConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranch:V2modelsIntentClosingSettingConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchCondition:V2modelsIntentClosingSettingConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStep:V2modelsIntentClosingSettingConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponse:V2modelsIntentClosingSettingConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchCondition:V2modelsIntentClosingSettingConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStep:V2modelsIntentClosingSettingConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepDialogAction:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntent:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepDialogAction:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntent:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentClosingSettingConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponse:V2modelsIntentClosingSettingConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroup:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroup:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranch:V2modelsIntentClosingSettingConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStep:V2modelsIntentClosingSettingConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponse:V2modelsIntentClosingSettingConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStep:V2modelsIntentClosingSettingConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepDialogAction:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntent:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepDialogAction:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntent:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentClosingSettingConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponse:V2modelsIntentClosingSettingConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroup:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroup:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentClosingSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentClosingSettingNextStep:V2modelsIntentClosingSettingNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingNextStepDialogAction:V2modelsIntentClosingSettingNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingNextStepIntent:V2modelsIntentClosingSettingNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingNextStepDialogAction:V2modelsIntentClosingSettingNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentClosingSettingNextStepIntent:V2modelsIntentClosingSettingNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingNextStepIntentSlot:V2modelsIntentClosingSettingNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentClosingSettingNextStepIntentSlot:V2modelsIntentClosingSettingNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSettingNextStepIntentSlotValue:V2modelsIntentClosingSettingNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentClosingSettingNextStepIntentSlotValue:V2modelsIntentClosingSettingNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSetting:V2modelsIntentConfirmationSetting": { "properties": { "active": { "type": "boolean", "description": "Whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the active field isn't specified, the default is true.\n" }, "codeHook": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHook:V2modelsIntentConfirmationSettingCodeHook", "description": "Configuration block for the intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `invoke_dialog_code_hook`. See `code_hook`.\n" }, "confirmationConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditional:V2modelsIntentConfirmationSettingConfirmationConditional", "description": "Configuration block for conditional branches to evaluate after the intent is closed. See `confirmation_conditional`.\n" }, "confirmationNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStep:V2modelsIntentConfirmationSettingConfirmationNextStep", "description": "Configuration block for the next step that the bot executes when the customer confirms the intent. See `confirmation_next_step`.\n" }, "confirmationResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponse:V2modelsIntentConfirmationSettingConfirmationResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `confirmation_response`.\n" }, "declinationConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditional:V2modelsIntentConfirmationSettingDeclinationConditional", "description": "Configuration block for conditional branches to evaluate after the intent is declined. See `declination_conditional`.\n" }, "declinationNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStep:V2modelsIntentConfirmationSettingDeclinationNextStep", "description": "Configuration block for the next step that the bot executes when the customer declines the intent. See `declination_next_step`.\n" }, "declinationResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponse:V2modelsIntentConfirmationSettingDeclinationResponse", "description": "Configuration block for when the user answers \"no\" to the question defined in `prompt_specification`, Amazon Lex responds with this response to acknowledge that the intent was canceled. See `declination_response`.\n" }, "elicitationCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingElicitationCodeHook:V2modelsIntentConfirmationSettingElicitationCodeHook", "description": "Configuration block for when the code hook is invoked during confirmation prompt retries. See `elicitation_code_hook`.\n" }, "failureConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditional:V2modelsIntentConfirmationSettingFailureConditional", "description": "Configuration block for conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. See `failure_conditional`.\n" }, "failureNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureNextStep:V2modelsIntentConfirmationSettingFailureNextStep", "description": "Configuration block for the next step to take in the conversation if the confirmation step fails. See `failure_next_step`.\n" }, "failureResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponse:V2modelsIntentConfirmationSettingFailureResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `failure_response`.\n" }, "promptSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecification:V2modelsIntentConfirmationSettingPromptSpecification", "description": "Configuration block for prompting the user to confirm the intent. This question should have a yes or no answer. Amazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. See `prompt_specification`.\n" } }, "type": "object", "required": [ "promptSpecification" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHook:V2modelsIntentConfirmationSettingCodeHook": { "properties": { "active": { "type": "boolean", "description": "Whether a dialog code hook is used when the intent is activated.\n" }, "enableCodeHookInvocation": { "type": "boolean", "description": "Whether a Lambda function should be invoked for the dialog.\n" }, "invocationLabel": { "type": "string", "description": "Label that indicates the dialog step from which the dialog code hook is happening.\n" }, "postCodeHookSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecification:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecification", "description": "Configuration block that contains the responses and actions that Amazon Lex takes after the Lambda function is complete. See `post_code_hook_specification`.\n" } }, "type": "object", "required": [ "active", "enableCodeHookInvocation", "postCodeHookSpecification" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecification:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecification": { "properties": { "failureConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed.\n" }, "failureNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed . See `failure_next_step`.\n" }, "failureResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `failure_response`.\n" }, "successConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook finishes successfully. See `success_conditional`.\n" }, "successNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook finishes successfully. See `success_next_step`.\n" }, "successResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `success_response`.\n" }, "timeoutConditional": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditional", "description": "Configuration block for conditional branches to evaluate if the code hook times out. See `timeout_conditional`.\n" }, "timeoutNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStep", "description": "Configuration block for the next step that the bot runs when the code hook times out. See `timeout_next_step`.\n" }, "timeoutResponse": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond the user input. See `timeout_response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditional:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStep:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponse:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditional:V2modelsIntentConfirmationSettingConfirmationConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranch:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranch:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranch:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranch:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStep:V2modelsIntentConfirmationSettingConfirmationNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntent:V2modelsIntentConfirmationSettingConfirmationNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepDialogAction:V2modelsIntentConfirmationSettingConfirmationNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntent:V2modelsIntentConfirmationSettingConfirmationNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlot:V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlotValue:V2modelsIntentConfirmationSettingConfirmationNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponse:V2modelsIntentConfirmationSettingConfirmationResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroup:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariation:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingConfirmationResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditional:V2modelsIntentConfirmationSettingDeclinationConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranch:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranch:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranch:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranch:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStep:V2modelsIntentConfirmationSettingDeclinationNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntent:V2modelsIntentConfirmationSettingDeclinationNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepDialogAction:V2modelsIntentConfirmationSettingDeclinationNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntent:V2modelsIntentConfirmationSettingDeclinationNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlot:V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlotValue:V2modelsIntentConfirmationSettingDeclinationNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponse:V2modelsIntentConfirmationSettingDeclinationResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroup:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariation:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingDeclinationResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingElicitationCodeHook:V2modelsIntentConfirmationSettingElicitationCodeHook": { "properties": { "enableCodeHookInvocation": { "type": "boolean", "description": "Whether a Lambda function should be invoked for the dialog.\n" }, "invocationLabel": { "type": "string", "description": "Label that indicates the dialog step from which the dialog code hook is happening.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditional:V2modelsIntentConfirmationSettingFailureConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranch:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranch:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranch:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchCondition:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStep:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponse:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranch:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStep:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponse:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureNextStep:V2modelsIntentConfirmationSettingFailureNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureNextStepDialogAction:V2modelsIntentConfirmationSettingFailureNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntent:V2modelsIntentConfirmationSettingFailureNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureNextStepDialogAction:V2modelsIntentConfirmationSettingFailureNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntent:V2modelsIntentConfirmationSettingFailureNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntentSlot:V2modelsIntentConfirmationSettingFailureNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureNextStepIntentSlotValue:V2modelsIntentConfirmationSettingFailureNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponse:V2modelsIntentConfirmationSettingFailureResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroup:V2modelsIntentConfirmationSettingFailureResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroup:V2modelsIntentConfirmationSettingFailureResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariation:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingFailureResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecification:V2modelsIntentConfirmationSettingPromptSpecification": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech prompt from the bot.\n" }, "maxRetries": { "type": "integer", "description": "Maximum number of times the bot tries to elicit a response from the user using this prompt.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroup:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroup" }, "description": "Configuration block for messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime. See `message_group`.\n" }, "messageSelectionStrategy": { "type": "string", "description": "How a message is selected from a message group among retries. Valid values are `Random` and `Ordered`.\n" }, "promptAttemptsSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecification" }, "description": "Configuration block for advanced settings on each attempt of the prompt. See `prompt_attempts_specification`.\n" } }, "type": "object", "required": [ "maxRetries" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroup:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariation:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageCustomPayload:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCard:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessagePlainTextMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageSsmlMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariation:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationCustomPayload:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCard:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationPlainTextMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationSsmlMessage:V2modelsIntentConfirmationSettingPromptSpecificationMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecification": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech prompt attempt from the bot.\n" }, "allowedInputTypes": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes", "description": "Configuration block for the allowed input types of the prompt attempt. See `allowed_input_types`.\n" }, "audioAndDtmfInputSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification", "description": "Configuration block for settings on audio and DTMF input. See `audio_and_dtmf_input_specification`.\n" }, "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "textInputSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification", "description": "Configuration block for the settings on text input. See `text_input_specification`.\n" } }, "type": "object", "required": [ "allowedInputTypes", "mapBlockKey" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes": { "properties": { "allowAudioInput": { "type": "boolean", "description": "Whether audio input is allowed.\n" }, "allowDtmfInput": { "type": "boolean", "description": "Whether DTMF input is allowed.\n" } }, "type": "object", "required": [ "allowAudioInput", "allowDtmfInput" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification": { "properties": { "audioSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification", "description": "Configuration block for the settings on audio input. See `audio_specification`.\n" }, "dtmfSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification", "description": "Configuration block for the settings on DTMF input. See `dtmf_specification`.\n" }, "startTimeoutMs": { "type": "integer", "description": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.\n" } }, "type": "object", "required": [ "startTimeoutMs" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification": { "properties": { "endTimeoutMs": { "type": "integer", "description": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.\n" }, "maxLengthMs": { "type": "integer", "description": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.\n" } }, "type": "object", "required": [ "endTimeoutMs", "maxLengthMs" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification": { "properties": { "deletionCharacter": { "type": "string", "description": "DTMF character that clears the accumulated DTMF digits and immediately ends the input.\n" }, "endCharacter": { "type": "string", "description": "DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.\n" }, "endTimeoutMs": { "type": "integer", "description": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.\n" }, "maxLength": { "type": "integer", "description": "Maximum number of DTMF digits allowed in an utterance.\n" } }, "type": "object", "required": [ "deletionCharacter", "endCharacter", "endTimeoutMs", "maxLength" ] }, "aws:lex/V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification:V2modelsIntentConfirmationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification": { "properties": { "startTimeoutMs": { "type": "integer", "description": "Time for which a bot waits before re-prompting a customer for text input.\n" } }, "type": "object", "required": [ "startTimeoutMs" ] }, "aws:lex/V2modelsIntentDialogCodeHook:V2modelsIntentDialogCodeHook": { "properties": { "enabled": { "type": "boolean", "description": "Enables the dialog code hook so that it processes user requests.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHook:V2modelsIntentFulfillmentCodeHook": { "properties": { "active": { "type": "boolean", "description": "Whether the fulfillment code hook is used. When active is false, the code hook doesn't run.\n" }, "enabled": { "type": "boolean", "description": "Whether a Lambda function should be invoked to fulfill a specific intent.\n" }, "fulfillmentUpdatesSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecification:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecification", "description": "Configuration block for settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations. See `fulfillment_updates_specification`.\n" }, "postFulfillmentStatusSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecification:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecification", "description": "Configuration block for settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations. See `post_fulfillment_status_specification`.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecification:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecification": { "properties": { "active": { "type": "boolean", "description": "Whether fulfillment updates are sent to the user. When this field is true, updates are sent. If the active field is set to true, the `start_response`, `update_response`, and `timeout_in_seconds` fields are required.\n" }, "startResponse": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponse:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponse", "description": "Configuration block for the message sent to users when the fulfillment Lambda functions starts running.\n" }, "timeoutInSeconds": { "type": "integer", "description": "Length of time that the fulfillment Lambda function should run before it times out.\n" }, "updateResponse": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponse:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponse", "description": "Configuration block for messages sent periodically to the user while the fulfillment Lambda function is running.\n" } }, "type": "object", "required": [ "active" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponse:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt the start message while it is playing.\n" }, "delayInSeconds": { "type": "integer", "description": "Delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroup:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroup" }, "description": "Between 1-5 configuration block message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroup:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationStartResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponse:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt the start message while it is playing.\n" }, "frequencyInSeconds": { "type": "integer", "description": "Frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroup:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroup" }, "description": "Between 1-5 configuration block message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user. See `message_group`.\n" } }, "type": "object", "required": [ "frequencyInSeconds" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroup:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookFulfillmentUpdatesSpecificationUpdateResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecification:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecification": { "properties": { "failureConditional": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed. See `failure_conditional`.\n" }, "failureNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed. See `failure_next_step`.\n" }, "failureResponse": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `failure_response`.\n" }, "successConditional": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook finishes successfully. See `success_conditional`.\n" }, "successNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook finishes successfully. See `success_next_step`.\n" }, "successResponse": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `success_response`.\n" }, "timeoutConditional": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditional", "description": "Configuration block for conditional branches to evaluate if the code hook times out. See `timeout_conditional`.\n" }, "timeoutNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStep", "description": "Configuration block for the next step that the bot runs when the code hook times out. See `timeout_next_step`.\n" }, "timeoutResponse": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond the user input. See `timeout_response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationFailureResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationSuccessResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditional:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStep:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepDialogAction:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntent:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlot:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponse:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroup:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentFulfillmentCodeHookPostFulfillmentStatusSpecificationTimeoutResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSetting:V2modelsIntentInitialResponseSetting": { "properties": { "codeHook": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHook:V2modelsIntentInitialResponseSettingCodeHook", "description": "Configuration block for the dialog code hook that is called by Amazon Lex at a step of the conversation. See `code_hook`.\n" }, "conditional": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditional:V2modelsIntentInitialResponseSettingConditional", "description": "Configuration block for conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. See `conditional`.\n" }, "initialResponse": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponse:V2modelsIntentInitialResponseSettingInitialResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `initial_response`.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingNextStep:V2modelsIntentInitialResponseSettingNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHook:V2modelsIntentInitialResponseSettingCodeHook": { "properties": { "active": { "type": "boolean", "description": "Whether a dialog code hook is used when the intent is activated.\n" }, "enableCodeHookInvocation": { "type": "boolean", "description": "Whether a Lambda function should be invoked for the dialog.\n" }, "invocationLabel": { "type": "string", "description": "Label that indicates the dialog step from which the dialog code hook is happening.\n" }, "postCodeHookSpecification": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecification:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecification", "description": "Configuration block that contains the responses and actions that Amazon Lex takes after the Lambda function is complete. See `post_code_hook_specification`.\n" } }, "type": "object", "required": [ "active", "enableCodeHookInvocation", "postCodeHookSpecification" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecification:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecification": { "properties": { "failureConditional": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed.\n" }, "failureNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed . See `failure_next_step`.\n" }, "failureResponse": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `failure_response`.\n" }, "successConditional": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditional", "description": "Configuration block for conditional branches to evaluate after the dialog code hook finishes successfully. See `success_conditional`.\n" }, "successNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStep", "description": "Configuration block for the next step the bot runs after the dialog code hook finishes successfully. See `success_next_step`.\n" }, "successResponse": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponse", "description": "Configuration block for message groups that Amazon Lex uses to respond the user input. See `success_response`.\n" }, "timeoutConditional": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditional", "description": "Configuration block for conditional branches to evaluate if the code hook times out. See `timeout_conditional`.\n" }, "timeoutNextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStep", "description": "Configuration block for the next step that the bot runs when the code hook times out. See `timeout_next_step`.\n" }, "timeoutResponse": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond the user input. See `timeout_response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationFailureResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationSuccessResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditional:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStep:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponse:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingCodeHookPostCodeHookSpecificationTimeoutResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditional:V2modelsIntentInitialResponseSettingConditional": { "properties": { "active": { "type": "boolean", "description": "Whether a conditional branch is active. When active is false, the conditions are not evaluated.\n" }, "conditionalBranches": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranch:V2modelsIntentInitialResponseSettingConditionalConditionalBranch" }, "description": "Configuration blocks for conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. See `conditional_branch`.\n" }, "defaultBranch": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranch:V2modelsIntentInitialResponseSettingConditionalDefaultBranch", "description": "Configuration block for the conditional branch that should be followed when the conditions for other branches are not satisfied. A branch is made up of a condition, a response and a next step. See `default_branch`.\n" } }, "type": "object", "required": [ "active", "defaultBranch" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranch:V2modelsIntentInitialResponseSettingConditionalConditionalBranch": { "properties": { "condition": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingConditionalConditionalBranchCondition", "description": "Configuration block for the expression to evaluate. If the condition is true, the branch's actions are taken. See `condition`.\n" }, "name": { "type": "string", "description": "Name of the branch.\n" }, "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object", "required": [ "condition", "name", "nextStep" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchCondition:V2modelsIntentInitialResponseSettingConditionalConditionalBranchCondition": { "properties": { "expressionString": { "type": "string", "description": "Expression string that is evaluated.\n" } }, "type": "object", "required": [ "expressionString" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStep:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntent:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingConditionalConditionalBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponse:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingConditionalConditionalBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranch:V2modelsIntentInitialResponseSettingConditionalDefaultBranch": { "properties": { "nextStep": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStep", "description": "Configuration block for the next step in the conversation. See `next_step`.\n" }, "response": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponse", "description": "Configuration block for a list of message groups that Amazon Lex uses to respond to the user input. See `response`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStep:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepDialogAction:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntent:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlot:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingConditionalDefaultBranchNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponse:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroup:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingConditionalDefaultBranchResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponse:V2modelsIntentInitialResponseSettingInitialResponse": { "properties": { "allowInterrupt": { "type": "boolean", "description": "Whether the user can interrupt a speech response from Amazon Lex.\n" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroup:V2modelsIntentInitialResponseSettingInitialResponseMessageGroup" }, "description": "Configuration blocks for responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. See `message_group`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroup:V2modelsIntentInitialResponseSettingInitialResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessage", "description": "Configuration block for the primary message that Amazon Lex should send to the user. See `message`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariation" }, "description": "Configuration blocks for message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user. See `variation`.\n" } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessage": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessagePlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageCustomPayload:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCard:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCardButton:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessagePlainTextMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageSsmlMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariation:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariation": { "properties": { "customPayload": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationCustomPayload", "description": "Configuration block for a message in a custom format defined by the client application. See `custom_payload`.\n" }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCard", "description": "Configuration block for a message that defines a response card that the client application can show to the user. See `image_response_card`.\n" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationPlainTextMessage", "description": "Configuration block for a message in plain text format. See `plain_text_message`.\n" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationSsmlMessage", "description": "Configuration block for a message in Speech Synthesis Markup Language (SSML). See `ssml_message`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationCustomPayload:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string", "description": "String that is sent to your application.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCard:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCardButton" }, "description": "Configuration blocks for buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button. See `button`.\n" }, "imageUrl": { "type": "string", "description": "URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.\n" }, "subtitle": { "type": "string", "description": "Subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.\n" }, "title": { "type": "string", "description": "Title to display on the response card. The format of the title is determined by the platform displaying the response card.\n" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCardButton:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string", "description": "Text that appears on the button. Use this to tell the user what value is returned when they choose this button.\n" }, "value": { "type": "string", "description": "Value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.\n" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationPlainTextMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string", "description": "Message to send to the user.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationSsmlMessage:V2modelsIntentInitialResponseSettingInitialResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string", "description": "SSML text that defines the prompt.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsIntentInitialResponseSettingNextStep:V2modelsIntentInitialResponseSettingNextStep": { "properties": { "dialogAction": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingNextStepDialogAction:V2modelsIntentInitialResponseSettingNextStepDialogAction", "description": "Configuration block for action that the bot executes at runtime when the conversation reaches this step. See `dialog_action`.\n" }, "intent": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingNextStepIntent:V2modelsIntentInitialResponseSettingNextStepIntent", "description": "Configuration block for override settings to configure the intent state. See `intent`.\n" }, "sessionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingNextStepDialogAction:V2modelsIntentInitialResponseSettingNextStepDialogAction": { "properties": { "slotToElicit": { "type": "string", "description": "If the dialog action is `ElicitSlot`, defines the slot to elicit from the user.\n" }, "suppressNextMessage": { "type": "boolean", "description": "Whether the next message for the intent is _not_ used.\n" }, "type": { "type": "string", "description": "Action that the bot should execute. Valid values are `ElicitIntent`, `StartIntent`, `ElicitSlot`, `EvaluateConditional`, `InvokeDialogCodeHook`, `ConfirmIntent`, `FulfillIntent`, `CloseIntent`, `EndConversation`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:lex/V2modelsIntentInitialResponseSettingNextStepIntent:V2modelsIntentInitialResponseSettingNextStepIntent": { "properties": { "name": { "type": "string", "description": "Name of the intent.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingNextStepIntentSlot:V2modelsIntentInitialResponseSettingNextStepIntentSlot" }, "description": "Configuration block for all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. See `slot`.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInitialResponseSettingNextStepIntentSlot:V2modelsIntentInitialResponseSettingNextStepIntentSlot": { "properties": { "mapBlockKey": { "type": "string", "description": "Which attempt to configure. Valid values are `Initial`, `Retry1`, `Retry2`, `Retry3`, `Retry4`, `Retry5`.\n" }, "shape": { "type": "string", "description": "When the shape value is `List`, `values` contains a list of slot values. When the value is `Scalar`, `value` contains a single value.\n" }, "value": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSettingNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingNextStepIntentSlotValue", "description": "Configuration block for the current value of the slot. See `value`.\n" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:lex/V2modelsIntentInitialResponseSettingNextStepIntentSlotValue:V2modelsIntentInitialResponseSettingNextStepIntentSlotValue": { "properties": { "interpretedValue": { "type": "string", "description": "Value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the resolvedValues list.\n" } }, "type": "object" }, "aws:lex/V2modelsIntentInputContext:V2modelsIntentInputContext": { "properties": { "name": { "type": "string", "description": "Name of the context.\n" } }, "type": "object", "required": [ "name" ] }, "aws:lex/V2modelsIntentKendraConfiguration:V2modelsIntentKendraConfiguration": { "properties": { "kendraIndex": { "type": "string", "description": "ARN of the Amazon Kendra index that you want the AMAZON.KendraSearchIntent intent to search. The index must be in the same account and Region as the Amazon Lex bot.\n" }, "queryFilterString": { "type": "string", "description": "Query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html).\n" }, "queryFilterStringEnabled": { "type": "boolean", "description": "Whether the AMAZON.KendraSearchIntent intent uses a custom query string to query the Amazon Kendra index.\n" } }, "type": "object", "required": [ "kendraIndex" ] }, "aws:lex/V2modelsIntentOutputContext:V2modelsIntentOutputContext": { "properties": { "name": { "type": "string", "description": "Name of the output context.\n" }, "timeToLiveInSeconds": { "type": "integer", "description": "Amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.\n" }, "turnsToLive": { "type": "integer", "description": "Number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.\n" } }, "type": "object", "required": [ "name", "timeToLiveInSeconds", "turnsToLive" ] }, "aws:lex/V2modelsIntentSampleUtterance:V2modelsIntentSampleUtterance": { "properties": { "utterance": { "type": "string", "description": "Sample utterance that Amazon Lex uses to build its machine-learning model to recognize intents.\n" } }, "type": "object", "required": [ "utterance" ] }, "aws:lex/V2modelsIntentSlotPriority:V2modelsIntentSlotPriority": { "properties": { "priority": { "type": "integer", "description": "Priority that Amazon Lex should apply to the slot.\n" }, "slotId": { "type": "string", "description": "Unique identifier of the slot.\n" } }, "type": "object", "required": [ "priority", "slotId" ] }, "aws:lex/V2modelsIntentTimeouts:V2modelsIntentTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lex/V2modelsSlotMultipleValuesSetting:V2modelsSlotMultipleValuesSetting": { "properties": { "allowMultipleValues": { "type": "boolean", "description": "Whether a slot can return multiple values. When `true`, the slot may return more than one value in a response. When `false`, the slot returns only a single value. Multi-value slots are only available in the `en-US` locale.\n" } }, "type": "object" }, "aws:lex/V2modelsSlotObfuscationSetting:V2modelsSlotObfuscationSetting": { "properties": { "obfuscationSettingType": { "type": "string", "description": "Whether Amazon Lex obscures slot values in conversation logs. Valid values are `DefaultObfuscation` and `None`.\n" } }, "type": "object", "required": [ "obfuscationSettingType" ] }, "aws:lex/V2modelsSlotTimeouts:V2modelsSlotTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lex/V2modelsSlotTypeCompositeSlotTypeSetting:V2modelsSlotTypeCompositeSlotTypeSetting": { "properties": { "subSlots": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotTypeCompositeSlotTypeSettingSubSlot:V2modelsSlotTypeCompositeSlotTypeSettingSubSlot" }, "description": "Subslots in the composite slot. Contains filtered or unexported fields. See [`sub_slot_type_composition` argument reference] below.\n" } }, "type": "object", "required": [ "subSlots" ] }, "aws:lex/V2modelsSlotTypeCompositeSlotTypeSettingSubSlot:V2modelsSlotTypeCompositeSlotTypeSettingSubSlot": { "properties": { "name": { "type": "string", "description": "Name of the slot type\n\nThe following arguments are optional:\n" }, "subSlotId": { "type": "string" } }, "type": "object", "required": [ "name", "subSlotId" ] }, "aws:lex/V2modelsSlotTypeExternalSourceSetting:V2modelsSlotTypeExternalSourceSetting": { "properties": { "grammarSlotTypeSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSetting:V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSetting", "description": "Settings required for a slot type based on a grammar that you provide. See `grammar_slot_type_setting` argument reference below.\n" } }, "type": "object" }, "aws:lex/V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSetting:V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSetting": { "properties": { "source": { "$ref": "#/types/aws:lex/V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSettingSource:V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSettingSource", "description": "Source of the grammar used to create the slot type. See `grammar_slot_type_source` argument reference below.\n" } }, "type": "object" }, "aws:lex/V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSettingSource:V2modelsSlotTypeExternalSourceSettingGrammarSlotTypeSettingSource": { "properties": { "kmsKeyArn": { "type": "string", "description": "KMS key required to decrypt the contents of the grammar, if any.\n" }, "s3BucketName": { "type": "string", "description": "Name of the Amazon S3 bucket that contains the grammar source.\n" }, "s3ObjectKey": { "type": "string", "description": "Path to the grammar in the Amazon S3 bucket.\n" } }, "type": "object", "required": [ "kmsKeyArn", "s3BucketName", "s3ObjectKey" ] }, "aws:lex/V2modelsSlotTypeSlotTypeValues:V2modelsSlotTypeSlotTypeValues": { "properties": { "slotTypeValues": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotTypeSlotTypeValuesSlotTypeValue:V2modelsSlotTypeSlotTypeValuesSlotTypeValue" }, "description": "List of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for a slot. See `slot_type_values` argument reference below.\n" }, "synonyms": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotTypeSlotTypeValuesSynonym:V2modelsSlotTypeSlotTypeValuesSynonym" }, "description": "Additional values related to the slot type entry. See `sample_value` argument reference below.\n" } }, "type": "object", "required": [ "slotTypeValues" ] }, "aws:lex/V2modelsSlotTypeSlotTypeValuesSlotTypeValue:V2modelsSlotTypeSlotTypeValuesSlotTypeValue": { "properties": { "value": { "type": "string", "description": "Value that can be used for a slot type.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotTypeSlotTypeValuesSynonym:V2modelsSlotTypeSlotTypeValuesSynonym": { "properties": { "value": { "type": "string", "description": "Value that can be used for a slot type.\n" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotTypeTimeouts:V2modelsSlotTypeTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:lex/V2modelsSlotTypeValueSelectionSetting:V2modelsSlotTypeValueSelectionSetting": { "properties": { "advancedRecognitionSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotTypeValueSelectionSettingAdvancedRecognitionSetting:V2modelsSlotTypeValueSelectionSettingAdvancedRecognitionSetting" }, "description": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances. See [`advanced_recognition_setting` argument reference] below.\n" }, "regexFilters": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotTypeValueSelectionSettingRegexFilter:V2modelsSlotTypeValueSelectionSettingRegexFilter" }, "description": "Used to validate the value of the slot. See [`regex_filter` argument reference] below.\n" }, "resolutionStrategy": { "type": "string", "description": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values: `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value. `TOP_RESOLUTION` If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned. If you don't specify the valueSelectionStrategy , the default is `ORIGINAL_VALUE`. Valid values are `OriginalValue`, `TopResolution`, and `Concatenation`.\n" } }, "type": "object", "required": [ "resolutionStrategy" ] }, "aws:lex/V2modelsSlotTypeValueSelectionSettingAdvancedRecognitionSetting:V2modelsSlotTypeValueSelectionSettingAdvancedRecognitionSetting": { "properties": { "audioRecognitionSetting": { "type": "string" } }, "type": "object" }, "aws:lex/V2modelsSlotTypeValueSelectionSettingRegexFilter:V2modelsSlotTypeValueSelectionSettingRegexFilter": { "properties": { "pattern": { "type": "string", "description": "Used to validate the value of a slot. Use a standard regular expression. Amazon Lex supports the following characters in the regular expression: A-Z, a-z, 0-9, Unicode characters (\"\\⁠u\").\nRepresent Unicode characters with four digits, for example \"\\⁠u0041\" or \"\\⁠u005A\". The following regular expression operators are not supported: Infinite repeaters: *, +, or {x,} with no upper bound, wild card (.)\n" } }, "type": "object", "required": [ "pattern" ] }, "aws:lex/V2modelsSlotValueElicitationSetting:V2modelsSlotValueElicitationSetting": { "properties": { "defaultValueSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingDefaultValueSpecification:V2modelsSlotValueElicitationSettingDefaultValueSpecification" } }, "promptSpecification": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecification:V2modelsSlotValueElicitationSettingPromptSpecification" }, "sampleUtterances": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingSampleUtterance:V2modelsSlotValueElicitationSettingSampleUtterance" } }, "slotConstraint": { "type": "string" }, "slotResolutionSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingSlotResolutionSetting:V2modelsSlotValueElicitationSettingSlotResolutionSetting" } }, "waitAndContinueSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecification:V2modelsSlotValueElicitationSettingWaitAndContinueSpecification" } } }, "type": "object", "required": [ "promptSpecification", "slotConstraint" ] }, "aws:lex/V2modelsSlotValueElicitationSettingDefaultValueSpecification:V2modelsSlotValueElicitationSettingDefaultValueSpecification": { "properties": { "defaultValueLists": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingDefaultValueSpecificationDefaultValueList:V2modelsSlotValueElicitationSettingDefaultValueSpecificationDefaultValueList" } } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingDefaultValueSpecificationDefaultValueList:V2modelsSlotValueElicitationSettingDefaultValueSpecificationDefaultValueList": { "properties": { "defaultValue": { "type": "string" } }, "type": "object", "required": [ "defaultValue" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecification:V2modelsSlotValueElicitationSettingPromptSpecification": { "properties": { "allowInterrupt": { "type": "boolean" }, "maxRetries": { "type": "integer" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroup:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroup" } }, "messageSelectionStrategy": { "type": "string" }, "promptAttemptsSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecification" } } }, "type": "object", "required": [ "maxRetries" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroup:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessage" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariation:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariation" } } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessage": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessagePlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariation:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariation": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationPlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingPromptSpecificationMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecification": { "properties": { "allowInterrupt": { "type": "boolean" }, "allowedInputTypes": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes" }, "audioAndDtmfInputSpecification": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification" }, "mapBlockKey": { "type": "string" }, "textInputSpecification": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification" } }, "type": "object", "required": [ "allowedInputTypes", "mapBlockKey" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAllowedInputTypes": { "properties": { "allowAudioInput": { "type": "boolean" }, "allowDtmfInput": { "type": "boolean" } }, "type": "object", "required": [ "allowAudioInput", "allowDtmfInput" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecification": { "properties": { "audioSpecification": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification" }, "dtmfSpecification": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification" }, "startTimeoutMs": { "type": "integer" } }, "type": "object", "required": [ "startTimeoutMs" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationAudioSpecification": { "properties": { "endTimeoutMs": { "type": "integer" }, "maxLengthMs": { "type": "integer" } }, "type": "object", "required": [ "endTimeoutMs", "maxLengthMs" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationAudioAndDtmfInputSpecificationDtmfSpecification": { "properties": { "deletionCharacter": { "type": "string" }, "endCharacter": { "type": "string" }, "endTimeoutMs": { "type": "integer" }, "maxLength": { "type": "integer" } }, "type": "object", "required": [ "deletionCharacter", "endCharacter", "endTimeoutMs", "maxLength" ] }, "aws:lex/V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification:V2modelsSlotValueElicitationSettingPromptSpecificationPromptAttemptsSpecificationTextInputSpecification": { "properties": { "startTimeoutMs": { "type": "integer" } }, "type": "object", "required": [ "startTimeoutMs" ] }, "aws:lex/V2modelsSlotValueElicitationSettingSampleUtterance:V2modelsSlotValueElicitationSettingSampleUtterance": { "properties": { "utterance": { "type": "string" } }, "type": "object", "required": [ "utterance" ] }, "aws:lex/V2modelsSlotValueElicitationSettingSlotResolutionSetting:V2modelsSlotValueElicitationSettingSlotResolutionSetting": { "properties": { "slotResolutionStrategy": { "type": "string" } }, "type": "object", "required": [ "slotResolutionStrategy" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecification:V2modelsSlotValueElicitationSettingWaitAndContinueSpecification": { "properties": { "active": { "type": "boolean" }, "continueResponses": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponse" } }, "stillWaitingResponses": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponse" } }, "waitingResponses": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponse" } } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponse": { "properties": { "allowInterrupt": { "type": "boolean" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroup" } } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessage" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariation" } } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessage": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessagePlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariation": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationPlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationContinueResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponse": { "properties": { "allowInterrupt": { "type": "boolean" }, "frequencyInSeconds": { "type": "integer" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroup" } }, "timeoutInSeconds": { "type": "integer" } }, "type": "object", "required": [ "frequencyInSeconds", "timeoutInSeconds" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessage" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariation" } } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessage": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessagePlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariation": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationPlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationStillWaitingResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponse:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponse": { "properties": { "allowInterrupt": { "type": "boolean" }, "messageGroups": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroup" } } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroup:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroup": { "properties": { "message": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessage" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariation" } } }, "type": "object", "required": [ "message" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessage": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessagePlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessagePlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessagePlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupMessageSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariation:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariation": { "properties": { "customPayloads": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationCustomPayload" } }, "imageResponseCard": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCard" }, "plainTextMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationPlainTextMessage" }, "ssmlMessage": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationSsmlMessage" } }, "type": "object" }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationCustomPayload:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationCustomPayload": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCard:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCard": { "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCardButton" } }, "imageUrl": { "type": "string" }, "subtitle": { "type": "string" }, "title": { "type": "string" } }, "type": "object", "required": [ "title" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCardButton:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationImageResponseCardButton": { "properties": { "text": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "text", "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationPlainTextMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationPlainTextMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationSsmlMessage:V2modelsSlotValueElicitationSettingWaitAndContinueSpecificationWaitingResponseMessageGroupVariationSsmlMessage": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:lex/getSlotTypeEnumerationValue:getSlotTypeEnumerationValue": { "properties": { "synonyms": { "type": "array", "items": { "type": "string" } }, "value": { "type": "string" } }, "type": "object", "required": [ "synonyms", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getLicenseGrantsFilter:getLicenseGrantsFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedGrants.html#API_ListReceivedGrants_RequestSyntax).\nFor example, if filtering using `ProductSKU`, use:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.licensemanager.getLicenseGrants({\n filters: [{\n name: \"ProductSKU\",\n values: [\"\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.licensemanager.get_license_grants(filters=[{\n \"name\": \"ProductSKU\",\n \"values\": [\"\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.LicenseManager.GetLicenseGrants.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.LicenseManager.Inputs.GetLicenseGrantsFilterInputArgs\n {\n Name = \"ProductSKU\",\n Values = new[]\n {\n \"\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.GetLicenseGrants(ctx, \u0026licensemanager.GetLicenseGrantsArgs{\n\t\t\tFilters: []licensemanager.GetLicenseGrantsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"ProductSKU\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicensemanagerFunctions;\nimport com.pulumi.aws.licensemanager.inputs.GetLicenseGrantsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = LicensemanagerFunctions.getLicenseGrants(GetLicenseGrantsArgs.builder()\n .filters(GetLicenseGrantsFilterArgs.builder()\n .name(\"ProductSKU\")\n .values(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n selected:\n fn::invoke:\n Function: aws:licensemanager:getLicenseGrants\n Arguments:\n filters:\n - name: ProductSKU\n values:\n -\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:licensemanager/getReceivedLicenseConsumptionConfiguration:getReceivedLicenseConsumptionConfiguration": { "properties": { "borrowConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseConsumptionConfigurationBorrowConfiguration:getReceivedLicenseConsumptionConfigurationBorrowConfiguration" }, "description": "Details about a borrow configuration. Detailed below\n" }, "provisionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseConsumptionConfigurationProvisionalConfiguration:getReceivedLicenseConsumptionConfigurationProvisionalConfiguration" }, "description": "Details about a provisional configuration. Detailed below\n" }, "renewType": { "type": "string" } }, "type": "object", "required": [ "borrowConfigurations", "provisionalConfigurations", "renewType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseConsumptionConfigurationBorrowConfiguration:getReceivedLicenseConsumptionConfigurationBorrowConfiguration": { "properties": { "allowEarlyCheckIn": { "type": "boolean", "description": "Indicates whether early check-ins are allowed.\n" }, "maxTimeToLiveInMinutes": { "type": "integer", "description": "Maximum time for the provisional configuration, in minutes.\n" } }, "type": "object", "required": [ "allowEarlyCheckIn", "maxTimeToLiveInMinutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseConsumptionConfigurationProvisionalConfiguration:getReceivedLicenseConsumptionConfigurationProvisionalConfiguration": { "properties": { "maxTimeToLiveInMinutes": { "type": "integer", "description": "Maximum time for the provisional configuration, in minutes.\n" } }, "type": "object", "required": [ "maxTimeToLiveInMinutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseEntitlement:getReceivedLicenseEntitlement": { "properties": { "allowCheckIn": { "type": "boolean", "description": "Indicates whether check-ins are allowed.\n" }, "maxCount": { "type": "integer", "description": "Maximum entitlement count. Use if the unit is not None.\n" }, "name": { "type": "string", "description": "The key name.\n" }, "unit": { "type": "string", "description": "Entitlement unit.\n" }, "value": { "type": "string", "description": "The value.\n" } }, "type": "object", "required": [ "allowCheckIn", "maxCount", "name", "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseIssuer:getReceivedLicenseIssuer": { "properties": { "keyFingerprint": { "type": "string", "description": "Issuer key fingerprint.\n" }, "name": { "type": "string", "description": "The key name.\n" }, "signKey": { "type": "string", "description": "Asymmetric KMS key from AWS Key Management Service. The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.\n" } }, "type": "object", "required": [ "keyFingerprint", "name", "signKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseLicenseMetadata:getReceivedLicenseLicenseMetadata": { "properties": { "name": { "type": "string", "description": "The key name.\n" }, "value": { "type": "string", "description": "The value.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseReceivedMetadata:getReceivedLicenseReceivedMetadata": { "properties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed operations.\n" }, "receivedStatus": { "type": "string", "description": "Received status.\n" }, "receivedStatusReason": { "type": "string", "description": "Received status reason.\n" } }, "type": "object", "required": [ "allowedOperations", "receivedStatus", "receivedStatusReason" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicenseValidity:getReceivedLicenseValidity": { "properties": { "begin": { "type": "string", "description": "Start of the validity time range.\n" }, "end": { "type": "string", "description": "End of the validity time range.\n" } }, "type": "object", "required": [ "begin", "end" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:licensemanager/getReceivedLicensesFilter:getReceivedLicensesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedLicenses.html#API_ListReceivedLicenses_RequestSyntax).\nFor example, if filtering using `ProductSKU`, use:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.licensemanager.getReceivedLicenses({\n filters: [{\n name: \"ProductSKU\",\n values: [\"\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.licensemanager.get_received_licenses(filters=[{\n \"name\": \"ProductSKU\",\n \"values\": [\"\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.LicenseManager.GetReceivedLicenses.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.LicenseManager.Inputs.GetReceivedLicensesFilterInputArgs\n {\n Name = \"ProductSKU\",\n Values = new[]\n {\n \"\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.GetReceivedLicenses(ctx, \u0026licensemanager.GetReceivedLicensesArgs{\n\t\t\tFilters: []licensemanager.GetReceivedLicensesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"ProductSKU\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicensemanagerFunctions;\nimport com.pulumi.aws.licensemanager.inputs.GetReceivedLicensesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = LicensemanagerFunctions.getReceivedLicenses(GetReceivedLicensesArgs.builder()\n .filters(GetReceivedLicensesFilterArgs.builder()\n .name(\"ProductSKU\")\n .values(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n selected:\n fn::invoke:\n Function: aws:licensemanager:getReceivedLicenses\n Arguments:\n filters:\n - name: ProductSKU\n values:\n -\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:lightsail/CertificateDomainValidationOption:CertificateDomainValidationOption": { "properties": { "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued.\n" }, "resourceRecordName": { "type": "string" }, "resourceRecordType": { "type": "string" }, "resourceRecordValue": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "resourceRecordName", "resourceRecordType", "resourceRecordValue" ] } } }, "aws:lightsail/ContainerServiceDeploymentVersionContainer:ContainerServiceDeploymentVersionContainer": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "The launch command for the container. A list of string.\n", "willReplaceOnChanges": true }, "containerName": { "type": "string", "description": "The name for the container.\n", "willReplaceOnChanges": true }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of the environment variables of the container.\n", "willReplaceOnChanges": true }, "image": { "type": "string", "description": "The name of the image used for the container. Container images sourced from your Lightsail container service, that are registered and stored on your service, start with a colon (`:`). For example, `:container-service-1.mystaticwebsite.1`. Container images sourced from a public registry like Docker Hub don't start with a colon. For example, `nginx:latest` or `nginx`.\n", "willReplaceOnChanges": true }, "ports": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of the open firewall ports of the container. Valid values: `HTTP`, `HTTPS`, `TCP`, `UDP`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "containerName", "image" ] }, "aws:lightsail/ContainerServiceDeploymentVersionPublicEndpoint:ContainerServiceDeploymentVersionPublicEndpoint": { "properties": { "containerName": { "type": "string", "description": "The name of the container for the endpoint.\n", "willReplaceOnChanges": true }, "containerPort": { "type": "integer", "description": "The port of the container to which traffic is forwarded to.\n", "willReplaceOnChanges": true }, "healthCheck": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionPublicEndpointHealthCheck:ContainerServiceDeploymentVersionPublicEndpointHealthCheck", "description": "A configuration block that describes the health check configuration of the container. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "containerName", "containerPort", "healthCheck" ] }, "aws:lightsail/ContainerServiceDeploymentVersionPublicEndpointHealthCheck:ContainerServiceDeploymentVersionPublicEndpointHealthCheck": { "properties": { "healthyThreshold": { "type": "integer", "description": "The number of consecutive health checks successes required before moving the container to the Healthy state. Defaults to 2.\n", "willReplaceOnChanges": true }, "intervalSeconds": { "type": "integer", "description": "The approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. Defaults to 5.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The path on the container on which to perform the health check. Defaults to \"/\".\n", "willReplaceOnChanges": true }, "successCodes": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. Defaults to \"200-499\".\n", "willReplaceOnChanges": true }, "timeoutSeconds": { "type": "integer", "description": "The amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. Defaults to 2.\n", "willReplaceOnChanges": true }, "unhealthyThreshold": { "type": "integer", "description": "The number of consecutive health checks failures required before moving the container to the Unhealthy state. Defaults to 2.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:lightsail/ContainerServicePrivateRegistryAccess:ContainerServicePrivateRegistryAccess": { "properties": { "ecrImagePullerRole": { "$ref": "#/types/aws:lightsail/ContainerServicePrivateRegistryAccessEcrImagePullerRole:ContainerServicePrivateRegistryAccessEcrImagePullerRole", "description": "Describes a request to configure an Amazon Lightsail container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See ECR Image Puller Role below for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ecrImagePullerRole" ] } } }, "aws:lightsail/ContainerServicePrivateRegistryAccessEcrImagePullerRole:ContainerServicePrivateRegistryAccessEcrImagePullerRole": { "properties": { "isActive": { "type": "boolean", "description": "A Boolean value that indicates whether to activate the role. The default is `false`.\n" }, "principalArn": { "type": "string", "description": "The principal ARN of the container service. The principal ARN can be used to create a trust\nrelationship between your standard AWS account and your Lightsail container service. This allows you to give your\nservice permission to access resources in your standard AWS account.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "principalArn" ] } } }, "aws:lightsail/ContainerServicePublicDomainNames:ContainerServicePublicDomainNames": { "properties": { "certificates": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/ContainerServicePublicDomainNamesCertificate:ContainerServicePublicDomainNamesCertificate" } } }, "type": "object", "required": [ "certificates" ] }, "aws:lightsail/ContainerServicePublicDomainNamesCertificate:ContainerServicePublicDomainNamesCertificate": { "properties": { "certificateName": { "type": "string" }, "domainNames": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "certificateName", "domainNames" ] }, "aws:lightsail/DistributionCacheBehavior:DistributionCacheBehavior": { "properties": { "behavior": { "type": "string", "description": "The cache behavior for the specified path.\n" }, "path": { "type": "string", "description": "The path to a directory or file to cached, or not cache. Use an asterisk symbol to specify wildcard directories (path/to/assets/\\*), and file types (\\*.html, \\*jpg, \\*js). Directories and file paths are case-sensitive.\n" } }, "type": "object", "required": [ "behavior", "path" ] }, "aws:lightsail/DistributionCacheBehaviorSettings:DistributionCacheBehaviorSettings": { "properties": { "allowedHttpMethods": { "type": "string", "description": "The HTTP methods that are processed and forwarded to the distribution's origin.\n" }, "cachedHttpMethods": { "type": "string", "description": "The HTTP method responses that are cached by your distribution.\n" }, "defaultTtl": { "type": "integer", "description": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n" }, "forwardedCookies": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettingsForwardedCookies:DistributionCacheBehaviorSettingsForwardedCookies", "description": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded. Detailed below\n" }, "forwardedHeaders": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettingsForwardedHeaders:DistributionCacheBehaviorSettingsForwardedHeaders", "description": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded. Detailed below\n" }, "forwardedQueryStrings": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettingsForwardedQueryStrings:DistributionCacheBehaviorSettingsForwardedQueryStrings", "description": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded. Detailed below\n" }, "maximumTtl": { "type": "integer", "description": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n" }, "minimumTtl": { "type": "integer", "description": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n" } }, "type": "object" }, "aws:lightsail/DistributionCacheBehaviorSettingsForwardedCookies:DistributionCacheBehaviorSettingsForwardedCookies": { "properties": { "cookiesAllowLists": { "type": "array", "items": { "type": "string" }, "description": "The specific cookies to forward to your distribution's origin.\n" }, "option": { "type": "string", "description": "Specifies which cookies to forward to the distribution's origin for a cache behavior: all, none, or allow-list to forward only the cookies specified in the cookiesAllowList parameter.\n" } }, "type": "object" }, "aws:lightsail/DistributionCacheBehaviorSettingsForwardedHeaders:DistributionCacheBehaviorSettingsForwardedHeaders": { "properties": { "headersAllowLists": { "type": "array", "items": { "type": "string" }, "description": "The specific headers to forward to your distribution's origin.\n" }, "option": { "type": "string", "description": "The headers that you want your distribution to forward to your origin and base caching on.\n" } }, "type": "object" }, "aws:lightsail/DistributionCacheBehaviorSettingsForwardedQueryStrings:DistributionCacheBehaviorSettingsForwardedQueryStrings": { "properties": { "option": { "type": "boolean", "description": "Indicates whether the distribution forwards and caches based on query strings.\n" }, "queryStringsAllowedLists": { "type": "array", "items": { "type": "string" }, "description": "The specific query strings that the distribution forwards to the origin.\n" } }, "type": "object" }, "aws:lightsail/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior": { "properties": { "behavior": { "type": "string", "description": "The cache behavior of the distribution. Valid values: `cache` and `dont-cache`.\n" } }, "type": "object", "required": [ "behavior" ] }, "aws:lightsail/DistributionLocation:DistributionLocation": { "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone. Follows the format us-east-2a (case-sensitive).\n" }, "regionName": { "type": "string", "description": "The AWS Region name.\n" } }, "type": "object", "required": [ "availabilityZone", "regionName" ] }, "aws:lightsail/DistributionOrigin:DistributionOrigin": { "properties": { "name": { "type": "string", "description": "The name of the origin resource. Your origin can be an instance with an attached static IP, a bucket, or a load balancer that has at least one instance attached to it.\n" }, "protocolPolicy": { "type": "string", "description": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.\n" }, "regionName": { "type": "string", "description": "The AWS Region name of the origin resource.\n" }, "resourceType": { "type": "string", "description": "The resource type of the origin resource (e.g., Instance).\n" } }, "type": "object", "required": [ "name", "regionName" ], "language": { "nodejs": { "requiredOutputs": [ "name", "regionName", "resourceType" ] } } }, "aws:lightsail/InstanceAddOn:InstanceAddOn": { "properties": { "snapshotTime": { "type": "string", "description": "The daily time when an automatic snapshot will be created. Must be in HH:00 format, and in an hourly increment and specified in Coordinated Universal Time (UTC). The snapshot will be automatically created between the time specified and up to 45 minutes after.\n" }, "status": { "type": "string", "description": "The status of the add on. Valid Values: `Enabled`, `Disabled`.\n" }, "type": { "type": "string", "description": "The add-on type. There is currently only one valid type `AutoSnapshot`.\n" } }, "type": "object", "required": [ "snapshotTime", "status", "type" ] }, "aws:lightsail/InstancePublicPortsPortInfo:InstancePublicPortsPortInfo": { "properties": { "cidrListAliases": { "type": "array", "items": { "type": "string" }, "description": "Set of CIDR aliases that define access for a preconfigured range of IP addresses.\n" }, "cidrs": { "type": "array", "items": { "type": "string" }, "description": "Set of CIDR blocks.\n" }, "fromPort": { "type": "integer", "description": "First port in a range of open ports on an instance.\n", "willReplaceOnChanges": true }, "ipv6Cidrs": { "type": "array", "items": { "type": "string" } }, "protocol": { "type": "string", "description": "IP protocol name. Valid values are `tcp`, `all`, `udp`, and `icmp`.\n", "willReplaceOnChanges": true }, "toPort": { "type": "integer", "description": "Last port in a range of open ports on an instance.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "fromPort", "protocol", "toPort" ], "language": { "nodejs": { "requiredOutputs": [ "cidrListAliases", "cidrs", "fromPort", "ipv6Cidrs", "protocol", "toPort" ] } } }, "aws:lightsail/LbCertificateDomainValidationRecord:LbCertificateDomainValidationRecord": { "properties": { "domainName": { "type": "string", "description": "The domain name (e.g., example.com) for your SSL/TLS certificate.\n" }, "resourceRecordName": { "type": "string" }, "resourceRecordType": { "type": "string" }, "resourceRecordValue": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "resourceRecordName", "resourceRecordType", "resourceRecordValue" ] } } }, "aws:location/MapConfiguration:MapConfiguration": { "properties": { "style": { "type": "string", "description": "Specifies the map style selected from an available data provider. Valid values can be found in the [Location Service CreateMap API Reference](https://docs.aws.amazon.com/location/latest/APIReference/API_CreateMap.html).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "style" ] }, "aws:location/PlaceIndexDataSourceConfiguration:PlaceIndexDataSourceConfiguration": { "properties": { "intendedUse": { "type": "string", "description": "Specifies how the results of an operation will be stored by the caller. Valid values: `SingleUse`, `Storage`. Default: `SingleUse`.\n" } }, "type": "object" }, "aws:location/getMapConfiguration:getMapConfiguration": { "properties": { "style": { "type": "string", "description": "The map style selected from an available data provider.\n" } }, "type": "object", "required": [ "style" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:location/getPlaceIndexDataSourceConfiguration:getPlaceIndexDataSourceConfiguration": { "properties": { "intendedUse": { "type": "string" } }, "type": "object", "required": [ "intendedUse" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:m2/ApplicationDefinition:ApplicationDefinition": { "properties": { "content": { "type": "string", "description": "JSON application definition. Either this or `s3_location` must be specified.\n" }, "s3Location": { "type": "string", "description": "Location of the application definition in S3. Either this or `content` must be specified.\n" } }, "type": "object" }, "aws:m2/ApplicationTimeouts:ApplicationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:m2/DeploymentTimeouts:DeploymentTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:m2/EnvironmentHighAvailabilityConfig:EnvironmentHighAvailabilityConfig": { "properties": { "desiredCapacity": { "type": "integer", "description": "Desired number of instances for the Environment.\n" } }, "type": "object", "required": [ "desiredCapacity" ] }, "aws:m2/EnvironmentStorageConfiguration:EnvironmentStorageConfiguration": { "properties": { "efs": { "$ref": "#/types/aws:m2/EnvironmentStorageConfigurationEfs:EnvironmentStorageConfigurationEfs" }, "fsx": { "$ref": "#/types/aws:m2/EnvironmentStorageConfigurationFsx:EnvironmentStorageConfigurationFsx" } }, "type": "object" }, "aws:m2/EnvironmentStorageConfigurationEfs:EnvironmentStorageConfigurationEfs": { "properties": { "fileSystemId": { "type": "string", "description": "Id of the EFS filesystem to mount.\n" }, "mountPoint": { "type": "string", "description": "Path to mount the filesystem on, must start with `/m2/mount/`.\n" } }, "type": "object", "required": [ "fileSystemId", "mountPoint" ] }, "aws:m2/EnvironmentStorageConfigurationFsx:EnvironmentStorageConfigurationFsx": { "properties": { "fileSystemId": { "type": "string", "description": "Id of the FSX filesystem to mount.\n" }, "mountPoint": { "type": "string", "description": "Path to mount the filesystem on, must start with `/m2/mount/`.\n" } }, "type": "object", "required": [ "fileSystemId", "mountPoint" ] }, "aws:m2/EnvironmentTimeouts:EnvironmentTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:macie/FindingsFilterFindingCriteria:FindingsFilterFindingCriteria": { "properties": { "criterions": { "type": "array", "items": { "$ref": "#/types/aws:macie/FindingsFilterFindingCriteriaCriterion:FindingsFilterFindingCriteriaCriterion" }, "description": "A condition that specifies the property, operator, and one or more values to use to filter the results. (documented below)\n" } }, "type": "object" }, "aws:macie/FindingsFilterFindingCriteriaCriterion:FindingsFilterFindingCriteriaCriterion": { "properties": { "eqExactMatches": { "type": "array", "items": { "type": "string" }, "description": "The value for the property exclusively matches (equals an exact match for) all the specified values. If you specify multiple values, Amazon Macie uses AND logic to join the values.\n" }, "eqs": { "type": "array", "items": { "type": "string" }, "description": "The value for the property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.\n" }, "field": { "type": "string", "description": "The name of the field to be evaluated.\n" }, "gt": { "type": "string", "description": "The value for the property is greater than the specified value.\n" }, "gte": { "type": "string", "description": "The value for the property is greater than or equal to the specified value.\n" }, "lt": { "type": "string", "description": "The value for the property is less than the specified value.\n" }, "lte": { "type": "string", "description": "The value for the property is less than or equal to the specified value.\n" }, "neqs": { "type": "array", "items": { "type": "string" }, "description": "The value for the property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.\n" } }, "type": "object", "required": [ "field" ] }, "aws:macie2/ClassificationExportConfigurationS3Destination:ClassificationExportConfigurationS3Destination": { "properties": { "bucketName": { "type": "string", "description": "The Amazon S3 bucket name in which Amazon Macie exports the data classification results.\n" }, "keyPrefix": { "type": "string", "description": "The object key for the bucket in which Amazon Macie exports the data classification results.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.\n\nAdditional information can be found in the [Storing and retaining sensitive data discovery results with Amazon Macie for AWS Macie documentation](https://docs.aws.amazon.com/macie/latest/user/discovery-results-repository-s3.html).\n" } }, "type": "object", "required": [ "bucketName", "kmsKeyArn" ] }, "aws:macie2/ClassificationJobS3JobDefinition:ClassificationJobS3JobDefinition": { "properties": { "bucketCriteria": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteria:ClassificationJobS3JobDefinitionBucketCriteria", "description": "The property- and tag-based conditions that determine which S3 buckets to include or exclude from the analysis. Conflicts with `bucket_definitions`. (documented below)\n" }, "bucketDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketDefinition:ClassificationJobS3JobDefinitionBucketDefinition" }, "description": "An array of objects, one for each AWS account that owns buckets to analyze. Each object specifies the account ID for an account and one or more buckets to analyze for the account. Conflicts with `bucket_criteria`. (documented below)\n" }, "scoping": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScoping:ClassificationJobS3JobDefinitionScoping", "description": "The property- and tag-based conditions that determine which objects to include or exclude from the analysis. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucketCriteria", "scoping" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteria:ClassificationJobS3JobDefinitionBucketCriteria": { "properties": { "excludes": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludes:ClassificationJobS3JobDefinitionBucketCriteriaExcludes", "description": "The property- or tag-based conditions that determine which S3 buckets to exclude from the analysis. (documented below)\n" }, "includes": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludes:ClassificationJobS3JobDefinitionBucketCriteriaIncludes", "description": "The property- or tag-based conditions that determine which S3 buckets to include in the analysis. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "excludes", "includes" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludes:ClassificationJobS3JobDefinitionBucketCriteriaExcludes": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAnd:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAnd" }, "description": "An array of conditions, one for each condition that determines which objects to include or exclude from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ands" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAnd:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAnd": { "properties": { "simpleCriterion": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndSimpleCriterion:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndSimpleCriterion", "description": "A property-based condition that defines a property, operator, and one or more values for including or excluding an S3 buckets from the job. (documented below)\n" }, "tagCriterion": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterion:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterion", "description": "A tag-based condition that defines the operator and tag keys or tag key and value pairs for including or excluding an S3 buckets from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "simpleCriterion", "tagCriterion" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndSimpleCriterion:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndSimpleCriterion": { "properties": { "comparator": { "type": "string", "description": "The operator to use in a condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-jobcomparator)\n" }, "key": { "type": "string", "description": "The object property to use in the condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-simplecriterionkeyforjob)\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the values to use in the condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-simplecriterionforjob)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "values" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterion:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterion": { "properties": { "comparator": { "type": "string", "description": "The operator to use in the condition. Valid combination and values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-jobcomparator)\n" }, "tagValues": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterionTagValue:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterionTagValue" }, "description": "The tag key and value pairs to use in the condition. One or more blocks are allowed. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterionTagValue:ClassificationJobS3JobDefinitionBucketCriteriaExcludesAndTagCriterionTagValue": { "properties": { "key": { "type": "string", "description": "The tag key.\n" }, "value": { "type": "string", "description": "The tag value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "key", "value" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludes:ClassificationJobS3JobDefinitionBucketCriteriaIncludes": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAnd:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAnd" }, "description": "An array of conditions, one for each condition that determines which objects to include or exclude from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ands" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAnd:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAnd": { "properties": { "simpleCriterion": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndSimpleCriterion:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndSimpleCriterion", "description": "A property-based condition that defines a property, operator, and one or more values for including or excluding an S3 buckets from the job. (documented below)\n" }, "tagCriterion": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterion:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterion", "description": "A tag-based condition that defines the operator and tag keys or tag key and value pairs for including or excluding an S3 buckets from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "simpleCriterion", "tagCriterion" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndSimpleCriterion:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndSimpleCriterion": { "properties": { "comparator": { "type": "string", "description": "The operator to use in a condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-jobcomparator)\n" }, "key": { "type": "string", "description": "The object property to use in the condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-simplecriterionkeyforjob)\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the values to use in the condition. Valid combination of values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-simplecriterionforjob)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "values" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterion:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterion": { "properties": { "comparator": { "type": "string", "description": "The operator to use in the condition. Valid combination and values are available in the [AWS Documentation](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html#jobs-model-jobcomparator)\n" }, "tagValues": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterionTagValue:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterionTagValue" }, "description": "The tag key and value pairs to use in the condition. One or more blocks are allowed. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterionTagValue:ClassificationJobS3JobDefinitionBucketCriteriaIncludesAndTagCriterionTagValue": { "properties": { "key": { "type": "string", "description": "The tag key.\n" }, "value": { "type": "string", "description": "The tag value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "key", "value" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionBucketDefinition:ClassificationJobS3JobDefinitionBucketDefinition": { "properties": { "accountId": { "type": "string", "description": "The unique identifier for the AWS account that owns the buckets.\n" }, "buckets": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the names of the buckets.\n" } }, "type": "object", "required": [ "accountId", "buckets" ] }, "aws:macie2/ClassificationJobS3JobDefinitionScoping:ClassificationJobS3JobDefinitionScoping": { "properties": { "excludes": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingExcludes:ClassificationJobS3JobDefinitionScopingExcludes", "description": "The property- or tag-based conditions that determine which objects to exclude from the analysis. (documented below)\n" }, "includes": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingIncludes:ClassificationJobS3JobDefinitionScopingIncludes", "description": "The property- or tag-based conditions that determine which objects to include in the analysis. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "excludes", "includes" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingExcludes:ClassificationJobS3JobDefinitionScopingExcludes": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAnd:ClassificationJobS3JobDefinitionScopingExcludesAnd" }, "description": "An array of conditions, one for each condition that determines which objects to include or exclude from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ands" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAnd:ClassificationJobS3JobDefinitionScopingExcludesAnd": { "properties": { "simpleScopeTerm": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndSimpleScopeTerm:ClassificationJobS3JobDefinitionScopingExcludesAndSimpleScopeTerm", "description": "A property-based condition that defines a property, operator, and one or more values for including or excluding an object from the job. (documented below)\n" }, "tagScopeTerm": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTerm:ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTerm", "description": "A tag-based condition that defines the operator and tag keys or tag key and value pairs for including or excluding an object from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "simpleScopeTerm", "tagScopeTerm" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndSimpleScopeTerm:ClassificationJobS3JobDefinitionScopingExcludesAndSimpleScopeTerm": { "properties": { "comparator": { "type": "string", "description": "The operator to use in a condition. Valid values are: `EQ`, `GT`, `GTE`, `LT`, `LTE`, `NE`, `CONTAINS`, `STARTS_WITH`\n" }, "key": { "type": "string", "description": "The object property to use in the condition.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the values to use in the condition.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "values" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTerm:ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTerm": { "properties": { "comparator": { "type": "string", "description": "The operator to use in the condition.\n" }, "key": { "type": "string", "description": "The tag key to use in the condition. The only valid value is `TAG`.\n" }, "tagValues": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTermTagValue:ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTermTagValue" }, "description": "The tag keys or tag key and value pairs to use in the condition.\n" }, "target": { "type": "string", "description": "The type of object to apply the condition to. The only valid value is `S3_OBJECT`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "tagValues", "target" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTermTagValue:ClassificationJobS3JobDefinitionScopingExcludesAndTagScopeTermTagValue": { "properties": { "key": { "type": "string", "description": "The tag key.\n" }, "value": { "type": "string", "description": "The tag value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "key", "value" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingIncludes:ClassificationJobS3JobDefinitionScopingIncludes": { "properties": { "ands": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAnd:ClassificationJobS3JobDefinitionScopingIncludesAnd" }, "description": "An array of conditions, one for each condition that determines which objects to include or exclude from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ands" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAnd:ClassificationJobS3JobDefinitionScopingIncludesAnd": { "properties": { "simpleScopeTerm": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndSimpleScopeTerm:ClassificationJobS3JobDefinitionScopingIncludesAndSimpleScopeTerm", "description": "A property-based condition that defines a property, operator, and one or more values for including or excluding an object from the job. (documented below)\n" }, "tagScopeTerm": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTerm:ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTerm", "description": "A tag-based condition that defines the operator and tag keys or tag key and value pairs for including or excluding an object from the job. (documented below)\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "simpleScopeTerm", "tagScopeTerm" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndSimpleScopeTerm:ClassificationJobS3JobDefinitionScopingIncludesAndSimpleScopeTerm": { "properties": { "comparator": { "type": "string", "description": "The operator to use in a condition. Valid values are: `EQ`, `GT`, `GTE`, `LT`, `LTE`, `NE`, `CONTAINS`, `STARTS_WITH`\n" }, "key": { "type": "string", "description": "The object property to use in the condition.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the values to use in the condition.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "values" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTerm:ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTerm": { "properties": { "comparator": { "type": "string", "description": "The operator to use in the condition.\n" }, "key": { "type": "string", "description": "The tag key to use in the condition. The only valid value is `TAG`.\n" }, "tagValues": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTermTagValue:ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTermTagValue" }, "description": "The tag keys or tag key and value pairs to use in the condition.\n" }, "target": { "type": "string", "description": "The type of object to apply the condition to. The only valid value is `S3_OBJECT`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "comparator", "key", "target" ] } } }, "aws:macie2/ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTermTagValue:ClassificationJobS3JobDefinitionScopingIncludesAndTagScopeTermTagValue": { "properties": { "key": { "type": "string", "description": "The tag key.\n" }, "value": { "type": "string", "description": "The tag value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "key", "value" ] } } }, "aws:macie2/ClassificationJobScheduleFrequency:ClassificationJobScheduleFrequency": { "properties": { "dailySchedule": { "type": "boolean", "description": "Specifies a daily recurrence pattern for running the job.\n" }, "monthlySchedule": { "type": "integer", "description": "Specifies a monthly recurrence pattern for running the job.\n" }, "weeklySchedule": { "type": "string", "description": "Specifies a weekly recurrence pattern for running the job.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "monthlySchedule", "weeklySchedule" ] } } }, "aws:macie2/ClassificationJobUserPausedDetail:ClassificationJobUserPausedDetail": { "properties": { "jobExpiresAt": { "type": "string" }, "jobImminentExpirationHealthEventArn": { "type": "string" }, "jobPausedAt": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "jobExpiresAt", "jobImminentExpirationHealthEventArn", "jobPausedAt" ] } } }, "aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings": { "properties": { "commitment": { "type": "string", "description": "The length of the term of your reserved queue pricing plan commitment. Valid value is `ONE_YEAR`.\n" }, "renewalType": { "type": "string", "description": "Specifies whether the term of your reserved queue pricing plan. Valid values are `AUTO_RENEW` or `EXPIRE`.\n" }, "reservedSlots": { "type": "integer", "description": "Specifies the number of reserved transcode slots (RTS) for queue.\n" } }, "type": "object", "required": [ "commitment", "renewalType", "reservedSlots" ] }, "aws:medialive/ChannelCdiInputSpecification:ChannelCdiInputSpecification": { "properties": { "resolution": { "type": "string", "description": "Maximum CDI input resolution.\n" } }, "type": "object", "required": [ "resolution" ] }, "aws:medialive/ChannelDestination:ChannelDestination": { "properties": { "id": { "type": "string", "description": "User-specified id. Ths is used in an output group or an output.\n" }, "mediaPackageSettings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelDestinationMediaPackageSetting:ChannelDestinationMediaPackageSetting" }, "description": "Destination settings for a MediaPackage output; one destination for both encoders. See Media Package Settings for more details.\n" }, "multiplexSettings": { "$ref": "#/types/aws:medialive/ChannelDestinationMultiplexSettings:ChannelDestinationMultiplexSettings", "description": "Destination settings for a Multiplex output; one destination for both encoders. See Multiplex Settings for more details.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelDestinationSetting:ChannelDestinationSetting" }, "description": "Destination settings for a standard output; one destination for each redundant encoder. See Settings for more details.\n" } }, "type": "object", "required": [ "id" ] }, "aws:medialive/ChannelDestinationMediaPackageSetting:ChannelDestinationMediaPackageSetting": { "properties": { "channelId": { "type": "string", "description": "ID of the channel in MediaPackage that is the destination for this output group.\n" } }, "type": "object", "required": [ "channelId" ] }, "aws:medialive/ChannelDestinationMultiplexSettings:ChannelDestinationMultiplexSettings": { "properties": { "multiplexId": { "type": "string", "description": "The ID of the Multiplex that the encoder is providing output to.\n" }, "programName": { "type": "string", "description": "The program name of the Multiplex program that the encoder is providing output to.\n" } }, "type": "object", "required": [ "multiplexId", "programName" ] }, "aws:medialive/ChannelDestinationSetting:ChannelDestinationSetting": { "properties": { "passwordParam": { "type": "string", "description": "Key used to extract the password from EC2 Parameter store.\n" }, "streamName": { "type": "string", "description": "Stream name RTMP destinations (URLs of type rtmp://)\n" }, "url": { "type": "string", "description": "A URL specifying a destination.\n" }, "username": { "type": "string", "description": "Username for destination.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettings:ChannelEncoderSettings": { "properties": { "audioDescriptions": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescription:ChannelEncoderSettingsAudioDescription" }, "description": "Audio descriptions for the channel. See Audio Descriptions for more details.\n" }, "availBlanking": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAvailBlanking:ChannelEncoderSettingsAvailBlanking", "description": "Settings for ad avail blanking. See Avail Blanking for more details.\n" }, "captionDescriptions": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescription:ChannelEncoderSettingsCaptionDescription" }, "description": "Caption Descriptions. See Caption Descriptions for more details.\n" }, "globalConfiguration": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsGlobalConfiguration:ChannelEncoderSettingsGlobalConfiguration", "description": "Configuration settings that apply to the event as a whole. See Global Configuration for more details.\n" }, "motionGraphicsConfiguration": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsMotionGraphicsConfiguration:ChannelEncoderSettingsMotionGraphicsConfiguration", "description": "Settings for motion graphics. See Motion Graphics Configuration for more details.\n" }, "nielsenConfiguration": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsNielsenConfiguration:ChannelEncoderSettingsNielsenConfiguration", "description": "Nielsen configuration settings. See Nielsen Configuration for more details.\n" }, "outputGroups": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroup:ChannelEncoderSettingsOutputGroup" }, "description": "Output groups for the channel. See Output Groups for more details.\n" }, "timecodeConfig": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsTimecodeConfig:ChannelEncoderSettingsTimecodeConfig", "description": "Contains settings used to acquire and adjust timecode information from inputs. See Timecode Config for more details.\n" }, "videoDescriptions": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescription:ChannelEncoderSettingsVideoDescription" }, "description": "Video Descriptions. See Video Descriptions for more details.\n" } }, "type": "object", "required": [ "outputGroups", "timecodeConfig" ], "language": { "nodejs": { "requiredOutputs": [ "availBlanking", "captionDescriptions", "outputGroups", "timecodeConfig", "videoDescriptions" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescription:ChannelEncoderSettingsAudioDescription": { "properties": { "audioNormalizationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioNormalizationSettings:ChannelEncoderSettingsAudioDescriptionAudioNormalizationSettings", "description": "Advanced audio normalization settings. See Audio Normalization Settings for more details.\n" }, "audioSelectorName": { "type": "string", "description": "The name of the audio selector used as the source for this AudioDescription.\n" }, "audioType": { "type": "string", "description": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.\n" }, "audioTypeControl": { "type": "string", "description": "Determined how audio type is determined.\n" }, "audioWatermarkSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettings", "description": "Settings to configure one or more solutions that insert audio watermarks in the audio encode. See Audio Watermark Settings for more details.\n" }, "codecSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettings:ChannelEncoderSettingsAudioDescriptionCodecSettings", "description": "Audio codec settings. See Audio Codec Settings for more details.\n" }, "languageCode": { "type": "string" }, "languageCodeControl": { "type": "string" }, "name": { "type": "string", "description": "The name of this audio description.\n" }, "remixSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettings:ChannelEncoderSettingsAudioDescriptionRemixSettings" }, "streamName": { "type": "string", "description": "Stream name RTMP destinations (URLs of type rtmp://)\n" } }, "type": "object", "required": [ "audioSelectorName", "name" ], "language": { "nodejs": { "requiredOutputs": [ "audioSelectorName", "audioType", "audioTypeControl", "codecSettings", "languageCode", "languageCodeControl", "name", "streamName" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioNormalizationSettings:ChannelEncoderSettingsAudioDescriptionAudioNormalizationSettings": { "properties": { "algorithm": { "type": "string", "description": "Audio normalization algorithm to use. itu17701 conforms to the CALM Act specification, itu17702 to the EBU R-128 specification.\n" }, "algorithmControl": { "type": "string", "description": "Algorithm control for the audio description.\n" }, "targetLkfs": { "type": "number", "description": "Target LKFS (loudness) to adjust volume to.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "algorithm", "algorithmControl", "targetLkfs" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettings": { "properties": { "nielsenWatermarksSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettings" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "nielsenWatermarksSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettings": { "properties": { "nielsenCbetSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenCbetSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenCbetSettings", "description": "Used to insert watermarks of type Nielsen CBET. See Nielsen CBET Settings for more details.\n" }, "nielsenDistributionType": { "type": "string", "description": "Distribution types to assign to the watermarks. Options are `PROGRAM_CONTENT` and `FINAL_DISTRIBUTOR`.\n" }, "nielsenNaesIiNwSettings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenNaesIiNwSetting:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenNaesIiNwSetting" }, "description": "Used to insert watermarks of type Nielsen NAES, II (N2) and Nielsen NAES VI (NW). See Nielsen NAES II NW Settings for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "nielsenCbetSettings", "nielsenDistributionType", "nielsenNaesIiNwSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenCbetSettings:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenCbetSettings": { "properties": { "cbetCheckDigitString": { "type": "string" }, "cbetStepaside": { "type": "string", "description": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.\n" }, "csid": { "type": "string", "description": "CBET source ID to use in the watermark.\n" } }, "type": "object", "required": [ "cbetCheckDigitString", "cbetStepaside", "csid" ] }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenNaesIiNwSetting:ChannelEncoderSettingsAudioDescriptionAudioWatermarkSettingsNielsenWatermarksSettingsNielsenNaesIiNwSetting": { "properties": { "checkDigitString": { "type": "string" }, "sid": { "type": "number", "description": "The Nielsen Source ID to include in the watermark.\n" } }, "type": "object", "required": [ "checkDigitString", "sid" ] }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettings:ChannelEncoderSettingsAudioDescriptionCodecSettings": { "properties": { "aacSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsAacSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsAacSettings", "description": "Aac Settings. See AAC Settings for more details.\n" }, "ac3Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsAc3Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsAc3Settings", "description": "Ac3 Settings. See AC3 Settings for more details.\n" }, "eac3AtmosSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3AtmosSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3AtmosSettings", "description": "Eac3 Atmos Settings. See EAC3 Atmos Settings\n" }, "eac3Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3Settings", "description": "Eac3 Settings. See EAC3 Settings\n" }, "mp2Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsMp2Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsMp2Settings" }, "passThroughSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsPassThroughSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsPassThroughSettings" }, "wavSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsWavSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsWavSettings" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsAacSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsAacSettings": { "properties": { "bitrate": { "type": "number", "description": "Average bitrate in bits/second.\n" }, "codingMode": { "type": "string", "description": "Mono, Stereo, or 5.1 channel layout.\n" }, "inputType": { "type": "string", "description": "Set to \"broadcasterMixedAd\" when input contains pre-mixed main audio + AD (narration) as a stereo pair.\n" }, "profile": { "type": "string", "description": "AAC profile.\n" }, "rateControlMode": { "type": "string", "description": "The rate control mode.\n" }, "rawFormat": { "type": "string", "description": "Sets LATM/LOAS AAC output for raw containers.\n" }, "sampleRate": { "type": "number", "description": "Sample rate in Hz.\n" }, "spec": { "type": "string", "description": "Use MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.\n" }, "vbrQuality": { "type": "string", "description": "VBR Quality Level - Only used if rateControlMode is VBR.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitrate", "codingMode", "inputType", "profile", "rateControlMode", "rawFormat", "sampleRate", "spec", "vbrQuality" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsAc3Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsAc3Settings": { "properties": { "bitrate": { "type": "number", "description": "Average bitrate in bits/second.\n" }, "bitstreamMode": { "type": "string", "description": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream.\n" }, "codingMode": { "type": "string", "description": "Dolby Digital coding mode.\n" }, "dialnorm": { "type": "integer", "description": "Sets the dialnorm of the output.\n" }, "drcProfile": { "type": "string", "description": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.\n" }, "lfeFilter": { "type": "string", "description": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding.\n" }, "metadataControl": { "type": "string", "description": "Metadata control.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitrate", "bitstreamMode", "codingMode", "dialnorm", "drcProfile", "lfeFilter", "metadataControl" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3AtmosSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3AtmosSettings": { "properties": { "bitrate": { "type": "number", "description": "Average bitrate in bits/second.\n" }, "codingMode": { "type": "string", "description": "Dolby Digital Plus with Dolby Atmos coding mode.\n" }, "dialnorm": { "type": "number", "description": "Sets the dialnorm for the output.\n" }, "drcLine": { "type": "string", "description": "Sets the Dolby dynamic range compression profile.\n" }, "drcRf": { "type": "string", "description": "Sets the profile for heavy Dolby dynamic range compression.\n" }, "heightTrim": { "type": "number", "description": "Height dimensional trim.\n" }, "surroundTrim": { "type": "number", "description": "Surround dimensional trim.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitrate", "codingMode", "dialnorm", "drcLine", "drcRf", "heightTrim", "surroundTrim" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsEac3Settings": { "properties": { "attenuationControl": { "type": "string", "description": "Sets the attenuation control.\n" }, "bitrate": { "type": "number", "description": "Average bitrate in bits/second.\n" }, "bitstreamMode": { "type": "string", "description": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream.\n" }, "codingMode": { "type": "string", "description": "Dolby Digital Plus coding mode.\n" }, "dcFilter": { "type": "string" }, "dialnorm": { "type": "integer" }, "drcLine": { "type": "string", "description": "Sets the Dolby dynamic range compression profile.\n" }, "drcRf": { "type": "string", "description": "Sets the profile for heavy Dolby dynamic range compression.\n" }, "lfeControl": { "type": "string" }, "lfeFilter": { "type": "string", "description": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding.\n" }, "loRoCenterMixLevel": { "type": "number" }, "loRoSurroundMixLevel": { "type": "number" }, "ltRtCenterMixLevel": { "type": "number" }, "ltRtSurroundMixLevel": { "type": "number" }, "metadataControl": { "type": "string", "description": "Metadata control.\n" }, "passthroughControl": { "type": "string" }, "phaseControl": { "type": "string" }, "stereoDownmix": { "type": "string" }, "surroundExMode": { "type": "string" }, "surroundMode": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "attenuationControl", "bitrate", "bitstreamMode", "codingMode", "dcFilter", "dialnorm", "drcLine", "drcRf", "lfeControl", "lfeFilter", "loRoCenterMixLevel", "loRoSurroundMixLevel", "ltRtCenterMixLevel", "ltRtSurroundMixLevel", "metadataControl", "passthroughControl", "phaseControl", "stereoDownmix", "surroundExMode", "surroundMode" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsMp2Settings:ChannelEncoderSettingsAudioDescriptionCodecSettingsMp2Settings": { "properties": { "bitrate": { "type": "number" }, "codingMode": { "type": "string" }, "sampleRate": { "type": "number", "description": "Sample rate in Hz.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitrate", "codingMode", "sampleRate" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsPassThroughSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsPassThroughSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionCodecSettingsWavSettings:ChannelEncoderSettingsAudioDescriptionCodecSettingsWavSettings": { "properties": { "bitDepth": { "type": "number" }, "codingMode": { "type": "string" }, "sampleRate": { "type": "number", "description": "Sample rate in Hz.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bitDepth", "codingMode", "sampleRate" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettings:ChannelEncoderSettingsAudioDescriptionRemixSettings": { "properties": { "channelMappings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMapping:ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMapping" } }, "channelsIn": { "type": "integer" }, "channelsOut": { "type": "integer" } }, "type": "object", "required": [ "channelMappings" ], "language": { "nodejs": { "requiredOutputs": [ "channelMappings", "channelsIn", "channelsOut" ] } } }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMapping:ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMapping": { "properties": { "inputChannelLevels": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMappingInputChannelLevel:ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMappingInputChannelLevel" } }, "outputChannel": { "type": "integer" } }, "type": "object", "required": [ "inputChannelLevels", "outputChannel" ] }, "aws:medialive/ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMappingInputChannelLevel:ChannelEncoderSettingsAudioDescriptionRemixSettingsChannelMappingInputChannelLevel": { "properties": { "gain": { "type": "integer" }, "inputChannel": { "type": "integer" } }, "type": "object", "required": [ "gain", "inputChannel" ] }, "aws:medialive/ChannelEncoderSettingsAvailBlanking:ChannelEncoderSettingsAvailBlanking": { "properties": { "availBlankingImage": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsAvailBlankingAvailBlankingImage:ChannelEncoderSettingsAvailBlankingAvailBlankingImage", "description": "Blanking image to be used. See Avail Blanking Image for more details.\n" }, "state": { "type": "string", "description": "When set to enabled, causes video, audio and captions to be blanked when insertion metadata is added.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "state" ] } } }, "aws:medialive/ChannelEncoderSettingsAvailBlankingAvailBlankingImage:ChannelEncoderSettingsAvailBlankingAvailBlankingImage": { "properties": { "passwordParam": { "type": "string", "description": "Key used to extract the password from EC2 Parameter store.\n" }, "uri": { "type": "string", "description": "Path to a file accessible to the live stream.\n" }, "username": { "type": "string", "description": ". Username to be used.\n" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsCaptionDescription:ChannelEncoderSettingsCaptionDescription": { "properties": { "accessibility": { "type": "string", "description": "Indicates whether the caption track implements accessibility features such as written descriptions of spoken dialog, music, and sounds.\n" }, "captionSelectorName": { "type": "string", "description": "Specifies which input caption selector to use as a caption source when generating output captions. This field should match a captionSelector name.\n" }, "destinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettings", "description": "Additional settings for captions destination that depend on the destination type. See Destination Settings for more details.\n" }, "languageCode": { "type": "string", "description": "ISO 639-2 three-digit code.\n" }, "languageDescription": { "type": "string", "description": "Human readable information to indicate captions available for players (eg. English, or Spanish).\n" }, "name": { "type": "string", "description": "Name of the caption description. Used to associate a caption description with an output. Names must be unique within an event.\n" } }, "type": "object", "required": [ "captionSelectorName", "name" ] }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettings": { "properties": { "aribDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsAribDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsAribDestinationSettings", "description": "ARIB Destination Settings.\n" }, "burnInDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettings", "description": "Burn In Destination Settings. See Burn In Destination Settings for more details.\n" }, "dvbSubDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettings", "description": "DVB Sub Destination Settings. See DVB Sub Destination Settings for more details.\n" }, "ebuTtDDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEbuTtDDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEbuTtDDestinationSettings", "description": "EBU TT D Destination Settings. See EBU TT D Destination Settings for more details.\n" }, "embeddedDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedDestinationSettings", "description": "Embedded Destination Settings.\n" }, "embeddedPlusScte20DestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedPlusScte20DestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedPlusScte20DestinationSettings", "description": "Embedded Plus SCTE20 Destination Settings.\n" }, "rtmpCaptionInfoDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsRtmpCaptionInfoDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsRtmpCaptionInfoDestinationSettings", "description": "RTMP Caption Info Destination Settings.\n" }, "scte20PlusEmbeddedDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte20PlusEmbeddedDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte20PlusEmbeddedDestinationSettings", "description": "SCTE20 Plus Embedded Destination Settings.\n" }, "scte27DestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte27DestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte27DestinationSettings", "description": "SCTE27 Destination Settings.\n" }, "smpteTtDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsSmpteTtDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsSmpteTtDestinationSettings", "description": "SMPTE TT Destination Settings.\n" }, "teletextDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTeletextDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTeletextDestinationSettings", "description": "Teletext Destination Settings.\n" }, "ttmlDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTtmlDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTtmlDestinationSettings", "description": "TTML Destination Settings. See TTML Destination Settings for more details.\n" }, "webvttDestinationSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsWebvttDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsWebvttDestinationSettings", "description": "WebVTT Destination Settings. See WebVTT Destination Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsAribDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsAribDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettings": { "properties": { "alignment": { "type": "string", "description": "If no explicit xPosition or yPosition is provided, setting alignment to centered will place the captions at the bottom center of the output. Similarly, setting a left alignment will align captions to the bottom left of the output. If x and y positions are given in conjunction with the alignment parameter, the font will be justified (either left or centered) relative to those coordinates. Selecting “smart” justification will left-justify live subtitles and center-justify pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.\n" }, "backgroundColor": { "type": "string", "description": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.\n" }, "backgroundOpacity": { "type": "integer", "description": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Leaving this parameter out is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.\n" }, "font": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettingsFont:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettingsFont", "description": "External font file used for caption burn-in. File extension must be ‘ttf’ or ‘tte’. Although the user can select output fonts for many different types of input captions, embedded, STL and teletext sources use a strict grid system. Using external fonts with these caption sources could cause unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match. See Font for more details.\n" }, "fontColor": { "type": "string", "description": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "fontOpacity": { "type": "integer", "description": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.\n" }, "fontResolution": { "type": "integer", "description": "Font resolution in DPI (dots per inch); default is 96 dpi. All burn-in and DVB-Sub font settings must match.\n" }, "fontSize": { "type": "string", "description": "When set to ‘auto’ fontSize will scale depending on the size of the output. Giving a positive integer will specify the exact font size in points. All burn-in and DVB-Sub font settings must match.\n" }, "outlineColor": { "type": "string", "description": "Specifies font outline color. This option is not valid for source captions that are either 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "outlineSize": { "type": "integer", "description": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "shadowColor": { "type": "string", "description": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.\n" }, "shadowOpacity": { "type": "integer", "description": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Leaving this parameter out is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.\n" }, "shadowXOffset": { "type": "integer", "description": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.\n" }, "shadowYOffset": { "type": "integer", "description": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.\n" }, "teletextGridControl": { "type": "string", "description": "Controls whether a fixed grid size will be used to generate the output subtitles bitmap. Only applicable for Teletext inputs and DVB-Sub/Burn-in outputs.\n" }, "xPosition": { "type": "integer", "description": "Specifies the horizontal position of the caption relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal caption position will be determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.\n" }, "yPosition": { "type": "integer", "description": "Specifies the vertical position of the caption relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the caption will be positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.\n" } }, "type": "object", "required": [ "outlineColor", "teletextGridControl" ] }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettingsFont:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsBurnInDestinationSettingsFont": { "properties": { "passwordParam": { "type": "string", "description": "Key used to extract the password from EC2 Parameter store.\n" }, "uri": { "type": "string", "description": "Path to a file accessible to the live stream.\n" }, "username": { "type": "string", "description": "Username to be used.\n" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettings": { "properties": { "alignment": { "type": "string", "description": "If no explicit xPosition or yPosition is provided, setting alignment to centered will place the captions at the bottom center of the output. Similarly, setting a left alignment will align captions to the bottom left of the output. If x and y positions are given in conjunction with the alignment parameter, the font will be justified (either left or centered) relative to those coordinates. Selecting “smart” justification will left-justify live subtitles and center-justify pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "backgroundColor": { "type": "string", "description": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.\n" }, "backgroundOpacity": { "type": "integer", "description": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Leaving this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.\n" }, "font": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettingsFont:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettingsFont", "description": "External font file used for caption burn-in. File extension must be ‘ttf’ or ‘tte’. Although the user can select output fonts for many different types of input captions, embedded, STL and teletext sources use a strict grid system. Using external fonts with these caption sources could cause unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match. See Font for more details.\n" }, "fontColor": { "type": "string", "description": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "fontOpacity": { "type": "integer", "description": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.\n" }, "fontResolution": { "type": "integer", "description": "Font resolution in DPI (dots per inch); default is 96 dpi. All burn-in and DVB-Sub font settings must match.\n" }, "fontSize": { "type": "string", "description": "When set to auto fontSize will scale depending on the size of the output. Giving a positive integer will specify the exact font size in points. All burn-in and DVB-Sub font settings must match.\n" }, "outlineColor": { "type": "string", "description": "Specifies font outline color. This option is not valid for source captions that are either 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "outlineSize": { "type": "integer", "description": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "shadowColor": { "type": "string", "description": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.\n" }, "shadowOpacity": { "type": "integer", "description": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Leaving this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.\n" }, "shadowXOffset": { "type": "integer", "description": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.\n" }, "shadowYOffset": { "type": "integer", "description": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.\n" }, "teletextGridControl": { "type": "string", "description": "Controls whether a fixed grid size will be used to generate the output subtitles bitmap. Only applicable for Teletext inputs and DVB-Sub/Burn-in outputs.\n" }, "xPosition": { "type": "integer", "description": "Specifies the horizontal position of the caption relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal caption position will be determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" }, "yPosition": { "type": "integer", "description": "Specifies the vertical position of the caption relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the caption will be positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded or teletext. These source settings are already pre-defined by the caption stream. All burn-in and DVB-Sub font settings must match.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "fontSize" ] } } }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettingsFont:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsDvbSubDestinationSettingsFont": { "properties": { "passwordParam": { "type": "string", "description": "Key used to extract the password from EC2 Parameter store.\n" }, "uri": { "type": "string", "description": "Path to a file accessible to the live stream.\n" }, "username": { "type": "string", "description": "Username to be used.\n" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEbuTtDDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEbuTtDDestinationSettings": { "properties": { "copyrightHolder": { "type": "string", "description": "Complete this field if you want to include the name of the copyright holder in the copyright tag in the captions metadata.\n" }, "fillLineGap": { "type": "string", "description": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions). - disabled: Leave the gap unfilled.\n" }, "fontFamily": { "type": "string", "description": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to “monospaced”. (If styleControl is set to exclude, the font family is always set to “monospaced”.) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as “Arial”), or a generic font family (such as “serif”), or “default” (to let the downstream player choose the font). - Leave blank to set the family to “monospace”.\n" }, "styleControl": { "type": "string", "description": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext. - exclude: In the font data attached to the EBU-TT captions, set the font family to “monospaced”. Do not include any other style information.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "styleControl" ] } } }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedPlusScte20DestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsEmbeddedPlusScte20DestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsRtmpCaptionInfoDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsRtmpCaptionInfoDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte20PlusEmbeddedDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte20PlusEmbeddedDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte27DestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsScte27DestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsSmpteTtDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsSmpteTtDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTeletextDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTeletextDestinationSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTtmlDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsTtmlDestinationSettings": { "properties": { "styleControl": { "type": "string", "description": "This field is not currently supported and will not affect the output styling. Leave the default value.\n" } }, "type": "object", "required": [ "styleControl" ] }, "aws:medialive/ChannelEncoderSettingsCaptionDescriptionDestinationSettingsWebvttDestinationSettings:ChannelEncoderSettingsCaptionDescriptionDestinationSettingsWebvttDestinationSettings": { "properties": { "styleControl": { "type": "string", "description": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO\\_STYLE\\_DATA - Don’t pass through the style. The output captions will not contain any font styling information.\n" } }, "type": "object", "required": [ "styleControl" ] }, "aws:medialive/ChannelEncoderSettingsGlobalConfiguration:ChannelEncoderSettingsGlobalConfiguration": { "properties": { "initialAudioGain": { "type": "integer", "description": "Value to set the initial audio gain for the Live Event.\n" }, "inputEndAction": { "type": "string", "description": "Indicates the action to take when the current input completes (e.g. end-of-file). When switchAndLoopInputs is configured the encoder will restart at the beginning of the first input. When “none” is configured the encoder will transcode either black, a solid color, or a user specified slate images per the “Input Loss Behavior” configuration until the next input switch occurs (which is controlled through the Channel Schedule API).\n" }, "inputLossBehavior": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsGlobalConfigurationInputLossBehavior:ChannelEncoderSettingsGlobalConfigurationInputLossBehavior", "description": "Settings for system actions when input is lost. See Input Loss Behavior for more details.\n" }, "outputLockingMode": { "type": "string", "description": "Indicates how MediaLive pipelines are synchronized. PIPELINE\\_LOCKING - MediaLive will attempt to synchronize the output of each pipeline to the other. EPOCH\\_LOCKING - MediaLive will attempt to synchronize the output of each pipeline to the Unix epoch.\n" }, "outputTimingSource": { "type": "string", "description": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally may be locked to another source via NTP) or should be locked to the clock of the source that is providing the input stream.\n" }, "supportLowFramerateInputs": { "type": "string", "description": "Adjusts video input buffer for streams with very low video framerates. This is commonly set to enabled for music channels with less than one video frame per second.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsGlobalConfigurationInputLossBehavior:ChannelEncoderSettingsGlobalConfigurationInputLossBehavior": { "properties": { "blackFrameMsec": { "type": "integer" }, "inputLossImageColor": { "type": "string" }, "inputLossImageSlate": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsGlobalConfigurationInputLossBehaviorInputLossImageSlate:ChannelEncoderSettingsGlobalConfigurationInputLossBehaviorInputLossImageSlate" }, "inputLossImageType": { "type": "string" }, "repeatFrameMsec": { "type": "integer" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsGlobalConfigurationInputLossBehaviorInputLossImageSlate:ChannelEncoderSettingsGlobalConfigurationInputLossBehaviorInputLossImageSlate": { "properties": { "passwordParam": { "type": "string" }, "uri": { "type": "string" }, "username": { "type": "string" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsMotionGraphicsConfiguration:ChannelEncoderSettingsMotionGraphicsConfiguration": { "properties": { "motionGraphicsInsertion": { "type": "string", "description": "Motion Graphics Insertion.\n" }, "motionGraphicsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettings:ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettings", "description": "Motion Graphics Settings. See Motion Graphics Settings for more details.\n" } }, "type": "object", "required": [ "motionGraphicsSettings" ] }, "aws:medialive/ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettings:ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettings": { "properties": { "htmlMotionGraphicsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettingsHtmlMotionGraphicsSettings:ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettingsHtmlMotionGraphicsSettings", "description": "Html Motion Graphics Settings.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettingsHtmlMotionGraphicsSettings:ChannelEncoderSettingsMotionGraphicsConfigurationMotionGraphicsSettingsHtmlMotionGraphicsSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsNielsenConfiguration:ChannelEncoderSettingsNielsenConfiguration": { "properties": { "distributorId": { "type": "string", "description": "Enter the Distributor ID assigned to your organization by Nielsen.\n" }, "nielsenPcmToId3Tagging": { "type": "string", "description": "Enables Nielsen PCM to ID3 tagging.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroup:ChannelEncoderSettingsOutputGroup": { "properties": { "name": { "type": "string", "description": "Custom output group name defined by the user.\n" }, "outputGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettings", "description": "Settings associated with the output group. See Output Group Settings for more details.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutput:ChannelEncoderSettingsOutputGroupOutput" }, "description": "List of outputs. See Outputs for more details.\n" } }, "type": "object", "required": [ "outputGroupSettings", "outputs" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutput:ChannelEncoderSettingsOutputGroupOutput": { "properties": { "audioDescriptionNames": { "type": "array", "items": { "type": "string" }, "description": "The names of the audio descriptions used as audio sources for the output.\n" }, "captionDescriptionNames": { "type": "array", "items": { "type": "string" }, "description": "The names of the caption descriptions used as caption sources for the output.\n" }, "outputName": { "type": "string", "description": "The name used to identify an output.\n" }, "outputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettings", "description": "Settings for output. See Output Settings for more details.\n" }, "videoDescriptionName": { "type": "string", "description": "The name of the video description used as video source for the output.\n" } }, "type": "object", "required": [ "outputSettings" ], "language": { "nodejs": { "requiredOutputs": [ "captionDescriptionNames", "outputSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettings": { "properties": { "archiveGroupSettings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSetting" }, "description": "Archive group settings. See Archive Group Settings for more details.\n" }, "frameCaptureGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettings" }, "hlsGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettings" }, "mediaPackageGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettings", "description": "Media package group settings. See Media Package Group Settings for more details.\n" }, "msSmoothGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettings" }, "multiplexGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMultiplexGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMultiplexGroupSettings" }, "rtmpGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsRtmpGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsRtmpGroupSettings", "description": "RTMP group settings. See RTMP Group Settings for more details.\n" }, "udpGroupSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsUdpGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsUdpGroupSettings" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "archiveGroupSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSetting": { "properties": { "archiveCdnSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettings", "description": "Parameters that control the interactions with the CDN. See Archive CDN Settings for more details.\n" }, "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestination", "description": "A director and base filename where archive files should be written. See Destination for more details.\n" }, "rolloverInterval": { "type": "integer", "description": "Number of seconds to write to archive file before closing and starting a new one.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettings": { "properties": { "archiveS3Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettingsArchiveS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettingsArchiveS3Settings", "description": "Archive S3 Settings. See Archive S3 Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettingsArchiveS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArchiveCdnSettingsArchiveS3Settings": { "properties": { "cannedAcl": { "type": "string", "description": "Specify the canned ACL to apply to each S3 request.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettings": { "properties": { "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsDestination" }, "frameCaptureCdnSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettings" } }, "type": "object", "required": [ "destination" ], "language": { "nodejs": { "requiredOutputs": [ "destination", "frameCaptureCdnSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettings": { "properties": { "frameCaptureS3Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettingsFrameCaptureS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettingsFrameCaptureS3Settings" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "frameCaptureS3Settings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettingsFrameCaptureS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsFrameCaptureGroupSettingsFrameCaptureCdnSettingsFrameCaptureS3Settings": { "properties": { "cannedAcl": { "type": "string", "description": "Specify the canned ACL to apply to each S3 request.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettings": { "properties": { "adMarkers": { "type": "array", "items": { "type": "string" }, "description": "The ad marker type for this output group.\n" }, "baseUrlContent": { "type": "string" }, "baseUrlContent1": { "type": "string" }, "baseUrlManifest": { "type": "string" }, "baseUrlManifest1": { "type": "string" }, "captionLanguageMappings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsCaptionLanguageMapping:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsCaptionLanguageMapping" } }, "captionLanguageSetting": { "type": "string" }, "clientCache": { "type": "string" }, "codecSpecification": { "type": "string" }, "constantIv": { "type": "string" }, "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsDestination" }, "directoryStructure": { "type": "string" }, "discontinuityTags": { "type": "string" }, "encryptionType": { "type": "string" }, "hlsCdnSettings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSetting" } }, "hlsId3SegmentTagging": { "type": "string" }, "iframeOnlyPlaylists": { "type": "string" }, "incompleteSegmentBehavior": { "type": "string" }, "indexNSegments": { "type": "integer" }, "inputLossAction": { "type": "string" }, "ivInManifest": { "type": "string" }, "ivSource": { "type": "string" }, "keepSegments": { "type": "integer" }, "keyFormat": { "type": "string" }, "keyFormatVersions": { "type": "string" }, "keyProviderSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettings" }, "manifestCompression": { "type": "string" }, "manifestDurationFormat": { "type": "string" }, "minSegmentLength": { "type": "integer" }, "mode": { "type": "string" }, "outputSelection": { "type": "string" }, "programDateTime": { "type": "string" }, "programDateTimeClock": { "type": "string" }, "programDateTimePeriod": { "type": "integer" }, "redundantManifest": { "type": "string" }, "segmentLength": { "type": "integer" }, "segmentsPerSubdirectory": { "type": "integer" }, "streamInfResolution": { "type": "string" }, "timedMetadataId3Frame": { "type": "string", "description": "Indicates ID3 frame that has the timecode.\n" }, "timedMetadataId3Period": { "type": "integer" }, "timestampDeltaMilliseconds": { "type": "integer" }, "tsFileMode": { "type": "string" } }, "type": "object", "required": [ "destination" ], "language": { "nodejs": { "requiredOutputs": [ "adMarkers", "baseUrlContent", "baseUrlContent1", "baseUrlManifest", "baseUrlManifest1", "captionLanguageSetting", "clientCache", "codecSpecification", "constantIv", "destination", "directoryStructure", "discontinuityTags", "encryptionType", "hlsCdnSettings", "hlsId3SegmentTagging", "iframeOnlyPlaylists", "incompleteSegmentBehavior", "indexNSegments", "inputLossAction", "ivInManifest", "ivSource", "keepSegments", "keyFormat", "keyFormatVersions", "keyProviderSettings", "manifestCompression", "manifestDurationFormat", "minSegmentLength", "mode", "outputSelection", "programDateTime", "programDateTimeClock", "programDateTimePeriod", "redundantManifest", "segmentLength", "segmentsPerSubdirectory", "streamInfResolution", "timedMetadataId3Frame", "timedMetadataId3Period", "timestampDeltaMilliseconds", "tsFileMode" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsCaptionLanguageMapping:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsCaptionLanguageMapping": { "properties": { "captionChannel": { "type": "integer" }, "languageCode": { "type": "string" }, "languageDescription": { "type": "string", "description": "Human readable information to indicate captions available for players (eg. English, or Spanish).\n" } }, "type": "object", "required": [ "captionChannel", "languageCode", "languageDescription" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSetting": { "properties": { "hlsAkamaiSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsAkamaiSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsAkamaiSettings" }, "hlsBasicPutSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsBasicPutSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsBasicPutSettings" }, "hlsMediaStoreSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsMediaStoreSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsMediaStoreSettings" }, "hlsS3Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsS3Settings" }, "hlsWebdavSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsWebdavSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsWebdavSettings" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "hlsS3Settings", "hlsWebdavSettings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsAkamaiSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsAkamaiSettings": { "properties": { "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "filecacheDuration": { "type": "integer" }, "httpTransferMode": { "type": "string" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" }, "salt": { "type": "string" }, "token": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpTransferMode", "salt", "token" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsBasicPutSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsBasicPutSettings": { "properties": { "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "filecacheDuration": { "type": "integer" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsMediaStoreSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsMediaStoreSettings": { "properties": { "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "filecacheDuration": { "type": "integer" }, "mediaStoreStorageClass": { "type": "string" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "mediaStoreStorageClass" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsS3Settings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsS3Settings": { "properties": { "cannedAcl": { "type": "string", "description": "Specify the canned ACL to apply to each S3 request.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsWebdavSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsHlsCdnSettingHlsWebdavSettings": { "properties": { "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "filecacheDuration": { "type": "integer" }, "httpTransferMode": { "type": "string" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "httpTransferMode" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettings": { "properties": { "staticKeySettings": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySetting" } } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySetting:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySetting": { "properties": { "keyProviderServer": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySettingKeyProviderServer:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySettingKeyProviderServer" }, "staticKeyValue": { "type": "string" } }, "type": "object", "required": [ "staticKeyValue" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySettingKeyProviderServer:ChannelEncoderSettingsOutputGroupOutputGroupSettingsHlsGroupSettingsKeyProviderSettingsStaticKeySettingKeyProviderServer": { "properties": { "passwordParam": { "type": "string" }, "uri": { "type": "string" }, "username": { "type": "string" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettings": { "properties": { "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettingsDestination", "description": "A director and base filename where archive files should be written. See Destination for more details.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMediaPackageGroupSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettings": { "properties": { "acquisitionPointId": { "type": "string" }, "audioOnlyTimecodeControl": { "type": "string" }, "certificateMode": { "type": "string", "description": "Setting to allow self signed or verified RTMP certificates.\n" }, "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettingsDestination" }, "eventId": { "type": "string" }, "eventIdMode": { "type": "string" }, "eventStopBehavior": { "type": "string" }, "filecacheDuration": { "type": "integer" }, "fragmentLength": { "type": "integer" }, "inputLossAction": { "type": "string" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" }, "segmentationMode": { "type": "string" }, "sendDelayMs": { "type": "integer" }, "sparseTrackType": { "type": "string" }, "streamManifestBehavior": { "type": "string" }, "timestampOffset": { "type": "string" }, "timestampOffsetMode": { "type": "string" } }, "type": "object", "required": [ "destination" ], "language": { "nodejs": { "requiredOutputs": [ "acquisitionPointId", "audioOnlyTimecodeControl", "certificateMode", "connectionRetryInterval", "destination", "eventId", "eventIdMode", "eventStopBehavior", "fragmentLength", "inputLossAction", "segmentationMode", "sendDelayMs", "sparseTrackType", "streamManifestBehavior", "timestampOffset", "timestampOffsetMode" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettingsDestination:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMsSmoothGroupSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsMultiplexGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsMultiplexGroupSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsRtmpGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsRtmpGroupSettings": { "properties": { "adMarkers": { "type": "array", "items": { "type": "string" }, "description": "The ad marker type for this output group.\n" }, "authenticationScheme": { "type": "string", "description": "Authentication scheme to use when connecting with CDN.\n" }, "cacheFullBehavior": { "type": "string", "description": "Controls behavior when content cache fills up.\n" }, "cacheLength": { "type": "integer", "description": "Cache length in seconds, is used to calculate buffer size.\n" }, "captionData": { "type": "string", "description": "Controls the types of data that passes to onCaptionInfo outputs.\n" }, "inputLossAction": { "type": "string", "description": "Controls the behavior of the RTMP group if input becomes unavailable.\n" }, "restartDelay": { "type": "integer", "description": "Number of seconds to wait until a restart is initiated.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "authenticationScheme", "cacheFullBehavior", "cacheLength", "captionData", "inputLossAction" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputGroupSettingsUdpGroupSettings:ChannelEncoderSettingsOutputGroupOutputGroupSettingsUdpGroupSettings": { "properties": { "inputLossAction": { "type": "string", "description": "Specifies behavior of last resort when input video os lost.\n" }, "timedMetadataId3Frame": { "type": "string", "description": "Indicates ID3 frame that has the timecode.\n" }, "timedMetadataId3Period": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "inputLossAction", "timedMetadataId3Frame", "timedMetadataId3Period" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettings": { "properties": { "archiveOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettings", "description": "Archive output settings. See Archive Output Settings for more details.\n" }, "frameCaptureOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsFrameCaptureOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsFrameCaptureOutputSettings" }, "hlsOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettings" }, "mediaPackageOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMediaPackageOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMediaPackageOutputSettings", "description": "Media package output settings. This can be set as an empty block.\n" }, "msSmoothOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMsSmoothOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMsSmoothOutputSettings" }, "multiplexOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettings", "description": "Multiplex output settings. See Multiplex Output Settings for more details.\n" }, "rtmpOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettings", "description": "RTMP output settings. See RTMP Output Settings for more details.\n" }, "udpOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettings", "description": "UDP output settings. See UDP Output Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettings": { "properties": { "containerSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettings", "description": "Settings specific to the container type of the file. See Container Settings for more details.\n" }, "extension": { "type": "string", "description": "Output file extension.\n" }, "nameModifier": { "type": "string", "description": "String concatenated to the end of the destination filename. Required for multiple outputs of the same type.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettings": { "properties": { "m2tsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettings", "description": "M2TS Settings. See [M2TS Settings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-m2tssettings.html) for more details.\n" }, "rawSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsRawSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsRawSettings", "description": "Raw Settings. This can be set as an empty block.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettings": { "properties": { "absentInputAudioBehavior": { "type": "string" }, "arib": { "type": "string" }, "aribCaptionsPid": { "type": "string" }, "aribCaptionsPidControl": { "type": "string" }, "audioBufferModel": { "type": "string" }, "audioFramesPerPes": { "type": "integer" }, "audioPids": { "type": "string" }, "audioStreamType": { "type": "string" }, "bitrate": { "type": "integer" }, "bufferModel": { "type": "string" }, "ccDescriptor": { "type": "string" }, "dvbNitSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings" }, "dvbSdtSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings" }, "dvbSubPids": { "type": "string" }, "dvbTdtSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings" }, "dvbTeletextPid": { "type": "string" }, "ebif": { "type": "string" }, "ebpAudioInterval": { "type": "string" }, "ebpLookaheadMs": { "type": "integer" }, "ebpPlacement": { "type": "string" }, "ecmPid": { "type": "string" }, "esRateInPes": { "type": "string" }, "etvPlatformPid": { "type": "string" }, "etvSignalPid": { "type": "string" }, "fragmentTime": { "type": "number" }, "klv": { "type": "string" }, "klvDataPids": { "type": "string" }, "nielsenId3Behavior": { "type": "string" }, "nullPacketBitrate": { "type": "number" }, "patInterval": { "type": "integer" }, "pcrControl": { "type": "string" }, "pcrPeriod": { "type": "integer" }, "pcrPid": { "type": "string" }, "pmtInterval": { "type": "integer" }, "pmtPid": { "type": "string" }, "programNum": { "type": "integer" }, "rateMode": { "type": "string" }, "scte27Pids": { "type": "string" }, "scte35Control": { "type": "string" }, "scte35Pid": { "type": "string", "description": "PID from which to read SCTE-35 messages.\n" }, "segmentationMarkers": { "type": "string" }, "segmentationStyle": { "type": "string" }, "segmentationTime": { "type": "number" }, "timedMetadataBehavior": { "type": "string" }, "timedMetadataPid": { "type": "string" }, "transportStreamId": { "type": "integer" }, "videoPid": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "absentInputAudioBehavior", "aribCaptionsPid", "audioPids", "dvbSubPids", "dvbTeletextPid", "etvPlatformPid", "etvSignalPid", "klvDataPids", "pmtPid", "scte27Pids", "scte35Pid", "timedMetadataPid", "videoPid" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings": { "properties": { "networkId": { "type": "integer" }, "networkName": { "type": "string" }, "repInterval": { "type": "integer" } }, "type": "object", "required": [ "networkId", "networkName" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings": { "properties": { "outputSdt": { "type": "string" }, "repInterval": { "type": "integer" }, "serviceName": { "type": "string" }, "serviceProviderName": { "type": "string" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings": { "properties": { "repInterval": { "type": "integer" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsRawSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsRawSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsFrameCaptureOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsFrameCaptureOutputSettings": { "properties": { "nameModifier": { "type": "string", "description": "String concatenated to the end of the destination filename. Required for multiple outputs of the same type.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "nameModifier" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettings": { "properties": { "h265PackagingType": { "type": "string" }, "hlsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettings" }, "nameModifier": { "type": "string", "description": "String concatenated to the end of the destination filename. Required for multiple outputs of the same type.\n" }, "segmentModifier": { "type": "string" } }, "type": "object", "required": [ "hlsSettings" ], "language": { "nodejs": { "requiredOutputs": [ "h265PackagingType", "hlsSettings", "nameModifier", "segmentModifier" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettings": { "properties": { "audioOnlyHlsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettings" }, "fmp4HlsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFmp4HlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFmp4HlsSettings" }, "frameCaptureHlsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFrameCaptureHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFrameCaptureHlsSettings" }, "standardHlsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettings" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettings": { "properties": { "audioGroupId": { "type": "string" }, "audioOnlyImage": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettingsAudioOnlyImage:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettingsAudioOnlyImage" }, "audioTrackType": { "type": "string" }, "segmentType": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "audioGroupId", "audioTrackType", "segmentType" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettingsAudioOnlyImage:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsAudioOnlyHlsSettingsAudioOnlyImage": { "properties": { "passwordParam": { "type": "string" }, "uri": { "type": "string" }, "username": { "type": "string" } }, "type": "object", "required": [ "uri" ], "language": { "nodejs": { "requiredOutputs": [ "passwordParam", "uri", "username" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFmp4HlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFmp4HlsSettings": { "properties": { "audioRenditionSets": { "type": "string" }, "nielsenId3Behavior": { "type": "string" }, "timedMetadataBehavior": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "audioRenditionSets", "nielsenId3Behavior", "timedMetadataBehavior" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFrameCaptureHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsFrameCaptureHlsSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettings": { "properties": { "audioRenditionSets": { "type": "string" }, "m3u8Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettingsM3u8Settings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettingsM3u8Settings" } }, "type": "object", "required": [ "m3u8Settings" ], "language": { "nodejs": { "requiredOutputs": [ "audioRenditionSets", "m3u8Settings" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettingsM3u8Settings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsHlsOutputSettingsHlsSettingsStandardHlsSettingsM3u8Settings": { "properties": { "audioFramesPerPes": { "type": "integer" }, "audioPids": { "type": "string" }, "ecmPid": { "type": "string" }, "nielsenId3Behavior": { "type": "string" }, "patInterval": { "type": "integer" }, "pcrControl": { "type": "string" }, "pcrPeriod": { "type": "integer" }, "pcrPid": { "type": "string" }, "pmtInterval": { "type": "integer" }, "pmtPid": { "type": "string" }, "programNum": { "type": "integer" }, "scte35Behavior": { "type": "string" }, "scte35Pid": { "type": "string", "description": "PID from which to read SCTE-35 messages.\n" }, "timedMetadataBehavior": { "type": "string" }, "timedMetadataPid": { "type": "string" }, "transportStreamId": { "type": "integer" }, "videoPid": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "audioFramesPerPes", "audioPids", "ecmPid", "nielsenId3Behavior", "patInterval", "pcrControl", "pcrPeriod", "pcrPid", "pmtInterval", "pmtPid", "programNum", "scte35Behavior", "scte35Pid", "timedMetadataBehavior", "timedMetadataPid", "transportStreamId", "videoPid" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMediaPackageOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMediaPackageOutputSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMsSmoothOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMsSmoothOutputSettings": { "properties": { "h265PackagingType": { "type": "string" }, "nameModifier": { "type": "string", "description": "String concatenated to the end of the destination filename. Required for multiple outputs of the same type.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "h265PackagingType", "nameModifier" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettings": { "properties": { "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettingsDestination", "description": "Destination is a multiplex. See Destination for more details.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsMultiplexOutputSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettings": { "properties": { "certificateMode": { "type": "string", "description": "Setting to allow self signed or verified RTMP certificates.\n" }, "connectionRetryInterval": { "type": "integer", "description": "Number of seconds to wait before retrying connection to the flash media server if the connection is lost.\n" }, "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettingsDestination", "description": "The RTMP endpoint excluding the stream name. See Destination for more details.\n" }, "numRetries": { "type": "integer", "description": "Number of retry attempts.\n" } }, "type": "object", "required": [ "destination" ], "language": { "nodejs": { "requiredOutputs": [ "certificateMode", "connectionRetryInterval", "destination", "numRetries" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsRtmpOutputSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettings": { "properties": { "bufferMsec": { "type": "integer", "description": "UDP output buffering in milliseconds.\n" }, "containerSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettings", "description": "UDP container settings. See Container Settings for more details.\n" }, "destination": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsDestination", "description": "Destination address and port number for RTP or UDP packets. See Destination for more details.\n" }, "fecOutputSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsFecOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsFecOutputSettings" } }, "type": "object", "required": [ "containerSettings", "destination" ], "language": { "nodejs": { "requiredOutputs": [ "bufferMsec", "containerSettings", "destination" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettings": { "properties": { "m2tsSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettings", "description": "M2TS Settings. See [M2TS Settings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-m2tssettings.html) for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettings": { "properties": { "absentInputAudioBehavior": { "type": "string" }, "arib": { "type": "string" }, "aribCaptionsPid": { "type": "string" }, "aribCaptionsPidControl": { "type": "string" }, "audioBufferModel": { "type": "string" }, "audioFramesPerPes": { "type": "integer" }, "audioPids": { "type": "string" }, "audioStreamType": { "type": "string" }, "bitrate": { "type": "integer" }, "bufferModel": { "type": "string" }, "ccDescriptor": { "type": "string" }, "dvbNitSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings" }, "dvbSdtSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings" }, "dvbSubPids": { "type": "string" }, "dvbTdtSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings" }, "dvbTeletextPid": { "type": "string" }, "ebif": { "type": "string" }, "ebpAudioInterval": { "type": "string" }, "ebpLookaheadMs": { "type": "integer" }, "ebpPlacement": { "type": "string" }, "ecmPid": { "type": "string" }, "esRateInPes": { "type": "string" }, "etvPlatformPid": { "type": "string" }, "etvSignalPid": { "type": "string" }, "fragmentTime": { "type": "number" }, "klv": { "type": "string" }, "klvDataPids": { "type": "string" }, "nielsenId3Behavior": { "type": "string" }, "nullPacketBitrate": { "type": "number" }, "patInterval": { "type": "integer" }, "pcrControl": { "type": "string" }, "pcrPeriod": { "type": "integer" }, "pcrPid": { "type": "string" }, "pmtInterval": { "type": "integer" }, "pmtPid": { "type": "string" }, "programNum": { "type": "integer" }, "rateMode": { "type": "string" }, "scte27Pids": { "type": "string" }, "scte35Control": { "type": "string" }, "scte35Pid": { "type": "string", "description": "PID from which to read SCTE-35 messages.\n" }, "segmentationMarkers": { "type": "string" }, "segmentationStyle": { "type": "string" }, "segmentationTime": { "type": "number" }, "timedMetadataBehavior": { "type": "string" }, "timedMetadataPid": { "type": "string" }, "transportStreamId": { "type": "integer" }, "videoPid": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "absentInputAudioBehavior", "aribCaptionsPid", "audioPids", "dvbSubPids", "dvbTeletextPid", "etvPlatformPid", "etvSignalPid", "klvDataPids", "pmtPid", "scte27Pids", "scte35Pid", "timedMetadataPid", "videoPid" ] } } }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbNitSettings": { "properties": { "networkId": { "type": "integer" }, "networkName": { "type": "string" }, "repInterval": { "type": "integer" } }, "type": "object", "required": [ "networkId", "networkName" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbSdtSettings": { "properties": { "outputSdt": { "type": "string" }, "repInterval": { "type": "integer" }, "serviceName": { "type": "string" }, "serviceProviderName": { "type": "string" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsContainerSettingsM2tsSettingsDvbTdtSettings": { "properties": { "repInterval": { "type": "integer" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsDestination:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsDestination": { "properties": { "destinationRefId": { "type": "string", "description": "Reference ID for the destination.\n" } }, "type": "object", "required": [ "destinationRefId" ] }, "aws:medialive/ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsFecOutputSettings:ChannelEncoderSettingsOutputGroupOutputOutputSettingsUdpOutputSettingsFecOutputSettings": { "properties": { "columnDepth": { "type": "integer", "description": "The height of the FEC protection matrix.\n" }, "includeFec": { "type": "string", "description": "Enables column only or column and row based FEC.\n" }, "rowLength": { "type": "integer", "description": "The width of the FEC protection matrix.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "columnDepth", "includeFec", "rowLength" ] } } }, "aws:medialive/ChannelEncoderSettingsTimecodeConfig:ChannelEncoderSettingsTimecodeConfig": { "properties": { "source": { "type": "string", "description": "The source for the timecode that will be associated with the events outputs.\n" }, "syncThreshold": { "type": "integer", "description": "Threshold in frames beyond which output timecode is resynchronized to the input timecode.\n" } }, "type": "object", "required": [ "source" ], "language": { "nodejs": { "requiredOutputs": [ "source", "syncThreshold" ] } } }, "aws:medialive/ChannelEncoderSettingsVideoDescription:ChannelEncoderSettingsVideoDescription": { "properties": { "codecSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettings:ChannelEncoderSettingsVideoDescriptionCodecSettings", "description": "The video codec settings. See Video Codec Settings for more details.\n" }, "height": { "type": "integer", "description": "Output video height in pixels.\n" }, "name": { "type": "string", "description": "The name of the video description.\n" }, "respondToAfd": { "type": "string", "description": "Indicate how to respond to the AFD values that might be in the input video.\n" }, "scalingBehavior": { "type": "string", "description": "Behavior on how to scale.\n" }, "sharpness": { "type": "integer", "description": "Changes the strength of the anti-alias filter used for scaling.\n" }, "width": { "type": "integer", "description": "Output video width in pixels.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "height", "name", "respondToAfd", "scalingBehavior", "sharpness", "width" ] } } }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettings:ChannelEncoderSettingsVideoDescriptionCodecSettings": { "properties": { "frameCaptureSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsFrameCaptureSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsFrameCaptureSettings", "description": "Frame capture settings. See Frame Capture Settings for more details.\n" }, "h264Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264Settings", "description": "H264 settings. See H264 Settings for more details.\n" }, "h265Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265Settings" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsFrameCaptureSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsFrameCaptureSettings": { "properties": { "captureInterval": { "type": "integer", "description": "The frequency at which to capture frames for inclusion in the output.\n" }, "captureIntervalUnits": { "type": "string", "description": "Unit for the frame capture interval.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "captureInterval", "captureIntervalUnits" ] } } }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264Settings": { "properties": { "adaptiveQuantization": { "type": "string", "description": "Enables or disables adaptive quantization.\n" }, "afdSignaling": { "type": "string", "description": "Indicates that AFD values will be written into the output stream.\n" }, "bitrate": { "type": "integer", "description": "Average bitrate in bits/second.\n" }, "bufFillPct": { "type": "integer" }, "bufSize": { "type": "integer", "description": "Size of buffer in bits.\n" }, "colorMetadata": { "type": "string", "description": "Includes color space metadata in the output.\n" }, "entropyEncoding": { "type": "string", "description": "Entropy encoding mode.\n" }, "filterSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettings", "description": "Filters to apply to an encode. See H264 Filter Settings for more details.\n" }, "fixedAfd": { "type": "string", "description": "Four bit AFD value to write on all frames of video in the output stream.\n" }, "flickerAq": { "type": "string" }, "forceFieldPictures": { "type": "string", "description": "Controls whether coding is performed on a field basis or on a frame basis.\n" }, "framerateControl": { "type": "string", "description": "Indicates how the output video frame rate is specified.\n" }, "framerateDenominator": { "type": "integer", "description": "Framerate denominator.\n" }, "framerateNumerator": { "type": "integer", "description": "Framerate numerator.\n" }, "gopBReference": { "type": "string", "description": "GOP-B reference.\n" }, "gopClosedCadence": { "type": "integer", "description": "Frequency of closed GOPs.\n" }, "gopNumBFrames": { "type": "integer", "description": "Number of B-frames between reference frames.\n" }, "gopSize": { "type": "number", "description": "GOP size in units of either frames of seconds per `gop_size_units`.\n" }, "gopSizeUnits": { "type": "string", "description": "Indicates if the `gop_size` is specified in frames or seconds.\n" }, "level": { "type": "string", "description": "H264 level.\n" }, "lookAheadRateControl": { "type": "string", "description": "Amount of lookahead.\n" }, "maxBitrate": { "type": "integer", "description": "Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.\n" }, "minIInterval": { "type": "integer" }, "numRefFrames": { "type": "integer", "description": "Number of reference frames to use.\n" }, "parControl": { "type": "string", "description": "Indicates how the output pixel aspect ratio is specified.\n" }, "parDenominator": { "type": "integer", "description": "Pixel Aspect Ratio denominator.\n" }, "parNumerator": { "type": "integer", "description": "Pixel Aspect Ratio numerator.\n" }, "profile": { "type": "string", "description": "H264 profile.\n" }, "qualityLevel": { "type": "string", "description": "Quality level.\n" }, "qvbrQualityLevel": { "type": "integer", "description": "Controls the target quality for the video encode.\n" }, "rateControlMode": { "type": "string", "description": "Rate control mode.\n" }, "scanType": { "type": "string", "description": "Sets the scan type of the output.\n" }, "sceneChangeDetect": { "type": "string", "description": "Scene change detection.\n" }, "slices": { "type": "integer", "description": "Number of slices per picture.\n" }, "softness": { "type": "integer", "description": "Softness.\n" }, "spatialAq": { "type": "string", "description": "Makes adjustments within each frame based on spatial variation of content complexity.\n" }, "subgopLength": { "type": "string", "description": "Subgop length.\n" }, "syntax": { "type": "string", "description": "Produces a bitstream compliant with SMPTE RP-2027.\n" }, "temporalAq": { "type": "string", "description": "Makes adjustments within each frame based on temporal variation of content complexity.\n" }, "timecodeInsertion": { "type": "string", "description": "Determines how timecodes should be inserted into the video elementary stream.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "adaptiveQuantization", "afdSignaling", "bitrate", "bufFillPct", "bufSize", "colorMetadata", "entropyEncoding", "fixedAfd", "flickerAq", "forceFieldPictures", "framerateControl", "framerateDenominator", "framerateNumerator", "gopBReference", "gopClosedCadence", "gopNumBFrames", "gopSize", "gopSizeUnits", "level", "lookAheadRateControl", "maxBitrate", "minIInterval", "numRefFrames", "parControl", "parDenominator", "parNumerator", "profile", "qualityLevel", "qvbrQualityLevel", "rateControlMode", "scanType", "sceneChangeDetect", "slices", "softness", "spatialAq", "subgopLength", "syntax", "temporalAq", "timecodeInsertion" ] } } }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettings": { "properties": { "temporalFilterSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettingsTemporalFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettingsTemporalFilterSettings" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettingsTemporalFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH264SettingsFilterSettingsTemporalFilterSettings": { "properties": { "postFilterSharpening": { "type": "string", "description": "Post filter sharpening.\n" }, "strength": { "type": "string", "description": "Filter strength.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265Settings": { "properties": { "adaptiveQuantization": { "type": "string", "description": "Enables or disables adaptive quantization.\n" }, "afdSignaling": { "type": "string", "description": "Indicates that AFD values will be written into the output stream.\n" }, "alternativeTransferFunction": { "type": "string", "description": "Whether or not EML should insert an Alternative Transfer Function SEI message.\n" }, "bitrate": { "type": "integer", "description": "Average bitrate in bits/second.\n" }, "bufSize": { "type": "integer", "description": "Size of buffer in bits.\n" }, "colorMetadata": { "type": "string", "description": "Includes color space metadata in the output.\n" }, "colorSpaceSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettings", "description": "Define the color metadata for the output. H265 Color Space Settings for more details.\n" }, "filterSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettings", "description": "Filters to apply to an encode. See H265 Filter Settings for more details.\n" }, "fixedAfd": { "type": "string", "description": "Four bit AFD value to write on all frames of video in the output stream.\n" }, "flickerAq": { "type": "string" }, "framerateDenominator": { "type": "integer", "description": "Framerate denominator.\n" }, "framerateNumerator": { "type": "integer", "description": "Framerate numerator.\n" }, "gopClosedCadence": { "type": "integer", "description": "Frequency of closed GOPs.\n" }, "gopSize": { "type": "number", "description": "GOP size in units of either frames of seconds per `gop_size_units`.\n" }, "gopSizeUnits": { "type": "string", "description": "Indicates if the `gop_size` is specified in frames or seconds.\n" }, "level": { "type": "string", "description": "H265 level.\n" }, "lookAheadRateControl": { "type": "string", "description": "Amount of lookahead.\n" }, "maxBitrate": { "type": "integer", "description": "Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.\n" }, "minIInterval": { "type": "integer" }, "parDenominator": { "type": "integer", "description": "Pixel Aspect Ratio denominator.\n" }, "parNumerator": { "type": "integer", "description": "Pixel Aspect Ratio numerator.\n" }, "profile": { "type": "string", "description": "H265 profile.\n" }, "qvbrQualityLevel": { "type": "integer", "description": "Controls the target quality for the video encode.\n" }, "rateControlMode": { "type": "string", "description": "Rate control mode.\n" }, "scanType": { "type": "string", "description": "Sets the scan type of the output.\n" }, "sceneChangeDetect": { "type": "string", "description": "Scene change detection.\n" }, "slices": { "type": "integer", "description": "Number of slices per picture.\n" }, "tier": { "type": "string", "description": "Set the H265 tier in the output.\n" }, "timecodeBurninSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsTimecodeBurninSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsTimecodeBurninSettings", "description": "Apply a burned in timecode. See H265 Timecode Burnin Settings for more details.\n" }, "timecodeInsertion": { "type": "string", "description": "Determines how timecodes should be inserted into the video elementary stream.\n" } }, "type": "object", "required": [ "bitrate", "framerateDenominator", "framerateNumerator" ], "language": { "nodejs": { "requiredOutputs": [ "adaptiveQuantization", "afdSignaling", "alternativeTransferFunction", "bitrate", "colorMetadata", "fixedAfd", "flickerAq", "framerateDenominator", "framerateNumerator", "gopSizeUnits", "level", "lookAheadRateControl", "profile", "rateControlMode", "scanType", "sceneChangeDetect", "tier", "timecodeInsertion" ] } } }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettings": { "properties": { "colorSpacePassthroughSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsColorSpacePassthroughSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsColorSpacePassthroughSettings", "description": "Sets the colorspace metadata to be passed through.\n" }, "dolbyVision81Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsDolbyVision81Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsDolbyVision81Settings", "description": "Set the colorspace to Dolby Vision81.\n" }, "hdr10Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsHdr10Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsHdr10Settings", "description": "Set the colorspace to be HDR10. See H265 HDR10 Settings for more details.\n" }, "rec601Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec601Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec601Settings", "description": "Set the colorspace to Rec. 601.\n" }, "rec709Settings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec709Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec709Settings", "description": "Set the colorspace to Rec. 709.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsColorSpacePassthroughSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsColorSpacePassthroughSettings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsDolbyVision81Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsDolbyVision81Settings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsHdr10Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsHdr10Settings": { "properties": { "maxCll": { "type": "integer", "description": "Sets the MaxCLL value for HDR10.\n" }, "maxFall": { "type": "integer", "description": "Sets the MaxFALL value for HDR10.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec601Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec601Settings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec709Settings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsColorSpaceSettingsRec709Settings": { "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettings": { "properties": { "temporalFilterSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettingsTemporalFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettingsTemporalFilterSettings" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettingsTemporalFilterSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsFilterSettingsTemporalFilterSettings": { "properties": { "postFilterSharpening": { "type": "string", "description": "Post filter sharpening.\n" }, "strength": { "type": "string", "description": "Filter strength.\n" } }, "type": "object" }, "aws:medialive/ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsTimecodeBurninSettings:ChannelEncoderSettingsVideoDescriptionCodecSettingsH265SettingsTimecodeBurninSettings": { "properties": { "prefix": { "type": "string", "description": "Set a prefix on the burned in timecode.\n" }, "timecodeBurninFontSize": { "type": "string", "description": "Sets the size of the burned in timecode.\n" }, "timecodeBurninPosition": { "type": "string", "description": "Sets the position of the burned in timecode.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "prefix", "timecodeBurninFontSize", "timecodeBurninPosition" ] } } }, "aws:medialive/ChannelInputAttachment:ChannelInputAttachment": { "properties": { "automaticInputFailoverSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettings:ChannelInputAttachmentAutomaticInputFailoverSettings", "description": "User-specified settings for defining what the conditions are for declaring the input unhealthy and failing over to a different input. See Automatic Input Failover Settings for more details.\n" }, "inputAttachmentName": { "type": "string", "description": "User-specified name for the attachment.\n" }, "inputId": { "type": "string", "description": "The ID of the input.\n" }, "inputSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettings:ChannelInputAttachmentInputSettings", "description": "Settings of an input. See Input Settings for more details.\n" } }, "type": "object", "required": [ "inputAttachmentName", "inputId" ], "language": { "nodejs": { "requiredOutputs": [ "inputAttachmentName", "inputId", "inputSettings" ] } } }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettings:ChannelInputAttachmentAutomaticInputFailoverSettings": { "properties": { "errorClearTimeMsec": { "type": "integer", "description": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input\\_preference for the failover pair is set to PRIMARY\\_INPUT\\_PREFERRED, because after this time, MediaLive will switch back to the primary input.\n" }, "failoverConditions": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverCondition:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverCondition" }, "description": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input. See Failover Condition Block for more details.\n" }, "inputPreference": { "type": "string", "description": "Input preference when deciding which input to make active when a previously failed input has recovered.\n" }, "secondaryInputId": { "type": "string", "description": "The input ID of the secondary input in the automatic input failover pair.\n" } }, "type": "object", "required": [ "secondaryInputId" ] }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverCondition:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverCondition": { "properties": { "failoverConditionSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettings", "description": "Failover condition type-specific settings. See Failover Condition Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettings": { "properties": { "audioSilenceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsAudioSilenceSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsAudioSilenceSettings", "description": "MediaLive will perform a failover if the specified audio selector is silent for the specified period. See Audio Silence Failover Settings for more details.\n" }, "inputLossSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsInputLossSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsInputLossSettings", "description": "MediaLive will perform a failover if content is not detected in this input for the specified period. See Input Loss Failover Settings for more details.\n" }, "videoBlackSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsVideoBlackSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsVideoBlackSettings", "description": "MediaLive will perform a failover if content is considered black for the specified period. See Video Black Failover Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsAudioSilenceSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsAudioSilenceSettings": { "properties": { "audioSelectorName": { "type": "string" }, "audioSilenceThresholdMsec": { "type": "integer", "description": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.\n" } }, "type": "object", "required": [ "audioSelectorName" ] }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsInputLossSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsInputLossSettings": { "properties": { "inputLossThresholdMsec": { "type": "integer", "description": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsVideoBlackSettings:ChannelInputAttachmentAutomaticInputFailoverSettingsFailoverConditionFailoverConditionSettingsVideoBlackSettings": { "properties": { "blackDetectThreshold": { "type": "number", "description": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (10230.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (2550.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.\n" }, "videoBlackThresholdMsec": { "type": "integer", "description": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettings:ChannelInputAttachmentInputSettings": { "properties": { "audioSelectors": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelector:ChannelInputAttachmentInputSettingsAudioSelector" }, "description": "Used to select the audio stream to decode for inputs that have multiple. See Audio Selectors for more details.\n" }, "captionSelectors": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelector:ChannelInputAttachmentInputSettingsCaptionSelector" }, "description": "Used to select the caption input to use for inputs that have multiple available. See Caption Selectors for more details.\n" }, "deblockFilter": { "type": "string", "description": "Enable or disable the deblock filter when filtering.\n" }, "denoiseFilter": { "type": "string", "description": "Enable or disable the denoise filter when filtering.\n" }, "filterStrength": { "type": "integer", "description": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).\n" }, "inputFilter": { "type": "string", "description": "Turns on the filter for the input.\n" }, "networkInputSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsNetworkInputSettings:ChannelInputAttachmentInputSettingsNetworkInputSettings", "description": "Input settings. See Network Input Settings for more details.\n" }, "scte35Pid": { "type": "integer", "description": "PID from which to read SCTE-35 messages.\n" }, "smpte2038DataPreference": { "type": "string", "description": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in the input.\n" }, "sourceEndBehavior": { "type": "string", "description": "Loop input if it is a file.\n" }, "videoSelector": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsVideoSelector:ChannelInputAttachmentInputSettingsVideoSelector" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "inputFilter" ] } } }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelector:ChannelInputAttachmentInputSettingsAudioSelector": { "properties": { "name": { "type": "string", "description": "Name of the Channel.\n\nThe following arguments are optional:\n" }, "selectorSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettings:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettings" } }, "type": "object", "required": [ "name" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettings:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettings": { "properties": { "audioHlsRenditionSelection": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioHlsRenditionSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioHlsRenditionSelection", "description": "Audio HLS Rendition Selection. See Audio HLS Rendition Selection for more details.\n" }, "audioLanguageSelection": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioLanguageSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioLanguageSelection", "description": "Audio Language Selection. See Audio Language Selection for more details.\n" }, "audioPidSelection": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioPidSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioPidSelection", "description": "Audio Pid Selection. See Audio PID Selection for more details.\n" }, "audioTrackSelection": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelection", "description": "Audio Track Selection. See Audio Track Selection for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioHlsRenditionSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioHlsRenditionSelection": { "properties": { "groupId": { "type": "string", "description": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.\n" }, "name": { "type": "string", "description": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.\n" } }, "type": "object", "required": [ "groupId", "name" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioLanguageSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioLanguageSelection": { "properties": { "languageCode": { "type": "string", "description": "Selects a specific three-letter language code from within an audio source.\n" }, "languageSelectionPolicy": { "type": "string", "description": "When set to “strict”, the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present then mute will be encoded until the language returns. If “loose”, then on a PMT update the demux will choose another audio stream in the program with the same stream type if it can’t find one with the same language.\n" } }, "type": "object", "required": [ "languageCode" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioPidSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioPidSelection": { "properties": { "pid": { "type": "integer", "description": "Selects a specific PID from within a source.\n" } }, "type": "object", "required": [ "pid" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelection:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelection": { "properties": { "dolbyEDecode": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionDolbyEDecode:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionDolbyEDecode", "description": "Configure decoding options for Dolby E streams - these should be Dolby E frames carried in PCM streams tagged with SMPTE-337. See Dolby E Decode for more details.\n" }, "tracks": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionTrack:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionTrack" }, "description": "Selects one or more unique audio tracks from within a source. See Audio Tracks for more details.\n" } }, "type": "object", "required": [ "tracks" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionDolbyEDecode:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionDolbyEDecode": { "properties": { "programSelection": { "type": "string", "description": "Applies only to Dolby E. Enter the program ID (according to the metadata in the audio) of the Dolby E program to extract from the specified track. One program extracted per audio selector. To select multiple programs, create multiple selectors with the same Track and different Program numbers. “All channels” means to ignore the program IDs and include all the channels in this selector; useful if metadata is known to be incorrect.\n" } }, "type": "object", "required": [ "programSelection" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionTrack:ChannelInputAttachmentInputSettingsAudioSelectorSelectorSettingsAudioTrackSelectionTrack": { "properties": { "track": { "type": "integer", "description": "1-based integer value that maps to a specific audio track.\n" } }, "type": "object", "required": [ "track" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelector:ChannelInputAttachmentInputSettingsCaptionSelector": { "properties": { "languageCode": { "type": "string" }, "name": { "type": "string", "description": "Name of the Channel.\n\nThe following arguments are optional:\n" }, "selectorSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettings" } }, "type": "object", "required": [ "name" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettings": { "properties": { "ancillarySourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAncillarySourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAncillarySourceSettings", "description": "Ancillary Source Settings. See Ancillary Source Settings for more details.\n" }, "aribSourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAribSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAribSourceSettings", "description": "ARIB Source Settings.\n" }, "dvbSubSourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsDvbSubSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsDvbSubSourceSettings", "description": "DVB Sub Source Settings. See DVB Sub Source Settings for more details.\n" }, "embeddedSourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsEmbeddedSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsEmbeddedSourceSettings", "description": "Embedded Source Settings. See Embedded Source Settings for more details.\n" }, "scte20SourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte20SourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte20SourceSettings", "description": "SCTE20 Source Settings. See SCTE 20 Source Settings for more details.\n" }, "scte27SourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte27SourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte27SourceSettings", "description": "SCTE27 Source Settings. See SCTE 27 Source Settings for more details.\n" }, "teletextSourceSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettings", "description": "Teletext Source Settings. See Teletext Source Settings for more details.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAncillarySourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAncillarySourceSettings": { "properties": { "sourceAncillaryChannelNumber": { "type": "integer", "description": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAribSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsAribSourceSettings": { "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsDvbSubSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsDvbSubSourceSettings": { "properties": { "ocrLanguage": { "type": "string", "description": "If you will configure a WebVTT caption description that references this caption selector, use this field to provide the language to consider when translating the image-based source to text.\n" }, "pid": { "type": "integer", "description": "When using DVB-Sub with Burn-In or SMPTE-TT, use this PID for the source content. Unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsEmbeddedSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsEmbeddedSourceSettings": { "properties": { "convert608To708": { "type": "string", "description": "If upconvert, 608 data is both passed through via the “608 compatibility bytes” fields of the 708 wrapper as well as translated into 708. 708 data present in the source content will be discarded.\n" }, "scte20Detection": { "type": "string", "description": "Set to “auto” to handle streams with intermittent and/or non-aligned SCTE-20 and Embedded captions.\n" }, "source608ChannelNumber": { "type": "integer", "description": "Specifies the 608/708 channel number within the video track from which to extract captions. Unused for passthrough.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte20SourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte20SourceSettings": { "properties": { "convert608To708": { "type": "string" }, "source608ChannelNumber": { "type": "integer" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte27SourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsScte27SourceSettings": { "properties": { "ocrLanguage": { "type": "string" }, "pid": { "type": "integer" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettings:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettings": { "properties": { "outputRectangle": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettingsOutputRectangle:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettingsOutputRectangle", "description": "Optionally defines a region where TTML style captions will be displayed. See Caption Rectangle for more details.\n" }, "pageNumber": { "type": "string", "description": "Specifies the teletext page number within the data stream from which to extract captions. Range of 0x100 (256) to 0x8FF (2303). Unused for passthrough. Should be specified as a hexadecimal string with no “0x” prefix.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettingsOutputRectangle:ChannelInputAttachmentInputSettingsCaptionSelectorSelectorSettingsTeletextSourceSettingsOutputRectangle": { "properties": { "height": { "type": "number" }, "leftOffset": { "type": "number", "description": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don’t have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them. For leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \"10\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.\n" }, "topOffset": { "type": "number", "description": "See the description in left\\_offset. For top\\_offset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \"10\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.\n" }, "width": { "type": "number" } }, "type": "object", "required": [ "height", "leftOffset", "topOffset", "width" ] }, "aws:medialive/ChannelInputAttachmentInputSettingsNetworkInputSettings:ChannelInputAttachmentInputSettingsNetworkInputSettings": { "properties": { "hlsInputSettings": { "$ref": "#/types/aws:medialive/ChannelInputAttachmentInputSettingsNetworkInputSettingsHlsInputSettings:ChannelInputAttachmentInputSettingsNetworkInputSettingsHlsInputSettings", "description": "Specifies HLS input settings when the uri is for a HLS manifest. See HLS Input Settings for more details.\n" }, "serverValidation": { "type": "string", "description": "Check HTTPS server certificates.\n" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsNetworkInputSettingsHlsInputSettings:ChannelInputAttachmentInputSettingsNetworkInputSettingsHlsInputSettings": { "properties": { "bandwidth": { "type": "integer", "description": "The bitrate is specified in bits per second, as in an HLS manifest.\n" }, "bufferSegments": { "type": "integer", "description": "Buffer segments.\n" }, "retries": { "type": "integer", "description": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.\n" }, "retryInterval": { "type": "integer", "description": "The number of seconds between retries when an attempt to read a manifest or segment fails.\n" }, "scte35Source": { "type": "string" } }, "type": "object" }, "aws:medialive/ChannelInputAttachmentInputSettingsVideoSelector:ChannelInputAttachmentInputSettingsVideoSelector": { "properties": { "colorSpace": { "type": "string" }, "colorSpaceUsage": { "type": "string" } }, "type": "object" }, "aws:medialive/ChannelInputSpecification:ChannelInputSpecification": { "properties": { "codec": { "type": "string" }, "inputResolution": { "type": "string" }, "maximumBitrate": { "type": "string" } }, "type": "object", "required": [ "codec", "inputResolution", "maximumBitrate" ] }, "aws:medialive/ChannelMaintenance:ChannelMaintenance": { "properties": { "maintenanceDay": { "type": "string", "description": "The day of the week to use for maintenance.\n" }, "maintenanceStartTime": { "type": "string", "description": "The hour maintenance will start.\n" } }, "type": "object", "required": [ "maintenanceDay", "maintenanceStartTime" ] }, "aws:medialive/ChannelVpc:ChannelVpc": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" } }, "publicAddressAllocationIds": { "type": "array", "items": { "type": "string" }, "description": "List of public address allocation ids to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces. If none are specified then the VPC default security group will be used.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs from the same VPC. If STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).\n" } }, "type": "object", "required": [ "publicAddressAllocationIds", "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "networkInterfaceIds", "publicAddressAllocationIds", "securityGroupIds", "subnetIds" ] } } }, "aws:medialive/InputDestination:InputDestination": { "properties": { "streamName": { "type": "string", "description": "A unique name for the location the RTMP stream is being pushed to.\n" } }, "type": "object", "required": [ "streamName" ] }, "aws:medialive/InputInputDevice:InputInputDevice": { "properties": { "id": { "type": "string", "description": "The unique ID for the device.\n" } }, "type": "object", "required": [ "id" ] }, "aws:medialive/InputMediaConnectFlow:InputMediaConnectFlow": { "properties": { "flowArn": { "type": "string", "description": "The ARN of the MediaConnect Flow\n" } }, "type": "object", "required": [ "flowArn" ] }, "aws:medialive/InputSecurityGroupWhitelistRule:InputSecurityGroupWhitelistRule": { "properties": { "cidr": { "type": "string", "description": "The IPv4 CIDR that's whitelisted.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:medialive/InputSource:InputSource": { "properties": { "passwordParam": { "type": "string", "description": "The key used to extract the password from EC2 Parameter store.\n" }, "url": { "type": "string", "description": "The URL where the stream is pulled from.\n" }, "username": { "type": "string", "description": "The username for the input source.\n" } }, "type": "object", "required": [ "passwordParam", "url", "username" ] }, "aws:medialive/InputVpc:InputVpc": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 EC2 VPC security group IDs to attach to the Input.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of 2 VPC subnet IDs from the same VPC.\n" } }, "type": "object", "required": [ "subnetIds" ] }, "aws:medialive/MultiplexMultiplexSettings:MultiplexMultiplexSettings": { "properties": { "maximumVideoBufferDelayMilliseconds": { "type": "integer", "description": "Maximum video buffer delay.\n" }, "transportStreamBitrate": { "type": "integer", "description": "Transport stream bit rate.\n" }, "transportStreamId": { "type": "integer", "description": "Unique ID for each multiplex.\n" }, "transportStreamReservedBitrate": { "type": "integer", "description": "Transport stream reserved bit rate.\n" } }, "type": "object", "required": [ "transportStreamBitrate", "transportStreamId" ], "language": { "nodejs": { "requiredOutputs": [ "maximumVideoBufferDelayMilliseconds", "transportStreamBitrate", "transportStreamId", "transportStreamReservedBitrate" ] } } }, "aws:medialive/MultiplexProgramMultiplexProgramSettings:MultiplexProgramMultiplexProgramSettings": { "properties": { "preferredChannelPipeline": { "type": "string", "description": "Enum for preferred channel pipeline. Options are `CURRENTLY_ACTIVE`, `PIPELINE_0`, or `PIPELINE_1`.\n" }, "programNumber": { "type": "integer", "description": "Unique program number.\n" }, "serviceDescriptor": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettingsServiceDescriptor:MultiplexProgramMultiplexProgramSettingsServiceDescriptor", "description": "Service Descriptor. See Service Descriptor for more details.\n" }, "videoSettings": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettingsVideoSettings:MultiplexProgramMultiplexProgramSettingsVideoSettings", "description": "Video settings. See Video Settings for more details.\n" } }, "type": "object", "required": [ "preferredChannelPipeline", "programNumber" ] }, "aws:medialive/MultiplexProgramMultiplexProgramSettingsServiceDescriptor:MultiplexProgramMultiplexProgramSettingsServiceDescriptor": { "properties": { "providerName": { "type": "string", "description": "Unique provider name.\n" }, "serviceName": { "type": "string", "description": "Unique service name.\n" } }, "type": "object", "required": [ "providerName", "serviceName" ] }, "aws:medialive/MultiplexProgramMultiplexProgramSettingsVideoSettings:MultiplexProgramMultiplexProgramSettingsVideoSettings": { "properties": { "constantBitrate": { "type": "integer", "description": "Constant bitrate value.\n" }, "statmuxSettings": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettingsVideoSettingsStatmuxSettings:MultiplexProgramMultiplexProgramSettingsVideoSettingsStatmuxSettings", "description": "Statmux settings. See Statmux Settings for more details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "constantBitrate" ] } } }, "aws:medialive/MultiplexProgramMultiplexProgramSettingsVideoSettingsStatmuxSettings:MultiplexProgramMultiplexProgramSettingsVideoSettingsStatmuxSettings": { "properties": { "maximumBitrate": { "type": "integer", "description": "Maximum bitrate.\n" }, "minimumBitrate": { "type": "integer", "description": "Minimum bitrate.\n" }, "priority": { "type": "integer", "description": "Priority value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "maximumBitrate", "minimumBitrate", "priority" ] } } }, "aws:medialive/getInputDestination:getInputDestination": { "properties": { "ip": { "type": "string" }, "port": { "type": "string" }, "url": { "type": "string" }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:medialive/getInputDestinationVpc:getInputDestinationVpc" } } }, "type": "object", "required": [ "ip", "port", "url", "vpcs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:medialive/getInputDestinationVpc:getInputDestinationVpc": { "properties": { "availabilityZone": { "type": "string" }, "networkInterfaceId": { "type": "string" } }, "type": "object", "required": [ "availabilityZone", "networkInterfaceId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:medialive/getInputInputDevice:getInputInputDevice": { "properties": { "id": { "type": "string", "description": "The ID of the Input.\n" } }, "type": "object", "required": [ "id" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:medialive/getInputMediaConnectFlow:getInputMediaConnectFlow": { "properties": { "flowArn": { "type": "string" } }, "type": "object", "required": [ "flowArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:medialive/getInputSource:getInputSource": { "properties": { "passwordParam": { "type": "string" }, "url": { "type": "string" }, "username": { "type": "string" } }, "type": "object", "required": [ "passwordParam", "url", "username" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest": { "properties": { "ingestEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngestIngestEndpoint:ChannelHlsIngestIngestEndpoint" }, "description": "A list of the ingest endpoints\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ingestEndpoints" ] } } }, "aws:mediapackage/ChannelHlsIngestIngestEndpoint:ChannelHlsIngestIngestEndpoint": { "properties": { "password": { "type": "string", "description": "The password\n", "secret": true }, "url": { "type": "string", "description": "The URL\n" }, "username": { "type": "string", "description": "The username\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "password", "url", "username" ] } } }, "aws:memorydb/ClusterClusterEndpoint:ClusterClusterEndpoint": { "properties": { "address": { "type": "string", "description": "DNS hostname of the node.\n" }, "port": { "type": "integer", "description": "The port number on which each of the nodes accepts connections. Defaults to `6379`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "port" ] } } }, "aws:memorydb/ClusterShard:ClusterShard": { "properties": { "name": { "type": "string", "description": "Name of the cluster. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterShardNode:ClusterShardNode" }, "description": "Set of nodes in this shard.\n" }, "numNodes": { "type": "integer", "description": "Number of individual nodes in this shard.\n" }, "slots": { "type": "string", "description": "Keyspace for this shard. Example: `0-16383`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "name", "nodes", "numNodes", "slots" ] } } }, "aws:memorydb/ClusterShardNode:ClusterShardNode": { "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which the node resides.\n" }, "createTime": { "type": "string", "description": "The date and time when the node was created. Example: `2022-01-01T21:00:00Z`.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterShardNodeEndpoint:ClusterShardNodeEndpoint" } }, "name": { "type": "string", "description": "Name of the cluster. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZone", "createTime", "endpoints", "name" ] } } }, "aws:memorydb/ClusterShardNodeEndpoint:ClusterShardNodeEndpoint": { "properties": { "address": { "type": "string", "description": "DNS hostname of the node.\n" }, "port": { "type": "integer", "description": "The port number on which each of the nodes accepts connections. Defaults to `6379`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "port" ] } } }, "aws:memorydb/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the parameter.\n" }, "value": { "type": "string", "description": "The value of the parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:memorydb/SnapshotClusterConfiguration:SnapshotClusterConfiguration": { "properties": { "description": { "type": "string", "description": "Description for the cluster.\n" }, "engineVersion": { "type": "string", "description": "Version number of the Redis engine used by the cluster.\n" }, "maintenanceWindow": { "type": "string", "description": "The weekly time range during which maintenance on the cluster is performed.\n" }, "name": { "type": "string", "description": "Name of the snapshot. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "nodeType": { "type": "string", "description": "Compute and memory capacity of the nodes in the cluster.\n" }, "numShards": { "type": "integer", "description": "Number of shards in the cluster.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group associated with the cluster.\n" }, "port": { "type": "integer", "description": "Port number on which the cluster accepts connections.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which MemoryDB retains automatic snapshots before deleting them.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of the shard.\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group used by the cluster.\n" }, "topicArn": { "type": "string", "description": "ARN of the SNS topic to which cluster notifications are sent.\n" }, "vpcId": { "type": "string", "description": "The VPC in which the cluster exists.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "description", "engineVersion", "maintenanceWindow", "name", "nodeType", "numShards", "parameterGroupName", "port", "snapshotRetentionLimit", "snapshotWindow", "subnetGroupName", "topicArn", "vpcId" ] } } }, "aws:memorydb/UserAuthenticationMode:UserAuthenticationMode": { "properties": { "passwordCount": { "type": "integer", "description": "Number of passwords belonging to the user if `type` is set to `password`.\n" }, "passwords": { "type": "array", "items": { "type": "string" }, "description": "Set of passwords used for authentication if `type` is set to `password`. You can create up to two passwords for each user.\n", "secret": true }, "type": { "type": "string", "description": "Specifies the authentication type. Valid values are: `password` or `iam`.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "passwordCount", "type" ] } } }, "aws:memorydb/getClusterClusterEndpoint:getClusterClusterEndpoint": { "properties": { "address": { "type": "string", "description": "DNS hostname of the node.\n" }, "port": { "type": "integer", "description": "Port number that this node is listening on.\n" } }, "type": "object", "required": [ "address", "port" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getClusterShard:getClusterShard": { "properties": { "name": { "type": "string", "description": "Name of the cluster.\n" }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/getClusterShardNode:getClusterShardNode" }, "description": "Set of nodes in this shard.\n" }, "numNodes": { "type": "integer", "description": "Number of individual nodes in this shard.\n" }, "slots": { "type": "string", "description": "Keyspace for this shard. Example: `0-16383`.\n" } }, "type": "object", "required": [ "name", "nodes", "numNodes", "slots" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getClusterShardNode:getClusterShardNode": { "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which the node resides.\n" }, "createTime": { "type": "string", "description": "The date and time when the node was created. Example: `2022-01-01T21:00:00Z`.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/getClusterShardNodeEndpoint:getClusterShardNodeEndpoint" } }, "name": { "type": "string", "description": "Name of the cluster.\n" } }, "type": "object", "required": [ "availabilityZone", "createTime", "endpoints", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getClusterShardNodeEndpoint:getClusterShardNodeEndpoint": { "properties": { "address": { "type": "string", "description": "DNS hostname of the node.\n" }, "port": { "type": "integer", "description": "Port number that this node is listening on.\n" } }, "type": "object", "required": [ "address", "port" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getParameterGroupParameter:getParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "Name of the parameter group.\n" }, "value": { "type": "string", "description": "Value of the parameter.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getSnapshotClusterConfiguration:getSnapshotClusterConfiguration": { "properties": { "description": { "type": "string", "description": "Description for the cluster.\n" }, "engineVersion": { "type": "string", "description": "Version number of the Redis engine used by the cluster.\n" }, "maintenanceWindow": { "type": "string", "description": "The weekly time range during which maintenance on the cluster is performed.\n" }, "name": { "type": "string", "description": "Name of the snapshot.\n" }, "nodeType": { "type": "string", "description": "Compute and memory capacity of the nodes in the cluster.\n" }, "numShards": { "type": "integer", "description": "Number of shards in the cluster.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group associated with the cluster.\n" }, "port": { "type": "integer", "description": "Port number on which the cluster accepts connections.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which MemoryDB retains automatic snapshots before deleting them.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of the shard.\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group used by the cluster.\n" }, "topicArn": { "type": "string", "description": "ARN of the SNS topic to which cluster notifications are sent.\n" }, "vpcId": { "type": "string", "description": "The VPC in which the cluster exists.\n" } }, "type": "object", "required": [ "description", "engineVersion", "maintenanceWindow", "name", "nodeType", "numShards", "parameterGroupName", "port", "snapshotRetentionLimit", "snapshotWindow", "subnetGroupName", "topicArn", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:memorydb/getUserAuthenticationMode:getUserAuthenticationMode": { "properties": { "passwordCount": { "type": "integer", "description": "Number of passwords belonging to the user if `type` is set to `password`.\n" }, "type": { "type": "string", "description": "Type of authentication configured.\n" } }, "type": "object", "required": [ "passwordCount", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/BrokerConfiguration:BrokerConfiguration": { "properties": { "id": { "type": "string", "description": "The Configuration ID.\n" }, "revision": { "type": "integer", "description": "Revision of the Configuration.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "id", "revision" ] } } }, "aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions": { "properties": { "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of Key Management Service (KMS) Customer Master Key (CMK) to use for encryption at rest. Requires setting `use_aws_owned_key` to `false`. To perform drift detection when AWS-managed CMKs or customer-managed CMKs are in use, this value must be configured.\n", "willReplaceOnChanges": true }, "useAwsOwnedKey": { "type": "boolean", "description": "Whether to enable an AWS-owned KMS CMK that is not in your account. Defaults to `true`. Setting to `false` without configuring `kms_key_id` will create an AWS-managed CMK aliased to `aws/mq` in your account.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId" ] } } }, "aws:mq/BrokerInstance:BrokerInstance": { "properties": { "consoleUrl": { "type": "string", "description": "The URL of the [ActiveMQ Web Console](http://activemq.apache.org/web-console.html) or the [RabbitMQ Management UI](https://www.rabbitmq.com/management.html#external-monitoring) depending on `engine_type`.\n" }, "endpoints": { "type": "array", "items": { "type": "string" }, "description": "Broker's wire-level protocol endpoints in the following order \u0026 format referenceable e.g., as `instances.0.endpoints.0` (SSL):\n* For `ActiveMQ`:\n* `ssl://broker-id.mq.us-west-2.amazonaws.com:61617`\n* `amqp+ssl://broker-id.mq.us-west-2.amazonaws.com:5671`\n* `stomp+ssl://broker-id.mq.us-west-2.amazonaws.com:61614`\n* `mqtt+ssl://broker-id.mq.us-west-2.amazonaws.com:8883`\n* `wss://broker-id.mq.us-west-2.amazonaws.com:61619`\n* For `RabbitMQ`:\n* `amqps://broker-id.mq.us-west-2.amazonaws.com:5671`\n" }, "ipAddress": { "type": "string", "description": "IP Address of the broker.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "consoleUrl", "endpoints", "ipAddress" ] } } }, "aws:mq/BrokerLdapServerMetadata:BrokerLdapServerMetadata": { "properties": { "hosts": { "type": "array", "items": { "type": "string" }, "description": "List of a fully qualified domain name of the LDAP server and an optional failover server.\n" }, "roleBase": { "type": "string", "description": "Fully qualified name of the directory to search for a user’s groups.\n" }, "roleName": { "type": "string", "description": "Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.\n" }, "roleSearchMatching": { "type": "string", "description": "Search criteria for groups.\n" }, "roleSearchSubtree": { "type": "boolean", "description": "Whether the directory search scope is the entire sub-tree.\n" }, "serviceAccountPassword": { "type": "string", "description": "Service account password.\n", "secret": true }, "serviceAccountUsername": { "type": "string", "description": "Service account username.\n" }, "userBase": { "type": "string", "description": "Fully qualified name of the directory where you want to search for users.\n" }, "userRoleName": { "type": "string", "description": "Specifies the name of the LDAP attribute for the user group membership.\n" }, "userSearchMatching": { "type": "string", "description": "Search criteria for users.\n" }, "userSearchSubtree": { "type": "boolean", "description": "Whether the directory search scope is the entire sub-tree.\n" } }, "type": "object" }, "aws:mq/BrokerLogs:BrokerLogs": { "properties": { "audit": { "type": "boolean", "description": "Enables audit logging. Auditing is only possible for `engine_type` of `ActiveMQ`. User management action made using JMX or the ActiveMQ Web Console is logged. Defaults to `false`.\n" }, "general": { "type": "boolean", "description": "Enables general logging via CloudWatch. Defaults to `false`.\n" } }, "type": "object" }, "aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime": { "properties": { "dayOfWeek": { "type": "string", "description": "Day of the week, e.g., `MONDAY`, `TUESDAY`, or `WEDNESDAY`.\n" }, "timeOfDay": { "type": "string", "description": "Time, in 24-hour format, e.g., `02:00`.\n" }, "timeZone": { "type": "string", "description": "Time zone in either the Country/City format or the UTC offset format, e.g., `CET`.\n" } }, "type": "object", "required": [ "dayOfWeek", "timeOfDay", "timeZone" ] }, "aws:mq/BrokerUser:BrokerUser": { "properties": { "consoleAccess": { "type": "boolean", "description": "Whether to enable access to the [ActiveMQ Web Console](http://activemq.apache.org/web-console.html) for the user. Applies to `engine_type` of `ActiveMQ` only.\n" }, "groups": { "type": "array", "items": { "type": "string" }, "description": "List of groups (20 maximum) to which the ActiveMQ user belongs. Applies to `engine_type` of `ActiveMQ` only.\n" }, "password": { "type": "string", "description": "Password of the user. It must be 12 to 250 characters long, at least 4 unique characters, and must not contain commas.\n", "secret": true }, "replicationUser": { "type": "boolean", "description": "Whether to set set replication user. Defaults to `false`.\n" }, "username": { "type": "string", "description": "Username of the user.\n\n\u003e **NOTE:** AWS currently does not support updating RabbitMQ users. Updates to users can only be in the RabbitMQ UI.\n" } }, "type": "object", "required": [ "password", "username" ] }, "aws:mq/getBrokerConfiguration:getBrokerConfiguration": { "properties": { "id": { "type": "string" }, "revision": { "type": "integer" } }, "type": "object", "required": [ "id", "revision" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerEncryptionOption:getBrokerEncryptionOption": { "properties": { "kmsKeyId": { "type": "string" }, "useAwsOwnedKey": { "type": "boolean" } }, "type": "object", "required": [ "kmsKeyId", "useAwsOwnedKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerEngineTypesBrokerEngineType:getBrokerEngineTypesBrokerEngineType": { "properties": { "engineType": { "type": "string", "description": "The MQ engine type to return version details for.\n" }, "engineVersions": { "type": "array", "items": { "$ref": "#/types/aws:mq/getBrokerEngineTypesBrokerEngineTypeEngineVersion:getBrokerEngineTypesBrokerEngineTypeEngineVersion" }, "description": "The list of engine versions.\n" } }, "type": "object", "required": [ "engineType", "engineVersions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerEngineTypesBrokerEngineTypeEngineVersion:getBrokerEngineTypesBrokerEngineTypeEngineVersion": { "properties": { "name": { "type": "string" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerInstance:getBrokerInstance": { "properties": { "consoleUrl": { "type": "string" }, "endpoints": { "type": "array", "items": { "type": "string" } }, "ipAddress": { "type": "string" } }, "type": "object", "required": [ "consoleUrl", "endpoints", "ipAddress" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerLdapServerMetadata:getBrokerLdapServerMetadata": { "properties": { "hosts": { "type": "array", "items": { "type": "string" } }, "roleBase": { "type": "string" }, "roleName": { "type": "string" }, "roleSearchMatching": { "type": "string" }, "roleSearchSubtree": { "type": "boolean" }, "serviceAccountPassword": { "type": "string" }, "serviceAccountUsername": { "type": "string" }, "userBase": { "type": "string" }, "userRoleName": { "type": "string" }, "userSearchMatching": { "type": "string" }, "userSearchSubtree": { "type": "boolean" } }, "type": "object", "required": [ "hosts", "roleBase", "roleName", "roleSearchMatching", "roleSearchSubtree", "serviceAccountPassword", "serviceAccountUsername", "userBase", "userRoleName", "userSearchMatching", "userSearchSubtree" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerLogs:getBrokerLogs": { "properties": { "audit": { "type": "boolean" }, "general": { "type": "boolean" } }, "type": "object", "required": [ "audit", "general" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerMaintenanceWindowStartTime:getBrokerMaintenanceWindowStartTime": { "properties": { "dayOfWeek": { "type": "string" }, "timeOfDay": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "dayOfWeek", "timeOfDay", "timeZone" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getBrokerUser:getBrokerUser": { "properties": { "consoleAccess": { "type": "boolean" }, "groups": { "type": "array", "items": { "type": "string" } }, "replicationUser": { "type": "boolean" }, "username": { "type": "string" } }, "type": "object", "required": [ "consoleAccess", "groups", "replicationUser", "username" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getInstanceTypeOfferingsBrokerInstanceOption:getInstanceTypeOfferingsBrokerInstanceOption": { "properties": { "availabilityZones": { "type": "array", "items": { "$ref": "#/types/aws:mq/getInstanceTypeOfferingsBrokerInstanceOptionAvailabilityZone:getInstanceTypeOfferingsBrokerInstanceOptionAvailabilityZone" }, "description": "List of available AZs. See Availability Zones. below\n" }, "engineType": { "type": "string", "description": "Filter response by engine type.\n" }, "hostInstanceType": { "type": "string", "description": "Filter response by host instance type.\n" }, "storageType": { "type": "string", "description": "Filter response by storage type.\n" }, "supportedDeploymentModes": { "type": "array", "items": { "type": "string" }, "description": "The list of supported deployment modes.\n" }, "supportedEngineVersions": { "type": "array", "items": { "type": "string" }, "description": "The list of supported engine versions.\n" } }, "type": "object", "required": [ "availabilityZones", "engineType", "hostInstanceType", "storageType", "supportedDeploymentModes", "supportedEngineVersions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mq/getInstanceTypeOfferingsBrokerInstanceOptionAvailabilityZone:getInstanceTypeOfferingsBrokerInstanceOptionAvailabilityZone": { "properties": { "name": { "type": "string", "description": "Name of the Availability Zone.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo": { "properties": { "azDistribution": { "type": "string", "description": "The distribution of broker nodes across availability zones ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-model-brokerazdistribution)). Currently the only valid value is `DEFAULT`.\n", "willReplaceOnChanges": true }, "clientSubnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnets to connect to in client VPC ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-prop-brokernodegroupinfo-clientsubnets)).\n", "willReplaceOnChanges": true }, "connectivityInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfo:ClusterBrokerNodeGroupInfoConnectivityInfo", "description": "Information about the cluster access configuration. See below. For security reasons, you can't turn on public access while creating an MSK cluster. However, you can update an existing cluster to make it publicly accessible. You can also create a new cluster and then update it to make it publicly accessible ([documentation](https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html)).\n" }, "instanceType": { "type": "string", "description": "Specify the instance type to use for the kafka brokersE.g., kafka.m5.large. ([Pricing info](https://aws.amazon.com/msk/pricing/))\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of the security groups to associate with the elastic network interfaces to control who can communicate with the cluster.\n", "willReplaceOnChanges": true }, "storageInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoStorageInfo:ClusterBrokerNodeGroupInfoStorageInfo", "description": "A block that contains information about storage volumes attached to MSK broker nodes. See below.\n" } }, "type": "object", "required": [ "clientSubnets", "instanceType", "securityGroups" ], "language": { "nodejs": { "requiredOutputs": [ "clientSubnets", "connectivityInfo", "instanceType", "securityGroups", "storageInfo" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfo:ClusterBrokerNodeGroupInfoConnectivityInfo": { "properties": { "publicAccess": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess:ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess", "description": "Access control settings for brokers. See below.\n" }, "vpcConnectivity": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity", "description": "VPC connectivity access control for brokers. See below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "publicAccess", "vpcConnectivity" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess:ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess": { "properties": { "type": { "type": "string", "description": "Public access type. Valid values: `DISABLED`, `SERVICE_PROVIDED_EIPS`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "type" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity": { "properties": { "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "clientAuthentication" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication": { "properties": { "sasl": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl", "description": "Configuration block for specifying SASL client authentication. See below.\n" }, "tls": { "type": "boolean", "description": "Configuration block for specifying TLS client authentication. See below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "sasl", "tls" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl:ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl": { "properties": { "iam": { "type": "boolean" }, "scram": { "type": "boolean" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iam", "scram" ] } } }, "aws:msk/ClusterBrokerNodeGroupInfoStorageInfo:ClusterBrokerNodeGroupInfoStorageInfo": { "properties": { "ebsStorageInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo:ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo", "description": "A block that contains EBS volume information. See below.\n" } }, "type": "object" }, "aws:msk/ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo:ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo": { "properties": { "provisionedThroughput": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput:ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput", "description": "A block that contains EBS volume provisioned throughput information. To provision storage throughput, you must choose broker type kafka.m5.4xlarge or larger. See below.\n" }, "volumeSize": { "type": "integer", "description": "The size in GiB of the EBS volume for the data drive on each broker node. Minimum value of `1` and maximum value of `16384`.\n" } }, "type": "object" }, "aws:msk/ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput:ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput": { "properties": { "enabled": { "type": "boolean" }, "volumeThroughput": { "type": "integer", "description": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second. The minimum value is `250`. The maximum value varies between broker type. You can refer to the valid values for the maximum volume throughput at the following [documentation on throughput bottlenecks](https://docs.aws.amazon.com/msk/latest/developerguide/msk-provision-throughput.html#throughput-bottlenecks)\n" } }, "type": "object" }, "aws:msk/ClusterClientAuthentication:ClusterClientAuthentication": { "properties": { "sasl": { "$ref": "#/types/aws:msk/ClusterClientAuthenticationSasl:ClusterClientAuthenticationSasl", "description": "Configuration block for specifying SASL client authentication. See below.\n" }, "tls": { "$ref": "#/types/aws:msk/ClusterClientAuthenticationTls:ClusterClientAuthenticationTls", "description": "Configuration block for specifying TLS client authentication. See below.\n" }, "unauthenticated": { "type": "boolean", "description": "Enables unauthenticated access.\n" } }, "type": "object" }, "aws:msk/ClusterClientAuthenticationSasl:ClusterClientAuthenticationSasl": { "properties": { "iam": { "type": "boolean" }, "scram": { "type": "boolean" } }, "type": "object" }, "aws:msk/ClusterClientAuthenticationTls:ClusterClientAuthenticationTls": { "properties": { "certificateAuthorityArns": { "type": "array", "items": { "type": "string" }, "description": "List of ACM Certificate Authority Amazon Resource Names (ARNs).\n" } }, "type": "object" }, "aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo": { "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK Configuration to use in the cluster.\n" }, "revision": { "type": "integer", "description": "Revision of the MSK Configuration to use in the cluster.\n" } }, "type": "object", "required": [ "arn", "revision" ] }, "aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo": { "properties": { "encryptionAtRestKmsKeyArn": { "type": "string", "description": "You may specify a KMS key short ID or ARN (it will always output an ARN) to use for encrypting your data at rest. If no key is specified, an AWS managed KMS ('aws/msk' managed service) key will be used for encrypting the data at rest.\n", "willReplaceOnChanges": true }, "encryptionInTransit": { "$ref": "#/types/aws:msk/ClusterEncryptionInfoEncryptionInTransit:ClusterEncryptionInfoEncryptionInTransit", "description": "Configuration block to specify encryption in transit. See below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "encryptionAtRestKmsKeyArn" ] } } }, "aws:msk/ClusterEncryptionInfoEncryptionInTransit:ClusterEncryptionInfoEncryptionInTransit": { "properties": { "clientBroker": { "type": "string", "description": "Encryption setting for data in transit between clients and brokers. Valid values: `TLS`, `TLS_PLAINTEXT`, and `PLAINTEXT`. Default value is `TLS`.\n" }, "inCluster": { "type": "boolean", "description": "Whether data communication among broker nodes is encrypted. Default value: `true`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:msk/ClusterLoggingInfo:ClusterLoggingInfo": { "properties": { "brokerLogs": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogs:ClusterLoggingInfoBrokerLogs", "description": "Configuration block for Broker Logs settings for logging info. See below.\n" } }, "type": "object", "required": [ "brokerLogs" ] }, "aws:msk/ClusterLoggingInfoBrokerLogs:ClusterLoggingInfoBrokerLogs": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsCloudwatchLogs:ClusterLoggingInfoBrokerLogsCloudwatchLogs" }, "firehose": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsFirehose:ClusterLoggingInfoBrokerLogsFirehose" }, "s3": { "$ref": "#/types/aws:msk/ClusterLoggingInfoBrokerLogsS3:ClusterLoggingInfoBrokerLogsS3" } }, "type": "object" }, "aws:msk/ClusterLoggingInfoBrokerLogsCloudwatchLogs:ClusterLoggingInfoBrokerLogsCloudwatchLogs": { "properties": { "enabled": { "type": "boolean" }, "logGroup": { "type": "string", "description": "Name of the Cloudwatch Log Group to deliver logs to.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterLoggingInfoBrokerLogsFirehose:ClusterLoggingInfoBrokerLogsFirehose": { "properties": { "deliveryStream": { "type": "string", "description": "Name of the Kinesis Data Firehose delivery stream to deliver logs to.\n" }, "enabled": { "type": "boolean" } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterLoggingInfoBrokerLogsS3:ClusterLoggingInfoBrokerLogsS3": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket to deliver logs to.\n" }, "enabled": { "type": "boolean" }, "prefix": { "type": "string", "description": "Prefix to append to the folder name.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring": { "properties": { "prometheus": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheus:ClusterOpenMonitoringPrometheus", "description": "Configuration block for Prometheus settings for open monitoring. See below.\n" } }, "type": "object", "required": [ "prometheus" ] }, "aws:msk/ClusterOpenMonitoringPrometheus:ClusterOpenMonitoringPrometheus": { "properties": { "jmxExporter": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheusJmxExporter:ClusterOpenMonitoringPrometheusJmxExporter", "description": "Configuration block for JMX Exporter. See below.\n" }, "nodeExporter": { "$ref": "#/types/aws:msk/ClusterOpenMonitoringPrometheusNodeExporter:ClusterOpenMonitoringPrometheusNodeExporter", "description": "Configuration block for Node Exporter. See below.\n" } }, "type": "object" }, "aws:msk/ClusterOpenMonitoringPrometheusJmxExporter:ClusterOpenMonitoringPrometheusJmxExporter": { "properties": { "enabledInBroker": { "type": "boolean", "description": "Indicates whether you want to enable or disable the Node Exporter.\n" } }, "type": "object", "required": [ "enabledInBroker" ] }, "aws:msk/ClusterOpenMonitoringPrometheusNodeExporter:ClusterOpenMonitoringPrometheusNodeExporter": { "properties": { "enabledInBroker": { "type": "boolean", "description": "Indicates whether you want to enable or disable the Node Exporter.\n" } }, "type": "object", "required": [ "enabledInBroker" ] }, "aws:msk/ReplicatorKafkaCluster:ReplicatorKafkaCluster": { "properties": { "amazonMskCluster": { "$ref": "#/types/aws:msk/ReplicatorKafkaClusterAmazonMskCluster:ReplicatorKafkaClusterAmazonMskCluster", "description": "Details of an Amazon MSK cluster.\n" }, "vpcConfig": { "$ref": "#/types/aws:msk/ReplicatorKafkaClusterVpcConfig:ReplicatorKafkaClusterVpcConfig", "description": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.\n" } }, "type": "object", "required": [ "amazonMskCluster", "vpcConfig" ] }, "aws:msk/ReplicatorKafkaClusterAmazonMskCluster:ReplicatorKafkaClusterAmazonMskCluster": { "properties": { "mskClusterArn": { "type": "string", "description": "The ARN of an Amazon MSK cluster.\n" } }, "type": "object", "required": [ "mskClusterArn" ] }, "aws:msk/ReplicatorKafkaClusterVpcConfig:ReplicatorKafkaClusterVpcConfig": { "properties": { "securityGroupsIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS security groups to associate with the ENIs used by the replicator. If a security group is not specified, the default security group associated with the VPC is used.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets to allow communication between your Kafka Cluster and the replicator.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "subnetIds" ] }, "aws:msk/ReplicatorReplicationInfoList:ReplicatorReplicationInfoList": { "properties": { "consumerGroupReplications": { "type": "array", "items": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoListConsumerGroupReplication:ReplicatorReplicationInfoListConsumerGroupReplication" }, "description": "Configuration relating to consumer group replication.\n" }, "sourceKafkaClusterAlias": { "type": "string" }, "sourceKafkaClusterArn": { "type": "string", "description": "The ARN of the source Kafka cluster.\n", "willReplaceOnChanges": true }, "targetCompressionType": { "type": "string", "description": "The type of compression to use writing records to target Kafka cluster.\n", "willReplaceOnChanges": true }, "targetKafkaClusterAlias": { "type": "string" }, "targetKafkaClusterArn": { "type": "string", "description": "The ARN of the target Kafka cluster.\n", "willReplaceOnChanges": true }, "topicReplications": { "type": "array", "items": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoListTopicReplication:ReplicatorReplicationInfoListTopicReplication" }, "description": "Configuration relating to topic replication.\n" } }, "type": "object", "required": [ "consumerGroupReplications", "sourceKafkaClusterArn", "targetCompressionType", "targetKafkaClusterArn", "topicReplications" ], "language": { "nodejs": { "requiredOutputs": [ "consumerGroupReplications", "sourceKafkaClusterAlias", "sourceKafkaClusterArn", "targetCompressionType", "targetKafkaClusterAlias", "targetKafkaClusterArn", "topicReplications" ] } } }, "aws:msk/ReplicatorReplicationInfoListConsumerGroupReplication:ReplicatorReplicationInfoListConsumerGroupReplication": { "properties": { "consumerGroupsToExcludes": { "type": "array", "items": { "type": "string" }, "description": "List of regular expression patterns indicating the consumer groups that should not be replicated.\n" }, "consumerGroupsToReplicates": { "type": "array", "items": { "type": "string" }, "description": "List of regular expression patterns indicating the consumer groups to copy.\n" }, "detectAndCopyNewConsumerGroups": { "type": "boolean", "description": "Whether to periodically check for new consumer groups.\n" }, "synchroniseConsumerGroupOffsets": { "type": "boolean", "description": "Whether to periodically write the translated offsets to __consumer_offsets topic in target cluster.\n" } }, "type": "object", "required": [ "consumerGroupsToReplicates" ] }, "aws:msk/ReplicatorReplicationInfoListTopicReplication:ReplicatorReplicationInfoListTopicReplication": { "properties": { "copyAccessControlListsForTopics": { "type": "boolean", "description": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.\n" }, "copyTopicConfigurations": { "type": "boolean", "description": "Whether to periodically configure remote topics to match their corresponding upstream topics.\n" }, "detectAndCopyNewTopics": { "type": "boolean", "description": "Whether to periodically check for new topics and partitions.\n" }, "startingPosition": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoListTopicReplicationStartingPosition:ReplicatorReplicationInfoListTopicReplicationStartingPosition", "description": "Configuration for specifying the position in the topics to start replicating from.\n" }, "topicsToExcludes": { "type": "array", "items": { "type": "string" }, "description": "List of regular expression patterns indicating the topics that should not be replica.\n" }, "topicsToReplicates": { "type": "array", "items": { "type": "string" }, "description": "List of regular expression patterns indicating the topics to copy.\n" } }, "type": "object", "required": [ "topicsToReplicates" ], "language": { "nodejs": { "requiredOutputs": [ "startingPosition", "topicsToReplicates" ] } } }, "aws:msk/ReplicatorReplicationInfoListTopicReplicationStartingPosition:ReplicatorReplicationInfoListTopicReplicationStartingPosition": { "properties": { "type": { "type": "string", "description": "The type of replication starting position. Supports `LATEST` and `EARLIEST`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:msk/ServerlessClusterClientAuthentication:ServerlessClusterClientAuthentication": { "properties": { "sasl": { "$ref": "#/types/aws:msk/ServerlessClusterClientAuthenticationSasl:ServerlessClusterClientAuthenticationSasl", "description": "Details for client authentication using SASL. See below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "sasl" ] }, "aws:msk/ServerlessClusterClientAuthenticationSasl:ServerlessClusterClientAuthenticationSasl": { "properties": { "iam": { "$ref": "#/types/aws:msk/ServerlessClusterClientAuthenticationSaslIam:ServerlessClusterClientAuthenticationSaslIam", "description": "Details for client authentication using IAM. See below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "iam" ] }, "aws:msk/ServerlessClusterClientAuthenticationSaslIam:ServerlessClusterClientAuthenticationSaslIam": { "properties": { "enabled": { "type": "boolean", "description": "Whether SASL/IAM authentication is enabled or not.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ] }, "aws:msk/ServerlessClusterVpcConfig:ServerlessClusterVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies up to five security groups that control inbound and outbound traffic for the serverless cluster.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnets in at least two different Availability Zones that host your client applications.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "subnetIds" ] } } }, "aws:msk/getBrokerNodesNodeInfoList:getBrokerNodesNodeInfoList": { "properties": { "attachedEniId": { "type": "string", "description": "Attached elastic network interface of the broker\n" }, "brokerId": { "type": "number", "description": "ID of the broker\n" }, "clientSubnet": { "type": "string", "description": "Client subnet to which this broker node belongs\n" }, "clientVpcIpAddress": { "type": "string", "description": "The client virtual private cloud (VPC) IP address\n" }, "endpoints": { "type": "array", "items": { "type": "string" }, "description": "Set of endpoints for accessing the broker. This does not include ports\n" }, "nodeArn": { "type": "string", "description": "ARN of the node\n" } }, "type": "object", "required": [ "attachedEniId", "brokerId", "clientSubnet", "clientVpcIpAddress", "endpoints", "nodeArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfo:getClusterBrokerNodeGroupInfo": { "properties": { "azDistribution": { "type": "string" }, "clientSubnets": { "type": "array", "items": { "type": "string" } }, "connectivityInfos": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfo:getClusterBrokerNodeGroupInfoConnectivityInfo" } }, "instanceType": { "type": "string" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "storageInfos": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoStorageInfo:getClusterBrokerNodeGroupInfoStorageInfo" } } }, "type": "object", "required": [ "azDistribution", "clientSubnets", "connectivityInfos", "instanceType", "securityGroups", "storageInfos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfo:getClusterBrokerNodeGroupInfoConnectivityInfo": { "properties": { "publicAccesses": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess:getClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess" } }, "vpcConnectivities": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity" } } }, "type": "object", "required": [ "publicAccesses", "vpcConnectivities" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess:getClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity": { "properties": { "clientAuthentications": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication" } } }, "type": "object", "required": [ "clientAuthentications" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication": { "properties": { "sasls": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl" } }, "tls": { "type": "boolean" } }, "type": "object", "required": [ "sasls", "tls" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl:getClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl": { "properties": { "iam": { "type": "boolean" }, "scram": { "type": "boolean" } }, "type": "object", "required": [ "iam", "scram" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoStorageInfo:getClusterBrokerNodeGroupInfoStorageInfo": { "properties": { "ebsStorageInfos": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo:getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo" } } }, "type": "object", "required": [ "ebsStorageInfos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo:getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo": { "properties": { "provisionedThroughputs": { "type": "array", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput:getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput" } }, "volumeSize": { "type": "integer" } }, "type": "object", "required": [ "provisionedThroughputs", "volumeSize" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:msk/getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput:getClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput": { "properties": { "enabled": { "type": "boolean" }, "volumeThroughput": { "type": "integer" } }, "type": "object", "required": [ "enabled", "volumeThroughput" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:mskconnect/ConnectorCapacity:ConnectorCapacity": { "properties": { "autoscaling": { "$ref": "#/types/aws:mskconnect/ConnectorCapacityAutoscaling:ConnectorCapacityAutoscaling", "description": "Information about the auto scaling parameters for the connector. See `autoscaling` Block for details.\n" }, "provisionedCapacity": { "$ref": "#/types/aws:mskconnect/ConnectorCapacityProvisionedCapacity:ConnectorCapacityProvisionedCapacity", "description": "Details about a fixed capacity allocated to a connector. See `provisioned_capacity` Block for details.\n" } }, "type": "object" }, "aws:mskconnect/ConnectorCapacityAutoscaling:ConnectorCapacityAutoscaling": { "properties": { "maxWorkerCount": { "type": "integer", "description": "The maximum number of workers allocated to the connector.\n" }, "mcuCount": { "type": "integer", "description": "The number of microcontroller units (MCUs) allocated to each connector worker. Valid values: `1`, `2`, `4`, `8`. The default value is `1`.\n" }, "minWorkerCount": { "type": "integer", "description": "The minimum number of workers allocated to the connector.\n" }, "scaleInPolicy": { "$ref": "#/types/aws:mskconnect/ConnectorCapacityAutoscalingScaleInPolicy:ConnectorCapacityAutoscalingScaleInPolicy", "description": "The scale-in policy for the connector. See `scale_in_policy` Block for details.\n" }, "scaleOutPolicy": { "$ref": "#/types/aws:mskconnect/ConnectorCapacityAutoscalingScaleOutPolicy:ConnectorCapacityAutoscalingScaleOutPolicy", "description": "The scale-out policy for the connector. See `scale_out_policy` Block for details.\n" } }, "type": "object", "required": [ "maxWorkerCount", "minWorkerCount" ], "language": { "nodejs": { "requiredOutputs": [ "maxWorkerCount", "minWorkerCount", "scaleInPolicy", "scaleOutPolicy" ] } } }, "aws:mskconnect/ConnectorCapacityAutoscalingScaleInPolicy:ConnectorCapacityAutoscalingScaleInPolicy": { "properties": { "cpuUtilizationPercentage": { "type": "integer", "description": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cpuUtilizationPercentage" ] } } }, "aws:mskconnect/ConnectorCapacityAutoscalingScaleOutPolicy:ConnectorCapacityAutoscalingScaleOutPolicy": { "properties": { "cpuUtilizationPercentage": { "type": "integer", "description": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cpuUtilizationPercentage" ] } } }, "aws:mskconnect/ConnectorCapacityProvisionedCapacity:ConnectorCapacityProvisionedCapacity": { "properties": { "mcuCount": { "type": "integer", "description": "The number of microcontroller units (MCUs) allocated to each connector worker. Valid values: `1`, `2`, `4`, `8`. The default value is `1`.\n" }, "workerCount": { "type": "integer", "description": "The number of workers that are allocated to the connector.\n" } }, "type": "object", "required": [ "workerCount" ] }, "aws:mskconnect/ConnectorKafkaCluster:ConnectorKafkaCluster": { "properties": { "apacheKafkaCluster": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterApacheKafkaCluster:ConnectorKafkaClusterApacheKafkaCluster", "description": "The Apache Kafka cluster to which the connector is connected. See `apache_kafka_cluster` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "apacheKafkaCluster" ] }, "aws:mskconnect/ConnectorKafkaClusterApacheKafkaCluster:ConnectorKafkaClusterApacheKafkaCluster": { "properties": { "bootstrapServers": { "type": "string", "description": "The bootstrap servers of the cluster.\n", "willReplaceOnChanges": true }, "vpc": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterApacheKafkaClusterVpc:ConnectorKafkaClusterApacheKafkaClusterVpc", "description": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster. See `vpc` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bootstrapServers", "vpc" ] }, "aws:mskconnect/ConnectorKafkaClusterApacheKafkaClusterVpc:ConnectorKafkaClusterApacheKafkaClusterVpc": { "properties": { "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups for the connector.\n", "willReplaceOnChanges": true }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The subnets for the connector.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "securityGroups", "subnets" ] }, "aws:mskconnect/ConnectorKafkaClusterClientAuthentication:ConnectorKafkaClusterClientAuthentication": { "properties": { "authenticationType": { "type": "string", "description": "The type of client authentication used to connect to the Apache Kafka cluster. Valid values: `IAM`, `NONE`. A value of `NONE` means that no client authentication is used. The default value is `NONE`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:mskconnect/ConnectorKafkaClusterEncryptionInTransit:ConnectorKafkaClusterEncryptionInTransit": { "properties": { "encryptionType": { "type": "string", "description": "The type of encryption in transit to the Apache Kafka cluster. Valid values: `PLAINTEXT`, `TLS`. The default values is `PLAINTEXT`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:mskconnect/ConnectorLogDelivery:ConnectorLogDelivery": { "properties": { "workerLogDelivery": { "$ref": "#/types/aws:mskconnect/ConnectorLogDeliveryWorkerLogDelivery:ConnectorLogDeliveryWorkerLogDelivery", "description": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations. See `worker_log_delivery` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "workerLogDelivery" ] }, "aws:mskconnect/ConnectorLogDeliveryWorkerLogDelivery:ConnectorLogDeliveryWorkerLogDelivery": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs:ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs", "description": "Details about delivering logs to Amazon CloudWatch Logs. See `cloudwatch_logs` Block for details.\n", "willReplaceOnChanges": true }, "firehose": { "$ref": "#/types/aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryFirehose:ConnectorLogDeliveryWorkerLogDeliveryFirehose", "description": "Details about delivering logs to Amazon Kinesis Data Firehose. See `firehose` Block for details.\n", "willReplaceOnChanges": true }, "s3": { "$ref": "#/types/aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryS3:ConnectorLogDeliveryWorkerLogDeliveryS3", "description": "Details about delivering logs to Amazon S3. See `s3` Block for deetails.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs:ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs": { "properties": { "enabled": { "type": "boolean", "description": "Whether log delivery to Amazon CloudWatch Logs is enabled.\n", "willReplaceOnChanges": true }, "logGroup": { "type": "string", "description": "The name of the CloudWatch log group that is the destination for log delivery.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ] }, "aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryFirehose:ConnectorLogDeliveryWorkerLogDeliveryFirehose": { "properties": { "deliveryStream": { "type": "string", "description": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ] }, "aws:mskconnect/ConnectorLogDeliveryWorkerLogDeliveryS3:ConnectorLogDeliveryWorkerLogDeliveryS3": { "properties": { "bucket": { "type": "string", "description": "The name of the S3 bucket that is the destination for log delivery.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Specifies whether connector logs get sent to the specified Amazon S3 destination.\n", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "The S3 prefix that is the destination for log delivery.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ] }, "aws:mskconnect/ConnectorPlugin:ConnectorPlugin": { "properties": { "customPlugin": { "$ref": "#/types/aws:mskconnect/ConnectorPluginCustomPlugin:ConnectorPluginCustomPlugin", "description": "Details about a custom plugin. See `custom_plugin` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "customPlugin" ] }, "aws:mskconnect/ConnectorPluginCustomPlugin:ConnectorPluginCustomPlugin": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom plugin.\n", "willReplaceOnChanges": true }, "revision": { "type": "integer", "description": "The revision of the custom plugin.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "arn", "revision" ] }, "aws:mskconnect/ConnectorWorkerConfiguration:ConnectorWorkerConfiguration": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the worker configuration.\n", "willReplaceOnChanges": true }, "revision": { "type": "integer", "description": "The revision of the worker configuration.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "arn", "revision" ] }, "aws:mskconnect/CustomPluginLocation:CustomPluginLocation": { "properties": { "s3": { "$ref": "#/types/aws:mskconnect/CustomPluginLocationS3:CustomPluginLocationS3", "description": "Information of the plugin file stored in Amazon S3. See `s3` Block for details..\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3" ] }, "aws:mskconnect/CustomPluginLocationS3:CustomPluginLocationS3": { "properties": { "bucketArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an S3 bucket.\n", "willReplaceOnChanges": true }, "fileKey": { "type": "string", "description": "The file key for an object in an S3 bucket.\n", "willReplaceOnChanges": true }, "objectVersion": { "type": "string", "description": "The version of an object in an S3 bucket.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucketArn", "fileKey" ] }, "aws:mwaa/EnvironmentLastUpdated:EnvironmentLastUpdated": { "properties": { "createdAt": { "type": "string", "description": "The Created At date of the MWAA Environment\n" }, "errors": { "type": "array", "items": { "$ref": "#/types/aws:mwaa/EnvironmentLastUpdatedError:EnvironmentLastUpdatedError" } }, "status": { "type": "string", "description": "The status of the Amazon MWAA Environment\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "createdAt", "errors", "status" ] } } }, "aws:mwaa/EnvironmentLastUpdatedError:EnvironmentLastUpdatedError": { "properties": { "errorCode": { "type": "string" }, "errorMessage": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "errorCode", "errorMessage" ] } } }, "aws:mwaa/EnvironmentLoggingConfiguration:EnvironmentLoggingConfiguration": { "properties": { "dagProcessingLogs": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfigurationDagProcessingLogs:EnvironmentLoggingConfigurationDagProcessingLogs", "description": "(Optional) Log configuration options for processing DAGs. See Module logging configuration for more information. Disabled by default.\n" }, "schedulerLogs": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfigurationSchedulerLogs:EnvironmentLoggingConfigurationSchedulerLogs", "description": "Log configuration options for the schedulers. See Module logging configuration for more information. Disabled by default.\n" }, "taskLogs": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfigurationTaskLogs:EnvironmentLoggingConfigurationTaskLogs", "description": "Log configuration options for DAG tasks. See Module logging configuration for more information. Enabled by default with `INFO` log level.\n" }, "webserverLogs": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfigurationWebserverLogs:EnvironmentLoggingConfigurationWebserverLogs", "description": "Log configuration options for the webservers. See Module logging configuration for more information. Disabled by default.\n" }, "workerLogs": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfigurationWorkerLogs:EnvironmentLoggingConfigurationWorkerLogs", "description": "Log configuration options for the workers. See Module logging configuration for more information. Disabled by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dagProcessingLogs", "schedulerLogs", "taskLogs", "webserverLogs", "workerLogs" ] } } }, "aws:mwaa/EnvironmentLoggingConfigurationDagProcessingLogs:EnvironmentLoggingConfigurationDagProcessingLogs": { "properties": { "cloudWatchLogGroupArn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Enabling or disabling the collection of logs\n" }, "logLevel": { "type": "string", "description": "Logging level. Valid values: `CRITICAL`, `ERROR`, `WARNING`, `INFO`, `DEBUG`. Will be `INFO` by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudWatchLogGroupArn", "enabled", "logLevel" ] } } }, "aws:mwaa/EnvironmentLoggingConfigurationSchedulerLogs:EnvironmentLoggingConfigurationSchedulerLogs": { "properties": { "cloudWatchLogGroupArn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Enabling or disabling the collection of logs\n" }, "logLevel": { "type": "string", "description": "Logging level. Valid values: `CRITICAL`, `ERROR`, `WARNING`, `INFO`, `DEBUG`. Will be `INFO` by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudWatchLogGroupArn", "enabled", "logLevel" ] } } }, "aws:mwaa/EnvironmentLoggingConfigurationTaskLogs:EnvironmentLoggingConfigurationTaskLogs": { "properties": { "cloudWatchLogGroupArn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Enabling or disabling the collection of logs\n" }, "logLevel": { "type": "string", "description": "Logging level. Valid values: `CRITICAL`, `ERROR`, `WARNING`, `INFO`, `DEBUG`. Will be `INFO` by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudWatchLogGroupArn", "enabled", "logLevel" ] } } }, "aws:mwaa/EnvironmentLoggingConfigurationWebserverLogs:EnvironmentLoggingConfigurationWebserverLogs": { "properties": { "cloudWatchLogGroupArn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Enabling or disabling the collection of logs\n" }, "logLevel": { "type": "string", "description": "Logging level. Valid values: `CRITICAL`, `ERROR`, `WARNING`, `INFO`, `DEBUG`. Will be `INFO` by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudWatchLogGroupArn", "enabled", "logLevel" ] } } }, "aws:mwaa/EnvironmentLoggingConfigurationWorkerLogs:EnvironmentLoggingConfigurationWorkerLogs": { "properties": { "cloudWatchLogGroupArn": { "type": "string" }, "enabled": { "type": "boolean", "description": "Enabling or disabling the collection of logs\n" }, "logLevel": { "type": "string", "description": "Logging level. Valid values: `CRITICAL`, `ERROR`, `WARNING`, `INFO`, `DEBUG`. Will be `INFO` by default.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudWatchLogGroupArn", "enabled", "logLevel" ] } } }, "aws:mwaa/EnvironmentNetworkConfiguration:EnvironmentNetworkConfiguration": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security groups IDs for the environment. At least one of the security group needs to allow MWAA resources to talk to each other, otherwise MWAA cannot be provisioned.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The private subnet IDs in which the environment should be created. MWAA requires two subnets.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "securityGroupIds", "subnetIds" ] }, "aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n" }, "name": { "type": "string", "description": "The name of the neptune parameter.\n" }, "value": { "type": "string", "description": "The value of the neptune parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:neptune/ClusterServerlessV2ScalingConfiguration:ClusterServerlessV2ScalingConfiguration": { "properties": { "maxCapacity": { "type": "number", "description": "The maximum Neptune Capacity Units (NCUs) for this cluster. Must be lower or equal than **128**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.\n" }, "minCapacity": { "type": "number", "description": "The minimum Neptune Capacity Units (NCUs) for this cluster. Must be greater or equal than **1**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.\n" } }, "type": "object" }, "aws:neptune/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember": { "properties": { "dbClusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of member DB Cluster.\n" }, "isWriter": { "type": "boolean", "description": "Whether the member is the primary DB Cluster.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dbClusterArn", "isWriter" ] } } }, "aws:neptune/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "The apply method of the Neptune parameter. Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`.\n" }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n" }, "value": { "type": "string", "description": "The value of the Neptune parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:networkfirewall/FirewallEncryptionConfiguration:FirewallEncryptionConfiguration": { "properties": { "keyId": { "type": "string", "description": "The ID of the customer managed key. You can use any of the [key identifiers](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) that KMS supports, unless you're using a key that's managed by another account. If you're using a key managed by another account, then specify the key ARN.\n" }, "type": { "type": "string", "description": "The type of AWS KMS key to use for encryption of your Network Firewall resources. Valid values are `CUSTOMER_KMS` and `AWS_OWNED_KMS_KEY`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:networkfirewall/FirewallFirewallStatus:FirewallFirewallStatus": { "properties": { "syncStates": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallFirewallStatusSyncState:FirewallFirewallStatusSyncState" }, "description": "Set of subnets configured for use by the firewall.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "syncStates" ] } } }, "aws:networkfirewall/FirewallFirewallStatusSyncState:FirewallFirewallStatusSyncState": { "properties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallFirewallStatusSyncStateAttachment:FirewallFirewallStatusSyncStateAttachment" }, "description": "Nested list describing the attachment status of the firewall's association with a single VPC subnet.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone where the subnet is configured.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "attachments", "availabilityZone" ] } } }, "aws:networkfirewall/FirewallFirewallStatusSyncStateAttachment:FirewallFirewallStatusSyncStateAttachment": { "properties": { "endpointId": { "type": "string", "description": "The identifier of the firewall endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.\n" }, "subnetId": { "type": "string", "description": "The unique identifier of the subnet that you've specified to be used for a firewall endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endpointId", "subnetId" ] } } }, "aws:networkfirewall/FirewallPolicyEncryptionConfiguration:FirewallPolicyEncryptionConfiguration": { "properties": { "keyId": { "type": "string", "description": "The ID of the customer managed key. You can use any of the [key identifiers](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) that KMS supports, unless you're using a key that's managed by another account. If you're using a key managed by another account, then specify the key ARN.\n" }, "type": { "type": "string", "description": "The type of AWS KMS key to use for encryption of your Network Firewall resources. Valid values are `CUSTOMER_KMS` and `AWS_OWNED_KMS_KEY`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicy:FirewallPolicyFirewallPolicy": { "properties": { "policyVariables": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariables:FirewallPolicyFirewallPolicyPolicyVariables", "description": ". Contains variables that you can use to override default Suricata settings in your firewall policy. See Rule Variables for details.\n" }, "statefulDefaultActions": { "type": "array", "items": { "type": "string" }, "description": "Set of actions to take on a packet if it does not match any stateful rules in the policy. This can only be specified if the policy has a `stateful_engine_options` block with a `rule_order` value of `STRICT_ORDER`. You can specify one of either or neither values of `aws:drop_strict` or `aws:drop_established`, as well as any combination of `aws:alert_strict` and `aws:alert_established`.\n" }, "statefulEngineOptions": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulEngineOptions:FirewallPolicyFirewallPolicyStatefulEngineOptions", "description": "A configuration block that defines options on how the policy handles stateful rules. See Stateful Engine Options below for details.\n" }, "statefulRuleGroupReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulRuleGroupReference:FirewallPolicyFirewallPolicyStatefulRuleGroupReference" }, "description": "Set of configuration blocks containing references to the stateful rule groups that are used in the policy. See Stateful Rule Group Reference below for details.\n" }, "statelessCustomActions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomAction:FirewallPolicyFirewallPolicyStatelessCustomAction" }, "description": "Set of configuration blocks describing the custom action definitions that are available for use in the firewall policy's `stateless_default_actions`. See Stateless Custom Action below for details.\n" }, "statelessDefaultActions": { "type": "array", "items": { "type": "string" }, "description": "Set of actions to take on a packet if it does not match any of the stateless rules in the policy. You must specify one of the standard actions including: `aws:drop`, `aws:pass`, or `aws:forward_to_sfe`.\nIn addition, you can specify custom actions that are compatible with your standard action choice. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe`.\n" }, "statelessFragmentDefaultActions": { "type": "array", "items": { "type": "string" }, "description": "Set of actions to take on a fragmented packet if it does not match any of the stateless rules in the policy. You must specify one of the standard actions including: `aws:drop`, `aws:pass`, or `aws:forward_to_sfe`.\nIn addition, you can specify custom actions that are compatible with your standard action choice. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe`.\n" }, "statelessRuleGroupReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessRuleGroupReference:FirewallPolicyFirewallPolicyStatelessRuleGroupReference" }, "description": "Set of configuration blocks containing references to the stateless rule groups that are used in the policy. See Stateless Rule Group Reference below for details.\n" }, "tlsInspectionConfigurationArn": { "type": "string", "description": "The (ARN) of the TLS Inspection policy to attach to the FW Policy. This must be added at creation of the resource per AWS documentation. \"You can only add a TLS inspection configuration to a new policy, not to an existing policy.\" This cannot be removed from a FW Policy.\n" } }, "type": "object", "required": [ "statelessDefaultActions", "statelessFragmentDefaultActions" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariables:FirewallPolicyFirewallPolicyPolicyVariables": { "properties": { "ruleVariables": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariablesRuleVariable:FirewallPolicyFirewallPolicyPolicyVariablesRuleVariable" } } }, "type": "object" }, "aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariablesRuleVariable:FirewallPolicyFirewallPolicyPolicyVariablesRuleVariable": { "properties": { "ipSet": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSet:FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSet", "description": "A configuration block that defines a set of IP addresses. See IP Set below for details.\n" }, "key": { "type": "string", "description": "An alphanumeric string to identify the `ip_set`. Valid values: `HOME_NET`\n" } }, "type": "object", "required": [ "ipSet", "key" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSet:FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSet": { "properties": { "definitions": { "type": "array", "items": { "type": "string" }, "description": "Set of IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable.\n" } }, "type": "object", "required": [ "definitions" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulEngineOptions:FirewallPolicyFirewallPolicyStatefulEngineOptions": { "properties": { "ruleOrder": { "type": "string", "description": "Indicates how to manage the order of stateful rule evaluation for the policy. Default value: `DEFAULT_ACTION_ORDER`. Valid values: `DEFAULT_ACTION_ORDER`, `STRICT_ORDER`.\n" }, "streamExceptionPolicy": { "type": "string", "description": "Describes how to treat traffic which has broken midstream. Default value: `DROP`. Valid values: `DROP`, `CONTINUE`, `REJECT`.\n" } }, "type": "object" }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulRuleGroupReference:FirewallPolicyFirewallPolicyStatefulRuleGroupReference": { "properties": { "override": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride:FirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride", "description": "Configuration block for override values\n" }, "priority": { "type": "integer", "description": "An integer setting that indicates the order in which to apply the stateful rule groups in a single policy. This argument must be specified if the policy has a `stateful_engine_options` block with a `rule_order` value of `STRICT_ORDER`. AWS Network Firewall applies each stateful rule group to a packet starting with the group that has the lowest priority setting.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the stateful rule group.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride:FirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride": { "properties": { "action": { "type": "string", "description": "The action that changes the rule group from DROP to ALERT . This only applies to managed rule groups.\n" } }, "type": "object" }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomAction:FirewallPolicyFirewallPolicyStatelessCustomAction": { "properties": { "actionDefinition": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition", "description": "A configuration block describing the custom action associated with the `action_name`. See Action Definition below for details.\n" }, "actionName": { "type": "string", "description": "A friendly name of the custom action.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "actionDefinition", "actionName" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition": { "properties": { "publishMetricAction": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction", "description": "A configuration block describing the stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. You can pair this custom action with any of the standard stateless rule actions. See Publish Metric Action below for details.\n" } }, "type": "object", "required": [ "publishMetricAction" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension" }, "description": "Set of configuration blocks describing dimension settings to use for Amazon CloudWatch custom metrics. See Dimension below for more details.\n" } }, "type": "object", "required": [ "dimensions" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension:FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension": { "properties": { "value": { "type": "string", "description": "The string value to use in the custom metric dimension.\n" } }, "type": "object", "required": [ "value" ] }, "aws:networkfirewall/FirewallPolicyFirewallPolicyStatelessRuleGroupReference:FirewallPolicyFirewallPolicyStatelessRuleGroupReference": { "properties": { "priority": { "type": "integer", "description": "An integer setting that indicates the order in which to run the stateless rule groups in a single policy. AWS Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the stateless rule group.\n" } }, "type": "object", "required": [ "priority", "resourceArn" ] }, "aws:networkfirewall/FirewallSubnetMapping:FirewallSubnetMapping": { "properties": { "ipAddressType": { "type": "string", "description": "The subnet's IP address type. Valida values: `\"DUALSTACK\"`, `\"IPV4\"`.\n" }, "subnetId": { "type": "string", "description": "The unique identifier for the subnet.\n" } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredOutputs": [ "ipAddressType", "subnetId" ] } } }, "aws:networkfirewall/LoggingConfigurationLoggingConfiguration:LoggingConfigurationLoggingConfiguration": { "properties": { "logDestinationConfigs": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/LoggingConfigurationLoggingConfigurationLogDestinationConfig:LoggingConfigurationLoggingConfigurationLogDestinationConfig" }, "description": "Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only two blocks can be specified; one for `FLOW` logs and one for `ALERT` logs.\n" } }, "type": "object", "required": [ "logDestinationConfigs" ] }, "aws:networkfirewall/LoggingConfigurationLoggingConfigurationLogDestinationConfig:LoggingConfigurationLoggingConfigurationLogDestinationConfig": { "properties": { "logDestination": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map describing the logging destination for the chosen `log_destination_type`.\n* For an Amazon S3 bucket, specify the key `bucketName` with the name of the bucket and optionally specify the key `prefix` with a path.\n* For a CloudWatch log group, specify the key `logGroup` with the name of the CloudWatch log group.\n* For a Kinesis Data Firehose delivery stream, specify the key `deliveryStream` with the name of the delivery stream.\n" }, "logDestinationType": { "type": "string", "description": "The location to send logs to. Valid values: `S3`, `CloudWatchLogs`, `KinesisDataFirehose`.\n" }, "logType": { "type": "string", "description": "The type of log to send. Valid values: `ALERT` or `FLOW`. Alert logs report traffic that matches a `StatefulRule` with an action setting that sends a log message. Flow logs are standard network traffic flow logs.\n" } }, "type": "object", "required": [ "logDestination", "logDestinationType", "logType" ] }, "aws:networkfirewall/RuleGroupEncryptionConfiguration:RuleGroupEncryptionConfiguration": { "properties": { "keyId": { "type": "string", "description": "The ID of the customer managed key. You can use any of the [key identifiers](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) that KMS supports, unless you're using a key that's managed by another account. If you're using a key managed by another account, then specify the key ARN.\n" }, "type": { "type": "string", "description": "The type of AWS KMS key to use for encryption of your Network Firewall resources. Valid values are `CUSTOMER_KMS` and `AWS_OWNED_KMS_KEY`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:networkfirewall/RuleGroupRuleGroup:RuleGroupRuleGroup": { "properties": { "referenceSets": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupReferenceSets:RuleGroupRuleGroupReferenceSets", "description": "A configuration block that defines the IP Set References for the rule group. See Reference Sets below for details. Please notes that there can only be a maximum of 5 `reference_sets` in a `rule_group`. See the [AWS documentation](https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-references.html#rule-groups-ip-set-reference-limits) for details.\n" }, "ruleVariables": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRuleVariables:RuleGroupRuleGroupRuleVariables", "description": "A configuration block that defines additional settings available to use in the rules defined in the rule group. Can only be specified for **stateful** rule groups. See Rule Variables below for details.\n" }, "rulesSource": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSource:RuleGroupRuleGroupRulesSource", "description": "A configuration block that defines the stateful or stateless rules for the rule group. See Rules Source below for details.\n" }, "statefulRuleOptions": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupStatefulRuleOptions:RuleGroupRuleGroupStatefulRuleOptions", "description": "A configuration block that defines stateful rule options for the rule group. See Stateful Rule Options below for details.\n" } }, "type": "object", "required": [ "rulesSource" ] }, "aws:networkfirewall/RuleGroupRuleGroupReferenceSets:RuleGroupRuleGroupReferenceSets": { "properties": { "ipSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupReferenceSetsIpSetReference:RuleGroupRuleGroupReferenceSetsIpSetReference" } } }, "type": "object" }, "aws:networkfirewall/RuleGroupRuleGroupReferenceSetsIpSetReference:RuleGroupRuleGroupReferenceSetsIpSetReference": { "properties": { "ipSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReference:RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReference" }, "description": "Set of configuration blocks that define the IP Reference information. See IP Set Reference below for details.\n" }, "key": { "type": "string" } }, "type": "object", "required": [ "ipSetReferences", "key" ] }, "aws:networkfirewall/RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReference:RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReference": { "properties": { "referenceArn": { "type": "string", "description": "Set of Managed Prefix IP ARN(s)\n" } }, "type": "object", "required": [ "referenceArn" ] }, "aws:networkfirewall/RuleGroupRuleGroupRuleVariables:RuleGroupRuleGroupRuleVariables": { "properties": { "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRuleVariablesIpSet:RuleGroupRuleGroupRuleVariablesIpSet" }, "description": "Set of configuration blocks that define IP address information. See IP Sets below for details.\n" }, "portSets": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRuleVariablesPortSet:RuleGroupRuleGroupRuleVariablesPortSet" }, "description": "Set of configuration blocks that define port range information. See Port Sets below for details.\n" } }, "type": "object" }, "aws:networkfirewall/RuleGroupRuleGroupRuleVariablesIpSet:RuleGroupRuleGroupRuleVariablesIpSet": { "properties": { "ipSet": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRuleVariablesIpSetIpSet:RuleGroupRuleGroupRuleVariablesIpSetIpSet", "description": "A configuration block that defines a set of IP addresses. See IP Set below for details.\n" }, "key": { "type": "string", "description": "A unique alphanumeric string to identify the `ip_set`.\n" } }, "type": "object", "required": [ "ipSet", "key" ] }, "aws:networkfirewall/RuleGroupRuleGroupRuleVariablesIpSetIpSet:RuleGroupRuleGroupRuleVariablesIpSetIpSet": { "properties": { "definitions": { "type": "array", "items": { "type": "string" }, "description": "Set of IP addresses and address ranges, in CIDR notation.\n" } }, "type": "object", "required": [ "definitions" ] }, "aws:networkfirewall/RuleGroupRuleGroupRuleVariablesPortSet:RuleGroupRuleGroupRuleVariablesPortSet": { "properties": { "key": { "type": "string", "description": "An unique alphanumeric string to identify the `port_set`.\n" }, "portSet": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRuleVariablesPortSetPortSet:RuleGroupRuleGroupRuleVariablesPortSetPortSet", "description": "A configuration block that defines a set of port ranges. See Port Set below for details.\n" } }, "type": "object", "required": [ "key", "portSet" ] }, "aws:networkfirewall/RuleGroupRuleGroupRuleVariablesPortSetPortSet:RuleGroupRuleGroupRuleVariablesPortSetPortSet": { "properties": { "definitions": { "type": "array", "items": { "type": "string" }, "description": "Set of port ranges.\n" } }, "type": "object", "required": [ "definitions" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSource:RuleGroupRuleGroupRulesSource": { "properties": { "rulesSourceList": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceRulesSourceList:RuleGroupRuleGroupRulesSourceRulesSourceList", "description": "A configuration block containing **stateful** inspection criteria for a domain list rule group. See Rules Source List below for details.\n" }, "rulesString": { "type": "string", "description": "The fully qualified name of a file in an S3 bucket that contains Suricata compatible intrusion preventions system (IPS) rules or the Suricata rules as a string. These rules contain **stateful** inspection criteria and the action to take for traffic that matches the criteria.\n" }, "statefulRules": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRule:RuleGroupRuleGroupRulesSourceStatefulRule" }, "description": "Set of configuration blocks containing **stateful** inspection criteria for 5-tuple rules to be used together in a rule group. See Stateful Rule below for details.\n" }, "statelessRulesAndCustomActions": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActions:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActions", "description": "A configuration block containing **stateless** inspection criteria for a stateless rule group. See Stateless Rules and Custom Actions below for details.\n" } }, "type": "object" }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceRulesSourceList:RuleGroupRuleGroupRulesSourceRulesSourceList": { "properties": { "generatedRulesType": { "type": "string", "description": "String value to specify whether domains in the target list are allowed or denied access. Valid values: `ALLOWLIST`, `DENYLIST`.\n" }, "targetTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of types of domain specifications that are provided in the `targets` argument. Valid values: `HTTP_HOST`, `TLS_SNI`.\n" }, "targets": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that you want to inspect for in your traffic flows.\n" } }, "type": "object", "required": [ "generatedRulesType", "targetTypes", "targets" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRule:RuleGroupRuleGroupRulesSourceStatefulRule": { "properties": { "action": { "type": "string", "description": "Action to take with packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, AWS Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow. Valid values: `ALERT`, `DROP`, `PASS`, or `REJECT`.\n" }, "header": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRuleHeader:RuleGroupRuleGroupRulesSourceStatefulRuleHeader", "description": "A configuration block containing the stateful 5-tuple inspection criteria for the rule, used to inspect traffic flows. See Header below for details.\n" }, "ruleOptions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRuleRuleOption:RuleGroupRuleGroupRulesSourceStatefulRuleRuleOption" }, "description": "Set of configuration blocks containing additional settings for a stateful rule. See Rule Option below for details.\n" } }, "type": "object", "required": [ "action", "header", "ruleOptions" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRuleHeader:RuleGroupRuleGroupRulesSourceStatefulRuleHeader": { "properties": { "destination": { "type": "string", "description": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY`.\n" }, "destinationPort": { "type": "string", "description": "The destination port to inspect for. To match with any address, specify `ANY`.\n" }, "direction": { "type": "string", "description": "The direction of traffic flow to inspect. Valid values: `ANY` or `FORWARD`.\n" }, "protocol": { "type": "string", "description": "The protocol to inspect. Valid values: `IP`, `TCP`, `UDP`, `ICMP`, `HTTP`, `FTP`, `TLS`, `SMB`, `DNS`, `DCERPC`, `SSH`, `SMTP`, `IMAP`, `MSN`, `KRB5`, `IKEV2`, `TFTP`, `NTP`, `DHCP`.\n" }, "source": { "type": "string", "description": "The source IP address or address range for, in CIDR notation. To match with any address, specify `ANY`.\n" }, "sourcePort": { "type": "string", "description": "The source port to inspect for. To match with any address, specify `ANY`.\n" } }, "type": "object", "required": [ "destination", "destinationPort", "direction", "protocol", "source", "sourcePort" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatefulRuleRuleOption:RuleGroupRuleGroupRulesSourceStatefulRuleRuleOption": { "properties": { "keyword": { "type": "string", "description": "Keyword defined by open source detection systems like Snort or Suricata for stateful rule inspection.\nSee [Snort General Rule Options](http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node31.html) or [Suricata Rule Options](https://suricata.readthedocs.io/en/suricata-5.0.1/rules/intro.html#rule-options) for more details.\n" }, "settings": { "type": "array", "items": { "type": "string" }, "description": "Set of strings for additional settings to use in stateful rule inspection.\n" } }, "type": "object", "required": [ "keyword" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActions:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActions": { "properties": { "customActions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomAction:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomAction" }, "description": "Set of configuration blocks containing custom action definitions that are available for use by the set of `stateless rule`. See Custom Action below for details.\n" }, "statelessRules": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRule:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRule" }, "description": "Set of configuration blocks containing the stateless rules for use in the stateless rule group. See Stateless Rule below for details.\n" } }, "type": "object", "required": [ "statelessRules" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomAction:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomAction": { "properties": { "actionDefinition": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinition:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinition", "description": "A configuration block describing the custom action associated with the `action_name`. See Action Definition below for details.\n" }, "actionName": { "type": "string", "description": "A friendly name of the custom action.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "actionDefinition", "actionName" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinition:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinition": { "properties": { "publishMetricAction": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricAction:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricAction", "description": "A configuration block describing the stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. You can pair this custom action with any of the standard stateless rule actions. See Publish Metric Action below for details.\n" } }, "type": "object", "required": [ "publishMetricAction" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricAction:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricAction": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimension:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimension" }, "description": "Set of configuration blocks containing the dimension settings to use for Amazon CloudWatch custom metrics. See Dimension below for details.\n" } }, "type": "object", "required": [ "dimensions" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimension:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimension": { "properties": { "value": { "type": "string", "description": "The value to use in the custom metric dimension.\n" } }, "type": "object", "required": [ "value" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRule:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRule": { "properties": { "priority": { "type": "integer", "description": "A setting that indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. AWS Network Firewall evaluates the rules in a rule group starting with the lowest priority setting.\n" }, "ruleDefinition": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinition:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinition", "description": "A configuration block defining the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria. See Rule Definition below for details.\n" } }, "type": "object", "required": [ "priority", "ruleDefinition" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinition:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinition": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Set of actions to take on a packet that matches one of the stateless rule definition's `match_attributes`. For every rule you must specify 1 standard action, and you can add custom actions. Standard actions include: `aws:pass`, `aws:drop`, `aws:forward_to_sfe`.\n" }, "matchAttributes": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributes:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributes", "description": "A configuration block containing criteria for AWS Network Firewall to use to inspect an individual packet in stateless rule inspection. See Match Attributes below for details.\n" } }, "type": "object", "required": [ "actions", "matchAttributes" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributes:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributes": { "properties": { "destinationPorts": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPort:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPort" }, "description": "Set of configuration blocks describing the destination ports to inspect for. If not specified, this matches with any destination port. See Destination Port below for details.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestination:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestination" }, "description": "Set of configuration blocks describing the destination IP address and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address. See Destination below for details.\n" }, "protocols": { "type": "array", "items": { "type": "integer" }, "description": "Set of protocols to inspect for, specified using the protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.\n" }, "sourcePorts": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePort:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePort" }, "description": "Set of configuration blocks describing the source ports to inspect for. If not specified, this matches with any source port. See Source Port below for details.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSource:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSource" }, "description": "Set of configuration blocks describing the source IP address and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address. See Source below for details.\n" }, "tcpFlags": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlag:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlag" }, "description": "Set of configuration blocks containing the TCP flags and masks to inspect for. If not specified, this matches with any settings.\n" } }, "type": "object" }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestination:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestination": { "properties": { "addressDefinition": { "type": "string", "description": "An IP address or a block of IP addresses in CIDR notation. AWS Network Firewall supports all address ranges for IPv4.\n" } }, "type": "object", "required": [ "addressDefinition" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPort:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPort": { "properties": { "fromPort": { "type": "integer", "description": "The lower limit of the port range. This must be less than or equal to the `to_port`.\n" }, "toPort": { "type": "integer", "description": "The upper limit of the port range. This must be greater than or equal to the `from_port`.\n" } }, "type": "object", "required": [ "fromPort" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSource:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSource": { "properties": { "addressDefinition": { "type": "string", "description": "An IP address or a block of IP addresses in CIDR notation. AWS Network Firewall supports all address ranges for IPv4.\n" } }, "type": "object", "required": [ "addressDefinition" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePort:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePort": { "properties": { "fromPort": { "type": "integer", "description": "The lower limit of the port range. This must be less than or equal to the `to_port`.\n" }, "toPort": { "type": "integer", "description": "The upper limit of the port range. This must be greater than or equal to the `from_port`.\n" } }, "type": "object", "required": [ "fromPort" ] }, "aws:networkfirewall/RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlag:RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlag": { "properties": { "flags": { "type": "array", "items": { "type": "string" }, "description": "Set of flags to look for in a packet. This setting can only specify values that are also specified in `masks`.\nValid values: `FIN`, `SYN`, `RST`, `PSH`, `ACK`, `URG`, `ECE`, `CWR`.\n" }, "masks": { "type": "array", "items": { "type": "string" }, "description": "Set of flags to consider in the inspection. To inspect all flags, leave this empty.\nValid values: `FIN`, `SYN`, `RST`, `PSH`, `ACK`, `URG`, `ECE`, `CWR`.\n" } }, "type": "object", "required": [ "flags" ] }, "aws:networkfirewall/RuleGroupRuleGroupStatefulRuleOptions:RuleGroupRuleGroupStatefulRuleOptions": { "properties": { "ruleOrder": { "type": "string", "description": "Indicates how to manage the order of the rule evaluation for the rule group. Default value: `DEFAULT_ACTION_ORDER`. Valid values: `DEFAULT_ACTION_ORDER`, `STRICT_ORDER`.\n" } }, "type": "object", "required": [ "ruleOrder" ] }, "aws:networkfirewall/TlsInspectionConfigurationCertificate:TlsInspectionConfigurationCertificate": { "properties": { "certificateArn": { "type": "string", "description": "ARN of the certificate.\n" }, "certificateSerial": { "type": "string", "description": "Serial number of the certificate.\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "statusMessage": { "type": "string", "description": "Details about the certificate status, including information about certificate errors.\n" } }, "type": "object", "required": [ "certificateArn", "certificateSerial", "status", "statusMessage" ] }, "aws:networkfirewall/TlsInspectionConfigurationCertificateAuthority:TlsInspectionConfigurationCertificateAuthority": { "properties": { "certificateArn": { "type": "string", "description": "ARN of the certificate.\n" }, "certificateSerial": { "type": "string", "description": "Serial number of the certificate.\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "statusMessage": { "type": "string", "description": "Details about the certificate status, including information about certificate errors.\n" } }, "type": "object", "required": [ "certificateArn", "certificateSerial", "status", "statusMessage" ] }, "aws:networkfirewall/TlsInspectionConfigurationEncryptionConfiguration:TlsInspectionConfigurationEncryptionConfiguration": { "properties": { "keyId": { "type": "string", "description": "ARN of the Amazon Web Services Key Management Service (KMS) customer managed key.\n" }, "type": { "type": "string", "description": "Type of KMS key to use for encryption of your Network Firewall resources. Valid values: `AWS_OWNED_KMS_KEY`, `CUSTOMER_KMS`.\n" } }, "type": "object", "required": [ "keyId", "type" ] }, "aws:networkfirewall/TlsInspectionConfigurationTimeouts:TlsInspectionConfigurationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfiguration:TlsInspectionConfigurationTlsInspectionConfiguration": { "properties": { "serverCertificateConfiguration": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfiguration:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfiguration", "description": "Server certificate configurations that are associated with the TLS configuration. Detailed below.\n" } }, "type": "object" }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfiguration:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfiguration": { "properties": { "certificateAuthorityArn": { "type": "string", "description": "ARN of the imported certificate authority (CA) certificate within Certificate Manager (ACM) to use for outbound SSL/TLS inspection. See [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) for limitations on CA certificates.\n" }, "checkCertificateRevocationStatus": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatus:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatus", "description": "Check Certificate Revocation Status block. Detailed below.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScope:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScope" }, "description": "Scope block. Detailed below.\n" }, "serverCertificates": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificate:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificate" }, "description": "Server certificates to use for inbound SSL/TLS inspection. See [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html).\n" } }, "type": "object" }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatus:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatus": { "properties": { "revokedStatusAction": { "type": "string" }, "unknownStatusAction": { "type": "string" } }, "type": "object" }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScope:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScope": { "properties": { "destinationPorts": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPort:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPort" }, "description": "Set of configuration blocks describing the destination ports to inspect for. If not specified, this matches with any destination port. See Destination Ports below for details.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestination:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestination" }, "description": "Set of configuration blocks describing the destination IP address and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address. See Destination below for details.\n" }, "protocols": { "type": "array", "items": { "type": "integer" }, "description": "Set of protocols to inspect for, specified using the protocol's assigned internet protocol number (IANA). Network Firewall currently supports TCP only. Valid values: `6`\n" }, "sourcePorts": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePort:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePort" }, "description": "Set of configuration blocks describing the source ports to inspect for. If not specified, this matches with any source port. See Source Ports below for details.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSource:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSource" }, "description": "Set of configuration blocks describing the source IP address and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address. See Source below for details.\n" } }, "type": "object", "required": [ "protocols" ] }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestination:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestination": { "properties": { "addressDefinition": { "type": "string", "description": "An IP address or a block of IP addresses in CIDR notation. AWS Network Firewall supports all address ranges for IPv4.\n" } }, "type": "object", "required": [ "addressDefinition" ] }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPort:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPort": { "properties": { "fromPort": { "type": "integer", "description": "The lower limit of the port range. This must be less than or equal to the `to_port`.\n" }, "toPort": { "type": "integer", "description": "The upper limit of the port range. This must be greater than or equal to the `from_port`.\n" } }, "type": "object", "required": [ "fromPort", "toPort" ] }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSource:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSource": { "properties": { "addressDefinition": { "type": "string", "description": "An IP address or a block of IP addresses in CIDR notation. AWS Network Firewall supports all address ranges for IPv4.\n" } }, "type": "object", "required": [ "addressDefinition" ] }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePort:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePort": { "properties": { "fromPort": { "type": "integer", "description": "The lower limit of the port range. This must be less than or equal to the `to_port`.\n" }, "toPort": { "type": "integer", "description": "The upper limit of the port range. This must be greater than or equal to the `from_port`.\n" } }, "type": "object", "required": [ "fromPort", "toPort" ] }, "aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificate:TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificate": { "properties": { "resourceArn": { "type": "string", "description": "ARN of the Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.\n" } }, "type": "object" }, "aws:networkfirewall/getFirewallEncryptionConfiguration:getFirewallEncryptionConfiguration": { "properties": { "keyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) customer managed key.\n" }, "type": { "type": "string", "description": "The type of the AWS Key Management Service (AWS KMS) key use by the firewall.\n" } }, "type": "object", "required": [ "keyId", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatus:getFirewallFirewallStatus": { "properties": { "capacityUsageSummaries": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummary:getFirewallFirewallStatusCapacityUsageSummary" }, "description": "Aggregated count of all resources used by reference sets in a firewall.\n" }, "configurationSyncStateSummary": { "type": "string", "description": "Summary of sync states for all availability zones in which the firewall is configured.\n" }, "status": { "type": "string" }, "syncStates": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatusSyncState:getFirewallFirewallStatusSyncState" }, "description": "Set of subnets configured for use by the firewall.\n" } }, "type": "object", "required": [ "capacityUsageSummaries", "configurationSyncStateSummary", "status", "syncStates" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummary:getFirewallFirewallStatusCapacityUsageSummary": { "properties": { "cidrs": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummaryCidr:getFirewallFirewallStatusCapacityUsageSummaryCidr" }, "description": "Capacity usage of CIDR blocks used by IP set references in a firewall.\n" } }, "type": "object", "required": [ "cidrs" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummaryCidr:getFirewallFirewallStatusCapacityUsageSummaryCidr": { "properties": { "availableCidrCount": { "type": "integer", "description": "Available number of CIDR blocks available for use by the IP set references in a firewall.\n" }, "ipSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummaryCidrIpSetReference:getFirewallFirewallStatusCapacityUsageSummaryCidrIpSetReference" }, "description": "The list of IP set references used by a firewall.\n" }, "utilizedCidrCount": { "type": "integer", "description": "Number of CIDR blocks used by the IP set references in a firewall.\n" } }, "type": "object", "required": [ "availableCidrCount", "ipSetReferences", "utilizedCidrCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatusCapacityUsageSummaryCidrIpSetReference:getFirewallFirewallStatusCapacityUsageSummaryCidrIpSetReference": { "properties": { "resolvedCidrCount": { "type": "integer", "description": "Total number of CIDR blocks used by the IP set references in a firewall.\n" } }, "type": "object", "required": [ "resolvedCidrCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatusSyncState:getFirewallFirewallStatusSyncState": { "properties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatusSyncStateAttachment:getFirewallFirewallStatusSyncStateAttachment" }, "description": "Nested list describing the attachment status of the firewall's association with a single VPC subnet.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone where the subnet is configured.\n" } }, "type": "object", "required": [ "attachments", "availabilityZone" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallFirewallStatusSyncStateAttachment:getFirewallFirewallStatusSyncStateAttachment": { "properties": { "endpointId": { "type": "string", "description": "The identifier of the firewall endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.\n" }, "status": { "type": "string" }, "subnetId": { "type": "string", "description": "The unique identifier for the subnet.\n" } }, "type": "object", "required": [ "endpointId", "status", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicy:getFirewallPolicyFirewallPolicy": { "properties": { "statefulDefaultActions": { "type": "array", "items": { "type": "string" } }, "statefulEngineOptions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulEngineOption:getFirewallPolicyFirewallPolicyStatefulEngineOption" } }, "statefulRuleGroupReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulRuleGroupReference:getFirewallPolicyFirewallPolicyStatefulRuleGroupReference" } }, "statelessCustomActions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomAction:getFirewallPolicyFirewallPolicyStatelessCustomAction" } }, "statelessDefaultActions": { "type": "array", "items": { "type": "string" } }, "statelessFragmentDefaultActions": { "type": "array", "items": { "type": "string" } }, "statelessRuleGroupReferences": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessRuleGroupReference:getFirewallPolicyFirewallPolicyStatelessRuleGroupReference" } }, "tlsInspectionConfigurationArn": { "type": "string" } }, "type": "object", "required": [ "statefulDefaultActions", "statefulEngineOptions", "statefulRuleGroupReferences", "statelessCustomActions", "statelessDefaultActions", "statelessFragmentDefaultActions", "statelessRuleGroupReferences", "tlsInspectionConfigurationArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulEngineOption:getFirewallPolicyFirewallPolicyStatefulEngineOption": { "properties": { "ruleOrder": { "type": "string" }, "streamExceptionPolicy": { "type": "string" } }, "type": "object", "required": [ "ruleOrder", "streamExceptionPolicy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulRuleGroupReference:getFirewallPolicyFirewallPolicyStatefulRuleGroupReference": { "properties": { "overrides": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride:getFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride" } }, "priority": { "type": "integer" }, "resourceArn": { "type": "string" } }, "type": "object", "required": [ "priority", "resourceArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride:getFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride": { "properties": { "action": { "type": "string" } }, "type": "object" }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomAction:getFirewallPolicyFirewallPolicyStatelessCustomAction": { "properties": { "actionDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition" } }, "actionName": { "type": "string" } }, "type": "object", "required": [ "actionDefinitions", "actionName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinition": { "properties": { "publishMetricActions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction" } } }, "type": "object", "required": [ "publishMetricActions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricAction": { "properties": { "dimensions": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension" } } }, "type": "object", "required": [ "dimensions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension:getFirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimension": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallPolicyFirewallPolicyStatelessRuleGroupReference:getFirewallPolicyFirewallPolicyStatelessRuleGroupReference": { "properties": { "priority": { "type": "integer" }, "resourceArn": { "type": "string" } }, "type": "object", "required": [ "priority", "resourceArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkfirewall/getFirewallSubnetMapping:getFirewallSubnetMapping": { "properties": { "subnetId": { "type": "string", "description": "The unique identifier for the subnet.\n" } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkmanager/ConnectAttachmentOptions:ConnectAttachmentOptions": { "properties": { "protocol": { "type": "string", "description": "The protocol used for the attachment connection. Possible values are `GRE` and `NO_ENCAP`.\n" } }, "type": "object" }, "aws:networkmanager/ConnectPeerBgpOptions:ConnectPeerBgpOptions": { "properties": { "peerAsn": { "type": "integer" } }, "type": "object" }, "aws:networkmanager/ConnectPeerConfiguration:ConnectPeerConfiguration": { "properties": { "bgpConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/ConnectPeerConfigurationBgpConfiguration:ConnectPeerConfigurationBgpConfiguration" } }, "coreNetworkAddress": { "type": "string", "description": "A Connect peer core network address.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The inside IP addresses used for BGP peering. Required when the Connect attachment protocol is `GRE`. See `aws.networkmanager.ConnectAttachment` for details.\n" }, "peerAddress": { "type": "string", "description": "The Connect peer address.\n\nThe following arguments are optional:\n" }, "protocol": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bgpConfigurations", "coreNetworkAddress", "insideCidrBlocks", "peerAddress", "protocol" ] } } }, "aws:networkmanager/ConnectPeerConfigurationBgpConfiguration:ConnectPeerConfigurationBgpConfiguration": { "properties": { "coreNetworkAddress": { "type": "string", "description": "A Connect peer core network address.\n" }, "coreNetworkAsn": { "type": "integer" }, "peerAddress": { "type": "string", "description": "The Connect peer address.\n\nThe following arguments are optional:\n" }, "peerAsn": { "type": "integer" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "coreNetworkAddress", "coreNetworkAsn", "peerAddress", "peerAsn" ] } } }, "aws:networkmanager/CoreNetworkEdge:CoreNetworkEdge": { "properties": { "asn": { "type": "integer", "description": "ASN of a core network edge.\n" }, "edgeLocation": { "type": "string", "description": "Region where a core network edge is located.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "Inside IP addresses used for core network edges.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "asn", "edgeLocation", "insideCidrBlocks" ] } } }, "aws:networkmanager/CoreNetworkSegment:CoreNetworkSegment": { "properties": { "edgeLocations": { "type": "array", "items": { "type": "string" }, "description": "Regions where the edges are located.\n" }, "name": { "type": "string", "description": "Name of a core network segment.\n" }, "sharedSegments": { "type": "array", "items": { "type": "string" }, "description": "Shared segments of a core network.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "edgeLocations", "name", "sharedSegments" ] } } }, "aws:networkmanager/DeviceAwsLocation:DeviceAwsLocation": { "properties": { "subnetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the subnet that the device is located in.\n" }, "zone": { "type": "string", "description": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.\n" } }, "type": "object" }, "aws:networkmanager/DeviceLocation:DeviceLocation": { "properties": { "address": { "type": "string", "description": "The physical address.\n" }, "latitude": { "type": "string", "description": "The latitude.\n" }, "longitude": { "type": "string", "description": "The longitude.\n" } }, "type": "object" }, "aws:networkmanager/LinkBandwidth:LinkBandwidth": { "properties": { "downloadSpeed": { "type": "integer", "description": "Download speed in Mbps.\n" }, "uploadSpeed": { "type": "integer", "description": "Upload speed in Mbps.\n" } }, "type": "object" }, "aws:networkmanager/SiteLocation:SiteLocation": { "properties": { "address": { "type": "string", "description": "Address of the location.\n" }, "latitude": { "type": "string", "description": "Latitude of the location.\n" }, "longitude": { "type": "string", "description": "Longitude of the location.\n" } }, "type": "object" }, "aws:networkmanager/VpcAttachmentOptions:VpcAttachmentOptions": { "properties": { "applianceModeSupport": { "type": "boolean", "description": "Indicates whether appliance mode is supported.\nIf enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow.\nIf the VPC attachment is pending acceptance, changing this value will recreate the resource.\n" }, "ipv6Support": { "type": "boolean", "description": "Indicates whether IPv6 is supported.\nIf the VPC attachment is pending acceptance, changing this value will recreate the resource.\n" } }, "type": "object" }, "aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicy:getCoreNetworkPolicyDocumentAttachmentPolicy": { "properties": { "action": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicyAction:getCoreNetworkPolicyDocumentAttachmentPolicyAction", "description": "Action to take when a condition is true. Detailed Below.\n" }, "conditionLogic": { "type": "string", "description": "Valid values include `and` or `or`. This is a mandatory parameter only if you have more than one condition. The `condition_logic` apply to all of the conditions for a rule, which also means nested conditions of `and` or `or` are not supported. Use `or` if you want to associate the attachment with the segment by either the segment name or attachment tag value, or by the chosen conditions. Use `and` if you want to associate the attachment with the segment by either the segment name or attachment tag value and by the chosen conditions. Detailed Below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicyCondition:getCoreNetworkPolicyDocumentAttachmentPolicyCondition" }, "description": "A block argument. Detailed Below.\n" }, "description": { "type": "string", "description": "A user-defined description that further helps identify the rule.\n" }, "ruleNumber": { "type": "integer", "description": "An integer from `1` to `65535` indicating the rule's order number. Rules are processed in order from the lowest numbered rule to the highest. Rules stop processing when a rule is matched. It's important to make sure that you number your rules in the exact order that you want them processed.\n" } }, "type": "object", "required": [ "action", "conditions", "ruleNumber" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicyAction:getCoreNetworkPolicyDocumentAttachmentPolicyAction": { "properties": { "addToNetworkFunctionGroup": { "type": "string", "description": "The name of the network function group to attach to the attachment policy.\n" }, "associationMethod": { "type": "string", "description": "Defines how a segment is mapped. Values can be `constant` or `tag`. `constant` statically defines the segment to associate the attachment to. `tag` uses the value of a tag to dynamically try to map to a segment.reference_policies_elements_condition_operators.html) to evaluate.\n" }, "requireAcceptance": { "type": "boolean", "description": "Determines if this mapping should override the segment value for `require_attachment_acceptance`. You can only set this to `true`, indicating that this setting applies only to segments that have `require_attachment_acceptance` set to `false`. If the segment already has the default `require_attachment_acceptance`, you can set this to inherit segment’s acceptance value.\n" }, "segment": { "type": "string", "description": "Name of the `segment` to share as defined in the `segments` section. This is used only when the `association_method` is `constant`.\n" }, "tagValueOfKey": { "type": "string", "description": "Maps the attachment to the value of a known key. This is used with the `association_method` is `tag`. For example a `tag` of `stage = “test”`, will map to a segment named `test`. The value must exactly match the name of a segment. This allows you to have many segments, but use only a single rule without having to define multiple nearly identical conditions. This prevents creating many similar conditions that all use the same keys to map to segments.\n" } }, "type": "object" }, "aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicyCondition:getCoreNetworkPolicyDocumentAttachmentPolicyCondition": { "properties": { "key": { "type": "string", "description": "string value\n" }, "operator": { "type": "string", "description": "Valid values include: `equals`, `not-equals`, `contains`, `begins-with`.\n" }, "type": { "type": "string", "description": "Valid values include: `account-id`, `any`, `tag-value`, `tag-exists`, `resource-id`, `region`, `attachment-type`.\n" }, "value": { "type": "string", "description": "string value\n" } }, "type": "object", "required": [ "type" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentCoreNetworkConfiguration:getCoreNetworkPolicyDocumentCoreNetworkConfiguration": { "properties": { "asnRanges": { "type": "array", "items": { "type": "string" }, "description": "List of strings containing Autonomous System Numbers (ASNs) to assign to Core Network Edges. By default, the core network automatically assigns an ASN for each Core Network Edge but you can optionally define the ASN in the edge-locations for each Region. The ASN uses an array of integer ranges only from `64512` to `65534` and `4200000000` to `4294967294` expressed as a string like `\"64512-65534\"`. No other ASN ranges can be used.\n" }, "edgeLocations": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation:getCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation" }, "description": "A block value of AWS Region locations where you're creating Core Network Edges. Detailed below.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The Classless Inter-Domain Routing (CIDR) block range used to create tunnels for AWS Transit Gateway Connect. The format is standard AWS CIDR range (for example, `10.0.1.0/24`). You can optionally define the inside CIDR in the Core Network Edges section per Region. The minimum is a `/24` for IPv4 or `/64` for IPv6. You can provide multiple `/24` subnets or a larger CIDR range. If you define a larger CIDR range, new Core Network Edges will be automatically assigned `/24` and `/64` subnets from the larger CIDR. an Inside CIDR block is required for attaching Connect attachments to a Core Network Edge.\n" }, "vpnEcmpSupport": { "type": "boolean", "description": "Indicates whether the core network forwards traffic over multiple equal-cost routes using VPN. The value can be either `true` or `false`. The default is `true`.\n" } }, "type": "object", "required": [ "asnRanges", "edgeLocations" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation:getCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation": { "properties": { "asn": { "type": "string", "description": "ASN of the Core Network Edge in an AWS Region. By default, the ASN will be a single integer automatically assigned from `asn_ranges`\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The local CIDR blocks for this Core Network Edge for AWS Transit Gateway Connect attachments. By default, this CIDR block will be one or more optional IPv4 and IPv6 CIDR prefixes auto-assigned from `inside_cidr_blocks`.\n" }, "location": { "type": "string" } }, "type": "object", "required": [ "location" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentNetworkFunctionGroup:getCoreNetworkPolicyDocumentNetworkFunctionGroup": { "properties": { "description": { "type": "string", "description": "Optional description of the network function group.\n" }, "name": { "type": "string", "description": "This identifies the network function group container.\n" }, "requireAttachmentAcceptance": { "type": "boolean", "description": "This will be either `true`, that attachment acceptance is required, or `false`, that it is not required.\n" } }, "type": "object", "required": [ "name", "requireAttachmentAcceptance" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentSegment:getCoreNetworkPolicyDocumentSegment": { "properties": { "allowFilters": { "type": "array", "items": { "type": "string" }, "description": "List of strings of segment names that explicitly allows only routes from the segments that are listed in the array. Use the `allow_filter` setting if a segment has a well-defined group of other segments that connectivity should be restricted to. It is applied after routes have been shared in `segment_actions`. If a segment is listed in `allow_filter`, attachments between the two segments will have routes if they are also shared in the segment-actions area. For example, you might have a segment named \"video-producer\" that should only ever share routes with a \"video-distributor\" segment, no matter how many other share statements are created.\n" }, "denyFilters": { "type": "array", "items": { "type": "string" }, "description": "An array of segments that disallows routes from the segments listed in the array. It is applied only after routes have been shared in `segment_actions`. If a segment is listed in the `deny_filter`, attachments between the two segments will never have routes shared across them. For example, you might have a \"financial\" payment segment that should never share routes with a \"development\" segment, regardless of how many other share statements are created. Adding the payments segment to the deny-filter parameter prevents any shared routes from being created with other segments.\n" }, "description": { "type": "string", "description": "A user-defined string describing the segment.\n" }, "edgeLocations": { "type": "array", "items": { "type": "string" }, "description": "A list of strings of AWS Region names. Allows you to define a more restrictive set of Regions for a segment. The edge location must be a subset of the locations that are defined for `edge_locations` in the `core_network_configuration`.\n" }, "isolateAttachments": { "type": "boolean", "description": "This Boolean setting determines whether attachments on the same segment can communicate with each other. If set to `true`, the only routes available will be either shared routes through the share actions, which are attachments in other segments, or static routes. The default value is `false`. For example, you might have a segment dedicated to \"development\" that should never allow VPCs to talk to each other, even if they’re on the same segment. In this example, you would keep the default parameter of `false`.\n" }, "name": { "type": "string", "description": "Unique name for a segment. The name is a string used in other parts of the policy document, as well as in the console for metrics and other reference points. Valid characters are a–z, and 0–9.\n" }, "requireAttachmentAcceptance": { "type": "boolean", "description": "This Boolean setting determines whether attachment requests are automatically approved or require acceptance. The default is `true`, indicating that attachment requests require acceptance. For example, you might use this setting to allow a \"sandbox\" segment to allow any attachment request so that a core network or attachment administrator does not need to review and approve attachment requests. In this example, `require_attachment_acceptance` is set to `false`.\n" } }, "type": "object", "required": [ "name" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentSegmentAction:getCoreNetworkPolicyDocumentSegmentAction": { "properties": { "action": { "type": "string", "description": "Action to take for the chosen segment. Valid values: `create-route`, `share`, `send-via` and `send-to`.\n" }, "description": { "type": "string", "description": "A user-defined string describing the segment action.\n" }, "destinationCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of strings containing CIDRs. You can define the IPv4 and IPv6 CIDR notation for each AWS Region. For example, `10.1.0.0/16` or `2001:db8::/56`. This is an array of CIDR notation strings.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "A list of strings. Valid values include `[\"blackhole\"]` or a list of attachment ids.\n" }, "mode": { "type": "string", "description": "String. When `action` is `share`, a `mode` value of `attachment-route` places the attachment and return routes in each of the `share_with` segments. When `action` is `send-via`, indicates the mode used for packets. Valid values: `attachment-route`, `single-hop`, `dual-hop`.\n" }, "segment": { "type": "string", "description": "Name of the segment.\n" }, "shareWithExcepts": { "type": "array", "items": { "type": "string" }, "description": "A set subtraction of segments to not share with.\n" }, "shareWiths": { "type": "array", "items": { "type": "string" }, "description": "A list of strings to share with. Must be a substring is all segments. Valid values include: `[\"*\"]` or `[\"\u003csegment-names\u003e\"]`.\n" }, "via": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionVia:getCoreNetworkPolicyDocumentSegmentActionVia", "description": "The network function groups and any edge overrides associated with the action.\n" }, "whenSentTo": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionWhenSentTo:getCoreNetworkPolicyDocumentSegmentActionWhenSentTo", "description": "The destination segments for the `send-via` or `send-to` `action`.\n" } }, "type": "object", "required": [ "action", "segment" ] }, "aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionVia:getCoreNetworkPolicyDocumentSegmentActionVia": { "properties": { "networkFunctionGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of strings. The network function group to use for the service insertion action.\n" }, "withEdgeOverrides": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionViaWithEdgeOverride:getCoreNetworkPolicyDocumentSegmentActionViaWithEdgeOverride" }, "description": "Any edge overrides and the preferred edge to use.\n" } }, "type": "object" }, "aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionViaWithEdgeOverride:getCoreNetworkPolicyDocumentSegmentActionViaWithEdgeOverride": { "properties": { "edgeSets": { "type": "array", "items": { "type": "string" }, "description": "A list of strings. The list of edges associated with the network function group.\n" }, "useEdge": { "type": "string", "description": "The preferred edge to use.\n" } }, "type": "object" }, "aws:networkmanager/getCoreNetworkPolicyDocumentSegmentActionWhenSentTo:getCoreNetworkPolicyDocumentSegmentActionWhenSentTo": { "properties": { "segments": { "type": "array", "items": { "type": "string" }, "description": "A list of strings. The list of segments that the `send-via` `action` uses.\n" } }, "type": "object" }, "aws:networkmanager/getDeviceAwsLocation:getDeviceAwsLocation": { "properties": { "subnetArn": { "type": "string", "description": "ARN of the subnet that the device is located in.\n" }, "zone": { "type": "string", "description": "Zone that the device is located in.\n" } }, "type": "object", "required": [ "subnetArn", "zone" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkmanager/getDeviceLocation:getDeviceLocation": { "properties": { "address": { "type": "string", "description": "Physical address.\n" }, "latitude": { "type": "string", "description": "Latitude.\n" }, "longitude": { "type": "string", "description": "Longitude.\n" } }, "type": "object", "required": [ "address", "latitude", "longitude" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkmanager/getLinkBandwidth:getLinkBandwidth": { "properties": { "downloadSpeed": { "type": "integer", "description": "Download speed in Mbps.\n" }, "uploadSpeed": { "type": "integer", "description": "Upload speed in Mbps.\n" } }, "type": "object", "required": [ "downloadSpeed", "uploadSpeed" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:networkmanager/getSiteLocation:getSiteLocation": { "properties": { "address": { "type": "string", "description": "Address of the location.\n" }, "latitude": { "type": "string", "description": "Latitude of the location.\n" }, "longitude": { "type": "string", "description": "Longitude of the location.\n" } }, "type": "object", "required": [ "address", "latitude", "longitude" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:oam/LinkLinkConfiguration:LinkLinkConfiguration": { "properties": { "logGroupConfiguration": { "$ref": "#/types/aws:oam/LinkLinkConfigurationLogGroupConfiguration:LinkLinkConfigurationLogGroupConfiguration", "description": "Configuration for filtering which log groups are to send log events from the source account to the monitoring account. See `log_group_configuration` Block for details.\n" }, "metricConfiguration": { "$ref": "#/types/aws:oam/LinkLinkConfigurationMetricConfiguration:LinkLinkConfigurationMetricConfiguration", "description": "Configuration for filtering which metric namespaces are to be shared from the source account to the monitoring account. See `metric_configuration` Block for details.\n" } }, "type": "object" }, "aws:oam/LinkLinkConfigurationLogGroupConfiguration:LinkLinkConfigurationLogGroupConfiguration": { "properties": { "filter": { "type": "string", "description": "Filter string that specifies which log groups are to share their log events with the monitoring account. See [LogGroupConfiguration](https://docs.aws.amazon.com/OAM/latest/APIReference/API_LogGroupConfiguration.html) for details.\n" } }, "type": "object", "required": [ "filter" ] }, "aws:oam/LinkLinkConfigurationMetricConfiguration:LinkLinkConfigurationMetricConfiguration": { "properties": { "filter": { "type": "string", "description": "Filter string that specifies which metrics are to be shared with the monitoring account. See [MetricConfiguration](https://docs.aws.amazon.com/OAM/latest/APIReference/API_MetricConfiguration.html) for details.\n" } }, "type": "object", "required": [ "filter" ] }, "aws:oam/getLinkLinkConfiguration:getLinkLinkConfiguration": { "properties": { "logGroupConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:oam/getLinkLinkConfigurationLogGroupConfiguration:getLinkLinkConfigurationLogGroupConfiguration" }, "description": "Configuration for filtering which log groups are to send log events from the source account to the monitoring account. See `log_group_configuration` Block for details.\n" }, "metricConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:oam/getLinkLinkConfigurationMetricConfiguration:getLinkLinkConfigurationMetricConfiguration" }, "description": "Configuration for filtering which metric namespaces are to be shared from the source account to the monitoring account. See `metric_configuration` Block for details.\n" } }, "type": "object", "required": [ "logGroupConfigurations", "metricConfigurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:oam/getLinkLinkConfigurationLogGroupConfiguration:getLinkLinkConfigurationLogGroupConfiguration": { "properties": { "filter": { "type": "string", "description": "Filter string that specifies which metrics are to be shared with the monitoring account. See [MetricConfiguration](https://docs.aws.amazon.com/OAM/latest/APIReference/API_MetricConfiguration.html) for details.\n" } }, "type": "object", "required": [ "filter" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:oam/getLinkLinkConfigurationMetricConfiguration:getLinkLinkConfigurationMetricConfiguration": { "properties": { "filter": { "type": "string", "description": "Filter string that specifies which metrics are to be shared with the monitoring account. See [MetricConfiguration](https://docs.aws.amazon.com/OAM/latest/APIReference/API_MetricConfiguration.html) for details.\n" } }, "type": "object", "required": [ "filter" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions": { "properties": { "anonymousAuthEnabled": { "type": "boolean", "description": "Whether Anonymous auth is enabled. Enables fine-grained access control on an existing domain. Ignored unless `advanced_security_options` are enabled. _Can only be enabled on an existing domain._\n" }, "enabled": { "type": "boolean", "description": "Whether advanced security is enabled.\n" }, "internalUserDatabaseEnabled": { "type": "boolean", "description": "Whether the internal user database is enabled. Default is `false`.\n" }, "masterUserOptions": { "$ref": "#/types/aws:opensearch/DomainAdvancedSecurityOptionsMasterUserOptions:DomainAdvancedSecurityOptionsMasterUserOptions", "description": "Configuration block for the main user. Detailed below.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "anonymousAuthEnabled", "enabled" ] } } }, "aws:opensearch/DomainAdvancedSecurityOptionsMasterUserOptions:DomainAdvancedSecurityOptionsMasterUserOptions": { "properties": { "masterUserArn": { "type": "string", "description": "ARN for the main user. Only specify if `internal_user_database_enabled` is not set or set to `false`.\n" }, "masterUserName": { "type": "string", "description": "Main user's username, which is stored in the Amazon OpenSearch Service domain's internal database. Only specify if `internal_user_database_enabled` is set to `true`.\n" }, "masterUserPassword": { "type": "string", "description": "Main user's password, which is stored in the Amazon OpenSearch Service domain's internal database. Only specify if `internal_user_database_enabled` is set to `true`.\n", "secret": true } }, "type": "object" }, "aws:opensearch/DomainAutoTuneOptions:DomainAutoTuneOptions": { "properties": { "desiredState": { "type": "string", "description": "Auto-Tune desired state for the domain. Valid values: `ENABLED` or `DISABLED`.\n" }, "maintenanceSchedules": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/DomainAutoTuneOptionsMaintenanceSchedule:DomainAutoTuneOptionsMaintenanceSchedule" }, "description": "Configuration block for Auto-Tune maintenance windows. Can be specified multiple times for each maintenance window. Detailed below.\n\n**NOTE:** Maintenance windows are deprecated and have been replaced with [off-peak windows](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html). Consequently, `maintenance_schedule` configuration blocks cannot be specified when `use_off_peak_window` is set to `true`.\n" }, "rollbackOnDisable": { "type": "string", "description": "Whether to roll back to default Auto-Tune settings when disabling Auto-Tune. Valid values: `DEFAULT_ROLLBACK` or `NO_ROLLBACK`.\n" }, "useOffPeakWindow": { "type": "boolean", "description": "Whether to schedule Auto-Tune optimizations that require blue/green deployments during the domain's configured daily off-peak window. Defaults to `false`.\n" } }, "type": "object", "required": [ "desiredState" ], "language": { "nodejs": { "requiredOutputs": [ "desiredState", "rollbackOnDisable" ] } } }, "aws:opensearch/DomainAutoTuneOptionsMaintenanceSchedule:DomainAutoTuneOptionsMaintenanceSchedule": { "properties": { "cronExpressionForRecurrence": { "type": "string", "description": "A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.\n" }, "duration": { "$ref": "#/types/aws:opensearch/DomainAutoTuneOptionsMaintenanceScheduleDuration:DomainAutoTuneOptionsMaintenanceScheduleDuration", "description": "Configuration block for the duration of the Auto-Tune maintenance window. Detailed below.\n" }, "startAt": { "type": "string", "description": "Date and time at which to start the Auto-Tune maintenance schedule in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" } }, "type": "object", "required": [ "cronExpressionForRecurrence", "duration", "startAt" ] }, "aws:opensearch/DomainAutoTuneOptionsMaintenanceScheduleDuration:DomainAutoTuneOptionsMaintenanceScheduleDuration": { "properties": { "unit": { "type": "string", "description": "Unit of time specifying the duration of an Auto-Tune maintenance window. Valid values: `HOURS`.\n" }, "value": { "type": "integer", "description": "An integer specifying the value of the duration of an Auto-Tune maintenance window.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:opensearch/DomainClusterConfig:DomainClusterConfig": { "properties": { "coldStorageOptions": { "$ref": "#/types/aws:opensearch/DomainClusterConfigColdStorageOptions:DomainClusterConfigColdStorageOptions", "description": "Configuration block containing cold storage configuration. Detailed below.\n" }, "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated main nodes in the cluster.\n" }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Whether dedicated main nodes are enabled for the cluster.\n" }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated main nodes in the cluster.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n" }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n" }, "multiAzWithStandbyEnabled": { "type": "boolean", "description": "Whether a multi-AZ domain is turned on with a standby AZ. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html).\n" }, "warmCount": { "type": "integer", "description": "Number of warm nodes in the cluster. Valid values are between `2` and `150`. `warm_count` can be only and must be set when `warm_enabled` is set to `true`.\n" }, "warmEnabled": { "type": "boolean", "description": "Whether to enable warm storage.\n" }, "warmType": { "type": "string", "description": "Instance type for the OpenSearch cluster's warm nodes. Valid values are `ultrawarm1.medium.search`, `ultrawarm1.large.search` and `ultrawarm1.xlarge.search`. `warm_type` can be only and must be set when `warm_enabled` is set to `true`.\n" }, "zoneAwarenessConfig": { "$ref": "#/types/aws:opensearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig", "description": "Configuration block containing zone awareness settings. Detailed below.\n" }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Whether zone awareness is enabled, set to `true` for multi-az deployment. To enable awareness with three Availability Zones, the `availability_zone_count` within the `zone_awareness_config` must be set to `3`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "coldStorageOptions" ] } } }, "aws:opensearch/DomainClusterConfigColdStorageOptions:DomainClusterConfigColdStorageOptions": { "properties": { "enabled": { "type": "boolean", "description": "Boolean to enable cold storage for an OpenSearch domain. Defaults to `false`. Master and ultrawarm nodes must be enabled for cold storage.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled" ] } } }, "aws:opensearch/DomainClusterConfigZoneAwarenessConfig:DomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of Availability Zones for the domain to use with `zone_awareness_enabled`. Defaults to `2`. Valid values: `2` or `3`.\n" } }, "type": "object" }, "aws:opensearch/DomainCognitoOptions:DomainCognitoOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether Amazon Cognito authentication with Dashboard is enabled or not. Default is `false`.\n" }, "identityPoolId": { "type": "string", "description": "ID of the Cognito Identity Pool to use.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that has the AmazonOpenSearchServiceCognitoAccess policy attached.\n" }, "userPoolId": { "type": "string", "description": "ID of the Cognito User Pool to use.\n" } }, "type": "object", "required": [ "identityPoolId", "roleArn", "userPoolId" ] }, "aws:opensearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions": { "properties": { "customEndpoint": { "type": "string", "description": "Fully qualified domain for your custom endpoint.\n" }, "customEndpointCertificateArn": { "type": "string", "description": "ACM certificate ARN for your custom endpoint.\n" }, "customEndpointEnabled": { "type": "boolean", "description": "Whether to enable custom endpoint for the OpenSearch domain.\n" }, "enforceHttps": { "type": "boolean", "description": "Whether or not to require HTTPS. Defaults to `true`.\n" }, "tlsSecurityPolicy": { "type": "string", "description": "Name of the TLS security policy that needs to be applied to the HTTPS endpoint. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DomainEndpointOptions.html#opensearchservice-Type-DomainEndpointOptions-TLSSecurityPolicy). Pulumi will only perform drift detection if a configuration value is provided.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "tlsSecurityPolicy" ] } } }, "aws:opensearch/DomainEbsOptions:DomainEbsOptions": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n" }, "iops": { "type": "integer", "description": "Baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the GP3 and Provisioned IOPS EBS volume types.\n" }, "throughput": { "type": "integer", "description": "Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type.\n" }, "volumeSize": { "type": "integer", "description": "Size of EBS volumes attached to data nodes (in GiB).\n" }, "volumeType": { "type": "string", "description": "Type of EBS volumes attached to data nodes.\n" } }, "type": "object", "required": [ "ebsEnabled" ], "language": { "nodejs": { "requiredOutputs": [ "ebsEnabled", "iops", "throughput", "volumeType" ] } } }, "aws:opensearch/DomainEncryptAtRest:DomainEncryptAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable encryption at rest. If the `encrypt_at_rest` block is not provided then this defaults to `false`. Enabling encryption on new domains requires an `engine_version` of `OpenSearch_X.Y` or `Elasticsearch_5.1` or greater.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ARN to encrypt the Elasticsearch domain with. If not specified then it defaults to using the `aws/es` service KMS key. Note that KMS will accept a KMS key ID but will return the key ARN. To prevent the provider detecting unwanted changes, use the key ARN instead.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "kmsKeyId" ] } } }, "aws:opensearch/DomainLogPublishingOption:DomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "ARN of the Cloudwatch log group to which log needs to be published.\n" }, "enabled": { "type": "boolean", "description": "Whether given log publishing option is enabled or not.\n" }, "logType": { "type": "string", "description": "Type of OpenSearch log. Valid values: `INDEX_SLOW_LOGS`, `SEARCH_SLOW_LOGS`, `ES_APPLICATION_LOGS`, `AUDIT_LOGS`.\n" } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "logType" ] }, "aws:opensearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Whether to enable node-to-node encryption. If the `node_to_node_encryption` block is not provided then this defaults to `false`. Enabling node-to-node encryption of a new domain requires an `engine_version` of `OpenSearch_X.Y` or `Elasticsearch_6.0` or greater.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:opensearch/DomainOffPeakWindowOptions:DomainOffPeakWindowOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window.\n" }, "offPeakWindow": { "$ref": "#/types/aws:opensearch/DomainOffPeakWindowOptionsOffPeakWindow:DomainOffPeakWindowOptionsOffPeakWindow" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "enabled", "offPeakWindow" ] } } }, "aws:opensearch/DomainOffPeakWindowOptionsOffPeakWindow:DomainOffPeakWindowOptionsOffPeakWindow": { "properties": { "windowStartTime": { "$ref": "#/types/aws:opensearch/DomainOffPeakWindowOptionsOffPeakWindowWindowStartTime:DomainOffPeakWindowOptionsOffPeakWindowWindowStartTime", "description": "10h window for updates\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "windowStartTime" ] } } }, "aws:opensearch/DomainOffPeakWindowOptionsOffPeakWindowWindowStartTime:DomainOffPeakWindowOptionsOffPeakWindowWindowStartTime": { "properties": { "hours": { "type": "integer", "description": "Starting hour of the 10-hour window for updates\n" }, "minutes": { "type": "integer", "description": "Starting minute of the 10-hour window for updates\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "hours", "minutes" ] } } }, "aws:opensearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions": { "properties": { "enabled": { "type": "boolean", "description": "Whether SAML authentication is enabled.\n" }, "idp": { "$ref": "#/types/aws:opensearch/DomainSamlOptionsSamlOptionsIdp:DomainSamlOptionsSamlOptionsIdp", "description": "Information from your identity provider.\n" }, "masterBackendRole": { "type": "string", "description": "This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.\n" }, "masterUserName": { "type": "string", "description": "This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.\n", "secret": true }, "rolesKey": { "type": "string", "description": "Element of the SAML assertion to use for backend roles. Default is roles.\n" }, "sessionTimeoutMinutes": { "type": "integer", "description": "Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.\n" }, "subjectKey": { "type": "string", "description": "Element of the SAML assertion to use for username. Default is NameID.\n" } }, "type": "object" }, "aws:opensearch/DomainSamlOptionsSamlOptionsIdp:DomainSamlOptionsSamlOptionsIdp": { "properties": { "entityId": { "type": "string", "description": "Unique Entity ID of the application in SAML Identity Provider.\n" }, "metadataContent": { "type": "string", "description": "Metadata of the SAML application in xml format.\n" } }, "type": "object", "required": [ "entityId", "metadataContent" ] }, "aws:opensearch/DomainSnapshotOptions:DomainSnapshotOptions": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily snapshot of the indices in the domain.\n" } }, "type": "object", "required": [ "automatedSnapshotStartHour" ] }, "aws:opensearch/DomainSoftwareUpdateOptions:DomainSoftwareUpdateOptions": { "properties": { "autoSoftwareUpdateEnabled": { "type": "boolean", "description": "Whether automatic service software updates are enabled for the domain. Defaults to `false`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "autoSoftwareUpdateEnabled" ] } } }, "aws:opensearch/DomainVpcOptions:DomainVpcOptions": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "If the domain was created inside a VPC, the names of the availability zones the configured `subnet_ids` were created inside.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Security Group IDs to be applied to the OpenSearch domain endpoints. If omitted, the default Security Group for the VPC will be used.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the OpenSearch domain endpoints to be created in.\n" }, "vpcId": { "type": "string", "description": "If the domain was created inside a VPC, the ID of the VPC.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "vpcId" ] } } }, "aws:opensearch/OutboundConnectionConnectionProperties:OutboundConnectionConnectionProperties": { "properties": { "crossClusterSearch": { "$ref": "#/types/aws:opensearch/OutboundConnectionConnectionPropertiesCrossClusterSearch:OutboundConnectionConnectionPropertiesCrossClusterSearch", "description": "Configuration block for cross cluster search.\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The endpoint of the remote domain, is only set when `connection_mode` is `VPC_ENDPOINT` and `accept_connection` is `TRUE`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endpoint" ] } } }, "aws:opensearch/OutboundConnectionConnectionPropertiesCrossClusterSearch:OutboundConnectionConnectionPropertiesCrossClusterSearch": { "properties": { "skipUnavailable": { "type": "string", "description": "Skips unavailable clusters and can only be used for cross-cluster searches. Accepted values are `ENABLED` or `DISABLED`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:opensearch/OutboundConnectionLocalDomainInfo:OutboundConnectionLocalDomainInfo": { "properties": { "domainName": { "type": "string", "description": "The name of the local domain.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The Account ID of the owner of the local domain.\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "The region of the local domain.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "domainName", "ownerId", "region" ] }, "aws:opensearch/OutboundConnectionRemoteDomainInfo:OutboundConnectionRemoteDomainInfo": { "properties": { "domainName": { "type": "string", "description": "The name of the remote domain.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The Account ID of the owner of the remote domain.\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "The region of the remote domain.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "domainName", "ownerId", "region" ] }, "aws:opensearch/PackagePackageSource:PackagePackageSource": { "properties": { "s3BucketName": { "type": "string", "description": "The name of the Amazon S3 bucket containing the package.\n", "willReplaceOnChanges": true }, "s3Key": { "type": "string", "description": "Key (file name) of the package.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3BucketName", "s3Key" ] }, "aws:opensearch/ServerlessCollectionTimeouts:ServerlessCollectionTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:opensearch/ServerlessSecurityConfigSamlOptions:ServerlessSecurityConfigSamlOptions": { "properties": { "groupAttribute": { "type": "string", "description": "Group attribute for this SAML integration.\n" }, "metadata": { "type": "string", "description": "The XML IdP metadata file generated from your identity provider.\n" }, "sessionTimeout": { "type": "integer", "description": "Session timeout, in minutes. Minimum is 5 minutes and maximum is 720 minutes (12 hours). Default is 60 minutes.\n" }, "userAttribute": { "type": "string", "description": "User attribute for this SAML integration.\n" } }, "type": "object", "required": [ "metadata" ], "language": { "nodejs": { "requiredOutputs": [ "metadata", "sessionTimeout" ] } } }, "aws:opensearch/ServerlessVpcEndpointTimeouts:ServerlessVpcEndpointTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:opensearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" } }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The list of security group IDs associated with the VPC endpoints for the domain. If you do not provide a security group ID, OpenSearch Service uses the default security group for the VPC.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs associated with the VPC endpoints for the domain. If your domain uses multiple Availability Zones, you need to provide two subnet IDs, one per zone. Otherwise, provide only one.\n" }, "vpcId": { "type": "string" } }, "type": "object", "required": [ "subnetIds" ], "language": { "nodejs": { "requiredOutputs": [ "availabilityZones", "securityGroupIds", "subnetIds", "vpcId" ] } } }, "aws:opensearch/getDomainAdvancedSecurityOption:getDomainAdvancedSecurityOption": { "properties": { "anonymousAuthEnabled": { "type": "boolean" }, "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" }, "internalUserDatabaseEnabled": { "type": "boolean", "description": "Whether the internal user database is enabled.\n" } }, "type": "object", "required": [ "anonymousAuthEnabled", "enabled", "internalUserDatabaseEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainAutoTuneOption:getDomainAutoTuneOption": { "properties": { "desiredState": { "type": "string", "description": "Auto-Tune desired state for the domain.\n" }, "maintenanceSchedules": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainAutoTuneOptionMaintenanceSchedule:getDomainAutoTuneOptionMaintenanceSchedule" }, "description": "A list of the nested configurations for the Auto-Tune maintenance windows of the domain.\n" }, "rollbackOnDisable": { "type": "string", "description": "Whether the domain is set to roll back to default Auto-Tune settings when disabling Auto-Tune.\n" }, "useOffPeakWindow": { "type": "boolean", "description": "Whether to schedule Auto-Tune optimizations that require blue/green deployments during the domain's configured daily off-peak window.\n" } }, "type": "object", "required": [ "desiredState", "maintenanceSchedules", "rollbackOnDisable", "useOffPeakWindow" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainAutoTuneOptionMaintenanceSchedule:getDomainAutoTuneOptionMaintenanceSchedule": { "properties": { "cronExpressionForRecurrence": { "type": "string", "description": "Cron expression for an Auto-Tune maintenance schedule.\n" }, "durations": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainAutoTuneOptionMaintenanceScheduleDuration:getDomainAutoTuneOptionMaintenanceScheduleDuration" }, "description": "Configuration block for the duration of the Auto-Tune maintenance window.\n" }, "startAt": { "type": "string", "description": "Date and time at which the Auto-Tune maintenance schedule starts in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" } }, "type": "object", "required": [ "cronExpressionForRecurrence", "durations", "startAt" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainAutoTuneOptionMaintenanceScheduleDuration:getDomainAutoTuneOptionMaintenanceScheduleDuration": { "properties": { "unit": { "type": "string", "description": "Unit of time.\n" }, "value": { "type": "integer", "description": "Duration of an Auto-Tune maintenance window.\n" } }, "type": "object", "required": [ "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainClusterConfig:getDomainClusterConfig": { "properties": { "coldStorageOptions": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainClusterConfigColdStorageOption:getDomainClusterConfigColdStorageOption" }, "description": "Configuration block containing cold storage configuration.\n" }, "dedicatedMasterCount": { "type": "integer", "description": "Number of dedicated master nodes in the cluster.\n" }, "dedicatedMasterEnabled": { "type": "boolean", "description": "Indicates whether dedicated master nodes are enabled for the cluster.\n" }, "dedicatedMasterType": { "type": "string", "description": "Instance type of the dedicated master nodes in the cluster.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances in the cluster.\n" }, "instanceType": { "type": "string", "description": "Instance type of data nodes in the cluster.\n" }, "multiAzWithStandbyEnabled": { "type": "boolean", "description": "Whether a multi-AZ domain is turned on with a standby AZ.\n" }, "warmCount": { "type": "integer", "description": "Number of warm nodes in the cluster.\n" }, "warmEnabled": { "type": "boolean", "description": "Warm storage is enabled.\n" }, "warmType": { "type": "string", "description": "Instance type for the OpenSearch cluster's warm nodes.\n" }, "zoneAwarenessConfigs": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig" }, "description": "Configuration block containing zone awareness settings.\n" }, "zoneAwarenessEnabled": { "type": "boolean", "description": "Indicates whether zone awareness is enabled.\n" } }, "type": "object", "required": [ "coldStorageOptions", "dedicatedMasterCount", "dedicatedMasterEnabled", "dedicatedMasterType", "instanceCount", "instanceType", "multiAzWithStandbyEnabled", "warmCount", "warmType", "zoneAwarenessConfigs", "zoneAwarenessEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainClusterConfigColdStorageOption:getDomainClusterConfigColdStorageOption": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainClusterConfigZoneAwarenessConfig:getDomainClusterConfigZoneAwarenessConfig": { "properties": { "availabilityZoneCount": { "type": "integer", "description": "Number of availability zones used.\n" } }, "type": "object", "required": [ "availabilityZoneCount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainCognitoOption:getDomainCognitoOption": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" }, "identityPoolId": { "type": "string", "description": "Cognito Identity pool used by the domain.\n" }, "roleArn": { "type": "string", "description": "IAM Role with the AmazonOpenSearchServiceCognitoAccess policy attached.\n" }, "userPoolId": { "type": "string", "description": "Cognito User pool used by the domain.\n" } }, "type": "object", "required": [ "enabled", "identityPoolId", "roleArn", "userPoolId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainEbsOption:getDomainEbsOption": { "properties": { "ebsEnabled": { "type": "boolean", "description": "Whether EBS volumes are attached to data nodes in the domain.\n" }, "iops": { "type": "integer", "description": "Baseline input/output (I/O) performance of EBS volumes attached to data nodes.\n" }, "throughput": { "type": "integer", "description": "The throughput (in MiB/s) of the EBS volumes attached to data nodes.\n" }, "volumeSize": { "type": "integer", "description": "Size of EBS volumes attached to data nodes (in GB).\n" }, "volumeType": { "type": "string", "description": "Type of EBS volumes attached to data nodes.\n" } }, "type": "object", "required": [ "ebsEnabled", "iops", "throughput", "volumeSize", "volumeType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" }, "kmsKeyId": { "type": "string", "description": "KMS key id used to encrypt data at rest.\n" } }, "type": "object", "required": [ "enabled", "kmsKeyId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainLogPublishingOption:getDomainLogPublishingOption": { "properties": { "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch Log Group where the logs are published.\n" }, "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" }, "logType": { "type": "string", "description": "Type of OpenSearch log being published.\n" } }, "type": "object", "required": [ "cloudwatchLogGroupArn", "enabled", "logType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainOffPeakWindowOptions:getDomainOffPeakWindowOptions": { "properties": { "enabled": { "type": "boolean", "description": "Enabled disabled toggle for off-peak update window\n" }, "offPeakWindows": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainOffPeakWindowOptionsOffPeakWindow:getDomainOffPeakWindowOptionsOffPeakWindow" } } }, "type": "object", "required": [ "enabled", "offPeakWindows" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainOffPeakWindowOptionsOffPeakWindow:getDomainOffPeakWindowOptionsOffPeakWindow": { "properties": { "windowStartTimes": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/getDomainOffPeakWindowOptionsOffPeakWindowWindowStartTime:getDomainOffPeakWindowOptionsOffPeakWindowWindowStartTime" }, "description": "10h window for updates\n" } }, "type": "object", "required": [ "windowStartTimes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainOffPeakWindowOptionsOffPeakWindowWindowStartTime:getDomainOffPeakWindowOptionsOffPeakWindowWindowStartTime": { "properties": { "hours": { "type": "integer", "description": "Starting hour of the 10-hour window for updates\n" }, "minutes": { "type": "integer", "description": "Starting minute of the 10-hour window for updates\n" } }, "type": "object", "required": [ "hours", "minutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainSnapshotOption:getDomainSnapshotOption": { "properties": { "automatedSnapshotStartHour": { "type": "integer", "description": "Hour during which the service takes an automated daily snapshot of the indices in the domain.\n" } }, "type": "object", "required": [ "automatedSnapshotStartHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainSoftwareUpdateOption:getDomainSoftwareUpdateOption": { "properties": { "autoSoftwareUpdateEnabled": { "type": "boolean", "description": "Enabled or disabled.\n" } }, "type": "object", "required": [ "autoSoftwareUpdateEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getDomainVpcOption:getDomainVpcOption": { "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "Availability zones used by the domain.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security groups used by the domain.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnets used by the domain.\n" }, "vpcId": { "type": "string", "description": "VPC used by the domain.\n" } }, "type": "object", "required": [ "availabilityZones", "securityGroupIds", "subnetIds", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearch/getServerlessSecurityConfigSamlOptions:getServerlessSecurityConfigSamlOptions": { "properties": { "groupAttribute": { "type": "string", "description": "Group attribute for this SAML integration.\n" }, "metadata": { "type": "string", "description": "The XML IdP metadata file generated from your identity provider.\n" }, "sessionTimeout": { "type": "integer", "description": "Session timeout, in minutes. Minimum is 5 minutes and maximum is 720 minutes (12 hours). Default is 60 minutes.\n" }, "userAttribute": { "type": "string", "description": "User attribute for this SAML integration.\n" } }, "type": "object", "required": [ "groupAttribute", "metadata", "sessionTimeout", "userAttribute" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:opensearchingest/PipelineBufferOptions:PipelineBufferOptions": { "properties": { "persistentBufferEnabled": { "type": "boolean", "description": "Whether persistent buffering should be enabled.\n" } }, "type": "object", "required": [ "persistentBufferEnabled" ] }, "aws:opensearchingest/PipelineEncryptionAtRestOptions:PipelineEncryptionAtRestOptions": { "properties": { "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key used to encrypt data-at-rest in OpenSearch Ingestion. By default, data is encrypted using an AWS owned key.\n" } }, "type": "object", "required": [ "kmsKeyArn" ] }, "aws:opensearchingest/PipelineLogPublishingOptions:PipelineLogPublishingOptions": { "properties": { "cloudwatchLogDestination": { "$ref": "#/types/aws:opensearchingest/PipelineLogPublishingOptionsCloudwatchLogDestination:PipelineLogPublishingOptionsCloudwatchLogDestination", "description": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if IsLoggingEnabled is set to true. See `cloudwatch_log_destination` below.\n" }, "isLoggingEnabled": { "type": "boolean", "description": "Whether logs should be published.\n" } }, "type": "object" }, "aws:opensearchingest/PipelineLogPublishingOptionsCloudwatchLogDestination:PipelineLogPublishingOptionsCloudwatchLogDestination": { "properties": { "logGroup": { "type": "string", "description": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, /aws/OpenSearchService/IngestionService/my-pipeline.\n" } }, "type": "object", "required": [ "logGroup" ] }, "aws:opensearchingest/PipelineTimeouts:PipelineTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:opensearchingest/PipelineVpcOptions:PipelineVpcOptions": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security groups associated with the VPC endpoint.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs associated with the VPC endpoint.\n" } }, "type": "object", "required": [ "subnetIds" ] }, "aws:opsworks/ApplicationAppSource:ApplicationAppSource": { "properties": { "password": { "type": "string", "description": "Password to use when authenticating to the source. This provider cannot perform drift detection of this configuration.\n", "secret": true }, "revision": { "type": "string", "description": "For sources that are version-aware, the revision to use.\n" }, "sshKey": { "type": "string", "description": "SSH key to use when authenticating to the source. This provider cannot perform drift detection of this configuration.\n", "secret": true }, "type": { "type": "string", "description": "The type of source to use. For example, \"archive\".\n" }, "url": { "type": "string", "description": "The URL where the app resource can be found.\n" }, "username": { "type": "string", "description": "Username to use when authenticating to the source.\n" } }, "type": "object", "required": [ "type" ] }, "aws:opsworks/ApplicationEnvironment:ApplicationEnvironment": { "properties": { "key": { "type": "string", "description": "Variable name.\n" }, "secure": { "type": "boolean", "description": "Set visibility of the variable value to `true` or `false`.\n" }, "value": { "type": "string", "description": "Variable value.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration": { "properties": { "certificate": { "type": "string", "description": "The contents of the certificate's domain.crt file.\n" }, "chain": { "type": "string", "description": "Can be used to specify an intermediate certificate authority key or client authentication.\n" }, "privateKey": { "type": "string", "description": "The private key; the contents of the certificate's domain.key file.\n", "secret": true } }, "type": "object", "required": [ "certificate", "privateKey" ] }, "aws:opsworks/CustomLayerCloudwatchConfiguration:CustomLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerCloudwatchConfigurationLogStream:CustomLayerCloudwatchConfigurationLogStream" }, "description": "A block the specifies how an opsworks logs look like. See Log Streams.\n" } }, "type": "object" }, "aws:opsworks/CustomLayerCloudwatchConfigurationLogStream:CustomLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer", "description": "Specifies the max number of log events in a batch, up to `10000`. The default value is `1000`.\n" }, "batchSize": { "type": "integer", "description": "Specifies the maximum size of log events in a batch, in bytes, up to `1048576` bytes. The default value is `32768` bytes.\n" }, "bufferDuration": { "type": "integer", "description": "Specifies the time duration for the batching of log events. The minimum value is `5000` and default value is `5000`.\n" }, "datetimeFormat": { "type": "string", "description": "Specifies how the timestamp is extracted from logs. For more information, see the CloudWatch Logs Agent Reference (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AgentReference.html).\n" }, "encoding": { "type": "string", "description": "Specifies the encoding of the log file so that the file can be read correctly. The default is `utf_8`.\n" }, "file": { "type": "string", "description": "Specifies log files that you want to push to CloudWatch Logs. File can point to a specific file or multiple files (by using wild card characters such as /var/log/system.log*).\n" }, "fileFingerprintLines": { "type": "string", "description": "Specifies the range of lines for identifying a file. The valid values are one number, or two dash-delimited numbers, such as `1`, `2-5`. The default value is `1`.\n" }, "initialPosition": { "type": "string", "description": "Specifies where to start to read data (`start_of_file` or `end_of_file`). The default is `start_of_file`.\n" }, "logGroupName": { "type": "string", "description": "Specifies the destination log group. A log group is created automatically if it doesn't already exist.\n" }, "multilineStartPattern": { "type": "string", "description": "Specifies the pattern for identifying the start of a log message.\n" }, "timeZone": { "type": "string", "description": "Specifies the time zone of log event time stamps.\n" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean", "description": "Encrypt the volume.\n" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/CustomLayerLoadBasedAutoScaling:CustomLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/CustomLayerLoadBasedAutoScalingDownscaling:CustomLayerLoadBasedAutoScalingDownscaling", "description": "The downscaling settings, as defined below, used for load-based autoscaling\n" }, "enable": { "type": "boolean", "description": "Whether load-based auto scaling is enabled for the layer.\n" }, "upscaling": { "$ref": "#/types/aws:opsworks/CustomLayerLoadBasedAutoScalingUpscaling:CustomLayerLoadBasedAutoScalingUpscaling", "description": "The upscaling settings, as defined below, used for load-based autoscaling\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/CustomLayerLoadBasedAutoScalingDownscaling:CustomLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" }, "description": "Custom Cloudwatch auto scaling alarms, to be used as thresholds. This parameter takes a list of up to five alarm names, which are case sensitive and must be in the same region as the stack.\n" }, "cpuThreshold": { "type": "number", "description": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.\n" }, "ignoreMetricsTime": { "type": "integer", "description": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances to add or remove when the load exceeds a threshold.\n" }, "loadThreshold": { "type": "number", "description": "The load threshold. A value of -1 disables the threshold.\n" }, "memoryThreshold": { "type": "number", "description": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.\n" }, "thresholdsWaitTime": { "type": "integer", "description": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.\n" } }, "type": "object" }, "aws:opsworks/CustomLayerLoadBasedAutoScalingUpscaling:CustomLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" }, "description": "Custom Cloudwatch auto scaling alarms, to be used as thresholds. This parameter takes a list of up to five alarm names, which are case sensitive and must be in the same region as the stack.\n" }, "cpuThreshold": { "type": "number", "description": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.\n" }, "ignoreMetricsTime": { "type": "integer", "description": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances to add or remove when the load exceeds a threshold.\n" }, "loadThreshold": { "type": "number", "description": "The load threshold. A value of -1 disables the threshold.\n" }, "memoryThreshold": { "type": "number", "description": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.\n" }, "thresholdsWaitTime": { "type": "integer", "description": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.\n" } }, "type": "object" }, "aws:opsworks/EcsClusterLayerCloudwatchConfiguration:EcsClusterLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/EcsClusterLayerCloudwatchConfigurationLogStream:EcsClusterLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/EcsClusterLayerCloudwatchConfigurationLogStream:EcsClusterLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/EcsClusterLayerEbsVolume:EcsClusterLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/EcsClusterLayerLoadBasedAutoScaling:EcsClusterLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/EcsClusterLayerLoadBasedAutoScalingDownscaling:EcsClusterLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/EcsClusterLayerLoadBasedAutoScalingUpscaling:EcsClusterLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/EcsClusterLayerLoadBasedAutoScalingDownscaling:EcsClusterLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/EcsClusterLayerLoadBasedAutoScalingUpscaling:EcsClusterLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/GangliaLayerCloudwatchConfiguration:GangliaLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerCloudwatchConfigurationLogStream:GangliaLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/GangliaLayerCloudwatchConfigurationLogStream:GangliaLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/GangliaLayerLoadBasedAutoScaling:GangliaLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/GangliaLayerLoadBasedAutoScalingDownscaling:GangliaLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/GangliaLayerLoadBasedAutoScalingUpscaling:GangliaLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/GangliaLayerLoadBasedAutoScalingDownscaling:GangliaLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/GangliaLayerLoadBasedAutoScalingUpscaling:GangliaLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/HaproxyLayerCloudwatchConfiguration:HaproxyLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerCloudwatchConfigurationLogStream:HaproxyLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/HaproxyLayerCloudwatchConfigurationLogStream:HaproxyLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/HaproxyLayerLoadBasedAutoScaling:HaproxyLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/HaproxyLayerLoadBasedAutoScalingDownscaling:HaproxyLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/HaproxyLayerLoadBasedAutoScalingUpscaling:HaproxyLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/HaproxyLayerLoadBasedAutoScalingDownscaling:HaproxyLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/HaproxyLayerLoadBasedAutoScalingUpscaling:HaproxyLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "deviceName" ], "language": { "nodejs": { "requiredOutputs": [ "deviceName", "iops", "snapshotId", "volumeSize", "volumeType" ] } } }, "aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice": { "properties": { "deviceName": { "type": "string" }, "virtualName": { "type": "string" } }, "type": "object", "required": [ "deviceName", "virtualName" ] }, "aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice": { "properties": { "deleteOnTermination": { "type": "boolean", "willReplaceOnChanges": true }, "iops": { "type": "integer", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iops", "volumeSize", "volumeType" ] } } }, "aws:opsworks/JavaAppLayerCloudwatchConfiguration:JavaAppLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerCloudwatchConfigurationLogStream:JavaAppLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/JavaAppLayerCloudwatchConfigurationLogStream:JavaAppLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/JavaAppLayerLoadBasedAutoScaling:JavaAppLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/JavaAppLayerLoadBasedAutoScalingDownscaling:JavaAppLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/JavaAppLayerLoadBasedAutoScalingUpscaling:JavaAppLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/JavaAppLayerLoadBasedAutoScalingDownscaling:JavaAppLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/JavaAppLayerLoadBasedAutoScalingUpscaling:JavaAppLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/MemcachedLayerCloudwatchConfiguration:MemcachedLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerCloudwatchConfigurationLogStream:MemcachedLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/MemcachedLayerCloudwatchConfigurationLogStream:MemcachedLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/MemcachedLayerLoadBasedAutoScaling:MemcachedLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/MemcachedLayerLoadBasedAutoScalingDownscaling:MemcachedLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/MemcachedLayerLoadBasedAutoScalingUpscaling:MemcachedLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/MemcachedLayerLoadBasedAutoScalingDownscaling:MemcachedLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/MemcachedLayerLoadBasedAutoScalingUpscaling:MemcachedLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/MysqlLayerCloudwatchConfiguration:MysqlLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerCloudwatchConfigurationLogStream:MysqlLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/MysqlLayerCloudwatchConfigurationLogStream:MysqlLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/MysqlLayerLoadBasedAutoScaling:MysqlLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/MysqlLayerLoadBasedAutoScalingDownscaling:MysqlLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/MysqlLayerLoadBasedAutoScalingUpscaling:MysqlLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/MysqlLayerLoadBasedAutoScalingDownscaling:MysqlLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/MysqlLayerLoadBasedAutoScalingUpscaling:MysqlLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/NodejsAppLayerCloudwatchConfiguration:NodejsAppLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerCloudwatchConfigurationLogStream:NodejsAppLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/NodejsAppLayerCloudwatchConfigurationLogStream:NodejsAppLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/NodejsAppLayerLoadBasedAutoScaling:NodejsAppLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/NodejsAppLayerLoadBasedAutoScalingDownscaling:NodejsAppLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/NodejsAppLayerLoadBasedAutoScalingUpscaling:NodejsAppLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/NodejsAppLayerLoadBasedAutoScalingDownscaling:NodejsAppLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/NodejsAppLayerLoadBasedAutoScalingUpscaling:NodejsAppLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/PhpAppLayerCloudwatchConfiguration:PhpAppLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerCloudwatchConfigurationLogStream:PhpAppLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/PhpAppLayerCloudwatchConfigurationLogStream:PhpAppLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/PhpAppLayerLoadBasedAutoScaling:PhpAppLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/PhpAppLayerLoadBasedAutoScalingDownscaling:PhpAppLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/PhpAppLayerLoadBasedAutoScalingUpscaling:PhpAppLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/PhpAppLayerLoadBasedAutoScalingDownscaling:PhpAppLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/PhpAppLayerLoadBasedAutoScalingUpscaling:PhpAppLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/RailsAppLayerCloudwatchConfiguration:RailsAppLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerCloudwatchConfigurationLogStream:RailsAppLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/RailsAppLayerCloudwatchConfigurationLogStream:RailsAppLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/RailsAppLayerLoadBasedAutoScaling:RailsAppLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/RailsAppLayerLoadBasedAutoScalingDownscaling:RailsAppLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/RailsAppLayerLoadBasedAutoScalingUpscaling:RailsAppLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/RailsAppLayerLoadBasedAutoScalingDownscaling:RailsAppLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/RailsAppLayerLoadBasedAutoScalingUpscaling:RailsAppLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource": { "properties": { "password": { "type": "string", "description": "Password to use when authenticating to the source. The provider cannot perform drift detection of this configuration.\n", "secret": true }, "revision": { "type": "string", "description": "For sources that are version-aware, the revision to use.\n" }, "sshKey": { "type": "string", "description": "SSH key to use when authenticating to the source. This provider cannot perform drift detection of this configuration.\n", "secret": true }, "type": { "type": "string", "description": "The type of source to use. For example, \"archive\".\n" }, "url": { "type": "string", "description": "The URL where the cookbooks resource can be found.\n" }, "username": { "type": "string", "description": "Username to use when authenticating to the source.\n" } }, "type": "object", "required": [ "type", "url" ] }, "aws:opsworks/StaticWebLayerCloudwatchConfiguration:StaticWebLayerCloudwatchConfiguration": { "properties": { "enabled": { "type": "boolean" }, "logStreams": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerCloudwatchConfigurationLogStream:StaticWebLayerCloudwatchConfigurationLogStream" } } }, "type": "object" }, "aws:opsworks/StaticWebLayerCloudwatchConfigurationLogStream:StaticWebLayerCloudwatchConfigurationLogStream": { "properties": { "batchCount": { "type": "integer" }, "batchSize": { "type": "integer" }, "bufferDuration": { "type": "integer" }, "datetimeFormat": { "type": "string" }, "encoding": { "type": "string" }, "file": { "type": "string" }, "fileFingerprintLines": { "type": "string" }, "initialPosition": { "type": "string" }, "logGroupName": { "type": "string" }, "multilineStartPattern": { "type": "string" }, "timeZone": { "type": "string" } }, "type": "object", "required": [ "file", "logGroupName" ] }, "aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume": { "properties": { "encrypted": { "type": "boolean" }, "iops": { "type": "integer", "description": "For PIOPS volumes, the IOPS per disk.\n" }, "mountPoint": { "type": "string", "description": "The path to mount the EBS volume on the layer's instances.\n" }, "numberOfDisks": { "type": "integer", "description": "The number of disks to use for the EBS volume.\n" }, "raidLevel": { "type": "string", "description": "The RAID level to use for the volume.\n" }, "size": { "type": "integer", "description": "The size of the volume in gigabytes.\n" }, "type": { "type": "string", "description": "The type of volume to create. This may be `standard` (the default), `io1` or `gp2`.\n" } }, "type": "object", "required": [ "mountPoint", "numberOfDisks", "size" ] }, "aws:opsworks/StaticWebLayerLoadBasedAutoScaling:StaticWebLayerLoadBasedAutoScaling": { "properties": { "downscaling": { "$ref": "#/types/aws:opsworks/StaticWebLayerLoadBasedAutoScalingDownscaling:StaticWebLayerLoadBasedAutoScalingDownscaling" }, "enable": { "type": "boolean" }, "upscaling": { "$ref": "#/types/aws:opsworks/StaticWebLayerLoadBasedAutoScalingUpscaling:StaticWebLayerLoadBasedAutoScalingUpscaling" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "downscaling", "upscaling" ] } } }, "aws:opsworks/StaticWebLayerLoadBasedAutoScalingDownscaling:StaticWebLayerLoadBasedAutoScalingDownscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:opsworks/StaticWebLayerLoadBasedAutoScalingUpscaling:StaticWebLayerLoadBasedAutoScalingUpscaling": { "properties": { "alarms": { "type": "array", "items": { "type": "string" } }, "cpuThreshold": { "type": "number" }, "ignoreMetricsTime": { "type": "integer" }, "instanceCount": { "type": "integer" }, "loadThreshold": { "type": "number" }, "memoryThreshold": { "type": "number" }, "thresholdsWaitTime": { "type": "integer" } }, "type": "object" }, "aws:organizations/OrganizationAccount:OrganizationAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "email": { "type": "string", "description": "Email of the account\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name", "status" ] } } }, "aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "email": { "type": "string", "description": "Email of the account\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name", "status" ] } } }, "aws:organizations/OrganizationRoot:OrganizationRoot": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "policyTypes": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRootPolicyType:OrganizationRootPolicyType" }, "description": "List of policy types enabled for this root. All elements have these attributes:\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "id", "name", "policyTypes" ] } } }, "aws:organizations/OrganizationRootPolicyType:OrganizationRootPolicyType": { "properties": { "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" }, "type": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "status", "type" ] } } }, "aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "email": { "type": "string", "description": "Email of the account\n" }, "id": { "type": "string", "description": "Identifier of the organization unit\n" }, "name": { "type": "string", "description": "The name for the organizational unit\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "arn", "email", "id", "name" ] } } }, "aws:organizations/getDelegatedAdministratorsDelegatedAdministrator:getDelegatedAdministratorsDelegatedAdministrator": { "properties": { "arn": { "type": "string", "description": "The ARN of the delegated administrator's account.\n" }, "delegationEnabledDate": { "type": "string", "description": "The date when the account was made a delegated administrator.\n" }, "email": { "type": "string", "description": "The email address that is associated with the delegated administrator's AWS account.\n" }, "id": { "type": "string", "description": "The unique identifier (ID) of the delegated administrator's account.\n" }, "joinedMethod": { "type": "string", "description": "The method by which the delegated administrator's account joined the organization.\n" }, "joinedTimestamp": { "type": "string", "description": "The date when the delegated administrator's account became a part of the organization.\n" }, "name": { "type": "string", "description": "The friendly name of the delegated administrator's account.\n" }, "status": { "type": "string", "description": "The status of the delegated administrator's account in the organization.\n" } }, "type": "object", "required": [ "arn", "delegationEnabledDate", "email", "id", "joinedMethod", "joinedTimestamp", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getDelegatedServicesDelegatedService:getDelegatedServicesDelegatedService": { "properties": { "delegationEnabledDate": { "type": "string", "description": "The date that the account became a delegated administrator for this service.\n" }, "servicePrincipal": { "type": "string", "description": "The name of an AWS service that can request an operation for the specified service.\n" } }, "type": "object", "required": [ "delegationEnabledDate", "servicePrincipal" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationAccount:getOrganizationAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "email": { "type": "string", "description": "Email of the account\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationNonMasterAccount:getOrganizationNonMasterAccount": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "email": { "type": "string", "description": "Email of the account\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationRoot:getOrganizationRoot": { "properties": { "arn": { "type": "string", "description": "ARN of the root\n" }, "id": { "type": "string", "description": "Identifier of the root\n" }, "name": { "type": "string", "description": "The name of the policy type\n" }, "policyTypes": { "type": "array", "items": { "$ref": "#/types/aws:organizations/getOrganizationRootPolicyType:getOrganizationRootPolicyType" }, "description": "List of policy types enabled for this root. All elements have these attributes:\n" } }, "type": "object", "required": [ "arn", "id", "name", "policyTypes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationRootPolicyType:getOrganizationRootPolicyType": { "properties": { "status": { "type": "string", "description": "The status of the policy type as it relates to the associated root\n" }, "type": { "type": "string" } }, "type": "object", "required": [ "status", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationalUnitChildAccountsAccount:getOrganizationalUnitChildAccountsAccount": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account.\n" }, "email": { "type": "string", "description": "The email address associated with the AWS account.\n" }, "id": { "type": "string", "description": "Parent identifier of the organizational units.\n" }, "name": { "type": "string", "description": "The friendly name of the account.\n" }, "status": { "type": "string", "description": "The status of the account in the organization.\n" } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationalUnitDescendantAccountsAccount:getOrganizationalUnitDescendantAccountsAccount": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account.\n" }, "email": { "type": "string", "description": "The email address associated with the AWS account.\n" }, "id": { "type": "string", "description": "Parent identifier of the organizational units.\n" }, "name": { "type": "string", "description": "The friendly name of the account.\n" }, "status": { "type": "string", "description": "The status of the account in the organization.\n" } }, "type": "object", "required": [ "arn", "email", "id", "name", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:organizations/getOrganizationalUnitsChild:getOrganizationalUnitsChild": { "properties": { "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "id": { "type": "string", "description": "Parent identifier of the organizational units.\n" }, "name": { "type": "string", "description": "Name of the organizational unit\n" } }, "type": "object", "required": [ "arn", "id", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:paymentcryptography/KeyKeyAttributes:KeyKeyAttributes": { "properties": { "keyAlgorithm": { "type": "string", "description": "Key algorithm to be use during creation of an AWS Payment Cryptography key.\n" }, "keyClass": { "type": "string", "description": "Type of AWS Payment Cryptography key to create.\n" }, "keyModesOfUse": { "$ref": "#/types/aws:paymentcryptography/KeyKeyAttributesKeyModesOfUse:KeyKeyAttributesKeyModesOfUse", "description": "List of cryptographic operations that you can perform using the key.\n" }, "keyUsage": { "type": "string", "description": "Cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec.\n" } }, "type": "object", "required": [ "keyAlgorithm", "keyClass", "keyUsage" ] }, "aws:paymentcryptography/KeyKeyAttributesKeyModesOfUse:KeyKeyAttributesKeyModesOfUse": { "properties": { "decrypt": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to decrypt data.\n" }, "deriveKey": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to derive new keys.\n" }, "encrypt": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to encrypt data.\n" }, "generate": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.\n" }, "noRestrictions": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by KeyUsage.\n" }, "sign": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used for signing.\n" }, "unwrap": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to unwrap other keys.\n" }, "verify": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to verify signatures.\n" }, "wrap": { "type": "boolean", "description": "Whether an AWS Payment Cryptography key can be used to wrap other keys.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "decrypt", "deriveKey", "encrypt", "generate", "noRestrictions", "sign", "unwrap", "verify", "wrap" ] } } }, "aws:paymentcryptography/KeyTimeouts:KeyTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:pinpoint/AppCampaignHook:AppCampaignHook": { "properties": { "lambdaFunctionName": { "type": "string", "description": "Lambda function name or ARN to be called for delivery. Conflicts with `web_url`\n" }, "mode": { "type": "string", "description": "What mode Lambda should be invoked in. Valid values for this parameter are `DELIVERY`, `FILTER`.\n" }, "webUrl": { "type": "string", "description": "Web URL to call for hook. If the URL has authentication specified it will be added as authentication to the request. Conflicts with `lambda_function_name`\n" } }, "type": "object" }, "aws:pinpoint/AppLimits:AppLimits": { "properties": { "daily": { "type": "integer", "description": "The maximum number of messages that the campaign can send daily.\n" }, "maximumDuration": { "type": "integer", "description": "The length of time (in seconds) that the campaign can run before it ends and message deliveries stop. This duration begins at the scheduled start time for the campaign. The minimum value is 60.\n" }, "messagesPerSecond": { "type": "integer", "description": "The number of messages that the campaign can send per second. The minimum value is 50, and the maximum is 20000.\n" }, "total": { "type": "integer", "description": "The maximum total number of messages that the campaign can send.\n" } }, "type": "object" }, "aws:pinpoint/AppQuietTime:AppQuietTime": { "properties": { "end": { "type": "string", "description": "The default end time for quiet time in ISO 8601 format. Required if `start` is set\n" }, "start": { "type": "string", "description": "The default start time for quiet time in ISO 8601 format. Required if `end` is set\n" } }, "type": "object" }, "aws:pipes/PipeEnrichmentParameters:PipeEnrichmentParameters": { "properties": { "httpParameters": { "$ref": "#/types/aws:pipes/PipeEnrichmentParametersHttpParameters:PipeEnrichmentParametersHttpParameters", "description": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination. If you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence. Detailed below.\n" }, "inputTemplate": { "type": "string", "description": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. Maximum length of 8192 characters.\n" } }, "type": "object" }, "aws:pipes/PipeEnrichmentParametersHttpParameters:PipeEnrichmentParametersHttpParameters": { "properties": { "headerParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "pathParameterValues": { "type": "string" }, "queryStringParameters": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "aws:pipes/PipeLogConfiguration:PipeLogConfiguration": { "properties": { "cloudwatchLogsLogDestination": { "$ref": "#/types/aws:pipes/PipeLogConfigurationCloudwatchLogsLogDestination:PipeLogConfigurationCloudwatchLogsLogDestination", "description": "Amazon CloudWatch Logs logging configuration settings for the pipe. Detailed below.\n" }, "firehoseLogDestination": { "$ref": "#/types/aws:pipes/PipeLogConfigurationFirehoseLogDestination:PipeLogConfigurationFirehoseLogDestination", "description": "Amazon Kinesis Data Firehose logging configuration settings for the pipe. Detailed below.\n" }, "level": { "type": "string", "description": "The level of logging detail to include. Valid values `OFF`, `ERROR`, `INFO` and `TRACE`.\n" }, "s3LogDestination": { "$ref": "#/types/aws:pipes/PipeLogConfigurationS3LogDestination:PipeLogConfigurationS3LogDestination", "description": "Amazon S3 logging configuration settings for the pipe. Detailed below.\n" } }, "type": "object", "required": [ "level" ] }, "aws:pipes/PipeLogConfigurationCloudwatchLogsLogDestination:PipeLogConfigurationCloudwatchLogsLogDestination": { "properties": { "logGroupArn": { "type": "string", "description": "Amazon Web Services Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.\n" } }, "type": "object", "required": [ "logGroupArn" ] }, "aws:pipes/PipeLogConfigurationFirehoseLogDestination:PipeLogConfigurationFirehoseLogDestination": { "properties": { "deliveryStreamArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Kinesis Data Firehose delivery stream to which EventBridge delivers the pipe log records.\n" } }, "type": "object", "required": [ "deliveryStreamArn" ] }, "aws:pipes/PipeLogConfigurationS3LogDestination:PipeLogConfigurationS3LogDestination": { "properties": { "bucketName": { "type": "string", "description": "Name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.\n" }, "bucketOwner": { "type": "string", "description": "Amazon Web Services account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.\n" }, "outputFormat": { "type": "string", "description": "EventBridge format for the log records. Valid values `json`, `plain` and `w3c`.\n" }, "prefix": { "type": "string", "description": "Prefix text with which to begin Amazon S3 log object names.\n" } }, "type": "object", "required": [ "bucketName", "bucketOwner" ] }, "aws:pipes/PipeSourceParameters:PipeSourceParameters": { "properties": { "activemqBrokerParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersActivemqBrokerParameters:PipeSourceParametersActivemqBrokerParameters", "description": "The parameters for using an Active MQ broker as a source. Detailed below.\n" }, "dynamodbStreamParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersDynamodbStreamParameters:PipeSourceParametersDynamodbStreamParameters", "description": "The parameters for using a DynamoDB stream as a source. Detailed below.\n" }, "filterCriteria": { "$ref": "#/types/aws:pipes/PipeSourceParametersFilterCriteria:PipeSourceParametersFilterCriteria", "description": "The collection of event patterns used to [filter events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-filtering.html). Detailed below.\n" }, "kinesisStreamParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersKinesisStreamParameters:PipeSourceParametersKinesisStreamParameters", "description": "The parameters for using a Kinesis stream as a source. Detailed below.\n" }, "managedStreamingKafkaParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersManagedStreamingKafkaParameters:PipeSourceParametersManagedStreamingKafkaParameters", "description": "The parameters for using an MSK stream as a source. Detailed below.\n" }, "rabbitmqBrokerParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersRabbitmqBrokerParameters:PipeSourceParametersRabbitmqBrokerParameters", "description": "The parameters for using a Rabbit MQ broker as a source. Detailed below.\n" }, "selfManagedKafkaParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersSelfManagedKafkaParameters:PipeSourceParametersSelfManagedKafkaParameters", "description": "The parameters for using a self-managed Apache Kafka stream as a source. Detailed below.\n" }, "sqsQueueParameters": { "$ref": "#/types/aws:pipes/PipeSourceParametersSqsQueueParameters:PipeSourceParametersSqsQueueParameters", "description": "The parameters for using a Amazon SQS stream as a source. Detailed below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "activemqBrokerParameters", "dynamodbStreamParameters", "kinesisStreamParameters", "managedStreamingKafkaParameters", "rabbitmqBrokerParameters", "selfManagedKafkaParameters", "sqsQueueParameters" ] } } }, "aws:pipes/PipeSourceParametersActivemqBrokerParameters:PipeSourceParametersActivemqBrokerParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "credentials": { "$ref": "#/types/aws:pipes/PipeSourceParametersActivemqBrokerParametersCredentials:PipeSourceParametersActivemqBrokerParametersCredentials", "description": "The credentials needed to access the resource. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "queueName": { "type": "string", "description": "The name of the destination queue to consume. Maximum length of 1000.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "credentials", "queueName" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "credentials", "maximumBatchingWindowInSeconds", "queueName" ] } } }, "aws:pipes/PipeSourceParametersActivemqBrokerParametersCredentials:PipeSourceParametersActivemqBrokerParametersCredentials": { "properties": { "basicAuth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" } }, "type": "object", "required": [ "basicAuth" ] }, "aws:pipes/PipeSourceParametersDynamodbStreamParameters:PipeSourceParametersDynamodbStreamParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:pipes/PipeSourceParametersDynamodbStreamParametersDeadLetterConfig:PipeSourceParametersDynamodbStreamParametersDeadLetterConfig", "description": "Define the target queue to send dead-letter queue events to. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "maximumRecordAgeInSeconds": { "type": "integer", "description": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records. Maximum value of 604,800.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source. Maximum value of 10,000.\n" }, "onPartialBatchItemFailure": { "type": "string", "description": "Define how to handle item process failures. AUTOMATIC_BISECT halves each batch and retry each half until all the records are processed or there is one failed message left in the batch. Valid values: AUTOMATIC_BISECT.\n" }, "parallelizationFactor": { "type": "integer", "description": "The number of batches to process concurrently from each shard. The default value is 1. Maximum value of 10.\n" }, "startingPosition": { "type": "string", "description": "The position in a stream from which to start reading. Valid values: TRIM_HORIZON, LATEST.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "startingPosition" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "maximumBatchingWindowInSeconds", "maximumRecordAgeInSeconds", "parallelizationFactor", "startingPosition" ] } } }, "aws:pipes/PipeSourceParametersDynamodbStreamParametersDeadLetterConfig:PipeSourceParametersDynamodbStreamParametersDeadLetterConfig": { "properties": { "arn": { "type": "string", "description": "ARN of this pipe.\n" } }, "type": "object" }, "aws:pipes/PipeSourceParametersFilterCriteria:PipeSourceParametersFilterCriteria": { "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeSourceParametersFilterCriteriaFilter:PipeSourceParametersFilterCriteriaFilter" }, "description": "An array of up to 5 event patterns. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeSourceParametersFilterCriteriaFilter:PipeSourceParametersFilterCriteriaFilter": { "properties": { "pattern": { "type": "string", "description": "The event pattern. At most 4096 characters.\n" } }, "type": "object", "required": [ "pattern" ] }, "aws:pipes/PipeSourceParametersKinesisStreamParameters:PipeSourceParametersKinesisStreamParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:pipes/PipeSourceParametersKinesisStreamParametersDeadLetterConfig:PipeSourceParametersKinesisStreamParametersDeadLetterConfig", "description": "Define the target queue to send dead-letter queue events to. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "maximumRecordAgeInSeconds": { "type": "integer", "description": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records. Maximum value of 604,800.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source. Maximum value of 10,000.\n" }, "onPartialBatchItemFailure": { "type": "string", "description": "Define how to handle item process failures. AUTOMATIC_BISECT halves each batch and retry each half until all the records are processed or there is one failed message left in the batch. Valid values: AUTOMATIC_BISECT.\n" }, "parallelizationFactor": { "type": "integer", "description": "The number of batches to process concurrently from each shard. The default value is 1. Maximum value of 10.\n" }, "startingPosition": { "type": "string", "description": "The position in a stream from which to start reading. Valid values: TRIM_HORIZON, LATEST.\n", "willReplaceOnChanges": true }, "startingPositionTimestamp": { "type": "string", "description": "With StartingPosition set to AT_TIMESTAMP, the time from which to start reading, in Unix time seconds.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "startingPosition" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "maximumBatchingWindowInSeconds", "maximumRecordAgeInSeconds", "parallelizationFactor", "startingPosition" ] } } }, "aws:pipes/PipeSourceParametersKinesisStreamParametersDeadLetterConfig:PipeSourceParametersKinesisStreamParametersDeadLetterConfig": { "properties": { "arn": { "type": "string", "description": "ARN of this pipe.\n" } }, "type": "object" }, "aws:pipes/PipeSourceParametersManagedStreamingKafkaParameters:PipeSourceParametersManagedStreamingKafkaParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "consumerGroupId": { "type": "string", "description": "The name of the destination queue to consume. Maximum value of 200.\n" }, "credentials": { "$ref": "#/types/aws:pipes/PipeSourceParametersManagedStreamingKafkaParametersCredentials:PipeSourceParametersManagedStreamingKafkaParametersCredentials", "description": "The credentials needed to access the resource. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "startingPosition": { "type": "string", "description": "The position in a stream from which to start reading. Valid values: TRIM_HORIZON, LATEST.\n", "willReplaceOnChanges": true }, "topicName": { "type": "string", "description": "The name of the topic that the pipe will read from. Maximum length of 249.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "topicName" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "maximumBatchingWindowInSeconds", "topicName" ] } } }, "aws:pipes/PipeSourceParametersManagedStreamingKafkaParametersCredentials:PipeSourceParametersManagedStreamingKafkaParametersCredentials": { "properties": { "clientCertificateTlsAuth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" }, "saslScram512Auth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" } }, "type": "object" }, "aws:pipes/PipeSourceParametersRabbitmqBrokerParameters:PipeSourceParametersRabbitmqBrokerParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "credentials": { "$ref": "#/types/aws:pipes/PipeSourceParametersRabbitmqBrokerParametersCredentials:PipeSourceParametersRabbitmqBrokerParametersCredentials", "description": "The credentials needed to access the resource. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "queueName": { "type": "string", "description": "The name of the destination queue to consume. Maximum length of 1000.\n", "willReplaceOnChanges": true }, "virtualHost": { "type": "string", "description": "The name of the virtual host associated with the source broker. Maximum length of 200.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "credentials", "queueName" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "credentials", "maximumBatchingWindowInSeconds", "queueName" ] } } }, "aws:pipes/PipeSourceParametersRabbitmqBrokerParametersCredentials:PipeSourceParametersRabbitmqBrokerParametersCredentials": { "properties": { "basicAuth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" } }, "type": "object", "required": [ "basicAuth" ] }, "aws:pipes/PipeSourceParametersSelfManagedKafkaParameters:PipeSourceParametersSelfManagedKafkaParameters": { "properties": { "additionalBootstrapServers": { "type": "array", "items": { "type": "string" }, "description": "An array of server URLs. Maximum number of 2 items, each of maximum length 300.\n", "willReplaceOnChanges": true }, "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "consumerGroupId": { "type": "string", "description": "The name of the destination queue to consume. Maximum value of 200.\n", "willReplaceOnChanges": true }, "credentials": { "$ref": "#/types/aws:pipes/PipeSourceParametersSelfManagedKafkaParametersCredentials:PipeSourceParametersSelfManagedKafkaParametersCredentials", "description": "The credentials needed to access the resource. Detailed below.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" }, "serverRootCaCertificate": { "type": "string", "description": "The ARN of the Secrets Manager secret used for certification.\n" }, "startingPosition": { "type": "string", "description": "The position in a stream from which to start reading. Valid values: TRIM_HORIZON, LATEST.\n", "willReplaceOnChanges": true }, "topicName": { "type": "string", "description": "The name of the topic that the pipe will read from. Maximum length of 249.\n", "willReplaceOnChanges": true }, "vpc": { "$ref": "#/types/aws:pipes/PipeSourceParametersSelfManagedKafkaParametersVpc:PipeSourceParametersSelfManagedKafkaParametersVpc", "description": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used. Detailed below.\n" } }, "type": "object", "required": [ "topicName" ], "language": { "nodejs": { "requiredOutputs": [ "batchSize", "maximumBatchingWindowInSeconds", "topicName" ] } } }, "aws:pipes/PipeSourceParametersSelfManagedKafkaParametersCredentials:PipeSourceParametersSelfManagedKafkaParametersCredentials": { "properties": { "basicAuth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" }, "clientCertificateTlsAuth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" }, "saslScram256Auth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" }, "saslScram512Auth": { "type": "string", "description": "The ARN of the Secrets Manager secret containing the credentials.\n" } }, "type": "object" }, "aws:pipes/PipeSourceParametersSelfManagedKafkaParametersVpc:PipeSourceParametersSelfManagedKafkaParametersVpc": { "properties": { "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnets": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:pipes/PipeSourceParametersSqsQueueParameters:PipeSourceParametersSqsQueueParameters": { "properties": { "batchSize": { "type": "integer", "description": "The maximum number of records to include in each batch. Maximum value of 10000.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum length of a time to wait for events. Maximum value of 300.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "batchSize", "maximumBatchingWindowInSeconds" ] } } }, "aws:pipes/PipeTargetParameters:PipeTargetParameters": { "properties": { "batchJobParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParameters:PipeTargetParametersBatchJobParameters", "description": "The parameters for using an AWS Batch job as a target. Detailed below.\n" }, "cloudwatchLogsParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersCloudwatchLogsParameters:PipeTargetParametersCloudwatchLogsParameters", "description": "The parameters for using an CloudWatch Logs log stream as a target. Detailed below.\n" }, "ecsTaskParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParameters:PipeTargetParametersEcsTaskParameters", "description": "The parameters for using an Amazon ECS task as a target. Detailed below.\n" }, "eventbridgeEventBusParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersEventbridgeEventBusParameters:PipeTargetParametersEventbridgeEventBusParameters", "description": "The parameters for using an EventBridge event bus as a target. Detailed below.\n" }, "httpParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersHttpParameters:PipeTargetParametersHttpParameters", "description": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations. Detailed below.\n" }, "inputTemplate": { "type": "string", "description": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. Maximum length of 8192 characters.\n" }, "kinesisStreamParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersKinesisStreamParameters:PipeTargetParametersKinesisStreamParameters", "description": "The parameters for using a Kinesis stream as a source. Detailed below.\n" }, "lambdaFunctionParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersLambdaFunctionParameters:PipeTargetParametersLambdaFunctionParameters", "description": "The parameters for using a Lambda function as a target. Detailed below.\n" }, "redshiftDataParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersRedshiftDataParameters:PipeTargetParametersRedshiftDataParameters", "description": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement. Detailed below.\n" }, "sagemakerPipelineParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersSagemakerPipelineParameters:PipeTargetParametersSagemakerPipelineParameters", "description": "The parameters for using a SageMaker pipeline as a target. Detailed below.\n" }, "sqsQueueParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersSqsQueueParameters:PipeTargetParametersSqsQueueParameters", "description": "The parameters for using a Amazon SQS stream as a target. Detailed below.\n" }, "stepFunctionStateMachineParameters": { "$ref": "#/types/aws:pipes/PipeTargetParametersStepFunctionStateMachineParameters:PipeTargetParametersStepFunctionStateMachineParameters", "description": "The parameters for using a Step Functions state machine as a target. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersBatchJobParameters:PipeTargetParametersBatchJobParameters": { "properties": { "arrayProperties": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersArrayProperties:PipeTargetParametersBatchJobParametersArrayProperties", "description": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job. Detailed below.\n" }, "containerOverrides": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersContainerOverrides:PipeTargetParametersBatchJobParametersContainerOverrides", "description": "The overrides that are sent to a container. Detailed below.\n" }, "dependsOns": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersDependsOn:PipeTargetParametersBatchJobParametersDependsOn" }, "description": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a SEQUENTIAL type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an N_TO_N type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin. Detailed below.\n" }, "jobDefinition": { "type": "string", "description": "The job definition used by this job. This value can be one of name, name:revision, or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.\n" }, "jobName": { "type": "string", "description": "The name of the job. It can be up to 128 letters long.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition. Detailed below.\n" }, "retryStrategy": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersRetryStrategy:PipeTargetParametersBatchJobParametersRetryStrategy", "description": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition. Detailed below.\n" } }, "type": "object", "required": [ "jobDefinition", "jobName" ] }, "aws:pipes/PipeTargetParametersBatchJobParametersArrayProperties:PipeTargetParametersBatchJobParametersArrayProperties": { "properties": { "size": { "type": "integer", "description": "The size of the array, if this is an array batch job. Minimum value of 2. Maximum value of 10,000.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersBatchJobParametersContainerOverrides:PipeTargetParametersBatchJobParametersContainerOverrides": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "List of commands to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersContainerOverridesEnvironment:PipeTargetParametersBatchJobParametersContainerOverridesEnvironment" }, "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name. Detailed below.\n" }, "instanceType": { "type": "string", "description": "The instance type to use for a multi-node parallel job. This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.\n" }, "resourceRequirements": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersBatchJobParametersContainerOverridesResourceRequirement:PipeTargetParametersBatchJobParametersContainerOverridesResourceRequirement" }, "description": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersBatchJobParametersContainerOverridesEnvironment:PipeTargetParametersBatchJobParametersContainerOverridesEnvironment": { "properties": { "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersBatchJobParametersContainerOverridesResourceRequirement:PipeTargetParametersBatchJobParametersContainerOverridesResourceRequirement": { "properties": { "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:pipes/PipeTargetParametersBatchJobParametersDependsOn:PipeTargetParametersBatchJobParametersDependsOn": { "properties": { "jobId": { "type": "string", "description": "The job ID of the AWS Batch job that's associated with this dependency.\n" }, "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersBatchJobParametersRetryStrategy:PipeTargetParametersBatchJobParametersRetryStrategy": { "properties": { "attempts": { "type": "integer", "description": "The number of times to move a job to the RUNNABLE status. If the value of attempts is greater than one, the job is retried on failure the same number of attempts as the value. Maximum value of 10.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersCloudwatchLogsParameters:PipeTargetParametersCloudwatchLogsParameters": { "properties": { "logStreamName": { "type": "string", "description": "The name of the log stream.\n" }, "timestamp": { "type": "string", "description": "The time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. This is the JSON path to the field in the event e.g. $.detail.timestamp\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParameters:PipeTargetParametersEcsTaskParameters": { "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersCapacityProviderStrategy:PipeTargetParametersEcsTaskParametersCapacityProviderStrategy" }, "description": "List of capacity provider strategies to use for the task. If a capacityProviderStrategy is specified, the launchType parameter must be omitted. If no capacityProviderStrategy or launchType is specified, the defaultCapacityProviderStrategy for the cluster is used. Detailed below.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the task. Valid values: true, false.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. Valid values: true, false.\n" }, "group": { "type": "string", "description": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.\n" }, "launchType": { "type": "string", "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The FARGATE value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. Valid Values: EC2, FARGATE, EXTERNAL\n" }, "networkConfiguration": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersNetworkConfiguration:PipeTargetParametersEcsTaskParametersNetworkConfiguration", "description": "Use this structure if the Amazon ECS task uses the awsvpc network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if LaunchType is FARGATE because the awsvpc mode is required for Fargate tasks. If you specify NetworkConfiguration when the target ECS task does not use the awsvpc network mode, the task fails. Detailed below.\n" }, "overrides": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverrides:PipeTargetParametersEcsTaskParametersOverrides", "description": "The overrides that are associated with a task. Detailed below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersPlacementConstraint:PipeTargetParametersEcsTaskParametersPlacementConstraint" }, "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). Detailed below.\n" }, "placementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersPlacementStrategy:PipeTargetParametersEcsTaskParametersPlacementStrategy" }, "description": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. Detailed below.\n" }, "platformVersion": { "type": "string", "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This structure is used only if LaunchType is FARGATE.\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action. Valid Values: TASK_DEFINITION\n" }, "referenceId": { "type": "string", "description": "The reference ID to use for the task. Maximum length of 1,024.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taskCount": { "type": "integer", "description": "The number of tasks to create based on TaskDefinition. The default is 1.\n" }, "taskDefinitionArn": { "type": "string", "description": "The ARN of the task definition to use if the event target is an Amazon ECS task.\n" } }, "type": "object", "required": [ "taskDefinitionArn" ] }, "aws:pipes/PipeTargetParametersEcsTaskParametersCapacityProviderStrategy:PipeTargetParametersEcsTaskParametersCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used. Maximum value of 100,000.\n" }, "capacityProvider": { "type": "string", "description": "The short name of the capacity provider. Maximum value of 255.\n" }, "weight": { "type": "integer", "description": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. Maximum value of 1,000.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:pipes/PipeTargetParametersEcsTaskParametersNetworkConfiguration:PipeTargetParametersEcsTaskParametersNetworkConfiguration": { "properties": { "awsVpcConfiguration": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersNetworkConfigurationAwsVpcConfiguration:PipeTargetParametersEcsTaskParametersNetworkConfigurationAwsVpcConfiguration", "description": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersNetworkConfigurationAwsVpcConfiguration:PipeTargetParametersEcsTaskParametersNetworkConfigurationAwsVpcConfiguration": { "properties": { "assignPublicIp": { "type": "string", "description": "Specifies whether the task's elastic network interface receives a public IP address. You can specify ENABLED only when LaunchType in EcsParameters is set to FARGATE. Valid Values: ENABLED, DISABLED.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" } }, "subnets": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverrides:PipeTargetParametersEcsTaskParametersOverrides": { "properties": { "containerOverrides": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverride:PipeTargetParametersEcsTaskParametersOverridesContainerOverride" }, "description": "One or more container overrides that are sent to a task. Detailed below.\n" }, "cpu": { "type": "string", "description": "The number of cpu units reserved for the container, instead of the default value from the task definition. You must also specify a container name.\n" }, "ephemeralStorage": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesEphemeralStorage:PipeTargetParametersEcsTaskParametersOverridesEphemeralStorage", "description": "The ephemeral storage setting override for the task. Detailed below.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task.\n" }, "inferenceAcceleratorOverrides": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesInferenceAcceleratorOverride:PipeTargetParametersEcsTaskParametersOverridesInferenceAcceleratorOverride" }, "description": "List of Elastic Inference accelerator overrides for the task. Detailed below.\n" }, "memory": { "type": "string", "description": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.\n" }, "taskRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverride:PipeTargetParametersEcsTaskParametersOverridesContainerOverride": { "properties": { "commands": { "type": "array", "items": { "type": "string" }, "description": "List of commands to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.\n" }, "cpu": { "type": "integer", "description": "The number of cpu units reserved for the container, instead of the default value from the task definition. You must also specify a container name.\n" }, "environmentFiles": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironmentFile:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironmentFile" }, "description": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition. Detailed below.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironment:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironment" }, "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name. Detailed below.\n" }, "memory": { "type": "integer", "description": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.\n" }, "memoryReservation": { "type": "integer", "description": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.\n" }, "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "resourceRequirements": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideResourceRequirement:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideResourceRequirement" }, "description": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironment:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironment": { "properties": { "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironmentFile:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideEnvironmentFile": { "properties": { "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesContainerOverrideResourceRequirement:PipeTargetParametersEcsTaskParametersOverridesContainerOverrideResourceRequirement": { "properties": { "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesEphemeralStorage:PipeTargetParametersEcsTaskParametersOverridesEphemeralStorage": { "properties": { "sizeInGib": { "type": "integer", "description": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is 21 GiB and the maximum supported value is 200 GiB.\n" } }, "type": "object", "required": [ "sizeInGib" ] }, "aws:pipes/PipeTargetParametersEcsTaskParametersOverridesInferenceAcceleratorOverride:PipeTargetParametersEcsTaskParametersOverridesInferenceAcceleratorOverride": { "properties": { "deviceName": { "type": "string", "description": "The Elastic Inference accelerator device name to override for the task. This parameter must match a deviceName specified in the task definition.\n" }, "deviceType": { "type": "string", "description": "The Elastic Inference accelerator type to use.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersPlacementConstraint:PipeTargetParametersEcsTaskParametersPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is distinctInstance. Maximum length of 2,000.\n" }, "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEcsTaskParametersPlacementStrategy:PipeTargetParametersEcsTaskParametersPlacementStrategy": { "properties": { "field": { "type": "string", "description": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used. Maximum length of 255.\n" }, "type": { "type": "string", "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). Valid Values: random, spread, binpack.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersEventbridgeEventBusParameters:PipeTargetParametersEventbridgeEventBusParameters": { "properties": { "detailType": { "type": "string", "description": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.\n" }, "endpointId": { "type": "string", "description": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is abcde.veo.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "List of AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.\n" }, "source": { "type": "string", "description": "Source resource of the pipe. This field typically requires an ARN (Amazon Resource Name). However, when using a self-managed Kafka cluster, you should use a different format. Instead of an ARN, use 'smk://' followed by the bootstrap server's address.\n" }, "time": { "type": "string", "description": "The time stamp of the event, per RFC3339. If no time stamp is provided, the time stamp of the PutEvents call is used. This is the JSON path to the field in the event e.g. $.detail.timestamp\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersHttpParameters:PipeTargetParametersHttpParameters": { "properties": { "headerParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "pathParameterValues": { "type": "string" }, "queryStringParameters": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "aws:pipes/PipeTargetParametersKinesisStreamParameters:PipeTargetParametersKinesisStreamParameters": { "properties": { "partitionKey": { "type": "string", "description": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.\n" } }, "type": "object", "required": [ "partitionKey" ] }, "aws:pipes/PipeTargetParametersLambdaFunctionParameters:PipeTargetParametersLambdaFunctionParameters": { "properties": { "invocationType": { "type": "string", "description": "Specify whether to invoke the function synchronously or asynchronously. Valid Values: REQUEST_RESPONSE, FIRE_AND_FORGET.\n" } }, "type": "object", "required": [ "invocationType" ] }, "aws:pipes/PipeTargetParametersRedshiftDataParameters:PipeTargetParametersRedshiftDataParameters": { "properties": { "database": { "type": "string", "description": "The name of the database. Required when authenticating using temporary credentials.\n" }, "dbUser": { "type": "string", "description": "The database user name. Required when authenticating using temporary credentials.\n" }, "secretManagerArn": { "type": "string", "description": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.\n" }, "sqls": { "type": "array", "items": { "type": "string" }, "description": "List of SQL statements text to run, each of maximum length of 100,000.\n" }, "statementName": { "type": "string", "description": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.\n" }, "withEvent": { "type": "boolean", "description": "Indicates whether to send an event back to EventBridge after the SQL statement runs.\n" } }, "type": "object", "required": [ "database", "sqls" ] }, "aws:pipes/PipeTargetParametersSagemakerPipelineParameters:PipeTargetParametersSagemakerPipelineParameters": { "properties": { "pipelineParameters": { "type": "array", "items": { "$ref": "#/types/aws:pipes/PipeTargetParametersSagemakerPipelineParametersPipelineParameter:PipeTargetParametersSagemakerPipelineParametersPipelineParameter" }, "description": "List of Parameter names and values for SageMaker Model Building Pipeline execution. Detailed below.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersSagemakerPipelineParametersPipelineParameter:PipeTargetParametersSagemakerPipelineParametersPipelineParameter": { "properties": { "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline. Maximum length of 1024.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:pipes/PipeTargetParametersSqsQueueParameters:PipeTargetParametersSqsQueueParameters": { "properties": { "messageDeduplicationId": { "type": "string", "description": "This parameter applies only to FIFO (first-in-first-out) queues. The token used for deduplication of sent messages.\n" }, "messageGroupId": { "type": "string", "description": "The FIFO message group ID to use as the target.\n" } }, "type": "object" }, "aws:pipes/PipeTargetParametersStepFunctionStateMachineParameters:PipeTargetParametersStepFunctionStateMachineParameters": { "properties": { "invocationType": { "type": "string", "description": "Specify whether to invoke the function synchronously or asynchronously. Valid Values: REQUEST_RESPONSE, FIRE_AND_FORGET.\n" } }, "type": "object", "required": [ "invocationType" ] }, "aws:polly/getVoicesVoice:getVoicesVoice": { "properties": { "additionalLanguageCodes": { "type": "array", "items": { "type": "string" }, "description": "Additional codes for languages available for the specified voice in addition to its default language.\n" }, "gender": { "type": "string", "description": "Gender of the voice.\n" }, "id": { "type": "string", "description": "Amazon Polly assigned voice ID.\n" }, "languageCode": { "type": "string", "description": "Language identification tag for filtering the list of voices returned. If not specified, all available voices are returned.\n" }, "languageName": { "type": "string", "description": "Human readable name of the language in English.\n" }, "name": { "type": "string", "description": "Name of the voice.\n" }, "supportedEngines": { "type": "array", "items": { "type": "string" }, "description": "Specifies which engines are supported by a given voice.\n" } }, "type": "object", "required": [ "additionalLanguageCodes", "gender", "id", "languageCode", "languageName", "name", "supportedEngines" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:pricing/getProductFilter:getProductFilter": { "properties": { "field": { "type": "string", "description": "Product attribute name that you want to filter on.\n" }, "value": { "type": "string", "description": "Product attribute value that you want to filter on.\n" } }, "type": "object", "required": [ "field", "value" ] }, "aws:qldb/StreamKinesisConfiguration:StreamKinesisConfiguration": { "properties": { "aggregationEnabled": { "type": "boolean", "description": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call. Default: `true`.\n", "willReplaceOnChanges": true }, "streamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "streamArn" ] }, "aws:quicksight/AnalysisParameters:AnalysisParameters": { "properties": { "dateTimeParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisParametersDateTimeParameter:AnalysisParametersDateTimeParameter" }, "description": "A list of parameters that have a data type of date-time. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DateTimeParameter.html).\n" }, "decimalParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisParametersDecimalParameter:AnalysisParametersDecimalParameter" }, "description": "A list of parameters that have a data type of decimal. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DecimalParameter.html).\n" }, "integerParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisParametersIntegerParameter:AnalysisParametersIntegerParameter" }, "description": "A list of parameters that have a data type of integer. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_IntegerParameter.html).\n" }, "stringParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisParametersStringParameter:AnalysisParametersStringParameter" }, "description": "A list of parameters that have a data type of string. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StringParameter.html).\n" } }, "type": "object" }, "aws:quicksight/AnalysisParametersDateTimeParameter:AnalysisParametersDateTimeParameter": { "properties": { "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/AnalysisParametersDecimalParameter:AnalysisParametersDecimalParameter": { "properties": { "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "values": { "type": "array", "items": { "type": "number" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/AnalysisParametersIntegerParameter:AnalysisParametersIntegerParameter": { "properties": { "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "values": { "type": "array", "items": { "type": "integer" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/AnalysisParametersStringParameter:AnalysisParametersStringParameter": { "properties": { "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/AnalysisPermission:AnalysisPermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/AnalysisSourceEntity:AnalysisSourceEntity": { "properties": { "sourceTemplate": { "$ref": "#/types/aws:quicksight/AnalysisSourceEntitySourceTemplate:AnalysisSourceEntitySourceTemplate", "description": "The source template. See source_template.\n" } }, "type": "object" }, "aws:quicksight/AnalysisSourceEntitySourceTemplate:AnalysisSourceEntitySourceTemplate": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource.\n" }, "dataSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisSourceEntitySourceTemplateDataSetReference:AnalysisSourceEntitySourceTemplateDataSetReference" }, "description": "List of dataset references. See data_set_references.\n" } }, "type": "object", "required": [ "arn", "dataSetReferences" ] }, "aws:quicksight/AnalysisSourceEntitySourceTemplateDataSetReference:AnalysisSourceEntitySourceTemplateDataSetReference": { "properties": { "dataSetArn": { "type": "string", "description": "Dataset Amazon Resource Name (ARN).\n" }, "dataSetPlaceholder": { "type": "string", "description": "Dataset placeholder.\n" } }, "type": "object", "required": [ "dataSetArn", "dataSetPlaceholder" ] }, "aws:quicksight/DashboardDashboardPublishOptions:DashboardDashboardPublishOptions": { "properties": { "adHocFilteringOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsAdHocFilteringOption:DashboardDashboardPublishOptionsAdHocFilteringOption", "description": "Ad hoc (one-time) filtering option. See ad_hoc_filtering_option.\n" }, "dataPointDrillUpDownOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsDataPointDrillUpDownOption:DashboardDashboardPublishOptionsDataPointDrillUpDownOption", "description": "The drill-down options of data points in a dashboard. See data_point_drill_up_down_option.\n" }, "dataPointMenuLabelOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsDataPointMenuLabelOption:DashboardDashboardPublishOptionsDataPointMenuLabelOption", "description": "The data point menu label options of a dashboard. See data_point_menu_label_option.\n" }, "dataPointTooltipOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsDataPointTooltipOption:DashboardDashboardPublishOptionsDataPointTooltipOption", "description": "The data point tool tip options of a dashboard. See data_point_tooltip_option.\n" }, "exportToCsvOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsExportToCsvOption:DashboardDashboardPublishOptionsExportToCsvOption", "description": "Export to .csv option. See export_to_csv_option.\n" }, "exportWithHiddenFieldsOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsExportWithHiddenFieldsOption:DashboardDashboardPublishOptionsExportWithHiddenFieldsOption", "description": "Determines if hidden fields are exported with a dashboard. See export_with_hidden_fields_option.\n" }, "sheetControlsOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsSheetControlsOption:DashboardDashboardPublishOptionsSheetControlsOption", "description": "Sheet controls option. See sheet_controls_option.\n" }, "sheetLayoutElementMaximizationOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsSheetLayoutElementMaximizationOption:DashboardDashboardPublishOptionsSheetLayoutElementMaximizationOption", "description": "The sheet layout maximization options of a dashboard. See sheet_layout_element_maximization_option.\n" }, "visualAxisSortOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsVisualAxisSortOption:DashboardDashboardPublishOptionsVisualAxisSortOption", "description": "The axis sort options of a dashboard. See visual_axis_sort_option.\n" }, "visualMenuOption": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptionsVisualMenuOption:DashboardDashboardPublishOptionsVisualMenuOption", "description": "The menu options of a visual in a dashboard. See visual_menu_option.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsAdHocFilteringOption:DashboardDashboardPublishOptionsAdHocFilteringOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsDataPointDrillUpDownOption:DashboardDashboardPublishOptionsDataPointDrillUpDownOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsDataPointMenuLabelOption:DashboardDashboardPublishOptionsDataPointMenuLabelOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsDataPointTooltipOption:DashboardDashboardPublishOptionsDataPointTooltipOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsExportToCsvOption:DashboardDashboardPublishOptionsExportToCsvOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsExportWithHiddenFieldsOption:DashboardDashboardPublishOptionsExportWithHiddenFieldsOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsSheetControlsOption:DashboardDashboardPublishOptionsSheetControlsOption": { "properties": { "visibilityState": { "type": "string", "description": "Visibility state. Possibles values: EXPANDED, COLLAPSED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsSheetLayoutElementMaximizationOption:DashboardDashboardPublishOptionsSheetLayoutElementMaximizationOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsVisualAxisSortOption:DashboardDashboardPublishOptionsVisualAxisSortOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardDashboardPublishOptionsVisualMenuOption:DashboardDashboardPublishOptionsVisualMenuOption": { "properties": { "availabilityStatus": { "type": "string", "description": "Availability status. Possibles values: ENABLED, DISABLED.\n" } }, "type": "object" }, "aws:quicksight/DashboardParameters:DashboardParameters": { "properties": { "dateTimeParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardParametersDateTimeParameter:DashboardParametersDateTimeParameter" }, "description": "A list of parameters that have a data type of date-time. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DateTimeParameter.html).\n" }, "decimalParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardParametersDecimalParameter:DashboardParametersDecimalParameter" }, "description": "A list of parameters that have a data type of decimal. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DecimalParameter.html).\n" }, "integerParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardParametersIntegerParameter:DashboardParametersIntegerParameter" }, "description": "A list of parameters that have a data type of integer. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_IntegerParameter.html).\n" }, "stringParameters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardParametersStringParameter:DashboardParametersStringParameter" }, "description": "A list of parameters that have a data type of string. See [AWS API Documentation for complete description](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StringParameter.html).\n" } }, "type": "object" }, "aws:quicksight/DashboardParametersDateTimeParameter:DashboardParametersDateTimeParameter": { "properties": { "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/DashboardParametersDecimalParameter:DashboardParametersDecimalParameter": { "properties": { "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "values": { "type": "array", "items": { "type": "number" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/DashboardParametersIntegerParameter:DashboardParametersIntegerParameter": { "properties": { "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "values": { "type": "array", "items": { "type": "integer" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/DashboardParametersStringParameter:DashboardParametersStringParameter": { "properties": { "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:quicksight/DashboardPermission:DashboardPermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/DashboardSourceEntity:DashboardSourceEntity": { "properties": { "sourceTemplate": { "$ref": "#/types/aws:quicksight/DashboardSourceEntitySourceTemplate:DashboardSourceEntitySourceTemplate", "description": "The source template. See source_template.\n" } }, "type": "object" }, "aws:quicksight/DashboardSourceEntitySourceTemplate:DashboardSourceEntitySourceTemplate": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource.\n" }, "dataSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardSourceEntitySourceTemplateDataSetReference:DashboardSourceEntitySourceTemplateDataSetReference" }, "description": "List of dataset references. See data_set_references.\n" } }, "type": "object", "required": [ "arn", "dataSetReferences" ] }, "aws:quicksight/DashboardSourceEntitySourceTemplateDataSetReference:DashboardSourceEntitySourceTemplateDataSetReference": { "properties": { "dataSetArn": { "type": "string", "description": "Dataset Amazon Resource Name (ARN).\n" }, "dataSetPlaceholder": { "type": "string", "description": "Dataset placeholder.\n" } }, "type": "object", "required": [ "dataSetArn", "dataSetPlaceholder" ] }, "aws:quicksight/DataSetColumnGroup:DataSetColumnGroup": { "properties": { "geoSpatialColumnGroup": { "$ref": "#/types/aws:quicksight/DataSetColumnGroupGeoSpatialColumnGroup:DataSetColumnGroupGeoSpatialColumnGroup", "description": "Geospatial column group that denotes a hierarchy. See geo_spatial_column_group.\n" } }, "type": "object" }, "aws:quicksight/DataSetColumnGroupGeoSpatialColumnGroup:DataSetColumnGroupGeoSpatialColumnGroup": { "properties": { "columns": { "type": "array", "items": { "type": "string" }, "description": "Columns in this hierarchy.\n" }, "countryCode": { "type": "string", "description": "Country code. Valid values are `US`.\n" }, "name": { "type": "string", "description": "A display name for the hierarchy.\n" } }, "type": "object", "required": [ "columns", "countryCode", "name" ] }, "aws:quicksight/DataSetColumnLevelPermissionRule:DataSetColumnLevelPermissionRule": { "properties": { "columnNames": { "type": "array", "items": { "type": "string" }, "description": "An array of column names.\n" }, "principals": { "type": "array", "items": { "type": "string" }, "description": "An array of ARNs for Amazon QuickSight users or groups.\n" } }, "type": "object" }, "aws:quicksight/DataSetDataSetUsageConfiguration:DataSetDataSetUsageConfiguration": { "properties": { "disableUseAsDirectQuerySource": { "type": "boolean", "description": "Controls whether a child dataset of a direct query can use this dataset as a source.\n" }, "disableUseAsImportedSource": { "type": "boolean", "description": "Controls whether a child dataset that's stored in QuickSight can use this dataset as a source.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "disableUseAsDirectQuerySource", "disableUseAsImportedSource" ] } } }, "aws:quicksight/DataSetFieldFolder:DataSetFieldFolder": { "properties": { "columns": { "type": "array", "items": { "type": "string" }, "description": "An array of column names to add to the folder. A column can only be in one folder.\n" }, "description": { "type": "string", "description": "Field folder description.\n" }, "fieldFoldersId": { "type": "string", "description": "Key of the field folder map.\n" } }, "type": "object", "required": [ "fieldFoldersId" ] }, "aws:quicksight/DataSetLogicalTableMap:DataSetLogicalTableMap": { "properties": { "alias": { "type": "string", "description": "A display name for the logical table.\n" }, "dataTransforms": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransform:DataSetLogicalTableMapDataTransform" }, "description": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null. See data_transforms.\n" }, "logicalTableMapId": { "type": "string", "description": "Key of the logical table map.\n" }, "source": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapSource:DataSetLogicalTableMapSource", "description": "Source of this logical table. See source.\n" } }, "type": "object", "required": [ "alias", "logicalTableMapId", "source" ], "language": { "nodejs": { "requiredOutputs": [ "alias", "dataTransforms", "logicalTableMapId", "source" ] } } }, "aws:quicksight/DataSetLogicalTableMapDataTransform:DataSetLogicalTableMapDataTransform": { "properties": { "castColumnTypeOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformCastColumnTypeOperation:DataSetLogicalTableMapDataTransformCastColumnTypeOperation", "description": "A transform operation that casts a column to a different type. See cast_column_type_operation.\n" }, "createColumnsOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformCreateColumnsOperation:DataSetLogicalTableMapDataTransformCreateColumnsOperation", "description": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure. See create_columns_operation.\n" }, "filterOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformFilterOperation:DataSetLogicalTableMapDataTransformFilterOperation", "description": "An operation that filters rows based on some condition. See filter_operation.\n" }, "projectOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformProjectOperation:DataSetLogicalTableMapDataTransformProjectOperation", "description": "An operation that projects columns. Operations that come after a projection can only refer to projected columns. See project_operation.\n" }, "renameColumnOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformRenameColumnOperation:DataSetLogicalTableMapDataTransformRenameColumnOperation", "description": "An operation that renames a column. See rename_column_operation.\n" }, "tagColumnOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperation:DataSetLogicalTableMapDataTransformTagColumnOperation", "description": "An operation that tags a column with additional information. See tag_column_operation.\n" }, "untagColumnOperation": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformUntagColumnOperation:DataSetLogicalTableMapDataTransformUntagColumnOperation", "description": "A transform operation that removes tags associated with a column. See untag_column_operation.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "castColumnTypeOperation", "createColumnsOperation", "filterOperation", "projectOperation", "renameColumnOperation", "tagColumnOperation", "untagColumnOperation" ] } } }, "aws:quicksight/DataSetLogicalTableMapDataTransformCastColumnTypeOperation:DataSetLogicalTableMapDataTransformCastColumnTypeOperation": { "properties": { "columnName": { "type": "string", "description": "Column name.\n" }, "format": { "type": "string", "description": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.\n" }, "newColumnType": { "type": "string", "description": "New column data type. Valid values are `STRING`, `INTEGER`, `DECIMAL`, `DATETIME`.\n" } }, "type": "object", "required": [ "columnName", "newColumnType" ], "language": { "nodejs": { "requiredOutputs": [ "columnName", "format", "newColumnType" ] } } }, "aws:quicksight/DataSetLogicalTableMapDataTransformCreateColumnsOperation:DataSetLogicalTableMapDataTransformCreateColumnsOperation": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformCreateColumnsOperationColumn:DataSetLogicalTableMapDataTransformCreateColumnsOperationColumn" }, "description": "Calculated columns to create. See columns.\n" } }, "type": "object", "required": [ "columns" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformCreateColumnsOperationColumn:DataSetLogicalTableMapDataTransformCreateColumnsOperationColumn": { "properties": { "columnId": { "type": "string", "description": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.\n" }, "columnName": { "type": "string", "description": "Column name.\n" }, "expression": { "type": "string", "description": "An expression that defines the calculated column.\n" } }, "type": "object", "required": [ "columnId", "columnName", "expression" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformFilterOperation:DataSetLogicalTableMapDataTransformFilterOperation": { "properties": { "conditionExpression": { "type": "string", "description": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.\n" } }, "type": "object", "required": [ "conditionExpression" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformProjectOperation:DataSetLogicalTableMapDataTransformProjectOperation": { "properties": { "projectedColumns": { "type": "array", "items": { "type": "string" }, "description": "Projected columns.\n" } }, "type": "object", "required": [ "projectedColumns" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformRenameColumnOperation:DataSetLogicalTableMapDataTransformRenameColumnOperation": { "properties": { "columnName": { "type": "string", "description": "Column to be renamed.\n" }, "newColumnName": { "type": "string", "description": "New name for the column.\n" } }, "type": "object", "required": [ "columnName", "newColumnName" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperation:DataSetLogicalTableMapDataTransformTagColumnOperation": { "properties": { "columnName": { "type": "string", "description": "Column name.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperationTag:DataSetLogicalTableMapDataTransformTagColumnOperationTag" }, "description": "The dataset column tag, currently only used for geospatial type tagging. See tags.\n" } }, "type": "object", "required": [ "columnName", "tags" ] }, "aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperationTag:DataSetLogicalTableMapDataTransformTagColumnOperationTag": { "properties": { "columnDescription": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription:DataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription", "description": "A description for a column. See column_description.\n" }, "columnGeographicRole": { "type": "string", "description": "A geospatial role for a column. Valid values are `COUNTRY`, `STATE`, `COUNTY`, `CITY`, `POSTCODE`, `LONGITUDE`, and `LATITUDE`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "columnDescription", "columnGeographicRole" ] } } }, "aws:quicksight/DataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription:DataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription": { "properties": { "text": { "type": "string", "description": "The text of a description for a column.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "text" ] } } }, "aws:quicksight/DataSetLogicalTableMapDataTransformUntagColumnOperation:DataSetLogicalTableMapDataTransformUntagColumnOperation": { "properties": { "columnName": { "type": "string", "description": "Column name.\n" }, "tagNames": { "type": "array", "items": { "type": "string" }, "description": "The column tags to remove from this column.\n" } }, "type": "object", "required": [ "columnName", "tagNames" ] }, "aws:quicksight/DataSetLogicalTableMapSource:DataSetLogicalTableMapSource": { "properties": { "dataSetArn": { "type": "string", "description": "ARN of the parent data set.\n" }, "joinInstruction": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapSourceJoinInstruction:DataSetLogicalTableMapSourceJoinInstruction", "description": "Specifies the result of a join of two logical tables. See join_instruction.\n" }, "physicalTableId": { "type": "string", "description": "Physical table ID.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dataSetArn", "joinInstruction", "physicalTableId" ] } } }, "aws:quicksight/DataSetLogicalTableMapSourceJoinInstruction:DataSetLogicalTableMapSourceJoinInstruction": { "properties": { "leftJoinKeyProperties": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperties:DataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperties", "description": "Join key properties of the left operand. See left_join_key_properties.\n" }, "leftOperand": { "type": "string", "description": "Operand on the left side of a join.\n" }, "onClause": { "type": "string", "description": "Join instructions provided in the ON clause of a join.\n" }, "rightJoinKeyProperties": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperties:DataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperties", "description": "Join key properties of the right operand. See right_join_key_properties.\n" }, "rightOperand": { "type": "string", "description": "Operand on the right side of a join.\n" }, "type": { "type": "string", "description": "Type of join. Valid values are `INNER`, `OUTER`, `LEFT`, and `RIGHT`.\n" } }, "type": "object", "required": [ "leftOperand", "onClause", "rightOperand", "type" ], "language": { "nodejs": { "requiredOutputs": [ "leftJoinKeyProperties", "leftOperand", "onClause", "rightJoinKeyProperties", "rightOperand", "type" ] } } }, "aws:quicksight/DataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperties:DataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperties": { "properties": { "uniqueKey": { "type": "boolean", "description": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Amazon QuickSight to optimize query performance.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "uniqueKey" ] } } }, "aws:quicksight/DataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperties:DataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperties": { "properties": { "uniqueKey": { "type": "boolean", "description": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Amazon QuickSight to optimize query performance.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "uniqueKey" ] } } }, "aws:quicksight/DataSetOutputColumn:DataSetOutputColumn": { "properties": { "description": { "type": "string", "description": "Field folder description.\n" }, "name": { "type": "string", "description": "Display name for the dataset.\n" }, "type": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "description", "name", "type" ] } } }, "aws:quicksight/DataSetPermission:DataSetPermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/DataSetPhysicalTableMap:DataSetPhysicalTableMap": { "properties": { "customSql": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapCustomSql:DataSetPhysicalTableMapCustomSql", "description": "A physical table type built from the results of the custom SQL query. See custom_sql.\n" }, "physicalTableMapId": { "type": "string", "description": "Key of the physical table map.\n" }, "relationalTable": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapRelationalTable:DataSetPhysicalTableMapRelationalTable", "description": "A physical table type for relational data sources. See relational_table.\n" }, "s3Source": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapS3Source:DataSetPhysicalTableMapS3Source", "description": "A physical table type for as S3 data source. See s3_source.\n" } }, "type": "object", "required": [ "physicalTableMapId" ], "language": { "nodejs": { "requiredOutputs": [ "physicalTableMapId", "s3Source" ] } } }, "aws:quicksight/DataSetPhysicalTableMapCustomSql:DataSetPhysicalTableMapCustomSql": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapCustomSqlColumn:DataSetPhysicalTableMapCustomSqlColumn" }, "description": "Column schema from the SQL query result set. See columns.\n" }, "dataSourceArn": { "type": "string", "description": "ARN of the data source.\n" }, "name": { "type": "string", "description": "Display name for the SQL query result.\n" }, "sqlQuery": { "type": "string", "description": "SQL query.\n" } }, "type": "object", "required": [ "dataSourceArn", "name", "sqlQuery" ] }, "aws:quicksight/DataSetPhysicalTableMapCustomSqlColumn:DataSetPhysicalTableMapCustomSqlColumn": { "properties": { "name": { "type": "string", "description": "Name of this column in the underlying data source.\n" }, "type": { "type": "string", "description": "Data type of the column.\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:quicksight/DataSetPhysicalTableMapRelationalTable:DataSetPhysicalTableMapRelationalTable": { "properties": { "catalog": { "type": "string", "description": "Catalog associated with the table.\n" }, "dataSourceArn": { "type": "string", "description": "ARN of the data source.\n" }, "inputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapRelationalTableInputColumn:DataSetPhysicalTableMapRelationalTableInputColumn" }, "description": "Column schema of the table. See input_columns.\n" }, "name": { "type": "string", "description": "Name of the relational table.\n" }, "schema": { "type": "string", "description": "Schema name. This name applies to certain relational database engines.\n" } }, "type": "object", "required": [ "dataSourceArn", "inputColumns", "name" ] }, "aws:quicksight/DataSetPhysicalTableMapRelationalTableInputColumn:DataSetPhysicalTableMapRelationalTableInputColumn": { "properties": { "name": { "type": "string", "description": "Name of this column in the underlying data source.\n" }, "type": { "type": "string", "description": "Data type of the column.\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:quicksight/DataSetPhysicalTableMapS3Source:DataSetPhysicalTableMapS3Source": { "properties": { "dataSourceArn": { "type": "string", "description": "ARN of the data source.\n" }, "inputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapS3SourceInputColumn:DataSetPhysicalTableMapS3SourceInputColumn" }, "description": "Column schema of the table. See input_columns.\n" }, "uploadSettings": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMapS3SourceUploadSettings:DataSetPhysicalTableMapS3SourceUploadSettings", "description": "Information about the format for the S3 source file or files. See upload_settings.\n" } }, "type": "object", "required": [ "dataSourceArn", "inputColumns", "uploadSettings" ] }, "aws:quicksight/DataSetPhysicalTableMapS3SourceInputColumn:DataSetPhysicalTableMapS3SourceInputColumn": { "properties": { "name": { "type": "string", "description": "Name of this column in the underlying data source.\n" }, "type": { "type": "string", "description": "Data type of the column.\n" } }, "type": "object", "required": [ "name", "type" ] }, "aws:quicksight/DataSetPhysicalTableMapS3SourceUploadSettings:DataSetPhysicalTableMapS3SourceUploadSettings": { "properties": { "containsHeader": { "type": "boolean", "description": "Whether the file has a header row, or the files each have a header row.\n" }, "delimiter": { "type": "string", "description": "Delimiter between values in the file.\n" }, "format": { "type": "string", "description": "File format. Valid values are `CSV`, `TSV`, `CLF`, `ELF`, `XLSX`, and `JSON`.\n" }, "startFromRow": { "type": "integer", "description": "A row number to start reading data from.\n" }, "textQualifier": { "type": "string", "description": "Text qualifier. Valid values are `DOUBLE_QUOTE` and `SINGLE_QUOTE`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "containsHeader", "delimiter", "format", "startFromRow", "textQualifier" ] } } }, "aws:quicksight/DataSetRefreshProperties:DataSetRefreshProperties": { "properties": { "refreshConfiguration": { "$ref": "#/types/aws:quicksight/DataSetRefreshPropertiesRefreshConfiguration:DataSetRefreshPropertiesRefreshConfiguration", "description": "The refresh configuration for the data set. See refresh_configuration.\n" } }, "type": "object", "required": [ "refreshConfiguration" ] }, "aws:quicksight/DataSetRefreshPropertiesRefreshConfiguration:DataSetRefreshPropertiesRefreshConfiguration": { "properties": { "incrementalRefresh": { "$ref": "#/types/aws:quicksight/DataSetRefreshPropertiesRefreshConfigurationIncrementalRefresh:DataSetRefreshPropertiesRefreshConfigurationIncrementalRefresh", "description": "The incremental refresh for the data set. See incremental_refresh.\n" } }, "type": "object", "required": [ "incrementalRefresh" ] }, "aws:quicksight/DataSetRefreshPropertiesRefreshConfigurationIncrementalRefresh:DataSetRefreshPropertiesRefreshConfigurationIncrementalRefresh": { "properties": { "lookbackWindow": { "$ref": "#/types/aws:quicksight/DataSetRefreshPropertiesRefreshConfigurationIncrementalRefreshLookbackWindow:DataSetRefreshPropertiesRefreshConfigurationIncrementalRefreshLookbackWindow", "description": "The lookback window setup for an incremental refresh configuration. See lookback_window.\n" } }, "type": "object", "required": [ "lookbackWindow" ] }, "aws:quicksight/DataSetRefreshPropertiesRefreshConfigurationIncrementalRefreshLookbackWindow:DataSetRefreshPropertiesRefreshConfigurationIncrementalRefreshLookbackWindow": { "properties": { "columnName": { "type": "string", "description": "The name of the lookback window column.\n" }, "size": { "type": "integer", "description": "The lookback window column size.\n" }, "sizeUnit": { "type": "string", "description": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR`, `DAY`, and `WEEK`.\n" } }, "type": "object", "required": [ "columnName", "size", "sizeUnit" ] }, "aws:quicksight/DataSetRowLevelPermissionDataSet:DataSetRowLevelPermissionDataSet": { "properties": { "arn": { "type": "string", "description": "ARN of the dataset that contains permissions for RLS.\n" }, "formatVersion": { "type": "string", "description": "User or group rules associated with the dataset that contains permissions for RLS.\n" }, "namespace": { "type": "string", "description": "Namespace associated with the dataset that contains permissions for RLS.\n" }, "permissionPolicy": { "type": "string", "description": "Type of permissions to use when interpreting the permissions for RLS. Valid values are `GRANT_ACCESS` and `DENY_ACCESS`.\n" }, "status": { "type": "string", "description": "Status of the row-level security permission dataset. If enabled, the status is `ENABLED`. If disabled, the status is `DISABLED`.\n" } }, "type": "object", "required": [ "arn", "permissionPolicy" ] }, "aws:quicksight/DataSetRowLevelPermissionTagConfiguration:DataSetRowLevelPermissionTagConfiguration": { "properties": { "status": { "type": "string", "description": "The status of row-level security tags. If enabled, the status is `ENABLED`. If disabled, the status is `DISABLED`.\n" }, "tagRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionTagConfigurationTagRule:DataSetRowLevelPermissionTagConfigurationTagRule" }, "description": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to. See tag_rules.\n" } }, "type": "object", "required": [ "tagRules" ] }, "aws:quicksight/DataSetRowLevelPermissionTagConfigurationTagRule:DataSetRowLevelPermissionTagConfigurationTagRule": { "properties": { "columnName": { "type": "string", "description": "Column name that a tag key is assigned to.\n" }, "matchAllValue": { "type": "string", "description": "A string that you want to use to filter by all the values in a column in the dataset and don’t want to list the values one by one.\n" }, "tagKey": { "type": "string", "description": "Unique key for a tag.\n" }, "tagMultiValueDelimiter": { "type": "string", "description": "A string that you want to use to delimit the values when you pass the values at run time.\n" } }, "type": "object", "required": [ "columnName", "tagKey" ] }, "aws:quicksight/DataSourceCredentials:DataSourceCredentials": { "properties": { "copySourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use.\nWhen the value is not null, the `credential_pair` from the data source in the ARN is used.\n" }, "credentialPair": { "$ref": "#/types/aws:quicksight/DataSourceCredentialsCredentialPair:DataSourceCredentialsCredentialPair", "description": "Credential pair. See Credential Pair below for more details.\n" } }, "type": "object" }, "aws:quicksight/DataSourceCredentialsCredentialPair:DataSourceCredentialsCredentialPair": { "properties": { "password": { "type": "string", "description": "Password, maximum length of 1024 characters.\n", "secret": true }, "username": { "type": "string", "description": "User name, maximum length of 64 characters.\n", "secret": true } }, "type": "object", "required": [ "password", "username" ] }, "aws:quicksight/DataSourceParameters:DataSourceParameters": { "properties": { "amazonElasticsearch": { "$ref": "#/types/aws:quicksight/DataSourceParametersAmazonElasticsearch:DataSourceParametersAmazonElasticsearch", "description": "Parameters for connecting to Amazon Elasticsearch.\n" }, "athena": { "$ref": "#/types/aws:quicksight/DataSourceParametersAthena:DataSourceParametersAthena", "description": "Parameters for connecting to Athena.\n" }, "aurora": { "$ref": "#/types/aws:quicksight/DataSourceParametersAurora:DataSourceParametersAurora", "description": "Parameters for connecting to Aurora MySQL.\n" }, "auroraPostgresql": { "$ref": "#/types/aws:quicksight/DataSourceParametersAuroraPostgresql:DataSourceParametersAuroraPostgresql", "description": "Parameters for connecting to Aurora Postgresql.\n" }, "awsIotAnalytics": { "$ref": "#/types/aws:quicksight/DataSourceParametersAwsIotAnalytics:DataSourceParametersAwsIotAnalytics", "description": "Parameters for connecting to AWS IOT Analytics.\n" }, "jira": { "$ref": "#/types/aws:quicksight/DataSourceParametersJira:DataSourceParametersJira", "description": "Parameters for connecting to Jira.\n" }, "mariaDb": { "$ref": "#/types/aws:quicksight/DataSourceParametersMariaDb:DataSourceParametersMariaDb", "description": "Parameters for connecting to MariaDB.\n" }, "mysql": { "$ref": "#/types/aws:quicksight/DataSourceParametersMysql:DataSourceParametersMysql", "description": "Parameters for connecting to MySQL.\n" }, "oracle": { "$ref": "#/types/aws:quicksight/DataSourceParametersOracle:DataSourceParametersOracle", "description": "Parameters for connecting to Oracle.\n" }, "postgresql": { "$ref": "#/types/aws:quicksight/DataSourceParametersPostgresql:DataSourceParametersPostgresql", "description": "Parameters for connecting to Postgresql.\n" }, "presto": { "$ref": "#/types/aws:quicksight/DataSourceParametersPresto:DataSourceParametersPresto", "description": "Parameters for connecting to Presto.\n" }, "rds": { "$ref": "#/types/aws:quicksight/DataSourceParametersRds:DataSourceParametersRds", "description": "Parameters for connecting to RDS.\n" }, "redshift": { "$ref": "#/types/aws:quicksight/DataSourceParametersRedshift:DataSourceParametersRedshift", "description": "Parameters for connecting to Redshift.\n" }, "s3": { "$ref": "#/types/aws:quicksight/DataSourceParametersS3:DataSourceParametersS3", "description": "Parameters for connecting to S3.\n" }, "serviceNow": { "$ref": "#/types/aws:quicksight/DataSourceParametersServiceNow:DataSourceParametersServiceNow", "description": "Parameters for connecting to ServiceNow.\n" }, "snowflake": { "$ref": "#/types/aws:quicksight/DataSourceParametersSnowflake:DataSourceParametersSnowflake", "description": "Parameters for connecting to Snowflake.\n" }, "spark": { "$ref": "#/types/aws:quicksight/DataSourceParametersSpark:DataSourceParametersSpark", "description": "Parameters for connecting to Spark.\n" }, "sqlServer": { "$ref": "#/types/aws:quicksight/DataSourceParametersSqlServer:DataSourceParametersSqlServer", "description": "Parameters for connecting to SQL Server.\n" }, "teradata": { "$ref": "#/types/aws:quicksight/DataSourceParametersTeradata:DataSourceParametersTeradata", "description": "Parameters for connecting to Teradata.\n" }, "twitter": { "$ref": "#/types/aws:quicksight/DataSourceParametersTwitter:DataSourceParametersTwitter", "description": "Parameters for connecting to Twitter.\n" } }, "type": "object" }, "aws:quicksight/DataSourceParametersAmazonElasticsearch:DataSourceParametersAmazonElasticsearch": { "properties": { "domain": { "type": "string", "description": "The OpenSearch domain.\n" } }, "type": "object", "required": [ "domain" ] }, "aws:quicksight/DataSourceParametersAthena:DataSourceParametersAthena": { "properties": { "workGroup": { "type": "string", "description": "The work-group to which to connect.\n" } }, "type": "object" }, "aws:quicksight/DataSourceParametersAurora:DataSourceParametersAurora": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersAuroraPostgresql:DataSourceParametersAuroraPostgresql": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersAwsIotAnalytics:DataSourceParametersAwsIotAnalytics": { "properties": { "dataSetName": { "type": "string", "description": "The name of the data set to which to connect.\n" } }, "type": "object", "required": [ "dataSetName" ] }, "aws:quicksight/DataSourceParametersJira:DataSourceParametersJira": { "properties": { "siteBaseUrl": { "type": "string", "description": "The base URL of the Jira instance's site to which to connect.\n" } }, "type": "object", "required": [ "siteBaseUrl" ] }, "aws:quicksight/DataSourceParametersMariaDb:DataSourceParametersMariaDb": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersMysql:DataSourceParametersMysql": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersOracle:DataSourceParametersOracle": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersPostgresql:DataSourceParametersPostgresql": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersPresto:DataSourceParametersPresto": { "properties": { "catalog": { "type": "string", "description": "The catalog to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "catalog", "host", "port" ] }, "aws:quicksight/DataSourceParametersRds:DataSourceParametersRds": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "instanceId": { "type": "string", "description": "The instance ID to which to connect.\n" } }, "type": "object", "required": [ "database", "instanceId" ] }, "aws:quicksight/DataSourceParametersRedshift:DataSourceParametersRedshift": { "properties": { "clusterId": { "type": "string", "description": "The ID of the cluster to which to connect.\n" }, "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The port to which to connect.\n" } }, "type": "object", "required": [ "database" ] }, "aws:quicksight/DataSourceParametersS3:DataSourceParametersS3": { "properties": { "manifestFileLocation": { "$ref": "#/types/aws:quicksight/DataSourceParametersS3ManifestFileLocation:DataSourceParametersS3ManifestFileLocation", "description": "An object containing the S3 location of the S3 manifest file.\n" } }, "type": "object", "required": [ "manifestFileLocation" ] }, "aws:quicksight/DataSourceParametersS3ManifestFileLocation:DataSourceParametersS3ManifestFileLocation": { "properties": { "bucket": { "type": "string", "description": "The name of the bucket that contains the manifest file.\n" }, "key": { "type": "string", "description": "The key of the manifest file within the bucket.\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "aws:quicksight/DataSourceParametersServiceNow:DataSourceParametersServiceNow": { "properties": { "siteBaseUrl": { "type": "string", "description": "The base URL of the Jira instance's site to which to connect.\n" } }, "type": "object", "required": [ "siteBaseUrl" ] }, "aws:quicksight/DataSourceParametersSnowflake:DataSourceParametersSnowflake": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "warehouse": { "type": "string", "description": "The warehouse to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "warehouse" ] }, "aws:quicksight/DataSourceParametersSpark:DataSourceParametersSpark": { "properties": { "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The warehouse to which to connect.\n" } }, "type": "object", "required": [ "host", "port" ] }, "aws:quicksight/DataSourceParametersSqlServer:DataSourceParametersSqlServer": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The warehouse to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersTeradata:DataSourceParametersTeradata": { "properties": { "database": { "type": "string", "description": "The database to which to connect.\n" }, "host": { "type": "string", "description": "The host to which to connect.\n" }, "port": { "type": "integer", "description": "The warehouse to which to connect.\n" } }, "type": "object", "required": [ "database", "host", "port" ] }, "aws:quicksight/DataSourceParametersTwitter:DataSourceParametersTwitter": { "properties": { "maxRows": { "type": "integer", "description": "The maximum number of rows to query.\n" }, "query": { "type": "string", "description": "The Twitter query to retrieve the data.\n" } }, "type": "object", "required": [ "maxRows", "query" ] }, "aws:quicksight/DataSourcePermission:DataSourcePermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Set of IAM actions to grant or revoke permissions on. Max of 16 items.\n" }, "principal": { "type": "string", "description": "The Amazon Resource Name (ARN) of the principal.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/DataSourceSslProperties:DataSourceSslProperties": { "properties": { "disableSsl": { "type": "boolean", "description": "A Boolean option to control whether SSL should be disabled.\n" } }, "type": "object", "required": [ "disableSsl" ] }, "aws:quicksight/DataSourceVpcConnectionProperties:DataSourceVpcConnectionProperties": { "properties": { "vpcConnectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the VPC connection.\n" } }, "type": "object", "required": [ "vpcConnectionArn" ] }, "aws:quicksight/FolderPermission:FolderPermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/IamPolicyAssignmentIdentities:IamPolicyAssignmentIdentities": { "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "Array of Quicksight group names to assign the policy to.\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "Array of Quicksight user names to assign the policy to.\n" } }, "type": "object" }, "aws:quicksight/NamespaceTimeouts:NamespaceTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:quicksight/RefreshScheduleSchedule:RefreshScheduleSchedule": { "properties": { "refreshType": { "type": "string", "description": "The type of refresh that the dataset undergoes. Valid values are `INCREMENTAL_REFRESH` and `FULL_REFRESH`.\n" }, "scheduleFrequency": { "$ref": "#/types/aws:quicksight/RefreshScheduleScheduleScheduleFrequency:RefreshScheduleScheduleScheduleFrequency", "description": "The configuration of the [schedule frequency](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RefreshFrequency.html). See schedule_frequency.\n" }, "startAfterDateTime": { "type": "string", "description": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.\n" } }, "type": "object", "required": [ "refreshType" ], "language": { "nodejs": { "requiredOutputs": [ "refreshType", "startAfterDateTime" ] } } }, "aws:quicksight/RefreshScheduleScheduleScheduleFrequency:RefreshScheduleScheduleScheduleFrequency": { "properties": { "interval": { "type": "string", "description": "The interval between scheduled refreshes. Valid values are `MINUTE15`, `MINUTE30`, `HOURLY`, `DAILY`, `WEEKLY` and `MONTHLY`.\n" }, "refreshOnDay": { "$ref": "#/types/aws:quicksight/RefreshScheduleScheduleScheduleFrequencyRefreshOnDay:RefreshScheduleScheduleScheduleFrequencyRefreshOnDay", "description": "The [refresh on entity](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ScheduleRefreshOnEntity.html) configuration for weekly or monthly schedules. See refresh_on_day.\n" }, "timeOfTheDay": { "type": "string", "description": "The time of day that you want the dataset to refresh. This value is expressed in `HH:MM` format. This field is not required for schedules that refresh hourly.\n" }, "timezone": { "type": "string", "description": "The timezone that you want the refresh schedule to use.\n" } }, "type": "object", "required": [ "interval" ], "language": { "nodejs": { "requiredOutputs": [ "interval", "timeOfTheDay", "timezone" ] } } }, "aws:quicksight/RefreshScheduleScheduleScheduleFrequencyRefreshOnDay:RefreshScheduleScheduleScheduleFrequencyRefreshOnDay": { "properties": { "dayOfMonth": { "type": "string", "description": "The day of the month that you want to schedule refresh on.\n" }, "dayOfWeek": { "type": "string", "description": "The day of the week that you want to schedule a refresh on. Valid values are `SUNDAY`, `MONDAY`, `TUESDAY`, `WEDNESDAY`, `THURSDAY`, `FRIDAY` and `SATURDAY`.\n" } }, "type": "object" }, "aws:quicksight/TemplatePermission:TemplatePermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/TemplateSourceEntity:TemplateSourceEntity": { "properties": { "sourceAnalysis": { "$ref": "#/types/aws:quicksight/TemplateSourceEntitySourceAnalysis:TemplateSourceEntitySourceAnalysis", "description": "The source analysis, if it is based on an analysis.. Only one of `source_analysis` or `source_template` should be configured. See source_analysis.\n" }, "sourceTemplate": { "$ref": "#/types/aws:quicksight/TemplateSourceEntitySourceTemplate:TemplateSourceEntitySourceTemplate", "description": "The source template, if it is based on an template.. Only one of `source_analysis` or `source_template` should be configured. See source_template.\n" } }, "type": "object" }, "aws:quicksight/TemplateSourceEntitySourceAnalysis:TemplateSourceEntitySourceAnalysis": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource.\n" }, "dataSetReferences": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/TemplateSourceEntitySourceAnalysisDataSetReference:TemplateSourceEntitySourceAnalysisDataSetReference" }, "description": "A list of dataset references used as placeholders in the template. See data_set_references.\n" } }, "type": "object", "required": [ "arn", "dataSetReferences" ] }, "aws:quicksight/TemplateSourceEntitySourceAnalysisDataSetReference:TemplateSourceEntitySourceAnalysisDataSetReference": { "properties": { "dataSetArn": { "type": "string", "description": "Dataset Amazon Resource Name (ARN).\n" }, "dataSetPlaceholder": { "type": "string", "description": "Dataset placeholder.\n" } }, "type": "object", "required": [ "dataSetArn", "dataSetPlaceholder" ] }, "aws:quicksight/TemplateSourceEntitySourceTemplate:TemplateSourceEntitySourceTemplate": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:quicksight/ThemeConfiguration:ThemeConfiguration": { "properties": { "dataColorPalette": { "$ref": "#/types/aws:quicksight/ThemeConfigurationDataColorPalette:ThemeConfigurationDataColorPalette", "description": "Color properties that apply to chart data colors. See data_color_palette.\n" }, "sheet": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheet:ThemeConfigurationSheet", "description": "Display options related to sheets. See sheet.\n" }, "typography": { "$ref": "#/types/aws:quicksight/ThemeConfigurationTypography:ThemeConfigurationTypography", "description": "Determines the typography options. See typography.\n" }, "uiColorPalette": { "$ref": "#/types/aws:quicksight/ThemeConfigurationUiColorPalette:ThemeConfigurationUiColorPalette", "description": "Color properties that apply to the UI and to charts, excluding the colors that apply to data. See ui_color_palette.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationDataColorPalette:ThemeConfigurationDataColorPalette": { "properties": { "colors": { "type": "array", "items": { "type": "string" }, "description": "List of hexadecimal codes for the colors. Minimum of 8 items and maximum of 20 items.\n" }, "emptyFillColor": { "type": "string", "description": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.\n" }, "minMaxGradients": { "type": "array", "items": { "type": "string" }, "description": "The minimum and maximum hexadecimal codes that describe a color gradient. List of exactly 2 items.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheet:ThemeConfigurationSheet": { "properties": { "tile": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheetTile:ThemeConfigurationSheetTile", "description": "The display options for tiles. See tile.\n" }, "tileLayout": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheetTileLayout:ThemeConfigurationSheetTileLayout", "description": "The layout options for tiles. See tile_layout.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheetTile:ThemeConfigurationSheetTile": { "properties": { "border": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheetTileBorder:ThemeConfigurationSheetTileBorder", "description": "The border around a tile. See border.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheetTileBorder:ThemeConfigurationSheetTileBorder": { "properties": { "show": { "type": "boolean", "description": "The option to enable display of borders for visuals.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheetTileLayout:ThemeConfigurationSheetTileLayout": { "properties": { "gutter": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheetTileLayoutGutter:ThemeConfigurationSheetTileLayoutGutter", "description": "The gutter settings that apply between tiles. See gutter.\n" }, "margin": { "$ref": "#/types/aws:quicksight/ThemeConfigurationSheetTileLayoutMargin:ThemeConfigurationSheetTileLayoutMargin", "description": "The margin settings that apply around the outside edge of sheets. See margin.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheetTileLayoutGutter:ThemeConfigurationSheetTileLayoutGutter": { "properties": { "show": { "type": "boolean", "description": "This Boolean value controls whether to display a gutter space between sheet tiles.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationSheetTileLayoutMargin:ThemeConfigurationSheetTileLayoutMargin": { "properties": { "show": { "type": "boolean", "description": "This Boolean value controls whether to display sheet margins.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationTypography:ThemeConfigurationTypography": { "properties": { "fontFamilies": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/ThemeConfigurationTypographyFontFamily:ThemeConfigurationTypographyFontFamily" }, "description": "Determines the list of font families. Maximum number of 5 items. See font_families.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationTypographyFontFamily:ThemeConfigurationTypographyFontFamily": { "properties": { "fontFamily": { "type": "string", "description": "Font family name.\n" } }, "type": "object" }, "aws:quicksight/ThemeConfigurationUiColorPalette:ThemeConfigurationUiColorPalette": { "properties": { "accent": { "type": "string", "description": "Color (hexadecimal) that applies to selected states and buttons.\n" }, "accentForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the accent color.\n" }, "danger": { "type": "string", "description": "Color (hexadecimal) that applies to error messages.\n" }, "dangerForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the error color.\n" }, "dimension": { "type": "string", "description": "Color (hexadecimal) that applies to the names of fields that are identified as dimensions.\n" }, "dimensionForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the dimension color.\n" }, "measure": { "type": "string", "description": "Color (hexadecimal) that applies to the names of fields that are identified as measures.\n" }, "measureForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the measure color.\n" }, "primaryBackground": { "type": "string", "description": "Color (hexadecimal) that applies to visuals and other high emphasis UI.\n" }, "primaryForeground": { "type": "string", "description": "Color (hexadecimal) of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.\n" }, "secondaryBackground": { "type": "string", "description": "Color (hexadecimal) that applies to the sheet background and sheet controls.\n" }, "secondaryForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any sheet title, sheet control text, or UI that appears over the secondary background.\n" }, "success": { "type": "string", "description": "Color (hexadecimal) that applies to success messages, for example the check mark for a successful download.\n" }, "successForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the success color.\n" }, "warning": { "type": "string", "description": "Color (hexadecimal) that applies to warning and informational messages.\n" }, "warningForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the warning color.\n" } }, "type": "object" }, "aws:quicksight/ThemePermission:ThemePermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ] }, "aws:quicksight/VpcConnectionTimeouts:VpcConnectionTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:quicksight/getDataSetColumnGroup:getDataSetColumnGroup": { "properties": { "geoSpatialColumnGroups": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetColumnGroupGeoSpatialColumnGroup:getDataSetColumnGroupGeoSpatialColumnGroup" } } }, "type": "object", "required": [ "geoSpatialColumnGroups" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetColumnGroupGeoSpatialColumnGroup:getDataSetColumnGroupGeoSpatialColumnGroup": { "properties": { "columns": { "type": "array", "items": { "type": "string" } }, "countryCode": { "type": "string" }, "name": { "type": "string" } }, "type": "object", "required": [ "columns", "countryCode", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetColumnLevelPermissionRule:getDataSetColumnLevelPermissionRule": { "properties": { "columnNames": { "type": "array", "items": { "type": "string" } }, "principals": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "columnNames", "principals" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetDataSetUsageConfiguration:getDataSetDataSetUsageConfiguration": { "properties": { "disableUseAsDirectQuerySource": { "type": "boolean" }, "disableUseAsImportedSource": { "type": "boolean" } }, "type": "object", "required": [ "disableUseAsDirectQuerySource", "disableUseAsImportedSource" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetFieldFolder:getDataSetFieldFolder": { "properties": { "columns": { "type": "array", "items": { "type": "string" } }, "description": { "type": "string" }, "fieldFoldersId": { "type": "string" } }, "type": "object", "required": [ "columns", "description", "fieldFoldersId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMap:getDataSetLogicalTableMap": { "properties": { "alias": { "type": "string" }, "dataTransforms": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransform:getDataSetLogicalTableMapDataTransform" } }, "logicalTableMapId": { "type": "string" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapSource:getDataSetLogicalTableMapSource" } } }, "type": "object", "required": [ "alias", "dataTransforms", "logicalTableMapId", "sources" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransform:getDataSetLogicalTableMapDataTransform": { "properties": { "castColumnTypeOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformCastColumnTypeOperation:getDataSetLogicalTableMapDataTransformCastColumnTypeOperation" } }, "createColumnsOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformCreateColumnsOperation:getDataSetLogicalTableMapDataTransformCreateColumnsOperation" } }, "filterOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformFilterOperation:getDataSetLogicalTableMapDataTransformFilterOperation" } }, "projectOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformProjectOperation:getDataSetLogicalTableMapDataTransformProjectOperation" } }, "renameColumnOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformRenameColumnOperation:getDataSetLogicalTableMapDataTransformRenameColumnOperation" } }, "tagColumnOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperation:getDataSetLogicalTableMapDataTransformTagColumnOperation" } }, "untagColumnOperations": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformUntagColumnOperation:getDataSetLogicalTableMapDataTransformUntagColumnOperation" } } }, "type": "object", "required": [ "castColumnTypeOperations", "createColumnsOperations", "filterOperations", "projectOperations", "renameColumnOperations", "tagColumnOperations", "untagColumnOperations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformCastColumnTypeOperation:getDataSetLogicalTableMapDataTransformCastColumnTypeOperation": { "properties": { "columnName": { "type": "string" }, "format": { "type": "string" }, "newColumnType": { "type": "string" } }, "type": "object", "required": [ "columnName", "format", "newColumnType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformCreateColumnsOperation:getDataSetLogicalTableMapDataTransformCreateColumnsOperation": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformCreateColumnsOperationColumn:getDataSetLogicalTableMapDataTransformCreateColumnsOperationColumn" } } }, "type": "object", "required": [ "columns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformCreateColumnsOperationColumn:getDataSetLogicalTableMapDataTransformCreateColumnsOperationColumn": { "properties": { "columnId": { "type": "string" }, "columnName": { "type": "string" }, "expression": { "type": "string" } }, "type": "object", "required": [ "columnId", "columnName", "expression" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformFilterOperation:getDataSetLogicalTableMapDataTransformFilterOperation": { "properties": { "conditionExpression": { "type": "string" } }, "type": "object", "required": [ "conditionExpression" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformProjectOperation:getDataSetLogicalTableMapDataTransformProjectOperation": { "properties": { "projectedColumns": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "projectedColumns" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformRenameColumnOperation:getDataSetLogicalTableMapDataTransformRenameColumnOperation": { "properties": { "columnName": { "type": "string" }, "newColumnName": { "type": "string" } }, "type": "object", "required": [ "columnName", "newColumnName" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperation:getDataSetLogicalTableMapDataTransformTagColumnOperation": { "properties": { "columnName": { "type": "string" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperationTag:getDataSetLogicalTableMapDataTransformTagColumnOperationTag" } } }, "type": "object", "required": [ "columnName", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperationTag:getDataSetLogicalTableMapDataTransformTagColumnOperationTag": { "properties": { "columnDescriptions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription:getDataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription" } }, "columnGeographicRole": { "type": "string" } }, "type": "object", "required": [ "columnDescriptions", "columnGeographicRole" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription:getDataSetLogicalTableMapDataTransformTagColumnOperationTagColumnDescription": { "properties": { "text": { "type": "string" } }, "type": "object", "required": [ "text" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapDataTransformUntagColumnOperation:getDataSetLogicalTableMapDataTransformUntagColumnOperation": { "properties": { "columnName": { "type": "string" }, "tagNames": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "columnName", "tagNames" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapSource:getDataSetLogicalTableMapSource": { "properties": { "dataSetArn": { "type": "string" }, "joinInstructions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapSourceJoinInstruction:getDataSetLogicalTableMapSourceJoinInstruction" } }, "physicalTableId": { "type": "string" } }, "type": "object", "required": [ "dataSetArn", "joinInstructions", "physicalTableId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapSourceJoinInstruction:getDataSetLogicalTableMapSourceJoinInstruction": { "properties": { "leftJoinKeyProperties": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperty:getDataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperty" } }, "leftOperand": { "type": "string" }, "onClause": { "type": "string" }, "rightJoinKeyProperties": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperty:getDataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperty" } }, "rightOperand": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "leftJoinKeyProperties", "leftOperand", "onClause", "rightJoinKeyProperties", "rightOperand", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperty:getDataSetLogicalTableMapSourceJoinInstructionLeftJoinKeyProperty": { "properties": { "uniqueKey": { "type": "boolean" } }, "type": "object", "required": [ "uniqueKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperty:getDataSetLogicalTableMapSourceJoinInstructionRightJoinKeyProperty": { "properties": { "uniqueKey": { "type": "boolean" } }, "type": "object", "required": [ "uniqueKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPermission:getDataSetPermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" } }, "principal": { "type": "string" } }, "type": "object", "required": [ "actions", "principal" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMap:getDataSetPhysicalTableMap": { "properties": { "customSqls": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapCustomSql:getDataSetPhysicalTableMapCustomSql" } }, "physicalTableMapId": { "type": "string" }, "relationalTables": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapRelationalTable:getDataSetPhysicalTableMapRelationalTable" } }, "s3Sources": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapS3Source:getDataSetPhysicalTableMapS3Source" } } }, "type": "object", "required": [ "customSqls", "physicalTableMapId", "relationalTables", "s3Sources" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapCustomSql:getDataSetPhysicalTableMapCustomSql": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapCustomSqlColumn:getDataSetPhysicalTableMapCustomSqlColumn" } }, "dataSourceArn": { "type": "string" }, "name": { "type": "string" }, "sqlQuery": { "type": "string" } }, "type": "object", "required": [ "columns", "dataSourceArn", "name", "sqlQuery" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapCustomSqlColumn:getDataSetPhysicalTableMapCustomSqlColumn": { "properties": { "name": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapRelationalTable:getDataSetPhysicalTableMapRelationalTable": { "properties": { "catalog": { "type": "string" }, "dataSourceArn": { "type": "string" }, "inputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapRelationalTableInputColumn:getDataSetPhysicalTableMapRelationalTableInputColumn" } }, "name": { "type": "string" }, "schema": { "type": "string" } }, "type": "object", "required": [ "catalog", "dataSourceArn", "inputColumns", "name", "schema" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapRelationalTableInputColumn:getDataSetPhysicalTableMapRelationalTableInputColumn": { "properties": { "name": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapS3Source:getDataSetPhysicalTableMapS3Source": { "properties": { "dataSourceArn": { "type": "string" }, "inputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapS3SourceInputColumn:getDataSetPhysicalTableMapS3SourceInputColumn" } }, "uploadSettings": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMapS3SourceUploadSetting:getDataSetPhysicalTableMapS3SourceUploadSetting" } } }, "type": "object", "required": [ "dataSourceArn", "inputColumns", "uploadSettings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapS3SourceInputColumn:getDataSetPhysicalTableMapS3SourceInputColumn": { "properties": { "name": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetPhysicalTableMapS3SourceUploadSetting:getDataSetPhysicalTableMapS3SourceUploadSetting": { "properties": { "containsHeader": { "type": "boolean" }, "delimiter": { "type": "string" }, "format": { "type": "string" }, "startFromRow": { "type": "integer" }, "textQualifier": { "type": "string" } }, "type": "object", "required": [ "containsHeader", "delimiter", "format", "startFromRow", "textQualifier" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetRowLevelPermissionDataSet:getDataSetRowLevelPermissionDataSet": { "properties": { "arn": { "type": "string" }, "formatVersion": { "type": "string" }, "namespace": { "type": "string" }, "permissionPolicy": { "type": "string" }, "status": { "type": "string" } }, "type": "object", "required": [ "arn", "formatVersion", "namespace", "permissionPolicy", "status" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetRowLevelPermissionTagConfiguration:getDataSetRowLevelPermissionTagConfiguration": { "properties": { "status": { "type": "string" }, "tagRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetRowLevelPermissionTagConfigurationTagRule:getDataSetRowLevelPermissionTagConfigurationTagRule" } } }, "type": "object", "required": [ "status", "tagRules" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getDataSetRowLevelPermissionTagConfigurationTagRule:getDataSetRowLevelPermissionTagConfigurationTagRule": { "properties": { "columnName": { "type": "string" }, "matchAllValue": { "type": "string" }, "tagKey": { "type": "string" }, "tagMultiValueDelimiter": { "type": "string" } }, "type": "object", "required": [ "columnName", "matchAllValue", "tagKey", "tagMultiValueDelimiter" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfiguration:getThemeConfiguration": { "properties": { "dataColorPalettes": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationDataColorPalette:getThemeConfigurationDataColorPalette" }, "description": "Color properties that apply to chart data colors. See data_color_palette.\n" }, "sheets": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheet:getThemeConfigurationSheet" }, "description": "Display options related to sheets. See sheet.\n" }, "typographies": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationTypography:getThemeConfigurationTypography" }, "description": "Determines the typography options. See typography.\n" }, "uiColorPalettes": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationUiColorPalette:getThemeConfigurationUiColorPalette" }, "description": "Color properties that apply to the UI and to charts, excluding the colors that apply to data. See ui_color_palette.\n" } }, "type": "object", "required": [ "dataColorPalettes", "sheets", "typographies", "uiColorPalettes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationDataColorPalette:getThemeConfigurationDataColorPalette": { "properties": { "colors": { "type": "array", "items": { "type": "string" }, "description": "List of hexadecimal codes for the colors. Minimum of 8 items and maximum of 20 items.\n" }, "emptyFillColor": { "type": "string", "description": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.\n" }, "minMaxGradients": { "type": "array", "items": { "type": "string" }, "description": "The minimum and maximum hexadecimal codes that describe a color gradient. List of exactly 2 items.\n" } }, "type": "object", "required": [ "colors", "emptyFillColor", "minMaxGradients" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheet:getThemeConfigurationSheet": { "properties": { "tileLayouts": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheetTileLayout:getThemeConfigurationSheetTileLayout" }, "description": "The layout options for tiles. See tile_layout.\n" }, "tiles": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheetTile:getThemeConfigurationSheetTile" }, "description": "The display options for tiles. See tile.\n" } }, "type": "object", "required": [ "tiles", "tileLayouts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheetTile:getThemeConfigurationSheetTile": { "properties": { "borders": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheetTileBorder:getThemeConfigurationSheetTileBorder" }, "description": "The border around a tile. See border.\n" } }, "type": "object", "required": [ "borders" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheetTileBorder:getThemeConfigurationSheetTileBorder": { "properties": { "show": { "type": "boolean", "description": "This Boolean value controls whether to display sheet margins.\n" } }, "type": "object", "required": [ "show" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheetTileLayout:getThemeConfigurationSheetTileLayout": { "properties": { "gutters": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheetTileLayoutGutter:getThemeConfigurationSheetTileLayoutGutter" }, "description": "The gutter settings that apply between tiles. See gutter.\n" }, "margins": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationSheetTileLayoutMargin:getThemeConfigurationSheetTileLayoutMargin" }, "description": "The margin settings that apply around the outside edge of sheets. See margin.\n" } }, "type": "object", "required": [ "gutters", "margins" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheetTileLayoutGutter:getThemeConfigurationSheetTileLayoutGutter": { "properties": { "show": { "type": "boolean", "description": "This Boolean value controls whether to display sheet margins.\n" } }, "type": "object", "required": [ "show" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationSheetTileLayoutMargin:getThemeConfigurationSheetTileLayoutMargin": { "properties": { "show": { "type": "boolean", "description": "This Boolean value controls whether to display sheet margins.\n" } }, "type": "object", "required": [ "show" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationTypography:getThemeConfigurationTypography": { "properties": { "fontFamilies": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getThemeConfigurationTypographyFontFamily:getThemeConfigurationTypographyFontFamily" }, "description": "Determines the list of font families. Maximum number of 5 items. See font_families.\n" } }, "type": "object", "required": [ "fontFamilies" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationTypographyFontFamily:getThemeConfigurationTypographyFontFamily": { "properties": { "fontFamily": { "type": "string", "description": "Font family name.\n" } }, "type": "object", "required": [ "fontFamily" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemeConfigurationUiColorPalette:getThemeConfigurationUiColorPalette": { "properties": { "accent": { "type": "string", "description": "Color (hexadecimal) that applies to selected states and buttons.\n" }, "accentForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the accent color.\n" }, "danger": { "type": "string", "description": "Color (hexadecimal) that applies to error messages.\n" }, "dangerForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the error color.\n" }, "dimension": { "type": "string", "description": "Color (hexadecimal) that applies to the names of fields that are identified as dimensions.\n" }, "dimensionForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the dimension color.\n" }, "measure": { "type": "string", "description": "Color (hexadecimal) that applies to the names of fields that are identified as measures.\n" }, "measureForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the measure color.\n" }, "primaryBackground": { "type": "string", "description": "Color (hexadecimal) that applies to visuals and other high emphasis UI.\n" }, "primaryForeground": { "type": "string", "description": "Color (hexadecimal) of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.\n" }, "secondaryBackground": { "type": "string", "description": "Color (hexadecimal) that applies to the sheet background and sheet controls.\n" }, "secondaryForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any sheet title, sheet control text, or UI that appears over the secondary background.\n" }, "success": { "type": "string", "description": "Color (hexadecimal) that applies to success messages, for example the check mark for a successful download.\n" }, "successForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the success color.\n" }, "warning": { "type": "string", "description": "Color (hexadecimal) that applies to warning and informational messages.\n" }, "warningForeground": { "type": "string", "description": "Color (hexadecimal) that applies to any text or other elements that appear over the warning color.\n" } }, "type": "object", "required": [ "accent", "accentForeground", "danger", "dangerForeground", "dimension", "dimensionForeground", "measure", "measureForeground", "primaryBackground", "primaryForeground", "secondaryBackground", "secondaryForeground", "success", "successForeground", "warning", "warningForeground" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:quicksight/getThemePermission:getThemePermission": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "List of IAM actions to grant or revoke permissions on.\n" }, "principal": { "type": "string", "description": "ARN of the principal. See the [ResourcePermission documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ResourcePermission.html) for the applicable ARN values.\n" } }, "type": "object", "required": [ "actions", "principal" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ram/getResourceShareFilter:getResourceShareFilter": { "properties": { "name": { "type": "string", "description": "Name of the tag key to filter on.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Value of the tag key.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:rbin/RuleLockConfiguration:RuleLockConfiguration": { "properties": { "unlockDelay": { "$ref": "#/types/aws:rbin/RuleLockConfigurationUnlockDelay:RuleLockConfigurationUnlockDelay", "description": "Information about the retention rule unlock delay. See `unlock_delay` below.\n" } }, "type": "object", "required": [ "unlockDelay" ] }, "aws:rbin/RuleLockConfigurationUnlockDelay:RuleLockConfigurationUnlockDelay": { "properties": { "unlockDelayUnit": { "type": "string", "description": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.\n" }, "unlockDelayValue": { "type": "integer", "description": "The unlock delay period, measured in the unit specified for UnlockDelayUnit.\n" } }, "type": "object", "required": [ "unlockDelayUnit", "unlockDelayValue" ] }, "aws:rbin/RuleResourceTag:RuleResourceTag": { "properties": { "resourceTagKey": { "type": "string", "description": "The tag key.\n\nThe following argument is optional:\n" }, "resourceTagValue": { "type": "string", "description": "The tag value.\n" } }, "type": "object", "required": [ "resourceTagKey" ] }, "aws:rbin/RuleRetentionPeriod:RuleRetentionPeriod": { "properties": { "retentionPeriodUnit": { "type": "string", "description": "The unit of time in which the retention period is measured. Currently, only DAYS is supported.\n" }, "retentionPeriodValue": { "type": "integer", "description": "The period value for which the retention rule is to retain resources. The period is measured using the unit specified for RetentionPeriodUnit.\n" } }, "type": "object", "required": [ "retentionPeriodUnit", "retentionPeriodValue" ] }, "aws:rds/ClusterMasterUserSecret:ClusterMasterUserSecret": { "properties": { "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "secretArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the secret.\n" }, "secretStatus": { "type": "string", "description": "Status of the secret. Valid Values: `creating` | `active` | `rotating` | `impaired`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId", "secretArn", "secretStatus" ] } } }, "aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "\"immediate\" (default), or \"pending-reboot\". Some\nengines can't apply some parameters without a reboot, and you will need to\nspecify \"pending-reboot\" here.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "value": { "type": "string", "description": "The value of the DB parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:rds/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime": { "properties": { "restoreToTime": { "type": "string", "description": "Date and time in UTC format to restore the database cluster to. Conflicts with `use_latest_restorable_time`.\n", "willReplaceOnChanges": true }, "restoreType": { "type": "string", "description": "Type of restore to be performed.\nValid options are `full-copy` (default) and `copy-on-write`.\n", "willReplaceOnChanges": true }, "sourceClusterIdentifier": { "type": "string", "description": "Identifier of the source database cluster from which to restore. When restoring from a cluster in another AWS account, the identifier is the ARN of that cluster.\n", "willReplaceOnChanges": true }, "useLatestRestorableTime": { "type": "boolean", "description": "Set to true to restore the database cluster to the latest restorable backup time. Defaults to false. Conflicts with `restore_to_time`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "sourceClusterIdentifier" ] }, "aws:rds/ClusterS3Import:ClusterS3Import": { "properties": { "bucketName": { "type": "string", "description": "Bucket name where your backup is stored\n", "willReplaceOnChanges": true }, "bucketPrefix": { "type": "string", "description": "Can be blank, but is the path to your backup\n", "willReplaceOnChanges": true }, "ingestionRole": { "type": "string", "description": "Role applied to load the data.\n", "willReplaceOnChanges": true }, "sourceEngine": { "type": "string", "description": "Source engine for the backup\n", "willReplaceOnChanges": true }, "sourceEngineVersion": { "type": "string", "description": "Version of the source engine used to make the backup\n\nThis will not recreate the resource if the S3 object changes in some way. It's only used to initialize the database. This only works currently with the aurora engine. See AWS for currently supported engines and options. See [Aurora S3 Migration Docs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Migrating.ExtMySQL.html#AuroraMySQL.Migrating.ExtMySQL.S3).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucketName", "ingestionRole", "sourceEngine", "sourceEngineVersion" ] }, "aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration": { "properties": { "autoPause": { "type": "boolean", "description": "Whether to enable automatic pause. A DB cluster can be paused only when it's idle (it has no connections). If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it. Defaults to `true`.\n" }, "maxCapacity": { "type": "integer", "description": "Maximum capacity for an Aurora DB cluster in `serverless` DB engine mode. The maximum capacity must be greater than or equal to the minimum capacity. Valid Aurora MySQL capacity values are `1`, `2`, `4`, `8`, `16`, `32`, `64`, `128`, `256`. Valid Aurora PostgreSQL capacity values are (`2`, `4`, `8`, `16`, `32`, `64`, `192`, and `384`). Defaults to `16`.\n" }, "minCapacity": { "type": "integer", "description": "Minimum capacity for an Aurora DB cluster in `serverless` DB engine mode. The minimum capacity must be lesser than or equal to the maximum capacity. Valid Aurora MySQL capacity values are `1`, `2`, `4`, `8`, `16`, `32`, `64`, `128`, `256`. Valid Aurora PostgreSQL capacity values are (`2`, `4`, `8`, `16`, `32`, `64`, `192`, and `384`). Defaults to `1`.\n" }, "secondsBeforeTimeout": { "type": "integer", "description": "Amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. Valid values are `60` through `600`. Defaults to `300`.\n" }, "secondsUntilAutoPause": { "type": "integer", "description": "Time, in seconds, before an Aurora DB cluster in serverless mode is paused. Valid values are `300` through `86400`. Defaults to `300`.\n" }, "timeoutAction": { "type": "string", "description": "Action to take when the timeout is reached. Valid values: `ForceApplyCapacityChange`, `RollbackCapacityChange`. Defaults to `RollbackCapacityChange`. See [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v1.how-it-works.html#aurora-serverless.how-it-works.timeout-action).\n" } }, "type": "object" }, "aws:rds/ClusterServerlessv2ScalingConfiguration:ClusterServerlessv2ScalingConfiguration": { "properties": { "maxCapacity": { "type": "number", "description": "Maximum capacity for an Aurora DB cluster in `provisioned` DB engine mode. The maximum capacity must be greater than or equal to the minimum capacity. Valid capacity values are in a range of `0.5` up to `128` in steps of `0.5`.\n" }, "minCapacity": { "type": "number", "description": "Minimum capacity for an Aurora DB cluster in `provisioned` DB engine mode. The minimum capacity must be lesser than or equal to the maximum capacity. Valid capacity values are in a range of `0.5` up to `128` in steps of `0.5`.\n" } }, "type": "object", "required": [ "maxCapacity", "minCapacity" ] }, "aws:rds/EngineMode:EngineMode": { "type": "string", "enum": [ { "name": "Provisioned", "value": "provisioned" }, { "name": "Serverless", "value": "serverless" }, { "name": "ParallelQuery", "value": "parallelquery" }, { "name": "Global", "value": "global" } ] }, "aws:rds/EngineType:EngineType": { "type": "string", "enum": [ { "name": "Aurora", "value": "aurora" }, { "name": "AuroraMysql", "value": "aurora-mysql" }, { "name": "AuroraPostgresql", "value": "aurora-postgresql" } ] }, "aws:rds/ExportTaskTimeouts:ExportTaskTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:rds/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember": { "properties": { "dbClusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of member DB Cluster\n" }, "isWriter": { "type": "boolean", "description": "Whether the member is the primary DB Cluster\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "dbClusterArn", "isWriter" ] } } }, "aws:rds/InstanceBlueGreenUpdate:InstanceBlueGreenUpdate": { "properties": { "enabled": { "type": "boolean", "description": "Enables low-downtime updates when `true`.\nDefault is `false`.\n\n[instance-replication]:\nhttps://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Replication.html\n[instance-maintenance]:\nhttps://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html\n[blue-green]:\nhttps://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/blue-green-deployments.html\n" } }, "type": "object" }, "aws:rds/InstanceListenerEndpoint:InstanceListenerEndpoint": { "properties": { "address": { "type": "string", "description": "Specifies the DNS address of the DB instance.\n" }, "hostedZoneId": { "type": "string", "description": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "hostedZoneId", "port" ] } } }, "aws:rds/InstanceMasterUserSecret:InstanceMasterUserSecret": { "properties": { "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n" }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret.\n" }, "secretStatus": { "type": "string", "description": "The status of the secret. Valid Values: `creating` | `active` | `rotating` | `impaired`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId", "secretArn", "secretStatus" ] } } }, "aws:rds/InstanceRestoreToPointInTime:InstanceRestoreToPointInTime": { "properties": { "restoreTime": { "type": "string", "description": "The date and time to restore from. Value must be a time in Universal Coordinated Time (UTC) format and must be before the latest restorable time for the DB instance. Cannot be specified with `use_latest_restorable_time`.\n" }, "sourceDbInstanceAutomatedBackupsArn": { "type": "string", "description": "The ARN of the automated backup from which to restore. Required if `source_db_instance_identifier` or `source_dbi_resource_id` is not specified.\n" }, "sourceDbInstanceIdentifier": { "type": "string", "description": "The identifier of the source DB instance from which to restore. Must match the identifier of an existing DB instance. Required if `source_db_instance_automated_backups_arn` or `source_dbi_resource_id` is not specified.\n" }, "sourceDbiResourceId": { "type": "string", "description": "The resource ID of the source DB instance from which to restore. Required if `source_db_instance_identifier` or `source_db_instance_automated_backups_arn` is not specified.\n" }, "useLatestRestorableTime": { "type": "boolean", "description": "A boolean value that indicates whether the DB instance is restored from the latest backup time. Defaults to `false`. Cannot be specified with `restore_time`.\n" } }, "type": "object" }, "aws:rds/InstanceS3Import:InstanceS3Import": { "properties": { "bucketName": { "type": "string", "description": "The bucket name where your backup is stored\n", "willReplaceOnChanges": true }, "bucketPrefix": { "type": "string", "description": "Can be blank, but is the path to your backup\n", "willReplaceOnChanges": true }, "ingestionRole": { "type": "string", "description": "Role applied to load the data.\n", "willReplaceOnChanges": true }, "sourceEngine": { "type": "string", "description": "Source engine for the backup\n", "willReplaceOnChanges": true }, "sourceEngineVersion": { "type": "string", "description": "Version of the source engine used to make the backup\n\nThis will not recreate the resource if the S3 object changes in some way. It's only used to initialize the database.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucketName", "ingestionRole", "sourceEngine", "sourceEngineVersion" ] }, "aws:rds/InstanceType:InstanceType": { "type": "string", "enum": [ { "name": "T4G_Micro", "value": "db.t4g.micro" }, { "name": "T4G_Small", "value": "db.t4g.small" }, { "name": "T4G_Medium", "value": "db.t4g.medium" }, { "name": "T4G_Large", "value": "db.t4g.large" }, { "name": "T4G_XLarge", "value": "db.t4g.xlarge" }, { "name": "T4G_2XLarge", "value": "db.t4g.2xlarge" }, { "name": "T3_Micro", "value": "db.t3.micro" }, { "name": "T3_Small", "value": "db.t3.small" }, { "name": "T3_Medium", "value": "db.t3.medium" }, { "name": "T3_Large", "value": "db.t3.large" }, { "name": "T3_XLarge", "value": "db.t3.xlarge" }, { "name": "T3_2XLarge", "value": "db.t3.2xlarge" }, { "name": "T2_Micro", "value": "db.t2.micro" }, { "name": "T2_Small", "value": "db.t2.small" }, { "name": "T2_Medium", "value": "db.t2.medium" }, { "name": "T2_Large", "value": "db.t2.large" }, { "name": "T2_XLarge", "value": "db.t2.xlarge" }, { "name": "T2_2XLarge", "value": "db.t2.2xlarge" }, { "name": "M1_Small", "value": "db.m1.small" }, { "name": "M1_Medium", "value": "db.m1.medium" }, { "name": "M1_Large", "value": "db.m1.large" }, { "name": "M1_XLarge", "value": "db.m1.xlarge" }, { "name": "M2_XLarge", "value": "db.m2.xlarge" }, { "name": "M2_2XLarge", "value": "db.m2.2xlarge" }, { "name": "M2_4XLarge", "value": "db.m2.4xlarge" }, { "name": "M3_Medium", "value": "db.m3.medium" }, { "name": "M3_Large", "value": "db.m3.large" }, { "name": "M3_XLarge", "value": "db.m3.xlarge" }, { "name": "M3_2XLarge", "value": "db.m3.2xlarge" }, { "name": "M4_Large", "value": "db.m4.large" }, { "name": "M4_XLarge", "value": "db.m4.xlarge" }, { "name": "M4_2XLarge", "value": "db.m4.2xlarge" }, { "name": "M4_4XLarge", "value": "db.m4.4xlarge" }, { "name": "M4_10XLarge", "value": "db.m4.10xlarge" }, { "name": "M4_16XLarge", "value": "db.m4.10xlarge" }, { "name": "M5_Large", "value": "db.m5.large" }, { "name": "M5_XLarge", "value": "db.m5.xlarge" }, { "name": "M5_2XLarge", "value": "db.m5.2xlarge" }, { "name": "M5_4XLarge", "value": "db.m5.4xlarge" }, { "name": "M5_12XLarge", "value": "db.m5.12xlarge" }, { "name": "M5_24XLarge", "value": "db.m5.24xlarge" }, { "name": "M6G_Large", "value": "db.m6g.large" }, { "name": "M6G_XLarge", "value": "db.m6g.xlarge" }, { "name": "M6G_2XLarge", "value": "db.m6g.2xlarge" }, { "name": "M6G_4XLarge", "value": "db.m6g.4xlarge" }, { "name": "M6G_8XLarge", "value": "db.m6g.8xlarge" }, { "name": "M6G_12XLarge", "value": "db.m6g.12xlarge" }, { "name": "M6G_16XLarge", "value": "db.m6g.16xlarge" }, { "name": "R3_Large", "value": "db.r3.large" }, { "name": "R3_XLarge", "value": "db.r3.xlarge" }, { "name": "R3_2XLarge", "value": "db.r3.2xlarge" }, { "name": "R3_4XLarge", "value": "db.r3.4xlarge" }, { "name": "R3_8XLarge", "value": "db.r3.8xlarge" }, { "name": "R4_Large", "value": "db.r4.large" }, { "name": "R4_XLarge", "value": "db.r4.xlarge" }, { "name": "R4_2XLarge", "value": "db.r4.2xlarge" }, { "name": "R4_4XLarge", "value": "db.r4.4xlarge" }, { "name": "R4_8XLarge", "value": "db.r4.8xlarge" }, { "name": "R4_16XLarge", "value": "db.r4.16xlarge" }, { "name": "R5_Large", "value": "db.r5.large" }, { "name": "R5_XLarge", "value": "db.r5.xlarge" }, { "name": "R5_2XLarge", "value": "db.r5.2xlarge" }, { "name": "R5_4XLarge", "value": "db.r5.4xlarge" }, { "name": "R5_12XLarge", "value": "db.r5.12xlarge" }, { "name": "R5_24XLarge", "value": "db.r5.24xlarge" }, { "name": "R6G_Large", "value": "db.r6g.large" }, { "name": "R6G_XLarge", "value": "db.r6g.xlarge" }, { "name": "R6G_2XLarge", "value": "db.r6g.2xlarge" }, { "name": "R6G_4XLarge", "value": "db.r6g.4xlarge" }, { "name": "R6G_8XLarge", "value": "db.r6g.8xlarge" }, { "name": "R6G_12XLarge", "value": "db.r6g.12xlarge" }, { "name": "R6G_16XLarge", "value": "db.r6g.16xlarge" }, { "name": "X1_16XLarge", "value": "db.x1.16xlarge" }, { "name": "X1_32XLarge", "value": "db.x1.32xlarge" }, { "name": "X1E_XLarge", "value": "db.x1e.xlarge" }, { "name": "X1E_2XLarge", "value": "db.x1e.2xlarge" }, { "name": "X1E_4XLarge", "value": "db.x1e.4xlarge" }, { "name": "X1E_8XLarge", "value": "db.x1e.8xlarge" }, { "name": "X1E_32XLarge", "value": "db.x1e.32xlarge" } ] }, "aws:rds/OptionGroupOption:OptionGroupOption": { "properties": { "dbSecurityGroupMemberships": { "type": "array", "items": { "type": "string" }, "description": "List of DB Security Groups for which the option is enabled.\n" }, "optionName": { "type": "string", "description": "Name of the option (e.g., MEMCACHED).\n" }, "optionSettings": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOptionOptionSetting:OptionGroupOptionOptionSetting" }, "description": "The option settings to apply. See `option_settings` Block below for more details.\n" }, "port": { "type": "integer", "description": "Port number when connecting to the option (e.g., 11211). Leaving out or removing `port` from your configuration does not remove or clear a port from the option in AWS. AWS may assign a default port. Not including `port` in your configuration means that the AWS provider will ignore a previously set value, a value set by AWS, and any port changes.\n" }, "version": { "type": "string", "description": "Version of the option (e.g., 13.1.0.0). Leaving out or removing `version` from your configuration does not remove or clear a version from the option in AWS. AWS may assign a default version. Not including `version` in your configuration means that the AWS provider will ignore a previously set value, a value set by AWS, and any version changes.\n" }, "vpcSecurityGroupMemberships": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Security Groups for which the option is enabled.\n" } }, "type": "object", "required": [ "optionName" ] }, "aws:rds/OptionGroupOptionOptionSetting:OptionGroupOptionOptionSetting": { "properties": { "name": { "type": "string", "description": "Name of the setting.\n" }, "value": { "type": "string", "description": "Value of the setting.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:rds/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "applyMethod": { "type": "string", "description": "\"immediate\" (default), or \"pending-reboot\". Some\nengines can't apply some parameters without a reboot, and you will need to\nspecify \"pending-reboot\" here.\n", "default": "immediate" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "value": { "type": "string", "description": "The value of the DB parameter.\n" } }, "type": "object", "required": [ "name", "value" ], "language": { "nodejs": { "requiredOutputs": [ "applyMethod", "name", "value" ] } } }, "aws:rds/ProxyAuth:ProxyAuth": { "properties": { "authScheme": { "type": "string", "description": "The type of authentication that the proxy uses for connections from the proxy to the underlying database. One of `SECRETS`.\n" }, "clientPasswordAuthType": { "type": "string", "description": "The type of authentication the proxy uses for connections from clients. Valid values are `MYSQL_NATIVE_PASSWORD`, `POSTGRES_SCRAM_SHA_256`, `POSTGRES_MD5`, and `SQL_SERVER_AUTHENTICATION`.\n" }, "description": { "type": "string", "description": "A user-specified description about the authentication used by a proxy to log in as a specific database user.\n" }, "iamAuth": { "type": "string", "description": "Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. One of `DISABLED`, `REQUIRED`.\n" }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.\n" }, "username": { "type": "string", "description": "The name of the database user to which the proxy connects.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "clientPasswordAuthType" ] } } }, "aws:rds/ProxyDefaultTargetGroupConnectionPoolConfig:ProxyDefaultTargetGroupConnectionPoolConfig": { "properties": { "connectionBorrowTimeout": { "type": "integer", "description": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. Only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n" }, "initQuery": { "type": "string", "description": "One or more SQL statements for the proxy to run when opening each new database connection. Typically used with `SET` statements to make sure that each connection has identical settings such as time zone and character set. This setting is empty by default. For multiple statements, use semicolons as the separator. You can also include multiple variables in a single `SET` statement, such as `SET x=1, y=2`.\n" }, "maxConnectionsPercent": { "type": "integer", "description": "The maximum size of the connection pool for each target in a target group. For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance or Aurora DB cluster used by the target group.\n" }, "maxIdleConnectionsPercent": { "type": "integer", "description": "Controls how actively the proxy closes idle database connections in the connection pool. A high value enables the proxy to leave a high percentage of idle connections open. A low value causes the proxy to close idle client connections and return the underlying database connections to the connection pool. For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance or Aurora DB cluster used by the target group.\n" }, "sessionPinningFilters": { "type": "array", "items": { "type": "string" }, "description": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior. This setting is only supported for MySQL engine family databases. Currently, the only allowed value is `EXCLUDE_VARIABLE_SETS`.\n" } }, "type": "object" }, "aws:rds/ReservedInstanceRecurringCharge:ReservedInstanceRecurringCharge": { "properties": { "recurringChargeAmount": { "type": "integer" }, "recurringChargeFrequency": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "recurringChargeAmount", "recurringChargeFrequency" ] } } }, "aws:rds/StorageType:StorageType": { "type": "string", "enum": [ { "name": "Standard", "value": "standard" }, { "name": "GP2", "value": "gp2" }, { "name": "GP3", "value": "gp3" }, { "name": "IO1", "value": "io1" } ] }, "aws:rds/getClusterMasterUserSecret:getClusterMasterUserSecret": { "properties": { "kmsKeyId": { "type": "string" }, "secretArn": { "type": "string" }, "secretStatus": { "type": "string" } }, "type": "object", "required": [ "kmsKeyId", "secretArn", "secretStatus" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:rds/getClustersFilter:getClustersFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [RDS DescribeDBClusters API Reference](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:rds/getEngineVersionFilter:getEngineVersionFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:rds/getInstanceMasterUserSecret:getInstanceMasterUserSecret": { "properties": { "kmsKeyId": { "type": "string", "description": "The Amazon Web Services KMS key identifier that is used to encrypt the secret.\n" }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret.\n" }, "secretStatus": { "type": "string", "description": "The status of the secret. Valid Values: `creating` | `active` | `rotating` | `impaired`.\n" } }, "type": "object", "required": [ "kmsKeyId", "secretArn", "secretStatus" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:rds/getInstancesFilter:getInstancesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [RDS DescribeDBClusters API Reference](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) or [RDS DescribeDBInstances API Reference](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:rds/getProxyAuth:getProxyAuth": { "properties": { "authScheme": { "type": "string" }, "clientPasswordAuthType": { "type": "string" }, "description": { "type": "string" }, "iamAuth": { "type": "string" }, "secretArn": { "type": "string" }, "username": { "type": "string" } }, "type": "object", "required": [ "authScheme", "clientPasswordAuthType", "description", "iamAuth", "secretArn", "username" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshift/ClusterClusterNode:ClusterClusterNode": { "properties": { "nodeRole": { "type": "string", "description": "Whether the node is a leader node or a compute node\n" }, "privateIpAddress": { "type": "string", "description": "The private IP address of a node within a cluster\n" }, "publicIpAddress": { "type": "string", "description": "The public IP address of a node within a cluster\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "nodeRole", "privateIpAddress", "publicIpAddress" ] } } }, "aws:redshift/ClusterLogging:ClusterLogging": { "properties": { "bucketName": { "type": "string", "description": "The name of an existing S3 bucket where the log files are to be stored. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions.\nFor more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\n" }, "enable": { "type": "boolean", "description": "Enables logging information such as queries and connection attempts, for the specified Amazon Redshift cluster.\n" }, "logDestinationType": { "type": "string", "description": "The log destination type. An enum with possible values of `s3` and `cloudwatch`.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "The collection of exported log types. Log types include the connection log, user log and user activity log. Required when `log_destination_type` is `cloudwatch`. Valid log types are `connectionlog`, `userlog`, and `useractivitylog`.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix applied to the log file names.\n" } }, "type": "object", "required": [ "enable" ], "language": { "nodejs": { "requiredOutputs": [ "bucketName", "enable", "s3KeyPrefix" ] } } }, "aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy": { "properties": { "destinationRegion": { "type": "string", "description": "The destination region that you want to copy snapshots to.\n" }, "grantName": { "type": "string", "description": "The name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region.\n" }, "retentionPeriod": { "type": "integer", "description": "The number of days to retain automated snapshots in the destination region after they are copied from the source region. Defaults to `7`.\n" } }, "type": "object", "required": [ "destinationRegion" ] }, "aws:redshift/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint": { "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:redshift/EndpointAccessVpcEndpointNetworkInterface:EndpointAccessVpcEndpointNetworkInterface" }, "description": "One or more network interfaces of the endpoint. Also known as an interface endpoint. See details below.\n" }, "vpcEndpointId": { "type": "string", "description": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.\n" }, "vpcId": { "type": "string", "description": "The VPC identifier that the endpoint is associated.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "networkInterfaces", "vpcEndpointId", "vpcId" ] } } }, "aws:redshift/EndpointAccessVpcEndpointNetworkInterface:EndpointAccessVpcEndpointNetworkInterface": { "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface identifier.\n" }, "privateIpAddress": { "type": "string", "description": "The IPv4 address of the network interface within the subnet.\n" }, "subnetId": { "type": "string", "description": "The subnet identifier.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZone", "networkInterfaceId", "privateIpAddress", "subnetId" ] } } }, "aws:redshift/ParameterGroupParameter:ParameterGroupParameter": { "properties": { "name": { "type": "string", "description": "The name of the Redshift parameter.\n" }, "value": { "type": "string", "description": "The value of the Redshift parameter.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:redshift/ScheduledActionTargetAction:ScheduledActionTargetAction": { "properties": { "pauseCluster": { "$ref": "#/types/aws:redshift/ScheduledActionTargetActionPauseCluster:ScheduledActionTargetActionPauseCluster", "description": "An action that runs a `PauseCluster` API operation. Documented below.\n" }, "resizeCluster": { "$ref": "#/types/aws:redshift/ScheduledActionTargetActionResizeCluster:ScheduledActionTargetActionResizeCluster", "description": "An action that runs a `ResizeCluster` API operation. Documented below.\n" }, "resumeCluster": { "$ref": "#/types/aws:redshift/ScheduledActionTargetActionResumeCluster:ScheduledActionTargetActionResumeCluster", "description": "An action that runs a `ResumeCluster` API operation. Documented below.\n" } }, "type": "object" }, "aws:redshift/ScheduledActionTargetActionPauseCluster:ScheduledActionTargetActionPauseCluster": { "properties": { "clusterIdentifier": { "type": "string", "description": "The identifier of the cluster to be paused.\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "aws:redshift/ScheduledActionTargetActionResizeCluster:ScheduledActionTargetActionResizeCluster": { "properties": { "classic": { "type": "boolean", "description": "A boolean value indicating whether the resize operation is using the classic resize process. Default: `false`.\n" }, "clusterIdentifier": { "type": "string", "description": "The unique identifier for the cluster to resize.\n" }, "clusterType": { "type": "string", "description": "The new cluster type for the specified cluster.\n" }, "nodeType": { "type": "string", "description": "The new node type for the nodes you are adding.\n" }, "numberOfNodes": { "type": "integer", "description": "The new number of nodes for the cluster.\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "aws:redshift/ScheduledActionTargetActionResumeCluster:ScheduledActionTargetActionResumeCluster": { "properties": { "clusterIdentifier": { "type": "string", "description": "The identifier of the cluster to be resumed.\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "aws:redshift/getClusterClusterNode:getClusterClusterNode": { "properties": { "nodeRole": { "type": "string", "description": "Whether the node is a leader node or a compute node\n" }, "privateIpAddress": { "type": "string", "description": "Private IP address of a node within a cluster\n" }, "publicIpAddress": { "type": "string", "description": "Public IP address of a node within a cluster\n" } }, "type": "object", "required": [ "nodeRole", "privateIpAddress", "publicIpAddress" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshift/getDataSharesDataShare:getDataSharesDataShare": { "properties": { "dataShareArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the data share.\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the producer.\n" } }, "type": "object", "required": [ "dataShareArn", "managedBy", "producerArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshift/getProducerDataSharesDataShare:getProducerDataSharesDataShare": { "properties": { "dataShareArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the data share.\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer namespace that returns in the list of datashares.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "dataShareArn", "managedBy", "producerArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshiftdata/StatementParameter:StatementParameter": { "properties": { "name": { "type": "string", "willReplaceOnChanges": true }, "value": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "value" ] }, "aws:redshiftserverless/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint": { "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/EndpointAccessVpcEndpointNetworkInterface:EndpointAccessVpcEndpointNetworkInterface" }, "description": "The network interfaces of the endpoint.. See `Network Interface` below.\n" }, "vpcEndpointId": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "vpcId": { "type": "string", "description": "The port that Amazon Redshift Serverless listens on.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "networkInterfaces", "vpcEndpointId", "vpcId" ] } } }, "aws:redshiftserverless/EndpointAccessVpcEndpointNetworkInterface:EndpointAccessVpcEndpointNetworkInterface": { "properties": { "availabilityZone": { "type": "string", "description": "The availability Zone.\n" }, "networkInterfaceId": { "type": "string", "description": "The unique identifier of the network interface.\n" }, "privateIpAddress": { "type": "string", "description": "The IPv4 address of the network interface within the subnet.\n" }, "subnetId": { "type": "string", "description": "The unique identifier of the subnet.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZone", "networkInterfaceId", "privateIpAddress", "subnetId" ] } } }, "aws:redshiftserverless/WorkgroupConfigParameter:WorkgroupConfigParameter": { "properties": { "parameterKey": { "type": "string", "description": "The key of the parameter. The options are `auto_mv`, `datestyle`, `enable_case_sensitive_identifier`, `enable_user_activity_logging`, `query_group`, `search_path`, `require_ssl`, `use_fips_ssl`, and [query monitoring metrics](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) that let you define performance boundaries: `max_query_cpu_time`, `max_query_blocks_read`, `max_scan_row_count`, `max_query_execution_time`, `max_query_queue_time`, `max_query_cpu_usage_percent`, `max_query_temp_blocks_to_disk`, `max_join_row_count` and `max_nested_loop_join_row_count`.\n" }, "parameterValue": { "type": "string", "description": "The value of the parameter to set.\n" } }, "type": "object", "required": [ "parameterKey", "parameterValue" ] }, "aws:redshiftserverless/WorkgroupEndpoint:WorkgroupEndpoint": { "properties": { "address": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupEndpointVpcEndpoint:WorkgroupEndpointVpcEndpoint" }, "description": "The VPC endpoint or the Redshift Serverless workgroup. See `VPC Endpoint` below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "address", "port", "vpcEndpoints" ] } } }, "aws:redshiftserverless/WorkgroupEndpointVpcEndpoint:WorkgroupEndpointVpcEndpoint": { "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupEndpointVpcEndpointNetworkInterface:WorkgroupEndpointVpcEndpointNetworkInterface" }, "description": "The network interfaces of the endpoint.. See `Network Interface` below.\n" }, "vpcEndpointId": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "vpcId": { "type": "string", "description": "The port that Amazon Redshift Serverless listens on.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "networkInterfaces", "vpcEndpointId", "vpcId" ] } } }, "aws:redshiftserverless/WorkgroupEndpointVpcEndpointNetworkInterface:WorkgroupEndpointVpcEndpointNetworkInterface": { "properties": { "availabilityZone": { "type": "string", "description": "The availability Zone.\n" }, "networkInterfaceId": { "type": "string", "description": "The unique identifier of the network interface.\n" }, "privateIpAddress": { "type": "string", "description": "The IPv4 address of the network interface within the subnet.\n" }, "subnetId": { "type": "string", "description": "The unique identifier of the subnet.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "availabilityZone", "networkInterfaceId", "privateIpAddress", "subnetId" ] } } }, "aws:redshiftserverless/getWorkgroupEndpoint:getWorkgroupEndpoint": { "properties": { "address": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "port": { "type": "integer", "description": "The port that Amazon Redshift Serverless listens on.\n" }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/getWorkgroupEndpointVpcEndpoint:getWorkgroupEndpointVpcEndpoint" }, "description": "The VPC endpoint or the Redshift Serverless workgroup. See `VPC Endpoint` below.\n" } }, "type": "object", "required": [ "address", "port", "vpcEndpoints" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshiftserverless/getWorkgroupEndpointVpcEndpoint:getWorkgroupEndpointVpcEndpoint": { "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/getWorkgroupEndpointVpcEndpointNetworkInterface:getWorkgroupEndpointVpcEndpointNetworkInterface" }, "description": "The network interfaces of the endpoint.. See `Network Interface` below.\n" }, "vpcEndpointId": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "vpcId": { "type": "string", "description": "The port that Amazon Redshift Serverless listens on.\n" } }, "type": "object", "required": [ "networkInterfaces", "vpcEndpointId", "vpcId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:redshiftserverless/getWorkgroupEndpointVpcEndpointNetworkInterface:getWorkgroupEndpointVpcEndpointNetworkInterface": { "properties": { "availabilityZone": { "type": "string", "description": "The availability Zone.\n" }, "networkInterfaceId": { "type": "string", "description": "The unique identifier of the network interface.\n" }, "privateIpAddress": { "type": "string", "description": "The IPv4 address of the network interface within the subnet.\n" }, "subnetId": { "type": "string", "description": "The unique identifier of the subnet.\n" } }, "type": "object", "required": [ "availabilityZone", "networkInterfaceId", "privateIpAddress", "subnetId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:rekognition/CollectionTimeouts:CollectionTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:rekognition/ProjectTimeouts:ProjectTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorDataSharingPreference:StreamProcessorDataSharingPreference": { "properties": { "optIn": { "type": "boolean", "description": "Whether you are sharing data with Rekognition to improve model performance.\n" } }, "type": "object", "required": [ "optIn" ] }, "aws:rekognition/StreamProcessorInput:StreamProcessorInput": { "properties": { "kinesisVideoStream": { "$ref": "#/types/aws:rekognition/StreamProcessorInputKinesisVideoStream:StreamProcessorInputKinesisVideoStream", "description": "Kinesis input stream. See `kinesis_video_stream`.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorInputKinesisVideoStream:StreamProcessorInputKinesisVideoStream": { "properties": { "arn": { "type": "string", "description": "ARN of the Kinesis video stream stream that streams the source video.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:rekognition/StreamProcessorNotificationChannel:StreamProcessorNotificationChannel": { "properties": { "snsTopicArn": { "type": "string", "description": "The Amazon Resource Number (ARN) of the Amazon Amazon Simple Notification Service topic to which Amazon Rekognition posts the completion status.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorOutput:StreamProcessorOutput": { "properties": { "kinesisDataStream": { "$ref": "#/types/aws:rekognition/StreamProcessorOutputKinesisDataStream:StreamProcessorOutputKinesisDataStream", "description": "The Amazon Kinesis Data Streams stream to which the Amazon Rekognition stream processor streams the analysis results. See `kinesis_data_stream`.\n" }, "s3Destination": { "$ref": "#/types/aws:rekognition/StreamProcessorOutputS3Destination:StreamProcessorOutputS3Destination", "description": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. See `s3_destination`.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorOutputKinesisDataStream:StreamProcessorOutputKinesisDataStream": { "properties": { "arn": { "type": "string", "description": "ARN of the output Amazon Kinesis Data Streams stream.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorOutputS3Destination:StreamProcessorOutputS3Destination": { "properties": { "bucket": { "type": "string", "description": "Name of the Amazon S3 bucket you want to associate with the streaming video project.\n" }, "keyPrefix": { "type": "string", "description": "The prefix value of the location within the bucket that you want the information to be published to.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorRegionsOfInterest:StreamProcessorRegionsOfInterest": { "properties": { "boundingBox": { "$ref": "#/types/aws:rekognition/StreamProcessorRegionsOfInterestBoundingBox:StreamProcessorRegionsOfInterestBoundingBox", "description": "Box representing a region of interest on screen. Only 1 per region is allowed. See `bounding_box`.\n" }, "polygons": { "type": "array", "items": { "$ref": "#/types/aws:rekognition/StreamProcessorRegionsOfInterestPolygon:StreamProcessorRegionsOfInterestPolygon" }, "description": "Shape made up of up to 10 Point objects to define a region of interest. See `polygon`.\n" } }, "type": "object", "required": [ "polygons" ] }, "aws:rekognition/StreamProcessorRegionsOfInterestBoundingBox:StreamProcessorRegionsOfInterestBoundingBox": { "properties": { "height": { "type": "number", "description": "Height of the bounding box as a ratio of the overall image height.\n" }, "left": { "type": "number", "description": "Left coordinate of the bounding box as a ratio of overall image width.\n" }, "top": { "type": "number", "description": "Top coordinate of the bounding box as a ratio of overall image height.\n" }, "width": { "type": "number", "description": "Width of the bounding box as a ratio of the overall image width.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorRegionsOfInterestPolygon:StreamProcessorRegionsOfInterestPolygon": { "properties": { "x": { "type": "number", "description": "The value of the X coordinate for a point on a Polygon.\n" }, "y": { "type": "number", "description": "The value of the Y coordinate for a point on a Polygon.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorSettings:StreamProcessorSettings": { "properties": { "connectedHome": { "$ref": "#/types/aws:rekognition/StreamProcessorSettingsConnectedHome:StreamProcessorSettingsConnectedHome", "description": "Label detection settings to use on a streaming video. See `connected_home`.\n" }, "faceSearch": { "$ref": "#/types/aws:rekognition/StreamProcessorSettingsFaceSearch:StreamProcessorSettingsFaceSearch", "description": "Input face recognition parameters for an Amazon Rekognition stream processor. See `face_search`.\n" } }, "type": "object" }, "aws:rekognition/StreamProcessorSettingsConnectedHome:StreamProcessorSettingsConnectedHome": { "properties": { "labels": { "type": "array", "items": { "type": "string" }, "description": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: `PERSON`, `PET`, `PACKAGE`, and `ALL`.\n" }, "minConfidence": { "type": "number", "description": "Minimum confidence required to label an object in the video.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "minConfidence" ] } } }, "aws:rekognition/StreamProcessorSettingsFaceSearch:StreamProcessorSettingsFaceSearch": { "properties": { "collectionId": { "type": "string", "description": "ID of a collection that contains faces that you want to search for.\n" }, "faceMatchThreshold": { "type": "number", "description": "Minimum face match confidence score that must be met to return a result for a recognized face.\n" } }, "type": "object", "required": [ "collectionId" ], "language": { "nodejs": { "requiredOutputs": [ "collectionId", "faceMatchThreshold" ] } } }, "aws:rekognition/StreamProcessorTimeouts:StreamProcessorTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:resourceexplorer/IndexTimeouts:IndexTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:resourceexplorer/SearchResource:SearchResource": { "properties": { "arn": { "type": "string", "description": "Amazon resource name of resource.\n" }, "lastReportedAt": { "type": "string", "description": "The date and time that the information about this resource property was last updated.\n" }, "owningAccountId": { "type": "string", "description": "Amazon Web Services account that owns the resource.\n" }, "properties": { "type": "array", "items": { "$ref": "#/types/aws:resourceexplorer/SearchResourceProperty:SearchResourceProperty" }, "description": "Structure with additional type-specific details about the resource. See `properties` below.\n" }, "region": { "type": "string", "description": "Amazon Web Services Region in which the resource was created and exists.\n" }, "resourceType": { "type": "string", "description": "Type of the resource.\n" }, "service": { "type": "string", "description": "Amazon Web Service that owns the resource and is responsible for creating and updating it.\n" } }, "type": "object", "required": [ "arn", "lastReportedAt", "owningAccountId", "properties", "region", "resourceType", "service" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:resourceexplorer/SearchResourceCount:SearchResourceCount": { "properties": { "complete": { "type": "boolean", "description": "Indicates whether the TotalResources value represents an exhaustive count of search results. If True, it indicates that the search was exhaustive. Every resource that matches the query was counted. If False, then the search reached the limit of 1,000 matching results, and stopped counting.\n" }, "totalResources": { "type": "integer", "description": "Number of resources that match the search query. This value can't exceed 1,000. If there are more than 1,000 resources that match the query, then only 1,000 are counted and the Complete field is set to false. We recommend that you refine your query to return a smaller number of results.\n" } }, "type": "object", "required": [ "complete", "totalResources" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:resourceexplorer/SearchResourceProperty:SearchResourceProperty": { "properties": { "data": { "type": "string", "description": "Details about this property. The content of this field is a JSON object that varies based on the resource type.\n" }, "lastReportedAt": { "type": "string", "description": "The date and time that the information about this resource property was last updated.\n" }, "name": { "type": "string", "description": "Name of this property of the resource.\n" } }, "type": "object", "required": [ "data", "lastReportedAt", "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:resourceexplorer/ViewFilters:ViewFilters": { "properties": { "filterString": { "type": "string", "description": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a search operation. For more details, see [Search query syntax](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html).\n" } }, "type": "object", "required": [ "filterString" ] }, "aws:resourceexplorer/ViewIncludedProperty:ViewIncludedProperty": { "properties": { "name": { "type": "string", "description": "The name of the property that is included in this view. Valid values: `tags`.\n" } }, "type": "object", "required": [ "name" ] }, "aws:resourcegroups/GroupConfiguration:GroupConfiguration": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroups/GroupConfigurationParameter:GroupConfigurationParameter" }, "description": "A collection of parameters for this group configuration item. See below for details.\n" }, "type": { "type": "string", "description": "Specifies the type of group configuration item.\n" } }, "type": "object", "required": [ "type" ] }, "aws:resourcegroups/GroupConfigurationParameter:GroupConfigurationParameter": { "properties": { "name": { "type": "string", "description": "The name of the group configuration parameter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value or values to be used for the specified parameter.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:resourcegroups/GroupResourceQuery:GroupResourceQuery": { "properties": { "query": { "type": "string", "description": "The resource query as a JSON string.\n" }, "type": { "type": "string", "description": "The type of the resource query. Defaults to `TAG_FILTERS_1_0`.\n" } }, "type": "object", "required": [ "query" ] }, "aws:resourcegroupstaggingapi/getResourcesResourceTagMappingList:getResourcesResourceTagMappingList": { "properties": { "complianceDetails": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroupstaggingapi/getResourcesResourceTagMappingListComplianceDetail:getResourcesResourceTagMappingListComplianceDetail" }, "description": "List of objects with information that shows whether a resource is compliant with the effective tag policy, including details on any noncompliant tag keys.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "complianceDetails", "resourceArn", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:resourcegroupstaggingapi/getResourcesResourceTagMappingListComplianceDetail:getResourcesResourceTagMappingListComplianceDetail": { "properties": { "complianceStatus": { "type": "boolean", "description": "Whether the resource is compliant.\n* `keys_with_noncompliant_values ` - Set of tag keys with non-compliant tag values.\n* `non_compliant_keys ` - Set of non-compliant tag keys.\n" }, "keysWithNoncompliantValues": { "type": "array", "items": { "type": "string" } }, "nonCompliantKeys": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "complianceStatus", "keysWithNoncompliantValues", "nonCompliantKeys" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:resourcegroupstaggingapi/getResourcesTagFilter:getResourcesTagFilter": { "properties": { "key": { "type": "string", "description": "One part of a key-value pair that makes up a tag.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Optional part of a key-value pair that make up a tag.\n" } }, "type": "object", "required": [ "key" ] }, "aws:rolesanywhere/TrustAnchorSource:TrustAnchorSource": { "properties": { "sourceData": { "$ref": "#/types/aws:rolesanywhere/TrustAnchorSourceSourceData:TrustAnchorSourceSourceData", "description": "The data denoting the source of trust, documented below\n" }, "sourceType": { "type": "string", "description": "The type of the source of trust. Must be either `AWS_ACM_PCA` or `CERTIFICATE_BUNDLE`.\n" } }, "type": "object", "required": [ "sourceData", "sourceType" ] }, "aws:rolesanywhere/TrustAnchorSourceSourceData:TrustAnchorSourceSourceData": { "properties": { "acmPcaArn": { "type": "string", "description": "The ARN of an ACM Private Certificate Authority.\n" }, "x509CertificateData": { "type": "string" } }, "type": "object" }, "aws:route53/RecordAlias:RecordAlias": { "properties": { "evaluateTargetHealth": { "type": "boolean", "description": "Set to `true` if you want Route 53 to determine whether to respond to DNS queries using this resource record set by checking the health of the resource record set. Some resources have special requirements, see [related part of documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html#rrsets-values-alias-evaluate-target-health).\n" }, "name": { "type": "string", "description": "DNS domain name for a CloudFront distribution, S3 bucket, ELB, or another resource record set in this hosted zone.\n" }, "zoneId": { "type": "string", "description": "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. See `resource_elb.zone_id` for example.\n" } }, "type": "object", "required": [ "evaluateTargetHealth", "name", "zoneId" ] }, "aws:route53/RecordCidrRoutingPolicy:RecordCidrRoutingPolicy": { "properties": { "collectionId": { "type": "string", "description": "The CIDR collection ID. See the `aws.route53.CidrCollection` resource for more details.\n" }, "locationName": { "type": "string", "description": "The CIDR collection location name. See the `aws.route53.CidrLocation` resource for more details. A `location_name` with an asterisk `\"*\"` can be used to create a default CIDR record. `collection_id` is still required for default record.\n" } }, "type": "object", "required": [ "collectionId", "locationName" ] }, "aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy": { "properties": { "type": { "type": "string", "description": "`PRIMARY` or `SECONDARY`. A `PRIMARY` record will be served if its healthcheck is passing, otherwise the `SECONDARY` will be served. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html#dns-failover-failover-rrsets\n" } }, "type": "object", "required": [ "type" ] }, "aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy": { "properties": { "continent": { "type": "string", "description": "A two-letter continent code. See http://docs.aws.amazon.com/Route53/latest/APIReference/API_GetGeoLocation.html for code details. Either `continent` or `country` must be specified.\n" }, "country": { "type": "string", "description": "A two-character country code or `*` to indicate a default resource record set.\n" }, "subdivision": { "type": "string", "description": "A subdivision code for a country.\n" } }, "type": "object" }, "aws:route53/RecordGeoproximityRoutingPolicy:RecordGeoproximityRoutingPolicy": { "properties": { "awsRegion": { "type": "string", "description": "A AWS region where the resource is present.\n" }, "bias": { "type": "integer", "description": "Route more traffic or less traffic to the resource by specifying a value ranges between -90 to 90. See https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geoproximity.html for bias details.\n" }, "coordinates": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeoproximityRoutingPolicyCoordinate:RecordGeoproximityRoutingPolicyCoordinate" }, "description": "Specify `latitude` and `longitude` for routing traffic to non-AWS resources.\n" }, "localZoneGroup": { "type": "string", "description": "A AWS local zone group where the resource is present. See https://docs.aws.amazon.com/local-zones/latest/ug/available-local-zones.html for local zone group list.\n" } }, "type": "object" }, "aws:route53/RecordGeoproximityRoutingPolicyCoordinate:RecordGeoproximityRoutingPolicyCoordinate": { "properties": { "latitude": { "type": "string" }, "longitude": { "type": "string" } }, "type": "object", "required": [ "latitude", "longitude" ] }, "aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy": { "properties": { "region": { "type": "string", "description": "An AWS region from which to measure latency. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-latency\n" } }, "type": "object", "required": [ "region" ] }, "aws:route53/RecordType:RecordType": { "type": "string", "enum": [ { "value": "A" }, { "value": "AAAA" }, { "value": "CNAME" }, { "value": "CAA" }, { "value": "MX" }, { "value": "NAPTR" }, { "value": "NS" }, { "value": "PTR" }, { "value": "SOA" }, { "value": "SPF" }, { "value": "SRV" }, { "value": "TXT" } ] }, "aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy": { "properties": { "weight": { "type": "integer", "description": "A numeric value indicating the relative weight of the record. See http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted.\n" } }, "type": "object", "required": [ "weight" ] }, "aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress": { "properties": { "ip": { "type": "string", "description": "The IP address in the subnet that you want to use for DNS queries.\n" }, "ipId": { "type": "string" }, "subnetId": { "type": "string", "description": "The ID of the subnet that contains the IP address.\n" } }, "type": "object", "required": [ "subnetId" ], "language": { "nodejs": { "requiredOutputs": [ "ip", "ipId", "subnetId" ] } } }, "aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp": { "properties": { "ip": { "type": "string", "description": "One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.\n" }, "port": { "type": "integer", "description": "The port at `ip` that you want to forward DNS queries to. Default value is `53`.\n" }, "protocol": { "type": "string", "description": "The protocol for the resolver endpoint. Valid values can be found in the [AWS documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_TargetAddress.html). Default value is `Do53`.\n" } }, "type": "object", "required": [ "ip" ] }, "aws:route53/ZoneVpc:ZoneVpc": { "properties": { "vpcId": { "type": "string", "description": "ID of the VPC to associate.\n" }, "vpcRegion": { "type": "string", "description": "Region of the VPC to associate. Defaults to AWS provider region.\n" } }, "type": "object", "required": [ "vpcId" ], "language": { "nodejs": { "requiredOutputs": [ "vpcId", "vpcRegion" ] } } }, "aws:route53/getQueryLogConfigFilter:getQueryLogConfigFilter": { "properties": { "name": { "type": "string", "description": "The name of the query logging configuration.\n" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:route53/getResolverEndpointFilter:getResolverEndpointFilter": { "properties": { "name": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "name", "values" ] }, "aws:route53/getResolverFirewallRulesFirewallRule:getResolverFirewallRulesFirewallRule": { "properties": { "action": { "type": "string", "description": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list.\n" }, "blockOverrideDnsType": { "type": "string", "description": "The DNS record's type.\n" }, "blockOverrideDomain": { "type": "string", "description": "The custom DNS record to send back in response to the query.\n" }, "blockOverrideTtl": { "type": "integer", "description": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.\n" }, "blockResponse": { "type": "string", "description": "The way that you want DNS Firewall to block the request.\n" }, "creationTime": { "type": "string", "description": "The date and time that the rule was created, in Unix time format and Coordinated Universal Time (UTC).\n" }, "creatorRequestId": { "type": "string", "description": "A unique string defined by you to identify the request.\n" }, "firewallDomainListId": { "type": "string", "description": "The ID of the domain list that's used in the rule.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group that you want to retrieve the rules for.\n" }, "modificationTime": { "type": "string", "description": "The date and time that the rule was last modified, in Unix time format and Coordinated Universal Time (UTC).\n" }, "name": { "type": "string", "description": "The name of the rule.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rules in a rule group.\n" } }, "type": "object", "required": [ "action", "blockOverrideDnsType", "blockOverrideDomain", "blockOverrideTtl", "blockResponse", "creationTime", "creatorRequestId", "firewallDomainListId", "firewallRuleGroupId", "modificationTime", "name", "priority" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:route53/getTrafficPolicyDocumentEndpoint:getTrafficPolicyDocumentEndpoint": { "properties": { "id": { "type": "string", "description": "ID of an endpoint you want to assign.\n" }, "region": { "type": "string", "description": "To route traffic to an Amazon S3 bucket that is configured as a website endpoint, specify the region in which you created the bucket for `region`.\n" }, "type": { "type": "string", "description": "Type of the endpoint. Valid values are `value`, `cloudfront`, `elastic-load-balancer`, `s3-website`, `application-load-balancer`, `network-load-balancer` and `elastic-beanstalk`\n" }, "value": { "type": "string", "description": "Value of the `type`.\n" } }, "type": "object", "required": [ "id" ] }, "aws:route53/getTrafficPolicyDocumentRule:getTrafficPolicyDocumentRule": { "properties": { "geoProximityLocations": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRuleGeoProximityLocation:getTrafficPolicyDocumentRuleGeoProximityLocation" }, "description": "Configuration block for when you add a geoproximity rule, you configure Amazon Route 53 to route traffic to your resources based on the geographic location of your resources. Only valid for `geoproximity` type. See below\n" }, "id": { "type": "string", "description": "ID of a rule you want to assign.\n" }, "items": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRuleItem:getTrafficPolicyDocumentRuleItem" }, "description": "Configuration block for when you add a multivalue answer rule, you configure your traffic policy to route traffic approximately randomly to your healthy resources. Only valid for `multivalue` type. See below\n" }, "locations": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRuleLocation:getTrafficPolicyDocumentRuleLocation" }, "description": "Configuration block for when you add a geolocation rule, you configure your traffic policy to route your traffic based on the geographic location of your users. Only valid for `geo` type. See below\n" }, "primary": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRulePrimary:getTrafficPolicyDocumentRulePrimary", "description": "Configuration block for the settings for the rule or endpoint that you want to route traffic to whenever the corresponding resources are available. Only valid for `failover` type. See below\n" }, "regions": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRuleRegion:getTrafficPolicyDocumentRuleRegion" } }, "secondary": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRuleSecondary:getTrafficPolicyDocumentRuleSecondary", "description": "Configuration block for the rule or endpoint that you want to route traffic to whenever the primary resources are not available. Only valid for `failover` type. See below\n" }, "type": { "type": "string", "description": "Type of the rule.\n" } }, "type": "object", "required": [ "id" ] }, "aws:route53/getTrafficPolicyDocumentRuleGeoProximityLocation:getTrafficPolicyDocumentRuleGeoProximityLocation": { "properties": { "bias": { "type": "string", "description": "Specify a value for `bias` if you want to route more traffic to an endpoint from nearby endpoints (positive values) or route less traffic to an endpoint (negative values).\n" }, "endpointReference": { "type": "string", "description": "References to an endpoint.\n" }, "evaluateTargetHealth": { "type": "boolean", "description": "Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.\n" }, "healthCheck": { "type": "string", "description": "If you want to associate a health check with the endpoint or rule.\n" }, "latitude": { "type": "string", "description": "Represents the location south (negative) or north (positive) of the equator. Valid values are -90 degrees to 90 degrees.\n" }, "longitude": { "type": "string", "description": "Represents the location west (negative) or east (positive) of the prime meridian. Valid values are -180 degrees to 180 degrees.\n" }, "region": { "type": "string", "description": "If your endpoint is an AWS resource, specify the AWS Region that you created the resource in.\n" }, "ruleReference": { "type": "string", "description": "References to a rule.\n" } }, "type": "object" }, "aws:route53/getTrafficPolicyDocumentRuleItem:getTrafficPolicyDocumentRuleItem": { "properties": { "endpointReference": { "type": "string" }, "healthCheck": { "type": "string" } }, "type": "object" }, "aws:route53/getTrafficPolicyDocumentRuleLocation:getTrafficPolicyDocumentRuleLocation": { "properties": { "continent": { "type": "string", "description": "Value of a continent.\n" }, "country": { "type": "string", "description": "Value of a country.\n" }, "endpointReference": { "type": "string", "description": "References to an endpoint.\n" }, "evaluateTargetHealth": { "type": "boolean", "description": "Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.\n" }, "healthCheck": { "type": "string", "description": "If you want to associate a health check with the endpoint or rule.\n" }, "isDefault": { "type": "boolean", "description": "Indicates whether this set of values represents the default location.\n" }, "ruleReference": { "type": "string", "description": "References to a rule.\n" }, "subdivision": { "type": "string", "description": "Value of a subdivision.\n" } }, "type": "object" }, "aws:route53/getTrafficPolicyDocumentRulePrimary:getTrafficPolicyDocumentRulePrimary": { "properties": { "endpointReference": { "type": "string", "description": "References to an endpoint.\n" }, "evaluateTargetHealth": { "type": "boolean", "description": "Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.\n" }, "healthCheck": { "type": "string", "description": "If you want to associate a health check with the endpoint or rule.\n" }, "ruleReference": { "type": "string", "description": "References to a rule.\n" } }, "type": "object" }, "aws:route53/getTrafficPolicyDocumentRuleRegion:getTrafficPolicyDocumentRuleRegion": { "properties": { "endpointReference": { "type": "string", "description": "References to an endpoint.\n" }, "evaluateTargetHealth": { "type": "boolean", "description": "Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.\n" }, "healthCheck": { "type": "string", "description": "If you want to associate a health check with the endpoint or rule.\n" }, "region": { "type": "string", "description": "Region code for the AWS Region that you created the resource in.\n" }, "ruleReference": { "type": "string", "description": "References to a rule.\n" } }, "type": "object" }, "aws:route53/getTrafficPolicyDocumentRuleSecondary:getTrafficPolicyDocumentRuleSecondary": { "properties": { "endpointReference": { "type": "string" }, "evaluateTargetHealth": { "type": "boolean" }, "healthCheck": { "type": "string" }, "ruleReference": { "type": "string" } }, "type": "object" }, "aws:route53domains/DelegationSignerRecordSigningAttributes:DelegationSignerRecordSigningAttributes": { "properties": { "algorithm": { "type": "integer", "description": "Algorithm which was used to generate the digest from the public key.\n" }, "flags": { "type": "integer", "description": "Defines the type of key. It can be either a KSK (key-signing-key, value `257`) or ZSK (zone-signing-key, value `256`).\n" }, "publicKey": { "type": "string", "description": "The base64-encoded public key part of the key pair that is passed to the registry.\n" } }, "type": "object", "required": [ "algorithm", "flags", "publicKey" ] }, "aws:route53domains/DelegationSignerRecordTimeouts:DelegationSignerRecordTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:route53domains/RegisteredDomainAdminContact:RegisteredDomainAdminContact": { "properties": { "addressLine1": { "type": "string", "description": "First line of the contact's address.\n" }, "addressLine2": { "type": "string", "description": "Second line of contact's address, if any.\n" }, "city": { "type": "string", "description": "The city of the contact's address.\n" }, "contactType": { "type": "string", "description": "Indicates whether the contact is a person, company, association, or public organization. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-ContactType) for valid values.\n" }, "countryCode": { "type": "string", "description": "Code for the country of the contact's address. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-CountryCode) for valid values.\n" }, "email": { "type": "string", "description": "Email address of the contact.\n" }, "extraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of parameters required by certain top-level domains.\n" }, "fax": { "type": "string", "description": "Fax number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "firstName": { "type": "string", "description": "First name of contact.\n" }, "lastName": { "type": "string", "description": "Last name of contact.\n" }, "organizationName": { "type": "string", "description": "Name of the organization for contact types other than `PERSON`.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "state": { "type": "string", "description": "The state or province of the contact's city.\n" }, "zipCode": { "type": "string", "description": "The zip or postal code of the contact's address.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "addressLine1", "addressLine2", "city", "contactType", "countryCode", "email", "extraParams", "fax", "firstName", "lastName", "organizationName", "phoneNumber", "state", "zipCode" ] } } }, "aws:route53domains/RegisteredDomainBillingContact:RegisteredDomainBillingContact": { "properties": { "addressLine1": { "type": "string", "description": "First line of the contact's address.\n" }, "addressLine2": { "type": "string", "description": "Second line of contact's address, if any.\n" }, "city": { "type": "string", "description": "The city of the contact's address.\n" }, "contactType": { "type": "string", "description": "Indicates whether the contact is a person, company, association, or public organization. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-ContactType) for valid values.\n" }, "countryCode": { "type": "string", "description": "Code for the country of the contact's address. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-CountryCode) for valid values.\n" }, "email": { "type": "string", "description": "Email address of the contact.\n" }, "extraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of parameters required by certain top-level domains.\n" }, "fax": { "type": "string", "description": "Fax number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "firstName": { "type": "string", "description": "First name of contact.\n" }, "lastName": { "type": "string", "description": "Last name of contact.\n" }, "organizationName": { "type": "string", "description": "Name of the organization for contact types other than `PERSON`.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "state": { "type": "string", "description": "The state or province of the contact's city.\n" }, "zipCode": { "type": "string", "description": "The zip or postal code of the contact's address.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "addressLine1", "addressLine2", "city", "contactType", "countryCode", "email", "extraParams", "fax", "firstName", "lastName", "organizationName", "phoneNumber", "state", "zipCode" ] } } }, "aws:route53domains/RegisteredDomainNameServer:RegisteredDomainNameServer": { "properties": { "glueIps": { "type": "array", "items": { "type": "string" }, "description": "Glue IP addresses of a name server. The list can contain only one IPv4 and one IPv6 address.\n" }, "name": { "type": "string", "description": "The fully qualified host name of the name server.\n" } }, "type": "object", "required": [ "name" ] }, "aws:route53domains/RegisteredDomainRegistrantContact:RegisteredDomainRegistrantContact": { "properties": { "addressLine1": { "type": "string", "description": "First line of the contact's address.\n" }, "addressLine2": { "type": "string", "description": "Second line of contact's address, if any.\n" }, "city": { "type": "string", "description": "The city of the contact's address.\n" }, "contactType": { "type": "string", "description": "Indicates whether the contact is a person, company, association, or public organization. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-ContactType) for valid values.\n" }, "countryCode": { "type": "string", "description": "Code for the country of the contact's address. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-CountryCode) for valid values.\n" }, "email": { "type": "string", "description": "Email address of the contact.\n" }, "extraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of parameters required by certain top-level domains.\n" }, "fax": { "type": "string", "description": "Fax number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "firstName": { "type": "string", "description": "First name of contact.\n" }, "lastName": { "type": "string", "description": "Last name of contact.\n" }, "organizationName": { "type": "string", "description": "Name of the organization for contact types other than `PERSON`.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "state": { "type": "string", "description": "The state or province of the contact's city.\n" }, "zipCode": { "type": "string", "description": "The zip or postal code of the contact's address.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "addressLine1", "addressLine2", "city", "contactType", "countryCode", "email", "extraParams", "fax", "firstName", "lastName", "organizationName", "phoneNumber", "state", "zipCode" ] } } }, "aws:route53domains/RegisteredDomainTechContact:RegisteredDomainTechContact": { "properties": { "addressLine1": { "type": "string", "description": "First line of the contact's address.\n" }, "addressLine2": { "type": "string", "description": "Second line of contact's address, if any.\n" }, "city": { "type": "string", "description": "The city of the contact's address.\n" }, "contactType": { "type": "string", "description": "Indicates whether the contact is a person, company, association, or public organization. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-ContactType) for valid values.\n" }, "countryCode": { "type": "string", "description": "Code for the country of the contact's address. See the [AWS API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ContactDetail.html#Route53Domains-Type-domains_ContactDetail-CountryCode) for valid values.\n" }, "email": { "type": "string", "description": "Email address of the contact.\n" }, "extraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of parameters required by certain top-level domains.\n" }, "fax": { "type": "string", "description": "Fax number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "firstName": { "type": "string", "description": "First name of contact.\n" }, "lastName": { "type": "string", "description": "Last name of contact.\n" }, "organizationName": { "type": "string", "description": "Name of the organization for contact types other than `PERSON`.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the contact. Phone number must be specified in the format \"+[country dialing code].[number including any area code]\".\n" }, "state": { "type": "string", "description": "The state or province of the contact's city.\n" }, "zipCode": { "type": "string", "description": "The zip or postal code of the contact's address.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "addressLine1", "addressLine2", "city", "contactType", "countryCode", "email", "extraParams", "fax", "firstName", "lastName", "organizationName", "phoneNumber", "state", "zipCode" ] } } }, "aws:route53recoverycontrol/ClusterClusterEndpoint:ClusterClusterEndpoint": { "properties": { "endpoint": { "type": "string", "description": "Cluster endpoint.\n" }, "region": { "type": "string", "description": "Region of the endpoint.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "endpoint", "region" ] } } }, "aws:route53recoverycontrol/SafetyRuleRuleConfig:SafetyRuleRuleConfig": { "properties": { "inverted": { "type": "boolean", "description": "Logical negation of the rule.\n" }, "threshold": { "type": "integer", "description": "Number of controls that must be set when you specify an `ATLEAST` type rule.\n" }, "type": { "type": "string", "description": "Rule type. Valid values are `ATLEAST`, `AND`, and `OR`.\n" } }, "type": "object", "required": [ "inverted", "threshold", "type" ] }, "aws:route53recoveryreadiness/ResourceSetResource:ResourceSetResource": { "properties": { "componentId": { "type": "string" }, "dnsTargetResource": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResource:ResourceSetResourceDnsTargetResource", "description": "Component for DNS/Routing Control Readiness Checks.\n" }, "readinessScopes": { "type": "array", "items": { "type": "string" }, "description": "Recovery group ARN or cell ARN that contains this resource set.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "componentId" ] } } }, "aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResource:ResourceSetResourceDnsTargetResource": { "properties": { "domainName": { "type": "string", "description": "DNS Name that acts as the ingress point to a portion of application.\n" }, "hostedZoneArn": { "type": "string", "description": "Hosted Zone ARN that contains the DNS record with the provided name of target resource.\n" }, "recordSetId": { "type": "string", "description": "Route53 record set id to uniquely identify a record given a `domain_name` and a `record_type`.\n" }, "recordType": { "type": "string", "description": "Type of DNS Record of target resource.\n" }, "targetResource": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResource:ResourceSetResourceDnsTargetResourceTargetResource", "description": "Target resource the R53 record specified with the above params points to.\n" } }, "type": "object", "required": [ "domainName" ] }, "aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResource:ResourceSetResourceDnsTargetResourceTargetResource": { "properties": { "nlbResource": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResourceNlbResource:ResourceSetResourceDnsTargetResourceTargetResourceNlbResource", "description": "NLB resource a DNS Target Resource points to. Required if `r53_resource` is not set.\n" }, "r53Resource": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResourceR53Resource:ResourceSetResourceDnsTargetResourceTargetResourceR53Resource", "description": "Route53 resource a DNS Target Resource record points to.\n" } }, "type": "object" }, "aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResourceNlbResource:ResourceSetResourceDnsTargetResourceTargetResourceNlbResource": { "properties": { "arn": { "type": "string", "description": "NLB resource ARN.\n" } }, "type": "object" }, "aws:route53recoveryreadiness/ResourceSetResourceDnsTargetResourceTargetResourceR53Resource:ResourceSetResourceDnsTargetResourceTargetResourceR53Resource": { "properties": { "domainName": { "type": "string", "description": "Domain name that is targeted.\n" }, "recordSetId": { "type": "string", "description": "Resource record set ID that is targeted.\n" } }, "type": "object" }, "aws:rum/AppMonitorAppMonitorConfiguration:AppMonitorAppMonitorConfiguration": { "properties": { "allowCookies": { "type": "boolean", "description": "If you set this to `true`, RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.\n" }, "enableXray": { "type": "boolean", "description": "If you set this to `true`, RUM enables X-Ray tracing for the user sessions that RUM samples. RUM adds an X-Ray trace header to allowed HTTP requests. It also records an X-Ray segment for allowed HTTP requests.\n" }, "excludedPages": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs in your website or application to exclude from RUM data collection.\n" }, "favoritePages": { "type": "array", "items": { "type": "string" }, "description": "A list of pages in the CloudWatch RUM console that are to be displayed with a \"favorite\" icon.\n" }, "guestRoleArn": { "type": "string", "description": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to RUM.\n" }, "identityPoolId": { "type": "string", "description": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to RUM.\n" }, "includedPages": { "type": "array", "items": { "type": "string" }, "description": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n" }, "sessionSampleRate": { "type": "number", "description": "Specifies the percentage of user sessions to use for RUM data collection. Choosing a higher percentage gives you more data but also incurs more costs. The number you specify is the percentage of user sessions that will be used. Default value is `0.1`.\n" }, "telemetries": { "type": "array", "items": { "type": "string" }, "description": "An array that lists the types of telemetry data that this app monitor is to collect. Valid values are `errors`, `performance`, and `http`.\n" } }, "type": "object" }, "aws:rum/AppMonitorCustomEvents:AppMonitorCustomEvents": { "properties": { "status": { "type": "string", "description": "Specifies whether this app monitor allows the web client to define and send custom events. The default is for custom events to be `DISABLED`. Valid values are `DISABLED` and `ENABLED`.\n" } }, "type": "object" }, "aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration": { "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n* PUT Object calls fail if the request includes a public ACL.\n* PUT Bucket calls fail if the request includes a public ACL.\n", "willReplaceOnChanges": true }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n", "willReplaceOnChanges": true }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n", "willReplaceOnChanges": true }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration": { "properties": { "vpcId": { "type": "string", "description": "This access point will only allow connections from the specified VPC ID.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "vpcId" ] }, "aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter": { "properties": { "prefix": { "type": "string", "description": "Object prefix for filtering.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of object tags for filtering.\n" } }, "type": "object" }, "aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis": { "properties": { "dataExport": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExport:AnalyticsConfigurationStorageClassAnalysisDataExport", "description": "Data export configuration (documented below).\n" } }, "type": "object", "required": [ "dataExport" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExport:AnalyticsConfigurationStorageClassAnalysisDataExport": { "properties": { "destination": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestination", "description": "Specifies the destination for the exported analytics data (documented below).\n" }, "outputSchemaVersion": { "type": "string", "description": "Schema version of exported analytics data. Allowed values: `V_1`. Default value: `V_1`.\n" } }, "type": "object", "required": [ "destination" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestination": { "properties": { "s3BucketDestination": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination", "description": "Analytics data export currently only supports an S3 bucket destination (documented below).\n" } }, "type": "object", "required": [ "s3BucketDestination" ] }, "aws:s3/AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination:AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestination": { "properties": { "bucketAccountId": { "type": "string", "description": "Account ID that owns the destination bucket.\n" }, "bucketArn": { "type": "string", "description": "ARN of the destination bucket.\n" }, "format": { "type": "string", "description": "Output format of exported analytics data. Allowed values: `CSV`. Default value: `CSV`.\n" }, "prefix": { "type": "string", "description": "Prefix to append to exported analytics data.\n" } }, "type": "object", "required": [ "bucketArn" ] }, "aws:s3/BucketAclV2AccessControlPolicy:BucketAclV2AccessControlPolicy": { "properties": { "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicyGrant:BucketAclV2AccessControlPolicyGrant" }, "description": "Set of `grant` configuration blocks. See below.\n" }, "owner": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicyOwner:BucketAclV2AccessControlPolicyOwner", "description": "Configuration block for the bucket owner's display name and ID. See below.\n" } }, "type": "object", "required": [ "owner" ] }, "aws:s3/BucketAclV2AccessControlPolicyGrant:BucketAclV2AccessControlPolicyGrant": { "properties": { "grantee": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicyGrantGrantee:BucketAclV2AccessControlPolicyGrantGrantee", "description": "Configuration block for the person being granted permissions. See below.\n" }, "permission": { "type": "string", "description": "Logging permissions assigned to the grantee for the bucket. Valid values: `FULL_CONTROL`, `WRITE`, `WRITE_ACP`, `READ`, `READ_ACP`. See [What permissions can I grant?](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#permissions) for more details about what each permission means in the context of buckets.\n" } }, "type": "object", "required": [ "permission" ] }, "aws:s3/BucketAclV2AccessControlPolicyGrantGrantee:BucketAclV2AccessControlPolicyGrantGrantee": { "properties": { "displayName": { "type": "string", "description": "Display name of the owner.\n" }, "emailAddress": { "type": "string", "description": "Email address of the grantee. See [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) for supported AWS regions where this argument can be specified.\n" }, "id": { "type": "string", "description": "Canonical user ID of the grantee.\n" }, "type": { "type": "string", "description": "Type of grantee. Valid values: `CanonicalUser`, `AmazonCustomerByEmail`, `Group`.\n" }, "uri": { "type": "string", "description": "URI of the grantee group.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "displayName", "type" ] } } }, "aws:s3/BucketAclV2AccessControlPolicyOwner:BucketAclV2AccessControlPolicyOwner": { "properties": { "displayName": { "type": "string", "description": "Display name of the owner.\n" }, "id": { "type": "string", "description": "ID of the owner.\n" } }, "type": "object", "required": [ "id" ], "language": { "nodejs": { "requiredOutputs": [ "displayName", "id" ] } } }, "aws:s3/BucketCorsConfigurationV2CorsRule:BucketCorsConfigurationV2CorsRule": { "properties": { "allowedHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of Headers that are specified in the `Access-Control-Request-Headers` header.\n" }, "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "Set of HTTP methods that you allow the origin to execute. Valid values are `GET`, `PUT`, `HEAD`, `POST`, and `DELETE`.\n" }, "allowedOrigins": { "type": "array", "items": { "type": "string" }, "description": "Set of origins you want customers to be able to access the bucket from.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. The value cannot be longer than 255 characters.\n" }, "maxAgeSeconds": { "type": "integer", "description": "Time in seconds that your browser is to cache the preflight response for the specified resource.\n" } }, "type": "object", "required": [ "allowedMethods", "allowedOrigins" ] }, "aws:s3/BucketCorsRule:BucketCorsRule": { "properties": { "allowedHeaders": { "type": "array", "items": { "type": "string" }, "description": "List of headers allowed.\n" }, "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "One or more HTTP methods that you allow the origin to execute. Can be `GET`, `PUT`, `POST`, `DELETE` or `HEAD`.\n" }, "allowedOrigins": { "type": "array", "items": { "type": "string" }, "description": "One or more origins you want customers to be able to access the bucket from.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n" }, "maxAgeSeconds": { "type": "integer", "description": "Specifies time in seconds that browser can cache the response for a preflight request.\n" } }, "type": "object", "required": [ "allowedMethods", "allowedOrigins" ] }, "aws:s3/BucketGrant:BucketGrant": { "properties": { "id": { "type": "string", "description": "Canonical user id to grant for. Used only when `type` is `CanonicalUser`.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions to apply for grantee. Valid values are `READ`, `WRITE`, `READ_ACP`, `WRITE_ACP`, `FULL_CONTROL`.\n" }, "type": { "type": "string", "description": "Type of grantee to apply for. Valid values are `CanonicalUser` and `Group`. `AmazonCustomerByEmail` is not supported.\n" }, "uri": { "type": "string", "description": "Uri address to grant for. Used only when `type` is `Group`.\n" } }, "type": "object", "required": [ "permissions", "type" ] }, "aws:s3/BucketIntelligentTieringConfigurationFilter:BucketIntelligentTieringConfigurationFilter": { "properties": { "prefix": { "type": "string", "description": "Object key name prefix that identifies the subset of objects to which the configuration applies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "All of these tags must exist in the object's tag set in order for the configuration to apply.\n" } }, "type": "object" }, "aws:s3/BucketIntelligentTieringConfigurationTiering:BucketIntelligentTieringConfigurationTiering": { "properties": { "accessTier": { "type": "string", "description": "S3 Intelligent-Tiering access tier. Valid values: `ARCHIVE_ACCESS`, `DEEP_ARCHIVE_ACCESS`.\n" }, "days": { "type": "integer", "description": "Number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier.\n" } }, "type": "object", "required": [ "accessTier", "days" ] }, "aws:s3/BucketLifecycleConfigurationV2Rule:BucketLifecycleConfigurationV2Rule": { "properties": { "abortIncompleteMultipartUpload": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleAbortIncompleteMultipartUpload:BucketLifecycleConfigurationV2RuleAbortIncompleteMultipartUpload", "description": "Configuration block that specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. See below.\n" }, "expiration": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleExpiration:BucketLifecycleConfigurationV2RuleExpiration", "description": "Configuration block that specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker. See below.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleFilter:BucketLifecycleConfigurationV2RuleFilter", "description": "Configuration block used to identify objects that a Lifecycle Rule applies to. See below. If not specified, the `rule` will default to using `prefix`.\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. The value cannot be longer than 255 characters.\n" }, "noncurrentVersionExpiration": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleNoncurrentVersionExpiration:BucketLifecycleConfigurationV2RuleNoncurrentVersionExpiration", "description": "Configuration block that specifies when noncurrent object versions expire. See below.\n" }, "noncurrentVersionTransitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleNoncurrentVersionTransition:BucketLifecycleConfigurationV2RuleNoncurrentVersionTransition" }, "description": "Set of configuration blocks that specify the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. See below.\n" }, "prefix": { "type": "string", "description": "**DEPRECATED** Use `filter` instead. This has been deprecated by Amazon S3. Prefix identifying one or more objects to which the rule applies. Defaults to an empty string (`\"\"`) if `filter` is not specified.\n", "deprecationMessage": "Use filter instead" }, "status": { "type": "string", "description": "Whether the rule is currently being applied. Valid values: `Enabled` or `Disabled`.\n" }, "transitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleTransition:BucketLifecycleConfigurationV2RuleTransition" }, "description": "Set of configuration blocks that specify when an Amazon S3 object transitions to a specified storage class. See below.\n" } }, "type": "object", "required": [ "id", "status" ] }, "aws:s3/BucketLifecycleConfigurationV2RuleAbortIncompleteMultipartUpload:BucketLifecycleConfigurationV2RuleAbortIncompleteMultipartUpload": { "properties": { "daysAfterInitiation": { "type": "integer", "description": "Number of days after which Amazon S3 aborts an incomplete multipart upload.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleConfigurationV2RuleExpiration:BucketLifecycleConfigurationV2RuleExpiration": { "properties": { "date": { "type": "string", "description": "Date the object is to be moved or deleted. The date value must be in [RFC3339 full-date format](https://datatracker.ietf.org/doc/html/rfc3339#section-5.6) e.g. `2023-08-22`.\n" }, "days": { "type": "integer", "description": "Lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.\n" }, "expiredObjectDeleteMarker": { "type": "boolean", "description": "Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to `true`, the delete marker will be expired; if set to `false` the policy takes no action.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "expiredObjectDeleteMarker" ] } } }, "aws:s3/BucketLifecycleConfigurationV2RuleFilter:BucketLifecycleConfigurationV2RuleFilter": { "properties": { "and": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleFilterAnd:BucketLifecycleConfigurationV2RuleFilterAnd", "description": "Configuration block used to apply a logical `AND` to two or more predicates. See below. The Lifecycle Rule will apply to any object matching all the predicates configured inside the `and` block.\n" }, "objectSizeGreaterThan": { "type": "string", "description": "Minimum object size (in bytes) to which the rule applies.\n" }, "objectSizeLessThan": { "type": "string", "description": "Maximum object size (in bytes) to which the rule applies.\n" }, "prefix": { "type": "string", "description": "Prefix identifying one or more objects to which the rule applies. Defaults to an empty string (`\"\"`) if not specified.\n" }, "tag": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2RuleFilterTag:BucketLifecycleConfigurationV2RuleFilterTag", "description": "Configuration block for specifying a tag key and value. See below.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleConfigurationV2RuleFilterAnd:BucketLifecycleConfigurationV2RuleFilterAnd": { "properties": { "objectSizeGreaterThan": { "type": "integer", "description": "Minimum object size to which the rule applies. Value must be at least `0` if specified.\n" }, "objectSizeLessThan": { "type": "integer", "description": "Maximum object size to which the rule applies. Value must be at least `1` if specified.\n" }, "prefix": { "type": "string", "description": "Prefix identifying one or more objects to which the rule applies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. All of these tags must exist in the object's tag set in order for the rule to apply.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleConfigurationV2RuleFilterTag:BucketLifecycleConfigurationV2RuleFilterTag": { "properties": { "key": { "type": "string", "description": "Name of the object key.\n" }, "value": { "type": "string", "description": "Value of the tag.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:s3/BucketLifecycleConfigurationV2RuleNoncurrentVersionExpiration:BucketLifecycleConfigurationV2RuleNoncurrentVersionExpiration": { "properties": { "newerNoncurrentVersions": { "type": "string", "description": "Number of noncurrent versions Amazon S3 will retain. Must be a non-zero positive integer.\n" }, "noncurrentDays": { "type": "integer", "description": "Number of days an object is noncurrent before Amazon S3 can perform the associated action. Must be a positive integer.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleConfigurationV2RuleNoncurrentVersionTransition:BucketLifecycleConfigurationV2RuleNoncurrentVersionTransition": { "properties": { "newerNoncurrentVersions": { "type": "string", "description": "Number of noncurrent versions Amazon S3 will retain. Must be a non-zero positive integer.\n" }, "noncurrentDays": { "type": "integer", "description": "Number of days an object is noncurrent before Amazon S3 can perform the associated action.\n" }, "storageClass": { "type": "string", "description": "Class of storage used to store the object. Valid Values: `GLACIER`, `STANDARD_IA`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, `DEEP_ARCHIVE`, `GLACIER_IR`.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLifecycleConfigurationV2RuleTransition:BucketLifecycleConfigurationV2RuleTransition": { "properties": { "date": { "type": "string", "description": "Date objects are transitioned to the specified storage class. The date value must be in [RFC3339 full-date format](https://datatracker.ietf.org/doc/html/rfc3339#section-5.6) e.g. `2023-08-22`.\n" }, "days": { "type": "integer", "description": "Number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer. If both `days` and `date` are not specified, defaults to `0`. Valid values depend on `storage_class`, see [Transition objects using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html) for more details.\n" }, "storageClass": { "type": "string", "description": "Class of storage used to store the object. Valid Values: `GLACIER`, `STANDARD_IA`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, `DEEP_ARCHIVE`, `GLACIER_IR`.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLifecycleRule:BucketLifecycleRule": { "properties": { "abortIncompleteMultipartUploadDays": { "type": "integer", "description": "Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.\n" }, "enabled": { "type": "boolean", "description": "Specifies lifecycle rule status.\n" }, "expiration": { "$ref": "#/types/aws:s3/BucketLifecycleRuleExpiration:BucketLifecycleRuleExpiration", "description": "Specifies a period in the object's expire. See Expiration below for details.\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. Must be less than or equal to 255 characters in length.\n" }, "noncurrentVersionExpiration": { "$ref": "#/types/aws:s3/BucketLifecycleRuleNoncurrentVersionExpiration:BucketLifecycleRuleNoncurrentVersionExpiration", "description": "Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.\n" }, "noncurrentVersionTransitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRuleNoncurrentVersionTransition:BucketLifecycleRuleNoncurrentVersionTransition" }, "description": "Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.\n" }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more objects to which the rule applies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies object tags key and value.\n" }, "transitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRuleTransition:BucketLifecycleRuleTransition" }, "description": "Specifies a period in the object's transitions. See Transition below for details.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "id" ] } } }, "aws:s3/BucketLifecycleRuleExpiration:BucketLifecycleRuleExpiration": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n" }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n" }, "expiredObjectDeleteMarker": { "type": "boolean", "description": "On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleRuleNoncurrentVersionExpiration:BucketLifecycleRuleNoncurrentVersionExpiration": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions expire.\n" } }, "type": "object" }, "aws:s3/BucketLifecycleRuleNoncurrentVersionTransition:BucketLifecycleRuleNoncurrentVersionTransition": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions transition.\n" }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLifecycleRuleTransition:BucketLifecycleRuleTransition": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n" }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n" }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketLogging:BucketLogging": { "properties": { "targetBucket": { "type": "string", "description": "Name of the bucket that will receive the log objects.\n" }, "targetPrefix": { "type": "string", "description": "To specify a key prefix for log objects.\n" } }, "type": "object", "required": [ "targetBucket" ] }, "aws:s3/BucketLoggingV2TargetGrant:BucketLoggingV2TargetGrant": { "properties": { "grantee": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetGrantGrantee:BucketLoggingV2TargetGrantGrantee", "description": "Configuration block for the person being granted permissions. See below.\n" }, "permission": { "type": "string", "description": "Logging permissions assigned to the grantee for the bucket. Valid values: `FULL_CONTROL`, `READ`, `WRITE`.\n" } }, "type": "object", "required": [ "grantee", "permission" ] }, "aws:s3/BucketLoggingV2TargetGrantGrantee:BucketLoggingV2TargetGrantGrantee": { "properties": { "displayName": { "type": "string" }, "emailAddress": { "type": "string", "description": "Email address of the grantee. See [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) for supported AWS regions where this argument can be specified.\n" }, "id": { "type": "string", "description": "Canonical user ID of the grantee.\n" }, "type": { "type": "string", "description": "Type of grantee. Valid values: `CanonicalUser`, `AmazonCustomerByEmail`, `Group`.\n" }, "uri": { "type": "string", "description": "URI of the grantee group.\n" } }, "type": "object", "required": [ "type" ], "language": { "nodejs": { "requiredOutputs": [ "displayName", "type" ] } } }, "aws:s3/BucketLoggingV2TargetObjectKeyFormat:BucketLoggingV2TargetObjectKeyFormat": { "properties": { "partitionedPrefix": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetObjectKeyFormatPartitionedPrefix:BucketLoggingV2TargetObjectKeyFormatPartitionedPrefix", "description": "Partitioned S3 key for log objects. See below.\n" }, "simplePrefix": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetObjectKeyFormatSimplePrefix:BucketLoggingV2TargetObjectKeyFormatSimplePrefix", "description": "Use the simple format for S3 keys for log objects. To use, set `simple_prefix {}`.\n" } }, "type": "object" }, "aws:s3/BucketLoggingV2TargetObjectKeyFormatPartitionedPrefix:BucketLoggingV2TargetObjectKeyFormatPartitionedPrefix": { "properties": { "partitionDateSource": { "type": "string", "description": "Specifies the partition date source for the partitioned prefix. Valid values: `EventTime`, `DeliveryTime`.\n" } }, "type": "object", "required": [ "partitionDateSource" ] }, "aws:s3/BucketLoggingV2TargetObjectKeyFormatSimplePrefix:BucketLoggingV2TargetObjectKeyFormatSimplePrefix": { "type": "object" }, "aws:s3/BucketMetricFilter:BucketMetricFilter": { "properties": { "accessPoint": { "type": "string", "description": "S3 Access Point ARN for filtering (singular).\n" }, "prefix": { "type": "string", "description": "Object prefix for filtering (singular).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Object tags for filtering (up to 10).\n" } }, "type": "object" }, "aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "[Event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n" }, "filterPrefix": { "type": "string", "description": "Object key name prefix.\n" }, "filterSuffix": { "type": "string", "description": "Object key name suffix.\n" }, "id": { "type": "string", "description": "Unique identifier for each of the notification configurations.\n" }, "lambdaFunctionArn": { "type": "string", "description": "Lambda function ARN.\n" } }, "type": "object", "required": [ "events" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id" ] } } }, "aws:s3/BucketNotificationQueue:BucketNotificationQueue": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "Specifies [event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n" }, "filterPrefix": { "type": "string", "description": "Object key name prefix.\n" }, "filterSuffix": { "type": "string", "description": "Object key name suffix.\n" }, "id": { "type": "string", "description": "Unique identifier for each of the notification configurations.\n" }, "queueArn": { "type": "string", "description": "SQS queue ARN.\n" } }, "type": "object", "required": [ "events", "queueArn" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id", "queueArn" ] } } }, "aws:s3/BucketNotificationTopic:BucketNotificationTopic": { "properties": { "events": { "type": "array", "items": { "type": "string" }, "description": "[Event](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations) for which to send notifications.\n" }, "filterPrefix": { "type": "string", "description": "Object key name prefix.\n" }, "filterSuffix": { "type": "string", "description": "Object key name suffix.\n" }, "id": { "type": "string", "description": "Unique identifier for each of the notification configurations.\n" }, "topicArn": { "type": "string", "description": "SNS topic ARN.\n" } }, "type": "object", "required": [ "events", "topicArn" ], "language": { "nodejs": { "requiredOutputs": [ "events", "id", "topicArn" ] } } }, "aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration": { "properties": { "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid values are `true` or `false`. This argument is not supported in all regions or partitions.\n", "willReplaceOnChanges": true }, "rule": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationRule:BucketObjectLockConfigurationRule", "description": "Object Lock rule in place for this bucket (documented below).\n" } }, "type": "object", "required": [ "objectLockEnabled" ] }, "aws:s3/BucketObjectLockConfigurationRule:BucketObjectLockConfigurationRule": { "properties": { "defaultRetention": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationRuleDefaultRetention:BucketObjectLockConfigurationRuleDefaultRetention", "description": "Default retention period that you want to apply to new objects placed in this bucket (documented below).\n" } }, "type": "object", "required": [ "defaultRetention" ] }, "aws:s3/BucketObjectLockConfigurationRuleDefaultRetention:BucketObjectLockConfigurationRuleDefaultRetention": { "properties": { "days": { "type": "integer", "description": "Number of days that you want to specify for the default retention period.\n" }, "mode": { "type": "string", "description": "Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "years": { "type": "integer", "description": "Number of years that you want to specify for the default retention period.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:s3/BucketObjectLockConfigurationV2Rule:BucketObjectLockConfigurationV2Rule": { "properties": { "defaultRetention": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationV2RuleDefaultRetention:BucketObjectLockConfigurationV2RuleDefaultRetention", "description": "Configuration block for specifying the default Object Lock retention settings for new objects placed in the specified bucket. See below.\n" } }, "type": "object", "required": [ "defaultRetention" ] }, "aws:s3/BucketObjectLockConfigurationV2RuleDefaultRetention:BucketObjectLockConfigurationV2RuleDefaultRetention": { "properties": { "days": { "type": "integer", "description": "Number of days that you want to specify for the default retention period.\n" }, "mode": { "type": "string", "description": "Default Object Lock retention mode you want to apply to new objects placed in the specified bucket. Valid values: `COMPLIANCE`, `GOVERNANCE`.\n" }, "years": { "type": "integer", "description": "Number of years that you want to specify for the default retention period.\n" } }, "type": "object" }, "aws:s3/BucketObjectv2OverrideProvider:BucketObjectv2OverrideProvider": { "properties": { "defaultTags": { "$ref": "#/types/aws:s3/BucketObjectv2OverrideProviderDefaultTags:BucketObjectv2OverrideProviderDefaultTags", "description": "Override the provider `default_tags` configuration block.\n" } }, "type": "object" }, "aws:s3/BucketObjectv2OverrideProviderDefaultTags:BucketObjectv2OverrideProviderDefaultTags": { "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "aws:s3/BucketOwnershipControlsRule:BucketOwnershipControlsRule": { "properties": { "objectOwnership": { "type": "string", "description": "Object ownership. Valid values: `BucketOwnerPreferred`, `ObjectWriter` or `BucketOwnerEnforced`\n* `BucketOwnerPreferred` - Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with the `bucket-owner-full-control` canned ACL.\n* `ObjectWriter` - Uploading account will own the object if the object is uploaded with the `bucket-owner-full-control` canned ACL.\n* `BucketOwnerEnforced` - Bucket owner automatically owns and has full control over every object in the bucket. ACLs no longer affect permissions to data in the S3 bucket.\n" } }, "type": "object", "required": [ "objectOwnership" ] }, "aws:s3/BucketReplicationConfigRule:BucketReplicationConfigRule": { "properties": { "deleteMarkerReplication": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDeleteMarkerReplication:BucketReplicationConfigRuleDeleteMarkerReplication", "description": "Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when `filter` is used)documented below.\n" }, "destination": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestination:BucketReplicationConfigRuleDestination", "description": "Specifies the destination for the rule. See below.\n" }, "existingObjectReplication": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleExistingObjectReplication:BucketReplicationConfigRuleExistingObjectReplication", "description": "Replicate existing objects in the source bucket according to the rule configurations. See below.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleFilter:BucketReplicationConfigRuleFilter", "description": "Filter that identifies subset of objects to which the replication rule applies. See below. If not specified, the `rule` will default to using `prefix`.\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. Must be less than or equal to 255 characters in length.\n" }, "prefix": { "type": "string", "description": "Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length. Defaults to an empty string (`\"\"`) if `filter` is not specified.\n", "deprecationMessage": "Use filter instead" }, "priority": { "type": "integer", "description": "Priority associated with the rule. Priority should only be set if `filter` is configured. If not provided, defaults to `0`. Priority must be unique between multiple rules.\n" }, "sourceSelectionCriteria": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleSourceSelectionCriteria:BucketReplicationConfigRuleSourceSelectionCriteria", "description": "Specifies special object selection criteria. See below.\n" }, "status": { "type": "string", "description": "Status of the rule. Either `\"Enabled\"` or `\"Disabled\"`. The rule is ignored if status is not \"Enabled\".\n" } }, "type": "object", "required": [ "destination", "status" ], "language": { "nodejs": { "requiredOutputs": [ "destination", "id", "status" ] } } }, "aws:s3/BucketReplicationConfigRuleDeleteMarkerReplication:BucketReplicationConfigRuleDeleteMarkerReplication": { "properties": { "status": { "type": "string", "description": "Whether delete markers should be replicated. Either `\"Enabled\"` or `\"Disabled\"`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:s3/BucketReplicationConfigRuleDestination:BucketReplicationConfigRuleDestination": { "properties": { "accessControlTranslation": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationAccessControlTranslation:BucketReplicationConfigRuleDestinationAccessControlTranslation", "description": "Configuration block that specifies the overrides to use for object owners on replication. See below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with `account` owner override configuration.\n" }, "account": { "type": "string", "description": "Account ID to specify the replica ownership. Must be used in conjunction with `access_control_translation` override configuration.\n" }, "bucket": { "type": "string", "description": "ARN of the bucket where you want Amazon S3 to store the results.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationEncryptionConfiguration:BucketReplicationConfigRuleDestinationEncryptionConfiguration", "description": "Configuration block that provides information about encryption. See below. If `source_selection_criteria` is specified, you must specify this element.\n" }, "metrics": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationMetrics:BucketReplicationConfigRuleDestinationMetrics", "description": "Configuration block that specifies replication metrics-related settings enabling replication metrics and events. See below.\n" }, "replicationTime": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationReplicationTime:BucketReplicationConfigRuleDestinationReplicationTime", "description": "Configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. See below. Replication Time Control must be used in conjunction with `metrics`.\n" }, "storageClass": { "type": "string", "description": "The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/BucketReplicationConfigRuleDestinationAccessControlTranslation:BucketReplicationConfigRuleDestinationAccessControlTranslation": { "properties": { "owner": { "type": "string", "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the Amazon S3 API Reference. Valid values: `Destination`.\n" } }, "type": "object", "required": [ "owner" ] }, "aws:s3/BucketReplicationConfigRuleDestinationEncryptionConfiguration:BucketReplicationConfigRuleDestinationEncryptionConfiguration": { "properties": { "replicaKmsKeyId": { "type": "string", "description": "ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.\n" } }, "type": "object", "required": [ "replicaKmsKeyId" ] }, "aws:s3/BucketReplicationConfigRuleDestinationMetrics:BucketReplicationConfigRuleDestinationMetrics": { "properties": { "eventThreshold": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationMetricsEventThreshold:BucketReplicationConfigRuleDestinationMetricsEventThreshold", "description": "Configuration block that specifies the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event. See below.\n" }, "status": { "type": "string", "description": "Status of the Destination Metrics. Either `\"Enabled\"` or `\"Disabled\"`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:s3/BucketReplicationConfigRuleDestinationMetricsEventThreshold:BucketReplicationConfigRuleDestinationMetricsEventThreshold": { "properties": { "minutes": { "type": "integer", "description": "Time in minutes. Valid values: `15`.\n" } }, "type": "object", "required": [ "minutes" ] }, "aws:s3/BucketReplicationConfigRuleDestinationReplicationTime:BucketReplicationConfigRuleDestinationReplicationTime": { "properties": { "status": { "type": "string", "description": "Status of the Replication Time Control. Either `\"Enabled\"` or `\"Disabled\"`.\n" }, "time": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleDestinationReplicationTimeTime:BucketReplicationConfigRuleDestinationReplicationTimeTime", "description": "Configuration block specifying the time by which replication should be complete for all objects and operations on objects. See below.\n" } }, "type": "object", "required": [ "status", "time" ] }, "aws:s3/BucketReplicationConfigRuleDestinationReplicationTimeTime:BucketReplicationConfigRuleDestinationReplicationTimeTime": { "properties": { "minutes": { "type": "integer", "description": "Time in minutes. Valid values: `15`.\n" } }, "type": "object", "required": [ "minutes" ] }, "aws:s3/BucketReplicationConfigRuleExistingObjectReplication:BucketReplicationConfigRuleExistingObjectReplication": { "properties": { "status": { "type": "string", "description": "Whether the existing objects should be replicated. Either `\"Enabled\"` or `\"Disabled\"`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:s3/BucketReplicationConfigRuleFilter:BucketReplicationConfigRuleFilter": { "properties": { "and": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleFilterAnd:BucketReplicationConfigRuleFilterAnd", "description": "Configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.\n" }, "prefix": { "type": "string", "description": "Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "tag": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleFilterTag:BucketReplicationConfigRuleFilterTag", "description": "Configuration block for specifying a tag key and value. See below.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigRuleFilterAnd:BucketReplicationConfigRuleFilterAnd": { "properties": { "prefix": { "type": "string", "description": "Object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigRuleFilterTag:BucketReplicationConfigRuleFilterTag": { "properties": { "key": { "type": "string", "description": "Name of the object key.\n" }, "value": { "type": "string", "description": "Value of the tag.\n" } }, "type": "object", "required": [ "key", "value" ] }, "aws:s3/BucketReplicationConfigRuleSourceSelectionCriteria:BucketReplicationConfigRuleSourceSelectionCriteria": { "properties": { "replicaModifications": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications:BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications", "description": "Configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when `filter` is specified), you can specify this element and set the status to `Enabled` to replicate modifications on replicas.\n" }, "sseKmsEncryptedObjects": { "$ref": "#/types/aws:s3/BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects", "description": "Configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, `replica_kms_key_id` in `destination` `encryption_configuration` must be specified as well.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications:BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications": { "properties": { "status": { "type": "string", "description": "Whether the existing objects should be replicated. Either `\"Enabled\"` or `\"Disabled\"`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:s3/BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects": { "properties": { "status": { "type": "string", "description": "Whether the existing objects should be replicated. Either `\"Enabled\"` or `\"Disabled\"`.\n" } }, "type": "object", "required": [ "status" ] }, "aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration": { "properties": { "role": { "type": "string", "description": "ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRule:BucketReplicationConfigurationRule" }, "description": "Specifies the rules managing the replication (documented below).\n" } }, "type": "object", "required": [ "role", "rules" ] }, "aws:s3/BucketReplicationConfigurationRule:BucketReplicationConfigurationRule": { "properties": { "deleteMarkerReplicationStatus": { "type": "string", "description": "Whether delete markers are replicated. The only valid value is `Enabled`. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when `filter` is used).\n" }, "destination": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestination:BucketReplicationConfigurationRuleDestination", "description": "Specifies the destination for the rule (documented below).\n" }, "filter": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleFilter:BucketReplicationConfigurationRuleFilter", "description": "Filter that identifies subset of objects to which the replication rule applies (documented below).\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. Must be less than or equal to 255 characters in length.\n" }, "prefix": { "type": "string", "description": "Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "priority": { "type": "integer", "description": "Priority associated with the rule. Priority should only be set if `filter` is configured. If not provided, defaults to `0`. Priority must be unique between multiple rules.\n" }, "sourceSelectionCriteria": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteria:BucketReplicationConfigurationRuleSourceSelectionCriteria", "description": "Specifies special object selection criteria (documented below).\n" }, "status": { "type": "string", "description": "Status of the rule. Either `Enabled` or `Disabled`. The rule is ignored if status is not Enabled.\n" } }, "type": "object", "required": [ "destination", "status" ] }, "aws:s3/BucketReplicationConfigurationRuleDestination:BucketReplicationConfigurationRuleDestination": { "properties": { "accessControlTranslation": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestinationAccessControlTranslation:BucketReplicationConfigurationRuleDestinationAccessControlTranslation", "description": "Specifies the overrides to use for object owners on replication (documented below). Must be used in conjunction with `account_id` owner override configuration.\n" }, "accountId": { "type": "string", "description": "Account ID to use for overriding the object owner on replication. Must be used in conjunction with `access_control_translation` override configuration.\n" }, "bucket": { "type": "string", "description": "ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.\n" }, "metrics": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestinationMetrics:BucketReplicationConfigurationRuleDestinationMetrics", "description": "Enables replication metrics (required for S3 RTC) (documented below).\n" }, "replicaKmsKeyId": { "type": "string", "description": "Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with\n`sse_kms_encrypted_objects` source selection criteria.\n" }, "replicationTime": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleDestinationReplicationTime:BucketReplicationConfigurationRuleDestinationReplicationTime", "description": "Enables S3 Replication Time Control (S3 RTC) (documented below).\n" }, "storageClass": { "type": "string", "description": "The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/BucketReplicationConfigurationRuleDestinationAccessControlTranslation:BucketReplicationConfigurationRuleDestinationAccessControlTranslation": { "properties": { "owner": { "type": "string", "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) in the Amazon S3 API Reference. The only valid value is `Destination`.\n" } }, "type": "object", "required": [ "owner" ] }, "aws:s3/BucketReplicationConfigurationRuleDestinationMetrics:BucketReplicationConfigurationRuleDestinationMetrics": { "properties": { "minutes": { "type": "integer", "description": "Threshold within which objects are to be replicated. The only valid value is `15`.\n" }, "status": { "type": "string", "description": "Status of replication metrics. Either `Enabled` or `Disabled`.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleDestinationReplicationTime:BucketReplicationConfigurationRuleDestinationReplicationTime": { "properties": { "minutes": { "type": "integer", "description": "Threshold within which objects are to be replicated. The only valid value is `15`.\n" }, "status": { "type": "string", "description": "Status of RTC. Either `Enabled` or `Disabled`.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleFilter:BucketReplicationConfigurationRuleFilter": { "properties": { "prefix": { "type": "string", "description": "Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags that identifies subset of objects to which the rule applies.\nThe rule applies only to objects having all the tags in its tagset.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteria:BucketReplicationConfigurationRuleSourceSelectionCriteria": { "properties": { "sseKmsEncryptedObjects": { "$ref": "#/types/aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects", "description": "Match SSE-KMS encrypted objects (documented below). If specified, `replica_kms_key_id`\nin `destination` must be specified as well.\n" } }, "type": "object" }, "aws:s3/BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects:BucketReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObjects": { "properties": { "enabled": { "type": "boolean", "description": "Boolean which indicates if this criteria is enabled.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration": { "properties": { "rule": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationRule:BucketServerSideEncryptionConfigurationRule", "description": "Single object for server-side encryption by default configuration. (documented below)\n" } }, "type": "object", "required": [ "rule" ] }, "aws:s3/BucketServerSideEncryptionConfigurationRule:BucketServerSideEncryptionConfigurationRule": { "properties": { "applyServerSideEncryptionByDefault": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault", "description": "Single object for setting server-side encryption by default. (documented below)\n" }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" } }, "type": "object", "required": [ "applyServerSideEncryptionByDefault" ] }, "aws:s3/BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault": { "properties": { "kmsMasterKeyId": { "type": "string", "description": "AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of `sse_algorithm` as `aws:kms`. The default `aws/s3` AWS KMS master key is used if this element is absent while the `sse_algorithm` is `aws:kms`.\n" }, "sseAlgorithm": { "type": "string", "description": "Server-side encryption algorithm to use. Valid values are `AES256` and `aws:kms`\n" } }, "type": "object", "required": [ "sseAlgorithm" ] }, "aws:s3/BucketServerSideEncryptionConfigurationV2Rule:BucketServerSideEncryptionConfigurationV2Rule": { "properties": { "applyServerSideEncryptionByDefault": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault", "description": "Single object for setting server-side encryption by default. See below.\n" }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" } }, "type": "object" }, "aws:s3/BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault": { "properties": { "kmsMasterKeyId": { "type": "string", "description": "AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of `sse_algorithm` as `aws:kms`. The default `aws/s3` AWS KMS master key is used if this element is absent while the `sse_algorithm` is `aws:kms`.\n" }, "sseAlgorithm": { "type": "string", "description": "Server-side encryption algorithm to use. Valid values are `AES256`, `aws:kms`, and `aws:kms:dsse`\n" } }, "type": "object", "required": [ "sseAlgorithm" ] }, "aws:s3/BucketV2CorsRule:BucketV2CorsRule": { "properties": { "allowedHeaders": { "type": "array", "items": { "type": "string" }, "description": "List of headers allowed.\n" }, "allowedMethods": { "type": "array", "items": { "type": "string" }, "description": "One or more HTTP methods that you allow the origin to execute. Can be `GET`, `PUT`, `POST`, `DELETE` or `HEAD`.\n" }, "allowedOrigins": { "type": "array", "items": { "type": "string" }, "description": "One or more origins you want customers to be able to access the bucket from.\n" }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n" }, "maxAgeSeconds": { "type": "integer", "description": "Specifies time in seconds that browser can cache the response for a preflight request.\n" } }, "type": "object", "required": [ "allowedMethods", "allowedOrigins" ] }, "aws:s3/BucketV2Grant:BucketV2Grant": { "properties": { "id": { "type": "string", "description": "Canonical user id to grant for. Used only when `type` is `CanonicalUser`.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions to apply for grantee. Valid values are `READ`, `WRITE`, `READ_ACP`, `WRITE_ACP`, `FULL_CONTROL`.\n" }, "type": { "type": "string", "description": "Type of grantee to apply for. Valid values are `CanonicalUser` and `Group`. `AmazonCustomerByEmail` is not supported.\n" }, "uri": { "type": "string", "description": "Uri address to grant for. Used only when `type` is `Group`.\n" } }, "type": "object", "required": [ "permissions", "type" ] }, "aws:s3/BucketV2LifecycleRule:BucketV2LifecycleRule": { "properties": { "abortIncompleteMultipartUploadDays": { "type": "integer", "description": "Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.\n" }, "enabled": { "type": "boolean", "description": "Specifies lifecycle rule status.\n" }, "expirations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRuleExpiration:BucketV2LifecycleRuleExpiration" }, "description": "Specifies a period in the object's expire. See Expiration below for details.\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. Must be less than or equal to 255 characters in length.\n" }, "noncurrentVersionExpirations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRuleNoncurrentVersionExpiration:BucketV2LifecycleRuleNoncurrentVersionExpiration" }, "description": "Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.\n" }, "noncurrentVersionTransitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRuleNoncurrentVersionTransition:BucketV2LifecycleRuleNoncurrentVersionTransition" }, "description": "Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.\n" }, "prefix": { "type": "string", "description": "Object key prefix identifying one or more objects to which the rule applies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specifies object tags key and value.\n" }, "transitions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRuleTransition:BucketV2LifecycleRuleTransition" }, "description": "Specifies a period in the object's transitions. See Transition below for details.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "enabled", "id" ] } } }, "aws:s3/BucketV2LifecycleRuleExpiration:BucketV2LifecycleRuleExpiration": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n" }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n" }, "expiredObjectDeleteMarker": { "type": "boolean", "description": "On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.\n" } }, "type": "object" }, "aws:s3/BucketV2LifecycleRuleNoncurrentVersionExpiration:BucketV2LifecycleRuleNoncurrentVersionExpiration": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions expire.\n" } }, "type": "object" }, "aws:s3/BucketV2LifecycleRuleNoncurrentVersionTransition:BucketV2LifecycleRuleNoncurrentVersionTransition": { "properties": { "days": { "type": "integer", "description": "Specifies the number of days noncurrent object versions transition.\n" }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketV2LifecycleRuleTransition:BucketV2LifecycleRuleTransition": { "properties": { "date": { "type": "string", "description": "Specifies the date after which you want the corresponding action to take effect.\n" }, "days": { "type": "integer", "description": "Specifies the number of days after object creation when the specific rule action takes effect.\n" }, "storageClass": { "type": "string", "description": "Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.\n" } }, "type": "object", "required": [ "storageClass" ] }, "aws:s3/BucketV2Logging:BucketV2Logging": { "properties": { "targetBucket": { "type": "string", "description": "Name of the bucket that will receive the log objects.\n" }, "targetPrefix": { "type": "string", "description": "To specify a key prefix for log objects.\n" } }, "type": "object", "required": [ "targetBucket" ] }, "aws:s3/BucketV2ObjectLockConfiguration:BucketV2ObjectLockConfiguration": { "properties": { "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid values are `true` or `false`. This argument is not supported in all regions or partitions.\n", "deprecationMessage": "Use the top-level parameter object_lock_enabled instead", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ObjectLockConfigurationRule:BucketV2ObjectLockConfigurationRule" }, "description": "Object Lock rule in place for this bucket (documented below).\n", "deprecationMessage": "Use the aws.s3.BucketObjectLockConfigurationV2 resource instead" } }, "type": "object" }, "aws:s3/BucketV2ObjectLockConfigurationRule:BucketV2ObjectLockConfigurationRule": { "properties": { "defaultRetentions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ObjectLockConfigurationRuleDefaultRetention:BucketV2ObjectLockConfigurationRuleDefaultRetention" }, "description": "Default retention period that you want to apply to new objects placed in this bucket (documented below).\n" } }, "type": "object", "required": [ "defaultRetentions" ] }, "aws:s3/BucketV2ObjectLockConfigurationRuleDefaultRetention:BucketV2ObjectLockConfigurationRuleDefaultRetention": { "properties": { "days": { "type": "integer", "description": "Number of days that you want to specify for the default retention period.\n" }, "mode": { "type": "string", "description": "Default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "years": { "type": "integer", "description": "Number of years that you want to specify for the default retention period.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:s3/BucketV2ReplicationConfiguration:BucketV2ReplicationConfiguration": { "properties": { "role": { "type": "string", "description": "ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRule:BucketV2ReplicationConfigurationRule" }, "description": "Specifies the rules managing the replication (documented below).\n" } }, "type": "object", "required": [ "role", "rules" ] }, "aws:s3/BucketV2ReplicationConfigurationRule:BucketV2ReplicationConfigurationRule": { "properties": { "deleteMarkerReplicationStatus": { "type": "string", "description": "Whether delete markers are replicated. The only valid value is `Enabled`. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when `filter` is used).\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleDestination:BucketV2ReplicationConfigurationRuleDestination" }, "description": "Specifies the destination for the rule (documented below).\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleFilter:BucketV2ReplicationConfigurationRuleFilter" }, "description": "Filter that identifies subset of objects to which the replication rule applies (documented below).\n" }, "id": { "type": "string", "description": "Unique identifier for the rule. Must be less than or equal to 255 characters in length.\n" }, "prefix": { "type": "string", "description": "Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "priority": { "type": "integer", "description": "Priority associated with the rule. Priority should only be set if `filter` is configured. If not provided, defaults to `0`. Priority must be unique between multiple rules.\n" }, "sourceSelectionCriterias": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleSourceSelectionCriteria:BucketV2ReplicationConfigurationRuleSourceSelectionCriteria" }, "description": "Specifies special object selection criteria (documented below).\n" }, "status": { "type": "string", "description": "Status of the rule. Either `Enabled` or `Disabled`. The rule is ignored if status is not Enabled.\n" } }, "type": "object", "required": [ "destinations", "status" ] }, "aws:s3/BucketV2ReplicationConfigurationRuleDestination:BucketV2ReplicationConfigurationRuleDestination": { "properties": { "accessControlTranslations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation:BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation" }, "description": "Specifies the overrides to use for object owners on replication (documented below). Must be used in conjunction with `account_id` owner override configuration.\n" }, "accountId": { "type": "string", "description": "Account ID to use for overriding the object owner on replication. Must be used in conjunction with `access_control_translation` override configuration.\n" }, "bucket": { "type": "string", "description": "ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.\n" }, "metrics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleDestinationMetric:BucketV2ReplicationConfigurationRuleDestinationMetric" }, "description": "Enables replication metrics (required for S3 RTC) (documented below).\n" }, "replicaKmsKeyId": { "type": "string", "description": "Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with\n`sse_kms_encrypted_objects` source selection criteria.\n" }, "replicationTimes": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleDestinationReplicationTime:BucketV2ReplicationConfigurationRuleDestinationReplicationTime" }, "description": "Enables S3 Replication Time Control (S3 RTC) (documented below).\n" }, "storageClass": { "type": "string", "description": "The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation:BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation": { "properties": { "owner": { "type": "string", "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) in the Amazon S3 API Reference. The only valid value is `Destination`.\n" } }, "type": "object", "required": [ "owner" ] }, "aws:s3/BucketV2ReplicationConfigurationRuleDestinationMetric:BucketV2ReplicationConfigurationRuleDestinationMetric": { "properties": { "minutes": { "type": "integer", "description": "Threshold within which objects are to be replicated. The only valid value is `15`.\n" }, "status": { "type": "string", "description": "Status of replication metrics. Either `Enabled` or `Disabled`.\n" } }, "type": "object" }, "aws:s3/BucketV2ReplicationConfigurationRuleDestinationReplicationTime:BucketV2ReplicationConfigurationRuleDestinationReplicationTime": { "properties": { "minutes": { "type": "integer", "description": "Threshold within which objects are to be replicated. The only valid value is `15`.\n" }, "status": { "type": "string", "description": "Status of RTC. Either `Enabled` or `Disabled`.\n" } }, "type": "object" }, "aws:s3/BucketV2ReplicationConfigurationRuleFilter:BucketV2ReplicationConfigurationRuleFilter": { "properties": { "prefix": { "type": "string", "description": "Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags that identifies subset of objects to which the rule applies.\nThe rule applies only to objects having all the tags in its tagset.\n" } }, "type": "object" }, "aws:s3/BucketV2ReplicationConfigurationRuleSourceSelectionCriteria:BucketV2ReplicationConfigurationRuleSourceSelectionCriteria": { "properties": { "sseKmsEncryptedObjects": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject:BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject" }, "description": "Match SSE-KMS encrypted objects (documented below). If specified, `replica_kms_key_id`\nin `destination` must be specified as well.\n" } }, "type": "object" }, "aws:s3/BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject:BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject": { "properties": { "enabled": { "type": "boolean", "description": "Boolean which indicates if this criteria is enabled.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:s3/BucketV2ServerSideEncryptionConfiguration:BucketV2ServerSideEncryptionConfiguration": { "properties": { "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ServerSideEncryptionConfigurationRule:BucketV2ServerSideEncryptionConfigurationRule" }, "description": "Single object for server-side encryption by default configuration. (documented below)\n" } }, "type": "object", "required": [ "rules" ] }, "aws:s3/BucketV2ServerSideEncryptionConfigurationRule:BucketV2ServerSideEncryptionConfigurationRule": { "properties": { "applyServerSideEncryptionByDefaults": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault" }, "description": "Single object for setting server-side encryption by default. (documented below)\n" }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" } }, "type": "object", "required": [ "applyServerSideEncryptionByDefaults" ] }, "aws:s3/BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault": { "properties": { "kmsMasterKeyId": { "type": "string", "description": "AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of `sse_algorithm` as `aws:kms`. The default `aws/s3` AWS KMS master key is used if this element is absent while the `sse_algorithm` is `aws:kms`.\n" }, "sseAlgorithm": { "type": "string", "description": "Server-side encryption algorithm to use. Valid values are `AES256` and `aws:kms`\n" } }, "type": "object", "required": [ "sseAlgorithm" ] }, "aws:s3/BucketV2Versioning:BucketV2Versioning": { "properties": { "enabled": { "type": "boolean", "description": "Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.\n" }, "mfaDelete": { "type": "boolean", "description": "Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS\n" } }, "type": "object" }, "aws:s3/BucketV2Website:BucketV2Website": { "properties": { "errorDocument": { "type": "string", "description": "Absolute path to the document to return in case of a 4XX error.\n" }, "indexDocument": { "type": "string", "description": "Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.\n" }, "redirectAllRequestsTo": { "type": "string", "description": "Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (`http://` or `https://`) to use when redirecting requests. The default is the protocol that is used in the original request.\n" }, "routingRules": { "type": "string", "description": "JSON array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied.\n" } }, "type": "object" }, "aws:s3/BucketVersioning:BucketVersioning": { "properties": { "enabled": { "type": "boolean", "description": "Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.\n" }, "mfaDelete": { "type": "boolean", "description": "Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS\n" } }, "type": "object" }, "aws:s3/BucketVersioningV2VersioningConfiguration:BucketVersioningV2VersioningConfiguration": { "properties": { "mfaDelete": { "type": "string", "description": "Specifies whether MFA delete is enabled in the bucket versioning configuration. Valid values: `Enabled` or `Disabled`.\n" }, "status": { "type": "string", "description": "Versioning state of the bucket. Valid values: `Enabled`, `Suspended`, or `Disabled`. `Disabled` should only be used when creating or importing resources that correspond to unversioned S3 buckets.\n" } }, "type": "object", "required": [ "status" ], "language": { "nodejs": { "requiredOutputs": [ "mfaDelete", "status" ] } } }, "aws:s3/BucketWebsite:BucketWebsite": { "properties": { "errorDocument": { "type": "string", "description": "Absolute path to the document to return in case of a 4XX error.\n" }, "indexDocument": { "type": "string", "description": "Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.\n" }, "redirectAllRequestsTo": { "type": "string", "description": "Hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (`http://` or `https://`) to use when redirecting requests. The default is the protocol that is used in the original request.\n" }, "routingRules": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:s3/routingRules:RoutingRule" } } ], "description": "JSON array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied.\n" } }, "type": "object" }, "aws:s3/BucketWebsiteConfigurationV2ErrorDocument:BucketWebsiteConfigurationV2ErrorDocument": { "properties": { "key": { "type": "string", "description": "Object key name to use when a 4XX class error occurs.\n" } }, "type": "object", "required": [ "key" ] }, "aws:s3/BucketWebsiteConfigurationV2IndexDocument:BucketWebsiteConfigurationV2IndexDocument": { "properties": { "suffix": { "type": "string", "description": "Suffix that is appended to a request that is for a directory on the website endpoint.\nFor example, if the suffix is `index.html` and you make a request to `samplebucket/images/`, the data that is returned will be for the object with the key name `images/index.html`.\nThe suffix must not be empty and must not include a slash character.\n" } }, "type": "object", "required": [ "suffix" ] }, "aws:s3/BucketWebsiteConfigurationV2RedirectAllRequestsTo:BucketWebsiteConfigurationV2RedirectAllRequestsTo": { "properties": { "hostName": { "type": "string", "description": "Name of the host where requests are redirected.\n" }, "protocol": { "type": "string", "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request. Valid values: `http`, `https`.\n" } }, "type": "object", "required": [ "hostName" ] }, "aws:s3/BucketWebsiteConfigurationV2RoutingRule:BucketWebsiteConfigurationV2RoutingRule": { "properties": { "condition": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RoutingRuleCondition:BucketWebsiteConfigurationV2RoutingRuleCondition", "description": "Configuration block for describing a condition that must be met for the specified redirect to apply. See below.\n" }, "redirect": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RoutingRuleRedirect:BucketWebsiteConfigurationV2RoutingRuleRedirect", "description": "Configuration block for redirect information. See below.\n" } }, "type": "object", "required": [ "redirect" ] }, "aws:s3/BucketWebsiteConfigurationV2RoutingRuleCondition:BucketWebsiteConfigurationV2RoutingRuleCondition": { "properties": { "httpErrorCodeReturnedEquals": { "type": "string", "description": "HTTP error code when the redirect is applied. If specified with `key_prefix_equals`, then both must be true for the redirect to be applied.\n" }, "keyPrefixEquals": { "type": "string", "description": "Object key name prefix when the redirect is applied. If specified with `http_error_code_returned_equals`, then both must be true for the redirect to be applied.\n" } }, "type": "object" }, "aws:s3/BucketWebsiteConfigurationV2RoutingRuleRedirect:BucketWebsiteConfigurationV2RoutingRuleRedirect": { "properties": { "hostName": { "type": "string", "description": "Host name to use in the redirect request.\n" }, "httpRedirectCode": { "type": "string", "description": "HTTP redirect code to use on the response.\n" }, "protocol": { "type": "string", "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request. Valid values: `http`, `https`.\n" }, "replaceKeyPrefixWith": { "type": "string", "description": "Object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/`, you can set a `condition` block with `key_prefix_equals` set to `docs/` and in the `redirect` set `replace_key_prefix_with` to `/documents`.\n" }, "replaceKeyWith": { "type": "string", "description": "Specific object key to use in the redirect request. For example, redirect request to `error.html`.\n" } }, "type": "object" }, "aws:s3/CannedAcl:CannedAcl": { "description": "See https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl", "type": "string", "enum": [ { "name": "Private", "value": "private" }, { "name": "PublicRead", "value": "public-read" }, { "name": "PublicReadWrite", "value": "public-read-write" }, { "name": "AwsExecRead", "value": "aws-exec-read" }, { "name": "AuthenticatedRead", "value": "authenticated-read" }, { "name": "BucketOwnerRead", "value": "bucket-owner-read" }, { "name": "BucketOwnerFullControl", "value": "bucket-owner-full-control" }, { "name": "LogDeliveryWrite", "value": "log-delivery-write" } ] }, "aws:s3/DirectoryBucketLocation:DirectoryBucketLocation": { "properties": { "name": { "type": "string", "description": "[Availability Zone ID](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#az-ids).\n" }, "type": { "type": "string", "description": "Location type. Valid values: `AvailabilityZone`.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "name", "type" ] } } }, "aws:s3/InventoryDestination:InventoryDestination": { "properties": { "bucket": { "$ref": "#/types/aws:s3/InventoryDestinationBucket:InventoryDestinationBucket", "description": "S3 bucket configuration where inventory results are published (documented below).\n" } }, "type": "object", "required": [ "bucket" ] }, "aws:s3/InventoryDestinationBucket:InventoryDestinationBucket": { "properties": { "accountId": { "type": "string", "description": "ID of the account that owns the destination bucket. Recommended to be set to prevent problems if the destination bucket ownership changes.\n" }, "bucketArn": { "type": "string", "description": "Amazon S3 bucket ARN of the destination.\n" }, "encryption": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryption:InventoryDestinationBucketEncryption", "description": "Contains the type of server-side encryption to use to encrypt the inventory (documented below).\n" }, "format": { "type": "string", "description": "Specifies the output format of the inventory results. Can be `CSV`, [`ORC`](https://orc.apache.org/) or [`Parquet`](https://parquet.apache.org/).\n" }, "prefix": { "type": "string", "description": "Prefix that is prepended to all inventory results.\n" } }, "type": "object", "required": [ "bucketArn", "format" ] }, "aws:s3/InventoryDestinationBucketEncryption:InventoryDestinationBucketEncryption": { "properties": { "sseKms": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryptionSseKms:InventoryDestinationBucketEncryptionSseKms", "description": "Specifies to use server-side encryption with AWS KMS-managed keys to encrypt the inventory file (documented below).\n" }, "sseS3": { "$ref": "#/types/aws:s3/InventoryDestinationBucketEncryptionSseS3:InventoryDestinationBucketEncryptionSseS3", "description": "Specifies to use server-side encryption with Amazon S3-managed keys (SSE-S3) to encrypt the inventory file.\n" } }, "type": "object" }, "aws:s3/InventoryDestinationBucketEncryptionSseKms:InventoryDestinationBucketEncryptionSseKms": { "properties": { "keyId": { "type": "string", "description": "ARN of the KMS customer master key (CMK) used to encrypt the inventory file.\n" } }, "type": "object", "required": [ "keyId" ] }, "aws:s3/InventoryDestinationBucketEncryptionSseS3:InventoryDestinationBucketEncryptionSseS3": { "type": "object" }, "aws:s3/InventoryFilter:InventoryFilter": { "properties": { "prefix": { "type": "string", "description": "Prefix that an object must have to be included in the inventory results.\n" } }, "type": "object" }, "aws:s3/InventorySchedule:InventorySchedule": { "properties": { "frequency": { "type": "string", "description": "Specifies how frequently inventory results are produced. Valid values: `Daily`, `Weekly`.\n" } }, "type": "object", "required": [ "frequency" ] }, "aws:s3/ObjectCopyGrant:ObjectCopyGrant": { "properties": { "email": { "type": "string", "description": "Email address of the grantee. Used only when `type` is `AmazonCustomerByEmail`.\n" }, "id": { "type": "string", "description": "Canonical user ID of the grantee. Used only when `type` is `CanonicalUser`.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions to grant to grantee. Valid values are `READ`, `READ_ACP`, `WRITE_ACP`, `FULL_CONTROL`.\n" }, "type": { "type": "string", "description": "Type of grantee. Valid values are `CanonicalUser`, `Group`, and `AmazonCustomerByEmail`.\n\nThis configuration block has the following optional arguments (one of the three is required):\n" }, "uri": { "type": "string", "description": "URI of the grantee group. Used only when `type` is `Group`.\n" } }, "type": "object", "required": [ "permissions", "type" ] }, "aws:s3control/AccessGrantAccessGrantsLocationConfiguration:AccessGrantAccessGrantsLocationConfiguration": { "properties": { "s3SubPrefix": { "type": "string", "description": "Sub-prefix.\n" } }, "type": "object" }, "aws:s3control/AccessGrantGrantee:AccessGrantGrantee": { "properties": { "granteeIdentifier": { "type": "string", "description": "Grantee identifier.\n" }, "granteeType": { "type": "string", "description": "Grantee types. Valid values: `DIRECTORY_USER`, `DIRECTORY_GROUP`, `IAM`.\n" } }, "type": "object", "required": [ "granteeIdentifier", "granteeType" ] }, "aws:s3control/BucketLifecycleConfigurationRule:BucketLifecycleConfigurationRule": { "properties": { "abortIncompleteMultipartUpload": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRuleAbortIncompleteMultipartUpload:BucketLifecycleConfigurationRuleAbortIncompleteMultipartUpload", "description": "Configuration block containing settings for abort incomplete multipart upload.\n" }, "expiration": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRuleExpiration:BucketLifecycleConfigurationRuleExpiration", "description": "Configuration block containing settings for expiration of objects.\n" }, "filter": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRuleFilter:BucketLifecycleConfigurationRuleFilter", "description": "Configuration block containing settings for filtering.\n" }, "id": { "type": "string", "description": "Unique identifier for the rule.\n" }, "status": { "type": "string", "description": "Status of the rule. Valid values: `Enabled` and `Disabled`. Defaults to `Enabled`.\n" } }, "type": "object", "required": [ "id" ] }, "aws:s3control/BucketLifecycleConfigurationRuleAbortIncompleteMultipartUpload:BucketLifecycleConfigurationRuleAbortIncompleteMultipartUpload": { "properties": { "daysAfterInitiation": { "type": "integer", "description": "Number of days after which Amazon S3 aborts an incomplete multipart upload.\n" } }, "type": "object", "required": [ "daysAfterInitiation" ] }, "aws:s3control/BucketLifecycleConfigurationRuleExpiration:BucketLifecycleConfigurationRuleExpiration": { "properties": { "date": { "type": "string", "description": "Date the object is to be deleted. Should be in `YYYY-MM-DD` date format, e.g., `2020-09-30`.\n" }, "days": { "type": "integer", "description": "Number of days before the object is to be deleted.\n" }, "expiredObjectDeleteMarker": { "type": "boolean", "description": "Enable to remove a delete marker with no noncurrent versions. Cannot be specified with `date` or `days`.\n" } }, "type": "object" }, "aws:s3control/BucketLifecycleConfigurationRuleFilter:BucketLifecycleConfigurationRuleFilter": { "properties": { "prefix": { "type": "string", "description": "Object prefix for rule filtering.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of object tags for rule filtering.\n" } }, "type": "object" }, "aws:s3control/MultiRegionAccessPointDetails:MultiRegionAccessPointDetails": { "properties": { "name": { "type": "string", "willReplaceOnChanges": true }, "publicAccessBlock": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointDetailsPublicAccessBlock:MultiRegionAccessPointDetailsPublicAccessBlock", "willReplaceOnChanges": true }, "regions": { "type": "array", "items": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointDetailsRegion:MultiRegionAccessPointDetailsRegion" }, "willReplaceOnChanges": true } }, "type": "object", "required": [ "name", "regions" ] }, "aws:s3control/MultiRegionAccessPointDetailsPublicAccessBlock:MultiRegionAccessPointDetailsPublicAccessBlock": { "properties": { "blockPublicAcls": { "type": "boolean", "willReplaceOnChanges": true }, "blockPublicPolicy": { "type": "boolean", "willReplaceOnChanges": true }, "ignorePublicAcls": { "type": "boolean", "willReplaceOnChanges": true }, "restrictPublicBuckets": { "type": "boolean", "willReplaceOnChanges": true } }, "type": "object" }, "aws:s3control/MultiRegionAccessPointDetailsRegion:MultiRegionAccessPointDetailsRegion": { "properties": { "bucket": { "type": "string", "willReplaceOnChanges": true }, "bucketAccountId": { "type": "string", "willReplaceOnChanges": true }, "region": { "type": "string" } }, "type": "object", "required": [ "bucket" ], "language": { "nodejs": { "requiredOutputs": [ "bucket", "bucketAccountId", "region" ] } } }, "aws:s3control/MultiRegionAccessPointPolicyDetails:MultiRegionAccessPointPolicyDetails": { "properties": { "name": { "type": "string", "description": "The name of the Multi-Region Access Point.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "A valid JSON document that specifies the policy that you want to associate with this Multi-Region Access Point. Once applied, the policy can be edited, but not deleted. For more information, see the documentation on [Multi-Region Access Point Permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.html).\n\n\u003e **NOTE:** When you update the `policy`, the update is first listed as the proposed policy. After the update is finished and all Regions have been updated, the proposed policy is listed as the established policy. If both policies have the same version number, the proposed policy is the established policy.\n" } }, "type": "object", "required": [ "name", "policy" ] }, "aws:s3control/ObjectLambdaAccessPointConfiguration:ObjectLambdaAccessPointConfiguration": { "properties": { "allowedFeatures": { "type": "array", "items": { "type": "string" }, "description": "Allowed features. Valid values: `GetObject-Range`, `GetObject-PartNumber`.\n" }, "cloudWatchMetricsEnabled": { "type": "boolean", "description": "Whether or not the CloudWatch metrics configuration is enabled.\n" }, "supportingAccessPoint": { "type": "string", "description": "Standard access point associated with the Object Lambda Access Point.\n", "willReplaceOnChanges": true }, "transformationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfiguration:ObjectLambdaAccessPointConfigurationTransformationConfiguration" }, "description": "List of transformation configurations for the Object Lambda Access Point. See Transformation Configuration below for more details.\n" } }, "type": "object", "required": [ "supportingAccessPoint", "transformationConfigurations" ] }, "aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfiguration:ObjectLambdaAccessPointConfigurationTransformationConfiguration": { "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "The actions of an Object Lambda Access Point configuration. Valid values: `GetObject`.\n" }, "contentTransformation": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation:ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation", "description": "The content transformation of an Object Lambda Access Point configuration. See Content Transformation below for more details.\n" } }, "type": "object", "required": [ "actions", "contentTransformation" ] }, "aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation:ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation": { "properties": { "awsLambda": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda:ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda", "description": "Configuration for an AWS Lambda function. See AWS Lambda below for more details.\n" } }, "type": "object", "required": [ "awsLambda" ] }, "aws:s3control/ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda:ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda": { "properties": { "functionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Lambda function.\n" }, "functionPayload": { "type": "string", "description": "Additional JSON that provides supplemental data to the Lambda function used to transform objects.\n" } }, "type": "object", "required": [ "functionArn" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfiguration:StorageLensConfigurationStorageLensConfiguration": { "properties": { "accountLevel": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevel:StorageLensConfigurationStorageLensConfigurationAccountLevel", "description": "The account-level configurations of the S3 Storage Lens configuration. See Account Level below for more details.\n" }, "awsOrg": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAwsOrg:StorageLensConfigurationStorageLensConfigurationAwsOrg", "description": "The Amazon Web Services organization for the S3 Storage Lens configuration. See AWS Org below for more details.\n" }, "dataExport": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExport:StorageLensConfigurationStorageLensConfigurationDataExport", "description": "Properties of S3 Storage Lens metrics export including the destination, schema and format. See Data Export below for more details.\n" }, "enabled": { "type": "boolean", "description": "Whether the S3 Storage Lens configuration is enabled.\n" }, "exclude": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationExclude:StorageLensConfigurationStorageLensConfigurationExclude", "description": "What is excluded in this configuration. Conflicts with `include`. See Exclude below for more details.\n" }, "include": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationInclude:StorageLensConfigurationStorageLensConfigurationInclude", "description": "What is included in this configuration. Conflicts with `exclude`. See Include below for more details.\n" } }, "type": "object", "required": [ "accountLevel", "enabled" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevel:StorageLensConfigurationStorageLensConfigurationAccountLevel": { "properties": { "activityMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetrics", "description": "S3 Storage Lens activity metrics. See Activity Metrics below for more details.\n" }, "advancedCostOptimizationMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedCostOptimizationMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedCostOptimizationMetrics", "description": "Advanced cost-optimization metrics for S3 Storage Lens. See Advanced Cost-Optimization Metrics below for more details.\n" }, "advancedDataProtectionMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedDataProtectionMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedDataProtectionMetrics", "description": "Advanced data-protection metrics for S3 Storage Lens. See Advanced Data-Protection Metrics below for more details.\n" }, "bucketLevel": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevel:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevel", "description": "S3 Storage Lens bucket-level configuration. See Bucket Level below for more details.\n" }, "detailedStatusCodeMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelDetailedStatusCodeMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelDetailedStatusCodeMetrics", "description": "Detailed status code metrics for S3 Storage Lens. See Detailed Status Code Metrics below for more details.\n" } }, "type": "object", "required": [ "bucketLevel" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether the activity metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedCostOptimizationMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedCostOptimizationMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether advanced cost-optimization metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedDataProtectionMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelAdvancedDataProtectionMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether advanced data-protection metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevel:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevel": { "properties": { "activityMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetrics", "description": "S3 Storage Lens activity metrics. See Activity Metrics above for more details.\n" }, "advancedCostOptimizationMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedCostOptimizationMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedCostOptimizationMetrics", "description": "Advanced cost-optimization metrics for S3 Storage Lens. See Advanced Cost-Optimization Metrics above for more details.\n" }, "advancedDataProtectionMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedDataProtectionMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedDataProtectionMetrics", "description": "Advanced data-protection metrics for S3 Storage Lens. See Advanced Data-Protection Metrics above for more details.\n" }, "detailedStatusCodeMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelDetailedStatusCodeMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelDetailedStatusCodeMetrics", "description": "Detailed status code metrics for S3 Storage Lens. See Detailed Status Code Metrics above for more details.\n" }, "prefixLevel": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevel:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevel", "description": "Prefix-level metrics for S3 Storage Lens. See Prefix Level below for more details.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether the activity metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedCostOptimizationMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedCostOptimizationMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether advanced cost-optimization metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedDataProtectionMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelAdvancedDataProtectionMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether advanced data-protection metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelDetailedStatusCodeMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelDetailedStatusCodeMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether detailed status code metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevel:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevel": { "properties": { "storageMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetrics", "description": "Prefix-level storage metrics for S3 Storage Lens. See Prefix Level Storage Metrics below for more details.\n" } }, "type": "object", "required": [ "storageMetrics" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether prefix-level storage metrics are enabled.\n" }, "selectionCriteria": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetricsSelectionCriteria:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetricsSelectionCriteria", "description": "Selection criteria. See Selection Criteria below for more details.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetricsSelectionCriteria:StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelPrefixLevelStorageMetricsSelectionCriteria": { "properties": { "delimiter": { "type": "string", "description": "The delimiter of the selection criteria being used.\n" }, "maxDepth": { "type": "integer", "description": "The max depth of the selection criteria.\n" }, "minStorageBytesPercentage": { "type": "number", "description": "The minimum number of storage bytes percentage whose metrics will be selected.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAccountLevelDetailedStatusCodeMetrics:StorageLensConfigurationStorageLensConfigurationAccountLevelDetailedStatusCodeMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether detailed status code metrics are enabled.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationAwsOrg:StorageLensConfigurationStorageLensConfigurationAwsOrg": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Web Services organization.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExport:StorageLensConfigurationStorageLensConfigurationDataExport": { "properties": { "cloudWatchMetrics": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetrics:StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetrics", "description": "Amazon CloudWatch publishing for S3 Storage Lens metrics. See Cloud Watch Metrics below for more details.\n" }, "s3BucketDestination": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestination:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestination", "description": "The bucket where the S3 Storage Lens metrics export will be located. See S3 Bucket Destination below for more details.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetrics:StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetrics": { "properties": { "enabled": { "type": "boolean", "description": "Whether CloudWatch publishing for S3 Storage Lens metrics is enabled.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestination:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestination": { "properties": { "accountId": { "type": "string", "description": "The account ID of the owner of the S3 Storage Lens metrics export bucket.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the bucket.\n" }, "encryption": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryption:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryption", "description": "Encryption of the metrics exports in this bucket. See Encryption below for more details.\n" }, "format": { "type": "string", "description": "The export format. Valid values: `CSV`, `Parquet`.\n" }, "outputSchemaVersion": { "type": "string", "description": "The schema version of the export file. Valid values: `V_1`.\n" }, "prefix": { "type": "string", "description": "The prefix of the destination bucket where the metrics export will be delivered.\n" } }, "type": "object", "required": [ "accountId", "arn", "format", "outputSchemaVersion" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryption:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryption": { "properties": { "sseKms": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseKms:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseKms", "description": "SSE-KMS encryption. See SSE KMS below for more details.\n" }, "sseS3s": { "type": "array", "items": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseS3:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseS3" }, "description": "SSE-S3 encryption. An empty configuration block `{}` should be used.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseKms:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseKms": { "properties": { "keyId": { "type": "string", "description": "KMS key ARN.\n" } }, "type": "object", "required": [ "keyId" ] }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseS3:StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseS3": { "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationExclude:StorageLensConfigurationStorageLensConfigurationExclude": { "properties": { "buckets": { "type": "array", "items": { "type": "string" }, "description": "List of S3 bucket ARNs.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Regions.\n" } }, "type": "object" }, "aws:s3control/StorageLensConfigurationStorageLensConfigurationInclude:StorageLensConfigurationStorageLensConfigurationInclude": { "properties": { "buckets": { "type": "array", "items": { "type": "string" }, "description": "List of S3 bucket ARNs.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Regions.\n" } }, "type": "object" }, "aws:s3control/getMultiRegionAccessPointPublicAccessBlock:getMultiRegionAccessPointPublicAccessBlock": { "properties": { "blockPublicAcls": { "type": "boolean", "description": "Specifies whether Amazon S3 should block public access control lists (ACLs). When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n* PUT Object calls fail if the request includes a public ACL.\n* PUT Bucket calls fail if the request includes a public ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "type": "object", "required": [ "blockPublicAcls", "blockPublicPolicy", "ignorePublicAcls", "restrictPublicBuckets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:s3control/getMultiRegionAccessPointRegion:getMultiRegionAccessPointRegion": { "properties": { "bucket": { "type": "string", "description": "The name of the bucket.\n" }, "bucketAccountId": { "type": "string", "description": "The AWS account ID that owns the bucket.\n" }, "region": { "type": "string", "description": "The name of the region.\n" } }, "type": "object", "required": [ "bucket", "bucketAccountId", "region" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:s3outposts/EndpointNetworkInterface:EndpointNetworkInterface": { "properties": { "networkInterfaceId": { "type": "string", "description": "Identifier of the Elastic Network Interface (ENI).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "networkInterfaceId" ] } } }, "aws:sagemaker/AppImageConfigCodeEditorAppImageConfig:AppImageConfigCodeEditorAppImageConfig": { "properties": { "containerConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigCodeEditorAppImageConfigContainerConfig:AppImageConfigCodeEditorAppImageConfigContainerConfig", "description": "The configuration used to run the application image container. See Container Config details below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigCodeEditorAppImageConfigFileSystemConfig:AppImageConfigCodeEditorAppImageConfigFileSystemConfig", "description": "The URL where the Git repository is located. See File System Config details below.\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigCodeEditorAppImageConfigContainerConfig:AppImageConfigCodeEditorAppImageConfigContainerConfig": { "properties": { "containerArguments": { "type": "array", "items": { "type": "string" }, "description": "The arguments for the container when you're running the application.\n" }, "containerEntrypoints": { "type": "array", "items": { "type": "string" }, "description": "The entrypoint used to run the application in the container.\n" }, "containerEnvironmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The environment variables to set in the container.\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigCodeEditorAppImageConfigFileSystemConfig:AppImageConfigCodeEditorAppImageConfigFileSystemConfig": { "properties": { "defaultGid": { "type": "integer", "description": "The default POSIX group ID (GID). If not specified, defaults to `100`. Valid values are `0` and `100`.\n" }, "defaultUid": { "type": "integer", "description": "The default POSIX user ID (UID). If not specified, defaults to `1000`. Valid values are `0` and `1000`.\n" }, "mountPath": { "type": "string", "description": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to `/home/sagemaker-user`.\n\n\u003e **Note:** When specifying `default_gid` and `default_uid`, Valid value pairs are [`0`, `0`] and [`100`, `1000`].\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigJupyterLabImageConfig:AppImageConfigJupyterLabImageConfig": { "properties": { "containerConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigJupyterLabImageConfigContainerConfig:AppImageConfigJupyterLabImageConfigContainerConfig", "description": "The configuration used to run the application image container. See Container Config details below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigJupyterLabImageConfigFileSystemConfig:AppImageConfigJupyterLabImageConfigFileSystemConfig", "description": "The URL where the Git repository is located. See File System Config details below.\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigJupyterLabImageConfigContainerConfig:AppImageConfigJupyterLabImageConfigContainerConfig": { "properties": { "containerArguments": { "type": "array", "items": { "type": "string" }, "description": "The arguments for the container when you're running the application.\n" }, "containerEntrypoints": { "type": "array", "items": { "type": "string" }, "description": "The entrypoint used to run the application in the container.\n" }, "containerEnvironmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The environment variables to set in the container.\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigJupyterLabImageConfigFileSystemConfig:AppImageConfigJupyterLabImageConfigFileSystemConfig": { "properties": { "defaultGid": { "type": "integer", "description": "The default POSIX group ID (GID). If not specified, defaults to `100`. Valid values are `0` and `100`.\n" }, "defaultUid": { "type": "integer", "description": "The default POSIX user ID (UID). If not specified, defaults to `1000`. Valid values are `0` and `1000`.\n" }, "mountPath": { "type": "string", "description": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to `/home/sagemaker-user`.\n\n\u003e **Note:** When specifying `default_gid` and `default_uid`, Valid value pairs are [`0`, `0`] and [`100`, `1000`].\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigKernelGatewayImageConfig:AppImageConfigKernelGatewayImageConfig": { "properties": { "fileSystemConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigKernelGatewayImageConfigFileSystemConfig:AppImageConfigKernelGatewayImageConfigFileSystemConfig", "description": "The URL where the Git repository is located. See File System Config details below.\n" }, "kernelSpec": { "$ref": "#/types/aws:sagemaker/AppImageConfigKernelGatewayImageConfigKernelSpec:AppImageConfigKernelGatewayImageConfigKernelSpec", "description": "The default branch for the Git repository. See Kernel Spec details below.\n" } }, "type": "object", "required": [ "kernelSpec" ] }, "aws:sagemaker/AppImageConfigKernelGatewayImageConfigFileSystemConfig:AppImageConfigKernelGatewayImageConfigFileSystemConfig": { "properties": { "defaultGid": { "type": "integer", "description": "The default POSIX group ID (GID). If not specified, defaults to `100`. Valid values are `0` and `100`.\n" }, "defaultUid": { "type": "integer", "description": "The default POSIX user ID (UID). If not specified, defaults to `1000`. Valid values are `0` and `1000`.\n" }, "mountPath": { "type": "string", "description": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to `/home/sagemaker-user`.\n\n\u003e **Note:** When specifying `default_gid` and `default_uid`, Valid value pairs are [`0`, `0`] and [`100`, `1000`].\n" } }, "type": "object" }, "aws:sagemaker/AppImageConfigKernelGatewayImageConfigKernelSpec:AppImageConfigKernelGatewayImageConfigKernelSpec": { "properties": { "displayName": { "type": "string", "description": "The display name of the kernel.\n" }, "name": { "type": "string", "description": "The name of the kernel.\n" } }, "type": "object", "required": [ "name" ] }, "aws:sagemaker/AppResourceSpec:AppResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "sagemakerImageArn" ] } } }, "aws:sagemaker/CodeRepositoryGitConfig:CodeRepositoryGitConfig": { "properties": { "branch": { "type": "string", "description": "The default branch for the Git repository.\n", "willReplaceOnChanges": true }, "repositoryUrl": { "type": "string", "description": "The URL where the Git repository is located.\n", "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of AWSCURRENT and must be in the following format: `{\"username\": UserName, \"password\": Password}`\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/DataQualityJobDefinitionDataQualityAppSpecification:DataQualityJobDefinitionDataQualityAppSpecification": { "properties": { "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Sets the environment variables in the container that the monitoring job runs. A list of key value pairs.\n", "willReplaceOnChanges": true }, "imageUri": { "type": "string", "description": "The container image that the data quality monitoring job runs.\n", "willReplaceOnChanges": true }, "postAnalyticsProcessorSourceUri": { "type": "string", "description": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.\n", "willReplaceOnChanges": true }, "recordPreprocessorSourceUri": { "type": "string", "description": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "imageUri" ] }, "aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfig:DataQualityJobDefinitionDataQualityBaselineConfig": { "properties": { "constraintsResource": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfigConstraintsResource:DataQualityJobDefinitionDataQualityBaselineConfigConstraintsResource", "description": "The constraints resource for a monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "statisticsResource": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfigStatisticsResource:DataQualityJobDefinitionDataQualityBaselineConfigStatisticsResource", "description": "The statistics resource for a monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfigConstraintsResource:DataQualityJobDefinitionDataQualityBaselineConfigConstraintsResource": { "properties": { "s3Uri": { "type": "string", "description": "The Amazon S3 URI for the constraints resource.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfigStatisticsResource:DataQualityJobDefinitionDataQualityBaselineConfigStatisticsResource": { "properties": { "s3Uri": { "type": "string", "description": "The Amazon S3 URI for the statistics resource.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInput:DataQualityJobDefinitionDataQualityJobInput": { "properties": { "batchTransformInput": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInput:DataQualityJobDefinitionDataQualityJobInputBatchTransformInput", "description": "Input object for the batch transform job. Fields are documented below.\n", "willReplaceOnChanges": true }, "endpointInput": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputEndpointInput:DataQualityJobDefinitionDataQualityJobInputEndpointInput", "description": "Input object for the endpoint. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInput:DataQualityJobDefinitionDataQualityJobInputBatchTransformInput": { "properties": { "dataCapturedDestinationS3Uri": { "type": "string", "description": "The Amazon S3 location being used to capture the data.\n", "willReplaceOnChanges": true }, "datasetFormat": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormat:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormat", "description": "The dataset format for your batch transform job. Fields are documented below.\n", "willReplaceOnChanges": true }, "localPath": { "type": "string", "description": "Path to the filesystem where the batch transform data is available to the container. Defaults to `/opt/ml/processing/input`.\n", "willReplaceOnChanges": true }, "s3DataDistributionType": { "type": "string", "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`. Valid values are `FullyReplicated` or `ShardedByS3Key`\n", "willReplaceOnChanges": true }, "s3InputMode": { "type": "string", "description": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File`. Valid values are `Pipe` or `File`\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "dataCapturedDestinationS3Uri", "datasetFormat" ], "language": { "nodejs": { "requiredOutputs": [ "dataCapturedDestinationS3Uri", "datasetFormat", "s3DataDistributionType", "s3InputMode" ] } } }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormat:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormat": { "properties": { "csv": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatCsv:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatCsv", "description": "The CSV dataset used in the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "json": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatJson:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatJson", "description": "The JSON dataset used in the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatCsv:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatCsv": { "properties": { "header": { "type": "boolean", "description": "Indicates if the CSV data has a header.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatJson:DataQualityJobDefinitionDataQualityJobInputBatchTransformInputDatasetFormatJson": { "properties": { "line": { "type": "boolean", "description": "Indicates if the file should be read as a json object per line.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobInputEndpointInput:DataQualityJobDefinitionDataQualityJobInputEndpointInput": { "properties": { "endpointName": { "type": "string", "description": "An endpoint in customer's account which has `data_capture_config` enabled.\n", "willReplaceOnChanges": true }, "localPath": { "type": "string", "description": "Path to the filesystem where the endpoint data is available to the container. Defaults to `/opt/ml/processing/input`.\n", "willReplaceOnChanges": true }, "s3DataDistributionType": { "type": "string", "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`. Valid values are `FullyReplicated` or `ShardedByS3Key`\n", "willReplaceOnChanges": true }, "s3InputMode": { "type": "string", "description": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File`. Valid values are `Pipe` or `File`\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "endpointName" ], "language": { "nodejs": { "requiredOutputs": [ "endpointName", "s3DataDistributionType", "s3InputMode" ] } } }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfig:DataQualityJobDefinitionDataQualityJobOutputConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true }, "monitoringOutputs": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputs:DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputs", "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "monitoringOutputs" ] }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputs:DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputs": { "properties": { "s3Output": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3Output:DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3Output", "description": "The Amazon S3 storage location where the results of a monitoring job are saved. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3Output" ] }, "aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3Output:DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3Output": { "properties": { "localPath": { "type": "string", "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. Defaults to `/opt/ml/processing/output`.\n", "willReplaceOnChanges": true }, "s3UploadMode": { "type": "string", "description": "Whether to upload the results of the monitoring job continuously or after the job completes. Valid values are `Continuous` or `EndOfJob`\n", "willReplaceOnChanges": true }, "s3Uri": { "type": "string", "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredOutputs": [ "s3UploadMode", "s3Uri" ] } } }, "aws:sagemaker/DataQualityJobDefinitionJobResources:DataQualityJobDefinitionJobResources": { "properties": { "clusterConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionJobResourcesClusterConfig:DataQualityJobDefinitionJobResourcesClusterConfig", "description": "The configuration for the cluster resources used to run the processing job. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "clusterConfig" ] }, "aws:sagemaker/DataQualityJobDefinitionJobResourcesClusterConfig:DataQualityJobDefinitionJobResourcesClusterConfig": { "properties": { "instanceCount": { "type": "integer", "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The ML compute instance type for the processing job.\n", "willReplaceOnChanges": true }, "volumeKmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.\n", "willReplaceOnChanges": true }, "volumeSizeInGb": { "type": "integer", "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "instanceCount", "instanceType", "volumeSizeInGb" ] }, "aws:sagemaker/DataQualityJobDefinitionNetworkConfig:DataQualityJobDefinitionNetworkConfig": { "properties": { "enableInterContainerTrafficEncryption": { "type": "boolean", "description": "Whether to encrypt all communications between the instances used for the monitoring jobs. Choose `true` to encrypt communications. Encryption provides greater security for distributed jobs, but the processing might take longer.\n", "willReplaceOnChanges": true }, "enableNetworkIsolation": { "type": "boolean", "description": "Whether to allow inbound and outbound network calls to and from the containers used for the monitoring job.\n", "willReplaceOnChanges": true }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionNetworkConfigVpcConfig:DataQualityJobDefinitionNetworkConfigVpcConfig", "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. Fields are documented below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DataQualityJobDefinitionNetworkConfigVpcConfig:DataQualityJobDefinitionNetworkConfigVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the `subnets` field.\n", "willReplaceOnChanges": true }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The ID of the subnets in the VPC to which you want to connect your training job or model.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "securityGroupIds", "subnets" ] }, "aws:sagemaker/DataQualityJobDefinitionStoppingCondition:DataQualityJobDefinitionStoppingCondition": { "properties": { "maxRuntimeInSeconds": { "type": "integer", "description": "The maximum runtime allowed in seconds.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "maxRuntimeInSeconds" ] } } }, "aws:sagemaker/DeviceDevice:DeviceDevice": { "properties": { "description": { "type": "string", "description": "A description for the device.\n" }, "deviceName": { "type": "string", "description": "The name of the device.\n", "willReplaceOnChanges": true }, "iotThingName": { "type": "string", "description": "Amazon Web Services Internet of Things (IoT) object name.\n" } }, "type": "object", "required": [ "deviceName" ] }, "aws:sagemaker/DeviceFleetOutputConfig:DeviceFleetOutputConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.\n" }, "s3OutputLocation": { "type": "string", "description": "The Amazon Simple Storage (S3) bucker URI.\n" } }, "type": "object", "required": [ "s3OutputLocation" ] }, "aws:sagemaker/DomainDefaultSpaceSettings:DomainDefaultSpaceSettings": { "properties": { "executionRole": { "type": "string", "description": "The execution role for the space.\n" }, "jupyterServerAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettings:DomainDefaultSpaceSettingsJupyterServerAppSettings", "description": "The Jupyter server's app settings. See `jupyter_server_app_settings` Block below.\n" }, "kernelGatewayAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettings:DomainDefaultSpaceSettingsKernelGatewayAppSettings", "description": "The kernel gateway app settings. See `kernel_gateway_app_settings` Block below.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups for the Amazon Virtual Private Cloud that the space uses for communication.\n" } }, "type": "object", "required": [ "executionRole" ] }, "aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettings:DomainDefaultSpaceSettingsJupyterServerAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettingsCodeRepository:DomainDefaultSpaceSettingsJupyterServerAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. see `code_repository` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec:DomainDefaultSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettingsCodeRepository:DomainDefaultSpaceSettingsJupyterServerAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/DomainDefaultSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec:DomainDefaultSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettings:DomainDefaultSpaceSettingsKernelGatewayAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettingsCustomImage:DomainDefaultSpaceSettingsKernelGatewayAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app. see `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec:DomainDefaultSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettingsCustomImage:DomainDefaultSpaceSettingsKernelGatewayAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/DomainDefaultSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec:DomainDefaultSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettings:DomainDefaultUserSettings": { "properties": { "canvasAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettings:DomainDefaultUserSettingsCanvasAppSettings", "description": "The Canvas app settings. See `canvas_app_settings` Block below.\n" }, "codeEditorAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettings:DomainDefaultUserSettingsCodeEditorAppSettings", "description": "The Code Editor application settings. See `code_editor_app_settings` Block below.\n" }, "customFileSystemConfigs": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCustomFileSystemConfig:DomainDefaultUserSettingsCustomFileSystemConfig" }, "description": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio. See `custom_file_system_config` Block below.\n" }, "customPosixUserConfig": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCustomPosixUserConfig:DomainDefaultUserSettingsCustomPosixUserConfig", "description": "Details about the POSIX identity that is used for file system operations. See `custom_posix_user_config` Block below.\n" }, "defaultLandingUri": { "type": "string", "description": "The default experience that the user is directed to when accessing the domain. The supported values are: `studio::`: Indicates that Studio is the default experience. This value can only be passed if StudioWebPortal is set to ENABLED. `app:JupyterServer:`: Indicates that Studio Classic is the default experience.\n" }, "executionRole": { "type": "string", "description": "The execution role ARN for the user.\n" }, "jupyterLabAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettings:DomainDefaultUserSettingsJupyterLabAppSettings", "description": "The settings for the JupyterLab application. See `jupyter_lab_app_settings` Block below.\n" }, "jupyterServerAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettings:DomainDefaultUserSettingsJupyterServerAppSettings", "description": "The Jupyter server's app settings. See `jupyter_server_app_settings` Block below.\n" }, "kernelGatewayAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettings:DomainDefaultUserSettingsKernelGatewayAppSettings", "description": "The kernel gateway app settings. See `kernel_gateway_app_settings` Block below.\n" }, "rSessionAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettings:DomainDefaultUserSettingsRSessionAppSettings", "description": "The RSession app settings. See `r_session_app_settings` Block below.\n" }, "rStudioServerProAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsRStudioServerProAppSettings:DomainDefaultUserSettingsRStudioServerProAppSettings", "description": "A collection of settings that configure user interaction with the RStudioServerPro app. See `r_studio_server_pro_app_settings` Block below.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs that will be attached to the user.\n" }, "sharingSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsSharingSettings:DomainDefaultUserSettingsSharingSettings", "description": "The sharing settings. See `sharing_settings` Block below.\n" }, "spaceStorageSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsSpaceStorageSettings:DomainDefaultUserSettingsSpaceStorageSettings", "description": "The storage settings for a private space. See `space_storage_settings` Block below.\n" }, "studioWebPortal": { "type": "string", "description": "Whether the user can access Studio. If this value is set to `DISABLED`, the user cannot access Studio, even if that is the default experience for the domain. Valid values are `ENABLED` and `DISABLED`.\n" }, "tensorBoardAppSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsTensorBoardAppSettings:DomainDefaultUserSettingsTensorBoardAppSettings", "description": "The TensorBoard app settings. See `tensor_board_app_settings` Block below.\n" } }, "type": "object", "required": [ "executionRole" ], "language": { "nodejs": { "requiredOutputs": [ "defaultLandingUri", "executionRole", "spaceStorageSettings", "studioWebPortal" ] } } }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettings:DomainDefaultUserSettingsCanvasAppSettings": { "properties": { "directDeploySettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsDirectDeploySettings:DomainDefaultUserSettingsCanvasAppSettingsDirectDeploySettings", "description": "The model deployment settings for the SageMaker Canvas application. See `direct_deploy_settings` Block below.\n" }, "generativeAiSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsGenerativeAiSettings:DomainDefaultUserSettingsCanvasAppSettingsGenerativeAiSettings" }, "identityProviderOauthSettings": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsIdentityProviderOauthSetting:DomainDefaultUserSettingsCanvasAppSettingsIdentityProviderOauthSetting" }, "description": "The settings for connecting to an external data source with OAuth. See `identity_provider_oauth_settings` Block below.\n" }, "kendraSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsKendraSettings:DomainDefaultUserSettingsCanvasAppSettingsKendraSettings", "description": "The settings for document querying. See `kendra_settings` Block below.\n" }, "modelRegisterSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsModelRegisterSettings:DomainDefaultUserSettingsCanvasAppSettingsModelRegisterSettings", "description": "The model registry settings for the SageMaker Canvas application. See `model_register_settings` Block below.\n" }, "timeSeriesForecastingSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings:DomainDefaultUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings", "description": "Time series forecast settings for the Canvas app. See `time_series_forecasting_settings` Block below.\n" }, "workspaceSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsWorkspaceSettings:DomainDefaultUserSettingsCanvasAppSettingsWorkspaceSettings", "description": "The workspace settings for the SageMaker Canvas application. See `workspace_settings` Block below.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsDirectDeploySettings:DomainDefaultUserSettingsCanvasAppSettingsDirectDeploySettings": { "properties": { "status": { "type": "string", "description": "Describes whether model deployment permissions are enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsGenerativeAiSettings:DomainDefaultUserSettingsCanvasAppSettingsGenerativeAiSettings": { "properties": { "amazonBedrockRoleArn": { "type": "string" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsIdentityProviderOauthSetting:DomainDefaultUserSettingsCanvasAppSettingsIdentityProviderOauthSetting": { "properties": { "dataSourceName": { "type": "string", "description": "The name of the data source that you're connecting to. Canvas currently supports OAuth for Snowflake and Salesforce Data Cloud. Valid values are `SalesforceGenie` and `Snowflake`.\n" }, "secretArn": { "type": "string", "description": "The ARN of an Amazon Web Services Secrets Manager secret that stores the credentials from your identity provider, such as the client ID and secret, authorization URL, and token URL.\n" }, "status": { "type": "string", "description": "Describes whether OAuth for a data source is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object", "required": [ "secretArn" ] }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsKendraSettings:DomainDefaultUserSettingsCanvasAppSettingsKendraSettings": { "properties": { "status": { "type": "string", "description": "Describes whether the document querying feature is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsModelRegisterSettings:DomainDefaultUserSettingsCanvasAppSettingsModelRegisterSettings": { "properties": { "crossAccountModelRegisterRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker model registry account. Required only to register model versions created by a different SageMaker Canvas AWS account than the AWS account in which SageMaker model registry is set up.\n" }, "status": { "type": "string", "description": "Describes whether the integration to the model registry is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings:DomainDefaultUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings": { "properties": { "amazonForecastRoleArn": { "type": "string", "description": "The IAM role that Canvas passes to Amazon Forecast for time series forecasting. By default, Canvas uses the execution role specified in the UserProfile that launches the Canvas app. If an execution role is not specified in the UserProfile, Canvas uses the execution role specified in the Domain that owns the UserProfile. To allow time series forecasting, this IAM role should have the [AmazonSageMakerCanvasForecastAccess](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-canvas.html#security-iam-awsmanpol-AmazonSageMakerCanvasForecastAccess) policy attached and forecast.amazonaws.com added in the trust relationship as a service principal.\n" }, "status": { "type": "string", "description": "Describes whether time series forecasting is enabled or disabled in the Canvas app. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCanvasAppSettingsWorkspaceSettings:DomainDefaultUserSettingsCanvasAppSettingsWorkspaceSettings": { "properties": { "s3ArtifactPath": { "type": "string", "description": "The Amazon S3 bucket used to store artifacts generated by Canvas. Updating the Amazon S3 location impacts existing configuration settings, and Canvas users no longer have access to their artifacts. Canvas users must log out and log back in to apply the new location.\n" }, "s3KmsKeyId": { "type": "string", "description": "The Amazon Web Services Key Management Service (KMS) encryption key ID that is used to encrypt artifacts generated by Canvas in the Amazon S3 bucket.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettings:DomainDefaultUserSettingsCodeEditorAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettingsCustomImage:DomainDefaultUserSettingsCodeEditorAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a CodeEditor app. see `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsCodeEditorAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettingsCustomImage:DomainDefaultUserSettingsCodeEditorAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/DomainDefaultUserSettingsCodeEditorAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsCodeEditorAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCustomFileSystemConfig:DomainDefaultUserSettingsCustomFileSystemConfig": { "properties": { "efsFileSystemConfig": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsCustomFileSystemConfigEfsFileSystemConfig:DomainDefaultUserSettingsCustomFileSystemConfigEfsFileSystemConfig", "description": "The default EBS storage settings for a private space. See `efs_file_system_config` Block below.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsCustomFileSystemConfigEfsFileSystemConfig:DomainDefaultUserSettingsCustomFileSystemConfigEfsFileSystemConfig": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of your Amazon EFS file system.\n" }, "fileSystemPath": { "type": "string", "description": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.\n" } }, "type": "object", "required": [ "fileSystemId", "fileSystemPath" ] }, "aws:sagemaker/DomainDefaultUserSettingsCustomPosixUserConfig:DomainDefaultUserSettingsCustomPosixUserConfig": { "properties": { "gid": { "type": "integer", "description": "The POSIX group ID.\n" }, "uid": { "type": "integer", "description": "The POSIX user ID.\n" } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettings:DomainDefaultUserSettingsJupyterLabAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsCodeRepository:DomainDefaultUserSettingsJupyterLabAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. see `code_repository` Block below.\n" }, "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsCustomImage:DomainDefaultUserSettingsJupyterLabAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a JupyterLab app. see `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsJupyterLabAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsCodeRepository:DomainDefaultUserSettingsJupyterLabAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsCustomImage:DomainDefaultUserSettingsJupyterLabAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/DomainDefaultUserSettingsJupyterLabAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsJupyterLabAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettings:DomainDefaultUserSettingsJupyterServerAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettingsCodeRepository:DomainDefaultUserSettingsJupyterServerAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. see `code_repository` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsJupyterServerAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettingsCodeRepository:DomainDefaultUserSettingsJupyterServerAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/DomainDefaultUserSettingsJupyterServerAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsJupyterServerAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettings:DomainDefaultUserSettingsKernelGatewayAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImage:DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app. see `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsKernelGatewayAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImage:DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/DomainDefaultUserSettingsKernelGatewayAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsKernelGatewayAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettings:DomainDefaultUserSettingsRSessionAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettingsCustomImage:DomainDefaultUserSettingsRSessionAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a RSession app. see `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsRSessionAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block above.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettingsCustomImage:DomainDefaultUserSettingsRSessionAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/DomainDefaultUserSettingsRSessionAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsRSessionAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsRStudioServerProAppSettings:DomainDefaultUserSettingsRStudioServerProAppSettings": { "properties": { "accessStatus": { "type": "string", "description": "Indicates whether the current user has access to the RStudioServerPro app. Valid values are `ENABLED` and `DISABLED`.\n" }, "userGroup": { "type": "string", "description": "The level of permissions that the user has within the RStudioServerPro app. This value defaults to `R_STUDIO_USER`. The `R_STUDIO_ADMIN` value allows the user access to the RStudio Administrative Dashboard. Valid values are `R_STUDIO_USER` and `R_STUDIO_ADMIN`.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsSharingSettings:DomainDefaultUserSettingsSharingSettings": { "properties": { "notebookOutputOption": { "type": "string", "description": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled`. Valid values are `Allowed` and `Disabled`.\n" }, "s3KmsKeyId": { "type": "string", "description": "When `notebook_output_option` is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.\n" }, "s3OutputPath": { "type": "string", "description": "When `notebook_output_option` is Allowed, the Amazon S3 bucket used to save the notebook cell output.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsSpaceStorageSettings:DomainDefaultUserSettingsSpaceStorageSettings": { "properties": { "defaultEbsStorageSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings:DomainDefaultUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings", "description": "The default EBS storage settings for a private space. See `default_ebs_storage_settings` Block below.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings:DomainDefaultUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings": { "properties": { "defaultEbsVolumeSizeInGb": { "type": "integer", "description": "The default size of the EBS storage volume for a private space.\n" }, "maximumEbsVolumeSizeInGb": { "type": "integer", "description": "The maximum size of the EBS storage volume for a private space.\n" } }, "type": "object", "required": [ "defaultEbsVolumeSizeInGb", "maximumEbsVolumeSizeInGb" ] }, "aws:sagemaker/DomainDefaultUserSettingsTensorBoardAppSettings:DomainDefaultUserSettingsTensorBoardAppSettings": { "properties": { "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettingsTensorBoardAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsTensorBoardAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block below.\n" } }, "type": "object" }, "aws:sagemaker/DomainDefaultUserSettingsTensorBoardAppSettingsDefaultResourceSpec:DomainDefaultUserSettingsTensorBoardAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainDomainSettings:DomainDomainSettings": { "properties": { "executionRoleIdentityConfig": { "type": "string", "description": "The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key [AWS Docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html). Valid values are `USER_PROFILE_NAME` and `DISABLED`.\n" }, "rStudioServerProDomainSettings": { "$ref": "#/types/aws:sagemaker/DomainDomainSettingsRStudioServerProDomainSettings:DomainDomainSettingsRStudioServerProDomainSettings", "description": "A collection of settings that configure the RStudioServerPro Domain-level app. see `r_studio_server_pro_domain_settings` Block below.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/DomainDomainSettingsRStudioServerProDomainSettings:DomainDomainSettingsRStudioServerProDomainSettings": { "properties": { "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/DomainDomainSettingsRStudioServerProDomainSettingsDefaultResourceSpec:DomainDomainSettingsRStudioServerProDomainSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see `default_resource_spec` Block above.\n" }, "domainExecutionRoleArn": { "type": "string", "description": "The ARN of the execution role for the RStudioServerPro Domain-level app.\n" }, "rStudioConnectUrl": { "type": "string", "description": "A URL pointing to an RStudio Connect server.\n" }, "rStudioPackageManagerUrl": { "type": "string", "description": "A URL pointing to an RStudio Package Manager server.\n" } }, "type": "object", "required": [ "domainExecutionRoleArn" ] }, "aws:sagemaker/DomainDomainSettingsRStudioServerProDomainSettingsDefaultResourceSpec:DomainDomainSettingsRStudioServerProDomainSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/DomainRetentionPolicy:DomainRetentionPolicy": { "properties": { "homeEfsFileSystem": { "type": "string", "description": "The retention policy for data stored on an Amazon Elastic File System (EFS) volume. Valid values are `Retain` or `Delete`. Default value is `Retain`.\n" } }, "type": "object" }, "aws:sagemaker/EndpointConfigurationAsyncInferenceConfig:EndpointConfigurationAsyncInferenceConfig": { "properties": { "clientConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfigClientConfig:EndpointConfigurationAsyncInferenceConfigClientConfig", "description": "Configures the behavior of the client used by Amazon SageMaker to interact with the model container during asynchronous inference.\n", "willReplaceOnChanges": true }, "outputConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfigOutputConfig:EndpointConfigurationAsyncInferenceConfigOutputConfig", "description": "Specifies the configuration for asynchronous inference invocation outputs.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "outputConfig" ] }, "aws:sagemaker/EndpointConfigurationAsyncInferenceConfigClientConfig:EndpointConfigurationAsyncInferenceConfigClientConfig": { "properties": { "maxConcurrentInvocationsPerInstance": { "type": "integer", "description": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, Amazon SageMaker will choose an optimal value for you.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/EndpointConfigurationAsyncInferenceConfigOutputConfig:EndpointConfigurationAsyncInferenceConfigOutputConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.\n", "willReplaceOnChanges": true }, "notificationConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfigOutputConfigNotificationConfig:EndpointConfigurationAsyncInferenceConfigOutputConfigNotificationConfig", "description": "Specifies the configuration for notifications of inference results for asynchronous inference.\n", "willReplaceOnChanges": true }, "s3FailurePath": { "type": "string", "description": "The Amazon S3 location to upload failure inference responses to.\n", "willReplaceOnChanges": true }, "s3OutputPath": { "type": "string", "description": "The Amazon S3 location to upload inference responses to.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3OutputPath" ] }, "aws:sagemaker/EndpointConfigurationAsyncInferenceConfigOutputConfigNotificationConfig:EndpointConfigurationAsyncInferenceConfigOutputConfigNotificationConfig": { "properties": { "errorTopic": { "type": "string", "description": "Amazon SNS topic to post a notification to when inference fails. If no topic is provided, no notification is sent on failure.\n", "willReplaceOnChanges": true }, "includeInferenceResponseIns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon SNS topics where you want the inference response to be included. Valid values are `SUCCESS_NOTIFICATION_TOPIC` and `ERROR_NOTIFICATION_TOPIC`.\n", "willReplaceOnChanges": true }, "successTopic": { "type": "string", "description": "Amazon SNS topic to post a notification to when inference completes successfully. If no topic is provided, no notification is sent on success.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/EndpointConfigurationDataCaptureConfig:EndpointConfigurationDataCaptureConfig": { "properties": { "captureContentTypeHeader": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationDataCaptureConfigCaptureContentTypeHeader:EndpointConfigurationDataCaptureConfigCaptureContentTypeHeader", "description": "The content type headers to capture. Fields are documented below.\n", "willReplaceOnChanges": true }, "captureOptions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationDataCaptureConfigCaptureOption:EndpointConfigurationDataCaptureConfigCaptureOption" }, "description": "Specifies what data to capture. Fields are documented below.\n", "willReplaceOnChanges": true }, "destinationS3Uri": { "type": "string", "description": "The URL for S3 location where the captured data is stored.\n", "willReplaceOnChanges": true }, "enableCapture": { "type": "boolean", "description": "Flag to enable data capture. Defaults to `false`.\n", "willReplaceOnChanges": true }, "initialSamplingPercentage": { "type": "integer", "description": "Portion of data to capture. Should be between 0 and 100.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt the captured data on Amazon S3.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "captureOptions", "destinationS3Uri", "initialSamplingPercentage" ] }, "aws:sagemaker/EndpointConfigurationDataCaptureConfigCaptureContentTypeHeader:EndpointConfigurationDataCaptureConfigCaptureContentTypeHeader": { "properties": { "csvContentTypes": { "type": "array", "items": { "type": "string" }, "description": "The CSV content type headers to capture.\n", "willReplaceOnChanges": true }, "jsonContentTypes": { "type": "array", "items": { "type": "string" }, "description": "The JSON content type headers to capture.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/EndpointConfigurationDataCaptureConfigCaptureOption:EndpointConfigurationDataCaptureConfigCaptureOption": { "properties": { "captureMode": { "type": "string", "description": "Specifies the data to be captured. Should be one of `Input`, `Output` or `InputAndOutput`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "captureMode" ] }, "aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant": { "properties": { "acceleratorType": { "type": "string", "description": "The size of the Elastic Inference (EI) instance to use for the production variant.\n", "willReplaceOnChanges": true }, "containerStartupHealthCheckTimeoutInSeconds": { "type": "integer", "description": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests). Valid values between `60` and `3600`.\n", "willReplaceOnChanges": true }, "coreDumpConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariantCoreDumpConfig:EndpointConfigurationProductionVariantCoreDumpConfig", "description": "Specifies configuration for a core dump from the model container when the process crashes. Fields are documented below.\n", "willReplaceOnChanges": true }, "enableSsmAccess": { "type": "boolean", "description": "You can use this parameter to turn on native Amazon Web Services Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoints.\n", "willReplaceOnChanges": true }, "inferenceAmiVersion": { "type": "string", "description": "Specifies an option from a collection of preconfigured Amazon Machine Image (AMI) images. Each image is configured by Amazon Web Services with a set of software and driver versions. Amazon Web Services optimizes these configurations for different machine learning workloads.\n", "willReplaceOnChanges": true }, "initialInstanceCount": { "type": "integer", "description": "Initial number of instances used for auto-scaling.\n", "willReplaceOnChanges": true }, "initialVariantWeight": { "type": "number", "description": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. If unspecified, it defaults to `1.0`.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to start.\n", "willReplaceOnChanges": true }, "modelDataDownloadTimeoutInSeconds": { "type": "integer", "description": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant. Valid values between `60` and `3600`.\n", "willReplaceOnChanges": true }, "modelName": { "type": "string", "description": "The name of the model to use.\n", "willReplaceOnChanges": true }, "routingConfigs": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariantRoutingConfig:EndpointConfigurationProductionVariantRoutingConfig" }, "description": "Sets how the endpoint routes incoming traffic. See routing_config below.\n", "willReplaceOnChanges": true }, "serverlessConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariantServerlessConfig:EndpointConfigurationProductionVariantServerlessConfig", "description": "Specifies configuration for how an endpoint performs asynchronous inference.\n", "willReplaceOnChanges": true }, "variantName": { "type": "string", "description": "The name of the variant. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "volumeSizeInGb": { "type": "integer", "description": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Valid values between `1` and `512`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "modelName" ], "language": { "nodejs": { "requiredOutputs": [ "modelName", "variantName", "volumeSizeInGb" ] } } }, "aws:sagemaker/EndpointConfigurationProductionVariantCoreDumpConfig:EndpointConfigurationProductionVariantCoreDumpConfig": { "properties": { "destinationS3Uri": { "type": "string", "description": "The Amazon S3 bucket to send the core dump to.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker uses to encrypt the core dump data at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "destinationS3Uri" ] }, "aws:sagemaker/EndpointConfigurationProductionVariantRoutingConfig:EndpointConfigurationProductionVariantRoutingConfig": { "properties": { "routingStrategy": { "type": "string", "description": "Sets how the endpoint routes incoming traffic. Valid values are `LEAST_OUTSTANDING_REQUESTS` and `RANDOM`. `LEAST_OUTSTANDING_REQUESTS` routes requests to the specific instances that have more capacity to process them. `RANDOM` routes each request to a randomly chosen instance.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "routingStrategy" ] }, "aws:sagemaker/EndpointConfigurationProductionVariantServerlessConfig:EndpointConfigurationProductionVariantServerlessConfig": { "properties": { "maxConcurrency": { "type": "integer", "description": "The maximum number of concurrent invocations your serverless endpoint can process. Valid values are between `1` and `200`.\n", "willReplaceOnChanges": true }, "memorySizeInMb": { "type": "integer", "description": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: `1024` MB, `2048` MB, `3072` MB, `4096` MB, `5120` MB, or `6144` MB.\n", "willReplaceOnChanges": true }, "provisionedConcurrency": { "type": "integer", "description": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `max_concurrency`. Valid values are between `1` and `200`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "maxConcurrency", "memorySizeInMb" ] }, "aws:sagemaker/EndpointConfigurationShadowProductionVariant:EndpointConfigurationShadowProductionVariant": { "properties": { "acceleratorType": { "type": "string", "description": "The size of the Elastic Inference (EI) instance to use for the production variant.\n", "willReplaceOnChanges": true }, "containerStartupHealthCheckTimeoutInSeconds": { "type": "integer", "description": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests). Valid values between `60` and `3600`.\n", "willReplaceOnChanges": true }, "coreDumpConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariantCoreDumpConfig:EndpointConfigurationShadowProductionVariantCoreDumpConfig", "description": "Specifies configuration for a core dump from the model container when the process crashes. Fields are documented below.\n", "willReplaceOnChanges": true }, "enableSsmAccess": { "type": "boolean", "description": "You can use this parameter to turn on native Amazon Web Services Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoints.\n", "willReplaceOnChanges": true }, "inferenceAmiVersion": { "type": "string", "description": "Specifies an option from a collection of preconfigured Amazon Machine Image (AMI) images. Each image is configured by Amazon Web Services with a set of software and driver versions. Amazon Web Services optimizes these configurations for different machine learning workloads.\n", "willReplaceOnChanges": true }, "initialInstanceCount": { "type": "integer", "description": "Initial number of instances used for auto-scaling.\n", "willReplaceOnChanges": true }, "initialVariantWeight": { "type": "number", "description": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. If unspecified, it defaults to `1.0`.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to start.\n", "willReplaceOnChanges": true }, "modelDataDownloadTimeoutInSeconds": { "type": "integer", "description": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant. Valid values between `60` and `3600`.\n", "willReplaceOnChanges": true }, "modelName": { "type": "string", "description": "The name of the model to use.\n", "willReplaceOnChanges": true }, "routingConfigs": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariantRoutingConfig:EndpointConfigurationShadowProductionVariantRoutingConfig" }, "description": "Sets how the endpoint routes incoming traffic. See routing_config below.\n", "willReplaceOnChanges": true }, "serverlessConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariantServerlessConfig:EndpointConfigurationShadowProductionVariantServerlessConfig", "description": "Specifies configuration for how an endpoint performs asynchronous inference.\n", "willReplaceOnChanges": true }, "variantName": { "type": "string", "description": "The name of the variant. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "volumeSizeInGb": { "type": "integer", "description": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Valid values between `1` and `512`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "modelName" ], "language": { "nodejs": { "requiredOutputs": [ "modelName", "variantName" ] } } }, "aws:sagemaker/EndpointConfigurationShadowProductionVariantCoreDumpConfig:EndpointConfigurationShadowProductionVariantCoreDumpConfig": { "properties": { "destinationS3Uri": { "type": "string", "description": "The Amazon S3 bucket to send the core dump to.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker uses to encrypt the core dump data at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "destinationS3Uri", "kmsKeyId" ] }, "aws:sagemaker/EndpointConfigurationShadowProductionVariantRoutingConfig:EndpointConfigurationShadowProductionVariantRoutingConfig": { "properties": { "routingStrategy": { "type": "string", "description": "Sets how the endpoint routes incoming traffic. Valid values are `LEAST_OUTSTANDING_REQUESTS` and `RANDOM`. `LEAST_OUTSTANDING_REQUESTS` routes requests to the specific instances that have more capacity to process them. `RANDOM` routes each request to a randomly chosen instance.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "routingStrategy" ] }, "aws:sagemaker/EndpointConfigurationShadowProductionVariantServerlessConfig:EndpointConfigurationShadowProductionVariantServerlessConfig": { "properties": { "maxConcurrency": { "type": "integer", "description": "The maximum number of concurrent invocations your serverless endpoint can process. Valid values are between `1` and `200`.\n", "willReplaceOnChanges": true }, "memorySizeInMb": { "type": "integer", "description": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: `1024` MB, `2048` MB, `3072` MB, `4096` MB, `5120` MB, or `6144` MB.\n", "willReplaceOnChanges": true }, "provisionedConcurrency": { "type": "integer", "description": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `max_concurrency`. Valid values are between `1` and `200`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "maxConcurrency", "memorySizeInMb" ] }, "aws:sagemaker/EndpointDeploymentConfig:EndpointDeploymentConfig": { "properties": { "autoRollbackConfiguration": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigAutoRollbackConfiguration:EndpointDeploymentConfigAutoRollbackConfiguration", "description": "Automatic rollback configuration for handling endpoint deployment failures and recovery. See Auto Rollback Configuration.\n", "willReplaceOnChanges": true }, "blueGreenUpdatePolicy": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicy:EndpointDeploymentConfigBlueGreenUpdatePolicy", "description": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default. See Blue Green Update Config.\n" }, "rollingUpdatePolicy": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicy:EndpointDeploymentConfigRollingUpdatePolicy", "description": "Specifies a rolling deployment strategy for updating a SageMaker endpoint. See Rolling Update Policy.\n" } }, "type": "object" }, "aws:sagemaker/EndpointDeploymentConfigAutoRollbackConfiguration:EndpointDeploymentConfigAutoRollbackConfiguration": { "properties": { "alarms": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigAutoRollbackConfigurationAlarm:EndpointDeploymentConfigAutoRollbackConfigurationAlarm" }, "description": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment. See Alarms.\n" } }, "type": "object" }, "aws:sagemaker/EndpointDeploymentConfigAutoRollbackConfigurationAlarm:EndpointDeploymentConfigAutoRollbackConfigurationAlarm": { "properties": { "alarmName": { "type": "string", "description": "The name of a CloudWatch alarm in your account.\n" } }, "type": "object", "required": [ "alarmName" ] }, "aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicy:EndpointDeploymentConfigBlueGreenUpdatePolicy": { "properties": { "maximumExecutionTimeoutInSeconds": { "type": "integer" }, "terminationWaitInSeconds": { "type": "integer", "description": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is `0`. Valid values are between `0` and `3600`.\n" }, "trafficRoutingConfiguration": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration", "description": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment. See Traffic Routing Configuration.\n" } }, "type": "object", "required": [ "trafficRoutingConfiguration" ] }, "aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration": { "properties": { "canarySize": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize", "description": "Batch size for the first step to turn on traffic on the new endpoint fleet. Value must be less than or equal to 50% of the variant's total instance count. See Canary Size.\n" }, "linearStepSize": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize", "description": "Batch size for each step to turn on traffic on the new endpoint fleet. Value must be 10-50% of the variant's total instance count. See Linear Step Size.\n" }, "type": { "type": "string", "description": "Traffic routing strategy type. Valid values are: `ALL_AT_ONCE`, `CANARY`, and `LINEAR`.\n" }, "waitIntervalInSeconds": { "type": "integer", "description": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet. Valid values are between `0` and `3600`.\n" } }, "type": "object", "required": [ "type", "waitIntervalInSeconds" ] }, "aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize": { "properties": { "type": { "type": "string", "description": "Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.\n" }, "value": { "type": "integer", "description": "Defines the capacity size, either as a number of instances or a capacity percentage.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:sagemaker/EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize:EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize": { "properties": { "type": { "type": "string", "description": "Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.\n" }, "value": { "type": "integer", "description": "Defines the capacity size, either as a number of instances or a capacity percentage.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicy:EndpointDeploymentConfigRollingUpdatePolicy": { "properties": { "maximumBatchSize": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicyMaximumBatchSize:EndpointDeploymentConfigRollingUpdatePolicyMaximumBatchSize", "description": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count. See Maximum Batch Size.\n" }, "maximumExecutionTimeoutInSeconds": { "type": "integer", "description": "The time limit for the total deployment. Exceeding this limit causes a timeout. Valid values are between `600` and `14400`.\n" }, "rollbackMaximumBatchSize": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicyRollbackMaximumBatchSize:EndpointDeploymentConfigRollingUpdatePolicyRollbackMaximumBatchSize", "description": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback. See Rollback Maximum Batch Size.\n" }, "waitIntervalInSeconds": { "type": "integer", "description": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet. Valid values are between `0` and `3600`.\n" } }, "type": "object", "required": [ "maximumBatchSize", "waitIntervalInSeconds" ] }, "aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicyMaximumBatchSize:EndpointDeploymentConfigRollingUpdatePolicyMaximumBatchSize": { "properties": { "type": { "type": "string", "description": "Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.\n" }, "value": { "type": "integer", "description": "Defines the capacity size, either as a number of instances or a capacity percentage.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:sagemaker/EndpointDeploymentConfigRollingUpdatePolicyRollbackMaximumBatchSize:EndpointDeploymentConfigRollingUpdatePolicyRollbackMaximumBatchSize": { "properties": { "type": { "type": "string", "description": "Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.\n" }, "value": { "type": "integer", "description": "Defines the capacity size, either as a number of instances or a capacity percentage.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:sagemaker/FeatureGroupFeatureDefinition:FeatureGroupFeatureDefinition": { "properties": { "featureName": { "type": "string", "description": "The name of a feature. `feature_name` cannot be any of the following: `is_deleted`, `write_time`, `api_invocation_time`.\n", "willReplaceOnChanges": true }, "featureType": { "type": "string", "description": "The value type of a feature. Valid values are `Integral`, `Fractional`, or `String`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/FeatureGroupOfflineStoreConfig:FeatureGroupOfflineStoreConfig": { "properties": { "dataCatalogConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOfflineStoreConfigDataCatalogConfig:FeatureGroupOfflineStoreConfigDataCatalogConfig", "description": "The meta data of the Glue table that is autogenerated when an OfflineStore is created. See Data Catalog Config Below.\n", "willReplaceOnChanges": true }, "disableGlueTableCreation": { "type": "boolean", "description": "Set to `true` to turn Online Store On.\n", "willReplaceOnChanges": true }, "s3StorageConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOfflineStoreConfigS3StorageConfig:FeatureGroupOfflineStoreConfigS3StorageConfig", "description": "The Amazon Simple Storage (Amazon S3) location of OfflineStore. See S3 Storage Config Below.\n", "willReplaceOnChanges": true }, "tableFormat": { "type": "string", "description": "Format for the offline store table. Supported formats are `Glue` (Default) and Apache `Iceberg` (https://iceberg.apache.org/).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3StorageConfig" ], "language": { "nodejs": { "requiredOutputs": [ "dataCatalogConfig", "s3StorageConfig" ] } } }, "aws:sagemaker/FeatureGroupOfflineStoreConfigDataCatalogConfig:FeatureGroupOfflineStoreConfigDataCatalogConfig": { "properties": { "catalog": { "type": "string", "description": "The name of the Glue table catalog.\n", "willReplaceOnChanges": true }, "database": { "type": "string", "description": "The name of the Glue table database.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the Glue table.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "catalog", "database", "tableName" ] } } }, "aws:sagemaker/FeatureGroupOfflineStoreConfigS3StorageConfig:FeatureGroupOfflineStoreConfigS3StorageConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (KMS) key ID of the key used to encrypt any objects written into the OfflineStore S3 location.\n", "willReplaceOnChanges": true }, "resolvedOutputS3Uri": { "type": "string", "description": "The S3 path where offline records are written.\n", "willReplaceOnChanges": true }, "s3Uri": { "type": "string", "description": "The S3 URI, or location in Amazon S3, of OfflineStore.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3Uri" ], "language": { "nodejs": { "requiredOutputs": [ "resolvedOutputS3Uri", "s3Uri" ] } } }, "aws:sagemaker/FeatureGroupOnlineStoreConfig:FeatureGroupOnlineStoreConfig": { "properties": { "enableOnlineStore": { "type": "boolean", "description": "Set to `true` to disable the automatic creation of an AWS Glue table when configuring an OfflineStore.\n", "willReplaceOnChanges": true }, "securityConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOnlineStoreConfigSecurityConfig:FeatureGroupOnlineStoreConfigSecurityConfig", "description": "Security config for at-rest encryption of your OnlineStore. See Security Config Below.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "Option for different tiers of low latency storage for real-time data retrieval. Valid values are `Standard`, or `InMemory`.\n", "willReplaceOnChanges": true }, "ttlDuration": { "$ref": "#/types/aws:sagemaker/FeatureGroupOnlineStoreConfigTtlDuration:FeatureGroupOnlineStoreConfigTtlDuration", "description": "Time to live duration, where the record is hard deleted after the expiration time is reached; ExpiresAt = EventTime + TtlDuration.. See TTl Duration Below.\n" } }, "type": "object" }, "aws:sagemaker/FeatureGroupOnlineStoreConfigSecurityConfig:FeatureGroupOnlineStoreConfigSecurityConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/FeatureGroupOnlineStoreConfigTtlDuration:FeatureGroupOnlineStoreConfigTtlDuration": { "properties": { "unit": { "type": "string", "description": "TtlDuration time unit. Valid values are `Seconds`, `Minutes`, `Hours`, `Days`, or `Weeks`.\n" }, "value": { "type": "integer", "description": "TtlDuration time value.\n" } }, "type": "object" }, "aws:sagemaker/FlowDefinitionHumanLoopActivationConfig:FlowDefinitionHumanLoopActivationConfig": { "properties": { "humanLoopActivationConditionsConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfig:FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfig", "description": "defines under what conditions SageMaker creates a human loop. See Human Loop Activation Conditions Config details below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfig:FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfig": { "properties": { "humanLoopActivationConditions": { "type": "string", "description": "A JSON expressing use-case specific conditions declaratively. If any condition is matched, atomic tasks are created against the configured work team. For more information about how to structure the JSON, see [JSON Schema for Human Loop Activation Conditions in Amazon Augmented AI](https://docs.aws.amazon.com/sagemaker/latest/dg/a2i-human-fallback-conditions-json-schema.html).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "humanLoopActivationConditions" ] }, "aws:sagemaker/FlowDefinitionHumanLoopConfig:FlowDefinitionHumanLoopConfig": { "properties": { "humanTaskUiArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the human task user interface.\n", "willReplaceOnChanges": true }, "publicWorkforceTaskPrice": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopConfigPublicWorkforceTaskPrice:FlowDefinitionHumanLoopConfigPublicWorkforceTaskPrice", "description": "Defines the amount of money paid to an Amazon Mechanical Turk worker for each task performed. See Public Workforce Task Price details below.\n", "willReplaceOnChanges": true }, "taskAvailabilityLifetimeInSeconds": { "type": "integer", "description": "The length of time that a task remains available for review by human workers. Valid value range between `1` and `864000`.\n", "willReplaceOnChanges": true }, "taskCount": { "type": "integer", "description": "The number of distinct workers who will perform the same task on each object. Valid value range between `1` and `3`.\n", "willReplaceOnChanges": true }, "taskDescription": { "type": "string", "description": "A description for the human worker task.\n", "willReplaceOnChanges": true }, "taskKeywords": { "type": "array", "items": { "type": "string" }, "description": "An array of keywords used to describe the task so that workers can discover the task.\n" }, "taskTimeLimitInSeconds": { "type": "integer", "description": "The amount of time that a worker has to complete a task. The default value is `3600` seconds.\n", "willReplaceOnChanges": true }, "taskTitle": { "type": "string", "description": "A title for the human worker task.\n", "willReplaceOnChanges": true }, "workteamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the human task user interface. Amazon Resource Name (ARN) of a team of workers. For Public workforces see [AWS Docs](https://docs.aws.amazon.com/sagemaker/latest/dg/sms-workforce-management-public.html).\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "humanTaskUiArn", "taskCount", "taskDescription", "taskTitle", "workteamArn" ] }, "aws:sagemaker/FlowDefinitionHumanLoopConfigPublicWorkforceTaskPrice:FlowDefinitionHumanLoopConfigPublicWorkforceTaskPrice": { "properties": { "amountInUsd": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsd:FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsd", "description": "Defines the amount of money paid to an Amazon Mechanical Turk worker in United States dollars. See Amount In Usd details below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsd:FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsd": { "properties": { "cents": { "type": "integer", "description": "The fractional portion, in cents, of the amount. Valid value range between `0` and `99`.\n", "willReplaceOnChanges": true }, "dollars": { "type": "integer", "description": "The whole number of dollars in the amount. Valid value range between `0` and `2`.\n", "willReplaceOnChanges": true }, "tenthFractionsOfACent": { "type": "integer", "description": "Fractions of a cent, in tenths. Valid value range between `0` and `9`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:sagemaker/FlowDefinitionHumanLoopRequestSource:FlowDefinitionHumanLoopRequestSource": { "properties": { "awsManagedHumanLoopRequestSource": { "type": "string", "description": "Specifies whether Amazon Rekognition or Amazon Textract are used as the integration source. Valid values are: `AWS/Rekognition/DetectModerationLabels/Image/V3` and `AWS/Textract/AnalyzeDocument/Forms/V1`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "awsManagedHumanLoopRequestSource" ] }, "aws:sagemaker/FlowDefinitionOutputConfig:FlowDefinitionOutputConfig": { "properties": { "kmsKeyId": { "type": "string", "description": "The Amazon Key Management Service (KMS) key ARN for server-side encryption.\n", "willReplaceOnChanges": true }, "s3OutputPath": { "type": "string", "description": "The Amazon S3 path where the object containing human output will be made available.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3OutputPath" ] }, "aws:sagemaker/HumanTaskUIUiTemplate:HumanTaskUIUiTemplate": { "properties": { "content": { "type": "string", "description": "The content of the Liquid template for the worker user interface.\n", "willReplaceOnChanges": true }, "contentSha256": { "type": "string", "description": "The SHA-256 digest of the contents of the template.\n" }, "url": { "type": "string", "description": "The URL for the user interface template.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "contentSha256", "url" ] } } }, "aws:sagemaker/ModelContainer:ModelContainer": { "properties": { "containerHostname": { "type": "string", "description": "The DNS host name for the container.\n", "willReplaceOnChanges": true }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", "willReplaceOnChanges": true }, "image": { "type": "string", "description": "The registry path where the inference code image is stored in Amazon ECR.\n", "willReplaceOnChanges": true }, "imageConfig": { "$ref": "#/types/aws:sagemaker/ModelContainerImageConfig:ModelContainerImageConfig", "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.\n" }, "mode": { "type": "string", "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n", "willReplaceOnChanges": true }, "modelDataSource": { "$ref": "#/types/aws:sagemaker/ModelContainerModelDataSource:ModelContainerModelDataSource", "description": "The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker Developer Guide_.\n" }, "modelDataUrl": { "type": "string", "description": "The URL for the S3 location where model artifacts are stored.\n", "willReplaceOnChanges": true }, "modelPackageName": { "type": "string", "description": "The Amazon Resource Name (ARN) of the model package to use to create the model.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "modelDataSource" ] } } }, "aws:sagemaker/ModelContainerImageConfig:ModelContainerImageConfig": { "properties": { "repositoryAccessMode": { "type": "string", "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.\n", "willReplaceOnChanges": true }, "repositoryAuthConfig": { "$ref": "#/types/aws:sagemaker/ModelContainerImageConfigRepositoryAuthConfig:ModelContainerImageConfigRepositoryAuthConfig", "description": "Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified Vpc as the value for the RepositoryAccessMode field, and the private Docker registry where the model image is hosted requires authentication. see Repository Auth Config.\n" } }, "type": "object", "required": [ "repositoryAccessMode" ] }, "aws:sagemaker/ModelContainerImageConfigRepositoryAuthConfig:ModelContainerImageConfigRepositoryAuthConfig": { "properties": { "repositoryCredentialsProviderArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "repositoryCredentialsProviderArn" ] }, "aws:sagemaker/ModelContainerModelDataSource:ModelContainerModelDataSource": { "properties": { "s3DataSources": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainerModelDataSourceS3DataSource:ModelContainerModelDataSourceS3DataSource" }, "description": "The S3 location of model data to deploy.\n" } }, "type": "object", "required": [ "s3DataSources" ] }, "aws:sagemaker/ModelContainerModelDataSourceS3DataSource:ModelContainerModelDataSourceS3DataSource": { "properties": { "compressionType": { "type": "string", "description": "How the model data is prepared. Allowed values are: `None` and `Gzip`.\n", "willReplaceOnChanges": true }, "s3DataType": { "type": "string", "description": "The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", "willReplaceOnChanges": true }, "s3Uri": { "type": "string", "description": "The S3 path of model data to deploy.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "compressionType", "s3DataType", "s3Uri" ] }, "aws:sagemaker/ModelInferenceExecutionConfig:ModelInferenceExecutionConfig": { "properties": { "mode": { "type": "string", "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer": { "properties": { "containerHostname": { "type": "string", "description": "The DNS host name for the container.\n", "willReplaceOnChanges": true }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", "willReplaceOnChanges": true }, "image": { "type": "string", "description": "The registry path where the inference code image is stored in Amazon ECR.\n", "willReplaceOnChanges": true }, "imageConfig": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerImageConfig:ModelPrimaryContainerImageConfig", "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.\n" }, "mode": { "type": "string", "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n", "willReplaceOnChanges": true }, "modelDataSource": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerModelDataSource:ModelPrimaryContainerModelDataSource", "description": "The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker Developer Guide_.\n" }, "modelDataUrl": { "type": "string", "description": "The URL for the S3 location where model artifacts are stored.\n", "willReplaceOnChanges": true }, "modelPackageName": { "type": "string", "description": "The Amazon Resource Name (ARN) of the model package to use to create the model.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "modelDataSource" ] } } }, "aws:sagemaker/ModelPrimaryContainerImageConfig:ModelPrimaryContainerImageConfig": { "properties": { "repositoryAccessMode": { "type": "string", "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.\n", "willReplaceOnChanges": true }, "repositoryAuthConfig": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerImageConfigRepositoryAuthConfig:ModelPrimaryContainerImageConfigRepositoryAuthConfig", "description": "Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified Vpc as the value for the RepositoryAccessMode field, and the private Docker registry where the model image is hosted requires authentication. see Repository Auth Config.\n" } }, "type": "object", "required": [ "repositoryAccessMode" ] }, "aws:sagemaker/ModelPrimaryContainerImageConfigRepositoryAuthConfig:ModelPrimaryContainerImageConfigRepositoryAuthConfig": { "properties": { "repositoryCredentialsProviderArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "repositoryCredentialsProviderArn" ] }, "aws:sagemaker/ModelPrimaryContainerModelDataSource:ModelPrimaryContainerModelDataSource": { "properties": { "s3DataSources": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerModelDataSourceS3DataSource:ModelPrimaryContainerModelDataSourceS3DataSource" }, "description": "The S3 location of model data to deploy.\n" } }, "type": "object", "required": [ "s3DataSources" ] }, "aws:sagemaker/ModelPrimaryContainerModelDataSourceS3DataSource:ModelPrimaryContainerModelDataSourceS3DataSource": { "properties": { "compressionType": { "type": "string", "description": "How the model data is prepared. Allowed values are: `None` and `Gzip`.\n", "willReplaceOnChanges": true }, "s3DataType": { "type": "string", "description": "The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", "willReplaceOnChanges": true }, "s3Uri": { "type": "string", "description": "The S3 path of model data to deploy.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "compressionType", "s3DataType", "s3Uri" ] }, "aws:sagemaker/ModelVpcConfig:ModelVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" } }, "subnets": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "securityGroupIds", "subnets" ] }, "aws:sagemaker/MonitoringScheduleMonitoringScheduleConfig:MonitoringScheduleMonitoringScheduleConfig": { "properties": { "monitoringJobDefinitionName": { "type": "string", "description": "The name of the monitoring job definition to schedule.\n" }, "monitoringType": { "type": "string", "description": "The type of the monitoring job definition to schedule. Valid values are `DataQuality`, `ModelQuality`, `ModelBias` or `ModelExplainability`\n" }, "scheduleConfig": { "$ref": "#/types/aws:sagemaker/MonitoringScheduleMonitoringScheduleConfigScheduleConfig:MonitoringScheduleMonitoringScheduleConfigScheduleConfig", "description": "Configures the monitoring schedule. Fields are documented below.\n" } }, "type": "object", "required": [ "monitoringJobDefinitionName", "monitoringType" ], "language": { "nodejs": { "requiredOutputs": [ "monitoringJobDefinitionName", "monitoringType", "scheduleConfig" ] } } }, "aws:sagemaker/MonitoringScheduleMonitoringScheduleConfigScheduleConfig:MonitoringScheduleMonitoringScheduleConfigScheduleConfig": { "properties": { "scheduleExpression": { "type": "string", "description": "A cron expression that describes details about the monitoring schedule. For example, and hourly schedule would be `cron(0 * ? * * *)`.\n" } }, "type": "object", "required": [ "scheduleExpression" ] }, "aws:sagemaker/NotebookInstanceInstanceMetadataServiceConfiguration:NotebookInstanceInstanceMetadataServiceConfiguration": { "properties": { "minimumInstanceMetadataServiceVersion": { "type": "string", "description": "Indicates the minimum IMDS version that the notebook instance supports. When passed \"1\" is passed. This means that both IMDSv1 and IMDSv2 are supported. Valid values are `1` and `2`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "minimumInstanceMetadataServiceVersion" ] } } }, "aws:sagemaker/PipelineParallelismConfiguration:PipelineParallelismConfiguration": { "properties": { "maxParallelExecutionSteps": { "type": "integer", "description": "The max number of steps that can be executed in parallel.\n" } }, "type": "object", "required": [ "maxParallelExecutionSteps" ] }, "aws:sagemaker/PipelinePipelineDefinitionS3Location:PipelinePipelineDefinitionS3Location": { "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket.\n" }, "objectKey": { "type": "string", "description": "The object key (or key name) uniquely identifies the object in an S3 bucket.\n" }, "versionId": { "type": "string", "description": "Version Id of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.\n" } }, "type": "object", "required": [ "bucket", "objectKey" ] }, "aws:sagemaker/ProjectServiceCatalogProvisioningDetails:ProjectServiceCatalogProvisioningDetails": { "properties": { "pathId": { "type": "string", "description": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.\n", "willReplaceOnChanges": true }, "productId": { "type": "string", "description": "The ID of the product to provision.\n", "willReplaceOnChanges": true }, "provisioningArtifactId": { "type": "string", "description": "The ID of the provisioning artifact.\n" }, "provisioningParameters": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ProjectServiceCatalogProvisioningDetailsProvisioningParameter:ProjectServiceCatalogProvisioningDetailsProvisioningParameter" }, "description": "A list of key value pairs that you specify when you provision a product. See Provisioning Parameter below.\n" } }, "type": "object", "required": [ "productId" ], "language": { "nodejs": { "requiredOutputs": [ "productId", "provisioningArtifactId" ] } } }, "aws:sagemaker/ProjectServiceCatalogProvisioningDetailsProvisioningParameter:ProjectServiceCatalogProvisioningDetailsProvisioningParameter": { "properties": { "key": { "type": "string", "description": "The key that identifies a provisioning parameter.\n" }, "value": { "type": "string", "description": "The value of the provisioning parameter.\n" } }, "type": "object", "required": [ "key" ] }, "aws:sagemaker/SpaceOwnershipSettings:SpaceOwnershipSettings": { "properties": { "ownerUserProfileName": { "type": "string", "description": "The user profile who is the owner of the private space.\n" } }, "type": "object", "required": [ "ownerUserProfileName" ] }, "aws:sagemaker/SpaceSpaceSettings:SpaceSpaceSettings": { "properties": { "appType": { "type": "string", "description": "The type of app created within the space.\n" }, "codeEditorAppSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsCodeEditorAppSettings:SpaceSpaceSettingsCodeEditorAppSettings", "description": "The Code Editor application settings. See `code_editor_app_settings` Block below.\n" }, "customFileSystems": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsCustomFileSystem:SpaceSpaceSettingsCustomFileSystem" }, "description": "A file system, created by you, that you assign to a space for an Amazon SageMaker Domain. See `custom_file_system` Block below.\n" }, "jupyterLabAppSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettings:SpaceSpaceSettingsJupyterLabAppSettings", "description": "The settings for the JupyterLab application. See `jupyter_lab_app_settings` Block below.\n" }, "jupyterServerAppSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettings:SpaceSpaceSettingsJupyterServerAppSettings", "description": "The Jupyter server's app settings. See `jupyter_server_app_settings` Block below.\n" }, "kernelGatewayAppSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettings:SpaceSpaceSettingsKernelGatewayAppSettings", "description": "The kernel gateway app settings. See `kernel_gateway_app_settings` Block below.\n" }, "spaceStorageSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsSpaceStorageSettings:SpaceSpaceSettingsSpaceStorageSettings", "description": "The storage settings. See `space_storage_settings` Block below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "spaceStorageSettings" ] } } }, "aws:sagemaker/SpaceSpaceSettingsCodeEditorAppSettings:SpaceSpaceSettingsCodeEditorAppSettings": { "properties": { "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsCodeEditorAppSettingsDefaultResourceSpec:SpaceSpaceSettingsCodeEditorAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. See `default_resource_spec` Block below.\n" } }, "type": "object", "required": [ "defaultResourceSpec" ] }, "aws:sagemaker/SpaceSpaceSettingsCodeEditorAppSettingsDefaultResourceSpec:SpaceSpaceSettingsCodeEditorAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type.\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker image created on the instance.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/SpaceSpaceSettingsCustomFileSystem:SpaceSpaceSettingsCustomFileSystem": { "properties": { "efsFileSystem": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsCustomFileSystemEfsFileSystem:SpaceSpaceSettingsCustomFileSystemEfsFileSystem", "description": "A custom file system in Amazon EFS. See `efs_file_system` Block below.\n" } }, "type": "object", "required": [ "efsFileSystem" ] }, "aws:sagemaker/SpaceSpaceSettingsCustomFileSystemEfsFileSystem:SpaceSpaceSettingsCustomFileSystemEfsFileSystem": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of your Amazon EFS file system.\n" } }, "type": "object", "required": [ "fileSystemId" ] }, "aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettings:SpaceSpaceSettingsJupyterLabAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettingsCodeRepository:SpaceSpaceSettingsJupyterLabAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. See `code_repository` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettingsDefaultResourceSpec:SpaceSpaceSettingsJupyterLabAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. See `default_resource_spec` Block below.\n" } }, "type": "object", "required": [ "defaultResourceSpec" ] }, "aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettingsCodeRepository:SpaceSpaceSettingsJupyterLabAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/SpaceSpaceSettingsJupyterLabAppSettingsDefaultResourceSpec:SpaceSpaceSettingsJupyterLabAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type.\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker image created on the instance.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettings:SpaceSpaceSettingsJupyterServerAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettingsCodeRepository:SpaceSpaceSettingsJupyterServerAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. See `code_repository` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec:SpaceSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. See `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object", "required": [ "defaultResourceSpec" ] }, "aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettingsCodeRepository:SpaceSpaceSettingsJupyterServerAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/SpaceSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec:SpaceSpaceSettingsJupyterServerAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type.\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker image created on the instance.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettings:SpaceSpaceSettingsKernelGatewayAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettingsCustomImage:SpaceSpaceSettingsKernelGatewayAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app. See `custom_image` Block below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec:SpaceSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. See `default_resource_spec` Block below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object", "required": [ "defaultResourceSpec" ] }, "aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettingsCustomImage:SpaceSpaceSettingsKernelGatewayAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/SpaceSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec:SpaceSpaceSettingsKernelGatewayAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type.\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker image created on the instance.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/SpaceSpaceSettingsSpaceStorageSettings:SpaceSpaceSettingsSpaceStorageSettings": { "properties": { "ebsStorageSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettingsSpaceStorageSettingsEbsStorageSettings:SpaceSpaceSettingsSpaceStorageSettingsEbsStorageSettings", "description": "A collection of EBS storage settings for a space. See `ebs_storage_settings` Block below.\n" } }, "type": "object", "required": [ "ebsStorageSettings" ] }, "aws:sagemaker/SpaceSpaceSettingsSpaceStorageSettingsEbsStorageSettings:SpaceSpaceSettingsSpaceStorageSettingsEbsStorageSettings": { "properties": { "ebsVolumeSizeInGb": { "type": "integer", "description": "The size of an EBS storage volume for a space.\n" } }, "type": "object", "required": [ "ebsVolumeSizeInGb" ] }, "aws:sagemaker/SpaceSpaceSharingSettings:SpaceSpaceSharingSettings": { "properties": { "sharingType": { "type": "string", "description": "Specifies the sharing type of the space. Valid values are `Private` and `Shared`.\n" } }, "type": "object", "required": [ "sharingType" ] }, "aws:sagemaker/UserProfileUserSettings:UserProfileUserSettings": { "properties": { "canvasAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettings:UserProfileUserSettingsCanvasAppSettings", "description": "The Canvas app settings. See Canvas App Settings below.\n" }, "codeEditorAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettings:UserProfileUserSettingsCodeEditorAppSettings", "description": "The Code Editor application settings. See Code Editor App Settings below.\n" }, "customFileSystemConfigs": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCustomFileSystemConfig:UserProfileUserSettingsCustomFileSystemConfig" }, "description": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio. See Custom File System Config below.\n" }, "customPosixUserConfig": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCustomPosixUserConfig:UserProfileUserSettingsCustomPosixUserConfig", "description": "Details about the POSIX identity that is used for file system operations. See Custom Posix User Config below.\n" }, "defaultLandingUri": { "type": "string", "description": "The default experience that the user is directed to when accessing the domain. The supported values are: `studio::`: Indicates that Studio is the default experience. This value can only be passed if StudioWebPortal is set to ENABLED. `app:JupyterServer:`: Indicates that Studio Classic is the default experience.\n" }, "executionRole": { "type": "string", "description": "The execution role ARN for the user.\n" }, "jupyterLabAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettings:UserProfileUserSettingsJupyterLabAppSettings", "description": "The settings for the JupyterLab application. See Jupyter Lab App Settings below.\n" }, "jupyterServerAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettings:UserProfileUserSettingsJupyterServerAppSettings", "description": "The Jupyter server's app settings. See Jupyter Server App Settings below.\n" }, "kernelGatewayAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettings:UserProfileUserSettingsKernelGatewayAppSettings", "description": "The kernel gateway app settings. See Kernel Gateway App Settings below.\n" }, "rSessionAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsRSessionAppSettings:UserProfileUserSettingsRSessionAppSettings", "description": "The RSession app settings. See RSession App Settings below.\n" }, "rStudioServerProAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsRStudioServerProAppSettings:UserProfileUserSettingsRStudioServerProAppSettings", "description": "A collection of settings that configure user interaction with the RStudioServerPro app. See RStudioServerProAppSettings below.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs that will be attached to the user.\n" }, "sharingSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsSharingSettings:UserProfileUserSettingsSharingSettings", "description": "The sharing settings. See Sharing Settings below.\n" }, "spaceStorageSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsSpaceStorageSettings:UserProfileUserSettingsSpaceStorageSettings", "description": "The storage settings for a private space. See Space Storage Settings below.\n" }, "studioWebPortal": { "type": "string", "description": "Whether the user can access Studio. If this value is set to `DISABLED`, the user cannot access Studio, even if that is the default experience for the domain. Valid values are `ENABLED` and `DISABLED`.\n" }, "tensorBoardAppSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsTensorBoardAppSettings:UserProfileUserSettingsTensorBoardAppSettings", "description": "The TensorBoard app settings. See TensorBoard App Settings below.\n" } }, "type": "object", "required": [ "executionRole" ], "language": { "nodejs": { "requiredOutputs": [ "executionRole", "spaceStorageSettings", "studioWebPortal" ] } } }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettings:UserProfileUserSettingsCanvasAppSettings": { "properties": { "directDeploySettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsDirectDeploySettings:UserProfileUserSettingsCanvasAppSettingsDirectDeploySettings", "description": "The model deployment settings for the SageMaker Canvas application. See Direct Deploy Settings below.\n" }, "generativeAiSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsGenerativeAiSettings:UserProfileUserSettingsCanvasAppSettingsGenerativeAiSettings" }, "identityProviderOauthSettings": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsIdentityProviderOauthSetting:UserProfileUserSettingsCanvasAppSettingsIdentityProviderOauthSetting" }, "description": "The settings for connecting to an external data source with OAuth. See Identity Provider OAuth Settings below.\n" }, "kendraSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsKendraSettings:UserProfileUserSettingsCanvasAppSettingsKendraSettings", "description": "The settings for document querying. See Kendra Settings below.\n" }, "modelRegisterSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsModelRegisterSettings:UserProfileUserSettingsCanvasAppSettingsModelRegisterSettings", "description": "The model registry settings for the SageMaker Canvas application. See Model Register Settings below.\n" }, "timeSeriesForecastingSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings:UserProfileUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings", "description": "Time series forecast settings for the Canvas app. See Time Series Forecasting Settings below.\n" }, "workspaceSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsWorkspaceSettings:UserProfileUserSettingsCanvasAppSettingsWorkspaceSettings", "description": "The workspace settings for the SageMaker Canvas application. See Workspace Settings below.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsDirectDeploySettings:UserProfileUserSettingsCanvasAppSettingsDirectDeploySettings": { "properties": { "status": { "type": "string", "description": "Describes whether model deployment permissions are enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsGenerativeAiSettings:UserProfileUserSettingsCanvasAppSettingsGenerativeAiSettings": { "properties": { "amazonBedrockRoleArn": { "type": "string" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsIdentityProviderOauthSetting:UserProfileUserSettingsCanvasAppSettingsIdentityProviderOauthSetting": { "properties": { "dataSourceName": { "type": "string", "description": "The name of the data source that you're connecting to. Canvas currently supports OAuth for Snowflake and Salesforce Data Cloud. Valid values are `SalesforceGenie` and `Snowflake`.\n" }, "secretArn": { "type": "string", "description": "The ARN of an Amazon Web Services Secrets Manager secret that stores the credentials from your identity provider, such as the client ID and secret, authorization URL, and token URL.\n" }, "status": { "type": "string", "description": "Describes whether OAuth for a data source is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object", "required": [ "secretArn" ] }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsKendraSettings:UserProfileUserSettingsCanvasAppSettingsKendraSettings": { "properties": { "status": { "type": "string", "description": "Describes whether the document querying feature is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsModelRegisterSettings:UserProfileUserSettingsCanvasAppSettingsModelRegisterSettings": { "properties": { "crossAccountModelRegisterRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SageMaker model registry account. Required only to register model versions created by a different SageMaker Canvas AWS account than the AWS account in which SageMaker model registry is set up.\n" }, "status": { "type": "string", "description": "Describes whether the integration to the model registry is enabled or disabled in the Canvas application. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings:UserProfileUserSettingsCanvasAppSettingsTimeSeriesForecastingSettings": { "properties": { "amazonForecastRoleArn": { "type": "string", "description": "The IAM role that Canvas passes to Amazon Forecast for time series forecasting. By default, Canvas uses the execution role specified in the UserProfile that launches the Canvas app. If an execution role is not specified in the UserProfile, Canvas uses the execution role specified in the Domain that owns the UserProfile. To allow time series forecasting, this IAM role should have the [AmazonSageMakerCanvasForecastAccess](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-canvas.html#security-iam-awsmanpol-AmazonSageMakerCanvasForecastAccess) policy attached and forecast.amazonaws.com added in the trust relationship as a service principal.\n" }, "status": { "type": "string", "description": "Describes whether time series forecasting is enabled or disabled in the Canvas app. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCanvasAppSettingsWorkspaceSettings:UserProfileUserSettingsCanvasAppSettingsWorkspaceSettings": { "properties": { "s3ArtifactPath": { "type": "string", "description": "The Amazon S3 bucket used to store artifacts generated by Canvas. Updating the Amazon S3 location impacts existing configuration settings, and Canvas users no longer have access to their artifacts. Canvas users must log out and log back in to apply the new location.\n" }, "s3KmsKeyId": { "type": "string", "description": "The Amazon Web Services Key Management Service (KMS) encryption key ID that is used to encrypt artifacts generated by Canvas in the Amazon S3 bucket.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettings:UserProfileUserSettingsCodeEditorAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettingsCustomImage:UserProfileUserSettingsCodeEditorAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a CodeEditor app. see Custom Image below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettingsDefaultResourceSpec:UserProfileUserSettingsCodeEditorAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettingsCustomImage:UserProfileUserSettingsCodeEditorAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/UserProfileUserSettingsCodeEditorAppSettingsDefaultResourceSpec:UserProfileUserSettingsCodeEditorAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCustomFileSystemConfig:UserProfileUserSettingsCustomFileSystemConfig": { "properties": { "efsFileSystemConfigs": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsCustomFileSystemConfigEfsFileSystemConfig:UserProfileUserSettingsCustomFileSystemConfigEfsFileSystemConfig" }, "description": "The default EBS storage settings for a private space. See EFS File System Config below.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsCustomFileSystemConfigEfsFileSystemConfig:UserProfileUserSettingsCustomFileSystemConfigEfsFileSystemConfig": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of your Amazon EFS file system.\n" }, "fileSystemPath": { "type": "string", "description": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.\n" } }, "type": "object", "required": [ "fileSystemId" ] }, "aws:sagemaker/UserProfileUserSettingsCustomPosixUserConfig:UserProfileUserSettingsCustomPosixUserConfig": { "properties": { "gid": { "type": "integer", "description": "The POSIX group ID.\n" }, "uid": { "type": "integer", "description": "The POSIX user ID.\n" } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettings:UserProfileUserSettingsJupyterLabAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsCodeRepository:UserProfileUserSettingsJupyterLabAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. see Code Repository below.\n" }, "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsCustomImage:UserProfileUserSettingsJupyterLabAppSettingsCustomImage" } }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsDefaultResourceSpec:UserProfileUserSettingsJupyterLabAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsCodeRepository:UserProfileUserSettingsJupyterLabAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsCustomImage:UserProfileUserSettingsJupyterLabAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/UserProfileUserSettingsJupyterLabAppSettingsDefaultResourceSpec:UserProfileUserSettingsJupyterLabAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettings:UserProfileUserSettingsJupyterServerAppSettings": { "properties": { "codeRepositories": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettingsCodeRepository:UserProfileUserSettingsJupyterServerAppSettingsCodeRepository" }, "description": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterServer application. see Code Repository below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettingsDefaultResourceSpec:UserProfileUserSettingsJupyterServerAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettingsCodeRepository:UserProfileUserSettingsJupyterServerAppSettingsCodeRepository": { "properties": { "repositoryUrl": { "type": "string", "description": "The URL of the Git repository.\n" } }, "type": "object", "required": [ "repositoryUrl" ] }, "aws:sagemaker/UserProfileUserSettingsJupyterServerAppSettingsDefaultResourceSpec:UserProfileUserSettingsJupyterServerAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettings:UserProfileUserSettingsKernelGatewayAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettingsCustomImage:UserProfileUserSettingsKernelGatewayAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app. see Custom Image below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettingsDefaultResourceSpec:UserProfileUserSettingsKernelGatewayAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" }, "lifecycleConfigArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Name (ARN) of the Lifecycle Configurations.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettingsCustomImage:UserProfileUserSettingsKernelGatewayAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/UserProfileUserSettingsKernelGatewayAppSettingsDefaultResourceSpec:UserProfileUserSettingsKernelGatewayAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsRSessionAppSettings:UserProfileUserSettingsRSessionAppSettings": { "properties": { "customImages": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsRSessionAppSettingsCustomImage:UserProfileUserSettingsRSessionAppSettingsCustomImage" }, "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app. see Custom Image below.\n" }, "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsRSessionAppSettingsDefaultResourceSpec:UserProfileUserSettingsRSessionAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsRSessionAppSettingsCustomImage:UserProfileUserSettingsRSessionAppSettingsCustomImage": { "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "imageName": { "type": "string", "description": "The name of the Custom Image.\n" }, "imageVersionNumber": { "type": "integer", "description": "The version number of the Custom Image.\n" } }, "type": "object", "required": [ "appImageConfigName", "imageName" ] }, "aws:sagemaker/UserProfileUserSettingsRSessionAppSettingsDefaultResourceSpec:UserProfileUserSettingsRSessionAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsRStudioServerProAppSettings:UserProfileUserSettingsRStudioServerProAppSettings": { "properties": { "accessStatus": { "type": "string", "description": "Indicates whether the current user has access to the RStudioServerPro app. Valid values are `ENABLED` and `DISABLED`.\n" }, "userGroup": { "type": "string", "description": "The level of permissions that the user has within the RStudioServerPro app. This value defaults to `R_STUDIO_USER`. The `R_STUDIO_ADMIN` value allows the user access to the RStudio Administrative Dashboard. Valid values are `R_STUDIO_USER` and `R_STUDIO_ADMIN`.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsSharingSettings:UserProfileUserSettingsSharingSettings": { "properties": { "notebookOutputOption": { "type": "string", "description": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled`. Valid values are `Allowed` and `Disabled`.\n" }, "s3KmsKeyId": { "type": "string", "description": "When `notebook_output_option` is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.\n" }, "s3OutputPath": { "type": "string", "description": "When `notebook_output_option` is Allowed, the Amazon S3 bucket used to save the notebook cell output.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsSpaceStorageSettings:UserProfileUserSettingsSpaceStorageSettings": { "properties": { "defaultEbsStorageSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings:UserProfileUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings", "description": "The default EBS storage settings for a private space. See Default EBS Storage Settings below.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings:UserProfileUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings": { "properties": { "defaultEbsVolumeSizeInGb": { "type": "integer", "description": "The default size of the EBS storage volume for a private space.\n" }, "maximumEbsVolumeSizeInGb": { "type": "integer", "description": "The maximum size of the EBS storage volume for a private space.\n" } }, "type": "object", "required": [ "defaultEbsVolumeSizeInGb", "maximumEbsVolumeSizeInGb" ] }, "aws:sagemaker/UserProfileUserSettingsTensorBoardAppSettings:UserProfileUserSettingsTensorBoardAppSettings": { "properties": { "defaultResourceSpec": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettingsTensorBoardAppSettingsDefaultResourceSpec:UserProfileUserSettingsTensorBoardAppSettingsDefaultResourceSpec", "description": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. see Default Resource Spec below.\n" } }, "type": "object" }, "aws:sagemaker/UserProfileUserSettingsTensorBoardAppSettingsDefaultResourceSpec:UserProfileUserSettingsTensorBoardAppSettingsDefaultResourceSpec": { "properties": { "instanceType": { "type": "string", "description": "The instance type that the image version runs on.. For valid values see [SageMaker Instance Types](https://docs.aws.amazon.com/sagemaker/latest/dg/notebooks-available-instance-types.html).\n" }, "lifecycleConfigArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.\n" }, "sagemakerImageArn": { "type": "string", "description": "The ARN of the SageMaker image that the image version belongs to.\n" }, "sagemakerImageVersionAlias": { "type": "string", "description": "The SageMaker Image Version Alias.\n" }, "sagemakerImageVersionArn": { "type": "string", "description": "The ARN of the image version created on the instance.\n" } }, "type": "object" }, "aws:sagemaker/WorkforceCognitoConfig:WorkforceCognitoConfig": { "properties": { "clientId": { "type": "string", "description": "The client ID for your Amazon Cognito user pool.\n" }, "userPool": { "type": "string", "description": "ID for your Amazon Cognito user pool.\n" } }, "type": "object", "required": [ "clientId", "userPool" ] }, "aws:sagemaker/WorkforceOidcConfig:WorkforceOidcConfig": { "properties": { "authenticationRequestExtraParams": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A string to string map of identifiers specific to the custom identity provider (IdP) being used.\n" }, "authorizationEndpoint": { "type": "string", "description": "The OIDC IdP authorization endpoint used to configure your private workforce.\n" }, "clientId": { "type": "string", "description": "The OIDC IdP client ID used to configure your private workforce.\n" }, "clientSecret": { "type": "string", "description": "The OIDC IdP client secret used to configure your private workforce.\n", "secret": true }, "issuer": { "type": "string", "description": "The OIDC IdP issuer used to configure your private workforce.\n" }, "jwksUri": { "type": "string", "description": "The OIDC IdP JSON Web Key Set (Jwks) URI used to configure your private workforce.\n" }, "logoutEndpoint": { "type": "string", "description": "The OIDC IdP logout endpoint used to configure your private workforce.\n" }, "scope": { "type": "string", "description": "An array of string identifiers used to refer to the specific pieces of user data or claims that the client application wants to access.\n" }, "tokenEndpoint": { "type": "string", "description": "The OIDC IdP token endpoint used to configure your private workforce.\n" }, "userInfoEndpoint": { "type": "string", "description": "The OIDC IdP user information endpoint used to configure your private workforce.\n" } }, "type": "object", "required": [ "authorizationEndpoint", "clientId", "clientSecret", "issuer", "jwksUri", "logoutEndpoint", "tokenEndpoint", "userInfoEndpoint" ] }, "aws:sagemaker/WorkforceSourceIpConfig:WorkforceSourceIpConfig": { "properties": { "cidrs": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 10 CIDR values.\n" } }, "type": "object", "required": [ "cidrs" ] }, "aws:sagemaker/WorkforceWorkforceVpcConfig:WorkforceWorkforceVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC security group IDs. The security groups must be for the same VPC as specified in the subnet.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "The ID of the subnets in the VPC that you want to connect.\n" }, "vpcEndpointId": { "type": "string", "description": "The IDs for the VPC service endpoints of your VPC workforce.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that the workforce uses for communication.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "vpcEndpointId" ] } } }, "aws:sagemaker/WorkteamMemberDefinition:WorkteamMemberDefinition": { "properties": { "cognitoMemberDefinition": { "$ref": "#/types/aws:sagemaker/WorkteamMemberDefinitionCognitoMemberDefinition:WorkteamMemberDefinitionCognitoMemberDefinition", "description": "The Amazon Cognito user group that is part of the work team. See Cognito Member Definition details below.\n" }, "oidcMemberDefinition": { "$ref": "#/types/aws:sagemaker/WorkteamMemberDefinitionOidcMemberDefinition:WorkteamMemberDefinitionOidcMemberDefinition", "description": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. See Cognito Member Definition details below.\n" } }, "type": "object" }, "aws:sagemaker/WorkteamMemberDefinitionCognitoMemberDefinition:WorkteamMemberDefinitionCognitoMemberDefinition": { "properties": { "clientId": { "type": "string", "description": "An identifier for an application client. You must create the app client ID using Amazon Cognito.\n" }, "userGroup": { "type": "string", "description": "An identifier for a user group.\n" }, "userPool": { "type": "string", "description": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.\n" } }, "type": "object", "required": [ "clientId", "userGroup", "userPool" ] }, "aws:sagemaker/WorkteamMemberDefinitionOidcMemberDefinition:WorkteamMemberDefinitionOidcMemberDefinition": { "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of comma separated strings that identifies user groups in your OIDC IdP. Each user group is made up of a group of private workers.\n" } }, "type": "object", "required": [ "groups" ] }, "aws:sagemaker/WorkteamNotificationConfiguration:WorkteamNotificationConfiguration": { "properties": { "notificationTopicArn": { "type": "string", "description": "The ARN for the SNS topic to which notifications should be published.\n" } }, "type": "object" }, "aws:sagemaker/WorkteamWorkerAccessConfiguration:WorkteamWorkerAccessConfiguration": { "properties": { "s3Presign": { "$ref": "#/types/aws:sagemaker/WorkteamWorkerAccessConfigurationS3Presign:WorkteamWorkerAccessConfigurationS3Presign", "description": "Defines any Amazon S3 resource constraints. see S3 Presign details below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "s3Presign" ] } } }, "aws:sagemaker/WorkteamWorkerAccessConfigurationS3Presign:WorkteamWorkerAccessConfigurationS3Presign": { "properties": { "iamPolicyConstraints": { "$ref": "#/types/aws:sagemaker/WorkteamWorkerAccessConfigurationS3PresignIamPolicyConstraints:WorkteamWorkerAccessConfigurationS3PresignIamPolicyConstraints", "description": "Use this parameter to specify the allowed request source. Possible sources are either SourceIp or VpcSourceIp. see IAM Policy Constraints details below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "iamPolicyConstraints" ] } } }, "aws:sagemaker/WorkteamWorkerAccessConfigurationS3PresignIamPolicyConstraints:WorkteamWorkerAccessConfigurationS3PresignIamPolicyConstraints": { "properties": { "sourceIp": { "type": "string", "description": "When SourceIp is Enabled the worker's IP address when a task is rendered in the worker portal is added to the IAM policy as a Condition used to generate the Amazon S3 presigned URL. This IP address is checked by Amazon S3 and must match in order for the Amazon S3 resource to be rendered in the worker portal. Valid values are `Enabled` or `Disabled`\n" }, "vpcSourceIp": { "type": "string", "description": "When VpcSourceIp is Enabled the worker's IP address when a task is rendered in private worker portal inside the VPC is added to the IAM policy as a Condition used to generate the Amazon S3 presigned URL. To render the task successfully Amazon S3 checks that the presigned URL is being accessed over an Amazon S3 VPC Endpoint, and that the worker's IP address matches the IP address in the IAM policy. To learn more about configuring private worker portal, see [Use Amazon VPC mode from a private worker portal](https://docs.aws.amazon.com/sagemaker/latest/dg/samurai-vpc-worker-portal.html). Valid values are `Enabled` or `Disabled`\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "sourceIp", "vpcSourceIp" ] } } }, "aws:scheduler/ScheduleFlexibleTimeWindow:ScheduleFlexibleTimeWindow": { "properties": { "maximumWindowInMinutes": { "type": "integer", "description": "Maximum time window during which a schedule can be invoked. Ranges from `1` to `1440` minutes.\n" }, "mode": { "type": "string", "description": "Determines whether the schedule is invoked within a flexible time window. One of: `OFF`, `FLEXIBLE`.\n" } }, "type": "object", "required": [ "mode" ] }, "aws:scheduler/ScheduleTarget:ScheduleTarget": { "properties": { "arn": { "type": "string", "description": "ARN of the target of this schedule, such as a SQS queue or ECS cluster. For universal targets, this is a [Service ARN specific to the target service](https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-targets-universal.html#supported-universal-targets).\n" }, "deadLetterConfig": { "$ref": "#/types/aws:scheduler/ScheduleTargetDeadLetterConfig:ScheduleTargetDeadLetterConfig", "description": "Information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue. Detailed below.\n" }, "ecsParameters": { "$ref": "#/types/aws:scheduler/ScheduleTargetEcsParameters:ScheduleTargetEcsParameters", "description": "Templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation. Detailed below.\n" }, "eventbridgeParameters": { "$ref": "#/types/aws:scheduler/ScheduleTargetEventbridgeParameters:ScheduleTargetEventbridgeParameters", "description": "Templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation. Detailed below.\n" }, "input": { "type": "string", "description": "Text, or well-formed JSON, passed to the target. Read more in [Universal target](https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-targets-universal.html).\n" }, "kinesisParameters": { "$ref": "#/types/aws:scheduler/ScheduleTargetKinesisParameters:ScheduleTargetKinesisParameters", "description": "Templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation. Detailed below.\n" }, "retryPolicy": { "$ref": "#/types/aws:scheduler/ScheduleTargetRetryPolicy:ScheduleTargetRetryPolicy", "description": "Information about the retry policy settings. Detailed below.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked. Read more in [Set up the execution role](https://docs.aws.amazon.com/scheduler/latest/UserGuide/setting-up.html#setting-up-execution-role).\n\nThe following arguments are optional:\n" }, "sagemakerPipelineParameters": { "$ref": "#/types/aws:scheduler/ScheduleTargetSagemakerPipelineParameters:ScheduleTargetSagemakerPipelineParameters", "description": "Templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation. Detailed below.\n" }, "sqsParameters": { "$ref": "#/types/aws:scheduler/ScheduleTargetSqsParameters:ScheduleTargetSqsParameters", "description": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Detailed below.\n" } }, "type": "object", "required": [ "arn", "roleArn" ] }, "aws:scheduler/ScheduleTargetDeadLetterConfig:ScheduleTargetDeadLetterConfig": { "properties": { "arn": { "type": "string", "description": "ARN of the SQS queue specified as the destination for the dead-letter queue.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:scheduler/ScheduleTargetEcsParameters:ScheduleTargetEcsParameters": { "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:scheduler/ScheduleTargetEcsParametersCapacityProviderStrategy:ScheduleTargetEcsParametersCapacityProviderStrategy" }, "description": "Up to `6` capacity provider strategies to use for the task. Detailed below.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon ECS Developer Guide.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Specifies whether to enable the execute command functionality for the containers in this task.\n" }, "group": { "type": "string", "description": "Specifies an ECS task group for the task. At most 255 characters.\n" }, "launchType": { "type": "string", "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. One of: `EC2`, `FARGATE`, `EXTERNAL`.\n" }, "networkConfiguration": { "$ref": "#/types/aws:scheduler/ScheduleTargetEcsParametersNetworkConfiguration:ScheduleTargetEcsParametersNetworkConfiguration", "description": "Configures the networking associated with the task. Detailed below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:scheduler/ScheduleTargetEcsParametersPlacementConstraint:ScheduleTargetEcsParametersPlacementConstraint" }, "description": "A set of up to 10 placement constraints to use for the task. Detailed below.\n" }, "placementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:scheduler/ScheduleTargetEcsParametersPlacementStrategy:ScheduleTargetEcsParametersPlacementStrategy" }, "description": "A set of up to 5 placement strategies. Detailed below.\n" }, "platformVersion": { "type": "string", "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0`.\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition to the task. One of: `TASK_DEFINITION`.\n" }, "referenceId": { "type": "string", "description": "Reference ID to use for the task.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata that you apply to the task. Each tag consists of a key and an optional value. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the Amazon ECS API Reference.\n" }, "taskCount": { "type": "integer", "description": "The number of tasks to create. Ranges from `1` (default) to `10`.\n" }, "taskDefinitionArn": { "type": "string", "description": "ARN of the task definition to use.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "taskDefinitionArn" ] }, "aws:scheduler/ScheduleTargetEcsParametersCapacityProviderStrategy:ScheduleTargetEcsParametersCapacityProviderStrategy": { "properties": { "base": { "type": "integer", "description": "How many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Ranges from `0` (default) to `100000`.\n" }, "capacityProvider": { "type": "string", "description": "Short name of the capacity provider.\n" }, "weight": { "type": "integer", "description": "Designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. Ranges from from `0` to `1000`.\n" } }, "type": "object", "required": [ "capacityProvider" ] }, "aws:scheduler/ScheduleTargetEcsParametersNetworkConfiguration:ScheduleTargetEcsParametersNetworkConfiguration": { "properties": { "assignPublicIp": { "type": "boolean", "description": "Specifies whether the task's elastic network interface receives a public IP address. This attribute is a boolean type, where `true` maps to `ENABLED` and `false` to `DISABLED`. You can specify `true` only when the `launch_type` is set to `FARGATE`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "Set of 1 to 5 Security Group ID-s to be associated with the task. These security groups must all be in the same VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "Set of 1 to 16 subnets to be associated with the task. These subnets must all be in the same VPC.\n" } }, "type": "object", "required": [ "subnets" ] }, "aws:scheduler/ScheduleTargetEcsParametersPlacementConstraint:ScheduleTargetEcsParametersPlacementConstraint": { "properties": { "expression": { "type": "string", "description": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance`. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon ECS Developer Guide.\n" }, "type": { "type": "string", "description": "The type of constraint. One of: `distinctInstance`, `memberOf`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:scheduler/ScheduleTargetEcsParametersPlacementStrategy:ScheduleTargetEcsParametersPlacementStrategy": { "properties": { "field": { "type": "string", "description": "The field to apply the placement strategy against.\n" }, "type": { "type": "string", "description": "The type of placement strategy. One of: `random`, `spread`, `binpack`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:scheduler/ScheduleTargetEventbridgeParameters:ScheduleTargetEventbridgeParameters": { "properties": { "detailType": { "type": "string", "description": "Free-form string used to decide what fields to expect in the event detail. Up to 128 characters.\n" }, "source": { "type": "string", "description": "Source of the event.\n" } }, "type": "object", "required": [ "detailType", "source" ] }, "aws:scheduler/ScheduleTargetKinesisParameters:ScheduleTargetKinesisParameters": { "properties": { "partitionKey": { "type": "string", "description": "Specifies the shard to which EventBridge Scheduler sends the event. Up to 256 characters.\n" } }, "type": "object", "required": [ "partitionKey" ] }, "aws:scheduler/ScheduleTargetRetryPolicy:ScheduleTargetRetryPolicy": { "properties": { "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum amount of time, in seconds, to continue to make retry attempts. Ranges from `60` to `86400` (default).\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of retry attempts to make before the request fails. Ranges from `0` to `185` (default).\n" } }, "type": "object" }, "aws:scheduler/ScheduleTargetSagemakerPipelineParameters:ScheduleTargetSagemakerPipelineParameters": { "properties": { "pipelineParameters": { "type": "array", "items": { "$ref": "#/types/aws:scheduler/ScheduleTargetSagemakerPipelineParametersPipelineParameter:ScheduleTargetSagemakerPipelineParametersPipelineParameter" }, "description": "Set of up to 200 parameter names and values to use when executing the SageMaker Model Building Pipeline. Detailed below.\n" } }, "type": "object" }, "aws:scheduler/ScheduleTargetSagemakerPipelineParametersPipelineParameter:ScheduleTargetSagemakerPipelineParametersPipelineParameter": { "properties": { "name": { "type": "string", "description": "Name of parameter to start execution of a SageMaker Model Building Pipeline.\n" }, "value": { "type": "string", "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:scheduler/ScheduleTargetSqsParameters:ScheduleTargetSqsParameters": { "properties": { "messageGroupId": { "type": "string", "description": "FIFO message group ID to use as the target.\n" } }, "type": "object" }, "aws:secretsmanager/SecretReplica:SecretReplica": { "properties": { "kmsKeyId": { "type": "string", "description": "ARN, Key ID, or Alias of the AWS KMS key within the region secret is replicated to. If one is not specified, then Secrets Manager defaults to using the AWS account's default KMS key (`aws/secretsmanager`) in the region or creates one for use if non-existent.\n" }, "lastAccessedDate": { "type": "string", "description": "Date that you last accessed the secret in the Region.\n" }, "region": { "type": "string", "description": "Region for replicating the secret.\n" }, "status": { "type": "string", "description": "Status can be `InProgress`, `Failed`, or `InSync`.\n" }, "statusMessage": { "type": "string", "description": "Message such as `Replication succeeded` or `Secret with this name already exists in this region`.\n" } }, "type": "object", "required": [ "region" ], "language": { "nodejs": { "requiredOutputs": [ "kmsKeyId", "lastAccessedDate", "region", "status", "statusMessage" ] } } }, "aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules": { "properties": { "automaticallyAfterDays": { "type": "integer", "description": "Specifies the number of days between automatic scheduled rotations of the secret. Either `automatically_after_days` or `schedule_expression` must be specified.\n" }, "duration": { "type": "string", "description": "The length of the rotation window in hours. For example, `3h` for a three hour window.\n" }, "scheduleExpression": { "type": "string", "description": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Either `automatically_after_days` or `schedule_expression` must be specified.\n" } }, "type": "object" }, "aws:secretsmanager/getSecretRotationRotationRule:getSecretRotationRotationRule": { "properties": { "automaticallyAfterDays": { "type": "integer" }, "duration": { "type": "string" }, "scheduleExpression": { "type": "string" } }, "type": "object", "required": [ "automaticallyAfterDays", "duration", "scheduleExpression" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:secretsmanager/getSecretsFilter:getSecretsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [Secrets Manager ListSecrets API Reference](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecrets.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:securityhub/AutomationRuleAction:AutomationRuleAction": { "properties": { "findingFieldsUpdate": { "$ref": "#/types/aws:securityhub/AutomationRuleActionFindingFieldsUpdate:AutomationRuleActionFindingFieldsUpdate", "description": "A block that specifies that the automation rule action is an update to a finding field. Documented below.\n" }, "type": { "type": "string", "description": "Specifies that the rule action should update the `Types` finding field. The `Types` finding field classifies findings in the format of namespace/category/classifier.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleActionFindingFieldsUpdate:AutomationRuleActionFindingFieldsUpdate": { "properties": { "confidence": { "type": "integer", "description": "The rule action updates the `Confidence` field of a finding.\n" }, "criticality": { "type": "integer", "description": "The rule action updates the `Criticality` field of a finding.\n" }, "note": { "$ref": "#/types/aws:securityhub/AutomationRuleActionFindingFieldsUpdateNote:AutomationRuleActionFindingFieldsUpdateNote", "description": "A resource block that updates the note. Documented below.\n" }, "relatedFindings": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleActionFindingFieldsUpdateRelatedFinding:AutomationRuleActionFindingFieldsUpdateRelatedFinding" }, "description": "A resource block that the rule action updates the `RelatedFindings` field of a finding. Documented below.\n" }, "severity": { "$ref": "#/types/aws:securityhub/AutomationRuleActionFindingFieldsUpdateSeverity:AutomationRuleActionFindingFieldsUpdateSeverity", "description": "A resource block that updates to the severity information for a finding. Documented below.\n" }, "types": { "type": "array", "items": { "type": "string" }, "description": "The rule action updates the `Types` field of a finding.\n" }, "userDefinedFields": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The rule action updates the `UserDefinedFields` field of a finding.\n" }, "verificationState": { "type": "string", "description": "The rule action updates the `VerificationState` field of a finding. The allowed values are the following `UNKNOWN`, `TRUE_POSITIVE`, `FALSE_POSITIVE` and `BENIGN_POSITIVE`.\n" }, "workflow": { "$ref": "#/types/aws:securityhub/AutomationRuleActionFindingFieldsUpdateWorkflow:AutomationRuleActionFindingFieldsUpdateWorkflow", "description": "A resource block that is used to update information about the investigation into the finding. Documented below.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleActionFindingFieldsUpdateNote:AutomationRuleActionFindingFieldsUpdateNote": { "properties": { "text": { "type": "string", "description": "The updated note text.\n" }, "updatedBy": { "type": "string", "description": "The principal that updated the note.\n" } }, "type": "object", "required": [ "text", "updatedBy" ] }, "aws:securityhub/AutomationRuleActionFindingFieldsUpdateRelatedFinding:AutomationRuleActionFindingFieldsUpdateRelatedFinding": { "properties": { "id": { "type": "string", "description": "The product-generated identifier for a related finding.\n" }, "productArn": { "type": "string", "description": "The ARN of the product that generated a related finding.\n" } }, "type": "object", "required": [ "id", "productArn" ] }, "aws:securityhub/AutomationRuleActionFindingFieldsUpdateSeverity:AutomationRuleActionFindingFieldsUpdateSeverity": { "properties": { "label": { "type": "string", "description": "The severity value of the finding. The allowed values are the following `INFORMATIONAL`, `LOW`, `MEDIUM`, `HIGH` and `CRITICAL`.\n" }, "product": { "type": "number", "description": "The native severity as defined by the AWS service or integrated partner product that generated the finding.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "label" ] } } }, "aws:securityhub/AutomationRuleActionFindingFieldsUpdateWorkflow:AutomationRuleActionFindingFieldsUpdateWorkflow": { "properties": { "status": { "type": "string", "description": "The status of the investigation into the finding. The allowed values are the following `NEW`, `NOTIFIED`, `RESOLVED` and `SUPPRESSED`.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteria:AutomationRuleCriteria": { "properties": { "awsAccountIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaAwsAccountId:AutomationRuleCriteriaAwsAccountId" }, "description": "The AWS account ID in which a finding was generated. Documented below.\n" }, "awsAccountNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaAwsAccountName:AutomationRuleCriteriaAwsAccountName" }, "description": "The name of the AWS account in which a finding was generated. Documented below.\n" }, "companyNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaCompanyName:AutomationRuleCriteriaCompanyName" }, "description": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.\n" }, "complianceAssociatedStandardsIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaComplianceAssociatedStandardsId:AutomationRuleCriteriaComplianceAssociatedStandardsId" }, "description": "The unique identifier of a standard in which a control is enabled. Documented below.\n" }, "complianceSecurityControlIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaComplianceSecurityControlId:AutomationRuleCriteriaComplianceSecurityControlId" }, "description": "The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.\n" }, "complianceStatuses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaComplianceStatus:AutomationRuleCriteriaComplianceStatus" }, "description": "The result of a security check. This field is only used for findings generated from controls. Documented below.\n" }, "confidences": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaConfidence:AutomationRuleCriteriaConfidence" }, "description": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0–100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. Documented below.\n" }, "createdAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaCreatedAt:AutomationRuleCriteriaCreatedAt" }, "description": "A timestamp that indicates when this finding record was created. Documented below.\n" }, "criticalities": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaCriticality:AutomationRuleCriteriaCriticality" }, "description": "The level of importance that is assigned to the resources that are associated with a finding. Documented below.\n" }, "descriptions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaDescription:AutomationRuleCriteriaDescription" }, "description": "A finding's description. Documented below.\n" }, "firstObservedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaFirstObservedAt:AutomationRuleCriteriaFirstObservedAt" }, "description": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.\n" }, "generatorIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaGeneratorId:AutomationRuleCriteriaGeneratorId" }, "description": "The identifier for the solution-specific component that generated a finding. Documented below.\n" }, "ids": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaId:AutomationRuleCriteriaId" }, "description": "The product-specific identifier for a finding. Documented below.\n" }, "lastObservedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaLastObservedAt:AutomationRuleCriteriaLastObservedAt" }, "description": "A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.\n" }, "noteTexts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaNoteText:AutomationRuleCriteriaNoteText" }, "description": "The text of a user-defined note that's added to a finding. Documented below.\n" }, "noteUpdatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaNoteUpdatedAt:AutomationRuleCriteriaNoteUpdatedAt" }, "description": "The timestamp of when the note was updated. Documented below.\n" }, "noteUpdatedBies": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaNoteUpdatedBy:AutomationRuleCriteriaNoteUpdatedBy" }, "description": "The principal that created a note. Documented below.\n" }, "productArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaProductArn:AutomationRuleCriteriaProductArn" }, "description": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.\n" }, "productNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaProductName:AutomationRuleCriteriaProductName" }, "description": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.\n" }, "recordStates": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaRecordState:AutomationRuleCriteriaRecordState" }, "description": "Provides the current state of a finding. Documented below.\n" }, "relatedFindingsIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaRelatedFindingsId:AutomationRuleCriteriaRelatedFindingsId" }, "description": "The product-generated identifier for a related finding. Documented below.\n" }, "relatedFindingsProductArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaRelatedFindingsProductArn:AutomationRuleCriteriaRelatedFindingsProductArn" }, "description": "The ARN for the product that generated a related finding. Documented below.\n" }, "resourceApplicationArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceApplicationArn:AutomationRuleCriteriaResourceApplicationArn" }, "description": "The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.\n" }, "resourceApplicationNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceApplicationName:AutomationRuleCriteriaResourceApplicationName" }, "description": "The name of the application that is related to a finding. Documented below.\n" }, "resourceDetailsOthers": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceDetailsOther:AutomationRuleCriteriaResourceDetailsOther" }, "description": "Custom fields and values about the resource that a finding pertains to. Documented below.\n" }, "resourceIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceId:AutomationRuleCriteriaResourceId" }, "description": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.\n" }, "resourcePartitions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourcePartition:AutomationRuleCriteriaResourcePartition" }, "description": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.\n" }, "resourceRegions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceRegion:AutomationRuleCriteriaResourceRegion" }, "description": "The AWS Region where the resource that a finding pertains to is located. Documented below.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceTag:AutomationRuleCriteriaResourceTag" }, "description": "A list of AWS tags associated with a resource at the time the finding was processed. Documented below.\n" }, "resourceTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaResourceType:AutomationRuleCriteriaResourceType" }, "description": "The type of resource that the finding pertains to. Documented below.\n" }, "severityLabels": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaSeverityLabel:AutomationRuleCriteriaSeverityLabel" }, "description": "The severity value of the finding. Documented below.\n" }, "sourceUrls": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaSourceUrl:AutomationRuleCriteriaSourceUrl" }, "description": "Provides a URL that links to a page about the current finding in the finding product. Documented below.\n" }, "titles": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaTitle:AutomationRuleCriteriaTitle" }, "description": "A finding's title. Documented below.\n" }, "types": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaType:AutomationRuleCriteriaType" }, "description": "One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.\n" }, "updatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaUpdatedAt:AutomationRuleCriteriaUpdatedAt" }, "description": "A timestamp that indicates when the finding record was most recently updated. Documented below.\n" }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaUserDefinedField:AutomationRuleCriteriaUserDefinedField" }, "description": "A list of user-defined name and value string pairs added to a finding. Documented below.\n" }, "verificationStates": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaVerificationState:AutomationRuleCriteriaVerificationState" }, "description": "Provides the veracity of a finding. Documented below.\n" }, "workflowStatuses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaWorkflowStatus:AutomationRuleCriteriaWorkflowStatus" }, "description": "Provides information about the status of the investigation into a finding. Documented below.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaAwsAccountId:AutomationRuleCriteriaAwsAccountId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaAwsAccountName:AutomationRuleCriteriaAwsAccountName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaCompanyName:AutomationRuleCriteriaCompanyName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaComplianceAssociatedStandardsId:AutomationRuleCriteriaComplianceAssociatedStandardsId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaComplianceSecurityControlId:AutomationRuleCriteriaComplianceSecurityControlId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaComplianceStatus:AutomationRuleCriteriaComplianceStatus": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaConfidence:AutomationRuleCriteriaConfidence": { "properties": { "eq": { "type": "number", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gt": { "type": "number" }, "gte": { "type": "number", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lt": { "type": "number" }, "lte": { "type": "number", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaCreatedAt:AutomationRuleCriteriaCreatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaCreatedAtDateRange:AutomationRuleCriteriaCreatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaCreatedAtDateRange:AutomationRuleCriteriaCreatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/AutomationRuleCriteriaCriticality:AutomationRuleCriteriaCriticality": { "properties": { "eq": { "type": "number", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gt": { "type": "number" }, "gte": { "type": "number", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lt": { "type": "number" }, "lte": { "type": "number", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaDescription:AutomationRuleCriteriaDescription": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaFirstObservedAt:AutomationRuleCriteriaFirstObservedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaFirstObservedAtDateRange:AutomationRuleCriteriaFirstObservedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaFirstObservedAtDateRange:AutomationRuleCriteriaFirstObservedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/AutomationRuleCriteriaGeneratorId:AutomationRuleCriteriaGeneratorId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaId:AutomationRuleCriteriaId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaLastObservedAt:AutomationRuleCriteriaLastObservedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaLastObservedAtDateRange:AutomationRuleCriteriaLastObservedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaLastObservedAtDateRange:AutomationRuleCriteriaLastObservedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/AutomationRuleCriteriaNoteText:AutomationRuleCriteriaNoteText": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaNoteUpdatedAt:AutomationRuleCriteriaNoteUpdatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaNoteUpdatedAtDateRange:AutomationRuleCriteriaNoteUpdatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaNoteUpdatedAtDateRange:AutomationRuleCriteriaNoteUpdatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/AutomationRuleCriteriaNoteUpdatedBy:AutomationRuleCriteriaNoteUpdatedBy": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaProductArn:AutomationRuleCriteriaProductArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaProductName:AutomationRuleCriteriaProductName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaRecordState:AutomationRuleCriteriaRecordState": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaRelatedFindingsId:AutomationRuleCriteriaRelatedFindingsId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaRelatedFindingsProductArn:AutomationRuleCriteriaRelatedFindingsProductArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceApplicationArn:AutomationRuleCriteriaResourceApplicationArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceApplicationName:AutomationRuleCriteriaResourceApplicationName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceDetailsOther:AutomationRuleCriteriaResourceDetailsOther": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceId:AutomationRuleCriteriaResourceId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourcePartition:AutomationRuleCriteriaResourcePartition": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceRegion:AutomationRuleCriteriaResourceRegion": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceTag:AutomationRuleCriteriaResourceTag": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/AutomationRuleCriteriaResourceType:AutomationRuleCriteriaResourceType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaSeverityLabel:AutomationRuleCriteriaSeverityLabel": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaSourceUrl:AutomationRuleCriteriaSourceUrl": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaTitle:AutomationRuleCriteriaTitle": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaType:AutomationRuleCriteriaType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaUpdatedAt:AutomationRuleCriteriaUpdatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteriaUpdatedAtDateRange:AutomationRuleCriteriaUpdatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/AutomationRuleCriteriaUpdatedAtDateRange:AutomationRuleCriteriaUpdatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/AutomationRuleCriteriaUserDefinedField:AutomationRuleCriteriaUserDefinedField": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/AutomationRuleCriteriaVerificationState:AutomationRuleCriteriaVerificationState": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/AutomationRuleCriteriaWorkflowStatus:AutomationRuleCriteriaWorkflowStatus": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicy:ConfigurationPolicyConfigurationPolicy": { "properties": { "enabledStandardArns": { "type": "array", "items": { "type": "string" }, "description": "A list that defines which security standards are enabled in the configuration policy. It must be defined if `service_enabled` is set to true.\n" }, "securityControlsConfiguration": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfiguration:ConfigurationPolicyConfigurationPolicySecurityControlsConfiguration", "description": "Defines which security controls are enabled in the configuration policy and any customizations to parameters affecting them. See below.\n" }, "serviceEnabled": { "type": "boolean", "description": "Indicates whether Security Hub is enabled in the policy.\n" } }, "type": "object", "required": [ "serviceEnabled" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfiguration:ConfigurationPolicyConfigurationPolicySecurityControlsConfiguration": { "properties": { "disabledControlIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of security controls that are disabled in the configuration policy Security Hub enables all other controls (including newly released controls) other than the listed controls. Conflicts with `enabled_control_identifiers`.\n" }, "enabledControlIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of security controls that are enabled in the configuration policy. Security Hub disables all other controls (including newly released controls) other than the listed controls. Conflicts with `disabled_control_identifiers`.\n" }, "securityControlCustomParameters": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameter:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameter" }, "description": "A list of control parameter customizations that are included in a configuration policy. Include multiple blocks to define multiple control custom parameters. See below.\n" } }, "type": "object" }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameter:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameter": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameter:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameter" }, "description": "An object that specifies parameter values for a control in a configuration policy. See below.\n" }, "securityControlId": { "type": "string", "description": "The ID of the security control. For more information see the [Security Hub controls reference] documentation.\n" } }, "type": "object", "required": [ "parameters", "securityControlId" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameter:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameter": { "properties": { "bool": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBool:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBool", "description": "The bool `value` for a Boolean-typed Security Hub Control Parameter.\n" }, "double": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterDouble:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterDouble", "description": "The float `value` for a Double-typed Security Hub Control Parameter.\n" }, "enum": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnum:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnum", "description": "The string `value` for a Enum-typed Security Hub Control Parameter.\n" }, "enumList": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumList", "description": "The string list `value` for a EnumList-typed Security Hub Control Parameter.\n" }, "int": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterInt:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterInt", "description": "The int `value` for a Int-typed Security Hub Control Parameter.\n" }, "intList": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntList", "description": "The int list `value` for a IntList-typed Security Hub Control Parameter.\n" }, "name": { "type": "string", "description": "The name of the control parameter. For more information see the [Security Hub controls reference] documentation.\n" }, "string": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterString:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterString", "description": "The string `value` for a String-typed Security Hub Control Parameter.\n" }, "stringList": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterStringList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterStringList", "description": "The string list `value` for a StringList-typed Security Hub Control Parameter.\n" }, "valueType": { "type": "string", "description": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior. Valid values: `DEFAULT`, `CUSTOM`.\n" } }, "type": "object", "required": [ "name", "valueType" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBool:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBool": { "properties": { "value": { "type": "boolean" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterDouble:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterDouble": { "properties": { "value": { "type": "number" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnum:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnum": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumList": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterInt:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterInt": { "properties": { "value": { "type": "integer" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntList": { "properties": { "values": { "type": "array", "items": { "type": "integer" } } }, "type": "object", "required": [ "values" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterString:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterString": { "properties": { "value": { "type": "string" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterStringList:ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterStringList": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "aws:securityhub/InsightFilters:InsightFilters": { "properties": { "awsAccountIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersAwsAccountId:InsightFiltersAwsAccountId" }, "description": "AWS account ID that a finding is generated in. See String_Filter below for more details.\n" }, "companyNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersCompanyName:InsightFiltersCompanyName" }, "description": "The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.\n" }, "complianceStatuses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersComplianceStatus:InsightFiltersComplianceStatus" }, "description": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.\n" }, "confidences": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersConfidence:InsightFiltersConfidence" }, "description": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.\n" }, "createdAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersCreatedAt:InsightFiltersCreatedAt" }, "description": "An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.\n" }, "criticalities": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersCriticality:InsightFiltersCriticality" }, "description": "The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.\n" }, "descriptions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersDescription:InsightFiltersDescription" }, "description": "A finding's description. See String Filter below for more details.\n" }, "findingProviderFieldsConfidences": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsConfidence:InsightFiltersFindingProviderFieldsConfidence" }, "description": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.\n" }, "findingProviderFieldsCriticalities": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsCriticality:InsightFiltersFindingProviderFieldsCriticality" }, "description": "The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.\n" }, "findingProviderFieldsRelatedFindingsIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsRelatedFindingsId:InsightFiltersFindingProviderFieldsRelatedFindingsId" }, "description": "The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.\n" }, "findingProviderFieldsRelatedFindingsProductArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsRelatedFindingsProductArn:InsightFiltersFindingProviderFieldsRelatedFindingsProductArn" }, "description": "The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.\n" }, "findingProviderFieldsSeverityLabels": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsSeverityLabel:InsightFiltersFindingProviderFieldsSeverityLabel" }, "description": "The finding provider value for the severity label. See String Filter below for more details.\n" }, "findingProviderFieldsSeverityOriginals": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsSeverityOriginal:InsightFiltersFindingProviderFieldsSeverityOriginal" }, "description": "The finding provider's original value for the severity. See String Filter below for more details.\n" }, "findingProviderFieldsTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFindingProviderFieldsType:InsightFiltersFindingProviderFieldsType" }, "description": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding. Valid namespace values include: `Software and Configuration Checks`, `TTPs`, `Effects`, `Unusual Behaviors`, and `Sensitive Data Identifications`. See String Filter below for more details.\n" }, "firstObservedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersFirstObservedAt:InsightFiltersFirstObservedAt" }, "description": "An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.\n" }, "generatorIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersGeneratorId:InsightFiltersGeneratorId" }, "description": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.\n" }, "ids": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersId:InsightFiltersId" }, "description": "The security findings provider-specific identifier for a finding. See String Filter below for more details.\n" }, "keywords": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersKeyword:InsightFiltersKeyword" }, "description": "A keyword for a finding. See Keyword Filter below for more details.\n" }, "lastObservedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersLastObservedAt:InsightFiltersLastObservedAt" }, "description": "An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.\n" }, "malwareNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersMalwareName:InsightFiltersMalwareName" }, "description": "The name of the malware that was observed. See String Filter below for more details.\n" }, "malwarePaths": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersMalwarePath:InsightFiltersMalwarePath" }, "description": "The filesystem path of the malware that was observed. See String Filter below for more details.\n" }, "malwareStates": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersMalwareState:InsightFiltersMalwareState" }, "description": "The state of the malware that was observed. See String Filter below for more details.\n" }, "malwareTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersMalwareType:InsightFiltersMalwareType" }, "description": "The type of the malware that was observed. See String Filter below for more details.\n" }, "networkDestinationDomains": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkDestinationDomain:InsightFiltersNetworkDestinationDomain" }, "description": "The destination domain of network-related information about a finding. See String Filter below for more details.\n" }, "networkDestinationIpv4s": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkDestinationIpv4:InsightFiltersNetworkDestinationIpv4" }, "description": "The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.\n" }, "networkDestinationIpv6s": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkDestinationIpv6:InsightFiltersNetworkDestinationIpv6" }, "description": "The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.\n" }, "networkDestinationPorts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkDestinationPort:InsightFiltersNetworkDestinationPort" }, "description": "The destination port of network-related information about a finding. See Number Filter below for more details.\n" }, "networkDirections": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkDirection:InsightFiltersNetworkDirection" }, "description": "Indicates the direction of network traffic associated with a finding. See String Filter below for more details.\n" }, "networkProtocols": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkProtocol:InsightFiltersNetworkProtocol" }, "description": "The protocol of network-related information about a finding. See String Filter below for more details.\n" }, "networkSourceDomains": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkSourceDomain:InsightFiltersNetworkSourceDomain" }, "description": "The source domain of network-related information about a finding. See String Filter below for more details.\n" }, "networkSourceIpv4s": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkSourceIpv4:InsightFiltersNetworkSourceIpv4" }, "description": "The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.\n" }, "networkSourceIpv6s": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkSourceIpv6:InsightFiltersNetworkSourceIpv6" }, "description": "The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.\n" }, "networkSourceMacs": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkSourceMac:InsightFiltersNetworkSourceMac" }, "description": "The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.\n" }, "networkSourcePorts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNetworkSourcePort:InsightFiltersNetworkSourcePort" }, "description": "The source port of network-related information about a finding. See Number Filter below for more details.\n" }, "noteTexts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNoteText:InsightFiltersNoteText" }, "description": "The text of a note. See String Filter below for more details.\n" }, "noteUpdatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNoteUpdatedAt:InsightFiltersNoteUpdatedAt" }, "description": "The timestamp of when the note was updated. See Date Filter below for more details.\n" }, "noteUpdatedBies": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersNoteUpdatedBy:InsightFiltersNoteUpdatedBy" }, "description": "The principal that created a note. See String Filter below for more details.\n" }, "processLaunchedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessLaunchedAt:InsightFiltersProcessLaunchedAt" }, "description": "The date/time that the process was launched. See Date Filter below for more details.\n" }, "processNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessName:InsightFiltersProcessName" }, "description": "The name of the process. See String Filter below for more details.\n" }, "processParentPids": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessParentPid:InsightFiltersProcessParentPid" }, "description": "The parent process ID. See Number Filter below for more details.\n" }, "processPaths": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessPath:InsightFiltersProcessPath" }, "description": "The path to the process executable. See String Filter below for more details.\n" }, "processPids": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessPid:InsightFiltersProcessPid" }, "description": "The process ID. See Number Filter below for more details.\n" }, "processTerminatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessTerminatedAt:InsightFiltersProcessTerminatedAt" }, "description": "The date/time that the process was terminated. See Date Filter below for more details.\n" }, "productArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProductArn:InsightFiltersProductArn" }, "description": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.\n" }, "productFields": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProductField:InsightFiltersProductField" }, "description": "A data type where security-findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format. See Map Filter below for more details.\n" }, "productNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersProductName:InsightFiltersProductName" }, "description": "The name of the solution (product) that generates findings. See String Filter below for more details.\n" }, "recommendationTexts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersRecommendationText:InsightFiltersRecommendationText" }, "description": "The recommendation of what to do about the issue described in a finding. See String Filter below for more details.\n" }, "recordStates": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersRecordState:InsightFiltersRecordState" }, "description": "The updated record state for the finding. See String Filter below for more details.\n" }, "relatedFindingsIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersRelatedFindingsId:InsightFiltersRelatedFindingsId" }, "description": "The solution-generated identifier for a related finding. See String Filter below for more details.\n" }, "relatedFindingsProductArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersRelatedFindingsProductArn:InsightFiltersRelatedFindingsProductArn" }, "description": "The ARN of the solution that generated a related finding. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceIamInstanceProfileArns": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn:InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn" }, "description": "The IAM profile ARN of the instance. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceImageIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceImageId:InsightFiltersResourceAwsEc2InstanceImageId" }, "description": "The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceIpv4Addresses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceIpv4Address:InsightFiltersResourceAwsEc2InstanceIpv4Address" }, "description": "The IPv4 addresses associated with the instance. See Ip Filter below for more details.\n" }, "resourceAwsEc2InstanceIpv6Addresses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceIpv6Address:InsightFiltersResourceAwsEc2InstanceIpv6Address" }, "description": "The IPv6 addresses associated with the instance. See Ip Filter below for more details.\n" }, "resourceAwsEc2InstanceKeyNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceKeyName:InsightFiltersResourceAwsEc2InstanceKeyName" }, "description": "The key name associated with the instance. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceLaunchedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceLaunchedAt:InsightFiltersResourceAwsEc2InstanceLaunchedAt" }, "description": "The date and time the instance was launched. See Date Filter below for more details.\n" }, "resourceAwsEc2InstanceSubnetIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceSubnetId:InsightFiltersResourceAwsEc2InstanceSubnetId" }, "description": "The identifier of the subnet that the instance was launched in. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceType:InsightFiltersResourceAwsEc2InstanceType" }, "description": "The instance type of the instance. See String Filter below for more details.\n" }, "resourceAwsEc2InstanceVpcIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceVpcId:InsightFiltersResourceAwsEc2InstanceVpcId" }, "description": "The identifier of the VPC that the instance was launched in. See String Filter below for more details.\n" }, "resourceAwsIamAccessKeyCreatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsIamAccessKeyCreatedAt:InsightFiltersResourceAwsIamAccessKeyCreatedAt" }, "description": "The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.\n" }, "resourceAwsIamAccessKeyStatuses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsIamAccessKeyStatus:InsightFiltersResourceAwsIamAccessKeyStatus" }, "description": "The status of the IAM access key related to a finding. See String Filter below for more details.\n" }, "resourceAwsIamAccessKeyUserNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsIamAccessKeyUserName:InsightFiltersResourceAwsIamAccessKeyUserName" }, "description": "The user associated with the IAM access key related to a finding. See String Filter below for more details.\n" }, "resourceAwsS3BucketOwnerIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsS3BucketOwnerId:InsightFiltersResourceAwsS3BucketOwnerId" }, "description": "The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.\n" }, "resourceAwsS3BucketOwnerNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsS3BucketOwnerName:InsightFiltersResourceAwsS3BucketOwnerName" }, "description": "The display name of the owner of the S3 bucket. See String Filter below for more details.\n" }, "resourceContainerImageIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceContainerImageId:InsightFiltersResourceContainerImageId" }, "description": "The identifier of the image related to a finding. See String Filter below for more details.\n" }, "resourceContainerImageNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceContainerImageName:InsightFiltersResourceContainerImageName" }, "description": "The name of the image related to a finding. See String Filter below for more details.\n" }, "resourceContainerLaunchedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceContainerLaunchedAt:InsightFiltersResourceContainerLaunchedAt" }, "description": "The date/time that the container was started. See Date Filter below for more details.\n" }, "resourceContainerNames": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceContainerName:InsightFiltersResourceContainerName" }, "description": "The name of the container related to a finding. See String Filter below for more details.\n" }, "resourceDetailsOthers": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceDetailsOther:InsightFiltersResourceDetailsOther" }, "description": "The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.\n" }, "resourceIds": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceId:InsightFiltersResourceId" }, "description": "The canonical identifier for the given resource type. See String Filter below for more details.\n" }, "resourcePartitions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourcePartition:InsightFiltersResourcePartition" }, "description": "The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.\n" }, "resourceRegions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceRegion:InsightFiltersResourceRegion" }, "description": "The canonical AWS external Region name where this resource is located. See String Filter below for more details.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceTag:InsightFiltersResourceTag" }, "description": "A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.\n" }, "resourceTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceType:InsightFiltersResourceType" }, "description": "Specifies the type of the resource that details are provided for. See String Filter below for more details.\n" }, "severityLabels": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersSeverityLabel:InsightFiltersSeverityLabel" }, "description": "The label of a finding's severity. See String Filter below for more details.\n" }, "sourceUrls": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersSourceUrl:InsightFiltersSourceUrl" }, "description": "A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.\n" }, "threatIntelIndicatorCategories": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorCategory:InsightFiltersThreatIntelIndicatorCategory" }, "description": "The category of a threat intelligence indicator. See String Filter below for more details.\n" }, "threatIntelIndicatorLastObservedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorLastObservedAt:InsightFiltersThreatIntelIndicatorLastObservedAt" }, "description": "The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.\n" }, "threatIntelIndicatorSourceUrls": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorSourceUrl:InsightFiltersThreatIntelIndicatorSourceUrl" }, "description": "The URL for more details from the source of the threat intelligence. See String Filter below for more details.\n" }, "threatIntelIndicatorSources": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorSource:InsightFiltersThreatIntelIndicatorSource" }, "description": "The source of the threat intelligence. See String Filter below for more details.\n" }, "threatIntelIndicatorTypes": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorType:InsightFiltersThreatIntelIndicatorType" }, "description": "The type of a threat intelligence indicator. See String Filter below for more details.\n" }, "threatIntelIndicatorValues": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorValue:InsightFiltersThreatIntelIndicatorValue" }, "description": "The value of a threat intelligence indicator. See String Filter below for more details.\n" }, "titles": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersTitle:InsightFiltersTitle" }, "description": "A finding's title. See String Filter below for more details.\n" }, "types": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersType:InsightFiltersType" }, "description": "A finding type in the format of `namespace/category/classifier` that classifies a finding. See String Filter below for more details.\n" }, "updatedAts": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersUpdatedAt:InsightFiltersUpdatedAt" }, "description": "An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.\n" }, "userDefinedValues": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersUserDefinedValue:InsightFiltersUserDefinedValue" }, "description": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.\n" }, "verificationStates": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersVerificationState:InsightFiltersVerificationState" }, "description": "The veracity of a finding. See String Filter below for more details.\n" }, "workflowStatuses": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/InsightFiltersWorkflowStatus:InsightFiltersWorkflowStatus" }, "description": "The status of the investigation into a finding. See Workflow Status Filter below for more details.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersAwsAccountId:InsightFiltersAwsAccountId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersCompanyName:InsightFiltersCompanyName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersComplianceStatus:InsightFiltersComplianceStatus": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersConfidence:InsightFiltersConfidence": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersCreatedAt:InsightFiltersCreatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersCreatedAtDateRange:InsightFiltersCreatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersCreatedAtDateRange:InsightFiltersCreatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersCriticality:InsightFiltersCriticality": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersDescription:InsightFiltersDescription": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFindingProviderFieldsConfidence:InsightFiltersFindingProviderFieldsConfidence": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersFindingProviderFieldsCriticality:InsightFiltersFindingProviderFieldsCriticality": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersFindingProviderFieldsRelatedFindingsId:InsightFiltersFindingProviderFieldsRelatedFindingsId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFindingProviderFieldsRelatedFindingsProductArn:InsightFiltersFindingProviderFieldsRelatedFindingsProductArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFindingProviderFieldsSeverityLabel:InsightFiltersFindingProviderFieldsSeverityLabel": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFindingProviderFieldsSeverityOriginal:InsightFiltersFindingProviderFieldsSeverityOriginal": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFindingProviderFieldsType:InsightFiltersFindingProviderFieldsType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersFirstObservedAt:InsightFiltersFirstObservedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersFirstObservedAtDateRange:InsightFiltersFirstObservedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersFirstObservedAtDateRange:InsightFiltersFirstObservedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersGeneratorId:InsightFiltersGeneratorId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersId:InsightFiltersId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersKeyword:InsightFiltersKeyword": { "properties": { "value": { "type": "string", "description": "A value for the keyword.\n" } }, "type": "object", "required": [ "value" ] }, "aws:securityhub/InsightFiltersLastObservedAt:InsightFiltersLastObservedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersLastObservedAtDateRange:InsightFiltersLastObservedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersLastObservedAtDateRange:InsightFiltersLastObservedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersMalwareName:InsightFiltersMalwareName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersMalwarePath:InsightFiltersMalwarePath": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersMalwareState:InsightFiltersMalwareState": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersMalwareType:InsightFiltersMalwareType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkDestinationDomain:InsightFiltersNetworkDestinationDomain": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkDestinationIpv4:InsightFiltersNetworkDestinationIpv4": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersNetworkDestinationIpv6:InsightFiltersNetworkDestinationIpv6": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersNetworkDestinationPort:InsightFiltersNetworkDestinationPort": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersNetworkDirection:InsightFiltersNetworkDirection": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkProtocol:InsightFiltersNetworkProtocol": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkSourceDomain:InsightFiltersNetworkSourceDomain": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkSourceIpv4:InsightFiltersNetworkSourceIpv4": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersNetworkSourceIpv6:InsightFiltersNetworkSourceIpv6": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersNetworkSourceMac:InsightFiltersNetworkSourceMac": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNetworkSourcePort:InsightFiltersNetworkSourcePort": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersNoteText:InsightFiltersNoteText": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersNoteUpdatedAt:InsightFiltersNoteUpdatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersNoteUpdatedAtDateRange:InsightFiltersNoteUpdatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersNoteUpdatedAtDateRange:InsightFiltersNoteUpdatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersNoteUpdatedBy:InsightFiltersNoteUpdatedBy": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersProcessLaunchedAt:InsightFiltersProcessLaunchedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessLaunchedAtDateRange:InsightFiltersProcessLaunchedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersProcessLaunchedAtDateRange:InsightFiltersProcessLaunchedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersProcessName:InsightFiltersProcessName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersProcessParentPid:InsightFiltersProcessParentPid": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersProcessPath:InsightFiltersProcessPath": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersProcessPid:InsightFiltersProcessPid": { "properties": { "eq": { "type": "string", "description": "The equal-to condition to be applied to a single field when querying for findings, provided as a String.\n" }, "gte": { "type": "string", "description": "The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" }, "lte": { "type": "string", "description": "The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersProcessTerminatedAt:InsightFiltersProcessTerminatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersProcessTerminatedAtDateRange:InsightFiltersProcessTerminatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersProcessTerminatedAtDateRange:InsightFiltersProcessTerminatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersProductArn:InsightFiltersProductArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersProductField:InsightFiltersProductField": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter. For example, for `ResourceTags`, `Key` identifies the name of the tag. For `UserDefinedFields`, `Key` is the name of the field.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/InsightFiltersProductName:InsightFiltersProductName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersRecommendationText:InsightFiltersRecommendationText": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersRecordState:InsightFiltersRecordState": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersRelatedFindingsId:InsightFiltersRelatedFindingsId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersRelatedFindingsProductArn:InsightFiltersRelatedFindingsProductArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn:InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceImageId:InsightFiltersResourceAwsEc2InstanceImageId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceIpv4Address:InsightFiltersResourceAwsEc2InstanceIpv4Address": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceIpv6Address:InsightFiltersResourceAwsEc2InstanceIpv6Address": { "properties": { "cidr": { "type": "string", "description": "A finding's CIDR value.\n" } }, "type": "object", "required": [ "cidr" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceKeyName:InsightFiltersResourceAwsEc2InstanceKeyName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceLaunchedAt:InsightFiltersResourceAwsEc2InstanceLaunchedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange:InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange:InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceSubnetId:InsightFiltersResourceAwsEc2InstanceSubnetId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceType:InsightFiltersResourceAwsEc2InstanceType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsEc2InstanceVpcId:InsightFiltersResourceAwsEc2InstanceVpcId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsIamAccessKeyCreatedAt:InsightFiltersResourceAwsIamAccessKeyCreatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange:InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange:InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsIamAccessKeyStatus:InsightFiltersResourceAwsIamAccessKeyStatus": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsIamAccessKeyUserName:InsightFiltersResourceAwsIamAccessKeyUserName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsS3BucketOwnerId:InsightFiltersResourceAwsS3BucketOwnerId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceAwsS3BucketOwnerName:InsightFiltersResourceAwsS3BucketOwnerName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceContainerImageId:InsightFiltersResourceContainerImageId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceContainerImageName:InsightFiltersResourceContainerImageName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceContainerLaunchedAt:InsightFiltersResourceContainerLaunchedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersResourceContainerLaunchedAtDateRange:InsightFiltersResourceContainerLaunchedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersResourceContainerLaunchedAtDateRange:InsightFiltersResourceContainerLaunchedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersResourceContainerName:InsightFiltersResourceContainerName": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceDetailsOther:InsightFiltersResourceDetailsOther": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter. For example, for `ResourceTags`, `Key` identifies the name of the tag. For `UserDefinedFields`, `Key` is the name of the field.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/InsightFiltersResourceId:InsightFiltersResourceId": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourcePartition:InsightFiltersResourcePartition": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceRegion:InsightFiltersResourceRegion": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersResourceTag:InsightFiltersResourceTag": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter. For example, for `ResourceTags`, `Key` identifies the name of the tag. For `UserDefinedFields`, `Key` is the name of the field.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/InsightFiltersResourceType:InsightFiltersResourceType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersSeverityLabel:InsightFiltersSeverityLabel": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersSourceUrl:InsightFiltersSourceUrl": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorCategory:InsightFiltersThreatIntelIndicatorCategory": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorLastObservedAt:InsightFiltersThreatIntelIndicatorLastObservedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersThreatIntelIndicatorLastObservedAtDateRange:InsightFiltersThreatIntelIndicatorLastObservedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersThreatIntelIndicatorLastObservedAtDateRange:InsightFiltersThreatIntelIndicatorLastObservedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorSource:InsightFiltersThreatIntelIndicatorSource": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorSourceUrl:InsightFiltersThreatIntelIndicatorSourceUrl": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorType:InsightFiltersThreatIntelIndicatorType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersThreatIntelIndicatorValue:InsightFiltersThreatIntelIndicatorValue": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersTitle:InsightFiltersTitle": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersType:InsightFiltersType": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersUpdatedAt:InsightFiltersUpdatedAt": { "properties": { "dateRange": { "$ref": "#/types/aws:securityhub/InsightFiltersUpdatedAtDateRange:InsightFiltersUpdatedAtDateRange", "description": "A configuration block of the date range for the date filter. See date_range below for more details.\n" }, "end": { "type": "string", "description": "An end date for the date filter. Required with `start` if `date_range` is not specified.\n" }, "start": { "type": "string", "description": "A start date for the date filter. Required with `end` if `date_range` is not specified.\n" } }, "type": "object" }, "aws:securityhub/InsightFiltersUpdatedAtDateRange:InsightFiltersUpdatedAtDateRange": { "properties": { "unit": { "type": "string", "description": "A date range unit for the date filter. Valid values: `DAYS`.\n" }, "value": { "type": "integer", "description": "A date range value for the date filter, provided as an Integer.\n" } }, "type": "object", "required": [ "unit", "value" ] }, "aws:securityhub/InsightFiltersUserDefinedValue:InsightFiltersUserDefinedValue": { "properties": { "comparison": { "type": "string" }, "key": { "type": "string", "description": "The key of the map filter. For example, for `ResourceTags`, `Key` identifies the name of the tag. For `UserDefinedFields`, `Key` is the name of the field.\n" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "key", "value" ] }, "aws:securityhub/InsightFiltersVerificationState:InsightFiltersVerificationState": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/InsightFiltersWorkflowStatus:InsightFiltersWorkflowStatus": { "properties": { "comparison": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "required": [ "comparison", "value" ] }, "aws:securityhub/OrganizationConfigurationOrganizationConfiguration:OrganizationConfigurationOrganizationConfiguration": { "properties": { "configurationType": { "type": "string", "description": "Indicates whether the organization uses local or central configuration. If using central configuration, `auto_enable` must be set to `false` and `auto_enable_standards` set to `NONE`. More information can be found in the [documentation for central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html). Valid values: `LOCAL`, `CENTRAL`.\n" } }, "type": "object", "required": [ "configurationType" ] }, "aws:securitylake/AwsLogSourceSource:AwsLogSourceSource": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "Specify the AWS account information where you want to enable Security Lake.\nIf not specified, uses all accounts included in the Security Lake.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "Specify the Regions where you want to enable Security Lake.\n" }, "sourceName": { "type": "string", "description": "The name for a AWS source. This must be a Regionally unique value. Valid values: `ROUTE53`, `VPC_FLOW`, `SH_FINDINGS`, `CLOUD_TRAIL_MGMT`, `LAMBDA_EXECUTION`, `S3_DATA`.\n" }, "sourceVersion": { "type": "string", "description": "The version for a AWS source.\nIf not specified, the version will be the default.\nThis must be a Regionally unique value.\n" } }, "type": "object", "required": [ "regions", "sourceName" ], "language": { "nodejs": { "requiredOutputs": [ "accounts", "regions", "sourceName", "sourceVersion" ] } } }, "aws:securitylake/CustomLogSourceAttribute:CustomLogSourceAttribute": { "properties": { "crawlerArn": { "type": "string", "description": "The ARN of the AWS Glue crawler.\n" }, "databaseArn": { "type": "string", "description": "The ARN of the AWS Glue database where results are written.\n" }, "tableArn": { "type": "string", "description": "The ARN of the AWS Glue table.\n" } }, "type": "object", "required": [ "crawlerArn", "databaseArn", "tableArn" ] }, "aws:securitylake/CustomLogSourceConfiguration:CustomLogSourceConfiguration": { "properties": { "crawlerConfiguration": { "$ref": "#/types/aws:securitylake/CustomLogSourceConfigurationCrawlerConfiguration:CustomLogSourceConfigurationCrawlerConfiguration", "description": "The configuration for the Glue Crawler for the third-party custom source.\n" }, "providerIdentity": { "$ref": "#/types/aws:securitylake/CustomLogSourceConfigurationProviderIdentity:CustomLogSourceConfigurationProviderIdentity", "description": "The identity of the log provider for the third-party custom source.\n" } }, "type": "object" }, "aws:securitylake/CustomLogSourceConfigurationCrawlerConfiguration:CustomLogSourceConfigurationCrawlerConfiguration": { "properties": { "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role to be used by the AWS Glue crawler.\n" } }, "type": "object", "required": [ "roleArn" ] }, "aws:securitylake/CustomLogSourceConfigurationProviderIdentity:CustomLogSourceConfigurationProviderIdentity": { "properties": { "externalId": { "type": "string", "description": "The external ID used to estalish trust relationship with the AWS identity.\n" }, "principal": { "type": "string", "description": "The AWS identity principal.\n" } }, "type": "object", "required": [ "externalId", "principal" ] }, "aws:securitylake/CustomLogSourceProviderDetail:CustomLogSourceProviderDetail": { "properties": { "location": { "type": "string", "description": "The location of the partition in the Amazon S3 bucket for Security Lake.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the entity putting logs into your custom source partition.\n" } }, "type": "object", "required": [ "location", "roleArn" ] }, "aws:securitylake/DataLakeConfiguration:DataLakeConfiguration": { "properties": { "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/DataLakeConfigurationEncryptionConfiguration:DataLakeConfigurationEncryptionConfiguration" }, "description": "Provides encryption details of Amazon Security Lake object.\n" }, "lifecycleConfiguration": { "$ref": "#/types/aws:securitylake/DataLakeConfigurationLifecycleConfiguration:DataLakeConfigurationLifecycleConfiguration", "description": "Provides lifecycle details of Amazon Security Lake object.\n" }, "region": { "type": "string", "description": "The AWS Regions where Security Lake is automatically enabled.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:securitylake/DataLakeConfigurationReplicationConfiguration:DataLakeConfigurationReplicationConfiguration", "description": "Provides replication details of Amazon Security Lake object.\n" } }, "type": "object", "required": [ "region" ], "language": { "nodejs": { "requiredOutputs": [ "encryptionConfigurations", "region" ] } } }, "aws:securitylake/DataLakeConfigurationEncryptionConfiguration:DataLakeConfigurationEncryptionConfiguration": { "properties": { "kmsKeyId": { "type": "string", "description": "The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.\n" } }, "type": "object", "required": [ "kmsKeyId" ] }, "aws:securitylake/DataLakeConfigurationLifecycleConfiguration:DataLakeConfigurationLifecycleConfiguration": { "properties": { "expiration": { "$ref": "#/types/aws:securitylake/DataLakeConfigurationLifecycleConfigurationExpiration:DataLakeConfigurationLifecycleConfigurationExpiration", "description": "Provides data expiration details of Amazon Security Lake object.\n" }, "transitions": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/DataLakeConfigurationLifecycleConfigurationTransition:DataLakeConfigurationLifecycleConfigurationTransition" }, "description": "Provides data storage transition details of Amazon Security Lake object.\n" } }, "type": "object" }, "aws:securitylake/DataLakeConfigurationLifecycleConfigurationExpiration:DataLakeConfigurationLifecycleConfigurationExpiration": { "properties": { "days": { "type": "integer", "description": "Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.\n" } }, "type": "object" }, "aws:securitylake/DataLakeConfigurationLifecycleConfigurationTransition:DataLakeConfigurationLifecycleConfigurationTransition": { "properties": { "days": { "type": "integer", "description": "Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.\n" }, "storageClass": { "type": "string", "description": "The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.\n" } }, "type": "object" }, "aws:securitylake/DataLakeConfigurationReplicationConfiguration:DataLakeConfigurationReplicationConfiguration": { "properties": { "regions": { "type": "array", "items": { "type": "string" }, "description": "Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.\n" }, "roleArn": { "type": "string", "description": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.\n" } }, "type": "object" }, "aws:securitylake/DataLakeTimeouts:DataLakeTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:securitylake/SubscriberNotificationConfiguration:SubscriberNotificationConfiguration": { "properties": { "httpsNotificationConfiguration": { "$ref": "#/types/aws:securitylake/SubscriberNotificationConfigurationHttpsNotificationConfiguration:SubscriberNotificationConfigurationHttpsNotificationConfiguration", "description": "The configurations for HTTPS subscriber notification.\n" }, "sqsNotificationConfiguration": { "$ref": "#/types/aws:securitylake/SubscriberNotificationConfigurationSqsNotificationConfiguration:SubscriberNotificationConfigurationSqsNotificationConfiguration", "description": "The configurations for SQS subscriber notification.\nThere are no parameters within `sqs_notification_configuration`.\n" } }, "type": "object" }, "aws:securitylake/SubscriberNotificationConfigurationHttpsNotificationConfiguration:SubscriberNotificationConfigurationHttpsNotificationConfiguration": { "properties": { "authorizationApiKeyName": { "type": "string", "description": "The API key name for the notification subscription.\n" }, "authorizationApiKeyValue": { "type": "string", "description": "The API key value for the notification subscription.\n", "secret": true }, "endpoint": { "type": "string", "description": "The subscription endpoint in Security Lake.\nIf you prefer notification with an HTTPS endpoint, populate this field.\n" }, "httpMethod": { "type": "string", "description": "The HTTP method used for the notification subscription.\nValid values are `POST` and `PUT`.\n" }, "targetRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created.\nFor more information about ARNs and how to use them in policies, see Managing data access and AWS Managed Policies in the Amazon Security Lake User Guide.\n" } }, "type": "object", "required": [ "endpoint", "targetRoleArn" ] }, "aws:securitylake/SubscriberNotificationConfigurationSqsNotificationConfiguration:SubscriberNotificationConfigurationSqsNotificationConfiguration": { "type": "object" }, "aws:securitylake/SubscriberSource:SubscriberSource": { "properties": { "awsLogSourceResource": { "$ref": "#/types/aws:securitylake/SubscriberSourceAwsLogSourceResource:SubscriberSourceAwsLogSourceResource", "description": "Amazon Security Lake supports log and event collection for natively supported AWS services. See `aws_log_source_resource` Block below.\n" }, "customLogSourceResource": { "$ref": "#/types/aws:securitylake/SubscriberSourceCustomLogSourceResource:SubscriberSourceCustomLogSourceResource", "description": "Amazon Security Lake supports custom source types. See `custom_log_source_resource` Block below.\n" } }, "type": "object" }, "aws:securitylake/SubscriberSourceAwsLogSourceResource:SubscriberSourceAwsLogSourceResource": { "properties": { "sourceName": { "type": "string", "description": "Provides data expiration details of Amazon Security Lake object.\n" }, "sourceVersion": { "type": "string", "description": "Provides data storage transition details of Amazon Security Lake object.\n" } }, "type": "object", "required": [ "sourceName" ], "language": { "nodejs": { "requiredOutputs": [ "sourceName", "sourceVersion" ] } } }, "aws:securitylake/SubscriberSourceCustomLogSourceResource:SubscriberSourceCustomLogSourceResource": { "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/SubscriberSourceCustomLogSourceResourceAttribute:SubscriberSourceCustomLogSourceResourceAttribute" }, "description": "The attributes of the third-party custom source. See `attributes` Block below.\n" }, "providers": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/SubscriberSourceCustomLogSourceResourceProvider:SubscriberSourceCustomLogSourceResourceProvider" }, "description": "The details of the log provider for the third-party custom source. See `provider` Block below.\n" }, "sourceName": { "type": "string", "description": "The name for a third-party custom source. This must be a Regionally unique value.\n" }, "sourceVersion": { "type": "string", "description": "The version for a third-party custom source. This must be a Regionally unique value.\n" } }, "type": "object", "required": [ "sourceName" ], "language": { "nodejs": { "requiredOutputs": [ "attributes", "providers", "sourceName", "sourceVersion" ] } } }, "aws:securitylake/SubscriberSourceCustomLogSourceResourceAttribute:SubscriberSourceCustomLogSourceResourceAttribute": { "properties": { "crawlerArn": { "type": "string", "description": "The ARN of the AWS Glue crawler.\n" }, "databaseArn": { "type": "string", "description": "The ARN of the AWS Glue database where results are written.\n" }, "tableArn": { "type": "string", "description": "The ARN of the AWS Glue table.\n" } }, "type": "object", "required": [ "crawlerArn", "databaseArn", "tableArn" ] }, "aws:securitylake/SubscriberSourceCustomLogSourceResourceProvider:SubscriberSourceCustomLogSourceResourceProvider": { "properties": { "location": { "type": "string", "description": "The location of the partition in the Amazon S3 bucket for Security Lake.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the entity putting logs into your custom source partition.\n" } }, "type": "object", "required": [ "location", "roleArn" ] }, "aws:securitylake/SubscriberSubscriberIdentity:SubscriberSubscriberIdentity": { "properties": { "externalId": { "type": "string", "description": "The AWS Regions where Security Lake is automatically enabled.\n" }, "principal": { "type": "string", "description": "Provides encryption details of Amazon Security Lake object.\n" } }, "type": "object", "required": [ "externalId", "principal" ] }, "aws:securitylake/SubscriberTimeouts:SubscriberTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:servicecatalog/ProductProvisioningArtifactParameters:ProductProvisioningArtifactParameters": { "properties": { "description": { "type": "string", "description": "Description of the provisioning artifact (i.e., version), including how it differs from the previous provisioning artifact.\n", "willReplaceOnChanges": true }, "disableTemplateValidation": { "type": "boolean", "description": "Whether AWS Service Catalog stops validating the specified provisioning artifact template even if it is invalid.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the provisioning artifact (for example, `v1`, `v2beta`). No spaces are allowed.\n", "willReplaceOnChanges": true }, "templatePhysicalId": { "type": "string", "description": "Template source as the physical ID of the resource that contains the template. Currently only supports CloudFormation stack ARN. Specify the physical ID as `arn:[partition]:cloudformation:[region]:[account ID]:stack/[stack name]/[resource ID]`.\n", "willReplaceOnChanges": true }, "templateUrl": { "type": "string", "description": "Template source as URL of the CloudFormation template in Amazon S3.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of provisioning artifact. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisioningArtifactProperties.html) for valid list of values.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:servicecatalog/ProvisionedProductOutput:ProvisionedProductOutput": { "properties": { "description": { "type": "string", "description": "The description of the output.\n" }, "key": { "type": "string", "description": "The output key.\n" }, "value": { "type": "string", "description": "The output value.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "description", "key", "value" ] } } }, "aws:servicecatalog/ProvisionedProductProvisioningParameter:ProvisionedProductProvisioningParameter": { "properties": { "key": { "type": "string", "description": "Parameter key.\n" }, "usePreviousValue": { "type": "boolean", "description": "Whether to ignore `value` and keep the previous parameter value. Ignored when initially provisioning a product.\n" }, "value": { "type": "string", "description": "Parameter value.\n" } }, "type": "object", "required": [ "key" ] }, "aws:servicecatalog/ProvisionedProductStackSetProvisioningPreferences:ProvisionedProductStackSetProvisioningPreferences": { "properties": { "accounts": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS accounts that will have access to the provisioned product. The AWS accounts specified should be within the list of accounts in the STACKSET constraint. To get the list of accounts in the STACKSET constraint, use the `aws_servicecatalog_provisioning_parameters` data source. If no values are specified, the default value is all accounts from the STACKSET constraint.\n" }, "failureToleranceCount": { "type": "integer", "description": "Number of accounts, per region, for which this operation can fail before AWS Service Catalog stops the operation in that region. If the operation is stopped in a region, AWS Service Catalog doesn't attempt the operation in any subsequent regions. You must specify either `failure_tolerance_count` or `failure_tolerance_percentage`, but not both. The default value is 0 if no value is specified.\n" }, "failureTolerancePercentage": { "type": "integer", "description": "Percentage of accounts, per region, for which this stack operation can fail before AWS Service Catalog stops the operation in that region. If the operation is stopped in a region, AWS Service Catalog doesn't attempt the operation in any subsequent regions. When calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. You must specify either `failure_tolerance_count` or `failure_tolerance_percentage`, but not both.\n" }, "maxConcurrencyCount": { "type": "integer", "description": "Maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `failure_tolerance_count`. `max_concurrency_count` is at most one more than the `failure_tolerance_count`. Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. You must specify either `max_concurrency_count` or `max_concurrency_percentage`, but not both.\n" }, "maxConcurrencyPercentage": { "type": "integer", "description": "Maximum percentage of accounts in which to perform this operation at one time. When calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as 1 instead. Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. You must specify either `max_concurrency_count` or `max_concurrency_percentage`, but not both.\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS Regions where the provisioned product will be available. The specified regions should be within the list of regions from the STACKSET constraint. To get the list of regions in the STACKSET constraint, use the `aws_servicecatalog_provisioning_parameters` data source. If no values are specified, the default value is all regions from the STACKSET constraint.\n" } }, "type": "object" }, "aws:servicecatalog/ServiceActionDefinition:ServiceActionDefinition": { "properties": { "assumeRole": { "type": "string", "description": "ARN of the role that performs the self-service actions on your behalf. For example, `arn:aws:iam::12345678910:role/ActionRole`. To reuse the provisioned product launch role, set to `LAUNCH_ROLE`.\n" }, "name": { "type": "string", "description": "Name of the SSM document. For example, `AWS-RestartEC2Instance`. If you are using a shared SSM document, you must provide the ARN instead of the name.\n" }, "parameters": { "type": "string", "description": "List of parameters in JSON format. For example: `[{\\\"Name\\\":\\\"InstanceId\\\",\\\"Type\\\":\\\"TARGET\\\"}]` or `[{\\\"Name\\\":\\\"InstanceId\\\",\\\"Type\\\":\\\"TEXT_VALUE\\\"}]`.\n" }, "type": { "type": "string", "description": "Service action definition type. Valid value is `SSM_AUTOMATION`. Default is `SSM_AUTOMATION`.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "SSM document version. For example, `1`.\n" } }, "type": "object", "required": [ "name", "version" ] }, "aws:servicecatalog/getLaunchPathsSummary:getLaunchPathsSummary": { "properties": { "constraintSummaries": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/getLaunchPathsSummaryConstraintSummary:getLaunchPathsSummaryConstraintSummary" }, "description": "Block for constraints on the portfolio-product relationship. See details below.\n" }, "name": { "type": "string", "description": "Name of the portfolio to which the path was assigned.\n" }, "pathId": { "type": "string", "description": "Identifier of the product path.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags associated with this product path.\n" } }, "type": "object", "required": [ "constraintSummaries", "name", "pathId", "tags" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicecatalog/getLaunchPathsSummaryConstraintSummary:getLaunchPathsSummaryConstraintSummary": { "properties": { "description": { "type": "string", "description": "Description of the constraint.\n" }, "type": { "type": "string", "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `STACKSET`, and `TEMPLATE`.\n" } }, "type": "object", "required": [ "description", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicecatalog/getPortfolioConstraintsDetail:getPortfolioConstraintsDetail": { "properties": { "constraintId": { "type": "string", "description": "Identifier of the constraint.\n" }, "description": { "type": "string", "description": "Description of the constraint.\n" }, "owner": { "type": "string" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n\nThe following arguments are optional:\n" }, "productId": { "type": "string", "description": "Product identifier.\n" }, "type": { "type": "string", "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `STACKSET`, and `TEMPLATE`.\n" } }, "type": "object", "required": [ "constraintId", "description", "owner", "portfolioId", "productId", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicecatalog/getProvisioningArtifactsProvisioningArtifactDetail:getProvisioningArtifactsProvisioningArtifactDetail": { "properties": { "active": { "type": "boolean", "description": "Indicates whether the product version is active.\n" }, "createdTime": { "type": "string", "description": "The UTC time stamp of the creation time.\n" }, "description": { "type": "string", "description": "The description of the provisioning artifact.\n" }, "guidance": { "type": "string", "description": "Information set by the administrator to provide guidance to end users about which provisioning artifacts to use.\n" }, "id": { "type": "string", "description": "The identifier of the provisioning artifact.\n" }, "name": { "type": "string", "description": "The name of the provisioning artifact.\n" }, "type": { "type": "string", "description": "The type of provisioning artifact.\n" } }, "type": "object", "required": [ "active", "createdTime", "description", "guidance", "id", "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig": { "properties": { "dnsRecords": { "type": "array", "items": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfigDnsRecord:ServiceDnsConfigDnsRecord" }, "description": "An array that contains one DnsRecord object for each resource record set. See `dns_records` Block for details.\n" }, "namespaceId": { "type": "string", "description": "The ID of the namespace to use for DNS configuration.\n", "willReplaceOnChanges": true }, "routingPolicy": { "type": "string", "description": "The routing policy that you want to apply to all records that Route 53 creates when you register an instance and specify the service. Valid Values: MULTIVALUE, WEIGHTED\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "dnsRecords", "namespaceId" ] }, "aws:servicediscovery/ServiceDnsConfigDnsRecord:ServiceDnsConfigDnsRecord": { "properties": { "ttl": { "type": "integer", "description": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this resource record set.\n" }, "type": { "type": "string", "description": "The type of the resource, which indicates the value that Amazon Route 53 returns in response to DNS queries. Valid Values: A, AAAA, SRV, CNAME\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "ttl", "type" ] }, "aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks. Maximum value of 10.\n" }, "resourcePath": { "type": "string", "description": "The path that you want Route 53 to request when performing health checks. Route 53 automatically adds the DNS name for the service. If you don't specify a value, the default value is /.\n" }, "type": { "type": "string", "description": "The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. Valid Values: HTTP, HTTPS, TCP\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of 30-second intervals that you want service discovery to wait before it changes the health status of a service instance. Maximum value of 10.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:servicediscovery/getServiceDnsConfig:getServiceDnsConfig": { "properties": { "dnsRecords": { "type": "array", "items": { "$ref": "#/types/aws:servicediscovery/getServiceDnsConfigDnsRecord:getServiceDnsConfigDnsRecord" }, "description": "An array that contains one DnsRecord object for each resource record set. See `dns_records` Block for details.\n" }, "namespaceId": { "type": "string", "description": "ID of the namespace that the service belongs to.\n" }, "routingPolicy": { "type": "string", "description": "Routing policy that you want to apply to all records that Route 53 creates when you register an instance and specify the service. Valid Values: MULTIVALUE, WEIGHTED\n" } }, "type": "object", "required": [ "dnsRecords", "namespaceId", "routingPolicy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicediscovery/getServiceDnsConfigDnsRecord:getServiceDnsConfigDnsRecord": { "properties": { "ttl": { "type": "integer", "description": "Amount of time, in seconds, that you want DNS resolvers to cache the settings for this resource record set.\n" }, "type": { "type": "string", "description": "The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. Valid Values: HTTP, HTTPS, TCP\n" } }, "type": "object", "required": [ "ttl", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicediscovery/getServiceHealthCheckConfig:getServiceHealthCheckConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of 30-second intervals that you want service discovery to wait before it changes the health status of a service instance. Maximum value of 10.\n" }, "resourcePath": { "type": "string", "description": "Path that you want Route 53 to request when performing health checks. Route 53 automatically adds the DNS name for the service. If you don't specify a value, the default value is /.\n" }, "type": { "type": "string", "description": "The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. Valid Values: HTTP, HTTPS, TCP\n" } }, "type": "object", "required": [ "failureThreshold", "resourcePath", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicediscovery/getServiceHealthCheckCustomConfig:getServiceHealthCheckCustomConfig": { "properties": { "failureThreshold": { "type": "integer", "description": "The number of 30-second intervals that you want service discovery to wait before it changes the health status of a service instance. Maximum value of 10.\n" } }, "type": "object", "required": [ "failureThreshold" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicequotas/ServiceQuotaUsageMetric:ServiceQuotaUsageMetric": { "properties": { "metricDimensions": { "type": "array", "items": { "$ref": "#/types/aws:servicequotas/ServiceQuotaUsageMetricMetricDimension:ServiceQuotaUsageMetricMetricDimension" }, "description": "The metric dimensions.\n" }, "metricName": { "type": "string", "description": "The name of the metric.\n" }, "metricNamespace": { "type": "string", "description": "The namespace of the metric.\n" }, "metricStatisticRecommendation": { "type": "string", "description": "The metric statistic that AWS recommend you use when determining quota usage.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "metricDimensions", "metricName", "metricNamespace", "metricStatisticRecommendation" ] } } }, "aws:servicequotas/ServiceQuotaUsageMetricMetricDimension:ServiceQuotaUsageMetricMetricDimension": { "properties": { "class": { "type": "string" }, "resource": { "type": "string" }, "service": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "class", "resource", "service", "type" ] } } }, "aws:servicequotas/getServiceQuotaUsageMetric:getServiceQuotaUsageMetric": { "properties": { "metricDimensions": { "type": "array", "items": { "$ref": "#/types/aws:servicequotas/getServiceQuotaUsageMetricMetricDimension:getServiceQuotaUsageMetricMetricDimension" }, "description": "The metric dimensions.\n" }, "metricName": { "type": "string", "description": "The name of the metric.\n" }, "metricNamespace": { "type": "string", "description": "The namespace of the metric.\n" }, "metricStatisticRecommendation": { "type": "string", "description": "The metric statistic that AWS recommend you use when determining quota usage.\n" } }, "type": "object", "required": [ "metricDimensions", "metricName", "metricNamespace", "metricStatisticRecommendation" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicequotas/getServiceQuotaUsageMetricMetricDimension:getServiceQuotaUsageMetricMetricDimension": { "properties": { "class": { "type": "string" }, "resource": { "type": "string" }, "service": { "type": "string" }, "type": { "type": "string" } }, "type": "object", "required": [ "class", "resource", "service", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:servicequotas/getTemplatesTemplate:getTemplatesTemplate": { "properties": { "globalQuota": { "type": "boolean", "description": "Indicates whether the quota is global.\n" }, "quotaCode": { "type": "string", "description": "Quota identifier.\n" }, "quotaName": { "type": "string", "description": "Quota name.\n" }, "region": { "type": "string", "description": "AWS Region to which the quota increases apply.\n" }, "serviceCode": { "type": "string", "description": "(Required) Service identifier.\n" }, "serviceName": { "type": "string", "description": "Service name.\n" }, "unit": { "type": "string", "description": "Unit of measurement.\n" }, "value": { "type": "number", "description": "(Required) The new, increased value for the quota.\n" } }, "type": "object", "required": [ "globalQuota", "quotaCode", "quotaName", "region", "serviceCode", "serviceName", "unit", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ses/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions": { "properties": { "tlsPolicy": { "type": "string", "description": "Whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `Require`, messages are only delivered if a TLS connection can be established. If the value is `Optional`, messages can be delivered in plain text if a TLS connection can't be established. Valid values: `Require` or `Optional`. Defaults to `Optional`.\n" } }, "type": "object" }, "aws:ses/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions": { "properties": { "customRedirectDomain": { "type": "string", "description": "Custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.\n" } }, "type": "object" }, "aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination": { "properties": { "defaultValue": { "type": "string", "description": "The default value for the event\n" }, "dimensionName": { "type": "string", "description": "The name for the dimension\n" }, "valueSource": { "type": "string", "description": "The source for the value. May be any of `\"messageTag\"`, `\"emailHeader\"` or `\"linkTag\"`.\n" } }, "type": "object", "required": [ "defaultValue", "dimensionName", "valueSource" ] }, "aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination": { "properties": { "roleArn": { "type": "string", "description": "The ARN of the role that has permissions to access the Kinesis Stream\n" }, "streamArn": { "type": "string", "description": "The ARN of the Kinesis Stream\n" } }, "type": "object", "required": [ "roleArn", "streamArn" ] }, "aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination": { "properties": { "topicArn": { "type": "string", "description": "The ARN of the SNS topic\n" } }, "type": "object", "required": [ "topicArn" ] }, "aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction": { "properties": { "headerName": { "type": "string", "description": "The name of the header to add\n" }, "headerValue": { "type": "string", "description": "The value of the header to add\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" } }, "type": "object", "required": [ "headerName", "headerValue", "position" ] }, "aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction": { "properties": { "message": { "type": "string", "description": "The message to send\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "sender": { "type": "string", "description": "The email address of the sender\n" }, "smtpReplyCode": { "type": "string", "description": "The RFC 5321 SMTP reply code\n" }, "statusCode": { "type": "string", "description": "The RFC 3463 SMTP enhanced status code\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "message", "position", "sender", "smtpReplyCode" ] }, "aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction": { "properties": { "functionArn": { "type": "string", "description": "The ARN of the Lambda function to invoke\n" }, "invocationType": { "type": "string", "description": "`Event` or `RequestResponse`\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "functionArn", "position" ] }, "aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action": { "properties": { "bucketName": { "type": "string", "description": "The name of the S3 bucket\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key\n" }, "objectKeyPrefix": { "type": "string", "description": "The key prefix of the S3 bucket\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "bucketName", "position" ] }, "aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction": { "properties": { "encoding": { "type": "string", "description": "The encoding to use for the email within the Amazon SNS notification. Default value is `UTF-8`.\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "position", "topicArn" ] }, "aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction": { "properties": { "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "scope": { "type": "string", "description": "The scope to apply. The only acceptable value is `RuleSet`.\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "position", "scope" ] }, "aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction": { "properties": { "organizationArn": { "type": "string", "description": "The ARN of the WorkMail organization\n" }, "position": { "type": "integer", "description": "The position of the action in the receipt rule\n" }, "topicArn": { "type": "string", "description": "The ARN of an SNS topic to notify\n" } }, "type": "object", "required": [ "organizationArn", "position" ] }, "aws:sesv2/AccountVdmAttributesDashboardAttributes:AccountVdmAttributesDashboardAttributes": { "properties": { "engagementMetrics": { "type": "string", "description": "Specifies the status of your VDM engagement metrics collection. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object" }, "aws:sesv2/AccountVdmAttributesGuardianAttributes:AccountVdmAttributesGuardianAttributes": { "properties": { "optimizedSharedDelivery": { "type": "string", "description": "Specifies the status of your VDM optimized shared delivery. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object" }, "aws:sesv2/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions": { "properties": { "sendingPoolName": { "type": "string", "description": "The name of the dedicated IP pool to associate with the configuration set.\n" }, "tlsPolicy": { "type": "string", "description": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). Valid values: `REQUIRE`, `OPTIONAL`.\n" } }, "type": "object" }, "aws:sesv2/ConfigurationSetEventDestinationEventDestination:ConfigurationSetEventDestinationEventDestination": { "properties": { "cloudWatchDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationCloudWatchDestination:ConfigurationSetEventDestinationEventDestinationCloudWatchDestination", "description": "An object that defines an Amazon CloudWatch destination for email events. See `cloud_watch_destination` Block for details.\n" }, "enabled": { "type": "boolean", "description": "When the event destination is enabled, the specified event types are sent to the destinations. Default: `false`.\n" }, "eventBridgeDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationEventBridgeDestination:ConfigurationSetEventDestinationEventDestinationEventBridgeDestination" }, "kinesisFirehoseDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestination:ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestination", "description": "An object that defines an Amazon Kinesis Data Firehose destination for email events. See `kinesis_firehose_destination` Block for details.\n" }, "matchingEventTypes": { "type": "array", "items": { "type": "string" }, "description": "An array that specifies which events the Amazon SES API v2 should send to the destinations. Valid values: `SEND`, `REJECT`, `BOUNCE`, `COMPLAINT`, `DELIVERY`, `OPEN`, `CLICK`, `RENDERING_FAILURE`, `DELIVERY_DELAY`, `SUBSCRIPTION`.\n" }, "pinpointDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationPinpointDestination:ConfigurationSetEventDestinationEventDestinationPinpointDestination", "description": "An object that defines an Amazon Pinpoint project destination for email events. See `pinpoint_destination` Block for details.\n" }, "snsDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationSnsDestination:ConfigurationSetEventDestinationEventDestinationSnsDestination", "description": "An object that defines an Amazon SNS destination for email events. See `sns_destination` Block for details.\n" } }, "type": "object", "required": [ "matchingEventTypes" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationCloudWatchDestination:ConfigurationSetEventDestinationEventDestinationCloudWatchDestination": { "properties": { "dimensionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfiguration:ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfiguration" }, "description": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch. See `dimension_configuration` Block for details.\n" } }, "type": "object", "required": [ "dimensionConfigurations" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfiguration:ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfiguration": { "properties": { "defaultDimensionValue": { "type": "string", "description": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email.\n" }, "dimensionName": { "type": "string", "description": "The name of an Amazon CloudWatch dimension associated with an email sending metric.\n" }, "dimensionValueSource": { "type": "string", "description": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. Valid values: `MESSAGE_TAG`, `EMAIL_HEADER`, `LINK_TAG`.\n" } }, "type": "object", "required": [ "defaultDimensionValue", "dimensionName", "dimensionValueSource" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationEventBridgeDestination:ConfigurationSetEventDestinationEventDestinationEventBridgeDestination": { "properties": { "eventBusArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported.\n" } }, "type": "object", "required": [ "eventBusArn" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestination:ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestination": { "properties": { "deliveryStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that the Amazon SES API v2 sends email events to.\n" }, "iamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.\n" } }, "type": "object", "required": [ "deliveryStreamArn", "iamRoleArn" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationPinpointDestination:ConfigurationSetEventDestinationEventDestinationPinpointDestination": { "properties": { "applicationArn": { "type": "string" } }, "type": "object", "required": [ "applicationArn" ] }, "aws:sesv2/ConfigurationSetEventDestinationEventDestinationSnsDestination:ConfigurationSetEventDestinationEventDestinationSnsDestination": { "properties": { "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic to publish email events to.\n" } }, "type": "object", "required": [ "topicArn" ] }, "aws:sesv2/ConfigurationSetReputationOptions:ConfigurationSetReputationOptions": { "properties": { "lastFreshStart": { "type": "string", "description": "The date and time (in Unix time) when the reputation metrics were last given a fresh start. When your account is given a fresh start, your reputation metrics are calculated starting from the date of the fresh start.\n" }, "reputationMetricsEnabled": { "type": "boolean", "description": "If `true`, tracking of reputation metrics is enabled for the configuration set. If `false`, tracking of reputation metrics is disabled for the configuration set.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "lastFreshStart", "reputationMetricsEnabled" ] } } }, "aws:sesv2/ConfigurationSetSendingOptions:ConfigurationSetSendingOptions": { "properties": { "sendingEnabled": { "type": "boolean", "description": "If `true`, email sending is enabled for the configuration set. If `false`, email sending is disabled for the configuration set.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "sendingEnabled" ] } } }, "aws:sesv2/ConfigurationSetSuppressionOptions:ConfigurationSetSuppressionOptions": { "properties": { "suppressedReasons": { "type": "array", "items": { "type": "string" }, "description": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. Valid values: `BOUNCE`, `COMPLAINT`.\n" } }, "type": "object" }, "aws:sesv2/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions": { "properties": { "customRedirectDomain": { "type": "string", "description": "The domain to use for tracking open and click events.\n" } }, "type": "object", "required": [ "customRedirectDomain" ] }, "aws:sesv2/ConfigurationSetVdmOptions:ConfigurationSetVdmOptions": { "properties": { "dashboardOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetVdmOptionsDashboardOptions:ConfigurationSetVdmOptionsDashboardOptions", "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard. See `dashboard_options` Block for details.\n" }, "guardianOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetVdmOptionsGuardianOptions:ConfigurationSetVdmOptionsGuardianOptions", "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian. See `guardian_options` Block for details.\n" } }, "type": "object" }, "aws:sesv2/ConfigurationSetVdmOptionsDashboardOptions:ConfigurationSetVdmOptionsDashboardOptions": { "properties": { "engagementMetrics": { "type": "string", "description": "Specifies the status of your VDM engagement metrics collection. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object" }, "aws:sesv2/ConfigurationSetVdmOptionsGuardianOptions:ConfigurationSetVdmOptionsGuardianOptions": { "properties": { "optimizedSharedDelivery": { "type": "string", "description": "Specifies the status of your VDM optimized shared delivery. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object" }, "aws:sesv2/ContactListTopic:ContactListTopic": { "properties": { "defaultSubscriptionStatus": { "type": "string", "description": "Default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.\n" }, "description": { "type": "string", "description": "Description of what the topic is about, which the contact will see.\n" }, "displayName": { "type": "string", "description": "Name of the topic the contact will see.\n" }, "topicName": { "type": "string", "description": "Name of the topic.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "defaultSubscriptionStatus", "displayName", "topicName" ] }, "aws:sesv2/EmailIdentityDkimSigningAttributes:EmailIdentityDkimSigningAttributes": { "properties": { "currentSigningKeyLength": { "type": "string", "description": "[Easy DKIM] The key length of the DKIM key pair in use.\n" }, "domainSigningPrivateKey": { "type": "string", "description": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature. The private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n\u003e **NOTE:** You have to delete the first and last lines ('-----BEGIN PRIVATE KEY-----' and '-----END PRIVATE KEY-----', respectively) of the generated private key. Additionally, you have to remove the line breaks in the generated private key. The resulting value is a string of characters with no spaces or line breaks.\n", "secret": true }, "domainSigningSelector": { "type": "string", "description": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.\n" }, "lastKeyGenerationTimestamp": { "type": "string", "description": "[Easy DKIM] The last time a key pair was generated for this identity.\n" }, "nextSigningKeyLength": { "type": "string", "description": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day. Valid values: `RSA_1024_BIT`, `RSA_2048_BIT`.\n" }, "signingAttributesOrigin": { "type": "string", "description": "A string that indicates how DKIM was configured for the identity. `AWS_SES` indicates that DKIM was configured for the identity by using Easy DKIM. `EXTERNAL` indicates that DKIM was configured for the identity by using Bring Your Own DKIM (BYODKIM).\n" }, "status": { "type": "string", "description": "Describes whether or not Amazon SES has successfully located the DKIM records in the DNS records for the domain. See the [AWS SES API v2 Reference](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DkimAttributes.html#SES-Type-DkimAttributes-Status) for supported statuses.\n" }, "tokens": { "type": "array", "items": { "type": "string" }, "description": "If you used Easy DKIM to configure DKIM authentication for the domain, then this object contains a set of unique strings that you use to create a set of CNAME records that you add to the DNS configuration for your domain. When Amazon SES detects these records in the DNS configuration for your domain, the DKIM authentication process is complete. If you configured DKIM authentication for the domain by providing your own public-private key pair, then this object contains the selector for the public key.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "currentSigningKeyLength", "lastKeyGenerationTimestamp", "nextSigningKeyLength", "signingAttributesOrigin", "status", "tokens" ] } } }, "aws:sesv2/getConfigurationSetDeliveryOption:getConfigurationSetDeliveryOption": { "properties": { "sendingPoolName": { "type": "string", "description": "The name of the dedicated IP pool to associate with the configuration set.\n" }, "tlsPolicy": { "type": "string", "description": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS).\n" } }, "type": "object", "required": [ "sendingPoolName", "tlsPolicy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetReputationOption:getConfigurationSetReputationOption": { "properties": { "lastFreshStart": { "type": "string", "description": "The date and time (in Unix time) when the reputation metrics were last given a fresh start.\n" }, "reputationMetricsEnabled": { "type": "boolean", "description": "Specifies whether tracking of reputation metrics is enabled.\n" } }, "type": "object", "required": [ "lastFreshStart", "reputationMetricsEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetSendingOption:getConfigurationSetSendingOption": { "properties": { "sendingEnabled": { "type": "boolean", "description": "Specifies whether email sending is enabled.\n" } }, "type": "object", "required": [ "sendingEnabled" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetSuppressionOption:getConfigurationSetSuppressionOption": { "properties": { "suppressedReasons": { "type": "array", "items": { "type": "string" }, "description": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account.\n" } }, "type": "object", "required": [ "suppressedReasons" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetTrackingOption:getConfigurationSetTrackingOption": { "properties": { "customRedirectDomain": { "type": "string", "description": "The domain to use for tracking open and click events.\n" } }, "type": "object", "required": [ "customRedirectDomain" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetVdmOption:getConfigurationSetVdmOption": { "properties": { "dashboardOptions": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetVdmOptionDashboardOption:getConfigurationSetVdmOptionDashboardOption" }, "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.\n" }, "guardianOptions": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetVdmOptionGuardianOption:getConfigurationSetVdmOptionGuardianOption" }, "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian.\n" } }, "type": "object", "required": [ "dashboardOptions", "guardianOptions" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetVdmOptionDashboardOption:getConfigurationSetVdmOptionDashboardOption": { "properties": { "engagementMetrics": { "type": "string", "description": "Specifies the status of your VDM engagement metrics collection.\n" } }, "type": "object", "required": [ "engagementMetrics" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getConfigurationSetVdmOptionGuardianOption:getConfigurationSetVdmOptionGuardianOption": { "properties": { "optimizedSharedDelivery": { "type": "string", "description": "Specifies the status of your VDM optimized shared delivery.\n" } }, "type": "object", "required": [ "optimizedSharedDelivery" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getDedicatedIpPoolDedicatedIp:getDedicatedIpPoolDedicatedIp": { "properties": { "ip": { "type": "string", "description": "IPv4 address.\n" }, "warmupPercentage": { "type": "integer", "description": "Indicates how complete the dedicated IP warm-up process is. When this value equals `1`, the address has completed the warm-up process and is ready for use.\n" }, "warmupStatus": { "type": "string", "description": "The warm-up status of a dedicated IP address. Valid values: `IN_PROGRESS`, `DONE`.\n" } }, "type": "object", "required": [ "ip", "warmupPercentage", "warmupStatus" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sesv2/getEmailIdentityDkimSigningAttribute:getEmailIdentityDkimSigningAttribute": { "properties": { "currentSigningKeyLength": { "type": "string", "description": "[Easy DKIM] The key length of the DKIM key pair in use.\n" }, "domainSigningPrivateKey": { "type": "string", "secret": true }, "domainSigningSelector": { "type": "string" }, "lastKeyGenerationTimestamp": { "type": "string", "description": "[Easy DKIM] The last time a key pair was generated for this identity.\n" }, "nextSigningKeyLength": { "type": "string", "description": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n" }, "signingAttributesOrigin": { "type": "string", "description": "A string that indicates how DKIM was configured for the identity. `AWS_SES` indicates that DKIM was configured for the identity by using Easy DKIM. `EXTERNAL` indicates that DKIM was configured for the identity by using Bring Your Own DKIM (BYODKIM).\n" }, "status": { "type": "string", "description": "Describes whether or not Amazon SES has successfully located the DKIM records in the DNS records for the domain. See the [AWS SES API v2 Reference](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DkimAttributes.html#SES-Type-DkimAttributes-Status) for supported statuses.\n" }, "tokens": { "type": "array", "items": { "type": "string" }, "description": "If you used Easy DKIM to configure DKIM authentication for the domain, then this object contains a set of unique strings that you use to create a set of CNAME records that you add to the DNS configuration for your domain. When Amazon SES detects these records in the DNS configuration for your domain, the DKIM authentication process is complete. If you configured DKIM authentication for the domain by providing your own public-private key pair, then this object contains the selector for the public key.\n" } }, "type": "object", "required": [ "currentSigningKeyLength", "domainSigningPrivateKey", "domainSigningSelector", "lastKeyGenerationTimestamp", "nextSigningKeyLength", "signingAttributesOrigin", "status", "tokens" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:sfn/AliasRoutingConfiguration:AliasRoutingConfiguration": { "properties": { "stateMachineVersionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the state machine version.\n" }, "weight": { "type": "integer", "description": "Percentage of traffic routed to the state machine version.\n" } }, "type": "object", "required": [ "stateMachineVersionArn", "weight" ] }, "aws:sfn/StateMachineLoggingConfiguration:StateMachineLoggingConfiguration": { "properties": { "includeExecutionData": { "type": "boolean", "description": "Determines whether execution data is included in your log. When set to `false`, data is excluded.\n" }, "level": { "type": "string", "description": "Defines which category of execution history events are logged. Valid values: `ALL`, `ERROR`, `FATAL`, `OFF`\n" }, "logDestination": { "type": "string", "description": "Amazon Resource Name (ARN) of a CloudWatch log group. Make sure the State Machine has the correct IAM policies for logging. The ARN must end with `:*`\n" } }, "type": "object" }, "aws:sfn/StateMachineTracingConfiguration:StateMachineTracingConfiguration": { "properties": { "enabled": { "type": "boolean", "description": "When set to `true`, AWS X-Ray tracing is enabled. Make sure the State Machine has the correct IAM policies for logging. See the [AWS Step Functions Developer Guide](https://docs.aws.amazon.com/step-functions/latest/dg/xray-iam.html) for details.\n" } }, "type": "object" }, "aws:sfn/getAliasRoutingConfiguration:getAliasRoutingConfiguration": { "properties": { "stateMachineVersionArn": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "stateMachineVersionArn", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:shield/ApplicationLayerAutomaticResponseTimeouts:ApplicationLayerAutomaticResponseTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:shield/DrtAccessLogBucketAssociationTimeouts:DrtAccessLogBucketAssociationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" } }, "type": "object" }, "aws:shield/DrtAccessRoleArnAssociationTimeouts:DrtAccessRoleArnAssociationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:shield/ProactiveEngagementEmergencyContact:ProactiveEngagementEmergencyContact": { "properties": { "contactNotes": { "type": "string", "description": "Additional notes regarding the contact.\n" }, "emailAddress": { "type": "string", "description": "A valid email address that will be used for this contact.\n" }, "phoneNumber": { "type": "string", "description": "A phone number, starting with `+` and up to 15 digits that will be used for this contact.\n" } }, "type": "object", "required": [ "emailAddress" ] }, "aws:signer/SigningJobDestination:SigningJobDestination": { "properties": { "s3": { "$ref": "#/types/aws:signer/SigningJobDestinationS3:SigningJobDestinationS3", "description": "A configuration block describing the S3 Destination object: See S3 Destination below for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3" ] }, "aws:signer/SigningJobDestinationS3:SigningJobDestinationS3": { "properties": { "bucket": { "type": "string", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "An Amazon S3 object key prefix that you can use to limit signed objects keys to begin with the specified prefix.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucket" ] }, "aws:signer/SigningJobRevocationRecord:SigningJobRevocationRecord": { "properties": { "reason": { "type": "string" }, "revokedAt": { "type": "string" }, "revokedBy": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "reason", "revokedAt", "revokedBy" ] } } }, "aws:signer/SigningJobSignedObject:SigningJobSignedObject": { "properties": { "s3s": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningJobSignedObjectS3:SigningJobSignedObjectS3" } } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "s3s" ] } } }, "aws:signer/SigningJobSignedObjectS3:SigningJobSignedObjectS3": { "properties": { "bucket": { "type": "string" }, "key": { "type": "string", "description": "Key name of the object that contains your unsigned code.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "bucket", "key" ] } } }, "aws:signer/SigningJobSource:SigningJobSource": { "properties": { "s3": { "$ref": "#/types/aws:signer/SigningJobSourceS3:SigningJobSourceS3", "description": "A configuration block describing the S3 Source object: See S3 Source below for details.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "s3" ] }, "aws:signer/SigningJobSourceS3:SigningJobSourceS3": { "properties": { "bucket": { "type": "string", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "Key name of the object that contains your unsigned code.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of your source image in your version enabled S3 bucket.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucket", "key", "version" ] }, "aws:signer/SigningProfileRevocationRecord:SigningProfileRevocationRecord": { "properties": { "revocationEffectiveFrom": { "type": "string", "description": "The time when revocation becomes effective.\n" }, "revokedAt": { "type": "string", "description": "The time when the signing profile was revoked.\n" }, "revokedBy": { "type": "string", "description": "The identity of the revoker.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "revocationEffectiveFrom", "revokedAt", "revokedBy" ] } } }, "aws:signer/SigningProfileSignatureValidityPeriod:SigningProfileSignatureValidityPeriod": { "properties": { "type": { "type": "string", "description": "The time unit for signature validity. Valid values: `DAYS`, `MONTHS`, `YEARS`.\n", "willReplaceOnChanges": true }, "value": { "type": "integer", "description": "The numerical value of the time unit for signature validity.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type", "value" ] }, "aws:signer/SigningProfileSigningMaterial:SigningProfileSigningMaterial": { "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the certificates that is used to sign your code.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "certificateArn" ] }, "aws:signer/getSigningJobRevocationRecord:getSigningJobRevocationRecord": { "properties": { "reason": { "type": "string" }, "revokedAt": { "type": "string" }, "revokedBy": { "type": "string" } }, "type": "object", "required": [ "reason", "revokedAt", "revokedBy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningJobSignedObject:getSigningJobSignedObject": { "properties": { "s3s": { "type": "array", "items": { "$ref": "#/types/aws:signer/getSigningJobSignedObjectS3:getSigningJobSignedObjectS3" } } }, "type": "object", "required": [ "s3s" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningJobSignedObjectS3:getSigningJobSignedObjectS3": { "properties": { "bucket": { "type": "string" }, "key": { "type": "string" } }, "type": "object", "required": [ "bucket", "key" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningJobSource:getSigningJobSource": { "properties": { "s3s": { "type": "array", "items": { "$ref": "#/types/aws:signer/getSigningJobSourceS3:getSigningJobSourceS3" } } }, "type": "object", "required": [ "s3s" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningJobSourceS3:getSigningJobSourceS3": { "properties": { "bucket": { "type": "string" }, "key": { "type": "string" }, "version": { "type": "string" } }, "type": "object", "required": [ "bucket", "key", "version" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningProfileRevocationRecord:getSigningProfileRevocationRecord": { "properties": { "revocationEffectiveFrom": { "type": "string" }, "revokedAt": { "type": "string" }, "revokedBy": { "type": "string" } }, "type": "object", "required": [ "revocationEffectiveFrom", "revokedAt", "revokedBy" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:signer/getSigningProfileSignatureValidityPeriod:getSigningProfileSignatureValidityPeriod": { "properties": { "type": { "type": "string" }, "value": { "type": "integer" } }, "type": "object", "required": [ "type", "value" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/AssociationOutputLocation:AssociationOutputLocation": { "properties": { "s3BucketName": { "type": "string", "description": "The S3 bucket name.\n" }, "s3KeyPrefix": { "type": "string", "description": "The S3 bucket prefix. Results stored in the root if not configured.\n" }, "s3Region": { "type": "string", "description": "The S3 bucket region.\n\nTargets specify what instance IDs or tags to apply the document to and has these keys:\n" } }, "type": "object", "required": [ "s3BucketName" ] }, "aws:ssm/AssociationTarget:AssociationTarget": { "properties": { "key": { "type": "string", "description": "Either `InstanceIds` or `tag:Tag Name` to specify an EC2 tag.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of instance IDs or tag values. AWS currently limits this list size to one value.\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/ContactsRotationRecurrence:ContactsRotationRecurrence": { "properties": { "dailySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceDailySetting:ContactsRotationRecurrenceDailySetting" } }, "monthlySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceMonthlySetting:ContactsRotationRecurrenceMonthlySetting" }, "description": "(Optional) Information about on-call rotations that recur monthly. See Monthly Settings for more details.\n" }, "numberOfOnCalls": { "type": "integer", "description": "(Required) The number of contacts, or shift team members designated to be on call concurrently during a shift.\n" }, "recurrenceMultiplier": { "type": "integer", "description": "(Required) The number of days, weeks, or months a single rotation lasts.\n" }, "shiftCoverages": { "type": "array", "items": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceShiftCoverage:ContactsRotationRecurrenceShiftCoverage" }, "description": "(Optional) Information about the days of the week that the on-call rotation coverage includes. See Shift Coverages for more details.\n" }, "weeklySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceWeeklySetting:ContactsRotationRecurrenceWeeklySetting" }, "description": "(Optional) Information about on-call rotations that recur weekly. See Weekly Settings for more details.\n" } }, "type": "object", "required": [ "numberOfOnCalls", "recurrenceMultiplier" ] }, "aws:ssm/ContactsRotationRecurrenceDailySetting:ContactsRotationRecurrenceDailySetting": { "properties": { "hourOfDay": { "type": "integer", "description": "(Required) The hour of the day.\n" }, "minuteOfHour": { "type": "integer", "description": "(Required) The minutes of the hour.\n" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ] }, "aws:ssm/ContactsRotationRecurrenceMonthlySetting:ContactsRotationRecurrenceMonthlySetting": { "properties": { "dayOfMonth": { "type": "integer", "description": "(Required) The day of the month when monthly recurring on-call rotations begin.\n" }, "handOffTime": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceMonthlySettingHandOffTime:ContactsRotationRecurrenceMonthlySettingHandOffTime", "description": "(Required) The hand off time. See Hand Off Time for more details.\n" } }, "type": "object", "required": [ "dayOfMonth" ] }, "aws:ssm/ContactsRotationRecurrenceMonthlySettingHandOffTime:ContactsRotationRecurrenceMonthlySettingHandOffTime": { "properties": { "hourOfDay": { "type": "integer", "description": "(Required) The hour of the day.\n" }, "minuteOfHour": { "type": "integer", "description": "(Required) The minutes of the hour.\n" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ] }, "aws:ssm/ContactsRotationRecurrenceShiftCoverage:ContactsRotationRecurrenceShiftCoverage": { "properties": { "coverageTimes": { "type": "array", "items": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTime:ContactsRotationRecurrenceShiftCoverageCoverageTime" }, "description": "(Required) Information about when an on-call shift begins and ends. See Coverage Times for more details.\n" }, "mapBlockKey": { "type": "string" } }, "type": "object", "required": [ "mapBlockKey" ] }, "aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTime:ContactsRotationRecurrenceShiftCoverageCoverageTime": { "properties": { "end": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTimeEnd:ContactsRotationRecurrenceShiftCoverageCoverageTimeEnd", "description": "(Required) The end time of the on-call shift. See Hand Off Time for more details.\n" }, "start": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTimeStart:ContactsRotationRecurrenceShiftCoverageCoverageTimeStart", "description": "(Required) The start time of the on-call shift. See Hand Off Time for more details.\n" } }, "type": "object" }, "aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTimeEnd:ContactsRotationRecurrenceShiftCoverageCoverageTimeEnd": { "properties": { "hourOfDay": { "type": "integer", "description": "(Required) The hour of the day.\n" }, "minuteOfHour": { "type": "integer", "description": "(Required) The minutes of the hour.\n" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ] }, "aws:ssm/ContactsRotationRecurrenceShiftCoverageCoverageTimeStart:ContactsRotationRecurrenceShiftCoverageCoverageTimeStart": { "properties": { "hourOfDay": { "type": "integer", "description": "(Required) The hour of the day.\n" }, "minuteOfHour": { "type": "integer", "description": "(Required) The minutes of the hour.\n" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ] }, "aws:ssm/ContactsRotationRecurrenceWeeklySetting:ContactsRotationRecurrenceWeeklySetting": { "properties": { "dayOfWeek": { "type": "string", "description": "(Required) The day of the week when the shift coverage occurs.\n" }, "handOffTime": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrenceWeeklySettingHandOffTime:ContactsRotationRecurrenceWeeklySettingHandOffTime", "description": "(Required) The hand off time. See Hand Off Time for more details.\n" } }, "type": "object", "required": [ "dayOfWeek" ] }, "aws:ssm/ContactsRotationRecurrenceWeeklySettingHandOffTime:ContactsRotationRecurrenceWeeklySettingHandOffTime": { "properties": { "hourOfDay": { "type": "integer", "description": "(Required) The hour of the day.\n" }, "minuteOfHour": { "type": "integer", "description": "(Required) The minutes of the hour.\n" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ] }, "aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource": { "properties": { "key": { "type": "string", "description": "The key of a key-value pair that identifies the location of an attachment to the document. Valid values: `SourceUrl`, `S3FileUrl`, `AttachmentReference`.\n" }, "name": { "type": "string", "description": "The name of the document attachment file.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of a key-value pair that identifies the location of an attachment to the document. The argument format is a list of a single string that depends on the type of key you specify - see the [API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AttachmentsSource.html) for details.\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/DocumentParameter:DocumentParameter": { "properties": { "defaultValue": { "type": "string", "description": "If specified, the default values for the parameters. Parameters without a default value are required. Parameters with a default value are optional.\n" }, "description": { "type": "string", "description": "A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.\n" }, "name": { "type": "string", "description": "The name of the document.\n" }, "type": { "type": "string", "description": "The type of parameter. Valid values: `String`, `StringList`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "defaultValue", "description", "name", "type" ] } } }, "aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget": { "properties": { "key": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget": { "properties": { "key": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The array of strings.\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters": { "properties": { "automationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParameters:MaintenanceWindowTaskTaskInvocationParametersAutomationParameters", "description": "The parameters for an AUTOMATION task type. Documented below.\n" }, "lambdaParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersLambdaParameters:MaintenanceWindowTaskTaskInvocationParametersLambdaParameters", "description": "The parameters for a LAMBDA task type. Documented below.\n" }, "runCommandParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters:MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters", "description": "The parameters for a RUN_COMMAND task type. Documented below.\n" }, "stepFunctionsParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters:MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters", "description": "The parameters for a STEP_FUNCTIONS task type. Documented below.\n" } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParameters:MaintenanceWindowTaskTaskInvocationParametersAutomationParameters": { "properties": { "documentVersion": { "type": "string", "description": "The version of an Automation document to use during task execution.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter:MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter" }, "description": "The parameters for the RUN_COMMAND task execution. Documented below.\n" } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter:MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameter": { "properties": { "name": { "type": "string", "description": "The parameter name.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The array of strings.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersLambdaParameters:MaintenanceWindowTaskTaskInvocationParametersLambdaParameters": { "properties": { "clientContext": { "type": "string", "description": "Pass client-specific information to the Lambda function that you are invoking.\n" }, "payload": { "type": "string", "description": "JSON to provide to your Lambda function as input.\n", "secret": true }, "qualifier": { "type": "string", "description": "Specify a Lambda function version or alias name.\n" } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters:MaintenanceWindowTaskTaskInvocationParametersRunCommandParameters": { "properties": { "cloudwatchConfig": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersCloudwatchConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersCloudwatchConfig", "description": "Configuration options for sending command output to CloudWatch Logs. Documented below.\n" }, "comment": { "type": "string", "description": "Information about the command(s) to execute.\n" }, "documentHash": { "type": "string", "description": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.\n" }, "documentHashType": { "type": "string", "description": "SHA-256 or SHA-1. SHA-1 hashes have been deprecated. Valid values: `Sha256` and `Sha1`\n" }, "documentVersion": { "type": "string", "description": "The version of an Automation document to use during task execution.\n" }, "notificationConfig": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig", "description": "Configurations for sending notifications about command status changes on a per-instance basis. Documented below.\n" }, "outputS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket.\n" }, "outputS3KeyPrefix": { "type": "string", "description": "The Amazon S3 bucket subfolder.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter" }, "description": "The parameters for the RUN_COMMAND task execution. Documented below.\n" }, "serviceRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service (Amazon SNS) notifications for maintenance window Run Command tasks.\n" }, "timeoutSeconds": { "type": "integer", "description": "If this time is reached and the command has not already started executing, it doesn't run.\n" } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersCloudwatchConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersCloudwatchConfig": { "properties": { "cloudwatchLogGroupName": { "type": "string", "description": "The name of the CloudWatch log group where you want to send command output. If you don't specify a group name, Systems Manager automatically creates a log group for you. The log group uses the following naming format: aws/ssm/SystemsManagerDocumentName.\n" }, "cloudwatchOutputEnabled": { "type": "boolean", "description": "Enables Systems Manager to send command output to CloudWatch Logs.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "cloudwatchLogGroupName" ] } } }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfig": { "properties": { "notificationArn": { "type": "string", "description": "An Amazon Resource Name (ARN) for a Simple Notification Service (SNS) topic. Run Command pushes notifications about command status changes to this topic.\n" }, "notificationEvents": { "type": "array", "items": { "type": "string" }, "description": "The different events for which you can receive notifications. Valid values: `All`, `InProgress`, `Success`, `TimedOut`, `Cancelled`, and `Failed`\n" }, "notificationType": { "type": "string", "description": "When specified with `Command`, receive notification when the status of a command changes. When specified with `Invocation`, for commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes. Valid values: `Command` and `Invocation`\n" } }, "type": "object" }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter:MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameter": { "properties": { "name": { "type": "string", "description": "The parameter name.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The array of strings.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters:MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParameters": { "properties": { "input": { "type": "string", "description": "The inputs for the STEP_FUNCTION task.\n", "secret": true }, "name": { "type": "string", "description": "The name of the STEP_FUNCTION task.\n" } }, "type": "object" }, "aws:ssm/ParameterType:ParameterType": { "type": "string", "enum": [ { "value": "String" }, { "value": "StringList" }, { "value": "SecureString" } ] }, "aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule": { "properties": { "approveAfterDays": { "type": "integer", "description": "Number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline. Valid Range: 0 to 100. Conflicts with `approve_until_date`.\n" }, "approveUntilDate": { "type": "string", "description": "Cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically. Date is formatted as `YYYY-MM-DD`. Conflicts with `approve_after_days`\n" }, "complianceLevel": { "type": "string", "description": "Compliance level for patches approved by this rule. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, and `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "enableNonSecurity": { "type": "boolean", "description": "Boolean enabling the application of non-security updates. The default value is `false`. Valid for Linux instances only.\n" }, "patchFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRulePatchFilter:PatchBaselineApprovalRulePatchFilter" }, "description": "Patch filter group that defines the criteria for the rule. Up to 5 patch filters can be specified per approval rule using Key/Value pairs. Valid combinations of these Keys and the `operating_system` value can be found in the [SSM DescribePatchProperties API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchProperties.html). Valid Values are exact values for the patch property given as the key, or a wildcard `*`, which matches all values. `PATCH_SET` defaults to `OS` if unspecified\n" } }, "type": "object", "required": [ "patchFilters" ] }, "aws:ssm/PatchBaselineApprovalRulePatchFilter:PatchBaselineApprovalRulePatchFilter": { "properties": { "key": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter": { "properties": { "key": { "type": "string" }, "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssm/PatchBaselineSource:PatchBaselineSource": { "properties": { "configuration": { "type": "string", "description": "Value of the yum repo configuration. For information about other options available for your yum repository configuration, see the [`dnf.conf` documentation](https://man7.org/linux/man-pages/man5/dnf.conf.5.html)\n" }, "name": { "type": "string", "description": "Name specified to identify the patch source.\n" }, "products": { "type": "array", "items": { "type": "string" }, "description": "Specific operating system versions a patch repository applies to, such as `\"Ubuntu16.04\"`, `\"AmazonLinux2016.09\"`, `\"RedhatEnterpriseLinux7.2\"` or `\"Suse12.7\"`. For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html).\n" } }, "type": "object", "required": [ "configuration", "name", "products" ] }, "aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination": { "properties": { "bucketName": { "type": "string", "description": "Name of S3 bucket where the aggregated data is stored.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of an encryption key for a destination in Amazon S3.\n", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "Prefix for the bucket.\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "Region with the bucket targeted by the Resource Data Sync.\n", "willReplaceOnChanges": true }, "syncFormat": { "type": "string", "description": "A supported sync format. Only JsonSerDe is currently supported. Defaults to JsonSerDe.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "bucketName", "region" ] }, "aws:ssm/getContactsRotationRecurrence:getContactsRotationRecurrence": { "properties": { "dailySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceDailySetting:getContactsRotationRecurrenceDailySetting" } }, "monthlySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceMonthlySetting:getContactsRotationRecurrenceMonthlySetting" } }, "numberOfOnCalls": { "type": "integer" }, "recurrenceMultiplier": { "type": "integer" }, "shiftCoverages": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceShiftCoverage:getContactsRotationRecurrenceShiftCoverage" } }, "weeklySettings": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceWeeklySetting:getContactsRotationRecurrenceWeeklySetting" } } }, "type": "object", "required": [ "dailySettings", "monthlySettings", "numberOfOnCalls", "recurrenceMultiplier", "shiftCoverages", "weeklySettings" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceDailySetting:getContactsRotationRecurrenceDailySetting": { "properties": { "hourOfDay": { "type": "integer" }, "minuteOfHour": { "type": "integer" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceMonthlySetting:getContactsRotationRecurrenceMonthlySetting": { "properties": { "dayOfMonth": { "type": "integer" }, "handOffTimes": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceMonthlySettingHandOffTime:getContactsRotationRecurrenceMonthlySettingHandOffTime" } } }, "type": "object", "required": [ "dayOfMonth", "handOffTimes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceMonthlySettingHandOffTime:getContactsRotationRecurrenceMonthlySettingHandOffTime": { "properties": { "hourOfDay": { "type": "integer" }, "minuteOfHour": { "type": "integer" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceShiftCoverage:getContactsRotationRecurrenceShiftCoverage": { "properties": { "coverageTimes": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTime:getContactsRotationRecurrenceShiftCoverageCoverageTime" } }, "mapBlockKey": { "type": "string" } }, "type": "object", "required": [ "coverageTimes", "mapBlockKey" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTime:getContactsRotationRecurrenceShiftCoverageCoverageTime": { "properties": { "ends": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTimeEnd:getContactsRotationRecurrenceShiftCoverageCoverageTimeEnd" } }, "starts": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTimeStart:getContactsRotationRecurrenceShiftCoverageCoverageTimeStart" } } }, "type": "object", "required": [ "ends", "starts" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTimeEnd:getContactsRotationRecurrenceShiftCoverageCoverageTimeEnd": { "properties": { "hourOfDay": { "type": "integer" }, "minuteOfHour": { "type": "integer" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceShiftCoverageCoverageTimeStart:getContactsRotationRecurrenceShiftCoverageCoverageTimeStart": { "properties": { "hourOfDay": { "type": "integer" }, "minuteOfHour": { "type": "integer" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceWeeklySetting:getContactsRotationRecurrenceWeeklySetting": { "properties": { "dayOfWeek": { "type": "string" }, "handOffTimes": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrenceWeeklySettingHandOffTime:getContactsRotationRecurrenceWeeklySettingHandOffTime" } } }, "type": "object", "required": [ "dayOfWeek", "handOffTimes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getContactsRotationRecurrenceWeeklySettingHandOffTime:getContactsRotationRecurrenceWeeklySettingHandOffTime": { "properties": { "hourOfDay": { "type": "integer" }, "minuteOfHour": { "type": "integer" } }, "type": "object", "required": [ "hourOfDay", "minuteOfHour" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getInstancesFilter:getInstancesFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [SSM InstanceInformationStringFilter API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_InstanceInformationStringFilter.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/getMaintenanceWindowsFilter:getMaintenanceWindowsFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the [SSM DescribeMaintenanceWindows API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindows.html#API_DescribeMaintenanceWindows_RequestSyntax).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssm/getPatchBaselineApprovalRule:getPatchBaselineApprovalRule": { "properties": { "approveAfterDays": { "type": "integer", "description": "Number of days after the release date of each patch matched by the rule the patch is marked as approved in the patch baseline.\n" }, "approveUntilDate": { "type": "string", "description": "Cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically. Date is formatted as `YYYY-MM-DD`. Conflicts with `approve_after_days`\n" }, "complianceLevel": { "type": "string", "description": "Compliance level for patches approved by this rule.\n" }, "enableNonSecurity": { "type": "boolean", "description": "Boolean enabling the application of non-security updates.\n" }, "patchFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getPatchBaselineApprovalRulePatchFilter:getPatchBaselineApprovalRulePatchFilter" }, "description": "Patch filter group that defines the criteria for the rule.\n" } }, "type": "object", "required": [ "approveAfterDays", "approveUntilDate", "complianceLevel", "enableNonSecurity", "patchFilters" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getPatchBaselineApprovalRulePatchFilter:getPatchBaselineApprovalRulePatchFilter": { "properties": { "key": { "type": "string", "description": "Key for the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Value for the filter.\n" } }, "type": "object", "required": [ "key", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getPatchBaselineGlobalFilter:getPatchBaselineGlobalFilter": { "properties": { "key": { "type": "string", "description": "Key for the filter.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Value for the filter.\n" } }, "type": "object", "required": [ "key", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssm/getPatchBaselineSource:getPatchBaselineSource": { "properties": { "configuration": { "type": "string", "description": "Value of the yum repo configuration.\n" }, "name": { "type": "string", "description": "Name specified to identify the patch source.\n" }, "products": { "type": "array", "items": { "type": "string" }, "description": "Specific operating system versions a patch repository applies to.\n" } }, "type": "object", "required": [ "configuration", "name", "products" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmcontacts/ContactChannelDeliveryAddress:ContactChannelDeliveryAddress": { "properties": { "simpleAddress": { "type": "string", "description": "Details to engage this contact channel. The expected format depends on the contact channel type and is described in the [`ContactChannelAddress` section of the SSM Contacts API Reference](https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ContactChannelAddress.html).\n" } }, "type": "object", "required": [ "simpleAddress" ] }, "aws:ssmcontacts/PlanStage:PlanStage": { "properties": { "durationInMinutes": { "type": "integer", "description": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/PlanStageTarget:PlanStageTarget" }, "description": "One or more configuration blocks for specifying the contacts or contact methods that the escalation plan or engagement plan is engaging. See Target below for more details.\n" } }, "type": "object", "required": [ "durationInMinutes" ] }, "aws:ssmcontacts/PlanStageTarget:PlanStageTarget": { "properties": { "channelTargetInfo": { "$ref": "#/types/aws:ssmcontacts/PlanStageTargetChannelTargetInfo:PlanStageTargetChannelTargetInfo", "description": "A configuration block for specifying information about the contact channel that Incident Manager engages. See Channel Target Info for more details.\n" }, "contactTargetInfo": { "$ref": "#/types/aws:ssmcontacts/PlanStageTargetContactTargetInfo:PlanStageTargetContactTargetInfo", "description": "A configuration block for specifying information about the contact that Incident Manager engages. See Contact Target Info for more details.\n" } }, "type": "object" }, "aws:ssmcontacts/PlanStageTargetChannelTargetInfo:PlanStageTargetChannelTargetInfo": { "properties": { "contactChannelId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact channel.\n" }, "retryIntervalInMinutes": { "type": "integer", "description": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.\n" } }, "type": "object", "required": [ "contactChannelId" ] }, "aws:ssmcontacts/PlanStageTargetContactTargetInfo:PlanStageTargetContactTargetInfo": { "properties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact.\n" }, "isEssential": { "type": "boolean", "description": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.\n" } }, "type": "object", "required": [ "isEssential" ] }, "aws:ssmcontacts/getContactChannelDeliveryAddress:getContactChannelDeliveryAddress": { "properties": { "simpleAddress": { "type": "string" } }, "type": "object", "required": [ "simpleAddress" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmcontacts/getPlanStage:getPlanStage": { "properties": { "durationInMinutes": { "type": "integer" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/getPlanStageTarget:getPlanStageTarget" } } }, "type": "object", "required": [ "durationInMinutes", "targets" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmcontacts/getPlanStageTarget:getPlanStageTarget": { "properties": { "channelTargetInfos": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/getPlanStageTargetChannelTargetInfo:getPlanStageTargetChannelTargetInfo" } }, "contactTargetInfos": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/getPlanStageTargetContactTargetInfo:getPlanStageTargetContactTargetInfo" } } }, "type": "object", "required": [ "channelTargetInfos", "contactTargetInfos" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmcontacts/getPlanStageTargetChannelTargetInfo:getPlanStageTargetChannelTargetInfo": { "properties": { "contactChannelId": { "type": "string" }, "retryIntervalInMinutes": { "type": "integer" } }, "type": "object", "required": [ "contactChannelId", "retryIntervalInMinutes" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmcontacts/getPlanStageTargetContactTargetInfo:getPlanStageTargetContactTargetInfo": { "properties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" }, "isEssential": { "type": "boolean" } }, "type": "object", "required": [ "contactId", "isEssential" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/ReplicationSetRegion:ReplicationSetRegion": { "properties": { "kmsKeyArn": { "type": "string", "description": "The Amazon Resource name (ARN) of the customer managed key. If omitted, AWS manages the AWS KMS keys for you, using an AWS owned key, as indicated by a default value of `DefaultKey`.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "The name of the Region, such as `ap-southeast-2`.\n" }, "status": { "type": "string", "description": "The current status of the Region.\n* Valid Values: `ACTIVE` | `CREATING` | `UPDATING` | `DELETING` | `FAILED`\n" }, "statusMessage": { "type": "string", "description": "More information about the status of a Region.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredOutputs": [ "name", "status", "statusMessage" ] } } }, "aws:ssmincidents/ResponsePlanAction:ResponsePlanAction": { "properties": { "ssmAutomations": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ResponsePlanActionSsmAutomation:ResponsePlanActionSsmAutomation" }, "description": "The Systems Manager automation document to start as the runbook at the beginning of the incident. The following values are supported:\n" } }, "type": "object" }, "aws:ssmincidents/ResponsePlanActionSsmAutomation:ResponsePlanActionSsmAutomation": { "properties": { "documentName": { "type": "string", "description": "The automation document's name.\n" }, "documentVersion": { "type": "string", "description": "The version of the automation document to use at runtime.\n" }, "dynamicParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key-value pair to resolve dynamic parameter values when processing a Systems Manager Automation runbook.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ResponsePlanActionSsmAutomationParameter:ResponsePlanActionSsmAutomationParameter" }, "description": "The key-value pair parameters to use when the automation document runs. The following values are supported:\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role that the automation document assumes when it runs commands.\n" }, "targetAccount": { "type": "string", "description": "The account that the automation document runs in. This can be in either the management account or an application account.\n" } }, "type": "object", "required": [ "documentName", "roleArn" ] }, "aws:ssmincidents/ResponsePlanActionSsmAutomationParameter:ResponsePlanActionSsmAutomationParameter": { "properties": { "name": { "type": "string", "description": "The name of the response plan.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The values for the associated parameter name.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:ssmincidents/ResponsePlanIncidentTemplate:ResponsePlanIncidentTemplate": { "properties": { "dedupeString": { "type": "string", "description": "A string used to stop Incident Manager from creating multiple incident records for the same incident.\n" }, "impact": { "type": "integer", "description": "The impact value of a generated incident. The following values are supported:\n" }, "incidentTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to an incident template. When an incident starts, Incident Manager assigns the tags specified in the template to the incident.\n" }, "notificationTargets": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIncidentTemplateNotificationTarget:ResponsePlanIncidentTemplateNotificationTarget" }, "description": "The Amazon Simple Notification Service (Amazon SNS) targets that this incident notifies when it is updated. The `notification_target` configuration block supports the following argument:\n" }, "summary": { "type": "string", "description": "The summary of an incident.\n" }, "title": { "type": "string", "description": "The title of a generated incident.\n" } }, "type": "object", "required": [ "impact", "title" ] }, "aws:ssmincidents/ResponsePlanIncidentTemplateNotificationTarget:ResponsePlanIncidentTemplateNotificationTarget": { "properties": { "snsTopicArn": { "type": "string", "description": "The ARN of the Amazon SNS topic.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "snsTopicArn" ] }, "aws:ssmincidents/ResponsePlanIntegration:ResponsePlanIntegration": { "properties": { "pagerduties": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIntegrationPagerduty:ResponsePlanIntegrationPagerduty" }, "description": "Details about the PagerDuty configuration for a response plan. The following values are supported:\n" } }, "type": "object" }, "aws:ssmincidents/ResponsePlanIntegrationPagerduty:ResponsePlanIntegrationPagerduty": { "properties": { "name": { "type": "string", "description": "The name of the response plan.\n" }, "secretId": { "type": "string", "description": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key \u0026mdash; either a General Access REST API Key or User Token REST API Key \u0026mdash; and other user credentials.\n\nFor more information about the constraints for each field, see [CreateResponsePlan](https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateResponsePlan.html) in the *AWS Systems Manager Incident Manager API Reference*.\n" }, "serviceId": { "type": "string", "description": "The ID of the PagerDuty service that the response plan associated with the incident at launch.\n" } }, "type": "object", "required": [ "name", "secretId", "serviceId" ] }, "aws:ssmincidents/getReplicationSetRegion:getReplicationSetRegion": { "properties": { "kmsKeyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) encryption key.\n" }, "name": { "type": "string", "description": "The name of the Region.\n" }, "status": { "type": "string", "description": "The current status of the Region.\n* Valid Values: `ACTIVE` | `CREATING` | `UPDATING` | `DELETING` | `FAILED`\n" }, "statusMessage": { "type": "string", "description": "More information about the status of a Region.\n" } }, "type": "object", "required": [ "kmsKeyArn", "name", "status", "statusMessage" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanAction:getResponsePlanAction": { "properties": { "ssmAutomations": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanActionSsmAutomation:getResponsePlanActionSsmAutomation" }, "description": "The Systems Manager automation document to start as the runbook at the beginning of the incident. The following values are supported:\n" } }, "type": "object", "required": [ "ssmAutomations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanActionSsmAutomation:getResponsePlanActionSsmAutomation": { "properties": { "documentName": { "type": "string", "description": "The automation document's name.\n" }, "documentVersion": { "type": "string", "description": "The version of the automation document to use at runtime.\n" }, "dynamicParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key-value pair used to resolve dynamic parameter values when processing a Systems Manager Automation runbook.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanActionSsmAutomationParameter:getResponsePlanActionSsmAutomationParameter" }, "description": "The key-value pair parameters used when the automation document runs. The following values are supported:\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role that the automation document assumes when it runs commands.\n" }, "targetAccount": { "type": "string", "description": "The account that runs the automation document. This can be in either the management account or an application account.\n" } }, "type": "object", "required": [ "documentName", "documentVersion", "dynamicParameters", "parameters", "roleArn", "targetAccount" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanActionSsmAutomationParameter:getResponsePlanActionSsmAutomationParameter": { "properties": { "name": { "type": "string", "description": "The name of the PagerDuty configuration.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "The values for the associated parameter name.\n" } }, "type": "object", "required": [ "name", "values" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanIncidentTemplate:getResponsePlanIncidentTemplate": { "properties": { "dedupeString": { "type": "string", "description": "A string used to stop Incident Manager from creating multiple incident records for the same incident.\n" }, "impact": { "type": "integer", "description": "The impact value of a generated incident. The following values are supported:\n" }, "incidentTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags assigned to an incident template. When an incident starts, Incident Manager assigns the tags specified in the template to the incident.\n" }, "notificationTargets": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanIncidentTemplateNotificationTarget:getResponsePlanIncidentTemplateNotificationTarget" }, "description": "The Amazon Simple Notification Service (Amazon SNS) targets that this incident notifies when it is updated. The `notification_target` configuration block supports the following argument:\n" }, "summary": { "type": "string", "description": "The summary of an incident.\n" }, "title": { "type": "string", "description": "The title of a generated incident.\n" } }, "type": "object", "required": [ "dedupeString", "impact", "incidentTags", "notificationTargets", "summary", "title" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanIncidentTemplateNotificationTarget:getResponsePlanIncidentTemplateNotificationTarget": { "properties": { "snsTopicArn": { "type": "string", "description": "The ARN of the Amazon SNS topic.\n" } }, "type": "object", "required": [ "snsTopicArn" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanIntegration:getResponsePlanIntegration": { "properties": { "pagerduties": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanIntegrationPagerduty:getResponsePlanIntegrationPagerduty" }, "description": "Details about the PagerDuty configuration for a response plan. The following values are supported:\n" } }, "type": "object", "required": [ "pagerduties" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssmincidents/getResponsePlanIntegrationPagerduty:getResponsePlanIntegrationPagerduty": { "properties": { "name": { "type": "string", "description": "The name of the PagerDuty configuration.\n" }, "secretId": { "type": "string", "description": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key \u0026mdash; either a General Access REST API Key or User Token REST API Key \u0026mdash; and other user credentials.\n" }, "serviceId": { "type": "string", "description": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.\n" } }, "type": "object", "required": [ "name", "secretId", "serviceId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/ApplicationPortalOptions:ApplicationPortalOptions": { "properties": { "signInOptions": { "$ref": "#/types/aws:ssoadmin/ApplicationPortalOptionsSignInOptions:ApplicationPortalOptionsSignInOptions", "description": "Sign-in options for the access portal. See `sign_in_options` below.\n" }, "visibility": { "type": "string", "description": "Indicates whether this application is visible in the access portal. Valid values are `ENABLED` and `DISABLED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "visibility" ] } } }, "aws:ssoadmin/ApplicationPortalOptionsSignInOptions:ApplicationPortalOptionsSignInOptions": { "properties": { "applicationUrl": { "type": "string", "description": "URL that accepts authentication requests for an application.\n" }, "origin": { "type": "string", "description": "Determines how IAM Identity Center navigates the user to the target application.\nValid values are `APPLICATION` and `IDENTITY_CENTER`.\nIf `APPLICATION` is set, IAM Identity Center redirects the customer to the configured `application_url`.\nIf `IDENTITY_CENTER` is set, IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.\n" } }, "type": "object", "required": [ "origin" ] }, "aws:ssoadmin/CustomerManagedPolicyAttachmentCustomerManagedPolicyReference:CustomerManagedPolicyAttachmentCustomerManagedPolicyReference": { "properties": { "name": { "type": "string", "description": "Name of the customer managed IAM Policy to be attached.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The path to the IAM policy to be attached. The default is `/`. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) for more information.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ] }, "aws:ssoadmin/InstanceAccessControlAttributesAttribute:InstanceAccessControlAttributesAttribute": { "properties": { "key": { "type": "string", "description": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in AWS SSO.\n" }, "values": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/InstanceAccessControlAttributesAttributeValue:InstanceAccessControlAttributesAttributeValue" }, "description": "The value used for mapping a specified attribute to an identity source. See AccessControlAttributeValue\n" } }, "type": "object", "required": [ "key", "values" ] }, "aws:ssoadmin/InstanceAccessControlAttributesAttributeValue:InstanceAccessControlAttributesAttributeValue": { "properties": { "sources": { "type": "array", "items": { "type": "string" }, "description": "The identity source to use when mapping a specified attribute to AWS SSO.\n" } }, "type": "object", "required": [ "sources" ] }, "aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundary:PermissionsBoundaryAttachmentPermissionsBoundary": { "properties": { "customerManagedPolicyReference": { "$ref": "#/types/aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReference:PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReference", "description": "Specifies the name and path of a customer managed policy. See below.\n", "willReplaceOnChanges": true }, "managedPolicyArn": { "type": "string", "description": "AWS-managed IAM policy ARN to use as the permissions boundary.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReference:PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReference": { "properties": { "name": { "type": "string", "description": "Name of the customer managed IAM Policy to be attached.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The path to the IAM policy to be attached. The default is `/`. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) for more information.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "name" ] }, "aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfiguration": { "properties": { "oidcJwtConfiguration": { "$ref": "#/types/aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfiguration", "description": "A block that describes the settings for a trusted token issuer that works with OpenID Connect (OIDC) by using JSON Web Tokens (JWT). See Documented below below.\n" } }, "type": "object" }, "aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfiguration": { "properties": { "claimAttributePath": { "type": "string", "description": "Specifies the path of the source attribute in the JWT from the trusted token issuer.\n" }, "identityStoreAttributePath": { "type": "string", "description": "Specifies path of the destination attribute in a JWT from IAM Identity Center. The attribute mapped by this JMESPath expression is compared against the attribute mapped by `claim_attribute_path` when a trusted token issuer token is exchanged for an IAM Identity Center token.\n" }, "issuerUrl": { "type": "string", "description": "Specifies the URL that IAM Identity Center uses for OpenID Discovery. OpenID Discovery is used to obtain the information required to verify the tokens that the trusted token issuer generates.\n" }, "jwksRetrievalOption": { "type": "string", "description": "The method that the trusted token issuer can use to retrieve the JSON Web Key Set used to verify a JWT. Valid values are `OPEN_ID_DISCOVERY`\n" } }, "type": "object", "required": [ "claimAttributePath", "identityStoreAttributePath", "issuerUrl", "jwksRetrievalOption" ] }, "aws:ssoadmin/getApplicationAssignmentsApplicationAssignment:getApplicationAssignmentsApplicationAssignment": { "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "type": "object", "required": [ "applicationArn", "principalId", "principalType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/getApplicationPortalOption:getApplicationPortalOption": { "properties": { "signInOptions": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationPortalOptionSignInOption:getApplicationPortalOptionSignInOption" } }, "visibility": { "type": "string" } }, "type": "object", "required": [ "visibility" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/getApplicationPortalOptionSignInOption:getApplicationPortalOptionSignInOption": { "properties": { "applicationUrl": { "type": "string" }, "origin": { "type": "string" } }, "type": "object", "required": [ "applicationUrl", "origin" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/getApplicationProvidersApplicationProvider:getApplicationProvidersApplicationProvider": { "properties": { "applicationProviderArn": { "type": "string", "description": "ARN of the application provider.\n" }, "displayDatas": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationProvidersApplicationProviderDisplayData:getApplicationProvidersApplicationProviderDisplayData" }, "description": "An object describing how IAM Identity Center represents the application provider in the portal. See `display_data` below.\n" }, "federationProtocol": { "type": "string", "description": "Protocol that the application provider uses to perform federation. Valid values are `SAML` and `OAUTH`.\n" } }, "type": "object", "required": [ "applicationProviderArn", "federationProtocol" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/getApplicationProvidersApplicationProviderDisplayData:getApplicationProvidersApplicationProviderDisplayData": { "properties": { "description": { "type": "string", "description": "Description of the application provider.\n" }, "displayName": { "type": "string", "description": "Name of the application provider.\n" }, "iconUrl": { "type": "string", "description": "URL that points to an icon that represents the application provider.\n" } }, "type": "object", "required": [ "description", "displayName", "iconUrl" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:ssoadmin/getPrincipalApplicationAssignmentsApplicationAssignment:getPrincipalApplicationAssignmentsApplicationAssignment": { "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "type": "object", "required": [ "applicationArn", "principalId", "principalType" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:storagegateway/FileSystemAssociationCacheAttributes:FileSystemAssociationCacheAttributes": { "properties": { "cacheStaleTimeoutInSeconds": { "type": "integer", "description": "Refreshes a file share's cache by using Time To Live (TTL).\nTTL is the length of time since the last refresh after which access to the directory would cause the file gateway\nto first refresh that directory's contents from the Amazon S3 bucket. Valid Values: `0` or `300` to `2592000` seconds (5 minutes to 30 days). Defaults to `0`\n" } }, "type": "object" }, "aws:storagegateway/GatewayGatewayNetworkInterface:GatewayGatewayNetworkInterface": { "properties": { "ipv4Address": { "type": "string", "description": "The Internet Protocol version 4 (IPv4) address of the interface.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipv4Address" ] } } }, "aws:storagegateway/GatewayMaintenanceStartTime:GatewayMaintenanceStartTime": { "properties": { "dayOfMonth": { "type": "string", "description": "The day of the month component of the maintenance start time represented as an ordinal number from 1 to 28, where 1 represents the first day of the month and 28 represents the last day of the month.\n" }, "dayOfWeek": { "type": "string", "description": "The day of the week component of the maintenance start time week represented as an ordinal number from 0 to 6, where 0 represents Sunday and 6 Saturday.\n" }, "hourOfDay": { "type": "integer", "description": "The hour component of the maintenance start time represented as _hh_, where _hh_ is the hour (00 to 23). The hour of the day is in the time zone of the gateway.\n" }, "minuteOfHour": { "type": "integer", "description": "The minute component of the maintenance start time represented as _mm_, where _mm_ is the minute (00 to 59). The minute of the hour is in the time zone of the gateway.\n" } }, "type": "object", "required": [ "hourOfDay" ] }, "aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings": { "properties": { "activeDirectoryStatus": { "type": "string" }, "domainControllers": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses, NetBIOS names, or host names of your domain server.\nIf you need to specify the port number include it after the colon (“:”). For example, `mydc.mydomain.com:389`.\n" }, "domainName": { "type": "string", "description": "The name of the domain that you want the gateway to join.\n" }, "organizationalUnit": { "type": "string", "description": "The organizational unit (OU) is a container in an Active Directory that can hold users, groups,\ncomputers, and other OUs and this parameter specifies the OU that the gateway will join within the AD domain.\n" }, "password": { "type": "string", "description": "The password of the user who has permission to add the gateway to the Active Directory domain.\n", "secret": true }, "timeoutInSeconds": { "type": "integer", "description": "Specifies the time in seconds, in which the JoinDomain operation must complete. The default is `20` seconds.\n" }, "username": { "type": "string", "description": "The user name of user who has permission to add the gateway to the Active Directory domain.\n" } }, "type": "object", "required": [ "domainName", "password", "username" ], "language": { "nodejs": { "requiredOutputs": [ "activeDirectoryStatus", "domainName", "password", "username" ] } } }, "aws:storagegateway/NfsFileShareCacheAttributes:NfsFileShareCacheAttributes": { "properties": { "cacheStaleTimeoutInSeconds": { "type": "integer", "description": "Refreshes a file share's cache by using Time To Live (TTL).\nTTL is the length of time since the last refresh after which access to the directory would cause the file gateway\nto first refresh that directory's contents from the Amazon S3 bucket. Valid Values: 300 to 2,592,000 seconds (5 minutes to 30 days)\n" } }, "type": "object" }, "aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults": { "properties": { "directoryMode": { "type": "string", "description": "The Unix directory mode in the string form \"nnnn\". Defaults to `\"0777\"`.\n" }, "fileMode": { "type": "string", "description": "The Unix file mode in the string form \"nnnn\". Defaults to `\"0666\"`.\n" }, "groupId": { "type": "string", "description": "The default group ID for the file share (unless the files have another group ID specified). Defaults to `65534` (`nfsnobody`). Valid values: `0` through `4294967294`.\n" }, "ownerId": { "type": "string", "description": "The default owner ID for the file share (unless the files have another owner ID specified). Defaults to `65534` (`nfsnobody`). Valid values: `0` through `4294967294`.\n" } }, "type": "object" }, "aws:storagegateway/SmbFileShareCacheAttributes:SmbFileShareCacheAttributes": { "properties": { "cacheStaleTimeoutInSeconds": { "type": "integer", "description": "Refreshes a file share's cache by using Time To Live (TTL).\nTTL is the length of time since the last refresh after which access to the directory would cause the file gateway\nto first refresh that directory's contents from the Amazon S3 bucket. Valid Values: 300 to 2,592,000 seconds (5 minutes to 30 days)\n" } }, "type": "object" }, "aws:synthetics/CanaryArtifactConfig:CanaryArtifactConfig": { "properties": { "s3Encryption": { "$ref": "#/types/aws:synthetics/CanaryArtifactConfigS3Encryption:CanaryArtifactConfigS3Encryption", "description": "Configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. See S3 Encryption.\n" } }, "type": "object" }, "aws:synthetics/CanaryArtifactConfigS3Encryption:CanaryArtifactConfigS3Encryption": { "properties": { "encryptionMode": { "type": "string", "description": "The encryption method to use for artifacts created by this canary. Valid values are: `SSE_S3` and `SSE_KMS`.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN of the customer-managed KMS key to use, if you specify `SSE_KMS` for `encryption_mode`.\n" } }, "type": "object" }, "aws:synthetics/CanaryRunConfig:CanaryRunConfig": { "properties": { "activeTracing": { "type": "boolean", "description": "Whether this canary is to use active AWS X-Ray tracing when it runs. You can enable active tracing only for canaries that use version syn-nodejs-2.0 or later for their canary runtime.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variables that are accessible from the canary during execution. Please see [AWS Docs](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) for variables reserved for Lambda.\n" }, "memoryInMb": { "type": "integer", "description": "Maximum amount of memory available to the canary while it is running, in MB. The value you specify must be a multiple of 64.\n" }, "timeoutInSeconds": { "type": "integer", "description": "Number of seconds the canary is allowed to run before it must stop. If you omit this field, the frequency of the canary is used, up to a maximum of 840 (14 minutes).\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "memoryInMb" ] } } }, "aws:synthetics/CanarySchedule:CanarySchedule": { "properties": { "durationInSeconds": { "type": "integer", "description": "Duration in seconds, for the canary to continue making regular runs according to the schedule in the Expression value.\n" }, "expression": { "type": "string", "description": "Rate expression or cron expression that defines how often the canary is to run. For rate expression, the syntax is `rate(number unit)`. _unit_ can be `minute`, `minutes`, or `hour`. For cron expression, the syntax is `cron(expression)`. For more information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html).\n" } }, "type": "object", "required": [ "expression" ] }, "aws:synthetics/CanaryTimeline:CanaryTimeline": { "properties": { "created": { "type": "string", "description": "Date and time the canary was created.\n" }, "lastModified": { "type": "string", "description": "Date and time the canary was most recently modified.\n" }, "lastStarted": { "type": "string", "description": "Date and time that the canary's most recent run started.\n" }, "lastStopped": { "type": "string", "description": "Date and time that the canary's most recent run ended.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "created", "lastModified", "lastStarted", "lastStopped" ] } } }, "aws:synthetics/CanaryVpcConfig:CanaryVpcConfig": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of the security groups for this canary.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of the subnets where this canary is to run.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC where this canary is to run.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "vpcId" ] } } }, "aws:timestreamwrite/TableMagneticStoreWriteProperties:TableMagneticStoreWriteProperties": { "properties": { "enableMagneticStoreWrites": { "type": "boolean", "description": "A flag to enable magnetic store writes.\n" }, "magneticStoreRejectedDataLocation": { "$ref": "#/types/aws:timestreamwrite/TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocation:TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocation", "description": "The location to write error reports for records rejected asynchronously during magnetic store writes. See Magnetic Store Rejected Data Location below for more details.\n" } }, "type": "object" }, "aws:timestreamwrite/TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocation:TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocation": { "properties": { "s3Configuration": { "$ref": "#/types/aws:timestreamwrite/TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocationS3Configuration:TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocationS3Configuration", "description": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes. See S3 Configuration below for more details.\n" } }, "type": "object" }, "aws:timestreamwrite/TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocationS3Configuration:TableMagneticStoreWritePropertiesMagneticStoreRejectedDataLocationS3Configuration": { "properties": { "bucketName": { "type": "string", "description": "Bucket name of the customer S3 bucket.\n" }, "encryptionOption": { "type": "string", "description": "Encryption option for the customer s3 location. Options are S3 server side encryption with an S3-managed key or KMS managed key. Valid values are `SSE_KMS` and `SSE_S3`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key arn for the customer s3 location when encrypting with a KMS managed key.\n" }, "objectKeyPrefix": { "type": "string", "description": "Object key prefix for the customer S3 location.\n" } }, "type": "object" }, "aws:timestreamwrite/TableRetentionProperties:TableRetentionProperties": { "properties": { "magneticStoreRetentionPeriodInDays": { "type": "integer", "description": "The duration for which data must be stored in the magnetic store. Minimum value of 1. Maximum value of 73000.\n" }, "memoryStoreRetentionPeriodInHours": { "type": "integer", "description": "The duration for which data must be stored in the memory store. Minimum value of 1. Maximum value of 8766.\n" } }, "type": "object", "required": [ "magneticStoreRetentionPeriodInDays", "memoryStoreRetentionPeriodInHours" ] }, "aws:timestreamwrite/TableSchema:TableSchema": { "properties": { "compositePartitionKey": { "$ref": "#/types/aws:timestreamwrite/TableSchemaCompositePartitionKey:TableSchemaCompositePartitionKey", "description": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed. See Composite Partition Key below for more details.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "compositePartitionKey" ] } } }, "aws:timestreamwrite/TableSchemaCompositePartitionKey:TableSchemaCompositePartitionKey": { "properties": { "enforcementInRecord": { "type": "string", "description": "The level of enforcement for the specification of a dimension key in ingested records. Valid values: `REQUIRED`, `OPTIONAL`.\n" }, "name": { "type": "string", "description": "The name of the attribute used for a dimension key.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of the partition key. Valid values: `DIMENSION`, `MEASURE`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:timestreamwrite/getTableMagneticStoreWriteProperty:getTableMagneticStoreWriteProperty": { "properties": { "enableMagneticStoreWrites": { "type": "boolean", "description": "Flag that is set based on if magnetic store writes are enabled.\n" }, "magneticStoreRejectedDataLocations": { "type": "array", "items": { "$ref": "#/types/aws:timestreamwrite/getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocation:getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocation" }, "description": "Object containing the following attributes to describe error reports for records rejected during magnetic store writes.\n" } }, "type": "object", "required": [ "enableMagneticStoreWrites", "magneticStoreRejectedDataLocations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:timestreamwrite/getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocation:getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocation": { "properties": { "s3Configurations": { "type": "array", "items": { "$ref": "#/types/aws:timestreamwrite/getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocationS3Configuration:getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocationS3Configuration" }, "description": "Object containing the following attributes to describe the configuration of an s3 location to write error reports for records rejected.\n" } }, "type": "object", "required": [ "s3Configurations" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:timestreamwrite/getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocationS3Configuration:getTableMagneticStoreWritePropertyMagneticStoreRejectedDataLocationS3Configuration": { "properties": { "bucketName": { "type": "string", "description": "Name of S3 bucket.\n" }, "encryptionOption": { "type": "string" }, "kmsKeyId": { "type": "string", "description": "AWS KMS key ID for S3 location with AWS maanged key.\n" }, "objectKeyPrefix": { "type": "string", "description": "Object key preview for S3 location.\n" } }, "type": "object", "required": [ "bucketName", "encryptionOption", "kmsKeyId", "objectKeyPrefix" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:timestreamwrite/getTableRetentionProperty:getTableRetentionProperty": { "properties": { "magneticStoreRetentionPeriodInDays": { "type": "integer", "description": "Duration in days in which the data must be stored in magnetic store.\n" }, "memoryStoreRetentionPeriodInHours": { "type": "integer", "description": "Duration in hours in which the data must be stored in memory store.\n" } }, "type": "object", "required": [ "magneticStoreRetentionPeriodInDays", "memoryStoreRetentionPeriodInHours" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:timestreamwrite/getTableSchema:getTableSchema": { "properties": { "compositePartitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:timestreamwrite/getTableSchemaCompositePartitionKey:getTableSchemaCompositePartitionKey" } } }, "type": "object", "required": [ "compositePartitionKeys" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:timestreamwrite/getTableSchemaCompositePartitionKey:getTableSchemaCompositePartitionKey": { "properties": { "enforcementInRecord": { "type": "string" }, "name": { "type": "string", "description": "Name of the Timestream table.\n" }, "type": { "type": "string", "description": "Type of partition key.\n" } }, "type": "object", "required": [ "enforcementInRecord", "name", "type" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:transcribe/LanguageModelInputDataConfig:LanguageModelInputDataConfig": { "properties": { "dataAccessRoleArn": { "type": "string", "description": "IAM role with access to S3 bucket.\n", "willReplaceOnChanges": true }, "s3Uri": { "type": "string", "description": "S3 URI where training data is located.\n", "willReplaceOnChanges": true }, "tuningDataS3Uri": { "type": "string", "description": "S3 URI where tuning data is located.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "dataAccessRoleArn", "s3Uri" ], "language": { "nodejs": { "requiredOutputs": [ "dataAccessRoleArn", "s3Uri", "tuningDataS3Uri" ] } } }, "aws:transfer/AccessHomeDirectoryMapping:AccessHomeDirectoryMapping": { "properties": { "entry": { "type": "string", "description": "Represents an entry and a target.\n" }, "target": { "type": "string", "description": "Represents the map target.\n" } }, "type": "object", "required": [ "entry", "target" ] }, "aws:transfer/AccessPosixProfile:AccessPosixProfile": { "properties": { "gid": { "type": "integer", "description": "The POSIX group ID used for all EFS operations by this user.\n" }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "The secondary POSIX group IDs used for all EFS operations by this user.\n" }, "uid": { "type": "integer", "description": "The POSIX user ID used for all EFS operations by this user.\n" } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:transfer/ConnectorAs2Config:ConnectorAs2Config": { "properties": { "compression": { "type": "string", "description": "Specifies weather AS2 file is compressed. The valud values are ZLIB and DISABLED.\n" }, "encryptionAlgorithm": { "type": "string", "description": "The algorithm that is used to encrypt the file. The valid values are AES128_CBC | AES192_CBC | AES256_CBC | NONE.\n" }, "localProfileId": { "type": "string", "description": "The unique identifier for the AS2 local profile.\n" }, "mdnResponse": { "type": "string", "description": "Used for outbound requests to determine if a partner response for transfers is synchronous or asynchronous. The valid values are SYNC and NONE.\n" }, "mdnSigningAlgorithm": { "type": "string", "description": "The signing algorithm for the Mdn response. The valid values are SHA256 | SHA384 | SHA512 | SHA1 | NONE | DEFAULT.\n" }, "messageSubject": { "type": "string", "description": "Used as the subject HTTP header attribute in AS2 messages that are being sent with the connector.\n" }, "partnerProfileId": { "type": "string", "description": "The unique identifier for the AS2 partner profile.\n" }, "signingAlgorithm": { "type": "string", "description": "The algorithm that is used to sign AS2 messages sent with the connector. The valid values are SHA256 | SHA384 | SHA512 | SHA1 | NONE .\n" } }, "type": "object", "required": [ "compression", "encryptionAlgorithm", "localProfileId", "mdnResponse", "partnerProfileId", "signingAlgorithm" ] }, "aws:transfer/ConnectorSftpConfig:ConnectorSftpConfig": { "properties": { "trustedHostKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of public portion of the host key, or keys, that are used to authenticate the user to the external server to which you are connecting.(https://docs.aws.amazon.com/transfer/latest/userguide/API_SftpConnectorConfig.html)\n" }, "userSecretId": { "type": "string", "description": "The identifier for the secret (in AWS Secrets Manager) that contains the SFTP user's private key, password, or both. The identifier can be either the Amazon Resource Name (ARN) or the name of the secret.\n" } }, "type": "object" }, "aws:transfer/ServerEndpointDetails:ServerEndpointDetails": { "properties": { "addressAllocationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of address allocation IDs that are required to attach an Elastic IP address to your SFTP server's endpoint. This property can only be used when `endpoint_type` is set to `VPC`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security groups IDs that are available to attach to your server's endpoint. If no security groups are specified, the VPC's default security groups are automatically assigned to your endpoint. This property can only be used when `endpoint_type` is set to `VPC`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs that are required to host your SFTP server endpoint in your VPC. This property can only be used when `endpoint_type` is set to `VPC`.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint. This property can only be used when `endpoint_type` is set to `VPC_ENDPOINT`\n" }, "vpcId": { "type": "string", "description": "The VPC ID of the virtual private cloud in which the SFTP server's endpoint will be hosted. This property can only be used when `endpoint_type` is set to `VPC`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "securityGroupIds", "vpcEndpointId" ] } } }, "aws:transfer/ServerProtocolDetails:ServerProtocolDetails": { "properties": { "as2Transports": { "type": "array", "items": { "type": "string" }, "description": "Indicates the transport method for the AS2 messages. Currently, only `HTTP` is supported.\n" }, "passiveIp": { "type": "string", "description": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer.\n" }, "setStatOption": { "type": "string", "description": "Use to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket. Valid values: `DEFAULT`, `ENABLE_NO_OP`.\n" }, "tlsSessionResumptionMode": { "type": "string", "description": "A property used with Transfer Family servers that use the FTPS protocol. Provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. Valid values: `DISABLED`, `ENABLED`, `ENFORCED`.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "as2Transports", "passiveIp", "setStatOption", "tlsSessionResumptionMode" ] } } }, "aws:transfer/ServerS3StorageOptions:ServerS3StorageOptions": { "properties": { "directoryListingOptimization": { "type": "string", "description": "Specifies whether or not performance for your Amazon S3 directories is optimized. Valid values are `DISABLED`, `ENABLED`.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY`. If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` Type to `FILE` if you want a mapping to have a file target. See [Using logical directories to simplify your Transfer Family directory structures](https://docs.aws.amazon.com/transfer/latest/userguide/logical-dir-mappings.html) for details.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "directoryListingOptimization" ] } } }, "aws:transfer/ServerWorkflowDetails:ServerWorkflowDetails": { "properties": { "onPartialUpload": { "$ref": "#/types/aws:transfer/ServerWorkflowDetailsOnPartialUpload:ServerWorkflowDetailsOnPartialUpload", "description": "A trigger that starts a workflow if a file is only partially uploaded. See Workflow Detail below. See `on_partial_upload` Block below for details.\n" }, "onUpload": { "$ref": "#/types/aws:transfer/ServerWorkflowDetailsOnUpload:ServerWorkflowDetailsOnUpload", "description": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded. See `on_upload` Block below for details.\n" } }, "type": "object" }, "aws:transfer/ServerWorkflowDetailsOnPartialUpload:ServerWorkflowDetailsOnPartialUpload": { "properties": { "executionRole": { "type": "string", "description": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources.\n" }, "workflowId": { "type": "string", "description": "A unique identifier for the workflow.\n" } }, "type": "object", "required": [ "executionRole", "workflowId" ] }, "aws:transfer/ServerWorkflowDetailsOnUpload:ServerWorkflowDetailsOnUpload": { "properties": { "executionRole": { "type": "string", "description": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources.\n" }, "workflowId": { "type": "string", "description": "A unique identifier for the workflow.\n" } }, "type": "object", "required": [ "executionRole", "workflowId" ] }, "aws:transfer/UserHomeDirectoryMapping:UserHomeDirectoryMapping": { "properties": { "entry": { "type": "string", "description": "Represents an entry and a target.\n" }, "target": { "type": "string", "description": "Represents the map target.\n\nThe `Restricted` option is achieved using the following mapping:\n\n```\nhome_directory_mappings {\nentry = \"/\"\ntarget = \"/${aws_s3_bucket.foo.id}/$${Transfer:UserName}\"\n}\n```\n" } }, "type": "object", "required": [ "entry", "target" ] }, "aws:transfer/UserPosixProfile:UserPosixProfile": { "properties": { "gid": { "type": "integer", "description": "The POSIX group ID used for all EFS operations by this user.\n" }, "secondaryGids": { "type": "array", "items": { "type": "integer" }, "description": "The secondary POSIX group IDs used for all EFS operations by this user.\n" }, "uid": { "type": "integer", "description": "The POSIX user ID used for all EFS operations by this user.\n" } }, "type": "object", "required": [ "gid", "uid" ] }, "aws:transfer/WorkflowOnExceptionStep:WorkflowOnExceptionStep": { "properties": { "copyStepDetails": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepCopyStepDetails:WorkflowOnExceptionStepCopyStepDetails", "description": "Details for a step that performs a file copy. See Copy Step Details below.\n", "willReplaceOnChanges": true }, "customStepDetails": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepCustomStepDetails:WorkflowOnExceptionStepCustomStepDetails", "description": "Details for a step that invokes a lambda function.\n", "willReplaceOnChanges": true }, "decryptStepDetails": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepDecryptStepDetails:WorkflowOnExceptionStepDecryptStepDetails", "description": "Details for a step that decrypts the file.\n", "willReplaceOnChanges": true }, "deleteStepDetails": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepDeleteStepDetails:WorkflowOnExceptionStepDeleteStepDetails", "description": "Details for a step that deletes the file.\n", "willReplaceOnChanges": true }, "tagStepDetails": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepTagStepDetails:WorkflowOnExceptionStepTagStepDetails", "description": "Details for a step that creates one or more tags.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:transfer/WorkflowOnExceptionStepCopyStepDetails:WorkflowOnExceptionStepCopyStepDetails": { "properties": { "destinationFileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocation", "description": "Specifies the location for the file being copied. Use ${Transfer:username} in this field to parametrize the destination prefix by username.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "overwriteExisting": { "type": "string", "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is `FALSE`. Valid values are `TRUE` and `FALSE`.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocation": { "properties": { "efsFileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationEfsFileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationEfsFileLocation", "description": "Specifies the details for the EFS file being copied.\n", "willReplaceOnChanges": true }, "s3FileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationS3FileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationS3FileLocation", "description": "Specifies the details for the S3 file being copied.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationEfsFileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationEfsFileLocation": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of the file system, assigned by Amazon EFS.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The pathname for the folder being used by a workflow.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationS3FileLocation:WorkflowOnExceptionStepCopyStepDetailsDestinationFileLocationS3FileLocation": { "properties": { "bucket": { "type": "string", "description": "Specifies the S3 bucket for the customer input file.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The name assigned to the file when it was created in S3. You use the object key to retrieve the object.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepCustomStepDetails:WorkflowOnExceptionStepCustomStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "target": { "type": "string", "description": "The ARN for the lambda function that is being called.\n", "willReplaceOnChanges": true }, "timeoutSeconds": { "type": "integer", "description": "Timeout, in seconds, for the step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepDecryptStepDetails:WorkflowOnExceptionStepDecryptStepDetails": { "properties": { "destinationFileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocation", "description": "Specifies the location for the file being copied. Use ${Transfer:username} in this field to parametrize the destination prefix by username.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "overwriteExisting": { "type": "string", "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is `FALSE`. Valid values are `TRUE` and `FALSE`.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of encryption used. Currently, this value must be `\"PGP\"`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocation": { "properties": { "efsFileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationEfsFileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationEfsFileLocation", "description": "Specifies the details for the EFS file being copied.\n", "willReplaceOnChanges": true }, "s3FileLocation": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationS3FileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationS3FileLocation", "description": "Specifies the details for the S3 file being copied.\n" } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationEfsFileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationEfsFileLocation": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of the file system, assigned by Amazon EFS.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The pathname for the folder being used by a workflow.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationS3FileLocation:WorkflowOnExceptionStepDecryptStepDetailsDestinationFileLocationS3FileLocation": { "properties": { "bucket": { "type": "string", "description": "Specifies the S3 bucket for the customer input file.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The name assigned to the file when it was created in S3. You use the object key to retrieve the object.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepDeleteStepDetails:WorkflowOnExceptionStepDeleteStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepTagStepDetails:WorkflowOnExceptionStepTagStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStepTagStepDetailsTag:WorkflowOnExceptionStepTagStepDetailsTag" }, "description": "Array that contains from 1 to 10 key/value pairs. See S3 Tags below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowOnExceptionStepTagStepDetailsTag:WorkflowOnExceptionStepTagStepDetailsTag": { "properties": { "key": { "type": "string", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value that corresponds to the key.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:transfer/WorkflowStep:WorkflowStep": { "properties": { "copyStepDetails": { "$ref": "#/types/aws:transfer/WorkflowStepCopyStepDetails:WorkflowStepCopyStepDetails", "description": "Details for a step that performs a file copy. See Copy Step Details below.\n", "willReplaceOnChanges": true }, "customStepDetails": { "$ref": "#/types/aws:transfer/WorkflowStepCustomStepDetails:WorkflowStepCustomStepDetails", "description": "Details for a step that invokes a lambda function.\n", "willReplaceOnChanges": true }, "decryptStepDetails": { "$ref": "#/types/aws:transfer/WorkflowStepDecryptStepDetails:WorkflowStepDecryptStepDetails", "description": "Details for a step that decrypts the file.\n", "willReplaceOnChanges": true }, "deleteStepDetails": { "$ref": "#/types/aws:transfer/WorkflowStepDeleteStepDetails:WorkflowStepDeleteStepDetails", "description": "Details for a step that deletes the file.\n", "willReplaceOnChanges": true }, "tagStepDetails": { "$ref": "#/types/aws:transfer/WorkflowStepTagStepDetails:WorkflowStepTagStepDetails", "description": "Details for a step that creates one or more tags.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:transfer/WorkflowStepCopyStepDetails:WorkflowStepCopyStepDetails": { "properties": { "destinationFileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocation:WorkflowStepCopyStepDetailsDestinationFileLocation", "description": "Specifies the location for the file being copied. Use ${Transfer:username} in this field to parametrize the destination prefix by username.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "overwriteExisting": { "type": "string", "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is `FALSE`. Valid values are `TRUE` and `FALSE`.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocation:WorkflowStepCopyStepDetailsDestinationFileLocation": { "properties": { "efsFileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocationEfsFileLocation:WorkflowStepCopyStepDetailsDestinationFileLocationEfsFileLocation", "description": "Specifies the details for the EFS file being copied.\n", "willReplaceOnChanges": true }, "s3FileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocationS3FileLocation:WorkflowStepCopyStepDetailsDestinationFileLocationS3FileLocation", "description": "Specifies the details for the S3 file being copied.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocationEfsFileLocation:WorkflowStepCopyStepDetailsDestinationFileLocationEfsFileLocation": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of the file system, assigned by Amazon EFS.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The pathname for the folder being used by a workflow.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepCopyStepDetailsDestinationFileLocationS3FileLocation:WorkflowStepCopyStepDetailsDestinationFileLocationS3FileLocation": { "properties": { "bucket": { "type": "string", "description": "Specifies the S3 bucket for the customer input file.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The name assigned to the file when it was created in S3. You use the object key to retrieve the object.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepCustomStepDetails:WorkflowStepCustomStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "target": { "type": "string", "description": "The ARN for the lambda function that is being called.\n", "willReplaceOnChanges": true }, "timeoutSeconds": { "type": "integer", "description": "Timeout, in seconds, for the step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepDecryptStepDetails:WorkflowStepDecryptStepDetails": { "properties": { "destinationFileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocation", "description": "Specifies the location for the file being copied. Use ${Transfer:username} in this field to parametrize the destination prefix by username.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "overwriteExisting": { "type": "string", "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is `FALSE`. Valid values are `TRUE` and `FALSE`.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of encryption used. Currently, this value must be `\"PGP\"`.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "type" ] }, "aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocation": { "properties": { "efsFileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocationEfsFileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocationEfsFileLocation", "description": "Specifies the details for the EFS file being copied.\n", "willReplaceOnChanges": true }, "s3FileLocation": { "$ref": "#/types/aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocationS3FileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocationS3FileLocation", "description": "Specifies the details for the S3 file being copied.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocationEfsFileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocationEfsFileLocation": { "properties": { "fileSystemId": { "type": "string", "description": "The ID of the file system, assigned by Amazon EFS.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The pathname for the folder being used by a workflow.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepDecryptStepDetailsDestinationFileLocationS3FileLocation:WorkflowStepDecryptStepDetailsDestinationFileLocationS3FileLocation": { "properties": { "bucket": { "type": "string", "description": "Specifies the S3 bucket for the customer input file.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "The name assigned to the file when it was created in S3. You use the object key to retrieve the object.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepDeleteStepDetails:WorkflowStepDeleteStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepTagStepDetails:WorkflowStepTagStepDetails": { "properties": { "name": { "type": "string", "description": "The name of the step, used as an identifier.\n", "willReplaceOnChanges": true }, "sourceFileLocation": { "type": "string", "description": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow. Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value. Enter ${original.file} to use the originally-uploaded file location as input for this step.\n", "willReplaceOnChanges": true }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowStepTagStepDetailsTag:WorkflowStepTagStepDetailsTag" }, "description": "Array that contains from 1 to 10 key/value pairs. See S3 Tags below.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aws:transfer/WorkflowStepTagStepDetailsTag:WorkflowStepTagStepDetailsTag": { "properties": { "key": { "type": "string", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value that corresponds to the key.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "key", "value" ] }, "aws:transfer/getConnectorAs2Config:getConnectorAs2Config": { "properties": { "basicAuthSecretId": { "type": "string", "description": "Basic authentication for AS2 connector API. Returns a null value if not set.\n" }, "compression": { "type": "string", "description": "Specifies whether AS2 file is compressed. Will be ZLIB or DISABLED\n" }, "encryptionAlgorithm": { "type": "string", "description": "Algorithm used to encrypt file. Will be AES128_CBC or AES192_CBC or AES256_CBC or DES_EDE3_CBC or NONE.\n" }, "localProfileId": { "type": "string", "description": "Unique identifier for AS2 local profile.\n" }, "mdnResponse": { "type": "string", "description": "Used for outbound requests to tell if response is asynchronous or not. Will be either SYNC or NONE.\n" }, "mdnSigningAlgorithm": { "type": "string", "description": "Signing algorithm for MDN response. Will be SHA256 or SHA384 or SHA512 or SHA1 or NONE or DEFAULT.\n" }, "messageSubject": { "type": "string", "description": "Subject HTTP header attribute in outbound AS2 messages to the connector.\n" }, "partnerProfileId": { "type": "string", "description": "Unique identifier used by connector for partner profile.\n" }, "singingAlgorithm": { "type": "string" } }, "type": "object", "required": [ "basicAuthSecretId", "compression", "encryptionAlgorithm", "localProfileId", "mdnResponse", "mdnSigningAlgorithm", "messageSubject", "partnerProfileId", "singingAlgorithm" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:transfer/getConnectorSftpConfig:getConnectorSftpConfig": { "properties": { "trustedHostKeys": { "type": "array", "items": { "type": "string" }, "description": "List of the public portions of the host keys that are used to identify the servers the connector is connected to.\n" }, "userSecretId": { "type": "string", "description": "Identifer for the secret in AWS Secrets Manager that contains the SFTP user's private key, and/or password.\n" } }, "type": "object", "required": [ "trustedHostKeys", "userSecretId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:verifiedaccess/EndpointLoadBalancerOptions:EndpointLoadBalancerOptions": { "properties": { "loadBalancerArn": { "type": "string", "willReplaceOnChanges": true }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "subnetIds": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:verifiedaccess/EndpointNetworkInterfaceOptions:EndpointNetworkInterfaceOptions": { "properties": { "networkInterfaceId": { "type": "string", "willReplaceOnChanges": true }, "port": { "type": "integer" }, "protocol": { "type": "string" } }, "type": "object" }, "aws:verifiedaccess/EndpointSseSpecification:EndpointSseSpecification": { "properties": { "customerManagedKeyEnabled": { "type": "boolean" }, "kmsKeyArn": { "type": "string" } }, "type": "object" }, "aws:verifiedaccess/GroupSseConfiguration:GroupSseConfiguration": { "properties": { "customerManagedKeyEnabled": { "type": "boolean" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key to use.\n" } }, "type": "object" }, "aws:verifiedaccess/InstanceLoggingConfigurationAccessLogs:InstanceLoggingConfigurationAccessLogs": { "properties": { "cloudwatchLogs": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsCloudwatchLogs:InstanceLoggingConfigurationAccessLogsCloudwatchLogs", "description": "A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.\n" }, "includeTrustContext": { "type": "boolean", "description": "Include trust data sent by trust providers into the logs.\n" }, "kinesisDataFirehose": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsKinesisDataFirehose:InstanceLoggingConfigurationAccessLogsKinesisDataFirehose", "description": "A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.\n" }, "logVersion": { "type": "string", "description": "The logging version to use. Refer to [VerifiedAccessLogOptions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_VerifiedAccessLogOptions.html) for the allowed values.\n" }, "s3": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsS3:InstanceLoggingConfigurationAccessLogsS3", "description": "A block that specifies configures sending Verified Access logs to S3. Detailed below.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "includeTrustContext", "logVersion" ] } } }, "aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsCloudwatchLogs:InstanceLoggingConfigurationAccessLogsCloudwatchLogs": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether logging is enabled.\n" }, "logGroup": { "type": "string", "description": "The name of the CloudWatch Logs Log Group.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsKinesisDataFirehose:InstanceLoggingConfigurationAccessLogsKinesisDataFirehose": { "properties": { "deliveryStream": { "type": "string", "description": "The name of the delivery stream.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether logging is enabled.\n" } }, "type": "object", "required": [ "enabled" ] }, "aws:verifiedaccess/InstanceLoggingConfigurationAccessLogsS3:InstanceLoggingConfigurationAccessLogsS3": { "properties": { "bucketName": { "type": "string", "description": "The name of S3 bucket.\n" }, "bucketOwner": { "type": "string", "description": "The ID of the AWS account that owns the Amazon S3 bucket.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether logging is enabled.\n" }, "prefix": { "type": "string", "description": "The bucket prefix.\n" } }, "type": "object", "required": [ "enabled" ], "language": { "nodejs": { "requiredOutputs": [ "bucketOwner", "enabled" ] } } }, "aws:verifiedaccess/InstanceVerifiedAccessTrustProvider:InstanceVerifiedAccessTrustProvider": { "properties": { "description": { "type": "string", "description": "A description for the AWS Verified Access Instance.\n" }, "deviceTrustProviderType": { "type": "string", "description": "The type of device-based trust provider.\n" }, "trustProviderType": { "type": "string", "description": "The type of trust provider (user- or device-based).\n" }, "userTrustProviderType": { "type": "string", "description": "The type of user-based trust provider.\n" }, "verifiedAccessTrustProviderId": { "type": "string", "description": "The ID of the trust provider.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "description", "deviceTrustProviderType", "trustProviderType", "userTrustProviderType", "verifiedAccessTrustProviderId" ] } } }, "aws:verifiedaccess/TrustProviderDeviceOptions:TrustProviderDeviceOptions": { "properties": { "tenantId": { "type": "string" } }, "type": "object" }, "aws:verifiedaccess/TrustProviderOidcOptions:TrustProviderOidcOptions": { "properties": { "authorizationEndpoint": { "type": "string", "willReplaceOnChanges": true }, "clientId": { "type": "string", "willReplaceOnChanges": true }, "clientSecret": { "type": "string", "secret": true }, "issuer": { "type": "string", "willReplaceOnChanges": true }, "scope": { "type": "string" }, "tokenEndpoint": { "type": "string", "willReplaceOnChanges": true }, "userInfoEndpoint": { "type": "string", "willReplaceOnChanges": true } }, "type": "object", "required": [ "clientSecret" ] }, "aws:verifiedpermissions/IdentitySourceConfiguration:IdentitySourceConfiguration": { "properties": { "cognitoUserPoolConfiguration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationCognitoUserPoolConfiguration:IdentitySourceConfigurationCognitoUserPoolConfiguration", "description": "Specifies the configuration details of an Amazon Cognito user pool that Verified Permissions can use as a source of authenticated identities as entities. See Cognito User Pool Configuration below.\n" }, "openIdConnectConfiguration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfiguration:IdentitySourceConfigurationOpenIdConnectConfiguration", "description": "Specifies the configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. See Open ID Connect Configuration below.\n" } }, "type": "object" }, "aws:verifiedpermissions/IdentitySourceConfigurationCognitoUserPoolConfiguration:IdentitySourceConfigurationCognitoUserPoolConfiguration": { "properties": { "clientIds": { "type": "array", "items": { "type": "string" }, "description": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n" }, "groupConfiguration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationCognitoUserPoolConfigurationGroupConfiguration:IdentitySourceConfigurationCognitoUserPoolConfigurationGroupConfiguration", "description": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source. See Group Configuration below.\n" }, "userPoolArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be authorized.\n" } }, "type": "object", "required": [ "userPoolArn" ], "language": { "nodejs": { "requiredOutputs": [ "clientIds", "userPoolArn" ] } } }, "aws:verifiedpermissions/IdentitySourceConfigurationCognitoUserPoolConfigurationGroupConfiguration:IdentitySourceConfigurationCognitoUserPoolConfigurationGroupConfiguration": { "properties": { "groupEntityType": { "type": "string", "description": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup`.\n" } }, "type": "object", "required": [ "groupEntityType" ] }, "aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfiguration:IdentitySourceConfigurationOpenIdConnectConfiguration": { "properties": { "entityIdPrefix": { "type": "string", "description": "A descriptive string that you want to prefix to user entities from your OIDC identity provider.\n" }, "groupConfiguration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfiguration:IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfiguration", "description": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source. See Group Configuration below.\n" }, "issuer": { "type": "string", "description": "The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path `.well-known/openid-configuration`.\n" }, "tokenSelection": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelection:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelection", "description": "The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source. See Token Selection below.\n" } }, "type": "object", "required": [ "issuer" ] }, "aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfiguration:IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfiguration": { "properties": { "groupClaim": { "type": "string", "description": "The token claim that you want Verified Permissions to interpret as group membership. For example, `groups`.\n" }, "groupEntityType": { "type": "string", "description": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup`.\n" } }, "type": "object", "required": [ "groupClaim", "groupEntityType" ] }, "aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelection:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelection": { "properties": { "accessTokenOnly": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnly:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnly", "description": "The OIDC configuration for processing access tokens. See Access Token Only below.\n" }, "identityTokenOnly": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionIdentityTokenOnly:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionIdentityTokenOnly", "description": "The OIDC configuration for processing identity (ID) tokens. See Identity Token Only below.\n" } }, "type": "object" }, "aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnly:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnly": { "properties": { "audiences": { "type": "array", "items": { "type": "string" }, "description": "The access token aud claim values that you want to accept in your policy store.\n" }, "principalIdClaim": { "type": "string", "description": "The claim that determines the principal in OIDC access tokens.\n" } }, "type": "object" }, "aws:verifiedpermissions/IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionIdentityTokenOnly:IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionIdentityTokenOnly": { "properties": { "clientIds": { "type": "array", "items": { "type": "string" }, "description": "The ID token audience, or client ID, claim values that you want to accept in your policy store from an OIDC identity provider.\n" }, "principalIdClaim": { "type": "string", "description": "The claim that determines the principal in OIDC access tokens.\n" } }, "type": "object" }, "aws:verifiedpermissions/PolicyDefinition:PolicyDefinition": { "properties": { "static": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinitionStatic:PolicyDefinitionStatic", "description": "The static policy statement. See Static below.\n" }, "templateLinked": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinitionTemplateLinked:PolicyDefinitionTemplateLinked", "description": "The template linked policy. See Template Linked below.\n" } }, "type": "object" }, "aws:verifiedpermissions/PolicyDefinitionStatic:PolicyDefinitionStatic": { "properties": { "description": { "type": "string", "description": "The description of the static policy.\n" }, "statement": { "type": "string", "description": "The statement of the static policy.\n" } }, "type": "object", "required": [ "statement" ] }, "aws:verifiedpermissions/PolicyDefinitionTemplateLinked:PolicyDefinitionTemplateLinked": { "properties": { "policyTemplateId": { "type": "string", "description": "The ID of the template.\n" }, "principal": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinitionTemplateLinkedPrincipal:PolicyDefinitionTemplateLinkedPrincipal", "description": "The principal of the template linked policy.\n" }, "resource": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinitionTemplateLinkedResource:PolicyDefinitionTemplateLinkedResource", "description": "The resource of the template linked policy.\n" } }, "type": "object", "required": [ "policyTemplateId" ] }, "aws:verifiedpermissions/PolicyDefinitionTemplateLinkedPrincipal:PolicyDefinitionTemplateLinkedPrincipal": { "properties": { "entityId": { "type": "string", "description": "The entity ID of the principal.\n" }, "entityType": { "type": "string", "description": "The entity type of the principal.\n" } }, "type": "object", "required": [ "entityId", "entityType" ] }, "aws:verifiedpermissions/PolicyDefinitionTemplateLinkedResource:PolicyDefinitionTemplateLinkedResource": { "properties": { "entityId": { "type": "string", "description": "The entity ID of the resource.\n" }, "entityType": { "type": "string", "description": "The entity type of the resource.\n" } }, "type": "object", "required": [ "entityId", "entityType" ] }, "aws:verifiedpermissions/PolicyStoreValidationSettings:PolicyStoreValidationSettings": { "properties": { "mode": { "type": "string", "description": "The mode for the validation settings. Valid values: `OFF`, `STRICT`.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "mode" ] }, "aws:verifiedpermissions/SchemaDefinition:SchemaDefinition": { "properties": { "value": { "type": "string", "description": "A JSON string representation of the schema.\n" } }, "type": "object", "required": [ "value" ] }, "aws:verifiedpermissions/getPolicyStoreValidationSetting:getPolicyStoreValidationSetting": { "properties": { "mode": { "type": "string" } }, "type": "object", "required": [ "mode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:vpc/EndpointServicePrivateDnsVerificationTimeouts:EndpointServicePrivateDnsVerificationTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:vpc/getSecurityGroupRuleFilter:getSecurityGroupRuleFilter": { "properties": { "name": { "type": "string", "description": "Name of the filter field. Valid values can be found in the EC2 [`DescribeSecurityGroupRules`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupRules.html) API Reference.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given filter field. Results will be selected if any given value matches.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:vpc/getSecurityGroupRulesFilter:getSecurityGroupRulesFilter": { "properties": { "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupRules.html).\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "Set of values that are accepted for the given field.\nSecurity group rule IDs will be selected if any one of the given values match.\n" } }, "type": "object", "required": [ "name", "values" ] }, "aws:vpclattice/ListenerDefaultAction:ListenerDefaultAction": { "properties": { "fixedResponse": { "$ref": "#/types/aws:vpclattice/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse" }, "forwards": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ListenerDefaultActionForward:ListenerDefaultActionForward" }, "description": "Route requests to one or more target groups. See Forward blocks below.\n\n\u003e **NOTE:** You must specify exactly one of the following argument blocks: `fixed_response` or `forward`.\n" } }, "type": "object" }, "aws:vpclattice/ListenerDefaultActionFixedResponse:ListenerDefaultActionFixedResponse": { "properties": { "statusCode": { "type": "integer", "description": "Custom HTTP status code to return, e.g. a 404 response code. See [Listeners](https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html) in the AWS documentation for a list of supported codes.\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:vpclattice/ListenerDefaultActionForward:ListenerDefaultActionForward": { "properties": { "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup" }, "description": "One or more target group blocks.\n" } }, "type": "object" }, "aws:vpclattice/ListenerDefaultActionForwardTargetGroup:ListenerDefaultActionForwardTargetGroup": { "properties": { "targetGroupIdentifier": { "type": "string", "description": "ID or Amazon Resource Name (ARN) of the target group.\n" }, "weight": { "type": "integer", "description": "Determines how requests are distributed to the target group. Only required if you specify multiple target groups for a forward action. For example, if you specify two target groups, one with a\nweight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. See [Listener rules](https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html#listener-rules) in the AWS documentation for additional examples. Default: `100`.\n" } }, "type": "object" }, "aws:vpclattice/ListenerRuleAction:ListenerRuleAction": { "properties": { "fixedResponse": { "$ref": "#/types/aws:vpclattice/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse", "description": "Describes the rule action that returns a custom HTTP response.\n" }, "forward": { "$ref": "#/types/aws:vpclattice/ListenerRuleActionForward:ListenerRuleActionForward", "description": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.\n" } }, "type": "object" }, "aws:vpclattice/ListenerRuleActionFixedResponse:ListenerRuleActionFixedResponse": { "properties": { "statusCode": { "type": "integer", "description": "The HTTP response code.\n" } }, "type": "object", "required": [ "statusCode" ] }, "aws:vpclattice/ListenerRuleActionForward:ListenerRuleActionForward": { "properties": { "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup" }, "description": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1 with maximum number of 2. If only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.\n" } }, "type": "object", "required": [ "targetGroups" ] }, "aws:vpclattice/ListenerRuleActionForwardTargetGroup:ListenerRuleActionForwardTargetGroup": { "properties": { "targetGroupIdentifier": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "targetGroupIdentifier" ] }, "aws:vpclattice/ListenerRuleMatch:ListenerRuleMatch": { "properties": { "httpMatch": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatchHttpMatch:ListenerRuleMatchHttpMatch", "description": "The HTTP criteria that a rule must match.\n" } }, "type": "object" }, "aws:vpclattice/ListenerRuleMatchHttpMatch:ListenerRuleMatchHttpMatch": { "properties": { "headerMatches": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatchHttpMatchHeaderMatch:ListenerRuleMatchHttpMatchHeaderMatch" }, "description": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.\n" }, "method": { "type": "string", "description": "The HTTP method type.\n" }, "pathMatch": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatchHttpMatchPathMatch:ListenerRuleMatchHttpMatchPathMatch", "description": "The path match.\n" } }, "type": "object" }, "aws:vpclattice/ListenerRuleMatchHttpMatchHeaderMatch:ListenerRuleMatchHttpMatchHeaderMatch": { "properties": { "caseSensitive": { "type": "boolean", "description": "Indicates whether the match is case sensitive. Defaults to false.\n" }, "match": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatchHttpMatchHeaderMatchMatch:ListenerRuleMatchHttpMatchHeaderMatchMatch", "description": "The header match type.\n" }, "name": { "type": "string", "description": "The name of the header.\n" } }, "type": "object", "required": [ "match", "name" ] }, "aws:vpclattice/ListenerRuleMatchHttpMatchHeaderMatchMatch:ListenerRuleMatchHttpMatchHeaderMatchMatch": { "properties": { "contains": { "type": "string", "description": "Specifies a contains type match.\n" }, "exact": { "type": "string", "description": "Specifies an exact type match.\n" }, "prefix": { "type": "string", "description": "Specifies a prefix type match. Matches the value with the prefix.\n" } }, "type": "object" }, "aws:vpclattice/ListenerRuleMatchHttpMatchPathMatch:ListenerRuleMatchHttpMatchPathMatch": { "properties": { "caseSensitive": { "type": "boolean", "description": "Indicates whether the match is case sensitive. Defaults to false.\n" }, "match": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatchHttpMatchPathMatchMatch:ListenerRuleMatchHttpMatchPathMatchMatch", "description": "The header match type.\n" } }, "type": "object", "required": [ "match" ] }, "aws:vpclattice/ListenerRuleMatchHttpMatchPathMatchMatch:ListenerRuleMatchHttpMatchPathMatchMatch": { "properties": { "exact": { "type": "string", "description": "Specifies an exact type match.\n" }, "prefix": { "type": "string", "description": "Specifies a prefix type match. Matches the value with the prefix.\n" } }, "type": "object" }, "aws:vpclattice/ServiceDnsEntry:ServiceDnsEntry": { "properties": { "domainName": { "type": "string" }, "hostedZoneId": { "type": "string" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "hostedZoneId" ] } } }, "aws:vpclattice/ServiceNetworkServiceAssociationDnsEntry:ServiceNetworkServiceAssociationDnsEntry": { "properties": { "domainName": { "type": "string", "description": "The domain name of the service.\n" }, "hostedZoneId": { "type": "string", "description": "The ID of the hosted zone.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "domainName", "hostedZoneId" ] } } }, "aws:vpclattice/TargetGroupAttachmentTarget:TargetGroupAttachmentTarget": { "properties": { "id": { "type": "string", "description": "The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "This port is used for routing traffic to the target, and defaults to the target group port. However, you can override the default and specify a custom port.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "id" ], "language": { "nodejs": { "requiredOutputs": [ "id", "port" ] } } }, "aws:vpclattice/TargetGroupConfig:TargetGroupConfig": { "properties": { "healthCheck": { "$ref": "#/types/aws:vpclattice/TargetGroupConfigHealthCheck:TargetGroupConfigHealthCheck", "description": "The health check configuration.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP address used for the target group. Valid values: `IPV4` | `IPV6`.\n", "willReplaceOnChanges": true }, "lambdaEventStructureVersion": { "type": "string", "description": "The version of the event structure that the Lambda function receives. Supported only if `type` is `LAMBDA`. Valid Values are `V1` | `V2`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the targets are listening.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "The protocol to use for routing traffic to the targets. Valid Values are `HTTP` | `HTTPS`.\n", "willReplaceOnChanges": true }, "protocolVersion": { "type": "string", "description": "The protocol version. Valid Values are `HTTP1` | `HTTP2` | `GRPC`. Default value is `HTTP1`.\n", "willReplaceOnChanges": true }, "vpcIdentifier": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "ipAddressType", "lambdaEventStructureVersion", "port", "protocol", "protocolVersion" ] } } }, "aws:vpclattice/TargetGroupConfigHealthCheck:TargetGroupConfigHealthCheck": { "properties": { "enabled": { "type": "boolean", "description": "Indicates whether health checking is enabled. Defaults to `true`.\n" }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.\n" }, "healthCheckTimeoutSeconds": { "type": "integer", "description": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.\n* `healthy_threshold_count ` - (Optional) The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.\n" }, "healthyThresholdCount": { "type": "integer" }, "matcher": { "$ref": "#/types/aws:vpclattice/TargetGroupConfigHealthCheckMatcher:TargetGroupConfigHealthCheckMatcher", "description": "The codes to use when checking for a successful response from a target. These are called _Success codes_ in the console.\n" }, "path": { "type": "string", "description": "The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2, specify a valid URI (for example, /path?query). The default path is `/`. Health checks are not supported if the protocol version is gRPC, however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.\n" }, "port": { "type": "integer", "description": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.\n" }, "protocol": { "type": "string", "description": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS`.\n" }, "protocolVersion": { "type": "string", "description": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2`. The default is `HTTP1`.\n" }, "unhealthyThresholdCount": { "type": "integer", "description": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "port", "protocol" ] } } }, "aws:vpclattice/TargetGroupConfigHealthCheckMatcher:TargetGroupConfigHealthCheckMatcher": { "properties": { "value": { "type": "string", "description": "The HTTP codes to use when checking for a successful response from a target.\n" } }, "type": "object" }, "aws:vpclattice/getListenerDefaultAction:getListenerDefaultAction": { "properties": { "fixedResponses": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse" } }, "forwards": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/getListenerDefaultActionForward:getListenerDefaultActionForward" } } }, "type": "object", "required": [ "fixedResponses", "forwards" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:vpclattice/getListenerDefaultActionFixedResponse:getListenerDefaultActionFixedResponse": { "properties": { "statusCode": { "type": "integer" } }, "type": "object", "required": [ "statusCode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:vpclattice/getListenerDefaultActionForward:getListenerDefaultActionForward": { "properties": { "targetGroups": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup" } } }, "type": "object", "required": [ "targetGroups" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:vpclattice/getListenerDefaultActionForwardTargetGroup:getListenerDefaultActionForwardTargetGroup": { "properties": { "targetGroupIdentifier": { "type": "string" }, "weight": { "type": "integer" } }, "type": "object", "required": [ "targetGroupIdentifier", "weight" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:vpclattice/getServiceDnsEntry:getServiceDnsEntry": { "properties": { "domainName": { "type": "string" }, "hostedZoneId": { "type": "string" } }, "type": "object", "required": [ "domainName", "hostedZoneId" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n" }, "positionalConstraint": { "type": "string", "description": "Within the portion of a web request that you want to search\n(for example, in the query string, if any), specify where you want to search.\ne.g., `CONTAINS`, `CONTAINS_WORD` or `EXACTLY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-PositionalConstraint)\nfor all supported values.\n" }, "targetString": { "type": "string", "description": "The value that you want to search for within the field specified by `field_to_match`, e.g., `badrefer1`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ByteMatchTuple.html)\nfor all supported values.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "positionalConstraint", "textTransformation" ] }, "aws:waf/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint": { "properties": { "type": { "type": "string", "description": "The type of geographical area you want AWS WAF to search for. Currently Country is the only valid value.\n" }, "value": { "type": "string", "description": "The country that you want AWS WAF to search for.\nThis is the two-letter country code, e.g., `US`, `CA`, `RU`, `CN`, etc.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchConstraint.html) for all supported values.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor": { "properties": { "type": { "type": "string", "description": "Type of the IP address - `IPV4` or `IPV6`.\n" }, "value": { "type": "string", "description": "An IPv4 or IPv6 address specified via CIDR notationE.g., `192.0.2.44/32` or `1111:0000:0000:0000:0000:0000:0000:0000/64`\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:waf/RateBasedRulePredicate:RateBasedRulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n" }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`.\n" }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n" } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n" }, "regexPatternSetId": { "type": "string", "description": "The ID of a Regex Pattern Set.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "regexPatternSetId", "textTransformation" ] }, "aws:waf/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule": { "properties": { "action": { "$ref": "#/types/aws:waf/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction", "description": "Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.\n" }, "priority": { "type": "integer", "description": "Specifies the order in which the rules are evaluated. Rules with a lower value are evaluated before rules with a higher value.\n" }, "ruleId": { "type": "string", "description": "The ID of a rule\n" }, "type": { "type": "string" } }, "type": "object", "required": [ "action", "priority", "ruleId" ] }, "aws:waf/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "aws:waf/RulePredicate:RulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n" }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified waf_byte_match_set, waf_ipset, aws_waf_size_constraint_set, aws.waf.SqlInjectionMatchSet or aws_waf_xss_match_set.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses except `192.0.2.44`.\n" }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n" } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint": { "properties": { "comparisonOperator": { "type": "string", "description": "Type of comparison you want to perform, such as `EQ`, `NE`, `LT`, or `GT`. Please refer to the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for a complete list of supported values.\n" }, "fieldToMatch": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch", "description": "Parameter that specifies where in a web request to look for the size constraint.\n" }, "size": { "type": "integer", "description": "Size in bytes that you want to compare against the size of the specified `field_to_match`. Valid values for `size` are between 0 and 21474836480 bytes (0 and 20 GB).\n" }, "textTransformation": { "type": "string", "description": "Parameter is used to eliminate unusual formatting that attackers may use in web requests to bypass AWS WAF. When a transformation is specified, AWS WAF performs the transformation on the `field_to_match` before inspecting the request for a match. Some examples of supported transformations are `CMD_LINE`, `HTML_ENTITY_DECODE`, and `NONE`. You can find a complete list of supported values in the [AWS WAF API Reference](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-TextTransformation).\n**Note:** If you choose `BODY` as the `type`, you must also choose `NONE` because CloudFront only forwards the first 8192 bytes for inspection.\n" } }, "type": "object", "required": [ "comparisonOperator", "fieldToMatch", "size", "textTransformation" ] }, "aws:waf/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the `type` is `HEADER`, specify the name of the header that you want to search using the `data` field, for example, `User-Agent` or `Referer`. If the `type` is any other value, you can omit this field.\n" }, "type": { "type": "string", "description": "Part of the web request that you want AWS WAF to search for a specified string. For example, `HEADER`, `METHOD`, or `BODY`. See the [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html) for all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for snippets of malicious SQL code.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SqlInjectionMatchTuple.html#WAF-Type-SqlInjectionMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:waf/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclDefaultAction:WebAclDefaultAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF to respond to requests that don't match the criteria in any of the `rules`.\ne.g., `ALLOW` or `BLOCK`\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration": { "properties": { "logDestination": { "type": "string", "description": "Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream\n" }, "redactedFields": { "$ref": "#/types/aws:waf/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields", "description": "Configuration block containing parts of the request that you want redacted from the logs. Detailed below.\n" } }, "type": "object", "required": [ "logDestination" ] }, "aws:waf/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields": { "properties": { "fieldToMatches": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch" }, "description": "Set of configuration blocks for fields to redact. Detailed below.\n" } }, "type": "object", "required": [ "fieldToMatches" ] }, "aws:waf/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified stringE.g., `HEADER` or `METHOD`\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclRule:WebAclRule": { "properties": { "action": { "$ref": "#/types/aws:waf/WebAclRuleAction:WebAclRuleAction", "description": "The action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if `type` is `GROUP`.\n" }, "overrideAction": { "$ref": "#/types/aws:waf/WebAclRuleOverrideAction:WebAclRuleOverrideAction", "description": "Override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if `type` is `GROUP`.\n" }, "priority": { "type": "integer", "description": "Specifies the order in which the rules in a WebACL are evaluated.\nRules with a lower value are evaluated before rules with a higher value.\n" }, "ruleId": { "type": "string", "description": "ID of the associated WAF (Global) rule (e.g., `aws.waf.Rule`). WAF (Regional) rules cannot be used.\n" }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n" } }, "type": "object", "required": [ "priority", "ruleId" ] }, "aws:waf/WebAclRuleAction:WebAclRuleAction": { "properties": { "type": { "type": "string", "description": "valid values are: `BLOCK`, `ALLOW`, or `COUNT`\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/WebAclRuleOverrideAction:WebAclRuleOverrideAction": { "properties": { "type": { "type": "string", "description": "valid values are: `NONE` or `COUNT`\n" } }, "type": "object", "required": [ "type" ] }, "aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for cross-site scripting attacks.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_XssMatchTuple.html#WAF-Type-XssMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:waf/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch", "description": "Settings for the ByteMatchTuple. FieldToMatch documented below.\n" }, "positionalConstraint": { "type": "string", "description": "Within the portion of a web request that you want to search.\n" }, "targetString": { "type": "string", "description": "The value that you want AWS WAF to search for. The maximum length of the value is 50 bytes.\n" }, "textTransformation": { "type": "string", "description": "The formatting way for web request.\n\nFieldToMatch(field_to_match) support following:\n" } }, "type": "object", "required": [ "fieldToMatch", "positionalConstraint", "textTransformation" ] }, "aws:wafregional/ByteMatchSetByteMatchTupleFieldToMatch:ByteMatchSetByteMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of Type is HEADER, enter the name of the header that you want AWS WAF to search, for example, User-Agent or Referer. If the value of Type is any other value, omit Data.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint": { "properties": { "type": { "type": "string", "description": "The type of geographical area you want AWS WAF to search for. Currently Country is the only valid value.\n" }, "value": { "type": "string", "description": "The country that you want AWS WAF to search for.\nThis is the two-letter country code, e.g., `US`, `CA`, `RU`, `CN`, etc.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchConstraint.html) for all supported values.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor": { "properties": { "type": { "type": "string", "description": "The string like IPV4 or IPV6.\n" }, "value": { "type": "string", "description": "The CIDR notation.\n" } }, "type": "object", "required": [ "type", "value" ] }, "aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate": { "properties": { "dataId": { "type": "string", "description": "A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.\n" }, "negated": { "type": "boolean", "description": "Set this to `false` if you want to allow, block, or count requests\nbased on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`.\nFor example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.\nIf set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`.\n" }, "type": { "type": "string", "description": "The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`.\n" } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch", "description": "The part of a web request that you want to search, such as a specified header or a query string.\n" }, "regexPatternSetId": { "type": "string", "description": "The ID of a Regex Pattern Set.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "regexPatternSetId", "textTransformation" ] }, "aws:wafregional/RegexMatchSetRegexMatchTupleFieldToMatch:RegexMatchSetRegexMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule": { "properties": { "action": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction", "description": "Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.\n" }, "priority": { "type": "integer", "description": "Specifies the order in which the rules are evaluated. Rules with a lower value are evaluated before rules with a higher value.\n" }, "ruleId": { "type": "string", "description": "The ID of a rule\n" }, "type": { "type": "string" } }, "type": "object", "required": [ "action", "priority", "ruleId" ] }, "aws:wafregional/RuleGroupActivatedRuleAction:RuleGroupActivatedRuleAction": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/RulePredicate:RulePredicate": { "properties": { "dataId": { "type": "string" }, "negated": { "type": "boolean" }, "type": { "type": "string" } }, "type": "object", "required": [ "dataId", "negated", "type" ] }, "aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint": { "properties": { "comparisonOperator": { "type": "string", "description": "The type of comparison you want to perform.\ne.g., `EQ`, `NE`, `LT`, `GT`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for all supported values.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch", "description": "Specifies where in a web request to look for the size constraint.\n" }, "size": { "type": "integer", "description": "The size in bytes that you want to compare against the size of the specified `field_to_match`.\nValid values are between 0 - 21474836480 bytes (0 - 20 GB).\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-TextTransformation)\nfor all supported values.\n**Note:** if you choose `BODY` as `type`, you must choose `NONE` because CloudFront forwards only the first 8192 bytes for inspection.\n" } }, "type": "object", "required": [ "comparisonOperator", "fieldToMatch", "size", "textTransformation" ] }, "aws:wafregional/SizeConstraintSetSizeConstraintFieldToMatch:SizeConstraintSetSizeConstraintFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for snippets of malicious SQL code.\n" }, "textTransformation": { "type": "string", "description": "Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.\nIf you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.\ne.g., `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_regional_SqlInjectionMatchTuple.html#WAF-Type-regional_SqlInjectionMatchTuple-TextTransformation)\nfor all supported values.\n" } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch:SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When `type` is `HEADER`, enter the name of the header that you want to search, e.g., `User-Agent` or `Referer`.\nIf `type` is any other value, omit this field.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified string.\ne.g., `HEADER`, `METHOD` or `BODY`.\nSee [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_regional_FieldToMatch.html)\nfor all supported values.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclDefaultAction:WebAclDefaultAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a ruleE.g., `ALLOW`, `BLOCK` or `COUNT`\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration": { "properties": { "logDestination": { "type": "string", "description": "Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream\n" }, "redactedFields": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields", "description": "Configuration block containing parts of the request that you want redacted from the logs. Detailed below.\n" } }, "type": "object", "required": [ "logDestination" ] }, "aws:wafregional/WebAclLoggingConfigurationRedactedFields:WebAclLoggingConfigurationRedactedFields": { "properties": { "fieldToMatches": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch" }, "description": "Set of configuration blocks for fields to redact. Detailed below.\n" } }, "type": "object", "required": [ "fieldToMatches" ] }, "aws:wafregional/WebAclLoggingConfigurationRedactedFieldsFieldToMatch:WebAclLoggingConfigurationRedactedFieldsFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified stringE.g., `HEADER` or `METHOD`\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclRule:WebAclRule": { "properties": { "action": { "$ref": "#/types/aws:wafregional/WebAclRuleAction:WebAclRuleAction", "description": "Configuration block of the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if `type` is `GROUP`. Detailed below.\n" }, "overrideAction": { "$ref": "#/types/aws:wafregional/WebAclRuleOverrideAction:WebAclRuleOverrideAction", "description": "Configuration block of the override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if `type` is `GROUP`. Detailed below.\n" }, "priority": { "type": "integer", "description": "Specifies the order in which the rules in a WebACL are evaluated.\nRules with a lower value are evaluated before rules with a higher value.\n" }, "ruleId": { "type": "string", "description": "ID of the associated WAF (Regional) rule (e.g., `aws.wafregional.Rule`). WAF (Global) rules cannot be used.\n" }, "type": { "type": "string", "description": "The rule type, either `REGULAR`, as defined by [Rule](http://docs.aws.amazon.com/waf/latest/APIReference/API_Rule.html), `RATE_BASED`, as defined by [RateBasedRule](http://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedRule.html), or `GROUP`, as defined by [RuleGroup](https://docs.aws.amazon.com/waf/latest/APIReference/API_RuleGroup.html). The default is REGULAR. If you add a RATE_BASED rule, you need to set `type` as `RATE_BASED`. If you add a GROUP rule, you need to set `type` as `GROUP`.\n" } }, "type": "object", "required": [ "priority", "ruleId" ] }, "aws:wafregional/WebAclRuleAction:WebAclRuleAction": { "properties": { "type": { "type": "string", "description": "Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for `action` are `ALLOW`, `BLOCK` or `COUNT`. Valid values for `override_action` are `COUNT` and `NONE`.\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/WebAclRuleOverrideAction:WebAclRuleOverrideAction": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch", "description": "Specifies where in a web request to look for cross-site scripting attacks.\n" }, "textTransformation": { "type": "string", "description": "Which text transformation, if any, to perform on the web request before inspecting the request for cross-site scripting attacks.\n" } }, "type": "object", "required": [ "fieldToMatch", "textTransformation" ] }, "aws:wafregional/XssMatchSetXssMatchTupleFieldToMatch:XssMatchSetXssMatchTupleFieldToMatch": { "properties": { "data": { "type": "string", "description": "When the value of `type` is `HEADER`, enter the name of the header that you want the WAF to search, for example, `User-Agent` or `Referer`. If the value of `type` is any other value, omit `data`.\n" }, "type": { "type": "string", "description": "The part of the web request that you want AWS WAF to search for a specified stringE.g., `HEADER` or `METHOD`\n" } }, "type": "object", "required": [ "type" ] }, "aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression": { "properties": { "regexString": { "type": "string", "description": "The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information.\n" } }, "type": "object", "required": [ "regexString" ] }, "aws:wafv2/RuleGroupCustomResponseBody:RuleGroupCustomResponseBody": { "properties": { "content": { "type": "string", "description": "The payload of the custom response.\n" }, "contentType": { "type": "string", "description": "The type of content in the payload that you are defining in the `content` argument. Valid values are `TEXT_PLAIN`, `TEXT_HTML`, or `APPLICATION_JSON`.\n" }, "key": { "type": "string", "description": "A unique key identifying the custom response body. This is referenced by the `custom_response_body_key` argument in the Custom Response block.\n" } }, "type": "object", "required": [ "content", "contentType", "key" ] }, "aws:wafv2/RuleGroupRule:RuleGroupRule": { "properties": { "action": { "$ref": "#/types/aws:wafv2/RuleGroupRuleAction:RuleGroupRuleAction", "description": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the `aws.wafv2.WebAcl` level can override the rule action setting. See Action below for details.\n" }, "captchaConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleCaptchaConfig:RuleGroupRuleCaptchaConfig", "description": "Specifies how AWS WAF should handle CAPTCHA evaluations. See Captcha Configuration below for details.\n" }, "name": { "type": "string", "description": "A friendly name of the rule.\n" }, "priority": { "type": "integer", "description": "If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the `rules` in order based on the value of `priority`. AWS WAF processes rules with lower priority first.\n" }, "ruleLabels": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleRuleLabel:RuleGroupRuleRuleLabel" }, "description": "Labels to apply to web requests that match the rule match statement. See Rule Label below for details.\n" }, "statement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement", "description": "The AWS WAF processing statement for the rule, for example `byte_match_statement` or `geo_match_statement`. See Statement below for details.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleVisibilityConfig:RuleGroupRuleVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See Visibility Configuration below for details.\n" } }, "type": "object", "required": [ "action", "name", "priority", "statement", "visibilityConfig" ] }, "aws:wafv2/RuleGroupRuleAction:RuleGroupRuleAction": { "properties": { "allow": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionAllow:RuleGroupRuleActionAllow", "description": "Instructs AWS WAF to allow the web request. See Allow below for details.\n" }, "block": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionBlock:RuleGroupRuleActionBlock", "description": "Instructs AWS WAF to block the web request. See Block below for details.\n" }, "captcha": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCaptcha:RuleGroupRuleActionCaptcha", "description": "Instructs AWS WAF to run a `CAPTCHA` check against the web request. See Captcha below for details.\n" }, "challenge": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionChallenge:RuleGroupRuleActionChallenge", "description": "Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See Challenge below for details.\n" }, "count": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCount:RuleGroupRuleActionCount", "description": "Instructs AWS WAF to count the web request and allow it. See Count below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionAllow:RuleGroupRuleActionAllow": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionAllowCustomRequestHandling:RuleGroupRuleActionAllowCustomRequestHandling", "description": "Defines custom handling for the web request. See Custom Request Handling below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionAllowCustomRequestHandling:RuleGroupRuleActionAllowCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionAllowCustomRequestHandlingInsertHeader:RuleGroupRuleActionAllowCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/RuleGroupRuleActionAllowCustomRequestHandlingInsertHeader:RuleGroupRuleActionAllowCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "value": { "type": "string", "description": "The value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/RuleGroupRuleActionBlock:RuleGroupRuleActionBlock": { "properties": { "customResponse": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionBlockCustomResponse:RuleGroupRuleActionBlockCustomResponse", "description": "Defines a custom response for the web request. See Custom Response below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionBlockCustomResponse:RuleGroupRuleActionBlockCustomResponse": { "properties": { "customResponseBodyKey": { "type": "string", "description": "References the response body that you want AWS WAF to return to the web request client. This must reference a `key` defined in a `custom_response_body` block of this resource.\n" }, "responseCode": { "type": "integer", "description": "The HTTP status code to return to the client.\n" }, "responseHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionBlockCustomResponseResponseHeader:RuleGroupRuleActionBlockCustomResponseResponseHeader" }, "description": "The `response_header` blocks used to define the HTTP response headers added to the response. See Custom HTTP Header below for details.\n" } }, "type": "object", "required": [ "responseCode" ] }, "aws:wafv2/RuleGroupRuleActionBlockCustomResponseResponseHeader:RuleGroupRuleActionBlockCustomResponseResponseHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "value": { "type": "string", "description": "The value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/RuleGroupRuleActionCaptcha:RuleGroupRuleActionCaptcha": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCaptchaCustomRequestHandling:RuleGroupRuleActionCaptchaCustomRequestHandling", "description": "Defines custom handling for the web request. See Custom Request Handling below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionCaptchaCustomRequestHandling:RuleGroupRuleActionCaptchaCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCaptchaCustomRequestHandlingInsertHeader:RuleGroupRuleActionCaptchaCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/RuleGroupRuleActionCaptchaCustomRequestHandlingInsertHeader:RuleGroupRuleActionCaptchaCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "value": { "type": "string", "description": "The value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/RuleGroupRuleActionChallenge:RuleGroupRuleActionChallenge": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionChallengeCustomRequestHandling:RuleGroupRuleActionChallengeCustomRequestHandling", "description": "Defines custom handling for the web request. See Custom Request Handling below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionChallengeCustomRequestHandling:RuleGroupRuleActionChallengeCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionChallengeCustomRequestHandlingInsertHeader:RuleGroupRuleActionChallengeCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/RuleGroupRuleActionChallengeCustomRequestHandlingInsertHeader:RuleGroupRuleActionChallengeCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "value": { "type": "string", "description": "The value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/RuleGroupRuleActionCount:RuleGroupRuleActionCount": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCountCustomRequestHandling:RuleGroupRuleActionCountCustomRequestHandling", "description": "Defines custom handling for the web request. See Custom Request Handling below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleActionCountCustomRequestHandling:RuleGroupRuleActionCountCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleActionCountCustomRequestHandlingInsertHeader:RuleGroupRuleActionCountCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/RuleGroupRuleActionCountCustomRequestHandlingInsertHeader:RuleGroupRuleActionCountCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "value": { "type": "string", "description": "The value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/RuleGroupRuleCaptchaConfig:RuleGroupRuleCaptchaConfig": { "properties": { "immunityTimeProperty": { "$ref": "#/types/aws:wafv2/RuleGroupRuleCaptchaConfigImmunityTimeProperty:RuleGroupRuleCaptchaConfigImmunityTimeProperty", "description": "Defines custom immunity time. See Immunity Time Property below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleCaptchaConfigImmunityTimeProperty:RuleGroupRuleCaptchaConfigImmunityTimeProperty": { "properties": { "immunityTime": { "type": "integer", "description": "The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleRuleLabel:RuleGroupRuleRuleLabel": { "properties": { "name": { "type": "string", "description": "The label string.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement": { "properties": { "andStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementAndStatement:RuleGroupRuleStatementAndStatement", "description": "A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.\n" }, "byteMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatement:RuleGroupRuleStatementByteMatchStatement", "description": "A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.\n" }, "geoMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementGeoMatchStatement:RuleGroupRuleStatementGeoMatchStatement", "description": "A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.\n" }, "ipSetReferenceStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementIpSetReferenceStatement:RuleGroupRuleStatementIpSetReferenceStatement", "description": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.\n" }, "labelMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementLabelMatchStatement:RuleGroupRuleStatementLabelMatchStatement", "description": "A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.\n" }, "notStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementNotStatement:RuleGroupRuleStatementNotStatement", "description": "A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.\n" }, "orStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementOrStatement:RuleGroupRuleStatementOrStatement", "description": "A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.\n" }, "rateBasedStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatement:RuleGroupRuleStatementRateBasedStatement", "description": "A rate-based rule tracks the rate of requests for each originating `IP address`, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any `5-minute` time span. This statement can not be nested. See Rate Based Statement below for details.\n" }, "regexMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatement:RuleGroupRuleStatementRegexMatchStatement", "description": "A rule statement used to search web request components for a match against a single regular expression. See Regex Match Statement below for details.\n" }, "regexPatternSetReferenceStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatement:RuleGroupRuleStatementRegexPatternSetReferenceStatement", "description": "A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.\n" }, "sizeConstraintStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatement:RuleGroupRuleStatementSizeConstraintStatement", "description": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). See Size Constraint Statement below for more details.\n" }, "sqliMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatement:RuleGroupRuleStatementSqliMatchStatement", "description": "An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.\n" }, "xssMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatement:RuleGroupRuleStatementXssMatchStatement", "description": "A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementAndStatement:RuleGroupRuleStatementAndStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatement:RuleGroupRuleStatementByteMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatch:RuleGroupRuleStatementByteMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "positionalConstraint": { "type": "string", "description": "The area within the portion of a web request that you want AWS WAF to search for `search_string`. Valid values include the following: `EXACTLY`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CONTAINS_WORD`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchStatement.html) for more information.\n" }, "searchString": { "type": "string", "description": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `field_to_match`. The maximum length of the value is 50 bytes.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementTextTransformation:RuleGroupRuleStatementByteMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "positionalConstraint", "searchString", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatch:RuleGroupRuleStatementByteMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchBody:RuleGroupRuleStatementByteMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookies:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeader:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchMethod:RuleGroupRuleStatementByteMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementByteMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementByteMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchBody:RuleGroupRuleStatementByteMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookies:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeader:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementByteMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchMethod:RuleGroupRuleStatementByteMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementByteMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementByteMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementByteMatchStatementTextTransformation:RuleGroupRuleStatementByteMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementGeoMatchStatement:RuleGroupRuleStatementGeoMatchStatement": { "properties": { "countryCodes": { "type": "array", "items": { "type": "string" }, "description": "An array of two-character country codes, for example, [ \"US\", \"CN\" ], from the alpha-2 country ISO codes of the `ISO 3166` international standard. See the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html) for valid values.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementGeoMatchStatementForwardedIpConfig:RuleGroupRuleStatementGeoMatchStatementForwardedIpConfig", "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.\n" } }, "type": "object", "required": [ "countryCodes" ] }, "aws:wafv2/RuleGroupRuleStatementGeoMatchStatementForwardedIpConfig:RuleGroupRuleStatementGeoMatchStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "The name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/RuleGroupRuleStatementIpSetReferenceStatement:RuleGroupRuleStatementIpSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP Set that this statement references.\n" }, "ipSetForwardedIpConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig:RuleGroupRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig", "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/RuleGroupRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig:RuleGroupRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "The name of the HTTP header to use for the IP address.\n" }, "position": { "type": "string", "description": "The position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName", "position" ] }, "aws:wafv2/RuleGroupRuleStatementLabelMatchStatement:RuleGroupRuleStatementLabelMatchStatement": { "properties": { "key": { "type": "string", "description": "The string to match against.\n" }, "scope": { "type": "string", "description": "Specify whether you want to match using the label name or just the namespace. Valid values are `LABEL` or `NAMESPACE`.\n" } }, "type": "object", "required": [ "key", "scope" ] }, "aws:wafv2/RuleGroupRuleStatementNotStatement:RuleGroupRuleStatementNotStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementOrStatement:RuleGroupRuleStatementOrStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatement:RuleGroupRuleStatementRateBasedStatement": { "properties": { "aggregateKeyType": { "type": "string", "description": "Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `CUSTOM_KEYS`, `FORWARDED_IP` or `IP`. Default: `IP`.\n" }, "customKeys": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKey:RuleGroupRuleStatementRateBasedStatementCustomKey" }, "description": "Aggregate the request counts using one or more web request components as the aggregate keys. See `custom_key` below for details.\n" }, "evaluationWindowSec": { "type": "integer", "description": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. Valid values are `60`, `120`, `300`, and `600`. Defaults to `300` (5 minutes).\n\n**NOTE:** This setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementForwardedIpConfig", "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. If `aggregate_key_type` is set to `FORWARDED_IP`, this block is required. See Forwarded IP Config below for details.\n" }, "limit": { "type": "integer", "description": "The limit on requests per 5-minute period for a single originating IP address.\n" }, "scopeDownStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatement", "description": "An optional nested statement that narrows the scope of the rate-based statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See Statement above for details. If `aggregate_key_type` is set to `CONSTANT`, this block is required.\n" } }, "type": "object", "required": [ "limit" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKey:RuleGroupRuleStatementRateBasedStatementCustomKey": { "properties": { "cookie": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyCookie:RuleGroupRuleStatementRateBasedStatementCustomKeyCookie", "description": "(Optional) Use the value of a cookie in the request as an aggregate key. See RateLimit `cookie` below for details.\n" }, "forwardedIp": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp:RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp", "description": "(Optional) Use the first IP address in an HTTP header as an aggregate key. See `forwarded_ip` below for details.\n" }, "header": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHeader:RuleGroupRuleStatementRateBasedStatementCustomKeyHeader", "description": "(Optional) Use the value of a header in the request as an aggregate key. See RateLimit `header` below for details.\n" }, "httpMethod": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod:RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod", "description": "(Optional) Use the request's HTTP method as an aggregate key. See RateLimit `http_method` below for details.\n" }, "ip": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyIp:RuleGroupRuleStatementRateBasedStatementCustomKeyIp", "description": "(Optional) Use the request's originating IP address as an aggregate key. See `RateLimit ip` below for details.\n" }, "labelNamespace": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace:RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace", "description": "(Optional) Use the specified label namespace as an aggregate key. See RateLimit `label_namespace` below for details.\n" }, "queryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument", "description": "(Optional) Use the specified query argument as an aggregate key. See RateLimit `query_argument` below for details.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString", "description": "(Optional) Use the request's query string as an aggregate key. See RateLimit `query_string` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath:RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath", "description": "(Optional) Use the request's URI path as an aggregate key. See RateLimit `uri_path` below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyCookie:RuleGroupRuleStatementRateBasedStatementCustomKeyCookie": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See Text Transformation above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp:RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHeader:RuleGroupRuleStatementRateBasedStatementCustomKeyHeader": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See Text Transformation above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod:RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyIp:RuleGroupRuleStatementRateBasedStatementCustomKeyIp": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace:RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace": { "properties": { "namespace": { "type": "string", "description": "The namespace to use for aggregation\n" } }, "type": "object", "required": [ "namespace" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument": { "properties": { "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See Text Transformation above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString": { "properties": { "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See Text Transformation above for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath:RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath": { "properties": { "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See Text Transformation above for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation:RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "The name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatement": { "properties": { "andStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementAndStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementAndStatement", "description": "A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.\n" }, "byteMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement", "description": "A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.\n" }, "geoMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement", "description": "A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.\n" }, "ipSetReferenceStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement", "description": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.\n" }, "labelMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement", "description": "A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.\n" }, "notStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementNotStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementNotStatement", "description": "A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.\n" }, "orStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementOrStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementOrStatement", "description": "A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.\n" }, "regexMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement", "description": "A rule statement used to search web request components for a match against a single regular expression. See Regex Match Statement below for details.\n" }, "regexPatternSetReferenceStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement", "description": "A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.\n" }, "sizeConstraintStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement", "description": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). See Size Constraint Statement below for more details.\n" }, "sqliMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement", "description": "An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.\n" }, "xssMatchStatement": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement", "description": "A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementAndStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementAndStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "positionalConstraint": { "type": "string", "description": "The area within the portion of a web request that you want AWS WAF to search for `search_string`. Valid values include the following: `EXACTLY`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CONTAINS_WORD`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchStatement.html) for more information.\n" }, "searchString": { "type": "string", "description": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `field_to_match`. The maximum length of the value is 50 bytes.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "positionalConstraint", "searchString", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement": { "properties": { "countryCodes": { "type": "array", "items": { "type": "string" }, "description": "An array of two-character country codes, for example, [ \"US\", \"CN\" ], from the alpha-2 country ISO codes of the `ISO 3166` international standard. See the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html) for valid values.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig", "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.\n" } }, "type": "object", "required": [ "countryCodes" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "The name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP Set that this statement references.\n" }, "ipSetForwardedIpConfig": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig", "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:RuleGroupRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "The name of the HTTP header to use for the IP address.\n" }, "position": { "type": "string", "description": "The position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName", "position" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement": { "properties": { "key": { "type": "string", "description": "The string to match against.\n" }, "scope": { "type": "string", "description": "Specify whether you want to match using the label name or just the namespace. Valid values are `LABEL` or `NAMESPACE`.\n" } }, "type": "object", "required": [ "key", "scope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementNotStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementNotStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementOrStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementOrStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatement:RuleGroupRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "regexString": { "type": "string", "description": "The string representing the regular expression. **Note:** The fixed quota for the maximum number of characters in each regex pattern is 200, which can't be changed. See [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "regexString", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Regex Pattern Set that this statement references.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "arn", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement": { "properties": { "comparisonOperator": { "type": "string", "description": "The operator to use to compare the request part to the size setting. Valid values include: `EQ`, `NE`, `LE`, `LT`, `GE`, or `GT`.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "size": { "type": "integer", "description": "The size, in bytes, to compare to the request part, after any transformations. Valid values are integers between 0 and 21474836480, inclusive.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "comparisonOperator", "size", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "sensitivityLevel": { "type": "string", "description": "Sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. Valid values include: `LOW`, `HIGH`.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation:RuleGroupRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatement:RuleGroupRuleStatementRegexMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatch:RuleGroupRuleStatementRegexMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "regexString": { "type": "string", "description": "The string representing the regular expression. **Note:** The fixed quota for the maximum number of characters in each regex pattern is 200, which can't be changed. See [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementTextTransformation:RuleGroupRuleStatementRegexMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "regexString", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatch:RuleGroupRuleStatementRegexMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchBody:RuleGroupRuleStatementRegexMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRegexMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRegexMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRegexMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchBody:RuleGroupRuleStatementRegexMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookies:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeader:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRegexMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchMethod:RuleGroupRuleStatementRegexMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementRegexMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementRegexMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexMatchStatementTextTransformation:RuleGroupRuleStatementRegexMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatement:RuleGroupRuleStatementRegexPatternSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Regex Pattern Set that this statement references.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatch:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformation:RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "arn", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatch:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformation:RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatement:RuleGroupRuleStatementSizeConstraintStatement": { "properties": { "comparisonOperator": { "type": "string", "description": "The operator to use to compare the request part to the size setting. Valid values include: `EQ`, `NE`, `LE`, `LT`, `GE`, or `GT`.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatch:RuleGroupRuleStatementSizeConstraintStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "size": { "type": "integer", "description": "The size, in bytes, to compare to the request part, after any transformations. Valid values are integers between 0 and 21474836480, inclusive.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementTextTransformation:RuleGroupRuleStatementSizeConstraintStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "comparisonOperator", "size", "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatch:RuleGroupRuleStatementSizeConstraintStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchBody:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookies:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeader:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBody:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchMethod:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchQueryString:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleHeader:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchUriPath:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchBody:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookies:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeader:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBody:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchMethod:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchQueryString:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleHeader:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementFieldToMatchUriPath:RuleGroupRuleStatementSizeConstraintStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSizeConstraintStatementTextTransformation:RuleGroupRuleStatementSizeConstraintStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatement:RuleGroupRuleStatementSqliMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatch:RuleGroupRuleStatementSqliMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "sensitivityLevel": { "type": "string", "description": "Sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. Valid values include: `LOW`, `HIGH`.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementTextTransformation:RuleGroupRuleStatementSqliMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatch:RuleGroupRuleStatementSqliMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchBody:RuleGroupRuleStatementSqliMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookies:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeader:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchMethod:RuleGroupRuleStatementSqliMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementSqliMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementSqliMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchBody:RuleGroupRuleStatementSqliMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookies:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeader:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementSqliMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchMethod:RuleGroupRuleStatementSqliMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementSqliMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementSqliMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementSqliMatchStatementTextTransformation:RuleGroupRuleStatementSqliMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatement:RuleGroupRuleStatementXssMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatch:RuleGroupRuleStatementXssMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementTextTransformation:RuleGroupRuleStatementXssMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.\nAt least one required.\nSee Text Transformation below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatch:RuleGroupRuleStatementXssMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementXssMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchBody:RuleGroupRuleStatementXssMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookies:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See Cookies below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect the request headers. See Header Order below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeader:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See Headers below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint" }, "jsonBody": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See JSON Body for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchMethod:RuleGroupRuleStatementXssMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementXssMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See Single Header below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See Single Query Argument below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementXssMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchAllQueryArguments:RuleGroupRuleStatementXssMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchBody:RuleGroupRuleStatementXssMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookies:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeader:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderOrder:RuleGroupRuleStatementXssMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint:RuleGroupRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBody:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:RuleGroupRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchMethod:RuleGroupRuleStatementXssMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchQueryString:RuleGroupRuleStatementXssMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleHeader:RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument:RuleGroupRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementFieldToMatchUriPath:RuleGroupRuleStatementXssMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/RuleGroupRuleStatementXssMatchStatementTextTransformation:RuleGroupRuleStatementXssMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/RuleGroupRuleVisibilityConfig:RuleGroupRuleVisibilityConfig": { "properties": { "cloudwatchMetricsEnabled": { "type": "boolean", "description": "A boolean indicating whether the associated resource sends metrics to CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics).\n" }, "metricName": { "type": "string", "description": "A friendly name of the CloudWatch metric. The name can contain only alphanumeric characters (A-Z, a-z, 0-9) hyphen(-) and underscore (_), with length from one to 128 characters. It can't contain whitespace or metric names reserved for AWS WAF, for example `All` and `Default_Action`.\n" }, "sampledRequestsEnabled": { "type": "boolean", "description": "A boolean indicating whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n" } }, "type": "object", "required": [ "cloudwatchMetricsEnabled", "metricName", "sampledRequestsEnabled" ] }, "aws:wafv2/RuleGroupVisibilityConfig:RuleGroupVisibilityConfig": { "properties": { "cloudwatchMetricsEnabled": { "type": "boolean", "description": "A boolean indicating whether the associated resource sends metrics to CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics).\n" }, "metricName": { "type": "string", "description": "A friendly name of the CloudWatch metric. The name can contain only alphanumeric characters (A-Z, a-z, 0-9) hyphen(-) and underscore (_), with length from one to 128 characters. It can't contain whitespace or metric names reserved for AWS WAF, for example `All` and `Default_Action`.\n" }, "sampledRequestsEnabled": { "type": "boolean", "description": "A boolean indicating whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n" } }, "type": "object", "required": [ "cloudwatchMetricsEnabled", "metricName", "sampledRequestsEnabled" ] }, "aws:wafv2/WebAclAssociationConfig:WebAclAssociationConfig": { "properties": { "requestBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBody:WebAclAssociationConfigRequestBody" }, "description": "Customizes the request body that your protected resource forward to AWS WAF for inspection. See `request_body` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclAssociationConfigRequestBody:WebAclAssociationConfigRequestBody": { "properties": { "apiGateways": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBodyApiGateway:WebAclAssociationConfigRequestBodyApiGateway" }, "description": "Customizes the request body that your protected Amazon API Gateway REST APIs forward to AWS WAF for inspection. Applicable only when `scope` is set to `CLOUDFRONT`. See `api_gateway` below for details.\n" }, "appRunnerServices": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBodyAppRunnerService:WebAclAssociationConfigRequestBodyAppRunnerService" }, "description": "Customizes the request body that your protected Amazon App Runner services forward to AWS WAF for inspection. Applicable only when `scope` is set to `REGIONAL`. See `app_runner_service` below for details.\n" }, "cloudfronts": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBodyCloudfront:WebAclAssociationConfigRequestBodyCloudfront" }, "description": "Customizes the request body that your protected Amazon CloudFront distributions forward to AWS WAF for inspection. Applicable only when `scope` is set to `REGIONAL`. See `cloudfront` below for details.\n" }, "cognitoUserPools": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBodyCognitoUserPool:WebAclAssociationConfigRequestBodyCognitoUserPool" }, "description": "Customizes the request body that your protected Amazon Cognito user pools forward to AWS WAF for inspection. Applicable only when `scope` is set to `REGIONAL`. See `cognito_user_pool` below for details.\n" }, "verifiedAccessInstances": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfigRequestBodyVerifiedAccessInstance:WebAclAssociationConfigRequestBodyVerifiedAccessInstance" }, "description": "Customizes the request body that your protected AWS Verfied Access instances forward to AWS WAF for inspection. Applicable only when `scope` is set to `REGIONAL`. See `verified_access_instance` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclAssociationConfigRequestBodyApiGateway:WebAclAssociationConfigRequestBodyApiGateway": { "properties": { "defaultSizeInspectionLimit": { "type": "string", "description": "Specifies the maximum size of the web request body component that an associated Amazon API Gateway REST APIs should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are `KB_16`, `KB_32`, `KB_48` and `KB_64`.\n" } }, "type": "object", "required": [ "defaultSizeInspectionLimit" ] }, "aws:wafv2/WebAclAssociationConfigRequestBodyAppRunnerService:WebAclAssociationConfigRequestBodyAppRunnerService": { "properties": { "defaultSizeInspectionLimit": { "type": "string", "description": "Specifies the maximum size of the web request body component that an associated Amazon App Runner services should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are `KB_16`, `KB_32`, `KB_48` and `KB_64`.\n" } }, "type": "object", "required": [ "defaultSizeInspectionLimit" ] }, "aws:wafv2/WebAclAssociationConfigRequestBodyCloudfront:WebAclAssociationConfigRequestBodyCloudfront": { "properties": { "defaultSizeInspectionLimit": { "type": "string", "description": "Specifies the maximum size of the web request body component that an associated Amazon CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are `KB_16`, `KB_32`, `KB_48` and `KB_64`.\n" } }, "type": "object", "required": [ "defaultSizeInspectionLimit" ] }, "aws:wafv2/WebAclAssociationConfigRequestBodyCognitoUserPool:WebAclAssociationConfigRequestBodyCognitoUserPool": { "properties": { "defaultSizeInspectionLimit": { "type": "string", "description": "Specifies the maximum size of the web request body component that an associated Amazon Cognito user pools should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are `KB_16`, `KB_32`, `KB_48` and `KB_64`.\n" } }, "type": "object", "required": [ "defaultSizeInspectionLimit" ] }, "aws:wafv2/WebAclAssociationConfigRequestBodyVerifiedAccessInstance:WebAclAssociationConfigRequestBodyVerifiedAccessInstance": { "properties": { "defaultSizeInspectionLimit": { "type": "string", "description": "Specifies the maximum size of the web request body component that an associated AWS Verified Access instances should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are `KB_16`, `KB_32`, `KB_48` and `KB_64`.\n" } }, "type": "object", "required": [ "defaultSizeInspectionLimit" ] }, "aws:wafv2/WebAclCaptchaConfig:WebAclCaptchaConfig": { "properties": { "immunityTimeProperty": { "$ref": "#/types/aws:wafv2/WebAclCaptchaConfigImmunityTimeProperty:WebAclCaptchaConfigImmunityTimeProperty", "description": "Defines custom immunity time. See `immunity_time_property` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclCaptchaConfigImmunityTimeProperty:WebAclCaptchaConfigImmunityTimeProperty": { "properties": { "immunityTime": { "type": "integer", "description": "The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.\n" } }, "type": "object" }, "aws:wafv2/WebAclChallengeConfig:WebAclChallengeConfig": { "properties": { "immunityTimeProperty": { "$ref": "#/types/aws:wafv2/WebAclChallengeConfigImmunityTimeProperty:WebAclChallengeConfigImmunityTimeProperty", "description": "Defines custom immunity time. See `immunity_time_property` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclChallengeConfigImmunityTimeProperty:WebAclChallengeConfigImmunityTimeProperty": { "properties": { "immunityTime": { "type": "integer", "description": "The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.\n" } }, "type": "object" }, "aws:wafv2/WebAclCustomResponseBody:WebAclCustomResponseBody": { "properties": { "content": { "type": "string", "description": "Payload of the custom response.\n" }, "contentType": { "type": "string", "description": "Type of content in the payload that you are defining in the `content` argument. Valid values are `TEXT_PLAIN`, `TEXT_HTML`, or `APPLICATION_JSON`.\n" }, "key": { "type": "string", "description": "Unique key identifying the custom response body. This is referenced by the `custom_response_body_key` argument in the `custom_response` block.\n" } }, "type": "object", "required": [ "content", "contentType", "key" ] }, "aws:wafv2/WebAclDefaultAction:WebAclDefaultAction": { "properties": { "allow": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionAllow:WebAclDefaultActionAllow", "description": "Specifies that AWS WAF should allow requests by default. See `allow` below for details.\n" }, "block": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionBlock:WebAclDefaultActionBlock", "description": "Specifies that AWS WAF should block requests by default. See `block` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclDefaultActionAllow:WebAclDefaultActionAllow": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionAllowCustomRequestHandling:WebAclDefaultActionAllowCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclDefaultActionAllowCustomRequestHandling:WebAclDefaultActionAllowCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionAllowCustomRequestHandlingInsertHeader:WebAclDefaultActionAllowCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclDefaultActionAllowCustomRequestHandlingInsertHeader:WebAclDefaultActionAllowCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclDefaultActionBlock:WebAclDefaultActionBlock": { "properties": { "customResponse": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionBlockCustomResponse:WebAclDefaultActionBlockCustomResponse", "description": "Defines a custom response for the web request. See `custom_response` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclDefaultActionBlockCustomResponse:WebAclDefaultActionBlockCustomResponse": { "properties": { "customResponseBodyKey": { "type": "string", "description": "References the response body that you want AWS WAF to return to the web request client. This must reference a `key` defined in a `custom_response_body` block of this resource.\n" }, "responseCode": { "type": "integer", "description": "The HTTP status code to return to the client.\n" }, "responseHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclDefaultActionBlockCustomResponseResponseHeader:WebAclDefaultActionBlockCustomResponseResponseHeader" }, "description": "The `response_header` blocks used to define the HTTP response headers added to the response. See `response_header` below for details.\n" } }, "type": "object", "required": [ "responseCode" ] }, "aws:wafv2/WebAclDefaultActionBlockCustomResponseResponseHeader:WebAclDefaultActionBlockCustomResponseResponseHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclLoggingConfigurationLoggingFilter:WebAclLoggingConfigurationLoggingFilter": { "properties": { "defaultBehavior": { "type": "string", "description": "Default handling for logs that don't match any of the specified filtering conditions. Valid values for `default_behavior` are `KEEP` or `DROP`.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilter:WebAclLoggingConfigurationLoggingFilterFilter" }, "description": "Filter(s) that you want to apply to the logs. See Filter below for more details.\n" } }, "type": "object", "required": [ "defaultBehavior", "filters" ] }, "aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilter:WebAclLoggingConfigurationLoggingFilterFilter": { "properties": { "behavior": { "type": "string", "description": "Parameter that determines how to handle logs that meet the conditions and requirements of the filter. The valid values for `behavior` are `KEEP` or `DROP`.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterCondition:WebAclLoggingConfigurationLoggingFilterFilterCondition" }, "description": "Match condition(s) for the filter. See Condition below for more details.\n" }, "requirement": { "type": "string", "description": "Logic to apply to the filtering conditions. You can specify that a log must match all conditions or at least one condition in order to satisfy the filter. Valid values for `requirement` are `MEETS_ALL` or `MEETS_ANY`.\n" } }, "type": "object", "required": [ "behavior", "conditions", "requirement" ] }, "aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterCondition:WebAclLoggingConfigurationLoggingFilterFilterCondition": { "properties": { "actionCondition": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterConditionActionCondition:WebAclLoggingConfigurationLoggingFilterFilterConditionActionCondition", "description": "Configuration for a single action condition. See Action Condition below for more details.\n" }, "labelNameCondition": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameCondition:WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameCondition", "description": "Condition for a single label name. See Label Name Condition below for more details.\n" } }, "type": "object" }, "aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterConditionActionCondition:WebAclLoggingConfigurationLoggingFilterFilterConditionActionCondition": { "properties": { "action": { "type": "string", "description": "Action setting that a log record must contain in order to meet the condition. Valid values for `action` are `ALLOW`, `BLOCK`, and `COUNT`.\n" } }, "type": "object", "required": [ "action" ] }, "aws:wafv2/WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameCondition:WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameCondition": { "properties": { "labelName": { "type": "string", "description": "Name of the label that a log record must contain in order to meet the condition. It must be a fully qualified label name, which includes a prefix, optional namespaces, and the label name itself. The prefix identifies the rule group or web ACL context of the rule that added the label.\n" } }, "type": "object", "required": [ "labelName" ] }, "aws:wafv2/WebAclLoggingConfigurationRedactedField:WebAclLoggingConfigurationRedactedField": { "properties": { "method": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedFieldMethod:WebAclLoggingConfigurationRedactedFieldMethod", "description": "HTTP method to be redacted. It must be specified as an empty configuration block `{}`. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedFieldQueryString:WebAclLoggingConfigurationRedactedFieldQueryString", "description": "Whether to redact the query string. It must be specified as an empty configuration block `{}`. The query string is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedFieldSingleHeader:WebAclLoggingConfigurationRedactedFieldSingleHeader", "description": "\"single_header\" refers to the redaction of a single header. For more information, please see the details below under Single Header.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedFieldUriPath:WebAclLoggingConfigurationRedactedFieldUriPath", "description": "Configuration block that redacts the request URI path. It should be specified as an empty configuration block `{}`. The URI path is the part of a web request that identifies a resource, such as `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclLoggingConfigurationRedactedFieldMethod:WebAclLoggingConfigurationRedactedFieldMethod": { "type": "object" }, "aws:wafv2/WebAclLoggingConfigurationRedactedFieldQueryString:WebAclLoggingConfigurationRedactedFieldQueryString": { "type": "object" }, "aws:wafv2/WebAclLoggingConfigurationRedactedFieldSingleHeader:WebAclLoggingConfigurationRedactedFieldSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to redact. This setting must be provided in lowercase characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclLoggingConfigurationRedactedFieldUriPath:WebAclLoggingConfigurationRedactedFieldUriPath": { "type": "object" }, "aws:wafv2/WebAclRule:WebAclRule": { "properties": { "action": { "$ref": "#/types/aws:wafv2/WebAclRuleAction:WebAclRuleAction", "description": "Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose **statements do not reference a rule group**. See `action` for details.\n" }, "captchaConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleCaptchaConfig:WebAclRuleCaptchaConfig", "description": "Specifies how AWS WAF should handle CAPTCHA evaluations. See `captcha_config` below for details.\n" }, "name": { "type": "string", "description": "Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern, `^ShieldMitigationRuleGroup_\u003caccount-id\u003e_\u003cweb-acl-guid\u003e_.*`, are AWS-added for [automatic application layer DDoS mitigation activities](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-automatic-app-layer-response-rg.html). Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.\n" }, "overrideAction": { "$ref": "#/types/aws:wafv2/WebAclRuleOverrideAction:WebAclRuleOverrideAction", "description": "Override action to apply to the rules in a rule group. Used only for rule **statements that reference a rule group**, like `rule_group_reference_statement` and `managed_rule_group_statement`. See `override_action` below for details.\n" }, "priority": { "type": "integer", "description": "If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the `rules` in order based on the value of `priority`. AWS WAF processes rules with lower priority first.\n" }, "ruleLabels": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleRuleLabel:WebAclRuleRuleLabel" }, "description": "Labels to apply to web requests that match the rule match statement. See `rule_label` below for details.\n" }, "statement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement", "description": "The AWS WAF processing statement for the rule, for example `byte_match_statement` or `geo_match_statement`. See `statement` below for details.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleVisibilityConfig:WebAclRuleVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.\n" } }, "type": "object", "required": [ "name", "priority", "statement", "visibilityConfig" ] }, "aws:wafv2/WebAclRuleAction:WebAclRuleAction": { "properties": { "allow": { "$ref": "#/types/aws:wafv2/WebAclRuleActionAllow:WebAclRuleActionAllow", "description": "Instructs AWS WAF to allow the web request. See `allow` below for details.\n" }, "block": { "$ref": "#/types/aws:wafv2/WebAclRuleActionBlock:WebAclRuleActionBlock", "description": "Instructs AWS WAF to block the web request. See `block` below for details.\n" }, "captcha": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCaptcha:WebAclRuleActionCaptcha", "description": "Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.\n" }, "challenge": { "$ref": "#/types/aws:wafv2/WebAclRuleActionChallenge:WebAclRuleActionChallenge", "description": "Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.\n" }, "count": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCount:WebAclRuleActionCount", "description": "Instructs AWS WAF to count the web request and allow it. See `count` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionAllow:WebAclRuleActionAllow": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleActionAllowCustomRequestHandling:WebAclRuleActionAllowCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionAllowCustomRequestHandling:WebAclRuleActionAllowCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleActionAllowCustomRequestHandlingInsertHeader:WebAclRuleActionAllowCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleActionAllowCustomRequestHandlingInsertHeader:WebAclRuleActionAllowCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleActionBlock:WebAclRuleActionBlock": { "properties": { "customResponse": { "$ref": "#/types/aws:wafv2/WebAclRuleActionBlockCustomResponse:WebAclRuleActionBlockCustomResponse", "description": "Defines a custom response for the web request. See `custom_response` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionBlockCustomResponse:WebAclRuleActionBlockCustomResponse": { "properties": { "customResponseBodyKey": { "type": "string", "description": "References the response body that you want AWS WAF to return to the web request client. This must reference a `key` defined in a `custom_response_body` block of this resource.\n" }, "responseCode": { "type": "integer", "description": "The HTTP status code to return to the client.\n" }, "responseHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleActionBlockCustomResponseResponseHeader:WebAclRuleActionBlockCustomResponseResponseHeader" }, "description": "The `response_header` blocks used to define the HTTP response headers added to the response. See `response_header` below for details.\n" } }, "type": "object", "required": [ "responseCode" ] }, "aws:wafv2/WebAclRuleActionBlockCustomResponseResponseHeader:WebAclRuleActionBlockCustomResponseResponseHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleActionCaptcha:WebAclRuleActionCaptcha": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCaptchaCustomRequestHandling:WebAclRuleActionCaptchaCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionCaptchaCustomRequestHandling:WebAclRuleActionCaptchaCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCaptchaCustomRequestHandlingInsertHeader:WebAclRuleActionCaptchaCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleActionCaptchaCustomRequestHandlingInsertHeader:WebAclRuleActionCaptchaCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleActionChallenge:WebAclRuleActionChallenge": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleActionChallengeCustomRequestHandling:WebAclRuleActionChallengeCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionChallengeCustomRequestHandling:WebAclRuleActionChallengeCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleActionChallengeCustomRequestHandlingInsertHeader:WebAclRuleActionChallengeCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleActionChallengeCustomRequestHandlingInsertHeader:WebAclRuleActionChallengeCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleActionCount:WebAclRuleActionCount": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCountCustomRequestHandling:WebAclRuleActionCountCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleActionCountCustomRequestHandling:WebAclRuleActionCountCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleActionCountCustomRequestHandlingInsertHeader:WebAclRuleActionCountCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleActionCountCustomRequestHandlingInsertHeader:WebAclRuleActionCountCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleCaptchaConfig:WebAclRuleCaptchaConfig": { "properties": { "immunityTimeProperty": { "$ref": "#/types/aws:wafv2/WebAclRuleCaptchaConfigImmunityTimeProperty:WebAclRuleCaptchaConfigImmunityTimeProperty", "description": "Defines custom immunity time. See `immunity_time_property` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleCaptchaConfigImmunityTimeProperty:WebAclRuleCaptchaConfigImmunityTimeProperty": { "properties": { "immunityTime": { "type": "integer", "description": "The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleOverrideAction:WebAclRuleOverrideAction": { "properties": { "count": { "$ref": "#/types/aws:wafv2/WebAclRuleOverrideActionCount:WebAclRuleOverrideActionCount", "description": "Override the rule action setting to count (i.e., only count matches). Configured as an empty block `{}`.\n" }, "none": { "$ref": "#/types/aws:wafv2/WebAclRuleOverrideActionNone:WebAclRuleOverrideActionNone", "description": "Don't override the rule action setting. Configured as an empty block `{}`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleOverrideActionCount:WebAclRuleOverrideActionCount": { "type": "object" }, "aws:wafv2/WebAclRuleOverrideActionNone:WebAclRuleOverrideActionNone": { "type": "object" }, "aws:wafv2/WebAclRuleRuleLabel:WebAclRuleRuleLabel": { "properties": { "name": { "type": "string", "description": "Label string.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatement:WebAclRuleStatement": { "properties": { "andStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementAndStatement:WebAclRuleStatementAndStatement", "description": "Logical rule statement used to combine other rule statements with AND logic. See `and_statement` below for details.\n" }, "byteMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatement:WebAclRuleStatementByteMatchStatement", "description": "Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byte_match_statement` below for details.\n" }, "geoMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementGeoMatchStatement:WebAclRuleStatementGeoMatchStatement", "description": "Rule statement used to identify web requests based on country of origin. See `geo_match_statement` below for details.\n" }, "ipSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementIpSetReferenceStatement:WebAclRuleStatementIpSetReferenceStatement", "description": "Rule statement used to detect web requests coming from particular IP addresses or address ranges. See `ip_set_reference_statement` below for details.\n" }, "labelMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementLabelMatchStatement:WebAclRuleStatementLabelMatchStatement", "description": "Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See `label_match_statement` below for details.\n" }, "managedRuleGroupStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatement:WebAclRuleStatementManagedRuleGroupStatement", "description": "Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See `managed_rule_group_statement` below for details.\n" }, "notStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementNotStatement:WebAclRuleStatementNotStatement", "description": "Logical rule statement used to negate the results of another rule statement. See `not_statement` below for details.\n" }, "orStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementOrStatement:WebAclRuleStatementOrStatement", "description": "Logical rule statement used to combine other rule statements with OR logic. See `or_statement` below for details.\n" }, "rateBasedStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatement:WebAclRuleStatementRateBasedStatement", "description": "Rate-based rule tracks the rate of requests for each originating `IP address`, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any `5-minute` time span. This statement can not be nested. See `rate_based_statement` below for details.\n" }, "regexMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatement:WebAclRuleStatementRegexMatchStatement", "description": "Rule statement used to search web request components for a match against a single regular expression. See `regex_match_statement` below for details.\n" }, "regexPatternSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatement:WebAclRuleStatementRegexPatternSetReferenceStatement", "description": "Rule statement used to search web request components for matches with regular expressions. See `regex_pattern_set_reference_statement` below for details.\n" }, "ruleGroupReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatement:WebAclRuleStatementRuleGroupReferenceStatement", "description": "Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See `rule_group_reference_statement` below for details.\n" }, "sizeConstraintStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatement:WebAclRuleStatementSizeConstraintStatement", "description": "Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). See `size_constraint_statement` below for more details.\n" }, "sqliMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatement:WebAclRuleStatementSqliMatchStatement", "description": "An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See `sqli_match_statement` below for details.\n" }, "xssMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatement:WebAclRuleStatementXssMatchStatement", "description": "Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See `xss_match_statement` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementAndStatement:WebAclRuleStatementAndStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatement:WebAclRuleStatementByteMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatch:WebAclRuleStatementByteMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "positionalConstraint": { "type": "string", "description": "Area within the portion of a web request that you want AWS WAF to search for `search_string`. Valid values include the following: `EXACTLY`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CONTAINS_WORD`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchStatement.html) for more information.\n" }, "searchString": { "type": "string", "description": "String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `field_to_match`. The maximum length of the value is 50 bytes.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementTextTransformation:WebAclRuleStatementByteMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "positionalConstraint", "searchString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatch:WebAclRuleStatementByteMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementByteMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementByteMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementByteMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementByteMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementByteMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementByteMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementByteMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementByteMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementByteMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementByteMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementByteMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementByteMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementByteMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementByteMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementByteMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementByteMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementByteMatchStatementTextTransformation:WebAclRuleStatementByteMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementGeoMatchStatement:WebAclRuleStatementGeoMatchStatement": { "properties": { "countryCodes": { "type": "array", "items": { "type": "string" }, "description": "Array of two-character country codes, for example, [ \"US\", \"CN\" ], from the alpha-2 country ISO codes of the `ISO 3166` international standard. See the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html) for valid values.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementGeoMatchStatementForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwarded_ip_config` below for details.\n" } }, "type": "object", "required": [ "countryCodes" ] }, "aws:wafv2/WebAclRuleStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementGeoMatchStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/WebAclRuleStatementIpSetReferenceStatement:WebAclRuleStatementIpSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP Set that this statement references.\n" }, "ipSetForwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `ip_set_forwarded_ip_config` below for more details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" }, "position": { "type": "string", "description": "Position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName", "position" ] }, "aws:wafv2/WebAclRuleStatementLabelMatchStatement:WebAclRuleStatementLabelMatchStatement": { "properties": { "key": { "type": "string", "description": "String to match against.\n" }, "scope": { "type": "string", "description": "Specify whether you want to match using the label name or just the namespace. Valid values are `LABEL` or `NAMESPACE`.\n" } }, "type": "object", "required": [ "key", "scope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatement:WebAclRuleStatementManagedRuleGroupStatement": { "properties": { "managedRuleGroupConfigs": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfig:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfig" }, "description": "Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See `managed_rule_group_configs` for more details\n" }, "name": { "type": "string", "description": "Name of the managed rule group.\n" }, "ruleActionOverrides": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverride:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverride" }, "description": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See `rule_action_override` below for details.\n" }, "scopeDownStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatement", "description": "Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See `statement` above for details.\n" }, "vendorName": { "type": "string", "description": "Name of the managed rule group vendor.\n" }, "version": { "type": "string", "description": "Version of the managed rule group. You can set `Version_1.0` or `Version_1.1` etc. If you want to use the default version, do not set anything.\n" } }, "type": "object", "required": [ "name", "vendorName" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfig:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfig": { "properties": { "awsManagedRulesAcfpRuleSet": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet", "description": "Additional configuration for using the Account Creation Fraud Prevention managed rule group. Use this to specify information such as the registration page of your application and the type of content to accept or reject from the client.\n" }, "awsManagedRulesAtpRuleSet": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet", "description": "Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.\n" }, "awsManagedRulesBotControlRuleSet": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSet", "description": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See `aws_managed_rules_bot_control_rule_set` for more details\n" }, "loginPath": { "type": "string", "description": "The path of the login endpoint for your application.\n" }, "passwordField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordField", "description": "Details about your login page password field. See `password_field` for more details.\n" }, "payloadType": { "type": "string", "description": "The payload type for your login endpoint, either JSON or form encoded.\n" }, "usernameField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameField", "description": "Details about your login page username field. See `username_field` for more details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet": { "properties": { "creationPath": { "type": "string", "description": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept POST requests.\n" }, "enableRegexInPath": { "type": "boolean", "description": "Whether or not to allow the use of regular expressions in the login page path.\n" }, "registrationPagePath": { "type": "string", "description": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users. This page must accept GET text/html requests.\n" }, "requestInspection": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection", "description": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See `request_inspection` for more details.\n" }, "responseInspection": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspection", "description": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See `response_inspection` for more details.\n" } }, "type": "object", "required": [ "creationPath", "registrationPagePath", "requestInspection" ], "language": { "nodejs": { "requiredOutputs": [ "creationPath", "enableRegexInPath", "registrationPagePath", "requestInspection" ] } } }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection": { "properties": { "addressFields": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields", "description": "The names of the fields in the request payload that contain your customer's primary physical address. See `address_fields` for more details.\n" }, "emailField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionEmailField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionEmailField", "description": "The name of the field in the request payload that contains your customer's email. See `email_field` for more details.\n" }, "passwordField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPasswordField", "description": "Details about your login page password field. See `password_field` for more details.\n" }, "payloadType": { "type": "string", "description": "The payload type for your login endpoint, either JSON or form encoded.\n" }, "phoneNumberFields": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields", "description": "The names of the fields in the request payload that contain your customer's primary phone number. See `phone_number_fields` for more details.\n" }, "usernameField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionUsernameField", "description": "Details about your login page username field. See `username_field` for more details.\n" } }, "type": "object", "required": [ "payloadType" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "identifiers" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionEmailField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionEmailField": { "properties": { "identifier": { "type": "string", "description": "The name of the field in the request payload that contains your customer's email.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPasswordField": { "properties": { "identifier": { "type": "string", "description": "The name of the password field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields": { "properties": { "identifiers": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "identifiers" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionUsernameField": { "properties": { "identifier": { "type": "string", "description": "The name of the username field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspection": { "properties": { "bodyContains": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionBodyContains:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionBodyContains", "description": "Configures inspection of the response body. See `body_contains` for more details.\n" }, "header": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionHeader:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionHeader", "description": "Configures inspection of the response header.See `header` for more details.\n" }, "json": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionJson:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionJson", "description": "Configures inspection of the response JSON. See `json` for more details.\n" }, "statusCode": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionStatusCode:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionStatusCode", "description": "Configures inspection of the response status code.See `status_code` for more details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionBodyContains:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionBodyContains": { "properties": { "failureStrings": { "type": "array", "items": { "type": "string" }, "description": "Strings in the body of the response that indicate a failed login attempt.\n" }, "successStrings": { "type": "array", "items": { "type": "string" }, "description": "Strings in the body of the response that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureStrings", "successStrings" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionHeader:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionHeader": { "properties": { "failureValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a failed login attempt.\n" }, "name": { "type": "string", "description": "The name of the header to use.\n" }, "successValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureValues", "name", "successValues" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionJson:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionJson": { "properties": { "failureValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a failed login attempt.\n" }, "identifier": { "type": "string", "description": "The identifier for the value to match against in the JSON.\n" }, "successValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureValues", "identifier", "successValues" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionStatusCode:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetResponseInspectionStatusCode": { "properties": { "failureCodes": { "type": "array", "items": { "type": "integer" }, "description": "Status codes in the response that indicate a failed login attempt.\n" }, "successCodes": { "type": "array", "items": { "type": "integer" }, "description": "Status codes in the response that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureCodes", "successCodes" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet": { "properties": { "enableRegexInPath": { "type": "boolean", "description": "Whether or not to allow the use of regular expressions in the login page path.\n" }, "loginPath": { "type": "string", "description": "The path of the login endpoint for your application.\n" }, "requestInspection": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspection", "description": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See `request_inspection` for more details.\n" }, "responseInspection": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspection", "description": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See `response_inspection` for more details.\n" } }, "type": "object", "required": [ "loginPath" ], "language": { "nodejs": { "requiredOutputs": [ "enableRegexInPath", "loginPath" ] } } }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspection": { "properties": { "passwordField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordField", "description": "Details about your login page password field. See `password_field` for more details.\n" }, "payloadType": { "type": "string", "description": "The payload type for your login endpoint, either JSON or form encoded.\n" }, "usernameField": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameField", "description": "Details about your login page username field. See `username_field` for more details.\n" } }, "type": "object", "required": [ "passwordField", "payloadType", "usernameField" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordField": { "properties": { "identifier": { "type": "string", "description": "The name of the password field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameField": { "properties": { "identifier": { "type": "string", "description": "The name of the username field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspection": { "properties": { "bodyContains": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContains:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContains", "description": "Configures inspection of the response body. See `body_contains` for more details.\n" }, "header": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeader:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeader", "description": "Configures inspection of the response header.See `header` for more details.\n" }, "json": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJson:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJson", "description": "Configures inspection of the response JSON. See `json` for more details.\n" }, "statusCode": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCode:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCode", "description": "Configures inspection of the response status code.See `status_code` for more details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContains:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContains": { "properties": { "failureStrings": { "type": "array", "items": { "type": "string" }, "description": "Strings in the body of the response that indicate a failed login attempt.\n" }, "successStrings": { "type": "array", "items": { "type": "string" }, "description": "Strings in the body of the response that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureStrings", "successStrings" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeader:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeader": { "properties": { "failureValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a failed login attempt.\n" }, "name": { "type": "string", "description": "The name of the header to use.\n" }, "successValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureValues", "name", "successValues" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJson:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJson": { "properties": { "failureValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a failed login attempt.\n" }, "identifier": { "type": "string", "description": "The identifier for the value to match against in the JSON.\n" }, "successValues": { "type": "array", "items": { "type": "string" }, "description": "Values in the response header with the specified name that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureValues", "identifier", "successValues" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCode:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCode": { "properties": { "failureCodes": { "type": "array", "items": { "type": "integer" }, "description": "Status codes in the response that indicate a failed login attempt.\n" }, "successCodes": { "type": "array", "items": { "type": "integer" }, "description": "Status codes in the response that indicate a successful login attempt.\n" } }, "type": "object", "required": [ "failureCodes", "successCodes" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSet:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSet": { "properties": { "enableMachineLearning": { "type": "boolean", "description": "Applies only to the targeted inspection level. Determines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Defaults to `true`.\n" }, "inspectionLevel": { "type": "string", "description": "The inspection level to use for the Bot Control rule group.\n" } }, "type": "object", "required": [ "inspectionLevel" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordField": { "properties": { "identifier": { "type": "string", "description": "The name of the password field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameField:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameField": { "properties": { "identifier": { "type": "string", "description": "The name of the username field.\n" } }, "type": "object", "required": [ "identifier" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverride:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverride": { "properties": { "actionToUse": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUse:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUse", "description": "Override action to use, in place of the configured action of the rule in the rule group. See `action` for details.\n" }, "name": { "type": "string", "description": "Name of the rule to override. See the [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html) for a list of names in the appropriate rule group in use.\n" } }, "type": "object", "required": [ "actionToUse", "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUse:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUse": { "properties": { "allow": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllow:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllow" }, "block": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlock:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlock" }, "captcha": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha", "description": "Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.\n" }, "challenge": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge", "description": "Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.\n" }, "count": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllow:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllow": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlock:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlock": { "properties": { "customResponse": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponse:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponse", "description": "Defines a custom response for the web request. See `custom_response` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponse:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponse": { "properties": { "customResponseBodyKey": { "type": "string", "description": "References the response body that you want AWS WAF to return to the web request client. This must reference a `key` defined in a `custom_response_body` block of this resource.\n" }, "responseCode": { "type": "integer", "description": "The HTTP status code to return to the client.\n" }, "responseHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader" }, "description": "The `response_header` blocks used to define the HTTP response headers added to the response. See `response_header` below for details.\n" } }, "type": "object", "required": [ "responseCode" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandling:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader:WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatement": { "properties": { "andStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement", "description": "Logical rule statement used to combine other rule statements with AND logic. See `and_statement` below for details.\n" }, "byteMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement", "description": "Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byte_match_statement` below for details.\n" }, "geoMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatement", "description": "Rule statement used to identify web requests based on country of origin. See `geo_match_statement` below for details.\n" }, "ipSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatement", "description": "Rule statement used to detect web requests coming from particular IP addresses or address ranges. See `ip_set_reference_statement` below for details.\n" }, "labelMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementLabelMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementLabelMatchStatement", "description": "Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See `label_match_statement` below for details.\n" }, "notStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementNotStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementNotStatement", "description": "Logical rule statement used to negate the results of another rule statement. See `not_statement` below for details.\n" }, "orStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementOrStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementOrStatement", "description": "Logical rule statement used to combine other rule statements with OR logic. See `or_statement` below for details.\n" }, "regexMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatement", "description": "Rule statement used to search web request components for a match against a single regular expression. See `regex_match_statement` below for details.\n" }, "regexPatternSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatement", "description": "Rule statement used to search web request components for matches with regular expressions. See `regex_pattern_set_reference_statement` below for details.\n" }, "sizeConstraintStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatement", "description": "Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). See `size_constraint_statement` below for more details.\n" }, "sqliMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatement", "description": "An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See `sqli_match_statement` below for details.\n" }, "xssMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatement", "description": "Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See `xss_match_statement` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "positionalConstraint": { "type": "string", "description": "Area within the portion of a web request that you want AWS WAF to search for `search_string`. Valid values include the following: `EXACTLY`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CONTAINS_WORD`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchStatement.html) for more information.\n" }, "searchString": { "type": "string", "description": "String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `field_to_match`. The maximum length of the value is 50 bytes.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "positionalConstraint", "searchString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatement": { "properties": { "countryCodes": { "type": "array", "items": { "type": "string" }, "description": "Array of two-character country codes, for example, [ \"US\", \"CN\" ], from the alpha-2 country ISO codes of the `ISO 3166` international standard. See the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html) for valid values.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatementForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwarded_ip_config` below for details.\n" } }, "type": "object", "required": [ "countryCodes" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementGeoMatchStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP Set that this statement references.\n" }, "ipSetForwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `ip_set_forwarded_ip_config` below for more details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" }, "position": { "type": "string", "description": "Position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName", "position" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementLabelMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementLabelMatchStatement": { "properties": { "key": { "type": "string", "description": "String to match against.\n" }, "scope": { "type": "string", "description": "Specify whether you want to match using the label name or just the namespace. Valid values are `LABEL` or `NAMESPACE`.\n" } }, "type": "object", "required": [ "key", "scope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementNotStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementNotStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementOrStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementOrStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "regexString": { "type": "string", "description": "String representing the regular expression. Minimum of `1` and maximum of `512` characters.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "regexString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Regex Pattern Set that this statement references.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "arn", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatement": { "properties": { "comparisonOperator": { "type": "string", "description": "Operator to use to compare the request part to the size setting. Valid values include: `EQ`, `NE`, `LE`, `LT`, `GE`, or `GT`.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "size": { "type": "integer", "description": "Size, in bytes, to compare to the request part, after any transformations. Valid values are integers between 0 and 21474836480, inclusive.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "comparisonOperator", "size", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSizeConstraintStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "sensitivityLevel": { "type": "string", "description": "Sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. Valid values include: `LOW`, `HIGH`.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementSqliMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatement:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatch:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementTextTransformation:WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementXssMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementNotStatement:WebAclRuleStatementNotStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementOrStatement:WebAclRuleStatementOrStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatement:WebAclRuleStatementRateBasedStatement": { "properties": { "aggregateKeyType": { "type": "string", "description": "Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `CUSTOM_KEYS`, `FORWARDED_IP`, or `IP`. Default: `IP`.\n" }, "customKeys": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKey:WebAclRuleStatementRateBasedStatementCustomKey" }, "description": "Aggregate the request counts using one or more web request components as the aggregate keys. See `custom_key` below for details.\n" }, "evaluationWindowSec": { "type": "integer", "description": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. Valid values are `60`, `120`, `300`, and `600`. Defaults to `300` (5 minutes).\n\n**NOTE:** This setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementForwardedIpConfig:WebAclRuleStatementRateBasedStatementForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. If `aggregate_key_type` is set to `FORWARDED_IP`, this block is required. See `forwarded_ip_config` below for details.\n" }, "limit": { "type": "integer", "description": "Limit on requests per 5-minute period for a single originating IP address.\n" }, "scopeDownStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatement:WebAclRuleStatementRateBasedStatementScopeDownStatement", "description": "Optional nested statement that narrows the scope of the rate-based statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See `statement` above for details. If `aggregate_key_type` is set to `CONSTANT`, this block is required.\n" } }, "type": "object", "required": [ "limit" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKey:WebAclRuleStatementRateBasedStatementCustomKey": { "properties": { "cookie": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyCookie:WebAclRuleStatementRateBasedStatementCustomKeyCookie", "description": "Use the value of a cookie in the request as an aggregate key. See RateLimit `cookie` below for details.\n" }, "forwardedIp": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp:WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp", "description": "Use the first IP address in an HTTP header as an aggregate key. See `forwarded_ip` below for details.\n" }, "header": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHeader:WebAclRuleStatementRateBasedStatementCustomKeyHeader", "description": "Use the value of a header in the request as an aggregate key. See RateLimit `header` below for details.\n" }, "httpMethod": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod:WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod", "description": "Use the request's HTTP method as an aggregate key. See RateLimit `http_method` below for details.\n" }, "ip": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyIp:WebAclRuleStatementRateBasedStatementCustomKeyIp", "description": "Use the request's originating IP address as an aggregate key. See `RateLimit ip` below for details.\n" }, "labelNamespace": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace:WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace", "description": "Use the specified label namespace as an aggregate key. See RateLimit `label_namespace` below for details.\n" }, "queryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument:WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument", "description": "Use the specified query argument as an aggregate key. See RateLimit `query_argument` below for details.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryString:WebAclRuleStatementRateBasedStatementCustomKeyQueryString", "description": "Use the request's query string as an aggregate key. See RateLimit `query_string` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyUriPath:WebAclRuleStatementRateBasedStatementCustomKeyUriPath", "description": "Use the request's URI path as an aggregate key. See RateLimit `uri_path` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyCookie:WebAclRuleStatementRateBasedStatementCustomKeyCookie": { "properties": { "name": { "type": "string", "description": "The name of the cookie to use.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `text_transformation` above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp:WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHeader:WebAclRuleStatementRateBasedStatementCustomKeyHeader": { "properties": { "name": { "type": "string", "description": "The name of the header to use.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `text_transformation` above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod:WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyIp:WebAclRuleStatementRateBasedStatementCustomKeyIp": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace:WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace": { "properties": { "namespace": { "type": "string", "description": "The namespace to use for aggregation\n" } }, "type": "object", "required": [ "namespace" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument:WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument": { "properties": { "name": { "type": "string", "description": "The name of the query argument to use.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `text_transformation` above for details.\n" } }, "type": "object", "required": [ "name", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryString:WebAclRuleStatementRateBasedStatementCustomKeyQueryString": { "properties": { "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `text_transformation` above for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyUriPath:WebAclRuleStatementRateBasedStatementCustomKeyUriPath": { "properties": { "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `text_transformation` above for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation:WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementForwardedIpConfig:WebAclRuleStatementRateBasedStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatement:WebAclRuleStatementRateBasedStatementScopeDownStatement": { "properties": { "andStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementAndStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementAndStatement", "description": "Logical rule statement used to combine other rule statements with AND logic. See `and_statement` below for details.\n" }, "byteMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement", "description": "Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byte_match_statement` below for details.\n" }, "geoMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement", "description": "Rule statement used to identify web requests based on country of origin. See `geo_match_statement` below for details.\n" }, "ipSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement", "description": "Rule statement used to detect web requests coming from particular IP addresses or address ranges. See `ip_set_reference_statement` below for details.\n" }, "labelMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement", "description": "Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See `label_match_statement` below for details.\n" }, "notStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementNotStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementNotStatement", "description": "Logical rule statement used to negate the results of another rule statement. See `not_statement` below for details.\n" }, "orStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementOrStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementOrStatement", "description": "Logical rule statement used to combine other rule statements with OR logic. See `or_statement` below for details.\n" }, "regexMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement", "description": "Rule statement used to search web request components for a match against a single regular expression. See `regex_match_statement` below for details.\n" }, "regexPatternSetReferenceStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement", "description": "Rule statement used to search web request components for matches with regular expressions. See `regex_pattern_set_reference_statement` below for details.\n" }, "sizeConstraintStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement", "description": "Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). See `size_constraint_statement` below for more details.\n" }, "sqliMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement", "description": "An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See `sqli_match_statement` below for details.\n" }, "xssMatchStatement": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement", "description": "Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See `xss_match_statement` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementAndStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementAndStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "positionalConstraint": { "type": "string", "description": "Area within the portion of a web request that you want AWS WAF to search for `search_string`. Valid values include the following: `EXACTLY`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CONTAINS_WORD`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchStatement.html) for more information.\n" }, "searchString": { "type": "string", "description": "String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `field_to_match`. The maximum length of the value is 50 bytes.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "positionalConstraint", "searchString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatement": { "properties": { "countryCodes": { "type": "array", "items": { "type": "string" }, "description": "Array of two-character country codes, for example, [ \"US\", \"CN\" ], from the alpha-2 country ISO codes of the `ISO 3166` international standard. See the [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html) for valid values.\n" }, "forwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwarded_ip_config` below for details.\n" } }, "type": "object", "required": [ "countryCodes" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig:WebAclRuleStatementRateBasedStatementScopeDownStatementGeoMatchStatementForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP Set that this statement references.\n" }, "ipSetForwardedIpConfig": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig", "description": "Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `ip_set_forwarded_ip_config` below for more details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig:WebAclRuleStatementRateBasedStatementScopeDownStatementIpSetReferenceStatementIpSetForwardedIpConfig": { "properties": { "fallbackBehavior": { "type": "string", "description": "Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.\n" }, "headerName": { "type": "string", "description": "Name of the HTTP header to use for the IP address.\n" }, "position": { "type": "string", "description": "Position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.\n" } }, "type": "object", "required": [ "fallbackBehavior", "headerName", "position" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementLabelMatchStatement": { "properties": { "key": { "type": "string", "description": "String to match against.\n" }, "scope": { "type": "string", "description": "Specify whether you want to match using the label name or just the namespace. Valid values are `LABEL` or `NAMESPACE`.\n" } }, "type": "object", "required": [ "key", "scope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementNotStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementNotStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementOrStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementOrStatement": { "properties": { "statements": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatement:WebAclRuleStatement" }, "description": "The statements to combine." } }, "type": "object", "required": [ "statements" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "regexString": { "type": "string", "description": "String representing the regular expression. Minimum of `1` and maximum of `512` characters.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "regexString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Regex Pattern Set that this statement references.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "arn", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementRegexPatternSetReferenceStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatement": { "properties": { "comparisonOperator": { "type": "string", "description": "Operator to use to compare the request part to the size setting. Valid values include: `EQ`, `NE`, `LE`, `LT`, `GE`, or `GT`.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "size": { "type": "integer", "description": "Size, in bytes, to compare to the request part, after any transformations. Valid values are integers between 0 and 21474836480, inclusive.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "comparisonOperator", "size", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementSizeConstraintStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "sensitivityLevel": { "type": "string", "description": "Sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. Valid values include: `LOW`, `HIGH`.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementSqliMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation:WebAclRuleStatementRateBasedStatementScopeDownStatementXssMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatement:WebAclRuleStatementRegexMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementRegexMatchStatementFieldToMatch", "description": "The part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "regexString": { "type": "string", "description": "String representing the regular expression. Minimum of `1` and maximum of `512` characters.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementTextTransformation:WebAclRuleStatementRegexMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "regexString", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatch:WebAclRuleStatementRegexMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementRegexMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementRegexMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementRegexMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementRegexMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementRegexMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRegexMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementRegexMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRegexMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchBody:WebAclRuleStatementRegexMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookies:WebAclRuleStatementRegexMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeader:WebAclRuleStatementRegexMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementRegexMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRegexMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBody:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRegexMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchMethod:WebAclRuleStatementRegexMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchQueryString:WebAclRuleStatementRegexMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementRegexMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRegexMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementFieldToMatchUriPath:WebAclRuleStatementRegexMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexMatchStatementTextTransformation:WebAclRuleStatementRegexMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatement:WebAclRuleStatementRegexPatternSetReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Regex Pattern Set that this statement references.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementRegexPatternSetReferenceStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "arn", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatch:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath:WebAclRuleStatementRegexPatternSetReferenceStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementRegexPatternSetReferenceStatementTextTransformation:WebAclRuleStatementRegexPatternSetReferenceStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatement:WebAclRuleStatementRuleGroupReferenceStatement": { "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the `aws.wafv2.RuleGroup` resource.\n" }, "ruleActionOverrides": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverride:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverride" }, "description": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See `rule_action_override` below for details.\n" } }, "type": "object", "required": [ "arn" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverride:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverride": { "properties": { "actionToUse": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUse:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUse", "description": "Override action to use, in place of the configured action of the rule in the rule group. See `action` for details.\n" }, "name": { "type": "string", "description": "Name of the rule to override. See the [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html) for a list of names in the appropriate rule group in use.\n" } }, "type": "object", "required": [ "actionToUse", "name" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUse:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUse": { "properties": { "allow": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllow:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllow" }, "block": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlock:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlock" }, "captcha": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha", "description": "Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.\n" }, "challenge": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge", "description": "Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.\n" }, "count": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllow:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllow": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlock:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlock": { "properties": { "customResponse": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponse:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponse", "description": "Defines a custom response for the web request. See `custom_response` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponse:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponse": { "properties": { "customResponseBodyKey": { "type": "string", "description": "References the response body that you want AWS WAF to return to the web request client. This must reference a `key` defined in a `custom_response_body` block of this resource.\n" }, "responseCode": { "type": "integer", "description": "The HTTP status code to return to the client.\n" }, "responseHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader" }, "description": "The `response_header` blocks used to define the HTTP response headers added to the response. See `response_header` below for details.\n" } }, "type": "object", "required": [ "responseCode" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount": { "properties": { "customRequestHandling": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandling", "description": "Defines custom handling for the web request. See `custom_request_handling` below for details.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandling:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandling": { "properties": { "insertHeaders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader" }, "description": "The `insert_header` blocks used to define HTTP headers added to the request. See `insert_header` below for details.\n" } }, "type": "object", "required": [ "insertHeaders" ] }, "aws:wafv2/WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader:WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader": { "properties": { "name": { "type": "string", "description": "Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-`, to avoid confusion with the headers that are already in the request. For example, for the header name `sample`, AWS WAF inserts the header `x-amzn-waf-sample`.\n" }, "value": { "type": "string", "description": "Value of the custom header.\n" } }, "type": "object", "required": [ "name", "value" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatement:WebAclRuleStatementSizeConstraintStatement": { "properties": { "comparisonOperator": { "type": "string", "description": "Operator to use to compare the request part to the size setting. Valid values include: `EQ`, `NE`, `LE`, `LT`, `GE`, or `GT`.\n" }, "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementSizeConstraintStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "size": { "type": "integer", "description": "Size, in bytes, to compare to the request part, after any transformations. Valid values are integers between 0 and 21474836480, inclusive.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementSizeConstraintStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "comparisonOperator", "size", "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatch:WebAclRuleStatementSizeConstraintStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementSizeConstraintStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementSizeConstraintStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementSizeConstraintStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementSizeConstraintStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments:WebAclRuleStatementSizeConstraintStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchBody:WebAclRuleStatementSizeConstraintStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookies:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeader:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder:WebAclRuleStatementSizeConstraintStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementSizeConstraintStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBody:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementSizeConstraintStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchMethod:WebAclRuleStatementSizeConstraintStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchQueryString:WebAclRuleStatementSizeConstraintStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleHeader:WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementFieldToMatchUriPath:WebAclRuleStatementSizeConstraintStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSizeConstraintStatementTextTransformation:WebAclRuleStatementSizeConstraintStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatement:WebAclRuleStatementSqliMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementSqliMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "sensitivityLevel": { "type": "string", "description": "Sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. Valid values include: `LOW`, `HIGH`.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementTextTransformation:WebAclRuleStatementSqliMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatch:WebAclRuleStatementSqliMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementSqliMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementSqliMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementSqliMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementSqliMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementSqliMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementSqliMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementSqliMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementSqliMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchBody:WebAclRuleStatementSqliMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookies:WebAclRuleStatementSqliMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeader:WebAclRuleStatementSqliMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementSqliMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementSqliMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBody:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementSqliMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchMethod:WebAclRuleStatementSqliMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchQueryString:WebAclRuleStatementSqliMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementSqliMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementSqliMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementFieldToMatchUriPath:WebAclRuleStatementSqliMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementSqliMatchStatementTextTransformation:WebAclRuleStatementSqliMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatement:WebAclRuleStatementXssMatchStatement": { "properties": { "fieldToMatch": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatch:WebAclRuleStatementXssMatchStatementFieldToMatch", "description": "Part of a web request that you want AWS WAF to inspect. See `field_to_match` below for details.\n" }, "textTransformations": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementTextTransformation:WebAclRuleStatementXssMatchStatementTextTransformation" }, "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See `text_transformation` below for details.\n" } }, "type": "object", "required": [ "textTransformations" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatch:WebAclRuleStatementXssMatchStatementFieldToMatch": { "properties": { "allQueryArguments": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementXssMatchStatementFieldToMatchAllQueryArguments", "description": "Inspect all query arguments.\n" }, "body": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementXssMatchStatementFieldToMatchBody", "description": "Inspect the request body, which immediately follows the request headers. See `body` below for details.\n" }, "cookies": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementXssMatchStatementFieldToMatchCookies", "description": "Inspect the cookies in the web request. See `cookies` below for details.\n" }, "headerOrders": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderOrder" }, "description": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request that AWS WAF receives for inspection. See `header_order` below for details.\n" }, "headers": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementXssMatchStatementFieldToMatchHeader" }, "description": "Inspect the request headers. See `headers` below for details.\n" }, "ja3Fingerprint": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint", "description": "Inspect the JA3 fingerprint. See `ja3_fingerprint` below for details.\n" }, "jsonBody": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBody", "description": "Inspect the request body as JSON. See `json_body` for details.\n" }, "method": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementXssMatchStatementFieldToMatchMethod", "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.\n" }, "queryString": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementXssMatchStatementFieldToMatchQueryString", "description": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.\n" }, "singleHeader": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementXssMatchStatementFieldToMatchSingleHeader", "description": "Inspect a single header. See `single_header` below for details.\n" }, "singleQueryArgument": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument", "description": "Inspect a single query argument. See `single_query_argument` below for details.\n" }, "uriPath": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementXssMatchStatementFieldToMatchUriPath", "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchAllQueryArguments:WebAclRuleStatementXssMatchStatementFieldToMatchAllQueryArguments": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchBody:WebAclRuleStatementXssMatchStatementFieldToMatchBody": { "properties": { "oversizeHandling": { "type": "string", "description": "What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookies:WebAclRuleStatementXssMatchStatementFieldToMatchCookies": { "properties": { "matchPatterns": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern" }, "description": "The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either `all`, `included_cookies` or `excluded_cookies`. More details: [CookieMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_CookieMatchPattern.html)\n" }, "matchScope": { "type": "string", "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values: `ALL`, `KEY`, `VALUE`\n" }, "oversizeHandling": { "type": "string", "description": "What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values: `CONTINUE`, `MATCH`, `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPatterns", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedCookies": { "type": "array", "items": { "type": "string" } }, "includedCookies": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchCookiesMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeader:WebAclRuleStatementXssMatchStatementFieldToMatchHeader": { "properties": { "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern", "description": "The filter to use to identify the subset of headers to inspect in a web request. The `match_pattern` block supports only one of the following arguments:\n" }, "matchScope": { "type": "string", "description": "The parts of the headers to inspect with the rule inspection criteria. If you specify `All`, AWS WAF inspects both keys and values. Valid values include the following: `ALL`, `Key`, `Value`.\n" }, "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope", "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "excludedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.\n" }, "includedHeaders": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.\n" } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchHeaderOrder:WebAclRuleStatementXssMatchStatementFieldToMatchHeaderOrder": { "properties": { "oversizeHandling": { "type": "string", "description": "Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information.\n" } }, "type": "object", "required": [ "oversizeHandling" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint:WebAclRuleStatementXssMatchStatementFieldToMatchJa3Fingerprint": { "properties": { "fallbackBehavior": { "type": "string", "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint. Valid values include: `MATCH` or `NO_MATCH`.\n" } }, "type": "object", "required": [ "fallbackBehavior" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBody:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBody": { "properties": { "invalidFallbackBehavior": { "type": "string", "description": "What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are `EVALUATE_AS_STRING`, `MATCH` and `NO_MATCH`.\n" }, "matchPattern": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern", "description": "The patterns to look for in the JSON body. You must specify exactly one setting: either `all` or `included_paths`. See [JsonMatchPattern](https://docs.aws.amazon.com/waf/latest/APIReference/API_JsonMatchPattern.html) for details.\n" }, "matchScope": { "type": "string", "description": "The parts of the JSON to match against using the `match_pattern`. Valid values are `ALL`, `KEY` and `VALUE`.\n" }, "oversizeHandling": { "type": "string", "description": "What to do if the body is larger than can be inspected. Valid values are `CONTINUE` (default), `MATCH` and `NO_MATCH`.\n" } }, "type": "object", "required": [ "matchPattern", "matchScope" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPattern": { "properties": { "all": { "$ref": "#/types/aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll", "description": "An empty configuration block that is used for inspecting all headers.\n" }, "includedPaths": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll:WebAclRuleStatementXssMatchStatementFieldToMatchJsonBodyMatchPatternAll": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchMethod:WebAclRuleStatementXssMatchStatementFieldToMatchMethod": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchQueryString:WebAclRuleStatementXssMatchStatementFieldToMatchQueryString": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchSingleHeader:WebAclRuleStatementXssMatchStatementFieldToMatchSingleHeader": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument:WebAclRuleStatementXssMatchStatementFieldToMatchSingleQueryArgument": { "properties": { "name": { "type": "string", "description": "Name of the query header to inspect. This setting must be provided as lower case characters.\n" } }, "type": "object", "required": [ "name" ] }, "aws:wafv2/WebAclRuleStatementXssMatchStatementFieldToMatchUriPath:WebAclRuleStatementXssMatchStatementFieldToMatchUriPath": { "type": "object" }, "aws:wafv2/WebAclRuleStatementXssMatchStatementTextTransformation:WebAclRuleStatementXssMatchStatementTextTransformation": { "properties": { "priority": { "type": "integer", "description": "Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.\n" }, "type": { "type": "string", "description": "Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.\n" } }, "type": "object", "required": [ "priority", "type" ] }, "aws:wafv2/WebAclRuleVisibilityConfig:WebAclRuleVisibilityConfig": { "properties": { "cloudwatchMetricsEnabled": { "type": "boolean", "description": "Whether the associated resource sends metrics to CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics).\n" }, "metricName": { "type": "string", "description": "A friendly name of the CloudWatch metric. The name can contain only alphanumeric characters (A-Z, a-z, 0-9) hyphen(-) and underscore (\\_), with length from one to 128 characters. It can't contain whitespace or metric names reserved for AWS WAF, for example `All` and `Default_Action`.\n" }, "sampledRequestsEnabled": { "type": "boolean", "description": "Whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n" } }, "type": "object", "required": [ "cloudwatchMetricsEnabled", "metricName", "sampledRequestsEnabled" ] }, "aws:wafv2/WebAclVisibilityConfig:WebAclVisibilityConfig": { "properties": { "cloudwatchMetricsEnabled": { "type": "boolean", "description": "Whether the associated resource sends metrics to CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics).\n" }, "metricName": { "type": "string", "description": "A friendly name of the CloudWatch metric. The name can contain only alphanumeric characters (A-Z, a-z, 0-9) hyphen(-) and underscore (\\_), with length from one to 128 characters. It can't contain whitespace or metric names reserved for AWS WAF, for example `All` and `Default_Action`.\n" }, "sampledRequestsEnabled": { "type": "boolean", "description": "Whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n" } }, "type": "object", "required": [ "cloudwatchMetricsEnabled", "metricName", "sampledRequestsEnabled" ] }, "aws:wafv2/getRegexPatternSetRegularExpression:getRegexPatternSetRegularExpression": { "properties": { "regexString": { "type": "string", "description": "(Required) String representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information.\n" } }, "type": "object", "required": [ "regexString" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:worklink/FleetIdentityProvider:FleetIdentityProvider": { "properties": { "samlMetadata": { "type": "string", "description": "The SAML metadata document provided by the customer’s identity provider.\n" }, "type": { "type": "string", "description": "The type of identity provider.\n" } }, "type": "object", "required": [ "samlMetadata", "type" ] }, "aws:worklink/FleetNetwork:FleetNetwork": { "properties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs associated with access to the provided subnets.\n\n**identity_provider** requires the following:\n\n\u003e **NOTE:** `identity_provider` cannot be removed without force recreating.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs used for X-ENI connections from Amazon WorkLink rendering containers.\n" }, "vpcId": { "type": "string", "description": "The VPC ID with connectivity to associated websites.\n" } }, "type": "object", "required": [ "securityGroupIds", "subnetIds", "vpcId" ] }, "aws:workspaces/ConnectionAliasTimeouts:ConnectionAliasTimeouts": { "properties": { "create": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" }, "delete": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" }, "update": { "type": "string", "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" } }, "type": "object" }, "aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions": { "properties": { "changeComputeType": { "type": "boolean", "description": "Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default `false`.\n" }, "increaseVolumeSize": { "type": "boolean", "description": "Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default `false`.\n" }, "rebuildWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default `false`.\n" }, "restartWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can restart their workspace. Default `true`.\n" }, "switchRunningMode": { "type": "boolean", "description": "Whether WorkSpaces directory users can switch the running mode of their workspace. Default `false`.\n" } }, "type": "object" }, "aws:workspaces/DirectoryWorkspaceAccessProperties:DirectoryWorkspaceAccessProperties": { "properties": { "deviceTypeAndroid": { "type": "string", "description": "Indicates whether users can use Android devices to access their WorkSpaces.\n" }, "deviceTypeChromeos": { "type": "string", "description": "Indicates whether users can use Chromebooks to access their WorkSpaces.\n" }, "deviceTypeIos": { "type": "string", "description": "Indicates whether users can use iOS devices to access their WorkSpaces.\n" }, "deviceTypeLinux": { "type": "string", "description": "Indicates whether users can use Linux clients to access their WorkSpaces.\n" }, "deviceTypeOsx": { "type": "string", "description": "Indicates whether users can use macOS clients to access their WorkSpaces.\n" }, "deviceTypeWeb": { "type": "string", "description": "Indicates whether users can access their WorkSpaces through a web browser.\n" }, "deviceTypeWindows": { "type": "string", "description": "Indicates whether users can use Windows clients to access their WorkSpaces.\n" }, "deviceTypeZeroclient": { "type": "string", "description": "Indicates whether users can use zero client devices to access their WorkSpaces.\n" } }, "type": "object" }, "aws:workspaces/DirectoryWorkspaceCreationProperties:DirectoryWorkspaceCreationProperties": { "properties": { "customSecurityGroupId": { "type": "string", "description": "The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.\n" }, "defaultOu": { "type": "string", "description": "The default organizational unit (OU) for your WorkSpace directories. Should conform `\"OU=\u003cvalue\u003e,DC=\u003cvalue\u003e,...,DC=\u003cvalue\u003e\"` pattern.\n" }, "enableInternetAccess": { "type": "boolean", "description": "Indicates whether internet access is enabled for your WorkSpaces.\n" }, "enableMaintenanceMode": { "type": "boolean", "description": "Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see [WorkSpace Maintenance](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspace-maintenance.html)..\n" }, "userEnabledAsLocalAdministrator": { "type": "boolean", "description": "Indicates whether users are local administrators of their WorkSpaces.\n" } }, "type": "object" }, "aws:workspaces/IpGroupRule:IpGroupRule": { "properties": { "description": { "type": "string", "description": "The description of the IP group.\n" }, "source": { "type": "string", "description": "The IP address range, in CIDR notation, e.g., `10.0.0.0/16`\n" } }, "type": "object", "required": [ "source" ] }, "aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties": { "properties": { "computeTypeName": { "type": "string", "description": "The compute type. For more information, see [Amazon WorkSpaces Bundles](http://aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles). Valid values are `VALUE`, `STANDARD`, `PERFORMANCE`, `POWER`, `GRAPHICS`, `POWERPRO`, `GRAPHICSPRO`, `GRAPHICS_G4DN`, and `GRAPHICSPRO_G4DN`.\n" }, "rootVolumeSizeGib": { "type": "integer", "description": "The size of the root volume.\n" }, "runningMode": { "type": "string", "description": "The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`.\n" }, "runningModeAutoStopTimeoutInMinutes": { "type": "integer", "description": "The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals.\n" }, "userVolumeSizeGib": { "type": "integer", "description": "The size of the user storage.\n" } }, "type": "object", "language": { "nodejs": { "requiredOutputs": [ "runningModeAutoStopTimeoutInMinutes" ] } } }, "aws:workspaces/getBundleComputeType:getBundleComputeType": { "properties": { "name": { "type": "string", "description": "Name of the bundle. You cannot combine this parameter with `bundle_id`.\n" } }, "type": "object", "required": [ "name" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getBundleRootStorage:getBundleRootStorage": { "properties": { "capacity": { "type": "string", "description": "Size of the user storage.\n" } }, "type": "object", "required": [ "capacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getBundleUserStorage:getBundleUserStorage": { "properties": { "capacity": { "type": "string", "description": "Size of the user storage.\n" } }, "type": "object", "required": [ "capacity" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getDirectorySelfServicePermission:getDirectorySelfServicePermission": { "properties": { "changeComputeType": { "type": "boolean", "description": "Whether WorkSpaces directory users can change the compute type (bundle) for their workspace.\n" }, "increaseVolumeSize": { "type": "boolean", "description": "Whether WorkSpaces directory users can increase the volume size of the drives on their workspace.\n" }, "rebuildWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state.\n" }, "restartWorkspace": { "type": "boolean", "description": "Whether WorkSpaces directory users can restart their workspace.\n" }, "switchRunningMode": { "type": "boolean", "description": "Whether WorkSpaces directory users can switch the running mode of their workspace.\n" } }, "type": "object", "required": [ "changeComputeType", "increaseVolumeSize", "rebuildWorkspace", "restartWorkspace", "switchRunningMode" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getDirectoryWorkspaceAccessProperty:getDirectoryWorkspaceAccessProperty": { "properties": { "deviceTypeAndroid": { "type": "string", "description": "(Optional) Indicates whether users can use Android devices to access their WorkSpaces.\n" }, "deviceTypeChromeos": { "type": "string", "description": "(Optional) Indicates whether users can use Chromebooks to access their WorkSpaces.\n" }, "deviceTypeIos": { "type": "string", "description": "(Optional) Indicates whether users can use iOS devices to access their WorkSpaces.\n" }, "deviceTypeLinux": { "type": "string", "description": "(Optional) Indicates whether users can use Linux clients to access their WorkSpaces.\n" }, "deviceTypeOsx": { "type": "string", "description": "(Optional) Indicates whether users can use macOS clients to access their WorkSpaces.\n" }, "deviceTypeWeb": { "type": "string", "description": "(Optional) Indicates whether users can access their WorkSpaces through a web browser.\n" }, "deviceTypeWindows": { "type": "string", "description": "(Optional) Indicates whether users can use Windows clients to access their WorkSpaces.\n" }, "deviceTypeZeroclient": { "type": "string", "description": "(Optional) Indicates whether users can use zero client devices to access their WorkSpaces.\n" } }, "type": "object", "required": [ "deviceTypeAndroid", "deviceTypeChromeos", "deviceTypeIos", "deviceTypeLinux", "deviceTypeOsx", "deviceTypeWeb", "deviceTypeWindows", "deviceTypeZeroclient" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getDirectoryWorkspaceCreationProperty:getDirectoryWorkspaceCreationProperty": { "properties": { "customSecurityGroupId": { "type": "string", "description": "The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.\n" }, "defaultOu": { "type": "string", "description": "The default organizational unit (OU) for your WorkSpace directories.\n" }, "enableInternetAccess": { "type": "boolean", "description": "Indicates whether internet access is enabled for your WorkSpaces.\n" }, "enableMaintenanceMode": { "type": "boolean", "description": "Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see [WorkSpace Maintenance](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspace-maintenance.html).\n" }, "userEnabledAsLocalAdministrator": { "type": "boolean", "description": "Indicates whether users are local administrators of their WorkSpaces.\n" } }, "type": "object", "required": [ "customSecurityGroupId", "defaultOu", "enableInternetAccess", "enableMaintenanceMode", "userEnabledAsLocalAdministrator" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:workspaces/getWorkspaceWorkspaceProperty:getWorkspaceWorkspaceProperty": { "properties": { "computeTypeName": { "type": "string", "description": "Compute type. For more information, see [Amazon WorkSpaces Bundles](http://aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles). Valid values are `VALUE`, `STANDARD`, `PERFORMANCE`, `POWER`, `GRAPHICS`, `POWERPRO` and `GRAPHICSPRO`.\n" }, "rootVolumeSizeGib": { "type": "integer", "description": "Size of the root volume.\n" }, "runningMode": { "type": "string", "description": "Running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`.\n" }, "runningModeAutoStopTimeoutInMinutes": { "type": "integer", "description": "Time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals.\n" }, "userVolumeSizeGib": { "type": "integer", "description": "Size of the user storage.\n" } }, "type": "object", "required": [ "computeTypeName", "rootVolumeSizeGib", "runningMode", "runningModeAutoStopTimeoutInMinutes", "userVolumeSizeGib" ], "language": { "nodejs": { "requiredInputs": [] } } }, "aws:xray/GroupInsightsConfiguration:GroupInsightsConfiguration": { "properties": { "insightsEnabled": { "type": "boolean", "description": "Specifies whether insights are enabled.\n" }, "notificationsEnabled": { "type": "boolean", "description": "Specifies whether insight notifications are enabled.\n" } }, "type": "object", "required": [ "insightsEnabled" ], "language": { "nodejs": { "requiredOutputs": [ "insightsEnabled", "notificationsEnabled" ] } } } }, "provider": { "description": "The provider type for the aws package. By default, resources use package-wide configuration\nsettings, however an explicit `Provider` instance may be created and passed during resource\nconstruction to achieve fine-grained programmatic control over provider settings. See the\n[documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information.\n", "properties": { "accessKey": { "type": "string", "description": "The access key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "allowedAccountIds": { "type": "array", "items": { "type": "string" } }, "assumeRole": { "$ref": "#/types/aws:index/ProviderAssumeRole:ProviderAssumeRole" }, "assumeRoleWithWebIdentity": { "$ref": "#/types/aws:index/ProviderAssumeRoleWithWebIdentity:ProviderAssumeRoleWithWebIdentity" }, "customCaBundle": { "type": "string", "description": "File containing custom root and intermediate certificates. Can also be configured using the `AWS_CA_BUNDLE` environment\nvariable. (Setting `ca_bundle` in the shared config file is not supported.)\n" }, "defaultTags": { "$ref": "#/types/aws:index/ProviderDefaultTags:ProviderDefaultTags", "description": "Configuration block with settings to default resource tags across all resources.\n" }, "ec2MetadataServiceEndpoint": { "type": "string", "description": "Address of the EC2 metadata service endpoint to use. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT` environment variable.\n" }, "ec2MetadataServiceEndpointMode": { "type": "string", "description": "Protocol to use with EC2 metadata service endpoint.Valid values are `IPv4` and `IPv6`. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE` environment variable.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:index/ProviderEndpoint:ProviderEndpoint" } }, "forbiddenAccountIds": { "type": "array", "items": { "type": "string" } }, "httpProxy": { "type": "string", "description": "URL of a proxy to use for HTTP requests when accessing the AWS API. Can also be set using the `HTTP_PROXY` or\n`http_proxy` environment variables.\n" }, "httpsProxy": { "type": "string", "description": "URL of a proxy to use for HTTPS requests when accessing the AWS API. Can also be set using the `HTTPS_PROXY` or\n`https_proxy` environment variables.\n" }, "ignoreTags": { "$ref": "#/types/aws:index/ProviderIgnoreTags:ProviderIgnoreTags", "description": "Configuration block with settings to ignore resource tags across all resources.\n" }, "insecure": { "type": "boolean", "description": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted, default value is `false`\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.\n" }, "noProxy": { "type": "string", "description": "Comma-separated list of hosts that should not use HTTP or HTTPS proxies. Can also be set using the `NO_PROXY` or\n`no_proxy` environment variables.\n" }, "profile": { "type": "string", "description": "The profile for API operations. If not set, the default profile created with `aws configure` will be used.\n" }, "region": { "type": "string", "$ref": "#/types/aws:index/region:Region", "description": "The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.\n" }, "retryMode": { "type": "string", "description": "Specifies how retries are attempted. Valid values are `standard` and `adaptive`. Can also be configured using the\n`AWS_RETRY_MODE` environment variable.\n" }, "s3UsEast1RegionalEndpoint": { "type": "string", "description": "Specifies whether S3 API calls in the `us-east-1` region use the legacy global endpoint or a regional endpoint. Valid\nvalues are `legacy` or `regional`. Can also be configured using the `AWS_S3_US_EAST_1_REGIONAL_ENDPOINT` environment\nvariable or the `s3_us_east_1_regional_endpoint` shared config file parameter\n" }, "s3UsePathStyle": { "type": "boolean", "description": "Set this to true to enable the request to use path-style addressing, i.e., https://s3.amazonaws.com/BUCKET/KEY. By\ndefault, the S3 client will use virtual hosted bucket addressing when possible (https://BUCKET.s3.amazonaws.com/KEY).\nSpecific to the Amazon S3 service.\n" }, "secretKey": { "type": "string", "description": "The secret key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "sharedConfigFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared config files. If not set, defaults to [~/.aws/config].\n" }, "sharedCredentialsFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared credentials files. If not set, defaults to [~/.aws/credentials].\n" }, "skipCredentialsValidation": { "type": "boolean", "description": "Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS\navailable/implemented.\n" }, "skipMetadataApiCheck": { "type": "boolean", "description": "Skip the AWS Metadata API check. Used for AWS API implementations that do not have a metadata api endpoint.\n" }, "skipRegionValidation": { "type": "boolean", "description": "Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are\nnot public (yet).\n" }, "skipRequestingAccountId": { "type": "boolean", "description": "Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.\n" }, "stsRegion": { "type": "string", "description": "The region where AWS STS operations will take place. Examples are us-east-1 and us-west-2.\n" }, "token": { "type": "string", "description": "session token. A session token is only required if you are using temporary security credentials.\n", "secret": true }, "tokenBucketRateLimiterCapacity": { "type": "integer", "description": "The capacity of the AWS SDK's token bucket rate limiter.\n" }, "useDualstackEndpoint": { "type": "boolean", "description": "Resolve an endpoint with DualStack capability\n" }, "useFipsEndpoint": { "type": "boolean", "description": "Resolve an endpoint with FIPS capability\n" } }, "inputProperties": { "accessKey": { "type": "string", "description": "The access key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "allowedAccountIds": { "type": "array", "items": { "type": "string" } }, "assumeRole": { "$ref": "#/types/aws:index/ProviderAssumeRole:ProviderAssumeRole" }, "assumeRoleWithWebIdentity": { "$ref": "#/types/aws:index/ProviderAssumeRoleWithWebIdentity:ProviderAssumeRoleWithWebIdentity" }, "customCaBundle": { "type": "string", "description": "File containing custom root and intermediate certificates. Can also be configured using the `AWS_CA_BUNDLE` environment\nvariable. (Setting `ca_bundle` in the shared config file is not supported.)\n" }, "defaultTags": { "$ref": "#/types/aws:index/ProviderDefaultTags:ProviderDefaultTags", "description": "Configuration block with settings to default resource tags across all resources.\n" }, "ec2MetadataServiceEndpoint": { "type": "string", "description": "Address of the EC2 metadata service endpoint to use. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT` environment variable.\n" }, "ec2MetadataServiceEndpointMode": { "type": "string", "description": "Protocol to use with EC2 metadata service endpoint.Valid values are `IPv4` and `IPv6`. Can also be configured using the\n`AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE` environment variable.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:index/ProviderEndpoint:ProviderEndpoint" } }, "forbiddenAccountIds": { "type": "array", "items": { "type": "string" } }, "httpProxy": { "type": "string", "description": "URL of a proxy to use for HTTP requests when accessing the AWS API. Can also be set using the `HTTP_PROXY` or\n`http_proxy` environment variables.\n" }, "httpsProxy": { "type": "string", "description": "URL of a proxy to use for HTTPS requests when accessing the AWS API. Can also be set using the `HTTPS_PROXY` or\n`https_proxy` environment variables.\n" }, "ignoreTags": { "$ref": "#/types/aws:index/ProviderIgnoreTags:ProviderIgnoreTags", "description": "Configuration block with settings to ignore resource tags across all resources.\n" }, "insecure": { "type": "boolean", "description": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted, default value is `false`\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.\n" }, "noProxy": { "type": "string", "description": "Comma-separated list of hosts that should not use HTTP or HTTPS proxies. Can also be set using the `NO_PROXY` or\n`no_proxy` environment variables.\n" }, "profile": { "type": "string", "description": "The profile for API operations. If not set, the default profile created with `aws configure` will be used.\n" }, "region": { "type": "string", "$ref": "#/types/aws:index/region:Region", "description": "The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.\n", "defaultInfo": { "environment": [ "AWS_REGION", "AWS_DEFAULT_REGION" ] } }, "retryMode": { "type": "string", "description": "Specifies how retries are attempted. Valid values are `standard` and `adaptive`. Can also be configured using the\n`AWS_RETRY_MODE` environment variable.\n" }, "s3UsEast1RegionalEndpoint": { "type": "string", "description": "Specifies whether S3 API calls in the `us-east-1` region use the legacy global endpoint or a regional endpoint. Valid\nvalues are `legacy` or `regional`. Can also be configured using the `AWS_S3_US_EAST_1_REGIONAL_ENDPOINT` environment\nvariable or the `s3_us_east_1_regional_endpoint` shared config file parameter\n" }, "s3UsePathStyle": { "type": "boolean", "description": "Set this to true to enable the request to use path-style addressing, i.e., https://s3.amazonaws.com/BUCKET/KEY. By\ndefault, the S3 client will use virtual hosted bucket addressing when possible (https://BUCKET.s3.amazonaws.com/KEY).\nSpecific to the Amazon S3 service.\n" }, "secretKey": { "type": "string", "description": "The secret key for API operations. You can retrieve this from the 'Security \u0026 Credentials' section of the AWS console.\n", "secret": true }, "sharedConfigFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared config files. If not set, defaults to [~/.aws/config].\n" }, "sharedCredentialsFiles": { "type": "array", "items": { "type": "string" }, "description": "List of paths to shared credentials files. If not set, defaults to [~/.aws/credentials].\n" }, "skipCredentialsValidation": { "type": "boolean", "description": "Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS\navailable/implemented.\n", "default": false }, "skipMetadataApiCheck": { "type": "boolean", "description": "Skip the AWS Metadata API check. Used for AWS API implementations that do not have a metadata api endpoint.\n" }, "skipRegionValidation": { "type": "boolean", "description": "Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are\nnot public (yet).\n", "default": true }, "skipRequestingAccountId": { "type": "boolean", "description": "Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.\n" }, "stsRegion": { "type": "string", "description": "The region where AWS STS operations will take place. Examples are us-east-1 and us-west-2.\n" }, "token": { "type": "string", "description": "session token. A session token is only required if you are using temporary security credentials.\n", "secret": true }, "tokenBucketRateLimiterCapacity": { "type": "integer", "description": "The capacity of the AWS SDK's token bucket rate limiter.\n" }, "useDualstackEndpoint": { "type": "boolean", "description": "Resolve an endpoint with DualStack capability\n" }, "useFipsEndpoint": { "type": "boolean", "description": "Resolve an endpoint with FIPS capability\n" } } }, "resources": { "aws:accessanalyzer/analyzer:Analyzer": { "description": "Manages an Access Analyzer Analyzer. More information can be found in the [Access Analyzer User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html).\n\n## Example Usage\n\n### Account Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.accessanalyzer.Analyzer(\"example\", {analyzerName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.accessanalyzer.Analyzer(\"example\", analyzer_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Analyzer(\"example\", AnalyzerArgs.builder()\n .analyzerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:accessanalyzer:Analyzer\n properties:\n analyzerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {awsServiceAccessPrincipals: [\"access-analyzer.amazonaws.com\"]});\nconst exampleAnalyzer = new aws.accessanalyzer.Analyzer(\"example\", {\n analyzerName: \"example\",\n type: \"ORGANIZATION\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\", aws_service_access_principals=[\"access-analyzer.amazonaws.com\"])\nexample_analyzer = aws.accessanalyzer.Analyzer(\"example\",\n analyzer_name=\"example\",\n type=\"ORGANIZATION\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"access-analyzer.amazonaws.com\",\n },\n });\n\n var exampleAnalyzer = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n Type = \"ORGANIZATION\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"access-analyzer.amazonaws.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"ORGANIZATION\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"access-analyzer.amazonaws.com\")\n .build());\n\n var exampleAnalyzer = new Analyzer(\"exampleAnalyzer\", AnalyzerArgs.builder()\n .analyzerName(\"example\")\n .type(\"ORGANIZATION\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - access-analyzer.amazonaws.com\n exampleAnalyzer:\n type: aws:accessanalyzer:Analyzer\n name: example\n properties:\n analyzerName: example\n type: ORGANIZATION\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Analyzer Analyzers using the `analyzer_name`. For example:\n\n```sh\n$ pulumi import aws:accessanalyzer/analyzer:Analyzer example example\n```\n", "properties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n\nThe following arguments are optional:\n" }, "arn": { "type": "string", "description": "ARN of the Analyzer.\n" }, "configuration": { "$ref": "#/types/aws:accessanalyzer/AnalyzerConfiguration:AnalyzerConfiguration", "description": "A block that specifies the configuration of the analyzer. Documented below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of Analyzer. Valid values are `ACCOUNT`, `ORGANIZATION`, `ACCOUNT_UNUSED_ACCESS `, `ORGANIZATION_UNUSED_ACCESS`. Defaults to `ACCOUNT`.\n" } }, "required": [ "analyzerName", "arn", "tagsAll" ], "inputProperties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "configuration": { "$ref": "#/types/aws:accessanalyzer/AnalyzerConfiguration:AnalyzerConfiguration", "description": "A block that specifies the configuration of the analyzer. Documented below\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of Analyzer. Valid values are `ACCOUNT`, `ORGANIZATION`, `ACCOUNT_UNUSED_ACCESS `, `ORGANIZATION_UNUSED_ACCESS`. Defaults to `ACCOUNT`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "analyzerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Analyzer resources.\n", "properties": { "analyzerName": { "type": "string", "description": "Name of the Analyzer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the Analyzer.\n" }, "configuration": { "$ref": "#/types/aws:accessanalyzer/AnalyzerConfiguration:AnalyzerConfiguration", "description": "A block that specifies the configuration of the analyzer. Documented below\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of Analyzer. Valid values are `ACCOUNT`, `ORGANIZATION`, `ACCOUNT_UNUSED_ACCESS `, `ORGANIZATION_UNUSED_ACCESS`. Defaults to `ACCOUNT`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:accessanalyzer/archiveRule:ArchiveRule": { "description": "Resource for managing an AWS AccessAnalyzer Archive Rule.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.accessanalyzer.ArchiveRule(\"example\", {\n analyzerName: \"example-analyzer\",\n ruleName: \"example-rule\",\n filters: [\n {\n criteria: \"condition.aws:UserId\",\n eqs: [\"userid\"],\n },\n {\n criteria: \"error\",\n exists: \"true\",\n },\n {\n criteria: \"isPublic\",\n eqs: [\"false\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.accessanalyzer.ArchiveRule(\"example\",\n analyzer_name=\"example-analyzer\",\n rule_name=\"example-rule\",\n filters=[\n {\n \"criteria\": \"condition.aws:UserId\",\n \"eqs\": [\"userid\"],\n },\n {\n \"criteria\": \"error\",\n \"exists\": \"true\",\n },\n {\n \"criteria\": \"isPublic\",\n \"eqs\": [\"false\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AccessAnalyzer.ArchiveRule(\"example\", new()\n {\n AnalyzerName = \"example-analyzer\",\n RuleName = \"example-rule\",\n Filters = new[]\n {\n new Aws.AccessAnalyzer.Inputs.ArchiveRuleFilterArgs\n {\n Criteria = \"condition.aws:UserId\",\n Eqs = new[]\n {\n \"userid\",\n },\n },\n new Aws.AccessAnalyzer.Inputs.ArchiveRuleFilterArgs\n {\n Criteria = \"error\",\n Exists = \"true\",\n },\n new Aws.AccessAnalyzer.Inputs.ArchiveRuleFilterArgs\n {\n Criteria = \"isPublic\",\n Eqs = new[]\n {\n \"false\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := accessanalyzer.NewArchiveRule(ctx, \"example\", \u0026accessanalyzer.ArchiveRuleArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example-analyzer\"),\n\t\t\tRuleName: pulumi.String(\"example-rule\"),\n\t\t\tFilters: accessanalyzer.ArchiveRuleFilterArray{\n\t\t\t\t\u0026accessanalyzer.ArchiveRuleFilterArgs{\n\t\t\t\t\tCriteria: pulumi.String(\"condition.aws:UserId\"),\n\t\t\t\t\tEqs: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"userid\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026accessanalyzer.ArchiveRuleFilterArgs{\n\t\t\t\t\tCriteria: pulumi.String(\"error\"),\n\t\t\t\t\tExists: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026accessanalyzer.ArchiveRuleFilterArgs{\n\t\t\t\t\tCriteria: pulumi.String(\"isPublic\"),\n\t\t\t\t\tEqs: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.accessanalyzer.ArchiveRule;\nimport com.pulumi.aws.accessanalyzer.ArchiveRuleArgs;\nimport com.pulumi.aws.accessanalyzer.inputs.ArchiveRuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ArchiveRule(\"example\", ArchiveRuleArgs.builder()\n .analyzerName(\"example-analyzer\")\n .ruleName(\"example-rule\")\n .filters( \n ArchiveRuleFilterArgs.builder()\n .criteria(\"condition.aws:UserId\")\n .eqs(\"userid\")\n .build(),\n ArchiveRuleFilterArgs.builder()\n .criteria(\"error\")\n .exists(true)\n .build(),\n ArchiveRuleFilterArgs.builder()\n .criteria(\"isPublic\")\n .eqs(\"false\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:accessanalyzer:ArchiveRule\n properties:\n analyzerName: example-analyzer\n ruleName: example-rule\n filters:\n - criteria: condition.aws:UserId\n eqs:\n - userid\n - criteria: error\n exists: true\n - criteria: isPublic\n eqs:\n - 'false'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AccessAnalyzer ArchiveRule using the `analyzer_name/rule_name`. For example:\n\n```sh\n$ pulumi import aws:accessanalyzer/archiveRule:ArchiveRule example example-analyzer/example-rule\n```\n", "properties": { "analyzerName": { "type": "string", "description": "Analyzer name.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:accessanalyzer/ArchiveRuleFilter:ArchiveRuleFilter" }, "description": "Filter criteria for the archive rule. See Filter for more details.\n" }, "ruleName": { "type": "string", "description": "Rule name.\n" } }, "required": [ "analyzerName", "filters", "ruleName" ], "inputProperties": { "analyzerName": { "type": "string", "description": "Analyzer name.\n", "willReplaceOnChanges": true }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:accessanalyzer/ArchiveRuleFilter:ArchiveRuleFilter" }, "description": "Filter criteria for the archive rule. See Filter for more details.\n" }, "ruleName": { "type": "string", "description": "Rule name.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "analyzerName", "filters", "ruleName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ArchiveRule resources.\n", "properties": { "analyzerName": { "type": "string", "description": "Analyzer name.\n", "willReplaceOnChanges": true }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:accessanalyzer/ArchiveRuleFilter:ArchiveRuleFilter" }, "description": "Filter criteria for the archive rule. See Filter for more details.\n" }, "ruleName": { "type": "string", "description": "Rule name.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:account/alternativeContact:AlternativeContact": { "description": "Manages the specified alternate contact attached to an AWS Account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst operations = new aws.account.AlternativeContact(\"operations\", {\n alternateContactType: \"OPERATIONS\",\n name: \"Example\",\n title: \"Example\",\n emailAddress: \"test@example.com\",\n phoneNumber: \"+1234567890\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noperations = aws.account.AlternativeContact(\"operations\",\n alternate_contact_type=\"OPERATIONS\",\n name=\"Example\",\n title=\"Example\",\n email_address=\"test@example.com\",\n phone_number=\"+1234567890\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var operations = new Aws.Account.AlternativeContact(\"operations\", new()\n {\n AlternateContactType = \"OPERATIONS\",\n Name = \"Example\",\n Title = \"Example\",\n EmailAddress = \"test@example.com\",\n PhoneNumber = \"+1234567890\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/account\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := account.NewAlternativeContact(ctx, \"operations\", \u0026account.AlternativeContactArgs{\n\t\t\tAlternateContactType: pulumi.String(\"OPERATIONS\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tTitle: pulumi.String(\"Example\"),\n\t\t\tEmailAddress: pulumi.String(\"test@example.com\"),\n\t\t\tPhoneNumber: pulumi.String(\"+1234567890\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.account.AlternativeContact;\nimport com.pulumi.aws.account.AlternativeContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var operations = new AlternativeContact(\"operations\", AlternativeContactArgs.builder()\n .alternateContactType(\"OPERATIONS\")\n .name(\"Example\")\n .title(\"Example\")\n .emailAddress(\"test@example.com\")\n .phoneNumber(\"+1234567890\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n operations:\n type: aws:account:AlternativeContact\n properties:\n alternateContactType: OPERATIONS\n name: Example\n title: Example\n emailAddress: test@example.com\n phoneNumber: '+1234567890'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport the Alternate Contact for another account using the `account_id` and `alternate_contact_type` separated by a forward slash (`/`):\n\n__Using `pulumi import` to import__ the Alternate Contact for the current or another account using the `alternate_contact_type`. For example:\n\nImport the Alternate Contact for the current account:\n\n```sh\n$ pulumi import aws:account/alternativeContact:AlternativeContact operations OPERATIONS\n```\nImport the Alternate Contact for another account using the `account_id` and `alternate_contact_type` separated by a forward slash (`/`):\n\n```sh\n$ pulumi import aws:account/alternativeContact:AlternativeContact operations 1234567890/OPERATIONS\n```\n", "properties": { "accountId": { "type": "string", "description": "ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n" }, "alternateContactType": { "type": "string", "description": "Type of the alternate contact. Allowed values are: `BILLING`, `OPERATIONS`, `SECURITY`.\n" }, "emailAddress": { "type": "string", "description": "An email address for the alternate contact.\n" }, "name": { "type": "string", "description": "Name of the alternate contact.\n" }, "phoneNumber": { "type": "string", "description": "Phone number for the alternate contact.\n" }, "title": { "type": "string", "description": "Title for the alternate contact.\n" } }, "required": [ "alternateContactType", "emailAddress", "name", "phoneNumber", "title" ], "inputProperties": { "accountId": { "type": "string", "description": "ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n", "willReplaceOnChanges": true }, "alternateContactType": { "type": "string", "description": "Type of the alternate contact. Allowed values are: `BILLING`, `OPERATIONS`, `SECURITY`.\n", "willReplaceOnChanges": true }, "emailAddress": { "type": "string", "description": "An email address for the alternate contact.\n" }, "name": { "type": "string", "description": "Name of the alternate contact.\n" }, "phoneNumber": { "type": "string", "description": "Phone number for the alternate contact.\n" }, "title": { "type": "string", "description": "Title for the alternate contact.\n" } }, "requiredInputs": [ "alternateContactType", "emailAddress", "phoneNumber", "title" ], "stateInputs": { "description": "Input properties used for looking up and filtering AlternativeContact resources.\n", "properties": { "accountId": { "type": "string", "description": "ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n", "willReplaceOnChanges": true }, "alternateContactType": { "type": "string", "description": "Type of the alternate contact. Allowed values are: `BILLING`, `OPERATIONS`, `SECURITY`.\n", "willReplaceOnChanges": true }, "emailAddress": { "type": "string", "description": "An email address for the alternate contact.\n" }, "name": { "type": "string", "description": "Name of the alternate contact.\n" }, "phoneNumber": { "type": "string", "description": "Phone number for the alternate contact.\n" }, "title": { "type": "string", "description": "Title for the alternate contact.\n" } }, "type": "object" } }, "aws:account/primaryContact:PrimaryContact": { "description": "Manages the specified primary contact information associated with an AWS Account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.account.PrimaryContact(\"test\", {\n addressLine1: \"123 Any Street\",\n city: \"Seattle\",\n companyName: \"Example Corp, Inc.\",\n countryCode: \"US\",\n districtOrCounty: \"King\",\n fullName: \"My Name\",\n phoneNumber: \"+64211111111\",\n postalCode: \"98101\",\n stateOrRegion: \"WA\",\n websiteUrl: \"https://www.examplecorp.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.account.PrimaryContact(\"test\",\n address_line1=\"123 Any Street\",\n city=\"Seattle\",\n company_name=\"Example Corp, Inc.\",\n country_code=\"US\",\n district_or_county=\"King\",\n full_name=\"My Name\",\n phone_number=\"+64211111111\",\n postal_code=\"98101\",\n state_or_region=\"WA\",\n website_url=\"https://www.examplecorp.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Account.PrimaryContact(\"test\", new()\n {\n AddressLine1 = \"123 Any Street\",\n City = \"Seattle\",\n CompanyName = \"Example Corp, Inc.\",\n CountryCode = \"US\",\n DistrictOrCounty = \"King\",\n FullName = \"My Name\",\n PhoneNumber = \"+64211111111\",\n PostalCode = \"98101\",\n StateOrRegion = \"WA\",\n WebsiteUrl = \"https://www.examplecorp.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/account\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := account.NewPrimaryContact(ctx, \"test\", \u0026account.PrimaryContactArgs{\n\t\t\tAddressLine1: pulumi.String(\"123 Any Street\"),\n\t\t\tCity: pulumi.String(\"Seattle\"),\n\t\t\tCompanyName: pulumi.String(\"Example Corp, Inc.\"),\n\t\t\tCountryCode: pulumi.String(\"US\"),\n\t\t\tDistrictOrCounty: pulumi.String(\"King\"),\n\t\t\tFullName: pulumi.String(\"My Name\"),\n\t\t\tPhoneNumber: pulumi.String(\"+64211111111\"),\n\t\t\tPostalCode: pulumi.String(\"98101\"),\n\t\t\tStateOrRegion: pulumi.String(\"WA\"),\n\t\t\tWebsiteUrl: pulumi.String(\"https://www.examplecorp.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.account.PrimaryContact;\nimport com.pulumi.aws.account.PrimaryContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new PrimaryContact(\"test\", PrimaryContactArgs.builder()\n .addressLine1(\"123 Any Street\")\n .city(\"Seattle\")\n .companyName(\"Example Corp, Inc.\")\n .countryCode(\"US\")\n .districtOrCounty(\"King\")\n .fullName(\"My Name\")\n .phoneNumber(\"+64211111111\")\n .postalCode(\"98101\")\n .stateOrRegion(\"WA\")\n .websiteUrl(\"https://www.examplecorp.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:account:PrimaryContact\n properties:\n addressLine1: 123 Any Street\n city: Seattle\n companyName: Example Corp, Inc.\n countryCode: US\n districtOrCounty: King\n fullName: My Name\n phoneNumber: '+64211111111'\n postalCode: '98101'\n stateOrRegion: WA\n websiteUrl: https://www.examplecorp.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the Primary Contact using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:account/primaryContact:PrimaryContact test 1234567890\n```\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n" }, "addressLine1": { "type": "string", "description": "The first line of the primary contact address.\n" }, "addressLine2": { "type": "string", "description": "The second line of the primary contact address, if any.\n" }, "addressLine3": { "type": "string", "description": "The third line of the primary contact address, if any.\n" }, "city": { "type": "string", "description": "The city of the primary contact address.\n" }, "companyName": { "type": "string", "description": "The name of the company associated with the primary contact information, if any.\n" }, "countryCode": { "type": "string", "description": "The ISO-3166 two-letter country code for the primary contact address.\n" }, "districtOrCounty": { "type": "string", "description": "The district or county of the primary contact address, if any.\n" }, "fullName": { "type": "string", "description": "The full name of the primary contact address.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation.\n" }, "postalCode": { "type": "string", "description": "The postal code of the primary contact address.\n" }, "stateOrRegion": { "type": "string", "description": "The state or region of the primary contact address. This field is required in selected countries.\n" }, "websiteUrl": { "type": "string", "description": "The URL of the website associated with the primary contact information, if any.\n" } }, "required": [ "addressLine1", "city", "countryCode", "fullName", "phoneNumber", "postalCode" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n", "willReplaceOnChanges": true }, "addressLine1": { "type": "string", "description": "The first line of the primary contact address.\n" }, "addressLine2": { "type": "string", "description": "The second line of the primary contact address, if any.\n" }, "addressLine3": { "type": "string", "description": "The third line of the primary contact address, if any.\n" }, "city": { "type": "string", "description": "The city of the primary contact address.\n" }, "companyName": { "type": "string", "description": "The name of the company associated with the primary contact information, if any.\n" }, "countryCode": { "type": "string", "description": "The ISO-3166 two-letter country code for the primary contact address.\n" }, "districtOrCounty": { "type": "string", "description": "The district or county of the primary contact address, if any.\n" }, "fullName": { "type": "string", "description": "The full name of the primary contact address.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation.\n" }, "postalCode": { "type": "string", "description": "The postal code of the primary contact address.\n" }, "stateOrRegion": { "type": "string", "description": "The state or region of the primary contact address. This field is required in selected countries.\n" }, "websiteUrl": { "type": "string", "description": "The URL of the website associated with the primary contact information, if any.\n" } }, "requiredInputs": [ "addressLine1", "city", "countryCode", "fullName", "phoneNumber", "postalCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrimaryContact resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted.\n", "willReplaceOnChanges": true }, "addressLine1": { "type": "string", "description": "The first line of the primary contact address.\n" }, "addressLine2": { "type": "string", "description": "The second line of the primary contact address, if any.\n" }, "addressLine3": { "type": "string", "description": "The third line of the primary contact address, if any.\n" }, "city": { "type": "string", "description": "The city of the primary contact address.\n" }, "companyName": { "type": "string", "description": "The name of the company associated with the primary contact information, if any.\n" }, "countryCode": { "type": "string", "description": "The ISO-3166 two-letter country code for the primary contact address.\n" }, "districtOrCounty": { "type": "string", "description": "The district or county of the primary contact address, if any.\n" }, "fullName": { "type": "string", "description": "The full name of the primary contact address.\n" }, "phoneNumber": { "type": "string", "description": "The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation.\n" }, "postalCode": { "type": "string", "description": "The postal code of the primary contact address.\n" }, "stateOrRegion": { "type": "string", "description": "The state or region of the primary contact address. This field is required in selected countries.\n" }, "websiteUrl": { "type": "string", "description": "The URL of the website associated with the primary contact information, if any.\n" } }, "type": "object" } }, "aws:account/region:Region": { "description": "Enable (Opt-In) or Disable (Opt-Out) a particular Region for an AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.account.Region(\"example\", {\n regionName: \"ap-southeast-3\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.account.Region(\"example\",\n region_name=\"ap-southeast-3\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Account.Region(\"example\", new()\n {\n RegionName = \"ap-southeast-3\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/account\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := account.NewRegion(ctx, \"example\", \u0026account.RegionArgs{\n\t\t\tRegionName: pulumi.String(\"ap-southeast-3\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.account.Region;\nimport com.pulumi.aws.account.RegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Region(\"example\", RegionArgs.builder()\n .regionName(\"ap-southeast-3\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:account:Region\n properties:\n regionName: ap-southeast-3\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`. For example:\n\n```sh\n$ pulumi import aws:account/region:Region example ap-southeast-3\n```\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.\n" }, "enabled": { "type": "boolean", "description": "Whether the region is enabled.\n" }, "optStatus": { "type": "string", "description": "The region opt status.\n" }, "regionName": { "type": "string", "description": "The region name to manage.\n" } }, "required": [ "enabled", "optStatus", "regionName" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the region is enabled.\n" }, "regionName": { "type": "string", "description": "The region name to manage.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "enabled", "regionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Region resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account when managing member accounts. Will manage current user's account by default if omitted. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the region is enabled.\n" }, "optStatus": { "type": "string", "description": "The region opt status.\n" }, "regionName": { "type": "string", "description": "The region name to manage.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acm/certificate:Certificate": { "description": "The ACM certificate resource allows requesting and management of certificates\nfrom the Amazon Certificate Manager.\n\nACM certificates can be created in three ways:\nAmazon-issued, where AWS provides the certificate authority and automatically manages renewal;\nimported certificates, issued by another certificate authority;\nand private certificates, issued using an ACM Private Certificate Authority.\n\n## Amazon-Issued Certificates\n\nFor Amazon-issued certificates, this resource deals with requesting certificates and managing their attributes and life-cycle.\nThis resource does not deal with validation of a certificate but can provide inputs\nfor other resources implementing the validation.\nIt does not wait for a certificate to be issued.\nUse a `aws.acm.CertificateValidation` resource for this.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.acm.CertificateValidation` to request a DNS validated certificate,\ndeploy the required validation records and wait for validation to complete.\n\nDomain validation through email is also supported but should be avoided as it requires a manual step outside of this provider.\n\n\n## Certificates Imported from Other Certificate Authority\n\nImported certificates can be used to make certificates created with an external certificate authority available for AWS services.\n\nAs they are not managed by AWS, imported certificates are not eligible for automatic renewal.\nNew certificate materials can be supplied to an existing imported certificate to update it in place.\n\n## Private Certificates\n\nPrivate certificates are issued by an ACM Private Certificate Authority, which can be created using the resource type `aws.acmpca.CertificateAuthority`.\n\nPrivate certificates created using this resource are eligible for managed renewal if they have been exported or associated with another AWS service.\nSee [managed renewal documentation](https://docs.aws.amazon.com/acm/latest/userguide/managed-renewal.html) for more information.\nBy default, a certificate is valid for 395 days and the managed renewal process will start 60 days before expiration.\nTo renew the certificate earlier than 60 days before expiration, configure `early_renewal_duration`.\n\n## Example Usage\n\n### Custom Domain Validation Options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cert = new aws.acm.Certificate(\"cert\", {\n domainName: \"testing.example.com\",\n validationMethod: \"EMAIL\",\n validationOptions: [{\n domainName: \"testing.example.com\",\n validationDomain: \"example.com\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert = aws.acm.Certificate(\"cert\",\n domain_name=\"testing.example.com\",\n validation_method=\"EMAIL\",\n validation_options=[{\n \"domain_name\": \"testing.example.com\",\n \"validation_domain\": \"example.com\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cert = new Aws.Acm.Certificate(\"cert\", new()\n {\n DomainName = \"testing.example.com\",\n ValidationMethod = \"EMAIL\",\n ValidationOptions = new[]\n {\n new Aws.Acm.Inputs.CertificateValidationOptionArgs\n {\n DomainName = \"testing.example.com\",\n ValidationDomain = \"example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acm.NewCertificate(ctx, \"cert\", \u0026acm.CertificateArgs{\n\t\t\tDomainName: pulumi.String(\"testing.example.com\"),\n\t\t\tValidationMethod: pulumi.String(\"EMAIL\"),\n\t\t\tValidationOptions: acm.CertificateValidationOptionArray{\n\t\t\t\t\u0026acm.CertificateValidationOptionArgs{\n\t\t\t\t\tDomainName: pulumi.String(\"testing.example.com\"),\n\t\t\t\t\tValidationDomain: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.acm.CertificateArgs;\nimport com.pulumi.aws.acm.inputs.CertificateValidationOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .domainName(\"testing.example.com\")\n .validationMethod(\"EMAIL\")\n .validationOptions(CertificateValidationOptionArgs.builder()\n .domainName(\"testing.example.com\")\n .validationDomain(\"example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cert:\n type: aws:acm:Certificate\n properties:\n domainName: testing.example.com\n validationMethod: EMAIL\n validationOptions:\n - domainName: testing.example.com\n validationDomain: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Existing Certificate Body Import\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as tls from \"@pulumi/tls\";\n\nconst example = new tls.PrivateKey(\"example\", {algorithm: \"RSA\"});\nconst exampleSelfSignedCert = new tls.SelfSignedCert(\"example\", {\n keyAlgorithm: \"RSA\",\n privateKeyPem: example.privateKeyPem,\n subject: {\n commonName: \"example.com\",\n organization: \"ACME Examples, Inc\",\n },\n validityPeriodHours: 12,\n allowedUses: [\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n});\nconst cert = new aws.acm.Certificate(\"cert\", {\n privateKey: example.privateKeyPem,\n certificateBody: exampleSelfSignedCert.certPem,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_tls as tls\n\nexample = tls.PrivateKey(\"example\", algorithm=\"RSA\")\nexample_self_signed_cert = tls.SelfSignedCert(\"example\",\n key_algorithm=\"RSA\",\n private_key_pem=example.private_key_pem,\n subject=tls.SelfSignedCertSubjectArgs(\n common_name=\"example.com\",\n organization=\"ACME Examples, Inc\",\n ),\n validity_period_hours=12,\n allowed_uses=[\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ])\ncert = aws.acm.Certificate(\"cert\",\n private_key=example.private_key_pem,\n certificate_body=example_self_signed_cert.cert_pem)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Tls.PrivateKey(\"example\", new()\n {\n Algorithm = \"RSA\",\n });\n\n var exampleSelfSignedCert = new Tls.SelfSignedCert(\"example\", new()\n {\n KeyAlgorithm = \"RSA\",\n PrivateKeyPem = example.PrivateKeyPem,\n Subject = new Tls.Inputs.SelfSignedCertSubjectArgs\n {\n CommonName = \"example.com\",\n Organization = \"ACME Examples, Inc\",\n },\n ValidityPeriodHours = 12,\n AllowedUses = new[]\n {\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n },\n });\n\n var cert = new Aws.Acm.Certificate(\"cert\", new()\n {\n PrivateKey = example.PrivateKeyPem,\n CertificateBody = exampleSelfSignedCert.CertPem,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := tls.NewPrivateKey(ctx, \"example\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSelfSignedCert, err := tls.NewSelfSignedCert(ctx, \"example\", \u0026tls.SelfSignedCertArgs{\n\t\t\tKeyAlgorithm: pulumi.String(\"RSA\"),\n\t\t\tPrivateKeyPem: example.PrivateKeyPem,\n\t\t\tSubject: \u0026tls.SelfSignedCertSubjectArgs{\n\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\tOrganization: pulumi.String(\"ACME Examples, Inc\"),\n\t\t\t},\n\t\t\tValidityPeriodHours: pulumi.Int(12),\n\t\t\tAllowedUses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"key_encipherment\"),\n\t\t\t\tpulumi.String(\"digital_signature\"),\n\t\t\t\tpulumi.String(\"server_auth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acm.NewCertificate(ctx, \"cert\", \u0026acm.CertificateArgs{\n\t\t\tPrivateKey: example.PrivateKeyPem,\n\t\t\tCertificateBody: exampleSelfSignedCert.CertPem,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.tls.SelfSignedCert;\nimport com.pulumi.tls.SelfSignedCertArgs;\nimport com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.acm.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PrivateKey(\"example\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .build());\n\n var exampleSelfSignedCert = new SelfSignedCert(\"exampleSelfSignedCert\", SelfSignedCertArgs.builder()\n .keyAlgorithm(\"RSA\")\n .privateKeyPem(example.privateKeyPem())\n .subject(SelfSignedCertSubjectArgs.builder()\n .commonName(\"example.com\")\n .organization(\"ACME Examples, Inc\")\n .build())\n .validityPeriodHours(12)\n .allowedUses( \n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\")\n .build());\n\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .privateKey(example.privateKeyPem())\n .certificateBody(exampleSelfSignedCert.certPem())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: tls:PrivateKey\n properties:\n algorithm: RSA\n exampleSelfSignedCert:\n type: tls:SelfSignedCert\n name: example\n properties:\n keyAlgorithm: RSA\n privateKeyPem: ${example.privateKeyPem}\n subject:\n commonName: example.com\n organization: ACME Examples, Inc\n validityPeriodHours: 12\n allowedUses:\n - key_encipherment\n - digital_signature\n - server_auth\n cert:\n type: aws:acm:Certificate\n properties:\n privateKey: ${example.privateKeyPem}\n certificateBody: ${exampleSelfSignedCert.certPem}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Referencing domain_validation_options With for_each Based Resources\n\nSee the `aws.acm.CertificateValidation` resource for a full example of performing DNS validation.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.route53.Record[] = [];\nfor (const range of Object.entries(.reduce((__obj, dvo) =\u003e ({ ...__obj, [dvo.domainName]: {\n name: dvo.resourceRecordName,\n record: dvo.resourceRecordValue,\n type: dvo.resourceRecordType,\n} }))).map(([k, v]) =\u003e ({key: k, value: v}))) {\n example.push(new aws.route53.Record(`example-${range.key}`, {\n allowOverwrite: true,\n name: range.value.name,\n records: [range.value.record],\n ttl: 60,\n type: aws.route53.RecordType[range.value.type],\n zoneId: exampleAwsRoute53Zone.zoneId,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"key\": k, \"value\": v} for [k, v] in enumerate({dvo.domain_name: {\n name: dvo.resource_record_name,\n record: dvo.resource_record_value,\n type: dvo.resource_record_type,\n} for dvo in example_aws_acm_certificate.domain_validation_options})]:\n example.append(aws.route53.Record(f\"example-{range['key']}\",\n allow_overwrite=True,\n name=range[\"value\"][\"name\"],\n records=[range[\"value\"][\"record\"]],\n ttl=60,\n type=aws.route53.RecordType(range[\"value\"][\"type\"]),\n zone_id=example_aws_route53_zone[\"zoneId\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Route53.Record\u003e();\n foreach (var range in .ToDictionary(item =\u003e {\n var dvo = item.Value;\n return dvo.DomainName;\n }, item =\u003e {\n var dvo = item.Value;\n return \n {\n { \"name\", dvo.ResourceRecordName },\n { \"record\", dvo.ResourceRecordValue },\n { \"type\", dvo.ResourceRecordType },\n };\n }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n example.Add(new Aws.Route53.Record($\"example-{range.Key}\", new()\n {\n AllowOverwrite = true,\n Name = range.Value.Name,\n Records = new[]\n {\n range.Value.Record,\n },\n Ttl = 60,\n Type = System.Enum.Parse\u003cAws.Route53.RecordType\u003e(range.Value.Type),\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n }));\n }\n});\n```\n```yaml\nresources:\n example:\n type: aws:route53:Record\n properties:\n allowOverwrite: true\n name: ${range.value.name}\n records:\n - ${range.value.record}\n ttl: 60\n type: ${range.value.type}\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import certificates using their ARN. For example:\n\n```sh\n$ pulumi import aws:acm/certificate:Certificate cert arn:aws:acm:eu-central-1:123456789012:certificate/7e7a28d2-163f-4b8f-b9cd-822f96c08d6a\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACM PCA\n" }, "certificateBody": { "type": "string", "description": "Certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "Certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "Fully qualified domain name (FQDN) in the certificate.\n" }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "Set of domain validation objects which can be used to complete certificate validation.\nCan have more than one element, e.g., if SANs are defined.\nOnly set if `DNS`-validation was used.\n" }, "earlyRenewalDuration": { "type": "string", "description": "Amount of time to start automatic renewal process before expiration.\nHas no effect if less than 60 days.\nRepresented by either\na subset of [RFC 3339 duration](https://www.rfc-editor.org/rfc/rfc3339) supporting years, months, and days (e.g., `P90D`),\nor a string such as `2160h`.\n" }, "keyAlgorithm": { "type": "string", "description": "Specifies the algorithm of the public and private key pair that your Amazon issued certificate uses to encrypt data. See [ACM Certificate characteristics](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) for more details.\n" }, "notAfter": { "type": "string", "description": "Expiration date and time of the certificate.\n" }, "notBefore": { "type": "string", "description": "Start of the validity period of the certificate.\n" }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n" }, "pendingRenewal": { "type": "boolean", "description": "`true` if a Private certificate eligible for managed renewal is within the `early_renewal_duration` period.\n" }, "privateKey": { "type": "string", "description": "Certificate's PEM-formatted private key\n", "secret": true }, "renewalEligibility": { "type": "string", "description": "Whether the certificate is eligible for managed renewal.\n" }, "renewalSummaries": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateRenewalSummary:CertificateRenewalSummary" }, "description": "Contains information about the status of ACM's [managed renewal](https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html) for the certificate.\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate.\nTo remove all elements of a previously configured list, set this value equal to an empty list (`[]`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Source of the certificate.\n" }, "validationEmails": { "type": "array", "items": { "type": "string" }, "description": "List of addresses that received a validation email. Only set if `EMAIL` validation was used.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid. This parameter must not be set for certificates that were imported into ACM and then into Pulumi.\n" }, "validationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateValidationOption:CertificateValidationOption" }, "description": "Configuration block used to specify information about the initial validation of each domain name. Detailed below.\n* Importing an existing certificate\n" } }, "required": [ "arn", "domainName", "domainValidationOptions", "keyAlgorithm", "notAfter", "notBefore", "options", "pendingRenewal", "renewalEligibility", "renewalSummaries", "status", "subjectAlternativeNames", "tagsAll", "type", "validationEmails", "validationMethod" ], "inputProperties": { "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACM PCA\n", "willReplaceOnChanges": true }, "certificateBody": { "type": "string", "description": "Certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "Certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "Fully qualified domain name (FQDN) in the certificate.\n", "willReplaceOnChanges": true }, "earlyRenewalDuration": { "type": "string", "description": "Amount of time to start automatic renewal process before expiration.\nHas no effect if less than 60 days.\nRepresented by either\na subset of [RFC 3339 duration](https://www.rfc-editor.org/rfc/rfc3339) supporting years, months, and days (e.g., `P90D`),\nor a string such as `2160h`.\n" }, "keyAlgorithm": { "type": "string", "description": "Specifies the algorithm of the public and private key pair that your Amazon issued certificate uses to encrypt data. See [ACM Certificate characteristics](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) for more details.\n", "willReplaceOnChanges": true }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n" }, "privateKey": { "type": "string", "description": "Certificate's PEM-formatted private key\n", "secret": true }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate.\nTo remove all elements of a previously configured list, set this value equal to an empty list (`[]`)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid. This parameter must not be set for certificates that were imported into ACM and then into Pulumi.\n", "willReplaceOnChanges": true }, "validationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateValidationOption:CertificateValidationOption" }, "description": "Configuration block used to specify information about the initial validation of each domain name. Detailed below.\n* Importing an existing certificate\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of an ACM PCA\n", "willReplaceOnChanges": true }, "certificateBody": { "type": "string", "description": "Certificate's PEM-formatted public key\n" }, "certificateChain": { "type": "string", "description": "Certificate's PEM-formatted chain\n* Creating a private CA issued certificate\n" }, "domainName": { "type": "string", "description": "Fully qualified domain name (FQDN) in the certificate.\n", "willReplaceOnChanges": true }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "Set of domain validation objects which can be used to complete certificate validation.\nCan have more than one element, e.g., if SANs are defined.\nOnly set if `DNS`-validation was used.\n" }, "earlyRenewalDuration": { "type": "string", "description": "Amount of time to start automatic renewal process before expiration.\nHas no effect if less than 60 days.\nRepresented by either\na subset of [RFC 3339 duration](https://www.rfc-editor.org/rfc/rfc3339) supporting years, months, and days (e.g., `P90D`),\nor a string such as `2160h`.\n" }, "keyAlgorithm": { "type": "string", "description": "Specifies the algorithm of the public and private key pair that your Amazon issued certificate uses to encrypt data. See [ACM Certificate characteristics](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) for more details.\n", "willReplaceOnChanges": true }, "notAfter": { "type": "string", "description": "Expiration date and time of the certificate.\n" }, "notBefore": { "type": "string", "description": "Start of the validity period of the certificate.\n" }, "options": { "$ref": "#/types/aws:acm/CertificateOptions:CertificateOptions", "description": "Configuration block used to set certificate options. Detailed below.\n" }, "pendingRenewal": { "type": "boolean", "description": "`true` if a Private certificate eligible for managed renewal is within the `early_renewal_duration` period.\n" }, "privateKey": { "type": "string", "description": "Certificate's PEM-formatted private key\n", "secret": true }, "renewalEligibility": { "type": "string", "description": "Whether the certificate is eligible for managed renewal.\n" }, "renewalSummaries": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateRenewalSummary:CertificateRenewalSummary" }, "description": "Contains information about the status of ACM's [managed renewal](https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html) for the certificate.\n" }, "status": { "type": "string", "description": "Status of the certificate.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate.\nTo remove all elements of a previously configured list, set this value equal to an empty list (`[]`)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Source of the certificate.\n" }, "validationEmails": { "type": "array", "items": { "type": "string" }, "description": "List of addresses that received a validation email. Only set if `EMAIL` validation was used.\n" }, "validationMethod": { "type": "string", "description": "Which method to use for validation. `DNS` or `EMAIL` are valid. This parameter must not be set for certificates that were imported into ACM and then into Pulumi.\n", "willReplaceOnChanges": true }, "validationOptions": { "type": "array", "items": { "$ref": "#/types/aws:acm/CertificateValidationOption:CertificateValidationOption" }, "description": "Configuration block used to specify information about the initial validation of each domain name. Detailed below.\n* Importing an existing certificate\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acm/certificateValidation:CertificateValidation": { "description": "This resource represents a successful validation of an ACM certificate in concert\nwith other resources.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.acm.Certificate` to request a DNS validated certificate,\ndeploy the required validation records and wait for validation to complete.\n\n\u003e **WARNING:** This resource implements a part of the validation workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n## Example Usage\n\n### DNS Validation with Route 53\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificate = new aws.acm.Certificate(\"example\", {\n domainName: \"example.com\",\n validationMethod: \"DNS\",\n});\nconst example = aws.route53.getZone({\n name: \"example.com\",\n privateZone: false,\n});\nconst exampleRecord: aws.route53.Record[] = [];\nexampleCertificate.domainValidationOptions.apply(domainValidationOptions =\u003e {\n for (const range of Object.entries(domainValidationOptions.reduce((__obj, dvo) =\u003e ({ ...__obj, [dvo.domainName]: {\n name: dvo.resourceRecordName,\n record: dvo.resourceRecordValue,\n type: dvo.resourceRecordType,\n } }))).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleRecord.push(new aws.route53.Record(`example-${range.key}`, {\n allowOverwrite: true,\n name: range.value.name,\n records: [range.value.record],\n ttl: 60,\n type: aws.route53.RecordType[range.value.type],\n zoneId: example.then(example =\u003e example.zoneId),\n }));\n }\n});\nconst exampleCertificateValidation = new aws.acm.CertificateValidation(\"example\", {\n certificateArn: exampleCertificate.arn,\n validationRecordFqdns: exampleRecord.apply(exampleRecord =\u003e exampleRecord.map(record =\u003e (record.fqdn))),\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {certificateArn: exampleCertificateValidation.certificateArn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate = aws.acm.Certificate(\"example\",\n domain_name=\"example.com\",\n validation_method=\"DNS\")\nexample = aws.route53.get_zone(name=\"example.com\",\n private_zone=False)\nexample_record = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_record.append(aws.route53.Record(f\"example-{range['key']}\",\n allow_overwrite=True,\n name=range[\"value\"][\"name\"],\n records=[range[\"value\"][\"record\"]],\n ttl=60,\n type=aws.route53.RecordType(range[\"value\"][\"type\"]),\n zone_id=example.zone_id))\n\nexample_certificate.domain_validation_options.apply(lambda resolved_outputs: create_example({dvo.domain_name: {\n \"name\": dvo.resource_record_name,\n \"record\": dvo.resource_record_value,\n \"type\": dvo.resource_record_type,\n} for dvo in resolved_outputs[\"domain_validation_options\"]}))\nexample_certificate_validation = aws.acm.CertificateValidation(\"example\",\n certificate_arn=example_certificate.arn,\n validation_record_fqdns=example_record.apply(lambda example_record: [record.fqdn for record in example_record]))\nexample_listener = aws.lb.Listener(\"example\", certificate_arn=example_certificate_validation.certificate_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCertificate = new Aws.Acm.Certificate(\"example\", new()\n {\n DomainName = \"example.com\",\n ValidationMethod = \"DNS\",\n });\n\n var example = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"example.com\",\n PrivateZone = false,\n });\n\n var exampleRecord = new List\u003cAws.Route53.Record\u003e();\n foreach (var range in exampleCertificate.DomainValidationOptions.Apply(domainValidationOptions =\u003e domainValidationOptions.ToDictionary(item =\u003e {\n var dvo = item.Value;\n return dvo.DomainName;\n }, item =\u003e {\n var dvo = item.Value;\n return \n {\n { \"name\", dvo.ResourceRecordName },\n { \"record\", dvo.ResourceRecordValue },\n { \"type\", dvo.ResourceRecordType },\n };\n })).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleRecord.Add(new Aws.Route53.Record($\"example-{range.Key}\", new()\n {\n AllowOverwrite = true,\n Name = range.Value.Name,\n Records = new[]\n {\n range.Value.Record,\n },\n Ttl = 60,\n Type = System.Enum.Parse\u003cAws.Route53.RecordType\u003e(range.Value.Type),\n ZoneId = example.Apply(getZoneResult =\u003e getZoneResult.ZoneId),\n }));\n }\n var exampleCertificateValidation = new Aws.Acm.CertificateValidation(\"example\", new()\n {\n CertificateArn = exampleCertificate.Arn,\n ValidationRecordFqdns = exampleRecord.Apply(exampleRecord =\u003e exampleRecord.Select(record =\u003e \n {\n return record.Fqdn;\n }).ToList()),\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n CertificateArn = exampleCertificateValidation.CertificateArn,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Alternative Domains DNS Validation with Route 53\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acm.Certificate(\"example\", {\n domainName: \"example.com\",\n subjectAlternativeNames: [\n \"www.example.com\",\n \"example.org\",\n ],\n validationMethod: \"DNS\",\n});\nconst exampleCom = aws.route53.getZone({\n name: \"example.com\",\n privateZone: false,\n});\nconst exampleOrg = aws.route53.getZone({\n name: \"example.org\",\n privateZone: false,\n});\nconst exampleRecord: aws.route53.Record[] = [];\npulumi.all([example.domainValidationOptions, dvo.domainName == \"example.org\" ? exampleOrg.then(exampleOrg =\u003e exampleOrg.zoneId) : exampleCom.then(exampleCom =\u003e exampleCom.zoneId)]).apply(([domainValidationOptions, value]) =\u003e {\n for (const range of Object.entries(domainValidationOptions.reduce((__obj, dvo) =\u003e ({ ...__obj, [dvo.domainName]: {\n name: dvo.resourceRecordName,\n record: dvo.resourceRecordValue,\n type: dvo.resourceRecordType,\n zoneId: value,\n } }))).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleRecord.push(new aws.route53.Record(`example-${range.key}`, {\n allowOverwrite: true,\n name: range.value.name,\n records: [range.value.record],\n ttl: 60,\n type: aws.route53.RecordType[range.value.type],\n zoneId: range.value.zoneId,\n }));\n }\n});\nconst exampleCertificateValidation = new aws.acm.CertificateValidation(\"example\", {\n certificateArn: example.arn,\n validationRecordFqdns: exampleRecord.apply(exampleRecord =\u003e exampleRecord.map(record =\u003e (record.fqdn))),\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {certificateArn: exampleCertificateValidation.certificateArn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.Certificate(\"example\",\n domain_name=\"example.com\",\n subject_alternative_names=[\n \"www.example.com\",\n \"example.org\",\n ],\n validation_method=\"DNS\")\nexample_com = aws.route53.get_zone(name=\"example.com\",\n private_zone=False)\nexample_org = aws.route53.get_zone(name=\"example.org\",\n private_zone=False)\nexample_record = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_record.append(aws.route53.Record(f\"example-{range['key']}\",\n allow_overwrite=True,\n name=range[\"value\"][\"name\"],\n records=[range[\"value\"][\"record\"]],\n ttl=60,\n type=aws.route53.RecordType(range[\"value\"][\"type\"]),\n zone_id=range[\"value\"][\"zoneId\"]))\n\nexample.domain_validation_options.apply(lambda resolved_outputs: create_example({dvo.domain_name: {\n \"name\": dvo.resource_record_name,\n \"record\": dvo.resource_record_value,\n \"type\": dvo.resource_record_type,\n \"zoneId\": example_org.zone_id if dvo.domain_name == \"example.org\" else example_com.zone_id,\n} for dvo in resolved_outputs[\"domain_validation_options\"]}))\nexample_certificate_validation = aws.acm.CertificateValidation(\"example\",\n certificate_arn=example.arn,\n validation_record_fqdns=example_record.apply(lambda example_record: [record.fqdn for record in example_record]))\nexample_listener = aws.lb.Listener(\"example\", certificate_arn=example_certificate_validation.certificate_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acm.Certificate(\"example\", new()\n {\n DomainName = \"example.com\",\n SubjectAlternativeNames = new[]\n {\n \"www.example.com\",\n \"example.org\",\n },\n ValidationMethod = \"DNS\",\n });\n\n var exampleCom = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"example.com\",\n PrivateZone = false,\n });\n\n var exampleOrg = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"example.org\",\n PrivateZone = false,\n });\n\n var exampleRecord = new List\u003cAws.Route53.Record\u003e();\n foreach (var range in Output.Tuple(example.DomainValidationOptions, dvo.DomainName == \"example.org\" ? exampleOrg.Apply(getZoneResult =\u003e getZoneResult.ZoneId) : exampleCom.Apply(getZoneResult =\u003e getZoneResult.ZoneId)).Apply(values =\u003e\n {\n var domainValidationOptions = values.Item1;\n var @value = values.Item2;\n return domainValidationOptions.ToDictionary(item =\u003e {\n var dvo = item.Value;\n return dvo.DomainName;\n }, item =\u003e {\n var dvo = item.Value;\n return \n {\n { \"name\", dvo.ResourceRecordName },\n { \"record\", dvo.ResourceRecordValue },\n { \"type\", dvo.ResourceRecordType },\n { \"zoneId\", @value },\n };\n });\n }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleRecord.Add(new Aws.Route53.Record($\"example-{range.Key}\", new()\n {\n AllowOverwrite = true,\n Name = range.Value.Name,\n Records = new[]\n {\n range.Value.Record,\n },\n Ttl = 60,\n Type = System.Enum.Parse\u003cAws.Route53.RecordType\u003e(range.Value.Type),\n ZoneId = range.Value.ZoneId,\n }));\n }\n var exampleCertificateValidation = new Aws.Acm.CertificateValidation(\"example\", new()\n {\n CertificateArn = example.Arn,\n ValidationRecordFqdns = exampleRecord.Apply(exampleRecord =\u003e exampleRecord.Select(record =\u003e \n {\n return record.Fqdn;\n }).ToList()),\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n CertificateArn = exampleCertificateValidation.CertificateArn,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Email Validation\n\nIn this situation, the resource is simply a waiter for manual email approval of ACM certificates.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acm.Certificate(\"example\", {\n domainName: \"example.com\",\n validationMethod: \"EMAIL\",\n});\nconst exampleCertificateValidation = new aws.acm.CertificateValidation(\"example\", {certificateArn: example.arn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.Certificate(\"example\",\n domain_name=\"example.com\",\n validation_method=\"EMAIL\")\nexample_certificate_validation = aws.acm.CertificateValidation(\"example\", certificate_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acm.Certificate(\"example\", new()\n {\n DomainName = \"example.com\",\n ValidationMethod = \"EMAIL\",\n });\n\n var exampleCertificateValidation = new Aws.Acm.CertificateValidation(\"example\", new()\n {\n CertificateArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acm.NewCertificate(ctx, \"example\", \u0026acm.CertificateArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tValidationMethod: pulumi.String(\"EMAIL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acm.NewCertificateValidation(ctx, \"example\", \u0026acm.CertificateValidationArgs{\n\t\t\tCertificateArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.acm.CertificateArgs;\nimport com.pulumi.aws.acm.CertificateValidation;\nimport com.pulumi.aws.acm.CertificateValidationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .domainName(\"example.com\")\n .validationMethod(\"EMAIL\")\n .build());\n\n var exampleCertificateValidation = new CertificateValidation(\"exampleCertificateValidation\", CertificateValidationArgs.builder()\n .certificateArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acm:Certificate\n properties:\n domainName: example.com\n validationMethod: EMAIL\n exampleCertificateValidation:\n type: aws:acm:CertificateValidation\n name: example\n properties:\n certificateArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "certificateArn": { "type": "string", "description": "ARN of the certificate that is being validated.\n" }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n" } }, "required": [ "certificateArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "ARN of the certificate that is being validated.\n", "willReplaceOnChanges": true }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CertificateValidation resources.\n", "properties": { "certificateArn": { "type": "string", "description": "ARN of the certificate that is being validated.\n", "willReplaceOnChanges": true }, "validationRecordFqdns": { "type": "array", "items": { "type": "string" }, "description": "List of FQDNs that implement the validation. Only valid for DNS validation method ACM certificates. If this is set, the resource can implement additional sanity checks and has an explicit dependency on the resource that is implementing the validation\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acmpca/certificate:Certificate": { "description": "Provides a resource to issue a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA).\n\nCertificates created using `aws.acmpca.Certificate` are not eligible for automatic renewal,\nand must be replaced instead.\nTo issue a renewable certificate using an ACM PCA, create a `aws.acm.Certificate`\nwith the parameter `certificate_authority_arn`.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as tls from \"@pulumi/tls\";\n\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n permanentDeletionTimeInDays: 7,\n});\nconst key = new tls.PrivateKey(\"key\", {algorithm: \"RSA\"});\nconst csr = new tls.CertRequest(\"csr\", {\n privateKeyPem: key.privateKeyPem,\n subject: {\n commonName: \"example\",\n },\n});\nconst example = new aws.acmpca.Certificate(\"example\", {\n certificateAuthorityArn: exampleCertificateAuthority.arn,\n certificateSigningRequest: csr.certRequestPem,\n signingAlgorithm: \"SHA256WITHRSA\",\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_tls as tls\n\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n },\n permanent_deletion_time_in_days=7)\nkey = tls.PrivateKey(\"key\", algorithm=\"RSA\")\ncsr = tls.CertRequest(\"csr\",\n private_key_pem=key.private_key_pem,\n subject=tls.CertRequestSubjectArgs(\n common_name=\"example\",\n ))\nexample = aws.acmpca.Certificate(\"example\",\n certificate_authority_arn=example_certificate_authority.arn,\n certificate_signing_request=csr.cert_request_pem,\n signing_algorithm=\"SHA256WITHRSA\",\n validity={\n \"type\": \"YEARS\",\n \"value\": \"1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n PermanentDeletionTimeInDays = 7,\n });\n\n var key = new Tls.PrivateKey(\"key\", new()\n {\n Algorithm = \"RSA\",\n });\n\n var csr = new Tls.CertRequest(\"csr\", new()\n {\n PrivateKeyPem = key.PrivateKeyPem,\n Subject = new Tls.Inputs.CertRequestSubjectArgs\n {\n CommonName = \"example\",\n },\n });\n\n var example = new Aws.Acmpca.Certificate(\"example\", new()\n {\n CertificateAuthorityArn = exampleCertificateAuthority.Arn,\n CertificateSigningRequest = csr.CertRequestPem,\n SigningAlgorithm = \"SHA256WITHRSA\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tkey, err := tls.NewPrivateKey(ctx, \"key\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcsr, err := tls.NewCertRequest(ctx, \"csr\", \u0026tls.CertRequestArgs{\n\t\t\tPrivateKeyPem: key.PrivateKeyPem,\n\t\t\tSubject: \u0026tls.CertRequestSubjectArgs{\n\t\t\t\tCommonName: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificate(ctx, \"example\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: exampleCertificateAuthority.Arn,\n\t\t\tCertificateSigningRequest: csr.CertRequestPem,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA256WITHRSA\"),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.tls.CertRequest;\nimport com.pulumi.tls.CertRequestArgs;\nimport com.pulumi.tls.inputs.CertRequestSubjectArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder()\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .permanentDeletionTimeInDays(7)\n .build());\n\n var key = new PrivateKey(\"key\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .build());\n\n var csr = new CertRequest(\"csr\", CertRequestArgs.builder()\n .privateKeyPem(key.privateKeyPem())\n .subject(CertRequestSubjectArgs.builder()\n .commonName(\"example\")\n .build())\n .build());\n\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .certificateAuthorityArn(exampleCertificateAuthority.arn())\n .certificateSigningRequest(csr.certRequestPem())\n .signingAlgorithm(\"SHA256WITHRSA\")\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:Certificate\n properties:\n certificateAuthorityArn: ${exampleCertificateAuthority.arn}\n certificateSigningRequest: ${csr.certRequestPem}\n signingAlgorithm: SHA256WITHRSA\n validity:\n type: YEARS\n value: 1\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n permanentDeletionTimeInDays: 7\n key:\n type: tls:PrivateKey\n properties:\n algorithm: RSA\n csr:\n type: tls:CertRequest\n properties:\n privateKeyPem: ${key.privateKeyPem}\n subject:\n commonName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ACM PCA Certificates using their ARN. For example:\n\n```sh\n$ pulumi import aws:acmpca/certificate:Certificate cert arn:aws:acm-pca:eu-west-1:675225743824:certificate-authority/08319ede-83g9-1400-8f21-c7d12b2b6edb/certificate/a4e9c2aa4bcfab625g1b9136464cd3a\n```\n", "properties": { "apiPassthrough": { "type": "string", "description": "Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates\n" }, "arn": { "type": "string", "description": "ARN of the certificate.\n" }, "certificate": { "type": "string", "description": "PEM-encoded certificate value.\n", "language": { "csharp": { "name": "CertificateDetails" } } }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the certificate authority.\n" }, "certificateChain": { "type": "string", "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.\n" }, "certificateSigningRequest": { "type": "string", "description": "Certificate Signing Request in PEM format.\n" }, "signingAlgorithm": { "type": "string", "description": "Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.\n" }, "templateArn": { "type": "string", "description": "Template to use when issuing a certificate.\nSee [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.\n" }, "validity": { "$ref": "#/types/aws:acmpca/CertificateValidity:CertificateValidity", "description": "Configures end of the validity period for the certificate. See validity block below.\n" } }, "required": [ "arn", "certificate", "certificateAuthorityArn", "certificateChain", "certificateSigningRequest", "signingAlgorithm", "validity" ], "inputProperties": { "apiPassthrough": { "type": "string", "description": "Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates\n", "willReplaceOnChanges": true }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the certificate authority.\n", "willReplaceOnChanges": true }, "certificateSigningRequest": { "type": "string", "description": "Certificate Signing Request in PEM format.\n", "willReplaceOnChanges": true }, "signingAlgorithm": { "type": "string", "description": "Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.\n", "willReplaceOnChanges": true }, "templateArn": { "type": "string", "description": "Template to use when issuing a certificate.\nSee [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.\n", "willReplaceOnChanges": true }, "validity": { "$ref": "#/types/aws:acmpca/CertificateValidity:CertificateValidity", "description": "Configures end of the validity period for the certificate. See validity block below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateAuthorityArn", "certificateSigningRequest", "signingAlgorithm", "validity" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "apiPassthrough": { "type": "string", "description": "Specifies X.509 certificate information to be included in the issued certificate. To use with API Passthrough templates\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the certificate.\n" }, "certificate": { "type": "string", "description": "PEM-encoded certificate value.\n", "language": { "csharp": { "name": "CertificateDetails" } } }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the certificate authority.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.\n" }, "certificateSigningRequest": { "type": "string", "description": "Certificate Signing Request in PEM format.\n", "willReplaceOnChanges": true }, "signingAlgorithm": { "type": "string", "description": "Algorithm to use to sign certificate requests. Valid values: `SHA256WITHRSA`, `SHA256WITHECDSA`, `SHA384WITHRSA`, `SHA384WITHECDSA`, `SHA512WITHRSA`, `SHA512WITHECDSA`.\n", "willReplaceOnChanges": true }, "templateArn": { "type": "string", "description": "Template to use when issuing a certificate.\nSee [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) for more information.\n", "willReplaceOnChanges": true }, "validity": { "$ref": "#/types/aws:acmpca/CertificateValidity:CertificateValidity", "description": "Configures end of the validity period for the certificate. See validity block below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acmpca/certificateAuthority:CertificateAuthority": { "description": "Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).\n\n\u003e **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificate_signing_request` attribute. The `aws.acmpca.CertificateAuthorityCertificate` resource can be used for this purpose.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n permanentDeletionTimeInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n },\n permanent_deletion_time_in_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n PermanentDeletionTimeInDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder()\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .permanentDeletionTimeInDays(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n permanentDeletionTimeInDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Short-lived certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n usageMode: \"SHORT_LIVED_CERTIFICATE\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n usage_mode=\"SHORT_LIVED_CERTIFICATE\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n UsageMode = \"SHORT_LIVED_CERTIFICATE\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tUsageMode: pulumi.String(\"SHORT_LIVED_CERTIFICATE\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder()\n .usageMode(\"SHORT_LIVED_CERTIFICATE\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n usageMode: SHORT_LIVED_CERTIFICATE\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable Certificate Revocation List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst acmpcaBucketAccess = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n resources: [\n example.arn,\n pulumi.interpolate`${example.arn}/*`,\n ],\n principals: [{\n identifiers: [\"acm-pca.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: example.id,\n policy: acmpcaBucketAccess.apply(acmpcaBucketAccess =\u003e acmpcaBucketAccess.json),\n});\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n revocationConfiguration: {\n crlConfiguration: {\n customCname: \"crl.example.com\",\n enabled: true,\n expirationInDays: 7,\n s3BucketName: example.id,\n s3ObjectAcl: \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n}, {\n dependsOn: [exampleBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nacmpca_bucket_access = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n \"resources\": [\n example.arn,\n example.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n \"principals\": [{\n \"identifiers\": [\"acm-pca.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example.id,\n policy=acmpca_bucket_access.json)\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n },\n revocation_configuration={\n \"crl_configuration\": {\n \"custom_cname\": \"crl.example.com\",\n \"enabled\": True,\n \"expiration_in_days\": 7,\n \"s3_bucket_name\": example.id,\n \"s3_object_acl\": \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var acmpcaBucketAccess = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n },\n Resources = new[]\n {\n example.Arn,\n $\"{example.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"acm-pca.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = example.Id,\n Policy = acmpcaBucketAccess.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n RevocationConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationArgs\n {\n CrlConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs\n {\n CustomCname = \"crl.example.com\",\n Enabled = true,\n ExpirationInDays = 7,\n S3BucketName = example.Id,\n S3ObjectAcl = \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketPolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tacmpcaBucketAccess := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObjectAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn,\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"acm-pca.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texampleBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tPolicy: pulumi.String(acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026acmpcaBucketAccess.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRevocationConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationArgs{\n\t\t\t\tCrlConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{\n\t\t\t\t\tCustomCname: pulumi.String(\"crl.example.com\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpirationInDays: pulumi.Int(7),\n\t\t\t\t\tS3BucketName: example.ID(),\n\t\t\t\t\tS3ObjectAcl: pulumi.String(\"BUCKET_OWNER_FULL_CONTROL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var acmpcaBucketAccess = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\")\n .resources( \n example.arn(),\n example.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"acm-pca.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(example.id())\n .policy(acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(acmpcaBucketAccess -\u003e acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder()\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .revocationConfiguration(CertificateAuthorityRevocationConfigurationArgs.builder()\n .crlConfiguration(CertificateAuthorityRevocationConfigurationCrlConfigurationArgs.builder()\n .customCname(\"crl.example.com\")\n .enabled(true)\n .expirationInDays(7)\n .s3BucketName(example.id())\n .s3ObjectAcl(\"BUCKET_OWNER_FULL_CONTROL\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.id}\n policy: ${acmpcaBucketAccess.json}\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n revocationConfiguration:\n crlConfiguration:\n customCname: crl.example.com\n enabled: true\n expirationInDays: 7\n s3BucketName: ${example.id}\n s3ObjectAcl: BUCKET_OWNER_FULL_CONTROL\n options:\n dependson:\n - ${exampleBucketPolicy}\nvariables:\n acmpcaBucketAccess:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:GetBucketAcl\n - s3:GetBucketLocation\n - s3:PutObject\n - s3:PutObjectAcl\n resources:\n - ${example.arn}\n - ${example.arn}/*\n principals:\n - identifiers:\n - acm-pca.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_acmpca_certificate_authority` using the certificate authority ARN. For example:\n\n```sh\n$ pulumi import aws:acmpca/certificateAuthority:CertificateAuthority example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate authority.\n" }, "certificate": { "type": "string", "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "certificateChain": { "type": "string", "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateSigningRequest": { "type": "string", "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n" }, "enabled": { "type": "boolean", "description": "Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.\n" }, "keyStorageSecurityStandard": { "type": "string", "description": "Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).\n" }, "notAfter": { "type": "string", "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "notBefore": { "type": "string", "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "permanentDeletionTimeInDays": { "type": "integer", "description": "Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "serial": { "type": "string", "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n" }, "usageMode": { "type": "string", "description": "Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.\n" } }, "required": [ "arn", "certificate", "certificateAuthorityConfiguration", "certificateChain", "certificateSigningRequest", "keyStorageSecurityStandard", "notAfter", "notBefore", "serial", "tagsAll", "usageMode" ], "inputProperties": { "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "enabled": { "type": "boolean", "description": "Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.\n" }, "keyStorageSecurityStandard": { "type": "string", "description": "Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).\n", "willReplaceOnChanges": true }, "permanentDeletionTimeInDays": { "type": "integer", "description": "Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n", "willReplaceOnChanges": true }, "usageMode": { "type": "string", "description": "Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.\n" } }, "requiredInputs": [ "certificateAuthorityConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering CertificateAuthority resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate authority.\n" }, "certificate": { "type": "string", "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateAuthorityConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityCertificateAuthorityConfiguration:CertificateAuthorityCertificateAuthorityConfiguration", "description": "Nested argument containing algorithms and certificate subject information. Defined below.\n" }, "certificateChain": { "type": "string", "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n" }, "certificateSigningRequest": { "type": "string", "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n" }, "enabled": { "type": "boolean", "description": "Whether the certificate authority is enabled or disabled. Defaults to `true`. Can only be disabled if the CA is in an `ACTIVE` state.\n" }, "keyStorageSecurityStandard": { "type": "string", "description": "Cryptographic key management compliance standard used for handling CA keys. Defaults to `FIPS_140_2_LEVEL_3_OR_HIGHER`. Valid values: `FIPS_140_2_LEVEL_3_OR_HIGHER` and `FIPS_140_2_LEVEL_2_OR_HIGHER`. Supported standard for each region can be found in the [Storage and security compliance of AWS Private CA private keys Documentation](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys).\n", "willReplaceOnChanges": true }, "notAfter": { "type": "string", "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "notBefore": { "type": "string", "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n" }, "permanentDeletionTimeInDays": { "type": "integer", "description": "Number of days to make a CA restorable after it has been deleted, must be between 7 to 30 days, with default to 30 days.\n" }, "revocationConfiguration": { "$ref": "#/types/aws:acmpca/CertificateAuthorityRevocationConfiguration:CertificateAuthorityRevocationConfiguration", "description": "Nested argument containing revocation configuration. Defined below.\n" }, "serial": { "type": "string", "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the certificate authority. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the certificate authority. Defaults to `SUBORDINATE`. Valid values: `ROOT` and `SUBORDINATE`.\n", "willReplaceOnChanges": true }, "usageMode": { "type": "string", "description": "Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. Defaults to `GENERAL_PURPOSE`. Valid values: `GENERAL_PURPOSE` and `SHORT_LIVED_CERTIFICATE`.\n" } }, "type": "object" } }, "aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate": { "description": "Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate.\n\n## Example Usage\n\n### Self-Signed Root Certificate Authority Certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n type: \"ROOT\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\nconst current = aws.getPartition({});\nconst exampleCertificate = new aws.acmpca.Certificate(\"example\", {\n certificateAuthorityArn: exampleCertificateAuthority.arn,\n certificateSigningRequest: exampleCertificateAuthority.certificateSigningRequest,\n signingAlgorithm: \"SHA512WITHRSA\",\n templateArn: current.then(current =\u003e `arn:${current.partition}:acm-pca:::template/RootCACertificate/V1`),\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\nconst example = new aws.acmpca.CertificateAuthorityCertificate(\"example\", {\n certificateAuthorityArn: exampleCertificateAuthority.arn,\n certificate: exampleCertificate.certificate,\n certificateChain: exampleCertificate.certificateChain,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\",\n type=\"ROOT\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n })\ncurrent = aws.get_partition()\nexample_certificate = aws.acmpca.Certificate(\"example\",\n certificate_authority_arn=example_certificate_authority.arn,\n certificate_signing_request=example_certificate_authority.certificate_signing_request,\n signing_algorithm=\"SHA512WITHRSA\",\n template_arn=f\"arn:{current.partition}:acm-pca:::template/RootCACertificate/V1\",\n validity={\n \"type\": \"YEARS\",\n \"value\": \"1\",\n })\nexample = aws.acmpca.CertificateAuthorityCertificate(\"example\",\n certificate_authority_arn=example_certificate_authority.arn,\n certificate=example_certificate.certificate,\n certificate_chain=example_certificate.certificate_chain)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n Type = \"ROOT\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var exampleCertificate = new Aws.Acmpca.Certificate(\"example\", new()\n {\n CertificateAuthorityArn = exampleCertificateAuthority.Arn,\n CertificateSigningRequest = exampleCertificateAuthority.CertificateSigningRequest,\n SigningAlgorithm = \"SHA512WITHRSA\",\n TemplateArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:acm-pca:::template/RootCACertificate/V1\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n var example = new Aws.Acmpca.CertificateAuthorityCertificate(\"example\", new()\n {\n CertificateAuthorityArn = exampleCertificateAuthority.Arn,\n Certificate = exampleCertificate.Certificate,\n CertificateChain = exampleCertificate.CertificateChain,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tType: pulumi.String(\"ROOT\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCertificate, err := acmpca.NewCertificate(ctx, \"example\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: exampleCertificateAuthority.Arn,\n\t\t\tCertificateSigningRequest: exampleCertificateAuthority.CertificateSigningRequest,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\tTemplateArn: pulumi.String(fmt.Sprintf(\"arn:%v:acm-pca:::template/RootCACertificate/V1\", current.Partition)),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthorityCertificate(ctx, \"example\", \u0026acmpca.CertificateAuthorityCertificateArgs{\n\t\t\tCertificateAuthorityArn: exampleCertificateAuthority.Arn,\n\t\t\tCertificate: exampleCertificate.Certificate,\n\t\t\tCertificateChain: exampleCertificate.CertificateChain,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificate;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder()\n .type(\"ROOT\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder()\n .certificateAuthorityArn(exampleCertificateAuthority.arn())\n .certificateSigningRequest(exampleCertificateAuthority.certificateSigningRequest())\n .signingAlgorithm(\"SHA512WITHRSA\")\n .templateArn(String.format(\"arn:%s:acm-pca:::template/RootCACertificate/V1\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n var example = new CertificateAuthorityCertificate(\"example\", CertificateAuthorityCertificateArgs.builder()\n .certificateAuthorityArn(exampleCertificateAuthority.arn())\n .certificate(exampleCertificate.certificate())\n .certificateChain(exampleCertificate.certificateChain())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthorityCertificate\n properties:\n certificateAuthorityArn: ${exampleCertificateAuthority.arn}\n certificate: ${exampleCertificate.certificate}\n certificateChain: ${exampleCertificate.certificateChain}\n exampleCertificate:\n type: aws:acmpca:Certificate\n name: example\n properties:\n certificateAuthorityArn: ${exampleCertificateAuthority.arn}\n certificateSigningRequest: ${exampleCertificateAuthority.certificateSigningRequest}\n signingAlgorithm: SHA512WITHRSA\n templateArn: arn:${current.partition}:acm-pca:::template/RootCACertificate/V1\n validity:\n type: YEARS\n value: 1\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n type: ROOT\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Certificate for Subordinate Certificate Authority\n\nNote that the certificate for the subordinate certificate authority must be issued by the root certificate authority using a signing request from the subordinate certificate authority.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst subordinateCertificateAuthority = new aws.acmpca.CertificateAuthority(\"subordinate\", {\n type: \"SUBORDINATE\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_2048\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"sub.example.com\",\n },\n },\n});\nconst root = new aws.acmpca.CertificateAuthority(\"root\", {});\nconst current = aws.getPartition({});\nconst subordinateCertificate = new aws.acmpca.Certificate(\"subordinate\", {\n certificateAuthorityArn: root.arn,\n certificateSigningRequest: subordinateCertificateAuthority.certificateSigningRequest,\n signingAlgorithm: \"SHA512WITHRSA\",\n templateArn: current.then(current =\u003e `arn:${current.partition}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1`),\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\nconst subordinate = new aws.acmpca.CertificateAuthorityCertificate(\"subordinate\", {\n certificateAuthorityArn: subordinateCertificateAuthority.arn,\n certificate: subordinateCertificate.certificate,\n certificateChain: subordinateCertificate.certificateChain,\n});\nconst rootCertificateAuthorityCertificate = new aws.acmpca.CertificateAuthorityCertificate(\"root\", {});\nconst rootCertificate = new aws.acmpca.Certificate(\"root\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsubordinate_certificate_authority = aws.acmpca.CertificateAuthority(\"subordinate\",\n type=\"SUBORDINATE\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_2048\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"sub.example.com\",\n },\n })\nroot = aws.acmpca.CertificateAuthority(\"root\")\ncurrent = aws.get_partition()\nsubordinate_certificate = aws.acmpca.Certificate(\"subordinate\",\n certificate_authority_arn=root.arn,\n certificate_signing_request=subordinate_certificate_authority.certificate_signing_request,\n signing_algorithm=\"SHA512WITHRSA\",\n template_arn=f\"arn:{current.partition}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1\",\n validity={\n \"type\": \"YEARS\",\n \"value\": \"1\",\n })\nsubordinate = aws.acmpca.CertificateAuthorityCertificate(\"subordinate\",\n certificate_authority_arn=subordinate_certificate_authority.arn,\n certificate=subordinate_certificate.certificate,\n certificate_chain=subordinate_certificate.certificate_chain)\nroot_certificate_authority_certificate = aws.acmpca.CertificateAuthorityCertificate(\"root\")\nroot_certificate = aws.acmpca.Certificate(\"root\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var subordinateCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"subordinate\", new()\n {\n Type = \"SUBORDINATE\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_2048\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"sub.example.com\",\n },\n },\n });\n\n var root = new Aws.Acmpca.CertificateAuthority(\"root\");\n\n var current = Aws.GetPartition.Invoke();\n\n var subordinateCertificate = new Aws.Acmpca.Certificate(\"subordinate\", new()\n {\n CertificateAuthorityArn = root.Arn,\n CertificateSigningRequest = subordinateCertificateAuthority.CertificateSigningRequest,\n SigningAlgorithm = \"SHA512WITHRSA\",\n TemplateArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n var subordinate = new Aws.Acmpca.CertificateAuthorityCertificate(\"subordinate\", new()\n {\n CertificateAuthorityArn = subordinateCertificateAuthority.Arn,\n Certificate = subordinateCertificate.Certificate,\n CertificateChain = subordinateCertificate.CertificateChain,\n });\n\n var rootCertificateAuthorityCertificate = new Aws.Acmpca.CertificateAuthorityCertificate(\"root\");\n\n var rootCertificate = new Aws.Acmpca.Certificate(\"root\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsubordinateCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, \"subordinate\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tType: pulumi.String(\"SUBORDINATE\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_2048\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"sub.example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := acmpca.NewCertificateAuthority(ctx, \"root\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubordinateCertificate, err := acmpca.NewCertificate(ctx, \"subordinate\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: root.Arn,\n\t\t\tCertificateSigningRequest: subordinateCertificateAuthority.CertificateSigningRequest,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\tTemplateArn: pulumi.String(fmt.Sprintf(\"arn:%v:acm-pca:::template/SubordinateCACertificate_PathLen0/V1\", current.Partition)),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthorityCertificate(ctx, \"subordinate\", \u0026acmpca.CertificateAuthorityCertificateArgs{\n\t\t\tCertificateAuthorityArn: subordinateCertificateAuthority.Arn,\n\t\t\tCertificate: subordinateCertificate.Certificate,\n\t\t\tCertificateChain: subordinateCertificate.CertificateChain,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthorityCertificate(ctx, \"root\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificate(ctx, \"root\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificate;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var subordinateCertificateAuthority = new CertificateAuthority(\"subordinateCertificateAuthority\", CertificateAuthorityArgs.builder()\n .type(\"SUBORDINATE\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_2048\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"sub.example.com\")\n .build())\n .build())\n .build());\n\n var root = new CertificateAuthority(\"root\");\n\n final var current = AwsFunctions.getPartition();\n\n var subordinateCertificate = new Certificate(\"subordinateCertificate\", CertificateArgs.builder()\n .certificateAuthorityArn(root.arn())\n .certificateSigningRequest(subordinateCertificateAuthority.certificateSigningRequest())\n .signingAlgorithm(\"SHA512WITHRSA\")\n .templateArn(String.format(\"arn:%s:acm-pca:::template/SubordinateCACertificate_PathLen0/V1\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n var subordinate = new CertificateAuthorityCertificate(\"subordinate\", CertificateAuthorityCertificateArgs.builder()\n .certificateAuthorityArn(subordinateCertificateAuthority.arn())\n .certificate(subordinateCertificate.certificate())\n .certificateChain(subordinateCertificate.certificateChain())\n .build());\n\n var rootCertificateAuthorityCertificate = new CertificateAuthorityCertificate(\"rootCertificateAuthorityCertificate\");\n\n var rootCertificate = new Certificate(\"rootCertificate\");\n\n }\n}\n```\n```yaml\nresources:\n subordinate:\n type: aws:acmpca:CertificateAuthorityCertificate\n properties:\n certificateAuthorityArn: ${subordinateCertificateAuthority.arn}\n certificate: ${subordinateCertificate.certificate}\n certificateChain: ${subordinateCertificate.certificateChain}\n subordinateCertificate:\n type: aws:acmpca:Certificate\n name: subordinate\n properties:\n certificateAuthorityArn: ${root.arn}\n certificateSigningRequest: ${subordinateCertificateAuthority.certificateSigningRequest}\n signingAlgorithm: SHA512WITHRSA\n templateArn: arn:${current.partition}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1\n validity:\n type: YEARS\n value: 1\n subordinateCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: subordinate\n properties:\n type: SUBORDINATE\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_2048\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: sub.example.com\n root:\n type: aws:acmpca:CertificateAuthority\n rootCertificateAuthorityCertificate:\n type: aws:acmpca:CertificateAuthorityCertificate\n name: root\n rootCertificate:\n type: aws:acmpca:Certificate\n name: root\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "certificate": { "type": "string", "description": "PEM-encoded certificate for the Certificate Authority.\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the Certificate Authority.\n" }, "certificateChain": { "type": "string", "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.\n" } }, "required": [ "certificate", "certificateAuthorityArn" ], "inputProperties": { "certificate": { "type": "string", "description": "PEM-encoded certificate for the Certificate Authority.\n", "willReplaceOnChanges": true }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the Certificate Authority.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificate", "certificateAuthorityArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CertificateAuthorityCertificate resources.\n", "properties": { "certificate": { "type": "string", "description": "PEM-encoded certificate for the Certificate Authority.\n", "willReplaceOnChanges": true }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the Certificate Authority.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acmpca/permission:Permission": { "description": "Provides a resource to manage an AWS Certificate Manager Private Certificate Authorities Permission.\nCurrently, this is only required in order to allow the ACM service to automatically renew certificates issued by a PCA.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n}});\nconst example = new aws.acmpca.Permission(\"example\", {\n certificateAuthorityArn: exampleCertificateAuthority.arn,\n actions: [\n \"IssueCertificate\",\n \"GetCertificate\",\n \"ListPermissions\",\n ],\n principal: \"acm.amazonaws.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\", certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n})\nexample = aws.acmpca.Permission(\"example\",\n certificate_authority_arn=example_certificate_authority.arn,\n actions=[\n \"IssueCertificate\",\n \"GetCertificate\",\n \"ListPermissions\",\n ],\n principal=\"acm.amazonaws.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n var example = new Aws.Acmpca.Permission(\"example\", new()\n {\n CertificateAuthorityArn = exampleCertificateAuthority.Arn,\n Actions = new[]\n {\n \"IssueCertificate\",\n \"GetCertificate\",\n \"ListPermissions\",\n },\n Principal = \"acm.amazonaws.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCertificateAuthority, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewPermission(ctx, \"example\", \u0026acmpca.PermissionArgs{\n\t\t\tCertificateAuthorityArn: exampleCertificateAuthority.Arn,\n\t\t\tActions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"IssueCertificate\"),\n\t\t\t\tpulumi.String(\"GetCertificate\"),\n\t\t\t\tpulumi.String(\"ListPermissions\"),\n\t\t\t},\n\t\t\tPrincipal: pulumi.String(\"acm.amazonaws.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.acmpca.Permission;\nimport com.pulumi.aws.acmpca.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder()\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n var example = new Permission(\"example\", PermissionArgs.builder()\n .certificateAuthorityArn(exampleCertificateAuthority.arn())\n .actions( \n \"IssueCertificate\",\n \"GetCertificate\",\n \"ListPermissions\")\n .principal(\"acm.amazonaws.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:Permission\n properties:\n certificateAuthorityArn: ${exampleCertificateAuthority.arn}\n actions:\n - IssueCertificate\n - GetCertificate\n - ListPermissions\n principal: acm.amazonaws.com\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the CA that grants the permissions.\n" }, "policy": { "type": "string", "description": "IAM policy that is associated with the permission.\n" }, "principal": { "type": "string", "description": "AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.\n" }, "sourceAccount": { "type": "string", "description": "ID of the calling account\n" } }, "required": [ "actions", "certificateAuthorityArn", "policy", "principal", "sourceAccount" ], "inputProperties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.\n", "willReplaceOnChanges": true }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the CA that grants the permissions.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.\n", "willReplaceOnChanges": true }, "sourceAccount": { "type": "string", "description": "ID of the calling account\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "actions", "certificateAuthorityArn", "principal" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permission resources.\n", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Actions that the specified AWS service principal can use. These include `IssueCertificate`, `GetCertificate`, and `ListPermissions`. Note that in order for ACM to automatically rotate certificates issued by a PCA, it must be granted permission on all 3 actions, as per the example above.\n", "willReplaceOnChanges": true }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the CA that grants the permissions.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "IAM policy that is associated with the permission.\n" }, "principal": { "type": "string", "description": "AWS service or identity that receives the permission. At this time, the only valid principal is `acm.amazonaws.com`.\n", "willReplaceOnChanges": true }, "sourceAccount": { "type": "string", "description": "ID of the calling account\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:acmpca/policy:Policy": { "description": "Attaches a resource based policy to a private CA.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"1\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [current.accountId],\n }],\n actions: [\n \"acm-pca:DescribeCertificateAuthority\",\n \"acm-pca:GetCertificate\",\n \"acm-pca:GetCertificateAuthorityCertificate\",\n \"acm-pca:ListPermissions\",\n \"acm-pca:ListTags\",\n ],\n resources: [exampleAwsAcmpcaCertificateAuthority.arn],\n },\n {\n sid: \"2\",\n effect: allow,\n principals: [{\n type: \"AWS\",\n identifiers: [current.accountId],\n }],\n actions: [\"acm-pca:IssueCertificate\"],\n resources: [exampleAwsAcmpcaCertificateAuthority.arn],\n conditions: [{\n test: \"StringEquals\",\n variable: \"acm-pca:TemplateArn\",\n values: [\"arn:aws:acm-pca:::template/EndEntityCertificate/V1\"],\n }],\n },\n ],\n});\nconst examplePolicy = new aws.acmpca.Policy(\"example\", {\n resourceArn: exampleAwsAcmpcaCertificateAuthority.arn,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"1\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [current[\"accountId\"]],\n }],\n \"actions\": [\n \"acm-pca:DescribeCertificateAuthority\",\n \"acm-pca:GetCertificate\",\n \"acm-pca:GetCertificateAuthorityCertificate\",\n \"acm-pca:ListPermissions\",\n \"acm-pca:ListTags\",\n ],\n \"resources\": [example_aws_acmpca_certificate_authority[\"arn\"]],\n },\n {\n \"sid\": \"2\",\n \"effect\": allow,\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [current[\"accountId\"]],\n }],\n \"actions\": [\"acm-pca:IssueCertificate\"],\n \"resources\": [example_aws_acmpca_certificate_authority[\"arn\"]],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"acm-pca:TemplateArn\",\n \"values\": [\"arn:aws:acm-pca:::template/EndEntityCertificate/V1\"],\n }],\n },\n])\nexample_policy = aws.acmpca.Policy(\"example\",\n resource_arn=example_aws_acmpca_certificate_authority[\"arn\"],\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"1\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n current.AccountId,\n },\n },\n },\n Actions = new[]\n {\n \"acm-pca:DescribeCertificateAuthority\",\n \"acm-pca:GetCertificate\",\n \"acm-pca:GetCertificateAuthorityCertificate\",\n \"acm-pca:ListPermissions\",\n \"acm-pca:ListTags\",\n },\n Resources = new[]\n {\n exampleAwsAcmpcaCertificateAuthority.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"2\",\n Effect = allow,\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n current.AccountId,\n },\n },\n },\n Actions = new[]\n {\n \"acm-pca:IssueCertificate\",\n },\n Resources = new[]\n {\n exampleAwsAcmpcaCertificateAuthority.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"acm-pca:TemplateArn\",\n Values = new[]\n {\n \"arn:aws:acm-pca:::template/EndEntityCertificate/V1\",\n },\n },\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Acmpca.Policy(\"example\", new()\n {\n ResourceArn = exampleAwsAcmpcaCertificateAuthority.Arn,\n PolicyDetails = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"1\"),\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\ncurrent.AccountId,\n},\n},\n},\nActions: []string{\n\"acm-pca:DescribeCertificateAuthority\",\n\"acm-pca:GetCertificate\",\n\"acm-pca:GetCertificateAuthorityCertificate\",\n\"acm-pca:ListPermissions\",\n\"acm-pca:ListTags\",\n},\nResources: interface{}{\nexampleAwsAcmpcaCertificateAuthority.Arn,\n},\n},\n{\nSid: pulumi.StringRef(\"2\"),\nEffect: pulumi.StringRef(allow),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\ncurrent.AccountId,\n},\n},\n},\nActions: []string{\n\"acm-pca:IssueCertificate\",\n},\nResources: interface{}{\nexampleAwsAcmpcaCertificateAuthority.Arn,\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"acm-pca:TemplateArn\",\nValues: []string{\n\"arn:aws:acm-pca:::template/EndEntityCertificate/V1\",\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = acmpca.NewPolicy(ctx, \"example\", \u0026acmpca.PolicyArgs{\nResourceArn: pulumi.Any(exampleAwsAcmpcaCertificateAuthority.Arn),\nPolicy: pulumi.String(example.Json),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.acmpca.Policy;\nimport com.pulumi.aws.acmpca.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"1\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(current.accountId())\n .build())\n .actions( \n \"acm-pca:DescribeCertificateAuthority\",\n \"acm-pca:GetCertificate\",\n \"acm-pca:GetCertificateAuthorityCertificate\",\n \"acm-pca:ListPermissions\",\n \"acm-pca:ListTags\")\n .resources(exampleAwsAcmpcaCertificateAuthority.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"2\")\n .effect(allow)\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(current.accountId())\n .build())\n .actions(\"acm-pca:IssueCertificate\")\n .resources(exampleAwsAcmpcaCertificateAuthority.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"acm-pca:TemplateArn\")\n .values(\"arn:aws:acm-pca:::template/EndEntityCertificate/V1\")\n .build())\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .resourceArn(exampleAwsAcmpcaCertificateAuthority.arn())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePolicy:\n type: aws:acmpca:Policy\n name: example\n properties:\n resourceArn: ${exampleAwsAcmpcaCertificateAuthority.arn}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: '1'\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${current.accountId}\n actions:\n - acm-pca:DescribeCertificateAuthority\n - acm-pca:GetCertificate\n - acm-pca:GetCertificateAuthorityCertificate\n - acm-pca:ListPermissions\n - acm-pca:ListTags\n resources:\n - ${exampleAwsAcmpcaCertificateAuthority.arn}\n - sid: '2'\n effect: ${allow}\n principals:\n - type: AWS\n identifiers:\n - ${current.accountId}\n actions:\n - acm-pca:IssueCertificate\n resources:\n - ${exampleAwsAcmpcaCertificateAuthority.arn}\n conditions:\n - test: StringEquals\n variable: acm-pca:TemplateArn\n values:\n - arn:aws:acm-pca:::template/EndEntityCertificate/V1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_acmpca_policy` using the `resource_arn` value. For example:\n\n```sh\n$ pulumi import aws:acmpca/policy:Policy example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n", "properties": { "policy": { "type": "string", "description": "JSON-formatted IAM policy to attach to the specified private CA resource.\n", "language": { "csharp": { "name": "PolicyDetails" } } }, "resourceArn": { "type": "string", "description": "ARN of the private CA to associate with the policy.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "JSON-formatted IAM policy to attach to the specified private CA resource.\n", "language": { "csharp": { "name": "PolicyDetails" } } }, "resourceArn": { "type": "string", "description": "ARN of the private CA to associate with the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "policy": { "type": "string", "description": "JSON-formatted IAM policy to attach to the specified private CA resource.\n", "language": { "csharp": { "name": "PolicyDetails" } } }, "resourceArn": { "type": "string", "description": "ARN of the private CA to associate with the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:alb/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"443\")\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(\"443\")\n .protocol(\"TLS\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\n```sh\n$ pulumi import aws:alb/listener:Listener front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n```\n", "properties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "arn": { "type": "string", "description": "ARN of the listener (matches `id`).\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n" }, "mutualAuthentication": { "$ref": "#/types/aws:alb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "mutualAuthentication", "protocol", "sslPolicy", "tagsAll" ], "inputProperties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mutualAuthentication": { "$ref": "#/types/aws:alb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "arn": { "type": "string", "description": "ARN of the listener (matches `id`).\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mutualAuthentication": { "$ref": "#/types/aws:alb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listener:Listener" } ] }, "aws:alb/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acm.Certificate(\"example\", {});\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n listenerArn: frontEndListener.arn,\n certificateArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.Certificate(\"example\")\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"example\",\n listener_arn=front_end_listener.arn,\n certificate_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acm.Certificate(\"example\");\n\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"example\", new()\n {\n ListenerArn = frontEndListener.Arn,\n CertificateArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acm.NewCertificate(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"example\", \u0026lb.ListenerCertificateArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tCertificateArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerCertificate;\nimport com.pulumi.aws.lb.ListenerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Certificate(\"example\");\n\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var exampleListenerCertificate = new ListenerCertificate(\"exampleListenerCertificate\", ListenerCertificateArgs.builder()\n .listenerArn(frontEndListener.arn())\n .certificateArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acm:Certificate\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n exampleListenerCertificate:\n type: aws:lb:ListenerCertificate\n name: example\n properties:\n listenerArn: ${frontEndListener.arn}\n certificateArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Listener Certificates using the listener arn and certificate arn, separated by an underscore (`_`). For example:\n\n```sh\n$ pulumi import aws:alb/listenerCertificate:ListenerCertificate example arn:aws:elasticloadbalancing:us-west-2:123456789012:listener/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b_arn:aws:iam::123456789012:server-certificate/tf-acc-test-6453083910015726063\n```\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listenerCertificate:ListenerCertificate" } ] }, "aws:alb/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n listenerArn: frontEndListener.arn,\n priority: 100,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n});\n// Forward action\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Weighted Forward action\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: main.arn,\n weight: 80,\n },\n {\n arn: canary.arn,\n weight: 20,\n },\n ],\n stickiness: {\n enabled: true,\n duration: 600,\n },\n },\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Redirect action\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n});\n// Fixed-response action\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n});\n// Authenticate-cognito Action\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// Authenticate-oidc Action\nconst oidc = new aws.lb.ListenerRule(\"oidc\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nstatic = aws.lb.ListenerRule(\"static\",\n listener_arn=front_end_listener.arn,\n priority=100,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[\n {\n \"path_pattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"host_header\": {\n \"values\": [\"example.com\"],\n },\n },\n ])\n# Forward action\nhost_based_weighted_routing = aws.lb.ListenerRule(\"host_based_weighted_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Weighted Forward action\nhost_based_routing = aws.lb.ListenerRule(\"host_based_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": main[\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": canary[\"arn\"],\n \"weight\": 20,\n },\n ],\n \"stickiness\": {\n \"enabled\": True,\n \"duration\": 600,\n },\n },\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Redirect action\nredirect_http_to_https = aws.lb.ListenerRule(\"redirect_http_to_https\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }],\n conditions=[{\n \"http_header\": {\n \"http_header_name\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }])\n# Fixed-response action\nhealth_check = aws.lb.ListenerRule(\"health_check\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n }],\n conditions=[{\n \"query_strings\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }])\n# Authenticate-cognito Action\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# Authenticate-oidc Action\noidc = aws.lb.ListenerRule(\"oidc\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var @static = new Aws.LB.ListenerRule(\"static\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"example.com\",\n },\n },\n },\n },\n });\n\n // Forward action\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"host_based_weighted_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Weighted Forward action\n var hostBasedRouting = new Aws.LB.ListenerRule(\"host_based_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = main.Arn,\n Weight = 80,\n },\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = canary.Arn,\n Weight = 20,\n },\n },\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Enabled = true,\n Duration = 600,\n },\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Redirect action\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirect_http_to_https\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = new[]\n {\n \"192.168.1.*\",\n },\n },\n },\n },\n });\n\n // Fixed-response action\n var healthCheck = new Aws.LB.ListenerRule(\"health_check\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryStrings = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Key = \"health\",\n Value = \"check\",\n },\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Value = \"bar\",\n },\n },\n },\n },\n });\n\n // Authenticate-cognito Action\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var admin = new Aws.LB.ListenerRule(\"admin\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // Authenticate-oidc Action\n var oidc = new Aws.LB.ListenerRule(\"oidc\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_weighted_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Weighted Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(main.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(canary.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Redirect action\n\t\t_, err = lb.NewListenerRule(ctx, \"redirect_http_to_https\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Fixed-response action\n\t\t_, err = lb.NewListenerRule(ctx, \"health_check\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryStrings: lb.ListenerRuleConditionQueryStringArray{\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"health\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-cognito Action\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerRuleActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-oidc Action\n\t\t_, err = lb.NewListenerRule(ctx, \"oidc\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerRule;\nimport com.pulumi.aws.lb.ListenerRuleArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var static_ = new ListenerRule(\"static\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(100)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions( \n ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"/static/*\")\n .build())\n .build(),\n ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"example.com\")\n .build())\n .build())\n .build());\n\n // Forward action\n var hostBasedWeightedRouting = new ListenerRule(\"hostBasedWeightedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Weighted Forward action\n var hostBasedRouting = new ListenerRule(\"hostBasedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerRuleActionForwardArgs.builder()\n .targetGroups( \n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(main.arn())\n .weight(80)\n .build(),\n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(canary.arn())\n .weight(20)\n .build())\n .stickiness(ListenerRuleActionForwardStickinessArgs.builder()\n .enabled(true)\n .duration(600)\n .build())\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Redirect action\n var redirectHttpToHttps = new ListenerRule(\"redirectHttpToHttps\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerRuleActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()\n .httpHeaderName(\"X-Forwarded-For\")\n .values(\"192.168.1.*\")\n .build())\n .build())\n .build());\n\n // Fixed-response action\n var healthCheck = new ListenerRule(\"healthCheck\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"HEALTHY\")\n .statusCode(\"200\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .queryStrings( \n ListenerRuleConditionQueryStringArgs.builder()\n .key(\"health\")\n .value(\"check\")\n .build(),\n ListenerRuleConditionQueryStringArgs.builder()\n .value(\"bar\")\n .build())\n .build())\n .build());\n\n // Authenticate-cognito Action\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var admin = new ListenerRule(\"admin\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // Authenticate-oidc Action\n var oidc = new ListenerRule(\"oidc\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n static:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 100\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - /static/*\n - hostHeader:\n values:\n - example.com\n # Forward action\n hostBasedWeightedRouting:\n type: aws:lb:ListenerRule\n name: host_based_weighted_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Weighted Forward action\n hostBasedRouting:\n type: aws:lb:ListenerRule\n name: host_based_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${main.arn}\n weight: 80\n - arn: ${canary.arn}\n weight: 20\n stickiness:\n enabled: true\n duration: 600\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Redirect action\n redirectHttpToHttps:\n type: aws:lb:ListenerRule\n name: redirect_http_to_https\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n conditions:\n - httpHeader:\n httpHeaderName: X-Forwarded-For\n values:\n - 192.168.1.*\n # Fixed-response action\n healthCheck:\n type: aws:lb:ListenerRule\n name: health_check\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: HEALTHY\n statusCode: '200'\n conditions:\n - queryStrings:\n - key: health\n value: check\n - value: bar\n # Authenticate-cognito Action\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n admin:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # Authenticate-oidc Action\n oidc:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import rules using their ARN. For example:\n\n```sh\n$ pulumi import aws:alb/listenerRule:ListenerRule front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the rule (matches `id`)\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority", "tagsAll" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the rule (matches `id`)\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:alb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/listenerRule:ListenerRule" } ] }, "aws:alb/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n## Example Usage\n\n### Application Load Balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n name: \"test-lb-tf\",\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [lbSg.id],\n subnets: .map(subnet =\u003e (subnet.id)),\n enableDeletionProtection: true,\n accessLogs: {\n bucket: lbLogs.id,\n prefix: \"test-lb\",\n enabled: true,\n },\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n name=\"test-lb-tf\",\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[lb_sg[\"id\"]],\n subnets=[subnet[\"id\"] for subnet in public],\n enable_deletion_protection=True,\n access_logs={\n \"bucket\": lb_logs[\"id\"],\n \"prefix\": \"test-lb\",\n \"enabled\": True,\n },\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.LoadBalancer(\"test\", new()\n {\n Name = \"test-lb-tf\",\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = new[]\n {\n lbSg.Id,\n },\n Subnets = .Select(subnet =\u003e \n {\n return subnet.Id;\n }).ToList(),\n EnableDeletionProtection = true,\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = lbLogs.Id,\n Prefix = \"test-lb\",\n Enabled = true,\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Load Balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n name: \"test-lb-tf\",\n internal: false,\n loadBalancerType: \"network\",\n subnets: .map(subnet =\u003e (subnet.id)),\n enableDeletionProtection: true,\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n name=\"test-lb-tf\",\n internal=False,\n load_balancer_type=\"network\",\n subnets=[subnet[\"id\"] for subnet in public],\n enable_deletion_protection=True,\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.LoadBalancer(\"test\", new()\n {\n Name = \"test-lb-tf\",\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = .Select(subnet =\u003e \n {\n return subnet.Id;\n }).ToList(),\n EnableDeletionProtection = true,\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying Elastic IPs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n name: \"example\",\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n subnetId: example1AwsSubnet.id,\n allocationId: example1.id,\n },\n {\n subnetId: example2AwsSubnet.id,\n allocationId: example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n name=\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"subnet_id\": example1_aws_subnet[\"id\"],\n \"allocation_id\": example1[\"id\"],\n },\n {\n \"subnet_id\": example2_aws_subnet[\"id\"],\n \"allocation_id\": example2[\"id\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n Name = \"example\",\n LoadBalancerType = \"network\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example1AwsSubnet.Id,\n AllocationId = example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example2AwsSubnet.Id,\n AllocationId = example2.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example1AwsSubnet.Id),\n\t\t\t\t\tAllocationId: pulumi.Any(example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example2AwsSubnet.Id),\n\t\t\t\t\tAllocationId: pulumi.Any(example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .name(\"example\")\n .loadBalancerType(\"network\")\n .subnetMappings( \n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example1AwsSubnet.id())\n .allocationId(example1.id())\n .build(),\n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example2AwsSubnet.id())\n .allocationId(example2.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n name: example\n loadBalancerType: network\n subnetMappings:\n - subnetId: ${example1AwsSubnet.id}\n allocationId: ${example1.id}\n - subnetId: ${example2AwsSubnet.id}\n allocationId: ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying private IP addresses for an internal-facing load balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n name: \"example\",\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n subnetId: example1.id,\n privateIpv4Address: \"10.0.1.15\",\n },\n {\n subnetId: example2.id,\n privateIpv4Address: \"10.0.2.15\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n name=\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"subnet_id\": example1[\"id\"],\n \"private_ipv4_address\": \"10.0.1.15\",\n },\n {\n \"subnet_id\": example2[\"id\"],\n \"private_ipv4_address\": \"10.0.2.15\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n Name = \"example\",\n LoadBalancerType = \"network\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example1.Id,\n PrivateIpv4Address = \"10.0.1.15\",\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example2.Id,\n PrivateIpv4Address = \"10.0.2.15\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example1.Id),\n\t\t\t\t\tPrivateIpv4Address: pulumi.String(\"10.0.1.15\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example2.Id),\n\t\t\t\t\tPrivateIpv4Address: pulumi.String(\"10.0.2.15\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .name(\"example\")\n .loadBalancerType(\"network\")\n .subnetMappings( \n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example1.id())\n .privateIpv4Address(\"10.0.1.15\")\n .build(),\n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example2.id())\n .privateIpv4Address(\"10.0.2.15\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n name: example\n loadBalancerType: network\n subnetMappings:\n - subnetId: ${example1.id}\n privateIpv4Address: 10.0.1.15\n - subnetId: ${example2.id}\n privateIpv4Address: 10.0.2.15\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import LBs using their ARN. For example:\n\n```sh\n$ pulumi import aws:alb/loadBalancer:LoadBalancer bar arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\n```\n", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "arn": { "type": "string", "description": "ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:alb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n" }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "DNS name of the load balancer.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n" }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" }, "zoneId": { "type": "string", "description": "Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic", "internal", "ipAddressType", "name", "namePrefix", "securityGroups", "subnetMappings", "subnets", "tagsAll", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:alb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n", "willReplaceOnChanges": true }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "arn": { "type": "string", "description": "ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:alb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n", "willReplaceOnChanges": true }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "DNS name of the load balancer.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string", "$ref": "#/types/aws:alb/ipAddressType:IpAddressType", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "$ref": "#/types/aws:alb/loadBalancerType:LoadBalancerType", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:alb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" }, "zoneId": { "type": "string", "description": "Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/loadBalancer:LoadBalancer" } ] }, "aws:alb/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n## Example Usage\n\n### Instance Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"tf-example-lb-tg\",\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n name=\"tf-example-lb-tg\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"tf-example-lb-tg\",\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .port(80)\n .protocol(\"HTTP\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n port: 80\n protocol: HTTP\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n name: \"tf-example-lb-tg\",\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n name=\"tf-example-lb-tg\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new()\n {\n Name = \"tf-example-lb-tg\",\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var ip_example = new TargetGroup(\"ip-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .port(80)\n .protocol(\"HTTP\")\n .targetType(\"ip\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ip-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n port: 80\n protocol: HTTP\n targetType: ip\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n name: \"tf-example-lb-tg\",\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\",\n name=\"tf-example-lb-tg\",\n target_type=\"lambda\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new()\n {\n Name = \"tf-example-lb-tg\",\n TargetType = \"lambda\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambda_example = new TargetGroup(\"lambda-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .targetType(\"lambda\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambda-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n targetType: lambda\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ALB Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst alb_example = new aws.lb.TargetGroup(\"alb-example\", {\n name: \"tf-example-lb-alb-tg\",\n targetType: \"alb\",\n port: 80,\n protocol: \"TCP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nalb_example = aws.lb.TargetGroup(\"alb-example\",\n name=\"tf-example-lb-alb-tg\",\n target_type=\"alb\",\n port=80,\n protocol=\"TCP\",\n vpc_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alb_example = new Aws.LB.TargetGroup(\"alb-example\", new()\n {\n Name = \"tf-example-lb-alb-tg\",\n TargetType = \"alb\",\n Port = 80,\n Protocol = \"TCP\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"alb-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-alb-tg\"),\n\t\t\tTargetType: pulumi.String(\"alb\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alb_example = new TargetGroup(\"alb-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-alb-tg\")\n .targetType(\"alb\")\n .port(80)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alb-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-alb-tg\n targetType: alb\n port: 80\n protocol: TCP\n vpcId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Target group with unhealthy connection termination disabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tcp_example = new aws.lb.TargetGroup(\"tcp-example\", {\n name: \"tf-example-lb-nlb-tg\",\n port: 25,\n protocol: \"TCP\",\n vpcId: main.id,\n targetHealthStates: [{\n enableUnhealthyConnectionTermination: false,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntcp_example = aws.lb.TargetGroup(\"tcp-example\",\n name=\"tf-example-lb-nlb-tg\",\n port=25,\n protocol=\"TCP\",\n vpc_id=main[\"id\"],\n target_health_states=[{\n \"enable_unhealthy_connection_termination\": False,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tcp_example = new Aws.LB.TargetGroup(\"tcp-example\", new()\n {\n Name = \"tf-example-lb-nlb-tg\",\n Port = 25,\n Protocol = \"TCP\",\n VpcId = main.Id,\n TargetHealthStates = new[]\n {\n new Aws.LB.Inputs.TargetGroupTargetHealthStateArgs\n {\n EnableUnhealthyConnectionTermination = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"tcp-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-nlb-tg\"),\n\t\t\tPort: pulumi.Int(25),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTargetHealthStates: lb.TargetGroupTargetHealthStateArray{\n\t\t\t\t\u0026lb.TargetGroupTargetHealthStateArgs{\n\t\t\t\t\tEnableUnhealthyConnectionTermination: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetHealthStateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tcp_example = new TargetGroup(\"tcp-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-nlb-tg\")\n .port(25)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .targetHealthStates(TargetGroupTargetHealthStateArgs.builder()\n .enableUnhealthyConnectionTermination(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tcp-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-nlb-tg\n port: 25\n protocol: TCP\n vpcId: ${main.id}\n targetHealthStates:\n - enableUnhealthyConnectionTermination: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Target group with health requirements\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tcp_example = new aws.lb.TargetGroup(\"tcp-example\", {\n name: \"tf-example-lb-nlb-tg\",\n port: 80,\n protocol: \"TCP\",\n vpcId: main.id,\n targetGroupHealth: {\n dnsFailover: {\n minimumHealthyTargetsCount: \"1\",\n minimumHealthyTargetsPercentage: \"off\",\n },\n unhealthyStateRouting: {\n minimumHealthyTargetsCount: 1,\n minimumHealthyTargetsPercentage: \"off\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntcp_example = aws.lb.TargetGroup(\"tcp-example\",\n name=\"tf-example-lb-nlb-tg\",\n port=80,\n protocol=\"TCP\",\n vpc_id=main[\"id\"],\n target_group_health={\n \"dns_failover\": {\n \"minimum_healthy_targets_count\": \"1\",\n \"minimum_healthy_targets_percentage\": \"off\",\n },\n \"unhealthy_state_routing\": {\n \"minimum_healthy_targets_count\": 1,\n \"minimum_healthy_targets_percentage\": \"off\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tcp_example = new Aws.LB.TargetGroup(\"tcp-example\", new()\n {\n Name = \"tf-example-lb-nlb-tg\",\n Port = 80,\n Protocol = \"TCP\",\n VpcId = main.Id,\n TargetGroupHealth = new Aws.LB.Inputs.TargetGroupTargetGroupHealthArgs\n {\n DnsFailover = new Aws.LB.Inputs.TargetGroupTargetGroupHealthDnsFailoverArgs\n {\n MinimumHealthyTargetsCount = \"1\",\n MinimumHealthyTargetsPercentage = \"off\",\n },\n UnhealthyStateRouting = new Aws.LB.Inputs.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs\n {\n MinimumHealthyTargetsCount = 1,\n MinimumHealthyTargetsPercentage = \"off\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"tcp-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-nlb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTargetGroupHealth: \u0026lb.TargetGroupTargetGroupHealthArgs{\n\t\t\t\tDnsFailover: \u0026lb.TargetGroupTargetGroupHealthDnsFailoverArgs{\n\t\t\t\t\tMinimumHealthyTargetsCount: pulumi.String(\"1\"),\n\t\t\t\t\tMinimumHealthyTargetsPercentage: pulumi.String(\"off\"),\n\t\t\t\t},\n\t\t\t\tUnhealthyStateRouting: \u0026lb.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs{\n\t\t\t\t\tMinimumHealthyTargetsCount: pulumi.Int(1),\n\t\t\t\t\tMinimumHealthyTargetsPercentage: pulumi.String(\"off\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthDnsFailoverArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tcp_example = new TargetGroup(\"tcp-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-nlb-tg\")\n .port(80)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .targetGroupHealth(TargetGroupTargetGroupHealthArgs.builder()\n .dnsFailover(TargetGroupTargetGroupHealthDnsFailoverArgs.builder()\n .minimumHealthyTargetsCount(\"1\")\n .minimumHealthyTargetsPercentage(\"off\")\n .build())\n .unhealthyStateRouting(TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs.builder()\n .minimumHealthyTargetsCount(\"1\")\n .minimumHealthyTargetsPercentage(\"off\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tcp-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-nlb-tg\n port: 80\n protocol: TCP\n vpcId: ${main.id}\n targetGroupHealth:\n dnsFailover:\n minimumHealthyTargetsCount: '1'\n minimumHealthyTargetsPercentage: off\n unhealthyStateRouting:\n minimumHealthyTargetsCount: '1'\n minimumHealthyTargetsPercentage: off\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Target Groups using their ARN. For example:\n\n```sh\n$ pulumi import aws:alb/targetGroup:TargetGroup app_front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:targetgroup/app-front-end/20cfe21448b66314\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Target Group (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "ARNs of the Load Balancers associated with the Target Group.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n" }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n" }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:alb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n" }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "connectionTermination", "healthCheck", "ipAddressType", "loadBalancerArns", "loadBalancingAlgorithmType", "loadBalancingAnomalyMitigation", "loadBalancingCrossZoneEnabled", "name", "namePrefix", "preserveClientIp", "protocolVersion", "stickiness", "tagsAll", "targetFailovers", "targetGroupHealth", "targetHealthStates" ], "inputProperties": { "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n", "willReplaceOnChanges": true }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n", "willReplaceOnChanges": true }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:alb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Target Group (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:alb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n", "willReplaceOnChanges": true }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "ARNs of the Load Balancers associated with the Target Group.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n", "willReplaceOnChanges": true }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:alb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:alb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:alb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/targetGroup:TargetGroup" } ] }, "aws:alb/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder()\n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n}, {\n dependsOn: [withLb],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn,\n opts = pulumi.ResourceOptions(depends_on=[with_lb]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n withLb,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twithLb, err := lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twithLb,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder()\n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder()\n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(withLb)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n options:\n dependson:\n - ${withLb}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar example []*ec2.Instance\nfor index := 0; index \u003c 3; index++ {\n key0 := index\n _ := index\n__res, err := ec2.NewInstance(ctx, fmt.Sprintf(\"example-%v\", key0), nil)\nif err != nil {\nreturn err\n}\nexample = append(example, __res)\n}\nexampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nvar exampleTargetGroupAttachment []*lb.TargetGroupAttachment\nfor key0, val0 := range %!v(PANIC=Format method: fatal: An assertion has failed: tok: ) {\n__res, err := lb.NewTargetGroupAttachment(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026lb.TargetGroupAttachmentArgs{\nTargetGroupArn: exampleTargetGroup.Arn,\nTargetId: pulumi.String(val0),\nPort: pulumi.Int(80),\n})\nif err != nil {\nreturn err\n}\nexampleTargetGroupAttachment = append(exampleTargetGroupAttachment, __res)\n}\nreturn nil\n})\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n", "willReplaceOnChanges": true }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n", "willReplaceOnChanges": true }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:applicationloadbalancing/targetGroupAttachment:TargetGroupAttachment" } ] }, "aws:amp/alertManagerDefinition:AlertManagerDefinition": { "description": "Manages an Amazon Managed Service for Prometheus (AMP) Alert Manager Definition\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst demo = new aws.amp.Workspace(\"demo\", {});\nconst demoAlertManagerDefinition = new aws.amp.AlertManagerDefinition(\"demo\", {\n workspaceId: demo.id,\n definition: `alertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndemo = aws.amp.Workspace(\"demo\")\ndemo_alert_manager_definition = aws.amp.AlertManagerDefinition(\"demo\",\n workspace_id=demo.id,\n definition=\"\"\"alertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var demo = new Aws.Amp.Workspace(\"demo\");\n\n var demoAlertManagerDefinition = new Aws.Amp.AlertManagerDefinition(\"demo\", new()\n {\n WorkspaceId = demo.Id,\n Definition = @\"alertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdemo, err := amp.NewWorkspace(ctx, \"demo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amp.NewAlertManagerDefinition(ctx, \"demo\", \u0026amp.AlertManagerDefinitionArgs{\n\t\t\tWorkspaceId: demo.ID(),\n\t\t\tDefinition: pulumi.String(`alertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.Workspace;\nimport com.pulumi.aws.amp.AlertManagerDefinition;\nimport com.pulumi.aws.amp.AlertManagerDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var demo = new Workspace(\"demo\");\n\n var demoAlertManagerDefinition = new AlertManagerDefinition(\"demoAlertManagerDefinition\", AlertManagerDefinitionArgs.builder()\n .workspaceId(demo.id())\n .definition(\"\"\"\nalertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n demo:\n type: aws:amp:Workspace\n demoAlertManagerDefinition:\n type: aws:amp:AlertManagerDefinition\n name: demo\n properties:\n workspaceId: ${demo.id}\n definition: |\n alertmanager_config: |\n route:\n receiver: 'default'\n receivers:\n - name: 'default'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the prometheus alert manager definition using the workspace identifier. For example:\n\n```sh\n$ pulumi import aws:amp/alertManagerDefinition:AlertManagerDefinition demo ws-C6DCB907-F2D7-4D96-957B-66691F865D8B\n```\n", "properties": { "definition": { "type": "string", "description": "the alert manager definition that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alert-manager.html).\n" }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the alert manager definition should be linked to\n" } }, "required": [ "definition", "workspaceId" ], "inputProperties": { "definition": { "type": "string", "description": "the alert manager definition that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alert-manager.html).\n" }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the alert manager definition should be linked to\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "definition", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AlertManagerDefinition resources.\n", "properties": { "definition": { "type": "string", "description": "the alert manager definition that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alert-manager.html).\n" }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the alert manager definition should be linked to\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:amp/ruleGroupNamespace:RuleGroupNamespace": { "description": "Manages an Amazon Managed Service for Prometheus (AMP) Rule Group Namespace\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst demo = new aws.amp.Workspace(\"demo\", {});\nconst demoRuleGroupNamespace = new aws.amp.RuleGroupNamespace(\"demo\", {\n name: \"rules\",\n workspaceId: demo.id,\n data: `groups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndemo = aws.amp.Workspace(\"demo\")\ndemo_rule_group_namespace = aws.amp.RuleGroupNamespace(\"demo\",\n name=\"rules\",\n workspace_id=demo.id,\n data=\"\"\"groups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var demo = new Aws.Amp.Workspace(\"demo\");\n\n var demoRuleGroupNamespace = new Aws.Amp.RuleGroupNamespace(\"demo\", new()\n {\n Name = \"rules\",\n WorkspaceId = demo.Id,\n Data = @\"groups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdemo, err := amp.NewWorkspace(ctx, \"demo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amp.NewRuleGroupNamespace(ctx, \"demo\", \u0026amp.RuleGroupNamespaceArgs{\n\t\t\tName: pulumi.String(\"rules\"),\n\t\t\tWorkspaceId: demo.ID(),\n\t\t\tData: pulumi.String(`groups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.Workspace;\nimport com.pulumi.aws.amp.RuleGroupNamespace;\nimport com.pulumi.aws.amp.RuleGroupNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var demo = new Workspace(\"demo\");\n\n var demoRuleGroupNamespace = new RuleGroupNamespace(\"demoRuleGroupNamespace\", RuleGroupNamespaceArgs.builder()\n .name(\"rules\")\n .workspaceId(demo.id())\n .data(\"\"\"\ngroups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n demo:\n type: aws:amp:Workspace\n demoRuleGroupNamespace:\n type: aws:amp:RuleGroupNamespace\n name: demo\n properties:\n name: rules\n workspaceId: ${demo.id}\n data: |\n groups:\n - name: test\n rules:\n - record: metric:recording_rule\n expr: avg(rate(container_cpu_usage_seconds_total[5m]))\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the prometheus rule group namespace using the arn. For example:\n\n```sh\n$ pulumi import aws:amp/ruleGroupNamespace:RuleGroupNamespace demo arn:aws:aps:us-west-2:123456789012:rulegroupsnamespace/IDstring/namespace_name\n```\n", "properties": { "data": { "type": "string", "description": "the rule group namespace data that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-Ruler.html).\n" }, "name": { "type": "string", "description": "The name of the rule group namespace\n" }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the rule group namespace should be linked to\n" } }, "required": [ "data", "name", "workspaceId" ], "inputProperties": { "data": { "type": "string", "description": "the rule group namespace data that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-Ruler.html).\n" }, "name": { "type": "string", "description": "The name of the rule group namespace\n", "willReplaceOnChanges": true }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the rule group namespace should be linked to\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "data", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroupNamespace resources.\n", "properties": { "data": { "type": "string", "description": "the rule group namespace data that you want to be applied. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-Ruler.html).\n" }, "name": { "type": "string", "description": "The name of the rule group namespace\n", "willReplaceOnChanges": true }, "workspaceId": { "type": "string", "description": "ID of the prometheus workspace the rule group namespace should be linked to\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:amp/scraper:Scraper": { "description": "\n\n## Import\n\nUsing `pulumi import`, import the Managed Scraper using its identifier.\nFor example:\n\n```sh\n$ pulumi import aws:amp/scraper:Scraper example s-0123abc-0000-0123-a000-000000000000\n```\n", "properties": { "alias": { "type": "string", "description": "a name to associate with the managed scraper. This is for your use, and does not need to be unique.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the new scraper.\n" }, "destination": { "$ref": "#/types/aws:amp/ScraperDestination:ScraperDestination", "description": "Configuration block for the managed scraper to send metrics to. See `destination`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the scraper to discover, collect, and produce metrics\n" }, "scrapeConfiguration": { "type": "string", "description": "The configuration file to use in the new scraper. For more information, see [Scraper configuration](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html#AMP-collector-configuration).\n" }, "source": { "$ref": "#/types/aws:amp/ScraperSource:ScraperSource", "description": "Configuration block to specify where the managed scraper will collect metrics from. See `source`.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:amp/ScraperTimeouts:ScraperTimeouts" } }, "required": [ "arn", "roleArn", "scrapeConfiguration", "tagsAll" ], "inputProperties": { "alias": { "type": "string", "description": "a name to associate with the managed scraper. This is for your use, and does not need to be unique.\n" }, "destination": { "$ref": "#/types/aws:amp/ScraperDestination:ScraperDestination", "description": "Configuration block for the managed scraper to send metrics to. See `destination`.\n" }, "scrapeConfiguration": { "type": "string", "description": "The configuration file to use in the new scraper. For more information, see [Scraper configuration](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html#AMP-collector-configuration).\n" }, "source": { "$ref": "#/types/aws:amp/ScraperSource:ScraperSource", "description": "Configuration block to specify where the managed scraper will collect metrics from. See `source`.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeouts": { "$ref": "#/types/aws:amp/ScraperTimeouts:ScraperTimeouts" } }, "requiredInputs": [ "scrapeConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering Scraper resources.\n", "properties": { "alias": { "type": "string", "description": "a name to associate with the managed scraper. This is for your use, and does not need to be unique.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the new scraper.\n" }, "destination": { "$ref": "#/types/aws:amp/ScraperDestination:ScraperDestination", "description": "Configuration block for the managed scraper to send metrics to. See `destination`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the scraper to discover, collect, and produce metrics\n" }, "scrapeConfiguration": { "type": "string", "description": "The configuration file to use in the new scraper. For more information, see [Scraper configuration](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html#AMP-collector-configuration).\n" }, "source": { "$ref": "#/types/aws:amp/ScraperSource:ScraperSource", "description": "Configuration block to specify where the managed scraper will collect metrics from. See `source`.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:amp/ScraperTimeouts:ScraperTimeouts" } }, "type": "object" } }, "aws:amp/workspace:Workspace": { "description": "Manages an Amazon Managed Service for Prometheus (AMP) Workspace.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amp.Workspace(\"example\", {\n alias: \"example\",\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amp.Workspace(\"example\",\n alias=\"example\",\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amp.Workspace(\"example\", new()\n {\n Alias = \"example\",\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amp.NewWorkspace(ctx, \"example\", \u0026amp.WorkspaceArgs{\n\t\t\tAlias: pulumi.String(\"example\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.Workspace;\nimport com.pulumi.aws.amp.WorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workspace(\"example\", WorkspaceArgs.builder()\n .alias(\"example\")\n .tags(Map.of(\"Environment\", \"production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amp:Workspace\n properties:\n alias: example\n tags:\n Environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudWatch Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst exampleWorkspace = new aws.amp.Workspace(\"example\", {loggingConfiguration: {\n logGroupArn: pulumi.interpolate`${example.arn}:*`,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample_workspace = aws.amp.Workspace(\"example\", logging_configuration={\n \"log_group_arn\": example.arn.apply(lambda arn: f\"{arn}:*\"),\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleWorkspace = new Aws.Amp.Workspace(\"example\", new()\n {\n LoggingConfiguration = new Aws.Amp.Inputs.WorkspaceLoggingConfigurationArgs\n {\n LogGroupArn = example.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amp.NewWorkspace(ctx, \"example\", \u0026amp.WorkspaceArgs{\n\t\t\tLoggingConfiguration: \u0026amp.WorkspaceLoggingConfigurationArgs{\n\t\t\t\tLogGroupArn: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.amp.Workspace;\nimport com.pulumi.aws.amp.WorkspaceArgs;\nimport com.pulumi.aws.amp.inputs.WorkspaceLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder()\n .loggingConfiguration(WorkspaceLoggingConfigurationArgs.builder()\n .logGroupArn(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example\n exampleWorkspace:\n type: aws:amp:Workspace\n name: example\n properties:\n loggingConfiguration:\n logGroupArn: ${example.arn}:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS KMS Customer Managed Keys (CMK)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 7,\n});\nconst example = new aws.amp.Workspace(\"example\", {\n alias: \"example\",\n kmsKeyArn: exampleKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_key = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=7)\nexample = aws.amp.Workspace(\"example\",\n alias=\"example\",\n kms_key_arn=example_key.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 7,\n });\n\n var example = new Aws.Amp.Workspace(\"example\", new()\n {\n Alias = \"example\",\n KmsKeyArn = exampleKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amp.NewWorkspace(ctx, \"example\", \u0026amp.WorkspaceArgs{\n\t\t\tAlias: pulumi.String(\"example\"),\n\t\t\tKmsKeyArn: exampleKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.amp.Workspace;\nimport com.pulumi.aws.amp.WorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(7)\n .build());\n\n var example = new Workspace(\"example\", WorkspaceArgs.builder()\n .alias(\"example\")\n .kmsKeyArn(exampleKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amp:Workspace\n properties:\n alias: example\n kmsKeyArn: ${exampleKey.arn}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: example\n deletionWindowInDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AMP Workspaces using the identifier. For example:\n\n```sh\n$ pulumi import aws:amp/workspace:Workspace demo ws-C6DCB907-F2D7-4D96-957B-66691F865D8B\n```\n", "properties": { "alias": { "type": "string", "description": "The alias of the prometheus workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-onboard-create-workspace.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workspace.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. If this argument is not provided, then the AWS owned encryption key will be used to encrypt the data in the workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html)\n" }, "loggingConfiguration": { "$ref": "#/types/aws:amp/WorkspaceLoggingConfiguration:WorkspaceLoggingConfiguration", "description": "Logging configuration for the workspace. See Logging Configuration below for details.\n" }, "prometheusEndpoint": { "type": "string", "description": "Prometheus endpoint available for this workspace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "prometheusEndpoint", "tagsAll" ], "inputProperties": { "alias": { "type": "string", "description": "The alias of the prometheus workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-onboard-create-workspace.html).\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. If this argument is not provided, then the AWS owned encryption key will be used to encrypt the data in the workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html)\n", "willReplaceOnChanges": true }, "loggingConfiguration": { "$ref": "#/types/aws:amp/WorkspaceLoggingConfiguration:WorkspaceLoggingConfiguration", "description": "Logging configuration for the workspace. See Logging Configuration below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Workspace resources.\n", "properties": { "alias": { "type": "string", "description": "The alias of the prometheus workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-onboard-create-workspace.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workspace.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. If this argument is not provided, then the AWS owned encryption key will be used to encrypt the data in the workspace. See more [in AWS Docs](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html)\n", "willReplaceOnChanges": true }, "loggingConfiguration": { "$ref": "#/types/aws:amp/WorkspaceLoggingConfiguration:WorkspaceLoggingConfiguration", "description": "Logging configuration for the workspace. See Logging Configuration below for details.\n" }, "prometheusEndpoint": { "type": "string", "description": "Prometheus endpoint available for this workspace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:amplify/app:App": { "description": "Provides an Amplify App resource, a fullstack serverless app hosted on the [AWS Amplify Console](https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html).\n\n\u003e **Note:** When you create/update an Amplify App from the provider, you may end up with the error \"BadRequestException: You should at least provide one valid token\" because of authentication issues. See the section \"Repository with Tokens\" below.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n repository: \"https://github.com/example/app\",\n buildSpec: `version: 0.1\nfrontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n`,\n customRules: [{\n source: \"/\u003c*\u003e\",\n status: \"404\",\n target: \"/index.html\",\n }],\n environmentVariables: {\n ENV: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n repository=\"https://github.com/example/app\",\n build_spec=\"\"\"version: 0.1\nfrontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n\"\"\",\n custom_rules=[{\n \"source\": \"/\u003c*\u003e\",\n \"status\": \"404\",\n \"target\": \"/index.html\",\n }],\n environment_variables={\n \"ENV\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n Repository = \"https://github.com/example/app\",\n BuildSpec = @\"version: 0.1\nfrontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n\",\n CustomRules = new[]\n {\n new Aws.Amplify.Inputs.AppCustomRuleArgs\n {\n Source = \"/\u003c*\u003e\",\n Status = \"404\",\n Target = \"/index.html\",\n },\n },\n EnvironmentVariables = \n {\n { \"ENV\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRepository: pulumi.String(\"https://github.com/example/app\"),\n\t\t\tBuildSpec: pulumi.String(`version: 0.1\nfrontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n`),\n\t\t\tCustomRules: amplify.AppCustomRuleArray{\n\t\t\t\t\u0026amplify.AppCustomRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"/\u003c*\u003e\"),\n\t\t\t\t\tStatus: pulumi.String(\"404\"),\n\t\t\t\t\tTarget: pulumi.String(\"/index.html\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\"ENV\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.inputs.AppCustomRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .repository(\"https://github.com/example/app\")\n .buildSpec(\"\"\"\nversion: 0.1\nfrontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n \"\"\")\n .customRules(AppCustomRuleArgs.builder()\n .source(\"/\u003c*\u003e\")\n .status(\"404\")\n .target(\"/index.html\")\n .build())\n .environmentVariables(Map.of(\"ENV\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n repository: https://github.com/example/app\n buildSpec: |\n version: 0.1\n frontend:\n phases:\n preBuild:\n commands:\n - yarn install\n build:\n commands:\n - yarn run build\n artifacts:\n baseDirectory: build\n files:\n - '**/*'\n cache:\n paths:\n - node_modules/**/*\n customRules:\n - source: /\u003c*\u003e\n status: '404'\n target: /index.html\n environmentVariables:\n ENV: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Repository with Tokens\n\nIf you create a new Amplify App with the `repository` argument, you also need to set `oauth_token` or `access_token` for authentication. For GitHub, get a [personal access token](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) and set `access_token` as follows:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n repository: \"https://github.com/example/app\",\n accessToken: \"...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n repository=\"https://github.com/example/app\",\n access_token=\"...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n Repository = \"https://github.com/example/app\",\n AccessToken = \"...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRepository: pulumi.String(\"https://github.com/example/app\"),\n\t\t\tAccessToken: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .repository(\"https://github.com/example/app\")\n .accessToken(\"...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n repository: https://github.com/example/app\n accessToken: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nYou can omit `access_token` if you import an existing Amplify App created by the Amplify Console (using OAuth for authentication).\n\n### Auto Branch Creation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n enableAutoBranchCreation: true,\n autoBranchCreationPatterns: [\n \"*\",\n \"*/**\",\n ],\n autoBranchCreationConfig: {\n enableAutoBuild: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n enable_auto_branch_creation=True,\n auto_branch_creation_patterns=[\n \"*\",\n \"*/**\",\n ],\n auto_branch_creation_config={\n \"enable_auto_build\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n EnableAutoBranchCreation = true,\n AutoBranchCreationPatterns = new[]\n {\n \"*\",\n \"*/**\",\n },\n AutoBranchCreationConfig = new Aws.Amplify.Inputs.AppAutoBranchCreationConfigArgs\n {\n EnableAutoBuild = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEnableAutoBranchCreation: pulumi.Bool(true),\n\t\t\tAutoBranchCreationPatterns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\tpulumi.String(\"*/**\"),\n\t\t\t},\n\t\t\tAutoBranchCreationConfig: \u0026amplify.AppAutoBranchCreationConfigArgs{\n\t\t\t\tEnableAutoBuild: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.inputs.AppAutoBranchCreationConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .enableAutoBranchCreation(true)\n .autoBranchCreationPatterns( \n \"*\",\n \"*/**\")\n .autoBranchCreationConfig(AppAutoBranchCreationConfigArgs.builder()\n .enableAutoBuild(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n enableAutoBranchCreation: true # The default patterns added by the Amplify Console.\n autoBranchCreationPatterns:\n - '*'\n - '*/**'\n autoBranchCreationConfig:\n enableAutoBuild: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Authorization\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n enableBasicAuth: true,\n basicAuthCredentials: std.base64encode({\n input: \"username1:password1\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n enable_basic_auth=True,\n basic_auth_credentials=std.base64encode(input=\"username1:password1\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n EnableBasicAuth = true,\n BasicAuthCredentials = Std.Base64encode.Invoke(new()\n {\n Input = \"username1:password1\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"username1:password1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEnableBasicAuth: pulumi.Bool(true),\n\t\t\tBasicAuthCredentials: pulumi.String(invokeBase64encode.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .enableBasicAuth(true)\n .basicAuthCredentials(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"username1:password1\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n enableBasicAuth: true\n basicAuthCredentials:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: username1:password1\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Rewrites and Redirects\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n customRules: [\n {\n source: \"/api/\u003c*\u003e\",\n status: \"200\",\n target: \"https://api.example.com/api/\u003c*\u003e\",\n },\n {\n source: \"\u003c/^[^.]+$|\\\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\",\n status: \"200\",\n target: \"/index.html\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n custom_rules=[\n {\n \"source\": \"/api/\u003c*\u003e\",\n \"status\": \"200\",\n \"target\": \"https://api.example.com/api/\u003c*\u003e\",\n },\n {\n \"source\": \"\u003c/^[^.]+$|\\\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\",\n \"status\": \"200\",\n \"target\": \"/index.html\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n CustomRules = new[]\n {\n new Aws.Amplify.Inputs.AppCustomRuleArgs\n {\n Source = \"/api/\u003c*\u003e\",\n Status = \"200\",\n Target = \"https://api.example.com/api/\u003c*\u003e\",\n },\n new Aws.Amplify.Inputs.AppCustomRuleArgs\n {\n Source = \"\u003c/^[^.]+$|\\\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\",\n Status = \"200\",\n Target = \"/index.html\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCustomRules: amplify.AppCustomRuleArray{\n\t\t\t\t\u0026amplify.AppCustomRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"/api/\u003c*\u003e\"),\n\t\t\t\t\tStatus: pulumi.String(\"200\"),\n\t\t\t\t\tTarget: pulumi.String(\"https://api.example.com/api/\u003c*\u003e\"),\n\t\t\t\t},\n\t\t\t\t\u0026amplify.AppCustomRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"\u003c/^[^.]+$|\\\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\"),\n\t\t\t\t\tStatus: pulumi.String(\"200\"),\n\t\t\t\t\tTarget: pulumi.String(\"/index.html\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.inputs.AppCustomRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .customRules( \n AppCustomRuleArgs.builder()\n .source(\"/api/\u003c*\u003e\")\n .status(\"200\")\n .target(\"https://api.example.com/api/\u003c*\u003e\")\n .build(),\n AppCustomRuleArgs.builder()\n .source(\"\u003c/^[^.]+$|\\\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\")\n .status(\"200\")\n .target(\"/index.html\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n customRules:\n - source: /api/\u003c*\u003e\n status: '200'\n target: https://api.example.com/api/\u003c*\u003e\n - source: \u003c/^[^.]+$|\\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|ttf|map|json)$)([^.]+$)/\u003e\n status: '200'\n target: /index.html\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Image\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n environmentVariables: {\n _CUSTOM_IMAGE: \"node:16\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n environment_variables={\n \"_CUSTOM_IMAGE\": \"node:16\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n EnvironmentVariables = \n {\n { \"_CUSTOM_IMAGE\", \"node:16\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\"_CUSTOM_IMAGE\": pulumi.String(\"node:16\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .environmentVariables(Map.of(\"_CUSTOM_IMAGE\", \"node:16\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n environmentVariables:\n _CUSTOM_IMAGE: node:16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Headers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"example\",\n customHeaders: `customHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"default-src 'self'\"\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"example\",\n custom_headers=\"\"\"customHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"default-src 'self'\"\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n CustomHeaders = @\"customHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"\"default-src 'self'\"\"\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCustomHeaders: pulumi.String(`customHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"default-src 'self'\"\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .customHeaders(\"\"\"\ncustomHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"default-src 'self'\"\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n customHeaders: |\n customHeaders:\n - pattern: '**'\n headers:\n - key: 'Strict-Transport-Security'\n value: 'max-age=31536000; includeSubDomains'\n - key: 'X-Frame-Options'\n value: 'SAMEORIGIN'\n - key: 'X-XSS-Protection'\n value: '1; mode=block'\n - key: 'X-Content-Type-Options'\n value: 'nosniff'\n - key: 'Content-Security-Policy'\n value: \"default-src 'self'\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amplify App using Amplify App ID (appId). For example:\n\n```sh\n$ pulumi import aws:amplify/app:App example d2ypk4k47z8u6\n```\nApp ID can be obtained from App ARN (e.g., `arn:aws:amplify:us-east-1:12345678:apps/d2ypk4k47z8u6`).\n\n", "properties": { "accessToken": { "type": "string", "description": "Personal access token for a third-party source control system for an Amplify app. This token must have write access to the relevant repo to create a webhook and a read-only deploy key for the Amplify project. The token is not stored, so after applying this attribute can be removed and the setup token deleted.\n", "secret": true }, "arn": { "type": "string", "description": "ARN of the Amplify app.\n" }, "autoBranchCreationConfig": { "$ref": "#/types/aws:amplify/AppAutoBranchCreationConfig:AppAutoBranchCreationConfig", "description": "Automated branch creation configuration for an Amplify app. An `auto_branch_creation_config` block is documented below.\n" }, "autoBranchCreationPatterns": { "type": "array", "items": { "type": "string" }, "description": "Automated branch creation glob patterns for an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Credentials for basic authorization for an Amplify app.\n", "secret": true }, "buildSpec": { "type": "string", "description": "The [build specification](https://docs.aws.amazon.com/amplify/latest/userguide/build-settings.html) (build spec) for an Amplify app.\n" }, "customHeaders": { "type": "string", "description": "The [custom HTTP headers](https://docs.aws.amazon.com/amplify/latest/userguide/custom-headers.html) for an Amplify app.\n" }, "customRules": { "type": "array", "items": { "$ref": "#/types/aws:amplify/AppCustomRule:AppCustomRule" }, "description": "Custom rewrite and redirect rules for an Amplify app. A `custom_rule` block is documented below.\n" }, "defaultDomain": { "type": "string", "description": "Default domain for the Amplify app.\n" }, "description": { "type": "string", "description": "Description for an Amplify app.\n" }, "enableAutoBranchCreation": { "type": "boolean", "description": "Enables automated branch creation for an Amplify app.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.\n" }, "enableBranchAutoBuild": { "type": "boolean", "description": "Enables auto-building of branches for the Amplify App.\n" }, "enableBranchAutoDeletion": { "type": "boolean", "description": "Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables map for an Amplify app.\n" }, "iamServiceRoleArn": { "type": "string", "description": "AWS Identity and Access Management (IAM) service role for an Amplify app.\n" }, "name": { "type": "string", "description": "Name for an Amplify app.\n" }, "oauthToken": { "type": "string", "description": "OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key. The OAuth token is not stored.\n", "secret": true }, "platform": { "type": "string", "description": "Platform or framework for an Amplify app. Valid values: `WEB`, `WEB_COMPUTE`. Default value: `WEB`.\n" }, "productionBranches": { "type": "array", "items": { "$ref": "#/types/aws:amplify/AppProductionBranch:AppProductionBranch" }, "description": "Describes the information about a production branch for an Amplify app. A `production_branch` block is documented below.\n" }, "repository": { "type": "string", "description": "Repository for an Amplify app.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "autoBranchCreationConfig", "buildSpec", "customHeaders", "defaultDomain", "name", "productionBranches", "tagsAll" ], "inputProperties": { "accessToken": { "type": "string", "description": "Personal access token for a third-party source control system for an Amplify app. This token must have write access to the relevant repo to create a webhook and a read-only deploy key for the Amplify project. The token is not stored, so after applying this attribute can be removed and the setup token deleted.\n", "secret": true }, "autoBranchCreationConfig": { "$ref": "#/types/aws:amplify/AppAutoBranchCreationConfig:AppAutoBranchCreationConfig", "description": "Automated branch creation configuration for an Amplify app. An `auto_branch_creation_config` block is documented below.\n" }, "autoBranchCreationPatterns": { "type": "array", "items": { "type": "string" }, "description": "Automated branch creation glob patterns for an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Credentials for basic authorization for an Amplify app.\n", "secret": true }, "buildSpec": { "type": "string", "description": "The [build specification](https://docs.aws.amazon.com/amplify/latest/userguide/build-settings.html) (build spec) for an Amplify app.\n" }, "customHeaders": { "type": "string", "description": "The [custom HTTP headers](https://docs.aws.amazon.com/amplify/latest/userguide/custom-headers.html) for an Amplify app.\n" }, "customRules": { "type": "array", "items": { "$ref": "#/types/aws:amplify/AppCustomRule:AppCustomRule" }, "description": "Custom rewrite and redirect rules for an Amplify app. A `custom_rule` block is documented below.\n" }, "description": { "type": "string", "description": "Description for an Amplify app.\n" }, "enableAutoBranchCreation": { "type": "boolean", "description": "Enables automated branch creation for an Amplify app.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.\n" }, "enableBranchAutoBuild": { "type": "boolean", "description": "Enables auto-building of branches for the Amplify App.\n" }, "enableBranchAutoDeletion": { "type": "boolean", "description": "Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables map for an Amplify app.\n" }, "iamServiceRoleArn": { "type": "string", "description": "AWS Identity and Access Management (IAM) service role for an Amplify app.\n" }, "name": { "type": "string", "description": "Name for an Amplify app.\n" }, "oauthToken": { "type": "string", "description": "OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key. The OAuth token is not stored.\n", "secret": true }, "platform": { "type": "string", "description": "Platform or framework for an Amplify app. Valid values: `WEB`, `WEB_COMPUTE`. Default value: `WEB`.\n" }, "repository": { "type": "string", "description": "Repository for an Amplify app.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering App resources.\n", "properties": { "accessToken": { "type": "string", "description": "Personal access token for a third-party source control system for an Amplify app. This token must have write access to the relevant repo to create a webhook and a read-only deploy key for the Amplify project. The token is not stored, so after applying this attribute can be removed and the setup token deleted.\n", "secret": true }, "arn": { "type": "string", "description": "ARN of the Amplify app.\n" }, "autoBranchCreationConfig": { "$ref": "#/types/aws:amplify/AppAutoBranchCreationConfig:AppAutoBranchCreationConfig", "description": "Automated branch creation configuration for an Amplify app. An `auto_branch_creation_config` block is documented below.\n" }, "autoBranchCreationPatterns": { "type": "array", "items": { "type": "string" }, "description": "Automated branch creation glob patterns for an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Credentials for basic authorization for an Amplify app.\n", "secret": true }, "buildSpec": { "type": "string", "description": "The [build specification](https://docs.aws.amazon.com/amplify/latest/userguide/build-settings.html) (build spec) for an Amplify app.\n" }, "customHeaders": { "type": "string", "description": "The [custom HTTP headers](https://docs.aws.amazon.com/amplify/latest/userguide/custom-headers.html) for an Amplify app.\n" }, "customRules": { "type": "array", "items": { "$ref": "#/types/aws:amplify/AppCustomRule:AppCustomRule" }, "description": "Custom rewrite and redirect rules for an Amplify app. A `custom_rule` block is documented below.\n" }, "defaultDomain": { "type": "string", "description": "Default domain for the Amplify app.\n" }, "description": { "type": "string", "description": "Description for an Amplify app.\n" }, "enableAutoBranchCreation": { "type": "boolean", "description": "Enables automated branch creation for an Amplify app.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.\n" }, "enableBranchAutoBuild": { "type": "boolean", "description": "Enables auto-building of branches for the Amplify App.\n" }, "enableBranchAutoDeletion": { "type": "boolean", "description": "Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables map for an Amplify app.\n" }, "iamServiceRoleArn": { "type": "string", "description": "AWS Identity and Access Management (IAM) service role for an Amplify app.\n" }, "name": { "type": "string", "description": "Name for an Amplify app.\n" }, "oauthToken": { "type": "string", "description": "OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key. The OAuth token is not stored.\n", "secret": true }, "platform": { "type": "string", "description": "Platform or framework for an Amplify app. Valid values: `WEB`, `WEB_COMPUTE`. Default value: `WEB`.\n" }, "productionBranches": { "type": "array", "items": { "$ref": "#/types/aws:amplify/AppProductionBranch:AppProductionBranch" }, "description": "Describes the information about a production branch for an Amplify app. A `production_branch` block is documented below.\n" }, "repository": { "type": "string", "description": "Repository for an Amplify app.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:amplify/backendEnvironment:BackendEnvironment": { "description": "Provides an Amplify Backend Environment resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {name: \"example\"});\nconst exampleBackendEnvironment = new aws.amplify.BackendEnvironment(\"example\", {\n appId: example.id,\n environmentName: \"example\",\n deploymentArtifacts: \"app-example-deployment\",\n stackName: \"amplify-app-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\", name=\"example\")\nexample_backend_environment = aws.amplify.BackendEnvironment(\"example\",\n app_id=example.id,\n environment_name=\"example\",\n deployment_artifacts=\"app-example-deployment\",\n stack_name=\"amplify-app-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBackendEnvironment = new Aws.Amplify.BackendEnvironment(\"example\", new()\n {\n AppId = example.Id,\n EnvironmentName = \"example\",\n DeploymentArtifacts = \"app-example-deployment\",\n StackName = \"amplify-app-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewBackendEnvironment(ctx, \"example\", \u0026amplify.BackendEnvironmentArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tEnvironmentName: pulumi.String(\"example\"),\n\t\t\tDeploymentArtifacts: pulumi.String(\"app-example-deployment\"),\n\t\t\tStackName: pulumi.String(\"amplify-app-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.BackendEnvironment;\nimport com.pulumi.aws.amplify.BackendEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleBackendEnvironment = new BackendEnvironment(\"exampleBackendEnvironment\", BackendEnvironmentArgs.builder()\n .appId(example.id())\n .environmentName(\"example\")\n .deploymentArtifacts(\"app-example-deployment\")\n .stackName(\"amplify-app-example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: example\n exampleBackendEnvironment:\n type: aws:amplify:BackendEnvironment\n name: example\n properties:\n appId: ${example.id}\n environmentName: example\n deploymentArtifacts: app-example-deployment\n stackName: amplify-app-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amplify backend environment using `app_id` and `environment_name`. For example:\n\n```sh\n$ pulumi import aws:amplify/backendEnvironment:BackendEnvironment example d2ypk4k47z8u6/example\n```\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n" }, "arn": { "type": "string", "description": "ARN for a backend environment that is part of an Amplify app.\n" }, "deploymentArtifacts": { "type": "string", "description": "Name of deployment artifacts.\n" }, "environmentName": { "type": "string", "description": "Name for the backend environment.\n" }, "stackName": { "type": "string", "description": "AWS CloudFormation stack name of a backend environment.\n" } }, "required": [ "appId", "arn", "deploymentArtifacts", "environmentName", "stackName" ], "inputProperties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "deploymentArtifacts": { "type": "string", "description": "Name of deployment artifacts.\n", "willReplaceOnChanges": true }, "environmentName": { "type": "string", "description": "Name for the backend environment.\n", "willReplaceOnChanges": true }, "stackName": { "type": "string", "description": "AWS CloudFormation stack name of a backend environment.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "appId", "environmentName" ], "stateInputs": { "description": "Input properties used for looking up and filtering BackendEnvironment resources.\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN for a backend environment that is part of an Amplify app.\n" }, "deploymentArtifacts": { "type": "string", "description": "Name of deployment artifacts.\n", "willReplaceOnChanges": true }, "environmentName": { "type": "string", "description": "Name for the backend environment.\n", "willReplaceOnChanges": true }, "stackName": { "type": "string", "description": "AWS CloudFormation stack name of a backend environment.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:amplify/branch:Branch": { "description": "Provides an Amplify Branch resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {name: \"app\"});\nconst master = new aws.amplify.Branch(\"master\", {\n appId: example.id,\n branchName: \"master\",\n framework: \"React\",\n stage: \"PRODUCTION\",\n environmentVariables: {\n REACT_APP_API_SERVER: \"https://api.example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\", name=\"app\")\nmaster = aws.amplify.Branch(\"master\",\n app_id=example.id,\n branch_name=\"master\",\n framework=\"React\",\n stage=\"PRODUCTION\",\n environment_variables={\n \"REACT_APP_API_SERVER\": \"https://api.example.com\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"app\",\n });\n\n var master = new Aws.Amplify.Branch(\"master\", new()\n {\n AppId = example.Id,\n BranchName = \"master\",\n Framework = \"React\",\n Stage = \"PRODUCTION\",\n EnvironmentVariables = \n {\n { \"REACT_APP_API_SERVER\", \"https://api.example.com\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewBranch(ctx, \"master\", \u0026amplify.BranchArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tBranchName: pulumi.String(\"master\"),\n\t\t\tFramework: pulumi.String(\"React\"),\n\t\t\tStage: pulumi.String(\"PRODUCTION\"),\n\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\"REACT_APP_API_SERVER\": pulumi.String(\"https://api.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.Branch;\nimport com.pulumi.aws.amplify.BranchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"app\")\n .build());\n\n var master = new Branch(\"master\", BranchArgs.builder()\n .appId(example.id())\n .branchName(\"master\")\n .framework(\"React\")\n .stage(\"PRODUCTION\")\n .environmentVariables(Map.of(\"REACT_APP_API_SERVER\", \"https://api.example.com\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: app\n master:\n type: aws:amplify:Branch\n properties:\n appId: ${example.id}\n branchName: master\n framework: React\n stage: PRODUCTION\n environmentVariables:\n REACT_APP_API_SERVER: https://api.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.amplify.App(\"example\", {name: \"app\"});\nconst master = new aws.amplify.Branch(\"master\", {\n appId: example.id,\n branchName: \"master\",\n enableBasicAuth: true,\n basicAuthCredentials: std.base64encode({\n input: \"username:password\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.amplify.App(\"example\", name=\"app\")\nmaster = aws.amplify.Branch(\"master\",\n app_id=example.id,\n branch_name=\"master\",\n enable_basic_auth=True,\n basic_auth_credentials=std.base64encode(input=\"username:password\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"app\",\n });\n\n var master = new Aws.Amplify.Branch(\"master\", new()\n {\n AppId = example.Id,\n BranchName = \"master\",\n EnableBasicAuth = true,\n BasicAuthCredentials = Std.Base64encode.Invoke(new()\n {\n Input = \"username:password\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"username:password\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewBranch(ctx, \"master\", \u0026amplify.BranchArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tBranchName: pulumi.String(\"master\"),\n\t\t\tEnableBasicAuth: pulumi.Bool(true),\n\t\t\tBasicAuthCredentials: pulumi.String(invokeBase64encode.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.Branch;\nimport com.pulumi.aws.amplify.BranchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"app\")\n .build());\n\n var master = new Branch(\"master\", BranchArgs.builder()\n .appId(example.id())\n .branchName(\"master\")\n .enableBasicAuth(true)\n .basicAuthCredentials(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"username:password\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: app\n master:\n type: aws:amplify:Branch\n properties:\n appId: ${example.id}\n branchName: master\n enableBasicAuth: true\n basicAuthCredentials:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: username:password\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Notifications\n\nAmplify Console uses EventBridge (formerly known as CloudWatch Events) and SNS for email notifications. To implement the same functionality, you need to set `enable_notification` in a `aws.amplify.Branch` resource, as well as creating an EventBridge Rule, an SNS topic, and SNS subscriptions.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {name: \"app\"});\nconst master = new aws.amplify.Branch(\"master\", {\n appId: example.id,\n branchName: \"master\",\n enableNotification: true,\n});\n// EventBridge Rule for Amplify notifications\nconst amplifyAppMasterEventRule = new aws.cloudwatch.EventRule(\"amplify_app_master\", {\n name: pulumi.interpolate`amplify-${app.id}-${master.branchName}-branch-notification`,\n description: pulumi.interpolate`AWS Amplify build notifications for : App: ${app.id} Branch: ${master.branchName}`,\n eventPattern: pulumi.jsonStringify({\n detail: {\n appId: [example.id],\n branchName: [master.branchName],\n jobStatus: [\n \"SUCCEED\",\n \"FAILED\",\n \"STARTED\",\n ],\n },\n \"detail-type\": [\"Amplify Deployment Status Change\"],\n source: [\"aws.amplify\"],\n }),\n});\n// SNS Topic for Amplify notifications\nconst amplifyAppMasterTopic = new aws.sns.Topic(\"amplify_app_master\", {name: pulumi.interpolate`amplify-${app.id}_${master.branchName}`});\nconst amplifyAppMasterEventTarget = new aws.cloudwatch.EventTarget(\"amplify_app_master\", {\n rule: amplifyAppMasterEventRule.name,\n targetId: master.branchName,\n arn: amplifyAppMasterTopic.arn,\n inputTransformer: {\n inputPaths: {\n jobId: \"$.detail.jobId\",\n appId: \"$.detail.appId\",\n region: \"$.region\",\n branch: \"$.detail.branchName\",\n status: \"$.detail.jobStatus\",\n },\n inputTemplate: \"\\\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \\\"\",\n },\n});\nconst amplifyAppMaster = pulumi.all([master.arn, amplifyAppMasterTopic.arn]).apply(([masterArn, amplifyAppMasterTopicArn]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: `Allow_Publish_Events ${masterArn}`,\n effect: \"Allow\",\n actions: [\"SNS:Publish\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"events.amazonaws.com\"],\n }],\n resources: [amplifyAppMasterTopicArn],\n }],\n}));\nconst amplifyAppMasterTopicPolicy = new aws.sns.TopicPolicy(\"amplify_app_master\", {\n arn: amplifyAppMasterTopic.arn,\n policy: amplifyAppMaster.apply(amplifyAppMaster =\u003e amplifyAppMaster.json),\n});\nconst _this = new aws.sns.TopicSubscription(\"this\", {\n topic: amplifyAppMasterTopic.arn,\n protocol: \"email\",\n endpoint: \"user@acme.com\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\", name=\"app\")\nmaster = aws.amplify.Branch(\"master\",\n app_id=example.id,\n branch_name=\"master\",\n enable_notification=True)\n# EventBridge Rule for Amplify notifications\namplify_app_master_event_rule = aws.cloudwatch.EventRule(\"amplify_app_master\",\n name=master.branch_name.apply(lambda branch_name: f\"amplify-{app['id']}-{branch_name}-branch-notification\"),\n description=master.branch_name.apply(lambda branch_name: f\"AWS Amplify build notifications for : App: {app['id']} Branch: {branch_name}\"),\n event_pattern=pulumi.Output.json_dumps({\n \"detail\": {\n \"appId\": [example.id],\n \"branchName\": [master.branch_name],\n \"jobStatus\": [\n \"SUCCEED\",\n \"FAILED\",\n \"STARTED\",\n ],\n },\n \"detail-type\": [\"Amplify Deployment Status Change\"],\n \"source\": [\"aws.amplify\"],\n }))\n# SNS Topic for Amplify notifications\namplify_app_master_topic = aws.sns.Topic(\"amplify_app_master\", name=master.branch_name.apply(lambda branch_name: f\"amplify-{app['id']}_{branch_name}\"))\namplify_app_master_event_target = aws.cloudwatch.EventTarget(\"amplify_app_master\",\n rule=amplify_app_master_event_rule.name,\n target_id=master.branch_name,\n arn=amplify_app_master_topic.arn,\n input_transformer={\n \"input_paths\": {\n \"job_id\": \"$.detail.jobId\",\n \"app_id\": \"$.detail.appId\",\n \"region\": \"$.region\",\n \"branch\": \"$.detail.branchName\",\n \"status\": \"$.detail.jobStatus\",\n },\n \"input_template\": \"\\\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \\\"\",\n })\namplify_app_master = pulumi.Output.all(master.arn, amplify_app_master_topic.arn).apply(lambda masterArn, amplifyAppMasterTopicArn: aws.iam.get_policy_document_output(statements=[{\n \"sid\": f\"Allow_Publish_Events {master_arn}\",\n \"effect\": \"Allow\",\n \"actions\": [\"SNS:Publish\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"events.amazonaws.com\"],\n }],\n \"resources\": [amplify_app_master_topic_arn],\n}]))\namplify_app_master_topic_policy = aws.sns.TopicPolicy(\"amplify_app_master\",\n arn=amplify_app_master_topic.arn,\n policy=amplify_app_master.json)\nthis = aws.sns.TopicSubscription(\"this\",\n topic=amplify_app_master_topic.arn,\n protocol=\"email\",\n endpoint=\"user@acme.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"app\",\n });\n\n var master = new Aws.Amplify.Branch(\"master\", new()\n {\n AppId = example.Id,\n BranchName = \"master\",\n EnableNotification = true,\n });\n\n // EventBridge Rule for Amplify notifications\n var amplifyAppMasterEventRule = new Aws.CloudWatch.EventRule(\"amplify_app_master\", new()\n {\n Name = master.BranchName.Apply(branchName =\u003e $\"amplify-{app.Id}-{branchName}-branch-notification\"),\n Description = master.BranchName.Apply(branchName =\u003e $\"AWS Amplify build notifications for : App: {app.Id} Branch: {branchName}\"),\n EventPattern = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"detail\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"appId\"] = new[]\n {\n example.Id,\n },\n [\"branchName\"] = new[]\n {\n master.BranchName,\n },\n [\"jobStatus\"] = new[]\n {\n \"SUCCEED\",\n \"FAILED\",\n \"STARTED\",\n },\n },\n [\"detail-type\"] = new[]\n {\n \"Amplify Deployment Status Change\",\n },\n [\"source\"] = new[]\n {\n \"aws.amplify\",\n },\n })),\n });\n\n // SNS Topic for Amplify notifications\n var amplifyAppMasterTopic = new Aws.Sns.Topic(\"amplify_app_master\", new()\n {\n Name = master.BranchName.Apply(branchName =\u003e $\"amplify-{app.Id}_{branchName}\"),\n });\n\n var amplifyAppMasterEventTarget = new Aws.CloudWatch.EventTarget(\"amplify_app_master\", new()\n {\n Rule = amplifyAppMasterEventRule.Name,\n TargetId = master.BranchName,\n Arn = amplifyAppMasterTopic.Arn,\n InputTransformer = new Aws.CloudWatch.Inputs.EventTargetInputTransformerArgs\n {\n InputPaths = \n {\n { \"jobId\", \"$.detail.jobId\" },\n { \"appId\", \"$.detail.appId\" },\n { \"region\", \"$.region\" },\n { \"branch\", \"$.detail.branchName\" },\n { \"status\", \"$.detail.jobStatus\" },\n },\n InputTemplate = \"\\\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \\\"\",\n },\n });\n\n var amplifyAppMaster = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = $\"Allow_Publish_Events {master.Arn}\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n amplifyAppMasterTopic.Arn,\n },\n },\n },\n });\n\n var amplifyAppMasterTopicPolicy = new Aws.Sns.TopicPolicy(\"amplify_app_master\", new()\n {\n Arn = amplifyAppMasterTopic.Arn,\n Policy = amplifyAppMaster.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var @this = new Aws.Sns.TopicSubscription(\"this\", new()\n {\n Topic = amplifyAppMasterTopic.Arn,\n Protocol = \"email\",\n Endpoint = \"user@acme.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\nName: pulumi.String(\"app\"),\n})\nif err != nil {\nreturn err\n}\nmaster, err := amplify.NewBranch(ctx, \"master\", \u0026amplify.BranchArgs{\nAppId: example.ID(),\nBranchName: pulumi.String(\"master\"),\nEnableNotification: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\n// EventBridge Rule for Amplify notifications\namplifyAppMasterEventRule, err := cloudwatch.NewEventRule(ctx, \"amplify_app_master\", \u0026cloudwatch.EventRuleArgs{\nName: master.BranchName.ApplyT(func(branchName string) (string, error) {\nreturn fmt.Sprintf(\"amplify-%v-%v-branch-notification\", app.Id, branchName), nil\n}).(pulumi.StringOutput),\nDescription: master.BranchName.ApplyT(func(branchName string) (string, error) {\nreturn fmt.Sprintf(\"AWS Amplify build notifications for : App: %v Branch: %v\", app.Id, branchName), nil\n}).(pulumi.StringOutput),\nEventPattern: pulumi.All(example.ID(),master.BranchName).ApplyT(func(_args []interface{}) (string, error) {\nid := _args[0].(string)\nbranchName := _args[1].(string)\nvar _zero string\ntmpJSON0, err := json.Marshal(map[string]interface{}{\n\"detail\": map[string]interface{}{\n\"appId\": []string{\nid,\n},\n\"branchName\": []string{\nbranchName,\n},\n\"jobStatus\": []string{\n\"SUCCEED\",\n\"FAILED\",\n\"STARTED\",\n},\n},\n\"detail-type\": []string{\n\"Amplify Deployment Status Change\",\n},\n\"source\": []string{\n\"aws.amplify\",\n},\n})\nif err != nil {\nreturn _zero, err\n}\njson0 := string(tmpJSON0)\nreturn json0, nil\n}).(pulumi.StringOutput),\n})\nif err != nil {\nreturn err\n}\n// SNS Topic for Amplify notifications\namplifyAppMasterTopic, err := sns.NewTopic(ctx, \"amplify_app_master\", \u0026sns.TopicArgs{\nName: master.BranchName.ApplyT(func(branchName string) (string, error) {\nreturn fmt.Sprintf(\"amplify-%v_%v\", app.Id, branchName), nil\n}).(pulumi.StringOutput),\n})\nif err != nil {\nreturn err\n}\n_, err = cloudwatch.NewEventTarget(ctx, \"amplify_app_master\", \u0026cloudwatch.EventTargetArgs{\nRule: amplifyAppMasterEventRule.Name,\nTargetId: master.BranchName,\nArn: amplifyAppMasterTopic.Arn,\nInputTransformer: \u0026cloudwatch.EventTargetInputTransformerArgs{\nInputPaths: pulumi.StringMap{\n\"jobId\": pulumi.String(\"$.detail.jobId\"),\n\"appId\": pulumi.String(\"$.detail.appId\"),\n\"region\": pulumi.String(\"$.region\"),\n\"branch\": pulumi.String(\"$.detail.branchName\"),\n\"status\": pulumi.String(\"$.detail.jobStatus\"),\n},\nInputTemplate: pulumi.String(\"\\\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \\\"\"),\n},\n})\nif err != nil {\nreturn err\n}\namplifyAppMaster := pulumi.All(master.Arn,amplifyAppMasterTopic.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\nmasterArn := _args[0].(string)\namplifyAppMasterTopicArn := _args[1].(string)\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: fmt.Sprintf(\"Allow_Publish_Events %v\", masterArn),\nEffect: \"Allow\",\nActions: []string{\n\"SNS:Publish\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"events.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\namplifyAppMasterTopicArn,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"amplify_app_master\", \u0026sns.TopicPolicyArgs{\nArn: amplifyAppMasterTopic.Arn,\nPolicy: pulumi.String(amplifyAppMaster.ApplyT(func(amplifyAppMaster iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026amplifyAppMaster.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\n_, err = sns.NewTopicSubscription(ctx, \"this\", \u0026sns.TopicSubscriptionArgs{\nTopic: amplifyAppMasterTopic.Arn,\nProtocol: pulumi.String(\"email\"),\nEndpoint: pulumi.String(\"user@acme.com\"),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.Branch;\nimport com.pulumi.aws.amplify.BranchArgs;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetInputTransformerArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"app\")\n .build());\n\n var master = new Branch(\"master\", BranchArgs.builder()\n .appId(example.id())\n .branchName(\"master\")\n .enableNotification(true)\n .build());\n\n // EventBridge Rule for Amplify notifications\n var amplifyAppMasterEventRule = new EventRule(\"amplifyAppMasterEventRule\", EventRuleArgs.builder()\n .name(master.branchName().applyValue(branchName -\u003e String.format(\"amplify-%s-%s-branch-notification\", app.id(),branchName)))\n .description(master.branchName().applyValue(branchName -\u003e String.format(\"AWS Amplify build notifications for : App: %s Branch: %s\", app.id(),branchName)))\n .eventPattern(Output.tuple(example.id(), master.branchName()).applyValue(values -\u003e {\n var id = values.t1;\n var branchName = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"detail\", jsonObject(\n jsonProperty(\"appId\", jsonArray(id)),\n jsonProperty(\"branchName\", jsonArray(branchName)),\n jsonProperty(\"jobStatus\", jsonArray(\n \"SUCCEED\", \n \"FAILED\", \n \"STARTED\"\n ))\n )),\n jsonProperty(\"detail-type\", jsonArray(\"Amplify Deployment Status Change\")),\n jsonProperty(\"source\", jsonArray(\"aws.amplify\"))\n ));\n }))\n .build());\n\n // SNS Topic for Amplify notifications\n var amplifyAppMasterTopic = new Topic(\"amplifyAppMasterTopic\", TopicArgs.builder()\n .name(master.branchName().applyValue(branchName -\u003e String.format(\"amplify-%s_%s\", app.id(),branchName)))\n .build());\n\n var amplifyAppMasterEventTarget = new EventTarget(\"amplifyAppMasterEventTarget\", EventTargetArgs.builder()\n .rule(amplifyAppMasterEventRule.name())\n .targetId(master.branchName())\n .arn(amplifyAppMasterTopic.arn())\n .inputTransformer(EventTargetInputTransformerArgs.builder()\n .inputPaths(Map.ofEntries(\n Map.entry(\"jobId\", \"$.detail.jobId\"),\n Map.entry(\"appId\", \"$.detail.appId\"),\n Map.entry(\"region\", \"$.region\"),\n Map.entry(\"branch\", \"$.detail.branchName\"),\n Map.entry(\"status\", \"$.detail.jobStatus\")\n ))\n .inputTemplate(\"\\\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \\\"\")\n .build())\n .build());\n\n final var amplifyAppMaster = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(master.arn().applyValue(arn -\u003e String.format(\"Allow_Publish_Events %s\", arn)))\n .effect(\"Allow\")\n .actions(\"SNS:Publish\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"events.amazonaws.com\")\n .build())\n .resources(amplifyAppMasterTopic.arn())\n .build())\n .build());\n\n var amplifyAppMasterTopicPolicy = new TopicPolicy(\"amplifyAppMasterTopicPolicy\", TopicPolicyArgs.builder()\n .arn(amplifyAppMasterTopic.arn())\n .policy(amplifyAppMaster.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(amplifyAppMaster -\u003e amplifyAppMaster.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var this_ = new TopicSubscription(\"this\", TopicSubscriptionArgs.builder()\n .topic(amplifyAppMasterTopic.arn())\n .protocol(\"email\")\n .endpoint(\"user@acme.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: app\n master:\n type: aws:amplify:Branch\n properties:\n appId: ${example.id}\n branchName: master\n enableNotification: true\n # EventBridge Rule for Amplify notifications\n amplifyAppMasterEventRule:\n type: aws:cloudwatch:EventRule\n name: amplify_app_master\n properties:\n name: amplify-${app.id}-${master.branchName}-branch-notification\n description: 'AWS Amplify build notifications for : App: ${app.id} Branch: ${master.branchName}'\n eventPattern:\n fn::toJSON:\n detail:\n appId:\n - ${example.id}\n branchName:\n - ${master.branchName}\n jobStatus:\n - SUCCEED\n - FAILED\n - STARTED\n detail-type:\n - Amplify Deployment Status Change\n source:\n - aws.amplify\n amplifyAppMasterEventTarget:\n type: aws:cloudwatch:EventTarget\n name: amplify_app_master\n properties:\n rule: ${amplifyAppMasterEventRule.name}\n targetId: ${master.branchName}\n arn: ${amplifyAppMasterTopic.arn}\n inputTransformer:\n inputPaths:\n jobId: $.detail.jobId\n appId: $.detail.appId\n region: $.region\n branch: $.detail.branchName\n status: $.detail.jobStatus\n inputTemplate: '\"Build notification from the AWS Amplify Console for app: https://\u003cbranch\u003e.\u003cappId\u003e.amplifyapp.com/. Your build status is \u003cstatus\u003e. Go to https://console.aws.amazon.com/amplify/home?region=\u003cregion\u003e#\u003cappId\u003e/\u003cbranch\u003e/\u003cjobId\u003e to view details on your build. \"'\n # SNS Topic for Amplify notifications\n amplifyAppMasterTopic:\n type: aws:sns:Topic\n name: amplify_app_master\n properties:\n name: amplify-${app.id}_${master.branchName}\n amplifyAppMasterTopicPolicy:\n type: aws:sns:TopicPolicy\n name: amplify_app_master\n properties:\n arn: ${amplifyAppMasterTopic.arn}\n policy: ${amplifyAppMaster.json}\n this:\n type: aws:sns:TopicSubscription\n properties:\n topic: ${amplifyAppMasterTopic.arn}\n protocol: email\n endpoint: user@acme.com\nvariables:\n amplifyAppMaster:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow_Publish_Events ${master.arn}\n effect: Allow\n actions:\n - SNS:Publish\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n resources:\n - ${amplifyAppMasterTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amplify branch using `app_id` and `branch_name`. For example:\n\n```sh\n$ pulumi import aws:amplify/branch:Branch master d2ypk4k47z8u6/master\n```\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n" }, "arn": { "type": "string", "description": "ARN for the branch.\n" }, "associatedResources": { "type": "array", "items": { "type": "string" }, "description": "A list of custom resources that are linked to this branch.\n" }, "backendEnvironmentArn": { "type": "string", "description": "ARN for a backend environment that is part of an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Basic authorization credentials for the branch.\n", "secret": true }, "branchName": { "type": "string", "description": "Name for the branch.\n" }, "customDomains": { "type": "array", "items": { "type": "string" }, "description": "Custom domains for the branch.\n" }, "description": { "type": "string", "description": "Description for the branch.\n" }, "destinationBranch": { "type": "string", "description": "Destination branch if the branch is a pull request branch.\n" }, "displayName": { "type": "string", "description": "Display name for a branch. This is used as the default domain prefix.\n" }, "enableAutoBuild": { "type": "boolean", "description": "Enables auto building for the branch.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for the branch.\n" }, "enableNotification": { "type": "boolean", "description": "Enables notifications for the branch.\n" }, "enablePerformanceMode": { "type": "boolean", "description": "Enables performance mode for the branch.\n" }, "enablePullRequestPreview": { "type": "boolean", "description": "Enables pull request previews for this branch.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the branch.\n" }, "framework": { "type": "string", "description": "Framework for the branch.\n" }, "pullRequestEnvironmentName": { "type": "string", "description": "Amplify environment name for the pull request.\n" }, "sourceBranch": { "type": "string", "description": "Source branch if the branch is a pull request branch.\n" }, "stage": { "type": "string", "description": "Describes the current stage for the branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "type": "string", "description": "Content Time To Live (TTL) for the website in seconds.\n" } }, "required": [ "appId", "arn", "associatedResources", "branchName", "customDomains", "destinationBranch", "displayName", "sourceBranch", "tagsAll" ], "inputProperties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "backendEnvironmentArn": { "type": "string", "description": "ARN for a backend environment that is part of an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Basic authorization credentials for the branch.\n", "secret": true }, "branchName": { "type": "string", "description": "Name for the branch.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description for the branch.\n" }, "displayName": { "type": "string", "description": "Display name for a branch. This is used as the default domain prefix.\n" }, "enableAutoBuild": { "type": "boolean", "description": "Enables auto building for the branch.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for the branch.\n" }, "enableNotification": { "type": "boolean", "description": "Enables notifications for the branch.\n" }, "enablePerformanceMode": { "type": "boolean", "description": "Enables performance mode for the branch.\n" }, "enablePullRequestPreview": { "type": "boolean", "description": "Enables pull request previews for this branch.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the branch.\n" }, "framework": { "type": "string", "description": "Framework for the branch.\n" }, "pullRequestEnvironmentName": { "type": "string", "description": "Amplify environment name for the pull request.\n" }, "stage": { "type": "string", "description": "Describes the current stage for the branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "ttl": { "type": "string", "description": "Content Time To Live (TTL) for the website in seconds.\n" } }, "requiredInputs": [ "appId", "branchName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Branch resources.\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN for the branch.\n" }, "associatedResources": { "type": "array", "items": { "type": "string" }, "description": "A list of custom resources that are linked to this branch.\n" }, "backendEnvironmentArn": { "type": "string", "description": "ARN for a backend environment that is part of an Amplify app.\n" }, "basicAuthCredentials": { "type": "string", "description": "Basic authorization credentials for the branch.\n", "secret": true }, "branchName": { "type": "string", "description": "Name for the branch.\n", "willReplaceOnChanges": true }, "customDomains": { "type": "array", "items": { "type": "string" }, "description": "Custom domains for the branch.\n" }, "description": { "type": "string", "description": "Description for the branch.\n" }, "destinationBranch": { "type": "string", "description": "Destination branch if the branch is a pull request branch.\n" }, "displayName": { "type": "string", "description": "Display name for a branch. This is used as the default domain prefix.\n" }, "enableAutoBuild": { "type": "boolean", "description": "Enables auto building for the branch.\n" }, "enableBasicAuth": { "type": "boolean", "description": "Enables basic authorization for the branch.\n" }, "enableNotification": { "type": "boolean", "description": "Enables notifications for the branch.\n" }, "enablePerformanceMode": { "type": "boolean", "description": "Enables performance mode for the branch.\n" }, "enablePullRequestPreview": { "type": "boolean", "description": "Enables pull request previews for this branch.\n" }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables for the branch.\n" }, "framework": { "type": "string", "description": "Framework for the branch.\n" }, "pullRequestEnvironmentName": { "type": "string", "description": "Amplify environment name for the pull request.\n" }, "sourceBranch": { "type": "string", "description": "Source branch if the branch is a pull request branch.\n" }, "stage": { "type": "string", "description": "Describes the current stage for the branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "type": "string", "description": "Content Time To Live (TTL) for the website in seconds.\n" } }, "type": "object" } }, "aws:amplify/domainAssociation:DomainAssociation": { "description": "Provides an Amplify Domain Association resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {\n name: \"app\",\n customRules: [{\n source: \"https://example.com\",\n status: \"302\",\n target: \"https://www.example.com\",\n }],\n});\nconst master = new aws.amplify.Branch(\"master\", {\n appId: example.id,\n branchName: \"master\",\n});\nconst exampleDomainAssociation = new aws.amplify.DomainAssociation(\"example\", {\n appId: example.id,\n domainName: \"example.com\",\n subDomains: [\n {\n branchName: master.branchName,\n prefix: \"\",\n },\n {\n branchName: master.branchName,\n prefix: \"www\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\",\n name=\"app\",\n custom_rules=[{\n \"source\": \"https://example.com\",\n \"status\": \"302\",\n \"target\": \"https://www.example.com\",\n }])\nmaster = aws.amplify.Branch(\"master\",\n app_id=example.id,\n branch_name=\"master\")\nexample_domain_association = aws.amplify.DomainAssociation(\"example\",\n app_id=example.id,\n domain_name=\"example.com\",\n sub_domains=[\n {\n \"branch_name\": master.branch_name,\n \"prefix\": \"\",\n },\n {\n \"branch_name\": master.branch_name,\n \"prefix\": \"www\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"app\",\n CustomRules = new[]\n {\n new Aws.Amplify.Inputs.AppCustomRuleArgs\n {\n Source = \"https://example.com\",\n Status = \"302\",\n Target = \"https://www.example.com\",\n },\n },\n });\n\n var master = new Aws.Amplify.Branch(\"master\", new()\n {\n AppId = example.Id,\n BranchName = \"master\",\n });\n\n var exampleDomainAssociation = new Aws.Amplify.DomainAssociation(\"example\", new()\n {\n AppId = example.Id,\n DomainName = \"example.com\",\n SubDomains = new[]\n {\n new Aws.Amplify.Inputs.DomainAssociationSubDomainArgs\n {\n BranchName = master.BranchName,\n Prefix = \"\",\n },\n new Aws.Amplify.Inputs.DomainAssociationSubDomainArgs\n {\n BranchName = master.BranchName,\n Prefix = \"www\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"app\"),\n\t\t\tCustomRules: amplify.AppCustomRuleArray{\n\t\t\t\t\u0026amplify.AppCustomRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"https://example.com\"),\n\t\t\t\t\tStatus: pulumi.String(\"302\"),\n\t\t\t\t\tTarget: pulumi.String(\"https://www.example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmaster, err := amplify.NewBranch(ctx, \"master\", \u0026amplify.BranchArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tBranchName: pulumi.String(\"master\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewDomainAssociation(ctx, \"example\", \u0026amplify.DomainAssociationArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tSubDomains: amplify.DomainAssociationSubDomainArray{\n\t\t\t\t\u0026amplify.DomainAssociationSubDomainArgs{\n\t\t\t\t\tBranchName: master.BranchName,\n\t\t\t\t\tPrefix: pulumi.String(\"\"),\n\t\t\t\t},\n\t\t\t\t\u0026amplify.DomainAssociationSubDomainArgs{\n\t\t\t\t\tBranchName: master.BranchName,\n\t\t\t\t\tPrefix: pulumi.String(\"www\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.inputs.AppCustomRuleArgs;\nimport com.pulumi.aws.amplify.Branch;\nimport com.pulumi.aws.amplify.BranchArgs;\nimport com.pulumi.aws.amplify.DomainAssociation;\nimport com.pulumi.aws.amplify.DomainAssociationArgs;\nimport com.pulumi.aws.amplify.inputs.DomainAssociationSubDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"app\")\n .customRules(AppCustomRuleArgs.builder()\n .source(\"https://example.com\")\n .status(\"302\")\n .target(\"https://www.example.com\")\n .build())\n .build());\n\n var master = new Branch(\"master\", BranchArgs.builder()\n .appId(example.id())\n .branchName(\"master\")\n .build());\n\n var exampleDomainAssociation = new DomainAssociation(\"exampleDomainAssociation\", DomainAssociationArgs.builder()\n .appId(example.id())\n .domainName(\"example.com\")\n .subDomains( \n DomainAssociationSubDomainArgs.builder()\n .branchName(master.branchName())\n .prefix(\"\")\n .build(),\n DomainAssociationSubDomainArgs.builder()\n .branchName(master.branchName())\n .prefix(\"www\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: app\n customRules:\n - source: https://example.com\n status: '302'\n target: https://www.example.com\n master:\n type: aws:amplify:Branch\n properties:\n appId: ${example.id}\n branchName: master\n exampleDomainAssociation:\n type: aws:amplify:DomainAssociation\n name: example\n properties:\n appId: ${example.id}\n domainName: example.com\n subDomains:\n - branchName: ${master.branchName}\n prefix:\n - branchName: ${master.branchName}\n prefix: www\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amplify domain association using `app_id` and `domain_name`. For example:\n\n```sh\n$ pulumi import aws:amplify/domainAssociation:DomainAssociation app d2ypk4k47z8u6/example.com\n```\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n" }, "arn": { "type": "string", "description": "ARN for the domain association.\n" }, "certificateSettings": { "$ref": "#/types/aws:amplify/DomainAssociationCertificateSettings:DomainAssociationCertificateSettings", "description": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you.\n" }, "certificateVerificationDnsRecord": { "type": "string", "description": "DNS records for certificate verification in a space-delimited format (`\u003crecord\u003e CNAME \u003ctarget\u003e`).\n" }, "domainName": { "type": "string", "description": "Domain name for the domain association.\n" }, "enableAutoSubDomain": { "type": "boolean", "description": "Enables the automated creation of subdomains for branches.\n" }, "subDomains": { "type": "array", "items": { "$ref": "#/types/aws:amplify/DomainAssociationSubDomain:DomainAssociationSubDomain" }, "description": "Setting for the subdomain. Documented below.\n" }, "waitForVerification": { "type": "boolean", "description": "If enabled, the resource will wait for the domain association status to change to `PENDING_DEPLOYMENT` or `AVAILABLE`. Setting this to `false` will skip the process. Default: `true`.\n" } }, "required": [ "appId", "arn", "certificateVerificationDnsRecord", "domainName", "subDomains" ], "inputProperties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "certificateSettings": { "$ref": "#/types/aws:amplify/DomainAssociationCertificateSettings:DomainAssociationCertificateSettings", "description": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you.\n" }, "domainName": { "type": "string", "description": "Domain name for the domain association.\n", "willReplaceOnChanges": true }, "enableAutoSubDomain": { "type": "boolean", "description": "Enables the automated creation of subdomains for branches.\n" }, "subDomains": { "type": "array", "items": { "$ref": "#/types/aws:amplify/DomainAssociationSubDomain:DomainAssociationSubDomain" }, "description": "Setting for the subdomain. Documented below.\n" }, "waitForVerification": { "type": "boolean", "description": "If enabled, the resource will wait for the domain association status to change to `PENDING_DEPLOYMENT` or `AVAILABLE`. Setting this to `false` will skip the process. Default: `true`.\n" } }, "requiredInputs": [ "appId", "domainName", "subDomains" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainAssociation resources.\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN for the domain association.\n" }, "certificateSettings": { "$ref": "#/types/aws:amplify/DomainAssociationCertificateSettings:DomainAssociationCertificateSettings", "description": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you.\n" }, "certificateVerificationDnsRecord": { "type": "string", "description": "DNS records for certificate verification in a space-delimited format (`\u003crecord\u003e CNAME \u003ctarget\u003e`).\n" }, "domainName": { "type": "string", "description": "Domain name for the domain association.\n", "willReplaceOnChanges": true }, "enableAutoSubDomain": { "type": "boolean", "description": "Enables the automated creation of subdomains for branches.\n" }, "subDomains": { "type": "array", "items": { "$ref": "#/types/aws:amplify/DomainAssociationSubDomain:DomainAssociationSubDomain" }, "description": "Setting for the subdomain. Documented below.\n" }, "waitForVerification": { "type": "boolean", "description": "If enabled, the resource will wait for the domain association status to change to `PENDING_DEPLOYMENT` or `AVAILABLE`. Setting this to `false` will skip the process. Default: `true`.\n" } }, "type": "object" } }, "aws:amplify/webhook:Webhook": { "description": "Provides an Amplify Webhook resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.amplify.App(\"example\", {name: \"app\"});\nconst master = new aws.amplify.Branch(\"master\", {\n appId: example.id,\n branchName: \"master\",\n});\nconst masterWebhook = new aws.amplify.Webhook(\"master\", {\n appId: example.id,\n branchName: master.branchName,\n description: \"triggermaster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amplify.App(\"example\", name=\"app\")\nmaster = aws.amplify.Branch(\"master\",\n app_id=example.id,\n branch_name=\"master\")\nmaster_webhook = aws.amplify.Webhook(\"master\",\n app_id=example.id,\n branch_name=master.branch_name,\n description=\"triggermaster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Amplify.App(\"example\", new()\n {\n Name = \"app\",\n });\n\n var master = new Aws.Amplify.Branch(\"master\", new()\n {\n AppId = example.Id,\n BranchName = \"master\",\n });\n\n var masterWebhook = new Aws.Amplify.Webhook(\"master\", new()\n {\n AppId = example.Id,\n BranchName = master.BranchName,\n Description = \"triggermaster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amplify\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := amplify.NewApp(ctx, \"example\", \u0026amplify.AppArgs{\n\t\t\tName: pulumi.String(\"app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmaster, err := amplify.NewBranch(ctx, \"master\", \u0026amplify.BranchArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tBranchName: pulumi.String(\"master\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = amplify.NewWebhook(ctx, \"master\", \u0026amplify.WebhookArgs{\n\t\t\tAppId: example.ID(),\n\t\t\tBranchName: master.BranchName,\n\t\t\tDescription: pulumi.String(\"triggermaster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amplify.App;\nimport com.pulumi.aws.amplify.AppArgs;\nimport com.pulumi.aws.amplify.Branch;\nimport com.pulumi.aws.amplify.BranchArgs;\nimport com.pulumi.aws.amplify.Webhook;\nimport com.pulumi.aws.amplify.WebhookArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"app\")\n .build());\n\n var master = new Branch(\"master\", BranchArgs.builder()\n .appId(example.id())\n .branchName(\"master\")\n .build());\n\n var masterWebhook = new Webhook(\"masterWebhook\", WebhookArgs.builder()\n .appId(example.id())\n .branchName(master.branchName())\n .description(\"triggermaster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:amplify:App\n properties:\n name: app\n master:\n type: aws:amplify:Branch\n properties:\n appId: ${example.id}\n branchName: master\n masterWebhook:\n type: aws:amplify:Webhook\n name: master\n properties:\n appId: ${example.id}\n branchName: ${master.branchName}\n description: triggermaster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amplify webhook using a webhook ID. For example:\n\n```sh\n$ pulumi import aws:amplify/webhook:Webhook master a26b22a0-748b-4b57-b9a0-ae7e601fe4b1\n```\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n" }, "arn": { "type": "string", "description": "ARN for the webhook.\n" }, "branchName": { "type": "string", "description": "Name for a branch that is part of the Amplify app.\n" }, "description": { "type": "string", "description": "Description for a webhook.\n" }, "url": { "type": "string", "description": "URL of the webhook.\n" } }, "required": [ "appId", "arn", "branchName", "url" ], "inputProperties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "branchName": { "type": "string", "description": "Name for a branch that is part of the Amplify app.\n" }, "description": { "type": "string", "description": "Description for a webhook.\n" } }, "requiredInputs": [ "appId", "branchName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Webhook resources.\n", "properties": { "appId": { "type": "string", "description": "Unique ID for an Amplify app.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN for the webhook.\n" }, "branchName": { "type": "string", "description": "Name for a branch that is part of the Amplify app.\n" }, "description": { "type": "string", "description": "Description for a webhook.\n" }, "url": { "type": "string", "description": "URL of the webhook.\n" } }, "type": "object" } }, "aws:apigateway/account:Account": { "description": "Provides a settings of an API Gateway Account. Settings is applied region-wide per `provider` block.\n\n\u003e **Note:** As there is no API method for deleting account settings or resetting it to defaults, destroying this resource will keep your account settings intact\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"apigateway.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst cloudwatchRole = new aws.iam.Role(\"cloudwatch\", {\n name: \"api_gateway_cloudwatch_global\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst demo = new aws.apigateway.Account(\"demo\", {cloudwatchRoleArn: cloudwatchRole.arn});\nconst cloudwatch = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\",\n ],\n resources: [\"*\"],\n }],\n});\nconst cloudwatchRolePolicy = new aws.iam.RolePolicy(\"cloudwatch\", {\n name: \"default\",\n role: cloudwatchRole.id,\n policy: cloudwatch.then(cloudwatch =\u003e cloudwatch.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"apigateway.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ncloudwatch_role = aws.iam.Role(\"cloudwatch\",\n name=\"api_gateway_cloudwatch_global\",\n assume_role_policy=assume_role.json)\ndemo = aws.apigateway.Account(\"demo\", cloudwatch_role_arn=cloudwatch_role.arn)\ncloudwatch = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\",\n ],\n \"resources\": [\"*\"],\n}])\ncloudwatch_role_policy = aws.iam.RolePolicy(\"cloudwatch\",\n name=\"default\",\n role=cloudwatch_role.id,\n policy=cloudwatch.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"apigateway.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var cloudwatchRole = new Aws.Iam.Role(\"cloudwatch\", new()\n {\n Name = \"api_gateway_cloudwatch_global\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var demo = new Aws.ApiGateway.Account(\"demo\", new()\n {\n CloudwatchRoleArn = cloudwatchRole.Arn,\n });\n\n var cloudwatch = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var cloudwatchRolePolicy = new Aws.Iam.RolePolicy(\"cloudwatch\", new()\n {\n Name = \"default\",\n Role = cloudwatchRole.Id,\n Policy = cloudwatch.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"apigateway.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcloudwatchRole, err := iam.NewRole(ctx, \"cloudwatch\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"api_gateway_cloudwatch_global\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewAccount(ctx, \"demo\", \u0026apigateway.AccountArgs{\n\t\t\tCloudwatchRoleArn: cloudwatchRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcloudwatch, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogGroup\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:DescribeLogGroups\",\n\t\t\t\t\t\t\"logs:DescribeLogStreams\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:GetLogEvents\",\n\t\t\t\t\t\t\"logs:FilterLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"cloudwatch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"default\"),\n\t\t\tRole: cloudwatchRole.ID(),\n\t\t\tPolicy: pulumi.String(cloudwatch.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.apigateway.Account;\nimport com.pulumi.aws.apigateway.AccountArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"apigateway.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var cloudwatchRole = new Role(\"cloudwatchRole\", RoleArgs.builder()\n .name(\"api_gateway_cloudwatch_global\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var demo = new Account(\"demo\", AccountArgs.builder()\n .cloudwatchRoleArn(cloudwatchRole.arn())\n .build());\n\n final var cloudwatch = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:PutLogEvents\",\n \"logs:GetLogEvents\",\n \"logs:FilterLogEvents\")\n .resources(\"*\")\n .build())\n .build());\n\n var cloudwatchRolePolicy = new RolePolicy(\"cloudwatchRolePolicy\", RolePolicyArgs.builder()\n .name(\"default\")\n .role(cloudwatchRole.id())\n .policy(cloudwatch.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n demo:\n type: aws:apigateway:Account\n properties:\n cloudwatchRoleArn: ${cloudwatchRole.arn}\n cloudwatchRole:\n type: aws:iam:Role\n name: cloudwatch\n properties:\n name: api_gateway_cloudwatch_global\n assumeRolePolicy: ${assumeRole.json}\n cloudwatchRolePolicy:\n type: aws:iam:RolePolicy\n name: cloudwatch\n properties:\n name: default\n role: ${cloudwatchRole.id}\n policy: ${cloudwatch.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - apigateway.amazonaws.com\n actions:\n - sts:AssumeRole\n cloudwatch:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:DescribeLogGroups\n - logs:DescribeLogStreams\n - logs:PutLogEvents\n - logs:GetLogEvents\n - logs:FilterLogEvents\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway Accounts using the word `api-gateway-account`. For example:\n\n```sh\n$ pulumi import aws:apigateway/account:Account demo api-gateway-account\n```\n", "properties": { "apiKeyVersion": { "type": "string", "description": "The version of the API keys used for the account.\n" }, "cloudwatchRoleArn": { "type": "string", "description": "ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring). See more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console). Logging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" }, "features": { "type": "array", "items": { "type": "string" }, "description": "A list of features supported for the account.\n" }, "throttleSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/AccountThrottleSetting:AccountThrottleSetting" }, "description": "Account-Level throttle settings. See exported fields below.\n" } }, "required": [ "apiKeyVersion", "features", "throttleSettings" ], "inputProperties": { "cloudwatchRoleArn": { "type": "string", "description": "ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring). See more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console). Logging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "apiKeyVersion": { "type": "string", "description": "The version of the API keys used for the account.\n" }, "cloudwatchRoleArn": { "type": "string", "description": "ARN of an IAM role for CloudWatch (to allow logging \u0026 monitoring). See more [in AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html#how-to-stage-settings-console). Logging \u0026 monitoring can be enabled/disabled and otherwise tuned on the API Gateway Stage level.\n" }, "features": { "type": "array", "items": { "type": "string" }, "description": "A list of features supported for the account.\n" }, "throttleSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/AccountThrottleSetting:AccountThrottleSetting" }, "description": "Account-Level throttle settings. See exported fields below.\n" } }, "type": "object" } }, "aws:apigateway/apiKey:ApiKey": { "description": "Provides an API Gateway API Key.\n\n\u003e **NOTE:** Since the API Gateway usage plans feature was launched on August 11, 2016, usage plans are now **required** to associate an API key with an API stage.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.ApiKey(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.ApiKey(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.ApiKey(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewApiKey(ctx, \"example\", \u0026apigateway.ApiKeyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApiKey;\nimport com.pulumi.aws.apigateway.ApiKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApiKey(\"example\", ApiKeyArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:ApiKey\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway Keys using the `id`. For example:\n\n```sh\n$ pulumi import aws:apigateway/apiKey:ApiKey example 8bklk8bl1k3sB38D9B3l0enyWT8c09B30lkq0blk\n```\n", "properties": { "arn": { "type": "string", "description": "ARN\n" }, "createdDate": { "type": "string", "description": "Creation date of the API key\n" }, "customerId": { "type": "string", "description": "An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.\n" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Whether the API key can be used by callers. Defaults to `true`.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the API key\n" }, "name": { "type": "string", "description": "Name of the API key.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "value": { "type": "string", "description": "Value of the API key. If specified, the value must be an alphanumeric string between 20 and 128 characters. If not specified, it will be automatically generated by AWS on creation.\n", "secret": true } }, "required": [ "arn", "createdDate", "description", "lastUpdatedDate", "name", "tagsAll", "value" ], "inputProperties": { "customerId": { "type": "string", "description": "An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.\n" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Whether the API key can be used by callers. Defaults to `true`.\n" }, "name": { "type": "string", "description": "Name of the API key.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "value": { "type": "string", "description": "Value of the API key. If specified, the value must be an alphanumeric string between 20 and 128 characters. If not specified, it will be automatically generated by AWS on creation.\n", "secret": true, "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering ApiKey resources.\n", "properties": { "arn": { "type": "string", "description": "ARN\n" }, "createdDate": { "type": "string", "description": "Creation date of the API key\n" }, "customerId": { "type": "string", "description": "An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.\n" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "enabled": { "type": "boolean", "description": "Whether the API key can be used by callers. Defaults to `true`.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the API key\n" }, "name": { "type": "string", "description": "Name of the API key.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "value": { "type": "string", "description": "Value of the API key. If specified, the value must be an alphanumeric string between 20 and 128 characters. If not specified, it will be automatically generated by AWS on creation.\n", "secret": true, "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/authorizer:Authorizer": { "description": "Provides an API Gateway Authorizer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst demoRestApi = new aws.apigateway.RestApi(\"demo\", {name: \"auth-demo\"});\nconst invocationAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"apigateway.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst invocationRole = new aws.iam.Role(\"invocation_role\", {\n name: \"api_gateway_auth_invocation\",\n path: \"/\",\n assumeRolePolicy: invocationAssumeRole.then(invocationAssumeRole =\u003e invocationAssumeRole.json),\n});\nconst lambdaAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n }],\n});\nconst lambda = new aws.iam.Role(\"lambda\", {\n name: \"demo-lambda\",\n assumeRolePolicy: lambdaAssumeRole.then(lambdaAssumeRole =\u003e lambdaAssumeRole.json),\n});\nconst authorizer = new aws.lambda.Function(\"authorizer\", {\n code: new pulumi.asset.FileArchive(\"lambda-function.zip\"),\n name: \"api_gateway_authorizer\",\n role: lambda.arn,\n handler: \"exports.example\",\n sourceCodeHash: std.filebase64sha256({\n input: \"lambda-function.zip\",\n }).then(invoke =\u003e invoke.result),\n});\nconst demo = new aws.apigateway.Authorizer(\"demo\", {\n name: \"demo\",\n restApi: demoRestApi.id,\n authorizerUri: authorizer.invokeArn,\n authorizerCredentials: invocationRole.arn,\n});\nconst invocationPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"lambda:InvokeFunction\"],\n resources: [authorizer.arn],\n }],\n});\nconst invocationPolicyRolePolicy = new aws.iam.RolePolicy(\"invocation_policy\", {\n name: \"default\",\n role: invocationRole.id,\n policy: invocationPolicy.apply(invocationPolicy =\u003e invocationPolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ndemo_rest_api = aws.apigateway.RestApi(\"demo\", name=\"auth-demo\")\ninvocation_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"apigateway.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ninvocation_role = aws.iam.Role(\"invocation_role\",\n name=\"api_gateway_auth_invocation\",\n path=\"/\",\n assume_role_policy=invocation_assume_role.json)\nlambda_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n}])\nlambda_ = aws.iam.Role(\"lambda\",\n name=\"demo-lambda\",\n assume_role_policy=lambda_assume_role.json)\nauthorizer = aws.lambda_.Function(\"authorizer\",\n code=pulumi.FileArchive(\"lambda-function.zip\"),\n name=\"api_gateway_authorizer\",\n role=lambda_.arn,\n handler=\"exports.example\",\n source_code_hash=std.filebase64sha256(input=\"lambda-function.zip\").result)\ndemo = aws.apigateway.Authorizer(\"demo\",\n name=\"demo\",\n rest_api=demo_rest_api.id,\n authorizer_uri=authorizer.invoke_arn,\n authorizer_credentials=invocation_role.arn)\ninvocation_policy = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"lambda:InvokeFunction\"],\n \"resources\": [authorizer.arn],\n}])\ninvocation_policy_role_policy = aws.iam.RolePolicy(\"invocation_policy\",\n name=\"default\",\n role=invocation_role.id,\n policy=invocation_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var demoRestApi = new Aws.ApiGateway.RestApi(\"demo\", new()\n {\n Name = \"auth-demo\",\n });\n\n var invocationAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"apigateway.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var invocationRole = new Aws.Iam.Role(\"invocation_role\", new()\n {\n Name = \"api_gateway_auth_invocation\",\n Path = \"/\",\n AssumeRolePolicy = invocationAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var lambda = new Aws.Iam.Role(\"lambda\", new()\n {\n Name = \"demo-lambda\",\n AssumeRolePolicy = lambdaAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var authorizer = new Aws.Lambda.Function(\"authorizer\", new()\n {\n Code = new FileArchive(\"lambda-function.zip\"),\n Name = \"api_gateway_authorizer\",\n Role = lambda.Arn,\n Handler = \"exports.example\",\n SourceCodeHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"lambda-function.zip\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n var demo = new Aws.ApiGateway.Authorizer(\"demo\", new()\n {\n Name = \"demo\",\n RestApi = demoRestApi.Id,\n AuthorizerUri = authorizer.InvokeArn,\n AuthorizerCredentials = invocationRole.Arn,\n });\n\n var invocationPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"lambda:InvokeFunction\",\n },\n Resources = new[]\n {\n authorizer.Arn,\n },\n },\n },\n });\n\n var invocationPolicyRolePolicy = new Aws.Iam.RolePolicy(\"invocation_policy\", new()\n {\n Name = \"default\",\n Role = invocationRole.Id,\n Policy = invocationPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdemoRestApi, err := apigateway.NewRestApi(ctx, \"demo\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"auth-demo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvocationAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"apigateway.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvocationRole, err := iam.NewRole(ctx, \"invocation_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"api_gateway_auth_invocation\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(invocationAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambda, err := iam.NewRole(ctx, \"lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"demo-lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(lambdaAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"lambda-function.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tauthorizer, err := lambda.NewFunction(ctx, \"authorizer\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda-function.zip\"),\n\t\t\tName: pulumi.String(\"api_gateway_authorizer\"),\n\t\t\tRole: lambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tSourceCodeHash: pulumi.String(invokeFilebase64sha256.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewAuthorizer(ctx, \"demo\", \u0026apigateway.AuthorizerArgs{\n\t\t\tName: pulumi.String(\"demo\"),\n\t\t\tRestApi: demoRestApi.ID(),\n\t\t\tAuthorizerUri: authorizer.InvokeArn,\n\t\t\tAuthorizerCredentials: invocationRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvocationPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"lambda:InvokeFunction\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tauthorizer.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"invocation_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"default\"),\n\t\t\tRole: invocationRole.ID(),\n\t\t\tPolicy: pulumi.String(invocationPolicy.ApplyT(func(invocationPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026invocationPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.apigateway.Authorizer;\nimport com.pulumi.aws.apigateway.AuthorizerArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var demoRestApi = new RestApi(\"demoRestApi\", RestApiArgs.builder()\n .name(\"auth-demo\")\n .build());\n\n final var invocationAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"apigateway.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var invocationRole = new Role(\"invocationRole\", RoleArgs.builder()\n .name(\"api_gateway_auth_invocation\")\n .path(\"/\")\n .assumeRolePolicy(invocationAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambdaAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var lambda = new Role(\"lambda\", RoleArgs.builder()\n .name(\"demo-lambda\")\n .assumeRolePolicy(lambdaAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var authorizer = new Function(\"authorizer\", FunctionArgs.builder()\n .code(new FileArchive(\"lambda-function.zip\"))\n .name(\"api_gateway_authorizer\")\n .role(lambda.arn())\n .handler(\"exports.example\")\n .sourceCodeHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"lambda-function.zip\")\n .build()).result())\n .build());\n\n var demo = new Authorizer(\"demo\", AuthorizerArgs.builder()\n .name(\"demo\")\n .restApi(demoRestApi.id())\n .authorizerUri(authorizer.invokeArn())\n .authorizerCredentials(invocationRole.arn())\n .build());\n\n final var invocationPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"lambda:InvokeFunction\")\n .resources(authorizer.arn())\n .build())\n .build());\n\n var invocationPolicyRolePolicy = new RolePolicy(\"invocationPolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"default\")\n .role(invocationRole.id())\n .policy(invocationPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(invocationPolicy -\u003e invocationPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n demo:\n type: aws:apigateway:Authorizer\n properties:\n name: demo\n restApi: ${demoRestApi.id}\n authorizerUri: ${authorizer.invokeArn}\n authorizerCredentials: ${invocationRole.arn}\n demoRestApi:\n type: aws:apigateway:RestApi\n name: demo\n properties:\n name: auth-demo\n invocationRole:\n type: aws:iam:Role\n name: invocation_role\n properties:\n name: api_gateway_auth_invocation\n path: /\n assumeRolePolicy: ${invocationAssumeRole.json}\n invocationPolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: invocation_policy\n properties:\n name: default\n role: ${invocationRole.id}\n policy: ${invocationPolicy.json}\n lambda:\n type: aws:iam:Role\n properties:\n name: demo-lambda\n assumeRolePolicy: ${lambdaAssumeRole.json}\n authorizer:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: lambda-function.zip\n name: api_gateway_authorizer\n role: ${lambda.arn}\n handler: exports.example\n sourceCodeHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: lambda-function.zip\n Return: result\nvariables:\n invocationAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - apigateway.amazonaws.com\n actions:\n - sts:AssumeRole\n invocationPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - lambda:InvokeFunction\n resources:\n - ${authorizer.arn}\n lambdaAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS API Gateway Authorizer using the `REST-API-ID/AUTHORIZER-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/authorizer:Authorizer authorizer 12345abcde/example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the API Gateway Authorizer\n" }, "authorizerCredentials": { "type": "string", "description": "Credentials required for the authorizer. To specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "TTL of cached authorizer results in seconds. Defaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI). This must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g., `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "Source of the identity in an incoming request. Defaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g., `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "Validation expression for the incoming identity. For `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "Name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "List of the Amazon Cognito user pool ARNs. Each element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API\n" }, "type": { "type": "string", "description": "Type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool. Defaults to `TOKEN`.\n" } }, "required": [ "arn", "name", "restApi" ], "inputProperties": { "authorizerCredentials": { "type": "string", "description": "Credentials required for the authorizer. To specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "TTL of cached authorizer results in seconds. Defaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI). This must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g., `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "Source of the identity in an incoming request. Defaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g., `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "Validation expression for the incoming identity. For `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "Name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "List of the Amazon Cognito user pool ARNs. Each element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool. Defaults to `TOKEN`.\n" } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Authorizer resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the API Gateway Authorizer\n" }, "authorizerCredentials": { "type": "string", "description": "Credentials required for the authorizer. To specify an IAM Role for API Gateway to assume, use the IAM Role ARN.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "TTL of cached authorizer results in seconds. Defaults to `300`.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI). This must be a well-formed Lambda function URI in the form of `arn:aws:apigateway:{region}:lambda:path/{service_api}`,\ne.g., `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:012345678912:function:my-function/invocations`\n" }, "identitySource": { "type": "string", "description": "Source of the identity in an incoming request. Defaults to `method.request.header.Authorization`. For `REQUEST` type, this may be a comma-separated list of values, including headers, query string parameters and stage variables - e.g., `\"method.request.header.SomeHeaderName,method.request.querystring.SomeQueryStringName,stageVariables.SomeStageVariableName\"`\n" }, "identityValidationExpression": { "type": "string", "description": "Validation expression for the incoming identity. For `TOKEN` type, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.\n" }, "name": { "type": "string", "description": "Name of the authorizer\n" }, "providerArns": { "type": "array", "items": { "type": "string" }, "description": "List of the Amazon Cognito user pool ARNs. Each element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of the authorizer. Possible values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, or `COGNITO_USER_POOLS` for using an Amazon Cognito user pool. Defaults to `TOKEN`.\n" } }, "type": "object" } }, "aws:apigateway/basePathMapping:BasePathMapping": { "description": "Connects a custom domain name registered via `aws.apigateway.DomainName`\nwith a deployed API so that its methods can be called via the\ncustom domain name.\n\n## Import\n\nFor a non-root `base_path`:\n\nUsing `pulumi import`, import `aws_api_gateway_base_path_mapping` using the domain name and base path. For example:\n\nFor an empty `base_path` or, in other words, a root path (`/`):\n\n```sh\n$ pulumi import aws:apigateway/basePathMapping:BasePathMapping example example.com/\n```\nFor a non-root `base_path`:\n\n```sh\n$ pulumi import aws:apigateway/basePathMapping:BasePathMapping example example.com/base-path\n```\n", "properties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "Already-registered domain name to connect the API to.\n" }, "restApi": { "type": "string", "description": "ID of the API to connect.\n" }, "stageName": { "type": "string", "description": "Name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "required": [ "restApi", "domainName" ], "inputProperties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "Already-registered domain name to connect the API to.\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the API to connect.\n" }, "stageName": { "type": "string", "description": "Name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "requiredInputs": [ "restApi", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering BasePathMapping resources.\n", "properties": { "basePath": { "type": "string", "description": "Path segment that must be prepended to the path when accessing the API via this mapping. If omitted, the API is exposed at the root of the given domain.\n" }, "domainName": { "type": "string", "description": "Already-registered domain name to connect the API to.\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the API to connect.\n" }, "stageName": { "type": "string", "description": "Name of a specific deployment stage to expose at the given path. If omitted, callers may select any stage by including its name as a path element after the base path.\n" } }, "type": "object" } }, "aws:apigateway/clientCertificate:ClientCertificate": { "description": "Provides an API Gateway Client Certificate.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst demo = new aws.apigateway.ClientCertificate(\"demo\", {description: \"My client certificate\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndemo = aws.apigateway.ClientCertificate(\"demo\", description=\"My client certificate\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var demo = new Aws.ApiGateway.ClientCertificate(\"demo\", new()\n {\n Description = \"My client certificate\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewClientCertificate(ctx, \"demo\", \u0026apigateway.ClientCertificateArgs{\n\t\t\tDescription: pulumi.String(\"My client certificate\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ClientCertificate;\nimport com.pulumi.aws.apigateway.ClientCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var demo = new ClientCertificate(\"demo\", ClientCertificateArgs.builder()\n .description(\"My client certificate\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n demo:\n type: aws:apigateway:ClientCertificate\n properties:\n description: My client certificate\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway Client Certificates using the id. For example:\n\n```sh\n$ pulumi import aws:apigateway/clientCertificate:ClientCertificate demo ab1cqe\n```\n", "properties": { "arn": { "type": "string", "description": "ARN\n" }, "createdDate": { "type": "string", "description": "Date when the client certificate was created.\n" }, "description": { "type": "string", "description": "Description of the client certificate.\n" }, "expirationDate": { "type": "string", "description": "Date when the client certificate will expire.\n" }, "pemEncodedCertificate": { "type": "string", "description": "The PEM-encoded public key of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "expirationDate", "pemEncodedCertificate", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ClientCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "ARN\n" }, "createdDate": { "type": "string", "description": "Date when the client certificate was created.\n" }, "description": { "type": "string", "description": "Description of the client certificate.\n" }, "expirationDate": { "type": "string", "description": "Date when the client certificate will expire.\n" }, "pemEncodedCertificate": { "type": "string", "description": "The PEM-encoded public key of the client certificate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apigateway/deployment:Deployment": { "description": "Manages an API Gateway REST Deployment. A deployment is a snapshot of the REST API configuration. The deployment can then be published to callable endpoints via the `aws.apigateway.Stage` resource and optionally managed further with the `aws.apigateway.BasePathMapping` resource, `aws.apigateway.DomainName` resource, and `aws_api_method_settings` resource. For more information, see the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-deploy-api.html).\n\nTo properly capture all REST API configuration in a deployment, this resource must have dependencies on all prior resources that manage resources/paths, methods, integrations, etc.\n\n* For REST APIs that are configured via OpenAPI specification (`aws.apigateway.RestApi` resource `body` argument), no special dependency setup is needed beyond referencing the `id` attribute of that resource unless additional resources have further customized the REST API.\n* When the REST API configuration involves other resources (`aws.apigateway.Integration` resource), the dependency setup can be done with implicit resource references in the `triggers` argument or explicit resource references using the [resource `dependsOn` custom option](https://www.pulumi.com/docs/intro/concepts/resources/#dependson). The `triggers` argument should be preferred over `depends_on`, since `depends_on` can only capture dependency ordering and will not cause the resource to recreate (redeploy the REST API) with upstream configuration changes.\n\n!\u003e **WARNING:** It is recommended to use the `aws.apigateway.Stage` resource instead of managing an API Gateway Stage via the `stage_name` argument of this resource. When this resource is recreated (REST API redeployment) with the `stage_name` configured, the stage is deleted and recreated. This will cause a temporary service interruption, increase provide plan differences, and can require a second apply to recreate any downstream stage configuration such as associated `aws_api_method_settings` resources.\n\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_deployment` using `REST-API-ID/DEPLOYMENT-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/deployment:Deployment example aabbccddee/1122334\n```\nThe `stage_name`, `stage_description`, and `variables` arguments cannot be imported. Use the `aws_api_gateway_stage` resource to import and manage stages.\n\nThe `triggers` argument cannot be imported.\n\n", "properties": { "canarySettings": { "$ref": "#/types/aws:apigateway/DeploymentCanarySettings:DeploymentCanarySettings", "description": "Input configuration for the canary deployment when the deployment is a canary release deployment. See `canary_settings below.\n" }, "createdDate": { "type": "string", "description": "Creation date of the deployment\n" }, "description": { "type": "string", "description": "Description of the deployment\n" }, "executionArn": { "type": "string", "description": "Execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "description": "REST API identifier.\n" }, "stageDescription": { "type": "string", "description": "Description to set on the stage managed by the `stage_name` argument.\n" }, "stageName": { "type": "string", "description": "Name of the stage to create with this deployment. If the specified stage already exists, it will be updated to point to the new deployment. We recommend using the `aws.apigateway.Stage` resource instead to manage stages.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map to set on the stage managed by the `stage_name` argument.\n" } }, "required": [ "createdDate", "executionArn", "invokeUrl", "restApi" ], "inputProperties": { "canarySettings": { "$ref": "#/types/aws:apigateway/DeploymentCanarySettings:DeploymentCanarySettings", "description": "Input configuration for the canary deployment when the deployment is a canary release deployment. See `canary_settings below.\n" }, "description": { "type": "string", "description": "Description of the deployment\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "REST API identifier.\n", "willReplaceOnChanges": true }, "stageDescription": { "type": "string", "description": "Description to set on the stage managed by the `stage_name` argument.\n", "willReplaceOnChanges": true }, "stageName": { "type": "string", "description": "Name of the stage to create with this deployment. If the specified stage already exists, it will be updated to point to the new deployment. We recommend using the `aws.apigateway.Stage` resource instead to manage stages.\n", "willReplaceOnChanges": true }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n", "willReplaceOnChanges": true }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map to set on the stage managed by the `stage_name` argument.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "canarySettings": { "$ref": "#/types/aws:apigateway/DeploymentCanarySettings:DeploymentCanarySettings", "description": "Input configuration for the canary deployment when the deployment is a canary release deployment. See `canary_settings below.\n" }, "createdDate": { "type": "string", "description": "Creation date of the deployment\n" }, "description": { "type": "string", "description": "Description of the deployment\n" }, "executionArn": { "type": "string", "description": "Execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "REST API identifier.\n", "willReplaceOnChanges": true }, "stageDescription": { "type": "string", "description": "Description to set on the stage managed by the `stage_name` argument.\n", "willReplaceOnChanges": true }, "stageName": { "type": "string", "description": "Name of the stage to create with this deployment. If the specified stage already exists, it will be updated to point to the new deployment. We recommend using the `aws.apigateway.Stage` resource instead to manage stages.\n", "willReplaceOnChanges": true }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n", "willReplaceOnChanges": true }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map to set on the stage managed by the `stage_name` argument.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/documentationPart:DocumentationPart": { "description": "Provides a settings of an API Gateway Documentation Part.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {name: \"example_api\"});\nconst example = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n type: \"METHOD\",\n method: \"GET\",\n path: \"/example\",\n },\n properties: \"{\\\"description\\\":\\\"Example description\\\"}\",\n restApiId: exampleRestApi.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"example\", name=\"example_api\")\nexample = aws.apigateway.DocumentationPart(\"example\",\n location={\n \"type\": \"METHOD\",\n \"method\": \"GET\",\n \"path\": \"/example\",\n },\n properties=\"{\\\"description\\\":\\\"Example description\\\"}\",\n rest_api_id=example_rest_api.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Name = \"example_api\",\n });\n\n var example = new Aws.ApiGateway.DocumentationPart(\"example\", new()\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Type = \"METHOD\",\n Method = \"GET\",\n Path = \"/example\",\n },\n Properties = \"{\\\"description\\\":\\\"Example description\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"example_api\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationPart(ctx, \"example\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tType: pulumi.String(\"METHOD\"),\n\t\t\t\tMethod: pulumi.String(\"GET\"),\n\t\t\t\tPath: pulumi.String(\"/example\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example description\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.DocumentationPart;\nimport com.pulumi.aws.apigateway.DocumentationPartArgs;\nimport com.pulumi.aws.apigateway.inputs.DocumentationPartLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRestApi = new RestApi(\"exampleRestApi\", RestApiArgs.builder()\n .name(\"example_api\")\n .build());\n\n var example = new DocumentationPart(\"example\", DocumentationPartArgs.builder()\n .location(DocumentationPartLocationArgs.builder()\n .type(\"METHOD\")\n .method(\"GET\")\n .path(\"/example\")\n .build())\n .properties(\"{\\\"description\\\":\\\"Example description\\\"}\")\n .restApiId(exampleRestApi.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DocumentationPart\n properties:\n location:\n type: METHOD\n method: GET\n path: /example\n properties: '{\"description\":\"Example description\"}'\n restApiId: ${exampleRestApi.id}\n exampleRestApi:\n type: aws:apigateway:RestApi\n name: example\n properties:\n name: example_api\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway documentation_parts using `REST-API-ID/DOC-PART-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/documentationPart:DocumentationPart example 5i4e1ko720/3oyy3t\n```\n", "properties": { "documentationPartId": { "type": "string", "description": "The DocumentationPart identifier, generated by API Gateway when the documentation part is created.\n" }, "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "Location of the targeted API entity of the to-be-created documentation part. See below.\n" }, "properties": { "type": "string", "description": "Content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n" } }, "required": [ "documentationPartId", "location", "properties", "restApiId" ], "inputProperties": { "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "Location of the targeted API entity of the to-be-created documentation part. See below.\n", "willReplaceOnChanges": true }, "properties": { "type": "string", "description": "Content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "location", "properties", "restApiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DocumentationPart resources.\n", "properties": { "documentationPartId": { "type": "string", "description": "The DocumentationPart identifier, generated by API Gateway when the documentation part is created.\n" }, "location": { "$ref": "#/types/aws:apigateway/DocumentationPartLocation:DocumentationPartLocation", "description": "Location of the targeted API entity of the to-be-created documentation part. See below.\n", "willReplaceOnChanges": true }, "properties": { "type": "string", "description": "Content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a JSON string, e.g., \"{ \\\"description\\\": \\\"The API does ...\\\" }\". Only Swagger-compliant key-value pairs can be exported and, hence, published.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/documentationVersion:DocumentationVersion": { "description": "Provides a resource to manage an API Gateway Documentation Version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {name: \"example_api\"});\nconst exampleDocumentationPart = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n type: \"API\",\n },\n properties: \"{\\\"description\\\":\\\"Example\\\"}\",\n restApiId: exampleRestApi.id,\n});\nconst example = new aws.apigateway.DocumentationVersion(\"example\", {\n version: \"example_version\",\n restApiId: exampleRestApi.id,\n description: \"Example description\",\n}, {\n dependsOn: [exampleDocumentationPart],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"example\", name=\"example_api\")\nexample_documentation_part = aws.apigateway.DocumentationPart(\"example\",\n location={\n \"type\": \"API\",\n },\n properties=\"{\\\"description\\\":\\\"Example\\\"}\",\n rest_api_id=example_rest_api.id)\nexample = aws.apigateway.DocumentationVersion(\"example\",\n version=\"example_version\",\n rest_api_id=example_rest_api.id,\n description=\"Example description\",\n opts = pulumi.ResourceOptions(depends_on=[example_documentation_part]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Name = \"example_api\",\n });\n\n var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart(\"example\", new()\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Type = \"API\",\n },\n Properties = \"{\\\"description\\\":\\\"Example\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n\n var example = new Aws.ApiGateway.DocumentationVersion(\"example\", new()\n {\n Version = \"example_version\",\n RestApiId = exampleRestApi.Id,\n Description = \"Example description\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleDocumentationPart,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"example_api\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDocumentationPart, err := apigateway.NewDocumentationPart(ctx, \"example\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tType: pulumi.String(\"API\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationVersion(ctx, \"example\", \u0026apigateway.DocumentationVersionArgs{\n\t\t\tVersion: pulumi.String(\"example_version\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleDocumentationPart,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.DocumentationPart;\nimport com.pulumi.aws.apigateway.DocumentationPartArgs;\nimport com.pulumi.aws.apigateway.inputs.DocumentationPartLocationArgs;\nimport com.pulumi.aws.apigateway.DocumentationVersion;\nimport com.pulumi.aws.apigateway.DocumentationVersionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRestApi = new RestApi(\"exampleRestApi\", RestApiArgs.builder()\n .name(\"example_api\")\n .build());\n\n var exampleDocumentationPart = new DocumentationPart(\"exampleDocumentationPart\", DocumentationPartArgs.builder()\n .location(DocumentationPartLocationArgs.builder()\n .type(\"API\")\n .build())\n .properties(\"{\\\"description\\\":\\\"Example\\\"}\")\n .restApiId(exampleRestApi.id())\n .build());\n\n var example = new DocumentationVersion(\"example\", DocumentationVersionArgs.builder()\n .version(\"example_version\")\n .restApiId(exampleRestApi.id())\n .description(\"Example description\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleDocumentationPart)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DocumentationVersion\n properties:\n version: example_version\n restApiId: ${exampleRestApi.id}\n description: Example description\n options:\n dependson:\n - ${exampleDocumentationPart}\n exampleRestApi:\n type: aws:apigateway:RestApi\n name: example\n properties:\n name: example_api\n exampleDocumentationPart:\n type: aws:apigateway:DocumentationPart\n name: example\n properties:\n location:\n type: API\n properties: '{\"description\":\"Example\"}'\n restApiId: ${exampleRestApi.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway documentation versions using `REST-API-ID/VERSION`. For example:\n\n```sh\n$ pulumi import aws:apigateway/documentationVersion:DocumentationVersion example 5i4e1ko720/example-version\n```\n", "properties": { "description": { "type": "string", "description": "Description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n" }, "version": { "type": "string", "description": "Version identifier of the API documentation snapshot.\n" } }, "required": [ "restApiId", "version" ], "inputProperties": { "description": { "type": "string", "description": "Description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version identifier of the API documentation snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "restApiId", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering DocumentationVersion resources.\n", "properties": { "description": { "type": "string", "description": "Description of the API documentation version.\n" }, "restApiId": { "type": "string", "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version identifier of the API documentation snapshot.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/domainName:DomainName": { "description": "Registers a custom domain name for use with AWS API Gateway. Additional information about this functionality\ncan be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\nThis resource just establishes ownership of and the TLS settings for\na particular domain name. An API can be attached to a particular path\nunder the registered domain name using\nthe `aws.apigateway.BasePathMapping` resource.\n\nAPI Gateway domains can be defined as either 'edge-optimized' or 'regional'. In an edge-optimized configuration,\nAPI Gateway internally creates and manages a CloudFront distribution to route requests on the given hostname. In\naddition to this resource it's necessary to create a DNS record corresponding to the given domain name which is an alias\n(either Route53 alias or traditional CNAME) to the Cloudfront domain name exported in the `cloudfront_domain_name`\nattribute.\n\nIn a regional configuration, API Gateway does not create a CloudFront distribution to route requests to the API, though\na distribution can be created if needed. In either case, it is necessary to create a DNS record corresponding to the\ngiven domain name which is an alias (either Route53 alias or traditional CNAME) to the regional domain name exported in\nthe `regional_domain_name` attribute.\n\n\u003e **Note:** API Gateway requires the use of AWS Certificate Manager (ACM) certificates instead of Identity and Access Management (IAM) certificates in regions that support ACM. Regions that support ACM can be found in the [Regions and Endpoints Documentation](https://docs.aws.amazon.com/general/latest/gr/rande.html#acm_region). To import an existing private key and certificate into ACM or request an ACM certificate, see the `aws.acm.Certificate` resource.\n\n\u003e **Note:** The `aws.apigateway.DomainName` resource expects dependency on the `aws.acm.CertificateValidation` as\nonly verified certificates can be used. This can be made either explicitly by adding the\n`depends_on = [aws_acm_certificate_validation.cert]` attribute. Or implicitly by referring certificate ARN\nfrom the validation resource where it will be available after the resource creation:\n`regional_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn`.\n\n## Example Usage\n\n### Edge Optimized (ACM Certificate)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.DomainName(\"example\", {\n certificateArn: exampleAwsAcmCertificateValidation.certificateArn,\n domainName: \"api.example.com\",\n});\n// Example DNS record using Route53.\n// Route53 is not specifically required; any DNS host can be used.\nconst exampleRecord = new aws.route53.Record(\"example\", {\n name: example.domainName,\n type: aws.route53.RecordType.A,\n zoneId: exampleAwsRoute53Zone.id,\n aliases: [{\n evaluateTargetHealth: true,\n name: example.cloudfrontDomainName,\n zoneId: example.cloudfrontZoneId,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.DomainName(\"example\",\n certificate_arn=example_aws_acm_certificate_validation[\"certificateArn\"],\n domain_name=\"api.example.com\")\n# Example DNS record using Route53.\n# Route53 is not specifically required; any DNS host can be used.\nexample_record = aws.route53.Record(\"example\",\n name=example.domain_name,\n type=aws.route53.RecordType.A,\n zone_id=example_aws_route53_zone[\"id\"],\n aliases=[{\n \"evaluate_target_health\": True,\n \"name\": example.cloudfront_domain_name,\n \"zone_id\": example.cloudfront_zone_id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.DomainName(\"example\", new()\n {\n CertificateArn = exampleAwsAcmCertificateValidation.CertificateArn,\n Domain = \"api.example.com\",\n });\n\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n Name = example.Domain,\n Type = Aws.Route53.RecordType.A,\n ZoneId = exampleAwsRoute53Zone.Id,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = example.CloudfrontDomainName,\n ZoneId = example.CloudfrontZoneId,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apigateway.NewDomainName(ctx, \"example\", \u0026apigateway.DomainNameArgs{\n\t\t\tCertificateArn: pulumi.Any(exampleAwsAcmCertificateValidation.CertificateArn),\n\t\t\tDomainName: pulumi.String(\"api.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example DNS record using Route53.\n\t\t// Route53 is not specifically required; any DNS host can be used.\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tName: example.DomainName,\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.Id),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: example.CloudfrontDomainName,\n\t\t\t\t\tZoneId: example.CloudfrontZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.DomainName;\nimport com.pulumi.aws.apigateway.DomainNameArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainName(\"example\", DomainNameArgs.builder()\n .certificateArn(exampleAwsAcmCertificateValidation.certificateArn())\n .domainName(\"api.example.com\")\n .build());\n\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .name(example.domainName())\n .type(\"A\")\n .zoneId(exampleAwsRoute53Zone.id())\n .aliases(RecordAliasArgs.builder()\n .evaluateTargetHealth(true)\n .name(example.cloudfrontDomainName())\n .zoneId(example.cloudfrontZoneId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DomainName\n properties:\n certificateArn: ${exampleAwsAcmCertificateValidation.certificateArn}\n domainName: api.example.com\n # Example DNS record using Route53.\n # Route53 is not specifically required; any DNS host can be used.\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n name: ${example.domainName}\n type: A\n zoneId: ${exampleAwsRoute53Zone.id}\n aliases:\n - evaluateTargetHealth: true\n name: ${example.cloudfrontDomainName}\n zoneId: ${example.cloudfrontZoneId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Regional (ACM Certificate)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.DomainName(\"example\", {\n domainName: \"api.example.com\",\n regionalCertificateArn: exampleAwsAcmCertificateValidation.certificateArn,\n endpointConfiguration: {\n types: \"REGIONAL\",\n },\n});\n// Example DNS record using Route53.\n// Route53 is not specifically required; any DNS host can be used.\nconst exampleRecord = new aws.route53.Record(\"example\", {\n name: example.domainName,\n type: aws.route53.RecordType.A,\n zoneId: exampleAwsRoute53Zone.id,\n aliases: [{\n evaluateTargetHealth: true,\n name: example.regionalDomainName,\n zoneId: example.regionalZoneId,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.DomainName(\"example\",\n domain_name=\"api.example.com\",\n regional_certificate_arn=example_aws_acm_certificate_validation[\"certificateArn\"],\n endpoint_configuration={\n \"types\": \"REGIONAL\",\n })\n# Example DNS record using Route53.\n# Route53 is not specifically required; any DNS host can be used.\nexample_record = aws.route53.Record(\"example\",\n name=example.domain_name,\n type=aws.route53.RecordType.A,\n zone_id=example_aws_route53_zone[\"id\"],\n aliases=[{\n \"evaluate_target_health\": True,\n \"name\": example.regional_domain_name,\n \"zone_id\": example.regional_zone_id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.DomainName(\"example\", new()\n {\n Domain = \"api.example.com\",\n RegionalCertificateArn = exampleAwsAcmCertificateValidation.CertificateArn,\n EndpointConfiguration = new Aws.ApiGateway.Inputs.DomainNameEndpointConfigurationArgs\n {\n Types = \"REGIONAL\",\n },\n });\n\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n Name = example.Domain,\n Type = Aws.Route53.RecordType.A,\n ZoneId = exampleAwsRoute53Zone.Id,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = true,\n Name = example.RegionalDomainName,\n ZoneId = example.RegionalZoneId,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apigateway.NewDomainName(ctx, \"example\", \u0026apigateway.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"api.example.com\"),\n\t\t\tRegionalCertificateArn: pulumi.Any(exampleAwsAcmCertificateValidation.CertificateArn),\n\t\t\tEndpointConfiguration: \u0026apigateway.DomainNameEndpointConfigurationArgs{\n\t\t\t\tTypes: pulumi.String(\"REGIONAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example DNS record using Route53.\n\t\t// Route53 is not specifically required; any DNS host can be used.\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tName: example.DomainName,\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.Id),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t\tName: example.RegionalDomainName,\n\t\t\t\t\tZoneId: example.RegionalZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.DomainName;\nimport com.pulumi.aws.apigateway.DomainNameArgs;\nimport com.pulumi.aws.apigateway.inputs.DomainNameEndpointConfigurationArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainName(\"example\", DomainNameArgs.builder()\n .domainName(\"api.example.com\")\n .regionalCertificateArn(exampleAwsAcmCertificateValidation.certificateArn())\n .endpointConfiguration(DomainNameEndpointConfigurationArgs.builder()\n .types(\"REGIONAL\")\n .build())\n .build());\n\n // Example DNS record using Route53.\n // Route53 is not specifically required; any DNS host can be used.\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .name(example.domainName())\n .type(\"A\")\n .zoneId(exampleAwsRoute53Zone.id())\n .aliases(RecordAliasArgs.builder()\n .evaluateTargetHealth(true)\n .name(example.regionalDomainName())\n .zoneId(example.regionalZoneId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DomainName\n properties:\n domainName: api.example.com\n regionalCertificateArn: ${exampleAwsAcmCertificateValidation.certificateArn}\n endpointConfiguration:\n types: REGIONAL\n # Example DNS record using Route53.\n # Route53 is not specifically required; any DNS host can be used.\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n name: ${example.domainName}\n type: A\n zoneId: ${exampleAwsRoute53Zone.id}\n aliases:\n - evaluateTargetHealth: true\n name: ${example.regionalDomainName}\n zoneId: ${example.regionalZoneId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway domain names using their `name`. For example:\n\n```sh\n$ pulumi import aws:apigateway/domainName:DomainName example dev.example.com\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of domain name.\n" }, "certificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "Certificate issued for the domain name being registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateChain": { "type": "string", "description": "Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateName": { "type": "string", "description": "Unique name to use when registering this certificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "Private key associated with the domain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "secret": true }, "certificateUploadDate": { "type": "string", "description": "Upload date associated with the domain certificate.\n" }, "cloudfrontDomainName": { "type": "string", "description": "Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.\n" }, "cloudfrontZoneId": { "type": "string", "description": "For convenience, the hosted zone ID (`Z2FDTNDATAQYW2`) that can be used to create a Route53 alias record for the distribution.\n" }, "domainName": { "type": "string", "description": "Fully-qualified domain name to register.\n", "language": { "csharp": { "name": "Domain" } } }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigateway/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name. See below.\n" }, "ownershipVerificationCertificateArn": { "type": "string", "description": "ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificate_arn` is issued via an ACM Private CA or `mutual_tls_authentication` is configured with an ACM-imported certificate.)\n" }, "regionalCertificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n\nWhen uploading a certificate, the following arguments are supported:\n" }, "regionalCertificateName": { "type": "string", "description": "User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "regionalDomainName": { "type": "string", "description": "Hostname for the custom domain's regional endpoint.\n" }, "regionalZoneId": { "type": "string", "description": "Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.\n" }, "securityPolicy": { "type": "string", "description": "Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nWhen referencing an AWS-managed certificate, the following arguments are supported:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "certificateUploadDate", "cloudfrontDomainName", "cloudfrontZoneId", "domainName", "endpointConfiguration", "ownershipVerificationCertificateArn", "regionalDomainName", "regionalZoneId", "securityPolicy", "tagsAll" ], "inputProperties": { "certificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "Certificate issued for the domain name being registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "willReplaceOnChanges": true }, "certificateName": { "type": "string", "description": "Unique name to use when registering this certificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "Private key associated with the domain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "secret": true, "willReplaceOnChanges": true }, "domainName": { "type": "string", "description": "Fully-qualified domain name to register.\n", "language": { "csharp": { "name": "Domain" } }, "willReplaceOnChanges": true }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigateway/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name. See below.\n" }, "ownershipVerificationCertificateArn": { "type": "string", "description": "ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificate_arn` is issued via an ACM Private CA or `mutual_tls_authentication` is configured with an ACM-imported certificate.)\n" }, "regionalCertificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n\nWhen uploading a certificate, the following arguments are supported:\n" }, "regionalCertificateName": { "type": "string", "description": "User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "securityPolicy": { "type": "string", "description": "Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nWhen referencing an AWS-managed certificate, the following arguments are supported:\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainName resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of domain name.\n" }, "certificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when an edge-optimized domain name is desired. Conflicts with `certificate_name`, `certificate_body`, `certificate_chain`, `certificate_private_key`, `regional_certificate_arn`, and `regional_certificate_name`.\n" }, "certificateBody": { "type": "string", "description": "Certificate issued for the domain name being registered, in PEM format. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "Certificate for the CA that issued the certificate, along with any intermediate CA certificates required to create an unbroken chain to a certificate trusted by the intended API clients. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "willReplaceOnChanges": true }, "certificateName": { "type": "string", "description": "Unique name to use when registering this certificate as an IAM server certificate. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`. Required if `certificate_arn` is not set.\n" }, "certificatePrivateKey": { "type": "string", "description": "Private key associated with the domain certificate given in `certificate_body`. Only valid for `EDGE` endpoint configuration type. Conflicts with `certificate_arn`, `regional_certificate_arn`, and `regional_certificate_name`.\n", "secret": true, "willReplaceOnChanges": true }, "certificateUploadDate": { "type": "string", "description": "Upload date associated with the domain certificate.\n" }, "cloudfrontDomainName": { "type": "string", "description": "Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.\n" }, "cloudfrontZoneId": { "type": "string", "description": "For convenience, the hosted zone ID (`Z2FDTNDATAQYW2`) that can be used to create a Route53 alias record for the distribution.\n" }, "domainName": { "type": "string", "description": "Fully-qualified domain name to register.\n", "language": { "csharp": { "name": "Domain" } }, "willReplaceOnChanges": true }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/DomainNameEndpointConfiguration:DomainNameEndpointConfiguration", "description": "Configuration block defining API endpoint information including type. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigateway/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name. See below.\n" }, "ownershipVerificationCertificateArn": { "type": "string", "description": "ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificate_arn` is issued via an ACM Private CA or `mutual_tls_authentication` is configured with an ACM-imported certificate.)\n" }, "regionalCertificateArn": { "type": "string", "description": "ARN for an AWS-managed certificate. AWS Certificate Manager is the only supported source. Used when a regional domain name is desired. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n\nWhen uploading a certificate, the following arguments are supported:\n" }, "regionalCertificateName": { "type": "string", "description": "User-friendly name of the certificate that will be used by regional endpoint for this domain name. Conflicts with `certificate_arn`, `certificate_name`, `certificate_body`, `certificate_chain`, and `certificate_private_key`.\n" }, "regionalDomainName": { "type": "string", "description": "Hostname for the custom domain's regional endpoint.\n" }, "regionalZoneId": { "type": "string", "description": "Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.\n" }, "securityPolicy": { "type": "string", "description": "Transport Layer Security (TLS) version + cipher suite for this DomainName. Valid values are `TLS_1_0` and `TLS_1_2`. Must be configured to perform drift detection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nWhen referencing an AWS-managed certificate, the following arguments are supported:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apigateway/integration:Integration": { "description": "Provides an HTTP Method Integration for an API Gateway Integration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n cacheKeyParameters: [\"method.request.path.param\"],\n cacheNamespace: \"foobar\",\n timeoutMilliseconds: 29000,\n requestParameters: {\n \"integration.request.header.X-Authorization\": \"'static'\",\n },\n requestTemplates: {\n \"application/xml\": `{\n \"body\" : input.json('')\n}\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\",\n cache_key_parameters=[\"method.request.path.param\"],\n cache_namespace=\"foobar\",\n timeout_milliseconds=29000,\n request_parameters={\n \"integration.request.header.X-Authorization\": \"'static'\",\n },\n request_templates={\n \"application/xml\": \"\"\"{\n \"body\" : $input.json('$')\n}\n\"\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n CacheKeyParameters = new[]\n {\n \"method.request.path.param\",\n },\n CacheNamespace = \"foobar\",\n TimeoutMilliseconds = 29000,\n RequestParameters = \n {\n { \"integration.request.header.X-Authorization\", \"'static'\" },\n },\n RequestTemplates = \n {\n { \"application/xml\", @\"{\n \"\"body\"\" : $input.json('$')\n}\n\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t\tCacheKeyParameters: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"method.request.path.param\"),\n\t\t\t},\n\t\t\tCacheNamespace: pulumi.String(\"foobar\"),\n\t\t\tTimeoutMilliseconds: pulumi.Int(29000),\n\t\t\tRequestParameters: pulumi.StringMap{\n\t\t\t\t\"integration.request.header.X-Authorization\": pulumi.String(\"'static'\"),\n\t\t\t},\n\t\t\tRequestTemplates: pulumi.StringMap{\n\t\t\t\t\"application/xml\": pulumi.String(\"{\\n \\\"body\\\" : $input.json('$')\\n}\\n\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .cacheKeyParameters(\"method.request.path.param\")\n .cacheNamespace(\"foobar\")\n .timeoutMilliseconds(29000)\n .requestParameters(Map.of(\"integration.request.header.X-Authorization\", \"'static'\"))\n .requestTemplates(Map.of(\"application/xml\", \"\"\"\n{\n \"body\" : $input.json('$')\n}\n \"\"\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n cacheKeyParameters:\n - method.request.path.param\n cacheNamespace: foobar\n timeoutMilliseconds: 29000\n requestParameters:\n integration.request.header.X-Authorization: '''static'''\n requestTemplates:\n application/xml: |\n {\n \"body\" : $input.json('$')\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Lambda integration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst config = new pulumi.Config();\nconst myregion = config.requireObject(\"myregion\");\nconst accountId = config.requireObject(\"accountId\");\n// API Gateway\nconst api = new aws.apigateway.RestApi(\"api\", {name: \"myapi\"});\nconst resource = new aws.apigateway.Resource(\"resource\", {\n pathPart: \"resource\",\n parentId: api.rootResourceId,\n restApi: api.id,\n});\nconst method = new aws.apigateway.Method(\"method\", {\n restApi: api.id,\n resourceId: resource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\n// IAM\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst role = new aws.iam.Role(\"role\", {\n name: \"myrole\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst lambda = new aws.lambda.Function(\"lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda.zip\"),\n name: \"mylambda\",\n role: role.arn,\n handler: \"lambda.lambda_handler\",\n runtime: aws.lambda.Runtime.Python3d7,\n sourceCodeHash: std.filebase64sha256({\n input: \"lambda.zip\",\n }).then(invoke =\u003e invoke.result),\n});\nconst integration = new aws.apigateway.Integration(\"integration\", {\n restApi: api.id,\n resourceId: resource.id,\n httpMethod: method.httpMethod,\n integrationHttpMethod: \"POST\",\n type: \"AWS_PROXY\",\n uri: lambda.invokeArn,\n});\n// Lambda\nconst apigwLambda = new aws.lambda.Permission(\"apigw_lambda\", {\n statementId: \"AllowExecutionFromAPIGateway\",\n action: \"lambda:InvokeFunction\",\n \"function\": lambda.name,\n principal: \"apigateway.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:execute-api:${myregion}:${accountId}:${api.id}/*/${method.httpMethod}${resource.path}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nconfig = pulumi.Config()\nmyregion = config.require_object(\"myregion\")\naccount_id = config.require_object(\"accountId\")\n# API Gateway\napi = aws.apigateway.RestApi(\"api\", name=\"myapi\")\nresource = aws.apigateway.Resource(\"resource\",\n path_part=\"resource\",\n parent_id=api.root_resource_id,\n rest_api=api.id)\nmethod = aws.apigateway.Method(\"method\",\n rest_api=api.id,\n resource_id=resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\n# IAM\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nrole = aws.iam.Role(\"role\",\n name=\"myrole\",\n assume_role_policy=assume_role.json)\nlambda_ = aws.lambda_.Function(\"lambda\",\n code=pulumi.FileArchive(\"lambda.zip\"),\n name=\"mylambda\",\n role=role.arn,\n handler=\"lambda.lambda_handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D7,\n source_code_hash=std.filebase64sha256(input=\"lambda.zip\").result)\nintegration = aws.apigateway.Integration(\"integration\",\n rest_api=api.id,\n resource_id=resource.id,\n http_method=method.http_method,\n integration_http_method=\"POST\",\n type=\"AWS_PROXY\",\n uri=lambda_.invoke_arn)\n# Lambda\napigw_lambda = aws.lambda_.Permission(\"apigw_lambda\",\n statement_id=\"AllowExecutionFromAPIGateway\",\n action=\"lambda:InvokeFunction\",\n function=lambda_.name,\n principal=\"apigateway.amazonaws.com\",\n source_arn=pulumi.Output.all(api.id, method.http_method, resource.path).apply(lambda id, http_method, path: f\"arn:aws:execute-api:{myregion}:{account_id}:{id}/*/{http_method}{path}\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var myregion = config.RequireObject\u003cdynamic\u003e(\"myregion\");\n var accountId = config.RequireObject\u003cdynamic\u003e(\"accountId\");\n // API Gateway\n var api = new Aws.ApiGateway.RestApi(\"api\", new()\n {\n Name = \"myapi\",\n });\n\n var resource = new Aws.ApiGateway.Resource(\"resource\", new()\n {\n PathPart = \"resource\",\n ParentId = api.RootResourceId,\n RestApi = api.Id,\n });\n\n var method = new Aws.ApiGateway.Method(\"method\", new()\n {\n RestApi = api.Id,\n ResourceId = resource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n // IAM\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var role = new Aws.Iam.Role(\"role\", new()\n {\n Name = \"myrole\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambda = new Aws.Lambda.Function(\"lambda\", new()\n {\n Code = new FileArchive(\"lambda.zip\"),\n Name = \"mylambda\",\n Role = role.Arn,\n Handler = \"lambda.lambda_handler\",\n Runtime = Aws.Lambda.Runtime.Python3d7,\n SourceCodeHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"lambda.zip\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n var integration = new Aws.ApiGateway.Integration(\"integration\", new()\n {\n RestApi = api.Id,\n ResourceId = resource.Id,\n HttpMethod = method.HttpMethod,\n IntegrationHttpMethod = \"POST\",\n Type = \"AWS_PROXY\",\n Uri = lambda.InvokeArn,\n });\n\n // Lambda\n var apigwLambda = new Aws.Lambda.Permission(\"apigw_lambda\", new()\n {\n StatementId = \"AllowExecutionFromAPIGateway\",\n Action = \"lambda:InvokeFunction\",\n Function = lambda.Name,\n Principal = \"apigateway.amazonaws.com\",\n SourceArn = Output.Tuple(api.Id, method.HttpMethod, resource.Path).Apply(values =\u003e\n {\n var id = values.Item1;\n var httpMethod = values.Item2;\n var path = values.Item3;\n return $\"arn:aws:execute-api:{myregion}:{accountId}:{id}/*/{httpMethod}{path}\";\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tmyregion := cfg.RequireObject(\"myregion\")\n\t\taccountId := cfg.RequireObject(\"accountId\")\n\t\t// API Gateway\n\t\tapi, err := apigateway.NewRestApi(ctx, \"api\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"myapi\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tresource, err := apigateway.NewResource(ctx, \"resource\", \u0026apigateway.ResourceArgs{\n\t\t\tPathPart: pulumi.String(\"resource\"),\n\t\t\tParentId: api.RootResourceId,\n\t\t\tRestApi: api.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmethod, err := apigateway.NewMethod(ctx, \"method\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: api.ID(),\n\t\t\tResourceId: resource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// IAM\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"myrole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"lambda.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambda, err := lambda.NewFunction(ctx, \"lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda.zip\"),\n\t\t\tName: pulumi.String(\"mylambda\"),\n\t\t\tRole: role.Arn,\n\t\t\tHandler: pulumi.String(\"lambda.lambda_handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t\tSourceCodeHash: pulumi.String(invokeFilebase64sha256.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"integration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: api.ID(),\n\t\t\tResourceId: resource.ID(),\n\t\t\tHttpMethod: method.HttpMethod,\n\t\t\tIntegrationHttpMethod: pulumi.String(\"POST\"),\n\t\t\tType: pulumi.String(\"AWS_PROXY\"),\n\t\t\tUri: lambda.InvokeArn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Lambda\n\t\t_, err = lambda.NewPermission(ctx, \"apigw_lambda\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromAPIGateway\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: lambda.Name,\n\t\t\tPrincipal: pulumi.String(\"apigateway.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.All(api.ID(), method.HttpMethod, resource.Path).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\thttpMethod := _args[1].(string)\n\t\t\t\tpath := _args[2].(string)\n\t\t\t\treturn fmt.Sprintf(\"arn:aws:execute-api:%v:%v:%v/*/%v%v\", myregion, accountId, id, httpMethod, path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var myregion = config.get(\"myregion\");\n final var accountId = config.get(\"accountId\");\n // API Gateway\n var api = new RestApi(\"api\", RestApiArgs.builder()\n .name(\"myapi\")\n .build());\n\n var resource = new Resource(\"resource\", ResourceArgs.builder()\n .pathPart(\"resource\")\n .parentId(api.rootResourceId())\n .restApi(api.id())\n .build());\n\n var method = new Method(\"method\", MethodArgs.builder()\n .restApi(api.id())\n .resourceId(resource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n // IAM\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .name(\"myrole\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambda = new Function(\"lambda\", FunctionArgs.builder()\n .code(new FileArchive(\"lambda.zip\"))\n .name(\"mylambda\")\n .role(role.arn())\n .handler(\"lambda.lambda_handler\")\n .runtime(\"python3.7\")\n .sourceCodeHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"lambda.zip\")\n .build()).result())\n .build());\n\n var integration = new Integration(\"integration\", IntegrationArgs.builder()\n .restApi(api.id())\n .resourceId(resource.id())\n .httpMethod(method.httpMethod())\n .integrationHttpMethod(\"POST\")\n .type(\"AWS_PROXY\")\n .uri(lambda.invokeArn())\n .build());\n\n // Lambda\n var apigwLambda = new Permission(\"apigwLambda\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromAPIGateway\")\n .action(\"lambda:InvokeFunction\")\n .function(lambda.name())\n .principal(\"apigateway.amazonaws.com\")\n .sourceArn(Output.tuple(api.id(), method.httpMethod(), resource.path()).applyValue(values -\u003e {\n var id = values.t1;\n var httpMethod = values.t2;\n var path = values.t3;\n return String.format(\"arn:aws:execute-api:%s:%s:%s/*/%s%s\", myregion,accountId,id,httpMethod,path);\n }))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n # Variables\n myregion:\n type: dynamic\n accountId:\n type: dynamic\nresources:\n # API Gateway\n api:\n type: aws:apigateway:RestApi\n properties:\n name: myapi\n resource:\n type: aws:apigateway:Resource\n properties:\n pathPart: resource\n parentId: ${api.rootResourceId}\n restApi: ${api.id}\n method:\n type: aws:apigateway:Method\n properties:\n restApi: ${api.id}\n resourceId: ${resource.id}\n httpMethod: GET\n authorization: NONE\n integration:\n type: aws:apigateway:Integration\n properties:\n restApi: ${api.id}\n resourceId: ${resource.id}\n httpMethod: ${method.httpMethod}\n integrationHttpMethod: POST\n type: AWS_PROXY\n uri: ${lambda.invokeArn}\n # Lambda\n apigwLambda:\n type: aws:lambda:Permission\n name: apigw_lambda\n properties:\n statementId: AllowExecutionFromAPIGateway\n action: lambda:InvokeFunction\n function: ${lambda.name}\n principal: apigateway.amazonaws.com\n sourceArn: arn:aws:execute-api:${myregion}:${accountId}:${api.id}/*/${method.httpMethod}${resource.path}\n lambda:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: lambda.zip\n name: mylambda\n role: ${role.arn}\n handler: lambda.lambda_handler\n runtime: python3.7\n sourceCodeHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: lambda.zip\n Return: result\n role:\n type: aws:iam:Role\n properties:\n name: myrole\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n # IAM\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## VPC Link\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst name = config.requireObject(\"name\");\nconst subnetId = config.requireObject(\"subnetId\");\nconst test = new aws.lb.LoadBalancer(\"test\", {\n name: name,\n internal: true,\n loadBalancerType: \"network\",\n subnets: [subnetId],\n});\nconst testVpcLink = new aws.apigateway.VpcLink(\"test\", {\n name: name,\n targetArn: test.arn,\n});\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {name: name});\nconst testResource = new aws.apigateway.Resource(\"test\", {\n restApi: testRestApi.id,\n parentId: testRestApi.rootResourceId,\n pathPart: \"test\",\n});\nconst testMethod = new aws.apigateway.Method(\"test\", {\n restApi: testRestApi.id,\n resourceId: testResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n requestModels: {\n \"application/json\": \"Error\",\n },\n});\nconst testIntegration = new aws.apigateway.Integration(\"test\", {\n restApi: testRestApi.id,\n resourceId: testResource.id,\n httpMethod: testMethod.httpMethod,\n requestTemplates: {\n \"application/json\": \"\",\n \"application/xml\": `#set(inputRoot = input.path(''))\n{ }`,\n },\n requestParameters: {\n \"integration.request.header.X-Authorization\": \"'static'\",\n \"integration.request.header.X-Foo\": \"'Bar'\",\n },\n type: \"HTTP\",\n uri: \"https://www.google.de\",\n integrationHttpMethod: \"GET\",\n passthroughBehavior: \"WHEN_NO_MATCH\",\n contentHandling: \"CONVERT_TO_TEXT\",\n connectionType: \"VPC_LINK\",\n connectionId: testVpcLink.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nname = config.require_object(\"name\")\nsubnet_id = config.require_object(\"subnetId\")\ntest = aws.lb.LoadBalancer(\"test\",\n name=name,\n internal=True,\n load_balancer_type=\"network\",\n subnets=[subnet_id])\ntest_vpc_link = aws.apigateway.VpcLink(\"test\",\n name=name,\n target_arn=test.arn)\ntest_rest_api = aws.apigateway.RestApi(\"test\", name=name)\ntest_resource = aws.apigateway.Resource(\"test\",\n rest_api=test_rest_api.id,\n parent_id=test_rest_api.root_resource_id,\n path_part=\"test\")\ntest_method = aws.apigateway.Method(\"test\",\n rest_api=test_rest_api.id,\n resource_id=test_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\",\n request_models={\n \"application/json\": \"Error\",\n })\ntest_integration = aws.apigateway.Integration(\"test\",\n rest_api=test_rest_api.id,\n resource_id=test_resource.id,\n http_method=test_method.http_method,\n request_templates={\n \"application/json\": \"\",\n \"application/xml\": \"\"\"#set($inputRoot = $input.path('$'))\n{ }\"\"\",\n },\n request_parameters={\n \"integration.request.header.X-Authorization\": \"'static'\",\n \"integration.request.header.X-Foo\": \"'Bar'\",\n },\n type=\"HTTP\",\n uri=\"https://www.google.de\",\n integration_http_method=\"GET\",\n passthrough_behavior=\"WHEN_NO_MATCH\",\n content_handling=\"CONVERT_TO_TEXT\",\n connection_type=\"VPC_LINK\",\n connection_id=test_vpc_link.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var name = config.RequireObject\u003cdynamic\u003e(\"name\");\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var test = new Aws.LB.LoadBalancer(\"test\", new()\n {\n Name = name,\n Internal = true,\n LoadBalancerType = \"network\",\n Subnets = new[]\n {\n subnetId,\n },\n });\n\n var testVpcLink = new Aws.ApiGateway.VpcLink(\"test\", new()\n {\n Name = name,\n TargetArn = test.Arn,\n });\n\n var testRestApi = new Aws.ApiGateway.RestApi(\"test\", new()\n {\n Name = name,\n });\n\n var testResource = new Aws.ApiGateway.Resource(\"test\", new()\n {\n RestApi = testRestApi.Id,\n ParentId = testRestApi.RootResourceId,\n PathPart = \"test\",\n });\n\n var testMethod = new Aws.ApiGateway.Method(\"test\", new()\n {\n RestApi = testRestApi.Id,\n ResourceId = testResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n RequestModels = \n {\n { \"application/json\", \"Error\" },\n },\n });\n\n var testIntegration = new Aws.ApiGateway.Integration(\"test\", new()\n {\n RestApi = testRestApi.Id,\n ResourceId = testResource.Id,\n HttpMethod = testMethod.HttpMethod,\n RequestTemplates = \n {\n { \"application/json\", \"\" },\n { \"application/xml\", @\"#set($inputRoot = $input.path('$'))\n{ }\" },\n },\n RequestParameters = \n {\n { \"integration.request.header.X-Authorization\", \"'static'\" },\n { \"integration.request.header.X-Foo\", \"'Bar'\" },\n },\n Type = \"HTTP\",\n Uri = \"https://www.google.de\",\n IntegrationHttpMethod = \"GET\",\n PassthroughBehavior = \"WHEN_NO_MATCH\",\n ContentHandling = \"CONVERT_TO_TEXT\",\n ConnectionType = \"VPC_LINK\",\n ConnectionId = testVpcLink.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tname := cfg.RequireObject(\"name\")\n\t\tsubnetId := cfg.RequireObject(\"subnetId\")\n\t\ttest, err := lb.NewLoadBalancer(ctx, \"test\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.Any(name),\n\t\t\tInternal: pulumi.Bool(true),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\tsubnetId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcLink, err := apigateway.NewVpcLink(ctx, \"test\", \u0026apigateway.VpcLinkArgs{\n\t\t\tName: pulumi.Any(name),\n\t\t\tTargetArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRestApi, err := apigateway.NewRestApi(ctx, \"test\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.Any(name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestResource, err := apigateway.NewResource(ctx, \"test\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tParentId: testRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestMethod, err := apigateway.NewMethod(ctx, \"test\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t\tRequestModels: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"Error\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"test\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: testRestApi.ID(),\n\t\t\tResourceId: testResource.ID(),\n\t\t\tHttpMethod: testMethod.HttpMethod,\n\t\t\tRequestTemplates: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"\"),\n\t\t\t\t\"application/xml\": pulumi.String(\"#set($inputRoot = $input.path('$'))\\n{ }\"),\n\t\t\t},\n\t\t\tRequestParameters: pulumi.StringMap{\n\t\t\t\t\"integration.request.header.X-Authorization\": pulumi.String(\"'static'\"),\n\t\t\t\t\"integration.request.header.X-Foo\": pulumi.String(\"'Bar'\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tUri: pulumi.String(\"https://www.google.de\"),\n\t\t\tIntegrationHttpMethod: pulumi.String(\"GET\"),\n\t\t\tPassthroughBehavior: pulumi.String(\"WHEN_NO_MATCH\"),\n\t\t\tContentHandling: pulumi.String(\"CONVERT_TO_TEXT\"),\n\t\t\tConnectionType: pulumi.String(\"VPC_LINK\"),\n\t\t\tConnectionId: testVpcLink.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.apigateway.VpcLink;\nimport com.pulumi.aws.apigateway.VpcLinkArgs;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var name = config.get(\"name\");\n final var subnetId = config.get(\"subnetId\");\n var test = new LoadBalancer(\"test\", LoadBalancerArgs.builder()\n .name(name)\n .internal(true)\n .loadBalancerType(\"network\")\n .subnets(subnetId)\n .build());\n\n var testVpcLink = new VpcLink(\"testVpcLink\", VpcLinkArgs.builder()\n .name(name)\n .targetArn(test.arn())\n .build());\n\n var testRestApi = new RestApi(\"testRestApi\", RestApiArgs.builder()\n .name(name)\n .build());\n\n var testResource = new Resource(\"testResource\", ResourceArgs.builder()\n .restApi(testRestApi.id())\n .parentId(testRestApi.rootResourceId())\n .pathPart(\"test\")\n .build());\n\n var testMethod = new Method(\"testMethod\", MethodArgs.builder()\n .restApi(testRestApi.id())\n .resourceId(testResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .requestModels(Map.of(\"application/json\", \"Error\"))\n .build());\n\n var testIntegration = new Integration(\"testIntegration\", IntegrationArgs.builder()\n .restApi(testRestApi.id())\n .resourceId(testResource.id())\n .httpMethod(testMethod.httpMethod())\n .requestTemplates(Map.ofEntries(\n Map.entry(\"application/json\", \"\"),\n Map.entry(\"application/xml\", \"\"\"\n#set($inputRoot = $input.path('$'))\n{ } \"\"\")\n ))\n .requestParameters(Map.ofEntries(\n Map.entry(\"integration.request.header.X-Authorization\", \"'static'\"),\n Map.entry(\"integration.request.header.X-Foo\", \"'Bar'\")\n ))\n .type(\"HTTP\")\n .uri(\"https://www.google.de\")\n .integrationHttpMethod(\"GET\")\n .passthroughBehavior(\"WHEN_NO_MATCH\")\n .contentHandling(\"CONVERT_TO_TEXT\")\n .connectionType(\"VPC_LINK\")\n .connectionId(testVpcLink.id())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n name:\n type: dynamic\n subnetId:\n type: dynamic\nresources:\n test:\n type: aws:lb:LoadBalancer\n properties:\n name: ${name}\n internal: true\n loadBalancerType: network\n subnets:\n - ${subnetId}\n testVpcLink:\n type: aws:apigateway:VpcLink\n name: test\n properties:\n name: ${name}\n targetArn: ${test.arn}\n testRestApi:\n type: aws:apigateway:RestApi\n name: test\n properties:\n name: ${name}\n testResource:\n type: aws:apigateway:Resource\n name: test\n properties:\n restApi: ${testRestApi.id}\n parentId: ${testRestApi.rootResourceId}\n pathPart: test\n testMethod:\n type: aws:apigateway:Method\n name: test\n properties:\n restApi: ${testRestApi.id}\n resourceId: ${testResource.id}\n httpMethod: GET\n authorization: NONE\n requestModels:\n application/json: Error\n testIntegration:\n type: aws:apigateway:Integration\n name: test\n properties:\n restApi: ${testRestApi.id}\n resourceId: ${testResource.id}\n httpMethod: ${testMethod.httpMethod}\n requestTemplates:\n application/json:\n application/xml: |-\n #set($inputRoot = $input.path('$'))\n { }\n requestParameters:\n integration.request.header.X-Authorization: '''static'''\n integration.request.header.X-Foo: '''Bar'''\n type: HTTP\n uri: https://www.google.de\n integrationHttpMethod: GET\n passthroughBehavior: WHEN_NO_MATCH\n contentHandling: CONVERT_TO_TEXT\n connectionType: VPC_LINK\n connectionId: ${testVpcLink.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_integration` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD`. For example:\n\n```sh\n$ pulumi import aws:apigateway/integration:Integration example 12345abcde/67890fghij/GET\n```\n", "properties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "List of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "Integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "ID of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "Integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "Credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n" }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n" }, "integrationHttpMethod": { "type": "string", "description": "Integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g., Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n" }, "passthroughBehavior": { "type": "string", "description": "Integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "API resource ID.\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 300,000 milliseconds. The default value is 29,000 milliseconds. You need to raise a [Service Quota Ticket](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) to increase time beyond 29,000 milliseconds.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigateway/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration. See below.\n" }, "type": { "type": "string", "description": "Integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n" }, "uri": { "type": "string", "description": "Input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g., `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "required": [ "cacheNamespace", "httpMethod", "passthroughBehavior", "resourceId", "restApi", "type" ], "inputProperties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "List of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "Integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "ID of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "Integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "Credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n", "willReplaceOnChanges": true }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n", "willReplaceOnChanges": true }, "integrationHttpMethod": { "type": "string", "description": "Integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g., Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n", "willReplaceOnChanges": true }, "passthroughBehavior": { "type": "string", "description": "Integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n", "willReplaceOnChanges": true }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "API resource ID.\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API.\n", "willReplaceOnChanges": true }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 300,000 milliseconds. The default value is 29,000 milliseconds. You need to raise a [Service Quota Ticket](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) to increase time beyond 29,000 milliseconds.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigateway/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration. See below.\n" }, "type": { "type": "string", "description": "Integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n", "willReplaceOnChanges": true }, "uri": { "type": "string", "description": "Input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g., `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Integration resources.\n", "properties": { "cacheKeyParameters": { "type": "array", "items": { "type": "string" }, "description": "List of cache key parameters for the integration.\n" }, "cacheNamespace": { "type": "string", "description": "Integration's cache namespace.\n" }, "connectionId": { "type": "string", "description": "ID of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK`\n" }, "connectionType": { "type": "string", "description": "Integration input's [connectionType](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/#connectionType). Valid values are `INTERNET` (default for connections through the public routable internet), and `VPC_LINK` (for private connections between API Gateway and a network load balancer in a VPC).\n" }, "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the passthroughBehaviors is configured to support payload pass-through.\n" }, "credentials": { "type": "string", "description": "Credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*`.\n", "willReplaceOnChanges": true }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTION`, `ANY`)\nwhen calling the associated resource.\n", "willReplaceOnChanges": true }, "integrationHttpMethod": { "type": "string", "description": "Integration HTTP method\n(`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONs`, `ANY`, `PATCH`) specifying how API Gateway will interact with the back end.\n**Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nNot all methods are compatible with all `AWS` integrations.\ne.g., Lambda function [can only be invoked](https://github.com/awslabs/aws-apigateway-importer/issues/9#issuecomment-129651005) via `POST`.\n", "willReplaceOnChanges": true }, "passthroughBehavior": { "type": "string", "description": "Integration passthrough behavior (`WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`). **Required** if `request_templates` is used.\n", "willReplaceOnChanges": true }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of request query string parameters and headers that should be passed to the backend responder.\nFor example: `request_parameters = { \"integration.request.header.X-Some-Other-Header\" = \"method.request.header.X-Some-Header\" }`\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the integration's request templates.\n" }, "resourceId": { "type": "string", "description": "API resource ID.\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API.\n", "willReplaceOnChanges": true }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 300,000 milliseconds. The default value is 29,000 milliseconds. You need to raise a [Service Quota Ticket](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) to increase time beyond 29,000 milliseconds.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigateway/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration. See below.\n" }, "type": { "type": "string", "description": "Integration input's [type](https://docs.aws.amazon.com/apigateway/api-reference/resource/integration/). Valid values are `HTTP` (for HTTP backends), `MOCK` (not calling any real backend), `AWS` (for AWS services), `AWS_PROXY` (for Lambda proxy integration) and `HTTP_PROXY` (for HTTP proxy integration). An `HTTP` or `HTTP_PROXY` integration with a `connection_type` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.\n", "willReplaceOnChanges": true }, "uri": { "type": "string", "description": "Input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`.\nFor HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint.\ne.g., `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation.\n" } }, "type": "object" } }, "aws:apigateway/integrationResponse:IntegrationResponse": { "description": "Provides an HTTP Method Integration Response for an API Gateway Resource.\n\n\u003e **Note:** Depends on having `aws.apigateway.Integration` inside your rest api. To ensure this\nyou might need to add an explicit `depends_on` for clean runs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n});\nconst myDemoIntegrationResponse = new aws.apigateway.IntegrationResponse(\"MyDemoIntegrationResponse\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: response200.statusCode,\n responseTemplates: {\n \"application/xml\": `#set(inputRoot = input.path(''))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n inputRoot.body\n\u003c/message\u003e\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\")\nmy_demo_integration_response = aws.apigateway.IntegrationResponse(\"MyDemoIntegrationResponse\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=response200.status_code,\n response_templates={\n \"application/xml\": \"\"\"#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n\"\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n });\n\n var myDemoIntegrationResponse = new Aws.ApiGateway.IntegrationResponse(\"MyDemoIntegrationResponse\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = response200.StatusCode,\n ResponseTemplates = \n {\n { \"application/xml\", @\"#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"\"1.0\"\" encoding=\"\"UTF-8\"\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tresponse200, err := apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegrationResponse(ctx, \"MyDemoIntegrationResponse\", \u0026apigateway.IntegrationResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: response200.StatusCode,\n\t\t\tResponseTemplates: pulumi.StringMap{\n\t\t\t\t\"application/xml\": pulumi.String(`#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n`),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport com.pulumi.aws.apigateway.IntegrationResponse;\nimport com.pulumi.aws.apigateway.IntegrationResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .build());\n\n var myDemoIntegrationResponse = new IntegrationResponse(\"myDemoIntegrationResponse\", IntegrationResponseArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(response200.statusCode())\n .responseTemplates(Map.of(\"application/xml\", \"\"\"\n#set($inputRoot = $input.path('$'))\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003cmessage\u003e\n $inputRoot.body\n\u003c/message\u003e\n \"\"\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n myDemoIntegrationResponse:\n type: aws:apigateway:IntegrationResponse\n name: MyDemoIntegrationResponse\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: ${response200.statusCode}\n responseTemplates:\n application/xml: |\n #set($inputRoot = $input.path('$'))\n \u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n \u003cmessage\u003e\n $inputRoot.body\n \u003c/message\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_integration_response` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD/STATUS-CODE`. For example:\n\n```sh\n$ pulumi import aws:apigateway/integrationResponse:IntegrationResponse example 12345abcde/67890fghij/GET/200\n```\n", "properties": { "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n" }, "resourceId": { "type": "string", "description": "API resource ID.\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of response parameters that can be read from the backend response. For example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the integration response body.\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API.\n" }, "selectionPattern": { "type": "string", "description": "Regular expression pattern used to choose an integration response based on the response from the backend. Omit configuring this to make the integration the default one. If the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched. For all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "HTTP status code.\n\nThe following arguments are optional:\n" } }, "required": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "inputProperties": { "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "API resource ID.\n", "willReplaceOnChanges": true }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of response parameters that can be read from the backend response. For example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the integration response body.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API.\n", "willReplaceOnChanges": true }, "selectionPattern": { "type": "string", "description": "Regular expression pattern used to choose an integration response based on the response from the backend. Omit configuring this to make the integration the default one. If the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched. For all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "HTTP status code.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering IntegrationResponse resources.\n", "properties": { "contentHandling": { "type": "string", "description": "How to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT`. If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.\n" }, "httpMethod": { "type": "string", "description": "HTTP method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "API resource ID.\n", "willReplaceOnChanges": true }, "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of response parameters that can be read from the backend response. For example: `response_parameters = { \"method.response.header.X-Some-Header\" = \"integration.response.header.X-Some-Other-Header\" }`.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the integration response body.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API.\n", "willReplaceOnChanges": true }, "selectionPattern": { "type": "string", "description": "Regular expression pattern used to choose an integration response based on the response from the backend. Omit configuring this to make the integration the default one. If the backend is an `AWS` Lambda function, the AWS Lambda function error header is matched. For all other `HTTP` and `AWS` backends, the HTTP status code is matched.\n" }, "statusCode": { "type": "string", "description": "HTTP status code.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:apigateway/method:Method": { "description": "Provides a HTTP Method for an API Gateway Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Usage with Cognito User Pool Authorizer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst cognitoUserPoolName = config.requireObject(\"cognitoUserPoolName\");\nconst this = aws.cognito.getUserPools({\n name: cognitoUserPoolName,\n});\nconst thisRestApi = new aws.apigateway.RestApi(\"this\", {name: \"with-authorizer\"});\nconst thisResource = new aws.apigateway.Resource(\"this\", {\n restApi: thisRestApi.id,\n parentId: thisRestApi.rootResourceId,\n pathPart: \"{proxy+}\",\n});\nconst thisAuthorizer = new aws.apigateway.Authorizer(\"this\", {\n name: \"CognitoUserPoolAuthorizer\",\n type: \"COGNITO_USER_POOLS\",\n restApi: thisRestApi.id,\n providerArns: _this.then(_this =\u003e _this.arns),\n});\nconst any = new aws.apigateway.Method(\"any\", {\n restApi: thisRestApi.id,\n resourceId: thisResource.id,\n httpMethod: \"ANY\",\n authorization: \"COGNITO_USER_POOLS\",\n authorizerId: thisAuthorizer.id,\n requestParameters: {\n \"method.request.path.proxy\": true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncognito_user_pool_name = config.require_object(\"cognitoUserPoolName\")\nthis = aws.cognito.get_user_pools(name=cognito_user_pool_name)\nthis_rest_api = aws.apigateway.RestApi(\"this\", name=\"with-authorizer\")\nthis_resource = aws.apigateway.Resource(\"this\",\n rest_api=this_rest_api.id,\n parent_id=this_rest_api.root_resource_id,\n path_part=\"{proxy+}\")\nthis_authorizer = aws.apigateway.Authorizer(\"this\",\n name=\"CognitoUserPoolAuthorizer\",\n type=\"COGNITO_USER_POOLS\",\n rest_api=this_rest_api.id,\n provider_arns=this.arns)\nany = aws.apigateway.Method(\"any\",\n rest_api=this_rest_api.id,\n resource_id=this_resource.id,\n http_method=\"ANY\",\n authorization=\"COGNITO_USER_POOLS\",\n authorizer_id=this_authorizer.id,\n request_parameters={\n \"method.request.path.proxy\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var cognitoUserPoolName = config.RequireObject\u003cdynamic\u003e(\"cognitoUserPoolName\");\n var @this = Aws.Cognito.GetUserPools.Invoke(new()\n {\n Name = cognitoUserPoolName,\n });\n\n var thisRestApi = new Aws.ApiGateway.RestApi(\"this\", new()\n {\n Name = \"with-authorizer\",\n });\n\n var thisResource = new Aws.ApiGateway.Resource(\"this\", new()\n {\n RestApi = thisRestApi.Id,\n ParentId = thisRestApi.RootResourceId,\n PathPart = \"{proxy+}\",\n });\n\n var thisAuthorizer = new Aws.ApiGateway.Authorizer(\"this\", new()\n {\n Name = \"CognitoUserPoolAuthorizer\",\n Type = \"COGNITO_USER_POOLS\",\n RestApi = thisRestApi.Id,\n ProviderArns = @this.Apply(@this =\u003e @this.Apply(getUserPoolsResult =\u003e getUserPoolsResult.Arns)),\n });\n\n var any = new Aws.ApiGateway.Method(\"any\", new()\n {\n RestApi = thisRestApi.Id,\n ResourceId = thisResource.Id,\n HttpMethod = \"ANY\",\n Authorization = \"COGNITO_USER_POOLS\",\n AuthorizerId = thisAuthorizer.Id,\n RequestParameters = \n {\n { \"method.request.path.proxy\", true },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tcognitoUserPoolName := cfg.RequireObject(\"cognitoUserPoolName\")\n\t\tthis, err := cognito.GetUserPools(ctx, \u0026cognito.GetUserPoolsArgs{\n\t\t\tName: cognitoUserPoolName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisRestApi, err := apigateway.NewRestApi(ctx, \"this\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"with-authorizer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisResource, err := apigateway.NewResource(ctx, \"this\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t\tParentId: thisRestApi.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"{proxy+}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthisAuthorizer, err := apigateway.NewAuthorizer(ctx, \"this\", \u0026apigateway.AuthorizerArgs{\n\t\t\tName: pulumi.String(\"CognitoUserPoolAuthorizer\"),\n\t\t\tType: pulumi.String(\"COGNITO_USER_POOLS\"),\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t\tProviderArns: interface{}(this.Arns),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethod(ctx, \"any\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: thisRestApi.ID(),\n\t\t\tResourceId: thisResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"ANY\"),\n\t\t\tAuthorization: pulumi.String(\"COGNITO_USER_POOLS\"),\n\t\t\tAuthorizerId: thisAuthorizer.ID(),\n\t\t\tRequestParameters: pulumi.BoolMap{\n\t\t\t\t\"method.request.path.proxy\": pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolsArgs;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Authorizer;\nimport com.pulumi.aws.apigateway.AuthorizerArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var cognitoUserPoolName = config.get(\"cognitoUserPoolName\");\n final var this = CognitoFunctions.getUserPools(GetUserPoolsArgs.builder()\n .name(cognitoUserPoolName)\n .build());\n\n var thisRestApi = new RestApi(\"thisRestApi\", RestApiArgs.builder()\n .name(\"with-authorizer\")\n .build());\n\n var thisResource = new Resource(\"thisResource\", ResourceArgs.builder()\n .restApi(thisRestApi.id())\n .parentId(thisRestApi.rootResourceId())\n .pathPart(\"{proxy+}\")\n .build());\n\n var thisAuthorizer = new Authorizer(\"thisAuthorizer\", AuthorizerArgs.builder()\n .name(\"CognitoUserPoolAuthorizer\")\n .type(\"COGNITO_USER_POOLS\")\n .restApi(thisRestApi.id())\n .providerArns(this_.arns())\n .build());\n\n var any = new Method(\"any\", MethodArgs.builder()\n .restApi(thisRestApi.id())\n .resourceId(thisResource.id())\n .httpMethod(\"ANY\")\n .authorization(\"COGNITO_USER_POOLS\")\n .authorizerId(thisAuthorizer.id())\n .requestParameters(Map.of(\"method.request.path.proxy\", true))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n cognitoUserPoolName:\n type: dynamic\nresources:\n thisRestApi:\n type: aws:apigateway:RestApi\n name: this\n properties:\n name: with-authorizer\n thisResource:\n type: aws:apigateway:Resource\n name: this\n properties:\n restApi: ${thisRestApi.id}\n parentId: ${thisRestApi.rootResourceId}\n pathPart: '{proxy+}'\n thisAuthorizer:\n type: aws:apigateway:Authorizer\n name: this\n properties:\n name: CognitoUserPoolAuthorizer\n type: COGNITO_USER_POOLS\n restApi: ${thisRestApi.id}\n providerArns: ${this.arns}\n any:\n type: aws:apigateway:Method\n properties:\n restApi: ${thisRestApi.id}\n resourceId: ${thisResource.id}\n httpMethod: ANY\n authorization: COGNITO_USER_POOLS\n authorizerId: ${thisAuthorizer.id}\n requestParameters:\n method.request.path.proxy: true\nvariables:\n this:\n fn::invoke:\n Function: aws:cognito:getUserPools\n Arguments:\n name: ${cognitoUserPoolName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_method` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD`. For example:\n\n```sh\n$ pulumi import aws:apigateway/method:Method example 12345abcde/67890fghij/GET\n```\n", "properties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "Type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "Authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n" }, "operationName": { "type": "string", "description": "Function name that will be given to the method when generating an SDK through API Gateway. If omitted, API Gateway will generate a function name based on the resource path and HTTP verb.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the API models used for the request's content type\nwhere key is the content type (e.g., `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "API resource ID\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API\n" } }, "required": [ "authorization", "httpMethod", "resourceId", "restApi" ], "inputProperties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "Type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "Authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n", "willReplaceOnChanges": true }, "operationName": { "type": "string", "description": "Function name that will be given to the method when generating an SDK through API Gateway. If omitted, API Gateway will generate a function name based on the resource path and HTTP verb.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the API models used for the request's content type\nwhere key is the content type (e.g., `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "API resource ID\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authorization", "httpMethod", "resourceId", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Method resources.\n", "properties": { "apiKeyRequired": { "type": "boolean", "description": "Specify if the method requires an API key\n" }, "authorization": { "type": "string", "description": "Type of authorization used for the method (`NONE`, `CUSTOM`, `AWS_IAM`, `COGNITO_USER_POOLS`)\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes used when the authorization is `COGNITO_USER_POOLS`\n" }, "authorizerId": { "type": "string", "description": "Authorizer id to be used when the authorization is `CUSTOM` or `COGNITO_USER_POOLS`\n" }, "httpMethod": { "type": "string", "description": "HTTP Method (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`)\n", "willReplaceOnChanges": true }, "operationName": { "type": "string", "description": "Function name that will be given to the method when generating an SDK through API Gateway. If omitted, API Gateway will generate a function name based on the resource path and HTTP verb.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of the API models used for the request's content type\nwhere key is the content type (e.g., `application/json`)\nand value is either `Error`, `Empty` (built-in models) or `aws.apigateway.Model`'s `name`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map of request parameters (from the path, query string and headers) that should be passed to the integration. The boolean value indicates whether the parameter is required (`true`) or optional (`false`).\nFor example: `request_parameters = {\"method.request.header.X-Some-Header\" = true \"method.request.querystring.some-query-param\" = true}` would define that the header `X-Some-Header` and the query string `some-query-param` must be provided in the request.\n" }, "requestValidatorId": { "type": "string", "description": "ID of a `aws.apigateway.RequestValidator`\n" }, "resourceId": { "type": "string", "description": "API resource ID\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/methodResponse:MethodResponse": { "description": "Provides an HTTP Method Response for an API Gateway Resource. More information about API Gateway method responses can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-settings-method-response.html).\n\n## Example Usage\n\n### Basic Response\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Response with Custom Header and Model\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst myDemoResponseModel = new aws.apigateway.Model(\"MyDemoResponseModel\", {\n restApi: myDemoAPI.id,\n name: \"MyDemoResponseModel\",\n description: \"API response for MyDemoMethod\",\n contentType: \"application/json\",\n schema: JSON.stringify({\n $schema: \"http://json-schema.org/draft-04/schema#\",\n title: \"MyDemoResponse\",\n type: \"object\",\n properties: {\n Message: {\n type: \"string\",\n },\n },\n }),\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n responseModels: {\n \"application/json\": \"MyDemoResponseModel\",\n },\n responseParameters: {\n \"method.response.header.Content-Type\": false,\n \"method-response-header.X-My-Demo-Header\": false,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nmy_demo_response_model = aws.apigateway.Model(\"MyDemoResponseModel\",\n rest_api=my_demo_api.id,\n name=\"MyDemoResponseModel\",\n description=\"API response for MyDemoMethod\",\n content_type=\"application/json\",\n schema=json.dumps({\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"MyDemoResponse\",\n \"type\": \"object\",\n \"properties\": {\n \"Message\": {\n \"type\": \"string\",\n },\n },\n }))\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\",\n response_models={\n \"application/json\": \"MyDemoResponseModel\",\n },\n response_parameters={\n \"method.response.header.Content-Type\": False,\n \"method-response-header.X-My-Demo-Header\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var myDemoResponseModel = new Aws.ApiGateway.Model(\"MyDemoResponseModel\", new()\n {\n RestApi = myDemoAPI.Id,\n Name = \"MyDemoResponseModel\",\n Description = \"API response for MyDemoMethod\",\n ContentType = \"application/json\",\n Schema = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"$schema\"] = \"http://json-schema.org/draft-04/schema#\",\n [\"title\"] = \"MyDemoResponse\",\n [\"type\"] = \"object\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Message\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n },\n },\n }),\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n ResponseModels = \n {\n { \"application/json\", \"MyDemoResponseModel\" },\n },\n ResponseParameters = \n {\n { \"method.response.header.Content-Type\", false },\n { \"method-response-header.X-My-Demo-Header\", false },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"$schema\": \"http://json-schema.org/draft-04/schema#\",\n\t\t\t\"title\": \"MyDemoResponse\",\n\t\t\t\"type\": \"object\",\n\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\"Message\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = apigateway.NewModel(ctx, \"MyDemoResponseModel\", \u0026apigateway.ModelArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tName: pulumi.String(\"MyDemoResponseModel\"),\n\t\t\tDescription: pulumi.String(\"API response for MyDemoMethod\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tSchema: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\tResponseModels: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"MyDemoResponseModel\"),\n\t\t\t},\n\t\t\tResponseParameters: pulumi.BoolMap{\n\t\t\t\t\"method.response.header.Content-Type\": pulumi.Bool(false),\n\t\t\t\t\"method-response-header.X-My-Demo-Header\": pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.Model;\nimport com.pulumi.aws.apigateway.ModelArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var myDemoResponseModel = new Model(\"myDemoResponseModel\", ModelArgs.builder()\n .restApi(myDemoAPI.id())\n .name(\"MyDemoResponseModel\")\n .description(\"API response for MyDemoMethod\")\n .contentType(\"application/json\")\n .schema(serializeJson(\n jsonObject(\n jsonProperty(\"$schema\", \"http://json-schema.org/draft-04/schema#\"),\n jsonProperty(\"title\", \"MyDemoResponse\"),\n jsonProperty(\"type\", \"object\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"Message\", jsonObject(\n jsonProperty(\"type\", \"string\")\n ))\n ))\n )))\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder()\n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .responseModels(Map.of(\"application/json\", \"MyDemoResponseModel\"))\n .responseParameters(Map.ofEntries(\n Map.entry(\"method.response.header.Content-Type\", false),\n Map.entry(\"method-response-header.X-My-Demo-Header\", false)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n myDemoResponseModel:\n type: aws:apigateway:Model\n name: MyDemoResponseModel\n properties:\n restApi: ${myDemoAPI.id}\n name: MyDemoResponseModel\n description: API response for MyDemoMethod\n contentType: application/json\n schema:\n fn::toJSON:\n $schema: http://json-schema.org/draft-04/schema#\n title: MyDemoResponse\n type: object\n properties:\n Message:\n type: string\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n responseModels:\n application/json: MyDemoResponseModel\n responseParameters:\n method.response.header.Content-Type: false\n method-response-header.X-My-Demo-Header: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_method_response` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD/STATUS-CODE`. For example:\n\n```sh\n$ pulumi import aws:apigateway/methodResponse:MethodResponse example 12345abcde/67890fghij/GET/200\n```\n", "properties": { "httpMethod": { "type": "string", "description": "The HTTP verb of the method resource (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n" }, "resourceId": { "type": "string", "description": "The Resource identifier for the method resource.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the model resources used for the response's content type. Response models are represented as a key/value map, with a content type as the key and a Model name as the value.\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header name and the associated value is a boolean flag indicating whether the method response parameter is required. The method response header names must match the pattern of `method.response.header.{name}`, where `name` is a valid and unique header name.\n\nThe response parameter names defined here are available in the integration response to be mapped from an integration response header expressed in `integration.response.header.{name}`, a static value enclosed within a pair of single quotes (e.g., '`application/json'`), or a JSON expression from the back-end response payload in the form of `integration.response.body.{JSON-expression}`, where `JSON-expression` is a valid JSON expression without the `$` prefix.)\n" }, "restApi": { "type": "string", "description": "The string identifier of the associated REST API.\n" }, "statusCode": { "type": "string", "description": "The method response's status code.\n" } }, "required": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "inputProperties": { "httpMethod": { "type": "string", "description": "The HTTP verb of the method resource (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The Resource identifier for the method resource.\n", "willReplaceOnChanges": true }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the model resources used for the response's content type. Response models are represented as a key/value map, with a content type as the key and a Model name as the value.\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header name and the associated value is a boolean flag indicating whether the method response parameter is required. The method response header names must match the pattern of `method.response.header.{name}`, where `name` is a valid and unique header name.\n\nThe response parameter names defined here are available in the integration response to be mapped from an integration response header expressed in `integration.response.header.{name}`, a static value enclosed within a pair of single quotes (e.g., '`application/json'`), or a JSON expression from the back-end response payload in the form of `integration.response.body.{JSON-expression}`, where `JSON-expression` is a valid JSON expression without the `$` prefix.)\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The string identifier of the associated REST API.\n", "willReplaceOnChanges": true }, "statusCode": { "type": "string", "description": "The method response's status code.\n" } }, "requiredInputs": [ "httpMethod", "resourceId", "restApi", "statusCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering MethodResponse resources.\n", "properties": { "httpMethod": { "type": "string", "description": "The HTTP verb of the method resource (`GET`, `POST`, `PUT`, `DELETE`, `HEAD`, `OPTIONS`, `ANY`).\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The Resource identifier for the method resource.\n", "willReplaceOnChanges": true }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map specifying the model resources used for the response's content type. Response models are represented as a key/value map, with a content type as the key and a Model name as the value.\n" }, "responseParameters": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header name and the associated value is a boolean flag indicating whether the method response parameter is required. The method response header names must match the pattern of `method.response.header.{name}`, where `name` is a valid and unique header name.\n\nThe response parameter names defined here are available in the integration response to be mapped from an integration response header expressed in `integration.response.header.{name}`, a static value enclosed within a pair of single quotes (e.g., '`application/json'`), or a JSON expression from the back-end response payload in the form of `integration.response.body.{JSON-expression}`, where `JSON-expression` is a valid JSON expression without the `$` prefix.)\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "The string identifier of the associated REST API.\n", "willReplaceOnChanges": true }, "statusCode": { "type": "string", "description": "The method response's status code.\n" } }, "type": "object" } }, "aws:apigateway/methodSettings:MethodSettings": { "description": "Manages API Gateway Stage Method Settings. For example, CloudWatch logging and metrics.\n\n\u003e **NOTE:** We recommend using this resource in conjunction with the `aws.apigateway.Stage` resource instead of a stage managed by the `aws.apigateway.Deployment` resource optional `stage_name` argument. Stages managed by the `aws.apigateway.Deployment` resource are recreated on redeployment and this resource will require a second apply to recreate the method settings.\n\n## Example Usage\n\n### End-to-end\n\n\n### Off\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pathSpecific = new aws.apigateway.MethodSettings(\"path_specific\", {\n restApi: example.id,\n stageName: exampleAwsApiGatewayStage.stageName,\n methodPath: \"path1/GET\",\n settings: {\n loggingLevel: \"OFF\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npath_specific = aws.apigateway.MethodSettings(\"path_specific\",\n rest_api=example[\"id\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n method_path=\"path1/GET\",\n settings={\n \"logging_level\": \"OFF\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pathSpecific = new Aws.ApiGateway.MethodSettings(\"path_specific\", new()\n {\n RestApi = example.Id,\n StageName = exampleAwsApiGatewayStage.StageName,\n MethodPath = \"path1/GET\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"OFF\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewMethodSettings(ctx, \"path_specific\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: pulumi.Any(example.Id),\n\t\t\tStageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),\n\t\t\tMethodPath: pulumi.String(\"path1/GET\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pathSpecific = new MethodSettings(\"pathSpecific\", MethodSettingsArgs.builder()\n .restApi(example.id())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .methodPath(\"path1/GET\")\n .settings(MethodSettingsSettingsArgs.builder()\n .loggingLevel(\"OFF\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pathSpecific:\n type: aws:apigateway:MethodSettings\n name: path_specific\n properties:\n restApi: ${example.id}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n methodPath: path1/GET\n settings:\n loggingLevel: OFF\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Errors Only\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pathSpecific = new aws.apigateway.MethodSettings(\"path_specific\", {\n restApi: example.id,\n stageName: exampleAwsApiGatewayStage.stageName,\n methodPath: \"path1/GET\",\n settings: {\n loggingLevel: \"ERROR\",\n metricsEnabled: true,\n dataTraceEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npath_specific = aws.apigateway.MethodSettings(\"path_specific\",\n rest_api=example[\"id\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n method_path=\"path1/GET\",\n settings={\n \"logging_level\": \"ERROR\",\n \"metrics_enabled\": True,\n \"data_trace_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pathSpecific = new Aws.ApiGateway.MethodSettings(\"path_specific\", new()\n {\n RestApi = example.Id,\n StageName = exampleAwsApiGatewayStage.StageName,\n MethodPath = \"path1/GET\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"ERROR\",\n MetricsEnabled = true,\n DataTraceEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewMethodSettings(ctx, \"path_specific\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: pulumi.Any(example.Id),\n\t\t\tStageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),\n\t\t\tMethodPath: pulumi.String(\"path1/GET\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"ERROR\"),\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tDataTraceEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pathSpecific = new MethodSettings(\"pathSpecific\", MethodSettingsArgs.builder()\n .restApi(example.id())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .methodPath(\"path1/GET\")\n .settings(MethodSettingsSettingsArgs.builder()\n .loggingLevel(\"ERROR\")\n .metricsEnabled(true)\n .dataTraceEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pathSpecific:\n type: aws:apigateway:MethodSettings\n name: path_specific\n properties:\n restApi: ${example.id}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n methodPath: path1/GET\n settings:\n loggingLevel: ERROR\n metricsEnabled: true\n dataTraceEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Errors and Info Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pathSpecific = new aws.apigateway.MethodSettings(\"path_specific\", {\n restApi: example.id,\n stageName: exampleAwsApiGatewayStage.stageName,\n methodPath: \"path1/GET\",\n settings: {\n loggingLevel: \"INFO\",\n metricsEnabled: true,\n dataTraceEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npath_specific = aws.apigateway.MethodSettings(\"path_specific\",\n rest_api=example[\"id\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n method_path=\"path1/GET\",\n settings={\n \"logging_level\": \"INFO\",\n \"metrics_enabled\": True,\n \"data_trace_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pathSpecific = new Aws.ApiGateway.MethodSettings(\"path_specific\", new()\n {\n RestApi = example.Id,\n StageName = exampleAwsApiGatewayStage.StageName,\n MethodPath = \"path1/GET\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"INFO\",\n MetricsEnabled = true,\n DataTraceEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewMethodSettings(ctx, \"path_specific\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: pulumi.Any(example.Id),\n\t\t\tStageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),\n\t\t\tMethodPath: pulumi.String(\"path1/GET\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tDataTraceEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pathSpecific = new MethodSettings(\"pathSpecific\", MethodSettingsArgs.builder()\n .restApi(example.id())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .methodPath(\"path1/GET\")\n .settings(MethodSettingsSettingsArgs.builder()\n .loggingLevel(\"INFO\")\n .metricsEnabled(true)\n .dataTraceEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pathSpecific:\n type: aws:apigateway:MethodSettings\n name: path_specific\n properties:\n restApi: ${example.id}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n methodPath: path1/GET\n settings:\n loggingLevel: INFO\n metricsEnabled: true\n dataTraceEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Full Request and Response Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pathSpecific = new aws.apigateway.MethodSettings(\"path_specific\", {\n restApi: example.id,\n stageName: exampleAwsApiGatewayStage.stageName,\n methodPath: \"path1/GET\",\n settings: {\n loggingLevel: \"INFO\",\n metricsEnabled: true,\n dataTraceEnabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npath_specific = aws.apigateway.MethodSettings(\"path_specific\",\n rest_api=example[\"id\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n method_path=\"path1/GET\",\n settings={\n \"logging_level\": \"INFO\",\n \"metrics_enabled\": True,\n \"data_trace_enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pathSpecific = new Aws.ApiGateway.MethodSettings(\"path_specific\", new()\n {\n RestApi = example.Id,\n StageName = exampleAwsApiGatewayStage.StageName,\n MethodPath = \"path1/GET\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n LoggingLevel = \"INFO\",\n MetricsEnabled = true,\n DataTraceEnabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewMethodSettings(ctx, \"path_specific\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: pulumi.Any(example.Id),\n\t\t\tStageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),\n\t\t\tMethodPath: pulumi.String(\"path1/GET\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tDataTraceEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pathSpecific = new MethodSettings(\"pathSpecific\", MethodSettingsArgs.builder()\n .restApi(example.id())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .methodPath(\"path1/GET\")\n .settings(MethodSettingsSettingsArgs.builder()\n .loggingLevel(\"INFO\")\n .metricsEnabled(true)\n .dataTraceEnabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pathSpecific:\n type: aws:apigateway:MethodSettings\n name: path_specific\n properties:\n restApi: ${example.id}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n methodPath: path1/GET\n settings:\n loggingLevel: INFO\n metricsEnabled: true\n dataTraceEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_method_settings` using `REST-API-ID/STAGE-NAME/METHOD-PATH`. For example:\n\n```sh\n$ pulumi import aws:apigateway/methodSettings:MethodSettings example 12345abcde/example/test/GET\n```\n", "properties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage. Ensure to trim any leading forward slashes in the path (e.g., `trimprefix(aws_api_gateway_resource.example.path, \"/\")`).\n" }, "restApi": { "type": "string", "description": "ID of the REST API\n" }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "Settings block, see below.\n" }, "stageName": { "type": "string", "description": "Name of the stage\n" } }, "required": [ "methodPath", "restApi", "settings", "stageName" ], "inputProperties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage. Ensure to trim any leading forward slashes in the path (e.g., `trimprefix(aws_api_gateway_resource.example.path, \"/\")`).\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the REST API\n", "willReplaceOnChanges": true }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "Settings block, see below.\n" }, "stageName": { "type": "string", "description": "Name of the stage\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "methodPath", "restApi", "settings", "stageName" ], "stateInputs": { "description": "Input properties used for looking up and filtering MethodSettings resources.\n", "properties": { "methodPath": { "type": "string", "description": "Method path defined as `{resource_path}/{http_method}` for an individual method override, or `*/*` for overriding all methods in the stage. Ensure to trim any leading forward slashes in the path (e.g., `trimprefix(aws_api_gateway_resource.example.path, \"/\")`).\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the REST API\n", "willReplaceOnChanges": true }, "settings": { "$ref": "#/types/aws:apigateway/MethodSettingsSettings:MethodSettingsSettings", "description": "Settings block, see below.\n" }, "stageName": { "type": "string", "description": "Name of the stage\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/model:Model": { "description": "Provides a Model for a REST API Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoModel = new aws.apigateway.Model(\"MyDemoModel\", {\n restApi: myDemoAPI.id,\n name: \"user\",\n description: \"a JSON schema\",\n contentType: \"application/json\",\n schema: JSON.stringify({\n type: \"object\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_model = aws.apigateway.Model(\"MyDemoModel\",\n rest_api=my_demo_api.id,\n name=\"user\",\n description=\"a JSON schema\",\n content_type=\"application/json\",\n schema=json.dumps({\n \"type\": \"object\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoModel = new Aws.ApiGateway.Model(\"MyDemoModel\", new()\n {\n RestApi = myDemoAPI.Id,\n Name = \"user\",\n Description = \"a JSON schema\",\n ContentType = \"application/json\",\n Schema = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"object\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"type\": \"object\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = apigateway.NewModel(ctx, \"MyDemoModel\", \u0026apigateway.ModelArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tName: pulumi.String(\"user\"),\n\t\t\tDescription: pulumi.String(\"a JSON schema\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tSchema: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Model;\nimport com.pulumi.aws.apigateway.ModelArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoModel = new Model(\"myDemoModel\", ModelArgs.builder()\n .restApi(myDemoAPI.id())\n .name(\"user\")\n .description(\"a JSON schema\")\n .contentType(\"application/json\")\n .schema(serializeJson(\n jsonObject(\n jsonProperty(\"type\", \"object\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoModel:\n type: aws:apigateway:Model\n name: MyDemoModel\n properties:\n restApi: ${myDemoAPI.id}\n name: user\n description: a JSON schema\n contentType: application/json\n schema:\n fn::toJSON:\n type: object\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_model` using `REST-API-ID/NAME`. For example:\n\n```sh\n$ pulumi import aws:apigateway/model:Model example 12345abcde/example\n```\n", "properties": { "contentType": { "type": "string", "description": "Content type of the model\n" }, "description": { "type": "string", "description": "Description of the model\n" }, "name": { "type": "string", "description": "Name of the model\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API\n" }, "schema": { "type": "string", "description": "Schema of the model in a JSON form\n" } }, "required": [ "contentType", "name", "restApi" ], "inputProperties": { "contentType": { "type": "string", "description": "Content type of the model\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the model\n" }, "name": { "type": "string", "description": "Name of the model\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "schema": { "type": "string", "description": "Schema of the model in a JSON form\n" } }, "requiredInputs": [ "contentType", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "contentType": { "type": "string", "description": "Content type of the model\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the model\n" }, "name": { "type": "string", "description": "Name of the model\n", "willReplaceOnChanges": true }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "schema": { "type": "string", "description": "Schema of the model in a JSON form\n" } }, "type": "object" } }, "aws:apigateway/requestValidator:RequestValidator": { "description": "Manages an API Gateway Request Validator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigateway.RequestValidator(\"example\", {\n name: \"example\",\n restApi: exampleAwsApiGatewayRestApi.id,\n validateRequestBody: true,\n validateRequestParameters: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.RequestValidator(\"example\",\n name=\"example\",\n rest_api=example_aws_api_gateway_rest_api[\"id\"],\n validate_request_body=True,\n validate_request_parameters=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.RequestValidator(\"example\", new()\n {\n Name = \"example\",\n RestApi = exampleAwsApiGatewayRestApi.Id,\n ValidateRequestBody = true,\n ValidateRequestParameters = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.NewRequestValidator(ctx, \"example\", \u0026apigateway.RequestValidatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRestApi: pulumi.Any(exampleAwsApiGatewayRestApi.Id),\n\t\t\tValidateRequestBody: pulumi.Bool(true),\n\t\t\tValidateRequestParameters: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RequestValidator;\nimport com.pulumi.aws.apigateway.RequestValidatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RequestValidator(\"example\", RequestValidatorArgs.builder()\n .name(\"example\")\n .restApi(exampleAwsApiGatewayRestApi.id())\n .validateRequestBody(true)\n .validateRequestParameters(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:RequestValidator\n properties:\n name: example\n restApi: ${exampleAwsApiGatewayRestApi.id}\n validateRequestBody: true\n validateRequestParameters: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_request_validator` using `REST-API-ID/REQUEST-VALIDATOR-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/requestValidator:RequestValidator example 12345abcde/67890fghij\n```\n", "properties": { "name": { "type": "string", "description": "Name of the request validator\n" }, "restApi": { "type": "string", "description": "ID of the associated Rest API\n" }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "required": [ "name", "restApi" ], "inputProperties": { "name": { "type": "string", "description": "Name of the request validator\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "requiredInputs": [ "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering RequestValidator resources.\n", "properties": { "name": { "type": "string", "description": "Name of the request validator\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated Rest API\n", "willReplaceOnChanges": true }, "validateRequestBody": { "type": "boolean", "description": "Boolean whether to validate request body. Defaults to `false`.\n" }, "validateRequestParameters": { "type": "boolean", "description": "Boolean whether to validate request parameters. Defaults to `false`.\n" } }, "type": "object" } }, "aws:apigateway/resource:Resource": { "description": "Provides an API Gateway Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder()\n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_resource` using `REST-API-ID/RESOURCE-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/resource:Resource example 12345abcde/67890fghij\n```\n", "properties": { "parentId": { "type": "string", "description": "ID of the parent API resource\n" }, "path": { "type": "string", "description": "Complete path for this API resource, including all parent paths.\n" }, "pathPart": { "type": "string", "description": "Last path segment of this API resource.\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API\n" } }, "required": [ "parentId", "path", "pathPart", "restApi" ], "inputProperties": { "parentId": { "type": "string", "description": "ID of the parent API resource\n" }, "pathPart": { "type": "string", "description": "Last path segment of this API resource.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "parentId", "pathPart", "restApi" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resource resources.\n", "properties": { "parentId": { "type": "string", "description": "ID of the parent API resource\n" }, "path": { "type": "string", "description": "Complete path for this API resource, including all parent paths.\n" }, "pathPart": { "type": "string", "description": "Last path segment of this API resource.\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/response:Response": { "description": "Provides an API Gateway Gateway Response for a REST API Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.apigateway.RestApi(\"main\", {name: \"MyDemoAPI\"});\nconst test = new aws.apigateway.Response(\"test\", {\n restApiId: main.id,\n statusCode: \"401\",\n responseType: \"UNAUTHORIZED\",\n responseTemplates: {\n \"application/json\": \"{\\\"message\\\":$context.error.messageString}\",\n },\n responseParameters: {\n \"gatewayresponse.header.Authorization\": \"'Basic'\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.apigateway.RestApi(\"main\", name=\"MyDemoAPI\")\ntest = aws.apigateway.Response(\"test\",\n rest_api_id=main.id,\n status_code=\"401\",\n response_type=\"UNAUTHORIZED\",\n response_templates={\n \"application/json\": \"{\\\"message\\\":$context.error.messageString}\",\n },\n response_parameters={\n \"gatewayresponse.header.Authorization\": \"'Basic'\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.ApiGateway.RestApi(\"main\", new()\n {\n Name = \"MyDemoAPI\",\n });\n\n var test = new Aws.ApiGateway.Response(\"test\", new()\n {\n RestApiId = main.Id,\n StatusCode = \"401\",\n ResponseType = \"UNAUTHORIZED\",\n ResponseTemplates = \n {\n { \"application/json\", \"{\\\"message\\\":$context.error.messageString}\" },\n },\n ResponseParameters = \n {\n { \"gatewayresponse.header.Authorization\", \"'Basic'\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := apigateway.NewRestApi(ctx, \"main\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewResponse(ctx, \"test\", \u0026apigateway.ResponseArgs{\n\t\t\tRestApiId: main.ID(),\n\t\t\tStatusCode: pulumi.String(\"401\"),\n\t\t\tResponseType: pulumi.String(\"UNAUTHORIZED\"),\n\t\t\tResponseTemplates: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"{\\\"message\\\":$context.error.messageString}\"),\n\t\t\t},\n\t\t\tResponseParameters: pulumi.StringMap{\n\t\t\t\t\"gatewayresponse.header.Authorization\": pulumi.String(\"'Basic'\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Response;\nimport com.pulumi.aws.apigateway.ResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new RestApi(\"main\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .build());\n\n var test = new Response(\"test\", ResponseArgs.builder()\n .restApiId(main.id())\n .statusCode(\"401\")\n .responseType(\"UNAUTHORIZED\")\n .responseTemplates(Map.of(\"application/json\", \"{\\\"message\\\":$context.error.messageString}\"))\n .responseParameters(Map.of(\"gatewayresponse.header.Authorization\", \"'Basic'\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:apigateway:RestApi\n properties:\n name: MyDemoAPI\n test:\n type: aws:apigateway:Response\n properties:\n restApiId: ${main.id}\n statusCode: '401'\n responseType: UNAUTHORIZED\n responseTemplates:\n application/json: '{\"message\":$context.error.messageString}'\n responseParameters:\n gatewayresponse.header.Authorization: '''Basic'''\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_gateway_response` using `REST-API-ID/RESPONSE-TYPE`. For example:\n\n```sh\n$ pulumi import aws:apigateway/response:Response example 12345abcde/UNAUTHORIZED\n```\n", "properties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "Response type of the associated GatewayResponse.\n" }, "restApiId": { "type": "string", "description": "String identifier of the associated REST API.\n" }, "statusCode": { "type": "string", "description": "HTTP status code of the Gateway Response.\n" } }, "required": [ "responseType", "restApiId" ], "inputProperties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "Response type of the associated GatewayResponse.\n", "willReplaceOnChanges": true }, "restApiId": { "type": "string", "description": "String identifier of the associated REST API.\n", "willReplaceOnChanges": true }, "statusCode": { "type": "string", "description": "HTTP status code of the Gateway Response.\n" } }, "requiredInputs": [ "responseType", "restApiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Response resources.\n", "properties": { "responseParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of parameters (paths, query strings and headers) of the Gateway Response.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of templates used to transform the response body.\n" }, "responseType": { "type": "string", "description": "Response type of the associated GatewayResponse.\n", "willReplaceOnChanges": true }, "restApiId": { "type": "string", "description": "String identifier of the associated REST API.\n", "willReplaceOnChanges": true }, "statusCode": { "type": "string", "description": "HTTP status code of the Gateway Response.\n" } }, "type": "object" } }, "aws:apigateway/restApi:RestApi": { "description": "Manages an API Gateway REST API. The REST API can be configured via [importing an OpenAPI specification](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html) in the `body` argument (with other arguments serving as overrides) or via other provider resources to manage the resources (`aws.apigateway.Resource` resource), methods (`aws.apigateway.Method` resource), integrations (`aws.apigateway.Integration` resource), etc. of the REST API. Once the REST API is configured, the `aws.apigateway.Deployment` resource can be used along with the `aws.apigateway.Stage` resource to publish the REST API.\n\n\u003e **Note:** Amazon API Gateway Version 1 resources are used for creating and deploying REST APIs. To create and deploy WebSocket and HTTP APIs, use Amazon API Gateway Version 2 resources.\n\n!\u003e **WARN:** When importing Open API Specifications with the `body` argument, by default the API Gateway REST API will be replaced with the Open API Specification thus removing any existing methods, resources, integrations, or endpoints. Endpoint mutations are asynchronous operations, and race conditions with DNS are possible. To overcome this limitation, use the `put_rest_api_mode` attribute and set it to `merge`.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_rest_api` using the REST API ID. For example:\n\n```sh\n$ pulumi import aws:apigateway/restApi:RestApi example 12345abcde\n```\n~\u003e __NOTE:__ Resource import does not currently support the `body` attribute.\n\n", "properties": { "apiKeySource": { "type": "string", "description": "Source of the API key for requests. Valid values are `HEADER` (default) and `AUTHORIZER`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-api-key-source` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-api-key-source.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "List of binary media types supported by the REST API. By default, the REST API supports only UTF-8-encoded text payloads. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-binary-media-types` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-binary-media-types.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "body": { "type": "string", "description": "OpenAPI specification that defines the set of routes and integrations to create as part of the REST API. This configuration, and any updates to it, will replace all REST API configuration except values overridden in this resource configuration and other resource updates applied after this resource but before any `aws.apigateway.Deployment` creation. More information about REST API OpenAPI support can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "createdDate": { "type": "string", "description": "Creation date of the REST API\n" }, "description": { "type": "string", "description": "Description of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.description` field. If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint. Defaults to `false`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `disableExecuteApiEndpoint` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is `true` and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Configuration block defining API endpoint configuration including endpoint type. Defined below.\n" }, "executionArn": { "type": "string", "description": "Execution ARN part to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings while API Gateway is creating or updating the resource should return an error or not. Defaults to `false`\n" }, "minimumCompressionSize": { "type": "string", "description": "Minimum response size to compress for the REST API. String containing an integer value between `-1` and `10485760` (10MB). `-1` will disable an existing compression configuration, and all other values will enable compression with the configured size. New resources can simply omit this argument to disable compression, rather than setting the value to `-1`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-minimum-compression-size` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-openapi-minimum-compression-size.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "name": { "type": "string", "description": "Name of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.title` field. If the argument value is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of customizations for importing the specification in the `body` argument. For example, to exclude DocumentationParts from an imported API, set `ignore` equal to `documentation`. Additional documentation, including other parameters such as `basepath`, can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway. For more information about building AWS IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide. The provider will only perform drift detection of its value when present in a configuration. We recommend using the `aws.apigateway.RestApiPolicy` resource instead. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-policy` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/openapi-extensions-policy.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "putRestApiMode": { "type": "string", "description": "Mode of the PutRestApi operation when importing an OpenAPI specification via the `body` argument (create or update operation). Valid values are `merge` and `overwrite`. If unspecificed, defaults to `overwrite` (for backwards compatibility). This corresponds to the [`x-amazon-apigateway-put-integration-method` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-put-integration-method.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "rootResourceId": { "type": "string", "description": "Resource ID of the REST API's root\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "apiKeySource", "arn", "binaryMediaTypes", "createdDate", "description", "disableExecuteApiEndpoint", "endpointConfiguration", "executionArn", "minimumCompressionSize", "name", "policy", "rootResourceId", "tagsAll" ], "inputProperties": { "apiKeySource": { "type": "string", "description": "Source of the API key for requests. Valid values are `HEADER` (default) and `AUTHORIZER`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-api-key-source` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-api-key-source.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "List of binary media types supported by the REST API. By default, the REST API supports only UTF-8-encoded text payloads. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-binary-media-types` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-binary-media-types.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "body": { "type": "string", "description": "OpenAPI specification that defines the set of routes and integrations to create as part of the REST API. This configuration, and any updates to it, will replace all REST API configuration except values overridden in this resource configuration and other resource updates applied after this resource but before any `aws.apigateway.Deployment` creation. More information about REST API OpenAPI support can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "description": { "type": "string", "description": "Description of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.description` field. If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint. Defaults to `false`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `disableExecuteApiEndpoint` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is `true` and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Configuration block defining API endpoint configuration including endpoint type. Defined below.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings while API Gateway is creating or updating the resource should return an error or not. Defaults to `false`\n" }, "minimumCompressionSize": { "type": "string", "description": "Minimum response size to compress for the REST API. String containing an integer value between `-1` and `10485760` (10MB). `-1` will disable an existing compression configuration, and all other values will enable compression with the configured size. New resources can simply omit this argument to disable compression, rather than setting the value to `-1`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-minimum-compression-size` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-openapi-minimum-compression-size.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "name": { "type": "string", "description": "Name of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.title` field. If the argument value is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of customizations for importing the specification in the `body` argument. For example, to exclude DocumentationParts from an imported API, set `ignore` equal to `documentation`. Additional documentation, including other parameters such as `basepath`, can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway. For more information about building AWS IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide. The provider will only perform drift detection of its value when present in a configuration. We recommend using the `aws.apigateway.RestApiPolicy` resource instead. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-policy` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/openapi-extensions-policy.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "putRestApiMode": { "type": "string", "description": "Mode of the PutRestApi operation when importing an OpenAPI specification via the `body` argument (create or update operation). Valid values are `merge` and `overwrite`. If unspecificed, defaults to `overwrite` (for backwards compatibility). This corresponds to the [`x-amazon-apigateway-put-integration-method` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-put-integration-method.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RestApi resources.\n", "properties": { "apiKeySource": { "type": "string", "description": "Source of the API key for requests. Valid values are `HEADER` (default) and `AUTHORIZER`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-api-key-source` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-api-key-source.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "binaryMediaTypes": { "type": "array", "items": { "type": "string" }, "description": "List of binary media types supported by the REST API. By default, the REST API supports only UTF-8-encoded text payloads. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-binary-media-types` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-binary-media-types.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "body": { "type": "string", "description": "OpenAPI specification that defines the set of routes and integrations to create as part of the REST API. This configuration, and any updates to it, will replace all REST API configuration except values overridden in this resource configuration and other resource updates applied after this resource but before any `aws.apigateway.Deployment` creation. More information about REST API OpenAPI support can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "createdDate": { "type": "string", "description": "Creation date of the REST API\n" }, "description": { "type": "string", "description": "Description of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.description` field. If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint. Defaults to `false`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `disableExecuteApiEndpoint` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is `true` and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "endpointConfiguration": { "$ref": "#/types/aws:apigateway/RestApiEndpointConfiguration:RestApiEndpointConfiguration", "description": "Configuration block defining API endpoint configuration including endpoint type. Defined below.\n" }, "executionArn": { "type": "string", "description": "Execution ARN part to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings while API Gateway is creating or updating the resource should return an error or not. Defaults to `false`\n" }, "minimumCompressionSize": { "type": "string", "description": "Minimum response size to compress for the REST API. String containing an integer value between `-1` and `10485760` (10MB). `-1` will disable an existing compression configuration, and all other values will enable compression with the configured size. New resources can simply omit this argument to disable compression, rather than setting the value to `-1`. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-minimum-compression-size` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-openapi-minimum-compression-size.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "name": { "type": "string", "description": "Name of the REST API. If importing an OpenAPI specification via the `body` argument, this corresponds to the `info.title` field. If the argument value is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of customizations for importing the specification in the `body` argument. For example, to exclude DocumentationParts from an imported API, set `ignore` equal to `documentation`. Additional documentation, including other parameters such as `basepath`, can be found in the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api.html).\n" }, "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway. For more information about building AWS IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide. The provider will only perform drift detection of its value when present in a configuration. We recommend using the `aws.apigateway.RestApiPolicy` resource instead. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-policy` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/openapi-extensions-policy.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "putRestApiMode": { "type": "string", "description": "Mode of the PutRestApi operation when importing an OpenAPI specification via the `body` argument (create or update operation). Valid values are `merge` and `overwrite`. If unspecificed, defaults to `overwrite` (for backwards compatibility). This corresponds to the [`x-amazon-apigateway-put-integration-method` extension](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-put-integration-method.html). If the argument value is provided and is different than the OpenAPI value, the argument value will override the OpenAPI value.\n" }, "rootResourceId": { "type": "string", "description": "Resource ID of the REST API's root\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apigateway/restApiPolicy:RestApiPolicy": { "description": "Provides an API Gateway REST API Policy.\n\n\u003e **Note:** Amazon API Gateway Version 1 resources are used for creating and deploying REST APIs. To create and deploy WebSocket and HTTP APIs, use Amazon API Gateway Version 2 resources.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRestApi = new aws.apigateway.RestApi(\"test\", {name: \"example-rest-api\"});\nconst test = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n actions: [\"execute-api:Invoke\"],\n resources: [testRestApi.executionArn],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"123.123.123.123/32\"],\n }],\n }],\n});\nconst testRestApiPolicy = new aws.apigateway.RestApiPolicy(\"test\", {\n restApiId: testRestApi.id,\n policy: test.apply(test =\u003e test.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_rest_api = aws.apigateway.RestApi(\"test\", name=\"example-rest-api\")\ntest = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"execute-api:Invoke\"],\n \"resources\": [test_rest_api.execution_arn],\n \"conditions\": [{\n \"test\": \"IpAddress\",\n \"variable\": \"aws:SourceIp\",\n \"values\": [\"123.123.123.123/32\"],\n }],\n}])\ntest_rest_api_policy = aws.apigateway.RestApiPolicy(\"test\",\n rest_api_id=test_rest_api.id,\n policy=test.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRestApi = new Aws.ApiGateway.RestApi(\"test\", new()\n {\n Name = \"example-rest-api\",\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"execute-api:Invoke\",\n },\n Resources = new[]\n {\n testRestApi.ExecutionArn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"123.123.123.123/32\",\n },\n },\n },\n },\n },\n });\n\n var testRestApiPolicy = new Aws.ApiGateway.RestApiPolicy(\"test\", new()\n {\n RestApiId = testRestApi.Id,\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestRestApi, err := apigateway.NewRestApi(ctx, \"test\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"example-rest-api\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"execute-api:Invoke\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestRestApi.ExecutionArn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"IpAddress\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceIp\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"123.123.123.123/32\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = apigateway.NewRestApiPolicy(ctx, \"test\", \u0026apigateway.RestApiPolicyArgs{\n\t\t\tRestApiId: testRestApi.ID(),\n\t\t\tPolicy: pulumi.String(test.ApplyT(func(test iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026test.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.apigateway.RestApiPolicy;\nimport com.pulumi.aws.apigateway.RestApiPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRestApi = new RestApi(\"testRestApi\", RestApiArgs.builder()\n .name(\"example-rest-api\")\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .actions(\"execute-api:Invoke\")\n .resources(testRestApi.executionArn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"123.123.123.123/32\")\n .build())\n .build())\n .build());\n\n var testRestApiPolicy = new RestApiPolicy(\"testRestApiPolicy\", RestApiPolicyArgs.builder()\n .restApiId(testRestApi.id())\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(test -\u003e test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRestApi:\n type: aws:apigateway:RestApi\n name: test\n properties:\n name: example-rest-api\n testRestApiPolicy:\n type: aws:apigateway:RestApiPolicy\n name: test\n properties:\n restApiId: ${testRestApi.id}\n policy: ${test.json}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n actions:\n - execute-api:Invoke\n resources:\n - ${testRestApi.executionArn}\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 123.123.123.123/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_rest_api_policy` using the REST API ID. For example:\n\n```sh\n$ pulumi import aws:apigateway/restApiPolicy:RestApiPolicy example 12345abcde\n```\n", "properties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "restApiId": { "type": "string", "description": "ID of the REST API.\n" } }, "required": [ "policy", "restApiId" ], "inputProperties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "restApiId": { "type": "string", "description": "ID of the REST API.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "restApiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RestApiPolicy resources.\n", "properties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the API Gateway.\n" }, "restApiId": { "type": "string", "description": "ID of the REST API.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigateway/stage:Stage": { "description": "Manages an API Gateway Stage. A stage is a named reference to a deployment, which can be done via the `aws.apigateway.Deployment` resource. Stages can be optionally managed further with the `aws.apigateway.BasePathMapping` resource, `aws.apigateway.DomainName` resource, and `aws_api_method_settings` resource. For more information, see the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-stages.html).\n\n### Managing the API Logging CloudWatch Log Group\n\nAPI Gateway provides the ability to [enable CloudWatch API logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html). To manage the CloudWatch Log Group when this feature is enabled, the `aws.cloudwatch.LogGroup` resource can be used where the name matches the API Gateway naming convention. If the CloudWatch Log Group previously exists, import the `aws.cloudwatch.LogGroup` resource into Pulumi as a one time operation. You can recreate the environment without import.\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst stageName = config.get(\"stageName\") || \"example\";\nconst example = new aws.apigateway.RestApi(\"example\", {});\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: pulumi.interpolate`API-Gateway-Execution-Logs_${example.id}/${stageName}`,\n retentionInDays: 7,\n});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {stageName: stageName}, {\n dependsOn: [exampleLogGroup],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nstage_name = config.get(\"stageName\")\nif stage_name is None:\n stage_name = \"example\"\nexample = aws.apigateway.RestApi(\"example\")\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=example.id.apply(lambda id: f\"API-Gateway-Execution-Logs_{id}/{stage_name}\"),\n retention_in_days=7)\nexample_stage = aws.apigateway.Stage(\"example\", stage_name=stage_name,\nopts = pulumi.ResourceOptions(depends_on=[example_log_group]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var stageName = config.Get(\"stageName\") ?? \"example\";\n var example = new Aws.ApiGateway.RestApi(\"example\");\n\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = example.Id.Apply(id =\u003e $\"API-Gateway-Execution-Logs_{id}/{stageName}\"),\n RetentionInDays = 7,\n });\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n StageName = stageName,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleLogGroup,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tstageName := \"example\"\n\t\tif param := cfg.Get(\"stageName\"); param != \"\" {\n\t\t\tstageName = param\n\t\t}\n\t\texample, err := apigateway.NewRestApi(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"API-Gateway-Execution-Logs_%v/%v\", id, stageName), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tStageName: pulumi.String(stageName),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleLogGroup,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var stageName = config.get(\"stageName\").orElse(\"example\");\n var example = new RestApi(\"example\");\n\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(example.id().applyValue(id -\u003e String.format(\"API-Gateway-Execution-Logs_%s/%s\", id,stageName)))\n .retentionInDays(7)\n .build());\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder()\n .stageName(stageName)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleLogGroup)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n stageName:\n type: string\n default: example\nresources:\n example:\n type: aws:apigateway:RestApi\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n stageName: ${stageName}\n options:\n dependson:\n - ${exampleLogGroup}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: API-Gateway-Execution-Logs_${example.id}/${stageName}\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_stage` using `REST-API-ID/STAGE-NAME`. For example:\n\n```sh\n$ pulumi import aws:apigateway/stage:Stage example 12345abcde/example\n```\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. See Access Log Settings below.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "Size of the cache cluster for the stage, if enabled. Allowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "canarySettings": { "$ref": "#/types/aws:apigateway/StageCanarySettings:StageCanarySettings", "description": "Configuration settings of a canary deployment. See Canary Settings below.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "description": "ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "Description of the stage.\n" }, "documentationVersion": { "type": "string", "description": "Version of the associated API documentation\n" }, "executionArn": { "type": "string", "description": "Execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "description": "ID of the associated REST API\n" }, "stageName": { "type": "string", "description": "Name of the stage\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables\n" }, "webAclArn": { "type": "string", "description": "ARN of the WebAcl associated with the Stage.\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "required": [ "arn", "deployment", "executionArn", "invokeUrl", "restApi", "stageName", "tagsAll", "webAclArn" ], "inputProperties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. See Access Log Settings below.\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "Size of the cache cluster for the stage, if enabled. Allowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "canarySettings": { "$ref": "#/types/aws:apigateway/StageCanarySettings:StageCanarySettings", "description": "Configuration settings of a canary deployment. See Canary Settings below.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/deployment:Deployment" } ], "description": "ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "Description of the stage.\n" }, "documentationVersion": { "type": "string", "description": "Version of the associated API documentation\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "stageName": { "type": "string", "description": "Name of the stage\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "requiredInputs": [ "deployment", "restApi", "stageName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stage resources.\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", "description": "Enables access logs for the API stage. See Access Log Settings below.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "cacheClusterEnabled": { "type": "boolean", "description": "Whether a cache cluster is enabled for the stage\n" }, "cacheClusterSize": { "type": "string", "description": "Size of the cache cluster for the stage, if enabled. Allowed values include `0.5`, `1.6`, `6.1`, `13.5`, `28.4`, `58.2`, `118` and `237`.\n" }, "canarySettings": { "$ref": "#/types/aws:apigateway/StageCanarySettings:StageCanarySettings", "description": "Configuration settings of a canary deployment. See Canary Settings below.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage.\n" }, "deployment": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/deployment:Deployment" } ], "description": "ID of the deployment that the stage points to\n" }, "description": { "type": "string", "description": "Description of the stage.\n" }, "documentationVersion": { "type": "string", "description": "Version of the associated API documentation\n" }, "executionArn": { "type": "string", "description": "Execution ARN to be used in `lambda_permission`'s `source_arn`\nwhen allowing API Gateway to invoke a Lambda function,\ne.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j/prod`\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/prod`\n" }, "restApi": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:apigateway/restApi:RestApi" } ], "description": "ID of the associated REST API\n", "willReplaceOnChanges": true }, "stageName": { "type": "string", "description": "Name of the stage\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables\n" }, "webAclArn": { "type": "string", "description": "ARN of the WebAcl associated with the Stage.\n" }, "xrayTracingEnabled": { "type": "boolean", "description": "Whether active tracing with X-ray is enabled. Defaults to `false`.\n" } }, "type": "object" } }, "aws:apigateway/usagePlan:UsagePlan": { "description": "Provides an API Gateway Usage Plan.\n\n## Import\n\nUsing `pulumi import`, import AWS API Gateway Usage Plan using the `id`. For example:\n\n```sh\n$ pulumi import aws:apigateway/usagePlan:UsagePlan myusageplan \u003cusage_plan_id\u003e\n```\n", "properties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "Associated API stages of the usage plan.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "description": { "type": "string", "description": "Description of a usage plan.\n" }, "name": { "type": "string", "description": "Name of the usage plan.\n" }, "productCode": { "type": "string", "description": "AWS Marketplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "Quota of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "Throttling limits of the usage plan.\n" } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "Associated API stages of the usage plan.\n" }, "description": { "type": "string", "description": "Description of a usage plan.\n" }, "name": { "type": "string", "description": "Name of the usage plan.\n" }, "productCode": { "type": "string", "description": "AWS Marketplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "Quota of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "Throttling limits of the usage plan.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering UsagePlan resources.\n", "properties": { "apiStages": { "type": "array", "items": { "$ref": "#/types/aws:apigateway/UsagePlanApiStage:UsagePlanApiStage" }, "description": "Associated API stages of the usage plan.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "description": { "type": "string", "description": "Description of a usage plan.\n" }, "name": { "type": "string", "description": "Name of the usage plan.\n" }, "productCode": { "type": "string", "description": "AWS Marketplace product identifier to associate with the usage plan as a SaaS product on AWS Marketplace.\n" }, "quotaSettings": { "$ref": "#/types/aws:apigateway/UsagePlanQuotaSettings:UsagePlanQuotaSettings", "description": "Quota of the usage plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throttleSettings": { "$ref": "#/types/aws:apigateway/UsagePlanThrottleSettings:UsagePlanThrottleSettings", "description": "Throttling limits of the usage plan.\n" } }, "type": "object" } }, "aws:apigateway/usagePlanKey:UsagePlanKey": { "description": "Provides an API Gateway Usage Plan Key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.apigateway.RestApi(\"test\", {name: \"MyDemoAPI\"});\n// ...\nconst myusageplan = new aws.apigateway.UsagePlan(\"myusageplan\", {\n name: \"my_usage_plan\",\n apiStages: [{\n apiId: test.id,\n stage: foo.stageName,\n }],\n});\nconst mykey = new aws.apigateway.ApiKey(\"mykey\", {name: \"my_key\"});\nconst main = new aws.apigateway.UsagePlanKey(\"main\", {\n keyId: mykey.id,\n keyType: \"API_KEY\",\n usagePlanId: myusageplan.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.apigateway.RestApi(\"test\", name=\"MyDemoAPI\")\n# ...\nmyusageplan = aws.apigateway.UsagePlan(\"myusageplan\",\n name=\"my_usage_plan\",\n api_stages=[{\n \"api_id\": test.id,\n \"stage\": foo[\"stageName\"],\n }])\nmykey = aws.apigateway.ApiKey(\"mykey\", name=\"my_key\")\nmain = aws.apigateway.UsagePlanKey(\"main\",\n key_id=mykey.id,\n key_type=\"API_KEY\",\n usage_plan_id=myusageplan.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ApiGateway.RestApi(\"test\", new()\n {\n Name = \"MyDemoAPI\",\n });\n\n // ...\n var myusageplan = new Aws.ApiGateway.UsagePlan(\"myusageplan\", new()\n {\n Name = \"my_usage_plan\",\n ApiStages = new[]\n {\n new Aws.ApiGateway.Inputs.UsagePlanApiStageArgs\n {\n ApiId = test.Id,\n Stage = foo.StageName,\n },\n },\n });\n\n var mykey = new Aws.ApiGateway.ApiKey(\"mykey\", new()\n {\n Name = \"my_key\",\n });\n\n var main = new Aws.ApiGateway.UsagePlanKey(\"main\", new()\n {\n KeyId = mykey.Id,\n KeyType = \"API_KEY\",\n UsagePlanId = myusageplan.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := apigateway.NewRestApi(ctx, \"test\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// ...\n\t\tmyusageplan, err := apigateway.NewUsagePlan(ctx, \"myusageplan\", \u0026apigateway.UsagePlanArgs{\n\t\t\tName: pulumi.String(\"my_usage_plan\"),\n\t\t\tApiStages: apigateway.UsagePlanApiStageArray{\n\t\t\t\t\u0026apigateway.UsagePlanApiStageArgs{\n\t\t\t\t\tApiId: test.ID(),\n\t\t\t\t\tStage: pulumi.Any(foo.StageName),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmykey, err := apigateway.NewApiKey(ctx, \"mykey\", \u0026apigateway.ApiKeyArgs{\n\t\t\tName: pulumi.String(\"my_key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewUsagePlanKey(ctx, \"main\", \u0026apigateway.UsagePlanKeyArgs{\n\t\t\tKeyId: mykey.ID(),\n\t\t\tKeyType: pulumi.String(\"API_KEY\"),\n\t\t\tUsagePlanId: myusageplan.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.UsagePlan;\nimport com.pulumi.aws.apigateway.UsagePlanArgs;\nimport com.pulumi.aws.apigateway.inputs.UsagePlanApiStageArgs;\nimport com.pulumi.aws.apigateway.ApiKey;\nimport com.pulumi.aws.apigateway.ApiKeyArgs;\nimport com.pulumi.aws.apigateway.UsagePlanKey;\nimport com.pulumi.aws.apigateway.UsagePlanKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new RestApi(\"test\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .build());\n\n // ...\n var myusageplan = new UsagePlan(\"myusageplan\", UsagePlanArgs.builder()\n .name(\"my_usage_plan\")\n .apiStages(UsagePlanApiStageArgs.builder()\n .apiId(test.id())\n .stage(foo.stageName())\n .build())\n .build());\n\n var mykey = new ApiKey(\"mykey\", ApiKeyArgs.builder()\n .name(\"my_key\")\n .build());\n\n var main = new UsagePlanKey(\"main\", UsagePlanKeyArgs.builder()\n .keyId(mykey.id())\n .keyType(\"API_KEY\")\n .usagePlanId(myusageplan.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:apigateway:RestApi\n properties:\n name: MyDemoAPI\n # ...\n myusageplan:\n type: aws:apigateway:UsagePlan\n properties:\n name: my_usage_plan\n apiStages:\n - apiId: ${test.id}\n stage: ${foo.stageName}\n mykey:\n type: aws:apigateway:ApiKey\n properties:\n name: my_key\n main:\n type: aws:apigateway:UsagePlanKey\n properties:\n keyId: ${mykey.id}\n keyType: API_KEY\n usagePlanId: ${myusageplan.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS API Gateway Usage Plan Key using the `USAGE-PLAN-ID/USAGE-PLAN-KEY-ID`. For example:\n\n```sh\n$ pulumi import aws:apigateway/usagePlanKey:UsagePlanKey key 12345abcde/zzz\n```\n", "properties": { "keyId": { "type": "string", "description": "Identifier of the API key resource.\n" }, "keyType": { "type": "string", "description": "Type of the API key resource. Currently, the valid key type is API_KEY.\n" }, "name": { "type": "string", "description": "Name of a usage plan key.\n" }, "usagePlanId": { "type": "string", "description": "Id of the usage plan resource representing to associate the key to.\n" }, "value": { "type": "string", "description": "Value of a usage plan key.\n" } }, "required": [ "keyId", "keyType", "name", "usagePlanId", "value" ], "inputProperties": { "keyId": { "type": "string", "description": "Identifier of the API key resource.\n", "willReplaceOnChanges": true }, "keyType": { "type": "string", "description": "Type of the API key resource. Currently, the valid key type is API_KEY.\n", "willReplaceOnChanges": true }, "usagePlanId": { "type": "string", "description": "Id of the usage plan resource representing to associate the key to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "keyId", "keyType", "usagePlanId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UsagePlanKey resources.\n", "properties": { "keyId": { "type": "string", "description": "Identifier of the API key resource.\n", "willReplaceOnChanges": true }, "keyType": { "type": "string", "description": "Type of the API key resource. Currently, the valid key type is API_KEY.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of a usage plan key.\n" }, "usagePlanId": { "type": "string", "description": "Id of the usage plan resource representing to associate the key to.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Value of a usage plan key.\n" } }, "type": "object" } }, "aws:apigateway/vpcLink:VpcLink": { "description": "Provides an API Gateway VPC Link.\n\n\u003e **Note:** Amazon API Gateway Version 1 VPC Links enable private integrations that connect REST APIs to private resources in a VPC.\nTo enable private integration for HTTP APIs, use the Amazon API Gateway Version 2 VPC Link resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n name: \"example\",\n internal: true,\n loadBalancerType: \"network\",\n subnetMappings: [{\n subnetId: \"12345\",\n }],\n});\nconst exampleVpcLink = new aws.apigateway.VpcLink(\"example\", {\n name: \"example\",\n description: \"example description\",\n targetArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n name=\"example\",\n internal=True,\n load_balancer_type=\"network\",\n subnet_mappings=[{\n \"subnet_id\": \"12345\",\n }])\nexample_vpc_link = aws.apigateway.VpcLink(\"example\",\n name=\"example\",\n description=\"example description\",\n target_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n Name = \"example\",\n Internal = true,\n LoadBalancerType = \"network\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = \"12345\",\n },\n },\n });\n\n var exampleVpcLink = new Aws.ApiGateway.VpcLink(\"example\", new()\n {\n Name = \"example\",\n Description = \"example description\",\n TargetArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInternal: pulumi.Bool(true),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.String(\"12345\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewVpcLink(ctx, \"example\", \u0026apigateway.VpcLinkArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tTargetArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.apigateway.VpcLink;\nimport com.pulumi.aws.apigateway.VpcLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .name(\"example\")\n .internal(true)\n .loadBalancerType(\"network\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(\"12345\")\n .build())\n .build());\n\n var exampleVpcLink = new VpcLink(\"exampleVpcLink\", VpcLinkArgs.builder()\n .name(\"example\")\n .description(\"example description\")\n .targetArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n name: example\n internal: true\n loadBalancerType: network\n subnetMappings:\n - subnetId: '12345'\n exampleVpcLink:\n type: aws:apigateway:VpcLink\n name: example\n properties:\n name: example\n description: example description\n targetArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway VPC Link using the `id`. For example:\n\n```sh\n$ pulumi import aws:apigateway/vpcLink:VpcLink example 12345abcde\n```\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "Description of the VPC link.\n" }, "name": { "type": "string", "description": "Name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "List of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n" } }, "required": [ "arn", "name", "tagsAll", "targetArn" ], "inputProperties": { "description": { "type": "string", "description": "Description of the VPC link.\n" }, "name": { "type": "string", "description": "Name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetArn": { "type": "string", "description": "List of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcLink resources.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "Description of the VPC link.\n" }, "name": { "type": "string", "description": "Name used to label and identify the VPC link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "List of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigatewayv2/api:Api": { "description": "Manages an Amazon API Gateway Version 2 API.\n\n\u003e **Note:** Amazon API Gateway Version 2 resources are used for creating and deploying WebSocket and HTTP APIs. To create and deploy REST APIs, use Amazon API Gateway Version 1 resources.\n\n## Example Usage\n\n### Basic WebSocket API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n name: \"example-websocket-api\",\n protocolType: \"WEBSOCKET\",\n routeSelectionExpression: \"$request.body.action\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\",\n name=\"example-websocket-api\",\n protocol_type=\"WEBSOCKET\",\n route_selection_expression=\"$request.body.action\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Api(\"example\", new()\n {\n Name = \"example-websocket-api\",\n ProtocolType = \"WEBSOCKET\",\n RouteSelectionExpression = \"$request.body.action\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tName: pulumi.String(\"example-websocket-api\"),\n\t\t\tProtocolType: pulumi.String(\"WEBSOCKET\"),\n\t\t\tRouteSelectionExpression: pulumi.String(\"$request.body.action\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Api;\nimport com.pulumi.aws.apigatewayv2.ApiArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Api(\"example\", ApiArgs.builder()\n .name(\"example-websocket-api\")\n .protocolType(\"WEBSOCKET\")\n .routeSelectionExpression(\"$request.body.action\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Api\n properties:\n name: example-websocket-api\n protocolType: WEBSOCKET\n routeSelectionExpression: $request.body.action\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic HTTP API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n name: \"example-http-api\",\n protocolType: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\",\n name=\"example-http-api\",\n protocol_type=\"HTTP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Api(\"example\", new()\n {\n Name = \"example-http-api\",\n ProtocolType = \"HTTP\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tName: pulumi.String(\"example-http-api\"),\n\t\t\tProtocolType: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Api;\nimport com.pulumi.aws.apigatewayv2.ApiArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Api(\"example\", ApiArgs.builder()\n .name(\"example-http-api\")\n .protocolType(\"HTTP\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Api\n properties:\n name: example-http-api\n protocolType: HTTP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_api` using the API identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/api:Api example aabbccddee\n```\n", "properties": { "apiEndpoint": { "type": "string", "description": "URI of the API, of the form `https://{api-id}.execute-api.{region}.amazonaws.com` for HTTP APIs and `wss://{api-id}.execute-api.{region}.amazonaws.com` for WebSocket APIs.\n" }, "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "arn": { "type": "string", "description": "ARN of the API.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the HTTP APIs. Supported only for HTTP APIs.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "Cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n" }, "description": { "type": "string", "description": "Description of the API. Must be less than or equal to 1024 characters in length.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke the API by using the default `execute-api` endpoint.\nBy default, clients can invoke the API with the default `{api_id}.execute-api.{region}.amazonaws.com endpoint`.\nTo require that clients use a custom domain name to invoke the API, disable the default endpoint.\n" }, "executionArn": { "type": "string", "description": "ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings should return an error while API Gateway is creating or updating the resource using an OpenAPI specification. Defaults to `false`. Applicable for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the API. Must be less than or equal to 128 characters in length.\n" }, "protocolType": { "type": "string", "description": "API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n" }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n" }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the API. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n" }, "version": { "type": "string", "description": "Version identifier for the API. Must be between 1 and 64 characters in length.\n" } }, "required": [ "apiEndpoint", "arn", "executionArn", "name", "protocolType", "tagsAll" ], "inputProperties": { "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the HTTP APIs. Supported only for HTTP APIs.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "Cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the API. Must be less than or equal to 1024 characters in length.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke the API by using the default `execute-api` endpoint.\nBy default, clients can invoke the API with the default `{api_id}.execute-api.{region}.amazonaws.com endpoint`.\nTo require that clients use a custom domain name to invoke the API, disable the default endpoint.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings should return an error while API Gateway is creating or updating the resource using an OpenAPI specification. Defaults to `false`. Applicable for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the API. Must be less than or equal to 128 characters in length.\n" }, "protocolType": { "type": "string", "description": "API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n", "willReplaceOnChanges": true }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the API. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version identifier for the API. Must be between 1 and 64 characters in length.\n" } }, "requiredInputs": [ "protocolType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Api resources.\n", "properties": { "apiEndpoint": { "type": "string", "description": "URI of the API, of the form `https://{api-id}.execute-api.{region}.amazonaws.com` for HTTP APIs and `wss://{api-id}.execute-api.{region}.amazonaws.com` for WebSocket APIs.\n" }, "apiKeySelectionExpression": { "type": "string", "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nValid values: `$context.authorizer.usageIdentifierKey`, `$request.header.x-api-key`. Defaults to `$request.header.x-api-key`.\nApplicable for WebSocket APIs.\n" }, "arn": { "type": "string", "description": "ARN of the API.\n" }, "body": { "type": "string", "description": "An OpenAPI specification that defines the set of routes and integrations to create as part of the HTTP APIs. Supported only for HTTP APIs.\n" }, "corsConfiguration": { "$ref": "#/types/aws:apigatewayv2/ApiCorsConfiguration:ApiCorsConfiguration", "description": "Cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html). Applicable for HTTP APIs.\n" }, "credentialsArn": { "type": "string", "description": "Part of _quick create_. Specifies any credentials required for the integration. Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the API. Must be less than or equal to 1024 characters in length.\n" }, "disableExecuteApiEndpoint": { "type": "boolean", "description": "Whether clients can invoke the API by using the default `execute-api` endpoint.\nBy default, clients can invoke the API with the default `{api_id}.execute-api.{region}.amazonaws.com endpoint`.\nTo require that clients use a custom domain name to invoke the API, disable the default endpoint.\n" }, "executionArn": { "type": "string", "description": "ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "failOnWarnings": { "type": "boolean", "description": "Whether warnings should return an error while API Gateway is creating or updating the resource using an OpenAPI specification. Defaults to `false`. Applicable for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the API. Must be less than or equal to 128 characters in length.\n" }, "protocolType": { "type": "string", "description": "API protocol. Valid values: `HTTP`, `WEBSOCKET`.\n", "willReplaceOnChanges": true }, "routeKey": { "type": "string", "description": "Part of _quick create_. Specifies any [route key](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html). Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "routeSelectionExpression": { "type": "string", "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\nDefaults to `$request.method $request.path`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the API. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "target": { "type": "string", "description": "Part of _quick create_. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes.\nFor HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN.\nThe type of the integration will be `HTTP_PROXY` or `AWS_PROXY`, respectively. Applicable for HTTP APIs.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version identifier for the API. Must be between 1 and 64 characters in length.\n" } }, "type": "object" } }, "aws:apigatewayv2/apiMapping:ApiMapping": { "description": "Manages an Amazon API Gateway Version 2 API mapping.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.ApiMapping(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n domainName: exampleAwsApigatewayv2DomainName.id,\n stage: exampleAwsApigatewayv2Stage.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.ApiMapping(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n domain_name=example_aws_apigatewayv2_domain_name[\"id\"],\n stage=example_aws_apigatewayv2_stage[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.ApiMapping(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n DomainName = exampleAwsApigatewayv2DomainName.Id,\n Stage = exampleAwsApigatewayv2Stage.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewApiMapping(ctx, \"example\", \u0026apigatewayv2.ApiMappingArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tDomainName: pulumi.Any(exampleAwsApigatewayv2DomainName.Id),\n\t\t\tStage: pulumi.Any(exampleAwsApigatewayv2Stage.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.ApiMapping;\nimport com.pulumi.aws.apigatewayv2.ApiMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApiMapping(\"example\", ApiMappingArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .domainName(exampleAwsApigatewayv2DomainName.id())\n .stage(exampleAwsApigatewayv2Stage.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:ApiMapping\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n domainName: ${exampleAwsApigatewayv2DomainName.id}\n stage: ${exampleAwsApigatewayv2Stage.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_api_mapping` using the API mapping identifier and domain name. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/apiMapping:ApiMapping example 1122334/ws-api.example.com\n```\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "apiMappingKey": { "type": "string", "description": "The API mapping key. Refer to [REST API](https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-mappings.html), [HTTP API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-mappings.html) or [WebSocket API](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-mappings.html).\n" }, "domainName": { "type": "string", "description": "Domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n" }, "stage": { "type": "string", "description": "API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "required": [ "apiId", "domainName", "stage" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "apiMappingKey": { "type": "string", "description": "The API mapping key. Refer to [REST API](https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-mappings.html), [HTTP API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-mappings.html) or [WebSocket API](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-mappings.html).\n" }, "domainName": { "type": "string", "description": "Domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n", "willReplaceOnChanges": true }, "stage": { "type": "string", "description": "API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "requiredInputs": [ "apiId", "domainName", "stage" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApiMapping resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "apiMappingKey": { "type": "string", "description": "The API mapping key. Refer to [REST API](https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-mappings.html), [HTTP API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-mappings.html) or [WebSocket API](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-mappings.html).\n" }, "domainName": { "type": "string", "description": "Domain name. Use the `aws.apigatewayv2.DomainName` resource to configure a domain name.\n", "willReplaceOnChanges": true }, "stage": { "type": "string", "description": "API stage. Use the `aws.apigatewayv2.Stage` resource to configure an API stage.\n" } }, "type": "object" } }, "aws:apigatewayv2/authorizer:Authorizer": { "description": "Manages an Amazon API Gateway Version 2 authorizer.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n## Example Usage\n\n### Basic WebSocket API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Authorizer(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n authorizerType: \"REQUEST\",\n authorizerUri: exampleAwsLambdaFunction.invokeArn,\n identitySources: [\"route.request.header.Auth\"],\n name: \"example-authorizer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Authorizer(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n authorizer_type=\"REQUEST\",\n authorizer_uri=example_aws_lambda_function[\"invokeArn\"],\n identity_sources=[\"route.request.header.Auth\"],\n name=\"example-authorizer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Authorizer(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n AuthorizerType = \"REQUEST\",\n AuthorizerUri = exampleAwsLambdaFunction.InvokeArn,\n IdentitySources = new[]\n {\n \"route.request.header.Auth\",\n },\n Name = \"example-authorizer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewAuthorizer(ctx, \"example\", \u0026apigatewayv2.AuthorizerArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tAuthorizerType: pulumi.String(\"REQUEST\"),\n\t\t\tAuthorizerUri: pulumi.Any(exampleAwsLambdaFunction.InvokeArn),\n\t\t\tIdentitySources: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"route.request.header.Auth\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-authorizer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Authorizer;\nimport com.pulumi.aws.apigatewayv2.AuthorizerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Authorizer(\"example\", AuthorizerArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .authorizerType(\"REQUEST\")\n .authorizerUri(exampleAwsLambdaFunction.invokeArn())\n .identitySources(\"route.request.header.Auth\")\n .name(\"example-authorizer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Authorizer\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n authorizerType: REQUEST\n authorizerUri: ${exampleAwsLambdaFunction.invokeArn}\n identitySources:\n - route.request.header.Auth\n name: example-authorizer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic HTTP API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Authorizer(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n authorizerType: \"REQUEST\",\n authorizerUri: exampleAwsLambdaFunction.invokeArn,\n identitySources: [\"$request.header.Authorization\"],\n name: \"example-authorizer\",\n authorizerPayloadFormatVersion: \"2.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Authorizer(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n authorizer_type=\"REQUEST\",\n authorizer_uri=example_aws_lambda_function[\"invokeArn\"],\n identity_sources=[\"$request.header.Authorization\"],\n name=\"example-authorizer\",\n authorizer_payload_format_version=\"2.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Authorizer(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n AuthorizerType = \"REQUEST\",\n AuthorizerUri = exampleAwsLambdaFunction.InvokeArn,\n IdentitySources = new[]\n {\n \"$request.header.Authorization\",\n },\n Name = \"example-authorizer\",\n AuthorizerPayloadFormatVersion = \"2.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewAuthorizer(ctx, \"example\", \u0026apigatewayv2.AuthorizerArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tAuthorizerType: pulumi.String(\"REQUEST\"),\n\t\t\tAuthorizerUri: pulumi.Any(exampleAwsLambdaFunction.InvokeArn),\n\t\t\tIdentitySources: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"$request.header.Authorization\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-authorizer\"),\n\t\t\tAuthorizerPayloadFormatVersion: pulumi.String(\"2.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Authorizer;\nimport com.pulumi.aws.apigatewayv2.AuthorizerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Authorizer(\"example\", AuthorizerArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .authorizerType(\"REQUEST\")\n .authorizerUri(exampleAwsLambdaFunction.invokeArn())\n .identitySources(\"$request.header.Authorization\")\n .name(\"example-authorizer\")\n .authorizerPayloadFormatVersion(\"2.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Authorizer\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n authorizerType: REQUEST\n authorizerUri: ${exampleAwsLambdaFunction.invokeArn}\n identitySources:\n - $request.header.Authorization\n name: example-authorizer\n authorizerPayloadFormatVersion: '2.0'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_authorizer` using the API identifier and authorizer identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/authorizer:Authorizer example aabbccddee/1122334\n```\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "authorizerCredentialsArn": { "type": "string", "description": "Required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerPayloadFormatVersion": { "type": "string", "description": "Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.\nValid values: `1.0`, `2.0`.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.\nIf it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to `300`.\nSupported only for HTTP API Lambda authorizers.\n" }, "authorizerType": { "type": "string", "description": "Authorizer type. Valid values: `JWT`, `REQUEST`.\nSpecify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers. Must be between 1 and 2048 characters in length.\n" }, "enableSimpleResponses": { "type": "boolean", "description": "Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.\nSupported only for HTTP APIs.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "Identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "Configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the authorizer. Must be between 1 and 128 characters in length.\n" } }, "required": [ "apiId", "authorizerResultTtlInSeconds", "authorizerType", "name" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "authorizerCredentialsArn": { "type": "string", "description": "Required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerPayloadFormatVersion": { "type": "string", "description": "Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.\nValid values: `1.0`, `2.0`.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.\nIf it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to `300`.\nSupported only for HTTP API Lambda authorizers.\n" }, "authorizerType": { "type": "string", "description": "Authorizer type. Valid values: `JWT`, `REQUEST`.\nSpecify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers. Must be between 1 and 2048 characters in length.\n" }, "enableSimpleResponses": { "type": "boolean", "description": "Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.\nSupported only for HTTP APIs.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "Identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "Configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the authorizer. Must be between 1 and 128 characters in length.\n" } }, "requiredInputs": [ "apiId", "authorizerType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Authorizer resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "authorizerCredentialsArn": { "type": "string", "description": "Required credentials as an IAM role for API Gateway to invoke the authorizer.\nSupported only for `REQUEST` authorizers.\n" }, "authorizerPayloadFormatVersion": { "type": "string", "description": "Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.\nValid values: `1.0`, `2.0`.\n" }, "authorizerResultTtlInSeconds": { "type": "integer", "description": "Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.\nIf it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to `300`.\nSupported only for HTTP API Lambda authorizers.\n" }, "authorizerType": { "type": "string", "description": "Authorizer type. Valid values: `JWT`, `REQUEST`.\nSpecify `REQUEST` for a Lambda function using incoming request parameters.\nFor HTTP APIs, specify `JWT` to use JSON Web Tokens.\n" }, "authorizerUri": { "type": "string", "description": "Authorizer's Uniform Resource Identifier (URI).\nFor `REQUEST` authorizers this must be a well-formed Lambda function URI, such as the `invoke_arn` attribute of the `aws.lambda.Function` resource.\nSupported only for `REQUEST` authorizers. Must be between 1 and 2048 characters in length.\n" }, "enableSimpleResponses": { "type": "boolean", "description": "Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.\nSupported only for HTTP APIs.\n" }, "identitySources": { "type": "array", "items": { "type": "string" }, "description": "Identity sources for which authorization is requested.\nFor `REQUEST` authorizers the value is a list of one or more mapping expressions of the specified request parameters.\nFor `JWT` authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests.\n" }, "jwtConfiguration": { "$ref": "#/types/aws:apigatewayv2/AuthorizerJwtConfiguration:AuthorizerJwtConfiguration", "description": "Configuration of a JWT authorizer. Required for the `JWT` authorizer type.\nSupported only for HTTP APIs.\n" }, "name": { "type": "string", "description": "Name of the authorizer. Must be between 1 and 128 characters in length.\n" } }, "type": "object" } }, "aws:apigatewayv2/deployment:Deployment": { "description": "Manages an Amazon API Gateway Version 2 deployment.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n\u003e **Note:** Creating a deployment for an API requires at least one `aws.apigatewayv2.Route` resource associated with that API. To avoid race conditions when all resources are being created together, you need to add implicit resource references via the `triggers` argument or explicit resource references using the [resource `dependsOn` meta-argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson).\n\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_deployment` using the API identifier and deployment identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/deployment:Deployment example aabbccddee/1122334\n```\nThe `triggers` argument cannot be imported.\n\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "autoDeployed": { "type": "boolean", "description": "Whether the deployment was automatically released.\n" }, "description": { "type": "string", "description": "Description for the deployment resource. Must be less than or equal to 1024 characters in length.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n" } }, "required": [ "apiId", "autoDeployed" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description for the deployment resource. Must be less than or equal to 1024 characters in length.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "autoDeployed": { "type": "boolean", "description": "Whether the deployment was automatically released.\n" }, "description": { "type": "string", "description": "Description for the deployment resource. Must be less than or equal to 1024 characters in length.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:apigatewayv2/domainName:DomainName": { "description": "Manages an Amazon API Gateway Version 2 domain name.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html).\n\n\u003e **Note:** This resource establishes ownership of and the TLS settings for\na particular domain name. An API stage can be associated with the domain name using the `aws.apigatewayv2.ApiMapping` resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.DomainName(\"example\", {\n domainName: \"ws-api.example.com\",\n domainNameConfiguration: {\n certificateArn: exampleAwsAcmCertificate.arn,\n endpointType: \"REGIONAL\",\n securityPolicy: \"TLS_1_2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.DomainName(\"example\",\n domain_name=\"ws-api.example.com\",\n domain_name_configuration={\n \"certificate_arn\": example_aws_acm_certificate[\"arn\"],\n \"endpoint_type\": \"REGIONAL\",\n \"security_policy\": \"TLS_1_2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.DomainName(\"example\", new()\n {\n Domain = \"ws-api.example.com\",\n DomainNameConfiguration = new Aws.ApiGatewayV2.Inputs.DomainNameDomainNameConfigurationArgs\n {\n CertificateArn = exampleAwsAcmCertificate.Arn,\n EndpointType = \"REGIONAL\",\n SecurityPolicy = \"TLS_1_2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewDomainName(ctx, \"example\", \u0026apigatewayv2.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"ws-api.example.com\"),\n\t\t\tDomainNameConfiguration: \u0026apigatewayv2.DomainNameDomainNameConfigurationArgs{\n\t\t\t\tCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\t\tEndpointType: pulumi.String(\"REGIONAL\"),\n\t\t\t\tSecurityPolicy: pulumi.String(\"TLS_1_2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.DomainName;\nimport com.pulumi.aws.apigatewayv2.DomainNameArgs;\nimport com.pulumi.aws.apigatewayv2.inputs.DomainNameDomainNameConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainName(\"example\", DomainNameArgs.builder()\n .domainName(\"ws-api.example.com\")\n .domainNameConfiguration(DomainNameDomainNameConfigurationArgs.builder()\n .certificateArn(exampleAwsAcmCertificate.arn())\n .endpointType(\"REGIONAL\")\n .securityPolicy(\"TLS_1_2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:DomainName\n properties:\n domainName: ws-api.example.com\n domainNameConfiguration:\n certificateArn: ${exampleAwsAcmCertificate.arn}\n endpointType: REGIONAL\n securityPolicy: TLS_1_2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Associated Route 53 Resource Record\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.DomainName(\"example\", {\n domainName: \"http-api.example.com\",\n domainNameConfiguration: {\n certificateArn: exampleAwsAcmCertificate.arn,\n endpointType: \"REGIONAL\",\n securityPolicy: \"TLS_1_2\",\n },\n});\nconst exampleRecord = new aws.route53.Record(\"example\", {\n name: example.domainName,\n type: aws.route53.RecordType.A,\n zoneId: exampleAwsRoute53Zone.zoneId,\n aliases: [{\n name: example.domainNameConfiguration.apply(domainNameConfiguration =\u003e domainNameConfiguration.targetDomainName),\n zoneId: example.domainNameConfiguration.apply(domainNameConfiguration =\u003e domainNameConfiguration.hostedZoneId),\n evaluateTargetHealth: false,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.DomainName(\"example\",\n domain_name=\"http-api.example.com\",\n domain_name_configuration={\n \"certificate_arn\": example_aws_acm_certificate[\"arn\"],\n \"endpoint_type\": \"REGIONAL\",\n \"security_policy\": \"TLS_1_2\",\n })\nexample_record = aws.route53.Record(\"example\",\n name=example.domain_name,\n type=aws.route53.RecordType.A,\n zone_id=example_aws_route53_zone[\"zoneId\"],\n aliases=[{\n \"name\": example.domain_name_configuration.target_domain_name,\n \"zone_id\": example.domain_name_configuration.hosted_zone_id,\n \"evaluate_target_health\": False,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.DomainName(\"example\", new()\n {\n Domain = \"http-api.example.com\",\n DomainNameConfiguration = new Aws.ApiGatewayV2.Inputs.DomainNameDomainNameConfigurationArgs\n {\n CertificateArn = exampleAwsAcmCertificate.Arn,\n EndpointType = \"REGIONAL\",\n SecurityPolicy = \"TLS_1_2\",\n },\n });\n\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n Name = example.Domain,\n Type = Aws.Route53.RecordType.A,\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = example.DomainNameConfiguration.Apply(domainNameConfiguration =\u003e domainNameConfiguration.TargetDomainName),\n ZoneId = example.DomainNameConfiguration.Apply(domainNameConfiguration =\u003e domainNameConfiguration.HostedZoneId),\n EvaluateTargetHealth = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apigatewayv2.NewDomainName(ctx, \"example\", \u0026apigatewayv2.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"http-api.example.com\"),\n\t\t\tDomainNameConfiguration: \u0026apigatewayv2.DomainNameDomainNameConfigurationArgs{\n\t\t\t\tCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\t\tEndpointType: pulumi.String(\"REGIONAL\"),\n\t\t\t\tSecurityPolicy: pulumi.String(\"TLS_1_2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tName: example.DomainName,\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: example.DomainNameConfiguration.ApplyT(func(domainNameConfiguration apigatewayv2.DomainNameDomainNameConfiguration) (*string, error) {\n\t\t\t\t\t\treturn \u0026domainNameConfiguration.TargetDomainName, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\tZoneId: example.DomainNameConfiguration.ApplyT(func(domainNameConfiguration apigatewayv2.DomainNameDomainNameConfiguration) (*string, error) {\n\t\t\t\t\t\treturn \u0026domainNameConfiguration.HostedZoneId, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.DomainName;\nimport com.pulumi.aws.apigatewayv2.DomainNameArgs;\nimport com.pulumi.aws.apigatewayv2.inputs.DomainNameDomainNameConfigurationArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainName(\"example\", DomainNameArgs.builder()\n .domainName(\"http-api.example.com\")\n .domainNameConfiguration(DomainNameDomainNameConfigurationArgs.builder()\n .certificateArn(exampleAwsAcmCertificate.arn())\n .endpointType(\"REGIONAL\")\n .securityPolicy(\"TLS_1_2\")\n .build())\n .build());\n\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .name(example.domainName())\n .type(\"A\")\n .zoneId(exampleAwsRoute53Zone.zoneId())\n .aliases(RecordAliasArgs.builder()\n .name(example.domainNameConfiguration().applyValue(domainNameConfiguration -\u003e domainNameConfiguration.targetDomainName()))\n .zoneId(example.domainNameConfiguration().applyValue(domainNameConfiguration -\u003e domainNameConfiguration.hostedZoneId()))\n .evaluateTargetHealth(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:DomainName\n properties:\n domainName: http-api.example.com\n domainNameConfiguration:\n certificateArn: ${exampleAwsAcmCertificate.arn}\n endpointType: REGIONAL\n securityPolicy: TLS_1_2\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n name: ${example.domainName}\n type: A\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n aliases:\n - name: ${example.domainNameConfiguration.targetDomainName}\n zoneId: ${example.domainNameConfiguration.hostedZoneId}\n evaluateTargetHealth: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_domain_name` using the domain name. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/domainName:DomainName example ws-api.example.com\n```\n", "properties": { "apiMappingSelectionExpression": { "type": "string", "description": "[API mapping selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-mapping-selection-expressions) for the domain name.\n" }, "arn": { "type": "string", "description": "ARN of the domain name.\n" }, "domainName": { "type": "string", "description": "Domain name. Must be between 1 and 512 characters in length.\n", "language": { "csharp": { "name": "Domain" } } }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "Domain name configuration. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigatewayv2/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the domain name. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "apiMappingSelectionExpression", "arn", "domainName", "domainNameConfiguration", "tagsAll" ], "inputProperties": { "domainName": { "type": "string", "description": "Domain name. Must be between 1 and 512 characters in length.\n", "language": { "csharp": { "name": "Domain" } }, "willReplaceOnChanges": true }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "Domain name configuration. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigatewayv2/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the domain name. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "domainName", "domainNameConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainName resources.\n", "properties": { "apiMappingSelectionExpression": { "type": "string", "description": "[API mapping selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-mapping-selection-expressions) for the domain name.\n" }, "arn": { "type": "string", "description": "ARN of the domain name.\n" }, "domainName": { "type": "string", "description": "Domain name. Must be between 1 and 512 characters in length.\n", "language": { "csharp": { "name": "Domain" } }, "willReplaceOnChanges": true }, "domainNameConfiguration": { "$ref": "#/types/aws:apigatewayv2/DomainNameDomainNameConfiguration:DomainNameDomainNameConfiguration", "description": "Domain name configuration. See below.\n" }, "mutualTlsAuthentication": { "$ref": "#/types/aws:apigatewayv2/DomainNameMutualTlsAuthentication:DomainNameMutualTlsAuthentication", "description": "Mutual TLS authentication configuration for the domain name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the domain name. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apigatewayv2/integration:Integration": { "description": "Manages an Amazon API Gateway Version 2 integration.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Integration(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n integrationType: \"MOCK\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Integration(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n integration_type=\"MOCK\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Integration(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n IntegrationType = \"MOCK\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tIntegrationType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Integration;\nimport com.pulumi.aws.apigatewayv2.IntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Integration(\"example\", IntegrationArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .integrationType(\"MOCK\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Integration\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n integrationType: MOCK\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Integration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Function(\"example\", {\n code: new pulumi.asset.FileArchive(\"example.zip\"),\n name: \"Example\",\n role: exampleAwsIamRole.arn,\n handler: \"index.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst exampleIntegration = new aws.apigatewayv2.Integration(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n integrationType: \"AWS_PROXY\",\n connectionType: \"INTERNET\",\n contentHandlingStrategy: \"CONVERT_TO_TEXT\",\n description: \"Lambda example\",\n integrationMethod: \"POST\",\n integrationUri: example.invokeArn,\n passthroughBehavior: \"WHEN_NO_MATCH\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Function(\"example\",\n code=pulumi.FileArchive(\"example.zip\"),\n name=\"Example\",\n role=example_aws_iam_role[\"arn\"],\n handler=\"index.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\nexample_integration = aws.apigatewayv2.Integration(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n integration_type=\"AWS_PROXY\",\n connection_type=\"INTERNET\",\n content_handling_strategy=\"CONVERT_TO_TEXT\",\n description=\"Lambda example\",\n integration_method=\"POST\",\n integration_uri=example.invoke_arn,\n passthrough_behavior=\"WHEN_NO_MATCH\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n Code = new FileArchive(\"example.zip\"),\n Name = \"Example\",\n Role = exampleAwsIamRole.Arn,\n Handler = \"index.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var exampleIntegration = new Aws.ApiGatewayV2.Integration(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n IntegrationType = \"AWS_PROXY\",\n ConnectionType = \"INTERNET\",\n ContentHandlingStrategy = \"CONVERT_TO_TEXT\",\n Description = \"Lambda example\",\n IntegrationMethod = \"POST\",\n IntegrationUri = example.InvokeArn,\n PassthroughBehavior = \"WHEN_NO_MATCH\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"example.zip\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHandler: pulumi.String(\"index.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tIntegrationType: pulumi.String(\"AWS_PROXY\"),\n\t\t\tConnectionType: pulumi.String(\"INTERNET\"),\n\t\t\tContentHandlingStrategy: pulumi.String(\"CONVERT_TO_TEXT\"),\n\t\t\tDescription: pulumi.String(\"Lambda example\"),\n\t\t\tIntegrationMethod: pulumi.String(\"POST\"),\n\t\t\tIntegrationUri: example.InvokeArn,\n\t\t\tPassthroughBehavior: pulumi.String(\"WHEN_NO_MATCH\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.apigatewayv2.Integration;\nimport com.pulumi.aws.apigatewayv2.IntegrationArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Function(\"example\", FunctionArgs.builder()\n .code(new FileArchive(\"example.zip\"))\n .name(\"Example\")\n .role(exampleAwsIamRole.arn())\n .handler(\"index.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var exampleIntegration = new Integration(\"exampleIntegration\", IntegrationArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .integrationType(\"AWS_PROXY\")\n .connectionType(\"INTERNET\")\n .contentHandlingStrategy(\"CONVERT_TO_TEXT\")\n .description(\"Lambda example\")\n .integrationMethod(\"POST\")\n .integrationUri(example.invokeArn())\n .passthroughBehavior(\"WHEN_NO_MATCH\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: example.zip\n name: Example\n role: ${exampleAwsIamRole.arn}\n handler: index.handler\n runtime: nodejs16.x\n exampleIntegration:\n type: aws:apigatewayv2:Integration\n name: example\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n integrationType: AWS_PROXY\n connectionType: INTERNET\n contentHandlingStrategy: CONVERT_TO_TEXT\n description: Lambda example\n integrationMethod: POST\n integrationUri: ${example.invokeArn}\n passthroughBehavior: WHEN_NO_MATCH\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Service Integration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Integration(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n credentialsArn: exampleAwsIamRole.arn,\n description: \"SQS example\",\n integrationType: \"AWS_PROXY\",\n integrationSubtype: \"SQS-SendMessage\",\n requestParameters: {\n QueueUrl: \"$request.header.queueUrl\",\n MessageBody: \"$request.body.message\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Integration(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n credentials_arn=example_aws_iam_role[\"arn\"],\n description=\"SQS example\",\n integration_type=\"AWS_PROXY\",\n integration_subtype=\"SQS-SendMessage\",\n request_parameters={\n \"QueueUrl\": \"$request.header.queueUrl\",\n \"MessageBody\": \"$request.body.message\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Integration(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n CredentialsArn = exampleAwsIamRole.Arn,\n Description = \"SQS example\",\n IntegrationType = \"AWS_PROXY\",\n IntegrationSubtype = \"SQS-SendMessage\",\n RequestParameters = \n {\n { \"QueueUrl\", \"$request.header.queueUrl\" },\n { \"MessageBody\", \"$request.body.message\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tCredentialsArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDescription: pulumi.String(\"SQS example\"),\n\t\t\tIntegrationType: pulumi.String(\"AWS_PROXY\"),\n\t\t\tIntegrationSubtype: pulumi.String(\"SQS-SendMessage\"),\n\t\t\tRequestParameters: pulumi.StringMap{\n\t\t\t\t\"QueueUrl\": pulumi.String(\"$request.header.queueUrl\"),\n\t\t\t\t\"MessageBody\": pulumi.String(\"$request.body.message\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Integration;\nimport com.pulumi.aws.apigatewayv2.IntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Integration(\"example\", IntegrationArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .credentialsArn(exampleAwsIamRole.arn())\n .description(\"SQS example\")\n .integrationType(\"AWS_PROXY\")\n .integrationSubtype(\"SQS-SendMessage\")\n .requestParameters(Map.ofEntries(\n Map.entry(\"QueueUrl\", \"$request.header.queueUrl\"),\n Map.entry(\"MessageBody\", \"$request.body.message\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Integration\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n credentialsArn: ${exampleAwsIamRole.arn}\n description: SQS example\n integrationType: AWS_PROXY\n integrationSubtype: SQS-SendMessage\n requestParameters:\n QueueUrl: $request.header.queueUrl\n MessageBody: $request.body.message\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private Integration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Integration(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n credentialsArn: exampleAwsIamRole.arn,\n description: \"Example with a load balancer\",\n integrationType: \"HTTP_PROXY\",\n integrationUri: exampleAwsLbListener.arn,\n integrationMethod: \"ANY\",\n connectionType: \"VPC_LINK\",\n connectionId: exampleAwsApigatewayv2VpcLink.id,\n tlsConfig: {\n serverNameToVerify: \"example.com\",\n },\n requestParameters: {\n \"append:header.authforintegration\": \"$context.authorizer.authorizerResponse\",\n \"overwrite:path\": \"staticValueForIntegration\",\n },\n responseParameters: [\n {\n statusCode: \"403\",\n mappings: {\n \"append:header.auth\": \"$context.authorizer.authorizerResponse\",\n },\n },\n {\n statusCode: \"200\",\n mappings: {\n \"overwrite:statuscode\": \"204\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Integration(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n credentials_arn=example_aws_iam_role[\"arn\"],\n description=\"Example with a load balancer\",\n integration_type=\"HTTP_PROXY\",\n integration_uri=example_aws_lb_listener[\"arn\"],\n integration_method=\"ANY\",\n connection_type=\"VPC_LINK\",\n connection_id=example_aws_apigatewayv2_vpc_link[\"id\"],\n tls_config={\n \"server_name_to_verify\": \"example.com\",\n },\n request_parameters={\n \"append:header.authforintegration\": \"$context.authorizer.authorizerResponse\",\n \"overwrite:path\": \"staticValueForIntegration\",\n },\n response_parameters=[\n {\n \"status_code\": \"403\",\n \"mappings\": {\n \"append_header_auth\": \"$context.authorizer.authorizerResponse\",\n },\n },\n {\n \"status_code\": \"200\",\n \"mappings\": {\n \"overwrite_statuscode\": \"204\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Integration(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n CredentialsArn = exampleAwsIamRole.Arn,\n Description = \"Example with a load balancer\",\n IntegrationType = \"HTTP_PROXY\",\n IntegrationUri = exampleAwsLbListener.Arn,\n IntegrationMethod = \"ANY\",\n ConnectionType = \"VPC_LINK\",\n ConnectionId = exampleAwsApigatewayv2VpcLink.Id,\n TlsConfig = new Aws.ApiGatewayV2.Inputs.IntegrationTlsConfigArgs\n {\n ServerNameToVerify = \"example.com\",\n },\n RequestParameters = \n {\n { \"append:header.authforintegration\", \"$context.authorizer.authorizerResponse\" },\n { \"overwrite:path\", \"staticValueForIntegration\" },\n },\n ResponseParameters = new[]\n {\n new Aws.ApiGatewayV2.Inputs.IntegrationResponseParameterArgs\n {\n StatusCode = \"403\",\n Mappings = \n {\n { \"append:header.auth\", \"$context.authorizer.authorizerResponse\" },\n },\n },\n new Aws.ApiGatewayV2.Inputs.IntegrationResponseParameterArgs\n {\n StatusCode = \"200\",\n Mappings = \n {\n { \"overwrite:statuscode\", \"204\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tCredentialsArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDescription: pulumi.String(\"Example with a load balancer\"),\n\t\t\tIntegrationType: pulumi.String(\"HTTP_PROXY\"),\n\t\t\tIntegrationUri: pulumi.Any(exampleAwsLbListener.Arn),\n\t\t\tIntegrationMethod: pulumi.String(\"ANY\"),\n\t\t\tConnectionType: pulumi.String(\"VPC_LINK\"),\n\t\t\tConnectionId: pulumi.Any(exampleAwsApigatewayv2VpcLink.Id),\n\t\t\tTlsConfig: \u0026apigatewayv2.IntegrationTlsConfigArgs{\n\t\t\t\tServerNameToVerify: pulumi.String(\"example.com\"),\n\t\t\t},\n\t\t\tRequestParameters: pulumi.StringMap{\n\t\t\t\t\"append:header.authforintegration\": pulumi.String(\"$context.authorizer.authorizerResponse\"),\n\t\t\t\t\"overwrite:path\": pulumi.String(\"staticValueForIntegration\"),\n\t\t\t},\n\t\t\tResponseParameters: apigatewayv2.IntegrationResponseParameterArray{\n\t\t\t\t\u0026apigatewayv2.IntegrationResponseParameterArgs{\n\t\t\t\t\tStatusCode: pulumi.String(\"403\"),\n\t\t\t\t\tMappings: pulumi.StringMap{\n\t\t\t\t\t\t\"append:header.auth\": pulumi.String(\"$context.authorizer.authorizerResponse\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026apigatewayv2.IntegrationResponseParameterArgs{\n\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\tMappings: pulumi.StringMap{\n\t\t\t\t\t\t\"overwrite:statuscode\": pulumi.String(\"204\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Integration;\nimport com.pulumi.aws.apigatewayv2.IntegrationArgs;\nimport com.pulumi.aws.apigatewayv2.inputs.IntegrationTlsConfigArgs;\nimport com.pulumi.aws.apigatewayv2.inputs.IntegrationResponseParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Integration(\"example\", IntegrationArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .credentialsArn(exampleAwsIamRole.arn())\n .description(\"Example with a load balancer\")\n .integrationType(\"HTTP_PROXY\")\n .integrationUri(exampleAwsLbListener.arn())\n .integrationMethod(\"ANY\")\n .connectionType(\"VPC_LINK\")\n .connectionId(exampleAwsApigatewayv2VpcLink.id())\n .tlsConfig(IntegrationTlsConfigArgs.builder()\n .serverNameToVerify(\"example.com\")\n .build())\n .requestParameters(Map.ofEntries(\n Map.entry(\"append:header.authforintegration\", \"$context.authorizer.authorizerResponse\"),\n Map.entry(\"overwrite:path\", \"staticValueForIntegration\")\n ))\n .responseParameters( \n IntegrationResponseParameterArgs.builder()\n .statusCode(403)\n .mappings(Map.of(\"append:header.auth\", \"$context.authorizer.authorizerResponse\"))\n .build(),\n IntegrationResponseParameterArgs.builder()\n .statusCode(200)\n .mappings(Map.of(\"overwrite:statuscode\", \"204\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Integration\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n credentialsArn: ${exampleAwsIamRole.arn}\n description: Example with a load balancer\n integrationType: HTTP_PROXY\n integrationUri: ${exampleAwsLbListener.arn}\n integrationMethod: ANY\n connectionType: VPC_LINK\n connectionId: ${exampleAwsApigatewayv2VpcLink.id}\n tlsConfig:\n serverNameToVerify: example.com\n requestParameters:\n append:header.authforintegration: $context.authorizer.authorizerResponse\n overwrite:path: staticValueForIntegration\n responseParameters:\n - statusCode: 403\n mappings:\n append:header.auth: $context.authorizer.authorizerResponse\n - statusCode: 200\n mappings:\n overwrite:statuscode: '204'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_integration` using the API identifier and integration identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/integration:Integration example aabbccddee/1122334\n```\n-\u003e __Note:__ The API Gateway managed integration created as part of [_quick_create_](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-basic-concept.html#apigateway-definition-quick-create) cannot be imported.\n\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "connectionId": { "type": "string", "description": "ID of the VPC link for a private integration. Supported only for HTTP APIs. Must be between 1 and 1024 characters in length.\n" }, "connectionType": { "type": "string", "description": "Type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "Credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "Description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "Integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationResponseSelectionExpression": { "type": "string", "description": "The [integration response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions) for the integration.\n" }, "integrationSubtype": { "type": "string", "description": "AWS service action to invoke. Supported only for HTTP APIs when `integration_type` is `AWS_PROXY`. See the [AWS service integration reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) documentation for supported values. Must be between 1 and 128 characters in length.\n" }, "integrationType": { "type": "string", "description": "Integration type of an integration.\nValid values: `AWS` (supported only for WebSocket APIs), `AWS_PROXY`, `HTTP` (supported only for WebSocket APIs), `HTTP_PROXY`, `MOCK` (supported only for WebSocket APIs). For an HTTP API private integration, use `HTTP_PROXY`.\n" }, "integrationUri": { "type": "string", "description": "URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "Pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend.\nFor HTTP APIs with a specified `integration_subtype`, a key-value map specifying parameters that are passed to `AWS_PROXY` integrations.\nFor HTTP APIs without a specified `integration_subtype`, a key-value map specifying how to transform HTTP requests before sending them to the backend.\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of [Velocity](https://velocity.apache.org/) templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "responseParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/IntegrationResponseParameter:IntegrationResponseParameter" }, "description": "Mappings to transform the HTTP response from a backend integration before returning the response to clients. Supported only for HTTP APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs.\nThe default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.\nthis provider will only perform drift detection of its value when present in a configuration.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigatewayv2/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration for a private integration. Supported only for HTTP APIs.\n" } }, "required": [ "apiId", "integrationResponseSelectionExpression", "integrationType", "timeoutMilliseconds" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "ID of the VPC link for a private integration. Supported only for HTTP APIs. Must be between 1 and 1024 characters in length.\n" }, "connectionType": { "type": "string", "description": "Type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "Credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "Description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "Integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationSubtype": { "type": "string", "description": "AWS service action to invoke. Supported only for HTTP APIs when `integration_type` is `AWS_PROXY`. See the [AWS service integration reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) documentation for supported values. Must be between 1 and 128 characters in length.\n", "willReplaceOnChanges": true }, "integrationType": { "type": "string", "description": "Integration type of an integration.\nValid values: `AWS` (supported only for WebSocket APIs), `AWS_PROXY`, `HTTP` (supported only for WebSocket APIs), `HTTP_PROXY`, `MOCK` (supported only for WebSocket APIs). For an HTTP API private integration, use `HTTP_PROXY`.\n", "willReplaceOnChanges": true }, "integrationUri": { "type": "string", "description": "URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "Pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend.\nFor HTTP APIs with a specified `integration_subtype`, a key-value map specifying parameters that are passed to `AWS_PROXY` integrations.\nFor HTTP APIs without a specified `integration_subtype`, a key-value map specifying how to transform HTTP requests before sending them to the backend.\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of [Velocity](https://velocity.apache.org/) templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "responseParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/IntegrationResponseParameter:IntegrationResponseParameter" }, "description": "Mappings to transform the HTTP response from a backend integration before returning the response to clients. Supported only for HTTP APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs.\nThe default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.\nthis provider will only perform drift detection of its value when present in a configuration.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigatewayv2/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration for a private integration. Supported only for HTTP APIs.\n" } }, "requiredInputs": [ "apiId", "integrationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Integration resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "ID of the VPC link for a private integration. Supported only for HTTP APIs. Must be between 1 and 1024 characters in length.\n" }, "connectionType": { "type": "string", "description": "Type of the network connection to the integration endpoint. Valid values: `INTERNET`, `VPC_LINK`. Default is `INTERNET`.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`. Supported only for WebSocket APIs.\n" }, "credentialsArn": { "type": "string", "description": "Credentials required for the integration, if any.\n" }, "description": { "type": "string", "description": "Description of the integration.\n" }, "integrationMethod": { "type": "string", "description": "Integration's HTTP method. Must be specified if `integration_type` is not `MOCK`.\n" }, "integrationResponseSelectionExpression": { "type": "string", "description": "The [integration response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions) for the integration.\n" }, "integrationSubtype": { "type": "string", "description": "AWS service action to invoke. Supported only for HTTP APIs when `integration_type` is `AWS_PROXY`. See the [AWS service integration reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) documentation for supported values. Must be between 1 and 128 characters in length.\n", "willReplaceOnChanges": true }, "integrationType": { "type": "string", "description": "Integration type of an integration.\nValid values: `AWS` (supported only for WebSocket APIs), `AWS_PROXY`, `HTTP` (supported only for WebSocket APIs), `HTTP_PROXY`, `MOCK` (supported only for WebSocket APIs). For an HTTP API private integration, use `HTTP_PROXY`.\n", "willReplaceOnChanges": true }, "integrationUri": { "type": "string", "description": "URI of the Lambda function for a Lambda proxy integration, when `integration_type` is `AWS_PROXY`.\nFor an `HTTP` integration, specify a fully-qualified URL. For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service.\n" }, "passthroughBehavior": { "type": "string", "description": "Pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the `request_templates` attribute.\nValid values: `WHEN_NO_MATCH`, `WHEN_NO_TEMPLATES`, `NEVER`. Default is `WHEN_NO_MATCH`. Supported only for WebSocket APIs.\n" }, "payloadFormatVersion": { "type": "string", "description": "The [format of the payload](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format) sent to an integration. Valid values: `1.0`, `2.0`. Default is `1.0`.\n" }, "requestParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend.\nFor HTTP APIs with a specified `integration_subtype`, a key-value map specifying parameters that are passed to `AWS_PROXY` integrations.\nFor HTTP APIs without a specified `integration_subtype`, a key-value map specifying how to transform HTTP requests before sending them to the backend.\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details.\n" }, "requestTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of [Velocity](https://velocity.apache.org/) templates that are applied on the request payload based on the value of the Content-Type header sent by the client. Supported only for WebSocket APIs.\n" }, "responseParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/IntegrationResponseParameter:IntegrationResponseParameter" }, "description": "Mappings to transform the HTTP response from a backend integration before returning the response to clients. Supported only for HTTP APIs.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration.\n" }, "timeoutMilliseconds": { "type": "integer", "description": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs.\nThe default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.\nthis provider will only perform drift detection of its value when present in a configuration.\n" }, "tlsConfig": { "$ref": "#/types/aws:apigatewayv2/IntegrationTlsConfig:IntegrationTlsConfig", "description": "TLS configuration for a private integration. Supported only for HTTP APIs.\n" } }, "type": "object" } }, "aws:apigatewayv2/integrationResponse:IntegrationResponse": { "description": "Manages an Amazon API Gateway Version 2 integration response.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.IntegrationResponse(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n integrationId: exampleAwsApigatewayv2Integration.id,\n integrationResponseKey: \"/200/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.IntegrationResponse(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n integration_id=example_aws_apigatewayv2_integration[\"id\"],\n integration_response_key=\"/200/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.IntegrationResponse(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n IntegrationId = exampleAwsApigatewayv2Integration.Id,\n IntegrationResponseKey = \"/200/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewIntegrationResponse(ctx, \"example\", \u0026apigatewayv2.IntegrationResponseArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tIntegrationId: pulumi.Any(exampleAwsApigatewayv2Integration.Id),\n\t\t\tIntegrationResponseKey: pulumi.String(\"/200/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.IntegrationResponse;\nimport com.pulumi.aws.apigatewayv2.IntegrationResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IntegrationResponse(\"example\", IntegrationResponseArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .integrationId(exampleAwsApigatewayv2Integration.id())\n .integrationResponseKey(\"/200/\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:IntegrationResponse\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n integrationId: ${exampleAwsApigatewayv2Integration.id}\n integrationResponseKey: /200/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_integration_response` using the API identifier, integration identifier and integration response identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/integrationResponse:IntegrationResponse example aabbccddee/1122334/998877\n```\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Integration`.\n" }, "integrationResponseKey": { "type": "string", "description": "Integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "required": [ "apiId", "integrationId", "integrationResponseKey" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Integration`.\n", "willReplaceOnChanges": true }, "integrationResponseKey": { "type": "string", "description": "Integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "requiredInputs": [ "apiId", "integrationId", "integrationResponseKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering IntegrationResponse resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "contentHandlingStrategy": { "type": "string", "description": "How to handle response payload content type conversions. Valid values: `CONVERT_TO_BINARY`, `CONVERT_TO_TEXT`.\n" }, "integrationId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Integration`.\n", "willReplaceOnChanges": true }, "integrationResponseKey": { "type": "string", "description": "Integration response key.\n" }, "responseTemplates": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client.\n" }, "templateSelectionExpression": { "type": "string", "description": "The [template selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-template-selection-expressions) for the integration response.\n" } }, "type": "object" } }, "aws:apigatewayv2/model:Model": { "description": "Manages an Amazon API Gateway Version 2 [model](https://docs.aws.amazon.com/apigateway/latest/developerguide/models-mappings.html#models-mappings-models).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Model(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n contentType: \"application/json\",\n name: \"example\",\n schema: JSON.stringify({\n $schema: \"http://json-schema.org/draft-04/schema#\",\n title: \"ExampleModel\",\n type: \"object\",\n properties: {\n id: {\n type: \"string\",\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Model(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n content_type=\"application/json\",\n name=\"example\",\n schema=json.dumps({\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"ExampleModel\",\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"string\",\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Model(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n ContentType = \"application/json\",\n Name = \"example\",\n Schema = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"$schema\"] = \"http://json-schema.org/draft-04/schema#\",\n [\"title\"] = \"ExampleModel\",\n [\"type\"] = \"object\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"id\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"$schema\": \"http://json-schema.org/draft-04/schema#\",\n\t\t\t\"title\": \"ExampleModel\",\n\t\t\t\"type\": \"object\",\n\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\"id\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = apigatewayv2.NewModel(ctx, \"example\", \u0026apigatewayv2.ModelArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSchema: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Model;\nimport com.pulumi.aws.apigatewayv2.ModelArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Model(\"example\", ModelArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .contentType(\"application/json\")\n .name(\"example\")\n .schema(serializeJson(\n jsonObject(\n jsonProperty(\"$schema\", \"http://json-schema.org/draft-04/schema#\"),\n jsonProperty(\"title\", \"ExampleModel\"),\n jsonProperty(\"type\", \"object\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"id\", jsonObject(\n jsonProperty(\"type\", \"string\")\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Model\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n contentType: application/json\n name: example\n schema:\n fn::toJSON:\n $schema: http://json-schema.org/draft-04/schema#\n title: ExampleModel\n type: object\n properties:\n id:\n type: string\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_model` using the API identifier and model identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/model:Model example aabbccddee/1122334\n```\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`. Must be between 1 and 256 characters in length.\n" }, "description": { "type": "string", "description": "Description of the model. Must be between 1 and 128 characters in length.\n" }, "name": { "type": "string", "description": "Name of the model. Must be alphanumeric. Must be between 1 and 128 characters in length.\n" }, "schema": { "type": "string", "description": "Schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model. Must be less than or equal to 32768 characters in length.\n" } }, "required": [ "apiId", "contentType", "name", "schema" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`. Must be between 1 and 256 characters in length.\n" }, "description": { "type": "string", "description": "Description of the model. Must be between 1 and 128 characters in length.\n" }, "name": { "type": "string", "description": "Name of the model. Must be alphanumeric. Must be between 1 and 128 characters in length.\n" }, "schema": { "type": "string", "description": "Schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model. Must be less than or equal to 32768 characters in length.\n" } }, "requiredInputs": [ "apiId", "contentType", "schema" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "contentType": { "type": "string", "description": "The content-type for the model, for example, `application/json`. Must be between 1 and 256 characters in length.\n" }, "description": { "type": "string", "description": "Description of the model. Must be between 1 and 128 characters in length.\n" }, "name": { "type": "string", "description": "Name of the model. Must be alphanumeric. Must be between 1 and 128 characters in length.\n" }, "schema": { "type": "string", "description": "Schema for the model. This should be a [JSON schema draft 4](https://tools.ietf.org/html/draft-zyp-json-schema-04) model. Must be less than or equal to 32768 characters in length.\n" } }, "type": "object" } }, "aws:apigatewayv2/route:Route": { "description": "Manages an Amazon API Gateway Version 2 route.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html) for [WebSocket](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-develop-routes.html) and [HTTP](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html) APIs.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n name: \"example-websocket-api\",\n protocolType: \"WEBSOCKET\",\n routeSelectionExpression: \"$request.body.action\",\n});\nconst exampleRoute = new aws.apigatewayv2.Route(\"example\", {\n apiId: example.id,\n routeKey: \"$default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\",\n name=\"example-websocket-api\",\n protocol_type=\"WEBSOCKET\",\n route_selection_expression=\"$request.body.action\")\nexample_route = aws.apigatewayv2.Route(\"example\",\n api_id=example.id,\n route_key=\"$default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Api(\"example\", new()\n {\n Name = \"example-websocket-api\",\n ProtocolType = \"WEBSOCKET\",\n RouteSelectionExpression = \"$request.body.action\",\n });\n\n var exampleRoute = new Aws.ApiGatewayV2.Route(\"example\", new()\n {\n ApiId = example.Id,\n RouteKey = \"$default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tName: pulumi.String(\"example-websocket-api\"),\n\t\t\tProtocolType: pulumi.String(\"WEBSOCKET\"),\n\t\t\tRouteSelectionExpression: pulumi.String(\"$request.body.action\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigatewayv2.NewRoute(ctx, \"example\", \u0026apigatewayv2.RouteArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tRouteKey: pulumi.String(\"$default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Api;\nimport com.pulumi.aws.apigatewayv2.ApiArgs;\nimport com.pulumi.aws.apigatewayv2.Route;\nimport com.pulumi.aws.apigatewayv2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Api(\"example\", ApiArgs.builder()\n .name(\"example-websocket-api\")\n .protocolType(\"WEBSOCKET\")\n .routeSelectionExpression(\"$request.body.action\")\n .build());\n\n var exampleRoute = new Route(\"exampleRoute\", RouteArgs.builder()\n .apiId(example.id())\n .routeKey(\"$default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Api\n properties:\n name: example-websocket-api\n protocolType: WEBSOCKET\n routeSelectionExpression: $request.body.action\n exampleRoute:\n type: aws:apigatewayv2:Route\n name: example\n properties:\n apiId: ${example.id}\n routeKey: $default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTP Proxy Integration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Api(\"example\", {\n name: \"example-http-api\",\n protocolType: \"HTTP\",\n});\nconst exampleIntegration = new aws.apigatewayv2.Integration(\"example\", {\n apiId: example.id,\n integrationType: \"HTTP_PROXY\",\n integrationMethod: \"ANY\",\n integrationUri: \"https://example.com/{proxy}\",\n});\nconst exampleRoute = new aws.apigatewayv2.Route(\"example\", {\n apiId: example.id,\n routeKey: \"ANY /example/{proxy+}\",\n target: pulumi.interpolate`integrations/${exampleIntegration.id}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Api(\"example\",\n name=\"example-http-api\",\n protocol_type=\"HTTP\")\nexample_integration = aws.apigatewayv2.Integration(\"example\",\n api_id=example.id,\n integration_type=\"HTTP_PROXY\",\n integration_method=\"ANY\",\n integration_uri=\"https://example.com/{proxy}\")\nexample_route = aws.apigatewayv2.Route(\"example\",\n api_id=example.id,\n route_key=\"ANY /example/{proxy+}\",\n target=example_integration.id.apply(lambda id: f\"integrations/{id}\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Api(\"example\", new()\n {\n Name = \"example-http-api\",\n ProtocolType = \"HTTP\",\n });\n\n var exampleIntegration = new Aws.ApiGatewayV2.Integration(\"example\", new()\n {\n ApiId = example.Id,\n IntegrationType = \"HTTP_PROXY\",\n IntegrationMethod = \"ANY\",\n IntegrationUri = \"https://example.com/{proxy}\",\n });\n\n var exampleRoute = new Aws.ApiGatewayV2.Route(\"example\", new()\n {\n ApiId = example.Id,\n RouteKey = \"ANY /example/{proxy+}\",\n Target = exampleIntegration.Id.Apply(id =\u003e $\"integrations/{id}\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apigatewayv2.NewApi(ctx, \"example\", \u0026apigatewayv2.ApiArgs{\n\t\t\tName: pulumi.String(\"example-http-api\"),\n\t\t\tProtocolType: pulumi.String(\"HTTP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleIntegration, err := apigatewayv2.NewIntegration(ctx, \"example\", \u0026apigatewayv2.IntegrationArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tIntegrationType: pulumi.String(\"HTTP_PROXY\"),\n\t\t\tIntegrationMethod: pulumi.String(\"ANY\"),\n\t\t\tIntegrationUri: pulumi.String(\"https://example.com/{proxy}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigatewayv2.NewRoute(ctx, \"example\", \u0026apigatewayv2.RouteArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tRouteKey: pulumi.String(\"ANY /example/{proxy+}\"),\n\t\t\tTarget: exampleIntegration.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"integrations/%v\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Api;\nimport com.pulumi.aws.apigatewayv2.ApiArgs;\nimport com.pulumi.aws.apigatewayv2.Integration;\nimport com.pulumi.aws.apigatewayv2.IntegrationArgs;\nimport com.pulumi.aws.apigatewayv2.Route;\nimport com.pulumi.aws.apigatewayv2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Api(\"example\", ApiArgs.builder()\n .name(\"example-http-api\")\n .protocolType(\"HTTP\")\n .build());\n\n var exampleIntegration = new Integration(\"exampleIntegration\", IntegrationArgs.builder()\n .apiId(example.id())\n .integrationType(\"HTTP_PROXY\")\n .integrationMethod(\"ANY\")\n .integrationUri(\"https://example.com/{proxy}\")\n .build());\n\n var exampleRoute = new Route(\"exampleRoute\", RouteArgs.builder()\n .apiId(example.id())\n .routeKey(\"ANY /example/{proxy+}\")\n .target(exampleIntegration.id().applyValue(id -\u003e String.format(\"integrations/%s\", id)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Api\n properties:\n name: example-http-api\n protocolType: HTTP\n exampleIntegration:\n type: aws:apigatewayv2:Integration\n name: example\n properties:\n apiId: ${example.id}\n integrationType: HTTP_PROXY\n integrationMethod: ANY\n integrationUri: https://example.com/{proxy}\n exampleRoute:\n type: aws:apigatewayv2:Route\n name: example\n properties:\n apiId: ${example.id}\n routeKey: ANY /example/{proxy+}\n target: integrations/${exampleIntegration.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_route` using the API identifier and route identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/route:Route example aabbccddee/1122334\n```\n-\u003e __Note:__ The API Gateway managed route created as part of [_quick_create_](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-basic-concept.html#apigateway-definition-quick-create) cannot be imported.\n\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`. Supported only for WebSocket APIs.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "Authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, `JWT` for using JSON Web Tokens, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "operationName": { "type": "string", "description": "Operation name for the route. Must be between 1 and 64 characters in length.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Request models for the route. Supported only for WebSocket APIs.\n" }, "requestParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/RouteRequestParameter:RouteRequestParameter" }, "description": "Request parameters for the route. Supported only for WebSocket APIs.\n" }, "routeKey": { "type": "string", "description": "Route key for the route. For HTTP APIs, the route key can be either `$default`, or a combination of an HTTP method and resource path, for example, `GET /pets`.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "target": { "type": "string", "description": "Target for the route, of the form `integrations/`*`IntegrationID`*, where *`IntegrationID`* is the identifier of an `aws.apigatewayv2.Integration` resource.\n" } }, "required": [ "apiId", "routeKey" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`. Supported only for WebSocket APIs.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "Authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, `JWT` for using JSON Web Tokens, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "operationName": { "type": "string", "description": "Operation name for the route. Must be between 1 and 64 characters in length.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Request models for the route. Supported only for WebSocket APIs.\n" }, "requestParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/RouteRequestParameter:RouteRequestParameter" }, "description": "Request parameters for the route. Supported only for WebSocket APIs.\n" }, "routeKey": { "type": "string", "description": "Route key for the route. For HTTP APIs, the route key can be either `$default`, or a combination of an HTTP method and resource path, for example, `GET /pets`.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "target": { "type": "string", "description": "Target for the route, of the form `integrations/`*`IntegrationID`*, where *`IntegrationID`* is the identifier of an `aws.apigatewayv2.Integration` resource.\n" } }, "requiredInputs": [ "apiId", "routeKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "apiKeyRequired": { "type": "boolean", "description": "Boolean whether an API key is required for the route. Defaults to `false`. Supported only for WebSocket APIs.\n" }, "authorizationScopes": { "type": "array", "items": { "type": "string" }, "description": "Authorization scopes supported by this route. The scopes are used with a JWT authorizer to authorize the method invocation.\n" }, "authorizationType": { "type": "string", "description": "Authorization type for the route.\nFor WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nFor HTTP APIs, valid values are `NONE` for open access, `JWT` for using JSON Web Tokens, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.\nDefaults to `NONE`.\n" }, "authorizerId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Authorizer` resource to be associated with this route.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "operationName": { "type": "string", "description": "Operation name for the route. Must be between 1 and 64 characters in length.\n" }, "requestModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Request models for the route. Supported only for WebSocket APIs.\n" }, "requestParameters": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/RouteRequestParameter:RouteRequestParameter" }, "description": "Request parameters for the route. Supported only for WebSocket APIs.\n" }, "routeKey": { "type": "string", "description": "Route key for the route. For HTTP APIs, the route key can be either `$default`, or a combination of an HTTP method and resource path, for example, `GET /pets`.\n" }, "routeResponseSelectionExpression": { "type": "string", "description": "The [route response selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-response-selection-expressions) for the route. Supported only for WebSocket APIs.\n" }, "target": { "type": "string", "description": "Target for the route, of the form `integrations/`*`IntegrationID`*, where *`IntegrationID`* is the identifier of an `aws.apigatewayv2.Integration` resource.\n" } }, "type": "object" } }, "aws:apigatewayv2/routeResponse:RouteResponse": { "description": "Manages an Amazon API Gateway Version 2 route response.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.RouteResponse(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n routeId: exampleAwsApigatewayv2Route.id,\n routeResponseKey: \"$default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.RouteResponse(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n route_id=example_aws_apigatewayv2_route[\"id\"],\n route_response_key=\"$default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.RouteResponse(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n RouteId = exampleAwsApigatewayv2Route.Id,\n RouteResponseKey = \"$default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewRouteResponse(ctx, \"example\", \u0026apigatewayv2.RouteResponseArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tRouteId: pulumi.Any(exampleAwsApigatewayv2Route.Id),\n\t\t\tRouteResponseKey: pulumi.String(\"$default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.RouteResponse;\nimport com.pulumi.aws.apigatewayv2.RouteResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteResponse(\"example\", RouteResponseArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .routeId(exampleAwsApigatewayv2Route.id())\n .routeResponseKey(\"$default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:RouteResponse\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n routeId: ${exampleAwsApigatewayv2Route.id}\n routeResponseKey: $default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Enabling Two-Way Communication\n\nFor websocket routes that require two-way communication enabled, an `aws.apigatewayv2.RouteResponse` needs to be added to the route with `route_response_key = \"$default\"`. More information available is available in [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\nYou can only define the $default route response for WebSocket APIs. You can use an integration response to manipulate the response from a backend service. For more information, see [Overview of integration responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-integration-responses.html#apigateway-websocket-api-integration-response-overview).\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_route_response` using the API identifier, route identifier and route response identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/routeResponse:RouteResponse example aabbccddee/1122334/998877\n```\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Response models for the route response.\n" }, "routeId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Route`.\n" }, "routeResponseKey": { "type": "string", "description": "Route response key.\n" } }, "required": [ "apiId", "routeId", "routeResponseKey" ], "inputProperties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Response models for the route response.\n" }, "routeId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Route`.\n", "willReplaceOnChanges": true }, "routeResponseKey": { "type": "string", "description": "Route response key.\n" } }, "requiredInputs": [ "apiId", "routeId", "routeResponseKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteResponse resources.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "modelSelectionExpression": { "type": "string", "description": "The [model selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-model-selection-expressions) for the route response.\n" }, "responseModels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Response models for the route response.\n" }, "routeId": { "type": "string", "description": "Identifier of the `aws.apigatewayv2.Route`.\n", "willReplaceOnChanges": true }, "routeResponseKey": { "type": "string", "description": "Route response key.\n" } }, "type": "object" } }, "aws:apigatewayv2/stage:Stage": { "description": "Manages an Amazon API Gateway Version 2 stage.\nMore information can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.Stage(\"example\", {\n apiId: exampleAwsApigatewayv2Api.id,\n name: \"example-stage\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.Stage(\"example\",\n api_id=example_aws_apigatewayv2_api[\"id\"],\n name=\"example-stage\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.Stage(\"example\", new()\n {\n ApiId = exampleAwsApigatewayv2Api.Id,\n Name = \"example-stage\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewStage(ctx, \"example\", \u0026apigatewayv2.StageArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),\n\t\t\tName: pulumi.String(\"example-stage\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Stage;\nimport com.pulumi.aws.apigatewayv2.StageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Stage(\"example\", StageArgs.builder()\n .apiId(exampleAwsApigatewayv2Api.id())\n .name(\"example-stage\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:Stage\n properties:\n apiId: ${exampleAwsApigatewayv2Api.id}\n name: example-stage\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_stage` using the API identifier and stage name. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/stage:Stage example aabbccddee/example-stage\n```\n-\u003e __Note:__ The API Gateway managed stage created as part of [_quick_create_](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-basic-concept.html#apigateway-definition-quick-create) cannot be imported.\n\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "API identifier.\n" }, "arn": { "type": "string", "description": "ARN of the stage.\n" }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`. Applicable for HTTP APIs.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "Default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "Deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "Description for the stage. Must be less than or equal to 1024 characters in length.\n" }, "executionArn": { "type": "string", "description": "ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute.\nFor WebSocket APIs this attribute can additionally be used in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/`\n" }, "name": { "type": "string", "description": "Name of the stage. Must be between 1 and 128 characters in length.\n\nThe following arguments are optional:\n" }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the stage. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "apiId", "arn", "deploymentId", "executionArn", "invokeUrl", "name", "tagsAll" ], "inputProperties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`. Applicable for HTTP APIs.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "Default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "Deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "Description for the stage. Must be less than or equal to 1024 characters in length.\n" }, "name": { "type": "string", "description": "Name of the stage. Must be between 1 and 128 characters in length.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the stage. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stage resources.\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigatewayv2/StageAccessLogSettings:StageAccessLogSettings", "description": "Settings for logging access in this stage.\nUse the `aws.apigateway.Account` resource to configure [permissions for CloudWatch Logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#set-up-access-logging-permissions).\n" }, "apiId": { "type": "string", "description": "API identifier.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the stage.\n" }, "autoDeploy": { "type": "boolean", "description": "Whether updates to an API automatically trigger a new deployment. Defaults to `false`. Applicable for HTTP APIs.\n" }, "clientCertificateId": { "type": "string", "description": "Identifier of a client certificate for the stage. Use the `aws.apigateway.ClientCertificate` resource to configure a client certificate.\nSupported only for WebSocket APIs.\n" }, "defaultRouteSettings": { "$ref": "#/types/aws:apigatewayv2/StageDefaultRouteSettings:StageDefaultRouteSettings", "description": "Default route settings for the stage.\n" }, "deploymentId": { "type": "string", "description": "Deployment identifier of the stage. Use the `aws.apigatewayv2.Deployment` resource to configure a deployment.\n" }, "description": { "type": "string", "description": "Description for the stage. Must be less than or equal to 1024 characters in length.\n" }, "executionArn": { "type": "string", "description": "ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute.\nFor WebSocket APIs this attribute can additionally be used in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n" }, "invokeUrl": { "type": "string", "description": "URL to invoke the API pointing to the stage,\ne.g., `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/`\n" }, "name": { "type": "string", "description": "Name of the stage. Must be between 1 and 128 characters in length.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "routeSettings": { "type": "array", "items": { "$ref": "#/types/aws:apigatewayv2/StageRouteSetting:StageRouteSetting" }, "description": "Route settings for the stage.\n" }, "stageVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that defines the stage variables for the stage.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the stage. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apigatewayv2/vpcLink:VpcLink": { "description": "Manages an Amazon API Gateway Version 2 VPC Link.\n\n\u003e **Note:** Amazon API Gateway Version 2 VPC Links enable private integrations that connect HTTP APIs to private resources in a VPC.\nTo enable private integration for REST APIs, use the Amazon API Gateway Version 1 VPC Link resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apigatewayv2.VpcLink(\"example\", {\n name: \"example\",\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: exampleAwsSubnets.ids,\n tags: {\n Usage: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.VpcLink(\"example\",\n name=\"example\",\n security_group_ids=[example_aws_security_group[\"id\"]],\n subnet_ids=example_aws_subnets[\"ids\"],\n tags={\n \"Usage\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGatewayV2.VpcLink(\"example\", new()\n {\n Name = \"example\",\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = exampleAwsSubnets.Ids,\n Tags = \n {\n { \"Usage\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.NewVpcLink(ctx, \"example\", \u0026apigatewayv2.VpcLinkArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSubnetIds: pulumi.Any(exampleAwsSubnets.Ids),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Usage\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.VpcLink;\nimport com.pulumi.aws.apigatewayv2.VpcLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcLink(\"example\", VpcLinkArgs.builder()\n .name(\"example\")\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(exampleAwsSubnets.ids())\n .tags(Map.of(\"Usage\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigatewayv2:VpcLink\n properties:\n name: example\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n subnetIds: ${exampleAwsSubnets.ids}\n tags:\n Usage: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_apigatewayv2_vpc_link` using the VPC Link identifier. For example:\n\n```sh\n$ pulumi import aws:apigatewayv2/vpcLink:VpcLink example aabbccddee\n```\n", "properties": { "arn": { "type": "string", "description": "VPC Link ARN.\n" }, "name": { "type": "string", "description": "Name of the VPC Link. Must be between 1 and 128 characters in length.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the VPC Link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "securityGroupIds", "subnetIds", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the VPC Link. Must be between 1 and 128 characters in length.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the VPC Link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "securityGroupIds", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcLink resources.\n", "properties": { "arn": { "type": "string", "description": "VPC Link ARN.\n" }, "name": { "type": "string", "description": "Name of the VPC Link. Must be between 1 and 128 characters in length.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the VPC Link.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Subnet IDs for the VPC Link.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the VPC Link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appautoscaling/policy:Policy": { "description": "Provides an Application AutoScaling Policy resource.\n\n## Example Usage\n\n### DynamoDB Table Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbTableReadTarget = new aws.appautoscaling.Target(\"dynamodb_table_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: \"table/tableName\",\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\nconst dynamodbTableReadPolicy = new aws.appautoscaling.Policy(\"dynamodb_table_read_policy\", {\n name: pulumi.interpolate`DynamoDBReadCapacityUtilization:${dynamodbTableReadTarget.resourceId}`,\n policyType: \"TargetTrackingScaling\",\n resourceId: dynamodbTableReadTarget.resourceId,\n scalableDimension: dynamodbTableReadTarget.scalableDimension,\n serviceNamespace: dynamodbTableReadTarget.serviceNamespace,\n targetTrackingScalingPolicyConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"DynamoDBReadCapacityUtilization\",\n },\n targetValue: 70,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_table_read_target = aws.appautoscaling.Target(\"dynamodb_table_read_target\",\n max_capacity=100,\n min_capacity=5,\n resource_id=\"table/tableName\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\ndynamodb_table_read_policy = aws.appautoscaling.Policy(\"dynamodb_table_read_policy\",\n name=dynamodb_table_read_target.resource_id.apply(lambda resource_id: f\"DynamoDBReadCapacityUtilization:{resource_id}\"),\n policy_type=\"TargetTrackingScaling\",\n resource_id=dynamodb_table_read_target.resource_id,\n scalable_dimension=dynamodb_table_read_target.scalable_dimension,\n service_namespace=dynamodb_table_read_target.service_namespace,\n target_tracking_scaling_policy_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"DynamoDBReadCapacityUtilization\",\n },\n \"target_value\": 70,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dynamodbTableReadTarget = new Aws.AppAutoScaling.Target(\"dynamodb_table_read_target\", new()\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = \"table/tableName\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n\n var dynamodbTableReadPolicy = new Aws.AppAutoScaling.Policy(\"dynamodb_table_read_policy\", new()\n {\n Name = dynamodbTableReadTarget.ResourceId.Apply(resourceId =\u003e $\"DynamoDBReadCapacityUtilization:{resourceId}\"),\n PolicyType = \"TargetTrackingScaling\",\n ResourceId = dynamodbTableReadTarget.ResourceId,\n ScalableDimension = dynamodbTableReadTarget.ScalableDimension,\n ServiceNamespace = dynamodbTableReadTarget.ServiceNamespace,\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"DynamoDBReadCapacityUtilization\",\n },\n TargetValue = 70,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdynamodbTableReadTarget, err := appautoscaling.NewTarget(ctx, \"dynamodb_table_read_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(\"table/tableName\"),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"dynamodb_table_read_policy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tName: dynamodbTableReadTarget.ResourceId.ApplyT(func(resourceId string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"DynamoDBReadCapacityUtilization:%v\", resourceId), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tResourceId: dynamodbTableReadTarget.ResourceId,\n\t\t\tScalableDimension: dynamodbTableReadTarget.ScalableDimension,\n\t\t\tServiceNamespace: dynamodbTableReadTarget.ServiceNamespace,\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"DynamoDBReadCapacityUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(70),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.Policy;\nimport com.pulumi.aws.appautoscaling.PolicyArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dynamodbTableReadTarget = new Target(\"dynamodbTableReadTarget\", TargetArgs.builder()\n .maxCapacity(100)\n .minCapacity(5)\n .resourceId(\"table/tableName\")\n .scalableDimension(\"dynamodb:table:ReadCapacityUnits\")\n .serviceNamespace(\"dynamodb\")\n .build());\n\n var dynamodbTableReadPolicy = new Policy(\"dynamodbTableReadPolicy\", PolicyArgs.builder()\n .name(dynamodbTableReadTarget.resourceId().applyValue(resourceId -\u003e String.format(\"DynamoDBReadCapacityUtilization:%s\", resourceId)))\n .policyType(\"TargetTrackingScaling\")\n .resourceId(dynamodbTableReadTarget.resourceId())\n .scalableDimension(dynamodbTableReadTarget.scalableDimension())\n .serviceNamespace(dynamodbTableReadTarget.serviceNamespace())\n .targetTrackingScalingPolicyConfiguration(PolicyTargetTrackingScalingPolicyConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"DynamoDBReadCapacityUtilization\")\n .build())\n .targetValue(70)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dynamodbTableReadTarget:\n type: aws:appautoscaling:Target\n name: dynamodb_table_read_target\n properties:\n maxCapacity: 100\n minCapacity: 5\n resourceId: table/tableName\n scalableDimension: dynamodb:table:ReadCapacityUnits\n serviceNamespace: dynamodb\n dynamodbTableReadPolicy:\n type: aws:appautoscaling:Policy\n name: dynamodb_table_read_policy\n properties:\n name: DynamoDBReadCapacityUtilization:${dynamodbTableReadTarget.resourceId}\n policyType: TargetTrackingScaling\n resourceId: ${dynamodbTableReadTarget.resourceId}\n scalableDimension: ${dynamodbTableReadTarget.scalableDimension}\n serviceNamespace: ${dynamodbTableReadTarget.serviceNamespace}\n targetTrackingScalingPolicyConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: DynamoDBReadCapacityUtilization\n targetValue: 70\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ECS Service Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: \"service/clusterName/serviceName\",\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\nconst ecsPolicy = new aws.appautoscaling.Policy(\"ecs_policy\", {\n name: \"scale-down\",\n policyType: \"StepScaling\",\n resourceId: ecsTarget.resourceId,\n scalableDimension: ecsTarget.scalableDimension,\n serviceNamespace: ecsTarget.serviceNamespace,\n stepScalingPolicyConfiguration: {\n adjustmentType: \"ChangeInCapacity\",\n cooldown: 60,\n metricAggregationType: \"Maximum\",\n stepAdjustments: [{\n metricIntervalUpperBound: \"0\",\n scalingAdjustment: -1,\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecs_target\",\n max_capacity=4,\n min_capacity=1,\n resource_id=\"service/clusterName/serviceName\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\necs_policy = aws.appautoscaling.Policy(\"ecs_policy\",\n name=\"scale-down\",\n policy_type=\"StepScaling\",\n resource_id=ecs_target.resource_id,\n scalable_dimension=ecs_target.scalable_dimension,\n service_namespace=ecs_target.service_namespace,\n step_scaling_policy_configuration={\n \"adjustment_type\": \"ChangeInCapacity\",\n \"cooldown\": 60,\n \"metric_aggregation_type\": \"Maximum\",\n \"step_adjustments\": [{\n \"metric_interval_upper_bound\": \"0\",\n \"scaling_adjustment\": -1,\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecs_target\", new()\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = \"service/clusterName/serviceName\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n\n var ecsPolicy = new Aws.AppAutoScaling.Policy(\"ecs_policy\", new()\n {\n Name = \"scale-down\",\n PolicyType = \"StepScaling\",\n ResourceId = ecsTarget.ResourceId,\n ScalableDimension = ecsTarget.ScalableDimension,\n ServiceNamespace = ecsTarget.ServiceNamespace,\n StepScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationArgs\n {\n AdjustmentType = \"ChangeInCapacity\",\n Cooldown = 60,\n MetricAggregationType = \"Maximum\",\n StepAdjustments = new[]\n {\n new Aws.AppAutoScaling.Inputs.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs\n {\n MetricIntervalUpperBound = \"0\",\n ScalingAdjustment = -1,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecsTarget, err := appautoscaling.NewTarget(ctx, \"ecs_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(\"service/clusterName/serviceName\"),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"ecs_policy\", \u0026appautoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"scale-down\"),\n\t\t\tPolicyType: pulumi.String(\"StepScaling\"),\n\t\t\tResourceId: ecsTarget.ResourceId,\n\t\t\tScalableDimension: ecsTarget.ScalableDimension,\n\t\t\tServiceNamespace: ecsTarget.ServiceNamespace,\n\t\t\tStepScalingPolicyConfiguration: \u0026appautoscaling.PolicyStepScalingPolicyConfigurationArgs{\n\t\t\t\tAdjustmentType: pulumi.String(\"ChangeInCapacity\"),\n\t\t\t\tCooldown: pulumi.Int(60),\n\t\t\t\tMetricAggregationType: pulumi.String(\"Maximum\"),\n\t\t\t\tStepAdjustments: appautoscaling.PolicyStepScalingPolicyConfigurationStepAdjustmentArray{\n\t\t\t\t\t\u0026appautoscaling.PolicyStepScalingPolicyConfigurationStepAdjustmentArgs{\n\t\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"0\"),\n\t\t\t\t\t\tScalingAdjustment: int(-1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n ecsTarget:\n type: aws:appautoscaling:Target\n name: ecs_target\n properties:\n maxCapacity: 4\n minCapacity: 1\n resourceId: service/clusterName/serviceName\n scalableDimension: ecs:service:DesiredCount\n serviceNamespace: ecs\n ecsPolicy:\n type: aws:appautoscaling:Policy\n name: ecs_policy\n properties:\n name: scale-down\n policyType: StepScaling\n resourceId: ${ecsTarget.resourceId}\n scalableDimension: ${ecsTarget.scalableDimension}\n serviceNamespace: ${ecsTarget.serviceNamespace}\n stepScalingPolicyConfiguration:\n adjustmentType: ChangeInCapacity\n cooldown: 60\n metricAggregationType: Maximum\n stepAdjustments:\n - metricIntervalUpperBound: 0\n scalingAdjustment: -1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Preserve desired count when updating an autoscaled ECS Service\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsService = new aws.ecs.Service(\"ecs_service\", {\n name: \"serviceName\",\n cluster: \"clusterName\",\n taskDefinition: \"taskDefinitionFamily:1\",\n desiredCount: 2,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_service = aws.ecs.Service(\"ecs_service\",\n name=\"serviceName\",\n cluster=\"clusterName\",\n task_definition=\"taskDefinitionFamily:1\",\n desired_count=2)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsService = new Aws.Ecs.Service(\"ecs_service\", new()\n {\n Name = \"serviceName\",\n Cluster = \"clusterName\",\n TaskDefinition = \"taskDefinitionFamily:1\",\n DesiredCount = 2,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"ecs_service\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"serviceName\"),\n\t\t\tCluster: pulumi.String(\"clusterName\"),\n\t\t\tTaskDefinition: pulumi.String(\"taskDefinitionFamily:1\"),\n\t\t\tDesiredCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ecsService = new Service(\"ecsService\", ServiceArgs.builder()\n .name(\"serviceName\")\n .cluster(\"clusterName\")\n .taskDefinition(\"taskDefinitionFamily:1\")\n .desiredCount(2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsService:\n type: aws:ecs:Service\n name: ecs_service\n properties:\n name: serviceName\n cluster: clusterName\n taskDefinition: taskDefinitionFamily:1\n desiredCount: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Aurora Read Replica Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicas = new aws.appautoscaling.Target(\"replicas\", {\n serviceNamespace: \"rds\",\n scalableDimension: \"rds:cluster:ReadReplicaCount\",\n resourceId: `cluster:${example.id}`,\n minCapacity: 1,\n maxCapacity: 15,\n});\nconst replicasPolicy = new aws.appautoscaling.Policy(\"replicas\", {\n name: \"cpu-auto-scaling\",\n serviceNamespace: replicas.serviceNamespace,\n scalableDimension: replicas.scalableDimension,\n resourceId: replicas.resourceId,\n policyType: \"TargetTrackingScaling\",\n targetTrackingScalingPolicyConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"RDSReaderAverageCPUUtilization\",\n },\n targetValue: 75,\n scaleInCooldown: 300,\n scaleOutCooldown: 300,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplicas = aws.appautoscaling.Target(\"replicas\",\n service_namespace=\"rds\",\n scalable_dimension=\"rds:cluster:ReadReplicaCount\",\n resource_id=f\"cluster:{example['id']}\",\n min_capacity=1,\n max_capacity=15)\nreplicas_policy = aws.appautoscaling.Policy(\"replicas\",\n name=\"cpu-auto-scaling\",\n service_namespace=replicas.service_namespace,\n scalable_dimension=replicas.scalable_dimension,\n resource_id=replicas.resource_id,\n policy_type=\"TargetTrackingScaling\",\n target_tracking_scaling_policy_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"RDSReaderAverageCPUUtilization\",\n },\n \"target_value\": 75,\n \"scale_in_cooldown\": 300,\n \"scale_out_cooldown\": 300,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replicas = new Aws.AppAutoScaling.Target(\"replicas\", new()\n {\n ServiceNamespace = \"rds\",\n ScalableDimension = \"rds:cluster:ReadReplicaCount\",\n ResourceId = $\"cluster:{example.Id}\",\n MinCapacity = 1,\n MaxCapacity = 15,\n });\n\n var replicasPolicy = new Aws.AppAutoScaling.Policy(\"replicas\", new()\n {\n Name = \"cpu-auto-scaling\",\n ServiceNamespace = replicas.ServiceNamespace,\n ScalableDimension = replicas.ScalableDimension,\n ResourceId = replicas.ResourceId,\n PolicyType = \"TargetTrackingScaling\",\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"RDSReaderAverageCPUUtilization\",\n },\n TargetValue = 75,\n ScaleInCooldown = 300,\n ScaleOutCooldown = 300,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treplicas, err := appautoscaling.NewTarget(ctx, \"replicas\", \u0026appautoscaling.TargetArgs{\n\t\t\tServiceNamespace: pulumi.String(\"rds\"),\n\t\t\tScalableDimension: pulumi.String(\"rds:cluster:ReadReplicaCount\"),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"cluster:%v\", example.Id)),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tMaxCapacity: pulumi.Int(15),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"replicas\", \u0026appautoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"cpu-auto-scaling\"),\n\t\t\tServiceNamespace: replicas.ServiceNamespace,\n\t\t\tScalableDimension: replicas.ScalableDimension,\n\t\t\tResourceId: replicas.ResourceId,\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"RDSReaderAverageCPUUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(75),\n\t\t\t\tScaleInCooldown: pulumi.Int(300),\n\t\t\t\tScaleOutCooldown: pulumi.Int(300),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.Policy;\nimport com.pulumi.aws.appautoscaling.PolicyArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replicas = new Target(\"replicas\", TargetArgs.builder()\n .serviceNamespace(\"rds\")\n .scalableDimension(\"rds:cluster:ReadReplicaCount\")\n .resourceId(String.format(\"cluster:%s\", example.id()))\n .minCapacity(1)\n .maxCapacity(15)\n .build());\n\n var replicasPolicy = new Policy(\"replicasPolicy\", PolicyArgs.builder()\n .name(\"cpu-auto-scaling\")\n .serviceNamespace(replicas.serviceNamespace())\n .scalableDimension(replicas.scalableDimension())\n .resourceId(replicas.resourceId())\n .policyType(\"TargetTrackingScaling\")\n .targetTrackingScalingPolicyConfiguration(PolicyTargetTrackingScalingPolicyConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"RDSReaderAverageCPUUtilization\")\n .build())\n .targetValue(75)\n .scaleInCooldown(300)\n .scaleOutCooldown(300)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicas:\n type: aws:appautoscaling:Target\n properties:\n serviceNamespace: rds\n scalableDimension: rds:cluster:ReadReplicaCount\n resourceId: cluster:${example.id}\n minCapacity: 1\n maxCapacity: 15\n replicasPolicy:\n type: aws:appautoscaling:Policy\n name: replicas\n properties:\n name: cpu-auto-scaling\n serviceNamespace: ${replicas.serviceNamespace}\n scalableDimension: ${replicas.scalableDimension}\n resourceId: ${replicas.resourceId}\n policyType: TargetTrackingScaling\n targetTrackingScalingPolicyConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: RDSReaderAverageCPUUtilization\n targetValue: 75\n scaleInCooldown: 300\n scaleOutCooldown: 300\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create target tracking scaling policy using metric math\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: \"service/clusterName/serviceName\",\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\nconst example = new aws.appautoscaling.Policy(\"example\", {\n name: \"foo\",\n policyType: \"TargetTrackingScaling\",\n resourceId: ecsTarget.resourceId,\n scalableDimension: ecsTarget.scalableDimension,\n serviceNamespace: ecsTarget.serviceNamespace,\n targetTrackingScalingPolicyConfiguration: {\n targetValue: 100,\n customizedMetricSpecification: {\n metrics: [\n {\n label: \"Get the queue size (the number of messages waiting to be processed)\",\n id: \"m1\",\n metricStat: {\n metric: {\n metricName: \"ApproximateNumberOfMessagesVisible\",\n namespace: \"AWS/SQS\",\n dimensions: [{\n name: \"QueueName\",\n value: \"my-queue\",\n }],\n },\n stat: \"Sum\",\n },\n returnData: false,\n },\n {\n label: \"Get the ECS running task count (the number of currently running tasks)\",\n id: \"m2\",\n metricStat: {\n metric: {\n metricName: \"RunningTaskCount\",\n namespace: \"ECS/ContainerInsights\",\n dimensions: [\n {\n name: \"ClusterName\",\n value: \"default\",\n },\n {\n name: \"ServiceName\",\n value: \"web-app\",\n },\n ],\n },\n stat: \"Average\",\n },\n returnData: false,\n },\n {\n label: \"Calculate the backlog per instance\",\n id: \"e1\",\n expression: \"m1 / m2\",\n returnData: true,\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecs_target\",\n max_capacity=4,\n min_capacity=1,\n resource_id=\"service/clusterName/serviceName\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\nexample = aws.appautoscaling.Policy(\"example\",\n name=\"foo\",\n policy_type=\"TargetTrackingScaling\",\n resource_id=ecs_target.resource_id,\n scalable_dimension=ecs_target.scalable_dimension,\n service_namespace=ecs_target.service_namespace,\n target_tracking_scaling_policy_configuration={\n \"target_value\": 100,\n \"customized_metric_specification\": {\n \"metrics\": [\n {\n \"label\": \"Get the queue size (the number of messages waiting to be processed)\",\n \"id\": \"m1\",\n \"metric_stat\": {\n \"metric\": {\n \"metric_name\": \"ApproximateNumberOfMessagesVisible\",\n \"namespace\": \"AWS/SQS\",\n \"dimensions\": [{\n \"name\": \"QueueName\",\n \"value\": \"my-queue\",\n }],\n },\n \"stat\": \"Sum\",\n },\n \"return_data\": False,\n },\n {\n \"label\": \"Get the ECS running task count (the number of currently running tasks)\",\n \"id\": \"m2\",\n \"metric_stat\": {\n \"metric\": {\n \"metric_name\": \"RunningTaskCount\",\n \"namespace\": \"ECS/ContainerInsights\",\n \"dimensions\": [\n {\n \"name\": \"ClusterName\",\n \"value\": \"default\",\n },\n {\n \"name\": \"ServiceName\",\n \"value\": \"web-app\",\n },\n ],\n },\n \"stat\": \"Average\",\n },\n \"return_data\": False,\n },\n {\n \"label\": \"Calculate the backlog per instance\",\n \"id\": \"e1\",\n \"expression\": \"m1 / m2\",\n \"return_data\": True,\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecs_target\", new()\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = \"service/clusterName/serviceName\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n\n var example = new Aws.AppAutoScaling.Policy(\"example\", new()\n {\n Name = \"foo\",\n PolicyType = \"TargetTrackingScaling\",\n ResourceId = ecsTarget.ResourceId,\n ScalableDimension = ecsTarget.ScalableDimension,\n ServiceNamespace = ecsTarget.ServiceNamespace,\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n TargetValue = 100,\n CustomizedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationArgs\n {\n Metrics = new[]\n {\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Get the queue size (the number of messages waiting to be processed)\",\n Id = \"m1\",\n MetricStat = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs\n {\n Metric = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs\n {\n MetricName = \"ApproximateNumberOfMessagesVisible\",\n Namespace = \"AWS/SQS\",\n Dimensions = new[]\n {\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs\n {\n Name = \"QueueName\",\n Value = \"my-queue\",\n },\n },\n },\n Stat = \"Sum\",\n },\n ReturnData = false,\n },\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Get the ECS running task count (the number of currently running tasks)\",\n Id = \"m2\",\n MetricStat = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs\n {\n Metric = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs\n {\n MetricName = \"RunningTaskCount\",\n Namespace = \"ECS/ContainerInsights\",\n Dimensions = new[]\n {\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs\n {\n Name = \"ClusterName\",\n Value = \"default\",\n },\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs\n {\n Name = \"ServiceName\",\n Value = \"web-app\",\n },\n },\n },\n Stat = \"Average\",\n },\n ReturnData = false,\n },\n new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Calculate the backlog per instance\",\n Id = \"e1\",\n Expression = \"m1 / m2\",\n ReturnData = true,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecsTarget, err := appautoscaling.NewTarget(ctx, \"ecs_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(\"service/clusterName/serviceName\"),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"example\", \u0026appautoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tResourceId: ecsTarget.ResourceId,\n\t\t\tScalableDimension: ecsTarget.ScalableDimension,\n\t\t\tServiceNamespace: ecsTarget.ServiceNamespace,\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tTargetValue: pulumi.Float64(100),\n\t\t\t\tCustomizedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationArgs{\n\t\t\t\t\tMetrics: appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArray{\n\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Get the queue size (the number of messages waiting to be processed)\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\t\t\tMetricStat: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs{\n\t\t\t\t\t\t\t\tMetric: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs{\n\t\t\t\t\t\t\t\t\tMetricName: pulumi.String(\"ApproximateNumberOfMessagesVisible\"),\n\t\t\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/SQS\"),\n\t\t\t\t\t\t\t\t\tDimensions: appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"QueueName\"),\n\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"my-queue\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Get the ECS running task count (the number of currently running tasks)\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"m2\"),\n\t\t\t\t\t\t\tMetricStat: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs{\n\t\t\t\t\t\t\t\tMetric: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs{\n\t\t\t\t\t\t\t\t\tMetricName: pulumi.String(\"RunningTaskCount\"),\n\t\t\t\t\t\t\t\t\tNamespace: pulumi.String(\"ECS/ContainerInsights\"),\n\t\t\t\t\t\t\t\t\tDimensions: appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"ClusterName\"),\n\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"default\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"ServiceName\"),\n\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"web-app\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tStat: pulumi.String(\"Average\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Calculate the backlog per instance\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\t\t\tExpression: pulumi.String(\"m1 / m2\"),\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.Policy;\nimport com.pulumi.aws.appautoscaling.PolicyArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ecsTarget = new Target(\"ecsTarget\", TargetArgs.builder()\n .maxCapacity(4)\n .minCapacity(1)\n .resourceId(\"service/clusterName/serviceName\")\n .scalableDimension(\"ecs:service:DesiredCount\")\n .serviceNamespace(\"ecs\")\n .build());\n\n var example = new Policy(\"example\", PolicyArgs.builder()\n .name(\"foo\")\n .policyType(\"TargetTrackingScaling\")\n .resourceId(ecsTarget.resourceId())\n .scalableDimension(ecsTarget.scalableDimension())\n .serviceNamespace(ecsTarget.serviceNamespace())\n .targetTrackingScalingPolicyConfiguration(PolicyTargetTrackingScalingPolicyConfigurationArgs.builder()\n .targetValue(100)\n .customizedMetricSpecification(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationArgs.builder()\n .metrics( \n PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Get the queue size (the number of messages waiting to be processed)\")\n .id(\"m1\")\n .metricStat(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs.builder()\n .metric(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs.builder()\n .metricName(\"ApproximateNumberOfMessagesVisible\")\n .namespace(\"AWS/SQS\")\n .dimensions(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs.builder()\n .name(\"QueueName\")\n .value(\"my-queue\")\n .build())\n .build())\n .stat(\"Sum\")\n .build())\n .returnData(false)\n .build(),\n PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Get the ECS running task count (the number of currently running tasks)\")\n .id(\"m2\")\n .metricStat(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatArgs.builder()\n .metric(PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs.builder()\n .metricName(\"RunningTaskCount\")\n .namespace(\"ECS/ContainerInsights\")\n .dimensions( \n PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs.builder()\n .name(\"ClusterName\")\n .value(\"default\")\n .build(),\n PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs.builder()\n .name(\"ServiceName\")\n .value(\"web-app\")\n .build())\n .build())\n .stat(\"Average\")\n .build())\n .returnData(false)\n .build(),\n PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Calculate the backlog per instance\")\n .id(\"e1\")\n .expression(\"m1 / m2\")\n .returnData(true)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsTarget:\n type: aws:appautoscaling:Target\n name: ecs_target\n properties:\n maxCapacity: 4\n minCapacity: 1\n resourceId: service/clusterName/serviceName\n scalableDimension: ecs:service:DesiredCount\n serviceNamespace: ecs\n example:\n type: aws:appautoscaling:Policy\n properties:\n name: foo\n policyType: TargetTrackingScaling\n resourceId: ${ecsTarget.resourceId}\n scalableDimension: ${ecsTarget.scalableDimension}\n serviceNamespace: ${ecsTarget.serviceNamespace}\n targetTrackingScalingPolicyConfiguration:\n targetValue: 100\n customizedMetricSpecification:\n metrics:\n - label: Get the queue size (the number of messages waiting to be processed)\n id: m1\n metricStat:\n metric:\n metricName: ApproximateNumberOfMessagesVisible\n namespace: AWS/SQS\n dimensions:\n - name: QueueName\n value: my-queue\n stat: Sum\n returnData: false\n - label: Get the ECS running task count (the number of currently running tasks)\n id: m2\n metricStat:\n metric:\n metricName: RunningTaskCount\n namespace: ECS/ContainerInsights\n dimensions:\n - name: ClusterName\n value: default\n - name: ServiceName\n value: web-app\n stat: Average\n returnData: false\n - label: Calculate the backlog per instance\n id: e1\n expression: m1 / m2\n returnData: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MSK / Kafka Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mskTarget = new aws.appautoscaling.Target(\"msk_target\", {\n serviceNamespace: \"kafka\",\n scalableDimension: \"kafka:broker-storage:VolumeSize\",\n resourceId: example.arn,\n minCapacity: 1,\n maxCapacity: 8,\n});\nconst targets = new aws.appautoscaling.Policy(\"targets\", {\n name: \"storage-size-auto-scaling\",\n serviceNamespace: mskTarget.serviceNamespace,\n scalableDimension: mskTarget.scalableDimension,\n resourceId: mskTarget.resourceId,\n policyType: \"TargetTrackingScaling\",\n targetTrackingScalingPolicyConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"KafkaBrokerStorageUtilization\",\n },\n targetValue: 55,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmsk_target = aws.appautoscaling.Target(\"msk_target\",\n service_namespace=\"kafka\",\n scalable_dimension=\"kafka:broker-storage:VolumeSize\",\n resource_id=example[\"arn\"],\n min_capacity=1,\n max_capacity=8)\ntargets = aws.appautoscaling.Policy(\"targets\",\n name=\"storage-size-auto-scaling\",\n service_namespace=msk_target.service_namespace,\n scalable_dimension=msk_target.scalable_dimension,\n resource_id=msk_target.resource_id,\n policy_type=\"TargetTrackingScaling\",\n target_tracking_scaling_policy_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"KafkaBrokerStorageUtilization\",\n },\n \"target_value\": 55,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mskTarget = new Aws.AppAutoScaling.Target(\"msk_target\", new()\n {\n ServiceNamespace = \"kafka\",\n ScalableDimension = \"kafka:broker-storage:VolumeSize\",\n ResourceId = example.Arn,\n MinCapacity = 1,\n MaxCapacity = 8,\n });\n\n var targets = new Aws.AppAutoScaling.Policy(\"targets\", new()\n {\n Name = \"storage-size-auto-scaling\",\n ServiceNamespace = mskTarget.ServiceNamespace,\n ScalableDimension = mskTarget.ScalableDimension,\n ResourceId = mskTarget.ResourceId,\n PolicyType = \"TargetTrackingScaling\",\n TargetTrackingScalingPolicyConfiguration = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AppAutoScaling.Inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"KafkaBrokerStorageUtilization\",\n },\n TargetValue = 55,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmskTarget, err := appautoscaling.NewTarget(ctx, \"msk_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tServiceNamespace: pulumi.String(\"kafka\"),\n\t\t\tScalableDimension: pulumi.String(\"kafka:broker-storage:VolumeSize\"),\n\t\t\tResourceId: pulumi.Any(example.Arn),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tMaxCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewPolicy(ctx, \"targets\", \u0026appautoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"storage-size-auto-scaling\"),\n\t\t\tServiceNamespace: mskTarget.ServiceNamespace,\n\t\t\tScalableDimension: mskTarget.ScalableDimension,\n\t\t\tResourceId: mskTarget.ResourceId,\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tTargetTrackingScalingPolicyConfiguration: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026appautoscaling.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"KafkaBrokerStorageUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(55),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.Policy;\nimport com.pulumi.aws.appautoscaling.PolicyArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationArgs;\nimport com.pulumi.aws.appautoscaling.inputs.PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mskTarget = new Target(\"mskTarget\", TargetArgs.builder()\n .serviceNamespace(\"kafka\")\n .scalableDimension(\"kafka:broker-storage:VolumeSize\")\n .resourceId(example.arn())\n .minCapacity(1)\n .maxCapacity(8)\n .build());\n\n var targets = new Policy(\"targets\", PolicyArgs.builder()\n .name(\"storage-size-auto-scaling\")\n .serviceNamespace(mskTarget.serviceNamespace())\n .scalableDimension(mskTarget.scalableDimension())\n .resourceId(mskTarget.resourceId())\n .policyType(\"TargetTrackingScaling\")\n .targetTrackingScalingPolicyConfiguration(PolicyTargetTrackingScalingPolicyConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"KafkaBrokerStorageUtilization\")\n .build())\n .targetValue(55)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mskTarget:\n type: aws:appautoscaling:Target\n name: msk_target\n properties:\n serviceNamespace: kafka\n scalableDimension: kafka:broker-storage:VolumeSize\n resourceId: ${example.arn}\n minCapacity: 1\n maxCapacity: 8\n targets:\n type: aws:appautoscaling:Policy\n properties:\n name: storage-size-auto-scaling\n serviceNamespace: ${mskTarget.serviceNamespace}\n scalableDimension: ${mskTarget.scalableDimension}\n resourceId: ${mskTarget.resourceId}\n policyType: TargetTrackingScaling\n targetTrackingScalingPolicyConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: KafkaBrokerStorageUtilization\n targetValue: 55\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Application AutoScaling Policy using the `service-namespace` , `resource-id`, `scalable-dimension` and `policy-name` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:appautoscaling/policy:Policy test-policy service-namespace/resource-id/scalable-dimension/policy-name\n```\n", "properties": { "alarmArns": { "type": "array", "items": { "type": "string" }, "description": "List of CloudWatch alarm ARNs associated with the scaling policy.\n" }, "arn": { "type": "string", "description": "ARN assigned by AWS to the scaling policy.\n" }, "name": { "type": "string", "description": "Name of the policy. Must be between 1 and 255 characters in length.\n" }, "policyType": { "type": "string", "description": "Policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n" }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n" }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "Target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "required": [ "alarmArns", "arn", "name", "resourceId", "scalableDimension", "serviceNamespace" ], "inputProperties": { "name": { "type": "string", "description": "Name of the policy. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "Target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "requiredInputs": [ "resourceId", "scalableDimension", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "alarmArns": { "type": "array", "items": { "type": "string" }, "description": "List of CloudWatch alarm ARNs associated with the scaling policy.\n" }, "arn": { "type": "string", "description": "ARN assigned by AWS to the scaling policy.\n" }, "name": { "type": "string", "description": "Name of the policy. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Policy type. Valid values are `StepScaling` and `TargetTrackingScaling`. Defaults to `StepScaling`. Certain services only support only one policy type. For more information see the [Target Tracking Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and [Step Scaling Policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) documentation.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html)\n", "willReplaceOnChanges": true }, "stepScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyStepScalingPolicyConfiguration:PolicyStepScalingPolicyConfiguration", "description": "Step scaling policy configuration, requires `policy_type = \"StepScaling\"` (default). See supported fields below.\n" }, "targetTrackingScalingPolicyConfiguration": { "$ref": "#/types/aws:appautoscaling/PolicyTargetTrackingScalingPolicyConfiguration:PolicyTargetTrackingScalingPolicyConfiguration", "description": "Target tracking policy, requires `policy_type = \"TargetTrackingScaling\"`. See supported fields below.\n" } }, "type": "object" } }, "aws:appautoscaling/scheduledAction:ScheduledAction": { "description": "Provides an Application AutoScaling ScheduledAction resource.\n\n## Example Usage\n\n### DynamoDB Table Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodb = new aws.appautoscaling.Target(\"dynamodb\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: \"table/tableName\",\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\nconst dynamodbScheduledAction = new aws.appautoscaling.ScheduledAction(\"dynamodb\", {\n name: \"dynamodb\",\n serviceNamespace: dynamodb.serviceNamespace,\n resourceId: dynamodb.resourceId,\n scalableDimension: dynamodb.scalableDimension,\n schedule: \"at(2006-01-02T15:04:05)\",\n scalableTargetAction: {\n minCapacity: 1,\n maxCapacity: 200,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb = aws.appautoscaling.Target(\"dynamodb\",\n max_capacity=100,\n min_capacity=5,\n resource_id=\"table/tableName\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\ndynamodb_scheduled_action = aws.appautoscaling.ScheduledAction(\"dynamodb\",\n name=\"dynamodb\",\n service_namespace=dynamodb.service_namespace,\n resource_id=dynamodb.resource_id,\n scalable_dimension=dynamodb.scalable_dimension,\n schedule=\"at(2006-01-02T15:04:05)\",\n scalable_target_action={\n \"min_capacity\": 1,\n \"max_capacity\": 200,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dynamodb = new Aws.AppAutoScaling.Target(\"dynamodb\", new()\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = \"table/tableName\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n\n var dynamodbScheduledAction = new Aws.AppAutoScaling.ScheduledAction(\"dynamodb\", new()\n {\n Name = \"dynamodb\",\n ServiceNamespace = dynamodb.ServiceNamespace,\n ResourceId = dynamodb.ResourceId,\n ScalableDimension = dynamodb.ScalableDimension,\n Schedule = \"at(2006-01-02T15:04:05)\",\n ScalableTargetAction = new Aws.AppAutoScaling.Inputs.ScheduledActionScalableTargetActionArgs\n {\n MinCapacity = 1,\n MaxCapacity = 200,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdynamodb, err := appautoscaling.NewTarget(ctx, \"dynamodb\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(\"table/tableName\"),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewScheduledAction(ctx, \"dynamodb\", \u0026appautoscaling.ScheduledActionArgs{\n\t\t\tName: pulumi.String(\"dynamodb\"),\n\t\t\tServiceNamespace: dynamodb.ServiceNamespace,\n\t\t\tResourceId: dynamodb.ResourceId,\n\t\t\tScalableDimension: dynamodb.ScalableDimension,\n\t\t\tSchedule: pulumi.String(\"at(2006-01-02T15:04:05)\"),\n\t\t\tScalableTargetAction: \u0026appautoscaling.ScheduledActionScalableTargetActionArgs{\n\t\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\t\tMaxCapacity: pulumi.Int(200),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.ScheduledAction;\nimport com.pulumi.aws.appautoscaling.ScheduledActionArgs;\nimport com.pulumi.aws.appautoscaling.inputs.ScheduledActionScalableTargetActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dynamodb = new Target(\"dynamodb\", TargetArgs.builder()\n .maxCapacity(100)\n .minCapacity(5)\n .resourceId(\"table/tableName\")\n .scalableDimension(\"dynamodb:table:ReadCapacityUnits\")\n .serviceNamespace(\"dynamodb\")\n .build());\n\n var dynamodbScheduledAction = new ScheduledAction(\"dynamodbScheduledAction\", ScheduledActionArgs.builder()\n .name(\"dynamodb\")\n .serviceNamespace(dynamodb.serviceNamespace())\n .resourceId(dynamodb.resourceId())\n .scalableDimension(dynamodb.scalableDimension())\n .schedule(\"at(2006-01-02T15:04:05)\")\n .scalableTargetAction(ScheduledActionScalableTargetActionArgs.builder()\n .minCapacity(1)\n .maxCapacity(200)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dynamodb:\n type: aws:appautoscaling:Target\n properties:\n maxCapacity: 100\n minCapacity: 5\n resourceId: table/tableName\n scalableDimension: dynamodb:table:ReadCapacityUnits\n serviceNamespace: dynamodb\n dynamodbScheduledAction:\n type: aws:appautoscaling:ScheduledAction\n name: dynamodb\n properties:\n name: dynamodb\n serviceNamespace: ${dynamodb.serviceNamespace}\n resourceId: ${dynamodb.resourceId}\n scalableDimension: ${dynamodb.scalableDimension}\n schedule: at(2006-01-02T15:04:05)\n scalableTargetAction:\n minCapacity: 1\n maxCapacity: 200\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ECS Service Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecs = new aws.appautoscaling.Target(\"ecs\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: \"service/clusterName/serviceName\",\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\nconst ecsScheduledAction = new aws.appautoscaling.ScheduledAction(\"ecs\", {\n name: \"ecs\",\n serviceNamespace: ecs.serviceNamespace,\n resourceId: ecs.resourceId,\n scalableDimension: ecs.scalableDimension,\n schedule: \"at(2006-01-02T15:04:05)\",\n scalableTargetAction: {\n minCapacity: 1,\n maxCapacity: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs = aws.appautoscaling.Target(\"ecs\",\n max_capacity=4,\n min_capacity=1,\n resource_id=\"service/clusterName/serviceName\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\necs_scheduled_action = aws.appautoscaling.ScheduledAction(\"ecs\",\n name=\"ecs\",\n service_namespace=ecs.service_namespace,\n resource_id=ecs.resource_id,\n scalable_dimension=ecs.scalable_dimension,\n schedule=\"at(2006-01-02T15:04:05)\",\n scalable_target_action={\n \"min_capacity\": 1,\n \"max_capacity\": 10,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecs = new Aws.AppAutoScaling.Target(\"ecs\", new()\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = \"service/clusterName/serviceName\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n\n var ecsScheduledAction = new Aws.AppAutoScaling.ScheduledAction(\"ecs\", new()\n {\n Name = \"ecs\",\n ServiceNamespace = ecs.ServiceNamespace,\n ResourceId = ecs.ResourceId,\n ScalableDimension = ecs.ScalableDimension,\n Schedule = \"at(2006-01-02T15:04:05)\",\n ScalableTargetAction = new Aws.AppAutoScaling.Inputs.ScheduledActionScalableTargetActionArgs\n {\n MinCapacity = 1,\n MaxCapacity = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tecs, err := appautoscaling.NewTarget(ctx, \"ecs\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(\"service/clusterName/serviceName\"),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appautoscaling.NewScheduledAction(ctx, \"ecs\", \u0026appautoscaling.ScheduledActionArgs{\n\t\t\tName: pulumi.String(\"ecs\"),\n\t\t\tServiceNamespace: ecs.ServiceNamespace,\n\t\t\tResourceId: ecs.ResourceId,\n\t\t\tScalableDimension: ecs.ScalableDimension,\n\t\t\tSchedule: pulumi.String(\"at(2006-01-02T15:04:05)\"),\n\t\t\tScalableTargetAction: \u0026appautoscaling.ScheduledActionScalableTargetActionArgs{\n\t\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\t\tMaxCapacity: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport com.pulumi.aws.appautoscaling.ScheduledAction;\nimport com.pulumi.aws.appautoscaling.ScheduledActionArgs;\nimport com.pulumi.aws.appautoscaling.inputs.ScheduledActionScalableTargetActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ecs = new Target(\"ecs\", TargetArgs.builder()\n .maxCapacity(4)\n .minCapacity(1)\n .resourceId(\"service/clusterName/serviceName\")\n .scalableDimension(\"ecs:service:DesiredCount\")\n .serviceNamespace(\"ecs\")\n .build());\n\n var ecsScheduledAction = new ScheduledAction(\"ecsScheduledAction\", ScheduledActionArgs.builder()\n .name(\"ecs\")\n .serviceNamespace(ecs.serviceNamespace())\n .resourceId(ecs.resourceId())\n .scalableDimension(ecs.scalableDimension())\n .schedule(\"at(2006-01-02T15:04:05)\")\n .scalableTargetAction(ScheduledActionScalableTargetActionArgs.builder()\n .minCapacity(1)\n .maxCapacity(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecs:\n type: aws:appautoscaling:Target\n properties:\n maxCapacity: 4\n minCapacity: 1\n resourceId: service/clusterName/serviceName\n scalableDimension: ecs:service:DesiredCount\n serviceNamespace: ecs\n ecsScheduledAction:\n type: aws:appautoscaling:ScheduledAction\n name: ecs\n properties:\n name: ecs\n serviceNamespace: ${ecs.serviceNamespace}\n resourceId: ${ecs.resourceId}\n scalableDimension: ${ecs.scalableDimension}\n schedule: at(2006-01-02T15:04:05)\n scalableTargetAction:\n minCapacity: 1\n maxCapacity: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "ARN of the scheduled action.\n" }, "endTime": { "type": "string", "description": "Date and time for the scheduled action to end in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "name": { "type": "string", "description": "Name of the scheduled action.\n" }, "resourceId": { "type": "string", "description": "Identifier of the resource associated with the scheduled action. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs:service:DesiredCount\n" }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "New minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "Schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). Times for at expressions and cron expressions are evaluated using the time zone configured in `timezone`. Documentation can be found in the `Timezone` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n" }, "serviceNamespace": { "type": "string", "description": "Namespace of the AWS service. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs\n" }, "startTime": { "type": "string", "description": "Date and time for the scheduled action to start in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "timezone": { "type": "string", "description": "Time zone used when setting a scheduled action by using an at or cron expression. Does not affect timezone for `start_time` and `end_time`. Valid values are the [canonical names of the IANA time zones supported by Joda-Time](https://www.joda.org/joda-time/timezones.html), such as `Etc/GMT+9` or `Pacific/Tahiti`. Default is `UTC`.\n" } }, "required": [ "arn", "name", "resourceId", "scalableDimension", "scalableTargetAction", "schedule", "serviceNamespace" ], "inputProperties": { "endTime": { "type": "string", "description": "Date and time for the scheduled action to end in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "name": { "type": "string", "description": "Name of the scheduled action.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "Identifier of the resource associated with the scheduled action. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n", "willReplaceOnChanges": true }, "scalableDimension": { "type": "string", "description": "Scalable dimension. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs:service:DesiredCount\n", "willReplaceOnChanges": true }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "New minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "Schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). Times for at expressions and cron expressions are evaluated using the time zone configured in `timezone`. Documentation can be found in the `Timezone` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n" }, "serviceNamespace": { "type": "string", "description": "Namespace of the AWS service. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "Date and time for the scheduled action to start in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "timezone": { "type": "string", "description": "Time zone used when setting a scheduled action by using an at or cron expression. Does not affect timezone for `start_time` and `end_time`. Valid values are the [canonical names of the IANA time zones supported by Joda-Time](https://www.joda.org/joda-time/timezones.html), such as `Etc/GMT+9` or `Pacific/Tahiti`. Default is `UTC`.\n" } }, "requiredInputs": [ "resourceId", "scalableDimension", "scalableTargetAction", "schedule", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering ScheduledAction resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the scheduled action.\n" }, "endTime": { "type": "string", "description": "Date and time for the scheduled action to end in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "name": { "type": "string", "description": "Name of the scheduled action.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "Identifier of the resource associated with the scheduled action. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n", "willReplaceOnChanges": true }, "scalableDimension": { "type": "string", "description": "Scalable dimension. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs:service:DesiredCount\n", "willReplaceOnChanges": true }, "scalableTargetAction": { "$ref": "#/types/aws:appautoscaling/ScheduledActionScalableTargetAction:ScheduledActionScalableTargetAction", "description": "New minimum and maximum capacity. You can set both values or just one. See below\n" }, "schedule": { "type": "string", "description": "Schedule for this action. The following formats are supported: At expressions - at(yyyy-mm-ddThh:mm:ss), Rate expressions - rate(valueunit), Cron expressions - cron(fields). Times for at expressions and cron expressions are evaluated using the time zone configured in `timezone`. Documentation can be found in the `Timezone` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html)\n" }, "serviceNamespace": { "type": "string", "description": "Namespace of the AWS service. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html) Example: ecs\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "Date and time for the scheduled action to start in RFC 3339 format. The timezone is not affected by the setting of `timezone`.\n" }, "timezone": { "type": "string", "description": "Time zone used when setting a scheduled action by using an at or cron expression. Does not affect timezone for `start_time` and `end_time`. Valid values are the [canonical names of the IANA time zones supported by Joda-Time](https://www.joda.org/joda-time/timezones.html), such as `Etc/GMT+9` or `Pacific/Tahiti`. Default is `UTC`.\n" } }, "type": "object" } }, "aws:appautoscaling/target:Target": { "description": "Provides an Application AutoScaling ScalableTarget resource. To manage policies which get attached to the target, see the `aws.appautoscaling.Policy` resource.\n\n\u003e **NOTE:** Scalable targets created before 2023-03-20 may not have an assigned `arn`. These resource cannot use `tags` or participate in `default_tags`. To prevent `pulumi preview` showing differences that can never be reconciled, use the `lifecycle.ignore_changes` meta-argument. See the example below.\n\n\u003e **NOTE:** The [Application Auto Scaling service automatically attempts to manage IAM Service-Linked Roles](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) when registering certain service namespaces for the first time. To manually manage this role, see the `aws.iam.ServiceLinkedRole` resource.\n\n## Example Usage\n\n### DynamoDB Table Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbTableReadTarget = new aws.appautoscaling.Target(\"dynamodb_table_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: `table/${example.name}`,\n scalableDimension: \"dynamodb:table:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_table_read_target = aws.appautoscaling.Target(\"dynamodb_table_read_target\",\n max_capacity=100,\n min_capacity=5,\n resource_id=f\"table/{example['name']}\",\n scalable_dimension=\"dynamodb:table:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dynamodbTableReadTarget = new Aws.AppAutoScaling.Target(\"dynamodb_table_read_target\", new()\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = $\"table/{example.Name}\",\n ScalableDimension = \"dynamodb:table:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"dynamodb_table_read_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"table/%v\", example.Name)),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:table:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dynamodbTableReadTarget = new Target(\"dynamodbTableReadTarget\", TargetArgs.builder()\n .maxCapacity(100)\n .minCapacity(5)\n .resourceId(String.format(\"table/%s\", example.name()))\n .scalableDimension(\"dynamodb:table:ReadCapacityUnits\")\n .serviceNamespace(\"dynamodb\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dynamodbTableReadTarget:\n type: aws:appautoscaling:Target\n name: dynamodb_table_read_target\n properties:\n maxCapacity: 100\n minCapacity: 5\n resourceId: table/${example.name}\n scalableDimension: dynamodb:table:ReadCapacityUnits\n serviceNamespace: dynamodb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### DynamoDB Index Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dynamodbIndexReadTarget = new aws.appautoscaling.Target(\"dynamodb_index_read_target\", {\n maxCapacity: 100,\n minCapacity: 5,\n resourceId: `table/${example.name}/index/${indexName}`,\n scalableDimension: \"dynamodb:index:ReadCapacityUnits\",\n serviceNamespace: \"dynamodb\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndynamodb_index_read_target = aws.appautoscaling.Target(\"dynamodb_index_read_target\",\n max_capacity=100,\n min_capacity=5,\n resource_id=f\"table/{example['name']}/index/{index_name}\",\n scalable_dimension=\"dynamodb:index:ReadCapacityUnits\",\n service_namespace=\"dynamodb\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dynamodbIndexReadTarget = new Aws.AppAutoScaling.Target(\"dynamodb_index_read_target\", new()\n {\n MaxCapacity = 100,\n MinCapacity = 5,\n ResourceId = $\"table/{example.Name}/index/{indexName}\",\n ScalableDimension = \"dynamodb:index:ReadCapacityUnits\",\n ServiceNamespace = \"dynamodb\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"dynamodb_index_read_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(100),\n\t\t\tMinCapacity: pulumi.Int(5),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"table/%v/index/%v\", example.Name, indexName)),\n\t\t\tScalableDimension: pulumi.String(\"dynamodb:index:ReadCapacityUnits\"),\n\t\t\tServiceNamespace: pulumi.String(\"dynamodb\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dynamodbIndexReadTarget = new Target(\"dynamodbIndexReadTarget\", TargetArgs.builder()\n .maxCapacity(100)\n .minCapacity(5)\n .resourceId(String.format(\"table/%s/index/%s\", example.name(),indexName))\n .scalableDimension(\"dynamodb:index:ReadCapacityUnits\")\n .serviceNamespace(\"dynamodb\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dynamodbIndexReadTarget:\n type: aws:appautoscaling:Target\n name: dynamodb_index_read_target\n properties:\n maxCapacity: 100\n minCapacity: 5\n resourceId: table/${example.name}/index/${indexName}\n scalableDimension: dynamodb:index:ReadCapacityUnits\n serviceNamespace: dynamodb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ECS Service Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: `service/${example.name}/${exampleAwsEcsService.name}`,\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecs_target\",\n max_capacity=4,\n min_capacity=1,\n resource_id=f\"service/{example['name']}/{example_aws_ecs_service['name']}\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecs_target\", new()\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = $\"service/{example.Name}/{exampleAwsEcsService.Name}\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"ecs_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"service/%v/%v\", example.Name, exampleAwsEcsService.Name)),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ecsTarget = new Target(\"ecsTarget\", TargetArgs.builder()\n .maxCapacity(4)\n .minCapacity(1)\n .resourceId(String.format(\"service/%s/%s\", example.name(),exampleAwsEcsService.name()))\n .scalableDimension(\"ecs:service:DesiredCount\")\n .serviceNamespace(\"ecs\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsTarget:\n type: aws:appautoscaling:Target\n name: ecs_target\n properties:\n maxCapacity: 4\n minCapacity: 1\n resourceId: service/${example.name}/${exampleAwsEcsService.name}\n scalableDimension: ecs:service:DesiredCount\n serviceNamespace: ecs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Aurora Read Replica Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicas = new aws.appautoscaling.Target(\"replicas\", {\n serviceNamespace: \"rds\",\n scalableDimension: \"rds:cluster:ReadReplicaCount\",\n resourceId: `cluster:${example.id}`,\n minCapacity: 1,\n maxCapacity: 15,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplicas = aws.appautoscaling.Target(\"replicas\",\n service_namespace=\"rds\",\n scalable_dimension=\"rds:cluster:ReadReplicaCount\",\n resource_id=f\"cluster:{example['id']}\",\n min_capacity=1,\n max_capacity=15)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replicas = new Aws.AppAutoScaling.Target(\"replicas\", new()\n {\n ServiceNamespace = \"rds\",\n ScalableDimension = \"rds:cluster:ReadReplicaCount\",\n ResourceId = $\"cluster:{example.Id}\",\n MinCapacity = 1,\n MaxCapacity = 15,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"replicas\", \u0026appautoscaling.TargetArgs{\n\t\t\tServiceNamespace: pulumi.String(\"rds\"),\n\t\t\tScalableDimension: pulumi.String(\"rds:cluster:ReadReplicaCount\"),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"cluster:%v\", example.Id)),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tMaxCapacity: pulumi.Int(15),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replicas = new Target(\"replicas\", TargetArgs.builder()\n .serviceNamespace(\"rds\")\n .scalableDimension(\"rds:cluster:ReadReplicaCount\")\n .resourceId(String.format(\"cluster:%s\", example.id()))\n .minCapacity(1)\n .maxCapacity(15)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicas:\n type: aws:appautoscaling:Target\n properties:\n serviceNamespace: rds\n scalableDimension: rds:cluster:ReadReplicaCount\n resourceId: cluster:${example.id}\n minCapacity: 1\n maxCapacity: 15\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Suppressing `tags_all` Differences For Older Resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecsTarget = new aws.appautoscaling.Target(\"ecs_target\", {\n maxCapacity: 4,\n minCapacity: 1,\n resourceId: `service/${example.name}/${exampleAwsEcsService.name}`,\n scalableDimension: \"ecs:service:DesiredCount\",\n serviceNamespace: \"ecs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_target = aws.appautoscaling.Target(\"ecs_target\",\n max_capacity=4,\n min_capacity=1,\n resource_id=f\"service/{example['name']}/{example_aws_ecs_service['name']}\",\n scalable_dimension=\"ecs:service:DesiredCount\",\n service_namespace=\"ecs\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecsTarget = new Aws.AppAutoScaling.Target(\"ecs_target\", new()\n {\n MaxCapacity = 4,\n MinCapacity = 1,\n ResourceId = $\"service/{example.Name}/{exampleAwsEcsService.Name}\",\n ScalableDimension = \"ecs:service:DesiredCount\",\n ServiceNamespace = \"ecs\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"ecs_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tMaxCapacity: pulumi.Int(4),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tResourceId: pulumi.String(fmt.Sprintf(\"service/%v/%v\", example.Name, exampleAwsEcsService.Name)),\n\t\t\tScalableDimension: pulumi.String(\"ecs:service:DesiredCount\"),\n\t\t\tServiceNamespace: pulumi.String(\"ecs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ecsTarget = new Target(\"ecsTarget\", TargetArgs.builder()\n .maxCapacity(4)\n .minCapacity(1)\n .resourceId(String.format(\"service/%s/%s\", example.name(),exampleAwsEcsService.name()))\n .scalableDimension(\"ecs:service:DesiredCount\")\n .serviceNamespace(\"ecs\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsTarget:\n type: aws:appautoscaling:Target\n name: ecs_target\n properties:\n maxCapacity: 4\n minCapacity: 1\n resourceId: service/${example.name}/${exampleAwsEcsService.name}\n scalableDimension: ecs:service:DesiredCount\n serviceNamespace: ecs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MSK / Kafka Autoscaling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mskTarget = new aws.appautoscaling.Target(\"msk_target\", {\n serviceNamespace: \"kafka\",\n scalableDimension: \"kafka:broker-storage:VolumeSize\",\n resourceId: example.arn,\n minCapacity: 1,\n maxCapacity: 8,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmsk_target = aws.appautoscaling.Target(\"msk_target\",\n service_namespace=\"kafka\",\n scalable_dimension=\"kafka:broker-storage:VolumeSize\",\n resource_id=example[\"arn\"],\n min_capacity=1,\n max_capacity=8)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mskTarget = new Aws.AppAutoScaling.Target(\"msk_target\", new()\n {\n ServiceNamespace = \"kafka\",\n ScalableDimension = \"kafka:broker-storage:VolumeSize\",\n ResourceId = example.Arn,\n MinCapacity = 1,\n MaxCapacity = 8,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appautoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appautoscaling.NewTarget(ctx, \"msk_target\", \u0026appautoscaling.TargetArgs{\n\t\t\tServiceNamespace: pulumi.String(\"kafka\"),\n\t\t\tScalableDimension: pulumi.String(\"kafka:broker-storage:VolumeSize\"),\n\t\t\tResourceId: pulumi.Any(example.Arn),\n\t\t\tMinCapacity: pulumi.Int(1),\n\t\t\tMaxCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appautoscaling.Target;\nimport com.pulumi.aws.appautoscaling.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mskTarget = new Target(\"mskTarget\", TargetArgs.builder()\n .serviceNamespace(\"kafka\")\n .scalableDimension(\"kafka:broker-storage:VolumeSize\")\n .resourceId(example.arn())\n .minCapacity(1)\n .maxCapacity(8)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mskTarget:\n type: aws:appautoscaling:Target\n name: msk_target\n properties:\n serviceNamespace: kafka\n scalableDimension: kafka:broker-storage:VolumeSize\n resourceId: ${example.arn}\n minCapacity: 1\n maxCapacity: 8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Application AutoScaling Target using the `service-namespace` , `resource-id` and `scalable-dimension` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:appautoscaling/target:Target test-target service-namespace/resource-id/scalable-dimension\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the scalable target.\n" }, "maxCapacity": { "type": "integer", "description": "Max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "Min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the scalable target. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "maxCapacity", "minCapacity", "resourceId", "roleArn", "scalableDimension", "serviceNamespace", "tagsAll" ], "inputProperties": { "maxCapacity": { "type": "integer", "description": "Max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "Min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the scalable target. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "maxCapacity", "minCapacity", "resourceId", "scalableDimension", "serviceNamespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering Target resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the scalable target.\n" }, "maxCapacity": { "type": "integer", "description": "Max capacity of the scalable target.\n" }, "minCapacity": { "type": "integer", "description": "Min capacity of the scalable target.\n" }, "resourceId": { "type": "string", "description": "Resource type and unique identifier string for the resource associated with the scaling policy. Documentation can be found in the `ResourceId` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows Application AutoScaling to modify your scalable target on your behalf. This defaults to an IAM Service-Linked Role for most services and custom IAM Roles are ignored by the API for those namespaces. See the [AWS Application Auto Scaling documentation](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles) for more information about how this service interacts with IAM.\n" }, "scalableDimension": { "type": "string", "description": "Scalable dimension of the scalable target. Documentation can be found in the `ScalableDimension` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "serviceNamespace": { "type": "string", "description": "AWS service namespace of the scalable target. Documentation can be found in the `ServiceNamespace` parameter at: [AWS Application Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html#API_RegisterScalableTarget_RequestParameters)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the scalable target. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/application:Application": { "description": "Provides an AppConfig Application resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.Application(\"example\", {\n name: \"example-application-tf\",\n description: \"Example AppConfig Application\",\n tags: {\n Type: \"AppConfig Application\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.Application(\"example\",\n name=\"example-application-tf\",\n description=\"Example AppConfig Application\",\n tags={\n \"Type\": \"AppConfig Application\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.Application(\"example\", new()\n {\n Name = \"example-application-tf\",\n Description = \"Example AppConfig Application\",\n Tags = \n {\n { \"Type\", \"AppConfig Application\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.NewApplication(ctx, \"example\", \u0026appconfig.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-application-tf\"),\n\t\t\tDescription: pulumi.String(\"Example AppConfig Application\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Application\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.Application;\nimport com.pulumi.aws.appconfig.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"example-application-tf\")\n .description(\"Example AppConfig Application\")\n .tags(Map.of(\"Type\", \"AppConfig Application\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:Application\n properties:\n name: example-application-tf\n description: Example AppConfig Application\n tags:\n Type: AppConfig Application\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Applications using their application ID. For example:\n\n```sh\n$ pulumi import aws:appconfig/application:Application example 71rxuzt\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Application.\n" }, "description": { "type": "string", "description": "Description of the application. Can be at most 1024 characters.\n" }, "name": { "type": "string", "description": "Name for the application. Must be between 1 and 64 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the application. Can be at most 1024 characters.\n" }, "name": { "type": "string", "description": "Name for the application. Must be between 1 and 64 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Application.\n" }, "description": { "type": "string", "description": "Description of the application. Can be at most 1024 characters.\n" }, "name": { "type": "string", "description": "Name for the application. Must be between 1 and 64 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/configurationProfile:ConfigurationProfile": { "description": "Provides an AppConfig Configuration Profile resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.ConfigurationProfile(\"example\", {\n applicationId: exampleAwsAppconfigApplication.id,\n description: \"Example Configuration Profile\",\n name: \"example-configuration-profile-tf\",\n locationUri: \"hosted\",\n validators: [{\n content: exampleAwsLambdaFunction.arn,\n type: \"LAMBDA\",\n }],\n tags: {\n Type: \"AppConfig Configuration Profile\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.ConfigurationProfile(\"example\",\n application_id=example_aws_appconfig_application[\"id\"],\n description=\"Example Configuration Profile\",\n name=\"example-configuration-profile-tf\",\n location_uri=\"hosted\",\n validators=[{\n \"content\": example_aws_lambda_function[\"arn\"],\n \"type\": \"LAMBDA\",\n }],\n tags={\n \"Type\": \"AppConfig Configuration Profile\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.ConfigurationProfile(\"example\", new()\n {\n ApplicationId = exampleAwsAppconfigApplication.Id,\n Description = \"Example Configuration Profile\",\n Name = \"example-configuration-profile-tf\",\n LocationUri = \"hosted\",\n Validators = new[]\n {\n new Aws.AppConfig.Inputs.ConfigurationProfileValidatorArgs\n {\n Content = exampleAwsLambdaFunction.Arn,\n Type = \"LAMBDA\",\n },\n },\n Tags = \n {\n { \"Type\", \"AppConfig Configuration Profile\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.NewConfigurationProfile(ctx, \"example\", \u0026appconfig.ConfigurationProfileArgs{\n\t\t\tApplicationId: pulumi.Any(exampleAwsAppconfigApplication.Id),\n\t\t\tDescription: pulumi.String(\"Example Configuration Profile\"),\n\t\t\tName: pulumi.String(\"example-configuration-profile-tf\"),\n\t\t\tLocationUri: pulumi.String(\"hosted\"),\n\t\t\tValidators: appconfig.ConfigurationProfileValidatorArray{\n\t\t\t\t\u0026appconfig.ConfigurationProfileValidatorArgs{\n\t\t\t\t\tContent: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\tType: pulumi.String(\"LAMBDA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Configuration Profile\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.ConfigurationProfile;\nimport com.pulumi.aws.appconfig.ConfigurationProfileArgs;\nimport com.pulumi.aws.appconfig.inputs.ConfigurationProfileValidatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationProfile(\"example\", ConfigurationProfileArgs.builder()\n .applicationId(exampleAwsAppconfigApplication.id())\n .description(\"Example Configuration Profile\")\n .name(\"example-configuration-profile-tf\")\n .locationUri(\"hosted\")\n .validators(ConfigurationProfileValidatorArgs.builder()\n .content(exampleAwsLambdaFunction.arn())\n .type(\"LAMBDA\")\n .build())\n .tags(Map.of(\"Type\", \"AppConfig Configuration Profile\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:ConfigurationProfile\n properties:\n applicationId: ${exampleAwsAppconfigApplication.id}\n description: Example Configuration Profile\n name: example-configuration-profile-tf\n locationUri: hosted\n validators:\n - content: ${exampleAwsLambdaFunction.arn}\n type: LAMBDA\n tags:\n Type: AppConfig Configuration Profile\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Configuration Profiles using the configuration profile ID and application ID separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:appconfig/configurationProfile:ConfigurationProfile example 71abcde:11xxxxx\n```\n", "properties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Configuration Profile.\n" }, "configurationProfileId": { "type": "string", "description": "The configuration profile ID.\n" }, "description": { "type": "string", "description": "Description of the configuration profile. Can be at most 1024 characters.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier for an Key Management Service key to encrypt new configuration data versions in the AppConfig hosted configuration store. This attribute is only used for hosted configuration types. The identifier can be an KMS key ID, alias, or the Amazon Resource Name (ARN) of the key ID or alias.\n" }, "locationUri": { "type": "string", "description": "URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object. For the hosted configuration store, specify `hosted`. For an SSM document, specify either the document name in the format `ssm-document://\u003cDocument_name\u003e` or the ARN. For a parameter, specify either the parameter name in the format `ssm-parameter://\u003cParameter_name\u003e` or the ARN. For an Amazon S3 object, specify the URI in the following format: `s3://\u003cbucket\u003e/\u003cobjectKey\u003e`.\n" }, "name": { "type": "string", "description": "Name for the configuration profile. Must be between 1 and 64 characters in length.\n" }, "retrievalRoleArn": { "type": "string", "description": "ARN of an IAM role with permission to access the configuration at the specified `location_uri`. A retrieval role ARN is not required for configurations stored in the AWS AppConfig `hosted` configuration store. It is required for all other sources that store your configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of configurations contained in the profile. Valid values: `AWS.AppConfig.FeatureFlags` and `AWS.Freeform`. Default: `AWS.Freeform`.\n" }, "validators": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ConfigurationProfileValidator:ConfigurationProfileValidator" }, "description": "Set of methods for validating the configuration. Maximum of 2. See Validator below for more details.\n" } }, "required": [ "applicationId", "arn", "configurationProfileId", "locationUri", "name", "tagsAll" ], "inputProperties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the configuration profile. Can be at most 1024 characters.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier for an Key Management Service key to encrypt new configuration data versions in the AppConfig hosted configuration store. This attribute is only used for hosted configuration types. The identifier can be an KMS key ID, alias, or the Amazon Resource Name (ARN) of the key ID or alias.\n" }, "locationUri": { "type": "string", "description": "URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object. For the hosted configuration store, specify `hosted`. For an SSM document, specify either the document name in the format `ssm-document://\u003cDocument_name\u003e` or the ARN. For a parameter, specify either the parameter name in the format `ssm-parameter://\u003cParameter_name\u003e` or the ARN. For an Amazon S3 object, specify the URI in the following format: `s3://\u003cbucket\u003e/\u003cobjectKey\u003e`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name for the configuration profile. Must be between 1 and 64 characters in length.\n" }, "retrievalRoleArn": { "type": "string", "description": "ARN of an IAM role with permission to access the configuration at the specified `location_uri`. A retrieval role ARN is not required for configurations stored in the AWS AppConfig `hosted` configuration store. It is required for all other sources that store your configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of configurations contained in the profile. Valid values: `AWS.AppConfig.FeatureFlags` and `AWS.Freeform`. Default: `AWS.Freeform`.\n", "willReplaceOnChanges": true }, "validators": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ConfigurationProfileValidator:ConfigurationProfileValidator" }, "description": "Set of methods for validating the configuration. Maximum of 2. See Validator below for more details.\n" } }, "requiredInputs": [ "applicationId", "locationUri" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationProfile resources.\n", "properties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the AppConfig Configuration Profile.\n" }, "configurationProfileId": { "type": "string", "description": "The configuration profile ID.\n" }, "description": { "type": "string", "description": "Description of the configuration profile. Can be at most 1024 characters.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier for an Key Management Service key to encrypt new configuration data versions in the AppConfig hosted configuration store. This attribute is only used for hosted configuration types. The identifier can be an KMS key ID, alias, or the Amazon Resource Name (ARN) of the key ID or alias.\n" }, "locationUri": { "type": "string", "description": "URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object. For the hosted configuration store, specify `hosted`. For an SSM document, specify either the document name in the format `ssm-document://\u003cDocument_name\u003e` or the ARN. For a parameter, specify either the parameter name in the format `ssm-parameter://\u003cParameter_name\u003e` or the ARN. For an Amazon S3 object, specify the URI in the following format: `s3://\u003cbucket\u003e/\u003cobjectKey\u003e`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name for the configuration profile. Must be between 1 and 64 characters in length.\n" }, "retrievalRoleArn": { "type": "string", "description": "ARN of an IAM role with permission to access the configuration at the specified `location_uri`. A retrieval role ARN is not required for configurations stored in the AWS AppConfig `hosted` configuration store. It is required for all other sources that store your configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of configurations contained in the profile. Valid values: `AWS.AppConfig.FeatureFlags` and `AWS.Freeform`. Default: `AWS.Freeform`.\n", "willReplaceOnChanges": true }, "validators": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ConfigurationProfileValidator:ConfigurationProfileValidator" }, "description": "Set of methods for validating the configuration. Maximum of 2. See Validator below for more details.\n" } }, "type": "object" } }, "aws:appconfig/deployment:Deployment": { "description": "Provides an AppConfig Deployment resource for an `aws.appconfig.Application` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.Deployment(\"example\", {\n applicationId: exampleAwsAppconfigApplication.id,\n configurationProfileId: exampleAwsAppconfigConfigurationProfile.configurationProfileId,\n configurationVersion: exampleAwsAppconfigHostedConfigurationVersion.versionNumber,\n deploymentStrategyId: exampleAwsAppconfigDeploymentStrategy.id,\n description: \"My example deployment\",\n environmentId: exampleAwsAppconfigEnvironment.environmentId,\n kmsKeyIdentifier: exampleAwsKmsKey.arn,\n tags: {\n Type: \"AppConfig Deployment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.Deployment(\"example\",\n application_id=example_aws_appconfig_application[\"id\"],\n configuration_profile_id=example_aws_appconfig_configuration_profile[\"configurationProfileId\"],\n configuration_version=example_aws_appconfig_hosted_configuration_version[\"versionNumber\"],\n deployment_strategy_id=example_aws_appconfig_deployment_strategy[\"id\"],\n description=\"My example deployment\",\n environment_id=example_aws_appconfig_environment[\"environmentId\"],\n kms_key_identifier=example_aws_kms_key[\"arn\"],\n tags={\n \"Type\": \"AppConfig Deployment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.Deployment(\"example\", new()\n {\n ApplicationId = exampleAwsAppconfigApplication.Id,\n ConfigurationProfileId = exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId,\n ConfigurationVersion = exampleAwsAppconfigHostedConfigurationVersion.VersionNumber,\n DeploymentStrategyId = exampleAwsAppconfigDeploymentStrategy.Id,\n Description = \"My example deployment\",\n EnvironmentId = exampleAwsAppconfigEnvironment.EnvironmentId,\n KmsKeyIdentifier = exampleAwsKmsKey.Arn,\n Tags = \n {\n { \"Type\", \"AppConfig Deployment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.NewDeployment(ctx, \"example\", \u0026appconfig.DeploymentArgs{\n\t\t\tApplicationId: pulumi.Any(exampleAwsAppconfigApplication.Id),\n\t\t\tConfigurationProfileId: pulumi.Any(exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId),\n\t\t\tConfigurationVersion: pulumi.Any(exampleAwsAppconfigHostedConfigurationVersion.VersionNumber),\n\t\t\tDeploymentStrategyId: pulumi.Any(exampleAwsAppconfigDeploymentStrategy.Id),\n\t\t\tDescription: pulumi.String(\"My example deployment\"),\n\t\t\tEnvironmentId: pulumi.Any(exampleAwsAppconfigEnvironment.EnvironmentId),\n\t\t\tKmsKeyIdentifier: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Deployment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.Deployment;\nimport com.pulumi.aws.appconfig.DeploymentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Deployment(\"example\", DeploymentArgs.builder()\n .applicationId(exampleAwsAppconfigApplication.id())\n .configurationProfileId(exampleAwsAppconfigConfigurationProfile.configurationProfileId())\n .configurationVersion(exampleAwsAppconfigHostedConfigurationVersion.versionNumber())\n .deploymentStrategyId(exampleAwsAppconfigDeploymentStrategy.id())\n .description(\"My example deployment\")\n .environmentId(exampleAwsAppconfigEnvironment.environmentId())\n .kmsKeyIdentifier(exampleAwsKmsKey.arn())\n .tags(Map.of(\"Type\", \"AppConfig Deployment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:Deployment\n properties:\n applicationId: ${exampleAwsAppconfigApplication.id}\n configurationProfileId: ${exampleAwsAppconfigConfigurationProfile.configurationProfileId}\n configurationVersion: ${exampleAwsAppconfigHostedConfigurationVersion.versionNumber}\n deploymentStrategyId: ${exampleAwsAppconfigDeploymentStrategy.id}\n description: My example deployment\n environmentId: ${exampleAwsAppconfigEnvironment.environmentId}\n kmsKeyIdentifier: ${exampleAwsKmsKey.arn}\n tags:\n Type: AppConfig Deployment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Deployments using the application ID, environment ID, and deployment number separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:appconfig/deployment:Deployment example 71abcde/11xxxxx/1\n```\n", "properties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Deployment.\n" }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID. Must be between 4 and 7 characters in length.\n" }, "configurationVersion": { "type": "string", "description": "Configuration version to deploy. Can be at most 1024 characters.\n" }, "deploymentNumber": { "type": "integer", "description": "Deployment number.\n" }, "deploymentStrategyId": { "type": "string", "description": "Deployment strategy ID or name of a predefined deployment strategy. See [Predefined Deployment Strategies](https://docs.aws.amazon.com/appconfig/latest/userguide/appconfig-creating-deployment-strategy.html#appconfig-creating-deployment-strategy-predefined) for more details.\n" }, "description": { "type": "string", "description": "Description of the deployment. Can be at most 1024 characters.\n" }, "environmentId": { "type": "string", "description": "Environment ID. Must be between 4 and 7 characters in length.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt configuration data.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The KMS key identifier (key ID, key alias, or key ARN). AppConfig uses this to encrypt the configuration data using a customer managed key.\n" }, "state": { "type": "string", "description": "State of the deployment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationId", "arn", "configurationProfileId", "configurationVersion", "deploymentNumber", "deploymentStrategyId", "environmentId", "kmsKeyArn", "state", "tagsAll" ], "inputProperties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "configurationVersion": { "type": "string", "description": "Configuration version to deploy. Can be at most 1024 characters.\n", "willReplaceOnChanges": true }, "deploymentStrategyId": { "type": "string", "description": "Deployment strategy ID or name of a predefined deployment strategy. See [Predefined Deployment Strategies](https://docs.aws.amazon.com/appconfig/latest/userguide/appconfig-creating-deployment-strategy.html#appconfig-creating-deployment-strategy-predefined) for more details.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the deployment. Can be at most 1024 characters.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "Environment ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "kmsKeyIdentifier": { "type": "string", "description": "The KMS key identifier (key ID, key alias, or key ARN). AppConfig uses this to encrypt the configuration data using a customer managed key.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "applicationId", "configurationProfileId", "configurationVersion", "deploymentStrategyId", "environmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "applicationId": { "type": "string", "description": "Application ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the AppConfig Deployment.\n" }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "configurationVersion": { "type": "string", "description": "Configuration version to deploy. Can be at most 1024 characters.\n", "willReplaceOnChanges": true }, "deploymentNumber": { "type": "integer", "description": "Deployment number.\n" }, "deploymentStrategyId": { "type": "string", "description": "Deployment strategy ID or name of a predefined deployment strategy. See [Predefined Deployment Strategies](https://docs.aws.amazon.com/appconfig/latest/userguide/appconfig-creating-deployment-strategy.html#appconfig-creating-deployment-strategy-predefined) for more details.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the deployment. Can be at most 1024 characters.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "Environment ID. Must be between 4 and 7 characters in length.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt configuration data.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The KMS key identifier (key ID, key alias, or key ARN). AppConfig uses this to encrypt the configuration data using a customer managed key.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the deployment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/deploymentStrategy:DeploymentStrategy": { "description": "Provides an AppConfig Deployment Strategy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.DeploymentStrategy(\"example\", {\n name: \"example-deployment-strategy-tf\",\n description: \"Example Deployment Strategy\",\n deploymentDurationInMinutes: 3,\n finalBakeTimeInMinutes: 4,\n growthFactor: 10,\n growthType: \"LINEAR\",\n replicateTo: \"NONE\",\n tags: {\n Type: \"AppConfig Deployment Strategy\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.DeploymentStrategy(\"example\",\n name=\"example-deployment-strategy-tf\",\n description=\"Example Deployment Strategy\",\n deployment_duration_in_minutes=3,\n final_bake_time_in_minutes=4,\n growth_factor=10,\n growth_type=\"LINEAR\",\n replicate_to=\"NONE\",\n tags={\n \"Type\": \"AppConfig Deployment Strategy\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.DeploymentStrategy(\"example\", new()\n {\n Name = \"example-deployment-strategy-tf\",\n Description = \"Example Deployment Strategy\",\n DeploymentDurationInMinutes = 3,\n FinalBakeTimeInMinutes = 4,\n GrowthFactor = 10,\n GrowthType = \"LINEAR\",\n ReplicateTo = \"NONE\",\n Tags = \n {\n { \"Type\", \"AppConfig Deployment Strategy\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.NewDeploymentStrategy(ctx, \"example\", \u0026appconfig.DeploymentStrategyArgs{\n\t\t\tName: pulumi.String(\"example-deployment-strategy-tf\"),\n\t\t\tDescription: pulumi.String(\"Example Deployment Strategy\"),\n\t\t\tDeploymentDurationInMinutes: pulumi.Int(3),\n\t\t\tFinalBakeTimeInMinutes: pulumi.Int(4),\n\t\t\tGrowthFactor: pulumi.Float64(10),\n\t\t\tGrowthType: pulumi.String(\"LINEAR\"),\n\t\t\tReplicateTo: pulumi.String(\"NONE\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Deployment Strategy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.DeploymentStrategy;\nimport com.pulumi.aws.appconfig.DeploymentStrategyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DeploymentStrategy(\"example\", DeploymentStrategyArgs.builder()\n .name(\"example-deployment-strategy-tf\")\n .description(\"Example Deployment Strategy\")\n .deploymentDurationInMinutes(3)\n .finalBakeTimeInMinutes(4)\n .growthFactor(10)\n .growthType(\"LINEAR\")\n .replicateTo(\"NONE\")\n .tags(Map.of(\"Type\", \"AppConfig Deployment Strategy\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:DeploymentStrategy\n properties:\n name: example-deployment-strategy-tf\n description: Example Deployment Strategy\n deploymentDurationInMinutes: 3\n finalBakeTimeInMinutes: 4\n growthFactor: 10\n growthType: LINEAR\n replicateTo: NONE\n tags:\n Type: AppConfig Deployment Strategy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Deployment Strategies using their deployment strategy ID. For example:\n\n```sh\n$ pulumi import aws:appconfig/deploymentStrategy:DeploymentStrategy example 11xxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Deployment Strategy.\n" }, "deploymentDurationInMinutes": { "type": "integer", "description": "Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440.\n" }, "description": { "type": "string", "description": "Description of the deployment strategy. Can be at most 1024 characters.\n" }, "finalBakeTimeInMinutes": { "type": "integer", "description": "Amount of time AWS AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic roll back. Minimum value of 0, maximum value of 1440.\n" }, "growthFactor": { "type": "number", "description": "Percentage of targets to receive a deployed configuration during each interval. Minimum value of 1.0, maximum value of 100.0.\n" }, "growthType": { "type": "string", "description": "Algorithm used to define how percentage grows over time. Valid value: `LINEAR` and `EXPONENTIAL`. Defaults to `LINEAR`.\n" }, "name": { "type": "string", "description": "Name for the deployment strategy. Must be between 1 and 64 characters in length.\n" }, "replicateTo": { "type": "string", "description": "Where to save the deployment strategy. Valid values: `NONE` and `SSM_DOCUMENT`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "deploymentDurationInMinutes", "growthFactor", "name", "replicateTo", "tagsAll" ], "inputProperties": { "deploymentDurationInMinutes": { "type": "integer", "description": "Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440.\n" }, "description": { "type": "string", "description": "Description of the deployment strategy. Can be at most 1024 characters.\n" }, "finalBakeTimeInMinutes": { "type": "integer", "description": "Amount of time AWS AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic roll back. Minimum value of 0, maximum value of 1440.\n" }, "growthFactor": { "type": "number", "description": "Percentage of targets to receive a deployed configuration during each interval. Minimum value of 1.0, maximum value of 100.0.\n" }, "growthType": { "type": "string", "description": "Algorithm used to define how percentage grows over time. Valid value: `LINEAR` and `EXPONENTIAL`. Defaults to `LINEAR`.\n" }, "name": { "type": "string", "description": "Name for the deployment strategy. Must be between 1 and 64 characters in length.\n", "willReplaceOnChanges": true }, "replicateTo": { "type": "string", "description": "Where to save the deployment strategy. Valid values: `NONE` and `SSM_DOCUMENT`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "deploymentDurationInMinutes", "growthFactor", "replicateTo" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeploymentStrategy resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Deployment Strategy.\n" }, "deploymentDurationInMinutes": { "type": "integer", "description": "Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440.\n" }, "description": { "type": "string", "description": "Description of the deployment strategy. Can be at most 1024 characters.\n" }, "finalBakeTimeInMinutes": { "type": "integer", "description": "Amount of time AWS AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic roll back. Minimum value of 0, maximum value of 1440.\n" }, "growthFactor": { "type": "number", "description": "Percentage of targets to receive a deployed configuration during each interval. Minimum value of 1.0, maximum value of 100.0.\n" }, "growthType": { "type": "string", "description": "Algorithm used to define how percentage grows over time. Valid value: `LINEAR` and `EXPONENTIAL`. Defaults to `LINEAR`.\n" }, "name": { "type": "string", "description": "Name for the deployment strategy. Must be between 1 and 64 characters in length.\n", "willReplaceOnChanges": true }, "replicateTo": { "type": "string", "description": "Where to save the deployment strategy. Valid values: `NONE` and `SSM_DOCUMENT`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/environment:Environment": { "description": "Provides an AppConfig Environment resource for an `aws.appconfig.Application` resource. One or more environments can be defined for an application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleApplication = new aws.appconfig.Application(\"example\", {\n name: \"example-application-tf\",\n description: \"Example AppConfig Application\",\n tags: {\n Type: \"AppConfig Application\",\n },\n});\nconst example = new aws.appconfig.Environment(\"example\", {\n name: \"example-environment-tf\",\n description: \"Example AppConfig Environment\",\n applicationId: exampleApplication.id,\n monitors: [{\n alarmArn: exampleAwsCloudwatchMetricAlarm.arn,\n alarmRoleArn: exampleAwsIamRole.arn,\n }],\n tags: {\n Type: \"AppConfig Environment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_application = aws.appconfig.Application(\"example\",\n name=\"example-application-tf\",\n description=\"Example AppConfig Application\",\n tags={\n \"Type\": \"AppConfig Application\",\n })\nexample = aws.appconfig.Environment(\"example\",\n name=\"example-environment-tf\",\n description=\"Example AppConfig Environment\",\n application_id=example_application.id,\n monitors=[{\n \"alarm_arn\": example_aws_cloudwatch_metric_alarm[\"arn\"],\n \"alarm_role_arn\": example_aws_iam_role[\"arn\"],\n }],\n tags={\n \"Type\": \"AppConfig Environment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleApplication = new Aws.AppConfig.Application(\"example\", new()\n {\n Name = \"example-application-tf\",\n Description = \"Example AppConfig Application\",\n Tags = \n {\n { \"Type\", \"AppConfig Application\" },\n },\n });\n\n var example = new Aws.AppConfig.Environment(\"example\", new()\n {\n Name = \"example-environment-tf\",\n Description = \"Example AppConfig Environment\",\n ApplicationId = exampleApplication.Id,\n Monitors = new[]\n {\n new Aws.AppConfig.Inputs.EnvironmentMonitorArgs\n {\n AlarmArn = exampleAwsCloudwatchMetricAlarm.Arn,\n AlarmRoleArn = exampleAwsIamRole.Arn,\n },\n },\n Tags = \n {\n { \"Type\", \"AppConfig Environment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleApplication, err := appconfig.NewApplication(ctx, \"example\", \u0026appconfig.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-application-tf\"),\n\t\t\tDescription: pulumi.String(\"Example AppConfig Application\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Application\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appconfig.NewEnvironment(ctx, \"example\", \u0026appconfig.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"example-environment-tf\"),\n\t\t\tDescription: pulumi.String(\"Example AppConfig Environment\"),\n\t\t\tApplicationId: exampleApplication.ID(),\n\t\t\tMonitors: appconfig.EnvironmentMonitorArray{\n\t\t\t\t\u0026appconfig.EnvironmentMonitorArgs{\n\t\t\t\t\tAlarmArn: pulumi.Any(exampleAwsCloudwatchMetricAlarm.Arn),\n\t\t\t\t\tAlarmRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Environment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.Application;\nimport com.pulumi.aws.appconfig.ApplicationArgs;\nimport com.pulumi.aws.appconfig.Environment;\nimport com.pulumi.aws.appconfig.EnvironmentArgs;\nimport com.pulumi.aws.appconfig.inputs.EnvironmentMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example-application-tf\")\n .description(\"Example AppConfig Application\")\n .tags(Map.of(\"Type\", \"AppConfig Application\"))\n .build());\n\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .name(\"example-environment-tf\")\n .description(\"Example AppConfig Environment\")\n .applicationId(exampleApplication.id())\n .monitors(EnvironmentMonitorArgs.builder()\n .alarmArn(exampleAwsCloudwatchMetricAlarm.arn())\n .alarmRoleArn(exampleAwsIamRole.arn())\n .build())\n .tags(Map.of(\"Type\", \"AppConfig Environment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:Environment\n properties:\n name: example-environment-tf\n description: Example AppConfig Environment\n applicationId: ${exampleApplication.id}\n monitors:\n - alarmArn: ${exampleAwsCloudwatchMetricAlarm.arn}\n alarmRoleArn: ${exampleAwsIamRole.arn}\n tags:\n Type: AppConfig Environment\n exampleApplication:\n type: aws:appconfig:Application\n name: example\n properties:\n name: example-application-tf\n description: Example AppConfig Application\n tags:\n Type: AppConfig Application\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Environments using the environment ID and application ID separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:appconfig/environment:Environment example 71abcde:11xxxxx\n```\n", "properties": { "applicationId": { "type": "string", "description": "AppConfig application ID. Must be between 4 and 7 characters in length.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Environment.\n" }, "description": { "type": "string", "description": "Description of the environment. Can be at most 1024 characters.\n" }, "environmentId": { "type": "string", "description": "AppConfig environment ID.\n" }, "monitors": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/EnvironmentMonitor:EnvironmentMonitor" }, "description": "Set of Amazon CloudWatch alarms to monitor during the deployment process. Maximum of 5. See Monitor below for more details.\n" }, "name": { "type": "string", "description": "Name for the environment. Must be between 1 and 64 characters in length.\n" }, "state": { "type": "string", "description": "State of the environment. Possible values are `READY_FOR_DEPLOYMENT`, `DEPLOYING`, `ROLLING_BACK`\nor `ROLLED_BACK`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationId", "arn", "description", "environmentId", "name", "state", "tagsAll" ], "inputProperties": { "applicationId": { "type": "string", "description": "AppConfig application ID. Must be between 4 and 7 characters in length.\n" }, "description": { "type": "string", "description": "Description of the environment. Can be at most 1024 characters.\n" }, "monitors": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/EnvironmentMonitor:EnvironmentMonitor" }, "description": "Set of Amazon CloudWatch alarms to monitor during the deployment process. Maximum of 5. See Monitor below for more details.\n" }, "name": { "type": "string", "description": "Name for the environment. Must be between 1 and 64 characters in length.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Environment resources.\n", "properties": { "applicationId": { "type": "string", "description": "AppConfig application ID. Must be between 4 and 7 characters in length.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Environment.\n" }, "description": { "type": "string", "description": "Description of the environment. Can be at most 1024 characters.\n" }, "environmentId": { "type": "string", "description": "AppConfig environment ID.\n" }, "monitors": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/EnvironmentMonitor:EnvironmentMonitor" }, "description": "Set of Amazon CloudWatch alarms to monitor during the deployment process. Maximum of 5. See Monitor below for more details.\n" }, "name": { "type": "string", "description": "Name for the environment. Must be between 1 and 64 characters in length.\n" }, "state": { "type": "string", "description": "State of the environment. Possible values are `READY_FOR_DEPLOYMENT`, `DEPLOYING`, `ROLLING_BACK`\nor `ROLLED_BACK`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/eventIntegration:EventIntegration": { "description": "Provides an Amazon AppIntegrations Event Integration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.EventIntegration(\"example\", {\n name: \"example-name\",\n description: \"Example Description\",\n eventbridgeBus: \"default\",\n eventFilter: {\n source: \"aws.partner/examplepartner.com\",\n },\n tags: {\n Name: \"Example Event Integration\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.EventIntegration(\"example\",\n name=\"example-name\",\n description=\"Example Description\",\n eventbridge_bus=\"default\",\n event_filter={\n \"source\": \"aws.partner/examplepartner.com\",\n },\n tags={\n \"Name\": \"Example Event Integration\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.EventIntegration(\"example\", new()\n {\n Name = \"example-name\",\n Description = \"Example Description\",\n EventbridgeBus = \"default\",\n EventFilter = new Aws.AppConfig.Inputs.EventIntegrationEventFilterArgs\n {\n Source = \"aws.partner/examplepartner.com\",\n },\n Tags = \n {\n { \"Name\", \"Example Event Integration\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.NewEventIntegration(ctx, \"example\", \u0026appconfig.EventIntegrationArgs{\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tEventbridgeBus: pulumi.String(\"default\"),\n\t\t\tEventFilter: \u0026appconfig.EventIntegrationEventFilterArgs{\n\t\t\t\tSource: pulumi.String(\"aws.partner/examplepartner.com\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Event Integration\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.EventIntegration;\nimport com.pulumi.aws.appconfig.EventIntegrationArgs;\nimport com.pulumi.aws.appconfig.inputs.EventIntegrationEventFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventIntegration(\"example\", EventIntegrationArgs.builder()\n .name(\"example-name\")\n .description(\"Example Description\")\n .eventbridgeBus(\"default\")\n .eventFilter(EventIntegrationEventFilterArgs.builder()\n .source(\"aws.partner/examplepartner.com\")\n .build())\n .tags(Map.of(\"Name\", \"Example Event Integration\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:EventIntegration\n properties:\n name: example-name\n description: Example Description\n eventbridgeBus: default\n eventFilter:\n source: aws.partner/examplepartner.com\n tags:\n Name: Example Event Integration\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon AppIntegrations Event Integrations using the `name`. For example:\n\n```sh\n$ pulumi import aws:appconfig/eventIntegration:EventIntegration example example-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Event Integration.\n" }, "description": { "type": "string", "description": "Description of the Event Integration.\n" }, "eventFilter": { "$ref": "#/types/aws:appconfig/EventIntegrationEventFilter:EventIntegrationEventFilter", "description": "Block that defines the configuration information for the event filter. The Event Filter block is documented below.\n" }, "eventbridgeBus": { "type": "string", "description": "EventBridge bus.\n" }, "name": { "type": "string", "description": "Name of the Event Integration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Event Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "eventFilter", "eventbridgeBus", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the Event Integration.\n" }, "eventFilter": { "$ref": "#/types/aws:appconfig/EventIntegrationEventFilter:EventIntegrationEventFilter", "description": "Block that defines the configuration information for the event filter. The Event Filter block is documented below.\n", "willReplaceOnChanges": true }, "eventbridgeBus": { "type": "string", "description": "EventBridge bus.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the Event Integration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Event Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "eventFilter", "eventbridgeBus" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventIntegration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Event Integration.\n" }, "description": { "type": "string", "description": "Description of the Event Integration.\n" }, "eventFilter": { "$ref": "#/types/aws:appconfig/EventIntegrationEventFilter:EventIntegrationEventFilter", "description": "Block that defines the configuration information for the event filter. The Event Filter block is documented below.\n", "willReplaceOnChanges": true }, "eventbridgeBus": { "type": "string", "description": "EventBridge bus.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the Event Integration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Event Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appconfig/extension:Extension": { "description": "Provides an AppConfig Extension resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTopic = new aws.sns.Topic(\"test\", {name: \"test\"});\nconst test = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"appconfig.amazonaws.com\"],\n }],\n }],\n});\nconst testRole = new aws.iam.Role(\"test\", {\n name: \"test\",\n assumeRolePolicy: test.then(test =\u003e test.json),\n});\nconst testExtension = new aws.appconfig.Extension(\"test\", {\n name: \"test\",\n description: \"test description\",\n actionPoints: [{\n point: \"ON_DEPLOYMENT_COMPLETE\",\n actions: [{\n name: \"test\",\n roleArn: testRole.arn,\n uri: testTopic.arn,\n }],\n }],\n tags: {\n Type: \"AppConfig Extension\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_topic = aws.sns.Topic(\"test\", name=\"test\")\ntest = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"appconfig.amazonaws.com\"],\n }],\n}])\ntest_role = aws.iam.Role(\"test\",\n name=\"test\",\n assume_role_policy=test.json)\ntest_extension = aws.appconfig.Extension(\"test\",\n name=\"test\",\n description=\"test description\",\n action_points=[{\n \"point\": \"ON_DEPLOYMENT_COMPLETE\",\n \"actions\": [{\n \"name\": \"test\",\n \"role_arn\": test_role.arn,\n \"uri\": test_topic.arn,\n }],\n }],\n tags={\n \"Type\": \"AppConfig Extension\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTopic = new Aws.Sns.Topic(\"test\", new()\n {\n Name = \"test\",\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"appconfig.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"test\",\n AssumeRolePolicy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testExtension = new Aws.AppConfig.Extension(\"test\", new()\n {\n Name = \"test\",\n Description = \"test description\",\n ActionPoints = new[]\n {\n new Aws.AppConfig.Inputs.ExtensionActionPointArgs\n {\n Point = \"ON_DEPLOYMENT_COMPLETE\",\n Actions = new[]\n {\n new Aws.AppConfig.Inputs.ExtensionActionPointActionArgs\n {\n Name = \"test\",\n RoleArn = testRole.Arn,\n Uri = testTopic.Arn,\n },\n },\n },\n },\n Tags = \n {\n { \"Type\", \"AppConfig Extension\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTopic, err := sns.NewTopic(ctx, \"test\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"appconfig.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tAssumeRolePolicy: pulumi.String(test.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appconfig.NewExtension(ctx, \"test\", \u0026appconfig.ExtensionArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tActionPoints: appconfig.ExtensionActionPointArray{\n\t\t\t\t\u0026appconfig.ExtensionActionPointArgs{\n\t\t\t\t\tPoint: pulumi.String(\"ON_DEPLOYMENT_COMPLETE\"),\n\t\t\t\t\tActions: appconfig.ExtensionActionPointActionArray{\n\t\t\t\t\t\t\u0026appconfig.ExtensionActionPointActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"test\"),\n\t\t\t\t\t\t\tRoleArn: testRole.Arn,\n\t\t\t\t\t\t\tUri: testTopic.Arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Extension\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.appconfig.Extension;\nimport com.pulumi.aws.appconfig.ExtensionArgs;\nimport com.pulumi.aws.appconfig.inputs.ExtensionActionPointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTopic = new Topic(\"testTopic\", TopicArgs.builder()\n .name(\"test\")\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"appconfig.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"test\")\n .assumeRolePolicy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testExtension = new Extension(\"testExtension\", ExtensionArgs.builder()\n .name(\"test\")\n .description(\"test description\")\n .actionPoints(ExtensionActionPointArgs.builder()\n .point(\"ON_DEPLOYMENT_COMPLETE\")\n .actions(ExtensionActionPointActionArgs.builder()\n .name(\"test\")\n .roleArn(testRole.arn())\n .uri(testTopic.arn())\n .build())\n .build())\n .tags(Map.of(\"Type\", \"AppConfig Extension\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testTopic:\n type: aws:sns:Topic\n name: test\n properties:\n name: test\n testRole:\n type: aws:iam:Role\n name: test\n properties:\n name: test\n assumeRolePolicy: ${test.json}\n testExtension:\n type: aws:appconfig:Extension\n name: test\n properties:\n name: test\n description: test description\n actionPoints:\n - point: ON_DEPLOYMENT_COMPLETE\n actions:\n - name: test\n roleArn: ${testRole.arn}\n uri: ${testTopic.arn}\n tags:\n Type: AppConfig Extension\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - appconfig.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Extensions using their extension ID. For example:\n\n```sh\n$ pulumi import aws:appconfig/extension:Extension example 71rxuzt\n```\n", "properties": { "actionPoints": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionActionPoint:ExtensionActionPoint" }, "description": "The action points defined in the extension. Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Extension.\n" }, "description": { "type": "string", "description": "Information about the extension.\n" }, "name": { "type": "string", "description": "A name for the extension. Each extension name in your account must be unique. Extension versions use the same name.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionParameter:ExtensionParameter" }, "description": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions, these parameters are included in the Lambda request object. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The version number for the extension.\n" } }, "required": [ "actionPoints", "arn", "description", "name", "parameters", "tagsAll", "version" ], "inputProperties": { "actionPoints": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionActionPoint:ExtensionActionPoint" }, "description": "The action points defined in the extension. Detailed below.\n" }, "description": { "type": "string", "description": "Information about the extension.\n" }, "name": { "type": "string", "description": "A name for the extension. Each extension name in your account must be unique. Extension versions use the same name.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionParameter:ExtensionParameter" }, "description": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions, these parameters are included in the Lambda request object. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "actionPoints" ], "stateInputs": { "description": "Input properties used for looking up and filtering Extension resources.\n", "properties": { "actionPoints": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionActionPoint:ExtensionActionPoint" }, "description": "The action points defined in the extension. Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig Extension.\n" }, "description": { "type": "string", "description": "Information about the extension.\n" }, "name": { "type": "string", "description": "A name for the extension. Each extension name in your account must be unique. Extension versions use the same name.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:appconfig/ExtensionParameter:ExtensionParameter" }, "description": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions, these parameters are included in the Lambda request object. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The version number for the extension.\n" } }, "type": "object" } }, "aws:appconfig/extensionAssociation:ExtensionAssociation": { "description": "Associates an AppConfig Extension with a Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTopic = new aws.sns.Topic(\"test\", {name: \"test\"});\nconst test = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"appconfig.amazonaws.com\"],\n }],\n }],\n});\nconst testRole = new aws.iam.Role(\"test\", {\n name: \"test\",\n assumeRolePolicy: test.then(test =\u003e test.json),\n});\nconst testExtension = new aws.appconfig.Extension(\"test\", {\n name: \"test\",\n description: \"test description\",\n actionPoints: [{\n point: \"ON_DEPLOYMENT_COMPLETE\",\n actions: [{\n name: \"test\",\n roleArn: testRole.arn,\n uri: testTopic.arn,\n }],\n }],\n tags: {\n Type: \"AppConfig Extension\",\n },\n});\nconst testApplication = new aws.appconfig.Application(\"test\", {name: \"test\"});\nconst testExtensionAssociation = new aws.appconfig.ExtensionAssociation(\"test\", {\n extensionArn: testExtension.arn,\n resourceArn: testApplication.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_topic = aws.sns.Topic(\"test\", name=\"test\")\ntest = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"appconfig.amazonaws.com\"],\n }],\n}])\ntest_role = aws.iam.Role(\"test\",\n name=\"test\",\n assume_role_policy=test.json)\ntest_extension = aws.appconfig.Extension(\"test\",\n name=\"test\",\n description=\"test description\",\n action_points=[{\n \"point\": \"ON_DEPLOYMENT_COMPLETE\",\n \"actions\": [{\n \"name\": \"test\",\n \"role_arn\": test_role.arn,\n \"uri\": test_topic.arn,\n }],\n }],\n tags={\n \"Type\": \"AppConfig Extension\",\n })\ntest_application = aws.appconfig.Application(\"test\", name=\"test\")\ntest_extension_association = aws.appconfig.ExtensionAssociation(\"test\",\n extension_arn=test_extension.arn,\n resource_arn=test_application.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTopic = new Aws.Sns.Topic(\"test\", new()\n {\n Name = \"test\",\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"appconfig.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"test\",\n AssumeRolePolicy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testExtension = new Aws.AppConfig.Extension(\"test\", new()\n {\n Name = \"test\",\n Description = \"test description\",\n ActionPoints = new[]\n {\n new Aws.AppConfig.Inputs.ExtensionActionPointArgs\n {\n Point = \"ON_DEPLOYMENT_COMPLETE\",\n Actions = new[]\n {\n new Aws.AppConfig.Inputs.ExtensionActionPointActionArgs\n {\n Name = \"test\",\n RoleArn = testRole.Arn,\n Uri = testTopic.Arn,\n },\n },\n },\n },\n Tags = \n {\n { \"Type\", \"AppConfig Extension\" },\n },\n });\n\n var testApplication = new Aws.AppConfig.Application(\"test\", new()\n {\n Name = \"test\",\n });\n\n var testExtensionAssociation = new Aws.AppConfig.ExtensionAssociation(\"test\", new()\n {\n ExtensionArn = testExtension.Arn,\n ResourceArn = testApplication.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTopic, err := sns.NewTopic(ctx, \"test\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"appconfig.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tAssumeRolePolicy: pulumi.String(test.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestExtension, err := appconfig.NewExtension(ctx, \"test\", \u0026appconfig.ExtensionArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tActionPoints: appconfig.ExtensionActionPointArray{\n\t\t\t\t\u0026appconfig.ExtensionActionPointArgs{\n\t\t\t\t\tPoint: pulumi.String(\"ON_DEPLOYMENT_COMPLETE\"),\n\t\t\t\t\tActions: appconfig.ExtensionActionPointActionArray{\n\t\t\t\t\t\t\u0026appconfig.ExtensionActionPointActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"test\"),\n\t\t\t\t\t\t\tRoleArn: testRole.Arn,\n\t\t\t\t\t\t\tUri: testTopic.Arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Type\": pulumi.String(\"AppConfig Extension\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestApplication, err := appconfig.NewApplication(ctx, \"test\", \u0026appconfig.ApplicationArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appconfig.NewExtensionAssociation(ctx, \"test\", \u0026appconfig.ExtensionAssociationArgs{\n\t\t\tExtensionArn: testExtension.Arn,\n\t\t\tResourceArn: testApplication.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.appconfig.Extension;\nimport com.pulumi.aws.appconfig.ExtensionArgs;\nimport com.pulumi.aws.appconfig.inputs.ExtensionActionPointArgs;\nimport com.pulumi.aws.appconfig.Application;\nimport com.pulumi.aws.appconfig.ApplicationArgs;\nimport com.pulumi.aws.appconfig.ExtensionAssociation;\nimport com.pulumi.aws.appconfig.ExtensionAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTopic = new Topic(\"testTopic\", TopicArgs.builder()\n .name(\"test\")\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"appconfig.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"test\")\n .assumeRolePolicy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testExtension = new Extension(\"testExtension\", ExtensionArgs.builder()\n .name(\"test\")\n .description(\"test description\")\n .actionPoints(ExtensionActionPointArgs.builder()\n .point(\"ON_DEPLOYMENT_COMPLETE\")\n .actions(ExtensionActionPointActionArgs.builder()\n .name(\"test\")\n .roleArn(testRole.arn())\n .uri(testTopic.arn())\n .build())\n .build())\n .tags(Map.of(\"Type\", \"AppConfig Extension\"))\n .build());\n\n var testApplication = new Application(\"testApplication\", ApplicationArgs.builder()\n .name(\"test\")\n .build());\n\n var testExtensionAssociation = new ExtensionAssociation(\"testExtensionAssociation\", ExtensionAssociationArgs.builder()\n .extensionArn(testExtension.arn())\n .resourceArn(testApplication.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testTopic:\n type: aws:sns:Topic\n name: test\n properties:\n name: test\n testRole:\n type: aws:iam:Role\n name: test\n properties:\n name: test\n assumeRolePolicy: ${test.json}\n testExtension:\n type: aws:appconfig:Extension\n name: test\n properties:\n name: test\n description: test description\n actionPoints:\n - point: ON_DEPLOYMENT_COMPLETE\n actions:\n - name: test\n roleArn: ${testRole.arn}\n uri: ${testTopic.arn}\n tags:\n Type: AppConfig Extension\n testApplication:\n type: aws:appconfig:Application\n name: test\n properties:\n name: test\n testExtensionAssociation:\n type: aws:appconfig:ExtensionAssociation\n name: test\n properties:\n extensionArn: ${testExtension.arn}\n resourceArn: ${testApplication.arn}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - appconfig.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Extension Associations using their extension association ID. For example:\n\n```sh\n$ pulumi import aws:appconfig/extensionAssociation:ExtensionAssociation example 71rxuzt\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Extension Association.\n" }, "extensionArn": { "type": "string", "description": "The ARN of the extension defined in the association.\n" }, "extensionVersion": { "type": "integer", "description": "The version number for the extension defined in the association.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The parameter names and values defined for the association.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the application, configuration profile, or environment to associate with the extension.\n" } }, "required": [ "arn", "extensionArn", "extensionVersion", "resourceArn" ], "inputProperties": { "extensionArn": { "type": "string", "description": "The ARN of the extension defined in the association.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The parameter names and values defined for the association.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the application, configuration profile, or environment to associate with the extension.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "extensionArn", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ExtensionAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppConfig Extension Association.\n" }, "extensionArn": { "type": "string", "description": "The ARN of the extension defined in the association.\n", "willReplaceOnChanges": true }, "extensionVersion": { "type": "integer", "description": "The version number for the extension defined in the association.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The parameter names and values defined for the association.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the application, configuration profile, or environment to associate with the extension.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appconfig/hostedConfigurationVersion:HostedConfigurationVersion": { "description": "Provides an AppConfig Hosted Configuration Version resource.\n\n## Example Usage\n\n### Freeform\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.HostedConfigurationVersion(\"example\", {\n applicationId: exampleAwsAppconfigApplication.id,\n configurationProfileId: exampleAwsAppconfigConfigurationProfile.configurationProfileId,\n description: \"Example Freeform Hosted Configuration Version\",\n contentType: \"application/json\",\n content: JSON.stringify({\n foo: \"bar\",\n fruit: [\n \"apple\",\n \"pear\",\n \"orange\",\n ],\n isThingEnabled: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.appconfig.HostedConfigurationVersion(\"example\",\n application_id=example_aws_appconfig_application[\"id\"],\n configuration_profile_id=example_aws_appconfig_configuration_profile[\"configurationProfileId\"],\n description=\"Example Freeform Hosted Configuration Version\",\n content_type=\"application/json\",\n content=json.dumps({\n \"foo\": \"bar\",\n \"fruit\": [\n \"apple\",\n \"pear\",\n \"orange\",\n ],\n \"isThingEnabled\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.HostedConfigurationVersion(\"example\", new()\n {\n ApplicationId = exampleAwsAppconfigApplication.Id,\n ConfigurationProfileId = exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId,\n Description = \"Example Freeform Hosted Configuration Version\",\n ContentType = \"application/json\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n [\"fruit\"] = new[]\n {\n \"apple\",\n \"pear\",\n \"orange\",\n },\n [\"isThingEnabled\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t\t\"fruit\": []string{\n\t\t\t\t\"apple\",\n\t\t\t\t\"pear\",\n\t\t\t\t\"orange\",\n\t\t\t},\n\t\t\t\"isThingEnabled\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = appconfig.NewHostedConfigurationVersion(ctx, \"example\", \u0026appconfig.HostedConfigurationVersionArgs{\n\t\t\tApplicationId: pulumi.Any(exampleAwsAppconfigApplication.Id),\n\t\t\tConfigurationProfileId: pulumi.Any(exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId),\n\t\t\tDescription: pulumi.String(\"Example Freeform Hosted Configuration Version\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.HostedConfigurationVersion;\nimport com.pulumi.aws.appconfig.HostedConfigurationVersionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HostedConfigurationVersion(\"example\", HostedConfigurationVersionArgs.builder()\n .applicationId(exampleAwsAppconfigApplication.id())\n .configurationProfileId(exampleAwsAppconfigConfigurationProfile.configurationProfileId())\n .description(\"Example Freeform Hosted Configuration Version\")\n .contentType(\"application/json\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\"),\n jsonProperty(\"fruit\", jsonArray(\n \"apple\", \n \"pear\", \n \"orange\"\n )),\n jsonProperty(\"isThingEnabled\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:HostedConfigurationVersion\n properties:\n applicationId: ${exampleAwsAppconfigApplication.id}\n configurationProfileId: ${exampleAwsAppconfigConfigurationProfile.configurationProfileId}\n description: Example Freeform Hosted Configuration Version\n contentType: application/json\n content:\n fn::toJSON:\n foo: bar\n fruit:\n - apple\n - pear\n - orange\n isThingEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Feature Flags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appconfig.HostedConfigurationVersion(\"example\", {\n applicationId: exampleAwsAppconfigApplication.id,\n configurationProfileId: exampleAwsAppconfigConfigurationProfile.configurationProfileId,\n description: \"Example Feature Flag Configuration Version\",\n contentType: \"application/json\",\n content: JSON.stringify({\n flags: {\n foo: {\n name: \"foo\",\n _deprecation: {\n status: \"planned\",\n },\n },\n bar: {\n name: \"bar\",\n attributes: {\n someAttribute: {\n constraints: {\n type: \"string\",\n required: true,\n },\n },\n someOtherAttribute: {\n constraints: {\n type: \"number\",\n required: true,\n },\n },\n },\n },\n },\n values: {\n foo: {\n enabled: \"true\",\n },\n bar: {\n enabled: \"true\",\n someAttribute: \"Hello World\",\n someOtherAttribute: 123,\n },\n },\n version: \"1\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.appconfig.HostedConfigurationVersion(\"example\",\n application_id=example_aws_appconfig_application[\"id\"],\n configuration_profile_id=example_aws_appconfig_configuration_profile[\"configurationProfileId\"],\n description=\"Example Feature Flag Configuration Version\",\n content_type=\"application/json\",\n content=json.dumps({\n \"flags\": {\n \"foo\": {\n \"name\": \"foo\",\n \"_deprecation\": {\n \"status\": \"planned\",\n },\n },\n \"bar\": {\n \"name\": \"bar\",\n \"attributes\": {\n \"someAttribute\": {\n \"constraints\": {\n \"type\": \"string\",\n \"required\": True,\n },\n },\n \"someOtherAttribute\": {\n \"constraints\": {\n \"type\": \"number\",\n \"required\": True,\n },\n },\n },\n },\n },\n \"values\": {\n \"foo\": {\n \"enabled\": \"true\",\n },\n \"bar\": {\n \"enabled\": \"true\",\n \"someAttribute\": \"Hello World\",\n \"someOtherAttribute\": 123,\n },\n },\n \"version\": \"1\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppConfig.HostedConfigurationVersion(\"example\", new()\n {\n ApplicationId = exampleAwsAppconfigApplication.Id,\n ConfigurationProfileId = exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId,\n Description = \"Example Feature Flag Configuration Version\",\n ContentType = \"application/json\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"flags\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"foo\",\n [\"_deprecation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"status\"] = \"planned\",\n },\n },\n [\"bar\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"bar\",\n [\"attributes\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"someAttribute\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"constraints\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n [\"required\"] = true,\n },\n },\n [\"someOtherAttribute\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"constraints\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"number\",\n [\"required\"] = true,\n },\n },\n },\n },\n },\n [\"values\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"enabled\"] = \"true\",\n },\n [\"bar\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"enabled\"] = \"true\",\n [\"someAttribute\"] = \"Hello World\",\n [\"someOtherAttribute\"] = 123,\n },\n },\n [\"version\"] = \"1\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"flags\": map[string]interface{}{\n\t\t\t\t\"foo\": map[string]interface{}{\n\t\t\t\t\t\"name\": \"foo\",\n\t\t\t\t\t\"_deprecation\": map[string]interface{}{\n\t\t\t\t\t\t\"status\": \"planned\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"bar\": map[string]interface{}{\n\t\t\t\t\t\"name\": \"bar\",\n\t\t\t\t\t\"attributes\": map[string]interface{}{\n\t\t\t\t\t\t\"someAttribute\": map[string]interface{}{\n\t\t\t\t\t\t\t\"constraints\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t\t\t\t\t\"required\": true,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"someOtherAttribute\": map[string]interface{}{\n\t\t\t\t\t\t\t\"constraints\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"type\": \"number\",\n\t\t\t\t\t\t\t\t\"required\": true,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"values\": map[string]interface{}{\n\t\t\t\t\"foo\": map[string]interface{}{\n\t\t\t\t\t\"enabled\": \"true\",\n\t\t\t\t},\n\t\t\t\t\"bar\": map[string]interface{}{\n\t\t\t\t\t\"enabled\": \"true\",\n\t\t\t\t\t\"someAttribute\": \"Hello World\",\n\t\t\t\t\t\"someOtherAttribute\": 123,\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"1\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = appconfig.NewHostedConfigurationVersion(ctx, \"example\", \u0026appconfig.HostedConfigurationVersionArgs{\n\t\t\tApplicationId: pulumi.Any(exampleAwsAppconfigApplication.Id),\n\t\t\tConfigurationProfileId: pulumi.Any(exampleAwsAppconfigConfigurationProfile.ConfigurationProfileId),\n\t\t\tDescription: pulumi.String(\"Example Feature Flag Configuration Version\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.HostedConfigurationVersion;\nimport com.pulumi.aws.appconfig.HostedConfigurationVersionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HostedConfigurationVersion(\"example\", HostedConfigurationVersionArgs.builder()\n .applicationId(exampleAwsAppconfigApplication.id())\n .configurationProfileId(exampleAwsAppconfigConfigurationProfile.configurationProfileId())\n .description(\"Example Feature Flag Configuration Version\")\n .contentType(\"application/json\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"flags\", jsonObject(\n jsonProperty(\"foo\", jsonObject(\n jsonProperty(\"name\", \"foo\"),\n jsonProperty(\"_deprecation\", jsonObject(\n jsonProperty(\"status\", \"planned\")\n ))\n )),\n jsonProperty(\"bar\", jsonObject(\n jsonProperty(\"name\", \"bar\"),\n jsonProperty(\"attributes\", jsonObject(\n jsonProperty(\"someAttribute\", jsonObject(\n jsonProperty(\"constraints\", jsonObject(\n jsonProperty(\"type\", \"string\"),\n jsonProperty(\"required\", true)\n ))\n )),\n jsonProperty(\"someOtherAttribute\", jsonObject(\n jsonProperty(\"constraints\", jsonObject(\n jsonProperty(\"type\", \"number\"),\n jsonProperty(\"required\", true)\n ))\n ))\n ))\n ))\n )),\n jsonProperty(\"values\", jsonObject(\n jsonProperty(\"foo\", jsonObject(\n jsonProperty(\"enabled\", \"true\")\n )),\n jsonProperty(\"bar\", jsonObject(\n jsonProperty(\"enabled\", \"true\"),\n jsonProperty(\"someAttribute\", \"Hello World\"),\n jsonProperty(\"someOtherAttribute\", 123)\n ))\n )),\n jsonProperty(\"version\", \"1\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appconfig:HostedConfigurationVersion\n properties:\n applicationId: ${exampleAwsAppconfigApplication.id}\n configurationProfileId: ${exampleAwsAppconfigConfigurationProfile.configurationProfileId}\n description: Example Feature Flag Configuration Version\n contentType: application/json\n content:\n fn::toJSON:\n flags:\n foo:\n name: foo\n _deprecation:\n status: planned\n bar:\n name: bar\n attributes:\n someAttribute:\n constraints:\n type: string\n required: true\n someOtherAttribute:\n constraints:\n type: number\n required: true\n values:\n foo:\n enabled: 'true'\n bar:\n enabled: 'true'\n someAttribute: Hello World\n someOtherAttribute: 123\n version: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppConfig Hosted Configuration Versions using the application ID, configuration profile ID, and version number separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:appconfig/hostedConfigurationVersion:HostedConfigurationVersion example 71abcde/11xxxxx/2\n```\n", "properties": { "applicationId": { "type": "string", "description": "Application ID.\n" }, "arn": { "type": "string", "description": "ARN of the AppConfig hosted configuration version.\n" }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID.\n" }, "content": { "type": "string", "description": "Content of the configuration or the configuration data.\n", "secret": true }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the configuration content. For more information, see [Content-Type](https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "versionNumber": { "type": "integer", "description": "Version number of the hosted configuration.\n" } }, "required": [ "applicationId", "arn", "configurationProfileId", "content", "contentType", "versionNumber" ], "inputProperties": { "applicationId": { "type": "string", "description": "Application ID.\n", "willReplaceOnChanges": true }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID.\n", "willReplaceOnChanges": true }, "content": { "type": "string", "description": "Content of the configuration or the configuration data.\n", "secret": true, "willReplaceOnChanges": true }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the configuration content. For more information, see [Content-Type](https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the configuration.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "applicationId", "configurationProfileId", "content", "contentType" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedConfigurationVersion resources.\n", "properties": { "applicationId": { "type": "string", "description": "Application ID.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the AppConfig hosted configuration version.\n" }, "configurationProfileId": { "type": "string", "description": "Configuration profile ID.\n", "willReplaceOnChanges": true }, "content": { "type": "string", "description": "Content of the configuration or the configuration data.\n", "secret": true, "willReplaceOnChanges": true }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the configuration content. For more information, see [Content-Type](https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the configuration.\n", "willReplaceOnChanges": true }, "versionNumber": { "type": "integer", "description": "Version number of the hosted configuration.\n" } }, "type": "object" } }, "aws:appfabric/appAuthorization:AppAuthorization": { "description": "Resource for managing an AWS AppFabric App Authorization.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appfabric.AppAuthorization(\"example\", {\n app: \"TERRAFORMCLOUD\",\n appBundleArn: arn,\n authType: \"apiKey\",\n credential: {\n apiKeyCredentials: [{\n apiKey: \"exampleapikeytoken\",\n }],\n },\n tenants: [{\n tenantDisplayName: \"example\",\n tenantIdentifier: \"example\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appfabric.AppAuthorization(\"example\",\n app=\"TERRAFORMCLOUD\",\n app_bundle_arn=arn,\n auth_type=\"apiKey\",\n credential={\n \"api_key_credentials\": [{\n \"api_key\": \"exampleapikeytoken\",\n }],\n },\n tenants=[{\n \"tenant_display_name\": \"example\",\n \"tenant_identifier\": \"example\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppFabric.AppAuthorization(\"example\", new()\n {\n App = \"TERRAFORMCLOUD\",\n AppBundleArn = arn,\n AuthType = \"apiKey\",\n Credential = new Aws.AppFabric.Inputs.AppAuthorizationCredentialArgs\n {\n ApiKeyCredentials = new[]\n {\n new Aws.AppFabric.Inputs.AppAuthorizationCredentialApiKeyCredentialArgs\n {\n ApiKey = \"exampleapikeytoken\",\n },\n },\n },\n Tenants = new[]\n {\n new Aws.AppFabric.Inputs.AppAuthorizationTenantArgs\n {\n TenantDisplayName = \"example\",\n TenantIdentifier = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appfabric\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appfabric.NewAppAuthorization(ctx, \"example\", \u0026appfabric.AppAuthorizationArgs{\n\t\t\tApp: pulumi.String(\"TERRAFORMCLOUD\"),\n\t\t\tAppBundleArn: pulumi.Any(arn),\n\t\t\tAuthType: pulumi.String(\"apiKey\"),\n\t\t\tCredential: \u0026appfabric.AppAuthorizationCredentialArgs{\n\t\t\t\tApiKeyCredentials: appfabric.AppAuthorizationCredentialApiKeyCredentialArray{\n\t\t\t\t\t\u0026appfabric.AppAuthorizationCredentialApiKeyCredentialArgs{\n\t\t\t\t\t\tApiKey: pulumi.String(\"exampleapikeytoken\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTenants: appfabric.AppAuthorizationTenantArray{\n\t\t\t\t\u0026appfabric.AppAuthorizationTenantArgs{\n\t\t\t\t\tTenantDisplayName: pulumi.String(\"example\"),\n\t\t\t\t\tTenantIdentifier: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appfabric.AppAuthorization;\nimport com.pulumi.aws.appfabric.AppAuthorizationArgs;\nimport com.pulumi.aws.appfabric.inputs.AppAuthorizationCredentialArgs;\nimport com.pulumi.aws.appfabric.inputs.AppAuthorizationTenantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppAuthorization(\"example\", AppAuthorizationArgs.builder()\n .app(\"TERRAFORMCLOUD\")\n .appBundleArn(arn)\n .authType(\"apiKey\")\n .credential(AppAuthorizationCredentialArgs.builder()\n .apiKeyCredentials(AppAuthorizationCredentialApiKeyCredentialArgs.builder()\n .apiKey(\"exampleapikeytoken\")\n .build())\n .build())\n .tenants(AppAuthorizationTenantArgs.builder()\n .tenantDisplayName(\"example\")\n .tenantIdentifier(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appfabric:AppAuthorization\n properties:\n app: TERRAFORMCLOUD\n appBundleArn: ${arn}\n authType: apiKey\n credential:\n apiKeyCredentials:\n - apiKey: exampleapikeytoken\n tenants:\n - tenantDisplayName: example\n tenantIdentifier: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "app": { "type": "string", "description": "The name of the application for valid values see https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppAuthorization.html.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the App Authorization. Do not begin the description with \"An\", \"The\", \"Defines\", \"Indicates\", or \"Specifies,\" as these are verbose. In other words, \"Indicates the amount of storage,\" can be rewritten as \"Amount of storage,\" without losing any information.\n" }, "authType": { "type": "string", "description": "The authorization type for the app authorization valid values are oauth2 and apiKey.\n" }, "authUrl": { "type": "string", "description": "The application URL for the OAuth flow.\n" }, "createdAt": { "type": "string" }, "credential": { "$ref": "#/types/aws:appfabric/AppAuthorizationCredential:AppAuthorizationCredential", "description": "Contains credentials for the application, such as an API key or OAuth2 client ID and secret.\nSpecify credentials that match the authorization type for your request. For example, if the authorization type for your request is OAuth2 (oauth2), then you should provide only the OAuth2 credentials.\n" }, "persona": { "type": "string", "description": "The user persona of the app authorization.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tenants": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationTenant:AppAuthorizationTenant" }, "description": "Contains information about an application tenant, such as the application display name and identifier.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationTimeouts:AppAuthorizationTimeouts" }, "updatedAt": { "type": "string" } }, "required": [ "app", "appBundleArn", "arn", "authType", "authUrl", "createdAt", "persona", "tagsAll", "updatedAt" ], "inputProperties": { "app": { "type": "string", "description": "The name of the application for valid values see https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppAuthorization.html.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "authType": { "type": "string", "description": "The authorization type for the app authorization valid values are oauth2 and apiKey.\n" }, "credential": { "$ref": "#/types/aws:appfabric/AppAuthorizationCredential:AppAuthorizationCredential", "description": "Contains credentials for the application, such as an API key or OAuth2 client ID and secret.\nSpecify credentials that match the authorization type for your request. For example, if the authorization type for your request is OAuth2 (oauth2), then you should provide only the OAuth2 credentials.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tenants": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationTenant:AppAuthorizationTenant" }, "description": "Contains information about an application tenant, such as the application display name and identifier.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationTimeouts:AppAuthorizationTimeouts" } }, "requiredInputs": [ "app", "appBundleArn", "authType" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppAuthorization resources.\n", "properties": { "app": { "type": "string", "description": "The name of the application for valid values see https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppAuthorization.html.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the App Authorization. Do not begin the description with \"An\", \"The\", \"Defines\", \"Indicates\", or \"Specifies,\" as these are verbose. In other words, \"Indicates the amount of storage,\" can be rewritten as \"Amount of storage,\" without losing any information.\n" }, "authType": { "type": "string", "description": "The authorization type for the app authorization valid values are oauth2 and apiKey.\n" }, "authUrl": { "type": "string", "description": "The application URL for the OAuth flow.\n" }, "createdAt": { "type": "string" }, "credential": { "$ref": "#/types/aws:appfabric/AppAuthorizationCredential:AppAuthorizationCredential", "description": "Contains credentials for the application, such as an API key or OAuth2 client ID and secret.\nSpecify credentials that match the authorization type for your request. For example, if the authorization type for your request is OAuth2 (oauth2), then you should provide only the OAuth2 credentials.\n" }, "persona": { "type": "string", "description": "The user persona of the app authorization.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tenants": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationTenant:AppAuthorizationTenant" }, "description": "Contains information about an application tenant, such as the application display name and identifier.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationTimeouts:AppAuthorizationTimeouts" }, "updatedAt": { "type": "string" } }, "type": "object" } }, "aws:appfabric/appAuthorizationConnection:AppAuthorizationConnection": { "description": "Resource for managing an AWS AppFabric App Authorization Connection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appfabric.AppAuthorizationConnection(\"example\", {\n appAuthorizationArn: test.arn,\n appBundleArn: arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appfabric.AppAuthorizationConnection(\"example\",\n app_authorization_arn=test[\"arn\"],\n app_bundle_arn=arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppFabric.AppAuthorizationConnection(\"example\", new()\n {\n AppAuthorizationArn = test.Arn,\n AppBundleArn = arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appfabric\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appfabric.NewAppAuthorizationConnection(ctx, \"example\", \u0026appfabric.AppAuthorizationConnectionArgs{\n\t\t\tAppAuthorizationArn: pulumi.Any(test.Arn),\n\t\t\tAppBundleArn: pulumi.Any(arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appfabric.AppAuthorizationConnection;\nimport com.pulumi.aws.appfabric.AppAuthorizationConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppAuthorizationConnection(\"example\", AppAuthorizationConnectionArgs.builder()\n .appAuthorizationArn(test.arn())\n .appBundleArn(arn)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appfabric:AppAuthorizationConnection\n properties:\n appAuthorizationArn: ${test.arn}\n appBundleArn: ${arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "app": { "type": "string", "description": "The name of the application.\n" }, "appAuthorizationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "authRequest": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionAuthRequest:AppAuthorizationConnectionAuthRequest", "description": "Contains OAuth2 authorization information.This is required if the app authorization for the request is configured with an OAuth2 (oauth2) authorization type.\n" }, "tenants": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionTenant:AppAuthorizationConnectionTenant" }, "description": "Contains information about an application tenant, such as the application display name and identifier.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionTimeouts:AppAuthorizationConnectionTimeouts" } }, "required": [ "app", "appAuthorizationArn", "appBundleArn", "tenants" ], "inputProperties": { "appAuthorizationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "authRequest": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionAuthRequest:AppAuthorizationConnectionAuthRequest", "description": "Contains OAuth2 authorization information.This is required if the app authorization for the request is configured with an OAuth2 (oauth2) authorization type.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionTimeouts:AppAuthorizationConnectionTimeouts" } }, "requiredInputs": [ "appAuthorizationArn", "appBundleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppAuthorizationConnection resources.\n", "properties": { "app": { "type": "string", "description": "The name of the application.\n" }, "appAuthorizationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.\n" }, "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "authRequest": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionAuthRequest:AppAuthorizationConnectionAuthRequest", "description": "Contains OAuth2 authorization information.This is required if the app authorization for the request is configured with an OAuth2 (oauth2) authorization type.\n" }, "tenants": { "type": "array", "items": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionTenant:AppAuthorizationConnectionTenant" }, "description": "Contains information about an application tenant, such as the application display name and identifier.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/AppAuthorizationConnectionTimeouts:AppAuthorizationConnectionTimeouts" } }, "type": "object" } }, "aws:appfabric/appBundle:AppBundle": { "description": "Resource for managing an AWS AppFabric AppBundle.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appfabric.AppBundle(\"example\", {\n customerManagedKeyArn: exampleAwmsKmsKey.arn,\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appfabric.AppBundle(\"example\",\n customer_managed_key_arn=example_awms_kms_key[\"arn\"],\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppFabric.AppBundle(\"example\", new()\n {\n CustomerManagedKeyArn = exampleAwmsKmsKey.Arn,\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appfabric\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appfabric.NewAppBundle(ctx, \"example\", \u0026appfabric.AppBundleArgs{\n\t\t\tCustomerManagedKeyArn: pulumi.Any(exampleAwmsKmsKey.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appfabric.AppBundle;\nimport com.pulumi.aws.appfabric.AppBundleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppBundle(\"example\", AppBundleArgs.builder()\n .customerManagedKeyArn(exampleAwmsKmsKey.arn())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appfabric:AppBundle\n properties:\n customerManagedKeyArn: ${exampleAwmsKmsKey.arn}\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFabric AppBundle using the `arn`. For example:\n\n```sh\n$ pulumi import aws:appfabric/appBundle:AppBundle example arn:aws:appfabric:[region]:[account]:appbundle/ee5587b4-5765-4288-a202-xxxxxxxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppBundle.\n" }, "customerManagedKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key to use to encrypt the application data. If this is not specified, an AWS owned key is used for encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "tagsAll" ], "inputProperties": { "customerManagedKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key to use to encrypt the application data. If this is not specified, an AWS owned key is used for encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AppBundle resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the AppBundle.\n" }, "customerManagedKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key to use to encrypt the application data. If this is not specified, an AWS owned key is used for encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appfabric/ingestion:Ingestion": { "description": "Resource for managing an AWS AppFabric Ingestion.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appfabric.Ingestion(\"example\", {\n app: \"OKTA\",\n appBundleArn: exampleAwsAppfabricAppBundle.arn,\n tenantId: \"example.okta.com\",\n ingestionType: \"auditLog\",\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appfabric.Ingestion(\"example\",\n app=\"OKTA\",\n app_bundle_arn=example_aws_appfabric_app_bundle[\"arn\"],\n tenant_id=\"example.okta.com\",\n ingestion_type=\"auditLog\",\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppFabric.Ingestion(\"example\", new()\n {\n App = \"OKTA\",\n AppBundleArn = exampleAwsAppfabricAppBundle.Arn,\n TenantId = \"example.okta.com\",\n IngestionType = \"auditLog\",\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appfabric\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appfabric.NewIngestion(ctx, \"example\", \u0026appfabric.IngestionArgs{\n\t\t\tApp: pulumi.String(\"OKTA\"),\n\t\t\tAppBundleArn: pulumi.Any(exampleAwsAppfabricAppBundle.Arn),\n\t\t\tTenantId: pulumi.String(\"example.okta.com\"),\n\t\t\tIngestionType: pulumi.String(\"auditLog\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appfabric.Ingestion;\nimport com.pulumi.aws.appfabric.IngestionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Ingestion(\"example\", IngestionArgs.builder()\n .app(\"OKTA\")\n .appBundleArn(exampleAwsAppfabricAppBundle.arn())\n .tenantId(\"example.okta.com\")\n .ingestionType(\"auditLog\")\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appfabric:Ingestion\n properties:\n app: OKTA\n appBundleArn: ${exampleAwsAppfabricAppBundle.arn}\n tenantId: example.okta.com\n ingestionType: auditLog\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFabric Ingestion using the `app_bundle_identifier` and `arn` separated by `,`. For example:\n\n```sh\n$ pulumi import aws:appfabric/ingestion:Ingestion example arn:aws:appfabric:[region]:[account]:appbundle/a9b91477-8831-43c0-970c-xxxxxxxxxx,arn:aws:appfabric:[region]:[account]:appbundle/a9b91477-8831-43c0-970c-xxxxxxxxxx/ingestion/32251416-710b-4425-96ca-xxxxxxxxxx\n```\n", "properties": { "app": { "type": "string", "description": "Name of the application.\nRefer to the AWS Documentation for the [list of valid values](https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestion.html#appfabric-CreateIngestion-request-app)\n" }, "appBundleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the Ingestion.\n" }, "ingestionType": { "type": "string", "description": "Ingestion type. Valid values are `auditLog`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenantId": { "type": "string", "description": "ID of the application tenant.\n" } }, "required": [ "app", "appBundleArn", "arn", "ingestionType", "tagsAll", "tenantId" ], "inputProperties": { "app": { "type": "string", "description": "Name of the application.\nRefer to the AWS Documentation for the [list of valid values](https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestion.html#appfabric-CreateIngestion-request-app)\n" }, "appBundleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "ingestionType": { "type": "string", "description": "Ingestion type. Valid values are `auditLog`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tenantId": { "type": "string", "description": "ID of the application tenant.\n" } }, "requiredInputs": [ "app", "appBundleArn", "ingestionType", "tenantId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Ingestion resources.\n", "properties": { "app": { "type": "string", "description": "Name of the application.\nRefer to the AWS Documentation for the [list of valid values](https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestion.html#appfabric-CreateIngestion-request-app)\n" }, "appBundleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the Ingestion.\n" }, "ingestionType": { "type": "string", "description": "Ingestion type. Valid values are `auditLog`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenantId": { "type": "string", "description": "ID of the application tenant.\n" } }, "type": "object" } }, "aws:appfabric/ingestionDestination:IngestionDestination": { "description": "Resource for managing an AWS AppFabric Ingestion Destination.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appfabric.IngestionDestination(\"example\", {\n appBundleArn: exampleAwsAppfabricAppBundle.arn,\n ingestionArn: exampleAwsAppfabricIngestion.arn,\n processingConfiguration: {\n auditLog: {\n format: \"json\",\n schema: \"raw\",\n },\n },\n destinationConfiguration: {\n auditLog: {\n destination: {\n s3Bucket: {\n bucketName: exampleAwsS3Bucket.bucket,\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appfabric.IngestionDestination(\"example\",\n app_bundle_arn=example_aws_appfabric_app_bundle[\"arn\"],\n ingestion_arn=example_aws_appfabric_ingestion[\"arn\"],\n processing_configuration={\n \"audit_log\": {\n \"format\": \"json\",\n \"schema\": \"raw\",\n },\n },\n destination_configuration={\n \"audit_log\": {\n \"destination\": {\n \"s3_bucket\": {\n \"bucket_name\": example_aws_s3_bucket[\"bucket\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppFabric.IngestionDestination(\"example\", new()\n {\n AppBundleArn = exampleAwsAppfabricAppBundle.Arn,\n IngestionArn = exampleAwsAppfabricIngestion.Arn,\n ProcessingConfiguration = new Aws.AppFabric.Inputs.IngestionDestinationProcessingConfigurationArgs\n {\n AuditLog = new Aws.AppFabric.Inputs.IngestionDestinationProcessingConfigurationAuditLogArgs\n {\n Format = \"json\",\n Schema = \"raw\",\n },\n },\n DestinationConfiguration = new Aws.AppFabric.Inputs.IngestionDestinationDestinationConfigurationArgs\n {\n AuditLog = new Aws.AppFabric.Inputs.IngestionDestinationDestinationConfigurationAuditLogArgs\n {\n Destination = new Aws.AppFabric.Inputs.IngestionDestinationDestinationConfigurationAuditLogDestinationArgs\n {\n S3Bucket = new Aws.AppFabric.Inputs.IngestionDestinationDestinationConfigurationAuditLogDestinationS3BucketArgs\n {\n BucketName = exampleAwsS3Bucket.Bucket,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appfabric\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appfabric.NewIngestionDestination(ctx, \"example\", \u0026appfabric.IngestionDestinationArgs{\n\t\t\tAppBundleArn: pulumi.Any(exampleAwsAppfabricAppBundle.Arn),\n\t\t\tIngestionArn: pulumi.Any(exampleAwsAppfabricIngestion.Arn),\n\t\t\tProcessingConfiguration: \u0026appfabric.IngestionDestinationProcessingConfigurationArgs{\n\t\t\t\tAuditLog: \u0026appfabric.IngestionDestinationProcessingConfigurationAuditLogArgs{\n\t\t\t\t\tFormat: pulumi.String(\"json\"),\n\t\t\t\t\tSchema: pulumi.String(\"raw\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDestinationConfiguration: \u0026appfabric.IngestionDestinationDestinationConfigurationArgs{\n\t\t\t\tAuditLog: \u0026appfabric.IngestionDestinationDestinationConfigurationAuditLogArgs{\n\t\t\t\t\tDestination: \u0026appfabric.IngestionDestinationDestinationConfigurationAuditLogDestinationArgs{\n\t\t\t\t\t\tS3Bucket: \u0026appfabric.IngestionDestinationDestinationConfigurationAuditLogDestinationS3BucketArgs{\n\t\t\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appfabric.IngestionDestination;\nimport com.pulumi.aws.appfabric.IngestionDestinationArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationProcessingConfigurationArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationProcessingConfigurationAuditLogArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationDestinationConfigurationArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationDestinationConfigurationAuditLogArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationDestinationConfigurationAuditLogDestinationArgs;\nimport com.pulumi.aws.appfabric.inputs.IngestionDestinationDestinationConfigurationAuditLogDestinationS3BucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IngestionDestination(\"example\", IngestionDestinationArgs.builder()\n .appBundleArn(exampleAwsAppfabricAppBundle.arn())\n .ingestionArn(exampleAwsAppfabricIngestion.arn())\n .processingConfiguration(IngestionDestinationProcessingConfigurationArgs.builder()\n .auditLog(IngestionDestinationProcessingConfigurationAuditLogArgs.builder()\n .format(\"json\")\n .schema(\"raw\")\n .build())\n .build())\n .destinationConfiguration(IngestionDestinationDestinationConfigurationArgs.builder()\n .auditLog(IngestionDestinationDestinationConfigurationAuditLogArgs.builder()\n .destination(IngestionDestinationDestinationConfigurationAuditLogDestinationArgs.builder()\n .s3Bucket(IngestionDestinationDestinationConfigurationAuditLogDestinationS3BucketArgs.builder()\n .bucketName(exampleAwsS3Bucket.bucket())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appfabric:IngestionDestination\n properties:\n appBundleArn: ${exampleAwsAppfabricAppBundle.arn}\n ingestionArn: ${exampleAwsAppfabricIngestion.arn}\n processingConfiguration:\n auditLog:\n format: json\n schema: raw\n destinationConfiguration:\n auditLog:\n destination:\n s3Bucket:\n bucketName: ${exampleAwsS3Bucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the Ingestion Destination.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfiguration:IngestionDestinationDestinationConfiguration", "description": "Contains information about the destination of ingested data.\n" }, "ingestionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the ingestion to use for the request.\n" }, "processingConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationProcessingConfiguration:IngestionDestinationProcessingConfiguration", "description": "Contains information about how ingested data is processed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:appfabric/IngestionDestinationTimeouts:IngestionDestinationTimeouts" } }, "required": [ "appBundleArn", "arn", "ingestionArn", "tagsAll" ], "inputProperties": { "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfiguration:IngestionDestinationDestinationConfiguration", "description": "Contains information about the destination of ingested data.\n" }, "ingestionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the ingestion to use for the request.\n" }, "processingConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationProcessingConfiguration:IngestionDestinationProcessingConfiguration", "description": "Contains information about how ingested data is processed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:appfabric/IngestionDestinationTimeouts:IngestionDestinationTimeouts" } }, "requiredInputs": [ "appBundleArn", "ingestionArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering IngestionDestination resources.\n", "properties": { "appBundleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app bundle to use for the request.\n" }, "arn": { "type": "string", "description": "ARN of the Ingestion Destination.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationDestinationConfiguration:IngestionDestinationDestinationConfiguration", "description": "Contains information about the destination of ingested data.\n" }, "ingestionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the ingestion to use for the request.\n" }, "processingConfiguration": { "$ref": "#/types/aws:appfabric/IngestionDestinationProcessingConfiguration:IngestionDestinationProcessingConfiguration", "description": "Contains information about how ingested data is processed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:appfabric/IngestionDestinationTimeouts:IngestionDestinationTimeouts" } }, "type": "object" } }, "aws:appflow/connectorProfile:ConnectorProfile": { "description": "Provides an AppFlow connector profile resource.\n\nFor information about AppFlow flows, see the [Amazon AppFlow API Reference](https://docs.aws.amazon.com/appflow/1.0/APIReference/Welcome.html).\nFor specific information about creating an AppFlow connector profile, see the\n[CreateConnectorProfile](https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html) page in the Amazon AppFlow API Reference.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicy({\n name: \"AmazonRedshiftAllCommandsFullAccess\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example_role\",\n managedPolicyArns: [test.arn],\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example_bucket\"});\nconst exampleCluster = new aws.redshift.Cluster(\"example\", {\n clusterIdentifier: \"example_cluster\",\n databaseName: \"example_db\",\n masterUsername: \"exampleuser\",\n masterPassword: \"examplePassword123!\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst exampleConnectorProfile = new aws.appflow.ConnectorProfile(\"example\", {\n name: \"example_profile\",\n connectorType: \"Redshift\",\n connectionMode: \"Public\",\n connectorProfileConfig: {\n connectorProfileCredentials: {\n redshift: {\n password: exampleCluster.masterPassword,\n username: exampleCluster.masterUsername,\n },\n },\n connectorProfileProperties: {\n redshift: {\n bucketName: exampleBucketV2.name,\n databaseUrl: pulumi.interpolate`jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}`,\n roleArn: exampleRole.arn,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(name=\"AmazonRedshiftAllCommandsFullAccess\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example_role\",\n managed_policy_arns=[test[\"arn\"]],\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example_bucket\")\nexample_cluster = aws.redshift.Cluster(\"example\",\n cluster_identifier=\"example_cluster\",\n database_name=\"example_db\",\n master_username=\"exampleuser\",\n master_password=\"examplePassword123!\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\nexample_connector_profile = aws.appflow.ConnectorProfile(\"example\",\n name=\"example_profile\",\n connector_type=\"Redshift\",\n connection_mode=\"Public\",\n connector_profile_config={\n \"connector_profile_credentials\": {\n \"redshift\": {\n \"password\": example_cluster.master_password,\n \"username\": example_cluster.master_username,\n },\n },\n \"connector_profile_properties\": {\n \"redshift\": {\n \"bucket_name\": example_bucket_v2.name,\n \"database_url\": pulumi.Output.all(example_cluster.endpoint, example_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n \"role_arn\": example_role.arn,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Name = \"AmazonRedshiftAllCommandsFullAccess\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example_role\",\n ManagedPolicyArns = new[]\n {\n test.Arn,\n },\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example_bucket\",\n });\n\n var exampleCluster = new Aws.RedShift.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example_cluster\",\n DatabaseName = \"example_db\",\n MasterUsername = \"exampleuser\",\n MasterPassword = \"examplePassword123!\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var exampleConnectorProfile = new Aws.AppFlow.ConnectorProfile(\"example\", new()\n {\n Name = \"example_profile\",\n ConnectorType = \"Redshift\",\n ConnectionMode = \"Public\",\n ConnectorProfileConfig = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigArgs\n {\n ConnectorProfileCredentials = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs\n {\n Password = exampleCluster.MasterPassword,\n Username = exampleCluster.MasterUsername,\n },\n },\n ConnectorProfileProperties = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs\n {\n BucketName = exampleBucketV2.Name,\n DatabaseUrl = Output.Tuple(exampleCluster.Endpoint, exampleCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n RoleArn = exampleRole.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appflow\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"AmazonRedshiftAllCommandsFullAccess\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example_role\"),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example_bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCluster, err := redshift.NewCluster(ctx, \"example\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example_cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tMasterUsername: pulumi.String(\"exampleuser\"),\n\t\t\tMasterPassword: pulumi.String(\"examplePassword123!\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appflow.NewConnectorProfile(ctx, \"example\", \u0026appflow.ConnectorProfileArgs{\n\t\t\tName: pulumi.String(\"example_profile\"),\n\t\t\tConnectorType: pulumi.String(\"Redshift\"),\n\t\t\tConnectionMode: pulumi.String(\"Public\"),\n\t\t\tConnectorProfileConfig: \u0026appflow.ConnectorProfileConnectorProfileConfigArgs{\n\t\t\t\tConnectorProfileCredentials: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs{\n\t\t\t\t\t\tPassword: exampleCluster.MasterPassword,\n\t\t\t\t\t\tUsername: exampleCluster.MasterUsername,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tConnectorProfileProperties: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs{\n\t\t\t\t\t\tBucketName: exampleBucketV2.Name,\n\t\t\t\t\t\tDatabaseUrl: pulumi.All(exampleCluster.Endpoint, exampleCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.appflow.ConnectorProfile;\nimport com.pulumi.aws.appflow.ConnectorProfileArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .name(\"AmazonRedshiftAllCommandsFullAccess\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example_role\")\n .managedPolicyArns(test.arn())\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example_bucket\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .clusterIdentifier(\"example_cluster\")\n .databaseName(\"example_db\")\n .masterUsername(\"exampleuser\")\n .masterPassword(\"examplePassword123!\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var exampleConnectorProfile = new ConnectorProfile(\"exampleConnectorProfile\", ConnectorProfileArgs.builder()\n .name(\"example_profile\")\n .connectorType(\"Redshift\")\n .connectionMode(\"Public\")\n .connectorProfileConfig(ConnectorProfileConnectorProfileConfigArgs.builder()\n .connectorProfileCredentials(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs.builder()\n .password(exampleCluster.masterPassword())\n .username(exampleCluster.masterUsername())\n .build())\n .build())\n .connectorProfileProperties(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs.builder()\n .bucketName(exampleBucketV2.name())\n .databaseUrl(Output.tuple(exampleCluster.endpoint(), exampleCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .roleArn(exampleRole.arn())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example_role\n managedPolicyArns:\n - ${test.arn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example_bucket\n exampleCluster:\n type: aws:redshift:Cluster\n name: example\n properties:\n clusterIdentifier: example_cluster\n databaseName: example_db\n masterUsername: exampleuser\n masterPassword: examplePassword123!\n nodeType: dc1.large\n clusterType: single-node\n exampleConnectorProfile:\n type: aws:appflow:ConnectorProfile\n name: example\n properties:\n name: example_profile\n connectorType: Redshift\n connectionMode: Public\n connectorProfileConfig:\n connectorProfileCredentials:\n redshift:\n password: ${exampleCluster.masterPassword}\n username: ${exampleCluster.masterUsername}\n connectorProfileProperties:\n redshift:\n bucketName: ${exampleBucketV2.name}\n databaseUrl: jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}\n roleArn: ${exampleRole.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n name: AmazonRedshiftAllCommandsFullAccess\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFlow Connector Profile using the connector profile `arn`. For example:\n\n```sh\n$ pulumi import aws:appflow/connectorProfile:ConnectorProfile profile arn:aws:appflow:us-west-2:123456789012:connectorprofile/example-profile\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the connector profile.\n" }, "connectionMode": { "type": "string", "description": "Indicates the connection mode and specifies whether it is public or private. Private flows use AWS PrivateLink to route data over AWS infrastructure without exposing it to the public internet. One of: `Public`, `Private`.\n" }, "connectorLabel": { "type": "string", "description": "The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for `CustomConnector` connector type.\n" }, "connectorProfileConfig": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfig:ConnectorProfileConnectorProfileConfig", "description": "Defines the connector-specific configuration and credentials. See Connector Profile Config for more details.\n" }, "connectorType": { "type": "string", "description": "The type of connector. One of: `Amplitude`, `CustomConnector`, `CustomerProfiles`, `Datadog`, `Dynatrace`, `EventBridge`, `Googleanalytics`, `Honeycode`, `Infornexus`, `LookoutMetrics`, `Marketo`, `Redshift`, `S3`, `Salesforce`, `SAPOData`, `Servicenow`, `Singular`, `Slack`, `Snowflake`, `Trendmicro`, `Upsolver`, `Veeva`, `Zendesk`.\n" }, "credentialsArn": { "type": "string", "description": "ARN of the connector profile credentials.\n" }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n" }, "name": { "type": "string" } }, "required": [ "arn", "connectionMode", "connectorProfileConfig", "connectorType", "credentialsArn", "kmsArn", "name" ], "inputProperties": { "connectionMode": { "type": "string", "description": "Indicates the connection mode and specifies whether it is public or private. Private flows use AWS PrivateLink to route data over AWS infrastructure without exposing it to the public internet. One of: `Public`, `Private`.\n" }, "connectorLabel": { "type": "string", "description": "The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for `CustomConnector` connector type.\n", "willReplaceOnChanges": true }, "connectorProfileConfig": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfig:ConnectorProfileConnectorProfileConfig", "description": "Defines the connector-specific configuration and credentials. See Connector Profile Config for more details.\n" }, "connectorType": { "type": "string", "description": "The type of connector. One of: `Amplitude`, `CustomConnector`, `CustomerProfiles`, `Datadog`, `Dynatrace`, `EventBridge`, `Googleanalytics`, `Honeycode`, `Infornexus`, `LookoutMetrics`, `Marketo`, `Redshift`, `S3`, `Salesforce`, `SAPOData`, `Servicenow`, `Singular`, `Slack`, `Snowflake`, `Trendmicro`, `Upsolver`, `Veeva`, `Zendesk`.\n", "willReplaceOnChanges": true }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionMode", "connectorProfileConfig", "connectorType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectorProfile resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the connector profile.\n" }, "connectionMode": { "type": "string", "description": "Indicates the connection mode and specifies whether it is public or private. Private flows use AWS PrivateLink to route data over AWS infrastructure without exposing it to the public internet. One of: `Public`, `Private`.\n" }, "connectorLabel": { "type": "string", "description": "The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for `CustomConnector` connector type.\n", "willReplaceOnChanges": true }, "connectorProfileConfig": { "$ref": "#/types/aws:appflow/ConnectorProfileConnectorProfileConfig:ConnectorProfileConnectorProfileConfig", "description": "Defines the connector-specific configuration and credentials. See Connector Profile Config for more details.\n" }, "connectorType": { "type": "string", "description": "The type of connector. One of: `Amplitude`, `CustomConnector`, `CustomerProfiles`, `Datadog`, `Dynatrace`, `EventBridge`, `Googleanalytics`, `Honeycode`, `Infornexus`, `LookoutMetrics`, `Marketo`, `Redshift`, `S3`, `Salesforce`, `SAPOData`, `Servicenow`, `Singular`, `Slack`, `Snowflake`, `Trendmicro`, `Upsolver`, `Veeva`, `Zendesk`.\n", "willReplaceOnChanges": true }, "credentialsArn": { "type": "string", "description": "ARN of the connector profile credentials.\n" }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appflow/flow:Flow": { "description": "Provides an AppFlow flow resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleSourceBucketV2 = new aws.s3.BucketV2(\"example_source\", {bucket: \"example-source\"});\nconst exampleSource = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"AllowAppFlowSourceActions\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"appflow.amazonaws.com\"],\n }],\n actions: [\n \"s3:ListBucket\",\n \"s3:GetObject\",\n ],\n resources: [\n \"arn:aws:s3:::example-source\",\n \"arn:aws:s3:::example-source/*\",\n ],\n }],\n});\nconst exampleSourceBucketPolicy = new aws.s3.BucketPolicy(\"example_source\", {\n bucket: exampleSourceBucketV2.id,\n policy: exampleSource.then(exampleSource =\u003e exampleSource.json),\n});\nconst example = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleSourceBucketV2.id,\n key: \"example_source.csv\",\n source: new pulumi.asset.FileAsset(\"example_source.csv\"),\n});\nconst exampleDestinationBucketV2 = new aws.s3.BucketV2(\"example_destination\", {bucket: \"example-destination\"});\nconst exampleDestination = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"AllowAppFlowDestinationActions\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"appflow.amazonaws.com\"],\n }],\n actions: [\n \"s3:PutObject\",\n \"s3:AbortMultipartUpload\",\n \"s3:ListMultipartUploadParts\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:GetBucketAcl\",\n \"s3:PutObjectAcl\",\n ],\n resources: [\n \"arn:aws:s3:::example-destination\",\n \"arn:aws:s3:::example-destination/*\",\n ],\n }],\n});\nconst exampleDestinationBucketPolicy = new aws.s3.BucketPolicy(\"example_destination\", {\n bucket: exampleDestinationBucketV2.id,\n policy: exampleDestination.then(exampleDestination =\u003e exampleDestination.json),\n});\nconst exampleFlow = new aws.appflow.Flow(\"example\", {\n name: \"example\",\n sourceFlowConfig: {\n connectorType: \"S3\",\n sourceConnectorProperties: {\n s3: {\n bucketName: exampleSourceBucketPolicy.bucket,\n bucketPrefix: \"example\",\n },\n },\n },\n destinationFlowConfigs: [{\n connectorType: \"S3\",\n destinationConnectorProperties: {\n s3: {\n bucketName: exampleDestinationBucketPolicy.bucket,\n s3OutputFormatConfig: {\n prefixConfig: {\n prefixType: \"PATH\",\n },\n },\n },\n },\n }],\n tasks: [{\n sourceFields: [\"exampleField\"],\n destinationField: \"exampleField\",\n taskType: \"Map\",\n connectorOperators: [{\n s3: \"NO_OP\",\n }],\n }],\n triggerConfig: {\n triggerType: \"OnDemand\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_source_bucket_v2 = aws.s3.BucketV2(\"example_source\", bucket=\"example-source\")\nexample_source = aws.iam.get_policy_document(statements=[{\n \"sid\": \"AllowAppFlowSourceActions\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"appflow.amazonaws.com\"],\n }],\n \"actions\": [\n \"s3:ListBucket\",\n \"s3:GetObject\",\n ],\n \"resources\": [\n \"arn:aws:s3:::example-source\",\n \"arn:aws:s3:::example-source/*\",\n ],\n}])\nexample_source_bucket_policy = aws.s3.BucketPolicy(\"example_source\",\n bucket=example_source_bucket_v2.id,\n policy=example_source.json)\nexample = aws.s3.BucketObjectv2(\"example\",\n bucket=example_source_bucket_v2.id,\n key=\"example_source.csv\",\n source=pulumi.FileAsset(\"example_source.csv\"))\nexample_destination_bucket_v2 = aws.s3.BucketV2(\"example_destination\", bucket=\"example-destination\")\nexample_destination = aws.iam.get_policy_document(statements=[{\n \"sid\": \"AllowAppFlowDestinationActions\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"appflow.amazonaws.com\"],\n }],\n \"actions\": [\n \"s3:PutObject\",\n \"s3:AbortMultipartUpload\",\n \"s3:ListMultipartUploadParts\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:GetBucketAcl\",\n \"s3:PutObjectAcl\",\n ],\n \"resources\": [\n \"arn:aws:s3:::example-destination\",\n \"arn:aws:s3:::example-destination/*\",\n ],\n}])\nexample_destination_bucket_policy = aws.s3.BucketPolicy(\"example_destination\",\n bucket=example_destination_bucket_v2.id,\n policy=example_destination.json)\nexample_flow = aws.appflow.Flow(\"example\",\n name=\"example\",\n source_flow_config={\n \"connector_type\": \"S3\",\n \"source_connector_properties\": {\n \"s3\": {\n \"bucket_name\": example_source_bucket_policy.bucket,\n \"bucket_prefix\": \"example\",\n },\n },\n },\n destination_flow_configs=[{\n \"connector_type\": \"S3\",\n \"destination_connector_properties\": {\n \"s3\": {\n \"bucket_name\": example_destination_bucket_policy.bucket,\n \"s3_output_format_config\": {\n \"prefix_config\": {\n \"prefix_type\": \"PATH\",\n },\n },\n },\n },\n }],\n tasks=[{\n \"source_fields\": [\"exampleField\"],\n \"destination_field\": \"exampleField\",\n \"task_type\": \"Map\",\n \"connector_operators\": [{\n \"s3\": \"NO_OP\",\n }],\n }],\n trigger_config={\n \"trigger_type\": \"OnDemand\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleSourceBucketV2 = new Aws.S3.BucketV2(\"example_source\", new()\n {\n Bucket = \"example-source\",\n });\n\n var exampleSource = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AllowAppFlowSourceActions\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"appflow.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:ListBucket\",\n \"s3:GetObject\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::example-source\",\n \"arn:aws:s3:::example-source/*\",\n },\n },\n },\n });\n\n var exampleSourceBucketPolicy = new Aws.S3.BucketPolicy(\"example_source\", new()\n {\n Bucket = exampleSourceBucketV2.Id,\n Policy = exampleSource.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleSourceBucketV2.Id,\n Key = \"example_source.csv\",\n Source = new FileAsset(\"example_source.csv\"),\n });\n\n var exampleDestinationBucketV2 = new Aws.S3.BucketV2(\"example_destination\", new()\n {\n Bucket = \"example-destination\",\n });\n\n var exampleDestination = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AllowAppFlowDestinationActions\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"appflow.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n \"s3:AbortMultipartUpload\",\n \"s3:ListMultipartUploadParts\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:GetBucketAcl\",\n \"s3:PutObjectAcl\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::example-destination\",\n \"arn:aws:s3:::example-destination/*\",\n },\n },\n },\n });\n\n var exampleDestinationBucketPolicy = new Aws.S3.BucketPolicy(\"example_destination\", new()\n {\n Bucket = exampleDestinationBucketV2.Id,\n Policy = exampleDestination.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleFlow = new Aws.AppFlow.Flow(\"example\", new()\n {\n Name = \"example\",\n SourceFlowConfig = new Aws.AppFlow.Inputs.FlowSourceFlowConfigArgs\n {\n ConnectorType = \"S3\",\n SourceConnectorProperties = new Aws.AppFlow.Inputs.FlowSourceFlowConfigSourceConnectorPropertiesArgs\n {\n S3 = new Aws.AppFlow.Inputs.FlowSourceFlowConfigSourceConnectorPropertiesS3Args\n {\n BucketName = exampleSourceBucketPolicy.Bucket,\n BucketPrefix = \"example\",\n },\n },\n },\n DestinationFlowConfigs = new[]\n {\n new Aws.AppFlow.Inputs.FlowDestinationFlowConfigArgs\n {\n ConnectorType = \"S3\",\n DestinationConnectorProperties = new Aws.AppFlow.Inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesArgs\n {\n S3 = new Aws.AppFlow.Inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3Args\n {\n BucketName = exampleDestinationBucketPolicy.Bucket,\n S3OutputFormatConfig = new Aws.AppFlow.Inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigArgs\n {\n PrefixConfig = new Aws.AppFlow.Inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfigArgs\n {\n PrefixType = \"PATH\",\n },\n },\n },\n },\n },\n },\n Tasks = new[]\n {\n new Aws.AppFlow.Inputs.FlowTaskArgs\n {\n SourceFields = new[]\n {\n \"exampleField\",\n },\n DestinationField = \"exampleField\",\n TaskType = \"Map\",\n ConnectorOperators = new[]\n {\n new Aws.AppFlow.Inputs.FlowTaskConnectorOperatorArgs\n {\n S3 = \"NO_OP\",\n },\n },\n },\n },\n TriggerConfig = new Aws.AppFlow.Inputs.FlowTriggerConfigArgs\n {\n TriggerType = \"OnDemand\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appflow\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleSourceBucketV2, err := s3.NewBucketV2(ctx, \"example_source\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-source\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSource, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"AllowAppFlowSourceActions\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"appflow.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::example-source\",\n\t\t\t\t\t\t\"arn:aws:s3:::example-source/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSourceBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example_source\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleSourceBucketV2.ID(),\n\t\t\tPolicy: pulumi.String(exampleSource.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleSourceBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example_source.csv\"),\n\t\t\tSource: pulumi.NewFileAsset(\"example_source.csv\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDestinationBucketV2, err := s3.NewBucketV2(ctx, \"example_destination\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-destination\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDestination, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"AllowAppFlowDestinationActions\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"appflow.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t\t\"s3:AbortMultipartUpload\",\n\t\t\t\t\t\t\"s3:ListMultipartUploadParts\",\n\t\t\t\t\t\t\"s3:ListBucketMultipartUploads\",\n\t\t\t\t\t\t\"s3:GetBucketAcl\",\n\t\t\t\t\t\t\"s3:PutObjectAcl\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::example-destination\",\n\t\t\t\t\t\t\"arn:aws:s3:::example-destination/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDestinationBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example_destination\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleDestinationBucketV2.ID(),\n\t\t\tPolicy: pulumi.String(exampleDestination.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appflow.NewFlow(ctx, \"example\", \u0026appflow.FlowArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSourceFlowConfig: \u0026appflow.FlowSourceFlowConfigArgs{\n\t\t\t\tConnectorType: pulumi.String(\"S3\"),\n\t\t\t\tSourceConnectorProperties: \u0026appflow.FlowSourceFlowConfigSourceConnectorPropertiesArgs{\n\t\t\t\t\tS3: \u0026appflow.FlowSourceFlowConfigSourceConnectorPropertiesS3Args{\n\t\t\t\t\t\tBucketName: exampleSourceBucketPolicy.Bucket,\n\t\t\t\t\t\tBucketPrefix: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDestinationFlowConfigs: appflow.FlowDestinationFlowConfigArray{\n\t\t\t\t\u0026appflow.FlowDestinationFlowConfigArgs{\n\t\t\t\t\tConnectorType: pulumi.String(\"S3\"),\n\t\t\t\t\tDestinationConnectorProperties: \u0026appflow.FlowDestinationFlowConfigDestinationConnectorPropertiesArgs{\n\t\t\t\t\t\tS3: \u0026appflow.FlowDestinationFlowConfigDestinationConnectorPropertiesS3Args{\n\t\t\t\t\t\t\tBucketName: exampleDestinationBucketPolicy.Bucket,\n\t\t\t\t\t\t\tS3OutputFormatConfig: \u0026appflow.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigArgs{\n\t\t\t\t\t\t\t\tPrefixConfig: \u0026appflow.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfigArgs{\n\t\t\t\t\t\t\t\t\tPrefixType: pulumi.String(\"PATH\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTasks: appflow.FlowTaskArray{\n\t\t\t\t\u0026appflow.FlowTaskArgs{\n\t\t\t\t\tSourceFields: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"exampleField\"),\n\t\t\t\t\t},\n\t\t\t\t\tDestinationField: pulumi.String(\"exampleField\"),\n\t\t\t\t\tTaskType: pulumi.String(\"Map\"),\n\t\t\t\t\tConnectorOperators: appflow.FlowTaskConnectorOperatorArray{\n\t\t\t\t\t\t\u0026appflow.FlowTaskConnectorOperatorArgs{\n\t\t\t\t\t\t\tS3: pulumi.String(\"NO_OP\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTriggerConfig: \u0026appflow.FlowTriggerConfigArgs{\n\t\t\t\tTriggerType: pulumi.String(\"OnDemand\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.appflow.Flow;\nimport com.pulumi.aws.appflow.FlowArgs;\nimport com.pulumi.aws.appflow.inputs.FlowSourceFlowConfigArgs;\nimport com.pulumi.aws.appflow.inputs.FlowSourceFlowConfigSourceConnectorPropertiesArgs;\nimport com.pulumi.aws.appflow.inputs.FlowSourceFlowConfigSourceConnectorPropertiesS3Args;\nimport com.pulumi.aws.appflow.inputs.FlowDestinationFlowConfigArgs;\nimport com.pulumi.aws.appflow.inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesArgs;\nimport com.pulumi.aws.appflow.inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3Args;\nimport com.pulumi.aws.appflow.inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigArgs;\nimport com.pulumi.aws.appflow.inputs.FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfigArgs;\nimport com.pulumi.aws.appflow.inputs.FlowTaskArgs;\nimport com.pulumi.aws.appflow.inputs.FlowTriggerConfigArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleSourceBucketV2 = new BucketV2(\"exampleSourceBucketV2\", BucketV2Args.builder()\n .bucket(\"example-source\")\n .build());\n\n final var exampleSource = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AllowAppFlowSourceActions\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"appflow.amazonaws.com\")\n .build())\n .actions( \n \"s3:ListBucket\",\n \"s3:GetObject\")\n .resources( \n \"arn:aws:s3:::example-source\",\n \"arn:aws:s3:::example-source/*\")\n .build())\n .build());\n\n var exampleSourceBucketPolicy = new BucketPolicy(\"exampleSourceBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleSourceBucketV2.id())\n .policy(exampleSource.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example = new BucketObjectv2(\"example\", BucketObjectv2Args.builder()\n .bucket(exampleSourceBucketV2.id())\n .key(\"example_source.csv\")\n .source(new FileAsset(\"example_source.csv\"))\n .build());\n\n var exampleDestinationBucketV2 = new BucketV2(\"exampleDestinationBucketV2\", BucketV2Args.builder()\n .bucket(\"example-destination\")\n .build());\n\n final var exampleDestination = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AllowAppFlowDestinationActions\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"appflow.amazonaws.com\")\n .build())\n .actions( \n \"s3:PutObject\",\n \"s3:AbortMultipartUpload\",\n \"s3:ListMultipartUploadParts\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:GetBucketAcl\",\n \"s3:PutObjectAcl\")\n .resources( \n \"arn:aws:s3:::example-destination\",\n \"arn:aws:s3:::example-destination/*\")\n .build())\n .build());\n\n var exampleDestinationBucketPolicy = new BucketPolicy(\"exampleDestinationBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleDestinationBucketV2.id())\n .policy(exampleDestination.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleFlow = new Flow(\"exampleFlow\", FlowArgs.builder()\n .name(\"example\")\n .sourceFlowConfig(FlowSourceFlowConfigArgs.builder()\n .connectorType(\"S3\")\n .sourceConnectorProperties(FlowSourceFlowConfigSourceConnectorPropertiesArgs.builder()\n .s3(FlowSourceFlowConfigSourceConnectorPropertiesS3Args.builder()\n .bucketName(exampleSourceBucketPolicy.bucket())\n .bucketPrefix(\"example\")\n .build())\n .build())\n .build())\n .destinationFlowConfigs(FlowDestinationFlowConfigArgs.builder()\n .connectorType(\"S3\")\n .destinationConnectorProperties(FlowDestinationFlowConfigDestinationConnectorPropertiesArgs.builder()\n .s3(FlowDestinationFlowConfigDestinationConnectorPropertiesS3Args.builder()\n .bucketName(exampleDestinationBucketPolicy.bucket())\n .s3OutputFormatConfig(FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigArgs.builder()\n .prefixConfig(FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfigArgs.builder()\n .prefixType(\"PATH\")\n .build())\n .build())\n .build())\n .build())\n .build())\n .tasks(FlowTaskArgs.builder()\n .sourceFields(\"exampleField\")\n .destinationField(\"exampleField\")\n .taskType(\"Map\")\n .connectorOperators(FlowTaskConnectorOperatorArgs.builder()\n .s3(\"NO_OP\")\n .build())\n .build())\n .triggerConfig(FlowTriggerConfigArgs.builder()\n .triggerType(\"OnDemand\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleSourceBucketV2:\n type: aws:s3:BucketV2\n name: example_source\n properties:\n bucket: example-source\n exampleSourceBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example_source\n properties:\n bucket: ${exampleSourceBucketV2.id}\n policy: ${exampleSource.json}\n example:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${exampleSourceBucketV2.id}\n key: example_source.csv\n source:\n fn::FileAsset: example_source.csv\n exampleDestinationBucketV2:\n type: aws:s3:BucketV2\n name: example_destination\n properties:\n bucket: example-destination\n exampleDestinationBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example_destination\n properties:\n bucket: ${exampleDestinationBucketV2.id}\n policy: ${exampleDestination.json}\n exampleFlow:\n type: aws:appflow:Flow\n name: example\n properties:\n name: example\n sourceFlowConfig:\n connectorType: S3\n sourceConnectorProperties:\n s3:\n bucketName: ${exampleSourceBucketPolicy.bucket}\n bucketPrefix: example\n destinationFlowConfigs:\n - connectorType: S3\n destinationConnectorProperties:\n s3:\n bucketName: ${exampleDestinationBucketPolicy.bucket}\n s3OutputFormatConfig:\n prefixConfig:\n prefixType: PATH\n tasks:\n - sourceFields:\n - exampleField\n destinationField: exampleField\n taskType: Map\n connectorOperators:\n - s3: NO_OP\n triggerConfig:\n triggerType: OnDemand\nvariables:\n exampleSource:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AllowAppFlowSourceActions\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - appflow.amazonaws.com\n actions:\n - s3:ListBucket\n - s3:GetObject\n resources:\n - arn:aws:s3:::example-source\n - arn:aws:s3:::example-source/*\n exampleDestination:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AllowAppFlowDestinationActions\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - appflow.amazonaws.com\n actions:\n - s3:PutObject\n - s3:AbortMultipartUpload\n - s3:ListMultipartUploadParts\n - s3:ListBucketMultipartUploads\n - s3:GetBucketAcl\n - s3:PutObjectAcl\n resources:\n - arn:aws:s3:::example-destination\n - arn:aws:s3:::example-destination/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFlow flows using the `arn`. For example:\n\n```sh\n$ pulumi import aws:appflow/flow:Flow example arn:aws:appflow:us-west-2:123456789012:flow/example-flow\n```\n", "properties": { "arn": { "type": "string", "description": "Flow's ARN.\n" }, "description": { "type": "string", "description": "Description of the flow you want to create.\n" }, "destinationFlowConfigs": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfig:FlowDestinationFlowConfig" }, "description": "A Destination Flow Config that controls how Amazon AppFlow places data in the destination connector.\n" }, "flowStatus": { "type": "string", "description": "The current status of the flow.\n" }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n" }, "metadataCatalogConfig": { "$ref": "#/types/aws:appflow/FlowMetadataCatalogConfig:FlowMetadataCatalogConfig", "description": "A Catalog that determines the configuration that Amazon AppFlow uses when it catalogs the data that’s transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.\n" }, "name": { "type": "string", "description": "Name of the flow.\n" }, "sourceFlowConfig": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfig:FlowSourceFlowConfig", "description": "The Source Flow Config that controls how Amazon AppFlow retrieves data from the source connector.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tasks": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowTask:FlowTask" }, "description": "A Task that Amazon AppFlow performs while transferring the data in the flow run.\n" }, "triggerConfig": { "$ref": "#/types/aws:appflow/FlowTriggerConfig:FlowTriggerConfig", "description": "A Trigger that determine how and when the flow runs.\n" } }, "required": [ "arn", "destinationFlowConfigs", "flowStatus", "kmsArn", "metadataCatalogConfig", "name", "sourceFlowConfig", "tagsAll", "tasks", "triggerConfig" ], "inputProperties": { "description": { "type": "string", "description": "Description of the flow you want to create.\n" }, "destinationFlowConfigs": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfig:FlowDestinationFlowConfig" }, "description": "A Destination Flow Config that controls how Amazon AppFlow places data in the destination connector.\n" }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n", "willReplaceOnChanges": true }, "metadataCatalogConfig": { "$ref": "#/types/aws:appflow/FlowMetadataCatalogConfig:FlowMetadataCatalogConfig", "description": "A Catalog that determines the configuration that Amazon AppFlow uses when it catalogs the data that’s transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.\n" }, "name": { "type": "string", "description": "Name of the flow.\n", "willReplaceOnChanges": true }, "sourceFlowConfig": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfig:FlowSourceFlowConfig", "description": "The Source Flow Config that controls how Amazon AppFlow retrieves data from the source connector.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tasks": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowTask:FlowTask" }, "description": "A Task that Amazon AppFlow performs while transferring the data in the flow run.\n" }, "triggerConfig": { "$ref": "#/types/aws:appflow/FlowTriggerConfig:FlowTriggerConfig", "description": "A Trigger that determine how and when the flow runs.\n" } }, "requiredInputs": [ "destinationFlowConfigs", "sourceFlowConfig", "tasks", "triggerConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering Flow resources.\n", "properties": { "arn": { "type": "string", "description": "Flow's ARN.\n" }, "description": { "type": "string", "description": "Description of the flow you want to create.\n" }, "destinationFlowConfigs": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowDestinationFlowConfig:FlowDestinationFlowConfig" }, "description": "A Destination Flow Config that controls how Amazon AppFlow places data in the destination connector.\n" }, "flowStatus": { "type": "string", "description": "The current status of the flow.\n" }, "kmsArn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.\n", "willReplaceOnChanges": true }, "metadataCatalogConfig": { "$ref": "#/types/aws:appflow/FlowMetadataCatalogConfig:FlowMetadataCatalogConfig", "description": "A Catalog that determines the configuration that Amazon AppFlow uses when it catalogs the data that’s transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.\n" }, "name": { "type": "string", "description": "Name of the flow.\n", "willReplaceOnChanges": true }, "sourceFlowConfig": { "$ref": "#/types/aws:appflow/FlowSourceFlowConfig:FlowSourceFlowConfig", "description": "The Source Flow Config that controls how Amazon AppFlow retrieves data from the source connector.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tasks": { "type": "array", "items": { "$ref": "#/types/aws:appflow/FlowTask:FlowTask" }, "description": "A Task that Amazon AppFlow performs while transferring the data in the flow run.\n" }, "triggerConfig": { "$ref": "#/types/aws:appflow/FlowTriggerConfig:FlowTriggerConfig", "description": "A Trigger that determine how and when the flow runs.\n" } }, "type": "object" } }, "aws:appintegrations/dataIntegration:DataIntegration": { "description": "Provides an Amazon AppIntegrations Data Integration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appintegrations.DataIntegration(\"example\", {\n name: \"example\",\n description: \"example\",\n kmsKey: test.arn,\n sourceUri: \"Salesforce://AppFlow/example\",\n scheduleConfig: {\n firstExecutionFrom: \"1439788442681\",\n object: \"Account\",\n scheduleExpression: \"rate(1 hour)\",\n },\n tags: {\n Key1: \"Value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appintegrations.DataIntegration(\"example\",\n name=\"example\",\n description=\"example\",\n kms_key=test[\"arn\"],\n source_uri=\"Salesforce://AppFlow/example\",\n schedule_config={\n \"first_execution_from\": \"1439788442681\",\n \"object\": \"Account\",\n \"schedule_expression\": \"rate(1 hour)\",\n },\n tags={\n \"Key1\": \"Value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppIntegrations.DataIntegration(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n KmsKey = test.Arn,\n SourceUri = \"Salesforce://AppFlow/example\",\n ScheduleConfig = new Aws.AppIntegrations.Inputs.DataIntegrationScheduleConfigArgs\n {\n FirstExecutionFrom = \"1439788442681\",\n Object = \"Account\",\n ScheduleExpression = \"rate(1 hour)\",\n },\n Tags = \n {\n { \"Key1\", \"Value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appintegrations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appintegrations.NewDataIntegration(ctx, \"example\", \u0026appintegrations.DataIntegrationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tKmsKey: pulumi.Any(test.Arn),\n\t\t\tSourceUri: pulumi.String(\"Salesforce://AppFlow/example\"),\n\t\t\tScheduleConfig: \u0026appintegrations.DataIntegrationScheduleConfigArgs{\n\t\t\t\tFirstExecutionFrom: pulumi.String(\"1439788442681\"),\n\t\t\t\tObject: pulumi.String(\"Account\"),\n\t\t\t\tScheduleExpression: pulumi.String(\"rate(1 hour)\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appintegrations.DataIntegration;\nimport com.pulumi.aws.appintegrations.DataIntegrationArgs;\nimport com.pulumi.aws.appintegrations.inputs.DataIntegrationScheduleConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataIntegration(\"example\", DataIntegrationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .kmsKey(test.arn())\n .sourceUri(\"Salesforce://AppFlow/example\")\n .scheduleConfig(DataIntegrationScheduleConfigArgs.builder()\n .firstExecutionFrom(\"1439788442681\")\n .object(\"Account\")\n .scheduleExpression(\"rate(1 hour)\")\n .build())\n .tags(Map.of(\"Key1\", \"Value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appintegrations:DataIntegration\n properties:\n name: example\n description: example\n kmsKey: ${test.arn}\n sourceUri: Salesforce://AppFlow/example\n scheduleConfig:\n firstExecutionFrom: '1439788442681'\n object: Account\n scheduleExpression: rate(1 hour)\n tags:\n Key1: Value1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon AppIntegrations Data Integrations using the `id`. For example:\n\n```sh\n$ pulumi import aws:appintegrations/dataIntegration:DataIntegration example 12345678-1234-1234-1234-123456789123\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Data Integration.\n" }, "description": { "type": "string", "description": "Specifies the description of the Data Integration.\n" }, "kmsKey": { "type": "string", "description": "Specifies the KMS key Amazon Resource Name (ARN) for the Data Integration.\n" }, "name": { "type": "string", "description": "Specifies the name of the Data Integration.\n" }, "scheduleConfig": { "$ref": "#/types/aws:appintegrations/DataIntegrationScheduleConfig:DataIntegrationScheduleConfig", "description": "A block that defines the name of the data and how often it should be pulled from the source. The Schedule Config block is documented below.\n" }, "sourceUri": { "type": "string", "description": "Specifies the URI of the data source. Create an AppFlow Connector Profile and reference the name of the profile in the URL. An example of this value for Salesforce is `Salesforce://AppFlow/example` where `example` is the name of the AppFlow Connector Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Data Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "kmsKey", "name", "scheduleConfig", "sourceUri", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the Data Integration.\n" }, "kmsKey": { "type": "string", "description": "Specifies the KMS key Amazon Resource Name (ARN) for the Data Integration.\n" }, "name": { "type": "string", "description": "Specifies the name of the Data Integration.\n", "willReplaceOnChanges": true }, "scheduleConfig": { "$ref": "#/types/aws:appintegrations/DataIntegrationScheduleConfig:DataIntegrationScheduleConfig", "description": "A block that defines the name of the data and how often it should be pulled from the source. The Schedule Config block is documented below.\n", "willReplaceOnChanges": true }, "sourceUri": { "type": "string", "description": "Specifies the URI of the data source. Create an AppFlow Connector Profile and reference the name of the profile in the URL. An example of this value for Salesforce is `Salesforce://AppFlow/example` where `example` is the name of the AppFlow Connector Profile.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Data Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "kmsKey", "scheduleConfig", "sourceUri" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataIntegration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Data Integration.\n" }, "description": { "type": "string", "description": "Specifies the description of the Data Integration.\n" }, "kmsKey": { "type": "string", "description": "Specifies the KMS key Amazon Resource Name (ARN) for the Data Integration.\n" }, "name": { "type": "string", "description": "Specifies the name of the Data Integration.\n", "willReplaceOnChanges": true }, "scheduleConfig": { "$ref": "#/types/aws:appintegrations/DataIntegrationScheduleConfig:DataIntegrationScheduleConfig", "description": "A block that defines the name of the data and how often it should be pulled from the source. The Schedule Config block is documented below.\n", "willReplaceOnChanges": true }, "sourceUri": { "type": "string", "description": "Specifies the URI of the data source. Create an AppFlow Connector Profile and reference the name of the profile in the URL. An example of this value for Salesforce is `Salesforce://AppFlow/example` where `example` is the name of the AppFlow Connector Profile.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Data Integration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:applicationinsights/application:Application": { "description": "Provides a ApplicationInsights Application resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGroup = new aws.resourcegroups.Group(\"example\", {\n name: \"example\",\n resourceQuery: {\n query: JSON.stringify({\n ResourceTypeFilters: [\"AWS::EC2::Instance\"],\n TagFilters: [{\n Key: \"Stage\",\n Values: [\"Test\"],\n }],\n }),\n },\n});\nconst example = new aws.applicationinsights.Application(\"example\", {resourceGroupName: exampleGroup.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_group = aws.resourcegroups.Group(\"example\",\n name=\"example\",\n resource_query={\n \"query\": json.dumps({\n \"resource_type_filters\": [\"AWS::EC2::Instance\"],\n \"tag_filters\": [{\n \"key\": \"Stage\",\n \"values\": [\"Test\"],\n }],\n }),\n })\nexample = aws.applicationinsights.Application(\"example\", resource_group_name=example_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new Aws.ResourceGroups.Group(\"example\", new()\n {\n Name = \"example\",\n ResourceQuery = new Aws.ResourceGroups.Inputs.GroupResourceQueryArgs\n {\n Query = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceTypeFilters\"] = new[]\n {\n \"AWS::EC2::Instance\",\n },\n [\"TagFilters\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Stage\",\n [\"Values\"] = new[]\n {\n \"Test\",\n },\n },\n },\n }),\n },\n });\n\n var example = new Aws.ApplicationInsights.Application(\"example\", new()\n {\n ResourceGroupName = exampleGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/applicationinsights\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ResourceTypeFilters\": []string{\n\t\t\t\t\"AWS::EC2::Instance\",\n\t\t\t},\n\t\t\t\"TagFilters\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Key\": \"Stage\",\n\t\t\t\t\t\"Values\": []string{\n\t\t\t\t\t\t\"Test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleGroup, err := resourcegroups.NewGroup(ctx, \"example\", \u0026resourcegroups.GroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceQuery: \u0026resourcegroups.GroupResourceQueryArgs{\n\t\t\t\tQuery: pulumi.String(json0),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = applicationinsights.NewApplication(ctx, \"example\", \u0026applicationinsights.ApplicationArgs{\n\t\t\tResourceGroupName: exampleGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroups.Group;\nimport com.pulumi.aws.resourcegroups.GroupArgs;\nimport com.pulumi.aws.resourcegroups.inputs.GroupResourceQueryArgs;\nimport com.pulumi.aws.applicationinsights.Application;\nimport com.pulumi.aws.applicationinsights.ApplicationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .name(\"example\")\n .resourceQuery(GroupResourceQueryArgs.builder()\n .query(serializeJson(\n jsonObject(\n jsonProperty(\"ResourceTypeFilters\", jsonArray(\"AWS::EC2::Instance\")),\n jsonProperty(\"TagFilters\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Stage\"),\n jsonProperty(\"Values\", jsonArray(\"Test\"))\n )))\n )))\n .build())\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder()\n .resourceGroupName(exampleGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:applicationinsights:Application\n properties:\n resourceGroupName: ${exampleGroup.name}\n exampleGroup:\n type: aws:resourcegroups:Group\n name: example\n properties:\n name: example\n resourceQuery:\n query:\n fn::toJSON:\n ResourceTypeFilters:\n - AWS::EC2::Instance\n TagFilters:\n - Key: Stage\n Values:\n - Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ApplicationInsights Applications using the `resource_group_name`. For example:\n\n```sh\n$ pulumi import aws:applicationinsights/application:Application some some-application\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Application.\n" }, "autoConfigEnabled": { "type": "boolean", "description": "Indicates whether Application Insights automatically configures unmonitored resources in the resource group.\n" }, "autoCreate": { "type": "boolean", "description": "Configures all of the resources in the resource group by applying the recommended configurations.\n" }, "cweMonitorEnabled": { "type": "boolean", "description": "Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as instance terminated, failed deployment, and others.\n" }, "groupingType": { "type": "string", "description": "Application Insights can create applications based on a resource group or on an account. To create an account-based application using all of the resources in the account, set this parameter to `ACCOUNT_BASED`.\n" }, "opsCenterEnabled": { "type": "boolean", "description": "When set to `true`, creates opsItems for any problems detected on an application.\n" }, "opsItemSnsTopicArn": { "type": "string", "description": "SNS topic provided to Application Insights that is associated to the created opsItem. Allows you to receive notifications for updates to the opsItem.\n" }, "resourceGroupName": { "type": "string", "description": "Name of the resource group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "resourceGroupName", "tagsAll" ], "inputProperties": { "autoConfigEnabled": { "type": "boolean", "description": "Indicates whether Application Insights automatically configures unmonitored resources in the resource group.\n" }, "autoCreate": { "type": "boolean", "description": "Configures all of the resources in the resource group by applying the recommended configurations.\n", "willReplaceOnChanges": true }, "cweMonitorEnabled": { "type": "boolean", "description": "Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as instance terminated, failed deployment, and others.\n" }, "groupingType": { "type": "string", "description": "Application Insights can create applications based on a resource group or on an account. To create an account-based application using all of the resources in the account, set this parameter to `ACCOUNT_BASED`.\n", "willReplaceOnChanges": true }, "opsCenterEnabled": { "type": "boolean", "description": "When set to `true`, creates opsItems for any problems detected on an application.\n" }, "opsItemSnsTopicArn": { "type": "string", "description": "SNS topic provided to Application Insights that is associated to the created opsItem. Allows you to receive notifications for updates to the opsItem.\n" }, "resourceGroupName": { "type": "string", "description": "Name of the resource group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "resourceGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Application.\n" }, "autoConfigEnabled": { "type": "boolean", "description": "Indicates whether Application Insights automatically configures unmonitored resources in the resource group.\n" }, "autoCreate": { "type": "boolean", "description": "Configures all of the resources in the resource group by applying the recommended configurations.\n", "willReplaceOnChanges": true }, "cweMonitorEnabled": { "type": "boolean", "description": "Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as instance terminated, failed deployment, and others.\n" }, "groupingType": { "type": "string", "description": "Application Insights can create applications based on a resource group or on an account. To create an account-based application using all of the resources in the account, set this parameter to `ACCOUNT_BASED`.\n", "willReplaceOnChanges": true }, "opsCenterEnabled": { "type": "boolean", "description": "When set to `true`, creates opsItems for any problems detected on an application.\n" }, "opsItemSnsTopicArn": { "type": "string", "description": "SNS topic provided to Application Insights that is associated to the created opsItem. Allows you to receive notifications for updates to the opsItem.\n" }, "resourceGroupName": { "type": "string", "description": "Name of the resource group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appmesh/gatewayRoute:GatewayRoute": { "description": "Provides an AWS App Mesh gateway route resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appmesh.GatewayRoute(\"example\", {\n name: \"example-gateway-route\",\n meshName: \"example-service-mesh\",\n virtualGatewayName: exampleAwsAppmeshVirtualGateway.name,\n spec: {\n httpRoute: {\n action: {\n target: {\n virtualService: {\n virtualServiceName: exampleAwsAppmeshVirtualService.name,\n },\n },\n },\n match: {\n prefix: \"/\",\n },\n },\n },\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appmesh.GatewayRoute(\"example\",\n name=\"example-gateway-route\",\n mesh_name=\"example-service-mesh\",\n virtual_gateway_name=example_aws_appmesh_virtual_gateway[\"name\"],\n spec={\n \"http_route\": {\n \"action\": {\n \"target\": {\n \"virtual_service\": {\n \"virtual_service_name\": example_aws_appmesh_virtual_service[\"name\"],\n },\n },\n },\n \"match\": {\n \"prefix\": \"/\",\n },\n },\n },\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppMesh.GatewayRoute(\"example\", new()\n {\n Name = \"example-gateway-route\",\n MeshName = \"example-service-mesh\",\n VirtualGatewayName = exampleAwsAppmeshVirtualGateway.Name,\n Spec = new Aws.AppMesh.Inputs.GatewayRouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.GatewayRouteSpecHttpRouteArgs\n {\n Action = new Aws.AppMesh.Inputs.GatewayRouteSpecHttpRouteActionArgs\n {\n Target = new Aws.AppMesh.Inputs.GatewayRouteSpecHttpRouteActionTargetArgs\n {\n VirtualService = new Aws.AppMesh.Inputs.GatewayRouteSpecHttpRouteActionTargetVirtualServiceArgs\n {\n VirtualServiceName = exampleAwsAppmeshVirtualService.Name,\n },\n },\n },\n Match = new Aws.AppMesh.Inputs.GatewayRouteSpecHttpRouteMatchArgs\n {\n Prefix = \"/\",\n },\n },\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewGatewayRoute(ctx, \"example\", \u0026appmesh.GatewayRouteArgs{\n\t\t\tName: pulumi.String(\"example-gateway-route\"),\n\t\t\tMeshName: pulumi.String(\"example-service-mesh\"),\n\t\t\tVirtualGatewayName: pulumi.Any(exampleAwsAppmeshVirtualGateway.Name),\n\t\t\tSpec: \u0026appmesh.GatewayRouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.GatewayRouteSpecHttpRouteArgs{\n\t\t\t\t\tAction: \u0026appmesh.GatewayRouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tTarget: \u0026appmesh.GatewayRouteSpecHttpRouteActionTargetArgs{\n\t\t\t\t\t\t\tVirtualService: \u0026appmesh.GatewayRouteSpecHttpRouteActionTargetVirtualServiceArgs{\n\t\t\t\t\t\t\t\tVirtualServiceName: pulumi.Any(exampleAwsAppmeshVirtualService.Name),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMatch: \u0026appmesh.GatewayRouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.GatewayRoute;\nimport com.pulumi.aws.appmesh.GatewayRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecHttpRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecHttpRouteActionArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecHttpRouteActionTargetArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecHttpRouteActionTargetVirtualServiceArgs;\nimport com.pulumi.aws.appmesh.inputs.GatewayRouteSpecHttpRouteMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GatewayRoute(\"example\", GatewayRouteArgs.builder()\n .name(\"example-gateway-route\")\n .meshName(\"example-service-mesh\")\n .virtualGatewayName(exampleAwsAppmeshVirtualGateway.name())\n .spec(GatewayRouteSpecArgs.builder()\n .httpRoute(GatewayRouteSpecHttpRouteArgs.builder()\n .action(GatewayRouteSpecHttpRouteActionArgs.builder()\n .target(GatewayRouteSpecHttpRouteActionTargetArgs.builder()\n .virtualService(GatewayRouteSpecHttpRouteActionTargetVirtualServiceArgs.builder()\n .virtualServiceName(exampleAwsAppmeshVirtualService.name())\n .build())\n .build())\n .build())\n .match(GatewayRouteSpecHttpRouteMatchArgs.builder()\n .prefix(\"/\")\n .build())\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appmesh:GatewayRoute\n properties:\n name: example-gateway-route\n meshName: example-service-mesh\n virtualGatewayName: ${exampleAwsAppmeshVirtualGateway.name}\n spec:\n httpRoute:\n action:\n target:\n virtualService:\n virtualServiceName: ${exampleAwsAppmeshVirtualService.name}\n match:\n prefix: /\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh gateway routes using `mesh_name` and `virtual_gateway_name` together with the gateway route's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/gatewayRoute:GatewayRoute example mesh/gw1/example-gateway-route\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the gateway route.\n" }, "createdDate": { "type": "string", "description": "Creation date of the gateway route.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the gateway route.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the gateway route. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the gateway route. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/GatewayRouteSpec:GatewayRouteSpec", "description": "Gateway route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualGatewayName": { "type": "string", "description": "Name of the virtual gateway to associate the gateway route with. Must be between 1 and 255 characters in length.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll", "virtualGatewayName" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the gateway route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the gateway route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/GatewayRouteSpec:GatewayRouteSpec", "description": "Gateway route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualGatewayName": { "type": "string", "description": "Name of the virtual gateway to associate the gateway route with. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "meshName", "spec", "virtualGatewayName" ], "stateInputs": { "description": "Input properties used for looking up and filtering GatewayRoute resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the gateway route.\n" }, "createdDate": { "type": "string", "description": "Creation date of the gateway route.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the gateway route.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the gateway route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the gateway route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/GatewayRouteSpec:GatewayRouteSpec", "description": "Gateway route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualGatewayName": { "type": "string", "description": "Name of the virtual gateway to associate the gateway route with. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appmesh/mesh:Mesh": { "description": "Provides an AWS App Mesh service mesh resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst simple = new aws.appmesh.Mesh(\"simple\", {name: \"simpleapp\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsimple = aws.appmesh.Mesh(\"simple\", name=\"simpleapp\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var simple = new Aws.AppMesh.Mesh(\"simple\", new()\n {\n Name = \"simpleapp\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewMesh(ctx, \"simple\", \u0026appmesh.MeshArgs{\n\t\t\tName: pulumi.String(\"simpleapp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Mesh;\nimport com.pulumi.aws.appmesh.MeshArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var simple = new Mesh(\"simple\", MeshArgs.builder()\n .name(\"simpleapp\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n simple:\n type: aws:appmesh:Mesh\n properties:\n name: simpleapp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Egress Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst simple = new aws.appmesh.Mesh(\"simple\", {\n name: \"simpleapp\",\n spec: {\n egressFilter: {\n type: \"ALLOW_ALL\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsimple = aws.appmesh.Mesh(\"simple\",\n name=\"simpleapp\",\n spec={\n \"egress_filter\": {\n \"type\": \"ALLOW_ALL\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var simple = new Aws.AppMesh.Mesh(\"simple\", new()\n {\n Name = \"simpleapp\",\n Spec = new Aws.AppMesh.Inputs.MeshSpecArgs\n {\n EgressFilter = new Aws.AppMesh.Inputs.MeshSpecEgressFilterArgs\n {\n Type = \"ALLOW_ALL\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewMesh(ctx, \"simple\", \u0026appmesh.MeshArgs{\n\t\t\tName: pulumi.String(\"simpleapp\"),\n\t\t\tSpec: \u0026appmesh.MeshSpecArgs{\n\t\t\t\tEgressFilter: \u0026appmesh.MeshSpecEgressFilterArgs{\n\t\t\t\t\tType: pulumi.String(\"ALLOW_ALL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Mesh;\nimport com.pulumi.aws.appmesh.MeshArgs;\nimport com.pulumi.aws.appmesh.inputs.MeshSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.MeshSpecEgressFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var simple = new Mesh(\"simple\", MeshArgs.builder()\n .name(\"simpleapp\")\n .spec(MeshSpecArgs.builder()\n .egressFilter(MeshSpecEgressFilterArgs.builder()\n .type(\"ALLOW_ALL\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n simple:\n type: aws:appmesh:Mesh\n properties:\n name: simpleapp\n spec:\n egressFilter:\n type: ALLOW_ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh service meshes using the `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/mesh:Mesh simple simpleapp\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the service mesh.\n" }, "createdDate": { "type": "string", "description": "Creation date of the service mesh.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the service mesh.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name to use for the service mesh. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "Service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshOwner", "name", "resourceOwner", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name to use for the service mesh. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "Service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Mesh resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the service mesh.\n" }, "createdDate": { "type": "string", "description": "Creation date of the service mesh.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the service mesh.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name to use for the service mesh. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/MeshSpec:MeshSpec", "description": "Service mesh specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appmesh/route:Route": { "description": "Provides an AWS App Mesh route resource.\n\n## Example Usage\n\n### HTTP Routing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n name: \"serviceB-route\",\n meshName: simple.id,\n virtualRouterName: servicebAwsAppmeshVirtualRouter.name,\n spec: {\n httpRoute: {\n match: {\n prefix: \"/\",\n },\n action: {\n weightedTargets: [\n {\n virtualNode: serviceb1.name,\n weight: 90,\n },\n {\n virtualNode: serviceb2.name,\n weight: 10,\n },\n ],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n name=\"serviceB-route\",\n mesh_name=simple[\"id\"],\n virtual_router_name=serviceb_aws_appmesh_virtual_router[\"name\"],\n spec={\n \"http_route\": {\n \"match\": {\n \"prefix\": \"/\",\n },\n \"action\": {\n \"weighted_targets\": [\n {\n \"virtual_node\": serviceb1[\"name\"],\n \"weight\": 90,\n },\n {\n \"virtual_node\": serviceb2[\"name\"],\n \"weight\": 10,\n },\n ],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new()\n {\n Name = \"serviceB-route\",\n MeshName = simple.Id,\n VirtualRouterName = servicebAwsAppmeshVirtualRouter.Name,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.RouteSpecHttpRouteArgs\n {\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchArgs\n {\n Prefix = \"/\",\n },\n Action = new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionArgs\n {\n WeightedTargets = new[]\n {\n new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionWeightedTargetArgs\n {\n VirtualNode = serviceb1.Name,\n Weight = 90,\n },\n new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionWeightedTargetArgs\n {\n VirtualNode = serviceb2.Name,\n Weight = 10,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tName: pulumi.String(\"serviceB-route\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tVirtualRouterName: pulumi.Any(servicebAwsAppmeshVirtualRouter.Name),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.RouteSpecHttpRouteArgs{\n\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t},\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tWeightedTargets: appmesh.RouteSpecHttpRouteActionWeightedTargetArray{\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecHttpRouteActionWeightedTargetArgs{\n\t\t\t\t\t\t\t\tVirtualNode: pulumi.Any(serviceb1.Name),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(90),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecHttpRouteActionWeightedTargetArgs{\n\t\t\t\t\t\t\t\tVirtualNode: pulumi.Any(serviceb2.Name),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(10),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Route;\nimport com.pulumi.aws.appmesh.RouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteMatchArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb = new Route(\"serviceb\", RouteArgs.builder()\n .name(\"serviceB-route\")\n .meshName(simple.id())\n .virtualRouterName(servicebAwsAppmeshVirtualRouter.name())\n .spec(RouteSpecArgs.builder()\n .httpRoute(RouteSpecHttpRouteArgs.builder()\n .match(RouteSpecHttpRouteMatchArgs.builder()\n .prefix(\"/\")\n .build())\n .action(RouteSpecHttpRouteActionArgs.builder()\n .weightedTargets( \n RouteSpecHttpRouteActionWeightedTargetArgs.builder()\n .virtualNode(serviceb1.name())\n .weight(90)\n .build(),\n RouteSpecHttpRouteActionWeightedTargetArgs.builder()\n .virtualNode(serviceb2.name())\n .weight(10)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb:\n type: aws:appmesh:Route\n properties:\n name: serviceB-route\n meshName: ${simple.id}\n virtualRouterName: ${servicebAwsAppmeshVirtualRouter.name}\n spec:\n httpRoute:\n match:\n prefix: /\n action:\n weightedTargets:\n - virtualNode: ${serviceb1.name}\n weight: 90\n - virtualNode: ${serviceb2.name}\n weight: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTP Header Routing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n name: \"serviceB-route\",\n meshName: simple.id,\n virtualRouterName: servicebAwsAppmeshVirtualRouter.name,\n spec: {\n httpRoute: {\n match: {\n method: \"POST\",\n prefix: \"/\",\n scheme: \"https\",\n headers: [{\n name: \"clientRequestId\",\n match: {\n prefix: \"123\",\n },\n }],\n },\n action: {\n weightedTargets: [{\n virtualNode: servicebAwsAppmeshVirtualNode.name,\n weight: 100,\n }],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n name=\"serviceB-route\",\n mesh_name=simple[\"id\"],\n virtual_router_name=serviceb_aws_appmesh_virtual_router[\"name\"],\n spec={\n \"http_route\": {\n \"match\": {\n \"method\": \"POST\",\n \"prefix\": \"/\",\n \"scheme\": \"https\",\n \"headers\": [{\n \"name\": \"clientRequestId\",\n \"match\": {\n \"prefix\": \"123\",\n },\n }],\n },\n \"action\": {\n \"weighted_targets\": [{\n \"virtual_node\": serviceb_aws_appmesh_virtual_node[\"name\"],\n \"weight\": 100,\n }],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new()\n {\n Name = \"serviceB-route\",\n MeshName = simple.Id,\n VirtualRouterName = servicebAwsAppmeshVirtualRouter.Name,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.RouteSpecHttpRouteArgs\n {\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchArgs\n {\n Method = \"POST\",\n Prefix = \"/\",\n Scheme = \"https\",\n Headers = new[]\n {\n new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchHeaderArgs\n {\n Name = \"clientRequestId\",\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchHeaderMatchArgs\n {\n Prefix = \"123\",\n },\n },\n },\n },\n Action = new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionArgs\n {\n WeightedTargets = new[]\n {\n new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionWeightedTargetArgs\n {\n VirtualNode = servicebAwsAppmeshVirtualNode.Name,\n Weight = 100,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tName: pulumi.String(\"serviceB-route\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tVirtualRouterName: pulumi.Any(servicebAwsAppmeshVirtualRouter.Name),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.RouteSpecHttpRouteArgs{\n\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tMethod: pulumi.String(\"POST\"),\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t\tScheme: pulumi.String(\"https\"),\n\t\t\t\t\t\tHeaders: appmesh.RouteSpecHttpRouteMatchHeaderArray{\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecHttpRouteMatchHeaderArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"clientRequestId\"),\n\t\t\t\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchHeaderMatchArgs{\n\t\t\t\t\t\t\t\t\tPrefix: pulumi.String(\"123\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tWeightedTargets: appmesh.RouteSpecHttpRouteActionWeightedTargetArray{\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecHttpRouteActionWeightedTargetArgs{\n\t\t\t\t\t\t\t\tVirtualNode: pulumi.Any(servicebAwsAppmeshVirtualNode.Name),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Route;\nimport com.pulumi.aws.appmesh.RouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteMatchArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb = new Route(\"serviceb\", RouteArgs.builder()\n .name(\"serviceB-route\")\n .meshName(simple.id())\n .virtualRouterName(servicebAwsAppmeshVirtualRouter.name())\n .spec(RouteSpecArgs.builder()\n .httpRoute(RouteSpecHttpRouteArgs.builder()\n .match(RouteSpecHttpRouteMatchArgs.builder()\n .method(\"POST\")\n .prefix(\"/\")\n .scheme(\"https\")\n .headers(RouteSpecHttpRouteMatchHeaderArgs.builder()\n .name(\"clientRequestId\")\n .match(RouteSpecHttpRouteMatchHeaderMatchArgs.builder()\n .prefix(\"123\")\n .build())\n .build())\n .build())\n .action(RouteSpecHttpRouteActionArgs.builder()\n .weightedTargets(RouteSpecHttpRouteActionWeightedTargetArgs.builder()\n .virtualNode(servicebAwsAppmeshVirtualNode.name())\n .weight(100)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb:\n type: aws:appmesh:Route\n properties:\n name: serviceB-route\n meshName: ${simple.id}\n virtualRouterName: ${servicebAwsAppmeshVirtualRouter.name}\n spec:\n httpRoute:\n match:\n method: POST\n prefix: /\n scheme: https\n headers:\n - name: clientRequestId\n match:\n prefix: '123'\n action:\n weightedTargets:\n - virtualNode: ${servicebAwsAppmeshVirtualNode.name}\n weight: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Retry Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n name: \"serviceB-route\",\n meshName: simple.id,\n virtualRouterName: servicebAwsAppmeshVirtualRouter.name,\n spec: {\n httpRoute: {\n match: {\n prefix: \"/\",\n },\n retryPolicy: {\n httpRetryEvents: [\"server-error\"],\n maxRetries: 1,\n perRetryTimeout: {\n unit: \"s\",\n value: 15,\n },\n },\n action: {\n weightedTargets: [{\n virtualNode: servicebAwsAppmeshVirtualNode.name,\n weight: 100,\n }],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n name=\"serviceB-route\",\n mesh_name=simple[\"id\"],\n virtual_router_name=serviceb_aws_appmesh_virtual_router[\"name\"],\n spec={\n \"http_route\": {\n \"match\": {\n \"prefix\": \"/\",\n },\n \"retry_policy\": {\n \"http_retry_events\": [\"server-error\"],\n \"max_retries\": 1,\n \"per_retry_timeout\": {\n \"unit\": \"s\",\n \"value\": 15,\n },\n },\n \"action\": {\n \"weighted_targets\": [{\n \"virtual_node\": serviceb_aws_appmesh_virtual_node[\"name\"],\n \"weight\": 100,\n }],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new()\n {\n Name = \"serviceB-route\",\n MeshName = simple.Id,\n VirtualRouterName = servicebAwsAppmeshVirtualRouter.Name,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n HttpRoute = new Aws.AppMesh.Inputs.RouteSpecHttpRouteArgs\n {\n Match = new Aws.AppMesh.Inputs.RouteSpecHttpRouteMatchArgs\n {\n Prefix = \"/\",\n },\n RetryPolicy = new Aws.AppMesh.Inputs.RouteSpecHttpRouteRetryPolicyArgs\n {\n HttpRetryEvents = new[]\n {\n \"server-error\",\n },\n MaxRetries = 1,\n PerRetryTimeout = new Aws.AppMesh.Inputs.RouteSpecHttpRouteRetryPolicyPerRetryTimeoutArgs\n {\n Unit = \"s\",\n Value = 15,\n },\n },\n Action = new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionArgs\n {\n WeightedTargets = new[]\n {\n new Aws.AppMesh.Inputs.RouteSpecHttpRouteActionWeightedTargetArgs\n {\n VirtualNode = servicebAwsAppmeshVirtualNode.Name,\n Weight = 100,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tName: pulumi.String(\"serviceB-route\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tVirtualRouterName: pulumi.Any(servicebAwsAppmeshVirtualRouter.Name),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tHttpRoute: \u0026appmesh.RouteSpecHttpRouteArgs{\n\t\t\t\t\tMatch: \u0026appmesh.RouteSpecHttpRouteMatchArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"/\"),\n\t\t\t\t\t},\n\t\t\t\t\tRetryPolicy: \u0026appmesh.RouteSpecHttpRouteRetryPolicyArgs{\n\t\t\t\t\t\tHttpRetryEvents: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"server-error\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tMaxRetries: pulumi.Int(1),\n\t\t\t\t\t\tPerRetryTimeout: \u0026appmesh.RouteSpecHttpRouteRetryPolicyPerRetryTimeoutArgs{\n\t\t\t\t\t\t\tUnit: pulumi.String(\"s\"),\n\t\t\t\t\t\t\tValue: pulumi.Int(15),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecHttpRouteActionArgs{\n\t\t\t\t\t\tWeightedTargets: appmesh.RouteSpecHttpRouteActionWeightedTargetArray{\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecHttpRouteActionWeightedTargetArgs{\n\t\t\t\t\t\t\t\tVirtualNode: pulumi.Any(servicebAwsAppmeshVirtualNode.Name),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Route;\nimport com.pulumi.aws.appmesh.RouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteMatchArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteRetryPolicyArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteRetryPolicyPerRetryTimeoutArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecHttpRouteActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb = new Route(\"serviceb\", RouteArgs.builder()\n .name(\"serviceB-route\")\n .meshName(simple.id())\n .virtualRouterName(servicebAwsAppmeshVirtualRouter.name())\n .spec(RouteSpecArgs.builder()\n .httpRoute(RouteSpecHttpRouteArgs.builder()\n .match(RouteSpecHttpRouteMatchArgs.builder()\n .prefix(\"/\")\n .build())\n .retryPolicy(RouteSpecHttpRouteRetryPolicyArgs.builder()\n .httpRetryEvents(\"server-error\")\n .maxRetries(1)\n .perRetryTimeout(RouteSpecHttpRouteRetryPolicyPerRetryTimeoutArgs.builder()\n .unit(\"s\")\n .value(15)\n .build())\n .build())\n .action(RouteSpecHttpRouteActionArgs.builder()\n .weightedTargets(RouteSpecHttpRouteActionWeightedTargetArgs.builder()\n .virtualNode(servicebAwsAppmeshVirtualNode.name())\n .weight(100)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb:\n type: aws:appmesh:Route\n properties:\n name: serviceB-route\n meshName: ${simple.id}\n virtualRouterName: ${servicebAwsAppmeshVirtualRouter.name}\n spec:\n httpRoute:\n match:\n prefix: /\n retryPolicy:\n httpRetryEvents:\n - server-error\n maxRetries: 1\n perRetryTimeout:\n unit: s\n value: 15\n action:\n weightedTargets:\n - virtualNode: ${servicebAwsAppmeshVirtualNode.name}\n weight: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### TCP Routing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.Route(\"serviceb\", {\n name: \"serviceB-route\",\n meshName: simple.id,\n virtualRouterName: servicebAwsAppmeshVirtualRouter.name,\n spec: {\n tcpRoute: {\n action: {\n weightedTargets: [{\n virtualNode: serviceb1.name,\n weight: 100,\n }],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.Route(\"serviceb\",\n name=\"serviceB-route\",\n mesh_name=simple[\"id\"],\n virtual_router_name=serviceb_aws_appmesh_virtual_router[\"name\"],\n spec={\n \"tcp_route\": {\n \"action\": {\n \"weighted_targets\": [{\n \"virtual_node\": serviceb1[\"name\"],\n \"weight\": 100,\n }],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb = new Aws.AppMesh.Route(\"serviceb\", new()\n {\n Name = \"serviceB-route\",\n MeshName = simple.Id,\n VirtualRouterName = servicebAwsAppmeshVirtualRouter.Name,\n Spec = new Aws.AppMesh.Inputs.RouteSpecArgs\n {\n TcpRoute = new Aws.AppMesh.Inputs.RouteSpecTcpRouteArgs\n {\n Action = new Aws.AppMesh.Inputs.RouteSpecTcpRouteActionArgs\n {\n WeightedTargets = new[]\n {\n new Aws.AppMesh.Inputs.RouteSpecTcpRouteActionWeightedTargetArgs\n {\n VirtualNode = serviceb1.Name,\n Weight = 100,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewRoute(ctx, \"serviceb\", \u0026appmesh.RouteArgs{\n\t\t\tName: pulumi.String(\"serviceB-route\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tVirtualRouterName: pulumi.Any(servicebAwsAppmeshVirtualRouter.Name),\n\t\t\tSpec: \u0026appmesh.RouteSpecArgs{\n\t\t\t\tTcpRoute: \u0026appmesh.RouteSpecTcpRouteArgs{\n\t\t\t\t\tAction: \u0026appmesh.RouteSpecTcpRouteActionArgs{\n\t\t\t\t\t\tWeightedTargets: appmesh.RouteSpecTcpRouteActionWeightedTargetArray{\n\t\t\t\t\t\t\t\u0026appmesh.RouteSpecTcpRouteActionWeightedTargetArgs{\n\t\t\t\t\t\t\t\tVirtualNode: pulumi.Any(serviceb1.Name),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.Route;\nimport com.pulumi.aws.appmesh.RouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecTcpRouteArgs;\nimport com.pulumi.aws.appmesh.inputs.RouteSpecTcpRouteActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb = new Route(\"serviceb\", RouteArgs.builder()\n .name(\"serviceB-route\")\n .meshName(simple.id())\n .virtualRouterName(servicebAwsAppmeshVirtualRouter.name())\n .spec(RouteSpecArgs.builder()\n .tcpRoute(RouteSpecTcpRouteArgs.builder()\n .action(RouteSpecTcpRouteActionArgs.builder()\n .weightedTargets(RouteSpecTcpRouteActionWeightedTargetArgs.builder()\n .virtualNode(serviceb1.name())\n .weight(100)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb:\n type: aws:appmesh:Route\n properties:\n name: serviceB-route\n meshName: ${simple.id}\n virtualRouterName: ${servicebAwsAppmeshVirtualRouter.name}\n spec:\n tcpRoute:\n action:\n weightedTargets:\n - virtualNode: ${serviceb1.name}\n weight: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh virtual routes using `mesh_name` and `virtual_router_name` together with the route's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/route:Route serviceb simpleapp/serviceB/serviceB-route\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the route.\n" }, "createdDate": { "type": "string", "description": "Creation date of the route.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the route.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the route. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the route. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "Route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualRouterName": { "type": "string", "description": "Name of the virtual router in which to create the route. Must be between 1 and 255 characters in length.\n" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll", "virtualRouterName" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "Route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualRouterName": { "type": "string", "description": "Name of the virtual router in which to create the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "meshName", "spec", "virtualRouterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the route.\n" }, "createdDate": { "type": "string", "description": "Creation date of the route.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the route.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/RouteSpec:RouteSpec", "description": "Route specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualRouterName": { "type": "string", "description": "Name of the virtual router in which to create the route. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appmesh/virtualGateway:VirtualGateway": { "description": "Provides an AWS App Mesh virtual gateway resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appmesh.VirtualGateway(\"example\", {\n name: \"example-virtual-gateway\",\n meshName: \"example-service-mesh\",\n spec: {\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n }],\n },\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appmesh.VirtualGateway(\"example\",\n name=\"example-virtual-gateway\",\n mesh_name=\"example-service-mesh\",\n spec={\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n }],\n },\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppMesh.VirtualGateway(\"example\", new()\n {\n Name = \"example-virtual-gateway\",\n MeshName = \"example-service-mesh\",\n Spec = new Aws.AppMesh.Inputs.VirtualGatewaySpecArgs\n {\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualGateway(ctx, \"example\", \u0026appmesh.VirtualGatewayArgs{\n\t\t\tName: pulumi.String(\"example-virtual-gateway\"),\n\t\t\tMeshName: pulumi.String(\"example-service-mesh\"),\n\t\t\tSpec: \u0026appmesh.VirtualGatewaySpecArgs{\n\t\t\t\tListeners: appmesh.VirtualGatewaySpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualGatewaySpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualGatewaySpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualGateway;\nimport com.pulumi.aws.appmesh.VirtualGatewayArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualGatewaySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VirtualGateway(\"example\", VirtualGatewayArgs.builder()\n .name(\"example-virtual-gateway\")\n .meshName(\"example-service-mesh\")\n .spec(VirtualGatewaySpecArgs.builder()\n .listeners(VirtualGatewaySpecListenerArgs.builder()\n .portMapping(VirtualGatewaySpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appmesh:VirtualGateway\n properties:\n name: example-virtual-gateway\n meshName: example-service-mesh\n spec:\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Logs and TLS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appmesh.VirtualGateway(\"example\", {\n name: \"example-virtual-gateway\",\n meshName: \"example-service-mesh\",\n spec: {\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n tls: {\n certificate: {\n acm: {\n certificateArn: exampleAwsAcmCertificate.arn,\n },\n },\n mode: \"STRICT\",\n },\n }],\n logging: {\n accessLog: {\n file: {\n path: \"/var/log/access.log\",\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appmesh.VirtualGateway(\"example\",\n name=\"example-virtual-gateway\",\n mesh_name=\"example-service-mesh\",\n spec={\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n \"tls\": {\n \"certificate\": {\n \"acm\": {\n \"certificate_arn\": example_aws_acm_certificate[\"arn\"],\n },\n },\n \"mode\": \"STRICT\",\n },\n }],\n \"logging\": {\n \"access_log\": {\n \"file\": {\n \"path\": \"/var/log/access.log\",\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppMesh.VirtualGateway(\"example\", new()\n {\n Name = \"example-virtual-gateway\",\n MeshName = \"example-service-mesh\",\n Spec = new Aws.AppMesh.Inputs.VirtualGatewaySpecArgs\n {\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n Tls = new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerTlsArgs\n {\n Certificate = new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerTlsCertificateArgs\n {\n Acm = new Aws.AppMesh.Inputs.VirtualGatewaySpecListenerTlsCertificateAcmArgs\n {\n CertificateArn = exampleAwsAcmCertificate.Arn,\n },\n },\n Mode = \"STRICT\",\n },\n },\n },\n Logging = new Aws.AppMesh.Inputs.VirtualGatewaySpecLoggingArgs\n {\n AccessLog = new Aws.AppMesh.Inputs.VirtualGatewaySpecLoggingAccessLogArgs\n {\n File = new Aws.AppMesh.Inputs.VirtualGatewaySpecLoggingAccessLogFileArgs\n {\n Path = \"/var/log/access.log\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualGateway(ctx, \"example\", \u0026appmesh.VirtualGatewayArgs{\n\t\t\tName: pulumi.String(\"example-virtual-gateway\"),\n\t\t\tMeshName: pulumi.String(\"example-service-mesh\"),\n\t\t\tSpec: \u0026appmesh.VirtualGatewaySpecArgs{\n\t\t\t\tListeners: appmesh.VirtualGatewaySpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualGatewaySpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualGatewaySpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTls: \u0026appmesh.VirtualGatewaySpecListenerTlsArgs{\n\t\t\t\t\t\t\tCertificate: \u0026appmesh.VirtualGatewaySpecListenerTlsCertificateArgs{\n\t\t\t\t\t\t\t\tAcm: \u0026appmesh.VirtualGatewaySpecListenerTlsCertificateAcmArgs{\n\t\t\t\t\t\t\t\t\tCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tMode: pulumi.String(\"STRICT\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLogging: \u0026appmesh.VirtualGatewaySpecLoggingArgs{\n\t\t\t\t\tAccessLog: \u0026appmesh.VirtualGatewaySpecLoggingAccessLogArgs{\n\t\t\t\t\t\tFile: \u0026appmesh.VirtualGatewaySpecLoggingAccessLogFileArgs{\n\t\t\t\t\t\t\tPath: pulumi.String(\"/var/log/access.log\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualGateway;\nimport com.pulumi.aws.appmesh.VirtualGatewayArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualGatewaySpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualGatewaySpecLoggingArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualGatewaySpecLoggingAccessLogArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualGatewaySpecLoggingAccessLogFileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VirtualGateway(\"example\", VirtualGatewayArgs.builder()\n .name(\"example-virtual-gateway\")\n .meshName(\"example-service-mesh\")\n .spec(VirtualGatewaySpecArgs.builder()\n .listeners(VirtualGatewaySpecListenerArgs.builder()\n .portMapping(VirtualGatewaySpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .tls(VirtualGatewaySpecListenerTlsArgs.builder()\n .certificate(VirtualGatewaySpecListenerTlsCertificateArgs.builder()\n .acm(VirtualGatewaySpecListenerTlsCertificateAcmArgs.builder()\n .certificateArn(exampleAwsAcmCertificate.arn())\n .build())\n .build())\n .mode(\"STRICT\")\n .build())\n .build())\n .logging(VirtualGatewaySpecLoggingArgs.builder()\n .accessLog(VirtualGatewaySpecLoggingAccessLogArgs.builder()\n .file(VirtualGatewaySpecLoggingAccessLogFileArgs.builder()\n .path(\"/var/log/access.log\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appmesh:VirtualGateway\n properties:\n name: example-virtual-gateway\n meshName: example-service-mesh\n spec:\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n tls:\n certificate:\n acm:\n certificateArn: ${exampleAwsAcmCertificate.arn}\n mode: STRICT\n logging:\n accessLog:\n file:\n path: /var/log/access.log\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh virtual gateway using `mesh_name` together with the virtual gateway's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/virtualGateway:VirtualGateway example mesh/gw1\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual gateway.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual gateway.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual gateway.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual gateway. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the virtual gateway. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpec:VirtualGatewaySpec", "description": "Virtual gateway specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual gateway. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual gateway. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpec:VirtualGatewaySpec", "description": "Virtual gateway specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualGateway resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual gateway.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual gateway.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual gateway.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual gateway. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual gateway. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualGatewaySpec:VirtualGatewaySpec", "description": "Virtual gateway specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appmesh/virtualNode:VirtualNode": { "description": "Provides an AWS App Mesh virtual node resource.\n\n## Breaking Changes\n\nBecause of backward incompatible API changes (read [here](https://github.com/awslabs/aws-app-mesh-examples/issues/92)), `aws.appmesh.VirtualNode` resource definitions created with provider versions earlier than v2.3.0 will need to be modified:\n\n* Rename the `service_name` attribute of the `dns` object to `hostname`.\n\n* Replace the `backends` attribute of the `spec` object with one or more `backend` configuration blocks,\nsetting `virtual_service_name` to the name of the service.\n\nThe state associated with existing resources will automatically be migrated.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n name: \"serviceBv1\",\n meshName: simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n }],\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n name=\"serviceBv1\",\n mesh_name=simple[\"id\"],\n spec={\n \"backends\": [{\n \"virtual_service\": {\n \"virtual_service_name\": \"servicea.simpleapp.local\",\n },\n }],\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n }],\n \"service_discovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new()\n {\n Name = \"serviceBv1\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backends = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecBackendArgs\n {\n VirtualService = new Aws.AppMesh.Inputs.VirtualNodeSpecBackendVirtualServiceArgs\n {\n VirtualServiceName = \"servicea.simpleapp.local\",\n },\n },\n },\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tName: pulumi.String(\"serviceBv1\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackends: appmesh.VirtualNodeSpecBackendArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecBackendArgs{\n\t\t\t\t\t\tVirtualService: \u0026appmesh.VirtualNodeSpecBackendVirtualServiceArgs{\n\t\t\t\t\t\t\tVirtualServiceName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListeners: appmesh.VirtualNodeSpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualNode;\nimport com.pulumi.aws.appmesh.VirtualNodeArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryDnsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb1 = new VirtualNode(\"serviceb1\", VirtualNodeArgs.builder()\n .name(\"serviceBv1\")\n .meshName(simple.id())\n .spec(VirtualNodeSpecArgs.builder()\n .backends(VirtualNodeSpecBackendArgs.builder()\n .virtualService(VirtualNodeSpecBackendVirtualServiceArgs.builder()\n .virtualServiceName(\"servicea.simpleapp.local\")\n .build())\n .build())\n .listeners(VirtualNodeSpecListenerArgs.builder()\n .portMapping(VirtualNodeSpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .build())\n .serviceDiscovery(VirtualNodeSpecServiceDiscoveryArgs.builder()\n .dns(VirtualNodeSpecServiceDiscoveryDnsArgs.builder()\n .hostname(\"serviceb.simpleapp.local\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb1:\n type: aws:appmesh:VirtualNode\n properties:\n name: serviceBv1\n meshName: ${simple.id}\n spec:\n backends:\n - virtualService:\n virtualServiceName: servicea.simpleapp.local\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n serviceDiscovery:\n dns:\n hostname: serviceb.simpleapp.local\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Cloud Map Service Discovery\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.HttpNamespace(\"example\", {name: \"example-ns\"});\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n name: \"serviceBv1\",\n meshName: simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n }],\n serviceDiscovery: {\n awsCloudMap: {\n attributes: {\n stack: \"blue\",\n },\n serviceName: \"serviceb1\",\n namespaceName: example.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.HttpNamespace(\"example\", name=\"example-ns\")\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n name=\"serviceBv1\",\n mesh_name=simple[\"id\"],\n spec={\n \"backends\": [{\n \"virtual_service\": {\n \"virtual_service_name\": \"servicea.simpleapp.local\",\n },\n }],\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n }],\n \"service_discovery\": {\n \"aws_cloud_map\": {\n \"attributes\": {\n \"stack\": \"blue\",\n },\n \"service_name\": \"serviceb1\",\n \"namespace_name\": example.name,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceDiscovery.HttpNamespace(\"example\", new()\n {\n Name = \"example-ns\",\n });\n\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new()\n {\n Name = \"serviceBv1\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backends = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecBackendArgs\n {\n VirtualService = new Aws.AppMesh.Inputs.VirtualNodeSpecBackendVirtualServiceArgs\n {\n VirtualServiceName = \"servicea.simpleapp.local\",\n },\n },\n },\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n AwsCloudMap = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs\n {\n Attributes = \n {\n { \"stack\", \"blue\" },\n },\n ServiceName = \"serviceb1\",\n NamespaceName = example.Name,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := servicediscovery.NewHttpNamespace(ctx, \"example\", \u0026servicediscovery.HttpNamespaceArgs{\n\t\t\tName: pulumi.String(\"example-ns\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tName: pulumi.String(\"serviceBv1\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackends: appmesh.VirtualNodeSpecBackendArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecBackendArgs{\n\t\t\t\t\t\tVirtualService: \u0026appmesh.VirtualNodeSpecBackendVirtualServiceArgs{\n\t\t\t\t\t\t\tVirtualServiceName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListeners: appmesh.VirtualNodeSpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tAwsCloudMap: \u0026appmesh.VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs{\n\t\t\t\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\t\t\t\"stack\": pulumi.String(\"blue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tServiceName: pulumi.String(\"serviceb1\"),\n\t\t\t\t\t\tNamespaceName: example.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.HttpNamespace;\nimport com.pulumi.aws.servicediscovery.HttpNamespaceArgs;\nimport com.pulumi.aws.appmesh.VirtualNode;\nimport com.pulumi.aws.appmesh.VirtualNodeArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HttpNamespace(\"example\", HttpNamespaceArgs.builder()\n .name(\"example-ns\")\n .build());\n\n var serviceb1 = new VirtualNode(\"serviceb1\", VirtualNodeArgs.builder()\n .name(\"serviceBv1\")\n .meshName(simple.id())\n .spec(VirtualNodeSpecArgs.builder()\n .backends(VirtualNodeSpecBackendArgs.builder()\n .virtualService(VirtualNodeSpecBackendVirtualServiceArgs.builder()\n .virtualServiceName(\"servicea.simpleapp.local\")\n .build())\n .build())\n .listeners(VirtualNodeSpecListenerArgs.builder()\n .portMapping(VirtualNodeSpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .build())\n .serviceDiscovery(VirtualNodeSpecServiceDiscoveryArgs.builder()\n .awsCloudMap(VirtualNodeSpecServiceDiscoveryAwsCloudMapArgs.builder()\n .attributes(Map.of(\"stack\", \"blue\"))\n .serviceName(\"serviceb1\")\n .namespaceName(example.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicediscovery:HttpNamespace\n properties:\n name: example-ns\n serviceb1:\n type: aws:appmesh:VirtualNode\n properties:\n name: serviceBv1\n meshName: ${simple.id}\n spec:\n backends:\n - virtualService:\n virtualServiceName: servicea.simpleapp.local\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n serviceDiscovery:\n awsCloudMap:\n attributes:\n stack: blue\n serviceName: serviceb1\n namespaceName: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Listener Health Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n name: \"serviceBv1\",\n meshName: simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n healthCheck: {\n protocol: \"http\",\n path: \"/ping\",\n healthyThreshold: 2,\n unhealthyThreshold: 2,\n timeoutMillis: 2000,\n intervalMillis: 5000,\n },\n }],\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n name=\"serviceBv1\",\n mesh_name=simple[\"id\"],\n spec={\n \"backends\": [{\n \"virtual_service\": {\n \"virtual_service_name\": \"servicea.simpleapp.local\",\n },\n }],\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n \"health_check\": {\n \"protocol\": \"http\",\n \"path\": \"/ping\",\n \"healthy_threshold\": 2,\n \"unhealthy_threshold\": 2,\n \"timeout_millis\": 2000,\n \"interval_millis\": 5000,\n },\n }],\n \"service_discovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new()\n {\n Name = \"serviceBv1\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backends = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecBackendArgs\n {\n VirtualService = new Aws.AppMesh.Inputs.VirtualNodeSpecBackendVirtualServiceArgs\n {\n VirtualServiceName = \"servicea.simpleapp.local\",\n },\n },\n },\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n HealthCheck = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerHealthCheckArgs\n {\n Protocol = \"http\",\n Path = \"/ping\",\n HealthyThreshold = 2,\n UnhealthyThreshold = 2,\n TimeoutMillis = 2000,\n IntervalMillis = 5000,\n },\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tName: pulumi.String(\"serviceBv1\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackends: appmesh.VirtualNodeSpecBackendArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecBackendArgs{\n\t\t\t\t\t\tVirtualService: \u0026appmesh.VirtualNodeSpecBackendVirtualServiceArgs{\n\t\t\t\t\t\t\tVirtualServiceName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListeners: appmesh.VirtualNodeSpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tHealthCheck: \u0026appmesh.VirtualNodeSpecListenerHealthCheckArgs{\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t\tPath: pulumi.String(\"/ping\"),\n\t\t\t\t\t\t\tHealthyThreshold: pulumi.Int(2),\n\t\t\t\t\t\t\tUnhealthyThreshold: pulumi.Int(2),\n\t\t\t\t\t\t\tTimeoutMillis: pulumi.Int(2000),\n\t\t\t\t\t\t\tIntervalMillis: pulumi.Int(5000),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualNode;\nimport com.pulumi.aws.appmesh.VirtualNodeArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryDnsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb1 = new VirtualNode(\"serviceb1\", VirtualNodeArgs.builder()\n .name(\"serviceBv1\")\n .meshName(simple.id())\n .spec(VirtualNodeSpecArgs.builder()\n .backends(VirtualNodeSpecBackendArgs.builder()\n .virtualService(VirtualNodeSpecBackendVirtualServiceArgs.builder()\n .virtualServiceName(\"servicea.simpleapp.local\")\n .build())\n .build())\n .listeners(VirtualNodeSpecListenerArgs.builder()\n .portMapping(VirtualNodeSpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .healthCheck(VirtualNodeSpecListenerHealthCheckArgs.builder()\n .protocol(\"http\")\n .path(\"/ping\")\n .healthyThreshold(2)\n .unhealthyThreshold(2)\n .timeoutMillis(2000)\n .intervalMillis(5000)\n .build())\n .build())\n .serviceDiscovery(VirtualNodeSpecServiceDiscoveryArgs.builder()\n .dns(VirtualNodeSpecServiceDiscoveryDnsArgs.builder()\n .hostname(\"serviceb.simpleapp.local\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb1:\n type: aws:appmesh:VirtualNode\n properties:\n name: serviceBv1\n meshName: ${simple.id}\n spec:\n backends:\n - virtualService:\n virtualServiceName: servicea.simpleapp.local\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n healthCheck:\n protocol: http\n path: /ping\n healthyThreshold: 2\n unhealthyThreshold: 2\n timeoutMillis: 2000\n intervalMillis: 5000\n serviceDiscovery:\n dns:\n hostname: serviceb.simpleapp.local\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb1 = new aws.appmesh.VirtualNode(\"serviceb1\", {\n name: \"serviceBv1\",\n meshName: simple.id,\n spec: {\n backends: [{\n virtualService: {\n virtualServiceName: \"servicea.simpleapp.local\",\n },\n }],\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n }],\n serviceDiscovery: {\n dns: {\n hostname: \"serviceb.simpleapp.local\",\n },\n },\n logging: {\n accessLog: {\n file: {\n path: \"/dev/stdout\",\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb1 = aws.appmesh.VirtualNode(\"serviceb1\",\n name=\"serviceBv1\",\n mesh_name=simple[\"id\"],\n spec={\n \"backends\": [{\n \"virtual_service\": {\n \"virtual_service_name\": \"servicea.simpleapp.local\",\n },\n }],\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n }],\n \"service_discovery\": {\n \"dns\": {\n \"hostname\": \"serviceb.simpleapp.local\",\n },\n },\n \"logging\": {\n \"access_log\": {\n \"file\": {\n \"path\": \"/dev/stdout\",\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb1 = new Aws.AppMesh.VirtualNode(\"serviceb1\", new()\n {\n Name = \"serviceBv1\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualNodeSpecArgs\n {\n Backends = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecBackendArgs\n {\n VirtualService = new Aws.AppMesh.Inputs.VirtualNodeSpecBackendVirtualServiceArgs\n {\n VirtualServiceName = \"servicea.simpleapp.local\",\n },\n },\n },\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualNodeSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualNodeSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n ServiceDiscovery = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryArgs\n {\n Dns = new Aws.AppMesh.Inputs.VirtualNodeSpecServiceDiscoveryDnsArgs\n {\n Hostname = \"serviceb.simpleapp.local\",\n },\n },\n Logging = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingArgs\n {\n AccessLog = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingAccessLogArgs\n {\n File = new Aws.AppMesh.Inputs.VirtualNodeSpecLoggingAccessLogFileArgs\n {\n Path = \"/dev/stdout\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualNode(ctx, \"serviceb1\", \u0026appmesh.VirtualNodeArgs{\n\t\t\tName: pulumi.String(\"serviceBv1\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualNodeSpecArgs{\n\t\t\t\tBackends: appmesh.VirtualNodeSpecBackendArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecBackendArgs{\n\t\t\t\t\t\tVirtualService: \u0026appmesh.VirtualNodeSpecBackendVirtualServiceArgs{\n\t\t\t\t\t\t\tVirtualServiceName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tListeners: appmesh.VirtualNodeSpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualNodeSpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualNodeSpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceDiscovery: \u0026appmesh.VirtualNodeSpecServiceDiscoveryArgs{\n\t\t\t\t\tDns: \u0026appmesh.VirtualNodeSpecServiceDiscoveryDnsArgs{\n\t\t\t\t\t\tHostname: pulumi.String(\"serviceb.simpleapp.local\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLogging: \u0026appmesh.VirtualNodeSpecLoggingArgs{\n\t\t\t\t\tAccessLog: \u0026appmesh.VirtualNodeSpecLoggingAccessLogArgs{\n\t\t\t\t\t\tFile: \u0026appmesh.VirtualNodeSpecLoggingAccessLogFileArgs{\n\t\t\t\t\t\t\tPath: pulumi.String(\"/dev/stdout\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualNode;\nimport com.pulumi.aws.appmesh.VirtualNodeArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecServiceDiscoveryDnsArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecLoggingArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecLoggingAccessLogArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualNodeSpecLoggingAccessLogFileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb1 = new VirtualNode(\"serviceb1\", VirtualNodeArgs.builder()\n .name(\"serviceBv1\")\n .meshName(simple.id())\n .spec(VirtualNodeSpecArgs.builder()\n .backends(VirtualNodeSpecBackendArgs.builder()\n .virtualService(VirtualNodeSpecBackendVirtualServiceArgs.builder()\n .virtualServiceName(\"servicea.simpleapp.local\")\n .build())\n .build())\n .listeners(VirtualNodeSpecListenerArgs.builder()\n .portMapping(VirtualNodeSpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .build())\n .serviceDiscovery(VirtualNodeSpecServiceDiscoveryArgs.builder()\n .dns(VirtualNodeSpecServiceDiscoveryDnsArgs.builder()\n .hostname(\"serviceb.simpleapp.local\")\n .build())\n .build())\n .logging(VirtualNodeSpecLoggingArgs.builder()\n .accessLog(VirtualNodeSpecLoggingAccessLogArgs.builder()\n .file(VirtualNodeSpecLoggingAccessLogFileArgs.builder()\n .path(\"/dev/stdout\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb1:\n type: aws:appmesh:VirtualNode\n properties:\n name: serviceBv1\n meshName: ${simple.id}\n spec:\n backends:\n - virtualService:\n virtualServiceName: servicea.simpleapp.local\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n serviceDiscovery:\n dns:\n hostname: serviceb.simpleapp.local\n logging:\n accessLog:\n file:\n path: /dev/stdout\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh virtual nodes using `mesh_name` together with the virtual node's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/virtualNode:VirtualNode serviceb1 simpleapp/serviceBv1\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual node.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual node.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual node.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual node. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the virtual node. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "Virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual node. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual node. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "Virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualNode resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual node.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual node.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual node.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual node. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual node. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualNodeSpec:VirtualNodeSpec", "description": "Virtual node specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appmesh/virtualRouter:VirtualRouter": { "description": "Provides an AWS App Mesh virtual router resource.\n\n## Breaking Changes\n\nBecause of backward incompatible API changes (read [here](https://github.com/awslabs/aws-app-mesh-examples/issues/92) and [here](https://github.com/awslabs/aws-app-mesh-examples/issues/94)), `aws.appmesh.VirtualRouter` resource definitions created with provider versions earlier than v2.3.0 will need to be modified:\n\n* Remove service `service_names` from the `spec` argument. AWS has created a `aws.appmesh.VirtualService` resource for each service name. Import these resource using `pulumi import`.\n\n* Add a `listener` configuration block to the `spec` argument.\n\nThe state associated with existing resources will automatically be migrated.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceb = new aws.appmesh.VirtualRouter(\"serviceb\", {\n name: \"serviceB\",\n meshName: simple.id,\n spec: {\n listeners: [{\n portMapping: {\n port: 8080,\n protocol: \"http\",\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nserviceb = aws.appmesh.VirtualRouter(\"serviceb\",\n name=\"serviceB\",\n mesh_name=simple[\"id\"],\n spec={\n \"listeners\": [{\n \"port_mapping\": {\n \"port\": 8080,\n \"protocol\": \"http\",\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceb = new Aws.AppMesh.VirtualRouter(\"serviceb\", new()\n {\n Name = \"serviceB\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualRouterSpecArgs\n {\n Listeners = new[]\n {\n new Aws.AppMesh.Inputs.VirtualRouterSpecListenerArgs\n {\n PortMapping = new Aws.AppMesh.Inputs.VirtualRouterSpecListenerPortMappingArgs\n {\n Port = 8080,\n Protocol = \"http\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualRouter(ctx, \"serviceb\", \u0026appmesh.VirtualRouterArgs{\n\t\t\tName: pulumi.String(\"serviceB\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualRouterSpecArgs{\n\t\t\t\tListeners: appmesh.VirtualRouterSpecListenerArray{\n\t\t\t\t\t\u0026appmesh.VirtualRouterSpecListenerArgs{\n\t\t\t\t\t\tPortMapping: \u0026appmesh.VirtualRouterSpecListenerPortMappingArgs{\n\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\tProtocol: pulumi.String(\"http\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualRouter;\nimport com.pulumi.aws.appmesh.VirtualRouterArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualRouterSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceb = new VirtualRouter(\"serviceb\", VirtualRouterArgs.builder()\n .name(\"serviceB\")\n .meshName(simple.id())\n .spec(VirtualRouterSpecArgs.builder()\n .listeners(VirtualRouterSpecListenerArgs.builder()\n .portMapping(VirtualRouterSpecListenerPortMappingArgs.builder()\n .port(8080)\n .protocol(\"http\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceb:\n type: aws:appmesh:VirtualRouter\n properties:\n name: serviceB\n meshName: ${simple.id}\n spec:\n listeners:\n - portMapping:\n port: 8080\n protocol: http\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh virtual routers using `mesh_name` together with the virtual router's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/virtualRouter:VirtualRouter serviceb simpleapp/serviceB\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual router.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual router.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual router.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual router. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the virtual router. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "Virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual router. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual router. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "Virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualRouter resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual router.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual router.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual router.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual router. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual router. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualRouterSpec:VirtualRouterSpec", "description": "Virtual router specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appmesh/virtualService:VirtualService": { "description": "Provides an AWS App Mesh virtual service resource.\n\n## Example Usage\n\n### Virtual Node Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst servicea = new aws.appmesh.VirtualService(\"servicea\", {\n name: \"servicea.simpleapp.local\",\n meshName: simple.id,\n spec: {\n provider: {\n virtualNode: {\n virtualNodeName: serviceb1.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservicea = aws.appmesh.VirtualService(\"servicea\",\n name=\"servicea.simpleapp.local\",\n mesh_name=simple[\"id\"],\n spec={\n \"provider\": {\n \"virtual_node\": {\n \"virtual_node_name\": serviceb1[\"name\"],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var servicea = new Aws.AppMesh.VirtualService(\"servicea\", new()\n {\n Name = \"servicea.simpleapp.local\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualServiceSpecArgs\n {\n Provider = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderArgs\n {\n VirtualNode = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderVirtualNodeArgs\n {\n VirtualNodeName = serviceb1.Name,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualService(ctx, \"servicea\", \u0026appmesh.VirtualServiceArgs{\n\t\t\tName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualServiceSpecArgs{\n\t\t\t\tProvider: \u0026appmesh.VirtualServiceSpecProviderArgs{\n\t\t\t\t\tVirtualNode: \u0026appmesh.VirtualServiceSpecProviderVirtualNodeArgs{\n\t\t\t\t\t\tVirtualNodeName: pulumi.Any(serviceb1.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualService;\nimport com.pulumi.aws.appmesh.VirtualServiceArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecProviderArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecProviderVirtualNodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var servicea = new VirtualService(\"servicea\", VirtualServiceArgs.builder()\n .name(\"servicea.simpleapp.local\")\n .meshName(simple.id())\n .spec(VirtualServiceSpecArgs.builder()\n .provider(VirtualServiceSpecProviderArgs.builder()\n .virtualNode(VirtualServiceSpecProviderVirtualNodeArgs.builder()\n .virtualNodeName(serviceb1.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n servicea:\n type: aws:appmesh:VirtualService\n properties:\n name: servicea.simpleapp.local\n meshName: ${simple.id}\n spec:\n provider:\n virtualNode:\n virtualNodeName: ${serviceb1.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Virtual Router Provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst servicea = new aws.appmesh.VirtualService(\"servicea\", {\n name: \"servicea.simpleapp.local\",\n meshName: simple.id,\n spec: {\n provider: {\n virtualRouter: {\n virtualRouterName: serviceb.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservicea = aws.appmesh.VirtualService(\"servicea\",\n name=\"servicea.simpleapp.local\",\n mesh_name=simple[\"id\"],\n spec={\n \"provider\": {\n \"virtual_router\": {\n \"virtual_router_name\": serviceb[\"name\"],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var servicea = new Aws.AppMesh.VirtualService(\"servicea\", new()\n {\n Name = \"servicea.simpleapp.local\",\n MeshName = simple.Id,\n Spec = new Aws.AppMesh.Inputs.VirtualServiceSpecArgs\n {\n Provider = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderArgs\n {\n VirtualRouter = new Aws.AppMesh.Inputs.VirtualServiceSpecProviderVirtualRouterArgs\n {\n VirtualRouterName = serviceb.Name,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.NewVirtualService(ctx, \"servicea\", \u0026appmesh.VirtualServiceArgs{\n\t\t\tName: pulumi.String(\"servicea.simpleapp.local\"),\n\t\t\tMeshName: pulumi.Any(simple.Id),\n\t\t\tSpec: \u0026appmesh.VirtualServiceSpecArgs{\n\t\t\t\tProvider: \u0026appmesh.VirtualServiceSpecProviderArgs{\n\t\t\t\t\tVirtualRouter: \u0026appmesh.VirtualServiceSpecProviderVirtualRouterArgs{\n\t\t\t\t\t\tVirtualRouterName: pulumi.Any(serviceb.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.VirtualService;\nimport com.pulumi.aws.appmesh.VirtualServiceArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecProviderArgs;\nimport com.pulumi.aws.appmesh.inputs.VirtualServiceSpecProviderVirtualRouterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var servicea = new VirtualService(\"servicea\", VirtualServiceArgs.builder()\n .name(\"servicea.simpleapp.local\")\n .meshName(simple.id())\n .spec(VirtualServiceSpecArgs.builder()\n .provider(VirtualServiceSpecProviderArgs.builder()\n .virtualRouter(VirtualServiceSpecProviderVirtualRouterArgs.builder()\n .virtualRouterName(serviceb.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n servicea:\n type: aws:appmesh:VirtualService\n properties:\n name: servicea.simpleapp.local\n meshName: ${simple.id}\n spec:\n provider:\n virtualRouter:\n virtualRouterName: ${serviceb.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Mesh virtual services using `mesh_name` together with the virtual service's `name`. For example:\n\n```sh\n$ pulumi import aws:appmesh/virtualService:VirtualService servicea simpleapp/servicea.simpleapp.local\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual service.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual service.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual service.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual service. Must be between 1 and 255 characters in length.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n" }, "name": { "type": "string", "description": "Name to use for the virtual service. Must be between 1 and 255 characters in length.\n" }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "Virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "spec", "tagsAll" ], "inputProperties": { "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual service. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual service. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "Virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "meshName", "spec" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualService resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the virtual service.\n" }, "createdDate": { "type": "string", "description": "Creation date of the virtual service.\n" }, "lastUpdatedDate": { "type": "string", "description": "Last update date of the virtual service.\n" }, "meshName": { "type": "string", "description": "Name of the service mesh in which to create the virtual service. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name to use for the virtual service. Must be between 1 and 255 characters in length.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "Resource owner's AWS account ID.\n" }, "spec": { "$ref": "#/types/aws:appmesh/VirtualServiceSpec:VirtualServiceSpec", "description": "Virtual service specification to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apprunner/autoScalingConfigurationVersion:AutoScalingConfigurationVersion": { "description": "Manages an App Runner AutoScaling Configuration Version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.AutoScalingConfigurationVersion(\"example\", {\n autoScalingConfigurationName: \"example\",\n maxConcurrency: 50,\n maxSize: 10,\n minSize: 2,\n tags: {\n Name: \"example-apprunner-autoscaling\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.AutoScalingConfigurationVersion(\"example\",\n auto_scaling_configuration_name=\"example\",\n max_concurrency=50,\n max_size=10,\n min_size=2,\n tags={\n \"Name\": \"example-apprunner-autoscaling\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.AutoScalingConfigurationVersion(\"example\", new()\n {\n AutoScalingConfigurationName = \"example\",\n MaxConcurrency = 50,\n MaxSize = 10,\n MinSize = 2,\n Tags = \n {\n { \"Name\", \"example-apprunner-autoscaling\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewAutoScalingConfigurationVersion(ctx, \"example\", \u0026apprunner.AutoScalingConfigurationVersionArgs{\n\t\t\tAutoScalingConfigurationName: pulumi.String(\"example\"),\n\t\t\tMaxConcurrency: pulumi.Int(50),\n\t\t\tMaxSize: pulumi.Int(10),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-autoscaling\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.AutoScalingConfigurationVersion;\nimport com.pulumi.aws.apprunner.AutoScalingConfigurationVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AutoScalingConfigurationVersion(\"example\", AutoScalingConfigurationVersionArgs.builder()\n .autoScalingConfigurationName(\"example\")\n .maxConcurrency(50)\n .maxSize(10)\n .minSize(2)\n .tags(Map.of(\"Name\", \"example-apprunner-autoscaling\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:AutoScalingConfigurationVersion\n properties:\n autoScalingConfigurationName: example\n maxConcurrency: 50\n maxSize: 10\n minSize: 2\n tags:\n Name: example-apprunner-autoscaling\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner AutoScaling Configuration Versions using the `arn`. For example:\n\n```sh\n$ pulumi import aws:apprunner/autoScalingConfigurationVersion:AutoScalingConfigurationVersion example \"arn:aws:apprunner:us-east-1:1234567890:autoscalingconfiguration/example/1/69bdfe0115224b0db49398b7beb68e0f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of this auto scaling configuration version.\n" }, "autoScalingConfigurationName": { "type": "string", "description": "Name of the auto scaling configuration.\n" }, "autoScalingConfigurationRevision": { "type": "integer", "description": "The revision of this auto scaling configuration.\n" }, "hasAssociatedService": { "type": "boolean" }, "isDefault": { "type": "boolean" }, "latest": { "type": "boolean", "description": "Whether the auto scaling configuration has the highest `auto_scaling_configuration_revision` among all configurations that share the same `auto_scaling_configuration_name`.\n" }, "maxConcurrency": { "type": "integer", "description": "Maximal number of concurrent requests that you want an instance to process. When the number of concurrent requests goes over this limit, App Runner scales up your service.\n" }, "maxSize": { "type": "integer", "description": "Maximal number of instances that App Runner provisions for your service.\n" }, "minSize": { "type": "integer", "description": "Minimal number of instances that App Runner provisions for your service.\n" }, "status": { "type": "string", "description": "Current state of the auto scaling configuration. An INACTIVE configuration revision has been deleted and can't be used. It is permanently removed some time after deletion.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "autoScalingConfigurationName", "autoScalingConfigurationRevision", "hasAssociatedService", "isDefault", "latest", "status", "tagsAll" ], "inputProperties": { "autoScalingConfigurationName": { "type": "string", "description": "Name of the auto scaling configuration.\n", "willReplaceOnChanges": true }, "maxConcurrency": { "type": "integer", "description": "Maximal number of concurrent requests that you want an instance to process. When the number of concurrent requests goes over this limit, App Runner scales up your service.\n", "willReplaceOnChanges": true }, "maxSize": { "type": "integer", "description": "Maximal number of instances that App Runner provisions for your service.\n", "willReplaceOnChanges": true }, "minSize": { "type": "integer", "description": "Minimal number of instances that App Runner provisions for your service.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "autoScalingConfigurationName" ], "stateInputs": { "description": "Input properties used for looking up and filtering AutoScalingConfigurationVersion resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of this auto scaling configuration version.\n" }, "autoScalingConfigurationName": { "type": "string", "description": "Name of the auto scaling configuration.\n", "willReplaceOnChanges": true }, "autoScalingConfigurationRevision": { "type": "integer", "description": "The revision of this auto scaling configuration.\n" }, "hasAssociatedService": { "type": "boolean" }, "isDefault": { "type": "boolean" }, "latest": { "type": "boolean", "description": "Whether the auto scaling configuration has the highest `auto_scaling_configuration_revision` among all configurations that share the same `auto_scaling_configuration_name`.\n" }, "maxConcurrency": { "type": "integer", "description": "Maximal number of concurrent requests that you want an instance to process. When the number of concurrent requests goes over this limit, App Runner scales up your service.\n", "willReplaceOnChanges": true }, "maxSize": { "type": "integer", "description": "Maximal number of instances that App Runner provisions for your service.\n", "willReplaceOnChanges": true }, "minSize": { "type": "integer", "description": "Minimal number of instances that App Runner provisions for your service.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current state of the auto scaling configuration. An INACTIVE configuration revision has been deleted and can't be used. It is permanently removed some time after deletion.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apprunner/connection:Connection": { "description": "Manages an App Runner Connection.\n\n\u003e **NOTE:** After creation, you must complete the authentication handshake using the App Runner console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.Connection(\"example\", {\n connectionName: \"example\",\n providerType: \"GITHUB\",\n tags: {\n Name: \"example-apprunner-connection\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.Connection(\"example\",\n connection_name=\"example\",\n provider_type=\"GITHUB\",\n tags={\n \"Name\": \"example-apprunner-connection\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.Connection(\"example\", new()\n {\n ConnectionName = \"example\",\n ProviderType = \"GITHUB\",\n Tags = \n {\n { \"Name\", \"example-apprunner-connection\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewConnection(ctx, \"example\", \u0026apprunner.ConnectionArgs{\n\t\t\tConnectionName: pulumi.String(\"example\"),\n\t\t\tProviderType: pulumi.String(\"GITHUB\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-connection\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.Connection;\nimport com.pulumi.aws.apprunner.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .connectionName(\"example\")\n .providerType(\"GITHUB\")\n .tags(Map.of(\"Name\", \"example-apprunner-connection\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:Connection\n properties:\n connectionName: example\n providerType: GITHUB\n tags:\n Name: example-apprunner-connection\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner Connections using the `connection_name`. For example:\n\n```sh\n$ pulumi import aws:apprunner/connection:Connection example example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the connection.\n" }, "connectionName": { "type": "string", "description": "Name of the connection.\n" }, "providerType": { "type": "string", "description": "Source repository provider. Valid values: `GITHUB`.\n" }, "status": { "type": "string", "description": "Current state of the App Runner connection. When the state is `AVAILABLE`, you can use the connection to create an `aws.apprunner.Service` resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "connectionName", "providerType", "status", "tagsAll" ], "inputProperties": { "connectionName": { "type": "string", "description": "Name of the connection.\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "Source repository provider. Valid values: `GITHUB`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "connectionName", "providerType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the connection.\n" }, "connectionName": { "type": "string", "description": "Name of the connection.\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "Source repository provider. Valid values: `GITHUB`.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current state of the App Runner connection. When the state is `AVAILABLE`, you can use the connection to create an `aws.apprunner.Service` resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apprunner/customDomainAssociation:CustomDomainAssociation": { "description": "Manages an App Runner Custom Domain association.\n\n\u003e **NOTE:** After creation, you must use the information in the `certification_validation_records` attribute to add CNAME records to your Domain Name System (DNS). For each mapped domain name, add a mapping to the target App Runner subdomain (found in the `dns_target` attribute) and one or more certificate validation records. App Runner then performs DNS validation to verify that you own or control the domain name you associated. App Runner tracks domain validity in a certificate stored in AWS Certificate Manager (ACM).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.CustomDomainAssociation(\"example\", {\n domainName: \"example.com\",\n serviceArn: exampleAwsApprunnerService.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.CustomDomainAssociation(\"example\",\n domain_name=\"example.com\",\n service_arn=example_aws_apprunner_service[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.CustomDomainAssociation(\"example\", new()\n {\n DomainName = \"example.com\",\n ServiceArn = exampleAwsApprunnerService.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewCustomDomainAssociation(ctx, \"example\", \u0026apprunner.CustomDomainAssociationArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tServiceArn: pulumi.Any(exampleAwsApprunnerService.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.CustomDomainAssociation;\nimport com.pulumi.aws.apprunner.CustomDomainAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomDomainAssociation(\"example\", CustomDomainAssociationArgs.builder()\n .domainName(\"example.com\")\n .serviceArn(exampleAwsApprunnerService.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:CustomDomainAssociation\n properties:\n domainName: example.com\n serviceArn: ${exampleAwsApprunnerService.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner Custom Domain Associations using the `domain_name` and `service_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:apprunner/customDomainAssociation:CustomDomainAssociation example example.com,arn:aws:apprunner:us-east-1:123456789012:service/example-app/8fe1e10304f84fd2b0df550fe98a71fa\n```\n", "properties": { "certificateValidationRecords": { "type": "array", "items": { "$ref": "#/types/aws:apprunner/CustomDomainAssociationCertificateValidationRecord:CustomDomainAssociationCertificateValidationRecord" }, "description": "A set of certificate CNAME records used for this domain name. See Certificate Validation Records below for more details.\n" }, "dnsTarget": { "type": "string", "description": "App Runner subdomain of the App Runner service. The custom domain name is mapped to this target name. Attribute only available if resource created (not imported) with this provider.\n" }, "domainName": { "type": "string", "description": "Custom domain endpoint to association. Specify a base domain e.g., `example.com` or a subdomain e.g., `subdomain.example.com`.\n" }, "enableWwwSubdomain": { "type": "boolean", "description": "Whether to associate the subdomain with the App Runner service in addition to the base domain. Defaults to `true`.\n" }, "serviceArn": { "type": "string", "description": "ARN of the App Runner service.\n" }, "status": { "type": "string", "description": "Current state of the certificate CNAME record validation. It should change to `SUCCESS` after App Runner completes validation with your DNS.\n" } }, "required": [ "certificateValidationRecords", "dnsTarget", "domainName", "serviceArn", "status" ], "inputProperties": { "domainName": { "type": "string", "description": "Custom domain endpoint to association. Specify a base domain e.g., `example.com` or a subdomain e.g., `subdomain.example.com`.\n", "willReplaceOnChanges": true }, "enableWwwSubdomain": { "type": "boolean", "description": "Whether to associate the subdomain with the App Runner service in addition to the base domain. Defaults to `true`.\n", "willReplaceOnChanges": true }, "serviceArn": { "type": "string", "description": "ARN of the App Runner service.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domainName", "serviceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomDomainAssociation resources.\n", "properties": { "certificateValidationRecords": { "type": "array", "items": { "$ref": "#/types/aws:apprunner/CustomDomainAssociationCertificateValidationRecord:CustomDomainAssociationCertificateValidationRecord" }, "description": "A set of certificate CNAME records used for this domain name. See Certificate Validation Records below for more details.\n" }, "dnsTarget": { "type": "string", "description": "App Runner subdomain of the App Runner service. The custom domain name is mapped to this target name. Attribute only available if resource created (not imported) with this provider.\n" }, "domainName": { "type": "string", "description": "Custom domain endpoint to association. Specify a base domain e.g., `example.com` or a subdomain e.g., `subdomain.example.com`.\n", "willReplaceOnChanges": true }, "enableWwwSubdomain": { "type": "boolean", "description": "Whether to associate the subdomain with the App Runner service in addition to the base domain. Defaults to `true`.\n", "willReplaceOnChanges": true }, "serviceArn": { "type": "string", "description": "ARN of the App Runner service.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current state of the certificate CNAME record validation. It should change to `SUCCESS` after App Runner completes validation with your DNS.\n" } }, "type": "object" } }, "aws:apprunner/defaultAutoScalingConfigurationVersion:DefaultAutoScalingConfigurationVersion": { "description": "Manages the default App Runner auto scaling configuration.\nWhen creating or updating this resource the existing default auto scaling configuration will be set to non-default automatically.\nWhen creating or updating this resource the configuration is automatically assigned as the default to the new services you create in the future. The new default designation doesn't affect the associations that were previously set for existing services.\nEach account can have only one default auto scaling configuration per Region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.AutoScalingConfigurationVersion(\"example\", {\n autoScalingConfigurationName: \"example\",\n maxConcurrency: 50,\n maxSize: 10,\n minSize: 2,\n});\nconst exampleDefaultAutoScalingConfigurationVersion = new aws.apprunner.DefaultAutoScalingConfigurationVersion(\"example\", {autoScalingConfigurationArn: example.arn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.AutoScalingConfigurationVersion(\"example\",\n auto_scaling_configuration_name=\"example\",\n max_concurrency=50,\n max_size=10,\n min_size=2)\nexample_default_auto_scaling_configuration_version = aws.apprunner.DefaultAutoScalingConfigurationVersion(\"example\", auto_scaling_configuration_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.AutoScalingConfigurationVersion(\"example\", new()\n {\n AutoScalingConfigurationName = \"example\",\n MaxConcurrency = 50,\n MaxSize = 10,\n MinSize = 2,\n });\n\n var exampleDefaultAutoScalingConfigurationVersion = new Aws.AppRunner.DefaultAutoScalingConfigurationVersion(\"example\", new()\n {\n AutoScalingConfigurationArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := apprunner.NewAutoScalingConfigurationVersion(ctx, \"example\", \u0026apprunner.AutoScalingConfigurationVersionArgs{\n\t\t\tAutoScalingConfigurationName: pulumi.String(\"example\"),\n\t\t\tMaxConcurrency: pulumi.Int(50),\n\t\t\tMaxSize: pulumi.Int(10),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apprunner.NewDefaultAutoScalingConfigurationVersion(ctx, \"example\", \u0026apprunner.DefaultAutoScalingConfigurationVersionArgs{\n\t\t\tAutoScalingConfigurationArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.AutoScalingConfigurationVersion;\nimport com.pulumi.aws.apprunner.AutoScalingConfigurationVersionArgs;\nimport com.pulumi.aws.apprunner.DefaultAutoScalingConfigurationVersion;\nimport com.pulumi.aws.apprunner.DefaultAutoScalingConfigurationVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AutoScalingConfigurationVersion(\"example\", AutoScalingConfigurationVersionArgs.builder()\n .autoScalingConfigurationName(\"example\")\n .maxConcurrency(50)\n .maxSize(10)\n .minSize(2)\n .build());\n\n var exampleDefaultAutoScalingConfigurationVersion = new DefaultAutoScalingConfigurationVersion(\"exampleDefaultAutoScalingConfigurationVersion\", DefaultAutoScalingConfigurationVersionArgs.builder()\n .autoScalingConfigurationArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:AutoScalingConfigurationVersion\n properties:\n autoScalingConfigurationName: example\n maxConcurrency: 50\n maxSize: 10\n minSize: 2\n exampleDefaultAutoScalingConfigurationVersion:\n type: aws:apprunner:DefaultAutoScalingConfigurationVersion\n name: example\n properties:\n autoScalingConfigurationArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner default auto scaling configurations using the current Region. For example:\n\n```sh\n$ pulumi import aws:apprunner/defaultAutoScalingConfigurationVersion:DefaultAutoScalingConfigurationVersion example us-west-2\n```\n", "properties": { "autoScalingConfigurationArn": { "type": "string", "description": "The ARN of the App Runner auto scaling configuration that you want to set as the default.\n" } }, "required": [ "autoScalingConfigurationArn" ], "inputProperties": { "autoScalingConfigurationArn": { "type": "string", "description": "The ARN of the App Runner auto scaling configuration that you want to set as the default.\n" } }, "requiredInputs": [ "autoScalingConfigurationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultAutoScalingConfigurationVersion resources.\n", "properties": { "autoScalingConfigurationArn": { "type": "string", "description": "The ARN of the App Runner auto scaling configuration that you want to set as the default.\n" } }, "type": "object" } }, "aws:apprunner/deployment:Deployment": { "description": "Manages an App Runner Deployment Operation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.Deployment(\"example\", {serviceArn: exampleAwsApprunnerService.arn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.Deployment(\"example\", service_arn=example_aws_apprunner_service[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.Deployment(\"example\", new()\n {\n ServiceArn = exampleAwsApprunnerService.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewDeployment(ctx, \"example\", \u0026apprunner.DeploymentArgs{\n\t\t\tServiceArn: pulumi.Any(exampleAwsApprunnerService.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.Deployment;\nimport com.pulumi.aws.apprunner.DeploymentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Deployment(\"example\", DeploymentArgs.builder()\n .serviceArn(exampleAwsApprunnerService.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:Deployment\n properties:\n serviceArn: ${exampleAwsApprunnerService.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "operationId": { "type": "string", "description": "The unique ID of the operation associated with deployment.\n" }, "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the App Runner service to start the deployment for.\n" }, "status": { "type": "string", "description": "The current status of the App Runner service deployment.\n" }, "timeouts": { "$ref": "#/types/aws:apprunner/DeploymentTimeouts:DeploymentTimeouts" } }, "required": [ "operationId", "serviceArn", "status" ], "inputProperties": { "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the App Runner service to start the deployment for.\n" }, "timeouts": { "$ref": "#/types/aws:apprunner/DeploymentTimeouts:DeploymentTimeouts" } }, "requiredInputs": [ "serviceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "operationId": { "type": "string", "description": "The unique ID of the operation associated with deployment.\n" }, "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the App Runner service to start the deployment for.\n" }, "status": { "type": "string", "description": "The current status of the App Runner service deployment.\n" }, "timeouts": { "$ref": "#/types/aws:apprunner/DeploymentTimeouts:DeploymentTimeouts" } }, "type": "object" } }, "aws:apprunner/observabilityConfiguration:ObservabilityConfiguration": { "description": "Manages an App Runner Observability Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.ObservabilityConfiguration(\"example\", {\n observabilityConfigurationName: \"example\",\n traceConfiguration: {\n vendor: \"AWSXRAY\",\n },\n tags: {\n Name: \"example-apprunner-observability-configuration\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.ObservabilityConfiguration(\"example\",\n observability_configuration_name=\"example\",\n trace_configuration={\n \"vendor\": \"AWSXRAY\",\n },\n tags={\n \"Name\": \"example-apprunner-observability-configuration\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.ObservabilityConfiguration(\"example\", new()\n {\n ObservabilityConfigurationName = \"example\",\n TraceConfiguration = new Aws.AppRunner.Inputs.ObservabilityConfigurationTraceConfigurationArgs\n {\n Vendor = \"AWSXRAY\",\n },\n Tags = \n {\n { \"Name\", \"example-apprunner-observability-configuration\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewObservabilityConfiguration(ctx, \"example\", \u0026apprunner.ObservabilityConfigurationArgs{\n\t\t\tObservabilityConfigurationName: pulumi.String(\"example\"),\n\t\t\tTraceConfiguration: \u0026apprunner.ObservabilityConfigurationTraceConfigurationArgs{\n\t\t\t\tVendor: pulumi.String(\"AWSXRAY\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-observability-configuration\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.ObservabilityConfiguration;\nimport com.pulumi.aws.apprunner.ObservabilityConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ObservabilityConfigurationTraceConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ObservabilityConfiguration(\"example\", ObservabilityConfigurationArgs.builder()\n .observabilityConfigurationName(\"example\")\n .traceConfiguration(ObservabilityConfigurationTraceConfigurationArgs.builder()\n .vendor(\"AWSXRAY\")\n .build())\n .tags(Map.of(\"Name\", \"example-apprunner-observability-configuration\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:ObservabilityConfiguration\n properties:\n observabilityConfigurationName: example\n traceConfiguration:\n vendor: AWSXRAY\n tags:\n Name: example-apprunner-observability-configuration\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner Observability Configuration using the `arn`. For example:\n\n```sh\n$ pulumi import aws:apprunner/observabilityConfiguration:ObservabilityConfiguration example arn:aws:apprunner:us-east-1:1234567890:observabilityconfiguration/example/1/d75bc7ea55b71e724fe5c23452fe22a1\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of this observability configuration.\n" }, "latest": { "type": "boolean", "description": "Whether the observability configuration has the highest `observability_configuration_revision` among all configurations that share the same `observability_configuration_name`.\n" }, "observabilityConfigurationName": { "type": "string", "description": "Name of the observability configuration.\n" }, "observabilityConfigurationRevision": { "type": "integer", "description": "The revision of this observability configuration.\n" }, "status": { "type": "string", "description": "Current state of the observability configuration. An INACTIVE configuration revision has been deleted and can't be used. It is permanently removed some time after deletion.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "traceConfiguration": { "$ref": "#/types/aws:apprunner/ObservabilityConfigurationTraceConfiguration:ObservabilityConfigurationTraceConfiguration", "description": "Configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing. See Trace Configuration below for more details.\n" } }, "required": [ "arn", "latest", "observabilityConfigurationName", "observabilityConfigurationRevision", "status", "tagsAll" ], "inputProperties": { "observabilityConfigurationName": { "type": "string", "description": "Name of the observability configuration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "traceConfiguration": { "$ref": "#/types/aws:apprunner/ObservabilityConfigurationTraceConfiguration:ObservabilityConfigurationTraceConfiguration", "description": "Configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing. See Trace Configuration below for more details.\n" } }, "requiredInputs": [ "observabilityConfigurationName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ObservabilityConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of this observability configuration.\n" }, "latest": { "type": "boolean", "description": "Whether the observability configuration has the highest `observability_configuration_revision` among all configurations that share the same `observability_configuration_name`.\n" }, "observabilityConfigurationName": { "type": "string", "description": "Name of the observability configuration.\n", "willReplaceOnChanges": true }, "observabilityConfigurationRevision": { "type": "integer", "description": "The revision of this observability configuration.\n" }, "status": { "type": "string", "description": "Current state of the observability configuration. An INACTIVE configuration revision has been deleted and can't be used. It is permanently removed some time after deletion.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "traceConfiguration": { "$ref": "#/types/aws:apprunner/ObservabilityConfigurationTraceConfiguration:ObservabilityConfigurationTraceConfiguration", "description": "Configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing. See Trace Configuration below for more details.\n" } }, "type": "object" } }, "aws:apprunner/service:Service": { "description": "Manages an App Runner Service.\n\n## Example Usage\n\n### Service with a Code Repository Source\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.Service(\"example\", {\n serviceName: \"example\",\n sourceConfiguration: {\n authenticationConfiguration: {\n connectionArn: exampleAwsApprunnerConnection.arn,\n },\n codeRepository: {\n codeConfiguration: {\n codeConfigurationValues: {\n buildCommand: \"python setup.py develop\",\n port: \"8000\",\n runtime: \"PYTHON_3\",\n startCommand: \"python runapp.py\",\n },\n configurationSource: \"API\",\n },\n repositoryUrl: \"https://github.com/example/my-example-python-app\",\n sourceCodeVersion: {\n type: \"BRANCH\",\n value: \"main\",\n },\n },\n },\n networkConfiguration: {\n egressConfiguration: {\n egressType: \"VPC\",\n vpcConnectorArn: connector.arn,\n },\n },\n tags: {\n Name: \"example-apprunner-service\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.Service(\"example\",\n service_name=\"example\",\n source_configuration={\n \"authentication_configuration\": {\n \"connection_arn\": example_aws_apprunner_connection[\"arn\"],\n },\n \"code_repository\": {\n \"code_configuration\": {\n \"code_configuration_values\": {\n \"build_command\": \"python setup.py develop\",\n \"port\": \"8000\",\n \"runtime\": \"PYTHON_3\",\n \"start_command\": \"python runapp.py\",\n },\n \"configuration_source\": \"API\",\n },\n \"repository_url\": \"https://github.com/example/my-example-python-app\",\n \"source_code_version\": {\n \"type\": \"BRANCH\",\n \"value\": \"main\",\n },\n },\n },\n network_configuration={\n \"egress_configuration\": {\n \"egress_type\": \"VPC\",\n \"vpc_connector_arn\": connector[\"arn\"],\n },\n },\n tags={\n \"Name\": \"example-apprunner-service\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.Service(\"example\", new()\n {\n ServiceName = \"example\",\n SourceConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationArgs\n {\n AuthenticationConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationAuthenticationConfigurationArgs\n {\n ConnectionArn = exampleAwsApprunnerConnection.Arn,\n },\n CodeRepository = new Aws.AppRunner.Inputs.ServiceSourceConfigurationCodeRepositoryArgs\n {\n CodeConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationCodeRepositoryCodeConfigurationArgs\n {\n CodeConfigurationValues = new Aws.AppRunner.Inputs.ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValuesArgs\n {\n BuildCommand = \"python setup.py develop\",\n Port = \"8000\",\n Runtime = \"PYTHON_3\",\n StartCommand = \"python runapp.py\",\n },\n ConfigurationSource = \"API\",\n },\n RepositoryUrl = \"https://github.com/example/my-example-python-app\",\n SourceCodeVersion = new Aws.AppRunner.Inputs.ServiceSourceConfigurationCodeRepositorySourceCodeVersionArgs\n {\n Type = \"BRANCH\",\n Value = \"main\",\n },\n },\n },\n NetworkConfiguration = new Aws.AppRunner.Inputs.ServiceNetworkConfigurationArgs\n {\n EgressConfiguration = new Aws.AppRunner.Inputs.ServiceNetworkConfigurationEgressConfigurationArgs\n {\n EgressType = \"VPC\",\n VpcConnectorArn = connector.Arn,\n },\n },\n Tags = \n {\n { \"Name\", \"example-apprunner-service\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewService(ctx, \"example\", \u0026apprunner.ServiceArgs{\n\t\t\tServiceName: pulumi.String(\"example\"),\n\t\t\tSourceConfiguration: \u0026apprunner.ServiceSourceConfigurationArgs{\n\t\t\t\tAuthenticationConfiguration: \u0026apprunner.ServiceSourceConfigurationAuthenticationConfigurationArgs{\n\t\t\t\t\tConnectionArn: pulumi.Any(exampleAwsApprunnerConnection.Arn),\n\t\t\t\t},\n\t\t\t\tCodeRepository: \u0026apprunner.ServiceSourceConfigurationCodeRepositoryArgs{\n\t\t\t\t\tCodeConfiguration: \u0026apprunner.ServiceSourceConfigurationCodeRepositoryCodeConfigurationArgs{\n\t\t\t\t\t\tCodeConfigurationValues: \u0026apprunner.ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValuesArgs{\n\t\t\t\t\t\t\tBuildCommand: pulumi.String(\"python setup.py develop\"),\n\t\t\t\t\t\t\tPort: pulumi.String(\"8000\"),\n\t\t\t\t\t\t\tRuntime: pulumi.String(\"PYTHON_3\"),\n\t\t\t\t\t\t\tStartCommand: pulumi.String(\"python runapp.py\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tConfigurationSource: pulumi.String(\"API\"),\n\t\t\t\t\t},\n\t\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/example/my-example-python-app\"),\n\t\t\t\t\tSourceCodeVersion: \u0026apprunner.ServiceSourceConfigurationCodeRepositorySourceCodeVersionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BRANCH\"),\n\t\t\t\t\t\tValue: pulumi.String(\"main\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkConfiguration: \u0026apprunner.ServiceNetworkConfigurationArgs{\n\t\t\t\tEgressConfiguration: \u0026apprunner.ServiceNetworkConfigurationEgressConfigurationArgs{\n\t\t\t\t\tEgressType: pulumi.String(\"VPC\"),\n\t\t\t\t\tVpcConnectorArn: pulumi.Any(connector.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-service\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.Service;\nimport com.pulumi.aws.apprunner.ServiceArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationAuthenticationConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationCodeRepositoryArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationCodeRepositoryCodeConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValuesArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationCodeRepositorySourceCodeVersionArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceNetworkConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceNetworkConfigurationEgressConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .serviceName(\"example\")\n .sourceConfiguration(ServiceSourceConfigurationArgs.builder()\n .authenticationConfiguration(ServiceSourceConfigurationAuthenticationConfigurationArgs.builder()\n .connectionArn(exampleAwsApprunnerConnection.arn())\n .build())\n .codeRepository(ServiceSourceConfigurationCodeRepositoryArgs.builder()\n .codeConfiguration(ServiceSourceConfigurationCodeRepositoryCodeConfigurationArgs.builder()\n .codeConfigurationValues(ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValuesArgs.builder()\n .buildCommand(\"python setup.py develop\")\n .port(\"8000\")\n .runtime(\"PYTHON_3\")\n .startCommand(\"python runapp.py\")\n .build())\n .configurationSource(\"API\")\n .build())\n .repositoryUrl(\"https://github.com/example/my-example-python-app\")\n .sourceCodeVersion(ServiceSourceConfigurationCodeRepositorySourceCodeVersionArgs.builder()\n .type(\"BRANCH\")\n .value(\"main\")\n .build())\n .build())\n .build())\n .networkConfiguration(ServiceNetworkConfigurationArgs.builder()\n .egressConfiguration(ServiceNetworkConfigurationEgressConfigurationArgs.builder()\n .egressType(\"VPC\")\n .vpcConnectorArn(connector.arn())\n .build())\n .build())\n .tags(Map.of(\"Name\", \"example-apprunner-service\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:Service\n properties:\n serviceName: example\n sourceConfiguration:\n authenticationConfiguration:\n connectionArn: ${exampleAwsApprunnerConnection.arn}\n codeRepository:\n codeConfiguration:\n codeConfigurationValues:\n buildCommand: python setup.py develop\n port: '8000'\n runtime: PYTHON_3\n startCommand: python runapp.py\n configurationSource: API\n repositoryUrl: https://github.com/example/my-example-python-app\n sourceCodeVersion:\n type: BRANCH\n value: main\n networkConfiguration:\n egressConfiguration:\n egressType: VPC\n vpcConnectorArn: ${connector.arn}\n tags:\n Name: example-apprunner-service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Service with an Image Repository Source\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.Service(\"example\", {\n serviceName: \"example\",\n sourceConfiguration: {\n imageRepository: {\n imageConfiguration: {\n port: \"8000\",\n },\n imageIdentifier: \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n imageRepositoryType: \"ECR_PUBLIC\",\n },\n autoDeploymentsEnabled: false,\n },\n tags: {\n Name: \"example-apprunner-service\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.Service(\"example\",\n service_name=\"example\",\n source_configuration={\n \"image_repository\": {\n \"image_configuration\": {\n \"port\": \"8000\",\n },\n \"image_identifier\": \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n \"image_repository_type\": \"ECR_PUBLIC\",\n },\n \"auto_deployments_enabled\": False,\n },\n tags={\n \"Name\": \"example-apprunner-service\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.Service(\"example\", new()\n {\n ServiceName = \"example\",\n SourceConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationArgs\n {\n ImageRepository = new Aws.AppRunner.Inputs.ServiceSourceConfigurationImageRepositoryArgs\n {\n ImageConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs\n {\n Port = \"8000\",\n },\n ImageIdentifier = \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n ImageRepositoryType = \"ECR_PUBLIC\",\n },\n AutoDeploymentsEnabled = false,\n },\n Tags = \n {\n { \"Name\", \"example-apprunner-service\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewService(ctx, \"example\", \u0026apprunner.ServiceArgs{\n\t\t\tServiceName: pulumi.String(\"example\"),\n\t\t\tSourceConfiguration: \u0026apprunner.ServiceSourceConfigurationArgs{\n\t\t\t\tImageRepository: \u0026apprunner.ServiceSourceConfigurationImageRepositoryArgs{\n\t\t\t\t\tImageConfiguration: \u0026apprunner.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"8000\"),\n\t\t\t\t\t},\n\t\t\t\t\tImageIdentifier: pulumi.String(\"public.ecr.aws/aws-containers/hello-app-runner:latest\"),\n\t\t\t\t\tImageRepositoryType: pulumi.String(\"ECR_PUBLIC\"),\n\t\t\t\t},\n\t\t\t\tAutoDeploymentsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-service\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.Service;\nimport com.pulumi.aws.apprunner.ServiceArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationImageRepositoryArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .serviceName(\"example\")\n .sourceConfiguration(ServiceSourceConfigurationArgs.builder()\n .imageRepository(ServiceSourceConfigurationImageRepositoryArgs.builder()\n .imageConfiguration(ServiceSourceConfigurationImageRepositoryImageConfigurationArgs.builder()\n .port(\"8000\")\n .build())\n .imageIdentifier(\"public.ecr.aws/aws-containers/hello-app-runner:latest\")\n .imageRepositoryType(\"ECR_PUBLIC\")\n .build())\n .autoDeploymentsEnabled(false)\n .build())\n .tags(Map.of(\"Name\", \"example-apprunner-service\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:Service\n properties:\n serviceName: example\n sourceConfiguration:\n imageRepository:\n imageConfiguration:\n port: '8000'\n imageIdentifier: public.ecr.aws/aws-containers/hello-app-runner:latest\n imageRepositoryType: ECR_PUBLIC\n autoDeploymentsEnabled: false\n tags:\n Name: example-apprunner-service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Service with Observability Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleObservabilityConfiguration = new aws.apprunner.ObservabilityConfiguration(\"example\", {\n observabilityConfigurationName: \"example\",\n traceConfiguration: {\n vendor: \"AWSXRAY\",\n },\n});\nconst example = new aws.apprunner.Service(\"example\", {\n serviceName: \"example\",\n observabilityConfiguration: {\n observabilityConfigurationArn: exampleObservabilityConfiguration.arn,\n observabilityEnabled: true,\n },\n sourceConfiguration: {\n imageRepository: {\n imageConfiguration: {\n port: \"8000\",\n },\n imageIdentifier: \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n imageRepositoryType: \"ECR_PUBLIC\",\n },\n autoDeploymentsEnabled: false,\n },\n tags: {\n Name: \"example-apprunner-service\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_observability_configuration = aws.apprunner.ObservabilityConfiguration(\"example\",\n observability_configuration_name=\"example\",\n trace_configuration={\n \"vendor\": \"AWSXRAY\",\n })\nexample = aws.apprunner.Service(\"example\",\n service_name=\"example\",\n observability_configuration={\n \"observability_configuration_arn\": example_observability_configuration.arn,\n \"observability_enabled\": True,\n },\n source_configuration={\n \"image_repository\": {\n \"image_configuration\": {\n \"port\": \"8000\",\n },\n \"image_identifier\": \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n \"image_repository_type\": \"ECR_PUBLIC\",\n },\n \"auto_deployments_enabled\": False,\n },\n tags={\n \"Name\": \"example-apprunner-service\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleObservabilityConfiguration = new Aws.AppRunner.ObservabilityConfiguration(\"example\", new()\n {\n ObservabilityConfigurationName = \"example\",\n TraceConfiguration = new Aws.AppRunner.Inputs.ObservabilityConfigurationTraceConfigurationArgs\n {\n Vendor = \"AWSXRAY\",\n },\n });\n\n var example = new Aws.AppRunner.Service(\"example\", new()\n {\n ServiceName = \"example\",\n ObservabilityConfiguration = new Aws.AppRunner.Inputs.ServiceObservabilityConfigurationArgs\n {\n ObservabilityConfigurationArn = exampleObservabilityConfiguration.Arn,\n ObservabilityEnabled = true,\n },\n SourceConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationArgs\n {\n ImageRepository = new Aws.AppRunner.Inputs.ServiceSourceConfigurationImageRepositoryArgs\n {\n ImageConfiguration = new Aws.AppRunner.Inputs.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs\n {\n Port = \"8000\",\n },\n ImageIdentifier = \"public.ecr.aws/aws-containers/hello-app-runner:latest\",\n ImageRepositoryType = \"ECR_PUBLIC\",\n },\n AutoDeploymentsEnabled = false,\n },\n Tags = \n {\n { \"Name\", \"example-apprunner-service\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleObservabilityConfiguration, err := apprunner.NewObservabilityConfiguration(ctx, \"example\", \u0026apprunner.ObservabilityConfigurationArgs{\n\t\t\tObservabilityConfigurationName: pulumi.String(\"example\"),\n\t\t\tTraceConfiguration: \u0026apprunner.ObservabilityConfigurationTraceConfigurationArgs{\n\t\t\t\tVendor: pulumi.String(\"AWSXRAY\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apprunner.NewService(ctx, \"example\", \u0026apprunner.ServiceArgs{\n\t\t\tServiceName: pulumi.String(\"example\"),\n\t\t\tObservabilityConfiguration: \u0026apprunner.ServiceObservabilityConfigurationArgs{\n\t\t\t\tObservabilityConfigurationArn: exampleObservabilityConfiguration.Arn,\n\t\t\t\tObservabilityEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tSourceConfiguration: \u0026apprunner.ServiceSourceConfigurationArgs{\n\t\t\t\tImageRepository: \u0026apprunner.ServiceSourceConfigurationImageRepositoryArgs{\n\t\t\t\t\tImageConfiguration: \u0026apprunner.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"8000\"),\n\t\t\t\t\t},\n\t\t\t\t\tImageIdentifier: pulumi.String(\"public.ecr.aws/aws-containers/hello-app-runner:latest\"),\n\t\t\t\t\tImageRepositoryType: pulumi.String(\"ECR_PUBLIC\"),\n\t\t\t\t},\n\t\t\t\tAutoDeploymentsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-apprunner-service\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.ObservabilityConfiguration;\nimport com.pulumi.aws.apprunner.ObservabilityConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ObservabilityConfigurationTraceConfigurationArgs;\nimport com.pulumi.aws.apprunner.Service;\nimport com.pulumi.aws.apprunner.ServiceArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceObservabilityConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationImageRepositoryArgs;\nimport com.pulumi.aws.apprunner.inputs.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleObservabilityConfiguration = new ObservabilityConfiguration(\"exampleObservabilityConfiguration\", ObservabilityConfigurationArgs.builder()\n .observabilityConfigurationName(\"example\")\n .traceConfiguration(ObservabilityConfigurationTraceConfigurationArgs.builder()\n .vendor(\"AWSXRAY\")\n .build())\n .build());\n\n var example = new Service(\"example\", ServiceArgs.builder()\n .serviceName(\"example\")\n .observabilityConfiguration(ServiceObservabilityConfigurationArgs.builder()\n .observabilityConfigurationArn(exampleObservabilityConfiguration.arn())\n .observabilityEnabled(true)\n .build())\n .sourceConfiguration(ServiceSourceConfigurationArgs.builder()\n .imageRepository(ServiceSourceConfigurationImageRepositoryArgs.builder()\n .imageConfiguration(ServiceSourceConfigurationImageRepositoryImageConfigurationArgs.builder()\n .port(\"8000\")\n .build())\n .imageIdentifier(\"public.ecr.aws/aws-containers/hello-app-runner:latest\")\n .imageRepositoryType(\"ECR_PUBLIC\")\n .build())\n .autoDeploymentsEnabled(false)\n .build())\n .tags(Map.of(\"Name\", \"example-apprunner-service\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:Service\n properties:\n serviceName: example\n observabilityConfiguration:\n observabilityConfigurationArn: ${exampleObservabilityConfiguration.arn}\n observabilityEnabled: true\n sourceConfiguration:\n imageRepository:\n imageConfiguration:\n port: '8000'\n imageIdentifier: public.ecr.aws/aws-containers/hello-app-runner:latest\n imageRepositoryType: ECR_PUBLIC\n autoDeploymentsEnabled: false\n tags:\n Name: example-apprunner-service\n exampleObservabilityConfiguration:\n type: aws:apprunner:ObservabilityConfiguration\n name: example\n properties:\n observabilityConfigurationName: example\n traceConfiguration:\n vendor: AWSXRAY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner Services using the `arn`. For example:\n\n```sh\n$ pulumi import aws:apprunner/service:Service example arn:aws:apprunner:us-east-1:1234567890:service/example/0a03292a89764e5882c41d8f991c82fe\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the App Runner service.\n" }, "autoScalingConfigurationArn": { "type": "string", "description": "ARN of an App Runner automatic scaling configuration resource that you want to associate with your service. If not provided, App Runner associates the latest revision of a default auto scaling configuration.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:apprunner/ServiceEncryptionConfiguration:ServiceEncryptionConfiguration", "description": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed CMK. See Encryption Configuration below for more details.\n" }, "healthCheckConfiguration": { "$ref": "#/types/aws:apprunner/ServiceHealthCheckConfiguration:ServiceHealthCheckConfiguration", "description": "Settings of the health check that AWS App Runner performs to monitor the health of your service. See Health Check Configuration below for more details.\n" }, "instanceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceInstanceConfiguration:ServiceInstanceConfiguration", "description": "The runtime configuration of instances (scaling units) of the App Runner service. See Instance Configuration below for more details.\n" }, "networkConfiguration": { "$ref": "#/types/aws:apprunner/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Configuration settings related to network traffic of the web application that the App Runner service runs. See Network Configuration below for more details.\n" }, "observabilityConfiguration": { "$ref": "#/types/aws:apprunner/ServiceObservabilityConfiguration:ServiceObservabilityConfiguration", "description": "The observability configuration of your service. See Observability Configuration below for more details.\n" }, "serviceId": { "type": "string", "description": "An alphanumeric ID that App Runner generated for this service. Unique within the AWS Region.\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "serviceUrl": { "type": "string", "description": "Subdomain URL that App Runner generated for this service. You can use this URL to access your service web application.\n" }, "sourceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfiguration:ServiceSourceConfiguration", "description": "The source to deploy to the App Runner service. Can be a code or an image repository. See Source Configuration below for more details.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Current state of the App Runner service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "autoScalingConfigurationArn", "healthCheckConfiguration", "instanceConfiguration", "networkConfiguration", "serviceId", "serviceName", "serviceUrl", "sourceConfiguration", "status", "tagsAll" ], "inputProperties": { "autoScalingConfigurationArn": { "type": "string", "description": "ARN of an App Runner automatic scaling configuration resource that you want to associate with your service. If not provided, App Runner associates the latest revision of a default auto scaling configuration.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:apprunner/ServiceEncryptionConfiguration:ServiceEncryptionConfiguration", "description": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed CMK. See Encryption Configuration below for more details.\n", "willReplaceOnChanges": true }, "healthCheckConfiguration": { "$ref": "#/types/aws:apprunner/ServiceHealthCheckConfiguration:ServiceHealthCheckConfiguration", "description": "Settings of the health check that AWS App Runner performs to monitor the health of your service. See Health Check Configuration below for more details.\n" }, "instanceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceInstanceConfiguration:ServiceInstanceConfiguration", "description": "The runtime configuration of instances (scaling units) of the App Runner service. See Instance Configuration below for more details.\n" }, "networkConfiguration": { "$ref": "#/types/aws:apprunner/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Configuration settings related to network traffic of the web application that the App Runner service runs. See Network Configuration below for more details.\n" }, "observabilityConfiguration": { "$ref": "#/types/aws:apprunner/ServiceObservabilityConfiguration:ServiceObservabilityConfiguration", "description": "The observability configuration of your service. See Observability Configuration below for more details.\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n", "willReplaceOnChanges": true }, "sourceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfiguration:ServiceSourceConfiguration", "description": "The source to deploy to the App Runner service. Can be a code or an image repository. See Source Configuration below for more details.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "serviceName", "sourceConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the App Runner service.\n" }, "autoScalingConfigurationArn": { "type": "string", "description": "ARN of an App Runner automatic scaling configuration resource that you want to associate with your service. If not provided, App Runner associates the latest revision of a default auto scaling configuration.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:apprunner/ServiceEncryptionConfiguration:ServiceEncryptionConfiguration", "description": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed CMK. See Encryption Configuration below for more details.\n", "willReplaceOnChanges": true }, "healthCheckConfiguration": { "$ref": "#/types/aws:apprunner/ServiceHealthCheckConfiguration:ServiceHealthCheckConfiguration", "description": "Settings of the health check that AWS App Runner performs to monitor the health of your service. See Health Check Configuration below for more details.\n" }, "instanceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceInstanceConfiguration:ServiceInstanceConfiguration", "description": "The runtime configuration of instances (scaling units) of the App Runner service. See Instance Configuration below for more details.\n" }, "networkConfiguration": { "$ref": "#/types/aws:apprunner/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Configuration settings related to network traffic of the web application that the App Runner service runs. See Network Configuration below for more details.\n" }, "observabilityConfiguration": { "$ref": "#/types/aws:apprunner/ServiceObservabilityConfiguration:ServiceObservabilityConfiguration", "description": "The observability configuration of your service. See Observability Configuration below for more details.\n" }, "serviceId": { "type": "string", "description": "An alphanumeric ID that App Runner generated for this service. Unique within the AWS Region.\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n", "willReplaceOnChanges": true }, "serviceUrl": { "type": "string", "description": "Subdomain URL that App Runner generated for this service. You can use this URL to access your service web application.\n" }, "sourceConfiguration": { "$ref": "#/types/aws:apprunner/ServiceSourceConfiguration:ServiceSourceConfiguration", "description": "The source to deploy to the App Runner service. Can be a code or an image repository. See Source Configuration below for more details.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Current state of the App Runner service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:apprunner/vpcConnector:VpcConnector": { "description": "Manages an App Runner VPC Connector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst connector = new aws.apprunner.VpcConnector(\"connector\", {\n vpcConnectorName: \"name\",\n subnets: [\n \"subnet1\",\n \"subnet2\",\n ],\n securityGroups: [\n \"sg1\",\n \"sg2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconnector = aws.apprunner.VpcConnector(\"connector\",\n vpc_connector_name=\"name\",\n subnets=[\n \"subnet1\",\n \"subnet2\",\n ],\n security_groups=[\n \"sg1\",\n \"sg2\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var connector = new Aws.AppRunner.VpcConnector(\"connector\", new()\n {\n VpcConnectorName = \"name\",\n Subnets = new[]\n {\n \"subnet1\",\n \"subnet2\",\n },\n SecurityGroups = new[]\n {\n \"sg1\",\n \"sg2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewVpcConnector(ctx, \"connector\", \u0026apprunner.VpcConnectorArgs{\n\t\t\tVpcConnectorName: pulumi.String(\"name\"),\n\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet1\"),\n\t\t\t\tpulumi.String(\"subnet2\"),\n\t\t\t},\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg1\"),\n\t\t\t\tpulumi.String(\"sg2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.VpcConnector;\nimport com.pulumi.aws.apprunner.VpcConnectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var connector = new VpcConnector(\"connector\", VpcConnectorArgs.builder()\n .vpcConnectorName(\"name\")\n .subnets( \n \"subnet1\",\n \"subnet2\")\n .securityGroups( \n \"sg1\",\n \"sg2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n connector:\n type: aws:apprunner:VpcConnector\n properties:\n vpcConnectorName: name\n subnets:\n - subnet1\n - subnet2\n securityGroups:\n - sg1\n - sg2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner vpc connector using the `arn`. For example:\n\n```sh\n$ pulumi import aws:apprunner/vpcConnector:VpcConnector example arn:aws:apprunner:us-east-1:1234567890:vpcconnector/example/1/0a03292a89764e5882c41d8f991c82fe\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of VPC connector.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.\n" }, "status": { "type": "string", "description": "Current state of the VPC connector. If the status of a connector revision is INACTIVE, it was deleted and can't be used. Inactive connector revisions are permanently removed some time after they are deleted.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConnectorName": { "type": "string", "description": "Name for the VPC connector.\n" }, "vpcConnectorRevision": { "type": "integer", "description": "The revision of VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.\n" } }, "required": [ "arn", "securityGroups", "status", "subnets", "tagsAll", "vpcConnectorName", "vpcConnectorRevision" ], "inputProperties": { "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.\n", "willReplaceOnChanges": true }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConnectorName": { "type": "string", "description": "Name for the VPC connector.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "securityGroups", "subnets", "vpcConnectorName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcConnector resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of VPC connector.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current state of the VPC connector. If the status of a connector revision is INACTIVE, it was deleted and can't be used. Inactive connector revisions are permanently removed some time after they are deleted.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConnectorName": { "type": "string", "description": "Name for the VPC connector.\n", "willReplaceOnChanges": true }, "vpcConnectorRevision": { "type": "integer", "description": "The revision of VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.\n" } }, "type": "object" } }, "aws:apprunner/vpcIngressConnection:VpcIngressConnection": { "description": "Manages an App Runner VPC Ingress Connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.apprunner.VpcIngressConnection(\"example\", {\n name: \"example\",\n serviceArn: exampleAwsApprunnerService.arn,\n ingressVpcConfiguration: {\n vpcId: _default.id,\n vpcEndpointId: apprunner.id,\n },\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apprunner.VpcIngressConnection(\"example\",\n name=\"example\",\n service_arn=example_aws_apprunner_service[\"arn\"],\n ingress_vpc_configuration={\n \"vpc_id\": default[\"id\"],\n \"vpc_endpoint_id\": apprunner[\"id\"],\n },\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppRunner.VpcIngressConnection(\"example\", new()\n {\n Name = \"example\",\n ServiceArn = exampleAwsApprunnerService.Arn,\n IngressVpcConfiguration = new Aws.AppRunner.Inputs.VpcIngressConnectionIngressVpcConfigurationArgs\n {\n VpcId = @default.Id,\n VpcEndpointId = apprunner.Id,\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apprunner.NewVpcIngressConnection(ctx, \"example\", \u0026apprunner.VpcIngressConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tServiceArn: pulumi.Any(exampleAwsApprunnerService.Arn),\n\t\t\tIngressVpcConfiguration: \u0026apprunner.VpcIngressConnectionIngressVpcConfigurationArgs{\n\t\t\t\tVpcId: pulumi.Any(_default.Id),\n\t\t\t\tVpcEndpointId: pulumi.Any(apprunner.Id),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.VpcIngressConnection;\nimport com.pulumi.aws.apprunner.VpcIngressConnectionArgs;\nimport com.pulumi.aws.apprunner.inputs.VpcIngressConnectionIngressVpcConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcIngressConnection(\"example\", VpcIngressConnectionArgs.builder()\n .name(\"example\")\n .serviceArn(exampleAwsApprunnerService.arn())\n .ingressVpcConfiguration(VpcIngressConnectionIngressVpcConfigurationArgs.builder()\n .vpcId(default_.id())\n .vpcEndpointId(apprunner.id())\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apprunner:VpcIngressConnection\n properties:\n name: example\n serviceArn: ${exampleAwsApprunnerService.arn}\n ingressVpcConfiguration:\n vpcId: ${default.id}\n vpcEndpointId: ${apprunner.id}\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import App Runner VPC Ingress Connection using the `arn`. For example:\n\n```sh\n$ pulumi import aws:apprunner/vpcIngressConnection:VpcIngressConnection example \"arn:aws:apprunner:us-west-2:837424938642:vpcingressconnection/example/b379f86381d74825832c2e82080342fa\"\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC Ingress Connection.\n" }, "domainName": { "type": "string", "description": "The domain name associated with the VPC Ingress Connection resource.\n" }, "ingressVpcConfiguration": { "$ref": "#/types/aws:apprunner/VpcIngressConnectionIngressVpcConfiguration:VpcIngressConnectionIngressVpcConfiguration", "description": "Specifications for the customer’s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource. See Ingress VPC Configuration below for more details.\n" }, "name": { "type": "string", "description": "A name for the VPC Ingress Connection resource. It must be unique across all the active VPC Ingress Connections in your AWS account in the AWS Region.\n" }, "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for this App Runner service that is used to create the VPC Ingress Connection resource.\n" }, "status": { "type": "string", "description": "The current status of the VPC Ingress Connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "domainName", "ingressVpcConfiguration", "name", "serviceArn", "status", "tagsAll" ], "inputProperties": { "ingressVpcConfiguration": { "$ref": "#/types/aws:apprunner/VpcIngressConnectionIngressVpcConfiguration:VpcIngressConnectionIngressVpcConfiguration", "description": "Specifications for the customer’s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource. See Ingress VPC Configuration below for more details.\n" }, "name": { "type": "string", "description": "A name for the VPC Ingress Connection resource. It must be unique across all the active VPC Ingress Connections in your AWS account in the AWS Region.\n" }, "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for this App Runner service that is used to create the VPC Ingress Connection resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "ingressVpcConfiguration", "serviceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIngressConnection resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC Ingress Connection.\n" }, "domainName": { "type": "string", "description": "The domain name associated with the VPC Ingress Connection resource.\n" }, "ingressVpcConfiguration": { "$ref": "#/types/aws:apprunner/VpcIngressConnectionIngressVpcConfiguration:VpcIngressConnectionIngressVpcConfiguration", "description": "Specifications for the customer’s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource. See Ingress VPC Configuration below for more details.\n" }, "name": { "type": "string", "description": "A name for the VPC Ingress Connection resource. It must be unique across all the active VPC Ingress Connections in your AWS account in the AWS Region.\n" }, "serviceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for this App Runner service that is used to create the VPC Ingress Connection resource.\n" }, "status": { "type": "string", "description": "The current status of the VPC Ingress Connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:appstream/directoryConfig:DirectoryConfig": { "description": "Provides an AppStream Directory Config.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appstream.DirectoryConfig(\"example\", {\n directoryName: \"NAME OF DIRECTORY\",\n organizationalUnitDistinguishedNames: [\"DISTINGUISHED NAME\"],\n serviceAccountCredentials: {\n accountName: \"NAME OF ACCOUNT\",\n accountPassword: \"PASSWORD OF ACCOUNT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appstream.DirectoryConfig(\"example\",\n directory_name=\"NAME OF DIRECTORY\",\n organizational_unit_distinguished_names=[\"DISTINGUISHED NAME\"],\n service_account_credentials={\n \"account_name\": \"NAME OF ACCOUNT\",\n \"account_password\": \"PASSWORD OF ACCOUNT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppStream.DirectoryConfig(\"example\", new()\n {\n DirectoryName = \"NAME OF DIRECTORY\",\n OrganizationalUnitDistinguishedNames = new[]\n {\n \"DISTINGUISHED NAME\",\n },\n ServiceAccountCredentials = new Aws.AppStream.Inputs.DirectoryConfigServiceAccountCredentialsArgs\n {\n AccountName = \"NAME OF ACCOUNT\",\n AccountPassword = \"PASSWORD OF ACCOUNT\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appstream.NewDirectoryConfig(ctx, \"example\", \u0026appstream.DirectoryConfigArgs{\n\t\t\tDirectoryName: pulumi.String(\"NAME OF DIRECTORY\"),\n\t\t\tOrganizationalUnitDistinguishedNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DISTINGUISHED NAME\"),\n\t\t\t},\n\t\t\tServiceAccountCredentials: \u0026appstream.DirectoryConfigServiceAccountCredentialsArgs{\n\t\t\t\tAccountName: pulumi.String(\"NAME OF ACCOUNT\"),\n\t\t\t\tAccountPassword: pulumi.String(\"PASSWORD OF ACCOUNT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.DirectoryConfig;\nimport com.pulumi.aws.appstream.DirectoryConfigArgs;\nimport com.pulumi.aws.appstream.inputs.DirectoryConfigServiceAccountCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryConfig(\"example\", DirectoryConfigArgs.builder()\n .directoryName(\"NAME OF DIRECTORY\")\n .organizationalUnitDistinguishedNames(\"DISTINGUISHED NAME\")\n .serviceAccountCredentials(DirectoryConfigServiceAccountCredentialsArgs.builder()\n .accountName(\"NAME OF ACCOUNT\")\n .accountPassword(\"PASSWORD OF ACCOUNT\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appstream:DirectoryConfig\n properties:\n directoryName: NAME OF DIRECTORY\n organizationalUnitDistinguishedNames:\n - DISTINGUISHED NAME\n serviceAccountCredentials:\n accountName: NAME OF ACCOUNT\n accountPassword: PASSWORD OF ACCOUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appstream_directory_config` using the id. For example:\n\n```sh\n$ pulumi import aws:appstream/directoryConfig:DirectoryConfig example directoryNameExample\n```\n", "properties": { "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the directory config was created.\n" }, "directoryName": { "type": "string", "description": "Fully qualified name of the directory.\n" }, "organizationalUnitDistinguishedNames": { "type": "array", "items": { "type": "string" }, "description": "Distinguished names of the organizational units for computer accounts.\n" }, "serviceAccountCredentials": { "$ref": "#/types/aws:appstream/DirectoryConfigServiceAccountCredentials:DirectoryConfigServiceAccountCredentials", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the directory config to a Microsoft Active Directory domain. See `service_account_credentials` below.\n" } }, "required": [ "createdTime", "directoryName", "organizationalUnitDistinguishedNames", "serviceAccountCredentials" ], "inputProperties": { "directoryName": { "type": "string", "description": "Fully qualified name of the directory.\n", "willReplaceOnChanges": true }, "organizationalUnitDistinguishedNames": { "type": "array", "items": { "type": "string" }, "description": "Distinguished names of the organizational units for computer accounts.\n" }, "serviceAccountCredentials": { "$ref": "#/types/aws:appstream/DirectoryConfigServiceAccountCredentials:DirectoryConfigServiceAccountCredentials", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the directory config to a Microsoft Active Directory domain. See `service_account_credentials` below.\n" } }, "requiredInputs": [ "directoryName", "organizationalUnitDistinguishedNames", "serviceAccountCredentials" ], "stateInputs": { "description": "Input properties used for looking up and filtering DirectoryConfig resources.\n", "properties": { "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the directory config was created.\n" }, "directoryName": { "type": "string", "description": "Fully qualified name of the directory.\n", "willReplaceOnChanges": true }, "organizationalUnitDistinguishedNames": { "type": "array", "items": { "type": "string" }, "description": "Distinguished names of the organizational units for computer accounts.\n" }, "serviceAccountCredentials": { "$ref": "#/types/aws:appstream/DirectoryConfigServiceAccountCredentials:DirectoryConfigServiceAccountCredentials", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the directory config to a Microsoft Active Directory domain. See `service_account_credentials` below.\n" } }, "type": "object" } }, "aws:appstream/fleet:Fleet": { "description": "Provides an AppStream fleet.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testFleet = new aws.appstream.Fleet(\"test_fleet\", {\n name: \"test-fleet\",\n computeCapacity: {\n desiredInstances: 1,\n },\n description: \"test fleet\",\n idleDisconnectTimeoutInSeconds: 60,\n displayName: \"test-fleet\",\n enableDefaultInternetAccess: false,\n fleetType: \"ON_DEMAND\",\n imageName: \"Amazon-AppStream2-Sample-Image-03-11-2023\",\n instanceType: \"stream.standard.large\",\n maxUserDurationInSeconds: 600,\n vpcConfig: {\n subnetIds: [\"subnet-06e9b13400c225127\"],\n },\n tags: {\n TagName: \"tag-value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_fleet = aws.appstream.Fleet(\"test_fleet\",\n name=\"test-fleet\",\n compute_capacity={\n \"desired_instances\": 1,\n },\n description=\"test fleet\",\n idle_disconnect_timeout_in_seconds=60,\n display_name=\"test-fleet\",\n enable_default_internet_access=False,\n fleet_type=\"ON_DEMAND\",\n image_name=\"Amazon-AppStream2-Sample-Image-03-11-2023\",\n instance_type=\"stream.standard.large\",\n max_user_duration_in_seconds=600,\n vpc_config={\n \"subnet_ids\": [\"subnet-06e9b13400c225127\"],\n },\n tags={\n \"TagName\": \"tag-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testFleet = new Aws.AppStream.Fleet(\"test_fleet\", new()\n {\n Name = \"test-fleet\",\n ComputeCapacity = new Aws.AppStream.Inputs.FleetComputeCapacityArgs\n {\n DesiredInstances = 1,\n },\n Description = \"test fleet\",\n IdleDisconnectTimeoutInSeconds = 60,\n DisplayName = \"test-fleet\",\n EnableDefaultInternetAccess = false,\n FleetType = \"ON_DEMAND\",\n ImageName = \"Amazon-AppStream2-Sample-Image-03-11-2023\",\n InstanceType = \"stream.standard.large\",\n MaxUserDurationInSeconds = 600,\n VpcConfig = new Aws.AppStream.Inputs.FleetVpcConfigArgs\n {\n SubnetIds = new[]\n {\n \"subnet-06e9b13400c225127\",\n },\n },\n Tags = \n {\n { \"TagName\", \"tag-value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appstream.NewFleet(ctx, \"test_fleet\", \u0026appstream.FleetArgs{\n\t\t\tName: pulumi.String(\"test-fleet\"),\n\t\t\tComputeCapacity: \u0026appstream.FleetComputeCapacityArgs{\n\t\t\t\tDesiredInstances: pulumi.Int(1),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"test fleet\"),\n\t\t\tIdleDisconnectTimeoutInSeconds: pulumi.Int(60),\n\t\t\tDisplayName: pulumi.String(\"test-fleet\"),\n\t\t\tEnableDefaultInternetAccess: pulumi.Bool(false),\n\t\t\tFleetType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tImageName: pulumi.String(\"Amazon-AppStream2-Sample-Image-03-11-2023\"),\n\t\t\tInstanceType: pulumi.String(\"stream.standard.large\"),\n\t\t\tMaxUserDurationInSeconds: pulumi.Int(600),\n\t\t\tVpcConfig: \u0026appstream.FleetVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"subnet-06e9b13400c225127\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"TagName\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.Fleet;\nimport com.pulumi.aws.appstream.FleetArgs;\nimport com.pulumi.aws.appstream.inputs.FleetComputeCapacityArgs;\nimport com.pulumi.aws.appstream.inputs.FleetVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testFleet = new Fleet(\"testFleet\", FleetArgs.builder()\n .name(\"test-fleet\")\n .computeCapacity(FleetComputeCapacityArgs.builder()\n .desiredInstances(1)\n .build())\n .description(\"test fleet\")\n .idleDisconnectTimeoutInSeconds(60)\n .displayName(\"test-fleet\")\n .enableDefaultInternetAccess(false)\n .fleetType(\"ON_DEMAND\")\n .imageName(\"Amazon-AppStream2-Sample-Image-03-11-2023\")\n .instanceType(\"stream.standard.large\")\n .maxUserDurationInSeconds(600)\n .vpcConfig(FleetVpcConfigArgs.builder()\n .subnetIds(\"subnet-06e9b13400c225127\")\n .build())\n .tags(Map.of(\"TagName\", \"tag-value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testFleet:\n type: aws:appstream:Fleet\n name: test_fleet\n properties:\n name: test-fleet\n computeCapacity:\n desiredInstances: 1\n description: test fleet\n idleDisconnectTimeoutInSeconds: 60\n displayName: test-fleet\n enableDefaultInternetAccess: false\n fleetType: ON_DEMAND\n imageName: Amazon-AppStream2-Sample-Image-03-11-2023\n instanceType: stream.standard.large\n maxUserDurationInSeconds: 600\n vpcConfig:\n subnetIds:\n - subnet-06e9b13400c225127\n tags:\n TagName: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appstream_fleet` using the id. For example:\n\n```sh\n$ pulumi import aws:appstream/fleet:Fleet example fleetNameExample\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the appstream fleet.\n" }, "computeCapacity": { "$ref": "#/types/aws:appstream/FleetComputeCapacity:FleetComputeCapacity", "description": "Configuration block for the desired capacity of the fleet. See below.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the fleet was created.\n" }, "description": { "type": "string", "description": "Description to display.\n" }, "disconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that a streaming session remains active after users disconnect.\n" }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream fleet.\n" }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/FleetDomainJoinInfo:FleetDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain. See below.\n" }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the fleet.\n" }, "fleetType": { "type": "string", "description": "Fleet type. Valid values are: `ON_DEMAND`, `ALWAYS_ON`\n" }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the fleet.\n" }, "idleDisconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `disconnect_timeout_in_seconds` time interval begins. Defaults to `0`. Valid value is between `60` and `3600 `seconds.\n" }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n" }, "imageName": { "type": "string", "description": "Name of the image used to create the fleet.\n" }, "instanceType": { "type": "string", "description": "Instance type to use when launching fleet instances.\n" }, "maxSessionsPerInstance": { "type": "integer", "description": "The maximum number of user sessions on an instance. This only applies to multi-session fleets.\n" }, "maxUserDurationInSeconds": { "type": "integer", "description": "Maximum amount of time that a streaming session can remain active, in seconds.\n" }, "name": { "type": "string", "description": "Unique name for the fleet.\n\nThe following arguments are optional:\n" }, "state": { "type": "string", "description": "State of the fleet. Can be `STARTING`, `RUNNING`, `STOPPING` or `STOPPED`\n" }, "streamView": { "type": "string", "description": "AppStream 2.0 view that is displayed to your users when they stream from the fleet. When `APP` is specified, only the windows of applications opened by users display. When `DESKTOP` is specified, the standard desktop that is provided by the operating system displays. If not specified, defaults to `APP`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to attach to AppStream instances.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:appstream/FleetVpcConfig:FleetVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n" } }, "required": [ "arn", "computeCapacity", "createdTime", "description", "disconnectTimeoutInSeconds", "displayName", "domainJoinInfo", "enableDefaultInternetAccess", "fleetType", "iamRoleArn", "imageArn", "imageName", "instanceType", "maxUserDurationInSeconds", "name", "state", "streamView", "tagsAll", "vpcConfig" ], "inputProperties": { "computeCapacity": { "$ref": "#/types/aws:appstream/FleetComputeCapacity:FleetComputeCapacity", "description": "Configuration block for the desired capacity of the fleet. See below.\n" }, "description": { "type": "string", "description": "Description to display.\n" }, "disconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that a streaming session remains active after users disconnect.\n" }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream fleet.\n" }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/FleetDomainJoinInfo:FleetDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain. See below.\n" }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the fleet.\n" }, "fleetType": { "type": "string", "description": "Fleet type. Valid values are: `ON_DEMAND`, `ALWAYS_ON`\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the fleet.\n" }, "idleDisconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `disconnect_timeout_in_seconds` time interval begins. Defaults to `0`. Valid value is between `60` and `3600 `seconds.\n" }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n" }, "imageName": { "type": "string", "description": "Name of the image used to create the fleet.\n" }, "instanceType": { "type": "string", "description": "Instance type to use when launching fleet instances.\n" }, "maxSessionsPerInstance": { "type": "integer", "description": "The maximum number of user sessions on an instance. This only applies to multi-session fleets.\n" }, "maxUserDurationInSeconds": { "type": "integer", "description": "Maximum amount of time that a streaming session can remain active, in seconds.\n" }, "name": { "type": "string", "description": "Unique name for the fleet.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "streamView": { "type": "string", "description": "AppStream 2.0 view that is displayed to your users when they stream from the fleet. When `APP` is specified, only the windows of applications opened by users display. When `DESKTOP` is specified, the standard desktop that is provided by the operating system displays. If not specified, defaults to `APP`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to attach to AppStream instances.\n" }, "vpcConfig": { "$ref": "#/types/aws:appstream/FleetVpcConfig:FleetVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n" } }, "requiredInputs": [ "computeCapacity", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the appstream fleet.\n" }, "computeCapacity": { "$ref": "#/types/aws:appstream/FleetComputeCapacity:FleetComputeCapacity", "description": "Configuration block for the desired capacity of the fleet. See below.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the fleet was created.\n" }, "description": { "type": "string", "description": "Description to display.\n" }, "disconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that a streaming session remains active after users disconnect.\n" }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream fleet.\n" }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/FleetDomainJoinInfo:FleetDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain. See below.\n" }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the fleet.\n" }, "fleetType": { "type": "string", "description": "Fleet type. Valid values are: `ON_DEMAND`, `ALWAYS_ON`\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the fleet.\n" }, "idleDisconnectTimeoutInSeconds": { "type": "integer", "description": "Amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `disconnect_timeout_in_seconds` time interval begins. Defaults to `0`. Valid value is between `60` and `3600 `seconds.\n" }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n" }, "imageName": { "type": "string", "description": "Name of the image used to create the fleet.\n" }, "instanceType": { "type": "string", "description": "Instance type to use when launching fleet instances.\n" }, "maxSessionsPerInstance": { "type": "integer", "description": "The maximum number of user sessions on an instance. This only applies to multi-session fleets.\n" }, "maxUserDurationInSeconds": { "type": "integer", "description": "Maximum amount of time that a streaming session can remain active, in seconds.\n" }, "name": { "type": "string", "description": "Unique name for the fleet.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the fleet. Can be `STARTING`, `RUNNING`, `STOPPING` or `STOPPED`\n" }, "streamView": { "type": "string", "description": "AppStream 2.0 view that is displayed to your users when they stream from the fleet. When `APP` is specified, only the windows of applications opened by users display. When `DESKTOP` is specified, the standard desktop that is provided by the operating system displays. If not specified, defaults to `APP`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to attach to AppStream instances.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:appstream/FleetVpcConfig:FleetVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n" } }, "type": "object" } }, "aws:appstream/fleetStackAssociation:FleetStackAssociation": { "description": "Manages an AppStream Fleet Stack association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appstream.Fleet(\"example\", {\n name: \"NAME\",\n imageName: \"Amazon-AppStream2-Sample-Image-03-11-2023\",\n instanceType: \"stream.standard.small\",\n computeCapacity: {\n desiredInstances: 1,\n },\n});\nconst exampleStack = new aws.appstream.Stack(\"example\", {name: \"STACK NAME\"});\nconst exampleFleetStackAssociation = new aws.appstream.FleetStackAssociation(\"example\", {\n fleetName: example.name,\n stackName: exampleStack.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appstream.Fleet(\"example\",\n name=\"NAME\",\n image_name=\"Amazon-AppStream2-Sample-Image-03-11-2023\",\n instance_type=\"stream.standard.small\",\n compute_capacity={\n \"desired_instances\": 1,\n })\nexample_stack = aws.appstream.Stack(\"example\", name=\"STACK NAME\")\nexample_fleet_stack_association = aws.appstream.FleetStackAssociation(\"example\",\n fleet_name=example.name,\n stack_name=example_stack.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppStream.Fleet(\"example\", new()\n {\n Name = \"NAME\",\n ImageName = \"Amazon-AppStream2-Sample-Image-03-11-2023\",\n InstanceType = \"stream.standard.small\",\n ComputeCapacity = new Aws.AppStream.Inputs.FleetComputeCapacityArgs\n {\n DesiredInstances = 1,\n },\n });\n\n var exampleStack = new Aws.AppStream.Stack(\"example\", new()\n {\n Name = \"STACK NAME\",\n });\n\n var exampleFleetStackAssociation = new Aws.AppStream.FleetStackAssociation(\"example\", new()\n {\n FleetName = example.Name,\n StackName = exampleStack.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := appstream.NewFleet(ctx, \"example\", \u0026appstream.FleetArgs{\n\t\t\tName: pulumi.String(\"NAME\"),\n\t\t\tImageName: pulumi.String(\"Amazon-AppStream2-Sample-Image-03-11-2023\"),\n\t\t\tInstanceType: pulumi.String(\"stream.standard.small\"),\n\t\t\tComputeCapacity: \u0026appstream.FleetComputeCapacityArgs{\n\t\t\t\tDesiredInstances: pulumi.Int(1),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStack, err := appstream.NewStack(ctx, \"example\", \u0026appstream.StackArgs{\n\t\t\tName: pulumi.String(\"STACK NAME\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appstream.NewFleetStackAssociation(ctx, \"example\", \u0026appstream.FleetStackAssociationArgs{\n\t\t\tFleetName: example.Name,\n\t\t\tStackName: exampleStack.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.Fleet;\nimport com.pulumi.aws.appstream.FleetArgs;\nimport com.pulumi.aws.appstream.inputs.FleetComputeCapacityArgs;\nimport com.pulumi.aws.appstream.Stack;\nimport com.pulumi.aws.appstream.StackArgs;\nimport com.pulumi.aws.appstream.FleetStackAssociation;\nimport com.pulumi.aws.appstream.FleetStackAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .name(\"NAME\")\n .imageName(\"Amazon-AppStream2-Sample-Image-03-11-2023\")\n .instanceType(\"stream.standard.small\")\n .computeCapacity(FleetComputeCapacityArgs.builder()\n .desiredInstances(1)\n .build())\n .build());\n\n var exampleStack = new Stack(\"exampleStack\", StackArgs.builder()\n .name(\"STACK NAME\")\n .build());\n\n var exampleFleetStackAssociation = new FleetStackAssociation(\"exampleFleetStackAssociation\", FleetStackAssociationArgs.builder()\n .fleetName(example.name())\n .stackName(exampleStack.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appstream:Fleet\n properties:\n name: NAME\n imageName: Amazon-AppStream2-Sample-Image-03-11-2023\n instanceType: stream.standard.small\n computeCapacity:\n desiredInstances: 1\n exampleStack:\n type: aws:appstream:Stack\n name: example\n properties:\n name: STACK NAME\n exampleFleetStackAssociation:\n type: aws:appstream:FleetStackAssociation\n name: example\n properties:\n fleetName: ${example.name}\n stackName: ${exampleStack.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppStream Stack Fleet Association using the `fleet_name` and `stack_name` separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:appstream/fleetStackAssociation:FleetStackAssociation example fleetName/stackName\n```\n", "properties": { "fleetName": { "type": "string", "description": "Name of the fleet.\n" }, "stackName": { "type": "string", "description": "Name of the stack.\n" } }, "required": [ "fleetName", "stackName" ], "inputProperties": { "fleetName": { "type": "string", "description": "Name of the fleet.\n", "willReplaceOnChanges": true }, "stackName": { "type": "string", "description": "Name of the stack.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "fleetName", "stackName" ], "stateInputs": { "description": "Input properties used for looking up and filtering FleetStackAssociation resources.\n", "properties": { "fleetName": { "type": "string", "description": "Name of the fleet.\n", "willReplaceOnChanges": true }, "stackName": { "type": "string", "description": "Name of the stack.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appstream/imageBuilder:ImageBuilder": { "description": "Provides an AppStream image builder.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testFleet = new aws.appstream.ImageBuilder(\"test_fleet\", {\n name: \"Name\",\n description: \"Description of a ImageBuilder\",\n displayName: \"Display name of a ImageBuilder\",\n enableDefaultInternetAccess: false,\n imageName: \"AppStream-WinServer2019-10-05-2022\",\n instanceType: \"stream.standard.large\",\n vpcConfig: {\n subnetIds: [example.id],\n },\n tags: {\n Name: \"Example Image Builder\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_fleet = aws.appstream.ImageBuilder(\"test_fleet\",\n name=\"Name\",\n description=\"Description of a ImageBuilder\",\n display_name=\"Display name of a ImageBuilder\",\n enable_default_internet_access=False,\n image_name=\"AppStream-WinServer2019-10-05-2022\",\n instance_type=\"stream.standard.large\",\n vpc_config={\n \"subnet_ids\": [example[\"id\"]],\n },\n tags={\n \"Name\": \"Example Image Builder\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testFleet = new Aws.AppStream.ImageBuilder(\"test_fleet\", new()\n {\n Name = \"Name\",\n Description = \"Description of a ImageBuilder\",\n DisplayName = \"Display name of a ImageBuilder\",\n EnableDefaultInternetAccess = false,\n ImageName = \"AppStream-WinServer2019-10-05-2022\",\n InstanceType = \"stream.standard.large\",\n VpcConfig = new Aws.AppStream.Inputs.ImageBuilderVpcConfigArgs\n {\n SubnetIds = new[]\n {\n example.Id,\n },\n },\n Tags = \n {\n { \"Name\", \"Example Image Builder\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appstream.NewImageBuilder(ctx, \"test_fleet\", \u0026appstream.ImageBuilderArgs{\n\t\t\tName: pulumi.String(\"Name\"),\n\t\t\tDescription: pulumi.String(\"Description of a ImageBuilder\"),\n\t\t\tDisplayName: pulumi.String(\"Display name of a ImageBuilder\"),\n\t\t\tEnableDefaultInternetAccess: pulumi.Bool(false),\n\t\t\tImageName: pulumi.String(\"AppStream-WinServer2019-10-05-2022\"),\n\t\t\tInstanceType: pulumi.String(\"stream.standard.large\"),\n\t\t\tVpcConfig: \u0026appstream.ImageBuilderVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texample.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Image Builder\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.ImageBuilder;\nimport com.pulumi.aws.appstream.ImageBuilderArgs;\nimport com.pulumi.aws.appstream.inputs.ImageBuilderVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testFleet = new ImageBuilder(\"testFleet\", ImageBuilderArgs.builder()\n .name(\"Name\")\n .description(\"Description of a ImageBuilder\")\n .displayName(\"Display name of a ImageBuilder\")\n .enableDefaultInternetAccess(false)\n .imageName(\"AppStream-WinServer2019-10-05-2022\")\n .instanceType(\"stream.standard.large\")\n .vpcConfig(ImageBuilderVpcConfigArgs.builder()\n .subnetIds(example.id())\n .build())\n .tags(Map.of(\"Name\", \"Example Image Builder\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testFleet:\n type: aws:appstream:ImageBuilder\n name: test_fleet\n properties:\n name: Name\n description: Description of a ImageBuilder\n displayName: Display name of a ImageBuilder\n enableDefaultInternetAccess: false\n imageName: AppStream-WinServer2019-10-05-2022\n instanceType: stream.standard.large\n vpcConfig:\n subnetIds:\n - ${example.id}\n tags:\n Name: Example Image Builder\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appstream_image_builder` using the `name`. For example:\n\n```sh\n$ pulumi import aws:appstream/imageBuilder:ImageBuilder example imageBuilderExample\n```\n", "properties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/ImageBuilderAccessEndpoint:ImageBuilderAccessEndpoint" }, "description": "Set of interface VPC endpoint (interface endpoint) objects. Maximum of 4. See below.\n" }, "appstreamAgentVersion": { "type": "string", "description": "Version of the AppStream 2.0 agent to use for this image builder.\n" }, "arn": { "type": "string", "description": "ARN of the appstream image builder.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the image builder was created.\n" }, "description": { "type": "string", "description": "Description to display.\n" }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream image builder.\n" }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/ImageBuilderDomainJoinInfo:ImageBuilderDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain. See below.\n" }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the image builder.\n" }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the image builder.\n" }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n" }, "imageName": { "type": "string", "description": "Name of the image used to create the image builder.\n" }, "instanceType": { "type": "string", "description": "Instance type to use when launching the image builder.\n" }, "name": { "type": "string", "description": "Unique name for the image builder.\n\nThe following arguments are optional:\n" }, "state": { "type": "string", "description": "State of the image builder. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ImageBuilder.html#AppStream2-Type-ImageBuilder-State).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:appstream/ImageBuilderVpcConfig:ImageBuilderVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n" } }, "required": [ "appstreamAgentVersion", "arn", "createdTime", "description", "displayName", "domainJoinInfo", "enableDefaultInternetAccess", "iamRoleArn", "imageArn", "imageName", "instanceType", "name", "state", "tagsAll", "vpcConfig" ], "inputProperties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/ImageBuilderAccessEndpoint:ImageBuilderAccessEndpoint" }, "description": "Set of interface VPC endpoint (interface endpoint) objects. Maximum of 4. See below.\n", "willReplaceOnChanges": true }, "appstreamAgentVersion": { "type": "string", "description": "Version of the AppStream 2.0 agent to use for this image builder.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description to display.\n", "willReplaceOnChanges": true }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream image builder.\n", "willReplaceOnChanges": true }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/ImageBuilderDomainJoinInfo:ImageBuilderDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain. See below.\n", "willReplaceOnChanges": true }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the image builder.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the image builder.\n", "willReplaceOnChanges": true }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n", "willReplaceOnChanges": true }, "imageName": { "type": "string", "description": "Name of the image used to create the image builder.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "Instance type to use when launching the image builder.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the image builder.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfig": { "$ref": "#/types/aws:appstream/ImageBuilderVpcConfig:ImageBuilderVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ImageBuilder resources.\n", "properties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/ImageBuilderAccessEndpoint:ImageBuilderAccessEndpoint" }, "description": "Set of interface VPC endpoint (interface endpoint) objects. Maximum of 4. See below.\n", "willReplaceOnChanges": true }, "appstreamAgentVersion": { "type": "string", "description": "Version of the AppStream 2.0 agent to use for this image builder.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the appstream image builder.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the image builder was created.\n" }, "description": { "type": "string", "description": "Description to display.\n", "willReplaceOnChanges": true }, "displayName": { "type": "string", "description": "Human-readable friendly name for the AppStream image builder.\n", "willReplaceOnChanges": true }, "domainJoinInfo": { "$ref": "#/types/aws:appstream/ImageBuilderDomainJoinInfo:ImageBuilderDomainJoinInfo", "description": "Configuration block for the name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain. See below.\n", "willReplaceOnChanges": true }, "enableDefaultInternetAccess": { "type": "boolean", "description": "Enables or disables default internet access for the image builder.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to apply to the image builder.\n", "willReplaceOnChanges": true }, "imageArn": { "type": "string", "description": "ARN of the public, private, or shared image to use.\n", "willReplaceOnChanges": true }, "imageName": { "type": "string", "description": "Name of the image used to create the image builder.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "Instance type to use when launching the image builder.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the image builder.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the image builder. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ImageBuilder.html#AppStream2-Type-ImageBuilder-State).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:appstream/ImageBuilderVpcConfig:ImageBuilderVpcConfig", "description": "Configuration block for the VPC configuration for the image builder. See below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appstream/stack:Stack": { "description": "Provides an AppStream stack.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appstream.Stack(\"example\", {\n name: \"stack name\",\n description: \"stack description\",\n displayName: \"stack display name\",\n feedbackUrl: \"http://your-domain/feedback\",\n redirectUrl: \"http://your-domain/redirect\",\n storageConnectors: [{\n connectorType: \"HOMEFOLDERS\",\n }],\n userSettings: [\n {\n action: \"CLIPBOARD_COPY_FROM_LOCAL_DEVICE\",\n permission: \"ENABLED\",\n },\n {\n action: \"CLIPBOARD_COPY_TO_LOCAL_DEVICE\",\n permission: \"ENABLED\",\n },\n {\n action: \"DOMAIN_PASSWORD_SIGNIN\",\n permission: \"ENABLED\",\n },\n {\n action: \"DOMAIN_SMART_CARD_SIGNIN\",\n permission: \"DISABLED\",\n },\n {\n action: \"FILE_DOWNLOAD\",\n permission: \"ENABLED\",\n },\n {\n action: \"FILE_UPLOAD\",\n permission: \"ENABLED\",\n },\n {\n action: \"PRINTING_TO_LOCAL_DEVICE\",\n permission: \"ENABLED\",\n },\n ],\n applicationSettings: {\n enabled: true,\n settingsGroup: \"SettingsGroup\",\n },\n tags: {\n TagName: \"TagValue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appstream.Stack(\"example\",\n name=\"stack name\",\n description=\"stack description\",\n display_name=\"stack display name\",\n feedback_url=\"http://your-domain/feedback\",\n redirect_url=\"http://your-domain/redirect\",\n storage_connectors=[{\n \"connector_type\": \"HOMEFOLDERS\",\n }],\n user_settings=[\n {\n \"action\": \"CLIPBOARD_COPY_FROM_LOCAL_DEVICE\",\n \"permission\": \"ENABLED\",\n },\n {\n \"action\": \"CLIPBOARD_COPY_TO_LOCAL_DEVICE\",\n \"permission\": \"ENABLED\",\n },\n {\n \"action\": \"DOMAIN_PASSWORD_SIGNIN\",\n \"permission\": \"ENABLED\",\n },\n {\n \"action\": \"DOMAIN_SMART_CARD_SIGNIN\",\n \"permission\": \"DISABLED\",\n },\n {\n \"action\": \"FILE_DOWNLOAD\",\n \"permission\": \"ENABLED\",\n },\n {\n \"action\": \"FILE_UPLOAD\",\n \"permission\": \"ENABLED\",\n },\n {\n \"action\": \"PRINTING_TO_LOCAL_DEVICE\",\n \"permission\": \"ENABLED\",\n },\n ],\n application_settings={\n \"enabled\": True,\n \"settings_group\": \"SettingsGroup\",\n },\n tags={\n \"TagName\": \"TagValue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppStream.Stack(\"example\", new()\n {\n Name = \"stack name\",\n Description = \"stack description\",\n DisplayName = \"stack display name\",\n FeedbackUrl = \"http://your-domain/feedback\",\n RedirectUrl = \"http://your-domain/redirect\",\n StorageConnectors = new[]\n {\n new Aws.AppStream.Inputs.StackStorageConnectorArgs\n {\n ConnectorType = \"HOMEFOLDERS\",\n },\n },\n UserSettings = new[]\n {\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"CLIPBOARD_COPY_FROM_LOCAL_DEVICE\",\n Permission = \"ENABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"CLIPBOARD_COPY_TO_LOCAL_DEVICE\",\n Permission = \"ENABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"DOMAIN_PASSWORD_SIGNIN\",\n Permission = \"ENABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"DOMAIN_SMART_CARD_SIGNIN\",\n Permission = \"DISABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"FILE_DOWNLOAD\",\n Permission = \"ENABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"FILE_UPLOAD\",\n Permission = \"ENABLED\",\n },\n new Aws.AppStream.Inputs.StackUserSettingArgs\n {\n Action = \"PRINTING_TO_LOCAL_DEVICE\",\n Permission = \"ENABLED\",\n },\n },\n ApplicationSettings = new Aws.AppStream.Inputs.StackApplicationSettingsArgs\n {\n Enabled = true,\n SettingsGroup = \"SettingsGroup\",\n },\n Tags = \n {\n { \"TagName\", \"TagValue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appstream.NewStack(ctx, \"example\", \u0026appstream.StackArgs{\n\t\t\tName: pulumi.String(\"stack name\"),\n\t\t\tDescription: pulumi.String(\"stack description\"),\n\t\t\tDisplayName: pulumi.String(\"stack display name\"),\n\t\t\tFeedbackUrl: pulumi.String(\"http://your-domain/feedback\"),\n\t\t\tRedirectUrl: pulumi.String(\"http://your-domain/redirect\"),\n\t\t\tStorageConnectors: appstream.StackStorageConnectorArray{\n\t\t\t\t\u0026appstream.StackStorageConnectorArgs{\n\t\t\t\t\tConnectorType: pulumi.String(\"HOMEFOLDERS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tUserSettings: appstream.StackUserSettingArray{\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"CLIPBOARD_COPY_FROM_LOCAL_DEVICE\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"CLIPBOARD_COPY_TO_LOCAL_DEVICE\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"DOMAIN_PASSWORD_SIGNIN\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"DOMAIN_SMART_CARD_SIGNIN\"),\n\t\t\t\t\tPermission: pulumi.String(\"DISABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"FILE_DOWNLOAD\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"FILE_UPLOAD\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026appstream.StackUserSettingArgs{\n\t\t\t\t\tAction: pulumi.String(\"PRINTING_TO_LOCAL_DEVICE\"),\n\t\t\t\t\tPermission: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tApplicationSettings: \u0026appstream.StackApplicationSettingsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tSettingsGroup: pulumi.String(\"SettingsGroup\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"TagName\": pulumi.String(\"TagValue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.Stack;\nimport com.pulumi.aws.appstream.StackArgs;\nimport com.pulumi.aws.appstream.inputs.StackStorageConnectorArgs;\nimport com.pulumi.aws.appstream.inputs.StackUserSettingArgs;\nimport com.pulumi.aws.appstream.inputs.StackApplicationSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Stack(\"example\", StackArgs.builder()\n .name(\"stack name\")\n .description(\"stack description\")\n .displayName(\"stack display name\")\n .feedbackUrl(\"http://your-domain/feedback\")\n .redirectUrl(\"http://your-domain/redirect\")\n .storageConnectors(StackStorageConnectorArgs.builder()\n .connectorType(\"HOMEFOLDERS\")\n .build())\n .userSettings( \n StackUserSettingArgs.builder()\n .action(\"CLIPBOARD_COPY_FROM_LOCAL_DEVICE\")\n .permission(\"ENABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"CLIPBOARD_COPY_TO_LOCAL_DEVICE\")\n .permission(\"ENABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"DOMAIN_PASSWORD_SIGNIN\")\n .permission(\"ENABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"DOMAIN_SMART_CARD_SIGNIN\")\n .permission(\"DISABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"FILE_DOWNLOAD\")\n .permission(\"ENABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"FILE_UPLOAD\")\n .permission(\"ENABLED\")\n .build(),\n StackUserSettingArgs.builder()\n .action(\"PRINTING_TO_LOCAL_DEVICE\")\n .permission(\"ENABLED\")\n .build())\n .applicationSettings(StackApplicationSettingsArgs.builder()\n .enabled(true)\n .settingsGroup(\"SettingsGroup\")\n .build())\n .tags(Map.of(\"TagName\", \"TagValue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appstream:Stack\n properties:\n name: stack name\n description: stack description\n displayName: stack display name\n feedbackUrl: http://your-domain/feedback\n redirectUrl: http://your-domain/redirect\n storageConnectors:\n - connectorType: HOMEFOLDERS\n userSettings:\n - action: CLIPBOARD_COPY_FROM_LOCAL_DEVICE\n permission: ENABLED\n - action: CLIPBOARD_COPY_TO_LOCAL_DEVICE\n permission: ENABLED\n - action: DOMAIN_PASSWORD_SIGNIN\n permission: ENABLED\n - action: DOMAIN_SMART_CARD_SIGNIN\n permission: DISABLED\n - action: FILE_DOWNLOAD\n permission: ENABLED\n - action: FILE_UPLOAD\n permission: ENABLED\n - action: PRINTING_TO_LOCAL_DEVICE\n permission: ENABLED\n applicationSettings:\n enabled: true\n settingsGroup: SettingsGroup\n tags:\n TagName: TagValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appstream_stack` using the id. For example:\n\n```sh\n$ pulumi import aws:appstream/stack:Stack example stackID\n```\n", "properties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackAccessEndpoint:StackAccessEndpoint" }, "description": "Set of configuration blocks defining the interface VPC endpoints. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.\nSee `access_endpoints` below.\n" }, "applicationSettings": { "$ref": "#/types/aws:appstream/StackApplicationSettings:StackApplicationSettings", "description": "Settings for application settings persistence.\nSee `application_settings` below.\n" }, "arn": { "type": "string", "description": "ARN of the appstream stack.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the stack was created.\n" }, "description": { "type": "string", "description": "Description for the AppStream stack.\n" }, "displayName": { "type": "string", "description": "Stack name to display.\n" }, "embedHostDomains": { "type": "array", "items": { "type": "string" }, "description": "Domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.\n" }, "feedbackUrl": { "type": "string", "description": "URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed. .\n" }, "name": { "type": "string", "description": "Unique name for the AppStream stack.\n\nThe following arguments are optional:\n" }, "redirectUrl": { "type": "string", "description": "URL that users are redirected to after their streaming session ends.\n" }, "storageConnectors": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackStorageConnector:StackStorageConnector" }, "description": "Configuration block for the storage connectors to enable.\nSee `storage_connectors` below.\n" }, "streamingExperienceSettings": { "$ref": "#/types/aws:appstream/StackStreamingExperienceSettings:StackStreamingExperienceSettings", "description": "The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.\nSee `streaming_experience_settings` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "userSettings": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackUserSetting:StackUserSetting" }, "description": "Configuration block for the actions that are enabled or disabled for users during their streaming sessions. If not provided, these settings are configured automatically by AWS. If provided, the configuration should include a block for each configurable action.\nSee `user_settings` below.\n" } }, "required": [ "accessEndpoints", "applicationSettings", "arn", "createdTime", "embedHostDomains", "feedbackUrl", "name", "redirectUrl", "storageConnectors", "streamingExperienceSettings", "tagsAll", "userSettings" ], "inputProperties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackAccessEndpoint:StackAccessEndpoint" }, "description": "Set of configuration blocks defining the interface VPC endpoints. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.\nSee `access_endpoints` below.\n" }, "applicationSettings": { "$ref": "#/types/aws:appstream/StackApplicationSettings:StackApplicationSettings", "description": "Settings for application settings persistence.\nSee `application_settings` below.\n" }, "description": { "type": "string", "description": "Description for the AppStream stack.\n" }, "displayName": { "type": "string", "description": "Stack name to display.\n" }, "embedHostDomains": { "type": "array", "items": { "type": "string" }, "description": "Domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.\n" }, "feedbackUrl": { "type": "string", "description": "URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed. .\n" }, "name": { "type": "string", "description": "Unique name for the AppStream stack.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "redirectUrl": { "type": "string", "description": "URL that users are redirected to after their streaming session ends.\n" }, "storageConnectors": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackStorageConnector:StackStorageConnector" }, "description": "Configuration block for the storage connectors to enable.\nSee `storage_connectors` below.\n" }, "streamingExperienceSettings": { "$ref": "#/types/aws:appstream/StackStreamingExperienceSettings:StackStreamingExperienceSettings", "description": "The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.\nSee `streaming_experience_settings` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userSettings": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackUserSetting:StackUserSetting" }, "description": "Configuration block for the actions that are enabled or disabled for users during their streaming sessions. If not provided, these settings are configured automatically by AWS. If provided, the configuration should include a block for each configurable action.\nSee `user_settings` below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Stack resources.\n", "properties": { "accessEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackAccessEndpoint:StackAccessEndpoint" }, "description": "Set of configuration blocks defining the interface VPC endpoints. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.\nSee `access_endpoints` below.\n" }, "applicationSettings": { "$ref": "#/types/aws:appstream/StackApplicationSettings:StackApplicationSettings", "description": "Settings for application settings persistence.\nSee `application_settings` below.\n" }, "arn": { "type": "string", "description": "ARN of the appstream stack.\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the stack was created.\n" }, "description": { "type": "string", "description": "Description for the AppStream stack.\n" }, "displayName": { "type": "string", "description": "Stack name to display.\n" }, "embedHostDomains": { "type": "array", "items": { "type": "string" }, "description": "Domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.\n" }, "feedbackUrl": { "type": "string", "description": "URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed. .\n" }, "name": { "type": "string", "description": "Unique name for the AppStream stack.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "redirectUrl": { "type": "string", "description": "URL that users are redirected to after their streaming session ends.\n" }, "storageConnectors": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackStorageConnector:StackStorageConnector" }, "description": "Configuration block for the storage connectors to enable.\nSee `storage_connectors` below.\n" }, "streamingExperienceSettings": { "$ref": "#/types/aws:appstream/StackStreamingExperienceSettings:StackStreamingExperienceSettings", "description": "The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.\nSee `streaming_experience_settings` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "userSettings": { "type": "array", "items": { "$ref": "#/types/aws:appstream/StackUserSetting:StackUserSetting" }, "description": "Configuration block for the actions that are enabled or disabled for users during their streaming sessions. If not provided, these settings are configured automatically by AWS. If provided, the configuration should include a block for each configurable action.\nSee `user_settings` below.\n" } }, "type": "object" } }, "aws:appstream/user:User": { "description": "Provides an AppStream user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appstream.User(\"example\", {\n authenticationType: \"USERPOOL\",\n userName: \"EMAIL\",\n firstName: \"FIRST NAME\",\n lastName: \"LAST NAME\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appstream.User(\"example\",\n authentication_type=\"USERPOOL\",\n user_name=\"EMAIL\",\n first_name=\"FIRST NAME\",\n last_name=\"LAST NAME\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppStream.User(\"example\", new()\n {\n AuthenticationType = \"USERPOOL\",\n UserName = \"EMAIL\",\n FirstName = \"FIRST NAME\",\n LastName = \"LAST NAME\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appstream.NewUser(ctx, \"example\", \u0026appstream.UserArgs{\n\t\t\tAuthenticationType: pulumi.String(\"USERPOOL\"),\n\t\t\tUserName: pulumi.String(\"EMAIL\"),\n\t\t\tFirstName: pulumi.String(\"FIRST NAME\"),\n\t\t\tLastName: pulumi.String(\"LAST NAME\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.User;\nimport com.pulumi.aws.appstream.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .authenticationType(\"USERPOOL\")\n .userName(\"EMAIL\")\n .firstName(\"FIRST NAME\")\n .lastName(\"LAST NAME\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appstream:User\n properties:\n authenticationType: USERPOOL\n userName: EMAIL\n firstName: FIRST NAME\n lastName: LAST NAME\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appstream_user` using the `user_name` and `authentication_type` separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:appstream/user:User example UserName/AuthenticationType\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the appstream user.\n" }, "authenticationType": { "type": "string", "description": "Authentication type for the user. You must specify USERPOOL. Valid values: `API`, `SAML`, `USERPOOL`\n" }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the user was created.\n" }, "enabled": { "type": "boolean", "description": "Whether the user in the user pool is enabled.\n" }, "firstName": { "type": "string", "description": "First name, or given name, of the user.\n" }, "lastName": { "type": "string", "description": "Last name, or surname, of the user.\n" }, "sendEmailNotification": { "type": "boolean", "description": "Send an email notification.\n" }, "userName": { "type": "string", "description": "Email address of the user.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "authenticationType", "createdTime", "userName" ], "inputProperties": { "authenticationType": { "type": "string", "description": "Authentication type for the user. You must specify USERPOOL. Valid values: `API`, `SAML`, `USERPOOL`\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the user in the user pool is enabled.\n" }, "firstName": { "type": "string", "description": "First name, or given name, of the user.\n", "willReplaceOnChanges": true }, "lastName": { "type": "string", "description": "Last name, or surname, of the user.\n", "willReplaceOnChanges": true }, "sendEmailNotification": { "type": "boolean", "description": "Send an email notification.\n" }, "userName": { "type": "string", "description": "Email address of the user.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authenticationType", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the appstream user.\n" }, "authenticationType": { "type": "string", "description": "Authentication type for the user. You must specify USERPOOL. Valid values: `API`, `SAML`, `USERPOOL`\n", "willReplaceOnChanges": true }, "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the user was created.\n" }, "enabled": { "type": "boolean", "description": "Whether the user in the user pool is enabled.\n" }, "firstName": { "type": "string", "description": "First name, or given name, of the user.\n", "willReplaceOnChanges": true }, "lastName": { "type": "string", "description": "Last name, or surname, of the user.\n", "willReplaceOnChanges": true }, "sendEmailNotification": { "type": "boolean", "description": "Send an email notification.\n" }, "userName": { "type": "string", "description": "Email address of the user.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appstream/userStackAssociation:UserStackAssociation": { "description": "Manages an AppStream User Stack association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.appstream.Stack(\"test\", {name: \"STACK NAME\"});\nconst testUser = new aws.appstream.User(\"test\", {\n authenticationType: \"USERPOOL\",\n userName: \"EMAIL\",\n});\nconst testUserStackAssociation = new aws.appstream.UserStackAssociation(\"test\", {\n authenticationType: testUser.authenticationType,\n stackName: test.name,\n userName: testUser.userName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appstream.Stack(\"test\", name=\"STACK NAME\")\ntest_user = aws.appstream.User(\"test\",\n authentication_type=\"USERPOOL\",\n user_name=\"EMAIL\")\ntest_user_stack_association = aws.appstream.UserStackAssociation(\"test\",\n authentication_type=test_user.authentication_type,\n stack_name=test.name,\n user_name=test_user.user_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.AppStream.Stack(\"test\", new()\n {\n Name = \"STACK NAME\",\n });\n\n var testUser = new Aws.AppStream.User(\"test\", new()\n {\n AuthenticationType = \"USERPOOL\",\n UserName = \"EMAIL\",\n });\n\n var testUserStackAssociation = new Aws.AppStream.UserStackAssociation(\"test\", new()\n {\n AuthenticationType = testUser.AuthenticationType,\n StackName = test.Name,\n UserName = testUser.UserName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appstream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := appstream.NewStack(ctx, \"test\", \u0026appstream.StackArgs{\n\t\t\tName: pulumi.String(\"STACK NAME\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestUser, err := appstream.NewUser(ctx, \"test\", \u0026appstream.UserArgs{\n\t\t\tAuthenticationType: pulumi.String(\"USERPOOL\"),\n\t\t\tUserName: pulumi.String(\"EMAIL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appstream.NewUserStackAssociation(ctx, \"test\", \u0026appstream.UserStackAssociationArgs{\n\t\t\tAuthenticationType: testUser.AuthenticationType,\n\t\t\tStackName: test.Name,\n\t\t\tUserName: testUser.UserName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appstream.Stack;\nimport com.pulumi.aws.appstream.StackArgs;\nimport com.pulumi.aws.appstream.User;\nimport com.pulumi.aws.appstream.UserArgs;\nimport com.pulumi.aws.appstream.UserStackAssociation;\nimport com.pulumi.aws.appstream.UserStackAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Stack(\"test\", StackArgs.builder()\n .name(\"STACK NAME\")\n .build());\n\n var testUser = new User(\"testUser\", UserArgs.builder()\n .authenticationType(\"USERPOOL\")\n .userName(\"EMAIL\")\n .build());\n\n var testUserStackAssociation = new UserStackAssociation(\"testUserStackAssociation\", UserStackAssociationArgs.builder()\n .authenticationType(testUser.authenticationType())\n .stackName(test.name())\n .userName(testUser.userName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:appstream:Stack\n properties:\n name: STACK NAME\n testUser:\n type: aws:appstream:User\n name: test\n properties:\n authenticationType: USERPOOL\n userName: EMAIL\n testUserStackAssociation:\n type: aws:appstream:UserStackAssociation\n name: test\n properties:\n authenticationType: ${testUser.authenticationType}\n stackName: ${test.name}\n userName: ${testUser.userName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppStream User Stack Association using the `user_name`, `authentication_type`, and `stack_name`, separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:appstream/userStackAssociation:UserStackAssociation example userName/auhtenticationType/stackName\n```\n", "properties": { "authenticationType": { "type": "string", "description": "Authentication type for the user.\n" }, "sendEmailNotification": { "type": "boolean", "description": "Whether a welcome email is sent to a user after the user is created in the user pool.\n" }, "stackName": { "type": "string", "description": "Name of the stack that is associated with the user.\n" }, "userName": { "type": "string", "description": "Email address of the user who is associated with the stack.\n\nThe following arguments are optional:\n" } }, "required": [ "authenticationType", "stackName", "userName" ], "inputProperties": { "authenticationType": { "type": "string", "description": "Authentication type for the user.\n", "willReplaceOnChanges": true }, "sendEmailNotification": { "type": "boolean", "description": "Whether a welcome email is sent to a user after the user is created in the user pool.\n" }, "stackName": { "type": "string", "description": "Name of the stack that is associated with the user.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "Email address of the user who is associated with the stack.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authenticationType", "stackName", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserStackAssociation resources.\n", "properties": { "authenticationType": { "type": "string", "description": "Authentication type for the user.\n", "willReplaceOnChanges": true }, "sendEmailNotification": { "type": "boolean", "description": "Whether a welcome email is sent to a user after the user is created in the user pool.\n" }, "stackName": { "type": "string", "description": "Name of the stack that is associated with the user.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "Email address of the user who is associated with the stack.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appsync/apiCache:ApiCache": { "description": "Provides an AppSync API Cache.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n name: \"example\",\n});\nconst exampleApiCache = new aws.appsync.ApiCache(\"example\", {\n apiId: example.id,\n apiCachingBehavior: \"FULL_REQUEST_CACHING\",\n type: \"LARGE\",\n ttl: 900,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"API_KEY\",\n name=\"example\")\nexample_api_cache = aws.appsync.ApiCache(\"example\",\n api_id=example.id,\n api_caching_behavior=\"FULL_REQUEST_CACHING\",\n type=\"LARGE\",\n ttl=900)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.GraphQLApi(\"example\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"example\",\n });\n\n var exampleApiCache = new Aws.AppSync.ApiCache(\"example\", new()\n {\n ApiId = example.Id,\n ApiCachingBehavior = \"FULL_REQUEST_CACHING\",\n Type = \"LARGE\",\n Ttl = 900,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewApiCache(ctx, \"example\", \u0026appsync.ApiCacheArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tApiCachingBehavior: pulumi.String(\"FULL_REQUEST_CACHING\"),\n\t\t\tType: pulumi.String(\"LARGE\"),\n\t\t\tTtl: pulumi.Int(900),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.ApiCache;\nimport com.pulumi.aws.appsync.ApiCacheArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GraphQLApi(\"example\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"example\")\n .build());\n\n var exampleApiCache = new ApiCache(\"exampleApiCache\", ApiCacheArgs.builder()\n .apiId(example.id())\n .apiCachingBehavior(\"FULL_REQUEST_CACHING\")\n .type(\"LARGE\")\n .ttl(900)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:GraphQLApi\n properties:\n authenticationType: API_KEY\n name: example\n exampleApiCache:\n type: aws:appsync:ApiCache\n name: example\n properties:\n apiId: ${example.id}\n apiCachingBehavior: FULL_REQUEST_CACHING\n type: LARGE\n ttl: 900\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_api_cache` using the AppSync API ID. For example:\n\n```sh\n$ pulumi import aws:appsync/apiCache:ApiCache example xxxxx\n```\n", "properties": { "apiCachingBehavior": { "type": "string", "description": "Caching behavior. Valid values are `FULL_REQUEST_CACHING` and `PER_RESOLVER_CACHING`.\n" }, "apiId": { "type": "string", "description": "GraphQL API ID.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "At-rest encryption flag for cache. You cannot update this setting after creation.\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.\n" }, "ttl": { "type": "integer", "description": "TTL in seconds for cache entries.\n" }, "type": { "type": "string", "description": "Cache instance type. Valid values are `SMALL`, `MEDIUM`, `LARGE`, `XLARGE`, `LARGE_2X`, `LARGE_4X`, `LARGE_8X`, `LARGE_12X`, `T2_SMALL`, `T2_MEDIUM`, `R4_LARGE`, `R4_XLARGE`, `R4_2XLARGE`, `R4_4XLARGE`, `R4_8XLARGE`.\n" } }, "required": [ "apiCachingBehavior", "apiId", "ttl", "type" ], "inputProperties": { "apiCachingBehavior": { "type": "string", "description": "Caching behavior. Valid values are `FULL_REQUEST_CACHING` and `PER_RESOLVER_CACHING`.\n" }, "apiId": { "type": "string", "description": "GraphQL API ID.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "At-rest encryption flag for cache. You cannot update this setting after creation.\n", "willReplaceOnChanges": true }, "transitEncryptionEnabled": { "type": "boolean", "description": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.\n", "willReplaceOnChanges": true }, "ttl": { "type": "integer", "description": "TTL in seconds for cache entries.\n" }, "type": { "type": "string", "description": "Cache instance type. Valid values are `SMALL`, `MEDIUM`, `LARGE`, `XLARGE`, `LARGE_2X`, `LARGE_4X`, `LARGE_8X`, `LARGE_12X`, `T2_SMALL`, `T2_MEDIUM`, `R4_LARGE`, `R4_XLARGE`, `R4_2XLARGE`, `R4_4XLARGE`, `R4_8XLARGE`.\n" } }, "requiredInputs": [ "apiCachingBehavior", "apiId", "ttl", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApiCache resources.\n", "properties": { "apiCachingBehavior": { "type": "string", "description": "Caching behavior. Valid values are `FULL_REQUEST_CACHING` and `PER_RESOLVER_CACHING`.\n" }, "apiId": { "type": "string", "description": "GraphQL API ID.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "At-rest encryption flag for cache. You cannot update this setting after creation.\n", "willReplaceOnChanges": true }, "transitEncryptionEnabled": { "type": "boolean", "description": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.\n", "willReplaceOnChanges": true }, "ttl": { "type": "integer", "description": "TTL in seconds for cache entries.\n" }, "type": { "type": "string", "description": "Cache instance type. Valid values are `SMALL`, `MEDIUM`, `LARGE`, `XLARGE`, `LARGE_2X`, `LARGE_4X`, `LARGE_8X`, `LARGE_12X`, `T2_SMALL`, `T2_MEDIUM`, `R4_LARGE`, `R4_XLARGE`, `R4_2XLARGE`, `R4_4XLARGE`, `R4_8XLARGE`.\n" } }, "type": "object" } }, "aws:appsync/apiKey:ApiKey": { "description": "Provides an AppSync API Key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n name: \"example\",\n});\nconst exampleApiKey = new aws.appsync.ApiKey(\"example\", {\n apiId: example.id,\n expires: \"2018-05-03T04:00:00Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"API_KEY\",\n name=\"example\")\nexample_api_key = aws.appsync.ApiKey(\"example\",\n api_id=example.id,\n expires=\"2018-05-03T04:00:00Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.GraphQLApi(\"example\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"example\",\n });\n\n var exampleApiKey = new Aws.AppSync.ApiKey(\"example\", new()\n {\n ApiId = example.Id,\n Expires = \"2018-05-03T04:00:00Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewApiKey(ctx, \"example\", \u0026appsync.ApiKeyArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tExpires: pulumi.String(\"2018-05-03T04:00:00Z\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.ApiKey;\nimport com.pulumi.aws.appsync.ApiKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GraphQLApi(\"example\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"example\")\n .build());\n\n var exampleApiKey = new ApiKey(\"exampleApiKey\", ApiKeyArgs.builder()\n .apiId(example.id())\n .expires(\"2018-05-03T04:00:00Z\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:GraphQLApi\n properties:\n authenticationType: API_KEY\n name: example\n exampleApiKey:\n type: aws:appsync:ApiKey\n name: example\n properties:\n apiId: ${example.id}\n expires: 2018-05-03T04:00:00Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_api_key` using the AppSync API ID and key separated by `:`. For example:\n\n```sh\n$ pulumi import aws:appsync/apiKey:ApiKey example xxxxx:yyyyy\n```\n", "properties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API\n" }, "apiKeyId": { "type": "string" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" }, "key": { "type": "string", "description": "API key\n", "secret": true } }, "required": [ "apiId", "apiKeyId", "description", "key" ], "inputProperties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API\n" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" } }, "requiredInputs": [ "apiId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApiKey resources.\n", "properties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API\n" }, "apiKeyId": { "type": "string" }, "description": { "type": "string", "description": "API key description. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "expires": { "type": "string", "description": "RFC3339 string representation of the expiry date. Rounded down to nearest hour. By default, it is 7 days from the date of creation.\n" }, "key": { "type": "string", "description": "API key\n", "secret": true } }, "type": "object" } }, "aws:appsync/dataSource:DataSource": { "description": "Provides an AppSync Data Source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleTable = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n readCapacity: 1,\n writeCapacity: 1,\n hashKey: \"UserId\",\n attributes: [{\n name: \"UserId\",\n type: \"S\",\n }],\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"appsync.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"dynamodb:*\"],\n resources: [exampleTable.arn],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"example\",\n role: exampleRole.id,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleGraphQLApi = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n name: \"my_appsync_example\",\n});\nconst exampleDataSource = new aws.appsync.DataSource(\"example\", {\n apiId: exampleGraphQLApi.id,\n name: \"my_appsync_example\",\n serviceRoleArn: exampleRole.arn,\n type: \"AMAZON_DYNAMODB\",\n dynamodbConfig: {\n tableName: exampleTable.name,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_table = aws.dynamodb.Table(\"example\",\n name=\"example\",\n read_capacity=1,\n write_capacity=1,\n hash_key=\"UserId\",\n attributes=[{\n \"name\": \"UserId\",\n \"type\": \"S\",\n }])\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"appsync.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=assume_role.json)\nexample = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"dynamodb:*\"],\n \"resources\": [example_table.arn],\n}])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"example\",\n role=example_role.id,\n policy=example.json)\nexample_graph_ql_api = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"API_KEY\",\n name=\"my_appsync_example\")\nexample_data_source = aws.appsync.DataSource(\"example\",\n api_id=example_graph_ql_api.id,\n name=\"my_appsync_example\",\n service_role_arn=example_role.arn,\n type=\"AMAZON_DYNAMODB\",\n dynamodb_config={\n \"table_name\": example_table.name,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleTable = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n HashKey = \"UserId\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n },\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"appsync.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"dynamodb:*\",\n },\n Resources = new[]\n {\n exampleTable.Arn,\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"example\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleGraphQLApi = new Aws.AppSync.GraphQLApi(\"example\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"my_appsync_example\",\n });\n\n var exampleDataSource = new Aws.AppSync.DataSource(\"example\", new()\n {\n ApiId = exampleGraphQLApi.Id,\n Name = \"my_appsync_example\",\n ServiceRoleArn = exampleRole.Arn,\n Type = \"AMAZON_DYNAMODB\",\n DynamodbConfig = new Aws.AppSync.Inputs.DataSourceDynamodbConfigArgs\n {\n TableName = exampleTable.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleTable, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"appsync.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dynamodb:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleTable.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGraphQLApi, err := appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"my_appsync_example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewDataSource(ctx, \"example\", \u0026appsync.DataSourceArgs{\n\t\t\tApiId: exampleGraphQLApi.ID(),\n\t\t\tName: pulumi.String(\"my_appsync_example\"),\n\t\t\tServiceRoleArn: exampleRole.Arn,\n\t\t\tType: pulumi.String(\"AMAZON_DYNAMODB\"),\n\t\t\tDynamodbConfig: \u0026appsync.DataSourceDynamodbConfigArgs{\n\t\t\t\tTableName: exampleTable.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.DataSource;\nimport com.pulumi.aws.appsync.DataSourceArgs;\nimport com.pulumi.aws.appsync.inputs.DataSourceDynamodbConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleTable = new Table(\"exampleTable\", TableArgs.builder()\n .name(\"example\")\n .readCapacity(1)\n .writeCapacity(1)\n .hashKey(\"UserId\")\n .attributes(TableAttributeArgs.builder()\n .name(\"UserId\")\n .type(\"S\")\n .build())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"appsync.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"dynamodb:*\")\n .resources(exampleTable.arn())\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .name(\"example\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleGraphQLApi = new GraphQLApi(\"exampleGraphQLApi\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"my_appsync_example\")\n .build());\n\n var exampleDataSource = new DataSource(\"exampleDataSource\", DataSourceArgs.builder()\n .apiId(exampleGraphQLApi.id())\n .name(\"my_appsync_example\")\n .serviceRoleArn(exampleRole.arn())\n .type(\"AMAZON_DYNAMODB\")\n .dynamodbConfig(DataSourceDynamodbConfigArgs.builder()\n .tableName(exampleTable.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTable:\n type: aws:dynamodb:Table\n name: example\n properties:\n name: example\n readCapacity: 1\n writeCapacity: 1\n hashKey: UserId\n attributes:\n - name: UserId\n type: S\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: example\n role: ${exampleRole.id}\n policy: ${example.json}\n exampleGraphQLApi:\n type: aws:appsync:GraphQLApi\n name: example\n properties:\n authenticationType: API_KEY\n name: my_appsync_example\n exampleDataSource:\n type: aws:appsync:DataSource\n name: example\n properties:\n apiId: ${exampleGraphQLApi.id}\n name: my_appsync_example\n serviceRoleArn: ${exampleRole.arn}\n type: AMAZON_DYNAMODB\n dynamodbConfig:\n tableName: ${exampleTable.name}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - appsync.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - dynamodb:*\n resources:\n - ${exampleTable.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_datasource` using the `api_id`, a hyphen, and `name`. For example:\n\n```sh\n$ pulumi import aws:appsync/dataSource:DataSource example abcdef123456-example\n```\n", "properties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API for the data source.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See `dynamodb_config` Block for details.\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See `elasticsearch_config` Block for details.\n" }, "eventBridgeConfig": { "$ref": "#/types/aws:appsync/DataSourceEventBridgeConfig:DataSourceEventBridgeConfig", "description": "AWS EventBridge settings. See `event_bridge_config` Block for details.\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See `http_config` Block for details.\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See `lambda_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the data source.\n" }, "opensearchserviceConfig": { "$ref": "#/types/aws:appsync/DataSourceOpensearchserviceConfig:DataSourceOpensearchserviceConfig", "description": "Amazon OpenSearch Service settings. See `opensearchservice_config` Block for details.\n" }, "relationalDatabaseConfig": { "$ref": "#/types/aws:appsync/DataSourceRelationalDatabaseConfig:DataSourceRelationalDatabaseConfig", "description": "AWS RDS settings. See `relational_database_config` Block for details.\n" }, "serviceRoleArn": { "type": "string", "description": "IAM service role ARN for the data source. Required if `type` is specified as `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `AMAZON_EVENTBRIDGE`, or `AMAZON_OPENSEARCH_SERVICE`.\n" }, "type": { "type": "string", "description": "Type of the Data Source. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`, `RELATIONAL_DATABASE`, `AMAZON_EVENTBRIDGE`, `AMAZON_OPENSEARCH_SERVICE`.\n" } }, "required": [ "apiId", "arn", "name", "type" ], "inputProperties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API for the data source.\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See `dynamodb_config` Block for details.\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See `elasticsearch_config` Block for details.\n" }, "eventBridgeConfig": { "$ref": "#/types/aws:appsync/DataSourceEventBridgeConfig:DataSourceEventBridgeConfig", "description": "AWS EventBridge settings. See `event_bridge_config` Block for details.\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See `http_config` Block for details.\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See `lambda_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the data source.\n" }, "opensearchserviceConfig": { "$ref": "#/types/aws:appsync/DataSourceOpensearchserviceConfig:DataSourceOpensearchserviceConfig", "description": "Amazon OpenSearch Service settings. See `opensearchservice_config` Block for details.\n" }, "relationalDatabaseConfig": { "$ref": "#/types/aws:appsync/DataSourceRelationalDatabaseConfig:DataSourceRelationalDatabaseConfig", "description": "AWS RDS settings. See `relational_database_config` Block for details.\n" }, "serviceRoleArn": { "type": "string", "description": "IAM service role ARN for the data source. Required if `type` is specified as `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `AMAZON_EVENTBRIDGE`, or `AMAZON_OPENSEARCH_SERVICE`.\n" }, "type": { "type": "string", "description": "Type of the Data Source. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`, `RELATIONAL_DATABASE`, `AMAZON_EVENTBRIDGE`, `AMAZON_OPENSEARCH_SERVICE`.\n" } }, "requiredInputs": [ "apiId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSource resources.\n", "properties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API for the data source.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "dynamodbConfig": { "$ref": "#/types/aws:appsync/DataSourceDynamodbConfig:DataSourceDynamodbConfig", "description": "DynamoDB settings. See `dynamodb_config` Block for details.\n" }, "elasticsearchConfig": { "$ref": "#/types/aws:appsync/DataSourceElasticsearchConfig:DataSourceElasticsearchConfig", "description": "Amazon Elasticsearch settings. See `elasticsearch_config` Block for details.\n" }, "eventBridgeConfig": { "$ref": "#/types/aws:appsync/DataSourceEventBridgeConfig:DataSourceEventBridgeConfig", "description": "AWS EventBridge settings. See `event_bridge_config` Block for details.\n" }, "httpConfig": { "$ref": "#/types/aws:appsync/DataSourceHttpConfig:DataSourceHttpConfig", "description": "HTTP settings. See `http_config` Block for details.\n" }, "lambdaConfig": { "$ref": "#/types/aws:appsync/DataSourceLambdaConfig:DataSourceLambdaConfig", "description": "AWS Lambda settings. See `lambda_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the data source.\n" }, "opensearchserviceConfig": { "$ref": "#/types/aws:appsync/DataSourceOpensearchserviceConfig:DataSourceOpensearchserviceConfig", "description": "Amazon OpenSearch Service settings. See `opensearchservice_config` Block for details.\n" }, "relationalDatabaseConfig": { "$ref": "#/types/aws:appsync/DataSourceRelationalDatabaseConfig:DataSourceRelationalDatabaseConfig", "description": "AWS RDS settings. See `relational_database_config` Block for details.\n" }, "serviceRoleArn": { "type": "string", "description": "IAM service role ARN for the data source. Required if `type` is specified as `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `AMAZON_EVENTBRIDGE`, or `AMAZON_OPENSEARCH_SERVICE`.\n" }, "type": { "type": "string", "description": "Type of the Data Source. Valid values: `AWS_LAMBDA`, `AMAZON_DYNAMODB`, `AMAZON_ELASTICSEARCH`, `HTTP`, `NONE`, `RELATIONAL_DATABASE`, `AMAZON_EVENTBRIDGE`, `AMAZON_OPENSEARCH_SERVICE`.\n" } }, "type": "object" } }, "aws:appsync/domainName:DomainName": { "description": "Provides an AppSync Domain Name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.DomainName(\"example\", {\n domainName: \"api.example.com\",\n certificateArn: exampleAwsAcmCertificate.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.DomainName(\"example\",\n domain_name=\"api.example.com\",\n certificate_arn=example_aws_acm_certificate[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.DomainName(\"example\", new()\n {\n Name = \"api.example.com\",\n CertificateArn = exampleAwsAcmCertificate.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appsync.NewDomainName(ctx, \"example\", \u0026appsync.DomainNameArgs{\n\t\t\tDomainName: pulumi.String(\"api.example.com\"),\n\t\t\tCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.DomainName;\nimport com.pulumi.aws.appsync.DomainNameArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainName(\"example\", DomainNameArgs.builder()\n .domainName(\"api.example.com\")\n .certificateArn(exampleAwsAcmCertificate.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:DomainName\n properties:\n domainName: api.example.com\n certificateArn: ${exampleAwsAcmCertificate.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_domain_name` using the AppSync domain name. For example:\n\n```sh\n$ pulumi import aws:appsync/domainName:DomainName example example.com\n```\n", "properties": { "appsyncDomainName": { "type": "string", "description": "Domain name that AppSync provides.\n" }, "certificateArn": { "type": "string", "description": "ARN of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate. The certifiacte must reside in us-east-1.\n" }, "description": { "type": "string", "description": "A description of the Domain Name.\n" }, "domainName": { "type": "string", "description": "Domain name.\n", "language": { "csharp": { "name": "Name" } } }, "hostedZoneId": { "type": "string", "description": "ID of your Amazon Route 53 hosted zone.\n" } }, "required": [ "appsyncDomainName", "certificateArn", "domainName", "hostedZoneId" ], "inputProperties": { "certificateArn": { "type": "string", "description": "ARN of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate. The certifiacte must reside in us-east-1.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the Domain Name.\n" }, "domainName": { "type": "string", "description": "Domain name.\n", "language": { "csharp": { "name": "Name" } }, "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateArn", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainName resources.\n", "properties": { "appsyncDomainName": { "type": "string", "description": "Domain name that AppSync provides.\n" }, "certificateArn": { "type": "string", "description": "ARN of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate. The certifiacte must reside in us-east-1.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the Domain Name.\n" }, "domainName": { "type": "string", "description": "Domain name.\n", "language": { "csharp": { "name": "Name" } }, "willReplaceOnChanges": true }, "hostedZoneId": { "type": "string", "description": "ID of your Amazon Route 53 hosted zone.\n" } }, "type": "object" } }, "aws:appsync/domainNameApiAssociation:DomainNameApiAssociation": { "description": "Provides an AppSync API Association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.DomainNameApiAssociation(\"example\", {\n apiId: exampleAwsAppsyncGraphqlApi.id,\n domainName: exampleAwsAppsyncDomainName.domainName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.DomainNameApiAssociation(\"example\",\n api_id=example_aws_appsync_graphql_api[\"id\"],\n domain_name=example_aws_appsync_domain_name[\"domainName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.DomainNameApiAssociation(\"example\", new()\n {\n ApiId = exampleAwsAppsyncGraphqlApi.Id,\n DomainName = exampleAwsAppsyncDomainName.DomainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appsync.NewDomainNameApiAssociation(ctx, \"example\", \u0026appsync.DomainNameApiAssociationArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsAppsyncGraphqlApi.Id),\n\t\t\tDomainName: pulumi.Any(exampleAwsAppsyncDomainName.DomainName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.DomainNameApiAssociation;\nimport com.pulumi.aws.appsync.DomainNameApiAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainNameApiAssociation(\"example\", DomainNameApiAssociationArgs.builder()\n .apiId(exampleAwsAppsyncGraphqlApi.id())\n .domainName(exampleAwsAppsyncDomainName.domainName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:DomainNameApiAssociation\n properties:\n apiId: ${exampleAwsAppsyncGraphqlApi.id}\n domainName: ${exampleAwsAppsyncDomainName.domainName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_domain_name_api_association` using the AppSync domain name. For example:\n\n```sh\n$ pulumi import aws:appsync/domainNameApiAssociation:DomainNameApiAssociation example example.com\n```\n", "properties": { "apiId": { "type": "string", "description": "API ID.\n" }, "domainName": { "type": "string", "description": "Appsync domain name.\n" } }, "required": [ "apiId", "domainName" ], "inputProperties": { "apiId": { "type": "string", "description": "API ID.\n" }, "domainName": { "type": "string", "description": "Appsync domain name.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "apiId", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainNameApiAssociation resources.\n", "properties": { "apiId": { "type": "string", "description": "API ID.\n" }, "domainName": { "type": "string", "description": "Appsync domain name.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appsync/function:Function": { "description": "Provides an AppSync Function.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n name: \"example\",\n schema: `type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n`,\n});\nconst exampleDataSource = new aws.appsync.DataSource(\"example\", {\n apiId: example.id,\n name: \"example\",\n type: \"HTTP\",\n httpConfig: {\n endpoint: \"http://example.com\",\n },\n});\nconst exampleFunction = new aws.appsync.Function(\"example\", {\n apiId: example.id,\n dataSource: exampleDataSource.name,\n name: \"example\",\n requestMappingTemplate: `{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": utils.http.copyheaders(ctx.request.headers)\n }\n}\n`,\n responseMappingTemplate: `#if(ctx.result.statusCode == 200)\n ctx.result.body\n#else\n utils.appendError(ctx.result.body, ctx.result.statusCode)\n#end\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"API_KEY\",\n name=\"example\",\n schema=\"\"\"type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n\"\"\")\nexample_data_source = aws.appsync.DataSource(\"example\",\n api_id=example.id,\n name=\"example\",\n type=\"HTTP\",\n http_config={\n \"endpoint\": \"http://example.com\",\n })\nexample_function = aws.appsync.Function(\"example\",\n api_id=example.id,\n data_source=example_data_source.name,\n name=\"example\",\n request_mapping_template=\"\"\"{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\"\"\",\n response_mapping_template=\"\"\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.GraphQLApi(\"example\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"example\",\n Schema = @\"type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n\",\n });\n\n var exampleDataSource = new Aws.AppSync.DataSource(\"example\", new()\n {\n ApiId = example.Id,\n Name = \"example\",\n Type = \"HTTP\",\n HttpConfig = new Aws.AppSync.Inputs.DataSourceHttpConfigArgs\n {\n Endpoint = \"http://example.com\",\n },\n });\n\n var exampleFunction = new Aws.AppSync.Function(\"example\", new()\n {\n ApiId = example.Id,\n DataSource = exampleDataSource.Name,\n Name = \"example\",\n RequestMappingTemplate = @\"{\n \"\"version\"\": \"\"2018-05-29\"\",\n \"\"method\"\": \"\"GET\"\",\n \"\"resourcePath\"\": \"\"/\"\",\n \"\"params\"\":{\n \"\"headers\"\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\",\n ResponseMappingTemplate = @\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSchema: pulumi.String(`type Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDataSource, err := appsync.NewDataSource(ctx, \"example\", \u0026appsync.DataSourceArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tHttpConfig: \u0026appsync.DataSourceHttpConfigArgs{\n\t\t\t\tEndpoint: pulumi.String(\"http://example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewFunction(ctx, \"example\", \u0026appsync.FunctionArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tDataSource: exampleDataSource.Name,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRequestMappingTemplate: pulumi.String(`{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n`),\n\t\t\tResponseMappingTemplate: pulumi.String(`#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.DataSource;\nimport com.pulumi.aws.appsync.DataSourceArgs;\nimport com.pulumi.aws.appsync.inputs.DataSourceHttpConfigArgs;\nimport com.pulumi.aws.appsync.Function;\nimport com.pulumi.aws.appsync.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GraphQLApi(\"example\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"example\")\n .schema(\"\"\"\ntype Mutation {\n putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n id: ID!\n title: String!\n}\n\ntype Query {\n singlePost(id: ID!): Post\n}\n\nschema {\n query: Query\n mutation: Mutation\n}\n \"\"\")\n .build());\n\n var exampleDataSource = new DataSource(\"exampleDataSource\", DataSourceArgs.builder()\n .apiId(example.id())\n .name(\"example\")\n .type(\"HTTP\")\n .httpConfig(DataSourceHttpConfigArgs.builder()\n .endpoint(\"http://example.com\")\n .build())\n .build());\n\n var exampleFunction = new Function(\"exampleFunction\", FunctionArgs.builder()\n .apiId(example.id())\n .dataSource(exampleDataSource.name())\n .name(\"example\")\n .requestMappingTemplate(\"\"\"\n{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n \"\"\")\n .responseMappingTemplate(\"\"\"\n#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:GraphQLApi\n properties:\n authenticationType: API_KEY\n name: example\n schema: |\n type Mutation {\n putPost(id: ID!, title: String!): Post\n }\n\n type Post {\n id: ID!\n title: String!\n }\n\n type Query {\n singlePost(id: ID!): Post\n }\n\n schema {\n query: Query\n mutation: Mutation\n }\n exampleDataSource:\n type: aws:appsync:DataSource\n name: example\n properties:\n apiId: ${example.id}\n name: example\n type: HTTP\n httpConfig:\n endpoint: http://example.com\n exampleFunction:\n type: aws:appsync:Function\n name: example\n properties:\n apiId: ${example.id}\n dataSource: ${exampleDataSource.name}\n name: example\n requestMappingTemplate: |\n {\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n }\n responseMappingTemplate: |\n #if($ctx.result.statusCode == 200)\n $ctx.result.body\n #else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n #end\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With Code\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.appsync.Function(\"example\", {\n apiId: exampleAwsAppsyncGraphqlApi.id,\n dataSource: exampleAwsAppsyncDatasource.name,\n name: \"example\",\n code: std.file({\n input: \"some-code-dir\",\n }).then(invoke =\u003e invoke.result),\n runtime: {\n name: \"APPSYNC_JS\",\n runtimeVersion: \"1.0.0\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.appsync.Function(\"example\",\n api_id=example_aws_appsync_graphql_api[\"id\"],\n data_source=example_aws_appsync_datasource[\"name\"],\n name=\"example\",\n code=std.file(input=\"some-code-dir\").result,\n runtime={\n \"name\": \"APPSYNC_JS\",\n \"runtime_version\": \"1.0.0\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.Function(\"example\", new()\n {\n ApiId = exampleAwsAppsyncGraphqlApi.Id,\n DataSource = exampleAwsAppsyncDatasource.Name,\n Name = \"example\",\n Code = Std.File.Invoke(new()\n {\n Input = \"some-code-dir\",\n }).Apply(invoke =\u003e invoke.Result),\n Runtime = new Aws.AppSync.Inputs.FunctionRuntimeArgs\n {\n Name = \"APPSYNC_JS\",\n RuntimeVersion = \"1.0.0\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"some-code-dir\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewFunction(ctx, \"example\", \u0026appsync.FunctionArgs{\n\t\t\tApiId: pulumi.Any(exampleAwsAppsyncGraphqlApi.Id),\n\t\t\tDataSource: pulumi.Any(exampleAwsAppsyncDatasource.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCode: pulumi.String(invokeFile.Result),\n\t\t\tRuntime: \u0026appsync.FunctionRuntimeArgs{\n\t\t\t\tName: pulumi.String(\"APPSYNC_JS\"),\n\t\t\t\tRuntimeVersion: pulumi.String(\"1.0.0\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.Function;\nimport com.pulumi.aws.appsync.FunctionArgs;\nimport com.pulumi.aws.appsync.inputs.FunctionRuntimeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Function(\"example\", FunctionArgs.builder()\n .apiId(exampleAwsAppsyncGraphqlApi.id())\n .dataSource(exampleAwsAppsyncDatasource.name())\n .name(\"example\")\n .code(StdFunctions.file(FileArgs.builder()\n .input(\"some-code-dir\")\n .build()).result())\n .runtime(FunctionRuntimeArgs.builder()\n .name(\"APPSYNC_JS\")\n .runtimeVersion(\"1.0.0\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:Function\n properties:\n apiId: ${exampleAwsAppsyncGraphqlApi.id}\n dataSource: ${exampleAwsAppsyncDatasource.name}\n name: example\n code:\n fn::invoke:\n Function: std:file\n Arguments:\n input: some-code-dir\n Return: result\n runtime:\n name: APPSYNC_JS\n runtimeVersion: 1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_function` using the AppSync API ID and Function ID separated by `-`. For example:\n\n```sh\n$ pulumi import aws:appsync/function:Function example xxxxx-yyyyy\n```\n", "properties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API.\n" }, "arn": { "type": "string", "description": "ARN of the Function object.\n" }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Function data source name.\n" }, "description": { "type": "string", "description": "Function description.\n" }, "functionId": { "type": "string", "description": "Unique ID representing the Function object.\n" }, "functionVersion": { "type": "string", "description": "Version of the request mapping template. Currently the supported value is `2018-05-29`. Does not apply when specifying `code`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "name": { "type": "string", "description": "Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "Function response mapping template.\n" }, "runtime": { "$ref": "#/types/aws:appsync/FunctionRuntime:FunctionRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See `runtime` Block for details.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/FunctionSyncConfig:FunctionSyncConfig", "description": "Describes a Sync configuration for a resolver. See `sync_config` Block for details.\n" } }, "required": [ "apiId", "arn", "dataSource", "functionId", "functionVersion", "name" ], "inputProperties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API.\n", "willReplaceOnChanges": true }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Function data source name.\n" }, "description": { "type": "string", "description": "Function description.\n" }, "functionVersion": { "type": "string", "description": "Version of the request mapping template. Currently the supported value is `2018-05-29`. Does not apply when specifying `code`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "name": { "type": "string", "description": "Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "Function response mapping template.\n" }, "runtime": { "$ref": "#/types/aws:appsync/FunctionRuntime:FunctionRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See `runtime` Block for details.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/FunctionSyncConfig:FunctionSyncConfig", "description": "Describes a Sync configuration for a resolver. See `sync_config` Block for details.\n" } }, "requiredInputs": [ "apiId", "dataSource" ], "stateInputs": { "description": "Input properties used for looking up and filtering Function resources.\n", "properties": { "apiId": { "type": "string", "description": "ID of the associated AppSync API.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the Function object.\n" }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Function data source name.\n" }, "description": { "type": "string", "description": "Function description.\n" }, "functionId": { "type": "string", "description": "Unique ID representing the Function object.\n" }, "functionVersion": { "type": "string", "description": "Version of the request mapping template. Currently the supported value is `2018-05-29`. Does not apply when specifying `code`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "name": { "type": "string", "description": "Function name. The function name does not have to be unique.\n" }, "requestMappingTemplate": { "type": "string", "description": "Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.\n" }, "responseMappingTemplate": { "type": "string", "description": "Function response mapping template.\n" }, "runtime": { "$ref": "#/types/aws:appsync/FunctionRuntime:FunctionRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See `runtime` Block for details.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/FunctionSyncConfig:FunctionSyncConfig", "description": "Describes a Sync configuration for a resolver. See `sync_config` Block for details.\n" } }, "type": "object" } }, "aws:appsync/graphQLApi:GraphQLApi": { "properties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphSQL API. See `additional_authentication_provider` Block for details.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "authenticationType": { "type": "string", "description": "Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`\n" }, "introspectionConfig": { "type": "string", "description": "Sets the value of the GraphQL API to enable (`ENABLED`) or disable (`DISABLED`) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see [GraphQL introspection](https://graphql.org/learn/introspection/).\n" }, "lambdaAuthorizerConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLambdaAuthorizerConfig:GraphQLApiLambdaAuthorizerConfig", "description": "Nested argument containing Lambda authorizer configuration. See `lambda_authorizer_config` Block for details.\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. See `log_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the GraphSQL API.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. See `openid_connect_config` Block for details.\n" }, "queryDepthLimit": { "type": "integer", "description": "The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is `0` (or unspecified), which indicates there's no depth limit. If you set a limit, it can be between `1` and `75` nested levels. This field will produce a limit error if the operation falls out of bounds.\n\nNote that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.\n" }, "resolverCountLimit": { "type": "integer", "description": "The maximum number of resolvers that can be invoked in a single request. The default value is `0` (or unspecified), which will set the limit to `10000`. When specified, the limit value can be between `1` and `10000`. This field will produce a limit error if the operation falls out of bounds.\n" }, "schema": { "type": "string", "description": "Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of URIs associated with the APIE.g., `uris[\"GRAPHQL\"] = https://ID.appsync-api.REGION.amazonaws.com/graphql`\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "Amazon Cognito User Pool configuration. See `user_pool_config` Block for details.\n" }, "visibility": { "type": "string", "description": "Sets the value of the GraphQL API to public (`GLOBAL`) or private (`PRIVATE`). If no value is provided, the visibility will be set to `GLOBAL` by default. This value cannot be changed once the API has been created.\n" }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "required": [ "arn", "authenticationType", "name", "tagsAll", "uris" ], "inputProperties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphSQL API. See `additional_authentication_provider` Block for details.\n" }, "authenticationType": { "type": "string", "description": "Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`\n" }, "introspectionConfig": { "type": "string", "description": "Sets the value of the GraphQL API to enable (`ENABLED`) or disable (`DISABLED`) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see [GraphQL introspection](https://graphql.org/learn/introspection/).\n" }, "lambdaAuthorizerConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLambdaAuthorizerConfig:GraphQLApiLambdaAuthorizerConfig", "description": "Nested argument containing Lambda authorizer configuration. See `lambda_authorizer_config` Block for details.\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. See `log_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the GraphSQL API.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. See `openid_connect_config` Block for details.\n" }, "queryDepthLimit": { "type": "integer", "description": "The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is `0` (or unspecified), which indicates there's no depth limit. If you set a limit, it can be between `1` and `75` nested levels. This field will produce a limit error if the operation falls out of bounds.\n\nNote that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.\n" }, "resolverCountLimit": { "type": "integer", "description": "The maximum number of resolvers that can be invoked in a single request. The default value is `0` (or unspecified), which will set the limit to `10000`. When specified, the limit value can be between `1` and `10000`. This field will produce a limit error if the operation falls out of bounds.\n" }, "schema": { "type": "string", "description": "Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "Amazon Cognito User Pool configuration. See `user_pool_config` Block for details.\n" }, "visibility": { "type": "string", "description": "Sets the value of the GraphQL API to public (`GLOBAL`) or private (`PRIVATE`). If no value is provided, the visibility will be set to `GLOBAL` by default. This value cannot be changed once the API has been created.\n", "willReplaceOnChanges": true }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "requiredInputs": [ "authenticationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering GraphQLApi resources.\n", "properties": { "additionalAuthenticationProviders": { "type": "array", "items": { "$ref": "#/types/aws:appsync/GraphQLApiAdditionalAuthenticationProvider:GraphQLApiAdditionalAuthenticationProvider" }, "description": "One or more additional authentication providers for the GraphSQL API. See `additional_authentication_provider` Block for details.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "authenticationType": { "type": "string", "description": "Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`\n" }, "introspectionConfig": { "type": "string", "description": "Sets the value of the GraphQL API to enable (`ENABLED`) or disable (`DISABLED`) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see [GraphQL introspection](https://graphql.org/learn/introspection/).\n" }, "lambdaAuthorizerConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLambdaAuthorizerConfig:GraphQLApiLambdaAuthorizerConfig", "description": "Nested argument containing Lambda authorizer configuration. See `lambda_authorizer_config` Block for details.\n" }, "logConfig": { "$ref": "#/types/aws:appsync/GraphQLApiLogConfig:GraphQLApiLogConfig", "description": "Nested argument containing logging configuration. See `log_config` Block for details.\n" }, "name": { "type": "string", "description": "User-supplied name for the GraphSQL API.\n" }, "openidConnectConfig": { "$ref": "#/types/aws:appsync/GraphQLApiOpenidConnectConfig:GraphQLApiOpenidConnectConfig", "description": "Nested argument containing OpenID Connect configuration. See `openid_connect_config` Block for details.\n" }, "queryDepthLimit": { "type": "integer", "description": "The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is `0` (or unspecified), which indicates there's no depth limit. If you set a limit, it can be between `1` and `75` nested levels. This field will produce a limit error if the operation falls out of bounds.\n\nNote that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.\n" }, "resolverCountLimit": { "type": "integer", "description": "The maximum number of resolvers that can be invoked in a single request. The default value is `0` (or unspecified), which will set the limit to `10000`. When specified, the limit value can be between `1` and `10000`. This field will produce a limit error if the operation falls out of bounds.\n" }, "schema": { "type": "string", "description": "Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of URIs associated with the APIE.g., `uris[\"GRAPHQL\"] = https://ID.appsync-api.REGION.amazonaws.com/graphql`\n" }, "userPoolConfig": { "$ref": "#/types/aws:appsync/GraphQLApiUserPoolConfig:GraphQLApiUserPoolConfig", "description": "Amazon Cognito User Pool configuration. See `user_pool_config` Block for details.\n" }, "visibility": { "type": "string", "description": "Sets the value of the GraphQL API to public (`GLOBAL`) or private (`PRIVATE`). If no value is provided, the visibility will be set to `GLOBAL` by default. This value cannot be changed once the API has been created.\n", "willReplaceOnChanges": true }, "xrayEnabled": { "type": "boolean", "description": "Whether tracing with X-ray is enabled. Defaults to false.\n" } }, "type": "object" } }, "aws:appsync/resolver:Resolver": { "description": "Provides an AppSync Resolver.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.appsync.GraphQLApi(\"test\", {\n authenticationType: \"API_KEY\",\n name: \"tf-example\",\n schema: `type Mutation {\n\\x09putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\\x09id: ID!\n\\x09title: String!\n}\n\ntype Query {\n\\x09singlePost(id: ID!): Post\n}\n\nschema {\n\\x09query: Query\n\\x09mutation: Mutation\n}\n`,\n});\nconst testDataSource = new aws.appsync.DataSource(\"test\", {\n apiId: test.id,\n name: \"my_example\",\n type: \"HTTP\",\n httpConfig: {\n endpoint: \"http://example.com\",\n },\n});\n// UNIT type resolver (default)\nconst testResolver = new aws.appsync.Resolver(\"test\", {\n apiId: test.id,\n field: \"singlePost\",\n type: \"Query\",\n dataSource: testDataSource.name,\n requestTemplate: `{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": utils.http.copyheaders(ctx.request.headers)\n }\n}\n`,\n responseTemplate: `#if(ctx.result.statusCode == 200)\n ctx.result.body\n#else\n utils.appendError(ctx.result.body, ctx.result.statusCode)\n#end\n`,\n cachingConfig: {\n cachingKeys: [\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n ],\n ttl: 60,\n },\n});\n// PIPELINE type resolver\nconst mutationPipelineTest = new aws.appsync.Resolver(\"Mutation_pipelineTest\", {\n type: \"Mutation\",\n apiId: test.id,\n field: \"pipelineTest\",\n requestTemplate: \"{}\",\n responseTemplate: \"$util.toJson($ctx.result)\",\n kind: \"PIPELINE\",\n pipelineConfig: {\n functions: [\n test1.functionId,\n test2.functionId,\n test3.functionId,\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appsync.GraphQLApi(\"test\",\n authentication_type=\"API_KEY\",\n name=\"tf-example\",\n schema=\"\"\"type Mutation {\n\\x09putPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\\x09id: ID!\n\\x09title: String!\n}\n\ntype Query {\n\\x09singlePost(id: ID!): Post\n}\n\nschema {\n\\x09query: Query\n\\x09mutation: Mutation\n}\n\"\"\")\ntest_data_source = aws.appsync.DataSource(\"test\",\n api_id=test.id,\n name=\"my_example\",\n type=\"HTTP\",\n http_config={\n \"endpoint\": \"http://example.com\",\n })\n# UNIT type resolver (default)\ntest_resolver = aws.appsync.Resolver(\"test\",\n api_id=test.id,\n field=\"singlePost\",\n type=\"Query\",\n data_source=test_data_source.name,\n request_template=\"\"\"{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\"\"\",\n response_template=\"\"\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\"\"\",\n caching_config={\n \"caching_keys\": [\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n ],\n \"ttl\": 60,\n })\n# PIPELINE type resolver\nmutation_pipeline_test = aws.appsync.Resolver(\"Mutation_pipelineTest\",\n type=\"Mutation\",\n api_id=test.id,\n field=\"pipelineTest\",\n request_template=\"{}\",\n response_template=\"$util.toJson($ctx.result)\",\n kind=\"PIPELINE\",\n pipeline_config={\n \"functions\": [\n test1[\"functionId\"],\n test2[\"functionId\"],\n test3[\"functionId\"],\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.AppSync.GraphQLApi(\"test\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"tf-example\",\n Schema = @\"type Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n\",\n });\n\n var testDataSource = new Aws.AppSync.DataSource(\"test\", new()\n {\n ApiId = test.Id,\n Name = \"my_example\",\n Type = \"HTTP\",\n HttpConfig = new Aws.AppSync.Inputs.DataSourceHttpConfigArgs\n {\n Endpoint = \"http://example.com\",\n },\n });\n\n // UNIT type resolver (default)\n var testResolver = new Aws.AppSync.Resolver(\"test\", new()\n {\n ApiId = test.Id,\n Field = \"singlePost\",\n Type = \"Query\",\n DataSource = testDataSource.Name,\n RequestTemplate = @\"{\n \"\"version\"\": \"\"2018-05-29\"\",\n \"\"method\"\": \"\"GET\"\",\n \"\"resourcePath\"\": \"\"/\"\",\n \"\"params\"\":{\n \"\"headers\"\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n\",\n ResponseTemplate = @\"#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n\",\n CachingConfig = new Aws.AppSync.Inputs.ResolverCachingConfigArgs\n {\n CachingKeys = new[]\n {\n \"$context.identity.sub\",\n \"$context.arguments.id\",\n },\n Ttl = 60,\n },\n });\n\n // PIPELINE type resolver\n var mutationPipelineTest = new Aws.AppSync.Resolver(\"Mutation_pipelineTest\", new()\n {\n Type = \"Mutation\",\n ApiId = test.Id,\n Field = \"pipelineTest\",\n RequestTemplate = \"{}\",\n ResponseTemplate = \"$util.toJson($ctx.result)\",\n Kind = \"PIPELINE\",\n PipelineConfig = new Aws.AppSync.Inputs.ResolverPipelineConfigArgs\n {\n Functions = new[]\n {\n test1.FunctionId,\n test2.FunctionId,\n test3.FunctionId,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := appsync.NewGraphQLApi(ctx, \"test\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"tf-example\"),\n\t\t\tSchema: pulumi.String(`type Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDataSource, err := appsync.NewDataSource(ctx, \"test\", \u0026appsync.DataSourceArgs{\n\t\t\tApiId: test.ID(),\n\t\t\tName: pulumi.String(\"my_example\"),\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tHttpConfig: \u0026appsync.DataSourceHttpConfigArgs{\n\t\t\t\tEndpoint: pulumi.String(\"http://example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// UNIT type resolver (default)\n\t\t_, err = appsync.NewResolver(ctx, \"test\", \u0026appsync.ResolverArgs{\n\t\t\tApiId: test.ID(),\n\t\t\tField: pulumi.String(\"singlePost\"),\n\t\t\tType: pulumi.String(\"Query\"),\n\t\t\tDataSource: testDataSource.Name,\n\t\t\tRequestTemplate: pulumi.String(`{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n`),\n\t\t\tResponseTemplate: pulumi.String(`#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n`),\n\t\t\tCachingConfig: \u0026appsync.ResolverCachingConfigArgs{\n\t\t\t\tCachingKeys: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"$context.identity.sub\"),\n\t\t\t\t\tpulumi.String(\"$context.arguments.id\"),\n\t\t\t\t},\n\t\t\t\tTtl: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// PIPELINE type resolver\n\t\t_, err = appsync.NewResolver(ctx, \"Mutation_pipelineTest\", \u0026appsync.ResolverArgs{\n\t\t\tType: pulumi.String(\"Mutation\"),\n\t\t\tApiId: test.ID(),\n\t\t\tField: pulumi.String(\"pipelineTest\"),\n\t\t\tRequestTemplate: pulumi.String(\"{}\"),\n\t\t\tResponseTemplate: pulumi.String(\"$util.toJson($ctx.result)\"),\n\t\t\tKind: pulumi.String(\"PIPELINE\"),\n\t\t\tPipelineConfig: \u0026appsync.ResolverPipelineConfigArgs{\n\t\t\t\tFunctions: pulumi.StringArray{\n\t\t\t\t\ttest1.FunctionId,\n\t\t\t\t\ttest2.FunctionId,\n\t\t\t\t\ttest3.FunctionId,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.DataSource;\nimport com.pulumi.aws.appsync.DataSourceArgs;\nimport com.pulumi.aws.appsync.inputs.DataSourceHttpConfigArgs;\nimport com.pulumi.aws.appsync.Resolver;\nimport com.pulumi.aws.appsync.ResolverArgs;\nimport com.pulumi.aws.appsync.inputs.ResolverCachingConfigArgs;\nimport com.pulumi.aws.appsync.inputs.ResolverPipelineConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new GraphQLApi(\"test\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"tf-example\")\n .schema(\"\"\"\ntype Mutation {\n\tputPost(id: ID!, title: String!): Post\n}\n\ntype Post {\n\tid: ID!\n\ttitle: String!\n}\n\ntype Query {\n\tsinglePost(id: ID!): Post\n}\n\nschema {\n\tquery: Query\n\tmutation: Mutation\n}\n \"\"\")\n .build());\n\n var testDataSource = new DataSource(\"testDataSource\", DataSourceArgs.builder()\n .apiId(test.id())\n .name(\"my_example\")\n .type(\"HTTP\")\n .httpConfig(DataSourceHttpConfigArgs.builder()\n .endpoint(\"http://example.com\")\n .build())\n .build());\n\n // UNIT type resolver (default)\n var testResolver = new Resolver(\"testResolver\", ResolverArgs.builder()\n .apiId(test.id())\n .field(\"singlePost\")\n .type(\"Query\")\n .dataSource(testDataSource.name())\n .requestTemplate(\"\"\"\n{\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n}\n \"\"\")\n .responseTemplate(\"\"\"\n#if($ctx.result.statusCode == 200)\n $ctx.result.body\n#else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n#end\n \"\"\")\n .cachingConfig(ResolverCachingConfigArgs.builder()\n .cachingKeys( \n \"$context.identity.sub\",\n \"$context.arguments.id\")\n .ttl(60)\n .build())\n .build());\n\n // PIPELINE type resolver\n var mutationPipelineTest = new Resolver(\"mutationPipelineTest\", ResolverArgs.builder()\n .type(\"Mutation\")\n .apiId(test.id())\n .field(\"pipelineTest\")\n .requestTemplate(\"{}\")\n .responseTemplate(\"$util.toJson($ctx.result)\")\n .kind(\"PIPELINE\")\n .pipelineConfig(ResolverPipelineConfigArgs.builder()\n .functions( \n test1.functionId(),\n test2.functionId(),\n test3.functionId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:appsync:GraphQLApi\n properties:\n authenticationType: API_KEY\n name: tf-example\n schema: |\n type Mutation {\n \tputPost(id: ID!, title: String!): Post\n }\n\n type Post {\n \tid: ID!\n \ttitle: String!\n }\n\n type Query {\n \tsinglePost(id: ID!): Post\n }\n\n schema {\n \tquery: Query\n \tmutation: Mutation\n }\n testDataSource:\n type: aws:appsync:DataSource\n name: test\n properties:\n apiId: ${test.id}\n name: my_example\n type: HTTP\n httpConfig:\n endpoint: http://example.com\n # UNIT type resolver (default)\n testResolver:\n type: aws:appsync:Resolver\n name: test\n properties:\n apiId: ${test.id}\n field: singlePost\n type: Query\n dataSource: ${testDataSource.name}\n requestTemplate: |\n {\n \"version\": \"2018-05-29\",\n \"method\": \"GET\",\n \"resourcePath\": \"/\",\n \"params\":{\n \"headers\": $utils.http.copyheaders($ctx.request.headers)\n }\n }\n responseTemplate: |\n #if($ctx.result.statusCode == 200)\n $ctx.result.body\n #else\n $utils.appendError($ctx.result.body, $ctx.result.statusCode)\n #end\n cachingConfig:\n cachingKeys:\n - $context.identity.sub\n - $context.arguments.id\n ttl: 60\n # PIPELINE type resolver\n mutationPipelineTest:\n type: aws:appsync:Resolver\n name: Mutation_pipelineTest\n properties:\n type: Mutation\n apiId: ${test.id}\n field: pipelineTest\n requestTemplate: '{}'\n responseTemplate: $util.toJson($ctx.result)\n kind: PIPELINE\n pipelineConfig:\n functions:\n - ${test1.functionId}\n - ${test2.functionId}\n - ${test3.functionId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### JS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.appsync.Resolver(\"example\", {\n type: \"Query\",\n apiId: testAwsAppsyncGraphqlApi.id,\n field: \"pipelineTest\",\n kind: \"PIPELINE\",\n code: std.file({\n input: \"some-code-dir\",\n }).then(invoke =\u003e invoke.result),\n runtime: {\n name: \"APPSYNC_JS\",\n runtimeVersion: \"1.0.0\",\n },\n pipelineConfig: {\n functions: [test.functionId],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.appsync.Resolver(\"example\",\n type=\"Query\",\n api_id=test_aws_appsync_graphql_api[\"id\"],\n field=\"pipelineTest\",\n kind=\"PIPELINE\",\n code=std.file(input=\"some-code-dir\").result,\n runtime={\n \"name\": \"APPSYNC_JS\",\n \"runtime_version\": \"1.0.0\",\n },\n pipeline_config={\n \"functions\": [test[\"functionId\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.Resolver(\"example\", new()\n {\n Type = \"Query\",\n ApiId = testAwsAppsyncGraphqlApi.Id,\n Field = \"pipelineTest\",\n Kind = \"PIPELINE\",\n Code = Std.File.Invoke(new()\n {\n Input = \"some-code-dir\",\n }).Apply(invoke =\u003e invoke.Result),\n Runtime = new Aws.AppSync.Inputs.ResolverRuntimeArgs\n {\n Name = \"APPSYNC_JS\",\n RuntimeVersion = \"1.0.0\",\n },\n PipelineConfig = new Aws.AppSync.Inputs.ResolverPipelineConfigArgs\n {\n Functions = new[]\n {\n test.FunctionId,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"some-code-dir\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewResolver(ctx, \"example\", \u0026appsync.ResolverArgs{\n\t\t\tType: pulumi.String(\"Query\"),\n\t\t\tApiId: pulumi.Any(testAwsAppsyncGraphqlApi.Id),\n\t\t\tField: pulumi.String(\"pipelineTest\"),\n\t\t\tKind: pulumi.String(\"PIPELINE\"),\n\t\t\tCode: pulumi.String(invokeFile.Result),\n\t\t\tRuntime: \u0026appsync.ResolverRuntimeArgs{\n\t\t\t\tName: pulumi.String(\"APPSYNC_JS\"),\n\t\t\t\tRuntimeVersion: pulumi.String(\"1.0.0\"),\n\t\t\t},\n\t\t\tPipelineConfig: \u0026appsync.ResolverPipelineConfigArgs{\n\t\t\t\tFunctions: pulumi.StringArray{\n\t\t\t\t\ttest.FunctionId,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.Resolver;\nimport com.pulumi.aws.appsync.ResolverArgs;\nimport com.pulumi.aws.appsync.inputs.ResolverRuntimeArgs;\nimport com.pulumi.aws.appsync.inputs.ResolverPipelineConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Resolver(\"example\", ResolverArgs.builder()\n .type(\"Query\")\n .apiId(testAwsAppsyncGraphqlApi.id())\n .field(\"pipelineTest\")\n .kind(\"PIPELINE\")\n .code(StdFunctions.file(FileArgs.builder()\n .input(\"some-code-dir\")\n .build()).result())\n .runtime(ResolverRuntimeArgs.builder()\n .name(\"APPSYNC_JS\")\n .runtimeVersion(\"1.0.0\")\n .build())\n .pipelineConfig(ResolverPipelineConfigArgs.builder()\n .functions(test.functionId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:Resolver\n properties:\n type: Query\n apiId: ${testAwsAppsyncGraphqlApi.id}\n field: pipelineTest\n kind: PIPELINE\n code:\n fn::invoke:\n Function: std:file\n Arguments:\n input: some-code-dir\n Return: result\n runtime:\n name: APPSYNC_JS\n runtimeVersion: 1.0.0\n pipelineConfig:\n functions:\n - ${test.functionId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_appsync_resolver` using the `api_id`, a hyphen, `type`, a hypen and `field`. For example:\n\n```sh\n$ pulumi import aws:appsync/resolver:Resolver example abcdef123456-exampleType-exampleField\n```\n", "properties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API.\n" }, "arn": { "type": "string", "description": "ARN\n" }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The Caching Config. See Caching Config.\n" }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Data source name.\n" }, "field": { "type": "string", "description": "Field name from the schema defined in the GraphQL API.\n" }, "kind": { "type": "string", "description": "Resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The caching configuration for the resolver. See Pipeline Config.\n" }, "requestTemplate": { "type": "string", "description": "Request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "responseTemplate": { "type": "string", "description": "Response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "runtime": { "$ref": "#/types/aws:appsync/ResolverRuntime:ResolverRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See Runtime.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/ResolverSyncConfig:ResolverSyncConfig", "description": "Describes a Sync configuration for a resolver. See Sync Config.\n" }, "type": { "type": "string", "description": "Type name from the schema defined in the GraphQL API.\n" } }, "required": [ "apiId", "arn", "field", "type" ], "inputProperties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API.\n", "willReplaceOnChanges": true }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The Caching Config. See Caching Config.\n" }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Data source name.\n" }, "field": { "type": "string", "description": "Field name from the schema defined in the GraphQL API.\n", "willReplaceOnChanges": true }, "kind": { "type": "string", "description": "Resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The caching configuration for the resolver. See Pipeline Config.\n" }, "requestTemplate": { "type": "string", "description": "Request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "responseTemplate": { "type": "string", "description": "Response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "runtime": { "$ref": "#/types/aws:appsync/ResolverRuntime:ResolverRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See Runtime.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/ResolverSyncConfig:ResolverSyncConfig", "description": "Describes a Sync configuration for a resolver. See Sync Config.\n" }, "type": { "type": "string", "description": "Type name from the schema defined in the GraphQL API.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "apiId", "field", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resolver resources.\n", "properties": { "apiId": { "type": "string", "description": "API ID for the GraphQL API.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN\n" }, "cachingConfig": { "$ref": "#/types/aws:appsync/ResolverCachingConfig:ResolverCachingConfig", "description": "The Caching Config. See Caching Config.\n" }, "code": { "type": "string", "description": "The function code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS.\n" }, "dataSource": { "type": "string", "description": "Data source name.\n" }, "field": { "type": "string", "description": "Field name from the schema defined in the GraphQL API.\n", "willReplaceOnChanges": true }, "kind": { "type": "string", "description": "Resolver type. Valid values are `UNIT` and `PIPELINE`.\n" }, "maxBatchSize": { "type": "integer", "description": "Maximum batching size for a resolver. Valid values are between `0` and `2000`.\n" }, "pipelineConfig": { "$ref": "#/types/aws:appsync/ResolverPipelineConfig:ResolverPipelineConfig", "description": "The caching configuration for the resolver. See Pipeline Config.\n" }, "requestTemplate": { "type": "string", "description": "Request mapping template for UNIT resolver or 'before mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "responseTemplate": { "type": "string", "description": "Response mapping template for UNIT resolver or 'after mapping template' for PIPELINE resolver. Required for non-Lambda resolvers.\n" }, "runtime": { "$ref": "#/types/aws:appsync/ResolverRuntime:ResolverRuntime", "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. See Runtime.\n" }, "syncConfig": { "$ref": "#/types/aws:appsync/ResolverSyncConfig:ResolverSyncConfig", "description": "Describes a Sync configuration for a resolver. See Sync Config.\n" }, "type": { "type": "string", "description": "Type name from the schema defined in the GraphQL API.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:appsync/type:Type": { "description": "Provides an AppSync Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.appsync.GraphQLApi(\"example\", {\n authenticationType: \"API_KEY\",\n name: \"example\",\n});\nconst exampleType = new aws.appsync.Type(\"example\", {\n apiId: example.id,\n format: \"SDL\",\n definition: `type Mutation\n\n{\nputPost(id: ID!,title: String! ): Post\n\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appsync.GraphQLApi(\"example\",\n authentication_type=\"API_KEY\",\n name=\"example\")\nexample_type = aws.appsync.Type(\"example\",\n api_id=example.id,\n format=\"SDL\",\n definition=\"\"\"type Mutation\n\n{\nputPost(id: ID!,title: String! ): Post\n\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AppSync.GraphQLApi(\"example\", new()\n {\n AuthenticationType = \"API_KEY\",\n Name = \"example\",\n });\n\n var exampleType = new Aws.AppSync.Type(\"example\", new()\n {\n ApiId = example.Id,\n Format = \"SDL\",\n Definition = @\"type Mutation\n\n{\nputPost(id: ID!,title: String! ): Post\n\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appsync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := appsync.NewGraphQLApi(ctx, \"example\", \u0026appsync.GraphQLApiArgs{\n\t\t\tAuthenticationType: pulumi.String(\"API_KEY\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appsync.NewType(ctx, \"example\", \u0026appsync.TypeArgs{\n\t\t\tApiId: example.ID(),\n\t\t\tFormat: pulumi.String(\"SDL\"),\n\t\t\tDefinition: pulumi.String(`type Mutation\n\n{\nputPost(id: ID!,title: String! ): Post\n\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appsync.GraphQLApi;\nimport com.pulumi.aws.appsync.GraphQLApiArgs;\nimport com.pulumi.aws.appsync.Type;\nimport com.pulumi.aws.appsync.TypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GraphQLApi(\"example\", GraphQLApiArgs.builder()\n .authenticationType(\"API_KEY\")\n .name(\"example\")\n .build());\n\n var exampleType = new Type(\"exampleType\", TypeArgs.builder()\n .apiId(example.id())\n .format(\"SDL\")\n .definition(\"\"\"\ntype Mutation\n\n{\nputPost(id: ID!,title: String! ): Post\n\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:appsync:GraphQLApi\n properties:\n authenticationType: API_KEY\n name: example\n exampleType:\n type: aws:appsync:Type\n name: example\n properties:\n apiId: ${example.id}\n format: SDL\n definition: |\n type Mutation\n\n {\n putPost(id: ID!,title: String! ): Post\n\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Appsync Types using the `id`. For example:\n\n```sh\n$ pulumi import aws:appsync/type:Type example api-id:format:name\n```\n", "properties": { "apiId": { "type": "string", "description": "GraphQL API ID.\n" }, "arn": { "type": "string", "description": "The ARN of the type.\n" }, "definition": { "type": "string", "description": "The type definition.\n" }, "description": { "type": "string", "description": "The type description.\n" }, "format": { "type": "string", "description": "The type format: `SDL` or `JSON`.\n" }, "name": { "type": "string", "description": "The type name.\n" } }, "required": [ "apiId", "arn", "definition", "description", "format", "name" ], "inputProperties": { "apiId": { "type": "string", "description": "GraphQL API ID.\n", "willReplaceOnChanges": true }, "definition": { "type": "string", "description": "The type definition.\n" }, "format": { "type": "string", "description": "The type format: `SDL` or `JSON`.\n" } }, "requiredInputs": [ "apiId", "definition", "format" ], "stateInputs": { "description": "Input properties used for looking up and filtering Type resources.\n", "properties": { "apiId": { "type": "string", "description": "GraphQL API ID.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The ARN of the type.\n" }, "definition": { "type": "string", "description": "The type definition.\n" }, "description": { "type": "string", "description": "The type description.\n" }, "format": { "type": "string", "description": "The type format: `SDL` or `JSON`.\n" }, "name": { "type": "string", "description": "The type name.\n" } }, "type": "object" } }, "aws:athena/dataCatalog:DataCatalog": { "description": "Provides an Athena data catalog.\n\nMore information about Athena and Athena data catalogs can be found in the [Athena User Guide](https://docs.aws.amazon.com/athena/latest/ug/what-is.html).\n\n\u003e **Tip:** for a more detailed explanation on the usage of `parameters`, see the [DataCatalog API documentation](https://docs.aws.amazon.com/athena/latest/APIReference/API_DataCatalog.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.DataCatalog(\"example\", {\n name: \"athena-data-catalog\",\n description: \"Example Athena data catalog\",\n type: \"LAMBDA\",\n parameters: {\n \"function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\",\n },\n tags: {\n Name: \"example-athena-data-catalog\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.DataCatalog(\"example\",\n name=\"athena-data-catalog\",\n description=\"Example Athena data catalog\",\n type=\"LAMBDA\",\n parameters={\n \"function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\",\n },\n tags={\n \"Name\": \"example-athena-data-catalog\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Athena.DataCatalog(\"example\", new()\n {\n Name = \"athena-data-catalog\",\n Description = \"Example Athena data catalog\",\n Type = \"LAMBDA\",\n Parameters = \n {\n { \"function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\" },\n },\n Tags = \n {\n { \"Name\", \"example-athena-data-catalog\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.NewDataCatalog(ctx, \"example\", \u0026athena.DataCatalogArgs{\n\t\t\tName: pulumi.String(\"athena-data-catalog\"),\n\t\t\tDescription: pulumi.String(\"Example Athena data catalog\"),\n\t\t\tType: pulumi.String(\"LAMBDA\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"function\": pulumi.String(\"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-athena-data-catalog\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.DataCatalog;\nimport com.pulumi.aws.athena.DataCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCatalog(\"example\", DataCatalogArgs.builder()\n .name(\"athena-data-catalog\")\n .description(\"Example Athena data catalog\")\n .type(\"LAMBDA\")\n .parameters(Map.of(\"function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\"))\n .tags(Map.of(\"Name\", \"example-athena-data-catalog\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:athena:DataCatalog\n properties:\n name: athena-data-catalog\n description: Example Athena data catalog\n type: LAMBDA\n parameters:\n function: arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\n tags:\n Name: example-athena-data-catalog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Hive based Data Catalog\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.DataCatalog(\"example\", {\n name: \"hive-data-catalog\",\n description: \"Hive based Data Catalog\",\n type: \"HIVE\",\n parameters: {\n \"metadata-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.DataCatalog(\"example\",\n name=\"hive-data-catalog\",\n description=\"Hive based Data Catalog\",\n type=\"HIVE\",\n parameters={\n \"metadata-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Athena.DataCatalog(\"example\", new()\n {\n Name = \"hive-data-catalog\",\n Description = \"Hive based Data Catalog\",\n Type = \"HIVE\",\n Parameters = \n {\n { \"metadata-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.NewDataCatalog(ctx, \"example\", \u0026athena.DataCatalogArgs{\n\t\t\tName: pulumi.String(\"hive-data-catalog\"),\n\t\t\tDescription: pulumi.String(\"Hive based Data Catalog\"),\n\t\t\tType: pulumi.String(\"HIVE\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"metadata-function\": pulumi.String(\"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.DataCatalog;\nimport com.pulumi.aws.athena.DataCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCatalog(\"example\", DataCatalogArgs.builder()\n .name(\"hive-data-catalog\")\n .description(\"Hive based Data Catalog\")\n .type(\"HIVE\")\n .parameters(Map.of(\"metadata-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:athena:DataCatalog\n properties:\n name: hive-data-catalog\n description: Hive based Data Catalog\n type: HIVE\n parameters:\n metadata-function: arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Glue based Data Catalog\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.DataCatalog(\"example\", {\n name: \"glue-data-catalog\",\n description: \"Glue based Data Catalog\",\n type: \"GLUE\",\n parameters: {\n \"catalog-id\": \"123456789012\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.DataCatalog(\"example\",\n name=\"glue-data-catalog\",\n description=\"Glue based Data Catalog\",\n type=\"GLUE\",\n parameters={\n \"catalog-id\": \"123456789012\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Athena.DataCatalog(\"example\", new()\n {\n Name = \"glue-data-catalog\",\n Description = \"Glue based Data Catalog\",\n Type = \"GLUE\",\n Parameters = \n {\n { \"catalog-id\", \"123456789012\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.NewDataCatalog(ctx, \"example\", \u0026athena.DataCatalogArgs{\n\t\t\tName: pulumi.String(\"glue-data-catalog\"),\n\t\t\tDescription: pulumi.String(\"Glue based Data Catalog\"),\n\t\t\tType: pulumi.String(\"GLUE\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"catalog-id\": pulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.DataCatalog;\nimport com.pulumi.aws.athena.DataCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCatalog(\"example\", DataCatalogArgs.builder()\n .name(\"glue-data-catalog\")\n .description(\"Glue based Data Catalog\")\n .type(\"GLUE\")\n .parameters(Map.of(\"catalog-id\", \"123456789012\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:athena:DataCatalog\n properties:\n name: glue-data-catalog\n description: Glue based Data Catalog\n type: GLUE\n parameters:\n catalog-id: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda based Data Catalog\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.DataCatalog(\"example\", {\n name: \"lambda-data-catalog\",\n description: \"Lambda based Data Catalog\",\n type: \"LAMBDA\",\n parameters: {\n \"metadata-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\",\n \"record-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.DataCatalog(\"example\",\n name=\"lambda-data-catalog\",\n description=\"Lambda based Data Catalog\",\n type=\"LAMBDA\",\n parameters={\n \"metadata-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\",\n \"record-function\": \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Athena.DataCatalog(\"example\", new()\n {\n Name = \"lambda-data-catalog\",\n Description = \"Lambda based Data Catalog\",\n Type = \"LAMBDA\",\n Parameters = \n {\n { \"metadata-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\" },\n { \"record-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.NewDataCatalog(ctx, \"example\", \u0026athena.DataCatalogArgs{\n\t\t\tName: pulumi.String(\"lambda-data-catalog\"),\n\t\t\tDescription: pulumi.String(\"Lambda based Data Catalog\"),\n\t\t\tType: pulumi.String(\"LAMBDA\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"metadata-function\": pulumi.String(\"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\"),\n\t\t\t\t\"record-function\": pulumi.String(\"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.DataCatalog;\nimport com.pulumi.aws.athena.DataCatalogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCatalog(\"example\", DataCatalogArgs.builder()\n .name(\"lambda-data-catalog\")\n .description(\"Lambda based Data Catalog\")\n .type(\"LAMBDA\")\n .parameters(Map.ofEntries(\n Map.entry(\"metadata-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\"),\n Map.entry(\"record-function\", \"arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:athena:DataCatalog\n properties:\n name: lambda-data-catalog\n description: Lambda based Data Catalog\n type: LAMBDA\n parameters:\n metadata-function: arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-1\n record-function: arn:aws:lambda:eu-central-1:123456789012:function:not-important-lambda-function-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import data catalogs using their `name`. For example:\n\n```sh\n$ pulumi import aws:athena/dataCatalog:DataCatalog example example-data-catalog\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the data catalog.\n" }, "description": { "type": "string", "description": "Description of the data catalog.\n" }, "name": { "type": "string", "description": "Name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs that specifies the Lambda function or functions to use for the data catalog. The mapping used depends on the catalog type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of data catalog: `LAMBDA` for a federated catalog, `GLUE` for AWS Glue Catalog, or `HIVE` for an external hive metastore.\n" } }, "required": [ "arn", "description", "name", "parameters", "tagsAll", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the data catalog.\n" }, "name": { "type": "string", "description": "Name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs that specifies the Lambda function or functions to use for the data catalog. The mapping used depends on the catalog type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of data catalog: `LAMBDA` for a federated catalog, `GLUE` for AWS Glue Catalog, or `HIVE` for an external hive metastore.\n" } }, "requiredInputs": [ "description", "parameters", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataCatalog resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the data catalog.\n" }, "description": { "type": "string", "description": "Description of the data catalog.\n" }, "name": { "type": "string", "description": "Name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs that specifies the Lambda function or functions to use for the data catalog. The mapping used depends on the catalog type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of data catalog: `LAMBDA` for a federated catalog, `GLUE` for AWS Glue Catalog, or `HIVE` for an external hive metastore.\n" } }, "type": "object" } }, "aws:athena/database:Database": { "description": "Provides an Athena database.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleDatabase = new aws.athena.Database(\"example\", {\n name: \"database_name\",\n bucket: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_database = aws.athena.Database(\"example\",\n name=\"database_name\",\n bucket=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleDatabase = new Aws.Athena.Database(\"example\", new()\n {\n Name = \"database_name\",\n Bucket = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = athena.NewDatabase(ctx, \"example\", \u0026athena.DatabaseArgs{\n\t\t\tName: pulumi.String(\"database_name\"),\n\t\t\tBucket: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.athena.Database;\nimport com.pulumi.aws.athena.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleDatabase = new Database(\"exampleDatabase\", DatabaseArgs.builder()\n .name(\"database_name\")\n .bucket(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleDatabase:\n type: aws:athena:Database\n name: example\n properties:\n name: database_name\n bucket: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Athena Databases using their name. For example:\n\n```sh\n$ pulumi import aws:athena/database:Database example example\n```\nCertain resource arguments, like `encryption_configuration` and `bucket`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "aclConfiguration": { "$ref": "#/types/aws:athena/DatabaseAclConfiguration:DatabaseAclConfiguration", "description": "That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below.\n" }, "bucket": { "type": "string", "description": "Name of S3 bucket to save the results of the query execution.\n" }, "comment": { "type": "string", "description": "Description of the database.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "Encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. See Encryption Configuration below.\n" }, "expectedBucketOwner": { "type": "string", "description": "AWS account ID that you expect to be the owner of the Amazon S3 bucket.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of custom metadata properties for the database definition.\n" } }, "required": [ "name" ], "inputProperties": { "aclConfiguration": { "$ref": "#/types/aws:athena/DatabaseAclConfiguration:DatabaseAclConfiguration", "description": "That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below.\n", "willReplaceOnChanges": true }, "bucket": { "type": "string", "description": "Name of S3 bucket to save the results of the query execution.\n" }, "comment": { "type": "string", "description": "Description of the database.\n", "willReplaceOnChanges": true }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "Encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. See Encryption Configuration below.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "AWS account ID that you expect to be the owner of the Amazon S3 bucket.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of custom metadata properties for the database definition.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Database resources.\n", "properties": { "aclConfiguration": { "$ref": "#/types/aws:athena/DatabaseAclConfiguration:DatabaseAclConfiguration", "description": "That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below.\n", "willReplaceOnChanges": true }, "bucket": { "type": "string", "description": "Name of S3 bucket to save the results of the query execution.\n" }, "comment": { "type": "string", "description": "Description of the database.\n", "willReplaceOnChanges": true }, "encryptionConfiguration": { "$ref": "#/types/aws:athena/DatabaseEncryptionConfiguration:DatabaseEncryptionConfiguration", "description": "Encryption key block AWS Athena uses to decrypt the data in S3, such as an AWS Key Management Service (AWS KMS) key. See Encryption Configuration below.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "AWS account ID that you expect to be the owner of the Amazon S3 bucket.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all tables should be deleted from the database so that the database can be destroyed without error. The tables are *not* recoverable.\n" }, "name": { "type": "string", "description": "Name of the database to create.\n", "willReplaceOnChanges": true }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of custom metadata properties for the database definition.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:athena/namedQuery:NamedQuery": { "description": "Provides an Athena Named Query resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hoge = new aws.s3.BucketV2(\"hoge\", {bucket: \"tf-test\"});\nconst test = new aws.kms.Key(\"test\", {\n deletionWindowInDays: 7,\n description: \"Athena KMS Key\",\n});\nconst testWorkgroup = new aws.athena.Workgroup(\"test\", {\n name: \"example\",\n configuration: {\n resultConfiguration: {\n encryptionConfiguration: {\n encryptionOption: \"SSE_KMS\",\n kmsKeyArn: test.arn,\n },\n },\n },\n});\nconst hogeDatabase = new aws.athena.Database(\"hoge\", {\n name: \"users\",\n bucket: hoge.id,\n});\nconst foo = new aws.athena.NamedQuery(\"foo\", {\n name: \"bar\",\n workgroup: testWorkgroup.id,\n database: hogeDatabase.name,\n query: pulumi.interpolate`SELECT * FROM ${hogeDatabase.name} limit 10;`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge = aws.s3.BucketV2(\"hoge\", bucket=\"tf-test\")\ntest = aws.kms.Key(\"test\",\n deletion_window_in_days=7,\n description=\"Athena KMS Key\")\ntest_workgroup = aws.athena.Workgroup(\"test\",\n name=\"example\",\n configuration={\n \"result_configuration\": {\n \"encryption_configuration\": {\n \"encryption_option\": \"SSE_KMS\",\n \"kms_key_arn\": test.arn,\n },\n },\n })\nhoge_database = aws.athena.Database(\"hoge\",\n name=\"users\",\n bucket=hoge.id)\nfoo = aws.athena.NamedQuery(\"foo\",\n name=\"bar\",\n workgroup=test_workgroup.id,\n database=hoge_database.name,\n query=hoge_database.name.apply(lambda name: f\"SELECT * FROM {name} limit 10;\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var hoge = new Aws.S3.BucketV2(\"hoge\", new()\n {\n Bucket = \"tf-test\",\n });\n\n var test = new Aws.Kms.Key(\"test\", new()\n {\n DeletionWindowInDays = 7,\n Description = \"Athena KMS Key\",\n });\n\n var testWorkgroup = new Aws.Athena.Workgroup(\"test\", new()\n {\n Name = \"example\",\n Configuration = new Aws.Athena.Inputs.WorkgroupConfigurationArgs\n {\n ResultConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationArgs\n {\n EncryptionConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs\n {\n EncryptionOption = \"SSE_KMS\",\n KmsKeyArn = test.Arn,\n },\n },\n },\n });\n\n var hogeDatabase = new Aws.Athena.Database(\"hoge\", new()\n {\n Name = \"users\",\n Bucket = hoge.Id,\n });\n\n var foo = new Aws.Athena.NamedQuery(\"foo\", new()\n {\n Name = \"bar\",\n Workgroup = testWorkgroup.Id,\n Database = hogeDatabase.Name,\n Query = hogeDatabase.Name.Apply(name =\u003e $\"SELECT * FROM {name} limit 10;\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\thoge, err := s3.NewBucketV2(ctx, \"hoge\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := kms.NewKey(ctx, \"test\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tDescription: pulumi.String(\"Athena KMS Key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWorkgroup, err := athena.NewWorkgroup(ctx, \"test\", \u0026athena.WorkgroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026athena.WorkgroupConfigurationArgs{\n\t\t\t\tResultConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationArgs{\n\t\t\t\t\tEncryptionConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tEncryptionOption: pulumi.String(\"SSE_KMS\"),\n\t\t\t\t\t\tKmsKeyArn: test.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\thogeDatabase, err := athena.NewDatabase(ctx, \"hoge\", \u0026athena.DatabaseArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t\tBucket: hoge.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = athena.NewNamedQuery(ctx, \"foo\", \u0026athena.NamedQueryArgs{\n\t\t\tName: pulumi.String(\"bar\"),\n\t\t\tWorkgroup: testWorkgroup.ID(),\n\t\t\tDatabase: hogeDatabase.Name,\n\t\t\tQuery: hogeDatabase.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"SELECT * FROM %v limit 10;\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.athena.Workgroup;\nimport com.pulumi.aws.athena.WorkgroupArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationResultConfigurationArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.athena.Database;\nimport com.pulumi.aws.athena.DatabaseArgs;\nimport com.pulumi.aws.athena.NamedQuery;\nimport com.pulumi.aws.athena.NamedQueryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var hoge = new BucketV2(\"hoge\", BucketV2Args.builder()\n .bucket(\"tf-test\")\n .build());\n\n var test = new Key(\"test\", KeyArgs.builder()\n .deletionWindowInDays(7)\n .description(\"Athena KMS Key\")\n .build());\n\n var testWorkgroup = new Workgroup(\"testWorkgroup\", WorkgroupArgs.builder()\n .name(\"example\")\n .configuration(WorkgroupConfigurationArgs.builder()\n .resultConfiguration(WorkgroupConfigurationResultConfigurationArgs.builder()\n .encryptionConfiguration(WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs.builder()\n .encryptionOption(\"SSE_KMS\")\n .kmsKeyArn(test.arn())\n .build())\n .build())\n .build())\n .build());\n\n var hogeDatabase = new Database(\"hogeDatabase\", DatabaseArgs.builder()\n .name(\"users\")\n .bucket(hoge.id())\n .build());\n\n var foo = new NamedQuery(\"foo\", NamedQueryArgs.builder()\n .name(\"bar\")\n .workgroup(testWorkgroup.id())\n .database(hogeDatabase.name())\n .query(hogeDatabase.name().applyValue(name -\u003e String.format(\"SELECT * FROM %s limit 10;\", name)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n hoge:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test\n test:\n type: aws:kms:Key\n properties:\n deletionWindowInDays: 7\n description: Athena KMS Key\n testWorkgroup:\n type: aws:athena:Workgroup\n name: test\n properties:\n name: example\n configuration:\n resultConfiguration:\n encryptionConfiguration:\n encryptionOption: SSE_KMS\n kmsKeyArn: ${test.arn}\n hogeDatabase:\n type: aws:athena:Database\n name: hoge\n properties:\n name: users\n bucket: ${hoge.id}\n foo:\n type: aws:athena:NamedQuery\n properties:\n name: bar\n workgroup: ${testWorkgroup.id}\n database: ${hogeDatabase.name}\n query: SELECT * FROM ${hogeDatabase.name} limit 10;\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Athena Named Query using the query ID. For example:\n\n```sh\n$ pulumi import aws:athena/namedQuery:NamedQuery example 0123456789\n```\n", "properties": { "database": { "type": "string", "description": "Database to which the query belongs.\n" }, "description": { "type": "string", "description": "Brief explanation of the query. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "Plain language name for the query. Maximum length of 128.\n" }, "query": { "type": "string", "description": "Text of the query itself. In other words, all query statements. Maximum length of 262144.\n" }, "workgroup": { "type": "string", "description": "Workgroup to which the query belongs. Defaults to `primary`\n" } }, "required": [ "database", "name", "query" ], "inputProperties": { "database": { "type": "string", "description": "Database to which the query belongs.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Brief explanation of the query. Maximum length of 1024.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Plain language name for the query. Maximum length of 128.\n", "willReplaceOnChanges": true }, "query": { "type": "string", "description": "Text of the query itself. In other words, all query statements. Maximum length of 262144.\n", "willReplaceOnChanges": true }, "workgroup": { "type": "string", "description": "Workgroup to which the query belongs. Defaults to `primary`\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "database", "query" ], "stateInputs": { "description": "Input properties used for looking up and filtering NamedQuery resources.\n", "properties": { "database": { "type": "string", "description": "Database to which the query belongs.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Brief explanation of the query. Maximum length of 1024.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Plain language name for the query. Maximum length of 128.\n", "willReplaceOnChanges": true }, "query": { "type": "string", "description": "Text of the query itself. In other words, all query statements. Maximum length of 262144.\n", "willReplaceOnChanges": true }, "workgroup": { "type": "string", "description": "Workgroup to which the query belongs. Defaults to `primary`\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:athena/preparedStatement:PreparedStatement": { "description": "Resource for managing an Athena Prepared Statement.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.s3.BucketV2(\"test\", {\n bucket: \"tf-test\",\n forceDestroy: true,\n});\nconst testWorkgroup = new aws.athena.Workgroup(\"test\", {name: \"tf-test\"});\nconst testDatabase = new aws.athena.Database(\"test\", {\n name: \"example\",\n bucket: test.bucket,\n});\nconst testPreparedStatement = new aws.athena.PreparedStatement(\"test\", {\n name: \"tf_test\",\n queryStatement: pulumi.interpolate`SELECT * FROM ${testDatabase.name} WHERE x = ?`,\n workgroup: testWorkgroup.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.s3.BucketV2(\"test\",\n bucket=\"tf-test\",\n force_destroy=True)\ntest_workgroup = aws.athena.Workgroup(\"test\", name=\"tf-test\")\ntest_database = aws.athena.Database(\"test\",\n name=\"example\",\n bucket=test.bucket)\ntest_prepared_statement = aws.athena.PreparedStatement(\"test\",\n name=\"tf_test\",\n query_statement=test_database.name.apply(lambda name: f\"SELECT * FROM {name} WHERE x = ?\"),\n workgroup=test_workgroup.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.S3.BucketV2(\"test\", new()\n {\n Bucket = \"tf-test\",\n ForceDestroy = true,\n });\n\n var testWorkgroup = new Aws.Athena.Workgroup(\"test\", new()\n {\n Name = \"tf-test\",\n });\n\n var testDatabase = new Aws.Athena.Database(\"test\", new()\n {\n Name = \"example\",\n Bucket = test.Bucket,\n });\n\n var testPreparedStatement = new Aws.Athena.PreparedStatement(\"test\", new()\n {\n Name = \"tf_test\",\n QueryStatement = testDatabase.Name.Apply(name =\u003e $\"SELECT * FROM {name} WHERE x = ?\"),\n Workgroup = testWorkgroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := s3.NewBucketV2(ctx, \"test\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWorkgroup, err := athena.NewWorkgroup(ctx, \"test\", \u0026athena.WorkgroupArgs{\n\t\t\tName: pulumi.String(\"tf-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDatabase, err := athena.NewDatabase(ctx, \"test\", \u0026athena.DatabaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tBucket: test.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = athena.NewPreparedStatement(ctx, \"test\", \u0026athena.PreparedStatementArgs{\n\t\t\tName: pulumi.String(\"tf_test\"),\n\t\t\tQueryStatement: testDatabase.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"SELECT * FROM %v WHERE x = ?\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tWorkgroup: testWorkgroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.athena.Workgroup;\nimport com.pulumi.aws.athena.WorkgroupArgs;\nimport com.pulumi.aws.athena.Database;\nimport com.pulumi.aws.athena.DatabaseArgs;\nimport com.pulumi.aws.athena.PreparedStatement;\nimport com.pulumi.aws.athena.PreparedStatementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new BucketV2(\"test\", BucketV2Args.builder()\n .bucket(\"tf-test\")\n .forceDestroy(true)\n .build());\n\n var testWorkgroup = new Workgroup(\"testWorkgroup\", WorkgroupArgs.builder()\n .name(\"tf-test\")\n .build());\n\n var testDatabase = new Database(\"testDatabase\", DatabaseArgs.builder()\n .name(\"example\")\n .bucket(test.bucket())\n .build());\n\n var testPreparedStatement = new PreparedStatement(\"testPreparedStatement\", PreparedStatementArgs.builder()\n .name(\"tf_test\")\n .queryStatement(testDatabase.name().applyValue(name -\u003e String.format(\"SELECT * FROM %s WHERE x = ?\", name)))\n .workgroup(testWorkgroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test\n forceDestroy: true\n testWorkgroup:\n type: aws:athena:Workgroup\n name: test\n properties:\n name: tf-test\n testDatabase:\n type: aws:athena:Database\n name: test\n properties:\n name: example\n bucket: ${test.bucket}\n testPreparedStatement:\n type: aws:athena:PreparedStatement\n name: test\n properties:\n name: tf_test\n queryStatement: SELECT * FROM ${testDatabase.name} WHERE x = ?\n workgroup: ${testWorkgroup.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Athena Prepared Statement using the `WORKGROUP-NAME/STATEMENT-NAME`. For example:\n\n```sh\n$ pulumi import aws:athena/preparedStatement:PreparedStatement example 12345abcde/example\n```\n", "properties": { "description": { "type": "string", "description": "Brief explanation of prepared statement. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The name of the prepared statement. Maximum length of 256.\n" }, "queryStatement": { "type": "string", "description": "The query string for the prepared statement.\n" }, "workgroup": { "type": "string", "description": "The name of the workgroup to which the prepared statement belongs.\n" } }, "required": [ "name", "queryStatement", "workgroup" ], "inputProperties": { "description": { "type": "string", "description": "Brief explanation of prepared statement. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The name of the prepared statement. Maximum length of 256.\n", "willReplaceOnChanges": true }, "queryStatement": { "type": "string", "description": "The query string for the prepared statement.\n" }, "workgroup": { "type": "string", "description": "The name of the workgroup to which the prepared statement belongs.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "queryStatement", "workgroup" ], "stateInputs": { "description": "Input properties used for looking up and filtering PreparedStatement resources.\n", "properties": { "description": { "type": "string", "description": "Brief explanation of prepared statement. Maximum length of 1024.\n" }, "name": { "type": "string", "description": "The name of the prepared statement. Maximum length of 256.\n", "willReplaceOnChanges": true }, "queryStatement": { "type": "string", "description": "The query string for the prepared statement.\n" }, "workgroup": { "type": "string", "description": "The name of the workgroup to which the prepared statement belongs.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:athena/workgroup:Workgroup": { "description": "Provides an Athena Workgroup.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.athena.Workgroup(\"example\", {\n name: \"example\",\n configuration: {\n enforceWorkgroupConfiguration: true,\n publishCloudwatchMetricsEnabled: true,\n resultConfiguration: {\n outputLocation: `s3://${exampleAwsS3Bucket.bucket}/output/`,\n encryptionConfiguration: {\n encryptionOption: \"SSE_KMS\",\n kmsKeyArn: exampleAwsKmsKey.arn,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.Workgroup(\"example\",\n name=\"example\",\n configuration={\n \"enforce_workgroup_configuration\": True,\n \"publish_cloudwatch_metrics_enabled\": True,\n \"result_configuration\": {\n \"output_location\": f\"s3://{example_aws_s3_bucket['bucket']}/output/\",\n \"encryption_configuration\": {\n \"encryption_option\": \"SSE_KMS\",\n \"kms_key_arn\": example_aws_kms_key[\"arn\"],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Athena.Workgroup(\"example\", new()\n {\n Name = \"example\",\n Configuration = new Aws.Athena.Inputs.WorkgroupConfigurationArgs\n {\n EnforceWorkgroupConfiguration = true,\n PublishCloudwatchMetricsEnabled = true,\n ResultConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationArgs\n {\n OutputLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/output/\",\n EncryptionConfiguration = new Aws.Athena.Inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs\n {\n EncryptionOption = \"SSE_KMS\",\n KmsKeyArn = exampleAwsKmsKey.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.NewWorkgroup(ctx, \"example\", \u0026athena.WorkgroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026athena.WorkgroupConfigurationArgs{\n\t\t\t\tEnforceWorkgroupConfiguration: pulumi.Bool(true),\n\t\t\t\tPublishCloudwatchMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tResultConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationArgs{\n\t\t\t\t\tOutputLocation: pulumi.String(fmt.Sprintf(\"s3://%v/output/\", exampleAwsS3Bucket.Bucket)),\n\t\t\t\t\tEncryptionConfiguration: \u0026athena.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tEncryptionOption: pulumi.String(\"SSE_KMS\"),\n\t\t\t\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.Workgroup;\nimport com.pulumi.aws.athena.WorkgroupArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationResultConfigurationArgs;\nimport com.pulumi.aws.athena.inputs.WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workgroup(\"example\", WorkgroupArgs.builder()\n .name(\"example\")\n .configuration(WorkgroupConfigurationArgs.builder()\n .enforceWorkgroupConfiguration(true)\n .publishCloudwatchMetricsEnabled(true)\n .resultConfiguration(WorkgroupConfigurationResultConfigurationArgs.builder()\n .outputLocation(String.format(\"s3://%s/output/\", exampleAwsS3Bucket.bucket()))\n .encryptionConfiguration(WorkgroupConfigurationResultConfigurationEncryptionConfigurationArgs.builder()\n .encryptionOption(\"SSE_KMS\")\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:athena:Workgroup\n properties:\n name: example\n configuration:\n enforceWorkgroupConfiguration: true\n publishCloudwatchMetricsEnabled: true\n resultConfiguration:\n outputLocation: s3://${exampleAwsS3Bucket.bucket}/output/\n encryptionConfiguration:\n encryptionOption: SSE_KMS\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Athena Workgroups using their name. For example:\n\n```sh\n$ pulumi import aws:athena/workgroup:Workgroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the workgroup\n" }, "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "Option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n" }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "Option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Workgroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the workgroup\n" }, "configuration": { "$ref": "#/types/aws:athena/WorkgroupConfiguration:WorkgroupConfiguration", "description": "Configuration block with various settings for the workgroup. Documented below.\n" }, "description": { "type": "string", "description": "Description of the workgroup.\n" }, "forceDestroy": { "type": "boolean", "description": "Option to delete the workgroup and its contents even if the workgroup contains any named queries.\n" }, "name": { "type": "string", "description": "Name of the workgroup.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the workgroup. Valid values are `DISABLED` or `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workgroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:auditmanager/accountRegistration:AccountRegistration": { "description": "Resource for managing AWS Audit Manager Account Registration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.AccountRegistration(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.AccountRegistration(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.AccountRegistration(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewAccountRegistration(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AccountRegistration;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccountRegistration(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:AccountRegistration\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Deregister On Destroy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.AccountRegistration(\"example\", {deregisterOnDestroy: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.AccountRegistration(\"example\", deregister_on_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.AccountRegistration(\"example\", new()\n {\n DeregisterOnDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewAccountRegistration(ctx, \"example\", \u0026auditmanager.AccountRegistrationArgs{\n\t\t\tDeregisterOnDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AccountRegistration;\nimport com.pulumi.aws.auditmanager.AccountRegistrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccountRegistration(\"example\", AccountRegistrationArgs.builder()\n .deregisterOnDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:AccountRegistration\n properties:\n deregisterOnDestroy: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Account Registration resources using the `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/accountRegistration:AccountRegistration example us-east-1\n```\n", "properties": { "delegatedAdminAccount": { "type": "string", "description": "Identifier for the delegated administrator account.\n" }, "deregisterOnDestroy": { "type": "boolean", "description": "Flag to deregister AuditManager in the account upon destruction. Defaults to `false` (ie. AuditManager will remain active in the account, even if this resource is removed).\n" }, "kmsKey": { "type": "string", "description": "KMS key identifier.\n" }, "status": { "type": "string", "description": "Status of the account registration request.\n" } }, "required": [ "status" ], "inputProperties": { "delegatedAdminAccount": { "type": "string", "description": "Identifier for the delegated administrator account.\n" }, "deregisterOnDestroy": { "type": "boolean", "description": "Flag to deregister AuditManager in the account upon destruction. Defaults to `false` (ie. AuditManager will remain active in the account, even if this resource is removed).\n" }, "kmsKey": { "type": "string", "description": "KMS key identifier.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccountRegistration resources.\n", "properties": { "delegatedAdminAccount": { "type": "string", "description": "Identifier for the delegated administrator account.\n" }, "deregisterOnDestroy": { "type": "boolean", "description": "Flag to deregister AuditManager in the account upon destruction. Defaults to `false` (ie. AuditManager will remain active in the account, even if this resource is removed).\n" }, "kmsKey": { "type": "string", "description": "KMS key identifier.\n" }, "status": { "type": "string", "description": "Status of the account registration request.\n" } }, "type": "object" } }, "aws:auditmanager/assessment:Assessment": { "description": "Resource for managing an AWS Audit Manager Assessment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.auditmanager.Assessment(\"test\", {\n name: \"example\",\n assessmentReportsDestination: {\n destination: `s3://${testAwsS3Bucket.id}`,\n destinationType: \"S3\",\n },\n frameworkId: testAwsAuditmanagerFramework.id,\n roles: [{\n roleArn: testAwsIamRole.arn,\n roleType: \"PROCESS_OWNER\",\n }],\n scope: {\n awsAccounts: [{\n id: current.accountId,\n }],\n awsServices: [{\n serviceName: \"S3\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.auditmanager.Assessment(\"test\",\n name=\"example\",\n assessment_reports_destination={\n \"destination\": f\"s3://{test_aws_s3_bucket['id']}\",\n \"destination_type\": \"S3\",\n },\n framework_id=test_aws_auditmanager_framework[\"id\"],\n roles=[{\n \"role_arn\": test_aws_iam_role[\"arn\"],\n \"role_type\": \"PROCESS_OWNER\",\n }],\n scope={\n \"aws_accounts\": [{\n \"id\": current[\"accountId\"],\n }],\n \"aws_services\": [{\n \"service_name\": \"S3\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Auditmanager.Assessment(\"test\", new()\n {\n Name = \"example\",\n AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs\n {\n Destination = $\"s3://{testAwsS3Bucket.Id}\",\n DestinationType = \"S3\",\n },\n FrameworkId = testAwsAuditmanagerFramework.Id,\n Roles = new[]\n {\n new Aws.Auditmanager.Inputs.AssessmentRoleArgs\n {\n RoleArn = testAwsIamRole.Arn,\n RoleType = \"PROCESS_OWNER\",\n },\n },\n Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs\n {\n AwsAccounts = new[]\n {\n new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs\n {\n Id = current.AccountId,\n },\n },\n AwsServices = new[]\n {\n new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs\n {\n ServiceName = \"S3\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewAssessment(ctx, \"test\", \u0026auditmanager.AssessmentArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssessmentReportsDestination: \u0026auditmanager.AssessmentAssessmentReportsDestinationArgs{\n\t\t\t\tDestination: pulumi.String(fmt.Sprintf(\"s3://%v\", testAwsS3Bucket.Id)),\n\t\t\t\tDestinationType: pulumi.String(\"S3\"),\n\t\t\t},\n\t\t\tFrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),\n\t\t\tRoles: auditmanager.AssessmentRoleArray{\n\t\t\t\t\u0026auditmanager.AssessmentRoleArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(testAwsIamRole.Arn),\n\t\t\t\t\tRoleType: pulumi.String(\"PROCESS_OWNER\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScope: \u0026auditmanager.AssessmentScopeArgs{\n\t\t\t\tAwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{\n\t\t\t\t\t\u0026auditmanager.AssessmentScopeAwsAccountArgs{\n\t\t\t\t\t\tId: pulumi.Any(current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAwsServices: auditmanager.AssessmentScopeAwsServiceArray{\n\t\t\t\t\t\u0026auditmanager.AssessmentScopeAwsServiceArgs{\n\t\t\t\t\t\tServiceName: pulumi.String(\"S3\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.Assessment;\nimport com.pulumi.aws.auditmanager.AssessmentArgs;\nimport com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;\nimport com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;\nimport com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Assessment(\"test\", AssessmentArgs.builder()\n .name(\"example\")\n .assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()\n .destination(String.format(\"s3://%s\", testAwsS3Bucket.id()))\n .destinationType(\"S3\")\n .build())\n .frameworkId(testAwsAuditmanagerFramework.id())\n .roles(AssessmentRoleArgs.builder()\n .roleArn(testAwsIamRole.arn())\n .roleType(\"PROCESS_OWNER\")\n .build())\n .scope(AssessmentScopeArgs.builder()\n .awsAccounts(AssessmentScopeAwsAccountArgs.builder()\n .id(current.accountId())\n .build())\n .awsServices(AssessmentScopeAwsServiceArgs.builder()\n .serviceName(\"S3\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:auditmanager:Assessment\n properties:\n name: example\n assessmentReportsDestination:\n destination: s3://${testAwsS3Bucket.id}\n destinationType: S3\n frameworkId: ${testAwsAuditmanagerFramework.id}\n roles:\n - roleArn: ${testAwsIamRole.arn}\n roleType: PROCESS_OWNER\n scope:\n awsAccounts:\n - id: ${current.accountId}\n awsServices:\n - serviceName: S3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Assessments using the assessment `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the assessment.\n" }, "assessmentReportsDestination": { "$ref": "#/types/aws:auditmanager/AssessmentAssessmentReportsDestination:AssessmentAssessmentReportsDestination", "description": "Assessment report storage destination configuration. See `assessment_reports_destination` below.\n" }, "description": { "type": "string", "description": "Description of the assessment.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier of the framework the assessment will be created from.\n" }, "name": { "type": "string", "description": "Name of the assessment.\n" }, "roles": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentRole:AssessmentRole" }, "description": "List of roles for the assessment. See `roles` below.\n" }, "rolesAlls": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentRolesAll:AssessmentRolesAll" }, "description": "Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the `roles` block, and any roles which have access to all Audit Manager assessments by default.\n" }, "scope": { "$ref": "#/types/aws:auditmanager/AssessmentScope:AssessmentScope", "description": "Amazon Web Services accounts and services that are in scope for the assessment. See `scope` below.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the assessment. Valid values are `ACTIVE` and `INACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the assessment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "frameworkId", "name", "roles", "rolesAlls", "status", "tagsAll" ], "inputProperties": { "assessmentReportsDestination": { "$ref": "#/types/aws:auditmanager/AssessmentAssessmentReportsDestination:AssessmentAssessmentReportsDestination", "description": "Assessment report storage destination configuration. See `assessment_reports_destination` below.\n" }, "description": { "type": "string", "description": "Description of the assessment.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier of the framework the assessment will be created from.\n" }, "name": { "type": "string", "description": "Name of the assessment.\n" }, "roles": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentRole:AssessmentRole" }, "description": "List of roles for the assessment. See `roles` below.\n" }, "scope": { "$ref": "#/types/aws:auditmanager/AssessmentScope:AssessmentScope", "description": "Amazon Web Services accounts and services that are in scope for the assessment. See `scope` below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the assessment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "frameworkId", "roles" ], "stateInputs": { "description": "Input properties used for looking up and filtering Assessment resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the assessment.\n" }, "assessmentReportsDestination": { "$ref": "#/types/aws:auditmanager/AssessmentAssessmentReportsDestination:AssessmentAssessmentReportsDestination", "description": "Assessment report storage destination configuration. See `assessment_reports_destination` below.\n" }, "description": { "type": "string", "description": "Description of the assessment.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier of the framework the assessment will be created from.\n" }, "name": { "type": "string", "description": "Name of the assessment.\n" }, "roles": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentRole:AssessmentRole" }, "description": "List of roles for the assessment. See `roles` below.\n" }, "rolesAlls": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/AssessmentRolesAll:AssessmentRolesAll" }, "description": "Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the `roles` block, and any roles which have access to all Audit Manager assessments by default.\n" }, "scope": { "$ref": "#/types/aws:auditmanager/AssessmentScope:AssessmentScope", "description": "Amazon Web Services accounts and services that are in scope for the assessment. See `scope` below.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the assessment. Valid values are `ACTIVE` and `INACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the assessment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:auditmanager/assessmentDelegation:AssessmentDelegation": { "description": "Resource for managing an AWS Audit Manager Assessment Delegation.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.AssessmentDelegation(\"example\", {\n assessmentId: exampleAwsAuditmanagerAssessment.id,\n roleArn: exampleAwsIamRole.arn,\n roleType: \"RESOURCE_OWNER\",\n controlSetId: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.AssessmentDelegation(\"example\",\n assessment_id=example_aws_auditmanager_assessment[\"id\"],\n role_arn=example_aws_iam_role[\"arn\"],\n role_type=\"RESOURCE_OWNER\",\n control_set_id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.AssessmentDelegation(\"example\", new()\n {\n AssessmentId = exampleAwsAuditmanagerAssessment.Id,\n RoleArn = exampleAwsIamRole.Arn,\n RoleType = \"RESOURCE_OWNER\",\n ControlSetId = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewAssessmentDelegation(ctx, \"example\", \u0026auditmanager.AssessmentDelegationArgs{\n\t\t\tAssessmentId: pulumi.Any(exampleAwsAuditmanagerAssessment.Id),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tRoleType: pulumi.String(\"RESOURCE_OWNER\"),\n\t\t\tControlSetId: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AssessmentDelegation;\nimport com.pulumi.aws.auditmanager.AssessmentDelegationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AssessmentDelegation(\"example\", AssessmentDelegationArgs.builder()\n .assessmentId(exampleAwsAuditmanagerAssessment.id())\n .roleArn(exampleAwsIamRole.arn())\n .roleType(\"RESOURCE_OWNER\")\n .controlSetId(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:AssessmentDelegation\n properties:\n assessmentId: ${exampleAwsAuditmanagerAssessment.id}\n roleArn: ${exampleAwsIamRole.arn}\n roleType: RESOURCE_OWNER\n controlSetId: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Assessment Delegation using the `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/assessmentDelegation:AssessmentDelegation example abcdef-123456,arn:aws:iam::012345678901:role/example,example\n```\n", "properties": { "assessmentId": { "type": "string", "description": "Identifier for the assessment.\n" }, "comment": { "type": "string", "description": "Comment describing the delegation request.\n" }, "controlSetId": { "type": "string", "description": "Assessment control set name. This value is the control set name used during assessment creation (not the AWS-generated ID). The `_id` suffix on this attribute has been preserved to be consistent with the underlying AWS API.\n" }, "delegationId": { "type": "string", "description": "Unique identifier for the delegation.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\n" }, "roleType": { "type": "string", "description": "Type of customer persona. For assessment delegation, type must always be `RESOURCE_OWNER`.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the delegation.\n" } }, "required": [ "assessmentId", "controlSetId", "delegationId", "roleArn", "roleType", "status" ], "inputProperties": { "assessmentId": { "type": "string", "description": "Identifier for the assessment.\n" }, "comment": { "type": "string", "description": "Comment describing the delegation request.\n" }, "controlSetId": { "type": "string", "description": "Assessment control set name. This value is the control set name used during assessment creation (not the AWS-generated ID). The `_id` suffix on this attribute has been preserved to be consistent with the underlying AWS API.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\n" }, "roleType": { "type": "string", "description": "Type of customer persona. For assessment delegation, type must always be `RESOURCE_OWNER`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "assessmentId", "controlSetId", "roleArn", "roleType" ], "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentDelegation resources.\n", "properties": { "assessmentId": { "type": "string", "description": "Identifier for the assessment.\n" }, "comment": { "type": "string", "description": "Comment describing the delegation request.\n" }, "controlSetId": { "type": "string", "description": "Assessment control set name. This value is the control set name used during assessment creation (not the AWS-generated ID). The `_id` suffix on this attribute has been preserved to be consistent with the underlying AWS API.\n" }, "delegationId": { "type": "string", "description": "Unique identifier for the delegation.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role.\n" }, "roleType": { "type": "string", "description": "Type of customer persona. For assessment delegation, type must always be `RESOURCE_OWNER`.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the delegation.\n" } }, "type": "object" } }, "aws:auditmanager/assessmentReport:AssessmentReport": { "description": "Resource for managing an AWS Audit Manager Assessment Report.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.auditmanager.AssessmentReport(\"test\", {\n name: \"example\",\n assessmentId: testAwsAuditmanagerAssessment.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.auditmanager.AssessmentReport(\"test\",\n name=\"example\",\n assessment_id=test_aws_auditmanager_assessment[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Auditmanager.AssessmentReport(\"test\", new()\n {\n Name = \"example\",\n AssessmentId = testAwsAuditmanagerAssessment.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewAssessmentReport(ctx, \"test\", \u0026auditmanager.AssessmentReportArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssessmentId: pulumi.Any(testAwsAuditmanagerAssessment.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AssessmentReport;\nimport com.pulumi.aws.auditmanager.AssessmentReportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AssessmentReport(\"test\", AssessmentReportArgs.builder()\n .name(\"example\")\n .assessmentId(testAwsAuditmanagerAssessment.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:auditmanager:AssessmentReport\n properties:\n name: example\n assessmentId: ${testAwsAuditmanagerAssessment.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Assessment Reports using the assessment report `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/assessmentReport:AssessmentReport example abc123-de45\n```\n", "properties": { "assessmentId": { "type": "string", "description": "Unique identifier of the assessment to create the report from.\n\nThe following arguments are optional:\n" }, "author": { "type": "string", "description": "Name of the user who created the assessment report.\n" }, "description": { "type": "string", "description": "Description of the assessment report.\n" }, "name": { "type": "string", "description": "Name of the assessment report.\n" }, "status": { "type": "string", "description": "Current status of the specified assessment report. Valid values are `COMPLETE`, `IN_PROGRESS`, and `FAILED`.\n" } }, "required": [ "assessmentId", "author", "name", "status" ], "inputProperties": { "assessmentId": { "type": "string", "description": "Unique identifier of the assessment to create the report from.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the assessment report.\n" }, "name": { "type": "string", "description": "Name of the assessment report.\n" } }, "requiredInputs": [ "assessmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentReport resources.\n", "properties": { "assessmentId": { "type": "string", "description": "Unique identifier of the assessment to create the report from.\n\nThe following arguments are optional:\n" }, "author": { "type": "string", "description": "Name of the user who created the assessment report.\n" }, "description": { "type": "string", "description": "Description of the assessment report.\n" }, "name": { "type": "string", "description": "Name of the assessment report.\n" }, "status": { "type": "string", "description": "Current status of the specified assessment report. Valid values are `COMPLETE`, `IN_PROGRESS`, and `FAILED`.\n" } }, "type": "object" } }, "aws:auditmanager/control:Control": { "description": "Resource for managing an AWS Audit Manager Control.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.Control(\"example\", {\n name: \"example\",\n controlMappingSources: [{\n sourceName: \"example\",\n sourceSetUpOption: \"Procedural_Controls_Mapping\",\n sourceType: \"MANUAL\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.Control(\"example\",\n name=\"example\",\n control_mapping_sources=[{\n \"source_name\": \"example\",\n \"source_set_up_option\": \"Procedural_Controls_Mapping\",\n \"source_type\": \"MANUAL\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.Control(\"example\", new()\n {\n Name = \"example\",\n ControlMappingSources = new[]\n {\n new Aws.Auditmanager.Inputs.ControlControlMappingSourceArgs\n {\n SourceName = \"example\",\n SourceSetUpOption = \"Procedural_Controls_Mapping\",\n SourceType = \"MANUAL\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewControl(ctx, \"example\", \u0026auditmanager.ControlArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tControlMappingSources: auditmanager.ControlControlMappingSourceArray{\n\t\t\t\t\u0026auditmanager.ControlControlMappingSourceArgs{\n\t\t\t\t\tSourceName: pulumi.String(\"example\"),\n\t\t\t\t\tSourceSetUpOption: pulumi.String(\"Procedural_Controls_Mapping\"),\n\t\t\t\t\tSourceType: pulumi.String(\"MANUAL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.Control;\nimport com.pulumi.aws.auditmanager.ControlArgs;\nimport com.pulumi.aws.auditmanager.inputs.ControlControlMappingSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Control(\"example\", ControlArgs.builder()\n .name(\"example\")\n .controlMappingSources(ControlControlMappingSourceArgs.builder()\n .sourceName(\"example\")\n .sourceSetUpOption(\"Procedural_Controls_Mapping\")\n .sourceType(\"MANUAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:Control\n properties:\n name: example\n controlMappingSources:\n - sourceName: example\n sourceSetUpOption: Procedural_Controls_Mapping\n sourceType: MANUAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Audit Manager Control using the `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/control:Control example abc123-de45\n```\n", "properties": { "actionPlanInstructions": { "type": "string", "description": "Recommended actions to carry out if the control isn't fulfilled.\n" }, "actionPlanTitle": { "type": "string", "description": "Title of the action plan for remediating the control.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the control.\n* `control_mapping_sources.*.source_id` - Unique identifier for the source.\n" }, "controlMappingSources": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/ControlControlMappingSource:ControlControlMappingSource" }, "description": "Data mapping sources. See `control_mapping_sources` below.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the control.\n" }, "name": { "type": "string", "description": "Name of the control.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the control. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "testingInformation": { "type": "string", "description": "Steps to follow to determine if the control is satisfied.\n" }, "type": { "type": "string", "description": "Type of control, such as a custom control or a standard control.\n" } }, "required": [ "arn", "name", "tagsAll", "type" ], "inputProperties": { "actionPlanInstructions": { "type": "string", "description": "Recommended actions to carry out if the control isn't fulfilled.\n" }, "actionPlanTitle": { "type": "string", "description": "Title of the action plan for remediating the control.\n" }, "controlMappingSources": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/ControlControlMappingSource:ControlControlMappingSource" }, "description": "Data mapping sources. See `control_mapping_sources` below.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the control.\n" }, "name": { "type": "string", "description": "Name of the control.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the control. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "testingInformation": { "type": "string", "description": "Steps to follow to determine if the control is satisfied.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Control resources.\n", "properties": { "actionPlanInstructions": { "type": "string", "description": "Recommended actions to carry out if the control isn't fulfilled.\n" }, "actionPlanTitle": { "type": "string", "description": "Title of the action plan for remediating the control.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the control.\n* `control_mapping_sources.*.source_id` - Unique identifier for the source.\n" }, "controlMappingSources": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/ControlControlMappingSource:ControlControlMappingSource" }, "description": "Data mapping sources. See `control_mapping_sources` below.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the control.\n" }, "name": { "type": "string", "description": "Name of the control.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the control. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "testingInformation": { "type": "string", "description": "Steps to follow to determine if the control is satisfied.\n" }, "type": { "type": "string", "description": "Type of control, such as a custom control or a standard control.\n" } }, "type": "object" } }, "aws:auditmanager/framework:Framework": { "description": "Resource for managing an AWS Audit Manager Framework.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.auditmanager.Framework(\"test\", {\n name: \"example\",\n controlSets: [{\n name: \"example\",\n controls: [\n {\n id: test1.id,\n },\n {\n id: test2.id,\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.auditmanager.Framework(\"test\",\n name=\"example\",\n control_sets=[{\n \"name\": \"example\",\n \"controls\": [\n {\n \"id\": test1[\"id\"],\n },\n {\n \"id\": test2[\"id\"],\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Auditmanager.Framework(\"test\", new()\n {\n Name = \"example\",\n ControlSets = new[]\n {\n new Aws.Auditmanager.Inputs.FrameworkControlSetArgs\n {\n Name = \"example\",\n Controls = new[]\n {\n new Aws.Auditmanager.Inputs.FrameworkControlSetControlArgs\n {\n Id = test1.Id,\n },\n new Aws.Auditmanager.Inputs.FrameworkControlSetControlArgs\n {\n Id = test2.Id,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewFramework(ctx, \"test\", \u0026auditmanager.FrameworkArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tControlSets: auditmanager.FrameworkControlSetArray{\n\t\t\t\t\u0026auditmanager.FrameworkControlSetArgs{\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tControls: auditmanager.FrameworkControlSetControlArray{\n\t\t\t\t\t\t\u0026auditmanager.FrameworkControlSetControlArgs{\n\t\t\t\t\t\t\tId: pulumi.Any(test1.Id),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026auditmanager.FrameworkControlSetControlArgs{\n\t\t\t\t\t\t\tId: pulumi.Any(test2.Id),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.Framework;\nimport com.pulumi.aws.auditmanager.FrameworkArgs;\nimport com.pulumi.aws.auditmanager.inputs.FrameworkControlSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Framework(\"test\", FrameworkArgs.builder()\n .name(\"example\")\n .controlSets(FrameworkControlSetArgs.builder()\n .name(\"example\")\n .controls( \n FrameworkControlSetControlArgs.builder()\n .id(test1.id())\n .build(),\n FrameworkControlSetControlArgs.builder()\n .id(test2.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:auditmanager:Framework\n properties:\n name: example\n controlSets:\n - name: example\n controls:\n - id: ${test1.id}\n - id: ${test2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Framework using the framework `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/framework:Framework example abc123-de45\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the framework.\n* `control_sets[*].id` - Unique identifier for the framework control set.\n" }, "complianceType": { "type": "string", "description": "Compliance type that the new custom framework supports, such as `CIS` or `HIPAA`.\n" }, "controlSets": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/FrameworkControlSet:FrameworkControlSet" }, "description": "Configuration block(s) for the control sets that are associated with the framework. See `control_sets` Block below for details.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the framework.\n" }, "frameworkType": { "type": "string", "description": "Framework type, such as a custom framework or a standard framework.\n" }, "name": { "type": "string", "description": "Name of the framework.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the framework. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "frameworkType", "name", "tagsAll" ], "inputProperties": { "complianceType": { "type": "string", "description": "Compliance type that the new custom framework supports, such as `CIS` or `HIPAA`.\n" }, "controlSets": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/FrameworkControlSet:FrameworkControlSet" }, "description": "Configuration block(s) for the control sets that are associated with the framework. See `control_sets` Block below for details.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the framework.\n" }, "name": { "type": "string", "description": "Name of the framework.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the framework. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Framework resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the framework.\n* `control_sets[*].id` - Unique identifier for the framework control set.\n" }, "complianceType": { "type": "string", "description": "Compliance type that the new custom framework supports, such as `CIS` or `HIPAA`.\n" }, "controlSets": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/FrameworkControlSet:FrameworkControlSet" }, "description": "Configuration block(s) for the control sets that are associated with the framework. See `control_sets` Block below for details.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the framework.\n" }, "frameworkType": { "type": "string", "description": "Framework type, such as a custom framework or a standard framework.\n" }, "name": { "type": "string", "description": "Name of the framework.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the framework. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:auditmanager/frameworkShare:FrameworkShare": { "description": "Resource for managing an AWS Audit Manager Framework Share.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.FrameworkShare(\"example\", {\n destinationAccount: \"012345678901\",\n destinationRegion: \"us-east-1\",\n frameworkId: exampleAwsAuditmanagerFramework.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.FrameworkShare(\"example\",\n destination_account=\"012345678901\",\n destination_region=\"us-east-1\",\n framework_id=example_aws_auditmanager_framework[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.FrameworkShare(\"example\", new()\n {\n DestinationAccount = \"012345678901\",\n DestinationRegion = \"us-east-1\",\n FrameworkId = exampleAwsAuditmanagerFramework.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewFrameworkShare(ctx, \"example\", \u0026auditmanager.FrameworkShareArgs{\n\t\t\tDestinationAccount: pulumi.String(\"012345678901\"),\n\t\t\tDestinationRegion: pulumi.String(\"us-east-1\"),\n\t\t\tFrameworkId: pulumi.Any(exampleAwsAuditmanagerFramework.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.FrameworkShare;\nimport com.pulumi.aws.auditmanager.FrameworkShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FrameworkShare(\"example\", FrameworkShareArgs.builder()\n .destinationAccount(\"012345678901\")\n .destinationRegion(\"us-east-1\")\n .frameworkId(exampleAwsAuditmanagerFramework.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:FrameworkShare\n properties:\n destinationAccount: '012345678901'\n destinationRegion: us-east-1\n frameworkId: ${exampleAwsAuditmanagerFramework.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Framework Share using the `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/frameworkShare:FrameworkShare example abcdef-123456\n```\n", "properties": { "comment": { "type": "string", "description": "Comment from the sender about the share request.\n" }, "destinationAccount": { "type": "string", "description": "Amazon Web Services account of the recipient.\n" }, "destinationRegion": { "type": "string", "description": "Amazon Web Services region of the recipient.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier for the shared custom framework.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the share request.\n" } }, "required": [ "destinationAccount", "destinationRegion", "frameworkId", "status" ], "inputProperties": { "comment": { "type": "string", "description": "Comment from the sender about the share request.\n" }, "destinationAccount": { "type": "string", "description": "Amazon Web Services account of the recipient.\n" }, "destinationRegion": { "type": "string", "description": "Amazon Web Services region of the recipient.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier for the shared custom framework.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "destinationAccount", "destinationRegion", "frameworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering FrameworkShare resources.\n", "properties": { "comment": { "type": "string", "description": "Comment from the sender about the share request.\n" }, "destinationAccount": { "type": "string", "description": "Amazon Web Services account of the recipient.\n" }, "destinationRegion": { "type": "string", "description": "Amazon Web Services region of the recipient.\n" }, "frameworkId": { "type": "string", "description": "Unique identifier for the shared custom framework.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the share request.\n" } }, "type": "object" } }, "aws:auditmanager/organizationAdminAccountRegistration:OrganizationAdminAccountRegistration": { "description": "Resource for managing AWS Audit Manager Organization Admin Account Registration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.auditmanager.OrganizationAdminAccountRegistration(\"example\", {adminAccountId: \"012345678901\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.OrganizationAdminAccountRegistration(\"example\", admin_account_id=\"012345678901\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Auditmanager.OrganizationAdminAccountRegistration(\"example\", new()\n {\n AdminAccountId = \"012345678901\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.NewOrganizationAdminAccountRegistration(ctx, \"example\", \u0026auditmanager.OrganizationAdminAccountRegistrationArgs{\n\t\t\tAdminAccountId: pulumi.String(\"012345678901\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.OrganizationAdminAccountRegistration;\nimport com.pulumi.aws.auditmanager.OrganizationAdminAccountRegistrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationAdminAccountRegistration(\"example\", OrganizationAdminAccountRegistrationArgs.builder()\n .adminAccountId(\"012345678901\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:auditmanager:OrganizationAdminAccountRegistration\n properties:\n adminAccountId: '012345678901'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Audit Manager Organization Admin Account Registration using the `id`. For example:\n\n```sh\n$ pulumi import aws:auditmanager/organizationAdminAccountRegistration:OrganizationAdminAccountRegistration example 012345678901\n```\n", "properties": { "adminAccountId": { "type": "string", "description": "Identifier for the organization administrator account.\n" }, "organizationId": { "type": "string", "description": "Identifier for the organization.\n" } }, "required": [ "adminAccountId", "organizationId" ], "inputProperties": { "adminAccountId": { "type": "string", "description": "Identifier for the organization administrator account.\n" } }, "requiredInputs": [ "adminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccountRegistration resources.\n", "properties": { "adminAccountId": { "type": "string", "description": "Identifier for the organization administrator account.\n" }, "organizationId": { "type": "string", "description": "Identifier for the organization.\n" } }, "type": "object" } }, "aws:autoscaling/attachment:Attachment": { "description": "Attaches a load balancer to an Auto Scaling group.\n\n\u003e **NOTE on Auto Scaling Groups, Attachments and Traffic Source Attachments:** Pulumi provides standalone Attachment (for attaching Classic Load Balancers and Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target groups) and Traffic Source Attachment (for attaching Load Balancers and VPC Lattice target groups) resources and an Auto Scaling Group resource with `load_balancers`, `target_group_arns` and `traffic_source` attributes. Do not use the same traffic source in more than one of these resources. Doing so will cause a conflict of attachments. A `lifecycle` configuration block can be used to suppress differences if necessary.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer attachment\nconst example = new aws.autoscaling.Attachment(\"example\", {\n autoscalingGroupName: exampleAwsAutoscalingGroup.id,\n elb: exampleAwsElb.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer attachment\nexample = aws.autoscaling.Attachment(\"example\",\n autoscaling_group_name=example_aws_autoscaling_group[\"id\"],\n elb=example_aws_elb[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new load balancer attachment\n var example = new Aws.AutoScaling.Attachment(\"example\", new()\n {\n AutoscalingGroupName = exampleAwsAutoscalingGroup.Id,\n Elb = exampleAwsElb.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new load balancer attachment\n\t\t_, err := autoscaling.NewAttachment(ctx, \"example\", \u0026autoscaling.AttachmentArgs{\n\t\t\tAutoscalingGroupName: pulumi.Any(exampleAwsAutoscalingGroup.Id),\n\t\t\tElb: pulumi.Any(exampleAwsElb.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Attachment;\nimport com.pulumi.aws.autoscaling.AttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new load balancer attachment\n var example = new Attachment(\"example\", AttachmentArgs.builder()\n .autoscalingGroupName(exampleAwsAutoscalingGroup.id())\n .elb(exampleAwsElb.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new load balancer attachment\n example:\n type: aws:autoscaling:Attachment\n properties:\n autoscalingGroupName: ${exampleAwsAutoscalingGroup.id}\n elb: ${exampleAwsElb.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new ALB Target Group attachment\nconst example = new aws.autoscaling.Attachment(\"example\", {\n autoscalingGroupName: exampleAwsAutoscalingGroup.id,\n lbTargetGroupArn: exampleAwsLbTargetGroup.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new ALB Target Group attachment\nexample = aws.autoscaling.Attachment(\"example\",\n autoscaling_group_name=example_aws_autoscaling_group[\"id\"],\n lb_target_group_arn=example_aws_lb_target_group[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new ALB Target Group attachment\n var example = new Aws.AutoScaling.Attachment(\"example\", new()\n {\n AutoscalingGroupName = exampleAwsAutoscalingGroup.Id,\n LbTargetGroupArn = exampleAwsLbTargetGroup.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new ALB Target Group attachment\n\t\t_, err := autoscaling.NewAttachment(ctx, \"example\", \u0026autoscaling.AttachmentArgs{\n\t\t\tAutoscalingGroupName: pulumi.Any(exampleAwsAutoscalingGroup.Id),\n\t\t\tLbTargetGroupArn: pulumi.Any(exampleAwsLbTargetGroup.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Attachment;\nimport com.pulumi.aws.autoscaling.AttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new ALB Target Group attachment\n var example = new Attachment(\"example\", AttachmentArgs.builder()\n .autoscalingGroupName(exampleAwsAutoscalingGroup.id())\n .lbTargetGroupArn(exampleAwsLbTargetGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new ALB Target Group attachment\n example:\n type: aws:autoscaling:Attachment\n properties:\n autoscalingGroupName: ${exampleAwsAutoscalingGroup.id}\n lbTargetGroupArn: ${exampleAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n" }, "elb": { "type": "string", "description": "Name of the ELB.\n" }, "lbTargetGroupArn": { "type": "string", "description": "ARN of a load balancer target group.\n" } }, "required": [ "autoscalingGroupName" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n", "willReplaceOnChanges": true }, "elb": { "type": "string", "description": "Name of the ELB.\n", "willReplaceOnChanges": true }, "lbTargetGroupArn": { "type": "string", "description": "ARN of a load balancer target group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "autoscalingGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Attachment resources.\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of ASG to associate with the ELB.\n", "willReplaceOnChanges": true }, "elb": { "type": "string", "description": "Name of the ELB.\n", "willReplaceOnChanges": true }, "lbTargetGroupArn": { "type": "string", "description": "ARN of a load balancer target group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:autoscaling/group:Group": { "description": "Provides an Auto Scaling Group resource.\n\n\u003e **Note:** You must specify either `launch_configuration`, `launch_template`, or `mixed_instances_policy`.\n\n\u003e **NOTE on Auto Scaling Groups, Attachments and Traffic Source Attachments:** Pulumi provides standalone Attachment (for attaching Classic Load Balancers and Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target groups) and Traffic Source Attachment (for attaching Load Balancers and VPC Lattice target groups) resources and an Auto Scaling Group resource with `load_balancers`, `target_group_arns` and `traffic_source` attributes. Do not use the same traffic source in more than one of these resources. Doing so will cause a conflict of attachments. A `lifecycle` configuration block can be used to suppress differences if necessary.\n\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.PlacementGroup(\"test\", {\n name: \"test\",\n strategy: aws.ec2.PlacementStrategy.Cluster,\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n name: \"foobar3-test\",\n maxSize: 5,\n minSize: 2,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n desiredCapacity: 4,\n forceDelete: true,\n placementGroup: test.id,\n launchConfiguration: foobar.name,\n vpcZoneIdentifiers: [\n example1.id,\n example2.id,\n ],\n instanceMaintenancePolicy: {\n minHealthyPercentage: 90,\n maxHealthyPercentage: 120,\n },\n initialLifecycleHooks: [{\n name: \"foobar\",\n defaultResult: \"CONTINUE\",\n heartbeatTimeout: 2000,\n lifecycleTransition: \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n notificationMetadata: JSON.stringify({\n foo: \"bar\",\n }),\n notificationTargetArn: \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n roleArn: \"arn:aws:iam::123456789012:role/S3Access\",\n }],\n tags: [\n {\n key: \"foo\",\n value: \"bar\",\n propagateAtLaunch: true,\n },\n {\n key: \"lorem\",\n value: \"ipsum\",\n propagateAtLaunch: false,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.ec2.PlacementGroup(\"test\",\n name=\"test\",\n strategy=aws.ec2.PlacementStrategy.CLUSTER)\nbar = aws.autoscaling.Group(\"bar\",\n name=\"foobar3-test\",\n max_size=5,\n min_size=2,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n desired_capacity=4,\n force_delete=True,\n placement_group=test.id,\n launch_configuration=foobar[\"name\"],\n vpc_zone_identifiers=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n instance_maintenance_policy={\n \"min_healthy_percentage\": 90,\n \"max_healthy_percentage\": 120,\n },\n initial_lifecycle_hooks=[{\n \"name\": \"foobar\",\n \"default_result\": \"CONTINUE\",\n \"heartbeat_timeout\": 2000,\n \"lifecycle_transition\": \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n \"notification_metadata\": json.dumps({\n \"foo\": \"bar\",\n }),\n \"notification_target_arn\": \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n \"role_arn\": \"arn:aws:iam::123456789012:role/S3Access\",\n }],\n tags=[\n {\n \"key\": \"foo\",\n \"value\": \"bar\",\n \"propagate_at_launch\": True,\n },\n {\n \"key\": \"lorem\",\n \"value\": \"ipsum\",\n \"propagate_at_launch\": False,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.PlacementGroup(\"test\", new()\n {\n Name = \"test\",\n Strategy = Aws.Ec2.PlacementStrategy.Cluster,\n });\n\n var bar = new Aws.AutoScaling.Group(\"bar\", new()\n {\n Name = \"foobar3-test\",\n MaxSize = 5,\n MinSize = 2,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n DesiredCapacity = 4,\n ForceDelete = true,\n PlacementGroup = test.Id,\n LaunchConfiguration = foobar.Name,\n VpcZoneIdentifiers = new[]\n {\n example1.Id,\n example2.Id,\n },\n InstanceMaintenancePolicy = new Aws.AutoScaling.Inputs.GroupInstanceMaintenancePolicyArgs\n {\n MinHealthyPercentage = 90,\n MaxHealthyPercentage = 120,\n },\n InitialLifecycleHooks = new[]\n {\n new Aws.AutoScaling.Inputs.GroupInitialLifecycleHookArgs\n {\n Name = \"foobar\",\n DefaultResult = \"CONTINUE\",\n HeartbeatTimeout = 2000,\n LifecycleTransition = \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n NotificationMetadata = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n NotificationTargetArn = \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n RoleArn = \"arn:aws:iam::123456789012:role/S3Access\",\n },\n },\n Tags = new[]\n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"foo\",\n Value = \"bar\",\n PropagateAtLaunch = true,\n },\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"lorem\",\n Value = \"ipsum\",\n PropagateAtLaunch = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.NewPlacementGroup(ctx, \"test\", \u0026ec2.PlacementGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tStrategy: pulumi.String(ec2.PlacementStrategyCluster),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tName: pulumi.String(\"foobar3-test\"),\n\t\t\tMaxSize: pulumi.Int(5),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t\tHealthCheckGracePeriod: pulumi.Int(300),\n\t\t\tHealthCheckType: pulumi.String(\"ELB\"),\n\t\t\tDesiredCapacity: pulumi.Int(4),\n\t\t\tForceDelete: pulumi.Bool(true),\n\t\t\tPlacementGroup: test.ID(),\n\t\t\tLaunchConfiguration: pulumi.Any(foobar.Name),\n\t\t\tVpcZoneIdentifiers: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tInstanceMaintenancePolicy: \u0026autoscaling.GroupInstanceMaintenancePolicyArgs{\n\t\t\t\tMinHealthyPercentage: pulumi.Int(90),\n\t\t\t\tMaxHealthyPercentage: pulumi.Int(120),\n\t\t\t},\n\t\t\tInitialLifecycleHooks: autoscaling.GroupInitialLifecycleHookArray{\n\t\t\t\t\u0026autoscaling.GroupInitialLifecycleHookArgs{\n\t\t\t\t\tName: pulumi.String(\"foobar\"),\n\t\t\t\t\tDefaultResult: pulumi.String(\"CONTINUE\"),\n\t\t\t\t\tHeartbeatTimeout: pulumi.Int(2000),\n\t\t\t\t\tLifecycleTransition: pulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCHING\"),\n\t\t\t\t\tNotificationMetadata: pulumi.String(json0),\n\t\t\t\t\tNotificationTargetArn: pulumi.String(\"arn:aws:sqs:us-east-1:444455556666:queue1*\"),\n\t\t\t\t\tRoleArn: pulumi.String(\"arn:aws:iam::123456789012:role/S3Access\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"foo\"),\n\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"lorem\"),\n\t\t\t\t\tValue: pulumi.String(\"ipsum\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.PlacementGroup;\nimport com.pulumi.aws.ec2.PlacementGroupArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupInstanceMaintenancePolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupInitialLifecycleHookArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupTagArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new PlacementGroup(\"test\", PlacementGroupArgs.builder()\n .name(\"test\")\n .strategy(\"cluster\")\n .build());\n\n var bar = new Group(\"bar\", GroupArgs.builder()\n .name(\"foobar3-test\")\n .maxSize(5)\n .minSize(2)\n .healthCheckGracePeriod(300)\n .healthCheckType(\"ELB\")\n .desiredCapacity(4)\n .forceDelete(true)\n .placementGroup(test.id())\n .launchConfiguration(foobar.name())\n .vpcZoneIdentifiers( \n example1.id(),\n example2.id())\n .instanceMaintenancePolicy(GroupInstanceMaintenancePolicyArgs.builder()\n .minHealthyPercentage(90)\n .maxHealthyPercentage(120)\n .build())\n .initialLifecycleHooks(GroupInitialLifecycleHookArgs.builder()\n .name(\"foobar\")\n .defaultResult(\"CONTINUE\")\n .heartbeatTimeout(2000)\n .lifecycleTransition(\"autoscaling:EC2_INSTANCE_LAUNCHING\")\n .notificationMetadata(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .notificationTargetArn(\"arn:aws:sqs:us-east-1:444455556666:queue1*\")\n .roleArn(\"arn:aws:iam::123456789012:role/S3Access\")\n .build())\n .tags( \n GroupTagArgs.builder()\n .key(\"foo\")\n .value(\"bar\")\n .propagateAtLaunch(true)\n .build(),\n GroupTagArgs.builder()\n .key(\"lorem\")\n .value(\"ipsum\")\n .propagateAtLaunch(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:PlacementGroup\n properties:\n name: test\n strategy: cluster\n bar:\n type: aws:autoscaling:Group\n properties:\n name: foobar3-test\n maxSize: 5\n minSize: 2\n healthCheckGracePeriod: 300\n healthCheckType: ELB\n desiredCapacity: 4\n forceDelete: true\n placementGroup: ${test.id}\n launchConfiguration: ${foobar.name}\n vpcZoneIdentifiers:\n - ${example1.id}\n - ${example2.id}\n instanceMaintenancePolicy:\n minHealthyPercentage: 90\n maxHealthyPercentage: 120\n initialLifecycleHooks:\n - name: foobar\n defaultResult: CONTINUE\n heartbeatTimeout: 2000\n lifecycleTransition: autoscaling:EC2_INSTANCE_LAUNCHING\n notificationMetadata:\n fn::toJSON:\n foo: bar\n notificationTargetArn: arn:aws:sqs:us-east-1:444455556666:queue1*\n roleArn: arn:aws:iam::123456789012:role/S3Access\n tags:\n - key: foo\n value: bar\n propagateAtLaunch: true\n - key: lorem\n value: ipsum\n propagateAtLaunch: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Latest Version Of Launch Template\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.ec2.LaunchTemplate(\"foobar\", {\n namePrefix: \"foobar\",\n imageId: \"ami-1a2b3c\",\n instanceType: \"t2.micro\",\n});\nconst bar = new aws.autoscaling.Group(\"bar\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 1,\n minSize: 1,\n launchTemplate: {\n id: foobar.id,\n version: \"$Latest\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.ec2.LaunchTemplate(\"foobar\",\n name_prefix=\"foobar\",\n image_id=\"ami-1a2b3c\",\n instance_type=\"t2.micro\")\nbar = aws.autoscaling.Group(\"bar\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=1,\n min_size=1,\n launch_template={\n \"id\": foobar.id,\n \"version\": \"$Latest\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.Ec2.LaunchTemplate(\"foobar\", new()\n {\n NamePrefix = \"foobar\",\n ImageId = \"ami-1a2b3c\",\n InstanceType = \"t2.micro\",\n });\n\n var bar = new Aws.AutoScaling.Group(\"bar\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 1,\n MinSize = 1,\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupLaunchTemplateArgs\n {\n Id = foobar.Id,\n Version = \"$Latest\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := ec2.NewLaunchTemplate(ctx, \"foobar\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"foobar\"),\n\t\t\tImageId: pulumi.String(\"ami-1a2b3c\"),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tLaunchTemplate: \u0026autoscaling.GroupLaunchTemplateArgs{\n\t\t\t\tId: foobar.ID(),\n\t\t\t\tVersion: pulumi.String(\"$Latest\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupLaunchTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new LaunchTemplate(\"foobar\", LaunchTemplateArgs.builder()\n .namePrefix(\"foobar\")\n .imageId(\"ami-1a2b3c\")\n .instanceType(\"t2.micro\")\n .build());\n\n var bar = new Group(\"bar\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(1)\n .minSize(1)\n .launchTemplate(GroupLaunchTemplateArgs.builder()\n .id(foobar.id())\n .version(\"$Latest\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: foobar\n imageId: ami-1a2b3c\n instanceType: t2.micro\n bar:\n type: aws:autoscaling:Group\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 1\n minSize: 1\n launchTemplate:\n id: ${foobar.id}\n version: $Latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed Instances Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LaunchTemplate(\"example\", {\n namePrefix: \"example\",\n imageId: exampleAwsAmi.id,\n instanceType: \"c5.large\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 1,\n minSize: 1,\n mixedInstancesPolicy: {\n launchTemplate: {\n launchTemplateSpecification: {\n launchTemplateId: example.id,\n },\n overrides: [\n {\n instanceType: \"c4.large\",\n weightedCapacity: \"3\",\n },\n {\n instanceType: \"c3.large\",\n weightedCapacity: \"2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LaunchTemplate(\"example\",\n name_prefix=\"example\",\n image_id=example_aws_ami[\"id\"],\n instance_type=\"c5.large\")\nexample_group = aws.autoscaling.Group(\"example\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=1,\n min_size=1,\n mixed_instances_policy={\n \"launch_template\": {\n \"launch_template_specification\": {\n \"launch_template_id\": example.id,\n },\n \"overrides\": [\n {\n \"instance_type\": \"c4.large\",\n \"weighted_capacity\": \"3\",\n },\n {\n \"instance_type\": \"c3.large\",\n \"weighted_capacity\": \"2\",\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n NamePrefix = \"example\",\n ImageId = exampleAwsAmi.Id,\n InstanceType = \"c5.large\",\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 1,\n MinSize = 1,\n MixedInstancesPolicy = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyArgs\n {\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateArgs\n {\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = example.Id,\n },\n Overrides = new[]\n {\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c4.large\",\n WeightedCapacity = \"3\",\n },\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c3.large\",\n WeightedCapacity = \"2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t\tImageId: pulumi.Any(exampleAwsAmi.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tMixedInstancesPolicy: \u0026autoscaling.GroupMixedInstancesPolicyArgs{\n\t\t\t\tLaunchTemplate: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: example.ID(),\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArray{\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c3.large\"),\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LaunchTemplate(\"example\", LaunchTemplateArgs.builder()\n .namePrefix(\"example\")\n .imageId(exampleAwsAmi.id())\n .instanceType(\"c5.large\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(1)\n .minSize(1)\n .mixedInstancesPolicy(GroupMixedInstancesPolicyArgs.builder()\n .launchTemplate(GroupMixedInstancesPolicyLaunchTemplateArgs.builder()\n .launchTemplateSpecification(GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(example.id())\n .build())\n .overrides( \n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c4.large\")\n .weightedCapacity(\"3\")\n .build(),\n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c3.large\")\n .weightedCapacity(\"2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example\n imageId: ${exampleAwsAmi.id}\n instanceType: c5.large\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 1\n minSize: 1\n mixedInstancesPolicy:\n launchTemplate:\n launchTemplateSpecification:\n launchTemplateId: ${example.id}\n overrides:\n - instanceType: c4.large\n weightedCapacity: '3'\n - instanceType: c3.large\n weightedCapacity: '2'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed Instances Policy with Spot Instances and Capacity Rebalance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LaunchTemplate(\"example\", {\n namePrefix: \"example\",\n imageId: exampleAwsAmi.id,\n instanceType: \"c5.large\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n capacityRebalance: true,\n desiredCapacity: 12,\n maxSize: 15,\n minSize: 12,\n vpcZoneIdentifiers: [\n example1.id,\n example2.id,\n ],\n mixedInstancesPolicy: {\n instancesDistribution: {\n onDemandBaseCapacity: 0,\n onDemandPercentageAboveBaseCapacity: 25,\n spotAllocationStrategy: \"capacity-optimized\",\n },\n launchTemplate: {\n launchTemplateSpecification: {\n launchTemplateId: example.id,\n },\n overrides: [\n {\n instanceType: \"c4.large\",\n weightedCapacity: \"3\",\n },\n {\n instanceType: \"c3.large\",\n weightedCapacity: \"2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LaunchTemplate(\"example\",\n name_prefix=\"example\",\n image_id=example_aws_ami[\"id\"],\n instance_type=\"c5.large\")\nexample_group = aws.autoscaling.Group(\"example\",\n capacity_rebalance=True,\n desired_capacity=12,\n max_size=15,\n min_size=12,\n vpc_zone_identifiers=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n mixed_instances_policy={\n \"instances_distribution\": {\n \"on_demand_base_capacity\": 0,\n \"on_demand_percentage_above_base_capacity\": 25,\n \"spot_allocation_strategy\": \"capacity-optimized\",\n },\n \"launch_template\": {\n \"launch_template_specification\": {\n \"launch_template_id\": example.id,\n },\n \"overrides\": [\n {\n \"instance_type\": \"c4.large\",\n \"weighted_capacity\": \"3\",\n },\n {\n \"instance_type\": \"c3.large\",\n \"weighted_capacity\": \"2\",\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n NamePrefix = \"example\",\n ImageId = exampleAwsAmi.Id,\n InstanceType = \"c5.large\",\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n CapacityRebalance = true,\n DesiredCapacity = 12,\n MaxSize = 15,\n MinSize = 12,\n VpcZoneIdentifiers = new[]\n {\n example1.Id,\n example2.Id,\n },\n MixedInstancesPolicy = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyArgs\n {\n InstancesDistribution = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyInstancesDistributionArgs\n {\n OnDemandBaseCapacity = 0,\n OnDemandPercentageAboveBaseCapacity = 25,\n SpotAllocationStrategy = \"capacity-optimized\",\n },\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateArgs\n {\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = example.Id,\n },\n Overrides = new[]\n {\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c4.large\",\n WeightedCapacity = \"3\",\n },\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c3.large\",\n WeightedCapacity = \"2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t\tImageId: pulumi.Any(exampleAwsAmi.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tCapacityRebalance: pulumi.Bool(true),\n\t\t\tDesiredCapacity: pulumi.Int(12),\n\t\t\tMaxSize: pulumi.Int(15),\n\t\t\tMinSize: pulumi.Int(12),\n\t\t\tVpcZoneIdentifiers: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tMixedInstancesPolicy: \u0026autoscaling.GroupMixedInstancesPolicyArgs{\n\t\t\t\tInstancesDistribution: \u0026autoscaling.GroupMixedInstancesPolicyInstancesDistributionArgs{\n\t\t\t\t\tOnDemandBaseCapacity: pulumi.Int(0),\n\t\t\t\t\tOnDemandPercentageAboveBaseCapacity: pulumi.Int(25),\n\t\t\t\t\tSpotAllocationStrategy: pulumi.String(\"capacity-optimized\"),\n\t\t\t\t},\n\t\t\t\tLaunchTemplate: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: example.ID(),\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArray{\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c3.large\"),\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyInstancesDistributionArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LaunchTemplate(\"example\", LaunchTemplateArgs.builder()\n .namePrefix(\"example\")\n .imageId(exampleAwsAmi.id())\n .instanceType(\"c5.large\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .capacityRebalance(true)\n .desiredCapacity(12)\n .maxSize(15)\n .minSize(12)\n .vpcZoneIdentifiers( \n example1.id(),\n example2.id())\n .mixedInstancesPolicy(GroupMixedInstancesPolicyArgs.builder()\n .instancesDistribution(GroupMixedInstancesPolicyInstancesDistributionArgs.builder()\n .onDemandBaseCapacity(0)\n .onDemandPercentageAboveBaseCapacity(25)\n .spotAllocationStrategy(\"capacity-optimized\")\n .build())\n .launchTemplate(GroupMixedInstancesPolicyLaunchTemplateArgs.builder()\n .launchTemplateSpecification(GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(example.id())\n .build())\n .overrides( \n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c4.large\")\n .weightedCapacity(\"3\")\n .build(),\n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c3.large\")\n .weightedCapacity(\"2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example\n imageId: ${exampleAwsAmi.id}\n instanceType: c5.large\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n capacityRebalance: true\n desiredCapacity: 12\n maxSize: 15\n minSize: 12\n vpcZoneIdentifiers:\n - ${example1.id}\n - ${example2.id}\n mixedInstancesPolicy:\n instancesDistribution:\n onDemandBaseCapacity: 0\n onDemandPercentageAboveBaseCapacity: 25\n spotAllocationStrategy: capacity-optimized\n launchTemplate:\n launchTemplateSpecification:\n launchTemplateId: ${example.id}\n overrides:\n - instanceType: c4.large\n weightedCapacity: '3'\n - instanceType: c3.large\n weightedCapacity: '2'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed Instances Policy with Instance level LaunchTemplateSpecification Overrides\n\nWhen using a diverse instance set, some instance types might require a launch template with configuration values unique to that instance type such as a different AMI (Graviton2), architecture specific user data script, different EBS configuration, or different networking configuration.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LaunchTemplate(\"example\", {\n namePrefix: \"example\",\n imageId: exampleAwsAmi.id,\n instanceType: \"c5.large\",\n});\nconst example2 = new aws.ec2.LaunchTemplate(\"example2\", {\n namePrefix: \"example2\",\n imageId: example2AwsAmi.id,\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 1,\n minSize: 1,\n mixedInstancesPolicy: {\n launchTemplate: {\n launchTemplateSpecification: {\n launchTemplateId: example.id,\n },\n overrides: [\n {\n instanceType: \"c4.large\",\n weightedCapacity: \"3\",\n },\n {\n instanceType: \"c6g.large\",\n launchTemplateSpecification: {\n launchTemplateId: example2.id,\n },\n weightedCapacity: \"2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LaunchTemplate(\"example\",\n name_prefix=\"example\",\n image_id=example_aws_ami[\"id\"],\n instance_type=\"c5.large\")\nexample2 = aws.ec2.LaunchTemplate(\"example2\",\n name_prefix=\"example2\",\n image_id=example2_aws_ami[\"id\"])\nexample_group = aws.autoscaling.Group(\"example\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=1,\n min_size=1,\n mixed_instances_policy={\n \"launch_template\": {\n \"launch_template_specification\": {\n \"launch_template_id\": example.id,\n },\n \"overrides\": [\n {\n \"instance_type\": \"c4.large\",\n \"weighted_capacity\": \"3\",\n },\n {\n \"instance_type\": \"c6g.large\",\n \"launch_template_specification\": {\n \"launch_template_id\": example2.id,\n },\n \"weighted_capacity\": \"2\",\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n NamePrefix = \"example\",\n ImageId = exampleAwsAmi.Id,\n InstanceType = \"c5.large\",\n });\n\n var example2 = new Aws.Ec2.LaunchTemplate(\"example2\", new()\n {\n NamePrefix = \"example2\",\n ImageId = example2AwsAmi.Id,\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 1,\n MinSize = 1,\n MixedInstancesPolicy = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyArgs\n {\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateArgs\n {\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = example.Id,\n },\n Overrides = new[]\n {\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c4.large\",\n WeightedCapacity = \"3\",\n },\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceType = \"c6g.large\",\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = example2.Id,\n },\n WeightedCapacity = \"2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t\tImageId: pulumi.Any(exampleAwsAmi.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := ec2.NewLaunchTemplate(ctx, \"example2\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example2\"),\n\t\t\tImageId: pulumi.Any(example2AwsAmi.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tMixedInstancesPolicy: \u0026autoscaling.GroupMixedInstancesPolicyArgs{\n\t\t\t\tLaunchTemplate: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: example.ID(),\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArray{\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceType: pulumi.String(\"c6g.large\"),\n\t\t\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\t\t\tLaunchTemplateId: example2.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LaunchTemplate(\"example\", LaunchTemplateArgs.builder()\n .namePrefix(\"example\")\n .imageId(exampleAwsAmi.id())\n .instanceType(\"c5.large\")\n .build());\n\n var example2 = new LaunchTemplate(\"example2\", LaunchTemplateArgs.builder()\n .namePrefix(\"example2\")\n .imageId(example2AwsAmi.id())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(1)\n .minSize(1)\n .mixedInstancesPolicy(GroupMixedInstancesPolicyArgs.builder()\n .launchTemplate(GroupMixedInstancesPolicyLaunchTemplateArgs.builder()\n .launchTemplateSpecification(GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(example.id())\n .build())\n .overrides( \n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c4.large\")\n .weightedCapacity(\"3\")\n .build(),\n GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceType(\"c6g.large\")\n .launchTemplateSpecification(GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(example2.id())\n .build())\n .weightedCapacity(\"2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example\n imageId: ${exampleAwsAmi.id}\n instanceType: c5.large\n example2:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example2\n imageId: ${example2AwsAmi.id}\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 1\n minSize: 1\n mixedInstancesPolicy:\n launchTemplate:\n launchTemplateSpecification:\n launchTemplateId: ${example.id}\n overrides:\n - instanceType: c4.large\n weightedCapacity: '3'\n - instanceType: c6g.large\n launchTemplateSpecification:\n launchTemplateId: ${example2.id}\n weightedCapacity: '2'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed Instances Policy with Attribute-based Instance Type Selection\n\nAs an alternative to manually choosing instance types when creating a mixed instances group, you can specify a set of instance attributes that describe your compute requirements.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LaunchTemplate(\"example\", {\n namePrefix: \"example\",\n imageId: exampleAwsAmi.id,\n instanceType: \"c5.large\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 1,\n minSize: 1,\n mixedInstancesPolicy: {\n launchTemplate: {\n launchTemplateSpecification: {\n launchTemplateId: example.id,\n },\n overrides: [{\n instanceRequirements: {\n memoryMib: {\n min: 1000,\n },\n vcpuCount: {\n min: 4,\n },\n },\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LaunchTemplate(\"example\",\n name_prefix=\"example\",\n image_id=example_aws_ami[\"id\"],\n instance_type=\"c5.large\")\nexample_group = aws.autoscaling.Group(\"example\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=1,\n min_size=1,\n mixed_instances_policy={\n \"launch_template\": {\n \"launch_template_specification\": {\n \"launch_template_id\": example.id,\n },\n \"overrides\": [{\n \"instance_requirements\": {\n \"memory_mib\": {\n \"min\": 1000,\n },\n \"vcpu_count\": {\n \"min\": 4,\n },\n },\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n NamePrefix = \"example\",\n ImageId = exampleAwsAmi.Id,\n InstanceType = \"c5.large\",\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 1,\n MinSize = 1,\n MixedInstancesPolicy = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyArgs\n {\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateArgs\n {\n LaunchTemplateSpecification = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = example.Id,\n },\n Overrides = new[]\n {\n new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs\n {\n InstanceRequirements = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsArgs\n {\n MemoryMib = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMibArgs\n {\n Min = 1000,\n },\n VcpuCount = new Aws.AutoScaling.Inputs.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCountArgs\n {\n Min = 4,\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t\tImageId: pulumi.Any(exampleAwsAmi.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tMixedInstancesPolicy: \u0026autoscaling.GroupMixedInstancesPolicyArgs{\n\t\t\t\tLaunchTemplate: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: example.ID(),\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArray{\n\t\t\t\t\t\t\u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideArgs{\n\t\t\t\t\t\t\tInstanceRequirements: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsArgs{\n\t\t\t\t\t\t\t\tMemoryMib: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMibArgs{\n\t\t\t\t\t\t\t\t\tMin: pulumi.Int(1000),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tVcpuCount: \u0026autoscaling.GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCountArgs{\n\t\t\t\t\t\t\t\t\tMin: pulumi.Int(4),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LaunchTemplate(\"example\", LaunchTemplateArgs.builder()\n .namePrefix(\"example\")\n .imageId(exampleAwsAmi.id())\n .instanceType(\"c5.large\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(1)\n .minSize(1)\n .mixedInstancesPolicy(GroupMixedInstancesPolicyArgs.builder()\n .launchTemplate(GroupMixedInstancesPolicyLaunchTemplateArgs.builder()\n .launchTemplateSpecification(GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(example.id())\n .build())\n .overrides(GroupMixedInstancesPolicyLaunchTemplateOverrideArgs.builder()\n .instanceRequirements(GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsArgs.builder()\n .memoryMib(GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMibArgs.builder()\n .min(1000)\n .build())\n .vcpuCount(GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCountArgs.builder()\n .min(4)\n .build())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example\n imageId: ${exampleAwsAmi.id}\n instanceType: c5.large\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 1\n minSize: 1\n mixedInstancesPolicy:\n launchTemplate:\n launchTemplateSpecification:\n launchTemplateId: ${example.id}\n overrides:\n - instanceRequirements:\n memoryMib:\n min: 1000\n vcpuCount:\n min: 4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Dynamic tagging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst extraTags = config.getObject(\"extraTags\") || [\n {\n key: \"Foo\",\n propagateAtLaunch: true,\n value: \"Bar\",\n },\n {\n key: \"Baz\",\n propagateAtLaunch: true,\n value: \"Bam\",\n },\n];\nconst test = new aws.autoscaling.Group(\"test\", {\n tags: [\n {\n key: \"explicit1\",\n value: \"value1\",\n propagateAtLaunch: true,\n },\n {\n key: \"explicit2\",\n value: \"value2\",\n propagateAtLaunch: true,\n },\n ],\n name: \"foobar3-test\",\n maxSize: 5,\n minSize: 2,\n launchConfiguration: foobar.name,\n vpcZoneIdentifiers: [\n example1.id,\n example2.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nextra_tags = config.get_object(\"extraTags\")\nif extra_tags is None:\n extra_tags = [\n {\n \"key\": \"Foo\",\n \"propagateAtLaunch\": True,\n \"value\": \"Bar\",\n },\n {\n \"key\": \"Baz\",\n \"propagateAtLaunch\": True,\n \"value\": \"Bam\",\n },\n ]\ntest = aws.autoscaling.Group(\"test\",\n tags=[\n {\n \"key\": \"explicit1\",\n \"value\": \"value1\",\n \"propagate_at_launch\": True,\n },\n {\n \"key\": \"explicit2\",\n \"value\": \"value2\",\n \"propagate_at_launch\": True,\n },\n ],\n name=\"foobar3-test\",\n max_size=5,\n min_size=2,\n launch_configuration=foobar[\"name\"],\n vpc_zone_identifiers=[\n example1[\"id\"],\n example2[\"id\"],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var extraTags = config.GetObject\u003cdynamic\u003e(\"extraTags\") ?? new[]\n {\n \n {\n { \"key\", \"Foo\" },\n { \"propagateAtLaunch\", true },\n { \"value\", \"Bar\" },\n },\n \n {\n { \"key\", \"Baz\" },\n { \"propagateAtLaunch\", true },\n { \"value\", \"Bam\" },\n },\n };\n var test = new Aws.AutoScaling.Group(\"test\", new()\n {\n Tags = new[]\n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"explicit1\",\n Value = \"value1\",\n PropagateAtLaunch = true,\n },\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"explicit2\",\n Value = \"value2\",\n PropagateAtLaunch = true,\n },\n },\n Name = \"foobar3-test\",\n MaxSize = 5,\n MinSize = 2,\n LaunchConfiguration = foobar.Name,\n VpcZoneIdentifiers = new[]\n {\n example1.Id,\n example2.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\textraTags := []map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"key\": \"Foo\",\n\t\t\t\t\"propagateAtLaunch\": true,\n\t\t\t\t\"value\": \"Bar\",\n\t\t\t},\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"key\": \"Baz\",\n\t\t\t\t\"propagateAtLaunch\": true,\n\t\t\t\t\"value\": \"Bam\",\n\t\t\t},\n\t\t}\n\t\tif param := cfg.GetObject(\"extraTags\"); param != nil {\n\t\t\textraTags = param\n\t\t}\n\t\t_, err := autoscaling.NewGroup(ctx, \"test\", \u0026autoscaling.GroupArgs{\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"explicit1\"),\n\t\t\t\t\tValue: pulumi.String(\"value1\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"explicit2\"),\n\t\t\t\t\tValue: pulumi.String(\"value2\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"foobar3-test\"),\n\t\t\tMaxSize: pulumi.Int(5),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t\tLaunchConfiguration: pulumi.Any(foobar.Name),\n\t\t\tVpcZoneIdentifiers: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var extraTags = config.get(\"extraTags\").orElse( \n %!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),\n %!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n var test = new Group(\"test\", GroupArgs.builder()\n .tags( \n GroupTagArgs.builder()\n .key(\"explicit1\")\n .value(\"value1\")\n .propagateAtLaunch(true)\n .build(),\n GroupTagArgs.builder()\n .key(\"explicit2\")\n .value(\"value2\")\n .propagateAtLaunch(true)\n .build())\n .name(\"foobar3-test\")\n .maxSize(5)\n .minSize(2)\n .launchConfiguration(foobar.name())\n .vpcZoneIdentifiers( \n example1.id(),\n example2.id())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n extraTags:\n type: dynamic\n default:\n - key: Foo\n propagateAtLaunch: true\n value: Bar\n - key: Baz\n propagateAtLaunch: true\n value: Bam\nresources:\n test:\n type: aws:autoscaling:Group\n properties:\n tags:\n - key: explicit1\n value: value1\n propagateAtLaunch: true\n - key: explicit2\n value: value2\n propagateAtLaunch: true\n name: foobar3-test\n maxSize: 5\n minSize: 2\n launchConfiguration: ${foobar.name}\n vpcZoneIdentifiers:\n - ${example1.id}\n - ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Automatically refresh all instances after the group is updated\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getAmi({\n mostRecent: true,\n owners: [\"amazon\"],\n filters: [{\n name: \"name\",\n values: [\"amzn-ami-hvm-*-x86_64-gp2\"],\n }],\n});\nconst exampleLaunchTemplate = new aws.ec2.LaunchTemplate(\"example\", {\n imageId: example.then(example =\u003e example.id),\n instanceType: \"t3.nano\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 2,\n minSize: 1,\n launchTemplate: {\n id: exampleLaunchTemplate.id,\n version: exampleLaunchTemplate.latestVersion,\n },\n tags: [{\n key: \"Key\",\n value: \"Value\",\n propagateAtLaunch: true,\n }],\n instanceRefresh: {\n strategy: \"Rolling\",\n preferences: {\n minHealthyPercentage: 50,\n },\n triggers: [\"tag\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_ami(most_recent=True,\n owners=[\"amazon\"],\n filters=[{\n \"name\": \"name\",\n \"values\": [\"amzn-ami-hvm-*-x86_64-gp2\"],\n }])\nexample_launch_template = aws.ec2.LaunchTemplate(\"example\",\n image_id=example.id,\n instance_type=\"t3.nano\")\nexample_group = aws.autoscaling.Group(\"example\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=2,\n min_size=1,\n launch_template={\n \"id\": example_launch_template.id,\n \"version\": example_launch_template.latest_version,\n },\n tags=[{\n \"key\": \"Key\",\n \"value\": \"Value\",\n \"propagate_at_launch\": True,\n }],\n instance_refresh={\n \"strategy\": \"Rolling\",\n \"preferences\": {\n \"min_healthy_percentage\": 50,\n },\n \"triggers\": [\"tag\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"amazon\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"amzn-ami-hvm-*-x86_64-gp2\",\n },\n },\n },\n });\n\n var exampleLaunchTemplate = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n ImageId = example.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = \"t3.nano\",\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 2,\n MinSize = 1,\n LaunchTemplate = new Aws.AutoScaling.Inputs.GroupLaunchTemplateArgs\n {\n Id = exampleLaunchTemplate.Id,\n Version = exampleLaunchTemplate.LatestVersion,\n },\n Tags = new[]\n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"Key\",\n Value = \"Value\",\n PropagateAtLaunch = true,\n },\n },\n InstanceRefresh = new Aws.AutoScaling.Inputs.GroupInstanceRefreshArgs\n {\n Strategy = \"Rolling\",\n Preferences = new Aws.AutoScaling.Inputs.GroupInstanceRefreshPreferencesArgs\n {\n MinHealthyPercentage = 50,\n },\n Triggers = new[]\n {\n \"tag\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amzn-ami-hvm-*-x86_64-gp2\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLaunchTemplate, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tImageId: pulumi.String(example.Id),\n\t\t\tInstanceType: pulumi.String(\"t3.nano\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(2),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tLaunchTemplate: \u0026autoscaling.GroupLaunchTemplateArgs{\n\t\t\t\tId: exampleLaunchTemplate.ID(),\n\t\t\t\tVersion: exampleLaunchTemplate.LatestVersion,\n\t\t\t},\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"Key\"),\n\t\t\t\t\tValue: pulumi.String(\"Value\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tInstanceRefresh: \u0026autoscaling.GroupInstanceRefreshArgs{\n\t\t\t\tStrategy: pulumi.String(\"Rolling\"),\n\t\t\t\tPreferences: \u0026autoscaling.GroupInstanceRefreshPreferencesArgs{\n\t\t\t\t\tMinHealthyPercentage: pulumi.Int(50),\n\t\t\t\t},\n\t\t\t\tTriggers: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"tag\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupLaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupTagArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupInstanceRefreshArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupInstanceRefreshPreferencesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .owners(\"amazon\")\n .filters(GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"amzn-ami-hvm-*-x86_64-gp2\")\n .build())\n .build());\n\n var exampleLaunchTemplate = new LaunchTemplate(\"exampleLaunchTemplate\", LaunchTemplateArgs.builder()\n .imageId(example.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t3.nano\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(2)\n .minSize(1)\n .launchTemplate(GroupLaunchTemplateArgs.builder()\n .id(exampleLaunchTemplate.id())\n .version(exampleLaunchTemplate.latestVersion())\n .build())\n .tags(GroupTagArgs.builder()\n .key(\"Key\")\n .value(\"Value\")\n .propagateAtLaunch(true)\n .build())\n .instanceRefresh(GroupInstanceRefreshArgs.builder()\n .strategy(\"Rolling\")\n .preferences(GroupInstanceRefreshPreferencesArgs.builder()\n .minHealthyPercentage(50)\n .build())\n .triggers(\"tag\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 2\n minSize: 1\n launchTemplate:\n id: ${exampleLaunchTemplate.id}\n version: ${exampleLaunchTemplate.latestVersion}\n tags:\n - key: Key\n value: Value\n propagateAtLaunch: true\n instanceRefresh:\n strategy: Rolling\n preferences:\n minHealthyPercentage: 50\n triggers:\n - tag\n exampleLaunchTemplate:\n type: aws:ec2:LaunchTemplate\n name: example\n properties:\n imageId: ${example.id}\n instanceType: t3.nano\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n owners:\n - amazon\n filters:\n - name: name\n values:\n - amzn-ami-hvm-*-x86_64-gp2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Auto Scaling group with Warm Pool\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LaunchTemplate(\"example\", {\n namePrefix: \"example\",\n imageId: exampleAwsAmi.id,\n instanceType: \"c5.large\",\n});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {\n availabilityZones: [\"us-east-1a\"],\n desiredCapacity: 1,\n maxSize: 5,\n minSize: 1,\n warmPool: {\n poolState: \"Hibernated\",\n minSize: 1,\n maxGroupPreparedCapacity: 10,\n instanceReusePolicy: {\n reuseOnScaleIn: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LaunchTemplate(\"example\",\n name_prefix=\"example\",\n image_id=example_aws_ami[\"id\"],\n instance_type=\"c5.large\")\nexample_group = aws.autoscaling.Group(\"example\",\n availability_zones=[\"us-east-1a\"],\n desired_capacity=1,\n max_size=5,\n min_size=1,\n warm_pool={\n \"pool_state\": \"Hibernated\",\n \"min_size\": 1,\n \"max_group_prepared_capacity\": 10,\n \"instance_reuse_policy\": {\n \"reuse_on_scale_in\": True,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LaunchTemplate(\"example\", new()\n {\n NamePrefix = \"example\",\n ImageId = exampleAwsAmi.Id,\n InstanceType = \"c5.large\",\n });\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n DesiredCapacity = 1,\n MaxSize = 5,\n MinSize = 1,\n WarmPool = new Aws.AutoScaling.Inputs.GroupWarmPoolArgs\n {\n PoolState = \"Hibernated\",\n MinSize = 1,\n MaxGroupPreparedCapacity = 10,\n InstanceReusePolicy = new Aws.AutoScaling.Inputs.GroupWarmPoolInstanceReusePolicyArgs\n {\n ReuseOnScaleIn = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewLaunchTemplate(ctx, \"example\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tNamePrefix: pulumi.String(\"example\"),\n\t\t\tImageId: pulumi.Any(exampleAwsAmi.Id),\n\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewGroup(ctx, \"example\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tDesiredCapacity: pulumi.Int(1),\n\t\t\tMaxSize: pulumi.Int(5),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tWarmPool: \u0026autoscaling.GroupWarmPoolArgs{\n\t\t\t\tPoolState: pulumi.String(\"Hibernated\"),\n\t\t\t\tMinSize: pulumi.Int(1),\n\t\t\t\tMaxGroupPreparedCapacity: pulumi.Int(10),\n\t\t\t\tInstanceReusePolicy: \u0026autoscaling.GroupWarmPoolInstanceReusePolicyArgs{\n\t\t\t\t\tReuseOnScaleIn: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupWarmPoolArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupWarmPoolInstanceReusePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LaunchTemplate(\"example\", LaunchTemplateArgs.builder()\n .namePrefix(\"example\")\n .imageId(exampleAwsAmi.id())\n .instanceType(\"c5.large\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .desiredCapacity(1)\n .maxSize(5)\n .minSize(1)\n .warmPool(GroupWarmPoolArgs.builder()\n .poolState(\"Hibernated\")\n .minSize(1)\n .maxGroupPreparedCapacity(10)\n .instanceReusePolicy(GroupWarmPoolInstanceReusePolicyArgs.builder()\n .reuseOnScaleIn(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LaunchTemplate\n properties:\n namePrefix: example\n imageId: ${exampleAwsAmi.id}\n instanceType: c5.large\n exampleGroup:\n type: aws:autoscaling:Group\n name: example\n properties:\n availabilityZones:\n - us-east-1a\n desiredCapacity: 1\n maxSize: 5\n minSize: 1\n warmPool:\n poolState: Hibernated\n minSize: 1\n maxGroupPreparedCapacity: 10\n instanceReusePolicy:\n reuseOnScaleIn: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Auto Scaling group with Traffic Sources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.autoscaling.Group(\"test\", {\n trafficSources: testAwsVpclatticeTargetGroup.map(__item =\u003e __item).map((v, k) =\u003e ({key: k, value: v})).map(entry =\u003e ({\n identifier: entry.value.arn,\n type: \"vpc-lattice\",\n })),\n vpcZoneIdentifiers: testAwsSubnet.id,\n maxSize: 1,\n minSize: 1,\n forceDelete: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.autoscaling.Group(\"test\",\n traffic_sources=[{\n \"identifier\": entry[\"value\"][\"arn\"],\n \"type\": \"vpc-lattice\",\n } for entry in [{\"key\": k, \"value\": v} for k, v in [__item for __item in test_aws_vpclattice_target_group]]],\n vpc_zone_identifiers=test_aws_subnet[\"id\"],\n max_size=1,\n min_size=1,\n force_delete=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.AutoScaling.Group(\"test\", new()\n {\n TrafficSources = testAwsVpclatticeTargetGroup.Select(__item =\u003e __item).ToList().Select((v, k) =\u003e new { Key = k, Value = v }).Select(entry =\u003e \n {\n return new Aws.AutoScaling.Inputs.GroupTrafficSourceArgs\n {\n Identifier = entry.Value.Arn,\n Type = \"vpc-lattice\",\n };\n }).ToList(),\n VpcZoneIdentifiers = testAwsSubnet.Id,\n MaxSize = 1,\n MinSize = 1,\n ForceDelete = true,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Waiting for Capacity\n\nA newly-created ASG is initially empty and begins to scale to `min_size` (or\n`desired_capacity`, if specified) by launching instances using the provided\nLaunch Configuration. These instances take time to launch and boot.\n\nOn ASG Update, changes to these values also take time to result in the target\nnumber of instances providing service.\n\nThis provider provides two mechanisms to help consistently manage ASG scale up\ntime across dependent resources.\n\n#### Waiting for ASG Capacity\n\nThe first is default behavior. This provider waits after ASG creation for\n`min_size` (or `desired_capacity`, if specified) healthy instances to show up\nin the ASG before continuing.\n\nIf `min_size` or `desired_capacity` are changed in a subsequent update,\nthis provider will also wait for the correct number of healthy instances before\ncontinuing.\n\nThis provider considers an instance \"healthy\" when the ASG reports `HealthStatus:\n\"Healthy\"` and `LifecycleState: \"InService\"`. See the [AWS AutoScaling\nDocs](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/AutoScalingGroupLifecycle.html)\nfor more information on an ASG's lifecycle.\n\nThis provider will wait for healthy instances for up to\n`wait_for_capacity_timeout`. If ASG creation is taking more than a few minutes,\nit's worth investigating for scaling activity errors, which can be caused by\nproblems with the selected Launch Configuration.\n\nSetting `wait_for_capacity_timeout` to `\"0\"` disables ASG Capacity waiting.\n\n#### Waiting for ELB Capacity\n\nThe second mechanism is optional, and affects ASGs with attached ELBs specified\nvia the `load_balancers` attribute or with ALBs specified with `target_group_arns`.\n\nThe `min_elb_capacity` parameter causes the provider to wait for at least the\nrequested number of instances to show up `\"InService\"` in all attached ELBs\nduring ASG creation. It has no effect on ASG updates.\n\nIf `wait_for_elb_capacity` is set, the provider will wait for exactly that number\nof Instances to be `\"InService\"` in all attached ELBs on both creation and\nupdates.\n\nThese parameters can be used to ensure that service is being provided before\nthe provider moves on. If new instances don't pass the ELB's health checks for any\nreason, the apply will time out, and the ASG will be marked as\ntainted (i.e., marked to be destroyed in a follow up run).\n\nAs with ASG Capacity, the provider will wait for up to `wait_for_capacity_timeout`\nfor the proper number of instances to be healthy.\n\n#### Troubleshooting Capacity Waiting Timeouts\n\nIf ASG creation takes more than a few minutes, this could indicate one of a\nnumber of configuration problems. See the [AWS Docs on Load Balancer\nTroubleshooting](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-troubleshooting.html)\nfor more information.\n\n## Import\n\nUsing `pulumi import`, import Auto Scaling Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:autoscaling/group:Group web web-asg\n```\n", "properties": { "arn": { "type": "string", "description": "ARN for this Auto Scaling Group\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the `vpc_zone_identifier` attribute, or for attaching a network interface when an existing network interface ID is specified in a launch template. Conflicts with `vpc_zone_identifier`.\n" }, "capacityRebalance": { "type": "boolean", "description": "Whether capacity rebalance is enabled. Otherwise, capacity rebalance is disabled.\n" }, "context": { "type": "string", "description": "Reserved.\n" }, "defaultCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "defaultInstanceWarmup": { "type": "integer", "description": "Amount of time, in seconds, until a newly launched instance can contribute to the Amazon CloudWatch metrics. This delay lets an instance finish initializing before Amazon EC2 Auto Scaling aggregates instance metrics, resulting in more reliable usage data. Set this value equal to the amount of time that it takes for resource consumption to become stable after an instance reaches the InService state. (See [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html))\n" }, "desiredCapacity": { "type": "integer", "description": "Number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "desiredCapacityType": { "type": "string", "description": "The unit of measurement for the value specified for `desired_capacity`. Supported for attribute-based instance type selection only. Valid values: `\"units\"`, `\"vcpu\"`, `\"memory-mib\"`.\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "List of metrics to collect. The allowed values are defined by the [underlying AWS API](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html).\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting\nfor all instances in the pool to terminate. You can force an Auto Scaling Group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "forceDeleteWarmPool": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting for all instances in the warm pool to terminate.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "ignoreFailedScalingActivities": { "type": "boolean", "description": "Whether to ignore failed [Auto Scaling scaling activities](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-verify-scaling-activity.html) while waiting for capacity. The default is `false` -- failed scaling activities cause errors to be returned.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the Auto Scaling Group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new Auto Scaling Group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n" }, "instanceMaintenancePolicy": { "$ref": "#/types/aws:autoscaling/GroupInstanceMaintenancePolicy:GroupInstanceMaintenancePolicy", "description": "If this block is configured, add a instance maintenance policy to the specified Auto Scaling group. Defined below.\n" }, "instanceRefresh": { "$ref": "#/types/aws:autoscaling/GroupInstanceRefresh:GroupInstanceRefresh", "description": "If this block is configured, start an\n[Instance Refresh](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)\nwhen this Auto Scaling Group is updated. Defined below.\n" }, "launchConfiguration": { "type": "string", "description": "Name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument with Launch template specification to use to launch instances. See Launch Template below for more details.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "List of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead. To remove all load balancer attachments an empty list should be specified.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "Maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 86400 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "Maximum size of the Auto Scaling Group.\n" }, "metricsGranularity": { "type": "string", "description": "Granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes Pulumi to wait for\nthis number of instances from this Auto Scaling Group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "Minimum size of the Auto Scaling Group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. See Mixed Instances Policy below for more details.\n" }, "name": { "type": "string", "description": "Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "placementGroup": { "type": "string", "description": "Name of the placement group into which you'll launch your instances, if any.\n" }, "predictedCapacity": { "type": "integer", "description": "Predicted capacity of the group.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Whether newly launched instances\nare automatically protected from termination by Amazon EC2 Auto Scaling when\nscaling in. For more information about preventing instances from terminating\non scale in, see [Using instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html)\nin the Amazon EC2 Auto Scaling User Guide.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "List of processes to suspend for the Auto Scaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`, `InstanceRefresh`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your Auto Scaling Group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. See Tag below for more details.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "Set of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing. To remove all target group attachments an empty list should be specified.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of policies to decide how the instances in the Auto Scaling Group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`. Additionally, the ARN of a Lambda function can be specified for custom termination policies.\n" }, "trafficSources": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTrafficSource:GroupTrafficSource" }, "description": "Attaches one or more traffic sources to the specified Auto Scaling group.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Conflicts with `availability_zones`.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "Maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that the provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthe provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause Pulumi to wait\nfor exactly this number of healthy instances from this Auto Scaling Group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" }, "warmPool": { "$ref": "#/types/aws:autoscaling/GroupWarmPool:GroupWarmPool", "description": "If this block is configured, add a [Warm Pool](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)\nto the specified Auto Scaling group. Defined below\n" }, "warmPoolSize": { "type": "integer", "description": "Current size of the warm pool.\n" } }, "required": [ "arn", "availabilityZones", "defaultCooldown", "desiredCapacity", "healthCheckType", "launchTemplate", "loadBalancers", "maxSize", "minSize", "mixedInstancesPolicy", "name", "namePrefix", "predictedCapacity", "serviceLinkedRoleArn", "targetGroupArns", "trafficSources", "vpcZoneIdentifiers", "warmPoolSize" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the `vpc_zone_identifier` attribute, or for attaching a network interface when an existing network interface ID is specified in a launch template. Conflicts with `vpc_zone_identifier`.\n" }, "capacityRebalance": { "type": "boolean", "description": "Whether capacity rebalance is enabled. Otherwise, capacity rebalance is disabled.\n" }, "context": { "type": "string", "description": "Reserved.\n" }, "defaultCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "defaultInstanceWarmup": { "type": "integer", "description": "Amount of time, in seconds, until a newly launched instance can contribute to the Amazon CloudWatch metrics. This delay lets an instance finish initializing before Amazon EC2 Auto Scaling aggregates instance metrics, resulting in more reliable usage data. Set this value equal to the amount of time that it takes for resource consumption to become stable after an instance reaches the InService state. (See [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html))\n" }, "desiredCapacity": { "type": "integer", "description": "Number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "desiredCapacityType": { "type": "string", "description": "The unit of measurement for the value specified for `desired_capacity`. Supported for attribute-based instance type selection only. Valid values: `\"units\"`, `\"vcpu\"`, `\"memory-mib\"`.\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "List of metrics to collect. The allowed values are defined by the [underlying AWS API](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html).\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting\nfor all instances in the pool to terminate. You can force an Auto Scaling Group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "forceDeleteWarmPool": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting for all instances in the warm pool to terminate.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "ignoreFailedScalingActivities": { "type": "boolean", "description": "Whether to ignore failed [Auto Scaling scaling activities](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-verify-scaling-activity.html) while waiting for capacity. The default is `false` -- failed scaling activities cause errors to be returned.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the Auto Scaling Group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new Auto Scaling Group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n", "willReplaceOnChanges": true }, "instanceMaintenancePolicy": { "$ref": "#/types/aws:autoscaling/GroupInstanceMaintenancePolicy:GroupInstanceMaintenancePolicy", "description": "If this block is configured, add a instance maintenance policy to the specified Auto Scaling group. Defined below.\n" }, "instanceRefresh": { "$ref": "#/types/aws:autoscaling/GroupInstanceRefresh:GroupInstanceRefresh", "description": "If this block is configured, start an\n[Instance Refresh](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)\nwhen this Auto Scaling Group is updated. Defined below.\n" }, "launchConfiguration": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/launchConfiguration:LaunchConfiguration" } ], "description": "Name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument with Launch template specification to use to launch instances. See Launch Template below for more details.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "List of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead. To remove all load balancer attachments an empty list should be specified.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "Maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 86400 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "Maximum size of the Auto Scaling Group.\n" }, "metricsGranularity": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:autoscaling/MetricsGranularity:MetricsGranularity" } ], "description": "Granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes Pulumi to wait for\nthis number of instances from this Auto Scaling Group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "Minimum size of the Auto Scaling Group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. See Mixed Instances Policy below for more details.\n" }, "name": { "type": "string", "description": "Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "placementGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/placementGroup:PlacementGroup" } ], "description": "Name of the placement group into which you'll launch your instances, if any.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Whether newly launched instances\nare automatically protected from termination by Amazon EC2 Auto Scaling when\nscaling in. For more information about preventing instances from terminating\non scale in, see [Using instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html)\nin the Amazon EC2 Auto Scaling User Guide.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "List of processes to suspend for the Auto Scaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`, `InstanceRefresh`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your Auto Scaling Group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. See Tag below for more details.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "Set of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing. To remove all target group attachments an empty list should be specified.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of policies to decide how the instances in the Auto Scaling Group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`. Additionally, the ARN of a Lambda function can be specified for custom termination policies.\n" }, "trafficSources": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTrafficSource:GroupTrafficSource" }, "description": "Attaches one or more traffic sources to the specified Auto Scaling group.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Conflicts with `availability_zones`.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "Maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that the provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthe provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause Pulumi to wait\nfor exactly this number of healthy instances from this Auto Scaling Group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" }, "warmPool": { "$ref": "#/types/aws:autoscaling/GroupWarmPool:GroupWarmPool", "description": "If this block is configured, add a [Warm Pool](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)\nto the specified Auto Scaling group. Defined below\n" } }, "requiredInputs": [ "maxSize", "minSize" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "ARN for this Auto Scaling Group\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the `vpc_zone_identifier` attribute, or for attaching a network interface when an existing network interface ID is specified in a launch template. Conflicts with `vpc_zone_identifier`.\n" }, "capacityRebalance": { "type": "boolean", "description": "Whether capacity rebalance is enabled. Otherwise, capacity rebalance is disabled.\n" }, "context": { "type": "string", "description": "Reserved.\n" }, "defaultCooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes before another scaling activity can start.\n" }, "defaultInstanceWarmup": { "type": "integer", "description": "Amount of time, in seconds, until a newly launched instance can contribute to the Amazon CloudWatch metrics. This delay lets an instance finish initializing before Amazon EC2 Auto Scaling aggregates instance metrics, resulting in more reliable usage data. Set this value equal to the amount of time that it takes for resource consumption to become stable after an instance reaches the InService state. (See [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html))\n" }, "desiredCapacity": { "type": "integer", "description": "Number of Amazon EC2 instances that\nshould be running in the group. (See also Waiting for\nCapacity below.)\n" }, "desiredCapacityType": { "type": "string", "description": "The unit of measurement for the value specified for `desired_capacity`. Supported for attribute-based instance type selection only. Valid values: `\"units\"`, `\"vcpu\"`, `\"memory-mib\"`.\n" }, "enabledMetrics": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/metrics:Metric" }, "description": "List of metrics to collect. The allowed values are defined by the [underlying AWS API](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html).\n" }, "forceDelete": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting\nfor all instances in the pool to terminate. You can force an Auto Scaling Group to delete\neven if it's in the process of scaling a resource. Normally, this provider\ndrains all the instances before deleting the group. This bypasses that\nbehavior and potentially leaves resources dangling.\n" }, "forceDeleteWarmPool": { "type": "boolean", "description": "Allows deleting the Auto Scaling Group without waiting for all instances in the warm pool to terminate.\n" }, "healthCheckGracePeriod": { "type": "integer", "description": "Time (in seconds) after instance comes into service before checking health.\n" }, "healthCheckType": { "type": "string", "description": "\"EC2\" or \"ELB\". Controls how health checking is done.\n" }, "ignoreFailedScalingActivities": { "type": "boolean", "description": "Whether to ignore failed [Auto Scaling scaling activities](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-verify-scaling-activity.html) while waiting for capacity. The default is `false` -- failed scaling activities cause errors to be returned.\n" }, "initialLifecycleHooks": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupInitialLifecycleHook:GroupInitialLifecycleHook" }, "description": "One or more\n[Lifecycle Hooks](http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html)\nto attach to the Auto Scaling Group **before** instances are launched. The\nsyntax is exactly the same as the separate\n`aws.autoscaling.LifecycleHook`\nresource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating\na new Auto Scaling Group. For all other use-cases, please use `aws.autoscaling.LifecycleHook` resource.\n", "willReplaceOnChanges": true }, "instanceMaintenancePolicy": { "$ref": "#/types/aws:autoscaling/GroupInstanceMaintenancePolicy:GroupInstanceMaintenancePolicy", "description": "If this block is configured, add a instance maintenance policy to the specified Auto Scaling group. Defined below.\n" }, "instanceRefresh": { "$ref": "#/types/aws:autoscaling/GroupInstanceRefresh:GroupInstanceRefresh", "description": "If this block is configured, start an\n[Instance Refresh](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)\nwhen this Auto Scaling Group is updated. Defined below.\n" }, "launchConfiguration": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/launchConfiguration:LaunchConfiguration" } ], "description": "Name of the launch configuration to use.\n" }, "launchTemplate": { "$ref": "#/types/aws:autoscaling/GroupLaunchTemplate:GroupLaunchTemplate", "description": "Nested argument with Launch template specification to use to launch instances. See Launch Template below for more details.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "List of elastic load balancer names to add to the autoscaling\ngroup names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead. To remove all load balancer attachments an empty list should be specified.\n" }, "maxInstanceLifetime": { "type": "integer", "description": "Maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 86400 and 31536000 seconds.\n" }, "maxSize": { "type": "integer", "description": "Maximum size of the Auto Scaling Group.\n" }, "metricsGranularity": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:autoscaling/MetricsGranularity:MetricsGranularity" } ], "description": "Granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`.\n" }, "minElbCapacity": { "type": "integer", "description": "Setting this causes Pulumi to wait for\nthis number of instances from this Auto Scaling Group to show up healthy in the\nELB only on creation. Updates will not wait on ELB instance number changes.\n(See also Waiting for Capacity below.)\n" }, "minSize": { "type": "integer", "description": "Minimum size of the Auto Scaling Group.\n(See also Waiting for Capacity below.)\n" }, "mixedInstancesPolicy": { "$ref": "#/types/aws:autoscaling/GroupMixedInstancesPolicy:GroupMixedInstancesPolicy", "description": "Configuration block containing settings to define launch targets for Auto Scaling groups. See Mixed Instances Policy below for more details.\n" }, "name": { "type": "string", "description": "Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "placementGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/placementGroup:PlacementGroup" } ], "description": "Name of the placement group into which you'll launch your instances, if any.\n" }, "predictedCapacity": { "type": "integer", "description": "Predicted capacity of the group.\n" }, "protectFromScaleIn": { "type": "boolean", "description": "Whether newly launched instances\nare automatically protected from termination by Amazon EC2 Auto Scaling when\nscaling in. For more information about preventing instances from terminating\non scale in, see [Using instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html)\nin the Amazon EC2 Auto Scaling User Guide.\n" }, "serviceLinkedRoleArn": { "type": "string", "description": "ARN of the service-linked role that the ASG will use to call other AWS services\n" }, "suspendedProcesses": { "type": "array", "items": { "type": "string" }, "description": "List of processes to suspend for the Auto Scaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`, `InstanceRefresh`.\nNote that if you suspend either the `Launch` or `Terminate` process types, it can prevent your Auto Scaling Group from functioning properly.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTag:GroupTag" }, "description": "Configuration block(s) containing resource tags. See Tag below for more details.\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "Set of `aws.alb.TargetGroup` ARNs, for use with Application or Network Load Balancing. To remove all target group attachments an empty list should be specified.\n" }, "terminationPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of policies to decide how the instances in the Auto Scaling Group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`. Additionally, the ARN of a Lambda function can be specified for custom termination policies.\n" }, "trafficSources": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/GroupTrafficSource:GroupTrafficSource" }, "description": "Attaches one or more traffic sources to the specified Auto Scaling group.\n" }, "vpcZoneIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Conflicts with `availability_zones`.\n" }, "waitForCapacityTimeout": { "type": "string", "description": "Maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that the provider should\nwait for ASG instances to be healthy before timing out. (See also Waiting\nfor Capacity below.) Setting this to \"0\" causes\nthe provider to skip all Capacity Waiting behavior.\n" }, "waitForElbCapacity": { "type": "integer", "description": "Setting this will cause Pulumi to wait\nfor exactly this number of healthy instances from this Auto Scaling Group in\nall attached load balancers on both create and update operations. (Takes\nprecedence over `min_elb_capacity` behavior.)\n(See also Waiting for Capacity below.)\n" }, "warmPool": { "$ref": "#/types/aws:autoscaling/GroupWarmPool:GroupWarmPool", "description": "If this block is configured, add a [Warm Pool](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)\nto the specified Auto Scaling group. Defined below\n" }, "warmPoolSize": { "type": "integer", "description": "Current size of the warm pool.\n" } }, "type": "object" } }, "aws:autoscaling/lifecycleHook:LifecycleHook": { "description": "Provides an AutoScaling Lifecycle Hook resource.\n\n\u003e **NOTE:** This provider has two types of ways you can add lifecycle hooks - via\nthe `initial_lifecycle_hook` attribute from the\n`aws.autoscaling.Group`\nresource, or via this one. Hooks added via this resource will not be added\nuntil the autoscaling group has been created, and depending on your\ncapacity\nsettings, after the initial instances have been launched, creating unintended\nbehavior. If you need hooks to run on all instances, add them with\n`initial_lifecycle_hook` in\n`aws.autoscaling.Group`,\nbut take care to not duplicate those hooks with this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.autoscaling.Group(\"foobar\", {\n availabilityZones: [\"us-west-2a\"],\n name: \"test-foobar5\",\n healthCheckType: \"EC2\",\n terminationPolicies: [\"OldestInstance\"],\n tags: [{\n key: \"Foo\",\n value: \"foo-bar\",\n propagateAtLaunch: true,\n }],\n});\nconst foobarLifecycleHook = new aws.autoscaling.LifecycleHook(\"foobar\", {\n name: \"foobar\",\n autoscalingGroupName: foobar.name,\n defaultResult: \"CONTINUE\",\n heartbeatTimeout: 2000,\n lifecycleTransition: \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n notificationMetadata: JSON.stringify({\n foo: \"bar\",\n }),\n notificationTargetArn: \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n roleArn: \"arn:aws:iam::123456789012:role/S3Access\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nfoobar = aws.autoscaling.Group(\"foobar\",\n availability_zones=[\"us-west-2a\"],\n name=\"test-foobar5\",\n health_check_type=\"EC2\",\n termination_policies=[\"OldestInstance\"],\n tags=[{\n \"key\": \"Foo\",\n \"value\": \"foo-bar\",\n \"propagate_at_launch\": True,\n }])\nfoobar_lifecycle_hook = aws.autoscaling.LifecycleHook(\"foobar\",\n name=\"foobar\",\n autoscaling_group_name=foobar.name,\n default_result=\"CONTINUE\",\n heartbeat_timeout=2000,\n lifecycle_transition=\"autoscaling:EC2_INSTANCE_LAUNCHING\",\n notification_metadata=json.dumps({\n \"foo\": \"bar\",\n }),\n notification_target_arn=\"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n role_arn=\"arn:aws:iam::123456789012:role/S3Access\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.AutoScaling.Group(\"foobar\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n },\n Name = \"test-foobar5\",\n HealthCheckType = \"EC2\",\n TerminationPolicies = new[]\n {\n \"OldestInstance\",\n },\n Tags = new[]\n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"Foo\",\n Value = \"foo-bar\",\n PropagateAtLaunch = true,\n },\n },\n });\n\n var foobarLifecycleHook = new Aws.AutoScaling.LifecycleHook(\"foobar\", new()\n {\n Name = \"foobar\",\n AutoscalingGroupName = foobar.Name,\n DefaultResult = \"CONTINUE\",\n HeartbeatTimeout = 2000,\n LifecycleTransition = \"autoscaling:EC2_INSTANCE_LAUNCHING\",\n NotificationMetadata = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n NotificationTargetArn = \"arn:aws:sqs:us-east-1:444455556666:queue1*\",\n RoleArn = \"arn:aws:iam::123456789012:role/S3Access\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := autoscaling.NewGroup(ctx, \"foobar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"test-foobar5\"),\n\t\t\tHealthCheckType: pulumi.String(\"EC2\"),\n\t\t\tTerminationPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"OldestInstance\"),\n\t\t\t},\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"Foo\"),\n\t\t\t\t\tValue: pulumi.String(\"foo-bar\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = autoscaling.NewLifecycleHook(ctx, \"foobar\", \u0026autoscaling.LifecycleHookArgs{\n\t\t\tName: pulumi.String(\"foobar\"),\n\t\t\tAutoscalingGroupName: foobar.Name,\n\t\t\tDefaultResult: pulumi.String(\"CONTINUE\"),\n\t\t\tHeartbeatTimeout: pulumi.Int(2000),\n\t\t\tLifecycleTransition: pulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCHING\"),\n\t\t\tNotificationMetadata: pulumi.String(json0),\n\t\t\tNotificationTargetArn: pulumi.String(\"arn:aws:sqs:us-east-1:444455556666:queue1*\"),\n\t\t\tRoleArn: pulumi.String(\"arn:aws:iam::123456789012:role/S3Access\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupTagArgs;\nimport com.pulumi.aws.autoscaling.LifecycleHook;\nimport com.pulumi.aws.autoscaling.LifecycleHookArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new Group(\"foobar\", GroupArgs.builder()\n .availabilityZones(\"us-west-2a\")\n .name(\"test-foobar5\")\n .healthCheckType(\"EC2\")\n .terminationPolicies(\"OldestInstance\")\n .tags(GroupTagArgs.builder()\n .key(\"Foo\")\n .value(\"foo-bar\")\n .propagateAtLaunch(true)\n .build())\n .build());\n\n var foobarLifecycleHook = new LifecycleHook(\"foobarLifecycleHook\", LifecycleHookArgs.builder()\n .name(\"foobar\")\n .autoscalingGroupName(foobar.name())\n .defaultResult(\"CONTINUE\")\n .heartbeatTimeout(2000)\n .lifecycleTransition(\"autoscaling:EC2_INSTANCE_LAUNCHING\")\n .notificationMetadata(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .notificationTargetArn(\"arn:aws:sqs:us-east-1:444455556666:queue1*\")\n .roleArn(\"arn:aws:iam::123456789012:role/S3Access\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:autoscaling:Group\n properties:\n availabilityZones:\n - us-west-2a\n name: test-foobar5\n healthCheckType: EC2\n terminationPolicies:\n - OldestInstance\n tags:\n - key: Foo\n value: foo-bar\n propagateAtLaunch: true\n foobarLifecycleHook:\n type: aws:autoscaling:LifecycleHook\n name: foobar\n properties:\n name: foobar\n autoscalingGroupName: ${foobar.name}\n defaultResult: CONTINUE\n heartbeatTimeout: 2000\n lifecycleTransition: autoscaling:EC2_INSTANCE_LAUNCHING\n notificationMetadata:\n fn::toJSON:\n foo: bar\n notificationTargetArn: arn:aws:sqs:us-east-1:444455556666:queue1*\n roleArn: arn:aws:iam::123456789012:role/S3Access\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AutoScaling Lifecycle Hooks using the role autoscaling_group_name and name separated by `/`. For example:\n\n```sh\n$ pulumi import aws:autoscaling/lifecycleHook:LifecycleHook test-lifecycle-hook asg-name/lifecycle-hook-name\n```\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "Instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "Name of the lifecycle hook.\n" }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "required": [ "autoscalingGroupName", "defaultResult", "lifecycleTransition", "name" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "Instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "Name of the lifecycle hook.\n", "willReplaceOnChanges": true }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "requiredInputs": [ "autoscalingGroupName", "lifecycleTransition" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecycleHook resources.\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Auto Scaling group to which you want to assign the lifecycle hook\n" }, "defaultResult": { "type": "string", "description": "Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. The value for this parameter can be either CONTINUE or ABANDON. The default value for this parameter is ABANDON.\n" }, "heartbeatTimeout": { "type": "integer", "description": "Defines the amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the action defined in the DefaultResult parameter\n" }, "lifecycleTransition": { "type": "string", "description": "Instance state to which you want to attach the lifecycle hook. For a list of lifecycle hook types, see [describe-lifecycle-hook-types](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-lifecycle-hook-types.html#examples)\n" }, "name": { "type": "string", "description": "Name of the lifecycle hook.\n", "willReplaceOnChanges": true }, "notificationMetadata": { "type": "string", "description": "Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.\n" }, "notificationTargetArn": { "type": "string", "description": "ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This ARN target can be either an SQS queue or an SNS topic.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.\n" } }, "type": "object" } }, "aws:autoscaling/notification:Notification": { "description": "Provides an AutoScaling Group with Notification support, via SNS Topics. Each of\nthe `notifications` map to a [Notification Configuration](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html) inside Amazon Web\nServices, and are applied to each AutoScaling Group you supply.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sns.Topic(\"example\", {name: \"example-topic\"});\nconst bar = new aws.autoscaling.Group(\"bar\", {name: \"foobar1-test\"});\nconst foo = new aws.autoscaling.Group(\"foo\", {name: \"barfoo-test\"});\nconst exampleNotifications = new aws.autoscaling.Notification(\"example_notifications\", {\n groupNames: [\n bar.name,\n foo.name,\n ],\n notifications: [\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topicArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sns.Topic(\"example\", name=\"example-topic\")\nbar = aws.autoscaling.Group(\"bar\", name=\"foobar1-test\")\nfoo = aws.autoscaling.Group(\"foo\", name=\"barfoo-test\")\nexample_notifications = aws.autoscaling.Notification(\"example_notifications\",\n group_names=[\n bar.name,\n foo.name,\n ],\n notifications=[\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topic_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sns.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var bar = new Aws.AutoScaling.Group(\"bar\", new()\n {\n Name = \"foobar1-test\",\n });\n\n var foo = new Aws.AutoScaling.Group(\"foo\", new()\n {\n Name = \"barfoo-test\",\n });\n\n var exampleNotifications = new Aws.AutoScaling.Notification(\"example_notifications\", new()\n {\n GroupNames = new[]\n {\n bar.Name,\n foo.Name,\n },\n Notifications = new[]\n {\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n },\n TopicArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sns.NewTopic(ctx, \"example\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tName: pulumi.String(\"foobar1-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := autoscaling.NewGroup(ctx, \"foo\", \u0026autoscaling.GroupArgs{\n\t\t\tName: pulumi.String(\"barfoo-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewNotification(ctx, \"example_notifications\", \u0026autoscaling.NotificationArgs{\n\t\t\tGroupNames: pulumi.StringArray{\n\t\t\t\tbar.Name,\n\t\t\t\tfoo.Name,\n\t\t\t},\n\t\t\tNotifications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\"),\n\t\t\t},\n\t\t\tTopicArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.Notification;\nimport com.pulumi.aws.autoscaling.NotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var bar = new Group(\"bar\", GroupArgs.builder()\n .name(\"foobar1-test\")\n .build());\n\n var foo = new Group(\"foo\", GroupArgs.builder()\n .name(\"barfoo-test\")\n .build());\n\n var exampleNotifications = new Notification(\"exampleNotifications\", NotificationArgs.builder()\n .groupNames( \n bar.name(),\n foo.name())\n .notifications( \n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\")\n .topicArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleNotifications:\n type: aws:autoscaling:Notification\n name: example_notifications\n properties:\n groupNames:\n - ${bar.name}\n - ${foo.name}\n notifications:\n - autoscaling:EC2_INSTANCE_LAUNCH\n - autoscaling:EC2_INSTANCE_TERMINATE\n - autoscaling:EC2_INSTANCE_LAUNCH_ERROR\n - autoscaling:EC2_INSTANCE_TERMINATE_ERROR\n topicArn: ${example.arn}\n example:\n type: aws:sns:Topic\n properties:\n name: example-topic\n bar:\n type: aws:autoscaling:Group\n properties:\n name: foobar1-test\n foo:\n type: aws:autoscaling:Group\n properties:\n name: barfoo-test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "List of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "List of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "Topic ARN for notifications to be sent through\n" } }, "required": [ "groupNames", "notifications", "topicArn" ], "inputProperties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "List of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "List of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "Topic ARN for notifications to be sent through\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupNames", "notifications", "topicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Notification resources.\n", "properties": { "groupNames": { "type": "array", "items": { "type": "string" }, "description": "List of AutoScaling Group Names\n" }, "notifications": { "type": "array", "items": { "type": "string", "$ref": "#/types/aws:autoscaling/notificationType:NotificationType" }, "description": "List of Notification Types that trigger\nnotifications. Acceptable values are documented [in the AWS documentation here](https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html)\n" }, "topicArn": { "type": "string", "description": "Topic ARN for notifications to be sent through\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:autoscaling/policy:Policy": { "description": "Provides an AutoScaling Scaling Policy resource.\n\n\u003e **NOTE:** You may want to omit `desired_capacity` attribute from attached `aws.autoscaling.Group`\nwhen using autoscaling policies. It's good practice to pick either\n[manual](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-manual-scaling.html)\nor [dynamic](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-scale-based-on-demand.html)\n(policy-based) scaling.\n\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.autoscaling.Group(\"bar\", {\n availabilityZones: [\"us-east-1a\"],\n name: \"foobar3-test\",\n maxSize: 5,\n minSize: 2,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n forceDelete: true,\n launchConfiguration: foo.name,\n});\nconst bat = new aws.autoscaling.Policy(\"bat\", {\n name: \"foobar3-test\",\n scalingAdjustment: 4,\n adjustmentType: \"ChangeInCapacity\",\n cooldown: 300,\n autoscalingGroupName: bar.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.autoscaling.Group(\"bar\",\n availability_zones=[\"us-east-1a\"],\n name=\"foobar3-test\",\n max_size=5,\n min_size=2,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n force_delete=True,\n launch_configuration=foo[\"name\"])\nbat = aws.autoscaling.Policy(\"bat\",\n name=\"foobar3-test\",\n scaling_adjustment=4,\n adjustment_type=\"ChangeInCapacity\",\n cooldown=300,\n autoscaling_group_name=bar.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.AutoScaling.Group(\"bar\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Name = \"foobar3-test\",\n MaxSize = 5,\n MinSize = 2,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n ForceDelete = true,\n LaunchConfiguration = foo.Name,\n });\n\n var bat = new Aws.AutoScaling.Policy(\"bat\", new()\n {\n Name = \"foobar3-test\",\n ScalingAdjustment = 4,\n AdjustmentType = \"ChangeInCapacity\",\n Cooldown = 300,\n AutoscalingGroupName = bar.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := autoscaling.NewGroup(ctx, \"bar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"foobar3-test\"),\n\t\t\tMaxSize: pulumi.Int(5),\n\t\t\tMinSize: pulumi.Int(2),\n\t\t\tHealthCheckGracePeriod: pulumi.Int(300),\n\t\t\tHealthCheckType: pulumi.String(\"ELB\"),\n\t\t\tForceDelete: pulumi.Bool(true),\n\t\t\tLaunchConfiguration: pulumi.Any(foo.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewPolicy(ctx, \"bat\", \u0026autoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"foobar3-test\"),\n\t\t\tScalingAdjustment: pulumi.Int(4),\n\t\t\tAdjustmentType: pulumi.String(\"ChangeInCapacity\"),\n\t\t\tCooldown: pulumi.Int(300),\n\t\t\tAutoscalingGroupName: bar.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Group(\"bar\", GroupArgs.builder()\n .availabilityZones(\"us-east-1a\")\n .name(\"foobar3-test\")\n .maxSize(5)\n .minSize(2)\n .healthCheckGracePeriod(300)\n .healthCheckType(\"ELB\")\n .forceDelete(true)\n .launchConfiguration(foo.name())\n .build());\n\n var bat = new Policy(\"bat\", PolicyArgs.builder()\n .name(\"foobar3-test\")\n .scalingAdjustment(4)\n .adjustmentType(\"ChangeInCapacity\")\n .cooldown(300)\n .autoscalingGroupName(bar.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bat:\n type: aws:autoscaling:Policy\n properties:\n name: foobar3-test\n scalingAdjustment: 4\n adjustmentType: ChangeInCapacity\n cooldown: 300\n autoscalingGroupName: ${bar.name}\n bar:\n type: aws:autoscaling:Group\n properties:\n availabilityZones:\n - us-east-1a\n name: foobar3-test\n maxSize: 5\n minSize: 2\n healthCheckGracePeriod: 300\n healthCheckType: ELB\n forceDelete: true\n launchConfiguration: ${foo.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create target tracking scaling policy using metric math\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {\n autoscalingGroupName: \"my-test-asg\",\n name: \"foo\",\n policyType: \"TargetTrackingScaling\",\n targetTrackingConfiguration: {\n targetValue: 100,\n customizedMetricSpecification: {\n metrics: [\n {\n label: \"Get the queue size (the number of messages waiting to be processed)\",\n id: \"m1\",\n metricStat: {\n metric: {\n namespace: \"AWS/SQS\",\n metricName: \"ApproximateNumberOfMessagesVisible\",\n dimensions: [{\n name: \"QueueName\",\n value: \"my-queue\",\n }],\n },\n stat: \"Sum\",\n },\n returnData: false,\n },\n {\n label: \"Get the group size (the number of InService instances)\",\n id: \"m2\",\n metricStat: {\n metric: {\n namespace: \"AWS/AutoScaling\",\n metricName: \"GroupInServiceInstances\",\n dimensions: [{\n name: \"AutoScalingGroupName\",\n value: \"my-asg\",\n }],\n },\n stat: \"Average\",\n },\n returnData: false,\n },\n {\n label: \"Calculate the backlog per instance\",\n id: \"e1\",\n expression: \"m1 / m2\",\n returnData: true,\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\",\n autoscaling_group_name=\"my-test-asg\",\n name=\"foo\",\n policy_type=\"TargetTrackingScaling\",\n target_tracking_configuration={\n \"target_value\": 100,\n \"customized_metric_specification\": {\n \"metrics\": [\n {\n \"label\": \"Get the queue size (the number of messages waiting to be processed)\",\n \"id\": \"m1\",\n \"metric_stat\": {\n \"metric\": {\n \"namespace\": \"AWS/SQS\",\n \"metric_name\": \"ApproximateNumberOfMessagesVisible\",\n \"dimensions\": [{\n \"name\": \"QueueName\",\n \"value\": \"my-queue\",\n }],\n },\n \"stat\": \"Sum\",\n },\n \"return_data\": False,\n },\n {\n \"label\": \"Get the group size (the number of InService instances)\",\n \"id\": \"m2\",\n \"metric_stat\": {\n \"metric\": {\n \"namespace\": \"AWS/AutoScaling\",\n \"metric_name\": \"GroupInServiceInstances\",\n \"dimensions\": [{\n \"name\": \"AutoScalingGroupName\",\n \"value\": \"my-asg\",\n }],\n },\n \"stat\": \"Average\",\n },\n \"return_data\": False,\n },\n {\n \"label\": \"Calculate the backlog per instance\",\n \"id\": \"e1\",\n \"expression\": \"m1 / m2\",\n \"return_data\": True,\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n AutoscalingGroupName = \"my-test-asg\",\n Name = \"foo\",\n PolicyType = \"TargetTrackingScaling\",\n TargetTrackingConfiguration = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationArgs\n {\n TargetValue = 100,\n CustomizedMetricSpecification = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationArgs\n {\n Metrics = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Get the queue size (the number of messages waiting to be processed)\",\n Id = \"m1\",\n MetricStat = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs\n {\n Metric = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs\n {\n Namespace = \"AWS/SQS\",\n MetricName = \"ApproximateNumberOfMessagesVisible\",\n Dimensions = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs\n {\n Name = \"QueueName\",\n Value = \"my-queue\",\n },\n },\n },\n Stat = \"Sum\",\n },\n ReturnData = false,\n },\n new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Get the group size (the number of InService instances)\",\n Id = \"m2\",\n MetricStat = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs\n {\n Metric = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs\n {\n Namespace = \"AWS/AutoScaling\",\n MetricName = \"GroupInServiceInstances\",\n Dimensions = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs\n {\n Name = \"AutoScalingGroupName\",\n Value = \"my-asg\",\n },\n },\n },\n Stat = \"Average\",\n },\n ReturnData = false,\n },\n new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs\n {\n Label = \"Calculate the backlog per instance\",\n Id = \"e1\",\n Expression = \"m1 / m2\",\n ReturnData = true,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tAutoscalingGroupName: pulumi.String(\"my-test-asg\"),\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tPolicyType: pulumi.String(\"TargetTrackingScaling\"),\n\t\t\tTargetTrackingConfiguration: \u0026autoscaling.PolicyTargetTrackingConfigurationArgs{\n\t\t\t\tTargetValue: pulumi.Float64(100),\n\t\t\t\tCustomizedMetricSpecification: \u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationArgs{\n\t\t\t\t\tMetrics: autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArray{\n\t\t\t\t\t\t\u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Get the queue size (the number of messages waiting to be processed)\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\t\t\tMetricStat: \u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs{\n\t\t\t\t\t\t\t\tMetric: \u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs{\n\t\t\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/SQS\"),\n\t\t\t\t\t\t\t\t\tMetricName: pulumi.String(\"ApproximateNumberOfMessagesVisible\"),\n\t\t\t\t\t\t\t\t\tDimensions: autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"QueueName\"),\n\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"my-queue\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Get the group size (the number of InService instances)\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"m2\"),\n\t\t\t\t\t\t\tMetricStat: \u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs{\n\t\t\t\t\t\t\t\tMetric: \u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs{\n\t\t\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/AutoScaling\"),\n\t\t\t\t\t\t\t\t\tMetricName: pulumi.String(\"GroupInServiceInstances\"),\n\t\t\t\t\t\t\t\t\tDimensions: autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"AutoScalingGroupName\"),\n\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"my-asg\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tStat: pulumi.String(\"Average\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026autoscaling.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"Calculate the backlog per instance\"),\n\t\t\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\t\t\tExpression: pulumi.String(\"m1 / m2\"),\n\t\t\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationCustomizedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .autoscalingGroupName(\"my-test-asg\")\n .name(\"foo\")\n .policyType(\"TargetTrackingScaling\")\n .targetTrackingConfiguration(PolicyTargetTrackingConfigurationArgs.builder()\n .targetValue(100)\n .customizedMetricSpecification(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationArgs.builder()\n .metrics( \n PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Get the queue size (the number of messages waiting to be processed)\")\n .id(\"m1\")\n .metricStat(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs.builder()\n .metric(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs.builder()\n .namespace(\"AWS/SQS\")\n .metricName(\"ApproximateNumberOfMessagesVisible\")\n .dimensions(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs.builder()\n .name(\"QueueName\")\n .value(\"my-queue\")\n .build())\n .build())\n .stat(\"Sum\")\n .build())\n .returnData(false)\n .build(),\n PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Get the group size (the number of InService instances)\")\n .id(\"m2\")\n .metricStat(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatArgs.builder()\n .metric(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricArgs.builder()\n .namespace(\"AWS/AutoScaling\")\n .metricName(\"GroupInServiceInstances\")\n .dimensions(PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimensionArgs.builder()\n .name(\"AutoScalingGroupName\")\n .value(\"my-asg\")\n .build())\n .build())\n .stat(\"Average\")\n .build())\n .returnData(false)\n .build(),\n PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricArgs.builder()\n .label(\"Calculate the backlog per instance\")\n .id(\"e1\")\n .expression(\"m1 / m2\")\n .returnData(true)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n autoscalingGroupName: my-test-asg\n name: foo\n policyType: TargetTrackingScaling\n targetTrackingConfiguration:\n targetValue: 100\n customizedMetricSpecification:\n metrics:\n - label: Get the queue size (the number of messages waiting to be processed)\n id: m1\n metricStat:\n metric:\n namespace: AWS/SQS\n metricName: ApproximateNumberOfMessagesVisible\n dimensions:\n - name: QueueName\n value: my-queue\n stat: Sum\n returnData: false\n - label: Get the group size (the number of InService instances)\n id: m2\n metricStat:\n metric:\n namespace: AWS/AutoScaling\n metricName: GroupInServiceInstances\n dimensions:\n - name: AutoScalingGroupName\n value: my-asg\n stat: Average\n returnData: false\n - label: Calculate the backlog per instance\n id: e1\n expression: m1 / m2\n returnData: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create predictive scaling policy using customized metrics\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {\n autoscalingGroupName: \"my-test-asg\",\n name: \"foo\",\n policyType: \"PredictiveScaling\",\n predictiveScalingConfiguration: {\n metricSpecification: {\n targetValue: 10,\n customizedLoadMetricSpecification: {\n metricDataQueries: [{\n id: \"load_sum\",\n expression: \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 3600))\",\n }],\n },\n customizedCapacityMetricSpecification: {\n metricDataQueries: [{\n id: \"capacity_sum\",\n expression: \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n }],\n },\n customizedScalingMetricSpecification: {\n metricDataQueries: [\n {\n id: \"capacity_sum\",\n expression: \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n returnData: false,\n },\n {\n id: \"load_sum\",\n expression: \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 300))\",\n returnData: false,\n },\n {\n id: \"weighted_average\",\n expression: \"load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\",\n },\n ],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\",\n autoscaling_group_name=\"my-test-asg\",\n name=\"foo\",\n policy_type=\"PredictiveScaling\",\n predictive_scaling_configuration={\n \"metric_specification\": {\n \"target_value\": 10,\n \"customized_load_metric_specification\": {\n \"metric_data_queries\": [{\n \"id\": \"load_sum\",\n \"expression\": \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 3600))\",\n }],\n },\n \"customized_capacity_metric_specification\": {\n \"metric_data_queries\": [{\n \"id\": \"capacity_sum\",\n \"expression\": \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n }],\n },\n \"customized_scaling_metric_specification\": {\n \"metric_data_queries\": [\n {\n \"id\": \"capacity_sum\",\n \"expression\": \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n \"return_data\": False,\n },\n {\n \"id\": \"load_sum\",\n \"expression\": \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 300))\",\n \"return_data\": False,\n },\n {\n \"id\": \"weighted_average\",\n \"expression\": \"load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\",\n },\n ],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n AutoscalingGroupName = \"my-test-asg\",\n Name = \"foo\",\n PolicyType = \"PredictiveScaling\",\n PredictiveScalingConfiguration = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationArgs\n {\n MetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationArgs\n {\n TargetValue = 10,\n CustomizedLoadMetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationArgs\n {\n MetricDataQueries = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryArgs\n {\n Id = \"load_sum\",\n Expression = \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 3600))\",\n },\n },\n },\n CustomizedCapacityMetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationArgs\n {\n MetricDataQueries = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryArgs\n {\n Id = \"capacity_sum\",\n Expression = \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n },\n },\n },\n CustomizedScalingMetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs\n {\n MetricDataQueries = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs\n {\n Id = \"capacity_sum\",\n Expression = \"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\",\n ReturnData = false,\n },\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs\n {\n Id = \"load_sum\",\n Expression = \"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 300))\",\n ReturnData = false,\n },\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs\n {\n Id = \"weighted_average\",\n Expression = \"load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tAutoscalingGroupName: pulumi.String(\"my-test-asg\"),\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tPolicyType: pulumi.String(\"PredictiveScaling\"),\n\t\t\tPredictiveScalingConfiguration: \u0026autoscaling.PolicyPredictiveScalingConfigurationArgs{\n\t\t\t\tMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationArgs{\n\t\t\t\t\tTargetValue: pulumi.Float64(10),\n\t\t\t\t\tCustomizedLoadMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationArgs{\n\t\t\t\t\t\tMetricDataQueries: autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryArray{\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"load_sum\"),\n\t\t\t\t\t\t\t\tExpression: pulumi.String(\"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 3600))\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tCustomizedCapacityMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationArgs{\n\t\t\t\t\t\tMetricDataQueries: autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryArray{\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"capacity_sum\"),\n\t\t\t\t\t\t\t\tExpression: pulumi.String(\"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tCustomizedScalingMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs{\n\t\t\t\t\t\tMetricDataQueries: autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArray{\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"capacity_sum\"),\n\t\t\t\t\t\t\t\tExpression: pulumi.String(\"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\"),\n\t\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"load_sum\"),\n\t\t\t\t\t\t\t\tExpression: pulumi.String(\"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 300))\"),\n\t\t\t\t\t\t\t\tReturnData: pulumi.Bool(false),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"weighted_average\"),\n\t\t\t\t\t\t\t\tExpression: pulumi.String(\"load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .autoscalingGroupName(\"my-test-asg\")\n .name(\"foo\")\n .policyType(\"PredictiveScaling\")\n .predictiveScalingConfiguration(PolicyPredictiveScalingConfigurationArgs.builder()\n .metricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationArgs.builder()\n .targetValue(10)\n .customizedLoadMetricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationArgs.builder()\n .metricDataQueries(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"load_sum\")\n .expression(\"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 3600))\")\n .build())\n .build())\n .customizedCapacityMetricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationArgs.builder()\n .metricDataQueries(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"capacity_sum\")\n .expression(\"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\")\n .build())\n .build())\n .customizedScalingMetricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs.builder()\n .metricDataQueries( \n PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"capacity_sum\")\n .expression(\"SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\\\"GroupInServiceIntances\\\" my-test-asg', 'Average', 300))\")\n .returnData(false)\n .build(),\n PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"load_sum\")\n .expression(\"SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\\\"CPUUtilization\\\" my-test-asg', 'Sum', 300))\")\n .returnData(false)\n .build(),\n PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"weighted_average\")\n .expression(\"load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n autoscalingGroupName: my-test-asg\n name: foo\n policyType: PredictiveScaling\n predictiveScalingConfiguration:\n metricSpecification:\n targetValue: 10\n customizedLoadMetricSpecification:\n metricDataQueries:\n - id: load_sum\n expression: SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\"CPUUtilization\" my-test-asg', 'Sum', 3600))\n customizedCapacityMetricSpecification:\n metricDataQueries:\n - id: capacity_sum\n expression: SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\"GroupInServiceIntances\" my-test-asg', 'Average', 300))\n customizedScalingMetricSpecification:\n metricDataQueries:\n - id: capacity_sum\n expression: SUM(SEARCH('{AWS/AutoScaling,AutoScalingGroupName} MetricName=\"GroupInServiceIntances\" my-test-asg', 'Average', 300))\n returnData: false\n - id: load_sum\n expression: SUM(SEARCH('{AWS/EC2,AutoScalingGroupName} MetricName=\"CPUUtilization\" my-test-asg', 'Sum', 300))\n returnData: false\n - id: weighted_average\n expression: load_sum / (capacity_sum * PERIOD(capacity_sum) / 60)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create predictive scaling policy using customized scaling and predefined load metric\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {\n autoscalingGroupName: \"my-test-asg\",\n name: \"foo\",\n policyType: \"PredictiveScaling\",\n predictiveScalingConfiguration: {\n metricSpecification: {\n targetValue: 10,\n predefinedLoadMetricSpecification: {\n predefinedMetricType: \"ASGTotalCPUUtilization\",\n resourceLabel: \"app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\",\n },\n customizedScalingMetricSpecification: {\n metricDataQueries: [{\n id: \"scaling\",\n metricStat: {\n metric: {\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n dimensions: [{\n name: \"AutoScalingGroupName\",\n value: \"my-test-asg\",\n }],\n },\n stat: \"Average\",\n },\n }],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\",\n autoscaling_group_name=\"my-test-asg\",\n name=\"foo\",\n policy_type=\"PredictiveScaling\",\n predictive_scaling_configuration={\n \"metric_specification\": {\n \"target_value\": 10,\n \"predefined_load_metric_specification\": {\n \"predefined_metric_type\": \"ASGTotalCPUUtilization\",\n \"resource_label\": \"app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\",\n },\n \"customized_scaling_metric_specification\": {\n \"metric_data_queries\": [{\n \"id\": \"scaling\",\n \"metric_stat\": {\n \"metric\": {\n \"metric_name\": \"CPUUtilization\",\n \"namespace\": \"AWS/EC2\",\n \"dimensions\": [{\n \"name\": \"AutoScalingGroupName\",\n \"value\": \"my-test-asg\",\n }],\n },\n \"stat\": \"Average\",\n },\n }],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n AutoscalingGroupName = \"my-test-asg\",\n Name = \"foo\",\n PolicyType = \"PredictiveScaling\",\n PredictiveScalingConfiguration = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationArgs\n {\n MetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationArgs\n {\n TargetValue = 10,\n PredefinedLoadMetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecificationArgs\n {\n PredefinedMetricType = \"ASGTotalCPUUtilization\",\n ResourceLabel = \"app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\",\n },\n CustomizedScalingMetricSpecification = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs\n {\n MetricDataQueries = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs\n {\n Id = \"scaling\",\n MetricStat = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatArgs\n {\n Metric = new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricArgs\n {\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Dimensions = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimensionArgs\n {\n Name = \"AutoScalingGroupName\",\n Value = \"my-test-asg\",\n },\n },\n },\n Stat = \"Average\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tAutoscalingGroupName: pulumi.String(\"my-test-asg\"),\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tPolicyType: pulumi.String(\"PredictiveScaling\"),\n\t\t\tPredictiveScalingConfiguration: \u0026autoscaling.PolicyPredictiveScalingConfigurationArgs{\n\t\t\t\tMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationArgs{\n\t\t\t\t\tTargetValue: pulumi.Float64(10),\n\t\t\t\t\tPredefinedLoadMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecificationArgs{\n\t\t\t\t\t\tPredefinedMetricType: pulumi.String(\"ASGTotalCPUUtilization\"),\n\t\t\t\t\t\tResourceLabel: pulumi.String(\"app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\"),\n\t\t\t\t\t},\n\t\t\t\t\tCustomizedScalingMetricSpecification: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs{\n\t\t\t\t\t\tMetricDataQueries: autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArray{\n\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs{\n\t\t\t\t\t\t\t\tId: pulumi.String(\"scaling\"),\n\t\t\t\t\t\t\t\tMetricStat: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatArgs{\n\t\t\t\t\t\t\t\t\tMetric: \u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricArgs{\n\t\t\t\t\t\t\t\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\t\t\t\t\t\tDimensions: autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026autoscaling.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"AutoScalingGroupName\"),\n\t\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"my-test-asg\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\tStat: pulumi.String(\"Average\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecificationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .autoscalingGroupName(\"my-test-asg\")\n .name(\"foo\")\n .policyType(\"PredictiveScaling\")\n .predictiveScalingConfiguration(PolicyPredictiveScalingConfigurationArgs.builder()\n .metricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationArgs.builder()\n .targetValue(10)\n .predefinedLoadMetricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecificationArgs.builder()\n .predefinedMetricType(\"ASGTotalCPUUtilization\")\n .resourceLabel(\"app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\")\n .build())\n .customizedScalingMetricSpecification(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationArgs.builder()\n .metricDataQueries(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryArgs.builder()\n .id(\"scaling\")\n .metricStat(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatArgs.builder()\n .metric(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricArgs.builder()\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .dimensions(PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimensionArgs.builder()\n .name(\"AutoScalingGroupName\")\n .value(\"my-test-asg\")\n .build())\n .build())\n .stat(\"Average\")\n .build())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n autoscalingGroupName: my-test-asg\n name: foo\n policyType: PredictiveScaling\n predictiveScalingConfiguration:\n metricSpecification:\n targetValue: 10\n predefinedLoadMetricSpecification:\n predefinedMetricType: ASGTotalCPUUtilization\n resourceLabel: app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff\n customizedScalingMetricSpecification:\n metricDataQueries:\n - id: scaling\n metricStat:\n metric:\n metricName: CPUUtilization\n namespace: AWS/EC2\n dimensions:\n - name: AutoScalingGroupName\n value: my-test-asg\n stat: Average\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AutoScaling scaling policy using the role autoscaling_group_name and name separated by `/`. For example:\n\n```sh\n$ pulumi import aws:autoscaling/policy:Policy test-policy asg-name/policy-name\n```\n", "properties": { "adjustmentType": { "type": "string", "description": "Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "arn": { "type": "string", "description": "ARN assigned by AWS to the scaling policy.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of the autoscaling group.\n" }, "cooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "enabled": { "type": "boolean", "description": "Whether the scaling policy is enabled or disabled. Default: `true`.\n\nThe following argument is only available to \"SimpleScaling\" and \"StepScaling\" type policies:\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "Estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "Aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer", "description": "Minimum value to scale by when `adjustment_type` is set to `PercentChangeInCapacity`.\n\nThe following arguments are only available to \"SimpleScaling\" type policies:\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policyType": { "type": "string", "description": "Policy type, either \"SimpleScaling\", \"StepScaling\", \"TargetTrackingScaling\", or \"PredictiveScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "predictiveScalingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfiguration:PolicyPredictiveScalingConfiguration", "description": "Predictive scaling policy configuration to use with Amazon EC2 Auto Scaling.\n" }, "scalingAdjustment": { "type": "integer", "description": "Number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "Set of adjustments that manage\ngroup scaling. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {stepAdjustments: [\n {\n scalingAdjustment: -1,\n metricIntervalLowerBound: \"1\",\n metricIntervalUpperBound: \"2\",\n },\n {\n scalingAdjustment: 1,\n metricIntervalLowerBound: \"2\",\n metricIntervalUpperBound: \"3\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", step_adjustments=[\n {\n \"scaling_adjustment\": -1,\n \"metric_interval_lower_bound\": \"1\",\n \"metric_interval_upper_bound\": \"2\",\n },\n {\n \"scaling_adjustment\": 1,\n \"metric_interval_lower_bound\": \"2\",\n \"metric_interval_upper_bound\": \"3\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n StepAdjustments = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = -1,\n MetricIntervalLowerBound = \"1\",\n MetricIntervalUpperBound = \"2\",\n },\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = 1,\n MetricIntervalLowerBound = \"2\",\n MetricIntervalUpperBound = \"3\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tStepAdjustments: autoscaling.PolicyStepAdjustmentArray{\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: int(-1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"1\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: pulumi.Int(1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"2\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"3\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n stepAdjustments:\n - scalingAdjustment: -1\n metricIntervalLowerBound: 1\n metricIntervalUpperBound: 2\n - scalingAdjustment: 1\n metricIntervalLowerBound: 2\n metricIntervalUpperBound: 3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in step adjustments:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "Target tracking policy. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {targetTrackingConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"ASGAverageCPUUtilization\",\n },\n targetValue: 40,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", target_tracking_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"ASGAverageCPUUtilization\",\n },\n \"target_value\": 40,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n TargetTrackingConfiguration = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"ASGAverageCPUUtilization\",\n },\n TargetValue = 40,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tTargetTrackingConfiguration: \u0026autoscaling.PolicyTargetTrackingConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026autoscaling.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"ASGAverageCPUUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(40),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .targetTrackingConfiguration(PolicyTargetTrackingConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"ASGAverageCPUUtilization\")\n .build())\n .targetValue(40)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n targetTrackingConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: ASGAverageCPUUtilization\n targetValue: 40\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in target tracking configuration:\n" } }, "required": [ "arn", "autoscalingGroupName", "metricAggregationType", "name" ], "inputProperties": { "adjustmentType": { "type": "string", "description": "Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of the autoscaling group.\n", "willReplaceOnChanges": true }, "cooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "enabled": { "type": "boolean", "description": "Whether the scaling policy is enabled or disabled. Default: `true`.\n\nThe following argument is only available to \"SimpleScaling\" and \"StepScaling\" type policies:\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "Estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "Aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer", "description": "Minimum value to scale by when `adjustment_type` is set to `PercentChangeInCapacity`.\n\nThe following arguments are only available to \"SimpleScaling\" type policies:\n" }, "name": { "type": "string", "description": "Name of the policy.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Policy type, either \"SimpleScaling\", \"StepScaling\", \"TargetTrackingScaling\", or \"PredictiveScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "predictiveScalingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfiguration:PolicyPredictiveScalingConfiguration", "description": "Predictive scaling policy configuration to use with Amazon EC2 Auto Scaling.\n" }, "scalingAdjustment": { "type": "integer", "description": "Number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "Set of adjustments that manage\ngroup scaling. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {stepAdjustments: [\n {\n scalingAdjustment: -1,\n metricIntervalLowerBound: \"1\",\n metricIntervalUpperBound: \"2\",\n },\n {\n scalingAdjustment: 1,\n metricIntervalLowerBound: \"2\",\n metricIntervalUpperBound: \"3\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", step_adjustments=[\n {\n \"scaling_adjustment\": -1,\n \"metric_interval_lower_bound\": \"1\",\n \"metric_interval_upper_bound\": \"2\",\n },\n {\n \"scaling_adjustment\": 1,\n \"metric_interval_lower_bound\": \"2\",\n \"metric_interval_upper_bound\": \"3\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n StepAdjustments = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = -1,\n MetricIntervalLowerBound = \"1\",\n MetricIntervalUpperBound = \"2\",\n },\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = 1,\n MetricIntervalLowerBound = \"2\",\n MetricIntervalUpperBound = \"3\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tStepAdjustments: autoscaling.PolicyStepAdjustmentArray{\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: int(-1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"1\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: pulumi.Int(1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"2\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"3\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n stepAdjustments:\n - scalingAdjustment: -1\n metricIntervalLowerBound: 1\n metricIntervalUpperBound: 2\n - scalingAdjustment: 1\n metricIntervalLowerBound: 2\n metricIntervalUpperBound: 3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in step adjustments:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "Target tracking policy. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {targetTrackingConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"ASGAverageCPUUtilization\",\n },\n targetValue: 40,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", target_tracking_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"ASGAverageCPUUtilization\",\n },\n \"target_value\": 40,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n TargetTrackingConfiguration = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"ASGAverageCPUUtilization\",\n },\n TargetValue = 40,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tTargetTrackingConfiguration: \u0026autoscaling.PolicyTargetTrackingConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026autoscaling.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"ASGAverageCPUUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(40),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .targetTrackingConfiguration(PolicyTargetTrackingConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"ASGAverageCPUUtilization\")\n .build())\n .targetValue(40)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n targetTrackingConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: ASGAverageCPUUtilization\n targetValue: 40\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in target tracking configuration:\n" } }, "requiredInputs": [ "autoscalingGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "adjustmentType": { "type": "string", "description": "Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`.\n" }, "arn": { "type": "string", "description": "ARN assigned by AWS to the scaling policy.\n" }, "autoscalingGroupName": { "type": "string", "description": "Name of the autoscaling group.\n", "willReplaceOnChanges": true }, "cooldown": { "type": "integer", "description": "Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start.\n" }, "enabled": { "type": "boolean", "description": "Whether the scaling policy is enabled or disabled. Default: `true`.\n\nThe following argument is only available to \"SimpleScaling\" and \"StepScaling\" type policies:\n" }, "estimatedInstanceWarmup": { "type": "integer", "description": "Estimated time, in seconds, until a newly launched instance will contribute CloudWatch metrics. Without a value, AWS will default to the group's specified cooldown period.\n" }, "metricAggregationType": { "type": "string", "description": "Aggregation type for the policy's metrics. Valid values are \"Minimum\", \"Maximum\", and \"Average\". Without a value, AWS will treat the aggregation type as \"Average\".\n" }, "minAdjustmentMagnitude": { "type": "integer", "description": "Minimum value to scale by when `adjustment_type` is set to `PercentChangeInCapacity`.\n\nThe following arguments are only available to \"SimpleScaling\" type policies:\n" }, "name": { "type": "string", "description": "Name of the policy.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Policy type, either \"SimpleScaling\", \"StepScaling\", \"TargetTrackingScaling\", or \"PredictiveScaling\". If this value isn't provided, AWS will default to \"SimpleScaling.\"\n" }, "predictiveScalingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyPredictiveScalingConfiguration:PolicyPredictiveScalingConfiguration", "description": "Predictive scaling policy configuration to use with Amazon EC2 Auto Scaling.\n" }, "scalingAdjustment": { "type": "integer", "description": "Number of members by which to\nscale, when the adjustment bounds are breached. A positive value scales\nup. A negative value scales down.\n" }, "stepAdjustments": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/PolicyStepAdjustment:PolicyStepAdjustment" }, "description": "Set of adjustments that manage\ngroup scaling. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {stepAdjustments: [\n {\n scalingAdjustment: -1,\n metricIntervalLowerBound: \"1\",\n metricIntervalUpperBound: \"2\",\n },\n {\n scalingAdjustment: 1,\n metricIntervalLowerBound: \"2\",\n metricIntervalUpperBound: \"3\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", step_adjustments=[\n {\n \"scaling_adjustment\": -1,\n \"metric_interval_lower_bound\": \"1\",\n \"metric_interval_upper_bound\": \"2\",\n },\n {\n \"scaling_adjustment\": 1,\n \"metric_interval_lower_bound\": \"2\",\n \"metric_interval_upper_bound\": \"3\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n StepAdjustments = new[]\n {\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = -1,\n MetricIntervalLowerBound = \"1\",\n MetricIntervalUpperBound = \"2\",\n },\n new Aws.AutoScaling.Inputs.PolicyStepAdjustmentArgs\n {\n ScalingAdjustment = 1,\n MetricIntervalLowerBound = \"2\",\n MetricIntervalUpperBound = \"3\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tStepAdjustments: autoscaling.PolicyStepAdjustmentArray{\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: int(-1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"1\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t\t\u0026autoscaling.PolicyStepAdjustmentArgs{\n\t\t\t\t\tScalingAdjustment: pulumi.Int(1),\n\t\t\t\t\tMetricIntervalLowerBound: pulumi.String(\"2\"),\n\t\t\t\t\tMetricIntervalUpperBound: pulumi.String(\"3\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n stepAdjustments:\n - scalingAdjustment: -1\n metricIntervalLowerBound: 1\n metricIntervalUpperBound: 2\n - scalingAdjustment: 1\n metricIntervalLowerBound: 2\n metricIntervalUpperBound: 3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in step adjustments:\n" }, "targetTrackingConfiguration": { "$ref": "#/types/aws:autoscaling/PolicyTargetTrackingConfiguration:PolicyTargetTrackingConfiguration", "description": "Target tracking policy. These have the following structure:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.Policy(\"example\", {targetTrackingConfiguration: {\n predefinedMetricSpecification: {\n predefinedMetricType: \"ASGAverageCPUUtilization\",\n },\n targetValue: 40,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.Policy(\"example\", target_tracking_configuration={\n \"predefined_metric_specification\": {\n \"predefined_metric_type\": \"ASGAverageCPUUtilization\",\n },\n \"target_value\": 40,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.Policy(\"example\", new()\n {\n TargetTrackingConfiguration = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationArgs\n {\n PredefinedMetricSpecification = new Aws.AutoScaling.Inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs\n {\n PredefinedMetricType = \"ASGAverageCPUUtilization\",\n },\n TargetValue = 40,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewPolicy(ctx, \"example\", \u0026autoscaling.PolicyArgs{\n\t\t\tTargetTrackingConfiguration: \u0026autoscaling.PolicyTargetTrackingConfigurationArgs{\n\t\t\t\tPredefinedMetricSpecification: \u0026autoscaling.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs{\n\t\t\t\t\tPredefinedMetricType: pulumi.String(\"ASGAverageCPUUtilization\"),\n\t\t\t\t},\n\t\t\t\tTargetValue: pulumi.Float64(40),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.autoscaling.inputs.PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Policy(\"example\", PolicyArgs.builder()\n .targetTrackingConfiguration(PolicyTargetTrackingConfigurationArgs.builder()\n .predefinedMetricSpecification(PolicyTargetTrackingConfigurationPredefinedMetricSpecificationArgs.builder()\n .predefinedMetricType(\"ASGAverageCPUUtilization\")\n .build())\n .targetValue(40)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:Policy\n properties:\n targetTrackingConfiguration:\n predefinedMetricSpecification:\n predefinedMetricType: ASGAverageCPUUtilization\n targetValue: 40\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following fields are available in target tracking configuration:\n" } }, "type": "object" } }, "aws:autoscaling/schedule:Schedule": { "description": "Provides an AutoScaling Schedule resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.autoscaling.Group(\"foobar\", {\n availabilityZones: [\"us-west-2a\"],\n name: \"test-foobar5\",\n maxSize: 1,\n minSize: 1,\n healthCheckGracePeriod: 300,\n healthCheckType: \"ELB\",\n forceDelete: true,\n terminationPolicies: [\"OldestInstance\"],\n});\nconst foobarSchedule = new aws.autoscaling.Schedule(\"foobar\", {\n scheduledActionName: \"foobar\",\n minSize: 0,\n maxSize: 1,\n desiredCapacity: 0,\n startTime: \"2016-12-11T18:00:00Z\",\n endTime: \"2016-12-12T06:00:00Z\",\n autoscalingGroupName: foobar.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.autoscaling.Group(\"foobar\",\n availability_zones=[\"us-west-2a\"],\n name=\"test-foobar5\",\n max_size=1,\n min_size=1,\n health_check_grace_period=300,\n health_check_type=\"ELB\",\n force_delete=True,\n termination_policies=[\"OldestInstance\"])\nfoobar_schedule = aws.autoscaling.Schedule(\"foobar\",\n scheduled_action_name=\"foobar\",\n min_size=0,\n max_size=1,\n desired_capacity=0,\n start_time=\"2016-12-11T18:00:00Z\",\n end_time=\"2016-12-12T06:00:00Z\",\n autoscaling_group_name=foobar.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.AutoScaling.Group(\"foobar\", new()\n {\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n },\n Name = \"test-foobar5\",\n MaxSize = 1,\n MinSize = 1,\n HealthCheckGracePeriod = 300,\n HealthCheckType = \"ELB\",\n ForceDelete = true,\n TerminationPolicies = new[]\n {\n \"OldestInstance\",\n },\n });\n\n var foobarSchedule = new Aws.AutoScaling.Schedule(\"foobar\", new()\n {\n ScheduledActionName = \"foobar\",\n MinSize = 0,\n MaxSize = 1,\n DesiredCapacity = 0,\n StartTime = \"2016-12-11T18:00:00Z\",\n EndTime = \"2016-12-12T06:00:00Z\",\n AutoscalingGroupName = foobar.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := autoscaling.NewGroup(ctx, \"foobar\", \u0026autoscaling.GroupArgs{\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"test-foobar5\"),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tHealthCheckGracePeriod: pulumi.Int(300),\n\t\t\tHealthCheckType: pulumi.String(\"ELB\"),\n\t\t\tForceDelete: pulumi.Bool(true),\n\t\t\tTerminationPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"OldestInstance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewSchedule(ctx, \"foobar\", \u0026autoscaling.ScheduleArgs{\n\t\t\tScheduledActionName: pulumi.String(\"foobar\"),\n\t\t\tMinSize: pulumi.Int(0),\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tDesiredCapacity: pulumi.Int(0),\n\t\t\tStartTime: pulumi.String(\"2016-12-11T18:00:00Z\"),\n\t\t\tEndTime: pulumi.String(\"2016-12-12T06:00:00Z\"),\n\t\t\tAutoscalingGroupName: foobar.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.Schedule;\nimport com.pulumi.aws.autoscaling.ScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new Group(\"foobar\", GroupArgs.builder()\n .availabilityZones(\"us-west-2a\")\n .name(\"test-foobar5\")\n .maxSize(1)\n .minSize(1)\n .healthCheckGracePeriod(300)\n .healthCheckType(\"ELB\")\n .forceDelete(true)\n .terminationPolicies(\"OldestInstance\")\n .build());\n\n var foobarSchedule = new Schedule(\"foobarSchedule\", ScheduleArgs.builder()\n .scheduledActionName(\"foobar\")\n .minSize(0)\n .maxSize(1)\n .desiredCapacity(0)\n .startTime(\"2016-12-11T18:00:00Z\")\n .endTime(\"2016-12-12T06:00:00Z\")\n .autoscalingGroupName(foobar.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:autoscaling:Group\n properties:\n availabilityZones:\n - us-west-2a\n name: test-foobar5\n maxSize: 1\n minSize: 1\n healthCheckGracePeriod: 300\n healthCheckType: ELB\n forceDelete: true\n terminationPolicies:\n - OldestInstance\n foobarSchedule:\n type: aws:autoscaling:Schedule\n name: foobar\n properties:\n scheduledActionName: foobar\n minSize: 0\n maxSize: 1\n desiredCapacity: 0\n startTime: 2016-12-11T18:00:00Z\n endTime: 2016-12-12T06:00:00Z\n autoscalingGroupName: ${foobar.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AutoScaling ScheduledAction using the `auto-scaling-group-name` and `scheduled-action-name`. For example:\n\n```sh\n$ pulumi import aws:autoscaling/schedule:Schedule resource-name auto-scaling-group-name/scheduled-action-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to the autoscaling schedule.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n" }, "desiredCapacity": { "type": "integer", "description": "The initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. Set to `-1` if you don't want to change the desired capacity at the scheduled time. Defaults to `0`.\n" }, "endTime": { "type": "string", "description": "The date and time for the recurring schedule to end, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the Auto Scaling group. Set to `-1` if you don't want to change the maximum size at the scheduled time. Defaults to `0`.\n" }, "minSize": { "type": "integer", "description": "The minimum size of the Auto Scaling group. Set to `-1` if you don't want to change the minimum size at the scheduled time. Defaults to `0`.\n" }, "recurrence": { "type": "string", "description": "The recurring schedule for this action specified using the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n\nThe following arguments are optional:\n" }, "startTime": { "type": "string", "description": "The date and time for the recurring schedule to start, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "timeZone": { "type": "string", "description": "Specifies the time zone for a cron expression. Valid values are the canonical names of the IANA time zones (such as `Etc/GMT+9` or `Pacific/Tahiti`).\n\n\u003e **NOTE:** When `start_time` and `end_time` are specified with `recurrence` , they form the boundaries of when the recurring action will start and stop.\n" } }, "required": [ "arn", "autoscalingGroupName", "desiredCapacity", "endTime", "maxSize", "minSize", "recurrence", "scheduledActionName", "startTime", "timeZone" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n", "willReplaceOnChanges": true }, "desiredCapacity": { "type": "integer", "description": "The initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. Set to `-1` if you don't want to change the desired capacity at the scheduled time. Defaults to `0`.\n" }, "endTime": { "type": "string", "description": "The date and time for the recurring schedule to end, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the Auto Scaling group. Set to `-1` if you don't want to change the maximum size at the scheduled time. Defaults to `0`.\n" }, "minSize": { "type": "integer", "description": "The minimum size of the Auto Scaling group. Set to `-1` if you don't want to change the minimum size at the scheduled time. Defaults to `0`.\n" }, "recurrence": { "type": "string", "description": "The recurring schedule for this action specified using the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "The date and time for the recurring schedule to start, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "timeZone": { "type": "string", "description": "Specifies the time zone for a cron expression. Valid values are the canonical names of the IANA time zones (such as `Etc/GMT+9` or `Pacific/Tahiti`).\n\n\u003e **NOTE:** When `start_time` and `end_time` are specified with `recurrence` , they form the boundaries of when the recurring action will start and stop.\n" } }, "requiredInputs": [ "autoscalingGroupName", "scheduledActionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schedule resources.\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to the autoscaling schedule.\n" }, "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n", "willReplaceOnChanges": true }, "desiredCapacity": { "type": "integer", "description": "The initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. Set to `-1` if you don't want to change the desired capacity at the scheduled time. Defaults to `0`.\n" }, "endTime": { "type": "string", "description": "The date and time for the recurring schedule to end, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "maxSize": { "type": "integer", "description": "The maximum size of the Auto Scaling group. Set to `-1` if you don't want to change the maximum size at the scheduled time. Defaults to `0`.\n" }, "minSize": { "type": "integer", "description": "The minimum size of the Auto Scaling group. Set to `-1` if you don't want to change the minimum size at the scheduled time. Defaults to `0`.\n" }, "recurrence": { "type": "string", "description": "The recurring schedule for this action specified using the Unix cron syntax format.\n" }, "scheduledActionName": { "type": "string", "description": "The name of this scaling action.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "The date and time for the recurring schedule to start, in UTC with the format `\"YYYY-MM-DDThh:mm:ssZ\"` (e.g. `\"2021-06-01T00:00:00Z\"`).\n" }, "timeZone": { "type": "string", "description": "Specifies the time zone for a cron expression. Valid values are the canonical names of the IANA time zones (such as `Etc/GMT+9` or `Pacific/Tahiti`).\n\n\u003e **NOTE:** When `start_time` and `end_time` are specified with `recurrence` , they form the boundaries of when the recurring action will start and stop.\n" } }, "type": "object" } }, "aws:autoscaling/tag:Tag": { "description": "Manages an individual Autoscaling Group (ASG) tag. This resource should only be used in cases where ASGs are created outside the provider (e.g., ASGs implicitly created by EKS Node Groups).\n\n\u003e **NOTE:** This tagging resource should not be combined with the resource for managing the parent resource. For example, using `aws.autoscaling.Group` and `aws.autoscaling.Tag` to manage tags of the same ASG will cause a perpetual difference where the `aws.autoscaling.Group` resource will try to remove the tag being added by the `aws.autoscaling.Tag` resource.\n\n\u003e **NOTE:** This tagging resource does not use the provider `ignore_tags` configuration.\n\n## Import\n\nUsing `pulumi import`, import `aws_autoscaling_group_tag` using the ASG name and key, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:autoscaling/tag:Tag example asg-example,k8s.io/cluster-autoscaler/node-template/label/eks.amazonaws.com/capacityType\n```\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Autoscaling Group to apply the tag to.\n" }, "tag": { "$ref": "#/types/aws:autoscaling/TagTag:TagTag", "description": "Tag to create. The `tag` block is documented below.\n", "language": { "csharp": { "name": "TagDetails" } } } }, "required": [ "autoscalingGroupName", "tag" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Autoscaling Group to apply the tag to.\n", "willReplaceOnChanges": true }, "tag": { "$ref": "#/types/aws:autoscaling/TagTag:TagTag", "description": "Tag to create. The `tag` block is documented below.\n", "language": { "csharp": { "name": "TagDetails" } } } }, "requiredInputs": [ "autoscalingGroupName", "tag" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "Name of the Autoscaling Group to apply the tag to.\n", "willReplaceOnChanges": true }, "tag": { "$ref": "#/types/aws:autoscaling/TagTag:TagTag", "description": "Tag to create. The `tag` block is documented below.\n", "language": { "csharp": { "name": "TagDetails" } } } }, "type": "object" } }, "aws:autoscaling/trafficSourceAttachment:TrafficSourceAttachment": { "description": "Attaches a traffic source to an Auto Scaling group.\n\n\u003e **NOTE on Auto Scaling Groups, Attachments and Traffic Source Attachments:** Pulumi provides standalone Attachment (for attaching Classic Load Balancers and Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target groups) and Traffic Source Attachment (for attaching Load Balancers and VPC Lattice target groups) resources and an Auto Scaling Group resource with `load_balancers`, `target_group_arns` and `traffic_source` attributes. Do not use the same traffic source in more than one of these resources. Doing so will cause a conflict of attachments. A `lifecycle` configuration block can be used to suppress differences if necessary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.autoscaling.TrafficSourceAttachment(\"example\", {\n autoscalingGroupName: exampleAwsAutoscalingGroup.id,\n trafficSource: {\n identifier: exampleAwsLbTargetGroup.arn,\n type: \"elbv2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.autoscaling.TrafficSourceAttachment(\"example\",\n autoscaling_group_name=example_aws_autoscaling_group[\"id\"],\n traffic_source={\n \"identifier\": example_aws_lb_target_group[\"arn\"],\n \"type\": \"elbv2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AutoScaling.TrafficSourceAttachment(\"example\", new()\n {\n AutoscalingGroupName = exampleAwsAutoscalingGroup.Id,\n TrafficSource = new Aws.AutoScaling.Inputs.TrafficSourceAttachmentTrafficSourceArgs\n {\n Identifier = exampleAwsLbTargetGroup.Arn,\n Type = \"elbv2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.NewTrafficSourceAttachment(ctx, \"example\", \u0026autoscaling.TrafficSourceAttachmentArgs{\n\t\t\tAutoscalingGroupName: pulumi.Any(exampleAwsAutoscalingGroup.Id),\n\t\t\tTrafficSource: \u0026autoscaling.TrafficSourceAttachmentTrafficSourceArgs{\n\t\t\t\tIdentifier: pulumi.Any(exampleAwsLbTargetGroup.Arn),\n\t\t\t\tType: pulumi.String(\"elbv2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.TrafficSourceAttachment;\nimport com.pulumi.aws.autoscaling.TrafficSourceAttachmentArgs;\nimport com.pulumi.aws.autoscaling.inputs.TrafficSourceAttachmentTrafficSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TrafficSourceAttachment(\"example\", TrafficSourceAttachmentArgs.builder()\n .autoscalingGroupName(exampleAwsAutoscalingGroup.id())\n .trafficSource(TrafficSourceAttachmentTrafficSourceArgs.builder()\n .identifier(exampleAwsLbTargetGroup.arn())\n .type(\"elbv2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:autoscaling:TrafficSourceAttachment\n properties:\n autoscalingGroupName: ${exampleAwsAutoscalingGroup.id}\n trafficSource:\n identifier: ${exampleAwsLbTargetGroup.arn}\n type: elbv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n" }, "trafficSource": { "$ref": "#/types/aws:autoscaling/TrafficSourceAttachmentTrafficSource:TrafficSourceAttachmentTrafficSource", "description": "The unique identifiers of a traffic sources.\n" } }, "required": [ "autoscalingGroupName" ], "inputProperties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n", "willReplaceOnChanges": true }, "trafficSource": { "$ref": "#/types/aws:autoscaling/TrafficSourceAttachmentTrafficSource:TrafficSourceAttachmentTrafficSource", "description": "The unique identifiers of a traffic sources.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "autoscalingGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficSourceAttachment resources.\n", "properties": { "autoscalingGroupName": { "type": "string", "description": "The name of the Auto Scaling group.\n", "willReplaceOnChanges": true }, "trafficSource": { "$ref": "#/types/aws:autoscaling/TrafficSourceAttachmentTrafficSource:TrafficSourceAttachmentTrafficSource", "description": "The unique identifiers of a traffic sources.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:autoscalingplans/scalingPlan:ScalingPlan": { "description": "Manages an AWS Auto Scaling scaling plan.\nMore information can be found in the [AWS Auto Scaling User Guide](https://docs.aws.amazon.com/autoscaling/plans/userguide/what-is-aws-auto-scaling.html).\n\n\u003e **NOTE:** The AWS Auto Scaling service uses an AWS IAM service-linked role to manage predictive scaling of Amazon EC2 Auto Scaling groups. The service attempts to automatically create this role the first time a scaling plan with predictive scaling enabled is created.\nAn `aws.iam.ServiceLinkedRole` resource can be used to manually manage this role.\nSee the [AWS documentation](https://docs.aws.amazon.com/autoscaling/plans/userguide/aws-auto-scaling-service-linked-roles.html#create-service-linked-role-manual) for more details.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import Auto Scaling scaling plans using the `name`. For example:\n\n```sh\n$ pulumi import aws:autoscalingplans/scalingPlan:ScalingPlan example MyScale1\n```\n", "properties": { "applicationSource": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanApplicationSource:ScalingPlanApplicationSource", "description": "CloudFormation stack or set of tags. You can create one scaling plan per application source.\n" }, "name": { "type": "string", "description": "Name of the scaling plan. Names cannot contain vertical bars, colons, or forward slashes.\n" }, "scalingInstructions": { "type": "array", "items": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstruction:ScalingPlanScalingInstruction" }, "description": "Scaling instructions. More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_ScalingInstruction.html).\n" }, "scalingPlanVersion": { "type": "integer", "description": "The version number of the scaling plan. This value is always 1.\n" } }, "required": [ "applicationSource", "name", "scalingInstructions", "scalingPlanVersion" ], "inputProperties": { "applicationSource": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanApplicationSource:ScalingPlanApplicationSource", "description": "CloudFormation stack or set of tags. You can create one scaling plan per application source.\n" }, "name": { "type": "string", "description": "Name of the scaling plan. Names cannot contain vertical bars, colons, or forward slashes.\n", "willReplaceOnChanges": true }, "scalingInstructions": { "type": "array", "items": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstruction:ScalingPlanScalingInstruction" }, "description": "Scaling instructions. More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_ScalingInstruction.html).\n" } }, "requiredInputs": [ "applicationSource", "scalingInstructions" ], "stateInputs": { "description": "Input properties used for looking up and filtering ScalingPlan resources.\n", "properties": { "applicationSource": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanApplicationSource:ScalingPlanApplicationSource", "description": "CloudFormation stack or set of tags. You can create one scaling plan per application source.\n" }, "name": { "type": "string", "description": "Name of the scaling plan. Names cannot contain vertical bars, colons, or forward slashes.\n", "willReplaceOnChanges": true }, "scalingInstructions": { "type": "array", "items": { "$ref": "#/types/aws:autoscalingplans/ScalingPlanScalingInstruction:ScalingPlanScalingInstruction" }, "description": "Scaling instructions. More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_ScalingInstruction.html).\n" }, "scalingPlanVersion": { "type": "integer", "description": "The version number of the scaling plan. This value is always 1.\n" } }, "type": "object" } }, "aws:backup/framework:Framework": { "description": "Provides an AWS Backup Framework resource.\n\n\u003e **Note:** For the Deployment Status of the Framework to be successful, please turn on resource tracking to enable AWS Config recording to track configuration changes of your backup resources. This can be done from the AWS Console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Framework(\"Example\", {\n name: \"exampleFramework\",\n description: \"this is an example framework\",\n controls: [\n {\n name: \"BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\",\n inputParameters: [{\n name: \"requiredRetentionDays\",\n value: \"35\",\n }],\n },\n {\n name: \"BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\",\n inputParameters: [\n {\n name: \"requiredFrequencyUnit\",\n value: \"hours\",\n },\n {\n name: \"requiredRetentionDays\",\n value: \"35\",\n },\n {\n name: \"requiredFrequencyValue\",\n value: \"1\",\n },\n ],\n },\n {\n name: \"BACKUP_RECOVERY_POINT_ENCRYPTED\",\n },\n {\n name: \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\",\n scope: {\n complianceResourceTypes: [\"EBS\"],\n },\n },\n {\n name: \"BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\",\n },\n {\n name: \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\",\n inputParameters: [\n {\n name: \"maxRetentionDays\",\n value: \"100\",\n },\n {\n name: \"minRetentionDays\",\n value: \"1\",\n },\n ],\n scope: {\n complianceResourceTypes: [\"EBS\"],\n },\n },\n {\n name: \"BACKUP_LAST_RECOVERY_POINT_CREATED\",\n inputParameters: [\n {\n name: \"recoveryPointAgeUnit\",\n value: \"days\",\n },\n {\n name: \"recoveryPointAgeValue\",\n value: \"1\",\n },\n ],\n scope: {\n complianceResourceTypes: [\"EBS\"],\n },\n },\n ],\n tags: {\n Name: \"Example Framework\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Framework(\"Example\",\n name=\"exampleFramework\",\n description=\"this is an example framework\",\n controls=[\n {\n \"name\": \"BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\",\n \"input_parameters\": [{\n \"name\": \"requiredRetentionDays\",\n \"value\": \"35\",\n }],\n },\n {\n \"name\": \"BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\",\n \"input_parameters\": [\n {\n \"name\": \"requiredFrequencyUnit\",\n \"value\": \"hours\",\n },\n {\n \"name\": \"requiredRetentionDays\",\n \"value\": \"35\",\n },\n {\n \"name\": \"requiredFrequencyValue\",\n \"value\": \"1\",\n },\n ],\n },\n {\n \"name\": \"BACKUP_RECOVERY_POINT_ENCRYPTED\",\n },\n {\n \"name\": \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\",\n \"scope\": {\n \"compliance_resource_types\": [\"EBS\"],\n },\n },\n {\n \"name\": \"BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\",\n },\n {\n \"name\": \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\",\n \"input_parameters\": [\n {\n \"name\": \"maxRetentionDays\",\n \"value\": \"100\",\n },\n {\n \"name\": \"minRetentionDays\",\n \"value\": \"1\",\n },\n ],\n \"scope\": {\n \"compliance_resource_types\": [\"EBS\"],\n },\n },\n {\n \"name\": \"BACKUP_LAST_RECOVERY_POINT_CREATED\",\n \"input_parameters\": [\n {\n \"name\": \"recoveryPointAgeUnit\",\n \"value\": \"days\",\n },\n {\n \"name\": \"recoveryPointAgeValue\",\n \"value\": \"1\",\n },\n ],\n \"scope\": {\n \"compliance_resource_types\": [\"EBS\"],\n },\n },\n ],\n tags={\n \"Name\": \"Example Framework\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Framework(\"Example\", new()\n {\n Name = \"exampleFramework\",\n Description = \"this is an example framework\",\n Controls = new[]\n {\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\",\n InputParameters = new[]\n {\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"requiredRetentionDays\",\n Value = \"35\",\n },\n },\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\",\n InputParameters = new[]\n {\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"requiredFrequencyUnit\",\n Value = \"hours\",\n },\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"requiredRetentionDays\",\n Value = \"35\",\n },\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"requiredFrequencyValue\",\n Value = \"1\",\n },\n },\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_RECOVERY_POINT_ENCRYPTED\",\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\",\n Scope = new Aws.Backup.Inputs.FrameworkControlScopeArgs\n {\n ComplianceResourceTypes = new[]\n {\n \"EBS\",\n },\n },\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\",\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\",\n InputParameters = new[]\n {\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"maxRetentionDays\",\n Value = \"100\",\n },\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"minRetentionDays\",\n Value = \"1\",\n },\n },\n Scope = new Aws.Backup.Inputs.FrameworkControlScopeArgs\n {\n ComplianceResourceTypes = new[]\n {\n \"EBS\",\n },\n },\n },\n new Aws.Backup.Inputs.FrameworkControlArgs\n {\n Name = \"BACKUP_LAST_RECOVERY_POINT_CREATED\",\n InputParameters = new[]\n {\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"recoveryPointAgeUnit\",\n Value = \"days\",\n },\n new Aws.Backup.Inputs.FrameworkControlInputParameterArgs\n {\n Name = \"recoveryPointAgeValue\",\n Value = \"1\",\n },\n },\n Scope = new Aws.Backup.Inputs.FrameworkControlScopeArgs\n {\n ComplianceResourceTypes = new[]\n {\n \"EBS\",\n },\n },\n },\n },\n Tags = \n {\n { \"Name\", \"Example Framework\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewFramework(ctx, \"Example\", \u0026backup.FrameworkArgs{\n\t\t\tName: pulumi.String(\"exampleFramework\"),\n\t\t\tDescription: pulumi.String(\"this is an example framework\"),\n\t\t\tControls: backup.FrameworkControlArray{\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\"),\n\t\t\t\t\tInputParameters: backup.FrameworkControlInputParameterArray{\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"requiredRetentionDays\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"35\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\"),\n\t\t\t\t\tInputParameters: backup.FrameworkControlInputParameterArray{\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"requiredFrequencyUnit\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"hours\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"requiredRetentionDays\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"35\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"requiredFrequencyValue\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_RECOVERY_POINT_ENCRYPTED\"),\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\"),\n\t\t\t\t\tScope: \u0026backup.FrameworkControlScopeArgs{\n\t\t\t\t\t\tComplianceResourceTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"EBS\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\"),\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\"),\n\t\t\t\t\tInputParameters: backup.FrameworkControlInputParameterArray{\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"maxRetentionDays\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"100\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"minRetentionDays\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tScope: \u0026backup.FrameworkControlScopeArgs{\n\t\t\t\t\t\tComplianceResourceTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"EBS\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026backup.FrameworkControlArgs{\n\t\t\t\t\tName: pulumi.String(\"BACKUP_LAST_RECOVERY_POINT_CREATED\"),\n\t\t\t\t\tInputParameters: backup.FrameworkControlInputParameterArray{\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"recoveryPointAgeUnit\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"days\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026backup.FrameworkControlInputParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"recoveryPointAgeValue\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tScope: \u0026backup.FrameworkControlScopeArgs{\n\t\t\t\t\t\tComplianceResourceTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"EBS\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Framework\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Framework;\nimport com.pulumi.aws.backup.FrameworkArgs;\nimport com.pulumi.aws.backup.inputs.FrameworkControlArgs;\nimport com.pulumi.aws.backup.inputs.FrameworkControlScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Framework(\"example\", FrameworkArgs.builder()\n .name(\"exampleFramework\")\n .description(\"this is an example framework\")\n .controls( \n FrameworkControlArgs.builder()\n .name(\"BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\")\n .inputParameters(FrameworkControlInputParameterArgs.builder()\n .name(\"requiredRetentionDays\")\n .value(\"35\")\n .build())\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\")\n .inputParameters( \n FrameworkControlInputParameterArgs.builder()\n .name(\"requiredFrequencyUnit\")\n .value(\"hours\")\n .build(),\n FrameworkControlInputParameterArgs.builder()\n .name(\"requiredRetentionDays\")\n .value(\"35\")\n .build(),\n FrameworkControlInputParameterArgs.builder()\n .name(\"requiredFrequencyValue\")\n .value(\"1\")\n .build())\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_RECOVERY_POINT_ENCRYPTED\")\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\")\n .scope(FrameworkControlScopeArgs.builder()\n .complianceResourceTypes(\"EBS\")\n .build())\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\")\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\")\n .inputParameters( \n FrameworkControlInputParameterArgs.builder()\n .name(\"maxRetentionDays\")\n .value(\"100\")\n .build(),\n FrameworkControlInputParameterArgs.builder()\n .name(\"minRetentionDays\")\n .value(\"1\")\n .build())\n .scope(FrameworkControlScopeArgs.builder()\n .complianceResourceTypes(\"EBS\")\n .build())\n .build(),\n FrameworkControlArgs.builder()\n .name(\"BACKUP_LAST_RECOVERY_POINT_CREATED\")\n .inputParameters( \n FrameworkControlInputParameterArgs.builder()\n .name(\"recoveryPointAgeUnit\")\n .value(\"days\")\n .build(),\n FrameworkControlInputParameterArgs.builder()\n .name(\"recoveryPointAgeValue\")\n .value(\"1\")\n .build())\n .scope(FrameworkControlScopeArgs.builder()\n .complianceResourceTypes(\"EBS\")\n .build())\n .build())\n .tags(Map.of(\"Name\", \"Example Framework\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Framework\n name: Example\n properties:\n name: exampleFramework\n description: this is an example framework\n controls:\n - name: BACKUP_RECOVERY_POINT_MINIMUM_RETENTION_CHECK\n inputParameters:\n - name: requiredRetentionDays\n value: '35'\n - name: BACKUP_PLAN_MIN_FREQUENCY_AND_MIN_RETENTION_CHECK\n inputParameters:\n - name: requiredFrequencyUnit\n value: hours\n - name: requiredRetentionDays\n value: '35'\n - name: requiredFrequencyValue\n value: '1'\n - name: BACKUP_RECOVERY_POINT_ENCRYPTED\n - name: BACKUP_RESOURCES_PROTECTED_BY_BACKUP_PLAN\n scope:\n complianceResourceTypes:\n - EBS\n - name: BACKUP_RECOVERY_POINT_MANUAL_DELETION_DISABLED\n - name: BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK\n inputParameters:\n - name: maxRetentionDays\n value: '100'\n - name: minRetentionDays\n value: '1'\n scope:\n complianceResourceTypes:\n - EBS\n - name: BACKUP_LAST_RECOVERY_POINT_CREATED\n inputParameters:\n - name: recoveryPointAgeUnit\n value: days\n - name: recoveryPointAgeValue\n value: '1'\n scope:\n complianceResourceTypes:\n - EBS\n tags:\n Name: Example Framework\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup Framework using the `id` which corresponds to the name of the Backup Framework. For example:\n\n```sh\n$ pulumi import aws:backup/framework:Framework test \u003cid\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup framework.\n" }, "controls": { "type": "array", "items": { "$ref": "#/types/aws:backup/FrameworkControl:FrameworkControl" }, "description": "One or more control blocks that make up the framework. Each control in the list has a name, input parameters, and scope. Detailed below.\n" }, "creationTime": { "type": "string", "description": "The date and time that a framework is created, in Unix format and Coordinated Universal Time (UTC).\n" }, "deploymentStatus": { "type": "string", "description": "The deployment status of a framework. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED` | `FAILED`.\n" }, "description": { "type": "string", "description": "The description of the framework with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n" }, "status": { "type": "string", "description": "A framework consists of one or more controls. Each control governs a resource, such as backup plans, backup selections, backup vaults, or recovery points. You can also turn AWS Config recording on or off for each resource. For more information refer to the [AWS documentation for Framework Status](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeFramework.html#Backup-DescribeFramework-response-FrameworkStatus)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the frameworks you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "controls", "creationTime", "deploymentStatus", "name", "status", "tagsAll" ], "inputProperties": { "controls": { "type": "array", "items": { "$ref": "#/types/aws:backup/FrameworkControl:FrameworkControl" }, "description": "One or more control blocks that make up the framework. Each control in the list has a name, input parameters, and scope. Detailed below.\n" }, "description": { "type": "string", "description": "The description of the framework with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the frameworks you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "controls" ], "stateInputs": { "description": "Input properties used for looking up and filtering Framework resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup framework.\n" }, "controls": { "type": "array", "items": { "$ref": "#/types/aws:backup/FrameworkControl:FrameworkControl" }, "description": "One or more control blocks that make up the framework. Each control in the list has a name, input parameters, and scope. Detailed below.\n" }, "creationTime": { "type": "string", "description": "The date and time that a framework is created, in Unix format and Coordinated Universal Time (UTC).\n" }, "deploymentStatus": { "type": "string", "description": "The deployment status of a framework. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED` | `FAILED`.\n" }, "description": { "type": "string", "description": "The description of the framework with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the framework. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "A framework consists of one or more controls. Each control governs a resource, such as backup plans, backup selections, backup vaults, or recovery points. You can also turn AWS Config recording on or off for each resource. For more information refer to the [AWS documentation for Framework Status](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeFramework.html#Backup-DescribeFramework-response-FrameworkStatus)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the frameworks you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:backup/globalSettings:GlobalSettings": { "description": "Provides an AWS Backup Global Settings resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.backup.GlobalSettings(\"test\", {globalSettings: {\n isCrossAccountBackupEnabled: \"true\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.backup.GlobalSettings(\"test\", global_settings={\n \"isCrossAccountBackupEnabled\": \"true\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Backup.GlobalSettings(\"test\", new()\n {\n GlobalSettingsList = \n {\n { \"isCrossAccountBackupEnabled\", \"true\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewGlobalSettings(ctx, \"test\", \u0026backup.GlobalSettingsArgs{\n\t\t\tGlobalSettings: pulumi.StringMap{\n\t\t\t\t\"isCrossAccountBackupEnabled\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.GlobalSettings;\nimport com.pulumi.aws.backup.GlobalSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new GlobalSettings(\"test\", GlobalSettingsArgs.builder()\n .globalSettings(Map.of(\"isCrossAccountBackupEnabled\", \"true\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:backup:GlobalSettings\n properties:\n globalSettings:\n isCrossAccountBackupEnabled: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup Global Settings using the `id`. For example:\n\n```sh\n$ pulumi import aws:backup/globalSettings:GlobalSettings example 123456789012\n```\n", "properties": { "globalSettings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of resources along with the opt-in preferences for the account.\n", "language": { "csharp": { "name": "GlobalSettingsList" } } } }, "required": [ "globalSettings" ], "inputProperties": { "globalSettings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of resources along with the opt-in preferences for the account.\n", "language": { "csharp": { "name": "GlobalSettingsList" } } } }, "requiredInputs": [ "globalSettings" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalSettings resources.\n", "properties": { "globalSettings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of resources along with the opt-in preferences for the account.\n", "language": { "csharp": { "name": "GlobalSettingsList" } } } }, "type": "object" } }, "aws:backup/plan:Plan": { "description": "Provides an AWS Backup plan resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Plan(\"example\", {\n name: \"my_example_backup_plan\",\n rules: [{\n ruleName: \"my_example_backup_rule\",\n targetVaultName: test.name,\n schedule: \"cron(0 12 * * ? *)\",\n lifecycle: {\n deleteAfter: 14,\n },\n }],\n advancedBackupSettings: [{\n backupOptions: {\n WindowsVSS: \"enabled\",\n },\n resourceType: \"EC2\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Plan(\"example\",\n name=\"my_example_backup_plan\",\n rules=[{\n \"rule_name\": \"my_example_backup_rule\",\n \"target_vault_name\": test[\"name\"],\n \"schedule\": \"cron(0 12 * * ? *)\",\n \"lifecycle\": {\n \"delete_after\": 14,\n },\n }],\n advanced_backup_settings=[{\n \"backup_options\": {\n \"windows_vss\": \"enabled\",\n },\n \"resource_type\": \"EC2\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Plan(\"example\", new()\n {\n Name = \"my_example_backup_plan\",\n Rules = new[]\n {\n new Aws.Backup.Inputs.PlanRuleArgs\n {\n RuleName = \"my_example_backup_rule\",\n TargetVaultName = test.Name,\n Schedule = \"cron(0 12 * * ? *)\",\n Lifecycle = new Aws.Backup.Inputs.PlanRuleLifecycleArgs\n {\n DeleteAfter = 14,\n },\n },\n },\n AdvancedBackupSettings = new[]\n {\n new Aws.Backup.Inputs.PlanAdvancedBackupSettingArgs\n {\n BackupOptions = \n {\n { \"WindowsVSS\", \"enabled\" },\n },\n ResourceType = \"EC2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewPlan(ctx, \"example\", \u0026backup.PlanArgs{\n\t\t\tName: pulumi.String(\"my_example_backup_plan\"),\n\t\t\tRules: backup.PlanRuleArray{\n\t\t\t\t\u0026backup.PlanRuleArgs{\n\t\t\t\t\tRuleName: pulumi.String(\"my_example_backup_rule\"),\n\t\t\t\t\tTargetVaultName: pulumi.Any(test.Name),\n\t\t\t\t\tSchedule: pulumi.String(\"cron(0 12 * * ? *)\"),\n\t\t\t\t\tLifecycle: \u0026backup.PlanRuleLifecycleArgs{\n\t\t\t\t\t\tDeleteAfter: pulumi.Int(14),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAdvancedBackupSettings: backup.PlanAdvancedBackupSettingArray{\n\t\t\t\t\u0026backup.PlanAdvancedBackupSettingArgs{\n\t\t\t\t\tBackupOptions: pulumi.StringMap{\n\t\t\t\t\t\t\"WindowsVSS\": pulumi.String(\"enabled\"),\n\t\t\t\t\t},\n\t\t\t\t\tResourceType: pulumi.String(\"EC2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Plan;\nimport com.pulumi.aws.backup.PlanArgs;\nimport com.pulumi.aws.backup.inputs.PlanRuleArgs;\nimport com.pulumi.aws.backup.inputs.PlanRuleLifecycleArgs;\nimport com.pulumi.aws.backup.inputs.PlanAdvancedBackupSettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Plan(\"example\", PlanArgs.builder()\n .name(\"my_example_backup_plan\")\n .rules(PlanRuleArgs.builder()\n .ruleName(\"my_example_backup_rule\")\n .targetVaultName(test.name())\n .schedule(\"cron(0 12 * * ? *)\")\n .lifecycle(PlanRuleLifecycleArgs.builder()\n .deleteAfter(14)\n .build())\n .build())\n .advancedBackupSettings(PlanAdvancedBackupSettingArgs.builder()\n .backupOptions(Map.of(\"WindowsVSS\", \"enabled\"))\n .resourceType(\"EC2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Plan\n properties:\n name: my_example_backup_plan\n rules:\n - ruleName: my_example_backup_rule\n targetVaultName: ${test.name}\n schedule: cron(0 12 * * ? *)\n lifecycle:\n deleteAfter: 14\n advancedBackupSettings:\n - backupOptions:\n WindowsVSS: enabled\n resourceType: EC2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup Plan using the `id`. For example:\n\n```sh\n$ pulumi import aws:backup/plan:Plan test \u003cid\u003e\n```\n", "properties": { "advancedBackupSettings": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanAdvancedBackupSetting:PlanAdvancedBackupSetting" }, "description": "An object that specifies backup options for each resource type.\n" }, "arn": { "type": "string", "description": "The ARN of the backup plan.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n" } }, "required": [ "arn", "name", "rules", "tagsAll", "version" ], "inputProperties": { "advancedBackupSettings": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanAdvancedBackupSetting:PlanAdvancedBackupSetting" }, "description": "An object that specifies backup options for each resource type.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering Plan resources.\n", "properties": { "advancedBackupSettings": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanAdvancedBackupSetting:PlanAdvancedBackupSetting" }, "description": "An object that specifies backup options for each resource type.\n" }, "arn": { "type": "string", "description": "The ARN of the backup plan.\n" }, "name": { "type": "string", "description": "The display name of a backup plan.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:backup/PlanRule:PlanRule" }, "description": "A rule object that specifies a scheduled task that is used to back up a selection of resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n" } }, "type": "object" } }, "aws:backup/regionSettings:RegionSettings": { "description": "Provides an AWS Backup Region Settings resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.backup.RegionSettings(\"test\", {\n resourceTypeOptInPreference: {\n Aurora: true,\n DocumentDB: true,\n DynamoDB: true,\n EBS: true,\n EC2: true,\n EFS: true,\n FSx: true,\n Neptune: true,\n RDS: true,\n \"Storage Gateway\": true,\n VirtualMachine: true,\n },\n resourceTypeManagementPreference: {\n DynamoDB: true,\n EFS: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.backup.RegionSettings(\"test\",\n resource_type_opt_in_preference={\n \"Aurora\": True,\n \"DocumentDB\": True,\n \"DynamoDB\": True,\n \"EBS\": True,\n \"EC2\": True,\n \"EFS\": True,\n \"FSx\": True,\n \"Neptune\": True,\n \"RDS\": True,\n \"Storage Gateway\": True,\n \"VirtualMachine\": True,\n },\n resource_type_management_preference={\n \"DynamoDB\": True,\n \"EFS\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Backup.RegionSettings(\"test\", new()\n {\n ResourceTypeOptInPreference = \n {\n { \"Aurora\", true },\n { \"DocumentDB\", true },\n { \"DynamoDB\", true },\n { \"EBS\", true },\n { \"EC2\", true },\n { \"EFS\", true },\n { \"FSx\", true },\n { \"Neptune\", true },\n { \"RDS\", true },\n { \"Storage Gateway\", true },\n { \"VirtualMachine\", true },\n },\n ResourceTypeManagementPreference = \n {\n { \"DynamoDB\", true },\n { \"EFS\", true },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewRegionSettings(ctx, \"test\", \u0026backup.RegionSettingsArgs{\n\t\t\tResourceTypeOptInPreference: pulumi.BoolMap{\n\t\t\t\t\"Aurora\": pulumi.Bool(true),\n\t\t\t\t\"DocumentDB\": pulumi.Bool(true),\n\t\t\t\t\"DynamoDB\": pulumi.Bool(true),\n\t\t\t\t\"EBS\": pulumi.Bool(true),\n\t\t\t\t\"EC2\": pulumi.Bool(true),\n\t\t\t\t\"EFS\": pulumi.Bool(true),\n\t\t\t\t\"FSx\": pulumi.Bool(true),\n\t\t\t\t\"Neptune\": pulumi.Bool(true),\n\t\t\t\t\"RDS\": pulumi.Bool(true),\n\t\t\t\t\"Storage Gateway\": pulumi.Bool(true),\n\t\t\t\t\"VirtualMachine\": pulumi.Bool(true),\n\t\t\t},\n\t\t\tResourceTypeManagementPreference: pulumi.BoolMap{\n\t\t\t\t\"DynamoDB\": pulumi.Bool(true),\n\t\t\t\t\"EFS\": pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.RegionSettings;\nimport com.pulumi.aws.backup.RegionSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new RegionSettings(\"test\", RegionSettingsArgs.builder()\n .resourceTypeOptInPreference(Map.ofEntries(\n Map.entry(\"Aurora\", true),\n Map.entry(\"DocumentDB\", true),\n Map.entry(\"DynamoDB\", true),\n Map.entry(\"EBS\", true),\n Map.entry(\"EC2\", true),\n Map.entry(\"EFS\", true),\n Map.entry(\"FSx\", true),\n Map.entry(\"Neptune\", true),\n Map.entry(\"RDS\", true),\n Map.entry(\"Storage Gateway\", true),\n Map.entry(\"VirtualMachine\", true)\n ))\n .resourceTypeManagementPreference(Map.ofEntries(\n Map.entry(\"DynamoDB\", true),\n Map.entry(\"EFS\", true)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:backup:RegionSettings\n properties:\n resourceTypeOptInPreference:\n Aurora: true\n DocumentDB: true\n DynamoDB: true\n EBS: true\n EC2: true\n EFS: true\n FSx: true\n Neptune: true\n RDS: true\n Storage Gateway: true\n VirtualMachine: true\n resourceTypeManagementPreference:\n DynamoDB: true\n EFS: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup Region Settings using the `region`. For example:\n\n```sh\n$ pulumi import aws:backup/regionSettings:RegionSettings test us-west-2\n```\n", "properties": { "resourceTypeManagementPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the management preferences for the Region. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRegionSettings.html#API_UpdateRegionSettings_RequestSyntax).\n" }, "resourceTypeOptInPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the opt-in preferences for the Region.\n" } }, "required": [ "resourceTypeManagementPreference", "resourceTypeOptInPreference" ], "inputProperties": { "resourceTypeManagementPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the management preferences for the Region. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRegionSettings.html#API_UpdateRegionSettings_RequestSyntax).\n" }, "resourceTypeOptInPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the opt-in preferences for the Region.\n" } }, "requiredInputs": [ "resourceTypeOptInPreference" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegionSettings resources.\n", "properties": { "resourceTypeManagementPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the management preferences for the Region. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRegionSettings.html#API_UpdateRegionSettings_RequestSyntax).\n" }, "resourceTypeOptInPreference": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "A map of services along with the opt-in preferences for the Region.\n" } }, "type": "object" } }, "aws:backup/reportPlan:ReportPlan": { "description": "Provides an AWS Backup Report Plan resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.ReportPlan(\"example\", {\n name: \"example_name\",\n description: \"example description\",\n reportDeliveryChannel: {\n formats: [\n \"CSV\",\n \"JSON\",\n ],\n s3BucketName: \"example-bucket-name\",\n },\n reportSetting: {\n reportTemplate: \"RESTORE_JOB_REPORT\",\n },\n tags: {\n Name: \"Example Report Plan\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.ReportPlan(\"example\",\n name=\"example_name\",\n description=\"example description\",\n report_delivery_channel={\n \"formats\": [\n \"CSV\",\n \"JSON\",\n ],\n \"s3_bucket_name\": \"example-bucket-name\",\n },\n report_setting={\n \"report_template\": \"RESTORE_JOB_REPORT\",\n },\n tags={\n \"Name\": \"Example Report Plan\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.ReportPlan(\"example\", new()\n {\n Name = \"example_name\",\n Description = \"example description\",\n ReportDeliveryChannel = new Aws.Backup.Inputs.ReportPlanReportDeliveryChannelArgs\n {\n Formats = new[]\n {\n \"CSV\",\n \"JSON\",\n },\n S3BucketName = \"example-bucket-name\",\n },\n ReportSetting = new Aws.Backup.Inputs.ReportPlanReportSettingArgs\n {\n ReportTemplate = \"RESTORE_JOB_REPORT\",\n },\n Tags = \n {\n { \"Name\", \"Example Report Plan\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewReportPlan(ctx, \"example\", \u0026backup.ReportPlanArgs{\n\t\t\tName: pulumi.String(\"example_name\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tReportDeliveryChannel: \u0026backup.ReportPlanReportDeliveryChannelArgs{\n\t\t\t\tFormats: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"CSV\"),\n\t\t\t\t\tpulumi.String(\"JSON\"),\n\t\t\t\t},\n\t\t\t\tS3BucketName: pulumi.String(\"example-bucket-name\"),\n\t\t\t},\n\t\t\tReportSetting: \u0026backup.ReportPlanReportSettingArgs{\n\t\t\t\tReportTemplate: pulumi.String(\"RESTORE_JOB_REPORT\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Report Plan\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.ReportPlan;\nimport com.pulumi.aws.backup.ReportPlanArgs;\nimport com.pulumi.aws.backup.inputs.ReportPlanReportDeliveryChannelArgs;\nimport com.pulumi.aws.backup.inputs.ReportPlanReportSettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReportPlan(\"example\", ReportPlanArgs.builder()\n .name(\"example_name\")\n .description(\"example description\")\n .reportDeliveryChannel(ReportPlanReportDeliveryChannelArgs.builder()\n .formats( \n \"CSV\",\n \"JSON\")\n .s3BucketName(\"example-bucket-name\")\n .build())\n .reportSetting(ReportPlanReportSettingArgs.builder()\n .reportTemplate(\"RESTORE_JOB_REPORT\")\n .build())\n .tags(Map.of(\"Name\", \"Example Report Plan\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:ReportPlan\n properties:\n name: example_name\n description: example description\n reportDeliveryChannel:\n formats:\n - CSV\n - JSON\n s3BucketName: example-bucket-name\n reportSetting:\n reportTemplate: RESTORE_JOB_REPORT\n tags:\n Name: Example Report Plan\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup Report Plan using the `id` which corresponds to the name of the Backup Report Plan. For example:\n\n```sh\n$ pulumi import aws:backup/reportPlan:ReportPlan test \u003cid\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup report plan.\n" }, "creationTime": { "type": "string", "description": "The date and time that a report plan is created, in Unix format and Coordinated Universal Time (UTC).\n" }, "deploymentStatus": { "type": "string", "description": "The deployment status of a report plan. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED`.\n" }, "description": { "type": "string", "description": "The description of the report plan with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n" }, "reportDeliveryChannel": { "$ref": "#/types/aws:backup/ReportPlanReportDeliveryChannel:ReportPlanReportDeliveryChannel", "description": "An object that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. Detailed below.\n" }, "reportSetting": { "$ref": "#/types/aws:backup/ReportPlanReportSetting:ReportPlanReportSetting", "description": "An object that identifies the report template for the report. Reports are built using a report template. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "creationTime", "deploymentStatus", "name", "reportDeliveryChannel", "reportSetting", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the report plan with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n", "willReplaceOnChanges": true }, "reportDeliveryChannel": { "$ref": "#/types/aws:backup/ReportPlanReportDeliveryChannel:ReportPlanReportDeliveryChannel", "description": "An object that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. Detailed below.\n" }, "reportSetting": { "$ref": "#/types/aws:backup/ReportPlanReportSetting:ReportPlanReportSetting", "description": "An object that identifies the report template for the report. Reports are built using a report template. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "reportDeliveryChannel", "reportSetting" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReportPlan resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the backup report plan.\n" }, "creationTime": { "type": "string", "description": "The date and time that a report plan is created, in Unix format and Coordinated Universal Time (UTC).\n" }, "deploymentStatus": { "type": "string", "description": "The deployment status of a report plan. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED`.\n" }, "description": { "type": "string", "description": "The description of the report plan with a maximum of 1,024 characters\n" }, "name": { "type": "string", "description": "The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters, numbers, and underscores.\n", "willReplaceOnChanges": true }, "reportDeliveryChannel": { "$ref": "#/types/aws:backup/ReportPlanReportDeliveryChannel:ReportPlanReportDeliveryChannel", "description": "An object that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. Detailed below.\n" }, "reportSetting": { "$ref": "#/types/aws:backup/ReportPlanReportSetting:ReportPlanReportSetting", "description": "An object that identifies the report template for the report. Reports are built using a report template. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:backup/selection:Selection": { "description": "Manages selection conditions for AWS Backup plan resources.\n\n## Example Usage\n\n### IAM Role\n\n\u003e For more information about creating and managing IAM Roles for backups and restores, see the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html).\n\nThe below example creates an IAM role with the default managed IAM Policy for allowing AWS Backup to create backups.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"backup.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n role: example.name,\n});\nconst exampleSelection = new aws.backup.Selection(\"example\", {iamRoleArn: example.arn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"backup.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=assume_role.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n role=example.name)\nexample_selection = aws.backup.Selection(\"example\", iam_role_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"backup.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\",\n Role = example.Name,\n });\n\n var exampleSelection = new Aws.Backup.Selection(\"example\", new()\n {\n IamRoleArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"backup.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.backup.Selection;\nimport com.pulumi.aws.backup.SelectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"backup.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\")\n .role(example.name())\n .build());\n\n var exampleSelection = new Selection(\"exampleSelection\", SelectionArgs.builder()\n .iamRoleArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup\n role: ${example.name}\n exampleSelection:\n type: aws:backup:Selection\n name: example\n properties:\n iamRoleArn: ${example.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - backup.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Selecting Backups By Tag\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n name: \"my_example_backup_selection\",\n planId: exampleAwsBackupPlan.id,\n selectionTags: [{\n type: \"STRINGEQUALS\",\n key: \"foo\",\n value: \"bar\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n name=\"my_example_backup_selection\",\n plan_id=example_aws_backup_plan[\"id\"],\n selection_tags=[{\n \"type\": \"STRINGEQUALS\",\n \"key\": \"foo\",\n \"value\": \"bar\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Selection(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n Name = \"my_example_backup_selection\",\n PlanId = exampleAwsBackupPlan.Id,\n SelectionTags = new[]\n {\n new Aws.Backup.Inputs.SelectionSelectionTagArgs\n {\n Type = \"STRINGEQUALS\",\n Key = \"foo\",\n Value = \"bar\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tName: pulumi.String(\"my_example_backup_selection\"),\n\t\t\tPlanId: pulumi.Any(exampleAwsBackupPlan.Id),\n\t\t\tSelectionTags: backup.SelectionSelectionTagArray{\n\t\t\t\t\u0026backup.SelectionSelectionTagArgs{\n\t\t\t\t\tType: pulumi.String(\"STRINGEQUALS\"),\n\t\t\t\t\tKey: pulumi.String(\"foo\"),\n\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Selection;\nimport com.pulumi.aws.backup.SelectionArgs;\nimport com.pulumi.aws.backup.inputs.SelectionSelectionTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Selection(\"example\", SelectionArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .name(\"my_example_backup_selection\")\n .planId(exampleAwsBackupPlan.id())\n .selectionTags(SelectionSelectionTagArgs.builder()\n .type(\"STRINGEQUALS\")\n .key(\"foo\")\n .value(\"bar\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Selection\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n name: my_example_backup_selection\n planId: ${exampleAwsBackupPlan.id}\n selectionTags:\n - type: STRINGEQUALS\n key: foo\n value: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Selecting Backups By Conditions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n name: \"my_example_backup_selection\",\n planId: exampleAwsBackupPlan.id,\n resources: [\"*\"],\n conditions: [{\n stringEquals: [{\n key: \"aws:ResourceTag/Component\",\n value: \"rds\",\n }],\n stringLikes: [{\n key: \"aws:ResourceTag/Application\",\n value: \"app*\",\n }],\n stringNotEquals: [{\n key: \"aws:ResourceTag/Backup\",\n value: \"false\",\n }],\n stringNotLikes: [{\n key: \"aws:ResourceTag/Environment\",\n value: \"test*\",\n }],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n name=\"my_example_backup_selection\",\n plan_id=example_aws_backup_plan[\"id\"],\n resources=[\"*\"],\n conditions=[{\n \"string_equals\": [{\n \"key\": \"aws:ResourceTag/Component\",\n \"value\": \"rds\",\n }],\n \"string_likes\": [{\n \"key\": \"aws:ResourceTag/Application\",\n \"value\": \"app*\",\n }],\n \"string_not_equals\": [{\n \"key\": \"aws:ResourceTag/Backup\",\n \"value\": \"false\",\n }],\n \"string_not_likes\": [{\n \"key\": \"aws:ResourceTag/Environment\",\n \"value\": \"test*\",\n }],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Selection(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n Name = \"my_example_backup_selection\",\n PlanId = exampleAwsBackupPlan.Id,\n Resources = new[]\n {\n \"*\",\n },\n Conditions = new[]\n {\n new Aws.Backup.Inputs.SelectionConditionArgs\n {\n StringEquals = new[]\n {\n new Aws.Backup.Inputs.SelectionConditionStringEqualArgs\n {\n Key = \"aws:ResourceTag/Component\",\n Value = \"rds\",\n },\n },\n StringLikes = new[]\n {\n new Aws.Backup.Inputs.SelectionConditionStringLikeArgs\n {\n Key = \"aws:ResourceTag/Application\",\n Value = \"app*\",\n },\n },\n StringNotEquals = new[]\n {\n new Aws.Backup.Inputs.SelectionConditionStringNotEqualArgs\n {\n Key = \"aws:ResourceTag/Backup\",\n Value = \"false\",\n },\n },\n StringNotLikes = new[]\n {\n new Aws.Backup.Inputs.SelectionConditionStringNotLikeArgs\n {\n Key = \"aws:ResourceTag/Environment\",\n Value = \"test*\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tName: pulumi.String(\"my_example_backup_selection\"),\n\t\t\tPlanId: pulumi.Any(exampleAwsBackupPlan.Id),\n\t\t\tResources: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tConditions: backup.SelectionConditionArray{\n\t\t\t\t\u0026backup.SelectionConditionArgs{\n\t\t\t\t\tStringEquals: backup.SelectionConditionStringEqualArray{\n\t\t\t\t\t\t\u0026backup.SelectionConditionStringEqualArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"aws:ResourceTag/Component\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"rds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStringLikes: backup.SelectionConditionStringLikeArray{\n\t\t\t\t\t\t\u0026backup.SelectionConditionStringLikeArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"aws:ResourceTag/Application\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"app*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStringNotEquals: backup.SelectionConditionStringNotEqualArray{\n\t\t\t\t\t\t\u0026backup.SelectionConditionStringNotEqualArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"aws:ResourceTag/Backup\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStringNotLikes: backup.SelectionConditionStringNotLikeArray{\n\t\t\t\t\t\t\u0026backup.SelectionConditionStringNotLikeArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"aws:ResourceTag/Environment\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"test*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Selection;\nimport com.pulumi.aws.backup.SelectionArgs;\nimport com.pulumi.aws.backup.inputs.SelectionConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Selection(\"example\", SelectionArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .name(\"my_example_backup_selection\")\n .planId(exampleAwsBackupPlan.id())\n .resources(\"*\")\n .conditions(SelectionConditionArgs.builder()\n .stringEquals(SelectionConditionStringEqualArgs.builder()\n .key(\"aws:ResourceTag/Component\")\n .value(\"rds\")\n .build())\n .stringLikes(SelectionConditionStringLikeArgs.builder()\n .key(\"aws:ResourceTag/Application\")\n .value(\"app*\")\n .build())\n .stringNotEquals(SelectionConditionStringNotEqualArgs.builder()\n .key(\"aws:ResourceTag/Backup\")\n .value(\"false\")\n .build())\n .stringNotLikes(SelectionConditionStringNotLikeArgs.builder()\n .key(\"aws:ResourceTag/Environment\")\n .value(\"test*\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Selection\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n name: my_example_backup_selection\n planId: ${exampleAwsBackupPlan.id}\n resources:\n - '*'\n conditions:\n - stringEquals:\n - key: aws:ResourceTag/Component\n value: rds\n stringLikes:\n - key: aws:ResourceTag/Application\n value: app*\n stringNotEquals:\n - key: aws:ResourceTag/Backup\n value: 'false'\n stringNotLikes:\n - key: aws:ResourceTag/Environment\n value: test*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Selecting Backups By Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n name: \"my_example_backup_selection\",\n planId: exampleAwsBackupPlan.id,\n resources: [\n exampleAwsDbInstance.arn,\n exampleAwsEbsVolume.arn,\n exampleAwsEfsFileSystem.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n name=\"my_example_backup_selection\",\n plan_id=example_aws_backup_plan[\"id\"],\n resources=[\n example_aws_db_instance[\"arn\"],\n example_aws_ebs_volume[\"arn\"],\n example_aws_efs_file_system[\"arn\"],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Selection(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n Name = \"my_example_backup_selection\",\n PlanId = exampleAwsBackupPlan.Id,\n Resources = new[]\n {\n exampleAwsDbInstance.Arn,\n exampleAwsEbsVolume.Arn,\n exampleAwsEfsFileSystem.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tName: pulumi.String(\"my_example_backup_selection\"),\n\t\t\tPlanId: pulumi.Any(exampleAwsBackupPlan.Id),\n\t\t\tResources: pulumi.StringArray{\n\t\t\t\texampleAwsDbInstance.Arn,\n\t\t\t\texampleAwsEbsVolume.Arn,\n\t\t\t\texampleAwsEfsFileSystem.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Selection;\nimport com.pulumi.aws.backup.SelectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Selection(\"example\", SelectionArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .name(\"my_example_backup_selection\")\n .planId(exampleAwsBackupPlan.id())\n .resources( \n exampleAwsDbInstance.arn(),\n exampleAwsEbsVolume.arn(),\n exampleAwsEfsFileSystem.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Selection\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n name: my_example_backup_selection\n planId: ${exampleAwsBackupPlan.id}\n resources:\n - ${exampleAwsDbInstance.arn}\n - ${exampleAwsEbsVolume.arn}\n - ${exampleAwsEfsFileSystem.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Selecting Backups By Not Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Selection(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n name: \"my_example_backup_selection\",\n planId: exampleAwsBackupPlan.id,\n notResources: [\n exampleAwsDbInstance.arn,\n exampleAwsEbsVolume.arn,\n exampleAwsEfsFileSystem.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Selection(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n name=\"my_example_backup_selection\",\n plan_id=example_aws_backup_plan[\"id\"],\n not_resources=[\n example_aws_db_instance[\"arn\"],\n example_aws_ebs_volume[\"arn\"],\n example_aws_efs_file_system[\"arn\"],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Selection(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n Name = \"my_example_backup_selection\",\n PlanId = exampleAwsBackupPlan.Id,\n NotResources = new[]\n {\n exampleAwsDbInstance.Arn,\n exampleAwsEbsVolume.Arn,\n exampleAwsEfsFileSystem.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewSelection(ctx, \"example\", \u0026backup.SelectionArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tName: pulumi.String(\"my_example_backup_selection\"),\n\t\t\tPlanId: pulumi.Any(exampleAwsBackupPlan.Id),\n\t\t\tNotResources: pulumi.StringArray{\n\t\t\t\texampleAwsDbInstance.Arn,\n\t\t\t\texampleAwsEbsVolume.Arn,\n\t\t\t\texampleAwsEfsFileSystem.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Selection;\nimport com.pulumi.aws.backup.SelectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Selection(\"example\", SelectionArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .name(\"my_example_backup_selection\")\n .planId(exampleAwsBackupPlan.id())\n .notResources( \n exampleAwsDbInstance.arn(),\n exampleAwsEbsVolume.arn(),\n exampleAwsEfsFileSystem.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Selection\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n name: my_example_backup_selection\n planId: ${exampleAwsBackupPlan.id}\n notResources:\n - ${exampleAwsDbInstance.arn}\n - ${exampleAwsEbsVolume.arn}\n - ${exampleAwsEfsFileSystem.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup selection using the role plan_id and id separated by `|`. For example:\n\n```sh\n$ pulumi import aws:backup/selection:Selection example plan-id|selection-id\n```\n", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionCondition:SelectionCondition" }, "description": "A list of conditions that you define to assign resources to your backup plans using tags.\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n" }, "name": { "type": "string", "description": "The display name of a resource selection document.\n" }, "notResources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.\n" }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.\n" }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n" } }, "required": [ "conditions", "iamRoleArn", "name", "notResources", "planId" ], "inputProperties": { "conditions": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionCondition:SelectionCondition" }, "description": "A list of conditions that you define to assign resources to your backup plans using tags.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The display name of a resource selection document.\n", "willReplaceOnChanges": true }, "notResources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.\n", "willReplaceOnChanges": true }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.\n", "willReplaceOnChanges": true }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "iamRoleArn", "planId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Selection resources.\n", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionCondition:SelectionCondition" }, "description": "A list of conditions that you define to assign resources to your backup plans using tags.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The display name of a resource selection document.\n", "willReplaceOnChanges": true }, "notResources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to exclude from a backup plan.\n", "willReplaceOnChanges": true }, "planId": { "type": "string", "description": "The backup plan ID to be associated with the selection of resources.\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan.\n", "willReplaceOnChanges": true }, "selectionTags": { "type": "array", "items": { "$ref": "#/types/aws:backup/SelectionSelectionTag:SelectionSelectionTag" }, "description": "Tag-based conditions used to specify a set of resources to assign to a backup plan.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:backup/vault:Vault": { "description": "Provides an AWS Backup vault resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.backup.Vault(\"example\", {\n name: \"example_backup_vault\",\n kmsKeyArn: exampleAwsKmsKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.Vault(\"example\",\n name=\"example_backup_vault\",\n kms_key_arn=example_aws_kms_key[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Backup.Vault(\"example\", new()\n {\n Name = \"example_backup_vault\",\n KmsKeyArn = exampleAwsKmsKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewVault(ctx, \"example\", \u0026backup.VaultArgs{\n\t\t\tName: pulumi.String(\"example_backup_vault\"),\n\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Vault;\nimport com.pulumi.aws.backup.VaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vault(\"example\", VaultArgs.builder()\n .name(\"example_backup_vault\")\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:backup:Vault\n properties:\n name: example_backup_vault\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup vault using the `name`. For example:\n\n```sh\n$ pulumi import aws:backup/vault:Vault test-vault TestVault\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates that all recovery points stored in the vault are deleted so that the vault can be destroyed without error.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n" }, "name": { "type": "string", "description": "Name of the backup vault to create.\n" }, "recoveryPoints": { "type": "integer", "description": "The number of recovery points that are stored in a backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "kmsKeyArn", "name", "recoveryPoints", "tagsAll" ], "inputProperties": { "forceDestroy": { "type": "boolean", "description": "A boolean that indicates that all recovery points stored in the vault are deleted so that the vault can be destroyed without error.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the backup vault to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Vault resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates that all recovery points stored in the vault are deleted so that the vault can be destroyed without error.\n" }, "kmsKeyArn": { "type": "string", "description": "The server-side encryption key that is used to protect your backups.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the backup vault to create.\n", "willReplaceOnChanges": true }, "recoveryPoints": { "type": "integer", "description": "The number of recovery points that are stored in a backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:backup/vaultLockConfiguration:VaultLockConfiguration": { "description": "Provides an AWS Backup vault lock configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.backup.VaultLockConfiguration(\"test\", {\n backupVaultName: \"example_backup_vault\",\n changeableForDays: 3,\n maxRetentionDays: 1200,\n minRetentionDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.backup.VaultLockConfiguration(\"test\",\n backup_vault_name=\"example_backup_vault\",\n changeable_for_days=3,\n max_retention_days=1200,\n min_retention_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Backup.VaultLockConfiguration(\"test\", new()\n {\n BackupVaultName = \"example_backup_vault\",\n ChangeableForDays = 3,\n MaxRetentionDays = 1200,\n MinRetentionDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.NewVaultLockConfiguration(ctx, \"test\", \u0026backup.VaultLockConfigurationArgs{\n\t\t\tBackupVaultName: pulumi.String(\"example_backup_vault\"),\n\t\t\tChangeableForDays: pulumi.Int(3),\n\t\t\tMaxRetentionDays: pulumi.Int(1200),\n\t\t\tMinRetentionDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.VaultLockConfiguration;\nimport com.pulumi.aws.backup.VaultLockConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new VaultLockConfiguration(\"test\", VaultLockConfigurationArgs.builder()\n .backupVaultName(\"example_backup_vault\")\n .changeableForDays(3)\n .maxRetentionDays(1200)\n .minRetentionDays(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:backup:VaultLockConfiguration\n properties:\n backupVaultName: example_backup_vault\n changeableForDays: 3\n maxRetentionDays: 1200\n minRetentionDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup vault lock configuration using the `name`. For example:\n\n```sh\n$ pulumi import aws:backup/vaultLockConfiguration:VaultLockConfiguration test TestVault\n```\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add a lock configuration for.\n" }, "changeableForDays": { "type": "integer", "description": "The number of days before the lock date. If omitted creates a vault lock in `governance` mode, otherwise it will create a vault lock in `compliance` mode.\n" }, "maxRetentionDays": { "type": "integer", "description": "The maximum retention period that the vault retains its recovery points.\n" }, "minRetentionDays": { "type": "integer", "description": "The minimum retention period that the vault retains its recovery points.\n" } }, "required": [ "backupVaultArn", "backupVaultName" ], "inputProperties": { "backupVaultName": { "type": "string", "description": "Name of the backup vault to add a lock configuration for.\n", "willReplaceOnChanges": true }, "changeableForDays": { "type": "integer", "description": "The number of days before the lock date. If omitted creates a vault lock in `governance` mode, otherwise it will create a vault lock in `compliance` mode.\n", "willReplaceOnChanges": true }, "maxRetentionDays": { "type": "integer", "description": "The maximum retention period that the vault retains its recovery points.\n", "willReplaceOnChanges": true }, "minRetentionDays": { "type": "integer", "description": "The minimum retention period that the vault retains its recovery points.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "backupVaultName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VaultLockConfiguration resources.\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add a lock configuration for.\n", "willReplaceOnChanges": true }, "changeableForDays": { "type": "integer", "description": "The number of days before the lock date. If omitted creates a vault lock in `governance` mode, otherwise it will create a vault lock in `compliance` mode.\n", "willReplaceOnChanges": true }, "maxRetentionDays": { "type": "integer", "description": "The maximum retention period that the vault retains its recovery points.\n", "willReplaceOnChanges": true }, "minRetentionDays": { "type": "integer", "description": "The minimum retention period that the vault retains its recovery points.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:backup/vaultNotifications:VaultNotifications": { "description": "Provides an AWS Backup vault notifications resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTopic = new aws.sns.Topic(\"test\", {name: \"backup-vault-events\"});\nconst test = testTopic.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n policyId: \"__default_policy_ID\",\n statements: [{\n actions: [\"SNS:Publish\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"backup.amazonaws.com\"],\n }],\n resources: [arn],\n sid: \"__default_statement_ID\",\n }],\n}));\nconst testTopicPolicy = new aws.sns.TopicPolicy(\"test\", {\n arn: testTopic.arn,\n policy: test.apply(test =\u003e test.json),\n});\nconst testVaultNotifications = new aws.backup.VaultNotifications(\"test\", {\n backupVaultName: \"example_backup_vault\",\n snsTopicArn: testTopic.arn,\n backupVaultEvents: [\n \"BACKUP_JOB_STARTED\",\n \"RESTORE_JOB_COMPLETED\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_topic = aws.sns.Topic(\"test\", name=\"backup-vault-events\")\ntest = test_topic.arn.apply(lambda arn: aws.iam.get_policy_document_output(policy_id=\"__default_policy_ID\",\n statements=[{\n \"actions\": [\"SNS:Publish\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"backup.amazonaws.com\"],\n }],\n \"resources\": [arn],\n \"sid\": \"__default_statement_ID\",\n }]))\ntest_topic_policy = aws.sns.TopicPolicy(\"test\",\n arn=test_topic.arn,\n policy=test.json)\ntest_vault_notifications = aws.backup.VaultNotifications(\"test\",\n backup_vault_name=\"example_backup_vault\",\n sns_topic_arn=test_topic.arn,\n backup_vault_events=[\n \"BACKUP_JOB_STARTED\",\n \"RESTORE_JOB_COMPLETED\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTopic = new Aws.Sns.Topic(\"test\", new()\n {\n Name = \"backup-vault-events\",\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"backup.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n testTopic.Arn,\n },\n Sid = \"__default_statement_ID\",\n },\n },\n });\n\n var testTopicPolicy = new Aws.Sns.TopicPolicy(\"test\", new()\n {\n Arn = testTopic.Arn,\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testVaultNotifications = new Aws.Backup.VaultNotifications(\"test\", new()\n {\n BackupVaultName = \"example_backup_vault\",\n SnsTopicArn = testTopic.Arn,\n BackupVaultEvents = new[]\n {\n \"BACKUP_JOB_STARTED\",\n \"RESTORE_JOB_COMPLETED\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ntestTopic, err := sns.NewTopic(ctx, \"test\", \u0026sns.TopicArgs{\nName: pulumi.String(\"backup-vault-events\"),\n})\nif err != nil {\nreturn err\n}\ntest := testTopic.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nPolicyId: \"__default_policy_ID\",\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"SNS:Publish\",\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"backup.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\narn,\n},\nSid: \"__default_statement_ID\",\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"test\", \u0026sns.TopicPolicyArgs{\nArn: testTopic.Arn,\nPolicy: pulumi.String(test.ApplyT(func(test iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026test.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\n_, err = backup.NewVaultNotifications(ctx, \"test\", \u0026backup.VaultNotificationsArgs{\nBackupVaultName: pulumi.String(\"example_backup_vault\"),\nSnsTopicArn: testTopic.Arn,\nBackupVaultEvents: pulumi.StringArray{\npulumi.String(\"BACKUP_JOB_STARTED\"),\npulumi.String(\"RESTORE_JOB_COMPLETED\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.backup.VaultNotifications;\nimport com.pulumi.aws.backup.VaultNotificationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTopic = new Topic(\"testTopic\", TopicArgs.builder()\n .name(\"backup-vault-events\")\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"SNS:Publish\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"backup.amazonaws.com\")\n .build())\n .resources(testTopic.arn())\n .sid(\"__default_statement_ID\")\n .build())\n .build());\n\n var testTopicPolicy = new TopicPolicy(\"testTopicPolicy\", TopicPolicyArgs.builder()\n .arn(testTopic.arn())\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(test -\u003e test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var testVaultNotifications = new VaultNotifications(\"testVaultNotifications\", VaultNotificationsArgs.builder()\n .backupVaultName(\"example_backup_vault\")\n .snsTopicArn(testTopic.arn())\n .backupVaultEvents( \n \"BACKUP_JOB_STARTED\",\n \"RESTORE_JOB_COMPLETED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testTopic:\n type: aws:sns:Topic\n name: test\n properties:\n name: backup-vault-events\n testTopicPolicy:\n type: aws:sns:TopicPolicy\n name: test\n properties:\n arn: ${testTopic.arn}\n policy: ${test.json}\n testVaultNotifications:\n type: aws:backup:VaultNotifications\n name: test\n properties:\n backupVaultName: example_backup_vault\n snsTopicArn: ${testTopic.arn}\n backupVaultEvents:\n - BACKUP_JOB_STARTED\n - RESTORE_JOB_COMPLETED\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - actions:\n - SNS:Publish\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - backup.amazonaws.com\n resources:\n - ${testTopic.arn}\n sid: __default_statement_ID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup vault notifications using the `name`. For example:\n\n```sh\n$ pulumi import aws:backup/vaultNotifications:VaultNotifications test TestVault\n```\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultEvents": { "type": "array", "items": { "type": "string" }, "description": "An array of events that indicate the status of jobs to back up resources to the backup vault.\n" }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add notifications for.\n" }, "snsTopicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events\n" } }, "required": [ "backupVaultArn", "backupVaultEvents", "backupVaultName", "snsTopicArn" ], "inputProperties": { "backupVaultEvents": { "type": "array", "items": { "type": "string" }, "description": "An array of events that indicate the status of jobs to back up resources to the backup vault.\n", "willReplaceOnChanges": true }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add notifications for.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "backupVaultEvents", "backupVaultName", "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VaultNotifications resources.\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultEvents": { "type": "array", "items": { "type": "string" }, "description": "An array of events that indicate the status of jobs to back up resources to the backup vault.\n", "willReplaceOnChanges": true }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add notifications for.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:backup/vaultPolicy:VaultPolicy": { "description": "Provides an AWS Backup vault policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVault = new aws.backup.Vault(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n actions: [\n \"backup:DescribeBackupVault\",\n \"backup:DeleteBackupVault\",\n \"backup:PutBackupVaultAccessPolicy\",\n \"backup:DeleteBackupVaultAccessPolicy\",\n \"backup:GetBackupVaultAccessPolicy\",\n \"backup:StartBackupJob\",\n \"backup:GetBackupVaultNotifications\",\n \"backup:PutBackupVaultNotifications\",\n ],\n resources: [exampleVault.arn],\n }],\n});\nconst exampleVaultPolicy = new aws.backup.VaultPolicy(\"example\", {\n backupVaultName: exampleVault.name,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vault = aws.backup.Vault(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\n \"backup:DescribeBackupVault\",\n \"backup:DeleteBackupVault\",\n \"backup:PutBackupVaultAccessPolicy\",\n \"backup:DeleteBackupVaultAccessPolicy\",\n \"backup:GetBackupVaultAccessPolicy\",\n \"backup:StartBackupJob\",\n \"backup:GetBackupVaultNotifications\",\n \"backup:PutBackupVaultNotifications\",\n ],\n \"resources\": [example_vault.arn],\n}])\nexample_vault_policy = aws.backup.VaultPolicy(\"example\",\n backup_vault_name=example_vault.name,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVault = new Aws.Backup.Vault(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"backup:DescribeBackupVault\",\n \"backup:DeleteBackupVault\",\n \"backup:PutBackupVaultAccessPolicy\",\n \"backup:DeleteBackupVaultAccessPolicy\",\n \"backup:GetBackupVaultAccessPolicy\",\n \"backup:StartBackupJob\",\n \"backup:GetBackupVaultNotifications\",\n \"backup:PutBackupVaultNotifications\",\n },\n Resources = new[]\n {\n exampleVault.Arn,\n },\n },\n },\n });\n\n var exampleVaultPolicy = new Aws.Backup.VaultPolicy(\"example\", new()\n {\n BackupVaultName = exampleVault.Name,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVault, err := backup.NewVault(ctx, \"example\", \u0026backup.VaultArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"backup:DescribeBackupVault\"),\n\t\t\t\t\t\tpulumi.String(\"backup:DeleteBackupVault\"),\n\t\t\t\t\t\tpulumi.String(\"backup:PutBackupVaultAccessPolicy\"),\n\t\t\t\t\t\tpulumi.String(\"backup:DeleteBackupVaultAccessPolicy\"),\n\t\t\t\t\t\tpulumi.String(\"backup:GetBackupVaultAccessPolicy\"),\n\t\t\t\t\t\tpulumi.String(\"backup:StartBackupJob\"),\n\t\t\t\t\t\tpulumi.String(\"backup:GetBackupVaultNotifications\"),\n\t\t\t\t\t\tpulumi.String(\"backup:PutBackupVaultNotifications\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleVault.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = backup.NewVaultPolicy(ctx, \"example\", \u0026backup.VaultPolicyArgs{\n\t\t\tBackupVaultName: exampleVault.Name,\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.Vault;\nimport com.pulumi.aws.backup.VaultArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.backup.VaultPolicy;\nimport com.pulumi.aws.backup.VaultPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVault = new Vault(\"exampleVault\", VaultArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .actions( \n \"backup:DescribeBackupVault\",\n \"backup:DeleteBackupVault\",\n \"backup:PutBackupVaultAccessPolicy\",\n \"backup:DeleteBackupVaultAccessPolicy\",\n \"backup:GetBackupVaultAccessPolicy\",\n \"backup:StartBackupJob\",\n \"backup:GetBackupVaultNotifications\",\n \"backup:PutBackupVaultNotifications\")\n .resources(exampleVault.arn())\n .build())\n .build());\n\n var exampleVaultPolicy = new VaultPolicy(\"exampleVaultPolicy\", VaultPolicyArgs.builder()\n .backupVaultName(exampleVault.name())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVault:\n type: aws:backup:Vault\n name: example\n properties:\n name: example\n exampleVaultPolicy:\n type: aws:backup:VaultPolicy\n name: example\n properties:\n backupVaultName: ${exampleVault.name}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n actions:\n - backup:DescribeBackupVault\n - backup:DeleteBackupVault\n - backup:PutBackupVaultAccessPolicy\n - backup:DeleteBackupVaultAccessPolicy\n - backup:GetBackupVaultAccessPolicy\n - backup:StartBackupJob\n - backup:GetBackupVaultNotifications\n - backup:PutBackupVaultNotifications\n resources:\n - ${exampleVault.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Backup vault policy using the `name`. For example:\n\n```sh\n$ pulumi import aws:backup/vaultPolicy:VaultPolicy test TestVault\n```\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add policy for.\n" }, "policy": { "type": "string", "description": "The backup vault access policy document in JSON format.\n" } }, "required": [ "backupVaultArn", "backupVaultName", "policy" ], "inputProperties": { "backupVaultName": { "type": "string", "description": "Name of the backup vault to add policy for.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The backup vault access policy document in JSON format.\n" } }, "requiredInputs": [ "backupVaultName", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering VaultPolicy resources.\n", "properties": { "backupVaultArn": { "type": "string", "description": "The ARN of the vault.\n" }, "backupVaultName": { "type": "string", "description": "Name of the backup vault to add policy for.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The backup vault access policy document in JSON format.\n" } }, "type": "object" } }, "aws:batch/computeEnvironment:ComputeEnvironment": { "description": "Creates a AWS Batch compute environment. Compute environments contain the Amazon ECS container instances that are used to run containerized batch jobs.\n\nFor information about AWS Batch, see [What is AWS Batch?](http://docs.aws.amazon.com/batch/latest/userguide/what-is-batch.html) .\nFor information about compute environment, see [Compute Environments](http://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) .\n\n\u003e **Note:** To prevent a race condition during environment deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicyAttachment`;\notherwise, the policy may be destroyed too soon and the compute environment will then get stuck in the `DELETING` state, see [Troubleshooting AWS Batch](http://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html) .\n\n## Example Usage\n\n### EC2 Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2AssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst ecsInstanceRole = new aws.iam.Role(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n assumeRolePolicy: ec2AssumeRole.then(ec2AssumeRole =\u003e ec2AssumeRole.json),\n});\nconst ecsInstanceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"ecs_instance_role\", {\n role: ecsInstanceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n});\nconst ecsInstanceRoleInstanceProfile = new aws.iam.InstanceProfile(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n role: ecsInstanceRole.name,\n});\nconst batchAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"batch.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst awsBatchServiceRole = new aws.iam.Role(\"aws_batch_service_role\", {\n name: \"aws_batch_service_role\",\n assumeRolePolicy: batchAssumeRole.then(batchAssumeRole =\u003e batchAssumeRole.json),\n});\nconst awsBatchServiceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"aws_batch_service_role\", {\n role: awsBatchServiceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n});\nconst sample = new aws.ec2.SecurityGroup(\"sample\", {\n name: \"aws_batch_compute_environment_security_group\",\n egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n }],\n});\nconst sampleVpc = new aws.ec2.Vpc(\"sample\", {cidrBlock: \"10.1.0.0/16\"});\nconst sampleSubnet = new aws.ec2.Subnet(\"sample\", {\n vpcId: sampleVpc.id,\n cidrBlock: \"10.1.1.0/24\",\n});\nconst samplePlacementGroup = new aws.ec2.PlacementGroup(\"sample\", {\n name: \"sample\",\n strategy: aws.ec2.PlacementStrategy.Cluster,\n});\nconst sampleComputeEnvironment = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n instanceRole: ecsInstanceRoleInstanceProfile.arn,\n instanceTypes: [\"c4.large\"],\n maxVcpus: 16,\n minVcpus: 0,\n placementGroup: samplePlacementGroup.name,\n securityGroupIds: [sample.id],\n subnets: [sampleSubnet.id],\n type: \"EC2\",\n },\n serviceRole: awsBatchServiceRole.arn,\n type: \"MANAGED\",\n}, {\n dependsOn: [awsBatchServiceRoleRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ec2.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\necs_instance_role = aws.iam.Role(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n assume_role_policy=ec2_assume_role.json)\necs_instance_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"ecs_instance_role\",\n role=ecs_instance_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\necs_instance_role_instance_profile = aws.iam.InstanceProfile(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n role=ecs_instance_role.name)\nbatch_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"batch.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\naws_batch_service_role = aws.iam.Role(\"aws_batch_service_role\",\n name=\"aws_batch_service_role\",\n assume_role_policy=batch_assume_role.json)\naws_batch_service_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"aws_batch_service_role\",\n role=aws_batch_service_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\nsample = aws.ec2.SecurityGroup(\"sample\",\n name=\"aws_batch_compute_environment_security_group\",\n egress=[{\n \"from_port\": 0,\n \"to_port\": 0,\n \"protocol\": \"-1\",\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n }])\nsample_vpc = aws.ec2.Vpc(\"sample\", cidr_block=\"10.1.0.0/16\")\nsample_subnet = aws.ec2.Subnet(\"sample\",\n vpc_id=sample_vpc.id,\n cidr_block=\"10.1.1.0/24\")\nsample_placement_group = aws.ec2.PlacementGroup(\"sample\",\n name=\"sample\",\n strategy=aws.ec2.PlacementStrategy.CLUSTER)\nsample_compute_environment = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources={\n \"instance_role\": ecs_instance_role_instance_profile.arn,\n \"instance_types\": [\"c4.large\"],\n \"max_vcpus\": 16,\n \"min_vcpus\": 0,\n \"placement_group\": sample_placement_group.name,\n \"security_group_ids\": [sample.id],\n \"subnets\": [sample_subnet.id],\n \"type\": \"EC2\",\n },\n service_role=aws_batch_service_role.arn,\n type=\"MANAGED\",\n opts = pulumi.ResourceOptions(depends_on=[aws_batch_service_role_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2AssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var ecsInstanceRole = new Aws.Iam.Role(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n AssumeRolePolicy = ec2AssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsInstanceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"ecs_instance_role\", new()\n {\n Role = ecsInstanceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n });\n\n var ecsInstanceRoleInstanceProfile = new Aws.Iam.InstanceProfile(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n Role = ecsInstanceRole.Name,\n });\n\n var batchAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"batch.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var awsBatchServiceRole = new Aws.Iam.Role(\"aws_batch_service_role\", new()\n {\n Name = \"aws_batch_service_role\",\n AssumeRolePolicy = batchAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var awsBatchServiceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"aws_batch_service_role\", new()\n {\n Role = awsBatchServiceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n });\n\n var sample = new Aws.Ec2.SecurityGroup(\"sample\", new()\n {\n Name = \"aws_batch_compute_environment_security_group\",\n Egress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n },\n });\n\n var sampleVpc = new Aws.Ec2.Vpc(\"sample\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var sampleSubnet = new Aws.Ec2.Subnet(\"sample\", new()\n {\n VpcId = sampleVpc.Id,\n CidrBlock = \"10.1.1.0/24\",\n });\n\n var samplePlacementGroup = new Aws.Ec2.PlacementGroup(\"sample\", new()\n {\n Name = \"sample\",\n Strategy = Aws.Ec2.PlacementStrategy.Cluster,\n });\n\n var sampleComputeEnvironment = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n InstanceRole = ecsInstanceRoleInstanceProfile.Arn,\n InstanceTypes = new[]\n {\n \"c4.large\",\n },\n MaxVcpus = 16,\n MinVcpus = 0,\n PlacementGroup = samplePlacementGroup.Name,\n SecurityGroupIds = new[]\n {\n sample.Id,\n },\n Subnets = new[]\n {\n sampleSubnet.Id,\n },\n Type = \"EC2\",\n },\n ServiceRole = awsBatchServiceRole.Arn,\n Type = \"MANAGED\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n awsBatchServiceRoleRolePolicyAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tec2AssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRole, err := iam.NewRole(ctx, \"ecs_instance_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(ec2AssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ecs_instance_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRoleInstanceProfile, err := iam.NewInstanceProfile(ctx, \"ecs_instance_role\", \u0026iam.InstanceProfileArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbatchAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"batch.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRole, err := iam.NewRole(ctx, \"aws_batch_service_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"aws_batch_service_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(batchAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRoleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"aws_batch_service_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: awsBatchServiceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsample, err := ec2.NewSecurityGroup(ctx, \"sample\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"aws_batch_compute_environment_security_group\"),\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleVpc, err := ec2.NewVpc(ctx, \"sample\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleSubnet, err := ec2.NewSubnet(ctx, \"sample\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: sampleVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsamplePlacementGroup, err := ec2.NewPlacementGroup(ctx, \"sample\", \u0026ec2.PlacementGroupArgs{\n\t\t\tName: pulumi.String(\"sample\"),\n\t\t\tStrategy: pulumi.String(ec2.PlacementStrategyCluster),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tInstanceRole: ecsInstanceRoleInstanceProfile.Arn,\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"c4.large\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tPlacementGroup: samplePlacementGroup.Name,\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsample.ID(),\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tServiceRole: awsBatchServiceRole.Arn,\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tawsBatchServiceRoleRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iam.InstanceProfile;\nimport com.pulumi.aws.iam.InstanceProfileArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupEgressArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.PlacementGroup;\nimport com.pulumi.aws.ec2.PlacementGroupArgs;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ec2AssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var ecsInstanceRole = new Role(\"ecsInstanceRole\", RoleArgs.builder()\n .name(\"ecs_instance_role\")\n .assumeRolePolicy(ec2AssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ecsInstanceRoleRolePolicyAttachment = new RolePolicyAttachment(\"ecsInstanceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(ecsInstanceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\n .build());\n\n var ecsInstanceRoleInstanceProfile = new InstanceProfile(\"ecsInstanceRoleInstanceProfile\", InstanceProfileArgs.builder()\n .name(\"ecs_instance_role\")\n .role(ecsInstanceRole.name())\n .build());\n\n final var batchAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"batch.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var awsBatchServiceRole = new Role(\"awsBatchServiceRole\", RoleArgs.builder()\n .name(\"aws_batch_service_role\")\n .assumeRolePolicy(batchAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var awsBatchServiceRoleRolePolicyAttachment = new RolePolicyAttachment(\"awsBatchServiceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(awsBatchServiceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\n .build());\n\n var sample = new SecurityGroup(\"sample\", SecurityGroupArgs.builder()\n .name(\"aws_batch_compute_environment_security_group\")\n .egress(SecurityGroupEgressArgs.builder()\n .fromPort(0)\n .toPort(0)\n .protocol(\"-1\")\n .cidrBlocks(\"0.0.0.0/0\")\n .build())\n .build());\n\n var sampleVpc = new Vpc(\"sampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var sampleSubnet = new Subnet(\"sampleSubnet\", SubnetArgs.builder()\n .vpcId(sampleVpc.id())\n .cidrBlock(\"10.1.1.0/24\")\n .build());\n\n var samplePlacementGroup = new PlacementGroup(\"samplePlacementGroup\", PlacementGroupArgs.builder()\n .name(\"sample\")\n .strategy(\"cluster\")\n .build());\n\n var sampleComputeEnvironment = new ComputeEnvironment(\"sampleComputeEnvironment\", ComputeEnvironmentArgs.builder()\n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .instanceRole(ecsInstanceRoleInstanceProfile.arn())\n .instanceTypes(\"c4.large\")\n .maxVcpus(16)\n .minVcpus(0)\n .placementGroup(samplePlacementGroup.name())\n .securityGroupIds(sample.id())\n .subnets(sampleSubnet.id())\n .type(\"EC2\")\n .build())\n .serviceRole(awsBatchServiceRole.arn())\n .type(\"MANAGED\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(awsBatchServiceRoleRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsInstanceRole:\n type: aws:iam:Role\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n assumeRolePolicy: ${ec2AssumeRole.json}\n ecsInstanceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: ecs_instance_role\n properties:\n role: ${ecsInstanceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\n ecsInstanceRoleInstanceProfile:\n type: aws:iam:InstanceProfile\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n role: ${ecsInstanceRole.name}\n awsBatchServiceRole:\n type: aws:iam:Role\n name: aws_batch_service_role\n properties:\n name: aws_batch_service_role\n assumeRolePolicy: ${batchAssumeRole.json}\n awsBatchServiceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: aws_batch_service_role\n properties:\n role: ${awsBatchServiceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\n sample:\n type: aws:ec2:SecurityGroup\n properties:\n name: aws_batch_compute_environment_security_group\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n cidrBlocks:\n - 0.0.0.0/0\n sampleVpc:\n type: aws:ec2:Vpc\n name: sample\n properties:\n cidrBlock: 10.1.0.0/16\n sampleSubnet:\n type: aws:ec2:Subnet\n name: sample\n properties:\n vpcId: ${sampleVpc.id}\n cidrBlock: 10.1.1.0/24\n samplePlacementGroup:\n type: aws:ec2:PlacementGroup\n name: sample\n properties:\n name: sample\n strategy: cluster\n sampleComputeEnvironment:\n type: aws:batch:ComputeEnvironment\n name: sample\n properties:\n computeEnvironmentName: sample\n computeResources:\n instanceRole: ${ecsInstanceRoleInstanceProfile.arn}\n instanceTypes:\n - c4.large\n maxVcpus: 16\n minVcpus: 0\n placementGroup: ${samplePlacementGroup.name}\n securityGroupIds:\n - ${sample.id}\n subnets:\n - ${sampleSubnet.id}\n type: EC2\n serviceRole: ${awsBatchServiceRole.arn}\n type: MANAGED\n options:\n dependson:\n - ${awsBatchServiceRoleRolePolicyAttachment}\nvariables:\n ec2AssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n batchAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - batch.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fargate Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n maxVcpus: 16,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"FARGATE\",\n },\n serviceRole: awsBatchServiceRoleAwsIamRole.arn,\n type: \"MANAGED\",\n}, {\n dependsOn: [awsBatchServiceRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources={\n \"max_vcpus\": 16,\n \"security_group_ids\": [sample_aws_security_group[\"id\"]],\n \"subnets\": [sample_aws_subnet[\"id\"]],\n \"type\": \"FARGATE\",\n },\n service_role=aws_batch_service_role_aws_iam_role[\"arn\"],\n type=\"MANAGED\",\n opts = pulumi.ResourceOptions(depends_on=[aws_batch_service_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n MaxVcpus = 16,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"FARGATE\",\n },\n ServiceRole = awsBatchServiceRoleAwsIamRole.Arn,\n Type = \"MANAGED\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n awsBatchServiceRole,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tServiceRole: pulumi.Any(awsBatchServiceRoleAwsIamRole.Arn),\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tawsBatchServiceRole,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder()\n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .maxVcpus(16)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"FARGATE\")\n .build())\n .serviceRole(awsBatchServiceRoleAwsIamRole.arn())\n .type(\"MANAGED\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(awsBatchServiceRole)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n maxVcpus: 16\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: FARGATE\n serviceRole: ${awsBatchServiceRoleAwsIamRole.arn}\n type: MANAGED\n options:\n dependson:\n - ${awsBatchServiceRole}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Setting Update Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n allocationStrategy: \"BEST_FIT_PROGRESSIVE\",\n instanceRole: ecsInstance.arn,\n instanceTypes: [\"optimal\"],\n maxVcpus: 4,\n minVcpus: 0,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"EC2\",\n },\n updatePolicy: {\n jobExecutionTimeoutMinutes: 30,\n terminateJobsOnUpdate: false,\n },\n type: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources={\n \"allocation_strategy\": \"BEST_FIT_PROGRESSIVE\",\n \"instance_role\": ecs_instance[\"arn\"],\n \"instance_types\": [\"optimal\"],\n \"max_vcpus\": 4,\n \"min_vcpus\": 0,\n \"security_group_ids\": [sample_aws_security_group[\"id\"]],\n \"subnets\": [sample_aws_subnet[\"id\"]],\n \"type\": \"EC2\",\n },\n update_policy={\n \"job_execution_timeout_minutes\": 30,\n \"terminate_jobs_on_update\": False,\n },\n type=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n AllocationStrategy = \"BEST_FIT_PROGRESSIVE\",\n InstanceRole = ecsInstance.Arn,\n InstanceTypes = new[]\n {\n \"optimal\",\n },\n MaxVcpus = 4,\n MinVcpus = 0,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"EC2\",\n },\n UpdatePolicy = new Aws.Batch.Inputs.ComputeEnvironmentUpdatePolicyArgs\n {\n JobExecutionTimeoutMinutes = 30,\n TerminateJobsOnUpdate = false,\n },\n Type = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tAllocationStrategy: pulumi.String(\"BEST_FIT_PROGRESSIVE\"),\n\t\t\t\tInstanceRole: pulumi.Any(ecsInstance.Arn),\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"optimal\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(4),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tUpdatePolicy: \u0026batch.ComputeEnvironmentUpdatePolicyArgs{\n\t\t\t\tJobExecutionTimeoutMinutes: pulumi.Int(30),\n\t\t\t\tTerminateJobsOnUpdate: pulumi.Bool(false),\n\t\t\t},\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentUpdatePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder()\n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .allocationStrategy(\"BEST_FIT_PROGRESSIVE\")\n .instanceRole(ecsInstance.arn())\n .instanceTypes(\"optimal\")\n .maxVcpus(4)\n .minVcpus(0)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"EC2\")\n .build())\n .updatePolicy(ComputeEnvironmentUpdatePolicyArgs.builder()\n .jobExecutionTimeoutMinutes(30)\n .terminateJobsOnUpdate(false)\n .build())\n .type(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n allocationStrategy: BEST_FIT_PROGRESSIVE\n instanceRole: ${ecsInstance.arn}\n instanceTypes:\n - optimal\n maxVcpus: 4\n minVcpus: 0\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: EC2\n updatePolicy:\n jobExecutionTimeoutMinutes: 30\n terminateJobsOnUpdate: false\n type: MANAGED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Batch compute using the `compute_environment_name`. For example:\n\n```sh\n$ pulumi import aws:batch/computeEnvironment:ComputeEnvironment sample sample\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the compute environment.\n" }, "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, the provider will assign a random, unique name.\n" }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n" }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n" }, "ecsClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the underlying Amazon ECS cluster used by the compute environment.\n" }, "eksConfiguration": { "$ref": "#/types/aws:batch/ComputeEnvironmentEksConfiguration:ComputeEnvironmentEksConfiguration", "description": "Details for the Amazon EKS cluster that supports the compute environment. See details below.\n" }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "status": { "type": "string", "description": "The current status of the compute environment (for example, CREATING or VALID).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status of the compute environment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the compute environment. Valid items are `MANAGED` or `UNMANAGED`.\n" }, "updatePolicy": { "$ref": "#/types/aws:batch/ComputeEnvironmentUpdatePolicy:ComputeEnvironmentUpdatePolicy", "description": "Specifies the infrastructure update policy for the compute environment. See details below.\n" } }, "required": [ "arn", "computeEnvironmentName", "computeEnvironmentNamePrefix", "ecsClusterArn", "serviceRole", "status", "statusReason", "tagsAll", "type" ], "inputProperties": { "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n", "willReplaceOnChanges": true }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n", "willReplaceOnChanges": true }, "eksConfiguration": { "$ref": "#/types/aws:batch/ComputeEnvironmentEksConfiguration:ComputeEnvironmentEksConfiguration", "description": "Details for the Amazon EKS cluster that supports the compute environment. See details below.\n", "willReplaceOnChanges": true }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of the compute environment. Valid items are `MANAGED` or `UNMANAGED`.\n", "willReplaceOnChanges": true }, "updatePolicy": { "$ref": "#/types/aws:batch/ComputeEnvironmentUpdatePolicy:ComputeEnvironmentUpdatePolicy", "description": "Specifies the infrastructure update policy for the compute environment. See details below.\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ComputeEnvironment resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the compute environment.\n" }, "computeEnvironmentName": { "type": "string", "description": "The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "computeEnvironmentNamePrefix": { "type": "string", "description": "Creates a unique compute environment name beginning with the specified prefix. Conflicts with `compute_environment_name`.\n", "willReplaceOnChanges": true }, "computeResources": { "$ref": "#/types/aws:batch/ComputeEnvironmentComputeResources:ComputeEnvironmentComputeResources", "description": "Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.\n", "willReplaceOnChanges": true }, "ecsClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the underlying Amazon ECS cluster used by the compute environment.\n" }, "eksConfiguration": { "$ref": "#/types/aws:batch/ComputeEnvironmentEksConfiguration:ComputeEnvironmentEksConfiguration", "description": "Details for the Amazon EKS cluster that supports the compute environment. See details below.\n", "willReplaceOnChanges": true }, "serviceRole": { "type": "string", "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n" }, "state": { "type": "string", "description": "The state of the compute environment. If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items are `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "status": { "type": "string", "description": "The current status of the compute environment (for example, CREATING or VALID).\n" }, "statusReason": { "type": "string", "description": "A short, human-readable string to provide additional details about the current status of the compute environment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the compute environment. Valid items are `MANAGED` or `UNMANAGED`.\n", "willReplaceOnChanges": true }, "updatePolicy": { "$ref": "#/types/aws:batch/ComputeEnvironmentUpdatePolicy:ComputeEnvironmentUpdatePolicy", "description": "Specifies the infrastructure update policy for the compute environment. See details below.\n" } }, "type": "object" } }, "aws:batch/jobDefinition:JobDefinition": { "description": "Provides a Batch Job Definition resource.\n\n## Example Usage\n\n### Job definition of type container\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.batch.JobDefinition(\"test\", {\n name: \"my_test_batch_job_definition\",\n type: \"container\",\n containerProperties: JSON.stringify({\n command: [\n \"ls\",\n \"-la\",\n ],\n image: \"busybox\",\n resourceRequirements: [\n {\n type: \"VCPU\",\n value: \"0.25\",\n },\n {\n type: \"MEMORY\",\n value: \"512\",\n },\n ],\n volumes: [{\n host: {\n sourcePath: \"/tmp\",\n },\n name: \"tmp\",\n }],\n environment: [{\n name: \"VARNAME\",\n value: \"VARVAL\",\n }],\n mountPoints: [{\n sourceVolume: \"tmp\",\n containerPath: \"/tmp\",\n readOnly: false,\n }],\n ulimits: [{\n hardLimit: 1024,\n name: \"nofile\",\n softLimit: 1024,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.batch.JobDefinition(\"test\",\n name=\"my_test_batch_job_definition\",\n type=\"container\",\n container_properties=json.dumps({\n \"command\": [\n \"ls\",\n \"-la\",\n ],\n \"image\": \"busybox\",\n \"resourceRequirements\": [\n {\n \"type\": \"VCPU\",\n \"value\": \"0.25\",\n },\n {\n \"type\": \"MEMORY\",\n \"value\": \"512\",\n },\n ],\n \"volumes\": [{\n \"host\": {\n \"sourcePath\": \"/tmp\",\n },\n \"name\": \"tmp\",\n }],\n \"environment\": [{\n \"name\": \"VARNAME\",\n \"value\": \"VARVAL\",\n }],\n \"mountPoints\": [{\n \"sourceVolume\": \"tmp\",\n \"containerPath\": \"/tmp\",\n \"readOnly\": False,\n }],\n \"ulimits\": [{\n \"hardLimit\": 1024,\n \"name\": \"nofile\",\n \"softLimit\": 1024,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Batch.JobDefinition(\"test\", new()\n {\n Name = \"my_test_batch_job_definition\",\n Type = \"container\",\n ContainerProperties = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"command\"] = new[]\n {\n \"ls\",\n \"-la\",\n },\n [\"image\"] = \"busybox\",\n [\"resourceRequirements\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"VCPU\",\n [\"value\"] = \"0.25\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"MEMORY\",\n [\"value\"] = \"512\",\n },\n },\n [\"volumes\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"host\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"sourcePath\"] = \"/tmp\",\n },\n [\"name\"] = \"tmp\",\n },\n },\n [\"environment\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"VARNAME\",\n [\"value\"] = \"VARVAL\",\n },\n },\n [\"mountPoints\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sourceVolume\"] = \"tmp\",\n [\"containerPath\"] = \"/tmp\",\n [\"readOnly\"] = false,\n },\n },\n [\"ulimits\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"hardLimit\"] = 1024,\n [\"name\"] = \"nofile\",\n [\"softLimit\"] = 1024,\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"command\": []string{\n\t\t\t\t\"ls\",\n\t\t\t\t\"-la\",\n\t\t\t},\n\t\t\t\"image\": \"busybox\",\n\t\t\t\"resourceRequirements\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"type\": \"VCPU\",\n\t\t\t\t\t\"value\": \"0.25\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"type\": \"MEMORY\",\n\t\t\t\t\t\"value\": \"512\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"volumes\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"host\": map[string]interface{}{\n\t\t\t\t\t\t\"sourcePath\": \"/tmp\",\n\t\t\t\t\t},\n\t\t\t\t\t\"name\": \"tmp\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"environment\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"name\": \"VARNAME\",\n\t\t\t\t\t\"value\": \"VARVAL\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"mountPoints\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"sourceVolume\": \"tmp\",\n\t\t\t\t\t\"containerPath\": \"/tmp\",\n\t\t\t\t\t\"readOnly\": false,\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"ulimits\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"hardLimit\": 1024,\n\t\t\t\t\t\"name\": \"nofile\",\n\t\t\t\t\t\"softLimit\": 1024,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = batch.NewJobDefinition(ctx, \"test\", \u0026batch.JobDefinitionArgs{\n\t\t\tName: pulumi.String(\"my_test_batch_job_definition\"),\n\t\t\tType: pulumi.String(\"container\"),\n\t\t\tContainerProperties: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.JobDefinition;\nimport com.pulumi.aws.batch.JobDefinitionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new JobDefinition(\"test\", JobDefinitionArgs.builder()\n .name(\"my_test_batch_job_definition\")\n .type(\"container\")\n .containerProperties(serializeJson(\n jsonObject(\n jsonProperty(\"command\", jsonArray(\n \"ls\", \n \"-la\"\n )),\n jsonProperty(\"image\", \"busybox\"),\n jsonProperty(\"resourceRequirements\", jsonArray(\n jsonObject(\n jsonProperty(\"type\", \"VCPU\"),\n jsonProperty(\"value\", \"0.25\")\n ), \n jsonObject(\n jsonProperty(\"type\", \"MEMORY\"),\n jsonProperty(\"value\", \"512\")\n )\n )),\n jsonProperty(\"volumes\", jsonArray(jsonObject(\n jsonProperty(\"host\", jsonObject(\n jsonProperty(\"sourcePath\", \"/tmp\")\n )),\n jsonProperty(\"name\", \"tmp\")\n ))),\n jsonProperty(\"environment\", jsonArray(jsonObject(\n jsonProperty(\"name\", \"VARNAME\"),\n jsonProperty(\"value\", \"VARVAL\")\n ))),\n jsonProperty(\"mountPoints\", jsonArray(jsonObject(\n jsonProperty(\"sourceVolume\", \"tmp\"),\n jsonProperty(\"containerPath\", \"/tmp\"),\n jsonProperty(\"readOnly\", false)\n ))),\n jsonProperty(\"ulimits\", jsonArray(jsonObject(\n jsonProperty(\"hardLimit\", 1024),\n jsonProperty(\"name\", \"nofile\"),\n jsonProperty(\"softLimit\", 1024)\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:batch:JobDefinition\n properties:\n name: my_test_batch_job_definition\n type: container\n containerProperties:\n fn::toJSON:\n command:\n - ls\n - -la\n image: busybox\n resourceRequirements:\n - type: VCPU\n value: '0.25'\n - type: MEMORY\n value: '512'\n volumes:\n - host:\n sourcePath: /tmp\n name: tmp\n environment:\n - name: VARNAME\n value: VARVAL\n mountPoints:\n - sourceVolume: tmp\n containerPath: /tmp\n readOnly: false\n ulimits:\n - hardLimit: 1024\n name: nofile\n softLimit: 1024\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Job definition of type multinode\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.batch.JobDefinition(\"test\", {\n name: \"tf_test_batch_job_definition_multinode\",\n type: \"multinode\",\n nodeProperties: JSON.stringify({\n mainNode: 0,\n nodeRangeProperties: [\n {\n container: {\n command: [\n \"ls\",\n \"-la\",\n ],\n image: \"busybox\",\n memory: 128,\n vcpus: 1,\n },\n targetNodes: \"0:\",\n },\n {\n container: {\n command: [\n \"echo\",\n \"test\",\n ],\n image: \"busybox\",\n memory: 128,\n vcpus: 1,\n },\n targetNodes: \"1:\",\n },\n ],\n numNodes: 2,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.batch.JobDefinition(\"test\",\n name=\"tf_test_batch_job_definition_multinode\",\n type=\"multinode\",\n node_properties=json.dumps({\n \"mainNode\": 0,\n \"nodeRangeProperties\": [\n {\n \"container\": {\n \"command\": [\n \"ls\",\n \"-la\",\n ],\n \"image\": \"busybox\",\n \"memory\": 128,\n \"vcpus\": 1,\n },\n \"targetNodes\": \"0:\",\n },\n {\n \"container\": {\n \"command\": [\n \"echo\",\n \"test\",\n ],\n \"image\": \"busybox\",\n \"memory\": 128,\n \"vcpus\": 1,\n },\n \"targetNodes\": \"1:\",\n },\n ],\n \"numNodes\": 2,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Batch.JobDefinition(\"test\", new()\n {\n Name = \"tf_test_batch_job_definition_multinode\",\n Type = \"multinode\",\n NodeProperties = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"mainNode\"] = 0,\n [\"nodeRangeProperties\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"container\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"command\"] = new[]\n {\n \"ls\",\n \"-la\",\n },\n [\"image\"] = \"busybox\",\n [\"memory\"] = 128,\n [\"vcpus\"] = 1,\n },\n [\"targetNodes\"] = \"0:\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"container\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"command\"] = new[]\n {\n \"echo\",\n \"test\",\n },\n [\"image\"] = \"busybox\",\n [\"memory\"] = 128,\n [\"vcpus\"] = 1,\n },\n [\"targetNodes\"] = \"1:\",\n },\n },\n [\"numNodes\"] = 2,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"mainNode\": 0,\n\t\t\t\"nodeRangeProperties\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"container\": map[string]interface{}{\n\t\t\t\t\t\t\"command\": []string{\n\t\t\t\t\t\t\t\"ls\",\n\t\t\t\t\t\t\t\"-la\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"image\": \"busybox\",\n\t\t\t\t\t\t\"memory\": 128,\n\t\t\t\t\t\t\"vcpus\": 1,\n\t\t\t\t\t},\n\t\t\t\t\t\"targetNodes\": \"0:\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"container\": map[string]interface{}{\n\t\t\t\t\t\t\"command\": []string{\n\t\t\t\t\t\t\t\"echo\",\n\t\t\t\t\t\t\t\"test\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"image\": \"busybox\",\n\t\t\t\t\t\t\"memory\": 128,\n\t\t\t\t\t\t\"vcpus\": 1,\n\t\t\t\t\t},\n\t\t\t\t\t\"targetNodes\": \"1:\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"numNodes\": 2,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = batch.NewJobDefinition(ctx, \"test\", \u0026batch.JobDefinitionArgs{\n\t\t\tName: pulumi.String(\"tf_test_batch_job_definition_multinode\"),\n\t\t\tType: pulumi.String(\"multinode\"),\n\t\t\tNodeProperties: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.JobDefinition;\nimport com.pulumi.aws.batch.JobDefinitionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new JobDefinition(\"test\", JobDefinitionArgs.builder()\n .name(\"tf_test_batch_job_definition_multinode\")\n .type(\"multinode\")\n .nodeProperties(serializeJson(\n jsonObject(\n jsonProperty(\"mainNode\", 0),\n jsonProperty(\"nodeRangeProperties\", jsonArray(\n jsonObject(\n jsonProperty(\"container\", jsonObject(\n jsonProperty(\"command\", jsonArray(\n \"ls\", \n \"-la\"\n )),\n jsonProperty(\"image\", \"busybox\"),\n jsonProperty(\"memory\", 128),\n jsonProperty(\"vcpus\", 1)\n )),\n jsonProperty(\"targetNodes\", \"0:\")\n ), \n jsonObject(\n jsonProperty(\"container\", jsonObject(\n jsonProperty(\"command\", jsonArray(\n \"echo\", \n \"test\"\n )),\n jsonProperty(\"image\", \"busybox\"),\n jsonProperty(\"memory\", 128),\n jsonProperty(\"vcpus\", 1)\n )),\n jsonProperty(\"targetNodes\", \"1:\")\n )\n )),\n jsonProperty(\"numNodes\", 2)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:batch:JobDefinition\n properties:\n name: tf_test_batch_job_definition_multinode\n type: multinode\n nodeProperties:\n fn::toJSON:\n mainNode: 0\n nodeRangeProperties:\n - container:\n command:\n - ls\n - -la\n image: busybox\n memory: 128\n vcpus: 1\n targetNodes: '0:'\n - container:\n command:\n - echo\n - test\n image: busybox\n memory: 128\n vcpus: 1\n targetNodes: '1:'\n numNodes: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Job Definitionn of type EKS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.batch.JobDefinition(\"test\", {\n name: \" tf_test_batch_job_definition_eks\",\n type: \"container\",\n eksProperties: {\n podProperties: {\n hostNetwork: true,\n containers: {\n image: \"public.ecr.aws/amazonlinux/amazonlinux:1\",\n commands: [\n \"sleep\",\n \"60\",\n ],\n resources: {\n limits: {\n cpu: \"1\",\n memory: \"1024Mi\",\n },\n },\n },\n metadata: {\n labels: {\n environment: \"test\",\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.batch.JobDefinition(\"test\",\n name=\" tf_test_batch_job_definition_eks\",\n type=\"container\",\n eks_properties={\n \"pod_properties\": {\n \"host_network\": True,\n \"containers\": {\n \"image\": \"public.ecr.aws/amazonlinux/amazonlinux:1\",\n \"commands\": [\n \"sleep\",\n \"60\",\n ],\n \"resources\": {\n \"limits\": {\n \"cpu\": \"1\",\n \"memory\": \"1024Mi\",\n },\n },\n },\n \"metadata\": {\n \"labels\": {\n \"environment\": \"test\",\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Batch.JobDefinition(\"test\", new()\n {\n Name = \" tf_test_batch_job_definition_eks\",\n Type = \"container\",\n EksProperties = new Aws.Batch.Inputs.JobDefinitionEksPropertiesArgs\n {\n PodProperties = new Aws.Batch.Inputs.JobDefinitionEksPropertiesPodPropertiesArgs\n {\n HostNetwork = true,\n Containers = new Aws.Batch.Inputs.JobDefinitionEksPropertiesPodPropertiesContainersArgs\n {\n Image = \"public.ecr.aws/amazonlinux/amazonlinux:1\",\n Commands = new[]\n {\n \"sleep\",\n \"60\",\n },\n Resources = new Aws.Batch.Inputs.JobDefinitionEksPropertiesPodPropertiesContainersResourcesArgs\n {\n Limits = \n {\n { \"cpu\", \"1\" },\n { \"memory\", \"1024Mi\" },\n },\n },\n },\n Metadata = new Aws.Batch.Inputs.JobDefinitionEksPropertiesPodPropertiesMetadataArgs\n {\n Labels = \n {\n { \"environment\", \"test\" },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewJobDefinition(ctx, \"test\", \u0026batch.JobDefinitionArgs{\n\t\t\tName: pulumi.String(\" tf_test_batch_job_definition_eks\"),\n\t\t\tType: pulumi.String(\"container\"),\n\t\t\tEksProperties: \u0026batch.JobDefinitionEksPropertiesArgs{\n\t\t\t\tPodProperties: \u0026batch.JobDefinitionEksPropertiesPodPropertiesArgs{\n\t\t\t\t\tHostNetwork: pulumi.Bool(true),\n\t\t\t\t\tContainers: \u0026batch.JobDefinitionEksPropertiesPodPropertiesContainersArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"public.ecr.aws/amazonlinux/amazonlinux:1\"),\n\t\t\t\t\t\tCommands: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"sleep\"),\n\t\t\t\t\t\t\tpulumi.String(\"60\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tResources: \u0026batch.JobDefinitionEksPropertiesPodPropertiesContainersResourcesArgs{\n\t\t\t\t\t\t\tLimits: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"cpu\": pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\"memory\": pulumi.String(\"1024Mi\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMetadata: \u0026batch.JobDefinitionEksPropertiesPodPropertiesMetadataArgs{\n\t\t\t\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\t\t\t\"environment\": pulumi.String(\"test\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.JobDefinition;\nimport com.pulumi.aws.batch.JobDefinitionArgs;\nimport com.pulumi.aws.batch.inputs.JobDefinitionEksPropertiesArgs;\nimport com.pulumi.aws.batch.inputs.JobDefinitionEksPropertiesPodPropertiesArgs;\nimport com.pulumi.aws.batch.inputs.JobDefinitionEksPropertiesPodPropertiesContainersArgs;\nimport com.pulumi.aws.batch.inputs.JobDefinitionEksPropertiesPodPropertiesContainersResourcesArgs;\nimport com.pulumi.aws.batch.inputs.JobDefinitionEksPropertiesPodPropertiesMetadataArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new JobDefinition(\"test\", JobDefinitionArgs.builder()\n .name(\" tf_test_batch_job_definition_eks\")\n .type(\"container\")\n .eksProperties(JobDefinitionEksPropertiesArgs.builder()\n .podProperties(JobDefinitionEksPropertiesPodPropertiesArgs.builder()\n .hostNetwork(true)\n .containers(JobDefinitionEksPropertiesPodPropertiesContainersArgs.builder()\n .image(\"public.ecr.aws/amazonlinux/amazonlinux:1\")\n .commands( \n \"sleep\",\n \"60\")\n .resources(JobDefinitionEksPropertiesPodPropertiesContainersResourcesArgs.builder()\n .limits(Map.ofEntries(\n Map.entry(\"cpu\", \"1\"),\n Map.entry(\"memory\", \"1024Mi\")\n ))\n .build())\n .build())\n .metadata(JobDefinitionEksPropertiesPodPropertiesMetadataArgs.builder()\n .labels(Map.of(\"environment\", \"test\"))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:batch:JobDefinition\n properties:\n name: ' tf_test_batch_job_definition_eks'\n type: container\n eksProperties:\n podProperties:\n hostNetwork: true\n containers:\n image: public.ecr.aws/amazonlinux/amazonlinux:1\n commands:\n - sleep\n - '60'\n resources:\n limits:\n cpu: '1'\n memory: 1024Mi\n metadata:\n labels:\n environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fargate Platform Capability\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"ecs-tasks.amazonaws.com\"],\n }],\n }],\n});\nconst ecsTaskExecutionRole = new aws.iam.Role(\"ecs_task_execution_role\", {\n name: \"my_test_batch_exec_role\",\n assumeRolePolicy: assumeRolePolicy.then(assumeRolePolicy =\u003e assumeRolePolicy.json),\n});\nconst ecsTaskExecutionRolePolicy = new aws.iam.RolePolicyAttachment(\"ecs_task_execution_role_policy\", {\n role: ecsTaskExecutionRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\",\n});\nconst test = new aws.batch.JobDefinition(\"test\", {\n name: \"my_test_batch_job_definition\",\n type: \"container\",\n platformCapabilities: [\"FARGATE\"],\n containerProperties: pulumi.jsonStringify({\n command: [\n \"echo\",\n \"test\",\n ],\n image: \"busybox\",\n jobRoleArn: \"arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\",\n fargatePlatformConfiguration: {\n platformVersion: \"LATEST\",\n },\n resourceRequirements: [\n {\n type: \"VCPU\",\n value: \"0.25\",\n },\n {\n type: \"MEMORY\",\n value: \"512\",\n },\n ],\n executionRoleArn: ecsTaskExecutionRole.arn,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ecs-tasks.amazonaws.com\"],\n }],\n}])\necs_task_execution_role = aws.iam.Role(\"ecs_task_execution_role\",\n name=\"my_test_batch_exec_role\",\n assume_role_policy=assume_role_policy.json)\necs_task_execution_role_policy = aws.iam.RolePolicyAttachment(\"ecs_task_execution_role_policy\",\n role=ecs_task_execution_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\")\ntest = aws.batch.JobDefinition(\"test\",\n name=\"my_test_batch_job_definition\",\n type=\"container\",\n platform_capabilities=[\"FARGATE\"],\n container_properties=pulumi.Output.json_dumps({\n \"command\": [\n \"echo\",\n \"test\",\n ],\n \"image\": \"busybox\",\n \"jobRoleArn\": \"arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\",\n \"fargatePlatformConfiguration\": {\n \"platformVersion\": \"LATEST\",\n },\n \"resourceRequirements\": [\n {\n \"type\": \"VCPU\",\n \"value\": \"0.25\",\n },\n {\n \"type\": \"MEMORY\",\n \"value\": \"512\",\n },\n ],\n \"executionRoleArn\": ecs_task_execution_role.arn,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ecs-tasks.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var ecsTaskExecutionRole = new Aws.Iam.Role(\"ecs_task_execution_role\", new()\n {\n Name = \"my_test_batch_exec_role\",\n AssumeRolePolicy = assumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsTaskExecutionRolePolicy = new Aws.Iam.RolePolicyAttachment(\"ecs_task_execution_role_policy\", new()\n {\n Role = ecsTaskExecutionRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\",\n });\n\n var test = new Aws.Batch.JobDefinition(\"test\", new()\n {\n Name = \"my_test_batch_job_definition\",\n Type = \"container\",\n PlatformCapabilities = new[]\n {\n \"FARGATE\",\n },\n ContainerProperties = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"command\"] = new[]\n {\n \"echo\",\n \"test\",\n },\n [\"image\"] = \"busybox\",\n [\"jobRoleArn\"] = \"arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\",\n [\"fargatePlatformConfiguration\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"platformVersion\"] = \"LATEST\",\n },\n [\"resourceRequirements\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"VCPU\",\n [\"value\"] = \"0.25\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"MEMORY\",\n [\"value\"] = \"512\",\n },\n },\n [\"executionRoleArn\"] = ecsTaskExecutionRole.Arn,\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ecs-tasks.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsTaskExecutionRole, err := iam.NewRole(ctx, \"ecs_task_execution_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"my_test_batch_exec_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ecs_task_execution_role_policy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: ecsTaskExecutionRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewJobDefinition(ctx, \"test\", \u0026batch.JobDefinitionArgs{\n\t\t\tName: pulumi.String(\"my_test_batch_job_definition\"),\n\t\t\tType: pulumi.String(\"container\"),\n\t\t\tPlatformCapabilities: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tContainerProperties: ecsTaskExecutionRole.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"command\": []string{\n\t\t\t\t\t\t\"echo\",\n\t\t\t\t\t\t\"test\",\n\t\t\t\t\t},\n\t\t\t\t\t\"image\": \"busybox\",\n\t\t\t\t\t\"jobRoleArn\": \"arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\",\n\t\t\t\t\t\"fargatePlatformConfiguration\": map[string]interface{}{\n\t\t\t\t\t\t\"platformVersion\": \"LATEST\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resourceRequirements\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"type\": \"VCPU\",\n\t\t\t\t\t\t\t\"value\": \"0.25\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"type\": \"MEMORY\",\n\t\t\t\t\t\t\t\"value\": \"512\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"executionRoleArn\": arn,\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.batch.JobDefinition;\nimport com.pulumi.aws.batch.JobDefinitionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ecs-tasks.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var ecsTaskExecutionRole = new Role(\"ecsTaskExecutionRole\", RoleArgs.builder()\n .name(\"my_test_batch_exec_role\")\n .assumeRolePolicy(assumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ecsTaskExecutionRolePolicy = new RolePolicyAttachment(\"ecsTaskExecutionRolePolicy\", RolePolicyAttachmentArgs.builder()\n .role(ecsTaskExecutionRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\")\n .build());\n\n var test = new JobDefinition(\"test\", JobDefinitionArgs.builder()\n .name(\"my_test_batch_job_definition\")\n .type(\"container\")\n .platformCapabilities(\"FARGATE\")\n .containerProperties(ecsTaskExecutionRole.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"command\", jsonArray(\n \"echo\", \n \"test\"\n )),\n jsonProperty(\"image\", \"busybox\"),\n jsonProperty(\"jobRoleArn\", \"arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\"),\n jsonProperty(\"fargatePlatformConfiguration\", jsonObject(\n jsonProperty(\"platformVersion\", \"LATEST\")\n )),\n jsonProperty(\"resourceRequirements\", jsonArray(\n jsonObject(\n jsonProperty(\"type\", \"VCPU\"),\n jsonProperty(\"value\", \"0.25\")\n ), \n jsonObject(\n jsonProperty(\"type\", \"MEMORY\"),\n jsonProperty(\"value\", \"512\")\n )\n )),\n jsonProperty(\"executionRoleArn\", arn)\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsTaskExecutionRole:\n type: aws:iam:Role\n name: ecs_task_execution_role\n properties:\n name: my_test_batch_exec_role\n assumeRolePolicy: ${assumeRolePolicy.json}\n ecsTaskExecutionRolePolicy:\n type: aws:iam:RolePolicyAttachment\n name: ecs_task_execution_role_policy\n properties:\n role: ${ecsTaskExecutionRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy\n test:\n type: aws:batch:JobDefinition\n properties:\n name: my_test_batch_job_definition\n type: container\n platformCapabilities:\n - FARGATE\n containerProperties:\n fn::toJSON:\n command:\n - echo\n - test\n image: busybox\n jobRoleArn: arn:aws:iam::123456789012:role/AWSBatchS3ReadOnly\n fargatePlatformConfiguration:\n platformVersion: LATEST\n resourceRequirements:\n - type: VCPU\n value: '0.25'\n - type: MEMORY\n value: '512'\n executionRoleArn: ${ecsTaskExecutionRole.arn}\nvariables:\n assumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - ecs-tasks.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Batch Job Definition using the `arn`. For example:\n\n```sh\n$ pulumi import aws:batch/jobDefinition:JobDefinition test arn:aws:batch:us-east-1:123456789012:job-definition/sample\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the job definition, includes revision (`:#`).\n" }, "arnPrefix": { "type": "string", "description": "ARN without the revision number.\n" }, "containerProperties": { "type": "string", "description": "Valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is only valid if the `type` parameter is `container`.\n" }, "deregisterOnNewRevision": { "type": "boolean", "description": "When updating a job definition a new revision is created. This parameter determines if the previous version is `deregistered` (`INACTIVE`) or left `ACTIVE`. Defaults to `true`.\n" }, "eksProperties": { "$ref": "#/types/aws:batch/JobDefinitionEksProperties:JobDefinitionEksProperties", "description": "Valid eks properties. This parameter is only valid if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Name of the job definition.\n" }, "nodeProperties": { "type": "string", "description": "Valid [node properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is required if the `type` parameter is `multinode`.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameter substitution placeholders to set in the job definition.\n" }, "platformCapabilities": { "type": "array", "items": { "type": "string" }, "description": "Platform capabilities required by the job definition. If no value is specified, it defaults to `EC2`. To run the job on Fargate resources, specify `FARGATE`.\n" }, "propagateTags": { "type": "boolean", "description": "Whether to propagate the tags from the job definition to the corresponding Amazon ECS task. Default is `false`.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Retry strategy to use for failed jobs that are submitted with this job definition. Maximum number of `retry_strategy` is `1`. Defined below.\n" }, "revision": { "type": "integer", "description": "Revision of the job definition.\n" }, "schedulingPriority": { "type": "integer", "description": "Scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority. Allowed values `0` through `9999`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "Type of job definition. Must be `container` or `multinode`.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "arnPrefix", "name", "revision", "tagsAll", "type" ], "inputProperties": { "containerProperties": { "type": "string", "description": "Valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is only valid if the `type` parameter is `container`.\n" }, "deregisterOnNewRevision": { "type": "boolean", "description": "When updating a job definition a new revision is created. This parameter determines if the previous version is `deregistered` (`INACTIVE`) or left `ACTIVE`. Defaults to `true`.\n" }, "eksProperties": { "$ref": "#/types/aws:batch/JobDefinitionEksProperties:JobDefinitionEksProperties", "description": "Valid eks properties. This parameter is only valid if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Name of the job definition.\n", "willReplaceOnChanges": true }, "nodeProperties": { "type": "string", "description": "Valid [node properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is required if the `type` parameter is `multinode`.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameter substitution placeholders to set in the job definition.\n" }, "platformCapabilities": { "type": "array", "items": { "type": "string" }, "description": "Platform capabilities required by the job definition. If no value is specified, it defaults to `EC2`. To run the job on Fargate resources, specify `FARGATE`.\n" }, "propagateTags": { "type": "boolean", "description": "Whether to propagate the tags from the job definition to the corresponding Amazon ECS task. Default is `false`.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Retry strategy to use for failed jobs that are submitted with this job definition. Maximum number of `retry_strategy` is `1`. Defined below.\n" }, "schedulingPriority": { "type": "integer", "description": "Scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority. Allowed values `0` through `9999`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "Type of job definition. Must be `container` or `multinode`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering JobDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the job definition, includes revision (`:#`).\n" }, "arnPrefix": { "type": "string", "description": "ARN without the revision number.\n" }, "containerProperties": { "type": "string", "description": "Valid [container properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is only valid if the `type` parameter is `container`.\n" }, "deregisterOnNewRevision": { "type": "boolean", "description": "When updating a job definition a new revision is created. This parameter determines if the previous version is `deregistered` (`INACTIVE`) or left `ACTIVE`. Defaults to `true`.\n" }, "eksProperties": { "$ref": "#/types/aws:batch/JobDefinitionEksProperties:JobDefinitionEksProperties", "description": "Valid eks properties. This parameter is only valid if the `type` parameter is `container`.\n" }, "name": { "type": "string", "description": "Name of the job definition.\n", "willReplaceOnChanges": true }, "nodeProperties": { "type": "string", "description": "Valid [node properties](http://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html) provided as a single valid JSON document. This parameter is required if the `type` parameter is `multinode`.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameter substitution placeholders to set in the job definition.\n" }, "platformCapabilities": { "type": "array", "items": { "type": "string" }, "description": "Platform capabilities required by the job definition. If no value is specified, it defaults to `EC2`. To run the job on Fargate resources, specify `FARGATE`.\n" }, "propagateTags": { "type": "boolean", "description": "Whether to propagate the tags from the job definition to the corresponding Amazon ECS task. Default is `false`.\n" }, "retryStrategy": { "$ref": "#/types/aws:batch/JobDefinitionRetryStrategy:JobDefinitionRetryStrategy", "description": "Retry strategy to use for failed jobs that are submitted with this job definition. Maximum number of `retry_strategy` is `1`. Defined below.\n" }, "revision": { "type": "integer", "description": "Revision of the job definition.\n" }, "schedulingPriority": { "type": "integer", "description": "Scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority. Allowed values `0` through `9999`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "$ref": "#/types/aws:batch/JobDefinitionTimeout:JobDefinitionTimeout", "description": "Timeout for jobs so that if a job runs longer, AWS Batch terminates the job. Maximum number of `timeout` is `1`. Defined below.\n" }, "type": { "type": "string", "description": "Type of job definition. Must be `container` or `multinode`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:batch/jobQueue:JobQueue": { "description": "Provides a Batch Job Queue resource.\n\n## Example Usage\n\n### Basic Job Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testQueue = new aws.batch.JobQueue(\"test_queue\", {\n name: \"tf-test-batch-job-queue\",\n state: \"ENABLED\",\n priority: 1,\n computeEnvironmentOrders: [\n {\n order: 1,\n computeEnvironment: testEnvironment1.arn,\n },\n {\n order: 2,\n computeEnvironment: testEnvironment2.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_queue = aws.batch.JobQueue(\"test_queue\",\n name=\"tf-test-batch-job-queue\",\n state=\"ENABLED\",\n priority=1,\n compute_environment_orders=[\n {\n \"order\": 1,\n \"compute_environment\": test_environment1[\"arn\"],\n },\n {\n \"order\": 2,\n \"compute_environment\": test_environment2[\"arn\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testQueue = new Aws.Batch.JobQueue(\"test_queue\", new()\n {\n Name = \"tf-test-batch-job-queue\",\n State = \"ENABLED\",\n Priority = 1,\n ComputeEnvironmentOrders = new[]\n {\n new Aws.Batch.Inputs.JobQueueComputeEnvironmentOrderArgs\n {\n Order = 1,\n ComputeEnvironment = testEnvironment1.Arn,\n },\n new Aws.Batch.Inputs.JobQueueComputeEnvironmentOrderArgs\n {\n Order = 2,\n ComputeEnvironment = testEnvironment2.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewJobQueue(ctx, \"test_queue\", \u0026batch.JobQueueArgs{\n\t\t\tName: pulumi.String(\"tf-test-batch-job-queue\"),\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tComputeEnvironmentOrders: batch.JobQueueComputeEnvironmentOrderArray{\n\t\t\t\t\u0026batch.JobQueueComputeEnvironmentOrderArgs{\n\t\t\t\t\tOrder: pulumi.Int(1),\n\t\t\t\t\tComputeEnvironment: pulumi.Any(testEnvironment1.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026batch.JobQueueComputeEnvironmentOrderArgs{\n\t\t\t\t\tOrder: pulumi.Int(2),\n\t\t\t\t\tComputeEnvironment: pulumi.Any(testEnvironment2.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.JobQueue;\nimport com.pulumi.aws.batch.JobQueueArgs;\nimport com.pulumi.aws.batch.inputs.JobQueueComputeEnvironmentOrderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testQueue = new JobQueue(\"testQueue\", JobQueueArgs.builder()\n .name(\"tf-test-batch-job-queue\")\n .state(\"ENABLED\")\n .priority(1)\n .computeEnvironmentOrders( \n JobQueueComputeEnvironmentOrderArgs.builder()\n .order(1)\n .computeEnvironment(testEnvironment1.arn())\n .build(),\n JobQueueComputeEnvironmentOrderArgs.builder()\n .order(2)\n .computeEnvironment(testEnvironment2.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testQueue:\n type: aws:batch:JobQueue\n name: test_queue\n properties:\n name: tf-test-batch-job-queue\n state: ENABLED\n priority: 1\n computeEnvironmentOrders:\n - order: 1\n computeEnvironment: ${testEnvironment1.arn}\n - order: 2\n computeEnvironment: ${testEnvironment2.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Job Queue with a fair share scheduling policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.batch.SchedulingPolicy(\"example\", {\n name: \"example\",\n fairSharePolicy: {\n computeReservation: 1,\n shareDecaySeconds: 3600,\n shareDistributions: [{\n shareIdentifier: \"A1*\",\n weightFactor: 0.1,\n }],\n },\n});\nconst exampleJobQueue = new aws.batch.JobQueue(\"example\", {\n name: \"tf-test-batch-job-queue\",\n schedulingPolicyArn: example.arn,\n state: \"ENABLED\",\n priority: 1,\n computeEnvironmentOrders: [\n {\n order: 1,\n computeEnvironment: testEnvironment1.arn,\n },\n {\n order: 2,\n computeEnvironment: testEnvironment2.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.batch.SchedulingPolicy(\"example\",\n name=\"example\",\n fair_share_policy={\n \"compute_reservation\": 1,\n \"share_decay_seconds\": 3600,\n \"share_distributions\": [{\n \"share_identifier\": \"A1*\",\n \"weight_factor\": 0.1,\n }],\n })\nexample_job_queue = aws.batch.JobQueue(\"example\",\n name=\"tf-test-batch-job-queue\",\n scheduling_policy_arn=example.arn,\n state=\"ENABLED\",\n priority=1,\n compute_environment_orders=[\n {\n \"order\": 1,\n \"compute_environment\": test_environment1[\"arn\"],\n },\n {\n \"order\": 2,\n \"compute_environment\": test_environment2[\"arn\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Batch.SchedulingPolicy(\"example\", new()\n {\n Name = \"example\",\n FairSharePolicy = new Aws.Batch.Inputs.SchedulingPolicyFairSharePolicyArgs\n {\n ComputeReservation = 1,\n ShareDecaySeconds = 3600,\n ShareDistributions = new[]\n {\n new Aws.Batch.Inputs.SchedulingPolicyFairSharePolicyShareDistributionArgs\n {\n ShareIdentifier = \"A1*\",\n WeightFactor = 0.1,\n },\n },\n },\n });\n\n var exampleJobQueue = new Aws.Batch.JobQueue(\"example\", new()\n {\n Name = \"tf-test-batch-job-queue\",\n SchedulingPolicyArn = example.Arn,\n State = \"ENABLED\",\n Priority = 1,\n ComputeEnvironmentOrders = new[]\n {\n new Aws.Batch.Inputs.JobQueueComputeEnvironmentOrderArgs\n {\n Order = 1,\n ComputeEnvironment = testEnvironment1.Arn,\n },\n new Aws.Batch.Inputs.JobQueueComputeEnvironmentOrderArgs\n {\n Order = 2,\n ComputeEnvironment = testEnvironment2.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := batch.NewSchedulingPolicy(ctx, \"example\", \u0026batch.SchedulingPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFairSharePolicy: \u0026batch.SchedulingPolicyFairSharePolicyArgs{\n\t\t\t\tComputeReservation: pulumi.Int(1),\n\t\t\t\tShareDecaySeconds: pulumi.Int(3600),\n\t\t\t\tShareDistributions: batch.SchedulingPolicyFairSharePolicyShareDistributionArray{\n\t\t\t\t\t\u0026batch.SchedulingPolicyFairSharePolicyShareDistributionArgs{\n\t\t\t\t\t\tShareIdentifier: pulumi.String(\"A1*\"),\n\t\t\t\t\t\tWeightFactor: pulumi.Float64(0.1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewJobQueue(ctx, \"example\", \u0026batch.JobQueueArgs{\n\t\t\tName: pulumi.String(\"tf-test-batch-job-queue\"),\n\t\t\tSchedulingPolicyArn: example.Arn,\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tComputeEnvironmentOrders: batch.JobQueueComputeEnvironmentOrderArray{\n\t\t\t\t\u0026batch.JobQueueComputeEnvironmentOrderArgs{\n\t\t\t\t\tOrder: pulumi.Int(1),\n\t\t\t\t\tComputeEnvironment: pulumi.Any(testEnvironment1.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026batch.JobQueueComputeEnvironmentOrderArgs{\n\t\t\t\t\tOrder: pulumi.Int(2),\n\t\t\t\t\tComputeEnvironment: pulumi.Any(testEnvironment2.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.SchedulingPolicy;\nimport com.pulumi.aws.batch.SchedulingPolicyArgs;\nimport com.pulumi.aws.batch.inputs.SchedulingPolicyFairSharePolicyArgs;\nimport com.pulumi.aws.batch.JobQueue;\nimport com.pulumi.aws.batch.JobQueueArgs;\nimport com.pulumi.aws.batch.inputs.JobQueueComputeEnvironmentOrderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SchedulingPolicy(\"example\", SchedulingPolicyArgs.builder()\n .name(\"example\")\n .fairSharePolicy(SchedulingPolicyFairSharePolicyArgs.builder()\n .computeReservation(1)\n .shareDecaySeconds(3600)\n .shareDistributions(SchedulingPolicyFairSharePolicyShareDistributionArgs.builder()\n .shareIdentifier(\"A1*\")\n .weightFactor(0.1)\n .build())\n .build())\n .build());\n\n var exampleJobQueue = new JobQueue(\"exampleJobQueue\", JobQueueArgs.builder()\n .name(\"tf-test-batch-job-queue\")\n .schedulingPolicyArn(example.arn())\n .state(\"ENABLED\")\n .priority(1)\n .computeEnvironmentOrders( \n JobQueueComputeEnvironmentOrderArgs.builder()\n .order(1)\n .computeEnvironment(testEnvironment1.arn())\n .build(),\n JobQueueComputeEnvironmentOrderArgs.builder()\n .order(2)\n .computeEnvironment(testEnvironment2.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:batch:SchedulingPolicy\n properties:\n name: example\n fairSharePolicy:\n computeReservation: 1\n shareDecaySeconds: 3600\n shareDistributions:\n - shareIdentifier: A1*\n weightFactor: 0.1\n exampleJobQueue:\n type: aws:batch:JobQueue\n name: example\n properties:\n name: tf-test-batch-job-queue\n schedulingPolicyArn: ${example.arn}\n state: ENABLED\n priority: 1\n computeEnvironmentOrders:\n - order: 1\n computeEnvironment: ${testEnvironment1.arn}\n - order: 2\n computeEnvironment: ${testEnvironment2.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Batch Job Queue using the `arn`. For example:\n\n```sh\n$ pulumi import aws:batch/jobQueue:JobQueue test_queue arn:aws:batch:us-east-1:123456789012:job-queue/sample\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job queue.\n" }, "computeEnvironmentOrders": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobQueueComputeEnvironmentOrder:JobQueueComputeEnvironmentOrder" }, "description": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to three compute environments with a job queue.\n" }, "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "(Optional) This parameter is deprecated, please use `compute_environment_order` instead. List of compute environment ARNs mapped to a job queue. The position of the compute environments in the list will dictate the order. When importing a AWS Batch Job Queue, the parameter `compute_environments` will always be used over `compute_environment_order`. Please adjust your HCL accordingly.\n", "deprecationMessage": "This parameter will be replaced by `compute_environment_order`." }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "schedulingPolicyArn": { "type": "string", "description": "The ARN of the fair share scheduling policy. If this parameter is specified, the job queue uses a fair share scheduling policy. If this parameter isn't specified, the job queue uses a first in, first out (FIFO) scheduling policy. After a job queue is created, you can replace but can't remove the fair share scheduling policy.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:batch/JobQueueTimeouts:JobQueueTimeouts" } }, "required": [ "arn", "name", "priority", "state", "tagsAll" ], "inputProperties": { "computeEnvironmentOrders": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobQueueComputeEnvironmentOrder:JobQueueComputeEnvironmentOrder" }, "description": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to three compute environments with a job queue.\n" }, "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "(Optional) This parameter is deprecated, please use `compute_environment_order` instead. List of compute environment ARNs mapped to a job queue. The position of the compute environments in the list will dictate the order. When importing a AWS Batch Job Queue, the parameter `compute_environments` will always be used over `compute_environment_order`. Please adjust your HCL accordingly.\n", "deprecationMessage": "This parameter will be replaced by `compute_environment_order`." }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "schedulingPolicyArn": { "type": "string", "description": "The ARN of the fair share scheduling policy. If this parameter is specified, the job queue uses a fair share scheduling policy. If this parameter isn't specified, the job queue uses a first in, first out (FIFO) scheduling policy. After a job queue is created, you can replace but can't remove the fair share scheduling policy.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:batch/JobQueueTimeouts:JobQueueTimeouts" } }, "requiredInputs": [ "priority", "state" ], "stateInputs": { "description": "Input properties used for looking up and filtering JobQueue resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the job queue.\n" }, "computeEnvironmentOrders": { "type": "array", "items": { "$ref": "#/types/aws:batch/JobQueueComputeEnvironmentOrder:JobQueueComputeEnvironmentOrder" }, "description": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to three compute environments with a job queue.\n" }, "computeEnvironments": { "type": "array", "items": { "type": "string" }, "description": "(Optional) This parameter is deprecated, please use `compute_environment_order` instead. List of compute environment ARNs mapped to a job queue. The position of the compute environments in the list will dictate the order. When importing a AWS Batch Job Queue, the parameter `compute_environments` will always be used over `compute_environment_order`. Please adjust your HCL accordingly.\n", "deprecationMessage": "This parameter will be replaced by `compute_environment_order`." }, "name": { "type": "string", "description": "Specifies the name of the job queue.\n" }, "priority": { "type": "integer", "description": "The priority of the job queue. Job queues with a higher priority\nare evaluated first when associated with the same compute environment.\n" }, "schedulingPolicyArn": { "type": "string", "description": "The ARN of the fair share scheduling policy. If this parameter is specified, the job queue uses a fair share scheduling policy. If this parameter isn't specified, the job queue uses a first in, first out (FIFO) scheduling policy. After a job queue is created, you can replace but can't remove the fair share scheduling policy.\n" }, "state": { "type": "string", "description": "The state of the job queue. Must be one of: `ENABLED` or `DISABLED`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:batch/JobQueueTimeouts:JobQueueTimeouts" } }, "type": "object" } }, "aws:batch/schedulingPolicy:SchedulingPolicy": { "description": "Provides a Batch Scheduling Policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.batch.SchedulingPolicy(\"example\", {\n name: \"example\",\n fairSharePolicy: {\n computeReservation: 1,\n shareDecaySeconds: 3600,\n shareDistributions: [\n {\n shareIdentifier: \"A1*\",\n weightFactor: 0.1,\n },\n {\n shareIdentifier: \"A2\",\n weightFactor: 0.2,\n },\n ],\n },\n tags: {\n Name: \"Example Batch Scheduling Policy\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.batch.SchedulingPolicy(\"example\",\n name=\"example\",\n fair_share_policy={\n \"compute_reservation\": 1,\n \"share_decay_seconds\": 3600,\n \"share_distributions\": [\n {\n \"share_identifier\": \"A1*\",\n \"weight_factor\": 0.1,\n },\n {\n \"share_identifier\": \"A2\",\n \"weight_factor\": 0.2,\n },\n ],\n },\n tags={\n \"Name\": \"Example Batch Scheduling Policy\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Batch.SchedulingPolicy(\"example\", new()\n {\n Name = \"example\",\n FairSharePolicy = new Aws.Batch.Inputs.SchedulingPolicyFairSharePolicyArgs\n {\n ComputeReservation = 1,\n ShareDecaySeconds = 3600,\n ShareDistributions = new[]\n {\n new Aws.Batch.Inputs.SchedulingPolicyFairSharePolicyShareDistributionArgs\n {\n ShareIdentifier = \"A1*\",\n WeightFactor = 0.1,\n },\n new Aws.Batch.Inputs.SchedulingPolicyFairSharePolicyShareDistributionArgs\n {\n ShareIdentifier = \"A2\",\n WeightFactor = 0.2,\n },\n },\n },\n Tags = \n {\n { \"Name\", \"Example Batch Scheduling Policy\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewSchedulingPolicy(ctx, \"example\", \u0026batch.SchedulingPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFairSharePolicy: \u0026batch.SchedulingPolicyFairSharePolicyArgs{\n\t\t\t\tComputeReservation: pulumi.Int(1),\n\t\t\t\tShareDecaySeconds: pulumi.Int(3600),\n\t\t\t\tShareDistributions: batch.SchedulingPolicyFairSharePolicyShareDistributionArray{\n\t\t\t\t\t\u0026batch.SchedulingPolicyFairSharePolicyShareDistributionArgs{\n\t\t\t\t\t\tShareIdentifier: pulumi.String(\"A1*\"),\n\t\t\t\t\t\tWeightFactor: pulumi.Float64(0.1),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026batch.SchedulingPolicyFairSharePolicyShareDistributionArgs{\n\t\t\t\t\t\tShareIdentifier: pulumi.String(\"A2\"),\n\t\t\t\t\t\tWeightFactor: pulumi.Float64(0.2),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Batch Scheduling Policy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.SchedulingPolicy;\nimport com.pulumi.aws.batch.SchedulingPolicyArgs;\nimport com.pulumi.aws.batch.inputs.SchedulingPolicyFairSharePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SchedulingPolicy(\"example\", SchedulingPolicyArgs.builder()\n .name(\"example\")\n .fairSharePolicy(SchedulingPolicyFairSharePolicyArgs.builder()\n .computeReservation(1)\n .shareDecaySeconds(3600)\n .shareDistributions( \n SchedulingPolicyFairSharePolicyShareDistributionArgs.builder()\n .shareIdentifier(\"A1*\")\n .weightFactor(0.1)\n .build(),\n SchedulingPolicyFairSharePolicyShareDistributionArgs.builder()\n .shareIdentifier(\"A2\")\n .weightFactor(0.2)\n .build())\n .build())\n .tags(Map.of(\"Name\", \"Example Batch Scheduling Policy\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:batch:SchedulingPolicy\n properties:\n name: example\n fairSharePolicy:\n computeReservation: 1\n shareDecaySeconds: 3600\n shareDistributions:\n - shareIdentifier: A1*\n weightFactor: 0.1\n - shareIdentifier: A2\n weightFactor: 0.2\n tags:\n Name: Example Batch Scheduling Policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Batch Scheduling Policy using the `arn`. For example:\n\n```sh\n$ pulumi import aws:batch/schedulingPolicy:SchedulingPolicy test_policy arn:aws:batch:us-east-1:123456789012:scheduling-policy/sample\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the scheduling policy.\n" }, "fairSharePolicy": { "$ref": "#/types/aws:batch/SchedulingPolicyFairSharePolicy:SchedulingPolicyFairSharePolicy" }, "name": { "type": "string", "description": "Specifies the name of the scheduling policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "fairSharePolicy": { "$ref": "#/types/aws:batch/SchedulingPolicyFairSharePolicy:SchedulingPolicyFairSharePolicy" }, "name": { "type": "string", "description": "Specifies the name of the scheduling policy.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SchedulingPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the scheduling policy.\n" }, "fairSharePolicy": { "$ref": "#/types/aws:batch/SchedulingPolicyFairSharePolicy:SchedulingPolicyFairSharePolicy" }, "name": { "type": "string", "description": "Specifies the name of the scheduling policy.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:bcmdata/export:Export": { "description": "Resource for managing an AWS BCM Data Exports Export.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.bcmdata.Export(\"test\", {\"export\": {\n name: \"testexample\",\n dataQueries: [{\n queryStatement: \"SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\",\n tableConfigurations: {\n COST_AND_USAGE_REPORT: {\n TIME_GRANULARITY: \"HOURLY\",\n INCLUDE_RESOURCES: \"FALSE\",\n INCLUDE_MANUAL_DISCOUNT_COMPATIBILITY: \"FALSE\",\n INCLUDE_SPLIT_COST_ALLOCATION_DATA: \"FALSE\",\n },\n },\n }],\n destinationConfigurations: [{\n s3Destinations: [{\n s3Bucket: testAwsS3Bucket.bucket,\n s3Prefix: testAwsS3Bucket.bucketPrefix,\n s3Region: testAwsS3Bucket.region,\n s3OutputConfigurations: [{\n overwrite: \"OVERWRITE_REPORT\",\n format: \"TEXT_OR_CSV\",\n compression: \"GZIP\",\n outputType: \"CUSTOM\",\n }],\n }],\n }],\n refreshCadences: [{\n frequency: \"SYNCHRONOUS\",\n }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bcmdata.Export(\"test\", export={\n \"name\": \"testexample\",\n \"data_queries\": [{\n \"query_statement\": \"SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\",\n \"table_configurations\": {\n \"cos_t__an_d__usag_e__report\": {\n \"tim_e__granularity\": \"HOURLY\",\n \"includ_e__resources\": \"FALSE\",\n \"includ_e__manua_l__discoun_t__compatibility\": \"FALSE\",\n \"includ_e__spli_t__cos_t__allocatio_n__data\": \"FALSE\",\n },\n },\n }],\n \"destination_configurations\": [{\n \"s3_destinations\": [{\n \"s3_bucket\": test_aws_s3_bucket[\"bucket\"],\n \"s3_prefix\": test_aws_s3_bucket[\"bucketPrefix\"],\n \"s3_region\": test_aws_s3_bucket[\"region\"],\n \"s3_output_configurations\": [{\n \"overwrite\": \"OVERWRITE_REPORT\",\n \"format\": \"TEXT_OR_CSV\",\n \"compression\": \"GZIP\",\n \"output_type\": \"CUSTOM\",\n }],\n }],\n }],\n \"refresh_cadences\": [{\n \"frequency\": \"SYNCHRONOUS\",\n }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.BcmData.Export(\"test\", new()\n {\n ExportDetails = new Aws.BcmData.Inputs.ExportExportArgs\n {\n Name = \"testexample\",\n DataQueries = new[]\n {\n new Aws.BcmData.Inputs.ExportExportDataQueryArgs\n {\n QueryStatement = \"SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\",\n TableConfigurations = \n {\n { \"COST_AND_USAGE_REPORT\", \n {\n { \"TIME_GRANULARITY\", \"HOURLY\" },\n { \"INCLUDE_RESOURCES\", \"FALSE\" },\n { \"INCLUDE_MANUAL_DISCOUNT_COMPATIBILITY\", \"FALSE\" },\n { \"INCLUDE_SPLIT_COST_ALLOCATION_DATA\", \"FALSE\" },\n } },\n },\n },\n },\n DestinationConfigurations = new[]\n {\n new Aws.BcmData.Inputs.ExportExportDestinationConfigurationArgs\n {\n S3Destinations = new[]\n {\n new Aws.BcmData.Inputs.ExportExportDestinationConfigurationS3DestinationArgs\n {\n S3Bucket = testAwsS3Bucket.Bucket,\n S3Prefix = testAwsS3Bucket.BucketPrefix,\n S3Region = testAwsS3Bucket.Region,\n S3OutputConfigurations = new[]\n {\n new Aws.BcmData.Inputs.ExportExportDestinationConfigurationS3DestinationS3OutputConfigurationArgs\n {\n Overwrite = \"OVERWRITE_REPORT\",\n Format = \"TEXT_OR_CSV\",\n Compression = \"GZIP\",\n OutputType = \"CUSTOM\",\n },\n },\n },\n },\n },\n },\n RefreshCadences = new[]\n {\n new Aws.BcmData.Inputs.ExportExportRefreshCadenceArgs\n {\n Frequency = \"SYNCHRONOUS\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bcmdata\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bcmdata.NewExport(ctx, \"test\", \u0026bcmdata.ExportArgs{\n\t\t\tExport: \u0026bcmdata.ExportExportArgs{\n\t\t\t\tName: pulumi.String(\"testexample\"),\n\t\t\t\tDataQueries: bcmdata.ExportExportDataQueryArray{\n\t\t\t\t\t\u0026bcmdata.ExportExportDataQueryArgs{\n\t\t\t\t\t\tQueryStatement: pulumi.String(\"SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\"),\n\t\t\t\t\t\tTableConfigurations: pulumi.StringMapMap{\n\t\t\t\t\t\t\t\"COST_AND_USAGE_REPORT\": pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"TIME_GRANULARITY\": pulumi.String(\"HOURLY\"),\n\t\t\t\t\t\t\t\t\"INCLUDE_RESOURCES\": pulumi.String(\"FALSE\"),\n\t\t\t\t\t\t\t\t\"INCLUDE_MANUAL_DISCOUNT_COMPATIBILITY\": pulumi.String(\"FALSE\"),\n\t\t\t\t\t\t\t\t\"INCLUDE_SPLIT_COST_ALLOCATION_DATA\": pulumi.String(\"FALSE\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDestinationConfigurations: bcmdata.ExportExportDestinationConfigurationArray{\n\t\t\t\t\t\u0026bcmdata.ExportExportDestinationConfigurationArgs{\n\t\t\t\t\t\tS3Destinations: bcmdata.ExportExportDestinationConfigurationS3DestinationArray{\n\t\t\t\t\t\t\t\u0026bcmdata.ExportExportDestinationConfigurationS3DestinationArgs{\n\t\t\t\t\t\t\t\tS3Bucket: pulumi.Any(testAwsS3Bucket.Bucket),\n\t\t\t\t\t\t\t\tS3Prefix: pulumi.Any(testAwsS3Bucket.BucketPrefix),\n\t\t\t\t\t\t\t\tS3Region: pulumi.Any(testAwsS3Bucket.Region),\n\t\t\t\t\t\t\t\tS3OutputConfigurations: bcmdata.ExportExportDestinationConfigurationS3DestinationS3OutputConfigurationArray{\n\t\t\t\t\t\t\t\t\t\u0026bcmdata.ExportExportDestinationConfigurationS3DestinationS3OutputConfigurationArgs{\n\t\t\t\t\t\t\t\t\t\tOverwrite: pulumi.String(\"OVERWRITE_REPORT\"),\n\t\t\t\t\t\t\t\t\t\tFormat: pulumi.String(\"TEXT_OR_CSV\"),\n\t\t\t\t\t\t\t\t\t\tCompression: pulumi.String(\"GZIP\"),\n\t\t\t\t\t\t\t\t\t\tOutputType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRefreshCadences: bcmdata.ExportExportRefreshCadenceArray{\n\t\t\t\t\t\u0026bcmdata.ExportExportRefreshCadenceArgs{\n\t\t\t\t\t\tFrequency: pulumi.String(\"SYNCHRONOUS\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bcmdata.Export;\nimport com.pulumi.aws.bcmdata.ExportArgs;\nimport com.pulumi.aws.bcmdata.inputs.ExportExportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Export(\"test\", ExportArgs.builder()\n .export(ExportExportArgs.builder()\n .name(\"testexample\")\n .dataQueries(ExportExportDataQueryArgs.builder()\n .queryStatement(\"SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\")\n .tableConfigurations(Map.of(\"COST_AND_USAGE_REPORT\", Map.ofEntries(\n Map.entry(\"TIME_GRANULARITY\", \"HOURLY\"),\n Map.entry(\"INCLUDE_RESOURCES\", \"FALSE\"),\n Map.entry(\"INCLUDE_MANUAL_DISCOUNT_COMPATIBILITY\", \"FALSE\"),\n Map.entry(\"INCLUDE_SPLIT_COST_ALLOCATION_DATA\", \"FALSE\")\n )))\n .build())\n .destinationConfigurations(ExportExportDestinationConfigurationArgs.builder()\n .s3Destinations(ExportExportDestinationConfigurationS3DestinationArgs.builder()\n .s3Bucket(testAwsS3Bucket.bucket())\n .s3Prefix(testAwsS3Bucket.bucketPrefix())\n .s3Region(testAwsS3Bucket.region())\n .s3OutputConfigurations(ExportExportDestinationConfigurationS3DestinationS3OutputConfigurationArgs.builder()\n .overwrite(\"OVERWRITE_REPORT\")\n .format(\"TEXT_OR_CSV\")\n .compression(\"GZIP\")\n .outputType(\"CUSTOM\")\n .build())\n .build())\n .build())\n .refreshCadences(ExportExportRefreshCadenceArgs.builder()\n .frequency(\"SYNCHRONOUS\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:bcmdata:Export\n properties:\n export:\n name: testexample\n dataQueries:\n - queryStatement: SELECT identity_line_item_id, identity_time_interval, line_item_product_code,line_item_unblended_cost FROM COST_AND_USAGE_REPORT\n tableConfigurations:\n COST_AND_USAGE_REPORT:\n TIME_GRANULARITY: HOURLY\n INCLUDE_RESOURCES: FALSE\n INCLUDE_MANUAL_DISCOUNT_COMPATIBILITY: FALSE\n INCLUDE_SPLIT_COST_ALLOCATION_DATA: FALSE\n destinationConfigurations:\n - s3Destinations:\n - s3Bucket: ${testAwsS3Bucket.bucket}\n s3Prefix: ${testAwsS3Bucket.bucketPrefix}\n s3Region: ${testAwsS3Bucket.region}\n s3OutputConfigurations:\n - overwrite: OVERWRITE_REPORT\n format: TEXT_OR_CSV\n compression: GZIP\n outputType: CUSTOM\n refreshCadences:\n - frequency: SYNCHRONOUS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import BCM Data Exports Export using the export ARN. For example:\n\n```sh\n$ pulumi import aws:bcmdata/export:Export example arn:aws:bcm-data-exports:us-east-1:123456789012:export/CostUsageReport-9f1c75f3-f982-4d9a-b936-1e7ecab814b7\n```\n", "properties": { "export": { "$ref": "#/types/aws:bcmdata/ExportExport:ExportExport", "description": "The details of the export, including data query, name, description, and destination configuration. See the `export` argument reference below.\n", "language": { "csharp": { "name": "ExportDetails" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bcmdata/ExportTimeouts:ExportTimeouts" } }, "required": [ "tagsAll" ], "inputProperties": { "export": { "$ref": "#/types/aws:bcmdata/ExportExport:ExportExport", "description": "The details of the export, including data query, name, description, and destination configuration. See the `export` argument reference below.\n", "language": { "csharp": { "name": "ExportDetails" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeouts": { "$ref": "#/types/aws:bcmdata/ExportTimeouts:ExportTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Export resources.\n", "properties": { "export": { "$ref": "#/types/aws:bcmdata/ExportExport:ExportExport", "description": "The details of the export, including data query, name, description, and destination configuration. See the `export` argument reference below.\n", "language": { "csharp": { "name": "ExportDetails" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bcmdata/ExportTimeouts:ExportTimeouts" } }, "type": "object" } }, "aws:bedrock/agentAgent:AgentAgent": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Agent.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst exampleAgentTrust = Promise.all([current, currentGetPartition, currentGetRegion, current]).then(([current, currentGetPartition, currentGetRegion, current1]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"bedrock.amazonaws.com\"],\n type: \"Service\",\n }],\n conditions: [\n {\n test: \"StringEquals\",\n values: [current.accountId],\n variable: \"aws:SourceAccount\",\n },\n {\n test: \"ArnLike\",\n values: [`arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}:${current1.accountId}:agent/*`],\n variable: \"AWS:SourceArn\",\n },\n ],\n }],\n}));\nconst exampleAgentPermissions = Promise.all([currentGetPartition, currentGetRegion]).then(([currentGetPartition, currentGetRegion]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"bedrock:InvokeModel\"],\n resources: [`arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}::foundation-model/anthropic.claude-v2`],\n }],\n}));\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAgentTrust.then(exampleAgentTrust =\u003e exampleAgentTrust.json),\n namePrefix: \"AmazonBedrockExecutionRoleForAgents_\",\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n policy: exampleAgentPermissions.then(exampleAgentPermissions =\u003e exampleAgentPermissions.json),\n role: example.id,\n});\nconst exampleAgentAgent = new aws.bedrock.AgentAgent(\"example\", {\n agentName: \"my-agent-name\",\n agentResourceRoleArn: example.arn,\n idleSessionTtlInSeconds: 500,\n foundationModel: \"anthropic.claude-v2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\ncurrent_get_region = aws.get_region()\nexample_agent_trust = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"bedrock.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"conditions\": [\n {\n \"test\": \"StringEquals\",\n \"values\": [current.account_id],\n \"variable\": \"aws:SourceAccount\",\n },\n {\n \"test\": \"ArnLike\",\n \"values\": [f\"arn:{current_get_partition.partition}:bedrock:{current_get_region.name}:{current.account_id}:agent/*\"],\n \"variable\": \"AWS:SourceArn\",\n },\n ],\n}])\nexample_agent_permissions = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"bedrock:InvokeModel\"],\n \"resources\": [f\"arn:{current_get_partition.partition}:bedrock:{current_get_region.name}::foundation-model/anthropic.claude-v2\"],\n}])\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_agent_trust.json,\n name_prefix=\"AmazonBedrockExecutionRoleForAgents_\")\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n policy=example_agent_permissions.json,\n role=example.id)\nexample_agent_agent = aws.bedrock.AgentAgent(\"example\",\n agent_name=\"my-agent-name\",\n agent_resource_role_arn=example.arn,\n idle_session_ttl_in_seconds=500,\n foundation_model=\"anthropic.claude-v2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var exampleAgentTrust = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"bedrock.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Values = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n Variable = \"aws:SourceAccount\",\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnLike\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:bedrock:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:agent/*\",\n },\n Variable = \"AWS:SourceArn\",\n },\n },\n },\n },\n });\n\n var exampleAgentPermissions = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"bedrock:InvokeModel\",\n },\n Resources = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:bedrock:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}::foundation-model/anthropic.claude-v2\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAgentTrust.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n NamePrefix = \"AmazonBedrockExecutionRoleForAgents_\",\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Policy = exampleAgentPermissions.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Role = example.Id,\n });\n\n var exampleAgentAgent = new Aws.Bedrock.AgentAgent(\"example\", new()\n {\n AgentName = \"my-agent-name\",\n AgentResourceRoleArn = example.Arn,\n IdleSessionTtlInSeconds = 500,\n FoundationModel = \"anthropic.claude-v2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncurrent, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetPartition, err := aws.GetPartition(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetRegion, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nexampleAgentTrust, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"sts:AssumeRole\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nIdentifiers: []string{\n\"bedrock.amazonaws.com\",\n},\nType: \"Service\",\n},\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nValues: interface{}{\ncurrent.AccountId,\n},\nVariable: \"aws:SourceAccount\",\n},\n{\nTest: \"ArnLike\",\nValues: []string{\nfmt.Sprintf(\"arn:%v:bedrock:%v:%v:agent/*\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId),\n},\nVariable: \"AWS:SourceArn\",\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleAgentPermissions, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"bedrock:InvokeModel\",\n},\nResources: []string{\nfmt.Sprintf(\"arn:%v:bedrock:%v::foundation-model/anthropic.claude-v2\", currentGetPartition.Partition, currentGetRegion.Name),\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nAssumeRolePolicy: pulumi.String(exampleAgentTrust.Json),\nNamePrefix: pulumi.String(\"AmazonBedrockExecutionRoleForAgents_\"),\n})\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nPolicy: pulumi.String(exampleAgentPermissions.Json),\nRole: example.ID(),\n})\nif err != nil {\nreturn err\n}\n_, err = bedrock.NewAgentAgent(ctx, \"example\", \u0026bedrock.AgentAgentArgs{\nAgentName: pulumi.String(\"my-agent-name\"),\nAgentResourceRoleArn: example.Arn,\nIdleSessionTtlInSeconds: pulumi.Int(500),\nFoundationModel: pulumi.String(\"anthropic.claude-v2\"),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.bedrock.AgentAgent;\nimport com.pulumi.aws.bedrock.AgentAgentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var exampleAgentTrust = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"bedrock.amazonaws.com\")\n .type(\"Service\")\n .build())\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .values(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .variable(\"aws:SourceAccount\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnLike\")\n .values(String.format(\"arn:%s:bedrock:%s:%s:agent/*\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .variable(\"AWS:SourceArn\")\n .build())\n .build())\n .build());\n\n final var exampleAgentPermissions = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"bedrock:InvokeModel\")\n .resources(String.format(\"arn:%s:bedrock:%s::foundation-model/anthropic.claude-v2\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(exampleAgentTrust.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .namePrefix(\"AmazonBedrockExecutionRoleForAgents_\")\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .policy(exampleAgentPermissions.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .role(example.id())\n .build());\n\n var exampleAgentAgent = new AgentAgent(\"exampleAgentAgent\", AgentAgentArgs.builder()\n .agentName(\"my-agent-name\")\n .agentResourceRoleArn(example.arn())\n .idleSessionTtlInSeconds(500)\n .foundationModel(\"anthropic.claude-v2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAgentTrust.json}\n namePrefix: AmazonBedrockExecutionRoleForAgents_\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n policy: ${exampleAgentPermissions.json}\n role: ${example.id}\n exampleAgentAgent:\n type: aws:bedrock:AgentAgent\n name: example\n properties:\n agentName: my-agent-name\n agentResourceRoleArn: ${example.arn}\n idleSessionTtlInSeconds: 500\n foundationModel: anthropic.claude-v2\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n exampleAgentTrust:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - identifiers:\n - bedrock.amazonaws.com\n type: Service\n conditions:\n - test: StringEquals\n values:\n - ${current.accountId}\n variable: aws:SourceAccount\n - test: ArnLike\n values:\n - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}:${current.accountId}:agent/*\n variable: AWS:SourceArn\n exampleAgentPermissions:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - bedrock:InvokeModel\n resources:\n - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}::foundation-model/anthropic.claude-v2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Agent using the agent ID. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentAgent:AgentAgent example GGRRAED6JP\n```\n", "properties": { "agentArn": { "type": "string", "description": "ARN of the agent.\n" }, "agentId": { "type": "string", "description": "Unique identifier of the agent.\n" }, "agentName": { "type": "string", "description": "Name of the agent.\n" }, "agentResourceRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the agent.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent.\n" }, "customerEncryptionKeyArn": { "type": "string", "description": "ARN of the AWS KMS key that encrypts the agent.\n" }, "description": { "type": "string", "description": "Description of the agent.\n" }, "foundationModel": { "type": "string", "description": "Foundation model used for orchestration by the agent.\n\nThe following arguments are optional:\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent. A user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.\n" }, "instruction": { "type": "string", "description": "Instructions that tell the agent what it should do and how it should interact with users.\n" }, "prepareAgent": { "type": "boolean", "description": "Whether to prepare the agent after creation or modification. Defaults to `true`.\n" }, "promptOverrideConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentPromptOverrideConfiguration:AgentAgentPromptOverrideConfiguration" }, "description": "Configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html). See `prompt_override_configuration` Block for details.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentTimeouts:AgentAgentTimeouts" } }, "required": [ "agentArn", "agentId", "agentName", "agentResourceRoleArn", "agentVersion", "foundationModel", "idleSessionTtlInSeconds", "instruction", "prepareAgent", "promptOverrideConfigurations", "skipResourceInUseCheck", "tagsAll" ], "inputProperties": { "agentName": { "type": "string", "description": "Name of the agent.\n" }, "agentResourceRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the agent.\n" }, "customerEncryptionKeyArn": { "type": "string", "description": "ARN of the AWS KMS key that encrypts the agent.\n" }, "description": { "type": "string", "description": "Description of the agent.\n" }, "foundationModel": { "type": "string", "description": "Foundation model used for orchestration by the agent.\n\nThe following arguments are optional:\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent. A user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.\n" }, "instruction": { "type": "string", "description": "Instructions that tell the agent what it should do and how it should interact with users.\n" }, "prepareAgent": { "type": "boolean", "description": "Whether to prepare the agent after creation or modification. Defaults to `true`.\n" }, "promptOverrideConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentPromptOverrideConfiguration:AgentAgentPromptOverrideConfiguration" }, "description": "Configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html). See `prompt_override_configuration` Block for details.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentTimeouts:AgentAgentTimeouts" } }, "requiredInputs": [ "agentName", "agentResourceRoleArn", "foundationModel" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentAgent resources.\n", "properties": { "agentArn": { "type": "string", "description": "ARN of the agent.\n" }, "agentId": { "type": "string", "description": "Unique identifier of the agent.\n" }, "agentName": { "type": "string", "description": "Name of the agent.\n" }, "agentResourceRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the agent.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent.\n" }, "customerEncryptionKeyArn": { "type": "string", "description": "ARN of the AWS KMS key that encrypts the agent.\n" }, "description": { "type": "string", "description": "Description of the agent.\n" }, "foundationModel": { "type": "string", "description": "Foundation model used for orchestration by the agent.\n\nThe following arguments are optional:\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent. A user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.\n" }, "instruction": { "type": "string", "description": "Instructions that tell the agent what it should do and how it should interact with users.\n" }, "prepareAgent": { "type": "boolean", "description": "Whether to prepare the agent after creation or modification. Defaults to `true`.\n" }, "promptOverrideConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentPromptOverrideConfiguration:AgentAgentPromptOverrideConfiguration" }, "description": "Configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html). See `prompt_override_configuration` Block for details.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the agent.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentTimeouts:AgentAgentTimeouts" } }, "type": "object" } }, "aws:bedrock/agentAgentActionGroup:AgentAgentActionGroup": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Agent Action Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.bedrock.AgentAgentActionGroup(\"example\", {\n actionGroupName: \"example\",\n agentId: \"GGRRAED6JP\",\n agentVersion: \"DRAFT\",\n skipResourceInUseCheck: true,\n actionGroupExecutor: {\n lambda: \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n apiSchema: {\n payload: std.file({\n input: \"path/to/schema.yaml\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.bedrock.AgentAgentActionGroup(\"example\",\n action_group_name=\"example\",\n agent_id=\"GGRRAED6JP\",\n agent_version=\"DRAFT\",\n skip_resource_in_use_check=True,\n action_group_executor={\n \"lambda_\": \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n api_schema={\n \"payload\": std.file(input=\"path/to/schema.yaml\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentAgentActionGroup(\"example\", new()\n {\n ActionGroupName = \"example\",\n AgentId = \"GGRRAED6JP\",\n AgentVersion = \"DRAFT\",\n SkipResourceInUseCheck = true,\n ActionGroupExecutor = new Aws.Bedrock.Inputs.AgentAgentActionGroupActionGroupExecutorArgs\n {\n Lambda = \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n ApiSchema = new Aws.Bedrock.Inputs.AgentAgentActionGroupApiSchemaArgs\n {\n Payload = Std.File.Invoke(new()\n {\n Input = \"path/to/schema.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"path/to/schema.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = bedrock.NewAgentAgentActionGroup(ctx, \"example\", \u0026bedrock.AgentAgentActionGroupArgs{\n\t\t\tActionGroupName: pulumi.String(\"example\"),\n\t\t\tAgentId: pulumi.String(\"GGRRAED6JP\"),\n\t\t\tAgentVersion: pulumi.String(\"DRAFT\"),\n\t\t\tSkipResourceInUseCheck: pulumi.Bool(true),\n\t\t\tActionGroupExecutor: \u0026bedrock.AgentAgentActionGroupActionGroupExecutorArgs{\n\t\t\t\tLambda: pulumi.String(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\"),\n\t\t\t},\n\t\t\tApiSchema: \u0026bedrock.AgentAgentActionGroupApiSchemaArgs{\n\t\t\t\tPayload: pulumi.String(invokeFile.Result),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroup;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroupArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupActionGroupExecutorArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupApiSchemaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentAgentActionGroup(\"example\", AgentAgentActionGroupArgs.builder()\n .actionGroupName(\"example\")\n .agentId(\"GGRRAED6JP\")\n .agentVersion(\"DRAFT\")\n .skipResourceInUseCheck(true)\n .actionGroupExecutor(AgentAgentActionGroupActionGroupExecutorArgs.builder()\n .lambda(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\")\n .build())\n .apiSchema(AgentAgentActionGroupApiSchemaArgs.builder()\n .payload(StdFunctions.file(FileArgs.builder()\n .input(\"path/to/schema.yaml\")\n .build()).result())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentAgentActionGroup\n properties:\n actionGroupName: example\n agentId: GGRRAED6JP\n agentVersion: DRAFT\n skipResourceInUseCheck: true\n actionGroupExecutor:\n lambda: arn:aws:lambda:us-west-2:123456789012:function:example-function\n apiSchema:\n payload:\n fn::invoke:\n Function: std:file\n Arguments:\n input: path/to/schema.yaml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### API Schema in S3 Bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentAgentActionGroup(\"example\", {\n actionGroupName: \"example\",\n agentId: \"GGRRAED6JP\",\n agentVersion: \"DRAFT\",\n skipResourceInUseCheck: true,\n actionGroupExecutor: {\n lambda: \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n apiSchema: {\n s3: {\n s3BucketName: \"example-bucket\",\n s3ObjectKey: \"path/to/schema.json\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentAgentActionGroup(\"example\",\n action_group_name=\"example\",\n agent_id=\"GGRRAED6JP\",\n agent_version=\"DRAFT\",\n skip_resource_in_use_check=True,\n action_group_executor={\n \"lambda_\": \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n api_schema={\n \"s3\": {\n \"s3_bucket_name\": \"example-bucket\",\n \"s3_object_key\": \"path/to/schema.json\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentAgentActionGroup(\"example\", new()\n {\n ActionGroupName = \"example\",\n AgentId = \"GGRRAED6JP\",\n AgentVersion = \"DRAFT\",\n SkipResourceInUseCheck = true,\n ActionGroupExecutor = new Aws.Bedrock.Inputs.AgentAgentActionGroupActionGroupExecutorArgs\n {\n Lambda = \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n ApiSchema = new Aws.Bedrock.Inputs.AgentAgentActionGroupApiSchemaArgs\n {\n S3 = new Aws.Bedrock.Inputs.AgentAgentActionGroupApiSchemaS3Args\n {\n S3BucketName = \"example-bucket\",\n S3ObjectKey = \"path/to/schema.json\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentAgentActionGroup(ctx, \"example\", \u0026bedrock.AgentAgentActionGroupArgs{\n\t\t\tActionGroupName: pulumi.String(\"example\"),\n\t\t\tAgentId: pulumi.String(\"GGRRAED6JP\"),\n\t\t\tAgentVersion: pulumi.String(\"DRAFT\"),\n\t\t\tSkipResourceInUseCheck: pulumi.Bool(true),\n\t\t\tActionGroupExecutor: \u0026bedrock.AgentAgentActionGroupActionGroupExecutorArgs{\n\t\t\t\tLambda: pulumi.String(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\"),\n\t\t\t},\n\t\t\tApiSchema: \u0026bedrock.AgentAgentActionGroupApiSchemaArgs{\n\t\t\t\tS3: \u0026bedrock.AgentAgentActionGroupApiSchemaS3Args{\n\t\t\t\t\tS3BucketName: pulumi.String(\"example-bucket\"),\n\t\t\t\t\tS3ObjectKey: pulumi.String(\"path/to/schema.json\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroup;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroupArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupActionGroupExecutorArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupApiSchemaArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupApiSchemaS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentAgentActionGroup(\"example\", AgentAgentActionGroupArgs.builder()\n .actionGroupName(\"example\")\n .agentId(\"GGRRAED6JP\")\n .agentVersion(\"DRAFT\")\n .skipResourceInUseCheck(true)\n .actionGroupExecutor(AgentAgentActionGroupActionGroupExecutorArgs.builder()\n .lambda(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\")\n .build())\n .apiSchema(AgentAgentActionGroupApiSchemaArgs.builder()\n .s3(AgentAgentActionGroupApiSchemaS3Args.builder()\n .s3BucketName(\"example-bucket\")\n .s3ObjectKey(\"path/to/schema.json\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentAgentActionGroup\n properties:\n actionGroupName: example\n agentId: GGRRAED6JP\n agentVersion: DRAFT\n skipResourceInUseCheck: true\n actionGroupExecutor:\n lambda: arn:aws:lambda:us-west-2:123456789012:function:example-function\n apiSchema:\n s3:\n s3BucketName: example-bucket\n s3ObjectKey: path/to/schema.json\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Function Schema (Simplified Schema)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentAgentActionGroup(\"example\", {\n actionGroupName: \"example\",\n agentId: \"GGRRAED6JP\",\n agentVersion: \"DRAFT\",\n skipResourceInUseCheck: true,\n actionGroupExecutor: {\n lambda: \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n functionSchema: {\n memberFunctions: {\n functions: [{\n name: \"example-function\",\n description: \"Example function\",\n parameters: [\n {\n mapBlockKey: \"param1\",\n type: \"string\",\n description: \"The first parameter\",\n required: true,\n },\n {\n mapBlockKey: \"param2\",\n type: \"integer\",\n description: \"The second parameter\",\n required: false,\n },\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentAgentActionGroup(\"example\",\n action_group_name=\"example\",\n agent_id=\"GGRRAED6JP\",\n agent_version=\"DRAFT\",\n skip_resource_in_use_check=True,\n action_group_executor={\n \"lambda_\": \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n function_schema={\n \"member_functions\": {\n \"functions\": [{\n \"name\": \"example-function\",\n \"description\": \"Example function\",\n \"parameters\": [\n {\n \"map_block_key\": \"param1\",\n \"type\": \"string\",\n \"description\": \"The first parameter\",\n \"required\": True,\n },\n {\n \"map_block_key\": \"param2\",\n \"type\": \"integer\",\n \"description\": \"The second parameter\",\n \"required\": False,\n },\n ],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentAgentActionGroup(\"example\", new()\n {\n ActionGroupName = \"example\",\n AgentId = \"GGRRAED6JP\",\n AgentVersion = \"DRAFT\",\n SkipResourceInUseCheck = true,\n ActionGroupExecutor = new Aws.Bedrock.Inputs.AgentAgentActionGroupActionGroupExecutorArgs\n {\n Lambda = \"arn:aws:lambda:us-west-2:123456789012:function:example-function\",\n },\n FunctionSchema = new Aws.Bedrock.Inputs.AgentAgentActionGroupFunctionSchemaArgs\n {\n MemberFunctions = new Aws.Bedrock.Inputs.AgentAgentActionGroupFunctionSchemaMemberFunctionsArgs\n {\n Functions = new[]\n {\n new Aws.Bedrock.Inputs.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionArgs\n {\n Name = \"example-function\",\n Description = \"Example function\",\n Parameters = new[]\n {\n new Aws.Bedrock.Inputs.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs\n {\n MapBlockKey = \"param1\",\n Type = \"string\",\n Description = \"The first parameter\",\n Required = true,\n },\n new Aws.Bedrock.Inputs.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs\n {\n MapBlockKey = \"param2\",\n Type = \"integer\",\n Description = \"The second parameter\",\n Required = false,\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentAgentActionGroup(ctx, \"example\", \u0026bedrock.AgentAgentActionGroupArgs{\n\t\t\tActionGroupName: pulumi.String(\"example\"),\n\t\t\tAgentId: pulumi.String(\"GGRRAED6JP\"),\n\t\t\tAgentVersion: pulumi.String(\"DRAFT\"),\n\t\t\tSkipResourceInUseCheck: pulumi.Bool(true),\n\t\t\tActionGroupExecutor: \u0026bedrock.AgentAgentActionGroupActionGroupExecutorArgs{\n\t\t\t\tLambda: pulumi.String(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\"),\n\t\t\t},\n\t\t\tFunctionSchema: \u0026bedrock.AgentAgentActionGroupFunctionSchemaArgs{\n\t\t\t\tMemberFunctions: \u0026bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsArgs{\n\t\t\t\t\tFunctions: bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionArray{\n\t\t\t\t\t\t\u0026bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"example-function\"),\n\t\t\t\t\t\t\tDescription: pulumi.String(\"Example function\"),\n\t\t\t\t\t\t\tParameters: bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArray{\n\t\t\t\t\t\t\t\t\u0026bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs{\n\t\t\t\t\t\t\t\t\tMapBlockKey: pulumi.String(\"param1\"),\n\t\t\t\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t\t\t\t\tDescription: pulumi.String(\"The first parameter\"),\n\t\t\t\t\t\t\t\t\tRequired: pulumi.Bool(true),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026bedrock.AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs{\n\t\t\t\t\t\t\t\t\tMapBlockKey: pulumi.String(\"param2\"),\n\t\t\t\t\t\t\t\t\tType: pulumi.String(\"integer\"),\n\t\t\t\t\t\t\t\t\tDescription: pulumi.String(\"The second parameter\"),\n\t\t\t\t\t\t\t\t\tRequired: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroup;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroupArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupActionGroupExecutorArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupFunctionSchemaArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupFunctionSchemaMemberFunctionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentAgentActionGroup(\"example\", AgentAgentActionGroupArgs.builder()\n .actionGroupName(\"example\")\n .agentId(\"GGRRAED6JP\")\n .agentVersion(\"DRAFT\")\n .skipResourceInUseCheck(true)\n .actionGroupExecutor(AgentAgentActionGroupActionGroupExecutorArgs.builder()\n .lambda(\"arn:aws:lambda:us-west-2:123456789012:function:example-function\")\n .build())\n .functionSchema(AgentAgentActionGroupFunctionSchemaArgs.builder()\n .memberFunctions(AgentAgentActionGroupFunctionSchemaMemberFunctionsArgs.builder()\n .functions(AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionArgs.builder()\n .name(\"example-function\")\n .description(\"Example function\")\n .parameters( \n AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs.builder()\n .mapBlockKey(\"param1\")\n .type(\"string\")\n .description(\"The first parameter\")\n .required(true)\n .build(),\n AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameterArgs.builder()\n .mapBlockKey(\"param2\")\n .type(\"integer\")\n .description(\"The second parameter\")\n .required(false)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentAgentActionGroup\n properties:\n actionGroupName: example\n agentId: GGRRAED6JP\n agentVersion: DRAFT\n skipResourceInUseCheck: true\n actionGroupExecutor:\n lambda: arn:aws:lambda:us-west-2:123456789012:function:example-function\n functionSchema:\n memberFunctions:\n functions:\n - name: example-function\n description: Example function\n parameters:\n - mapBlockKey: param1\n type: string\n description: The first parameter\n required: true\n - mapBlockKey: param2\n type: integer\n description: The second parameter\n required: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Return of Control\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.bedrock.AgentAgentActionGroup(\"example\", {\n actionGroupName: \"example\",\n agentId: \"GGRRAED6JP\",\n agentVersion: \"DRAFT\",\n skipResourceInUseCheck: true,\n actionGroupExecutor: {\n customControl: \"RETURN_CONTROL\",\n },\n apiSchema: {\n payload: std.file({\n input: \"path/to/schema.yaml\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.bedrock.AgentAgentActionGroup(\"example\",\n action_group_name=\"example\",\n agent_id=\"GGRRAED6JP\",\n agent_version=\"DRAFT\",\n skip_resource_in_use_check=True,\n action_group_executor={\n \"custom_control\": \"RETURN_CONTROL\",\n },\n api_schema={\n \"payload\": std.file(input=\"path/to/schema.yaml\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentAgentActionGroup(\"example\", new()\n {\n ActionGroupName = \"example\",\n AgentId = \"GGRRAED6JP\",\n AgentVersion = \"DRAFT\",\n SkipResourceInUseCheck = true,\n ActionGroupExecutor = new Aws.Bedrock.Inputs.AgentAgentActionGroupActionGroupExecutorArgs\n {\n CustomControl = \"RETURN_CONTROL\",\n },\n ApiSchema = new Aws.Bedrock.Inputs.AgentAgentActionGroupApiSchemaArgs\n {\n Payload = Std.File.Invoke(new()\n {\n Input = \"path/to/schema.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"path/to/schema.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = bedrock.NewAgentAgentActionGroup(ctx, \"example\", \u0026bedrock.AgentAgentActionGroupArgs{\n\t\t\tActionGroupName: pulumi.String(\"example\"),\n\t\t\tAgentId: pulumi.String(\"GGRRAED6JP\"),\n\t\t\tAgentVersion: pulumi.String(\"DRAFT\"),\n\t\t\tSkipResourceInUseCheck: pulumi.Bool(true),\n\t\t\tActionGroupExecutor: \u0026bedrock.AgentAgentActionGroupActionGroupExecutorArgs{\n\t\t\t\tCustomControl: pulumi.String(\"RETURN_CONTROL\"),\n\t\t\t},\n\t\t\tApiSchema: \u0026bedrock.AgentAgentActionGroupApiSchemaArgs{\n\t\t\t\tPayload: pulumi.String(invokeFile.Result),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroup;\nimport com.pulumi.aws.bedrock.AgentAgentActionGroupArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupActionGroupExecutorArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentAgentActionGroupApiSchemaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentAgentActionGroup(\"example\", AgentAgentActionGroupArgs.builder()\n .actionGroupName(\"example\")\n .agentId(\"GGRRAED6JP\")\n .agentVersion(\"DRAFT\")\n .skipResourceInUseCheck(true)\n .actionGroupExecutor(AgentAgentActionGroupActionGroupExecutorArgs.builder()\n .customControl(\"RETURN_CONTROL\")\n .build())\n .apiSchema(AgentAgentActionGroupApiSchemaArgs.builder()\n .payload(StdFunctions.file(FileArgs.builder()\n .input(\"path/to/schema.yaml\")\n .build()).result())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentAgentActionGroup\n properties:\n actionGroupName: example\n agentId: GGRRAED6JP\n agentVersion: DRAFT\n skipResourceInUseCheck: true\n actionGroupExecutor:\n customControl: RETURN_CONTROL\n apiSchema:\n payload:\n fn::invoke:\n Function: std:file\n Arguments:\n input: path/to/schema.yaml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Agent Action Group the action group ID, the agent ID, and the agent version separated by `,`. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentAgentActionGroup:AgentAgentActionGroup example MMAUDBZTH4,GGRRAED6JP,DRAFT\n```\n", "properties": { "actionGroupExecutor": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupActionGroupExecutor:AgentAgentActionGroupActionGroupExecutor", "description": "ARN of the Lambda function containing the business logic that is carried out upon invoking the action or custom control method for handling the information elicited from the user. See `action_group_executor` Block for details.\n\nThe following arguments are optional:\n" }, "actionGroupId": { "type": "string", "description": "Unique identifier of the action group.\n" }, "actionGroupName": { "type": "string", "description": "Name of the action group.\n" }, "actionGroupState": { "type": "string", "description": "Whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n" }, "agentId": { "type": "string", "description": "The unique identifier of the agent for which to create the action group.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent for which to create the action group. Valid values: `DRAFT`.\n" }, "apiSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupApiSchema:AgentAgentActionGroupApiSchema", "description": "Either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html). See `api_schema` Block for details.\n" }, "description": { "type": "string", "description": "Description of the action group.\n" }, "functionSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchema:AgentAgentActionGroupFunctionSchema", "description": "Describes the function schema for the action group.\nEach function represents an action in an action group.\nSee `function_schema` Block for details.\n" }, "parentActionGroupSignature": { "type": "string", "description": "To allow your agent to request the user for additional information when trying to complete a task, set this argument to `AMAZON.UserInput`. You must leave the `description`, `api_schema`, and `action_group_executor` arguments blank for this action group. Valid values: `AMAZON.UserInput`.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the action group.\n" } }, "required": [ "actionGroupId", "actionGroupName", "actionGroupState", "agentId", "agentVersion", "skipResourceInUseCheck" ], "inputProperties": { "actionGroupExecutor": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupActionGroupExecutor:AgentAgentActionGroupActionGroupExecutor", "description": "ARN of the Lambda function containing the business logic that is carried out upon invoking the action or custom control method for handling the information elicited from the user. See `action_group_executor` Block for details.\n\nThe following arguments are optional:\n" }, "actionGroupName": { "type": "string", "description": "Name of the action group.\n" }, "actionGroupState": { "type": "string", "description": "Whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n" }, "agentId": { "type": "string", "description": "The unique identifier of the agent for which to create the action group.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent for which to create the action group. Valid values: `DRAFT`.\n" }, "apiSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupApiSchema:AgentAgentActionGroupApiSchema", "description": "Either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html). See `api_schema` Block for details.\n" }, "description": { "type": "string", "description": "Description of the action group.\n" }, "functionSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchema:AgentAgentActionGroupFunctionSchema", "description": "Describes the function schema for the action group.\nEach function represents an action in an action group.\nSee `function_schema` Block for details.\n" }, "parentActionGroupSignature": { "type": "string", "description": "To allow your agent to request the user for additional information when trying to complete a task, set this argument to `AMAZON.UserInput`. You must leave the `description`, `api_schema`, and `action_group_executor` arguments blank for this action group. Valid values: `AMAZON.UserInput`.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the action group.\n" } }, "requiredInputs": [ "actionGroupName", "agentId", "agentVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentAgentActionGroup resources.\n", "properties": { "actionGroupExecutor": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupActionGroupExecutor:AgentAgentActionGroupActionGroupExecutor", "description": "ARN of the Lambda function containing the business logic that is carried out upon invoking the action or custom control method for handling the information elicited from the user. See `action_group_executor` Block for details.\n\nThe following arguments are optional:\n" }, "actionGroupId": { "type": "string", "description": "Unique identifier of the action group.\n" }, "actionGroupName": { "type": "string", "description": "Name of the action group.\n" }, "actionGroupState": { "type": "string", "description": "Whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n" }, "agentId": { "type": "string", "description": "The unique identifier of the agent for which to create the action group.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent for which to create the action group. Valid values: `DRAFT`.\n" }, "apiSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupApiSchema:AgentAgentActionGroupApiSchema", "description": "Either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html). See `api_schema` Block for details.\n" }, "description": { "type": "string", "description": "Description of the action group.\n" }, "functionSchema": { "$ref": "#/types/aws:bedrock/AgentAgentActionGroupFunctionSchema:AgentAgentActionGroupFunctionSchema", "description": "Describes the function schema for the action group.\nEach function represents an action in an action group.\nSee `function_schema` Block for details.\n" }, "parentActionGroupSignature": { "type": "string", "description": "To allow your agent to request the user for additional information when trying to complete a task, set this argument to `AMAZON.UserInput`. You must leave the `description`, `api_schema`, and `action_group_executor` arguments blank for this action group. Valid values: `AMAZON.UserInput`.\n" }, "skipResourceInUseCheck": { "type": "boolean", "description": "Whether the in-use check is skipped when deleting the action group.\n" } }, "type": "object" } }, "aws:bedrock/agentAgentAlias:AgentAgentAlias": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Agent Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAgentTrust.json}\n namePrefix: AmazonBedrockExecutionRoleForAgents_\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n policy: ${exampleAgentPermissions.json}\n role: ${example.id}\n exampleAgentAgent:\n type: aws:bedrock:AgentAgent\n name: example\n properties:\n agentName: my-agent-name\n agentResourceRoleArn: ${example.arn}\n idleTtl: 500\n foundationModel: anthropic.claude-v2\n exampleAgentAgentAlias:\n type: aws:bedrock:AgentAgentAlias\n name: example\n properties:\n agentAliasName: my-agent-alias\n agentId: ${exampleAgentAgent.agentId}\n description: Test Alias\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n exampleAgentTrust:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - identifiers:\n - bedrock.amazonaws.com\n type: Service\n conditions:\n - test: StringEquals\n values:\n - ${current.accountId}\n variable: aws:SourceAccount\n - test: ArnLike\n values:\n - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}:${current.accountId}:agent/*\n variable: AWS:SourceArn\n exampleAgentPermissions:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - bedrock:InvokeModel\n resources:\n - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}::foundation-model/anthropic.claude-v2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Agent Alias using the alias ID and the agent ID separated by `,`. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentAgentAlias:AgentAgentAlias example 66IVY0GUTF,GGRRAED6JP\n```\n", "properties": { "agentAliasArn": { "type": "string", "description": "ARN of the alias.\n" }, "agentAliasId": { "type": "string", "description": "Unique identifier of the alias.\n" }, "agentAliasName": { "type": "string", "description": "Name of the alias.\n" }, "agentId": { "type": "string", "description": "Identifier of the agent to create an alias for.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentAliasRoutingConfiguration:AgentAgentAliasRoutingConfiguration" }, "description": "Details about the routing configuration of the alias. See `routing_configuration` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentAliasTimeouts:AgentAgentAliasTimeouts" } }, "required": [ "agentAliasArn", "agentAliasId", "agentAliasName", "agentId", "routingConfigurations", "tagsAll" ], "inputProperties": { "agentAliasName": { "type": "string", "description": "Name of the alias.\n" }, "agentId": { "type": "string", "description": "Identifier of the agent to create an alias for.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentAliasRoutingConfiguration:AgentAgentAliasRoutingConfiguration" }, "description": "Details about the routing configuration of the alias. See `routing_configuration` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentAliasTimeouts:AgentAgentAliasTimeouts" } }, "requiredInputs": [ "agentAliasName", "agentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentAgentAlias resources.\n", "properties": { "agentAliasArn": { "type": "string", "description": "ARN of the alias.\n" }, "agentAliasId": { "type": "string", "description": "Unique identifier of the alias.\n" }, "agentAliasName": { "type": "string", "description": "Name of the alias.\n" }, "agentId": { "type": "string", "description": "Identifier of the agent to create an alias for.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/AgentAgentAliasRoutingConfiguration:AgentAgentAliasRoutingConfiguration" }, "description": "Details about the routing configuration of the alias. See `routing_configuration` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentAgentAliasTimeouts:AgentAgentAliasTimeouts" } }, "type": "object" } }, "aws:bedrock/agentAgentKnowledgeBaseAssociation:AgentAgentKnowledgeBaseAssociation": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Agent Knowledge Base Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentAgentKnowledgeBaseAssociation(\"example\", {\n agentId: \"GGRRAED6JP\",\n description: \"Example Knowledge base\",\n knowledgeBaseId: \"EMDPPAYPZI\",\n knowledgeBaseState: \"ENABLED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentAgentKnowledgeBaseAssociation(\"example\",\n agent_id=\"GGRRAED6JP\",\n description=\"Example Knowledge base\",\n knowledge_base_id=\"EMDPPAYPZI\",\n knowledge_base_state=\"ENABLED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentAgentKnowledgeBaseAssociation(\"example\", new()\n {\n AgentId = \"GGRRAED6JP\",\n Description = \"Example Knowledge base\",\n KnowledgeBaseId = \"EMDPPAYPZI\",\n KnowledgeBaseState = \"ENABLED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentAgentKnowledgeBaseAssociation(ctx, \"example\", \u0026bedrock.AgentAgentKnowledgeBaseAssociationArgs{\n\t\t\tAgentId: pulumi.String(\"GGRRAED6JP\"),\n\t\t\tDescription: pulumi.String(\"Example Knowledge base\"),\n\t\t\tKnowledgeBaseId: pulumi.String(\"EMDPPAYPZI\"),\n\t\t\tKnowledgeBaseState: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentAgentKnowledgeBaseAssociation;\nimport com.pulumi.aws.bedrock.AgentAgentKnowledgeBaseAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentAgentKnowledgeBaseAssociation(\"example\", AgentAgentKnowledgeBaseAssociationArgs.builder()\n .agentId(\"GGRRAED6JP\")\n .description(\"Example Knowledge base\")\n .knowledgeBaseId(\"EMDPPAYPZI\")\n .knowledgeBaseState(\"ENABLED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentAgentKnowledgeBaseAssociation\n properties:\n agentId: GGRRAED6JP\n description: Example Knowledge base\n knowledgeBaseId: EMDPPAYPZI\n knowledgeBaseState: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Agent Knowledge Base Association using the agent ID, the agent version, and the knowledge base ID separated by `,`. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentAgentKnowledgeBaseAssociation:AgentAgentKnowledgeBaseAssociation example GGRRAED6JP,DRAFT,EMDPPAYPZI\n```\n", "properties": { "agentId": { "type": "string", "description": "Unique identifier of the agent with which you want to associate the knowledge base.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent with which you want to associate the knowledge base. Valid values: `DRAFT`.\n" }, "description": { "type": "string", "description": "Description of what the agent should use the knowledge base for.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to associate with the agent.\n" }, "knowledgeBaseState": { "type": "string", "description": "Whether to use the knowledge base when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "required": [ "agentId", "agentVersion", "description", "knowledgeBaseId", "knowledgeBaseState" ], "inputProperties": { "agentId": { "type": "string", "description": "Unique identifier of the agent with which you want to associate the knowledge base.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent with which you want to associate the knowledge base. Valid values: `DRAFT`.\n" }, "description": { "type": "string", "description": "Description of what the agent should use the knowledge base for.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to associate with the agent.\n" }, "knowledgeBaseState": { "type": "string", "description": "Whether to use the knowledge base when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "agentId", "description", "knowledgeBaseId", "knowledgeBaseState" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentAgentKnowledgeBaseAssociation resources.\n", "properties": { "agentId": { "type": "string", "description": "Unique identifier of the agent with which you want to associate the knowledge base.\n" }, "agentVersion": { "type": "string", "description": "Version of the agent with which you want to associate the knowledge base. Valid values: `DRAFT`.\n" }, "description": { "type": "string", "description": "Description of what the agent should use the knowledge base for.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to associate with the agent.\n" }, "knowledgeBaseState": { "type": "string", "description": "Whether to use the knowledge base when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:bedrock/agentDataSource:AgentDataSource": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Data Source.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentDataSource(\"example\", {\n knowledgeBaseId: \"EMDPPAYPZI\",\n name: \"example\",\n dataSourceConfiguration: {\n type: \"S3\",\n s3Configuration: {\n bucketArn: \"arn:aws:s3:::example-bucket\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentDataSource(\"example\",\n knowledge_base_id=\"EMDPPAYPZI\",\n name=\"example\",\n data_source_configuration={\n \"type\": \"S3\",\n \"s3_configuration\": {\n \"bucket_arn\": \"arn:aws:s3:::example-bucket\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentDataSource(\"example\", new()\n {\n KnowledgeBaseId = \"EMDPPAYPZI\",\n Name = \"example\",\n DataSourceConfiguration = new Aws.Bedrock.Inputs.AgentDataSourceDataSourceConfigurationArgs\n {\n Type = \"S3\",\n S3Configuration = new Aws.Bedrock.Inputs.AgentDataSourceDataSourceConfigurationS3ConfigurationArgs\n {\n BucketArn = \"arn:aws:s3:::example-bucket\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentDataSource(ctx, \"example\", \u0026bedrock.AgentDataSourceArgs{\n\t\t\tKnowledgeBaseId: pulumi.String(\"EMDPPAYPZI\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataSourceConfiguration: \u0026bedrock.AgentDataSourceDataSourceConfigurationArgs{\n\t\t\t\tType: pulumi.String(\"S3\"),\n\t\t\t\tS3Configuration: \u0026bedrock.AgentDataSourceDataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketArn: pulumi.String(\"arn:aws:s3:::example-bucket\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentDataSource;\nimport com.pulumi.aws.bedrock.AgentDataSourceArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentDataSourceDataSourceConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentDataSourceDataSourceConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentDataSource(\"example\", AgentDataSourceArgs.builder()\n .knowledgeBaseId(\"EMDPPAYPZI\")\n .name(\"example\")\n .dataSourceConfiguration(AgentDataSourceDataSourceConfigurationArgs.builder()\n .type(\"S3\")\n .s3Configuration(AgentDataSourceDataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketArn(\"arn:aws:s3:::example-bucket\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentDataSource\n properties:\n knowledgeBaseId: EMDPPAYPZI\n name: example\n dataSourceConfiguration:\n type: S3\n s3Configuration:\n bucketArn: arn:aws:s3:::example-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Data Source using the data source ID and the knowledge base ID. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentDataSource:AgentDataSource example GWCMFMQF6T,EMDPPAYPZI\n```\n", "properties": { "dataDeletionPolicy": { "type": "string", "description": "Data deletion policy for a data source. Valid values: `RETAIN`, `DELETE`.\n" }, "dataSourceConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceDataSourceConfiguration:AgentDataSourceDataSourceConfiguration", "description": "Details about how the data source is stored. See `data_source_configuration` block for details.\n" }, "dataSourceId": { "type": "string", "description": "Unique identifier of the data source.\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to which the data source belongs.\n" }, "name": { "type": "string", "description": "Name of the data source.\n\nThe following arguments are optional:\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceServerSideEncryptionConfiguration:AgentDataSourceServerSideEncryptionConfiguration", "description": "Details about the configuration of the server-side encryption. See `server_side_encryption_configuration` block for details.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentDataSourceTimeouts:AgentDataSourceTimeouts" }, "vectorIngestionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceVectorIngestionConfiguration:AgentDataSourceVectorIngestionConfiguration", "description": "Details about the configuration of the server-side encryption. See `vector_ingestion_configuration` block for details.\n" } }, "required": [ "dataDeletionPolicy", "dataSourceId", "knowledgeBaseId", "name" ], "inputProperties": { "dataDeletionPolicy": { "type": "string", "description": "Data deletion policy for a data source. Valid values: `RETAIN`, `DELETE`.\n" }, "dataSourceConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceDataSourceConfiguration:AgentDataSourceDataSourceConfiguration", "description": "Details about how the data source is stored. See `data_source_configuration` block for details.\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to which the data source belongs.\n" }, "name": { "type": "string", "description": "Name of the data source.\n\nThe following arguments are optional:\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceServerSideEncryptionConfiguration:AgentDataSourceServerSideEncryptionConfiguration", "description": "Details about the configuration of the server-side encryption. See `server_side_encryption_configuration` block for details.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentDataSourceTimeouts:AgentDataSourceTimeouts" }, "vectorIngestionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceVectorIngestionConfiguration:AgentDataSourceVectorIngestionConfiguration", "description": "Details about the configuration of the server-side encryption. See `vector_ingestion_configuration` block for details.\n" } }, "requiredInputs": [ "knowledgeBaseId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentDataSource resources.\n", "properties": { "dataDeletionPolicy": { "type": "string", "description": "Data deletion policy for a data source. Valid values: `RETAIN`, `DELETE`.\n" }, "dataSourceConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceDataSourceConfiguration:AgentDataSourceDataSourceConfiguration", "description": "Details about how the data source is stored. See `data_source_configuration` block for details.\n" }, "dataSourceId": { "type": "string", "description": "Unique identifier of the data source.\n" }, "description": { "type": "string", "description": "Description of the data source.\n" }, "knowledgeBaseId": { "type": "string", "description": "Unique identifier of the knowledge base to which the data source belongs.\n" }, "name": { "type": "string", "description": "Name of the data source.\n\nThe following arguments are optional:\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceServerSideEncryptionConfiguration:AgentDataSourceServerSideEncryptionConfiguration", "description": "Details about the configuration of the server-side encryption. See `server_side_encryption_configuration` block for details.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentDataSourceTimeouts:AgentDataSourceTimeouts" }, "vectorIngestionConfiguration": { "$ref": "#/types/aws:bedrock/AgentDataSourceVectorIngestionConfiguration:AgentDataSourceVectorIngestionConfiguration", "description": "Details about the configuration of the server-side encryption. See `vector_ingestion_configuration` block for details.\n" } }, "type": "object" } }, "aws:bedrock/agentKnowledgeBase:AgentKnowledgeBase": { "description": "Resource for managing an AWS Agents for Amazon Bedrock Knowledge Base.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentKnowledgeBase(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n knowledgeBaseConfiguration: {\n vectorKnowledgeBaseConfiguration: {\n embeddingModelArn: \"arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\",\n },\n type: \"VECTOR\",\n },\n storageConfiguration: {\n type: \"OPENSEARCH_SERVERLESS\",\n opensearchServerlessConfiguration: {\n collectionArn: \"arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\",\n vectorIndexName: \"bedrock-knowledge-base-default-index\",\n fieldMapping: {\n vectorField: \"bedrock-knowledge-base-default-vector\",\n textField: \"AMAZON_BEDROCK_TEXT_CHUNK\",\n metadataField: \"AMAZON_BEDROCK_METADATA\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentKnowledgeBase(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n knowledge_base_configuration={\n \"vector_knowledge_base_configuration\": {\n \"embedding_model_arn\": \"arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\",\n },\n \"type\": \"VECTOR\",\n },\n storage_configuration={\n \"type\": \"OPENSEARCH_SERVERLESS\",\n \"opensearch_serverless_configuration\": {\n \"collection_arn\": \"arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\",\n \"vector_index_name\": \"bedrock-knowledge-base-default-index\",\n \"field_mapping\": {\n \"vector_field\": \"bedrock-knowledge-base-default-vector\",\n \"text_field\": \"AMAZON_BEDROCK_TEXT_CHUNK\",\n \"metadata_field\": \"AMAZON_BEDROCK_METADATA\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentKnowledgeBase(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n KnowledgeBaseConfiguration = new Aws.Bedrock.Inputs.AgentKnowledgeBaseKnowledgeBaseConfigurationArgs\n {\n VectorKnowledgeBaseConfiguration = new Aws.Bedrock.Inputs.AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfigurationArgs\n {\n EmbeddingModelArn = \"arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\",\n },\n Type = \"VECTOR\",\n },\n StorageConfiguration = new Aws.Bedrock.Inputs.AgentKnowledgeBaseStorageConfigurationArgs\n {\n Type = \"OPENSEARCH_SERVERLESS\",\n OpensearchServerlessConfiguration = new Aws.Bedrock.Inputs.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationArgs\n {\n CollectionArn = \"arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\",\n VectorIndexName = \"bedrock-knowledge-base-default-index\",\n FieldMapping = new Aws.Bedrock.Inputs.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMappingArgs\n {\n VectorField = \"bedrock-knowledge-base-default-vector\",\n TextField = \"AMAZON_BEDROCK_TEXT_CHUNK\",\n MetadataField = \"AMAZON_BEDROCK_METADATA\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentKnowledgeBase(ctx, \"example\", \u0026bedrock.AgentKnowledgeBaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tKnowledgeBaseConfiguration: \u0026bedrock.AgentKnowledgeBaseKnowledgeBaseConfigurationArgs{\n\t\t\t\tVectorKnowledgeBaseConfiguration: \u0026bedrock.AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfigurationArgs{\n\t\t\t\t\tEmbeddingModelArn: pulumi.String(\"arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\"),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"VECTOR\"),\n\t\t\t},\n\t\t\tStorageConfiguration: \u0026bedrock.AgentKnowledgeBaseStorageConfigurationArgs{\n\t\t\t\tType: pulumi.String(\"OPENSEARCH_SERVERLESS\"),\n\t\t\t\tOpensearchServerlessConfiguration: \u0026bedrock.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationArgs{\n\t\t\t\t\tCollectionArn: pulumi.String(\"arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\"),\n\t\t\t\t\tVectorIndexName: pulumi.String(\"bedrock-knowledge-base-default-index\"),\n\t\t\t\t\tFieldMapping: \u0026bedrock.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMappingArgs{\n\t\t\t\t\t\tVectorField: pulumi.String(\"bedrock-knowledge-base-default-vector\"),\n\t\t\t\t\t\tTextField: pulumi.String(\"AMAZON_BEDROCK_TEXT_CHUNK\"),\n\t\t\t\t\t\tMetadataField: pulumi.String(\"AMAZON_BEDROCK_METADATA\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentKnowledgeBase;\nimport com.pulumi.aws.bedrock.AgentKnowledgeBaseArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentKnowledgeBaseKnowledgeBaseConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentKnowledgeBaseStorageConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentKnowledgeBase(\"example\", AgentKnowledgeBaseArgs.builder()\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .knowledgeBaseConfiguration(AgentKnowledgeBaseKnowledgeBaseConfigurationArgs.builder()\n .vectorKnowledgeBaseConfiguration(AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfigurationArgs.builder()\n .embeddingModelArn(\"arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\")\n .build())\n .type(\"VECTOR\")\n .build())\n .storageConfiguration(AgentKnowledgeBaseStorageConfigurationArgs.builder()\n .type(\"OPENSEARCH_SERVERLESS\")\n .opensearchServerlessConfiguration(AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationArgs.builder()\n .collectionArn(\"arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\")\n .vectorIndexName(\"bedrock-knowledge-base-default-index\")\n .fieldMapping(AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMappingArgs.builder()\n .vectorField(\"bedrock-knowledge-base-default-vector\")\n .textField(\"AMAZON_BEDROCK_TEXT_CHUNK\")\n .metadataField(\"AMAZON_BEDROCK_METADATA\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentKnowledgeBase\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n knowledgeBaseConfiguration:\n vectorKnowledgeBaseConfiguration:\n embeddingModelArn: arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1\n type: VECTOR\n storageConfiguration:\n type: OPENSEARCH_SERVERLESS\n opensearchServerlessConfiguration:\n collectionArn: arn:aws:aoss:us-west-2:123456789012:collection/142bezjddq707i5stcrf\n vectorIndexName: bedrock-knowledge-base-default-index\n fieldMapping:\n vectorField: bedrock-knowledge-base-default-vector\n textField: AMAZON_BEDROCK_TEXT_CHUNK\n metadataField: AMAZON_BEDROCK_METADATA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Agents for Amazon Bedrock Knowledge Base using the knowledge base ID. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentKnowledgeBase:AgentKnowledgeBase example EMDPPAYPZI\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the knowledge base.\n" }, "createdAt": { "type": "string", "description": "Time at which the knowledge base was created.\n" }, "description": { "type": "string", "description": "Description of the knowledge base.\n" }, "failureReasons": { "type": "array", "items": { "type": "string" } }, "knowledgeBaseConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfiguration", "description": "Details about the embeddings configuration of the knowledge base. See `knowledge_base_configuration` block for details.\n" }, "name": { "type": "string", "description": "Name of the knowledge base.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the knowledge base.\n" }, "storageConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfiguration:AgentKnowledgeBaseStorageConfiguration", "description": "Details about the storage configuration of the knowledge base. See `storage_configuration` block for details.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseTimeouts:AgentKnowledgeBaseTimeouts" }, "updatedAt": { "type": "string", "description": "Time at which the knowledge base was last updated.\n" } }, "required": [ "arn", "createdAt", "failureReasons", "name", "roleArn", "tagsAll", "updatedAt" ], "inputProperties": { "description": { "type": "string", "description": "Description of the knowledge base.\n" }, "knowledgeBaseConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfiguration", "description": "Details about the embeddings configuration of the knowledge base. See `knowledge_base_configuration` block for details.\n" }, "name": { "type": "string", "description": "Name of the knowledge base.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the knowledge base.\n" }, "storageConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfiguration:AgentKnowledgeBaseStorageConfiguration", "description": "Details about the storage configuration of the knowledge base. See `storage_configuration` block for details.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseTimeouts:AgentKnowledgeBaseTimeouts" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AgentKnowledgeBase resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the knowledge base.\n" }, "createdAt": { "type": "string", "description": "Time at which the knowledge base was created.\n" }, "description": { "type": "string", "description": "Description of the knowledge base.\n" }, "failureReasons": { "type": "array", "items": { "type": "string" } }, "knowledgeBaseConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseKnowledgeBaseConfiguration:AgentKnowledgeBaseKnowledgeBaseConfiguration", "description": "Details about the embeddings configuration of the knowledge base. See `knowledge_base_configuration` block for details.\n" }, "name": { "type": "string", "description": "Name of the knowledge base.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role with permissions to invoke API operations on the knowledge base.\n" }, "storageConfiguration": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseStorageConfiguration:AgentKnowledgeBaseStorageConfiguration", "description": "Details about the storage configuration of the knowledge base. See `storage_configuration` block for details.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/AgentKnowledgeBaseTimeouts:AgentKnowledgeBaseTimeouts" }, "updatedAt": { "type": "string", "description": "Time at which the knowledge base was last updated.\n" } }, "type": "object" } }, "aws:bedrock/customModel:CustomModel": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.bedrockfoundation.getModel({\n modelId: \"amazon.titan-text-express-v1\",\n});\nconst exampleCustomModel = new aws.bedrock.CustomModel(\"example\", {\n customModelName: \"example-model\",\n jobName: \"example-job-1\",\n baseModelIdentifier: example.then(example =\u003e example.modelArn),\n roleArn: exampleAwsIamRole.arn,\n hyperparameters: {\n epochCount: \"1\",\n batchSize: \"1\",\n learningRate: \"0.005\",\n learningRateWarmupSteps: \"0\",\n },\n outputDataConfig: {\n s3Uri: `s3://${output.id}/data/`,\n },\n trainingDataConfig: {\n s3Uri: `s3://${training.id}/data/train.jsonl`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrockfoundation.get_model(model_id=\"amazon.titan-text-express-v1\")\nexample_custom_model = aws.bedrock.CustomModel(\"example\",\n custom_model_name=\"example-model\",\n job_name=\"example-job-1\",\n base_model_identifier=example.model_arn,\n role_arn=example_aws_iam_role[\"arn\"],\n hyperparameters={\n \"epochCount\": \"1\",\n \"batchSize\": \"1\",\n \"learningRate\": \"0.005\",\n \"learningRateWarmupSteps\": \"0\",\n },\n output_data_config={\n \"s3_uri\": f\"s3://{output['id']}/data/\",\n },\n training_data_config={\n \"s3_uri\": f\"s3://{training['id']}/data/train.jsonl\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.BedrockFoundation.GetModel.Invoke(new()\n {\n ModelId = \"amazon.titan-text-express-v1\",\n });\n\n var exampleCustomModel = new Aws.Bedrock.CustomModel(\"example\", new()\n {\n CustomModelName = \"example-model\",\n JobName = \"example-job-1\",\n BaseModelIdentifier = example.Apply(getModelResult =\u003e getModelResult.ModelArn),\n RoleArn = exampleAwsIamRole.Arn,\n Hyperparameters = \n {\n { \"epochCount\", \"1\" },\n { \"batchSize\", \"1\" },\n { \"learningRate\", \"0.005\" },\n { \"learningRateWarmupSteps\", \"0\" },\n },\n OutputDataConfig = new Aws.Bedrock.Inputs.CustomModelOutputDataConfigArgs\n {\n S3Uri = $\"s3://{output.Id}/data/\",\n },\n TrainingDataConfig = new Aws.Bedrock.Inputs.CustomModelTrainingDataConfigArgs\n {\n S3Uri = $\"s3://{training.Id}/data/train.jsonl\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrockfoundation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := bedrockfoundation.GetModel(ctx, \u0026bedrockfoundation.GetModelArgs{\n\t\t\tModelId: \"amazon.titan-text-express-v1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = bedrock.NewCustomModel(ctx, \"example\", \u0026bedrock.CustomModelArgs{\n\t\t\tCustomModelName: pulumi.String(\"example-model\"),\n\t\t\tJobName: pulumi.String(\"example-job-1\"),\n\t\t\tBaseModelIdentifier: pulumi.String(example.ModelArn),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHyperparameters: pulumi.StringMap{\n\t\t\t\t\"epochCount\": pulumi.String(\"1\"),\n\t\t\t\t\"batchSize\": pulumi.String(\"1\"),\n\t\t\t\t\"learningRate\": pulumi.String(\"0.005\"),\n\t\t\t\t\"learningRateWarmupSteps\": pulumi.String(\"0\"),\n\t\t\t},\n\t\t\tOutputDataConfig: \u0026bedrock.CustomModelOutputDataConfigArgs{\n\t\t\t\tS3Uri: pulumi.String(fmt.Sprintf(\"s3://%v/data/\", output.Id)),\n\t\t\t},\n\t\t\tTrainingDataConfig: \u0026bedrock.CustomModelTrainingDataConfigArgs{\n\t\t\t\tS3Uri: pulumi.String(fmt.Sprintf(\"s3://%v/data/train.jsonl\", training.Id)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrockfoundation.BedrockfoundationFunctions;\nimport com.pulumi.aws.bedrockfoundation.inputs.GetModelArgs;\nimport com.pulumi.aws.bedrock.CustomModel;\nimport com.pulumi.aws.bedrock.CustomModelArgs;\nimport com.pulumi.aws.bedrock.inputs.CustomModelOutputDataConfigArgs;\nimport com.pulumi.aws.bedrock.inputs.CustomModelTrainingDataConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BedrockfoundationFunctions.getModel(GetModelArgs.builder()\n .modelId(\"amazon.titan-text-express-v1\")\n .build());\n\n var exampleCustomModel = new CustomModel(\"exampleCustomModel\", CustomModelArgs.builder()\n .customModelName(\"example-model\")\n .jobName(\"example-job-1\")\n .baseModelIdentifier(example.applyValue(getModelResult -\u003e getModelResult.modelArn()))\n .roleArn(exampleAwsIamRole.arn())\n .hyperparameters(Map.ofEntries(\n Map.entry(\"epochCount\", \"1\"),\n Map.entry(\"batchSize\", \"1\"),\n Map.entry(\"learningRate\", \"0.005\"),\n Map.entry(\"learningRateWarmupSteps\", \"0\")\n ))\n .outputDataConfig(CustomModelOutputDataConfigArgs.builder()\n .s3Uri(String.format(\"s3://%s/data/\", output.id()))\n .build())\n .trainingDataConfig(CustomModelTrainingDataConfigArgs.builder()\n .s3Uri(String.format(\"s3://%s/data/train.jsonl\", training.id()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCustomModel:\n type: aws:bedrock:CustomModel\n name: example\n properties:\n customModelName: example-model\n jobName: example-job-1\n baseModelIdentifier: ${example.modelArn}\n roleArn: ${exampleAwsIamRole.arn}\n hyperparameters:\n epochCount: '1'\n batchSize: '1'\n learningRate: '0.005'\n learningRateWarmupSteps: '0'\n outputDataConfig:\n s3Uri: s3://${output.id}/data/\n trainingDataConfig:\n s3Uri: s3://${training.id}/data/train.jsonl\nvariables:\n example:\n fn::invoke:\n Function: aws:bedrockfoundation:getModel\n Arguments:\n modelId: amazon.titan-text-express-v1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock custom model using the `job_arn`. For example:\n\n```sh\n$ pulumi import aws:bedrock/customModel:CustomModel example arn:aws:bedrock:us-west-2:123456789012:model-customization-job/amazon.titan-text-express-v1:0:8k/1y5n57gh5y2e\n```\n", "properties": { "baseModelIdentifier": { "type": "string", "description": "The Amazon Resource Name (ARN) of the base model.\n" }, "customModelArn": { "type": "string", "description": "The ARN of the output model.\n" }, "customModelKmsKeyId": { "type": "string", "description": "The custom model is encrypted at rest using this key. Specify the key ARN.\n" }, "customModelName": { "type": "string", "description": "Name for the custom model.\n" }, "customizationType": { "type": "string", "description": "The customization type. Valid values: `FINE_TUNING`, `CONTINUED_PRE_TRAINING`.\n" }, "hyperparameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Parameters](https://docs.aws.amazon.com/bedrock/latest/userguide/custom-models-hp.html) related to tuning the model.\n" }, "jobArn": { "type": "string", "description": "The ARN of the customization job.\n" }, "jobName": { "type": "string", "description": "A name for the customization job.\n" }, "jobStatus": { "type": "string", "description": "The status of the customization job. A successful job transitions from `InProgress` to `Completed` when the output model is ready to use.\n" }, "outputDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelOutputDataConfig:CustomModelOutputDataConfig", "description": "S3 location for the output data.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Bedrock can assume to perform tasks on your behalf.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the customization job and custom model. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/CustomModelTimeouts:CustomModelTimeouts" }, "trainingDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelTrainingDataConfig:CustomModelTrainingDataConfig", "description": "Information about the training dataset.\n" }, "trainingMetrics": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/CustomModelTrainingMetric:CustomModelTrainingMetric" }, "description": "Metrics associated with the customization job.\n" }, "validationDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelValidationDataConfig:CustomModelValidationDataConfig", "description": "Information about the validation dataset.\n" }, "validationMetrics": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/CustomModelValidationMetric:CustomModelValidationMetric" }, "description": "The loss metric for each validator that you provided.\n" }, "vpcConfig": { "$ref": "#/types/aws:bedrock/CustomModelVpcConfig:CustomModelVpcConfig", "description": "Configuration parameters for the private Virtual Private Cloud (VPC) that contains the resources you are using for this job.\n" } }, "required": [ "baseModelIdentifier", "customModelArn", "customModelName", "customizationType", "hyperparameters", "jobArn", "jobName", "jobStatus", "roleArn", "tagsAll", "trainingMetrics", "validationMetrics" ], "inputProperties": { "baseModelIdentifier": { "type": "string", "description": "The Amazon Resource Name (ARN) of the base model.\n" }, "customModelKmsKeyId": { "type": "string", "description": "The custom model is encrypted at rest using this key. Specify the key ARN.\n" }, "customModelName": { "type": "string", "description": "Name for the custom model.\n" }, "customizationType": { "type": "string", "description": "The customization type. Valid values: `FINE_TUNING`, `CONTINUED_PRE_TRAINING`.\n" }, "hyperparameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Parameters](https://docs.aws.amazon.com/bedrock/latest/userguide/custom-models-hp.html) related to tuning the model.\n" }, "jobName": { "type": "string", "description": "A name for the customization job.\n" }, "outputDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelOutputDataConfig:CustomModelOutputDataConfig", "description": "S3 location for the output data.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Bedrock can assume to perform tasks on your behalf.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the customization job and custom model. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/CustomModelTimeouts:CustomModelTimeouts" }, "trainingDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelTrainingDataConfig:CustomModelTrainingDataConfig", "description": "Information about the training dataset.\n" }, "validationDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelValidationDataConfig:CustomModelValidationDataConfig", "description": "Information about the validation dataset.\n" }, "vpcConfig": { "$ref": "#/types/aws:bedrock/CustomModelVpcConfig:CustomModelVpcConfig", "description": "Configuration parameters for the private Virtual Private Cloud (VPC) that contains the resources you are using for this job.\n" } }, "requiredInputs": [ "baseModelIdentifier", "customModelName", "hyperparameters", "jobName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomModel resources.\n", "properties": { "baseModelIdentifier": { "type": "string", "description": "The Amazon Resource Name (ARN) of the base model.\n" }, "customModelArn": { "type": "string", "description": "The ARN of the output model.\n" }, "customModelKmsKeyId": { "type": "string", "description": "The custom model is encrypted at rest using this key. Specify the key ARN.\n" }, "customModelName": { "type": "string", "description": "Name for the custom model.\n" }, "customizationType": { "type": "string", "description": "The customization type. Valid values: `FINE_TUNING`, `CONTINUED_PRE_TRAINING`.\n" }, "hyperparameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Parameters](https://docs.aws.amazon.com/bedrock/latest/userguide/custom-models-hp.html) related to tuning the model.\n" }, "jobArn": { "type": "string", "description": "The ARN of the customization job.\n" }, "jobName": { "type": "string", "description": "A name for the customization job.\n" }, "jobStatus": { "type": "string", "description": "The status of the customization job. A successful job transitions from `InProgress` to `Completed` when the output model is ready to use.\n" }, "outputDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelOutputDataConfig:CustomModelOutputDataConfig", "description": "S3 location for the output data.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Bedrock can assume to perform tasks on your behalf.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the customization job and custom model. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/CustomModelTimeouts:CustomModelTimeouts" }, "trainingDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelTrainingDataConfig:CustomModelTrainingDataConfig", "description": "Information about the training dataset.\n" }, "trainingMetrics": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/CustomModelTrainingMetric:CustomModelTrainingMetric" }, "description": "Metrics associated with the customization job.\n" }, "validationDataConfig": { "$ref": "#/types/aws:bedrock/CustomModelValidationDataConfig:CustomModelValidationDataConfig", "description": "Information about the validation dataset.\n" }, "validationMetrics": { "type": "array", "items": { "$ref": "#/types/aws:bedrock/CustomModelValidationMetric:CustomModelValidationMetric" }, "description": "The loss metric for each validator that you provided.\n" }, "vpcConfig": { "$ref": "#/types/aws:bedrock/CustomModelVpcConfig:CustomModelVpcConfig", "description": "Configuration parameters for the private Virtual Private Cloud (VPC) that contains the resources you are using for this job.\n" } }, "type": "object" } }, "aws:bedrock/provisionedModelThroughput:ProvisionedModelThroughput": { "description": "Manages [Provisioned Throughput](https://docs.aws.amazon.com/bedrock/latest/userguide/prov-throughput.html) for an Amazon Bedrock model.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.ProvisionedModelThroughput(\"example\", {\n provisionedModelName: \"example-model\",\n modelArn: \"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\",\n commitmentDuration: \"SixMonths\",\n modelUnits: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.ProvisionedModelThroughput(\"example\",\n provisioned_model_name=\"example-model\",\n model_arn=\"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\",\n commitment_duration=\"SixMonths\",\n model_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.ProvisionedModelThroughput(\"example\", new()\n {\n ProvisionedModelName = \"example-model\",\n ModelArn = \"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\",\n CommitmentDuration = \"SixMonths\",\n ModelUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewProvisionedModelThroughput(ctx, \"example\", \u0026bedrock.ProvisionedModelThroughputArgs{\n\t\t\tProvisionedModelName: pulumi.String(\"example-model\"),\n\t\t\tModelArn: pulumi.String(\"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\"),\n\t\t\tCommitmentDuration: pulumi.String(\"SixMonths\"),\n\t\t\tModelUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.ProvisionedModelThroughput;\nimport com.pulumi.aws.bedrock.ProvisionedModelThroughputArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProvisionedModelThroughput(\"example\", ProvisionedModelThroughputArgs.builder()\n .provisionedModelName(\"example-model\")\n .modelArn(\"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\")\n .commitmentDuration(\"SixMonths\")\n .modelUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:ProvisionedModelThroughput\n properties:\n provisionedModelName: example-model\n modelArn: arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2\n commitmentDuration: SixMonths\n modelUnits: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Provisioned Throughput using the `provisioned_model_arn`. For example:\n\n```sh\n$ pulumi import aws:bedrock/provisionedModelThroughput:ProvisionedModelThroughput example arn:aws:bedrock:us-west-2:123456789012:provisioned-model/1y5n57gh5y2e\n```\n", "properties": { "commitmentDuration": { "type": "string", "description": "Commitment duration requested for the Provisioned Throughput. For custom models, you can purchase on-demand Provisioned Throughput by omitting this argument. Valid values: `OneMonth`, `SixMonths`.\n" }, "modelArn": { "type": "string", "description": "ARN of the model to associate with this Provisioned Throughput.\n" }, "modelUnits": { "type": "integer", "description": "Number of model units to allocate. A model unit delivers a specific throughput level for the specified model.\n" }, "provisionedModelArn": { "type": "string", "description": "The ARN of the Provisioned Throughput.\n" }, "provisionedModelName": { "type": "string", "description": "Unique name for this Provisioned Throughput.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/ProvisionedModelThroughputTimeouts:ProvisionedModelThroughputTimeouts" } }, "required": [ "modelArn", "modelUnits", "provisionedModelArn", "provisionedModelName", "tagsAll" ], "inputProperties": { "commitmentDuration": { "type": "string", "description": "Commitment duration requested for the Provisioned Throughput. For custom models, you can purchase on-demand Provisioned Throughput by omitting this argument. Valid values: `OneMonth`, `SixMonths`.\n" }, "modelArn": { "type": "string", "description": "ARN of the model to associate with this Provisioned Throughput.\n" }, "modelUnits": { "type": "integer", "description": "Number of model units to allocate. A model unit delivers a specific throughput level for the specified model.\n" }, "provisionedModelName": { "type": "string", "description": "Unique name for this Provisioned Throughput.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:bedrock/ProvisionedModelThroughputTimeouts:ProvisionedModelThroughputTimeouts" } }, "requiredInputs": [ "modelArn", "modelUnits", "provisionedModelName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProvisionedModelThroughput resources.\n", "properties": { "commitmentDuration": { "type": "string", "description": "Commitment duration requested for the Provisioned Throughput. For custom models, you can purchase on-demand Provisioned Throughput by omitting this argument. Valid values: `OneMonth`, `SixMonths`.\n" }, "modelArn": { "type": "string", "description": "ARN of the model to associate with this Provisioned Throughput.\n" }, "modelUnits": { "type": "integer", "description": "Number of model units to allocate. A model unit delivers a specific throughput level for the specified model.\n" }, "provisionedModelArn": { "type": "string", "description": "The ARN of the Provisioned Throughput.\n" }, "provisionedModelName": { "type": "string", "description": "Unique name for this Provisioned Throughput.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:bedrock/ProvisionedModelThroughputTimeouts:ProvisionedModelThroughputTimeouts" } }, "type": "object" } }, "aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration": { "description": "Manages Bedrock model invocation logging configuration.\n\n\u003e Model invocation logging is configured per AWS region. To avoid overwriting settings, this resource should not be defined in multiple configurations.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfiguration;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(example.bucket())\n .policy(example.arn().applyValue(arn -\u003e \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"%s/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"%s\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:%s:*\"\n }\n }\n }\n ]\n}\n\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .build());\n\n var exampleInvocationLoggingConfiguration = new InvocationLoggingConfiguration(\"exampleInvocationLoggingConfiguration\", InvocationLoggingConfigurationArgs.builder()\n .loggingConfig(InvocationLoggingConfigurationLoggingConfigArgs.builder()\n .embeddingDataDeliveryEnabled(true)\n .imageDataDeliveryEnabled(true)\n .textDataDeliveryEnabled(true)\n .s3Config(InvocationLoggingConfigurationLoggingConfigS3ConfigArgs.builder()\n .bucketName(example.id())\n .keyPrefix(\"bedrock\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.bucket}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"${example.arn}/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"${current.accountId}\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:${current.accountId}:*\"\n }\n }\n }\n ]\n }\n exampleInvocationLoggingConfiguration:\n type: aws:bedrockmodel:InvocationLoggingConfiguration\n name: example\n properties:\n loggingConfig:\n - embeddingDataDeliveryEnabled: true\n imageDataDeliveryEnabled: true\n textDataDeliveryEnabled: true\n s3Config:\n - bucketName: ${example.id}\n keyPrefix: bedrock\n options:\n dependson:\n - ${exampleBucketPolicy}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock custom model using the `id` set to the AWS Region. For example:\n\n```sh\n$ pulumi import aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration my_config us-east-1\n```\n", "properties": { "loggingConfig": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfig:InvocationLoggingConfigurationLoggingConfig", "description": "The logging configuration values to set.\n" } }, "inputProperties": { "loggingConfig": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfig:InvocationLoggingConfigurationLoggingConfig", "description": "The logging configuration values to set.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InvocationLoggingConfiguration resources.\n", "properties": { "loggingConfig": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfig:InvocationLoggingConfigurationLoggingConfig", "description": "The logging configuration values to set.\n" } }, "type": "object" } }, "aws:budgets/budget:Budget": { "description": "Provides a budgets budget resource. Budgets use the cost visualization provided by Cost Explorer to show you the status of your budgets, to provide forecasts of your estimated costs, and to track your AWS usage, including your free tier usage.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.budgets.Budget(\"ec2\", {\n name: \"budget-ec2-monthly\",\n budgetType: \"COST\",\n limitAmount: \"1200\",\n limitUnit: \"USD\",\n timePeriodEnd: \"2087-06-15_00:00\",\n timePeriodStart: \"2017-07-01_00:00\",\n timeUnit: \"MONTHLY\",\n costFilters: [{\n name: \"Service\",\n values: [\"Amazon Elastic Compute Cloud - Compute\"],\n }],\n notifications: [{\n comparisonOperator: \"GREATER_THAN\",\n threshold: 100,\n thresholdType: \"PERCENTAGE\",\n notificationType: \"FORECASTED\",\n subscriberEmailAddresses: [\"test@example.com\"],\n }],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.budgets.Budget(\"ec2\",\n name=\"budget-ec2-monthly\",\n budget_type=\"COST\",\n limit_amount=\"1200\",\n limit_unit=\"USD\",\n time_period_end=\"2087-06-15_00:00\",\n time_period_start=\"2017-07-01_00:00\",\n time_unit=\"MONTHLY\",\n cost_filters=[{\n \"name\": \"Service\",\n \"values\": [\"Amazon Elastic Compute Cloud - Compute\"],\n }],\n notifications=[{\n \"comparison_operator\": \"GREATER_THAN\",\n \"threshold\": 100,\n \"threshold_type\": \"PERCENTAGE\",\n \"notification_type\": \"FORECASTED\",\n \"subscriber_email_addresses\": [\"test@example.com\"],\n }],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2 = new Aws.Budgets.Budget(\"ec2\", new()\n {\n Name = \"budget-ec2-monthly\",\n BudgetType = \"COST\",\n LimitAmount = \"1200\",\n LimitUnit = \"USD\",\n TimePeriodEnd = \"2087-06-15_00:00\",\n TimePeriodStart = \"2017-07-01_00:00\",\n TimeUnit = \"MONTHLY\",\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"Service\",\n Values = new[]\n {\n \"Amazon Elastic Compute Cloud - Compute\",\n },\n },\n },\n Notifications = new[]\n {\n new Aws.Budgets.Inputs.BudgetNotificationArgs\n {\n ComparisonOperator = \"GREATER_THAN\",\n Threshold = 100,\n ThresholdType = \"PERCENTAGE\",\n NotificationType = \"FORECASTED\",\n SubscriberEmailAddresses = new[]\n {\n \"test@example.com\",\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"ec2\", \u0026budgets.BudgetArgs{\n\t\t\tName: pulumi.String(\"budget-ec2-monthly\"),\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tLimitAmount: pulumi.String(\"1200\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t\tTimePeriodEnd: pulumi.String(\"2087-06-15_00:00\"),\n\t\t\tTimePeriodStart: pulumi.String(\"2017-07-01_00:00\"),\n\t\t\tTimeUnit: pulumi.String(\"MONTHLY\"),\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"Service\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Amazon Elastic Compute Cloud - Compute\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNotifications: budgets.BudgetNotificationArray{\n\t\t\t\t\u0026budgets.BudgetNotificationArgs{\n\t\t\t\t\tComparisonOperator: pulumi.String(\"GREATER_THAN\"),\n\t\t\t\t\tThreshold: pulumi.Float64(100),\n\t\t\t\t\tThresholdType: pulumi.String(\"PERCENTAGE\"),\n\t\t\t\t\tNotificationType: pulumi.String(\"FORECASTED\"),\n\t\t\t\t\tSubscriberEmailAddresses: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@example.com\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec2 = new Budget(\"ec2\", BudgetArgs.builder()\n .name(\"budget-ec2-monthly\")\n .budgetType(\"COST\")\n .limitAmount(\"1200\")\n .limitUnit(\"USD\")\n .timePeriodEnd(\"2087-06-15_00:00\")\n .timePeriodStart(\"2017-07-01_00:00\")\n .timeUnit(\"MONTHLY\")\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"Service\")\n .values(\"Amazon Elastic Compute Cloud - Compute\")\n .build())\n .notifications(BudgetNotificationArgs.builder()\n .comparisonOperator(\"GREATER_THAN\")\n .threshold(100)\n .thresholdType(\"PERCENTAGE\")\n .notificationType(\"FORECASTED\")\n .subscriberEmailAddresses(\"test@example.com\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec2:\n type: aws:budgets:Budget\n properties:\n name: budget-ec2-monthly\n budgetType: COST\n limitAmount: '1200'\n limitUnit: USD\n timePeriodEnd: 2087-06-15_00:00\n timePeriodStart: 2017-07-01_00:00\n timeUnit: MONTHLY\n costFilters:\n - name: Service\n values:\n - Amazon Elastic Compute Cloud - Compute\n notifications:\n - comparisonOperator: GREATER_THAN\n threshold: 100\n thresholdType: PERCENTAGE\n notificationType: FORECASTED\n subscriberEmailAddresses:\n - test@example.com\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget for *$100*.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {\n budgetType: \"COST\",\n limitAmount: \"100\",\n limitUnit: \"USD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\",\n budget_type=\"COST\",\n limit_amount=\"100\",\n limit_unit=\"USD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n BudgetType = \"COST\",\n LimitAmount = \"100\",\n LimitUnit = \"USD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tLimitAmount: pulumi.String(\"100\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .budgetType(\"COST\")\n .limitAmount(\"100\")\n .limitUnit(\"USD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n budgetType: COST\n limitAmount: '100'\n limitUnit: USD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget with planned budget limits.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {plannedLimits: [\n {\n startTime: \"2017-07-01_00:00\",\n amount: \"100\",\n unit: \"USD\",\n },\n {\n startTime: \"2017-08-01_00:00\",\n amount: \"200\",\n unit: \"USD\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", planned_limits=[\n {\n \"start_time\": \"2017-07-01_00:00\",\n \"amount\": \"100\",\n \"unit\": \"USD\",\n },\n {\n \"start_time\": \"2017-08-01_00:00\",\n \"amount\": \"200\",\n \"unit\": \"USD\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n PlannedLimits = new[]\n {\n new Aws.Budgets.Inputs.BudgetPlannedLimitArgs\n {\n StartTime = \"2017-07-01_00:00\",\n Amount = \"100\",\n Unit = \"USD\",\n },\n new Aws.Budgets.Inputs.BudgetPlannedLimitArgs\n {\n StartTime = \"2017-08-01_00:00\",\n Amount = \"200\",\n Unit = \"USD\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tPlannedLimits: budgets.BudgetPlannedLimitArray{\n\t\t\t\t\u0026budgets.BudgetPlannedLimitArgs{\n\t\t\t\t\tStartTime: pulumi.String(\"2017-07-01_00:00\"),\n\t\t\t\t\tAmount: pulumi.String(\"100\"),\n\t\t\t\t\tUnit: pulumi.String(\"USD\"),\n\t\t\t\t},\n\t\t\t\t\u0026budgets.BudgetPlannedLimitArgs{\n\t\t\t\t\tStartTime: pulumi.String(\"2017-08-01_00:00\"),\n\t\t\t\t\tAmount: pulumi.String(\"200\"),\n\t\t\t\t\tUnit: pulumi.String(\"USD\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetPlannedLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .plannedLimits( \n BudgetPlannedLimitArgs.builder()\n .startTime(\"2017-07-01_00:00\")\n .amount(\"100\")\n .unit(\"USD\")\n .build(),\n BudgetPlannedLimitArgs.builder()\n .startTime(\"2017-08-01_00:00\")\n .amount(\"200\")\n .unit(\"USD\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n plannedLimits:\n - startTime: 2017-07-01_00:00\n amount: '100'\n unit: USD\n - startTime: 2017-08-01_00:00\n amount: '200'\n unit: USD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget for s3 with a limit of *3 GB* of storage.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.budgets.Budget(\"s3\", {\n budgetType: \"USAGE\",\n limitAmount: \"3\",\n limitUnit: \"GB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.budgets.Budget(\"s3\",\n budget_type=\"USAGE\",\n limit_amount=\"3\",\n limit_unit=\"GB\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = new Aws.Budgets.Budget(\"s3\", new()\n {\n BudgetType = \"USAGE\",\n LimitAmount = \"3\",\n LimitUnit = \"GB\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"s3\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"USAGE\"),\n\t\t\tLimitAmount: pulumi.String(\"3\"),\n\t\t\tLimitUnit: pulumi.String(\"GB\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new Budget(\"s3\", BudgetArgs.builder()\n .budgetType(\"USAGE\")\n .limitAmount(\"3\")\n .limitUnit(\"GB\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:budgets:Budget\n properties:\n budgetType: USAGE\n limitAmount: '3'\n limitUnit: GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a Savings Plan Utilization Budget\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst savingsPlanUtilization = new aws.budgets.Budget(\"savings_plan_utilization\", {\n budgetType: \"SAVINGS_PLANS_UTILIZATION\",\n limitAmount: \"100.0\",\n limitUnit: \"PERCENTAGE\",\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsavings_plan_utilization = aws.budgets.Budget(\"savings_plan_utilization\",\n budget_type=\"SAVINGS_PLANS_UTILIZATION\",\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\",\n cost_types={\n \"include_credit\": False,\n \"include_discount\": False,\n \"include_other_subscription\": False,\n \"include_recurring\": False,\n \"include_refund\": False,\n \"include_subscription\": True,\n \"include_support\": False,\n \"include_tax\": False,\n \"include_upfront\": False,\n \"use_blended\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var savingsPlanUtilization = new Aws.Budgets.Budget(\"savings_plan_utilization\", new()\n {\n BudgetType = \"SAVINGS_PLANS_UTILIZATION\",\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"savings_plan_utilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"SAVINGS_PLANS_UTILIZATION\"),\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var savingsPlanUtilization = new Budget(\"savingsPlanUtilization\", BudgetArgs.builder()\n .budgetType(\"SAVINGS_PLANS_UTILIZATION\")\n .limitAmount(\"100.0\")\n .limitUnit(\"PERCENTAGE\")\n .costTypes(BudgetCostTypesArgs.builder()\n .includeCredit(false)\n .includeDiscount(false)\n .includeOtherSubscription(false)\n .includeRecurring(false)\n .includeRefund(false)\n .includeSubscription(true)\n .includeSupport(false)\n .includeTax(false)\n .includeUpfront(false)\n .useBlended(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n savingsPlanUtilization:\n type: aws:budgets:Budget\n name: savings_plan_utilization\n properties:\n budgetType: SAVINGS_PLANS_UTILIZATION\n limitAmount: '100.0'\n limitUnit: PERCENTAGE\n costTypes:\n includeCredit: false\n includeDiscount: false\n includeOtherSubscription: false\n includeRecurring: false\n includeRefund: false\n includeSubscription: true\n includeSupport: false\n includeTax: false\n includeUpfront: false\n useBlended: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a RI Utilization Budget\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst riUtilization = new aws.budgets.Budget(\"ri_utilization\", {\n budgetType: \"RI_UTILIZATION\",\n limitAmount: \"100.0\",\n limitUnit: \"PERCENTAGE\",\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n costFilters: [{\n name: \"Service\",\n values: [\"Amazon Relational Database Service\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nri_utilization = aws.budgets.Budget(\"ri_utilization\",\n budget_type=\"RI_UTILIZATION\",\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\",\n cost_types={\n \"include_credit\": False,\n \"include_discount\": False,\n \"include_other_subscription\": False,\n \"include_recurring\": False,\n \"include_refund\": False,\n \"include_subscription\": True,\n \"include_support\": False,\n \"include_tax\": False,\n \"include_upfront\": False,\n \"use_blended\": False,\n },\n cost_filters=[{\n \"name\": \"Service\",\n \"values\": [\"Amazon Relational Database Service\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var riUtilization = new Aws.Budgets.Budget(\"ri_utilization\", new()\n {\n BudgetType = \"RI_UTILIZATION\",\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"Service\",\n Values = new[]\n {\n \"Amazon Relational Database Service\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"ri_utilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"RI_UTILIZATION\"),\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"Service\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Amazon Relational Database Service\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostTypesArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var riUtilization = new Budget(\"riUtilization\", BudgetArgs.builder()\n .budgetType(\"RI_UTILIZATION\")\n .limitAmount(\"100.0\")\n .limitUnit(\"PERCENTAGE\")\n .costTypes(BudgetCostTypesArgs.builder()\n .includeCredit(false)\n .includeDiscount(false)\n .includeOtherSubscription(false)\n .includeRecurring(false)\n .includeRefund(false)\n .includeSubscription(true)\n .includeSupport(false)\n .includeTax(false)\n .includeUpfront(false)\n .useBlended(false)\n .build())\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"Service\")\n .values(\"Amazon Relational Database Service\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n riUtilization:\n type: aws:budgets:Budget\n name: ri_utilization\n properties:\n budgetType: RI_UTILIZATION\n limitAmount: '100.0'\n limitUnit: PERCENTAGE\n costTypes:\n includeCredit: false\n includeDiscount: false\n includeOtherSubscription: false\n includeRecurring: false\n includeRefund: false\n includeSubscription: true\n includeSupport: false\n includeTax: false\n includeUpfront: false\n useBlended: false\n costFilters:\n - name: Service\n values:\n - Amazon Relational Database Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a Cost Filter using Resource Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {costFilters: [{\n name: \"TagKeyValue\",\n values: [\"TagKey$TagValue\"],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", cost_filters=[{\n \"name\": \"TagKeyValue\",\n \"values\": [\"TagKey$TagValue\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"TagKeyValue\",\n Values = new[]\n {\n \"TagKey$TagValue\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"TagKeyValue\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"TagKey$TagValue\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"TagKeyValue\")\n .values(\"TagKey$TagValue\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n costFilters:\n - name: TagKeyValue\n values:\n - TagKey$TagValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a cost_filter using resource tags, obtaining the tag value from a variable\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {costFilters: [{\n name: \"TagKeyValue\",\n values: [`TagKey${\"$\"}${tagValue}`],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", cost_filters=[{\n \"name\": \"TagKeyValue\",\n \"values\": [f\"TagKey{'$'}{tag_value}\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"TagKeyValue\",\n Values = new[]\n {\n $\"TagKey{\"$\"}{tagValue}\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"TagKeyValue\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"TagKey%v%v\", \"$\", tagValue)),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"TagKeyValue\")\n .values(String.format(\"TagKey%s%s\", \"$\",tagValue))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n costFilters:\n - name: TagKeyValue\n values:\n - TagKey$${tagValue}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import budgets using `AccountID:BudgetName`. For example:\n\n```sh\n$ pulumi import aws:budgets/budget:Budget myBudget 123456789012:myBudget\n```\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "arn": { "type": "string", "description": "The ARN of the budget.\n" }, "autoAdjustData": { "$ref": "#/types/aws:budgets/BudgetAutoAdjustData:BudgetAutoAdjustData", "description": "Object containing AutoAdjustData which determines the budget amount for an auto-adjusting budget.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetCostFilter:BudgetCostFilter" }, "description": "A list of CostFilter name/values pair to apply to budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions.\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n" }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n" }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification.\n" }, "plannedLimits": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetPlannedLimit:BudgetPlannedLimit" }, "description": "Object containing Planned Budget Limits. Can be used multiple times to plan more than one budget limit. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. If you don't specify a start date, AWS defaults to the start of your chosen time period. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`, and `DAILY`.\n\nThe following arguments are optional:\n" } }, "required": [ "accountId", "arn", "budgetType", "costFilters", "costTypes", "limitAmount", "limitUnit", "name", "namePrefix", "tagsAll", "timePeriodStart", "timeUnit" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n", "willReplaceOnChanges": true }, "autoAdjustData": { "$ref": "#/types/aws:budgets/BudgetAutoAdjustData:BudgetAutoAdjustData", "description": "Object containing AutoAdjustData which determines the budget amount for an auto-adjusting budget.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetCostFilter:BudgetCostFilter" }, "description": "A list of CostFilter name/values pair to apply to budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions.\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n", "willReplaceOnChanges": true }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification.\n" }, "plannedLimits": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetPlannedLimit:BudgetPlannedLimit" }, "description": "Object containing Planned Budget Limits. Can be used multiple times to plan more than one budget limit. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. If you don't specify a start date, AWS defaults to the start of your chosen time period. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`, and `DAILY`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "budgetType", "timeUnit" ], "stateInputs": { "description": "Input properties used for looking up and filtering Budget resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The ARN of the budget.\n" }, "autoAdjustData": { "$ref": "#/types/aws:budgets/BudgetAutoAdjustData:BudgetAutoAdjustData", "description": "Object containing AutoAdjustData which determines the budget amount for an auto-adjusting budget.\n" }, "budgetType": { "type": "string", "description": "Whether this budget tracks monetary cost or usage.\n" }, "costFilters": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetCostFilter:BudgetCostFilter" }, "description": "A list of CostFilter name/values pair to apply to budget.\n" }, "costTypes": { "$ref": "#/types/aws:budgets/BudgetCostTypes:BudgetCostTypes", "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions.\n" }, "limitAmount": { "type": "string", "description": "The amount of cost or usage being measured for a budget.\n" }, "limitUnit": { "type": "string", "description": "The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n", "willReplaceOnChanges": true }, "notifications": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetNotification:BudgetNotification" }, "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification.\n" }, "plannedLimits": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetPlannedLimit:BudgetPlannedLimit" }, "description": "Object containing Planned Budget Limits. Can be used multiple times to plan more than one budget limit. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timePeriodEnd": { "type": "string", "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n" }, "timePeriodStart": { "type": "string", "description": "The start of the time period covered by the budget. If you don't specify a start date, AWS defaults to the start of your chosen time period. The start date must come before the end date. Format: `2017-01-01_12:00`.\n" }, "timeUnit": { "type": "string", "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`, and `DAILY`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:budgets/budgetAction:BudgetAction": { "description": "Provides a budget action resource. Budget actions are cost savings controls that run either automatically on your behalf or by using a workflow approval process.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"ec2:Describe*\"],\n resources: [\"*\"],\n }],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"example\",\n description: \"My example policy\",\n policy: example.then(example =\u003e example.json),\n});\nconst current = aws.getPartition({});\nconst assumeRole = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [`budgets.${current.dnsSuffix}`],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n}));\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleBudget = new aws.budgets.Budget(\"example\", {\n name: \"example\",\n budgetType: \"USAGE\",\n limitAmount: \"10.0\",\n limitUnit: \"dollars\",\n timePeriodStart: \"2006-01-02_15:04\",\n timeUnit: \"MONTHLY\",\n});\nconst exampleBudgetAction = new aws.budgets.BudgetAction(\"example\", {\n budgetName: exampleBudget.name,\n actionType: \"APPLY_IAM_POLICY\",\n approvalModel: \"AUTOMATIC\",\n notificationType: \"ACTUAL\",\n executionRoleArn: exampleRole.arn,\n actionThreshold: {\n actionThresholdType: \"ABSOLUTE_VALUE\",\n actionThresholdValue: 100,\n },\n definition: {\n iamActionDefinition: {\n policyArn: examplePolicy.arn,\n roles: [exampleRole.name],\n },\n },\n subscribers: [{\n address: \"example@example.example\",\n subscriptionType: \"EMAIL\",\n }],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:Describe*\"],\n \"resources\": [\"*\"],\n}])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"example\",\n description=\"My example policy\",\n policy=example.json)\ncurrent = aws.get_partition()\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [f\"budgets.{current.dns_suffix}\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=assume_role.json)\nexample_budget = aws.budgets.Budget(\"example\",\n name=\"example\",\n budget_type=\"USAGE\",\n limit_amount=\"10.0\",\n limit_unit=\"dollars\",\n time_period_start=\"2006-01-02_15:04\",\n time_unit=\"MONTHLY\")\nexample_budget_action = aws.budgets.BudgetAction(\"example\",\n budget_name=example_budget.name,\n action_type=\"APPLY_IAM_POLICY\",\n approval_model=\"AUTOMATIC\",\n notification_type=\"ACTUAL\",\n execution_role_arn=example_role.arn,\n action_threshold={\n \"action_threshold_type\": \"ABSOLUTE_VALUE\",\n \"action_threshold_value\": 100,\n },\n definition={\n \"iam_action_definition\": {\n \"policy_arn\": example_policy.arn,\n \"roles\": [example_role.name],\n },\n },\n subscribers=[{\n \"address\": \"example@example.example\",\n \"subscription_type\": \"EMAIL\",\n }],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:Describe*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"example\",\n Description = \"My example policy\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n $\"budgets.{current.Apply(getPartitionResult =\u003e getPartitionResult.DnsSuffix)}\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleBudget = new Aws.Budgets.Budget(\"example\", new()\n {\n Name = \"example\",\n BudgetType = \"USAGE\",\n LimitAmount = \"10.0\",\n LimitUnit = \"dollars\",\n TimePeriodStart = \"2006-01-02_15:04\",\n TimeUnit = \"MONTHLY\",\n });\n\n var exampleBudgetAction = new Aws.Budgets.BudgetAction(\"example\", new()\n {\n BudgetName = exampleBudget.Name,\n ActionType = \"APPLY_IAM_POLICY\",\n ApprovalModel = \"AUTOMATIC\",\n NotificationType = \"ACTUAL\",\n ExecutionRoleArn = exampleRole.Arn,\n ActionThreshold = new Aws.Budgets.Inputs.BudgetActionActionThresholdArgs\n {\n ActionThresholdType = \"ABSOLUTE_VALUE\",\n ActionThresholdValue = 100,\n },\n Definition = new Aws.Budgets.Inputs.BudgetActionDefinitionArgs\n {\n IamActionDefinition = new Aws.Budgets.Inputs.BudgetActionDefinitionIamActionDefinitionArgs\n {\n PolicyArn = examplePolicy.Arn,\n Roles = new[]\n {\n exampleRole.Name,\n },\n },\n },\n Subscribers = new[]\n {\n new Aws.Budgets.Inputs.BudgetActionSubscriberArgs\n {\n Address = \"example@example.example\",\n SubscriptionType = \"EMAIL\",\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"My example policy\"),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"budgets.%v\", current.DnsSuffix),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBudget, err := budgets.NewBudget(ctx, \"example\", \u0026budgets.BudgetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tBudgetType: pulumi.String(\"USAGE\"),\n\t\t\tLimitAmount: pulumi.String(\"10.0\"),\n\t\t\tLimitUnit: pulumi.String(\"dollars\"),\n\t\t\tTimePeriodStart: pulumi.String(\"2006-01-02_15:04\"),\n\t\t\tTimeUnit: pulumi.String(\"MONTHLY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = budgets.NewBudgetAction(ctx, \"example\", \u0026budgets.BudgetActionArgs{\n\t\t\tBudgetName: exampleBudget.Name,\n\t\t\tActionType: pulumi.String(\"APPLY_IAM_POLICY\"),\n\t\t\tApprovalModel: pulumi.String(\"AUTOMATIC\"),\n\t\t\tNotificationType: pulumi.String(\"ACTUAL\"),\n\t\t\tExecutionRoleArn: exampleRole.Arn,\n\t\t\tActionThreshold: \u0026budgets.BudgetActionActionThresholdArgs{\n\t\t\t\tActionThresholdType: pulumi.String(\"ABSOLUTE_VALUE\"),\n\t\t\t\tActionThresholdValue: pulumi.Float64(100),\n\t\t\t},\n\t\t\tDefinition: \u0026budgets.BudgetActionDefinitionArgs{\n\t\t\t\tIamActionDefinition: \u0026budgets.BudgetActionDefinitionIamActionDefinitionArgs{\n\t\t\t\t\tPolicyArn: examplePolicy.Arn,\n\t\t\t\t\tRoles: pulumi.StringArray{\n\t\t\t\t\t\texampleRole.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSubscribers: budgets.BudgetActionSubscriberArray{\n\t\t\t\t\u0026budgets.BudgetActionSubscriberArgs{\n\t\t\t\t\tAddress: pulumi.String(\"example@example.example\"),\n\t\t\t\t\tSubscriptionType: pulumi.String(\"EMAIL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.BudgetAction;\nimport com.pulumi.aws.budgets.BudgetActionArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetActionActionThresholdArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetActionDefinitionArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetActionDefinitionIamActionDefinitionArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetActionSubscriberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:Describe*\")\n .resources(\"*\")\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"example\")\n .description(\"My example policy\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(String.format(\"budgets.%s\", current.applyValue(getPartitionResult -\u003e getPartitionResult.dnsSuffix())))\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleBudget = new Budget(\"exampleBudget\", BudgetArgs.builder()\n .name(\"example\")\n .budgetType(\"USAGE\")\n .limitAmount(\"10.0\")\n .limitUnit(\"dollars\")\n .timePeriodStart(\"2006-01-02_15:04\")\n .timeUnit(\"MONTHLY\")\n .build());\n\n var exampleBudgetAction = new BudgetAction(\"exampleBudgetAction\", BudgetActionArgs.builder()\n .budgetName(exampleBudget.name())\n .actionType(\"APPLY_IAM_POLICY\")\n .approvalModel(\"AUTOMATIC\")\n .notificationType(\"ACTUAL\")\n .executionRoleArn(exampleRole.arn())\n .actionThreshold(BudgetActionActionThresholdArgs.builder()\n .actionThresholdType(\"ABSOLUTE_VALUE\")\n .actionThresholdValue(100)\n .build())\n .definition(BudgetActionDefinitionArgs.builder()\n .iamActionDefinition(BudgetActionDefinitionIamActionDefinitionArgs.builder()\n .policyArn(examplePolicy.arn())\n .roles(exampleRole.name())\n .build())\n .build())\n .subscribers(BudgetActionSubscriberArgs.builder()\n .address(\"example@example.example\")\n .subscriptionType(\"EMAIL\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBudgetAction:\n type: aws:budgets:BudgetAction\n name: example\n properties:\n budgetName: ${exampleBudget.name}\n actionType: APPLY_IAM_POLICY\n approvalModel: AUTOMATIC\n notificationType: ACTUAL\n executionRoleArn: ${exampleRole.arn}\n actionThreshold:\n actionThresholdType: ABSOLUTE_VALUE\n actionThresholdValue: 100\n definition:\n iamActionDefinition:\n policyArn: ${examplePolicy.arn}\n roles:\n - ${exampleRole.name}\n subscribers:\n - address: example@example.example\n subscriptionType: EMAIL\n tags:\n Tag1: Value1\n Tag2: Value2\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: example\n description: My example policy\n policy: ${example.json}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n exampleBudget:\n type: aws:budgets:Budget\n name: example\n properties:\n name: example\n budgetType: USAGE\n limitAmount: '10.0'\n limitUnit: dollars\n timePeriodStart: 2006-01-02_15:04\n timeUnit: MONTHLY\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:Describe*\n resources:\n - '*'\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - budgets.${current.dnsSuffix}\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import budget actions using `AccountID:ActionID:BudgetName`. For example:\n\n```sh\n$ pulumi import aws:budgets/budgetAction:BudgetAction myBudget 123456789012:some-id:myBudget\n```\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "actionId": { "type": "string", "description": "The id of the budget action.\n" }, "actionThreshold": { "$ref": "#/types/aws:budgets/BudgetActionActionThreshold:BudgetActionActionThreshold", "description": "The trigger threshold of the action. See Action Threshold.\n" }, "actionType": { "type": "string", "description": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition. Valid values are `APPLY_IAM_POLICY`, `APPLY_SCP_POLICY`, and `RUN_SSM_DOCUMENTS`.\n" }, "approvalModel": { "type": "string", "description": "This specifies if the action needs manual or automatic approval. Valid values are `AUTOMATIC` and `MANUAL`.\n" }, "arn": { "type": "string", "description": "The ARN of the budget action.\n" }, "budgetName": { "type": "string", "description": "The name of a budget.\n" }, "definition": { "$ref": "#/types/aws:budgets/BudgetActionDefinition:BudgetActionDefinition", "description": "Specifies all of the type-specific parameters. See Definition.\n" }, "executionRoleArn": { "type": "string", "description": "The role passed for action execution and reversion. Roles and actions must be in the same account.\n" }, "notificationType": { "type": "string", "description": "The type of a notification. Valid values are `ACTUAL` or `FORECASTED`.\n" }, "status": { "type": "string", "description": "The status of the budget action.\n" }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetActionSubscriber:BudgetActionSubscriber" }, "description": "A list of subscribers. See Subscriber.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accountId", "actionId", "actionThreshold", "actionType", "approvalModel", "arn", "budgetName", "definition", "executionRoleArn", "notificationType", "status", "subscribers", "tagsAll" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n", "willReplaceOnChanges": true }, "actionThreshold": { "$ref": "#/types/aws:budgets/BudgetActionActionThreshold:BudgetActionActionThreshold", "description": "The trigger threshold of the action. See Action Threshold.\n" }, "actionType": { "type": "string", "description": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition. Valid values are `APPLY_IAM_POLICY`, `APPLY_SCP_POLICY`, and `RUN_SSM_DOCUMENTS`.\n", "willReplaceOnChanges": true }, "approvalModel": { "type": "string", "description": "This specifies if the action needs manual or automatic approval. Valid values are `AUTOMATIC` and `MANUAL`.\n" }, "budgetName": { "type": "string", "description": "The name of a budget.\n", "willReplaceOnChanges": true }, "definition": { "$ref": "#/types/aws:budgets/BudgetActionDefinition:BudgetActionDefinition", "description": "Specifies all of the type-specific parameters. See Definition.\n" }, "executionRoleArn": { "type": "string", "description": "The role passed for action execution and reversion. Roles and actions must be in the same account.\n" }, "notificationType": { "type": "string", "description": "The type of a notification. Valid values are `ACTUAL` or `FORECASTED`.\n" }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetActionSubscriber:BudgetActionSubscriber" }, "description": "A list of subscribers. See Subscriber.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "actionThreshold", "actionType", "approvalModel", "budgetName", "definition", "executionRoleArn", "notificationType", "subscribers" ], "stateInputs": { "description": "Input properties used for looking up and filtering BudgetAction resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n", "willReplaceOnChanges": true }, "actionId": { "type": "string", "description": "The id of the budget action.\n" }, "actionThreshold": { "$ref": "#/types/aws:budgets/BudgetActionActionThreshold:BudgetActionActionThreshold", "description": "The trigger threshold of the action. See Action Threshold.\n" }, "actionType": { "type": "string", "description": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition. Valid values are `APPLY_IAM_POLICY`, `APPLY_SCP_POLICY`, and `RUN_SSM_DOCUMENTS`.\n", "willReplaceOnChanges": true }, "approvalModel": { "type": "string", "description": "This specifies if the action needs manual or automatic approval. Valid values are `AUTOMATIC` and `MANUAL`.\n" }, "arn": { "type": "string", "description": "The ARN of the budget action.\n" }, "budgetName": { "type": "string", "description": "The name of a budget.\n", "willReplaceOnChanges": true }, "definition": { "$ref": "#/types/aws:budgets/BudgetActionDefinition:BudgetActionDefinition", "description": "Specifies all of the type-specific parameters. See Definition.\n" }, "executionRoleArn": { "type": "string", "description": "The role passed for action execution and reversion. Roles and actions must be in the same account.\n" }, "notificationType": { "type": "string", "description": "The type of a notification. Valid values are `ACTUAL` or `FORECASTED`.\n" }, "status": { "type": "string", "description": "The status of the budget action.\n" }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:budgets/BudgetActionSubscriber:BudgetActionSubscriber" }, "description": "A list of subscribers. See Subscriber.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cfg/aggregateAuthorization:AggregateAuthorization": { "description": "Manages an AWS Config Aggregate Authorization\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.AggregateAuthorization(\"example\", {\n accountId: \"123456789012\",\n region: \"eu-west-2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.AggregateAuthorization(\"example\",\n account_id=\"123456789012\",\n region=\"eu-west-2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.AggregateAuthorization(\"example\", new()\n {\n AccountId = \"123456789012\",\n Region = \"eu-west-2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewAggregateAuthorization(ctx, \"example\", \u0026cfg.AggregateAuthorizationArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tRegion: pulumi.String(\"eu-west-2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.AggregateAuthorization;\nimport com.pulumi.aws.cfg.AggregateAuthorizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AggregateAuthorization(\"example\", AggregateAuthorizationArgs.builder()\n .accountId(\"123456789012\")\n .region(\"eu-west-2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:AggregateAuthorization\n properties:\n accountId: '123456789012'\n region: eu-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config aggregate authorizations using `account_id:region`. For example:\n\n```sh\n$ pulumi import aws:cfg/aggregateAuthorization:AggregateAuthorization example 123456789012:us-east-1\n```\n", "properties": { "accountId": { "type": "string", "description": "Account ID\n" }, "arn": { "type": "string", "description": "The ARN of the authorization\n" }, "region": { "type": "string", "description": "Region\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accountId", "arn", "region", "tagsAll" ], "inputProperties": { "accountId": { "type": "string", "description": "Account ID\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "Region\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "accountId", "region" ], "stateInputs": { "description": "Input properties used for looking up and filtering AggregateAuthorization resources.\n", "properties": { "accountId": { "type": "string", "description": "Account ID\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The ARN of the authorization\n" }, "region": { "type": "string", "description": "Region\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cfg/configurationAggregator:ConfigurationAggregator": { "description": "Manages an AWS Config Configuration Aggregator\n\n## Example Usage\n\n### Account Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.cfg.ConfigurationAggregator(\"account\", {\n name: \"example\",\n accountAggregationSource: {\n accountIds: [\"123456789012\"],\n regions: [\"us-west-2\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.cfg.ConfigurationAggregator(\"account\",\n name=\"example\",\n account_aggregation_source={\n \"account_ids\": [\"123456789012\"],\n \"regions\": [\"us-west-2\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = new Aws.Cfg.ConfigurationAggregator(\"account\", new()\n {\n Name = \"example\",\n AccountAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorAccountAggregationSourceArgs\n {\n AccountIds = new[]\n {\n \"123456789012\",\n },\n Regions = new[]\n {\n \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConfigurationAggregator(ctx, \"account\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAccountAggregationSource: \u0026cfg.ConfigurationAggregatorAccountAggregationSourceArgs{\n\t\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorAccountAggregationSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var account = new ConfigurationAggregator(\"account\", ConfigurationAggregatorArgs.builder()\n .name(\"example\")\n .accountAggregationSource(ConfigurationAggregatorAccountAggregationSourceArgs.builder()\n .accountIds(\"123456789012\")\n .regions(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n accountAggregationSource:\n accountIds:\n - '123456789012'\n regions:\n - us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst organizationRole = new aws.iam.Role(\"organization\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"organization\", {\n role: organizationRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n});\nconst organization = new aws.cfg.ConfigurationAggregator(\"organization\", {\n name: \"example\",\n organizationAggregationSource: {\n allRegions: true,\n roleArn: organizationRole.arn,\n },\n}, {\n dependsOn: [organizationRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"config.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\norganization_role = aws.iam.Role(\"organization\",\n name=\"example\",\n assume_role_policy=assume_role.json)\norganization_role_policy_attachment = aws.iam.RolePolicyAttachment(\"organization\",\n role=organization_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\norganization = aws.cfg.ConfigurationAggregator(\"organization\",\n name=\"example\",\n organization_aggregation_source={\n \"all_regions\": True,\n \"role_arn\": organization_role.arn,\n },\n opts = pulumi.ResourceOptions(depends_on=[organization_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var organizationRole = new Aws.Iam.Role(\"organization\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"organization\", new()\n {\n Role = organizationRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n });\n\n var organization = new Aws.Cfg.ConfigurationAggregator(\"organization\", new()\n {\n Name = \"example\",\n OrganizationAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs\n {\n AllRegions = true,\n RoleArn = organizationRole.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n organizationRolePolicyAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\torganizationRole, err := iam.NewRole(ctx, \"organization\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\torganizationRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"organization\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: organizationRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConfigurationAggregator(ctx, \"organization\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tOrganizationAggregationSource: \u0026cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{\n\t\t\t\tAllRegions: pulumi.Bool(true),\n\t\t\t\tRoleArn: organizationRole.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\torganizationRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var organizationRole = new Role(\"organizationRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var organizationRolePolicyAttachment = new RolePolicyAttachment(\"organizationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(organizationRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\n .build());\n\n var organization = new ConfigurationAggregator(\"organization\", ConfigurationAggregatorArgs.builder()\n .name(\"example\")\n .organizationAggregationSource(ConfigurationAggregatorOrganizationAggregationSourceArgs.builder()\n .allRegions(true)\n .roleArn(organizationRole.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(organizationRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n organization:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n organizationAggregationSource:\n allRegions: true\n roleArn: ${organizationRole.arn}\n options:\n dependson:\n - ${organizationRolePolicyAttachment}\n organizationRole:\n type: aws:iam:Role\n name: organization\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n organizationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: organization\n properties:\n role: ${organizationRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Aggregators using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/configurationAggregator:ConfigurationAggregator example foo\n```\n", "properties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the aggregator\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n" }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nEither `account_aggregation_source` or `organization_aggregation_source` must be specified.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n", "willReplaceOnChanges": true }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nEither `account_aggregation_source` or `organization_aggregation_source` must be specified.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationAggregator resources.\n", "properties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", "description": "The account(s) to aggregate config data from as documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the aggregator\n" }, "name": { "type": "string", "description": "The name of the configuration aggregator.\n", "willReplaceOnChanges": true }, "organizationAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorOrganizationAggregationSource:ConfigurationAggregatorOrganizationAggregationSource", "description": "The organization to aggregate config data from as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nEither `account_aggregation_source` or `organization_aggregation_source` must be specified.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cfg/conformancePack:ConformancePack": { "description": "Manages a Config Conformance Pack. More information about this collection of Config rules and remediation actions can be found in the\n[Conformance Packs](https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html) documentation.\nSample Conformance Pack templates may be found in the\n[AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** The account must have a Configuration Recorder with proper IAM permissions before the Conformance Pack will\nsuccessfully create or update. See also the\n`aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n}, {\n dependsOn: [exampleAwsConfigConfigurationRecorder],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n input_parameters=[{\n \"parameter_name\": \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n \"parameter_value\": \"90\",\n }],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\",\n opts = pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.ConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.ConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.ConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.ConformancePackInputParameterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder()\n .name(\"example\")\n .inputParameters(ConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsConfigConfigurationRecorder)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n}, {\n dependsOn: [exampleAwsConfigConfigurationRecorder],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"),\n opts = pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder()\n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsConfigConfigurationRecorder)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/conformancePack:ConformancePack example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the conformance pack.\n" }, "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/ConformancePackInputParameter:ConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the conformance pack. Must begin with a letter and contain from 1 to 256 alphanumeric characters and hyphens.\n" }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/ConformancePackInputParameter:ConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the conformance pack. Must begin with a letter and contain from 1 to 256 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConformancePack resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the conformance pack.\n" }, "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/ConformancePackInputParameter:ConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the conformance pack. Must begin with a letter and contain from 1 to 256 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "type": "object" } }, "aws:cfg/deliveryChannel:DeliveryChannel": { "description": "Provides an AWS Config Delivery Channel.\n\n\u003e **Note:** Delivery Channel requires a Configuration Recorder to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {\n bucket: \"example-awsconfig\",\n forceDestroy: true,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"awsconfig-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst foo = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n}, {\n dependsOn: [fooRecorder],\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\",\n bucket=\"example-awsconfig\",\n force_destroy=True)\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"config.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nr = aws.iam.Role(\"r\",\n name=\"awsconfig-example\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\nfoo = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket,\n opts = pulumi.ResourceOptions(depends_on=[foo_recorder]))\np = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n}])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"example-awsconfig\",\n ForceDestroy = true,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"awsconfig-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var foo = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n fooRecorder,\n },\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-awsconfig\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRecorder, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfooRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: pulumi.String(p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder()\n .bucket(\"example-awsconfig\")\n .forceDestroy(true)\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder()\n .name(\"awsconfig-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n var foo = new DeliveryChannel(\"foo\", DeliveryChannelArgs.builder()\n .name(\"example\")\n .s3BucketName(b.bucket())\n .build(), CustomResourceOptions.builder()\n .dependsOn(fooRecorder)\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder()\n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:DeliveryChannel\n properties:\n name: example\n s3BucketName: ${b.bucket}\n options:\n dependson:\n - ${fooRecorder}\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: example-awsconfig\n forceDestroy: true\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: awsconfig-example\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Delivery Channel using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/deliveryChannel:DeliveryChannel foo example\n```\n", "properties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n" }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "s3KmsKeyArn": { "type": "string", "description": "The ARN of the AWS KMS key used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "required": [ "name", "s3BucketName" ], "inputProperties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n", "willReplaceOnChanges": true }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "s3KmsKeyArn": { "type": "string", "description": "The ARN of the AWS KMS key used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "requiredInputs": [ "s3BucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeliveryChannel resources.\n", "properties": { "name": { "type": "string", "description": "The name of the delivery channel. Defaults to `default`. Changing it recreates the resource.\n", "willReplaceOnChanges": true }, "s3BucketName": { "type": "string", "description": "The name of the S3 bucket used to store the configuration history.\n" }, "s3KeyPrefix": { "type": "string", "description": "The prefix for the specified S3 bucket.\n" }, "s3KmsKeyArn": { "type": "string", "description": "The ARN of the AWS KMS key used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.\n" }, "snapshotDeliveryProperties": { "$ref": "#/types/aws:cfg/DeliveryChannelSnapshotDeliveryProperties:DeliveryChannelSnapshotDeliveryProperties", "description": "Options for how AWS Config delivers configuration snapshots. See below\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic that AWS Config delivers notifications to.\n" } }, "type": "object" } }, "aws:cfg/organizationConformancePack:OrganizationConformancePack": { "description": "Manages a Config Organization Conformance Pack. More information can be found in the [Managing Conformance Packs Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/conformance-pack-organization-apis.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. Example conformance pack templates may be found in the [AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** This resource must be created in the Organization master account or a delegated administrator account, and the Organization must have all features enabled. Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the Organization Conformance Pack will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Using Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n}, {\n dependsOn: [\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n input_parameters=[{\n \"parameter_name\": \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n \"parameter_value\": \"90\",\n }],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\",\n opts = pulumi.ResourceOptions(depends_on=[\n example_aws_config_configuration_recorder,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.OrganizationConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.OrganizationConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.OrganizationConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.OrganizationConformancePackInputParameterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder()\n .name(\"example\")\n .inputParameters(OrganizationConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsConfigConfigurationRecorder,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n - ${exampleOrganization}\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n}, {\n dependsOn: [\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"),\n opts = pulumi.ResourceOptions(depends_on=[\n example_aws_config_configuration_recorder,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder()\n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsConfigConfigurationRecorder,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n - ${exampleOrganization}\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationConformancePack:OrganizationConformancePack example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the organization conformance pack.\n" }, "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Delivery bucket must begin with `awsconfigconforms` prefix. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack. Maximum of 1000 accounts.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/OrganizationConformancePackInputParameter:OrganizationConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the organization conformance pack. Must begin with a letter and contain from 1 to 128 alphanumeric characters and hyphens.\n" }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Delivery bucket must begin with `awsconfigconforms` prefix. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack. Maximum of 1000 accounts.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/OrganizationConformancePackInputParameter:OrganizationConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the organization conformance pack. Must begin with a letter and contain from 1 to 128 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConformancePack resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the organization conformance pack.\n" }, "deliveryS3Bucket": { "type": "string", "description": "Amazon S3 bucket where AWS Config stores conformance pack templates. Delivery bucket must begin with `awsconfigconforms` prefix. Maximum length of 63.\n" }, "deliveryS3KeyPrefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket. Maximum length of 1024.\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "Set of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack. Maximum of 1000 accounts.\n" }, "inputParameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/OrganizationConformancePackInputParameter:OrganizationConformancePackInputParameter" }, "description": "Set of configuration blocks describing input parameters passed to the conformance pack template. Documented below. When configured, the parameters must also be included in the `template_body` or in the template stored in Amazon S3 if using `template_s3_uri`.\n" }, "name": { "type": "string", "description": "The name of the organization conformance pack. Must begin with a letter and contain from 1 to 128 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "templateBody": { "type": "string", "description": "A string containing full conformance pack template body. Maximum length of 51200. Drift detection is not possible with this argument.\n" }, "templateS3Uri": { "type": "string", "description": "Location of file, e.g., `s3://bucketname/prefix`, containing the template body. The uri must point to the conformance pack template that is located in an Amazon S3 bucket in the same region as the conformance pack. Maximum length of 1024. Drift detection is not possible with this argument.\n" } }, "type": "object" } }, "aws:cfg/organizationCustomPolicyRule:OrganizationCustomPolicyRule": { "description": "Manages a Config Organization Custom Policy Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.OrganizationCustomPolicyRule(\"example\", {\n name: \"example_rule_name\",\n policyRuntime: \"guard-2.x.x\",\n policyText: `let status = ['ACTIVE']\n\nrule tableisactive when\n resourceType == \"AWS::DynamoDB::Table\" {\n configuration.tableStatus == %status\n}\n\nrule checkcompliance when\n resourceType == \"AWS::DynamoDB::Table\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"ENABLED\"\n }\n`,\n resourceTypesScopes: [\"AWS::DynamoDB::Table\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.OrganizationCustomPolicyRule(\"example\",\n name=\"example_rule_name\",\n policy_runtime=\"guard-2.x.x\",\n policy_text=\"\"\"let status = ['ACTIVE']\n\nrule tableisactive when\n resourceType == \"AWS::DynamoDB::Table\" {\n configuration.tableStatus == %status\n}\n\nrule checkcompliance when\n resourceType == \"AWS::DynamoDB::Table\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"ENABLED\"\n }\n\"\"\",\n resource_types_scopes=[\"AWS::DynamoDB::Table\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.OrganizationCustomPolicyRule(\"example\", new()\n {\n Name = \"example_rule_name\",\n PolicyRuntime = \"guard-2.x.x\",\n PolicyText = @\"let status = ['ACTIVE']\n\nrule tableisactive when\n resourceType == \"\"AWS::DynamoDB::Table\"\" {\n configuration.tableStatus == %status\n}\n\nrule checkcompliance when\n resourceType == \"\"AWS::DynamoDB::Table\"\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"\"ENABLED\"\"\n }\n\",\n ResourceTypesScopes = new[]\n {\n \"AWS::DynamoDB::Table\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewOrganizationCustomPolicyRule(ctx, \"example\", \u0026cfg.OrganizationCustomPolicyRuleArgs{\n\t\t\tName: pulumi.String(\"example_rule_name\"),\n\t\t\tPolicyRuntime: pulumi.String(\"guard-2.x.x\"),\n\t\t\tPolicyText: pulumi.String(`let status = ['ACTIVE']\n\nrule tableisactive when\n resourceType == \"AWS::DynamoDB::Table\" {\n configuration.tableStatus == %status\n}\n\nrule checkcompliance when\n resourceType == \"AWS::DynamoDB::Table\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"ENABLED\"\n }\n`),\n\t\t\tResourceTypesScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"AWS::DynamoDB::Table\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.OrganizationCustomPolicyRule;\nimport com.pulumi.aws.cfg.OrganizationCustomPolicyRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationCustomPolicyRule(\"example\", OrganizationCustomPolicyRuleArgs.builder()\n .name(\"example_rule_name\")\n .policyRuntime(\"guard-2.x.x\")\n .policyText(\"\"\"\nlet status = ['ACTIVE']\n\nrule tableisactive when\n resourceType == \"AWS::DynamoDB::Table\" {\n configuration.tableStatus == %status\n}\n\nrule checkcompliance when\n resourceType == \"AWS::DynamoDB::Table\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"ENABLED\"\n }\n \"\"\")\n .resourceTypesScopes(\"AWS::DynamoDB::Table\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationCustomPolicyRule\n properties:\n name: example_rule_name\n policyRuntime: guard-2.x.x\n policyText: |\n let status = ['ACTIVE']\n\n rule tableisactive when\n resourceType == \"AWS::DynamoDB::Table\" {\n configuration.tableStatus == %status\n }\n\n rule checkcompliance when\n resourceType == \"AWS::DynamoDB::Table\"\n tableisactive {\n let pitr = supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus\n %pitr == \"ENABLED\"\n }\n resourceTypesScopes:\n - AWS::DynamoDB::Table\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a Config Organization Custom Policy Rule using the `name` argument. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationCustomPolicyRule:OrganizationCustomPolicyRule example example_rule_name\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "debugLogDeliveryAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "Maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "name of the rule\n" }, "policyRuntime": { "type": "string", "description": "runtime system for your organization AWS Config Custom Policy rules\n" }, "policyText": { "type": "string", "description": "policy definition containing the logic for your organization AWS Config Custom Policy rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "name", "policyRuntime", "policyText", "triggerTypes" ], "inputProperties": { "debugLogDeliveryAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "Maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "name of the rule\n", "willReplaceOnChanges": true }, "policyRuntime": { "type": "string", "description": "runtime system for your organization AWS Config Custom Policy rules\n" }, "policyText": { "type": "string", "description": "policy definition containing the logic for your organization AWS Config Custom Policy rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "policyRuntime", "policyText", "triggerTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationCustomPolicyRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "debugLogDeliveryAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "Maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "name of the rule\n", "willReplaceOnChanges": true }, "policyRuntime": { "type": "string", "description": "runtime system for your organization AWS Config Custom Policy rules\n" }, "policyText": { "type": "string", "description": "policy definition containing the logic for your organization AWS Config Custom Policy rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:cfg/organizationCustomRule:OrganizationCustomRule": { "description": "Manages a Config Organization Custom Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** The proper Lambda permission to allow the AWS Config service invoke the Lambda Function must be in place before the rule will successfully create or update. See also the `aws.lambda.Permission` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleAwsLambdaFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationCustomRule = new aws.cfg.OrganizationCustomRule(\"example\", {\n lambdaFunctionArn: exampleAwsLambdaFunction.arn,\n name: \"example\",\n triggerTypes: [\"ConfigurationItemChangeNotification\"],\n}, {\n dependsOn: [\n example,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_aws_lambda_function[\"arn\"],\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_custom_rule = aws.cfg.OrganizationCustomRule(\"example\",\n lambda_function_arn=example_aws_lambda_function[\"arn\"],\n name=\"example\",\n trigger_types=[\"ConfigurationItemChangeNotification\"],\n opts = pulumi.ResourceOptions(depends_on=[\n example,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleAwsLambdaFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationCustomRule = new Aws.Cfg.OrganizationCustomRule(\"example\", new()\n {\n LambdaFunctionArn = exampleAwsLambdaFunction.Arn,\n Name = \"example\",\n TriggerTypes = new[]\n {\n \"ConfigurationItemChangeNotification\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n exampleOrganization,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationCustomRule(ctx, \"example\", \u0026cfg.OrganizationCustomRuleArgs{\n\t\t\tLambdaFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTriggerTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationCustomRule;\nimport com.pulumi.aws.cfg.OrganizationCustomRuleArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Permission(\"example\", PermissionArgs.builder()\n .action(\"lambda:InvokeFunction\")\n .function(exampleAwsLambdaFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationCustomRule = new OrganizationCustomRule(\"exampleOrganizationCustomRule\", OrganizationCustomRuleArgs.builder()\n .lambdaFunctionArn(exampleAwsLambdaFunction.arn())\n .name(\"example\")\n .triggerTypes(\"ConfigurationItemChangeNotification\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${exampleAwsLambdaFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationCustomRule:\n type: aws:cfg:OrganizationCustomRule\n name: example\n properties:\n lambdaFunctionArn: ${exampleAwsLambdaFunction.arn}\n name: example\n triggerTypes:\n - ConfigurationItemChangeNotification\n options:\n dependson:\n - ${example}\n - ${exampleOrganization}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Custom Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationCustomRule:OrganizationCustomRule example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "required": [ "arn", "lambdaFunctionArn", "name", "triggerTypes" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "requiredInputs": [ "lambdaFunctionArn", "triggerTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationCustomRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "lambdaFunctionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" }, "triggerTypes": { "type": "array", "items": { "type": "string" }, "description": "List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification`\n" } }, "type": "object" } }, "aws:cfg/organizationManagedRule:OrganizationManagedRule": { "description": "Manages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `aws.cfg.OrganizationCustomRule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationManagedRule = new aws.cfg.OrganizationManagedRule(\"example\", {\n name: \"example\",\n ruleIdentifier: \"IAM_PASSWORD_POLICY\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_managed_rule = aws.cfg.OrganizationManagedRule(\"example\",\n name=\"example\",\n rule_identifier=\"IAM_PASSWORD_POLICY\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationManagedRule = new Aws.Cfg.OrganizationManagedRule(\"example\", new()\n {\n Name = \"example\",\n RuleIdentifier = \"IAM_PASSWORD_POLICY\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationManagedRule(ctx, \"example\", \u0026cfg.OrganizationManagedRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleIdentifier: pulumi.String(\"IAM_PASSWORD_POLICY\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationManagedRule;\nimport com.pulumi.aws.cfg.OrganizationManagedRuleArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationManagedRule = new OrganizationManagedRule(\"exampleOrganizationManagedRule\", OrganizationManagedRuleArgs.builder()\n .name(\"example\")\n .ruleIdentifier(\"IAM_PASSWORD_POLICY\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationManagedRule:\n type: aws:cfg:OrganizationManagedRule\n name: example\n properties:\n name: example\n ruleIdentifier: IAM_PASSWORD_POLICY\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Managed Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationManagedRule:OrganizationManagedRule example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "required": [ "arn", "name", "ruleIdentifier" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "requiredInputs": [ "ruleIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationManagedRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "excludedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account identifiers to exclude from the rule\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config Rule Lambda Function\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "resourceIdScope": { "type": "string", "description": "Identifier of the AWS resource to evaluate\n" }, "resourceTypesScopes": { "type": "array", "items": { "type": "string" }, "description": "List of types of AWS resources to evaluate\n" }, "ruleIdentifier": { "type": "string", "description": "Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation\n" }, "tagKeyScope": { "type": "string", "description": "Tag key of AWS resources to evaluate\n" }, "tagValueScope": { "type": "string", "description": "Tag value of AWS resources to evaluate\n" } }, "type": "object" } }, "aws:cfg/recorder:Recorder": { "description": "Provides an AWS Config Configuration Recorder. Please note that this resource **does not start** the created recorder automatically.\n\n\u003e **Note:** _Starting_ the Configuration Recorder requires a delivery channel (while delivery channel creation requires Configuration Recorder). This is why `aws.cfg.RecorderStatus` is a separate resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"awsconfig-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"config.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nr = aws.iam.Role(\"r\",\n name=\"awsconfig-example\",\n assume_role_policy=assume_role.json)\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"awsconfig-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder()\n .name(\"awsconfig-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new Recorder(\"foo\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: awsconfig-example\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Exclude Resources Types Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n recordingGroup: {\n allSupported: false,\n exclusionByResourceTypes: [{\n resourceTypes: [\"AWS::EC2::Instance\"],\n }],\n recordingStrategies: [{\n useOnly: \"EXCLUSION_BY_RESOURCE_TYPES\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r[\"arn\"],\n recording_group={\n \"all_supported\": False,\n \"exclusion_by_resource_types\": [{\n \"resource_types\": [\"AWS::EC2::Instance\"],\n }],\n \"recording_strategies\": [{\n \"use_only\": \"EXCLUSION_BY_RESOURCE_TYPES\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n RecordingGroup = new Aws.Cfg.Inputs.RecorderRecordingGroupArgs\n {\n AllSupported = false,\n ExclusionByResourceTypes = new[]\n {\n new Aws.Cfg.Inputs.RecorderRecordingGroupExclusionByResourceTypeArgs\n {\n ResourceTypes = new[]\n {\n \"AWS::EC2::Instance\",\n },\n },\n },\n RecordingStrategies = new[]\n {\n new Aws.Cfg.Inputs.RecorderRecordingGroupRecordingStrategyArgs\n {\n UseOnly = \"EXCLUSION_BY_RESOURCE_TYPES\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(r.Arn),\n\t\t\tRecordingGroup: \u0026cfg.RecorderRecordingGroupArgs{\n\t\t\t\tAllSupported: pulumi.Bool(false),\n\t\t\t\tExclusionByResourceTypes: cfg.RecorderRecordingGroupExclusionByResourceTypeArray{\n\t\t\t\t\t\u0026cfg.RecorderRecordingGroupExclusionByResourceTypeArgs{\n\t\t\t\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"AWS::EC2::Instance\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRecordingStrategies: cfg.RecorderRecordingGroupRecordingStrategyArray{\n\t\t\t\t\t\u0026cfg.RecorderRecordingGroupRecordingStrategyArgs{\n\t\t\t\t\t\tUseOnly: pulumi.String(\"EXCLUSION_BY_RESOURCE_TYPES\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.inputs.RecorderRecordingGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Recorder(\"foo\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(r.arn())\n .recordingGroup(RecorderRecordingGroupArgs.builder()\n .allSupported(false)\n .exclusionByResourceTypes(RecorderRecordingGroupExclusionByResourceTypeArgs.builder()\n .resourceTypes(\"AWS::EC2::Instance\")\n .build())\n .recordingStrategies(RecorderRecordingGroupRecordingStrategyArgs.builder()\n .useOnly(\"EXCLUSION_BY_RESOURCE_TYPES\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${r.arn}\n recordingGroup:\n allSupported: false\n exclusionByResourceTypes:\n - resourceTypes:\n - AWS::EC2::Instance\n recordingStrategies:\n - useOnly: EXCLUSION_BY_RESOURCE_TYPES\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Periodic Recording\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n recordingGroup: {\n allSupported: false,\n includeGlobalResourceTypes: false,\n resourceTypes: [\n \"AWS::EC2::Instance\",\n \"AWS::EC2::NetworkInterface\",\n ],\n },\n recordingMode: {\n recordingFrequency: \"CONTINUOUS\",\n recordingModeOverride: {\n description: \"Only record EC2 network interfaces daily\",\n resourceTypes: [\"AWS::EC2::NetworkInterface\"],\n recordingFrequency: \"DAILY\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r[\"arn\"],\n recording_group={\n \"all_supported\": False,\n \"include_global_resource_types\": False,\n \"resource_types\": [\n \"AWS::EC2::Instance\",\n \"AWS::EC2::NetworkInterface\",\n ],\n },\n recording_mode={\n \"recording_frequency\": \"CONTINUOUS\",\n \"recording_mode_override\": {\n \"description\": \"Only record EC2 network interfaces daily\",\n \"resource_types\": [\"AWS::EC2::NetworkInterface\"],\n \"recording_frequency\": \"DAILY\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n RecordingGroup = new Aws.Cfg.Inputs.RecorderRecordingGroupArgs\n {\n AllSupported = false,\n IncludeGlobalResourceTypes = false,\n ResourceTypes = new[]\n {\n \"AWS::EC2::Instance\",\n \"AWS::EC2::NetworkInterface\",\n },\n },\n RecordingMode = new Aws.Cfg.Inputs.RecorderRecordingModeArgs\n {\n RecordingFrequency = \"CONTINUOUS\",\n RecordingModeOverride = new Aws.Cfg.Inputs.RecorderRecordingModeRecordingModeOverrideArgs\n {\n Description = \"Only record EC2 network interfaces daily\",\n ResourceTypes = new[]\n {\n \"AWS::EC2::NetworkInterface\",\n },\n RecordingFrequency = \"DAILY\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(r.Arn),\n\t\t\tRecordingGroup: \u0026cfg.RecorderRecordingGroupArgs{\n\t\t\t\tAllSupported: pulumi.Bool(false),\n\t\t\t\tIncludeGlobalResourceTypes: pulumi.Bool(false),\n\t\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"AWS::EC2::Instance\"),\n\t\t\t\t\tpulumi.String(\"AWS::EC2::NetworkInterface\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRecordingMode: \u0026cfg.RecorderRecordingModeArgs{\n\t\t\t\tRecordingFrequency: pulumi.String(\"CONTINUOUS\"),\n\t\t\t\tRecordingModeOverride: \u0026cfg.RecorderRecordingModeRecordingModeOverrideArgs{\n\t\t\t\t\tDescription: pulumi.String(\"Only record EC2 network interfaces daily\"),\n\t\t\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AWS::EC2::NetworkInterface\"),\n\t\t\t\t\t},\n\t\t\t\t\tRecordingFrequency: pulumi.String(\"DAILY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.inputs.RecorderRecordingGroupArgs;\nimport com.pulumi.aws.cfg.inputs.RecorderRecordingModeArgs;\nimport com.pulumi.aws.cfg.inputs.RecorderRecordingModeRecordingModeOverrideArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Recorder(\"foo\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(r.arn())\n .recordingGroup(RecorderRecordingGroupArgs.builder()\n .allSupported(false)\n .includeGlobalResourceTypes(false)\n .resourceTypes( \n \"AWS::EC2::Instance\",\n \"AWS::EC2::NetworkInterface\")\n .build())\n .recordingMode(RecorderRecordingModeArgs.builder()\n .recordingFrequency(\"CONTINUOUS\")\n .recordingModeOverride(RecorderRecordingModeRecordingModeOverrideArgs.builder()\n .description(\"Only record EC2 network interfaces daily\")\n .resourceTypes(\"AWS::EC2::NetworkInterface\")\n .recordingFrequency(\"DAILY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${r.arn}\n recordingGroup:\n allSupported: false\n includeGlobalResourceTypes: false\n resourceTypes:\n - AWS::EC2::Instance\n - AWS::EC2::NetworkInterface\n recordingMode:\n recordingFrequency: CONTINUOUS\n recordingModeOverride:\n description: Only record EC2 network interfaces daily\n resourceTypes:\n - AWS::EC2::NetworkInterface\n recordingFrequency: DAILY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/recorder:Recorder foo example\n```\n", "properties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n" }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "recordingMode": { "$ref": "#/types/aws:cfg/RecorderRecordingMode:RecorderRecordingMode", "description": "Recording mode - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role. Used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "required": [ "name", "recordingGroup", "recordingMode", "roleArn" ], "inputProperties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n", "willReplaceOnChanges": true }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "recordingMode": { "$ref": "#/types/aws:cfg/RecorderRecordingMode:RecorderRecordingMode", "description": "Recording mode - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role. Used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Recorder resources.\n", "properties": { "name": { "type": "string", "description": "The name of the recorder. Defaults to `default`. Changing it recreates the resource.\n", "willReplaceOnChanges": true }, "recordingGroup": { "$ref": "#/types/aws:cfg/RecorderRecordingGroup:RecorderRecordingGroup", "description": "Recording group - see below.\n" }, "recordingMode": { "$ref": "#/types/aws:cfg/RecorderRecordingMode:RecorderRecordingMode", "description": "Recording mode - see below.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role. Used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details.\n" } }, "type": "object" } }, "aws:cfg/recorderStatus:RecorderStatus": { "description": "Manages status (recording / stopped) of an AWS Config Configuration Recorder.\n\n\u003e **Note:** Starting Configuration Recorder requires a Delivery Channel to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {bucket: \"awsconfig-example\"});\nconst fooDeliveryChannel = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"example-awsconfig\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst foo = new aws.cfg.RecorderStatus(\"foo\", {\n name: fooRecorder.name,\n isEnabled: true,\n}, {\n dependsOn: [fooDeliveryChannel],\n});\nconst a = new aws.iam.RolePolicyAttachment(\"a\", {\n role: r.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\", bucket=\"awsconfig-example\")\nfoo_delivery_channel = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket)\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"config.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nr = aws.iam.Role(\"r\",\n name=\"example-awsconfig\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\nfoo = aws.cfg.RecorderStatus(\"foo\",\n name=foo_recorder.name,\n is_enabled=True,\n opts = pulumi.ResourceOptions(depends_on=[foo_delivery_channel]))\na = aws.iam.RolePolicyAttachment(\"a\",\n role=r.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\np = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n}])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"awsconfig-example\",\n });\n\n var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"example-awsconfig\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var foo = new Aws.Cfg.RecorderStatus(\"foo\", new()\n {\n Name = fooRecorder.Name,\n IsEnabled = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n fooDeliveryChannel,\n },\n });\n\n var a = new Aws.Iam.RolePolicyAttachment(\"a\", new()\n {\n Role = r.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"awsconfig-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooDeliveryChannel, err := cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-awsconfig\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRecorder, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorderStatus(ctx, \"foo\", \u0026cfg.RecorderStatusArgs{\n\t\t\tName: fooRecorder.Name,\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfooDeliveryChannel,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"a\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: r.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: pulumi.String(p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.RecorderStatus;\nimport com.pulumi.aws.cfg.RecorderStatusArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder()\n .bucket(\"awsconfig-example\")\n .build());\n\n var fooDeliveryChannel = new DeliveryChannel(\"fooDeliveryChannel\", DeliveryChannelArgs.builder()\n .name(\"example\")\n .s3BucketName(b.bucket())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder()\n .name(\"example-awsconfig\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n var foo = new RecorderStatus(\"foo\", RecorderStatusArgs.builder()\n .name(fooRecorder.name())\n .isEnabled(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(fooDeliveryChannel)\n .build());\n\n var a = new RolePolicyAttachment(\"a\", RolePolicyAttachmentArgs.builder()\n .role(r.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder()\n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:RecorderStatus\n properties:\n name: ${fooRecorder.name}\n isEnabled: true\n options:\n dependson:\n - ${fooDeliveryChannel}\n a:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${r.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: awsconfig-example\n fooDeliveryChannel:\n type: aws:cfg:DeliveryChannel\n name: foo\n properties:\n name: example\n s3BucketName: ${b.bucket}\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: example-awsconfig\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder Status using the name of the Configuration Recorder. For example:\n\n```sh\n$ pulumi import aws:cfg/recorderStatus:RecorderStatus foo example\n```\n", "properties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "required": [ "isEnabled", "name" ], "inputProperties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "requiredInputs": [ "isEnabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering RecorderStatus resources.\n", "properties": { "isEnabled": { "type": "boolean", "description": "Whether the configuration recorder should be enabled or disabled.\n" }, "name": { "type": "string", "description": "The name of the recorder\n" } }, "type": "object" } }, "aws:cfg/remediationConfiguration:RemediationConfiguration": { "description": "Provides an AWS Config Remediation Configuration.\n\n\u003e **Note:** Config Remediation Configuration requires an existing Config Rule to be present.\n\n## Example Usage\n\nAWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _this = new aws.cfg.Rule(\"this\", {\n name: \"example\",\n source: {\n owner: \"AWS\",\n sourceIdentifier: \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n});\nconst thisRemediationConfiguration = new aws.cfg.RemediationConfiguration(\"this\", {\n configRuleName: _this.name,\n resourceType: \"AWS::S3::Bucket\",\n targetType: \"SSM_DOCUMENT\",\n targetId: \"AWS-EnableS3BucketEncryption\",\n targetVersion: \"1\",\n parameters: [\n {\n name: \"AutomationAssumeRole\",\n staticValue: \"arn:aws:iam::875924563244:role/security_config\",\n },\n {\n name: \"BucketName\",\n resourceValue: \"RESOURCE_ID\",\n },\n {\n name: \"SSEAlgorithm\",\n staticValue: \"AES256\",\n },\n ],\n automatic: true,\n maximumAutomaticAttempts: 10,\n retryAttemptSeconds: 600,\n executionControls: {\n ssmControls: {\n concurrentExecutionRatePercentage: 25,\n errorPercentage: 20,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.cfg.Rule(\"this\",\n name=\"example\",\n source={\n \"owner\": \"AWS\",\n \"source_identifier\": \"S3_BUCKET_VERSIONING_ENABLED\",\n })\nthis_remediation_configuration = aws.cfg.RemediationConfiguration(\"this\",\n config_rule_name=this.name,\n resource_type=\"AWS::S3::Bucket\",\n target_type=\"SSM_DOCUMENT\",\n target_id=\"AWS-EnableS3BucketEncryption\",\n target_version=\"1\",\n parameters=[\n {\n \"name\": \"AutomationAssumeRole\",\n \"static_value\": \"arn:aws:iam::875924563244:role/security_config\",\n },\n {\n \"name\": \"BucketName\",\n \"resource_value\": \"RESOURCE_ID\",\n },\n {\n \"name\": \"SSEAlgorithm\",\n \"static_value\": \"AES256\",\n },\n ],\n automatic=True,\n maximum_automatic_attempts=10,\n retry_attempt_seconds=600,\n execution_controls={\n \"ssm_controls\": {\n \"concurrent_execution_rate_percentage\": 25,\n \"error_percentage\": 20,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Aws.Cfg.Rule(\"this\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"AWS\",\n SourceIdentifier = \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n });\n\n var thisRemediationConfiguration = new Aws.Cfg.RemediationConfiguration(\"this\", new()\n {\n ConfigRuleName = @this.Name,\n ResourceType = \"AWS::S3::Bucket\",\n TargetType = \"SSM_DOCUMENT\",\n TargetId = \"AWS-EnableS3BucketEncryption\",\n TargetVersion = \"1\",\n Parameters = new[]\n {\n new Aws.Cfg.Inputs.RemediationConfigurationParameterArgs\n {\n Name = \"AutomationAssumeRole\",\n StaticValue = \"arn:aws:iam::875924563244:role/security_config\",\n },\n new Aws.Cfg.Inputs.RemediationConfigurationParameterArgs\n {\n Name = \"BucketName\",\n ResourceValue = \"RESOURCE_ID\",\n },\n new Aws.Cfg.Inputs.RemediationConfigurationParameterArgs\n {\n Name = \"SSEAlgorithm\",\n StaticValue = \"AES256\",\n },\n },\n Automatic = true,\n MaximumAutomaticAttempts = 10,\n RetryAttemptSeconds = 600,\n ExecutionControls = new Aws.Cfg.Inputs.RemediationConfigurationExecutionControlsArgs\n {\n SsmControls = new Aws.Cfg.Inputs.RemediationConfigurationExecutionControlsSsmControlsArgs\n {\n ConcurrentExecutionRatePercentage = 25,\n ErrorPercentage = 20,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := cfg.NewRule(ctx, \"this\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\tSourceIdentifier: pulumi.String(\"S3_BUCKET_VERSIONING_ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRemediationConfiguration(ctx, \"this\", \u0026cfg.RemediationConfigurationArgs{\n\t\t\tConfigRuleName: this.Name,\n\t\t\tResourceType: pulumi.String(\"AWS::S3::Bucket\"),\n\t\t\tTargetType: pulumi.String(\"SSM_DOCUMENT\"),\n\t\t\tTargetId: pulumi.String(\"AWS-EnableS3BucketEncryption\"),\n\t\t\tTargetVersion: pulumi.String(\"1\"),\n\t\t\tParameters: cfg.RemediationConfigurationParameterArray{\n\t\t\t\t\u0026cfg.RemediationConfigurationParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"AutomationAssumeRole\"),\n\t\t\t\t\tStaticValue: pulumi.String(\"arn:aws:iam::875924563244:role/security_config\"),\n\t\t\t\t},\n\t\t\t\t\u0026cfg.RemediationConfigurationParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"BucketName\"),\n\t\t\t\t\tResourceValue: pulumi.String(\"RESOURCE_ID\"),\n\t\t\t\t},\n\t\t\t\t\u0026cfg.RemediationConfigurationParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"SSEAlgorithm\"),\n\t\t\t\t\tStaticValue: pulumi.String(\"AES256\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAutomatic: pulumi.Bool(true),\n\t\t\tMaximumAutomaticAttempts: pulumi.Int(10),\n\t\t\tRetryAttemptSeconds: pulumi.Int(600),\n\t\t\tExecutionControls: \u0026cfg.RemediationConfigurationExecutionControlsArgs{\n\t\t\t\tSsmControls: \u0026cfg.RemediationConfigurationExecutionControlsSsmControlsArgs{\n\t\t\t\t\tConcurrentExecutionRatePercentage: pulumi.Int(25),\n\t\t\t\t\tErrorPercentage: pulumi.Int(20),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.cfg.RemediationConfiguration;\nimport com.pulumi.aws.cfg.RemediationConfigurationArgs;\nimport com.pulumi.aws.cfg.inputs.RemediationConfigurationParameterArgs;\nimport com.pulumi.aws.cfg.inputs.RemediationConfigurationExecutionControlsArgs;\nimport com.pulumi.aws.cfg.inputs.RemediationConfigurationExecutionControlsSsmControlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Rule(\"this\", RuleArgs.builder()\n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"AWS\")\n .sourceIdentifier(\"S3_BUCKET_VERSIONING_ENABLED\")\n .build())\n .build());\n\n var thisRemediationConfiguration = new RemediationConfiguration(\"thisRemediationConfiguration\", RemediationConfigurationArgs.builder()\n .configRuleName(this_.name())\n .resourceType(\"AWS::S3::Bucket\")\n .targetType(\"SSM_DOCUMENT\")\n .targetId(\"AWS-EnableS3BucketEncryption\")\n .targetVersion(\"1\")\n .parameters( \n RemediationConfigurationParameterArgs.builder()\n .name(\"AutomationAssumeRole\")\n .staticValue(\"arn:aws:iam::875924563244:role/security_config\")\n .build(),\n RemediationConfigurationParameterArgs.builder()\n .name(\"BucketName\")\n .resourceValue(\"RESOURCE_ID\")\n .build(),\n RemediationConfigurationParameterArgs.builder()\n .name(\"SSEAlgorithm\")\n .staticValue(\"AES256\")\n .build())\n .automatic(true)\n .maximumAutomaticAttempts(10)\n .retryAttemptSeconds(600)\n .executionControls(RemediationConfigurationExecutionControlsArgs.builder()\n .ssmControls(RemediationConfigurationExecutionControlsSsmControlsArgs.builder()\n .concurrentExecutionRatePercentage(25)\n .errorPercentage(20)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: AWS\n sourceIdentifier: S3_BUCKET_VERSIONING_ENABLED\n thisRemediationConfiguration:\n type: aws:cfg:RemediationConfiguration\n name: this\n properties:\n configRuleName: ${this.name}\n resourceType: AWS::S3::Bucket\n targetType: SSM_DOCUMENT\n targetId: AWS-EnableS3BucketEncryption\n targetVersion: '1'\n parameters:\n - name: AutomationAssumeRole\n staticValue: arn:aws:iam::875924563244:role/security_config\n - name: BucketName\n resourceValue: RESOURCE_ID\n - name: SSEAlgorithm\n staticValue: AES256\n automatic: true\n maximumAutomaticAttempts: 10\n retryAttemptSeconds: 600\n executionControls:\n ssmControls:\n concurrentExecutionRatePercentage: 25\n errorPercentage: 20\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Remediation Configurations using the name config_rule_name. For example:\n\n```sh\n$ pulumi import aws:cfg/remediationConfiguration:RemediationConfiguration this example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Config Remediation Configuration.\n" }, "automatic": { "type": "boolean", "description": "Remediation is triggered automatically if `true`.\n" }, "configRuleName": { "type": "string", "description": "Name of the AWS Config rule.\n" }, "executionControls": { "$ref": "#/types/aws:cfg/RemediationConfigurationExecutionControls:RemediationConfigurationExecutionControls", "description": "Configuration block for execution controls. See below.\n" }, "maximumAutomaticAttempts": { "type": "integer", "description": "Maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RemediationConfigurationParameter:RemediationConfigurationParameter" }, "description": "Can be specified multiple times for each parameter. Each parameter block supports arguments below.\n" }, "resourceType": { "type": "string", "description": "Type of resource.\n" }, "retryAttemptSeconds": { "type": "integer", "description": "Maximum time in seconds that AWS Config runs auto-remediation. If you do not select a number, the default is 60 seconds.\n" }, "targetId": { "type": "string", "description": "Target ID is the name of the public document.\n" }, "targetType": { "type": "string", "description": "Type of the target. Target executes remediation. For example, SSM document.\n\nThe following arguments are optional:\n" }, "targetVersion": { "type": "string", "description": "Version of the target. For example, version of the SSM document\n" } }, "required": [ "arn", "configRuleName", "targetId", "targetType" ], "inputProperties": { "automatic": { "type": "boolean", "description": "Remediation is triggered automatically if `true`.\n" }, "configRuleName": { "type": "string", "description": "Name of the AWS Config rule.\n", "willReplaceOnChanges": true }, "executionControls": { "$ref": "#/types/aws:cfg/RemediationConfigurationExecutionControls:RemediationConfigurationExecutionControls", "description": "Configuration block for execution controls. See below.\n" }, "maximumAutomaticAttempts": { "type": "integer", "description": "Maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RemediationConfigurationParameter:RemediationConfigurationParameter" }, "description": "Can be specified multiple times for each parameter. Each parameter block supports arguments below.\n" }, "resourceType": { "type": "string", "description": "Type of resource.\n" }, "retryAttemptSeconds": { "type": "integer", "description": "Maximum time in seconds that AWS Config runs auto-remediation. If you do not select a number, the default is 60 seconds.\n" }, "targetId": { "type": "string", "description": "Target ID is the name of the public document.\n" }, "targetType": { "type": "string", "description": "Type of the target. Target executes remediation. For example, SSM document.\n\nThe following arguments are optional:\n" }, "targetVersion": { "type": "string", "description": "Version of the target. For example, version of the SSM document\n" } }, "requiredInputs": [ "configRuleName", "targetId", "targetType" ], "stateInputs": { "description": "Input properties used for looking up and filtering RemediationConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Config Remediation Configuration.\n" }, "automatic": { "type": "boolean", "description": "Remediation is triggered automatically if `true`.\n" }, "configRuleName": { "type": "string", "description": "Name of the AWS Config rule.\n", "willReplaceOnChanges": true }, "executionControls": { "$ref": "#/types/aws:cfg/RemediationConfigurationExecutionControls:RemediationConfigurationExecutionControls", "description": "Configuration block for execution controls. See below.\n" }, "maximumAutomaticAttempts": { "type": "integer", "description": "Maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RemediationConfigurationParameter:RemediationConfigurationParameter" }, "description": "Can be specified multiple times for each parameter. Each parameter block supports arguments below.\n" }, "resourceType": { "type": "string", "description": "Type of resource.\n" }, "retryAttemptSeconds": { "type": "integer", "description": "Maximum time in seconds that AWS Config runs auto-remediation. If you do not select a number, the default is 60 seconds.\n" }, "targetId": { "type": "string", "description": "Target ID is the name of the public document.\n" }, "targetType": { "type": "string", "description": "Type of the target. Target executes remediation. For example, SSM document.\n\nThe following arguments are optional:\n" }, "targetVersion": { "type": "string", "description": "Version of the target. For example, version of the SSM document\n" } }, "type": "object" } }, "aws:cfg/retentionConfiguration:RetentionConfiguration": { "description": "Provides a resource to manage the AWS Config retention configuration.\nThe retention configuration defines the number of days that AWS Config stores historical information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.RetentionConfiguration(\"example\", {retentionPeriodInDays: 90});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.RetentionConfiguration(\"example\", retention_period_in_days=90)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.RetentionConfiguration(\"example\", new()\n {\n RetentionPeriodInDays = 90,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRetentionConfiguration(ctx, \"example\", \u0026cfg.RetentionConfigurationArgs{\n\t\t\tRetentionPeriodInDays: pulumi.Int(90),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.RetentionConfiguration;\nimport com.pulumi.aws.cfg.RetentionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RetentionConfiguration(\"example\", RetentionConfigurationArgs.builder()\n .retentionPeriodInDays(90)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:RetentionConfiguration\n properties:\n retentionPeriodInDays: 90\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the AWS Config retention configuration using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/retentionConfiguration:RetentionConfiguration example default\n```\n", "properties": { "name": { "type": "string", "description": "The name of the retention configuration object. The object is always named **default**.\n" }, "retentionPeriodInDays": { "type": "integer", "description": "The number of days AWS Config stores historical information.\n" } }, "required": [ "name", "retentionPeriodInDays" ], "inputProperties": { "retentionPeriodInDays": { "type": "integer", "description": "The number of days AWS Config stores historical information.\n" } }, "requiredInputs": [ "retentionPeriodInDays" ], "stateInputs": { "description": "Input properties used for looking up and filtering RetentionConfiguration resources.\n", "properties": { "name": { "type": "string", "description": "The name of the retention configuration object. The object is always named **default**.\n" }, "retentionPeriodInDays": { "type": "integer", "description": "The number of days AWS Config stores historical information.\n" } }, "type": "object" } }, "aws:cfg/rule:Rule": { "description": "Provides an AWS Config Rule.\n\n\u003e **Note:** Config Rule requires an existing Configuration Recorder to be present. Use of `depends_on` is recommended (as shown below) to avoid race conditions.\n\n## Example Usage\n\n### AWS Managed Rules\n\nAWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst rRole = new aws.iam.Role(\"r\", {\n name: \"my-awsconfig-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: rRole.arn,\n});\nconst r = new aws.cfg.Rule(\"r\", {\n name: \"example\",\n source: {\n owner: \"AWS\",\n sourceIdentifier: \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n}, {\n dependsOn: [foo],\n});\nconst p = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"config:Put*\"],\n resources: [\"*\"],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"my-awsconfig-policy\",\n role: rRole.id,\n policy: p.then(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"config.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nr_role = aws.iam.Role(\"r\",\n name=\"my-awsconfig-role\",\n assume_role_policy=assume_role.json)\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r_role.arn)\nr = aws.cfg.Rule(\"r\",\n name=\"example\",\n source={\n \"owner\": \"AWS\",\n \"source_identifier\": \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n opts = pulumi.ResourceOptions(depends_on=[foo]))\np = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"config:Put*\"],\n \"resources\": [\"*\"],\n}])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"my-awsconfig-policy\",\n role=r_role.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var rRole = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"my-awsconfig-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = rRole.Arn,\n });\n\n var r = new Aws.Cfg.Rule(\"r\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"AWS\",\n SourceIdentifier = \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n foo,\n },\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"config:Put*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"my-awsconfig-policy\",\n Role = rRole.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trRole, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: rRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"r\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\tSourceIdentifier: pulumi.String(\"S3_BUCKET_VERSIONING_ENABLED\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfoo,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"config:Put*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-policy\"),\n\t\t\tRole: rRole.ID(),\n\t\t\tPolicy: pulumi.String(p.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var rRole = new Role(\"rRole\", RoleArgs.builder()\n .name(\"my-awsconfig-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new Recorder(\"foo\", RecorderArgs.builder()\n .name(\"example\")\n .roleArn(rRole.arn())\n .build());\n\n var r = new Rule(\"r\", RuleArgs.builder()\n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"AWS\")\n .sourceIdentifier(\"S3_BUCKET_VERSIONING_ENABLED\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(foo)\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"config:Put*\")\n .resources(\"*\")\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder()\n .name(\"my-awsconfig-policy\")\n .role(rRole.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n r:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: AWS\n sourceIdentifier: S3_BUCKET_VERSIONING_ENABLED\n options:\n dependson:\n - ${foo}\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${rRole.arn}\n rRole:\n type: aws:iam:Role\n name: r\n properties:\n name: my-awsconfig-role\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: my-awsconfig-policy\n role: ${rRole.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - config:Put*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Rules\n\nCustom rules can be used by setting the source owner to `CUSTOM_LAMBDA` and the source identifier to the Amazon Resource Name (ARN) of the Lambda Function. The AWS Config service must have permissions to invoke the Lambda Function, e.g., via the `aws.lambda.Permission` resource. More information about custom rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Recorder(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {});\nconst examplePermission = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleRule = new aws.cfg.Rule(\"example\", {source: {\n owner: \"CUSTOM_LAMBDA\",\n sourceIdentifier: exampleFunction.arn,\n}}, {\n dependsOn: [\n example,\n examplePermission,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Recorder(\"example\")\nexample_function = aws.lambda_.Function(\"example\")\nexample_permission = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_function.arn,\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_rule = aws.cfg.Rule(\"example\", source={\n \"owner\": \"CUSTOM_LAMBDA\",\n \"source_identifier\": example_function.arn,\n},\nopts = pulumi.ResourceOptions(depends_on=[\n example,\n example_permission,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Recorder(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\");\n\n var examplePermission = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleRule = new Aws.Cfg.Rule(\"example\", new()\n {\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_LAMBDA\",\n SourceIdentifier = exampleFunction.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n examplePermission,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cfg.NewRecorder(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFunction, err := lambda.NewFunction(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermission, err := lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: exampleFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_LAMBDA\"),\n\t\t\t\tSourceIdentifier: exampleFunction.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\texamplePermission,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Recorder(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\");\n\n var examplePermission = new Permission(\"examplePermission\", PermissionArgs.builder()\n .action(\"lambda:InvokeFunction\")\n .function(exampleFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleRule = new Rule(\"exampleRule\", RuleArgs.builder()\n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_LAMBDA\")\n .sourceIdentifier(exampleFunction.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n examplePermission)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Recorder\n exampleFunction:\n type: aws:lambda:Function\n name: example\n examplePermission:\n type: aws:lambda:Permission\n name: example\n properties:\n action: lambda:InvokeFunction\n function: ${exampleFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleRule:\n type: aws:cfg:Rule\n name: example\n properties:\n source:\n owner: CUSTOM_LAMBDA\n sourceIdentifier: ${exampleFunction.arn}\n options:\n dependson:\n - ${example}\n - ${examplePermission}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Rule(\"example\", {\n name: \"example\",\n source: {\n owner: \"CUSTOM_POLICY\",\n sourceDetails: [{\n messageType: \"ConfigurationItemChangeNotification\",\n }],\n customPolicyDetails: {\n policyRuntime: \"guard-2.x.x\",\n policyText: `\\x09 rule tableisactive when\n\\x09\\x09 resourceType == \"AWS::DynamoDB::Table\" {\n\\x09\\x09 configuration.tableStatus == ['ACTIVE']\n\\x09 }\n\\x09 \n\\x09 rule checkcompliance when\n\\x09\\x09 resourceType == \"AWS::DynamoDB::Table\"\n\\x09\\x09 tableisactive {\n\\x09\\x09\\x09 supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\\x09 }\n`,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Rule(\"example\",\n name=\"example\",\n source={\n \"owner\": \"CUSTOM_POLICY\",\n \"source_details\": [{\n \"message_type\": \"ConfigurationItemChangeNotification\",\n }],\n \"custom_policy_details\": {\n \"policy_runtime\": \"guard-2.x.x\",\n \"policy_text\": \"\"\"\\x09 rule tableisactive when\n\\x09\\x09 resourceType == \"AWS::DynamoDB::Table\" {\n\\x09\\x09 configuration.tableStatus == ['ACTIVE']\n\\x09 }\n\\x09 \n\\x09 rule checkcompliance when\n\\x09\\x09 resourceType == \"AWS::DynamoDB::Table\"\n\\x09\\x09 tableisactive {\n\\x09\\x09\\x09 supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\\x09 }\n\"\"\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Rule(\"example\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_POLICY\",\n SourceDetails = new[]\n {\n new Aws.Cfg.Inputs.RuleSourceSourceDetailArgs\n {\n MessageType = \"ConfigurationItemChangeNotification\",\n },\n },\n CustomPolicyDetails = new Aws.Cfg.Inputs.RuleSourceCustomPolicyDetailsArgs\n {\n PolicyRuntime = \"guard-2.x.x\",\n PolicyText = @\"\t rule tableisactive when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"\"ENABLED\"\"\n\t }\n\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_POLICY\"),\n\t\t\t\tSourceDetails: cfg.RuleSourceSourceDetailArray{\n\t\t\t\t\t\u0026cfg.RuleSourceSourceDetailArgs{\n\t\t\t\t\t\tMessageType: pulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCustomPolicyDetails: \u0026cfg.RuleSourceCustomPolicyDetailsArgs{\n\t\t\t\t\tPolicyRuntime: pulumi.String(\"guard-2.x.x\"),\n\t\t\t\t\tPolicyText: pulumi.String(`\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n`),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceCustomPolicyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_POLICY\")\n .sourceDetails(RuleSourceSourceDetailArgs.builder()\n .messageType(\"ConfigurationItemChangeNotification\")\n .build())\n .customPolicyDetails(RuleSourceCustomPolicyDetailsArgs.builder()\n .policyRuntime(\"guard-2.x.x\")\n .policyText(\"\"\"\n\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n \"\"\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: CUSTOM_POLICY\n sourceDetails:\n - messageType: ConfigurationItemChangeNotification\n customPolicyDetails:\n policyRuntime: guard-2.x.x\n policyText: \"\\t rule tableisactive when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\" {\\n\\t\\t configuration.tableStatus == ['ACTIVE']\\n\\t }\\n\\t \\n\\t rule checkcompliance when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\"\\n\\t\\t tableisactive {\\n\\t\\t\\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \\\"ENABLED\\\"\\n\\t }\\n\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Rule using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/rule:Rule foo example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the config rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "evaluationModes": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RuleEvaluationMode:RuleEvaluationMode" }, "description": "The modes the Config rule can be evaluated in. See Evaluation Mode for more details.\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "ruleId": { "type": "string", "description": "The ID of the config rule\n" }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule. See Scope Below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause the function to evaluate your AWS resources. See Source Below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "evaluationModes", "name", "ruleId", "source", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the rule\n" }, "evaluationModes": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RuleEvaluationMode:RuleEvaluationMode" }, "description": "The modes the Config rule can be evaluated in. See Evaluation Mode for more details.\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule. See Scope Below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause the function to evaluate your AWS resources. See Source Below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the config rule\n" }, "description": { "type": "string", "description": "Description of the rule\n" }, "evaluationModes": { "type": "array", "items": { "$ref": "#/types/aws:cfg/RuleEvaluationMode:RuleEvaluationMode" }, "description": "The modes the Config rule can be evaluated in. See Evaluation Mode for more details.\n" }, "inputParameters": { "type": "string", "description": "A string in JSON format that is passed to the AWS Config rule Lambda function.\n" }, "maximumExecutionFrequency": { "type": "string", "description": "The maximum frequency with which AWS Config runs evaluations for a rule.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "ruleId": { "type": "string", "description": "The ID of the config rule\n" }, "scope": { "$ref": "#/types/aws:cfg/RuleScope:RuleScope", "description": "Scope defines which resources can trigger an evaluation for the rule. See Scope Below.\n" }, "source": { "$ref": "#/types/aws:cfg/RuleSource:RuleSource", "description": "Source specifies the rule owner, the rule identifier, and the notifications that cause the function to evaluate your AWS resources. See Source Below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:chime/sdkvoiceGlobalSettings:SdkvoiceGlobalSettings": { "description": "Resource for managing Amazon Chime SDK Voice Global Settings.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.chime.SdkvoiceGlobalSettings(\"example\", {voiceConnector: {\n cdrBucket: \"example-bucket-name\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.chime.SdkvoiceGlobalSettings(\"example\", voice_connector={\n \"cdr_bucket\": \"example-bucket-name\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Chime.SdkvoiceGlobalSettings(\"example\", new()\n {\n VoiceConnector = new Aws.Chime.Inputs.SdkvoiceGlobalSettingsVoiceConnectorArgs\n {\n CdrBucket = \"example-bucket-name\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewSdkvoiceGlobalSettings(ctx, \"example\", \u0026chime.SdkvoiceGlobalSettingsArgs{\n\t\t\tVoiceConnector: \u0026chime.SdkvoiceGlobalSettingsVoiceConnectorArgs{\n\t\t\t\tCdrBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.SdkvoiceGlobalSettings;\nimport com.pulumi.aws.chime.SdkvoiceGlobalSettingsArgs;\nimport com.pulumi.aws.chime.inputs.SdkvoiceGlobalSettingsVoiceConnectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SdkvoiceGlobalSettings(\"example\", SdkvoiceGlobalSettingsArgs.builder()\n .voiceConnector(SdkvoiceGlobalSettingsVoiceConnectorArgs.builder()\n .cdrBucket(\"example-bucket-name\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:chime:SdkvoiceGlobalSettings\n properties:\n voiceConnector:\n cdrBucket: example-bucket-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Chime SDK Voice Global Settings using the `id` (AWS account ID). For example:\n\n```sh\n$ pulumi import aws:chime/sdkvoiceGlobalSettings:SdkvoiceGlobalSettings example 123456789012\n```\n", "properties": { "voiceConnector": { "$ref": "#/types/aws:chime/SdkvoiceGlobalSettingsVoiceConnector:SdkvoiceGlobalSettingsVoiceConnector", "description": "The Voice Connector settings. See voice_connector.\n" } }, "required": [ "voiceConnector" ], "inputProperties": { "voiceConnector": { "$ref": "#/types/aws:chime/SdkvoiceGlobalSettingsVoiceConnector:SdkvoiceGlobalSettingsVoiceConnector", "description": "The Voice Connector settings. See voice_connector.\n" } }, "requiredInputs": [ "voiceConnector" ], "stateInputs": { "description": "Input properties used for looking up and filtering SdkvoiceGlobalSettings resources.\n", "properties": { "voiceConnector": { "$ref": "#/types/aws:chime/SdkvoiceGlobalSettingsVoiceConnector:SdkvoiceGlobalSettingsVoiceConnector", "description": "The Voice Connector settings. See voice_connector.\n" } }, "type": "object" } }, "aws:chime/sdkvoiceSipMediaApplication:SdkvoiceSipMediaApplication": { "description": "A ChimeSDKVoice SIP Media Application is a managed object that passes values from a SIP rule to a target AWS Lambda function.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.chime.SdkvoiceSipMediaApplication(\"example\", {\n awsRegion: \"us-east-1\",\n name: \"example-sip-media-application\",\n endpoints: {\n lambdaArn: test.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.chime.SdkvoiceSipMediaApplication(\"example\",\n aws_region=\"us-east-1\",\n name=\"example-sip-media-application\",\n endpoints={\n \"lambda_arn\": test[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Chime.SdkvoiceSipMediaApplication(\"example\", new()\n {\n AwsRegion = \"us-east-1\",\n Name = \"example-sip-media-application\",\n Endpoints = new Aws.Chime.Inputs.SdkvoiceSipMediaApplicationEndpointsArgs\n {\n LambdaArn = test.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewSdkvoiceSipMediaApplication(ctx, \"example\", \u0026chime.SdkvoiceSipMediaApplicationArgs{\n\t\t\tAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t\tName: pulumi.String(\"example-sip-media-application\"),\n\t\t\tEndpoints: \u0026chime.SdkvoiceSipMediaApplicationEndpointsArgs{\n\t\t\t\tLambdaArn: pulumi.Any(test.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.SdkvoiceSipMediaApplication;\nimport com.pulumi.aws.chime.SdkvoiceSipMediaApplicationArgs;\nimport com.pulumi.aws.chime.inputs.SdkvoiceSipMediaApplicationEndpointsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SdkvoiceSipMediaApplication(\"example\", SdkvoiceSipMediaApplicationArgs.builder()\n .awsRegion(\"us-east-1\")\n .name(\"example-sip-media-application\")\n .endpoints(SdkvoiceSipMediaApplicationEndpointsArgs.builder()\n .lambdaArn(test.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:chime:SdkvoiceSipMediaApplication\n properties:\n awsRegion: us-east-1\n name: example-sip-media-application\n endpoints:\n lambdaArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a ChimeSDKVoice SIP Media Application using the `id`. For example:\n\n```sh\n$ pulumi import aws:chime/sdkvoiceSipMediaApplication:SdkvoiceSipMediaApplication example abcdef123456\n```\n", "properties": { "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the AWS Chime SDK Voice Sip Media Application\n" }, "awsRegion": { "type": "string", "description": "The AWS Region in which the AWS Chime SDK Voice Sip Media Application is created.\n" }, "endpoints": { "$ref": "#/types/aws:chime/SdkvoiceSipMediaApplicationEndpoints:SdkvoiceSipMediaApplicationEndpoints", "description": "List of endpoints (Lambda Amazon Resource Names) specified for the SIP media application. Currently, only one endpoint is supported. See `endpoints`.\n" }, "name": { "type": "string", "description": "The name of the AWS Chime SDK Voice Sip Media Application.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "awsRegion", "endpoints", "name", "tagsAll" ], "inputProperties": { "awsRegion": { "type": "string", "description": "The AWS Region in which the AWS Chime SDK Voice Sip Media Application is created.\n", "willReplaceOnChanges": true }, "endpoints": { "$ref": "#/types/aws:chime/SdkvoiceSipMediaApplicationEndpoints:SdkvoiceSipMediaApplicationEndpoints", "description": "List of endpoints (Lambda Amazon Resource Names) specified for the SIP media application. Currently, only one endpoint is supported. See `endpoints`.\n" }, "name": { "type": "string", "description": "The name of the AWS Chime SDK Voice Sip Media Application.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "awsRegion", "endpoints" ], "stateInputs": { "description": "Input properties used for looking up and filtering SdkvoiceSipMediaApplication resources.\n", "properties": { "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the AWS Chime SDK Voice Sip Media Application\n" }, "awsRegion": { "type": "string", "description": "The AWS Region in which the AWS Chime SDK Voice Sip Media Application is created.\n", "willReplaceOnChanges": true }, "endpoints": { "$ref": "#/types/aws:chime/SdkvoiceSipMediaApplicationEndpoints:SdkvoiceSipMediaApplicationEndpoints", "description": "List of endpoints (Lambda Amazon Resource Names) specified for the SIP media application. Currently, only one endpoint is supported. See `endpoints`.\n" }, "name": { "type": "string", "description": "The name of the AWS Chime SDK Voice Sip Media Application.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:chime/sdkvoiceSipRule:SdkvoiceSipRule": { "description": "A SIP rule associates your SIP media application with a phone number or a Request URI hostname. You can associate a SIP rule with more than one SIP media application. Each application then runs only that rule.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.chime.SdkvoiceSipRule(\"example\", {\n name: \"example-sip-rule\",\n triggerType: \"RequestUriHostname\",\n triggerValue: example_voice_connector.outboundHostName,\n targetApplications: [{\n priority: 1,\n sipMediaApplicationId: example_sma.id,\n awsRegion: \"us-east-1\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.chime.SdkvoiceSipRule(\"example\",\n name=\"example-sip-rule\",\n trigger_type=\"RequestUriHostname\",\n trigger_value=example_voice_connector[\"outboundHostName\"],\n target_applications=[{\n \"priority\": 1,\n \"sip_media_application_id\": example_sma[\"id\"],\n \"aws_region\": \"us-east-1\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Chime.SdkvoiceSipRule(\"example\", new()\n {\n Name = \"example-sip-rule\",\n TriggerType = \"RequestUriHostname\",\n TriggerValue = example_voice_connector.OutboundHostName,\n TargetApplications = new[]\n {\n new Aws.Chime.Inputs.SdkvoiceSipRuleTargetApplicationArgs\n {\n Priority = 1,\n SipMediaApplicationId = example_sma.Id,\n AwsRegion = \"us-east-1\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewSdkvoiceSipRule(ctx, \"example\", \u0026chime.SdkvoiceSipRuleArgs{\n\t\t\tName: pulumi.String(\"example-sip-rule\"),\n\t\t\tTriggerType: pulumi.String(\"RequestUriHostname\"),\n\t\t\tTriggerValue: pulumi.Any(example_voice_connector.OutboundHostName),\n\t\t\tTargetApplications: chime.SdkvoiceSipRuleTargetApplicationArray{\n\t\t\t\t\u0026chime.SdkvoiceSipRuleTargetApplicationArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tSipMediaApplicationId: pulumi.Any(example_sma.Id),\n\t\t\t\t\tAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.SdkvoiceSipRule;\nimport com.pulumi.aws.chime.SdkvoiceSipRuleArgs;\nimport com.pulumi.aws.chime.inputs.SdkvoiceSipRuleTargetApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SdkvoiceSipRule(\"example\", SdkvoiceSipRuleArgs.builder()\n .name(\"example-sip-rule\")\n .triggerType(\"RequestUriHostname\")\n .triggerValue(example_voice_connector.outboundHostName())\n .targetApplications(SdkvoiceSipRuleTargetApplicationArgs.builder()\n .priority(1)\n .sipMediaApplicationId(example_sma.id())\n .awsRegion(\"us-east-1\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:chime:SdkvoiceSipRule\n properties:\n name: example-sip-rule\n triggerType: RequestUriHostname\n triggerValue: ${[\"example-voice-connector\"].outboundHostName}\n targetApplications:\n - priority: 1\n sipMediaApplicationId: ${[\"example-sma\"].id}\n awsRegion: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a ChimeSDKVoice SIP Rule using the `id`. For example:\n\n```sh\n$ pulumi import aws:chime/sdkvoiceSipRule:SdkvoiceSipRule example abcdef123456\n```\n", "properties": { "disabled": { "type": "boolean", "description": "Enables or disables a rule. You must disable rules before you can delete them.\n" }, "name": { "type": "string", "description": "The name of the SIP rule.\n" }, "targetApplications": { "type": "array", "items": { "$ref": "#/types/aws:chime/SdkvoiceSipRuleTargetApplication:SdkvoiceSipRuleTargetApplication" }, "description": "List of SIP media applications with priority and AWS Region. Only one SIP application per AWS Region can be used. See `target_applications`.\n" }, "triggerType": { "type": "string", "description": "The type of trigger assigned to the SIP rule in `trigger_value`. Valid values are `RequestUriHostname` or `ToPhoneNumber`.\n" }, "triggerValue": { "type": "string", "description": "If `trigger_type` is `RequestUriHostname`, the value can be the outbound host name of an Amazon Chime Voice Connector. If `trigger_type` is `ToPhoneNumber`, the value can be a customer-owned phone number in the E164 format. The Sip Media Application specified in the Sip Rule is triggered if the request URI in an incoming SIP request matches the `RequestUriHostname`, or if the \"To\" header in the incoming SIP request matches the `ToPhoneNumber` value.\n\nThe following arguments are optional:\n" } }, "required": [ "name", "targetApplications", "triggerType", "triggerValue" ], "inputProperties": { "disabled": { "type": "boolean", "description": "Enables or disables a rule. You must disable rules before you can delete them.\n" }, "name": { "type": "string", "description": "The name of the SIP rule.\n" }, "targetApplications": { "type": "array", "items": { "$ref": "#/types/aws:chime/SdkvoiceSipRuleTargetApplication:SdkvoiceSipRuleTargetApplication" }, "description": "List of SIP media applications with priority and AWS Region. Only one SIP application per AWS Region can be used. See `target_applications`.\n" }, "triggerType": { "type": "string", "description": "The type of trigger assigned to the SIP rule in `trigger_value`. Valid values are `RequestUriHostname` or `ToPhoneNumber`.\n" }, "triggerValue": { "type": "string", "description": "If `trigger_type` is `RequestUriHostname`, the value can be the outbound host name of an Amazon Chime Voice Connector. If `trigger_type` is `ToPhoneNumber`, the value can be a customer-owned phone number in the E164 format. The Sip Media Application specified in the Sip Rule is triggered if the request URI in an incoming SIP request matches the `RequestUriHostname`, or if the \"To\" header in the incoming SIP request matches the `ToPhoneNumber` value.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "targetApplications", "triggerType", "triggerValue" ], "stateInputs": { "description": "Input properties used for looking up and filtering SdkvoiceSipRule resources.\n", "properties": { "disabled": { "type": "boolean", "description": "Enables or disables a rule. You must disable rules before you can delete them.\n" }, "name": { "type": "string", "description": "The name of the SIP rule.\n" }, "targetApplications": { "type": "array", "items": { "$ref": "#/types/aws:chime/SdkvoiceSipRuleTargetApplication:SdkvoiceSipRuleTargetApplication" }, "description": "List of SIP media applications with priority and AWS Region. Only one SIP application per AWS Region can be used. See `target_applications`.\n" }, "triggerType": { "type": "string", "description": "The type of trigger assigned to the SIP rule in `trigger_value`. Valid values are `RequestUriHostname` or `ToPhoneNumber`.\n" }, "triggerValue": { "type": "string", "description": "If `trigger_type` is `RequestUriHostname`, the value can be the outbound host name of an Amazon Chime Voice Connector. If `trigger_type` is `ToPhoneNumber`, the value can be a customer-owned phone number in the E164 format. The Sip Media Application specified in the Sip Rule is triggered if the request URI in an incoming SIP request matches the `RequestUriHostname`, or if the \"To\" header in the incoming SIP request matches the `ToPhoneNumber` value.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:chime/sdkvoiceVoiceProfileDomain:SdkvoiceVoiceProfileDomain": { "description": "Resource for managing an AWS Chime SDK Voice Profile Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"KMS Key for Voice Profile Domain\",\n deletionWindowInDays: 7,\n});\nconst exampleSdkvoiceVoiceProfileDomain = new aws.chime.SdkvoiceVoiceProfileDomain(\"example\", {\n name: \"ExampleVoiceProfileDomain\",\n serverSideEncryptionConfiguration: {\n kmsKeyArn: example.arn,\n },\n description: \"My Voice Profile Domain\",\n tags: {\n key1: \"value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"KMS Key for Voice Profile Domain\",\n deletion_window_in_days=7)\nexample_sdkvoice_voice_profile_domain = aws.chime.SdkvoiceVoiceProfileDomain(\"example\",\n name=\"ExampleVoiceProfileDomain\",\n server_side_encryption_configuration={\n \"kms_key_arn\": example.arn,\n },\n description=\"My Voice Profile Domain\",\n tags={\n \"key1\": \"value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"KMS Key for Voice Profile Domain\",\n DeletionWindowInDays = 7,\n });\n\n var exampleSdkvoiceVoiceProfileDomain = new Aws.Chime.SdkvoiceVoiceProfileDomain(\"example\", new()\n {\n Name = \"ExampleVoiceProfileDomain\",\n ServerSideEncryptionConfiguration = new Aws.Chime.Inputs.SdkvoiceVoiceProfileDomainServerSideEncryptionConfigurationArgs\n {\n KmsKeyArn = example.Arn,\n },\n Description = \"My Voice Profile Domain\",\n Tags = \n {\n { \"key1\", \"value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS Key for Voice Profile Domain\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewSdkvoiceVoiceProfileDomain(ctx, \"example\", \u0026chime.SdkvoiceVoiceProfileDomainArgs{\n\t\t\tName: pulumi.String(\"ExampleVoiceProfileDomain\"),\n\t\t\tServerSideEncryptionConfiguration: \u0026chime.SdkvoiceVoiceProfileDomainServerSideEncryptionConfigurationArgs{\n\t\t\t\tKmsKeyArn: example.Arn,\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My Voice Profile Domain\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.chime.SdkvoiceVoiceProfileDomain;\nimport com.pulumi.aws.chime.SdkvoiceVoiceProfileDomainArgs;\nimport com.pulumi.aws.chime.inputs.SdkvoiceVoiceProfileDomainServerSideEncryptionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"KMS Key for Voice Profile Domain\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleSdkvoiceVoiceProfileDomain = new SdkvoiceVoiceProfileDomain(\"exampleSdkvoiceVoiceProfileDomain\", SdkvoiceVoiceProfileDomainArgs.builder()\n .name(\"ExampleVoiceProfileDomain\")\n .serverSideEncryptionConfiguration(SdkvoiceVoiceProfileDomainServerSideEncryptionConfigurationArgs.builder()\n .kmsKeyArn(example.arn())\n .build())\n .description(\"My Voice Profile Domain\")\n .tags(Map.of(\"key1\", \"value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: KMS Key for Voice Profile Domain\n deletionWindowInDays: 7\n exampleSdkvoiceVoiceProfileDomain:\n type: aws:chime:SdkvoiceVoiceProfileDomain\n name: example\n properties:\n name: ExampleVoiceProfileDomain\n serverSideEncryptionConfiguration:\n kmsKeyArn: ${example.arn}\n description: My Voice Profile Domain\n tags:\n key1: value1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Chime SDK Voice Profile Domain using the `id`. For example:\n\n```sh\n$ pulumi import aws:chime/sdkvoiceVoiceProfileDomain:SdkvoiceVoiceProfileDomain example abcdef123456\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Voice Profile Domain.\n" }, "description": { "type": "string", "description": "Description of Voice Profile Domain.\n" }, "name": { "type": "string", "description": "Name of Voice Profile Domain.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:chime/SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration:SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration", "description": "Configuration for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "serverSideEncryptionConfiguration", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of Voice Profile Domain.\n" }, "name": { "type": "string", "description": "Name of Voice Profile Domain.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:chime/SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration:SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration", "description": "Configuration for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "serverSideEncryptionConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering SdkvoiceVoiceProfileDomain resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Voice Profile Domain.\n" }, "description": { "type": "string", "description": "Description of Voice Profile Domain.\n" }, "name": { "type": "string", "description": "Name of Voice Profile Domain.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:chime/SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration:SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration", "description": "Configuration for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:chime/voiceConnector:VoiceConnector": { "description": "Enables you to connect your phone system to the telephone network at a substantial cost savings by using SIP trunking.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.chime.VoiceConnector(\"test\", {\n name: \"connector-test-1\",\n requireEncryption: true,\n awsRegion: \"us-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.chime.VoiceConnector(\"test\",\n name=\"connector-test-1\",\n require_encryption=True,\n aws_region=\"us-east-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Chime.VoiceConnector(\"test\", new()\n {\n Name = \"connector-test-1\",\n RequireEncryption = true,\n AwsRegion = \"us-east-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"test\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"connector-test-1\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t\tAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new VoiceConnector(\"test\", VoiceConnectorArgs.builder()\n .name(\"connector-test-1\")\n .requireEncryption(true)\n .awsRegion(\"us-east-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:chime:VoiceConnector\n properties:\n name: connector-test-1\n requireEncryption: true\n awsRegion: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder using the name. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnector:VoiceConnector test example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Amazon Chime Voice Connector.\n" }, "awsRegion": { "type": "string", "description": "The AWS Region in which the Amazon Chime Voice Connector is created. Default value: `us-east-1`\n" }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector.\n" }, "outboundHostName": { "type": "string", "description": "The outbound host name for the Amazon Chime Voice Connector.\n" }, "requireEncryption": { "type": "boolean", "description": "When enabled, requires encryption for the Amazon Chime Voice Connector.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "awsRegion", "name", "outboundHostName", "requireEncryption", "tagsAll" ], "inputProperties": { "awsRegion": { "type": "string", "description": "The AWS Region in which the Amazon Chime Voice Connector is created. Default value: `us-east-1`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector.\n" }, "requireEncryption": { "type": "boolean", "description": "When enabled, requires encryption for the Amazon Chime Voice Connector.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "requireEncryption" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnector resources.\n", "properties": { "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the Amazon Chime Voice Connector.\n" }, "awsRegion": { "type": "string", "description": "The AWS Region in which the Amazon Chime Voice Connector is created. Default value: `us-east-1`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector.\n" }, "outboundHostName": { "type": "string", "description": "The outbound host name for the Amazon Chime Voice Connector.\n" }, "requireEncryption": { "type": "boolean", "description": "When enabled, requires encryption for the Amazon Chime Voice Connector.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:chime/voiceConnectorGroup:VoiceConnectorGroup": { "description": "Creates an Amazon Chime Voice Connector group under the administrator's AWS account. You can associate Amazon Chime Voice Connectors with the Amazon Chime Voice Connector group by including VoiceConnectorItems in the request.\n\nYou can include Amazon Chime Voice Connectors from different AWS Regions in your group. This creates a fault tolerant mechanism for fallback in case of availability events.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vc1 = new aws.chime.VoiceConnector(\"vc1\", {\n name: \"connector-test-1\",\n requireEncryption: true,\n awsRegion: \"us-east-1\",\n});\nconst vc2 = new aws.chime.VoiceConnector(\"vc2\", {\n name: \"connector-test-2\",\n requireEncryption: true,\n awsRegion: \"us-west-2\",\n});\nconst group = new aws.chime.VoiceConnectorGroup(\"group\", {\n name: \"test-group\",\n connectors: [\n {\n voiceConnectorId: vc1.id,\n priority: 1,\n },\n {\n voiceConnectorId: vc2.id,\n priority: 3,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvc1 = aws.chime.VoiceConnector(\"vc1\",\n name=\"connector-test-1\",\n require_encryption=True,\n aws_region=\"us-east-1\")\nvc2 = aws.chime.VoiceConnector(\"vc2\",\n name=\"connector-test-2\",\n require_encryption=True,\n aws_region=\"us-west-2\")\ngroup = aws.chime.VoiceConnectorGroup(\"group\",\n name=\"test-group\",\n connectors=[\n {\n \"voice_connector_id\": vc1.id,\n \"priority\": 1,\n },\n {\n \"voice_connector_id\": vc2.id,\n \"priority\": 3,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vc1 = new Aws.Chime.VoiceConnector(\"vc1\", new()\n {\n Name = \"connector-test-1\",\n RequireEncryption = true,\n AwsRegion = \"us-east-1\",\n });\n\n var vc2 = new Aws.Chime.VoiceConnector(\"vc2\", new()\n {\n Name = \"connector-test-2\",\n RequireEncryption = true,\n AwsRegion = \"us-west-2\",\n });\n\n var @group = new Aws.Chime.VoiceConnectorGroup(\"group\", new()\n {\n Name = \"test-group\",\n Connectors = new[]\n {\n new Aws.Chime.Inputs.VoiceConnectorGroupConnectorArgs\n {\n VoiceConnectorId = vc1.Id,\n Priority = 1,\n },\n new Aws.Chime.Inputs.VoiceConnectorGroupConnectorArgs\n {\n VoiceConnectorId = vc2.Id,\n Priority = 3,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvc1, err := chime.NewVoiceConnector(ctx, \"vc1\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"connector-test-1\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t\tAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvc2, err := chime.NewVoiceConnector(ctx, \"vc2\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"connector-test-2\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t\tAwsRegion: pulumi.String(\"us-west-2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorGroup(ctx, \"group\", \u0026chime.VoiceConnectorGroupArgs{\n\t\t\tName: pulumi.String(\"test-group\"),\n\t\t\tConnectors: chime.VoiceConnectorGroupConnectorArray{\n\t\t\t\t\u0026chime.VoiceConnectorGroupConnectorArgs{\n\t\t\t\t\tVoiceConnectorId: vc1.ID(),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\t\u0026chime.VoiceConnectorGroupConnectorArgs{\n\t\t\t\t\tVoiceConnectorId: vc2.ID(),\n\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorGroup;\nimport com.pulumi.aws.chime.VoiceConnectorGroupArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorGroupConnectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vc1 = new VoiceConnector(\"vc1\", VoiceConnectorArgs.builder()\n .name(\"connector-test-1\")\n .requireEncryption(true)\n .awsRegion(\"us-east-1\")\n .build());\n\n var vc2 = new VoiceConnector(\"vc2\", VoiceConnectorArgs.builder()\n .name(\"connector-test-2\")\n .requireEncryption(true)\n .awsRegion(\"us-west-2\")\n .build());\n\n var group = new VoiceConnectorGroup(\"group\", VoiceConnectorGroupArgs.builder()\n .name(\"test-group\")\n .connectors( \n VoiceConnectorGroupConnectorArgs.builder()\n .voiceConnectorId(vc1.id())\n .priority(1)\n .build(),\n VoiceConnectorGroupConnectorArgs.builder()\n .voiceConnectorId(vc2.id())\n .priority(3)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vc1:\n type: aws:chime:VoiceConnector\n properties:\n name: connector-test-1\n requireEncryption: true\n awsRegion: us-east-1\n vc2:\n type: aws:chime:VoiceConnector\n properties:\n name: connector-test-2\n requireEncryption: true\n awsRegion: us-west-2\n group:\n type: aws:chime:VoiceConnectorGroup\n properties:\n name: test-group\n connectors:\n - voiceConnectorId: ${vc1.id}\n priority: 1\n - voiceConnectorId: ${vc2.id}\n priority: 3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder using the name. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorGroup:VoiceConnectorGroup default example\n```\n", "properties": { "connectors": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorGroupConnector:VoiceConnectorGroupConnector" }, "description": "The Amazon Chime Voice Connectors to route inbound calls to.\n" }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector group.\n" } }, "required": [ "name" ], "inputProperties": { "connectors": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorGroupConnector:VoiceConnectorGroupConnector" }, "description": "The Amazon Chime Voice Connectors to route inbound calls to.\n" }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector group.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorGroup resources.\n", "properties": { "connectors": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorGroupConnector:VoiceConnectorGroupConnector" }, "description": "The Amazon Chime Voice Connectors to route inbound calls to.\n" }, "name": { "type": "string", "description": "The name of the Amazon Chime Voice Connector group.\n" } }, "type": "object" } }, "aws:chime/voiceConnectorLogging:VoiceConnectorLogging": { "description": "Adds a logging configuration for the specified Amazon Chime Voice Connector. The logging configuration specifies whether SIP message logs are enabled for sending to Amazon CloudWatch Logs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"vc-name-test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorLogging = new aws.chime.VoiceConnectorLogging(\"default\", {\n enableSipLogs: true,\n enableMediaMetricLogs: true,\n voiceConnectorId: _default.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"vc-name-test\",\n require_encryption=True)\ndefault_voice_connector_logging = aws.chime.VoiceConnectorLogging(\"default\",\n enable_sip_logs=True,\n enable_media_metric_logs=True,\n voice_connector_id=default.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"vc-name-test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorLogging = new Aws.Chime.VoiceConnectorLogging(\"default\", new()\n {\n EnableSipLogs = true,\n EnableMediaMetricLogs = true,\n VoiceConnectorId = @default.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"vc-name-test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorLogging(ctx, \"default\", \u0026chime.VoiceConnectorLoggingArgs{\n\t\t\tEnableSipLogs: pulumi.Bool(true),\n\t\t\tEnableMediaMetricLogs: pulumi.Bool(true),\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorLogging;\nimport com.pulumi.aws.chime.VoiceConnectorLoggingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"vc-name-test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorLogging = new VoiceConnectorLogging(\"defaultVoiceConnectorLogging\", VoiceConnectorLoggingArgs.builder()\n .enableSipLogs(true)\n .enableMediaMetricLogs(true)\n .voiceConnectorId(default_.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: vc-name-test\n requireEncryption: true\n defaultVoiceConnectorLogging:\n type: aws:chime:VoiceConnectorLogging\n name: default\n properties:\n enableSipLogs: true\n enableMediaMetricLogs: true\n voiceConnectorId: ${default.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Logging using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorLogging:VoiceConnectorLogging default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "enableMediaMetricLogs": { "type": "boolean", "description": "When true, enables logging of detailed media metrics for Voice Connectors to Amazon CloudWatch logs.\n" }, "enableSipLogs": { "type": "boolean", "description": "When true, enables SIP message logs for sending to Amazon CloudWatch Logs.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n" } }, "required": [ "voiceConnectorId" ], "inputProperties": { "enableMediaMetricLogs": { "type": "boolean", "description": "When true, enables logging of detailed media metrics for Voice Connectors to Amazon CloudWatch logs.\n" }, "enableSipLogs": { "type": "boolean", "description": "When true, enables SIP message logs for sending to Amazon CloudWatch Logs.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "voiceConnectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorLogging resources.\n", "properties": { "enableMediaMetricLogs": { "type": "boolean", "description": "When true, enables logging of detailed media metrics for Voice Connectors to Amazon CloudWatch logs.\n" }, "enableSipLogs": { "type": "boolean", "description": "When true, enables SIP message logs for sending to Amazon CloudWatch Logs.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:chime/voiceConnectorOrganization:VoiceConnectorOrganization": { "description": "Enable origination settings to control inbound calling to your SIP infrastructure.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorOrganization = new aws.chime.VoiceConnectorOrganization(\"default\", {\n disabled: false,\n voiceConnectorId: _default.id,\n routes: [\n {\n host: \"127.0.0.1\",\n port: 8081,\n protocol: \"TCP\",\n priority: 1,\n weight: 1,\n },\n {\n host: \"127.0.0.2\",\n port: 8082,\n protocol: \"TCP\",\n priority: 2,\n weight: 10,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"test\",\n require_encryption=True)\ndefault_voice_connector_organization = aws.chime.VoiceConnectorOrganization(\"default\",\n disabled=False,\n voice_connector_id=default.id,\n routes=[\n {\n \"host\": \"127.0.0.1\",\n \"port\": 8081,\n \"protocol\": \"TCP\",\n \"priority\": 1,\n \"weight\": 1,\n },\n {\n \"host\": \"127.0.0.2\",\n \"port\": 8082,\n \"protocol\": \"TCP\",\n \"priority\": 2,\n \"weight\": 10,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorOrganization = new Aws.Chime.VoiceConnectorOrganization(\"default\", new()\n {\n Disabled = false,\n VoiceConnectorId = @default.Id,\n Routes = new[]\n {\n new Aws.Chime.Inputs.VoiceConnectorOrganizationRouteArgs\n {\n Host = \"127.0.0.1\",\n Port = 8081,\n Protocol = \"TCP\",\n Priority = 1,\n Weight = 1,\n },\n new Aws.Chime.Inputs.VoiceConnectorOrganizationRouteArgs\n {\n Host = \"127.0.0.2\",\n Port = 8082,\n Protocol = \"TCP\",\n Priority = 2,\n Weight = 10,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorOrganization(ctx, \"default\", \u0026chime.VoiceConnectorOrganizationArgs{\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tRoutes: chime.VoiceConnectorOrganizationRouteArray{\n\t\t\t\t\u0026chime.VoiceConnectorOrganizationRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"127.0.0.1\"),\n\t\t\t\t\tPort: pulumi.Int(8081),\n\t\t\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tWeight: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\t\u0026chime.VoiceConnectorOrganizationRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"127.0.0.2\"),\n\t\t\t\t\tPort: pulumi.Int(8082),\n\t\t\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tWeight: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorOrganization;\nimport com.pulumi.aws.chime.VoiceConnectorOrganizationArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorOrganizationRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorOrganization = new VoiceConnectorOrganization(\"defaultVoiceConnectorOrganization\", VoiceConnectorOrganizationArgs.builder()\n .disabled(false)\n .voiceConnectorId(default_.id())\n .routes( \n VoiceConnectorOrganizationRouteArgs.builder()\n .host(\"127.0.0.1\")\n .port(8081)\n .protocol(\"TCP\")\n .priority(1)\n .weight(1)\n .build(),\n VoiceConnectorOrganizationRouteArgs.builder()\n .host(\"127.0.0.2\")\n .port(8082)\n .protocol(\"TCP\")\n .priority(2)\n .weight(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: test\n requireEncryption: true\n defaultVoiceConnectorOrganization:\n type: aws:chime:VoiceConnectorOrganization\n name: default\n properties:\n disabled: false\n voiceConnectorId: ${default.id}\n routes:\n - host: 127.0.0.1\n port: 8081\n protocol: TCP\n priority: 1\n weight: 1\n - host: 127.0.0.2\n port: 8082\n protocol: TCP\n priority: 2\n weight: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Origination using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorOrganization:VoiceConnectorOrganization default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "disabled": { "type": "boolean", "description": "When origination settings are disabled, inbound calls are not enabled for your Amazon Chime Voice Connector.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorOrganizationRoute:VoiceConnectorOrganizationRoute" }, "description": "Set of call distribution properties defined for your SIP hosts. See route below for more details. Minimum of 1. Maximum of 20.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n" } }, "required": [ "routes", "voiceConnectorId" ], "inputProperties": { "disabled": { "type": "boolean", "description": "When origination settings are disabled, inbound calls are not enabled for your Amazon Chime Voice Connector.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorOrganizationRoute:VoiceConnectorOrganizationRoute" }, "description": "Set of call distribution properties defined for your SIP hosts. See route below for more details. Minimum of 1. Maximum of 20.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "routes", "voiceConnectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorOrganization resources.\n", "properties": { "disabled": { "type": "boolean", "description": "When origination settings are disabled, inbound calls are not enabled for your Amazon Chime Voice Connector.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorOrganizationRoute:VoiceConnectorOrganizationRoute" }, "description": "Set of call distribution properties defined for your SIP hosts. See route below for more details. Minimum of 1. Maximum of 20.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:chime/voiceConnectorStreaming:VoiceConnectorStreaming": { "description": "Adds a streaming configuration for the specified Amazon Chime Voice Connector. The streaming configuration specifies whether media streaming is enabled for sending to Amazon Kinesis.\nIt also sets the retention period, in hours, for the Amazon Kinesis data.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"vc-name-test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorStreaming = new aws.chime.VoiceConnectorStreaming(\"default\", {\n disabled: false,\n voiceConnectorId: _default.id,\n dataRetention: 7,\n streamingNotificationTargets: [\"SQS\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"vc-name-test\",\n require_encryption=True)\ndefault_voice_connector_streaming = aws.chime.VoiceConnectorStreaming(\"default\",\n disabled=False,\n voice_connector_id=default.id,\n data_retention=7,\n streaming_notification_targets=[\"SQS\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"vc-name-test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorStreaming = new Aws.Chime.VoiceConnectorStreaming(\"default\", new()\n {\n Disabled = false,\n VoiceConnectorId = @default.Id,\n DataRetention = 7,\n StreamingNotificationTargets = new[]\n {\n \"SQS\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"vc-name-test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorStreaming(ctx, \"default\", \u0026chime.VoiceConnectorStreamingArgs{\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tDataRetention: pulumi.Int(7),\n\t\t\tStreamingNotificationTargets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SQS\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorStreaming;\nimport com.pulumi.aws.chime.VoiceConnectorStreamingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"vc-name-test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorStreaming = new VoiceConnectorStreaming(\"defaultVoiceConnectorStreaming\", VoiceConnectorStreamingArgs.builder()\n .disabled(false)\n .voiceConnectorId(default_.id())\n .dataRetention(7)\n .streamingNotificationTargets(\"SQS\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: vc-name-test\n requireEncryption: true\n defaultVoiceConnectorStreaming:\n type: aws:chime:VoiceConnectorStreaming\n name: default\n properties:\n disabled: false\n voiceConnectorId: ${default.id}\n dataRetention: 7\n streamingNotificationTargets:\n - SQS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Usage With Media Insights\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"vc-name-test\",\n requireEncryption: true,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"mediapipelines.chime.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"ExampleResourceAccessRole\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleStream = new aws.kinesis.Stream(\"example\", {\n name: \"ExampleStream\",\n shardCount: 2,\n});\nconst example = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"example\", {\n name: \"ExampleConfig\",\n resourceAccessRoleArn: exampleRole.arn,\n elements: [\n {\n type: \"AmazonTranscribeCallAnalyticsProcessor\",\n amazonTranscribeCallAnalyticsProcessorConfiguration: {\n languageCode: \"en-US\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: exampleStream.arn,\n },\n },\n ],\n});\nconst defaultVoiceConnectorStreaming = new aws.chime.VoiceConnectorStreaming(\"default\", {\n disabled: false,\n voiceConnectorId: _default.id,\n dataRetention: 7,\n streamingNotificationTargets: [\"SQS\"],\n mediaInsightsConfiguration: {\n disabled: false,\n configurationArn: example.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"vc-name-test\",\n require_encryption=True)\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"mediapipelines.chime.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"ExampleResourceAccessRole\",\n assume_role_policy=assume_role.json)\nexample_stream = aws.kinesis.Stream(\"example\",\n name=\"ExampleStream\",\n shard_count=2)\nexample = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"example\",\n name=\"ExampleConfig\",\n resource_access_role_arn=example_role.arn,\n elements=[\n {\n \"type\": \"AmazonTranscribeCallAnalyticsProcessor\",\n \"amazon_transcribe_call_analytics_processor_configuration\": {\n \"language_code\": \"en-US\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": example_stream.arn,\n },\n },\n ])\ndefault_voice_connector_streaming = aws.chime.VoiceConnectorStreaming(\"default\",\n disabled=False,\n voice_connector_id=default.id,\n data_retention=7,\n streaming_notification_targets=[\"SQS\"],\n media_insights_configuration={\n \"disabled\": False,\n \"configuration_arn\": example.arn,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"vc-name-test\",\n RequireEncryption = true,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"mediapipelines.chime.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"ExampleResourceAccessRole\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleStream = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"ExampleStream\",\n ShardCount = 2,\n });\n\n var example = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"example\", new()\n {\n Name = \"ExampleConfig\",\n ResourceAccessRoleArn = exampleRole.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"AmazonTranscribeCallAnalyticsProcessor\",\n AmazonTranscribeCallAnalyticsProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs\n {\n LanguageCode = \"en-US\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = exampleStream.Arn,\n },\n },\n },\n });\n\n var defaultVoiceConnectorStreaming = new Aws.Chime.VoiceConnectorStreaming(\"default\", new()\n {\n Disabled = false,\n VoiceConnectorId = @default.Id,\n DataRetention = 7,\n StreamingNotificationTargets = new[]\n {\n \"SQS\",\n },\n MediaInsightsConfiguration = new Aws.Chime.Inputs.VoiceConnectorStreamingMediaInsightsConfigurationArgs\n {\n Disabled = false,\n ConfigurationArn = example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"vc-name-test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"mediapipelines.chime.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"ExampleResourceAccessRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStream, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"ExampleStream\"),\n\t\t\tShardCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"example\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"ExampleConfig\"),\n\t\t\tResourceAccessRoleArn: exampleRole.Arn,\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"AmazonTranscribeCallAnalyticsProcessor\"),\n\t\t\t\t\tAmazonTranscribeCallAnalyticsProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs{\n\t\t\t\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: exampleStream.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorStreaming(ctx, \"default\", \u0026chime.VoiceConnectorStreamingArgs{\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tDataRetention: pulumi.Int(7),\n\t\t\tStreamingNotificationTargets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SQS\"),\n\t\t\t},\n\t\t\tMediaInsightsConfiguration: \u0026chime.VoiceConnectorStreamingMediaInsightsConfigurationArgs{\n\t\t\t\tDisabled: pulumi.Bool(false),\n\t\t\t\tConfigurationArn: example.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport com.pulumi.aws.chime.VoiceConnectorStreaming;\nimport com.pulumi.aws.chime.VoiceConnectorStreamingArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorStreamingMediaInsightsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"vc-name-test\")\n .requireEncryption(true)\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"mediapipelines.chime.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"ExampleResourceAccessRole\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleStream = new Stream(\"exampleStream\", StreamArgs.builder()\n .name(\"ExampleStream\")\n .shardCount(2)\n .build());\n\n var example = new MediaInsightsPipelineConfiguration(\"example\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"ExampleConfig\")\n .resourceAccessRoleArn(exampleRole.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"AmazonTranscribeCallAnalyticsProcessor\")\n .amazonTranscribeCallAnalyticsProcessorConfiguration(MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs.builder()\n .languageCode(\"en-US\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(exampleStream.arn())\n .build())\n .build())\n .build());\n\n var defaultVoiceConnectorStreaming = new VoiceConnectorStreaming(\"defaultVoiceConnectorStreaming\", VoiceConnectorStreamingArgs.builder()\n .disabled(false)\n .voiceConnectorId(default_.id())\n .dataRetention(7)\n .streamingNotificationTargets(\"SQS\")\n .mediaInsightsConfiguration(VoiceConnectorStreamingMediaInsightsConfigurationArgs.builder()\n .disabled(false)\n .configurationArn(example.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: vc-name-test\n requireEncryption: true\n defaultVoiceConnectorStreaming:\n type: aws:chime:VoiceConnectorStreaming\n name: default\n properties:\n disabled: false\n voiceConnectorId: ${default.id}\n dataRetention: 7\n streamingNotificationTargets:\n - SQS\n mediaInsightsConfiguration:\n disabled: false\n configurationArn: ${example.arn}\n example:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n properties:\n name: ExampleConfig\n resourceAccessRoleArn: ${exampleRole.arn}\n elements:\n - type: AmazonTranscribeCallAnalyticsProcessor\n amazonTranscribeCallAnalyticsProcessorConfiguration:\n languageCode: en-US\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${exampleStream.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: ExampleResourceAccessRole\n assumeRolePolicy: ${assumeRole.json}\n exampleStream:\n type: aws:kinesis:Stream\n name: example\n properties:\n name: ExampleStream\n shardCount: 2\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - mediapipelines.chime.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Streaming using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorStreaming:VoiceConnectorStreaming default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "dataRetention": { "type": "integer", "description": "The retention period, in hours, for the Amazon Kinesis data.\n" }, "disabled": { "type": "boolean", "description": "When true, media streaming to Amazon Kinesis is turned off. Default: `false`\n" }, "mediaInsightsConfiguration": { "$ref": "#/types/aws:chime/VoiceConnectorStreamingMediaInsightsConfiguration:VoiceConnectorStreamingMediaInsightsConfiguration", "description": "The media insights configuration. See `media_insights_configuration`.\n" }, "streamingNotificationTargets": { "type": "array", "items": { "type": "string" }, "description": "The streaming notification targets. Valid Values: `EventBridge | SNS | SQS`\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n" } }, "required": [ "dataRetention", "voiceConnectorId" ], "inputProperties": { "dataRetention": { "type": "integer", "description": "The retention period, in hours, for the Amazon Kinesis data.\n" }, "disabled": { "type": "boolean", "description": "When true, media streaming to Amazon Kinesis is turned off. Default: `false`\n" }, "mediaInsightsConfiguration": { "$ref": "#/types/aws:chime/VoiceConnectorStreamingMediaInsightsConfiguration:VoiceConnectorStreamingMediaInsightsConfiguration", "description": "The media insights configuration. See `media_insights_configuration`.\n" }, "streamingNotificationTargets": { "type": "array", "items": { "type": "string" }, "description": "The streaming notification targets. Valid Values: `EventBridge | SNS | SQS`\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dataRetention", "voiceConnectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorStreaming resources.\n", "properties": { "dataRetention": { "type": "integer", "description": "The retention period, in hours, for the Amazon Kinesis data.\n" }, "disabled": { "type": "boolean", "description": "When true, media streaming to Amazon Kinesis is turned off. Default: `false`\n" }, "mediaInsightsConfiguration": { "$ref": "#/types/aws:chime/VoiceConnectorStreamingMediaInsightsConfiguration:VoiceConnectorStreamingMediaInsightsConfiguration", "description": "The media insights configuration. See `media_insights_configuration`.\n" }, "streamingNotificationTargets": { "type": "array", "items": { "type": "string" }, "description": "The streaming notification targets. Valid Values: `EventBridge | SNS | SQS`\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:chime/voiceConnectorTermination:VoiceConnectorTermination": { "description": "Enable Termination settings to control outbound calling from your SIP infrastructure.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"vc-name-test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorTermination = new aws.chime.VoiceConnectorTermination(\"default\", {\n disabled: false,\n cpsLimit: 1,\n cidrAllowLists: [\"50.35.78.96/31\"],\n callingRegions: [\n \"US\",\n \"CA\",\n ],\n voiceConnectorId: _default.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"vc-name-test\",\n require_encryption=True)\ndefault_voice_connector_termination = aws.chime.VoiceConnectorTermination(\"default\",\n disabled=False,\n cps_limit=1,\n cidr_allow_lists=[\"50.35.78.96/31\"],\n calling_regions=[\n \"US\",\n \"CA\",\n ],\n voice_connector_id=default.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"vc-name-test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorTermination = new Aws.Chime.VoiceConnectorTermination(\"default\", new()\n {\n Disabled = false,\n CpsLimit = 1,\n CidrAllowLists = new[]\n {\n \"50.35.78.96/31\",\n },\n CallingRegions = new[]\n {\n \"US\",\n \"CA\",\n },\n VoiceConnectorId = @default.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"vc-name-test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorTermination(ctx, \"default\", \u0026chime.VoiceConnectorTerminationArgs{\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tCpsLimit: pulumi.Int(1),\n\t\t\tCidrAllowLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"50.35.78.96/31\"),\n\t\t\t},\n\t\t\tCallingRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t},\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTermination;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"vc-name-test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorTermination = new VoiceConnectorTermination(\"defaultVoiceConnectorTermination\", VoiceConnectorTerminationArgs.builder()\n .disabled(false)\n .cpsLimit(1)\n .cidrAllowLists(\"50.35.78.96/31\")\n .callingRegions( \n \"US\",\n \"CA\")\n .voiceConnectorId(default_.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: vc-name-test\n requireEncryption: true\n defaultVoiceConnectorTermination:\n type: aws:chime:VoiceConnectorTermination\n name: default\n properties:\n disabled: false\n cpsLimit: 1\n cidrAllowLists:\n - 50.35.78.96/31\n callingRegions:\n - US\n - CA\n voiceConnectorId: ${default.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Termination using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorTermination:VoiceConnectorTermination default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "callingRegions": { "type": "array", "items": { "type": "string" }, "description": "The countries to which calls are allowed, in ISO 3166-1 alpha-2 format.\n" }, "cidrAllowLists": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses allowed to make calls, in CIDR format.\n" }, "cpsLimit": { "type": "integer", "description": "The limit on calls per second. Max value based on account service quota. Default value of `1`.\n" }, "defaultPhoneNumber": { "type": "string", "description": "The default caller ID phone number.\n" }, "disabled": { "type": "boolean", "description": "When termination settings are disabled, outbound calls can not be made.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n" } }, "required": [ "callingRegions", "cidrAllowLists", "voiceConnectorId" ], "inputProperties": { "callingRegions": { "type": "array", "items": { "type": "string" }, "description": "The countries to which calls are allowed, in ISO 3166-1 alpha-2 format.\n" }, "cidrAllowLists": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses allowed to make calls, in CIDR format.\n" }, "cpsLimit": { "type": "integer", "description": "The limit on calls per second. Max value based on account service quota. Default value of `1`.\n" }, "defaultPhoneNumber": { "type": "string", "description": "The default caller ID phone number.\n" }, "disabled": { "type": "boolean", "description": "When termination settings are disabled, outbound calls can not be made.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "callingRegions", "cidrAllowLists", "voiceConnectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorTermination resources.\n", "properties": { "callingRegions": { "type": "array", "items": { "type": "string" }, "description": "The countries to which calls are allowed, in ISO 3166-1 alpha-2 format.\n" }, "cidrAllowLists": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses allowed to make calls, in CIDR format.\n" }, "cpsLimit": { "type": "integer", "description": "The limit on calls per second. Max value based on account service quota. Default value of `1`.\n" }, "defaultPhoneNumber": { "type": "string", "description": "The default caller ID phone number.\n" }, "disabled": { "type": "boolean", "description": "When termination settings are disabled, outbound calls can not be made.\n" }, "voiceConnectorId": { "type": "string", "description": "The Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials": { "description": "Adds termination SIP credentials for the specified Amazon Chime Voice Connector.\n\n\u003e **Note:** Voice Connector Termination Credentials requires a Voice Connector Termination to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorTermination = new aws.chime.VoiceConnectorTermination(\"default\", {\n disabled: true,\n cpsLimit: 1,\n cidrAllowLists: [\"50.35.78.96/31\"],\n callingRegions: [\n \"US\",\n \"CA\",\n ],\n voiceConnectorId: _default.id,\n});\nconst defaultVoiceConnectorTerminationCredentials = new aws.chime.VoiceConnectorTerminationCredentials(\"default\", {\n voiceConnectorId: _default.id,\n credentials: [{\n username: \"test\",\n password: \"test!\",\n }],\n}, {\n dependsOn: [defaultVoiceConnectorTermination],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"test\",\n require_encryption=True)\ndefault_voice_connector_termination = aws.chime.VoiceConnectorTermination(\"default\",\n disabled=True,\n cps_limit=1,\n cidr_allow_lists=[\"50.35.78.96/31\"],\n calling_regions=[\n \"US\",\n \"CA\",\n ],\n voice_connector_id=default.id)\ndefault_voice_connector_termination_credentials = aws.chime.VoiceConnectorTerminationCredentials(\"default\",\n voice_connector_id=default.id,\n credentials=[{\n \"username\": \"test\",\n \"password\": \"test!\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[default_voice_connector_termination]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorTermination = new Aws.Chime.VoiceConnectorTermination(\"default\", new()\n {\n Disabled = true,\n CpsLimit = 1,\n CidrAllowLists = new[]\n {\n \"50.35.78.96/31\",\n },\n CallingRegions = new[]\n {\n \"US\",\n \"CA\",\n },\n VoiceConnectorId = @default.Id,\n });\n\n var defaultVoiceConnectorTerminationCredentials = new Aws.Chime.VoiceConnectorTerminationCredentials(\"default\", new()\n {\n VoiceConnectorId = @default.Id,\n Credentials = new[]\n {\n new Aws.Chime.Inputs.VoiceConnectorTerminationCredentialsCredentialArgs\n {\n Username = \"test\",\n Password = \"test!\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n defaultVoiceConnectorTermination,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultVoiceConnectorTermination, err := chime.NewVoiceConnectorTermination(ctx, \"default\", \u0026chime.VoiceConnectorTerminationArgs{\n\t\t\tDisabled: pulumi.Bool(true),\n\t\t\tCpsLimit: pulumi.Int(1),\n\t\t\tCidrAllowLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"50.35.78.96/31\"),\n\t\t\t},\n\t\t\tCallingRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t},\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorTerminationCredentials(ctx, \"default\", \u0026chime.VoiceConnectorTerminationCredentialsArgs{\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tCredentials: chime.VoiceConnectorTerminationCredentialsCredentialArray{\n\t\t\t\t\u0026chime.VoiceConnectorTerminationCredentialsCredentialArgs{\n\t\t\t\t\tUsername: pulumi.String(\"test\"),\n\t\t\t\t\tPassword: pulumi.String(\"test!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdefaultVoiceConnectorTermination,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTermination;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentials;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentialsArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorTerminationCredentialsCredentialArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder()\n .name(\"test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorTermination = new VoiceConnectorTermination(\"defaultVoiceConnectorTermination\", VoiceConnectorTerminationArgs.builder()\n .disabled(true)\n .cpsLimit(1)\n .cidrAllowLists(\"50.35.78.96/31\")\n .callingRegions( \n \"US\",\n \"CA\")\n .voiceConnectorId(default_.id())\n .build());\n\n var defaultVoiceConnectorTerminationCredentials = new VoiceConnectorTerminationCredentials(\"defaultVoiceConnectorTerminationCredentials\", VoiceConnectorTerminationCredentialsArgs.builder()\n .voiceConnectorId(default_.id())\n .credentials(VoiceConnectorTerminationCredentialsCredentialArgs.builder()\n .username(\"test\")\n .password(\"test!\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(defaultVoiceConnectorTermination)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: test\n requireEncryption: true\n defaultVoiceConnectorTermination:\n type: aws:chime:VoiceConnectorTermination\n name: default\n properties:\n disabled: true\n cpsLimit: 1\n cidrAllowLists:\n - 50.35.78.96/31\n callingRegions:\n - US\n - CA\n voiceConnectorId: ${default.id}\n defaultVoiceConnectorTerminationCredentials:\n type: aws:chime:VoiceConnectorTerminationCredentials\n name: default\n properties:\n voiceConnectorId: ${default.id}\n credentials:\n - username: test\n password: test!\n options:\n dependson:\n - ${defaultVoiceConnectorTermination}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Termination Credentials using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "credentials": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorTerminationCredentialsCredential:VoiceConnectorTerminationCredentialsCredential" }, "description": "List of termination SIP credentials.\n" }, "voiceConnectorId": { "type": "string", "description": "Amazon Chime Voice Connector ID.\n" } }, "required": [ "credentials", "voiceConnectorId" ], "inputProperties": { "credentials": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorTerminationCredentialsCredential:VoiceConnectorTerminationCredentialsCredential" }, "description": "List of termination SIP credentials.\n" }, "voiceConnectorId": { "type": "string", "description": "Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "credentials", "voiceConnectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VoiceConnectorTerminationCredentials resources.\n", "properties": { "credentials": { "type": "array", "items": { "$ref": "#/types/aws:chime/VoiceConnectorTerminationCredentialsCredential:VoiceConnectorTerminationCredentialsCredential" }, "description": "List of termination SIP credentials.\n" }, "voiceConnectorId": { "type": "string", "description": "Amazon Chime Voice Connector ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:chimesdkmediapipelines/mediaInsightsPipelineConfiguration:MediaInsightsPipelineConfiguration": { "description": "Resource for managing an AWS Chime SDK Media Pipelines Media Insights Pipeline Configuration.\nConsult the [Call analytics developer guide](https://docs.aws.amazon.com/chime-sdk/latest/dg/call-analytics.html) for more detailed information about usage.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kinesis.Stream(\"example\", {\n name: \"example\",\n shardCount: 2,\n});\nconst mediaPipelinesAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"mediapipelines.chime.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst callAnalyticsRole = new aws.iam.Role(\"call_analytics_role\", {\n name: \"CallAnalyticsRole\",\n assumeRolePolicy: mediaPipelinesAssumeRole.then(mediaPipelinesAssumeRole =\u003e mediaPipelinesAssumeRole.json),\n});\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyBasicConfiguration\",\n resourceAccessRoleArn: callAnalyticsRole.arn,\n elements: [\n {\n type: \"AmazonTranscribeCallAnalyticsProcessor\",\n amazonTranscribeCallAnalyticsProcessorConfiguration: {\n languageCode: \"en-US\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: example.arn,\n },\n },\n ],\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kinesis.Stream(\"example\",\n name=\"example\",\n shard_count=2)\nmedia_pipelines_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"mediapipelines.chime.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ncall_analytics_role = aws.iam.Role(\"call_analytics_role\",\n name=\"CallAnalyticsRole\",\n assume_role_policy=media_pipelines_assume_role.json)\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyBasicConfiguration\",\n resource_access_role_arn=call_analytics_role.arn,\n elements=[\n {\n \"type\": \"AmazonTranscribeCallAnalyticsProcessor\",\n \"amazon_transcribe_call_analytics_processor_configuration\": {\n \"language_code\": \"en-US\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": example.arn,\n },\n },\n ],\n tags={\n \"Key1\": \"Value1\",\n \"Key2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"example\",\n ShardCount = 2,\n });\n\n var mediaPipelinesAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"mediapipelines.chime.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var callAnalyticsRole = new Aws.Iam.Role(\"call_analytics_role\", new()\n {\n Name = \"CallAnalyticsRole\",\n AssumeRolePolicy = mediaPipelinesAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyBasicConfiguration\",\n ResourceAccessRoleArn = callAnalyticsRole.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"AmazonTranscribeCallAnalyticsProcessor\",\n AmazonTranscribeCallAnalyticsProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs\n {\n LanguageCode = \"en-US\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = example.Arn,\n },\n },\n },\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tShardCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmediaPipelinesAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"mediapipelines.chime.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcallAnalyticsRole, err := iam.NewRole(ctx, \"call_analytics_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"CallAnalyticsRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(mediaPipelinesAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyBasicConfiguration\"),\n\t\t\tResourceAccessRoleArn: callAnalyticsRole.Arn,\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"AmazonTranscribeCallAnalyticsProcessor\"),\n\t\t\t\t\tAmazonTranscribeCallAnalyticsProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs{\n\t\t\t\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: example.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Stream(\"example\", StreamArgs.builder()\n .name(\"example\")\n .shardCount(2)\n .build());\n\n final var mediaPipelinesAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"mediapipelines.chime.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var callAnalyticsRole = new Role(\"callAnalyticsRole\", RoleArgs.builder()\n .name(\"CallAnalyticsRole\")\n .assumeRolePolicy(mediaPipelinesAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyBasicConfiguration\")\n .resourceAccessRoleArn(callAnalyticsRole.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"AmazonTranscribeCallAnalyticsProcessor\")\n .amazonTranscribeCallAnalyticsProcessorConfiguration(MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs.builder()\n .languageCode(\"en-US\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(example.arn())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyBasicConfiguration\n resourceAccessRoleArn: ${callAnalyticsRole.arn}\n elements:\n - type: AmazonTranscribeCallAnalyticsProcessor\n amazonTranscribeCallAnalyticsProcessorConfiguration:\n languageCode: en-US\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${example.arn}\n tags:\n Key1: Value1\n Key2: Value2\n example:\n type: aws:kinesis:Stream\n properties:\n name: example\n shardCount: 2\n callAnalyticsRole:\n type: aws:iam:Role\n name: call_analytics_role\n properties:\n name: CallAnalyticsRole\n assumeRolePolicy: ${mediaPipelinesAssumeRole.json}\nvariables:\n mediaPipelinesAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - mediapipelines.chime.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n- The required policies on `call_analytics_role` will vary based on the selected processors. See [Call analytics resource access role](https://docs.aws.amazon.com/chime-sdk/latest/dg/ca-resource-access-role.html) for directions on choosing appropriate policies.\n\n### Transcribe Call Analytics processor usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst transcribeAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"transcribe.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst postCallRole = new aws.iam.Role(\"post_call_role\", {\n name: \"PostCallAccessRole\",\n assumeRolePolicy: transcribeAssumeRole.then(transcribeAssumeRole =\u003e transcribeAssumeRole.json),\n});\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyCallAnalyticsConfiguration\",\n resourceAccessRoleArn: exampleAwsIamRole.arn,\n elements: [\n {\n type: \"AmazonTranscribeCallAnalyticsProcessor\",\n amazonTranscribeCallAnalyticsProcessorConfiguration: {\n callAnalyticsStreamCategories: [\n \"category_1\",\n \"category_2\",\n ],\n contentRedactionType: \"PII\",\n enablePartialResultsStabilization: true,\n filterPartialResults: true,\n languageCode: \"en-US\",\n languageModelName: \"MyLanguageModel\",\n partialResultsStability: \"high\",\n piiEntityTypes: \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n postCallAnalyticsSettings: {\n contentRedactionOutput: \"redacted\",\n dataAccessRoleArn: postCallRole.arn,\n outputEncryptionKmsKeyId: \"MyKmsKeyId\",\n outputLocation: \"s3://MyBucket\",\n },\n vocabularyFilterMethod: \"mask\",\n vocabularyFilterName: \"MyVocabularyFilter\",\n vocabularyName: \"MyVocabulary\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: example.arn,\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntranscribe_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"transcribe.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\npost_call_role = aws.iam.Role(\"post_call_role\",\n name=\"PostCallAccessRole\",\n assume_role_policy=transcribe_assume_role.json)\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyCallAnalyticsConfiguration\",\n resource_access_role_arn=example_aws_iam_role[\"arn\"],\n elements=[\n {\n \"type\": \"AmazonTranscribeCallAnalyticsProcessor\",\n \"amazon_transcribe_call_analytics_processor_configuration\": {\n \"call_analytics_stream_categories\": [\n \"category_1\",\n \"category_2\",\n ],\n \"content_redaction_type\": \"PII\",\n \"enable_partial_results_stabilization\": True,\n \"filter_partial_results\": True,\n \"language_code\": \"en-US\",\n \"language_model_name\": \"MyLanguageModel\",\n \"partial_results_stability\": \"high\",\n \"pii_entity_types\": \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n \"post_call_analytics_settings\": {\n \"content_redaction_output\": \"redacted\",\n \"data_access_role_arn\": post_call_role.arn,\n \"output_encryption_kms_key_id\": \"MyKmsKeyId\",\n \"output_location\": \"s3://MyBucket\",\n },\n \"vocabulary_filter_method\": \"mask\",\n \"vocabulary_filter_name\": \"MyVocabularyFilter\",\n \"vocabulary_name\": \"MyVocabulary\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": example[\"arn\"],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transcribeAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transcribe.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var postCallRole = new Aws.Iam.Role(\"post_call_role\", new()\n {\n Name = \"PostCallAccessRole\",\n AssumeRolePolicy = transcribeAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyCallAnalyticsConfiguration\",\n ResourceAccessRoleArn = exampleAwsIamRole.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"AmazonTranscribeCallAnalyticsProcessor\",\n AmazonTranscribeCallAnalyticsProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs\n {\n CallAnalyticsStreamCategories = new[]\n {\n \"category_1\",\n \"category_2\",\n },\n ContentRedactionType = \"PII\",\n EnablePartialResultsStabilization = true,\n FilterPartialResults = true,\n LanguageCode = \"en-US\",\n LanguageModelName = \"MyLanguageModel\",\n PartialResultsStability = \"high\",\n PiiEntityTypes = \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n PostCallAnalyticsSettings = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettingsArgs\n {\n ContentRedactionOutput = \"redacted\",\n DataAccessRoleArn = postCallRole.Arn,\n OutputEncryptionKmsKeyId = \"MyKmsKeyId\",\n OutputLocation = \"s3://MyBucket\",\n },\n VocabularyFilterMethod = \"mask\",\n VocabularyFilterName = \"MyVocabularyFilter\",\n VocabularyName = \"MyVocabulary\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = example.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttranscribeAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transcribe.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostCallRole, err := iam.NewRole(ctx, \"post_call_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"PostCallAccessRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(transcribeAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyCallAnalyticsConfiguration\"),\n\t\t\tResourceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"AmazonTranscribeCallAnalyticsProcessor\"),\n\t\t\t\t\tAmazonTranscribeCallAnalyticsProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs{\n\t\t\t\t\t\tCallAnalyticsStreamCategories: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"category_1\"),\n\t\t\t\t\t\t\tpulumi.String(\"category_2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tContentRedactionType: pulumi.String(\"PII\"),\n\t\t\t\t\t\tEnablePartialResultsStabilization: pulumi.Bool(true),\n\t\t\t\t\t\tFilterPartialResults: pulumi.Bool(true),\n\t\t\t\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\t\t\t\tLanguageModelName: pulumi.String(\"MyLanguageModel\"),\n\t\t\t\t\t\tPartialResultsStability: pulumi.String(\"high\"),\n\t\t\t\t\t\tPiiEntityTypes: pulumi.String(\"ADDRESS,BANK_ACCOUNT_NUMBER\"),\n\t\t\t\t\t\tPostCallAnalyticsSettings: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettingsArgs{\n\t\t\t\t\t\t\tContentRedactionOutput: pulumi.String(\"redacted\"),\n\t\t\t\t\t\t\tDataAccessRoleArn: postCallRole.Arn,\n\t\t\t\t\t\t\tOutputEncryptionKmsKeyId: pulumi.String(\"MyKmsKeyId\"),\n\t\t\t\t\t\t\tOutputLocation: pulumi.String(\"s3://MyBucket\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVocabularyFilterMethod: pulumi.String(\"mask\"),\n\t\t\t\t\t\tVocabularyFilterName: pulumi.String(\"MyVocabularyFilter\"),\n\t\t\t\t\t\tVocabularyName: pulumi.String(\"MyVocabulary\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.Any(example.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettingsArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var transcribeAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transcribe.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var postCallRole = new Role(\"postCallRole\", RoleArgs.builder()\n .name(\"PostCallAccessRole\")\n .assumeRolePolicy(transcribeAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyCallAnalyticsConfiguration\")\n .resourceAccessRoleArn(exampleAwsIamRole.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"AmazonTranscribeCallAnalyticsProcessor\")\n .amazonTranscribeCallAnalyticsProcessorConfiguration(MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs.builder()\n .callAnalyticsStreamCategories( \n \"category_1\",\n \"category_2\")\n .contentRedactionType(\"PII\")\n .enablePartialResultsStabilization(true)\n .filterPartialResults(true)\n .languageCode(\"en-US\")\n .languageModelName(\"MyLanguageModel\")\n .partialResultsStability(\"high\")\n .piiEntityTypes(\"ADDRESS,BANK_ACCOUNT_NUMBER\")\n .postCallAnalyticsSettings(MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettingsArgs.builder()\n .contentRedactionOutput(\"redacted\")\n .dataAccessRoleArn(postCallRole.arn())\n .outputEncryptionKmsKeyId(\"MyKmsKeyId\")\n .outputLocation(\"s3://MyBucket\")\n .build())\n .vocabularyFilterMethod(\"mask\")\n .vocabularyFilterName(\"MyVocabularyFilter\")\n .vocabularyName(\"MyVocabulary\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(example.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyCallAnalyticsConfiguration\n resourceAccessRoleArn: ${exampleAwsIamRole.arn}\n elements:\n - type: AmazonTranscribeCallAnalyticsProcessor\n amazonTranscribeCallAnalyticsProcessorConfiguration:\n callAnalyticsStreamCategories:\n - category_1\n - category_2\n contentRedactionType: PII\n enablePartialResultsStabilization: true\n filterPartialResults: true\n languageCode: en-US\n languageModelName: MyLanguageModel\n partialResultsStability: high\n piiEntityTypes: ADDRESS,BANK_ACCOUNT_NUMBER\n postCallAnalyticsSettings:\n contentRedactionOutput: redacted\n dataAccessRoleArn: ${postCallRole.arn}\n outputEncryptionKmsKeyId: MyKmsKeyId\n outputLocation: s3://MyBucket\n vocabularyFilterMethod: mask\n vocabularyFilterName: MyVocabularyFilter\n vocabularyName: MyVocabulary\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${example.arn}\n postCallRole:\n type: aws:iam:Role\n name: post_call_role\n properties:\n name: PostCallAccessRole\n assumeRolePolicy: ${transcribeAssumeRole.json}\nvariables:\n transcribeAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - transcribe.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Real time alerts usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyRealTimeAlertConfiguration\",\n resourceAccessRoleArn: callAnalyticsRole.arn,\n elements: [\n {\n type: \"AmazonTranscribeCallAnalyticsProcessor\",\n amazonTranscribeCallAnalyticsProcessorConfiguration: {\n languageCode: \"en-US\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: example.arn,\n },\n },\n ],\n realTimeAlertConfiguration: {\n disabled: false,\n rules: [\n {\n type: \"IssueDetection\",\n issueDetectionConfiguration: {\n ruleName: \"MyIssueDetectionRule\",\n },\n },\n {\n type: \"KeywordMatch\",\n keywordMatchConfiguration: {\n keywords: [\n \"keyword1\",\n \"keyword2\",\n ],\n negate: false,\n ruleName: \"MyKeywordMatchRule\",\n },\n },\n {\n type: \"Sentiment\",\n sentimentConfiguration: {\n ruleName: \"MySentimentRule\",\n sentimentType: \"NEGATIVE\",\n timePeriod: 60,\n },\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyRealTimeAlertConfiguration\",\n resource_access_role_arn=call_analytics_role[\"arn\"],\n elements=[\n {\n \"type\": \"AmazonTranscribeCallAnalyticsProcessor\",\n \"amazon_transcribe_call_analytics_processor_configuration\": {\n \"language_code\": \"en-US\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": example[\"arn\"],\n },\n },\n ],\n real_time_alert_configuration={\n \"disabled\": False,\n \"rules\": [\n {\n \"type\": \"IssueDetection\",\n \"issue_detection_configuration\": {\n \"rule_name\": \"MyIssueDetectionRule\",\n },\n },\n {\n \"type\": \"KeywordMatch\",\n \"keyword_match_configuration\": {\n \"keywords\": [\n \"keyword1\",\n \"keyword2\",\n ],\n \"negate\": False,\n \"rule_name\": \"MyKeywordMatchRule\",\n },\n },\n {\n \"type\": \"Sentiment\",\n \"sentiment_configuration\": {\n \"rule_name\": \"MySentimentRule\",\n \"sentiment_type\": \"NEGATIVE\",\n \"time_period\": 60,\n },\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyRealTimeAlertConfiguration\",\n ResourceAccessRoleArn = callAnalyticsRole.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"AmazonTranscribeCallAnalyticsProcessor\",\n AmazonTranscribeCallAnalyticsProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs\n {\n LanguageCode = \"en-US\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = example.Arn,\n },\n },\n },\n RealTimeAlertConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationArgs\n {\n Disabled = false,\n Rules = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs\n {\n Type = \"IssueDetection\",\n IssueDetectionConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfigurationArgs\n {\n RuleName = \"MyIssueDetectionRule\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs\n {\n Type = \"KeywordMatch\",\n KeywordMatchConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfigurationArgs\n {\n Keywords = new[]\n {\n \"keyword1\",\n \"keyword2\",\n },\n Negate = false,\n RuleName = \"MyKeywordMatchRule\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs\n {\n Type = \"Sentiment\",\n SentimentConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfigurationArgs\n {\n RuleName = \"MySentimentRule\",\n SentimentType = \"NEGATIVE\",\n TimePeriod = 60,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyRealTimeAlertConfiguration\"),\n\t\t\tResourceAccessRoleArn: pulumi.Any(callAnalyticsRole.Arn),\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"AmazonTranscribeCallAnalyticsProcessor\"),\n\t\t\t\t\tAmazonTranscribeCallAnalyticsProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs{\n\t\t\t\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.Any(example.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRealTimeAlertConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationArgs{\n\t\t\t\tDisabled: pulumi.Bool(false),\n\t\t\t\tRules: chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArray{\n\t\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs{\n\t\t\t\t\t\tType: pulumi.String(\"IssueDetection\"),\n\t\t\t\t\t\tIssueDetectionConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfigurationArgs{\n\t\t\t\t\t\t\tRuleName: pulumi.String(\"MyIssueDetectionRule\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs{\n\t\t\t\t\t\tType: pulumi.String(\"KeywordMatch\"),\n\t\t\t\t\t\tKeywordMatchConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfigurationArgs{\n\t\t\t\t\t\t\tKeywords: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"keyword1\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"keyword2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tNegate: pulumi.Bool(false),\n\t\t\t\t\t\t\tRuleName: pulumi.String(\"MyKeywordMatchRule\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs{\n\t\t\t\t\t\tType: pulumi.String(\"Sentiment\"),\n\t\t\t\t\t\tSentimentConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfigurationArgs{\n\t\t\t\t\t\t\tRuleName: pulumi.String(\"MySentimentRule\"),\n\t\t\t\t\t\t\tSentimentType: pulumi.String(\"NEGATIVE\"),\n\t\t\t\t\t\t\tTimePeriod: pulumi.Int(60),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationRealTimeAlertConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyRealTimeAlertConfiguration\")\n .resourceAccessRoleArn(callAnalyticsRole.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"AmazonTranscribeCallAnalyticsProcessor\")\n .amazonTranscribeCallAnalyticsProcessorConfiguration(MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationArgs.builder()\n .languageCode(\"en-US\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(example.arn())\n .build())\n .build())\n .realTimeAlertConfiguration(MediaInsightsPipelineConfigurationRealTimeAlertConfigurationArgs.builder()\n .disabled(false)\n .rules( \n MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs.builder()\n .type(\"IssueDetection\")\n .issueDetectionConfiguration(MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfigurationArgs.builder()\n .ruleName(\"MyIssueDetectionRule\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs.builder()\n .type(\"KeywordMatch\")\n .keywordMatchConfiguration(MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfigurationArgs.builder()\n .keywords( \n \"keyword1\",\n \"keyword2\")\n .negate(false)\n .ruleName(\"MyKeywordMatchRule\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleArgs.builder()\n .type(\"Sentiment\")\n .sentimentConfiguration(MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfigurationArgs.builder()\n .ruleName(\"MySentimentRule\")\n .sentimentType(\"NEGATIVE\")\n .timePeriod(60)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyRealTimeAlertConfiguration\n resourceAccessRoleArn: ${callAnalyticsRole.arn}\n elements:\n - type: AmazonTranscribeCallAnalyticsProcessor\n amazonTranscribeCallAnalyticsProcessorConfiguration:\n languageCode: en-US\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${example.arn}\n realTimeAlertConfiguration:\n disabled: false\n rules:\n - type: IssueDetection\n issueDetectionConfiguration:\n ruleName: MyIssueDetectionRule\n - type: KeywordMatch\n keywordMatchConfiguration:\n keywords:\n - keyword1\n - keyword2\n negate: false\n ruleName: MyKeywordMatchRule\n - type: Sentiment\n sentimentConfiguration:\n ruleName: MySentimentRule\n sentimentType: NEGATIVE\n timePeriod: 60\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Transcribe processor usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyTranscribeConfiguration\",\n resourceAccessRoleArn: exampleAwsIamRole.arn,\n elements: [\n {\n type: \"AmazonTranscribeProcessor\",\n amazonTranscribeProcessorConfiguration: {\n contentIdentificationType: \"PII\",\n enablePartialResultsStabilization: true,\n filterPartialResults: true,\n languageCode: \"en-US\",\n languageModelName: \"MyLanguageModel\",\n partialResultsStability: \"high\",\n piiEntityTypes: \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n showSpeakerLabel: true,\n vocabularyFilterMethod: \"mask\",\n vocabularyFilterName: \"MyVocabularyFilter\",\n vocabularyName: \"MyVocabulary\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: example.arn,\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyTranscribeConfiguration\",\n resource_access_role_arn=example_aws_iam_role[\"arn\"],\n elements=[\n {\n \"type\": \"AmazonTranscribeProcessor\",\n \"amazon_transcribe_processor_configuration\": {\n \"content_identification_type\": \"PII\",\n \"enable_partial_results_stabilization\": True,\n \"filter_partial_results\": True,\n \"language_code\": \"en-US\",\n \"language_model_name\": \"MyLanguageModel\",\n \"partial_results_stability\": \"high\",\n \"pii_entity_types\": \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n \"show_speaker_label\": True,\n \"vocabulary_filter_method\": \"mask\",\n \"vocabulary_filter_name\": \"MyVocabularyFilter\",\n \"vocabulary_name\": \"MyVocabulary\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": example[\"arn\"],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyTranscribeConfiguration\",\n ResourceAccessRoleArn = exampleAwsIamRole.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"AmazonTranscribeProcessor\",\n AmazonTranscribeProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfigurationArgs\n {\n ContentIdentificationType = \"PII\",\n EnablePartialResultsStabilization = true,\n FilterPartialResults = true,\n LanguageCode = \"en-US\",\n LanguageModelName = \"MyLanguageModel\",\n PartialResultsStability = \"high\",\n PiiEntityTypes = \"ADDRESS,BANK_ACCOUNT_NUMBER\",\n ShowSpeakerLabel = true,\n VocabularyFilterMethod = \"mask\",\n VocabularyFilterName = \"MyVocabularyFilter\",\n VocabularyName = \"MyVocabulary\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = example.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyTranscribeConfiguration\"),\n\t\t\tResourceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"AmazonTranscribeProcessor\"),\n\t\t\t\t\tAmazonTranscribeProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfigurationArgs{\n\t\t\t\t\t\tContentIdentificationType: pulumi.String(\"PII\"),\n\t\t\t\t\t\tEnablePartialResultsStabilization: pulumi.Bool(true),\n\t\t\t\t\t\tFilterPartialResults: pulumi.Bool(true),\n\t\t\t\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\t\t\t\tLanguageModelName: pulumi.String(\"MyLanguageModel\"),\n\t\t\t\t\t\tPartialResultsStability: pulumi.String(\"high\"),\n\t\t\t\t\t\tPiiEntityTypes: pulumi.String(\"ADDRESS,BANK_ACCOUNT_NUMBER\"),\n\t\t\t\t\t\tShowSpeakerLabel: pulumi.Bool(true),\n\t\t\t\t\t\tVocabularyFilterMethod: pulumi.String(\"mask\"),\n\t\t\t\t\t\tVocabularyFilterName: pulumi.String(\"MyVocabularyFilter\"),\n\t\t\t\t\t\tVocabularyName: pulumi.String(\"MyVocabulary\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.Any(example.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyTranscribeConfiguration\")\n .resourceAccessRoleArn(exampleAwsIamRole.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"AmazonTranscribeProcessor\")\n .amazonTranscribeProcessorConfiguration(MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfigurationArgs.builder()\n .contentIdentificationType(\"PII\")\n .enablePartialResultsStabilization(true)\n .filterPartialResults(true)\n .languageCode(\"en-US\")\n .languageModelName(\"MyLanguageModel\")\n .partialResultsStability(\"high\")\n .piiEntityTypes(\"ADDRESS,BANK_ACCOUNT_NUMBER\")\n .showSpeakerLabel(true)\n .vocabularyFilterMethod(\"mask\")\n .vocabularyFilterName(\"MyVocabularyFilter\")\n .vocabularyName(\"MyVocabulary\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(example.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyTranscribeConfiguration\n resourceAccessRoleArn: ${exampleAwsIamRole.arn}\n elements:\n - type: AmazonTranscribeProcessor\n amazonTranscribeProcessorConfiguration:\n contentIdentificationType: PII\n enablePartialResultsStabilization: true\n filterPartialResults: true\n languageCode: en-US\n languageModelName: MyLanguageModel\n partialResultsStability: high\n piiEntityTypes: ADDRESS,BANK_ACCOUNT_NUMBER\n showSpeakerLabel: true\n vocabularyFilterMethod: mask\n vocabularyFilterName: MyVocabularyFilter\n vocabularyName: MyVocabulary\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Voice analytics processor usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyVoiceAnalyticsConfiguration\",\n resourceAccessRoleArn: example.arn,\n elements: [\n {\n type: \"VoiceAnalyticsProcessor\",\n voiceAnalyticsProcessorConfiguration: {\n speakerSearchStatus: \"Enabled\",\n voiceToneAnalysisStatus: \"Enabled\",\n },\n },\n {\n type: \"LambdaFunctionSink\",\n lambdaFunctionSinkConfiguration: {\n insightsTarget: \"arn:aws:lambda:us-west-2:1111111111:function:MyFunction\",\n },\n },\n {\n type: \"SnsTopicSink\",\n snsTopicSinkConfiguration: {\n insightsTarget: \"arn:aws:sns:us-west-2:1111111111:topic/MyTopic\",\n },\n },\n {\n type: \"SqsQueueSink\",\n sqsQueueSinkConfiguration: {\n insightsTarget: \"arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\",\n },\n },\n {\n type: \"KinesisDataStreamSink\",\n kinesisDataStreamSinkConfiguration: {\n insightsTarget: test.arn,\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyVoiceAnalyticsConfiguration\",\n resource_access_role_arn=example[\"arn\"],\n elements=[\n {\n \"type\": \"VoiceAnalyticsProcessor\",\n \"voice_analytics_processor_configuration\": {\n \"speaker_search_status\": \"Enabled\",\n \"voice_tone_analysis_status\": \"Enabled\",\n },\n },\n {\n \"type\": \"LambdaFunctionSink\",\n \"lambda_function_sink_configuration\": {\n \"insights_target\": \"arn:aws:lambda:us-west-2:1111111111:function:MyFunction\",\n },\n },\n {\n \"type\": \"SnsTopicSink\",\n \"sns_topic_sink_configuration\": {\n \"insights_target\": \"arn:aws:sns:us-west-2:1111111111:topic/MyTopic\",\n },\n },\n {\n \"type\": \"SqsQueueSink\",\n \"sqs_queue_sink_configuration\": {\n \"insights_target\": \"arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\",\n },\n },\n {\n \"type\": \"KinesisDataStreamSink\",\n \"kinesis_data_stream_sink_configuration\": {\n \"insights_target\": test[\"arn\"],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyVoiceAnalyticsConfiguration\",\n ResourceAccessRoleArn = example.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"VoiceAnalyticsProcessor\",\n VoiceAnalyticsProcessorConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfigurationArgs\n {\n SpeakerSearchStatus = \"Enabled\",\n VoiceToneAnalysisStatus = \"Enabled\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"LambdaFunctionSink\",\n LambdaFunctionSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfigurationArgs\n {\n InsightsTarget = \"arn:aws:lambda:us-west-2:1111111111:function:MyFunction\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"SnsTopicSink\",\n SnsTopicSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementSnsTopicSinkConfigurationArgs\n {\n InsightsTarget = \"arn:aws:sns:us-west-2:1111111111:topic/MyTopic\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"SqsQueueSink\",\n SqsQueueSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementSqsQueueSinkConfigurationArgs\n {\n InsightsTarget = \"arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\",\n },\n },\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"KinesisDataStreamSink\",\n KinesisDataStreamSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs\n {\n InsightsTarget = test.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyVoiceAnalyticsConfiguration\"),\n\t\t\tResourceAccessRoleArn: pulumi.Any(example.Arn),\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"VoiceAnalyticsProcessor\"),\n\t\t\t\t\tVoiceAnalyticsProcessorConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfigurationArgs{\n\t\t\t\t\t\tSpeakerSearchStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\t\tVoiceToneAnalysisStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"LambdaFunctionSink\"),\n\t\t\t\t\tLambdaFunctionSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.String(\"arn:aws:lambda:us-west-2:1111111111:function:MyFunction\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"SnsTopicSink\"),\n\t\t\t\t\tSnsTopicSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementSnsTopicSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.String(\"arn:aws:sns:us-west-2:1111111111:topic/MyTopic\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"SqsQueueSink\"),\n\t\t\t\t\tSqsQueueSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementSqsQueueSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.String(\"arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"KinesisDataStreamSink\"),\n\t\t\t\t\tKinesisDataStreamSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs{\n\t\t\t\t\t\tInsightsTarget: pulumi.Any(test.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementSnsTopicSinkConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementSqsQueueSinkConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyVoiceAnalyticsConfiguration\")\n .resourceAccessRoleArn(example.arn())\n .elements( \n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"VoiceAnalyticsProcessor\")\n .voiceAnalyticsProcessorConfiguration(MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfigurationArgs.builder()\n .speakerSearchStatus(\"Enabled\")\n .voiceToneAnalysisStatus(\"Enabled\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"LambdaFunctionSink\")\n .lambdaFunctionSinkConfiguration(MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfigurationArgs.builder()\n .insightsTarget(\"arn:aws:lambda:us-west-2:1111111111:function:MyFunction\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"SnsTopicSink\")\n .snsTopicSinkConfiguration(MediaInsightsPipelineConfigurationElementSnsTopicSinkConfigurationArgs.builder()\n .insightsTarget(\"arn:aws:sns:us-west-2:1111111111:topic/MyTopic\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"SqsQueueSink\")\n .sqsQueueSinkConfiguration(MediaInsightsPipelineConfigurationElementSqsQueueSinkConfigurationArgs.builder()\n .insightsTarget(\"arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\")\n .build())\n .build(),\n MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"KinesisDataStreamSink\")\n .kinesisDataStreamSinkConfiguration(MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfigurationArgs.builder()\n .insightsTarget(test.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyVoiceAnalyticsConfiguration\n resourceAccessRoleArn: ${example.arn}\n elements:\n - type: VoiceAnalyticsProcessor\n voiceAnalyticsProcessorConfiguration:\n speakerSearchStatus: Enabled\n voiceToneAnalysisStatus: Enabled\n - type: LambdaFunctionSink\n lambdaFunctionSinkConfiguration:\n insightsTarget: arn:aws:lambda:us-west-2:1111111111:function:MyFunction\n - type: SnsTopicSink\n snsTopicSinkConfiguration:\n insightsTarget: arn:aws:sns:us-west-2:1111111111:topic/MyTopic\n - type: SqsQueueSink\n sqsQueueSinkConfiguration:\n insightsTarget: arn:aws:sqs:us-west-2:1111111111:queue/MyQueue\n - type: KinesisDataStreamSink\n kinesisDataStreamSinkConfiguration:\n insightsTarget: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Recording sink usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myConfiguration = new aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", {\n name: \"MyS3RecordingConfiguration\",\n resourceAccessRoleArn: example.arn,\n elements: [{\n type: \"S3RecordingSink\",\n s3RecordingSinkConfiguration: {\n destination: \"arn:aws:s3:::MyBucket\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_configuration = aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration(\"my_configuration\",\n name=\"MyS3RecordingConfiguration\",\n resource_access_role_arn=example[\"arn\"],\n elements=[{\n \"type\": \"S3RecordingSink\",\n \"s3_recording_sink_configuration\": {\n \"destination\": \"arn:aws:s3:::MyBucket\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myConfiguration = new Aws.ChimeSDKMediaPipelines.MediaInsightsPipelineConfiguration(\"my_configuration\", new()\n {\n Name = \"MyS3RecordingConfiguration\",\n ResourceAccessRoleArn = example.Arn,\n Elements = new[]\n {\n new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementArgs\n {\n Type = \"S3RecordingSink\",\n S3RecordingSinkConfiguration = new Aws.ChimeSDKMediaPipelines.Inputs.MediaInsightsPipelineConfigurationElementS3RecordingSinkConfigurationArgs\n {\n Destination = \"arn:aws:s3:::MyBucket\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chimesdkmediapipelines\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chimesdkmediapipelines.NewMediaInsightsPipelineConfiguration(ctx, \"my_configuration\", \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs{\n\t\t\tName: pulumi.String(\"MyS3RecordingConfiguration\"),\n\t\t\tResourceAccessRoleArn: pulumi.Any(example.Arn),\n\t\t\tElements: chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArray{\n\t\t\t\t\u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementArgs{\n\t\t\t\t\tType: pulumi.String(\"S3RecordingSink\"),\n\t\t\t\t\tS3RecordingSinkConfiguration: \u0026chimesdkmediapipelines.MediaInsightsPipelineConfigurationElementS3RecordingSinkConfigurationArgs{\n\t\t\t\t\t\tDestination: pulumi.String(\"arn:aws:s3:::MyBucket\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfiguration;\nimport com.pulumi.aws.chimesdkmediapipelines.MediaInsightsPipelineConfigurationArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementArgs;\nimport com.pulumi.aws.chimesdkmediapipelines.inputs.MediaInsightsPipelineConfigurationElementS3RecordingSinkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myConfiguration = new MediaInsightsPipelineConfiguration(\"myConfiguration\", MediaInsightsPipelineConfigurationArgs.builder()\n .name(\"MyS3RecordingConfiguration\")\n .resourceAccessRoleArn(example.arn())\n .elements(MediaInsightsPipelineConfigurationElementArgs.builder()\n .type(\"S3RecordingSink\")\n .s3RecordingSinkConfiguration(MediaInsightsPipelineConfigurationElementS3RecordingSinkConfigurationArgs.builder()\n .destination(\"arn:aws:s3:::MyBucket\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myConfiguration:\n type: aws:chimesdkmediapipelines:MediaInsightsPipelineConfiguration\n name: my_configuration\n properties:\n name: MyS3RecordingConfiguration\n resourceAccessRoleArn: ${example.arn}\n elements:\n - type: S3RecordingSink\n s3RecordingSinkConfiguration:\n destination: arn:aws:s3:::MyBucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime SDK Media Pipelines Media Insights Pipeline Configuration using the `id`. For example:\n\n```sh\n$ pulumi import aws:chimesdkmediapipelines/mediaInsightsPipelineConfiguration:MediaInsightsPipelineConfiguration example abcdef123456\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Media Insights Pipeline Configuration.\n" }, "elements": { "type": "array", "items": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElement:MediaInsightsPipelineConfigurationElement" }, "description": "Collection of processors and sinks to transform media and deliver data.\n" }, "name": { "type": "string", "description": "Configuration name.\n" }, "realTimeAlertConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfiguration", "description": "Configuration for real-time alert rules to send EventBridge notifications when certain conditions are met.\n" }, "resourceAccessRoleArn": { "type": "string", "description": "ARN of IAM Role used by service to invoke processors and sinks specified by configuration elements.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "elements", "name", "resourceAccessRoleArn", "tagsAll" ], "inputProperties": { "elements": { "type": "array", "items": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElement:MediaInsightsPipelineConfigurationElement" }, "description": "Collection of processors and sinks to transform media and deliver data.\n" }, "name": { "type": "string", "description": "Configuration name.\n" }, "realTimeAlertConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfiguration", "description": "Configuration for real-time alert rules to send EventBridge notifications when certain conditions are met.\n" }, "resourceAccessRoleArn": { "type": "string", "description": "ARN of IAM Role used by service to invoke processors and sinks specified by configuration elements.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the resource.\n" } }, "requiredInputs": [ "elements", "resourceAccessRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering MediaInsightsPipelineConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Media Insights Pipeline Configuration.\n" }, "elements": { "type": "array", "items": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationElement:MediaInsightsPipelineConfigurationElement" }, "description": "Collection of processors and sinks to transform media and deliver data.\n" }, "name": { "type": "string", "description": "Configuration name.\n" }, "realTimeAlertConfiguration": { "$ref": "#/types/aws:chimesdkmediapipelines/MediaInsightsPipelineConfigurationRealTimeAlertConfiguration:MediaInsightsPipelineConfigurationRealTimeAlertConfiguration", "description": "Configuration for real-time alert rules to send EventBridge notifications when certain conditions are met.\n" }, "resourceAccessRoleArn": { "type": "string", "description": "ARN of IAM Role used by service to invoke processors and sinks specified by configuration elements.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cleanrooms/collaboration:Collaboration": { "description": "Provides a AWS Clean Rooms collaboration. All members included in the definition will be invited to\njoin the collaboration and can create memberships.\n\n## Example Usage\n\n### Collaboration with tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCollaboration = new aws.cleanrooms.Collaboration(\"test_collaboration\", {\n name: \"pulumi-example-collaboration\",\n creatorMemberAbilities: [\n \"CAN_QUERY\",\n \"CAN_RECEIVE_RESULTS\",\n ],\n creatorDisplayName: \"Creator \",\n description: \"I made this collaboration with Pulumi!\",\n queryLogStatus: \"DISABLED\",\n dataEncryptionMetadata: {\n allowClearText: true,\n allowDuplicates: true,\n allowJoinsOnColumnsWithDifferentNames: true,\n preserveNulls: false,\n },\n members: [{\n accountId: \"123456789012\",\n displayName: \"Other member\",\n memberAbilities: [],\n }],\n tags: {\n Project: \"Pulumi\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_collaboration = aws.cleanrooms.Collaboration(\"test_collaboration\",\n name=\"pulumi-example-collaboration\",\n creator_member_abilities=[\n \"CAN_QUERY\",\n \"CAN_RECEIVE_RESULTS\",\n ],\n creator_display_name=\"Creator \",\n description=\"I made this collaboration with Pulumi!\",\n query_log_status=\"DISABLED\",\n data_encryption_metadata={\n \"allow_clear_text\": True,\n \"allow_duplicates\": True,\n \"allow_joins_on_columns_with_different_names\": True,\n \"preserve_nulls\": False,\n },\n members=[{\n \"account_id\": \"123456789012\",\n \"display_name\": \"Other member\",\n \"member_abilities\": [],\n }],\n tags={\n \"Project\": \"Pulumi\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCollaboration = new Aws.CleanRooms.Collaboration(\"test_collaboration\", new()\n {\n Name = \"pulumi-example-collaboration\",\n CreatorMemberAbilities = new[]\n {\n \"CAN_QUERY\",\n \"CAN_RECEIVE_RESULTS\",\n },\n CreatorDisplayName = \"Creator \",\n Description = \"I made this collaboration with Pulumi!\",\n QueryLogStatus = \"DISABLED\",\n DataEncryptionMetadata = new Aws.CleanRooms.Inputs.CollaborationDataEncryptionMetadataArgs\n {\n AllowClearText = true,\n AllowDuplicates = true,\n AllowJoinsOnColumnsWithDifferentNames = true,\n PreserveNulls = false,\n },\n Members = new[]\n {\n new Aws.CleanRooms.Inputs.CollaborationMemberArgs\n {\n AccountId = \"123456789012\",\n DisplayName = \"Other member\",\n MemberAbilities = new() { },\n },\n },\n Tags = \n {\n { \"Project\", \"Pulumi\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cleanrooms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cleanrooms.NewCollaboration(ctx, \"test_collaboration\", \u0026cleanrooms.CollaborationArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-collaboration\"),\n\t\t\tCreatorMemberAbilities: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CAN_QUERY\"),\n\t\t\t\tpulumi.String(\"CAN_RECEIVE_RESULTS\"),\n\t\t\t},\n\t\t\tCreatorDisplayName: pulumi.String(\"Creator \"),\n\t\t\tDescription: pulumi.String(\"I made this collaboration with Pulumi!\"),\n\t\t\tQueryLogStatus: pulumi.String(\"DISABLED\"),\n\t\t\tDataEncryptionMetadata: \u0026cleanrooms.CollaborationDataEncryptionMetadataArgs{\n\t\t\t\tAllowClearText: pulumi.Bool(true),\n\t\t\t\tAllowDuplicates: pulumi.Bool(true),\n\t\t\t\tAllowJoinsOnColumnsWithDifferentNames: pulumi.Bool(true),\n\t\t\t\tPreserveNulls: pulumi.Bool(false),\n\t\t\t},\n\t\t\tMembers: cleanrooms.CollaborationMemberArray{\n\t\t\t\t\u0026cleanrooms.CollaborationMemberArgs{\n\t\t\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Other member\"),\n\t\t\t\t\tMemberAbilities: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Project\": pulumi.String(\"Pulumi\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cleanrooms.Collaboration;\nimport com.pulumi.aws.cleanrooms.CollaborationArgs;\nimport com.pulumi.aws.cleanrooms.inputs.CollaborationDataEncryptionMetadataArgs;\nimport com.pulumi.aws.cleanrooms.inputs.CollaborationMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCollaboration = new Collaboration(\"testCollaboration\", CollaborationArgs.builder()\n .name(\"pulumi-example-collaboration\")\n .creatorMemberAbilities( \n \"CAN_QUERY\",\n \"CAN_RECEIVE_RESULTS\")\n .creatorDisplayName(\"Creator \")\n .description(\"I made this collaboration with Pulumi!\")\n .queryLogStatus(\"DISABLED\")\n .dataEncryptionMetadata(CollaborationDataEncryptionMetadataArgs.builder()\n .allowClearText(true)\n .allowDuplicates(true)\n .allowJoinsOnColumnsWithDifferentNames(true)\n .preserveNulls(false)\n .build())\n .members(CollaborationMemberArgs.builder()\n .accountId(123456789012)\n .displayName(\"Other member\")\n .memberAbilities()\n .build())\n .tags(Map.of(\"Project\", \"Pulumi\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCollaboration:\n type: aws:cleanrooms:Collaboration\n name: test_collaboration\n properties:\n name: pulumi-example-collaboration\n creatorMemberAbilities:\n - CAN_QUERY\n - CAN_RECEIVE_RESULTS\n creatorDisplayName: 'Creator '\n description: I made this collaboration with Pulumi!\n queryLogStatus: DISABLED\n dataEncryptionMetadata:\n allowClearText: true\n allowDuplicates: true\n allowJoinsOnColumnsWithDifferentNames: true\n preserveNulls: false\n members:\n - accountId: 1.23456789012e+11\n displayName: Other member\n memberAbilities: []\n tags:\n Project: Pulumi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_cleanrooms_collaboration` using the `id`. For example:\n\n```sh\n$ pulumi import aws:cleanrooms/collaboration:Collaboration collaboration 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "arn": { "type": "string", "description": "The arn of the collaboration.\n" }, "createTime": { "type": "string", "description": "The date and time the collaboration was created.\n* `member status` - For each member included in the collaboration an additional computed attribute of status is added. These values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_MemberSummary.html#API-Type-MemberSummary-status).\n" }, "creatorDisplayName": { "type": "string", "description": "The name for the member record for the collaboration creator.\n" }, "creatorMemberAbilities": { "type": "array", "items": { "type": "string" }, "description": "The list of member abilities for the creator of the collaboration. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n" }, "dataEncryptionMetadata": { "$ref": "#/types/aws:cleanrooms/CollaborationDataEncryptionMetadata:CollaborationDataEncryptionMetadata", "description": "a collection of settings which determine how the [c3r client](https://docs.aws.amazon.com/clean-rooms/latest/userguide/crypto-computing.html) will encrypt data for use within this collaboration.\n* `data_encryption_metadata.allow_clear_text` - (Required - Forces new resource) - Indicates whether encrypted tables can contain cleartext data. This is a boolea\nfield.\n* `data_encryption_metadata.allow_duplicates` - (Required - Forces new resource ) - Indicates whether Fingerprint columns can contain duplicate entries. This is a\nboolean field.\n* `data_encryption_metadata.allow_joins_on_columns_with_different_names` - (Required - Forces new resource) - Indicates whether Fingerprint columns can be joined\nn any other Fingerprint column with a different name. This is a boolean field.\n* `data_encryption_metadata.preserve_nulls` - (Required - Forces new resource) - Indicates whether NULL values are to be copied as NULL to encrypted tables (true)\nor cryptographically processed (false).\n" }, "description": { "type": "string", "description": "A description for a collaboration.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:cleanrooms/CollaborationMember:CollaborationMember" }, "description": "Additional members of the collaboration which will be invited to join the collaboration.\n* `member.account_id` - (Required - Forces new resource) - The account id for the invited member.\n* `member.display_name` - (Required - Forces new resource) - The display name for the invited member.\n* `member.member_abilities` - (Required - Forces new resource) - The list of abilities for the invited member. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n" }, "name": { "type": "string", "description": "The name of the collaboration. Collaboration names do not need to be unique.\n" }, "queryLogStatus": { "type": "string", "description": "Determines if members of the collaboration can enable query logs within their own.\nemberships. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-queryLogStatus).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the collaboration.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string" } }, "required": [ "arn", "createTime", "creatorDisplayName", "creatorMemberAbilities", "description", "name", "queryLogStatus", "tagsAll", "updateTime" ], "inputProperties": { "creatorDisplayName": { "type": "string", "description": "The name for the member record for the collaboration creator.\n", "willReplaceOnChanges": true }, "creatorMemberAbilities": { "type": "array", "items": { "type": "string" }, "description": "The list of member abilities for the creator of the collaboration. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n", "willReplaceOnChanges": true }, "dataEncryptionMetadata": { "$ref": "#/types/aws:cleanrooms/CollaborationDataEncryptionMetadata:CollaborationDataEncryptionMetadata", "description": "a collection of settings which determine how the [c3r client](https://docs.aws.amazon.com/clean-rooms/latest/userguide/crypto-computing.html) will encrypt data for use within this collaboration.\n* `data_encryption_metadata.allow_clear_text` - (Required - Forces new resource) - Indicates whether encrypted tables can contain cleartext data. This is a boolea\nfield.\n* `data_encryption_metadata.allow_duplicates` - (Required - Forces new resource ) - Indicates whether Fingerprint columns can contain duplicate entries. This is a\nboolean field.\n* `data_encryption_metadata.allow_joins_on_columns_with_different_names` - (Required - Forces new resource) - Indicates whether Fingerprint columns can be joined\nn any other Fingerprint column with a different name. This is a boolean field.\n* `data_encryption_metadata.preserve_nulls` - (Required - Forces new resource) - Indicates whether NULL values are to be copied as NULL to encrypted tables (true)\nor cryptographically processed (false).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for a collaboration.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:cleanrooms/CollaborationMember:CollaborationMember" }, "description": "Additional members of the collaboration which will be invited to join the collaboration.\n* `member.account_id` - (Required - Forces new resource) - The account id for the invited member.\n* `member.display_name` - (Required - Forces new resource) - The display name for the invited member.\n* `member.member_abilities` - (Required - Forces new resource) - The list of abilities for the invited member. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the collaboration. Collaboration names do not need to be unique.\n" }, "queryLogStatus": { "type": "string", "description": "Determines if members of the collaboration can enable query logs within their own.\nemberships. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-queryLogStatus).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the collaboration.\n" } }, "requiredInputs": [ "creatorDisplayName", "creatorMemberAbilities", "description", "queryLogStatus" ], "stateInputs": { "description": "Input properties used for looking up and filtering Collaboration resources.\n", "properties": { "arn": { "type": "string", "description": "The arn of the collaboration.\n" }, "createTime": { "type": "string", "description": "The date and time the collaboration was created.\n* `member status` - For each member included in the collaboration an additional computed attribute of status is added. These values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_MemberSummary.html#API-Type-MemberSummary-status).\n" }, "creatorDisplayName": { "type": "string", "description": "The name for the member record for the collaboration creator.\n", "willReplaceOnChanges": true }, "creatorMemberAbilities": { "type": "array", "items": { "type": "string" }, "description": "The list of member abilities for the creator of the collaboration. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n", "willReplaceOnChanges": true }, "dataEncryptionMetadata": { "$ref": "#/types/aws:cleanrooms/CollaborationDataEncryptionMetadata:CollaborationDataEncryptionMetadata", "description": "a collection of settings which determine how the [c3r client](https://docs.aws.amazon.com/clean-rooms/latest/userguide/crypto-computing.html) will encrypt data for use within this collaboration.\n* `data_encryption_metadata.allow_clear_text` - (Required - Forces new resource) - Indicates whether encrypted tables can contain cleartext data. This is a boolea\nfield.\n* `data_encryption_metadata.allow_duplicates` - (Required - Forces new resource ) - Indicates whether Fingerprint columns can contain duplicate entries. This is a\nboolean field.\n* `data_encryption_metadata.allow_joins_on_columns_with_different_names` - (Required - Forces new resource) - Indicates whether Fingerprint columns can be joined\nn any other Fingerprint column with a different name. This is a boolean field.\n* `data_encryption_metadata.preserve_nulls` - (Required - Forces new resource) - Indicates whether NULL values are to be copied as NULL to encrypted tables (true)\nor cryptographically processed (false).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for a collaboration.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:cleanrooms/CollaborationMember:CollaborationMember" }, "description": "Additional members of the collaboration which will be invited to join the collaboration.\n* `member.account_id` - (Required - Forces new resource) - The account id for the invited member.\n* `member.display_name` - (Required - Forces new resource) - The display name for the invited member.\n* `member.member_abilities` - (Required - Forces new resource) - The list of abilities for the invited member. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-creatorMemberAbilities).\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the collaboration. Collaboration names do not need to be unique.\n" }, "queryLogStatus": { "type": "string", "description": "Determines if members of the collaboration can enable query logs within their own.\nemberships. Valid values [may be found here](https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html#API-CreateCollaboration-request-queryLogStatus).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the collaboration.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string" } }, "type": "object" } }, "aws:cleanrooms/configuredTable:ConfiguredTable": { "description": "Provides a AWS Clean Rooms configured table. Configured tables are used to represent references to existing tables in the AWS Glue Data Catalog.\n\n## Example Usage\n\n### Configured table with tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testConfiguredTable = new aws.cleanrooms.ConfiguredTable(\"test_configured_table\", {\n name: \"pulumi-example-table\",\n description: \"I made this table with Pulumi!\",\n analysisMethod: \"DIRECT_QUERY\",\n allowedColumns: [\n \"column1\",\n \"column2\",\n \"column3\",\n ],\n tableReference: {\n databaseName: \"example_database\",\n tableName: \"example_table\",\n },\n tags: {\n Project: \"Pulumi\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_configured_table = aws.cleanrooms.ConfiguredTable(\"test_configured_table\",\n name=\"pulumi-example-table\",\n description=\"I made this table with Pulumi!\",\n analysis_method=\"DIRECT_QUERY\",\n allowed_columns=[\n \"column1\",\n \"column2\",\n \"column3\",\n ],\n table_reference={\n \"database_name\": \"example_database\",\n \"table_name\": \"example_table\",\n },\n tags={\n \"Project\": \"Pulumi\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testConfiguredTable = new Aws.CleanRooms.ConfiguredTable(\"test_configured_table\", new()\n {\n Name = \"pulumi-example-table\",\n Description = \"I made this table with Pulumi!\",\n AnalysisMethod = \"DIRECT_QUERY\",\n AllowedColumns = new[]\n {\n \"column1\",\n \"column2\",\n \"column3\",\n },\n TableReference = new Aws.CleanRooms.Inputs.ConfiguredTableTableReferenceArgs\n {\n DatabaseName = \"example_database\",\n TableName = \"example_table\",\n },\n Tags = \n {\n { \"Project\", \"Pulumi\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cleanrooms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cleanrooms.NewConfiguredTable(ctx, \"test_configured_table\", \u0026cleanrooms.ConfiguredTableArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-table\"),\n\t\t\tDescription: pulumi.String(\"I made this table with Pulumi!\"),\n\t\t\tAnalysisMethod: pulumi.String(\"DIRECT_QUERY\"),\n\t\t\tAllowedColumns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"column1\"),\n\t\t\t\tpulumi.String(\"column2\"),\n\t\t\t\tpulumi.String(\"column3\"),\n\t\t\t},\n\t\t\tTableReference: \u0026cleanrooms.ConfiguredTableTableReferenceArgs{\n\t\t\t\tDatabaseName: pulumi.String(\"example_database\"),\n\t\t\t\tTableName: pulumi.String(\"example_table\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Project\": pulumi.String(\"Pulumi\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cleanrooms.ConfiguredTable;\nimport com.pulumi.aws.cleanrooms.ConfiguredTableArgs;\nimport com.pulumi.aws.cleanrooms.inputs.ConfiguredTableTableReferenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testConfiguredTable = new ConfiguredTable(\"testConfiguredTable\", ConfiguredTableArgs.builder()\n .name(\"pulumi-example-table\")\n .description(\"I made this table with Pulumi!\")\n .analysisMethod(\"DIRECT_QUERY\")\n .allowedColumns( \n \"column1\",\n \"column2\",\n \"column3\")\n .tableReference(ConfiguredTableTableReferenceArgs.builder()\n .databaseName(\"example_database\")\n .tableName(\"example_table\")\n .build())\n .tags(Map.of(\"Project\", \"Pulumi\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testConfiguredTable:\n type: aws:cleanrooms:ConfiguredTable\n name: test_configured_table\n properties:\n name: pulumi-example-table\n description: I made this table with Pulumi!\n analysisMethod: DIRECT_QUERY\n allowedColumns:\n - column1\n - column2\n - column3\n tableReference:\n databaseName: example_database\n tableName: example_table\n tags:\n Project: Pulumi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_cleanrooms_configured_table` using the `id`. For example:\n\n```sh\n$ pulumi import aws:cleanrooms/configuredTable:ConfiguredTable table 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "allowedColumns": { "type": "array", "items": { "type": "string" }, "description": "The columns of the references table which will be included in the configured table.\n" }, "analysisMethod": { "type": "string", "description": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`.\n" }, "arn": { "type": "string", "description": "The ARN of the configured table.\n" }, "createTime": { "type": "string", "description": "The date and time the configured table was created.\n" }, "description": { "type": "string", "description": "A description for the configured table.\n" }, "name": { "type": "string", "description": "The name of the configured table.\n" }, "tableReference": { "$ref": "#/types/aws:cleanrooms/ConfiguredTableTableReference:ConfiguredTableTableReference", "description": "A reference to the AWS Glue table which will be used to create the configured table.\n* `table_reference.database_name` - (Required - Forces new resource) - The name of the AWS Glue database which contains the table.\n* `table_reference.table_name` - (Required - Forces new resource) - The name of the AWS Glue table which will be used to create the configured table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the configured table.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The date and time the configured table was last updated.\n" } }, "required": [ "allowedColumns", "analysisMethod", "arn", "createTime", "name", "tableReference", "tagsAll", "updateTime" ], "inputProperties": { "allowedColumns": { "type": "array", "items": { "type": "string" }, "description": "The columns of the references table which will be included in the configured table.\n", "willReplaceOnChanges": true }, "analysisMethod": { "type": "string", "description": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`.\n" }, "description": { "type": "string", "description": "A description for the configured table.\n" }, "name": { "type": "string", "description": "The name of the configured table.\n" }, "tableReference": { "$ref": "#/types/aws:cleanrooms/ConfiguredTableTableReference:ConfiguredTableTableReference", "description": "A reference to the AWS Glue table which will be used to create the configured table.\n* `table_reference.database_name` - (Required - Forces new resource) - The name of the AWS Glue database which contains the table.\n* `table_reference.table_name` - (Required - Forces new resource) - The name of the AWS Glue table which will be used to create the configured table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the configured table.\n" } }, "requiredInputs": [ "allowedColumns", "analysisMethod", "tableReference" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfiguredTable resources.\n", "properties": { "allowedColumns": { "type": "array", "items": { "type": "string" }, "description": "The columns of the references table which will be included in the configured table.\n", "willReplaceOnChanges": true }, "analysisMethod": { "type": "string", "description": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`.\n" }, "arn": { "type": "string", "description": "The ARN of the configured table.\n" }, "createTime": { "type": "string", "description": "The date and time the configured table was created.\n" }, "description": { "type": "string", "description": "A description for the configured table.\n" }, "name": { "type": "string", "description": "The name of the configured table.\n" }, "tableReference": { "$ref": "#/types/aws:cleanrooms/ConfiguredTableTableReference:ConfiguredTableTableReference", "description": "A reference to the AWS Glue table which will be used to create the configured table.\n* `table_reference.database_name` - (Required - Forces new resource) - The name of the AWS Glue database which contains the table.\n* `table_reference.table_name` - (Required - Forces new resource) - The name of the AWS Glue table which will be used to create the configured table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key value pairs which tag the configured table.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The date and time the configured table was last updated.\n" } }, "type": "object" } }, "aws:cloud9/environmentEC2:EnvironmentEC2": { "description": "Provides a Cloud9 EC2 Development Environment.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloud9.EnvironmentEC2(\"example\", {\n instanceType: \"t2.micro\",\n name: \"example-env\",\n imageId: \"amazonlinux-2023-x86_64\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloud9.EnvironmentEC2(\"example\",\n instance_type=\"t2.micro\",\n name=\"example-env\",\n image_id=\"amazonlinux-2023-x86_64\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cloud9.EnvironmentEC2(\"example\", new()\n {\n InstanceType = \"t2.micro\",\n Name = \"example-env\",\n ImageId = \"amazonlinux-2023-x86_64\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloud9\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloud9.NewEnvironmentEC2(ctx, \"example\", \u0026cloud9.EnvironmentEC2Args{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tName: pulumi.String(\"example-env\"),\n\t\t\tImageId: pulumi.String(\"amazonlinux-2023-x86_64\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloud9.EnvironmentEC2;\nimport com.pulumi.aws.cloud9.EnvironmentEC2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EnvironmentEC2(\"example\", EnvironmentEC2Args.builder()\n .instanceType(\"t2.micro\")\n .name(\"example-env\")\n .imageId(\"amazonlinux-2023-x86_64\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloud9:EnvironmentEC2\n properties:\n instanceType: t2.micro\n name: example-env\n imageId: amazonlinux-2023-x86_64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nGet the URL of the Cloud9 environment after creation:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloud9.EnvironmentEC2(\"example\", {instanceType: \"t2.micro\"});\nconst cloud9Instance = aws.ec2.getInstanceOutput({\n filters: [{\n name: \"tag:aws:cloud9:environment\",\n values: [example.id],\n }],\n});\nexport const cloud9Url = pulumi.interpolate`https://${region}.console.aws.amazon.com/cloud9/ide/${example.id}`;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloud9.EnvironmentEC2(\"example\", instance_type=\"t2.micro\")\ncloud9_instance = aws.ec2.get_instance_output(filters=[{\n \"name\": \"tag:aws:cloud9:environment\",\n \"values\": [example.id],\n}])\npulumi.export(\"cloud9Url\", example.id.apply(lambda id: f\"https://{region}.console.aws.amazon.com/cloud9/ide/{id}\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cloud9.EnvironmentEC2(\"example\", new()\n {\n InstanceType = \"t2.micro\",\n });\n\n var cloud9Instance = Aws.Ec2.GetInstance.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceFilterInputArgs\n {\n Name = \"tag:aws:cloud9:environment\",\n Values = new[]\n {\n example.Id,\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"cloud9Url\"] = example.Id.Apply(id =\u003e $\"https://{region}.console.aws.amazon.com/cloud9/ide/{id}\"),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloud9\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloud9.NewEnvironmentEC2(ctx, \"example\", \u0026cloud9.EnvironmentEC2Args{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = ec2.LookupInstanceOutput(ctx, ec2.GetInstanceOutputArgs{\n\t\t\tFilters: ec2.GetInstanceFilterArray{\n\t\t\t\t\u0026ec2.GetInstanceFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"tag:aws:cloud9:environment\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texample.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tctx.Export(\"cloud9Url\", example.ID().ApplyT(func(id string) (string, error) {\n\t\t\treturn fmt.Sprintf(\"https://%v.console.aws.amazon.com/cloud9/ide/%v\", region, id), nil\n\t\t}).(pulumi.StringOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloud9.EnvironmentEC2;\nimport com.pulumi.aws.cloud9.EnvironmentEC2Args;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EnvironmentEC2(\"example\", EnvironmentEC2Args.builder()\n .instanceType(\"t2.micro\")\n .build());\n\n final var cloud9Instance = Ec2Functions.getInstance(GetInstanceArgs.builder()\n .filters(GetInstanceFilterArgs.builder()\n .name(\"tag:aws:cloud9:environment\")\n .values(example.id())\n .build())\n .build());\n\n ctx.export(\"cloud9Url\", example.id().applyValue(id -\u003e String.format(\"https://%s.console.aws.amazon.com/cloud9/ide/%s\", region,id)));\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloud9:EnvironmentEC2\n properties:\n instanceType: t2.micro\nvariables:\n cloud9Instance:\n fn::invoke:\n Function: aws:ec2:getInstance\n Arguments:\n filters:\n - name: tag:aws:cloud9:environment\n values:\n - ${example.id}\noutputs:\n cloud9Url: https://${region}.console.aws.amazon.com/cloud9/ide/${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAllocate a static IP to the Cloud9 environment:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloud9.EnvironmentEC2(\"example\", {instanceType: \"t2.micro\"});\nconst cloud9Instance = aws.ec2.getInstanceOutput({\n filters: [{\n name: \"tag:aws:cloud9:environment\",\n values: [example.id],\n }],\n});\nconst cloud9Eip = new aws.ec2.Eip(\"cloud9_eip\", {\n instance: cloud9Instance.apply(cloud9Instance =\u003e cloud9Instance.id),\n domain: \"vpc\",\n});\nexport const cloud9PublicIp = cloud9Eip.publicIp;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloud9.EnvironmentEC2(\"example\", instance_type=\"t2.micro\")\ncloud9_instance = aws.ec2.get_instance_output(filters=[{\n \"name\": \"tag:aws:cloud9:environment\",\n \"values\": [example.id],\n}])\ncloud9_eip = aws.ec2.Eip(\"cloud9_eip\",\n instance=cloud9_instance.id,\n domain=\"vpc\")\npulumi.export(\"cloud9PublicIp\", cloud9_eip.public_ip)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cloud9.EnvironmentEC2(\"example\", new()\n {\n InstanceType = \"t2.micro\",\n });\n\n var cloud9Instance = Aws.Ec2.GetInstance.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceFilterInputArgs\n {\n Name = \"tag:aws:cloud9:environment\",\n Values = new[]\n {\n example.Id,\n },\n },\n },\n });\n\n var cloud9Eip = new Aws.Ec2.Eip(\"cloud9_eip\", new()\n {\n Instance = cloud9Instance.Apply(getInstanceResult =\u003e getInstanceResult.Id),\n Domain = \"vpc\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"cloud9PublicIp\"] = cloud9Eip.PublicIp,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloud9\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloud9.NewEnvironmentEC2(ctx, \"example\", \u0026cloud9.EnvironmentEC2Args{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcloud9Instance := ec2.LookupInstanceOutput(ctx, ec2.GetInstanceOutputArgs{\n\t\t\tFilters: ec2.GetInstanceFilterArray{\n\t\t\t\t\u0026ec2.GetInstanceFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"tag:aws:cloud9:environment\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texample.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tcloud9Eip, err := ec2.NewEip(ctx, \"cloud9_eip\", \u0026ec2.EipArgs{\n\t\t\tInstance: pulumi.String(cloud9Instance.ApplyT(func(cloud9Instance ec2.GetInstanceResult) (*string, error) {\n\t\t\t\treturn \u0026cloud9Instance.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"cloud9PublicIp\", cloud9Eip.PublicIp)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloud9.EnvironmentEC2;\nimport com.pulumi.aws.cloud9.EnvironmentEC2Args;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EnvironmentEC2(\"example\", EnvironmentEC2Args.builder()\n .instanceType(\"t2.micro\")\n .build());\n\n final var cloud9Instance = Ec2Functions.getInstance(GetInstanceArgs.builder()\n .filters(GetInstanceFilterArgs.builder()\n .name(\"tag:aws:cloud9:environment\")\n .values(example.id())\n .build())\n .build());\n\n var cloud9Eip = new Eip(\"cloud9Eip\", EipArgs.builder()\n .instance(cloud9Instance.applyValue(getInstanceResult -\u003e getInstanceResult).applyValue(cloud9Instance -\u003e cloud9Instance.applyValue(getInstanceResult -\u003e getInstanceResult.id())))\n .domain(\"vpc\")\n .build());\n\n ctx.export(\"cloud9PublicIp\", cloud9Eip.publicIp());\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloud9:EnvironmentEC2\n properties:\n instanceType: t2.micro\n cloud9Eip:\n type: aws:ec2:Eip\n name: cloud9_eip\n properties:\n instance: ${cloud9Instance.id}\n domain: vpc\nvariables:\n cloud9Instance:\n fn::invoke:\n Function: aws:ec2:getInstance\n Arguments:\n filters:\n - name: tag:aws:cloud9:environment\n values:\n - ${example.id}\noutputs:\n cloud9PublicIp: ${cloud9Eip.publicIp}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the environment.\n" }, "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n" }, "connectionType": { "type": "string", "description": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` and `CONNECT_SSM`. For more information please refer [AWS documentation for Cloud9](https://docs.aws.amazon.com/cloud9/latest/user-guide/ec2-ssm.html).\n" }, "description": { "type": "string", "description": "The description of the environment.\n" }, "imageId": { "type": "string", "description": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. Valid values are\n* `amazonlinux-2-x86_64`\n* `amazonlinux-2023-x86_64`\n* `ubuntu-18.04-x86_64`\n* `ubuntu-22.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`\n" }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g., `t2.micro`.\n" }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the environment (e.g., `ssh` or `ec2`).\n" } }, "required": [ "arn", "imageId", "instanceType", "name", "ownerArn", "tagsAll", "type" ], "inputProperties": { "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n", "willReplaceOnChanges": true }, "connectionType": { "type": "string", "description": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` and `CONNECT_SSM`. For more information please refer [AWS documentation for Cloud9](https://docs.aws.amazon.com/cloud9/latest/user-guide/ec2-ssm.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the environment.\n" }, "imageId": { "type": "string", "description": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. Valid values are\n* `amazonlinux-2-x86_64`\n* `amazonlinux-2023-x86_64`\n* `ubuntu-18.04-x86_64`\n* `ubuntu-22.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g., `t2.micro`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "imageId", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering EnvironmentEC2 resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the environment.\n" }, "automaticStopTimeMinutes": { "type": "integer", "description": "The number of minutes until the running instance is shut down after the environment has last been used.\n", "willReplaceOnChanges": true }, "connectionType": { "type": "string", "description": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` and `CONNECT_SSM`. For more information please refer [AWS documentation for Cloud9](https://docs.aws.amazon.com/cloud9/latest/user-guide/ec2-ssm.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the environment.\n" }, "imageId": { "type": "string", "description": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. Valid values are\n* `amazonlinux-2-x86_64`\n* `amazonlinux-2023-x86_64`\n* `ubuntu-18.04-x86_64`\n* `ubuntu-22.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n* `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The type of instance to connect to the environment, e.g., `t2.micro`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the environment.\n" }, "ownerArn": { "type": "string", "description": "The ARN of the environment owner. This can be ARN of any AWS IAM principal. Defaults to the environment's creator.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet in Amazon VPC that AWS Cloud9 will use to communicate with the Amazon EC2 instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the environment (e.g., `ssh` or `ec2`).\n" } }, "type": "object" } }, "aws:cloud9/environmentMembership:EnvironmentMembership": { "description": "Provides an environment member to an AWS Cloud9 development environment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloud9.EnvironmentEC2(\"test\", {\n instanceType: \"t2.micro\",\n name: \"some-env\",\n});\nconst testUser = new aws.iam.User(\"test\", {name: \"some-user\"});\nconst testEnvironmentMembership = new aws.cloud9.EnvironmentMembership(\"test\", {\n environmentId: test.id,\n permissions: \"read-only\",\n userArn: testUser.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloud9.EnvironmentEC2(\"test\",\n instance_type=\"t2.micro\",\n name=\"some-env\")\ntest_user = aws.iam.User(\"test\", name=\"some-user\")\ntest_environment_membership = aws.cloud9.EnvironmentMembership(\"test\",\n environment_id=test.id,\n permissions=\"read-only\",\n user_arn=test_user.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Cloud9.EnvironmentEC2(\"test\", new()\n {\n InstanceType = \"t2.micro\",\n Name = \"some-env\",\n });\n\n var testUser = new Aws.Iam.User(\"test\", new()\n {\n Name = \"some-user\",\n });\n\n var testEnvironmentMembership = new Aws.Cloud9.EnvironmentMembership(\"test\", new()\n {\n EnvironmentId = test.Id,\n Permissions = \"read-only\",\n UserArn = testUser.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloud9\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := cloud9.NewEnvironmentEC2(ctx, \"test\", \u0026cloud9.EnvironmentEC2Args{\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tName: pulumi.String(\"some-env\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestUser, err := iam.NewUser(ctx, \"test\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"some-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloud9.NewEnvironmentMembership(ctx, \"test\", \u0026cloud9.EnvironmentMembershipArgs{\n\t\t\tEnvironmentId: test.ID(),\n\t\t\tPermissions: pulumi.String(\"read-only\"),\n\t\t\tUserArn: testUser.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloud9.EnvironmentEC2;\nimport com.pulumi.aws.cloud9.EnvironmentEC2Args;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.cloud9.EnvironmentMembership;\nimport com.pulumi.aws.cloud9.EnvironmentMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EnvironmentEC2(\"test\", EnvironmentEC2Args.builder()\n .instanceType(\"t2.micro\")\n .name(\"some-env\")\n .build());\n\n var testUser = new User(\"testUser\", UserArgs.builder()\n .name(\"some-user\")\n .build());\n\n var testEnvironmentMembership = new EnvironmentMembership(\"testEnvironmentMembership\", EnvironmentMembershipArgs.builder()\n .environmentId(test.id())\n .permissions(\"read-only\")\n .userArn(testUser.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloud9:EnvironmentEC2\n properties:\n instanceType: t2.micro\n name: some-env\n testUser:\n type: aws:iam:User\n name: test\n properties:\n name: some-user\n testEnvironmentMembership:\n type: aws:cloud9:EnvironmentMembership\n name: test\n properties:\n environmentId: ${test.id}\n permissions: read-only\n userArn: ${testUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloud9 environment membership using the `environment-id#user-arn`. For example:\n\n```sh\n$ pulumi import aws:cloud9/environmentMembership:EnvironmentMembership test environment-id#user-arn\n```\n", "properties": { "environmentId": { "type": "string", "description": "The ID of the environment that contains the environment member you want to add.\n" }, "permissions": { "type": "string", "description": "The type of environment member permissions you want to associate with this environment member. Allowed values are `read-only` and `read-write` .\n" }, "userArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the environment member you want to add.\n" }, "userId": { "type": "string", "description": "The user ID in AWS Identity and Access Management (AWS IAM) of the environment member.\n" } }, "required": [ "environmentId", "permissions", "userArn", "userId" ], "inputProperties": { "environmentId": { "type": "string", "description": "The ID of the environment that contains the environment member you want to add.\n", "willReplaceOnChanges": true }, "permissions": { "type": "string", "description": "The type of environment member permissions you want to associate with this environment member. Allowed values are `read-only` and `read-write` .\n" }, "userArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the environment member you want to add.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "environmentId", "permissions", "userArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EnvironmentMembership resources.\n", "properties": { "environmentId": { "type": "string", "description": "The ID of the environment that contains the environment member you want to add.\n", "willReplaceOnChanges": true }, "permissions": { "type": "string", "description": "The type of environment member permissions you want to associate with this environment member. Allowed values are `read-only` and `read-write` .\n" }, "userArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the environment member you want to add.\n", "willReplaceOnChanges": true }, "userId": { "type": "string", "description": "The user ID in AWS Identity and Access Management (AWS IAM) of the environment member.\n" } }, "type": "object" } }, "aws:cloudcontrol/resource:Resource": { "description": "Manages a Cloud Control API Resource. The configuration and lifecycle handling of these resources is proxied through Cloud Control API handlers to the backend service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudcontrol.Resource(\"example\", {\n typeName: \"AWS::ECS::Cluster\",\n desiredState: JSON.stringify({\n ClusterName: \"example\",\n Tags: [{\n Key: \"CostCenter\",\n Value: \"IT\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudcontrol.Resource(\"example\",\n type_name=\"AWS::ECS::Cluster\",\n desired_state=json.dumps({\n \"ClusterName\": \"example\",\n \"Tags\": [{\n \"Key\": \"CostCenter\",\n \"Value\": \"IT\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudControl.Resource(\"example\", new()\n {\n TypeName = \"AWS::ECS::Cluster\",\n DesiredState = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ClusterName\"] = \"example\",\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"CostCenter\",\n [\"Value\"] = \"IT\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudcontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ClusterName\": \"example\",\n\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Key\": \"CostCenter\",\n\t\t\t\t\t\"Value\": \"IT\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudcontrol.NewResource(ctx, \"example\", \u0026cloudcontrol.ResourceArgs{\n\t\t\tTypeName: pulumi.String(\"AWS::ECS::Cluster\"),\n\t\t\tDesiredState: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudcontrol.Resource;\nimport com.pulumi.aws.cloudcontrol.ResourceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Resource(\"example\", ResourceArgs.builder()\n .typeName(\"AWS::ECS::Cluster\")\n .desiredState(serializeJson(\n jsonObject(\n jsonProperty(\"ClusterName\", \"example\"),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"CostCenter\"),\n jsonProperty(\"Value\", \"IT\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudcontrol:Resource\n properties:\n typeName: AWS::ECS::Cluster\n desiredState:\n fn::toJSON:\n ClusterName: example\n Tags:\n - Key: CostCenter\n Value: IT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "desiredState": { "type": "string", "description": "JSON string matching the CloudFormation resource type schema with desired configuration.\n" }, "properties": { "type": "string", "description": "JSON string matching the CloudFormation resource type schema with current configuration. Underlying attributes can be referenced via the `jsondecode()` function, for example, `jsondecode(data.aws_cloudcontrolapi_resource.example.properties)[\"example\"]`.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to assume for operations.\n" }, "schema": { "type": "string", "description": "JSON string of the CloudFormation resource type schema which is used for plan time validation where possible. Automatically fetched if not provided. In large scale environments with multiple resources using the same `type_name`, it is recommended to fetch the schema once via the `aws.cloudformation.CloudFormationType` data source and use this argument to reduce `DescribeType` API operation throttling. This value is marked sensitive only to prevent large plan differences from showing.\n", "secret": true }, "typeName": { "type": "string", "description": "CloudFormation resource type name. For example, `AWS::EC2::VPC`.\n\nThe following arguments are optional:\n" }, "typeVersionId": { "type": "string", "description": "Identifier of the CloudFormation resource type version.\n" } }, "required": [ "desiredState", "properties", "schema", "typeName" ], "inputProperties": { "desiredState": { "type": "string", "description": "JSON string matching the CloudFormation resource type schema with desired configuration.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to assume for operations.\n" }, "schema": { "type": "string", "description": "JSON string of the CloudFormation resource type schema which is used for plan time validation where possible. Automatically fetched if not provided. In large scale environments with multiple resources using the same `type_name`, it is recommended to fetch the schema once via the `aws.cloudformation.CloudFormationType` data source and use this argument to reduce `DescribeType` API operation throttling. This value is marked sensitive only to prevent large plan differences from showing.\n", "secret": true }, "typeName": { "type": "string", "description": "CloudFormation resource type name. For example, `AWS::EC2::VPC`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "typeVersionId": { "type": "string", "description": "Identifier of the CloudFormation resource type version.\n" } }, "requiredInputs": [ "desiredState", "typeName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resource resources.\n", "properties": { "desiredState": { "type": "string", "description": "JSON string matching the CloudFormation resource type schema with desired configuration.\n" }, "properties": { "type": "string", "description": "JSON string matching the CloudFormation resource type schema with current configuration. Underlying attributes can be referenced via the `jsondecode()` function, for example, `jsondecode(data.aws_cloudcontrolapi_resource.example.properties)[\"example\"]`.\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to assume for operations.\n" }, "schema": { "type": "string", "description": "JSON string of the CloudFormation resource type schema which is used for plan time validation where possible. Automatically fetched if not provided. In large scale environments with multiple resources using the same `type_name`, it is recommended to fetch the schema once via the `aws.cloudformation.CloudFormationType` data source and use this argument to reduce `DescribeType` API operation throttling. This value is marked sensitive only to prevent large plan differences from showing.\n", "secret": true }, "typeName": { "type": "string", "description": "CloudFormation resource type name. For example, `AWS::EC2::VPC`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "typeVersionId": { "type": "string", "description": "Identifier of the CloudFormation resource type version.\n" } }, "type": "object" } }, "aws:cloudformation/cloudFormationType:CloudFormationType": { "description": "Manages a version of a CloudFormation Type.\n\n\n\n## Import\n\nUsing `pulumi import`, import `aws_cloudformation_type` using the type version Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:cloudformation/cloudFormationType:CloudFormationType example arn:aws:cloudformation:us-east-1:123456789012:type/resource/ExampleCompany-ExampleService-ExampleType/1\n```\n", "properties": { "arn": { "type": "string", "description": "(Optional) Amazon Resource Name (ARN) of the CloudFormation Type version. See also `type_arn`.\n" }, "defaultVersionId": { "type": "string", "description": "Identifier of the CloudFormation Type default version.\n" }, "deprecatedStatus": { "type": "string", "description": "Deprecation status of the version.\n" }, "description": { "type": "string", "description": "Description of the version.\n" }, "documentationUrl": { "type": "string", "description": "URL of the documentation for the CloudFormation Type.\n" }, "executionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role for CloudFormation to assume when invoking the extension. If your extension calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the extension handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the extension handler, thereby supplying your extension with the appropriate credentials.\n" }, "isDefaultVersion": { "type": "boolean", "description": "Whether the CloudFormation Type version is the default version.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudformation/CloudFormationTypeLoggingConfig:CloudFormationTypeLoggingConfig", "description": "Configuration block containing logging configuration.\n" }, "provisioningType": { "type": "string", "description": "Provisioning behavior of the CloudFormation Type.\n" }, "schema": { "type": "string", "description": "JSON document of the CloudFormation Type schema.\n" }, "schemaHandlerPackage": { "type": "string", "description": "URL to the S3 bucket containing the extension project package that contains the necessary files for the extension you want to register. Must begin with `s3://` or `https://`. For example, `s3://example-bucket/example-object`.\n" }, "sourceUrl": { "type": "string", "description": "URL of the source code for the CloudFormation Type.\n" }, "type": { "type": "string", "description": "CloudFormation Registry Type. For example, `RESOURCE` or `MODULE`.\n" }, "typeArn": { "type": "string", "description": "(Optional) Amazon Resource Name (ARN) of the CloudFormation Type. See also `arn`.\n" }, "typeName": { "type": "string", "description": "CloudFormation Type name. For example, `ExampleCompany::ExampleService::ExampleResource`.\n" }, "versionId": { "type": "string", "description": "(Optional) Identifier of the CloudFormation Type version.\n" }, "visibility": { "type": "string", "description": "Scope of the CloudFormation Type.\n" } }, "required": [ "arn", "defaultVersionId", "deprecatedStatus", "description", "documentationUrl", "isDefaultVersion", "provisioningType", "schema", "schemaHandlerPackage", "sourceUrl", "type", "typeArn", "typeName", "versionId", "visibility" ], "inputProperties": { "executionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role for CloudFormation to assume when invoking the extension. If your extension calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the extension handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the extension handler, thereby supplying your extension with the appropriate credentials.\n", "willReplaceOnChanges": true }, "loggingConfig": { "$ref": "#/types/aws:cloudformation/CloudFormationTypeLoggingConfig:CloudFormationTypeLoggingConfig", "description": "Configuration block containing logging configuration.\n", "willReplaceOnChanges": true }, "schemaHandlerPackage": { "type": "string", "description": "URL to the S3 bucket containing the extension project package that contains the necessary files for the extension you want to register. Must begin with `s3://` or `https://`. For example, `s3://example-bucket/example-object`.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "CloudFormation Registry Type. For example, `RESOURCE` or `MODULE`.\n", "willReplaceOnChanges": true }, "typeName": { "type": "string", "description": "CloudFormation Type name. For example, `ExampleCompany::ExampleService::ExampleResource`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "schemaHandlerPackage", "typeName" ], "stateInputs": { "description": "Input properties used for looking up and filtering CloudFormationType resources.\n", "properties": { "arn": { "type": "string", "description": "(Optional) Amazon Resource Name (ARN) of the CloudFormation Type version. See also `type_arn`.\n" }, "defaultVersionId": { "type": "string", "description": "Identifier of the CloudFormation Type default version.\n" }, "deprecatedStatus": { "type": "string", "description": "Deprecation status of the version.\n" }, "description": { "type": "string", "description": "Description of the version.\n" }, "documentationUrl": { "type": "string", "description": "URL of the documentation for the CloudFormation Type.\n" }, "executionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role for CloudFormation to assume when invoking the extension. If your extension calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the extension handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the extension handler, thereby supplying your extension with the appropriate credentials.\n", "willReplaceOnChanges": true }, "isDefaultVersion": { "type": "boolean", "description": "Whether the CloudFormation Type version is the default version.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudformation/CloudFormationTypeLoggingConfig:CloudFormationTypeLoggingConfig", "description": "Configuration block containing logging configuration.\n", "willReplaceOnChanges": true }, "provisioningType": { "type": "string", "description": "Provisioning behavior of the CloudFormation Type.\n" }, "schema": { "type": "string", "description": "JSON document of the CloudFormation Type schema.\n" }, "schemaHandlerPackage": { "type": "string", "description": "URL to the S3 bucket containing the extension project package that contains the necessary files for the extension you want to register. Must begin with `s3://` or `https://`. For example, `s3://example-bucket/example-object`.\n", "willReplaceOnChanges": true }, "sourceUrl": { "type": "string", "description": "URL of the source code for the CloudFormation Type.\n" }, "type": { "type": "string", "description": "CloudFormation Registry Type. For example, `RESOURCE` or `MODULE`.\n", "willReplaceOnChanges": true }, "typeArn": { "type": "string", "description": "(Optional) Amazon Resource Name (ARN) of the CloudFormation Type. See also `arn`.\n" }, "typeName": { "type": "string", "description": "CloudFormation Type name. For example, `ExampleCompany::ExampleService::ExampleResource`.\n", "willReplaceOnChanges": true }, "versionId": { "type": "string", "description": "(Optional) Identifier of the CloudFormation Type version.\n" }, "visibility": { "type": "string", "description": "Scope of the CloudFormation Type.\n" } }, "type": "object" } }, "aws:cloudformation/stack:Stack": { "description": "Provides a CloudFormation Stack resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.cloudformation.Stack(\"network\", {\n name: \"networking-stack\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n Parameters: {\n VPCCidr: {\n Type: \"String\",\n Default: \"10.0.0.0/16\",\n Description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n Resources: {\n myVpc: {\n Type: \"AWS::EC2::VPC\",\n Properties: {\n CidrBlock: {\n Ref: \"VPCCidr\",\n },\n Tags: [{\n Key: \"Name\",\n Value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.Stack(\"network\",\n name=\"networking-stack\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"Parameters\": {\n \"VPCCidr\": {\n \"Type\": \"String\",\n \"Default\": \"10.0.0.0/16\",\n \"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"Resources\": {\n \"myVpc\": {\n \"Type\": \"AWS::EC2::VPC\",\n \"Properties\": {\n \"CidrBlock\": {\n \"Ref\": \"VPCCidr\",\n },\n \"Tags\": [{\n \"Key\": \"Name\",\n \"Value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Aws.CloudFormation.Stack(\"network\", new()\n {\n Name = \"networking-stack\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"VPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n [\"Default\"] = \"10.0.0.0/16\",\n [\"Description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"AWS::EC2::VPC\",\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"VPCCidr\",\n },\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Name\",\n [\"Value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\"VPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\"Default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\"CidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Key\": \"Name\",\n\t\t\t\t\t\t\t\t\"Value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudformation.NewStack(ctx, \"network\", \u0026cloudformation.StackArgs{\n\t\t\tName: pulumi.String(\"networking-stack\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.Stack;\nimport com.pulumi.aws.cloudformation.StackArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Stack(\"network\", StackArgs.builder()\n .name(\"networking-stack\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"VPCCidr\", jsonObject(\n jsonProperty(\"Type\", \"String\"),\n jsonProperty(\"Default\", \"10.0.0.0/16\"),\n jsonProperty(\"Description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"Type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CidrBlock\", jsonObject(\n jsonProperty(\"Ref\", \"VPCCidr\")\n )),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Name\"),\n jsonProperty(\"Value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: aws:cloudformation:Stack\n properties:\n name: networking-stack\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n Parameters:\n VPCCidr:\n Type: String\n Default: 10.0.0.0/16\n Description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n Resources:\n myVpc:\n Type: AWS::EC2::VPC\n Properties:\n CidrBlock:\n Ref: VPCCidr\n Tags:\n - Key: Name\n Value: Primary_CF_VPC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudformation Stacks using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stack:Stack stack networking-stack\n```\n", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n" }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n" }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n" } }, "required": [ "name", "outputs", "parameters", "policyBody", "tagsAll", "templateBody" ], "inputProperties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n", "willReplaceOnChanges": true }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Stack resources.\n", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities.\nValid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, or `CAPABILITY_AUTO_EXPAND`\n" }, "disableRollback": { "type": "boolean", "description": "Set to true to disable rollback of the stack if stack creation failed.\nConflicts with `on_failure`.\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN of an IAM role that AWS CloudFormation assumes to create the stack. If you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that is generated from your user credentials.\n" }, "name": { "type": "string", "description": "Stack name.\n", "willReplaceOnChanges": true }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "A list of SNS topic ARNs to publish stack related events.\n" }, "onFailure": { "type": "string", "description": "Action to be taken if stack creation fails. This must be\none of: `DO_NOTHING`, `ROLLBACK`, or `DELETE`. Conflicts with `disable_rollback`.\n", "willReplaceOnChanges": true }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "policyBody": { "type": "string", "description": "Structure containing the stack policy body.\nConflicts w/ `policy_url`.\n" }, "policyUrl": { "type": "string", "description": "Location of a file containing the stack policy.\nConflicts w/ `policy_body`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "Structure containing the template body (max size: 51,200 bytes).\n" }, "templateUrl": { "type": "string", "description": "Location of a file containing the template body (max size: 460,800 bytes).\n" }, "timeoutInMinutes": { "type": "integer", "description": "The amount of time that can pass before the stack status becomes `CREATE_FAILED`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudformation/stackSet:StackSet": { "description": "Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (`aws.cloudformation.StackSetInstance` resource). Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All template parameters, including those with a `Default`, must be configured or ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n\u003e **NOTE:** All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n\u003e **NOTE:** When using a delegated administrator account, ensure that your IAM User or Role has the `organizations:ListDelegatedAdministrators` permission. Otherwise, you may get an error like `ValidationError: Account used is not a delegated administrator`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"cloudformation.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.then(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json),\n name: \"AWSCloudFormationStackSetAdministrationRole\",\n});\nconst example = new aws.cloudformation.StackSet(\"example\", {\n administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,\n name: \"example\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n Parameters: {\n VPCCidr: {\n Type: \"String\",\n Default: \"10.0.0.0/16\",\n Description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n Resources: {\n myVpc: {\n Type: \"AWS::EC2::VPC\",\n Properties: {\n CidrBlock: {\n Ref: \"VPCCidr\",\n },\n Tags: [{\n Key: \"Name\",\n Value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n resources: [pulumi.interpolate`arn:aws:iam::*:role/${example.executionRoleName}`],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", {\n name: \"ExecutionPolicy\",\n policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy =\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json),\n role: aWSCloudFormationStackSetAdministrationRole.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [\"cloudformation.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\na_ws_cloud_formation_stack_set_administration_role = aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\",\n assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json,\n name=\"AWSCloudFormationStackSetAdministrationRole\")\nexample = aws.cloudformation.StackSet(\"example\",\n administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,\n name=\"example\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"Parameters\": {\n \"VPCCidr\": {\n \"Type\": \"String\",\n \"Default\": \"10.0.0.0/16\",\n \"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"Resources\": {\n \"myVpc\": {\n \"Type\": \"AWS::EC2::VPC\",\n \"Properties\": {\n \"CidrBlock\": {\n \"Ref\": \"VPCCidr\",\n },\n \"Tags\": [{\n \"Key\": \"Name\",\n \"Value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\na_ws_cloud_formation_stack_set_administration_role_execution_policy = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"resources\": [example.execution_role_name.apply(lambda execution_role_name: f\"arn:aws:iam::*:role/{execution_role_name}\")],\n}])\na_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\",\n name=\"ExecutionPolicy\",\n policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy.json,\n role=a_ws_cloud_formation_stack_set_administration_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"cloudformation.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", new()\n {\n AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"AWSCloudFormationStackSetAdministrationRole\",\n });\n\n var example = new Aws.CloudFormation.StackSet(\"example\", new()\n {\n AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,\n Name = \"example\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"VPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n [\"Default\"] = \"10.0.0.0/16\",\n [\"Description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"AWS::EC2::VPC\",\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"VPCCidr\",\n },\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Name\",\n [\"Value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n $\"arn:aws:iam::*:role/{example.ExecutionRoleName}\",\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", new()\n {\n Name = \"ExecutionPolicy\",\n Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Role = aWSCloudFormationStackSetAdministrationRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, \"AWSCloudFormationStackSetAdministrationRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"AWSCloudFormationStackSetAdministrationRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\"VPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\"Default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\"CidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Key\": \"Name\",\n\t\t\t\t\t\t\t\t\"Value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := cloudformation.NewStackSet(ctx, \"example\", \u0026cloudformation.StackSetArgs{\n\t\t\tAdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRoleExecutionPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRole\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.ExecutionRoleName.ApplyT(func(executionRoleName string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:iam::*:role/%v\", executionRoleName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"ExecutionPolicy\"),\n\t\t\tPolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tRole: aWSCloudFormationStackSetAdministrationRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cloudformation.StackSet;\nimport com.pulumi.aws.cloudformation.StackSetArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"cloudformation.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRole = new Role(\"aWSCloudFormationStackSetAdministrationRole\", RoleArgs.builder()\n .assumeRolePolicy(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"AWSCloudFormationStackSetAdministrationRole\")\n .build());\n\n var example = new StackSet(\"example\", StackSetArgs.builder()\n .administrationRoleArn(aWSCloudFormationStackSetAdministrationRole.arn())\n .name(\"example\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"VPCCidr\", jsonObject(\n jsonProperty(\"Type\", \"String\"),\n jsonProperty(\"Default\", \"10.0.0.0/16\"),\n jsonProperty(\"Description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"Type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CidrBlock\", jsonObject(\n jsonProperty(\"Ref\", \"VPCCidr\")\n )),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Name\"),\n jsonProperty(\"Value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n final var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .resources(example.executionRoleName().applyValue(executionRoleName -\u003e String.format(\"arn:aws:iam::*:role/%s\", executionRoleName)))\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new RolePolicy(\"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"ExecutionPolicy\")\n .policy(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy -\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .role(aWSCloudFormationStackSetAdministrationRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aWSCloudFormationStackSetAdministrationRole:\n type: aws:iam:Role\n name: AWSCloudFormationStackSetAdministrationRole\n properties:\n assumeRolePolicy: ${aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json}\n name: AWSCloudFormationStackSetAdministrationRole\n example:\n type: aws:cloudformation:StackSet\n properties:\n administrationRoleArn: ${aWSCloudFormationStackSetAdministrationRole.arn}\n name: example\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n Parameters:\n VPCCidr:\n Type: String\n Default: 10.0.0.0/16\n Description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n Resources:\n myVpc:\n Type: AWS::EC2::VPC\n Properties:\n CidrBlock:\n Ref: VPCCidr\n Tags:\n - Key: Name\n Value: Primary_CF_VPC\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\n properties:\n name: ExecutionPolicy\n policy: ${aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json}\n role: ${aWSCloudFormationStackSetAdministrationRole.name}\nvariables:\n aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - identifiers:\n - cloudformation.amazonaws.com\n type: Service\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n resources:\n - arn:aws:iam::*:role/${example.executionRoleName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\nUsing `pulumi import`, import CloudFormation StackSets using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example\n```\nUsing `pulumi import`, import CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example,DELEGATED_ADMIN\n```\n", "properties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the `SELF_MANAGED` permission model.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the StackSet.\n" }, "autoDeployment": { "$ref": "#/types/aws:cloudformation/StackSetAutoDeployment:StackSetAutoDeployment", "description": "Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the `SERVICE_MANAGED` permission model.\n" }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole` when using the `SELF_MANAGED` permission model. This should not be defined when using the `SERVICE_MANAGED` permission model.\n" }, "managedExecution": { "$ref": "#/types/aws:cloudformation/StackSetManagedExecution:StackSetManagedExecution", "description": "Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n" }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetOperationPreferences:StackSetOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set update.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "permissionModel": { "type": "string", "description": "Describes how the IAM roles required for your StackSet are created. Valid values: `SELF_MANAGED` (default), `SERVICE_MANAGED`.\n" }, "stackSetId": { "type": "string", "description": "Unique identifier of the StackSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "required": [ "arn", "executionRoleName", "name", "stackSetId", "tagsAll", "templateBody" ], "inputProperties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the `SELF_MANAGED` permission model.\n" }, "autoDeployment": { "$ref": "#/types/aws:cloudformation/StackSetAutoDeployment:StackSetAutoDeployment", "description": "Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the `SERVICE_MANAGED` permission model.\n", "willReplaceOnChanges": true }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole` when using the `SELF_MANAGED` permission model. This should not be defined when using the `SERVICE_MANAGED` permission model.\n" }, "managedExecution": { "$ref": "#/types/aws:cloudformation/StackSetManagedExecution:StackSetManagedExecution", "description": "Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n", "willReplaceOnChanges": true }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetOperationPreferences:StackSetOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set update.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "permissionModel": { "type": "string", "description": "Describes how the IAM roles required for your StackSet are created. Valid values: `SELF_MANAGED` (default), `SERVICE_MANAGED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering StackSet resources.\n", "properties": { "administrationRoleArn": { "type": "string", "description": "Amazon Resource Number (ARN) of the IAM Role in the administrator account. This must be defined when using the `SELF_MANAGED` permission model.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the StackSet.\n" }, "autoDeployment": { "$ref": "#/types/aws:cloudformation/StackSetAutoDeployment:StackSetAutoDeployment", "description": "Configuration block containing the auto-deployment model for your StackSet. This can only be defined when using the `SERVICE_MANAGED` permission model.\n", "willReplaceOnChanges": true }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`.\n" }, "description": { "type": "string", "description": "Description of the StackSet.\n" }, "executionRoleName": { "type": "string", "description": "Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole` when using the `SELF_MANAGED` permission model. This should not be defined when using the `SERVICE_MANAGED` permission model.\n" }, "managedExecution": { "$ref": "#/types/aws:cloudformation/StackSetManagedExecution:StackSetManagedExecution", "description": "Configuration block to allow StackSets to perform non-conflicting operations concurrently and queues conflicting operations.\n" }, "name": { "type": "string", "description": "Name of the StackSet. The name must be unique in the region where you create your StackSet. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and cannot be longer than 128 characters.\n", "willReplaceOnChanges": true }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetOperationPreferences:StackSetOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set update.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n" }, "permissionModel": { "type": "string", "description": "Describes how the IAM roles required for your StackSet are created. Valid values: `SELF_MANAGED` (default), `SERVICE_MANAGED`.\n" }, "stackSetId": { "type": "string", "description": "Unique identifier of the StackSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`.\n" }, "templateUrl": { "type": "string", "description": "String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`.\n" } }, "type": "object" } }, "aws:cloudformation/stackSetInstance:StackSetInstance": { "description": "Manages a CloudFormation StackSet Instance. Instances are managed in the account and region of the StackSet after the target account permissions have been configured. Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All target accounts must have an IAM Role created that matches the name of the execution role configured in the StackSet (the `execution_role_name` argument in the `aws.cloudformation.StackSet` resource) in a trust relationship with the administrative account or administration IAM Role. The execution role must have appropriate permissions to manage resources defined in the template along with those required for StackSets to operate. See the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html) for more details.\n\n\u003e **NOTE:** To retain the Stack during resource destroy, ensure `retain_stack` has been set to `true` in the state first. This must be completed _before_ a deployment that would destroy the resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudformation.StackSetInstance(\"example\", {\n accountId: \"123456789012\",\n region: \"us-east-1\",\n stackSetName: exampleAwsCloudformationStackSet.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudformation.StackSetInstance(\"example\",\n account_id=\"123456789012\",\n region=\"us-east-1\",\n stack_set_name=example_aws_cloudformation_stack_set[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFormation.StackSetInstance(\"example\", new()\n {\n AccountId = \"123456789012\",\n Region = \"us-east-1\",\n StackSetName = exampleAwsCloudformationStackSet.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudformation.NewStackSetInstance(ctx, \"example\", \u0026cloudformation.StackSetInstanceArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t\tStackSetName: pulumi.Any(exampleAwsCloudformationStackSet.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.StackSetInstance;\nimport com.pulumi.aws.cloudformation.StackSetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StackSetInstance(\"example\", StackSetInstanceArgs.builder()\n .accountId(\"123456789012\")\n .region(\"us-east-1\")\n .stackSetName(exampleAwsCloudformationStackSet.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudformation:StackSetInstance\n properties:\n accountId: '123456789012'\n region: us-east-1\n stackSetName: ${exampleAwsCloudformationStackSet.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Setup in Target Account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [aWSCloudFormationStackSetAdministrationRole.arn],\n type: \"AWS\",\n }],\n }],\n});\nconst aWSCloudFormationStackSetExecutionRole = new aws.iam.Role(\"AWSCloudFormationStackSetExecutionRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.then(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.json),\n name: \"AWSCloudFormationStackSetExecutionRole\",\n});\n// Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n// Additional IAM permissions necessary depend on the resources defined in the StackSet template\nconst aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n ],\n effect: \"Allow\",\n resources: [\"*\"],\n }],\n});\nconst aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\", {\n name: \"MinimumExecutionPolicy\",\n policy: aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.then(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy =\u003e aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.json),\n role: aWSCloudFormationStackSetExecutionRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_execution_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"identifiers\": [a_ws_cloud_formation_stack_set_administration_role[\"arn\"]],\n \"type\": \"AWS\",\n }],\n}])\na_ws_cloud_formation_stack_set_execution_role = aws.iam.Role(\"AWSCloudFormationStackSetExecutionRole\",\n assume_role_policy=a_ws_cloud_formation_stack_set_execution_role_assume_role_policy.json,\n name=\"AWSCloudFormationStackSetExecutionRole\")\n# Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n# Additional IAM permissions necessary depend on the resources defined in the StackSet template\na_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n ],\n \"effect\": \"Allow\",\n \"resources\": [\"*\"],\n}])\na_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy_role_policy = aws.iam.RolePolicy(\"AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\",\n name=\"MinimumExecutionPolicy\",\n policy=a_ws_cloud_formation_stack_set_execution_role_minimum_execution_policy.json,\n role=a_ws_cloud_formation_stack_set_execution_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n aWSCloudFormationStackSetAdministrationRole.Arn,\n },\n Type = \"AWS\",\n },\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetExecutionRole = new Aws.Iam.Role(\"AWSCloudFormationStackSetExecutionRole\", new()\n {\n AssumeRolePolicy = aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"AWSCloudFormationStackSetExecutionRole\",\n });\n\n // Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n // Additional IAM permissions necessary depend on the resources defined in the StackSet template\n var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\", new()\n {\n Name = \"MinimumExecutionPolicy\",\n Policy = aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Role = aWSCloudFormationStackSetExecutionRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\naWSCloudFormationStackSetExecutionRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"sts:AssumeRole\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nIdentifiers: interface{}{\naWSCloudFormationStackSetAdministrationRole.Arn,\n},\nType: \"AWS\",\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\naWSCloudFormationStackSetExecutionRole, err := iam.NewRole(ctx, \"AWSCloudFormationStackSetExecutionRole\", \u0026iam.RoleArgs{\nAssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.Json),\nName: pulumi.String(\"AWSCloudFormationStackSetExecutionRole\"),\n})\nif err != nil {\nreturn err\n}\n// Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n// Additional IAM permissions necessary depend on the resources defined in the StackSet template\naWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"cloudformation:*\",\n\"s3:*\",\n\"sns:*\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"MinimumExecutionPolicy\"),\nPolicy: pulumi.String(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.Json),\nRole: aWSCloudFormationStackSetExecutionRole.Name,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(aWSCloudFormationStackSetAdministrationRole.arn())\n .type(\"AWS\")\n .build())\n .build())\n .build());\n\n var aWSCloudFormationStackSetExecutionRole = new Role(\"aWSCloudFormationStackSetExecutionRole\", RoleArgs.builder()\n .assumeRolePolicy(aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"AWSCloudFormationStackSetExecutionRole\")\n .build());\n\n // Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n // Additional IAM permissions necessary depend on the resources defined in the StackSet template\n final var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"cloudformation:*\",\n \"s3:*\",\n \"sns:*\")\n .effect(\"Allow\")\n .resources(\"*\")\n .build())\n .build());\n\n var aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy = new RolePolicy(\"aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"MinimumExecutionPolicy\")\n .policy(aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .role(aWSCloudFormationStackSetExecutionRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aWSCloudFormationStackSetExecutionRole:\n type: aws:iam:Role\n name: AWSCloudFormationStackSetExecutionRole\n properties:\n assumeRolePolicy: ${aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy.json}\n name: AWSCloudFormationStackSetExecutionRole\n aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: AWSCloudFormationStackSetExecutionRole_MinimumExecutionPolicy\n properties:\n name: MinimumExecutionPolicy\n policy: ${aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy.json}\n role: ${aWSCloudFormationStackSetExecutionRole.name}\nvariables:\n aWSCloudFormationStackSetExecutionRoleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - identifiers:\n - ${aWSCloudFormationStackSetAdministrationRole.arn}\n type: AWS\n # Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html\n # Additional IAM permissions necessary depend on the resources defined in the StackSet template\n aWSCloudFormationStackSetExecutionRoleMinimumExecutionPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - cloudformation:*\n - s3:*\n - sns:*\n effect: Allow\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Deployment across Organizations account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudformation.StackSetInstance(\"example\", {\n deploymentTargets: {\n organizationalUnitIds: [exampleAwsOrganizationsOrganization.roots[0].id],\n },\n region: \"us-east-1\",\n stackSetName: exampleAwsCloudformationStackSet.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudformation.StackSetInstance(\"example\",\n deployment_targets={\n \"organizational_unit_ids\": [example_aws_organizations_organization[\"roots\"][0][\"id\"]],\n },\n region=\"us-east-1\",\n stack_set_name=example_aws_cloudformation_stack_set[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFormation.StackSetInstance(\"example\", new()\n {\n DeploymentTargets = new Aws.CloudFormation.Inputs.StackSetInstanceDeploymentTargetsArgs\n {\n OrganizationalUnitIds = new[]\n {\n exampleAwsOrganizationsOrganization.Roots[0].Id,\n },\n },\n Region = \"us-east-1\",\n StackSetName = exampleAwsCloudformationStackSet.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudformation.NewStackSetInstance(ctx, \"example\", \u0026cloudformation.StackSetInstanceArgs{\n\t\t\tDeploymentTargets: \u0026cloudformation.StackSetInstanceDeploymentTargetsArgs{\n\t\t\t\tOrganizationalUnitIds: pulumi.StringArray{\n\t\t\t\t\texampleAwsOrganizationsOrganization.Roots[0].Id,\n\t\t\t\t},\n\t\t\t},\n\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t\tStackSetName: pulumi.Any(exampleAwsCloudformationStackSet.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.StackSetInstance;\nimport com.pulumi.aws.cloudformation.StackSetInstanceArgs;\nimport com.pulumi.aws.cloudformation.inputs.StackSetInstanceDeploymentTargetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StackSetInstance(\"example\", StackSetInstanceArgs.builder()\n .deploymentTargets(StackSetInstanceDeploymentTargetsArgs.builder()\n .organizationalUnitIds(exampleAwsOrganizationsOrganization.roots()[0].id())\n .build())\n .region(\"us-east-1\")\n .stackSetName(exampleAwsCloudformationStackSet.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudformation:StackSetInstance\n properties:\n deploymentTargets:\n organizationalUnitIds:\n - ${exampleAwsOrganizationsOrganization.roots[0].id}\n region: us-east-1\n stackSetName: ${exampleAwsCloudformationStackSet.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport CloudFormation StackSet Instances that target AWS Organizational Units using the StackSet name, a slash (`/`) separated list of organizational unit IDs, and target AWS Region separated by commas (`,`). For example:\n\nImport CloudFormation StackSet Instances when acting a delegated administrator in a member account using the StackSet name, target AWS account ID or slash (`/`) separated list of organizational unit IDs, target AWS Region and `call_as` value separated by commas (`,`). For example:\n\nUsing `pulumi import`, import CloudFormation StackSet Instances that target an AWS Account ID using the StackSet name, target AWS account ID, and target AWS Region separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSetInstance:StackSetInstance example example,123456789012,us-east-1\n```\nUsing `pulumi import`, import CloudFormation StackSet Instances that target AWS Organizational Units using the StackSet name, a slash (`/`) separated list of organizational unit IDs, and target AWS Region separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSetInstance:StackSetInstance example example,ou-sdas-123123123/ou-sdas-789789789,us-east-1\n```\nUsing `pulumi import`, import CloudFormation StackSet Instances when acting a delegated administrator in a member account using the StackSet name, target AWS account ID or slash (`/`) separated list of organizational unit IDs, target AWS Region and `call_as` value separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSetInstance:StackSetInstance example example,ou-sdas-123123123/ou-sdas-789789789,us-east-1,DELEGATED_ADMIN\n```\n", "properties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n" }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "deploymentTargets": { "$ref": "#/types/aws:cloudformation/StackSetInstanceDeploymentTargets:StackSetInstanceDeploymentTargets", "description": "AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.\n" }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetInstanceOperationPreferences:StackSetInstanceOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set operation.\n" }, "organizationalUnitId": { "type": "string", "description": "Organizational unit ID in which the stack is deployed.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n" }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackId": { "type": "string", "description": "Stack identifier.\n" }, "stackInstanceSummaries": { "type": "array", "items": { "$ref": "#/types/aws:cloudformation/StackSetInstanceStackInstanceSummary:StackSetInstanceStackInstanceSummary" }, "description": "List of stack instances created from an organizational unit deployment target. This will only be populated when `deployment_targets` is set. See `stack_instance_summaries`.\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n" } }, "required": [ "accountId", "organizationalUnitId", "region", "stackId", "stackInstanceSummaries", "stackSetName" ], "inputProperties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n", "willReplaceOnChanges": true }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "deploymentTargets": { "$ref": "#/types/aws:cloudformation/StackSetInstanceDeploymentTargets:StackSetInstanceDeploymentTargets", "description": "AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.\n", "willReplaceOnChanges": true }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetInstanceOperationPreferences:StackSetInstanceOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set operation.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n", "willReplaceOnChanges": true }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "stackSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StackSetInstance resources.\n", "properties": { "accountId": { "type": "string", "description": "Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.\n", "willReplaceOnChanges": true }, "callAs": { "type": "string", "description": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`.\n" }, "deploymentTargets": { "$ref": "#/types/aws:cloudformation/StackSetInstanceDeploymentTargets:StackSetInstanceDeploymentTargets", "description": "AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See deployment_targets below.\n", "willReplaceOnChanges": true }, "operationPreferences": { "$ref": "#/types/aws:cloudformation/StackSetInstanceOperationPreferences:StackSetInstanceOperationPreferences", "description": "Preferences for how AWS CloudFormation performs a stack set operation.\n" }, "organizationalUnitId": { "type": "string", "description": "Organizational unit ID in which the stack is deployed.\n" }, "parameterOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of input parameters to override from the StackSet for this Instance.\n" }, "region": { "type": "string", "description": "Target AWS Region to create a Stack based on the StackSet. Defaults to current region.\n", "willReplaceOnChanges": true }, "retainStack": { "type": "boolean", "description": "During resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in the state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.\n" }, "stackId": { "type": "string", "description": "Stack identifier.\n" }, "stackInstanceSummaries": { "type": "array", "items": { "$ref": "#/types/aws:cloudformation/StackSetInstanceStackInstanceSummary:StackSetInstanceStackInstanceSummary" }, "description": "List of stack instances created from an organizational unit deployment target. This will only be populated when `deployment_targets` is set. See `stack_instance_summaries`.\n" }, "stackSetName": { "type": "string", "description": "Name of the StackSet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudfront/cachePolicy:CachePolicy": { "description": "## Example Usage\n\nUse the `aws.cloudfront.CachePolicy` resource to create a cache policy for CloudFront.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.CachePolicy(\"example\", {\n name: \"example-policy\",\n comment: \"test comment\",\n defaultTtl: 50,\n maxTtl: 100,\n minTtl: 1,\n parametersInCacheKeyAndForwardedToOrigin: {\n cookiesConfig: {\n cookieBehavior: \"whitelist\",\n cookies: {\n items: [\"example\"],\n },\n },\n headersConfig: {\n headerBehavior: \"whitelist\",\n headers: {\n items: [\"example\"],\n },\n },\n queryStringsConfig: {\n queryStringBehavior: \"whitelist\",\n queryStrings: {\n items: [\"example\"],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.CachePolicy(\"example\",\n name=\"example-policy\",\n comment=\"test comment\",\n default_ttl=50,\n max_ttl=100,\n min_ttl=1,\n parameters_in_cache_key_and_forwarded_to_origin={\n \"cookies_config\": {\n \"cookie_behavior\": \"whitelist\",\n \"cookies\": {\n \"items\": [\"example\"],\n },\n },\n \"headers_config\": {\n \"header_behavior\": \"whitelist\",\n \"headers\": {\n \"items\": [\"example\"],\n },\n },\n \"query_strings_config\": {\n \"query_string_behavior\": \"whitelist\",\n \"query_strings\": {\n \"items\": [\"example\"],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.CachePolicy(\"example\", new()\n {\n Name = \"example-policy\",\n Comment = \"test comment\",\n DefaultTtl = 50,\n MaxTtl = 100,\n MinTtl = 1,\n ParametersInCacheKeyAndForwardedToOrigin = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginArgs\n {\n CookiesConfig = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigArgs\n {\n CookieBehavior = \"whitelist\",\n Cookies = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookiesArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n HeadersConfig = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigArgs\n {\n HeaderBehavior = \"whitelist\",\n Headers = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeadersArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n QueryStringsConfig = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigArgs\n {\n QueryStringBehavior = \"whitelist\",\n QueryStrings = new Aws.CloudFront.Inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStringsArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewCachePolicy(ctx, \"example\", \u0026cloudfront.CachePolicyArgs{\n\t\t\tName: pulumi.String(\"example-policy\"),\n\t\t\tComment: pulumi.String(\"test comment\"),\n\t\t\tDefaultTtl: pulumi.Int(50),\n\t\t\tMaxTtl: pulumi.Int(100),\n\t\t\tMinTtl: pulumi.Int(1),\n\t\t\tParametersInCacheKeyAndForwardedToOrigin: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginArgs{\n\t\t\t\tCookiesConfig: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigArgs{\n\t\t\t\t\tCookieBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\t\tCookies: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookiesArgs{\n\t\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tHeadersConfig: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigArgs{\n\t\t\t\t\tHeaderBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\t\tHeaders: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeadersArgs{\n\t\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tQueryStringsConfig: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigArgs{\n\t\t\t\t\tQueryStringBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\t\tQueryStrings: \u0026cloudfront.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStringsArgs{\n\t\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CachePolicy;\nimport com.pulumi.aws.cloudfront.CachePolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookiesArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeadersArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStringsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CachePolicy(\"example\", CachePolicyArgs.builder()\n .name(\"example-policy\")\n .comment(\"test comment\")\n .defaultTtl(50)\n .maxTtl(100)\n .minTtl(1)\n .parametersInCacheKeyAndForwardedToOrigin(CachePolicyParametersInCacheKeyAndForwardedToOriginArgs.builder()\n .cookiesConfig(CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigArgs.builder()\n .cookieBehavior(\"whitelist\")\n .cookies(CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookiesArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .headersConfig(CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigArgs.builder()\n .headerBehavior(\"whitelist\")\n .headers(CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeadersArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .queryStringsConfig(CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigArgs.builder()\n .queryStringBehavior(\"whitelist\")\n .queryStrings(CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStringsArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:CachePolicy\n properties:\n name: example-policy\n comment: test comment\n defaultTtl: 50\n maxTtl: 100\n minTtl: 1\n parametersInCacheKeyAndForwardedToOrigin:\n cookiesConfig:\n cookieBehavior: whitelist\n cookies:\n items:\n - example\n headersConfig:\n headerBehavior: whitelist\n headers:\n items:\n - example\n queryStringsConfig:\n queryStringBehavior: whitelist\n queryStrings:\n items:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront cache policies using the `id` of the cache policy. For example:\n\n```sh\n$ pulumi import aws:cloudfront/cachePolicy:CachePolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f6\n```\n", "properties": { "comment": { "type": "string", "description": "Description for the cache policy.\n" }, "defaultTtl": { "type": "integer", "description": "Amount of time, in seconds, that objects are allowed to remain in the CloudFront cache before CloudFront sends a new request to the origin server to check if the object has been updated.\n" }, "etag": { "type": "string", "description": "Current version of the cache policy.\n" }, "maxTtl": { "type": "integer", "description": "Maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n" }, "minTtl": { "type": "integer", "description": "Minimum amount of time, in seconds, that objects should remain in the CloudFront cache before a new request is sent to the origin to check for updates.\n" }, "name": { "type": "string", "description": "Unique name used to identify the cache policy.\n" }, "parametersInCacheKeyAndForwardedToOrigin": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOrigin:CachePolicyParametersInCacheKeyAndForwardedToOrigin", "description": "Configuration for including HTTP headers, cookies, and URL query strings in the cache key. For more information, refer to the Parameters In Cache Key And Forwarded To Origin section.\n" } }, "required": [ "etag", "name", "parametersInCacheKeyAndForwardedToOrigin" ], "inputProperties": { "comment": { "type": "string", "description": "Description for the cache policy.\n" }, "defaultTtl": { "type": "integer", "description": "Amount of time, in seconds, that objects are allowed to remain in the CloudFront cache before CloudFront sends a new request to the origin server to check if the object has been updated.\n" }, "maxTtl": { "type": "integer", "description": "Maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n" }, "minTtl": { "type": "integer", "description": "Minimum amount of time, in seconds, that objects should remain in the CloudFront cache before a new request is sent to the origin to check for updates.\n" }, "name": { "type": "string", "description": "Unique name used to identify the cache policy.\n" }, "parametersInCacheKeyAndForwardedToOrigin": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOrigin:CachePolicyParametersInCacheKeyAndForwardedToOrigin", "description": "Configuration for including HTTP headers, cookies, and URL query strings in the cache key. For more information, refer to the Parameters In Cache Key And Forwarded To Origin section.\n" } }, "requiredInputs": [ "parametersInCacheKeyAndForwardedToOrigin" ], "stateInputs": { "description": "Input properties used for looking up and filtering CachePolicy resources.\n", "properties": { "comment": { "type": "string", "description": "Description for the cache policy.\n" }, "defaultTtl": { "type": "integer", "description": "Amount of time, in seconds, that objects are allowed to remain in the CloudFront cache before CloudFront sends a new request to the origin server to check if the object has been updated.\n" }, "etag": { "type": "string", "description": "Current version of the cache policy.\n" }, "maxTtl": { "type": "integer", "description": "Maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n" }, "minTtl": { "type": "integer", "description": "Minimum amount of time, in seconds, that objects should remain in the CloudFront cache before a new request is sent to the origin to check for updates.\n" }, "name": { "type": "string", "description": "Unique name used to identify the cache policy.\n" }, "parametersInCacheKeyAndForwardedToOrigin": { "$ref": "#/types/aws:cloudfront/CachePolicyParametersInCacheKeyAndForwardedToOrigin:CachePolicyParametersInCacheKeyAndForwardedToOrigin", "description": "Configuration for including HTTP headers, cookies, and URL query strings in the cache key. For more information, refer to the Parameters In Cache Key And Forwarded To Origin section.\n" } }, "type": "object" } }, "aws:cloudfront/continuousDeploymentPolicy:ContinuousDeploymentPolicy": { "description": "Resource for managing an AWS CloudFront Continuous Deployment Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst staging = new aws.cloudfront.Distribution(\"staging\", {\n enabled: true,\n staging: true,\n});\nconst example = new aws.cloudfront.ContinuousDeploymentPolicy(\"example\", {\n enabled: true,\n stagingDistributionDnsNames: {\n items: [staging.domainName],\n quantity: 1,\n },\n trafficConfig: {\n type: \"SingleWeight\",\n singleWeightConfig: {\n weight: 0.01,\n },\n },\n});\nconst production = new aws.cloudfront.Distribution(\"production\", {\n enabled: true,\n continuousDeploymentPolicyId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstaging = aws.cloudfront.Distribution(\"staging\",\n enabled=True,\n staging=True)\nexample = aws.cloudfront.ContinuousDeploymentPolicy(\"example\",\n enabled=True,\n staging_distribution_dns_names={\n \"items\": [staging.domain_name],\n \"quantity\": 1,\n },\n traffic_config={\n \"type\": \"SingleWeight\",\n \"single_weight_config\": {\n \"weight\": 0.01,\n },\n })\nproduction = aws.cloudfront.Distribution(\"production\",\n enabled=True,\n continuous_deployment_policy_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var staging = new Aws.CloudFront.Distribution(\"staging\", new()\n {\n Enabled = true,\n Staging = true,\n });\n\n var example = new Aws.CloudFront.ContinuousDeploymentPolicy(\"example\", new()\n {\n Enabled = true,\n StagingDistributionDnsNames = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs\n {\n Items = new[]\n {\n staging.DomainName,\n },\n Quantity = 1,\n },\n TrafficConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigArgs\n {\n Type = \"SingleWeight\",\n SingleWeightConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs\n {\n Weight = 0.01,\n },\n },\n });\n\n var production = new Aws.CloudFront.Distribution(\"production\", new()\n {\n Enabled = true,\n ContinuousDeploymentPolicyId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tstaging, err := cloudfront.NewDistribution(ctx, \"staging\", \u0026cloudfront.DistributionArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tStaging: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := cloudfront.NewContinuousDeploymentPolicy(ctx, \"example\", \u0026cloudfront.ContinuousDeploymentPolicyArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tStagingDistributionDnsNames: \u0026cloudfront.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs{\n\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\tstaging.DomainName,\n\t\t\t\t},\n\t\t\t\tQuantity: pulumi.Int(1),\n\t\t\t},\n\t\t\tTrafficConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigArgs{\n\t\t\t\tType: pulumi.String(\"SingleWeight\"),\n\t\t\t\tSingleWeightConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs{\n\t\t\t\t\tWeight: pulumi.Float64(0.01),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewDistribution(ctx, \"production\", \u0026cloudfront.DistributionArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tContinuousDeploymentPolicyId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicy;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var staging = new Distribution(\"staging\", DistributionArgs.builder()\n .enabled(true)\n .staging(true)\n .build());\n\n var example = new ContinuousDeploymentPolicy(\"example\", ContinuousDeploymentPolicyArgs.builder()\n .enabled(true)\n .stagingDistributionDnsNames(ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs.builder()\n .items(staging.domainName())\n .quantity(1)\n .build())\n .trafficConfig(ContinuousDeploymentPolicyTrafficConfigArgs.builder()\n .type(\"SingleWeight\")\n .singleWeightConfig(ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs.builder()\n .weight(\"0.01\")\n .build())\n .build())\n .build());\n\n var production = new Distribution(\"production\", DistributionArgs.builder()\n .enabled(true)\n .continuousDeploymentPolicyId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n staging:\n type: aws:cloudfront:Distribution\n properties:\n enabled: true\n staging: true # ... other configuration ...\n example:\n type: aws:cloudfront:ContinuousDeploymentPolicy\n properties:\n enabled: true\n stagingDistributionDnsNames:\n items:\n - ${staging.domainName}\n quantity: 1\n trafficConfig:\n type: SingleWeight\n singleWeightConfig:\n weight: '0.01'\n production:\n type: aws:cloudfront:Distribution\n properties:\n enabled: true # NOTE: A continuous deployment policy cannot be associated to distribution\n # # on creation. Set this argument once the resource exists.\n continuousDeploymentPolicyId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Single Weight Config with Session Stickiness\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.ContinuousDeploymentPolicy(\"example\", {\n enabled: true,\n stagingDistributionDnsNames: {\n items: [staging.domainName],\n quantity: 1,\n },\n trafficConfig: {\n type: \"SingleWeight\",\n singleWeightConfig: {\n weight: 0.01,\n sessionStickinessConfig: {\n idleTtl: 300,\n maximumTtl: 600,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.ContinuousDeploymentPolicy(\"example\",\n enabled=True,\n staging_distribution_dns_names={\n \"items\": [staging[\"domainName\"]],\n \"quantity\": 1,\n },\n traffic_config={\n \"type\": \"SingleWeight\",\n \"single_weight_config\": {\n \"weight\": 0.01,\n \"session_stickiness_config\": {\n \"idle_ttl\": 300,\n \"maximum_ttl\": 600,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.ContinuousDeploymentPolicy(\"example\", new()\n {\n Enabled = true,\n StagingDistributionDnsNames = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs\n {\n Items = new[]\n {\n staging.DomainName,\n },\n Quantity = 1,\n },\n TrafficConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigArgs\n {\n Type = \"SingleWeight\",\n SingleWeightConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs\n {\n Weight = 0.01,\n SessionStickinessConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfigArgs\n {\n IdleTtl = 300,\n MaximumTtl = 600,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewContinuousDeploymentPolicy(ctx, \"example\", \u0026cloudfront.ContinuousDeploymentPolicyArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tStagingDistributionDnsNames: \u0026cloudfront.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs{\n\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\tstaging.DomainName,\n\t\t\t\t},\n\t\t\t\tQuantity: pulumi.Int(1),\n\t\t\t},\n\t\t\tTrafficConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigArgs{\n\t\t\t\tType: pulumi.String(\"SingleWeight\"),\n\t\t\t\tSingleWeightConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs{\n\t\t\t\t\tWeight: pulumi.Float64(0.01),\n\t\t\t\t\tSessionStickinessConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfigArgs{\n\t\t\t\t\t\tIdleTtl: pulumi.Int(300),\n\t\t\t\t\t\tMaximumTtl: pulumi.Int(600),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicy;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContinuousDeploymentPolicy(\"example\", ContinuousDeploymentPolicyArgs.builder()\n .enabled(true)\n .stagingDistributionDnsNames(ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs.builder()\n .items(staging.domainName())\n .quantity(1)\n .build())\n .trafficConfig(ContinuousDeploymentPolicyTrafficConfigArgs.builder()\n .type(\"SingleWeight\")\n .singleWeightConfig(ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigArgs.builder()\n .weight(\"0.01\")\n .sessionStickinessConfig(ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfigArgs.builder()\n .idleTtl(300)\n .maximumTtl(600)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:ContinuousDeploymentPolicy\n properties:\n enabled: true\n stagingDistributionDnsNames:\n items:\n - ${staging.domainName}\n quantity: 1\n trafficConfig:\n type: SingleWeight\n singleWeightConfig:\n weight: '0.01'\n sessionStickinessConfig:\n idleTtl: 300\n maximumTtl: 600\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Single Header Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.ContinuousDeploymentPolicy(\"example\", {\n enabled: true,\n stagingDistributionDnsNames: {\n items: [staging.domainName],\n quantity: 1,\n },\n trafficConfig: {\n type: \"SingleHeader\",\n singleHeaderConfig: {\n header: \"aws-cf-cd-example\",\n value: \"example\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.ContinuousDeploymentPolicy(\"example\",\n enabled=True,\n staging_distribution_dns_names={\n \"items\": [staging[\"domainName\"]],\n \"quantity\": 1,\n },\n traffic_config={\n \"type\": \"SingleHeader\",\n \"single_header_config\": {\n \"header\": \"aws-cf-cd-example\",\n \"value\": \"example\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.ContinuousDeploymentPolicy(\"example\", new()\n {\n Enabled = true,\n StagingDistributionDnsNames = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs\n {\n Items = new[]\n {\n staging.DomainName,\n },\n Quantity = 1,\n },\n TrafficConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigArgs\n {\n Type = \"SingleHeader\",\n SingleHeaderConfig = new Aws.CloudFront.Inputs.ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfigArgs\n {\n Header = \"aws-cf-cd-example\",\n Value = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewContinuousDeploymentPolicy(ctx, \"example\", \u0026cloudfront.ContinuousDeploymentPolicyArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tStagingDistributionDnsNames: \u0026cloudfront.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs{\n\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\tstaging.DomainName,\n\t\t\t\t},\n\t\t\t\tQuantity: pulumi.Int(1),\n\t\t\t},\n\t\t\tTrafficConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigArgs{\n\t\t\t\tType: pulumi.String(\"SingleHeader\"),\n\t\t\t\tSingleHeaderConfig: \u0026cloudfront.ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfigArgs{\n\t\t\t\t\tHeader: pulumi.String(\"aws-cf-cd-example\"),\n\t\t\t\t\tValue: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicy;\nimport com.pulumi.aws.cloudfront.ContinuousDeploymentPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContinuousDeploymentPolicy(\"example\", ContinuousDeploymentPolicyArgs.builder()\n .enabled(true)\n .stagingDistributionDnsNames(ContinuousDeploymentPolicyStagingDistributionDnsNamesArgs.builder()\n .items(staging.domainName())\n .quantity(1)\n .build())\n .trafficConfig(ContinuousDeploymentPolicyTrafficConfigArgs.builder()\n .type(\"SingleHeader\")\n .singleHeaderConfig(ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfigArgs.builder()\n .header(\"aws-cf-cd-example\")\n .value(\"example\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:ContinuousDeploymentPolicy\n properties:\n enabled: true\n stagingDistributionDnsNames:\n items:\n - ${staging.domainName}\n quantity: 1\n trafficConfig:\n type: SingleHeader\n singleHeaderConfig:\n header: aws-cf-cd-example\n value: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Continuous Deployment Policy using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/continuousDeploymentPolicy:ContinuousDeploymentPolicy example abcd-1234\n```\n", "properties": { "enabled": { "type": "boolean", "description": "Whether this continuous deployment policy is enabled.\n" }, "etag": { "type": "string", "description": "Current version of the continuous distribution policy.\n" }, "lastModifiedTime": { "type": "string", "description": "Date and time the continuous deployment policy was last modified.\n" }, "stagingDistributionDnsNames": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyStagingDistributionDnsNames:ContinuousDeploymentPolicyStagingDistributionDnsNames", "description": "CloudFront domain name of the staging distribution. See `staging_distribution_dns_names`.\n" }, "trafficConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfig:ContinuousDeploymentPolicyTrafficConfig", "description": "Parameters for routing production traffic from primary to staging distributions. See `traffic_config`.\n" } }, "required": [ "enabled", "etag", "lastModifiedTime" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether this continuous deployment policy is enabled.\n" }, "stagingDistributionDnsNames": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyStagingDistributionDnsNames:ContinuousDeploymentPolicyStagingDistributionDnsNames", "description": "CloudFront domain name of the staging distribution. See `staging_distribution_dns_names`.\n" }, "trafficConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfig:ContinuousDeploymentPolicyTrafficConfig", "description": "Parameters for routing production traffic from primary to staging distributions. See `traffic_config`.\n" } }, "requiredInputs": [ "enabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContinuousDeploymentPolicy resources.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether this continuous deployment policy is enabled.\n" }, "etag": { "type": "string", "description": "Current version of the continuous distribution policy.\n" }, "lastModifiedTime": { "type": "string", "description": "Date and time the continuous deployment policy was last modified.\n" }, "stagingDistributionDnsNames": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyStagingDistributionDnsNames:ContinuousDeploymentPolicyStagingDistributionDnsNames", "description": "CloudFront domain name of the staging distribution. See `staging_distribution_dns_names`.\n" }, "trafficConfig": { "$ref": "#/types/aws:cloudfront/ContinuousDeploymentPolicyTrafficConfig:ContinuousDeploymentPolicyTrafficConfig", "description": "Parameters for routing production traffic from primary to staging distributions. See `traffic_config`.\n" } }, "type": "object" } }, "aws:cloudfront/distribution:Distribution": { "description": "Creates an Amazon CloudFront web distribution.\n\nFor information about CloudFront distributions, see the [Amazon CloudFront Developer Guide](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html). For specific information about creating CloudFront web distributions, see the [POST Distribution](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html) page in the Amazon CloudFront API Reference.\n\n\u003e **NOTE:** CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the `retain_on_delete` flag.\n\n## Example Usage\n\n### S3 Origin\n\nThe example below creates a CloudFront distribution with an S3 origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {\n bucket: \"mybucket\",\n tags: {\n Name: \"My bucket\",\n },\n});\nconst bAcl = new aws.s3.BucketAclV2(\"b_acl\", {\n bucket: b.id,\n acl: \"private\",\n});\nconst s3OriginId = \"myS3Origin\";\nconst s3Distribution = new aws.cloudfront.Distribution(\"s3_distribution\", {\n origins: [{\n domainName: b.bucketRegionalDomainName,\n originAccessControlId: _default.id,\n originId: s3OriginId,\n }],\n enabled: true,\n isIpv6Enabled: true,\n comment: \"Some comment\",\n defaultRootObject: \"index.html\",\n loggingConfig: {\n includeCookies: false,\n bucket: \"mylogs.s3.amazonaws.com\",\n prefix: \"myprefix\",\n },\n aliases: [\n \"mysite.example.com\",\n \"yoursite.example.com\",\n ],\n defaultCacheBehavior: {\n allowedMethods: [\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n ],\n targetOriginId: s3OriginId,\n forwardedValues: {\n queryString: false,\n cookies: {\n forward: \"none\",\n },\n },\n viewerProtocolPolicy: \"allow-all\",\n minTtl: 0,\n defaultTtl: 3600,\n maxTtl: 86400,\n },\n orderedCacheBehaviors: [\n {\n pathPattern: \"/content/immutable/*\",\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n targetOriginId: s3OriginId,\n forwardedValues: {\n queryString: false,\n headers: [\"Origin\"],\n cookies: {\n forward: \"none\",\n },\n },\n minTtl: 0,\n defaultTtl: 86400,\n maxTtl: 31536000,\n compress: true,\n viewerProtocolPolicy: \"redirect-to-https\",\n },\n {\n pathPattern: \"/content/*\",\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n cachedMethods: [\n \"GET\",\n \"HEAD\",\n ],\n targetOriginId: s3OriginId,\n forwardedValues: {\n queryString: false,\n cookies: {\n forward: \"none\",\n },\n },\n minTtl: 0,\n defaultTtl: 3600,\n maxTtl: 86400,\n compress: true,\n viewerProtocolPolicy: \"redirect-to-https\",\n },\n ],\n priceClass: \"PriceClass_200\",\n restrictions: {\n geoRestriction: {\n restrictionType: \"whitelist\",\n locations: [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n },\n },\n tags: {\n Environment: \"production\",\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\",\n bucket=\"mybucket\",\n tags={\n \"Name\": \"My bucket\",\n })\nb_acl = aws.s3.BucketAclV2(\"b_acl\",\n bucket=b.id,\n acl=\"private\")\ns3_origin_id = \"myS3Origin\"\ns3_distribution = aws.cloudfront.Distribution(\"s3_distribution\",\n origins=[{\n \"domain_name\": b.bucket_regional_domain_name,\n \"origin_access_control_id\": default[\"id\"],\n \"origin_id\": s3_origin_id,\n }],\n enabled=True,\n is_ipv6_enabled=True,\n comment=\"Some comment\",\n default_root_object=\"index.html\",\n logging_config={\n \"include_cookies\": False,\n \"bucket\": \"mylogs.s3.amazonaws.com\",\n \"prefix\": \"myprefix\",\n },\n aliases=[\n \"mysite.example.com\",\n \"yoursite.example.com\",\n ],\n default_cache_behavior={\n \"allowed_methods\": [\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n ],\n \"cached_methods\": [\n \"GET\",\n \"HEAD\",\n ],\n \"target_origin_id\": s3_origin_id,\n \"forwarded_values\": {\n \"query_string\": False,\n \"cookies\": {\n \"forward\": \"none\",\n },\n },\n \"viewer_protocol_policy\": \"allow-all\",\n \"min_ttl\": 0,\n \"default_ttl\": 3600,\n \"max_ttl\": 86400,\n },\n ordered_cache_behaviors=[\n {\n \"path_pattern\": \"/content/immutable/*\",\n \"allowed_methods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"cached_methods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"target_origin_id\": s3_origin_id,\n \"forwarded_values\": {\n \"query_string\": False,\n \"headers\": [\"Origin\"],\n \"cookies\": {\n \"forward\": \"none\",\n },\n },\n \"min_ttl\": 0,\n \"default_ttl\": 86400,\n \"max_ttl\": 31536000,\n \"compress\": True,\n \"viewer_protocol_policy\": \"redirect-to-https\",\n },\n {\n \"path_pattern\": \"/content/*\",\n \"allowed_methods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"cached_methods\": [\n \"GET\",\n \"HEAD\",\n ],\n \"target_origin_id\": s3_origin_id,\n \"forwarded_values\": {\n \"query_string\": False,\n \"cookies\": {\n \"forward\": \"none\",\n },\n },\n \"min_ttl\": 0,\n \"default_ttl\": 3600,\n \"max_ttl\": 86400,\n \"compress\": True,\n \"viewer_protocol_policy\": \"redirect-to-https\",\n },\n ],\n price_class=\"PriceClass_200\",\n restrictions={\n \"geo_restriction\": {\n \"restriction_type\": \"whitelist\",\n \"locations\": [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n },\n },\n tags={\n \"Environment\": \"production\",\n },\n viewer_certificate={\n \"cloudfront_default_certificate\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"mybucket\",\n Tags = \n {\n { \"Name\", \"My bucket\" },\n },\n });\n\n var bAcl = new Aws.S3.BucketAclV2(\"b_acl\", new()\n {\n Bucket = b.Id,\n Acl = \"private\",\n });\n\n var s3OriginId = \"myS3Origin\";\n\n var s3Distribution = new Aws.CloudFront.Distribution(\"s3_distribution\", new()\n {\n Origins = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = b.BucketRegionalDomainName,\n OriginAccessControlId = @default.Id,\n OriginId = s3OriginId,\n },\n },\n Enabled = true,\n IsIpv6Enabled = true,\n Comment = \"Some comment\",\n DefaultRootObject = \"index.html\",\n LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs\n {\n IncludeCookies = false,\n Bucket = \"mylogs.s3.amazonaws.com\",\n Prefix = \"myprefix\",\n },\n Aliases = new[]\n {\n \"mysite.example.com\",\n \"yoursite.example.com\",\n },\n DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n AllowedMethods = new[]\n {\n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\",\n },\n CachedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n },\n TargetOriginId = s3OriginId,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs\n {\n QueryString = false,\n Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n },\n ViewerProtocolPolicy = \"allow-all\",\n MinTtl = 0,\n DefaultTtl = 3600,\n MaxTtl = 86400,\n },\n OrderedCacheBehaviors = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs\n {\n PathPattern = \"/content/immutable/*\",\n AllowedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n CachedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n TargetOriginId = s3OriginId,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs\n {\n QueryString = false,\n Headers = new[]\n {\n \"Origin\",\n },\n Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n },\n MinTtl = 0,\n DefaultTtl = 86400,\n MaxTtl = 31536000,\n Compress = true,\n ViewerProtocolPolicy = \"redirect-to-https\",\n },\n new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs\n {\n PathPattern = \"/content/*\",\n AllowedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n CachedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n },\n TargetOriginId = s3OriginId,\n ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs\n {\n QueryString = false,\n Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs\n {\n Forward = \"none\",\n },\n },\n MinTtl = 0,\n DefaultTtl = 3600,\n MaxTtl = 86400,\n Compress = true,\n ViewerProtocolPolicy = \"redirect-to-https\",\n },\n },\n PriceClass = \"PriceClass_200\",\n Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs\n {\n GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs\n {\n RestrictionType = \"whitelist\",\n Locations = new[]\n {\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n },\n },\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs\n {\n CloudfrontDefaultCertificate = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My bucket\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"b_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: b.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3OriginId := \"myS3Origin\"\n\t\t_, err = cloudfront.NewDistribution(ctx, \"s3_distribution\", \u0026cloudfront.DistributionArgs{\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: b.BucketRegionalDomainName,\n\t\t\t\t\tOriginAccessControlId: pulumi.Any(_default.Id),\n\t\t\t\t\tOriginId: pulumi.String(s3OriginId),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tIsIpv6Enabled: pulumi.Bool(true),\n\t\t\tComment: pulumi.String(\"Some comment\"),\n\t\t\tDefaultRootObject: pulumi.String(\"index.html\"),\n\t\t\tLoggingConfig: \u0026cloudfront.DistributionLoggingConfigArgs{\n\t\t\t\tIncludeCookies: pulumi.Bool(false),\n\t\t\t\tBucket: pulumi.String(\"mylogs.s3.amazonaws.com\"),\n\t\t\t\tPrefix: pulumi.String(\"myprefix\"),\n\t\t\t},\n\t\t\tAliases: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"mysite.example.com\"),\n\t\t\t\tpulumi.String(\"yoursite.example.com\"),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026cloudfront.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DELETE\"),\n\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\tpulumi.String(\"PATCH\"),\n\t\t\t\t\tpulumi.String(\"POST\"),\n\t\t\t\t\tpulumi.String(\"PUT\"),\n\t\t\t\t},\n\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t},\n\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\tForwardedValues: \u0026cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t\tCookies: \u0026cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tViewerProtocolPolicy: pulumi.String(\"allow-all\"),\n\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\tDefaultTtl: pulumi.Int(3600),\n\t\t\t\tMaxTtl: pulumi.Int(86400),\n\t\t\t},\n\t\t\tOrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{\n\t\t\t\t\u0026cloudfront.DistributionOrderedCacheBehaviorArgs{\n\t\t\t\t\tPathPattern: pulumi.String(\"/content/immutable/*\"),\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\t\tForwardedValues: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t\t\tHeaders: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Origin\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tCookies: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\t\tDefaultTtl: pulumi.Int(86400),\n\t\t\t\t\tMaxTtl: pulumi.Int(31536000),\n\t\t\t\t\tCompress: pulumi.Bool(true),\n\t\t\t\t\tViewerProtocolPolicy: pulumi.String(\"redirect-to-https\"),\n\t\t\t\t},\n\t\t\t\t\u0026cloudfront.DistributionOrderedCacheBehaviorArgs{\n\t\t\t\t\tPathPattern: pulumi.String(\"/content/*\"),\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t\t},\n\t\t\t\t\tCachedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\t},\n\t\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t\t\tForwardedValues: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{\n\t\t\t\t\t\tQueryString: pulumi.Bool(false),\n\t\t\t\t\t\tCookies: \u0026cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{\n\t\t\t\t\t\t\tForward: pulumi.String(\"none\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMinTtl: pulumi.Int(0),\n\t\t\t\t\tDefaultTtl: pulumi.Int(3600),\n\t\t\t\t\tMaxTtl: pulumi.Int(86400),\n\t\t\t\t\tCompress: pulumi.Bool(true),\n\t\t\t\t\tViewerProtocolPolicy: pulumi.String(\"redirect-to-https\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPriceClass: pulumi.String(\"PriceClass_200\"),\n\t\t\tRestrictions: \u0026cloudfront.DistributionRestrictionsArgs{\n\t\t\t\tGeoRestriction: \u0026cloudfront.DistributionRestrictionsGeoRestrictionArgs{\n\t\t\t\t\tRestrictionType: pulumi.String(\"whitelist\"),\n\t\t\t\t\tLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\tpulumi.String(\"GB\"),\n\t\t\t\t\t\tpulumi.String(\"DE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t\tViewerCertificate: \u0026cloudfront.DistributionViewerCertificateArgs{\n\t\t\t\tCloudfrontDefaultCertificate: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder()\n .bucket(\"mybucket\")\n .tags(Map.of(\"Name\", \"My bucket\"))\n .build());\n\n var bAcl = new BucketAclV2(\"bAcl\", BucketAclV2Args.builder()\n .bucket(b.id())\n .acl(\"private\")\n .build());\n\n final var s3OriginId = \"myS3Origin\";\n\n var s3Distribution = new Distribution(\"s3Distribution\", DistributionArgs.builder()\n .origins(DistributionOriginArgs.builder()\n .domainName(b.bucketRegionalDomainName())\n .originAccessControlId(default_.id())\n .originId(s3OriginId)\n .build())\n .enabled(true)\n .isIpv6Enabled(true)\n .comment(\"Some comment\")\n .defaultRootObject(\"index.html\")\n .loggingConfig(DistributionLoggingConfigArgs.builder()\n .includeCookies(false)\n .bucket(\"mylogs.s3.amazonaws.com\")\n .prefix(\"myprefix\")\n .build())\n .aliases( \n \"mysite.example.com\",\n \"yoursite.example.com\")\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .allowedMethods( \n \"DELETE\",\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PATCH\",\n \"POST\",\n \"PUT\")\n .cachedMethods( \n \"GET\",\n \"HEAD\")\n .targetOriginId(s3OriginId)\n .forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()\n .queryString(false)\n .cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()\n .forward(\"none\")\n .build())\n .build())\n .viewerProtocolPolicy(\"allow-all\")\n .minTtl(0)\n .defaultTtl(3600)\n .maxTtl(86400)\n .build())\n .orderedCacheBehaviors( \n DistributionOrderedCacheBehaviorArgs.builder()\n .pathPattern(\"/content/immutable/*\")\n .allowedMethods( \n \"GET\",\n \"HEAD\",\n \"OPTIONS\")\n .cachedMethods( \n \"GET\",\n \"HEAD\",\n \"OPTIONS\")\n .targetOriginId(s3OriginId)\n .forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()\n .queryString(false)\n .headers(\"Origin\")\n .cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()\n .forward(\"none\")\n .build())\n .build())\n .minTtl(0)\n .defaultTtl(86400)\n .maxTtl(31536000)\n .compress(true)\n .viewerProtocolPolicy(\"redirect-to-https\")\n .build(),\n DistributionOrderedCacheBehaviorArgs.builder()\n .pathPattern(\"/content/*\")\n .allowedMethods( \n \"GET\",\n \"HEAD\",\n \"OPTIONS\")\n .cachedMethods( \n \"GET\",\n \"HEAD\")\n .targetOriginId(s3OriginId)\n .forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()\n .queryString(false)\n .cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()\n .forward(\"none\")\n .build())\n .build())\n .minTtl(0)\n .defaultTtl(3600)\n .maxTtl(86400)\n .compress(true)\n .viewerProtocolPolicy(\"redirect-to-https\")\n .build())\n .priceClass(\"PriceClass_200\")\n .restrictions(DistributionRestrictionsArgs.builder()\n .geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()\n .restrictionType(\"whitelist\")\n .locations( \n \"US\",\n \"CA\",\n \"GB\",\n \"DE\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"production\"))\n .viewerCertificate(DistributionViewerCertificateArgs.builder()\n .cloudfrontDefaultCertificate(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: mybucket\n tags:\n Name: My bucket\n bAcl:\n type: aws:s3:BucketAclV2\n name: b_acl\n properties:\n bucket: ${b.id}\n acl: private\n s3Distribution:\n type: aws:cloudfront:Distribution\n name: s3_distribution\n properties:\n origins:\n - domainName: ${b.bucketRegionalDomainName}\n originAccessControlId: ${default.id}\n originId: ${s3OriginId}\n enabled: true\n isIpv6Enabled: true\n comment: Some comment\n defaultRootObject: index.html\n loggingConfig:\n includeCookies: false\n bucket: mylogs.s3.amazonaws.com\n prefix: myprefix\n aliases:\n - mysite.example.com\n - yoursite.example.com\n defaultCacheBehavior:\n allowedMethods:\n - DELETE\n - GET\n - HEAD\n - OPTIONS\n - PATCH\n - POST\n - PUT\n cachedMethods:\n - GET\n - HEAD\n targetOriginId: ${s3OriginId}\n forwardedValues:\n queryString: false\n cookies:\n forward: none\n viewerProtocolPolicy: allow-all\n minTtl: 0\n defaultTtl: 3600\n maxTtl: 86400\n orderedCacheBehaviors:\n - pathPattern: /content/immutable/*\n allowedMethods:\n - GET\n - HEAD\n - OPTIONS\n cachedMethods:\n - GET\n - HEAD\n - OPTIONS\n targetOriginId: ${s3OriginId}\n forwardedValues:\n queryString: false\n headers:\n - Origin\n cookies:\n forward: none\n minTtl: 0\n defaultTtl: 86400\n maxTtl: 3.1536e+07\n compress: true\n viewerProtocolPolicy: redirect-to-https\n - pathPattern: /content/*\n allowedMethods:\n - GET\n - HEAD\n - OPTIONS\n cachedMethods:\n - GET\n - HEAD\n targetOriginId: ${s3OriginId}\n forwardedValues:\n queryString: false\n cookies:\n forward: none\n minTtl: 0\n defaultTtl: 3600\n maxTtl: 86400\n compress: true\n viewerProtocolPolicy: redirect-to-https\n priceClass: PriceClass_200\n restrictions:\n geoRestriction:\n restrictionType: whitelist\n locations:\n - US\n - CA\n - GB\n - DE\n tags:\n Environment: production\n viewerCertificate:\n cloudfrontDefaultCertificate: true\nvariables:\n s3OriginId: myS3Origin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Failover Routing\n\nThe example below creates a CloudFront distribution with an origin group for failover routing.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3Distribution = new aws.cloudfront.Distribution(\"s3_distribution\", {\n originGroups: [{\n originId: \"groupS3\",\n failoverCriteria: {\n statusCodes: [\n 403,\n 404,\n 500,\n 502,\n ],\n },\n members: [\n {\n originId: \"primaryS3\",\n },\n {\n originId: \"failoverS3\",\n },\n ],\n }],\n origins: [\n {\n domainName: primary.bucketRegionalDomainName,\n originId: \"primaryS3\",\n s3OriginConfig: {\n originAccessIdentity: _default.cloudfrontAccessIdentityPath,\n },\n },\n {\n domainName: failover.bucketRegionalDomainName,\n originId: \"failoverS3\",\n s3OriginConfig: {\n originAccessIdentity: _default.cloudfrontAccessIdentityPath,\n },\n },\n ],\n defaultCacheBehavior: {\n targetOriginId: \"groupS3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3_distribution = aws.cloudfront.Distribution(\"s3_distribution\",\n origin_groups=[{\n \"origin_id\": \"groupS3\",\n \"failover_criteria\": {\n \"status_codes\": [\n 403,\n 404,\n 500,\n 502,\n ],\n },\n \"members\": [\n {\n \"origin_id\": \"primaryS3\",\n },\n {\n \"origin_id\": \"failoverS3\",\n },\n ],\n }],\n origins=[\n {\n \"domain_name\": primary[\"bucketRegionalDomainName\"],\n \"origin_id\": \"primaryS3\",\n \"s3_origin_config\": {\n \"origin_access_identity\": default[\"cloudfrontAccessIdentityPath\"],\n },\n },\n {\n \"domain_name\": failover[\"bucketRegionalDomainName\"],\n \"origin_id\": \"failoverS3\",\n \"s3_origin_config\": {\n \"origin_access_identity\": default[\"cloudfrontAccessIdentityPath\"],\n },\n },\n ],\n default_cache_behavior={\n \"target_origin_id\": \"groupS3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3Distribution = new Aws.CloudFront.Distribution(\"s3_distribution\", new()\n {\n OriginGroups = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginGroupArgs\n {\n OriginId = \"groupS3\",\n FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs\n {\n StatusCodes = new[]\n {\n 403,\n 404,\n 500,\n 502,\n },\n },\n Members = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs\n {\n OriginId = \"primaryS3\",\n },\n new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs\n {\n OriginId = \"failoverS3\",\n },\n },\n },\n },\n Origins = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = primary.BucketRegionalDomainName,\n OriginId = \"primaryS3\",\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,\n },\n },\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = failover.BucketRegionalDomainName,\n OriginId = \"failoverS3\",\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,\n },\n },\n },\n DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n TargetOriginId = \"groupS3\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewDistribution(ctx, \"s3_distribution\", \u0026cloudfront.DistributionArgs{\n\t\t\tOriginGroups: cloudfront.DistributionOriginGroupArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginGroupArgs{\n\t\t\t\t\tOriginId: pulumi.String(\"groupS3\"),\n\t\t\t\t\tFailoverCriteria: \u0026cloudfront.DistributionOriginGroupFailoverCriteriaArgs{\n\t\t\t\t\t\tStatusCodes: pulumi.IntArray{\n\t\t\t\t\t\t\tpulumi.Int(403),\n\t\t\t\t\t\t\tpulumi.Int(404),\n\t\t\t\t\t\t\tpulumi.Int(500),\n\t\t\t\t\t\t\tpulumi.Int(502),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tMembers: cloudfront.DistributionOriginGroupMemberArray{\n\t\t\t\t\t\t\u0026cloudfront.DistributionOriginGroupMemberArgs{\n\t\t\t\t\t\t\tOriginId: pulumi.String(\"primaryS3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudfront.DistributionOriginGroupMemberArgs{\n\t\t\t\t\t\t\tOriginId: pulumi.String(\"failoverS3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: pulumi.Any(primary.BucketRegionalDomainName),\n\t\t\t\t\tOriginId: pulumi.String(\"primaryS3\"),\n\t\t\t\t\tS3OriginConfig: \u0026cloudfront.DistributionOriginS3OriginConfigArgs{\n\t\t\t\t\t\tOriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: pulumi.Any(failover.BucketRegionalDomainName),\n\t\t\t\t\tOriginId: pulumi.String(\"failoverS3\"),\n\t\t\t\t\tS3OriginConfig: \u0026cloudfront.DistributionOriginS3OriginConfigArgs{\n\t\t\t\t\t\tOriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026cloudfront.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tTargetOriginId: pulumi.String(\"groupS3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3Distribution = new Distribution(\"s3Distribution\", DistributionArgs.builder()\n .originGroups(DistributionOriginGroupArgs.builder()\n .originId(\"groupS3\")\n .failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()\n .statusCodes( \n 403,\n 404,\n 500,\n 502)\n .build())\n .members( \n DistributionOriginGroupMemberArgs.builder()\n .originId(\"primaryS3\")\n .build(),\n DistributionOriginGroupMemberArgs.builder()\n .originId(\"failoverS3\")\n .build())\n .build())\n .origins( \n DistributionOriginArgs.builder()\n .domainName(primary.bucketRegionalDomainName())\n .originId(\"primaryS3\")\n .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()\n .originAccessIdentity(default_.cloudfrontAccessIdentityPath())\n .build())\n .build(),\n DistributionOriginArgs.builder()\n .domainName(failover.bucketRegionalDomainName())\n .originId(\"failoverS3\")\n .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()\n .originAccessIdentity(default_.cloudfrontAccessIdentityPath())\n .build())\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .targetOriginId(\"groupS3\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3Distribution:\n type: aws:cloudfront:Distribution\n name: s3_distribution\n properties:\n originGroups:\n - originId: groupS3\n failoverCriteria:\n statusCodes:\n - 403\n - 404\n - 500\n - 502\n members:\n - originId: primaryS3\n - originId: failoverS3\n origins:\n - domainName: ${primary.bucketRegionalDomainName}\n originId: primaryS3\n s3OriginConfig:\n originAccessIdentity: ${default.cloudfrontAccessIdentityPath}\n - domainName: ${failover.bucketRegionalDomainName}\n originId: failoverS3\n s3OriginConfig:\n originAccessIdentity: ${default.cloudfrontAccessIdentityPath}\n defaultCacheBehavior:\n targetOriginId: groupS3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Managed Caching Policy\n\nThe example below creates a CloudFront distribution with an [AWS managed caching policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3OriginId = \"myS3Origin\";\nconst s3Distribution = new aws.cloudfront.Distribution(\"s3_distribution\", {\n origins: [{\n domainName: primary.bucketRegionalDomainName,\n originId: \"myS3Origin\",\n s3OriginConfig: {\n originAccessIdentity: _default.cloudfrontAccessIdentityPath,\n },\n }],\n enabled: true,\n isIpv6Enabled: true,\n comment: \"Some comment\",\n defaultRootObject: \"index.html\",\n defaultCacheBehavior: {\n cachePolicyId: \"4135ea2d-6df8-44a3-9df3-4b5a84be39ad\",\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n targetOriginId: s3OriginId,\n },\n restrictions: {\n geoRestriction: {\n restrictionType: \"whitelist\",\n locations: [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n },\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3_origin_id = \"myS3Origin\"\ns3_distribution = aws.cloudfront.Distribution(\"s3_distribution\",\n origins=[{\n \"domain_name\": primary[\"bucketRegionalDomainName\"],\n \"origin_id\": \"myS3Origin\",\n \"s3_origin_config\": {\n \"origin_access_identity\": default[\"cloudfrontAccessIdentityPath\"],\n },\n }],\n enabled=True,\n is_ipv6_enabled=True,\n comment=\"Some comment\",\n default_root_object=\"index.html\",\n default_cache_behavior={\n \"cache_policy_id\": \"4135ea2d-6df8-44a3-9df3-4b5a84be39ad\",\n \"allowed_methods\": [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n ],\n \"target_origin_id\": s3_origin_id,\n },\n restrictions={\n \"geo_restriction\": {\n \"restriction_type\": \"whitelist\",\n \"locations\": [\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n ],\n },\n },\n viewer_certificate={\n \"cloudfront_default_certificate\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3OriginId = \"myS3Origin\";\n\n var s3Distribution = new Aws.CloudFront.Distribution(\"s3_distribution\", new()\n {\n Origins = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = primary.BucketRegionalDomainName,\n OriginId = \"myS3Origin\",\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,\n },\n },\n },\n Enabled = true,\n IsIpv6Enabled = true,\n Comment = \"Some comment\",\n DefaultRootObject = \"index.html\",\n DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n CachePolicyId = \"4135ea2d-6df8-44a3-9df3-4b5a84be39ad\",\n AllowedMethods = new[]\n {\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n },\n TargetOriginId = s3OriginId,\n },\n Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs\n {\n GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs\n {\n RestrictionType = \"whitelist\",\n Locations = new[]\n {\n \"US\",\n \"CA\",\n \"GB\",\n \"DE\",\n },\n },\n },\n ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs\n {\n CloudfrontDefaultCertificate = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ts3OriginId := \"myS3Origin\"\n\t\t_, err := cloudfront.NewDistribution(ctx, \"s3_distribution\", \u0026cloudfront.DistributionArgs{\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: pulumi.Any(primary.BucketRegionalDomainName),\n\t\t\t\t\tOriginId: pulumi.String(\"myS3Origin\"),\n\t\t\t\t\tS3OriginConfig: \u0026cloudfront.DistributionOriginS3OriginConfigArgs{\n\t\t\t\t\t\tOriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tIsIpv6Enabled: pulumi.Bool(true),\n\t\t\tComment: pulumi.String(\"Some comment\"),\n\t\t\tDefaultRootObject: pulumi.String(\"index.html\"),\n\t\t\tDefaultCacheBehavior: \u0026cloudfront.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tCachePolicyId: pulumi.String(\"4135ea2d-6df8-44a3-9df3-4b5a84be39ad\"),\n\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\tpulumi.String(\"HEAD\"),\n\t\t\t\t\tpulumi.String(\"OPTIONS\"),\n\t\t\t\t},\n\t\t\t\tTargetOriginId: pulumi.String(s3OriginId),\n\t\t\t},\n\t\t\tRestrictions: \u0026cloudfront.DistributionRestrictionsArgs{\n\t\t\t\tGeoRestriction: \u0026cloudfront.DistributionRestrictionsGeoRestrictionArgs{\n\t\t\t\t\tRestrictionType: pulumi.String(\"whitelist\"),\n\t\t\t\t\tLocations: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\tpulumi.String(\"GB\"),\n\t\t\t\t\t\tpulumi.String(\"DE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tViewerCertificate: \u0026cloudfront.DistributionViewerCertificateArgs{\n\t\t\t\tCloudfrontDefaultCertificate: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var s3OriginId = \"myS3Origin\";\n\n var s3Distribution = new Distribution(\"s3Distribution\", DistributionArgs.builder()\n .origins(DistributionOriginArgs.builder()\n .domainName(primary.bucketRegionalDomainName())\n .originId(\"myS3Origin\")\n .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()\n .originAccessIdentity(default_.cloudfrontAccessIdentityPath())\n .build())\n .build())\n .enabled(true)\n .isIpv6Enabled(true)\n .comment(\"Some comment\")\n .defaultRootObject(\"index.html\")\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .cachePolicyId(\"4135ea2d-6df8-44a3-9df3-4b5a84be39ad\")\n .allowedMethods( \n \"GET\",\n \"HEAD\",\n \"OPTIONS\")\n .targetOriginId(s3OriginId)\n .build())\n .restrictions(DistributionRestrictionsArgs.builder()\n .geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()\n .restrictionType(\"whitelist\")\n .locations( \n \"US\",\n \"CA\",\n \"GB\",\n \"DE\")\n .build())\n .build())\n .viewerCertificate(DistributionViewerCertificateArgs.builder()\n .cloudfrontDefaultCertificate(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3Distribution:\n type: aws:cloudfront:Distribution\n name: s3_distribution\n properties:\n origins:\n - domainName: ${primary.bucketRegionalDomainName}\n originId: myS3Origin\n s3OriginConfig:\n originAccessIdentity: ${default.cloudfrontAccessIdentityPath}\n enabled: true\n isIpv6Enabled: true\n comment: Some comment\n defaultRootObject: index.html\n defaultCacheBehavior:\n cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad\n allowedMethods:\n - GET\n - HEAD\n - OPTIONS\n targetOriginId: ${s3OriginId}\n restrictions:\n geoRestriction:\n restrictionType: whitelist\n locations:\n - US\n - CA\n - GB\n - DE\n viewerCertificate:\n cloudfrontDefaultCertificate: true\nvariables:\n s3OriginId: myS3Origin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Distributions using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE\n```\n", "properties": { "aliases": { "type": "array", "items": { "type": "string" } }, "arn": { "type": "string", "description": "ARN for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID.\n" }, "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the distribution configuration.\n" }, "comment": { "type": "string" }, "continuousDeploymentPolicyId": { "type": "string" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" } }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior" }, "defaultRootObject": { "type": "string" }, "domainName": { "type": "string", "description": "Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`.\n" }, "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "etag": { "type": "string", "description": "Current version of the distribution's information. For example: `E2QWRUHAPOMQZL`.\n" }, "hostedZoneId": { "type": "string", "description": "CloudFront Route 53 zone ID that can be used to route an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an alias for the zone ID `Z2FDTNDATAQYW2`.\n" }, "httpVersion": { "type": "string" }, "inProgressValidationBatches": { "type": "integer", "description": "Number of invalidation batches currently in progress.\n" }, "isIpv6Enabled": { "type": "boolean" }, "lastModifiedTime": { "type": "string", "description": "Date and time the distribution was last modified.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" } }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" } }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" } }, "priceClass": { "type": "string" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions" }, "retainOnDelete": { "type": "boolean" }, "staging": { "type": "boolean" }, "status": { "type": "string", "description": "Current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trustedKeyGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedKeyGroup:DistributionTrustedKeyGroup" }, "description": "List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.\n" }, "trustedSigners": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedSigner:DistributionTrustedSigner" }, "description": "List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.\n" }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate" }, "waitForDeployment": { "type": "boolean" }, "webAclId": { "type": "string" } }, "required": [ "arn", "callerReference", "continuousDeploymentPolicyId", "defaultCacheBehavior", "domainName", "enabled", "etag", "hostedZoneId", "inProgressValidationBatches", "lastModifiedTime", "origins", "restrictions", "status", "tagsAll", "trustedKeyGroups", "trustedSigners", "viewerCertificate" ], "inputProperties": { "aliases": { "type": "array", "items": { "type": "string" } }, "comment": { "type": "string" }, "continuousDeploymentPolicyId": { "type": "string" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" } }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior" }, "defaultRootObject": { "type": "string" }, "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "httpVersion": { "type": "string" }, "isIpv6Enabled": { "type": "boolean" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" } }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" } }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" } }, "priceClass": { "type": "string" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions" }, "retainOnDelete": { "type": "boolean" }, "staging": { "type": "boolean", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate" }, "waitForDeployment": { "type": "boolean" }, "webAclId": { "type": "string" } }, "requiredInputs": [ "defaultCacheBehavior", "enabled", "origins", "restrictions", "viewerCertificate" ], "stateInputs": { "description": "Input properties used for looking up and filtering Distribution resources.\n", "properties": { "aliases": { "type": "array", "items": { "type": "string" } }, "arn": { "type": "string", "description": "ARN for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID.\n" }, "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the distribution configuration.\n" }, "comment": { "type": "string" }, "continuousDeploymentPolicyId": { "type": "string" }, "customErrorResponses": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionCustomErrorResponse:DistributionCustomErrorResponse" } }, "defaultCacheBehavior": { "$ref": "#/types/aws:cloudfront/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior" }, "defaultRootObject": { "type": "string" }, "domainName": { "type": "string", "description": "Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`.\n" }, "enabled": { "type": "boolean", "description": "`true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs\n" }, "etag": { "type": "string", "description": "Current version of the distribution's information. For example: `E2QWRUHAPOMQZL`.\n" }, "hostedZoneId": { "type": "string", "description": "CloudFront Route 53 zone ID that can be used to route an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an alias for the zone ID `Z2FDTNDATAQYW2`.\n" }, "httpVersion": { "type": "string" }, "inProgressValidationBatches": { "type": "integer", "description": "Number of invalidation batches currently in progress.\n" }, "isIpv6Enabled": { "type": "boolean" }, "lastModifiedTime": { "type": "string", "description": "Date and time the distribution was last modified.\n" }, "loggingConfig": { "$ref": "#/types/aws:cloudfront/DistributionLoggingConfig:DistributionLoggingConfig" }, "orderedCacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrderedCacheBehavior:DistributionOrderedCacheBehavior" } }, "originGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOriginGroup:DistributionOriginGroup" } }, "origins": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionOrigin:DistributionOrigin" } }, "priceClass": { "type": "string" }, "restrictions": { "$ref": "#/types/aws:cloudfront/DistributionRestrictions:DistributionRestrictions" }, "retainOnDelete": { "type": "boolean" }, "staging": { "type": "boolean", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trustedKeyGroups": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedKeyGroup:DistributionTrustedKeyGroup" }, "description": "List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.\n" }, "trustedSigners": { "type": "array", "items": { "$ref": "#/types/aws:cloudfront/DistributionTrustedSigner:DistributionTrustedSigner" }, "description": "List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.\n" }, "viewerCertificate": { "$ref": "#/types/aws:cloudfront/DistributionViewerCertificate:DistributionViewerCertificate" }, "waitForDeployment": { "type": "boolean" }, "webAclId": { "type": "string" } }, "type": "object" } }, "aws:cloudfront/fieldLevelEncryptionConfig:FieldLevelEncryptionConfig": { "description": "Provides a CloudFront Field-level Encryption Config resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudfront.FieldLevelEncryptionConfig(\"test\", {\n comment: \"test comment\",\n contentTypeProfileConfig: {\n forwardWhenContentTypeIsUnknown: true,\n contentTypeProfiles: {\n items: [{\n contentType: \"application/x-www-form-urlencoded\",\n format: \"URLEncoded\",\n }],\n },\n },\n queryArgProfileConfig: {\n forwardWhenQueryArgProfileIsUnknown: true,\n queryArgProfiles: {\n items: [{\n profileId: testAwsCloudfrontFieldLevelEncryptionProfile.id,\n queryArg: \"Arg1\",\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudfront.FieldLevelEncryptionConfig(\"test\",\n comment=\"test comment\",\n content_type_profile_config={\n \"forward_when_content_type_is_unknown\": True,\n \"content_type_profiles\": {\n \"items\": [{\n \"content_type\": \"application/x-www-form-urlencoded\",\n \"format\": \"URLEncoded\",\n }],\n },\n },\n query_arg_profile_config={\n \"forward_when_query_arg_profile_is_unknown\": True,\n \"query_arg_profiles\": {\n \"items\": [{\n \"profile_id\": test_aws_cloudfront_field_level_encryption_profile[\"id\"],\n \"query_arg\": \"Arg1\",\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudFront.FieldLevelEncryptionConfig(\"test\", new()\n {\n Comment = \"test comment\",\n ContentTypeProfileConfig = new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigContentTypeProfileConfigArgs\n {\n ForwardWhenContentTypeIsUnknown = true,\n ContentTypeProfiles = new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesArgs\n {\n Items = new[]\n {\n new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItemArgs\n {\n ContentType = \"application/x-www-form-urlencoded\",\n Format = \"URLEncoded\",\n },\n },\n },\n },\n QueryArgProfileConfig = new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigQueryArgProfileConfigArgs\n {\n ForwardWhenQueryArgProfileIsUnknown = true,\n QueryArgProfiles = new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesArgs\n {\n Items = new[]\n {\n new Aws.CloudFront.Inputs.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItemArgs\n {\n ProfileId = testAwsCloudfrontFieldLevelEncryptionProfile.Id,\n QueryArg = \"Arg1\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewFieldLevelEncryptionConfig(ctx, \"test\", \u0026cloudfront.FieldLevelEncryptionConfigArgs{\n\t\t\tComment: pulumi.String(\"test comment\"),\n\t\t\tContentTypeProfileConfig: \u0026cloudfront.FieldLevelEncryptionConfigContentTypeProfileConfigArgs{\n\t\t\t\tForwardWhenContentTypeIsUnknown: pulumi.Bool(true),\n\t\t\t\tContentTypeProfiles: \u0026cloudfront.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesArgs{\n\t\t\t\t\tItems: cloudfront.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItemArray{\n\t\t\t\t\t\t\u0026cloudfront.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItemArgs{\n\t\t\t\t\t\t\tContentType: pulumi.String(\"application/x-www-form-urlencoded\"),\n\t\t\t\t\t\t\tFormat: pulumi.String(\"URLEncoded\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tQueryArgProfileConfig: \u0026cloudfront.FieldLevelEncryptionConfigQueryArgProfileConfigArgs{\n\t\t\t\tForwardWhenQueryArgProfileIsUnknown: pulumi.Bool(true),\n\t\t\t\tQueryArgProfiles: \u0026cloudfront.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesArgs{\n\t\t\t\t\tItems: cloudfront.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItemArray{\n\t\t\t\t\t\t\u0026cloudfront.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItemArgs{\n\t\t\t\t\t\t\tProfileId: pulumi.Any(testAwsCloudfrontFieldLevelEncryptionProfile.Id),\n\t\t\t\t\t\t\tQueryArg: pulumi.String(\"Arg1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.FieldLevelEncryptionConfig;\nimport com.pulumi.aws.cloudfront.FieldLevelEncryptionConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionConfigContentTypeProfileConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesArgs;\nimport com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionConfigQueryArgProfileConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new FieldLevelEncryptionConfig(\"test\", FieldLevelEncryptionConfigArgs.builder()\n .comment(\"test comment\")\n .contentTypeProfileConfig(FieldLevelEncryptionConfigContentTypeProfileConfigArgs.builder()\n .forwardWhenContentTypeIsUnknown(true)\n .contentTypeProfiles(FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesArgs.builder()\n .items(FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItemArgs.builder()\n .contentType(\"application/x-www-form-urlencoded\")\n .format(\"URLEncoded\")\n .build())\n .build())\n .build())\n .queryArgProfileConfig(FieldLevelEncryptionConfigQueryArgProfileConfigArgs.builder()\n .forwardWhenQueryArgProfileIsUnknown(true)\n .queryArgProfiles(FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesArgs.builder()\n .items(FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItemArgs.builder()\n .profileId(testAwsCloudfrontFieldLevelEncryptionProfile.id())\n .queryArg(\"Arg1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudfront:FieldLevelEncryptionConfig\n properties:\n comment: test comment\n contentTypeProfileConfig:\n forwardWhenContentTypeIsUnknown: true\n contentTypeProfiles:\n items:\n - contentType: application/x-www-form-urlencoded\n format: URLEncoded\n queryArgProfileConfig:\n forwardWhenQueryArgProfileIsUnknown: true\n queryArgProfiles:\n items:\n - profileId: ${testAwsCloudfrontFieldLevelEncryptionProfile.id}\n queryArg: Arg1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudfront Field Level Encryption Config using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/fieldLevelEncryptionConfig:FieldLevelEncryptionConfig config E74FTE3AEXAMPLE\n```\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the Field Level Encryption Config.\n" }, "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Config.\n" }, "contentTypeProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfig:FieldLevelEncryptionConfigContentTypeProfileConfig", "description": "Content Type Profile Config specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.\n" }, "etag": { "type": "string", "description": "The current version of the Field Level Encryption Config. For example: `E2QWRUHAPOMQZL`.\n" }, "queryArgProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfig:FieldLevelEncryptionConfigQueryArgProfileConfig", "description": "Query Arg Profile Config that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.\n" } }, "required": [ "callerReference", "contentTypeProfileConfig", "etag", "queryArgProfileConfig" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Config.\n" }, "contentTypeProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfig:FieldLevelEncryptionConfigContentTypeProfileConfig", "description": "Content Type Profile Config specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.\n" }, "queryArgProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfig:FieldLevelEncryptionConfigQueryArgProfileConfig", "description": "Query Arg Profile Config that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.\n" } }, "requiredInputs": [ "contentTypeProfileConfig", "queryArgProfileConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering FieldLevelEncryptionConfig resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the Field Level Encryption Config.\n" }, "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Config.\n" }, "contentTypeProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigContentTypeProfileConfig:FieldLevelEncryptionConfigContentTypeProfileConfig", "description": "Content Type Profile Config specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.\n" }, "etag": { "type": "string", "description": "The current version of the Field Level Encryption Config. For example: `E2QWRUHAPOMQZL`.\n" }, "queryArgProfileConfig": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionConfigQueryArgProfileConfig:FieldLevelEncryptionConfigQueryArgProfileConfig", "description": "Query Arg Profile Config that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.\n" } }, "type": "object" } }, "aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile": { "description": "Provides a CloudFront Field-level Encryption Profile resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.cloudfront.PublicKey(\"example\", {\n comment: \"test public key\",\n encodedKey: std.file({\n input: \"public_key.pem\",\n }).then(invoke =\u003e invoke.result),\n name: \"test_key\",\n});\nconst test = new aws.cloudfront.FieldLevelEncryptionProfile(\"test\", {\n comment: \"test comment\",\n name: \"test profile\",\n encryptionEntities: {\n items: [{\n publicKeyId: example.id,\n providerId: \"test provider\",\n fieldPatterns: {\n items: [\"DateOfBirth\"],\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.cloudfront.PublicKey(\"example\",\n comment=\"test public key\",\n encoded_key=std.file(input=\"public_key.pem\").result,\n name=\"test_key\")\ntest = aws.cloudfront.FieldLevelEncryptionProfile(\"test\",\n comment=\"test comment\",\n name=\"test profile\",\n encryption_entities={\n \"items\": [{\n \"public_key_id\": example.id,\n \"provider_id\": \"test provider\",\n \"field_patterns\": {\n \"items\": [\"DateOfBirth\"],\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.PublicKey(\"example\", new()\n {\n Comment = \"test public key\",\n EncodedKey = Std.File.Invoke(new()\n {\n Input = \"public_key.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Name = \"test_key\",\n });\n\n var test = new Aws.CloudFront.FieldLevelEncryptionProfile(\"test\", new()\n {\n Comment = \"test comment\",\n Name = \"test profile\",\n EncryptionEntities = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs\n {\n Items = new[]\n {\n new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs\n {\n PublicKeyId = example.Id,\n ProviderId = \"test provider\",\n FieldPatterns = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs\n {\n Items = new[]\n {\n \"DateOfBirth\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"public_key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := cloudfront.NewPublicKey(ctx, \"example\", \u0026cloudfront.PublicKeyArgs{\n\t\t\tComment: pulumi.String(\"test public key\"),\n\t\t\tEncodedKey: pulumi.String(invokeFile.Result),\n\t\t\tName: pulumi.String(\"test_key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewFieldLevelEncryptionProfile(ctx, \"test\", \u0026cloudfront.FieldLevelEncryptionProfileArgs{\n\t\t\tComment: pulumi.String(\"test comment\"),\n\t\t\tName: pulumi.String(\"test profile\"),\n\t\t\tEncryptionEntities: \u0026cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesArgs{\n\t\t\t\tItems: cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArray{\n\t\t\t\t\t\u0026cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs{\n\t\t\t\t\t\tPublicKeyId: example.ID(),\n\t\t\t\t\t\tProviderId: pulumi.String(\"test provider\"),\n\t\t\t\t\t\tFieldPatterns: \u0026cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs{\n\t\t\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"DateOfBirth\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.PublicKey;\nimport com.pulumi.aws.cloudfront.PublicKeyArgs;\nimport com.pulumi.aws.cloudfront.FieldLevelEncryptionProfile;\nimport com.pulumi.aws.cloudfront.FieldLevelEncryptionProfileArgs;\nimport com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PublicKey(\"example\", PublicKeyArgs.builder()\n .comment(\"test public key\")\n .encodedKey(StdFunctions.file(FileArgs.builder()\n .input(\"public_key.pem\")\n .build()).result())\n .name(\"test_key\")\n .build());\n\n var test = new FieldLevelEncryptionProfile(\"test\", FieldLevelEncryptionProfileArgs.builder()\n .comment(\"test comment\")\n .name(\"test profile\")\n .encryptionEntities(FieldLevelEncryptionProfileEncryptionEntitiesArgs.builder()\n .items(FieldLevelEncryptionProfileEncryptionEntitiesItemArgs.builder()\n .publicKeyId(example.id())\n .providerId(\"test provider\")\n .fieldPatterns(FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs.builder()\n .items(\"DateOfBirth\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:PublicKey\n properties:\n comment: test public key\n encodedKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: public_key.pem\n Return: result\n name: test_key\n test:\n type: aws:cloudfront:FieldLevelEncryptionProfile\n properties:\n comment: test comment\n name: test profile\n encryptionEntities:\n items:\n - publicKeyId: ${example.id}\n providerId: test provider\n fieldPatterns:\n items:\n - DateOfBirth\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudfront Field Level Encryption Profile using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile profile K3D5EWEUDCCXON\n```\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.\n" }, "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Profile.\n" }, "encryptionEntities": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntities:FieldLevelEncryptionProfileEncryptionEntities", "description": "The encryption entities config block for field-level encryption profiles that contains an attribute `items` which includes the encryption key and field pattern specifications.\n" }, "etag": { "type": "string", "description": "The current version of the Field Level Encryption Profile. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name of the Field Level Encryption Profile.\n" } }, "required": [ "callerReference", "encryptionEntities", "etag", "name" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Profile.\n" }, "encryptionEntities": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntities:FieldLevelEncryptionProfileEncryptionEntities", "description": "The encryption entities config block for field-level encryption profiles that contains an attribute `items` which includes the encryption key and field pattern specifications.\n" }, "name": { "type": "string", "description": "The name of the Field Level Encryption Profile.\n" } }, "requiredInputs": [ "encryptionEntities" ], "stateInputs": { "description": "Input properties used for looking up and filtering FieldLevelEncryptionProfile resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.\n" }, "comment": { "type": "string", "description": "An optional comment about the Field Level Encryption Profile.\n" }, "encryptionEntities": { "$ref": "#/types/aws:cloudfront/FieldLevelEncryptionProfileEncryptionEntities:FieldLevelEncryptionProfileEncryptionEntities", "description": "The encryption entities config block for field-level encryption profiles that contains an attribute `items` which includes the encryption key and field pattern specifications.\n" }, "etag": { "type": "string", "description": "The current version of the Field Level Encryption Profile. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name of the Field Level Encryption Profile.\n" } }, "type": "object" } }, "aws:cloudfront/function:Function": { "description": "Provides a CloudFront Function resource. With CloudFront Functions in Amazon CloudFront, you can write lightweight functions in JavaScript for high-scale, latency-sensitive CDN customizations.\n\nSee [CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html)\n\n\u003e **NOTE:** You cannot delete a function if it’s associated with a cache behavior. First, update your distributions to remove the function association from all cache behaviors, then delete the function.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import CloudFront Functions using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/function:Function test my_test_function\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your CloudFront Function.\n" }, "code": { "type": "string", "description": "Source code of the function\n" }, "comment": { "type": "string", "description": "Comment.\n" }, "etag": { "type": "string", "description": "ETag hash of the function. This is the value for the `DEVELOPMENT` stage of the function.\n" }, "keyValueStoreAssociations": { "type": "array", "items": { "type": "string" }, "description": "List of `aws.cloudfront.KeyValueStore` ARNs to be associated to the function. AWS limits associations to on key value store per function.\n" }, "liveStageEtag": { "type": "string", "description": "ETag hash of any `LIVE` stage of the function.\n" }, "name": { "type": "string", "description": "Unique name for your CloudFront Function.\n" }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as Live CloudFront Function Version. Defaults to `true`.\n" }, "runtime": { "type": "string", "description": "Identifier of the function's runtime. Valid values are `cloudfront-js-1.0` and `cloudfront-js-2.0`.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the function. Can be `UNPUBLISHED`, `UNASSOCIATED` or `ASSOCIATED`.\n" } }, "required": [ "arn", "code", "etag", "liveStageEtag", "name", "runtime", "status" ], "inputProperties": { "code": { "type": "string", "description": "Source code of the function\n" }, "comment": { "type": "string", "description": "Comment.\n" }, "keyValueStoreAssociations": { "type": "array", "items": { "type": "string" }, "description": "List of `aws.cloudfront.KeyValueStore` ARNs to be associated to the function. AWS limits associations to on key value store per function.\n" }, "name": { "type": "string", "description": "Unique name for your CloudFront Function.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as Live CloudFront Function Version. Defaults to `true`.\n" }, "runtime": { "type": "string", "description": "Identifier of the function's runtime. Valid values are `cloudfront-js-1.0` and `cloudfront-js-2.0`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "code", "runtime" ], "stateInputs": { "description": "Input properties used for looking up and filtering Function resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your CloudFront Function.\n" }, "code": { "type": "string", "description": "Source code of the function\n" }, "comment": { "type": "string", "description": "Comment.\n" }, "etag": { "type": "string", "description": "ETag hash of the function. This is the value for the `DEVELOPMENT` stage of the function.\n" }, "keyValueStoreAssociations": { "type": "array", "items": { "type": "string" }, "description": "List of `aws.cloudfront.KeyValueStore` ARNs to be associated to the function. AWS limits associations to on key value store per function.\n" }, "liveStageEtag": { "type": "string", "description": "ETag hash of any `LIVE` stage of the function.\n" }, "name": { "type": "string", "description": "Unique name for your CloudFront Function.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as Live CloudFront Function Version. Defaults to `true`.\n" }, "runtime": { "type": "string", "description": "Identifier of the function's runtime. Valid values are `cloudfront-js-1.0` and `cloudfront-js-2.0`.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the function. Can be `UNPUBLISHED`, `UNASSOCIATED` or `ASSOCIATED`.\n" } }, "type": "object" } }, "aws:cloudfront/keyGroup:KeyGroup": { "description": "## Example Usage\n\nThe following example below creates a CloudFront key group.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.cloudfront.PublicKey(\"example\", {\n comment: \"example public key\",\n encodedKey: std.file({\n input: \"public_key.pem\",\n }).then(invoke =\u003e invoke.result),\n name: \"example-key\",\n});\nconst exampleKeyGroup = new aws.cloudfront.KeyGroup(\"example\", {\n comment: \"example key group\",\n items: [example.id],\n name: \"example-key-group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.cloudfront.PublicKey(\"example\",\n comment=\"example public key\",\n encoded_key=std.file(input=\"public_key.pem\").result,\n name=\"example-key\")\nexample_key_group = aws.cloudfront.KeyGroup(\"example\",\n comment=\"example key group\",\n items=[example.id],\n name=\"example-key-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.PublicKey(\"example\", new()\n {\n Comment = \"example public key\",\n EncodedKey = Std.File.Invoke(new()\n {\n Input = \"public_key.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Name = \"example-key\",\n });\n\n var exampleKeyGroup = new Aws.CloudFront.KeyGroup(\"example\", new()\n {\n Comment = \"example key group\",\n Items = new[]\n {\n example.Id,\n },\n Name = \"example-key-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"public_key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := cloudfront.NewPublicKey(ctx, \"example\", \u0026cloudfront.PublicKeyArgs{\n\t\t\tComment: pulumi.String(\"example public key\"),\n\t\t\tEncodedKey: pulumi.String(invokeFile.Result),\n\t\t\tName: pulumi.String(\"example-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewKeyGroup(ctx, \"example\", \u0026cloudfront.KeyGroupArgs{\n\t\t\tComment: pulumi.String(\"example key group\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\texample.ID(),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-key-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.PublicKey;\nimport com.pulumi.aws.cloudfront.PublicKeyArgs;\nimport com.pulumi.aws.cloudfront.KeyGroup;\nimport com.pulumi.aws.cloudfront.KeyGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PublicKey(\"example\", PublicKeyArgs.builder()\n .comment(\"example public key\")\n .encodedKey(StdFunctions.file(FileArgs.builder()\n .input(\"public_key.pem\")\n .build()).result())\n .name(\"example-key\")\n .build());\n\n var exampleKeyGroup = new KeyGroup(\"exampleKeyGroup\", KeyGroupArgs.builder()\n .comment(\"example key group\")\n .items(example.id())\n .name(\"example-key-group\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:PublicKey\n properties:\n comment: example public key\n encodedKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: public_key.pem\n Return: result\n name: example-key\n exampleKeyGroup:\n type: aws:cloudfront:KeyGroup\n name: example\n properties:\n comment: example key group\n items:\n - ${example.id}\n name: example-key-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Key Group using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/keyGroup:KeyGroup example 4b4f2r1c-315d-5c2e-f093-216t50jed10f\n```\n", "properties": { "comment": { "type": "string", "description": "A comment to describe the key group..\n" }, "etag": { "type": "string", "description": "The identifier for this version of the key group.\n" }, "items": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the public keys in the key group.\n" }, "name": { "type": "string", "description": "A name to identify the key group.\n" } }, "required": [ "etag", "items", "name" ], "inputProperties": { "comment": { "type": "string", "description": "A comment to describe the key group..\n" }, "items": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the public keys in the key group.\n" }, "name": { "type": "string", "description": "A name to identify the key group.\n" } }, "requiredInputs": [ "items" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyGroup resources.\n", "properties": { "comment": { "type": "string", "description": "A comment to describe the key group..\n" }, "etag": { "type": "string", "description": "The identifier for this version of the key group.\n" }, "items": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the public keys in the key group.\n" }, "name": { "type": "string", "description": "A name to identify the key group.\n" } }, "type": "object" } }, "aws:cloudfront/keyValueStore:KeyValueStore": { "description": "Resource for managing an AWS CloudFront Key Value Store.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.KeyValueStore(\"example\", {\n name: \"ExampleKeyValueStore\",\n comment: \"This is an example key value store\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.KeyValueStore(\"example\",\n name=\"ExampleKeyValueStore\",\n comment=\"This is an example key value store\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.KeyValueStore(\"example\", new()\n {\n Name = \"ExampleKeyValueStore\",\n Comment = \"This is an example key value store\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewKeyValueStore(ctx, \"example\", \u0026cloudfront.KeyValueStoreArgs{\n\t\t\tName: pulumi.String(\"ExampleKeyValueStore\"),\n\t\t\tComment: pulumi.String(\"This is an example key value store\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.KeyValueStore;\nimport com.pulumi.aws.cloudfront.KeyValueStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KeyValueStore(\"example\", KeyValueStoreArgs.builder()\n .name(\"ExampleKeyValueStore\")\n .comment(\"This is an example key value store\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:KeyValueStore\n properties:\n name: ExampleKeyValueStore\n comment: This is an example key value store\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Key Value Store using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/keyValueStore:KeyValueStore example example_store\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your CloudFront KeyValueStore.\n" }, "comment": { "type": "string", "description": "Comment.\n" }, "etag": { "type": "string", "description": "ETag hash of the KeyValueStore.\n" }, "lastModifiedTime": { "type": "string" }, "name": { "type": "string", "description": "Unique name for your CloudFront KeyValueStore.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:cloudfront/KeyValueStoreTimeouts:KeyValueStoreTimeouts" } }, "required": [ "arn", "etag", "lastModifiedTime", "name" ], "inputProperties": { "comment": { "type": "string", "description": "Comment.\n" }, "name": { "type": "string", "description": "Unique name for your CloudFront KeyValueStore.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:cloudfront/KeyValueStoreTimeouts:KeyValueStoreTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering KeyValueStore resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your CloudFront KeyValueStore.\n" }, "comment": { "type": "string", "description": "Comment.\n" }, "etag": { "type": "string", "description": "ETag hash of the KeyValueStore.\n" }, "lastModifiedTime": { "type": "string" }, "name": { "type": "string", "description": "Unique name for your CloudFront KeyValueStore.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:cloudfront/KeyValueStoreTimeouts:KeyValueStoreTimeouts" } }, "type": "object" } }, "aws:cloudfront/keyvaluestoreKey:KeyvaluestoreKey": { "description": "Resource for managing an AWS CloudFront KeyValueStore Key.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.KeyValueStore(\"example\", {\n name: \"ExampleKeyValueStore\",\n comment: \"This is an example key value store\",\n});\nconst exampleKeyvaluestoreKey = new aws.cloudfront.KeyvaluestoreKey(\"example\", {\n keyValueStoreArn: example.arn,\n key: \"Test Key\",\n value: \"Test Value\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.KeyValueStore(\"example\",\n name=\"ExampleKeyValueStore\",\n comment=\"This is an example key value store\")\nexample_keyvaluestore_key = aws.cloudfront.KeyvaluestoreKey(\"example\",\n key_value_store_arn=example.arn,\n key=\"Test Key\",\n value=\"Test Value\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.KeyValueStore(\"example\", new()\n {\n Name = \"ExampleKeyValueStore\",\n Comment = \"This is an example key value store\",\n });\n\n var exampleKeyvaluestoreKey = new Aws.CloudFront.KeyvaluestoreKey(\"example\", new()\n {\n KeyValueStoreArn = example.Arn,\n Key = \"Test Key\",\n Value = \"Test Value\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudfront.NewKeyValueStore(ctx, \"example\", \u0026cloudfront.KeyValueStoreArgs{\n\t\t\tName: pulumi.String(\"ExampleKeyValueStore\"),\n\t\t\tComment: pulumi.String(\"This is an example key value store\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewKeyvaluestoreKey(ctx, \"example\", \u0026cloudfront.KeyvaluestoreKeyArgs{\n\t\t\tKeyValueStoreArn: example.Arn,\n\t\t\tKey: pulumi.String(\"Test Key\"),\n\t\t\tValue: pulumi.String(\"Test Value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.KeyValueStore;\nimport com.pulumi.aws.cloudfront.KeyValueStoreArgs;\nimport com.pulumi.aws.cloudfront.KeyvaluestoreKey;\nimport com.pulumi.aws.cloudfront.KeyvaluestoreKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KeyValueStore(\"example\", KeyValueStoreArgs.builder()\n .name(\"ExampleKeyValueStore\")\n .comment(\"This is an example key value store\")\n .build());\n\n var exampleKeyvaluestoreKey = new KeyvaluestoreKey(\"exampleKeyvaluestoreKey\", KeyvaluestoreKeyArgs.builder()\n .keyValueStoreArn(example.arn())\n .key(\"Test Key\")\n .value(\"Test Value\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:KeyValueStore\n properties:\n name: ExampleKeyValueStore\n comment: This is an example key value store\n exampleKeyvaluestoreKey:\n type: aws:cloudfront:KeyvaluestoreKey\n name: example\n properties:\n keyValueStoreArn: ${example.arn}\n key: Test Key\n value: Test Value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront KeyValueStore Key using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/keyvaluestoreKey:KeyvaluestoreKey example arn:aws:cloudfront::111111111111:key-value-store/8562g61f-caba-2845-9d99-b97diwae5d3c,someKey\n```\n", "properties": { "key": { "type": "string", "description": "Key to put.\n" }, "keyValueStoreArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Value Store.\n" }, "totalSizeInBytes": { "type": "integer", "description": "Total size of the Key Value Store in bytes.\n" }, "value": { "type": "string", "description": "Value to put.\n" } }, "required": [ "key", "keyValueStoreArn", "totalSizeInBytes", "value" ], "inputProperties": { "key": { "type": "string", "description": "Key to put.\n" }, "keyValueStoreArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Value Store.\n" }, "value": { "type": "string", "description": "Value to put.\n" } }, "requiredInputs": [ "key", "keyValueStoreArn", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyvaluestoreKey resources.\n", "properties": { "key": { "type": "string", "description": "Key to put.\n" }, "keyValueStoreArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Value Store.\n" }, "totalSizeInBytes": { "type": "integer", "description": "Total size of the Key Value Store in bytes.\n" }, "value": { "type": "string", "description": "Value to put.\n" } }, "type": "object" } }, "aws:cloudfront/monitoringSubscription:MonitoringSubscription": { "description": "Provides a CloudFront real-time log configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.MonitoringSubscription(\"example\", {\n distributionId: exampleAwsCloudfrontDistribution.id,\n monitoringSubscription: {\n realtimeMetricsSubscriptionConfig: {\n realtimeMetricsSubscriptionStatus: \"Enabled\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.MonitoringSubscription(\"example\",\n distribution_id=example_aws_cloudfront_distribution[\"id\"],\n monitoring_subscription={\n \"realtime_metrics_subscription_config\": {\n \"realtime_metrics_subscription_status\": \"Enabled\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.MonitoringSubscription(\"example\", new()\n {\n DistributionId = exampleAwsCloudfrontDistribution.Id,\n MonitoringSubscriptionDetails = new Aws.CloudFront.Inputs.MonitoringSubscriptionMonitoringSubscriptionArgs\n {\n RealtimeMetricsSubscriptionConfig = new Aws.CloudFront.Inputs.MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfigArgs\n {\n RealtimeMetricsSubscriptionStatus = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewMonitoringSubscription(ctx, \"example\", \u0026cloudfront.MonitoringSubscriptionArgs{\n\t\t\tDistributionId: pulumi.Any(exampleAwsCloudfrontDistribution.Id),\n\t\t\tMonitoringSubscription: \u0026cloudfront.MonitoringSubscriptionMonitoringSubscriptionArgs{\n\t\t\t\tRealtimeMetricsSubscriptionConfig: \u0026cloudfront.MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfigArgs{\n\t\t\t\t\tRealtimeMetricsSubscriptionStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.MonitoringSubscription;\nimport com.pulumi.aws.cloudfront.MonitoringSubscriptionArgs;\nimport com.pulumi.aws.cloudfront.inputs.MonitoringSubscriptionMonitoringSubscriptionArgs;\nimport com.pulumi.aws.cloudfront.inputs.MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MonitoringSubscription(\"example\", MonitoringSubscriptionArgs.builder()\n .distributionId(exampleAwsCloudfrontDistribution.id())\n .monitoringSubscription(MonitoringSubscriptionMonitoringSubscriptionArgs.builder()\n .realtimeMetricsSubscriptionConfig(MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfigArgs.builder()\n .realtimeMetricsSubscriptionStatus(\"Enabled\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:MonitoringSubscription\n properties:\n distributionId: ${exampleAwsCloudfrontDistribution.id}\n monitoringSubscription:\n realtimeMetricsSubscriptionConfig:\n realtimeMetricsSubscriptionStatus: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront monitoring subscription using the id. For example:\n\n```sh\n$ pulumi import aws:cloudfront/monitoringSubscription:MonitoringSubscription example E3QYSUHO4VYRGB\n```\n", "properties": { "distributionId": { "type": "string", "description": "The ID of the distribution that you are enabling metrics for.\n" }, "monitoringSubscription": { "$ref": "#/types/aws:cloudfront/MonitoringSubscriptionMonitoringSubscription:MonitoringSubscriptionMonitoringSubscription", "description": "A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.\n", "language": { "csharp": { "name": "MonitoringSubscriptionDetails" } } } }, "required": [ "distributionId", "monitoringSubscription" ], "inputProperties": { "distributionId": { "type": "string", "description": "The ID of the distribution that you are enabling metrics for.\n", "willReplaceOnChanges": true }, "monitoringSubscription": { "$ref": "#/types/aws:cloudfront/MonitoringSubscriptionMonitoringSubscription:MonitoringSubscriptionMonitoringSubscription", "description": "A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.\n", "language": { "csharp": { "name": "MonitoringSubscriptionDetails" } } } }, "requiredInputs": [ "distributionId", "monitoringSubscription" ], "stateInputs": { "description": "Input properties used for looking up and filtering MonitoringSubscription resources.\n", "properties": { "distributionId": { "type": "string", "description": "The ID of the distribution that you are enabling metrics for.\n", "willReplaceOnChanges": true }, "monitoringSubscription": { "$ref": "#/types/aws:cloudfront/MonitoringSubscriptionMonitoringSubscription:MonitoringSubscriptionMonitoringSubscription", "description": "A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.\n", "language": { "csharp": { "name": "MonitoringSubscriptionDetails" } } } }, "type": "object" } }, "aws:cloudfront/originAccessControl:OriginAccessControl": { "description": "Manages an AWS CloudFront Origin Access Control, which is used by CloudFront Distributions with an Amazon S3 bucket as the origin.\n\nRead more about Origin Access Control in the [CloudFront Developer Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.OriginAccessControl(\"example\", {\n name: \"example\",\n description: \"Example Policy\",\n originAccessControlOriginType: \"s3\",\n signingBehavior: \"always\",\n signingProtocol: \"sigv4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.OriginAccessControl(\"example\",\n name=\"example\",\n description=\"Example Policy\",\n origin_access_control_origin_type=\"s3\",\n signing_behavior=\"always\",\n signing_protocol=\"sigv4\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.OriginAccessControl(\"example\", new()\n {\n Name = \"example\",\n Description = \"Example Policy\",\n OriginAccessControlOriginType = \"s3\",\n SigningBehavior = \"always\",\n SigningProtocol = \"sigv4\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewOriginAccessControl(ctx, \"example\", \u0026cloudfront.OriginAccessControlArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"Example Policy\"),\n\t\t\tOriginAccessControlOriginType: pulumi.String(\"s3\"),\n\t\t\tSigningBehavior: pulumi.String(\"always\"),\n\t\t\tSigningProtocol: pulumi.String(\"sigv4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.OriginAccessControl;\nimport com.pulumi.aws.cloudfront.OriginAccessControlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OriginAccessControl(\"example\", OriginAccessControlArgs.builder()\n .name(\"example\")\n .description(\"Example Policy\")\n .originAccessControlOriginType(\"s3\")\n .signingBehavior(\"always\")\n .signingProtocol(\"sigv4\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:OriginAccessControl\n properties:\n name: example\n description: Example Policy\n originAccessControlOriginType: s3\n signingBehavior: always\n signingProtocol: sigv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Origin Access Control using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/originAccessControl:OriginAccessControl example E327GJI25M56DG\n```\n", "properties": { "description": { "type": "string", "description": "The description of the Origin Access Control. Defaults to \"Managed by Pulumi\" if omitted.\n" }, "etag": { "type": "string", "description": "The current version of this Origin Access Control.\n" }, "name": { "type": "string", "description": "A name that identifies the Origin Access Control.\n" }, "originAccessControlOriginType": { "type": "string", "description": "The type of origin that this Origin Access Control is for. Valid values are `lambda`, `mediapackagev2`, `mediastore`, and `s3`.\n" }, "signingBehavior": { "type": "string", "description": "Specifies which requests CloudFront signs. Specify `always` for the most common use case. Allowed values: `always`, `never`, and `no-override`.\n" }, "signingProtocol": { "type": "string", "description": "Determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4`.\n" } }, "required": [ "etag", "name", "originAccessControlOriginType", "signingBehavior", "signingProtocol" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Origin Access Control. Defaults to \"Managed by Pulumi\" if omitted.\n" }, "name": { "type": "string", "description": "A name that identifies the Origin Access Control.\n" }, "originAccessControlOriginType": { "type": "string", "description": "The type of origin that this Origin Access Control is for. Valid values are `lambda`, `mediapackagev2`, `mediastore`, and `s3`.\n" }, "signingBehavior": { "type": "string", "description": "Specifies which requests CloudFront signs. Specify `always` for the most common use case. Allowed values: `always`, `never`, and `no-override`.\n" }, "signingProtocol": { "type": "string", "description": "Determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4`.\n" } }, "requiredInputs": [ "originAccessControlOriginType", "signingBehavior", "signingProtocol" ], "stateInputs": { "description": "Input properties used for looking up and filtering OriginAccessControl resources.\n", "properties": { "description": { "type": "string", "description": "The description of the Origin Access Control. Defaults to \"Managed by Pulumi\" if omitted.\n" }, "etag": { "type": "string", "description": "The current version of this Origin Access Control.\n" }, "name": { "type": "string", "description": "A name that identifies the Origin Access Control.\n" }, "originAccessControlOriginType": { "type": "string", "description": "The type of origin that this Origin Access Control is for. Valid values are `lambda`, `mediapackagev2`, `mediastore`, and `s3`.\n" }, "signingBehavior": { "type": "string", "description": "Specifies which requests CloudFront signs. Specify `always` for the most common use case. Allowed values: `always`, `never`, and `no-override`.\n" }, "signingProtocol": { "type": "string", "description": "Determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4`.\n" } }, "type": "object" } }, "aws:cloudfront/originAccessIdentity:OriginAccessIdentity": { "description": "Creates an Amazon CloudFront origin access identity.\n\nFor information about CloudFront distributions, see the\n[Amazon CloudFront Developer Guide](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html). For more information on generating\norigin access identities, see\n[Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content][2].\n\n## Example Usage\n\nThe following example below creates a CloudFront origin access identity.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.OriginAccessIdentity(\"example\", {comment: \"Some comment\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.OriginAccessIdentity(\"example\", comment=\"Some comment\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.OriginAccessIdentity(\"example\", new()\n {\n Comment = \"Some comment\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewOriginAccessIdentity(ctx, \"example\", \u0026cloudfront.OriginAccessIdentityArgs{\n\t\t\tComment: pulumi.String(\"Some comment\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.OriginAccessIdentity;\nimport com.pulumi.aws.cloudfront.OriginAccessIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OriginAccessIdentity(\"example\", OriginAccessIdentityArgs.builder()\n .comment(\"Some comment\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:OriginAccessIdentity\n properties:\n comment: Some comment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Using With CloudFront\n\nNormally, when referencing an origin access identity in CloudFront, you need to\nprefix the ID with the `origin-access-identity/cloudfront/` special path.\nThe `cloudfront_access_identity_path` allows this to be circumvented.\nThe below snippet demonstrates use with the `s3_origin_config` structure for the\n`aws.cloudfront.Distribution` resource:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.Distribution(\"example\", {origins: [{\n s3OriginConfig: {\n originAccessIdentity: exampleAwsCloudfrontOriginAccessIdentity.cloudfrontAccessIdentityPath,\n },\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.Distribution(\"example\", origins=[{\n \"s3_origin_config\": {\n \"origin_access_identity\": example_aws_cloudfront_origin_access_identity[\"cloudfrontAccessIdentityPath\"],\n },\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.Distribution(\"example\", new()\n {\n Origins = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs\n {\n OriginAccessIdentity = exampleAwsCloudfrontOriginAccessIdentity.CloudfrontAccessIdentityPath,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewDistribution(ctx, \"example\", \u0026cloudfront.DistributionArgs{\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tS3OriginConfig: \u0026cloudfront.DistributionOriginS3OriginConfigArgs{\n\t\t\t\t\t\tOriginAccessIdentity: pulumi.Any(exampleAwsCloudfrontOriginAccessIdentity.CloudfrontAccessIdentityPath),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Distribution(\"example\", DistributionArgs.builder()\n .origins(DistributionOriginArgs.builder()\n .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()\n .originAccessIdentity(exampleAwsCloudfrontOriginAccessIdentity.cloudfrontAccessIdentityPath())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:Distribution\n properties:\n origins:\n - s3OriginConfig:\n originAccessIdentity: ${exampleAwsCloudfrontOriginAccessIdentity.cloudfrontAccessIdentityPath}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Updating your bucket policy\n\nNote that the AWS API may translate the `s3_canonical_user_id` `CanonicalUser`\nprincipal into an `AWS` IAM ARN principal when supplied in an\n`aws.s3.BucketV2` bucket policy, causing spurious diffs. If\nyou see this behavior, use the `iam_arn` instead:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3Policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"s3:GetObject\"],\n resources: [`${exampleAwsS3Bucket.arn}/*`],\n principals: [{\n type: \"AWS\",\n identifiers: [exampleAwsCloudfrontOriginAccessIdentity.iamArn],\n }],\n }],\n});\nconst example = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleAwsS3Bucket.id,\n policy: s3Policy.then(s3Policy =\u003e s3Policy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"s3:GetObject\"],\n \"resources\": [f\"{example_aws_s3_bucket['arn']}/*\"],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [example_aws_cloudfront_origin_access_identity[\"iamArn\"]],\n }],\n}])\nexample = aws.s3.BucketPolicy(\"example\",\n bucket=example_aws_s3_bucket[\"id\"],\n policy=s3_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3Policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetObject\",\n },\n Resources = new[]\n {\n $\"{exampleAwsS3Bucket.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n exampleAwsCloudfrontOriginAccessIdentity.IamArn,\n },\n },\n },\n },\n },\n });\n\n var example = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleAwsS3Bucket.Id,\n Policy = s3Policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ns3Policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"s3:GetObject\",\n},\nResources: []string{\nfmt.Sprintf(\"%v/*\", exampleAwsS3Bucket.Arn),\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nexampleAwsCloudfrontOriginAccessIdentity.IamArn,\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\nBucket: pulumi.Any(exampleAwsS3Bucket.Id),\nPolicy: pulumi.String(s3Policy.Json),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var s3Policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:GetObject\")\n .resources(String.format(\"%s/*\", exampleAwsS3Bucket.arn()))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(exampleAwsCloudfrontOriginAccessIdentity.iamArn())\n .build())\n .build())\n .build());\n\n var example = new BucketPolicy(\"example\", BucketPolicyArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .policy(s3Policy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketPolicy\n properties:\n bucket: ${exampleAwsS3Bucket.id}\n policy: ${s3Policy.json}\nvariables:\n s3Policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:GetObject\n resources:\n - ${exampleAwsS3Bucket.arn}/*\n principals:\n - type: AWS\n identifiers:\n - ${exampleAwsCloudfrontOriginAccessIdentity.iamArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n[1]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html\n[2]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html\n\n## Import\n\nUsing `pulumi import`, import Cloudfront Origin Access Identities using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/originAccessIdentity:OriginAccessIdentity origin_access E74FTE3AEXAMPLE\n```\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the origin access identity.\n" }, "cloudfrontAccessIdentityPath": { "type": "string", "description": "A shortcut to the full path for the\norigin access identity to use in CloudFront, see below.\n" }, "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" }, "etag": { "type": "string", "description": "The current version of the origin access identity's information.\nFor example: `E2QWRUHAPOMQZL`.\n" }, "iamArn": { "type": "string", "description": "A pre-generated ARN for use in S3 bucket policies (see below).\nExample: `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity\nE2QWRUHAPOMQZL`.\n" }, "s3CanonicalUserId": { "type": "string", "description": "The Amazon S3 canonical user ID for the origin\naccess identity, which you use when giving the origin access identity read\npermission to an object in Amazon S3.\n" } }, "required": [ "callerReference", "cloudfrontAccessIdentityPath", "etag", "iamArn", "s3CanonicalUserId" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering OriginAccessIdentity resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future\nupdates to the origin access identity.\n" }, "cloudfrontAccessIdentityPath": { "type": "string", "description": "A shortcut to the full path for the\norigin access identity to use in CloudFront, see below.\n" }, "comment": { "type": "string", "description": "An optional comment for the origin access identity.\n" }, "etag": { "type": "string", "description": "The current version of the origin access identity's information.\nFor example: `E2QWRUHAPOMQZL`.\n" }, "iamArn": { "type": "string", "description": "A pre-generated ARN for use in S3 bucket policies (see below).\nExample: `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity\nE2QWRUHAPOMQZL`.\n" }, "s3CanonicalUserId": { "type": "string", "description": "The Amazon S3 canonical user ID for the origin\naccess identity, which you use when giving the origin access identity read\npermission to an object in Amazon S3.\n" } }, "type": "object" } }, "aws:cloudfront/originRequestPolicy:OriginRequestPolicy": { "description": "## Example Usage\n\nThe following example below creates a CloudFront origin request policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.OriginRequestPolicy(\"example\", {\n name: \"example-policy\",\n comment: \"example comment\",\n cookiesConfig: {\n cookieBehavior: \"whitelist\",\n cookies: {\n items: [\"example\"],\n },\n },\n headersConfig: {\n headerBehavior: \"whitelist\",\n headers: {\n items: [\"example\"],\n },\n },\n queryStringsConfig: {\n queryStringBehavior: \"whitelist\",\n queryStrings: {\n items: [\"example\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.OriginRequestPolicy(\"example\",\n name=\"example-policy\",\n comment=\"example comment\",\n cookies_config={\n \"cookie_behavior\": \"whitelist\",\n \"cookies\": {\n \"items\": [\"example\"],\n },\n },\n headers_config={\n \"header_behavior\": \"whitelist\",\n \"headers\": {\n \"items\": [\"example\"],\n },\n },\n query_strings_config={\n \"query_string_behavior\": \"whitelist\",\n \"query_strings\": {\n \"items\": [\"example\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.OriginRequestPolicy(\"example\", new()\n {\n Name = \"example-policy\",\n Comment = \"example comment\",\n CookiesConfig = new Aws.CloudFront.Inputs.OriginRequestPolicyCookiesConfigArgs\n {\n CookieBehavior = \"whitelist\",\n Cookies = new Aws.CloudFront.Inputs.OriginRequestPolicyCookiesConfigCookiesArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n HeadersConfig = new Aws.CloudFront.Inputs.OriginRequestPolicyHeadersConfigArgs\n {\n HeaderBehavior = \"whitelist\",\n Headers = new Aws.CloudFront.Inputs.OriginRequestPolicyHeadersConfigHeadersArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n QueryStringsConfig = new Aws.CloudFront.Inputs.OriginRequestPolicyQueryStringsConfigArgs\n {\n QueryStringBehavior = \"whitelist\",\n QueryStrings = new Aws.CloudFront.Inputs.OriginRequestPolicyQueryStringsConfigQueryStringsArgs\n {\n Items = new[]\n {\n \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewOriginRequestPolicy(ctx, \"example\", \u0026cloudfront.OriginRequestPolicyArgs{\n\t\t\tName: pulumi.String(\"example-policy\"),\n\t\t\tComment: pulumi.String(\"example comment\"),\n\t\t\tCookiesConfig: \u0026cloudfront.OriginRequestPolicyCookiesConfigArgs{\n\t\t\t\tCookieBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\tCookies: \u0026cloudfront.OriginRequestPolicyCookiesConfigCookiesArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tHeadersConfig: \u0026cloudfront.OriginRequestPolicyHeadersConfigArgs{\n\t\t\t\tHeaderBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\tHeaders: \u0026cloudfront.OriginRequestPolicyHeadersConfigHeadersArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tQueryStringsConfig: \u0026cloudfront.OriginRequestPolicyQueryStringsConfigArgs{\n\t\t\t\tQueryStringBehavior: pulumi.String(\"whitelist\"),\n\t\t\t\tQueryStrings: \u0026cloudfront.OriginRequestPolicyQueryStringsConfigQueryStringsArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.OriginRequestPolicy;\nimport com.pulumi.aws.cloudfront.OriginRequestPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyCookiesConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyCookiesConfigCookiesArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyHeadersConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyHeadersConfigHeadersArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyQueryStringsConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.OriginRequestPolicyQueryStringsConfigQueryStringsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OriginRequestPolicy(\"example\", OriginRequestPolicyArgs.builder()\n .name(\"example-policy\")\n .comment(\"example comment\")\n .cookiesConfig(OriginRequestPolicyCookiesConfigArgs.builder()\n .cookieBehavior(\"whitelist\")\n .cookies(OriginRequestPolicyCookiesConfigCookiesArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .headersConfig(OriginRequestPolicyHeadersConfigArgs.builder()\n .headerBehavior(\"whitelist\")\n .headers(OriginRequestPolicyHeadersConfigHeadersArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .queryStringsConfig(OriginRequestPolicyQueryStringsConfigArgs.builder()\n .queryStringBehavior(\"whitelist\")\n .queryStrings(OriginRequestPolicyQueryStringsConfigQueryStringsArgs.builder()\n .items(\"example\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:OriginRequestPolicy\n properties:\n name: example-policy\n comment: example comment\n cookiesConfig:\n cookieBehavior: whitelist\n cookies:\n items:\n - example\n headersConfig:\n headerBehavior: whitelist\n headers:\n items:\n - example\n queryStringsConfig:\n queryStringBehavior: whitelist\n queryStrings:\n items:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudfront Origin Request Policies using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/originRequestPolicy:OriginRequestPolicy policy ccca32ef-dce3-4df3-80df-1bd3000bc4d3\n```\n", "properties": { "comment": { "type": "string", "description": "Comment to describe the origin request policy.\n" }, "cookiesConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyCookiesConfig:OriginRequestPolicyCookiesConfig", "description": "Object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n" }, "etag": { "type": "string", "description": "The current version of the origin request policy.\n" }, "headersConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyHeadersConfig:OriginRequestPolicyHeadersConfig", "description": "Object that determines whether any HTTP headers (and if so, which headers) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n" }, "name": { "type": "string", "description": "Unique name to identify the origin request policy.\n" }, "queryStringsConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyQueryStringsConfig:OriginRequestPolicyQueryStringsConfig", "description": "Object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Query String Config for more information.\n" } }, "required": [ "cookiesConfig", "etag", "headersConfig", "name", "queryStringsConfig" ], "inputProperties": { "comment": { "type": "string", "description": "Comment to describe the origin request policy.\n" }, "cookiesConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyCookiesConfig:OriginRequestPolicyCookiesConfig", "description": "Object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n" }, "headersConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyHeadersConfig:OriginRequestPolicyHeadersConfig", "description": "Object that determines whether any HTTP headers (and if so, which headers) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n" }, "name": { "type": "string", "description": "Unique name to identify the origin request policy.\n" }, "queryStringsConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyQueryStringsConfig:OriginRequestPolicyQueryStringsConfig", "description": "Object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Query String Config for more information.\n" } }, "requiredInputs": [ "cookiesConfig", "headersConfig", "queryStringsConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering OriginRequestPolicy resources.\n", "properties": { "comment": { "type": "string", "description": "Comment to describe the origin request policy.\n" }, "cookiesConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyCookiesConfig:OriginRequestPolicyCookiesConfig", "description": "Object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n" }, "etag": { "type": "string", "description": "The current version of the origin request policy.\n" }, "headersConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyHeadersConfig:OriginRequestPolicyHeadersConfig", "description": "Object that determines whether any HTTP headers (and if so, which headers) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n" }, "name": { "type": "string", "description": "Unique name to identify the origin request policy.\n" }, "queryStringsConfig": { "$ref": "#/types/aws:cloudfront/OriginRequestPolicyQueryStringsConfig:OriginRequestPolicyQueryStringsConfig", "description": "Object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Query String Config for more information.\n" } }, "type": "object" } }, "aws:cloudfront/publicKey:PublicKey": { "description": "## Example Usage\n\nThe following example below creates a CloudFront public key.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.cloudfront.PublicKey(\"example\", {\n comment: \"test public key\",\n encodedKey: std.file({\n input: \"public_key.pem\",\n }).then(invoke =\u003e invoke.result),\n name: \"test_key\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.cloudfront.PublicKey(\"example\",\n comment=\"test public key\",\n encoded_key=std.file(input=\"public_key.pem\").result,\n name=\"test_key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.PublicKey(\"example\", new()\n {\n Comment = \"test public key\",\n EncodedKey = Std.File.Invoke(new()\n {\n Input = \"public_key.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Name = \"test_key\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"public_key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewPublicKey(ctx, \"example\", \u0026cloudfront.PublicKeyArgs{\n\t\t\tComment: pulumi.String(\"test public key\"),\n\t\t\tEncodedKey: pulumi.String(invokeFile.Result),\n\t\t\tName: pulumi.String(\"test_key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.PublicKey;\nimport com.pulumi.aws.cloudfront.PublicKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PublicKey(\"example\", PublicKeyArgs.builder()\n .comment(\"test public key\")\n .encodedKey(StdFunctions.file(FileArgs.builder()\n .input(\"public_key.pem\")\n .build()).result())\n .name(\"test_key\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:PublicKey\n properties:\n comment: test public key\n encodedKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: public_key.pem\n Return: result\n name: test_key\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront Public Key using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/publicKey:PublicKey example K3D5EWEUDCCXON\n```\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the public key configuration.\n" }, "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n" }, "etag": { "type": "string", "description": "The current version of the public key. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider. Note: Do not set if using the key's id in another resource (e.g. KeyGroup) since it will result in a dependency error from AWS. Instead, it is recommended to use Pulumi autonaming by leaving this property unset (default behavior) or set the `namePrefix` property to allow the provider to autoname the resource.\n" }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n\n**NOTE:** When setting `encoded_key` value, there needs a newline at the end of string. Otherwise, multiple runs of pulumi will want to recreate the `aws.cloudfront.PublicKey` resource.\n" } }, "required": [ "callerReference", "encodedKey", "etag", "name", "namePrefix" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider. Note: Do not set if using the key's id in another resource (e.g. KeyGroup) since it will result in a dependency error from AWS. Instead, it is recommended to use Pulumi autonaming by leaving this property unset (default behavior) or set the `namePrefix` property to allow the provider to autoname the resource.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n\n**NOTE:** When setting `encoded_key` value, there needs a newline at the end of string. Otherwise, multiple runs of pulumi will want to recreate the `aws.cloudfront.PublicKey` resource.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "encodedKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering PublicKey resources.\n", "properties": { "callerReference": { "type": "string", "description": "Internal value used by CloudFront to allow future updates to the public key configuration.\n" }, "comment": { "type": "string", "description": "An optional comment about the public key.\n" }, "encodedKey": { "type": "string", "description": "The encoded public key that you want to add to CloudFront to use with features like field-level encryption.\n", "willReplaceOnChanges": true }, "etag": { "type": "string", "description": "The current version of the public key. For example: `E2QWRUHAPOMQZL`.\n" }, "name": { "type": "string", "description": "The name for the public key. By default generated by this provider. Note: Do not set if using the key's id in another resource (e.g. KeyGroup) since it will result in a dependency error from AWS. Instead, it is recommended to use Pulumi autonaming by leaving this property unset (default behavior) or set the `namePrefix` property to allow the provider to autoname the resource.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name for the public key. Conflicts with `name`.\n\n**NOTE:** When setting `encoded_key` value, there needs a newline at the end of string. Otherwise, multiple runs of pulumi will want to recreate the `aws.cloudfront.PublicKey` resource.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudfront/realtimeLogConfig:RealtimeLogConfig": { "description": "Provides a CloudFront real-time log configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudfront.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n resources: [exampleAwsKinesisStream.arn],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n role: exampleRole.id,\n policy: example.then(example =\u003e example.json),\n});\nconst exampleRealtimeLogConfig = new aws.cloudfront.RealtimeLogConfig(\"example\", {\n name: \"example\",\n samplingRate: 75,\n fields: [\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint: {\n streamType: \"Kinesis\",\n kinesisStreamConfig: {\n roleArn: exampleRole.arn,\n streamArn: exampleAwsKinesisStream.arn,\n },\n },\n}, {\n dependsOn: [exampleRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"cloudfront.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n assume_role_policy=assume_role.json)\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n \"resources\": [example_aws_kinesis_stream[\"arn\"]],\n}])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n role=example_role.id,\n policy=example.json)\nexample_realtime_log_config = aws.cloudfront.RealtimeLogConfig(\"example\",\n name=\"example\",\n sampling_rate=75,\n fields=[\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint={\n \"stream_type\": \"Kinesis\",\n \"kinesis_stream_config\": {\n \"role_arn\": example_role.arn,\n \"stream_arn\": example_aws_kinesis_stream[\"arn\"],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudfront.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n },\n Resources = new[]\n {\n exampleAwsKinesisStream.Arn,\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRealtimeLogConfig = new Aws.CloudFront.RealtimeLogConfig(\"example\", new()\n {\n Name = \"example\",\n SamplingRate = 75,\n Fields = new[]\n {\n \"timestamp\",\n \"c-ip\",\n },\n Endpoint = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointArgs\n {\n StreamType = \"Kinesis\",\n KinesisStreamConfig = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs\n {\n RoleArn = exampleRole.Arn,\n StreamArn = exampleAwsKinesisStream.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleRolePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"cloudfront.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\nexample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"kinesis:DescribeStreamSummary\",\n\"kinesis:DescribeStream\",\n\"kinesis:PutRecord\",\n\"kinesis:PutRecords\",\n},\nResources: interface{}{\nexampleAwsKinesisStream.Arn,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRolePolicy, err := iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nRole: exampleRole.ID(),\nPolicy: pulumi.String(example.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = cloudfront.NewRealtimeLogConfig(ctx, \"example\", \u0026cloudfront.RealtimeLogConfigArgs{\nName: pulumi.String(\"example\"),\nSamplingRate: pulumi.Int(75),\nFields: pulumi.StringArray{\npulumi.String(\"timestamp\"),\npulumi.String(\"c-ip\"),\n},\nEndpoint: \u0026cloudfront.RealtimeLogConfigEndpointArgs{\nStreamType: pulumi.String(\"Kinesis\"),\nKinesisStreamConfig: \u0026cloudfront.RealtimeLogConfigEndpointKinesisStreamConfigArgs{\nRoleArn: exampleRole.Arn,\nStreamArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexampleRolePolicy,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfig;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudfront.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"cloudfront-realtime-log-config-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\")\n .resources(exampleAwsKinesisStream.arn())\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .name(\"cloudfront-realtime-log-config-example\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRealtimeLogConfig = new RealtimeLogConfig(\"exampleRealtimeLogConfig\", RealtimeLogConfigArgs.builder()\n .name(\"example\")\n .samplingRate(75)\n .fields( \n \"timestamp\",\n \"c-ip\")\n .endpoint(RealtimeLogConfigEndpointArgs.builder()\n .streamType(\"Kinesis\")\n .kinesisStreamConfig(RealtimeLogConfigEndpointKinesisStreamConfigArgs.builder()\n .roleArn(exampleRole.arn())\n .streamArn(exampleAwsKinesisStream.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n role: ${exampleRole.id}\n policy: ${example.json}\n exampleRealtimeLogConfig:\n type: aws:cloudfront:RealtimeLogConfig\n name: example\n properties:\n name: example\n samplingRate: 75\n fields:\n - timestamp\n - c-ip\n endpoint:\n streamType: Kinesis\n kinesisStreamConfig:\n roleArn: ${exampleRole.arn}\n streamArn: ${exampleAwsKinesisStream.arn}\n options:\n dependson:\n - ${exampleRolePolicy}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudfront.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - kinesis:DescribeStreamSummary\n - kinesis:DescribeStream\n - kinesis:PutRecord\n - kinesis:PutRecords\n resources:\n - ${exampleAwsKinesisStream.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront real-time log configurations using the ARN. For example:\n\n```sh\n$ pulumi import aws:cloudfront/realtimeLogConfig:RealtimeLogConfig example arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the CloudFront real-time log configuration.\n" }, "endpoint": { "$ref": "#/types/aws:cloudfront/RealtimeLogConfigEndpoint:RealtimeLogConfigEndpoint", "description": "The Amazon Kinesis data streams where real-time log data is sent.\n" }, "fields": { "type": "array", "items": { "type": "string" }, "description": "The fields that are included in each real-time log record. See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) for supported values.\n" }, "name": { "type": "string", "description": "The unique name to identify this real-time log configuration.\n" }, "samplingRate": { "type": "integer", "description": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. An integer between `1` and `100`, inclusive.\n" } }, "required": [ "arn", "endpoint", "fields", "name", "samplingRate" ], "inputProperties": { "endpoint": { "$ref": "#/types/aws:cloudfront/RealtimeLogConfigEndpoint:RealtimeLogConfigEndpoint", "description": "The Amazon Kinesis data streams where real-time log data is sent.\n" }, "fields": { "type": "array", "items": { "type": "string" }, "description": "The fields that are included in each real-time log record. See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) for supported values.\n" }, "name": { "type": "string", "description": "The unique name to identify this real-time log configuration.\n", "willReplaceOnChanges": true }, "samplingRate": { "type": "integer", "description": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. An integer between `1` and `100`, inclusive.\n" } }, "requiredInputs": [ "endpoint", "fields", "samplingRate" ], "stateInputs": { "description": "Input properties used for looking up and filtering RealtimeLogConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the CloudFront real-time log configuration.\n" }, "endpoint": { "$ref": "#/types/aws:cloudfront/RealtimeLogConfigEndpoint:RealtimeLogConfigEndpoint", "description": "The Amazon Kinesis data streams where real-time log data is sent.\n" }, "fields": { "type": "array", "items": { "type": "string" }, "description": "The fields that are included in each real-time log record. See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) for supported values.\n" }, "name": { "type": "string", "description": "The unique name to identify this real-time log configuration.\n", "willReplaceOnChanges": true }, "samplingRate": { "type": "integer", "description": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. An integer between `1` and `100`, inclusive.\n" } }, "type": "object" } }, "aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy": { "description": "Provides a CloudFront response headers policy resource.\nA response headers policy contains information about a set of HTTP response headers and their values.\nAfter you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution.\nWhen it’s attached to a cache behavior, CloudFront adds the headers in the policy to every response that it sends for requests that match the cache behavior.\n\n## Example Usage\n\nThe example below creates a CloudFront response headers policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.ResponseHeadersPolicy(\"example\", {\n name: \"example-policy\",\n comment: \"test comment\",\n corsConfig: {\n accessControlAllowCredentials: true,\n accessControlAllowHeaders: {\n items: [\"test\"],\n },\n accessControlAllowMethods: {\n items: [\"GET\"],\n },\n accessControlAllowOrigins: {\n items: [\"test.example.comtest\"],\n },\n originOverride: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.ResponseHeadersPolicy(\"example\",\n name=\"example-policy\",\n comment=\"test comment\",\n cors_config={\n \"access_control_allow_credentials\": True,\n \"access_control_allow_headers\": {\n \"items\": [\"test\"],\n },\n \"access_control_allow_methods\": {\n \"items\": [\"GET\"],\n },\n \"access_control_allow_origins\": {\n \"items\": [\"test.example.comtest\"],\n },\n \"origin_override\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.ResponseHeadersPolicy(\"example\", new()\n {\n Name = \"example-policy\",\n Comment = \"test comment\",\n CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs\n {\n AccessControlAllowCredentials = true,\n AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs\n {\n Items = new[]\n {\n \"test\",\n },\n },\n AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs\n {\n Items = new[]\n {\n \"GET\",\n },\n },\n AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs\n {\n Items = new[]\n {\n \"test.example.comtest\",\n },\n },\n OriginOverride = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewResponseHeadersPolicy(ctx, \"example\", \u0026cloudfront.ResponseHeadersPolicyArgs{\n\t\t\tName: pulumi.String(\"example-policy\"),\n\t\t\tComment: pulumi.String(\"test comment\"),\n\t\t\tCorsConfig: \u0026cloudfront.ResponseHeadersPolicyCorsConfigArgs{\n\t\t\t\tAccessControlAllowCredentials: pulumi.Bool(true),\n\t\t\t\tAccessControlAllowHeaders: \u0026cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAccessControlAllowMethods: \u0026cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAccessControlAllowOrigins: \u0026cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{\n\t\t\t\t\tItems: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test.example.comtest\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tOriginOverride: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicy;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponseHeadersPolicy(\"example\", ResponseHeadersPolicyArgs.builder()\n .name(\"example-policy\")\n .comment(\"test comment\")\n .corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()\n .accessControlAllowCredentials(true)\n .accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()\n .items(\"test\")\n .build())\n .accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()\n .items(\"GET\")\n .build())\n .accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()\n .items(\"test.example.comtest\")\n .build())\n .originOverride(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:ResponseHeadersPolicy\n properties:\n name: example-policy\n comment: test comment\n corsConfig:\n accessControlAllowCredentials: true\n accessControlAllowHeaders:\n items:\n - test\n accessControlAllowMethods:\n items:\n - GET\n accessControlAllowOrigins:\n items:\n - test.example.comtest\n originOverride: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe example below creates a CloudFront response headers policy with a custom headers config.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.ResponseHeadersPolicy(\"example\", {\n name: \"example-headers-policy\",\n customHeadersConfig: {\n items: [\n {\n header: \"X-Permitted-Cross-Domain-Policies\",\n override: true,\n value: \"none\",\n },\n {\n header: \"X-Test\",\n override: true,\n value: \"none\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.ResponseHeadersPolicy(\"example\",\n name=\"example-headers-policy\",\n custom_headers_config={\n \"items\": [\n {\n \"header\": \"X-Permitted-Cross-Domain-Policies\",\n \"override\": True,\n \"value\": \"none\",\n },\n {\n \"header\": \"X-Test\",\n \"override\": True,\n \"value\": \"none\",\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.ResponseHeadersPolicy(\"example\", new()\n {\n Name = \"example-headers-policy\",\n CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs\n {\n Items = new[]\n {\n new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs\n {\n Header = \"X-Permitted-Cross-Domain-Policies\",\n Override = true,\n Value = \"none\",\n },\n new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs\n {\n Header = \"X-Test\",\n Override = true,\n Value = \"none\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewResponseHeadersPolicy(ctx, \"example\", \u0026cloudfront.ResponseHeadersPolicyArgs{\n\t\t\tName: pulumi.String(\"example-headers-policy\"),\n\t\t\tCustomHeadersConfig: \u0026cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{\n\t\t\t\tItems: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{\n\t\t\t\t\t\u0026cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{\n\t\t\t\t\t\tHeader: pulumi.String(\"X-Permitted-Cross-Domain-Policies\"),\n\t\t\t\t\t\tOverride: pulumi.Bool(true),\n\t\t\t\t\t\tValue: pulumi.String(\"none\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{\n\t\t\t\t\t\tHeader: pulumi.String(\"X-Test\"),\n\t\t\t\t\t\tOverride: pulumi.Bool(true),\n\t\t\t\t\t\tValue: pulumi.String(\"none\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicy;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponseHeadersPolicy(\"example\", ResponseHeadersPolicyArgs.builder()\n .name(\"example-headers-policy\")\n .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()\n .items( \n ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()\n .header(\"X-Permitted-Cross-Domain-Policies\")\n .override(true)\n .value(\"none\")\n .build(),\n ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()\n .header(\"X-Test\")\n .override(true)\n .value(\"none\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:ResponseHeadersPolicy\n properties:\n name: example-headers-policy\n customHeadersConfig:\n items:\n - header: X-Permitted-Cross-Domain-Policies\n override: true\n value: none\n - header: X-Test\n override: true\n value: none\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe example below creates a CloudFront response headers policy with a custom headers config and server timing headers config.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudfront.ResponseHeadersPolicy(\"example\", {\n name: \"example-headers-policy\",\n customHeadersConfig: {\n items: [{\n header: \"X-Permitted-Cross-Domain-Policies\",\n override: true,\n value: \"none\",\n }],\n },\n serverTimingHeadersConfig: {\n enabled: true,\n samplingRate: 50,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.ResponseHeadersPolicy(\"example\",\n name=\"example-headers-policy\",\n custom_headers_config={\n \"items\": [{\n \"header\": \"X-Permitted-Cross-Domain-Policies\",\n \"override\": True,\n \"value\": \"none\",\n }],\n },\n server_timing_headers_config={\n \"enabled\": True,\n \"sampling_rate\": 50,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudFront.ResponseHeadersPolicy(\"example\", new()\n {\n Name = \"example-headers-policy\",\n CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs\n {\n Items = new[]\n {\n new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs\n {\n Header = \"X-Permitted-Cross-Domain-Policies\",\n Override = true,\n Value = \"none\",\n },\n },\n },\n ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs\n {\n Enabled = true,\n SamplingRate = 50,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.NewResponseHeadersPolicy(ctx, \"example\", \u0026cloudfront.ResponseHeadersPolicyArgs{\n\t\t\tName: pulumi.String(\"example-headers-policy\"),\n\t\t\tCustomHeadersConfig: \u0026cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{\n\t\t\t\tItems: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{\n\t\t\t\t\t\u0026cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{\n\t\t\t\t\t\tHeader: pulumi.String(\"X-Permitted-Cross-Domain-Policies\"),\n\t\t\t\t\t\tOverride: pulumi.Bool(true),\n\t\t\t\t\t\tValue: pulumi.String(\"none\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServerTimingHeadersConfig: \u0026cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tSamplingRate: pulumi.Float64(50),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicy;\nimport com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponseHeadersPolicy(\"example\", ResponseHeadersPolicyArgs.builder()\n .name(\"example-headers-policy\")\n .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()\n .items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()\n .header(\"X-Permitted-Cross-Domain-Policies\")\n .override(true)\n .value(\"none\")\n .build())\n .build())\n .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()\n .enabled(true)\n .samplingRate(50)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudfront:ResponseHeadersPolicy\n properties:\n name: example-headers-policy\n customHeadersConfig:\n items:\n - header: X-Permitted-Cross-Domain-Policies\n override: true\n value: none\n serverTimingHeadersConfig:\n enabled: true\n samplingRate: 50\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudfront Response Headers Policies using the `id`. For example:\n\n```sh\n$ pulumi import aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f9\n```\n", "properties": { "comment": { "type": "string", "description": "A comment to describe the response headers policy. The comment cannot be longer than 128 characters.\n" }, "corsConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfig:ResponseHeadersPolicyCorsConfig", "description": "A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.\n" }, "customHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfig:ResponseHeadersPolicyCustomHeadersConfig", "description": "Object that contains an attribute `items` that contains a list of custom headers. See Custom Header for more information.\n" }, "etag": { "type": "string", "description": "The current version of the response headers policy.\n" }, "name": { "type": "string", "description": "A unique name to identify the response headers policy.\n" }, "removeHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfig:ResponseHeadersPolicyRemoveHeadersConfig", "description": "A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute `items` that contains a list of headers. See Remove Header for more information.\n" }, "securityHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfig:ResponseHeadersPolicySecurityHeadersConfig", "description": "A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.\n" }, "serverTimingHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyServerTimingHeadersConfig:ResponseHeadersPolicyServerTimingHeadersConfig", "description": "A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.\n" } }, "required": [ "etag", "name" ], "inputProperties": { "comment": { "type": "string", "description": "A comment to describe the response headers policy. The comment cannot be longer than 128 characters.\n" }, "corsConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfig:ResponseHeadersPolicyCorsConfig", "description": "A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.\n" }, "customHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfig:ResponseHeadersPolicyCustomHeadersConfig", "description": "Object that contains an attribute `items` that contains a list of custom headers. See Custom Header for more information.\n" }, "etag": { "type": "string", "description": "The current version of the response headers policy.\n" }, "name": { "type": "string", "description": "A unique name to identify the response headers policy.\n" }, "removeHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfig:ResponseHeadersPolicyRemoveHeadersConfig", "description": "A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute `items` that contains a list of headers. See Remove Header for more information.\n" }, "securityHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfig:ResponseHeadersPolicySecurityHeadersConfig", "description": "A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.\n" }, "serverTimingHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyServerTimingHeadersConfig:ResponseHeadersPolicyServerTimingHeadersConfig", "description": "A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResponseHeadersPolicy resources.\n", "properties": { "comment": { "type": "string", "description": "A comment to describe the response headers policy. The comment cannot be longer than 128 characters.\n" }, "corsConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCorsConfig:ResponseHeadersPolicyCorsConfig", "description": "A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.\n" }, "customHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyCustomHeadersConfig:ResponseHeadersPolicyCustomHeadersConfig", "description": "Object that contains an attribute `items` that contains a list of custom headers. See Custom Header for more information.\n" }, "etag": { "type": "string", "description": "The current version of the response headers policy.\n" }, "name": { "type": "string", "description": "A unique name to identify the response headers policy.\n" }, "removeHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyRemoveHeadersConfig:ResponseHeadersPolicyRemoveHeadersConfig", "description": "A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute `items` that contains a list of headers. See Remove Header for more information.\n" }, "securityHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicySecurityHeadersConfig:ResponseHeadersPolicySecurityHeadersConfig", "description": "A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.\n" }, "serverTimingHeadersConfig": { "$ref": "#/types/aws:cloudfront/ResponseHeadersPolicyServerTimingHeadersConfig:ResponseHeadersPolicyServerTimingHeadersConfig", "description": "A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.\n" } }, "type": "object" } }, "aws:cloudhsmv2/cluster:Cluster": { "description": "Creates an Amazon CloudHSM v2 cluster.\n\nFor information about CloudHSM v2, see the\n[AWS CloudHSM User Guide](https://docs.aws.amazon.com/cloudhsm/latest/userguide/introduction.html) and the [Amazon\nCloudHSM API Reference][2].\n\n\u003e **NOTE:** A CloudHSM Cluster can take several minutes to set up.\nPractically no single attribute can be updated, except for `tags`.\nIf you need to delete a cluster, you have to remove its HSM modules first.\nTo initialize cluster, you have to add an HSM instance to the cluster, then sign CSR and upload it.\n\n## Import\n\nUsing `pulumi import`, import CloudHSM v2 Clusters using the cluster `id`. For example:\n\n```sh\n$ pulumi import aws:cloudhsmv2/cluster:Cluster test_cluster cluster-aeb282a201\n```\n", "properties": { "clusterCertificates": { "type": "array", "items": { "$ref": "#/types/aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate" }, "description": "The list of cluster certificates.\n" }, "clusterId": { "type": "string", "description": "The id of the CloudHSM cluster.\n" }, "clusterState": { "type": "string", "description": "The state of the CloudHSM cluster.\n", "language": { "csharp": { "name": "State" } } }, "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only `hsm1.medium` is supported.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group associated with the CloudHSM cluster.\n" }, "sourceBackupIdentifier": { "type": "string", "description": "ID of Cloud HSM v2 cluster backup to be restored.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The id of the VPC that the CloudHSM cluster resides in.\n" } }, "required": [ "clusterCertificates", "clusterId", "clusterState", "hsmType", "securityGroupId", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only `hsm1.medium` is supported.\n", "willReplaceOnChanges": true }, "sourceBackupIdentifier": { "type": "string", "description": "ID of Cloud HSM v2 cluster backup to be restored.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "hsmType", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "clusterCertificates": { "type": "array", "items": { "$ref": "#/types/aws:cloudhsmv2/ClusterClusterCertificate:ClusterClusterCertificate" }, "description": "The list of cluster certificates.\n" }, "clusterId": { "type": "string", "description": "The id of the CloudHSM cluster.\n" }, "clusterState": { "type": "string", "description": "The state of the CloudHSM cluster.\n", "language": { "csharp": { "name": "State" } } }, "hsmType": { "type": "string", "description": "The type of HSM module in the cluster. Currently, only `hsm1.medium` is supported.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group associated with the CloudHSM cluster.\n" }, "sourceBackupIdentifier": { "type": "string", "description": "ID of Cloud HSM v2 cluster backup to be restored.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of subnets in which cluster will operate.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The id of the VPC that the CloudHSM cluster resides in.\n" } }, "type": "object" } }, "aws:cloudhsmv2/hsm:Hsm": { "description": "Creates an HSM module in Amazon CloudHSM v2 cluster.\n\n## Example Usage\n\nThe following example below creates an HSM module in CloudHSM cluster.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = aws.cloudhsmv2.getCluster({\n clusterId: cloudhsmClusterId,\n});\nconst cloudhsmV2Hsm = new aws.cloudhsmv2.Hsm(\"cloudhsm_v2_hsm\", {\n subnetId: cluster.then(cluster =\u003e cluster.subnetIds?.[0]),\n clusterId: cluster.then(cluster =\u003e cluster.clusterId),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.cloudhsmv2.get_cluster(cluster_id=cloudhsm_cluster_id)\ncloudhsm_v2_hsm = aws.cloudhsmv2.Hsm(\"cloudhsm_v2_hsm\",\n subnet_id=cluster.subnet_ids[0],\n cluster_id=cluster.cluster_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = Aws.CloudHsmV2.GetCluster.Invoke(new()\n {\n ClusterId = cloudhsmClusterId,\n });\n\n var cloudhsmV2Hsm = new Aws.CloudHsmV2.Hsm(\"cloudhsm_v2_hsm\", new()\n {\n SubnetId = cluster.Apply(getClusterResult =\u003e getClusterResult.SubnetIds[0]),\n ClusterId = cluster.Apply(getClusterResult =\u003e getClusterResult.ClusterId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudhsmv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcluster, err := cloudhsmv2.LookupCluster(ctx, \u0026cloudhsmv2.LookupClusterArgs{\n\t\t\tClusterId: cloudhsmClusterId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudhsmv2.NewHsm(ctx, \"cloudhsm_v2_hsm\", \u0026cloudhsmv2.HsmArgs{\n\t\t\tSubnetId: pulumi.String(cluster.SubnetIds[0]),\n\t\t\tClusterId: pulumi.String(cluster.ClusterId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudhsmv2.Cloudhsmv2Functions;\nimport com.pulumi.aws.cloudhsmv2.inputs.GetClusterArgs;\nimport com.pulumi.aws.cloudhsmv2.Hsm;\nimport com.pulumi.aws.cloudhsmv2.HsmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var cluster = Cloudhsmv2Functions.getCluster(GetClusterArgs.builder()\n .clusterId(cloudhsmClusterId)\n .build());\n\n var cloudhsmV2Hsm = new Hsm(\"cloudhsmV2Hsm\", HsmArgs.builder()\n .subnetId(cluster.applyValue(getClusterResult -\u003e getClusterResult.subnetIds()[0]))\n .clusterId(cluster.applyValue(getClusterResult -\u003e getClusterResult.clusterId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cloudhsmV2Hsm:\n type: aws:cloudhsmv2:Hsm\n name: cloudhsm_v2_hsm\n properties:\n subnetId: ${cluster.subnetIds[0]}\n clusterId: ${cluster.clusterId}\nvariables:\n cluster:\n fn::invoke:\n Function: aws:cloudhsmv2:getCluster\n Arguments:\n clusterId: ${cloudhsmClusterId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import HSM modules using their HSM ID. For example:\n\n```sh\n$ pulumi import aws:cloudhsmv2/hsm:Hsm bar hsm-quo8dahtaca\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Conflicts with `subnet_id`.\n" }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n" }, "hsmEniId": { "type": "string", "description": "The id of the ENI interface allocated for HSM module.\n" }, "hsmId": { "type": "string", "description": "The id of the HSM module.\n" }, "hsmState": { "type": "string", "description": "The state of the HSM module.\n", "language": { "csharp": { "name": "State" } } }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n" }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located. Conflicts with `availability_zone`.\n" } }, "required": [ "availabilityZone", "clusterId", "hsmEniId", "hsmId", "hsmState", "ipAddress", "subnetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Conflicts with `subnet_id`.\n", "willReplaceOnChanges": true }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located. Conflicts with `availability_zone`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clusterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Hsm resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The IDs of AZ in which HSM module will be located. Conflicts with `subnet_id`.\n", "willReplaceOnChanges": true }, "clusterId": { "type": "string", "description": "The ID of Cloud HSM v2 cluster to which HSM will be added.\n", "willReplaceOnChanges": true }, "hsmEniId": { "type": "string", "description": "The id of the ENI interface allocated for HSM module.\n" }, "hsmId": { "type": "string", "description": "The id of the HSM module.\n" }, "hsmState": { "type": "string", "description": "The state of the HSM module.\n", "language": { "csharp": { "name": "State" } } }, "ipAddress": { "type": "string", "description": "The IP address of HSM module. Must be within the CIDR of selected subnet.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of subnet in which HSM module will be located. Conflicts with `availability_zone`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudsearch/domain:Domain": { "description": "Provides an CloudSearch domain resource.\n\nThe provider waits for the domain to become `Active` when applying a configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudsearch.Domain(\"example\", {\n name: \"example-domain\",\n scalingParameters: {\n desiredInstanceType: \"search.medium\",\n },\n indexFields: [\n {\n name: \"headline\",\n type: \"text\",\n search: true,\n \"return\": true,\n sort: true,\n highlight: false,\n analysisScheme: \"_en_default_\",\n },\n {\n name: \"price\",\n type: \"double\",\n search: true,\n facet: true,\n \"return\": true,\n sort: true,\n sourceFields: \"headline\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudsearch.Domain(\"example\",\n name=\"example-domain\",\n scaling_parameters={\n \"desired_instance_type\": \"search.medium\",\n },\n index_fields=[\n {\n \"name\": \"headline\",\n \"type\": \"text\",\n \"search\": True,\n \"return_\": True,\n \"sort\": True,\n \"highlight\": False,\n \"analysis_scheme\": \"_en_default_\",\n },\n {\n \"name\": \"price\",\n \"type\": \"double\",\n \"search\": True,\n \"facet\": True,\n \"return_\": True,\n \"sort\": True,\n \"source_fields\": \"headline\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudSearch.Domain(\"example\", new()\n {\n Name = \"example-domain\",\n ScalingParameters = new Aws.CloudSearch.Inputs.DomainScalingParametersArgs\n {\n DesiredInstanceType = \"search.medium\",\n },\n IndexFields = new[]\n {\n new Aws.CloudSearch.Inputs.DomainIndexFieldArgs\n {\n Name = \"headline\",\n Type = \"text\",\n Search = true,\n Return = true,\n Sort = true,\n Highlight = false,\n AnalysisScheme = \"_en_default_\",\n },\n new Aws.CloudSearch.Inputs.DomainIndexFieldArgs\n {\n Name = \"price\",\n Type = \"double\",\n Search = true,\n Facet = true,\n Return = true,\n Sort = true,\n SourceFields = \"headline\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudsearch.NewDomain(ctx, \"example\", \u0026cloudsearch.DomainArgs{\n\t\t\tName: pulumi.String(\"example-domain\"),\n\t\t\tScalingParameters: \u0026cloudsearch.DomainScalingParametersArgs{\n\t\t\t\tDesiredInstanceType: pulumi.String(\"search.medium\"),\n\t\t\t},\n\t\t\tIndexFields: cloudsearch.DomainIndexFieldArray{\n\t\t\t\t\u0026cloudsearch.DomainIndexFieldArgs{\n\t\t\t\t\tName: pulumi.String(\"headline\"),\n\t\t\t\t\tType: pulumi.String(\"text\"),\n\t\t\t\t\tSearch: pulumi.Bool(true),\n\t\t\t\t\tReturn: pulumi.Bool(true),\n\t\t\t\t\tSort: pulumi.Bool(true),\n\t\t\t\t\tHighlight: pulumi.Bool(false),\n\t\t\t\t\tAnalysisScheme: pulumi.String(\"_en_default_\"),\n\t\t\t\t},\n\t\t\t\t\u0026cloudsearch.DomainIndexFieldArgs{\n\t\t\t\t\tName: pulumi.String(\"price\"),\n\t\t\t\t\tType: pulumi.String(\"double\"),\n\t\t\t\t\tSearch: pulumi.Bool(true),\n\t\t\t\t\tFacet: pulumi.Bool(true),\n\t\t\t\t\tReturn: pulumi.Bool(true),\n\t\t\t\t\tSort: pulumi.Bool(true),\n\t\t\t\t\tSourceFields: pulumi.String(\"headline\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudsearch.Domain;\nimport com.pulumi.aws.cloudsearch.DomainArgs;\nimport com.pulumi.aws.cloudsearch.inputs.DomainScalingParametersArgs;\nimport com.pulumi.aws.cloudsearch.inputs.DomainIndexFieldArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .name(\"example-domain\")\n .scalingParameters(DomainScalingParametersArgs.builder()\n .desiredInstanceType(\"search.medium\")\n .build())\n .indexFields( \n DomainIndexFieldArgs.builder()\n .name(\"headline\")\n .type(\"text\")\n .search(true)\n .return_(true)\n .sort(true)\n .highlight(false)\n .analysisScheme(\"_en_default_\")\n .build(),\n DomainIndexFieldArgs.builder()\n .name(\"price\")\n .type(\"double\")\n .search(true)\n .facet(true)\n .return_(true)\n .sort(true)\n .sourceFields(\"headline\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudsearch:Domain\n properties:\n name: example-domain\n scalingParameters:\n desiredInstanceType: search.medium\n indexFields:\n - name: headline\n type: text\n search: true\n return: true\n sort: true\n highlight: false\n analysisScheme: _en_default_\n - name: price\n type: double\n search: true\n facet: true\n return: true\n sort: true\n sourceFields: headline\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudSearch Domains using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudsearch/domain:Domain example example-domain\n```\n", "properties": { "arn": { "type": "string", "description": "The domain's ARN.\n" }, "documentServiceEndpoint": { "type": "string", "description": "The service endpoint for updating documents in a search domain.\n" }, "domainId": { "type": "string", "description": "An internally generated unique identifier for the domain.\n" }, "endpointOptions": { "$ref": "#/types/aws:cloudsearch/DomainEndpointOptions:DomainEndpointOptions", "description": "Domain endpoint options. Documented below.\n" }, "indexFields": { "type": "array", "items": { "$ref": "#/types/aws:cloudsearch/DomainIndexField:DomainIndexField" }, "description": "The index fields for documents added to the domain. Documented below.\n" }, "multiAz": { "type": "boolean", "description": "Whether or not to maintain extra instances for the domain in a second Availability Zone to ensure high availability.\n" }, "name": { "type": "string", "description": "The name of the CloudSearch domain.\n" }, "scalingParameters": { "$ref": "#/types/aws:cloudsearch/DomainScalingParameters:DomainScalingParameters", "description": "Domain scaling parameters. Documented below.\n" }, "searchServiceEndpoint": { "type": "string", "description": "The service endpoint for requesting search results from a search domain.\n" } }, "required": [ "arn", "documentServiceEndpoint", "domainId", "endpointOptions", "multiAz", "name", "scalingParameters", "searchServiceEndpoint" ], "inputProperties": { "endpointOptions": { "$ref": "#/types/aws:cloudsearch/DomainEndpointOptions:DomainEndpointOptions", "description": "Domain endpoint options. Documented below.\n" }, "indexFields": { "type": "array", "items": { "$ref": "#/types/aws:cloudsearch/DomainIndexField:DomainIndexField" }, "description": "The index fields for documents added to the domain. Documented below.\n" }, "multiAz": { "type": "boolean", "description": "Whether or not to maintain extra instances for the domain in a second Availability Zone to ensure high availability.\n" }, "name": { "type": "string", "description": "The name of the CloudSearch domain.\n", "willReplaceOnChanges": true }, "scalingParameters": { "$ref": "#/types/aws:cloudsearch/DomainScalingParameters:DomainScalingParameters", "description": "Domain scaling parameters. Documented below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "The domain's ARN.\n" }, "documentServiceEndpoint": { "type": "string", "description": "The service endpoint for updating documents in a search domain.\n" }, "domainId": { "type": "string", "description": "An internally generated unique identifier for the domain.\n" }, "endpointOptions": { "$ref": "#/types/aws:cloudsearch/DomainEndpointOptions:DomainEndpointOptions", "description": "Domain endpoint options. Documented below.\n" }, "indexFields": { "type": "array", "items": { "$ref": "#/types/aws:cloudsearch/DomainIndexField:DomainIndexField" }, "description": "The index fields for documents added to the domain. Documented below.\n" }, "multiAz": { "type": "boolean", "description": "Whether or not to maintain extra instances for the domain in a second Availability Zone to ensure high availability.\n" }, "name": { "type": "string", "description": "The name of the CloudSearch domain.\n", "willReplaceOnChanges": true }, "scalingParameters": { "$ref": "#/types/aws:cloudsearch/DomainScalingParameters:DomainScalingParameters", "description": "Domain scaling parameters. Documented below.\n" }, "searchServiceEndpoint": { "type": "string", "description": "The service endpoint for requesting search results from a search domain.\n" } }, "type": "object" } }, "aws:cloudsearch/domainServiceAccessPolicy:DomainServiceAccessPolicy": { "description": "Provides an CloudSearch domain service access policy resource.\n\nThe provider waits for the domain service access policy to become `Active` when applying a configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomain = new aws.cloudsearch.Domain(\"example\", {name: \"example-domain\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"search_only\",\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\n \"cloudsearch:search\",\n \"cloudsearch:document\",\n ],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"192.0.2.0/32\"],\n }],\n }],\n});\nconst exampleDomainServiceAccessPolicy = new aws.cloudsearch.DomainServiceAccessPolicy(\"example\", {\n domainName: exampleDomain.id,\n accessPolicy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain = aws.cloudsearch.Domain(\"example\", name=\"example-domain\")\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"search_only\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\n \"cloudsearch:search\",\n \"cloudsearch:document\",\n ],\n \"conditions\": [{\n \"test\": \"IpAddress\",\n \"variable\": \"aws:SourceIp\",\n \"values\": [\"192.0.2.0/32\"],\n }],\n}])\nexample_domain_service_access_policy = aws.cloudsearch.DomainServiceAccessPolicy(\"example\",\n domain_name=example_domain.id,\n access_policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomain = new Aws.CloudSearch.Domain(\"example\", new()\n {\n Name = \"example-domain\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"search_only\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"cloudsearch:search\",\n \"cloudsearch:document\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"192.0.2.0/32\",\n },\n },\n },\n },\n },\n });\n\n var exampleDomainServiceAccessPolicy = new Aws.CloudSearch.DomainServiceAccessPolicy(\"example\", new()\n {\n DomainName = exampleDomain.Id,\n AccessPolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomain, err := cloudsearch.NewDomain(ctx, \"example\", \u0026cloudsearch.DomainArgs{\n\t\t\tName: pulumi.String(\"example-domain\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"search_only\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"*\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"cloudsearch:search\",\n\t\t\t\t\t\t\"cloudsearch:document\",\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"IpAddress\",\n\t\t\t\t\t\t\tVariable: \"aws:SourceIp\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"192.0.2.0/32\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudsearch.NewDomainServiceAccessPolicy(ctx, \"example\", \u0026cloudsearch.DomainServiceAccessPolicyArgs{\n\t\t\tDomainName: exampleDomain.ID(),\n\t\t\tAccessPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudsearch.Domain;\nimport com.pulumi.aws.cloudsearch.DomainArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudsearch.DomainServiceAccessPolicy;\nimport com.pulumi.aws.cloudsearch.DomainServiceAccessPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .name(\"example-domain\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"search_only\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions( \n \"cloudsearch:search\",\n \"cloudsearch:document\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"192.0.2.0/32\")\n .build())\n .build())\n .build());\n\n var exampleDomainServiceAccessPolicy = new DomainServiceAccessPolicy(\"exampleDomainServiceAccessPolicy\", DomainServiceAccessPolicyArgs.builder()\n .domainName(exampleDomain.id())\n .accessPolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDomain:\n type: aws:cloudsearch:Domain\n name: example\n properties:\n name: example-domain\n exampleDomainServiceAccessPolicy:\n type: aws:cloudsearch:DomainServiceAccessPolicy\n name: example\n properties:\n domainName: ${exampleDomain.id}\n accessPolicy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: search_only\n effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - cloudsearch:search\n - cloudsearch:document\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 192.0.2.0/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudSearch domain service access policies using the domain name. For example:\n\n```sh\n$ pulumi import aws:cloudsearch/domainServiceAccessPolicy:DomainServiceAccessPolicy example example-domain\n```\n", "properties": { "accessPolicy": { "type": "string", "description": "The access rules you want to configure. These rules replace any existing rules. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html) for details.\n" }, "domainName": { "type": "string", "description": "The CloudSearch domain name the policy applies to.\n" } }, "required": [ "accessPolicy", "domainName" ], "inputProperties": { "accessPolicy": { "type": "string", "description": "The access rules you want to configure. These rules replace any existing rules. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html) for details.\n" }, "domainName": { "type": "string", "description": "The CloudSearch domain name the policy applies to.\n" } }, "requiredInputs": [ "accessPolicy", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainServiceAccessPolicy resources.\n", "properties": { "accessPolicy": { "type": "string", "description": "The access rules you want to configure. These rules replace any existing rules. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html) for details.\n" }, "domainName": { "type": "string", "description": "The CloudSearch domain name the policy applies to.\n" } }, "type": "object" } }, "aws:cloudtrail/eventDataStore:EventDataStore": { "description": "Provides a CloudTrail Event Data Store.\n\nMore information about event data stores can be found in the [Event Data Store User Guide](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store.html).\n\n\u003e **Tip:** For an organization event data store you must create this resource in the management account.\n\n## Example Usage\n\n### Basic\n\nThe most simple event data store configuration requires us to only set the `name` attribute. The event data store will automatically capture all management events. To capture management events from all the regions, `multi_region_enabled` must be `true`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.EventDataStore(\"example\", {name: \"example-event-data-store\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.EventDataStore(\"example\", name=\"example-event-data-store\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.EventDataStore(\"example\", new()\n {\n Name = \"example-event-data-store\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewEventDataStore(ctx, \"example\", \u0026cloudtrail.EventDataStoreArgs{\n\t\t\tName: pulumi.String(\"example-event-data-store\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.EventDataStore;\nimport com.pulumi.aws.cloudtrail.EventDataStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventDataStore(\"example\", EventDataStoreArgs.builder()\n .name(\"example-event-data-store\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:EventDataStore\n properties:\n name: example-event-data-store\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Data Event Logging\n\nCloudTrail can log [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) for certain services such as S3 bucket objects and Lambda function invocations. Additional information about data event configuration can be found in the following links:\n\n- [CloudTrail API AdvancedFieldSelector documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html)\n\n### Log all DynamoDB PutEvent actions for a specific DynamoDB table\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst table = aws.dynamodb.getTable({\n name: \"not-important-dynamodb-table\",\n});\nconst example = new aws.cloudtrail.EventDataStore(\"example\", {advancedEventSelectors: [{\n name: \"Log all DynamoDB PutEvent actions for a specific DynamoDB table\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::DynamoDB::Table\"],\n },\n {\n field: \"eventName\",\n equals: [\"PutItem\"],\n },\n {\n field: \"resources.ARN\",\n equals: [table.then(table =\u003e table.arn)],\n },\n ],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntable = aws.dynamodb.get_table(name=\"not-important-dynamodb-table\")\nexample = aws.cloudtrail.EventDataStore(\"example\", advanced_event_selectors=[{\n \"name\": \"Log all DynamoDB PutEvent actions for a specific DynamoDB table\",\n \"field_selectors\": [\n {\n \"field\": \"eventCategory\",\n \"equals\": [\"Data\"],\n },\n {\n \"field\": \"resources.type\",\n \"equals\": [\"AWS::DynamoDB::Table\"],\n },\n {\n \"field\": \"eventName\",\n \"equals\": [\"PutItem\"],\n },\n {\n \"field\": \"resources.ARN\",\n \"equals\": [table.arn],\n },\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var table = Aws.DynamoDB.GetTable.Invoke(new()\n {\n Name = \"not-important-dynamodb-table\",\n });\n\n var example = new Aws.CloudTrail.EventDataStore(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorArgs\n {\n Name = \"Log all DynamoDB PutEvent actions for a specific DynamoDB table\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::DynamoDB::Table\",\n },\n },\n new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n Equals = new[]\n {\n \"PutItem\",\n },\n },\n new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n Equals = new[]\n {\n table.Apply(getTableResult =\u003e getTableResult.Arn),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttable, err := dynamodb.LookupTable(ctx, \u0026dynamodb.LookupTableArgs{\n\t\t\tName: \"not-important-dynamodb-table\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewEventDataStore(ctx, \"example\", \u0026cloudtrail.EventDataStoreArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.EventDataStoreAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log all DynamoDB PutEvent actions for a specific DynamoDB table\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::DynamoDB::Table\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"PutItem\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(table.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.DynamodbFunctions;\nimport com.pulumi.aws.dynamodb.inputs.GetTableArgs;\nimport com.pulumi.aws.cloudtrail.EventDataStore;\nimport com.pulumi.aws.cloudtrail.EventDataStoreArgs;\nimport com.pulumi.aws.cloudtrail.inputs.EventDataStoreAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var table = DynamodbFunctions.getTable(GetTableArgs.builder()\n .name(\"not-important-dynamodb-table\")\n .build());\n\n var example = new EventDataStore(\"example\", EventDataStoreArgs.builder()\n .advancedEventSelectors(EventDataStoreAdvancedEventSelectorArgs.builder()\n .name(\"Log all DynamoDB PutEvent actions for a specific DynamoDB table\")\n .fieldSelectors( \n EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::DynamoDB::Table\")\n .build(),\n EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .equals(\"PutItem\")\n .build(),\n EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .equals(table.applyValue(getTableResult -\u003e getTableResult.arn()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:EventDataStore\n properties:\n advancedEventSelectors:\n - name: Log all DynamoDB PutEvent actions for a specific DynamoDB table\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: resources.type\n equals:\n - AWS::DynamoDB::Table\n - field: eventName\n equals:\n - PutItem\n - field: resources.ARN\n equals:\n - ${table.arn}\nvariables:\n table:\n fn::invoke:\n Function: aws:dynamodb:getTable\n Arguments:\n name: not-important-dynamodb-table\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import event data stores using their `arn`. For example:\n\n```sh\n$ pulumi import aws:cloudtrail/eventDataStore:EventDataStore example arn:aws:cloudtrail:us-east-1:123456789123:eventdatastore/22333815-4414-412c-b155-dd254033gfhf\n```\n", "properties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/EventDataStoreAdvancedEventSelector:EventDataStoreAdvancedEventSelector" }, "description": "The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n" }, "arn": { "type": "string", "description": "ARN of the event data store.\n" }, "billingMode": { "type": "string", "description": "The billing mode for the event data store. The valid values are `EXTENDABLE_RETENTION_PRICING` and `FIXED_RETENTION_PRICING`. Defaults to `EXTENDABLE_RETENTION_PRICING`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n" }, "multiRegionEnabled": { "type": "boolean", "description": "Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: `true`.\n" }, "name": { "type": "string", "description": "The name of the event data store.\n" }, "organizationEnabled": { "type": "boolean", "description": "Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: `false`.\n" }, "retentionPeriod": { "type": "integer", "description": "The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: `2555`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminationProtectionEnabled": { "type": "boolean", "description": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: `true`.\n" } }, "required": [ "advancedEventSelectors", "arn", "name", "tagsAll" ], "inputProperties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/EventDataStoreAdvancedEventSelector:EventDataStoreAdvancedEventSelector" }, "description": "The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n" }, "billingMode": { "type": "string", "description": "The billing mode for the event data store. The valid values are `EXTENDABLE_RETENTION_PRICING` and `FIXED_RETENTION_PRICING`. Defaults to `EXTENDABLE_RETENTION_PRICING`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n", "willReplaceOnChanges": true }, "multiRegionEnabled": { "type": "boolean", "description": "Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: `true`.\n" }, "name": { "type": "string", "description": "The name of the event data store.\n", "willReplaceOnChanges": true }, "organizationEnabled": { "type": "boolean", "description": "Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: `false`.\n" }, "retentionPeriod": { "type": "integer", "description": "The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: `2555`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "terminationProtectionEnabled": { "type": "boolean", "description": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: `true`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EventDataStore resources.\n", "properties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/EventDataStoreAdvancedEventSelector:EventDataStoreAdvancedEventSelector" }, "description": "The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n" }, "arn": { "type": "string", "description": "ARN of the event data store.\n" }, "billingMode": { "type": "string", "description": "The billing mode for the event data store. The valid values are `EXTENDABLE_RETENTION_PRICING` and `FIXED_RETENTION_PRICING`. Defaults to `EXTENDABLE_RETENTION_PRICING`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n", "willReplaceOnChanges": true }, "multiRegionEnabled": { "type": "boolean", "description": "Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: `true`.\n" }, "name": { "type": "string", "description": "The name of the event data store.\n", "willReplaceOnChanges": true }, "organizationEnabled": { "type": "boolean", "description": "Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: `false`.\n" }, "retentionPeriod": { "type": "integer", "description": "The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: `2555`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminationProtectionEnabled": { "type": "boolean", "description": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: `true`.\n" } }, "type": "object" } }, "aws:cloudtrail/trail:Trail": { "description": "Provides a CloudTrail resource.\n\n\u003e **Tip:** For a multi-region trail, this resource must be in the home region of the trail.\n\n\u003e **Tip:** For an organization trail, this resource must be in the master account of the organization.\n\n## Example Usage\n\n### Basic\n\nEnable CloudTrail to capture all compatible management events in region.\nFor capturing events from services like IAM, `include_global_service_events` must be enabled.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"my-test-trail\",\n forceDestroy: true,\n});\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"AWSCloudTrailAclCheck\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: [exampleBucketV2.arn],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n }],\n },\n {\n sid: \"AWSCloudTrailWrite\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:PutObject\"],\n resources: [pulumi.all([exampleBucketV2.arn, current]).apply(([arn, current]) =\u003e `${arn}/prefix/AWSLogs/${current.accountId}/*`)],\n conditions: [\n {\n test: \"StringEquals\",\n variable: \"s3:x-amz-acl\",\n values: [\"bucket-owner-full-control\"],\n },\n {\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n },\n ],\n },\n ],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {\n name: \"example\",\n s3BucketName: exampleBucketV2.id,\n s3KeyPrefix: \"prefix\",\n includeGlobalServiceEvents: false,\n}, {\n dependsOn: [exampleBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"my-test-trail\",\n force_destroy=True)\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\ncurrent_get_region = aws.get_region()\nexample = aws.iam.get_policy_document_output(statements=[\n {\n \"sid\": \"AWSCloudTrailAclCheck\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"cloudtrail.amazonaws.com\"],\n }],\n \"actions\": [\"s3:GetBucketAcl\"],\n \"resources\": [example_bucket_v2.arn],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n }],\n },\n {\n \"sid\": \"AWSCloudTrailWrite\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"cloudtrail.amazonaws.com\"],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [example_bucket_v2.arn.apply(lambda arn: f\"{arn}/prefix/AWSLogs/{current.account_id}/*\")],\n \"conditions\": [\n {\n \"test\": \"StringEquals\",\n \"variable\": \"s3:x-amz-acl\",\n \"values\": [\"bucket-owner-full-control\"],\n },\n {\n \"test\": \"StringEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n },\n ],\n },\n])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=example.json)\nexample_trail = aws.cloudtrail.Trail(\"example\",\n name=\"example\",\n s3_bucket_name=example_bucket_v2.id,\n s3_key_prefix=\"prefix\",\n include_global_service_events=False,\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-trail\",\n ForceDestroy = true,\n });\n\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailAclCheck\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailWrite\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/prefix/AWSLogs/{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"s3:x-amz-acl\",\n Values = new[]\n {\n \"bucket-owner-full-control\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n Name = \"example\",\n S3BucketName = exampleBucketV2.Id,\n S3KeyPrefix = \"prefix\",\n IncludeGlobalServiceEvents = false,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketPolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-trail\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailAclCheck\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailWrite\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/prefix/AWSLogs/%v/*\", arn, current.AccountId), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"s3:x-amz-acl\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"bucket-owner-full-control\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texampleBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tS3KeyPrefix: pulumi.String(\"prefix\"),\n\t\t\tIncludeGlobalServiceEvents: pulumi.Bool(false),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"my-test-trail\")\n .forceDestroy(true)\n .build());\n\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailAclCheck\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(exampleBucketV2.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailWrite\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:PutObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/prefix/AWSLogs/%s/*\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"s3:x-amz-acl\")\n .values(\"bucket-owner-full-control\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleBucketV2.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder()\n .name(\"example\")\n .s3BucketName(exampleBucketV2.id())\n .s3KeyPrefix(\"prefix\")\n .includeGlobalServiceEvents(false)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n name: example\n s3BucketName: ${exampleBucketV2.id}\n s3KeyPrefix: prefix\n includeGlobalServiceEvents: false\n options:\n dependson:\n - ${exampleBucketPolicy}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-trail\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSCloudTrailAclCheck\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:GetBucketAcl\n resources:\n - ${exampleBucketV2.arn}\n conditions:\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n - sid: AWSCloudTrailWrite\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:PutObject\n resources:\n - ${exampleBucketV2.arn}/prefix/AWSLogs/${current.accountId}/*\n conditions:\n - test: StringEquals\n variable: s3:x-amz-acl\n values:\n - bucket-owner-full-control\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Data Event Logging\n\nCloudTrail can log [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) for certain services such as S3 objects and Lambda function invocations. Additional information about data event configuration can be found in the following links:\n\n* [CloudTrail API DataResource documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DataResource.html) (for basic event selector).\n* [CloudTrail API AdvancedFieldSelector documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html) (for advanced event selector).\n\n### Logging All Lambda Function Invocations By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::Lambda::Function\",\n values: [\"arn:aws:lambda\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"read_write_type\": \"All\",\n \"include_management_events\": True,\n \"data_resources\": [{\n \"type\": \"AWS::Lambda::Function\",\n \"values\": [\"arn:aws:lambda\"],\n }],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::Lambda::Function\",\n Values = new[]\n {\n \"arn:aws:lambda\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::Lambda::Function\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:lambda\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder()\n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::Lambda::Function\")\n .values(\"arn:aws:lambda\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::Lambda::Function\n values:\n - arn:aws:lambda\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [\"arn:aws:s3\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"read_write_type\": \"All\",\n \"include_management_events\": True,\n \"data_resources\": [{\n \"type\": \"AWS::S3::Object\",\n \"values\": [\"arn:aws:s3\"],\n }],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n \"arn:aws:s3\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:s3\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder()\n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(\"arn:aws:s3\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - arn:aws:s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Bucket Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket = aws.s3.getBucket({\n bucket: \"important-bucket\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [important_bucket.then(important_bucket =\u003e `${important_bucket.arn}/`)],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket = aws.s3.get_bucket(bucket=\"important-bucket\")\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[{\n \"read_write_type\": \"All\",\n \"include_management_events\": True,\n \"data_resources\": [{\n \"type\": \"AWS::S3::Object\",\n \"values\": [f\"{important_bucket.arn}/\"],\n }],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n important_bucket.Apply(important_bucket =\u003e $\"{important_bucket.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder()\n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(String.format(\"%s/\", important_bucket.arn()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - ${[\"important-bucket\"].arn}/\nvariables:\n important-bucket:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events Except For Two S3 Buckets By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst not-important-bucket-1 = aws.s3.getBucket({\n bucket: \"not-important-bucket-1\",\n});\nconst not-important-bucket-2 = aws.s3.getBucket({\n bucket: \"not-important-bucket-2\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log all S3 objects events except for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"resources.ARN\",\n notStartsWiths: [\n not_important_bucket_1.then(not_important_bucket_1 =\u003e `${not_important_bucket_1.arn}/`),\n not_important_bucket_2.then(not_important_bucket_2 =\u003e `${not_important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log readOnly and writeOnly management events\",\n fieldSelectors: [{\n field: \"eventCategory\",\n equals: [\"Management\"],\n }],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnot_important_bucket_1 = aws.s3.get_bucket(bucket=\"not-important-bucket-1\")\nnot_important_bucket_2 = aws.s3.get_bucket(bucket=\"not-important-bucket-2\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n {\n \"name\": \"Log all S3 objects events except for two S3 buckets\",\n \"field_selectors\": [\n {\n \"field\": \"eventCategory\",\n \"equals\": [\"Data\"],\n },\n {\n \"field\": \"resources.ARN\",\n \"not_starts_withs\": [\n f\"{not_important_bucket_1.arn}/\",\n f\"{not_important_bucket_2.arn}/\",\n ],\n },\n {\n \"field\": \"resources.type\",\n \"equals\": [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n \"name\": \"Log readOnly and writeOnly management events\",\n \"field_selectors\": [{\n \"field\": \"eventCategory\",\n \"equals\": [\"Management\"],\n }],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var not_important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-1\",\n });\n\n var not_important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-2\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log all S3 objects events except for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n NotStartsWiths = new[]\n {\n not_important_bucket_1.Apply(not_important_bucket_1 =\u003e $\"{not_important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n not_important_bucket_2.Apply(not_important_bucket_2 =\u003e $\"{not_important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log readOnly and writeOnly management events\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Management\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnot_important_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnot_important_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log all S3 objects events except for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tNotStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log readOnly and writeOnly management events\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Management\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var not-important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-1\")\n .build());\n\n final var not-important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-2\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder()\n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log all S3 objects events except for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .notStartsWiths( \n String.format(\"%s/\", not_important_bucket_1.arn()),\n String.format(\"%s/\", not_important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log readOnly and writeOnly management events\")\n .fieldSelectors(TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Management\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log all S3 objects events except for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: resources.ARN\n notStartsWiths:\n - ${[\"not-important-bucket-1\"].arn}/\n - ${[\"not-important-bucket-2\"].arn}/\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log readOnly and writeOnly management events\n fieldSelectors:\n - field: eventCategory\n equals:\n - Management\nvariables:\n not-important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-1\n not-important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Buckets And Specific Event Names By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket-1 = aws.s3.getBucket({\n bucket: \"important-bucket-1\",\n});\nconst important-bucket-2 = aws.s3.getBucket({\n bucket: \"important-bucket-2\",\n});\nconst important-bucket-3 = aws.s3.getBucket({\n bucket: \"important-bucket-3\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log PutObject and DeleteObject events for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n equals: [\n \"PutObject\",\n \"DeleteObject\",\n ],\n },\n {\n field: \"resources.ARN\",\n startsWiths: [\n important_bucket_1.then(important_bucket_1 =\u003e `${important_bucket_1.arn}/`),\n important_bucket_2.then(important_bucket_2 =\u003e `${important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log Delete* events for one S3 bucket\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n startsWiths: [\"Delete\"],\n },\n {\n field: \"resources.ARN\",\n equals: [important_bucket_3.then(important_bucket_3 =\u003e `${important_bucket_3.arn}/important-prefix`)],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket_1 = aws.s3.get_bucket(bucket=\"important-bucket-1\")\nimportant_bucket_2 = aws.s3.get_bucket(bucket=\"important-bucket-2\")\nimportant_bucket_3 = aws.s3.get_bucket(bucket=\"important-bucket-3\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n {\n \"name\": \"Log PutObject and DeleteObject events for two S3 buckets\",\n \"field_selectors\": [\n {\n \"field\": \"eventCategory\",\n \"equals\": [\"Data\"],\n },\n {\n \"field\": \"eventName\",\n \"equals\": [\n \"PutObject\",\n \"DeleteObject\",\n ],\n },\n {\n \"field\": \"resources.ARN\",\n \"starts_withs\": [\n f\"{important_bucket_1.arn}/\",\n f\"{important_bucket_2.arn}/\",\n ],\n },\n {\n \"field\": \"readOnly\",\n \"equals\": [\"false\"],\n },\n {\n \"field\": \"resources.type\",\n \"equals\": [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n \"name\": \"Log Delete* events for one S3 bucket\",\n \"field_selectors\": [\n {\n \"field\": \"eventCategory\",\n \"equals\": [\"Data\"],\n },\n {\n \"field\": \"eventName\",\n \"starts_withs\": [\"Delete\"],\n },\n {\n \"field\": \"resources.ARN\",\n \"equals\": [f\"{important_bucket_3.arn}/important-prefix\"],\n },\n {\n \"field\": \"readOnly\",\n \"equals\": [\"false\"],\n },\n {\n \"field\": \"resources.type\",\n \"equals\": [\"AWS::S3::Object\"],\n },\n ],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-1\",\n });\n\n var important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-2\",\n });\n\n var important_bucket_3 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-3\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log PutObject and DeleteObject events for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n Equals = new[]\n {\n \"PutObject\",\n \"DeleteObject\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n StartsWiths = new[]\n {\n important_bucket_1.Apply(important_bucket_1 =\u003e $\"{important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n important_bucket_2.Apply(important_bucket_2 =\u003e $\"{important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log Delete* events for one S3 bucket\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n StartsWiths = new[]\n {\n \"Delete\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n Equals = new[]\n {\n important_bucket_3.Apply(important_bucket_3 =\u003e $\"{important_bucket_3.Apply(getBucketResult =\u003e getBucketResult.Arn)}/important-prefix\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_3, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log PutObject and DeleteObject events for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"PutObject\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"DeleteObject\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log Delete* events for one S3 bucket\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/important-prefix\", important_bucket_3.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-1\")\n .build());\n\n final var important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-2\")\n .build());\n\n final var important-bucket-3 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-3\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder()\n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log PutObject and DeleteObject events for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .equals( \n \"PutObject\",\n \"DeleteObject\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .startsWiths( \n String.format(\"%s/\", important_bucket_1.arn()),\n String.format(\"%s/\", important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log Delete* events for one S3 bucket\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .startsWiths(\"Delete\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .equals(String.format(\"%s/important-prefix\", important_bucket_3.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log PutObject and DeleteObject events for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n equals:\n - PutObject\n - DeleteObject\n - field: resources.ARN\n startsWiths:\n - ${[\"important-bucket-1\"].arn}/\n - ${[\"important-bucket-2\"].arn}/\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log Delete* events for one S3 bucket\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n startsWiths:\n - Delete\n - field: resources.ARN\n equals:\n - ${[\"important-bucket-3\"].arn}/important-prefix\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\nvariables:\n important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-1\n important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-2\n important-bucket-3:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Sending Events to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"Example\"});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {cloudWatchLogsGroupArn: pulumi.interpolate`${example.arn}:*`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"Example\")\nexample_trail = aws.cloudtrail.Trail(\"example\", cloud_watch_logs_group_arn=example.arn.apply(lambda arn: f\"{arn}:*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"Example\",\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n CloudWatchLogsGroupArn = example.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tCloudWatchLogsGroupArn: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"Example\")\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder()\n .cloudWatchLogsGroupArn(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: Example\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n cloudWatchLogsGroupArn: ${example.arn}:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudtrails using the `arn`. For example:\n\n```sh\n$ pulumi import aws:cloudtrail/trail:Trail sample arn:aws:cloudtrail:us-east-1:123456789012:trail/my-sample-trail\n```\n", "properties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailAdvancedEventSelector:TrailAdvancedEventSelector" }, "description": "Specifies an advanced event selector for enabling data event logging. Fields documented below. Conflicts with `event_selector`.\n" }, "arn": { "type": "string", "description": "ARN of the trail.\n" }, "cloudWatchLogsGroupArn": { "type": "string", "description": "Log group name using an ARN that represents the log group to which CloudTrail logs will be delivered. Note that CloudTrail requires the Log Stream wildcard.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Role for the CloudWatch Logs endpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Whether log file integrity validation is enabled. Defaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`. Setting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these. Conflicts with `advanced_event_selector`.\n" }, "homeRegion": { "type": "string", "description": "Region in which the trail was created.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`.\n" }, "insightSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailInsightSelector:TrailInsightSelector" }, "description": "Configuration block for identifying unusual operational activity. See details below.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Whether the trail is created in the current region or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Name of the trail.\n" }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket designated for publishing log files.\n\nThe following arguments are optional:\n" }, "s3KeyPrefix": { "type": "string", "description": "S3 key prefix that follows the name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Name of the Amazon SNS topic defined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the trail. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "homeRegion", "name", "s3BucketName", "tagsAll" ], "inputProperties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailAdvancedEventSelector:TrailAdvancedEventSelector" }, "description": "Specifies an advanced event selector for enabling data event logging. Fields documented below. Conflicts with `event_selector`.\n" }, "cloudWatchLogsGroupArn": { "type": "string", "description": "Log group name using an ARN that represents the log group to which CloudTrail logs will be delivered. Note that CloudTrail requires the Log Stream wildcard.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Role for the CloudWatch Logs endpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Whether log file integrity validation is enabled. Defaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`. Setting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these. Conflicts with `advanced_event_selector`.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`.\n" }, "insightSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailInsightSelector:TrailInsightSelector" }, "description": "Configuration block for identifying unusual operational activity. See details below.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Whether the trail is created in the current region or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Name of the trail.\n", "willReplaceOnChanges": true }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket designated for publishing log files.\n\nThe following arguments are optional:\n" }, "s3KeyPrefix": { "type": "string", "description": "S3 key prefix that follows the name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Name of the Amazon SNS topic defined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the trail. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "s3BucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trail resources.\n", "properties": { "advancedEventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailAdvancedEventSelector:TrailAdvancedEventSelector" }, "description": "Specifies an advanced event selector for enabling data event logging. Fields documented below. Conflicts with `event_selector`.\n" }, "arn": { "type": "string", "description": "ARN of the trail.\n" }, "cloudWatchLogsGroupArn": { "type": "string", "description": "Log group name using an ARN that represents the log group to which CloudTrail logs will be delivered. Note that CloudTrail requires the Log Stream wildcard.\n" }, "cloudWatchLogsRoleArn": { "type": "string", "description": "Role for the CloudWatch Logs endpoint to assume to write to a user’s log group.\n" }, "enableLogFileValidation": { "type": "boolean", "description": "Whether log file integrity validation is enabled. Defaults to `false`.\n" }, "enableLogging": { "type": "boolean", "description": "Enables logging for the trail. Defaults to `true`. Setting this to `false` will pause logging.\n" }, "eventSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector" }, "description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these. Conflicts with `advanced_event_selector`.\n" }, "homeRegion": { "type": "string", "description": "Region in which the trail was created.\n" }, "includeGlobalServiceEvents": { "type": "boolean", "description": "Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`.\n" }, "insightSelectors": { "type": "array", "items": { "$ref": "#/types/aws:cloudtrail/TrailInsightSelector:TrailInsightSelector" }, "description": "Configuration block for identifying unusual operational activity. See details below.\n" }, "isMultiRegionTrail": { "type": "boolean", "description": "Whether the trail is created in the current region or in all regions. Defaults to `false`.\n" }, "isOrganizationTrail": { "type": "boolean", "description": "Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n" }, "name": { "type": "string", "description": "Name of the trail.\n", "willReplaceOnChanges": true }, "s3BucketName": { "type": "string", "description": "Name of the S3 bucket designated for publishing log files.\n\nThe following arguments are optional:\n" }, "s3KeyPrefix": { "type": "string", "description": "S3 key prefix that follows the name of the bucket you have designated for log file delivery.\n" }, "snsTopicName": { "type": "string", "description": "Name of the Amazon SNS topic defined for notification of log file delivery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the trail. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/compositeAlarm:CompositeAlarm": { "description": "Provides a CloudWatch Composite Alarm resource.\n\n\u003e **NOTE:** An alarm (composite or metric) cannot be destroyed when there are other composite alarms depending on it. This can lead to a cyclical dependency on update, as the provider will unsuccessfully attempt to destroy alarms before updating the rule. Consider using `depends_on`, references to alarm names, and two-stage updates.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.CompositeAlarm(\"example\", {\n alarmDescription: \"This is a composite alarm!\",\n alarmName: \"example-composite-alarm\",\n alarmActions: exampleAwsSnsTopic.arn,\n okActions: exampleAwsSnsTopic.arn,\n alarmRule: `ALARM(${alpha.alarmName}) OR\nALARM(${bravo.alarmName})\n`,\n actionsSuppressor: {\n alarm: \"suppressor-alarm\",\n extensionPeriod: 10,\n waitPeriod: 20,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.CompositeAlarm(\"example\",\n alarm_description=\"This is a composite alarm!\",\n alarm_name=\"example-composite-alarm\",\n alarm_actions=example_aws_sns_topic[\"arn\"],\n ok_actions=example_aws_sns_topic[\"arn\"],\n alarm_rule=f\"\"\"ALARM({alpha[\"alarmName\"]}) OR\nALARM({bravo[\"alarmName\"]})\n\"\"\",\n actions_suppressor={\n \"alarm\": \"suppressor-alarm\",\n \"extension_period\": 10,\n \"wait_period\": 20,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.CompositeAlarm(\"example\", new()\n {\n AlarmDescription = \"This is a composite alarm!\",\n AlarmName = \"example-composite-alarm\",\n AlarmActions = exampleAwsSnsTopic.Arn,\n OkActions = exampleAwsSnsTopic.Arn,\n AlarmRule = @$\"ALARM({alpha.AlarmName}) OR\nALARM({bravo.AlarmName})\n\",\n ActionsSuppressor = new Aws.CloudWatch.Inputs.CompositeAlarmActionsSuppressorArgs\n {\n Alarm = \"suppressor-alarm\",\n ExtensionPeriod = 10,\n WaitPeriod = 20,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewCompositeAlarm(ctx, \"example\", \u0026cloudwatch.CompositeAlarmArgs{\n\t\t\tAlarmDescription: pulumi.String(\"This is a composite alarm!\"),\n\t\t\tAlarmName: pulumi.String(\"example-composite-alarm\"),\n\t\t\tAlarmActions: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\tOkActions: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\tAlarmRule: pulumi.String(fmt.Sprintf(\"ALARM(%v) OR\\nALARM(%v)\\n\", alpha.AlarmName, bravo.AlarmName)),\n\t\t\tActionsSuppressor: \u0026cloudwatch.CompositeAlarmActionsSuppressorArgs{\n\t\t\t\tAlarm: pulumi.String(\"suppressor-alarm\"),\n\t\t\t\tExtensionPeriod: pulumi.Int(10),\n\t\t\t\tWaitPeriod: pulumi.Int(20),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CompositeAlarm;\nimport com.pulumi.aws.cloudwatch.CompositeAlarmArgs;\nimport com.pulumi.aws.cloudwatch.inputs.CompositeAlarmActionsSuppressorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CompositeAlarm(\"example\", CompositeAlarmArgs.builder()\n .alarmDescription(\"This is a composite alarm!\")\n .alarmName(\"example-composite-alarm\")\n .alarmActions(exampleAwsSnsTopic.arn())\n .okActions(exampleAwsSnsTopic.arn())\n .alarmRule(\"\"\"\nALARM(%s) OR\nALARM(%s)\n\", alpha.alarmName(),bravo.alarmName()))\n .actionsSuppressor(CompositeAlarmActionsSuppressorArgs.builder()\n .alarm(\"suppressor-alarm\")\n .extensionPeriod(10)\n .waitPeriod(20)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:CompositeAlarm\n properties:\n alarmDescription: This is a composite alarm!\n alarmName: example-composite-alarm\n alarmActions: ${exampleAwsSnsTopic.arn}\n okActions: ${exampleAwsSnsTopic.arn}\n alarmRule: |\n ALARM(${alpha.alarmName}) OR\n ALARM(${bravo.alarmName})\n actionsSuppressor:\n alarm: suppressor-alarm\n extensionPeriod: 10\n waitPeriod: 20\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a CloudWatch Composite Alarm using the `alarm_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/compositeAlarm:CompositeAlarm test my-alarm\n```\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. Defaults to `true`.\n" }, "actionsSuppressor": { "$ref": "#/types/aws:cloudwatch/CompositeAlarmActionsSuppressor:CompositeAlarmActionsSuppressor", "description": "Actions will be suppressed if the suppressor alarm is in the ALARM state.\n" }, "alarmActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `ALARM` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "alarmDescription": { "type": "string", "description": "The description for the composite alarm.\n" }, "alarmName": { "type": "string", "description": "The name for the composite alarm. This name must be unique within the region.\n" }, "alarmRule": { "type": "string", "description": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For syntax, see [Creating a Composite Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Create_Composite_Alarm.html). The maximum length is 10240 characters.\n" }, "arn": { "type": "string", "description": "The ARN of the composite alarm.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "okActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to an `OK` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to associate with the alarm. Up to 50 tags are allowed. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "alarmName", "alarmRule", "arn", "tagsAll" ], "inputProperties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. Defaults to `true`.\n", "willReplaceOnChanges": true }, "actionsSuppressor": { "$ref": "#/types/aws:cloudwatch/CompositeAlarmActionsSuppressor:CompositeAlarmActionsSuppressor", "description": "Actions will be suppressed if the suppressor alarm is in the ALARM state.\n" }, "alarmActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `ALARM` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "alarmDescription": { "type": "string", "description": "The description for the composite alarm.\n" }, "alarmName": { "type": "string", "description": "The name for the composite alarm. This name must be unique within the region.\n", "willReplaceOnChanges": true }, "alarmRule": { "type": "string", "description": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For syntax, see [Creating a Composite Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Create_Composite_Alarm.html). The maximum length is 10240 characters.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "okActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to an `OK` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to associate with the alarm. Up to 50 tags are allowed. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "alarmName", "alarmRule" ], "stateInputs": { "description": "Input properties used for looking up and filtering CompositeAlarm resources.\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. Defaults to `true`.\n", "willReplaceOnChanges": true }, "actionsSuppressor": { "$ref": "#/types/aws:cloudwatch/CompositeAlarmActionsSuppressor:CompositeAlarmActionsSuppressor", "description": "Actions will be suppressed if the suppressor alarm is in the ALARM state.\n" }, "alarmActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `ALARM` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "alarmDescription": { "type": "string", "description": "The description for the composite alarm.\n" }, "alarmName": { "type": "string", "description": "The name for the composite alarm. This name must be unique within the region.\n", "willReplaceOnChanges": true }, "alarmRule": { "type": "string", "description": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For syntax, see [Creating a Composite Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Create_Composite_Alarm.html). The maximum length is 10240 characters.\n" }, "arn": { "type": "string", "description": "The ARN of the composite alarm.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "okActions": { "type": "array", "items": { "type": "string" }, "description": "The set of actions to execute when this alarm transitions to an `OK` state from any other state. Each action is specified as an ARN. Up to 5 actions are allowed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to associate with the alarm. Up to 50 tags are allowed. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/dashboard:Dashboard": { "description": "Provides a CloudWatch Dashboard resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.cloudwatch.Dashboard(\"main\", {\n dashboardName: \"my-dashboard\",\n dashboardBody: JSON.stringify({\n widgets: [\n {\n type: \"metric\",\n x: 0,\n y: 0,\n width: 12,\n height: 6,\n properties: {\n metrics: [[\n \"AWS/EC2\",\n \"CPUUtilization\",\n \"InstanceId\",\n \"i-012345\",\n ]],\n period: 300,\n stat: \"Average\",\n region: \"us-east-1\",\n title: \"EC2 Instance CPU\",\n },\n },\n {\n type: \"text\",\n x: 0,\n y: 7,\n width: 3,\n height: 3,\n properties: {\n markdown: \"Hello world\",\n },\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmain = aws.cloudwatch.Dashboard(\"main\",\n dashboard_name=\"my-dashboard\",\n dashboard_body=json.dumps({\n \"widgets\": [\n {\n \"type\": \"metric\",\n \"x\": 0,\n \"y\": 0,\n \"width\": 12,\n \"height\": 6,\n \"properties\": {\n \"metrics\": [[\n \"AWS/EC2\",\n \"CPUUtilization\",\n \"InstanceId\",\n \"i-012345\",\n ]],\n \"period\": 300,\n \"stat\": \"Average\",\n \"region\": \"us-east-1\",\n \"title\": \"EC2 Instance CPU\",\n },\n },\n {\n \"type\": \"text\",\n \"x\": 0,\n \"y\": 7,\n \"width\": 3,\n \"height\": 3,\n \"properties\": {\n \"markdown\": \"Hello world\",\n },\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.CloudWatch.Dashboard(\"main\", new()\n {\n DashboardName = \"my-dashboard\",\n DashboardBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"widgets\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"metric\",\n [\"x\"] = 0,\n [\"y\"] = 0,\n [\"width\"] = 12,\n [\"height\"] = 6,\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"metrics\"] = new[]\n {\n new[]\n {\n \"AWS/EC2\",\n \"CPUUtilization\",\n \"InstanceId\",\n \"i-012345\",\n },\n },\n [\"period\"] = 300,\n [\"stat\"] = \"Average\",\n [\"region\"] = \"us-east-1\",\n [\"title\"] = \"EC2 Instance CPU\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"text\",\n [\"x\"] = 0,\n [\"y\"] = 7,\n [\"width\"] = 3,\n [\"height\"] = 3,\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"markdown\"] = \"Hello world\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"widgets\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"type\": \"metric\",\n\t\t\t\t\t\"x\": 0,\n\t\t\t\t\t\"y\": 0,\n\t\t\t\t\t\"width\": 12,\n\t\t\t\t\t\"height\": 6,\n\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\"metrics\": [][]string{\n\t\t\t\t\t\t\t[]string{\n\t\t\t\t\t\t\t\t\"AWS/EC2\",\n\t\t\t\t\t\t\t\t\"CPUUtilization\",\n\t\t\t\t\t\t\t\t\"InstanceId\",\n\t\t\t\t\t\t\t\t\"i-012345\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"period\": 300,\n\t\t\t\t\t\t\"stat\": \"Average\",\n\t\t\t\t\t\t\"region\": \"us-east-1\",\n\t\t\t\t\t\t\"title\": \"EC2 Instance CPU\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"type\": \"text\",\n\t\t\t\t\t\"x\": 0,\n\t\t\t\t\t\"y\": 7,\n\t\t\t\t\t\"width\": 3,\n\t\t\t\t\t\"height\": 3,\n\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\"markdown\": \"Hello world\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudwatch.NewDashboard(ctx, \"main\", \u0026cloudwatch.DashboardArgs{\n\t\t\tDashboardName: pulumi.String(\"my-dashboard\"),\n\t\t\tDashboardBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.Dashboard;\nimport com.pulumi.aws.cloudwatch.DashboardArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Dashboard(\"main\", DashboardArgs.builder()\n .dashboardName(\"my-dashboard\")\n .dashboardBody(serializeJson(\n jsonObject(\n jsonProperty(\"widgets\", jsonArray(\n jsonObject(\n jsonProperty(\"type\", \"metric\"),\n jsonProperty(\"x\", 0),\n jsonProperty(\"y\", 0),\n jsonProperty(\"width\", 12),\n jsonProperty(\"height\", 6),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"metrics\", jsonArray(jsonArray(\n \"AWS/EC2\", \n \"CPUUtilization\", \n \"InstanceId\", \n \"i-012345\"\n ))),\n jsonProperty(\"period\", 300),\n jsonProperty(\"stat\", \"Average\"),\n jsonProperty(\"region\", \"us-east-1\"),\n jsonProperty(\"title\", \"EC2 Instance CPU\")\n ))\n ), \n jsonObject(\n jsonProperty(\"type\", \"text\"),\n jsonProperty(\"x\", 0),\n jsonProperty(\"y\", 7),\n jsonProperty(\"width\", 3),\n jsonProperty(\"height\", 3),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"markdown\", \"Hello world\")\n ))\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cloudwatch:Dashboard\n properties:\n dashboardName: my-dashboard\n dashboardBody:\n fn::toJSON:\n widgets:\n - type: metric\n x: 0\n y: 0\n width: 12\n height: 6\n properties:\n metrics:\n - - AWS/EC2\n - CPUUtilization\n - InstanceId\n - i-012345\n period: 300\n stat: Average\n region: us-east-1\n title: EC2 Instance CPU\n - type: text\n x: 0\n y: 7\n width: 3\n height: 3\n properties:\n markdown: Hello world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch dashboards using the `dashboard_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/dashboard:Dashboard sample dashboard_name\n```\n", "properties": { "dashboardArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the dashboard.\n" }, "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n" } }, "required": [ "dashboardArn", "dashboardBody", "dashboardName" ], "inputProperties": { "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dashboardBody", "dashboardName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Dashboard resources.\n", "properties": { "dashboardArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the dashboard.\n" }, "dashboardBody": { "type": "string", "description": "The detailed information about the dashboard, including what widgets are included and their location on the dashboard. You can read more about the body structure in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html).\n" }, "dashboardName": { "type": "string", "description": "The name of the dashboard.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/eventApiDestination:EventApiDestination": { "description": "Provides an EventBridge event API Destination resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudwatch.EventApiDestination(\"test\", {\n name: \"api-destination\",\n description: \"An API Destination\",\n invocationEndpoint: \"https://api.destination.com/endpoint\",\n httpMethod: \"POST\",\n invocationRateLimitPerSecond: 20,\n connectionArn: testAwsCloudwatchEventConnection.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.EventApiDestination(\"test\",\n name=\"api-destination\",\n description=\"An API Destination\",\n invocation_endpoint=\"https://api.destination.com/endpoint\",\n http_method=\"POST\",\n invocation_rate_limit_per_second=20,\n connection_arn=test_aws_cloudwatch_event_connection[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudWatch.EventApiDestination(\"test\", new()\n {\n Name = \"api-destination\",\n Description = \"An API Destination\",\n InvocationEndpoint = \"https://api.destination.com/endpoint\",\n HttpMethod = \"POST\",\n InvocationRateLimitPerSecond = 20,\n ConnectionArn = testAwsCloudwatchEventConnection.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventApiDestination(ctx, \"test\", \u0026cloudwatch.EventApiDestinationArgs{\n\t\t\tName: pulumi.String(\"api-destination\"),\n\t\t\tDescription: pulumi.String(\"An API Destination\"),\n\t\t\tInvocationEndpoint: pulumi.String(\"https://api.destination.com/endpoint\"),\n\t\t\tHttpMethod: pulumi.String(\"POST\"),\n\t\t\tInvocationRateLimitPerSecond: pulumi.Int(20),\n\t\t\tConnectionArn: pulumi.Any(testAwsCloudwatchEventConnection.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventApiDestination;\nimport com.pulumi.aws.cloudwatch.EventApiDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EventApiDestination(\"test\", EventApiDestinationArgs.builder()\n .name(\"api-destination\")\n .description(\"An API Destination\")\n .invocationEndpoint(\"https://api.destination.com/endpoint\")\n .httpMethod(\"POST\")\n .invocationRateLimitPerSecond(20)\n .connectionArn(testAwsCloudwatchEventConnection.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudwatch:EventApiDestination\n properties:\n name: api-destination\n description: An API Destination\n invocationEndpoint: https://api.destination.com/endpoint\n httpMethod: POST\n invocationRateLimitPerSecond: 20\n connectionArn: ${testAwsCloudwatchEventConnection.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge API Destinations using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventApiDestination:EventApiDestination test api-destination\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event API Destination.\n" }, "connectionArn": { "type": "string", "description": "ARN of the EventBridge Connection to use for the API Destination.\n" }, "description": { "type": "string", "description": "The description of the new API Destination. Maximum of 512 characters.\n" }, "httpMethod": { "type": "string", "description": "Select the HTTP method used for the invocation endpoint, such as GET, POST, PUT, etc.\n" }, "invocationEndpoint": { "type": "string", "description": "URL endpoint to invoke as a target. This could be a valid endpoint generated by a partner service. You can include \"*\" as path parameters wildcards to be set from the Target HttpParameters.\n" }, "invocationRateLimitPerSecond": { "type": "integer", "description": "Enter the maximum number of invocations per second to allow for this destination. Enter a value greater than 0 (default 300).\n" }, "name": { "type": "string", "description": "The name of the new API Destination. The name must be unique for your account. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n" } }, "required": [ "arn", "connectionArn", "httpMethod", "invocationEndpoint", "name" ], "inputProperties": { "connectionArn": { "type": "string", "description": "ARN of the EventBridge Connection to use for the API Destination.\n" }, "description": { "type": "string", "description": "The description of the new API Destination. Maximum of 512 characters.\n" }, "httpMethod": { "type": "string", "description": "Select the HTTP method used for the invocation endpoint, such as GET, POST, PUT, etc.\n" }, "invocationEndpoint": { "type": "string", "description": "URL endpoint to invoke as a target. This could be a valid endpoint generated by a partner service. You can include \"*\" as path parameters wildcards to be set from the Target HttpParameters.\n" }, "invocationRateLimitPerSecond": { "type": "integer", "description": "Enter the maximum number of invocations per second to allow for this destination. Enter a value greater than 0 (default 300).\n" }, "name": { "type": "string", "description": "The name of the new API Destination. The name must be unique for your account. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionArn", "httpMethod", "invocationEndpoint" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventApiDestination resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event API Destination.\n" }, "connectionArn": { "type": "string", "description": "ARN of the EventBridge Connection to use for the API Destination.\n" }, "description": { "type": "string", "description": "The description of the new API Destination. Maximum of 512 characters.\n" }, "httpMethod": { "type": "string", "description": "Select the HTTP method used for the invocation endpoint, such as GET, POST, PUT, etc.\n" }, "invocationEndpoint": { "type": "string", "description": "URL endpoint to invoke as a target. This could be a valid endpoint generated by a partner service. You can include \"*\" as path parameters wildcards to be set from the Target HttpParameters.\n" }, "invocationRateLimitPerSecond": { "type": "integer", "description": "Enter the maximum number of invocations per second to allow for this destination. Enter a value greater than 0 (default 300).\n" }, "name": { "type": "string", "description": "The name of the new API Destination. The name must be unique for your account. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/eventArchive:EventArchive": { "description": "Provides an EventBridge event archive resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst order = new aws.cloudwatch.EventBus(\"order\", {name: \"orders\"});\nconst orderEventArchive = new aws.cloudwatch.EventArchive(\"order\", {\n name: \"order-archive\",\n eventSourceArn: order.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder = aws.cloudwatch.EventBus(\"order\", name=\"orders\")\norder_event_archive = aws.cloudwatch.EventArchive(\"order\",\n name=\"order-archive\",\n event_source_arn=order.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var order = new Aws.CloudWatch.EventBus(\"order\", new()\n {\n Name = \"orders\",\n });\n\n var orderEventArchive = new Aws.CloudWatch.EventArchive(\"order\", new()\n {\n Name = \"order-archive\",\n EventSourceArn = order.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torder, err := cloudwatch.NewEventBus(ctx, \"order\", \u0026cloudwatch.EventBusArgs{\n\t\t\tName: pulumi.String(\"orders\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventArchive(ctx, \"order\", \u0026cloudwatch.EventArchiveArgs{\n\t\t\tName: pulumi.String(\"order-archive\"),\n\t\t\tEventSourceArn: order.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventBus;\nimport com.pulumi.aws.cloudwatch.EventBusArgs;\nimport com.pulumi.aws.cloudwatch.EventArchive;\nimport com.pulumi.aws.cloudwatch.EventArchiveArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var order = new EventBus(\"order\", EventBusArgs.builder()\n .name(\"orders\")\n .build());\n\n var orderEventArchive = new EventArchive(\"orderEventArchive\", EventArchiveArgs.builder()\n .name(\"order-archive\")\n .eventSourceArn(order.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n order:\n type: aws:cloudwatch:EventBus\n properties:\n name: orders\n orderEventArchive:\n type: aws:cloudwatch:EventArchive\n name: order\n properties:\n name: order-archive\n eventSourceArn: ${order.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example all optional arguments\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst order = new aws.cloudwatch.EventBus(\"order\", {name: \"orders\"});\nconst orderEventArchive = new aws.cloudwatch.EventArchive(\"order\", {\n name: \"order-archive\",\n description: \"Archived events from order service\",\n eventSourceArn: order.arn,\n retentionDays: 7,\n eventPattern: JSON.stringify({\n source: [\"company.team.order\"],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\norder = aws.cloudwatch.EventBus(\"order\", name=\"orders\")\norder_event_archive = aws.cloudwatch.EventArchive(\"order\",\n name=\"order-archive\",\n description=\"Archived events from order service\",\n event_source_arn=order.arn,\n retention_days=7,\n event_pattern=json.dumps({\n \"source\": [\"company.team.order\"],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var order = new Aws.CloudWatch.EventBus(\"order\", new()\n {\n Name = \"orders\",\n });\n\n var orderEventArchive = new Aws.CloudWatch.EventArchive(\"order\", new()\n {\n Name = \"order-archive\",\n Description = \"Archived events from order service\",\n EventSourceArn = order.Arn,\n RetentionDays = 7,\n EventPattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"company.team.order\",\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torder, err := cloudwatch.NewEventBus(ctx, \"order\", \u0026cloudwatch.EventBusArgs{\n\t\t\tName: pulumi.String(\"orders\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"company.team.order\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudwatch.NewEventArchive(ctx, \"order\", \u0026cloudwatch.EventArchiveArgs{\n\t\t\tName: pulumi.String(\"order-archive\"),\n\t\t\tDescription: pulumi.String(\"Archived events from order service\"),\n\t\t\tEventSourceArn: order.Arn,\n\t\t\tRetentionDays: pulumi.Int(7),\n\t\t\tEventPattern: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventBus;\nimport com.pulumi.aws.cloudwatch.EventBusArgs;\nimport com.pulumi.aws.cloudwatch.EventArchive;\nimport com.pulumi.aws.cloudwatch.EventArchiveArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var order = new EventBus(\"order\", EventBusArgs.builder()\n .name(\"orders\")\n .build());\n\n var orderEventArchive = new EventArchive(\"orderEventArchive\", EventArchiveArgs.builder()\n .name(\"order-archive\")\n .description(\"Archived events from order service\")\n .eventSourceArn(order.arn())\n .retentionDays(7)\n .eventPattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"company.team.order\"))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n order:\n type: aws:cloudwatch:EventBus\n properties:\n name: orders\n orderEventArchive:\n type: aws:cloudwatch:EventArchive\n name: order\n properties:\n name: order-archive\n description: Archived events from order service\n eventSourceArn: ${order.arn}\n retentionDays: 7\n eventPattern:\n fn::toJSON:\n source:\n - company.team.order\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an EventBridge archive using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventArchive:EventArchive imported_event_archive order-archive\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event archive.\n" }, "description": { "type": "string", "description": "The description of the new event archive.\n" }, "eventPattern": { "type": "string", "description": "Instructs the new event archive to only capture events matched by this pattern. By default, it attempts to archive every event received in the `event_source_arn`.\n" }, "eventSourceArn": { "type": "string", "description": "Event bus source ARN from where these events should be archived.\n" }, "name": { "type": "string", "description": "The name of the new event archive. The archive name cannot exceed 48 characters.\n" }, "retentionDays": { "type": "integer", "description": "The maximum number of days to retain events in the new event archive. By default, it archives indefinitely.\n" } }, "required": [ "arn", "eventSourceArn", "name" ], "inputProperties": { "description": { "type": "string", "description": "The description of the new event archive.\n" }, "eventPattern": { "type": "string", "description": "Instructs the new event archive to only capture events matched by this pattern. By default, it attempts to archive every event received in the `event_source_arn`.\n" }, "eventSourceArn": { "type": "string", "description": "Event bus source ARN from where these events should be archived.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the new event archive. The archive name cannot exceed 48 characters.\n", "willReplaceOnChanges": true }, "retentionDays": { "type": "integer", "description": "The maximum number of days to retain events in the new event archive. By default, it archives indefinitely.\n" } }, "requiredInputs": [ "eventSourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventArchive resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event archive.\n" }, "description": { "type": "string", "description": "The description of the new event archive.\n" }, "eventPattern": { "type": "string", "description": "Instructs the new event archive to only capture events matched by this pattern. By default, it attempts to archive every event received in the `event_source_arn`.\n" }, "eventSourceArn": { "type": "string", "description": "Event bus source ARN from where these events should be archived.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the new event archive. The archive name cannot exceed 48 characters.\n", "willReplaceOnChanges": true }, "retentionDays": { "type": "integer", "description": "The maximum number of days to retain events in the new event archive. By default, it archives indefinitely.\n" } }, "type": "object" } }, "aws:cloudwatch/eventBus:EventBus": { "description": "Provides an EventBridge event bus resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst messenger = new aws.cloudwatch.EventBus(\"messenger\", {name: \"chat-messages\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmessenger = aws.cloudwatch.EventBus(\"messenger\", name=\"chat-messages\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var messenger = new Aws.CloudWatch.EventBus(\"messenger\", new()\n {\n Name = \"chat-messages\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventBus(ctx, \"messenger\", \u0026cloudwatch.EventBusArgs{\n\t\t\tName: pulumi.String(\"chat-messages\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventBus;\nimport com.pulumi.aws.cloudwatch.EventBusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var messenger = new EventBus(\"messenger\", EventBusArgs.builder()\n .name(\"chat-messages\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n messenger:\n type: aws:cloudwatch:EventBus\n properties:\n name: chat-messages\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplepartner = aws.cloudwatch.getEventSource({\n namePrefix: \"aws.partner/examplepartner.com\",\n});\nconst examplepartnerEventBus = new aws.cloudwatch.EventBus(\"examplepartner\", {\n name: examplepartner.then(examplepartner =\u003e examplepartner.name),\n eventSourceName: examplepartner.then(examplepartner =\u003e examplepartner.name),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplepartner = aws.cloudwatch.get_event_source(name_prefix=\"aws.partner/examplepartner.com\")\nexamplepartner_event_bus = aws.cloudwatch.EventBus(\"examplepartner\",\n name=examplepartner.name,\n event_source_name=examplepartner.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplepartner = Aws.CloudWatch.GetEventSource.Invoke(new()\n {\n NamePrefix = \"aws.partner/examplepartner.com\",\n });\n\n var examplepartnerEventBus = new Aws.CloudWatch.EventBus(\"examplepartner\", new()\n {\n Name = examplepartner.Apply(getEventSourceResult =\u003e getEventSourceResult.Name),\n EventSourceName = examplepartner.Apply(getEventSourceResult =\u003e getEventSourceResult.Name),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplepartner, err := cloudwatch.GetEventSource(ctx, \u0026cloudwatch.GetEventSourceArgs{\n\t\t\tNamePrefix: pulumi.StringRef(\"aws.partner/examplepartner.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventBus(ctx, \"examplepartner\", \u0026cloudwatch.EventBusArgs{\n\t\t\tName: pulumi.String(examplepartner.Name),\n\t\t\tEventSourceName: pulumi.String(examplepartner.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetEventSourceArgs;\nimport com.pulumi.aws.cloudwatch.EventBus;\nimport com.pulumi.aws.cloudwatch.EventBusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var examplepartner = CloudwatchFunctions.getEventSource(GetEventSourceArgs.builder()\n .namePrefix(\"aws.partner/examplepartner.com\")\n .build());\n\n var examplepartnerEventBus = new EventBus(\"examplepartnerEventBus\", EventBusArgs.builder()\n .name(examplepartner.applyValue(getEventSourceResult -\u003e getEventSourceResult.name()))\n .eventSourceName(examplepartner.applyValue(getEventSourceResult -\u003e getEventSourceResult.name()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplepartnerEventBus:\n type: aws:cloudwatch:EventBus\n name: examplepartner\n properties:\n name: ${examplepartner.name}\n eventSourceName: ${examplepartner.name}\nvariables:\n examplepartner:\n fn::invoke:\n Function: aws:cloudwatch:getEventSource\n Arguments:\n namePrefix: aws.partner/examplepartner.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge event buses using the `name` (which can also be a partner event source name). For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventBus:EventBus messenger chat-messages\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event bus.\n" }, "eventSourceName": { "type": "string", "description": "The partner event source that the new event bus will be matched with. Must match `name`.\n" }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n" }, "name": { "type": "string", "description": "The name of the new event bus. The names of custom event buses can't contain the / character. To create a partner event bus, ensure the `name` matches the `event_source_name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "eventSourceName": { "type": "string", "description": "The partner event source that the new event bus will be matched with. Must match `name`.\n", "willReplaceOnChanges": true }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n" }, "name": { "type": "string", "description": "The name of the new event bus. The names of custom event buses can't contain the / character. To create a partner event bus, ensure the `name` matches the `event_source_name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EventBus resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the event bus.\n" }, "eventSourceName": { "type": "string", "description": "The partner event source that the new event bus will be matched with. Must match `name`.\n", "willReplaceOnChanges": true }, "kmsKeyIdentifier": { "type": "string", "description": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n" }, "name": { "type": "string", "description": "The name of the new event bus. The names of custom event buses can't contain the / character. To create a partner event bus, ensure the `name` matches the `event_source_name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/eventBusPolicy:EventBusPolicy": { "description": "Provides a resource to create an EventBridge resource policy to support cross-account events.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n\u003e **Note:** The EventBridge bus policy resource (`aws.cloudwatch.EventBusPolicy`) is incompatible with the EventBridge permission resource (`aws.cloudwatch.EventPermission`) and will overwrite permissions.\n\n## Example Usage\n\n### Account Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"DevAccountAccess\",\n effect: \"Allow\",\n actions: [\"events:PutEvents\"],\n resources: [\"arn:aws:events:eu-west-1:123456789012:event-bus/default\"],\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n }],\n});\nconst testEventBusPolicy = new aws.cloudwatch.EventBusPolicy(\"test\", {\n policy: test.then(test =\u003e test.json),\n eventBusName: testAwsCloudwatchEventBus.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.iam.get_policy_document(statements=[{\n \"sid\": \"DevAccountAccess\",\n \"effect\": \"Allow\",\n \"actions\": [\"events:PutEvents\"],\n \"resources\": [\"arn:aws:events:eu-west-1:123456789012:event-bus/default\"],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n}])\ntest_event_bus_policy = aws.cloudwatch.EventBusPolicy(\"test\",\n policy=test.json,\n event_bus_name=test_aws_cloudwatch_event_bus[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"DevAccountAccess\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"events:PutEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n },\n },\n });\n\n var testEventBusPolicy = new Aws.CloudWatch.EventBusPolicy(\"test\", new()\n {\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n EventBusName = testAwsCloudwatchEventBus.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"DevAccountAccess\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"events:PutEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"123456789012\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventBusPolicy(ctx, \"test\", \u0026cloudwatch.EventBusPolicyArgs{\n\t\t\tPolicy: pulumi.String(test.Json),\n\t\t\tEventBusName: pulumi.Any(testAwsCloudwatchEventBus.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.EventBusPolicy;\nimport com.pulumi.aws.cloudwatch.EventBusPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"DevAccountAccess\")\n .effect(\"Allow\")\n .actions(\"events:PutEvents\")\n .resources(\"arn:aws:events:eu-west-1:123456789012:event-bus/default\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .build())\n .build());\n\n var testEventBusPolicy = new EventBusPolicy(\"testEventBusPolicy\", EventBusPolicyArgs.builder()\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .eventBusName(testAwsCloudwatchEventBus.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testEventBusPolicy:\n type: aws:cloudwatch:EventBusPolicy\n name: test\n properties:\n policy: ${test.json}\n eventBusName: ${testAwsCloudwatchEventBus.name}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: DevAccountAccess\n effect: Allow\n actions:\n - events:PutEvents\n resources:\n - arn:aws:events:eu-west-1:123456789012:event-bus/default\n principals:\n - type: AWS\n identifiers:\n - '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"OrganizationAccess\",\n effect: \"Allow\",\n actions: [\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n ],\n resources: [\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n ],\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:PrincipalOrgID\",\n values: [example.id],\n }],\n }],\n});\nconst testEventBusPolicy = new aws.cloudwatch.EventBusPolicy(\"test\", {\n policy: test.then(test =\u003e test.json),\n eventBusName: testAwsCloudwatchEventBus.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.iam.get_policy_document(statements=[{\n \"sid\": \"OrganizationAccess\",\n \"effect\": \"Allow\",\n \"actions\": [\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n ],\n \"resources\": [\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n ],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"aws:PrincipalOrgID\",\n \"values\": [example[\"id\"]],\n }],\n}])\ntest_event_bus_policy = aws.cloudwatch.EventBusPolicy(\"test\",\n policy=test.json,\n event_bus_name=test_aws_cloudwatch_event_bus[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OrganizationAccess\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n },\n Resources = new[]\n {\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:PrincipalOrgID\",\n Values = new[]\n {\n example.Id,\n },\n },\n },\n },\n },\n });\n\n var testEventBusPolicy = new Aws.CloudWatch.EventBusPolicy(\"test\", new()\n {\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n EventBusName = testAwsCloudwatchEventBus.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ntest, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OrganizationAccess\"),\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"events:DescribeRule\",\n\"events:ListRules\",\n\"events:ListTargetsByRule\",\n\"events:ListTagsForResource\",\n},\nResources: []string{\n\"arn:aws:events:eu-west-1:123456789012:rule/*\",\n\"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"aws:PrincipalOrgID\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = cloudwatch.NewEventBusPolicy(ctx, \"test\", \u0026cloudwatch.EventBusPolicyArgs{\nPolicy: pulumi.String(test.Json),\nEventBusName: pulumi.Any(testAwsCloudwatchEventBus.Name),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.EventBusPolicy;\nimport com.pulumi.aws.cloudwatch.EventBusPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OrganizationAccess\")\n .effect(\"Allow\")\n .actions( \n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\")\n .resources( \n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:PrincipalOrgID\")\n .values(example.id())\n .build())\n .build())\n .build());\n\n var testEventBusPolicy = new EventBusPolicy(\"testEventBusPolicy\", EventBusPolicyArgs.builder()\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .eventBusName(testAwsCloudwatchEventBus.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testEventBusPolicy:\n type: aws:cloudwatch:EventBusPolicy\n name: test\n properties:\n policy: ${test.json}\n eventBusName: ${testAwsCloudwatchEventBus.name}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: OrganizationAccess\n effect: Allow\n actions:\n - events:DescribeRule\n - events:ListRules\n - events:ListTargetsByRule\n - events:ListTagsForResource\n resources:\n - arn:aws:events:eu-west-1:123456789012:rule/*\n - arn:aws:events:eu-west-1:123456789012:event-bus/default\n principals:\n - type: AWS\n identifiers:\n - '*'\n conditions:\n - test: StringEquals\n variable: aws:PrincipalOrgID\n values:\n - ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple Statements\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"DevAccountAccess\",\n effect: \"Allow\",\n actions: [\"events:PutEvents\"],\n resources: [\"arn:aws:events:eu-west-1:123456789012:event-bus/default\"],\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n },\n {\n sid: \"OrganizationAccess\",\n effect: \"Allow\",\n actions: [\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n ],\n resources: [\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n ],\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:PrincipalOrgID\",\n values: [example.id],\n }],\n },\n ],\n});\nconst testEventBusPolicy = new aws.cloudwatch.EventBusPolicy(\"test\", {\n policy: test.then(test =\u003e test.json),\n eventBusName: testAwsCloudwatchEventBus.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"DevAccountAccess\",\n \"effect\": \"Allow\",\n \"actions\": [\"events:PutEvents\"],\n \"resources\": [\"arn:aws:events:eu-west-1:123456789012:event-bus/default\"],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n },\n {\n \"sid\": \"OrganizationAccess\",\n \"effect\": \"Allow\",\n \"actions\": [\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n ],\n \"resources\": [\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n ],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"aws:PrincipalOrgID\",\n \"values\": [example[\"id\"]],\n }],\n },\n])\ntest_event_bus_policy = aws.cloudwatch.EventBusPolicy(\"test\",\n policy=test.json,\n event_bus_name=test_aws_cloudwatch_event_bus[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"DevAccountAccess\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"events:PutEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OrganizationAccess\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\",\n },\n Resources = new[]\n {\n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:PrincipalOrgID\",\n Values = new[]\n {\n example.Id,\n },\n },\n },\n },\n },\n });\n\n var testEventBusPolicy = new Aws.CloudWatch.EventBusPolicy(\"test\", new()\n {\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n EventBusName = testAwsCloudwatchEventBus.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ntest, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"DevAccountAccess\"),\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"events:PutEvents\",\n},\nResources: []string{\n\"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"123456789012\",\n},\n},\n},\n},\n{\nSid: pulumi.StringRef(\"OrganizationAccess\"),\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"events:DescribeRule\",\n\"events:ListRules\",\n\"events:ListTargetsByRule\",\n\"events:ListTagsForResource\",\n},\nResources: []string{\n\"arn:aws:events:eu-west-1:123456789012:rule/*\",\n\"arn:aws:events:eu-west-1:123456789012:event-bus/default\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"aws:PrincipalOrgID\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = cloudwatch.NewEventBusPolicy(ctx, \"test\", \u0026cloudwatch.EventBusPolicyArgs{\nPolicy: pulumi.String(test.Json),\nEventBusName: pulumi.Any(testAwsCloudwatchEventBus.Name),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.EventBusPolicy;\nimport com.pulumi.aws.cloudwatch.EventBusPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"DevAccountAccess\")\n .effect(\"Allow\")\n .actions(\"events:PutEvents\")\n .resources(\"arn:aws:events:eu-west-1:123456789012:event-bus/default\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"OrganizationAccess\")\n .effect(\"Allow\")\n .actions( \n \"events:DescribeRule\",\n \"events:ListRules\",\n \"events:ListTargetsByRule\",\n \"events:ListTagsForResource\")\n .resources( \n \"arn:aws:events:eu-west-1:123456789012:rule/*\",\n \"arn:aws:events:eu-west-1:123456789012:event-bus/default\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:PrincipalOrgID\")\n .values(example.id())\n .build())\n .build())\n .build());\n\n var testEventBusPolicy = new EventBusPolicy(\"testEventBusPolicy\", EventBusPolicyArgs.builder()\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .eventBusName(testAwsCloudwatchEventBus.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testEventBusPolicy:\n type: aws:cloudwatch:EventBusPolicy\n name: test\n properties:\n policy: ${test.json}\n eventBusName: ${testAwsCloudwatchEventBus.name}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: DevAccountAccess\n effect: Allow\n actions:\n - events:PutEvents\n resources:\n - arn:aws:events:eu-west-1:123456789012:event-bus/default\n principals:\n - type: AWS\n identifiers:\n - '123456789012'\n - sid: OrganizationAccess\n effect: Allow\n actions:\n - events:DescribeRule\n - events:ListRules\n - events:ListTargetsByRule\n - events:ListTagsForResource\n resources:\n - arn:aws:events:eu-west-1:123456789012:rule/*\n - arn:aws:events:eu-west-1:123456789012:event-bus/default\n principals:\n - type: AWS\n identifiers:\n - '*'\n conditions:\n - test: StringEquals\n variable: aws:PrincipalOrgID\n values:\n - ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an EventBridge policy using the `event_bus_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventBusPolicy:EventBusPolicy DevAccountAccess example-event-bus\n```\n", "properties": { "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n" }, "policy": { "type": "string", "description": "The text of the policy.\n" } }, "required": [ "policy" ], "inputProperties": { "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The text of the policy.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventBusPolicy resources.\n", "properties": { "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The text of the policy.\n" } }, "type": "object" } }, "aws:cloudwatch/eventConnection:EventConnection": { "description": "Provides an EventBridge connection resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudwatch.EventConnection(\"test\", {\n name: \"ngrok-connection\",\n description: \"A connection description\",\n authorizationType: \"API_KEY\",\n authParameters: {\n apiKey: {\n key: \"x-signature\",\n value: \"1234\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.EventConnection(\"test\",\n name=\"ngrok-connection\",\n description=\"A connection description\",\n authorization_type=\"API_KEY\",\n auth_parameters={\n \"api_key\": {\n \"key\": \"x-signature\",\n \"value\": \"1234\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudWatch.EventConnection(\"test\", new()\n {\n Name = \"ngrok-connection\",\n Description = \"A connection description\",\n AuthorizationType = \"API_KEY\",\n AuthParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersArgs\n {\n ApiKey = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersApiKeyArgs\n {\n Key = \"x-signature\",\n Value = \"1234\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventConnection(ctx, \"test\", \u0026cloudwatch.EventConnectionArgs{\n\t\t\tName: pulumi.String(\"ngrok-connection\"),\n\t\t\tDescription: pulumi.String(\"A connection description\"),\n\t\t\tAuthorizationType: pulumi.String(\"API_KEY\"),\n\t\t\tAuthParameters: \u0026cloudwatch.EventConnectionAuthParametersArgs{\n\t\t\t\tApiKey: \u0026cloudwatch.EventConnectionAuthParametersApiKeyArgs{\n\t\t\t\t\tKey: pulumi.String(\"x-signature\"),\n\t\t\t\t\tValue: pulumi.String(\"1234\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventConnection;\nimport com.pulumi.aws.cloudwatch.EventConnectionArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersApiKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EventConnection(\"test\", EventConnectionArgs.builder()\n .name(\"ngrok-connection\")\n .description(\"A connection description\")\n .authorizationType(\"API_KEY\")\n .authParameters(EventConnectionAuthParametersArgs.builder()\n .apiKey(EventConnectionAuthParametersApiKeyArgs.builder()\n .key(\"x-signature\")\n .value(\"1234\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudwatch:EventConnection\n properties:\n name: ngrok-connection\n description: A connection description\n authorizationType: API_KEY\n authParameters:\n apiKey:\n key: x-signature\n value: '1234'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### Basic Authorization\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudwatch.EventConnection(\"test\", {\n name: \"ngrok-connection\",\n description: \"A connection description\",\n authorizationType: \"BASIC\",\n authParameters: {\n basic: {\n username: \"user\",\n password: \"Pass1234!\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.EventConnection(\"test\",\n name=\"ngrok-connection\",\n description=\"A connection description\",\n authorization_type=\"BASIC\",\n auth_parameters={\n \"basic\": {\n \"username\": \"user\",\n \"password\": \"Pass1234!\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudWatch.EventConnection(\"test\", new()\n {\n Name = \"ngrok-connection\",\n Description = \"A connection description\",\n AuthorizationType = \"BASIC\",\n AuthParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersArgs\n {\n Basic = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersBasicArgs\n {\n Username = \"user\",\n Password = \"Pass1234!\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventConnection(ctx, \"test\", \u0026cloudwatch.EventConnectionArgs{\n\t\t\tName: pulumi.String(\"ngrok-connection\"),\n\t\t\tDescription: pulumi.String(\"A connection description\"),\n\t\t\tAuthorizationType: pulumi.String(\"BASIC\"),\n\t\t\tAuthParameters: \u0026cloudwatch.EventConnectionAuthParametersArgs{\n\t\t\t\tBasic: \u0026cloudwatch.EventConnectionAuthParametersBasicArgs{\n\t\t\t\t\tUsername: pulumi.String(\"user\"),\n\t\t\t\t\tPassword: pulumi.String(\"Pass1234!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventConnection;\nimport com.pulumi.aws.cloudwatch.EventConnectionArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersBasicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EventConnection(\"test\", EventConnectionArgs.builder()\n .name(\"ngrok-connection\")\n .description(\"A connection description\")\n .authorizationType(\"BASIC\")\n .authParameters(EventConnectionAuthParametersArgs.builder()\n .basic(EventConnectionAuthParametersBasicArgs.builder()\n .username(\"user\")\n .password(\"Pass1234!\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudwatch:EventConnection\n properties:\n name: ngrok-connection\n description: A connection description\n authorizationType: BASIC\n authParameters:\n basic:\n username: user\n password: Pass1234!\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### OAuth Authorization\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudwatch.EventConnection(\"test\", {\n name: \"ngrok-connection\",\n description: \"A connection description\",\n authorizationType: \"OAUTH_CLIENT_CREDENTIALS\",\n authParameters: {\n oauth: {\n authorizationEndpoint: \"https://auth.url.com/endpoint\",\n httpMethod: \"GET\",\n clientParameters: {\n clientId: \"1234567890\",\n clientSecret: \"Pass1234!\",\n },\n oauthHttpParameters: {\n bodies: [{\n key: \"body-parameter-key\",\n value: \"body-parameter-value\",\n isValueSecret: false,\n }],\n headers: [{\n key: \"header-parameter-key\",\n value: \"header-parameter-value\",\n isValueSecret: false,\n }],\n queryStrings: [{\n key: \"query-string-parameter-key\",\n value: \"query-string-parameter-value\",\n isValueSecret: false,\n }],\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.EventConnection(\"test\",\n name=\"ngrok-connection\",\n description=\"A connection description\",\n authorization_type=\"OAUTH_CLIENT_CREDENTIALS\",\n auth_parameters={\n \"oauth\": {\n \"authorization_endpoint\": \"https://auth.url.com/endpoint\",\n \"http_method\": \"GET\",\n \"client_parameters\": {\n \"client_id\": \"1234567890\",\n \"client_secret\": \"Pass1234!\",\n },\n \"oauth_http_parameters\": {\n \"bodies\": [{\n \"key\": \"body-parameter-key\",\n \"value\": \"body-parameter-value\",\n \"is_value_secret\": False,\n }],\n \"headers\": [{\n \"key\": \"header-parameter-key\",\n \"value\": \"header-parameter-value\",\n \"is_value_secret\": False,\n }],\n \"query_strings\": [{\n \"key\": \"query-string-parameter-key\",\n \"value\": \"query-string-parameter-value\",\n \"is_value_secret\": False,\n }],\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudWatch.EventConnection(\"test\", new()\n {\n Name = \"ngrok-connection\",\n Description = \"A connection description\",\n AuthorizationType = \"OAUTH_CLIENT_CREDENTIALS\",\n AuthParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersArgs\n {\n Oauth = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthArgs\n {\n AuthorizationEndpoint = \"https://auth.url.com/endpoint\",\n HttpMethod = \"GET\",\n ClientParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthClientParametersArgs\n {\n ClientId = \"1234567890\",\n ClientSecret = \"Pass1234!\",\n },\n OauthHttpParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthOauthHttpParametersArgs\n {\n Bodies = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthOauthHttpParametersBodyArgs\n {\n Key = \"body-parameter-key\",\n Value = \"body-parameter-value\",\n IsValueSecret = false,\n },\n },\n Headers = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthOauthHttpParametersHeaderArgs\n {\n Key = \"header-parameter-key\",\n Value = \"header-parameter-value\",\n IsValueSecret = false,\n },\n },\n QueryStrings = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersOauthOauthHttpParametersQueryStringArgs\n {\n Key = \"query-string-parameter-key\",\n Value = \"query-string-parameter-value\",\n IsValueSecret = false,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventConnection(ctx, \"test\", \u0026cloudwatch.EventConnectionArgs{\n\t\t\tName: pulumi.String(\"ngrok-connection\"),\n\t\t\tDescription: pulumi.String(\"A connection description\"),\n\t\t\tAuthorizationType: pulumi.String(\"OAUTH_CLIENT_CREDENTIALS\"),\n\t\t\tAuthParameters: \u0026cloudwatch.EventConnectionAuthParametersArgs{\n\t\t\t\tOauth: \u0026cloudwatch.EventConnectionAuthParametersOauthArgs{\n\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://auth.url.com/endpoint\"),\n\t\t\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\t\t\tClientParameters: \u0026cloudwatch.EventConnectionAuthParametersOauthClientParametersArgs{\n\t\t\t\t\t\tClientId: pulumi.String(\"1234567890\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"Pass1234!\"),\n\t\t\t\t\t},\n\t\t\t\t\tOauthHttpParameters: \u0026cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersArgs{\n\t\t\t\t\t\tBodies: cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersBodyArray{\n\t\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersBodyArgs{\n\t\t\t\t\t\t\t\tKey: pulumi.String(\"body-parameter-key\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"body-parameter-value\"),\n\t\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tHeaders: cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersHeaderArray{\n\t\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersHeaderArgs{\n\t\t\t\t\t\t\t\tKey: pulumi.String(\"header-parameter-key\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"header-parameter-value\"),\n\t\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tQueryStrings: cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersQueryStringArray{\n\t\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersOauthOauthHttpParametersQueryStringArgs{\n\t\t\t\t\t\t\t\tKey: pulumi.String(\"query-string-parameter-key\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"query-string-parameter-value\"),\n\t\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventConnection;\nimport com.pulumi.aws.cloudwatch.EventConnectionArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersOauthArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersOauthClientParametersArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersOauthOauthHttpParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EventConnection(\"test\", EventConnectionArgs.builder()\n .name(\"ngrok-connection\")\n .description(\"A connection description\")\n .authorizationType(\"OAUTH_CLIENT_CREDENTIALS\")\n .authParameters(EventConnectionAuthParametersArgs.builder()\n .oauth(EventConnectionAuthParametersOauthArgs.builder()\n .authorizationEndpoint(\"https://auth.url.com/endpoint\")\n .httpMethod(\"GET\")\n .clientParameters(EventConnectionAuthParametersOauthClientParametersArgs.builder()\n .clientId(\"1234567890\")\n .clientSecret(\"Pass1234!\")\n .build())\n .oauthHttpParameters(EventConnectionAuthParametersOauthOauthHttpParametersArgs.builder()\n .bodies(EventConnectionAuthParametersOauthOauthHttpParametersBodyArgs.builder()\n .key(\"body-parameter-key\")\n .value(\"body-parameter-value\")\n .isValueSecret(false)\n .build())\n .headers(EventConnectionAuthParametersOauthOauthHttpParametersHeaderArgs.builder()\n .key(\"header-parameter-key\")\n .value(\"header-parameter-value\")\n .isValueSecret(false)\n .build())\n .queryStrings(EventConnectionAuthParametersOauthOauthHttpParametersQueryStringArgs.builder()\n .key(\"query-string-parameter-key\")\n .value(\"query-string-parameter-value\")\n .isValueSecret(false)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudwatch:EventConnection\n properties:\n name: ngrok-connection\n description: A connection description\n authorizationType: OAUTH_CLIENT_CREDENTIALS\n authParameters:\n oauth:\n authorizationEndpoint: https://auth.url.com/endpoint\n httpMethod: GET\n clientParameters:\n clientId: '1234567890'\n clientSecret: Pass1234!\n oauthHttpParameters:\n bodies:\n - key: body-parameter-key\n value: body-parameter-value\n isValueSecret: false\n headers:\n - key: header-parameter-key\n value: header-parameter-value\n isValueSecret: false\n queryStrings:\n - key: query-string-parameter-key\n value: query-string-parameter-value\n isValueSecret: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### Invocation Http Parameters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cloudwatch.EventConnection(\"test\", {\n name: \"ngrok-connection\",\n description: \"A connection description\",\n authorizationType: \"BASIC\",\n authParameters: {\n basic: {\n username: \"user\",\n password: \"Pass1234!\",\n },\n invocationHttpParameters: {\n bodies: [\n {\n key: \"body-parameter-key\",\n value: \"body-parameter-value\",\n isValueSecret: false,\n },\n {\n key: \"body-parameter-key2\",\n value: \"body-parameter-value2\",\n isValueSecret: true,\n },\n ],\n headers: [{\n key: \"header-parameter-key\",\n value: \"header-parameter-value\",\n isValueSecret: false,\n }],\n queryStrings: [{\n key: \"query-string-parameter-key\",\n value: \"query-string-parameter-value\",\n isValueSecret: false,\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.EventConnection(\"test\",\n name=\"ngrok-connection\",\n description=\"A connection description\",\n authorization_type=\"BASIC\",\n auth_parameters={\n \"basic\": {\n \"username\": \"user\",\n \"password\": \"Pass1234!\",\n },\n \"invocation_http_parameters\": {\n \"bodies\": [\n {\n \"key\": \"body-parameter-key\",\n \"value\": \"body-parameter-value\",\n \"is_value_secret\": False,\n },\n {\n \"key\": \"body-parameter-key2\",\n \"value\": \"body-parameter-value2\",\n \"is_value_secret\": True,\n },\n ],\n \"headers\": [{\n \"key\": \"header-parameter-key\",\n \"value\": \"header-parameter-value\",\n \"is_value_secret\": False,\n }],\n \"query_strings\": [{\n \"key\": \"query-string-parameter-key\",\n \"value\": \"query-string-parameter-value\",\n \"is_value_secret\": False,\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CloudWatch.EventConnection(\"test\", new()\n {\n Name = \"ngrok-connection\",\n Description = \"A connection description\",\n AuthorizationType = \"BASIC\",\n AuthParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersArgs\n {\n Basic = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersBasicArgs\n {\n Username = \"user\",\n Password = \"Pass1234!\",\n },\n InvocationHttpParameters = new Aws.CloudWatch.Inputs.EventConnectionAuthParametersInvocationHttpParametersArgs\n {\n Bodies = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersInvocationHttpParametersBodyArgs\n {\n Key = \"body-parameter-key\",\n Value = \"body-parameter-value\",\n IsValueSecret = false,\n },\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersInvocationHttpParametersBodyArgs\n {\n Key = \"body-parameter-key2\",\n Value = \"body-parameter-value2\",\n IsValueSecret = true,\n },\n },\n Headers = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersInvocationHttpParametersHeaderArgs\n {\n Key = \"header-parameter-key\",\n Value = \"header-parameter-value\",\n IsValueSecret = false,\n },\n },\n QueryStrings = new[]\n {\n new Aws.CloudWatch.Inputs.EventConnectionAuthParametersInvocationHttpParametersQueryStringArgs\n {\n Key = \"query-string-parameter-key\",\n Value = \"query-string-parameter-value\",\n IsValueSecret = false,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventConnection(ctx, \"test\", \u0026cloudwatch.EventConnectionArgs{\n\t\t\tName: pulumi.String(\"ngrok-connection\"),\n\t\t\tDescription: pulumi.String(\"A connection description\"),\n\t\t\tAuthorizationType: pulumi.String(\"BASIC\"),\n\t\t\tAuthParameters: \u0026cloudwatch.EventConnectionAuthParametersArgs{\n\t\t\t\tBasic: \u0026cloudwatch.EventConnectionAuthParametersBasicArgs{\n\t\t\t\t\tUsername: pulumi.String(\"user\"),\n\t\t\t\t\tPassword: pulumi.String(\"Pass1234!\"),\n\t\t\t\t},\n\t\t\t\tInvocationHttpParameters: \u0026cloudwatch.EventConnectionAuthParametersInvocationHttpParametersArgs{\n\t\t\t\t\tBodies: cloudwatch.EventConnectionAuthParametersInvocationHttpParametersBodyArray{\n\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersInvocationHttpParametersBodyArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"body-parameter-key\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"body-parameter-value\"),\n\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersInvocationHttpParametersBodyArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"body-parameter-key2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"body-parameter-value2\"),\n\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tHeaders: cloudwatch.EventConnectionAuthParametersInvocationHttpParametersHeaderArray{\n\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersInvocationHttpParametersHeaderArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"header-parameter-key\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"header-parameter-value\"),\n\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tQueryStrings: cloudwatch.EventConnectionAuthParametersInvocationHttpParametersQueryStringArray{\n\t\t\t\t\t\t\u0026cloudwatch.EventConnectionAuthParametersInvocationHttpParametersQueryStringArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"query-string-parameter-key\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"query-string-parameter-value\"),\n\t\t\t\t\t\t\tIsValueSecret: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventConnection;\nimport com.pulumi.aws.cloudwatch.EventConnectionArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersBasicArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventConnectionAuthParametersInvocationHttpParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EventConnection(\"test\", EventConnectionArgs.builder()\n .name(\"ngrok-connection\")\n .description(\"A connection description\")\n .authorizationType(\"BASIC\")\n .authParameters(EventConnectionAuthParametersArgs.builder()\n .basic(EventConnectionAuthParametersBasicArgs.builder()\n .username(\"user\")\n .password(\"Pass1234!\")\n .build())\n .invocationHttpParameters(EventConnectionAuthParametersInvocationHttpParametersArgs.builder()\n .bodies( \n EventConnectionAuthParametersInvocationHttpParametersBodyArgs.builder()\n .key(\"body-parameter-key\")\n .value(\"body-parameter-value\")\n .isValueSecret(false)\n .build(),\n EventConnectionAuthParametersInvocationHttpParametersBodyArgs.builder()\n .key(\"body-parameter-key2\")\n .value(\"body-parameter-value2\")\n .isValueSecret(true)\n .build())\n .headers(EventConnectionAuthParametersInvocationHttpParametersHeaderArgs.builder()\n .key(\"header-parameter-key\")\n .value(\"header-parameter-value\")\n .isValueSecret(false)\n .build())\n .queryStrings(EventConnectionAuthParametersInvocationHttpParametersQueryStringArgs.builder()\n .key(\"query-string-parameter-key\")\n .value(\"query-string-parameter-value\")\n .isValueSecret(false)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudwatch:EventConnection\n properties:\n name: ngrok-connection\n description: A connection description\n authorizationType: BASIC\n authParameters:\n basic:\n username: user\n password: Pass1234!\n invocationHttpParameters:\n bodies:\n - key: body-parameter-key\n value: body-parameter-value\n isValueSecret: false\n - key: body-parameter-key2\n value: body-parameter-value2\n isValueSecret: true\n headers:\n - key: header-parameter-key\n value: header-parameter-value\n isValueSecret: false\n queryStrings:\n - key: query-string-parameter-key\n value: query-string-parameter-value\n isValueSecret: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge EventBridge connection using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventConnection:EventConnection test ngrok-connection\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connection.\n" }, "authParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParameters:EventConnectionAuthParameters", "description": "Parameters used for authorization. A maximum of 1 are allowed. Documented below.\n" }, "authorizationType": { "type": "string", "description": "Choose the type of authorization to use for the connection. One of `API_KEY`,`BASIC`,`OAUTH_CLIENT_CREDENTIALS`.\n" }, "description": { "type": "string", "description": "Enter a description for the connection. Maximum of 512 characters.\n" }, "name": { "type": "string", "description": "The name of the new connection. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n" }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret created from the authorization parameters specified for the connection.\n" } }, "required": [ "arn", "authParameters", "authorizationType", "name", "secretArn" ], "inputProperties": { "authParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParameters:EventConnectionAuthParameters", "description": "Parameters used for authorization. A maximum of 1 are allowed. Documented below.\n" }, "authorizationType": { "type": "string", "description": "Choose the type of authorization to use for the connection. One of `API_KEY`,`BASIC`,`OAUTH_CLIENT_CREDENTIALS`.\n" }, "description": { "type": "string", "description": "Enter a description for the connection. Maximum of 512 characters.\n" }, "name": { "type": "string", "description": "The name of the new connection. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authParameters", "authorizationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventConnection resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connection.\n" }, "authParameters": { "$ref": "#/types/aws:cloudwatch/EventConnectionAuthParameters:EventConnectionAuthParameters", "description": "Parameters used for authorization. A maximum of 1 are allowed. Documented below.\n" }, "authorizationType": { "type": "string", "description": "Choose the type of authorization to use for the connection. One of `API_KEY`,`BASIC`,`OAUTH_CLIENT_CREDENTIALS`.\n" }, "description": { "type": "string", "description": "Enter a description for the connection. Maximum of 512 characters.\n" }, "name": { "type": "string", "description": "The name of the new connection. Maximum of 64 characters consisting of numbers, lower/upper case letters, .,-,_.\n", "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the secret created from the authorization parameters specified for the connection.\n" } }, "type": "object" } }, "aws:cloudwatch/eventEndpoint:EventEndpoint": { "description": "Provides a resource to create an EventBridge Global Endpoint.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _this = new aws.cloudwatch.EventEndpoint(\"this\", {\n name: \"global-endpoint\",\n roleArn: replication.arn,\n eventBuses: [\n {\n eventBusArn: primary.arn,\n },\n {\n eventBusArn: secondary.arn,\n },\n ],\n replicationConfig: {\n state: \"DISABLED\",\n },\n routingConfig: {\n failoverConfig: {\n primary: {\n healthCheck: primaryAwsRoute53HealthCheck.arn,\n },\n secondary: {\n route: \"us-east-2\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.cloudwatch.EventEndpoint(\"this\",\n name=\"global-endpoint\",\n role_arn=replication[\"arn\"],\n event_buses=[\n {\n \"event_bus_arn\": primary[\"arn\"],\n },\n {\n \"event_bus_arn\": secondary[\"arn\"],\n },\n ],\n replication_config={\n \"state\": \"DISABLED\",\n },\n routing_config={\n \"failover_config\": {\n \"primary\": {\n \"health_check\": primary_aws_route53_health_check[\"arn\"],\n },\n \"secondary\": {\n \"route\": \"us-east-2\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Aws.CloudWatch.EventEndpoint(\"this\", new()\n {\n Name = \"global-endpoint\",\n RoleArn = replication.Arn,\n EventBuses = new[]\n {\n new Aws.CloudWatch.Inputs.EventEndpointEventBusArgs\n {\n EventBusArn = primary.Arn,\n },\n new Aws.CloudWatch.Inputs.EventEndpointEventBusArgs\n {\n EventBusArn = secondary.Arn,\n },\n },\n ReplicationConfig = new Aws.CloudWatch.Inputs.EventEndpointReplicationConfigArgs\n {\n State = \"DISABLED\",\n },\n RoutingConfig = new Aws.CloudWatch.Inputs.EventEndpointRoutingConfigArgs\n {\n FailoverConfig = new Aws.CloudWatch.Inputs.EventEndpointRoutingConfigFailoverConfigArgs\n {\n Primary = new Aws.CloudWatch.Inputs.EventEndpointRoutingConfigFailoverConfigPrimaryArgs\n {\n HealthCheck = primaryAwsRoute53HealthCheck.Arn,\n },\n Secondary = new Aws.CloudWatch.Inputs.EventEndpointRoutingConfigFailoverConfigSecondaryArgs\n {\n Route = \"us-east-2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventEndpoint(ctx, \"this\", \u0026cloudwatch.EventEndpointArgs{\n\t\t\tName: pulumi.String(\"global-endpoint\"),\n\t\t\tRoleArn: pulumi.Any(replication.Arn),\n\t\t\tEventBuses: cloudwatch.EventEndpointEventBusArray{\n\t\t\t\t\u0026cloudwatch.EventEndpointEventBusArgs{\n\t\t\t\t\tEventBusArn: pulumi.Any(primary.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.EventEndpointEventBusArgs{\n\t\t\t\t\tEventBusArn: pulumi.Any(secondary.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicationConfig: \u0026cloudwatch.EventEndpointReplicationConfigArgs{\n\t\t\t\tState: pulumi.String(\"DISABLED\"),\n\t\t\t},\n\t\t\tRoutingConfig: \u0026cloudwatch.EventEndpointRoutingConfigArgs{\n\t\t\t\tFailoverConfig: \u0026cloudwatch.EventEndpointRoutingConfigFailoverConfigArgs{\n\t\t\t\t\tPrimary: \u0026cloudwatch.EventEndpointRoutingConfigFailoverConfigPrimaryArgs{\n\t\t\t\t\t\tHealthCheck: pulumi.Any(primaryAwsRoute53HealthCheck.Arn),\n\t\t\t\t\t},\n\t\t\t\t\tSecondary: \u0026cloudwatch.EventEndpointRoutingConfigFailoverConfigSecondaryArgs{\n\t\t\t\t\t\tRoute: pulumi.String(\"us-east-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventEndpoint;\nimport com.pulumi.aws.cloudwatch.EventEndpointArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointEventBusArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointReplicationConfigArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointRoutingConfigArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointRoutingConfigFailoverConfigArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointRoutingConfigFailoverConfigPrimaryArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventEndpointRoutingConfigFailoverConfigSecondaryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new EventEndpoint(\"this\", EventEndpointArgs.builder()\n .name(\"global-endpoint\")\n .roleArn(replication.arn())\n .eventBuses( \n EventEndpointEventBusArgs.builder()\n .eventBusArn(primary.arn())\n .build(),\n EventEndpointEventBusArgs.builder()\n .eventBusArn(secondary.arn())\n .build())\n .replicationConfig(EventEndpointReplicationConfigArgs.builder()\n .state(\"DISABLED\")\n .build())\n .routingConfig(EventEndpointRoutingConfigArgs.builder()\n .failoverConfig(EventEndpointRoutingConfigFailoverConfigArgs.builder()\n .primary(EventEndpointRoutingConfigFailoverConfigPrimaryArgs.builder()\n .healthCheck(primaryAwsRoute53HealthCheck.arn())\n .build())\n .secondary(EventEndpointRoutingConfigFailoverConfigSecondaryArgs.builder()\n .route(\"us-east-2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: aws:cloudwatch:EventEndpoint\n properties:\n name: global-endpoint\n roleArn: ${replication.arn}\n eventBuses:\n - eventBusArn: ${primary.arn}\n - eventBusArn: ${secondary.arn}\n replicationConfig:\n state: DISABLED\n routingConfig:\n failoverConfig:\n primary:\n healthCheck: ${primaryAwsRoute53HealthCheck.arn}\n secondary:\n route: us-east-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge Global Endpoints using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventEndpoint:EventEndpoint imported_endpoint example-endpoint\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the endpoint that was created.\n" }, "description": { "type": "string", "description": "A description of the global endpoint.\n" }, "endpointUrl": { "type": "string", "description": "The URL of the endpoint that was created.\n" }, "eventBuses": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventEndpointEventBus:EventEndpointEventBus" }, "description": "The event buses to use. The names of the event buses must be identical in each Region. Exactly two event buses are required. Documented below.\n" }, "name": { "type": "string", "description": "The name of the global endpoint.\n" }, "replicationConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointReplicationConfig:EventEndpointReplicationConfig", "description": "Parameters used for replication. Documented below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role used for replication between event buses.\n" }, "routingConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfig:EventEndpointRoutingConfig", "description": "Parameters used for routing, including the health check and secondary Region. Documented below.\n" } }, "required": [ "arn", "endpointUrl", "eventBuses", "name", "routingConfig" ], "inputProperties": { "description": { "type": "string", "description": "A description of the global endpoint.\n" }, "eventBuses": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventEndpointEventBus:EventEndpointEventBus" }, "description": "The event buses to use. The names of the event buses must be identical in each Region. Exactly two event buses are required. Documented below.\n" }, "name": { "type": "string", "description": "The name of the global endpoint.\n", "willReplaceOnChanges": true }, "replicationConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointReplicationConfig:EventEndpointReplicationConfig", "description": "Parameters used for replication. Documented below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role used for replication between event buses.\n" }, "routingConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfig:EventEndpointRoutingConfig", "description": "Parameters used for routing, including the health check and secondary Region. Documented below.\n" } }, "requiredInputs": [ "eventBuses", "routingConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the endpoint that was created.\n" }, "description": { "type": "string", "description": "A description of the global endpoint.\n" }, "endpointUrl": { "type": "string", "description": "The URL of the endpoint that was created.\n" }, "eventBuses": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventEndpointEventBus:EventEndpointEventBus" }, "description": "The event buses to use. The names of the event buses must be identical in each Region. Exactly two event buses are required. Documented below.\n" }, "name": { "type": "string", "description": "The name of the global endpoint.\n", "willReplaceOnChanges": true }, "replicationConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointReplicationConfig:EventEndpointReplicationConfig", "description": "Parameters used for replication. Documented below.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role used for replication between event buses.\n" }, "routingConfig": { "$ref": "#/types/aws:cloudwatch/EventEndpointRoutingConfig:EventEndpointRoutingConfig", "description": "Parameters used for routing, including the health check and secondary Region. Documented below.\n" } }, "type": "object" } }, "aws:cloudwatch/eventPermission:EventPermission": { "description": "Provides a resource to create an EventBridge permission to support cross-account events in the current account default event bus.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n\u003e **Note:** The EventBridge bus policy resource (`aws.cloudwatch.EventBusPolicy`) is incompatible with the EventBridge permission resource (`aws.cloudwatch.EventPermission`) and will overwrite permissions.\n\n## Example Usage\n\n### Account Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst devAccountAccess = new aws.cloudwatch.EventPermission(\"DevAccountAccess\", {\n principal: \"123456789012\",\n statementId: \"DevAccountAccess\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndev_account_access = aws.cloudwatch.EventPermission(\"DevAccountAccess\",\n principal=\"123456789012\",\n statement_id=\"DevAccountAccess\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var devAccountAccess = new Aws.CloudWatch.EventPermission(\"DevAccountAccess\", new()\n {\n Principal = \"123456789012\",\n StatementId = \"DevAccountAccess\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventPermission(ctx, \"DevAccountAccess\", \u0026cloudwatch.EventPermissionArgs{\n\t\t\tPrincipal: pulumi.String(\"123456789012\"),\n\t\t\tStatementId: pulumi.String(\"DevAccountAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventPermission;\nimport com.pulumi.aws.cloudwatch.EventPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var devAccountAccess = new EventPermission(\"devAccountAccess\", EventPermissionArgs.builder()\n .principal(\"123456789012\")\n .statementId(\"DevAccountAccess\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n devAccountAccess:\n type: aws:cloudwatch:EventPermission\n name: DevAccountAccess\n properties:\n principal: '123456789012'\n statementId: DevAccountAccess\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst organizationAccess = new aws.cloudwatch.EventPermission(\"OrganizationAccess\", {\n principal: \"*\",\n statementId: \"OrganizationAccess\",\n condition: {\n key: \"aws:PrincipalOrgID\",\n type: \"StringEquals\",\n value: example.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norganization_access = aws.cloudwatch.EventPermission(\"OrganizationAccess\",\n principal=\"*\",\n statement_id=\"OrganizationAccess\",\n condition={\n \"key\": \"aws:PrincipalOrgID\",\n \"type\": \"StringEquals\",\n \"value\": example[\"id\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var organizationAccess = new Aws.CloudWatch.EventPermission(\"OrganizationAccess\", new()\n {\n Principal = \"*\",\n StatementId = \"OrganizationAccess\",\n Condition = new Aws.CloudWatch.Inputs.EventPermissionConditionArgs\n {\n Key = \"aws:PrincipalOrgID\",\n Type = \"StringEquals\",\n Value = example.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewEventPermission(ctx, \"OrganizationAccess\", \u0026cloudwatch.EventPermissionArgs{\n\t\t\tPrincipal: pulumi.String(\"*\"),\n\t\t\tStatementId: pulumi.String(\"OrganizationAccess\"),\n\t\t\tCondition: \u0026cloudwatch.EventPermissionConditionArgs{\n\t\t\t\tKey: pulumi.String(\"aws:PrincipalOrgID\"),\n\t\t\t\tType: pulumi.String(\"StringEquals\"),\n\t\t\t\tValue: pulumi.Any(example.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventPermission;\nimport com.pulumi.aws.cloudwatch.EventPermissionArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventPermissionConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var organizationAccess = new EventPermission(\"organizationAccess\", EventPermissionArgs.builder()\n .principal(\"*\")\n .statementId(\"OrganizationAccess\")\n .condition(EventPermissionConditionArgs.builder()\n .key(\"aws:PrincipalOrgID\")\n .type(\"StringEquals\")\n .value(example.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n organizationAccess:\n type: aws:cloudwatch:EventPermission\n name: OrganizationAccess\n properties:\n principal: '*'\n statementId: OrganizationAccess\n condition:\n key: aws:PrincipalOrgID\n type: StringEquals\n value: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge permissions using the `event_bus_name/statement_id` (if you omit `event_bus_name`, the `default` event bus will be used). For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventPermission:EventPermission DevAccountAccess example-event-bus/DevAccountAccess\n```\n", "properties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n" }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n" } }, "required": [ "principal", "statementId" ], "inputProperties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "principal", "statementId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventPermission resources.\n", "properties": { "action": { "type": "string", "description": "The action that you are enabling the other account to perform. Defaults to `events:PutEvents`.\n" }, "condition": { "$ref": "#/types/aws:cloudwatch/EventPermissionCondition:EventPermissionCondition", "description": "Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.\n" }, "eventBusName": { "type": "string", "description": "The name of the event bus to set the permissions on.\nIf you omit this, the permissions are set on the `default` event bus.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify `*` to permit any account to put events to your default event bus, optionally limited by `condition`.\n" }, "statementId": { "type": "string", "description": "An identifier string for the external account that you are granting permissions to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/eventRule:EventRule": { "description": "Provides an EventBridge Rule resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst console = new aws.cloudwatch.EventRule(\"console\", {\n name: \"capture-aws-sign-in\",\n description: \"Capture each AWS Console Sign In\",\n eventPattern: JSON.stringify({\n \"detail-type\": [\"AWS Console Sign In via CloudTrail\"],\n }),\n});\nconst awsLogins = new aws.sns.Topic(\"aws_logins\", {name: \"aws-console-logins\"});\nconst sns = new aws.cloudwatch.EventTarget(\"sns\", {\n rule: console.name,\n targetId: \"SendToSNS\",\n arn: awsLogins.arn,\n});\nconst snsTopicPolicy = awsLogins.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"SNS:Publish\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"events.amazonaws.com\"],\n }],\n resources: [arn],\n }],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: awsLogins.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nconsole = aws.cloudwatch.EventRule(\"console\",\n name=\"capture-aws-sign-in\",\n description=\"Capture each AWS Console Sign In\",\n event_pattern=json.dumps({\n \"detail-type\": [\"AWS Console Sign In via CloudTrail\"],\n }))\naws_logins = aws.sns.Topic(\"aws_logins\", name=\"aws-console-logins\")\nsns = aws.cloudwatch.EventTarget(\"sns\",\n rule=console.name,\n target_id=\"SendToSNS\",\n arn=aws_logins.arn)\nsns_topic_policy = aws_logins.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"SNS:Publish\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"events.amazonaws.com\"],\n }],\n \"resources\": [arn],\n}]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=aws_logins.arn,\n policy=sns_topic_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var console = new Aws.CloudWatch.EventRule(\"console\", new()\n {\n Name = \"capture-aws-sign-in\",\n Description = \"Capture each AWS Console Sign In\",\n EventPattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"detail-type\"] = new[]\n {\n \"AWS Console Sign In via CloudTrail\",\n },\n }),\n });\n\n var awsLogins = new Aws.Sns.Topic(\"aws_logins\", new()\n {\n Name = \"aws-console-logins\",\n });\n\n var sns = new Aws.CloudWatch.EventTarget(\"sns\", new()\n {\n Rule = console.Name,\n TargetId = \"SendToSNS\",\n Arn = awsLogins.Arn,\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n awsLogins.Arn,\n },\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = awsLogins.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ntmpJSON0, err := json.Marshal(map[string]interface{}{\n\"detail-type\": []string{\n\"AWS Console Sign In via CloudTrail\",\n},\n})\nif err != nil {\nreturn err\n}\njson0 := string(tmpJSON0)\nconsole, err := cloudwatch.NewEventRule(ctx, \"console\", \u0026cloudwatch.EventRuleArgs{\nName: pulumi.String(\"capture-aws-sign-in\"),\nDescription: pulumi.String(\"Capture each AWS Console Sign In\"),\nEventPattern: pulumi.String(json0),\n})\nif err != nil {\nreturn err\n}\nawsLogins, err := sns.NewTopic(ctx, \"aws_logins\", \u0026sns.TopicArgs{\nName: pulumi.String(\"aws-console-logins\"),\n})\nif err != nil {\nreturn err\n}\n_, err = cloudwatch.NewEventTarget(ctx, \"sns\", \u0026cloudwatch.EventTargetArgs{\nRule: console.Name,\nTargetId: pulumi.String(\"SendToSNS\"),\nArn: awsLogins.Arn,\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := awsLogins.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nActions: []string{\n\"SNS:Publish\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"events.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\narn,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: awsLogins.Arn,\nPolicy: pulumi.String(snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var console = new EventRule(\"console\", EventRuleArgs.builder()\n .name(\"capture-aws-sign-in\")\n .description(\"Capture each AWS Console Sign In\")\n .eventPattern(serializeJson(\n jsonObject(\n jsonProperty(\"detail-type\", jsonArray(\"AWS Console Sign In via CloudTrail\"))\n )))\n .build());\n\n var awsLogins = new Topic(\"awsLogins\", TopicArgs.builder()\n .name(\"aws-console-logins\")\n .build());\n\n var sns = new EventTarget(\"sns\", EventTargetArgs.builder()\n .rule(console.name())\n .targetId(\"SendToSNS\")\n .arn(awsLogins.arn())\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"SNS:Publish\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"events.amazonaws.com\")\n .build())\n .resources(awsLogins.arn())\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder()\n .arn(awsLogins.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n console:\n type: aws:cloudwatch:EventRule\n properties:\n name: capture-aws-sign-in\n description: Capture each AWS Console Sign In\n eventPattern:\n fn::toJSON:\n detail-type:\n - AWS Console Sign In via CloudTrail\n sns:\n type: aws:cloudwatch:EventTarget\n properties:\n rule: ${console.name}\n targetId: SendToSNS\n arn: ${awsLogins.arn}\n awsLogins:\n type: aws:sns:Topic\n name: aws_logins\n properties:\n name: aws-console-logins\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${awsLogins.arn}\n policy: ${snsTopicPolicy.json}\nvariables:\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - SNS:Publish\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n resources:\n - ${awsLogins.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge Rules using the `event_bus_name/rule_name` (if you omit `event_bus_name`, the `default` event bus will be used). For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventRule:EventRule console example-event-bus/capture-console-sign-in\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with this rule.\nIf you omit this, the `default` event bus is used.\n" }, "eventPattern": { "type": "string", "description": "The event pattern described a JSON object. At least one of `schedule_expression` or `event_pattern` is required. See full documentation of [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) for details. **Note**: The event pattern size is 2048 by default but it is adjustable up to 4096 characters by submitting a service quota increase request. See [Amazon EventBridge quotas](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-quota.html) for details.\n" }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled.\nDefaults to `true`.\nConflicts with `state`.\n", "deprecationMessage": "Use \"state\" instead" }, "name": { "type": "string", "description": "The name of the rule. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. **Note**: Due to the length of the generated suffix, must be 38 characters or less.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression. For example, `cron(0 20 * * ? *)` or `rate(5 minutes)`. At least one of `schedule_expression` or `event_pattern` is required. Can only be used on the default event bus. For more information, refer to the AWS documentation [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html).\n" }, "state": { "type": "string", "description": "State of the rule.\nValid values are `DISABLED`, `ENABLED`, and `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nWhen state is `ENABLED`, the rule is enabled for all events except those delivered by CloudTrail.\nTo also enable the rule for events delivered by CloudTrail, set `state` to `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nDefaults to `ENABLED`.\nConflicts with `is_enabled`.\n\n**NOTE:** The rule state `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` cannot be used in conjunction with the `schedule_expression` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the rule.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with this rule.\nIf you omit this, the `default` event bus is used.\n", "willReplaceOnChanges": true }, "eventPattern": { "type": "string", "description": "The event pattern described a JSON object. At least one of `schedule_expression` or `event_pattern` is required. See full documentation of [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) for details. **Note**: The event pattern size is 2048 by default but it is adjustable up to 4096 characters by submitting a service quota increase request. See [Amazon EventBridge quotas](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-quota.html) for details.\n" }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled.\nDefaults to `true`.\nConflicts with `state`.\n", "deprecationMessage": "Use \"state\" instead" }, "name": { "type": "string", "description": "The name of the rule. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. **Note**: Due to the length of the generated suffix, must be 38 characters or less.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression. For example, `cron(0 20 * * ? *)` or `rate(5 minutes)`. At least one of `schedule_expression` or `event_pattern` is required. Can only be used on the default event bus. For more information, refer to the AWS documentation [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html).\n" }, "state": { "type": "string", "description": "State of the rule.\nValid values are `DISABLED`, `ENABLED`, and `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nWhen state is `ENABLED`, the rule is enabled for all events except those delivered by CloudTrail.\nTo also enable the rule for events delivered by CloudTrail, set `state` to `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nDefaults to `ENABLED`.\nConflicts with `is_enabled`.\n\n**NOTE:** The rule state `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` cannot be used in conjunction with the `schedule_expression` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EventRule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with this rule.\nIf you omit this, the `default` event bus is used.\n", "willReplaceOnChanges": true }, "eventPattern": { "type": "string", "description": "The event pattern described a JSON object. At least one of `schedule_expression` or `event_pattern` is required. See full documentation of [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) for details. **Note**: The event pattern size is 2048 by default but it is adjustable up to 4096 characters by submitting a service quota increase request. See [Amazon EventBridge quotas](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-quota.html) for details.\n" }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Whether the rule should be enabled.\nDefaults to `true`.\nConflicts with `state`.\n", "deprecationMessage": "Use \"state\" instead" }, "name": { "type": "string", "description": "The name of the rule. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. **Note**: Due to the length of the generated suffix, must be 38 characters or less.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) associated with the role that is used for target invocation.\n" }, "scheduleExpression": { "type": "string", "description": "The scheduling expression. For example, `cron(0 20 * * ? *)` or `rate(5 minutes)`. At least one of `schedule_expression` or `event_pattern` is required. Can only be used on the default event bus. For more information, refer to the AWS documentation [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html).\n" }, "state": { "type": "string", "description": "State of the rule.\nValid values are `DISABLED`, `ENABLED`, and `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nWhen state is `ENABLED`, the rule is enabled for all events except those delivered by CloudTrail.\nTo also enable the rule for events delivered by CloudTrail, set `state` to `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS`.\nDefaults to `ENABLED`.\nConflicts with `is_enabled`.\n\n**NOTE:** The rule state `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` cannot be used in conjunction with the `schedule_expression` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/eventTarget:EventTarget": { "description": "Provides an EventBridge Target resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Kinesis Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst console = new aws.cloudwatch.EventRule(\"console\", {\n name: \"capture-ec2-scaling-events\",\n description: \"Capture all EC2 scaling events\",\n eventPattern: JSON.stringify({\n source: [\"aws.autoscaling\"],\n \"detail-type\": [\n \"EC2 Instance Launch Successful\",\n \"EC2 Instance Terminate Successful\",\n \"EC2 Instance Launch Unsuccessful\",\n \"EC2 Instance Terminate Unsuccessful\",\n ],\n }),\n});\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n name: \"kinesis-test\",\n shardCount: 1,\n});\nconst yada = new aws.cloudwatch.EventTarget(\"yada\", {\n targetId: \"Yada\",\n rule: console.name,\n arn: testStream.arn,\n runCommandTargets: [\n {\n key: \"tag:Name\",\n values: [\"FooBar\"],\n },\n {\n key: \"InstanceIds\",\n values: [\"i-162058cd308bffec2\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nconsole = aws.cloudwatch.EventRule(\"console\",\n name=\"capture-ec2-scaling-events\",\n description=\"Capture all EC2 scaling events\",\n event_pattern=json.dumps({\n \"source\": [\"aws.autoscaling\"],\n \"detail-type\": [\n \"EC2 Instance Launch Successful\",\n \"EC2 Instance Terminate Successful\",\n \"EC2 Instance Launch Unsuccessful\",\n \"EC2 Instance Terminate Unsuccessful\",\n ],\n }))\ntest_stream = aws.kinesis.Stream(\"test_stream\",\n name=\"kinesis-test\",\n shard_count=1)\nyada = aws.cloudwatch.EventTarget(\"yada\",\n target_id=\"Yada\",\n rule=console.name,\n arn=test_stream.arn,\n run_command_targets=[\n {\n \"key\": \"tag:Name\",\n \"values\": [\"FooBar\"],\n },\n {\n \"key\": \"InstanceIds\",\n \"values\": [\"i-162058cd308bffec2\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var console = new Aws.CloudWatch.EventRule(\"console\", new()\n {\n Name = \"capture-ec2-scaling-events\",\n Description = \"Capture all EC2 scaling events\",\n EventPattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"aws.autoscaling\",\n },\n [\"detail-type\"] = new[]\n {\n \"EC2 Instance Launch Successful\",\n \"EC2 Instance Terminate Successful\",\n \"EC2 Instance Launch Unsuccessful\",\n \"EC2 Instance Terminate Unsuccessful\",\n },\n }),\n });\n\n var testStream = new Aws.Kinesis.Stream(\"test_stream\", new()\n {\n Name = \"kinesis-test\",\n ShardCount = 1,\n });\n\n var yada = new Aws.CloudWatch.EventTarget(\"yada\", new()\n {\n TargetId = \"Yada\",\n Rule = console.Name,\n Arn = testStream.Arn,\n RunCommandTargets = new[]\n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Name\",\n Values = new[]\n {\n \"FooBar\",\n },\n },\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n \"i-162058cd308bffec2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"aws.autoscaling\",\n\t\t\t},\n\t\t\t\"detail-type\": []string{\n\t\t\t\t\"EC2 Instance Launch Successful\",\n\t\t\t\t\"EC2 Instance Terminate Successful\",\n\t\t\t\t\"EC2 Instance Launch Unsuccessful\",\n\t\t\t\t\"EC2 Instance Terminate Unsuccessful\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tconsole, err := cloudwatch.NewEventRule(ctx, \"console\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tName: pulumi.String(\"capture-ec2-scaling-events\"),\n\t\t\tDescription: pulumi.String(\"Capture all EC2 scaling events\"),\n\t\t\tEventPattern: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStream, err := kinesis.NewStream(ctx, \"test_stream\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-test\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"yada\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tTargetId: pulumi.String(\"Yada\"),\n\t\t\tRule: console.Name,\n\t\t\tArn: testStream.Arn,\n\t\t\tRunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Name\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"FooBar\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"i-162058cd308bffec2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var console = new EventRule(\"console\", EventRuleArgs.builder()\n .name(\"capture-ec2-scaling-events\")\n .description(\"Capture all EC2 scaling events\")\n .eventPattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"aws.autoscaling\")),\n jsonProperty(\"detail-type\", jsonArray(\n \"EC2 Instance Launch Successful\", \n \"EC2 Instance Terminate Successful\", \n \"EC2 Instance Launch Unsuccessful\", \n \"EC2 Instance Terminate Unsuccessful\"\n ))\n )))\n .build());\n\n var testStream = new Stream(\"testStream\", StreamArgs.builder()\n .name(\"kinesis-test\")\n .shardCount(1)\n .build());\n\n var yada = new EventTarget(\"yada\", EventTargetArgs.builder()\n .targetId(\"Yada\")\n .rule(console.name())\n .arn(testStream.arn())\n .runCommandTargets( \n EventTargetRunCommandTargetArgs.builder()\n .key(\"tag:Name\")\n .values(\"FooBar\")\n .build(),\n EventTargetRunCommandTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(\"i-162058cd308bffec2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n yada:\n type: aws:cloudwatch:EventTarget\n properties:\n targetId: Yada\n rule: ${console.name}\n arn: ${testStream.arn}\n runCommandTargets:\n - key: tag:Name\n values:\n - FooBar\n - key: InstanceIds\n values:\n - i-162058cd308bffec2\n console:\n type: aws:cloudwatch:EventRule\n properties:\n name: capture-ec2-scaling-events\n description: Capture all EC2 scaling events\n eventPattern:\n fn::toJSON:\n source:\n - aws.autoscaling\n detail-type:\n - EC2 Instance Launch Successful\n - EC2 Instance Terminate Successful\n - EC2 Instance Launch Unsuccessful\n - EC2 Instance Terminate Unsuccessful\n testStream:\n type: aws:kinesis:Stream\n name: test_stream\n properties:\n name: kinesis-test\n shardCount: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SSM Document Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ssmLifecycleTrust = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"events.amazonaws.com\"],\n }],\n }],\n});\nconst stopInstance = new aws.ssm.Document(\"stop_instance\", {\n name: \"stop_instance\",\n documentType: \"Command\",\n content: JSON.stringify({\n schemaVersion: \"1.2\",\n description: \"Stop an instance\",\n parameters: {},\n runtimeConfig: {\n \"aws:runShellScript\": {\n properties: [{\n id: \"0.aws:runShellScript\",\n runCommand: [\"halt\"],\n }],\n },\n },\n }),\n});\nconst ssmLifecycle = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"ssm:SendCommand\"],\n resources: [\"arn:aws:ec2:eu-west-1:1234567890:instance/*\"],\n conditions: [{\n test: \"StringEquals\",\n variable: \"ec2:ResourceTag/Terminate\",\n values: [\"*\"],\n }],\n },\n {\n effect: \"Allow\",\n actions: [\"ssm:SendCommand\"],\n resources: [stopInstance.arn],\n },\n ],\n});\nconst ssmLifecycleRole = new aws.iam.Role(\"ssm_lifecycle\", {\n name: \"SSMLifecycle\",\n assumeRolePolicy: ssmLifecycleTrust.then(ssmLifecycleTrust =\u003e ssmLifecycleTrust.json),\n});\nconst ssmLifecyclePolicy = new aws.iam.Policy(\"ssm_lifecycle\", {\n name: \"SSMLifecycle\",\n policy: ssmLifecycle.apply(ssmLifecycle =\u003e ssmLifecycle.json),\n});\nconst ssmLifecycleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"ssm_lifecycle\", {\n policyArn: ssmLifecyclePolicy.arn,\n role: ssmLifecycleRole.name,\n});\nconst stopInstances = new aws.cloudwatch.EventRule(\"stop_instances\", {\n name: \"StopInstance\",\n description: \"Stop instances nightly\",\n scheduleExpression: \"cron(0 0 * * ? *)\",\n});\nconst stopInstancesEventTarget = new aws.cloudwatch.EventTarget(\"stop_instances\", {\n targetId: \"StopInstance\",\n arn: stopInstance.arn,\n rule: stopInstances.name,\n roleArn: ssmLifecycleRole.arn,\n runCommandTargets: [{\n key: \"tag:Terminate\",\n values: [\"midnight\"],\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nssm_lifecycle_trust = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"events.amazonaws.com\"],\n }],\n}])\nstop_instance = aws.ssm.Document(\"stop_instance\",\n name=\"stop_instance\",\n document_type=\"Command\",\n content=json.dumps({\n \"schemaVersion\": \"1.2\",\n \"description\": \"Stop an instance\",\n \"parameters\": {},\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [{\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"halt\"],\n }],\n },\n },\n }))\nssm_lifecycle = aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ssm:SendCommand\"],\n \"resources\": [\"arn:aws:ec2:eu-west-1:1234567890:instance/*\"],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"ec2:ResourceTag/Terminate\",\n \"values\": [\"*\"],\n }],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ssm:SendCommand\"],\n \"resources\": [stop_instance.arn],\n },\n])\nssm_lifecycle_role = aws.iam.Role(\"ssm_lifecycle\",\n name=\"SSMLifecycle\",\n assume_role_policy=ssm_lifecycle_trust.json)\nssm_lifecycle_policy = aws.iam.Policy(\"ssm_lifecycle\",\n name=\"SSMLifecycle\",\n policy=ssm_lifecycle.json)\nssm_lifecycle_role_policy_attachment = aws.iam.RolePolicyAttachment(\"ssm_lifecycle\",\n policy_arn=ssm_lifecycle_policy.arn,\n role=ssm_lifecycle_role.name)\nstop_instances = aws.cloudwatch.EventRule(\"stop_instances\",\n name=\"StopInstance\",\n description=\"Stop instances nightly\",\n schedule_expression=\"cron(0 0 * * ? *)\")\nstop_instances_event_target = aws.cloudwatch.EventTarget(\"stop_instances\",\n target_id=\"StopInstance\",\n arn=stop_instance.arn,\n rule=stop_instances.name,\n role_arn=ssm_lifecycle_role.arn,\n run_command_targets=[{\n \"key\": \"tag:Terminate\",\n \"values\": [\"midnight\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ssmLifecycleTrust = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var stopInstance = new Aws.Ssm.Document(\"stop_instance\", new()\n {\n Name = \"stop_instance\",\n DocumentType = \"Command\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"schemaVersion\"] = \"1.2\",\n [\"description\"] = \"Stop an instance\",\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"runtimeConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:runShellScript\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"properties\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"id\"] = \"0.aws:runShellScript\",\n [\"runCommand\"] = new[]\n {\n \"halt\",\n },\n },\n },\n },\n },\n }),\n });\n\n var ssmLifecycle = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ssm:SendCommand\",\n },\n Resources = new[]\n {\n \"arn:aws:ec2:eu-west-1:1234567890:instance/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"ec2:ResourceTag/Terminate\",\n Values = new[]\n {\n \"*\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ssm:SendCommand\",\n },\n Resources = new[]\n {\n stopInstance.Arn,\n },\n },\n },\n });\n\n var ssmLifecycleRole = new Aws.Iam.Role(\"ssm_lifecycle\", new()\n {\n Name = \"SSMLifecycle\",\n AssumeRolePolicy = ssmLifecycleTrust.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ssmLifecyclePolicy = new Aws.Iam.Policy(\"ssm_lifecycle\", new()\n {\n Name = \"SSMLifecycle\",\n PolicyDocument = ssmLifecycle.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ssmLifecycleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"ssm_lifecycle\", new()\n {\n PolicyArn = ssmLifecyclePolicy.Arn,\n Role = ssmLifecycleRole.Name,\n });\n\n var stopInstances = new Aws.CloudWatch.EventRule(\"stop_instances\", new()\n {\n Name = \"StopInstance\",\n Description = \"Stop instances nightly\",\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n });\n\n var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget(\"stop_instances\", new()\n {\n TargetId = \"StopInstance\",\n Arn = stopInstance.Arn,\n Rule = stopInstances.Name,\n RoleArn = ssmLifecycleRole.Arn,\n RunCommandTargets = new[]\n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Terminate\",\n Values = new[]\n {\n \"midnight\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tssmLifecycleTrust, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"events.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"schemaVersion\": \"1.2\",\n\t\t\t\"description\": \"Stop an instance\",\n\t\t\t\"parameters\": nil,\n\t\t\t\"runtimeConfig\": map[string]interface{}{\n\t\t\t\t\"aws:runShellScript\": map[string]interface{}{\n\t\t\t\t\t\"properties\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"id\": \"0.aws:runShellScript\",\n\t\t\t\t\t\t\t\"runCommand\": []string{\n\t\t\t\t\t\t\t\t\"halt\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tstopInstance, err := ssm.NewDocument(ctx, \"stop_instance\", \u0026ssm.DocumentArgs{\n\t\t\tName: pulumi.String(\"stop_instance\"),\n\t\t\tDocumentType: pulumi.String(\"Command\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tssmLifecycle := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ssm:SendCommand\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:ec2:eu-west-1:1234567890:instance/*\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"ec2:ResourceTag/Terminate\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ssm:SendCommand\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tstopInstance.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tssmLifecycleRole, err := iam.NewRole(ctx, \"ssm_lifecycle\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"SSMLifecycle\"),\n\t\t\tAssumeRolePolicy: pulumi.String(ssmLifecycleTrust.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tssmLifecyclePolicy, err := iam.NewPolicy(ctx, \"ssm_lifecycle\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"SSMLifecycle\"),\n\t\t\tPolicy: pulumi.String(ssmLifecycle.ApplyT(func(ssmLifecycle iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026ssmLifecycle.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ssm_lifecycle\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: ssmLifecyclePolicy.Arn,\n\t\t\tRole: ssmLifecycleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstopInstances, err := cloudwatch.NewEventRule(ctx, \"stop_instances\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tName: pulumi.String(\"StopInstance\"),\n\t\t\tDescription: pulumi.String(\"Stop instances nightly\"),\n\t\t\tScheduleExpression: pulumi.String(\"cron(0 0 * * ? *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"stop_instances\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tTargetId: pulumi.String(\"StopInstance\"),\n\t\t\tArn: stopInstance.Arn,\n\t\t\tRule: stopInstances.Name,\n\t\t\tRoleArn: ssmLifecycleRole.Arn,\n\t\t\tRunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Terminate\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"midnight\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ssm.Document;\nimport com.pulumi.aws.ssm.DocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ssmLifecycleTrust = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"events.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var stopInstance = new Document(\"stopInstance\", DocumentArgs.builder()\n .name(\"stop_instance\")\n .documentType(\"Command\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"schemaVersion\", \"1.2\"),\n jsonProperty(\"description\", \"Stop an instance\"),\n jsonProperty(\"parameters\", jsonObject(\n\n )),\n jsonProperty(\"runtimeConfig\", jsonObject(\n jsonProperty(\"aws:runShellScript\", jsonObject(\n jsonProperty(\"properties\", jsonArray(jsonObject(\n jsonProperty(\"id\", \"0.aws:runShellScript\"),\n jsonProperty(\"runCommand\", jsonArray(\"halt\"))\n )))\n ))\n ))\n )))\n .build());\n\n final var ssmLifecycle = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ssm:SendCommand\")\n .resources(\"arn:aws:ec2:eu-west-1:1234567890:instance/*\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"ec2:ResourceTag/Terminate\")\n .values(\"*\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ssm:SendCommand\")\n .resources(stopInstance.arn())\n .build())\n .build());\n\n var ssmLifecycleRole = new Role(\"ssmLifecycleRole\", RoleArgs.builder()\n .name(\"SSMLifecycle\")\n .assumeRolePolicy(ssmLifecycleTrust.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ssmLifecyclePolicy = new Policy(\"ssmLifecyclePolicy\", PolicyArgs.builder()\n .name(\"SSMLifecycle\")\n .policy(ssmLifecycle.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(ssmLifecycle -\u003e ssmLifecycle.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var ssmLifecycleRolePolicyAttachment = new RolePolicyAttachment(\"ssmLifecycleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .policyArn(ssmLifecyclePolicy.arn())\n .role(ssmLifecycleRole.name())\n .build());\n\n var stopInstances = new EventRule(\"stopInstances\", EventRuleArgs.builder()\n .name(\"StopInstance\")\n .description(\"Stop instances nightly\")\n .scheduleExpression(\"cron(0 0 * * ? *)\")\n .build());\n\n var stopInstancesEventTarget = new EventTarget(\"stopInstancesEventTarget\", EventTargetArgs.builder()\n .targetId(\"StopInstance\")\n .arn(stopInstance.arn())\n .rule(stopInstances.name())\n .roleArn(ssmLifecycleRole.arn())\n .runCommandTargets(EventTargetRunCommandTargetArgs.builder()\n .key(\"tag:Terminate\")\n .values(\"midnight\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ssmLifecycleRole:\n type: aws:iam:Role\n name: ssm_lifecycle\n properties:\n name: SSMLifecycle\n assumeRolePolicy: ${ssmLifecycleTrust.json}\n ssmLifecyclePolicy:\n type: aws:iam:Policy\n name: ssm_lifecycle\n properties:\n name: SSMLifecycle\n policy: ${ssmLifecycle.json}\n ssmLifecycleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: ssm_lifecycle\n properties:\n policyArn: ${ssmLifecyclePolicy.arn}\n role: ${ssmLifecycleRole.name}\n stopInstance:\n type: aws:ssm:Document\n name: stop_instance\n properties:\n name: stop_instance\n documentType: Command\n content:\n fn::toJSON:\n schemaVersion: '1.2'\n description: Stop an instance\n parameters: {}\n runtimeConfig:\n aws:runShellScript:\n properties:\n - id: 0.aws:runShellScript\n runCommand:\n - halt\n stopInstances:\n type: aws:cloudwatch:EventRule\n name: stop_instances\n properties:\n name: StopInstance\n description: Stop instances nightly\n scheduleExpression: cron(0 0 * * ? *)\n stopInstancesEventTarget:\n type: aws:cloudwatch:EventTarget\n name: stop_instances\n properties:\n targetId: StopInstance\n arn: ${stopInstance.arn}\n rule: ${stopInstances.name}\n roleArn: ${ssmLifecycleRole.arn}\n runCommandTargets:\n - key: tag:Terminate\n values:\n - midnight\nvariables:\n ssmLifecycleTrust:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n ssmLifecycle:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ssm:SendCommand\n resources:\n - arn:aws:ec2:eu-west-1:1234567890:instance/*\n conditions:\n - test: StringEquals\n variable: ec2:ResourceTag/Terminate\n values:\n - '*'\n - effect: Allow\n actions:\n - ssm:SendCommand\n resources:\n - ${stopInstance.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RunCommand Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst stopInstances = new aws.cloudwatch.EventRule(\"stop_instances\", {\n name: \"StopInstance\",\n description: \"Stop instances nightly\",\n scheduleExpression: \"cron(0 0 * * ? *)\",\n});\nconst stopInstancesEventTarget = new aws.cloudwatch.EventTarget(\"stop_instances\", {\n targetId: \"StopInstance\",\n arn: `arn:aws:ssm:${awsRegion}::document/AWS-RunShellScript`,\n input: \"{\\\"commands\\\":[\\\"halt\\\"]}\",\n rule: stopInstances.name,\n roleArn: ssmLifecycle.arn,\n runCommandTargets: [{\n key: \"tag:Terminate\",\n values: [\"midnight\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstop_instances = aws.cloudwatch.EventRule(\"stop_instances\",\n name=\"StopInstance\",\n description=\"Stop instances nightly\",\n schedule_expression=\"cron(0 0 * * ? *)\")\nstop_instances_event_target = aws.cloudwatch.EventTarget(\"stop_instances\",\n target_id=\"StopInstance\",\n arn=f\"arn:aws:ssm:{aws_region}::document/AWS-RunShellScript\",\n input=\"{\\\"commands\\\":[\\\"halt\\\"]}\",\n rule=stop_instances.name,\n role_arn=ssm_lifecycle[\"arn\"],\n run_command_targets=[{\n \"key\": \"tag:Terminate\",\n \"values\": [\"midnight\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var stopInstances = new Aws.CloudWatch.EventRule(\"stop_instances\", new()\n {\n Name = \"StopInstance\",\n Description = \"Stop instances nightly\",\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n });\n\n var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget(\"stop_instances\", new()\n {\n TargetId = \"StopInstance\",\n Arn = $\"arn:aws:ssm:{awsRegion}::document/AWS-RunShellScript\",\n Input = \"{\\\"commands\\\":[\\\"halt\\\"]}\",\n Rule = stopInstances.Name,\n RoleArn = ssmLifecycle.Arn,\n RunCommandTargets = new[]\n {\n new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs\n {\n Key = \"tag:Terminate\",\n Values = new[]\n {\n \"midnight\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tstopInstances, err := cloudwatch.NewEventRule(ctx, \"stop_instances\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tName: pulumi.String(\"StopInstance\"),\n\t\t\tDescription: pulumi.String(\"Stop instances nightly\"),\n\t\t\tScheduleExpression: pulumi.String(\"cron(0 0 * * ? *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"stop_instances\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tTargetId: pulumi.String(\"StopInstance\"),\n\t\t\tArn: pulumi.String(fmt.Sprintf(\"arn:aws:ssm:%v::document/AWS-RunShellScript\", awsRegion)),\n\t\t\tInput: pulumi.String(\"{\\\"commands\\\":[\\\"halt\\\"]}\"),\n\t\t\tRule: stopInstances.Name,\n\t\t\tRoleArn: pulumi.Any(ssmLifecycle.Arn),\n\t\t\tRunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{\n\t\t\t\t\u0026cloudwatch.EventTargetRunCommandTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Terminate\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"midnight\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var stopInstances = new EventRule(\"stopInstances\", EventRuleArgs.builder()\n .name(\"StopInstance\")\n .description(\"Stop instances nightly\")\n .scheduleExpression(\"cron(0 0 * * ? *)\")\n .build());\n\n var stopInstancesEventTarget = new EventTarget(\"stopInstancesEventTarget\", EventTargetArgs.builder()\n .targetId(\"StopInstance\")\n .arn(String.format(\"arn:aws:ssm:%s::document/AWS-RunShellScript\", awsRegion))\n .input(\"{\\\"commands\\\":[\\\"halt\\\"]}\")\n .rule(stopInstances.name())\n .roleArn(ssmLifecycle.arn())\n .runCommandTargets(EventTargetRunCommandTargetArgs.builder()\n .key(\"tag:Terminate\")\n .values(\"midnight\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n stopInstances:\n type: aws:cloudwatch:EventRule\n name: stop_instances\n properties:\n name: StopInstance\n description: Stop instances nightly\n scheduleExpression: cron(0 0 * * ? *)\n stopInstancesEventTarget:\n type: aws:cloudwatch:EventTarget\n name: stop_instances\n properties:\n targetId: StopInstance\n arn: arn:aws:ssm:${awsRegion}::document/AWS-RunShellScript\n input: '{\"commands\":[\"halt\"]}'\n rule: ${stopInstances.name}\n roleArn: ${ssmLifecycle.arn}\n runCommandTargets:\n - key: tag:Terminate\n values:\n - midnight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ECS Run Task with Role and Task Override Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"events.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst ecsEvents = new aws.iam.Role(\"ecs_events\", {\n name: \"ecs_events\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst ecsEventsRunTaskWithAnyRole = std.replace({\n text: taskName.arn,\n search: \"/:\\\\d+$/\",\n replace: \":*\",\n}).then(invoke =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"iam:PassRole\"],\n resources: [\"*\"],\n },\n {\n effect: \"Allow\",\n actions: [\"ecs:RunTask\"],\n resources: [invoke.result],\n },\n ],\n}));\nconst ecsEventsRunTaskWithAnyRoleRolePolicy = new aws.iam.RolePolicy(\"ecs_events_run_task_with_any_role\", {\n name: \"ecs_events_run_task_with_any_role\",\n role: ecsEvents.id,\n policy: ecsEventsRunTaskWithAnyRole.then(ecsEventsRunTaskWithAnyRole =\u003e ecsEventsRunTaskWithAnyRole.json),\n});\nconst ecsScheduledTask = new aws.cloudwatch.EventTarget(\"ecs_scheduled_task\", {\n targetId: \"run-scheduled-task-every-hour\",\n arn: clusterName.arn,\n rule: everyHour.name,\n roleArn: ecsEvents.arn,\n ecsTarget: {\n taskCount: 1,\n taskDefinitionArn: taskName.arn,\n },\n input: JSON.stringify({\n containerOverrides: [{\n name: \"name-of-container-to-override\",\n command: [\n \"bin/console\",\n \"scheduled-task\",\n ],\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"events.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\necs_events = aws.iam.Role(\"ecs_events\",\n name=\"ecs_events\",\n assume_role_policy=assume_role.json)\necs_events_run_task_with_any_role = aws.iam.get_policy_document(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\"iam:PassRole\"],\n \"resources\": [\"*\"],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ecs:RunTask\"],\n \"resources\": [std.replace(text=task_name[\"arn\"],\n search=\"/:\\\\d+$/\",\n replace=\":*\").result],\n },\n])\necs_events_run_task_with_any_role_role_policy = aws.iam.RolePolicy(\"ecs_events_run_task_with_any_role\",\n name=\"ecs_events_run_task_with_any_role\",\n role=ecs_events.id,\n policy=ecs_events_run_task_with_any_role.json)\necs_scheduled_task = aws.cloudwatch.EventTarget(\"ecs_scheduled_task\",\n target_id=\"run-scheduled-task-every-hour\",\n arn=cluster_name[\"arn\"],\n rule=every_hour[\"name\"],\n role_arn=ecs_events.arn,\n ecs_target={\n \"task_count\": 1,\n \"task_definition_arn\": task_name[\"arn\"],\n },\n input=json.dumps({\n \"containerOverrides\": [{\n \"name\": \"name-of-container-to-override\",\n \"command\": [\n \"bin/console\",\n \"scheduled-task\",\n ],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var ecsEvents = new Aws.Iam.Role(\"ecs_events\", new()\n {\n Name = \"ecs_events\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsEventsRunTaskWithAnyRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"iam:PassRole\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ecs:RunTask\",\n },\n Resources = new[]\n {\n Std.Replace.Invoke(new()\n {\n Text = taskName.Arn,\n Search = \"/:\\\\d+$/\",\n Replace = \":*\",\n }).Result,\n },\n },\n },\n });\n\n var ecsEventsRunTaskWithAnyRoleRolePolicy = new Aws.Iam.RolePolicy(\"ecs_events_run_task_with_any_role\", new()\n {\n Name = \"ecs_events_run_task_with_any_role\",\n Role = ecsEvents.Id,\n Policy = ecsEventsRunTaskWithAnyRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsScheduledTask = new Aws.CloudWatch.EventTarget(\"ecs_scheduled_task\", new()\n {\n TargetId = \"run-scheduled-task-every-hour\",\n Arn = clusterName.Arn,\n Rule = everyHour.Name,\n RoleArn = ecsEvents.Arn,\n EcsTarget = new Aws.CloudWatch.Inputs.EventTargetEcsTargetArgs\n {\n TaskCount = 1,\n TaskDefinitionArn = taskName.Arn,\n },\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"containerOverrides\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"name-of-container-to-override\",\n [\"command\"] = new[]\n {\n \"bin/console\",\n \"scheduled-task\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"events.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\necsEvents, err := iam.NewRole(ctx, \"ecs_events\", \u0026iam.RoleArgs{\nName: pulumi.String(\"ecs_events\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\necsEventsRunTaskWithAnyRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"iam:PassRole\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"ecs:RunTask\",\n},\nResources: interface{}{\nstd.Replace(ctx, {\nText: taskName.Arn,\nSearch: \"/:\\\\d+$/\",\nReplace: \":*\",\n}, nil).Result,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"ecs_events_run_task_with_any_role\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"ecs_events_run_task_with_any_role\"),\nRole: ecsEvents.ID(),\nPolicy: pulumi.String(ecsEventsRunTaskWithAnyRole.Json),\n})\nif err != nil {\nreturn err\n}\ntmpJSON0, err := json.Marshal(map[string]interface{}{\n\"containerOverrides\": []map[string]interface{}{\nmap[string]interface{}{\n\"name\": \"name-of-container-to-override\",\n\"command\": []string{\n\"bin/console\",\n\"scheduled-task\",\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\njson0 := string(tmpJSON0)\n_, err = cloudwatch.NewEventTarget(ctx, \"ecs_scheduled_task\", \u0026cloudwatch.EventTargetArgs{\nTargetId: pulumi.String(\"run-scheduled-task-every-hour\"),\nArn: pulumi.Any(clusterName.Arn),\nRule: pulumi.Any(everyHour.Name),\nRoleArn: ecsEvents.Arn,\nEcsTarget: \u0026cloudwatch.EventTargetEcsTargetArgs{\nTaskCount: pulumi.Int(1),\nTaskDefinitionArn: pulumi.Any(taskName.Arn),\n},\nInput: pulumi.String(json0),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetEcsTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"events.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var ecsEvents = new Role(\"ecsEvents\", RoleArgs.builder()\n .name(\"ecs_events\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var ecsEventsRunTaskWithAnyRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"iam:PassRole\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ecs:RunTask\")\n .resources(StdFunctions.replace(ReplaceArgs.builder()\n .text(taskName.arn())\n .search(\"/:\\\\d+$/\")\n .replace(\":*\")\n .build()).result())\n .build())\n .build());\n\n var ecsEventsRunTaskWithAnyRoleRolePolicy = new RolePolicy(\"ecsEventsRunTaskWithAnyRoleRolePolicy\", RolePolicyArgs.builder()\n .name(\"ecs_events_run_task_with_any_role\")\n .role(ecsEvents.id())\n .policy(ecsEventsRunTaskWithAnyRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ecsScheduledTask = new EventTarget(\"ecsScheduledTask\", EventTargetArgs.builder()\n .targetId(\"run-scheduled-task-every-hour\")\n .arn(clusterName.arn())\n .rule(everyHour.name())\n .roleArn(ecsEvents.arn())\n .ecsTarget(EventTargetEcsTargetArgs.builder()\n .taskCount(1)\n .taskDefinitionArn(taskName.arn())\n .build())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"containerOverrides\", jsonArray(jsonObject(\n jsonProperty(\"name\", \"name-of-container-to-override\"),\n jsonProperty(\"command\", jsonArray(\n \"bin/console\", \n \"scheduled-task\"\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsEvents:\n type: aws:iam:Role\n name: ecs_events\n properties:\n name: ecs_events\n assumeRolePolicy: ${assumeRole.json}\n ecsEventsRunTaskWithAnyRoleRolePolicy:\n type: aws:iam:RolePolicy\n name: ecs_events_run_task_with_any_role\n properties:\n name: ecs_events_run_task_with_any_role\n role: ${ecsEvents.id}\n policy: ${ecsEventsRunTaskWithAnyRole.json}\n ecsScheduledTask:\n type: aws:cloudwatch:EventTarget\n name: ecs_scheduled_task\n properties:\n targetId: run-scheduled-task-every-hour\n arn: ${clusterName.arn}\n rule: ${everyHour.name}\n roleArn: ${ecsEvents.arn}\n ecsTarget:\n taskCount: 1\n taskDefinitionArn: ${taskName.arn}\n input:\n fn::toJSON:\n containerOverrides:\n - name: name-of-container-to-override\n command:\n - bin/console\n - scheduled-task\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n actions:\n - sts:AssumeRole\n ecsEventsRunTaskWithAnyRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - iam:PassRole\n resources:\n - '*'\n - effect: Allow\n actions:\n - ecs:RunTask\n resources:\n - fn::invoke:\n Function: std:replace\n Arguments:\n text: ${taskName.arn}\n search: /:\\d+$/\n replace: :*\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### API Gateway target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEventRule = new aws.cloudwatch.EventRule(\"example\", {});\nconst exampleDeployment = new aws.apigateway.Deployment(\"example\", {restApi: exampleAwsApiGatewayRestApi.id});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {\n restApi: exampleAwsApiGatewayRestApi.id,\n deployment: exampleDeployment.id,\n});\nconst example = new aws.cloudwatch.EventTarget(\"example\", {\n arn: pulumi.interpolate`${exampleStage.executionArn}/GET`,\n rule: exampleEventRule.id,\n httpTarget: {\n queryStringParameters: {\n Body: \"$.detail.body\",\n },\n headerParameters: {\n Env: \"Test\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_event_rule = aws.cloudwatch.EventRule(\"example\")\nexample_deployment = aws.apigateway.Deployment(\"example\", rest_api=example_aws_api_gateway_rest_api[\"id\"])\nexample_stage = aws.apigateway.Stage(\"example\",\n rest_api=example_aws_api_gateway_rest_api[\"id\"],\n deployment=example_deployment.id)\nexample = aws.cloudwatch.EventTarget(\"example\",\n arn=example_stage.execution_arn.apply(lambda execution_arn: f\"{execution_arn}/GET\"),\n rule=example_event_rule.id,\n http_target={\n \"query_string_parameters\": {\n \"body\": \"$.detail.body\",\n },\n \"header_parameters\": {\n \"env\": \"Test\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleEventRule = new Aws.CloudWatch.EventRule(\"example\");\n\n var exampleDeployment = new Aws.ApiGateway.Deployment(\"example\", new()\n {\n RestApi = exampleAwsApiGatewayRestApi.Id,\n });\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n RestApi = exampleAwsApiGatewayRestApi.Id,\n Deployment = exampleDeployment.Id,\n });\n\n var example = new Aws.CloudWatch.EventTarget(\"example\", new()\n {\n Arn = exampleStage.ExecutionArn.Apply(executionArn =\u003e $\"{executionArn}/GET\"),\n Rule = exampleEventRule.Id,\n HttpTarget = new Aws.CloudWatch.Inputs.EventTargetHttpTargetArgs\n {\n QueryStringParameters = \n {\n { \"Body\", \"$.detail.body\" },\n },\n HeaderParameters = \n {\n { \"Env\", \"Test\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleEventRule, err := cloudwatch.NewEventRule(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDeployment, err := apigateway.NewDeployment(ctx, \"example\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: pulumi.Any(exampleAwsApiGatewayRestApi.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStage, err := apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tRestApi: pulumi.Any(exampleAwsApiGatewayRestApi.Id),\n\t\t\tDeployment: exampleDeployment.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"example\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: exampleStage.ExecutionArn.ApplyT(func(executionArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/GET\", executionArn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRule: exampleEventRule.ID(),\n\t\t\tHttpTarget: \u0026cloudwatch.EventTargetHttpTargetArgs{\n\t\t\t\tQueryStringParameters: pulumi.StringMap{\n\t\t\t\t\t\"Body\": pulumi.String(\"$.detail.body\"),\n\t\t\t\t},\n\t\t\t\tHeaderParameters: pulumi.StringMap{\n\t\t\t\t\t\"Env\": pulumi.String(\"Test\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.apigateway.Deployment;\nimport com.pulumi.aws.apigateway.DeploymentArgs;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetHttpTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleEventRule = new EventRule(\"exampleEventRule\");\n\n var exampleDeployment = new Deployment(\"exampleDeployment\", DeploymentArgs.builder()\n .restApi(exampleAwsApiGatewayRestApi.id())\n .build());\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder()\n .restApi(exampleAwsApiGatewayRestApi.id())\n .deployment(exampleDeployment.id())\n .build());\n\n var example = new EventTarget(\"example\", EventTargetArgs.builder()\n .arn(exampleStage.executionArn().applyValue(executionArn -\u003e String.format(\"%s/GET\", executionArn)))\n .rule(exampleEventRule.id())\n .httpTarget(EventTargetHttpTargetArgs.builder()\n .queryStringParameters(Map.of(\"Body\", \"$.detail.body\"))\n .headerParameters(Map.of(\"Env\", \"Test\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:EventTarget\n properties:\n arn: ${exampleStage.executionArn}/GET\n rule: ${exampleEventRule.id}\n httpTarget:\n queryStringParameters:\n Body: $.detail.body\n headerParameters:\n Env: Test\n exampleEventRule:\n type: aws:cloudwatch:EventRule\n name: example\n exampleDeployment:\n type: aws:apigateway:Deployment\n name: example\n properties:\n restApi: ${exampleAwsApiGatewayRestApi.id}\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n restApi: ${exampleAwsApiGatewayRestApi.id}\n deployment: ${exampleDeployment.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Cross-Account Event Bus target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"events.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst eventBusInvokeRemoteEventBusRole = new aws.iam.Role(\"event_bus_invoke_remote_event_bus\", {\n name: \"event-bus-invoke-remote-event-bus\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst eventBusInvokeRemoteEventBus = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"events:PutEvents\"],\n resources: [\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\"],\n }],\n});\nconst eventBusInvokeRemoteEventBusPolicy = new aws.iam.Policy(\"event_bus_invoke_remote_event_bus\", {\n name: \"event_bus_invoke_remote_event_bus\",\n policy: eventBusInvokeRemoteEventBus.then(eventBusInvokeRemoteEventBus =\u003e eventBusInvokeRemoteEventBus.json),\n});\nconst eventBusInvokeRemoteEventBusRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"event_bus_invoke_remote_event_bus\", {\n role: eventBusInvokeRemoteEventBusRole.name,\n policyArn: eventBusInvokeRemoteEventBusPolicy.arn,\n});\nconst stopInstances = new aws.cloudwatch.EventRule(\"stop_instances\", {\n name: \"StopInstance\",\n description: \"Stop instances nightly\",\n scheduleExpression: \"cron(0 0 * * ? *)\",\n});\nconst stopInstancesEventTarget = new aws.cloudwatch.EventTarget(\"stop_instances\", {\n targetId: \"StopInstance\",\n arn: \"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\",\n rule: stopInstances.name,\n roleArn: eventBusInvokeRemoteEventBusRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"events.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nevent_bus_invoke_remote_event_bus_role = aws.iam.Role(\"event_bus_invoke_remote_event_bus\",\n name=\"event-bus-invoke-remote-event-bus\",\n assume_role_policy=assume_role.json)\nevent_bus_invoke_remote_event_bus = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"events:PutEvents\"],\n \"resources\": [\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\"],\n}])\nevent_bus_invoke_remote_event_bus_policy = aws.iam.Policy(\"event_bus_invoke_remote_event_bus\",\n name=\"event_bus_invoke_remote_event_bus\",\n policy=event_bus_invoke_remote_event_bus.json)\nevent_bus_invoke_remote_event_bus_role_policy_attachment = aws.iam.RolePolicyAttachment(\"event_bus_invoke_remote_event_bus\",\n role=event_bus_invoke_remote_event_bus_role.name,\n policy_arn=event_bus_invoke_remote_event_bus_policy.arn)\nstop_instances = aws.cloudwatch.EventRule(\"stop_instances\",\n name=\"StopInstance\",\n description=\"Stop instances nightly\",\n schedule_expression=\"cron(0 0 * * ? *)\")\nstop_instances_event_target = aws.cloudwatch.EventTarget(\"stop_instances\",\n target_id=\"StopInstance\",\n arn=\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\",\n rule=stop_instances.name,\n role_arn=event_bus_invoke_remote_event_bus_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var eventBusInvokeRemoteEventBusRole = new Aws.Iam.Role(\"event_bus_invoke_remote_event_bus\", new()\n {\n Name = \"event-bus-invoke-remote-event-bus\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var eventBusInvokeRemoteEventBus = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"events:PutEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\",\n },\n },\n },\n });\n\n var eventBusInvokeRemoteEventBusPolicy = new Aws.Iam.Policy(\"event_bus_invoke_remote_event_bus\", new()\n {\n Name = \"event_bus_invoke_remote_event_bus\",\n PolicyDocument = eventBusInvokeRemoteEventBus.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var eventBusInvokeRemoteEventBusRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"event_bus_invoke_remote_event_bus\", new()\n {\n Role = eventBusInvokeRemoteEventBusRole.Name,\n PolicyArn = eventBusInvokeRemoteEventBusPolicy.Arn,\n });\n\n var stopInstances = new Aws.CloudWatch.EventRule(\"stop_instances\", new()\n {\n Name = \"StopInstance\",\n Description = \"Stop instances nightly\",\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n });\n\n var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget(\"stop_instances\", new()\n {\n TargetId = \"StopInstance\",\n Arn = \"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\",\n Rule = stopInstances.Name,\n RoleArn = eventBusInvokeRemoteEventBusRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"events.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teventBusInvokeRemoteEventBusRole, err := iam.NewRole(ctx, \"event_bus_invoke_remote_event_bus\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"event-bus-invoke-remote-event-bus\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teventBusInvokeRemoteEventBus, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"events:PutEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teventBusInvokeRemoteEventBusPolicy, err := iam.NewPolicy(ctx, \"event_bus_invoke_remote_event_bus\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"event_bus_invoke_remote_event_bus\"),\n\t\t\tPolicy: pulumi.String(eventBusInvokeRemoteEventBus.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"event_bus_invoke_remote_event_bus\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: eventBusInvokeRemoteEventBusRole.Name,\n\t\t\tPolicyArn: eventBusInvokeRemoteEventBusPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstopInstances, err := cloudwatch.NewEventRule(ctx, \"stop_instances\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tName: pulumi.String(\"StopInstance\"),\n\t\t\tDescription: pulumi.String(\"Stop instances nightly\"),\n\t\t\tScheduleExpression: pulumi.String(\"cron(0 0 * * ? *)\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"stop_instances\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tTargetId: pulumi.String(\"StopInstance\"),\n\t\t\tArn: pulumi.String(\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\"),\n\t\t\tRule: stopInstances.Name,\n\t\t\tRoleArn: eventBusInvokeRemoteEventBusRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"events.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var eventBusInvokeRemoteEventBusRole = new Role(\"eventBusInvokeRemoteEventBusRole\", RoleArgs.builder()\n .name(\"event-bus-invoke-remote-event-bus\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var eventBusInvokeRemoteEventBus = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"events:PutEvents\")\n .resources(\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\")\n .build())\n .build());\n\n var eventBusInvokeRemoteEventBusPolicy = new Policy(\"eventBusInvokeRemoteEventBusPolicy\", PolicyArgs.builder()\n .name(\"event_bus_invoke_remote_event_bus\")\n .policy(eventBusInvokeRemoteEventBus.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var eventBusInvokeRemoteEventBusRolePolicyAttachment = new RolePolicyAttachment(\"eventBusInvokeRemoteEventBusRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(eventBusInvokeRemoteEventBusRole.name())\n .policyArn(eventBusInvokeRemoteEventBusPolicy.arn())\n .build());\n\n var stopInstances = new EventRule(\"stopInstances\", EventRuleArgs.builder()\n .name(\"StopInstance\")\n .description(\"Stop instances nightly\")\n .scheduleExpression(\"cron(0 0 * * ? *)\")\n .build());\n\n var stopInstancesEventTarget = new EventTarget(\"stopInstancesEventTarget\", EventTargetArgs.builder()\n .targetId(\"StopInstance\")\n .arn(\"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\")\n .rule(stopInstances.name())\n .roleArn(eventBusInvokeRemoteEventBusRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n eventBusInvokeRemoteEventBusRole:\n type: aws:iam:Role\n name: event_bus_invoke_remote_event_bus\n properties:\n name: event-bus-invoke-remote-event-bus\n assumeRolePolicy: ${assumeRole.json}\n eventBusInvokeRemoteEventBusPolicy:\n type: aws:iam:Policy\n name: event_bus_invoke_remote_event_bus\n properties:\n name: event_bus_invoke_remote_event_bus\n policy: ${eventBusInvokeRemoteEventBus.json}\n eventBusInvokeRemoteEventBusRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: event_bus_invoke_remote_event_bus\n properties:\n role: ${eventBusInvokeRemoteEventBusRole.name}\n policyArn: ${eventBusInvokeRemoteEventBusPolicy.arn}\n stopInstances:\n type: aws:cloudwatch:EventRule\n name: stop_instances\n properties:\n name: StopInstance\n description: Stop instances nightly\n scheduleExpression: cron(0 0 * * ? *)\n stopInstancesEventTarget:\n type: aws:cloudwatch:EventTarget\n name: stop_instances\n properties:\n targetId: StopInstance\n arn: arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\n rule: ${stopInstances.name}\n roleArn: ${eventBusInvokeRemoteEventBusRole.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n actions:\n - sts:AssumeRole\n eventBusInvokeRemoteEventBus:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - events:PutEvents\n resources:\n - arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Input Transformer Usage - JSON Object\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEventRule = new aws.cloudwatch.EventRule(\"example\", {});\nconst example = new aws.cloudwatch.EventTarget(\"example\", {\n arn: exampleAwsLambdaFunction.arn,\n rule: exampleEventRule.id,\n inputTransformer: {\n inputPaths: {\n instance: \"$.detail.instance\",\n status: \"$.detail.status\",\n },\n inputTemplate: `{\n \"instance_id\": \u003cinstance\u003e,\n \"instance_status\": \u003cstatus\u003e\n}\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_event_rule = aws.cloudwatch.EventRule(\"example\")\nexample = aws.cloudwatch.EventTarget(\"example\",\n arn=example_aws_lambda_function[\"arn\"],\n rule=example_event_rule.id,\n input_transformer={\n \"input_paths\": {\n \"instance\": \"$.detail.instance\",\n \"status\": \"$.detail.status\",\n },\n \"input_template\": \"\"\"{\n \"instance_id\": \u003cinstance\u003e,\n \"instance_status\": \u003cstatus\u003e\n}\n\"\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleEventRule = new Aws.CloudWatch.EventRule(\"example\");\n\n var example = new Aws.CloudWatch.EventTarget(\"example\", new()\n {\n Arn = exampleAwsLambdaFunction.Arn,\n Rule = exampleEventRule.Id,\n InputTransformer = new Aws.CloudWatch.Inputs.EventTargetInputTransformerArgs\n {\n InputPaths = \n {\n { \"instance\", \"$.detail.instance\" },\n { \"status\", \"$.detail.status\" },\n },\n InputTemplate = @\"{\n \"\"instance_id\"\": \u003cinstance\u003e,\n \"\"instance_status\"\": \u003cstatus\u003e\n}\n\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleEventRule, err := cloudwatch.NewEventRule(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"example\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tRule: exampleEventRule.ID(),\n\t\t\tInputTransformer: \u0026cloudwatch.EventTargetInputTransformerArgs{\n\t\t\t\tInputPaths: pulumi.StringMap{\n\t\t\t\t\t\"instance\": pulumi.String(\"$.detail.instance\"),\n\t\t\t\t\t\"status\": pulumi.String(\"$.detail.status\"),\n\t\t\t\t},\n\t\t\t\tInputTemplate: pulumi.String(\"{\\n \\\"instance_id\\\": \u003cinstance\u003e,\\n \\\"instance_status\\\": \u003cstatus\u003e\\n}\\n\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetInputTransformerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleEventRule = new EventRule(\"exampleEventRule\");\n\n var example = new EventTarget(\"example\", EventTargetArgs.builder()\n .arn(exampleAwsLambdaFunction.arn())\n .rule(exampleEventRule.id())\n .inputTransformer(EventTargetInputTransformerArgs.builder()\n .inputPaths(Map.ofEntries(\n Map.entry(\"instance\", \"$.detail.instance\"),\n Map.entry(\"status\", \"$.detail.status\")\n ))\n .inputTemplate(\"\"\"\n{\n \"instance_id\": \u003cinstance\u003e,\n \"instance_status\": \u003cstatus\u003e\n}\n \"\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:EventTarget\n properties:\n arn: ${exampleAwsLambdaFunction.arn}\n rule: ${exampleEventRule.id}\n inputTransformer:\n inputPaths:\n instance: $.detail.instance\n status: $.detail.status\n inputTemplate: |\n {\n \"instance_id\": \u003cinstance\u003e,\n \"instance_status\": \u003cstatus\u003e\n }\n exampleEventRule:\n type: aws:cloudwatch:EventRule\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Input Transformer Usage - Simple String\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEventRule = new aws.cloudwatch.EventRule(\"example\", {});\nconst example = new aws.cloudwatch.EventTarget(\"example\", {\n arn: exampleAwsLambdaFunction.arn,\n rule: exampleEventRule.id,\n inputTransformer: {\n inputPaths: {\n instance: \"$.detail.instance\",\n status: \"$.detail.status\",\n },\n inputTemplate: \"\\\"\u003cinstance\u003e is in state \u003cstatus\u003e\\\"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_event_rule = aws.cloudwatch.EventRule(\"example\")\nexample = aws.cloudwatch.EventTarget(\"example\",\n arn=example_aws_lambda_function[\"arn\"],\n rule=example_event_rule.id,\n input_transformer={\n \"input_paths\": {\n \"instance\": \"$.detail.instance\",\n \"status\": \"$.detail.status\",\n },\n \"input_template\": \"\\\"\u003cinstance\u003e is in state \u003cstatus\u003e\\\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleEventRule = new Aws.CloudWatch.EventRule(\"example\");\n\n var example = new Aws.CloudWatch.EventTarget(\"example\", new()\n {\n Arn = exampleAwsLambdaFunction.Arn,\n Rule = exampleEventRule.Id,\n InputTransformer = new Aws.CloudWatch.Inputs.EventTargetInputTransformerArgs\n {\n InputPaths = \n {\n { \"instance\", \"$.detail.instance\" },\n { \"status\", \"$.detail.status\" },\n },\n InputTemplate = \"\\\"\u003cinstance\u003e is in state \u003cstatus\u003e\\\"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleEventRule, err := cloudwatch.NewEventRule(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"example\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tRule: exampleEventRule.ID(),\n\t\t\tInputTransformer: \u0026cloudwatch.EventTargetInputTransformerArgs{\n\t\t\t\tInputPaths: pulumi.StringMap{\n\t\t\t\t\t\"instance\": pulumi.String(\"$.detail.instance\"),\n\t\t\t\t\t\"status\": pulumi.String(\"$.detail.status\"),\n\t\t\t\t},\n\t\t\t\tInputTemplate: pulumi.String(\"\\\"\u003cinstance\u003e is in state \u003cstatus\u003e\\\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport com.pulumi.aws.cloudwatch.inputs.EventTargetInputTransformerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleEventRule = new EventRule(\"exampleEventRule\");\n\n var example = new EventTarget(\"example\", EventTargetArgs.builder()\n .arn(exampleAwsLambdaFunction.arn())\n .rule(exampleEventRule.id())\n .inputTransformer(EventTargetInputTransformerArgs.builder()\n .inputPaths(Map.ofEntries(\n Map.entry(\"instance\", \"$.detail.instance\"),\n Map.entry(\"status\", \"$.detail.status\")\n ))\n .inputTemplate(\"\\\"\u003cinstance\u003e is in state \u003cstatus\u003e\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:EventTarget\n properties:\n arn: ${exampleAwsLambdaFunction.arn}\n rule: ${exampleEventRule.id}\n inputTransformer:\n inputPaths:\n instance: $.detail.instance\n status: $.detail.status\n inputTemplate: '\"\u003cinstance\u003e is in state \u003cstatus\u003e\"'\n exampleEventRule:\n type: aws:cloudwatch:EventRule\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Cloudwatch Log Group Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: \"/aws/events/guardduty/logs\",\n retentionInDays: 1,\n});\nconst exampleEventRule = new aws.cloudwatch.EventRule(\"example\", {\n name: \"guard-duty_event_rule\",\n description: \"GuardDuty Findings\",\n eventPattern: JSON.stringify({\n source: [\"aws.guardduty\"],\n }),\n tags: {\n Environment: \"example\",\n },\n});\nconst exampleLogPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"logs:CreateLogStream\"],\n resources: [pulumi.interpolate`${example.arn}:*`],\n principals: [{\n type: \"Service\",\n identifiers: [\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n ],\n }],\n },\n {\n effect: \"Allow\",\n actions: [\"logs:PutLogEvents\"],\n resources: [pulumi.interpolate`${example.arn}:*:*`],\n principals: [{\n type: \"Service\",\n identifiers: [\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n ],\n }],\n conditions: [{\n test: \"ArnEquals\",\n values: [exampleEventRule.arn],\n variable: \"aws:SourceArn\",\n }],\n },\n ],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyDocument: exampleLogPolicy.apply(exampleLogPolicy =\u003e exampleLogPolicy.json),\n policyName: \"guardduty-log-publishing-policy\",\n});\nconst exampleEventTarget = new aws.cloudwatch.EventTarget(\"example\", {\n rule: exampleEventRule.name,\n arn: example.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=\"/aws/events/guardduty/logs\",\n retention_in_days=1)\nexample_event_rule = aws.cloudwatch.EventRule(\"example\",\n name=\"guard-duty_event_rule\",\n description=\"GuardDuty Findings\",\n event_pattern=json.dumps({\n \"source\": [\"aws.guardduty\"],\n }),\n tags={\n \"Environment\": \"example\",\n })\nexample_log_policy = aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\"logs:CreateLogStream\"],\n \"resources\": [example.arn.apply(lambda arn: f\"{arn}:*\")],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n ],\n }],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"logs:PutLogEvents\"],\n \"resources\": [example.arn.apply(lambda arn: f\"{arn}:*:*\")],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n ],\n }],\n \"conditions\": [{\n \"test\": \"ArnEquals\",\n \"values\": [example_event_rule.arn],\n \"variable\": \"aws:SourceArn\",\n }],\n },\n])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_document=example_log_policy.json,\n policy_name=\"guardduty-log-publishing-policy\")\nexample_event_target = aws.cloudwatch.EventTarget(\"example\",\n rule=example_event_rule.name,\n arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"/aws/events/guardduty/logs\",\n RetentionInDays = 1,\n });\n\n var exampleEventRule = new Aws.CloudWatch.EventRule(\"example\", new()\n {\n Name = \"guard-duty_event_rule\",\n Description = \"GuardDuty Findings\",\n EventPattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"aws.guardduty\",\n },\n }),\n Tags = \n {\n { \"Environment\", \"example\" },\n },\n });\n\n var exampleLogPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n $\"{example.Arn}:*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n $\"{example.Arn}:*:*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Values = new[]\n {\n exampleEventRule.Arn,\n },\n Variable = \"aws:SourceArn\",\n },\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyDocument = exampleLogPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n PolicyName = \"guardduty-log-publishing-policy\",\n });\n\n var exampleEventTarget = new Aws.CloudWatch.EventTarget(\"example\", new()\n {\n Rule = exampleEventRule.Name,\n Arn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"/aws/events/guardduty/logs\"),\n\t\t\tRetentionInDays: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"aws.guardduty\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleEventRule, err := cloudwatch.NewEventRule(ctx, \"example\", \u0026cloudwatch.EventRuleArgs{\n\t\t\tName: pulumi.String(\"guard-duty_event_rule\"),\n\t\t\tDescription: pulumi.String(\"GuardDuty Findings\"),\n\t\t\tEventPattern: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"logs:CreateLogStream\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"events.amazonaws.com\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"delivery.logs.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"logs:PutLogEvents\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:*:*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"events.amazonaws.com\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"delivery.logs.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleEventRule.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(exampleLogPolicy.ApplyT(func(exampleLogPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026exampleLogPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tPolicyName: pulumi.String(\"guardduty-log-publishing-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewEventTarget(ctx, \"example\", \u0026cloudwatch.EventTargetArgs{\n\t\t\tRule: exampleEventRule.Name,\n\t\t\tArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudwatch.EventRule;\nimport com.pulumi.aws.cloudwatch.EventRuleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.cloudwatch.EventTarget;\nimport com.pulumi.aws.cloudwatch.EventTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"/aws/events/guardduty/logs\")\n .retentionInDays(1)\n .build());\n\n var exampleEventRule = new EventRule(\"exampleEventRule\", EventRuleArgs.builder()\n .name(\"guard-duty_event_rule\")\n .description(\"GuardDuty Findings\")\n .eventPattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"aws.guardduty\"))\n )))\n .tags(Map.of(\"Environment\", \"example\"))\n .build());\n\n final var exampleLogPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"logs:CreateLogStream\")\n .resources(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers( \n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"logs:PutLogEvents\")\n .resources(example.arn().applyValue(arn -\u003e String.format(\"%s:*:*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers( \n \"events.amazonaws.com\",\n \"delivery.logs.amazonaws.com\")\n .build())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .values(exampleEventRule.arn())\n .variable(\"aws:SourceArn\")\n .build())\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyDocument(exampleLogPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(exampleLogPolicy -\u003e exampleLogPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .policyName(\"guardduty-log-publishing-policy\")\n .build());\n\n var exampleEventTarget = new EventTarget(\"exampleEventTarget\", EventTargetArgs.builder()\n .rule(exampleEventRule.name())\n .arn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /aws/events/guardduty/logs\n retentionInDays: 1\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyDocument: ${exampleLogPolicy.json}\n policyName: guardduty-log-publishing-policy\n exampleEventRule:\n type: aws:cloudwatch:EventRule\n name: example\n properties:\n name: guard-duty_event_rule\n description: GuardDuty Findings\n eventPattern:\n fn::toJSON:\n source:\n - aws.guardduty\n tags:\n Environment: example\n exampleEventTarget:\n type: aws:cloudwatch:EventTarget\n name: example\n properties:\n rule: ${exampleEventRule.name}\n arn: ${example.arn}\nvariables:\n exampleLogPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogStream\n resources:\n - ${example.arn}:*\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n - delivery.logs.amazonaws.com\n - effect: Allow\n actions:\n - logs:PutLogEvents\n resources:\n - ${example.arn}:*:*\n principals:\n - type: Service\n identifiers:\n - events.amazonaws.com\n - delivery.logs.amazonaws.com\n conditions:\n - test: ArnEquals\n values:\n - ${exampleEventRule.arn}\n variable: aws:SourceArn\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge Targets using `event_bus_name/rule-name/target-id` (if you omit `event_bus_name`, the `default` event bus will be used). For example:\n\n```sh\n$ pulumi import aws:cloudwatch/eventTarget:EventTarget test-event-target rule-name/target-id\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:cloudwatch/EventTargetDeadLetterConfig:EventTargetDeadLetterConfig", "description": "Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with the rule.\nIf you omit this, the `default` event bus is used.\n" }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "httpTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetHttpTarget:EventTargetHttpTarget", "description": "Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target. Conflicts with `input_path` and `input_transformer`.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/) that is used for extracting part of the matched event when passing it to the target. Conflicts with `input` and `input_transformer`.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with `input` and `input_path`.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "redshiftTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetRedshiftTarget:EventTargetRedshiftTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.\n" }, "retryPolicy": { "$ref": "#/types/aws:cloudwatch/EventTargetRetryPolicy:EventTargetRetryPolicy", "description": "Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used or target in `arn` is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n\nThe following arguments are optional:\n" }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sagemakerPipelineTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSagemakerPipelineTarget:EventTargetSagemakerPipelineTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SageMaker Pipeline. Documented below. A maximum of 1 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n" } }, "required": [ "arn", "rule", "targetId" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:cloudwatch/EventTargetDeadLetterConfig:EventTargetDeadLetterConfig", "description": "Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with the rule.\nIf you omit this, the `default` event bus is used.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "httpTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetHttpTarget:EventTargetHttpTarget", "description": "Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target. Conflicts with `input_path` and `input_transformer`.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/) that is used for extracting part of the matched event when passing it to the target. Conflicts with `input` and `input_transformer`.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with `input` and `input_path`.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "redshiftTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetRedshiftTarget:EventTargetRedshiftTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.\n" }, "retryPolicy": { "$ref": "#/types/aws:cloudwatch/EventTargetRetryPolicy:EventTargetRetryPolicy", "description": "Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used or target in `arn` is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sagemakerPipelineTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSagemakerPipelineTarget:EventTargetSagemakerPipelineTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SageMaker Pipeline. Documented below. A maximum of 1 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "arn", "rule" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target.\n" }, "batchTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetBatchTarget:EventTargetBatchTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:cloudwatch/EventTargetDeadLetterConfig:EventTargetDeadLetterConfig", "description": "Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.\n" }, "ecsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetEcsTarget:EventTargetEcsTarget", "description": "Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.\n" }, "eventBusName": { "type": "string", "description": "The name or ARN of the event bus to associate with the rule.\nIf you omit this, the `default` event bus is used.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Used to delete managed rules created by AWS. Defaults to `false`.\n" }, "httpTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetHttpTarget:EventTargetHttpTarget", "description": "Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.\n" }, "input": { "type": "string", "description": "Valid JSON text passed to the target. Conflicts with `input_path` and `input_transformer`.\n" }, "inputPath": { "type": "string", "description": "The value of the [JSONPath](http://goessner.net/articles/JsonPath/) that is used for extracting part of the matched event when passing it to the target. Conflicts with `input` and `input_transformer`.\n" }, "inputTransformer": { "$ref": "#/types/aws:cloudwatch/EventTargetInputTransformer:EventTargetInputTransformer", "description": "Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with `input` and `input_path`.\n" }, "kinesisTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetKinesisTarget:EventTargetKinesisTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.\n" }, "redshiftTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetRedshiftTarget:EventTargetRedshiftTarget", "description": "Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.\n" }, "retryPolicy": { "$ref": "#/types/aws:cloudwatch/EventTargetRetryPolicy:EventTargetRetryPolicy", "description": "Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if `ecs_target` is used or target in `arn` is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.\n" }, "rule": { "type": "string", "description": "The name of the rule you want to add targets to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "runCommandTargets": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/EventTargetRunCommandTarget:EventTargetRunCommandTarget" }, "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.\n" }, "sagemakerPipelineTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSagemakerPipelineTarget:EventTargetSagemakerPipelineTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SageMaker Pipeline. Documented below. A maximum of 1 are allowed.\n" }, "sqsTarget": { "$ref": "#/types/aws:cloudwatch/EventTargetSqsTarget:EventTargetSqsTarget", "description": "Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.\n" }, "targetId": { "type": "string", "description": "The unique target assignment ID. If missing, will generate a random, unique id.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/internetMonitor:InternetMonitor": { "description": "Provides a Internet Monitor Monitor resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.InternetMonitor(\"example\", {monitorName: \"exmple\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.InternetMonitor(\"example\", monitor_name=\"exmple\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.InternetMonitor(\"example\", new()\n {\n MonitorName = \"exmple\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewInternetMonitor(ctx, \"example\", \u0026cloudwatch.InternetMonitorArgs{\n\t\t\tMonitorName: pulumi.String(\"exmple\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.InternetMonitor;\nimport com.pulumi.aws.cloudwatch.InternetMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InternetMonitor(\"example\", InternetMonitorArgs.builder()\n .monitorName(\"exmple\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:InternetMonitor\n properties:\n monitorName: exmple\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Internet Monitor Monitors using the `monitor_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/internetMonitor:InternetMonitor some some-monitor\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Monitor.\n" }, "healthEventsConfig": { "$ref": "#/types/aws:cloudwatch/InternetMonitorHealthEventsConfig:InternetMonitorHealthEventsConfig", "description": "Health event thresholds. A health event threshold percentage, for performance and availability, determines when Internet Monitor creates a health event when there's an internet issue that affects your application end users. See Health Events Config below.\n" }, "internetMeasurementsLogDelivery": { "$ref": "#/types/aws:cloudwatch/InternetMonitorInternetMeasurementsLogDelivery:InternetMonitorInternetMeasurementsLogDelivery", "description": "Publish internet measurements for Internet Monitor to an Amazon S3 bucket in addition to CloudWatch Logs.\n" }, "maxCityNetworksToMonitor": { "type": "integer", "description": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network or ASN, such as an internet service provider (ISP), that clients access the resources through. This limit helps control billing costs.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs).\n" }, "status": { "type": "string", "description": "The status for a monitor. The accepted values for Status with the UpdateMonitor API call are the following: `ACTIVE` and `INACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficPercentageToMonitor": { "type": "integer", "description": "The percentage of the internet-facing traffic for your application that you want to monitor with this monitor.\n" } }, "required": [ "arn", "monitorName", "tagsAll" ], "inputProperties": { "healthEventsConfig": { "$ref": "#/types/aws:cloudwatch/InternetMonitorHealthEventsConfig:InternetMonitorHealthEventsConfig", "description": "Health event thresholds. A health event threshold percentage, for performance and availability, determines when Internet Monitor creates a health event when there's an internet issue that affects your application end users. See Health Events Config below.\n" }, "internetMeasurementsLogDelivery": { "$ref": "#/types/aws:cloudwatch/InternetMonitorInternetMeasurementsLogDelivery:InternetMonitorInternetMeasurementsLogDelivery", "description": "Publish internet measurements for Internet Monitor to an Amazon S3 bucket in addition to CloudWatch Logs.\n" }, "maxCityNetworksToMonitor": { "type": "integer", "description": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network or ASN, such as an internet service provider (ISP), that clients access the resources through. This limit helps control billing costs.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "type": "string" }, "description": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs).\n" }, "status": { "type": "string", "description": "The status for a monitor. The accepted values for Status with the UpdateMonitor API call are the following: `ACTIVE` and `INACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trafficPercentageToMonitor": { "type": "integer", "description": "The percentage of the internet-facing traffic for your application that you want to monitor with this monitor.\n" } }, "requiredInputs": [ "monitorName" ], "stateInputs": { "description": "Input properties used for looking up and filtering InternetMonitor resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Monitor.\n" }, "healthEventsConfig": { "$ref": "#/types/aws:cloudwatch/InternetMonitorHealthEventsConfig:InternetMonitorHealthEventsConfig", "description": "Health event thresholds. A health event threshold percentage, for performance and availability, determines when Internet Monitor creates a health event when there's an internet issue that affects your application end users. See Health Events Config below.\n" }, "internetMeasurementsLogDelivery": { "$ref": "#/types/aws:cloudwatch/InternetMonitorInternetMeasurementsLogDelivery:InternetMonitorInternetMeasurementsLogDelivery", "description": "Publish internet measurements for Internet Monitor to an Amazon S3 bucket in addition to CloudWatch Logs.\n" }, "maxCityNetworksToMonitor": { "type": "integer", "description": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network or ASN, such as an internet service provider (ISP), that clients access the resources through. This limit helps control billing costs.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "type": "string" }, "description": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs).\n" }, "status": { "type": "string", "description": "The status for a monitor. The accepted values for Status with the UpdateMonitor API call are the following: `ACTIVE` and `INACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficPercentageToMonitor": { "type": "integer", "description": "The percentage of the internet-facing traffic for your application that you want to monitor with this monitor.\n" } }, "type": "object" } }, "aws:cloudwatch/logAccountPolicy:LogAccountPolicy": { "description": "Provides a CloudWatch Log Account Policy resource.\n\n## Example Usage\n\n### Account Data Protection Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dataProtection = new aws.cloudwatch.LogAccountPolicy(\"data_protection\", {\n policyName: \"data-protection\",\n policyType: \"DATA_PROTECTION_POLICY\",\n policyDocument: JSON.stringify({\n Name: \"DataProtection\",\n Version: \"2021-06-01\",\n Statement: [\n {\n Sid: \"Audit\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Audit: {\n FindingsDestination: {},\n },\n },\n },\n {\n Sid: \"Redact\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Deidentify: {\n MaskConfig: {},\n },\n },\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndata_protection = aws.cloudwatch.LogAccountPolicy(\"data_protection\",\n policy_name=\"data-protection\",\n policy_type=\"DATA_PROTECTION_POLICY\",\n policy_document=json.dumps({\n \"Name\": \"DataProtection\",\n \"Version\": \"2021-06-01\",\n \"Statement\": [\n {\n \"Sid\": \"Audit\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Audit\": {\n \"FindingsDestination\": {},\n },\n },\n },\n {\n \"Sid\": \"Redact\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Deidentify\": {\n \"MaskConfig\": {},\n },\n },\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dataProtection = new Aws.CloudWatch.LogAccountPolicy(\"data_protection\", new()\n {\n PolicyName = \"data-protection\",\n PolicyType = \"DATA_PROTECTION_POLICY\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"DataProtection\",\n [\"Version\"] = \"2021-06-01\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Audit\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Audit\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"FindingsDestination\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Redact\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Deidentify\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"MaskConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Name\": \"DataProtection\",\n\t\t\t\"Version\": \"2021-06-01\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Audit\",\n\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\"Audit\": map[string]interface{}{\n\t\t\t\t\t\t\t\"FindingsDestination\": nil,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Redact\",\n\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\"Deidentify\": map[string]interface{}{\n\t\t\t\t\t\t\t\"MaskConfig\": nil,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudwatch.NewLogAccountPolicy(ctx, \"data_protection\", \u0026cloudwatch.LogAccountPolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"data-protection\"),\n\t\t\tPolicyType: pulumi.String(\"DATA_PROTECTION_POLICY\"),\n\t\t\tPolicyDocument: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogAccountPolicy;\nimport com.pulumi.aws.cloudwatch.LogAccountPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dataProtection = new LogAccountPolicy(\"dataProtection\", LogAccountPolicyArgs.builder()\n .policyName(\"data-protection\")\n .policyType(\"DATA_PROTECTION_POLICY\")\n .policyDocument(serializeJson(\n jsonObject(\n jsonProperty(\"Name\", \"DataProtection\"),\n jsonProperty(\"Version\", \"2021-06-01\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Audit\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Audit\", jsonObject(\n jsonProperty(\"FindingsDestination\", jsonObject(\n\n ))\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Redact\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Deidentify\", jsonObject(\n jsonProperty(\"MaskConfig\", jsonObject(\n\n ))\n ))\n ))\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dataProtection:\n type: aws:cloudwatch:LogAccountPolicy\n name: data_protection\n properties:\n policyName: data-protection\n policyType: DATA_PROTECTION_POLICY\n policyDocument:\n fn::toJSON:\n Name: DataProtection\n Version: 2021-06-01\n Statement:\n - Sid: Audit\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Audit:\n FindingsDestination: {}\n - Sid: Redact\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Deidentify:\n MaskConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Subscription Filter Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst subscriptionFilter = new aws.cloudwatch.LogAccountPolicy(\"subscription_filter\", {\n policyName: \"subscription-filter\",\n policyType: \"SUBSCRIPTION_FILTER_POLICY\",\n policyDocument: JSON.stringify({\n DestinationArn: test.arn,\n FilterPattern: \"test\",\n }),\n selectionCriteria: \"LogGroupName NOT IN [\\\"excluded_log_group_name\\\"]\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nsubscription_filter = aws.cloudwatch.LogAccountPolicy(\"subscription_filter\",\n policy_name=\"subscription-filter\",\n policy_type=\"SUBSCRIPTION_FILTER_POLICY\",\n policy_document=json.dumps({\n \"DestinationArn\": test[\"arn\"],\n \"FilterPattern\": \"test\",\n }),\n selection_criteria=\"LogGroupName NOT IN [\\\"excluded_log_group_name\\\"]\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var subscriptionFilter = new Aws.CloudWatch.LogAccountPolicy(\"subscription_filter\", new()\n {\n PolicyName = \"subscription-filter\",\n PolicyType = \"SUBSCRIPTION_FILTER_POLICY\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"DestinationArn\"] = test.Arn,\n [\"FilterPattern\"] = \"test\",\n }),\n SelectionCriteria = \"LogGroupName NOT IN [\\\"excluded_log_group_name\\\"]\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"DestinationArn\": test.Arn,\n\t\t\t\"FilterPattern\": \"test\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudwatch.NewLogAccountPolicy(ctx, \"subscription_filter\", \u0026cloudwatch.LogAccountPolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"subscription-filter\"),\n\t\t\tPolicyType: pulumi.String(\"SUBSCRIPTION_FILTER_POLICY\"),\n\t\t\tPolicyDocument: pulumi.String(json0),\n\t\t\tSelectionCriteria: pulumi.String(\"LogGroupName NOT IN [\\\"excluded_log_group_name\\\"]\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogAccountPolicy;\nimport com.pulumi.aws.cloudwatch.LogAccountPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var subscriptionFilter = new LogAccountPolicy(\"subscriptionFilter\", LogAccountPolicyArgs.builder()\n .policyName(\"subscription-filter\")\n .policyType(\"SUBSCRIPTION_FILTER_POLICY\")\n .policyDocument(serializeJson(\n jsonObject(\n jsonProperty(\"DestinationArn\", test.arn()),\n jsonProperty(\"FilterPattern\", \"test\")\n )))\n .selectionCriteria(\"LogGroupName NOT IN [\\\"excluded_log_group_name\\\"]\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n subscriptionFilter:\n type: aws:cloudwatch:LogAccountPolicy\n name: subscription_filter\n properties:\n policyName: subscription-filter\n policyType: SUBSCRIPTION_FILTER_POLICY\n policyDocument:\n fn::toJSON:\n DestinationArn: ${test.arn}\n FilterPattern: test\n selectionCriteria: LogGroupName NOT IN [\"excluded_log_group_name\"]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import this resource using the `policy_name` and `policy_type` separated by `:`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logAccountPolicy:LogAccountPolicy example \"my-account-policy:SUBSCRIPTION_FILTER_POLICY\"\n```\n", "properties": { "policyDocument": { "type": "string", "description": "Text of the account policy. Refer to the [AWS docs](https://docs.aws.amazon.com/cli/latest/reference/logs/put-account-policy.html) for more information.\n" }, "policyName": { "type": "string", "description": "Name of the account policy.\n" }, "policyType": { "type": "string", "description": "Type of account policy. Either `DATA_PROTECTION_POLICY` or `SUBSCRIPTION_FILTER_POLICY`. You can have one account policy per type in an account.\n" }, "scope": { "type": "string", "description": "Currently defaults to and only accepts the value: `ALL`.\n" }, "selectionCriteria": { "type": "string", "description": "Criteria for applying a subscription filter policy to a selection of log groups. The only allowable criteria selector is `LogGroupName NOT IN []`.\n" } }, "required": [ "policyDocument", "policyName", "policyType" ], "inputProperties": { "policyDocument": { "type": "string", "description": "Text of the account policy. Refer to the [AWS docs](https://docs.aws.amazon.com/cli/latest/reference/logs/put-account-policy.html) for more information.\n" }, "policyName": { "type": "string", "description": "Name of the account policy.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Type of account policy. Either `DATA_PROTECTION_POLICY` or `SUBSCRIPTION_FILTER_POLICY`. You can have one account policy per type in an account.\n", "willReplaceOnChanges": true }, "scope": { "type": "string", "description": "Currently defaults to and only accepts the value: `ALL`.\n" }, "selectionCriteria": { "type": "string", "description": "Criteria for applying a subscription filter policy to a selection of log groups. The only allowable criteria selector is `LogGroupName NOT IN []`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyDocument", "policyName", "policyType" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogAccountPolicy resources.\n", "properties": { "policyDocument": { "type": "string", "description": "Text of the account policy. Refer to the [AWS docs](https://docs.aws.amazon.com/cli/latest/reference/logs/put-account-policy.html) for more information.\n" }, "policyName": { "type": "string", "description": "Name of the account policy.\n", "willReplaceOnChanges": true }, "policyType": { "type": "string", "description": "Type of account policy. Either `DATA_PROTECTION_POLICY` or `SUBSCRIPTION_FILTER_POLICY`. You can have one account policy per type in an account.\n", "willReplaceOnChanges": true }, "scope": { "type": "string", "description": "Currently defaults to and only accepts the value: `ALL`.\n" }, "selectionCriteria": { "type": "string", "description": "Criteria for applying a subscription filter policy to a selection of log groups. The only allowable criteria selector is `LogGroupName NOT IN []`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy": { "description": "Provides a CloudWatch Log Data Protection Policy resource.\n\nRead more about protecting sensitive user data in the [User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleLogDataProtectionPolicy = new aws.cloudwatch.LogDataProtectionPolicy(\"example\", {\n logGroupName: example.name,\n policyDocument: pulumi.jsonStringify({\n Name: \"Example\",\n Version: \"2021-06-01\",\n Statement: [\n {\n Sid: \"Audit\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Audit: {\n FindingsDestination: {\n S3: {\n Bucket: exampleBucketV2.bucket,\n },\n },\n },\n },\n },\n {\n Sid: \"Redact\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Deidentify: {\n MaskConfig: {},\n },\n },\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy(\"example\",\n log_group_name=example.name,\n policy_document=pulumi.Output.json_dumps({\n \"Name\": \"Example\",\n \"Version\": \"2021-06-01\",\n \"Statement\": [\n {\n \"Sid\": \"Audit\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Audit\": {\n \"FindingsDestination\": {\n \"S3\": {\n \"Bucket\": example_bucket_v2.bucket,\n },\n },\n },\n },\n },\n {\n \"Sid\": \"Redact\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Deidentify\": {\n \"MaskConfig\": {},\n },\n },\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleLogDataProtectionPolicy = new Aws.CloudWatch.LogDataProtectionPolicy(\"example\", new()\n {\n LogGroupName = example.Name,\n PolicyDocument = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"Example\",\n [\"Version\"] = \"2021-06-01\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Audit\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Audit\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"FindingsDestination\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"S3\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bucket\"] = exampleBucketV2.Bucket,\n },\n },\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Redact\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Deidentify\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"MaskConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogDataProtectionPolicy(ctx, \"example\", \u0026cloudwatch.LogDataProtectionPolicyArgs{\n\t\t\tLogGroupName: example.Name,\n\t\t\tPolicyDocument: exampleBucketV2.Bucket.ApplyT(func(bucket string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Name\": \"Example\",\n\t\t\t\t\t\"Version\": \"2021-06-01\",\n\t\t\t\t\t\"Statement\": []interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Audit\",\n\t\t\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Audit\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"FindingsDestination\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\"S3\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\t\"Bucket\": bucket,\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Redact\",\n\t\t\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Deidentify\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"MaskConfig\": nil,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy(\"exampleLogDataProtectionPolicy\", LogDataProtectionPolicyArgs.builder()\n .logGroupName(example.name())\n .policyDocument(exampleBucketV2.bucket().applyValue(bucket -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Name\", \"Example\"),\n jsonProperty(\"Version\", \"2021-06-01\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Audit\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Audit\", jsonObject(\n jsonProperty(\"FindingsDestination\", jsonObject(\n jsonProperty(\"S3\", jsonObject(\n jsonProperty(\"Bucket\", bucket)\n ))\n ))\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Redact\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Deidentify\", jsonObject(\n jsonProperty(\"MaskConfig\", jsonObject(\n\n ))\n ))\n ))\n )\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleLogDataProtectionPolicy:\n type: aws:cloudwatch:LogDataProtectionPolicy\n name: example\n properties:\n logGroupName: ${example.name}\n policyDocument:\n fn::toJSON:\n Name: Example\n Version: 2021-06-01\n Statement:\n - Sid: Audit\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Audit:\n FindingsDestination:\n S3:\n Bucket: ${exampleBucketV2.bucket}\n - Sid: Redact\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Deidentify:\n MaskConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import this resource using the `log_group_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy example my-log-group\n```\n", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n" }, "policyDocument": { "type": "string", "description": "Specifies the data protection policy in JSON. Read more at [Data protection policy syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-start.html#mask-sensitive-log-data-policysyntax).\n" } }, "required": [ "logGroupName", "policyDocument" ], "inputProperties": { "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "Specifies the data protection policy in JSON. Read more at [Data protection policy syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-start.html#mask-sensitive-log-data-policysyntax).\n" } }, "requiredInputs": [ "logGroupName", "policyDocument" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogDataProtectionPolicy resources.\n", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "Specifies the data protection policy in JSON. Read more at [Data protection policy syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-start.html#mask-sensitive-log-data-policysyntax).\n" } }, "type": "object" } }, "aws:cloudwatch/logDestination:LogDestination": { "description": "Provides a CloudWatch Logs destination resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testDestination = new aws.cloudwatch.LogDestination(\"test_destination\", {\n name: \"test_destination\",\n roleArn: iamForCloudwatch.arn,\n targetArn: kinesisForCloudwatch.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_destination = aws.cloudwatch.LogDestination(\"test_destination\",\n name=\"test_destination\",\n role_arn=iam_for_cloudwatch[\"arn\"],\n target_arn=kinesis_for_cloudwatch[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testDestination = new Aws.CloudWatch.LogDestination(\"test_destination\", new()\n {\n Name = \"test_destination\",\n RoleArn = iamForCloudwatch.Arn,\n TargetArn = kinesisForCloudwatch.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogDestination(ctx, \"test_destination\", \u0026cloudwatch.LogDestinationArgs{\n\t\t\tName: pulumi.String(\"test_destination\"),\n\t\t\tRoleArn: pulumi.Any(iamForCloudwatch.Arn),\n\t\t\tTargetArn: pulumi.Any(kinesisForCloudwatch.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogDestination;\nimport com.pulumi.aws.cloudwatch.LogDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testDestination = new LogDestination(\"testDestination\", LogDestinationArgs.builder()\n .name(\"test_destination\")\n .roleArn(iamForCloudwatch.arn())\n .targetArn(kinesisForCloudwatch.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testDestination:\n type: aws:cloudwatch:LogDestination\n name: test_destination\n properties:\n name: test_destination\n roleArn: ${iamForCloudwatch.arn}\n targetArn: ${kinesisForCloudwatch.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Logs destinations using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logDestination:LogDestination test_destination test_destination\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log destination.\n" }, "name": { "type": "string", "description": "A name for the log destination.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination.\n" } }, "required": [ "arn", "name", "roleArn", "tagsAll", "targetArn" ], "inputProperties": { "name": { "type": "string", "description": "A name for the log destination.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination.\n" } }, "requiredInputs": [ "roleArn", "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogDestination resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log destination.\n" }, "name": { "type": "string", "description": "A name for the log destination.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to put data into the target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The ARN of the target Amazon Kinesis stream resource for the destination.\n" } }, "type": "object" } }, "aws:cloudwatch/logDestinationPolicy:LogDestinationPolicy": { "description": "Provides a CloudWatch Logs destination policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testDestination = new aws.cloudwatch.LogDestination(\"test_destination\", {\n name: \"test_destination\",\n roleArn: iamForCloudwatch.arn,\n targetArn: kinesisForCloudwatch.arn,\n});\nconst testDestinationPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n actions: [\"logs:PutSubscriptionFilter\"],\n resources: [testDestination.arn],\n }],\n});\nconst testDestinationPolicyLogDestinationPolicy = new aws.cloudwatch.LogDestinationPolicy(\"test_destination_policy\", {\n destinationName: testDestination.name,\n accessPolicy: testDestinationPolicy.apply(testDestinationPolicy =\u003e testDestinationPolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_destination = aws.cloudwatch.LogDestination(\"test_destination\",\n name=\"test_destination\",\n role_arn=iam_for_cloudwatch[\"arn\"],\n target_arn=kinesis_for_cloudwatch[\"arn\"])\ntest_destination_policy = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n \"actions\": [\"logs:PutSubscriptionFilter\"],\n \"resources\": [test_destination.arn],\n}])\ntest_destination_policy_log_destination_policy = aws.cloudwatch.LogDestinationPolicy(\"test_destination_policy\",\n destination_name=test_destination.name,\n access_policy=test_destination_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testDestination = new Aws.CloudWatch.LogDestination(\"test_destination\", new()\n {\n Name = \"test_destination\",\n RoleArn = iamForCloudwatch.Arn,\n TargetArn = kinesisForCloudwatch.Arn,\n });\n\n var testDestinationPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutSubscriptionFilter\",\n },\n Resources = new[]\n {\n testDestination.Arn,\n },\n },\n },\n });\n\n var testDestinationPolicyLogDestinationPolicy = new Aws.CloudWatch.LogDestinationPolicy(\"test_destination_policy\", new()\n {\n DestinationName = testDestination.Name,\n AccessPolicy = testDestinationPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestDestination, err := cloudwatch.NewLogDestination(ctx, \"test_destination\", \u0026cloudwatch.LogDestinationArgs{\n\t\t\tName: pulumi.String(\"test_destination\"),\n\t\t\tRoleArn: pulumi.Any(iamForCloudwatch.Arn),\n\t\t\tTargetArn: pulumi.Any(kinesisForCloudwatch.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestDestinationPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"logs:PutSubscriptionFilter\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestDestination.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = cloudwatch.NewLogDestinationPolicy(ctx, \"test_destination_policy\", \u0026cloudwatch.LogDestinationPolicyArgs{\n\t\t\tDestinationName: testDestination.Name,\n\t\t\tAccessPolicy: pulumi.String(testDestinationPolicy.ApplyT(func(testDestinationPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026testDestinationPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogDestination;\nimport com.pulumi.aws.cloudwatch.LogDestinationArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogDestinationPolicy;\nimport com.pulumi.aws.cloudwatch.LogDestinationPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testDestination = new LogDestination(\"testDestination\", LogDestinationArgs.builder()\n .name(\"test_destination\")\n .roleArn(iamForCloudwatch.arn())\n .targetArn(kinesisForCloudwatch.arn())\n .build());\n\n final var testDestinationPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .actions(\"logs:PutSubscriptionFilter\")\n .resources(testDestination.arn())\n .build())\n .build());\n\n var testDestinationPolicyLogDestinationPolicy = new LogDestinationPolicy(\"testDestinationPolicyLogDestinationPolicy\", LogDestinationPolicyArgs.builder()\n .destinationName(testDestination.name())\n .accessPolicy(testDestinationPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(testDestinationPolicy -\u003e testDestinationPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testDestination:\n type: aws:cloudwatch:LogDestination\n name: test_destination\n properties:\n name: test_destination\n roleArn: ${iamForCloudwatch.arn}\n targetArn: ${kinesisForCloudwatch.arn}\n testDestinationPolicyLogDestinationPolicy:\n type: aws:cloudwatch:LogDestinationPolicy\n name: test_destination_policy\n properties:\n destinationName: ${testDestination.name}\n accessPolicy: ${testDestinationPolicy.json}\nvariables:\n testDestinationPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '123456789012'\n actions:\n - logs:PutSubscriptionFilter\n resources:\n - ${testDestination.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Logs destination policies using the `destination_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logDestinationPolicy:LogDestinationPolicy test_destination_policy test_destination\n```\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n" }, "forceUpdate": { "type": "boolean", "description": "Specify true if you are updating an existing destination policy to grant permission to an organization ID instead of granting permission to individual AWS accounts.\n" } }, "required": [ "accessPolicy", "destinationName" ], "inputProperties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n", "willReplaceOnChanges": true }, "forceUpdate": { "type": "boolean", "description": "Specify true if you are updating an existing destination policy to grant permission to an organization ID instead of granting permission to individual AWS accounts.\n" } }, "requiredInputs": [ "accessPolicy", "destinationName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogDestinationPolicy resources.\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "destinationName": { "type": "string", "description": "A name for the subscription filter\n", "willReplaceOnChanges": true }, "forceUpdate": { "type": "boolean", "description": "Specify true if you are updating an existing destination policy to grant permission to an organization ID instead of granting permission to individual AWS accounts.\n" } }, "type": "object" } }, "aws:cloudwatch/logGroup:LogGroup": { "description": "Provides a CloudWatch Log Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst yada = new aws.cloudwatch.LogGroup(\"yada\", {\n name: \"Yada\",\n tags: {\n Environment: \"production\",\n Application: \"serviceA\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nyada = aws.cloudwatch.LogGroup(\"yada\",\n name=\"Yada\",\n tags={\n \"Environment\": \"production\",\n \"Application\": \"serviceA\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var yada = new Aws.CloudWatch.LogGroup(\"yada\", new()\n {\n Name = \"Yada\",\n Tags = \n {\n { \"Environment\", \"production\" },\n { \"Application\", \"serviceA\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogGroup(ctx, \"yada\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"Yada\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t\t\"Application\": pulumi.String(\"serviceA\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var yada = new LogGroup(\"yada\", LogGroupArgs.builder()\n .name(\"Yada\")\n .tags(Map.ofEntries(\n Map.entry(\"Environment\", \"production\"),\n Map.entry(\"Application\", \"serviceA\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n yada:\n type: aws:cloudwatch:LogGroup\n properties:\n name: Yada\n tags:\n Environment: production\n Application: serviceA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudwatch Log Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logGroup:LogGroup test_group yada\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log group. Any `:*` suffix added by the API, denoting all CloudWatch Log Streams under the CloudWatch Log Group, is removed for greater compatibility with other AWS services that do not accept the suffix.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "logGroupClass": { "type": "string", "description": "Specified the log class of the log group. Possible values are: `STANDARD` or `INFREQUENT_ACCESS`.\n" }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, 3653, and 0.\nIf you select 0, the events in the log group are always retained and never expire.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time, and instead just remove the log group from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "logGroupClass", "name", "namePrefix", "tagsAll" ], "inputProperties": { "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "logGroupClass": { "type": "string", "description": "Specified the log class of the log group. Possible values are: `STANDARD` or `INFREQUENT_ACCESS`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, 3653, and 0.\nIf you select 0, the events in the log group are always retained and never expire.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time, and instead just remove the log group from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LogGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log group. Any `:*` suffix added by the API, denoting all CloudWatch Log Streams under the CloudWatch Log Group, is removed for greater compatibility with other AWS services that do not accept the suffix.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n" }, "logGroupClass": { "type": "string", "description": "Specified the log class of the log group. Possible values are: `STANDARD` or `INFREQUENT_ACCESS`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "retentionInDays": { "type": "integer", "description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, 3653, and 0.\nIf you select 0, the events in the log group are always retained and never expire.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time, and instead just remove the log group from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/logMetricFilter:LogMetricFilter": { "description": "Provides a CloudWatch Log Metric Filter resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dada = new aws.cloudwatch.LogGroup(\"dada\", {name: \"MyApp/access.log\"});\nconst yada = new aws.cloudwatch.LogMetricFilter(\"yada\", {\n name: \"MyAppAccessCount\",\n pattern: \"\",\n logGroupName: dada.name,\n metricTransformation: {\n name: \"EventCount\",\n namespace: \"YourNamespace\",\n value: \"1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndada = aws.cloudwatch.LogGroup(\"dada\", name=\"MyApp/access.log\")\nyada = aws.cloudwatch.LogMetricFilter(\"yada\",\n name=\"MyAppAccessCount\",\n pattern=\"\",\n log_group_name=dada.name,\n metric_transformation={\n \"name\": \"EventCount\",\n \"namespace\": \"YourNamespace\",\n \"value\": \"1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dada = new Aws.CloudWatch.LogGroup(\"dada\", new()\n {\n Name = \"MyApp/access.log\",\n });\n\n var yada = new Aws.CloudWatch.LogMetricFilter(\"yada\", new()\n {\n Name = \"MyAppAccessCount\",\n Pattern = \"\",\n LogGroupName = dada.Name,\n MetricTransformation = new Aws.CloudWatch.Inputs.LogMetricFilterMetricTransformationArgs\n {\n Name = \"EventCount\",\n Namespace = \"YourNamespace\",\n Value = \"1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdada, err := cloudwatch.NewLogGroup(ctx, \"dada\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"MyApp/access.log\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogMetricFilter(ctx, \"yada\", \u0026cloudwatch.LogMetricFilterArgs{\n\t\t\tName: pulumi.String(\"MyAppAccessCount\"),\n\t\t\tPattern: pulumi.String(\"\"),\n\t\t\tLogGroupName: dada.Name,\n\t\t\tMetricTransformation: \u0026cloudwatch.LogMetricFilterMetricTransformationArgs{\n\t\t\t\tName: pulumi.String(\"EventCount\"),\n\t\t\t\tNamespace: pulumi.String(\"YourNamespace\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudwatch.LogMetricFilter;\nimport com.pulumi.aws.cloudwatch.LogMetricFilterArgs;\nimport com.pulumi.aws.cloudwatch.inputs.LogMetricFilterMetricTransformationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dada = new LogGroup(\"dada\", LogGroupArgs.builder()\n .name(\"MyApp/access.log\")\n .build());\n\n var yada = new LogMetricFilter(\"yada\", LogMetricFilterArgs.builder()\n .name(\"MyAppAccessCount\")\n .pattern(\"\")\n .logGroupName(dada.name())\n .metricTransformation(LogMetricFilterMetricTransformationArgs.builder()\n .name(\"EventCount\")\n .namespace(\"YourNamespace\")\n .value(\"1\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n yada:\n type: aws:cloudwatch:LogMetricFilter\n properties:\n name: MyAppAccessCount\n pattern:\n logGroupName: ${dada.name}\n metricTransformation:\n name: EventCount\n namespace: YourNamespace\n value: '1'\n dada:\n type: aws:cloudwatch:LogGroup\n properties:\n name: MyApp/access.log\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Log Metric Filter using the `log_group_name:name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logMetricFilter:LogMetricFilter test /aws/lambda/function:test\n```\n", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n" }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information needed to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n" }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "required": [ "logGroupName", "metricTransformation", "name", "pattern" ], "inputProperties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n", "willReplaceOnChanges": true }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information needed to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n", "willReplaceOnChanges": true }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "requiredInputs": [ "logGroupName", "metricTransformation", "pattern" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogMetricFilter resources.\n", "properties": { "logGroupName": { "type": "string", "description": "The name of the log group to associate the metric filter with.\n", "willReplaceOnChanges": true }, "metricTransformation": { "$ref": "#/types/aws:cloudwatch/LogMetricFilterMetricTransformation:LogMetricFilterMetricTransformation", "description": "A block defining collection of information needed to define how metric data gets emitted. See below.\n" }, "name": { "type": "string", "description": "A name for the metric filter.\n", "willReplaceOnChanges": true }, "pattern": { "type": "string", "description": "A valid [CloudWatch Logs filter pattern](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html)\nfor extracting metric data out of ingested log events.\n" } }, "type": "object" } }, "aws:cloudwatch/logResourcePolicy:LogResourcePolicy": { "description": "Provides a resource to manage a CloudWatch log resource policy.\n\n## Example Usage\n\n### Elasticsearch Log Publishing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst elasticsearch-log-publishing-policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n ],\n resources: [\"arn:aws:logs:*\"],\n principals: [{\n identifiers: [\"es.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst elasticsearch_log_publishing_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"elasticsearch-log-publishing-policy\", {\n policyDocument: elasticsearch_log_publishing_policy.then(elasticsearch_log_publishing_policy =\u003e elasticsearch_log_publishing_policy.json),\n policyName: \"elasticsearch-log-publishing-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nelasticsearch_log_publishing_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n ],\n \"resources\": [\"arn:aws:logs:*\"],\n \"principals\": [{\n \"identifiers\": [\"es.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nelasticsearch_log_publishing_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"elasticsearch-log-publishing-policy\",\n policy_document=elasticsearch_log_publishing_policy.json,\n policy_name=\"elasticsearch-log-publishing-policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var elasticsearch_log_publishing_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var elasticsearch_log_publishing_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"elasticsearch-log-publishing-policy\", new()\n {\n PolicyDocument = elasticsearch_log_publishing_policy.Apply(elasticsearch_log_publishing_policy =\u003e elasticsearch_log_publishing_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"elasticsearch-log-publishing-policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\telasticsearch_log_publishing_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"elasticsearch-log-publishing-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(elasticsearch_log_publishing_policy.Json),\n\t\t\tPolicyName: pulumi.String(\"elasticsearch-log-publishing-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var elasticsearch-log-publishing-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\")\n .resources(\"arn:aws:logs:*\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"es.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var elasticsearch_log_publishing_policyLogResourcePolicy = new LogResourcePolicy(\"elasticsearch-log-publishing-policyLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyDocument(elasticsearch_log_publishing_policy.json())\n .policyName(\"elasticsearch-log-publishing-policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n elasticsearch-log-publishing-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: elasticsearch-log-publishing-policy\n properties:\n policyDocument: ${[\"elasticsearch-log-publishing-policy\"].json}\n policyName: elasticsearch-log-publishing-policy\nvariables:\n elasticsearch-log-publishing-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n resources:\n - arn:aws:logs:*\n principals:\n - identifiers:\n - es.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Route53 Query Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst route53-query-logging-policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policy.then(route53_query_logging_policy =\u003e route53_query_logging_policy.json),\n policyName: \"route53-query-logging-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroute53_query_logging_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"resources\": [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n \"principals\": [{\n \"identifiers\": [\"route53.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\",\n policy_document=route53_query_logging_policy.json,\n policy_name=\"route53-query-logging-policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var route53_query_logging_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policy\", new()\n {\n PolicyDocument = route53_query_logging_policy.Apply(route53_query_logging_policy =\u003e route53_query_logging_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"route53-query-logging-policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\troute53_query_logging_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"route53.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"route53-query-logging-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(route53_query_logging_policy.Json),\n\t\t\tPolicyName: pulumi.String(\"route53-query-logging-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var route53-query-logging-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:log-group:/aws/route53/*\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"route53.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var route53_query_logging_policyLogResourcePolicy = new LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyDocument(route53_query_logging_policy.json())\n .policyName(\"route53-query-logging-policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n route53-query-logging-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: route53-query-logging-policy\n properties:\n policyDocument: ${[\"route53-query-logging-policy\"].json}\n policyName: route53-query-logging-policy\nvariables:\n route53-query-logging-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:log-group:/aws/route53/*\n principals:\n - identifiers:\n - route53.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch log resource policies using the policy name. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logResourcePolicy:LogResourcePolicy MyPolicy MyPolicy\n```\n", "properties": { "policyDocument": { "type": "string", "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n" } }, "required": [ "policyDocument", "policyName" ], "inputProperties": { "policyDocument": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyDocument", "policyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogResourcePolicy resources.\n", "properties": { "policyDocument": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Details of the resource policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. Maximum length of 5120 characters.\n" }, "policyName": { "type": "string", "description": "Name of the resource policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/logStream:LogStream": { "description": "Provides a CloudWatch Log Stream resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst yada = new aws.cloudwatch.LogGroup(\"yada\", {name: \"Yada\"});\nconst foo = new aws.cloudwatch.LogStream(\"foo\", {\n name: \"SampleLogStream1234\",\n logGroupName: yada.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nyada = aws.cloudwatch.LogGroup(\"yada\", name=\"Yada\")\nfoo = aws.cloudwatch.LogStream(\"foo\",\n name=\"SampleLogStream1234\",\n log_group_name=yada.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var yada = new Aws.CloudWatch.LogGroup(\"yada\", new()\n {\n Name = \"Yada\",\n });\n\n var foo = new Aws.CloudWatch.LogStream(\"foo\", new()\n {\n Name = \"SampleLogStream1234\",\n LogGroupName = yada.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tyada, err := cloudwatch.NewLogGroup(ctx, \"yada\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"Yada\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogStream(ctx, \"foo\", \u0026cloudwatch.LogStreamArgs{\n\t\t\tName: pulumi.String(\"SampleLogStream1234\"),\n\t\t\tLogGroupName: yada.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudwatch.LogStream;\nimport com.pulumi.aws.cloudwatch.LogStreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var yada = new LogGroup(\"yada\", LogGroupArgs.builder()\n .name(\"Yada\")\n .build());\n\n var foo = new LogStream(\"foo\", LogStreamArgs.builder()\n .name(\"SampleLogStream1234\")\n .logGroupName(yada.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n yada:\n type: aws:cloudwatch:LogGroup\n properties:\n name: Yada\n foo:\n type: aws:cloudwatch:LogStream\n properties:\n name: SampleLogStream1234\n logGroupName: ${yada.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudwatch Log Stream using the stream's `log_group_name` and `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logStream:LogStream foo Yada:SampleLogStream1234\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log stream.\n" }, "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n" }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n" } }, "required": [ "arn", "logGroupName", "name" ], "inputProperties": { "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "logGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the log stream.\n" }, "logGroupName": { "type": "string", "description": "The name of the log group under which the log stream is to be created.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the log stream. Must not be longer than 512 characters and must not contain `:`\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cloudwatch/logSubscriptionFilter:LogSubscriptionFilter": { "description": "Provides a CloudWatch Logs subscription filter resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testLambdafunctionLogfilter = new aws.cloudwatch.LogSubscriptionFilter(\"test_lambdafunction_logfilter\", {\n name: \"test_lambdafunction_logfilter\",\n roleArn: iamForLambda.arn,\n logGroup: \"/aws/lambda/example_lambda_name\",\n filterPattern: \"logtype test\",\n destinationArn: testLogstream.arn,\n distribution: \"Random\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_lambdafunction_logfilter = aws.cloudwatch.LogSubscriptionFilter(\"test_lambdafunction_logfilter\",\n name=\"test_lambdafunction_logfilter\",\n role_arn=iam_for_lambda[\"arn\"],\n log_group=\"/aws/lambda/example_lambda_name\",\n filter_pattern=\"logtype test\",\n destination_arn=test_logstream[\"arn\"],\n distribution=\"Random\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testLambdafunctionLogfilter = new Aws.CloudWatch.LogSubscriptionFilter(\"test_lambdafunction_logfilter\", new()\n {\n Name = \"test_lambdafunction_logfilter\",\n RoleArn = iamForLambda.Arn,\n LogGroup = \"/aws/lambda/example_lambda_name\",\n FilterPattern = \"logtype test\",\n DestinationArn = testLogstream.Arn,\n Distribution = \"Random\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogSubscriptionFilter(ctx, \"test_lambdafunction_logfilter\", \u0026cloudwatch.LogSubscriptionFilterArgs{\n\t\t\tName: pulumi.String(\"test_lambdafunction_logfilter\"),\n\t\t\tRoleArn: pulumi.Any(iamForLambda.Arn),\n\t\t\tLogGroup: pulumi.Any(\"/aws/lambda/example_lambda_name\"),\n\t\t\tFilterPattern: pulumi.String(\"logtype test\"),\n\t\t\tDestinationArn: pulumi.Any(testLogstream.Arn),\n\t\t\tDistribution: pulumi.String(\"Random\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilter;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testLambdafunctionLogfilter = new LogSubscriptionFilter(\"testLambdafunctionLogfilter\", LogSubscriptionFilterArgs.builder()\n .name(\"test_lambdafunction_logfilter\")\n .roleArn(iamForLambda.arn())\n .logGroup(\"/aws/lambda/example_lambda_name\")\n .filterPattern(\"logtype test\")\n .destinationArn(testLogstream.arn())\n .distribution(\"Random\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testLambdafunctionLogfilter:\n type: aws:cloudwatch:LogSubscriptionFilter\n name: test_lambdafunction_logfilter\n properties:\n name: test_lambdafunction_logfilter\n roleArn: ${iamForLambda.arn}\n logGroup: /aws/lambda/example_lambda_name\n filterPattern: logtype test\n destinationArn: ${testLogstream.arn}\n distribution: Random\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Logs subscription filter using the log group name and subscription filter name separated by `|`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logSubscriptionFilter:LogSubscriptionFilter test_lambdafunction_logfilter \"/aws/lambda/example_lambda_name|test_lambdafunction_logfilter\"\n```\n", "properties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n" }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events. Use empty string `\"\"` to match everything. For more information, see the [Amazon CloudWatch Logs User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html).\n" }, "logGroup": { "type": "string", "description": "The name of the log group to associate the subscription filter with\n" }, "name": { "type": "string", "description": "A name for the subscription filter\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "required": [ "destinationArn", "filterPattern", "logGroup", "name", "roleArn" ], "inputProperties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n", "willReplaceOnChanges": true }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events. Use empty string `\"\"` to match everything. For more information, see the [Amazon CloudWatch Logs User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html).\n" }, "logGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:cloudwatch/logGroup:LogGroup" } ], "description": "The name of the log group to associate the subscription filter with\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the subscription filter\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "requiredInputs": [ "destinationArn", "filterPattern", "logGroup" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogSubscriptionFilter resources.\n", "properties": { "destinationArn": { "type": "string", "description": "The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN.\n", "willReplaceOnChanges": true }, "distribution": { "type": "string", "description": "The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are \"Random\" and \"ByLogStream\".\n" }, "filterPattern": { "type": "string", "description": "A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events. Use empty string `\"\"` to match everything. For more information, see the [Amazon CloudWatch Logs User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html).\n" }, "logGroup": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:cloudwatch/logGroup:LogGroup" } ], "description": "The name of the log group to associate the subscription filter with\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the subscription filter\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination. If you use Lambda as a destination, you should skip this argument and use `aws.lambda.Permission` resource for granting access from CloudWatch logs to the destination Lambda function.\n" } }, "type": "object" } }, "aws:cloudwatch/metricAlarm:MetricAlarm": { "description": "Provides a CloudWatch Metric Alarm resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n name: \"test-foobar5\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n insufficientDataActions: [],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n name=\"test-foobar5\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=2,\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=120,\n statistic=\"Average\",\n threshold=80,\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n insufficient_data_actions=[])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new()\n {\n Name = \"test-foobar5\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n InsufficientDataActions = new[] {},\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"test-foobar5\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\tPeriod: pulumi.Int(120),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Float64(80),\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tInsufficientDataActions: pulumi.Array{},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new MetricAlarm(\"foobar\", MetricAlarmArgs.builder()\n .name(\"test-foobar5\")\n .comparisonOperator(\"GreaterThanOrEqualToThreshold\")\n .evaluationPeriods(2)\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .period(120)\n .statistic(\"Average\")\n .threshold(80)\n .alarmDescription(\"This metric monitors ec2 cpu utilization\")\n .insufficientDataActions()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:cloudwatch:MetricAlarm\n properties:\n name: test-foobar5\n comparisonOperator: GreaterThanOrEqualToThreshold\n evaluationPeriods: 2\n metricName: CPUUtilization\n namespace: AWS/EC2\n period: 120\n statistic: Average\n threshold: 80\n alarmDescription: This metric monitors ec2 cpu utilization\n insufficientDataActions: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example in Conjunction with Scaling Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bat = new aws.autoscaling.Policy(\"bat\", {\n name: \"foobar3-test\",\n scalingAdjustment: 4,\n adjustmentType: \"ChangeInCapacity\",\n cooldown: 300,\n autoscalingGroupName: bar.name,\n});\nconst batMetricAlarm = new aws.cloudwatch.MetricAlarm(\"bat\", {\n name: \"test-foobar5\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n dimensions: {\n AutoScalingGroupName: bar.name,\n },\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n alarmActions: [bat.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbat = aws.autoscaling.Policy(\"bat\",\n name=\"foobar3-test\",\n scaling_adjustment=4,\n adjustment_type=\"ChangeInCapacity\",\n cooldown=300,\n autoscaling_group_name=bar[\"name\"])\nbat_metric_alarm = aws.cloudwatch.MetricAlarm(\"bat\",\n name=\"test-foobar5\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=2,\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=120,\n statistic=\"Average\",\n threshold=80,\n dimensions={\n \"AutoScalingGroupName\": bar[\"name\"],\n },\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n alarm_actions=[bat.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bat = new Aws.AutoScaling.Policy(\"bat\", new()\n {\n Name = \"foobar3-test\",\n ScalingAdjustment = 4,\n AdjustmentType = \"ChangeInCapacity\",\n Cooldown = 300,\n AutoscalingGroupName = bar.Name,\n });\n\n var batMetricAlarm = new Aws.CloudWatch.MetricAlarm(\"bat\", new()\n {\n Name = \"test-foobar5\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n Dimensions = \n {\n { \"AutoScalingGroupName\", bar.Name },\n },\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n AlarmActions = new[]\n {\n bat.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbat, err := autoscaling.NewPolicy(ctx, \"bat\", \u0026autoscaling.PolicyArgs{\n\t\t\tName: pulumi.String(\"foobar3-test\"),\n\t\t\tScalingAdjustment: pulumi.Int(4),\n\t\t\tAdjustmentType: pulumi.String(\"ChangeInCapacity\"),\n\t\t\tCooldown: pulumi.Int(300),\n\t\t\tAutoscalingGroupName: pulumi.Any(bar.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewMetricAlarm(ctx, \"bat\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"test-foobar5\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\tPeriod: pulumi.Int(120),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Float64(80),\n\t\t\tDimensions: pulumi.StringMap{\n\t\t\t\t\"AutoScalingGroupName\": pulumi.Any(bar.Name),\n\t\t\t},\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tAlarmActions: pulumi.Array{\n\t\t\t\tbat.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Policy;\nimport com.pulumi.aws.autoscaling.PolicyArgs;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bat = new Policy(\"bat\", PolicyArgs.builder()\n .name(\"foobar3-test\")\n .scalingAdjustment(4)\n .adjustmentType(\"ChangeInCapacity\")\n .cooldown(300)\n .autoscalingGroupName(bar.name())\n .build());\n\n var batMetricAlarm = new MetricAlarm(\"batMetricAlarm\", MetricAlarmArgs.builder()\n .name(\"test-foobar5\")\n .comparisonOperator(\"GreaterThanOrEqualToThreshold\")\n .evaluationPeriods(2)\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .period(120)\n .statistic(\"Average\")\n .threshold(80)\n .dimensions(Map.of(\"AutoScalingGroupName\", bar.name()))\n .alarmDescription(\"This metric monitors ec2 cpu utilization\")\n .alarmActions(bat.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bat:\n type: aws:autoscaling:Policy\n properties:\n name: foobar3-test\n scalingAdjustment: 4\n adjustmentType: ChangeInCapacity\n cooldown: 300\n autoscalingGroupName: ${bar.name}\n batMetricAlarm:\n type: aws:cloudwatch:MetricAlarm\n name: bat\n properties:\n name: test-foobar5\n comparisonOperator: GreaterThanOrEqualToThreshold\n evaluationPeriods: 2\n metricName: CPUUtilization\n namespace: AWS/EC2\n period: 120\n statistic: Average\n threshold: 80\n dimensions:\n AutoScalingGroupName: ${bar.name}\n alarmDescription: This metric monitors ec2 cpu utilization\n alarmActions:\n - ${bat.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example with an Expression\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n name: \"test-foobar\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n threshold: 10,\n alarmDescription: \"Request error rate has exceeded 10%\",\n insufficientDataActions: [],\n metricQueries: [\n {\n id: \"e1\",\n expression: \"m2/m1*100\",\n label: \"Error Rate\",\n returnData: true,\n },\n {\n id: \"m1\",\n metric: {\n metricName: \"RequestCount\",\n namespace: \"AWS/ApplicationELB\",\n period: 120,\n stat: \"Sum\",\n unit: \"Count\",\n dimensions: {\n LoadBalancer: \"app/web\",\n },\n },\n },\n {\n id: \"m2\",\n metric: {\n metricName: \"HTTPCode_ELB_5XX_Count\",\n namespace: \"AWS/ApplicationELB\",\n period: 120,\n stat: \"Sum\",\n unit: \"Count\",\n dimensions: {\n LoadBalancer: \"app/web\",\n },\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n name=\"test-foobar\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=2,\n threshold=10,\n alarm_description=\"Request error rate has exceeded 10%\",\n insufficient_data_actions=[],\n metric_queries=[\n {\n \"id\": \"e1\",\n \"expression\": \"m2/m1*100\",\n \"label\": \"Error Rate\",\n \"return_data\": True,\n },\n {\n \"id\": \"m1\",\n \"metric\": {\n \"metric_name\": \"RequestCount\",\n \"namespace\": \"AWS/ApplicationELB\",\n \"period\": 120,\n \"stat\": \"Sum\",\n \"unit\": \"Count\",\n \"dimensions\": {\n \"load_balancer\": \"app/web\",\n },\n },\n },\n {\n \"id\": \"m2\",\n \"metric\": {\n \"metric_name\": \"HTTPCode_ELB_5XX_Count\",\n \"namespace\": \"AWS/ApplicationELB\",\n \"period\": 120,\n \"stat\": \"Sum\",\n \"unit\": \"Count\",\n \"dimensions\": {\n \"load_balancer\": \"app/web\",\n },\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new()\n {\n Name = \"test-foobar\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n Threshold = 10,\n AlarmDescription = \"Request error rate has exceeded 10%\",\n InsufficientDataActions = new[] {},\n MetricQueries = new[]\n {\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"e1\",\n Expression = \"m2/m1*100\",\n Label = \"Error Rate\",\n ReturnData = true,\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m1\",\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n MetricName = \"RequestCount\",\n Namespace = \"AWS/ApplicationELB\",\n Period = 120,\n Stat = \"Sum\",\n Unit = \"Count\",\n Dimensions = \n {\n { \"LoadBalancer\", \"app/web\" },\n },\n },\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m2\",\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n MetricName = \"HTTPCode_ELB_5XX_Count\",\n Namespace = \"AWS/ApplicationELB\",\n Period = 120,\n Stat = \"Sum\",\n Unit = \"Count\",\n Dimensions = \n {\n { \"LoadBalancer\", \"app/web\" },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"test-foobar\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tThreshold: pulumi.Float64(10),\n\t\t\tAlarmDescription: pulumi.String(\"Request error rate has exceeded 10%\"),\n\t\t\tInsufficientDataActions: pulumi.Array{},\n\t\t\tMetricQueries: cloudwatch.MetricAlarmMetricQueryArray{\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\tExpression: pulumi.String(\"m2/m1*100\"),\n\t\t\t\t\tLabel: pulumi.String(\"Error Rate\"),\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tMetricName: pulumi.String(\"RequestCount\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/ApplicationELB\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t\tDimensions: pulumi.StringMap{\n\t\t\t\t\t\t\t\"LoadBalancer\": pulumi.String(\"app/web\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m2\"),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tMetricName: pulumi.String(\"HTTPCode_ELB_5XX_Count\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/ApplicationELB\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Sum\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t\tDimensions: pulumi.StringMap{\n\t\t\t\t\t\t\t\"LoadBalancer\": pulumi.String(\"app/web\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricAlarmMetricQueryArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricAlarmMetricQueryMetricArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new MetricAlarm(\"foobar\", MetricAlarmArgs.builder()\n .name(\"test-foobar\")\n .comparisonOperator(\"GreaterThanOrEqualToThreshold\")\n .evaluationPeriods(2)\n .threshold(10)\n .alarmDescription(\"Request error rate has exceeded 10%\")\n .insufficientDataActions()\n .metricQueries( \n MetricAlarmMetricQueryArgs.builder()\n .id(\"e1\")\n .expression(\"m2/m1*100\")\n .label(\"Error Rate\")\n .returnData(\"true\")\n .build(),\n MetricAlarmMetricQueryArgs.builder()\n .id(\"m1\")\n .metric(MetricAlarmMetricQueryMetricArgs.builder()\n .metricName(\"RequestCount\")\n .namespace(\"AWS/ApplicationELB\")\n .period(120)\n .stat(\"Sum\")\n .unit(\"Count\")\n .dimensions(Map.of(\"LoadBalancer\", \"app/web\"))\n .build())\n .build(),\n MetricAlarmMetricQueryArgs.builder()\n .id(\"m2\")\n .metric(MetricAlarmMetricQueryMetricArgs.builder()\n .metricName(\"HTTPCode_ELB_5XX_Count\")\n .namespace(\"AWS/ApplicationELB\")\n .period(120)\n .stat(\"Sum\")\n .unit(\"Count\")\n .dimensions(Map.of(\"LoadBalancer\", \"app/web\"))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:cloudwatch:MetricAlarm\n properties:\n name: test-foobar\n comparisonOperator: GreaterThanOrEqualToThreshold\n evaluationPeriods: 2\n threshold: 10\n alarmDescription: Request error rate has exceeded 10%\n insufficientDataActions: []\n metricQueries:\n - id: e1\n expression: m2/m1*100\n label: Error Rate\n returnData: 'true'\n - id: m1\n metric:\n metricName: RequestCount\n namespace: AWS/ApplicationELB\n period: 120\n stat: Sum\n unit: Count\n dimensions:\n LoadBalancer: app/web\n - id: m2\n metric:\n metricName: HTTPCode_ELB_5XX_Count\n namespace: AWS/ApplicationELB\n period: 120\n stat: Sum\n unit: Count\n dimensions:\n LoadBalancer: app/web\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xxAnomalyDetection = new aws.cloudwatch.MetricAlarm(\"xx_anomaly_detection\", {\n name: \"test-foobar\",\n comparisonOperator: \"GreaterThanUpperThreshold\",\n evaluationPeriods: 2,\n thresholdMetricId: \"e1\",\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n insufficientDataActions: [],\n metricQueries: [\n {\n id: \"e1\",\n expression: \"ANOMALY_DETECTION_BAND(m1)\",\n label: \"CPUUtilization (Expected)\",\n returnData: true,\n },\n {\n id: \"m1\",\n returnData: true,\n metric: {\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n stat: \"Average\",\n unit: \"Count\",\n dimensions: {\n InstanceId: \"i-abc123\",\n },\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxx_anomaly_detection = aws.cloudwatch.MetricAlarm(\"xx_anomaly_detection\",\n name=\"test-foobar\",\n comparison_operator=\"GreaterThanUpperThreshold\",\n evaluation_periods=2,\n threshold_metric_id=\"e1\",\n alarm_description=\"This metric monitors ec2 cpu utilization\",\n insufficient_data_actions=[],\n metric_queries=[\n {\n \"id\": \"e1\",\n \"expression\": \"ANOMALY_DETECTION_BAND(m1)\",\n \"label\": \"CPUUtilization (Expected)\",\n \"return_data\": True,\n },\n {\n \"id\": \"m1\",\n \"return_data\": True,\n \"metric\": {\n \"metric_name\": \"CPUUtilization\",\n \"namespace\": \"AWS/EC2\",\n \"period\": 120,\n \"stat\": \"Average\",\n \"unit\": \"Count\",\n \"dimensions\": {\n \"instance_id\": \"i-abc123\",\n },\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var xxAnomalyDetection = new Aws.CloudWatch.MetricAlarm(\"xx_anomaly_detection\", new()\n {\n Name = \"test-foobar\",\n ComparisonOperator = \"GreaterThanUpperThreshold\",\n EvaluationPeriods = 2,\n ThresholdMetricId = \"e1\",\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n InsufficientDataActions = new[] {},\n MetricQueries = new[]\n {\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"e1\",\n Expression = \"ANOMALY_DETECTION_BAND(m1)\",\n Label = \"CPUUtilization (Expected)\",\n ReturnData = true,\n },\n new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs\n {\n Id = \"m1\",\n ReturnData = true,\n Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs\n {\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Stat = \"Average\",\n Unit = \"Count\",\n Dimensions = \n {\n { \"InstanceId\", \"i-abc123\" },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewMetricAlarm(ctx, \"xx_anomaly_detection\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"test-foobar\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanUpperThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tThresholdMetricId: pulumi.String(\"e1\"),\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t\tInsufficientDataActions: pulumi.Array{},\n\t\t\tMetricQueries: cloudwatch.MetricAlarmMetricQueryArray{\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"e1\"),\n\t\t\t\t\tExpression: pulumi.String(\"ANOMALY_DETECTION_BAND(m1)\"),\n\t\t\t\t\tLabel: pulumi.String(\"CPUUtilization (Expected)\"),\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricAlarmMetricQueryArgs{\n\t\t\t\t\tId: pulumi.String(\"m1\"),\n\t\t\t\t\tReturnData: pulumi.Bool(true),\n\t\t\t\t\tMetric: \u0026cloudwatch.MetricAlarmMetricQueryMetricArgs{\n\t\t\t\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\t\tPeriod: pulumi.Int(120),\n\t\t\t\t\t\tStat: pulumi.String(\"Average\"),\n\t\t\t\t\t\tUnit: pulumi.String(\"Count\"),\n\t\t\t\t\t\tDimensions: pulumi.StringMap{\n\t\t\t\t\t\t\t\"InstanceId\": pulumi.String(\"i-abc123\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricAlarmMetricQueryArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricAlarmMetricQueryMetricArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var xxAnomalyDetection = new MetricAlarm(\"xxAnomalyDetection\", MetricAlarmArgs.builder()\n .name(\"test-foobar\")\n .comparisonOperator(\"GreaterThanUpperThreshold\")\n .evaluationPeriods(2)\n .thresholdMetricId(\"e1\")\n .alarmDescription(\"This metric monitors ec2 cpu utilization\")\n .insufficientDataActions()\n .metricQueries( \n MetricAlarmMetricQueryArgs.builder()\n .id(\"e1\")\n .expression(\"ANOMALY_DETECTION_BAND(m1)\")\n .label(\"CPUUtilization (Expected)\")\n .returnData(\"true\")\n .build(),\n MetricAlarmMetricQueryArgs.builder()\n .id(\"m1\")\n .returnData(\"true\")\n .metric(MetricAlarmMetricQueryMetricArgs.builder()\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .period(120)\n .stat(\"Average\")\n .unit(\"Count\")\n .dimensions(Map.of(\"InstanceId\", \"i-abc123\"))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n xxAnomalyDetection:\n type: aws:cloudwatch:MetricAlarm\n name: xx_anomaly_detection\n properties:\n name: test-foobar\n comparisonOperator: GreaterThanUpperThreshold\n evaluationPeriods: 2\n thresholdMetricId: e1\n alarmDescription: This metric monitors ec2 cpu utilization\n insufficientDataActions: []\n metricQueries:\n - id: e1\n expression: ANOMALY_DETECTION_BAND(m1)\n label: CPUUtilization (Expected)\n returnData: 'true'\n - id: m1\n returnData: 'true'\n metric:\n metricName: CPUUtilization\n namespace: AWS/EC2\n period: 120\n stat: Average\n unit: Count\n dimensions:\n InstanceId: i-abc123\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example of monitoring Healthy Hosts on NLB using Target Group and NLB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst nlbHealthyhosts = new aws.cloudwatch.MetricAlarm(\"nlb_healthyhosts\", {\n name: \"alarmname\",\n comparisonOperator: \"LessThanThreshold\",\n evaluationPeriods: 1,\n metricName: \"HealthyHostCount\",\n namespace: \"AWS/NetworkELB\",\n period: 60,\n statistic: \"Average\",\n threshold: logstashServersCount,\n alarmDescription: \"Number of healthy nodes in Target Group\",\n actionsEnabled: true,\n alarmActions: [sns.arn],\n okActions: [sns.arn],\n dimensions: {\n TargetGroup: lb_tg.arnSuffix,\n LoadBalancer: lb.arnSuffix,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnlb_healthyhosts = aws.cloudwatch.MetricAlarm(\"nlb_healthyhosts\",\n name=\"alarmname\",\n comparison_operator=\"LessThanThreshold\",\n evaluation_periods=1,\n metric_name=\"HealthyHostCount\",\n namespace=\"AWS/NetworkELB\",\n period=60,\n statistic=\"Average\",\n threshold=logstash_servers_count,\n alarm_description=\"Number of healthy nodes in Target Group\",\n actions_enabled=True,\n alarm_actions=[sns[\"arn\"]],\n ok_actions=[sns[\"arn\"]],\n dimensions={\n \"TargetGroup\": lb_tg[\"arnSuffix\"],\n \"LoadBalancer\": lb[\"arnSuffix\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var nlbHealthyhosts = new Aws.CloudWatch.MetricAlarm(\"nlb_healthyhosts\", new()\n {\n Name = \"alarmname\",\n ComparisonOperator = \"LessThanThreshold\",\n EvaluationPeriods = 1,\n MetricName = \"HealthyHostCount\",\n Namespace = \"AWS/NetworkELB\",\n Period = 60,\n Statistic = \"Average\",\n Threshold = logstashServersCount,\n AlarmDescription = \"Number of healthy nodes in Target Group\",\n ActionsEnabled = true,\n AlarmActions = new[]\n {\n sns.Arn,\n },\n OkActions = new[]\n {\n sns.Arn,\n },\n Dimensions = \n {\n { \"TargetGroup\", lb_tg.ArnSuffix },\n { \"LoadBalancer\", lb.ArnSuffix },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewMetricAlarm(ctx, \"nlb_healthyhosts\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"alarmname\"),\n\t\t\tComparisonOperator: pulumi.String(\"LessThanThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(1),\n\t\t\tMetricName: pulumi.String(\"HealthyHostCount\"),\n\t\t\tNamespace: pulumi.String(\"AWS/NetworkELB\"),\n\t\t\tPeriod: pulumi.Int(60),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Any(logstashServersCount),\n\t\t\tAlarmDescription: pulumi.String(\"Number of healthy nodes in Target Group\"),\n\t\t\tActionsEnabled: pulumi.Bool(true),\n\t\t\tAlarmActions: pulumi.Array{\n\t\t\t\tsns.Arn,\n\t\t\t},\n\t\t\tOkActions: pulumi.Array{\n\t\t\t\tsns.Arn,\n\t\t\t},\n\t\t\tDimensions: pulumi.StringMap{\n\t\t\t\t\"TargetGroup\": pulumi.Any(lb_tg.ArnSuffix),\n\t\t\t\t\"LoadBalancer\": pulumi.Any(lb.ArnSuffix),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var nlbHealthyhosts = new MetricAlarm(\"nlbHealthyhosts\", MetricAlarmArgs.builder()\n .name(\"alarmname\")\n .comparisonOperator(\"LessThanThreshold\")\n .evaluationPeriods(1)\n .metricName(\"HealthyHostCount\")\n .namespace(\"AWS/NetworkELB\")\n .period(60)\n .statistic(\"Average\")\n .threshold(logstashServersCount)\n .alarmDescription(\"Number of healthy nodes in Target Group\")\n .actionsEnabled(\"true\")\n .alarmActions(sns.arn())\n .okActions(sns.arn())\n .dimensions(Map.ofEntries(\n Map.entry(\"TargetGroup\", lb_tg.arnSuffix()),\n Map.entry(\"LoadBalancer\", lb.arnSuffix())\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n nlbHealthyhosts:\n type: aws:cloudwatch:MetricAlarm\n name: nlb_healthyhosts\n properties:\n name: alarmname\n comparisonOperator: LessThanThreshold\n evaluationPeriods: 1\n metricName: HealthyHostCount\n namespace: AWS/NetworkELB\n period: 60\n statistic: Average\n threshold: ${logstashServersCount}\n alarmDescription: Number of healthy nodes in Target Group\n actionsEnabled: 'true'\n alarmActions:\n - ${sns.arn}\n okActions:\n - ${sns.arn}\n dimensions:\n TargetGroup: ${[\"lb-tg\"].arnSuffix}\n LoadBalancer: ${lb.arnSuffix}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** You cannot create a metric alarm consisting of both `statistic` and `extended_statistic` parameters.\nYou must choose one or the other\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Metric Alarm using the `alarm_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/metricAlarm:MetricAlarm test alarm-12345\n```\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "arn": { "type": "string", "description": "The ARN of the CloudWatch Metric Alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for the alarm's associated metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms based on percentiles.\nIf you specify `ignore`, the alarm state will not change during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for the alarm's associated metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n" }, "namespace": { "type": "string", "description": "The namespace for the alarm's associated metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string" }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `statistic` is applied.\nValid values are `10`, `30`, or any multiple of `60`.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** If you specify at least one `metric_query`, you may not specify a `metric_name`, `namespace`, `period` or `statistic`. If you do not specify a `metric_query`, you must specify each of these (although you may use `extended_statistic` instead of `statistic`).\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for the alarm's associated metric.\n" } }, "required": [ "name", "arn", "comparisonOperator", "evaluateLowSampleCountPercentiles", "evaluationPeriods", "tagsAll" ], "inputProperties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for the alarm's associated metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms based on percentiles.\nIf you specify `ignore`, the alarm state will not change during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for the alarm's associated metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace for the alarm's associated metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `statistic` is applied.\nValid values are `10`, `30`, or any multiple of `60`.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** If you specify at least one `metric_query`, you may not specify a `metric_name`, `namespace`, `period` or `statistic`. If you do not specify a `metric_query`, you must specify each of these (although you may use `extended_statistic` instead of `statistic`).\n" }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for the alarm's associated metric.\n" } }, "requiredInputs": [ "comparisonOperator", "evaluationPeriods" ], "stateInputs": { "description": "Input properties used for looking up and filtering MetricAlarm resources.\n", "properties": { "actionsEnabled": { "type": "boolean", "description": "Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to `true`.\n" }, "alarmActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "alarmDescription": { "type": "string", "description": "The description for the alarm.\n" }, "arn": { "type": "string", "description": "The ARN of the CloudWatch Metric Alarm.\n" }, "comparisonOperator": { "type": "string", "description": "The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: `GreaterThanOrEqualToThreshold`, `GreaterThanThreshold`, `LessThanThreshold`, `LessThanOrEqualToThreshold`. Additionally, the values `LessThanLowerOrGreaterThanUpperThreshold`, `LessThanLowerThreshold`, and `GreaterThanUpperThreshold` are used only for alarms based on anomaly detection models.\n" }, "datapointsToAlarm": { "type": "integer", "description": "The number of datapoints that must be breaching to trigger the alarm.\n" }, "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The dimensions for the alarm's associated metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "evaluateLowSampleCountPercentiles": { "type": "string", "description": "Used only for alarms based on percentiles.\nIf you specify `ignore`, the alarm state will not change during periods with too few data points to be statistically significant.\nIf you specify `evaluate` or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available.\nThe following values are supported: `ignore`, and `evaluate`.\n" }, "evaluationPeriods": { "type": "integer", "description": "The number of periods over which data is compared to the specified threshold.\n" }, "extendedStatistic": { "type": "string", "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n" }, "insufficientDataActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "metricName": { "type": "string", "description": "The name for the alarm's associated metric.\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "metricQueries": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricAlarmMetricQuery:MetricAlarmMetricQuery" }, "description": "Enables you to create an alarm based on a metric math expression. You may specify at most 20.\n" }, "name": { "type": "string", "description": "The descriptive name for the alarm. This name must be unique within the user's AWS account\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace for the alarm's associated metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html).\nSee docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html).\n" }, "okActions": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ] }, "description": "The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN).\n" }, "period": { "type": "integer", "description": "The period in seconds over which the specified `statistic` is applied.\nValid values are `10`, `30`, or any multiple of `60`.\n" }, "statistic": { "type": "string", "description": "The statistic to apply to the alarm's associated metric.\nEither of the following is supported: `SampleCount`, `Average`, `Sum`, `Minimum`, `Maximum`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** If you specify at least one `metric_query`, you may not specify a `metric_name`, `namespace`, `period` or `statistic`. If you do not specify a `metric_query`, you must specify each of these (although you may use `extended_statistic` instead of `statistic`).\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "threshold": { "type": "number", "description": "The value against which the specified statistic is compared. This parameter is required for alarms based on static thresholds, but should not be used for alarms based on anomaly detection models.\n" }, "thresholdMetricId": { "type": "string", "description": "If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function.\n" }, "treatMissingData": { "type": "string", "description": "Sets how this alarm is to handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Defaults to `missing`.\n" }, "unit": { "type": "string", "description": "The unit for the alarm's associated metric.\n" } }, "type": "object" } }, "aws:cloudwatch/metricStream:MetricStream": { "description": "Provides a CloudWatch Metric Stream resource.\n\n## Example Usage\n\n### Filters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\nconst streamsAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"streams.metrics.cloudwatch.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst metricStreamToFirehoseRole = new aws.iam.Role(\"metric_stream_to_firehose\", {\n name: \"metric_stream_to_firehose_role\",\n assumeRolePolicy: streamsAssumeRole.then(streamsAssumeRole =\u003e streamsAssumeRole.json),\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"metric-stream-test-bucket\"});\nconst firehoseAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst firehoseToS3Role = new aws.iam.Role(\"firehose_to_s3\", {assumeRolePolicy: firehoseAssumeRole.then(firehoseAssumeRole =\u003e firehoseAssumeRole.json)});\nconst s3Stream = new aws.kinesis.FirehoseDeliveryStream(\"s3_stream\", {\n name: \"metric-stream-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseToS3Role.arn,\n bucketArn: bucket.arn,\n },\n});\nconst main = new aws.cloudwatch.MetricStream(\"main\", {\n name: \"my-metric-stream\",\n roleArn: metricStreamToFirehoseRole.arn,\n firehoseArn: s3Stream.arn,\n outputFormat: \"json\",\n includeFilters: [\n {\n namespace: \"AWS/EC2\",\n metricNames: [\n \"CPUUtilization\",\n \"NetworkOut\",\n ],\n },\n {\n namespace: \"AWS/EBS\",\n metricNames: [],\n },\n ],\n});\n// https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\nconst metricStreamToFirehose = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"firehose:PutRecord\",\n \"firehose:PutRecordBatch\",\n ],\n resources: [s3Stream.arn],\n }],\n});\nconst metricStreamToFirehoseRolePolicy = new aws.iam.RolePolicy(\"metric_stream_to_firehose\", {\n name: \"default\",\n role: metricStreamToFirehoseRole.id,\n policy: metricStreamToFirehose.apply(metricStreamToFirehose =\u003e metricStreamToFirehose.json),\n});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst firehoseToS3 = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"s3:AbortMultipartUpload\",\n \"s3:GetBucketLocation\",\n \"s3:GetObject\",\n \"s3:ListBucket\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:PutObject\",\n ],\n resources: [\n bucket.arn,\n pulumi.interpolate`${bucket.arn}/*`,\n ],\n }],\n});\nconst firehoseToS3RolePolicy = new aws.iam.RolePolicy(\"firehose_to_s3\", {\n name: \"default\",\n role: firehoseToS3Role.id,\n policy: firehoseToS3.apply(firehoseToS3 =\u003e firehoseToS3.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\nstreams_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"streams.metrics.cloudwatch.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nmetric_stream_to_firehose_role = aws.iam.Role(\"metric_stream_to_firehose\",\n name=\"metric_stream_to_firehose_role\",\n assume_role_policy=streams_assume_role.json)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"metric-stream-test-bucket\")\nfirehose_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"firehose.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nfirehose_to_s3_role = aws.iam.Role(\"firehose_to_s3\", assume_role_policy=firehose_assume_role.json)\ns3_stream = aws.kinesis.FirehoseDeliveryStream(\"s3_stream\",\n name=\"metric-stream-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": firehose_to_s3_role.arn,\n \"bucket_arn\": bucket.arn,\n })\nmain = aws.cloudwatch.MetricStream(\"main\",\n name=\"my-metric-stream\",\n role_arn=metric_stream_to_firehose_role.arn,\n firehose_arn=s3_stream.arn,\n output_format=\"json\",\n include_filters=[\n {\n \"namespace\": \"AWS/EC2\",\n \"metric_names\": [\n \"CPUUtilization\",\n \"NetworkOut\",\n ],\n },\n {\n \"namespace\": \"AWS/EBS\",\n \"metric_names\": [],\n },\n ])\n# https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\nmetric_stream_to_firehose = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"firehose:PutRecord\",\n \"firehose:PutRecordBatch\",\n ],\n \"resources\": [s3_stream.arn],\n}])\nmetric_stream_to_firehose_role_policy = aws.iam.RolePolicy(\"metric_stream_to_firehose\",\n name=\"default\",\n role=metric_stream_to_firehose_role.id,\n policy=metric_stream_to_firehose.json)\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nfirehose_to_s3 = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"s3:AbortMultipartUpload\",\n \"s3:GetBucketLocation\",\n \"s3:GetObject\",\n \"s3:ListBucket\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:PutObject\",\n ],\n \"resources\": [\n bucket.arn,\n bucket.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n}])\nfirehose_to_s3_role_policy = aws.iam.RolePolicy(\"firehose_to_s3\",\n name=\"default\",\n role=firehose_to_s3_role.id,\n policy=firehose_to_s3.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n var streamsAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"streams.metrics.cloudwatch.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var metricStreamToFirehoseRole = new Aws.Iam.Role(\"metric_stream_to_firehose\", new()\n {\n Name = \"metric_stream_to_firehose_role\",\n AssumeRolePolicy = streamsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"metric-stream-test-bucket\",\n });\n\n var firehoseAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var firehoseToS3Role = new Aws.Iam.Role(\"firehose_to_s3\", new()\n {\n AssumeRolePolicy = firehoseAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var s3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"s3_stream\", new()\n {\n Name = \"metric-stream-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseToS3Role.Arn,\n BucketArn = bucket.Arn,\n },\n });\n\n var main = new Aws.CloudWatch.MetricStream(\"main\", new()\n {\n Name = \"my-metric-stream\",\n RoleArn = metricStreamToFirehoseRole.Arn,\n FirehoseArn = s3Stream.Arn,\n OutputFormat = \"json\",\n IncludeFilters = new[]\n {\n new Aws.CloudWatch.Inputs.MetricStreamIncludeFilterArgs\n {\n Namespace = \"AWS/EC2\",\n MetricNames = new[]\n {\n \"CPUUtilization\",\n \"NetworkOut\",\n },\n },\n new Aws.CloudWatch.Inputs.MetricStreamIncludeFilterArgs\n {\n Namespace = \"AWS/EBS\",\n MetricNames = new() { },\n },\n },\n });\n\n // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n var metricStreamToFirehose = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"firehose:PutRecord\",\n \"firehose:PutRecordBatch\",\n },\n Resources = new[]\n {\n s3Stream.Arn,\n },\n },\n },\n });\n\n var metricStreamToFirehoseRolePolicy = new Aws.Iam.RolePolicy(\"metric_stream_to_firehose\", new()\n {\n Name = \"default\",\n Role = metricStreamToFirehoseRole.Id,\n Policy = metricStreamToFirehose.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var firehoseToS3 = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:AbortMultipartUpload\",\n \"s3:GetBucketLocation\",\n \"s3:GetObject\",\n \"s3:ListBucket\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n bucket.Arn,\n $\"{bucket.Arn}/*\",\n },\n },\n },\n });\n\n var firehoseToS3RolePolicy = new Aws.Iam.RolePolicy(\"firehose_to_s3\", new()\n {\n Name = \"default\",\n Role = firehoseToS3Role.Id,\n Policy = firehoseToS3.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n\t\tstreamsAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"streams.metrics.cloudwatch.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmetricStreamToFirehoseRole, err := iam.NewRole(ctx, \"metric_stream_to_firehose\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"metric_stream_to_firehose_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(streamsAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"metric-stream-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseToS3Role, err := iam.NewRole(ctx, \"firehose_to_s3\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(firehoseAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3Stream, err := kinesis.NewFirehoseDeliveryStream(ctx, \"s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"metric-stream-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: firehoseToS3Role.Arn,\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewMetricStream(ctx, \"main\", \u0026cloudwatch.MetricStreamArgs{\n\t\t\tName: pulumi.String(\"my-metric-stream\"),\n\t\t\tRoleArn: metricStreamToFirehoseRole.Arn,\n\t\t\tFirehoseArn: s3Stream.Arn,\n\t\t\tOutputFormat: pulumi.String(\"json\"),\n\t\t\tIncludeFilters: cloudwatch.MetricStreamIncludeFilterArray{\n\t\t\t\t\u0026cloudwatch.MetricStreamIncludeFilterArgs{\n\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\tMetricNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\tpulumi.String(\"NetworkOut\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricStreamIncludeFilterArgs{\n\t\t\t\t\tNamespace: pulumi.String(\"AWS/EBS\"),\n\t\t\t\t\tMetricNames: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n\t\tmetricStreamToFirehose := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"firehose:PutRecord\"),\n\t\t\t\t\t\tpulumi.String(\"firehose:PutRecordBatch\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ts3Stream.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"metric_stream_to_firehose\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"default\"),\n\t\t\tRole: metricStreamToFirehoseRole.ID(),\n\t\t\tPolicy: pulumi.String(metricStreamToFirehose.ApplyT(func(metricStreamToFirehose iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026metricStreamToFirehose.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseToS3 := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:AbortMultipartUpload\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucketMultipartUploads\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\tbucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose_to_s3\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"default\"),\n\t\t\tRole: firehoseToS3Role.ID(),\n\t\t\tPolicy: pulumi.String(firehoseToS3.ApplyT(func(firehoseToS3 iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026firehoseToS3.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.cloudwatch.MetricStream;\nimport com.pulumi.aws.cloudwatch.MetricStreamArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricStreamIncludeFilterArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n final var streamsAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"streams.metrics.cloudwatch.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var metricStreamToFirehoseRole = new Role(\"metricStreamToFirehoseRole\", RoleArgs.builder()\n .name(\"metric_stream_to_firehose_role\")\n .assumeRolePolicy(streamsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"metric-stream-test-bucket\")\n .build());\n\n final var firehoseAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var firehoseToS3Role = new Role(\"firehoseToS3Role\", RoleArgs.builder()\n .assumeRolePolicy(firehoseAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var s3Stream = new FirehoseDeliveryStream(\"s3Stream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"metric-stream-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseToS3Role.arn())\n .bucketArn(bucket.arn())\n .build())\n .build());\n\n var main = new MetricStream(\"main\", MetricStreamArgs.builder()\n .name(\"my-metric-stream\")\n .roleArn(metricStreamToFirehoseRole.arn())\n .firehoseArn(s3Stream.arn())\n .outputFormat(\"json\")\n .includeFilters( \n MetricStreamIncludeFilterArgs.builder()\n .namespace(\"AWS/EC2\")\n .metricNames( \n \"CPUUtilization\",\n \"NetworkOut\")\n .build(),\n MetricStreamIncludeFilterArgs.builder()\n .namespace(\"AWS/EBS\")\n .metricNames()\n .build())\n .build());\n\n // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n final var metricStreamToFirehose = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"firehose:PutRecord\",\n \"firehose:PutRecordBatch\")\n .resources(s3Stream.arn())\n .build())\n .build());\n\n var metricStreamToFirehoseRolePolicy = new RolePolicy(\"metricStreamToFirehoseRolePolicy\", RolePolicyArgs.builder()\n .name(\"default\")\n .role(metricStreamToFirehoseRole.id())\n .policy(metricStreamToFirehose.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(metricStreamToFirehose -\u003e metricStreamToFirehose.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n final var firehoseToS3 = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:AbortMultipartUpload\",\n \"s3:GetBucketLocation\",\n \"s3:GetObject\",\n \"s3:ListBucket\",\n \"s3:ListBucketMultipartUploads\",\n \"s3:PutObject\")\n .resources( \n bucket.arn(),\n bucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var firehoseToS3RolePolicy = new RolePolicy(\"firehoseToS3RolePolicy\", RolePolicyArgs.builder()\n .name(\"default\")\n .role(firehoseToS3Role.id())\n .policy(firehoseToS3.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(firehoseToS3 -\u003e firehoseToS3.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cloudwatch:MetricStream\n properties:\n name: my-metric-stream\n roleArn: ${metricStreamToFirehoseRole.arn}\n firehoseArn: ${s3Stream.arn}\n outputFormat: json\n includeFilters:\n - namespace: AWS/EC2\n metricNames:\n - CPUUtilization\n - NetworkOut\n - namespace: AWS/EBS\n metricNames: []\n metricStreamToFirehoseRole:\n type: aws:iam:Role\n name: metric_stream_to_firehose\n properties:\n name: metric_stream_to_firehose_role\n assumeRolePolicy: ${streamsAssumeRole.json}\n metricStreamToFirehoseRolePolicy:\n type: aws:iam:RolePolicy\n name: metric_stream_to_firehose\n properties:\n name: default\n role: ${metricStreamToFirehoseRole.id}\n policy: ${metricStreamToFirehose.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: metric-stream-test-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n firehoseToS3Role:\n type: aws:iam:Role\n name: firehose_to_s3\n properties:\n assumeRolePolicy: ${firehoseAssumeRole.json}\n firehoseToS3RolePolicy:\n type: aws:iam:RolePolicy\n name: firehose_to_s3\n properties:\n name: default\n role: ${firehoseToS3Role.id}\n policy: ${firehoseToS3.json}\n s3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: s3_stream\n properties:\n name: metric-stream-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseToS3Role.arn}\n bucketArn: ${bucket.arn}\nvariables:\n # https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n streamsAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - streams.metrics.cloudwatch.amazonaws.com\n actions:\n - sts:AssumeRole\n # https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html\n metricStreamToFirehose:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - firehose:PutRecord\n - firehose:PutRecordBatch\n resources:\n - ${s3Stream.arn}\n firehoseAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n firehoseToS3:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:AbortMultipartUpload\n - s3:GetBucketLocation\n - s3:GetObject\n - s3:ListBucket\n - s3:ListBucketMultipartUploads\n - s3:PutObject\n resources:\n - ${bucket.arn}\n - ${bucket.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Additional Statistics\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.cloudwatch.MetricStream(\"main\", {\n name: \"my-metric-stream\",\n roleArn: metricStreamToFirehose.arn,\n firehoseArn: s3Stream.arn,\n outputFormat: \"json\",\n statisticsConfigurations: [\n {\n additionalStatistics: [\n \"p1\",\n \"tm99\",\n ],\n includeMetrics: [{\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n }],\n },\n {\n additionalStatistics: [\"TS(50.5:)\"],\n includeMetrics: [{\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n }],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cloudwatch.MetricStream(\"main\",\n name=\"my-metric-stream\",\n role_arn=metric_stream_to_firehose[\"arn\"],\n firehose_arn=s3_stream[\"arn\"],\n output_format=\"json\",\n statistics_configurations=[\n {\n \"additional_statistics\": [\n \"p1\",\n \"tm99\",\n ],\n \"include_metrics\": [{\n \"metric_name\": \"CPUUtilization\",\n \"namespace\": \"AWS/EC2\",\n }],\n },\n {\n \"additional_statistics\": [\"TS(50.5:)\"],\n \"include_metrics\": [{\n \"metric_name\": \"CPUUtilization\",\n \"namespace\": \"AWS/EC2\",\n }],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.CloudWatch.MetricStream(\"main\", new()\n {\n Name = \"my-metric-stream\",\n RoleArn = metricStreamToFirehose.Arn,\n FirehoseArn = s3Stream.Arn,\n OutputFormat = \"json\",\n StatisticsConfigurations = new[]\n {\n new Aws.CloudWatch.Inputs.MetricStreamStatisticsConfigurationArgs\n {\n AdditionalStatistics = new[]\n {\n \"p1\",\n \"tm99\",\n },\n IncludeMetrics = new[]\n {\n new Aws.CloudWatch.Inputs.MetricStreamStatisticsConfigurationIncludeMetricArgs\n {\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n },\n },\n },\n new Aws.CloudWatch.Inputs.MetricStreamStatisticsConfigurationArgs\n {\n AdditionalStatistics = new[]\n {\n \"TS(50.5:)\",\n },\n IncludeMetrics = new[]\n {\n new Aws.CloudWatch.Inputs.MetricStreamStatisticsConfigurationIncludeMetricArgs\n {\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewMetricStream(ctx, \"main\", \u0026cloudwatch.MetricStreamArgs{\n\t\t\tName: pulumi.String(\"my-metric-stream\"),\n\t\t\tRoleArn: pulumi.Any(metricStreamToFirehose.Arn),\n\t\t\tFirehoseArn: pulumi.Any(s3Stream.Arn),\n\t\t\tOutputFormat: pulumi.String(\"json\"),\n\t\t\tStatisticsConfigurations: cloudwatch.MetricStreamStatisticsConfigurationArray{\n\t\t\t\t\u0026cloudwatch.MetricStreamStatisticsConfigurationArgs{\n\t\t\t\t\tAdditionalStatistics: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"p1\"),\n\t\t\t\t\t\tpulumi.String(\"tm99\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludeMetrics: cloudwatch.MetricStreamStatisticsConfigurationIncludeMetricArray{\n\t\t\t\t\t\t\u0026cloudwatch.MetricStreamStatisticsConfigurationIncludeMetricArgs{\n\t\t\t\t\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudwatch.MetricStreamStatisticsConfigurationArgs{\n\t\t\t\t\tAdditionalStatistics: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"TS(50.5:)\"),\n\t\t\t\t\t},\n\t\t\t\t\tIncludeMetrics: cloudwatch.MetricStreamStatisticsConfigurationIncludeMetricArray{\n\t\t\t\t\t\t\u0026cloudwatch.MetricStreamStatisticsConfigurationIncludeMetricArgs{\n\t\t\t\t\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\t\t\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricStream;\nimport com.pulumi.aws.cloudwatch.MetricStreamArgs;\nimport com.pulumi.aws.cloudwatch.inputs.MetricStreamStatisticsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new MetricStream(\"main\", MetricStreamArgs.builder()\n .name(\"my-metric-stream\")\n .roleArn(metricStreamToFirehose.arn())\n .firehoseArn(s3Stream.arn())\n .outputFormat(\"json\")\n .statisticsConfigurations( \n MetricStreamStatisticsConfigurationArgs.builder()\n .additionalStatistics( \n \"p1\",\n \"tm99\")\n .includeMetrics(MetricStreamStatisticsConfigurationIncludeMetricArgs.builder()\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .build())\n .build(),\n MetricStreamStatisticsConfigurationArgs.builder()\n .additionalStatistics(\"TS(50.5:)\")\n .includeMetrics(MetricStreamStatisticsConfigurationIncludeMetricArgs.builder()\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cloudwatch:MetricStream\n properties:\n name: my-metric-stream\n roleArn: ${metricStreamToFirehose.arn}\n firehoseArn: ${s3Stream.arn}\n outputFormat: json\n statisticsConfigurations:\n - additionalStatistics:\n - p1\n - tm99\n includeMetrics:\n - metricName: CPUUtilization\n namespace: AWS/EC2\n - additionalStatistics:\n - TS(50.5:)\n includeMetrics:\n - metricName: CPUUtilization\n namespace: AWS/EC2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch metric streams using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/metricStream:MetricStream sample sample-stream-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the metric stream.\n" }, "creationDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the metric stream was created.\n" }, "excludeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamExcludeFilter:MetricStreamExcludeFilter" }, "description": "List of exclusive metric filters. If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces and the conditional metric names that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is excluded. Conflicts with `include_filter`.\n" }, "firehoseArn": { "type": "string", "description": "ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream.\n" }, "includeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamIncludeFilter:MetricStreamIncludeFilter" }, "description": "List of inclusive metric filters. If you specify this parameter, the stream sends only the conditional metric names from the metric namespaces that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is included. Conflicts with `exclude_filter`.\n" }, "includeLinkedAccountsMetrics": { "type": "boolean", "description": "If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false. For more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html).\n" }, "lastUpdateDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the metric stream was last updated.\n" }, "name": { "type": "string", "description": "Friendly name of the metric stream. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n" }, "outputFormat": { "type": "string", "description": "Output format for the stream. Possible values are `json`, `opentelemetry0.7`, and `opentelemetry1.0`. For more information about output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html).\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. For more information about role permissions, see [Trust between CloudWatch and Kinesis Data Firehose](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html).\n" }, "state": { "type": "string", "description": "State of the metric stream. Possible values are `running` and `stopped`.\n" }, "statisticsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamStatisticsConfiguration:MetricStreamStatisticsConfiguration" }, "description": "For each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `output_format`. If the OutputFormat is `json`, you can stream any additional statistic that is supported by CloudWatch, listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html.html). If the OutputFormat is `opentelemetry0.7` or `opentelemetry1.0`, you can stream percentile statistics (p99 etc.). See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "creationDate", "firehoseArn", "lastUpdateDate", "name", "namePrefix", "outputFormat", "roleArn", "state", "tagsAll" ], "inputProperties": { "excludeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamExcludeFilter:MetricStreamExcludeFilter" }, "description": "List of exclusive metric filters. If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces and the conditional metric names that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is excluded. Conflicts with `include_filter`.\n" }, "firehoseArn": { "type": "string", "description": "ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream.\n" }, "includeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamIncludeFilter:MetricStreamIncludeFilter" }, "description": "List of inclusive metric filters. If you specify this parameter, the stream sends only the conditional metric names from the metric namespaces that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is included. Conflicts with `exclude_filter`.\n" }, "includeLinkedAccountsMetrics": { "type": "boolean", "description": "If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false. For more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html).\n" }, "name": { "type": "string", "description": "Friendly name of the metric stream. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "outputFormat": { "type": "string", "description": "Output format for the stream. Possible values are `json`, `opentelemetry0.7`, and `opentelemetry1.0`. For more information about output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html).\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. For more information about role permissions, see [Trust between CloudWatch and Kinesis Data Firehose](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html).\n" }, "statisticsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamStatisticsConfiguration:MetricStreamStatisticsConfiguration" }, "description": "For each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `output_format`. If the OutputFormat is `json`, you can stream any additional statistic that is supported by CloudWatch, listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html.html). If the OutputFormat is `opentelemetry0.7` or `opentelemetry1.0`, you can stream percentile statistics (p99 etc.). See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "firehoseArn", "outputFormat", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering MetricStream resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the metric stream.\n" }, "creationDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the metric stream was created.\n" }, "excludeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamExcludeFilter:MetricStreamExcludeFilter" }, "description": "List of exclusive metric filters. If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces and the conditional metric names that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is excluded. Conflicts with `include_filter`.\n" }, "firehoseArn": { "type": "string", "description": "ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream.\n" }, "includeFilters": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamIncludeFilter:MetricStreamIncludeFilter" }, "description": "List of inclusive metric filters. If you specify this parameter, the stream sends only the conditional metric names from the metric namespaces that you specify here. If you don't specify metric names or provide empty metric names whole metric namespace is included. Conflicts with `exclude_filter`.\n" }, "includeLinkedAccountsMetrics": { "type": "boolean", "description": "If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false. For more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html).\n" }, "lastUpdateDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the metric stream was last updated.\n" }, "name": { "type": "string", "description": "Friendly name of the metric stream. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "outputFormat": { "type": "string", "description": "Output format for the stream. Possible values are `json`, `opentelemetry0.7`, and `opentelemetry1.0`. For more information about output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html).\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. For more information about role permissions, see [Trust between CloudWatch and Kinesis Data Firehose](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-trustpolicy.html).\n" }, "state": { "type": "string", "description": "State of the metric stream. Possible values are `running` and `stopped`.\n" }, "statisticsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/MetricStreamStatisticsConfiguration:MetricStreamStatisticsConfiguration" }, "description": "For each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `output_format`. If the OutputFormat is `json`, you can stream any additional statistic that is supported by CloudWatch, listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html.html). If the OutputFormat is `opentelemetry0.7` or `opentelemetry1.0`, you can stream percentile statistics (p99 etc.). See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cloudwatch/queryDefinition:QueryDefinition": { "description": "Provides a CloudWatch Logs query definition resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.QueryDefinition(\"example\", {\n name: \"custom_query\",\n logGroupNames: [\n \"/aws/logGroup1\",\n \"/aws/logGroup2\",\n ],\n queryString: `fields @timestamp, @message\n| sort @timestamp desc\n| limit 25\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.QueryDefinition(\"example\",\n name=\"custom_query\",\n log_group_names=[\n \"/aws/logGroup1\",\n \"/aws/logGroup2\",\n ],\n query_string=\"\"\"fields @timestamp, @message\n| sort @timestamp desc\n| limit 25\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.QueryDefinition(\"example\", new()\n {\n Name = \"custom_query\",\n LogGroupNames = new[]\n {\n \"/aws/logGroup1\",\n \"/aws/logGroup2\",\n },\n QueryString = @\"fields @timestamp, @message\n| sort @timestamp desc\n| limit 25\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewQueryDefinition(ctx, \"example\", \u0026cloudwatch.QueryDefinitionArgs{\n\t\t\tName: pulumi.String(\"custom_query\"),\n\t\t\tLogGroupNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"/aws/logGroup1\"),\n\t\t\t\tpulumi.String(\"/aws/logGroup2\"),\n\t\t\t},\n\t\t\tQueryString: pulumi.String(\"fields @timestamp, @message\\n| sort @timestamp desc\\n| limit 25\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.QueryDefinition;\nimport com.pulumi.aws.cloudwatch.QueryDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new QueryDefinition(\"example\", QueryDefinitionArgs.builder()\n .name(\"custom_query\")\n .logGroupNames( \n \"/aws/logGroup1\",\n \"/aws/logGroup2\")\n .queryString(\"\"\"\nfields @timestamp, @message\n| sort @timestamp desc\n| limit 25\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:QueryDefinition\n properties:\n name: custom_query\n logGroupNames:\n - /aws/logGroup1\n - /aws/logGroup2\n queryString: |\n fields @timestamp, @message\n | sort @timestamp desc\n | limit 25\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch query definitions using the query definition ARN. The ARN can be found on the \"Edit Query\" page for the query in the AWS Console. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/queryDefinition:QueryDefinition example arn:aws:logs:us-west-2:123456789012:query-definition:269951d7-6f75-496d-9d7b-6b7a5486bdbd\n```\n", "properties": { "logGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Specific log groups to use with the query.\n" }, "name": { "type": "string", "description": "The name of the query.\n" }, "queryDefinitionId": { "type": "string", "description": "The query definition ID.\n" }, "queryString": { "type": "string", "description": "The query to save. You can read more about CloudWatch Logs Query Syntax in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html).\n" } }, "required": [ "name", "queryDefinitionId", "queryString" ], "inputProperties": { "logGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Specific log groups to use with the query.\n" }, "name": { "type": "string", "description": "The name of the query.\n" }, "queryString": { "type": "string", "description": "The query to save. You can read more about CloudWatch Logs Query Syntax in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html).\n" } }, "requiredInputs": [ "queryString" ], "stateInputs": { "description": "Input properties used for looking up and filtering QueryDefinition resources.\n", "properties": { "logGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Specific log groups to use with the query.\n" }, "name": { "type": "string", "description": "The name of the query.\n" }, "queryDefinitionId": { "type": "string", "description": "The query definition ID.\n" }, "queryString": { "type": "string", "description": "The query to save. You can read more about CloudWatch Logs Query Syntax in the [documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html).\n" } }, "type": "object" } }, "aws:codeartifact/domain:Domain": { "description": "Provides a CodeArtifact Domain Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codeartifact.Domain(\"example\", {domain: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codeartifact.Domain(\"example\", domain=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeArtifact.Domain(\"example\", new()\n {\n DomainName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeartifact.NewDomain(ctx, \"example\", \u0026codeartifact.DomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeartifact.Domain;\nimport com.pulumi.aws.codeartifact.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domain(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codeartifact:Domain\n properties:\n domain: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeArtifact Domain using the CodeArtifact Domain arn. For example:\n\n```sh\n$ pulumi import aws:codeartifact/domain:Domain example arn:aws:codeartifact:us-west-2:012345678912:domain/tf-acc-test-8593714120730241305\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Domain.\n" }, "assetSizeBytes": { "type": "string", "description": "The total size of all assets in the domain.\n" }, "createdTime": { "type": "string", "description": "A timestamp that represents the date and time the domain was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "domain": { "type": "string", "description": "The name of the domain to create. All domain names in an AWS Region that are in the same AWS account must be unique. The domain name is used as the prefix in DNS hostnames. Do not use sensitive information in a domain name because it is publicly discoverable.\n", "language": { "csharp": { "name": "DomainName" } } }, "encryptionKey": { "type": "string", "description": "The encryption key for the domain. This is used to encrypt content stored in a domain. The KMS Key Amazon Resource Name (ARN). The default aws/codeartifact AWS KMS master key is used if this element is absent.\n" }, "owner": { "type": "string", "description": "The AWS account ID that owns the domain.\n" }, "repositoryCount": { "type": "integer", "description": "The number of repositories in the domain.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN of the Amazon S3 bucket that is used to store package assets in the domain.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "assetSizeBytes", "createdTime", "domain", "encryptionKey", "owner", "repositoryCount", "s3BucketArn", "tagsAll" ], "inputProperties": { "domain": { "type": "string", "description": "The name of the domain to create. All domain names in an AWS Region that are in the same AWS account must be unique. The domain name is used as the prefix in DNS hostnames. Do not use sensitive information in a domain name because it is publicly discoverable.\n", "language": { "csharp": { "name": "DomainName" } }, "willReplaceOnChanges": true }, "encryptionKey": { "type": "string", "description": "The encryption key for the domain. This is used to encrypt content stored in a domain. The KMS Key Amazon Resource Name (ARN). The default aws/codeartifact AWS KMS master key is used if this element is absent.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Domain.\n" }, "assetSizeBytes": { "type": "string", "description": "The total size of all assets in the domain.\n" }, "createdTime": { "type": "string", "description": "A timestamp that represents the date and time the domain was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "domain": { "type": "string", "description": "The name of the domain to create. All domain names in an AWS Region that are in the same AWS account must be unique. The domain name is used as the prefix in DNS hostnames. Do not use sensitive information in a domain name because it is publicly discoverable.\n", "language": { "csharp": { "name": "DomainName" } }, "willReplaceOnChanges": true }, "encryptionKey": { "type": "string", "description": "The encryption key for the domain. This is used to encrypt content stored in a domain. The KMS Key Amazon Resource Name (ARN). The default aws/codeartifact AWS KMS master key is used if this element is absent.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "The AWS account ID that owns the domain.\n" }, "repositoryCount": { "type": "integer", "description": "The number of repositories in the domain.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN of the Amazon S3 bucket that is used to store package assets in the domain.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codeartifact/domainPermissions:DomainPermissions": { "description": "Provides a CodeArtifact Domains Permissions Policy Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"domain key\"});\nconst exampleDomain = new aws.codeartifact.Domain(\"example\", {\n domain: \"example\",\n encryptionKey: example.arn,\n});\nconst test = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"codeartifact:CreateRepository\"],\n resources: [exampleDomain.arn],\n }],\n});\nconst testDomainPermissions = new aws.codeartifact.DomainPermissions(\"test\", {\n domain: exampleDomain.domain,\n policyDocument: test.apply(test =\u003e test.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"domain key\")\nexample_domain = aws.codeartifact.Domain(\"example\",\n domain=\"example\",\n encryption_key=example.arn)\ntest = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"codeartifact:CreateRepository\"],\n \"resources\": [example_domain.arn],\n}])\ntest_domain_permissions = aws.codeartifact.DomainPermissions(\"test\",\n domain=example_domain.domain,\n policy_document=test.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"domain key\",\n });\n\n var exampleDomain = new Aws.CodeArtifact.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EncryptionKey = example.Arn,\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"codeartifact:CreateRepository\",\n },\n Resources = new[]\n {\n exampleDomain.Arn,\n },\n },\n },\n });\n\n var testDomainPermissions = new Aws.CodeArtifact.DomainPermissions(\"test\", new()\n {\n Domain = exampleDomain.DomainName,\n PolicyDocument = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"domain key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomain, err := codeartifact.NewDomain(ctx, \"example\", \u0026codeartifact.DomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tEncryptionKey: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"codeartifact:CreateRepository\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleDomain.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = codeartifact.NewDomainPermissions(ctx, \"test\", \u0026codeartifact.DomainPermissionsArgs{\n\t\t\tDomain: exampleDomain.Domain,\n\t\t\tPolicyDocument: pulumi.String(test.ApplyT(func(test iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026test.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.codeartifact.Domain;\nimport com.pulumi.aws.codeartifact.DomainArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.codeartifact.DomainPermissions;\nimport com.pulumi.aws.codeartifact.DomainPermissionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"domain key\")\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domain(\"example\")\n .encryptionKey(example.arn())\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"codeartifact:CreateRepository\")\n .resources(exampleDomain.arn())\n .build())\n .build());\n\n var testDomainPermissions = new DomainPermissions(\"testDomainPermissions\", DomainPermissionsArgs.builder()\n .domain(exampleDomain.domain())\n .policyDocument(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(test -\u003e test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: domain key\n exampleDomain:\n type: aws:codeartifact:Domain\n name: example\n properties:\n domain: example\n encryptionKey: ${example.arn}\n testDomainPermissions:\n type: aws:codeartifact:DomainPermissions\n name: test\n properties:\n domain: ${exampleDomain.domain}\n policyDocument: ${test.json}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - codeartifact:CreateRepository\n resources:\n - ${exampleDomain.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeArtifact Domain Permissions Policies using the CodeArtifact Domain ARN. For example:\n\n```sh\n$ pulumi import aws:codeartifact/domainPermissions:DomainPermissions example arn:aws:codeartifact:us-west-2:012345678912:domain/tf-acc-test-1928056699409417367\n```\n", "properties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n" }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n" }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the resource associated with the resource policy.\n" } }, "required": [ "domain", "domainOwner", "policyDocument", "policyRevision", "resourceArn" ], "inputProperties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" } }, "requiredInputs": [ "domain", "policyDocument" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainPermissions resources.\n", "properties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the resource associated with the resource policy.\n" } }, "type": "object" } }, "aws:codeartifact/repository:Repository": { "description": "Provides a CodeArtifact Repository Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"domain key\"});\nconst exampleDomain = new aws.codeartifact.Domain(\"example\", {\n domain: \"example\",\n encryptionKey: example.arn,\n});\nconst test = new aws.codeartifact.Repository(\"test\", {\n repository: \"example\",\n domain: exampleDomain.domain,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"domain key\")\nexample_domain = aws.codeartifact.Domain(\"example\",\n domain=\"example\",\n encryption_key=example.arn)\ntest = aws.codeartifact.Repository(\"test\",\n repository=\"example\",\n domain=example_domain.domain)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"domain key\",\n });\n\n var exampleDomain = new Aws.CodeArtifact.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EncryptionKey = example.Arn,\n });\n\n var test = new Aws.CodeArtifact.Repository(\"test\", new()\n {\n RepositoryName = \"example\",\n Domain = exampleDomain.DomainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"domain key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomain, err := codeartifact.NewDomain(ctx, \"example\", \u0026codeartifact.DomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tEncryptionKey: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codeartifact.NewRepository(ctx, \"test\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"example\"),\n\t\t\tDomain: exampleDomain.Domain,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.codeartifact.Domain;\nimport com.pulumi.aws.codeartifact.DomainArgs;\nimport com.pulumi.aws.codeartifact.Repository;\nimport com.pulumi.aws.codeartifact.RepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"domain key\")\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domain(\"example\")\n .encryptionKey(example.arn())\n .build());\n\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repository(\"example\")\n .domain(exampleDomain.domain())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: domain key\n exampleDomain:\n type: aws:codeartifact:Domain\n name: example\n properties:\n domain: example\n encryptionKey: ${example.arn}\n test:\n type: aws:codeartifact:Repository\n properties:\n repository: example\n domain: ${exampleDomain.domain}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With Upstream Repository\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst upstream = new aws.codeartifact.Repository(\"upstream\", {\n repository: \"upstream\",\n domain: testAwsCodeartifactDomain.domain,\n});\nconst test = new aws.codeartifact.Repository(\"test\", {\n repository: \"example\",\n domain: example.domain,\n upstreams: [{\n repositoryName: upstream.repository,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nupstream = aws.codeartifact.Repository(\"upstream\",\n repository=\"upstream\",\n domain=test_aws_codeartifact_domain[\"domain\"])\ntest = aws.codeartifact.Repository(\"test\",\n repository=\"example\",\n domain=example[\"domain\"],\n upstreams=[{\n \"repository_name\": upstream.repository,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var upstream = new Aws.CodeArtifact.Repository(\"upstream\", new()\n {\n RepositoryName = \"upstream\",\n Domain = testAwsCodeartifactDomain.Domain,\n });\n\n var test = new Aws.CodeArtifact.Repository(\"test\", new()\n {\n RepositoryName = \"example\",\n Domain = example.Domain,\n Upstreams = new[]\n {\n new Aws.CodeArtifact.Inputs.RepositoryUpstreamArgs\n {\n RepositoryName = upstream.RepositoryName,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tupstream, err := codeartifact.NewRepository(ctx, \"upstream\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"upstream\"),\n\t\t\tDomain: pulumi.Any(testAwsCodeartifactDomain.Domain),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codeartifact.NewRepository(ctx, \"test\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"example\"),\n\t\t\tDomain: pulumi.Any(example.Domain),\n\t\t\tUpstreams: codeartifact.RepositoryUpstreamArray{\n\t\t\t\t\u0026codeartifact.RepositoryUpstreamArgs{\n\t\t\t\t\tRepositoryName: upstream.Repository,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeartifact.Repository;\nimport com.pulumi.aws.codeartifact.RepositoryArgs;\nimport com.pulumi.aws.codeartifact.inputs.RepositoryUpstreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var upstream = new Repository(\"upstream\", RepositoryArgs.builder()\n .repository(\"upstream\")\n .domain(testAwsCodeartifactDomain.domain())\n .build());\n\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repository(\"example\")\n .domain(example.domain())\n .upstreams(RepositoryUpstreamArgs.builder()\n .repositoryName(upstream.repository())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n upstream:\n type: aws:codeartifact:Repository\n properties:\n repository: upstream\n domain: ${testAwsCodeartifactDomain.domain}\n test:\n type: aws:codeartifact:Repository\n properties:\n repository: example\n domain: ${example.domain}\n upstreams:\n - repositoryName: ${upstream.repository}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With External Connection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst upstream = new aws.codeartifact.Repository(\"upstream\", {\n repository: \"upstream\",\n domain: testAwsCodeartifactDomain.domain,\n});\nconst test = new aws.codeartifact.Repository(\"test\", {\n repository: \"example\",\n domain: example.domain,\n externalConnections: {\n externalConnectionName: \"public:npmjs\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nupstream = aws.codeartifact.Repository(\"upstream\",\n repository=\"upstream\",\n domain=test_aws_codeartifact_domain[\"domain\"])\ntest = aws.codeartifact.Repository(\"test\",\n repository=\"example\",\n domain=example[\"domain\"],\n external_connections={\n \"external_connection_name\": \"public:npmjs\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var upstream = new Aws.CodeArtifact.Repository(\"upstream\", new()\n {\n RepositoryName = \"upstream\",\n Domain = testAwsCodeartifactDomain.Domain,\n });\n\n var test = new Aws.CodeArtifact.Repository(\"test\", new()\n {\n RepositoryName = \"example\",\n Domain = example.Domain,\n ExternalConnections = new Aws.CodeArtifact.Inputs.RepositoryExternalConnectionsArgs\n {\n ExternalConnectionName = \"public:npmjs\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeartifact.NewRepository(ctx, \"upstream\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"upstream\"),\n\t\t\tDomain: pulumi.Any(testAwsCodeartifactDomain.Domain),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codeartifact.NewRepository(ctx, \"test\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"example\"),\n\t\t\tDomain: pulumi.Any(example.Domain),\n\t\t\tExternalConnections: \u0026codeartifact.RepositoryExternalConnectionsArgs{\n\t\t\t\tExternalConnectionName: pulumi.String(\"public:npmjs\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeartifact.Repository;\nimport com.pulumi.aws.codeartifact.RepositoryArgs;\nimport com.pulumi.aws.codeartifact.inputs.RepositoryExternalConnectionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var upstream = new Repository(\"upstream\", RepositoryArgs.builder()\n .repository(\"upstream\")\n .domain(testAwsCodeartifactDomain.domain())\n .build());\n\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repository(\"example\")\n .domain(example.domain())\n .externalConnections(RepositoryExternalConnectionsArgs.builder()\n .externalConnectionName(\"public:npmjs\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n upstream:\n type: aws:codeartifact:Repository\n properties:\n repository: upstream\n domain: ${testAwsCodeartifactDomain.domain}\n test:\n type: aws:codeartifact:Repository\n properties:\n repository: example\n domain: ${example.domain}\n externalConnections:\n externalConnectionName: public:npmjs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeArtifact Repository using the CodeArtifact Repository ARN. For example:\n\n```sh\n$ pulumi import aws:codeartifact/repository:Repository example arn:aws:codeartifact:us-west-2:012345678912:repository/tf-acc-test-6968272603913957763/tf-acc-test-6968272603913957763\n```\n", "properties": { "administratorAccount": { "type": "string", "description": "The account number of the AWS account that manages the repository.\n" }, "arn": { "type": "string", "description": "The ARN of the repository.\n" }, "description": { "type": "string", "description": "The description of the repository.\n" }, "domain": { "type": "string", "description": "The domain that contains the created repository.\n" }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n" }, "externalConnections": { "$ref": "#/types/aws:codeartifact/RepositoryExternalConnections:RepositoryExternalConnections", "description": "An array of external connections associated with the repository. Only one external connection can be set per repository. see External Connections.\n" }, "repository": { "type": "string", "description": "The name of the repository to create.\n", "language": { "csharp": { "name": "RepositoryName" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "upstreams": { "type": "array", "items": { "$ref": "#/types/aws:codeartifact/RepositoryUpstream:RepositoryUpstream" }, "description": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. see Upstream\n" } }, "required": [ "administratorAccount", "arn", "domain", "domainOwner", "repository", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the repository.\n" }, "domain": { "type": "string", "description": "The domain that contains the created repository.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "externalConnections": { "$ref": "#/types/aws:codeartifact/RepositoryExternalConnections:RepositoryExternalConnections", "description": "An array of external connections associated with the repository. Only one external connection can be set per repository. see External Connections.\n" }, "repository": { "type": "string", "description": "The name of the repository to create.\n", "language": { "csharp": { "name": "RepositoryName" } }, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "upstreams": { "type": "array", "items": { "$ref": "#/types/aws:codeartifact/RepositoryUpstream:RepositoryUpstream" }, "description": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. see Upstream\n" } }, "requiredInputs": [ "domain", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "administratorAccount": { "type": "string", "description": "The account number of the AWS account that manages the repository.\n" }, "arn": { "type": "string", "description": "The ARN of the repository.\n" }, "description": { "type": "string", "description": "The description of the repository.\n" }, "domain": { "type": "string", "description": "The domain that contains the created repository.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "externalConnections": { "$ref": "#/types/aws:codeartifact/RepositoryExternalConnections:RepositoryExternalConnections", "description": "An array of external connections associated with the repository. Only one external connection can be set per repository. see External Connections.\n" }, "repository": { "type": "string", "description": "The name of the repository to create.\n", "language": { "csharp": { "name": "RepositoryName" } }, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "upstreams": { "type": "array", "items": { "$ref": "#/types/aws:codeartifact/RepositoryUpstream:RepositoryUpstream" }, "description": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. see Upstream\n" } }, "type": "object" } }, "aws:codeartifact/repositoryPermissionsPolicy:RepositoryPermissionsPolicy": { "description": "Provides a CodeArtifact Repostory Permissions Policy Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleKey = new aws.kms.Key(\"example\", {description: \"domain key\"});\nconst exampleDomain = new aws.codeartifact.Domain(\"example\", {\n domain: \"example\",\n encryptionKey: exampleKey.arn,\n});\nconst exampleRepository = new aws.codeartifact.Repository(\"example\", {\n repository: \"example\",\n domain: exampleDomain.domain,\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"codeartifact:ReadFromRepository\"],\n resources: [exampleRepository.arn],\n }],\n});\nconst exampleRepositoryPermissionsPolicy = new aws.codeartifact.RepositoryPermissionsPolicy(\"example\", {\n repository: exampleRepository.repository,\n domain: exampleDomain.domain,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_key = aws.kms.Key(\"example\", description=\"domain key\")\nexample_domain = aws.codeartifact.Domain(\"example\",\n domain=\"example\",\n encryption_key=example_key.arn)\nexample_repository = aws.codeartifact.Repository(\"example\",\n repository=\"example\",\n domain=example_domain.domain)\nexample = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"codeartifact:ReadFromRepository\"],\n \"resources\": [example_repository.arn],\n}])\nexample_repository_permissions_policy = aws.codeartifact.RepositoryPermissionsPolicy(\"example\",\n repository=example_repository.repository,\n domain=example_domain.domain,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"domain key\",\n });\n\n var exampleDomain = new Aws.CodeArtifact.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EncryptionKey = exampleKey.Arn,\n });\n\n var exampleRepository = new Aws.CodeArtifact.Repository(\"example\", new()\n {\n RepositoryName = \"example\",\n Domain = exampleDomain.DomainName,\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"codeartifact:ReadFromRepository\",\n },\n Resources = new[]\n {\n exampleRepository.Arn,\n },\n },\n },\n });\n\n var exampleRepositoryPermissionsPolicy = new Aws.CodeArtifact.RepositoryPermissionsPolicy(\"example\", new()\n {\n Repository = exampleRepository.RepositoryName,\n Domain = exampleDomain.DomainName,\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"domain key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomain, err := codeartifact.NewDomain(ctx, \"example\", \u0026codeartifact.DomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tEncryptionKey: exampleKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRepository, err := codeartifact.NewRepository(ctx, \"example\", \u0026codeartifact.RepositoryArgs{\n\t\t\tRepository: pulumi.String(\"example\"),\n\t\t\tDomain: exampleDomain.Domain,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"codeartifact:ReadFromRepository\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleRepository.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = codeartifact.NewRepositoryPermissionsPolicy(ctx, \"example\", \u0026codeartifact.RepositoryPermissionsPolicyArgs{\n\t\t\tRepository: exampleRepository.Repository,\n\t\t\tDomain: exampleDomain.Domain,\n\t\t\tPolicyDocument: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.codeartifact.Domain;\nimport com.pulumi.aws.codeartifact.DomainArgs;\nimport com.pulumi.aws.codeartifact.Repository;\nimport com.pulumi.aws.codeartifact.RepositoryArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.codeartifact.RepositoryPermissionsPolicy;\nimport com.pulumi.aws.codeartifact.RepositoryPermissionsPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"domain key\")\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domain(\"example\")\n .encryptionKey(exampleKey.arn())\n .build());\n\n var exampleRepository = new Repository(\"exampleRepository\", RepositoryArgs.builder()\n .repository(\"example\")\n .domain(exampleDomain.domain())\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"codeartifact:ReadFromRepository\")\n .resources(exampleRepository.arn())\n .build())\n .build());\n\n var exampleRepositoryPermissionsPolicy = new RepositoryPermissionsPolicy(\"exampleRepositoryPermissionsPolicy\", RepositoryPermissionsPolicyArgs.builder()\n .repository(exampleRepository.repository())\n .domain(exampleDomain.domain())\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: domain key\n exampleDomain:\n type: aws:codeartifact:Domain\n name: example\n properties:\n domain: example\n encryptionKey: ${exampleKey.arn}\n exampleRepository:\n type: aws:codeartifact:Repository\n name: example\n properties:\n repository: example\n domain: ${exampleDomain.domain}\n exampleRepositoryPermissionsPolicy:\n type: aws:codeartifact:RepositoryPermissionsPolicy\n name: example\n properties:\n repository: ${exampleRepository.repository}\n domain: ${exampleDomain.domain}\n policyDocument: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - codeartifact:ReadFromRepository\n resources:\n - ${exampleRepository.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeArtifact Repository Permissions Policies using the CodeArtifact Repository ARN. For example:\n\n```sh\n$ pulumi import aws:codeartifact/repositoryPermissionsPolicy:RepositoryPermissionsPolicy example arn:aws:codeartifact:us-west-2:012345678912:repository/tf-acc-test-6968272603913957763/tf-acc-test-6968272603913957763\n```\n", "properties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n" }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n" }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" }, "repository": { "type": "string", "description": "The name of the repository to set the resource policy on.\n" }, "resourceArn": { "type": "string", "description": "The ARN of the resource associated with the resource policy.\n" } }, "required": [ "domain", "domainOwner", "policyDocument", "policyRevision", "repository", "resourceArn" ], "inputProperties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" }, "repository": { "type": "string", "description": "The name of the repository to set the resource policy on.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domain", "policyDocument", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering RepositoryPermissionsPolicy resources.\n", "properties": { "domain": { "type": "string", "description": "The name of the domain on which to set the resource policy.\n", "willReplaceOnChanges": true }, "domainOwner": { "type": "string", "description": "The account number of the AWS account that owns the domain.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "A JSON policy string to be set as the access control resource policy on the provided domain.\n" }, "policyRevision": { "type": "string", "description": "The current revision of the resource policy to be set. This revision is used for optimistic locking, which prevents others from overwriting your changes to the domain's resource policy.\n" }, "repository": { "type": "string", "description": "The name of the repository to set the resource policy on.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The ARN of the resource associated with the resource policy.\n" } }, "type": "object" } }, "aws:codebuild/project:Project": { "description": "Provides a CodeBuild Project resource. See also the `aws.codebuild.Webhook` resource, which manages the webhook to the source (e.g., the \"rebuild every time a code change is pushed\" option in the CodeBuild web console).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n acl: \"private\",\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"codebuild.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = pulumi.all([exampleBucketV2.arn, exampleBucketV2.arn]).apply(([exampleBucketV2Arn, exampleBucketV2Arn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"*\"],\n },\n {\n effect: \"Allow\",\n actions: [\n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\",\n ],\n resources: [\"*\"],\n },\n {\n effect: \"Allow\",\n actions: [\"ec2:CreateNetworkInterfacePermission\"],\n resources: [\"arn:aws:ec2:us-east-1:123456789012:network-interface/*\"],\n conditions: [\n {\n test: \"StringEquals\",\n variable: \"ec2:Subnet\",\n values: [\n example1.arn,\n example2.arn,\n ],\n },\n {\n test: \"StringEquals\",\n variable: \"ec2:AuthorizedService\",\n values: [\"codebuild.amazonaws.com\"],\n },\n ],\n },\n {\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n exampleBucketV2Arn,\n `${exampleBucketV2Arn1}/*`,\n ],\n },\n ],\n}));\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n role: exampleRole.name,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleProject = new aws.codebuild.Project(\"example\", {\n name: \"test-project\",\n description: \"test_codebuild_project\",\n buildTimeout: 5,\n serviceRole: exampleRole.arn,\n artifacts: {\n type: \"NO_ARTIFACTS\",\n },\n cache: {\n type: \"S3\",\n location: exampleBucketV2.bucket,\n },\n environment: {\n computeType: \"BUILD_GENERAL1_SMALL\",\n image: \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n type: \"LINUX_CONTAINER\",\n imagePullCredentialsType: \"CODEBUILD\",\n environmentVariables: [\n {\n name: \"SOME_KEY1\",\n value: \"SOME_VALUE1\",\n },\n {\n name: \"SOME_KEY2\",\n value: \"SOME_VALUE2\",\n type: \"PARAMETER_STORE\",\n },\n ],\n },\n logsConfig: {\n cloudwatchLogs: {\n groupName: \"log-group\",\n streamName: \"log-stream\",\n },\n s3Logs: {\n status: \"ENABLED\",\n location: pulumi.interpolate`${exampleBucketV2.id}/build-log`,\n },\n },\n source: {\n type: \"GITHUB\",\n location: \"https://github.com/mitchellh/packer.git\",\n gitCloneDepth: 1,\n gitSubmodulesConfig: {\n fetchSubmodules: true,\n },\n },\n sourceVersion: \"master\",\n vpcConfig: {\n vpcId: exampleAwsVpc.id,\n subnets: [\n example1.id,\n example2.id,\n ],\n securityGroupIds: [\n example1AwsSecurityGroup.id,\n example2AwsSecurityGroup.id,\n ],\n },\n tags: {\n Environment: \"Test\",\n },\n});\nconst project_with_cache = new aws.codebuild.Project(\"project-with-cache\", {\n name: \"test-project-cache\",\n description: \"test_codebuild_project_cache\",\n buildTimeout: 5,\n queuedTimeout: 5,\n serviceRole: exampleRole.arn,\n artifacts: {\n type: \"NO_ARTIFACTS\",\n },\n cache: {\n type: \"LOCAL\",\n modes: [\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n ],\n },\n environment: {\n computeType: \"BUILD_GENERAL1_SMALL\",\n image: \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n type: \"LINUX_CONTAINER\",\n imagePullCredentialsType: \"CODEBUILD\",\n environmentVariables: [{\n name: \"SOME_KEY1\",\n value: \"SOME_VALUE1\",\n }],\n },\n source: {\n type: \"GITHUB\",\n location: \"https://github.com/mitchellh/packer.git\",\n gitCloneDepth: 1,\n },\n tags: {\n Environment: \"Test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n acl=\"private\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"codebuild.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=assume_role.json)\nexample = pulumi.Output.all(example_bucket_v2.arn, example_bucket_v2.arn).apply(lambda exampleBucketV2Arn, exampleBucketV2Arn1: aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"resources\": [\"*\"],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\",\n ],\n \"resources\": [\"*\"],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:CreateNetworkInterfacePermission\"],\n \"resources\": [\"arn:aws:ec2:us-east-1:123456789012:network-interface/*\"],\n \"conditions\": [\n {\n \"test\": \"StringEquals\",\n \"variable\": \"ec2:Subnet\",\n \"values\": [\n example1[\"arn\"],\n example2[\"arn\"],\n ],\n },\n {\n \"test\": \"StringEquals\",\n \"variable\": \"ec2:AuthorizedService\",\n \"values\": [\"codebuild.amazonaws.com\"],\n },\n ],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\n example_bucket_v2_arn,\n f\"{example_bucket_v2_arn1}/*\",\n ],\n },\n]))\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n role=example_role.name,\n policy=example.json)\nexample_project = aws.codebuild.Project(\"example\",\n name=\"test-project\",\n description=\"test_codebuild_project\",\n build_timeout=5,\n service_role=example_role.arn,\n artifacts={\n \"type\": \"NO_ARTIFACTS\",\n },\n cache={\n \"type\": \"S3\",\n \"location\": example_bucket_v2.bucket,\n },\n environment={\n \"compute_type\": \"BUILD_GENERAL1_SMALL\",\n \"image\": \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n \"type\": \"LINUX_CONTAINER\",\n \"image_pull_credentials_type\": \"CODEBUILD\",\n \"environment_variables\": [\n {\n \"name\": \"SOME_KEY1\",\n \"value\": \"SOME_VALUE1\",\n },\n {\n \"name\": \"SOME_KEY2\",\n \"value\": \"SOME_VALUE2\",\n \"type\": \"PARAMETER_STORE\",\n },\n ],\n },\n logs_config={\n \"cloudwatch_logs\": {\n \"group_name\": \"log-group\",\n \"stream_name\": \"log-stream\",\n },\n \"s3_logs\": {\n \"status\": \"ENABLED\",\n \"location\": example_bucket_v2.id.apply(lambda id: f\"{id}/build-log\"),\n },\n },\n source={\n \"type\": \"GITHUB\",\n \"location\": \"https://github.com/mitchellh/packer.git\",\n \"git_clone_depth\": 1,\n \"git_submodules_config\": {\n \"fetch_submodules\": True,\n },\n },\n source_version=\"master\",\n vpc_config={\n \"vpc_id\": example_aws_vpc[\"id\"],\n \"subnets\": [\n example1[\"id\"],\n example2[\"id\"],\n ],\n \"security_group_ids\": [\n example1_aws_security_group[\"id\"],\n example2_aws_security_group[\"id\"],\n ],\n },\n tags={\n \"Environment\": \"Test\",\n })\nproject_with_cache = aws.codebuild.Project(\"project-with-cache\",\n name=\"test-project-cache\",\n description=\"test_codebuild_project_cache\",\n build_timeout=5,\n queued_timeout=5,\n service_role=example_role.arn,\n artifacts={\n \"type\": \"NO_ARTIFACTS\",\n },\n cache={\n \"type\": \"LOCAL\",\n \"modes\": [\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n ],\n },\n environment={\n \"compute_type\": \"BUILD_GENERAL1_SMALL\",\n \"image\": \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n \"type\": \"LINUX_CONTAINER\",\n \"image_pull_credentials_type\": \"CODEBUILD\",\n \"environment_variables\": [{\n \"name\": \"SOME_KEY1\",\n \"value\": \"SOME_VALUE1\",\n }],\n },\n source={\n \"type\": \"GITHUB\",\n \"location\": \"https://github.com/mitchellh/packer.git\",\n \"git_clone_depth\": 1,\n },\n tags={\n \"Environment\": \"Test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Acl = \"private\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"codebuild.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:CreateNetworkInterfacePermission\",\n },\n Resources = new[]\n {\n \"arn:aws:ec2:us-east-1:123456789012:network-interface/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"ec2:Subnet\",\n Values = new[]\n {\n example1.Arn,\n example2.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"ec2:AuthorizedService\",\n Values = new[]\n {\n \"codebuild.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n $\"{exampleBucketV2.Arn}/*\",\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Role = exampleRole.Name,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleProject = new Aws.CodeBuild.Project(\"example\", new()\n {\n Name = \"test-project\",\n Description = \"test_codebuild_project\",\n BuildTimeout = 5,\n ServiceRole = exampleRole.Arn,\n Artifacts = new Aws.CodeBuild.Inputs.ProjectArtifactsArgs\n {\n Type = \"NO_ARTIFACTS\",\n },\n Cache = new Aws.CodeBuild.Inputs.ProjectCacheArgs\n {\n Type = \"S3\",\n Location = exampleBucketV2.Bucket,\n },\n Environment = new Aws.CodeBuild.Inputs.ProjectEnvironmentArgs\n {\n ComputeType = \"BUILD_GENERAL1_SMALL\",\n Image = \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n Type = \"LINUX_CONTAINER\",\n ImagePullCredentialsType = \"CODEBUILD\",\n EnvironmentVariables = new[]\n {\n new Aws.CodeBuild.Inputs.ProjectEnvironmentEnvironmentVariableArgs\n {\n Name = \"SOME_KEY1\",\n Value = \"SOME_VALUE1\",\n },\n new Aws.CodeBuild.Inputs.ProjectEnvironmentEnvironmentVariableArgs\n {\n Name = \"SOME_KEY2\",\n Value = \"SOME_VALUE2\",\n Type = \"PARAMETER_STORE\",\n },\n },\n },\n LogsConfig = new Aws.CodeBuild.Inputs.ProjectLogsConfigArgs\n {\n CloudwatchLogs = new Aws.CodeBuild.Inputs.ProjectLogsConfigCloudwatchLogsArgs\n {\n GroupName = \"log-group\",\n StreamName = \"log-stream\",\n },\n S3Logs = new Aws.CodeBuild.Inputs.ProjectLogsConfigS3LogsArgs\n {\n Status = \"ENABLED\",\n Location = exampleBucketV2.Id.Apply(id =\u003e $\"{id}/build-log\"),\n },\n },\n Source = new Aws.CodeBuild.Inputs.ProjectSourceArgs\n {\n Type = \"GITHUB\",\n Location = \"https://github.com/mitchellh/packer.git\",\n GitCloneDepth = 1,\n GitSubmodulesConfig = new Aws.CodeBuild.Inputs.ProjectSourceGitSubmodulesConfigArgs\n {\n FetchSubmodules = true,\n },\n },\n SourceVersion = \"master\",\n VpcConfig = new Aws.CodeBuild.Inputs.ProjectVpcConfigArgs\n {\n VpcId = exampleAwsVpc.Id,\n Subnets = new[]\n {\n example1.Id,\n example2.Id,\n },\n SecurityGroupIds = new[]\n {\n example1AwsSecurityGroup.Id,\n example2AwsSecurityGroup.Id,\n },\n },\n Tags = \n {\n { \"Environment\", \"Test\" },\n },\n });\n\n var project_with_cache = new Aws.CodeBuild.Project(\"project-with-cache\", new()\n {\n Name = \"test-project-cache\",\n Description = \"test_codebuild_project_cache\",\n BuildTimeout = 5,\n QueuedTimeout = 5,\n ServiceRole = exampleRole.Arn,\n Artifacts = new Aws.CodeBuild.Inputs.ProjectArtifactsArgs\n {\n Type = \"NO_ARTIFACTS\",\n },\n Cache = new Aws.CodeBuild.Inputs.ProjectCacheArgs\n {\n Type = \"LOCAL\",\n Modes = new[]\n {\n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\",\n },\n },\n Environment = new Aws.CodeBuild.Inputs.ProjectEnvironmentArgs\n {\n ComputeType = \"BUILD_GENERAL1_SMALL\",\n Image = \"aws/codebuild/amazonlinux2-x86_64-standard:4.0\",\n Type = \"LINUX_CONTAINER\",\n ImagePullCredentialsType = \"CODEBUILD\",\n EnvironmentVariables = new[]\n {\n new Aws.CodeBuild.Inputs.ProjectEnvironmentEnvironmentVariableArgs\n {\n Name = \"SOME_KEY1\",\n Value = \"SOME_VALUE1\",\n },\n },\n },\n Source = new Aws.CodeBuild.Inputs.ProjectSourceArgs\n {\n Type = \"GITHUB\",\n Location = \"https://github.com/mitchellh/packer.git\",\n GitCloneDepth = 1,\n },\n Tags = \n {\n { \"Environment\", \"Test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\nBucket: pulumi.String(\"example\"),\n})\nif err != nil {\nreturn err\n}\n_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\nBucket: exampleBucketV2.ID(),\nAcl: pulumi.String(\"private\"),\n})\nif err != nil {\nreturn err\n}\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"codebuild.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"example\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\nexample := pulumi.All(exampleBucketV2.Arn,exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\nexampleBucketV2Arn := _args[0].(string)\nexampleBucketV2Arn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nActions: []string{\n\"logs:CreateLogGroup\",\n\"logs:CreateLogStream\",\n\"logs:PutLogEvents\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nEffect: \"Allow\",\nActions: []string{\n\"ec2:CreateNetworkInterface\",\n\"ec2:DescribeDhcpOptions\",\n\"ec2:DescribeNetworkInterfaces\",\n\"ec2:DeleteNetworkInterface\",\n\"ec2:DescribeSubnets\",\n\"ec2:DescribeSecurityGroups\",\n\"ec2:DescribeVpcs\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nEffect: \"Allow\",\nActions: []string{\n\"ec2:CreateNetworkInterfacePermission\",\n},\nResources: []string{\n\"arn:aws:ec2:us-east-1:123456789012:network-interface/*\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"ec2:Subnet\",\nValues: interface{}{\nexample1.Arn,\nexample2.Arn,\n},\n},\n{\nTest: \"StringEquals\",\nVariable: \"ec2:AuthorizedService\",\nValues: []string{\n\"codebuild.amazonaws.com\",\n},\n},\n},\n},\n{\nEffect: \"Allow\",\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\nexampleBucketV2Arn,\nfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nRole: exampleRole.Name,\nPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\n_, err = codebuild.NewProject(ctx, \"example\", \u0026codebuild.ProjectArgs{\nName: pulumi.String(\"test-project\"),\nDescription: pulumi.String(\"test_codebuild_project\"),\nBuildTimeout: pulumi.Int(5),\nServiceRole: exampleRole.Arn,\nArtifacts: \u0026codebuild.ProjectArtifactsArgs{\nType: pulumi.String(\"NO_ARTIFACTS\"),\n},\nCache: \u0026codebuild.ProjectCacheArgs{\nType: pulumi.String(\"S3\"),\nLocation: exampleBucketV2.Bucket,\n},\nEnvironment: \u0026codebuild.ProjectEnvironmentArgs{\nComputeType: pulumi.String(\"BUILD_GENERAL1_SMALL\"),\nImage: pulumi.String(\"aws/codebuild/amazonlinux2-x86_64-standard:4.0\"),\nType: pulumi.String(\"LINUX_CONTAINER\"),\nImagePullCredentialsType: pulumi.String(\"CODEBUILD\"),\nEnvironmentVariables: codebuild.ProjectEnvironmentEnvironmentVariableArray{\n\u0026codebuild.ProjectEnvironmentEnvironmentVariableArgs{\nName: pulumi.String(\"SOME_KEY1\"),\nValue: pulumi.String(\"SOME_VALUE1\"),\n},\n\u0026codebuild.ProjectEnvironmentEnvironmentVariableArgs{\nName: pulumi.String(\"SOME_KEY2\"),\nValue: pulumi.String(\"SOME_VALUE2\"),\nType: pulumi.String(\"PARAMETER_STORE\"),\n},\n},\n},\nLogsConfig: \u0026codebuild.ProjectLogsConfigArgs{\nCloudwatchLogs: \u0026codebuild.ProjectLogsConfigCloudwatchLogsArgs{\nGroupName: pulumi.String(\"log-group\"),\nStreamName: pulumi.String(\"log-stream\"),\n},\nS3Logs: \u0026codebuild.ProjectLogsConfigS3LogsArgs{\nStatus: pulumi.String(\"ENABLED\"),\nLocation: exampleBucketV2.ID().ApplyT(func(id string) (string, error) {\nreturn fmt.Sprintf(\"%v/build-log\", id), nil\n}).(pulumi.StringOutput),\n},\n},\nSource: \u0026codebuild.ProjectSourceArgs{\nType: pulumi.String(\"GITHUB\"),\nLocation: pulumi.String(\"https://github.com/mitchellh/packer.git\"),\nGitCloneDepth: pulumi.Int(1),\nGitSubmodulesConfig: \u0026codebuild.ProjectSourceGitSubmodulesConfigArgs{\nFetchSubmodules: pulumi.Bool(true),\n},\n},\nSourceVersion: pulumi.String(\"master\"),\nVpcConfig: \u0026codebuild.ProjectVpcConfigArgs{\nVpcId: pulumi.Any(exampleAwsVpc.Id),\nSubnets: pulumi.StringArray{\nexample1.Id,\nexample2.Id,\n},\nSecurityGroupIds: pulumi.StringArray{\nexample1AwsSecurityGroup.Id,\nexample2AwsSecurityGroup.Id,\n},\n},\nTags: pulumi.StringMap{\n\"Environment\": pulumi.String(\"Test\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = codebuild.NewProject(ctx, \"project-with-cache\", \u0026codebuild.ProjectArgs{\nName: pulumi.String(\"test-project-cache\"),\nDescription: pulumi.String(\"test_codebuild_project_cache\"),\nBuildTimeout: pulumi.Int(5),\nQueuedTimeout: pulumi.Int(5),\nServiceRole: exampleRole.Arn,\nArtifacts: \u0026codebuild.ProjectArtifactsArgs{\nType: pulumi.String(\"NO_ARTIFACTS\"),\n},\nCache: \u0026codebuild.ProjectCacheArgs{\nType: pulumi.String(\"LOCAL\"),\nModes: pulumi.StringArray{\npulumi.String(\"LOCAL_DOCKER_LAYER_CACHE\"),\npulumi.String(\"LOCAL_SOURCE_CACHE\"),\n},\n},\nEnvironment: \u0026codebuild.ProjectEnvironmentArgs{\nComputeType: pulumi.String(\"BUILD_GENERAL1_SMALL\"),\nImage: pulumi.String(\"aws/codebuild/amazonlinux2-x86_64-standard:4.0\"),\nType: pulumi.String(\"LINUX_CONTAINER\"),\nImagePullCredentialsType: pulumi.String(\"CODEBUILD\"),\nEnvironmentVariables: codebuild.ProjectEnvironmentEnvironmentVariableArray{\n\u0026codebuild.ProjectEnvironmentEnvironmentVariableArgs{\nName: pulumi.String(\"SOME_KEY1\"),\nValue: pulumi.String(\"SOME_VALUE1\"),\n},\n},\n},\nSource: \u0026codebuild.ProjectSourceArgs{\nType: pulumi.String(\"GITHUB\"),\nLocation: pulumi.String(\"https://github.com/mitchellh/packer.git\"),\nGitCloneDepth: pulumi.Int(1),\n},\nTags: pulumi.StringMap{\n\"Environment\": pulumi.String(\"Test\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.codebuild.Project;\nimport com.pulumi.aws.codebuild.ProjectArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectArtifactsArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectCacheArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectEnvironmentArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectLogsConfigArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectLogsConfigCloudwatchLogsArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectLogsConfigS3LogsArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectSourceArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectSourceGitSubmodulesConfigArgs;\nimport com.pulumi.aws.codebuild.inputs.ProjectVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"codebuild.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"ec2:CreateNetworkInterface\",\n \"ec2:DescribeDhcpOptions\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeVpcs\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:CreateNetworkInterfacePermission\")\n .resources(\"arn:aws:ec2:us-east-1:123456789012:network-interface/*\")\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"ec2:Subnet\")\n .values( \n example1.arn(),\n example2.arn())\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"ec2:AuthorizedService\")\n .values(\"codebuild.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n exampleBucketV2.arn(),\n exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .role(exampleRole.name())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleProject = new Project(\"exampleProject\", ProjectArgs.builder()\n .name(\"test-project\")\n .description(\"test_codebuild_project\")\n .buildTimeout(5)\n .serviceRole(exampleRole.arn())\n .artifacts(ProjectArtifactsArgs.builder()\n .type(\"NO_ARTIFACTS\")\n .build())\n .cache(ProjectCacheArgs.builder()\n .type(\"S3\")\n .location(exampleBucketV2.bucket())\n .build())\n .environment(ProjectEnvironmentArgs.builder()\n .computeType(\"BUILD_GENERAL1_SMALL\")\n .image(\"aws/codebuild/amazonlinux2-x86_64-standard:4.0\")\n .type(\"LINUX_CONTAINER\")\n .imagePullCredentialsType(\"CODEBUILD\")\n .environmentVariables( \n ProjectEnvironmentEnvironmentVariableArgs.builder()\n .name(\"SOME_KEY1\")\n .value(\"SOME_VALUE1\")\n .build(),\n ProjectEnvironmentEnvironmentVariableArgs.builder()\n .name(\"SOME_KEY2\")\n .value(\"SOME_VALUE2\")\n .type(\"PARAMETER_STORE\")\n .build())\n .build())\n .logsConfig(ProjectLogsConfigArgs.builder()\n .cloudwatchLogs(ProjectLogsConfigCloudwatchLogsArgs.builder()\n .groupName(\"log-group\")\n .streamName(\"log-stream\")\n .build())\n .s3Logs(ProjectLogsConfigS3LogsArgs.builder()\n .status(\"ENABLED\")\n .location(exampleBucketV2.id().applyValue(id -\u003e String.format(\"%s/build-log\", id)))\n .build())\n .build())\n .source(ProjectSourceArgs.builder()\n .type(\"GITHUB\")\n .location(\"https://github.com/mitchellh/packer.git\")\n .gitCloneDepth(1)\n .gitSubmodulesConfig(ProjectSourceGitSubmodulesConfigArgs.builder()\n .fetchSubmodules(true)\n .build())\n .build())\n .sourceVersion(\"master\")\n .vpcConfig(ProjectVpcConfigArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .subnets( \n example1.id(),\n example2.id())\n .securityGroupIds( \n example1AwsSecurityGroup.id(),\n example2AwsSecurityGroup.id())\n .build())\n .tags(Map.of(\"Environment\", \"Test\"))\n .build());\n\n var project_with_cache = new Project(\"project-with-cache\", ProjectArgs.builder()\n .name(\"test-project-cache\")\n .description(\"test_codebuild_project_cache\")\n .buildTimeout(5)\n .queuedTimeout(5)\n .serviceRole(exampleRole.arn())\n .artifacts(ProjectArtifactsArgs.builder()\n .type(\"NO_ARTIFACTS\")\n .build())\n .cache(ProjectCacheArgs.builder()\n .type(\"LOCAL\")\n .modes( \n \"LOCAL_DOCKER_LAYER_CACHE\",\n \"LOCAL_SOURCE_CACHE\")\n .build())\n .environment(ProjectEnvironmentArgs.builder()\n .computeType(\"BUILD_GENERAL1_SMALL\")\n .image(\"aws/codebuild/amazonlinux2-x86_64-standard:4.0\")\n .type(\"LINUX_CONTAINER\")\n .imagePullCredentialsType(\"CODEBUILD\")\n .environmentVariables(ProjectEnvironmentEnvironmentVariableArgs.builder()\n .name(\"SOME_KEY1\")\n .value(\"SOME_VALUE1\")\n .build())\n .build())\n .source(ProjectSourceArgs.builder()\n .type(\"GITHUB\")\n .location(\"https://github.com/mitchellh/packer.git\")\n .gitCloneDepth(1)\n .build())\n .tags(Map.of(\"Environment\", \"Test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n role: ${exampleRole.name}\n policy: ${example.json}\n exampleProject:\n type: aws:codebuild:Project\n name: example\n properties:\n name: test-project\n description: test_codebuild_project\n buildTimeout: 5\n serviceRole: ${exampleRole.arn}\n artifacts:\n type: NO_ARTIFACTS\n cache:\n type: S3\n location: ${exampleBucketV2.bucket}\n environment:\n computeType: BUILD_GENERAL1_SMALL\n image: aws/codebuild/amazonlinux2-x86_64-standard:4.0\n type: LINUX_CONTAINER\n imagePullCredentialsType: CODEBUILD\n environmentVariables:\n - name: SOME_KEY1\n value: SOME_VALUE1\n - name: SOME_KEY2\n value: SOME_VALUE2\n type: PARAMETER_STORE\n logsConfig:\n cloudwatchLogs:\n groupName: log-group\n streamName: log-stream\n s3Logs:\n status: ENABLED\n location: ${exampleBucketV2.id}/build-log\n source:\n type: GITHUB\n location: https://github.com/mitchellh/packer.git\n gitCloneDepth: 1\n gitSubmodulesConfig:\n fetchSubmodules: true\n sourceVersion: master\n vpcConfig:\n vpcId: ${exampleAwsVpc.id}\n subnets:\n - ${example1.id}\n - ${example2.id}\n securityGroupIds:\n - ${example1AwsSecurityGroup.id}\n - ${example2AwsSecurityGroup.id}\n tags:\n Environment: Test\n project-with-cache:\n type: aws:codebuild:Project\n properties:\n name: test-project-cache\n description: test_codebuild_project_cache\n buildTimeout: 5\n queuedTimeout: 5\n serviceRole: ${exampleRole.arn}\n artifacts:\n type: NO_ARTIFACTS\n cache:\n type: LOCAL\n modes:\n - LOCAL_DOCKER_LAYER_CACHE\n - LOCAL_SOURCE_CACHE\n environment:\n computeType: BUILD_GENERAL1_SMALL\n image: aws/codebuild/amazonlinux2-x86_64-standard:4.0\n type: LINUX_CONTAINER\n imagePullCredentialsType: CODEBUILD\n environmentVariables:\n - name: SOME_KEY1\n value: SOME_VALUE1\n source:\n type: GITHUB\n location: https://github.com/mitchellh/packer.git\n gitCloneDepth: 1\n tags:\n Environment: Test\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - codebuild.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - '*'\n - effect: Allow\n actions:\n - ec2:CreateNetworkInterface\n - ec2:DescribeDhcpOptions\n - ec2:DescribeNetworkInterfaces\n - ec2:DeleteNetworkInterface\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n - ec2:DescribeVpcs\n resources:\n - '*'\n - effect: Allow\n actions:\n - ec2:CreateNetworkInterfacePermission\n resources:\n - arn:aws:ec2:us-east-1:123456789012:network-interface/*\n conditions:\n - test: StringEquals\n variable: ec2:Subnet\n values:\n - ${example1.arn}\n - ${example2.arn}\n - test: StringEquals\n variable: ec2:AuthorizedService\n values:\n - codebuild.amazonaws.com\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Project using the `name`. For example:\n\n```sh\n$ pulumi import aws:codebuild/project:Project name project-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the CodeBuild project.\n" }, "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Configuration block. Detailed below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "badgeUrl": { "type": "string", "description": "URL of the build badge when `badge_enabled` is enabled.\n" }, "buildBatchConfig": { "$ref": "#/types/aws:codebuild/ProjectBuildBatchConfig:ProjectBuildBatchConfig", "description": "Defines the batch build options for the project.\n" }, "buildTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes. The `build_timeout` property is not available on the `Lambda` compute type.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Configuration block. Detailed below.\n" }, "concurrentBuildLimit": { "type": "integer", "description": "Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.\n" }, "description": { "type": "string", "description": "Short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Configuration block. Detailed below.\n" }, "fileSystemLocations": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectFileSystemLocation:ProjectFileSystemLocation" }, "description": "A set of file system locations to mount inside the build. File system locations are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Project's name.\n" }, "projectVisibility": { "type": "string", "description": "Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ` and `PRIVATE`. Default value is `PRIVATE`.\n" }, "publicProjectAlias": { "type": "string", "description": "The project identifier used with the public build APIs.\n" }, "queuedTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours. The `queued_timeout` property is not available on the `Lambda` compute type.\n" }, "resourceAccessRole": { "type": "string", "description": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if `project_visibility` is `PUBLIC_READ`.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "Configuration block. Detailed below.\n" }, "secondarySourceVersions": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceVersion:ProjectSecondarySourceVersion" }, "description": "Configuration block. Detailed below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "Configuration block. Detailed below.\n" }, "serviceRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Configuration block. Detailed below.\n\nThe following arguments are optional:\n" }, "sourceVersion": { "type": "string", "description": "Version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "required": [ "arn", "artifacts", "badgeUrl", "description", "encryptionKey", "environment", "name", "publicProjectAlias", "serviceRole", "source", "tagsAll" ], "inputProperties": { "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Configuration block. Detailed below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "buildBatchConfig": { "$ref": "#/types/aws:codebuild/ProjectBuildBatchConfig:ProjectBuildBatchConfig", "description": "Defines the batch build options for the project.\n" }, "buildTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes. The `build_timeout` property is not available on the `Lambda` compute type.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Configuration block. Detailed below.\n" }, "concurrentBuildLimit": { "type": "integer", "description": "Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.\n" }, "description": { "type": "string", "description": "Short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Configuration block. Detailed below.\n" }, "fileSystemLocations": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectFileSystemLocation:ProjectFileSystemLocation" }, "description": "A set of file system locations to mount inside the build. File system locations are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Project's name.\n", "willReplaceOnChanges": true }, "projectVisibility": { "type": "string", "description": "Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ` and `PRIVATE`. Default value is `PRIVATE`.\n" }, "queuedTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours. The `queued_timeout` property is not available on the `Lambda` compute type.\n" }, "resourceAccessRole": { "type": "string", "description": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if `project_visibility` is `PUBLIC_READ`.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "Configuration block. Detailed below.\n" }, "secondarySourceVersions": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceVersion:ProjectSecondarySourceVersion" }, "description": "Configuration block. Detailed below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "Configuration block. Detailed below.\n" }, "serviceRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Configuration block. Detailed below.\n\nThe following arguments are optional:\n" }, "sourceVersion": { "type": "string", "description": "Version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "requiredInputs": [ "artifacts", "environment", "serviceRole", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the CodeBuild project.\n" }, "artifacts": { "$ref": "#/types/aws:codebuild/ProjectArtifacts:ProjectArtifacts", "description": "Configuration block. Detailed below.\n" }, "badgeEnabled": { "type": "boolean", "description": "Generates a publicly-accessible URL for the projects build badge. Available as `badge_url` attribute when enabled.\n" }, "badgeUrl": { "type": "string", "description": "URL of the build badge when `badge_enabled` is enabled.\n" }, "buildBatchConfig": { "$ref": "#/types/aws:codebuild/ProjectBuildBatchConfig:ProjectBuildBatchConfig", "description": "Defines the batch build options for the project.\n" }, "buildTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes. The `build_timeout` property is not available on the `Lambda` compute type.\n" }, "cache": { "$ref": "#/types/aws:codebuild/ProjectCache:ProjectCache", "description": "Configuration block. Detailed below.\n" }, "concurrentBuildLimit": { "type": "integer", "description": "Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.\n" }, "description": { "type": "string", "description": "Short description of the project.\n" }, "encryptionKey": { "type": "string", "description": "AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.\n" }, "environment": { "$ref": "#/types/aws:codebuild/ProjectEnvironment:ProjectEnvironment", "description": "Configuration block. Detailed below.\n" }, "fileSystemLocations": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectFileSystemLocation:ProjectFileSystemLocation" }, "description": "A set of file system locations to mount inside the build. File system locations are documented below.\n" }, "logsConfig": { "$ref": "#/types/aws:codebuild/ProjectLogsConfig:ProjectLogsConfig", "description": "Configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Project's name.\n", "willReplaceOnChanges": true }, "projectVisibility": { "type": "string", "description": "Specifies the visibility of the project's builds. Possible values are: `PUBLIC_READ` and `PRIVATE`. Default value is `PRIVATE`.\n" }, "publicProjectAlias": { "type": "string", "description": "The project identifier used with the public build APIs.\n" }, "queuedTimeout": { "type": "integer", "description": "Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours. The `queued_timeout` property is not available on the `Lambda` compute type.\n" }, "resourceAccessRole": { "type": "string", "description": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds in order to display them publicly. Only applicable if `project_visibility` is `PUBLIC_READ`.\n" }, "secondaryArtifacts": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondaryArtifact:ProjectSecondaryArtifact" }, "description": "Configuration block. Detailed below.\n" }, "secondarySourceVersions": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySourceVersion:ProjectSecondarySourceVersion" }, "description": "Configuration block. Detailed below.\n" }, "secondarySources": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/ProjectSecondarySource:ProjectSecondarySource" }, "description": "Configuration block. Detailed below.\n" }, "serviceRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.\n" }, "source": { "$ref": "#/types/aws:codebuild/ProjectSource:ProjectSource", "description": "Configuration block. Detailed below.\n\nThe following arguments are optional:\n" }, "sourceVersion": { "type": "string", "description": "Version of the build input to be built for this project. If not specified, the latest version is used.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:codebuild/ProjectVpcConfig:ProjectVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "type": "object" } }, "aws:codebuild/reportGroup:ReportGroup": { "description": "Provides a CodeBuild Report Groups Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"Enable IAM User Permissions\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current.accountId}:root`],\n }],\n actions: [\"kms:*\"],\n resources: [\"*\"],\n }],\n}));\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"my test kms key\",\n deletionWindowInDays: 7,\n policy: example.then(example =\u003e example.json),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"my-test\"});\nconst exampleReportGroup = new aws.codebuild.ReportGroup(\"example\", {\n name: \"my test report group\",\n type: \"TEST\",\n exportConfig: {\n type: \"S3\",\n s3Destination: {\n bucket: exampleBucketV2.id,\n encryptionDisabled: false,\n encryptionKey: exampleKey.arn,\n packaging: \"NONE\",\n path: \"/some\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"Enable IAM User Permissions\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [f\"arn:aws:iam::{current.account_id}:root\"],\n }],\n \"actions\": [\"kms:*\"],\n \"resources\": [\"*\"],\n}])\nexample_key = aws.kms.Key(\"example\",\n description=\"my test kms key\",\n deletion_window_in_days=7,\n policy=example.json)\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"my-test\")\nexample_report_group = aws.codebuild.ReportGroup(\"example\",\n name=\"my test report group\",\n type=\"TEST\",\n export_config={\n \"type\": \"S3\",\n \"s3_destination\": {\n \"bucket\": example_bucket_v2.id,\n \"encryption_disabled\": False,\n \"encryption_key\": example_key.arn,\n \"packaging\": \"NONE\",\n \"path\": \"/some\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Enable IAM User Permissions\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"my test kms key\",\n DeletionWindowInDays = 7,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test\",\n });\n\n var exampleReportGroup = new Aws.CodeBuild.ReportGroup(\"example\", new()\n {\n Name = \"my test report group\",\n Type = \"TEST\",\n ExportConfig = new Aws.CodeBuild.Inputs.ReportGroupExportConfigArgs\n {\n Type = \"S3\",\n S3Destination = new Aws.CodeBuild.Inputs.ReportGroupExportConfigS3DestinationArgs\n {\n Bucket = exampleBucketV2.Id,\n EncryptionDisabled = false,\n EncryptionKey = exampleKey.Arn,\n Packaging = \"NONE\",\n Path = \"/some\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Enable IAM User Permissions\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"my test kms key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codebuild.NewReportGroup(ctx, \"example\", \u0026codebuild.ReportGroupArgs{\n\t\t\tName: pulumi.String(\"my test report group\"),\n\t\t\tType: pulumi.String(\"TEST\"),\n\t\t\tExportConfig: \u0026codebuild.ReportGroupExportConfigArgs{\n\t\t\t\tType: pulumi.String(\"S3\"),\n\t\t\t\tS3Destination: \u0026codebuild.ReportGroupExportConfigS3DestinationArgs{\n\t\t\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\t\t\tEncryptionDisabled: pulumi.Bool(false),\n\t\t\t\t\tEncryptionKey: exampleKey.Arn,\n\t\t\t\t\tPackaging: pulumi.String(\"NONE\"),\n\t\t\t\t\tPath: pulumi.String(\"/some\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.codebuild.ReportGroup;\nimport com.pulumi.aws.codebuild.ReportGroupArgs;\nimport com.pulumi.aws.codebuild.inputs.ReportGroupExportConfigArgs;\nimport com.pulumi.aws.codebuild.inputs.ReportGroupExportConfigS3DestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"Enable IAM User Permissions\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .actions(\"kms:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"my test kms key\")\n .deletionWindowInDays(7)\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"my-test\")\n .build());\n\n var exampleReportGroup = new ReportGroup(\"exampleReportGroup\", ReportGroupArgs.builder()\n .name(\"my test report group\")\n .type(\"TEST\")\n .exportConfig(ReportGroupExportConfigArgs.builder()\n .type(\"S3\")\n .s3Destination(ReportGroupExportConfigS3DestinationArgs.builder()\n .bucket(exampleBucketV2.id())\n .encryptionDisabled(false)\n .encryptionKey(exampleKey.arn())\n .packaging(\"NONE\")\n .path(\"/some\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: my test kms key\n deletionWindowInDays: 7\n policy: ${example.json}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test\n exampleReportGroup:\n type: aws:codebuild:ReportGroup\n name: example\n properties:\n name: my test report group\n type: TEST\n exportConfig:\n type: S3\n s3Destination:\n bucket: ${exampleBucketV2.id}\n encryptionDisabled: false\n encryptionKey: ${exampleKey.arn}\n packaging: NONE\n path: /some\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Enable IAM User Permissions\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n actions:\n - kms:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Report Group using the CodeBuild Report Group arn. For example:\n\n```sh\n$ pulumi import aws:codebuild/reportGroup:ReportGroup example arn:aws:codebuild:us-west-2:123456789:report-group/report-group-name\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of Report Group.\n" }, "created": { "type": "string", "description": "The date and time this Report Group was created.\n" }, "deleteReports": { "type": "boolean", "description": "If `true`, deletes any reports that belong to a report group before deleting the report group. If `false`, you must delete any reports in the report group before deleting it. Default value is `false`.\n" }, "exportConfig": { "$ref": "#/types/aws:codebuild/ReportGroupExportConfig:ReportGroupExportConfig", "description": "Information about the destination where the raw data of this Report Group is exported. see Export Config documented below.\n" }, "name": { "type": "string", "description": "The name of a Report Group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the Report Group. Valid value are `TEST` and `CODE_COVERAGE`.\n" } }, "required": [ "arn", "created", "exportConfig", "name", "tagsAll", "type" ], "inputProperties": { "deleteReports": { "type": "boolean", "description": "If `true`, deletes any reports that belong to a report group before deleting the report group. If `false`, you must delete any reports in the report group before deleting it. Default value is `false`.\n" }, "exportConfig": { "$ref": "#/types/aws:codebuild/ReportGroupExportConfig:ReportGroupExportConfig", "description": "Information about the destination where the raw data of this Report Group is exported. see Export Config documented below.\n" }, "name": { "type": "string", "description": "The name of a Report Group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of the Report Group. Valid value are `TEST` and `CODE_COVERAGE`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "exportConfig", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReportGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of Report Group.\n" }, "created": { "type": "string", "description": "The date and time this Report Group was created.\n" }, "deleteReports": { "type": "boolean", "description": "If `true`, deletes any reports that belong to a report group before deleting the report group. If `false`, you must delete any reports in the report group before deleting it. Default value is `false`.\n" }, "exportConfig": { "$ref": "#/types/aws:codebuild/ReportGroupExportConfig:ReportGroupExportConfig", "description": "Information about the destination where the raw data of this Report Group is exported. see Export Config documented below.\n" }, "name": { "type": "string", "description": "The name of a Report Group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the Report Group. Valid value are `TEST` and `CODE_COVERAGE`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codebuild/resourcePolicy:ResourcePolicy": { "description": "Provides a CodeBuild Resource Policy Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.ReportGroup(\"example\", {\n name: \"example\",\n type: \"TEST\",\n exportConfig: {\n type: \"NO_EXPORT\",\n },\n});\nconst current = aws.getPartition({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleResourcePolicy = new aws.codebuild.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Id: \"default\",\n Statement: [{\n Sid: \"default\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root`),\n },\n Action: [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n Resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codebuild.ReportGroup(\"example\",\n name=\"example\",\n type=\"TEST\",\n export_config={\n \"type\": \"NO_EXPORT\",\n })\ncurrent = aws.get_partition()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_resource_policy = aws.codebuild.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"default\",\n \"Statement\": [{\n \"Sid\": \"default\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current.partition}:iam::{current_get_caller_identity.account_id}:root\",\n },\n \"Action\": [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n \"Resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.ReportGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"TEST\",\n ExportConfig = new Aws.CodeBuild.Inputs.ReportGroupExportConfigArgs\n {\n Type = \"NO_EXPORT\",\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleResourcePolicy = new Aws.CodeBuild.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"default\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"default\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n },\n [\"Resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codebuild.NewReportGroup(ctx, \"example\", \u0026codebuild.ReportGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"TEST\"),\n\t\t\tExportConfig: \u0026codebuild.ReportGroupExportConfigArgs{\n\t\t\t\tType: pulumi.String(\"NO_EXPORT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codebuild.NewResourcePolicy(ctx, \"example\", \u0026codebuild.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Id\": \"default\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"default\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", current.Partition, currentGetCallerIdentity.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReportGroups\",\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReports\",\n\t\t\t\t\t\t\t\t\"codebuild:ListReportsForReportGroup\",\n\t\t\t\t\t\t\t\t\"codebuild:DescribeTestCases\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.ReportGroup;\nimport com.pulumi.aws.codebuild.ReportGroupArgs;\nimport com.pulumi.aws.codebuild.inputs.ReportGroupExportConfigArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.codebuild.ResourcePolicy;\nimport com.pulumi.aws.codebuild.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReportGroup(\"example\", ReportGroupArgs.builder()\n .name(\"example\")\n .type(\"TEST\")\n .exportConfig(ReportGroupExportConfigArgs.builder()\n .type(\"NO_EXPORT\")\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder()\n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"default\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"default\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"codebuild:BatchGetReportGroups\", \n \"codebuild:BatchGetReports\", \n \"codebuild:ListReportsForReportGroup\", \n \"codebuild:DescribeTestCases\"\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:ReportGroup\n properties:\n name: example\n type: TEST\n exportConfig:\n type: NO_EXPORT\n exampleResourcePolicy:\n type: aws:codebuild:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: default\n Statement:\n - Sid: default\n Effect: Allow\n Principal:\n AWS: arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root\n Action:\n - codebuild:BatchGetReportGroups\n - codebuild:BatchGetReports\n - codebuild:ListReportsForReportGroup\n - codebuild:DescribeTestCases\n Resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Resource Policy using the CodeBuild Resource Policy arn. For example:\n\n```sh\n$ pulumi import aws:codebuild/resourcePolicy:ResourcePolicy example arn:aws:codebuild:us-west-2:123456789:report-group/report-group-name\n```\n", "properties": { "policy": { "type": "string", "description": "A JSON-formatted resource policy. For more information, see [Sharing a Projec](https://docs.aws.amazon.com/codebuild/latest/userguide/project-sharing.html#project-sharing-share) and [Sharing a Report Group](https://docs.aws.amazon.com/codebuild/latest/userguide/report-groups-sharing.html#report-groups-sharing-share).\n" }, "resourceArn": { "type": "string", "description": "The ARN of the Project or ReportGroup resource you want to associate with a resource policy.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "A JSON-formatted resource policy. For more information, see [Sharing a Projec](https://docs.aws.amazon.com/codebuild/latest/userguide/project-sharing.html#project-sharing-share) and [Sharing a Report Group](https://docs.aws.amazon.com/codebuild/latest/userguide/report-groups-sharing.html#report-groups-sharing-share).\n" }, "resourceArn": { "type": "string", "description": "The ARN of the Project or ReportGroup resource you want to associate with a resource policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "A JSON-formatted resource policy. For more information, see [Sharing a Projec](https://docs.aws.amazon.com/codebuild/latest/userguide/project-sharing.html#project-sharing-share) and [Sharing a Report Group](https://docs.aws.amazon.com/codebuild/latest/userguide/report-groups-sharing.html#report-groups-sharing-share).\n" }, "resourceArn": { "type": "string", "description": "The ARN of the Project or ReportGroup resource you want to associate with a resource policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codebuild/sourceCredential:SourceCredential": { "description": "Provides a CodeBuild Source Credentials Resource.\n\n\u003e **NOTE:** [Codebuild only allows a single credential per given server type in a given region](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_codebuild.GitHubSourceCredentials.html). Therefore, when you define `aws.codebuild.SourceCredential`, `aws.codebuild.Project` resource defined in the same module will use it.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.SourceCredential(\"example\", {\n authType: \"PERSONAL_ACCESS_TOKEN\",\n serverType: \"GITHUB\",\n token: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.SourceCredential(\"example\",\n auth_type=\"PERSONAL_ACCESS_TOKEN\",\n server_type=\"GITHUB\",\n token=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.SourceCredential(\"example\", new()\n {\n AuthType = \"PERSONAL_ACCESS_TOKEN\",\n ServerType = \"GITHUB\",\n Token = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codebuild.NewSourceCredential(ctx, \"example\", \u0026codebuild.SourceCredentialArgs{\n\t\t\tAuthType: pulumi.String(\"PERSONAL_ACCESS_TOKEN\"),\n\t\t\tServerType: pulumi.String(\"GITHUB\"),\n\t\t\tToken: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.SourceCredential;\nimport com.pulumi.aws.codebuild.SourceCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SourceCredential(\"example\", SourceCredentialArgs.builder()\n .authType(\"PERSONAL_ACCESS_TOKEN\")\n .serverType(\"GITHUB\")\n .token(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:SourceCredential\n properties:\n authType: PERSONAL_ACCESS_TOKEN\n serverType: GITHUB\n token: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Bitbucket Server Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.SourceCredential(\"example\", {\n authType: \"BASIC_AUTH\",\n serverType: \"BITBUCKET\",\n token: \"example\",\n userName: \"test-user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.SourceCredential(\"example\",\n auth_type=\"BASIC_AUTH\",\n server_type=\"BITBUCKET\",\n token=\"example\",\n user_name=\"test-user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.SourceCredential(\"example\", new()\n {\n AuthType = \"BASIC_AUTH\",\n ServerType = \"BITBUCKET\",\n Token = \"example\",\n UserName = \"test-user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codebuild.NewSourceCredential(ctx, \"example\", \u0026codebuild.SourceCredentialArgs{\n\t\t\tAuthType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\tServerType: pulumi.String(\"BITBUCKET\"),\n\t\t\tToken: pulumi.String(\"example\"),\n\t\t\tUserName: pulumi.String(\"test-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.SourceCredential;\nimport com.pulumi.aws.codebuild.SourceCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SourceCredential(\"example\", SourceCredentialArgs.builder()\n .authType(\"BASIC_AUTH\")\n .serverType(\"BITBUCKET\")\n .token(\"example\")\n .userName(\"test-user\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:SourceCredential\n properties:\n authType: BASIC_AUTH\n serverType: BITBUCKET\n token: example\n userName: test-user\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Source Credential using the CodeBuild Source Credential arn. For example:\n\n```sh\n$ pulumi import aws:codebuild/sourceCredential:SourceCredential example arn:aws:codebuild:us-west-2:123456789:token:github\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of Source Credential.\n" }, "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n" }, "serverType": { "type": "string", "description": "The source provider used for this project.\n" }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n", "secret": true }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n" } }, "required": [ "arn", "authType", "serverType", "token" ], "inputProperties": { "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n", "willReplaceOnChanges": true }, "serverType": { "type": "string", "description": "The source provider used for this project.\n", "willReplaceOnChanges": true }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n", "secret": true, "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authType", "serverType", "token" ], "stateInputs": { "description": "Input properties used for looking up and filtering SourceCredential resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of Source Credential.\n" }, "authType": { "type": "string", "description": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API.\n", "willReplaceOnChanges": true }, "serverType": { "type": "string", "description": "The source provider used for this project.\n", "willReplaceOnChanges": true }, "token": { "type": "string", "description": "For `GitHub` or `GitHub Enterprise`, this is the personal access token. For `Bitbucket`, this is the app password.\n", "secret": true, "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The Bitbucket username when the authType is `BASIC_AUTH`. This parameter is not valid for other types of source providers or connections.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codebuild/webhook:Webhook": { "description": "Manages a CodeBuild webhook, which is an endpoint accepted by the CodeBuild service to trigger builds from source code repositories. Depending on the source type of the CodeBuild project, the CodeBuild service may also automatically create and delete the actual repository webhook as well.\n\n## Example Usage\n\n### Bitbucket and GitHub\n\nWhen working with [Bitbucket](https://bitbucket.org) and [GitHub](https://github.com) source CodeBuild webhooks, the CodeBuild service will automatically create (on `aws.codebuild.Webhook` resource creation) and delete (on `aws.codebuild.Webhook` resource deletion) the Bitbucket/GitHub repository webhook using its granted OAuth permissions. This behavior cannot be controlled by this provider.\n\n\u003e **Note:** The AWS account that this provider uses to create this resource *must* have authorized CodeBuild to access Bitbucket/GitHub's OAuth API in each applicable region. This is a manual step that must be done *before* creating webhooks with this resource. If OAuth is not configured, AWS will return an error similar to `ResourceNotFoundException: Could not find access token for server type github`. More information can be found in the CodeBuild User Guide for [Bitbucket](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-bitbucket-pull-request.html) and [GitHub](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-github-pull-request.html).\n\n\u003e **Note:** Further managing the automatically created Bitbucket/GitHub webhook with the `bitbucket_hook`/`github_repository_webhook` resource is only possible with importing that resource after creation of the `aws.codebuild.Webhook` resource. The CodeBuild API does not ever provide the `secret` attribute for the `aws.codebuild.Webhook` resource in this scenario.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.Webhook(\"example\", {\n projectName: exampleAwsCodebuildProject.name,\n buildType: \"BUILD\",\n filterGroups: [{\n filters: [\n {\n type: \"EVENT\",\n pattern: \"PUSH\",\n },\n {\n type: \"BASE_REF\",\n pattern: \"master\",\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codebuild.Webhook(\"example\",\n project_name=example_aws_codebuild_project[\"name\"],\n build_type=\"BUILD\",\n filter_groups=[{\n \"filters\": [\n {\n \"type\": \"EVENT\",\n \"pattern\": \"PUSH\",\n },\n {\n \"type\": \"BASE_REF\",\n \"pattern\": \"master\",\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.Webhook(\"example\", new()\n {\n ProjectName = exampleAwsCodebuildProject.Name,\n BuildType = \"BUILD\",\n FilterGroups = new[]\n {\n new Aws.CodeBuild.Inputs.WebhookFilterGroupArgs\n {\n Filters = new[]\n {\n new Aws.CodeBuild.Inputs.WebhookFilterGroupFilterArgs\n {\n Type = \"EVENT\",\n Pattern = \"PUSH\",\n },\n new Aws.CodeBuild.Inputs.WebhookFilterGroupFilterArgs\n {\n Type = \"BASE_REF\",\n Pattern = \"master\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codebuild.NewWebhook(ctx, \"example\", \u0026codebuild.WebhookArgs{\n\t\t\tProjectName: pulumi.Any(exampleAwsCodebuildProject.Name),\n\t\t\tBuildType: pulumi.String(\"BUILD\"),\n\t\t\tFilterGroups: codebuild.WebhookFilterGroupArray{\n\t\t\t\t\u0026codebuild.WebhookFilterGroupArgs{\n\t\t\t\t\tFilters: codebuild.WebhookFilterGroupFilterArray{\n\t\t\t\t\t\t\u0026codebuild.WebhookFilterGroupFilterArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"EVENT\"),\n\t\t\t\t\t\t\tPattern: pulumi.String(\"PUSH\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026codebuild.WebhookFilterGroupFilterArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"BASE_REF\"),\n\t\t\t\t\t\t\tPattern: pulumi.String(\"master\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.Webhook;\nimport com.pulumi.aws.codebuild.WebhookArgs;\nimport com.pulumi.aws.codebuild.inputs.WebhookFilterGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Webhook(\"example\", WebhookArgs.builder()\n .projectName(exampleAwsCodebuildProject.name())\n .buildType(\"BUILD\")\n .filterGroups(WebhookFilterGroupArgs.builder()\n .filters( \n WebhookFilterGroupFilterArgs.builder()\n .type(\"EVENT\")\n .pattern(\"PUSH\")\n .build(),\n WebhookFilterGroupFilterArgs.builder()\n .type(\"BASE_REF\")\n .pattern(\"master\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:Webhook\n properties:\n projectName: ${exampleAwsCodebuildProject.name}\n buildType: BUILD\n filterGroups:\n - filters:\n - type: EVENT\n pattern: PUSH\n - type: BASE_REF\n pattern: master\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### GitHub Enterprise\n\nWhen working with [GitHub Enterprise](https://enterprise.github.com/) source CodeBuild webhooks, the GHE repository webhook must be separately managed (e.g., manually or with the `github_repository_webhook` resource).\n\nMore information creating webhooks with GitHub Enterprise can be found in the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-github-enterprise.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:codebuild:Webhook\n properties:\n projectName: ${exampleAwsCodebuildProject.name}\n exampleRepositoryWebhook:\n type: github:RepositoryWebhook\n name: example\n properties:\n active: true\n events:\n - push\n name: example\n repository: ${exampleGithubRepository.name}\n configuration:\n url: ${example.payloadUrl}\n secret: ${example.secret}\n contentType: json\n insecureSsl: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Webhooks using the CodeBuild Project name. For example:\n\n```sh\n$ pulumi import aws:codebuild/webhook:Webhook example MyProjectName\n```\n", "properties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. We recommend using `filter_group` over `branch_filter`.\n" }, "buildType": { "type": "string", "description": "The type of build this webhook will trigger. Valid values for this parameter are: `BUILD`, `BUILD_BATCH`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "payloadUrl": { "type": "string", "description": "The CodeBuild endpoint where webhook events are sent.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n" }, "scopeConfiguration": { "$ref": "#/types/aws:codebuild/WebhookScopeConfiguration:WebhookScopeConfiguration", "description": "Scope configuration for global or organization webhooks. Scope configuration blocks are documented below.\n" }, "secret": { "type": "string", "description": "The secret token of the associated repository. Not returned by the CodeBuild API for all source types.\n", "secret": true }, "url": { "type": "string", "description": "The URL to the webhook.\n" } }, "required": [ "payloadUrl", "projectName", "secret", "url" ], "inputProperties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. We recommend using `filter_group` over `branch_filter`.\n" }, "buildType": { "type": "string", "description": "The type of build this webhook will trigger. Valid values for this parameter are: `BUILD`, `BUILD_BATCH`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n", "willReplaceOnChanges": true }, "scopeConfiguration": { "$ref": "#/types/aws:codebuild/WebhookScopeConfiguration:WebhookScopeConfiguration", "description": "Scope configuration for global or organization webhooks. Scope configuration blocks are documented below.\n" } }, "requiredInputs": [ "projectName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Webhook resources.\n", "properties": { "branchFilter": { "type": "string", "description": "A regular expression used to determine which branches get built. Default is all branches are built. We recommend using `filter_group` over `branch_filter`.\n" }, "buildType": { "type": "string", "description": "The type of build this webhook will trigger. Valid values for this parameter are: `BUILD`, `BUILD_BATCH`.\n" }, "filterGroups": { "type": "array", "items": { "$ref": "#/types/aws:codebuild/WebhookFilterGroup:WebhookFilterGroup" }, "description": "Information about the webhook's trigger. Filter group blocks are documented below.\n" }, "payloadUrl": { "type": "string", "description": "The CodeBuild endpoint where webhook events are sent.\n" }, "projectName": { "type": "string", "description": "The name of the build project.\n", "willReplaceOnChanges": true }, "scopeConfiguration": { "$ref": "#/types/aws:codebuild/WebhookScopeConfiguration:WebhookScopeConfiguration", "description": "Scope configuration for global or organization webhooks. Scope configuration blocks are documented below.\n" }, "secret": { "type": "string", "description": "The secret token of the associated repository. Not returned by the CodeBuild API for all source types.\n", "secret": true }, "url": { "type": "string", "description": "The URL to the webhook.\n" } }, "type": "object" } }, "aws:codecatalyst/devEnvironment:DevEnvironment": { "description": "Resource for managing an AWS CodeCatalyst Dev Environment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.codecatalyst.DevEnvironment(\"test\", {\n alias: \"devenv\",\n spaceName: \"myspace\",\n projectName: \"myproject\",\n instanceType: \"dev.standard1.small\",\n persistentStorage: {\n size: 16,\n },\n ides: {\n name: \"PyCharm\",\n runtime: \"public.ecr.aws/jetbrains/py\",\n },\n inactivityTimeoutMinutes: 40,\n repositories: [{\n repositoryName: \"pulumi-provider-aws\",\n branchName: \"main\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecatalyst.DevEnvironment(\"test\",\n alias=\"devenv\",\n space_name=\"myspace\",\n project_name=\"myproject\",\n instance_type=\"dev.standard1.small\",\n persistent_storage={\n \"size\": 16,\n },\n ides={\n \"name\": \"PyCharm\",\n \"runtime\": \"public.ecr.aws/jetbrains/py\",\n },\n inactivity_timeout_minutes=40,\n repositories=[{\n \"repository_name\": \"pulumi-provider-aws\",\n \"branch_name\": \"main\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CodeCatalyst.DevEnvironment(\"test\", new()\n {\n Alias = \"devenv\",\n SpaceName = \"myspace\",\n ProjectName = \"myproject\",\n InstanceType = \"dev.standard1.small\",\n PersistentStorage = new Aws.CodeCatalyst.Inputs.DevEnvironmentPersistentStorageArgs\n {\n Size = 16,\n },\n Ides = new Aws.CodeCatalyst.Inputs.DevEnvironmentIdesArgs\n {\n Name = \"PyCharm\",\n Runtime = \"public.ecr.aws/jetbrains/py\",\n },\n InactivityTimeoutMinutes = 40,\n Repositories = new[]\n {\n new Aws.CodeCatalyst.Inputs.DevEnvironmentRepositoryArgs\n {\n RepositoryName = \"pulumi-provider-aws\",\n BranchName = \"main\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecatalyst\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecatalyst.NewDevEnvironment(ctx, \"test\", \u0026codecatalyst.DevEnvironmentArgs{\n\t\t\tAlias: pulumi.String(\"devenv\"),\n\t\t\tSpaceName: pulumi.String(\"myspace\"),\n\t\t\tProjectName: pulumi.String(\"myproject\"),\n\t\t\tInstanceType: pulumi.String(\"dev.standard1.small\"),\n\t\t\tPersistentStorage: \u0026codecatalyst.DevEnvironmentPersistentStorageArgs{\n\t\t\t\tSize: pulumi.Int(16),\n\t\t\t},\n\t\t\tIdes: \u0026codecatalyst.DevEnvironmentIdesArgs{\n\t\t\t\tName: pulumi.String(\"PyCharm\"),\n\t\t\t\tRuntime: pulumi.String(\"public.ecr.aws/jetbrains/py\"),\n\t\t\t},\n\t\t\tInactivityTimeoutMinutes: pulumi.Int(40),\n\t\t\tRepositories: codecatalyst.DevEnvironmentRepositoryArray{\n\t\t\t\t\u0026codecatalyst.DevEnvironmentRepositoryArgs{\n\t\t\t\t\tRepositoryName: pulumi.String(\"pulumi-provider-aws\"),\n\t\t\t\t\tBranchName: pulumi.String(\"main\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecatalyst.DevEnvironment;\nimport com.pulumi.aws.codecatalyst.DevEnvironmentArgs;\nimport com.pulumi.aws.codecatalyst.inputs.DevEnvironmentPersistentStorageArgs;\nimport com.pulumi.aws.codecatalyst.inputs.DevEnvironmentIdesArgs;\nimport com.pulumi.aws.codecatalyst.inputs.DevEnvironmentRepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new DevEnvironment(\"test\", DevEnvironmentArgs.builder()\n .alias(\"devenv\")\n .spaceName(\"myspace\")\n .projectName(\"myproject\")\n .instanceType(\"dev.standard1.small\")\n .persistentStorage(DevEnvironmentPersistentStorageArgs.builder()\n .size(16)\n .build())\n .ides(DevEnvironmentIdesArgs.builder()\n .name(\"PyCharm\")\n .runtime(\"public.ecr.aws/jetbrains/py\")\n .build())\n .inactivityTimeoutMinutes(40)\n .repositories(DevEnvironmentRepositoryArgs.builder()\n .repositoryName(\"pulumi-provider-aws\")\n .branchName(\"main\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:codecatalyst:DevEnvironment\n properties:\n alias: devenv\n spaceName: myspace\n projectName: myproject\n instanceType: dev.standard1.small\n persistentStorage:\n size: 16\n ides:\n name: PyCharm\n runtime: public.ecr.aws/jetbrains/py\n inactivityTimeoutMinutes: 40\n repositories:\n - repositoryName: pulumi-provider-aws\n branchName: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "alias": { "type": "string" }, "ides": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentIdes:DevEnvironmentIdes", "description": "Information about the integrated development environment (IDE) configured for a Dev Environment.\n" }, "inactivityTimeoutMinutes": { "type": "integer", "description": "The amount of time the Dev Environment will run without any activity detected before stopping, in minutes. Only whole integers are allowed. Dev Environments consume compute minutes when running.\n" }, "instanceType": { "type": "string", "description": "The Amazon EC2 instace type to use for the Dev Environment. Valid values include dev.standard1.small,dev.standard1.medium,dev.standard1.large,dev.standard1.xlarge\n\nThe following arguments are optional:\n" }, "persistentStorage": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentPersistentStorage:DevEnvironmentPersistentStorage", "description": "Information about the amount of storage allocated to the Dev Environment.\n" }, "projectName": { "type": "string", "description": "The name of the project in the space.\n" }, "repositories": { "type": "array", "items": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentRepository:DevEnvironmentRepository" }, "description": "The source repository that contains the branch to clone into the Dev Environment.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "required": [ "ides", "instanceType", "persistentStorage", "projectName", "spaceName" ], "inputProperties": { "alias": { "type": "string" }, "ides": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentIdes:DevEnvironmentIdes", "description": "Information about the integrated development environment (IDE) configured for a Dev Environment.\n" }, "inactivityTimeoutMinutes": { "type": "integer", "description": "The amount of time the Dev Environment will run without any activity detected before stopping, in minutes. Only whole integers are allowed. Dev Environments consume compute minutes when running.\n" }, "instanceType": { "type": "string", "description": "The Amazon EC2 instace type to use for the Dev Environment. Valid values include dev.standard1.small,dev.standard1.medium,dev.standard1.large,dev.standard1.xlarge\n\nThe following arguments are optional:\n" }, "persistentStorage": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentPersistentStorage:DevEnvironmentPersistentStorage", "description": "Information about the amount of storage allocated to the Dev Environment.\n" }, "projectName": { "type": "string", "description": "The name of the project in the space.\n" }, "repositories": { "type": "array", "items": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentRepository:DevEnvironmentRepository" }, "description": "The source repository that contains the branch to clone into the Dev Environment.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "requiredInputs": [ "ides", "instanceType", "persistentStorage", "projectName", "spaceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DevEnvironment resources.\n", "properties": { "alias": { "type": "string" }, "ides": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentIdes:DevEnvironmentIdes", "description": "Information about the integrated development environment (IDE) configured for a Dev Environment.\n" }, "inactivityTimeoutMinutes": { "type": "integer", "description": "The amount of time the Dev Environment will run without any activity detected before stopping, in minutes. Only whole integers are allowed. Dev Environments consume compute minutes when running.\n" }, "instanceType": { "type": "string", "description": "The Amazon EC2 instace type to use for the Dev Environment. Valid values include dev.standard1.small,dev.standard1.medium,dev.standard1.large,dev.standard1.xlarge\n\nThe following arguments are optional:\n" }, "persistentStorage": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentPersistentStorage:DevEnvironmentPersistentStorage", "description": "Information about the amount of storage allocated to the Dev Environment.\n" }, "projectName": { "type": "string", "description": "The name of the project in the space.\n" }, "repositories": { "type": "array", "items": { "$ref": "#/types/aws:codecatalyst/DevEnvironmentRepository:DevEnvironmentRepository" }, "description": "The source repository that contains the branch to clone into the Dev Environment.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "type": "object" } }, "aws:codecatalyst/project:Project": { "description": "Resource for managing an AWS CodeCatalyst Project.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.codecatalyst.Project(\"test\", {\n spaceName: \"myproject\",\n displayName: \"MyProject\",\n description: \"My CodeCatalyst Project created using Pulumi\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecatalyst.Project(\"test\",\n space_name=\"myproject\",\n display_name=\"MyProject\",\n description=\"My CodeCatalyst Project created using Pulumi\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CodeCatalyst.Project(\"test\", new()\n {\n SpaceName = \"myproject\",\n DisplayName = \"MyProject\",\n Description = \"My CodeCatalyst Project created using Pulumi\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecatalyst\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecatalyst.NewProject(ctx, \"test\", \u0026codecatalyst.ProjectArgs{\n\t\t\tSpaceName: pulumi.String(\"myproject\"),\n\t\t\tDisplayName: pulumi.String(\"MyProject\"),\n\t\t\tDescription: pulumi.String(\"My CodeCatalyst Project created using Pulumi\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecatalyst.Project;\nimport com.pulumi.aws.codecatalyst.ProjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Project(\"test\", ProjectArgs.builder()\n .spaceName(\"myproject\")\n .displayName(\"MyProject\")\n .description(\"My CodeCatalyst Project created using Pulumi\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:codecatalyst:Project\n properties:\n spaceName: myproject\n displayName: MyProject\n description: My CodeCatalyst Project created using Pulumi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCatalyst Project using the `id`. For example:\n\n```sh\n$ pulumi import aws:codecatalyst/project:Project example project-id-12345678\n```\n", "properties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "displayName": { "type": "string", "description": "The friendly name of the project that will be displayed to users.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "The name of the project in the space.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "required": [ "displayName", "name", "spaceName" ], "inputProperties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "displayName": { "type": "string", "description": "The friendly name of the project that will be displayed to users.\n\nThe following arguments are optional:\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "requiredInputs": [ "displayName", "spaceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "displayName": { "type": "string", "description": "The friendly name of the project that will be displayed to users.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "The name of the project in the space.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" } }, "type": "object" } }, "aws:codecatalyst/sourceRepository:SourceRepository": { "description": "Resource for managing an AWS CodeCatalyst Source Repository.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codecatalyst.SourceRepository(\"example\", {\n name: \"example-repo\",\n projectName: \"example-project\",\n spaceName: \"example-space\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codecatalyst.SourceRepository(\"example\",\n name=\"example-repo\",\n project_name=\"example-project\",\n space_name=\"example-space\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeCatalyst.SourceRepository(\"example\", new()\n {\n Name = \"example-repo\",\n ProjectName = \"example-project\",\n SpaceName = \"example-space\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecatalyst\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecatalyst.NewSourceRepository(ctx, \"example\", \u0026codecatalyst.SourceRepositoryArgs{\n\t\t\tName: pulumi.String(\"example-repo\"),\n\t\t\tProjectName: pulumi.String(\"example-project\"),\n\t\t\tSpaceName: pulumi.String(\"example-space\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecatalyst.SourceRepository;\nimport com.pulumi.aws.codecatalyst.SourceRepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SourceRepository(\"example\", SourceRepositoryArgs.builder()\n .name(\"example-repo\")\n .projectName(\"example-project\")\n .spaceName(\"example-space\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codecatalyst:SourceRepository\n properties:\n name: example-repo\n projectName: example-project\n spaceName: example-space\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCatalyst Source Repository using the `id`. For example:\n\n```sh\n$ pulumi import aws:codecatalyst/sourceRepository:SourceRepository example example-repo\n```\n", "properties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "name": { "type": "string", "description": "The name of the source repository. For more information about name requirements, see [Quotas for source repositories](https://docs.aws.amazon.com/codecatalyst/latest/userguide/source-quotas.html).\n" }, "projectName": { "type": "string", "description": "The name of the project in the CodeCatalyst space.\n\nThe following arguments are optional:\n" }, "spaceName": { "type": "string", "description": "The name of the CodeCatalyst space.\n" } }, "required": [ "name", "projectName", "spaceName" ], "inputProperties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "name": { "type": "string", "description": "The name of the source repository. For more information about name requirements, see [Quotas for source repositories](https://docs.aws.amazon.com/codecatalyst/latest/userguide/source-quotas.html).\n" }, "projectName": { "type": "string", "description": "The name of the project in the CodeCatalyst space.\n\nThe following arguments are optional:\n" }, "spaceName": { "type": "string", "description": "The name of the CodeCatalyst space.\n" } }, "requiredInputs": [ "projectName", "spaceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SourceRepository resources.\n", "properties": { "description": { "type": "string", "description": "The description of the project. This description will be displayed to all users of the project. We recommend providing a brief description of the project and its intended purpose.\n" }, "name": { "type": "string", "description": "The name of the source repository. For more information about name requirements, see [Quotas for source repositories](https://docs.aws.amazon.com/codecatalyst/latest/userguide/source-quotas.html).\n" }, "projectName": { "type": "string", "description": "The name of the project in the CodeCatalyst space.\n\nThe following arguments are optional:\n" }, "spaceName": { "type": "string", "description": "The name of the CodeCatalyst space.\n" } }, "type": "object" } }, "aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate": { "description": "Provides a CodeCommit Approval Rule Template Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codecommit.ApprovalRuleTemplate(\"example\", {\n name: \"MyExampleApprovalRuleTemplate\",\n description: \"This is an example approval rule template\",\n content: JSON.stringify({\n Version: \"2018-11-08\",\n DestinationReferences: [\"refs/heads/master\"],\n Statements: [{\n Type: \"Approvers\",\n NumberOfApprovalsNeeded: 2,\n ApprovalPoolMembers: [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codecommit.ApprovalRuleTemplate(\"example\",\n name=\"MyExampleApprovalRuleTemplate\",\n description=\"This is an example approval rule template\",\n content=json.dumps({\n \"Version\": \"2018-11-08\",\n \"DestinationReferences\": [\"refs/heads/master\"],\n \"Statements\": [{\n \"Type\": \"Approvers\",\n \"NumberOfApprovalsNeeded\": 2,\n \"ApprovalPoolMembers\": [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeCommit.ApprovalRuleTemplate(\"example\", new()\n {\n Name = \"MyExampleApprovalRuleTemplate\",\n Description = \"This is an example approval rule template\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2018-11-08\",\n [\"DestinationReferences\"] = new[]\n {\n \"refs/heads/master\",\n },\n [\"Statements\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"Approvers\",\n [\"NumberOfApprovalsNeeded\"] = 2,\n [\"ApprovalPoolMembers\"] = new[]\n {\n \"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2018-11-08\",\n\t\t\t\"DestinationReferences\": []string{\n\t\t\t\t\"refs/heads/master\",\n\t\t\t},\n\t\t\t\"Statements\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Type\": \"Approvers\",\n\t\t\t\t\t\"NumberOfApprovalsNeeded\": 2,\n\t\t\t\t\t\"ApprovalPoolMembers\": []string{\n\t\t\t\t\t\t\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = codecommit.NewApprovalRuleTemplate(ctx, \"example\", \u0026codecommit.ApprovalRuleTemplateArgs{\n\t\t\tName: pulumi.String(\"MyExampleApprovalRuleTemplate\"),\n\t\t\tDescription: pulumi.String(\"This is an example approval rule template\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplate;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApprovalRuleTemplate(\"example\", ApprovalRuleTemplateArgs.builder()\n .name(\"MyExampleApprovalRuleTemplate\")\n .description(\"This is an example approval rule template\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2018-11-08\"),\n jsonProperty(\"DestinationReferences\", jsonArray(\"refs/heads/master\")),\n jsonProperty(\"Statements\", jsonArray(jsonObject(\n jsonProperty(\"Type\", \"Approvers\"),\n jsonProperty(\"NumberOfApprovalsNeeded\", 2),\n jsonProperty(\"ApprovalPoolMembers\", jsonArray(\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codecommit:ApprovalRuleTemplate\n properties:\n name: MyExampleApprovalRuleTemplate\n description: This is an example approval rule template\n content:\n fn::toJSON:\n Version: 2018-11-08\n DestinationReferences:\n - refs/heads/master\n Statements:\n - Type: Approvers\n NumberOfApprovalsNeeded: 2\n ApprovalPoolMembers:\n - arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCommit approval rule templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate imported ExistingApprovalRuleTemplateName\n```\n", "properties": { "approvalRuleTemplateId": { "type": "string", "description": "The ID of the approval rule template\n" }, "content": { "type": "string", "description": "The content of the approval rule template. Maximum of 3000 characters.\n" }, "creationDate": { "type": "string", "description": "The date the approval rule template was created, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "description": { "type": "string", "description": "The description of the approval rule template. Maximum of 1000 characters.\n" }, "lastModifiedDate": { "type": "string", "description": "The date the approval rule template was most recently changed, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "lastModifiedUser": { "type": "string", "description": "The Amazon Resource Name (ARN) of the user who made the most recent changes to the approval rule template.\n" }, "name": { "type": "string", "description": "The name for the approval rule template. Maximum of 100 characters.\n" }, "ruleContentSha256": { "type": "string", "description": "The SHA-256 hash signature for the content of the approval rule template.\n" } }, "required": [ "approvalRuleTemplateId", "content", "creationDate", "lastModifiedDate", "lastModifiedUser", "name", "ruleContentSha256" ], "inputProperties": { "content": { "type": "string", "description": "The content of the approval rule template. Maximum of 3000 characters.\n" }, "description": { "type": "string", "description": "The description of the approval rule template. Maximum of 1000 characters.\n" }, "name": { "type": "string", "description": "The name for the approval rule template. Maximum of 100 characters.\n" } }, "requiredInputs": [ "content" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApprovalRuleTemplate resources.\n", "properties": { "approvalRuleTemplateId": { "type": "string", "description": "The ID of the approval rule template\n" }, "content": { "type": "string", "description": "The content of the approval rule template. Maximum of 3000 characters.\n" }, "creationDate": { "type": "string", "description": "The date the approval rule template was created, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "description": { "type": "string", "description": "The description of the approval rule template. Maximum of 1000 characters.\n" }, "lastModifiedDate": { "type": "string", "description": "The date the approval rule template was most recently changed, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "lastModifiedUser": { "type": "string", "description": "The Amazon Resource Name (ARN) of the user who made the most recent changes to the approval rule template.\n" }, "name": { "type": "string", "description": "The name for the approval rule template. Maximum of 100 characters.\n" }, "ruleContentSha256": { "type": "string", "description": "The SHA-256 hash signature for the content of the approval rule template.\n" } }, "type": "object" } }, "aws:codecommit/approvalRuleTemplateAssociation:ApprovalRuleTemplateAssociation": { "description": "Associates a CodeCommit Approval Rule Template with a Repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codecommit.ApprovalRuleTemplateAssociation(\"example\", {\n approvalRuleTemplateName: exampleAwsCodecommitApprovalRuleTemplate.name,\n repositoryName: exampleAwsCodecommitRepository.repositoryName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codecommit.ApprovalRuleTemplateAssociation(\"example\",\n approval_rule_template_name=example_aws_codecommit_approval_rule_template[\"name\"],\n repository_name=example_aws_codecommit_repository[\"repositoryName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeCommit.ApprovalRuleTemplateAssociation(\"example\", new()\n {\n ApprovalRuleTemplateName = exampleAwsCodecommitApprovalRuleTemplate.Name,\n RepositoryName = exampleAwsCodecommitRepository.RepositoryName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecommit.NewApprovalRuleTemplateAssociation(ctx, \"example\", \u0026codecommit.ApprovalRuleTemplateAssociationArgs{\n\t\t\tApprovalRuleTemplateName: pulumi.Any(exampleAwsCodecommitApprovalRuleTemplate.Name),\n\t\t\tRepositoryName: pulumi.Any(exampleAwsCodecommitRepository.RepositoryName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplateAssociation;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplateAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApprovalRuleTemplateAssociation(\"example\", ApprovalRuleTemplateAssociationArgs.builder()\n .approvalRuleTemplateName(exampleAwsCodecommitApprovalRuleTemplate.name())\n .repositoryName(exampleAwsCodecommitRepository.repositoryName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codecommit:ApprovalRuleTemplateAssociation\n properties:\n approvalRuleTemplateName: ${exampleAwsCodecommitApprovalRuleTemplate.name}\n repositoryName: ${exampleAwsCodecommitRepository.repositoryName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCommit approval rule template associations using the `approval_rule_template_name` and `repository_name` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:codecommit/approvalRuleTemplateAssociation:ApprovalRuleTemplateAssociation example approver-rule-for-example,MyExampleRepo\n```\n", "properties": { "approvalRuleTemplateName": { "type": "string", "description": "The name for the approval rule template.\n" }, "repositoryName": { "type": "string", "description": "The name of the repository that you want to associate with the template.\n" } }, "required": [ "approvalRuleTemplateName", "repositoryName" ], "inputProperties": { "approvalRuleTemplateName": { "type": "string", "description": "The name for the approval rule template.\n", "willReplaceOnChanges": true }, "repositoryName": { "type": "string", "description": "The name of the repository that you want to associate with the template.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "approvalRuleTemplateName", "repositoryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApprovalRuleTemplateAssociation resources.\n", "properties": { "approvalRuleTemplateName": { "type": "string", "description": "The name for the approval rule template.\n", "willReplaceOnChanges": true }, "repositoryName": { "type": "string", "description": "The name of the repository that you want to associate with the template.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codecommit/repository:Repository": { "description": "Provides a CodeCommit Repository Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.codecommit.Repository(\"test\", {\n repositoryName: \"MyTestRepository\",\n description: \"This is the Sample App Repository\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecommit.Repository(\"test\",\n repository_name=\"MyTestRepository\",\n description=\"This is the Sample App Repository\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CodeCommit.Repository(\"test\", new()\n {\n RepositoryName = \"MyTestRepository\",\n Description = \"This is the Sample App Repository\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecommit.NewRepository(ctx, \"test\", \u0026codecommit.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"MyTestRepository\"),\n\t\t\tDescription: pulumi.String(\"This is the Sample App Repository\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.Repository;\nimport com.pulumi.aws.codecommit.RepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repositoryName(\"MyTestRepository\")\n .description(\"This is the Sample App Repository\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:codecommit:Repository\n properties:\n repositoryName: MyTestRepository\n description: This is the Sample App Repository\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS KMS Customer Managed Keys (CMK)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testKey = new aws.kms.Key(\"test\", {\n description: \"test\",\n deletionWindowInDays: 7,\n});\nconst test = new aws.codecommit.Repository(\"test\", {\n repositoryName: \"MyTestRepository\",\n description: \"This is the Sample App Repository\",\n kmsKeyId: testKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_key = aws.kms.Key(\"test\",\n description=\"test\",\n deletion_window_in_days=7)\ntest = aws.codecommit.Repository(\"test\",\n repository_name=\"MyTestRepository\",\n description=\"This is the Sample App Repository\",\n kms_key_id=test_key.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testKey = new Aws.Kms.Key(\"test\", new()\n {\n Description = \"test\",\n DeletionWindowInDays = 7,\n });\n\n var test = new Aws.CodeCommit.Repository(\"test\", new()\n {\n RepositoryName = \"MyTestRepository\",\n Description = \"This is the Sample App Repository\",\n KmsKeyId = testKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestKey, err := kms.NewKey(ctx, \"test\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"test\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codecommit.NewRepository(ctx, \"test\", \u0026codecommit.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"MyTestRepository\"),\n\t\t\tDescription: pulumi.String(\"This is the Sample App Repository\"),\n\t\t\tKmsKeyId: testKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.codecommit.Repository;\nimport com.pulumi.aws.codecommit.RepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testKey = new Key(\"testKey\", KeyArgs.builder()\n .description(\"test\")\n .deletionWindowInDays(7)\n .build());\n\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repositoryName(\"MyTestRepository\")\n .description(\"This is the Sample App Repository\")\n .kmsKeyId(testKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:codecommit:Repository\n properties:\n repositoryName: MyTestRepository\n description: This is the Sample App Repository\n kmsKeyId: ${testKey.arn}\n testKey:\n type: aws:kms:Key\n name: test\n properties:\n description: test\n deletionWindowInDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCommit repository using repository name. For example:\n\n```sh\n$ pulumi import aws:codecommit/repository:Repository imported ExistingRepo\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the repository\n" }, "cloneUrlHttp": { "type": "string", "description": "The URL to use for cloning the repository over HTTPS.\n" }, "cloneUrlSsh": { "type": "string", "description": "The URL to use for cloning the repository over SSH.\n" }, "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the encryption key. If no key is specified, the default `aws/codecommit` Amazon Web Services managed key is used.\n" }, "repositoryId": { "type": "string", "description": "The ID of the repository\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "cloneUrlHttp", "cloneUrlSsh", "kmsKeyId", "repositoryId", "repositoryName", "tagsAll" ], "inputProperties": { "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the encryption key. If no key is specified, the default `aws/codecommit` Amazon Web Services managed key is used.\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "repositoryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the repository\n" }, "cloneUrlHttp": { "type": "string", "description": "The URL to use for cloning the repository over HTTPS.\n" }, "cloneUrlSsh": { "type": "string", "description": "The URL to use for cloning the repository over SSH.\n" }, "defaultBranch": { "type": "string", "description": "The default branch of the repository. The branch specified here needs to exist.\n" }, "description": { "type": "string", "description": "The description of the repository. This needs to be less than 1000 characters\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the encryption key. If no key is specified, the default `aws/codecommit` Amazon Web Services managed key is used.\n" }, "repositoryId": { "type": "string", "description": "The ID of the repository\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codecommit/trigger:Trigger": { "description": "Provides a CodeCommit Trigger Resource.\n\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.codecommit.Repository(\"test\", {repositoryName: \"test\"});\nconst testTrigger = new aws.codecommit.Trigger(\"test\", {\n repositoryName: test.repositoryName,\n triggers: [{\n name: \"all\",\n events: [\"all\"],\n destinationArn: testAwsSnsTopic.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecommit.Repository(\"test\", repository_name=\"test\")\ntest_trigger = aws.codecommit.Trigger(\"test\",\n repository_name=test.repository_name,\n triggers=[{\n \"name\": \"all\",\n \"events\": [\"all\"],\n \"destination_arn\": test_aws_sns_topic[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CodeCommit.Repository(\"test\", new()\n {\n RepositoryName = \"test\",\n });\n\n var testTrigger = new Aws.CodeCommit.Trigger(\"test\", new()\n {\n RepositoryName = test.RepositoryName,\n Triggers = new[]\n {\n new Aws.CodeCommit.Inputs.TriggerTriggerArgs\n {\n Name = \"all\",\n Events = new[]\n {\n \"all\",\n },\n DestinationArn = testAwsSnsTopic.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := codecommit.NewRepository(ctx, \"test\", \u0026codecommit.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codecommit.NewTrigger(ctx, \"test\", \u0026codecommit.TriggerArgs{\n\t\t\tRepositoryName: test.RepositoryName,\n\t\t\tTriggers: codecommit.TriggerTriggerArray{\n\t\t\t\t\u0026codecommit.TriggerTriggerArgs{\n\t\t\t\t\tName: pulumi.String(\"all\"),\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t\tDestinationArn: pulumi.Any(testAwsSnsTopic.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.Repository;\nimport com.pulumi.aws.codecommit.RepositoryArgs;\nimport com.pulumi.aws.codecommit.Trigger;\nimport com.pulumi.aws.codecommit.TriggerArgs;\nimport com.pulumi.aws.codecommit.inputs.TriggerTriggerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Repository(\"test\", RepositoryArgs.builder()\n .repositoryName(\"test\")\n .build());\n\n var testTrigger = new Trigger(\"testTrigger\", TriggerArgs.builder()\n .repositoryName(test.repositoryName())\n .triggers(TriggerTriggerArgs.builder()\n .name(\"all\")\n .events(\"all\")\n .destinationArn(testAwsSnsTopic.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:codecommit:Repository\n properties:\n repositoryName: test\n testTrigger:\n type: aws:codecommit:Trigger\n name: test\n properties:\n repositoryName: ${test.repositoryName}\n triggers:\n - name: all\n events:\n - all\n destinationArn: ${testAwsSnsTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "configurationId": { "type": "string", "description": "System-generated unique identifier.\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n" }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" }, "description": "The name of the trigger.\n" } }, "required": [ "configurationId", "repositoryName", "triggers" ], "inputProperties": { "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n", "willReplaceOnChanges": true }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" }, "description": "The name of the trigger.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "repositoryName", "triggers" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trigger resources.\n", "properties": { "configurationId": { "type": "string", "description": "System-generated unique identifier.\n" }, "repositoryName": { "type": "string", "description": "The name for the repository. This needs to be less than 100 characters.\n", "willReplaceOnChanges": true }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codecommit/TriggerTrigger:TriggerTrigger" }, "description": "The name of the trigger.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codedeploy/application:Application": { "description": "Provides a CodeDeploy application to be used as a basis for deployments\n\n## Example Usage\n\n### ECS Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"ECS\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\",\n compute_platform=\"ECS\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeDeploy.Application(\"example\", new()\n {\n ComputePlatform = \"ECS\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"ECS\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .computePlatform(\"ECS\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codedeploy:Application\n properties:\n computePlatform: ECS\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"Lambda\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\",\n compute_platform=\"Lambda\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeDeploy.Application(\"example\", new()\n {\n ComputePlatform = \"Lambda\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"Lambda\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .computePlatform(\"Lambda\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codedeploy:Application\n properties:\n computePlatform: Lambda\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"Server\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\",\n compute_platform=\"Server\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeDeploy.Application(\"example\", new()\n {\n ComputePlatform = \"Server\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"Server\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .computePlatform(\"Server\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codedeploy:Application\n properties:\n computePlatform: Server\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeDeploy Applications using the `name`. For example:\n\n```sh\n$ pulumi import aws:codedeploy/application:Application example my-application\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "arn": { "type": "string", "description": "The ARN of the CodeDeploy application.\n" }, "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n" }, "githubAccountName": { "type": "string", "description": "The name for a connection to a GitHub account.\n" }, "linkedToGithub": { "type": "boolean", "description": "Whether the user has authenticated with GitHub for the specified application.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationId", "arn", "githubAccountName", "linkedToGithub", "name", "tagsAll" ], "inputProperties": { "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "arn": { "type": "string", "description": "The ARN of the CodeDeploy application.\n" }, "computePlatform": { "type": "string", "description": "The compute platform can either be `ECS`, `Lambda`, or `Server`. Default is `Server`.\n", "willReplaceOnChanges": true }, "githubAccountName": { "type": "string", "description": "The name for a connection to a GitHub account.\n" }, "linkedToGithub": { "type": "boolean", "description": "Whether the user has authenticated with GitHub for the specified application.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codedeploy/deploymentConfig:DeploymentConfig": { "description": "Provides a CodeDeploy deployment config for an application\n\n## Example Usage\n\n### Server Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.codedeploy.DeploymentConfig(\"foo\", {\n deploymentConfigName: \"test-deployment-config\",\n minimumHealthyHosts: {\n type: \"HOST_COUNT\",\n value: 2,\n },\n});\nconst fooDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"foo\", {\n appName: fooApp.name,\n deploymentGroupName: \"bar\",\n serviceRoleArn: fooRole.arn,\n deploymentConfigName: foo.id,\n ec2TagFilters: [{\n key: \"filterkey\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n }],\n triggerConfigurations: [{\n triggerEvents: [\"DeploymentFailure\"],\n triggerName: \"foo-trigger\",\n triggerTargetArn: \"foo-topic-arn\",\n }],\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.codedeploy.DeploymentConfig(\"foo\",\n deployment_config_name=\"test-deployment-config\",\n minimum_healthy_hosts={\n \"type\": \"HOST_COUNT\",\n \"value\": 2,\n })\nfoo_deployment_group = aws.codedeploy.DeploymentGroup(\"foo\",\n app_name=foo_app[\"name\"],\n deployment_group_name=\"bar\",\n service_role_arn=foo_role[\"arn\"],\n deployment_config_name=foo.id,\n ec2_tag_filters=[{\n \"key\": \"filterkey\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n }],\n trigger_configurations=[{\n \"trigger_events\": [\"DeploymentFailure\"],\n \"trigger_name\": \"foo-trigger\",\n \"trigger_target_arn\": \"foo-topic-arn\",\n }],\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.CodeDeploy.DeploymentConfig(\"foo\", new()\n {\n DeploymentConfigName = \"test-deployment-config\",\n MinimumHealthyHosts = new Aws.CodeDeploy.Inputs.DeploymentConfigMinimumHealthyHostsArgs\n {\n Type = \"HOST_COUNT\",\n Value = 2,\n },\n });\n\n var fooDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"foo\", new()\n {\n AppName = fooApp.Name,\n DeploymentGroupName = \"bar\",\n ServiceRoleArn = fooRole.Arn,\n DeploymentConfigName = foo.Id,\n Ec2TagFilters = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagFilterArgs\n {\n Key = \"filterkey\",\n Type = \"KEY_AND_VALUE\",\n Value = \"filtervalue\",\n },\n },\n TriggerConfigurations = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupTriggerConfigurationArgs\n {\n TriggerEvents = new[]\n {\n \"DeploymentFailure\",\n },\n TriggerName = \"foo-trigger\",\n TriggerTargetArn = \"foo-topic-arn\",\n },\n },\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = new[]\n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = new[]\n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := codedeploy.NewDeploymentConfig(ctx, \"foo\", \u0026codedeploy.DeploymentConfigArgs{\n\t\t\tDeploymentConfigName: pulumi.String(\"test-deployment-config\"),\n\t\t\tMinimumHealthyHosts: \u0026codedeploy.DeploymentConfigMinimumHealthyHostsArgs{\n\t\t\t\tType: pulumi.String(\"HOST_COUNT\"),\n\t\t\t\tValue: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"foo\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: pulumi.Any(fooApp.Name),\n\t\t\tDeploymentGroupName: pulumi.String(\"bar\"),\n\t\t\tServiceRoleArn: pulumi.Any(fooRole.Arn),\n\t\t\tDeploymentConfigName: foo.ID(),\n\t\t\tEc2TagFilters: codedeploy.DeploymentGroupEc2TagFilterArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"filterkey\"),\n\t\t\t\t\tType: pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\tValue: pulumi.String(\"filtervalue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTriggerConfigurations: codedeploy.DeploymentGroupTriggerConfigurationArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupTriggerConfigurationArgs{\n\t\t\t\t\tTriggerEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"DeploymentFailure\"),\n\t\t\t\t\t},\n\t\t\t\t\tTriggerName: pulumi.String(\"foo-trigger\"),\n\t\t\t\t\tTriggerTargetArn: pulumi.String(\"foo-topic-arn\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_FAILURE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.DeploymentConfig;\nimport com.pulumi.aws.codedeploy.DeploymentConfigArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentConfigMinimumHealthyHostsArgs;\nimport com.pulumi.aws.codedeploy.DeploymentGroup;\nimport com.pulumi.aws.codedeploy.DeploymentGroupArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupEc2TagFilterArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupTriggerConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAutoRollbackConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAlarmConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new DeploymentConfig(\"foo\", DeploymentConfigArgs.builder()\n .deploymentConfigName(\"test-deployment-config\")\n .minimumHealthyHosts(DeploymentConfigMinimumHealthyHostsArgs.builder()\n .type(\"HOST_COUNT\")\n .value(2)\n .build())\n .build());\n\n var fooDeploymentGroup = new DeploymentGroup(\"fooDeploymentGroup\", DeploymentGroupArgs.builder()\n .appName(fooApp.name())\n .deploymentGroupName(\"bar\")\n .serviceRoleArn(fooRole.arn())\n .deploymentConfigName(foo.id())\n .ec2TagFilters(DeploymentGroupEc2TagFilterArgs.builder()\n .key(\"filterkey\")\n .type(\"KEY_AND_VALUE\")\n .value(\"filtervalue\")\n .build())\n .triggerConfigurations(DeploymentGroupTriggerConfigurationArgs.builder()\n .triggerEvents(\"DeploymentFailure\")\n .triggerName(\"foo-trigger\")\n .triggerTargetArn(\"foo-topic-arn\")\n .build())\n .autoRollbackConfiguration(DeploymentGroupAutoRollbackConfigurationArgs.builder()\n .enabled(true)\n .events(\"DEPLOYMENT_FAILURE\")\n .build())\n .alarmConfiguration(DeploymentGroupAlarmConfigurationArgs.builder()\n .alarms(\"my-alarm-name\")\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:codedeploy:DeploymentConfig\n properties:\n deploymentConfigName: test-deployment-config\n minimumHealthyHosts:\n type: HOST_COUNT\n value: 2\n fooDeploymentGroup:\n type: aws:codedeploy:DeploymentGroup\n name: foo\n properties:\n appName: ${fooApp.name}\n deploymentGroupName: bar\n serviceRoleArn: ${fooRole.arn}\n deploymentConfigName: ${foo.id}\n ec2TagFilters:\n - key: filterkey\n type: KEY_AND_VALUE\n value: filtervalue\n triggerConfigurations:\n - triggerEvents:\n - DeploymentFailure\n triggerName: foo-trigger\n triggerTargetArn: foo-topic-arn\n autoRollbackConfiguration:\n enabled: true\n events:\n - DEPLOYMENT_FAILURE\n alarmConfiguration:\n alarms:\n - my-alarm-name\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.codedeploy.DeploymentConfig(\"foo\", {\n deploymentConfigName: \"test-deployment-config\",\n computePlatform: \"Lambda\",\n trafficRoutingConfig: {\n type: \"TimeBasedLinear\",\n timeBasedLinear: {\n interval: 10,\n percentage: 10,\n },\n },\n});\nconst fooDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"foo\", {\n appName: fooApp.name,\n deploymentGroupName: \"bar\",\n serviceRoleArn: fooRole.arn,\n deploymentConfigName: foo.id,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_STOP_ON_ALARM\"],\n },\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.codedeploy.DeploymentConfig(\"foo\",\n deployment_config_name=\"test-deployment-config\",\n compute_platform=\"Lambda\",\n traffic_routing_config={\n \"type\": \"TimeBasedLinear\",\n \"time_based_linear\": {\n \"interval\": 10,\n \"percentage\": 10,\n },\n })\nfoo_deployment_group = aws.codedeploy.DeploymentGroup(\"foo\",\n app_name=foo_app[\"name\"],\n deployment_group_name=\"bar\",\n service_role_arn=foo_role[\"arn\"],\n deployment_config_name=foo.id,\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_STOP_ON_ALARM\"],\n },\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.CodeDeploy.DeploymentConfig(\"foo\", new()\n {\n DeploymentConfigName = \"test-deployment-config\",\n ComputePlatform = \"Lambda\",\n TrafficRoutingConfig = new Aws.CodeDeploy.Inputs.DeploymentConfigTrafficRoutingConfigArgs\n {\n Type = \"TimeBasedLinear\",\n TimeBasedLinear = new Aws.CodeDeploy.Inputs.DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs\n {\n Interval = 10,\n Percentage = 10,\n },\n },\n });\n\n var fooDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"foo\", new()\n {\n AppName = fooApp.Name,\n DeploymentGroupName = \"bar\",\n ServiceRoleArn = fooRole.Arn,\n DeploymentConfigName = foo.Id,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = new[]\n {\n \"DEPLOYMENT_STOP_ON_ALARM\",\n },\n },\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = new[]\n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := codedeploy.NewDeploymentConfig(ctx, \"foo\", \u0026codedeploy.DeploymentConfigArgs{\n\t\t\tDeploymentConfigName: pulumi.String(\"test-deployment-config\"),\n\t\t\tComputePlatform: pulumi.String(\"Lambda\"),\n\t\t\tTrafficRoutingConfig: \u0026codedeploy.DeploymentConfigTrafficRoutingConfigArgs{\n\t\t\t\tType: pulumi.String(\"TimeBasedLinear\"),\n\t\t\t\tTimeBasedLinear: \u0026codedeploy.DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs{\n\t\t\t\t\tInterval: pulumi.Int(10),\n\t\t\t\t\tPercentage: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"foo\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: pulumi.Any(fooApp.Name),\n\t\t\tDeploymentGroupName: pulumi.String(\"bar\"),\n\t\t\tServiceRoleArn: pulumi.Any(fooRole.Arn),\n\t\t\tDeploymentConfigName: foo.ID(),\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_STOP_ON_ALARM\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.DeploymentConfig;\nimport com.pulumi.aws.codedeploy.DeploymentConfigArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentConfigTrafficRoutingConfigArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs;\nimport com.pulumi.aws.codedeploy.DeploymentGroup;\nimport com.pulumi.aws.codedeploy.DeploymentGroupArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAutoRollbackConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAlarmConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new DeploymentConfig(\"foo\", DeploymentConfigArgs.builder()\n .deploymentConfigName(\"test-deployment-config\")\n .computePlatform(\"Lambda\")\n .trafficRoutingConfig(DeploymentConfigTrafficRoutingConfigArgs.builder()\n .type(\"TimeBasedLinear\")\n .timeBasedLinear(DeploymentConfigTrafficRoutingConfigTimeBasedLinearArgs.builder()\n .interval(10)\n .percentage(10)\n .build())\n .build())\n .build());\n\n var fooDeploymentGroup = new DeploymentGroup(\"fooDeploymentGroup\", DeploymentGroupArgs.builder()\n .appName(fooApp.name())\n .deploymentGroupName(\"bar\")\n .serviceRoleArn(fooRole.arn())\n .deploymentConfigName(foo.id())\n .autoRollbackConfiguration(DeploymentGroupAutoRollbackConfigurationArgs.builder()\n .enabled(true)\n .events(\"DEPLOYMENT_STOP_ON_ALARM\")\n .build())\n .alarmConfiguration(DeploymentGroupAlarmConfigurationArgs.builder()\n .alarms(\"my-alarm-name\")\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:codedeploy:DeploymentConfig\n properties:\n deploymentConfigName: test-deployment-config\n computePlatform: Lambda\n trafficRoutingConfig:\n type: TimeBasedLinear\n timeBasedLinear:\n interval: 10\n percentage: 10\n fooDeploymentGroup:\n type: aws:codedeploy:DeploymentGroup\n name: foo\n properties:\n appName: ${fooApp.name}\n deploymentGroupName: bar\n serviceRoleArn: ${fooRole.arn}\n deploymentConfigName: ${foo.id}\n autoRollbackConfiguration:\n enabled: true\n events:\n - DEPLOYMENT_STOP_ON_ALARM\n alarmConfiguration:\n alarms:\n - my-alarm-name\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeDeploy Deployment Configurations using the `deployment_config_name`. For example:\n\n```sh\n$ pulumi import aws:codedeploy/deploymentConfig:DeploymentConfig example my-deployment-config\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the deployment config.\n" }, "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n" }, "deploymentConfigId": { "type": "string", "description": "The AWS Assigned deployment config id\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n" }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n" }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n" } }, "required": [ "arn", "deploymentConfigId", "deploymentConfigName" ], "inputProperties": { "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n", "willReplaceOnChanges": true }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n", "willReplaceOnChanges": true }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n", "willReplaceOnChanges": true }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering DeploymentConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the deployment config.\n" }, "computePlatform": { "type": "string", "description": "The compute platform can be `Server`, `Lambda`, or `ECS`. Default is `Server`.\n", "willReplaceOnChanges": true }, "deploymentConfigId": { "type": "string", "description": "The AWS Assigned deployment config id\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the deployment config.\n", "willReplaceOnChanges": true }, "minimumHealthyHosts": { "$ref": "#/types/aws:codedeploy/DeploymentConfigMinimumHealthyHosts:DeploymentConfigMinimumHealthyHosts", "description": "A minimum_healthy_hosts block. Required for `Server` compute platform. Minimum Healthy Hosts are documented below.\n", "willReplaceOnChanges": true }, "trafficRoutingConfig": { "$ref": "#/types/aws:codedeploy/DeploymentConfigTrafficRoutingConfig:DeploymentConfigTrafficRoutingConfig", "description": "A traffic_routing_config block. Traffic Routing Config is documented below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codedeploy/deploymentGroup:DeploymentGroup": { "description": "Provides a CodeDeploy Deployment Group for a CodeDeploy Application\n\n\u003e **NOTE on blue/green deployments:** When using `green_fleet_provisioning_option` with the `COPY_AUTO_SCALING_GROUP` action, CodeDeploy will create a new ASG with a different name. This ASG is _not_ managed by this provider and will conflict with existing configuration and state. You may want to use a different approach to managing deployments that involve multiple ASG, such as `DISCOVER_EXISTING` with separate blue and green ASG.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"codedeploy.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst aWSCodeDeployRole = new aws.iam.RolePolicyAttachment(\"AWSCodeDeployRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n role: example.name,\n});\nconst exampleApplication = new aws.codedeploy.Application(\"example\", {name: \"example-app\"});\nconst exampleTopic = new aws.sns.Topic(\"example\", {name: \"example-topic\"});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n appName: exampleApplication.name,\n deploymentGroupName: \"example-group\",\n serviceRoleArn: example.arn,\n ec2TagSets: [{\n ec2TagFilters: [\n {\n key: \"filterkey1\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n },\n {\n key: \"filterkey2\",\n type: \"KEY_AND_VALUE\",\n value: \"filtervalue\",\n },\n ],\n }],\n triggerConfigurations: [{\n triggerEvents: [\"DeploymentFailure\"],\n triggerName: \"example-trigger\",\n triggerTargetArn: exampleTopic.arn,\n }],\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n alarmConfiguration: {\n alarms: [\"my-alarm-name\"],\n enabled: true,\n },\n outdatedInstancesStrategy: \"UPDATE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"codedeploy.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample = aws.iam.Role(\"example\",\n name=\"example-role\",\n assume_role_policy=assume_role.json)\na_ws_code_deploy_role = aws.iam.RolePolicyAttachment(\"AWSCodeDeployRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n role=example.name)\nexample_application = aws.codedeploy.Application(\"example\", name=\"example-app\")\nexample_topic = aws.sns.Topic(\"example\", name=\"example-topic\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"example\",\n app_name=example_application.name,\n deployment_group_name=\"example-group\",\n service_role_arn=example.arn,\n ec2_tag_sets=[{\n \"ec2_tag_filters\": [\n {\n \"key\": \"filterkey1\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n },\n {\n \"key\": \"filterkey2\",\n \"type\": \"KEY_AND_VALUE\",\n \"value\": \"filtervalue\",\n },\n ],\n }],\n trigger_configurations=[{\n \"trigger_events\": [\"DeploymentFailure\"],\n \"trigger_name\": \"example-trigger\",\n \"trigger_target_arn\": example_topic.arn,\n }],\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n alarm_configuration={\n \"alarms\": [\"my-alarm-name\"],\n \"enabled\": True,\n },\n outdated_instances_strategy=\"UPDATE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"codedeploy.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var aWSCodeDeployRole = new Aws.Iam.RolePolicyAttachment(\"AWSCodeDeployRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\",\n Role = example.Name,\n });\n\n var exampleApplication = new Aws.CodeDeploy.Application(\"example\", new()\n {\n Name = \"example-app\",\n });\n\n var exampleTopic = new Aws.Sns.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"example\", new()\n {\n AppName = exampleApplication.Name,\n DeploymentGroupName = \"example-group\",\n ServiceRoleArn = example.Arn,\n Ec2TagSets = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagSetArgs\n {\n Ec2TagFilters = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagSetEc2TagFilterArgs\n {\n Key = \"filterkey1\",\n Type = \"KEY_AND_VALUE\",\n Value = \"filtervalue\",\n },\n new Aws.CodeDeploy.Inputs.DeploymentGroupEc2TagSetEc2TagFilterArgs\n {\n Key = \"filterkey2\",\n Type = \"KEY_AND_VALUE\",\n Value = \"filtervalue\",\n },\n },\n },\n },\n TriggerConfigurations = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupTriggerConfigurationArgs\n {\n TriggerEvents = new[]\n {\n \"DeploymentFailure\",\n },\n TriggerName = \"example-trigger\",\n TriggerTargetArn = exampleTopic.Arn,\n },\n },\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = new[]\n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n AlarmConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAlarmConfigurationArgs\n {\n Alarms = new[]\n {\n \"my-alarm-name\",\n },\n Enabled = true,\n },\n OutdatedInstancesStrategy = \"UPDATE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"codedeploy.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"AWSCodeDeployRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := sns.NewTopic(ctx, \"example\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"example\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: exampleApplication.Name,\n\t\t\tDeploymentGroupName: pulumi.String(\"example-group\"),\n\t\t\tServiceRoleArn: example.Arn,\n\t\t\tEc2TagSets: codedeploy.DeploymentGroupEc2TagSetArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagSetArgs{\n\t\t\t\t\tEc2TagFilters: codedeploy.DeploymentGroupEc2TagSetEc2TagFilterArray{\n\t\t\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagSetEc2TagFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"filterkey1\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"filtervalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026codedeploy.DeploymentGroupEc2TagSetEc2TagFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"filterkey2\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"KEY_AND_VALUE\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"filtervalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTriggerConfigurations: codedeploy.DeploymentGroupTriggerConfigurationArray{\n\t\t\t\t\u0026codedeploy.DeploymentGroupTriggerConfigurationArgs{\n\t\t\t\t\tTriggerEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"DeploymentFailure\"),\n\t\t\t\t\t},\n\t\t\t\t\tTriggerName: pulumi.String(\"example-trigger\"),\n\t\t\t\t\tTriggerTargetArn: exampleTopic.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_FAILURE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAlarmConfiguration: \u0026codedeploy.DeploymentGroupAlarmConfigurationArgs{\n\t\t\t\tAlarms: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my-alarm-name\"),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tOutdatedInstancesStrategy: pulumi.String(\"UPDATE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.codedeploy.DeploymentGroup;\nimport com.pulumi.aws.codedeploy.DeploymentGroupArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupEc2TagSetArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupTriggerConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAutoRollbackConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAlarmConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"codedeploy.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"example-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var aWSCodeDeployRole = new RolePolicyAttachment(\"aWSCodeDeployRole\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\")\n .role(example.name())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example-app\")\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleDeploymentGroup = new DeploymentGroup(\"exampleDeploymentGroup\", DeploymentGroupArgs.builder()\n .appName(exampleApplication.name())\n .deploymentGroupName(\"example-group\")\n .serviceRoleArn(example.arn())\n .ec2TagSets(DeploymentGroupEc2TagSetArgs.builder()\n .ec2TagFilters( \n DeploymentGroupEc2TagSetEc2TagFilterArgs.builder()\n .key(\"filterkey1\")\n .type(\"KEY_AND_VALUE\")\n .value(\"filtervalue\")\n .build(),\n DeploymentGroupEc2TagSetEc2TagFilterArgs.builder()\n .key(\"filterkey2\")\n .type(\"KEY_AND_VALUE\")\n .value(\"filtervalue\")\n .build())\n .build())\n .triggerConfigurations(DeploymentGroupTriggerConfigurationArgs.builder()\n .triggerEvents(\"DeploymentFailure\")\n .triggerName(\"example-trigger\")\n .triggerTargetArn(exampleTopic.arn())\n .build())\n .autoRollbackConfiguration(DeploymentGroupAutoRollbackConfigurationArgs.builder()\n .enabled(true)\n .events(\"DEPLOYMENT_FAILURE\")\n .build())\n .alarmConfiguration(DeploymentGroupAlarmConfigurationArgs.builder()\n .alarms(\"my-alarm-name\")\n .enabled(true)\n .build())\n .outdatedInstancesStrategy(\"UPDATE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: example-role\n assumeRolePolicy: ${assumeRole.json}\n aWSCodeDeployRole:\n type: aws:iam:RolePolicyAttachment\n name: AWSCodeDeployRole\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole\n role: ${example.name}\n exampleApplication:\n type: aws:codedeploy:Application\n name: example\n properties:\n name: example-app\n exampleTopic:\n type: aws:sns:Topic\n name: example\n properties:\n name: example-topic\n exampleDeploymentGroup:\n type: aws:codedeploy:DeploymentGroup\n name: example\n properties:\n appName: ${exampleApplication.name}\n deploymentGroupName: example-group\n serviceRoleArn: ${example.arn}\n ec2TagSets:\n - ec2TagFilters:\n - key: filterkey1\n type: KEY_AND_VALUE\n value: filtervalue\n - key: filterkey2\n type: KEY_AND_VALUE\n value: filtervalue\n triggerConfigurations:\n - triggerEvents:\n - DeploymentFailure\n triggerName: example-trigger\n triggerTargetArn: ${exampleTopic.arn}\n autoRollbackConfiguration:\n enabled: true\n events:\n - DEPLOYMENT_FAILURE\n alarmConfiguration:\n alarms:\n - my-alarm-name\n enabled: true\n outdatedInstancesStrategy: UPDATE\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - codedeploy.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blue Green Deployments with ECS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {\n computePlatform: \"ECS\",\n name: \"example\",\n});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n appName: example.name,\n deploymentConfigName: \"CodeDeployDefault.ECSAllAtOnce\",\n deploymentGroupName: \"example\",\n serviceRoleArn: exampleAwsIamRole.arn,\n autoRollbackConfiguration: {\n enabled: true,\n events: [\"DEPLOYMENT_FAILURE\"],\n },\n blueGreenDeploymentConfig: {\n deploymentReadyOption: {\n actionOnTimeout: \"CONTINUE_DEPLOYMENT\",\n },\n terminateBlueInstancesOnDeploymentSuccess: {\n action: \"TERMINATE\",\n terminationWaitTimeInMinutes: 5,\n },\n },\n deploymentStyle: {\n deploymentOption: \"WITH_TRAFFIC_CONTROL\",\n deploymentType: \"BLUE_GREEN\",\n },\n ecsService: {\n clusterName: exampleAwsEcsCluster.name,\n serviceName: exampleAwsEcsService.name,\n },\n loadBalancerInfo: {\n targetGroupPairInfo: {\n prodTrafficRoute: {\n listenerArns: [exampleAwsLbListener.arn],\n },\n targetGroups: [\n {\n name: blue.name,\n },\n {\n name: green.name,\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\",\n compute_platform=\"ECS\",\n name=\"example\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"example\",\n app_name=example.name,\n deployment_config_name=\"CodeDeployDefault.ECSAllAtOnce\",\n deployment_group_name=\"example\",\n service_role_arn=example_aws_iam_role[\"arn\"],\n auto_rollback_configuration={\n \"enabled\": True,\n \"events\": [\"DEPLOYMENT_FAILURE\"],\n },\n blue_green_deployment_config={\n \"deployment_ready_option\": {\n \"action_on_timeout\": \"CONTINUE_DEPLOYMENT\",\n },\n \"terminate_blue_instances_on_deployment_success\": {\n \"action\": \"TERMINATE\",\n \"termination_wait_time_in_minutes\": 5,\n },\n },\n deployment_style={\n \"deployment_option\": \"WITH_TRAFFIC_CONTROL\",\n \"deployment_type\": \"BLUE_GREEN\",\n },\n ecs_service={\n \"cluster_name\": example_aws_ecs_cluster[\"name\"],\n \"service_name\": example_aws_ecs_service[\"name\"],\n },\n load_balancer_info={\n \"target_group_pair_info\": {\n \"prod_traffic_route\": {\n \"listener_arns\": [example_aws_lb_listener[\"arn\"]],\n },\n \"target_groups\": [\n {\n \"name\": blue[\"name\"],\n },\n {\n \"name\": green[\"name\"],\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeDeploy.Application(\"example\", new()\n {\n ComputePlatform = \"ECS\",\n Name = \"example\",\n });\n\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"example\", new()\n {\n AppName = example.Name,\n DeploymentConfigName = \"CodeDeployDefault.ECSAllAtOnce\",\n DeploymentGroupName = \"example\",\n ServiceRoleArn = exampleAwsIamRole.Arn,\n AutoRollbackConfiguration = new Aws.CodeDeploy.Inputs.DeploymentGroupAutoRollbackConfigurationArgs\n {\n Enabled = true,\n Events = new[]\n {\n \"DEPLOYMENT_FAILURE\",\n },\n },\n BlueGreenDeploymentConfig = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigArgs\n {\n DeploymentReadyOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs\n {\n ActionOnTimeout = \"CONTINUE_DEPLOYMENT\",\n },\n TerminateBlueInstancesOnDeploymentSuccess = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs\n {\n Action = \"TERMINATE\",\n TerminationWaitTimeInMinutes = 5,\n },\n },\n DeploymentStyle = new Aws.CodeDeploy.Inputs.DeploymentGroupDeploymentStyleArgs\n {\n DeploymentOption = \"WITH_TRAFFIC_CONTROL\",\n DeploymentType = \"BLUE_GREEN\",\n },\n EcsService = new Aws.CodeDeploy.Inputs.DeploymentGroupEcsServiceArgs\n {\n ClusterName = exampleAwsEcsCluster.Name,\n ServiceName = exampleAwsEcsService.Name,\n },\n LoadBalancerInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoArgs\n {\n TargetGroupPairInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoArgs\n {\n ProdTrafficRoute = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRouteArgs\n {\n ListenerArns = new[]\n {\n exampleAwsLbListener.Arn,\n },\n },\n TargetGroups = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs\n {\n Name = blue.Name,\n },\n new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs\n {\n Name = green.Name,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tComputePlatform: pulumi.String(\"ECS\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"example\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: example.Name,\n\t\t\tDeploymentConfigName: pulumi.String(\"CodeDeployDefault.ECSAllAtOnce\"),\n\t\t\tDeploymentGroupName: pulumi.String(\"example\"),\n\t\t\tServiceRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tAutoRollbackConfiguration: \u0026codedeploy.DeploymentGroupAutoRollbackConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"DEPLOYMENT_FAILURE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBlueGreenDeploymentConfig: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigArgs{\n\t\t\t\tDeploymentReadyOption: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs{\n\t\t\t\t\tActionOnTimeout: pulumi.String(\"CONTINUE_DEPLOYMENT\"),\n\t\t\t\t},\n\t\t\t\tTerminateBlueInstancesOnDeploymentSuccess: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs{\n\t\t\t\t\tAction: pulumi.String(\"TERMINATE\"),\n\t\t\t\t\tTerminationWaitTimeInMinutes: pulumi.Int(5),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDeploymentStyle: \u0026codedeploy.DeploymentGroupDeploymentStyleArgs{\n\t\t\t\tDeploymentOption: pulumi.String(\"WITH_TRAFFIC_CONTROL\"),\n\t\t\t\tDeploymentType: pulumi.String(\"BLUE_GREEN\"),\n\t\t\t},\n\t\t\tEcsService: \u0026codedeploy.DeploymentGroupEcsServiceArgs{\n\t\t\t\tClusterName: pulumi.Any(exampleAwsEcsCluster.Name),\n\t\t\t\tServiceName: pulumi.Any(exampleAwsEcsService.Name),\n\t\t\t},\n\t\t\tLoadBalancerInfo: \u0026codedeploy.DeploymentGroupLoadBalancerInfoArgs{\n\t\t\t\tTargetGroupPairInfo: \u0026codedeploy.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoArgs{\n\t\t\t\t\tProdTrafficRoute: \u0026codedeploy.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRouteArgs{\n\t\t\t\t\t\tListenerArns: pulumi.StringArray{\n\t\t\t\t\t\t\texampleAwsLbListener.Arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetGroups: codedeploy.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArray{\n\t\t\t\t\t\t\u0026codedeploy.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs{\n\t\t\t\t\t\t\tName: pulumi.Any(blue.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026codedeploy.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs{\n\t\t\t\t\t\t\tName: pulumi.Any(green.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport com.pulumi.aws.codedeploy.DeploymentGroup;\nimport com.pulumi.aws.codedeploy.DeploymentGroupArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupAutoRollbackConfigurationArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupDeploymentStyleArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupEcsServiceArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupLoadBalancerInfoArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .computePlatform(\"ECS\")\n .name(\"example\")\n .build());\n\n var exampleDeploymentGroup = new DeploymentGroup(\"exampleDeploymentGroup\", DeploymentGroupArgs.builder()\n .appName(example.name())\n .deploymentConfigName(\"CodeDeployDefault.ECSAllAtOnce\")\n .deploymentGroupName(\"example\")\n .serviceRoleArn(exampleAwsIamRole.arn())\n .autoRollbackConfiguration(DeploymentGroupAutoRollbackConfigurationArgs.builder()\n .enabled(true)\n .events(\"DEPLOYMENT_FAILURE\")\n .build())\n .blueGreenDeploymentConfig(DeploymentGroupBlueGreenDeploymentConfigArgs.builder()\n .deploymentReadyOption(DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs.builder()\n .actionOnTimeout(\"CONTINUE_DEPLOYMENT\")\n .build())\n .terminateBlueInstancesOnDeploymentSuccess(DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs.builder()\n .action(\"TERMINATE\")\n .terminationWaitTimeInMinutes(5)\n .build())\n .build())\n .deploymentStyle(DeploymentGroupDeploymentStyleArgs.builder()\n .deploymentOption(\"WITH_TRAFFIC_CONTROL\")\n .deploymentType(\"BLUE_GREEN\")\n .build())\n .ecsService(DeploymentGroupEcsServiceArgs.builder()\n .clusterName(exampleAwsEcsCluster.name())\n .serviceName(exampleAwsEcsService.name())\n .build())\n .loadBalancerInfo(DeploymentGroupLoadBalancerInfoArgs.builder()\n .targetGroupPairInfo(DeploymentGroupLoadBalancerInfoTargetGroupPairInfoArgs.builder()\n .prodTrafficRoute(DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRouteArgs.builder()\n .listenerArns(exampleAwsLbListener.arn())\n .build())\n .targetGroups( \n DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs.builder()\n .name(blue.name())\n .build(),\n DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroupArgs.builder()\n .name(green.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codedeploy:Application\n properties:\n computePlatform: ECS\n name: example\n exampleDeploymentGroup:\n type: aws:codedeploy:DeploymentGroup\n name: example\n properties:\n appName: ${example.name}\n deploymentConfigName: CodeDeployDefault.ECSAllAtOnce\n deploymentGroupName: example\n serviceRoleArn: ${exampleAwsIamRole.arn}\n autoRollbackConfiguration:\n enabled: true\n events:\n - DEPLOYMENT_FAILURE\n blueGreenDeploymentConfig:\n deploymentReadyOption:\n actionOnTimeout: CONTINUE_DEPLOYMENT\n terminateBlueInstancesOnDeploymentSuccess:\n action: TERMINATE\n terminationWaitTimeInMinutes: 5\n deploymentStyle:\n deploymentOption: WITH_TRAFFIC_CONTROL\n deploymentType: BLUE_GREEN\n ecsService:\n clusterName: ${exampleAwsEcsCluster.name}\n serviceName: ${exampleAwsEcsService.name}\n loadBalancerInfo:\n targetGroupPairInfo:\n prodTrafficRoute:\n listenerArns:\n - ${exampleAwsLbListener.arn}\n targetGroups:\n - name: ${blue.name}\n - name: ${green.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blue Green Deployments with Servers and Classic ELB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codedeploy.Application(\"example\", {name: \"example-app\"});\nconst exampleDeploymentGroup = new aws.codedeploy.DeploymentGroup(\"example\", {\n appName: example.name,\n deploymentGroupName: \"example-group\",\n serviceRoleArn: exampleAwsIamRole.arn,\n deploymentStyle: {\n deploymentOption: \"WITH_TRAFFIC_CONTROL\",\n deploymentType: \"BLUE_GREEN\",\n },\n loadBalancerInfo: {\n elbInfos: [{\n name: exampleAwsElb.name,\n }],\n },\n blueGreenDeploymentConfig: {\n deploymentReadyOption: {\n actionOnTimeout: \"STOP_DEPLOYMENT\",\n waitTimeInMinutes: 60,\n },\n greenFleetProvisioningOption: {\n action: \"DISCOVER_EXISTING\",\n },\n terminateBlueInstancesOnDeploymentSuccess: {\n action: \"KEEP_ALIVE\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codedeploy.Application(\"example\", name=\"example-app\")\nexample_deployment_group = aws.codedeploy.DeploymentGroup(\"example\",\n app_name=example.name,\n deployment_group_name=\"example-group\",\n service_role_arn=example_aws_iam_role[\"arn\"],\n deployment_style={\n \"deployment_option\": \"WITH_TRAFFIC_CONTROL\",\n \"deployment_type\": \"BLUE_GREEN\",\n },\n load_balancer_info={\n \"elb_infos\": [{\n \"name\": example_aws_elb[\"name\"],\n }],\n },\n blue_green_deployment_config={\n \"deployment_ready_option\": {\n \"action_on_timeout\": \"STOP_DEPLOYMENT\",\n \"wait_time_in_minutes\": 60,\n },\n \"green_fleet_provisioning_option\": {\n \"action\": \"DISCOVER_EXISTING\",\n },\n \"terminate_blue_instances_on_deployment_success\": {\n \"action\": \"KEEP_ALIVE\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeDeploy.Application(\"example\", new()\n {\n Name = \"example-app\",\n });\n\n var exampleDeploymentGroup = new Aws.CodeDeploy.DeploymentGroup(\"example\", new()\n {\n AppName = example.Name,\n DeploymentGroupName = \"example-group\",\n ServiceRoleArn = exampleAwsIamRole.Arn,\n DeploymentStyle = new Aws.CodeDeploy.Inputs.DeploymentGroupDeploymentStyleArgs\n {\n DeploymentOption = \"WITH_TRAFFIC_CONTROL\",\n DeploymentType = \"BLUE_GREEN\",\n },\n LoadBalancerInfo = new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoArgs\n {\n ElbInfos = new[]\n {\n new Aws.CodeDeploy.Inputs.DeploymentGroupLoadBalancerInfoElbInfoArgs\n {\n Name = exampleAwsElb.Name,\n },\n },\n },\n BlueGreenDeploymentConfig = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigArgs\n {\n DeploymentReadyOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs\n {\n ActionOnTimeout = \"STOP_DEPLOYMENT\",\n WaitTimeInMinutes = 60,\n },\n GreenFleetProvisioningOption = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs\n {\n Action = \"DISCOVER_EXISTING\",\n },\n TerminateBlueInstancesOnDeploymentSuccess = new Aws.CodeDeploy.Inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs\n {\n Action = \"KEEP_ALIVE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codedeploy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codedeploy.NewApplication(ctx, \"example\", \u0026codedeploy.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codedeploy.NewDeploymentGroup(ctx, \"example\", \u0026codedeploy.DeploymentGroupArgs{\n\t\t\tAppName: example.Name,\n\t\t\tDeploymentGroupName: pulumi.String(\"example-group\"),\n\t\t\tServiceRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDeploymentStyle: \u0026codedeploy.DeploymentGroupDeploymentStyleArgs{\n\t\t\t\tDeploymentOption: pulumi.String(\"WITH_TRAFFIC_CONTROL\"),\n\t\t\t\tDeploymentType: pulumi.String(\"BLUE_GREEN\"),\n\t\t\t},\n\t\t\tLoadBalancerInfo: \u0026codedeploy.DeploymentGroupLoadBalancerInfoArgs{\n\t\t\t\tElbInfos: codedeploy.DeploymentGroupLoadBalancerInfoElbInfoArray{\n\t\t\t\t\t\u0026codedeploy.DeploymentGroupLoadBalancerInfoElbInfoArgs{\n\t\t\t\t\t\tName: pulumi.Any(exampleAwsElb.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tBlueGreenDeploymentConfig: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigArgs{\n\t\t\t\tDeploymentReadyOption: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs{\n\t\t\t\t\tActionOnTimeout: pulumi.String(\"STOP_DEPLOYMENT\"),\n\t\t\t\t\tWaitTimeInMinutes: pulumi.Int(60),\n\t\t\t\t},\n\t\t\t\tGreenFleetProvisioningOption: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs{\n\t\t\t\t\tAction: pulumi.String(\"DISCOVER_EXISTING\"),\n\t\t\t\t},\n\t\t\t\tTerminateBlueInstancesOnDeploymentSuccess: \u0026codedeploy.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs{\n\t\t\t\t\tAction: pulumi.String(\"KEEP_ALIVE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codedeploy.Application;\nimport com.pulumi.aws.codedeploy.ApplicationArgs;\nimport com.pulumi.aws.codedeploy.DeploymentGroup;\nimport com.pulumi.aws.codedeploy.DeploymentGroupArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupDeploymentStyleArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupLoadBalancerInfoArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs;\nimport com.pulumi.aws.codedeploy.inputs.DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"example-app\")\n .build());\n\n var exampleDeploymentGroup = new DeploymentGroup(\"exampleDeploymentGroup\", DeploymentGroupArgs.builder()\n .appName(example.name())\n .deploymentGroupName(\"example-group\")\n .serviceRoleArn(exampleAwsIamRole.arn())\n .deploymentStyle(DeploymentGroupDeploymentStyleArgs.builder()\n .deploymentOption(\"WITH_TRAFFIC_CONTROL\")\n .deploymentType(\"BLUE_GREEN\")\n .build())\n .loadBalancerInfo(DeploymentGroupLoadBalancerInfoArgs.builder()\n .elbInfos(DeploymentGroupLoadBalancerInfoElbInfoArgs.builder()\n .name(exampleAwsElb.name())\n .build())\n .build())\n .blueGreenDeploymentConfig(DeploymentGroupBlueGreenDeploymentConfigArgs.builder()\n .deploymentReadyOption(DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOptionArgs.builder()\n .actionOnTimeout(\"STOP_DEPLOYMENT\")\n .waitTimeInMinutes(60)\n .build())\n .greenFleetProvisioningOption(DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOptionArgs.builder()\n .action(\"DISCOVER_EXISTING\")\n .build())\n .terminateBlueInstancesOnDeploymentSuccess(DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccessArgs.builder()\n .action(\"KEEP_ALIVE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codedeploy:Application\n properties:\n name: example-app\n exampleDeploymentGroup:\n type: aws:codedeploy:DeploymentGroup\n name: example\n properties:\n appName: ${example.name}\n deploymentGroupName: example-group\n serviceRoleArn: ${exampleAwsIamRole.arn}\n deploymentStyle:\n deploymentOption: WITH_TRAFFIC_CONTROL\n deploymentType: BLUE_GREEN\n loadBalancerInfo:\n elbInfos:\n - name: ${exampleAwsElb.name}\n blueGreenDeploymentConfig:\n deploymentReadyOption:\n actionOnTimeout: STOP_DEPLOYMENT\n waitTimeInMinutes: 60\n greenFleetProvisioningOption:\n action: DISCOVER_EXISTING\n terminateBlueInstancesOnDeploymentSuccess:\n action: KEEP_ALIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeDeploy Deployment Groups using `app_name`, a colon, and `deployment_group_name`. For example:\n\n```sh\n$ pulumi import aws:codedeploy/deploymentGroup:DeploymentGroup example my-application:my-deployment-group\n```\n", "properties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "arn": { "type": "string", "description": "The ARN of the CodeDeploy deployment group.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "computePlatform": { "type": "string", "description": "The destination platform type for the deployment.\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupId": { "type": "string", "description": "The ID of the CodeDeploy deployment group.\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "outdatedInstancesStrategy": { "type": "string", "description": "Configuration block of Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision. Valid values are `UPDATE` and `IGNORE`. Defaults to `UPDATE`.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "required": [ "appName", "arn", "blueGreenDeploymentConfig", "computePlatform", "deploymentGroupId", "deploymentGroupName", "serviceRoleArn", "tagsAll" ], "inputProperties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "outdatedInstancesStrategy": { "type": "string", "description": "Configuration block of Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision. Valid values are `UPDATE` and `IGNORE`. Defaults to `UPDATE`.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "requiredInputs": [ "appName", "deploymentGroupName", "serviceRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeploymentGroup resources.\n", "properties": { "alarmConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAlarmConfiguration:DeploymentGroupAlarmConfiguration", "description": "Configuration block of alarms associated with the deployment group (documented below).\n" }, "appName": { "type": "string", "description": "The name of the application.\n" }, "arn": { "type": "string", "description": "The ARN of the CodeDeploy deployment group.\n" }, "autoRollbackConfiguration": { "$ref": "#/types/aws:codedeploy/DeploymentGroupAutoRollbackConfiguration:DeploymentGroupAutoRollbackConfiguration", "description": "Configuration block of the automatic rollback configuration associated with the deployment group (documented below).\n" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling groups associated with the deployment group.\n" }, "blueGreenDeploymentConfig": { "$ref": "#/types/aws:codedeploy/DeploymentGroupBlueGreenDeploymentConfig:DeploymentGroupBlueGreenDeploymentConfig", "description": "Configuration block of the blue/green deployment options for a deployment group (documented below).\n" }, "computePlatform": { "type": "string", "description": "The destination platform type for the deployment.\n" }, "deploymentConfigName": { "type": "string", "description": "The name of the group's deployment config. The default is \"CodeDeployDefault.OneAtATime\".\n" }, "deploymentGroupId": { "type": "string", "description": "The ID of the CodeDeploy deployment group.\n" }, "deploymentGroupName": { "type": "string", "description": "The name of the deployment group.\n" }, "deploymentStyle": { "$ref": "#/types/aws:codedeploy/DeploymentGroupDeploymentStyle:DeploymentGroupDeploymentStyle", "description": "Configuration block of the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer (documented below).\n" }, "ec2TagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagFilter:DeploymentGroupEc2TagFilter" }, "description": "Tag filters associated with the deployment group. See the AWS docs for details.\n" }, "ec2TagSets": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEc2TagSet:DeploymentGroupEc2TagSet" }, "description": "Configuration block(s) of Tag filters associated with the deployment group, which are also referred to as tag groups (documented below). See the AWS docs for details.\n" }, "ecsService": { "$ref": "#/types/aws:codedeploy/DeploymentGroupEcsService:DeploymentGroupEcsService", "description": "Configuration block(s) of the ECS services for a deployment group (documented below).\n" }, "loadBalancerInfo": { "$ref": "#/types/aws:codedeploy/DeploymentGroupLoadBalancerInfo:DeploymentGroupLoadBalancerInfo", "description": "Single configuration block of the load balancer to use in a blue/green deployment (documented below).\n" }, "onPremisesInstanceTagFilters": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupOnPremisesInstanceTagFilter:DeploymentGroupOnPremisesInstanceTagFilter" }, "description": "On premise tag filters associated with the group. See the AWS docs for details.\n" }, "outdatedInstancesStrategy": { "type": "string", "description": "Configuration block of Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision. Valid values are `UPDATE` and `IGNORE`. Defaults to `UPDATE`.\n" }, "serviceRoleArn": { "type": "string", "description": "The service role ARN that allows deployments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "triggerConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:codedeploy/DeploymentGroupTriggerConfiguration:DeploymentGroupTriggerConfiguration" }, "description": "Configuration block(s) of the triggers for the deployment group (documented below).\n" } }, "type": "object" } }, "aws:codeguruprofiler/profilingGroup:ProfilingGroup": { "description": "Resource for managing an AWS CodeGuru Profiler Profiling Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codeguruprofiler.ProfilingGroup(\"example\", {\n name: \"example\",\n computePlatform: \"Default\",\n agentOrchestrationConfig: {\n profilingEnabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codeguruprofiler.ProfilingGroup(\"example\",\n name=\"example\",\n compute_platform=\"Default\",\n agent_orchestration_config={\n \"profiling_enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeGuruProfiler.ProfilingGroup(\"example\", new()\n {\n Name = \"example\",\n ComputePlatform = \"Default\",\n AgentOrchestrationConfig = new Aws.CodeGuruProfiler.Inputs.ProfilingGroupAgentOrchestrationConfigArgs\n {\n ProfilingEnabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeguruprofiler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeguruprofiler.NewProfilingGroup(ctx, \"example\", \u0026codeguruprofiler.ProfilingGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tComputePlatform: pulumi.String(\"Default\"),\n\t\t\tAgentOrchestrationConfig: \u0026codeguruprofiler.ProfilingGroupAgentOrchestrationConfigArgs{\n\t\t\t\tProfilingEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeguruprofiler.ProfilingGroup;\nimport com.pulumi.aws.codeguruprofiler.ProfilingGroupArgs;\nimport com.pulumi.aws.codeguruprofiler.inputs.ProfilingGroupAgentOrchestrationConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProfilingGroup(\"example\", ProfilingGroupArgs.builder()\n .name(\"example\")\n .computePlatform(\"Default\")\n .agentOrchestrationConfig(ProfilingGroupAgentOrchestrationConfigArgs.builder()\n .profilingEnabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codeguruprofiler:ProfilingGroup\n properties:\n name: example\n computePlatform: Default\n agentOrchestrationConfig:\n profilingEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeGuru Profiler Profiling Group using the `id`. For example:\n\n```sh\n$ pulumi import aws:codeguruprofiler/profilingGroup:ProfilingGroup example profiling_group-name-12345678\n```\n", "properties": { "agentOrchestrationConfig": { "$ref": "#/types/aws:codeguruprofiler/ProfilingGroupAgentOrchestrationConfig:ProfilingGroupAgentOrchestrationConfig", "description": "Specifies whether profiling is enabled or disabled for the created profiling. See Agent Orchestration Config for more details.\n" }, "arn": { "type": "string", "description": "ARN of the profiling group.\n" }, "computePlatform": { "type": "string", "description": "Compute platform of the profiling group.\n" }, "name": { "type": "string", "description": "Name of the profiling group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "computePlatform", "name", "tagsAll" ], "inputProperties": { "agentOrchestrationConfig": { "$ref": "#/types/aws:codeguruprofiler/ProfilingGroupAgentOrchestrationConfig:ProfilingGroupAgentOrchestrationConfig", "description": "Specifies whether profiling is enabled or disabled for the created profiling. See Agent Orchestration Config for more details.\n" }, "computePlatform": { "type": "string", "description": "Compute platform of the profiling group.\n" }, "name": { "type": "string", "description": "Name of the profiling group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ProfilingGroup resources.\n", "properties": { "agentOrchestrationConfig": { "$ref": "#/types/aws:codeguruprofiler/ProfilingGroupAgentOrchestrationConfig:ProfilingGroupAgentOrchestrationConfig", "description": "Specifies whether profiling is enabled or disabled for the created profiling. See Agent Orchestration Config for more details.\n" }, "arn": { "type": "string", "description": "ARN of the profiling group.\n" }, "computePlatform": { "type": "string", "description": "Compute platform of the profiling group.\n" }, "name": { "type": "string", "description": "Name of the profiling group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codegurureviewer/repositoryAssociation:RepositoryAssociation": { "description": "Resource for managing an AWS CodeGuru Reviewer Repository Association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {});\nconst exampleRepository = new aws.codecommit.Repository(\"example\", {repositoryName: \"example-repo\"});\nconst exampleRepositoryAssociation = new aws.codegurureviewer.RepositoryAssociation(\"example\", {\n repository: {\n codecommit: {\n name: exampleRepository.repositoryName,\n },\n },\n kmsKeyDetails: {\n encryptionOption: \"CUSTOMER_MANAGED_CMK\",\n kmsKeyId: example.keyId,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\")\nexample_repository = aws.codecommit.Repository(\"example\", repository_name=\"example-repo\")\nexample_repository_association = aws.codegurureviewer.RepositoryAssociation(\"example\",\n repository={\n \"codecommit\": {\n \"name\": example_repository.repository_name,\n },\n },\n kms_key_details={\n \"encryption_option\": \"CUSTOMER_MANAGED_CMK\",\n \"kms_key_id\": example.key_id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\");\n\n var exampleRepository = new Aws.CodeCommit.Repository(\"example\", new()\n {\n RepositoryName = \"example-repo\",\n });\n\n var exampleRepositoryAssociation = new Aws.CodeGuruReviewer.RepositoryAssociation(\"example\", new()\n {\n Repository = new Aws.CodeGuruReviewer.Inputs.RepositoryAssociationRepositoryArgs\n {\n Codecommit = new Aws.CodeGuruReviewer.Inputs.RepositoryAssociationRepositoryCodecommitArgs\n {\n Name = exampleRepository.RepositoryName,\n },\n },\n KmsKeyDetails = new Aws.CodeGuruReviewer.Inputs.RepositoryAssociationKmsKeyDetailsArgs\n {\n EncryptionOption = \"CUSTOMER_MANAGED_CMK\",\n KmsKeyId = example.KeyId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codegurureviewer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRepository, err := codecommit.NewRepository(ctx, \"example\", \u0026codecommit.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"example-repo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codegurureviewer.NewRepositoryAssociation(ctx, \"example\", \u0026codegurureviewer.RepositoryAssociationArgs{\n\t\t\tRepository: \u0026codegurureviewer.RepositoryAssociationRepositoryArgs{\n\t\t\t\tCodecommit: \u0026codegurureviewer.RepositoryAssociationRepositoryCodecommitArgs{\n\t\t\t\t\tName: exampleRepository.RepositoryName,\n\t\t\t\t},\n\t\t\t},\n\t\t\tKmsKeyDetails: \u0026codegurureviewer.RepositoryAssociationKmsKeyDetailsArgs{\n\t\t\t\tEncryptionOption: pulumi.String(\"CUSTOMER_MANAGED_CMK\"),\n\t\t\t\tKmsKeyId: example.KeyId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.codecommit.Repository;\nimport com.pulumi.aws.codecommit.RepositoryArgs;\nimport com.pulumi.aws.codegurureviewer.RepositoryAssociation;\nimport com.pulumi.aws.codegurureviewer.RepositoryAssociationArgs;\nimport com.pulumi.aws.codegurureviewer.inputs.RepositoryAssociationRepositoryArgs;\nimport com.pulumi.aws.codegurureviewer.inputs.RepositoryAssociationRepositoryCodecommitArgs;\nimport com.pulumi.aws.codegurureviewer.inputs.RepositoryAssociationKmsKeyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\");\n\n var exampleRepository = new Repository(\"exampleRepository\", RepositoryArgs.builder()\n .repositoryName(\"example-repo\")\n .build());\n\n var exampleRepositoryAssociation = new RepositoryAssociation(\"exampleRepositoryAssociation\", RepositoryAssociationArgs.builder()\n .repository(RepositoryAssociationRepositoryArgs.builder()\n .codecommit(RepositoryAssociationRepositoryCodecommitArgs.builder()\n .name(exampleRepository.repositoryName())\n .build())\n .build())\n .kmsKeyDetails(RepositoryAssociationKmsKeyDetailsArgs.builder()\n .encryptionOption(\"CUSTOMER_MANAGED_CMK\")\n .kmsKeyId(example.keyId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n exampleRepository:\n type: aws:codecommit:Repository\n name: example\n properties:\n repositoryName: example-repo\n exampleRepositoryAssociation:\n type: aws:codegurureviewer:RepositoryAssociation\n name: example\n properties:\n repository:\n codecommit:\n name: ${exampleRepository.repositoryName}\n kmsKeyDetails:\n encryptionOption: CUSTOMER_MANAGED_CMK\n kmsKeyId: ${example.keyId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying the repository association.\n" }, "associationId": { "type": "string", "description": "The ID of the repository association.\n" }, "connectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.\n" }, "kmsKeyDetails": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationKmsKeyDetails:RepositoryAssociationKmsKeyDetails", "description": "An object describing the KMS key to asssociate. Block is documented below.\n" }, "name": { "type": "string", "description": "The name of the repository.\n" }, "owner": { "type": "string", "description": "The owner of the repository.\n" }, "providerType": { "type": "string", "description": "The provider type of the repository association.\n" }, "repository": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepository:RepositoryAssociationRepository", "description": "An object describing the repository to associate. Valid values: `bitbucket`, `codecommit`, `github_enterprise_server`, or `s3_bucket`. Block is documented below. Note: for repositories that leverage CodeStar connections (ex. `bitbucket`, `github_enterprise_server`) the connection must be in `Available` status prior to creating this resource.\n\nThe following arguments are optional:\n" }, "s3RepositoryDetails": { "type": "array", "items": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationS3RepositoryDetail:RepositoryAssociationS3RepositoryDetail" } }, "state": { "type": "string", "description": "The state of the repository association.\n" }, "stateReason": { "type": "string", "description": "A description of why the repository association is in the current state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "associationId", "connectionArn", "name", "owner", "providerType", "repository", "s3RepositoryDetails", "state", "stateReason", "tagsAll" ], "inputProperties": { "kmsKeyDetails": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationKmsKeyDetails:RepositoryAssociationKmsKeyDetails", "description": "An object describing the KMS key to asssociate. Block is documented below.\n", "willReplaceOnChanges": true }, "repository": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepository:RepositoryAssociationRepository", "description": "An object describing the repository to associate. Valid values: `bitbucket`, `codecommit`, `github_enterprise_server`, or `s3_bucket`. Block is documented below. Note: for repositories that leverage CodeStar connections (ex. `bitbucket`, `github_enterprise_server`) the connection must be in `Available` status prior to creating this resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering RepositoryAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying the repository association.\n" }, "associationId": { "type": "string", "description": "The ID of the repository association.\n" }, "connectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.\n" }, "kmsKeyDetails": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationKmsKeyDetails:RepositoryAssociationKmsKeyDetails", "description": "An object describing the KMS key to asssociate. Block is documented below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the repository.\n" }, "owner": { "type": "string", "description": "The owner of the repository.\n" }, "providerType": { "type": "string", "description": "The provider type of the repository association.\n" }, "repository": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationRepository:RepositoryAssociationRepository", "description": "An object describing the repository to associate. Valid values: `bitbucket`, `codecommit`, `github_enterprise_server`, or `s3_bucket`. Block is documented below. Note: for repositories that leverage CodeStar connections (ex. `bitbucket`, `github_enterprise_server`) the connection must be in `Available` status prior to creating this resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "s3RepositoryDetails": { "type": "array", "items": { "$ref": "#/types/aws:codegurureviewer/RepositoryAssociationS3RepositoryDetail:RepositoryAssociationS3RepositoryDetail" } }, "state": { "type": "string", "description": "The state of the repository association.\n" }, "stateReason": { "type": "string", "description": "A description of why the repository association is in the current state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codepipeline/customActionType:CustomActionType": { "description": "Provides a CodeDeploy CustomActionType\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codepipeline.CustomActionType(\"example\", {\n category: \"Build\",\n inputArtifactDetails: {\n maximumCount: 1,\n minimumCount: 0,\n },\n outputArtifactDetails: {\n maximumCount: 1,\n minimumCount: 0,\n },\n providerName: \"example\",\n version: \"1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codepipeline.CustomActionType(\"example\",\n category=\"Build\",\n input_artifact_details={\n \"maximum_count\": 1,\n \"minimum_count\": 0,\n },\n output_artifact_details={\n \"maximum_count\": 1,\n \"minimum_count\": 0,\n },\n provider_name=\"example\",\n version=\"1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodePipeline.CustomActionType(\"example\", new()\n {\n Category = \"Build\",\n InputArtifactDetails = new Aws.CodePipeline.Inputs.CustomActionTypeInputArtifactDetailsArgs\n {\n MaximumCount = 1,\n MinimumCount = 0,\n },\n OutputArtifactDetails = new Aws.CodePipeline.Inputs.CustomActionTypeOutputArtifactDetailsArgs\n {\n MaximumCount = 1,\n MinimumCount = 0,\n },\n ProviderName = \"example\",\n Version = \"1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codepipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codepipeline.NewCustomActionType(ctx, \"example\", \u0026codepipeline.CustomActionTypeArgs{\n\t\t\tCategory: pulumi.String(\"Build\"),\n\t\t\tInputArtifactDetails: \u0026codepipeline.CustomActionTypeInputArtifactDetailsArgs{\n\t\t\t\tMaximumCount: pulumi.Int(1),\n\t\t\t\tMinimumCount: pulumi.Int(0),\n\t\t\t},\n\t\t\tOutputArtifactDetails: \u0026codepipeline.CustomActionTypeOutputArtifactDetailsArgs{\n\t\t\t\tMaximumCount: pulumi.Int(1),\n\t\t\t\tMinimumCount: pulumi.Int(0),\n\t\t\t},\n\t\t\tProviderName: pulumi.String(\"example\"),\n\t\t\tVersion: pulumi.String(\"1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codepipeline.CustomActionType;\nimport com.pulumi.aws.codepipeline.CustomActionTypeArgs;\nimport com.pulumi.aws.codepipeline.inputs.CustomActionTypeInputArtifactDetailsArgs;\nimport com.pulumi.aws.codepipeline.inputs.CustomActionTypeOutputArtifactDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomActionType(\"example\", CustomActionTypeArgs.builder()\n .category(\"Build\")\n .inputArtifactDetails(CustomActionTypeInputArtifactDetailsArgs.builder()\n .maximumCount(1)\n .minimumCount(0)\n .build())\n .outputArtifactDetails(CustomActionTypeOutputArtifactDetailsArgs.builder()\n .maximumCount(1)\n .minimumCount(0)\n .build())\n .providerName(\"example\")\n .version(\"1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codepipeline:CustomActionType\n properties:\n category: Build\n inputArtifactDetails:\n maximumCount: 1\n minimumCount: 0\n outputArtifactDetails:\n maximumCount: 1\n minimumCount: 0\n providerName: example\n version: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeDeploy CustomActionType using the `id`. For example:\n\n```sh\n$ pulumi import aws:codepipeline/customActionType:CustomActionType example Build:pulumi:1\n```\n", "properties": { "arn": { "type": "string", "description": "The action ARN.\n" }, "category": { "type": "string", "description": "The category of the custom action. Valid values: `Source`, `Build`, `Deploy`, `Test`, `Invoke`, `Approval`\n" }, "configurationProperties": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/CustomActionTypeConfigurationProperty:CustomActionTypeConfigurationProperty" }, "description": "The configuration properties for the custom action. Max 10 items.\n" }, "inputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeInputArtifactDetails:CustomActionTypeInputArtifactDetails" }, "outputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeOutputArtifactDetails:CustomActionTypeOutputArtifactDetails" }, "owner": { "type": "string", "description": "The creator of the action being called.\n" }, "providerName": { "type": "string" }, "settings": { "$ref": "#/types/aws:codepipeline/CustomActionTypeSettings:CustomActionTypeSettings" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string" } }, "required": [ "arn", "category", "inputArtifactDetails", "outputArtifactDetails", "owner", "providerName", "tagsAll", "version" ], "inputProperties": { "category": { "type": "string", "description": "The category of the custom action. Valid values: `Source`, `Build`, `Deploy`, `Test`, `Invoke`, `Approval`\n", "willReplaceOnChanges": true }, "configurationProperties": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/CustomActionTypeConfigurationProperty:CustomActionTypeConfigurationProperty" }, "description": "The configuration properties for the custom action. Max 10 items.\n", "willReplaceOnChanges": true }, "inputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeInputArtifactDetails:CustomActionTypeInputArtifactDetails", "willReplaceOnChanges": true }, "outputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeOutputArtifactDetails:CustomActionTypeOutputArtifactDetails", "willReplaceOnChanges": true }, "providerName": { "type": "string", "willReplaceOnChanges": true }, "settings": { "$ref": "#/types/aws:codepipeline/CustomActionTypeSettings:CustomActionTypeSettings", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "version": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "category", "inputArtifactDetails", "outputArtifactDetails", "providerName", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomActionType resources.\n", "properties": { "arn": { "type": "string", "description": "The action ARN.\n" }, "category": { "type": "string", "description": "The category of the custom action. Valid values: `Source`, `Build`, `Deploy`, `Test`, `Invoke`, `Approval`\n", "willReplaceOnChanges": true }, "configurationProperties": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/CustomActionTypeConfigurationProperty:CustomActionTypeConfigurationProperty" }, "description": "The configuration properties for the custom action. Max 10 items.\n", "willReplaceOnChanges": true }, "inputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeInputArtifactDetails:CustomActionTypeInputArtifactDetails", "willReplaceOnChanges": true }, "outputArtifactDetails": { "$ref": "#/types/aws:codepipeline/CustomActionTypeOutputArtifactDetails:CustomActionTypeOutputArtifactDetails", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "The creator of the action being called.\n" }, "providerName": { "type": "string", "willReplaceOnChanges": true }, "settings": { "$ref": "#/types/aws:codepipeline/CustomActionTypeSettings:CustomActionTypeSettings", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:codepipeline/pipeline:Pipeline": { "description": "Provides a CodePipeline.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codestarconnections.Connection(\"example\", {\n name: \"example-connection\",\n providerType: \"GitHub\",\n});\nconst codepipelineBucket = new aws.s3.BucketV2(\"codepipeline_bucket\", {bucket: \"test-bucket\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"codepipeline.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst codepipelineRole = new aws.iam.Role(\"codepipeline_role\", {\n name: \"test-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst s3kmskey = aws.kms.getAlias({\n name: \"alias/myKmsKey\",\n});\nconst codepipeline = new aws.codepipeline.Pipeline(\"codepipeline\", {\n name: \"tf-test-pipeline\",\n roleArn: codepipelineRole.arn,\n artifactStores: [{\n location: codepipelineBucket.bucket,\n type: \"S3\",\n encryptionKey: {\n id: s3kmskey.then(s3kmskey =\u003e s3kmskey.arn),\n type: \"KMS\",\n },\n }],\n stages: [\n {\n name: \"Source\",\n actions: [{\n name: \"Source\",\n category: \"Source\",\n owner: \"AWS\",\n provider: \"CodeStarSourceConnection\",\n version: \"1\",\n outputArtifacts: [\"source_output\"],\n configuration: {\n ConnectionArn: example.arn,\n FullRepositoryId: \"my-organization/example\",\n BranchName: \"main\",\n },\n }],\n },\n {\n name: \"Build\",\n actions: [{\n name: \"Build\",\n category: \"Build\",\n owner: \"AWS\",\n provider: \"CodeBuild\",\n inputArtifacts: [\"source_output\"],\n outputArtifacts: [\"build_output\"],\n version: \"1\",\n configuration: {\n ProjectName: \"test\",\n },\n }],\n },\n {\n name: \"Deploy\",\n actions: [{\n name: \"Deploy\",\n category: \"Deploy\",\n owner: \"AWS\",\n provider: \"CloudFormation\",\n inputArtifacts: [\"build_output\"],\n version: \"1\",\n configuration: {\n ActionMode: \"REPLACE_ON_FAILURE\",\n Capabilities: \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\",\n OutputFileName: \"CreateStackOutput.json\",\n StackName: \"MyStack\",\n TemplatePath: \"build_output::sam-templated.yaml\",\n },\n }],\n },\n ],\n});\nconst codepipelineBucketPab = new aws.s3.BucketPublicAccessBlock(\"codepipeline_bucket_pab\", {\n bucket: codepipelineBucket.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true,\n});\nconst codepipelinePolicy = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n ],\n resources: [\n codepipelineBucket.arn,\n pulumi.interpolate`${codepipelineBucket.arn}/*`,\n ],\n },\n {\n effect: \"Allow\",\n actions: [\"codestar-connections:UseConnection\"],\n resources: [example.arn],\n },\n {\n effect: \"Allow\",\n actions: [\n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\",\n ],\n resources: [\"*\"],\n },\n ],\n});\nconst codepipelinePolicyRolePolicy = new aws.iam.RolePolicy(\"codepipeline_policy\", {\n name: \"codepipeline_policy\",\n role: codepipelineRole.id,\n policy: codepipelinePolicy.apply(codepipelinePolicy =\u003e codepipelinePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codestarconnections.Connection(\"example\",\n name=\"example-connection\",\n provider_type=\"GitHub\")\ncodepipeline_bucket = aws.s3.BucketV2(\"codepipeline_bucket\", bucket=\"test-bucket\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"codepipeline.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ncodepipeline_role = aws.iam.Role(\"codepipeline_role\",\n name=\"test-role\",\n assume_role_policy=assume_role.json)\ns3kmskey = aws.kms.get_alias(name=\"alias/myKmsKey\")\ncodepipeline = aws.codepipeline.Pipeline(\"codepipeline\",\n name=\"tf-test-pipeline\",\n role_arn=codepipeline_role.arn,\n artifact_stores=[{\n \"location\": codepipeline_bucket.bucket,\n \"type\": \"S3\",\n \"encryption_key\": {\n \"id\": s3kmskey.arn,\n \"type\": \"KMS\",\n },\n }],\n stages=[\n {\n \"name\": \"Source\",\n \"actions\": [{\n \"name\": \"Source\",\n \"category\": \"Source\",\n \"owner\": \"AWS\",\n \"provider\": \"CodeStarSourceConnection\",\n \"version\": \"1\",\n \"output_artifacts\": [\"source_output\"],\n \"configuration\": {\n \"connection_arn\": example.arn,\n \"full_repository_id\": \"my-organization/example\",\n \"branch_name\": \"main\",\n },\n }],\n },\n {\n \"name\": \"Build\",\n \"actions\": [{\n \"name\": \"Build\",\n \"category\": \"Build\",\n \"owner\": \"AWS\",\n \"provider\": \"CodeBuild\",\n \"input_artifacts\": [\"source_output\"],\n \"output_artifacts\": [\"build_output\"],\n \"version\": \"1\",\n \"configuration\": {\n \"project_name\": \"test\",\n },\n }],\n },\n {\n \"name\": \"Deploy\",\n \"actions\": [{\n \"name\": \"Deploy\",\n \"category\": \"Deploy\",\n \"owner\": \"AWS\",\n \"provider\": \"CloudFormation\",\n \"input_artifacts\": [\"build_output\"],\n \"version\": \"1\",\n \"configuration\": {\n \"action_mode\": \"REPLACE_ON_FAILURE\",\n \"capabilities\": \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\",\n \"output_file_name\": \"CreateStackOutput.json\",\n \"stack_name\": \"MyStack\",\n \"template_path\": \"build_output::sam-templated.yaml\",\n },\n }],\n },\n ])\ncodepipeline_bucket_pab = aws.s3.BucketPublicAccessBlock(\"codepipeline_bucket_pab\",\n bucket=codepipeline_bucket.id,\n block_public_acls=True,\n block_public_policy=True,\n ignore_public_acls=True,\n restrict_public_buckets=True)\ncodepipeline_policy = aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n ],\n \"resources\": [\n codepipeline_bucket.arn,\n codepipeline_bucket.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"codestar-connections:UseConnection\"],\n \"resources\": [example.arn],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\",\n ],\n \"resources\": [\"*\"],\n },\n])\ncodepipeline_policy_role_policy = aws.iam.RolePolicy(\"codepipeline_policy\",\n name=\"codepipeline_policy\",\n role=codepipeline_role.id,\n policy=codepipeline_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeStarConnections.Connection(\"example\", new()\n {\n Name = \"example-connection\",\n ProviderType = \"GitHub\",\n });\n\n var codepipelineBucket = new Aws.S3.BucketV2(\"codepipeline_bucket\", new()\n {\n Bucket = \"test-bucket\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"codepipeline.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var codepipelineRole = new Aws.Iam.Role(\"codepipeline_role\", new()\n {\n Name = \"test-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var s3kmskey = Aws.Kms.GetAlias.Invoke(new()\n {\n Name = \"alias/myKmsKey\",\n });\n\n var codepipeline = new Aws.CodePipeline.Pipeline(\"codepipeline\", new()\n {\n Name = \"tf-test-pipeline\",\n RoleArn = codepipelineRole.Arn,\n ArtifactStores = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineArtifactStoreArgs\n {\n Location = codepipelineBucket.Bucket,\n Type = \"S3\",\n EncryptionKey = new Aws.CodePipeline.Inputs.PipelineArtifactStoreEncryptionKeyArgs\n {\n Id = s3kmskey.Apply(getAliasResult =\u003e getAliasResult.Arn),\n Type = \"KMS\",\n },\n },\n },\n Stages = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Name = \"Source\",\n Actions = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageActionArgs\n {\n Name = \"Source\",\n Category = \"Source\",\n Owner = \"AWS\",\n Provider = \"CodeStarSourceConnection\",\n Version = \"1\",\n OutputArtifacts = new[]\n {\n \"source_output\",\n },\n Configuration = \n {\n { \"ConnectionArn\", example.Arn },\n { \"FullRepositoryId\", \"my-organization/example\" },\n { \"BranchName\", \"main\" },\n },\n },\n },\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Name = \"Build\",\n Actions = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageActionArgs\n {\n Name = \"Build\",\n Category = \"Build\",\n Owner = \"AWS\",\n Provider = \"CodeBuild\",\n InputArtifacts = new[]\n {\n \"source_output\",\n },\n OutputArtifacts = new[]\n {\n \"build_output\",\n },\n Version = \"1\",\n Configuration = \n {\n { \"ProjectName\", \"test\" },\n },\n },\n },\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Name = \"Deploy\",\n Actions = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageActionArgs\n {\n Name = \"Deploy\",\n Category = \"Deploy\",\n Owner = \"AWS\",\n Provider = \"CloudFormation\",\n InputArtifacts = new[]\n {\n \"build_output\",\n },\n Version = \"1\",\n Configuration = \n {\n { \"ActionMode\", \"REPLACE_ON_FAILURE\" },\n { \"Capabilities\", \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\" },\n { \"OutputFileName\", \"CreateStackOutput.json\" },\n { \"StackName\", \"MyStack\" },\n { \"TemplatePath\", \"build_output::sam-templated.yaml\" },\n },\n },\n },\n },\n },\n });\n\n var codepipelineBucketPab = new Aws.S3.BucketPublicAccessBlock(\"codepipeline_bucket_pab\", new()\n {\n Bucket = codepipelineBucket.Id,\n BlockPublicAcls = true,\n BlockPublicPolicy = true,\n IgnorePublicAcls = true,\n RestrictPublicBuckets = true,\n });\n\n var codepipelinePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n codepipelineBucket.Arn,\n $\"{codepipelineBucket.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"codestar-connections:UseConnection\",\n },\n Resources = new[]\n {\n example.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var codepipelinePolicyRolePolicy = new Aws.Iam.RolePolicy(\"codepipeline_policy\", new()\n {\n Name = \"codepipeline_policy\",\n Role = codepipelineRole.Id,\n Policy = codepipelinePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codepipeline\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codestarconnections.NewConnection(ctx, \"example\", \u0026codestarconnections.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example-connection\"),\n\t\t\tProviderType: pulumi.String(\"GitHub\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcodepipelineBucket, err := s3.NewBucketV2(ctx, \"codepipeline_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"codepipeline.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcodepipelineRole, err := iam.NewRole(ctx, \"codepipeline_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3kmskey, err := kms.LookupAlias(ctx, \u0026kms.LookupAliasArgs{\n\t\t\tName: \"alias/myKmsKey\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codepipeline.NewPipeline(ctx, \"codepipeline\", \u0026codepipeline.PipelineArgs{\n\t\t\tName: pulumi.String(\"tf-test-pipeline\"),\n\t\t\tRoleArn: codepipelineRole.Arn,\n\t\t\tArtifactStores: codepipeline.PipelineArtifactStoreArray{\n\t\t\t\t\u0026codepipeline.PipelineArtifactStoreArgs{\n\t\t\t\t\tLocation: codepipelineBucket.Bucket,\n\t\t\t\t\tType: pulumi.String(\"S3\"),\n\t\t\t\t\tEncryptionKey: \u0026codepipeline.PipelineArtifactStoreEncryptionKeyArgs{\n\t\t\t\t\t\tId: pulumi.String(s3kmskey.Arn),\n\t\t\t\t\t\tType: pulumi.String(\"KMS\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tStages: codepipeline.PipelineStageArray{\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tName: pulumi.String(\"Source\"),\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\t\u0026codepipeline.PipelineStageActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Source\"),\n\t\t\t\t\t\t\tCategory: pulumi.String(\"Source\"),\n\t\t\t\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tProvider: pulumi.String(\"CodeStarSourceConnection\"),\n\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\tOutputArtifacts: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"source_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tConfiguration: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"ConnectionArn\": example.Arn,\n\t\t\t\t\t\t\t\t\"FullRepositoryId\": pulumi.String(\"my-organization/example\"),\n\t\t\t\t\t\t\t\t\"BranchName\": pulumi.String(\"main\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tName: pulumi.String(\"Build\"),\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\t\u0026codepipeline.PipelineStageActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Build\"),\n\t\t\t\t\t\t\tCategory: pulumi.String(\"Build\"),\n\t\t\t\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tProvider: pulumi.String(\"CodeBuild\"),\n\t\t\t\t\t\t\tInputArtifacts: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"source_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tOutputArtifacts: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"build_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\tConfiguration: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"ProjectName\": pulumi.String(\"test\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tName: pulumi.String(\"Deploy\"),\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\t\u0026codepipeline.PipelineStageActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Deploy\"),\n\t\t\t\t\t\t\tCategory: pulumi.String(\"Deploy\"),\n\t\t\t\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tProvider: pulumi.String(\"CloudFormation\"),\n\t\t\t\t\t\t\tInputArtifacts: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"build_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\tConfiguration: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"ActionMode\": pulumi.String(\"REPLACE_ON_FAILURE\"),\n\t\t\t\t\t\t\t\t\"Capabilities\": pulumi.String(\"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\"),\n\t\t\t\t\t\t\t\t\"OutputFileName\": pulumi.String(\"CreateStackOutput.json\"),\n\t\t\t\t\t\t\t\t\"StackName\": pulumi.String(\"MyStack\"),\n\t\t\t\t\t\t\t\t\"TemplatePath\": pulumi.String(\"build_output::sam-templated.yaml\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPublicAccessBlock(ctx, \"codepipeline_bucket_pab\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBucket: codepipelineBucket.ID(),\n\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\tBlockPublicPolicy: pulumi.Bool(true),\n\t\t\tIgnorePublicAcls: pulumi.Bool(true),\n\t\t\tRestrictPublicBuckets: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcodepipelinePolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersion\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketVersioning\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObjectAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tcodepipelineBucket.Arn,\n\t\t\t\t\t\tcodepipelineBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"codestar-connections:UseConnection\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"codebuild:BatchGetBuilds\"),\n\t\t\t\t\t\tpulumi.String(\"codebuild:StartBuild\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"codepipeline_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"codepipeline_policy\"),\n\t\t\tRole: codepipelineRole.ID(),\n\t\t\tPolicy: pulumi.String(codepipelinePolicy.ApplyT(func(codepipelinePolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026codepipelinePolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codestarconnections.Connection;\nimport com.pulumi.aws.codestarconnections.ConnectionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetAliasArgs;\nimport com.pulumi.aws.codepipeline.Pipeline;\nimport com.pulumi.aws.codepipeline.PipelineArgs;\nimport com.pulumi.aws.codepipeline.inputs.PipelineArtifactStoreArgs;\nimport com.pulumi.aws.codepipeline.inputs.PipelineArtifactStoreEncryptionKeyArgs;\nimport com.pulumi.aws.codepipeline.inputs.PipelineStageArgs;\nimport com.pulumi.aws.s3.BucketPublicAccessBlock;\nimport com.pulumi.aws.s3.BucketPublicAccessBlockArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"example-connection\")\n .providerType(\"GitHub\")\n .build());\n\n var codepipelineBucket = new BucketV2(\"codepipelineBucket\", BucketV2Args.builder()\n .bucket(\"test-bucket\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"codepipeline.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var codepipelineRole = new Role(\"codepipelineRole\", RoleArgs.builder()\n .name(\"test-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var s3kmskey = KmsFunctions.getAlias(GetAliasArgs.builder()\n .name(\"alias/myKmsKey\")\n .build());\n\n var codepipeline = new Pipeline(\"codepipeline\", PipelineArgs.builder()\n .name(\"tf-test-pipeline\")\n .roleArn(codepipelineRole.arn())\n .artifactStores(PipelineArtifactStoreArgs.builder()\n .location(codepipelineBucket.bucket())\n .type(\"S3\")\n .encryptionKey(PipelineArtifactStoreEncryptionKeyArgs.builder()\n .id(s3kmskey.applyValue(getAliasResult -\u003e getAliasResult.arn()))\n .type(\"KMS\")\n .build())\n .build())\n .stages( \n PipelineStageArgs.builder()\n .name(\"Source\")\n .actions(PipelineStageActionArgs.builder()\n .name(\"Source\")\n .category(\"Source\")\n .owner(\"AWS\")\n .provider(\"CodeStarSourceConnection\")\n .version(\"1\")\n .outputArtifacts(\"source_output\")\n .configuration(Map.ofEntries(\n Map.entry(\"ConnectionArn\", example.arn()),\n Map.entry(\"FullRepositoryId\", \"my-organization/example\"),\n Map.entry(\"BranchName\", \"main\")\n ))\n .build())\n .build(),\n PipelineStageArgs.builder()\n .name(\"Build\")\n .actions(PipelineStageActionArgs.builder()\n .name(\"Build\")\n .category(\"Build\")\n .owner(\"AWS\")\n .provider(\"CodeBuild\")\n .inputArtifacts(\"source_output\")\n .outputArtifacts(\"build_output\")\n .version(\"1\")\n .configuration(Map.of(\"ProjectName\", \"test\"))\n .build())\n .build(),\n PipelineStageArgs.builder()\n .name(\"Deploy\")\n .actions(PipelineStageActionArgs.builder()\n .name(\"Deploy\")\n .category(\"Deploy\")\n .owner(\"AWS\")\n .provider(\"CloudFormation\")\n .inputArtifacts(\"build_output\")\n .version(\"1\")\n .configuration(Map.ofEntries(\n Map.entry(\"ActionMode\", \"REPLACE_ON_FAILURE\"),\n Map.entry(\"Capabilities\", \"CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\"),\n Map.entry(\"OutputFileName\", \"CreateStackOutput.json\"),\n Map.entry(\"StackName\", \"MyStack\"),\n Map.entry(\"TemplatePath\", \"build_output::sam-templated.yaml\")\n ))\n .build())\n .build())\n .build());\n\n var codepipelineBucketPab = new BucketPublicAccessBlock(\"codepipelineBucketPab\", BucketPublicAccessBlockArgs.builder()\n .bucket(codepipelineBucket.id())\n .blockPublicAcls(true)\n .blockPublicPolicy(true)\n .ignorePublicAcls(true)\n .restrictPublicBuckets(true)\n .build());\n\n final var codepipelinePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetBucketVersioning\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\")\n .resources( \n codepipelineBucket.arn(),\n codepipelineBucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"codestar-connections:UseConnection\")\n .resources(example.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"codebuild:BatchGetBuilds\",\n \"codebuild:StartBuild\")\n .resources(\"*\")\n .build())\n .build());\n\n var codepipelinePolicyRolePolicy = new RolePolicy(\"codepipelinePolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"codepipeline_policy\")\n .role(codepipelineRole.id())\n .policy(codepipelinePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(codepipelinePolicy -\u003e codepipelinePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n codepipeline:\n type: aws:codepipeline:Pipeline\n properties:\n name: tf-test-pipeline\n roleArn: ${codepipelineRole.arn}\n artifactStores:\n - location: ${codepipelineBucket.bucket}\n type: S3\n encryptionKey:\n id: ${s3kmskey.arn}\n type: KMS\n stages:\n - name: Source\n actions:\n - name: Source\n category: Source\n owner: AWS\n provider: CodeStarSourceConnection\n version: '1'\n outputArtifacts:\n - source_output\n configuration:\n ConnectionArn: ${example.arn}\n FullRepositoryId: my-organization/example\n BranchName: main\n - name: Build\n actions:\n - name: Build\n category: Build\n owner: AWS\n provider: CodeBuild\n inputArtifacts:\n - source_output\n outputArtifacts:\n - build_output\n version: '1'\n configuration:\n ProjectName: test\n - name: Deploy\n actions:\n - name: Deploy\n category: Deploy\n owner: AWS\n provider: CloudFormation\n inputArtifacts:\n - build_output\n version: '1'\n configuration:\n ActionMode: REPLACE_ON_FAILURE\n Capabilities: CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM\n OutputFileName: CreateStackOutput.json\n StackName: MyStack\n TemplatePath: build_output::sam-templated.yaml\n example:\n type: aws:codestarconnections:Connection\n properties:\n name: example-connection\n providerType: GitHub\n codepipelineBucket:\n type: aws:s3:BucketV2\n name: codepipeline_bucket\n properties:\n bucket: test-bucket\n codepipelineBucketPab:\n type: aws:s3:BucketPublicAccessBlock\n name: codepipeline_bucket_pab\n properties:\n bucket: ${codepipelineBucket.id}\n blockPublicAcls: true\n blockPublicPolicy: true\n ignorePublicAcls: true\n restrictPublicBuckets: true\n codepipelineRole:\n type: aws:iam:Role\n name: codepipeline_role\n properties:\n name: test-role\n assumeRolePolicy: ${assumeRole.json}\n codepipelinePolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: codepipeline_policy\n properties:\n name: codepipeline_policy\n role: ${codepipelineRole.id}\n policy: ${codepipelinePolicy.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - codepipeline.amazonaws.com\n actions:\n - sts:AssumeRole\n codepipelinePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:GetObject\n - s3:GetObjectVersion\n - s3:GetBucketVersioning\n - s3:PutObjectAcl\n - s3:PutObject\n resources:\n - ${codepipelineBucket.arn}\n - ${codepipelineBucket.arn}/*\n - effect: Allow\n actions:\n - codestar-connections:UseConnection\n resources:\n - ${example.arn}\n - effect: Allow\n actions:\n - codebuild:BatchGetBuilds\n - codebuild:StartBuild\n resources:\n - '*'\n s3kmskey:\n fn::invoke:\n Function: aws:kms:getAlias\n Arguments:\n name: alias/myKmsKey\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodePipelines using the name. For example:\n\n```sh\n$ pulumi import aws:codepipeline/pipeline:Pipeline foo example\n```\n", "properties": { "arn": { "type": "string", "description": "The codepipeline ARN.\n" }, "artifactStores": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore" }, "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "executionMode": { "type": "string", "description": "The method that the pipeline will use to handle multiple executions. The default mode is `SUPERSEDED`. For value values, refer to the [AWS documentation](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PipelineDeclaration.html#CodePipeline-Type-PipelineDeclaration-executionMode).\n\n**Note:** `QUEUED` or `PARALLEL` mode can only be used with V2 pipelines.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n" }, "pipelineType": { "type": "string", "description": "Type of the pipeline. Possible values are: `V1` and `V2`. Default value is `V1`.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineTrigger:PipelineTrigger" }, "description": "A trigger block. Valid only when `pipeline_type` is `V2`. Triggers are documented below.\n" }, "variables": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineVariable:PipelineVariable" }, "description": "A pipeline-level variable block. Valid only when `pipeline_type` is `V2`. Variable are documented below.\n" } }, "required": [ "arn", "artifactStores", "name", "roleArn", "stages", "tagsAll", "triggers" ], "inputProperties": { "artifactStores": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore" }, "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "executionMode": { "type": "string", "description": "The method that the pipeline will use to handle multiple executions. The default mode is `SUPERSEDED`. For value values, refer to the [AWS documentation](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PipelineDeclaration.html#CodePipeline-Type-PipelineDeclaration-executionMode).\n\n**Note:** `QUEUED` or `PARALLEL` mode can only be used with V2 pipelines.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true }, "pipelineType": { "type": "string", "description": "Type of the pipeline. Possible values are: `V1` and `V2`. Default value is `V1`.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineTrigger:PipelineTrigger" }, "description": "A trigger block. Valid only when `pipeline_type` is `V2`. Triggers are documented below.\n" }, "variables": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineVariable:PipelineVariable" }, "description": "A pipeline-level variable block. Valid only when `pipeline_type` is `V2`. Variable are documented below.\n" } }, "requiredInputs": [ "artifactStores", "roleArn", "stages" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "arn": { "type": "string", "description": "The codepipeline ARN.\n" }, "artifactStores": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineArtifactStore:PipelineArtifactStore" }, "description": "One or more artifact_store blocks. Artifact stores are documented below.\n" }, "executionMode": { "type": "string", "description": "The method that the pipeline will use to handle multiple executions. The default mode is `SUPERSEDED`. For value values, refer to the [AWS documentation](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PipelineDeclaration.html#CodePipeline-Type-PipelineDeclaration-executionMode).\n\n**Note:** `QUEUED` or `PARALLEL` mode can only be used with V2 pipelines.\n" }, "name": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true }, "pipelineType": { "type": "string", "description": "Type of the pipeline. Possible values are: `V1` and `V2`. Default value is `V1`.\n" }, "roleArn": { "type": "string", "description": "A service role Amazon Resource Name (ARN) that grants AWS CodePipeline permission to make calls to AWS services on your behalf.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineStage:PipelineStage" }, "description": "A stage block. Stages are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "triggers": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineTrigger:PipelineTrigger" }, "description": "A trigger block. Valid only when `pipeline_type` is `V2`. Triggers are documented below.\n" }, "variables": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/PipelineVariable:PipelineVariable" }, "description": "A pipeline-level variable block. Valid only when `pipeline_type` is `V2`. Variable are documented below.\n" } }, "type": "object" } }, "aws:codepipeline/webhook:Webhook": { "description": "Provides a CodePipeline Webhook.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n bar:\n type: aws:codepipeline:Pipeline\n properties:\n name: tf-test-pipeline\n roleArn: ${barAwsIamRole.arn}\n artifactStores:\n - location: ${barAwsS3Bucket.bucket}\n type: S3\n encryptionKey:\n id: ${s3kmskey.arn}\n type: KMS\n stages:\n - name: Source\n actions:\n - name: Source\n category: Source\n owner: ThirdParty\n provider: GitHub\n version: '1'\n outputArtifacts:\n - test\n configuration:\n Owner: my-organization\n Repo: test\n Branch: master\n - name: Build\n actions:\n - name: Build\n category: Build\n owner: AWS\n provider: CodeBuild\n inputArtifacts:\n - test\n version: '1'\n configuration:\n ProjectName: test\n barWebhook:\n type: aws:codepipeline:Webhook\n name: bar\n properties:\n name: test-webhook-github-bar\n authentication: GITHUB_HMAC\n targetAction: Source\n targetPipeline: ${bar.name}\n authenticationConfiguration:\n secretToken: ${webhookSecret}\n filters:\n - jsonPath: $.ref\n matchEquals: refs/heads/{Branch}\n # Wire the CodePipeline webhook into a GitHub repository.\n barRepositoryWebhook:\n type: github:RepositoryWebhook\n name: bar\n properties:\n repository: ${repo.name}\n name: web\n configuration:\n url: ${barWebhook.url}\n contentType: json\n insecureSsl: true\n secret: ${webhookSecret}\n events:\n - push\nvariables:\n webhookSecret: super-secret\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodePipeline Webhooks using their ARN. For example:\n\n```sh\n$ pulumi import aws:codepipeline/webhook:Webhook example arn:aws:codepipeline:us-west-2:123456789012:webhook:example\n```\n", "properties": { "arn": { "type": "string", "description": "The CodePipeline webhook's ARN.\n" }, "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n" }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n" }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n" }, "url": { "type": "string", "description": "The CodePipeline webhook's URL. POST events to this endpoint to trigger the target.\n" } }, "required": [ "arn", "authentication", "filters", "name", "tagsAll", "targetAction", "targetPipeline", "url" ], "inputProperties": { "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n", "willReplaceOnChanges": true }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n", "willReplaceOnChanges": true }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n", "willReplaceOnChanges": true }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authentication", "filters", "targetAction", "targetPipeline" ], "stateInputs": { "description": "Input properties used for looking up and filtering Webhook resources.\n", "properties": { "arn": { "type": "string", "description": "The CodePipeline webhook's ARN.\n" }, "authentication": { "type": "string", "description": "The type of authentication to use. One of `IP`, `GITHUB_HMAC`, or `UNAUTHENTICATED`.\n", "willReplaceOnChanges": true }, "authenticationConfiguration": { "$ref": "#/types/aws:codepipeline/WebhookAuthenticationConfiguration:WebhookAuthenticationConfiguration", "description": "An `auth` block. Required for `IP` and `GITHUB_HMAC`. Auth blocks are documented below.\n", "willReplaceOnChanges": true }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:codepipeline/WebhookFilter:WebhookFilter" }, "description": "One or more `filter` blocks. Filter blocks are documented below.\n" }, "name": { "type": "string", "description": "The name of the webhook.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetAction": { "type": "string", "description": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.\n", "willReplaceOnChanges": true }, "targetPipeline": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true }, "url": { "type": "string", "description": "The CodePipeline webhook's URL. POST events to this endpoint to trigger the target.\n" } }, "type": "object" } }, "aws:codestarconnections/connection:Connection": { "description": "Provides a CodeStar Connection.\n\n\u003e **NOTE:** The `aws.codestarconnections.Connection` resource is created in the state `PENDING`. Authentication with the connection provider must be completed in the AWS Console. See the [AWS documentation](https://docs.aws.amazon.com/dtconsole/latest/userguide/connections-update.html) for details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codestarconnections.Connection(\"example\", {\n name: \"example-connection\",\n providerType: \"Bitbucket\",\n});\nconst examplePipeline = new aws.codepipeline.Pipeline(\"example\", {\n artifactStores: [{}],\n stages: [\n {\n name: \"Source\",\n actions: [{\n name: \"Source\",\n category: \"Source\",\n owner: \"AWS\",\n provider: \"CodeStarSourceConnection\",\n version: \"1\",\n outputArtifacts: [\"source_output\"],\n configuration: {\n ConnectionArn: example.arn,\n FullRepositoryId: \"my-organization/test\",\n BranchName: \"main\",\n },\n }],\n },\n {\n actions: [{}],\n name: \"Build\",\n },\n {\n actions: [{}],\n name: \"Deploy\",\n },\n ],\n name: \"tf-test-pipeline\",\n roleArn: codepipelineRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codestarconnections.Connection(\"example\",\n name=\"example-connection\",\n provider_type=\"Bitbucket\")\nexample_pipeline = aws.codepipeline.Pipeline(\"example\",\n artifact_stores=[{}],\n stages=[\n {\n \"name\": \"Source\",\n \"actions\": [{\n \"name\": \"Source\",\n \"category\": \"Source\",\n \"owner\": \"AWS\",\n \"provider\": \"CodeStarSourceConnection\",\n \"version\": \"1\",\n \"output_artifacts\": [\"source_output\"],\n \"configuration\": {\n \"connection_arn\": example.arn,\n \"full_repository_id\": \"my-organization/test\",\n \"branch_name\": \"main\",\n },\n }],\n },\n {\n \"actions\": [{}],\n \"name\": \"Build\",\n },\n {\n \"actions\": [{}],\n \"name\": \"Deploy\",\n },\n ],\n name=\"tf-test-pipeline\",\n role_arn=codepipeline_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeStarConnections.Connection(\"example\", new()\n {\n Name = \"example-connection\",\n ProviderType = \"Bitbucket\",\n });\n\n var examplePipeline = new Aws.CodePipeline.Pipeline(\"example\", new()\n {\n ArtifactStores = new[]\n {\n null,\n },\n Stages = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Name = \"Source\",\n Actions = new[]\n {\n new Aws.CodePipeline.Inputs.PipelineStageActionArgs\n {\n Name = \"Source\",\n Category = \"Source\",\n Owner = \"AWS\",\n Provider = \"CodeStarSourceConnection\",\n Version = \"1\",\n OutputArtifacts = new[]\n {\n \"source_output\",\n },\n Configuration = \n {\n { \"ConnectionArn\", example.Arn },\n { \"FullRepositoryId\", \"my-organization/test\" },\n { \"BranchName\", \"main\" },\n },\n },\n },\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Actions = new[]\n {\n null,\n },\n Name = \"Build\",\n },\n new Aws.CodePipeline.Inputs.PipelineStageArgs\n {\n Actions = new[]\n {\n null,\n },\n Name = \"Deploy\",\n },\n },\n Name = \"tf-test-pipeline\",\n RoleArn = codepipelineRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codepipeline\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codestarconnections.NewConnection(ctx, \"example\", \u0026codestarconnections.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example-connection\"),\n\t\t\tProviderType: pulumi.String(\"Bitbucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codepipeline.NewPipeline(ctx, \"example\", \u0026codepipeline.PipelineArgs{\n\t\t\tArtifactStores: codepipeline.PipelineArtifactStoreArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tStages: codepipeline.PipelineStageArray{\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tName: pulumi.String(\"Source\"),\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\t\u0026codepipeline.PipelineStageActionArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Source\"),\n\t\t\t\t\t\t\tCategory: pulumi.String(\"Source\"),\n\t\t\t\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tProvider: pulumi.String(\"CodeStarSourceConnection\"),\n\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\tOutputArtifacts: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"source_output\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tConfiguration: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"ConnectionArn\": example.Arn,\n\t\t\t\t\t\t\t\t\"FullRepositoryId\": pulumi.String(\"my-organization/test\"),\n\t\t\t\t\t\t\t\t\"BranchName\": pulumi.String(\"main\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"Build\"),\n\t\t\t\t},\n\t\t\t\t\u0026codepipeline.PipelineStageArgs{\n\t\t\t\t\tActions: codepipeline.PipelineStageActionArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tName: pulumi.String(\"Deploy\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"tf-test-pipeline\"),\n\t\t\tRoleArn: pulumi.Any(codepipelineRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codestarconnections.Connection;\nimport com.pulumi.aws.codestarconnections.ConnectionArgs;\nimport com.pulumi.aws.codepipeline.Pipeline;\nimport com.pulumi.aws.codepipeline.PipelineArgs;\nimport com.pulumi.aws.codepipeline.inputs.PipelineArtifactStoreArgs;\nimport com.pulumi.aws.codepipeline.inputs.PipelineStageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"example-connection\")\n .providerType(\"Bitbucket\")\n .build());\n\n var examplePipeline = new Pipeline(\"examplePipeline\", PipelineArgs.builder()\n .artifactStores()\n .stages( \n PipelineStageArgs.builder()\n .name(\"Source\")\n .actions(PipelineStageActionArgs.builder()\n .name(\"Source\")\n .category(\"Source\")\n .owner(\"AWS\")\n .provider(\"CodeStarSourceConnection\")\n .version(\"1\")\n .outputArtifacts(\"source_output\")\n .configuration(Map.ofEntries(\n Map.entry(\"ConnectionArn\", example.arn()),\n Map.entry(\"FullRepositoryId\", \"my-organization/test\"),\n Map.entry(\"BranchName\", \"main\")\n ))\n .build())\n .build(),\n PipelineStageArgs.builder()\n .actions()\n .name(\"Build\")\n .build(),\n PipelineStageArgs.builder()\n .actions()\n .name(\"Deploy\")\n .build())\n .name(\"tf-test-pipeline\")\n .roleArn(codepipelineRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codestarconnections:Connection\n properties:\n name: example-connection\n providerType: Bitbucket\n examplePipeline:\n type: aws:codepipeline:Pipeline\n name: example\n properties:\n artifactStores:\n - {}\n stages:\n - name: Source\n actions:\n - name: Source\n category: Source\n owner: AWS\n provider: CodeStarSourceConnection\n version: '1'\n outputArtifacts:\n - source_output\n configuration:\n ConnectionArn: ${example.arn}\n FullRepositoryId: my-organization/test\n BranchName: main\n - actions:\n - {}\n name: Build\n - actions:\n - {}\n name: Deploy\n name: tf-test-pipeline\n roleArn: ${codepipelineRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeStar connections using the ARN. For example:\n\n```sh\n$ pulumi import aws:codestarconnections/connection:Connection test-connection arn:aws:codestar-connections:us-west-1:0123456789:connection/79d4d357-a2ee-41e4-b350-2fe39ae59448\n```\n", "properties": { "arn": { "type": "string", "description": "The codestar connection ARN.\n" }, "connectionStatus": { "type": "string", "description": "The codestar connection status. Possible values are `PENDING`, `AVAILABLE` and `ERROR`.\n" }, "hostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the host associated with the connection. Conflicts with `provider_type`\n" }, "name": { "type": "string", "description": "The name of the connection to be created. The name must be unique in the calling AWS account. Changing `name` will create a new resource.\n" }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured. Valid values are `Bitbucket`, `GitHub`, `GitHubEnterpriseServer`, `GitLab` or `GitLabSelfManaged`. Changing `provider_type` will create a new resource. Conflicts with `host_arn`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "connectionStatus", "name", "providerType", "tagsAll" ], "inputProperties": { "hostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the host associated with the connection. Conflicts with `provider_type`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection to be created. The name must be unique in the calling AWS account. Changing `name` will create a new resource.\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured. Valid values are `Bitbucket`, `GitHub`, `GitHubEnterpriseServer`, `GitLab` or `GitLabSelfManaged`. Changing `provider_type` will create a new resource. Conflicts with `host_arn`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "The codestar connection ARN.\n" }, "connectionStatus": { "type": "string", "description": "The codestar connection status. Possible values are `PENDING`, `AVAILABLE` and `ERROR`.\n" }, "hostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the host associated with the connection. Conflicts with `provider_type`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection to be created. The name must be unique in the calling AWS account. Changing `name` will create a new resource.\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured. Valid values are `Bitbucket`, `GitHub`, `GitHubEnterpriseServer`, `GitLab` or `GitLabSelfManaged`. Changing `provider_type` will create a new resource. Conflicts with `host_arn`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:codestarconnections/host:Host": { "description": "Provides a CodeStar Host.\n\n\u003e **NOTE:** The `aws.codestarconnections.Host` resource is created in the state `PENDING`. Authentication with the host provider must be completed in the AWS Console. For more information visit [Set up a pending host](https://docs.aws.amazon.com/dtconsole/latest/userguide/connections-host-setup.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codestarconnections.Host(\"example\", {\n name: \"example-host\",\n providerEndpoint: \"https://example.com\",\n providerType: \"GitHubEnterpriseServer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codestarconnections.Host(\"example\",\n name=\"example-host\",\n provider_endpoint=\"https://example.com\",\n provider_type=\"GitHubEnterpriseServer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeStarConnections.Host(\"example\", new()\n {\n Name = \"example-host\",\n ProviderEndpoint = \"https://example.com\",\n ProviderType = \"GitHubEnterpriseServer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codestarconnections.NewHost(ctx, \"example\", \u0026codestarconnections.HostArgs{\n\t\t\tName: pulumi.String(\"example-host\"),\n\t\t\tProviderEndpoint: pulumi.String(\"https://example.com\"),\n\t\t\tProviderType: pulumi.String(\"GitHubEnterpriseServer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codestarconnections.Host;\nimport com.pulumi.aws.codestarconnections.HostArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Host(\"example\", HostArgs.builder()\n .name(\"example-host\")\n .providerEndpoint(\"https://example.com\")\n .providerType(\"GitHubEnterpriseServer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codestarconnections:Host\n properties:\n name: example-host\n providerEndpoint: https://example.com\n providerType: GitHubEnterpriseServer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeStar Host using the ARN. For example:\n\n```sh\n$ pulumi import aws:codestarconnections/host:Host example-host arn:aws:codestar-connections:us-west-1:0123456789:host/79d4d357-a2ee-41e4-b350-2fe39ae59448\n```\n", "properties": { "arn": { "type": "string", "description": "The CodeStar Host ARN.\n" }, "name": { "type": "string", "description": "The name of the host to be created. The name must be unique in the calling AWS account.\n" }, "providerEndpoint": { "type": "string", "description": "The endpoint of the infrastructure to be represented by the host after it is created.\n" }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured.\n" }, "status": { "type": "string", "description": "The CodeStar Host status. Possible values are `PENDING`, `AVAILABLE`, `VPC_CONFIG_DELETING`, `VPC_CONFIG_INITIALIZING`, and `VPC_CONFIG_FAILED_INITIALIZATION`.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:codestarconnections/HostVpcConfiguration:HostVpcConfiguration", "description": "The VPC configuration to be provisioned for the host. A VPC must be configured, and the infrastructure to be represented by the host must already be connected to the VPC.\n" } }, "required": [ "arn", "name", "providerEndpoint", "providerType", "status" ], "inputProperties": { "name": { "type": "string", "description": "The name of the host to be created. The name must be unique in the calling AWS account.\n", "willReplaceOnChanges": true }, "providerEndpoint": { "type": "string", "description": "The endpoint of the infrastructure to be represented by the host after it is created.\n" }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured.\n", "willReplaceOnChanges": true }, "vpcConfiguration": { "$ref": "#/types/aws:codestarconnections/HostVpcConfiguration:HostVpcConfiguration", "description": "The VPC configuration to be provisioned for the host. A VPC must be configured, and the infrastructure to be represented by the host must already be connected to the VPC.\n" } }, "requiredInputs": [ "providerEndpoint", "providerType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Host resources.\n", "properties": { "arn": { "type": "string", "description": "The CodeStar Host ARN.\n" }, "name": { "type": "string", "description": "The name of the host to be created. The name must be unique in the calling AWS account.\n", "willReplaceOnChanges": true }, "providerEndpoint": { "type": "string", "description": "The endpoint of the infrastructure to be represented by the host after it is created.\n" }, "providerType": { "type": "string", "description": "The name of the external provider where your third-party code repository is configured.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The CodeStar Host status. Possible values are `PENDING`, `AVAILABLE`, `VPC_CONFIG_DELETING`, `VPC_CONFIG_INITIALIZING`, and `VPC_CONFIG_FAILED_INITIALIZATION`.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:codestarconnections/HostVpcConfiguration:HostVpcConfiguration", "description": "The VPC configuration to be provisioned for the host. A VPC must be configured, and the infrastructure to be represented by the host must already be connected to the VPC.\n" } }, "type": "object" } }, "aws:codestarnotifications/notificationRule:NotificationRule": { "description": "Provides a CodeStar Notifications Rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst code = new aws.codecommit.Repository(\"code\", {repositoryName: \"example-code-repo\"});\nconst notif = new aws.sns.Topic(\"notif\", {name: \"notification\"});\nconst notifAccess = notif.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sns:Publish\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"codestar-notifications.amazonaws.com\"],\n }],\n resources: [arn],\n }],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: notif.arn,\n policy: notifAccess.apply(notifAccess =\u003e notifAccess.json),\n});\nconst commits = new aws.codestarnotifications.NotificationRule(\"commits\", {\n detailType: \"BASIC\",\n eventTypeIds: [\"codecommit-repository-comments-on-commits\"],\n name: \"example-code-repo-commits\",\n resource: code.arn,\n targets: [{\n address: notif.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncode = aws.codecommit.Repository(\"code\", repository_name=\"example-code-repo\")\nnotif = aws.sns.Topic(\"notif\", name=\"notification\")\nnotif_access = notif.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"sns:Publish\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"codestar-notifications.amazonaws.com\"],\n }],\n \"resources\": [arn],\n}]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=notif.arn,\n policy=notif_access.json)\ncommits = aws.codestarnotifications.NotificationRule(\"commits\",\n detail_type=\"BASIC\",\n event_type_ids=[\"codecommit-repository-comments-on-commits\"],\n name=\"example-code-repo-commits\",\n resource=code.arn,\n targets=[{\n \"address\": notif.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var code = new Aws.CodeCommit.Repository(\"code\", new()\n {\n RepositoryName = \"example-code-repo\",\n });\n\n var notif = new Aws.Sns.Topic(\"notif\", new()\n {\n Name = \"notification\",\n });\n\n var notifAccess = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sns:Publish\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"codestar-notifications.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n notif.Arn,\n },\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = notif.Arn,\n Policy = notifAccess.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var commits = new Aws.CodeStarNotifications.NotificationRule(\"commits\", new()\n {\n DetailType = \"BASIC\",\n EventTypeIds = new[]\n {\n \"codecommit-repository-comments-on-commits\",\n },\n Name = \"example-code-repo-commits\",\n Resource = code.Arn,\n Targets = new[]\n {\n new Aws.CodeStarNotifications.Inputs.NotificationRuleTargetArgs\n {\n Address = notif.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarnotifications\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncode, err := codecommit.NewRepository(ctx, \"code\", \u0026codecommit.RepositoryArgs{\nRepositoryName: pulumi.String(\"example-code-repo\"),\n})\nif err != nil {\nreturn err\n}\nnotif, err := sns.NewTopic(ctx, \"notif\", \u0026sns.TopicArgs{\nName: pulumi.String(\"notification\"),\n})\nif err != nil {\nreturn err\n}\nnotifAccess := notif.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"sns:Publish\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"codestar-notifications.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\narn,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: notif.Arn,\nPolicy: pulumi.String(notifAccess.ApplyT(func(notifAccess iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026notifAccess.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\n_, err = codestarnotifications.NewNotificationRule(ctx, \"commits\", \u0026codestarnotifications.NotificationRuleArgs{\nDetailType: pulumi.String(\"BASIC\"),\nEventTypeIds: pulumi.StringArray{\npulumi.String(\"codecommit-repository-comments-on-commits\"),\n},\nName: pulumi.String(\"example-code-repo-commits\"),\nResource: code.Arn,\nTargets: codestarnotifications.NotificationRuleTargetArray{\n\u0026codestarnotifications.NotificationRuleTargetArgs{\nAddress: notif.Arn,\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.Repository;\nimport com.pulumi.aws.codecommit.RepositoryArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.codestarnotifications.NotificationRule;\nimport com.pulumi.aws.codestarnotifications.NotificationRuleArgs;\nimport com.pulumi.aws.codestarnotifications.inputs.NotificationRuleTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var code = new Repository(\"code\", RepositoryArgs.builder()\n .repositoryName(\"example-code-repo\")\n .build());\n\n var notif = new Topic(\"notif\", TopicArgs.builder()\n .name(\"notification\")\n .build());\n\n final var notifAccess = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sns:Publish\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"codestar-notifications.amazonaws.com\")\n .build())\n .resources(notif.arn())\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder()\n .arn(notif.arn())\n .policy(notifAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(notifAccess -\u003e notifAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var commits = new NotificationRule(\"commits\", NotificationRuleArgs.builder()\n .detailType(\"BASIC\")\n .eventTypeIds(\"codecommit-repository-comments-on-commits\")\n .name(\"example-code-repo-commits\")\n .resource(code.arn())\n .targets(NotificationRuleTargetArgs.builder()\n .address(notif.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n code:\n type: aws:codecommit:Repository\n properties:\n repositoryName: example-code-repo\n notif:\n type: aws:sns:Topic\n properties:\n name: notification\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${notif.arn}\n policy: ${notifAccess.json}\n commits:\n type: aws:codestarnotifications:NotificationRule\n properties:\n detailType: BASIC\n eventTypeIds:\n - codecommit-repository-comments-on-commits\n name: example-code-repo-commits\n resource: ${code.arn}\n targets:\n - address: ${notif.arn}\nvariables:\n notifAccess:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sns:Publish\n principals:\n - type: Service\n identifiers:\n - codestar-notifications.amazonaws.com\n resources:\n - ${notif.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeStar notification rule using the ARN. For example:\n\n```sh\n$ pulumi import aws:codestarnotifications/notificationRule:NotificationRule foo arn:aws:codestar-notifications:us-west-1:0123456789:notificationrule/2cdc68a3-8f7c-4893-b6a5-45b362bd4f2b\n```\n", "properties": { "arn": { "type": "string", "description": "The codestar notification rule ARN.\n" }, "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n" }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "required": [ "arn", "detailType", "eventTypeIds", "name", "resource", "tagsAll" ], "inputProperties": { "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "requiredInputs": [ "detailType", "eventTypeIds", "resource" ], "stateInputs": { "description": "Input properties used for looking up and filtering NotificationRule resources.\n", "properties": { "arn": { "type": "string", "description": "The codestar notification rule ARN.\n" }, "detailType": { "type": "string", "description": "The level of detail to include in the notifications for this resource. Possible values are `BASIC` and `FULL`.\n" }, "eventTypeIds": { "type": "array", "items": { "type": "string" }, "description": "A list of event types associated with this notification rule.\nFor list of allowed events see [here](https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api).\n" }, "name": { "type": "string", "description": "The name of notification rule.\n" }, "resource": { "type": "string", "description": "The ARN of the resource to associate with the notification rule.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:codestarnotifications/NotificationRuleTarget:NotificationRuleTarget" }, "description": "Configuration blocks containing notification target information. Can be specified multiple times. At least one target must be specified on creation.\n" } }, "type": "object" } }, "aws:cognito/identityPool:IdentityPool": { "description": "Provides an AWS Cognito Identity Pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst _default = new aws.iam.SamlProvider(\"default\", {\n name: \"my-saml-provider\",\n samlMetadataDocument: std.file({\n input: \"saml-metadata.xml\",\n }).then(invoke =\u003e invoke.result),\n});\nconst main = new aws.cognito.IdentityPool(\"main\", {\n identityPoolName: \"identity pool\",\n allowUnauthenticatedIdentities: false,\n allowClassicFlow: false,\n cognitoIdentityProviders: [\n {\n clientId: \"6lhlkkfbfb4q5kpp90urffae\",\n providerName: \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n serverSideTokenCheck: false,\n },\n {\n clientId: \"7kodkvfqfb4qfkp39eurffae\",\n providerName: \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n serverSideTokenCheck: false,\n },\n ],\n supportedLoginProviders: {\n \"graph.facebook.com\": \"7346241598935552\",\n \"accounts.google.com\": \"123456789012.apps.googleusercontent.com\",\n },\n samlProviderArns: [_default.arn],\n openidConnectProviderArns: [\"arn:aws:iam::123456789012:oidc-provider/id.example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ndefault = aws.iam.SamlProvider(\"default\",\n name=\"my-saml-provider\",\n saml_metadata_document=std.file(input=\"saml-metadata.xml\").result)\nmain = aws.cognito.IdentityPool(\"main\",\n identity_pool_name=\"identity pool\",\n allow_unauthenticated_identities=False,\n allow_classic_flow=False,\n cognito_identity_providers=[\n {\n \"client_id\": \"6lhlkkfbfb4q5kpp90urffae\",\n \"provider_name\": \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n \"server_side_token_check\": False,\n },\n {\n \"client_id\": \"7kodkvfqfb4qfkp39eurffae\",\n \"provider_name\": \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n \"server_side_token_check\": False,\n },\n ],\n supported_login_providers={\n \"graph.facebook.com\": \"7346241598935552\",\n \"accounts.google.com\": \"123456789012.apps.googleusercontent.com\",\n },\n saml_provider_arns=[default.arn],\n openid_connect_provider_arns=[\"arn:aws:iam::123456789012:oidc-provider/id.example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Iam.SamlProvider(\"default\", new()\n {\n Name = \"my-saml-provider\",\n SamlMetadataDocument = Std.File.Invoke(new()\n {\n Input = \"saml-metadata.xml\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n var main = new Aws.Cognito.IdentityPool(\"main\", new()\n {\n IdentityPoolName = \"identity pool\",\n AllowUnauthenticatedIdentities = false,\n AllowClassicFlow = false,\n CognitoIdentityProviders = new[]\n {\n new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs\n {\n ClientId = \"6lhlkkfbfb4q5kpp90urffae\",\n ProviderName = \"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\",\n ServerSideTokenCheck = false,\n },\n new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs\n {\n ClientId = \"7kodkvfqfb4qfkp39eurffae\",\n ProviderName = \"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\",\n ServerSideTokenCheck = false,\n },\n },\n SupportedLoginProviders = \n {\n { \"graph.facebook.com\", \"7346241598935552\" },\n { \"accounts.google.com\", \"123456789012.apps.googleusercontent.com\" },\n },\n SamlProviderArns = new[]\n {\n @default.Arn,\n },\n OpenidConnectProviderArns = new[]\n {\n \"arn:aws:iam::123456789012:oidc-provider/id.example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"saml-metadata.xml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewSamlProvider(ctx, \"default\", \u0026iam.SamlProviderArgs{\n\t\t\tName: pulumi.String(\"my-saml-provider\"),\n\t\t\tSamlMetadataDocument: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewIdentityPool(ctx, \"main\", \u0026cognito.IdentityPoolArgs{\n\t\t\tIdentityPoolName: pulumi.String(\"identity pool\"),\n\t\t\tAllowUnauthenticatedIdentities: pulumi.Bool(false),\n\t\t\tAllowClassicFlow: pulumi.Bool(false),\n\t\t\tCognitoIdentityProviders: cognito.IdentityPoolCognitoIdentityProviderArray{\n\t\t\t\t\u0026cognito.IdentityPoolCognitoIdentityProviderArgs{\n\t\t\t\t\tClientId: pulumi.String(\"6lhlkkfbfb4q5kpp90urffae\"),\n\t\t\t\t\tProviderName: pulumi.String(\"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\"),\n\t\t\t\t\tServerSideTokenCheck: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t\t\u0026cognito.IdentityPoolCognitoIdentityProviderArgs{\n\t\t\t\t\tClientId: pulumi.String(\"7kodkvfqfb4qfkp39eurffae\"),\n\t\t\t\t\tProviderName: pulumi.String(\"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\"),\n\t\t\t\t\tServerSideTokenCheck: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSupportedLoginProviders: pulumi.StringMap{\n\t\t\t\t\"graph.facebook.com\": pulumi.String(\"7346241598935552\"),\n\t\t\t\t\"accounts.google.com\": pulumi.String(\"123456789012.apps.googleusercontent.com\"),\n\t\t\t},\n\t\t\tSamlProviderArns: pulumi.StringArray{\n\t\t\t\t_default.Arn,\n\t\t\t},\n\t\t\tOpenidConnectProviderArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::123456789012:oidc-provider/id.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.SamlProvider;\nimport com.pulumi.aws.iam.SamlProviderArgs;\nimport com.pulumi.aws.cognito.IdentityPool;\nimport com.pulumi.aws.cognito.IdentityPoolArgs;\nimport com.pulumi.aws.cognito.inputs.IdentityPoolCognitoIdentityProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SamlProvider(\"default\", SamlProviderArgs.builder()\n .name(\"my-saml-provider\")\n .samlMetadataDocument(StdFunctions.file(FileArgs.builder()\n .input(\"saml-metadata.xml\")\n .build()).result())\n .build());\n\n var main = new IdentityPool(\"main\", IdentityPoolArgs.builder()\n .identityPoolName(\"identity pool\")\n .allowUnauthenticatedIdentities(false)\n .allowClassicFlow(false)\n .cognitoIdentityProviders( \n IdentityPoolCognitoIdentityProviderArgs.builder()\n .clientId(\"6lhlkkfbfb4q5kpp90urffae\")\n .providerName(\"cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\")\n .serverSideTokenCheck(false)\n .build(),\n IdentityPoolCognitoIdentityProviderArgs.builder()\n .clientId(\"7kodkvfqfb4qfkp39eurffae\")\n .providerName(\"cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\")\n .serverSideTokenCheck(false)\n .build())\n .supportedLoginProviders(Map.ofEntries(\n Map.entry(\"graph.facebook.com\", \"7346241598935552\"),\n Map.entry(\"accounts.google.com\", \"123456789012.apps.googleusercontent.com\")\n ))\n .samlProviderArns(default_.arn())\n .openidConnectProviderArns(\"arn:aws:iam::123456789012:oidc-provider/id.example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:iam:SamlProvider\n properties:\n name: my-saml-provider\n samlMetadataDocument:\n fn::invoke:\n Function: std:file\n Arguments:\n input: saml-metadata.xml\n Return: result\n main:\n type: aws:cognito:IdentityPool\n properties:\n identityPoolName: identity pool\n allowUnauthenticatedIdentities: false\n allowClassicFlow: false\n cognitoIdentityProviders:\n - clientId: 6lhlkkfbfb4q5kpp90urffae\n providerName: cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ\n serverSideTokenCheck: false\n - clientId: 7kodkvfqfb4qfkp39eurffae\n providerName: cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu\n serverSideTokenCheck: false\n supportedLoginProviders:\n graph.facebook.com: '7346241598935552'\n accounts.google.com: 123456789012.apps.googleusercontent.com\n samlProviderArns:\n - ${default.arn}\n openidConnectProviderArns:\n - arn:aws:iam::123456789012:oidc-provider/id.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito Identity Pool using its ID. For example:\n\n```sh\n$ pulumi import aws:cognito/identityPool:IdentityPool mypool us-west-2:1a234567-8901-234b-5cde-f6789g01h2i3\n```\n", "properties": { "allowClassicFlow": { "type": "boolean", "description": "Enables or disables the classic / basic authentication flow. Default is `false`.\n" }, "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "arn": { "type": "string", "description": "The ARN of the identity pool.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n" }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n" }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "Set of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "identityPoolName", "tagsAll" ], "inputProperties": { "allowClassicFlow": { "type": "boolean", "description": "Enables or disables the classic / basic authentication flow. Default is `false`.\n" }, "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n", "willReplaceOnChanges": true }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n", "willReplaceOnChanges": true }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "Set of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "identityPoolName" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPool resources.\n", "properties": { "allowClassicFlow": { "type": "boolean", "description": "Enables or disables the classic / basic authentication flow. Default is `false`.\n" }, "allowUnauthenticatedIdentities": { "type": "boolean", "description": "Whether the identity pool supports unauthenticated logins or not.\n" }, "arn": { "type": "string", "description": "The ARN of the identity pool.\n" }, "cognitoIdentityProviders": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolCognitoIdentityProvider:IdentityPoolCognitoIdentityProvider" }, "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n" }, "developerProviderName": { "type": "string", "description": "The \"domain\" by which Cognito will refer to your users. This name acts as a placeholder that allows your\nbackend and the Cognito service to communicate about the developer provider.\n", "willReplaceOnChanges": true }, "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n", "willReplaceOnChanges": true }, "openidConnectProviderArns": { "type": "array", "items": { "type": "string" }, "description": "Set of OpendID Connect provider ARNs.\n" }, "samlProviderArns": { "type": "array", "items": { "type": "string" }, "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n" }, "supportedLoginProviders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Identity Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cognito/identityPoolProviderPrincipalTag:IdentityPoolProviderPrincipalTag": { "description": "Provides an AWS Cognito Identity Principal Mapping.\n\n## Import\n\nUsing `pulumi import`, import Cognito Identity Pool Roles Attachment using the Identity Pool ID and provider name. For example:\n\n```sh\n$ pulumi import aws:cognito/identityPoolProviderPrincipalTag:IdentityPoolProviderPrincipalTag example us-west-2_abc123:CorpAD\n```\n", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID.\n" }, "identityProviderName": { "type": "string", "description": "The name of the identity provider.\n" }, "principalTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "String to string map of variables.\n" }, "useDefaults": { "type": "boolean", "description": "use default (username and clientID) attribute mappings.\n" } }, "required": [ "identityPoolId", "identityProviderName" ], "inputProperties": { "identityPoolId": { "type": "string", "description": "An identity pool ID.\n", "willReplaceOnChanges": true }, "identityProviderName": { "type": "string", "description": "The name of the identity provider.\n", "willReplaceOnChanges": true }, "principalTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "String to string map of variables.\n" }, "useDefaults": { "type": "boolean", "description": "use default (username and clientID) attribute mappings.\n" } }, "requiredInputs": [ "identityPoolId", "identityProviderName" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPoolProviderPrincipalTag resources.\n", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID.\n", "willReplaceOnChanges": true }, "identityProviderName": { "type": "string", "description": "The name of the identity provider.\n", "willReplaceOnChanges": true }, "principalTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "String to string map of variables.\n" }, "useDefaults": { "type": "boolean", "description": "use default (username and clientID) attribute mappings.\n" } }, "type": "object" } }, "aws:cognito/identityPoolRoleAttachment:IdentityPoolRoleAttachment": { "description": "Provides an AWS Cognito Identity Pool Roles Attachment.\n\n## Import\n\nUsing `pulumi import`, import Cognito Identity Pool Roles Attachment using the Identity Pool ID. For example:\n\n```sh\n$ pulumi import aws:cognito/identityPoolRoleAttachment:IdentityPoolRoleAttachment example us-west-2:b64805ad-cb56-40ba-9ffc-f5d8207e6d42\n```\n", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format `REGION_GUID`.\n" }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n" } }, "required": [ "identityPoolId", "roles" ], "inputProperties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format `REGION_GUID`.\n", "willReplaceOnChanges": true }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "identityPoolId", "roles" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPoolRoleAttachment resources.\n", "properties": { "identityPoolId": { "type": "string", "description": "An identity pool ID in the format `REGION_GUID`.\n", "willReplaceOnChanges": true }, "roleMappings": { "type": "array", "items": { "$ref": "#/types/aws:cognito/IdentityPoolRoleAttachmentRoleMapping:IdentityPoolRoleAttachmentRoleMapping" }, "description": "A List of Role Mapping.\n" }, "roles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of roles associated with this pool. For a given role, the key will be either \"authenticated\" or \"unauthenticated\" and the value will be the Role ARN.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/identityProvider:IdentityProvider": { "description": "Provides a Cognito User Identity Provider resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {\n name: \"example-pool\",\n autoVerifiedAttributes: [\"email\"],\n});\nconst exampleProvider = new aws.cognito.IdentityProvider(\"example_provider\", {\n userPoolId: example.id,\n providerName: \"Google\",\n providerType: \"Google\",\n providerDetails: {\n authorize_scopes: \"email\",\n client_id: \"your client_id\",\n client_secret: \"your client_secret\",\n },\n attributeMapping: {\n email: \"email\",\n username: \"sub\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\",\n name=\"example-pool\",\n auto_verified_attributes=[\"email\"])\nexample_provider = aws.cognito.IdentityProvider(\"example_provider\",\n user_pool_id=example.id,\n provider_name=\"Google\",\n provider_type=\"Google\",\n provider_details={\n \"authorize_scopes\": \"email\",\n \"client_id\": \"your client_id\",\n \"client_secret\": \"your client_secret\",\n },\n attribute_mapping={\n \"email\": \"email\",\n \"username\": \"sub\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example-pool\",\n AutoVerifiedAttributes = new[]\n {\n \"email\",\n },\n });\n\n var exampleProvider = new Aws.Cognito.IdentityProvider(\"example_provider\", new()\n {\n UserPoolId = example.Id,\n ProviderName = \"Google\",\n ProviderType = \"Google\",\n ProviderDetails = \n {\n { \"authorize_scopes\", \"email\" },\n { \"client_id\", \"your client_id\" },\n { \"client_secret\", \"your client_secret\" },\n },\n AttributeMapping = \n {\n { \"email\", \"email\" },\n { \"username\", \"sub\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example-pool\"),\n\t\t\tAutoVerifiedAttributes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"email\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewIdentityProvider(ctx, \"example_provider\", \u0026cognito.IdentityProviderArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tProviderName: pulumi.String(\"Google\"),\n\t\t\tProviderType: pulumi.String(\"Google\"),\n\t\t\tProviderDetails: pulumi.StringMap{\n\t\t\t\t\"authorize_scopes\": pulumi.String(\"email\"),\n\t\t\t\t\"client_id\": pulumi.String(\"your client_id\"),\n\t\t\t\t\"client_secret\": pulumi.String(\"your client_secret\"),\n\t\t\t},\n\t\t\tAttributeMapping: pulumi.StringMap{\n\t\t\t\t\"email\": pulumi.String(\"email\"),\n\t\t\t\t\"username\": pulumi.String(\"sub\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.IdentityProvider;\nimport com.pulumi.aws.cognito.IdentityProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"example-pool\")\n .autoVerifiedAttributes(\"email\")\n .build());\n\n var exampleProvider = new IdentityProvider(\"exampleProvider\", IdentityProviderArgs.builder()\n .userPoolId(example.id())\n .providerName(\"Google\")\n .providerType(\"Google\")\n .providerDetails(Map.ofEntries(\n Map.entry(\"authorize_scopes\", \"email\"),\n Map.entry(\"client_id\", \"your client_id\"),\n Map.entry(\"client_secret\", \"your client_secret\")\n ))\n .attributeMapping(Map.ofEntries(\n Map.entry(\"email\", \"email\"),\n Map.entry(\"username\", \"sub\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: example-pool\n autoVerifiedAttributes:\n - email\n exampleProvider:\n type: aws:cognito:IdentityProvider\n name: example_provider\n properties:\n userPoolId: ${example.id}\n providerName: Google\n providerType: Google\n providerDetails:\n authorize_scopes: email\n client_id: your client_id\n client_secret: your client_secret\n attributeMapping:\n email: email\n username: sub\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_cognito_identity_provider` resources using their User Pool ID and Provider Name. For example:\n\n```sh\n$ pulumi import aws:cognito/identityProvider:IdentityProvider example us-west-2_abc123:CorpAD\n```\n", "properties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n" }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n" }, "userPoolId": { "type": "string", "description": "The user pool id\n" } }, "required": [ "attributeMapping", "providerDetails", "providerName", "providerType", "userPoolId" ], "inputProperties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n", "willReplaceOnChanges": true }, "userPoolId": { "type": "string", "description": "The user pool id\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "providerDetails", "providerName", "providerType", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityProvider resources.\n", "properties": { "attributeMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of attribute mapping of user pool attributes. [AttributeMapping in AWS API documentation](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-AttributeMapping)\n" }, "idpIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "The list of identity providers.\n" }, "providerDetails": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of identity details, such as access token\n" }, "providerName": { "type": "string", "description": "The provider name\n", "willReplaceOnChanges": true }, "providerType": { "type": "string", "description": "The provider type. [See AWS API for valid values](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html#CognitoUserPools-CreateIdentityProvider-request-ProviderType)\n", "willReplaceOnChanges": true }, "userPoolId": { "type": "string", "description": "The user pool id\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/managedUserPoolClient:ManagedUserPoolClient": { "description": "Use the `aws.cognito.UserPoolClient` resource to manage a Cognito User Pool Client.\n\n**This resource is advanced** and has special caveats to consider before use. Please read this document completely before using the resource.\n\nUse the `aws.cognito.ManagedUserPoolClient` resource to manage a Cognito User Pool Client that is automatically created by an AWS service. For instance, when [configuring an OpenSearch Domain to use Cognito authentication](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html), the OpenSearch service creates the User Pool Client during setup and removes it when it is no longer required. As a result, the `aws.cognito.ManagedUserPoolClient` resource does not create or delete this resource, but instead assumes management of it.\n\nUse the `aws.cognito.UserPoolClient` resource to manage Cognito User Pool Clients for normal use cases.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleIdentityPool = new aws.cognito.IdentityPool(\"example\", {identityPoolName: \"example\"});\nconst current = aws.getPartition({});\nconst example = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"\",\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [`es.${current.dnsSuffix}`],\n }],\n }],\n}));\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n path: \"/service-role/\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess`),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n cognitoOptions: {\n enabled: true,\n userPoolId: exampleUserPool.id,\n identityPoolId: exampleIdentityPool.id,\n roleArn: exampleRole.arn,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n}, {\n dependsOn: [\n exampleAwsCognitoUserPoolDomain,\n exampleRolePolicyAttachment,\n ],\n});\nconst exampleManagedUserPoolClient = new aws.cognito.ManagedUserPoolClient(\"example\", {\n namePrefix: \"AmazonOpenSearchService-example\",\n userPoolId: exampleUserPool.id,\n}, {\n dependsOn: [exampleDomain],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_identity_pool = aws.cognito.IdentityPool(\"example\", identity_pool_name=\"example\")\ncurrent = aws.get_partition()\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"\",\n \"actions\": [\"sts:AssumeRole\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [f\"es.{current.dns_suffix}\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n path=\"/service-role/\",\n assume_role_policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess\")\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n cognito_options={\n \"enabled\": True,\n \"user_pool_id\": example_user_pool.id,\n \"identity_pool_id\": example_identity_pool.id,\n \"role_arn\": example_role.arn,\n },\n ebs_options={\n \"ebs_enabled\": True,\n \"volume_size\": 10,\n },\n opts = pulumi.ResourceOptions(depends_on=[\n example_aws_cognito_user_pool_domain,\n example_role_policy_attachment,\n ]))\nexample_managed_user_pool_client = aws.cognito.ManagedUserPoolClient(\"example\",\n name_prefix=\"AmazonOpenSearchService-example\",\n user_pool_id=example_user_pool.id,\n opts = pulumi.ResourceOptions(depends_on=[example_domain]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleIdentityPool = new Aws.Cognito.IdentityPool(\"example\", new()\n {\n IdentityPoolName = \"example\",\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n $\"es.{current.Apply(getPartitionResult =\u003e getPartitionResult.DnsSuffix)}\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n Path = \"/service-role/\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/AmazonESCognitoAccess\",\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n CognitoOptions = new Aws.OpenSearch.Inputs.DomainCognitoOptionsArgs\n {\n Enabled = true,\n UserPoolId = exampleUserPool.Id,\n IdentityPoolId = exampleIdentityPool.Id,\n RoleArn = exampleRole.Arn,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsCognitoUserPoolDomain,\n exampleRolePolicyAttachment,\n },\n });\n\n var exampleManagedUserPoolClient = new Aws.Cognito.ManagedUserPoolClient(\"example\", new()\n {\n NamePrefix = \"AmazonOpenSearchService-example\",\n UserPoolId = exampleUserPool.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleDomain,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleIdentityPool, err := cognito.NewIdentityPool(ctx, \"example\", \u0026cognito.IdentityPoolArgs{\n\t\t\tIdentityPoolName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"es.%v\", current.DnsSuffix),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/AmazonESCognitoAccess\", current.Partition)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomain, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tCognitoOptions: \u0026opensearch.DomainCognitoOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t\t\tIdentityPoolId: exampleIdentityPool.ID(),\n\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsCognitoUserPoolDomain,\n\t\t\texampleRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewManagedUserPoolClient(ctx, \"example\", \u0026cognito.ManagedUserPoolClientArgs{\n\t\t\tNamePrefix: pulumi.String(\"AmazonOpenSearchService-example\"),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleDomain,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.IdentityPool;\nimport com.pulumi.aws.cognito.IdentityPoolArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainCognitoOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.cognito.ManagedUserPoolClient;\nimport com.pulumi.aws.cognito.ManagedUserPoolClientArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleIdentityPool = new IdentityPool(\"exampleIdentityPool\", IdentityPoolArgs.builder()\n .identityPoolName(\"example\")\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"\")\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(String.format(\"es.%s\", current.applyValue(getPartitionResult -\u003e getPartitionResult.dnsSuffix())))\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example-role\")\n .path(\"/service-role/\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(exampleRole.name())\n .policyArn(String.format(\"arn:%s:iam::aws:policy/AmazonESCognitoAccess\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domainName(\"example\")\n .cognitoOptions(DomainCognitoOptionsArgs.builder()\n .enabled(true)\n .userPoolId(exampleUserPool.id())\n .identityPoolId(exampleIdentityPool.id())\n .roleArn(exampleRole.arn())\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsCognitoUserPoolDomain,\n exampleRolePolicyAttachment)\n .build());\n\n var exampleManagedUserPoolClient = new ManagedUserPoolClient(\"exampleManagedUserPoolClient\", ManagedUserPoolClientArgs.builder()\n .namePrefix(\"AmazonOpenSearchService-example\")\n .userPoolId(exampleUserPool.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleDomain)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleManagedUserPoolClient:\n type: aws:cognito:ManagedUserPoolClient\n name: example\n properties:\n namePrefix: AmazonOpenSearchService-example\n userPoolId: ${exampleUserPool.id}\n options:\n dependson:\n - ${exampleDomain}\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example\n exampleIdentityPool:\n type: aws:cognito:IdentityPool\n name: example\n properties:\n identityPoolName: example\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: example\n cognitoOptions:\n enabled: true\n userPoolId: ${exampleUserPool.id}\n identityPoolId: ${exampleIdentityPool.id}\n roleArn: ${exampleRole.arn}\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n options:\n dependson:\n - ${exampleAwsCognitoUserPoolDomain}\n - ${exampleRolePolicyAttachment}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n path: /service-role/\n assumeRolePolicy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid:\n actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.${current.dnsSuffix}\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool Clients using the `id` of the Cognito User Pool and the `id` of the Cognito User Pool Client. For example:\n\n```sh\n$ pulumi import aws:cognito/managedUserPoolClient:ManagedUserPoolClient client us-west-2_abc123/3ho4ek12345678909nh3fmhpko\n```\n", "properties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows, including code, implicit, and client_credentials.\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientAnalyticsConfiguration:ManagedUserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.\n" }, "authSessionValidity": { "type": "integer", "description": "Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "Client secret of the user pool client.\n", "secret": true }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI and must be included in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Enables the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "Name of the user pool client.\n" }, "namePattern": { "type": "string", "description": "Regular expression that matches the name of the desired User Pool Client. It must only match one User Pool Client.\n" }, "namePrefix": { "type": "string", "description": "String that matches the beginning of the name of the desired User Pool Client. It must match only one User Pool Client.\n\nThe following arguments are optional:\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientTokenValidityUnits:ManagedUserPoolClientTokenValidityUnits", "description": "Configuration block for representing the validity times in units. See details below. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool that the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can write to.\n" } }, "required": [ "accessTokenValidity", "allowedOauthFlows", "allowedOauthFlowsUserPoolClient", "allowedOauthScopes", "authSessionValidity", "callbackUrls", "clientSecret", "defaultRedirectUri", "enablePropagateAdditionalUserContextData", "enableTokenRevocation", "explicitAuthFlows", "idTokenValidity", "logoutUrls", "name", "preventUserExistenceErrors", "readAttributes", "refreshTokenValidity", "supportedIdentityProviders", "userPoolId", "writeAttributes" ], "inputProperties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows, including code, implicit, and client_credentials.\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientAnalyticsConfiguration:ManagedUserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.\n" }, "authSessionValidity": { "type": "integer", "description": "Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI and must be included in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Enables the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "namePattern": { "type": "string", "description": "Regular expression that matches the name of the desired User Pool Client. It must only match one User Pool Client.\n" }, "namePrefix": { "type": "string", "description": "String that matches the beginning of the name of the desired User Pool Client. It must match only one User Pool Client.\n\nThe following arguments are optional:\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientTokenValidityUnits:ManagedUserPoolClientTokenValidityUnits", "description": "Configuration block for representing the validity times in units. See details below. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool that the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can write to.\n" } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ManagedUserPoolClient resources.\n", "properties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows, including code, implicit, and client_credentials.\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientAnalyticsConfiguration:ManagedUserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.\n" }, "authSessionValidity": { "type": "integer", "description": "Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "Client secret of the user pool client.\n", "secret": true }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI and must be included in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Enables the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "Name of the user pool client.\n" }, "namePattern": { "type": "string", "description": "Regular expression that matches the name of the desired User Pool Client. It must only match one User Pool Client.\n" }, "namePrefix": { "type": "string", "description": "String that matches the beginning of the name of the desired User Pool Client. It must match only one User Pool Client.\n\nThe following arguments are optional:\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/ManagedUserPoolClientTokenValidityUnits:ManagedUserPoolClientTokenValidityUnits", "description": "Configuration block for representing the validity times in units. See details below. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool that the client belongs to.\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes that the application client can write to.\n" } }, "type": "object" } }, "aws:cognito/resourceServer:ResourceServer": { "description": "Provides a Cognito Resource Server.\n\n## Example Usage\n\n### Create a basic resource server\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"pool\"});\nconst resource = new aws.cognito.ResourceServer(\"resource\", {\n identifier: \"https://example.com\",\n name: \"example\",\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"pool\")\nresource = aws.cognito.ResourceServer(\"resource\",\n identifier=\"https://example.com\",\n name=\"example\",\n user_pool_id=pool.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"pool\",\n });\n\n var resource = new Aws.Cognito.ResourceServer(\"resource\", new()\n {\n Identifier = \"https://example.com\",\n Name = \"example\",\n UserPoolId = pool.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewResourceServer(ctx, \"resource\", \u0026cognito.ResourceServerArgs{\n\t\t\tIdentifier: pulumi.String(\"https://example.com\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.ResourceServer;\nimport com.pulumi.aws.cognito.ResourceServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var resource = new ResourceServer(\"resource\", ResourceServerArgs.builder()\n .identifier(\"https://example.com\")\n .name(\"example\")\n .userPoolId(pool.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pool:\n type: aws:cognito:UserPool\n properties:\n name: pool\n resource:\n type: aws:cognito:ResourceServer\n properties:\n identifier: https://example.com\n name: example\n userPoolId: ${pool.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create a resource server with sample-scope\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"pool\"});\nconst resource = new aws.cognito.ResourceServer(\"resource\", {\n identifier: \"https://example.com\",\n name: \"example\",\n scopes: [{\n scopeName: \"sample-scope\",\n scopeDescription: \"a Sample Scope Description\",\n }],\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"pool\")\nresource = aws.cognito.ResourceServer(\"resource\",\n identifier=\"https://example.com\",\n name=\"example\",\n scopes=[{\n \"scope_name\": \"sample-scope\",\n \"scope_description\": \"a Sample Scope Description\",\n }],\n user_pool_id=pool.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"pool\",\n });\n\n var resource = new Aws.Cognito.ResourceServer(\"resource\", new()\n {\n Identifier = \"https://example.com\",\n Name = \"example\",\n Scopes = new[]\n {\n new Aws.Cognito.Inputs.ResourceServerScopeArgs\n {\n ScopeName = \"sample-scope\",\n ScopeDescription = \"a Sample Scope Description\",\n },\n },\n UserPoolId = pool.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewResourceServer(ctx, \"resource\", \u0026cognito.ResourceServerArgs{\n\t\t\tIdentifier: pulumi.String(\"https://example.com\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tScopes: cognito.ResourceServerScopeArray{\n\t\t\t\t\u0026cognito.ResourceServerScopeArgs{\n\t\t\t\t\tScopeName: pulumi.String(\"sample-scope\"),\n\t\t\t\t\tScopeDescription: pulumi.String(\"a Sample Scope Description\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.ResourceServer;\nimport com.pulumi.aws.cognito.ResourceServerArgs;\nimport com.pulumi.aws.cognito.inputs.ResourceServerScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var resource = new ResourceServer(\"resource\", ResourceServerArgs.builder()\n .identifier(\"https://example.com\")\n .name(\"example\")\n .scopes(ResourceServerScopeArgs.builder()\n .scopeName(\"sample-scope\")\n .scopeDescription(\"a Sample Scope Description\")\n .build())\n .userPoolId(pool.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pool:\n type: aws:cognito:UserPool\n properties:\n name: pool\n resource:\n type: aws:cognito:ResourceServer\n properties:\n identifier: https://example.com\n name: example\n scopes:\n - scopeName: sample-scope\n scopeDescription: a Sample Scope Description\n userPoolId: ${pool.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_cognito_resource_server` using their User Pool ID and Identifier. For example:\n\n```sh\n$ pulumi import aws:cognito/resourceServer:ResourceServer example \"us-west-2_abc123|https://example.com\"\n```\n", "properties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n" }, "name": { "type": "string", "description": "A name for the resource server.\n" }, "scopeIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of all scopes configured for this resource server in the format identifier/scope_name.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n" } }, "required": [ "identifier", "name", "scopeIdentifiers", "userPoolId" ], "inputProperties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the resource server.\n", "willReplaceOnChanges": true }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "identifier", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceServer resources.\n", "properties": { "identifier": { "type": "string", "description": "An identifier for the resource server.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the resource server.\n", "willReplaceOnChanges": true }, "scopeIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "A list of all scopes configured for this resource server in the format identifier/scope_name.\n" }, "scopes": { "type": "array", "items": { "$ref": "#/types/aws:cognito/ResourceServerScope:ResourceServerScope" }, "description": "A list of Authorization Scope.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/riskConfiguration:RiskConfiguration": { "description": "Provides a Cognito Risk Configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.RiskConfiguration(\"example\", {\n userPoolId: exampleAwsCognitoUserPool.id,\n riskExceptionConfiguration: {\n blockedIpRangeLists: [\"10.10.10.10/32\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.RiskConfiguration(\"example\",\n user_pool_id=example_aws_cognito_user_pool[\"id\"],\n risk_exception_configuration={\n \"blocked_ip_range_lists\": [\"10.10.10.10/32\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.RiskConfiguration(\"example\", new()\n {\n UserPoolId = exampleAwsCognitoUserPool.Id,\n RiskExceptionConfiguration = new Aws.Cognito.Inputs.RiskConfigurationRiskExceptionConfigurationArgs\n {\n BlockedIpRangeLists = new[]\n {\n \"10.10.10.10/32\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.NewRiskConfiguration(ctx, \"example\", \u0026cognito.RiskConfigurationArgs{\n\t\t\tUserPoolId: pulumi.Any(exampleAwsCognitoUserPool.Id),\n\t\t\tRiskExceptionConfiguration: \u0026cognito.RiskConfigurationRiskExceptionConfigurationArgs{\n\t\t\t\tBlockedIpRangeLists: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.10.10.10/32\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.RiskConfiguration;\nimport com.pulumi.aws.cognito.RiskConfigurationArgs;\nimport com.pulumi.aws.cognito.inputs.RiskConfigurationRiskExceptionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RiskConfiguration(\"example\", RiskConfigurationArgs.builder()\n .userPoolId(exampleAwsCognitoUserPool.id())\n .riskExceptionConfiguration(RiskConfigurationRiskExceptionConfigurationArgs.builder()\n .blockedIpRangeLists(\"10.10.10.10/32\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:RiskConfiguration\n properties:\n userPoolId: ${exampleAwsCognitoUserPool.id}\n riskExceptionConfiguration:\n blockedIpRangeLists:\n - 10.10.10.10/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using the user pool ID and Client ID separated by a `:`:\n\n__Using `pulumi import` to import__ Cognito Risk Configurations using the user pool ID or the user pool ID and Client Id separated by a `:`. For example:\n\nImport using the user pool ID:\n\n```sh\n$ pulumi import aws:cognito/riskConfiguration:RiskConfiguration main example\n```\nImport using the user pool ID and Client ID separated by a `:`:\n\n```sh\n$ pulumi import aws:cognito/riskConfiguration:RiskConfiguration main example:example\n```\n", "properties": { "accountTakeoverRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfiguration:RiskConfigurationAccountTakeoverRiskConfiguration", "description": "The account takeover risk configuration. See details below.\n" }, "clientId": { "type": "string", "description": "The app client ID. When the client ID is not provided, the same risk configuration is applied to all the clients in the User Pool.\n" }, "compromisedCredentialsRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfiguration:RiskConfigurationCompromisedCredentialsRiskConfiguration", "description": "The compromised credentials risk configuration. See details below.\n" }, "riskExceptionConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationRiskExceptionConfiguration:RiskConfigurationRiskExceptionConfiguration", "description": "The configuration to override the risk decision. See details below.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "required": [ "userPoolId" ], "inputProperties": { "accountTakeoverRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfiguration:RiskConfigurationAccountTakeoverRiskConfiguration", "description": "The account takeover risk configuration. See details below.\n" }, "clientId": { "type": "string", "description": "The app client ID. When the client ID is not provided, the same risk configuration is applied to all the clients in the User Pool.\n", "willReplaceOnChanges": true }, "compromisedCredentialsRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfiguration:RiskConfigurationCompromisedCredentialsRiskConfiguration", "description": "The compromised credentials risk configuration. See details below.\n" }, "riskExceptionConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationRiskExceptionConfiguration:RiskConfigurationRiskExceptionConfiguration", "description": "The configuration to override the risk decision. See details below.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RiskConfiguration resources.\n", "properties": { "accountTakeoverRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationAccountTakeoverRiskConfiguration:RiskConfigurationAccountTakeoverRiskConfiguration", "description": "The account takeover risk configuration. See details below.\n" }, "clientId": { "type": "string", "description": "The app client ID. When the client ID is not provided, the same risk configuration is applied to all the clients in the User Pool.\n", "willReplaceOnChanges": true }, "compromisedCredentialsRiskConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationCompromisedCredentialsRiskConfiguration:RiskConfigurationCompromisedCredentialsRiskConfiguration", "description": "The compromised credentials risk configuration. See details below.\n" }, "riskExceptionConfiguration": { "$ref": "#/types/aws:cognito/RiskConfigurationRiskExceptionConfiguration:RiskConfigurationRiskExceptionConfiguration", "description": "The configuration to override the risk decision. See details below.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/user:User": { "description": "Provides a Cognito User Resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {name: \"MyExamplePool\"});\nconst exampleUser = new aws.cognito.User(\"example\", {\n userPoolId: example.id,\n username: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\", name=\"MyExamplePool\")\nexample_user = aws.cognito.User(\"example\",\n user_pool_id=example.id,\n username=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"MyExamplePool\",\n });\n\n var exampleUser = new Aws.Cognito.User(\"example\", new()\n {\n UserPoolId = example.Id,\n Username = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"MyExamplePool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUser(ctx, \"example\", \u0026cognito.UserArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.User;\nimport com.pulumi.aws.cognito.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"MyExamplePool\")\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .userPoolId(example.id())\n .username(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: MyExamplePool\n exampleUser:\n type: aws:cognito:User\n name: example\n properties:\n userPoolId: ${example.id}\n username: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Setting user attributes\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {\n name: \"mypool\",\n schemas: [\n {\n name: \"example\",\n attributeDataType: \"Boolean\",\n mutable: false,\n required: false,\n developerOnlyAttribute: false,\n },\n {\n name: \"foo\",\n attributeDataType: \"String\",\n mutable: false,\n required: false,\n developerOnlyAttribute: false,\n stringAttributeConstraints: {},\n },\n ],\n});\nconst exampleUser = new aws.cognito.User(\"example\", {\n userPoolId: example.id,\n username: \"example\",\n attributes: {\n example: \"true\",\n foo: \"bar\",\n email: \"no-reply@example.com\",\n email_verified: \"true\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\",\n name=\"mypool\",\n schemas=[\n {\n \"name\": \"example\",\n \"attribute_data_type\": \"Boolean\",\n \"mutable\": False,\n \"required\": False,\n \"developer_only_attribute\": False,\n },\n {\n \"name\": \"foo\",\n \"attribute_data_type\": \"String\",\n \"mutable\": False,\n \"required\": False,\n \"developer_only_attribute\": False,\n \"string_attribute_constraints\": {},\n },\n ])\nexample_user = aws.cognito.User(\"example\",\n user_pool_id=example.id,\n username=\"example\",\n attributes={\n \"example\": \"true\",\n \"foo\": \"bar\",\n \"email\": \"no-reply@example.com\",\n \"email_verified\": \"true\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"mypool\",\n Schemas = new[]\n {\n new Aws.Cognito.Inputs.UserPoolSchemaArgs\n {\n Name = \"example\",\n AttributeDataType = \"Boolean\",\n Mutable = false,\n Required = false,\n DeveloperOnlyAttribute = false,\n },\n new Aws.Cognito.Inputs.UserPoolSchemaArgs\n {\n Name = \"foo\",\n AttributeDataType = \"String\",\n Mutable = false,\n Required = false,\n DeveloperOnlyAttribute = false,\n StringAttributeConstraints = null,\n },\n },\n });\n\n var exampleUser = new Aws.Cognito.User(\"example\", new()\n {\n UserPoolId = example.Id,\n Username = \"example\",\n Attributes = \n {\n { \"example\", \"true\" },\n { \"foo\", \"bar\" },\n { \"email\", \"no-reply@example.com\" },\n { \"email_verified\", \"true\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"mypool\"),\n\t\t\tSchemas: cognito.UserPoolSchemaArray{\n\t\t\t\t\u0026cognito.UserPoolSchemaArgs{\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tAttributeDataType: pulumi.String(\"Boolean\"),\n\t\t\t\t\tMutable: pulumi.Bool(false),\n\t\t\t\t\tRequired: pulumi.Bool(false),\n\t\t\t\t\tDeveloperOnlyAttribute: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t\t\u0026cognito.UserPoolSchemaArgs{\n\t\t\t\t\tName: pulumi.String(\"foo\"),\n\t\t\t\t\tAttributeDataType: pulumi.String(\"String\"),\n\t\t\t\t\tMutable: pulumi.Bool(false),\n\t\t\t\t\tRequired: pulumi.Bool(false),\n\t\t\t\t\tDeveloperOnlyAttribute: pulumi.Bool(false),\n\t\t\t\t\tStringAttributeConstraints: nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUser(ctx, \"example\", \u0026cognito.UserArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\"example\": pulumi.String(\"true\"),\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t\t\"email\": pulumi.String(\"no-reply@example.com\"),\n\t\t\t\t\"email_verified\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolSchemaArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolSchemaStringAttributeConstraintsArgs;\nimport com.pulumi.aws.cognito.User;\nimport com.pulumi.aws.cognito.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"mypool\")\n .schemas( \n UserPoolSchemaArgs.builder()\n .name(\"example\")\n .attributeDataType(\"Boolean\")\n .mutable(false)\n .required(false)\n .developerOnlyAttribute(false)\n .build(),\n UserPoolSchemaArgs.builder()\n .name(\"foo\")\n .attributeDataType(\"String\")\n .mutable(false)\n .required(false)\n .developerOnlyAttribute(false)\n .stringAttributeConstraints()\n .build())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .userPoolId(example.id())\n .username(\"example\")\n .attributes(Map.ofEntries(\n Map.entry(\"example\", true),\n Map.entry(\"foo\", \"bar\"),\n Map.entry(\"email\", \"no-reply@example.com\"),\n Map.entry(\"email_verified\", true)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: mypool\n schemas:\n - name: example\n attributeDataType: Boolean\n mutable: false\n required: false\n developerOnlyAttribute: false\n - name: foo\n attributeDataType: String\n mutable: false\n required: false\n developerOnlyAttribute: false\n stringAttributeConstraints: {}\n exampleUser:\n type: aws:cognito:User\n name: example\n properties:\n userPoolId: ${example.id}\n username: example\n attributes:\n example: true\n foo: bar\n email: no-reply@example.com\n email_verified: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User using the `user_pool_id`/`name` attributes concatenated. For example:\n\n```sh\n$ pulumi import aws:cognito/user:User user us-east-1_vG78M4goG/user\n```\n", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that contains user attributes and attribute values to be set for the user.\n" }, "clientMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of custom key-value pairs that you can provide as input for any custom workflows that user creation triggers. Amazon Cognito does not store the `client_metadata` value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration does not include triggers, the ClientMetadata parameter serves no purpose. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n" }, "creationDate": { "type": "string" }, "desiredDeliveryMediums": { "type": "array", "items": { "type": "string" }, "description": "A list of mediums to the welcome message will be sent through. Allowed values are `EMAIL` and `SMS`. If it's provided, make sure you have also specified `email` attribute for the `EMAIL` medium and `phone_number` for the `SMS`. More than one value can be specified. Amazon Cognito does not store the `desired_delivery_mediums` value. Defaults to `[\"SMS\"]`.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the user should be enabled after creation. The welcome message will be sent regardless of the `enabled` value. The behavior can be changed with `message_action` argument. Defaults to `true`.\n" }, "forceAliasCreation": { "type": "boolean", "description": "If this parameter is set to True and the `phone_number` or `email` address specified in the `attributes` parameter already exists as an alias with a different user, Amazon Cognito will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias. Amazon Cognito does not store the `force_alias_creation` value. Defaults to `false`.\n" }, "lastModifiedDate": { "type": "string" }, "messageAction": { "type": "string", "description": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. Only one value can be specified. Amazon Cognito does not store the `message_action` value.\n" }, "mfaSettingLists": { "type": "array", "items": { "type": "string" } }, "password": { "type": "string", "description": "The user's permanent password. This password must conform to the password policy specified by user pool the user belongs to. The welcome message always contains only `temporary_password` value. You can suppress sending the welcome message with the `message_action` argument. Amazon Cognito does not store the `password` value. Conflicts with `temporary_password`.\n", "secret": true }, "preferredMfaSetting": { "type": "string" }, "status": { "type": "string", "description": "current user status.\n" }, "sub": { "type": "string", "description": "unique user id that is never reassignable to another user.\n" }, "temporaryPassword": { "type": "string", "description": "The user's temporary password. Conflicts with `password`.\n", "secret": true }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool where the user will be created.\n" }, "username": { "type": "string", "description": "The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed.\n\nThe following arguments are optional:\n" }, "validationData": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. Amazon Cognito does not store the `validation_data` value. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n\n\u003e **NOTE:** Clearing `password` or `temporary_password` does not reset user's password in Cognito.\n" } }, "required": [ "creationDate", "lastModifiedDate", "mfaSettingLists", "preferredMfaSetting", "status", "sub", "userPoolId", "username" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that contains user attributes and attribute values to be set for the user.\n" }, "clientMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of custom key-value pairs that you can provide as input for any custom workflows that user creation triggers. Amazon Cognito does not store the `client_metadata` value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration does not include triggers, the ClientMetadata parameter serves no purpose. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n" }, "desiredDeliveryMediums": { "type": "array", "items": { "type": "string" }, "description": "A list of mediums to the welcome message will be sent through. Allowed values are `EMAIL` and `SMS`. If it's provided, make sure you have also specified `email` attribute for the `EMAIL` medium and `phone_number` for the `SMS`. More than one value can be specified. Amazon Cognito does not store the `desired_delivery_mediums` value. Defaults to `[\"SMS\"]`.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the user should be enabled after creation. The welcome message will be sent regardless of the `enabled` value. The behavior can be changed with `message_action` argument. Defaults to `true`.\n" }, "forceAliasCreation": { "type": "boolean", "description": "If this parameter is set to True and the `phone_number` or `email` address specified in the `attributes` parameter already exists as an alias with a different user, Amazon Cognito will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias. Amazon Cognito does not store the `force_alias_creation` value. Defaults to `false`.\n" }, "messageAction": { "type": "string", "description": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. Only one value can be specified. Amazon Cognito does not store the `message_action` value.\n" }, "password": { "type": "string", "description": "The user's permanent password. This password must conform to the password policy specified by user pool the user belongs to. The welcome message always contains only `temporary_password` value. You can suppress sending the welcome message with the `message_action` argument. Amazon Cognito does not store the `password` value. Conflicts with `temporary_password`.\n", "secret": true }, "temporaryPassword": { "type": "string", "description": "The user's temporary password. Conflicts with `password`.\n", "secret": true }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool where the user will be created.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "validationData": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. Amazon Cognito does not store the `validation_data` value. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n\n\u003e **NOTE:** Clearing `password` or `temporary_password` does not reset user's password in Cognito.\n" } }, "requiredInputs": [ "userPoolId", "username" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that contains user attributes and attribute values to be set for the user.\n" }, "clientMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of custom key-value pairs that you can provide as input for any custom workflows that user creation triggers. Amazon Cognito does not store the `client_metadata` value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration does not include triggers, the ClientMetadata parameter serves no purpose. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n" }, "creationDate": { "type": "string" }, "desiredDeliveryMediums": { "type": "array", "items": { "type": "string" }, "description": "A list of mediums to the welcome message will be sent through. Allowed values are `EMAIL` and `SMS`. If it's provided, make sure you have also specified `email` attribute for the `EMAIL` medium and `phone_number` for the `SMS`. More than one value can be specified. Amazon Cognito does not store the `desired_delivery_mediums` value. Defaults to `[\"SMS\"]`.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the user should be enabled after creation. The welcome message will be sent regardless of the `enabled` value. The behavior can be changed with `message_action` argument. Defaults to `true`.\n" }, "forceAliasCreation": { "type": "boolean", "description": "If this parameter is set to True and the `phone_number` or `email` address specified in the `attributes` parameter already exists as an alias with a different user, Amazon Cognito will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias. Amazon Cognito does not store the `force_alias_creation` value. Defaults to `false`.\n" }, "lastModifiedDate": { "type": "string" }, "messageAction": { "type": "string", "description": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. Only one value can be specified. Amazon Cognito does not store the `message_action` value.\n" }, "mfaSettingLists": { "type": "array", "items": { "type": "string" } }, "password": { "type": "string", "description": "The user's permanent password. This password must conform to the password policy specified by user pool the user belongs to. The welcome message always contains only `temporary_password` value. You can suppress sending the welcome message with the `message_action` argument. Amazon Cognito does not store the `password` value. Conflicts with `temporary_password`.\n", "secret": true }, "preferredMfaSetting": { "type": "string" }, "status": { "type": "string", "description": "current user status.\n" }, "sub": { "type": "string", "description": "unique user id that is never reassignable to another user.\n" }, "temporaryPassword": { "type": "string", "description": "The user's temporary password. Conflicts with `password`.\n", "secret": true }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool where the user will be created.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "validationData": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. Amazon Cognito does not store the `validation_data` value. For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html).\n\n\u003e **NOTE:** Clearing `password` or `temporary_password` does not reset user's password in Cognito.\n" } }, "type": "object" } }, "aws:cognito/userGroup:UserGroup": { "description": "Provides a Cognito User Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.cognito.UserPool(\"main\", {name: \"identity pool\"});\nconst groupRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Federated\",\n identifiers: [\"cognito-identity.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRoleWithWebIdentity\"],\n conditions: [\n {\n test: \"StringEquals\",\n variable: \"cognito-identity.amazonaws.com:aud\",\n values: [\"us-east-1:12345678-dead-beef-cafe-123456790ab\"],\n },\n {\n test: \"ForAnyValue:StringLike\",\n variable: \"cognito-identity.amazonaws.com:amr\",\n values: [\"authenticated\"],\n },\n ],\n }],\n});\nconst groupRoleRole = new aws.iam.Role(\"group_role\", {\n name: \"user-group-role\",\n assumeRolePolicy: groupRole.then(groupRole =\u003e groupRole.json),\n});\nconst mainUserGroup = new aws.cognito.UserGroup(\"main\", {\n name: \"user-group\",\n userPoolId: main.id,\n description: \"Managed by Pulumi\",\n precedence: 42,\n roleArn: groupRoleRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cognito.UserPool(\"main\", name=\"identity pool\")\ngroup_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Federated\",\n \"identifiers\": [\"cognito-identity.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRoleWithWebIdentity\"],\n \"conditions\": [\n {\n \"test\": \"StringEquals\",\n \"variable\": \"cognito-identity.amazonaws.com:aud\",\n \"values\": [\"us-east-1:12345678-dead-beef-cafe-123456790ab\"],\n },\n {\n \"test\": \"ForAnyValue:StringLike\",\n \"variable\": \"cognito-identity.amazonaws.com:amr\",\n \"values\": [\"authenticated\"],\n },\n ],\n}])\ngroup_role_role = aws.iam.Role(\"group_role\",\n name=\"user-group-role\",\n assume_role_policy=group_role.json)\nmain_user_group = aws.cognito.UserGroup(\"main\",\n name=\"user-group\",\n user_pool_id=main.id,\n description=\"Managed by Pulumi\",\n precedence=42,\n role_arn=group_role_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Cognito.UserPool(\"main\", new()\n {\n Name = \"identity pool\",\n });\n\n var groupRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Federated\",\n Identifiers = new[]\n {\n \"cognito-identity.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRoleWithWebIdentity\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"cognito-identity.amazonaws.com:aud\",\n Values = new[]\n {\n \"us-east-1:12345678-dead-beef-cafe-123456790ab\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ForAnyValue:StringLike\",\n Variable = \"cognito-identity.amazonaws.com:amr\",\n Values = new[]\n {\n \"authenticated\",\n },\n },\n },\n },\n },\n });\n\n var groupRoleRole = new Aws.Iam.Role(\"group_role\", new()\n {\n Name = \"user-group-role\",\n AssumeRolePolicy = groupRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var mainUserGroup = new Aws.Cognito.UserGroup(\"main\", new()\n {\n Name = \"user-group\",\n UserPoolId = main.Id,\n Description = \"Managed by Pulumi\",\n Precedence = 42,\n RoleArn = groupRoleRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := cognito.NewUserPool(ctx, \"main\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"identity pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Federated\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cognito-identity.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRoleWithWebIdentity\",\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"StringEquals\",\n\t\t\t\t\t\t\tVariable: \"cognito-identity.amazonaws.com:aud\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"us-east-1:12345678-dead-beef-cafe-123456790ab\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"ForAnyValue:StringLike\",\n\t\t\t\t\t\t\tVariable: \"cognito-identity.amazonaws.com:amr\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"authenticated\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroupRoleRole, err := iam.NewRole(ctx, \"group_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"user-group-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(groupRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserGroup(ctx, \"main\", \u0026cognito.UserGroupArgs{\n\t\t\tName: pulumi.String(\"user-group\"),\n\t\t\tUserPoolId: main.ID(),\n\t\t\tDescription: pulumi.String(\"Managed by Pulumi\"),\n\t\t\tPrecedence: pulumi.Int(42),\n\t\t\tRoleArn: groupRoleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cognito.UserGroup;\nimport com.pulumi.aws.cognito.UserGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new UserPool(\"main\", UserPoolArgs.builder()\n .name(\"identity pool\")\n .build());\n\n final var groupRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Federated\")\n .identifiers(\"cognito-identity.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRoleWithWebIdentity\")\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"cognito-identity.amazonaws.com:aud\")\n .values(\"us-east-1:12345678-dead-beef-cafe-123456790ab\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ForAnyValue:StringLike\")\n .variable(\"cognito-identity.amazonaws.com:amr\")\n .values(\"authenticated\")\n .build())\n .build())\n .build());\n\n var groupRoleRole = new Role(\"groupRoleRole\", RoleArgs.builder()\n .name(\"user-group-role\")\n .assumeRolePolicy(groupRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var mainUserGroup = new UserGroup(\"mainUserGroup\", UserGroupArgs.builder()\n .name(\"user-group\")\n .userPoolId(main.id())\n .description(\"Managed by Pulumi\")\n .precedence(42)\n .roleArn(groupRoleRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cognito:UserPool\n properties:\n name: identity pool\n groupRoleRole:\n type: aws:iam:Role\n name: group_role\n properties:\n name: user-group-role\n assumeRolePolicy: ${groupRole.json}\n mainUserGroup:\n type: aws:cognito:UserGroup\n name: main\n properties:\n name: user-group\n userPoolId: ${main.id}\n description: Managed by Pulumi\n precedence: 42\n roleArn: ${groupRoleRole.arn}\nvariables:\n groupRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Federated\n identifiers:\n - cognito-identity.amazonaws.com\n actions:\n - sts:AssumeRoleWithWebIdentity\n conditions:\n - test: StringEquals\n variable: cognito-identity.amazonaws.com:aud\n values:\n - us-east-1:12345678-dead-beef-cafe-123456790ab\n - test: ForAnyValue:StringLike\n variable: cognito-identity.amazonaws.com:amr\n values:\n - authenticated\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Groups using the `user_pool_id`/`name` attributes concatenated. For example:\n\n```sh\n$ pulumi import aws:cognito/userGroup:UserGroup group us-east-1_vG78M4goG/user-group\n```\n", "properties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n" }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" } }, "required": [ "name", "userPoolId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n", "willReplaceOnChanges": true }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description of the user group.\n" }, "name": { "type": "string", "description": "The name of the user group.\n", "willReplaceOnChanges": true }, "precedence": { "type": "integer", "description": "The precedence of the user group.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be associated with the user group.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/userInGroup:UserInGroup": { "description": "Adds the specified user to the specified group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {\n name: \"example\",\n passwordPolicy: {\n temporaryPasswordValidityDays: 7,\n minimumLength: 6,\n requireUppercase: false,\n requireSymbols: false,\n requireNumbers: false,\n },\n});\nconst exampleUser = new aws.cognito.User(\"example\", {\n userPoolId: example.id,\n username: \"example\",\n});\nconst exampleUserGroup = new aws.cognito.UserGroup(\"example\", {\n userPoolId: example.id,\n name: \"example\",\n});\nconst exampleUserInGroup = new aws.cognito.UserInGroup(\"example\", {\n userPoolId: example.id,\n groupName: exampleUserGroup.name,\n username: exampleUser.username,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\",\n name=\"example\",\n password_policy={\n \"temporary_password_validity_days\": 7,\n \"minimum_length\": 6,\n \"require_uppercase\": False,\n \"require_symbols\": False,\n \"require_numbers\": False,\n })\nexample_user = aws.cognito.User(\"example\",\n user_pool_id=example.id,\n username=\"example\")\nexample_user_group = aws.cognito.UserGroup(\"example\",\n user_pool_id=example.id,\n name=\"example\")\nexample_user_in_group = aws.cognito.UserInGroup(\"example\",\n user_pool_id=example.id,\n group_name=example_user_group.name,\n username=example_user.username)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n PasswordPolicy = new Aws.Cognito.Inputs.UserPoolPasswordPolicyArgs\n {\n TemporaryPasswordValidityDays = 7,\n MinimumLength = 6,\n RequireUppercase = false,\n RequireSymbols = false,\n RequireNumbers = false,\n },\n });\n\n var exampleUser = new Aws.Cognito.User(\"example\", new()\n {\n UserPoolId = example.Id,\n Username = \"example\",\n });\n\n var exampleUserGroup = new Aws.Cognito.UserGroup(\"example\", new()\n {\n UserPoolId = example.Id,\n Name = \"example\",\n });\n\n var exampleUserInGroup = new Aws.Cognito.UserInGroup(\"example\", new()\n {\n UserPoolId = example.Id,\n GroupName = exampleUserGroup.Name,\n Username = exampleUser.Username,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPasswordPolicy: \u0026cognito.UserPoolPasswordPolicyArgs{\n\t\t\t\tTemporaryPasswordValidityDays: pulumi.Int(7),\n\t\t\t\tMinimumLength: pulumi.Int(6),\n\t\t\t\tRequireUppercase: pulumi.Bool(false),\n\t\t\t\tRequireSymbols: pulumi.Bool(false),\n\t\t\t\tRequireNumbers: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := cognito.NewUser(ctx, \"example\", \u0026cognito.UserArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserGroup, err := cognito.NewUserGroup(ctx, \"example\", \u0026cognito.UserGroupArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserInGroup(ctx, \"example\", \u0026cognito.UserInGroupArgs{\n\t\t\tUserPoolId: example.ID(),\n\t\t\tGroupName: exampleUserGroup.Name,\n\t\t\tUsername: exampleUser.Username,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolPasswordPolicyArgs;\nimport com.pulumi.aws.cognito.User;\nimport com.pulumi.aws.cognito.UserArgs;\nimport com.pulumi.aws.cognito.UserGroup;\nimport com.pulumi.aws.cognito.UserGroupArgs;\nimport com.pulumi.aws.cognito.UserInGroup;\nimport com.pulumi.aws.cognito.UserInGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"example\")\n .passwordPolicy(UserPoolPasswordPolicyArgs.builder()\n .temporaryPasswordValidityDays(7)\n .minimumLength(6)\n .requireUppercase(false)\n .requireSymbols(false)\n .requireNumbers(false)\n .build())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .userPoolId(example.id())\n .username(\"example\")\n .build());\n\n var exampleUserGroup = new UserGroup(\"exampleUserGroup\", UserGroupArgs.builder()\n .userPoolId(example.id())\n .name(\"example\")\n .build());\n\n var exampleUserInGroup = new UserInGroup(\"exampleUserInGroup\", UserInGroupArgs.builder()\n .userPoolId(example.id())\n .groupName(exampleUserGroup.name())\n .username(exampleUser.username())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: example\n passwordPolicy:\n temporaryPasswordValidityDays: 7\n minimumLength: 6\n requireUppercase: false\n requireSymbols: false\n requireNumbers: false\n exampleUser:\n type: aws:cognito:User\n name: example\n properties:\n userPoolId: ${example.id}\n username: example\n exampleUserGroup:\n type: aws:cognito:UserGroup\n name: example\n properties:\n userPoolId: ${example.id}\n name: example\n exampleUserInGroup:\n type: aws:cognito:UserInGroup\n name: example\n properties:\n userPoolId: ${example.id}\n groupName: ${exampleUserGroup.name}\n username: ${exampleUser.username}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupName": { "type": "string", "description": "The name of the group to which the user is to be added.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID of the user and group.\n" }, "username": { "type": "string", "description": "The username of the user to be added to the group.\n" } }, "required": [ "groupName", "userPoolId", "username" ], "inputProperties": { "groupName": { "type": "string", "description": "The name of the group to which the user is to be added.\n", "willReplaceOnChanges": true }, "userPoolId": { "type": "string", "description": "The user pool ID of the user and group.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "The username of the user to be added to the group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupName", "userPoolId", "username" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserInGroup resources.\n", "properties": { "groupName": { "type": "string", "description": "The name of the group to which the user is to be added.\n", "willReplaceOnChanges": true }, "userPoolId": { "type": "string", "description": "The user pool ID of the user and group.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "The username of the user to be added to the group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:cognito/userPool:UserPool": { "description": "Provides a Cognito User Pool resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"mypool\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"mypool\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"mypool\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"mypool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"mypool\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pool:\n type: aws:cognito:UserPool\n properties:\n name: mypool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling SMS and Software Token Multi-Factor Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {\n mfaConfiguration: \"ON\",\n smsAuthenticationMessage: \"Your code is {####}\",\n smsConfiguration: {\n externalId: \"example\",\n snsCallerArn: exampleAwsIamRole.arn,\n snsRegion: \"us-east-1\",\n },\n softwareTokenMfaConfiguration: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\",\n mfa_configuration=\"ON\",\n sms_authentication_message=\"Your code is {####}\",\n sms_configuration={\n \"external_id\": \"example\",\n \"sns_caller_arn\": example_aws_iam_role[\"arn\"],\n \"sns_region\": \"us-east-1\",\n },\n software_token_mfa_configuration={\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n MfaConfiguration = \"ON\",\n SmsAuthenticationMessage = \"Your code is {####}\",\n SmsConfiguration = new Aws.Cognito.Inputs.UserPoolSmsConfigurationArgs\n {\n ExternalId = \"example\",\n SnsCallerArn = exampleAwsIamRole.Arn,\n SnsRegion = \"us-east-1\",\n },\n SoftwareTokenMfaConfiguration = new Aws.Cognito.Inputs.UserPoolSoftwareTokenMfaConfigurationArgs\n {\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tMfaConfiguration: pulumi.String(\"ON\"),\n\t\t\tSmsAuthenticationMessage: pulumi.String(\"Your code is {####}\"),\n\t\t\tSmsConfiguration: \u0026cognito.UserPoolSmsConfigurationArgs{\n\t\t\t\tExternalId: pulumi.String(\"example\"),\n\t\t\t\tSnsCallerArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\tSnsRegion: pulumi.String(\"us-east-1\"),\n\t\t\t},\n\t\t\tSoftwareTokenMfaConfiguration: \u0026cognito.UserPoolSoftwareTokenMfaConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolSmsConfigurationArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolSoftwareTokenMfaConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .mfaConfiguration(\"ON\")\n .smsAuthenticationMessage(\"Your code is {####}\")\n .smsConfiguration(UserPoolSmsConfigurationArgs.builder()\n .externalId(\"example\")\n .snsCallerArn(exampleAwsIamRole.arn())\n .snsRegion(\"us-east-1\")\n .build())\n .softwareTokenMfaConfiguration(UserPoolSoftwareTokenMfaConfigurationArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n mfaConfiguration: ON\n smsAuthenticationMessage: Your code is {####}\n smsConfiguration:\n externalId: example\n snsCallerArn: ${exampleAwsIamRole.arn}\n snsRegion: us-east-1\n softwareTokenMfaConfiguration:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Account Recovery Setting\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.cognito.UserPool(\"test\", {\n name: \"mypool\",\n accountRecoverySetting: {\n recoveryMechanisms: [\n {\n name: \"verified_email\",\n priority: 1,\n },\n {\n name: \"verified_phone_number\",\n priority: 2,\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cognito.UserPool(\"test\",\n name=\"mypool\",\n account_recovery_setting={\n \"recovery_mechanisms\": [\n {\n \"name\": \"verified_email\",\n \"priority\": 1,\n },\n {\n \"name\": \"verified_phone_number\",\n \"priority\": 2,\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Cognito.UserPool(\"test\", new()\n {\n Name = \"mypool\",\n AccountRecoverySetting = new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingArgs\n {\n RecoveryMechanisms = new[]\n {\n new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingRecoveryMechanismArgs\n {\n Name = \"verified_email\",\n Priority = 1,\n },\n new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingRecoveryMechanismArgs\n {\n Name = \"verified_phone_number\",\n Priority = 2,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.NewUserPool(ctx, \"test\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"mypool\"),\n\t\t\tAccountRecoverySetting: \u0026cognito.UserPoolAccountRecoverySettingArgs{\n\t\t\t\tRecoveryMechanisms: cognito.UserPoolAccountRecoverySettingRecoveryMechanismArray{\n\t\t\t\t\t\u0026cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs{\n\t\t\t\t\t\tName: pulumi.String(\"verified_email\"),\n\t\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs{\n\t\t\t\t\t\tName: pulumi.String(\"verified_phone_number\"),\n\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolAccountRecoverySettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new UserPool(\"test\", UserPoolArgs.builder()\n .name(\"mypool\")\n .accountRecoverySetting(UserPoolAccountRecoverySettingArgs.builder()\n .recoveryMechanisms( \n UserPoolAccountRecoverySettingRecoveryMechanismArgs.builder()\n .name(\"verified_email\")\n .priority(1)\n .build(),\n UserPoolAccountRecoverySettingRecoveryMechanismArgs.builder()\n .name(\"verified_phone_number\")\n .priority(2)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cognito:UserPool\n properties:\n name: mypool\n accountRecoverySetting:\n recoveryMechanisms:\n - name: verified_email\n priority: 1\n - name: verified_phone_number\n priority: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pools using the `id`. For example:\n\n```sh\n$ pulumi import aws:cognito/userPool:UserPool pool us-west-2_abc123\n```\n", "properties": { "accountRecoverySetting": { "$ref": "#/types/aws:cognito/UserPoolAccountRecoverySetting:UserPoolAccountRecoverySetting", "description": "Configuration block to define which verified available method a user can use to recover their forgotten password. Detailed below.\n" }, "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "Configuration block for creating a new user profile. Detailed below.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Valid values: `phone_number`, `email`, or `preferred_username`. Conflicts with `username_attributes`.\n" }, "arn": { "type": "string", "description": "ARN of the user pool.\n" }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes to be auto-verified. Valid values: `email`, `phone_number`.\n" }, "creationDate": { "type": "string", "description": "Date the user pool was created.\n" }, "customDomain": { "type": "string", "description": "A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. For example: `auth.example.com`.\n" }, "deletionProtection": { "type": "string", "description": "When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature. Valid values are `ACTIVE` and `INACTIVE`, Default value is `INACTIVE`.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "Configuration block for the user pool's device tracking. Detailed below.\n" }, "domain": { "type": "string", "description": "Holds the domain prefix if the user pool has a domain associated with it.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "Configuration block for configuring email. Detailed below.\n" }, "emailVerificationMessage": { "type": "string", "description": "String representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "String representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "endpoint": { "type": "string", "description": "Endpoint name of the user pool. Example format: `cognito-idp.REGION.amazonaws.com/xxxx_yyyyy`\n" }, "estimatedNumberOfUsers": { "type": "integer", "description": "A number estimating the size of the user pool.\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "Configuration block for the AWS Lambda triggers associated with the user pool. Detailed below.\n" }, "lastModifiedDate": { "type": "string", "description": "Date the user pool was last modified.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values are `OFF` (MFA Tokens are not required), `ON` (MFA is required for all users to sign in; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured), or `OPTIONAL` (MFA Will be required only for individual users who have MFA Enabled; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured).\n" }, "name": { "type": "string", "description": "Name of the user pool.\n\nThe following arguments are optional:\n" }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "Configuration block for information about the user pool password policy. Detailed below.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "Configuration block for the schema attributes of a user pool. Detailed below. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Attributes can be added, but not modified or removed. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "String representing the SMS authentication message. The Message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the `taint` command.\n" }, "smsVerificationMessage": { "type": "string", "description": "String representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the User Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userAttributeUpdateSettings": { "$ref": "#/types/aws:cognito/UserPoolUserAttributeUpdateSettings:UserPoolUserAttributeUpdateSettings", "description": "Configuration block for user attribute update settings. Detailed below.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features. Detailed below.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n" }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "Configuration block for username configuration. Detailed below.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "Configuration block for verification message templates. Detailed below.\n" } }, "required": [ "adminCreateUserConfig", "arn", "creationDate", "customDomain", "domain", "emailVerificationMessage", "emailVerificationSubject", "endpoint", "estimatedNumberOfUsers", "lastModifiedDate", "name", "passwordPolicy", "smsConfiguration", "smsVerificationMessage", "tagsAll", "verificationMessageTemplate" ], "inputProperties": { "accountRecoverySetting": { "$ref": "#/types/aws:cognito/UserPoolAccountRecoverySetting:UserPoolAccountRecoverySetting", "description": "Configuration block to define which verified available method a user can use to recover their forgotten password. Detailed below.\n" }, "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "Configuration block for creating a new user profile. Detailed below.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Valid values: `phone_number`, `email`, or `preferred_username`. Conflicts with `username_attributes`.\n", "willReplaceOnChanges": true }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes to be auto-verified. Valid values: `email`, `phone_number`.\n" }, "deletionProtection": { "type": "string", "description": "When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature. Valid values are `ACTIVE` and `INACTIVE`, Default value is `INACTIVE`.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "Configuration block for the user pool's device tracking. Detailed below.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "Configuration block for configuring email. Detailed below.\n" }, "emailVerificationMessage": { "type": "string", "description": "String representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "String representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "Configuration block for the AWS Lambda triggers associated with the user pool. Detailed below.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values are `OFF` (MFA Tokens are not required), `ON` (MFA is required for all users to sign in; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured), or `OPTIONAL` (MFA Will be required only for individual users who have MFA Enabled; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured).\n" }, "name": { "type": "string", "description": "Name of the user pool.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "Configuration block for information about the user pool password policy. Detailed below.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "Configuration block for the schema attributes of a user pool. Detailed below. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Attributes can be added, but not modified or removed. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "String representing the SMS authentication message. The Message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the `taint` command.\n" }, "smsVerificationMessage": { "type": "string", "description": "String representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the User Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userAttributeUpdateSettings": { "$ref": "#/types/aws:cognito/UserPoolUserAttributeUpdateSettings:UserPoolUserAttributeUpdateSettings", "description": "Configuration block for user attribute update settings. Detailed below.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features. Detailed below.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n", "willReplaceOnChanges": true }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "Configuration block for username configuration. Detailed below.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "Configuration block for verification message templates. Detailed below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering UserPool resources.\n", "properties": { "accountRecoverySetting": { "$ref": "#/types/aws:cognito/UserPoolAccountRecoverySetting:UserPoolAccountRecoverySetting", "description": "Configuration block to define which verified available method a user can use to recover their forgotten password. Detailed below.\n" }, "adminCreateUserConfig": { "$ref": "#/types/aws:cognito/UserPoolAdminCreateUserConfig:UserPoolAdminCreateUserConfig", "description": "Configuration block for creating a new user profile. Detailed below.\n" }, "aliasAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes supported as an alias for this user pool. Valid values: `phone_number`, `email`, or `preferred_username`. Conflicts with `username_attributes`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the user pool.\n" }, "autoVerifiedAttributes": { "type": "array", "items": { "type": "string" }, "description": "Attributes to be auto-verified. Valid values: `email`, `phone_number`.\n" }, "creationDate": { "type": "string", "description": "Date the user pool was created.\n" }, "customDomain": { "type": "string", "description": "A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. For example: `auth.example.com`.\n" }, "deletionProtection": { "type": "string", "description": "When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature. Valid values are `ACTIVE` and `INACTIVE`, Default value is `INACTIVE`.\n" }, "deviceConfiguration": { "$ref": "#/types/aws:cognito/UserPoolDeviceConfiguration:UserPoolDeviceConfiguration", "description": "Configuration block for the user pool's device tracking. Detailed below.\n" }, "domain": { "type": "string", "description": "Holds the domain prefix if the user pool has a domain associated with it.\n" }, "emailConfiguration": { "$ref": "#/types/aws:cognito/UserPoolEmailConfiguration:UserPoolEmailConfiguration", "description": "Configuration block for configuring email. Detailed below.\n" }, "emailVerificationMessage": { "type": "string", "description": "String representing the email verification message. Conflicts with `verification_message_template` configuration block `email_message` argument.\n" }, "emailVerificationSubject": { "type": "string", "description": "String representing the email verification subject. Conflicts with `verification_message_template` configuration block `email_subject` argument.\n" }, "endpoint": { "type": "string", "description": "Endpoint name of the user pool. Example format: `cognito-idp.REGION.amazonaws.com/xxxx_yyyyy`\n" }, "estimatedNumberOfUsers": { "type": "integer", "description": "A number estimating the size of the user pool.\n" }, "lambdaConfig": { "$ref": "#/types/aws:cognito/UserPoolLambdaConfig:UserPoolLambdaConfig", "description": "Configuration block for the AWS Lambda triggers associated with the user pool. Detailed below.\n" }, "lastModifiedDate": { "type": "string", "description": "Date the user pool was last modified.\n" }, "mfaConfiguration": { "type": "string", "description": "Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of `OFF`. Valid values are `OFF` (MFA Tokens are not required), `ON` (MFA is required for all users to sign in; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured), or `OPTIONAL` (MFA Will be required only for individual users who have MFA Enabled; requires at least one of `sms_configuration` or `software_token_mfa_configuration` to be configured).\n" }, "name": { "type": "string", "description": "Name of the user pool.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "passwordPolicy": { "$ref": "#/types/aws:cognito/UserPoolPasswordPolicy:UserPoolPasswordPolicy", "description": "Configuration block for information about the user pool password policy. Detailed below.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:cognito/UserPoolSchema:UserPoolSchema" }, "description": "Configuration block for the schema attributes of a user pool. Detailed below. Schema attributes from the [standard attribute set](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes) only need to be specified if they are different from the default configuration. Attributes can be added, but not modified or removed. Maximum of 50 attributes.\n" }, "smsAuthenticationMessage": { "type": "string", "description": "String representing the SMS authentication message. The Message must contain the `{####}` placeholder, which will be replaced with the code.\n" }, "smsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSmsConfiguration:UserPoolSmsConfiguration", "description": "Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the `taint` command.\n" }, "smsVerificationMessage": { "type": "string", "description": "String representing the SMS verification message. Conflicts with `verification_message_template` configuration block `sms_message` argument.\n" }, "softwareTokenMfaConfiguration": { "$ref": "#/types/aws:cognito/UserPoolSoftwareTokenMfaConfiguration:UserPoolSoftwareTokenMfaConfiguration", "description": "Configuration block for software token Mult-Factor Authentication (MFA) settings. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the User Pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userAttributeUpdateSettings": { "$ref": "#/types/aws:cognito/UserPoolUserAttributeUpdateSettings:UserPoolUserAttributeUpdateSettings", "description": "Configuration block for user attribute update settings. Detailed below.\n" }, "userPoolAddOns": { "$ref": "#/types/aws:cognito/UserPoolUserPoolAddOns:UserPoolUserPoolAddOns", "description": "Configuration block for user pool add-ons to enable user pool advanced security mode features. Detailed below.\n" }, "usernameAttributes": { "type": "array", "items": { "type": "string" }, "description": "Whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with `alias_attributes`.\n", "willReplaceOnChanges": true }, "usernameConfiguration": { "$ref": "#/types/aws:cognito/UserPoolUsernameConfiguration:UserPoolUsernameConfiguration", "description": "Configuration block for username configuration. Detailed below.\n" }, "verificationMessageTemplate": { "$ref": "#/types/aws:cognito/UserPoolVerificationMessageTemplate:UserPoolVerificationMessageTemplate", "description": "Configuration block for verification message templates. Detailed below.\n" } }, "type": "object" } }, "aws:cognito/userPoolClient:UserPoolClient": { "description": "Provides a Cognito User Pool Client resource.\n\nTo manage a User Pool Client created by another service, such as when [configuring an OpenSearch Domain to use Cognito authentication](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html),\nuse the `aws.cognito.ManagedUserPoolClient` resource instead.\n\n## Example Usage\n\n### Create a basic user pool client\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"pool\"});\nconst client = new aws.cognito.UserPoolClient(\"client\", {\n name: \"client\",\n userPoolId: pool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\",\n name=\"client\",\n user_pool_id=pool.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"pool\",\n });\n\n var client = new Aws.Cognito.UserPoolClient(\"client\", new()\n {\n Name = \"client\",\n UserPoolId = pool.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"client\"),\n\t\t\tUserPoolId: pool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var client = new UserPoolClient(\"client\", UserPoolClientArgs.builder()\n .name(\"client\")\n .userPoolId(pool.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n client:\n type: aws:cognito:UserPoolClient\n properties:\n name: client\n userPoolId: ${pool.id}\n pool:\n type: aws:cognito:UserPool\n properties:\n name: pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create a user pool client with no SRP authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"pool\"});\nconst client = new aws.cognito.UserPoolClient(\"client\", {\n name: \"client\",\n userPoolId: pool.id,\n generateSecret: true,\n explicitAuthFlows: [\"ADMIN_NO_SRP_AUTH\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\",\n name=\"client\",\n user_pool_id=pool.id,\n generate_secret=True,\n explicit_auth_flows=[\"ADMIN_NO_SRP_AUTH\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"pool\",\n });\n\n var client = new Aws.Cognito.UserPoolClient(\"client\", new()\n {\n Name = \"client\",\n UserPoolId = pool.Id,\n GenerateSecret = true,\n ExplicitAuthFlows = new[]\n {\n \"ADMIN_NO_SRP_AUTH\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"client\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"client\"),\n\t\t\tUserPoolId: pool.ID(),\n\t\t\tGenerateSecret: pulumi.Bool(true),\n\t\t\tExplicitAuthFlows: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ADMIN_NO_SRP_AUTH\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var client = new UserPoolClient(\"client\", UserPoolClientArgs.builder()\n .name(\"client\")\n .userPoolId(pool.id())\n .generateSecret(true)\n .explicitAuthFlows(\"ADMIN_NO_SRP_AUTH\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n client:\n type: aws:cognito:UserPoolClient\n properties:\n name: client\n userPoolId: ${pool.id}\n generateSecret: true\n explicitAuthFlows:\n - ADMIN_NO_SRP_AUTH\n pool:\n type: aws:cognito:UserPool\n properties:\n name: pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create a user pool client with pinpoint analytics\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testUserPool = new aws.cognito.UserPool(\"test\", {name: \"pool\"});\nconst testApp = new aws.pinpoint.App(\"test\", {name: \"pinpoint\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cognito-idp.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst testRole = new aws.iam.Role(\"test\", {\n name: \"role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testUserPoolClient = new aws.cognito.UserPoolClient(\"test\", {\n name: \"pool_client\",\n userPoolId: testUserPool.id,\n analyticsConfiguration: {\n applicationId: testApp.applicationId,\n externalId: \"some_id\",\n roleArn: testRole.arn,\n userDataShared: true,\n },\n});\nconst current = aws.getCallerIdentity({});\nconst test = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutEvents\",\n ],\n resources: [pulumi.all([current, testApp.applicationId]).apply(([current, applicationId]) =\u003e `arn:aws:mobiletargeting:*:${current.accountId}:apps/${applicationId}*`)],\n }],\n});\nconst testRolePolicy = new aws.iam.RolePolicy(\"test\", {\n name: \"role_policy\",\n role: testRole.id,\n policy: test.apply(test =\u003e test.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_user_pool = aws.cognito.UserPool(\"test\", name=\"pool\")\ntest_app = aws.pinpoint.App(\"test\", name=\"pinpoint\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"cognito-idp.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ntest_role = aws.iam.Role(\"test\",\n name=\"role\",\n assume_role_policy=assume_role.json)\ntest_user_pool_client = aws.cognito.UserPoolClient(\"test\",\n name=\"pool_client\",\n user_pool_id=test_user_pool.id,\n analytics_configuration={\n \"application_id\": test_app.application_id,\n \"external_id\": \"some_id\",\n \"role_arn\": test_role.arn,\n \"user_data_shared\": True,\n })\ncurrent = aws.get_caller_identity()\ntest = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutEvents\",\n ],\n \"resources\": [test_app.application_id.apply(lambda application_id: f\"arn:aws:mobiletargeting:*:{current.account_id}:apps/{application_id}*\")],\n}])\ntest_role_policy = aws.iam.RolePolicy(\"test\",\n name=\"role_policy\",\n role=test_role.id,\n policy=test.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testUserPool = new Aws.Cognito.UserPool(\"test\", new()\n {\n Name = \"pool\",\n });\n\n var testApp = new Aws.Pinpoint.App(\"test\", new()\n {\n Name = \"pinpoint\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cognito-idp.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testUserPoolClient = new Aws.Cognito.UserPoolClient(\"test\", new()\n {\n Name = \"pool_client\",\n UserPoolId = testUserPool.Id,\n AnalyticsConfiguration = new Aws.Cognito.Inputs.UserPoolClientAnalyticsConfigurationArgs\n {\n ApplicationId = testApp.ApplicationId,\n ExternalId = \"some_id\",\n RoleArn = testRole.Arn,\n UserDataShared = true,\n },\n });\n\n var current = Aws.GetCallerIdentity.Invoke();\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutEvents\",\n },\n Resources = new[]\n {\n $\"arn:aws:mobiletargeting:*:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:apps/{testApp.ApplicationId}*\",\n },\n },\n },\n });\n\n var testRolePolicy = new Aws.Iam.RolePolicy(\"test\", new()\n {\n Name = \"role_policy\",\n Role = testRole.Id,\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestUserPool, err := cognito.NewUserPool(ctx, \"test\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestApp, err := pinpoint.NewApp(ctx, \"test\", \u0026pinpoint.AppArgs{\n\t\t\tName: pulumi.String(\"pinpoint\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cognito-idp.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"test\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"pool_client\"),\n\t\t\tUserPoolId: testUserPool.ID(),\n\t\t\tAnalyticsConfiguration: \u0026cognito.UserPoolClientAnalyticsConfigurationArgs{\n\t\t\t\tApplicationId: testApp.ApplicationId,\n\t\t\t\tExternalId: pulumi.String(\"some_id\"),\n\t\t\t\tRoleArn: testRole.Arn,\n\t\t\t\tUserDataShared: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"mobiletargeting:UpdateEndpoint\"),\n\t\t\t\t\t\tpulumi.String(\"mobiletargeting:PutEvents\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestApp.ApplicationId.ApplyT(func(applicationId string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:mobiletargeting:*:%v:apps/%v*\", current.AccountId, applicationId), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"role_policy\"),\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(test.ApplyT(func(test iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026test.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.AppArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport com.pulumi.aws.cognito.inputs.UserPoolClientAnalyticsConfigurationArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testUserPool = new UserPool(\"testUserPool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var testApp = new App(\"testApp\", AppArgs.builder()\n .name(\"pinpoint\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cognito-idp.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testUserPoolClient = new UserPoolClient(\"testUserPoolClient\", UserPoolClientArgs.builder()\n .name(\"pool_client\")\n .userPoolId(testUserPool.id())\n .analyticsConfiguration(UserPoolClientAnalyticsConfigurationArgs.builder()\n .applicationId(testApp.applicationId())\n .externalId(\"some_id\")\n .roleArn(testRole.arn())\n .userDataShared(true)\n .build())\n .build());\n\n final var current = AwsFunctions.getCallerIdentity();\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"mobiletargeting:UpdateEndpoint\",\n \"mobiletargeting:PutEvents\")\n .resources(testApp.applicationId().applyValue(applicationId -\u003e String.format(\"arn:aws:mobiletargeting:*:%s:apps/%s*\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),applicationId)))\n .build())\n .build());\n\n var testRolePolicy = new RolePolicy(\"testRolePolicy\", RolePolicyArgs.builder()\n .name(\"role_policy\")\n .role(testRole.id())\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(test -\u003e test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testUserPoolClient:\n type: aws:cognito:UserPoolClient\n name: test\n properties:\n name: pool_client\n userPoolId: ${testUserPool.id}\n analyticsConfiguration:\n applicationId: ${testApp.applicationId}\n externalId: some_id\n roleArn: ${testRole.arn}\n userDataShared: true\n testUserPool:\n type: aws:cognito:UserPool\n name: test\n properties:\n name: pool\n testApp:\n type: aws:pinpoint:App\n name: test\n properties:\n name: pinpoint\n testRole:\n type: aws:iam:Role\n name: test\n properties:\n name: role\n assumeRolePolicy: ${assumeRole.json}\n testRolePolicy:\n type: aws:iam:RolePolicy\n name: test\n properties:\n name: role_policy\n role: ${testRole.id}\n policy: ${test.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - cognito-idp.amazonaws.com\n actions:\n - sts:AssumeRole\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - mobiletargeting:UpdateEndpoint\n - mobiletargeting:PutEvents\n resources:\n - arn:aws:mobiletargeting:*:${current.accountId}:apps/${testApp.applicationId}*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create a user pool client with Cognito as the identity provider\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pool = new aws.cognito.UserPool(\"pool\", {name: \"pool\"});\nconst userpoolClient = new aws.cognito.UserPoolClient(\"userpool_client\", {\n name: \"client\",\n userPoolId: pool.id,\n callbackUrls: [\"https://example.com\"],\n allowedOauthFlowsUserPoolClient: true,\n allowedOauthFlows: [\n \"code\",\n \"implicit\",\n ],\n allowedOauthScopes: [\n \"email\",\n \"openid\",\n ],\n supportedIdentityProviders: [\"COGNITO\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npool = aws.cognito.UserPool(\"pool\", name=\"pool\")\nuserpool_client = aws.cognito.UserPoolClient(\"userpool_client\",\n name=\"client\",\n user_pool_id=pool.id,\n callback_urls=[\"https://example.com\"],\n allowed_oauth_flows_user_pool_client=True,\n allowed_oauth_flows=[\n \"code\",\n \"implicit\",\n ],\n allowed_oauth_scopes=[\n \"email\",\n \"openid\",\n ],\n supported_identity_providers=[\"COGNITO\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pool = new Aws.Cognito.UserPool(\"pool\", new()\n {\n Name = \"pool\",\n });\n\n var userpoolClient = new Aws.Cognito.UserPoolClient(\"userpool_client\", new()\n {\n Name = \"client\",\n UserPoolId = pool.Id,\n CallbackUrls = new[]\n {\n \"https://example.com\",\n },\n AllowedOauthFlowsUserPoolClient = true,\n AllowedOauthFlows = new[]\n {\n \"code\",\n \"implicit\",\n },\n AllowedOauthScopes = new[]\n {\n \"email\",\n \"openid\",\n },\n SupportedIdentityProviders = new[]\n {\n \"COGNITO\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolClient(ctx, \"userpool_client\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"client\"),\n\t\t\tUserPoolId: pool.ID(),\n\t\t\tCallbackUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://example.com\"),\n\t\t\t},\n\t\t\tAllowedOauthFlowsUserPoolClient: pulumi.Bool(true),\n\t\t\tAllowedOauthFlows: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"code\"),\n\t\t\t\tpulumi.String(\"implicit\"),\n\t\t\t},\n\t\t\tAllowedOauthScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"email\"),\n\t\t\t\tpulumi.String(\"openid\"),\n\t\t\t},\n\t\t\tSupportedIdentityProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"COGNITO\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pool = new UserPool(\"pool\", UserPoolArgs.builder()\n .name(\"pool\")\n .build());\n\n var userpoolClient = new UserPoolClient(\"userpoolClient\", UserPoolClientArgs.builder()\n .name(\"client\")\n .userPoolId(pool.id())\n .callbackUrls(\"https://example.com\")\n .allowedOauthFlowsUserPoolClient(true)\n .allowedOauthFlows( \n \"code\",\n \"implicit\")\n .allowedOauthScopes( \n \"email\",\n \"openid\")\n .supportedIdentityProviders(\"COGNITO\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userpoolClient:\n type: aws:cognito:UserPoolClient\n name: userpool_client\n properties:\n name: client\n userPoolId: ${pool.id}\n callbackUrls:\n - https://example.com\n allowedOauthFlowsUserPoolClient: true\n allowedOauthFlows:\n - code\n - implicit\n allowedOauthScopes:\n - email\n - openid\n supportedIdentityProviders:\n - COGNITO\n pool:\n type: aws:cognito:UserPool\n properties:\n name: pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool Clients using the `id` of the Cognito User Pool, and the `id` of the Cognito User Pool Client. For example:\n\n```sh\n$ pulumi import aws:cognito/userPoolClient:UserPoolClient client us-west-2_abc123/3ho4ek12345678909nh3fmhpko\n```\n", "properties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.\n" }, "authSessionValidity": { "type": "integer", "description": "Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "Client secret of the user pool client.\n", "secret": true }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI. Must be in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Activates the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "Name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.\nBy default, the unit is days.\nThe unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/UserPoolClientTokenValidityUnits:UserPoolClientTokenValidityUnits", "description": "Configuration block for units in which the validity times are represented in. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n\nThe following arguments are optional:\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "required": [ "accessTokenValidity", "allowedOauthFlows", "allowedOauthFlowsUserPoolClient", "allowedOauthScopes", "authSessionValidity", "callbackUrls", "clientSecret", "defaultRedirectUri", "enablePropagateAdditionalUserContextData", "enableTokenRevocation", "explicitAuthFlows", "idTokenValidity", "logoutUrls", "name", "preventUserExistenceErrors", "readAttributes", "refreshTokenValidity", "supportedIdentityProviders", "userPoolId", "writeAttributes" ], "inputProperties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.\n" }, "authSessionValidity": { "type": "integer", "description": "Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI. Must be in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Activates the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "Name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.\nBy default, the unit is days.\nThe unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/UserPoolClientTokenValidityUnits:UserPoolClientTokenValidityUnits", "description": "Configuration block for units in which the validity times are represented in. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n\nThe following arguments are optional:\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPoolClient resources.\n", "properties": { "accessTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.access_token`.\n" }, "allowedOauthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth flows (code, implicit, client_credentials).\n" }, "allowedOauthFlowsUserPoolClient": { "type": "boolean", "description": "Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n" }, "allowedOauthScopes": { "type": "array", "items": { "type": "string" }, "description": "List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n" }, "analyticsConfiguration": { "$ref": "#/types/aws:cognito/UserPoolClientAnalyticsConfiguration:UserPoolClientAnalyticsConfiguration", "description": "Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.\n" }, "authSessionValidity": { "type": "integer", "description": "Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.\n" }, "callbackUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed callback URLs for the identity providers.\n" }, "clientSecret": { "type": "string", "description": "Client secret of the user pool client.\n", "secret": true }, "defaultRedirectUri": { "type": "string", "description": "Default redirect URI. Must be in the list of callback URLs.\n" }, "enablePropagateAdditionalUserContextData": { "type": "boolean", "description": "Activates the propagation of additional user context data.\n" }, "enableTokenRevocation": { "type": "boolean", "description": "Enables or disables token revocation.\n" }, "explicitAuthFlows": { "type": "array", "items": { "type": "string" }, "description": "List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n" }, "generateSecret": { "type": "boolean", "description": "Should an application secret be generated.\n" }, "idTokenValidity": { "type": "integer", "description": "Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.\nBy default, the unit is hours.\nThe unit can be overridden by a value in `token_validity_units.id_token`.\n" }, "logoutUrls": { "type": "array", "items": { "type": "string" }, "description": "List of allowed logout URLs for the identity providers.\n" }, "name": { "type": "string", "description": "Name of the application client.\n" }, "preventUserExistenceErrors": { "type": "string", "description": "Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n" }, "readAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can read from.\n" }, "refreshTokenValidity": { "type": "integer", "description": "Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.\nBy default, the unit is days.\nThe unit can be overridden by a value in `token_validity_units.refresh_token`.\n" }, "supportedIdentityProviders": { "type": "array", "items": { "type": "string" }, "description": "List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n" }, "tokenValidityUnits": { "$ref": "#/types/aws:cognito/UserPoolClientTokenValidityUnits:UserPoolClientTokenValidityUnits", "description": "Configuration block for units in which the validity times are represented in. Detailed below.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n\nThe following arguments are optional:\n" }, "writeAttributes": { "type": "array", "items": { "type": "string" }, "description": "List of user pool attributes the application client can write to.\n" } }, "type": "object" } }, "aws:cognito/userPoolDomain:UserPoolDomain": { "description": "Provides a Cognito User Pool Domain resource.\n\n## Example Usage\n\n### Amazon Cognito domain\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cognito.UserPool(\"example\", {name: \"example-pool\"});\nconst main = new aws.cognito.UserPoolDomain(\"main\", {\n domain: \"example-domain\",\n userPoolId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.UserPool(\"example\", name=\"example-pool\")\nmain = aws.cognito.UserPoolDomain(\"main\",\n domain=\"example-domain\",\n user_pool_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example-pool\",\n });\n\n var main = new Aws.Cognito.UserPoolDomain(\"main\", new()\n {\n Domain = \"example-domain\",\n UserPoolId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example-pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolDomain(ctx, \"main\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example-domain\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.cognito.UserPoolDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"example-pool\")\n .build());\n\n var main = new UserPoolDomain(\"main\", UserPoolDomainArgs.builder()\n .domain(\"example-domain\")\n .userPoolId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cognito:UserPoolDomain\n properties:\n domain: example-domain\n userPoolId: ${example.id}\n example:\n type: aws:cognito:UserPool\n properties:\n name: example-pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Cognito domain\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example-pool\"});\nconst main = new aws.cognito.UserPoolDomain(\"main\", {\n domain: \"example-domain\",\n certificateArn: cert.arn,\n userPoolId: exampleUserPool.id,\n});\nconst example = aws.route53.getZone({\n name: \"example.com\",\n});\nconst auth_cognito_A = new aws.route53.Record(\"auth-cognito-A\", {\n name: main.domain,\n type: aws.route53.RecordType.A,\n zoneId: example.then(example =\u003e example.zoneId),\n aliases: [{\n evaluateTargetHealth: false,\n name: main.cloudfrontDistribution,\n zoneId: main.cloudfrontDistributionZoneId,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example-pool\")\nmain = aws.cognito.UserPoolDomain(\"main\",\n domain=\"example-domain\",\n certificate_arn=cert[\"arn\"],\n user_pool_id=example_user_pool.id)\nexample = aws.route53.get_zone(name=\"example.com\")\nauth_cognito__a = aws.route53.Record(\"auth-cognito-A\",\n name=main.domain,\n type=aws.route53.RecordType.A,\n zone_id=example.zone_id,\n aliases=[{\n \"evaluate_target_health\": False,\n \"name\": main.cloudfront_distribution,\n \"zone_id\": main.cloudfront_distribution_zone_id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example-pool\",\n });\n\n var main = new Aws.Cognito.UserPoolDomain(\"main\", new()\n {\n Domain = \"example-domain\",\n CertificateArn = cert.Arn,\n UserPoolId = exampleUserPool.Id,\n });\n\n var example = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"example.com\",\n });\n\n var auth_cognito_A = new Aws.Route53.Record(\"auth-cognito-A\", new()\n {\n Name = main.Domain,\n Type = Aws.Route53.RecordType.A,\n ZoneId = example.Apply(getZoneResult =\u003e getZoneResult.ZoneId),\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n EvaluateTargetHealth = false,\n Name = main.CloudfrontDistribution,\n ZoneId = main.CloudfrontDistributionZoneId,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example-pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := cognito.NewUserPoolDomain(ctx, \"main\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example-domain\"),\n\t\t\tCertificateArn: pulumi.Any(cert.Arn),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: pulumi.StringRef(\"example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"auth-cognito-A\", \u0026route53.RecordArgs{\n\t\t\tName: main.Domain,\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tZoneId: pulumi.String(example.ZoneId),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(false),\n\t\t\t\t\tName: main.CloudfrontDistribution,\n\t\t\t\t\tZoneId: main.CloudfrontDistributionZoneId,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.cognito.UserPoolDomainArgs;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder()\n .name(\"example-pool\")\n .build());\n\n var main = new UserPoolDomain(\"main\", UserPoolDomainArgs.builder()\n .domain(\"example-domain\")\n .certificateArn(cert.arn())\n .userPoolId(exampleUserPool.id())\n .build());\n\n final var example = Route53Functions.getZone(GetZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var auth_cognito_A = new Record(\"auth-cognito-A\", RecordArgs.builder()\n .name(main.domain())\n .type(\"A\")\n .zoneId(example.applyValue(getZoneResult -\u003e getZoneResult.zoneId()))\n .aliases(RecordAliasArgs.builder()\n .evaluateTargetHealth(false)\n .name(main.cloudfrontDistribution())\n .zoneId(main.cloudfrontDistributionZoneId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:cognito:UserPoolDomain\n properties:\n domain: example-domain\n certificateArn: ${cert.arn}\n userPoolId: ${exampleUserPool.id}\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example-pool\n auth-cognito-A:\n type: aws:route53:Record\n properties:\n name: ${main.domain}\n type: A\n zoneId: ${example.zoneId}\n aliases:\n - evaluateTargetHealth: false\n name: ${main.cloudfrontDistribution}\n zoneId: ${main.cloudfrontDistributionZoneId}\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getZone\n Arguments:\n name: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool Domains using the `domain`. For example:\n\n```sh\n$ pulumi import aws:cognito/userPoolDomain:UserPoolDomain main auth.example.org\n```\n", "properties": { "awsAccountId": { "type": "string", "description": "The AWS account ID for the user pool owner.\n" }, "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "cloudfrontDistribution": { "type": "string", "description": "The Amazon CloudFront endpoint (e.g. `dpp0gtxikpq3y.cloudfront.net`) that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.\n" }, "cloudfrontDistributionArn": { "type": "string", "description": "The URL of the CloudFront distribution. This is required to generate the ALIAS `aws.route53.Record`\n" }, "cloudfrontDistributionZoneId": { "type": "string", "description": "The Route 53 hosted zone ID of the CloudFront distribution.\n" }, "domain": { "type": "string", "description": "For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, such as auth.\n" }, "s3Bucket": { "type": "string", "description": "The S3 bucket where the static files for this domain are stored.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n" }, "version": { "type": "string", "description": "The app version.\n" } }, "required": [ "awsAccountId", "cloudfrontDistribution", "cloudfrontDistributionArn", "cloudfrontDistributionZoneId", "domain", "s3Bucket", "userPoolId", "version" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "domain": { "type": "string", "description": "For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, such as auth.\n", "willReplaceOnChanges": true }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domain", "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPoolDomain resources.\n", "properties": { "awsAccountId": { "type": "string", "description": "The AWS account ID for the user pool owner.\n" }, "certificateArn": { "type": "string", "description": "The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.\n" }, "cloudfrontDistribution": { "type": "string", "description": "The Amazon CloudFront endpoint (e.g. `dpp0gtxikpq3y.cloudfront.net`) that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.\n" }, "cloudfrontDistributionArn": { "type": "string", "description": "The URL of the CloudFront distribution. This is required to generate the ALIAS `aws.route53.Record`\n" }, "cloudfrontDistributionZoneId": { "type": "string", "description": "The Route 53 hosted zone ID of the CloudFront distribution.\n" }, "domain": { "type": "string", "description": "For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, such as auth.\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "The S3 bucket where the static files for this domain are stored.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "The app version.\n" } }, "type": "object" } }, "aws:cognito/userPoolUICustomization:UserPoolUICustomization": { "description": "Provides a Cognito User Pool UI Customization resource.\n\n\u003e **Note:** To use this resource, the user pool must have a domain associated with it. For more information, see the Amazon Cognito Developer Guide on [Customizing the Built-in Sign-In and Sign-up Webpages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-ui-customization.html).\n\n## Example Usage\n\n### UI customization settings for a single client\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleUserPoolDomain = new aws.cognito.UserPoolDomain(\"example\", {\n domain: \"example\",\n userPoolId: example.id,\n});\nconst exampleUserPoolClient = new aws.cognito.UserPoolClient(\"example\", {\n name: \"example\",\n userPoolId: example.id,\n});\nconst exampleUserPoolUICustomization = new aws.cognito.UserPoolUICustomization(\"example\", {\n clientId: exampleUserPoolClient.id,\n css: \".label-customizable {font-weight: 400;}\",\n imageFile: std.filebase64({\n input: \"logo.png\",\n }).then(invoke =\u003e invoke.result),\n userPoolId: exampleUserPoolDomain.userPoolId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_user_pool_domain = aws.cognito.UserPoolDomain(\"example\",\n domain=\"example\",\n user_pool_id=example.id)\nexample_user_pool_client = aws.cognito.UserPoolClient(\"example\",\n name=\"example\",\n user_pool_id=example.id)\nexample_user_pool_ui_customization = aws.cognito.UserPoolUICustomization(\"example\",\n client_id=example_user_pool_client.id,\n css=\".label-customizable {font-weight: 400;}\",\n image_file=std.filebase64(input=\"logo.png\").result,\n user_pool_id=example_user_pool_domain.user_pool_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleUserPoolDomain = new Aws.Cognito.UserPoolDomain(\"example\", new()\n {\n Domain = \"example\",\n UserPoolId = example.Id,\n });\n\n var exampleUserPoolClient = new Aws.Cognito.UserPoolClient(\"example\", new()\n {\n Name = \"example\",\n UserPoolId = example.Id,\n });\n\n var exampleUserPoolUICustomization = new Aws.Cognito.UserPoolUICustomization(\"example\", new()\n {\n ClientId = exampleUserPoolClient.Id,\n Css = \".label-customizable {font-weight: 400;}\",\n ImageFile = Std.Filebase64.Invoke(new()\n {\n Input = \"logo.png\",\n }).Apply(invoke =\u003e invoke.Result),\n UserPoolId = exampleUserPoolDomain.UserPoolId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolDomain, err := cognito.NewUserPoolDomain(ctx, \"example\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolClient, err := cognito.NewUserPoolClient(ctx, \"example\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"logo.png\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolUICustomization(ctx, \"example\", \u0026cognito.UserPoolUICustomizationArgs{\n\t\t\tClientId: exampleUserPoolClient.ID(),\n\t\t\tCss: pulumi.String(\".label-customizable {font-weight: 400;}\"),\n\t\t\tImageFile: pulumi.String(invokeFilebase64.Result),\n\t\t\tUserPoolId: exampleUserPoolDomain.UserPoolId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.cognito.UserPoolDomainArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport com.pulumi.aws.cognito.UserPoolUICustomization;\nimport com.pulumi.aws.cognito.UserPoolUICustomizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleUserPoolDomain = new UserPoolDomain(\"exampleUserPoolDomain\", UserPoolDomainArgs.builder()\n .domain(\"example\")\n .userPoolId(example.id())\n .build());\n\n var exampleUserPoolClient = new UserPoolClient(\"exampleUserPoolClient\", UserPoolClientArgs.builder()\n .name(\"example\")\n .userPoolId(example.id())\n .build());\n\n var exampleUserPoolUICustomization = new UserPoolUICustomization(\"exampleUserPoolUICustomization\", UserPoolUICustomizationArgs.builder()\n .clientId(exampleUserPoolClient.id())\n .css(\".label-customizable {font-weight: 400;}\")\n .imageFile(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"logo.png\")\n .build()).result())\n .userPoolId(exampleUserPoolDomain.userPoolId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: example\n exampleUserPoolDomain:\n type: aws:cognito:UserPoolDomain\n name: example\n properties:\n domain: example\n userPoolId: ${example.id}\n exampleUserPoolClient:\n type: aws:cognito:UserPoolClient\n name: example\n properties:\n name: example\n userPoolId: ${example.id}\n exampleUserPoolUICustomization:\n type: aws:cognito:UserPoolUICustomization\n name: example\n properties:\n clientId: ${exampleUserPoolClient.id}\n css: '.label-customizable {font-weight: 400;}'\n imageFile:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: logo.png\n Return: result\n userPoolId: ${exampleUserPoolDomain.userPoolId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### UI customization settings for all clients\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleUserPoolDomain = new aws.cognito.UserPoolDomain(\"example\", {\n domain: \"example\",\n userPoolId: example.id,\n});\nconst exampleUserPoolUICustomization = new aws.cognito.UserPoolUICustomization(\"example\", {\n css: \".label-customizable {font-weight: 400;}\",\n imageFile: std.filebase64({\n input: \"logo.png\",\n }).then(invoke =\u003e invoke.result),\n userPoolId: exampleUserPoolDomain.userPoolId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_user_pool_domain = aws.cognito.UserPoolDomain(\"example\",\n domain=\"example\",\n user_pool_id=example.id)\nexample_user_pool_ui_customization = aws.cognito.UserPoolUICustomization(\"example\",\n css=\".label-customizable {font-weight: 400;}\",\n image_file=std.filebase64(input=\"logo.png\").result,\n user_pool_id=example_user_pool_domain.user_pool_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleUserPoolDomain = new Aws.Cognito.UserPoolDomain(\"example\", new()\n {\n Domain = \"example\",\n UserPoolId = example.Id,\n });\n\n var exampleUserPoolUICustomization = new Aws.Cognito.UserPoolUICustomization(\"example\", new()\n {\n Css = \".label-customizable {font-weight: 400;}\",\n ImageFile = Std.Filebase64.Invoke(new()\n {\n Input = \"logo.png\",\n }).Apply(invoke =\u003e invoke.Result),\n UserPoolId = exampleUserPoolDomain.UserPoolId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolDomain, err := cognito.NewUserPoolDomain(ctx, \"example\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tUserPoolId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"logo.png\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewUserPoolUICustomization(ctx, \"example\", \u0026cognito.UserPoolUICustomizationArgs{\n\t\t\tCss: pulumi.String(\".label-customizable {font-weight: 400;}\"),\n\t\t\tImageFile: pulumi.String(invokeFilebase64.Result),\n\t\t\tUserPoolId: exampleUserPoolDomain.UserPoolId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.cognito.UserPoolDomainArgs;\nimport com.pulumi.aws.cognito.UserPoolUICustomization;\nimport com.pulumi.aws.cognito.UserPoolUICustomizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserPool(\"example\", UserPoolArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleUserPoolDomain = new UserPoolDomain(\"exampleUserPoolDomain\", UserPoolDomainArgs.builder()\n .domain(\"example\")\n .userPoolId(example.id())\n .build());\n\n var exampleUserPoolUICustomization = new UserPoolUICustomization(\"exampleUserPoolUICustomization\", UserPoolUICustomizationArgs.builder()\n .css(\".label-customizable {font-weight: 400;}\")\n .imageFile(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"logo.png\")\n .build()).result())\n .userPoolId(exampleUserPoolDomain.userPoolId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cognito:UserPool\n properties:\n name: example\n exampleUserPoolDomain:\n type: aws:cognito:UserPoolDomain\n name: example\n properties:\n domain: example\n userPoolId: ${example.id}\n exampleUserPoolUICustomization:\n type: aws:cognito:UserPoolUICustomization\n name: example\n properties:\n css: '.label-customizable {font-weight: 400;}'\n imageFile:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: logo.png\n Return: result\n userPoolId: ${exampleUserPoolDomain.userPoolId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool UI Customizations using the `user_pool_id` and `client_id` separated by `,`. For example:\n\n```sh\n$ pulumi import aws:cognito/userPoolUICustomization:UserPoolUICustomization example us-west-2_ZCTarbt5C,12bu4fuk3mlgqa2rtrujgp6egq\n```\n", "properties": { "clientId": { "type": "string", "description": "The client ID for the client app. Defaults to `ALL`. If `ALL` is specified, the `css` and/or `image_file` settings will be used for every client that has no UI customization set previously.\n" }, "creationDate": { "type": "string", "description": "The creation date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) for the UI customization.\n" }, "css": { "type": "string", "description": "The CSS values in the UI customization, provided as a String. At least one of `css` or `image_file` is required.\n" }, "cssVersion": { "type": "string", "description": "The CSS version number.\n" }, "imageFile": { "type": "string", "description": "The uploaded logo image for the UI customization, provided as a base64-encoded String. Drift detection is not possible for this argument. At least one of `css` or `image_file` is required.\n" }, "imageUrl": { "type": "string", "description": "The logo image URL for the UI customization.\n" }, "lastModifiedDate": { "type": "string", "description": "The last-modified date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) for the UI customization.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool.\n" } }, "required": [ "creationDate", "cssVersion", "imageUrl", "lastModifiedDate", "userPoolId" ], "inputProperties": { "clientId": { "type": "string", "description": "The client ID for the client app. Defaults to `ALL`. If `ALL` is specified, the `css` and/or `image_file` settings will be used for every client that has no UI customization set previously.\n" }, "css": { "type": "string", "description": "The CSS values in the UI customization, provided as a String. At least one of `css` or `image_file` is required.\n" }, "imageFile": { "type": "string", "description": "The uploaded logo image for the UI customization, provided as a base64-encoded String. Drift detection is not possible for this argument. At least one of `css` or `image_file` is required.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool.\n" } }, "requiredInputs": [ "userPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPoolUICustomization resources.\n", "properties": { "clientId": { "type": "string", "description": "The client ID for the client app. Defaults to `ALL`. If `ALL` is specified, the `css` and/or `image_file` settings will be used for every client that has no UI customization set previously.\n" }, "creationDate": { "type": "string", "description": "The creation date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) for the UI customization.\n" }, "css": { "type": "string", "description": "The CSS values in the UI customization, provided as a String. At least one of `css` or `image_file` is required.\n" }, "cssVersion": { "type": "string", "description": "The CSS version number.\n" }, "imageFile": { "type": "string", "description": "The uploaded logo image for the UI customization, provided as a base64-encoded String. Drift detection is not possible for this argument. At least one of `css` or `image_file` is required.\n" }, "imageUrl": { "type": "string", "description": "The logo image URL for the UI customization.\n" }, "lastModifiedDate": { "type": "string", "description": "The last-modified date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) for the UI customization.\n" }, "userPoolId": { "type": "string", "description": "The user pool ID for the user pool.\n" } }, "type": "object" } }, "aws:comprehend/documentClassifier:DocumentClassifier": { "description": "Resource for managing an AWS Comprehend Document Classifier.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst example = new aws.comprehend.DocumentClassifier(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n s3Uri: pulumi.interpolate`s3://${test.bucket}/${documents.id}`,\n },\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nexample = aws.comprehend.DocumentClassifier(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config={\n \"s3_uri\": documents.id.apply(lambda id: f\"s3://{test['bucket']}/{id}\"),\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\nentities = aws.s3.BucketObjectv2(\"entities\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var example = new Aws.Comprehend.DocumentClassifier(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.DocumentClassifierInputDataConfigArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{test.Bucket}/{id}\"),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy,\n },\n });\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewDocumentClassifier(ctx, \"example\", \u0026comprehend.DocumentClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.DocumentClassifierInputDataConfigArgs{\n\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", test.Bucket, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.DocumentClassifier;\nimport com.pulumi.aws.comprehend.DocumentClassifierArgs;\nimport com.pulumi.aws.comprehend.inputs.DocumentClassifierInputDataConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var example = new DocumentClassifier(\"example\", DocumentClassifierArgs.builder()\n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(DocumentClassifierInputDataConfigArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", test.bucket(),id)))\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n var entities = new BucketObjectv2(\"entities\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:DocumentClassifier\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n s3Uri: s3://${test.bucket}/${documents.id}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Document Classifier using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/documentClassifier:DocumentClassifier example arn:aws:comprehend:us-west-2:123456789012:document_classifier/example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Document Classifier version.\n" }, "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierInputDataConfig:DocumentClassifierInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "mode": { "type": "string", "description": "The document classification mode.\nOne of `MULTI_CLASS` or `MULTI_LABEL`.\n`MULTI_CLASS` is also known as \"Single Label\" in the AWS Console.\n" }, "modelKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt trained Document Classifiers.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "name": { "type": "string", "description": "Name for the Document Classifier.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "outputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierOutputDataConfig:DocumentClassifierOutputDataConfig", "description": "Configuration for the output results of training.\nSee the `output_data_config` Configuration Block section below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionName": { "type": "string", "description": "Name for the version of the Document Classifier.\nEach version must have a unique name within the Document Classifier.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt storage volumes during job processing.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierVpcConfig:DocumentClassifierVpcConfig", "description": "Configuration parameters for VPC to contain Document Classifier resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "required": [ "arn", "dataAccessRoleArn", "inputDataConfig", "languageCode", "name", "outputDataConfig", "tagsAll", "versionName", "versionNamePrefix" ], "inputProperties": { "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierInputDataConfig:DocumentClassifierInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "mode": { "type": "string", "description": "The document classification mode.\nOne of `MULTI_CLASS` or `MULTI_LABEL`.\n`MULTI_CLASS` is also known as \"Single Label\" in the AWS Console.\n" }, "modelKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt trained Document Classifiers.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "name": { "type": "string", "description": "Name for the Document Classifier.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "outputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierOutputDataConfig:DocumentClassifierOutputDataConfig", "description": "Configuration for the output results of training.\nSee the `output_data_config` Configuration Block section below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "versionName": { "type": "string", "description": "Name for the version of the Document Classifier.\nEach version must have a unique name within the Document Classifier.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt storage volumes during job processing.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierVpcConfig:DocumentClassifierVpcConfig", "description": "Configuration parameters for VPC to contain Document Classifier resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "requiredInputs": [ "dataAccessRoleArn", "inputDataConfig", "languageCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering DocumentClassifier resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Document Classifier version.\n" }, "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierInputDataConfig:DocumentClassifierInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "mode": { "type": "string", "description": "The document classification mode.\nOne of `MULTI_CLASS` or `MULTI_LABEL`.\n`MULTI_CLASS` is also known as \"Single Label\" in the AWS Console.\n" }, "modelKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt trained Document Classifiers.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "name": { "type": "string", "description": "Name for the Document Classifier.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "outputDataConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierOutputDataConfig:DocumentClassifierOutputDataConfig", "description": "Configuration for the output results of training.\nSee the `output_data_config` Configuration Block section below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionName": { "type": "string", "description": "Name for the version of the Document Classifier.\nEach version must have a unique name within the Document Classifier.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "KMS Key used to encrypt storage volumes during job processing.\nCan be a KMS Key ID or a KMS Key ARN.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/DocumentClassifierVpcConfig:DocumentClassifierVpcConfig", "description": "Configuration parameters for VPC to contain Document Classifier resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "type": "object" } }, "aws:comprehend/entityRecognizer:EntityRecognizer": { "description": "Resource for managing an AWS Comprehend Entity Recognizer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\nconst example = new aws.comprehend.EntityRecognizer(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n entityTypes: [\n {\n type: \"ENTITY_1\",\n },\n {\n type: \"ENTITY_2\",\n },\n ],\n documents: {\n s3Uri: pulumi.interpolate`s3://${documentsAwsS3Bucket.bucket}/${documents.id}`,\n },\n entityList: {\n s3Uri: pulumi.interpolate`s3://${entitiesAwsS3Bucket.bucket}/${entities.id}`,\n },\n },\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nentities = aws.s3.BucketObjectv2(\"entities\")\nexample = aws.comprehend.EntityRecognizer(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config={\n \"entity_types\": [\n {\n \"type\": \"ENTITY_1\",\n },\n {\n \"type\": \"ENTITY_2\",\n },\n ],\n \"documents\": {\n \"s3_uri\": documents.id.apply(lambda id: f\"s3://{documents_aws_s3_bucket['bucket']}/{id}\"),\n },\n \"entity_list\": {\n \"s3_uri\": entities.id.apply(lambda id: f\"s3://{entities_aws_s3_bucket['bucket']}/{id}\"),\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n var example = new Aws.Comprehend.EntityRecognizer(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigArgs\n {\n EntityTypes = new[]\n {\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_1\",\n },\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_2\",\n },\n },\n Documents = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigDocumentsArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{documentsAwsS3Bucket.Bucket}/{id}\"),\n },\n EntityList = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityListArgs\n {\n S3Uri = entities.Id.Apply(id =\u003e $\"s3://{entitiesAwsS3Bucket.Bucket}/{id}\"),\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tentities, err := s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewEntityRecognizer(ctx, \"example\", \u0026comprehend.EntityRecognizerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.EntityRecognizerInputDataConfigArgs{\n\t\t\t\tEntityTypes: comprehend.EntityRecognizerInputDataConfigEntityTypeArray{\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDocuments: \u0026comprehend.EntityRecognizerInputDataConfigDocumentsArgs{\n\t\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", documentsAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t\tEntityList: \u0026comprehend.EntityRecognizerInputDataConfigEntityListArgs{\n\t\t\t\t\tS3Uri: entities.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", entitiesAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.EntityRecognizer;\nimport com.pulumi.aws.comprehend.EntityRecognizerArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigDocumentsArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigEntityListArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var entities = new BucketObjectv2(\"entities\");\n\n var example = new EntityRecognizer(\"example\", EntityRecognizerArgs.builder()\n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(EntityRecognizerInputDataConfigArgs.builder()\n .entityTypes( \n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_1\")\n .build(),\n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_2\")\n .build())\n .documents(EntityRecognizerInputDataConfigDocumentsArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", documentsAwsS3Bucket.bucket(),id)))\n .build())\n .entityList(EntityRecognizerInputDataConfigEntityListArgs.builder()\n .s3Uri(entities.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", entitiesAwsS3Bucket.bucket(),id)))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:EntityRecognizer\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n entityTypes:\n - type: ENTITY_1\n - type: ENTITY_2\n documents:\n s3Uri: s3://${documentsAwsS3Bucket.bucket}/${documents.id}\n entityList:\n s3Uri: s3://${entitiesAwsS3Bucket.bucket}/${entities.id}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Entity Recognizer using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/entityRecognizer:EntityRecognizer example arn:aws:comprehend:us-west-2:123456789012:entity-recognizer/example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Entity Recognizer version.\n" }, "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfig:EntityRecognizerInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "modelKmsKeyId": { "type": "string", "description": "The ID or ARN of a KMS Key used to encrypt trained Entity Recognizers.\n" }, "name": { "type": "string", "description": "Name for the Entity Recognizer.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionName": { "type": "string", "description": "Name for the version of the Entity Recognizer.\nEach version must have a unique name within the Entity Recognizer.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "ID or ARN of a KMS Key used to encrypt storage volumes during job processing.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerVpcConfig:EntityRecognizerVpcConfig", "description": "Configuration parameters for VPC to contain Entity Recognizer resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "required": [ "arn", "dataAccessRoleArn", "inputDataConfig", "languageCode", "name", "tagsAll", "versionName", "versionNamePrefix" ], "inputProperties": { "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfig:EntityRecognizerInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "modelKmsKeyId": { "type": "string", "description": "The ID or ARN of a KMS Key used to encrypt trained Entity Recognizers.\n" }, "name": { "type": "string", "description": "Name for the Entity Recognizer.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "versionName": { "type": "string", "description": "Name for the version of the Entity Recognizer.\nEach version must have a unique name within the Entity Recognizer.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "ID or ARN of a KMS Key used to encrypt storage volumes during job processing.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerVpcConfig:EntityRecognizerVpcConfig", "description": "Configuration parameters for VPC to contain Entity Recognizer resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "requiredInputs": [ "dataAccessRoleArn", "inputDataConfig", "languageCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering EntityRecognizer resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Entity Recognizer version.\n" }, "dataAccessRoleArn": { "type": "string", "description": "The ARN for an IAM Role which allows Comprehend to read the training and testing data.\n" }, "inputDataConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerInputDataConfig:EntityRecognizerInputDataConfig", "description": "Configuration for the training and testing data.\nSee the `input_data_config` Configuration Block section below.\n" }, "languageCode": { "type": "string", "description": "Two-letter language code for the language.\nOne of `en`, `es`, `fr`, `it`, `de`, or `pt`.\n" }, "modelKmsKeyId": { "type": "string", "description": "The ID or ARN of a KMS Key used to encrypt trained Entity Recognizers.\n" }, "name": { "type": "string", "description": "Name for the Entity Recognizer.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` Configuration Block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionName": { "type": "string", "description": "Name for the version of the Entity Recognizer.\nEach version must have a unique name within the Entity Recognizer.\nIf omitted, the provider will assign a random, unique version name.\nIf explicitly set to `\"\"`, no version name will be set.\nHas a maximum length of 63 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name_prefix`.\n" }, "versionNamePrefix": { "type": "string", "description": "Creates a unique version name beginning with the specified prefix.\nHas a maximum length of 37 characters.\nCan contain upper- and lower-case letters, numbers, and hypen (`-`).\nConflicts with `version_name`.\n" }, "volumeKmsKeyId": { "type": "string", "description": "ID or ARN of a KMS Key used to encrypt storage volumes during job processing.\n" }, "vpcConfig": { "$ref": "#/types/aws:comprehend/EntityRecognizerVpcConfig:EntityRecognizerVpcConfig", "description": "Configuration parameters for VPC to contain Entity Recognizer resources.\nSee the `vpc_config` Configuration Block section below.\n" } }, "type": "object" } }, "aws:connect/botAssociation:BotAssociation": { "description": "Allows the specified Amazon Connect instance to access the specified Amazon Lex (V1) bot. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html) and [Add an Amazon Lex bot](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-lex.html).\n\n\u003e **NOTE:** This resource only currently supports Amazon Lex (V1) Associations.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.BotAssociation(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n lexBot: {\n lexRegion: \"us-west-2\",\n name: \"Test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.BotAssociation(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n lex_bot={\n \"lex_region\": \"us-west-2\",\n \"name\": \"Test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.BotAssociation(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n LexBot = new Aws.Connect.Inputs.BotAssociationLexBotArgs\n {\n LexRegion = \"us-west-2\",\n Name = \"Test\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewBotAssociation(ctx, \"example\", \u0026connect.BotAssociationArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tLexBot: \u0026connect.BotAssociationLexBotArgs{\n\t\t\t\tLexRegion: pulumi.String(\"us-west-2\"),\n\t\t\t\tName: pulumi.String(\"Test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.BotAssociation;\nimport com.pulumi.aws.connect.BotAssociationArgs;\nimport com.pulumi.aws.connect.inputs.BotAssociationLexBotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BotAssociation(\"example\", BotAssociationArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .lexBot(BotAssociationLexBotArgs.builder()\n .lexRegion(\"us-west-2\")\n .name(\"Test\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:BotAssociation\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n lexBot:\n lexRegion: us-west-2\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Including a sample Lex bot\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.lex.Intent(\"example\", {\n createVersion: true,\n name: \"connect_lex_intent\",\n fulfillmentActivity: {\n type: \"ReturnIntent\",\n },\n sampleUtterances: [\"I would like to pick up flowers.\"],\n});\nconst exampleBot = new aws.lex.Bot(\"example\", {\n abortStatement: {\n messages: [{\n content: \"Sorry, I am not able to assist at this time.\",\n contentType: \"PlainText\",\n }],\n },\n clarificationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"I didn't understand you, what would you like to do?\",\n contentType: \"PlainText\",\n }],\n },\n intents: [{\n intentName: example.name,\n intentVersion: \"1\",\n }],\n childDirected: false,\n name: \"connect_lex_bot\",\n processBehavior: \"BUILD\",\n});\nconst exampleBotAssociation = new aws.connect.BotAssociation(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n lexBot: {\n lexRegion: current.then(current =\u003e current.name),\n name: exampleBot.name,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.lex.Intent(\"example\",\n create_version=True,\n name=\"connect_lex_intent\",\n fulfillment_activity={\n \"type\": \"ReturnIntent\",\n },\n sample_utterances=[\"I would like to pick up flowers.\"])\nexample_bot = aws.lex.Bot(\"example\",\n abort_statement={\n \"messages\": [{\n \"content\": \"Sorry, I am not able to assist at this time.\",\n \"content_type\": \"PlainText\",\n }],\n },\n clarification_prompt={\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"I didn't understand you, what would you like to do?\",\n \"content_type\": \"PlainText\",\n }],\n },\n intents=[{\n \"intent_name\": example.name,\n \"intent_version\": \"1\",\n }],\n child_directed=False,\n name=\"connect_lex_bot\",\n process_behavior=\"BUILD\")\nexample_bot_association = aws.connect.BotAssociation(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n lex_bot={\n \"lex_region\": current.name,\n \"name\": example_bot.name,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Lex.Intent(\"example\", new()\n {\n CreateVersion = true,\n Name = \"connect_lex_intent\",\n FulfillmentActivity = new Aws.Lex.Inputs.IntentFulfillmentActivityArgs\n {\n Type = \"ReturnIntent\",\n },\n SampleUtterances = new[]\n {\n \"I would like to pick up flowers.\",\n },\n });\n\n var exampleBot = new Aws.Lex.Bot(\"example\", new()\n {\n AbortStatement = new Aws.Lex.Inputs.BotAbortStatementArgs\n {\n Messages = new[]\n {\n new Aws.Lex.Inputs.BotAbortStatementMessageArgs\n {\n Content = \"Sorry, I am not able to assist at this time.\",\n ContentType = \"PlainText\",\n },\n },\n },\n ClarificationPrompt = new Aws.Lex.Inputs.BotClarificationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.BotClarificationPromptMessageArgs\n {\n Content = \"I didn't understand you, what would you like to do?\",\n ContentType = \"PlainText\",\n },\n },\n },\n Intents = new[]\n {\n new Aws.Lex.Inputs.BotIntentArgs\n {\n IntentName = example.Name,\n IntentVersion = \"1\",\n },\n },\n ChildDirected = false,\n Name = \"connect_lex_bot\",\n ProcessBehavior = \"BUILD\",\n });\n\n var exampleBotAssociation = new Aws.Connect.BotAssociation(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n LexBot = new Aws.Connect.Inputs.BotAssociationLexBotArgs\n {\n LexRegion = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n Name = exampleBot.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := lex.NewIntent(ctx, \"example\", \u0026lex.IntentArgs{\n\t\t\tCreateVersion: pulumi.Bool(true),\n\t\t\tName: pulumi.String(\"connect_lex_intent\"),\n\t\t\tFulfillmentActivity: \u0026lex.IntentFulfillmentActivityArgs{\n\t\t\t\tType: pulumi.String(\"ReturnIntent\"),\n\t\t\t},\n\t\t\tSampleUtterances: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"I would like to pick up flowers.\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBot, err := lex.NewBot(ctx, \"example\", \u0026lex.BotArgs{\n\t\t\tAbortStatement: \u0026lex.BotAbortStatementArgs{\n\t\t\t\tMessages: lex.BotAbortStatementMessageArray{\n\t\t\t\t\t\u0026lex.BotAbortStatementMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"Sorry, I am not able to assist at this time.\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tClarificationPrompt: \u0026lex.BotClarificationPromptArgs{\n\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\tMessages: lex.BotClarificationPromptMessageArray{\n\t\t\t\t\t\u0026lex.BotClarificationPromptMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"I didn't understand you, what would you like to do?\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tIntents: lex.BotIntentArray{\n\t\t\t\t\u0026lex.BotIntentArgs{\n\t\t\t\t\tIntentName: example.Name,\n\t\t\t\t\tIntentVersion: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tChildDirected: pulumi.Bool(false),\n\t\t\tName: pulumi.String(\"connect_lex_bot\"),\n\t\t\tProcessBehavior: pulumi.String(\"BUILD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewBotAssociation(ctx, \"example\", \u0026connect.BotAssociationArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tLexBot: \u0026connect.BotAssociationLexBotArgs{\n\t\t\t\tLexRegion: pulumi.String(current.Name),\n\t\t\t\tName: exampleBot.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.lex.Intent;\nimport com.pulumi.aws.lex.IntentArgs;\nimport com.pulumi.aws.lex.inputs.IntentFulfillmentActivityArgs;\nimport com.pulumi.aws.lex.Bot;\nimport com.pulumi.aws.lex.BotArgs;\nimport com.pulumi.aws.lex.inputs.BotAbortStatementArgs;\nimport com.pulumi.aws.lex.inputs.BotClarificationPromptArgs;\nimport com.pulumi.aws.lex.inputs.BotIntentArgs;\nimport com.pulumi.aws.connect.BotAssociation;\nimport com.pulumi.aws.connect.BotAssociationArgs;\nimport com.pulumi.aws.connect.inputs.BotAssociationLexBotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new Intent(\"example\", IntentArgs.builder()\n .createVersion(true)\n .name(\"connect_lex_intent\")\n .fulfillmentActivity(IntentFulfillmentActivityArgs.builder()\n .type(\"ReturnIntent\")\n .build())\n .sampleUtterances(\"I would like to pick up flowers.\")\n .build());\n\n var exampleBot = new Bot(\"exampleBot\", BotArgs.builder()\n .abortStatement(BotAbortStatementArgs.builder()\n .messages(BotAbortStatementMessageArgs.builder()\n .content(\"Sorry, I am not able to assist at this time.\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .clarificationPrompt(BotClarificationPromptArgs.builder()\n .maxAttempts(2)\n .messages(BotClarificationPromptMessageArgs.builder()\n .content(\"I didn't understand you, what would you like to do?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .intents(BotIntentArgs.builder()\n .intentName(example.name())\n .intentVersion(\"1\")\n .build())\n .childDirected(false)\n .name(\"connect_lex_bot\")\n .processBehavior(\"BUILD\")\n .build());\n\n var exampleBotAssociation = new BotAssociation(\"exampleBotAssociation\", BotAssociationArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .lexBot(BotAssociationLexBotArgs.builder()\n .lexRegion(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .name(exampleBot.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lex:Intent\n properties:\n createVersion: true\n name: connect_lex_intent\n fulfillmentActivity:\n type: ReturnIntent\n sampleUtterances:\n - I would like to pick up flowers.\n exampleBot:\n type: aws:lex:Bot\n name: example\n properties:\n abortStatement:\n messages:\n - content: Sorry, I am not able to assist at this time.\n contentType: PlainText\n clarificationPrompt:\n maxAttempts: 2\n messages:\n - content: I didn't understand you, what would you like to do?\n contentType: PlainText\n intents:\n - intentName: ${example.name}\n intentVersion: '1'\n childDirected: false\n name: connect_lex_bot\n processBehavior: BUILD\n exampleBotAssociation:\n type: aws:connect:BotAssociation\n name: example\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n lexBot:\n lexRegion: ${current.name}\n name: ${exampleBot.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_connect_bot_association` using the Amazon Connect instance ID, Lex (V1) bot name, and Lex (V1) bot region separated by colons (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/botAssociation:BotAssociation example aaaaaaaa-bbbb-cccc-dddd-111111111111:Example:us-west-2\n```\n", "properties": { "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n" }, "lexBot": { "$ref": "#/types/aws:connect/BotAssociationLexBot:BotAssociationLexBot", "description": "Configuration information of an Amazon Lex (V1) bot. Detailed below.\n" } }, "required": [ "instanceId", "lexBot" ], "inputProperties": { "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n", "willReplaceOnChanges": true }, "lexBot": { "$ref": "#/types/aws:connect/BotAssociationLexBot:BotAssociationLexBot", "description": "Configuration information of an Amazon Lex (V1) bot. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceId", "lexBot" ], "stateInputs": { "description": "Input properties used for looking up and filtering BotAssociation resources.\n", "properties": { "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n", "willReplaceOnChanges": true }, "lexBot": { "$ref": "#/types/aws:connect/BotAssociationLexBot:BotAssociationLexBot", "description": "Configuration information of an Amazon Lex (V1) bot. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:connect/contactFlow:ContactFlow": { "description": "Provides an Amazon Connect Contact Flow resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flows exported from the Console [Contact Flow import/export](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/connect/describe-contact-flow.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n content: JSON.stringify({\n Version: \"2019-10-30\",\n StartAction: \"12345678-1234-1234-1234-123456789012\",\n Actions: [\n {\n Identifier: \"12345678-1234-1234-1234-123456789012\",\n Type: \"MessageParticipant\",\n Transitions: {\n NextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Errors: [],\n Conditions: [],\n },\n Parameters: {\n Text: \"Thanks for calling the sample flow!\",\n },\n },\n {\n Identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Type: \"DisconnectParticipant\",\n Transitions: {},\n Parameters: {},\n },\n ],\n }),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n content=json.dumps({\n \"Version\": \"2019-10-30\",\n \"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n \"Actions\": [\n {\n \"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"Type\": \"MessageParticipant\",\n \"Transitions\": {\n \"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Errors\": [],\n \"Conditions\": [],\n },\n \"Parameters\": {\n \"Text\": \"Thanks for calling the sample flow!\",\n },\n },\n {\n \"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Type\": \"DisconnectParticipant\",\n \"Transitions\": {},\n \"Parameters\": {},\n },\n ],\n }),\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2019-10-30\",\n [\"StartAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Type\"] = \"MessageParticipant\",\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"NextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Errors\"] = new[]\n {\n },\n [\"Conditions\"] = new[]\n {\n },\n },\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Text\"] = \"Thanks for calling the sample flow!\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Type\"] = \"DisconnectParticipant\",\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2019-10-30\",\n\t\t\t\"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"Actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"Type\": \"MessageParticipant\",\n\t\t\t\t\t\"Transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"Errors\": []interface{}{},\n\t\t\t\t\t\t\"Conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"Text\": \"Thanks for calling the sample flow!\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"Type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"Transitions\": nil,\n\t\t\t\t\t\"Parameters\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2019-10-30\"),\n jsonProperty(\"StartAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Actions\", jsonArray(\n jsonObject(\n jsonProperty(\"Identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Type\", \"MessageParticipant\"),\n jsonProperty(\"Transitions\", jsonObject(\n jsonProperty(\"NextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Errors\", jsonArray(\n )),\n jsonProperty(\"Conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"Text\", \"Thanks for calling the sample flow!\")\n ))\n ), \n jsonObject(\n jsonProperty(\"Identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Type\", \"DisconnectParticipant\"),\n jsonProperty(\"Transitions\", jsonObject(\n\n )),\n jsonProperty(\"Parameters\", jsonObject(\n\n ))\n )\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n content:\n fn::toJSON:\n Version: 2019-10-30\n StartAction: 12345678-1234-1234-1234-123456789012\n Actions:\n - Identifier: 12345678-1234-1234-1234-123456789012\n Type: MessageParticipant\n Transitions:\n NextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n Errors: []\n Conditions: []\n Parameters:\n Text: Thanks for calling the sample flow!\n - Identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n Type: DisconnectParticipant\n Transitions: {}\n Parameters: {}\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n% aws connect describe-contact-flow --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlow.Content | fromjson' \u003e contact_flow.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n filename: \"contact_flow.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n filename=\"contact_flow.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow.json\").result,\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Filename = \"contact_flow.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tFilename: pulumi.String(\"contact_flow.json\"),\n\t\t\tContentHash: pulumi.String(invokeFilebase64sha256.Result),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .filename(\"contact_flow.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n filename: contact_flow.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow.json\n Return: result\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flows using the `instance_id` and `contact_flow_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlow:ContactFlow example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Contact Flow.\n" }, "contactFlowId": { "type": "string", "description": "The identifier of the Contact Flow.\n" }, "content": { "type": "string", "description": "Specifies the content of the Contact Flow, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Specifies the type of the Contact Flow. Defaults to `CONTACT_FLOW`. Allowed Values are: `CONTACT_FLOW`, `CUSTOMER_QUEUE`, `CUSTOMER_HOLD`, `CUSTOMER_WHISPER`, `AGENT_HOLD`, `AGENT_WHISPER`, `OUTBOUND_WHISPER`, `AGENT_TRANSFER`, `QUEUE_TRANSFER`.\n" } }, "required": [ "arn", "contactFlowId", "content", "instanceId", "name", "tagsAll" ], "inputProperties": { "content": { "type": "string", "description": "Specifies the content of the Contact Flow, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Specifies the type of the Contact Flow. Defaults to `CONTACT_FLOW`. Allowed Values are: `CONTACT_FLOW`, `CUSTOMER_QUEUE`, `CUSTOMER_HOLD`, `CUSTOMER_WHISPER`, `AGENT_HOLD`, `AGENT_WHISPER`, `OUTBOUND_WHISPER`, `AGENT_TRANSFER`, `QUEUE_TRANSFER`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContactFlow resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Contact Flow.\n" }, "contactFlowId": { "type": "string", "description": "The identifier of the Contact Flow.\n" }, "content": { "type": "string", "description": "Specifies the content of the Contact Flow, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Specifies the type of the Contact Flow. Defaults to `CONTACT_FLOW`. Allowed Values are: `CONTACT_FLOW`, `CUSTOMER_QUEUE`, `CUSTOMER_HOLD`, `CUSTOMER_WHISPER`, `AGENT_HOLD`, `AGENT_WHISPER`, `OUTBOUND_WHISPER`, `AGENT_TRANSFER`, `QUEUE_TRANSFER`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:connect/contactFlowModule:ContactFlowModule": { "description": "Provides an Amazon Connect Contact Flow Module resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows Modules specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flow Modules exported from the Console [See Contact Flow import/export which is the same for Contact Flow Modules](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow-module`](https://docs.aws.amazon.com/cli/latest/reference/connect/describe-contact-flow-module.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n content: JSON.stringify({\n Version: \"2019-10-30\",\n StartAction: \"12345678-1234-1234-1234-123456789012\",\n Actions: [\n {\n Identifier: \"12345678-1234-1234-1234-123456789012\",\n Parameters: {\n Text: \"Hello contact flow module\",\n },\n Transitions: {\n NextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Errors: [],\n Conditions: [],\n },\n Type: \"MessageParticipant\",\n },\n {\n Identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Type: \"DisconnectParticipant\",\n Parameters: {},\n Transitions: {},\n },\n ],\n Settings: {\n InputParameters: [],\n OutputParameters: [],\n Transitions: [\n {\n DisplayName: \"Success\",\n ReferenceName: \"Success\",\n Description: \"\",\n },\n {\n DisplayName: \"Error\",\n ReferenceName: \"Error\",\n Description: \"\",\n },\n ],\n },\n }),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n content=json.dumps({\n \"Version\": \"2019-10-30\",\n \"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n \"Actions\": [\n {\n \"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"Parameters\": {\n \"Text\": \"Hello contact flow module\",\n },\n \"Transitions\": {\n \"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Errors\": [],\n \"Conditions\": [],\n },\n \"Type\": \"MessageParticipant\",\n },\n {\n \"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Type\": \"DisconnectParticipant\",\n \"Parameters\": {},\n \"Transitions\": {},\n },\n ],\n \"Settings\": {\n \"InputParameters\": [],\n \"OutputParameters\": [],\n \"Transitions\": [\n {\n \"DisplayName\": \"Success\",\n \"ReferenceName\": \"Success\",\n \"Description\": \"\",\n },\n {\n \"DisplayName\": \"Error\",\n \"ReferenceName\": \"Error\",\n \"Description\": \"\",\n },\n ],\n },\n }),\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2019-10-30\",\n [\"StartAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Text\"] = \"Hello contact flow module\",\n },\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"NextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Errors\"] = new[]\n {\n },\n [\"Conditions\"] = new[]\n {\n },\n },\n [\"Type\"] = \"MessageParticipant\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Type\"] = \"DisconnectParticipant\",\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n [\"Settings\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"InputParameters\"] = new[]\n {\n },\n [\"OutputParameters\"] = new[]\n {\n },\n [\"Transitions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"DisplayName\"] = \"Success\",\n [\"ReferenceName\"] = \"Success\",\n [\"Description\"] = \"\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"DisplayName\"] = \"Error\",\n [\"ReferenceName\"] = \"Error\",\n [\"Description\"] = \"\",\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2019-10-30\",\n\t\t\t\"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"Actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"Text\": \"Hello contact flow module\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"Errors\": []interface{}{},\n\t\t\t\t\t\t\"Conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"Type\": \"MessageParticipant\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"Type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"Parameters\": nil,\n\t\t\t\t\t\"Transitions\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Settings\": map[string]interface{}{\n\t\t\t\t\"InputParameters\": []interface{}{},\n\t\t\t\t\"OutputParameters\": []interface{}{},\n\t\t\t\t\"Transitions\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"DisplayName\": \"Success\",\n\t\t\t\t\t\t\"ReferenceName\": \"Success\",\n\t\t\t\t\t\t\"Description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"DisplayName\": \"Error\",\n\t\t\t\t\t\t\"ReferenceName\": \"Error\",\n\t\t\t\t\t\t\"Description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2019-10-30\"),\n jsonProperty(\"StartAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Actions\", jsonArray(\n jsonObject(\n jsonProperty(\"Identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"Text\", \"Hello contact flow module\")\n )),\n jsonProperty(\"Transitions\", jsonObject(\n jsonProperty(\"NextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Errors\", jsonArray(\n )),\n jsonProperty(\"Conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"Type\", \"MessageParticipant\")\n ), \n jsonObject(\n jsonProperty(\"Identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Type\", \"DisconnectParticipant\"),\n jsonProperty(\"Parameters\", jsonObject(\n\n )),\n jsonProperty(\"Transitions\", jsonObject(\n\n ))\n )\n )),\n jsonProperty(\"Settings\", jsonObject(\n jsonProperty(\"InputParameters\", jsonArray(\n )),\n jsonProperty(\"OutputParameters\", jsonArray(\n )),\n jsonProperty(\"Transitions\", jsonArray(\n jsonObject(\n jsonProperty(\"DisplayName\", \"Success\"),\n jsonProperty(\"ReferenceName\", \"Success\"),\n jsonProperty(\"Description\", \"\")\n ), \n jsonObject(\n jsonProperty(\"DisplayName\", \"Error\"),\n jsonProperty(\"ReferenceName\", \"Error\"),\n jsonProperty(\"Description\", \"\")\n )\n ))\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n content:\n fn::toJSON:\n Version: 2019-10-30\n StartAction: 12345678-1234-1234-1234-123456789012\n Actions:\n - Identifier: 12345678-1234-1234-1234-123456789012\n Parameters:\n Text: Hello contact flow module\n Transitions:\n NextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n Errors: []\n Conditions: []\n Type: MessageParticipant\n - Identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n Type: DisconnectParticipant\n Parameters: {}\n Transitions: {}\n Settings:\n InputParameters: []\n OutputParameters: []\n Transitions:\n - DisplayName: Success\n ReferenceName: Success\n Description:\n - DisplayName: Error\n ReferenceName: Error\n Description:\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n% aws connect describe-contact-flow-module --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-module-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlowModule.Content | fromjson' \u003e contact_flow_module.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n filename: \"contact_flow_module.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow_module.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n filename=\"contact_flow_module.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow_module.json\").result,\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Filename = \"contact_flow_module.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow_module.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow_module.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tFilename: pulumi.String(\"contact_flow_module.json\"),\n\t\t\tContentHash: pulumi.String(invokeFilebase64sha256.Result),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .filename(\"contact_flow_module.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow_module.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n filename: contact_flow_module.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow_module.json\n Return: result\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flow Modules using the `instance_id` and `contact_flow_module_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlowModule:ContactFlowModule example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Contact Flow Module.\n" }, "contactFlowModuleId": { "type": "string", "description": "The identifier of the Contact Flow Module.\n" }, "content": { "type": "string", "description": "Specifies the content of the Contact Flow Module, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow Module source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow Module.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow Module source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow Module.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow Module. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "contactFlowModuleId", "content", "instanceId", "name", "tagsAll" ], "inputProperties": { "content": { "type": "string", "description": "Specifies the content of the Contact Flow Module, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow Module source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow Module.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow Module source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow Module.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow Module. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContactFlowModule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Contact Flow Module.\n" }, "contactFlowModuleId": { "type": "string", "description": "The identifier of the Contact Flow Module.\n" }, "content": { "type": "string", "description": "Specifies the content of the Contact Flow Module, provided as a JSON string, written in Amazon Connect Contact Flow Language. If defined, the `filename` argument cannot be used.\n" }, "contentHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the Contact Flow Module source specified with `filename`.\n" }, "description": { "type": "string", "description": "Specifies the description of the Contact Flow Module.\n" }, "filename": { "type": "string", "description": "The path to the Contact Flow Module source within the local filesystem. Conflicts with `content`.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Contact Flow Module.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Contact Flow Module. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/hoursOfOperation:HoursOfOperation": { "description": "Provides an Amazon Connect Hours of Operation resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.HoursOfOperation(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Office Hours\",\n description: \"Monday office hours\",\n timeZone: \"EST\",\n configs: [\n {\n day: \"MONDAY\",\n endTime: {\n hours: 23,\n minutes: 8,\n },\n startTime: {\n hours: 8,\n minutes: 0,\n },\n },\n {\n day: \"TUESDAY\",\n endTime: {\n hours: 21,\n minutes: 0,\n },\n startTime: {\n hours: 9,\n minutes: 0,\n },\n },\n ],\n tags: {\n Name: \"Example Hours of Operation\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.HoursOfOperation(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Office Hours\",\n description=\"Monday office hours\",\n time_zone=\"EST\",\n configs=[\n {\n \"day\": \"MONDAY\",\n \"end_time\": {\n \"hours\": 23,\n \"minutes\": 8,\n },\n \"start_time\": {\n \"hours\": 8,\n \"minutes\": 0,\n },\n },\n {\n \"day\": \"TUESDAY\",\n \"end_time\": {\n \"hours\": 21,\n \"minutes\": 0,\n },\n \"start_time\": {\n \"hours\": 9,\n \"minutes\": 0,\n },\n },\n ],\n tags={\n \"Name\": \"Example Hours of Operation\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.HoursOfOperation(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Office Hours\",\n Description = \"Monday office hours\",\n TimeZone = \"EST\",\n Configs = new[]\n {\n new Aws.Connect.Inputs.HoursOfOperationConfigArgs\n {\n Day = \"MONDAY\",\n EndTime = new Aws.Connect.Inputs.HoursOfOperationConfigEndTimeArgs\n {\n Hours = 23,\n Minutes = 8,\n },\n StartTime = new Aws.Connect.Inputs.HoursOfOperationConfigStartTimeArgs\n {\n Hours = 8,\n Minutes = 0,\n },\n },\n new Aws.Connect.Inputs.HoursOfOperationConfigArgs\n {\n Day = \"TUESDAY\",\n EndTime = new Aws.Connect.Inputs.HoursOfOperationConfigEndTimeArgs\n {\n Hours = 21,\n Minutes = 0,\n },\n StartTime = new Aws.Connect.Inputs.HoursOfOperationConfigStartTimeArgs\n {\n Hours = 9,\n Minutes = 0,\n },\n },\n },\n Tags = \n {\n { \"Name\", \"Example Hours of Operation\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewHoursOfOperation(ctx, \"test\", \u0026connect.HoursOfOperationArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Office Hours\"),\n\t\t\tDescription: pulumi.String(\"Monday office hours\"),\n\t\t\tTimeZone: pulumi.String(\"EST\"),\n\t\t\tConfigs: connect.HoursOfOperationConfigArray{\n\t\t\t\t\u0026connect.HoursOfOperationConfigArgs{\n\t\t\t\t\tDay: pulumi.String(\"MONDAY\"),\n\t\t\t\t\tEndTime: \u0026connect.HoursOfOperationConfigEndTimeArgs{\n\t\t\t\t\t\tHours: pulumi.Int(23),\n\t\t\t\t\t\tMinutes: pulumi.Int(8),\n\t\t\t\t\t},\n\t\t\t\t\tStartTime: \u0026connect.HoursOfOperationConfigStartTimeArgs{\n\t\t\t\t\t\tHours: pulumi.Int(8),\n\t\t\t\t\t\tMinutes: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026connect.HoursOfOperationConfigArgs{\n\t\t\t\t\tDay: pulumi.String(\"TUESDAY\"),\n\t\t\t\t\tEndTime: \u0026connect.HoursOfOperationConfigEndTimeArgs{\n\t\t\t\t\t\tHours: pulumi.Int(21),\n\t\t\t\t\t\tMinutes: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t\tStartTime: \u0026connect.HoursOfOperationConfigStartTimeArgs{\n\t\t\t\t\t\tHours: pulumi.Int(9),\n\t\t\t\t\t\tMinutes: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Hours of Operation\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.HoursOfOperation;\nimport com.pulumi.aws.connect.HoursOfOperationArgs;\nimport com.pulumi.aws.connect.inputs.HoursOfOperationConfigArgs;\nimport com.pulumi.aws.connect.inputs.HoursOfOperationConfigEndTimeArgs;\nimport com.pulumi.aws.connect.inputs.HoursOfOperationConfigStartTimeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new HoursOfOperation(\"test\", HoursOfOperationArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Office Hours\")\n .description(\"Monday office hours\")\n .timeZone(\"EST\")\n .configs( \n HoursOfOperationConfigArgs.builder()\n .day(\"MONDAY\")\n .endTime(HoursOfOperationConfigEndTimeArgs.builder()\n .hours(23)\n .minutes(8)\n .build())\n .startTime(HoursOfOperationConfigStartTimeArgs.builder()\n .hours(8)\n .minutes(0)\n .build())\n .build(),\n HoursOfOperationConfigArgs.builder()\n .day(\"TUESDAY\")\n .endTime(HoursOfOperationConfigEndTimeArgs.builder()\n .hours(21)\n .minutes(0)\n .build())\n .startTime(HoursOfOperationConfigStartTimeArgs.builder()\n .hours(9)\n .minutes(0)\n .build())\n .build())\n .tags(Map.of(\"Name\", \"Example Hours of Operation\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:HoursOfOperation\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Office Hours\n description: Monday office hours\n timeZone: EST\n configs:\n - day: MONDAY\n endTime:\n hours: 23\n minutes: 8\n startTime:\n hours: 8\n minutes: 0\n - day: TUESDAY\n endTime:\n hours: 21\n minutes: 0\n startTime:\n hours: 9\n minutes: 0\n tags:\n Name: Example Hours of Operation\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Hours of Operations using the `instance_id` and `hours_of_operation_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/hoursOfOperation:HoursOfOperation example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Hours of Operation.\n" }, "configs": { "type": "array", "items": { "$ref": "#/types/aws:connect/HoursOfOperationConfig:HoursOfOperationConfig" }, "description": "One or more config blocks which define the configuration information for the hours of operation: day, start time, and end time . Config blocks are documented below.\n" }, "description": { "type": "string", "description": "Specifies the description of the Hours of Operation.\n" }, "hoursOfOperationId": { "type": "string", "description": "The identifier for the hours of operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Hours of Operation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Hours of Operation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeZone": { "type": "string", "description": "Specifies the time zone of the Hours of Operation.\n" } }, "required": [ "arn", "configs", "hoursOfOperationId", "instanceId", "name", "tagsAll", "timeZone" ], "inputProperties": { "configs": { "type": "array", "items": { "$ref": "#/types/aws:connect/HoursOfOperationConfig:HoursOfOperationConfig" }, "description": "One or more config blocks which define the configuration information for the hours of operation: day, start time, and end time . Config blocks are documented below.\n" }, "description": { "type": "string", "description": "Specifies the description of the Hours of Operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Hours of Operation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Hours of Operation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeZone": { "type": "string", "description": "Specifies the time zone of the Hours of Operation.\n" } }, "requiredInputs": [ "configs", "instanceId", "timeZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering HoursOfOperation resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Hours of Operation.\n" }, "configs": { "type": "array", "items": { "$ref": "#/types/aws:connect/HoursOfOperationConfig:HoursOfOperationConfig" }, "description": "One or more config blocks which define the configuration information for the hours of operation: day, start time, and end time . Config blocks are documented below.\n" }, "description": { "type": "string", "description": "Specifies the description of the Hours of Operation.\n" }, "hoursOfOperationId": { "type": "string", "description": "The identifier for the hours of operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Hours of Operation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Hours of Operation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeZone": { "type": "string", "description": "Specifies the time zone of the Hours of Operation.\n" } }, "type": "object" } }, "aws:connect/instance:Instance": { "description": "Provides an Amazon Connect instance resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n!\u003e **WARN:** Amazon Connect enforces a limit of [100 combined instance creation and deletions every 30 days](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-service-limits.html#feature-limits). For example, if you create 80 instances and delete 20 of them, you must wait 30 days to create or delete another instance. Use care when creating or deleting instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Instance(\"test\", {\n identityManagementType: \"CONNECT_MANAGED\",\n inboundCallsEnabled: true,\n instanceAlias: \"friendly-name-connect\",\n outboundCallsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Instance(\"test\",\n identity_management_type=\"CONNECT_MANAGED\",\n inbound_calls_enabled=True,\n instance_alias=\"friendly-name-connect\",\n outbound_calls_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Instance(\"test\", new()\n {\n IdentityManagementType = \"CONNECT_MANAGED\",\n InboundCallsEnabled = true,\n InstanceAlias = \"friendly-name-connect\",\n OutboundCallsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstance(ctx, \"test\", \u0026connect.InstanceArgs{\n\t\t\tIdentityManagementType: pulumi.String(\"CONNECT_MANAGED\"),\n\t\t\tInboundCallsEnabled: pulumi.Bool(true),\n\t\t\tInstanceAlias: pulumi.String(\"friendly-name-connect\"),\n\t\t\tOutboundCallsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Instance;\nimport com.pulumi.aws.connect.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Instance(\"test\", InstanceArgs.builder()\n .identityManagementType(\"CONNECT_MANAGED\")\n .inboundCallsEnabled(true)\n .instanceAlias(\"friendly-name-connect\")\n .outboundCallsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Instance\n properties:\n identityManagementType: CONNECT_MANAGED\n inboundCallsEnabled: true\n instanceAlias: friendly-name-connect\n outboundCallsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With Existing Active Directory\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Instance(\"test\", {\n directoryId: testAwsDirectoryServiceDirectory.id,\n identityManagementType: \"EXISTING_DIRECTORY\",\n inboundCallsEnabled: true,\n instanceAlias: \"friendly-name-connect\",\n outboundCallsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Instance(\"test\",\n directory_id=test_aws_directory_service_directory[\"id\"],\n identity_management_type=\"EXISTING_DIRECTORY\",\n inbound_calls_enabled=True,\n instance_alias=\"friendly-name-connect\",\n outbound_calls_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Instance(\"test\", new()\n {\n DirectoryId = testAwsDirectoryServiceDirectory.Id,\n IdentityManagementType = \"EXISTING_DIRECTORY\",\n InboundCallsEnabled = true,\n InstanceAlias = \"friendly-name-connect\",\n OutboundCallsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstance(ctx, \"test\", \u0026connect.InstanceArgs{\n\t\t\tDirectoryId: pulumi.Any(testAwsDirectoryServiceDirectory.Id),\n\t\t\tIdentityManagementType: pulumi.String(\"EXISTING_DIRECTORY\"),\n\t\t\tInboundCallsEnabled: pulumi.Bool(true),\n\t\t\tInstanceAlias: pulumi.String(\"friendly-name-connect\"),\n\t\t\tOutboundCallsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Instance;\nimport com.pulumi.aws.connect.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Instance(\"test\", InstanceArgs.builder()\n .directoryId(testAwsDirectoryServiceDirectory.id())\n .identityManagementType(\"EXISTING_DIRECTORY\")\n .inboundCallsEnabled(true)\n .instanceAlias(\"friendly-name-connect\")\n .outboundCallsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Instance\n properties:\n directoryId: ${testAwsDirectoryServiceDirectory.id}\n identityManagementType: EXISTING_DIRECTORY\n inboundCallsEnabled: true\n instanceAlias: friendly-name-connect\n outboundCallsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With SAML\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Instance(\"test\", {\n identityManagementType: \"SAML\",\n inboundCallsEnabled: true,\n instanceAlias: \"friendly-name-connect\",\n outboundCallsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Instance(\"test\",\n identity_management_type=\"SAML\",\n inbound_calls_enabled=True,\n instance_alias=\"friendly-name-connect\",\n outbound_calls_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Instance(\"test\", new()\n {\n IdentityManagementType = \"SAML\",\n InboundCallsEnabled = true,\n InstanceAlias = \"friendly-name-connect\",\n OutboundCallsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstance(ctx, \"test\", \u0026connect.InstanceArgs{\n\t\t\tIdentityManagementType: pulumi.String(\"SAML\"),\n\t\t\tInboundCallsEnabled: pulumi.Bool(true),\n\t\t\tInstanceAlias: pulumi.String(\"friendly-name-connect\"),\n\t\t\tOutboundCallsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Instance;\nimport com.pulumi.aws.connect.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Instance(\"test\", InstanceArgs.builder()\n .identityManagementType(\"SAML\")\n .inboundCallsEnabled(true)\n .instanceAlias(\"friendly-name-connect\")\n .outboundCallsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Instance\n properties:\n identityManagementType: SAML\n inboundCallsEnabled: true\n instanceAlias: friendly-name-connect\n outboundCallsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Connect instances using the `id`. For example:\n\n```sh\n$ pulumi import aws:connect/instance:Instance example f1288a1f-6193-445a-b47e-af739b2\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the instance.\n" }, "autoResolveBestVoicesEnabled": { "type": "boolean", "description": "Specifies whether auto resolve best voices is enabled. Defaults to `true`.\n" }, "contactFlowLogsEnabled": { "type": "boolean", "description": "Specifies whether contact flow logs are enabled. Defaults to `false`.\n" }, "contactLensEnabled": { "type": "boolean", "description": "Specifies whether contact lens is enabled. Defaults to `true`.\n" }, "createdTime": { "type": "string", "description": "When the instance was created.\n" }, "directoryId": { "type": "string", "description": "The identifier for the directory if identity_management_type is `EXISTING_DIRECTORY`.\n" }, "earlyMediaEnabled": { "type": "boolean", "description": "Specifies whether early media for outbound calls is enabled . Defaults to `true` if outbound calls is enabled.\n" }, "identityManagementType": { "type": "string", "description": "Specifies the identity management type attached to the instance. Allowed Values are: `SAML`, `CONNECT_MANAGED`, `EXISTING_DIRECTORY`.\n" }, "inboundCallsEnabled": { "type": "boolean", "description": "Specifies whether inbound calls are enabled.\n" }, "instanceAlias": { "type": "string", "description": "Specifies the name of the instance. Required if `directory_id` not specified.\n" }, "multiPartyConferenceEnabled": { "type": "boolean", "description": "Specifies whether multi-party calls/conference is enabled. Defaults to `false`.\n" }, "outboundCallsEnabled": { "type": "boolean", "description": "Specifies whether outbound calls are enabled.\n\u003c!-- * `use_custom_tts_voices` - (Optional) Whether use custom tts voices is enabled. Defaults to `false` --\u003e\n" }, "serviceRole": { "type": "string", "description": "The service role of the instance.\n" }, "status": { "type": "string", "description": "The state of the instance.\n" } }, "required": [ "arn", "createdTime", "identityManagementType", "inboundCallsEnabled", "outboundCallsEnabled", "serviceRole", "status" ], "inputProperties": { "autoResolveBestVoicesEnabled": { "type": "boolean", "description": "Specifies whether auto resolve best voices is enabled. Defaults to `true`.\n" }, "contactFlowLogsEnabled": { "type": "boolean", "description": "Specifies whether contact flow logs are enabled. Defaults to `false`.\n" }, "contactLensEnabled": { "type": "boolean", "description": "Specifies whether contact lens is enabled. Defaults to `true`.\n" }, "directoryId": { "type": "string", "description": "The identifier for the directory if identity_management_type is `EXISTING_DIRECTORY`.\n", "willReplaceOnChanges": true }, "earlyMediaEnabled": { "type": "boolean", "description": "Specifies whether early media for outbound calls is enabled . Defaults to `true` if outbound calls is enabled.\n" }, "identityManagementType": { "type": "string", "description": "Specifies the identity management type attached to the instance. Allowed Values are: `SAML`, `CONNECT_MANAGED`, `EXISTING_DIRECTORY`.\n", "willReplaceOnChanges": true }, "inboundCallsEnabled": { "type": "boolean", "description": "Specifies whether inbound calls are enabled.\n" }, "instanceAlias": { "type": "string", "description": "Specifies the name of the instance. Required if `directory_id` not specified.\n", "willReplaceOnChanges": true }, "multiPartyConferenceEnabled": { "type": "boolean", "description": "Specifies whether multi-party calls/conference is enabled. Defaults to `false`.\n" }, "outboundCallsEnabled": { "type": "boolean", "description": "Specifies whether outbound calls are enabled.\n\u003c!-- * `use_custom_tts_voices` - (Optional) Whether use custom tts voices is enabled. Defaults to `false` --\u003e\n" } }, "requiredInputs": [ "identityManagementType", "inboundCallsEnabled", "outboundCallsEnabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the instance.\n" }, "autoResolveBestVoicesEnabled": { "type": "boolean", "description": "Specifies whether auto resolve best voices is enabled. Defaults to `true`.\n" }, "contactFlowLogsEnabled": { "type": "boolean", "description": "Specifies whether contact flow logs are enabled. Defaults to `false`.\n" }, "contactLensEnabled": { "type": "boolean", "description": "Specifies whether contact lens is enabled. Defaults to `true`.\n" }, "createdTime": { "type": "string", "description": "When the instance was created.\n" }, "directoryId": { "type": "string", "description": "The identifier for the directory if identity_management_type is `EXISTING_DIRECTORY`.\n", "willReplaceOnChanges": true }, "earlyMediaEnabled": { "type": "boolean", "description": "Specifies whether early media for outbound calls is enabled . Defaults to `true` if outbound calls is enabled.\n" }, "identityManagementType": { "type": "string", "description": "Specifies the identity management type attached to the instance. Allowed Values are: `SAML`, `CONNECT_MANAGED`, `EXISTING_DIRECTORY`.\n", "willReplaceOnChanges": true }, "inboundCallsEnabled": { "type": "boolean", "description": "Specifies whether inbound calls are enabled.\n" }, "instanceAlias": { "type": "string", "description": "Specifies the name of the instance. Required if `directory_id` not specified.\n", "willReplaceOnChanges": true }, "multiPartyConferenceEnabled": { "type": "boolean", "description": "Specifies whether multi-party calls/conference is enabled. Defaults to `false`.\n" }, "outboundCallsEnabled": { "type": "boolean", "description": "Specifies whether outbound calls are enabled.\n\u003c!-- * `use_custom_tts_voices` - (Optional) Whether use custom tts voices is enabled. Defaults to `false` --\u003e\n" }, "serviceRole": { "type": "string", "description": "The service role of the instance.\n" }, "status": { "type": "string", "description": "The state of the instance.\n" } }, "type": "object" } }, "aws:connect/instanceStorageConfig:InstanceStorageConfig": { "description": "Provides an Amazon Connect Instance Storage Config resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n### Storage Config Kinesis Firehose Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.InstanceStorageConfig(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n resourceType: \"CONTACT_TRACE_RECORDS\",\n storageConfig: {\n kinesisFirehoseConfig: {\n firehoseArn: exampleAwsKinesisFirehoseDeliveryStream.arn,\n },\n storageType: \"KINESIS_FIREHOSE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.InstanceStorageConfig(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n resource_type=\"CONTACT_TRACE_RECORDS\",\n storage_config={\n \"kinesis_firehose_config\": {\n \"firehose_arn\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n },\n \"storage_type\": \"KINESIS_FIREHOSE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.InstanceStorageConfig(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n ResourceType = \"CONTACT_TRACE_RECORDS\",\n StorageConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigArgs\n {\n KinesisFirehoseConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigKinesisFirehoseConfigArgs\n {\n FirehoseArn = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n },\n StorageType = \"KINESIS_FIREHOSE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstanceStorageConfig(ctx, \"example\", \u0026connect.InstanceStorageConfigArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tResourceType: pulumi.String(\"CONTACT_TRACE_RECORDS\"),\n\t\t\tStorageConfig: \u0026connect.InstanceStorageConfigStorageConfigArgs{\n\t\t\t\tKinesisFirehoseConfig: \u0026connect.InstanceStorageConfigStorageConfigKinesisFirehoseConfigArgs{\n\t\t\t\t\tFirehoseArn: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\t},\n\t\t\t\tStorageType: pulumi.String(\"KINESIS_FIREHOSE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.InstanceStorageConfig;\nimport com.pulumi.aws.connect.InstanceStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigKinesisFirehoseConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceStorageConfig(\"example\", InstanceStorageConfigArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .resourceType(\"CONTACT_TRACE_RECORDS\")\n .storageConfig(InstanceStorageConfigStorageConfigArgs.builder()\n .kinesisFirehoseConfig(InstanceStorageConfigStorageConfigKinesisFirehoseConfigArgs.builder()\n .firehoseArn(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .build())\n .storageType(\"KINESIS_FIREHOSE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:InstanceStorageConfig\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n resourceType: CONTACT_TRACE_RECORDS\n storageConfig:\n kinesisFirehoseConfig:\n firehoseArn: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n storageType: KINESIS_FIREHOSE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Storage Config Kinesis Stream Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.InstanceStorageConfig(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n resourceType: \"CONTACT_TRACE_RECORDS\",\n storageConfig: {\n kinesisStreamConfig: {\n streamArn: exampleAwsKinesisStream.arn,\n },\n storageType: \"KINESIS_STREAM\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.InstanceStorageConfig(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n resource_type=\"CONTACT_TRACE_RECORDS\",\n storage_config={\n \"kinesis_stream_config\": {\n \"stream_arn\": example_aws_kinesis_stream[\"arn\"],\n },\n \"storage_type\": \"KINESIS_STREAM\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.InstanceStorageConfig(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n ResourceType = \"CONTACT_TRACE_RECORDS\",\n StorageConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigArgs\n {\n KinesisStreamConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigKinesisStreamConfigArgs\n {\n StreamArn = exampleAwsKinesisStream.Arn,\n },\n StorageType = \"KINESIS_STREAM\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstanceStorageConfig(ctx, \"example\", \u0026connect.InstanceStorageConfigArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tResourceType: pulumi.String(\"CONTACT_TRACE_RECORDS\"),\n\t\t\tStorageConfig: \u0026connect.InstanceStorageConfigStorageConfigArgs{\n\t\t\t\tKinesisStreamConfig: \u0026connect.InstanceStorageConfigStorageConfigKinesisStreamConfigArgs{\n\t\t\t\t\tStreamArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\t\t},\n\t\t\t\tStorageType: pulumi.String(\"KINESIS_STREAM\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.InstanceStorageConfig;\nimport com.pulumi.aws.connect.InstanceStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigKinesisStreamConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceStorageConfig(\"example\", InstanceStorageConfigArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .resourceType(\"CONTACT_TRACE_RECORDS\")\n .storageConfig(InstanceStorageConfigStorageConfigArgs.builder()\n .kinesisStreamConfig(InstanceStorageConfigStorageConfigKinesisStreamConfigArgs.builder()\n .streamArn(exampleAwsKinesisStream.arn())\n .build())\n .storageType(\"KINESIS_STREAM\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:InstanceStorageConfig\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n resourceType: CONTACT_TRACE_RECORDS\n storageConfig:\n kinesisStreamConfig:\n streamArn: ${exampleAwsKinesisStream.arn}\n storageType: KINESIS_STREAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Storage Config Kinesis Video Stream Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.InstanceStorageConfig(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n resourceType: \"MEDIA_STREAMS\",\n storageConfig: {\n kinesisVideoStreamConfig: {\n prefix: \"example\",\n retentionPeriodHours: 3,\n encryptionConfig: {\n encryptionType: \"KMS\",\n keyId: exampleAwsKmsKey.arn,\n },\n },\n storageType: \"KINESIS_VIDEO_STREAM\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.InstanceStorageConfig(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n resource_type=\"MEDIA_STREAMS\",\n storage_config={\n \"kinesis_video_stream_config\": {\n \"prefix\": \"example\",\n \"retention_period_hours\": 3,\n \"encryption_config\": {\n \"encryption_type\": \"KMS\",\n \"key_id\": example_aws_kms_key[\"arn\"],\n },\n },\n \"storage_type\": \"KINESIS_VIDEO_STREAM\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.InstanceStorageConfig(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n ResourceType = \"MEDIA_STREAMS\",\n StorageConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigArgs\n {\n KinesisVideoStreamConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigArgs\n {\n Prefix = \"example\",\n RetentionPeriodHours = 3,\n EncryptionConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfigArgs\n {\n EncryptionType = \"KMS\",\n KeyId = exampleAwsKmsKey.Arn,\n },\n },\n StorageType = \"KINESIS_VIDEO_STREAM\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstanceStorageConfig(ctx, \"example\", \u0026connect.InstanceStorageConfigArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tResourceType: pulumi.String(\"MEDIA_STREAMS\"),\n\t\t\tStorageConfig: \u0026connect.InstanceStorageConfigStorageConfigArgs{\n\t\t\t\tKinesisVideoStreamConfig: \u0026connect.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigArgs{\n\t\t\t\t\tPrefix: pulumi.String(\"example\"),\n\t\t\t\t\tRetentionPeriodHours: pulumi.Int(3),\n\t\t\t\t\tEncryptionConfig: \u0026connect.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfigArgs{\n\t\t\t\t\t\tEncryptionType: pulumi.String(\"KMS\"),\n\t\t\t\t\t\tKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tStorageType: pulumi.String(\"KINESIS_VIDEO_STREAM\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.InstanceStorageConfig;\nimport com.pulumi.aws.connect.InstanceStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceStorageConfig(\"example\", InstanceStorageConfigArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .resourceType(\"MEDIA_STREAMS\")\n .storageConfig(InstanceStorageConfigStorageConfigArgs.builder()\n .kinesisVideoStreamConfig(InstanceStorageConfigStorageConfigKinesisVideoStreamConfigArgs.builder()\n .prefix(\"example\")\n .retentionPeriodHours(3)\n .encryptionConfig(InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfigArgs.builder()\n .encryptionType(\"KMS\")\n .keyId(exampleAwsKmsKey.arn())\n .build())\n .build())\n .storageType(\"KINESIS_VIDEO_STREAM\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:InstanceStorageConfig\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n resourceType: MEDIA_STREAMS\n storageConfig:\n kinesisVideoStreamConfig:\n prefix: example\n retentionPeriodHours: 3\n encryptionConfig:\n encryptionType: KMS\n keyId: ${exampleAwsKmsKey.arn}\n storageType: KINESIS_VIDEO_STREAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Storage Config S3 Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.InstanceStorageConfig(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n resourceType: \"CHAT_TRANSCRIPTS\",\n storageConfig: {\n s3Config: {\n bucketName: exampleAwsS3Bucket.id,\n bucketPrefix: \"example\",\n },\n storageType: \"S3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.InstanceStorageConfig(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n resource_type=\"CHAT_TRANSCRIPTS\",\n storage_config={\n \"s3_config\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"bucket_prefix\": \"example\",\n },\n \"storage_type\": \"S3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.InstanceStorageConfig(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n ResourceType = \"CHAT_TRANSCRIPTS\",\n StorageConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigArgs\n {\n S3Config = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigS3ConfigArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n BucketPrefix = \"example\",\n },\n StorageType = \"S3\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstanceStorageConfig(ctx, \"example\", \u0026connect.InstanceStorageConfigArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tResourceType: pulumi.String(\"CHAT_TRANSCRIPTS\"),\n\t\t\tStorageConfig: \u0026connect.InstanceStorageConfigStorageConfigArgs{\n\t\t\t\tS3Config: \u0026connect.InstanceStorageConfigStorageConfigS3ConfigArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tBucketPrefix: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t\tStorageType: pulumi.String(\"S3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.InstanceStorageConfig;\nimport com.pulumi.aws.connect.InstanceStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigS3ConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceStorageConfig(\"example\", InstanceStorageConfigArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .resourceType(\"CHAT_TRANSCRIPTS\")\n .storageConfig(InstanceStorageConfigStorageConfigArgs.builder()\n .s3Config(InstanceStorageConfigStorageConfigS3ConfigArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .bucketPrefix(\"example\")\n .build())\n .storageType(\"S3\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:InstanceStorageConfig\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n resourceType: CHAT_TRANSCRIPTS\n storageConfig:\n s3Config:\n bucketName: ${exampleAwsS3Bucket.id}\n bucketPrefix: example\n storageType: S3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Storage Config S3 Config with Encryption Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.InstanceStorageConfig(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n resourceType: \"CHAT_TRANSCRIPTS\",\n storageConfig: {\n s3Config: {\n bucketName: exampleAwsS3Bucket.id,\n bucketPrefix: \"example\",\n encryptionConfig: {\n encryptionType: \"KMS\",\n keyId: exampleAwsKmsKey.arn,\n },\n },\n storageType: \"S3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.InstanceStorageConfig(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n resource_type=\"CHAT_TRANSCRIPTS\",\n storage_config={\n \"s3_config\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"bucket_prefix\": \"example\",\n \"encryption_config\": {\n \"encryption_type\": \"KMS\",\n \"key_id\": example_aws_kms_key[\"arn\"],\n },\n },\n \"storage_type\": \"S3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.InstanceStorageConfig(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n ResourceType = \"CHAT_TRANSCRIPTS\",\n StorageConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigArgs\n {\n S3Config = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigS3ConfigArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n BucketPrefix = \"example\",\n EncryptionConfig = new Aws.Connect.Inputs.InstanceStorageConfigStorageConfigS3ConfigEncryptionConfigArgs\n {\n EncryptionType = \"KMS\",\n KeyId = exampleAwsKmsKey.Arn,\n },\n },\n StorageType = \"S3\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewInstanceStorageConfig(ctx, \"example\", \u0026connect.InstanceStorageConfigArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tResourceType: pulumi.String(\"CHAT_TRANSCRIPTS\"),\n\t\t\tStorageConfig: \u0026connect.InstanceStorageConfigStorageConfigArgs{\n\t\t\t\tS3Config: \u0026connect.InstanceStorageConfigStorageConfigS3ConfigArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tBucketPrefix: pulumi.String(\"example\"),\n\t\t\t\t\tEncryptionConfig: \u0026connect.InstanceStorageConfigStorageConfigS3ConfigEncryptionConfigArgs{\n\t\t\t\t\t\tEncryptionType: pulumi.String(\"KMS\"),\n\t\t\t\t\t\tKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tStorageType: pulumi.String(\"S3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.InstanceStorageConfig;\nimport com.pulumi.aws.connect.InstanceStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigS3ConfigArgs;\nimport com.pulumi.aws.connect.inputs.InstanceStorageConfigStorageConfigS3ConfigEncryptionConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceStorageConfig(\"example\", InstanceStorageConfigArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .resourceType(\"CHAT_TRANSCRIPTS\")\n .storageConfig(InstanceStorageConfigStorageConfigArgs.builder()\n .s3Config(InstanceStorageConfigStorageConfigS3ConfigArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .bucketPrefix(\"example\")\n .encryptionConfig(InstanceStorageConfigStorageConfigS3ConfigEncryptionConfigArgs.builder()\n .encryptionType(\"KMS\")\n .keyId(exampleAwsKmsKey.arn())\n .build())\n .build())\n .storageType(\"S3\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:InstanceStorageConfig\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n resourceType: CHAT_TRANSCRIPTS\n storageConfig:\n s3Config:\n bucketName: ${exampleAwsS3Bucket.id}\n bucketPrefix: example\n encryptionConfig:\n encryptionType: KMS\n keyId: ${exampleAwsKmsKey.arn}\n storageType: S3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Instance Storage Configs using the `instance_id`, `association_id`, and `resource_type` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/instanceStorageConfig:InstanceStorageConfig example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5:CHAT_TRANSCRIPTS\n```\n", "properties": { "associationId": { "type": "string", "description": "The existing association identifier that uniquely identifies the resource type and storage config for the given instance ID.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "resourceType": { "type": "string", "description": "A valid resource type. Valid Values: `AGENT_EVENTS` | `ATTACHMENTS` | `CALL_RECORDINGS` | `CHAT_TRANSCRIPTS` | `CONTACT_EVALUATIONS` | `CONTACT_TRACE_RECORDS` | `MEDIA_STREAMS` | `REAL_TIME_CONTACT_ANALYSIS_SEGMENTS` | `SCHEDULED_REPORTS` | `SCREEN_RECORDINGS`.\n" }, "storageConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfig:InstanceStorageConfigStorageConfig", "description": "Specifies the storage configuration options for the Connect Instance. Documented below.\n" } }, "required": [ "associationId", "instanceId", "resourceType", "storageConfig" ], "inputProperties": { "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "resourceType": { "type": "string", "description": "A valid resource type. Valid Values: `AGENT_EVENTS` | `ATTACHMENTS` | `CALL_RECORDINGS` | `CHAT_TRANSCRIPTS` | `CONTACT_EVALUATIONS` | `CONTACT_TRACE_RECORDS` | `MEDIA_STREAMS` | `REAL_TIME_CONTACT_ANALYSIS_SEGMENTS` | `SCHEDULED_REPORTS` | `SCREEN_RECORDINGS`.\n", "willReplaceOnChanges": true }, "storageConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfig:InstanceStorageConfigStorageConfig", "description": "Specifies the storage configuration options for the Connect Instance. Documented below.\n" } }, "requiredInputs": [ "instanceId", "resourceType", "storageConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceStorageConfig resources.\n", "properties": { "associationId": { "type": "string", "description": "The existing association identifier that uniquely identifies the resource type and storage config for the given instance ID.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "resourceType": { "type": "string", "description": "A valid resource type. Valid Values: `AGENT_EVENTS` | `ATTACHMENTS` | `CALL_RECORDINGS` | `CHAT_TRANSCRIPTS` | `CONTACT_EVALUATIONS` | `CONTACT_TRACE_RECORDS` | `MEDIA_STREAMS` | `REAL_TIME_CONTACT_ANALYSIS_SEGMENTS` | `SCHEDULED_REPORTS` | `SCREEN_RECORDINGS`.\n", "willReplaceOnChanges": true }, "storageConfig": { "$ref": "#/types/aws:connect/InstanceStorageConfigStorageConfig:InstanceStorageConfigStorageConfig", "description": "Specifies the storage configuration options for the Connect Instance. Documented below.\n" } }, "type": "object" } }, "aws:connect/lambdaFunctionAssociation:LambdaFunctionAssociation": { "description": "Provides an Amazon Connect Lambda Function Association. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html) and [Invoke AWS Lambda functions](https://docs.aws.amazon.com/connect/latest/adminguide/connect-lambda-functions.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.LambdaFunctionAssociation(\"example\", {\n functionArn: exampleAwsLambdaFunction.arn,\n instanceId: exampleAwsConnectInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.LambdaFunctionAssociation(\"example\",\n function_arn=example_aws_lambda_function[\"arn\"],\n instance_id=example_aws_connect_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.LambdaFunctionAssociation(\"example\", new()\n {\n FunctionArn = exampleAwsLambdaFunction.Arn,\n InstanceId = exampleAwsConnectInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewLambdaFunctionAssociation(ctx, \"example\", \u0026connect.LambdaFunctionAssociationArgs{\n\t\t\tFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.LambdaFunctionAssociation;\nimport com.pulumi.aws.connect.LambdaFunctionAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LambdaFunctionAssociation(\"example\", LambdaFunctionAssociationArgs.builder()\n .functionArn(exampleAwsLambdaFunction.arn())\n .instanceId(exampleAwsConnectInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:LambdaFunctionAssociation\n properties:\n functionArn: ${exampleAwsLambdaFunction.arn}\n instanceId: ${exampleAwsConnectInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_connect_lambda_function_association` using the `instance_id` and `function_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:connect/lambdaFunctionAssociation:LambdaFunctionAssociation example aaaaaaaa-bbbb-cccc-dddd-111111111111,arn:aws:lambda:us-west-2:123456789123:function:example\n```\n", "properties": { "functionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n" }, "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n" } }, "required": [ "functionArn", "instanceId" ], "inputProperties": { "functionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "functionArn", "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LambdaFunctionAssociation resources.\n", "properties": { "functionArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:connect/phoneNumber:PhoneNumber": { "description": "Provides an Amazon Connect Phone Number resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.PhoneNumber(\"example\", {\n targetArn: exampleAwsConnectInstance.arn,\n countryCode: \"US\",\n type: \"DID\",\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.PhoneNumber(\"example\",\n target_arn=example_aws_connect_instance[\"arn\"],\n country_code=\"US\",\n type=\"DID\",\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.PhoneNumber(\"example\", new()\n {\n TargetArn = exampleAwsConnectInstance.Arn,\n CountryCode = \"US\",\n Type = \"DID\",\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewPhoneNumber(ctx, \"example\", \u0026connect.PhoneNumberArgs{\n\t\t\tTargetArn: pulumi.Any(exampleAwsConnectInstance.Arn),\n\t\t\tCountryCode: pulumi.String(\"US\"),\n\t\t\tType: pulumi.String(\"DID\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.PhoneNumber;\nimport com.pulumi.aws.connect.PhoneNumberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PhoneNumber(\"example\", PhoneNumberArgs.builder()\n .targetArn(exampleAwsConnectInstance.arn())\n .countryCode(\"US\")\n .type(\"DID\")\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:PhoneNumber\n properties:\n targetArn: ${exampleAwsConnectInstance.arn}\n countryCode: US\n type: DID\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Description\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.PhoneNumber(\"example\", {\n targetArn: exampleAwsConnectInstance.arn,\n countryCode: \"US\",\n type: \"DID\",\n description: \"example description\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.PhoneNumber(\"example\",\n target_arn=example_aws_connect_instance[\"arn\"],\n country_code=\"US\",\n type=\"DID\",\n description=\"example description\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.PhoneNumber(\"example\", new()\n {\n TargetArn = exampleAwsConnectInstance.Arn,\n CountryCode = \"US\",\n Type = \"DID\",\n Description = \"example description\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewPhoneNumber(ctx, \"example\", \u0026connect.PhoneNumberArgs{\n\t\t\tTargetArn: pulumi.Any(exampleAwsConnectInstance.Arn),\n\t\t\tCountryCode: pulumi.String(\"US\"),\n\t\t\tType: pulumi.String(\"DID\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.PhoneNumber;\nimport com.pulumi.aws.connect.PhoneNumberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PhoneNumber(\"example\", PhoneNumberArgs.builder()\n .targetArn(exampleAwsConnectInstance.arn())\n .countryCode(\"US\")\n .type(\"DID\")\n .description(\"example description\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:PhoneNumber\n properties:\n targetArn: ${exampleAwsConnectInstance.arn}\n countryCode: US\n type: DID\n description: example description\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Prefix to filter phone numbers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.PhoneNumber(\"example\", {\n targetArn: exampleAwsConnectInstance.arn,\n countryCode: \"US\",\n type: \"DID\",\n prefix: \"+18005\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.PhoneNumber(\"example\",\n target_arn=example_aws_connect_instance[\"arn\"],\n country_code=\"US\",\n type=\"DID\",\n prefix=\"+18005\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.PhoneNumber(\"example\", new()\n {\n TargetArn = exampleAwsConnectInstance.Arn,\n CountryCode = \"US\",\n Type = \"DID\",\n Prefix = \"+18005\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewPhoneNumber(ctx, \"example\", \u0026connect.PhoneNumberArgs{\n\t\t\tTargetArn: pulumi.Any(exampleAwsConnectInstance.Arn),\n\t\t\tCountryCode: pulumi.String(\"US\"),\n\t\t\tType: pulumi.String(\"DID\"),\n\t\t\tPrefix: pulumi.String(\"+18005\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.PhoneNumber;\nimport com.pulumi.aws.connect.PhoneNumberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PhoneNumber(\"example\", PhoneNumberArgs.builder()\n .targetArn(exampleAwsConnectInstance.arn())\n .countryCode(\"US\")\n .type(\"DID\")\n .prefix(\"+18005\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:PhoneNumber\n properties:\n targetArn: ${exampleAwsConnectInstance.arn}\n countryCode: US\n type: DID\n prefix: '+18005'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Phone Numbers using its `id`. For example:\n\n```sh\n$ pulumi import aws:connect/phoneNumber:PhoneNumber example 12345678-abcd-1234-efgh-9876543210ab\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the phone number.\n" }, "countryCode": { "type": "string", "description": "The ISO country code. For a list of Valid values, refer to [PhoneNumberCountryCode](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchAvailablePhoneNumbers.html#connect-SearchAvailablePhoneNumbers-request-PhoneNumberCountryCode).\n" }, "description": { "type": "string", "description": "The description of the phone number.\n" }, "phoneNumber": { "type": "string", "description": "The phone number. Phone numbers are formatted `[+] [country code] [subscriber number including area code]`.\n", "language": { "csharp": { "name": "PhoneNumberValue" } } }, "prefix": { "type": "string", "description": "The prefix of the phone number that is used to filter available phone numbers. If provided, it must contain `+` as part of the country code. Do not specify this argument when importing the resource.\n" }, "statuses": { "type": "array", "items": { "$ref": "#/types/aws:connect/PhoneNumberStatus:PhoneNumberStatus" }, "description": "The status of the phone number. Valid Values: `CLAIMED` | `IN_PROGRESS` | `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Phone Number. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for Amazon Connect instances that phone numbers are claimed to.\n" }, "type": { "type": "string", "description": "The type of phone number. Valid Values: `TOLL_FREE` | `DID`.\n" } }, "required": [ "arn", "countryCode", "phoneNumber", "statuses", "tagsAll", "targetArn", "type" ], "inputProperties": { "countryCode": { "type": "string", "description": "The ISO country code. For a list of Valid values, refer to [PhoneNumberCountryCode](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchAvailablePhoneNumbers.html#connect-SearchAvailablePhoneNumbers-request-PhoneNumberCountryCode).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the phone number.\n", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "The prefix of the phone number that is used to filter available phone numbers. If provided, it must contain `+` as part of the country code. Do not specify this argument when importing the resource.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Phone Number. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for Amazon Connect instances that phone numbers are claimed to.\n" }, "type": { "type": "string", "description": "The type of phone number. Valid Values: `TOLL_FREE` | `DID`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "countryCode", "targetArn", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering PhoneNumber resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the phone number.\n" }, "countryCode": { "type": "string", "description": "The ISO country code. For a list of Valid values, refer to [PhoneNumberCountryCode](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchAvailablePhoneNumbers.html#connect-SearchAvailablePhoneNumbers-request-PhoneNumberCountryCode).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the phone number.\n", "willReplaceOnChanges": true }, "phoneNumber": { "type": "string", "description": "The phone number. Phone numbers are formatted `[+] [country code] [subscriber number including area code]`.\n", "language": { "csharp": { "name": "PhoneNumberValue" } } }, "prefix": { "type": "string", "description": "The prefix of the phone number that is used to filter available phone numbers. If provided, it must contain `+` as part of the country code. Do not specify this argument when importing the resource.\n", "willReplaceOnChanges": true }, "statuses": { "type": "array", "items": { "$ref": "#/types/aws:connect/PhoneNumberStatus:PhoneNumberStatus" }, "description": "The status of the phone number. Valid Values: `CLAIMED` | `IN_PROGRESS` | `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Phone Number. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for Amazon Connect instances that phone numbers are claimed to.\n" }, "type": { "type": "string", "description": "The type of phone number. Valid Values: `TOLL_FREE` | `DID`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:connect/queue:Queue": { "description": "Provides an Amazon Connect Queue resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Queue(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example Name\",\n description: \"Example Description\",\n hoursOfOperationId: \"12345678-1234-1234-1234-123456789012\",\n tags: {\n Name: \"Example Queue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Queue(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example Name\",\n description=\"Example Description\",\n hours_of_operation_id=\"12345678-1234-1234-1234-123456789012\",\n tags={\n \"Name\": \"Example Queue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Queue(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example Name\",\n Description = \"Example Description\",\n HoursOfOperationId = \"12345678-1234-1234-1234-123456789012\",\n Tags = \n {\n { \"Name\", \"Example Queue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewQueue(ctx, \"test\", \u0026connect.QueueArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example Name\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tHoursOfOperationId: pulumi.String(\"12345678-1234-1234-1234-123456789012\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Queue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Queue;\nimport com.pulumi.aws.connect.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Queue(\"test\", QueueArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example Name\")\n .description(\"Example Description\")\n .hoursOfOperationId(\"12345678-1234-1234-1234-123456789012\")\n .tags(Map.of(\"Name\", \"Example Queue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Queue\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example Name\n description: Example Description\n hoursOfOperationId: 12345678-1234-1234-1234-123456789012\n tags:\n Name: Example Queue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Quick Connect IDs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Queue(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example Name\",\n description: \"Example Description\",\n hoursOfOperationId: \"12345678-1234-1234-1234-123456789012\",\n quickConnectIds: [\"12345678-abcd-1234-abcd-123456789012\"],\n tags: {\n Name: \"Example Queue with Quick Connect IDs\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Queue(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example Name\",\n description=\"Example Description\",\n hours_of_operation_id=\"12345678-1234-1234-1234-123456789012\",\n quick_connect_ids=[\"12345678-abcd-1234-abcd-123456789012\"],\n tags={\n \"Name\": \"Example Queue with Quick Connect IDs\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Queue(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example Name\",\n Description = \"Example Description\",\n HoursOfOperationId = \"12345678-1234-1234-1234-123456789012\",\n QuickConnectIds = new[]\n {\n \"12345678-abcd-1234-abcd-123456789012\",\n },\n Tags = \n {\n { \"Name\", \"Example Queue with Quick Connect IDs\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewQueue(ctx, \"test\", \u0026connect.QueueArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example Name\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tHoursOfOperationId: pulumi.String(\"12345678-1234-1234-1234-123456789012\"),\n\t\t\tQuickConnectIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"12345678-abcd-1234-abcd-123456789012\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Queue with Quick Connect IDs\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Queue;\nimport com.pulumi.aws.connect.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Queue(\"test\", QueueArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example Name\")\n .description(\"Example Description\")\n .hoursOfOperationId(\"12345678-1234-1234-1234-123456789012\")\n .quickConnectIds(\"12345678-abcd-1234-abcd-123456789012\")\n .tags(Map.of(\"Name\", \"Example Queue with Quick Connect IDs\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Queue\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example Name\n description: Example Description\n hoursOfOperationId: 12345678-1234-1234-1234-123456789012\n quickConnectIds:\n - 12345678-abcd-1234-abcd-123456789012\n tags:\n Name: Example Queue with Quick Connect IDs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Outbound Caller Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.Queue(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example Name\",\n description: \"Example Description\",\n hoursOfOperationId: \"12345678-1234-1234-1234-123456789012\",\n outboundCallerConfig: {\n outboundCallerIdName: \"example\",\n outboundCallerIdNumberId: \"12345678-abcd-1234-abcd-123456789012\",\n outboundFlowId: \"87654321-defg-1234-defg-987654321234\",\n },\n tags: {\n Name: \"Example Queue with Outbound Caller Config\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.Queue(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example Name\",\n description=\"Example Description\",\n hours_of_operation_id=\"12345678-1234-1234-1234-123456789012\",\n outbound_caller_config={\n \"outbound_caller_id_name\": \"example\",\n \"outbound_caller_id_number_id\": \"12345678-abcd-1234-abcd-123456789012\",\n \"outbound_flow_id\": \"87654321-defg-1234-defg-987654321234\",\n },\n tags={\n \"Name\": \"Example Queue with Outbound Caller Config\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.Queue(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example Name\",\n Description = \"Example Description\",\n HoursOfOperationId = \"12345678-1234-1234-1234-123456789012\",\n OutboundCallerConfig = new Aws.Connect.Inputs.QueueOutboundCallerConfigArgs\n {\n OutboundCallerIdName = \"example\",\n OutboundCallerIdNumberId = \"12345678-abcd-1234-abcd-123456789012\",\n OutboundFlowId = \"87654321-defg-1234-defg-987654321234\",\n },\n Tags = \n {\n { \"Name\", \"Example Queue with Outbound Caller Config\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewQueue(ctx, \"test\", \u0026connect.QueueArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example Name\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tHoursOfOperationId: pulumi.String(\"12345678-1234-1234-1234-123456789012\"),\n\t\t\tOutboundCallerConfig: \u0026connect.QueueOutboundCallerConfigArgs{\n\t\t\t\tOutboundCallerIdName: pulumi.String(\"example\"),\n\t\t\t\tOutboundCallerIdNumberId: pulumi.String(\"12345678-abcd-1234-abcd-123456789012\"),\n\t\t\t\tOutboundFlowId: pulumi.String(\"87654321-defg-1234-defg-987654321234\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Queue with Outbound Caller Config\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Queue;\nimport com.pulumi.aws.connect.QueueArgs;\nimport com.pulumi.aws.connect.inputs.QueueOutboundCallerConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Queue(\"test\", QueueArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example Name\")\n .description(\"Example Description\")\n .hoursOfOperationId(\"12345678-1234-1234-1234-123456789012\")\n .outboundCallerConfig(QueueOutboundCallerConfigArgs.builder()\n .outboundCallerIdName(\"example\")\n .outboundCallerIdNumberId(\"12345678-abcd-1234-abcd-123456789012\")\n .outboundFlowId(\"87654321-defg-1234-defg-987654321234\")\n .build())\n .tags(Map.of(\"Name\", \"Example Queue with Outbound Caller Config\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:Queue\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example Name\n description: Example Description\n hoursOfOperationId: 12345678-1234-1234-1234-123456789012\n outboundCallerConfig:\n outboundCallerIdName: example\n outboundCallerIdNumberId: 12345678-abcd-1234-abcd-123456789012\n outboundFlowId: 87654321-defg-1234-defg-987654321234\n tags:\n Name: Example Queue with Outbound Caller Config\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Queues using the `instance_id` and `queue_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/queue:Queue example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Queue.\n" }, "description": { "type": "string", "description": "Specifies the description of the Queue.\n" }, "hoursOfOperationId": { "type": "string", "description": "Specifies the identifier of the Hours of Operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "maxContacts": { "type": "integer", "description": "Specifies the maximum number of contacts that can be in the queue before it is considered full. Minimum value of 0.\n" }, "name": { "type": "string", "description": "Specifies the name of the Queue.\n" }, "outboundCallerConfig": { "$ref": "#/types/aws:connect/QueueOutboundCallerConfig:QueueOutboundCallerConfig", "description": "A block that defines the outbound caller ID name, number, and outbound whisper flow. The Outbound Caller Config block is documented below.\n" }, "queueId": { "type": "string", "description": "The identifier for the Queue.\n" }, "quickConnectIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of quick connects ids that determine the quick connects available to agents who are working the queue.\n" }, "status": { "type": "string", "description": "Specifies the description of the Queue. Valid values are `ENABLED`, `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Queue. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "hoursOfOperationId", "instanceId", "name", "queueId", "status", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the Queue.\n" }, "hoursOfOperationId": { "type": "string", "description": "Specifies the identifier of the Hours of Operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "maxContacts": { "type": "integer", "description": "Specifies the maximum number of contacts that can be in the queue before it is considered full. Minimum value of 0.\n" }, "name": { "type": "string", "description": "Specifies the name of the Queue.\n" }, "outboundCallerConfig": { "$ref": "#/types/aws:connect/QueueOutboundCallerConfig:QueueOutboundCallerConfig", "description": "A block that defines the outbound caller ID name, number, and outbound whisper flow. The Outbound Caller Config block is documented below.\n" }, "quickConnectIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of quick connects ids that determine the quick connects available to agents who are working the queue.\n" }, "status": { "type": "string", "description": "Specifies the description of the Queue. Valid values are `ENABLED`, `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Queue. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "hoursOfOperationId", "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Queue resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Queue.\n" }, "description": { "type": "string", "description": "Specifies the description of the Queue.\n" }, "hoursOfOperationId": { "type": "string", "description": "Specifies the identifier of the Hours of Operation.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "maxContacts": { "type": "integer", "description": "Specifies the maximum number of contacts that can be in the queue before it is considered full. Minimum value of 0.\n" }, "name": { "type": "string", "description": "Specifies the name of the Queue.\n" }, "outboundCallerConfig": { "$ref": "#/types/aws:connect/QueueOutboundCallerConfig:QueueOutboundCallerConfig", "description": "A block that defines the outbound caller ID name, number, and outbound whisper flow. The Outbound Caller Config block is documented below.\n" }, "queueId": { "type": "string", "description": "The identifier for the Queue.\n" }, "quickConnectIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of quick connects ids that determine the quick connects available to agents who are working the queue.\n" }, "status": { "type": "string", "description": "Specifies the description of the Queue. Valid values are `ENABLED`, `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Queue. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/quickConnect:QuickConnect": { "description": "Provides an Amazon Connect Quick Connect resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.QuickConnect(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example Name\",\n description: \"quick connect phone number\",\n quickConnectConfig: {\n quickConnectType: \"PHONE_NUMBER\",\n phoneConfigs: [{\n phoneNumber: \"+12345678912\",\n }],\n },\n tags: {\n Name: \"Example Quick Connect\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.QuickConnect(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example Name\",\n description=\"quick connect phone number\",\n quick_connect_config={\n \"quick_connect_type\": \"PHONE_NUMBER\",\n \"phone_configs\": [{\n \"phone_number\": \"+12345678912\",\n }],\n },\n tags={\n \"Name\": \"Example Quick Connect\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.QuickConnect(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example Name\",\n Description = \"quick connect phone number\",\n QuickConnectConfig = new Aws.Connect.Inputs.QuickConnectQuickConnectConfigArgs\n {\n QuickConnectType = \"PHONE_NUMBER\",\n PhoneConfigs = new[]\n {\n new Aws.Connect.Inputs.QuickConnectQuickConnectConfigPhoneConfigArgs\n {\n PhoneNumber = \"+12345678912\",\n },\n },\n },\n Tags = \n {\n { \"Name\", \"Example Quick Connect\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewQuickConnect(ctx, \"test\", \u0026connect.QuickConnectArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example Name\"),\n\t\t\tDescription: pulumi.String(\"quick connect phone number\"),\n\t\t\tQuickConnectConfig: \u0026connect.QuickConnectQuickConnectConfigArgs{\n\t\t\t\tQuickConnectType: pulumi.String(\"PHONE_NUMBER\"),\n\t\t\t\tPhoneConfigs: connect.QuickConnectQuickConnectConfigPhoneConfigArray{\n\t\t\t\t\t\u0026connect.QuickConnectQuickConnectConfigPhoneConfigArgs{\n\t\t\t\t\t\tPhoneNumber: pulumi.String(\"+12345678912\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Quick Connect\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.QuickConnect;\nimport com.pulumi.aws.connect.QuickConnectArgs;\nimport com.pulumi.aws.connect.inputs.QuickConnectQuickConnectConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new QuickConnect(\"test\", QuickConnectArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example Name\")\n .description(\"quick connect phone number\")\n .quickConnectConfig(QuickConnectQuickConnectConfigArgs.builder()\n .quickConnectType(\"PHONE_NUMBER\")\n .phoneConfigs(QuickConnectQuickConnectConfigPhoneConfigArgs.builder()\n .phoneNumber(\"+12345678912\")\n .build())\n .build())\n .tags(Map.of(\"Name\", \"Example Quick Connect\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:QuickConnect\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example Name\n description: quick connect phone number\n quickConnectConfig:\n quickConnectType: PHONE_NUMBER\n phoneConfigs:\n - phoneNumber: '+12345678912'\n tags:\n Name: Example Quick Connect\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Quick Connects using the `instance_id` and `quick_connect_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/quickConnect:QuickConnect example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Quick Connect.\n" }, "description": { "type": "string", "description": "Specifies the description of the Quick Connect.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Quick Connect.\n" }, "quickConnectConfig": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfig:QuickConnectQuickConnectConfig", "description": "A block that defines the configuration information for the Quick Connect: `quick_connect_type` and one of `phone_config`, `queue_config`, `user_config` . The Quick Connect Config block is documented below.\n" }, "quickConnectId": { "type": "string", "description": "The identifier for the Quick Connect.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Quick Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "instanceId", "name", "quickConnectConfig", "quickConnectId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the Quick Connect.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Quick Connect.\n" }, "quickConnectConfig": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfig:QuickConnectQuickConnectConfig", "description": "A block that defines the configuration information for the Quick Connect: `quick_connect_type` and one of `phone_config`, `queue_config`, `user_config` . The Quick Connect Config block is documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Quick Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceId", "quickConnectConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering QuickConnect resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Quick Connect.\n" }, "description": { "type": "string", "description": "Specifies the description of the Quick Connect.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Quick Connect.\n" }, "quickConnectConfig": { "$ref": "#/types/aws:connect/QuickConnectQuickConnectConfig:QuickConnectQuickConnectConfig", "description": "A block that defines the configuration information for the Quick Connect: `quick_connect_type` and one of `phone_config`, `queue_config`, `user_config` . The Quick Connect Config block is documented below.\n" }, "quickConnectId": { "type": "string", "description": "The identifier for the Quick Connect.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Quick Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/routingProfile:RoutingProfile": { "description": "Provides an Amazon Connect Routing Profile resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.RoutingProfile(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"example\",\n defaultOutboundQueueId: \"12345678-1234-1234-1234-123456789012\",\n description: \"example description\",\n mediaConcurrencies: [{\n channel: \"VOICE\",\n concurrency: 1,\n }],\n queueConfigs: [{\n channel: \"VOICE\",\n delay: 2,\n priority: 1,\n queueId: \"12345678-1234-1234-1234-123456789012\",\n }],\n tags: {\n Name: \"Example Routing Profile\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.RoutingProfile(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"example\",\n default_outbound_queue_id=\"12345678-1234-1234-1234-123456789012\",\n description=\"example description\",\n media_concurrencies=[{\n \"channel\": \"VOICE\",\n \"concurrency\": 1,\n }],\n queue_configs=[{\n \"channel\": \"VOICE\",\n \"delay\": 2,\n \"priority\": 1,\n \"queue_id\": \"12345678-1234-1234-1234-123456789012\",\n }],\n tags={\n \"Name\": \"Example Routing Profile\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.RoutingProfile(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"example\",\n DefaultOutboundQueueId = \"12345678-1234-1234-1234-123456789012\",\n Description = \"example description\",\n MediaConcurrencies = new[]\n {\n new Aws.Connect.Inputs.RoutingProfileMediaConcurrencyArgs\n {\n Channel = \"VOICE\",\n Concurrency = 1,\n },\n },\n QueueConfigs = new[]\n {\n new Aws.Connect.Inputs.RoutingProfileQueueConfigArgs\n {\n Channel = \"VOICE\",\n Delay = 2,\n Priority = 1,\n QueueId = \"12345678-1234-1234-1234-123456789012\",\n },\n },\n Tags = \n {\n { \"Name\", \"Example Routing Profile\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewRoutingProfile(ctx, \"example\", \u0026connect.RoutingProfileArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDefaultOutboundQueueId: pulumi.String(\"12345678-1234-1234-1234-123456789012\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tMediaConcurrencies: connect.RoutingProfileMediaConcurrencyArray{\n\t\t\t\t\u0026connect.RoutingProfileMediaConcurrencyArgs{\n\t\t\t\t\tChannel: pulumi.String(\"VOICE\"),\n\t\t\t\t\tConcurrency: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t\tQueueConfigs: connect.RoutingProfileQueueConfigArray{\n\t\t\t\t\u0026connect.RoutingProfileQueueConfigArgs{\n\t\t\t\t\tChannel: pulumi.String(\"VOICE\"),\n\t\t\t\t\tDelay: pulumi.Int(2),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tQueueId: pulumi.String(\"12345678-1234-1234-1234-123456789012\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Routing Profile\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.RoutingProfile;\nimport com.pulumi.aws.connect.RoutingProfileArgs;\nimport com.pulumi.aws.connect.inputs.RoutingProfileMediaConcurrencyArgs;\nimport com.pulumi.aws.connect.inputs.RoutingProfileQueueConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RoutingProfile(\"example\", RoutingProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"example\")\n .defaultOutboundQueueId(\"12345678-1234-1234-1234-123456789012\")\n .description(\"example description\")\n .mediaConcurrencies(RoutingProfileMediaConcurrencyArgs.builder()\n .channel(\"VOICE\")\n .concurrency(1)\n .build())\n .queueConfigs(RoutingProfileQueueConfigArgs.builder()\n .channel(\"VOICE\")\n .delay(2)\n .priority(1)\n .queueId(\"12345678-1234-1234-1234-123456789012\")\n .build())\n .tags(Map.of(\"Name\", \"Example Routing Profile\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:RoutingProfile\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: example\n defaultOutboundQueueId: 12345678-1234-1234-1234-123456789012\n description: example description\n mediaConcurrencies:\n - channel: VOICE\n concurrency: 1\n queueConfigs:\n - channel: VOICE\n delay: 2\n priority: 1\n queueId: 12345678-1234-1234-1234-123456789012\n tags:\n Name: Example Routing Profile\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Routing Profiles using the `instance_id` and `routing_profile_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/routingProfile:RoutingProfile example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Routing Profile.\n" }, "defaultOutboundQueueId": { "type": "string", "description": "Specifies the default outbound queue for the Routing Profile.\n" }, "description": { "type": "string", "description": "Specifies the description of the Routing Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "mediaConcurrencies": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileMediaConcurrency:RoutingProfileMediaConcurrency" }, "description": "One or more `media_concurrencies` blocks that specify the channels that agents can handle in the Contact Control Panel (CCP) for this Routing Profile. The `media_concurrencies` block is documented below.\n" }, "name": { "type": "string", "description": "Specifies the name of the Routing Profile.\n" }, "queueConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileQueueConfig:RoutingProfileQueueConfig" }, "description": "One or more `queue_configs` blocks that specify the inbound queues associated with the routing profile. If no queue is added, the agent only can make outbound calls. The `queue_configs` block is documented below.\n" }, "routingProfileId": { "type": "string", "description": "The identifier for the Routing Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Routing Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultOutboundQueueId", "description", "instanceId", "mediaConcurrencies", "name", "routingProfileId", "tagsAll" ], "inputProperties": { "defaultOutboundQueueId": { "type": "string", "description": "Specifies the default outbound queue for the Routing Profile.\n" }, "description": { "type": "string", "description": "Specifies the description of the Routing Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "mediaConcurrencies": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileMediaConcurrency:RoutingProfileMediaConcurrency" }, "description": "One or more `media_concurrencies` blocks that specify the channels that agents can handle in the Contact Control Panel (CCP) for this Routing Profile. The `media_concurrencies` block is documented below.\n" }, "name": { "type": "string", "description": "Specifies the name of the Routing Profile.\n" }, "queueConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileQueueConfig:RoutingProfileQueueConfig" }, "description": "One or more `queue_configs` blocks that specify the inbound queues associated with the routing profile. If no queue is added, the agent only can make outbound calls. The `queue_configs` block is documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Routing Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultOutboundQueueId", "description", "instanceId", "mediaConcurrencies" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoutingProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Routing Profile.\n" }, "defaultOutboundQueueId": { "type": "string", "description": "Specifies the default outbound queue for the Routing Profile.\n" }, "description": { "type": "string", "description": "Specifies the description of the Routing Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "mediaConcurrencies": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileMediaConcurrency:RoutingProfileMediaConcurrency" }, "description": "One or more `media_concurrencies` blocks that specify the channels that agents can handle in the Contact Control Panel (CCP) for this Routing Profile. The `media_concurrencies` block is documented below.\n" }, "name": { "type": "string", "description": "Specifies the name of the Routing Profile.\n" }, "queueConfigs": { "type": "array", "items": { "$ref": "#/types/aws:connect/RoutingProfileQueueConfig:RoutingProfileQueueConfig" }, "description": "One or more `queue_configs` blocks that specify the inbound queues associated with the routing profile. If no queue is added, the agent only can make outbound calls. The `queue_configs` block is documented below.\n" }, "routingProfileId": { "type": "string", "description": "The identifier for the Routing Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Routing Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/securityProfile:SecurityProfile": { "description": "Provides an Amazon Connect Security Profile resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.SecurityProfile(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"example\",\n description: \"example description\",\n permissions: [\n \"BasicAgentAccess\",\n \"OutboundCallAccess\",\n ],\n tags: {\n Name: \"Example Security Profile\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.SecurityProfile(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"example\",\n description=\"example description\",\n permissions=[\n \"BasicAgentAccess\",\n \"OutboundCallAccess\",\n ],\n tags={\n \"Name\": \"Example Security Profile\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.SecurityProfile(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"example\",\n Description = \"example description\",\n Permissions = new[]\n {\n \"BasicAgentAccess\",\n \"OutboundCallAccess\",\n },\n Tags = \n {\n { \"Name\", \"Example Security Profile\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewSecurityProfile(ctx, \"example\", \u0026connect.SecurityProfileArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"BasicAgentAccess\"),\n\t\t\t\tpulumi.String(\"OutboundCallAccess\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Security Profile\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.SecurityProfile;\nimport com.pulumi.aws.connect.SecurityProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityProfile(\"example\", SecurityProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"example\")\n .description(\"example description\")\n .permissions( \n \"BasicAgentAccess\",\n \"OutboundCallAccess\")\n .tags(Map.of(\"Name\", \"Example Security Profile\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:SecurityProfile\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: example\n description: example description\n permissions:\n - BasicAgentAccess\n - OutboundCallAccess\n tags:\n Name: Example Security Profile\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Security Profiles using the `instance_id` and `security_profile_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/securityProfile:SecurityProfile example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Security Profile.\n" }, "description": { "type": "string", "description": "Specifies the description of the Security Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Security Profile.\n" }, "organizationResourceId": { "type": "string", "description": "The organization resource identifier for the security profile.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of permissions assigned to the security profile.\n" }, "securityProfileId": { "type": "string", "description": "The identifier for the Security Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Security Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "instanceId", "name", "organizationResourceId", "securityProfileId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the Security Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Security Profile.\n", "willReplaceOnChanges": true }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of permissions assigned to the security profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Security Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Security Profile.\n" }, "description": { "type": "string", "description": "Specifies the description of the Security Profile.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "Specifies the name of the Security Profile.\n", "willReplaceOnChanges": true }, "organizationResourceId": { "type": "string", "description": "The organization resource identifier for the security profile.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of permissions assigned to the security profile.\n" }, "securityProfileId": { "type": "string", "description": "The identifier for the Security Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Security Profile. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/user:User": { "description": "Provides an Amazon Connect User resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.User(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n name: \"example\",\n password: \"Password123\",\n routingProfileId: exampleAwsConnectRoutingProfile.routingProfileId,\n securityProfileIds: [exampleAwsConnectSecurityProfile.securityProfileId],\n identityInfo: {\n firstName: \"example\",\n lastName: \"example2\",\n },\n phoneConfig: {\n afterContactWorkTimeLimit: 0,\n phoneType: \"SOFT_PHONE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.User(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n name=\"example\",\n password=\"Password123\",\n routing_profile_id=example_aws_connect_routing_profile[\"routingProfileId\"],\n security_profile_ids=[example_aws_connect_security_profile[\"securityProfileId\"]],\n identity_info={\n \"first_name\": \"example\",\n \"last_name\": \"example2\",\n },\n phone_config={\n \"after_contact_work_time_limit\": 0,\n \"phone_type\": \"SOFT_PHONE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.User(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n Name = \"example\",\n Password = \"Password123\",\n RoutingProfileId = exampleAwsConnectRoutingProfile.RoutingProfileId,\n SecurityProfileIds = new[]\n {\n exampleAwsConnectSecurityProfile.SecurityProfileId,\n },\n IdentityInfo = new Aws.Connect.Inputs.UserIdentityInfoArgs\n {\n FirstName = \"example\",\n LastName = \"example2\",\n },\n PhoneConfig = new Aws.Connect.Inputs.UserPhoneConfigArgs\n {\n AfterContactWorkTimeLimit = 0,\n PhoneType = \"SOFT_PHONE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUser(ctx, \"example\", \u0026connect.UserArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPassword: pulumi.String(\"Password123\"),\n\t\t\tRoutingProfileId: pulumi.Any(exampleAwsConnectRoutingProfile.RoutingProfileId),\n\t\t\tSecurityProfileIds: pulumi.StringArray{\n\t\t\t\texampleAwsConnectSecurityProfile.SecurityProfileId,\n\t\t\t},\n\t\t\tIdentityInfo: \u0026connect.UserIdentityInfoArgs{\n\t\t\t\tFirstName: pulumi.String(\"example\"),\n\t\t\t\tLastName: pulumi.String(\"example2\"),\n\t\t\t},\n\t\t\tPhoneConfig: \u0026connect.UserPhoneConfigArgs{\n\t\t\t\tAfterContactWorkTimeLimit: pulumi.Int(0),\n\t\t\t\tPhoneType: pulumi.String(\"SOFT_PHONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.User;\nimport com.pulumi.aws.connect.UserArgs;\nimport com.pulumi.aws.connect.inputs.UserIdentityInfoArgs;\nimport com.pulumi.aws.connect.inputs.UserPhoneConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .name(\"example\")\n .password(\"Password123\")\n .routingProfileId(exampleAwsConnectRoutingProfile.routingProfileId())\n .securityProfileIds(exampleAwsConnectSecurityProfile.securityProfileId())\n .identityInfo(UserIdentityInfoArgs.builder()\n .firstName(\"example\")\n .lastName(\"example2\")\n .build())\n .phoneConfig(UserPhoneConfigArgs.builder()\n .afterContactWorkTimeLimit(0)\n .phoneType(\"SOFT_PHONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:User\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n name: example\n password: Password123\n routingProfileId: ${exampleAwsConnectRoutingProfile.routingProfileId}\n securityProfileIds:\n - ${exampleAwsConnectSecurityProfile.securityProfileId}\n identityInfo:\n firstName: example\n lastName: example2\n phoneConfig:\n afterContactWorkTimeLimit: 0\n phoneType: SOFT_PHONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With hierarchy_group_id\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.User(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n name: \"example\",\n password: \"Password123\",\n routingProfileId: exampleAwsConnectRoutingProfile.routingProfileId,\n hierarchyGroupId: exampleAwsConnectUserHierarchyGroup.hierarchyGroupId,\n securityProfileIds: [exampleAwsConnectSecurityProfile.securityProfileId],\n identityInfo: {\n firstName: \"example\",\n lastName: \"example2\",\n },\n phoneConfig: {\n afterContactWorkTimeLimit: 0,\n phoneType: \"SOFT_PHONE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.User(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n name=\"example\",\n password=\"Password123\",\n routing_profile_id=example_aws_connect_routing_profile[\"routingProfileId\"],\n hierarchy_group_id=example_aws_connect_user_hierarchy_group[\"hierarchyGroupId\"],\n security_profile_ids=[example_aws_connect_security_profile[\"securityProfileId\"]],\n identity_info={\n \"first_name\": \"example\",\n \"last_name\": \"example2\",\n },\n phone_config={\n \"after_contact_work_time_limit\": 0,\n \"phone_type\": \"SOFT_PHONE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.User(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n Name = \"example\",\n Password = \"Password123\",\n RoutingProfileId = exampleAwsConnectRoutingProfile.RoutingProfileId,\n HierarchyGroupId = exampleAwsConnectUserHierarchyGroup.HierarchyGroupId,\n SecurityProfileIds = new[]\n {\n exampleAwsConnectSecurityProfile.SecurityProfileId,\n },\n IdentityInfo = new Aws.Connect.Inputs.UserIdentityInfoArgs\n {\n FirstName = \"example\",\n LastName = \"example2\",\n },\n PhoneConfig = new Aws.Connect.Inputs.UserPhoneConfigArgs\n {\n AfterContactWorkTimeLimit = 0,\n PhoneType = \"SOFT_PHONE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUser(ctx, \"example\", \u0026connect.UserArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPassword: pulumi.String(\"Password123\"),\n\t\t\tRoutingProfileId: pulumi.Any(exampleAwsConnectRoutingProfile.RoutingProfileId),\n\t\t\tHierarchyGroupId: pulumi.Any(exampleAwsConnectUserHierarchyGroup.HierarchyGroupId),\n\t\t\tSecurityProfileIds: pulumi.StringArray{\n\t\t\t\texampleAwsConnectSecurityProfile.SecurityProfileId,\n\t\t\t},\n\t\t\tIdentityInfo: \u0026connect.UserIdentityInfoArgs{\n\t\t\t\tFirstName: pulumi.String(\"example\"),\n\t\t\t\tLastName: pulumi.String(\"example2\"),\n\t\t\t},\n\t\t\tPhoneConfig: \u0026connect.UserPhoneConfigArgs{\n\t\t\t\tAfterContactWorkTimeLimit: pulumi.Int(0),\n\t\t\t\tPhoneType: pulumi.String(\"SOFT_PHONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.User;\nimport com.pulumi.aws.connect.UserArgs;\nimport com.pulumi.aws.connect.inputs.UserIdentityInfoArgs;\nimport com.pulumi.aws.connect.inputs.UserPhoneConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .name(\"example\")\n .password(\"Password123\")\n .routingProfileId(exampleAwsConnectRoutingProfile.routingProfileId())\n .hierarchyGroupId(exampleAwsConnectUserHierarchyGroup.hierarchyGroupId())\n .securityProfileIds(exampleAwsConnectSecurityProfile.securityProfileId())\n .identityInfo(UserIdentityInfoArgs.builder()\n .firstName(\"example\")\n .lastName(\"example2\")\n .build())\n .phoneConfig(UserPhoneConfigArgs.builder()\n .afterContactWorkTimeLimit(0)\n .phoneType(\"SOFT_PHONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:User\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n name: example\n password: Password123\n routingProfileId: ${exampleAwsConnectRoutingProfile.routingProfileId}\n hierarchyGroupId: ${exampleAwsConnectUserHierarchyGroup.hierarchyGroupId}\n securityProfileIds:\n - ${exampleAwsConnectSecurityProfile.securityProfileId}\n identityInfo:\n firstName: example\n lastName: example2\n phoneConfig:\n afterContactWorkTimeLimit: 0\n phoneType: SOFT_PHONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With identity_info filled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.User(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n name: \"example\",\n password: \"Password123\",\n routingProfileId: exampleAwsConnectRoutingProfile.routingProfileId,\n securityProfileIds: [exampleAwsConnectSecurityProfile.securityProfileId],\n identityInfo: {\n email: \"example@example.com\",\n firstName: \"example\",\n lastName: \"example2\",\n },\n phoneConfig: {\n afterContactWorkTimeLimit: 0,\n phoneType: \"SOFT_PHONE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.User(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n name=\"example\",\n password=\"Password123\",\n routing_profile_id=example_aws_connect_routing_profile[\"routingProfileId\"],\n security_profile_ids=[example_aws_connect_security_profile[\"securityProfileId\"]],\n identity_info={\n \"email\": \"example@example.com\",\n \"first_name\": \"example\",\n \"last_name\": \"example2\",\n },\n phone_config={\n \"after_contact_work_time_limit\": 0,\n \"phone_type\": \"SOFT_PHONE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.User(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n Name = \"example\",\n Password = \"Password123\",\n RoutingProfileId = exampleAwsConnectRoutingProfile.RoutingProfileId,\n SecurityProfileIds = new[]\n {\n exampleAwsConnectSecurityProfile.SecurityProfileId,\n },\n IdentityInfo = new Aws.Connect.Inputs.UserIdentityInfoArgs\n {\n Email = \"example@example.com\",\n FirstName = \"example\",\n LastName = \"example2\",\n },\n PhoneConfig = new Aws.Connect.Inputs.UserPhoneConfigArgs\n {\n AfterContactWorkTimeLimit = 0,\n PhoneType = \"SOFT_PHONE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUser(ctx, \"example\", \u0026connect.UserArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPassword: pulumi.String(\"Password123\"),\n\t\t\tRoutingProfileId: pulumi.Any(exampleAwsConnectRoutingProfile.RoutingProfileId),\n\t\t\tSecurityProfileIds: pulumi.StringArray{\n\t\t\t\texampleAwsConnectSecurityProfile.SecurityProfileId,\n\t\t\t},\n\t\t\tIdentityInfo: \u0026connect.UserIdentityInfoArgs{\n\t\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\t\tFirstName: pulumi.String(\"example\"),\n\t\t\t\tLastName: pulumi.String(\"example2\"),\n\t\t\t},\n\t\t\tPhoneConfig: \u0026connect.UserPhoneConfigArgs{\n\t\t\t\tAfterContactWorkTimeLimit: pulumi.Int(0),\n\t\t\t\tPhoneType: pulumi.String(\"SOFT_PHONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.User;\nimport com.pulumi.aws.connect.UserArgs;\nimport com.pulumi.aws.connect.inputs.UserIdentityInfoArgs;\nimport com.pulumi.aws.connect.inputs.UserPhoneConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .name(\"example\")\n .password(\"Password123\")\n .routingProfileId(exampleAwsConnectRoutingProfile.routingProfileId())\n .securityProfileIds(exampleAwsConnectSecurityProfile.securityProfileId())\n .identityInfo(UserIdentityInfoArgs.builder()\n .email(\"example@example.com\")\n .firstName(\"example\")\n .lastName(\"example2\")\n .build())\n .phoneConfig(UserPhoneConfigArgs.builder()\n .afterContactWorkTimeLimit(0)\n .phoneType(\"SOFT_PHONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:User\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n name: example\n password: Password123\n routingProfileId: ${exampleAwsConnectRoutingProfile.routingProfileId}\n securityProfileIds:\n - ${exampleAwsConnectSecurityProfile.securityProfileId}\n identityInfo:\n email: example@example.com\n firstName: example\n lastName: example2\n phoneConfig:\n afterContactWorkTimeLimit: 0\n phoneType: SOFT_PHONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With phone_config phone type as desk phone\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.User(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n name: \"example\",\n password: \"Password123\",\n routingProfileId: exampleAwsConnectRoutingProfile.routingProfileId,\n securityProfileIds: [exampleAwsConnectSecurityProfile.securityProfileId],\n phoneConfig: {\n afterContactWorkTimeLimit: 0,\n phoneType: \"SOFT_PHONE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.User(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n name=\"example\",\n password=\"Password123\",\n routing_profile_id=example_aws_connect_routing_profile[\"routingProfileId\"],\n security_profile_ids=[example_aws_connect_security_profile[\"securityProfileId\"]],\n phone_config={\n \"after_contact_work_time_limit\": 0,\n \"phone_type\": \"SOFT_PHONE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.User(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n Name = \"example\",\n Password = \"Password123\",\n RoutingProfileId = exampleAwsConnectRoutingProfile.RoutingProfileId,\n SecurityProfileIds = new[]\n {\n exampleAwsConnectSecurityProfile.SecurityProfileId,\n },\n PhoneConfig = new Aws.Connect.Inputs.UserPhoneConfigArgs\n {\n AfterContactWorkTimeLimit = 0,\n PhoneType = \"SOFT_PHONE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUser(ctx, \"example\", \u0026connect.UserArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPassword: pulumi.String(\"Password123\"),\n\t\t\tRoutingProfileId: pulumi.Any(exampleAwsConnectRoutingProfile.RoutingProfileId),\n\t\t\tSecurityProfileIds: pulumi.StringArray{\n\t\t\t\texampleAwsConnectSecurityProfile.SecurityProfileId,\n\t\t\t},\n\t\t\tPhoneConfig: \u0026connect.UserPhoneConfigArgs{\n\t\t\t\tAfterContactWorkTimeLimit: pulumi.Int(0),\n\t\t\t\tPhoneType: pulumi.String(\"SOFT_PHONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.User;\nimport com.pulumi.aws.connect.UserArgs;\nimport com.pulumi.aws.connect.inputs.UserPhoneConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .name(\"example\")\n .password(\"Password123\")\n .routingProfileId(exampleAwsConnectRoutingProfile.routingProfileId())\n .securityProfileIds(exampleAwsConnectSecurityProfile.securityProfileId())\n .phoneConfig(UserPhoneConfigArgs.builder()\n .afterContactWorkTimeLimit(0)\n .phoneType(\"SOFT_PHONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:User\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n name: example\n password: Password123\n routingProfileId: ${exampleAwsConnectRoutingProfile.routingProfileId}\n securityProfileIds:\n - ${exampleAwsConnectSecurityProfile.securityProfileId}\n phoneConfig:\n afterContactWorkTimeLimit: 0\n phoneType: SOFT_PHONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With multiple Security profile ids specified in security_profile_ids\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.User(\"example\", {\n instanceId: exampleAwsConnectInstance.id,\n name: \"example\",\n password: \"Password123\",\n routingProfileId: exampleAwsConnectRoutingProfile.routingProfileId,\n securityProfileIds: [\n exampleAwsConnectSecurityProfile.securityProfileId,\n example2.securityProfileId,\n ],\n phoneConfig: {\n afterContactWorkTimeLimit: 0,\n autoAccept: false,\n deskPhoneNumber: \"+112345678912\",\n phoneType: \"DESK_PHONE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.User(\"example\",\n instance_id=example_aws_connect_instance[\"id\"],\n name=\"example\",\n password=\"Password123\",\n routing_profile_id=example_aws_connect_routing_profile[\"routingProfileId\"],\n security_profile_ids=[\n example_aws_connect_security_profile[\"securityProfileId\"],\n example2[\"securityProfileId\"],\n ],\n phone_config={\n \"after_contact_work_time_limit\": 0,\n \"auto_accept\": False,\n \"desk_phone_number\": \"+112345678912\",\n \"phone_type\": \"DESK_PHONE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.User(\"example\", new()\n {\n InstanceId = exampleAwsConnectInstance.Id,\n Name = \"example\",\n Password = \"Password123\",\n RoutingProfileId = exampleAwsConnectRoutingProfile.RoutingProfileId,\n SecurityProfileIds = new[]\n {\n exampleAwsConnectSecurityProfile.SecurityProfileId,\n example2.SecurityProfileId,\n },\n PhoneConfig = new Aws.Connect.Inputs.UserPhoneConfigArgs\n {\n AfterContactWorkTimeLimit = 0,\n AutoAccept = false,\n DeskPhoneNumber = \"+112345678912\",\n PhoneType = \"DESK_PHONE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUser(ctx, \"example\", \u0026connect.UserArgs{\n\t\t\tInstanceId: pulumi.Any(exampleAwsConnectInstance.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPassword: pulumi.String(\"Password123\"),\n\t\t\tRoutingProfileId: pulumi.Any(exampleAwsConnectRoutingProfile.RoutingProfileId),\n\t\t\tSecurityProfileIds: pulumi.StringArray{\n\t\t\t\texampleAwsConnectSecurityProfile.SecurityProfileId,\n\t\t\t\texample2.SecurityProfileId,\n\t\t\t},\n\t\t\tPhoneConfig: \u0026connect.UserPhoneConfigArgs{\n\t\t\t\tAfterContactWorkTimeLimit: pulumi.Int(0),\n\t\t\t\tAutoAccept: pulumi.Bool(false),\n\t\t\t\tDeskPhoneNumber: pulumi.String(\"+112345678912\"),\n\t\t\t\tPhoneType: pulumi.String(\"DESK_PHONE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.User;\nimport com.pulumi.aws.connect.UserArgs;\nimport com.pulumi.aws.connect.inputs.UserPhoneConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .instanceId(exampleAwsConnectInstance.id())\n .name(\"example\")\n .password(\"Password123\")\n .routingProfileId(exampleAwsConnectRoutingProfile.routingProfileId())\n .securityProfileIds( \n exampleAwsConnectSecurityProfile.securityProfileId(),\n example2.securityProfileId())\n .phoneConfig(UserPhoneConfigArgs.builder()\n .afterContactWorkTimeLimit(0)\n .autoAccept(false)\n .deskPhoneNumber(\"+112345678912\")\n .phoneType(\"DESK_PHONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:User\n properties:\n instanceId: ${exampleAwsConnectInstance.id}\n name: example\n password: Password123\n routingProfileId: ${exampleAwsConnectRoutingProfile.routingProfileId}\n securityProfileIds:\n - ${exampleAwsConnectSecurityProfile.securityProfileId}\n - ${example2.securityProfileId}\n phoneConfig:\n afterContactWorkTimeLimit: 0\n autoAccept: false\n deskPhoneNumber: '+112345678912'\n phoneType: DESK_PHONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Users using the `instance_id` and `user_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/user:User example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the user.\n" }, "directoryUserId": { "type": "string", "description": "The identifier of the user account in the directory used for identity management. If Amazon Connect cannot access the directory, you can specify this identifier to authenticate users. If you include the identifier, we assume that Amazon Connect cannot access the directory. Otherwise, the identity information is used to authenticate users from your directory. This parameter is required if you are using an existing directory for identity management in Amazon Connect when Amazon Connect cannot access your directory to authenticate users. If you are using SAML for identity management and include this parameter, an error is returned.\n" }, "hierarchyGroupId": { "type": "string", "description": "The identifier of the hierarchy group for the user.\n" }, "identityInfo": { "$ref": "#/types/aws:connect/UserIdentityInfo:UserIdentityInfo", "description": "A block that contains information about the identity of the user. Documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "The user name for the account. For instances not using SAML for identity management, the user name can include up to 20 characters. If you are using SAML for identity management, the user name can include up to 64 characters from `[a-zA-Z0-9_-.\\@]+`.\n" }, "password": { "type": "string", "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password.\n", "secret": true }, "phoneConfig": { "$ref": "#/types/aws:connect/UserPhoneConfig:UserPhoneConfig", "description": "A block that contains information about the phone settings for the user. Documented below.\n" }, "routingProfileId": { "type": "string", "description": "The identifier of the routing profile for the user.\n" }, "securityProfileIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers for the security profiles for the user. Specify a minimum of 1 and maximum of 10 security profile ids. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the user. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userId": { "type": "string", "description": "The identifier for the user.\n" } }, "required": [ "arn", "directoryUserId", "instanceId", "name", "phoneConfig", "routingProfileId", "securityProfileIds", "tagsAll", "userId" ], "inputProperties": { "directoryUserId": { "type": "string", "description": "The identifier of the user account in the directory used for identity management. If Amazon Connect cannot access the directory, you can specify this identifier to authenticate users. If you include the identifier, we assume that Amazon Connect cannot access the directory. Otherwise, the identity information is used to authenticate users from your directory. This parameter is required if you are using an existing directory for identity management in Amazon Connect when Amazon Connect cannot access your directory to authenticate users. If you are using SAML for identity management and include this parameter, an error is returned.\n" }, "hierarchyGroupId": { "type": "string", "description": "The identifier of the hierarchy group for the user.\n" }, "identityInfo": { "$ref": "#/types/aws:connect/UserIdentityInfo:UserIdentityInfo", "description": "A block that contains information about the identity of the user. Documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The user name for the account. For instances not using SAML for identity management, the user name can include up to 20 characters. If you are using SAML for identity management, the user name can include up to 64 characters from `[a-zA-Z0-9_-.\\@]+`.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password.\n", "secret": true }, "phoneConfig": { "$ref": "#/types/aws:connect/UserPhoneConfig:UserPhoneConfig", "description": "A block that contains information about the phone settings for the user. Documented below.\n" }, "routingProfileId": { "type": "string", "description": "The identifier of the routing profile for the user.\n" }, "securityProfileIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers for the security profiles for the user. Specify a minimum of 1 and maximum of 10 security profile ids. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the user. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceId", "phoneConfig", "routingProfileId", "securityProfileIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the user.\n" }, "directoryUserId": { "type": "string", "description": "The identifier of the user account in the directory used for identity management. If Amazon Connect cannot access the directory, you can specify this identifier to authenticate users. If you include the identifier, we assume that Amazon Connect cannot access the directory. Otherwise, the identity information is used to authenticate users from your directory. This parameter is required if you are using an existing directory for identity management in Amazon Connect when Amazon Connect cannot access your directory to authenticate users. If you are using SAML for identity management and include this parameter, an error is returned.\n" }, "hierarchyGroupId": { "type": "string", "description": "The identifier of the hierarchy group for the user.\n" }, "identityInfo": { "$ref": "#/types/aws:connect/UserIdentityInfo:UserIdentityInfo", "description": "A block that contains information about the identity of the user. Documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The user name for the account. For instances not using SAML for identity management, the user name can include up to 20 characters. If you are using SAML for identity management, the user name can include up to 64 characters from `[a-zA-Z0-9_-.\\@]+`.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password.\n", "secret": true }, "phoneConfig": { "$ref": "#/types/aws:connect/UserPhoneConfig:UserPhoneConfig", "description": "A block that contains information about the phone settings for the user. Documented below.\n" }, "routingProfileId": { "type": "string", "description": "The identifier of the routing profile for the user.\n" }, "securityProfileIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers for the security profiles for the user. Specify a minimum of 1 and maximum of 10 security profile ids. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the user. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userId": { "type": "string", "description": "The identifier for the user.\n" } }, "type": "object" } }, "aws:connect/userHierarchyGroup:UserHierarchyGroup": { "description": "Provides an Amazon Connect User Hierarchy Group resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n\u003e **NOTE:** The User Hierarchy Structure must be created before creating a User Hierarchy Group.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.UserHierarchyGroup(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"example\",\n tags: {\n Name: \"Example User Hierarchy Group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.UserHierarchyGroup(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"example\",\n tags={\n \"Name\": \"Example User Hierarchy Group\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.UserHierarchyGroup(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"example\",\n Tags = \n {\n { \"Name\", \"Example User Hierarchy Group\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUserHierarchyGroup(ctx, \"example\", \u0026connect.UserHierarchyGroupArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example User Hierarchy Group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.UserHierarchyGroup;\nimport com.pulumi.aws.connect.UserHierarchyGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserHierarchyGroup(\"example\", UserHierarchyGroupArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"example\")\n .tags(Map.of(\"Name\", \"Example User Hierarchy Group\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:UserHierarchyGroup\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: example\n tags:\n Name: Example User Hierarchy Group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With a parent group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst parent = new aws.connect.UserHierarchyGroup(\"parent\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"parent\",\n tags: {\n Name: \"Example User Hierarchy Group Parent\",\n },\n});\nconst child = new aws.connect.UserHierarchyGroup(\"child\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"child\",\n parentGroupId: parent.hierarchyGroupId,\n tags: {\n Name: \"Example User Hierarchy Group Child\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nparent = aws.connect.UserHierarchyGroup(\"parent\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"parent\",\n tags={\n \"Name\": \"Example User Hierarchy Group Parent\",\n })\nchild = aws.connect.UserHierarchyGroup(\"child\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"child\",\n parent_group_id=parent.hierarchy_group_id,\n tags={\n \"Name\": \"Example User Hierarchy Group Child\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parent = new Aws.Connect.UserHierarchyGroup(\"parent\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"parent\",\n Tags = \n {\n { \"Name\", \"Example User Hierarchy Group Parent\" },\n },\n });\n\n var child = new Aws.Connect.UserHierarchyGroup(\"child\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"child\",\n ParentGroupId = parent.HierarchyGroupId,\n Tags = \n {\n { \"Name\", \"Example User Hierarchy Group Child\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tparent, err := connect.NewUserHierarchyGroup(ctx, \"parent\", \u0026connect.UserHierarchyGroupArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"parent\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example User Hierarchy Group Parent\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewUserHierarchyGroup(ctx, \"child\", \u0026connect.UserHierarchyGroupArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"child\"),\n\t\t\tParentGroupId: parent.HierarchyGroupId,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example User Hierarchy Group Child\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.UserHierarchyGroup;\nimport com.pulumi.aws.connect.UserHierarchyGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parent = new UserHierarchyGroup(\"parent\", UserHierarchyGroupArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"parent\")\n .tags(Map.of(\"Name\", \"Example User Hierarchy Group Parent\"))\n .build());\n\n var child = new UserHierarchyGroup(\"child\", UserHierarchyGroupArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"child\")\n .parentGroupId(parent.hierarchyGroupId())\n .tags(Map.of(\"Name\", \"Example User Hierarchy Group Child\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parent:\n type: aws:connect:UserHierarchyGroup\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: parent\n tags:\n Name: Example User Hierarchy Group Parent\n child:\n type: aws:connect:UserHierarchyGroup\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: child\n parentGroupId: ${parent.hierarchyGroupId}\n tags:\n Name: Example User Hierarchy Group Child\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect User Hierarchy Groups using the `instance_id` and `hierarchy_group_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/userHierarchyGroup:UserHierarchyGroup example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "hierarchyGroupId": { "type": "string", "description": "The identifier for the hierarchy group.\n" }, "hierarchyPaths": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPath:UserHierarchyGroupHierarchyPath" }, "description": "A block that contains information about the levels in the hierarchy group. The `hierarchy_path` block is documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "levelId": { "type": "string", "description": "The identifier of the level in the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" }, "parentGroupId": { "type": "string", "description": "The identifier for the parent hierarchy group. The user hierarchy is created at level one if the parent group ID is null.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the hierarchy group. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "hierarchyGroupId", "hierarchyPaths", "instanceId", "levelId", "name", "tagsAll" ], "inputProperties": { "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" }, "parentGroupId": { "type": "string", "description": "The identifier for the parent hierarchy group. The user hierarchy is created at level one if the parent group ID is null.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the hierarchy group. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserHierarchyGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the hierarchy group.\n" }, "hierarchyGroupId": { "type": "string", "description": "The identifier for the hierarchy group.\n" }, "hierarchyPaths": { "type": "array", "items": { "$ref": "#/types/aws:connect/UserHierarchyGroupHierarchyPath:UserHierarchyGroupHierarchyPath" }, "description": "A block that contains information about the levels in the hierarchy group. The `hierarchy_path` block is documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "levelId": { "type": "string", "description": "The identifier of the level in the hierarchy group.\n" }, "name": { "type": "string", "description": "The name of the user hierarchy group. Must not be more than 100 characters.\n" }, "parentGroupId": { "type": "string", "description": "The identifier for the parent hierarchy group. The user hierarchy is created at level one if the parent group ID is null.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the hierarchy group. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:connect/userHierarchyStructure:UserHierarchyStructure": { "description": "Provides an Amazon Connect User Hierarchy Structure resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.UserHierarchyStructure(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchyStructure: {\n levelOne: {\n name: \"levelone\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.UserHierarchyStructure(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchy_structure={\n \"level_one\": {\n \"name\": \"levelone\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.UserHierarchyStructure(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n HierarchyStructure = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureArgs\n {\n LevelOne = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelOneArgs\n {\n Name = \"levelone\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUserHierarchyStructure(ctx, \"example\", \u0026connect.UserHierarchyStructureArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tHierarchyStructure: \u0026connect.UserHierarchyStructureHierarchyStructureArgs{\n\t\t\t\tLevelOne: \u0026connect.UserHierarchyStructureHierarchyStructureLevelOneArgs{\n\t\t\t\t\tName: pulumi.String(\"levelone\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.UserHierarchyStructure;\nimport com.pulumi.aws.connect.UserHierarchyStructureArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelOneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserHierarchyStructure(\"example\", UserHierarchyStructureArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .hierarchyStructure(UserHierarchyStructureHierarchyStructureArgs.builder()\n .levelOne(UserHierarchyStructureHierarchyStructureLevelOneArgs.builder()\n .name(\"levelone\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:UserHierarchyStructure\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n hierarchyStructure:\n levelOne:\n name: levelone\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Five Levels\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.UserHierarchyStructure(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchyStructure: {\n levelOne: {\n name: \"levelone\",\n },\n levelTwo: {\n name: \"leveltwo\",\n },\n levelThree: {\n name: \"levelthree\",\n },\n levelFour: {\n name: \"levelfour\",\n },\n levelFive: {\n name: \"levelfive\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.UserHierarchyStructure(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchy_structure={\n \"level_one\": {\n \"name\": \"levelone\",\n },\n \"level_two\": {\n \"name\": \"leveltwo\",\n },\n \"level_three\": {\n \"name\": \"levelthree\",\n },\n \"level_four\": {\n \"name\": \"levelfour\",\n },\n \"level_five\": {\n \"name\": \"levelfive\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.UserHierarchyStructure(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n HierarchyStructure = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureArgs\n {\n LevelOne = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelOneArgs\n {\n Name = \"levelone\",\n },\n LevelTwo = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelTwoArgs\n {\n Name = \"leveltwo\",\n },\n LevelThree = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelThreeArgs\n {\n Name = \"levelthree\",\n },\n LevelFour = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelFourArgs\n {\n Name = \"levelfour\",\n },\n LevelFive = new Aws.Connect.Inputs.UserHierarchyStructureHierarchyStructureLevelFiveArgs\n {\n Name = \"levelfive\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewUserHierarchyStructure(ctx, \"example\", \u0026connect.UserHierarchyStructureArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tHierarchyStructure: \u0026connect.UserHierarchyStructureHierarchyStructureArgs{\n\t\t\t\tLevelOne: \u0026connect.UserHierarchyStructureHierarchyStructureLevelOneArgs{\n\t\t\t\t\tName: pulumi.String(\"levelone\"),\n\t\t\t\t},\n\t\t\t\tLevelTwo: \u0026connect.UserHierarchyStructureHierarchyStructureLevelTwoArgs{\n\t\t\t\t\tName: pulumi.String(\"leveltwo\"),\n\t\t\t\t},\n\t\t\t\tLevelThree: \u0026connect.UserHierarchyStructureHierarchyStructureLevelThreeArgs{\n\t\t\t\t\tName: pulumi.String(\"levelthree\"),\n\t\t\t\t},\n\t\t\t\tLevelFour: \u0026connect.UserHierarchyStructureHierarchyStructureLevelFourArgs{\n\t\t\t\t\tName: pulumi.String(\"levelfour\"),\n\t\t\t\t},\n\t\t\t\tLevelFive: \u0026connect.UserHierarchyStructureHierarchyStructureLevelFiveArgs{\n\t\t\t\t\tName: pulumi.String(\"levelfive\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.UserHierarchyStructure;\nimport com.pulumi.aws.connect.UserHierarchyStructureArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelOneArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelTwoArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelThreeArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelFourArgs;\nimport com.pulumi.aws.connect.inputs.UserHierarchyStructureHierarchyStructureLevelFiveArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserHierarchyStructure(\"example\", UserHierarchyStructureArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .hierarchyStructure(UserHierarchyStructureHierarchyStructureArgs.builder()\n .levelOne(UserHierarchyStructureHierarchyStructureLevelOneArgs.builder()\n .name(\"levelone\")\n .build())\n .levelTwo(UserHierarchyStructureHierarchyStructureLevelTwoArgs.builder()\n .name(\"leveltwo\")\n .build())\n .levelThree(UserHierarchyStructureHierarchyStructureLevelThreeArgs.builder()\n .name(\"levelthree\")\n .build())\n .levelFour(UserHierarchyStructureHierarchyStructureLevelFourArgs.builder()\n .name(\"levelfour\")\n .build())\n .levelFive(UserHierarchyStructureHierarchyStructureLevelFiveArgs.builder()\n .name(\"levelfive\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:UserHierarchyStructure\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n hierarchyStructure:\n levelOne:\n name: levelone\n levelTwo:\n name: leveltwo\n levelThree:\n name: levelthree\n levelFour:\n name: levelfour\n levelFive:\n name: levelfive\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect User Hierarchy Structures using the `instance_id`. For example:\n\n```sh\n$ pulumi import aws:connect/userHierarchyStructure:UserHierarchyStructure example f1288a1f-6193-445a-b47e-af739b2\n```\n", "properties": { "hierarchyStructure": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructure:UserHierarchyStructureHierarchyStructure", "description": "A block that defines the hierarchy structure's levels. The `hierarchy_structure` block is documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" } }, "required": [ "hierarchyStructure", "instanceId" ], "inputProperties": { "hierarchyStructure": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructure:UserHierarchyStructureHierarchyStructure", "description": "A block that defines the hierarchy structure's levels. The `hierarchy_structure` block is documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" } }, "requiredInputs": [ "hierarchyStructure", "instanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserHierarchyStructure resources.\n", "properties": { "hierarchyStructure": { "$ref": "#/types/aws:connect/UserHierarchyStructureHierarchyStructure:UserHierarchyStructureHierarchyStructure", "description": "A block that defines the hierarchy structure's levels. The `hierarchy_structure` block is documented below.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" } }, "type": "object" } }, "aws:connect/vocabulary:Vocabulary": { "description": "Provides an Amazon Connect Vocabulary resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.Vocabulary(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"example\",\n content: `Phrase\\x09IPA\\x09SoundsLike\\x09DisplayAs\nLos-Angeles\\x09\\x09\\x09Los Angeles\nF.B.I.\\x09ɛ f b i aɪ\\x09\\x09FBI\nEtienne\\x09\\x09eh-tee-en\\x09`,\n languageCode: \"en-US\",\n tags: {\n Key1: \"Value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.Vocabulary(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"example\",\n content=\"\"\"Phrase\\x09IPA\\x09SoundsLike\\x09DisplayAs\nLos-Angeles\\x09\\x09\\x09Los Angeles\nF.B.I.\\x09ɛ f b i aɪ\\x09\\x09FBI\nEtienne\\x09\\x09eh-tee-en\\x09\"\"\",\n language_code=\"en-US\",\n tags={\n \"Key1\": \"Value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.Vocabulary(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"example\",\n Content = @\"Phrase\tIPA\tSoundsLike\tDisplayAs\nLos-Angeles\t\t\tLos Angeles\nF.B.I.\tɛ f b i aɪ\t\tFBI\nEtienne\t\teh-tee-en\t\",\n LanguageCode = \"en-US\",\n Tags = \n {\n { \"Key1\", \"Value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.NewVocabulary(ctx, \"example\", \u0026connect.VocabularyArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tContent: pulumi.String(\"Phrase\tIPA\tSoundsLike\tDisplayAs\\nLos-Angeles\t\t\tLos Angeles\\nF.B.I.\tɛ f b i aɪ\t\tFBI\\nEtienne\t\teh-tee-en\t\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.Vocabulary;\nimport com.pulumi.aws.connect.VocabularyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vocabulary(\"example\", VocabularyArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"example\")\n .content(\"\"\"\nPhrase\tIPA\tSoundsLike\tDisplayAs\nLos-Angeles\t\t\tLos Angeles\nF.B.I.\tɛ f b i aɪ\t\tFBI\nEtienne\t\teh-tee-en\t \"\"\")\n .languageCode(\"en-US\")\n .tags(Map.of(\"Key1\", \"Value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:Vocabulary\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: example\n content: |-\n Phrase\tIPA\tSoundsLike\tDisplayAs\n Los-Angeles\t\t\tLos Angeles\n F.B.I.\tɛ f b i aɪ\t\tFBI\n Etienne\t\teh-tee-en\t\n languageCode: en-US\n tags:\n Key1: Value1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Vocabularies using the `instance_id` and `vocabulary_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/vocabulary:Vocabulary example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the vocabulary.\n" }, "content": { "type": "string", "description": "The content of the custom vocabulary in plain-text format with a table of values. Each row in the table represents a word or a phrase, described with Phrase, IPA, SoundsLike, and DisplayAs fields. Separate the fields with TAB characters. For more information, see [Create a custom vocabulary using a table](https://docs.aws.amazon.com/transcribe/latest/dg/custom-vocabulary.html#create-vocabulary-table). Minimum length of `1`. Maximum length of `60000`.\n" }, "failureReason": { "type": "string", "description": "The reason why the custom vocabulary was not created.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n" }, "languageCode": { "type": "string", "description": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see [What is Amazon Transcribe?](https://docs.aws.amazon.com/transcribe/latest/dg/transcribe-whatis.html). Valid Values are `ar-AE`, `de-CH`, `de-DE`, `en-AB`, `en-AU`, `en-GB`, `en-IE`, `en-IN`, `en-US`, `en-WL`, `es-ES`, `es-US`, `fr-CA`, `fr-FR`, `hi-IN`, `it-IT`, `ja-JP`, `ko-KR`, `pt-BR`, `pt-PT`, `zh-CN`.\n" }, "lastModifiedTime": { "type": "string", "description": "The timestamp when the custom vocabulary was last modified.\n" }, "name": { "type": "string", "description": "A unique name of the custom vocabulary. Must not be more than 140 characters.\n" }, "state": { "type": "string", "description": "The current state of the custom vocabulary. Valid values are `CREATION_IN_PROGRESS`, `ACTIVE`, `CREATION_FAILED`, `DELETE_IN_PROGRESS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the vocabulary. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vocabularyId": { "type": "string", "description": "The identifier of the custom vocabulary.\n" } }, "required": [ "arn", "content", "failureReason", "instanceId", "languageCode", "lastModifiedTime", "name", "state", "tagsAll", "vocabularyId" ], "inputProperties": { "content": { "type": "string", "description": "The content of the custom vocabulary in plain-text format with a table of values. Each row in the table represents a word or a phrase, described with Phrase, IPA, SoundsLike, and DisplayAs fields. Separate the fields with TAB characters. For more information, see [Create a custom vocabulary using a table](https://docs.aws.amazon.com/transcribe/latest/dg/custom-vocabulary.html#create-vocabulary-table). Minimum length of `1`. Maximum length of `60000`.\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see [What is Amazon Transcribe?](https://docs.aws.amazon.com/transcribe/latest/dg/transcribe-whatis.html). Valid Values are `ar-AE`, `de-CH`, `de-DE`, `en-AB`, `en-AU`, `en-GB`, `en-IE`, `en-IN`, `en-US`, `en-WL`, `es-ES`, `es-US`, `fr-CA`, `fr-FR`, `hi-IN`, `it-IT`, `ja-JP`, `ko-KR`, `pt-BR`, `pt-PT`, `zh-CN`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A unique name of the custom vocabulary. Must not be more than 140 characters.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the vocabulary. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "content", "instanceId", "languageCode" ], "stateInputs": { "description": "Input properties used for looking up and filtering Vocabulary resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the vocabulary.\n" }, "content": { "type": "string", "description": "The content of the custom vocabulary in plain-text format with a table of values. Each row in the table represents a word or a phrase, described with Phrase, IPA, SoundsLike, and DisplayAs fields. Separate the fields with TAB characters. For more information, see [Create a custom vocabulary using a table](https://docs.aws.amazon.com/transcribe/latest/dg/custom-vocabulary.html#create-vocabulary-table). Minimum length of `1`. Maximum length of `60000`.\n", "willReplaceOnChanges": true }, "failureReason": { "type": "string", "description": "The reason why the custom vocabulary was not created.\n" }, "instanceId": { "type": "string", "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see [What is Amazon Transcribe?](https://docs.aws.amazon.com/transcribe/latest/dg/transcribe-whatis.html). Valid Values are `ar-AE`, `de-CH`, `de-DE`, `en-AB`, `en-AU`, `en-GB`, `en-IE`, `en-IN`, `en-US`, `en-WL`, `es-ES`, `es-US`, `fr-CA`, `fr-FR`, `hi-IN`, `it-IT`, `ja-JP`, `ko-KR`, `pt-BR`, `pt-PT`, `zh-CN`.\n", "willReplaceOnChanges": true }, "lastModifiedTime": { "type": "string", "description": "The timestamp when the custom vocabulary was last modified.\n" }, "name": { "type": "string", "description": "A unique name of the custom vocabulary. Must not be more than 140 characters.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The current state of the custom vocabulary. Valid values are `CREATION_IN_PROGRESS`, `ACTIVE`, `CREATION_FAILED`, `DELETE_IN_PROGRESS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the vocabulary. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vocabularyId": { "type": "string", "description": "The identifier of the custom vocabulary.\n" } }, "type": "object" } }, "aws:controltower/controlTowerControl:ControlTowerControl": { "description": "Allows the application of pre-defined controls to organizational units. For more information on usage, please see the\n[AWS Control Tower User Guide](https://docs.aws.amazon.com/controltower/latest/userguide/enable-guardrails.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = aws.organizations.getOrganization({});\nconst exampleGetOrganizationalUnits = example.then(example =\u003e aws.organizations.getOrganizationalUnits({\n parentId: example.roots?.[0]?.id,\n}));\nconst exampleControlTowerControl = new aws.controltower.ControlTowerControl(\"example\", {\n controlIdentifier: current.then(current =\u003e `arn:aws:controltower:${current.name}::control/AWS-GR_EC2_VOLUME_INUSE_CHECK`),\n targetIdentifier: exampleGetOrganizationalUnits.then(exampleGetOrganizationalUnits =\u003e .filter(x =\u003e x.name == \"Infrastructure\").map(x =\u003e (x.arn))[0]),\n parameters: [{\n key: \"AllowedRegions\",\n value: JSON.stringify([\"us-east-1\"]),\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.organizations.get_organization()\nexample_get_organizational_units = aws.organizations.get_organizational_units(parent_id=example.roots[0].id)\nexample_control_tower_control = aws.controltower.ControlTowerControl(\"example\",\n control_identifier=f\"arn:aws:controltower:{current.name}::control/AWS-GR_EC2_VOLUME_INUSE_CHECK\",\n target_identifier=[x.arn for x in example_get_organizational_units.children if x.name == \"Infrastructure\"][0],\n parameters=[{\n \"key\": \"AllowedRegions\",\n \"value\": json.dumps([\"us-east-1\"]),\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = Aws.Organizations.GetOrganization.Invoke();\n\n var exampleGetOrganizationalUnits = Aws.Organizations.GetOrganizationalUnits.Invoke(new()\n {\n ParentId = example.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n });\n\n var exampleControlTowerControl = new Aws.ControlTower.ControlTowerControl(\"example\", new()\n {\n ControlIdentifier = $\"arn:aws:controltower:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}::control/AWS-GR_EC2_VOLUME_INUSE_CHECK\",\n TargetIdentifier = .Where(x =\u003e x.Name == \"Infrastructure\").Select(x =\u003e \n {\n return x.Arn;\n }).ToList()[0],\n Parameters = new[]\n {\n new Aws.ControlTower.Inputs.ControlTowerControlParameterArgs\n {\n Key = \"AllowedRegions\",\n Value = JsonSerializer.Serialize(new[]\n {\n \"us-east-1\",\n }),\n },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Control Tower Controls using their `organizational_unit_arn/control_identifier`. For example:\n\n```sh\n$ pulumi import aws:controltower/controlTowerControl:ControlTowerControl example arn:aws:organizations::123456789101:ou/o-qqaejywet/ou-qg5o-ufbhdtv3,arn:aws:controltower:us-east-1::control/WTDSMKDKDNLE\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the EnabledControl resource.\n" }, "controlIdentifier": { "type": "string", "description": "The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny guardrail.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:controltower/ControlTowerControlParameter:ControlTowerControlParameter" }, "description": "Parameter values which are specified to configure the control when you enable it. See Parameters for more details.\n" }, "targetIdentifier": { "type": "string", "description": "The ARN of the organizational unit.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "controlIdentifier", "targetIdentifier" ], "inputProperties": { "controlIdentifier": { "type": "string", "description": "The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny guardrail.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:controltower/ControlTowerControlParameter:ControlTowerControlParameter" }, "description": "Parameter values which are specified to configure the control when you enable it. See Parameters for more details.\n" }, "targetIdentifier": { "type": "string", "description": "The ARN of the organizational unit.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "controlIdentifier", "targetIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ControlTowerControl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the EnabledControl resource.\n" }, "controlIdentifier": { "type": "string", "description": "The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny guardrail.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:controltower/ControlTowerControlParameter:ControlTowerControlParameter" }, "description": "Parameter values which are specified to configure the control when you enable it. See Parameters for more details.\n" }, "targetIdentifier": { "type": "string", "description": "The ARN of the organizational unit.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:controltower/landingZone:LandingZone": { "description": "Creates a new landing zone using Control Tower. For more information on usage, please see the\n[AWS Control Tower Landing Zone User Guide](https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html).\n\n## Import\n\nUsing `pulumi import`, import a Control Tower Landing Zone using the `id`. For example:\n\n```sh\n$ pulumi import aws:controltower/landingZone:LandingZone example 1A2B3C4D5E6F7G8H\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the landing zone.\n" }, "driftStatuses": { "type": "array", "items": { "$ref": "#/types/aws:controltower/LandingZoneDriftStatus:LandingZoneDriftStatus" }, "description": "The drift status summary of the landing zone.\n" }, "latestAvailableVersion": { "type": "string", "description": "The latest available version of the landing zone.\n" }, "manifestJson": { "type": "string", "description": "The manifest JSON file is a text file that describes your AWS resources. For examples, review [Launch your landing zone](https://docs.aws.amazon.com/controltower/latest/userguide/lz-api-launch).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the landing zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the landing zone, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The landing zone version.\n" } }, "required": [ "arn", "driftStatuses", "latestAvailableVersion", "manifestJson", "tagsAll", "version" ], "inputProperties": { "manifestJson": { "type": "string", "description": "The manifest JSON file is a text file that describes your AWS resources. For examples, review [Launch your landing zone](https://docs.aws.amazon.com/controltower/latest/userguide/lz-api-launch).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the landing zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "version": { "type": "string", "description": "The landing zone version.\n" } }, "requiredInputs": [ "manifestJson", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering LandingZone resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the landing zone.\n" }, "driftStatuses": { "type": "array", "items": { "$ref": "#/types/aws:controltower/LandingZoneDriftStatus:LandingZoneDriftStatus" }, "description": "The drift status summary of the landing zone.\n" }, "latestAvailableVersion": { "type": "string", "description": "The latest available version of the landing zone.\n" }, "manifestJson": { "type": "string", "description": "The manifest JSON file is a text file that describes your AWS resources. For examples, review [Launch your landing zone](https://docs.aws.amazon.com/controltower/latest/userguide/lz-api-launch).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the landing zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the landing zone, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The landing zone version.\n" } }, "type": "object" } }, "aws:costexplorer/anomalyMonitor:AnomalyMonitor": { "description": "Provides a CE Anomaly Monitor.\n\n## Example Usage\n\nThere are two main types of a Cost Anomaly Monitor: `DIMENSIONAL` and `CUSTOM`.\n\n### Dimensional Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceMonitor = new aws.costexplorer.AnomalyMonitor(\"service_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice_monitor = aws.costexplorer.AnomalyMonitor(\"service_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceMonitor = new Aws.CostExplorer.AnomalyMonitor(\"service_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalyMonitor(ctx, \"service_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceMonitor = new AnomalyMonitor(\"serviceMonitor\", AnomalyMonitorArgs.builder()\n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: service_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSCustomAnomalyMonitor\",\n monitorType: \"CUSTOM\",\n monitorSpecification: JSON.stringify({\n And: undefined,\n CostCategories: undefined,\n Dimensions: undefined,\n Not: undefined,\n Or: undefined,\n Tags: {\n Key: \"CostCenter\",\n MatchOptions: undefined,\n Values: [\"10000\"],\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSCustomAnomalyMonitor\",\n monitor_type=\"CUSTOM\",\n monitor_specification=json.dumps({\n \"And\": None,\n \"CostCategories\": None,\n \"Dimensions\": None,\n \"Not\": None,\n \"Or\": None,\n \"Tags\": {\n \"Key\": \"CostCenter\",\n \"MatchOptions\": None,\n \"Values\": [\"10000\"],\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSCustomAnomalyMonitor\",\n MonitorType = \"CUSTOM\",\n MonitorSpecification = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"And\"] = null,\n [\"CostCategories\"] = null,\n [\"Dimensions\"] = null,\n [\"Not\"] = null,\n [\"Or\"] = null,\n [\"Tags\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"CostCenter\",\n [\"MatchOptions\"] = null,\n [\"Values\"] = new[]\n {\n \"10000\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"And\": nil,\n\t\t\t\"CostCategories\": nil,\n\t\t\t\"Dimensions\": nil,\n\t\t\t\"Not\": nil,\n\t\t\t\"Or\": nil,\n\t\t\t\"Tags\": map[string]interface{}{\n\t\t\t\t\"Key\": \"CostCenter\",\n\t\t\t\t\"MatchOptions\": nil,\n\t\t\t\t\"Values\": []string{\n\t\t\t\t\t\"10000\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSCustomAnomalyMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"CUSTOM\"),\n\t\t\tMonitorSpecification: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder()\n .name(\"AWSCustomAnomalyMonitor\")\n .monitorType(\"CUSTOM\")\n .monitorSpecification(serializeJson(\n jsonObject(\n jsonProperty(\"And\", null),\n jsonProperty(\"CostCategories\", null),\n jsonProperty(\"Dimensions\", null),\n jsonProperty(\"Not\", null),\n jsonProperty(\"Or\", null),\n jsonProperty(\"Tags\", jsonObject(\n jsonProperty(\"Key\", \"CostCenter\"),\n jsonProperty(\"MatchOptions\", null),\n jsonProperty(\"Values\", jsonArray(\"10000\"))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSCustomAnomalyMonitor\n monitorType: CUSTOM\n monitorSpecification:\n fn::toJSON:\n And: null\n CostCategories: null\n Dimensions: null\n Not: null\n Or: null\n Tags:\n Key: CostCenter\n MatchOptions: null\n Values:\n - '10000'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_monitor` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalyMonitor:AnomalyMonitor example costAnomalyMonitorARN\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the anomaly monitor.\n" }, "monitorDimension": { "type": "string", "description": "The dimensions to evaluate. Valid values: `SERVICE`.\n" }, "monitorSpecification": { "type": "string", "description": "A valid JSON representation for the [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object.\n" }, "monitorType": { "type": "string", "description": "The possible type values. Valid values: `DIMENSIONAL` | `CUSTOM`.\n" }, "name": { "type": "string", "description": "The name of the monitor.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "monitorType", "name", "tagsAll" ], "inputProperties": { "monitorDimension": { "type": "string", "description": "The dimensions to evaluate. Valid values: `SERVICE`.\n", "willReplaceOnChanges": true }, "monitorSpecification": { "type": "string", "description": "A valid JSON representation for the [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object.\n", "willReplaceOnChanges": true }, "monitorType": { "type": "string", "description": "The possible type values. Valid values: `DIMENSIONAL` | `CUSTOM`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the monitor.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "monitorType" ], "stateInputs": { "description": "Input properties used for looking up and filtering AnomalyMonitor resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the anomaly monitor.\n" }, "monitorDimension": { "type": "string", "description": "The dimensions to evaluate. Valid values: `SERVICE`.\n", "willReplaceOnChanges": true }, "monitorSpecification": { "type": "string", "description": "A valid JSON representation for the [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object.\n", "willReplaceOnChanges": true }, "monitorType": { "type": "string", "description": "The possible type values. Valid values: `DIMENSIONAL` | `CUSTOM`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the monitor.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:costexplorer/anomalySubscription:AnomalySubscription": { "description": "Provides a CE Anomaly Subscription.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst testAnomalySubscription = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"DAILYSUBSCRIPTION\",\n frequency: \"DAILY\",\n monitorArnLists: [test.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"100\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\ntest_anomaly_subscription = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"DAILYSUBSCRIPTION\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test.arn],\n subscribers=[{\n \"type\": \"EMAIL\",\n \"address\": \"abc@example.com\",\n }],\n threshold_expression={\n \"dimension\": {\n \"key\": \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n \"match_options\": [\"GREATER_THAN_OR_EQUAL\"],\n \"values\": [\"100\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var testAnomalySubscription = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"DAILYSUBSCRIPTION\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n test.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"100\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"DAILYSUBSCRIPTION\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs{\n\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t},\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"100\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionDimensionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder()\n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var testAnomalySubscription = new AnomalySubscription(\"testAnomalySubscription\", AnomalySubscriptionArgs.builder()\n .name(\"DAILYSUBSCRIPTION\")\n .frequency(\"DAILY\")\n .monitorArnLists(test.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"100\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n testAnomalySubscription:\n type: aws:costexplorer:AnomalySubscription\n name: test\n properties:\n name: DAILYSUBSCRIPTION\n frequency: DAILY\n monitorArnLists:\n - ${test.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '100'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Threshold Expression Example\n\n### Using a Percentage Threshold\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"100\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[{\n \"type\": \"EMAIL\",\n \"address\": \"abc@example.com\",\n }],\n threshold_expression={\n \"dimension\": {\n \"key\": \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n \"match_options\": [\"GREATER_THAN_OR_EQUAL\"],\n \"values\": [\"100\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"100\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs{\n\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\"),\n\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t},\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"100\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionDimensionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder()\n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"100\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n dimension:\n key: ANOMALY_TOTAL_IMPACT_PERCENTAGE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '100'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using an `and` Expression\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n ands: [\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"100\"],\n },\n },\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"50\"],\n },\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[{\n \"type\": \"EMAIL\",\n \"address\": \"abc@example.com\",\n }],\n threshold_expression={\n \"ands\": [\n {\n \"dimension\": {\n \"key\": \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n \"match_options\": [\"GREATER_THAN_OR_EQUAL\"],\n \"values\": [\"100\"],\n },\n },\n {\n \"dimension\": {\n \"key\": \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n \"match_options\": [\"GREATER_THAN_OR_EQUAL\"],\n \"values\": [\"50\"],\n },\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Ands = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"100\",\n },\n },\n },\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"50\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tAnds: costexplorer.AnomalySubscriptionThresholdExpressionAndArray{\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"100\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"50\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder()\n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .ands( \n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"100\")\n .build())\n .build(),\n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"50\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n ands:\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '100'\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_PERCENTAGE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '50'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst costAnomalyUpdates = new aws.sns.Topic(\"cost_anomaly_updates\", {name: \"CostAnomalyUpdates\"});\nconst snsTopicPolicy = pulumi.all([costAnomalyUpdates.arn, costAnomalyUpdates.arn]).apply(([costAnomalyUpdatesArn, costAnomalyUpdatesArn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n policyId: \"__default_policy_ID\",\n statements: [\n {\n sid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\n actions: [\"SNS:Publish\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"costalerts.amazonaws.com\"],\n }],\n resources: [costAnomalyUpdatesArn],\n },\n {\n sid: \"__default_statement_ID\",\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"AWS:SourceOwner\",\n values: [accountId],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [costAnomalyUpdatesArn1],\n },\n ],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: costAnomalyUpdates.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\nconst anomalyMonitor = new aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst realtimeSubscription = new aws.costexplorer.AnomalySubscription(\"realtime_subscription\", {\n name: \"RealtimeAnomalySubscription\",\n frequency: \"IMMEDIATE\",\n monitorArnLists: [anomalyMonitor.arn],\n subscribers: [{\n type: \"SNS\",\n address: costAnomalyUpdates.arn,\n }],\n}, {\n dependsOn: [_default],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost_anomaly_updates = aws.sns.Topic(\"cost_anomaly_updates\", name=\"CostAnomalyUpdates\")\nsns_topic_policy = pulumi.Output.all(cost_anomaly_updates.arn, cost_anomaly_updates.arn).apply(lambda costAnomalyUpdatesArn, costAnomalyUpdatesArn1: aws.iam.get_policy_document_output(policy_id=\"__default_policy_ID\",\n statements=[\n {\n \"sid\": \"AWSAnomalyDetectionSNSPublishingPermissions\",\n \"actions\": [\"SNS:Publish\"],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"costalerts.amazonaws.com\"],\n }],\n \"resources\": [cost_anomaly_updates_arn],\n },\n {\n \"sid\": \"__default_statement_ID\",\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"AWS:SourceOwner\",\n \"values\": [account_id],\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"resources\": [cost_anomaly_updates_arn1],\n },\n ]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=cost_anomaly_updates.arn,\n policy=sns_topic_policy.json)\nanomaly_monitor = aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\nrealtime_subscription = aws.costexplorer.AnomalySubscription(\"realtime_subscription\",\n name=\"RealtimeAnomalySubscription\",\n frequency=\"IMMEDIATE\",\n monitor_arn_lists=[anomaly_monitor.arn],\n subscribers=[{\n \"type\": \"SNS\",\n \"address\": cost_anomaly_updates.arn,\n }],\n opts = pulumi.ResourceOptions(depends_on=[default]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var costAnomalyUpdates = new Aws.Sns.Topic(\"cost_anomaly_updates\", new()\n {\n Name = \"CostAnomalyUpdates\",\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSAnomalyDetectionSNSPublishingPermissions\",\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"costalerts.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"__default_statement_ID\",\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"AWS:SourceOwner\",\n Values = new[]\n {\n accountId,\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = costAnomalyUpdates.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var anomalyMonitor = new Aws.CostExplorer.AnomalyMonitor(\"anomaly_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var realtimeSubscription = new Aws.CostExplorer.AnomalySubscription(\"realtime_subscription\", new()\n {\n Name = \"RealtimeAnomalySubscription\",\n Frequency = \"IMMEDIATE\",\n MonitorArnLists = new[]\n {\n anomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"SNS\",\n Address = costAnomalyUpdates.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @default,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncostAnomalyUpdates, err := sns.NewTopic(ctx, \"cost_anomaly_updates\", \u0026sns.TopicArgs{\nName: pulumi.String(\"CostAnomalyUpdates\"),\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := pulumi.All(costAnomalyUpdates.Arn,costAnomalyUpdates.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\ncostAnomalyUpdatesArn := _args[0].(string)\ncostAnomalyUpdatesArn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nPolicyId: \"__default_policy_ID\",\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\nActions: []string{\n\"SNS:Publish\",\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"costalerts.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn,\n},\n},\n{\nSid: \"__default_statement_ID\",\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:SetTopicAttributes\",\n\"SNS:RemovePermission\",\n\"SNS:Receive\",\n\"SNS:Publish\",\n\"SNS:ListSubscriptionsByTopic\",\n\"SNS:GetTopicAttributes\",\n\"SNS:DeleteTopic\",\n\"SNS:AddPermission\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"AWS:SourceOwner\",\nValues: interface{}{\naccountId,\n},\n},\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn1,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: costAnomalyUpdates.Arn,\nPolicy: pulumi.String(snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nanomalyMonitor, err := costexplorer.NewAnomalyMonitor(ctx, \"anomaly_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\nName: pulumi.String(\"AWSServiceMonitor\"),\nMonitorType: pulumi.String(\"DIMENSIONAL\"),\nMonitorDimension: pulumi.String(\"SERVICE\"),\n})\nif err != nil {\nreturn err\n}\n_, err = costexplorer.NewAnomalySubscription(ctx, \"realtime_subscription\", \u0026costexplorer.AnomalySubscriptionArgs{\nName: pulumi.String(\"RealtimeAnomalySubscription\"),\nFrequency: pulumi.String(\"IMMEDIATE\"),\nMonitorArnLists: pulumi.StringArray{\nanomalyMonitor.Arn,\n},\nSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\nType: pulumi.String(\"SNS\"),\nAddress: costAnomalyUpdates.Arn,\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\n_default,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var costAnomalyUpdates = new Topic(\"costAnomalyUpdates\", TopicArgs.builder()\n .name(\"CostAnomalyUpdates\")\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSAnomalyDetectionSNSPublishingPermissions\")\n .actions(\"SNS:Publish\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"costalerts.amazonaws.com\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"__default_statement_ID\")\n .actions( \n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"AWS:SourceOwner\")\n .values(accountId)\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder()\n .arn(costAnomalyUpdates.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var anomalyMonitor = new AnomalyMonitor(\"anomalyMonitor\", AnomalyMonitorArgs.builder()\n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var realtimeSubscription = new AnomalySubscription(\"realtimeSubscription\", AnomalySubscriptionArgs.builder()\n .name(\"RealtimeAnomalySubscription\")\n .frequency(\"IMMEDIATE\")\n .monitorArnLists(anomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"SNS\")\n .address(costAnomalyUpdates.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(default_)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n costAnomalyUpdates:\n type: aws:sns:Topic\n name: cost_anomaly_updates\n properties:\n name: CostAnomalyUpdates\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${costAnomalyUpdates.arn}\n policy: ${snsTopicPolicy.json}\n anomalyMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: anomaly_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n realtimeSubscription:\n type: aws:costexplorer:AnomalySubscription\n name: realtime_subscription\n properties:\n name: RealtimeAnomalySubscription\n frequency: IMMEDIATE\n monitorArnLists:\n - ${anomalyMonitor.arn}\n subscribers:\n - type: SNS\n address: ${costAnomalyUpdates.arn}\n options:\n dependson:\n - ${default}\nvariables:\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - sid: AWSAnomalyDetectionSNSPublishingPermissions\n actions:\n - SNS:Publish\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - costalerts.amazonaws.com\n resources:\n - ${costAnomalyUpdates.arn}\n - sid: __default_statement_ID\n actions:\n - SNS:Subscribe\n - SNS:SetTopicAttributes\n - SNS:RemovePermission\n - SNS:Receive\n - SNS:Publish\n - SNS:ListSubscriptionsByTopic\n - SNS:GetTopicAttributes\n - SNS:DeleteTopic\n - SNS:AddPermission\n conditions:\n - test: StringEquals\n variable: AWS:SourceOwner\n values:\n - ${accountId}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - ${costAnomalyUpdates.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_subscription` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalySubscription:AnomalySubscription example AnomalySubscriptionARN\n```\n", "properties": { "accountId": { "type": "string", "description": "The unique identifier for the AWS account in which the anomaly subscription ought to be created.\n" }, "arn": { "type": "string", "description": "ARN of the anomaly subscription.\n" }, "frequency": { "type": "string", "description": "The frequency that anomaly reports are sent. Valid Values: `DAILY` | `IMMEDIATE` | `WEEKLY`.\n" }, "monitorArnLists": { "type": "array", "items": { "type": "string" }, "description": "A list of cost anomaly monitors.\n" }, "name": { "type": "string", "description": "The name for the subscription.\n" }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionSubscriber:AnomalySubscriptionSubscriber" }, "description": "A subscriber configuration. Multiple subscribers can be defined.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thresholdExpression": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpression:AnomalySubscriptionThresholdExpression", "description": "An Expression object used to specify the anomalies that you want to generate alerts for. See Threshold Expression.\n" } }, "required": [ "accountId", "arn", "frequency", "monitorArnLists", "name", "subscribers", "tagsAll", "thresholdExpression" ], "inputProperties": { "accountId": { "type": "string", "description": "The unique identifier for the AWS account in which the anomaly subscription ought to be created.\n", "willReplaceOnChanges": true }, "frequency": { "type": "string", "description": "The frequency that anomaly reports are sent. Valid Values: `DAILY` | `IMMEDIATE` | `WEEKLY`.\n" }, "monitorArnLists": { "type": "array", "items": { "type": "string" }, "description": "A list of cost anomaly monitors.\n" }, "name": { "type": "string", "description": "The name for the subscription.\n", "willReplaceOnChanges": true }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionSubscriber:AnomalySubscriptionSubscriber" }, "description": "A subscriber configuration. Multiple subscribers can be defined.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "thresholdExpression": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpression:AnomalySubscriptionThresholdExpression", "description": "An Expression object used to specify the anomalies that you want to generate alerts for. See Threshold Expression.\n" } }, "requiredInputs": [ "frequency", "monitorArnLists", "subscribers" ], "stateInputs": { "description": "Input properties used for looking up and filtering AnomalySubscription resources.\n", "properties": { "accountId": { "type": "string", "description": "The unique identifier for the AWS account in which the anomaly subscription ought to be created.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the anomaly subscription.\n" }, "frequency": { "type": "string", "description": "The frequency that anomaly reports are sent. Valid Values: `DAILY` | `IMMEDIATE` | `WEEKLY`.\n" }, "monitorArnLists": { "type": "array", "items": { "type": "string" }, "description": "A list of cost anomaly monitors.\n" }, "name": { "type": "string", "description": "The name for the subscription.\n", "willReplaceOnChanges": true }, "subscribers": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionSubscriber:AnomalySubscriptionSubscriber" }, "description": "A subscriber configuration. Multiple subscribers can be defined.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thresholdExpression": { "$ref": "#/types/aws:costexplorer/AnomalySubscriptionThresholdExpression:AnomalySubscriptionThresholdExpression", "description": "An Expression object used to specify the anomalies that you want to generate alerts for. See Threshold Expression.\n" } }, "type": "object" } }, "aws:costexplorer/costAllocationTag:CostAllocationTag": { "description": "Provides a CE Cost Allocation Tag.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.costexplorer.CostAllocationTag(\"example\", {\n tagKey: \"example\",\n status: \"Active\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.costexplorer.CostAllocationTag(\"example\",\n tag_key=\"example\",\n status=\"Active\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CostExplorer.CostAllocationTag(\"example\", new()\n {\n TagKey = \"example\",\n Status = \"Active\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewCostAllocationTag(ctx, \"example\", \u0026costexplorer.CostAllocationTagArgs{\n\t\t\tTagKey: pulumi.String(\"example\"),\n\t\t\tStatus: pulumi.String(\"Active\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.CostAllocationTag;\nimport com.pulumi.aws.costexplorer.CostAllocationTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CostAllocationTag(\"example\", CostAllocationTagArgs.builder()\n .tagKey(\"example\")\n .status(\"Active\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:costexplorer:CostAllocationTag\n properties:\n tagKey: example\n status: Active\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_cost_allocation_tag` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/costAllocationTag:CostAllocationTag example key\n```\n", "properties": { "status": { "type": "string", "description": "The status of a cost allocation tag. Valid values are `Active` and `Inactive`.\n" }, "tagKey": { "type": "string", "description": "The key for the cost allocation tag.\n" }, "type": { "type": "string", "description": "The type of cost allocation tag.\n" } }, "required": [ "status", "tagKey", "type" ], "inputProperties": { "status": { "type": "string", "description": "The status of a cost allocation tag. Valid values are `Active` and `Inactive`.\n" }, "tagKey": { "type": "string", "description": "The key for the cost allocation tag.\n" } }, "requiredInputs": [ "status", "tagKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering CostAllocationTag resources.\n", "properties": { "status": { "type": "string", "description": "The status of a cost allocation tag. Valid values are `Active` and `Inactive`.\n" }, "tagKey": { "type": "string", "description": "The key for the cost allocation tag.\n" }, "type": { "type": "string", "description": "The type of cost allocation tag.\n" } }, "type": "object" } }, "aws:costexplorer/costCategory:CostCategory": { "description": "Provides a CE Cost Category.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.CostCategory(\"test\", {\n name: \"NAME\",\n ruleVersion: \"CostCategoryExpression.v1\",\n rules: [\n {\n value: \"production\",\n rule: {\n dimension: {\n key: \"LINKED_ACCOUNT_NAME\",\n values: [\"-prod\"],\n matchOptions: [\"ENDS_WITH\"],\n },\n },\n },\n {\n value: \"staging\",\n rule: {\n dimension: {\n key: \"LINKED_ACCOUNT_NAME\",\n values: [\"-stg\"],\n matchOptions: [\"ENDS_WITH\"],\n },\n },\n },\n {\n value: \"testing\",\n rule: {\n dimension: {\n key: \"LINKED_ACCOUNT_NAME\",\n values: [\"-dev\"],\n matchOptions: [\"ENDS_WITH\"],\n },\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.CostCategory(\"test\",\n name=\"NAME\",\n rule_version=\"CostCategoryExpression.v1\",\n rules=[\n {\n \"value\": \"production\",\n \"rule\": {\n \"dimension\": {\n \"key\": \"LINKED_ACCOUNT_NAME\",\n \"values\": [\"-prod\"],\n \"match_options\": [\"ENDS_WITH\"],\n },\n },\n },\n {\n \"value\": \"staging\",\n \"rule\": {\n \"dimension\": {\n \"key\": \"LINKED_ACCOUNT_NAME\",\n \"values\": [\"-stg\"],\n \"match_options\": [\"ENDS_WITH\"],\n },\n },\n },\n {\n \"value\": \"testing\",\n \"rule\": {\n \"dimension\": {\n \"key\": \"LINKED_ACCOUNT_NAME\",\n \"values\": [\"-dev\"],\n \"match_options\": [\"ENDS_WITH\"],\n },\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.CostCategory(\"test\", new()\n {\n Name = \"NAME\",\n RuleVersion = \"CostCategoryExpression.v1\",\n Rules = new[]\n {\n new Aws.CostExplorer.Inputs.CostCategoryRuleArgs\n {\n Value = \"production\",\n Rule = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleDimensionArgs\n {\n Key = \"LINKED_ACCOUNT_NAME\",\n Values = new[]\n {\n \"-prod\",\n },\n MatchOptions = new[]\n {\n \"ENDS_WITH\",\n },\n },\n },\n },\n new Aws.CostExplorer.Inputs.CostCategoryRuleArgs\n {\n Value = \"staging\",\n Rule = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleDimensionArgs\n {\n Key = \"LINKED_ACCOUNT_NAME\",\n Values = new[]\n {\n \"-stg\",\n },\n MatchOptions = new[]\n {\n \"ENDS_WITH\",\n },\n },\n },\n },\n new Aws.CostExplorer.Inputs.CostCategoryRuleArgs\n {\n Value = \"testing\",\n Rule = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.CostCategoryRuleRuleDimensionArgs\n {\n Key = \"LINKED_ACCOUNT_NAME\",\n Values = new[]\n {\n \"-dev\",\n },\n MatchOptions = new[]\n {\n \"ENDS_WITH\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewCostCategory(ctx, \"test\", \u0026costexplorer.CostCategoryArgs{\n\t\t\tName: pulumi.String(\"NAME\"),\n\t\t\tRuleVersion: pulumi.String(\"CostCategoryExpression.v1\"),\n\t\t\tRules: costexplorer.CostCategoryRuleArray{\n\t\t\t\t\u0026costexplorer.CostCategoryRuleArgs{\n\t\t\t\t\tValue: pulumi.String(\"production\"),\n\t\t\t\t\tRule: \u0026costexplorer.CostCategoryRuleRuleArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.CostCategoryRuleRuleDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"LINKED_ACCOUNT_NAME\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"-prod\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"ENDS_WITH\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026costexplorer.CostCategoryRuleArgs{\n\t\t\t\t\tValue: pulumi.String(\"staging\"),\n\t\t\t\t\tRule: \u0026costexplorer.CostCategoryRuleRuleArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.CostCategoryRuleRuleDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"LINKED_ACCOUNT_NAME\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"-stg\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"ENDS_WITH\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026costexplorer.CostCategoryRuleArgs{\n\t\t\t\t\tValue: pulumi.String(\"testing\"),\n\t\t\t\t\tRule: \u0026costexplorer.CostCategoryRuleRuleArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.CostCategoryRuleRuleDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"LINKED_ACCOUNT_NAME\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"-dev\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"ENDS_WITH\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.CostCategory;\nimport com.pulumi.aws.costexplorer.CostCategoryArgs;\nimport com.pulumi.aws.costexplorer.inputs.CostCategoryRuleArgs;\nimport com.pulumi.aws.costexplorer.inputs.CostCategoryRuleRuleArgs;\nimport com.pulumi.aws.costexplorer.inputs.CostCategoryRuleRuleDimensionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new CostCategory(\"test\", CostCategoryArgs.builder()\n .name(\"NAME\")\n .ruleVersion(\"CostCategoryExpression.v1\")\n .rules( \n CostCategoryRuleArgs.builder()\n .value(\"production\")\n .rule(CostCategoryRuleRuleArgs.builder()\n .dimension(CostCategoryRuleRuleDimensionArgs.builder()\n .key(\"LINKED_ACCOUNT_NAME\")\n .values(\"-prod\")\n .matchOptions(\"ENDS_WITH\")\n .build())\n .build())\n .build(),\n CostCategoryRuleArgs.builder()\n .value(\"staging\")\n .rule(CostCategoryRuleRuleArgs.builder()\n .dimension(CostCategoryRuleRuleDimensionArgs.builder()\n .key(\"LINKED_ACCOUNT_NAME\")\n .values(\"-stg\")\n .matchOptions(\"ENDS_WITH\")\n .build())\n .build())\n .build(),\n CostCategoryRuleArgs.builder()\n .value(\"testing\")\n .rule(CostCategoryRuleRuleArgs.builder()\n .dimension(CostCategoryRuleRuleDimensionArgs.builder()\n .key(\"LINKED_ACCOUNT_NAME\")\n .values(\"-dev\")\n .matchOptions(\"ENDS_WITH\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:CostCategory\n properties:\n name: NAME\n ruleVersion: CostCategoryExpression.v1\n rules:\n - value: production\n rule:\n dimension:\n key: LINKED_ACCOUNT_NAME\n values:\n - -prod\n matchOptions:\n - ENDS_WITH\n - value: staging\n rule:\n dimension:\n key: LINKED_ACCOUNT_NAME\n values:\n - -stg\n matchOptions:\n - ENDS_WITH\n - value: testing\n rule:\n dimension:\n key: LINKED_ACCOUNT_NAME\n values:\n - -dev\n matchOptions:\n - ENDS_WITH\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_cost_category` using the id. For example:\n\n```sh\n$ pulumi import aws:costexplorer/costCategory:CostCategory example costCategoryARN\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the cost category.\n" }, "defaultValue": { "type": "string", "description": "Default value for the cost category.\n" }, "effectiveEnd": { "type": "string", "description": "Effective end data of your Cost Category.\n" }, "effectiveStart": { "type": "string", "description": "The Cost Category's effective start date. It can only be a billing start date (first day of the month). If the date isn't provided, it's the first day of the current month. Dates can't be before the previous twelve months, or in the future. For example `2022-11-01T00:00:00Z`.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Unique name for the Cost Category.\n" }, "ruleVersion": { "type": "string", "description": "Rule schema version in this particular Cost Category.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRule:CostCategoryRule" }, "description": "Configuration block for the Cost Category rules used to categorize costs. See below.\n" }, "splitChargeRules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategorySplitChargeRule:CostCategorySplitChargeRule" }, "description": "Configuration block for the split charge rules used to allocate your charges between your Cost Category values. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "effectiveEnd", "effectiveStart", "name", "rules", "ruleVersion", "tagsAll" ], "inputProperties": { "defaultValue": { "type": "string", "description": "Default value for the cost category.\n" }, "effectiveStart": { "type": "string", "description": "The Cost Category's effective start date. It can only be a billing start date (first day of the month). If the date isn't provided, it's the first day of the current month. Dates can't be before the previous twelve months, or in the future. For example `2022-11-01T00:00:00Z`.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Unique name for the Cost Category.\n", "willReplaceOnChanges": true }, "ruleVersion": { "type": "string", "description": "Rule schema version in this particular Cost Category.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRule:CostCategoryRule" }, "description": "Configuration block for the Cost Category rules used to categorize costs. See below.\n" }, "splitChargeRules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategorySplitChargeRule:CostCategorySplitChargeRule" }, "description": "Configuration block for the split charge rules used to allocate your charges between your Cost Category values. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "rules", "ruleVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering CostCategory resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the cost category.\n" }, "defaultValue": { "type": "string", "description": "Default value for the cost category.\n" }, "effectiveEnd": { "type": "string", "description": "Effective end data of your Cost Category.\n" }, "effectiveStart": { "type": "string", "description": "The Cost Category's effective start date. It can only be a billing start date (first day of the month). If the date isn't provided, it's the first day of the current month. Dates can't be before the previous twelve months, or in the future. For example `2022-11-01T00:00:00Z`.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Unique name for the Cost Category.\n", "willReplaceOnChanges": true }, "ruleVersion": { "type": "string", "description": "Rule schema version in this particular Cost Category.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategoryRule:CostCategoryRule" }, "description": "Configuration block for the Cost Category rules used to categorize costs. See below.\n" }, "splitChargeRules": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/CostCategorySplitChargeRule:CostCategorySplitChargeRule" }, "description": "Configuration block for the split charge rules used to allocate your charges between your Cost Category values. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:cur/reportDefinition:ReportDefinition": { "description": "Manages Cost and Usage Report Definitions.\n\n\u003e *NOTE:* The AWS Cost and Usage Report service is only available in `us-east-1` currently.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCurReportDefinition = new aws.cur.ReportDefinition(\"example_cur_report_definition\", {\n reportName: \"example-cur-report-definition\",\n timeUnit: \"HOURLY\",\n format: \"textORcsv\",\n compression: \"GZIP\",\n additionalSchemaElements: [\n \"RESOURCES\",\n \"SPLIT_COST_ALLOCATION_DATA\",\n ],\n s3Bucket: \"example-bucket-name\",\n s3Region: \"us-east-1\",\n additionalArtifacts: [\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_cur_report_definition = aws.cur.ReportDefinition(\"example_cur_report_definition\",\n report_name=\"example-cur-report-definition\",\n time_unit=\"HOURLY\",\n format=\"textORcsv\",\n compression=\"GZIP\",\n additional_schema_elements=[\n \"RESOURCES\",\n \"SPLIT_COST_ALLOCATION_DATA\",\n ],\n s3_bucket=\"example-bucket-name\",\n s3_region=\"us-east-1\",\n additional_artifacts=[\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCurReportDefinition = new Aws.Cur.ReportDefinition(\"example_cur_report_definition\", new()\n {\n ReportName = \"example-cur-report-definition\",\n TimeUnit = \"HOURLY\",\n Format = \"textORcsv\",\n Compression = \"GZIP\",\n AdditionalSchemaElements = new[]\n {\n \"RESOURCES\",\n \"SPLIT_COST_ALLOCATION_DATA\",\n },\n S3Bucket = \"example-bucket-name\",\n S3Region = \"us-east-1\",\n AdditionalArtifacts = new[]\n {\n \"REDSHIFT\",\n \"QUICKSIGHT\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cur\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cur.NewReportDefinition(ctx, \"example_cur_report_definition\", \u0026cur.ReportDefinitionArgs{\n\t\t\tReportName: pulumi.String(\"example-cur-report-definition\"),\n\t\t\tTimeUnit: pulumi.String(\"HOURLY\"),\n\t\t\tFormat: pulumi.String(\"textORcsv\"),\n\t\t\tCompression: pulumi.String(\"GZIP\"),\n\t\t\tAdditionalSchemaElements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"RESOURCES\"),\n\t\t\t\tpulumi.String(\"SPLIT_COST_ALLOCATION_DATA\"),\n\t\t\t},\n\t\t\tS3Bucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tS3Region: pulumi.String(\"us-east-1\"),\n\t\t\tAdditionalArtifacts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"REDSHIFT\"),\n\t\t\t\tpulumi.String(\"QUICKSIGHT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cur.ReportDefinition;\nimport com.pulumi.aws.cur.ReportDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCurReportDefinition = new ReportDefinition(\"exampleCurReportDefinition\", ReportDefinitionArgs.builder()\n .reportName(\"example-cur-report-definition\")\n .timeUnit(\"HOURLY\")\n .format(\"textORcsv\")\n .compression(\"GZIP\")\n .additionalSchemaElements( \n \"RESOURCES\",\n \"SPLIT_COST_ALLOCATION_DATA\")\n .s3Bucket(\"example-bucket-name\")\n .s3Region(\"us-east-1\")\n .additionalArtifacts( \n \"REDSHIFT\",\n \"QUICKSIGHT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCurReportDefinition:\n type: aws:cur:ReportDefinition\n name: example_cur_report_definition\n properties:\n reportName: example-cur-report-definition\n timeUnit: HOURLY\n format: textORcsv\n compression: GZIP\n additionalSchemaElements:\n - RESOURCES\n - SPLIT_COST_ALLOCATION_DATA\n s3Bucket: example-bucket-name\n s3Region: us-east-1\n additionalArtifacts:\n - REDSHIFT\n - QUICKSIGHT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Report Definitions using the `report_name`. For example:\n\n```sh\n$ pulumi import aws:cur/reportDefinition:ReportDefinition example_cur_report_definition example-cur-report-definition\n```\n", "properties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: `REDSHIFT`, `QUICKSIGHT`, `ATHENA`. When ATHENA exists within additional_artifacts, no other artifact type can be declared and report_versioning must be `OVERWRITE_REPORT`.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: `RESOURCES`, `SPLIT_COST_ALLOCATION_DATA`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the cur report.\n" }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: `GZIP`, `ZIP`, `Parquet`. If `Parquet` is used, then format must also be `Parquet`.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: `textORcsv`, `Parquet`. If `Parquet` is used, then Compression must also be `Parquet`.\n" }, "refreshClosedReports": { "type": "boolean", "description": "Set to true to update your reports after they have been finalized if AWS detects charges related to previous months.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n" }, "reportVersioning": { "type": "string", "description": "Overwrite the previous version of each report or to deliver the report in addition to the previous versions. Valid values are: `CREATE_NEW_REPORT` and `OVERWRITE_REPORT`.\n" }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: `DAILY`, `HOURLY`, `MONTHLY`.\n" } }, "required": [ "additionalSchemaElements", "arn", "compression", "format", "reportName", "s3Bucket", "s3Region", "tagsAll", "timeUnit" ], "inputProperties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: `REDSHIFT`, `QUICKSIGHT`, `ATHENA`. When ATHENA exists within additional_artifacts, no other artifact type can be declared and report_versioning must be `OVERWRITE_REPORT`.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: `RESOURCES`, `SPLIT_COST_ALLOCATION_DATA`.\n", "willReplaceOnChanges": true }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: `GZIP`, `ZIP`, `Parquet`. If `Parquet` is used, then format must also be `Parquet`.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: `textORcsv`, `Parquet`. If `Parquet` is used, then Compression must also be `Parquet`.\n" }, "refreshClosedReports": { "type": "boolean", "description": "Set to true to update your reports after they have been finalized if AWS detects charges related to previous months.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n", "willReplaceOnChanges": true }, "reportVersioning": { "type": "string", "description": "Overwrite the previous version of each report or to deliver the report in addition to the previous versions. Valid values are: `CREATE_NEW_REPORT` and `OVERWRITE_REPORT`.\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: `DAILY`, `HOURLY`, `MONTHLY`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "additionalSchemaElements", "compression", "format", "reportName", "s3Bucket", "s3Region", "timeUnit" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReportDefinition resources.\n", "properties": { "additionalArtifacts": { "type": "array", "items": { "type": "string" }, "description": "A list of additional artifacts. Valid values are: `REDSHIFT`, `QUICKSIGHT`, `ATHENA`. When ATHENA exists within additional_artifacts, no other artifact type can be declared and report_versioning must be `OVERWRITE_REPORT`.\n" }, "additionalSchemaElements": { "type": "array", "items": { "type": "string" }, "description": "A list of schema elements. Valid values are: `RESOURCES`, `SPLIT_COST_ALLOCATION_DATA`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the cur report.\n" }, "compression": { "type": "string", "description": "Compression format for report. Valid values are: `GZIP`, `ZIP`, `Parquet`. If `Parquet` is used, then format must also be `Parquet`.\n" }, "format": { "type": "string", "description": "Format for report. Valid values are: `textORcsv`, `Parquet`. If `Parquet` is used, then Compression must also be `Parquet`.\n" }, "refreshClosedReports": { "type": "boolean", "description": "Set to true to update your reports after they have been finalized if AWS detects charges related to previous months.\n" }, "reportName": { "type": "string", "description": "Unique name for the report. Must start with a number/letter and is case sensitive. Limited to 256 characters.\n", "willReplaceOnChanges": true }, "reportVersioning": { "type": "string", "description": "Overwrite the previous version of each report or to deliver the report in addition to the previous versions. Valid values are: `CREATE_NEW_REPORT` and `OVERWRITE_REPORT`.\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "Name of the existing S3 bucket to hold generated reports.\n" }, "s3Prefix": { "type": "string", "description": "Report path prefix. Limited to 256 characters.\n" }, "s3Region": { "type": "string", "description": "Region of the existing S3 bucket to hold generated reports.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeUnit": { "type": "string", "description": "The frequency on which report data are measured and displayed. Valid values are: `DAILY`, `HOURLY`, `MONTHLY`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:customerprofiles/domain:Domain": { "description": "Resource for managing an Amazon Customer Profiles Domain.\nSee the [Create Domain](https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateDomain.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.customerprofiles.Domain(\"example\", {domainName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.customerprofiles.Domain(\"example\", domain_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CustomerProfiles.Domain(\"example\", new()\n {\n DomainName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := customerprofiles.NewDomain(ctx, \"example\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:customerprofiles:Domain\n properties:\n domainName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SQS DLQ and KMS set\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {\n name: \"example\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"Customer Profiles SQS policy\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\"],\n Resource: \"*\",\n Principal: {\n Service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 10,\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"Customer Profiles S3 policy\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n Resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n Principal: {\n Service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst test = new aws.customerprofiles.Domain(\"test\", {\n domainName: example,\n deadLetterQueueUrl: example.id,\n defaultEncryptionKey: exampleKey.arn,\n defaultExpirationDays: 365,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\",\n name=\"example\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"Customer Profiles SQS policy\",\n \"Effect\": \"Allow\",\n \"Action\": [\"sqs:SendMessage\"],\n \"Resource\": \"*\",\n \"Principal\": {\n \"Service\": \"profile.amazonaws.com\",\n },\n }],\n }))\nexample_key = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=10)\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"Customer Profiles S3 policy\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n \"Resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n \"Principal\": {\n \"Service\": \"profile.amazonaws.com\",\n },\n }],\n }))\ntest = aws.customerprofiles.Domain(\"test\",\n domain_name=example,\n dead_letter_queue_url=example.id,\n default_encryption_key=example_key.arn,\n default_expiration_days=365)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\", new()\n {\n Name = \"example\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Customer Profiles SQS policy\",\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"Resource\"] = \"*\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 10,\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Customer Profiles S3 policy\",\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n },\n [\"Resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n })),\n });\n\n var test = new Aws.CustomerProfiles.Domain(\"test\", new()\n {\n DomainName = example,\n DeadLetterQueueUrl = example.Id,\n DefaultEncryptionKey = exampleKey.Arn,\n DefaultExpirationDays = 365,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Customer Profiles SQS policy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"profile.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := sqs.NewQueue(ctx, \"example\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Customer Profiles S3 policy\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Service\": \"profile.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = customerprofiles.NewDomain(ctx, \"test\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: example,\n\t\t\tDeadLetterQueueUrl: example.ID(),\n\t\t\tDefaultEncryptionKey: exampleKey.Arn,\n\t\t\tDefaultExpirationDays: pulumi.Int(365),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\", QueueArgs.builder()\n .name(\"example\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"Customer Profiles SQS policy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"profile.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(10)\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleBucketV2.id())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"Customer Profiles S3 policy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"s3:GetObject\", \n \"s3:PutObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"Resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n )),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"profile.amazonaws.com\")\n ))\n )))\n ));\n }))\n .build());\n\n var test = new Domain(\"test\", DomainArgs.builder()\n .domainName(example)\n .deadLetterQueueUrl(example.id())\n .defaultEncryptionKey(exampleKey.arn())\n .defaultExpirationDays(365)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n properties:\n name: example\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: Customer Profiles SQS policy\n Effect: Allow\n Action:\n - sqs:SendMessage\n Resource: '*'\n Principal:\n Service: profile.amazonaws.com\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: example\n deletionWindowInDays: 10\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: Customer Profiles S3 policy\n Effect: Allow\n Action:\n - s3:GetObject\n - s3:PutObject\n - s3:ListBucket\n Resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\n Principal:\n Service: profile.amazonaws.com\n test:\n type: aws:customerprofiles:Domain\n properties:\n domainName: ${example}\n deadLetterQueueUrl: ${example.id}\n defaultEncryptionKey: ${exampleKey.arn}\n defaultExpirationDays: 365\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Customer Profiles Domain using the resource `id`. For example:\n\n```sh\n$ pulumi import aws:customerprofiles/domain:Domain example e6f777be-22d0-4b40-b307-5d2720ef16b2\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Customer Profiles Domain.\n" }, "deadLetterQueueUrl": { "type": "string", "description": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications.\n" }, "defaultEncryptionKey": { "type": "string", "description": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.\n" }, "defaultExpirationDays": { "type": "integer", "description": "The default number of days until the data within the domain expires.\n\nThe following arguments are optional:\n" }, "domainName": { "type": "string", "description": "The name for your Customer Profile domain. It must be unique for your AWS account.\n" }, "matching": { "$ref": "#/types/aws:customerprofiles/DomainMatching:DomainMatching", "description": "A block that specifies the process of matching duplicate profiles. Documented below.\n" }, "ruleBasedMatching": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatching:DomainRuleBasedMatching", "description": "A block that specifies the process of matching duplicate profiles using the Rule-Based matching. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultExpirationDays", "domainName", "tagsAll" ], "inputProperties": { "deadLetterQueueUrl": { "type": "string", "description": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications.\n" }, "defaultEncryptionKey": { "type": "string", "description": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.\n" }, "defaultExpirationDays": { "type": "integer", "description": "The default number of days until the data within the domain expires.\n\nThe following arguments are optional:\n" }, "domainName": { "type": "string", "description": "The name for your Customer Profile domain. It must be unique for your AWS account.\n", "willReplaceOnChanges": true }, "matching": { "$ref": "#/types/aws:customerprofiles/DomainMatching:DomainMatching", "description": "A block that specifies the process of matching duplicate profiles. Documented below.\n" }, "ruleBasedMatching": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatching:DomainRuleBasedMatching", "description": "A block that specifies the process of matching duplicate profiles using the Rule-Based matching. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultExpirationDays", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Customer Profiles Domain.\n" }, "deadLetterQueueUrl": { "type": "string", "description": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications.\n" }, "defaultEncryptionKey": { "type": "string", "description": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.\n" }, "defaultExpirationDays": { "type": "integer", "description": "The default number of days until the data within the domain expires.\n\nThe following arguments are optional:\n" }, "domainName": { "type": "string", "description": "The name for your Customer Profile domain. It must be unique for your AWS account.\n", "willReplaceOnChanges": true }, "matching": { "$ref": "#/types/aws:customerprofiles/DomainMatching:DomainMatching", "description": "A block that specifies the process of matching duplicate profiles. Documented below.\n" }, "ruleBasedMatching": { "$ref": "#/types/aws:customerprofiles/DomainRuleBasedMatching:DomainRuleBasedMatching", "description": "A block that specifies the process of matching duplicate profiles using the Rule-Based matching. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:customerprofiles/profile:Profile": { "description": "Resource for managing an Amazon Customer Profiles Profile.\nSee the [Create Profile](https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateProfile.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.customerprofiles.Domain(\"example\", {domainName: \"example\"});\nconst exampleProfile = new aws.customerprofiles.Profile(\"example\", {domainName: example.domainName});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.customerprofiles.Domain(\"example\", domain_name=\"example\")\nexample_profile = aws.customerprofiles.Profile(\"example\", domain_name=example.domain_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CustomerProfiles.Domain(\"example\", new()\n {\n DomainName = \"example\",\n });\n\n var exampleProfile = new Aws.CustomerProfiles.Profile(\"example\", new()\n {\n DomainName = example.DomainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := customerprofiles.NewDomain(ctx, \"example\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = customerprofiles.NewProfile(ctx, \"example\", \u0026customerprofiles.ProfileArgs{\n\t\t\tDomainName: example.DomainName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport com.pulumi.aws.customerprofiles.Profile;\nimport com.pulumi.aws.customerprofiles.ProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .build());\n\n var exampleProfile = new Profile(\"exampleProfile\", ProfileArgs.builder()\n .domainName(example.domainName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:customerprofiles:Domain\n properties:\n domainName: example\n exampleProfile:\n type: aws:customerprofiles:Profile\n name: example\n properties:\n domainName: ${example.domainName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Customer Profiles Profile using the resource `id`. For example:\n\n```sh\n$ pulumi import aws:customerprofiles/profile:Profile example domain-name/5f2f473dfbe841eb8d05cfc2a4c926df\n```\n", "properties": { "accountNumber": { "type": "string", "description": "A unique account number that you have given to the customer.\n" }, "additionalInformation": { "type": "string", "description": "Any additional information relevant to the customer’s profile.\n" }, "address": { "$ref": "#/types/aws:customerprofiles/ProfileAddress:ProfileAddress", "description": "A block that specifies a generic address associated with the customer that is not mailing, shipping, or billing. Documented below.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key value pair of attributes of a customer profile.\n" }, "billingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileBillingAddress:ProfileBillingAddress", "description": "A block that specifies the customer’s billing address. Documented below.\n" }, "birthDate": { "type": "string", "description": "The customer’s birth date.\n" }, "businessEmailAddress": { "type": "string", "description": "The customer’s business email address.\n" }, "businessName": { "type": "string", "description": "The name of the customer’s business.\n" }, "businessPhoneNumber": { "type": "string", "description": "The customer’s business phone number.\n" }, "domainName": { "type": "string", "description": "The name of your Customer Profile domain. It must be unique for your AWS account.\n\nThe following arguments are optional:\n" }, "emailAddress": { "type": "string", "description": "The customer’s email address, which has not been specified as a personal or business address.\n" }, "firstName": { "type": "string", "description": "The customer’s first name.\n" }, "genderString": { "type": "string", "description": "The gender with which the customer identifies.\n" }, "homePhoneNumber": { "type": "string", "description": "The customer’s home phone number.\n" }, "lastName": { "type": "string", "description": "The customer’s last name.\n" }, "mailingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileMailingAddress:ProfileMailingAddress", "description": "A block that specifies the customer’s mailing address. Documented below.\n" }, "middleName": { "type": "string", "description": "The customer’s middle name.\n" }, "mobilePhoneNumber": { "type": "string", "description": "The customer’s mobile phone number.\n" }, "partyTypeString": { "type": "string", "description": "The type of profile used to describe the customer.\n" }, "personalEmailAddress": { "type": "string", "description": "The customer’s personal email address.\n" }, "phoneNumber": { "type": "string", "description": "The customer’s phone number, which has not been specified as a mobile, home, or business number.\n" }, "shippingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileShippingAddress:ProfileShippingAddress", "description": "A block that specifies the customer’s shipping address. Documented below.\n" } }, "required": [ "domainName" ], "inputProperties": { "accountNumber": { "type": "string", "description": "A unique account number that you have given to the customer.\n" }, "additionalInformation": { "type": "string", "description": "Any additional information relevant to the customer’s profile.\n" }, "address": { "$ref": "#/types/aws:customerprofiles/ProfileAddress:ProfileAddress", "description": "A block that specifies a generic address associated with the customer that is not mailing, shipping, or billing. Documented below.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key value pair of attributes of a customer profile.\n" }, "billingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileBillingAddress:ProfileBillingAddress", "description": "A block that specifies the customer’s billing address. Documented below.\n" }, "birthDate": { "type": "string", "description": "The customer’s birth date.\n" }, "businessEmailAddress": { "type": "string", "description": "The customer’s business email address.\n" }, "businessName": { "type": "string", "description": "The name of the customer’s business.\n" }, "businessPhoneNumber": { "type": "string", "description": "The customer’s business phone number.\n" }, "domainName": { "type": "string", "description": "The name of your Customer Profile domain. It must be unique for your AWS account.\n\nThe following arguments are optional:\n" }, "emailAddress": { "type": "string", "description": "The customer’s email address, which has not been specified as a personal or business address.\n" }, "firstName": { "type": "string", "description": "The customer’s first name.\n" }, "genderString": { "type": "string", "description": "The gender with which the customer identifies.\n" }, "homePhoneNumber": { "type": "string", "description": "The customer’s home phone number.\n" }, "lastName": { "type": "string", "description": "The customer’s last name.\n" }, "mailingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileMailingAddress:ProfileMailingAddress", "description": "A block that specifies the customer’s mailing address. Documented below.\n" }, "middleName": { "type": "string", "description": "The customer’s middle name.\n" }, "mobilePhoneNumber": { "type": "string", "description": "The customer’s mobile phone number.\n" }, "partyTypeString": { "type": "string", "description": "The type of profile used to describe the customer.\n" }, "personalEmailAddress": { "type": "string", "description": "The customer’s personal email address.\n" }, "phoneNumber": { "type": "string", "description": "The customer’s phone number, which has not been specified as a mobile, home, or business number.\n" }, "shippingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileShippingAddress:ProfileShippingAddress", "description": "A block that specifies the customer’s shipping address. Documented below.\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Profile resources.\n", "properties": { "accountNumber": { "type": "string", "description": "A unique account number that you have given to the customer.\n" }, "additionalInformation": { "type": "string", "description": "Any additional information relevant to the customer’s profile.\n" }, "address": { "$ref": "#/types/aws:customerprofiles/ProfileAddress:ProfileAddress", "description": "A block that specifies a generic address associated with the customer that is not mailing, shipping, or billing. Documented below.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key value pair of attributes of a customer profile.\n" }, "billingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileBillingAddress:ProfileBillingAddress", "description": "A block that specifies the customer’s billing address. Documented below.\n" }, "birthDate": { "type": "string", "description": "The customer’s birth date.\n" }, "businessEmailAddress": { "type": "string", "description": "The customer’s business email address.\n" }, "businessName": { "type": "string", "description": "The name of the customer’s business.\n" }, "businessPhoneNumber": { "type": "string", "description": "The customer’s business phone number.\n" }, "domainName": { "type": "string", "description": "The name of your Customer Profile domain. It must be unique for your AWS account.\n\nThe following arguments are optional:\n" }, "emailAddress": { "type": "string", "description": "The customer’s email address, which has not been specified as a personal or business address.\n" }, "firstName": { "type": "string", "description": "The customer’s first name.\n" }, "genderString": { "type": "string", "description": "The gender with which the customer identifies.\n" }, "homePhoneNumber": { "type": "string", "description": "The customer’s home phone number.\n" }, "lastName": { "type": "string", "description": "The customer’s last name.\n" }, "mailingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileMailingAddress:ProfileMailingAddress", "description": "A block that specifies the customer’s mailing address. Documented below.\n" }, "middleName": { "type": "string", "description": "The customer’s middle name.\n" }, "mobilePhoneNumber": { "type": "string", "description": "The customer’s mobile phone number.\n" }, "partyTypeString": { "type": "string", "description": "The type of profile used to describe the customer.\n" }, "personalEmailAddress": { "type": "string", "description": "The customer’s personal email address.\n" }, "phoneNumber": { "type": "string", "description": "The customer’s phone number, which has not been specified as a mobile, home, or business number.\n" }, "shippingAddress": { "$ref": "#/types/aws:customerprofiles/ProfileShippingAddress:ProfileShippingAddress", "description": "A block that specifies the customer’s shipping address. Documented below.\n" } }, "type": "object" } }, "aws:dataexchange/dataSet:DataSet": { "description": "Provides a resource to manage AWS Data Exchange DataSets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dataexchange.DataSet(\"example\", {\n assetType: \"S3_SNAPSHOT\",\n description: \"example\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dataexchange.DataSet(\"example\",\n asset_type=\"S3_SNAPSHOT\",\n description=\"example\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataExchange.DataSet(\"example\", new()\n {\n AssetType = \"S3_SNAPSHOT\",\n Description = \"example\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dataexchange\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataexchange.NewDataSet(ctx, \"example\", \u0026dataexchange.DataSetArgs{\n\t\t\tAssetType: pulumi.String(\"S3_SNAPSHOT\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dataexchange.DataSet;\nimport com.pulumi.aws.dataexchange.DataSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .assetType(\"S3_SNAPSHOT\")\n .description(\"example\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dataexchange:DataSet\n properties:\n assetType: S3_SNAPSHOT\n description: example\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DataExchange DataSets using their ARN. For example:\n\n```sh\n$ pulumi import aws:dataexchange/dataSet:DataSet example arn:aws:dataexchange:us-west-2:123456789012:data-sets/4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this data set.\n" }, "assetType": { "type": "string", "description": "The type of asset that is added to a data set. Valid values are: `S3_SNAPSHOT`, `REDSHIFT_DATA_SHARE`, and `API_GATEWAY_API`.\n" }, "description": { "type": "string", "description": "A description for the data set.\n" }, "name": { "type": "string", "description": "The name of the data set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "assetType", "description", "name", "tagsAll" ], "inputProperties": { "assetType": { "type": "string", "description": "The type of asset that is added to a data set. Valid values are: `S3_SNAPSHOT`, `REDSHIFT_DATA_SHARE`, and `API_GATEWAY_API`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the data set.\n" }, "name": { "type": "string", "description": "The name of the data set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "assetType", "description" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this data set.\n" }, "assetType": { "type": "string", "description": "The type of asset that is added to a data set. Valid values are: `S3_SNAPSHOT`, `REDSHIFT_DATA_SHARE`, and `API_GATEWAY_API`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the data set.\n" }, "name": { "type": "string", "description": "The name of the data set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dataexchange/revision:Revision": { "description": "Provides a resource to manage AWS Data Exchange Revisions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dataexchange.Revision(\"example\", {dataSetId: exampleAwsDataexchangeDataSet.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dataexchange.Revision(\"example\", data_set_id=example_aws_dataexchange_data_set[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataExchange.Revision(\"example\", new()\n {\n DataSetId = exampleAwsDataexchangeDataSet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dataexchange\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataexchange.NewRevision(ctx, \"example\", \u0026dataexchange.RevisionArgs{\n\t\t\tDataSetId: pulumi.Any(exampleAwsDataexchangeDataSet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dataexchange.Revision;\nimport com.pulumi.aws.dataexchange.RevisionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Revision(\"example\", RevisionArgs.builder()\n .dataSetId(exampleAwsDataexchangeDataSet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dataexchange:Revision\n properties:\n dataSetId: ${exampleAwsDataexchangeDataSet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DataExchange Revisions using their `data-set-id:revision-id`. For example:\n\n```sh\n$ pulumi import aws:dataexchange/revision:Revision example 4fa784c7-ccb4-4dbf-ba4f-02198320daa1:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this data set.\n" }, "comment": { "type": "string", "description": "An optional comment about the revision.\n" }, "dataSetId": { "type": "string", "description": "The dataset id.\n" }, "revisionId": { "type": "string", "description": "The Id of the revision.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "dataSetId", "revisionId", "tagsAll" ], "inputProperties": { "comment": { "type": "string", "description": "An optional comment about the revision.\n" }, "dataSetId": { "type": "string", "description": "The dataset id.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dataSetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Revision resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this data set.\n" }, "comment": { "type": "string", "description": "An optional comment about the revision.\n" }, "dataSetId": { "type": "string", "description": "The dataset id.\n", "willReplaceOnChanges": true }, "revisionId": { "type": "string", "description": "The Id of the revision.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:datapipeline/pipeline:Pipeline": { "description": "Provides a DataPipeline Pipeline resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.datapipeline.Pipeline(\"default\", {name: \"tf-pipeline-default\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.datapipeline.Pipeline(\"default\", name=\"tf-pipeline-default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.DataPipeline.Pipeline(\"default\", new()\n {\n Name = \"tf-pipeline-default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datapipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datapipeline.NewPipeline(ctx, \"default\", \u0026datapipeline.PipelineArgs{\n\t\t\tName: pulumi.String(\"tf-pipeline-default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datapipeline.Pipeline;\nimport com.pulumi.aws.datapipeline.PipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Pipeline(\"default\", PipelineArgs.builder()\n .name(\"tf-pipeline-default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:datapipeline:Pipeline\n properties:\n name: tf-pipeline-default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datapipeline_pipeline` using the id (Pipeline ID). For example:\n\n```sh\n$ pulumi import aws:datapipeline/pipeline:Pipeline default df-1234567890\n```\n", "properties": { "description": { "type": "string", "description": "The description of Pipeline.\n" }, "name": { "type": "string", "description": "The name of Pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of Pipeline.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of Pipeline.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "description": { "type": "string", "description": "The description of Pipeline.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of Pipeline.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:datapipeline/pipelineDefinition:PipelineDefinition": { "description": "Provides a DataPipeline Pipeline Definition resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.datapipeline.Pipeline(\"default\", {name: \"tf-pipeline-default\"});\nconst example = new aws.datapipeline.PipelineDefinition(\"example\", {\n pipelineId: _default.id,\n pipelineObjects: [\n {\n id: \"Default\",\n name: \"Default\",\n fields: [{\n key: \"workerGroup\",\n stringValue: \"workerGroup\",\n }],\n },\n {\n id: \"Schedule\",\n name: \"Schedule\",\n fields: [\n {\n key: \"startDateTime\",\n stringValue: \"2012-12-12T00:00:00\",\n },\n {\n key: \"type\",\n stringValue: \"Schedule\",\n },\n {\n key: \"period\",\n stringValue: \"1 hour\",\n },\n {\n key: \"endDateTime\",\n stringValue: \"2012-12-21T18:00:00\",\n },\n ],\n },\n {\n id: \"SayHello\",\n name: \"SayHello\",\n fields: [\n {\n key: \"type\",\n stringValue: \"ShellCommandActivity\",\n },\n {\n key: \"command\",\n stringValue: \"echo hello\",\n },\n {\n key: \"parent\",\n stringValue: \"Default\",\n },\n {\n key: \"schedule\",\n stringValue: \"Schedule\",\n },\n ],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.datapipeline.Pipeline(\"default\", name=\"tf-pipeline-default\")\nexample = aws.datapipeline.PipelineDefinition(\"example\",\n pipeline_id=default.id,\n pipeline_objects=[\n {\n \"id\": \"Default\",\n \"name\": \"Default\",\n \"fields\": [{\n \"key\": \"workerGroup\",\n \"string_value\": \"workerGroup\",\n }],\n },\n {\n \"id\": \"Schedule\",\n \"name\": \"Schedule\",\n \"fields\": [\n {\n \"key\": \"startDateTime\",\n \"string_value\": \"2012-12-12T00:00:00\",\n },\n {\n \"key\": \"type\",\n \"string_value\": \"Schedule\",\n },\n {\n \"key\": \"period\",\n \"string_value\": \"1 hour\",\n },\n {\n \"key\": \"endDateTime\",\n \"string_value\": \"2012-12-21T18:00:00\",\n },\n ],\n },\n {\n \"id\": \"SayHello\",\n \"name\": \"SayHello\",\n \"fields\": [\n {\n \"key\": \"type\",\n \"string_value\": \"ShellCommandActivity\",\n },\n {\n \"key\": \"command\",\n \"string_value\": \"echo hello\",\n },\n {\n \"key\": \"parent\",\n \"string_value\": \"Default\",\n },\n {\n \"key\": \"schedule\",\n \"string_value\": \"Schedule\",\n },\n ],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.DataPipeline.Pipeline(\"default\", new()\n {\n Name = \"tf-pipeline-default\",\n });\n\n var example = new Aws.DataPipeline.PipelineDefinition(\"example\", new()\n {\n PipelineId = @default.Id,\n PipelineObjects = new[]\n {\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectArgs\n {\n Id = \"Default\",\n Name = \"Default\",\n Fields = new[]\n {\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"workerGroup\",\n StringValue = \"workerGroup\",\n },\n },\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectArgs\n {\n Id = \"Schedule\",\n Name = \"Schedule\",\n Fields = new[]\n {\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"startDateTime\",\n StringValue = \"2012-12-12T00:00:00\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"type\",\n StringValue = \"Schedule\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"period\",\n StringValue = \"1 hour\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"endDateTime\",\n StringValue = \"2012-12-21T18:00:00\",\n },\n },\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectArgs\n {\n Id = \"SayHello\",\n Name = \"SayHello\",\n Fields = new[]\n {\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"type\",\n StringValue = \"ShellCommandActivity\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"command\",\n StringValue = \"echo hello\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"parent\",\n StringValue = \"Default\",\n },\n new Aws.DataPipeline.Inputs.PipelineDefinitionPipelineObjectFieldArgs\n {\n Key = \"schedule\",\n StringValue = \"Schedule\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datapipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datapipeline.NewPipeline(ctx, \"default\", \u0026datapipeline.PipelineArgs{\n\t\t\tName: pulumi.String(\"tf-pipeline-default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = datapipeline.NewPipelineDefinition(ctx, \"example\", \u0026datapipeline.PipelineDefinitionArgs{\n\t\t\tPipelineId: _default.ID(),\n\t\t\tPipelineObjects: datapipeline.PipelineDefinitionPipelineObjectArray{\n\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectArgs{\n\t\t\t\t\tId: pulumi.String(\"Default\"),\n\t\t\t\t\tName: pulumi.String(\"Default\"),\n\t\t\t\t\tFields: datapipeline.PipelineDefinitionPipelineObjectFieldArray{\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"workerGroup\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"workerGroup\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectArgs{\n\t\t\t\t\tId: pulumi.String(\"Schedule\"),\n\t\t\t\t\tName: pulumi.String(\"Schedule\"),\n\t\t\t\t\tFields: datapipeline.PipelineDefinitionPipelineObjectFieldArray{\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"startDateTime\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"2012-12-12T00:00:00\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"type\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"Schedule\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"period\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"1 hour\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"endDateTime\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"2012-12-21T18:00:00\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectArgs{\n\t\t\t\t\tId: pulumi.String(\"SayHello\"),\n\t\t\t\t\tName: pulumi.String(\"SayHello\"),\n\t\t\t\t\tFields: datapipeline.PipelineDefinitionPipelineObjectFieldArray{\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"type\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"ShellCommandActivity\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"command\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"echo hello\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"parent\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"Default\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026datapipeline.PipelineDefinitionPipelineObjectFieldArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"schedule\"),\n\t\t\t\t\t\t\tStringValue: pulumi.String(\"Schedule\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datapipeline.Pipeline;\nimport com.pulumi.aws.datapipeline.PipelineArgs;\nimport com.pulumi.aws.datapipeline.PipelineDefinition;\nimport com.pulumi.aws.datapipeline.PipelineDefinitionArgs;\nimport com.pulumi.aws.datapipeline.inputs.PipelineDefinitionPipelineObjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Pipeline(\"default\", PipelineArgs.builder()\n .name(\"tf-pipeline-default\")\n .build());\n\n var example = new PipelineDefinition(\"example\", PipelineDefinitionArgs.builder()\n .pipelineId(default_.id())\n .pipelineObjects( \n PipelineDefinitionPipelineObjectArgs.builder()\n .id(\"Default\")\n .name(\"Default\")\n .fields(PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"workerGroup\")\n .stringValue(\"workerGroup\")\n .build())\n .build(),\n PipelineDefinitionPipelineObjectArgs.builder()\n .id(\"Schedule\")\n .name(\"Schedule\")\n .fields( \n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"startDateTime\")\n .stringValue(\"2012-12-12T00:00:00\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"type\")\n .stringValue(\"Schedule\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"period\")\n .stringValue(\"1 hour\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"endDateTime\")\n .stringValue(\"2012-12-21T18:00:00\")\n .build())\n .build(),\n PipelineDefinitionPipelineObjectArgs.builder()\n .id(\"SayHello\")\n .name(\"SayHello\")\n .fields( \n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"type\")\n .stringValue(\"ShellCommandActivity\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"command\")\n .stringValue(\"echo hello\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"parent\")\n .stringValue(\"Default\")\n .build(),\n PipelineDefinitionPipelineObjectFieldArgs.builder()\n .key(\"schedule\")\n .stringValue(\"Schedule\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:datapipeline:Pipeline\n properties:\n name: tf-pipeline-default\n example:\n type: aws:datapipeline:PipelineDefinition\n properties:\n pipelineId: ${default.id}\n pipelineObjects:\n - id: Default\n name: Default\n fields:\n - key: workerGroup\n stringValue: workerGroup\n - id: Schedule\n name: Schedule\n fields:\n - key: startDateTime\n stringValue: 2012-12-12T00:00:00\n - key: type\n stringValue: Schedule\n - key: period\n stringValue: 1 hour\n - key: endDateTime\n stringValue: 2012-12-21T18:00:00\n - id: SayHello\n name: SayHello\n fields:\n - key: type\n stringValue: ShellCommandActivity\n - key: command\n stringValue: echo hello\n - key: parent\n stringValue: Default\n - key: schedule\n stringValue: Schedule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datapipeline_pipeline_definition` using the id. For example:\n\n```sh\n$ pulumi import aws:datapipeline/pipelineDefinition:PipelineDefinition example df-1234567890\n```\n", "properties": { "parameterObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterObject:PipelineDefinitionParameterObject" }, "description": "Configuration block for the parameter objects used in the pipeline definition. See below\n" }, "parameterValues": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterValue:PipelineDefinitionParameterValue" }, "description": "Configuration block for the parameter values used in the pipeline definition. See below\n" }, "pipelineId": { "type": "string", "description": "ID of the pipeline.\n" }, "pipelineObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionPipelineObject:PipelineDefinitionPipelineObject" }, "description": "Configuration block for the objects that define the pipeline. See below\n\nThe following arguments are optional:\n" } }, "required": [ "pipelineId", "pipelineObjects" ], "inputProperties": { "parameterObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterObject:PipelineDefinitionParameterObject" }, "description": "Configuration block for the parameter objects used in the pipeline definition. See below\n" }, "parameterValues": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterValue:PipelineDefinitionParameterValue" }, "description": "Configuration block for the parameter values used in the pipeline definition. See below\n" }, "pipelineId": { "type": "string", "description": "ID of the pipeline.\n", "willReplaceOnChanges": true }, "pipelineObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionPipelineObject:PipelineDefinitionPipelineObject" }, "description": "Configuration block for the objects that define the pipeline. See below\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "pipelineId", "pipelineObjects" ], "stateInputs": { "description": "Input properties used for looking up and filtering PipelineDefinition resources.\n", "properties": { "parameterObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterObject:PipelineDefinitionParameterObject" }, "description": "Configuration block for the parameter objects used in the pipeline definition. See below\n" }, "parameterValues": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionParameterValue:PipelineDefinitionParameterValue" }, "description": "Configuration block for the parameter values used in the pipeline definition. See below\n" }, "pipelineId": { "type": "string", "description": "ID of the pipeline.\n", "willReplaceOnChanges": true }, "pipelineObjects": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/PipelineDefinitionPipelineObject:PipelineDefinitionPipelineObject" }, "description": "Configuration block for the objects that define the pipeline. See below\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:datasync/agent:Agent": { "description": "Manages an AWS DataSync Agent deployed on premises.\n\n\u003e **NOTE:** One of `activation_key` or `ip_address` must be provided for resource creation (agent activation). Neither is required for resource import. If using `ip_address`, this provider must be able to make an HTTP (port 80) GET request to the specified IP address from where it is running. The agent will turn off that HTTP server after activation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Agent(\"example\", {\n ipAddress: \"1.2.3.4\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Agent(\"example\",\n ip_address=\"1.2.3.4\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.Agent(\"example\", new()\n {\n IpAddress = \"1.2.3.4\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewAgent(ctx, \"example\", \u0026datasync.AgentArgs{\n\t\t\tIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.Agent;\nimport com.pulumi.aws.datasync.AgentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Agent(\"example\", AgentArgs.builder()\n .ipAddress(\"1.2.3.4\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:Agent\n properties:\n ipAddress: 1.2.3.4\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With VPC Endpoints\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcEndpoint = new aws.ec2.VpcEndpoint(\"example\", {\n serviceName: current.then(current =\u003e `com.amazonaws.${current.name}.datasync`),\n vpcId: exampleAwsVpc.id,\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: [exampleAwsSubnet.id],\n vpcEndpointType: \"Interface\",\n});\nconst example = aws.ec2.getNetworkInterfaceOutput({\n id: exampleVpcEndpoint.networkInterfaceIds[0],\n});\nconst exampleAgent = new aws.datasync.Agent(\"example\", {\n ipAddress: \"1.2.3.4\",\n securityGroupArns: [exampleAwsSecurityGroup.arn],\n subnetArns: [exampleAwsSubnet.arn],\n vpcEndpointId: exampleVpcEndpoint.id,\n privateLinkEndpoint: example.apply(example =\u003e example.privateIp),\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_endpoint = aws.ec2.VpcEndpoint(\"example\",\n service_name=f\"com.amazonaws.{current.name}.datasync\",\n vpc_id=example_aws_vpc[\"id\"],\n security_group_ids=[example_aws_security_group[\"id\"]],\n subnet_ids=[example_aws_subnet[\"id\"]],\n vpc_endpoint_type=\"Interface\")\nexample = aws.ec2.get_network_interface_output(id=example_vpc_endpoint.network_interface_ids[0])\nexample_agent = aws.datasync.Agent(\"example\",\n ip_address=\"1.2.3.4\",\n security_group_arns=[example_aws_security_group[\"arn\"]],\n subnet_arns=[example_aws_subnet[\"arn\"]],\n vpc_endpoint_id=example_vpc_endpoint.id,\n private_link_endpoint=example.private_ip,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"example\", new()\n {\n ServiceName = $\"com.amazonaws.{current.Apply(getRegionResult =\u003e getRegionResult.Name)}.datasync\",\n VpcId = exampleAwsVpc.Id,\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n VpcEndpointType = \"Interface\",\n });\n\n var example = Aws.Ec2.GetNetworkInterface.Invoke(new()\n {\n Id = exampleVpcEndpoint.NetworkInterfaceIds[0],\n });\n\n var exampleAgent = new Aws.DataSync.Agent(\"example\", new()\n {\n IpAddress = \"1.2.3.4\",\n SecurityGroupArns = new[]\n {\n exampleAwsSecurityGroup.Arn,\n },\n SubnetArns = new[]\n {\n exampleAwsSubnet.Arn,\n },\n VpcEndpointId = exampleVpcEndpoint.Id,\n PrivateLinkEndpoint = example.Apply(getNetworkInterfaceResult =\u003e getNetworkInterfaceResult.PrivateIp),\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcEndpoint, err := ec2.NewVpcEndpoint(ctx, \"example\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(fmt.Sprintf(\"com.amazonaws.%v.datasync\", current.Name)),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tVpcEndpointType: pulumi.String(\"Interface\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := ec2.LookupNetworkInterfaceOutput(ctx, ec2.GetNetworkInterfaceOutputArgs{\n\t\t\tId: exampleVpcEndpoint.NetworkInterfaceIds.ApplyT(func(networkInterfaceIds []string) (string, error) {\n\t\t\t\treturn networkInterfaceIds[0], nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, nil)\n\t\t_, err = datasync.NewAgent(ctx, \"example\", \u0026datasync.AgentArgs{\n\t\t\tIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Arn,\n\t\t\t},\n\t\t\tSubnetArns: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Arn,\n\t\t\t},\n\t\t\tVpcEndpointId: exampleVpcEndpoint.ID(),\n\t\t\tPrivateLinkEndpoint: pulumi.String(example.ApplyT(func(example ec2.GetNetworkInterfaceResult) (*string, error) {\n\t\t\t\treturn \u0026example.PrivateIp, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfaceArgs;\nimport com.pulumi.aws.datasync.Agent;\nimport com.pulumi.aws.datasync.AgentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcEndpoint = new VpcEndpoint(\"exampleVpcEndpoint\", VpcEndpointArgs.builder()\n .serviceName(String.format(\"com.amazonaws.%s.datasync\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .vpcId(exampleAwsVpc.id())\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(exampleAwsSubnet.id())\n .vpcEndpointType(\"Interface\")\n .build());\n\n final var example = Ec2Functions.getNetworkInterface(GetNetworkInterfaceArgs.builder()\n .id(exampleVpcEndpoint.networkInterfaceIds().applyValue(networkInterfaceIds -\u003e networkInterfaceIds[0]))\n .build());\n\n var exampleAgent = new Agent(\"exampleAgent\", AgentArgs.builder()\n .ipAddress(\"1.2.3.4\")\n .securityGroupArns(exampleAwsSecurityGroup.arn())\n .subnetArns(exampleAwsSubnet.arn())\n .vpcEndpointId(exampleVpcEndpoint.id())\n .privateLinkEndpoint(example.applyValue(getNetworkInterfaceResult -\u003e getNetworkInterfaceResult).applyValue(example -\u003e example.applyValue(getNetworkInterfaceResult -\u003e getNetworkInterfaceResult.privateIp())))\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAgent:\n type: aws:datasync:Agent\n name: example\n properties:\n ipAddress: 1.2.3.4\n securityGroupArns:\n - ${exampleAwsSecurityGroup.arn}\n subnetArns:\n - ${exampleAwsSubnet.arn}\n vpcEndpointId: ${exampleVpcEndpoint.id}\n privateLinkEndpoint: ${example.privateIp}\n name: example\n exampleVpcEndpoint:\n type: aws:ec2:VpcEndpoint\n name: example\n properties:\n serviceName: com.amazonaws.${current.name}.datasync\n vpcId: ${exampleAwsVpc.id}\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n vpcEndpointType: Interface\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInterface\n Arguments:\n id: ${exampleVpcEndpoint.networkInterfaceIds[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_agent` using the DataSync Agent Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/agent:Agent example arn:aws:datasync:us-east-1:123456789012:agent/agent-12345678901234567\n```\n", "properties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Agent.\n" }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n" }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "privateLinkEndpoint": { "type": "string", "description": "The IP address of the VPC endpoint the agent should connect to when retrieving an activation key during resource creation. Conflicts with `activation_key`.\n" }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the security groups used to protect your data transfer task subnets.\n" }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the subnets in which DataSync will create elastic network interfaces for each data transfer task.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC (virtual private cloud) endpoint that the agent has access to.\n" } }, "required": [ "activationKey", "arn", "ipAddress", "name", "privateLinkEndpoint", "tagsAll" ], "inputProperties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "privateLinkEndpoint": { "type": "string", "description": "The IP address of the VPC endpoint the agent should connect to when retrieving an activation key during resource creation. Conflicts with `activation_key`.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the security groups used to protect your data transfer task subnets.\n", "willReplaceOnChanges": true }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the subnets in which DataSync will create elastic network interfaces for each data transfer task.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC (virtual private cloud) endpoint that the agent has access to.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Agent resources.\n", "properties": { "activationKey": { "type": "string", "description": "DataSync Agent activation key during resource creation. Conflicts with `ip_address`. If an `ip_address` is provided instead, the provider will retrieve the `activation_key` as part of the resource creation.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Agent.\n" }, "ipAddress": { "type": "string", "description": "DataSync Agent IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. DataSync Agent must be accessible on port 80 from where the provider is running.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the DataSync Agent.\n" }, "privateLinkEndpoint": { "type": "string", "description": "The IP address of the VPC endpoint the agent should connect to when retrieving an activation key during resource creation. Conflicts with `activation_key`.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the security groups used to protect your data transfer task subnets.\n", "willReplaceOnChanges": true }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the subnets in which DataSync will create elastic network interfaces for each data transfer task.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Agent. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC (virtual private cloud) endpoint that the agent has access to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:datasync/efsLocation:EfsLocation": { "description": "Manages an AWS DataSync EFS Location.\n\n\u003e **NOTE:** The EFS File System must have a mounted EFS Mount Target before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.EfsLocation(\"example\", {\n efsFileSystemArn: exampleAwsEfsMountTarget.fileSystemArn,\n ec2Config: {\n securityGroupArns: [exampleAwsSecurityGroup.arn],\n subnetArn: exampleAwsSubnet.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.EfsLocation(\"example\",\n efs_file_system_arn=example_aws_efs_mount_target[\"fileSystemArn\"],\n ec2_config={\n \"security_group_arns\": [example_aws_security_group[\"arn\"]],\n \"subnet_arn\": example_aws_subnet[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.EfsLocation(\"example\", new()\n {\n EfsFileSystemArn = exampleAwsEfsMountTarget.FileSystemArn,\n Ec2Config = new Aws.DataSync.Inputs.EfsLocationEc2ConfigArgs\n {\n SecurityGroupArns = new[]\n {\n exampleAwsSecurityGroup.Arn,\n },\n SubnetArn = exampleAwsSubnet.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewEfsLocation(ctx, \"example\", \u0026datasync.EfsLocationArgs{\n\t\t\tEfsFileSystemArn: pulumi.Any(exampleAwsEfsMountTarget.FileSystemArn),\n\t\t\tEc2Config: \u0026datasync.EfsLocationEc2ConfigArgs{\n\t\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\t\texampleAwsSecurityGroup.Arn,\n\t\t\t\t},\n\t\t\t\tSubnetArn: pulumi.Any(exampleAwsSubnet.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.EfsLocation;\nimport com.pulumi.aws.datasync.EfsLocationArgs;\nimport com.pulumi.aws.datasync.inputs.EfsLocationEc2ConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EfsLocation(\"example\", EfsLocationArgs.builder()\n .efsFileSystemArn(exampleAwsEfsMountTarget.fileSystemArn())\n .ec2Config(EfsLocationEc2ConfigArgs.builder()\n .securityGroupArns(exampleAwsSecurityGroup.arn())\n .subnetArn(exampleAwsSubnet.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:EfsLocation\n properties:\n efsFileSystemArn: ${exampleAwsEfsMountTarget.fileSystemArn}\n ec2Config:\n securityGroupArns:\n - ${exampleAwsSecurityGroup.arn}\n subnetArn: ${exampleAwsSubnet.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_efs` using the DataSync Task Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/efsLocation:EfsLocation example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "accessPointArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to access the Amazon EFS file system.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n" }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n" }, "fileSystemAccessRoleArn": { "type": "string", "description": "Specifies an Identity and Access Management (IAM) role that DataSync assumes when mounting the Amazon EFS file system.\n" }, "inTransitEncryption": { "type": "string", "description": "Specifies whether you want DataSync to use TLS encryption when transferring data to or from your Amazon EFS file system. Valid values are `NONE` and `TLS1_2`.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "required": [ "arn", "ec2Config", "efsFileSystemArn", "tagsAll", "uri" ], "inputProperties": { "accessPointArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to access the Amazon EFS file system.\n", "willReplaceOnChanges": true }, "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n", "willReplaceOnChanges": true }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n", "willReplaceOnChanges": true }, "fileSystemAccessRoleArn": { "type": "string", "description": "Specifies an Identity and Access Management (IAM) role that DataSync assumes when mounting the Amazon EFS file system.\n", "willReplaceOnChanges": true }, "inTransitEncryption": { "type": "string", "description": "Specifies whether you want DataSync to use TLS encryption when transferring data to or from your Amazon EFS file system. Valid values are `NONE` and `TLS1_2`.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "ec2Config", "efsFileSystemArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EfsLocation resources.\n", "properties": { "accessPointArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to access the Amazon EFS file system.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "ec2Config": { "$ref": "#/types/aws:datasync/EfsLocationEc2Config:EfsLocationEc2Config", "description": "Configuration block containing EC2 configurations for connecting to the EFS File System.\n", "willReplaceOnChanges": true }, "efsFileSystemArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of EFS File System.\n", "willReplaceOnChanges": true }, "fileSystemAccessRoleArn": { "type": "string", "description": "Specifies an Identity and Access Management (IAM) role that DataSync assumes when mounting the Amazon EFS file system.\n", "willReplaceOnChanges": true }, "inTransitEncryption": { "type": "string", "description": "Specifies whether you want DataSync to use TLS encryption when transferring data to or from your Amazon EFS file system. Valid values are `NONE` and `TLS1_2`.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Default `/`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/fsxOpenZfsFileSystem:FsxOpenZfsFileSystem": { "description": "Manages an AWS DataSync FSx OpenZfs Location.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.FsxOpenZfsFileSystem(\"example\", {\n fsxFilesystemArn: exampleAwsFsxOpenzfsFileSystem.arn,\n securityGroupArns: [exampleAwsSecurityGroup.arn],\n protocol: {\n nfs: {\n mountOptions: {\n version: \"AUTOMATIC\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.FsxOpenZfsFileSystem(\"example\",\n fsx_filesystem_arn=example_aws_fsx_openzfs_file_system[\"arn\"],\n security_group_arns=[example_aws_security_group[\"arn\"]],\n protocol={\n \"nfs\": {\n \"mount_options\": {\n \"version\": \"AUTOMATIC\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.FsxOpenZfsFileSystem(\"example\", new()\n {\n FsxFilesystemArn = exampleAwsFsxOpenzfsFileSystem.Arn,\n SecurityGroupArns = new[]\n {\n exampleAwsSecurityGroup.Arn,\n },\n Protocol = new Aws.DataSync.Inputs.FsxOpenZfsFileSystemProtocolArgs\n {\n Nfs = new Aws.DataSync.Inputs.FsxOpenZfsFileSystemProtocolNfsArgs\n {\n MountOptions = new Aws.DataSync.Inputs.FsxOpenZfsFileSystemProtocolNfsMountOptionsArgs\n {\n Version = \"AUTOMATIC\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewFsxOpenZfsFileSystem(ctx, \"example\", \u0026datasync.FsxOpenZfsFileSystemArgs{\n\t\t\tFsxFilesystemArn: pulumi.Any(exampleAwsFsxOpenzfsFileSystem.Arn),\n\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Arn,\n\t\t\t},\n\t\t\tProtocol: \u0026datasync.FsxOpenZfsFileSystemProtocolArgs{\n\t\t\t\tNfs: \u0026datasync.FsxOpenZfsFileSystemProtocolNfsArgs{\n\t\t\t\t\tMountOptions: \u0026datasync.FsxOpenZfsFileSystemProtocolNfsMountOptionsArgs{\n\t\t\t\t\t\tVersion: pulumi.String(\"AUTOMATIC\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.FsxOpenZfsFileSystem;\nimport com.pulumi.aws.datasync.FsxOpenZfsFileSystemArgs;\nimport com.pulumi.aws.datasync.inputs.FsxOpenZfsFileSystemProtocolArgs;\nimport com.pulumi.aws.datasync.inputs.FsxOpenZfsFileSystemProtocolNfsArgs;\nimport com.pulumi.aws.datasync.inputs.FsxOpenZfsFileSystemProtocolNfsMountOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FsxOpenZfsFileSystem(\"example\", FsxOpenZfsFileSystemArgs.builder()\n .fsxFilesystemArn(exampleAwsFsxOpenzfsFileSystem.arn())\n .securityGroupArns(exampleAwsSecurityGroup.arn())\n .protocol(FsxOpenZfsFileSystemProtocolArgs.builder()\n .nfs(FsxOpenZfsFileSystemProtocolNfsArgs.builder()\n .mountOptions(FsxOpenZfsFileSystemProtocolNfsMountOptionsArgs.builder()\n .version(\"AUTOMATIC\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:FsxOpenZfsFileSystem\n properties:\n fsxFilesystemArn: ${exampleAwsFsxOpenzfsFileSystem.arn}\n securityGroupArns:\n - ${exampleAwsSecurityGroup.arn}\n protocol:\n nfs:\n mountOptions:\n version: AUTOMATIC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_fsx_openzfs_file_system` using the `DataSync-ARN#FSx-openzfs-ARN`. For example:\n\n```sh\n$ pulumi import aws:datasync/fsxOpenZfsFileSystem:FsxOpenZfsFileSystem example arn:aws:datasync:us-west-2:123456789012:location/loc-12345678901234567#arn:aws:fsx:us-west-2:123456789012:file-system/fs-08e04cd442c1bb94a\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for openzfs location was created.\n" }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for OpenZfs file system.\n" }, "protocol": { "$ref": "#/types/aws:datasync/FsxOpenZfsFileSystemProtocol:FsxOpenZfsFileSystemProtocol", "description": "The type of protocol that DataSync uses to access your file system. See below.\n" }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for openzfs file system.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Must start with `/fsx`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for openzfs location that was described.\n" } }, "required": [ "arn", "creationTime", "fsxFilesystemArn", "protocol", "securityGroupArns", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for OpenZfs file system.\n", "willReplaceOnChanges": true }, "protocol": { "$ref": "#/types/aws:datasync/FsxOpenZfsFileSystemProtocol:FsxOpenZfsFileSystemProtocol", "description": "The type of protocol that DataSync uses to access your file system. See below.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for openzfs file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Must start with `/fsx`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "fsxFilesystemArn", "protocol", "securityGroupArns" ], "stateInputs": { "description": "Input properties used for looking up and filtering FsxOpenZfsFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for openzfs location was created.\n" }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for OpenZfs file system.\n", "willReplaceOnChanges": true }, "protocol": { "$ref": "#/types/aws:datasync/FsxOpenZfsFileSystemProtocol:FsxOpenZfsFileSystemProtocol", "description": "The type of protocol that DataSync uses to access your file system. See below.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for openzfs file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Must start with `/fsx`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for openzfs location that was described.\n" } }, "type": "object" } }, "aws:datasync/locationAzureBlob:LocationAzureBlob": { "description": "Manages a Microsoft Azure Blob Storage Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationAzureBlob(\"example\", {\n agentArns: [exampleAwsDatasyncAgent.arn],\n authenticationType: \"SAS\",\n containerUrl: \"https://myaccount.blob.core.windows.net/mycontainer\",\n sasConfiguration: {\n token: \"sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationAzureBlob(\"example\",\n agent_arns=[example_aws_datasync_agent[\"arn\"]],\n authentication_type=\"SAS\",\n container_url=\"https://myaccount.blob.core.windows.net/mycontainer\",\n sas_configuration={\n \"token\": \"sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationAzureBlob(\"example\", new()\n {\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n AuthenticationType = \"SAS\",\n ContainerUrl = \"https://myaccount.blob.core.windows.net/mycontainer\",\n SasConfiguration = new Aws.DataSync.Inputs.LocationAzureBlobSasConfigurationArgs\n {\n Token = \"sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationAzureBlob(ctx, \"example\", \u0026datasync.LocationAzureBlobArgs{\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t},\n\t\t\tAuthenticationType: pulumi.String(\"SAS\"),\n\t\t\tContainerUrl: pulumi.String(\"https://myaccount.blob.core.windows.net/mycontainer\"),\n\t\t\tSasConfiguration: \u0026datasync.LocationAzureBlobSasConfigurationArgs{\n\t\t\t\tToken: pulumi.String(\"sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationAzureBlob;\nimport com.pulumi.aws.datasync.LocationAzureBlobArgs;\nimport com.pulumi.aws.datasync.inputs.LocationAzureBlobSasConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationAzureBlob(\"example\", LocationAzureBlobArgs.builder()\n .agentArns(exampleAwsDatasyncAgent.arn())\n .authenticationType(\"SAS\")\n .containerUrl(\"https://myaccount.blob.core.windows.net/mycontainer\")\n .sasConfiguration(LocationAzureBlobSasConfigurationArgs.builder()\n .token(\"sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationAzureBlob\n properties:\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n authenticationType: SAS\n containerUrl: https://myaccount.blob.core.windows.net/mycontainer\n sasConfiguration:\n token: sp=r\u0026st=2023-12-20T14:54:52Z\u0026se=2023-12-20T22:54:52Z\u0026spr=https\u0026sv=2021-06-08\u0026sr=c\u0026sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_azure_blob` using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/locationAzureBlob:LocationAzureBlob example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "accessTier": { "type": "string", "description": "The access tier that you want your objects or files transferred into. Valid values: `HOT`, `COOL` and `ARCHIVE`. Default: `HOT`.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "authenticationType": { "type": "string", "description": "The authentication method DataSync uses to access your Azure Blob Storage. Valid values: `SAS`.\n" }, "blobType": { "type": "string", "description": "The type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Valid values: `BLOB`. Default: `BLOB`.\n" }, "containerUrl": { "type": "string", "description": "The URL of the Azure Blob Storage container involved in your transfer.\n" }, "sasConfiguration": { "$ref": "#/types/aws:datasync/LocationAzureBlobSasConfiguration:LocationAzureBlobSasConfiguration", "description": "The SAS configuration that allows DataSync to access your Azure Blob Storage. See configuration below.\n" }, "subdirectory": { "type": "string", "description": "Path segments if you want to limit your transfer to a virtual directory in the container.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "required": [ "agentArns", "arn", "authenticationType", "containerUrl", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "accessTier": { "type": "string", "description": "The access tier that you want your objects or files transferred into. Valid values: `HOT`, `COOL` and `ARCHIVE`. Default: `HOT`.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "authenticationType": { "type": "string", "description": "The authentication method DataSync uses to access your Azure Blob Storage. Valid values: `SAS`.\n" }, "blobType": { "type": "string", "description": "The type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Valid values: `BLOB`. Default: `BLOB`.\n" }, "containerUrl": { "type": "string", "description": "The URL of the Azure Blob Storage container involved in your transfer.\n", "willReplaceOnChanges": true }, "sasConfiguration": { "$ref": "#/types/aws:datasync/LocationAzureBlobSasConfiguration:LocationAzureBlobSasConfiguration", "description": "The SAS configuration that allows DataSync to access your Azure Blob Storage. See configuration below.\n" }, "subdirectory": { "type": "string", "description": "Path segments if you want to limit your transfer to a virtual directory in the container.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "agentArns", "authenticationType", "containerUrl" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationAzureBlob resources.\n", "properties": { "accessTier": { "type": "string", "description": "The access tier that you want your objects or files transferred into. Valid values: `HOT`, `COOL` and `ARCHIVE`. Default: `HOT`.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "authenticationType": { "type": "string", "description": "The authentication method DataSync uses to access your Azure Blob Storage. Valid values: `SAS`.\n" }, "blobType": { "type": "string", "description": "The type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Valid values: `BLOB`. Default: `BLOB`.\n" }, "containerUrl": { "type": "string", "description": "The URL of the Azure Blob Storage container involved in your transfer.\n", "willReplaceOnChanges": true }, "sasConfiguration": { "$ref": "#/types/aws:datasync/LocationAzureBlobSasConfiguration:LocationAzureBlobSasConfiguration", "description": "The SAS configuration that allows DataSync to access your Azure Blob Storage. See configuration below.\n" }, "subdirectory": { "type": "string", "description": "Path segments if you want to limit your transfer to a virtual directory in the container.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/locationFsxLustre:LocationFsxLustre": { "description": "Manages an AWS DataSync FSx Lustre Location.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationFsxLustre(\"example\", {\n fsxFilesystemArn: exampleAwsFsxLustreFileSystem.arn,\n securityGroupArns: [exampleAwsSecurityGroup.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationFsxLustre(\"example\",\n fsx_filesystem_arn=example_aws_fsx_lustre_file_system[\"arn\"],\n security_group_arns=[example_aws_security_group[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationFsxLustre(\"example\", new()\n {\n FsxFilesystemArn = exampleAwsFsxLustreFileSystem.Arn,\n SecurityGroupArns = new[]\n {\n exampleAwsSecurityGroup.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationFsxLustre(ctx, \"example\", \u0026datasync.LocationFsxLustreArgs{\n\t\t\tFsxFilesystemArn: pulumi.Any(exampleAwsFsxLustreFileSystem.Arn),\n\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationFsxLustre;\nimport com.pulumi.aws.datasync.LocationFsxLustreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationFsxLustre(\"example\", LocationFsxLustreArgs.builder()\n .fsxFilesystemArn(exampleAwsFsxLustreFileSystem.arn())\n .securityGroupArns(exampleAwsSecurityGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationFsxLustre\n properties:\n fsxFilesystemArn: ${exampleAwsFsxLustreFileSystem.arn}\n securityGroupArns:\n - ${exampleAwsSecurityGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_fsx_lustre_file_system` using the `DataSync-ARN#FSx-Lustre-ARN`. For example:\n\n```sh\n$ pulumi import aws:datasync/locationFsxLustre:LocationFsxLustre example arn:aws:datasync:us-west-2:123456789012:location/loc-12345678901234567#arn:aws:fsx:us-west-2:476956259333:file-system/fs-08e04cd442c1bb94a\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for Lustre location was created.\n" }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Lustre file system.\n" }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Lustre file system.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for Lustre location that was described.\n" } }, "required": [ "arn", "creationTime", "fsxFilesystemArn", "securityGroupArns", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Lustre file system.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Lustre file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "fsxFilesystemArn", "securityGroupArns" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationFsxLustre resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for Lustre location was created.\n" }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Lustre file system.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Lustre file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for Lustre location that was described.\n" } }, "type": "object" } }, "aws:datasync/locationFsxOntapFileSystem:LocationFsxOntapFileSystem": { "description": "Resource for managing an AWS DataSync Location FSx Ontap File System.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:datasync:LocationFsxOntapFileSystem\n properties:\n fsxFilesystemArn: ${testAwsFsxOntapFileSystem.arn}\n securityGroupArns:\n - ${testAwsSecurityGroup.arn}\n storageVirtualMachineArn: ${testAwsFsxOntapStorageVirtualMachine.arn}\n protocol:\n nfs:\n mountOptions:\n version: NFS3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_fsx_ontap_file_system` using the `DataSync-ARN#FSx-ontap-svm-ARN`. For example:\n\n```sh\n$ pulumi import aws:datasync/locationFsxOntapFileSystem:LocationFsxOntapFileSystem example arn:aws:datasync:us-west-2:123456789012:location/loc-12345678901234567#arn:aws:fsx:us-west-2:123456789012:storage-virtual-machine/svm-12345678abcdef123\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the DataSync Location for the FSx Ontap File System.\n" }, "creationTime": { "type": "string" }, "fsxFilesystemArn": { "type": "string", "description": "ARN of the FSx Ontap File System.\n" }, "protocol": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocol:LocationFsxOntapFileSystemProtocol", "description": "The data transfer protocol that DataSync uses to access your Amazon FSx file system. See Protocol below.\n" }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The security groups that provide access to your file system's preferred subnet. The security groups must allow outbbound traffic on the following ports (depending on the protocol you use):\n* Network File System (NFS): TCP ports 111, 635, and 2049\n* Server Message Block (SMB): TCP port 445\n" }, "storageVirtualMachineArn": { "type": "string", "description": "The ARN of the SVM in your file system where you want to copy data to of from.\n\nThe following arguments are optional:\n" }, "subdirectory": { "type": "string", "description": "Path to the file share in the SVM where you'll copy your data. You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares) (e.g. `/vol1`, `/vol1/tree1`, `share1`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "URI of the FSx ONTAP file system location\n" } }, "required": [ "arn", "creationTime", "fsxFilesystemArn", "protocol", "securityGroupArns", "storageVirtualMachineArn", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "protocol": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocol:LocationFsxOntapFileSystemProtocol", "description": "The data transfer protocol that DataSync uses to access your Amazon FSx file system. See Protocol below.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The security groups that provide access to your file system's preferred subnet. The security groups must allow outbbound traffic on the following ports (depending on the protocol you use):\n* Network File System (NFS): TCP ports 111, 635, and 2049\n* Server Message Block (SMB): TCP port 445\n", "willReplaceOnChanges": true }, "storageVirtualMachineArn": { "type": "string", "description": "The ARN of the SVM in your file system where you want to copy data to of from.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Path to the file share in the SVM where you'll copy your data. You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares) (e.g. `/vol1`, `/vol1/tree1`, `share1`).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "protocol", "securityGroupArns", "storageVirtualMachineArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationFsxOntapFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the DataSync Location for the FSx Ontap File System.\n" }, "creationTime": { "type": "string" }, "fsxFilesystemArn": { "type": "string", "description": "ARN of the FSx Ontap File System.\n" }, "protocol": { "$ref": "#/types/aws:datasync/LocationFsxOntapFileSystemProtocol:LocationFsxOntapFileSystemProtocol", "description": "The data transfer protocol that DataSync uses to access your Amazon FSx file system. See Protocol below.\n", "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The security groups that provide access to your file system's preferred subnet. The security groups must allow outbbound traffic on the following ports (depending on the protocol you use):\n* Network File System (NFS): TCP ports 111, 635, and 2049\n* Server Message Block (SMB): TCP port 445\n", "willReplaceOnChanges": true }, "storageVirtualMachineArn": { "type": "string", "description": "The ARN of the SVM in your file system where you want to copy data to of from.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Path to the file share in the SVM where you'll copy your data. You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares) (e.g. `/vol1`, `/vol1/tree1`, `share1`).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "URI of the FSx ONTAP file system location\n" } }, "type": "object" } }, "aws:datasync/locationFsxWindows:LocationFsxWindows": { "description": "Manages an AWS DataSync FSx Windows Location.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationFsxWindows(\"example\", {\n fsxFilesystemArn: exampleAwsFsxWindowsFileSystem.arn,\n user: \"SomeUser\",\n password: \"SuperSecretPassw0rd\",\n securityGroupArns: [exampleAwsSecurityGroup.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationFsxWindows(\"example\",\n fsx_filesystem_arn=example_aws_fsx_windows_file_system[\"arn\"],\n user=\"SomeUser\",\n password=\"SuperSecretPassw0rd\",\n security_group_arns=[example_aws_security_group[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationFsxWindows(\"example\", new()\n {\n FsxFilesystemArn = exampleAwsFsxWindowsFileSystem.Arn,\n User = \"SomeUser\",\n Password = \"SuperSecretPassw0rd\",\n SecurityGroupArns = new[]\n {\n exampleAwsSecurityGroup.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationFsxWindows(ctx, \"example\", \u0026datasync.LocationFsxWindowsArgs{\n\t\t\tFsxFilesystemArn: pulumi.Any(exampleAwsFsxWindowsFileSystem.Arn),\n\t\t\tUser: pulumi.String(\"SomeUser\"),\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tSecurityGroupArns: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationFsxWindows;\nimport com.pulumi.aws.datasync.LocationFsxWindowsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationFsxWindows(\"example\", LocationFsxWindowsArgs.builder()\n .fsxFilesystemArn(exampleAwsFsxWindowsFileSystem.arn())\n .user(\"SomeUser\")\n .password(\"SuperSecretPassw0rd\")\n .securityGroupArns(exampleAwsSecurityGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationFsxWindows\n properties:\n fsxFilesystemArn: ${exampleAwsFsxWindowsFileSystem.arn}\n user: SomeUser\n password: SuperSecretPassw0rd\n securityGroupArns:\n - ${exampleAwsSecurityGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_fsx_windows_file_system` using the `DataSync-ARN#FSx-Windows-ARN`. For example:\n\n```sh\n$ pulumi import aws:datasync/locationFsxWindows:LocationFsxWindows example arn:aws:datasync:us-west-2:123456789012:location/loc-12345678901234567#arn:aws:fsx:us-west-2:476956259333:file-system/fs-08e04cd442c1bb94a\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for Windows location was created.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain that the FSx for Windows server belongs to.\n" }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Windows file system.\n" }, "password": { "type": "string", "description": "The password of the user who has the permissions to access files and folders in the FSx for Windows file system.\n", "secret": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Windows file system.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for Windows location that was described.\n" }, "user": { "type": "string", "description": "The user who has the permissions to access files and folders in the FSx for Windows file system.\n" } }, "required": [ "arn", "creationTime", "fsxFilesystemArn", "password", "securityGroupArns", "subdirectory", "tagsAll", "uri", "user" ], "inputProperties": { "domain": { "type": "string", "description": "The name of the Windows domain that the FSx for Windows server belongs to.\n", "willReplaceOnChanges": true }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Windows file system.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password of the user who has the permissions to access files and folders in the FSx for Windows file system.\n", "secret": true, "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Windows file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "user": { "type": "string", "description": "The user who has the permissions to access files and folders in the FSx for Windows file system.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "fsxFilesystemArn", "password", "securityGroupArns", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationFsxWindows resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "creationTime": { "type": "string", "description": "The time that the FSx for Windows location was created.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain that the FSx for Windows server belongs to.\n", "willReplaceOnChanges": true }, "fsxFilesystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the FSx for Windows file system.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password of the user who has the permissions to access files and folders in the FSx for Windows file system.\n", "secret": true, "willReplaceOnChanges": true }, "securityGroupArns": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the security groups that are to use to configure the FSx for Windows file system.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the FSx for Windows location that was described.\n" }, "user": { "type": "string", "description": "The user who has the permissions to access files and folders in the FSx for Windows file system.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:datasync/locationHdfs:LocationHdfs": { "description": "Manages an HDFS Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationHdfs(\"example\", {\n agentArns: [exampleAwsDatasyncAgent.arn],\n authenticationType: \"SIMPLE\",\n simpleUser: \"example\",\n nameNodes: [{\n hostname: exampleAwsInstance.privateDns,\n port: 80,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationHdfs(\"example\",\n agent_arns=[example_aws_datasync_agent[\"arn\"]],\n authentication_type=\"SIMPLE\",\n simple_user=\"example\",\n name_nodes=[{\n \"hostname\": example_aws_instance[\"privateDns\"],\n \"port\": 80,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationHdfs(\"example\", new()\n {\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n AuthenticationType = \"SIMPLE\",\n SimpleUser = \"example\",\n NameNodes = new[]\n {\n new Aws.DataSync.Inputs.LocationHdfsNameNodeArgs\n {\n Hostname = exampleAwsInstance.PrivateDns,\n Port = 80,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationHdfs(ctx, \"example\", \u0026datasync.LocationHdfsArgs{\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t},\n\t\t\tAuthenticationType: pulumi.String(\"SIMPLE\"),\n\t\t\tSimpleUser: pulumi.String(\"example\"),\n\t\t\tNameNodes: datasync.LocationHdfsNameNodeArray{\n\t\t\t\t\u0026datasync.LocationHdfsNameNodeArgs{\n\t\t\t\t\tHostname: pulumi.Any(exampleAwsInstance.PrivateDns),\n\t\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationHdfs;\nimport com.pulumi.aws.datasync.LocationHdfsArgs;\nimport com.pulumi.aws.datasync.inputs.LocationHdfsNameNodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationHdfs(\"example\", LocationHdfsArgs.builder()\n .agentArns(exampleAwsDatasyncAgent.arn())\n .authenticationType(\"SIMPLE\")\n .simpleUser(\"example\")\n .nameNodes(LocationHdfsNameNodeArgs.builder()\n .hostname(exampleAwsInstance.privateDns())\n .port(80)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationHdfs\n properties:\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n authenticationType: SIMPLE\n simpleUser: example\n nameNodes:\n - hostname: ${exampleAwsInstance.privateDns}\n port: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kerberos Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.datasync.LocationHdfs(\"example\", {\n agentArns: [exampleAwsDatasyncAgent.arn],\n authenticationType: \"KERBEROS\",\n nameNodes: [{\n hostname: exampleAwsInstance.privateDns,\n port: 80,\n }],\n kerberosPrincipal: \"user@example.com\",\n kerberosKeytabBase64: std.filebase64({\n input: \"user.keytab\",\n }).then(invoke =\u003e invoke.result),\n kerberosKrb5Conf: std.file({\n input: \"krb5.conf\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.datasync.LocationHdfs(\"example\",\n agent_arns=[example_aws_datasync_agent[\"arn\"]],\n authentication_type=\"KERBEROS\",\n name_nodes=[{\n \"hostname\": example_aws_instance[\"privateDns\"],\n \"port\": 80,\n }],\n kerberos_principal=\"user@example.com\",\n kerberos_keytab_base64=std.filebase64(input=\"user.keytab\").result,\n kerberos_krb5_conf=std.file(input=\"krb5.conf\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationHdfs(\"example\", new()\n {\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n AuthenticationType = \"KERBEROS\",\n NameNodes = new[]\n {\n new Aws.DataSync.Inputs.LocationHdfsNameNodeArgs\n {\n Hostname = exampleAwsInstance.PrivateDns,\n Port = 80,\n },\n },\n KerberosPrincipal = \"user@example.com\",\n KerberosKeytabBase64 = Std.Filebase64.Invoke(new()\n {\n Input = \"user.keytab\",\n }).Apply(invoke =\u003e invoke.Result),\n KerberosKrb5Conf = Std.File.Invoke(new()\n {\n Input = \"krb5.conf\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"user.keytab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"krb5.conf\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = datasync.NewLocationHdfs(ctx, \"example\", \u0026datasync.LocationHdfsArgs{\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t},\n\t\t\tAuthenticationType: pulumi.String(\"KERBEROS\"),\n\t\t\tNameNodes: datasync.LocationHdfsNameNodeArray{\n\t\t\t\t\u0026datasync.LocationHdfsNameNodeArgs{\n\t\t\t\t\tHostname: pulumi.Any(exampleAwsInstance.PrivateDns),\n\t\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t\tKerberosPrincipal: pulumi.String(\"user@example.com\"),\n\t\t\tKerberosKeytabBase64: pulumi.String(invokeFilebase64.Result),\n\t\t\tKerberosKrb5Conf: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationHdfs;\nimport com.pulumi.aws.datasync.LocationHdfsArgs;\nimport com.pulumi.aws.datasync.inputs.LocationHdfsNameNodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationHdfs(\"example\", LocationHdfsArgs.builder()\n .agentArns(exampleAwsDatasyncAgent.arn())\n .authenticationType(\"KERBEROS\")\n .nameNodes(LocationHdfsNameNodeArgs.builder()\n .hostname(exampleAwsInstance.privateDns())\n .port(80)\n .build())\n .kerberosPrincipal(\"user@example.com\")\n .kerberosKeytabBase64(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"user.keytab\")\n .build()).result())\n .kerberosKrb5Conf(StdFunctions.file(FileArgs.builder()\n .input(\"krb5.conf\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationHdfs\n properties:\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n authenticationType: KERBEROS\n nameNodes:\n - hostname: ${exampleAwsInstance.privateDns}\n port: 80\n kerberosPrincipal: user@example.com\n kerberosKeytabBase64:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: user.keytab\n Return: result\n kerberosKrb5Conf:\n fn::invoke:\n Function: std:file\n Arguments:\n input: krb5.conf\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_hdfs` using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/locationHdfs:LocationHdfs example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "authenticationType": { "type": "string", "description": "The type of authentication used to determine the identity of the user. Valid values are `SIMPLE` and `KERBEROS`.\n" }, "blockSize": { "type": "integer", "description": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).\n" }, "kerberosKeytab": { "type": "string", "description": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Use `kerberos_keytab_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab_base64`) is required.\n" }, "kerberosKeytabBase64": { "type": "string", "description": "Use instead of `kerberos_keytab` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab`) is required.\n" }, "kerberosKrb5Conf": { "type": "string", "description": "The krb5.conf file that contains the Kerberos configuration information. Use `kerberos_krb5_conf_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf_base64`) is required.\n" }, "kerberosKrb5ConfBase64": { "type": "string", "description": "Use instead of `kerberos_krb5_conf` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf`) is required.\n" }, "kerberosPrincipal": { "type": "string", "description": "The Kerberos principal with access to the files and folders on the HDFS cluster. If `KERBEROS` is specified for `authentication_type`, this parameter is required.\n" }, "kmsKeyProviderUri": { "type": "string", "description": "The URI of the HDFS cluster's Key Management Server (KMS).\n" }, "nameNodes": { "type": "array", "items": { "$ref": "#/types/aws:datasync/LocationHdfsNameNode:LocationHdfsNameNode" }, "description": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode. See configuration below.\n" }, "qopConfiguration": { "$ref": "#/types/aws:datasync/LocationHdfsQopConfiguration:LocationHdfsQopConfiguration", "description": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `qop_configuration` isn't specified, `rpc_protection` and `data_transfer_protection` default to `PRIVACY`. If you set RpcProtection or DataTransferProtection, the other parameter assumes the same value. See configuration below.\n" }, "replicationFactor": { "type": "integer", "description": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.\n" }, "simpleUser": { "type": "string", "description": "The user name used to identify the client on the host operating system. If `SIMPLE` is specified for `authentication_type`, this parameter is required.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "required": [ "agentArns", "arn", "nameNodes", "qopConfiguration", "tagsAll", "uri" ], "inputProperties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "authenticationType": { "type": "string", "description": "The type of authentication used to determine the identity of the user. Valid values are `SIMPLE` and `KERBEROS`.\n" }, "blockSize": { "type": "integer", "description": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).\n" }, "kerberosKeytab": { "type": "string", "description": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Use `kerberos_keytab_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab_base64`) is required.\n" }, "kerberosKeytabBase64": { "type": "string", "description": "Use instead of `kerberos_keytab` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab`) is required.\n" }, "kerberosKrb5Conf": { "type": "string", "description": "The krb5.conf file that contains the Kerberos configuration information. Use `kerberos_krb5_conf_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf_base64`) is required.\n" }, "kerberosKrb5ConfBase64": { "type": "string", "description": "Use instead of `kerberos_krb5_conf` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf`) is required.\n" }, "kerberosPrincipal": { "type": "string", "description": "The Kerberos principal with access to the files and folders on the HDFS cluster. If `KERBEROS` is specified for `authentication_type`, this parameter is required.\n" }, "kmsKeyProviderUri": { "type": "string", "description": "The URI of the HDFS cluster's Key Management Server (KMS).\n" }, "nameNodes": { "type": "array", "items": { "$ref": "#/types/aws:datasync/LocationHdfsNameNode:LocationHdfsNameNode" }, "description": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode. See configuration below.\n" }, "qopConfiguration": { "$ref": "#/types/aws:datasync/LocationHdfsQopConfiguration:LocationHdfsQopConfiguration", "description": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `qop_configuration` isn't specified, `rpc_protection` and `data_transfer_protection` default to `PRIVACY`. If you set RpcProtection or DataTransferProtection, the other parameter assumes the same value. See configuration below.\n" }, "replicationFactor": { "type": "integer", "description": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.\n" }, "simpleUser": { "type": "string", "description": "The user name used to identify the client on the host operating system. If `SIMPLE` is specified for `authentication_type`, this parameter is required.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "agentArns", "nameNodes" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationHdfs resources.\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "authenticationType": { "type": "string", "description": "The type of authentication used to determine the identity of the user. Valid values are `SIMPLE` and `KERBEROS`.\n" }, "blockSize": { "type": "integer", "description": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).\n" }, "kerberosKeytab": { "type": "string", "description": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Use `kerberos_keytab_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab_base64`) is required.\n" }, "kerberosKeytabBase64": { "type": "string", "description": "Use instead of `kerberos_keytab` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_keytab`) is required.\n" }, "kerberosKrb5Conf": { "type": "string", "description": "The krb5.conf file that contains the Kerberos configuration information. Use `kerberos_krb5_conf_base64` instead whenever the value is not a valid UTF-8 string. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf_base64`) is required.\n" }, "kerberosKrb5ConfBase64": { "type": "string", "description": "Use instead of `kerberos_krb5_conf` to pass base64-encoded binary data directly. If `KERBEROS` is specified for `authentication_type`, this parameter (or `kerberos_krb5_conf`) is required.\n" }, "kerberosPrincipal": { "type": "string", "description": "The Kerberos principal with access to the files and folders on the HDFS cluster. If `KERBEROS` is specified for `authentication_type`, this parameter is required.\n" }, "kmsKeyProviderUri": { "type": "string", "description": "The URI of the HDFS cluster's Key Management Server (KMS).\n" }, "nameNodes": { "type": "array", "items": { "$ref": "#/types/aws:datasync/LocationHdfsNameNode:LocationHdfsNameNode" }, "description": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode. See configuration below.\n" }, "qopConfiguration": { "$ref": "#/types/aws:datasync/LocationHdfsQopConfiguration:LocationHdfsQopConfiguration", "description": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `qop_configuration` isn't specified, `rpc_protection` and `data_transfer_protection` default to `PRIVACY`. If you set RpcProtection or DataTransferProtection, the other parameter assumes the same value. See configuration below.\n" }, "replicationFactor": { "type": "integer", "description": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.\n" }, "simpleUser": { "type": "string", "description": "The user name used to identify the client on the host operating system. If `SIMPLE` is specified for `authentication_type`, this parameter is required.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/locationObjectStorage:LocationObjectStorage": { "description": "Manages a Object Storage Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationObjectStorage(\"example\", {\n agentArns: [exampleAwsDatasyncAgent.arn],\n serverHostname: \"example\",\n bucketName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationObjectStorage(\"example\",\n agent_arns=[example_aws_datasync_agent[\"arn\"]],\n server_hostname=\"example\",\n bucket_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationObjectStorage(\"example\", new()\n {\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n ServerHostname = \"example\",\n BucketName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationObjectStorage(ctx, \"example\", \u0026datasync.LocationObjectStorageArgs{\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t},\n\t\t\tServerHostname: pulumi.String(\"example\"),\n\t\t\tBucketName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationObjectStorage;\nimport com.pulumi.aws.datasync.LocationObjectStorageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationObjectStorage(\"example\", LocationObjectStorageArgs.builder()\n .agentArns(exampleAwsDatasyncAgent.arn())\n .serverHostname(\"example\")\n .bucketName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationObjectStorage\n properties:\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n serverHostname: example\n bucketName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_object_storage` using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/locationObjectStorage:LocationObjectStorage example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "accessKey": { "type": "string", "description": "The access key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "bucketName": { "type": "string", "description": "The bucket on the self-managed object storage server that is used to read data from.\n" }, "secretKey": { "type": "string", "description": "The secret key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n", "secret": true }, "serverCertificate": { "type": "string", "description": "Specifies a certificate to authenticate with an object storage system that uses a private or self-signed certificate authority (CA). You must specify a Base64-encoded .pem string. The certificate can be up to 32768 bytes (before Base64 encoding).\n" }, "serverHostname": { "type": "string", "description": "The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server. An agent uses this host name to mount the object storage server in a network.\n" }, "serverPort": { "type": "integer", "description": "The port that your self-managed object storage server accepts inbound network traffic on. The server port is set by default to TCP 80 (`HTTP`) or TCP 443 (`HTTPS`). You can specify a custom port if your self-managed object storage server requires one.\n" }, "serverProtocol": { "type": "string", "description": "The protocol that the object storage server uses to communicate. Valid values are `HTTP` or `HTTPS`.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the Object Storage location that was described.\n" } }, "required": [ "agentArns", "arn", "bucketName", "serverHostname", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "accessKey": { "type": "string", "description": "The access key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "bucketName": { "type": "string", "description": "The bucket on the self-managed object storage server that is used to read data from.\n", "willReplaceOnChanges": true }, "secretKey": { "type": "string", "description": "The secret key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n", "secret": true }, "serverCertificate": { "type": "string", "description": "Specifies a certificate to authenticate with an object storage system that uses a private or self-signed certificate authority (CA). You must specify a Base64-encoded .pem string. The certificate can be up to 32768 bytes (before Base64 encoding).\n" }, "serverHostname": { "type": "string", "description": "The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server. An agent uses this host name to mount the object storage server in a network.\n", "willReplaceOnChanges": true }, "serverPort": { "type": "integer", "description": "The port that your self-managed object storage server accepts inbound network traffic on. The server port is set by default to TCP 80 (`HTTP`) or TCP 443 (`HTTPS`). You can specify a custom port if your self-managed object storage server requires one.\n" }, "serverProtocol": { "type": "string", "description": "The protocol that the object storage server uses to communicate. Valid values are `HTTP` or `HTTPS`.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "agentArns", "bucketName", "serverHostname" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationObjectStorage resources.\n", "properties": { "accessKey": { "type": "string", "description": "The access key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n" }, "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "bucketName": { "type": "string", "description": "The bucket on the self-managed object storage server that is used to read data from.\n", "willReplaceOnChanges": true }, "secretKey": { "type": "string", "description": "The secret key is used if credentials are required to access the self-managed object storage server. If your object storage requires a user name and password to authenticate, use `access_key` and `secret_key` to provide the user name and password, respectively.\n", "secret": true }, "serverCertificate": { "type": "string", "description": "Specifies a certificate to authenticate with an object storage system that uses a private or self-signed certificate authority (CA). You must specify a Base64-encoded .pem string. The certificate can be up to 32768 bytes (before Base64 encoding).\n" }, "serverHostname": { "type": "string", "description": "The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server. An agent uses this host name to mount the object storage server in a network.\n", "willReplaceOnChanges": true }, "serverPort": { "type": "integer", "description": "The port that your self-managed object storage server accepts inbound network traffic on. The server port is set by default to TCP 80 (`HTTP`) or TCP 443 (`HTTPS`). You can specify a custom port if your self-managed object storage server requires one.\n" }, "serverProtocol": { "type": "string", "description": "The protocol that the object storage server uses to communicate. Valid values are `HTTP` or `HTTPS`.\n" }, "subdirectory": { "type": "string", "description": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to /.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string", "description": "The URL of the Object Storage location that was described.\n" } }, "type": "object" } }, "aws:datasync/locationSmb:LocationSmb": { "description": "Manages a SMB Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.LocationSmb(\"example\", {\n serverHostname: \"smb.example.com\",\n subdirectory: \"/exported/path\",\n user: \"Guest\",\n password: \"ANotGreatPassword\",\n agentArns: [exampleAwsDatasyncAgent.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.LocationSmb(\"example\",\n server_hostname=\"smb.example.com\",\n subdirectory=\"/exported/path\",\n user=\"Guest\",\n password=\"ANotGreatPassword\",\n agent_arns=[example_aws_datasync_agent[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.LocationSmb(\"example\", new()\n {\n ServerHostname = \"smb.example.com\",\n Subdirectory = \"/exported/path\",\n User = \"Guest\",\n Password = \"ANotGreatPassword\",\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewLocationSmb(ctx, \"example\", \u0026datasync.LocationSmbArgs{\n\t\t\tServerHostname: pulumi.String(\"smb.example.com\"),\n\t\t\tSubdirectory: pulumi.String(\"/exported/path\"),\n\t\t\tUser: pulumi.String(\"Guest\"),\n\t\t\tPassword: pulumi.String(\"ANotGreatPassword\"),\n\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.LocationSmb;\nimport com.pulumi.aws.datasync.LocationSmbArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocationSmb(\"example\", LocationSmbArgs.builder()\n .serverHostname(\"smb.example.com\")\n .subdirectory(\"/exported/path\")\n .user(\"Guest\")\n .password(\"ANotGreatPassword\")\n .agentArns(exampleAwsDatasyncAgent.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:LocationSmb\n properties:\n serverHostname: smb.example.com\n subdirectory: /exported/path\n user: Guest\n password: ANotGreatPassword\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_smb` using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/locationSmb:LocationSmb example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n", "secret": true }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "required": [ "agentArns", "arn", "domain", "password", "serverHostname", "subdirectory", "tagsAll", "uri", "user" ], "inputProperties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n", "secret": true }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "requiredInputs": [ "agentArns", "password", "serverHostname", "subdirectory", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocationSmb resources.\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "domain": { "type": "string", "description": "The name of the Windows domain the SMB server belongs to.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/LocationSmbMountOptions:LocationSmbMountOptions", "description": "Configuration block containing mount options used by DataSync to access the SMB Server. Can be `AUTOMATIC`, `SMB2`, or `SMB3`.\n" }, "password": { "type": "string", "description": "The password of the user who can mount the share and has file permissions in the SMB.\n", "secret": true }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the SMB server. The DataSync Agent(s) use this to mount the SMB share.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" }, "user": { "type": "string", "description": "The user who can mount the share and has file and folder permissions in the SMB share.\n" } }, "type": "object" } }, "aws:datasync/nfsLocation:NfsLocation": { "description": "Manages an NFS Location within AWS DataSync.\n\n\u003e **NOTE:** The DataSync Agents must be available before creating this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.NfsLocation(\"example\", {\n serverHostname: \"nfs.example.com\",\n subdirectory: \"/exported/path\",\n onPremConfig: {\n agentArns: [exampleAwsDatasyncAgent.arn],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.NfsLocation(\"example\",\n server_hostname=\"nfs.example.com\",\n subdirectory=\"/exported/path\",\n on_prem_config={\n \"agent_arns\": [example_aws_datasync_agent[\"arn\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.NfsLocation(\"example\", new()\n {\n ServerHostname = \"nfs.example.com\",\n Subdirectory = \"/exported/path\",\n OnPremConfig = new Aws.DataSync.Inputs.NfsLocationOnPremConfigArgs\n {\n AgentArns = new[]\n {\n exampleAwsDatasyncAgent.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewNfsLocation(ctx, \"example\", \u0026datasync.NfsLocationArgs{\n\t\t\tServerHostname: pulumi.String(\"nfs.example.com\"),\n\t\t\tSubdirectory: pulumi.String(\"/exported/path\"),\n\t\t\tOnPremConfig: \u0026datasync.NfsLocationOnPremConfigArgs{\n\t\t\t\tAgentArns: pulumi.StringArray{\n\t\t\t\t\texampleAwsDatasyncAgent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.NfsLocation;\nimport com.pulumi.aws.datasync.NfsLocationArgs;\nimport com.pulumi.aws.datasync.inputs.NfsLocationOnPremConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NfsLocation(\"example\", NfsLocationArgs.builder()\n .serverHostname(\"nfs.example.com\")\n .subdirectory(\"/exported/path\")\n .onPremConfig(NfsLocationOnPremConfigArgs.builder()\n .agentArns(exampleAwsDatasyncAgent.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:NfsLocation\n properties:\n serverHostname: nfs.example.com\n subdirectory: /exported/path\n onPremConfig:\n agentArns:\n - ${exampleAwsDatasyncAgent.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_nfs` using the DataSync Task Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/nfsLocation:NfsLocation example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/NfsLocationMountOptions:NfsLocationMountOptions", "description": "Configuration block containing mount options used by DataSync to access the NFS Server.\n" }, "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n" }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "required": [ "arn", "onPremConfig", "serverHostname", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "mountOptions": { "$ref": "#/types/aws:datasync/NfsLocationMountOptions:NfsLocationMountOptions", "description": "Configuration block containing mount options used by DataSync to access the NFS Server.\n" }, "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "onPremConfig", "serverHostname", "subdirectory" ], "stateInputs": { "description": "Input properties used for looking up and filtering NfsLocation resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "mountOptions": { "$ref": "#/types/aws:datasync/NfsLocationMountOptions:NfsLocationMountOptions", "description": "Configuration block containing mount options used by DataSync to access the NFS Server.\n" }, "onPremConfig": { "$ref": "#/types/aws:datasync/NfsLocationOnPremConfig:NfsLocationOnPremConfig", "description": "Configuration block containing information for connecting to the NFS File System.\n" }, "serverHostname": { "type": "string", "description": "Specifies the IP address or DNS name of the NFS server. The DataSync Agent(s) use this to mount the NFS server.\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Subdirectory to perform actions as source or destination. Should be exported by the NFS server.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/s3Location:S3Location": { "description": "Manages an S3 Location within AWS DataSync.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.S3Location(\"example\", {\n s3BucketArn: exampleAwsS3Bucket.arn,\n subdirectory: \"/example/prefix\",\n s3Config: {\n bucketAccessRoleArn: exampleAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.S3Location(\"example\",\n s3_bucket_arn=example_aws_s3_bucket[\"arn\"],\n subdirectory=\"/example/prefix\",\n s3_config={\n \"bucket_access_role_arn\": example_aws_iam_role[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.S3Location(\"example\", new()\n {\n S3BucketArn = exampleAwsS3Bucket.Arn,\n Subdirectory = \"/example/prefix\",\n S3Config = new Aws.DataSync.Inputs.S3LocationS3ConfigArgs\n {\n BucketAccessRoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewS3Location(ctx, \"example\", \u0026datasync.S3LocationArgs{\n\t\t\tS3BucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\tSubdirectory: pulumi.String(\"/example/prefix\"),\n\t\t\tS3Config: \u0026datasync.S3LocationS3ConfigArgs{\n\t\t\t\tBucketAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.S3Location;\nimport com.pulumi.aws.datasync.S3LocationArgs;\nimport com.pulumi.aws.datasync.inputs.S3LocationS3ConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Location(\"example\", S3LocationArgs.builder()\n .s3BucketArn(exampleAwsS3Bucket.arn())\n .subdirectory(\"/example/prefix\")\n .s3Config(S3LocationS3ConfigArgs.builder()\n .bucketAccessRoleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:S3Location\n properties:\n s3BucketArn: ${exampleAwsS3Bucket.arn}\n subdirectory: /example/prefix\n s3Config:\n bucketAccessRoleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_location_s3` using the DataSync Task Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/s3Location:S3Location example arn:aws:datasync:us-east-1:123456789012:location/loc-12345678901234567\n```\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n" }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n" }, "s3StorageClass": { "type": "string", "description": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. [Valid values](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes)\n" }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "required": [ "arn", "s3BucketArn", "s3Config", "s3StorageClass", "subdirectory", "tagsAll", "uri" ], "inputProperties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n", "willReplaceOnChanges": true }, "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n", "willReplaceOnChanges": true }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n", "willReplaceOnChanges": true }, "s3StorageClass": { "type": "string", "description": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. [Valid values](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes)\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "s3BucketArn", "s3Config", "subdirectory" ], "stateInputs": { "description": "Input properties used for looking up and filtering S3Location resources.\n", "properties": { "agentArns": { "type": "array", "items": { "type": "string" }, "description": "A list of DataSync Agent ARNs with which this location will be associated.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Location.\n" }, "s3BucketArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the S3 Bucket.\n", "willReplaceOnChanges": true }, "s3Config": { "$ref": "#/types/aws:datasync/S3LocationS3Config:S3LocationS3Config", "description": "Configuration block containing information for connecting to S3.\n", "willReplaceOnChanges": true }, "s3StorageClass": { "type": "string", "description": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. [Valid values](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes)\n", "willReplaceOnChanges": true }, "subdirectory": { "type": "string", "description": "Prefix to perform actions as source or destination.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Location. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uri": { "type": "string" } }, "type": "object" } }, "aws:datasync/task:Task": { "description": "Manages an AWS DataSync Task, which represents a configuration for synchronization. Starting an execution of these DataSync Tasks (actually synchronizing files) is performed outside of this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Task(\"example\", {\n destinationLocationArn: destination.arn,\n name: \"example\",\n sourceLocationArn: source.arn,\n options: {\n bytesPerSecond: -1,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Task(\"example\",\n destination_location_arn=destination[\"arn\"],\n name=\"example\",\n source_location_arn=source[\"arn\"],\n options={\n \"bytes_per_second\": -1,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.Task(\"example\", new()\n {\n DestinationLocationArn = destination.Arn,\n Name = \"example\",\n SourceLocationArn = source.Arn,\n Options = new Aws.DataSync.Inputs.TaskOptionsArgs\n {\n BytesPerSecond = -1,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewTask(ctx, \"example\", \u0026datasync.TaskArgs{\n\t\t\tDestinationLocationArn: pulumi.Any(destination.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSourceLocationArn: pulumi.Any(source.Arn),\n\t\t\tOptions: \u0026datasync.TaskOptionsArgs{\n\t\t\t\tBytesPerSecond: int(-1),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:Task\n properties:\n destinationLocationArn: ${destination.arn}\n name: example\n sourceLocationArn: ${source.arn}\n options:\n bytesPerSecond: -1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With Scheduling\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Task(\"example\", {\n destinationLocationArn: destination.arn,\n name: \"example\",\n sourceLocationArn: source.arn,\n schedule: {\n scheduleExpression: \"cron(0 12 ? * SUN,WED *)\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Task(\"example\",\n destination_location_arn=destination[\"arn\"],\n name=\"example\",\n source_location_arn=source[\"arn\"],\n schedule={\n \"schedule_expression\": \"cron(0 12 ? * SUN,WED *)\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.Task(\"example\", new()\n {\n DestinationLocationArn = destination.Arn,\n Name = \"example\",\n SourceLocationArn = source.Arn,\n Schedule = new Aws.DataSync.Inputs.TaskScheduleArgs\n {\n ScheduleExpression = \"cron(0 12 ? * SUN,WED *)\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewTask(ctx, \"example\", \u0026datasync.TaskArgs{\n\t\t\tDestinationLocationArn: pulumi.Any(destination.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSourceLocationArn: pulumi.Any(source.Arn),\n\t\t\tSchedule: \u0026datasync.TaskScheduleArgs{\n\t\t\t\tScheduleExpression: pulumi.String(\"cron(0 12 ? * SUN,WED *)\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.Task;\nimport com.pulumi.aws.datasync.TaskArgs;\nimport com.pulumi.aws.datasync.inputs.TaskScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Task(\"example\", TaskArgs.builder()\n .destinationLocationArn(destination.arn())\n .name(\"example\")\n .sourceLocationArn(source.arn())\n .schedule(TaskScheduleArgs.builder()\n .scheduleExpression(\"cron(0 12 ? * SUN,WED *)\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:Task\n properties:\n destinationLocationArn: ${destination.arn}\n name: example\n sourceLocationArn: ${source.arn}\n schedule:\n scheduleExpression: cron(0 12 ? * SUN,WED *)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With Filtering\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datasync.Task(\"example\", {\n destinationLocationArn: destination.arn,\n name: \"example\",\n sourceLocationArn: source.arn,\n excludes: {\n filterType: \"SIMPLE_PATTERN\",\n value: \"/folder1|/folder2\",\n },\n includes: {\n filterType: \"SIMPLE_PATTERN\",\n value: \"/folder1|/folder2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datasync.Task(\"example\",\n destination_location_arn=destination[\"arn\"],\n name=\"example\",\n source_location_arn=source[\"arn\"],\n excludes={\n \"filter_type\": \"SIMPLE_PATTERN\",\n \"value\": \"/folder1|/folder2\",\n },\n includes={\n \"filter_type\": \"SIMPLE_PATTERN\",\n \"value\": \"/folder1|/folder2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataSync.Task(\"example\", new()\n {\n DestinationLocationArn = destination.Arn,\n Name = \"example\",\n SourceLocationArn = source.Arn,\n Excludes = new Aws.DataSync.Inputs.TaskExcludesArgs\n {\n FilterType = \"SIMPLE_PATTERN\",\n Value = \"/folder1|/folder2\",\n },\n Includes = new Aws.DataSync.Inputs.TaskIncludesArgs\n {\n FilterType = \"SIMPLE_PATTERN\",\n Value = \"/folder1|/folder2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datasync\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datasync.NewTask(ctx, \"example\", \u0026datasync.TaskArgs{\n\t\t\tDestinationLocationArn: pulumi.Any(destination.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSourceLocationArn: pulumi.Any(source.Arn),\n\t\t\tExcludes: \u0026datasync.TaskExcludesArgs{\n\t\t\t\tFilterType: pulumi.String(\"SIMPLE_PATTERN\"),\n\t\t\t\tValue: pulumi.String(\"/folder1|/folder2\"),\n\t\t\t},\n\t\t\tIncludes: \u0026datasync.TaskIncludesArgs{\n\t\t\t\tFilterType: pulumi.String(\"SIMPLE_PATTERN\"),\n\t\t\t\tValue: pulumi.String(\"/folder1|/folder2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datasync.Task;\nimport com.pulumi.aws.datasync.TaskArgs;\nimport com.pulumi.aws.datasync.inputs.TaskExcludesArgs;\nimport com.pulumi.aws.datasync.inputs.TaskIncludesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Task(\"example\", TaskArgs.builder()\n .destinationLocationArn(destination.arn())\n .name(\"example\")\n .sourceLocationArn(source.arn())\n .excludes(TaskExcludesArgs.builder()\n .filterType(\"SIMPLE_PATTERN\")\n .value(\"/folder1|/folder2\")\n .build())\n .includes(TaskIncludesArgs.builder()\n .filterType(\"SIMPLE_PATTERN\")\n .value(\"/folder1|/folder2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datasync:Task\n properties:\n destinationLocationArn: ${destination.arn}\n name: example\n sourceLocationArn: ${source.arn}\n excludes:\n filterType: SIMPLE_PATTERN\n value: /folder1|/folder2\n includes:\n filterType: SIMPLE_PATTERN\n value: /folder1|/folder2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_datasync_task` using the DataSync Task Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:datasync/task:Task example arn:aws:datasync:us-east-1:123456789012:task/task-12345678901234567\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Task.\n" }, "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n" }, "excludes": { "$ref": "#/types/aws:datasync/TaskExcludes:TaskExcludes", "description": "Filter rules that determines which files to exclude from a task.\n" }, "includes": { "$ref": "#/types/aws:datasync/TaskIncludes:TaskIncludes", "description": "Filter rules that determines which files to include in a task.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "schedule": { "$ref": "#/types/aws:datasync/TaskSchedule:TaskSchedule", "description": "Specifies a schedule used to periodically transfer files from a source to a destination location.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskReportConfig": { "$ref": "#/types/aws:datasync/TaskTaskReportConfig:TaskTaskReportConfig", "description": "Configuration block containing the configuration of a DataSync Task Report. See `task_report_config` below.\n" } }, "required": [ "arn", "destinationLocationArn", "name", "sourceLocationArn", "tagsAll" ], "inputProperties": { "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n", "willReplaceOnChanges": true }, "excludes": { "$ref": "#/types/aws:datasync/TaskExcludes:TaskExcludes", "description": "Filter rules that determines which files to exclude from a task.\n" }, "includes": { "$ref": "#/types/aws:datasync/TaskIncludes:TaskIncludes", "description": "Filter rules that determines which files to include in a task.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "schedule": { "$ref": "#/types/aws:datasync/TaskSchedule:TaskSchedule", "description": "Specifies a schedule used to periodically transfer files from a source to a destination location.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taskReportConfig": { "$ref": "#/types/aws:datasync/TaskTaskReportConfig:TaskTaskReportConfig", "description": "Configuration block containing the configuration of a DataSync Task Report. See `task_report_config` below.\n" } }, "requiredInputs": [ "destinationLocationArn", "sourceLocationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Task resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DataSync Task.\n" }, "cloudwatchLogGroupArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the CloudWatch Log Group that is used to monitor and log events in the sync task.\n" }, "destinationLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of destination DataSync Location.\n", "willReplaceOnChanges": true }, "excludes": { "$ref": "#/types/aws:datasync/TaskExcludes:TaskExcludes", "description": "Filter rules that determines which files to exclude from a task.\n" }, "includes": { "$ref": "#/types/aws:datasync/TaskIncludes:TaskIncludes", "description": "Filter rules that determines which files to include in a task.\n" }, "name": { "type": "string", "description": "Name of the DataSync Task.\n" }, "options": { "$ref": "#/types/aws:datasync/TaskOptions:TaskOptions", "description": "Configuration block containing option that controls the default behavior when you start an execution of this DataSync Task. For each individual task execution, you can override these options by specifying an overriding configuration in those executions.\n" }, "schedule": { "$ref": "#/types/aws:datasync/TaskSchedule:TaskSchedule", "description": "Specifies a schedule used to periodically transfer files from a source to a destination location.\n" }, "sourceLocationArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of source DataSync Location.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value pairs of resource tags to assign to the DataSync Task. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskReportConfig": { "$ref": "#/types/aws:datasync/TaskTaskReportConfig:TaskTaskReportConfig", "description": "Configuration block containing the configuration of a DataSync Task Report. See `task_report_config` below.\n" } }, "type": "object" } }, "aws:datazone/domain:Domain": { "description": "Resource for managing an AWS DataZone Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst domainExecutionRole = new aws.iam.Role(\"domain_execution_role\", {\n name: \"my_domain_execution_role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"datazone.amazonaws.com\",\n },\n },\n {\n Action: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"cloudformation.amazonaws.com\",\n },\n },\n ],\n }),\n inlinePolicies: [{\n name: \"domain_execution_policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"datazone:*\",\n \"ram:*\",\n \"sso:*\",\n \"kms:*\",\n ],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n }],\n});\nconst example = new aws.datazone.Domain(\"example\", {\n name: \"example\",\n domainExecutionRole: domainExecutionRole.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndomain_execution_role = aws.iam.Role(\"domain_execution_role\",\n name=\"my_domain_execution_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"datazone.amazonaws.com\",\n },\n },\n {\n \"Action\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"cloudformation.amazonaws.com\",\n },\n },\n ],\n }),\n inline_policies=[{\n \"name\": \"domain_execution_policy\",\n \"policy\": json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\n \"datazone:*\",\n \"ram:*\",\n \"sso:*\",\n \"kms:*\",\n ],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }),\n }])\nexample = aws.datazone.Domain(\"example\",\n name=\"example\",\n domain_execution_role=domain_execution_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var domainExecutionRole = new Aws.Iam.Role(\"domain_execution_role\", new()\n {\n Name = \"my_domain_execution_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"datazone.amazonaws.com\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"cloudformation.amazonaws.com\",\n },\n },\n },\n }),\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"domain_execution_policy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"datazone:*\",\n \"ram:*\",\n \"sso:*\",\n \"kms:*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n },\n },\n });\n\n var example = new Aws.DataZone.Domain(\"example\", new()\n {\n Name = \"example\",\n DomainExecutionRole = domainExecutionRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datazone\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"datazone.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"cloudformation.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"datazone:*\",\n\t\t\t\t\t\t\"ram:*\",\n\t\t\t\t\t\t\"sso:*\",\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tdomainExecutionRole, err := iam.NewRole(ctx, \"domain_execution_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"my_domain_execution_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"domain_execution_policy\"),\n\t\t\t\t\tPolicy: pulumi.String(json1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = datazone.NewDomain(ctx, \"example\", \u0026datazone.DomainArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDomainExecutionRole: domainExecutionRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.datazone.Domain;\nimport com.pulumi.aws.datazone.DomainArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var domainExecutionRole = new Role(\"domainExecutionRole\", RoleArgs.builder()\n .name(\"my_domain_execution_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"sts:AssumeRole\", \n \"sts:TagSession\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"datazone.amazonaws.com\")\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"sts:AssumeRole\", \n \"sts:TagSession\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"cloudformation.amazonaws.com\")\n ))\n )\n ))\n )))\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"domain_execution_policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"datazone:*\", \n \"ram:*\", \n \"sso:*\", \n \"kms:*\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build())\n .build());\n\n var example = new Domain(\"example\", DomainArgs.builder()\n .name(\"example\")\n .domainExecutionRole(domainExecutionRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n domainExecutionRole:\n type: aws:iam:Role\n name: domain_execution_role\n properties:\n name: my_domain_execution_role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - sts:AssumeRole\n - sts:TagSession\n Effect: Allow\n Principal:\n Service: datazone.amazonaws.com\n - Action:\n - sts:AssumeRole\n - sts:TagSession\n Effect: Allow\n Principal:\n Service: cloudformation.amazonaws.com\n inlinePolicies:\n - name: domain_execution_policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - datazone:*\n - ram:*\n - sso:*\n - kms:*\n Effect: Allow\n Resource: '*'\n example:\n type: aws:datazone:Domain\n properties:\n name: example\n domainExecutionRole: ${domainExecutionRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DataZone Domain using the `domain_id`. For example:\n\n```sh\n$ pulumi import aws:datazone/domain:Domain example domain-id-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Domain.\n" }, "description": { "type": "string", "description": "Description of the Domain.\n" }, "domainExecutionRole": { "type": "string", "description": "ARN of the role used by DataZone to configure the Domain.\n\nThe following arguments are optional:\n" }, "kmsKeyIdentifier": { "type": "string", "description": "ARN of the KMS key used to encrypt the Amazon DataZone domain, metadata and reporting data.\n" }, "name": { "type": "string", "description": "Name of the Domain.\n" }, "portalUrl": { "type": "string", "description": "URL of the data portal for the Domain.\n" }, "singleSignOn": { "$ref": "#/types/aws:datazone/DomainSingleSignOn:DomainSingleSignOn", "description": "Single sign on options, used to [enable AWS IAM Identity Center](https://docs.aws.amazon.com/datazone/latest/userguide/enable-IAM-identity-center-for-datazone.html) for DataZone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:datazone/DomainTimeouts:DomainTimeouts" } }, "required": [ "arn", "domainExecutionRole", "name", "portalUrl", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the Domain.\n" }, "domainExecutionRole": { "type": "string", "description": "ARN of the role used by DataZone to configure the Domain.\n\nThe following arguments are optional:\n" }, "kmsKeyIdentifier": { "type": "string", "description": "ARN of the KMS key used to encrypt the Amazon DataZone domain, metadata and reporting data.\n" }, "name": { "type": "string", "description": "Name of the Domain.\n" }, "singleSignOn": { "$ref": "#/types/aws:datazone/DomainSingleSignOn:DomainSingleSignOn", "description": "Single sign on options, used to [enable AWS IAM Identity Center](https://docs.aws.amazon.com/datazone/latest/userguide/enable-IAM-identity-center-for-datazone.html) for DataZone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeouts": { "$ref": "#/types/aws:datazone/DomainTimeouts:DomainTimeouts" } }, "requiredInputs": [ "domainExecutionRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Domain.\n" }, "description": { "type": "string", "description": "Description of the Domain.\n" }, "domainExecutionRole": { "type": "string", "description": "ARN of the role used by DataZone to configure the Domain.\n\nThe following arguments are optional:\n" }, "kmsKeyIdentifier": { "type": "string", "description": "ARN of the KMS key used to encrypt the Amazon DataZone domain, metadata and reporting data.\n" }, "name": { "type": "string", "description": "Name of the Domain.\n" }, "portalUrl": { "type": "string", "description": "URL of the data portal for the Domain.\n" }, "singleSignOn": { "$ref": "#/types/aws:datazone/DomainSingleSignOn:DomainSingleSignOn", "description": "Single sign on options, used to [enable AWS IAM Identity Center](https://docs.aws.amazon.com/datazone/latest/userguide/enable-IAM-identity-center-for-datazone.html) for DataZone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:datazone/DomainTimeouts:DomainTimeouts" } }, "type": "object" } }, "aws:datazone/environmentBlueprintConfiguration:EnvironmentBlueprintConfiguration": { "description": "Resource for managing an AWS DataZone Environment Blueprint Configuration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.datazone.Domain(\"example\", {\n name: \"example_domain\",\n domainExecutionRole: domainExecutionRole.arn,\n});\nconst defaultDataLake = aws.datazone.getEnvironmentBlueprintOutput({\n domainId: example.id,\n name: \"DefaultDataLake\",\n managed: true,\n});\nconst exampleEnvironmentBlueprintConfiguration = new aws.datazone.EnvironmentBlueprintConfiguration(\"example\", {\n domainId: example.id,\n environmentBlueprintId: defaultDataLake.apply(defaultDataLake =\u003e defaultDataLake.id),\n enabledRegions: [\"us-east-1\"],\n regionalParameters: {\n \"us-east-1\": {\n s3Location: \"s3://my-amazon-datazone-bucket\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datazone.Domain(\"example\",\n name=\"example_domain\",\n domain_execution_role=domain_execution_role[\"arn\"])\ndefault_data_lake = aws.datazone.get_environment_blueprint_output(domain_id=example.id,\n name=\"DefaultDataLake\",\n managed=True)\nexample_environment_blueprint_configuration = aws.datazone.EnvironmentBlueprintConfiguration(\"example\",\n domain_id=example.id,\n environment_blueprint_id=default_data_lake.id,\n enabled_regions=[\"us-east-1\"],\n regional_parameters={\n \"us-east-1\": {\n \"s3Location\": \"s3://my-amazon-datazone-bucket\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DataZone.Domain(\"example\", new()\n {\n Name = \"example_domain\",\n DomainExecutionRole = domainExecutionRole.Arn,\n });\n\n var defaultDataLake = Aws.DataZone.GetEnvironmentBlueprint.Invoke(new()\n {\n DomainId = example.Id,\n Name = \"DefaultDataLake\",\n Managed = true,\n });\n\n var exampleEnvironmentBlueprintConfiguration = new Aws.DataZone.EnvironmentBlueprintConfiguration(\"example\", new()\n {\n DomainId = example.Id,\n EnvironmentBlueprintId = defaultDataLake.Apply(getEnvironmentBlueprintResult =\u003e getEnvironmentBlueprintResult.Id),\n EnabledRegions = new[]\n {\n \"us-east-1\",\n },\n RegionalParameters = \n {\n { \"us-east-1\", \n {\n { \"s3Location\", \"s3://my-amazon-datazone-bucket\" },\n } },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datazone\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := datazone.NewDomain(ctx, \"example\", \u0026datazone.DomainArgs{\n\t\t\tName: pulumi.String(\"example_domain\"),\n\t\t\tDomainExecutionRole: pulumi.Any(domainExecutionRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultDataLake := datazone.GetEnvironmentBlueprintOutput(ctx, datazone.GetEnvironmentBlueprintOutputArgs{\n\t\t\tDomainId: example.ID(),\n\t\t\tName: pulumi.String(\"DefaultDataLake\"),\n\t\t\tManaged: pulumi.Bool(true),\n\t\t}, nil)\n\t\t_, err = datazone.NewEnvironmentBlueprintConfiguration(ctx, \"example\", \u0026datazone.EnvironmentBlueprintConfigurationArgs{\n\t\t\tDomainId: example.ID(),\n\t\t\tEnvironmentBlueprintId: pulumi.String(defaultDataLake.ApplyT(func(defaultDataLake datazone.GetEnvironmentBlueprintResult) (*string, error) {\n\t\t\t\treturn \u0026defaultDataLake.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tEnabledRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1\"),\n\t\t\t},\n\t\t\tRegionalParameters: pulumi.StringMapMap{\n\t\t\t\t\"us-east-1\": pulumi.StringMap{\n\t\t\t\t\t\"s3Location\": pulumi.String(\"s3://my-amazon-datazone-bucket\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datazone.Domain;\nimport com.pulumi.aws.datazone.DomainArgs;\nimport com.pulumi.aws.datazone.DatazoneFunctions;\nimport com.pulumi.aws.datazone.inputs.GetEnvironmentBlueprintArgs;\nimport com.pulumi.aws.datazone.EnvironmentBlueprintConfiguration;\nimport com.pulumi.aws.datazone.EnvironmentBlueprintConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .name(\"example_domain\")\n .domainExecutionRole(domainExecutionRole.arn())\n .build());\n\n final var defaultDataLake = DatazoneFunctions.getEnvironmentBlueprint(GetEnvironmentBlueprintArgs.builder()\n .domainId(example.id())\n .name(\"DefaultDataLake\")\n .managed(true)\n .build());\n\n var exampleEnvironmentBlueprintConfiguration = new EnvironmentBlueprintConfiguration(\"exampleEnvironmentBlueprintConfiguration\", EnvironmentBlueprintConfigurationArgs.builder()\n .domainId(example.id())\n .environmentBlueprintId(defaultDataLake.applyValue(getEnvironmentBlueprintResult -\u003e getEnvironmentBlueprintResult).applyValue(defaultDataLake -\u003e defaultDataLake.applyValue(getEnvironmentBlueprintResult -\u003e getEnvironmentBlueprintResult.id())))\n .enabledRegions(\"us-east-1\")\n .regionalParameters(Map.of(\"us-east-1\", Map.of(\"s3Location\", \"s3://my-amazon-datazone-bucket\")))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:datazone:Domain\n properties:\n name: example_domain\n domainExecutionRole: ${domainExecutionRole.arn}\n exampleEnvironmentBlueprintConfiguration:\n type: aws:datazone:EnvironmentBlueprintConfiguration\n name: example\n properties:\n domainId: ${example.id}\n environmentBlueprintId: ${defaultDataLake.id}\n enabledRegions:\n - us-east-1\n regionalParameters:\n us-east-1:\n s3Location: s3://my-amazon-datazone-bucket\nvariables:\n defaultDataLake:\n fn::invoke:\n Function: aws:datazone:getEnvironmentBlueprint\n Arguments:\n domainId: ${example.id}\n name: DefaultDataLake\n managed: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DataZone Environment Blueprint Configuration using the `domain_id` and `environment_blueprint_id`, separated by a `/`. For example:\n\n```sh\n$ pulumi import aws:datazone/environmentBlueprintConfiguration:EnvironmentBlueprintConfiguration example domain-id-12345/environment-blueprint-id-54321\n```\n", "properties": { "domainId": { "type": "string", "description": "ID of the Domain.\n" }, "enabledRegions": { "type": "array", "items": { "type": "string" }, "description": "Regions in which the blueprint is enabled\n\nThe following arguments are optional:\n" }, "environmentBlueprintId": { "type": "string", "description": "ID of the Environment Blueprint\n" }, "manageAccessRoleArn": { "type": "string", "description": "ARN of the manage access role with which this blueprint is created.\n" }, "provisioningRoleArn": { "type": "string", "description": "ARN of the provisioning role with which this blueprint is created.\n" }, "regionalParameters": { "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Parameters for each region in which the blueprint is enabled\n" } }, "required": [ "domainId", "enabledRegions", "environmentBlueprintId" ], "inputProperties": { "domainId": { "type": "string", "description": "ID of the Domain.\n" }, "enabledRegions": { "type": "array", "items": { "type": "string" }, "description": "Regions in which the blueprint is enabled\n\nThe following arguments are optional:\n" }, "environmentBlueprintId": { "type": "string", "description": "ID of the Environment Blueprint\n" }, "manageAccessRoleArn": { "type": "string", "description": "ARN of the manage access role with which this blueprint is created.\n" }, "provisioningRoleArn": { "type": "string", "description": "ARN of the provisioning role with which this blueprint is created.\n" }, "regionalParameters": { "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Parameters for each region in which the blueprint is enabled\n" } }, "requiredInputs": [ "domainId", "enabledRegions", "environmentBlueprintId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EnvironmentBlueprintConfiguration resources.\n", "properties": { "domainId": { "type": "string", "description": "ID of the Domain.\n" }, "enabledRegions": { "type": "array", "items": { "type": "string" }, "description": "Regions in which the blueprint is enabled\n\nThe following arguments are optional:\n" }, "environmentBlueprintId": { "type": "string", "description": "ID of the Environment Blueprint\n" }, "manageAccessRoleArn": { "type": "string", "description": "ARN of the manage access role with which this blueprint is created.\n" }, "provisioningRoleArn": { "type": "string", "description": "ARN of the provisioning role with which this blueprint is created.\n" }, "regionalParameters": { "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Parameters for each region in which the blueprint is enabled\n" } }, "type": "object" } }, "aws:datazone/project:Project": { "description": "Resource for managing an AWS DataZone Project.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:datazone:Project\n properties:\n domainId: ${testAwsDatazoneDomain.id}\n glossaryTerms:\n - 2N8w6XJCwZf\n name: name\n description: desc\n skipDeletionCheck: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.datazone.Project(\"test\", {\n domainIdentifier: testAwsDatazoneDomain.id,\n name: \"name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.datazone.Project(\"test\",\n domain_identifier=test_aws_datazone_domain[\"id\"],\n name=\"name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.DataZone.Project(\"test\", new()\n {\n DomainIdentifier = testAwsDatazoneDomain.Id,\n Name = \"name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datazone\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datazone.NewProject(ctx, \"test\", \u0026datazone.ProjectArgs{\n\t\t\tDomainIdentifier: pulumi.Any(testAwsDatazoneDomain.Id),\n\t\t\tName: pulumi.String(\"name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datazone.Project;\nimport com.pulumi.aws.datazone.ProjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Project(\"test\", ProjectArgs.builder()\n .domainIdentifier(testAwsDatazoneDomain.id())\n .name(\"name\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:datazone:Project\n properties:\n domainIdentifier: ${testAwsDatazoneDomain.id}\n name: name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DataZone Project using the `id`. For example:\n\n```sh\n$ pulumi import aws:datazone/project:Project example projectid123\n```\n", "properties": { "createdAt": { "type": "string", "description": "Timestamp of when the project was made.\n" }, "createdBy": { "type": "string", "description": "Creator of the project.\n" }, "description": { "type": "string", "description": "Description of project.\n" }, "domainIdentifier": { "type": "string", "description": "Identifier of domain which the project is part of. Must follow the regex of ^dzd[-_][a-zA-Z0-9_-]{1,36}$.\n" }, "failureReasons": { "type": "array", "items": { "$ref": "#/types/aws:datazone/ProjectFailureReason:ProjectFailureReason" }, "description": "List of error messages if operation cannot be completed.\n" }, "glossaryTerms": { "type": "array", "items": { "type": "string" }, "description": "List of glossary terms that can be used in the project. The list cannot be empty or include over 20 values. Each value must follow the regex of [a-zA-Z0-9_-]{1,36}$.\n" }, "lastUpdatedAt": { "type": "string", "description": "Timestamp of when the project was last updated.\n" }, "name": { "type": "string", "description": "Name of the project. Must follow the regex of ^[\\w -]+$. and have a length of at most 64.\n\nThe following arguments are optional:\n" }, "projectStatus": { "type": "string", "description": "Enum that conveys state of project. Can be ACTIVE, DELETING, or DELETE_FAILED.\n" }, "skipDeletionCheck": { "type": "boolean", "description": "Optional flag to delete all child entities within the project.\n" }, "timeouts": { "$ref": "#/types/aws:datazone/ProjectTimeouts:ProjectTimeouts" } }, "required": [ "createdAt", "createdBy", "domainIdentifier", "failureReasons", "lastUpdatedAt", "name", "projectStatus" ], "inputProperties": { "description": { "type": "string", "description": "Description of project.\n" }, "domainIdentifier": { "type": "string", "description": "Identifier of domain which the project is part of. Must follow the regex of ^dzd[-_][a-zA-Z0-9_-]{1,36}$.\n" }, "glossaryTerms": { "type": "array", "items": { "type": "string" }, "description": "List of glossary terms that can be used in the project. The list cannot be empty or include over 20 values. Each value must follow the regex of [a-zA-Z0-9_-]{1,36}$.\n" }, "name": { "type": "string", "description": "Name of the project. Must follow the regex of ^[\\w -]+$. and have a length of at most 64.\n\nThe following arguments are optional:\n" }, "skipDeletionCheck": { "type": "boolean", "description": "Optional flag to delete all child entities within the project.\n" }, "timeouts": { "$ref": "#/types/aws:datazone/ProjectTimeouts:ProjectTimeouts" } }, "requiredInputs": [ "domainIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "createdAt": { "type": "string", "description": "Timestamp of when the project was made.\n" }, "createdBy": { "type": "string", "description": "Creator of the project.\n" }, "description": { "type": "string", "description": "Description of project.\n" }, "domainIdentifier": { "type": "string", "description": "Identifier of domain which the project is part of. Must follow the regex of ^dzd[-_][a-zA-Z0-9_-]{1,36}$.\n" }, "failureReasons": { "type": "array", "items": { "$ref": "#/types/aws:datazone/ProjectFailureReason:ProjectFailureReason" }, "description": "List of error messages if operation cannot be completed.\n" }, "glossaryTerms": { "type": "array", "items": { "type": "string" }, "description": "List of glossary terms that can be used in the project. The list cannot be empty or include over 20 values. Each value must follow the regex of [a-zA-Z0-9_-]{1,36}$.\n" }, "lastUpdatedAt": { "type": "string", "description": "Timestamp of when the project was last updated.\n" }, "name": { "type": "string", "description": "Name of the project. Must follow the regex of ^[\\w -]+$. and have a length of at most 64.\n\nThe following arguments are optional:\n" }, "projectStatus": { "type": "string", "description": "Enum that conveys state of project. Can be ACTIVE, DELETING, or DELETE_FAILED.\n" }, "skipDeletionCheck": { "type": "boolean", "description": "Optional flag to delete all child entities within the project.\n" }, "timeouts": { "$ref": "#/types/aws:datazone/ProjectTimeouts:ProjectTimeouts" } }, "type": "object" } }, "aws:dax/cluster:Cluster": { "description": "Provides a DAX Cluster resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.dax.Cluster(\"bar\", {\n clusterName: \"cluster-example\",\n iamRoleArn: example.arn,\n nodeType: \"dax.r4.large\",\n replicationFactor: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.dax.Cluster(\"bar\",\n cluster_name=\"cluster-example\",\n iam_role_arn=example[\"arn\"],\n node_type=\"dax.r4.large\",\n replication_factor=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Dax.Cluster(\"bar\", new()\n {\n ClusterName = \"cluster-example\",\n IamRoleArn = example.Arn,\n NodeType = \"dax.r4.large\",\n ReplicationFactor = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dax.NewCluster(ctx, \"bar\", \u0026dax.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"cluster-example\"),\n\t\t\tIamRoleArn: pulumi.Any(example.Arn),\n\t\t\tNodeType: pulumi.String(\"dax.r4.large\"),\n\t\t\tReplicationFactor: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dax.Cluster;\nimport com.pulumi.aws.dax.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Cluster(\"bar\", ClusterArgs.builder()\n .clusterName(\"cluster-example\")\n .iamRoleArn(example.arn())\n .nodeType(\"dax.r4.large\")\n .replicationFactor(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:dax:Cluster\n properties:\n clusterName: cluster-example\n iamRoleArn: ${example.arn}\n nodeType: dax.r4.large\n replicationFactor: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DAX Clusters using the `cluster_name`. For example:\n\n```sh\n$ pulumi import aws:dax/cluster:Cluster my_cluster my_cluster\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DAX cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n" }, "clusterAddress": { "type": "string", "description": "The DNS name of the DAX cluster without the port appended\n" }, "clusterEndpointEncryptionType": { "type": "string", "description": "The type of encryption the\ncluster's endpoint should support. Valid values are: `NONE` and `TLS`.\nDefault value is `NONE`.\n" }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n" }, "configurationEndpoint": { "type": "string", "description": "The configuration endpoint for this DAX cluster,\nconsisting of a DNS name and a port number\n" }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n" }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:dax/ClusterNode:ClusterNode" }, "description": "List of node objects including `id`, `address`, `port` and\n`availability_zone`. Referenceable e.g., as\n`${aws_dax_cluster.test.nodes.0.address}`\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterAddress", "clusterName", "configurationEndpoint", "iamRoleArn", "maintenanceWindow", "nodeType", "nodes", "parameterGroupName", "port", "replicationFactor", "securityGroupIds", "subnetGroupName", "tagsAll" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n", "willReplaceOnChanges": true }, "clusterEndpointEncryptionType": { "type": "string", "description": "The type of encryption the\ncluster's endpoint should support. Valid values are: `NONE` and `TLS`.\nDefault value is `NONE`.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n", "willReplaceOnChanges": true }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n", "willReplaceOnChanges": true }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterName", "iamRoleArn", "nodeType", "replicationFactor" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DAX cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zones in which the\nnodes will be created\n", "willReplaceOnChanges": true }, "clusterAddress": { "type": "string", "description": "The DNS name of the DAX cluster without the port appended\n" }, "clusterEndpointEncryptionType": { "type": "string", "description": "The type of encryption the\ncluster's endpoint should support. Valid values are: `NONE` and `TLS`.\nDefault value is `NONE`.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "Group identifier. DAX converts this name to\nlowercase\n", "willReplaceOnChanges": true }, "configurationEndpoint": { "type": "string", "description": "The configuration endpoint for this DAX cluster,\nconsisting of a DNS name and a port number\n" }, "description": { "type": "string", "description": "Description for the cluster\n" }, "iamRoleArn": { "type": "string", "description": "A valid Amazon Resource Name (ARN) that identifies\nan IAM role. At runtime, DAX will assume this role and use the role's\npermissions to access DynamoDB on your behalf\n", "willReplaceOnChanges": true }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when\nmaintenance on the cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi`\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Example:\n`sun:05:00-sun:09:00`\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes. See\n[Nodes](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html#DAX.concepts.nodes) for supported node types\n", "willReplaceOnChanges": true }, "nodes": { "type": "array", "items": { "$ref": "#/types/aws:dax/ClusterNode:ClusterNode" }, "description": "List of node objects including `id`, `address`, `port` and\n`availability_zone`. Referenceable e.g., as\n`${aws_dax_cluster.test.nodes.0.address}`\n" }, "notificationTopicArn": { "type": "string", "description": "An Amazon Resource Name (ARN) of an\nSNS topic to send DAX notifications to. Example:\n`arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate\nwith this DAX cluster\n" }, "port": { "type": "integer", "description": "The port used by the configuration endpoint\n" }, "replicationFactor": { "type": "integer", "description": "The number of nodes in the DAX cluster. A\nreplication factor of 1 will create a single-node cluster, without any read\nreplicas\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated\nwith the cluster\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dax/ClusterServerSideEncryption:ClusterServerSideEncryption", "description": "Encrypt at rest options\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the\ncluster\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dax/parameterGroup:ParameterGroup": { "description": "Provides a DAX Parameter Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dax.ParameterGroup(\"example\", {\n name: \"example\",\n parameters: [\n {\n name: \"query-ttl-millis\",\n value: \"100000\",\n },\n {\n name: \"record-ttl-millis\",\n value: \"100000\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dax.ParameterGroup(\"example\",\n name=\"example\",\n parameters=[\n {\n \"name\": \"query-ttl-millis\",\n \"value\": \"100000\",\n },\n {\n \"name\": \"record-ttl-millis\",\n \"value\": \"100000\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dax.ParameterGroup(\"example\", new()\n {\n Name = \"example\",\n Parameters = new[]\n {\n new Aws.Dax.Inputs.ParameterGroupParameterArgs\n {\n Name = \"query-ttl-millis\",\n Value = \"100000\",\n },\n new Aws.Dax.Inputs.ParameterGroupParameterArgs\n {\n Name = \"record-ttl-millis\",\n Value = \"100000\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dax.NewParameterGroup(ctx, \"example\", \u0026dax.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParameters: dax.ParameterGroupParameterArray{\n\t\t\t\t\u0026dax.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"query-ttl-millis\"),\n\t\t\t\t\tValue: pulumi.String(\"100000\"),\n\t\t\t\t},\n\t\t\t\t\u0026dax.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"record-ttl-millis\"),\n\t\t\t\t\tValue: pulumi.String(\"100000\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dax.ParameterGroup;\nimport com.pulumi.aws.dax.ParameterGroupArgs;\nimport com.pulumi.aws.dax.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ParameterGroup(\"example\", ParameterGroupArgs.builder()\n .name(\"example\")\n .parameters( \n ParameterGroupParameterArgs.builder()\n .name(\"query-ttl-millis\")\n .value(\"100000\")\n .build(),\n ParameterGroupParameterArgs.builder()\n .name(\"record-ttl-millis\")\n .value(\"100000\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dax:ParameterGroup\n properties:\n name: example\n parameters:\n - name: query-ttl-millis\n value: '100000'\n - name: record-ttl-millis\n value: '100000'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DAX Parameter Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:dax/parameterGroup:ParameterGroup example my_dax_pg\n```\n", "properties": { "description": { "type": "string", "description": "A description of the parameter group.\n" }, "name": { "type": "string", "description": "The name of the parameter group.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "required": [ "name", "parameters" ], "inputProperties": { "description": { "type": "string", "description": "A description of the parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the parameter group.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "description": { "type": "string", "description": "A description of the parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the parameter group.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:dax/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The parameters of the parameter group.\n" } }, "type": "object" } }, "aws:dax/subnetGroup:SubnetGroup": { "description": "Provides a DAX Subnet Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dax.SubnetGroup(\"example\", {\n name: \"example\",\n subnetIds: [\n example1.id,\n example2.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dax.SubnetGroup(\"example\",\n name=\"example\",\n subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dax.SubnetGroup(\"example\", new()\n {\n Name = \"example\",\n SubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dax\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dax.NewSubnetGroup(ctx, \"example\", \u0026dax.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dax.SubnetGroup;\nimport com.pulumi.aws.dax.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SubnetGroup(\"example\", SubnetGroupArgs.builder()\n .name(\"example\")\n .subnetIds( \n example1.id(),\n example2.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dax:SubnetGroup\n properties:\n name: example\n subnetIds:\n - ${example1.id}\n - ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DAX Subnet Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:dax/subnetGroup:SubnetGroup example my_dax_sg\n```\n", "properties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" }, "vpcId": { "type": "string", "description": "VPC ID of the subnet group.\n" } }, "required": [ "name", "subnetIds", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "description": { "type": "string", "description": "A description of the subnet group.\n" }, "name": { "type": "string", "description": "The name of the subnet group.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs for the subnet group.\n" }, "vpcId": { "type": "string", "description": "VPC ID of the subnet group.\n" } }, "type": "object" } }, "aws:detective/graph:Graph": { "description": "Provides a resource to manage an [AWS Detective Graph](https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateGraph.html). As an AWS account may own only one Detective graph per region, provisioning multiple Detective graphs requires a separate provider configuration for each graph.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.detective.Graph(\"example\", {tags: {\n Name: \"example-detective-graph\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.detective.Graph(\"example\", tags={\n \"Name\": \"example-detective-graph\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Detective.Graph(\"example\", new()\n {\n Tags = \n {\n { \"Name\", \"example-detective-graph\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := detective.NewGraph(ctx, \"example\", \u0026detective.GraphArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-detective-graph\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.detective.Graph;\nimport com.pulumi.aws.detective.GraphArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Graph(\"example\", GraphArgs.builder()\n .tags(Map.of(\"Name\", \"example-detective-graph\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:detective:Graph\n properties:\n tags:\n Name: example-detective-graph\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_graph` using the ARN. For example:\n\n```sh\n$ pulumi import aws:detective/graph:Graph example arn:aws:detective:us-east-1:123456789101:graph:231684d34gh74g4bae1dbc7bd807d02d\n```\n", "properties": { "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the Amazon Detective Graph was created.\n" }, "graphArn": { "type": "string", "description": "ARN of the Detective Graph.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "createdTime", "graphArn", "tagsAll" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Graph resources.\n", "properties": { "createdTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when the Amazon Detective Graph was created.\n" }, "graphArn": { "type": "string", "description": "ARN of the Detective Graph.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:detective/invitationAccepter:InvitationAccepter": { "description": "Provides a resource to manage an [Amazon Detective Invitation Accepter](https://docs.aws.amazon.com/detective/latest/APIReference/API_AcceptInvitation.html). Ensure that the accepter is configured to use the AWS account you wish to _accept_ the invitation from the primary graph owner account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.detective.Graph(\"primary\", {});\nconst primaryMember = new aws.detective.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n emailAddress: \"EMAIL\",\n graphArn: primary.id,\n message: \"Message of the invite\",\n});\nconst member = new aws.detective.InvitationAccepter(\"member\", {graphArn: primary.graphArn}, {\n dependsOn: [primaryMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.detective.Graph(\"primary\")\nprimary_member = aws.detective.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email_address=\"EMAIL\",\n graph_arn=primary.id,\n message=\"Message of the invite\")\nmember = aws.detective.InvitationAccepter(\"member\", graph_arn=primary.graph_arn,\nopts = pulumi.ResourceOptions(depends_on=[primary_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Detective.Graph(\"primary\");\n\n var primaryMember = new Aws.Detective.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n EmailAddress = \"EMAIL\",\n GraphArn = primary.Id,\n Message = \"Message of the invite\",\n });\n\n var member = new Aws.Detective.InvitationAccepter(\"member\", new()\n {\n GraphArn = primary.GraphArn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryMember,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := detective.NewGraph(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryMember, err := detective.NewMember(ctx, \"primary\", \u0026detective.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmailAddress: pulumi.String(\"EMAIL\"),\n\t\t\tGraphArn: primary.ID(),\n\t\t\tMessage: pulumi.String(\"Message of the invite\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewInvitationAccepter(ctx, \"member\", \u0026detective.InvitationAccepterArgs{\n\t\t\tGraphArn: primary.GraphArn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.detective.Graph;\nimport com.pulumi.aws.detective.Member;\nimport com.pulumi.aws.detective.MemberArgs;\nimport com.pulumi.aws.detective.InvitationAccepter;\nimport com.pulumi.aws.detective.InvitationAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Graph(\"primary\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder()\n .accountId(\"ACCOUNT ID\")\n .emailAddress(\"EMAIL\")\n .graphArn(primary.id())\n .message(\"Message of the invite\")\n .build());\n\n var member = new InvitationAccepter(\"member\", InvitationAccepterArgs.builder()\n .graphArn(primary.graphArn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:detective:Graph\n primaryMember:\n type: aws:detective:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n emailAddress: EMAIL\n graphArn: ${primary.id}\n message: Message of the invite\n member:\n type: aws:detective:InvitationAccepter\n properties:\n graphArn: ${primary.graphArn}\n options:\n dependson:\n - ${primaryMember}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_invitation_accepter` using the graph ARN. For example:\n\n```sh\n$ pulumi import aws:detective/invitationAccepter:InvitationAccepter example arn:aws:detective:us-east-1:123456789101:graph:231684d34gh74g4bae1dbc7bd807d02d\n```\n", "properties": { "graphArn": { "type": "string", "description": "ARN of the behavior graph that the member account is accepting the invitation for.\n" } }, "required": [ "graphArn" ], "inputProperties": { "graphArn": { "type": "string", "description": "ARN of the behavior graph that the member account is accepting the invitation for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "graphArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering InvitationAccepter resources.\n", "properties": { "graphArn": { "type": "string", "description": "ARN of the behavior graph that the member account is accepting the invitation for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:detective/member:Member": { "description": "Provides a resource to manage an [Amazon Detective Member](https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateMembers.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.detective.Graph(\"example\", {});\nconst exampleMember = new aws.detective.Member(\"example\", {\n accountId: \"AWS ACCOUNT ID\",\n emailAddress: \"EMAIL\",\n graphArn: example.id,\n message: \"Message of the invitation\",\n disableEmailNotification: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.detective.Graph(\"example\")\nexample_member = aws.detective.Member(\"example\",\n account_id=\"AWS ACCOUNT ID\",\n email_address=\"EMAIL\",\n graph_arn=example.id,\n message=\"Message of the invitation\",\n disable_email_notification=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Detective.Graph(\"example\");\n\n var exampleMember = new Aws.Detective.Member(\"example\", new()\n {\n AccountId = \"AWS ACCOUNT ID\",\n EmailAddress = \"EMAIL\",\n GraphArn = example.Id,\n Message = \"Message of the invitation\",\n DisableEmailNotification = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := detective.NewGraph(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewMember(ctx, \"example\", \u0026detective.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"AWS ACCOUNT ID\"),\n\t\t\tEmailAddress: pulumi.String(\"EMAIL\"),\n\t\t\tGraphArn: example.ID(),\n\t\t\tMessage: pulumi.String(\"Message of the invitation\"),\n\t\t\tDisableEmailNotification: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.detective.Graph;\nimport com.pulumi.aws.detective.Member;\nimport com.pulumi.aws.detective.MemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Graph(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder()\n .accountId(\"AWS ACCOUNT ID\")\n .emailAddress(\"EMAIL\")\n .graphArn(example.id())\n .message(\"Message of the invitation\")\n .disableEmailNotification(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:detective:Graph\n exampleMember:\n type: aws:detective:Member\n name: example\n properties:\n accountId: AWS ACCOUNT ID\n emailAddress: EMAIL\n graphArn: ${example.id}\n message: Message of the invitation\n disableEmailNotification: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_member` using the ARN of the graph followed by the account ID of the member account. For example:\n\n```sh\n$ pulumi import aws:detective/member:Member example arn:aws:detective:us-east-1:123456789101:graph:231684d34gh74g4bae1dbc7bd807d02d/123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the account.\n" }, "administratorId": { "type": "string", "description": "AWS account ID for the administrator account.\n" }, "disableEmailNotification": { "type": "boolean", "description": "If set to true, then the root user of the invited account will _not_ receive an email notification. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. By default, this is set to `false`.\n" }, "disabledReason": { "type": "string" }, "emailAddress": { "type": "string", "description": "Email address for the account.\n" }, "graphArn": { "type": "string", "description": "ARN of the behavior graph to invite the member accounts to contribute their data to.\n" }, "invitedTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when an Amazon Detective membership invitation was last sent to the account.\n" }, "message": { "type": "string", "description": "A custom message to include in the invitation. Amazon Detective adds this message to the standard content that it sends for an invitation.\n" }, "status": { "type": "string", "description": "Current membership status of the member account.\n" }, "updatedTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, of the most recent change to the member account's status.\n" }, "volumeUsageInBytes": { "type": "string", "description": "Data volume in bytes per day for the member account.\n" } }, "required": [ "accountId", "administratorId", "disabledReason", "emailAddress", "graphArn", "invitedTime", "status", "updatedTime", "volumeUsageInBytes" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID for the account.\n", "willReplaceOnChanges": true }, "disableEmailNotification": { "type": "boolean", "description": "If set to true, then the root user of the invited account will _not_ receive an email notification. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. By default, this is set to `false`.\n", "willReplaceOnChanges": true }, "emailAddress": { "type": "string", "description": "Email address for the account.\n", "willReplaceOnChanges": true }, "graphArn": { "type": "string", "description": "ARN of the behavior graph to invite the member accounts to contribute their data to.\n", "willReplaceOnChanges": true }, "message": { "type": "string", "description": "A custom message to include in the invitation. Amazon Detective adds this message to the standard content that it sends for an invitation.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId", "emailAddress", "graphArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the account.\n", "willReplaceOnChanges": true }, "administratorId": { "type": "string", "description": "AWS account ID for the administrator account.\n" }, "disableEmailNotification": { "type": "boolean", "description": "If set to true, then the root user of the invited account will _not_ receive an email notification. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. By default, this is set to `false`.\n", "willReplaceOnChanges": true }, "disabledReason": { "type": "string" }, "emailAddress": { "type": "string", "description": "Email address for the account.\n", "willReplaceOnChanges": true }, "graphArn": { "type": "string", "description": "ARN of the behavior graph to invite the member accounts to contribute their data to.\n", "willReplaceOnChanges": true }, "invitedTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, when an Amazon Detective membership invitation was last sent to the account.\n" }, "message": { "type": "string", "description": "A custom message to include in the invitation. Amazon Detective adds this message to the standard content that it sends for an invitation.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Current membership status of the member account.\n" }, "updatedTime": { "type": "string", "description": "Date and time, in UTC and extended RFC 3339 format, of the most recent change to the member account's status.\n" }, "volumeUsageInBytes": { "type": "string", "description": "Data volume in bytes per day for the member account.\n" } }, "type": "object" } }, "aws:detective/organizationAdminAccount:OrganizationAdminAccount": { "description": "Manages a Detective Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Detective can be found in the [Detective User Guide](https://docs.aws.amazon.com/detective/latest/adminguide/accounts-orgs-transition.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"detective.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.detective.OrganizationAdminAccount(\"example\", {accountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"detective.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.detective.OrganizationAdminAccount(\"example\", account_id=\"123456789012\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"detective.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.Detective.OrganizationAdminAccount(\"example\", new()\n {\n AccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"detective.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewOrganizationAdminAccount(ctx, \"example\", \u0026detective.OrganizationAdminAccountArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.detective.OrganizationAdminAccount;\nimport com.pulumi.aws.detective.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"detective.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder()\n .accountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - detective.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:detective:OrganizationAdminAccount\n name: example\n properties:\n accountId: '123456789012'\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_organization_admin_account` using `account_id`. For example:\n\n```sh\n$ pulumi import aws:detective/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for Detective.\n" } }, "required": [ "accountId" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for Detective.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccount resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for Detective.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:detective/organizationConfiguration:OrganizationConfiguration": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:detective:Graph\n properties:\n enable: true\n exampleOrganizationConfiguration:\n type: aws:detective:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n graphArn: ${example.graphArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_organization_admin_account` using the behavior graph ARN. For example:\n\n```sh\n$ pulumi import aws:detective/organizationConfiguration:OrganizationConfiguration example arn:aws:detective:us-east-1:123456789012:graph:00b00fd5aecc0ab60a708659477e9617\n```\n", "properties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s Detective delegated administrator and Detective is enabled in that AWS Region.\n" }, "graphArn": { "type": "string", "description": "ARN of the behavior graph.\n" } }, "required": [ "autoEnable", "graphArn" ], "inputProperties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s Detective delegated administrator and Detective is enabled in that AWS Region.\n" }, "graphArn": { "type": "string", "description": "ARN of the behavior graph.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "autoEnable", "graphArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfiguration resources.\n", "properties": { "autoEnable": { "type": "boolean", "description": "When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s Detective delegated administrator and Detective is enabled in that AWS Region.\n" }, "graphArn": { "type": "string", "description": "ARN of the behavior graph.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:devicefarm/devicePool:DevicePool": { "description": "Provides a resource to manage AWS Device Farm Device Pools.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devicefarm.DevicePool(\"example\", {\n name: \"example\",\n projectArn: exampleAwsDevicefarmProject.arn,\n rules: [{\n attribute: \"OS_VERSION\",\n operator: \"EQUALS\",\n value: \"\\\"AVAILABLE\\\"\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devicefarm.DevicePool(\"example\",\n name=\"example\",\n project_arn=example_aws_devicefarm_project[\"arn\"],\n rules=[{\n \"attribute\": \"OS_VERSION\",\n \"operator\": \"EQUALS\",\n \"value\": \"\\\"AVAILABLE\\\"\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DeviceFarm.DevicePool(\"example\", new()\n {\n Name = \"example\",\n ProjectArn = exampleAwsDevicefarmProject.Arn,\n Rules = new[]\n {\n new Aws.DeviceFarm.Inputs.DevicePoolRuleArgs\n {\n Attribute = \"OS_VERSION\",\n Operator = \"EQUALS\",\n Value = \"\\\"AVAILABLE\\\"\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devicefarm.NewDevicePool(ctx, \"example\", \u0026devicefarm.DevicePoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProjectArn: pulumi.Any(exampleAwsDevicefarmProject.Arn),\n\t\t\tRules: devicefarm.DevicePoolRuleArray{\n\t\t\t\t\u0026devicefarm.DevicePoolRuleArgs{\n\t\t\t\t\tAttribute: pulumi.String(\"OS_VERSION\"),\n\t\t\t\t\tOperator: pulumi.String(\"EQUALS\"),\n\t\t\t\t\tValue: pulumi.String(\"\\\"AVAILABLE\\\"\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.DevicePool;\nimport com.pulumi.aws.devicefarm.DevicePoolArgs;\nimport com.pulumi.aws.devicefarm.inputs.DevicePoolRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DevicePool(\"example\", DevicePoolArgs.builder()\n .name(\"example\")\n .projectArn(exampleAwsDevicefarmProject.arn())\n .rules(DevicePoolRuleArgs.builder()\n .attribute(\"OS_VERSION\")\n .operator(\"EQUALS\")\n .value(\"\\\"AVAILABLE\\\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devicefarm:DevicePool\n properties:\n name: example\n projectArn: ${exampleAwsDevicefarmProject.arn}\n rules:\n - attribute: OS_VERSION\n operator: EQUALS\n value: '\"AVAILABLE\"'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Device Pools using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/devicePool:DevicePool example arn:aws:devicefarm:us-west-2:123456789012:devicepool:4fa784c7-ccb4-4dbf-ba4f-02198320daa1/4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this Device Pool\n" }, "description": { "type": "string", "description": "The device pool's description.\n" }, "maxDevices": { "type": "integer", "description": "The number of devices that Device Farm can add to your device pool.\n" }, "name": { "type": "string", "description": "The name of the Device Pool\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the device pool.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:devicefarm/DevicePoolRule:DevicePoolRule" }, "description": "The device pool's rules. See Rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string" } }, "required": [ "arn", "name", "projectArn", "rules", "tagsAll", "type" ], "inputProperties": { "description": { "type": "string", "description": "The device pool's description.\n" }, "maxDevices": { "type": "integer", "description": "The number of devices that Device Farm can add to your device pool.\n" }, "name": { "type": "string", "description": "The name of the Device Pool\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the device pool.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:devicefarm/DevicePoolRule:DevicePoolRule" }, "description": "The device pool's rules. See Rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "projectArn", "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering DevicePool resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this Device Pool\n" }, "description": { "type": "string", "description": "The device pool's description.\n" }, "maxDevices": { "type": "integer", "description": "The number of devices that Device Farm can add to your device pool.\n" }, "name": { "type": "string", "description": "The name of the Device Pool\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the device pool.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:devicefarm/DevicePoolRule:DevicePoolRule" }, "description": "The device pool's rules. See Rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string" } }, "type": "object" } }, "aws:devicefarm/instanceProfile:InstanceProfile": { "description": "Provides a resource to manage AWS Device Farm Instance Profiles.\n∂\n\u003e **NOTE:** AWS currently has limited regional support for Device Farm (e.g., `us-west-2`). See [AWS Device Farm endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/devicefarm.html) for information on supported regions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devicefarm.InstanceProfile(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devicefarm.InstanceProfile(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DeviceFarm.InstanceProfile(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devicefarm.NewInstanceProfile(ctx, \"example\", \u0026devicefarm.InstanceProfileArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.InstanceProfile;\nimport com.pulumi.aws.devicefarm.InstanceProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceProfile(\"example\", InstanceProfileArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devicefarm:InstanceProfile\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Instance Profiles using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/instanceProfile:InstanceProfile example arn:aws:devicefarm:us-west-2:123456789012:instanceprofile:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this instance profile.\n" }, "description": { "type": "string", "description": "The description of the instance profile.\n" }, "excludeAppPackagesFromCleanups": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that specifies the list of app packages that should not be cleaned up from the device after a test run.\n" }, "name": { "type": "string", "description": "The name for the instance profile.\n" }, "packageCleanup": { "type": "boolean", "description": "When set to `true`, Device Farm removes app packages after a test run. The default value is `false` for private devices.\n" }, "rebootAfterUse": { "type": "boolean", "description": "When set to `true`, Device Farm reboots the instance after a test run. The default value is `true`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the instance profile.\n" }, "excludeAppPackagesFromCleanups": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that specifies the list of app packages that should not be cleaned up from the device after a test run.\n" }, "name": { "type": "string", "description": "The name for the instance profile.\n" }, "packageCleanup": { "type": "boolean", "description": "When set to `true`, Device Farm removes app packages after a test run. The default value is `false` for private devices.\n" }, "rebootAfterUse": { "type": "boolean", "description": "When set to `true`, Device Farm reboots the instance after a test run. The default value is `true`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InstanceProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this instance profile.\n" }, "description": { "type": "string", "description": "The description of the instance profile.\n" }, "excludeAppPackagesFromCleanups": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that specifies the list of app packages that should not be cleaned up from the device after a test run.\n" }, "name": { "type": "string", "description": "The name for the instance profile.\n" }, "packageCleanup": { "type": "boolean", "description": "When set to `true`, Device Farm removes app packages after a test run. The default value is `false` for private devices.\n" }, "rebootAfterUse": { "type": "boolean", "description": "When set to `true`, Device Farm reboots the instance after a test run. The default value is `true`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:devicefarm/networkProfile:NetworkProfile": { "description": "Provides a resource to manage AWS Device Farm Network Profiles.\n∂\n\u003e **NOTE:** AWS currently has limited regional support for Device Farm (e.g., `us-west-2`). See [AWS Device Farm endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/devicefarm.html) for information on supported regions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devicefarm.Project(\"example\", {name: \"example\"});\nconst exampleNetworkProfile = new aws.devicefarm.NetworkProfile(\"example\", {\n name: \"example\",\n projectArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devicefarm.Project(\"example\", name=\"example\")\nexample_network_profile = aws.devicefarm.NetworkProfile(\"example\",\n name=\"example\",\n project_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DeviceFarm.Project(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleNetworkProfile = new Aws.DeviceFarm.NetworkProfile(\"example\", new()\n {\n Name = \"example\",\n ProjectArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := devicefarm.NewProject(ctx, \"example\", \u0026devicefarm.ProjectArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = devicefarm.NewNetworkProfile(ctx, \"example\", \u0026devicefarm.NetworkProfileArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProjectArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.Project;\nimport com.pulumi.aws.devicefarm.ProjectArgs;\nimport com.pulumi.aws.devicefarm.NetworkProfile;\nimport com.pulumi.aws.devicefarm.NetworkProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleNetworkProfile = new NetworkProfile(\"exampleNetworkProfile\", NetworkProfileArgs.builder()\n .name(\"example\")\n .projectArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devicefarm:Project\n properties:\n name: example\n exampleNetworkProfile:\n type: aws:devicefarm:NetworkProfile\n name: example\n properties:\n name: example\n projectArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Network Profiles using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/networkProfile:NetworkProfile example arn:aws:devicefarm:us-west-2:123456789012:networkprofile:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this network profile.\n" }, "description": { "type": "string", "description": "The description of the network profile.\n" }, "downlinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "downlinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" }, "name": { "type": "string", "description": "The name for the network profile.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the network profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of network profile to create. Valid values are listed are `PRIVATE` and `CURATED`.\n" }, "uplinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "uplinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" } }, "required": [ "arn", "name", "projectArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the network profile.\n" }, "downlinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "downlinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" }, "name": { "type": "string", "description": "The name for the network profile.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the network profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of network profile to create. Valid values are listed are `PRIVATE` and `CURATED`.\n" }, "uplinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "uplinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" } }, "requiredInputs": [ "projectArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this network profile.\n" }, "description": { "type": "string", "description": "The description of the network profile.\n" }, "downlinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "downlinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "downlinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" }, "name": { "type": "string", "description": "The name for the network profile.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the network profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of network profile to create. Valid values are listed are `PRIVATE` and `CURATED`.\n" }, "uplinkBandwidthBits": { "type": "integer", "description": "The data throughput rate in bits per second, as an integer from `0` to `104857600`. Default value is `104857600`.\n" }, "uplinkDelayMs": { "type": "integer", "description": "Delay time for all packets to destination in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkJitterMs": { "type": "integer", "description": "Time variation in the delay of received packets in milliseconds as an integer from `0` to `2000`.\n" }, "uplinkLossPercent": { "type": "integer", "description": "Proportion of received packets that fail to arrive from `0` to `100` percent.\n" } }, "type": "object" } }, "aws:devicefarm/project:Project": { "description": "Provides a resource to manage AWS Device Farm Projects.\n\nFor more information about Device Farm Projects, see the AWS Documentation on\n[Device Farm Projects][aws-get-project].\n\n\u003e **NOTE:** AWS currently has limited regional support for Device Farm (e.g., `us-west-2`). See [AWS Device Farm endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/devicefarm.html) for information on supported regions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awesomeDevices = new aws.devicefarm.Project(\"awesome_devices\", {name: \"my-device-farm\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nawesome_devices = aws.devicefarm.Project(\"awesome_devices\", name=\"my-device-farm\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awesomeDevices = new Aws.DeviceFarm.Project(\"awesome_devices\", new()\n {\n Name = \"my-device-farm\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devicefarm.NewProject(ctx, \"awesome_devices\", \u0026devicefarm.ProjectArgs{\n\t\t\tName: pulumi.String(\"my-device-farm\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.Project;\nimport com.pulumi.aws.devicefarm.ProjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var awesomeDevices = new Project(\"awesomeDevices\", ProjectArgs.builder()\n .name(\"my-device-farm\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awesomeDevices:\n type: aws:devicefarm:Project\n name: awesome_devices\n properties:\n name: my-device-farm\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Projects using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/project:Project example arn:aws:devicefarm:us-west-2:123456789012:project:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this project\n" }, "defaultJobTimeoutMinutes": { "type": "integer", "description": "Sets the execution timeout value (in minutes) for a project. All test runs in this project use the specified execution timeout value unless overridden when scheduling a run.\n" }, "name": { "type": "string", "description": "The name of the project\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "defaultJobTimeoutMinutes": { "type": "integer", "description": "Sets the execution timeout value (in minutes) for a project. All test runs in this project use the specified execution timeout value unless overridden when scheduling a run.\n" }, "name": { "type": "string", "description": "The name of the project\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this project\n" }, "defaultJobTimeoutMinutes": { "type": "integer", "description": "Sets the execution timeout value (in minutes) for a project. All test runs in this project use the specified execution timeout value unless overridden when scheduling a run.\n" }, "name": { "type": "string", "description": "The name of the project\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:devicefarm/testGridProject:TestGridProject": { "description": "Provides a resource to manage AWS Device Farm Test Grid Projects.\n\n\u003e **NOTE:** AWS currently has limited regional support for Device Farm (e.g., `us-west-2`). See [AWS Device Farm endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/devicefarm.html) for information on supported regions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devicefarm.TestGridProject(\"example\", {\n name: \"example\",\n vpcConfig: {\n vpcId: exampleAwsVpc.id,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n securityGroupIds: exampleAwsSecurityGroup.map(__item =\u003e __item.id),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devicefarm.TestGridProject(\"example\",\n name=\"example\",\n vpc_config={\n \"vpc_id\": example_aws_vpc[\"id\"],\n \"subnet_ids\": [__item[\"id\"] for __item in example_aws_subnet],\n \"security_group_ids\": [__item[\"id\"] for __item in example_aws_security_group],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DeviceFarm.TestGridProject(\"example\", new()\n {\n Name = \"example\",\n VpcConfig = new Aws.DeviceFarm.Inputs.TestGridProjectVpcConfigArgs\n {\n VpcId = exampleAwsVpc.Id,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroupIds = exampleAwsSecurityGroup.Select(__item =\u003e __item.Id).ToList(),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := devicefarm.NewTestGridProject(ctx, \"example\", \u0026devicefarm.TestGridProjectArgs{\nName: pulumi.String(\"example\"),\nVpcConfig: \u0026devicefarm.TestGridProjectVpcConfigArgs{\nVpcId: pulumi.Any(exampleAwsVpc.Id),\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:4,24-46)),\nSecurityGroupIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:5,24-53)),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.TestGridProject;\nimport com.pulumi.aws.devicefarm.TestGridProjectArgs;\nimport com.pulumi.aws.devicefarm.inputs.TestGridProjectVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TestGridProject(\"example\", TestGridProjectArgs.builder()\n .name(\"example\")\n .vpcConfig(TestGridProjectVpcConfigArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroupIds(exampleAwsSecurityGroup.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Test Grid Projects using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/testGridProject:TestGridProject example arn:aws:devicefarm:us-west-2:123456789012:testgrid-project:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this Test Grid Project.\n" }, "description": { "type": "string", "description": "Human-readable description of the project.\n" }, "name": { "type": "string", "description": "The name of the Selenium testing project.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:devicefarm/TestGridProjectVpcConfig:TestGridProjectVpcConfig", "description": "The VPC security groups and subnets that are attached to a project. See VPC Config below.\n" } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Human-readable description of the project.\n" }, "name": { "type": "string", "description": "The name of the Selenium testing project.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfig": { "$ref": "#/types/aws:devicefarm/TestGridProjectVpcConfig:TestGridProjectVpcConfig", "description": "The VPC security groups and subnets that are attached to a project. See VPC Config below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TestGridProject resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this Test Grid Project.\n" }, "description": { "type": "string", "description": "Human-readable description of the project.\n" }, "name": { "type": "string", "description": "The name of the Selenium testing project.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:devicefarm/TestGridProjectVpcConfig:TestGridProjectVpcConfig", "description": "The VPC security groups and subnets that are attached to a project. See VPC Config below.\n" } }, "type": "object" } }, "aws:devicefarm/upload:Upload": { "description": "Provides a resource to manage AWS Device Farm Uploads.\n\n\u003e **NOTE:** AWS currently has limited regional support for Device Farm (e.g., `us-west-2`). See [AWS Device Farm endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/devicefarm.html) for information on supported regions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devicefarm.Project(\"example\", {name: \"example\"});\nconst exampleUpload = new aws.devicefarm.Upload(\"example\", {\n name: \"example\",\n projectArn: example.arn,\n type: \"APPIUM_JAVA_TESTNG_TEST_SPEC\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devicefarm.Project(\"example\", name=\"example\")\nexample_upload = aws.devicefarm.Upload(\"example\",\n name=\"example\",\n project_arn=example.arn,\n type=\"APPIUM_JAVA_TESTNG_TEST_SPEC\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DeviceFarm.Project(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleUpload = new Aws.DeviceFarm.Upload(\"example\", new()\n {\n Name = \"example\",\n ProjectArn = example.Arn,\n Type = \"APPIUM_JAVA_TESTNG_TEST_SPEC\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devicefarm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := devicefarm.NewProject(ctx, \"example\", \u0026devicefarm.ProjectArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = devicefarm.NewUpload(ctx, \"example\", \u0026devicefarm.UploadArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProjectArn: example.Arn,\n\t\t\tType: pulumi.String(\"APPIUM_JAVA_TESTNG_TEST_SPEC\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devicefarm.Project;\nimport com.pulumi.aws.devicefarm.ProjectArgs;\nimport com.pulumi.aws.devicefarm.Upload;\nimport com.pulumi.aws.devicefarm.UploadArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleUpload = new Upload(\"exampleUpload\", UploadArgs.builder()\n .name(\"example\")\n .projectArn(example.arn())\n .type(\"APPIUM_JAVA_TESTNG_TEST_SPEC\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devicefarm:Project\n properties:\n name: example\n exampleUpload:\n type: aws:devicefarm:Upload\n name: example\n properties:\n name: example\n projectArn: ${example.arn}\n type: APPIUM_JAVA_TESTNG_TEST_SPEC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DeviceFarm Uploads using their ARN. For example:\n\n```sh\n$ pulumi import aws:devicefarm/upload:Upload example arn:aws:devicefarm:us-west-2:123456789012:upload:4fa784c7-ccb4-4dbf-ba4f-02198320daa1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this upload.\n" }, "category": { "type": "string", "description": "The upload's category.\n" }, "contentType": { "type": "string", "description": "The upload's content type (for example, application/octet-stream).\n" }, "metadata": { "type": "string", "description": "The upload's metadata. For example, for Android, this contains information that is parsed from the manifest and is displayed in the AWS Device Farm console after the associated app is uploaded.\n" }, "name": { "type": "string", "description": "The upload's file name. The name should not contain any forward slashes (/). If you are uploading an iOS app, the file name must end with the .ipa extension. If you are uploading an Android app, the file name must end with the .apk extension. For all others, the file name must end with the .zip file extension.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the upload.\n" }, "type": { "type": "string", "description": "The upload's upload type. See [AWS Docs](https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateUpload.html#API_CreateUpload_RequestSyntax) for valid list of values.\n" }, "url": { "type": "string", "description": "The presigned Amazon S3 URL that was used to store a file using a PUT request.\n" } }, "required": [ "arn", "category", "metadata", "name", "projectArn", "type", "url" ], "inputProperties": { "contentType": { "type": "string", "description": "The upload's content type (for example, application/octet-stream).\n" }, "name": { "type": "string", "description": "The upload's file name. The name should not contain any forward slashes (/). If you are uploading an iOS app, the file name must end with the .ipa extension. If you are uploading an Android app, the file name must end with the .apk extension. For all others, the file name must end with the .zip file extension.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the upload.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The upload's upload type. See [AWS Docs](https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateUpload.html#API_CreateUpload_RequestSyntax) for valid list of values.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "projectArn", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Upload resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of this upload.\n" }, "category": { "type": "string", "description": "The upload's category.\n" }, "contentType": { "type": "string", "description": "The upload's content type (for example, application/octet-stream).\n" }, "metadata": { "type": "string", "description": "The upload's metadata. For example, for Android, this contains information that is parsed from the manifest and is displayed in the AWS Device Farm console after the associated app is uploaded.\n" }, "name": { "type": "string", "description": "The upload's file name. The name should not contain any forward slashes (/). If you are uploading an iOS app, the file name must end with the .ipa extension. If you are uploading an Android app, the file name must end with the .apk extension. For all others, the file name must end with the .zip file extension.\n" }, "projectArn": { "type": "string", "description": "The ARN of the project for the upload.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The upload's upload type. See [AWS Docs](https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateUpload.html#API_CreateUpload_RequestSyntax) for valid list of values.\n", "willReplaceOnChanges": true }, "url": { "type": "string", "description": "The presigned Amazon S3 URL that was used to store a file using a PUT request.\n" } }, "type": "object" } }, "aws:devopsguru/eventSourcesConfig:EventSourcesConfig": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.EventSourcesConfig(\"example\", {eventSources: [{\n amazonCodeGuruProfilers: [{\n status: \"ENABLED\",\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.EventSourcesConfig(\"example\", event_sources=[{\n \"amazon_code_guru_profilers\": [{\n \"status\": \"ENABLED\",\n }],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.EventSourcesConfig(\"example\", new()\n {\n EventSources = new[]\n {\n new Aws.DevOpsGuru.Inputs.EventSourcesConfigEventSourceArgs\n {\n AmazonCodeGuruProfilers = new[]\n {\n new Aws.DevOpsGuru.Inputs.EventSourcesConfigEventSourceAmazonCodeGuruProfilerArgs\n {\n Status = \"ENABLED\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewEventSourcesConfig(ctx, \"example\", \u0026devopsguru.EventSourcesConfigArgs{\n\t\t\tEventSources: devopsguru.EventSourcesConfigEventSourceArray{\n\t\t\t\t\u0026devopsguru.EventSourcesConfigEventSourceArgs{\n\t\t\t\t\tAmazonCodeGuruProfilers: devopsguru.EventSourcesConfigEventSourceAmazonCodeGuruProfilerArray{\n\t\t\t\t\t\t\u0026devopsguru.EventSourcesConfigEventSourceAmazonCodeGuruProfilerArgs{\n\t\t\t\t\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.EventSourcesConfig;\nimport com.pulumi.aws.devopsguru.EventSourcesConfigArgs;\nimport com.pulumi.aws.devopsguru.inputs.EventSourcesConfigEventSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourcesConfig(\"example\", EventSourcesConfigArgs.builder()\n .eventSources(EventSourcesConfigEventSourceArgs.builder()\n .amazonCodeGuruProfilers(EventSourcesConfigEventSourceAmazonCodeGuruProfilerArgs.builder()\n .status(\"ENABLED\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:EventSourcesConfig\n properties:\n eventSources:\n - amazonCodeGuruProfilers:\n - status: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DevOps Guru Event Sources Config using the `id`. For example:\n\n```sh\n$ pulumi import aws:devopsguru/eventSourcesConfig:EventSourcesConfig example us-east-1\n```\n", "properties": { "eventSources": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/EventSourcesConfigEventSource:EventSourcesConfigEventSource" }, "description": "Configuration information about the integration of DevOps Guru as the Consumer via EventBridge with another AWS Service. See `event_sources` below.\n" } }, "inputProperties": { "eventSources": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/EventSourcesConfigEventSource:EventSourcesConfigEventSource" }, "description": "Configuration information about the integration of DevOps Guru as the Consumer via EventBridge with another AWS Service. See `event_sources` below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EventSourcesConfig resources.\n", "properties": { "eventSources": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/EventSourcesConfigEventSource:EventSourcesConfigEventSource" }, "description": "Configuration information about the integration of DevOps Guru as the Consumer via EventBridge with another AWS Service. See `event_sources` below.\n" } }, "type": "object" } }, "aws:devopsguru/notificationChannel:NotificationChannel": { "description": "Resource for managing an AWS DevOps Guru Notification Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.NotificationChannel(\"example\", {sns: {\n topicArn: exampleAwsSnsTopic.arn,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.NotificationChannel(\"example\", sns={\n \"topic_arn\": example_aws_sns_topic[\"arn\"],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.NotificationChannel(\"example\", new()\n {\n Sns = new Aws.DevOpsGuru.Inputs.NotificationChannelSnsArgs\n {\n TopicArn = exampleAwsSnsTopic.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewNotificationChannel(ctx, \"example\", \u0026devopsguru.NotificationChannelArgs{\n\t\t\tSns: \u0026devopsguru.NotificationChannelSnsArgs{\n\t\t\t\tTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.NotificationChannel;\nimport com.pulumi.aws.devopsguru.NotificationChannelArgs;\nimport com.pulumi.aws.devopsguru.inputs.NotificationChannelSnsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NotificationChannel(\"example\", NotificationChannelArgs.builder()\n .sns(NotificationChannelSnsArgs.builder()\n .topicArn(exampleAwsSnsTopic.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:NotificationChannel\n properties:\n sns:\n topicArn: ${exampleAwsSnsTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.NotificationChannel(\"example\", {\n sns: {\n topicArn: exampleAwsSnsTopic.arn,\n },\n filters: {\n messageTypes: [\"NEW_INSIGHT\"],\n severities: [\"HIGH\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.NotificationChannel(\"example\",\n sns={\n \"topic_arn\": example_aws_sns_topic[\"arn\"],\n },\n filters={\n \"message_types\": [\"NEW_INSIGHT\"],\n \"severities\": [\"HIGH\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.NotificationChannel(\"example\", new()\n {\n Sns = new Aws.DevOpsGuru.Inputs.NotificationChannelSnsArgs\n {\n TopicArn = exampleAwsSnsTopic.Arn,\n },\n Filters = new Aws.DevOpsGuru.Inputs.NotificationChannelFiltersArgs\n {\n MessageTypes = new[]\n {\n \"NEW_INSIGHT\",\n },\n Severities = new[]\n {\n \"HIGH\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewNotificationChannel(ctx, \"example\", \u0026devopsguru.NotificationChannelArgs{\n\t\t\tSns: \u0026devopsguru.NotificationChannelSnsArgs{\n\t\t\t\tTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t},\n\t\t\tFilters: \u0026devopsguru.NotificationChannelFiltersArgs{\n\t\t\t\tMessageTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"NEW_INSIGHT\"),\n\t\t\t\t},\n\t\t\t\tSeverities: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"HIGH\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.NotificationChannel;\nimport com.pulumi.aws.devopsguru.NotificationChannelArgs;\nimport com.pulumi.aws.devopsguru.inputs.NotificationChannelSnsArgs;\nimport com.pulumi.aws.devopsguru.inputs.NotificationChannelFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NotificationChannel(\"example\", NotificationChannelArgs.builder()\n .sns(NotificationChannelSnsArgs.builder()\n .topicArn(exampleAwsSnsTopic.arn())\n .build())\n .filters(NotificationChannelFiltersArgs.builder()\n .messageTypes(\"NEW_INSIGHT\")\n .severities(\"HIGH\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:NotificationChannel\n properties:\n sns:\n topicArn: ${exampleAwsSnsTopic.arn}\n filters:\n messageTypes:\n - NEW_INSIGHT\n severities:\n - HIGH\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DevOps Guru Notification Channel using the `id`. For example:\n\n```sh\n$ pulumi import aws:devopsguru/notificationChannel:NotificationChannel example id-12345678\n```\n", "properties": { "filters": { "$ref": "#/types/aws:devopsguru/NotificationChannelFilters:NotificationChannelFilters", "description": "Filter configurations for the Amazon SNS notification topic. See the `filters` argument reference below.\n" }, "sns": { "$ref": "#/types/aws:devopsguru/NotificationChannelSns:NotificationChannelSns", "description": "SNS noficiation channel configurations. See the `sns` argument reference below.\n\nThe following arguments are optional:\n" } }, "inputProperties": { "filters": { "$ref": "#/types/aws:devopsguru/NotificationChannelFilters:NotificationChannelFilters", "description": "Filter configurations for the Amazon SNS notification topic. See the `filters` argument reference below.\n" }, "sns": { "$ref": "#/types/aws:devopsguru/NotificationChannelSns:NotificationChannelSns", "description": "SNS noficiation channel configurations. See the `sns` argument reference below.\n\nThe following arguments are optional:\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering NotificationChannel resources.\n", "properties": { "filters": { "$ref": "#/types/aws:devopsguru/NotificationChannelFilters:NotificationChannelFilters", "description": "Filter configurations for the Amazon SNS notification topic. See the `filters` argument reference below.\n" }, "sns": { "$ref": "#/types/aws:devopsguru/NotificationChannelSns:NotificationChannelSns", "description": "SNS noficiation channel configurations. See the `sns` argument reference below.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:devopsguru/resourceCollection:ResourceCollection": { "description": "Resource for managing an AWS DevOps Guru Resource Collection.\n\n\u003e Only one type of resource collection (All Account Resources, CloudFormation, or Tags) can be enabled in an account at a time. To avoid persistent differences, this resource should be defined only once.\n\n## Example Usage\n\n### All Account Resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.ResourceCollection(\"example\", {\n type: \"AWS_SERVICE\",\n cloudformation: {\n stackNames: [\"*\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.ResourceCollection(\"example\",\n type=\"AWS_SERVICE\",\n cloudformation={\n \"stack_names\": [\"*\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.ResourceCollection(\"example\", new()\n {\n Type = \"AWS_SERVICE\",\n Cloudformation = new Aws.DevOpsGuru.Inputs.ResourceCollectionCloudformationArgs\n {\n StackNames = new[]\n {\n \"*\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewResourceCollection(ctx, \"example\", \u0026devopsguru.ResourceCollectionArgs{\n\t\t\tType: pulumi.String(\"AWS_SERVICE\"),\n\t\t\tCloudformation: \u0026devopsguru.ResourceCollectionCloudformationArgs{\n\t\t\t\tStackNames: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.ResourceCollection;\nimport com.pulumi.aws.devopsguru.ResourceCollectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ResourceCollectionCloudformationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceCollection(\"example\", ResourceCollectionArgs.builder()\n .type(\"AWS_SERVICE\")\n .cloudformation(ResourceCollectionCloudformationArgs.builder()\n .stackNames(\"*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:ResourceCollection\n properties:\n type: AWS_SERVICE\n cloudformation:\n stackNames:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudFormation Stacks\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.ResourceCollection(\"example\", {\n type: \"AWS_CLOUD_FORMATION\",\n cloudformation: {\n stackNames: [\"ExampleStack\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.ResourceCollection(\"example\",\n type=\"AWS_CLOUD_FORMATION\",\n cloudformation={\n \"stack_names\": [\"ExampleStack\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.ResourceCollection(\"example\", new()\n {\n Type = \"AWS_CLOUD_FORMATION\",\n Cloudformation = new Aws.DevOpsGuru.Inputs.ResourceCollectionCloudformationArgs\n {\n StackNames = new[]\n {\n \"ExampleStack\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewResourceCollection(ctx, \"example\", \u0026devopsguru.ResourceCollectionArgs{\n\t\t\tType: pulumi.String(\"AWS_CLOUD_FORMATION\"),\n\t\t\tCloudformation: \u0026devopsguru.ResourceCollectionCloudformationArgs{\n\t\t\t\tStackNames: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"ExampleStack\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.ResourceCollection;\nimport com.pulumi.aws.devopsguru.ResourceCollectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ResourceCollectionCloudformationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceCollection(\"example\", ResourceCollectionArgs.builder()\n .type(\"AWS_CLOUD_FORMATION\")\n .cloudformation(ResourceCollectionCloudformationArgs.builder()\n .stackNames(\"ExampleStack\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:ResourceCollection\n properties:\n type: AWS_CLOUD_FORMATION\n cloudformation:\n stackNames:\n - ExampleStack\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.ResourceCollection(\"example\", {\n type: \"AWS_TAGS\",\n tags: {\n appBoundaryKey: \"DevOps-Guru-Example\",\n tagValues: [\"Example-Value\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.ResourceCollection(\"example\",\n type=\"AWS_TAGS\",\n tags={\n \"app_boundary_key\": \"DevOps-Guru-Example\",\n \"tag_values\": [\"Example-Value\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.ResourceCollection(\"example\", new()\n {\n Type = \"AWS_TAGS\",\n Tags = new Aws.DevOpsGuru.Inputs.ResourceCollectionTagsArgs\n {\n AppBoundaryKey = \"DevOps-Guru-Example\",\n TagValues = new[]\n {\n \"Example-Value\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewResourceCollection(ctx, \"example\", \u0026devopsguru.ResourceCollectionArgs{\n\t\t\tType: pulumi.String(\"AWS_TAGS\"),\n\t\t\tTags: \u0026devopsguru.ResourceCollectionTagsArgs{\n\t\t\t\tAppBoundaryKey: pulumi.String(\"DevOps-Guru-Example\"),\n\t\t\t\tTagValues: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"Example-Value\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.ResourceCollection;\nimport com.pulumi.aws.devopsguru.ResourceCollectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ResourceCollectionTagsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceCollection(\"example\", ResourceCollectionArgs.builder()\n .type(\"AWS_TAGS\")\n .tags(ResourceCollectionTagsArgs.builder()\n .appBoundaryKey(\"DevOps-Guru-Example\")\n .tagValues(\"Example-Value\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:ResourceCollection\n properties:\n type: AWS_TAGS\n tags:\n appBoundaryKey: DevOps-Guru-Example\n tagValues:\n - Example-Value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Tags All Resources\n\nTo analyze all resources with the `app_boundary_key` regardless of the corresponding tag value, set `tag_values` to `[\"*\"]`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.ResourceCollection(\"example\", {\n type: \"AWS_TAGS\",\n tags: {\n appBoundaryKey: \"DevOps-Guru-Example\",\n tagValues: [\"*\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.ResourceCollection(\"example\",\n type=\"AWS_TAGS\",\n tags={\n \"app_boundary_key\": \"DevOps-Guru-Example\",\n \"tag_values\": [\"*\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.ResourceCollection(\"example\", new()\n {\n Type = \"AWS_TAGS\",\n Tags = new Aws.DevOpsGuru.Inputs.ResourceCollectionTagsArgs\n {\n AppBoundaryKey = \"DevOps-Guru-Example\",\n TagValues = new[]\n {\n \"*\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewResourceCollection(ctx, \"example\", \u0026devopsguru.ResourceCollectionArgs{\n\t\t\tType: pulumi.String(\"AWS_TAGS\"),\n\t\t\tTags: \u0026devopsguru.ResourceCollectionTagsArgs{\n\t\t\t\tAppBoundaryKey: pulumi.String(\"DevOps-Guru-Example\"),\n\t\t\t\tTagValues: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.ResourceCollection;\nimport com.pulumi.aws.devopsguru.ResourceCollectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ResourceCollectionTagsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceCollection(\"example\", ResourceCollectionArgs.builder()\n .type(\"AWS_TAGS\")\n .tags(ResourceCollectionTagsArgs.builder()\n .appBoundaryKey(\"DevOps-Guru-Example\")\n .tagValues(\"*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:ResourceCollection\n properties:\n type: AWS_TAGS\n tags:\n appBoundaryKey: DevOps-Guru-Example\n tagValues:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DevOps Guru Resource Collection using the `id`. For example:\n\n```sh\n$ pulumi import aws:devopsguru/resourceCollection:ResourceCollection example AWS_CLOUD_FORMATION\n```\n", "properties": { "cloudformation": { "$ref": "#/types/aws:devopsguru/ResourceCollectionCloudformation:ResourceCollectionCloudformation", "description": "A collection of AWS CloudFormation stacks. See `cloudformation` below for additional details.\n" }, "tags": { "$ref": "#/types/aws:devopsguru/ResourceCollectionTags:ResourceCollectionTags", "description": "AWS tags used to filter the resources in the resource collection. See `tags` below for additional details.\n" }, "type": { "type": "string", "description": "Type of AWS resource collection to create. Valid values are `AWS_CLOUD_FORMATION`, `AWS_SERVICE`, and `AWS_TAGS`.\n\nThe following arguments are optional:\n" } }, "required": [ "type" ], "inputProperties": { "cloudformation": { "$ref": "#/types/aws:devopsguru/ResourceCollectionCloudformation:ResourceCollectionCloudformation", "description": "A collection of AWS CloudFormation stacks. See `cloudformation` below for additional details.\n" }, "tags": { "$ref": "#/types/aws:devopsguru/ResourceCollectionTags:ResourceCollectionTags", "description": "AWS tags used to filter the resources in the resource collection. See `tags` below for additional details.\n" }, "type": { "type": "string", "description": "Type of AWS resource collection to create. Valid values are `AWS_CLOUD_FORMATION`, `AWS_SERVICE`, and `AWS_TAGS`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceCollection resources.\n", "properties": { "cloudformation": { "$ref": "#/types/aws:devopsguru/ResourceCollectionCloudformation:ResourceCollectionCloudformation", "description": "A collection of AWS CloudFormation stacks. See `cloudformation` below for additional details.\n" }, "tags": { "$ref": "#/types/aws:devopsguru/ResourceCollectionTags:ResourceCollectionTags", "description": "AWS tags used to filter the resources in the resource collection. See `tags` below for additional details.\n" }, "type": { "type": "string", "description": "Type of AWS resource collection to create. Valid values are `AWS_CLOUD_FORMATION`, `AWS_SERVICE`, and `AWS_TAGS`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:devopsguru/serviceIntegration:ServiceIntegration": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.devopsguru.ServiceIntegration(\"example\", {\n kmsServerSideEncryption: {\n optInStatus: \"ENABLED\",\n type: \"AWS_OWNED_KMS_KEY\",\n },\n logsAnomalyDetection: {\n optInStatus: \"ENABLED\",\n },\n opsCenter: {\n optInStatus: \"ENABLED\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.ServiceIntegration(\"example\",\n kms_server_side_encryption={\n \"opt_in_status\": \"ENABLED\",\n \"type\": \"AWS_OWNED_KMS_KEY\",\n },\n logs_anomaly_detection={\n \"opt_in_status\": \"ENABLED\",\n },\n ops_center={\n \"opt_in_status\": \"ENABLED\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DevOpsGuru.ServiceIntegration(\"example\", new()\n {\n KmsServerSideEncryption = new Aws.DevOpsGuru.Inputs.ServiceIntegrationKmsServerSideEncryptionArgs\n {\n OptInStatus = \"ENABLED\",\n Type = \"AWS_OWNED_KMS_KEY\",\n },\n LogsAnomalyDetection = new Aws.DevOpsGuru.Inputs.ServiceIntegrationLogsAnomalyDetectionArgs\n {\n OptInStatus = \"ENABLED\",\n },\n OpsCenter = new Aws.DevOpsGuru.Inputs.ServiceIntegrationOpsCenterArgs\n {\n OptInStatus = \"ENABLED\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.NewServiceIntegration(ctx, \"example\", \u0026devopsguru.ServiceIntegrationArgs{\n\t\t\tKmsServerSideEncryption: \u0026devopsguru.ServiceIntegrationKmsServerSideEncryptionArgs{\n\t\t\t\tOptInStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\tType: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t},\n\t\t\tLogsAnomalyDetection: \u0026devopsguru.ServiceIntegrationLogsAnomalyDetectionArgs{\n\t\t\t\tOptInStatus: pulumi.String(\"ENABLED\"),\n\t\t\t},\n\t\t\tOpsCenter: \u0026devopsguru.ServiceIntegrationOpsCenterArgs{\n\t\t\t\tOptInStatus: pulumi.String(\"ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.ServiceIntegration;\nimport com.pulumi.aws.devopsguru.ServiceIntegrationArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationKmsServerSideEncryptionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationLogsAnomalyDetectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationOpsCenterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceIntegration(\"example\", ServiceIntegrationArgs.builder()\n .kmsServerSideEncryption(ServiceIntegrationKmsServerSideEncryptionArgs.builder()\n .optInStatus(\"ENABLED\")\n .type(\"AWS_OWNED_KMS_KEY\")\n .build())\n .logsAnomalyDetection(ServiceIntegrationLogsAnomalyDetectionArgs.builder()\n .optInStatus(\"ENABLED\")\n .build())\n .opsCenter(ServiceIntegrationOpsCenterArgs.builder()\n .optInStatus(\"ENABLED\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:devopsguru:ServiceIntegration\n properties:\n kmsServerSideEncryption:\n optInStatus: ENABLED\n type: AWS_OWNED_KMS_KEY\n logsAnomalyDetection:\n optInStatus: ENABLED\n opsCenter:\n optInStatus: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Customer Managed KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {});\nconst exampleServiceIntegration = new aws.devopsguru.ServiceIntegration(\"example\", {\n kmsServerSideEncryption: {\n kmsKeyId: test.arn,\n optInStatus: \"ENABLED\",\n type: \"CUSTOMER_MANAGED_KEY\",\n },\n logsAnomalyDetection: {\n optInStatus: \"DISABLED\",\n },\n opsCenter: {\n optInStatus: \"DISABLED\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\")\nexample_service_integration = aws.devopsguru.ServiceIntegration(\"example\",\n kms_server_side_encryption={\n \"kms_key_id\": test[\"arn\"],\n \"opt_in_status\": \"ENABLED\",\n \"type\": \"CUSTOMER_MANAGED_KEY\",\n },\n logs_anomaly_detection={\n \"opt_in_status\": \"DISABLED\",\n },\n ops_center={\n \"opt_in_status\": \"DISABLED\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\");\n\n var exampleServiceIntegration = new Aws.DevOpsGuru.ServiceIntegration(\"example\", new()\n {\n KmsServerSideEncryption = new Aws.DevOpsGuru.Inputs.ServiceIntegrationKmsServerSideEncryptionArgs\n {\n KmsKeyId = test.Arn,\n OptInStatus = \"ENABLED\",\n Type = \"CUSTOMER_MANAGED_KEY\",\n },\n LogsAnomalyDetection = new Aws.DevOpsGuru.Inputs.ServiceIntegrationLogsAnomalyDetectionArgs\n {\n OptInStatus = \"DISABLED\",\n },\n OpsCenter = new Aws.DevOpsGuru.Inputs.ServiceIntegrationOpsCenterArgs\n {\n OptInStatus = \"DISABLED\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.NewKey(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = devopsguru.NewServiceIntegration(ctx, \"example\", \u0026devopsguru.ServiceIntegrationArgs{\n\t\t\tKmsServerSideEncryption: \u0026devopsguru.ServiceIntegrationKmsServerSideEncryptionArgs{\n\t\t\t\tKmsKeyId: pulumi.Any(test.Arn),\n\t\t\t\tOptInStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\tType: pulumi.String(\"CUSTOMER_MANAGED_KEY\"),\n\t\t\t},\n\t\t\tLogsAnomalyDetection: \u0026devopsguru.ServiceIntegrationLogsAnomalyDetectionArgs{\n\t\t\t\tOptInStatus: pulumi.String(\"DISABLED\"),\n\t\t\t},\n\t\t\tOpsCenter: \u0026devopsguru.ServiceIntegrationOpsCenterArgs{\n\t\t\t\tOptInStatus: pulumi.String(\"DISABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.devopsguru.ServiceIntegration;\nimport com.pulumi.aws.devopsguru.ServiceIntegrationArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationKmsServerSideEncryptionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationLogsAnomalyDetectionArgs;\nimport com.pulumi.aws.devopsguru.inputs.ServiceIntegrationOpsCenterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\");\n\n var exampleServiceIntegration = new ServiceIntegration(\"exampleServiceIntegration\", ServiceIntegrationArgs.builder()\n .kmsServerSideEncryption(ServiceIntegrationKmsServerSideEncryptionArgs.builder()\n .kmsKeyId(test.arn())\n .optInStatus(\"ENABLED\")\n .type(\"CUSTOMER_MANAGED_KEY\")\n .build())\n .logsAnomalyDetection(ServiceIntegrationLogsAnomalyDetectionArgs.builder()\n .optInStatus(\"DISABLED\")\n .build())\n .opsCenter(ServiceIntegrationOpsCenterArgs.builder()\n .optInStatus(\"DISABLED\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n exampleServiceIntegration:\n type: aws:devopsguru:ServiceIntegration\n name: example\n properties:\n kmsServerSideEncryption:\n kmsKeyId: ${test.arn}\n optInStatus: ENABLED\n type: CUSTOMER_MANAGED_KEY\n logsAnomalyDetection:\n optInStatus: DISABLED\n opsCenter:\n optInStatus: DISABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DevOps Guru Service Integration using the `id`. For example:\n\n```sh\n$ pulumi import aws:devopsguru/serviceIntegration:ServiceIntegration example us-east-1\n```\n", "properties": { "kmsServerSideEncryption": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationKmsServerSideEncryption:ServiceIntegrationKmsServerSideEncryption", "description": "Information about whether DevOps Guru is configured to encrypt server-side data using KMS. See `kms_server_side_encryption` below.\n" }, "logsAnomalyDetection": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationLogsAnomalyDetection:ServiceIntegrationLogsAnomalyDetection", "description": "Information about whether DevOps Guru is configured to perform log anomaly detection on Amazon CloudWatch log groups. See `logs_anomaly_detection` below.\n" }, "opsCenter": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationOpsCenter:ServiceIntegrationOpsCenter", "description": "Information about whether DevOps Guru is configured to create an OpsItem in AWS Systems Manager OpsCenter for each created insight. See `ops_center` below.\n" } }, "inputProperties": { "kmsServerSideEncryption": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationKmsServerSideEncryption:ServiceIntegrationKmsServerSideEncryption", "description": "Information about whether DevOps Guru is configured to encrypt server-side data using KMS. See `kms_server_side_encryption` below.\n" }, "logsAnomalyDetection": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationLogsAnomalyDetection:ServiceIntegrationLogsAnomalyDetection", "description": "Information about whether DevOps Guru is configured to perform log anomaly detection on Amazon CloudWatch log groups. See `logs_anomaly_detection` below.\n" }, "opsCenter": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationOpsCenter:ServiceIntegrationOpsCenter", "description": "Information about whether DevOps Guru is configured to create an OpsItem in AWS Systems Manager OpsCenter for each created insight. See `ops_center` below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ServiceIntegration resources.\n", "properties": { "kmsServerSideEncryption": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationKmsServerSideEncryption:ServiceIntegrationKmsServerSideEncryption", "description": "Information about whether DevOps Guru is configured to encrypt server-side data using KMS. See `kms_server_side_encryption` below.\n" }, "logsAnomalyDetection": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationLogsAnomalyDetection:ServiceIntegrationLogsAnomalyDetection", "description": "Information about whether DevOps Guru is configured to perform log anomaly detection on Amazon CloudWatch log groups. See `logs_anomaly_detection` below.\n" }, "opsCenter": { "$ref": "#/types/aws:devopsguru/ServiceIntegrationOpsCenter:ServiceIntegrationOpsCenter", "description": "Information about whether DevOps Guru is configured to create an OpsItem in AWS Systems Manager OpsCenter for each created insight. See `ops_center` below.\n" } }, "type": "object" } }, "aws:directconnect/bgpPeer:BgpPeer": { "description": "Provides a Direct Connect BGP peer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst peer = new aws.directconnect.BgpPeer(\"peer\", {\n virtualInterfaceId: foo.id,\n addressFamily: \"ipv6\",\n bgpAsn: 65351,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npeer = aws.directconnect.BgpPeer(\"peer\",\n virtual_interface_id=foo[\"id\"],\n address_family=\"ipv6\",\n bgp_asn=65351)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Aws.DirectConnect.BgpPeer(\"peer\", new()\n {\n VirtualInterfaceId = foo.Id,\n AddressFamily = \"ipv6\",\n BgpAsn = 65351,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewBgpPeer(ctx, \"peer\", \u0026directconnect.BgpPeerArgs{\n\t\t\tVirtualInterfaceId: pulumi.Any(foo.Id),\n\t\t\tAddressFamily: pulumi.String(\"ipv6\"),\n\t\t\tBgpAsn: pulumi.Int(65351),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.BgpPeer;\nimport com.pulumi.aws.directconnect.BgpPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new BgpPeer(\"peer\", BgpPeerArgs.builder()\n .virtualInterfaceId(foo.id())\n .addressFamily(\"ipv6\")\n .bgpAsn(65351)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: aws:directconnect:BgpPeer\n properties:\n virtualInterfaceId: ${foo.id}\n addressFamily: ipv6\n bgpAsn: 65351\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the BGP peer terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "bgpPeerId": { "type": "string", "description": "The ID of the BGP peer.\n" }, "bgpStatus": { "type": "string", "description": "The Up/Down state of the BGP peer.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n" } }, "required": [ "addressFamily", "amazonAddress", "awsDevice", "bgpAsn", "bgpAuthKey", "bgpPeerId", "bgpStatus", "customerAddress", "virtualInterfaceId" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n", "willReplaceOnChanges": true }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering BgpPeer resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon.\nRequired for IPv4 BGP peers on public virtual interfaces.\n", "willReplaceOnChanges": true }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the BGP peer terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "bgpPeerId": { "type": "string", "description": "The ID of the BGP peer.\n" }, "bgpStatus": { "type": "string", "description": "The Up/Down state of the BGP peer.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic.\nRequired for IPv4 BGP peers on public virtual interfaces.\n", "willReplaceOnChanges": true }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface on which to create the BGP peer.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/connection:Connection": { "description": "Provides a Connection of Direct Connect.\n\n## Example Usage\n\n### Create a connection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hoge = new aws.directconnect.Connection(\"hoge\", {\n name: \"tf-dx-connection\",\n bandwidth: \"1Gbps\",\n location: \"EqDC2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge = aws.directconnect.Connection(\"hoge\",\n name=\"tf-dx-connection\",\n bandwidth=\"1Gbps\",\n location=\"EqDC2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var hoge = new Aws.DirectConnect.Connection(\"hoge\", new()\n {\n Name = \"tf-dx-connection\",\n Bandwidth = \"1Gbps\",\n Location = \"EqDC2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewConnection(ctx, \"hoge\", \u0026directconnect.ConnectionArgs{\n\t\t\tName: pulumi.String(\"tf-dx-connection\"),\n\t\t\tBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqDC2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Connection;\nimport com.pulumi.aws.directconnect.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var hoge = new Connection(\"hoge\", ConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .bandwidth(\"1Gbps\")\n .location(\"EqDC2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n hoge:\n type: aws:directconnect:Connection\n properties:\n name: tf-dx-connection\n bandwidth: 1Gbps\n location: EqDC2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Request a MACsec-capable connection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Connection(\"example\", {\n name: \"tf-dx-connection\",\n bandwidth: \"10Gbps\",\n location: \"EqDA2\",\n requestMacsec: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Connection(\"example\",\n name=\"tf-dx-connection\",\n bandwidth=\"10Gbps\",\n location=\"EqDA2\",\n request_macsec=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Connection(\"example\", new()\n {\n Name = \"tf-dx-connection\",\n Bandwidth = \"10Gbps\",\n Location = \"EqDA2\",\n RequestMacsec = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewConnection(ctx, \"example\", \u0026directconnect.ConnectionArgs{\n\t\t\tName: pulumi.String(\"tf-dx-connection\"),\n\t\t\tBandwidth: pulumi.String(\"10Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqDA2\"),\n\t\t\tRequestMacsec: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Connection;\nimport com.pulumi.aws.directconnect.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .bandwidth(\"10Gbps\")\n .location(\"EqDA2\")\n .requestMacsec(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Connection\n properties:\n name: tf-dx-connection\n bandwidth: 10Gbps\n location: EqDA2\n requestMacsec: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configure encryption mode for MACsec-capable connections\n\n\u003e **NOTE:** You can only specify the `encryption_mode` argument once the connection is in an `Available` state.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Connection(\"example\", {\n name: \"tf-dx-connection\",\n bandwidth: \"10Gbps\",\n location: \"EqDC2\",\n requestMacsec: true,\n encryptionMode: \"must_encrypt\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Connection(\"example\",\n name=\"tf-dx-connection\",\n bandwidth=\"10Gbps\",\n location=\"EqDC2\",\n request_macsec=True,\n encryption_mode=\"must_encrypt\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Connection(\"example\", new()\n {\n Name = \"tf-dx-connection\",\n Bandwidth = \"10Gbps\",\n Location = \"EqDC2\",\n RequestMacsec = true,\n EncryptionMode = \"must_encrypt\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewConnection(ctx, \"example\", \u0026directconnect.ConnectionArgs{\n\t\t\tName: pulumi.String(\"tf-dx-connection\"),\n\t\t\tBandwidth: pulumi.String(\"10Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqDC2\"),\n\t\t\tRequestMacsec: pulumi.Bool(true),\n\t\t\tEncryptionMode: pulumi.String(\"must_encrypt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Connection;\nimport com.pulumi.aws.directconnect.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .bandwidth(\"10Gbps\")\n .location(\"EqDC2\")\n .requestMacsec(true)\n .encryptionMode(\"must_encrypt\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Connection\n properties:\n name: tf-dx-connection\n bandwidth: 10Gbps\n location: EqDC2\n requestMacsec: true\n encryptionMode: must_encrypt\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect connections using the connection `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/connection:Connection test_connection dxcon-ffre0ec3\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the connection.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n" }, "encryptionMode": { "type": "string", "description": "The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are `no_encrypt`, `should_encrypt`, and `must_encrypt`.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "macsecCapable": { "type": "boolean", "description": "Boolean value indicating whether the connection supports MAC Security (MACsec).\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the connection.\n" }, "partnerName": { "type": "string", "description": "The name of the AWS Direct Connect service provider associated with the connection.\n" }, "portEncryptionStatus": { "type": "string", "description": "The MAC Security (MACsec) port link status of the connection.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the connection.\n" }, "requestMacsec": { "type": "boolean", "description": "Boolean value indicating whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See [MACsec prerequisites](https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-mac-sec-getting-started.html#mac-sec-prerequisites) for more information about MAC Security (MACsec) prerequisites. Default value: `false`.\n\n\u003e **NOTE:** Changing the value of `request_macsec` will cause the resource to be destroyed and re-created.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the connection to be deleted at destroy time, and instead just removed from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlanId": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "arn", "awsDevice", "bandwidth", "encryptionMode", "hasLogicalRedundancy", "jumboFrameCapable", "location", "macsecCapable", "name", "ownerAccountId", "partnerName", "portEncryptionStatus", "providerName", "tagsAll", "vlanId" ], "inputProperties": { "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "encryptionMode": { "type": "string", "description": "The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are `no_encrypt`, `should_encrypt`, and `must_encrypt`.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection.\n", "willReplaceOnChanges": true }, "providerName": { "type": "string", "description": "The name of the service provider associated with the connection.\n", "willReplaceOnChanges": true }, "requestMacsec": { "type": "boolean", "description": "Boolean value indicating whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See [MACsec prerequisites](https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-mac-sec-getting-started.html#mac-sec-prerequisites) for more information about MAC Security (MACsec) prerequisites. Default value: `false`.\n\n\u003e **NOTE:** Changing the value of `request_macsec` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the connection to be deleted at destroy time, and instead just removed from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "bandwidth", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the connection.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "encryptionMode": { "type": "string", "description": "The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are `no_encrypt`, `should_encrypt`, and `must_encrypt`.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location where the connection is located. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n", "willReplaceOnChanges": true }, "macsecCapable": { "type": "boolean", "description": "Boolean value indicating whether the connection supports MAC Security (MACsec).\n" }, "name": { "type": "string", "description": "The name of the connection.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the connection.\n" }, "partnerName": { "type": "string", "description": "The name of the AWS Direct Connect service provider associated with the connection.\n" }, "portEncryptionStatus": { "type": "string", "description": "The MAC Security (MACsec) port link status of the connection.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the connection.\n", "willReplaceOnChanges": true }, "requestMacsec": { "type": "boolean", "description": "Boolean value indicating whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See [MACsec prerequisites](https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-mac-sec-getting-started.html#mac-sec-prerequisites) for more information about MAC Security (MACsec) prerequisites. Default value: `false`.\n\n\u003e **NOTE:** Changing the value of `request_macsec` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the connection to be deleted at destroy time, and instead just removed from the state.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlanId": { "type": "integer", "description": "The VLAN ID.\n" } }, "type": "object" } }, "aws:directconnect/connectionAssociation:ConnectionAssociation": { "description": "Associates a Direct Connect Connection with a LAG.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Connection(\"example\", {\n name: \"example\",\n bandwidth: \"1Gbps\",\n location: \"EqSe2-EQ\",\n});\nconst exampleLinkAggregationGroup = new aws.directconnect.LinkAggregationGroup(\"example\", {\n name: \"example\",\n connectionsBandwidth: \"1Gbps\",\n location: \"EqSe2-EQ\",\n});\nconst exampleConnectionAssociation = new aws.directconnect.ConnectionAssociation(\"example\", {\n connectionId: example.id,\n lagId: exampleLinkAggregationGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Connection(\"example\",\n name=\"example\",\n bandwidth=\"1Gbps\",\n location=\"EqSe2-EQ\")\nexample_link_aggregation_group = aws.directconnect.LinkAggregationGroup(\"example\",\n name=\"example\",\n connections_bandwidth=\"1Gbps\",\n location=\"EqSe2-EQ\")\nexample_connection_association = aws.directconnect.ConnectionAssociation(\"example\",\n connection_id=example.id,\n lag_id=example_link_aggregation_group.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Connection(\"example\", new()\n {\n Name = \"example\",\n Bandwidth = \"1Gbps\",\n Location = \"EqSe2-EQ\",\n });\n\n var exampleLinkAggregationGroup = new Aws.DirectConnect.LinkAggregationGroup(\"example\", new()\n {\n Name = \"example\",\n ConnectionsBandwidth = \"1Gbps\",\n Location = \"EqSe2-EQ\",\n });\n\n var exampleConnectionAssociation = new Aws.DirectConnect.ConnectionAssociation(\"example\", new()\n {\n ConnectionId = example.Id,\n LagId = exampleLinkAggregationGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.NewConnection(ctx, \"example\", \u0026directconnect.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqSe2-EQ\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLinkAggregationGroup, err := directconnect.NewLinkAggregationGroup(ctx, \"example\", \u0026directconnect.LinkAggregationGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionsBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqSe2-EQ\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewConnectionAssociation(ctx, \"example\", \u0026directconnect.ConnectionAssociationArgs{\n\t\t\tConnectionId: example.ID(),\n\t\t\tLagId: exampleLinkAggregationGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Connection;\nimport com.pulumi.aws.directconnect.ConnectionArgs;\nimport com.pulumi.aws.directconnect.LinkAggregationGroup;\nimport com.pulumi.aws.directconnect.LinkAggregationGroupArgs;\nimport com.pulumi.aws.directconnect.ConnectionAssociation;\nimport com.pulumi.aws.directconnect.ConnectionAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"example\")\n .bandwidth(\"1Gbps\")\n .location(\"EqSe2-EQ\")\n .build());\n\n var exampleLinkAggregationGroup = new LinkAggregationGroup(\"exampleLinkAggregationGroup\", LinkAggregationGroupArgs.builder()\n .name(\"example\")\n .connectionsBandwidth(\"1Gbps\")\n .location(\"EqSe2-EQ\")\n .build());\n\n var exampleConnectionAssociation = new ConnectionAssociation(\"exampleConnectionAssociation\", ConnectionAssociationArgs.builder()\n .connectionId(example.id())\n .lagId(exampleLinkAggregationGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Connection\n properties:\n name: example\n bandwidth: 1Gbps\n location: EqSe2-EQ\n exampleLinkAggregationGroup:\n type: aws:directconnect:LinkAggregationGroup\n name: example\n properties:\n name: example\n connectionsBandwidth: 1Gbps\n location: EqSe2-EQ\n exampleConnectionAssociation:\n type: aws:directconnect:ConnectionAssociation\n name: example\n properties:\n connectionId: ${example.id}\n lagId: ${exampleLinkAggregationGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n" } }, "required": [ "connectionId", "lagId" ], "inputProperties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n", "willReplaceOnChanges": true }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionId", "lagId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectionAssociation resources.\n", "properties": { "connectionId": { "type": "string", "description": "The ID of the connection.\n", "willReplaceOnChanges": true }, "lagId": { "type": "string", "description": "The ID of the LAG with which to associate the connection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/connectionConfirmation:ConnectionConfirmation": { "description": "Provides a confirmation of the creation of the specified hosted connection on an interconnect.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst confirmation = new aws.directconnect.ConnectionConfirmation(\"confirmation\", {connectionId: \"dxcon-ffabc123\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfirmation = aws.directconnect.ConnectionConfirmation(\"confirmation\", connection_id=\"dxcon-ffabc123\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var confirmation = new Aws.DirectConnect.ConnectionConfirmation(\"confirmation\", new()\n {\n ConnectionId = \"dxcon-ffabc123\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewConnectionConfirmation(ctx, \"confirmation\", \u0026directconnect.ConnectionConfirmationArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-ffabc123\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.ConnectionConfirmation;\nimport com.pulumi.aws.directconnect.ConnectionConfirmationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var confirmation = new ConnectionConfirmation(\"confirmation\", ConnectionConfirmationArgs.builder()\n .connectionId(\"dxcon-ffabc123\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n confirmation:\n type: aws:directconnect:ConnectionConfirmation\n properties:\n connectionId: dxcon-ffabc123\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "connectionId": { "type": "string", "description": "The ID of the hosted connection.\n" } }, "required": [ "connectionId" ], "inputProperties": { "connectionId": { "type": "string", "description": "The ID of the hosted connection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectionConfirmation resources.\n", "properties": { "connectionId": { "type": "string", "description": "The ID of the hosted connection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/gateway:Gateway": { "description": "Provides a Direct Connect Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"tf-dxg-example\",\n amazonSideAsn: \"64512\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\",\n name=\"tf-dxg-example\",\n amazon_side_asn=\"64512\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"tf-dxg-example\",\n AmazonSideAsn = \"64512\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"tf-dxg-example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"tf-dxg-example\")\n .amazonSideAsn(\"64512\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Gateway\n properties:\n name: tf-dxg-example\n amazonSideAsn: '64512'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect Gateways using the gateway `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/gateway:Gateway test abcd1234-dcba-5678-be23-cdef9876ab45\n```\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "AWS Account ID of the gateway.\n" } }, "required": [ "amazonSideAsn", "name", "ownerAccountId" ], "inputProperties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection.\n" } }, "requiredInputs": [ "amazonSideAsn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Gateway resources.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "AWS Account ID of the gateway.\n" } }, "type": "object" } }, "aws:directconnect/gatewayAssociation:GatewayAssociation": { "description": "Associates a Direct Connect Gateway with a VGW or transit gateway.\n\nTo create a cross-account association, create an `aws.directconnect.GatewayAssociationProposal` resource\nin the AWS account that owns the VGW or transit gateway and then accept the proposal in the AWS account that owns the Direct Connect Gateway\nby creating an `aws.directconnect.GatewayAssociation` resource with the `proposal_id` and `associated_gateway_owner_account_id` attributes set.\n\n## Example Usage\n\n### VPN Gateway Association\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"example\",\n amazonSideAsn: \"64512\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.255.255.0/28\"});\nconst exampleVpnGateway = new aws.ec2.VpnGateway(\"example\", {vpcId: exampleVpc.id});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n dxGatewayId: example.id,\n associatedGatewayId: exampleVpnGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\",\n name=\"example\",\n amazon_side_asn=\"64512\")\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.255.255.0/28\")\nexample_vpn_gateway = aws.ec2.VpnGateway(\"example\", vpc_id=example_vpc.id)\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"example\",\n dx_gateway_id=example.id,\n associated_gateway_id=example_vpn_gateway.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"example\",\n AmazonSideAsn = \"64512\",\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.255.255.0/28\",\n });\n\n var exampleVpnGateway = new Aws.Ec2.VpnGateway(\"example\", new()\n {\n VpcId = exampleVpc.Id,\n });\n\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"example\", new()\n {\n DxGatewayId = example.Id,\n AssociatedGatewayId = exampleVpnGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.255.255.0/28\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnGateway, err := ec2.NewVpnGateway(ctx, \"example\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"example\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tAssociatedGatewayId: exampleVpnGateway.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.directconnect.GatewayAssociation;\nimport com.pulumi.aws.directconnect.GatewayAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"example\")\n .amazonSideAsn(\"64512\")\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.255.255.0/28\")\n .build());\n\n var exampleVpnGateway = new VpnGateway(\"exampleVpnGateway\", VpnGatewayArgs.builder()\n .vpcId(exampleVpc.id())\n .build());\n\n var exampleGatewayAssociation = new GatewayAssociation(\"exampleGatewayAssociation\", GatewayAssociationArgs.builder()\n .dxGatewayId(example.id())\n .associatedGatewayId(exampleVpnGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Gateway\n properties:\n name: example\n amazonSideAsn: '64512'\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.255.255.0/28\n exampleVpnGateway:\n type: aws:ec2:VpnGateway\n name: example\n properties:\n vpcId: ${exampleVpc.id}\n exampleGatewayAssociation:\n type: aws:directconnect:GatewayAssociation\n name: example\n properties:\n dxGatewayId: ${example.id}\n associatedGatewayId: ${exampleVpnGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Transit Gateway Association\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"example\",\n amazonSideAsn: \"64512\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n dxGatewayId: example.id,\n associatedGatewayId: exampleTransitGateway.id,\n allowedPrefixes: [\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\",\n name=\"example\",\n amazon_side_asn=\"64512\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"example\",\n dx_gateway_id=example.id,\n associated_gateway_id=example_transit_gateway.id,\n allowed_prefixes=[\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"example\",\n AmazonSideAsn = \"64512\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"example\", new()\n {\n DxGatewayId = example.Id,\n AssociatedGatewayId = exampleTransitGateway.Id,\n AllowedPrefixes = new[]\n {\n \"10.255.255.0/30\",\n \"10.255.255.8/30\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"example\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tAssociatedGatewayId: exampleTransitGateway.ID(),\n\t\t\tAllowedPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.255.255.0/30\"),\n\t\t\t\tpulumi.String(\"10.255.255.8/30\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.directconnect.GatewayAssociation;\nimport com.pulumi.aws.directconnect.GatewayAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"example\")\n .amazonSideAsn(\"64512\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\");\n\n var exampleGatewayAssociation = new GatewayAssociation(\"exampleGatewayAssociation\", GatewayAssociationArgs.builder()\n .dxGatewayId(example.id())\n .associatedGatewayId(exampleTransitGateway.id())\n .allowedPrefixes( \n \"10.255.255.0/30\",\n \"10.255.255.8/30\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Gateway\n properties:\n name: example\n amazonSideAsn: '64512'\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n exampleGatewayAssociation:\n type: aws:directconnect:GatewayAssociation\n name: example\n properties:\n dxGatewayId: ${example.id}\n associatedGatewayId: ${exampleTransitGateway.id}\n allowedPrefixes:\n - 10.255.255.0/30\n - 10.255.255.8/30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allowed Prefixes\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"example\",\n amazonSideAsn: \"64512\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.255.255.0/28\"});\nconst exampleVpnGateway = new aws.ec2.VpnGateway(\"example\", {vpcId: exampleVpc.id});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n dxGatewayId: example.id,\n associatedGatewayId: exampleVpnGateway.id,\n allowedPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\",\n name=\"example\",\n amazon_side_asn=\"64512\")\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.255.255.0/28\")\nexample_vpn_gateway = aws.ec2.VpnGateway(\"example\", vpc_id=example_vpc.id)\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"example\",\n dx_gateway_id=example.id,\n associated_gateway_id=example_vpn_gateway.id,\n allowed_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"example\",\n AmazonSideAsn = \"64512\",\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.255.255.0/28\",\n });\n\n var exampleVpnGateway = new Aws.Ec2.VpnGateway(\"example\", new()\n {\n VpcId = exampleVpc.Id,\n });\n\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"example\", new()\n {\n DxGatewayId = example.Id,\n AssociatedGatewayId = exampleVpnGateway.Id,\n AllowedPrefixes = new[]\n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.255.255.0/28\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnGateway, err := ec2.NewVpnGateway(ctx, \"example\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"example\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tAssociatedGatewayId: exampleVpnGateway.ID(),\n\t\t\tAllowedPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.directconnect.GatewayAssociation;\nimport com.pulumi.aws.directconnect.GatewayAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"example\")\n .amazonSideAsn(\"64512\")\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.255.255.0/28\")\n .build());\n\n var exampleVpnGateway = new VpnGateway(\"exampleVpnGateway\", VpnGatewayArgs.builder()\n .vpcId(exampleVpc.id())\n .build());\n\n var exampleGatewayAssociation = new GatewayAssociation(\"exampleGatewayAssociation\", GatewayAssociationArgs.builder()\n .dxGatewayId(example.id())\n .associatedGatewayId(exampleVpnGateway.id())\n .allowedPrefixes( \n \"210.52.109.0/24\",\n \"175.45.176.0/22\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Gateway\n properties:\n name: example\n amazonSideAsn: '64512'\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.255.255.0/28\n exampleVpnGateway:\n type: aws:ec2:VpnGateway\n name: example\n properties:\n vpcId: ${exampleVpc.id}\n exampleGatewayAssociation:\n type: aws:directconnect:GatewayAssociation\n name: example\n properties:\n dxGatewayId: ${example.id}\n associatedGatewayId: ${exampleVpnGateway.id}\n allowedPrefixes:\n - 210.52.109.0/24\n - 175.45.176.0/22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect gateway associations using `dx_gateway_id` together with `associated_gateway_id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/gatewayAssociation:GatewayAssociation example 345508c3-7215-4aef-9832-07c125d5bd0f/vgw-98765432\n```\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayAssociationId": { "type": "string", "description": "The ID of the Direct Connect gateway association.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the Direct Connect gateway.\n" }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "deprecationMessage": "use 'associated_gateway_id' argument instead" } }, "required": [ "allowedPrefixes", "associatedGatewayId", "associatedGatewayOwnerAccountId", "associatedGatewayType", "dxGatewayAssociationId", "dxGatewayId", "dxGatewayOwnerAccountId" ], "inputProperties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n", "willReplaceOnChanges": true }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n", "willReplaceOnChanges": true }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "deprecationMessage": "use 'associated_gateway_id' argument instead", "willReplaceOnChanges": true } }, "requiredInputs": [ "dxGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GatewayAssociation resources.\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for single account Direct Connect gateway associations.\n", "willReplaceOnChanges": true }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\nUsed for cross-account Direct Connect gateway associations.\n", "willReplaceOnChanges": true }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayAssociationId": { "type": "string", "description": "The ID of the Direct Connect gateway association.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway.\n", "willReplaceOnChanges": true }, "dxGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the Direct Connect gateway.\n" }, "proposalId": { "type": "string", "description": "The ID of the Direct Connect gateway association proposal.\nUsed for cross-account Direct Connect gateway associations.\n" }, "vpnGatewayId": { "type": "string", "deprecationMessage": "use 'associated_gateway_id' argument instead", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal": { "description": "Manages a Direct Connect Gateway Association Proposal, typically for enabling cross-account associations. For single account associations, see the `aws.directconnect.GatewayAssociation` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.GatewayAssociationProposal(\"example\", {\n dxGatewayId: exampleAwsDxGateway.id,\n dxGatewayOwnerAccountId: exampleAwsDxGateway.ownerAccountId,\n associatedGatewayId: exampleAwsVpnGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.GatewayAssociationProposal(\"example\",\n dx_gateway_id=example_aws_dx_gateway[\"id\"],\n dx_gateway_owner_account_id=example_aws_dx_gateway[\"ownerAccountId\"],\n associated_gateway_id=example_aws_vpn_gateway[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.GatewayAssociationProposal(\"example\", new()\n {\n DxGatewayId = exampleAwsDxGateway.Id,\n DxGatewayOwnerAccountId = exampleAwsDxGateway.OwnerAccountId,\n AssociatedGatewayId = exampleAwsVpnGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewGatewayAssociationProposal(ctx, \"example\", \u0026directconnect.GatewayAssociationProposalArgs{\n\t\t\tDxGatewayId: pulumi.Any(exampleAwsDxGateway.Id),\n\t\t\tDxGatewayOwnerAccountId: pulumi.Any(exampleAwsDxGateway.OwnerAccountId),\n\t\t\tAssociatedGatewayId: pulumi.Any(exampleAwsVpnGateway.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.GatewayAssociationProposal;\nimport com.pulumi.aws.directconnect.GatewayAssociationProposalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GatewayAssociationProposal(\"example\", GatewayAssociationProposalArgs.builder()\n .dxGatewayId(exampleAwsDxGateway.id())\n .dxGatewayOwnerAccountId(exampleAwsDxGateway.ownerAccountId())\n .associatedGatewayId(exampleAwsVpnGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:GatewayAssociationProposal\n properties:\n dxGatewayId: ${exampleAwsDxGateway.id}\n dxGatewayOwnerAccountId: ${exampleAwsDxGateway.ownerAccountId}\n associatedGatewayId: ${exampleAwsVpnGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing a proposal ID, Direct Connect Gateway ID and associated gateway ID separated by `/`:\n\n__With `pulumi import`__, import Direct Connect Gateway Association Proposals using either a proposal ID or proposal ID, Direct Connect Gateway ID and associated gateway ID separated by `/`. For example:\n\nUsing a proposal ID:\n\n```sh\n$ pulumi import aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal example ac90e981-b718-4364-872d-65478c84fafe\n```\nUsing a proposal ID, Direct Connect Gateway ID and associated gateway ID separated by `/`:\n\n```sh\n$ pulumi import aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal example ac90e981-b718-4364-872d-65478c84fafe/abcd1234-dcba-5678-be23-cdef9876ab45/vgw-12345678\n```\nThe latter case is useful when a previous proposal has been accepted and deleted by AWS.\nThe `aws_dx_gateway_association_proposal` resource will then represent a pseudo-proposal for the same Direct Connect Gateway and associated gateway. If no previous proposal is available, use a tool like [`uuidgen`](http://manpages.ubuntu.com/manpages/bionic/man1/uuidgen.1.html) to generate a new random pseudo-proposal ID.\n\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n" }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n" } }, "required": [ "allowedPrefixes", "associatedGatewayId", "associatedGatewayOwnerAccountId", "associatedGatewayType", "dxGatewayId", "dxGatewayOwnerAccountId" ], "inputProperties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n", "willReplaceOnChanges": true }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "associatedGatewayId", "dxGatewayId", "dxGatewayOwnerAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GatewayAssociationProposal resources.\n", "properties": { "allowedPrefixes": { "type": "array", "items": { "type": "string" }, "description": "VPC prefixes (CIDRs) to advertise to the Direct Connect gateway. Defaults to the CIDR block of the VPC associated with the Virtual Gateway. To enable drift detection, must be configured.\n" }, "associatedGatewayId": { "type": "string", "description": "The ID of the VGW or transit gateway with which to associate the Direct Connect gateway.\n", "willReplaceOnChanges": true }, "associatedGatewayOwnerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the VGW or transit gateway with which to associate the Direct Connect gateway.\n" }, "associatedGatewayType": { "type": "string", "description": "The type of the associated gateway, `transitGateway` or `virtualPrivateGateway`.\n" }, "dxGatewayId": { "type": "string", "description": "Direct Connect Gateway identifier.\n", "willReplaceOnChanges": true }, "dxGatewayOwnerAccountId": { "type": "string", "description": "AWS Account identifier of the Direct Connect Gateway's owner.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedConnection:HostedConnection": { "description": "Provides a hosted connection on the specified interconnect or a link aggregation group (LAG) of interconnects. Intended for use by AWS Direct Connect Partners only.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hosted = new aws.directconnect.HostedConnection(\"hosted\", {\n connectionId: \"dxcon-ffabc123\",\n bandwidth: \"100Mbps\",\n name: \"tf-dx-hosted-connection\",\n ownerAccountId: \"123456789012\",\n vlan: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhosted = aws.directconnect.HostedConnection(\"hosted\",\n connection_id=\"dxcon-ffabc123\",\n bandwidth=\"100Mbps\",\n name=\"tf-dx-hosted-connection\",\n owner_account_id=\"123456789012\",\n vlan=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var hosted = new Aws.DirectConnect.HostedConnection(\"hosted\", new()\n {\n ConnectionId = \"dxcon-ffabc123\",\n Bandwidth = \"100Mbps\",\n Name = \"tf-dx-hosted-connection\",\n OwnerAccountId = \"123456789012\",\n Vlan = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewHostedConnection(ctx, \"hosted\", \u0026directconnect.HostedConnectionArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-ffabc123\"),\n\t\t\tBandwidth: pulumi.String(\"100Mbps\"),\n\t\t\tName: pulumi.String(\"tf-dx-hosted-connection\"),\n\t\t\tOwnerAccountId: pulumi.String(\"123456789012\"),\n\t\t\tVlan: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.HostedConnection;\nimport com.pulumi.aws.directconnect.HostedConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var hosted = new HostedConnection(\"hosted\", HostedConnectionArgs.builder()\n .connectionId(\"dxcon-ffabc123\")\n .bandwidth(\"100Mbps\")\n .name(\"tf-dx-hosted-connection\")\n .ownerAccountId(\"123456789012\")\n .vlan(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n hosted:\n type: aws:directconnect:HostedConnection\n properties:\n connectionId: dxcon-ffabc123\n bandwidth: 100Mbps\n name: tf-dx-hosted-connection\n ownerAccountId: '123456789012'\n vlan: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n" }, "connectionId": { "type": "string", "description": "The ID of the interconnect or LAG.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG.\n" }, "loaIssueTime": { "type": "string", "description": "The time of the most recent call to [DescribeLoa](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLoa.html) for this connection.\n" }, "location": { "type": "string", "description": "The location of the connection.\n" }, "name": { "type": "string", "description": "The name of the connection.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account of the customer for the connection.\n" }, "partnerName": { "type": "string", "description": "The name of the AWS Direct Connect service provider associated with the connection.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the connection.\n" }, "region": { "type": "string", "description": "The AWS Region where the connection is located.\n" }, "state": { "type": "string", "description": "The state of the connection. Possible values include: ordering, requested, pending, available, down, deleting, deleted, rejected, unknown. See [AllocateHostedConnection](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateHostedConnection.html) for a description of each connection state.\n" }, "vlan": { "type": "integer", "description": "The dedicated VLAN provisioned to the hosted connection.\n" } }, "required": [ "awsDevice", "bandwidth", "connectionId", "hasLogicalRedundancy", "jumboFrameCapable", "lagId", "loaIssueTime", "location", "name", "ownerAccountId", "partnerName", "providerName", "region", "state", "vlan" ], "inputProperties": { "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the interconnect or LAG.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connection.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account of the customer for the connection.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The dedicated VLAN provisioned to the hosted connection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bandwidth", "connectionId", "ownerAccountId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedConnection resources.\n", "properties": { "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the physical connection terminates.\n" }, "bandwidth": { "type": "string", "description": "The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps and 10Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the interconnect or LAG.\n", "willReplaceOnChanges": true }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Boolean value representing if jumbo frames have been enabled for this connection.\n" }, "lagId": { "type": "string", "description": "The ID of the LAG.\n" }, "loaIssueTime": { "type": "string", "description": "The time of the most recent call to [DescribeLoa](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLoa.html) for this connection.\n" }, "location": { "type": "string", "description": "The location of the connection.\n" }, "name": { "type": "string", "description": "The name of the connection.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account of the customer for the connection.\n", "willReplaceOnChanges": true }, "partnerName": { "type": "string", "description": "The name of the AWS Direct Connect service provider associated with the connection.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the connection.\n" }, "region": { "type": "string", "description": "The AWS Region where the connection is located.\n" }, "state": { "type": "string", "description": "The state of the connection. Possible values include: ordering, requested, pending, available, down, deleting, deleted, rejected, unknown. See [AllocateHostedConnection](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateHostedConnection.html) for a description of each connection state.\n" }, "vlan": { "type": "integer", "description": "The dedicated VLAN provisioned to the hosted connection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedPrivateVirtualInterface:HostedPrivateVirtualInterface": { "description": "Provides a Direct Connect hosted private virtual interface resource. This resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.HostedPrivateVirtualInterface(\"foo\", {\n connectionId: \"dxcon-zzzzzzzz\",\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.HostedPrivateVirtualInterface(\"foo\",\n connection_id=\"dxcon-zzzzzzzz\",\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"foo\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewHostedPrivateVirtualInterface(ctx, \"foo\", \u0026directconnect.HostedPrivateVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new HostedPrivateVirtualInterface(\"foo\", HostedPrivateVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:directconnect:HostedPrivateVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted private virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPrivateVirtualInterface:HostedPrivateVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "ownerAccountId", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPrivateVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted private virtual interface.\nThis resource accepts ownership of a private virtual interface created by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Accepter's side of the VIF.\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPrivateVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n}, {\n dependsOn: [vpnGw],\n});\nconst accepterHostedPrivateVirtualInterfaceAccepter = new aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", {\n virtualInterfaceId: creator.id,\n vpnGatewayId: vpnGw.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Accepter's side of the VIF.\nvpn_gw = aws.ec2.VpnGateway(\"vpn_gw\")\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPrivateVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n opts = pulumi.ResourceOptions(depends_on=[vpn_gw]))\naccepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\",\n virtual_interface_id=creator.id,\n vpn_gateway_id=vpn_gw.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Accepter's side of the VIF.\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpn_gw\");\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n vpnGw,\n },\n });\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n VpnGatewayId = vpnGw.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\tvpnGw, err := ec2.NewVpnGateway(ctx, \"vpn_gw\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedPrivateVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedPrivateVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvpnGw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedPrivateVirtualInterfaceAccepter(ctx, \"accepter\", \u0026directconnect.HostedPrivateVirtualInterfaceAccepterArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tVpnGatewayId: vpnGw.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepter;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Accepter's side of the VIF.\n var vpnGw = new VpnGateway(\"vpnGw\");\n\n // Creator's side of the VIF\n var creator = new HostedPrivateVirtualInterface(\"creator\", HostedPrivateVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build(), CustomResourceOptions.builder()\n .dependsOn(vpnGw)\n .build());\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new HostedPrivateVirtualInterfaceAccepter(\"accepterHostedPrivateVirtualInterfaceAccepter\", HostedPrivateVirtualInterfaceAccepterArgs.builder()\n .virtualInterfaceId(creator.id())\n .vpnGatewayId(vpnGw.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedPrivateVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_private_virtual_interface\n # # must be destroyed before the aws_vpn_gateway.\n options:\n dependson:\n - ${vpnGw}\n # Accepter's side of the VIF.\n vpnGw:\n type: aws:ec2:VpnGateway\n name: vpn_gw\n accepterHostedPrivateVirtualInterfaceAccepter:\n type: aws:directconnect:HostedPrivateVirtualInterfaceAccepter\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n vpnGatewayId: ${vpnGw.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted private virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter test dxvif-33cc44dd\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "required": [ "arn", "tagsAll", "virtualInterfaceId" ], "inputProperties": { "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPrivateVirtualInterfaceAccepter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedPublicVirtualInterface:HostedPublicVirtualInterface": { "description": "Provides a Direct Connect hosted public virtual interface resource. This resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.HostedPublicVirtualInterface(\"foo\", {\n connectionId: \"dxcon-zzzzzzzz\",\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n customerAddress: \"175.45.176.1/30\",\n amazonAddress: \"175.45.176.2/30\",\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.HostedPublicVirtualInterface(\"foo\",\n connection_id=\"dxcon-zzzzzzzz\",\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n customer_address=\"175.45.176.1/30\",\n amazon_address=\"175.45.176.2/30\",\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.DirectConnect.HostedPublicVirtualInterface(\"foo\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n CustomerAddress = \"175.45.176.1/30\",\n AmazonAddress = \"175.45.176.2/30\",\n RouteFilterPrefixes = new[]\n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewHostedPublicVirtualInterface(ctx, \"foo\", \u0026directconnect.HostedPublicVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tCustomerAddress: pulumi.String(\"175.45.176.1/30\"),\n\t\t\tAmazonAddress: pulumi.String(\"175.45.176.2/30\"),\n\t\t\tRouteFilterPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new HostedPublicVirtualInterface(\"foo\", HostedPublicVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .customerAddress(\"175.45.176.1/30\")\n .amazonAddress(\"175.45.176.2/30\")\n .routeFilterPrefixes( \n \"210.52.109.0/24\",\n \"175.45.176.0/22\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:directconnect:HostedPublicVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n customerAddress: 175.45.176.1/30\n amazonAddress: 175.45.176.2/30\n routeFilterPrefixes:\n - 210.52.109.0/24\n - 175.45.176.0/22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted public virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPublicVirtualInterface:HostedPublicVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "name", "ownerAccountId", "routeFilterPrefixes", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "routeFilterPrefixes", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPublicVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedPublicVirtualInterfaceAccepter:HostedPublicVirtualInterfaceAccepter": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted public virtual interface.\nThis resource accepts ownership of a public virtual interface created by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPublicVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n customerAddress: \"175.45.176.1/30\",\n amazonAddress: \"175.45.176.2/30\",\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n});\n// Accepter's side of the VIF.\nconst accepterHostedPublicVirtualInterfaceAccepter = new aws.directconnect.HostedPublicVirtualInterfaceAccepter(\"accepter\", {\n virtualInterfaceId: creator.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPublicVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n customer_address=\"175.45.176.1/30\",\n amazon_address=\"175.45.176.2/30\",\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ])\n# Accepter's side of the VIF.\naccepter_hosted_public_virtual_interface_accepter = aws.directconnect.HostedPublicVirtualInterfaceAccepter(\"accepter\",\n virtual_interface_id=creator.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPublicVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n CustomerAddress = \"175.45.176.1/30\",\n AmazonAddress = \"175.45.176.2/30\",\n RouteFilterPrefixes = new[]\n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n });\n\n // Accepter's side of the VIF.\n var accepterHostedPublicVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPublicVirtualInterfaceAccepter(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedPublicVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedPublicVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tCustomerAddress: pulumi.String(\"175.45.176.1/30\"),\n\t\t\tAmazonAddress: pulumi.String(\"175.45.176.2/30\"),\n\t\t\tRouteFilterPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\t_, err = directconnect.NewHostedPublicVirtualInterfaceAccepter(ctx, \"accepter\", \u0026directconnect.HostedPublicVirtualInterfaceAccepterArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterfaceAccepter;\nimport com.pulumi.aws.directconnect.HostedPublicVirtualInterfaceAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Creator's side of the VIF\n var creator = new HostedPublicVirtualInterface(\"creator\", HostedPublicVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .customerAddress(\"175.45.176.1/30\")\n .amazonAddress(\"175.45.176.2/30\")\n .routeFilterPrefixes( \n \"210.52.109.0/24\",\n \"175.45.176.0/22\")\n .build());\n\n // Accepter's side of the VIF.\n var accepterHostedPublicVirtualInterfaceAccepter = new HostedPublicVirtualInterfaceAccepter(\"accepterHostedPublicVirtualInterfaceAccepter\", HostedPublicVirtualInterfaceAccepterArgs.builder()\n .virtualInterfaceId(creator.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedPublicVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n customerAddress: 175.45.176.1/30\n amazonAddress: 175.45.176.2/30\n routeFilterPrefixes:\n - 210.52.109.0/24\n - 175.45.176.0/22\n # Accepter's side of the VIF.\n accepterHostedPublicVirtualInterfaceAccepter:\n type: aws:directconnect:HostedPublicVirtualInterfaceAccepter\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted public virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPublicVirtualInterfaceAccepter:HostedPublicVirtualInterfaceAccepter test dxvif-33cc44dd\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "required": [ "arn", "tagsAll", "virtualInterfaceId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedPublicVirtualInterfaceAccepter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedTransitVirtualInterface:HostedTransitVirtualInterface": { "description": "Provides a Direct Connect hosted transit virtual interface resource.\nThis resource represents the allocator's side of the hosted virtual interface.\nA hosted virtual interface is a virtual interface that is owned by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.HostedTransitVirtualInterface(\"example\", {\n connectionId: exampleAwsDxConnection.id,\n name: \"tf-transit-vif-example\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.HostedTransitVirtualInterface(\"example\",\n connection_id=example_aws_dx_connection[\"id\"],\n name=\"tf-transit-vif-example\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.HostedTransitVirtualInterface(\"example\", new()\n {\n ConnectionId = exampleAwsDxConnection.Id,\n Name = \"tf-transit-vif-example\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewHostedTransitVirtualInterface(ctx, \"example\", \u0026directconnect.HostedTransitVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.Any(exampleAwsDxConnection.Id),\n\t\t\tName: pulumi.String(\"tf-transit-vif-example\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HostedTransitVirtualInterface(\"example\", HostedTransitVirtualInterfaceArgs.builder()\n .connectionId(exampleAwsDxConnection.id())\n .name(\"tf-transit-vif-example\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:HostedTransitVirtualInterface\n properties:\n connectionId: ${exampleAwsDxConnection.id}\n name: tf-transit-vif-example\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted transit virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedTransitVirtualInterface:HostedTransitVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "ownerAccountId", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "ownerAccountId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedTransitVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection. The MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "ownerAccountId": { "type": "string", "description": "The AWS account that will own the new virtual interface.\n", "willReplaceOnChanges": true }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor": { "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted transit virtual interface.\nThis resource accepts ownership of a transit virtual interface created by another AWS account.\n\n\u003e **NOTE:** AWS allows a Direct Connect hosted transit virtual interface to be deleted from either the allocator's or accepter's side. However, this provider only allows the Direct Connect hosted transit virtual interface to be deleted from the allocator's side by removing the corresponding `aws.directconnect.HostedTransitVirtualInterface` resource from your configuration. Removing a `aws.directconnect.HostedTransitVirtualInterfaceAcceptor` resource from your configuration will remove it from your statefile and management, **but will not delete the Direct Connect virtual interface.**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Accepter's side of the VIF.\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"tf-dxg-example\",\n amazonSideAsn: \"64512\",\n});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedTransitVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"tf-transit-vif-example\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n}, {\n dependsOn: [example],\n});\nconst accepterHostedTransitVirtualInterfaceAcceptor = new aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", {\n virtualInterfaceId: creator.id,\n dxGatewayId: example.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Accepter's side of the VIF.\nexample = aws.directconnect.Gateway(\"example\",\n name=\"tf-dxg-example\",\n amazon_side_asn=\"64512\")\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedTransitVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"tf-transit-vif-example\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n opts = pulumi.ResourceOptions(depends_on=[example]))\naccepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\",\n virtual_interface_id=creator.id,\n dx_gateway_id=example.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Accepter's side of the VIF.\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"tf-dxg-example\",\n AmazonSideAsn = \"64512\",\n });\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedTransitVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"tf-transit-vif-example\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n DxGatewayId = example.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"tf-dxg-example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedTransitVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedTransitVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"tf-transit-vif-example\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedTransitVirtualInterfaceAcceptor(ctx, \"accepter\", \u0026directconnect.HostedTransitVirtualInterfaceAcceptorArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptor;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Accepter's side of the VIF.\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"tf-dxg-example\")\n .amazonSideAsn(64512)\n .build());\n\n // Creator's side of the VIF\n var creator = new HostedTransitVirtualInterface(\"creator\", HostedTransitVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"tf-transit-vif-example\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new HostedTransitVirtualInterfaceAcceptor(\"accepterHostedTransitVirtualInterfaceAcceptor\", HostedTransitVirtualInterfaceAcceptorArgs.builder()\n .virtualInterfaceId(creator.id())\n .dxGatewayId(example.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedTransitVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: tf-transit-vif-example\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_transit_virtual_interface\n # # must be destroyed before the aws_dx_gateway.\n options:\n dependson:\n - ${example}\n # Accepter's side of the VIF.\n example:\n type: aws:directconnect:Gateway\n properties:\n name: tf-dxg-example\n amazonSideAsn: 64512\n accepterHostedTransitVirtualInterfaceAcceptor:\n type: aws:directconnect:HostedTransitVirtualInterfaceAcceptor\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n dxGatewayId: ${example.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted transit virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor test dxvif-33cc44dd\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n" } }, "required": [ "arn", "dxGatewayId", "tagsAll", "virtualInterfaceId" ], "inputProperties": { "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dxGatewayId", "virtualInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedTransitVirtualInterfaceAcceptor resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "virtualInterfaceId": { "type": "string", "description": "The ID of the Direct Connect virtual interface to accept.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/linkAggregationGroup:LinkAggregationGroup": { "description": "Provides a Direct Connect LAG. Connections can be added to the LAG via the `aws.directconnect.Connection` and `aws.directconnect.ConnectionAssociation` resources.\n\n\u003e *NOTE:* When creating a LAG, if no existing connection is specified, Direct Connect will create a connection and this provider will remove this unmanaged connection during resource creation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hoge = new aws.directconnect.LinkAggregationGroup(\"hoge\", {\n name: \"tf-dx-lag\",\n connectionsBandwidth: \"1Gbps\",\n location: \"EqDC2\",\n forceDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge = aws.directconnect.LinkAggregationGroup(\"hoge\",\n name=\"tf-dx-lag\",\n connections_bandwidth=\"1Gbps\",\n location=\"EqDC2\",\n force_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var hoge = new Aws.DirectConnect.LinkAggregationGroup(\"hoge\", new()\n {\n Name = \"tf-dx-lag\",\n ConnectionsBandwidth = \"1Gbps\",\n Location = \"EqDC2\",\n ForceDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewLinkAggregationGroup(ctx, \"hoge\", \u0026directconnect.LinkAggregationGroupArgs{\n\t\t\tName: pulumi.String(\"tf-dx-lag\"),\n\t\t\tConnectionsBandwidth: pulumi.String(\"1Gbps\"),\n\t\t\tLocation: pulumi.String(\"EqDC2\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.LinkAggregationGroup;\nimport com.pulumi.aws.directconnect.LinkAggregationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var hoge = new LinkAggregationGroup(\"hoge\", LinkAggregationGroupArgs.builder()\n .name(\"tf-dx-lag\")\n .connectionsBandwidth(\"1Gbps\")\n .location(\"EqDC2\")\n .forceDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n hoge:\n type: aws:directconnect:LinkAggregationGroup\n properties:\n name: tf-dx-lag\n connectionsBandwidth: 1Gbps\n location: EqDC2\n forceDestroy: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect LAGs using the LAG `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/linkAggregationGroup:LinkAggregationGroup test_lag dxlag-fgnsp5rq\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the LAG.\n" }, "connectionId": { "type": "string", "description": "The ID of an existing dedicated connection to migrate to the LAG.\n" }, "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the LAG supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n" }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the LAG.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the LAG.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "connectionsBandwidth", "hasLogicalRedundancy", "jumboFrameCapable", "location", "name", "ownerAccountId", "providerName", "tagsAll" ], "inputProperties": { "connectionId": { "type": "string", "description": "The ID of an existing dedicated connection to migrate to the LAG.\n", "willReplaceOnChanges": true }, "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the LAG.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "connectionsBandwidth", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering LinkAggregationGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the LAG.\n" }, "connectionId": { "type": "string", "description": "The ID of an existing dedicated connection to migrate to the LAG.\n", "willReplaceOnChanges": true }, "connectionsBandwidth": { "type": "string", "description": "The bandwidth of the individual physical connections bundled by the LAG. Valid values: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all connections associated with the LAG should be deleted so that the LAG can be destroyed without error. These objects are *not* recoverable.\n" }, "hasLogicalRedundancy": { "type": "string", "description": "Indicates whether the LAG supports a secondary BGP peer in the same address family (IPv4/IPv6).\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "location": { "type": "string", "description": "The AWS Direct Connect location in which the LAG should be allocated. See [DescribeLocations](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html) for the list of AWS Direct Connect locations. Use `locationCode`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the LAG.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the AWS account that owns the LAG.\n" }, "providerName": { "type": "string", "description": "The name of the service provider associated with the LAG.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:directconnect/macsecKeyAssociation:MacsecKeyAssociation": { "description": "Provides a MAC Security (MACSec) secret key resource for use with Direct Connect. See [MACsec prerequisites](https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-mac-sec-getting-started.html#mac-sec-prerequisites) for information about MAC Security (MACsec) prerequisites.\n\nCreating this resource will also create a resource of type `aws.secretsmanager.Secret` which is managed by Direct Connect. While you can import this resource into your state, because this secret is managed by Direct Connect, you will not be able to make any modifications to it. See [How AWS Direct Connect uses AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/integrating_how-services-use-secrets_directconnect.html) for details.\n\n\u003e **Note:** All arguments including `ckn` and `cak` will be stored in the raw state as plain-text.\n\u003e **Note:** The `secret_arn` argument can only be used to reference a previously created MACSec key. You cannot associate a Secrets Manager secret created outside of the `aws.directconnect.MacsecKeyAssociation` resource.\n\n## Example Usage\n\n### Create MACSec key with CKN and CAK\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getConnection({\n name: \"tf-dx-connection\",\n});\nconst test = new aws.directconnect.MacsecKeyAssociation(\"test\", {\n connectionId: example.then(example =\u003e example.id),\n ckn: \"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\",\n cak: \"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_connection(name=\"tf-dx-connection\")\ntest = aws.directconnect.MacsecKeyAssociation(\"test\",\n connection_id=example.id,\n ckn=\"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\",\n cak=\"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetConnection.Invoke(new()\n {\n Name = \"tf-dx-connection\",\n });\n\n var test = new Aws.DirectConnect.MacsecKeyAssociation(\"test\", new()\n {\n ConnectionId = example.Apply(getConnectionResult =\u003e getConnectionResult.Id),\n Ckn = \"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\",\n Cak = \"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.LookupConnection(ctx, \u0026directconnect.LookupConnectionArgs{\n\t\t\tName: \"tf-dx-connection\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewMacsecKeyAssociation(ctx, \"test\", \u0026directconnect.MacsecKeyAssociationArgs{\n\t\t\tConnectionId: pulumi.String(example.Id),\n\t\t\tCkn: pulumi.String(\"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\"),\n\t\t\tCak: pulumi.String(\"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetConnectionArgs;\nimport com.pulumi.aws.directconnect.MacsecKeyAssociation;\nimport com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .build());\n\n var test = new MacsecKeyAssociation(\"test\", MacsecKeyAssociationArgs.builder()\n .connectionId(example.applyValue(getConnectionResult -\u003e getConnectionResult.id()))\n .ckn(\"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\")\n .cak(\"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:directconnect:MacsecKeyAssociation\n properties:\n connectionId: ${example.id}\n ckn: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\n cak: abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getConnection\n Arguments:\n name: tf-dx-connection\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create MACSec key with existing Secrets Manager secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getConnection({\n name: \"tf-dx-connection\",\n});\nconst exampleGetSecret = aws.secretsmanager.getSecret({\n name: \"directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\",\n});\nconst test = new aws.directconnect.MacsecKeyAssociation(\"test\", {\n connectionId: example.then(example =\u003e example.id),\n secretArn: exampleGetSecret.then(exampleGetSecret =\u003e exampleGetSecret.arn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_connection(name=\"tf-dx-connection\")\nexample_get_secret = aws.secretsmanager.get_secret(name=\"directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\")\ntest = aws.directconnect.MacsecKeyAssociation(\"test\",\n connection_id=example.id,\n secret_arn=example_get_secret.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetConnection.Invoke(new()\n {\n Name = \"tf-dx-connection\",\n });\n\n var exampleGetSecret = Aws.SecretsManager.GetSecret.Invoke(new()\n {\n Name = \"directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\",\n });\n\n var test = new Aws.DirectConnect.MacsecKeyAssociation(\"test\", new()\n {\n ConnectionId = example.Apply(getConnectionResult =\u003e getConnectionResult.Id),\n SecretArn = exampleGetSecret.Apply(getSecretResult =\u003e getSecretResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.LookupConnection(ctx, \u0026directconnect.LookupConnectionArgs{\n\t\t\tName: \"tf-dx-connection\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetSecret, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tName: pulumi.StringRef(\"directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewMacsecKeyAssociation(ctx, \"test\", \u0026directconnect.MacsecKeyAssociationArgs{\n\t\t\tConnectionId: pulumi.String(example.Id),\n\t\t\tSecretArn: pulumi.String(exampleGetSecret.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetConnectionArgs;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;\nimport com.pulumi.aws.directconnect.MacsecKeyAssociation;\nimport com.pulumi.aws.directconnect.MacsecKeyAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .build());\n\n final var exampleGetSecret = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()\n .name(\"directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\")\n .build());\n\n var test = new MacsecKeyAssociation(\"test\", MacsecKeyAssociationArgs.builder()\n .connectionId(example.applyValue(getConnectionResult -\u003e getConnectionResult.id()))\n .secretArn(exampleGetSecret.applyValue(getSecretResult -\u003e getSecretResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:directconnect:MacsecKeyAssociation\n properties:\n connectionId: ${example.id}\n secretArn: ${exampleGetSecret.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getConnection\n Arguments:\n name: tf-dx-connection\n exampleGetSecret:\n fn::invoke:\n Function: aws:secretsmanager:getSecret\n Arguments:\n name: directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "cak": { "type": "string", "description": "The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `ckn`.\n" }, "ckn": { "type": "string", "description": "The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `cak`.\n" }, "connectionId": { "type": "string", "description": "The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the `AVAILABLE` state.\n" }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.\n\n\u003e **Note:** `ckn` and `cak` are mutually exclusive with `secret_arn` - these arguments cannot be used together. If you use `ckn` and `cak`, you should not use `secret_arn`. If you use the `secret_arn` argument to reference an existing MAC Security (MACSec) secret key, you should not use `ckn` or `cak`.\n" }, "startOn": { "type": "string", "description": "The date in UTC format that the MAC Security (MACsec) secret key takes effect.\n" }, "state": { "type": "string", "description": "The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See [MacSecKey](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_MacSecKey.html#DX-Type-MacSecKey-state) for descriptions of each state.\n" } }, "required": [ "ckn", "connectionId", "secretArn", "startOn", "state" ], "inputProperties": { "cak": { "type": "string", "description": "The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `ckn`.\n", "willReplaceOnChanges": true }, "ckn": { "type": "string", "description": "The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `cak`.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the `AVAILABLE` state.\n", "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.\n\n\u003e **Note:** `ckn` and `cak` are mutually exclusive with `secret_arn` - these arguments cannot be used together. If you use `ckn` and `cak`, you should not use `secret_arn`. If you use the `secret_arn` argument to reference an existing MAC Security (MACSec) secret key, you should not use `ckn` or `cak`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MacsecKeyAssociation resources.\n", "properties": { "cak": { "type": "string", "description": "The MAC Security (MACsec) CAK to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `ckn`.\n", "willReplaceOnChanges": true }, "ckn": { "type": "string", "description": "The MAC Security (MACsec) CKN to associate with the dedicated connection. The valid values are 64 hexadecimal characters (0-9, A-E). Required if using `cak`.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the dedicated Direct Connect connection. The connection must be a dedicated connection in the `AVAILABLE` state.\n", "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the MAC Security (MACsec) secret key to associate with the dedicated connection.\n\n\u003e **Note:** `ckn` and `cak` are mutually exclusive with `secret_arn` - these arguments cannot be used together. If you use `ckn` and `cak`, you should not use `secret_arn`. If you use the `secret_arn` argument to reference an existing MAC Security (MACSec) secret key, you should not use `ckn` or `cak`.\n", "willReplaceOnChanges": true }, "startOn": { "type": "string", "description": "The date in UTC format that the MAC Security (MACsec) secret key takes effect.\n" }, "state": { "type": "string", "description": "The state of the MAC Security (MACsec) secret key. The possible values are: associating, associated, disassociating, disassociated. See [MacSecKey](https://docs.aws.amazon.com/directconnect/latest/APIReference/API_MacSecKey.html#DX-Type-MacSecKey-state) for descriptions of each state.\n" } }, "type": "object" } }, "aws:directconnect/privateVirtualInterface:PrivateVirtualInterface": { "description": "Provides a Direct Connect private virtual interface resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.PrivateVirtualInterface(\"foo\", {\n connectionId: \"dxcon-zzzzzzzz\",\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.PrivateVirtualInterface(\"foo\",\n connection_id=\"dxcon-zzzzzzzz\",\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.DirectConnect.PrivateVirtualInterface(\"foo\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewPrivateVirtualInterface(ctx, \"foo\", \u0026directconnect.PrivateVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.PrivateVirtualInterface;\nimport com.pulumi.aws.directconnect.PrivateVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new PrivateVirtualInterface(\"foo\", PrivateVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:directconnect:PrivateVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect private virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/privateVirtualInterface:PrivateVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "jumboFrameCapable", "name", "tagsAll", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrivateVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (9001 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual private interface can be either `1500` or `9001` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the virtual private gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/publicVirtualInterface:PublicVirtualInterface": { "description": "Provides a Direct Connect public virtual interface resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.directconnect.PublicVirtualInterface(\"foo\", {\n connectionId: \"dxcon-zzzzzzzz\",\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n customerAddress: \"175.45.176.1/30\",\n amazonAddress: \"175.45.176.2/30\",\n routeFilterPrefixes: [\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.directconnect.PublicVirtualInterface(\"foo\",\n connection_id=\"dxcon-zzzzzzzz\",\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n customer_address=\"175.45.176.1/30\",\n amazon_address=\"175.45.176.2/30\",\n route_filter_prefixes=[\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.DirectConnect.PublicVirtualInterface(\"foo\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n CustomerAddress = \"175.45.176.1/30\",\n AmazonAddress = \"175.45.176.2/30\",\n RouteFilterPrefixes = new[]\n {\n \"210.52.109.0/24\",\n \"175.45.176.0/22\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.NewPublicVirtualInterface(ctx, \"foo\", \u0026directconnect.PublicVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t\tCustomerAddress: pulumi.String(\"175.45.176.1/30\"),\n\t\t\tAmazonAddress: pulumi.String(\"175.45.176.2/30\"),\n\t\t\tRouteFilterPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"210.52.109.0/24\"),\n\t\t\t\tpulumi.String(\"175.45.176.0/22\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.PublicVirtualInterface;\nimport com.pulumi.aws.directconnect.PublicVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new PublicVirtualInterface(\"foo\", PublicVirtualInterfaceArgs.builder()\n .connectionId(\"dxcon-zzzzzzzz\")\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .customerAddress(\"175.45.176.1/30\")\n .amazonAddress(\"175.45.176.2/30\")\n .routeFilterPrefixes( \n \"210.52.109.0/24\",\n \"175.45.176.0/22\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:directconnect:PublicVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n customerAddress: 175.45.176.1/30\n amazonAddress: 175.45.176.2/30\n routeFilterPrefixes:\n - 210.52.109.0/24\n - 175.45.176.0/22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect public virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/publicVirtualInterface:PublicVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "name", "routeFilterPrefixes", "tagsAll", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "routeFilterPrefixes", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering PublicVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "routeFilterPrefixes": { "type": "array", "items": { "type": "string" }, "description": "A list of routes to be advertised to the AWS network in this region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directconnect/transitVirtualInterface:TransitVirtualInterface": { "description": "Provides a Direct Connect transit virtual interface resource.\nA transit virtual interface is a VLAN that transports traffic from a Direct Connect gateway to one or more transit gateways.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"tf-dxg-example\",\n amazonSideAsn: \"64512\",\n});\nconst exampleTransitVirtualInterface = new aws.directconnect.TransitVirtualInterface(\"example\", {\n connectionId: exampleAwsDxConnection.id,\n dxGatewayId: example.id,\n name: \"tf-transit-vif-example\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.Gateway(\"example\",\n name=\"tf-dxg-example\",\n amazon_side_asn=\"64512\")\nexample_transit_virtual_interface = aws.directconnect.TransitVirtualInterface(\"example\",\n connection_id=example_aws_dx_connection[\"id\"],\n dx_gateway_id=example.id,\n name=\"tf-transit-vif-example\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"tf-dxg-example\",\n AmazonSideAsn = \"64512\",\n });\n\n var exampleTransitVirtualInterface = new Aws.DirectConnect.TransitVirtualInterface(\"example\", new()\n {\n ConnectionId = exampleAwsDxConnection.Id,\n DxGatewayId = example.Id,\n Name = \"tf-transit-vif-example\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"tf-dxg-example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewTransitVirtualInterface(ctx, \"example\", \u0026directconnect.TransitVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.Any(exampleAwsDxConnection.Id),\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tName: pulumi.String(\"tf-transit-vif-example\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.directconnect.TransitVirtualInterface;\nimport com.pulumi.aws.directconnect.TransitVirtualInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .name(\"tf-dxg-example\")\n .amazonSideAsn(64512)\n .build());\n\n var exampleTransitVirtualInterface = new TransitVirtualInterface(\"exampleTransitVirtualInterface\", TransitVirtualInterfaceArgs.builder()\n .connectionId(exampleAwsDxConnection.id())\n .dxGatewayId(example.id())\n .name(\"tf-transit-vif-example\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directconnect:Gateway\n properties:\n name: tf-dxg-example\n amazonSideAsn: 64512\n exampleTransitVirtualInterface:\n type: aws:directconnect:TransitVirtualInterface\n name: example\n properties:\n connectionId: ${exampleAwsDxConnection.id}\n dxGatewayId: ${example.id}\n name: tf-transit-vif-example\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect transit virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/transitVirtualInterface:TransitVirtualInterface test dxvif-33cc44dd\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n" }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n" }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n" }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n" }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n" }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n" }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n" }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n" }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n" } }, "required": [ "addressFamily", "amazonAddress", "amazonSideAsn", "arn", "awsDevice", "bgpAsn", "bgpAuthKey", "connectionId", "customerAddress", "dxGatewayId", "jumboFrameCapable", "name", "tagsAll", "vlan" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "addressFamily", "bgpAsn", "connectionId", "dxGatewayId", "vlan" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitVirtualInterface resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The address family for the BGP peer. `ipv4 ` or `ipv6`.\n", "willReplaceOnChanges": true }, "amazonAddress": { "type": "string", "description": "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "amazonSideAsn": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the virtual interface.\n" }, "awsDevice": { "type": "string", "description": "The Direct Connect endpoint on which the virtual interface terminates.\n" }, "bgpAsn": { "type": "integer", "description": "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.\n", "willReplaceOnChanges": true }, "bgpAuthKey": { "type": "string", "description": "The authentication key for BGP configuration.\n", "willReplaceOnChanges": true }, "connectionId": { "type": "string", "description": "The ID of the Direct Connect connection (or LAG) on which to create the virtual interface.\n", "willReplaceOnChanges": true }, "customerAddress": { "type": "string", "description": "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers.\n", "willReplaceOnChanges": true }, "dxGatewayId": { "type": "string", "description": "The ID of the Direct Connect gateway to which to connect the virtual interface.\n", "willReplaceOnChanges": true }, "jumboFrameCapable": { "type": "boolean", "description": "Indicates whether jumbo frames (8500 MTU) are supported.\n" }, "mtu": { "type": "integer", "description": "The maximum transmission unit (MTU) is the size, in bytes, of the largest permissible packet that can be passed over the connection.\nThe MTU of a virtual transit interface can be either `1500` or `8500` (jumbo frames). Default is `1500`.\n" }, "name": { "type": "string", "description": "The name for the virtual interface.\n", "willReplaceOnChanges": true }, "sitelinkEnabled": { "type": "boolean", "description": "Indicates whether to enable or disable SiteLink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vlan": { "type": "integer", "description": "The VLAN ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/conditionalForwader:ConditionalForwader": { "description": "Provides a conditional forwarder for managed Microsoft AD in AWS Directory Service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directoryservice.ConditionalForwader(\"example\", {\n directoryId: ad.id,\n remoteDomainName: \"example.com\",\n dnsIps: [\n \"8.8.8.8\",\n \"8.8.4.4\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.ConditionalForwader(\"example\",\n directory_id=ad[\"id\"],\n remote_domain_name=\"example.com\",\n dns_ips=[\n \"8.8.8.8\",\n \"8.8.4.4\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectoryService.ConditionalForwader(\"example\", new()\n {\n DirectoryId = ad.Id,\n RemoteDomainName = \"example.com\",\n DnsIps = new[]\n {\n \"8.8.8.8\",\n \"8.8.4.4\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directoryservice.NewConditionalForwader(ctx, \"example\", \u0026directoryservice.ConditionalForwaderArgs{\n\t\t\tDirectoryId: pulumi.Any(ad.Id),\n\t\t\tRemoteDomainName: pulumi.String(\"example.com\"),\n\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"8.8.8.8\"),\n\t\t\t\tpulumi.String(\"8.8.4.4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.ConditionalForwader;\nimport com.pulumi.aws.directoryservice.ConditionalForwaderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConditionalForwader(\"example\", ConditionalForwaderArgs.builder()\n .directoryId(ad.id())\n .remoteDomainName(\"example.com\")\n .dnsIps( \n \"8.8.8.8\",\n \"8.8.4.4\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directoryservice:ConditionalForwader\n properties:\n directoryId: ${ad.id}\n remoteDomainName: example.com\n dnsIps:\n - 8.8.8.8\n - 8.8.4.4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import conditional forwarders using the directory id and remote_domain_name. For example:\n\n```sh\n$ pulumi import aws:directoryservice/conditionalForwader:ConditionalForwader example d-1234567890:example.com\n```\n", "properties": { "directoryId": { "type": "string", "description": "ID of directory.\n" }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n" } }, "required": [ "directoryId", "dnsIps", "remoteDomainName" ], "inputProperties": { "directoryId": { "type": "string", "description": "ID of directory.\n", "willReplaceOnChanges": true }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "directoryId", "dnsIps", "remoteDomainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConditionalForwader resources.\n", "properties": { "directoryId": { "type": "string", "description": "ID of directory.\n", "willReplaceOnChanges": true }, "dnsIps": { "type": "array", "items": { "type": "string" }, "description": "A list of forwarder IP addresses.\n" }, "remoteDomainName": { "type": "string", "description": "The fully qualified domain name of the remote domain for which forwarders will be used.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/directory:Directory": { "description": "Provides a Simple or Managed Microsoft directory in AWS Directory Service.\n\n## Example Usage\n\n### SimpleAD\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst barSubnet = new aws.ec2.Subnet(\"bar\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst bar = new aws.directoryservice.Directory(\"bar\", {\n name: \"corp.notexample.com\",\n password: \"SuperSecretPassw0rd\",\n size: \"Small\",\n vpcSettings: {\n vpcId: main.id,\n subnetIds: [\n foo.id,\n barSubnet.id,\n ],\n },\n tags: {\n Project: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n vpc_id=main.id,\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\")\nbar_subnet = aws.ec2.Subnet(\"bar\",\n vpc_id=main.id,\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\")\nbar = aws.directoryservice.Directory(\"bar\",\n name=\"corp.notexample.com\",\n password=\"SuperSecretPassw0rd\",\n size=\"Small\",\n vpc_settings={\n \"vpc_id\": main.id,\n \"subnet_ids\": [\n foo.id,\n bar_subnet.id,\n ],\n },\n tags={\n \"Project\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var foo = new Aws.Ec2.Subnet(\"foo\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var barSubnet = new Aws.Ec2.Subnet(\"bar\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var bar = new Aws.DirectoryService.Directory(\"bar\", new()\n {\n Name = \"corp.notexample.com\",\n Password = \"SuperSecretPassw0rd\",\n Size = \"Small\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = main.Id,\n SubnetIds = new[]\n {\n foo.Id,\n barSubnet.Id,\n },\n },\n Tags = \n {\n { \"Project\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbarSubnet, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"bar\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.notexample.com\"),\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tVpcId: main.ID(),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbarSubnet.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Project\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var foo = new Subnet(\"foo\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2a\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var barSubnet = new Subnet(\"barSubnet\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2b\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var bar = new Directory(\"bar\", DirectoryArgs.builder()\n .name(\"corp.notexample.com\")\n .password(\"SuperSecretPassw0rd\")\n .size(\"Small\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(main.id())\n .subnetIds( \n foo.id(),\n barSubnet.id())\n .build())\n .tags(Map.of(\"Project\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:directoryservice:Directory\n properties:\n name: corp.notexample.com\n password: SuperSecretPassw0rd\n size: Small\n vpcSettings:\n vpcId: ${main.id}\n subnetIds:\n - ${foo.id}\n - ${barSubnet.id}\n tags:\n Project: foo\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n foo:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2a\n cidrBlock: 10.0.1.0/24\n barSubnet:\n type: aws:ec2:Subnet\n name: bar\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2b\n cidrBlock: 10.0.2.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Microsoft Active Directory (MicrosoftAD)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst barSubnet = new aws.ec2.Subnet(\"bar\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst bar = new aws.directoryservice.Directory(\"bar\", {\n name: \"corp.notexample.com\",\n password: \"SuperSecretPassw0rd\",\n edition: \"Standard\",\n type: \"MicrosoftAD\",\n vpcSettings: {\n vpcId: main.id,\n subnetIds: [\n foo.id,\n barSubnet.id,\n ],\n },\n tags: {\n Project: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n vpc_id=main.id,\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\")\nbar_subnet = aws.ec2.Subnet(\"bar\",\n vpc_id=main.id,\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\")\nbar = aws.directoryservice.Directory(\"bar\",\n name=\"corp.notexample.com\",\n password=\"SuperSecretPassw0rd\",\n edition=\"Standard\",\n type=\"MicrosoftAD\",\n vpc_settings={\n \"vpc_id\": main.id,\n \"subnet_ids\": [\n foo.id,\n bar_subnet.id,\n ],\n },\n tags={\n \"Project\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var foo = new Aws.Ec2.Subnet(\"foo\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var barSubnet = new Aws.Ec2.Subnet(\"bar\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var bar = new Aws.DirectoryService.Directory(\"bar\", new()\n {\n Name = \"corp.notexample.com\",\n Password = \"SuperSecretPassw0rd\",\n Edition = \"Standard\",\n Type = \"MicrosoftAD\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = main.Id,\n SubnetIds = new[]\n {\n foo.Id,\n barSubnet.Id,\n },\n },\n Tags = \n {\n { \"Project\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbarSubnet, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"bar\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.notexample.com\"),\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tEdition: pulumi.String(\"Standard\"),\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tVpcId: main.ID(),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbarSubnet.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Project\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var foo = new Subnet(\"foo\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2a\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var barSubnet = new Subnet(\"barSubnet\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2b\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var bar = new Directory(\"bar\", DirectoryArgs.builder()\n .name(\"corp.notexample.com\")\n .password(\"SuperSecretPassw0rd\")\n .edition(\"Standard\")\n .type(\"MicrosoftAD\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(main.id())\n .subnetIds( \n foo.id(),\n barSubnet.id())\n .build())\n .tags(Map.of(\"Project\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:directoryservice:Directory\n properties:\n name: corp.notexample.com\n password: SuperSecretPassw0rd\n edition: Standard\n type: MicrosoftAD\n vpcSettings:\n vpcId: ${main.id}\n subnetIds:\n - ${foo.id}\n - ${barSubnet.id}\n tags:\n Project: foo\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n foo:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2a\n cidrBlock: 10.0.1.0/24\n barSubnet:\n type: aws:ec2:Subnet\n name: bar\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2b\n cidrBlock: 10.0.2.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Microsoft Active Directory Connector (ADConnector)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst foo = new aws.ec2.Subnet(\"foo\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n vpcId: main.id,\n availabilityZone: \"us-west-2b\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst connector = new aws.directoryservice.Directory(\"connector\", {\n name: \"corp.notexample.com\",\n password: \"SuperSecretPassw0rd\",\n size: \"Small\",\n type: \"ADConnector\",\n connectSettings: {\n customerDnsIps: [\"A.B.C.D\"],\n customerUsername: \"Admin\",\n subnetIds: [\n foo.id,\n bar.id,\n ],\n vpcId: main.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nfoo = aws.ec2.Subnet(\"foo\",\n vpc_id=main.id,\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\")\nbar = aws.ec2.Subnet(\"bar\",\n vpc_id=main.id,\n availability_zone=\"us-west-2b\",\n cidr_block=\"10.0.2.0/24\")\nconnector = aws.directoryservice.Directory(\"connector\",\n name=\"corp.notexample.com\",\n password=\"SuperSecretPassw0rd\",\n size=\"Small\",\n type=\"ADConnector\",\n connect_settings={\n \"customer_dns_ips\": [\"A.B.C.D\"],\n \"customer_username\": \"Admin\",\n \"subnet_ids\": [\n foo.id,\n bar.id,\n ],\n \"vpc_id\": main.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var foo = new Aws.Ec2.Subnet(\"foo\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var bar = new Aws.Ec2.Subnet(\"bar\", new()\n {\n VpcId = main.Id,\n AvailabilityZone = \"us-west-2b\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var connector = new Aws.DirectoryService.Directory(\"connector\", new()\n {\n Name = \"corp.notexample.com\",\n Password = \"SuperSecretPassw0rd\",\n Size = \"Small\",\n Type = \"ADConnector\",\n ConnectSettings = new Aws.DirectoryService.Inputs.DirectoryConnectSettingsArgs\n {\n CustomerDnsIps = new[]\n {\n \"A.B.C.D\",\n },\n CustomerUsername = \"Admin\",\n SubnetIds = new[]\n {\n foo.Id,\n bar.Id,\n },\n VpcId = main.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewDirectory(ctx, \"connector\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.notexample.com\"),\n\t\t\tPassword: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tType: pulumi.String(\"ADConnector\"),\n\t\t\tConnectSettings: \u0026directoryservice.DirectoryConnectSettingsArgs{\n\t\t\t\tCustomerDnsIps: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"A.B.C.D\"),\n\t\t\t\t},\n\t\t\t\tCustomerUsername: pulumi.String(\"Admin\"),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfoo.ID(),\n\t\t\t\t\tbar.ID(),\n\t\t\t\t},\n\t\t\t\tVpcId: main.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryConnectSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var foo = new Subnet(\"foo\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2a\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var bar = new Subnet(\"bar\", SubnetArgs.builder()\n .vpcId(main.id())\n .availabilityZone(\"us-west-2b\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var connector = new Directory(\"connector\", DirectoryArgs.builder()\n .name(\"corp.notexample.com\")\n .password(\"SuperSecretPassw0rd\")\n .size(\"Small\")\n .type(\"ADConnector\")\n .connectSettings(DirectoryConnectSettingsArgs.builder()\n .customerDnsIps(\"A.B.C.D\")\n .customerUsername(\"Admin\")\n .subnetIds( \n foo.id(),\n bar.id())\n .vpcId(main.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n connector:\n type: aws:directoryservice:Directory\n properties:\n name: corp.notexample.com\n password: SuperSecretPassw0rd\n size: Small\n type: ADConnector\n connectSettings:\n customerDnsIps:\n - A.B.C.D\n customerUsername: Admin\n subnetIds:\n - ${foo.id}\n - ${bar.id}\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n foo:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2a\n cidrBlock: 10.0.1.0/24\n bar:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${main.id}\n availabilityZone: us-west-2b\n cidrBlock: 10.0.2.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DirectoryService directories using the directory `id`. For example:\n\n```sh\n$ pulumi import aws:directoryservice/directory:Directory sample d-926724cf57\n```\n", "properties": { "accessUrl": { "type": "string", "description": "The access URL for the directory, such as `http://alias.awsapps.com`.\n" }, "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n" }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n" }, "description": { "type": "string", "description": "A textual description for the directory.\n" }, "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the directory. Minimum value of `2`. Scaling of domain controllers is only supported for `MicrosoftAD` directories.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of the DNS servers for the directory or connector.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise`.\n" }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n" }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n", "secret": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group created by the directory.\n" }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n" }, "size": { "type": "string", "description": "(For `SimpleAD` and `ADConnector` types) The size of the directory (`Small` or `Large` are accepted values). `Large` by default.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n" }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n" } }, "required": [ "accessUrl", "alias", "desiredNumberOfDomainControllers", "dnsIpAddresses", "edition", "name", "password", "securityGroupId", "shortName", "size", "tagsAll" ], "inputProperties": { "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n", "willReplaceOnChanges": true }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A textual description for the directory.\n", "willReplaceOnChanges": true }, "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the directory. Minimum value of `2`. Scaling of domain controllers is only supported for `MicrosoftAD` directories.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise`.\n", "willReplaceOnChanges": true }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n", "secret": true, "willReplaceOnChanges": true }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n", "willReplaceOnChanges": true }, "size": { "type": "string", "description": "(For `SimpleAD` and `ADConnector` types) The size of the directory (`Small` or `Large` are accepted values). `Large` by default.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n", "willReplaceOnChanges": true }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "name", "password" ], "stateInputs": { "description": "Input properties used for looking up and filtering Directory resources.\n", "properties": { "accessUrl": { "type": "string", "description": "The access URL for the directory, such as `http://alias.awsapps.com`.\n" }, "alias": { "type": "string", "description": "The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.\n", "willReplaceOnChanges": true }, "connectSettings": { "$ref": "#/types/aws:directoryservice/DirectoryConnectSettings:DirectoryConnectSettings", "description": "Connector related information about the directory. Fields documented below.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A textual description for the directory.\n", "willReplaceOnChanges": true }, "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the directory. Minimum value of `2`. Scaling of domain controllers is only supported for `MicrosoftAD` directories.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of the DNS servers for the directory or connector.\n" }, "edition": { "type": "string", "description": "The MicrosoftAD edition (`Standard` or `Enterprise`). Defaults to `Enterprise`.\n", "willReplaceOnChanges": true }, "enableSso": { "type": "boolean", "description": "Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The fully qualified name for the directory, such as `corp.example.com`\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password for the directory administrator or connector user.\n", "secret": true, "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group created by the directory.\n" }, "shortName": { "type": "string", "description": "The short name of the directory, such as `CORP`.\n", "willReplaceOnChanges": true }, "size": { "type": "string", "description": "(For `SimpleAD` and `ADConnector` types) The size of the directory (`Small` or `Large` are accepted values). `Large` by default.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.\n", "willReplaceOnChanges": true }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/DirectoryVpcSettings:DirectoryVpcSettings", "description": "VPC related information about the directory. Fields documented below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/logService:LogService": { "description": "Provides a Log subscription for AWS Directory Service that pushes logs to cloudwatch.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/directoryservice/${exampleAwsDirectoryServiceDirectory.id}`,\n retentionInDays: 14,\n});\nconst ad-log-policy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n principals: [{\n identifiers: [\"ds.amazonaws.com\"],\n type: \"Service\",\n }],\n resources: [pulumi.interpolate`${example.arn}:*`],\n effect: \"Allow\",\n }],\n});\nconst ad_log_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"ad-log-policy\", {\n policyDocument: ad_log_policy.apply(ad_log_policy =\u003e ad_log_policy.json),\n policyName: \"ad-log-policy\",\n});\nconst exampleLogService = new aws.directoryservice.LogService(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n logGroupName: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/directoryservice/{example_aws_directory_service_directory['id']}\",\n retention_in_days=14)\nad_log_policy = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"principals\": [{\n \"identifiers\": [\"ds.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n \"resources\": [example.arn.apply(lambda arn: f\"{arn}:*\")],\n \"effect\": \"Allow\",\n}])\nad_log_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"ad-log-policy\",\n policy_document=ad_log_policy.json,\n policy_name=\"ad-log-policy\")\nexample_log_service = aws.directoryservice.LogService(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n log_group_name=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/directoryservice/{exampleAwsDirectoryServiceDirectory.Id}\",\n RetentionInDays = 14,\n });\n\n var ad_log_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"ds.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n Resources = new[]\n {\n $\"{example.Arn}:*\",\n },\n Effect = \"Allow\",\n },\n },\n });\n\n var ad_log_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"ad-log-policy\", new()\n {\n PolicyDocument = ad_log_policy.Apply(ad_log_policy =\u003e ad_log_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"ad-log-policy\",\n });\n\n var exampleLogService = new Aws.DirectoryService.LogService(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n LogGroupName = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/directoryservice/%v\", exampleAwsDirectoryServiceDirectory.Id)),\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tad_log_policy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"logs:CreateLogStream\"),\n\t\t\t\t\t\tpulumi.String(\"logs:PutLogEvents\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"ds.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"ad-log-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(ad_log_policy.ApplyT(func(ad_log_policy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026ad_log_policy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tPolicyName: pulumi.String(\"ad-log-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewLogService(ctx, \"example\", \u0026directoryservice.LogServiceArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tLogGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.directoryservice.LogService;\nimport com.pulumi.aws.directoryservice.LogServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(String.format(\"/aws/directoryservice/%s\", exampleAwsDirectoryServiceDirectory.id()))\n .retentionInDays(14)\n .build());\n\n final var ad-log-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"ds.amazonaws.com\")\n .type(\"Service\")\n .build())\n .resources(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .effect(\"Allow\")\n .build())\n .build());\n\n var ad_log_policyLogResourcePolicy = new LogResourcePolicy(\"ad-log-policyLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyDocument(ad_log_policy.applyValue(ad_log_policy -\u003e ad_log_policy.json()))\n .policyName(\"ad-log-policy\")\n .build());\n\n var exampleLogService = new LogService(\"exampleLogService\", LogServiceArgs.builder()\n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .logGroupName(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /aws/directoryservice/${exampleAwsDirectoryServiceDirectory.id}\n retentionInDays: 14\n ad-log-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: ad-log-policy\n properties:\n policyDocument: ${[\"ad-log-policy\"].json}\n policyName: ad-log-policy\n exampleLogService:\n type: aws:directoryservice:LogService\n name: example\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n logGroupName: ${example.name}\nvariables:\n ad-log-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n principals:\n - identifiers:\n - ds.amazonaws.com\n type: Service\n resources:\n - ${example.arn}:*\n effect: Allow\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Directory Service Log Subscriptions using the directory id. For example:\n\n```sh\n$ pulumi import aws:directoryservice/logService:LogService msad d-1234567890\n```\n", "properties": { "directoryId": { "type": "string", "description": "ID of directory.\n" }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n" } }, "required": [ "directoryId", "logGroupName" ], "inputProperties": { "directoryId": { "type": "string", "description": "ID of directory.\n", "willReplaceOnChanges": true }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "directoryId", "logGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LogService resources.\n", "properties": { "directoryId": { "type": "string", "description": "ID of directory.\n", "willReplaceOnChanges": true }, "logGroupName": { "type": "string", "description": "Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/radiusSettings:RadiusSettings": { "description": "Manages a directory's multi-factor authentication (MFA) using a Remote Authentication Dial In User Service (RADIUS) server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directoryservice.RadiusSettings(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n authenticationProtocol: \"PAP\",\n displayLabel: \"example\",\n radiusPort: 1812,\n radiusRetries: 4,\n radiusServers: [\"10.0.1.5\"],\n radiusTimeout: 1,\n sharedSecret: \"12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.RadiusSettings(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n authentication_protocol=\"PAP\",\n display_label=\"example\",\n radius_port=1812,\n radius_retries=4,\n radius_servers=[\"10.0.1.5\"],\n radius_timeout=1,\n shared_secret=\"12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectoryService.RadiusSettings(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n AuthenticationProtocol = \"PAP\",\n DisplayLabel = \"example\",\n RadiusPort = 1812,\n RadiusRetries = 4,\n RadiusServers = new[]\n {\n \"10.0.1.5\",\n },\n RadiusTimeout = 1,\n SharedSecret = \"12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directoryservice.NewRadiusSettings(ctx, \"example\", \u0026directoryservice.RadiusSettingsArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tAuthenticationProtocol: pulumi.String(\"PAP\"),\n\t\t\tDisplayLabel: pulumi.String(\"example\"),\n\t\t\tRadiusPort: pulumi.Int(1812),\n\t\t\tRadiusRetries: pulumi.Int(4),\n\t\t\tRadiusServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.1.5\"),\n\t\t\t},\n\t\t\tRadiusTimeout: pulumi.Int(1),\n\t\t\tSharedSecret: pulumi.String(\"12345678\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.RadiusSettings;\nimport com.pulumi.aws.directoryservice.RadiusSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RadiusSettings(\"example\", RadiusSettingsArgs.builder()\n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .authenticationProtocol(\"PAP\")\n .displayLabel(\"example\")\n .radiusPort(1812)\n .radiusRetries(4)\n .radiusServers(\"10.0.1.5\")\n .radiusTimeout(1)\n .sharedSecret(\"12345678\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directoryservice:RadiusSettings\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n authenticationProtocol: PAP\n displayLabel: example\n radiusPort: 1812\n radiusRetries: 4\n radiusServers:\n - 10.0.1.5\n radiusTimeout: 1\n sharedSecret: '12345678'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RADIUS settings using the directory ID. For example:\n\n```sh\n$ pulumi import aws:directoryservice/radiusSettings:RadiusSettings example d-926724cf57\n```\n", "properties": { "authenticationProtocol": { "type": "string", "description": "The protocol specified for your RADIUS endpoints. Valid values: `PAP`, `CHAP`, `MS-CHAPv1`, `MS-CHAPv2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory for which you want to manager RADIUS settings.\n" }, "displayLabel": { "type": "string", "description": "Display label.\n" }, "radiusPort": { "type": "integer", "description": "The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the AWS Directory Service servers.\n" }, "radiusRetries": { "type": "integer", "description": "The maximum number of times that communication with the RADIUS server is attempted. Minimum value of `0`. Maximum value of `10`.\n" }, "radiusServers": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.\n" }, "radiusTimeout": { "type": "integer", "description": "The amount of time, in seconds, to wait for the RADIUS server to respond. Minimum value of `1`. Maximum value of `50`.\n" }, "sharedSecret": { "type": "string", "description": "Required for enabling RADIUS on the directory.\n", "secret": true }, "useSameUsername": { "type": "boolean", "description": "Not currently used.\n" } }, "required": [ "authenticationProtocol", "directoryId", "displayLabel", "radiusPort", "radiusRetries", "radiusServers", "radiusTimeout", "sharedSecret" ], "inputProperties": { "authenticationProtocol": { "type": "string", "description": "The protocol specified for your RADIUS endpoints. Valid values: `PAP`, `CHAP`, `MS-CHAPv1`, `MS-CHAPv2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory for which you want to manager RADIUS settings.\n", "willReplaceOnChanges": true }, "displayLabel": { "type": "string", "description": "Display label.\n" }, "radiusPort": { "type": "integer", "description": "The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the AWS Directory Service servers.\n" }, "radiusRetries": { "type": "integer", "description": "The maximum number of times that communication with the RADIUS server is attempted. Minimum value of `0`. Maximum value of `10`.\n" }, "radiusServers": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.\n" }, "radiusTimeout": { "type": "integer", "description": "The amount of time, in seconds, to wait for the RADIUS server to respond. Minimum value of `1`. Maximum value of `50`.\n" }, "sharedSecret": { "type": "string", "description": "Required for enabling RADIUS on the directory.\n", "secret": true }, "useSameUsername": { "type": "boolean", "description": "Not currently used.\n" } }, "requiredInputs": [ "authenticationProtocol", "directoryId", "displayLabel", "radiusPort", "radiusRetries", "radiusServers", "radiusTimeout", "sharedSecret" ], "stateInputs": { "description": "Input properties used for looking up and filtering RadiusSettings resources.\n", "properties": { "authenticationProtocol": { "type": "string", "description": "The protocol specified for your RADIUS endpoints. Valid values: `PAP`, `CHAP`, `MS-CHAPv1`, `MS-CHAPv2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory for which you want to manager RADIUS settings.\n", "willReplaceOnChanges": true }, "displayLabel": { "type": "string", "description": "Display label.\n" }, "radiusPort": { "type": "integer", "description": "The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the AWS Directory Service servers.\n" }, "radiusRetries": { "type": "integer", "description": "The maximum number of times that communication with the RADIUS server is attempted. Minimum value of `0`. Maximum value of `10`.\n" }, "radiusServers": { "type": "array", "items": { "type": "string" }, "description": "An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.\n" }, "radiusTimeout": { "type": "integer", "description": "The amount of time, in seconds, to wait for the RADIUS server to respond. Minimum value of `1`. Maximum value of `50`.\n" }, "sharedSecret": { "type": "string", "description": "Required for enabling RADIUS on the directory.\n", "secret": true }, "useSameUsername": { "type": "boolean", "description": "Not currently used.\n" } }, "type": "object" } }, "aws:directoryservice/serviceRegion:ServiceRegion": { "description": "Manages a replicated Region and directory for Multi-Region replication.\nMulti-Region replication is only supported for the Enterprise Edition of AWS Managed Microsoft AD.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = aws.getRegion({});\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n tags: {\n Name: \"Primary\",\n },\n});\nconst exampleSubnet: aws.ec2.Subnet[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n exampleSubnet.push(new aws.ec2.Subnet(`example-${range.value}`, {\n vpcId: exampleVpc.id,\n availabilityZone: available.then(available =\u003e available.names[range.value]),\n cidrBlock: exampleVpc.cidrBlock.apply(cidrBlock =\u003e std.cidrsubnetOutput({\n input: cidrBlock,\n newbits: 8,\n netnum: range.value,\n })).apply(invoke =\u003e invoke.result),\n tags: {\n Name: \"Primary\",\n },\n }));\n}\nconst exampleDirectory = new aws.directoryservice.Directory(\"example\", {\n name: \"example.com\",\n password: \"SuperSecretPassw0rd\",\n type: \"MicrosoftAD\",\n vpcSettings: {\n vpcId: exampleVpc.id,\n subnetIds: exampleSubnet.map(__item =\u003e __item.id),\n },\n});\nconst available-secondary = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst example_secondary = new aws.ec2.Vpc(\"example-secondary\", {\n cidrBlock: \"10.1.0.0/16\",\n tags: {\n Name: \"Secondary\",\n },\n});\nconst example_secondarySubnet: aws.ec2.Subnet[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n example_secondarySubnet.push(new aws.ec2.Subnet(`example-secondary-${range.value}`, {\n vpcId: example_secondary.id,\n availabilityZone: available_secondary.then(available_secondary =\u003e available_secondary.names[range.value]),\n cidrBlock: example_secondary.cidrBlock.apply(cidrBlock =\u003e std.cidrsubnetOutput({\n input: cidrBlock,\n newbits: 8,\n netnum: range.value,\n })).apply(invoke =\u003e invoke.result),\n tags: {\n Name: \"Secondary\",\n },\n }));\n}\nconst exampleServiceRegion = new aws.directoryservice.ServiceRegion(\"example\", {\n directoryId: exampleDirectory.id,\n regionName: example.then(example =\u003e example.name),\n vpcSettings: {\n vpcId: example_secondary.id,\n subnetIds: example_secondarySubnet.map(__item =\u003e __item.id),\n },\n tags: {\n Name: \"Secondary\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.get_region()\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\nexample_vpc = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n tags={\n \"Name\": \"Primary\",\n })\nexample_subnet = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example_subnet.append(aws.ec2.Subnet(f\"example-{range['value']}\",\n vpc_id=example_vpc.id,\n availability_zone=available.names[range[\"value\"]],\n cidr_block=example_vpc.cidr_block.apply(lambda cidr_block: std.cidrsubnet_output(input=cidr_block,\n newbits=8,\n netnum=range[\"value\"])).apply(lambda invoke: invoke.result),\n tags={\n \"Name\": \"Primary\",\n }))\nexample_directory = aws.directoryservice.Directory(\"example\",\n name=\"example.com\",\n password=\"SuperSecretPassw0rd\",\n type=\"MicrosoftAD\",\n vpc_settings={\n \"vpc_id\": example_vpc.id,\n \"subnet_ids\": [__item.id for __item in example_subnet],\n })\navailable_secondary = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\nexample_secondary = aws.ec2.Vpc(\"example-secondary\",\n cidr_block=\"10.1.0.0/16\",\n tags={\n \"Name\": \"Secondary\",\n })\nexample_secondary_subnet = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example_secondary_subnet.append(aws.ec2.Subnet(f\"example-secondary-{range['value']}\",\n vpc_id=example_secondary.id,\n availability_zone=available_secondary.names[range[\"value\"]],\n cidr_block=example_secondary.cidr_block.apply(lambda cidr_block: std.cidrsubnet_output(input=cidr_block,\n newbits=8,\n netnum=range[\"value\"])).apply(lambda invoke: invoke.result),\n tags={\n \"Name\": \"Secondary\",\n }))\nexample_service_region = aws.directoryservice.ServiceRegion(\"example\",\n directory_id=example_directory.id,\n region_name=example.name,\n vpc_settings={\n \"vpc_id\": example_secondary.id,\n \"subnet_ids\": [__item.id for __item in example_secondary_subnet],\n },\n tags={\n \"Name\": \"Secondary\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GetRegion.Invoke();\n\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n Tags = \n {\n { \"Name\", \"Primary\" },\n },\n });\n\n var exampleSubnet = new List\u003cAws.Ec2.Subnet\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n exampleSubnet.Add(new Aws.Ec2.Subnet($\"example-{range.Value}\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names)[range.Value],\n CidrBlock = exampleVpc.CidrBlock.Apply(cidrBlock =\u003e Std.Cidrsubnet.Invoke(new()\n {\n Input = cidrBlock,\n Newbits = 8,\n Netnum = range.Value,\n })).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Primary\" },\n },\n }));\n }\n var exampleDirectory = new Aws.DirectoryService.Directory(\"example\", new()\n {\n Name = \"example.com\",\n Password = \"SuperSecretPassw0rd\",\n Type = \"MicrosoftAD\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = exampleVpc.Id,\n SubnetIds = exampleSubnet.Select(__item =\u003e __item.Id).ToList(),\n },\n });\n\n var available_secondary = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var example_secondary = new Aws.Ec2.Vpc(\"example-secondary\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n Tags = \n {\n { \"Name\", \"Secondary\" },\n },\n });\n\n var example_secondarySubnet = new List\u003cAws.Ec2.Subnet\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example_secondarySubnet.Add(new Aws.Ec2.Subnet($\"example-secondary-{range.Value}\", new()\n {\n VpcId = example_secondary.Id,\n AvailabilityZone = available_secondary.Apply(available_secondary =\u003e available_secondary.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names)[range.Value]),\n CidrBlock = example_secondary.CidrBlock.Apply(cidrBlock =\u003e Std.Cidrsubnet.Invoke(new()\n {\n Input = cidrBlock,\n Newbits = 8,\n Netnum = range.Value,\n })).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Secondary\" },\n },\n }));\n }\n var exampleServiceRegion = new Aws.DirectoryService.ServiceRegion(\"example\", new()\n {\n DirectoryId = exampleDirectory.Id,\n RegionName = example.Apply(getRegionResult =\u003e getRegionResult.Name),\n VpcSettings = new Aws.DirectoryService.Inputs.ServiceRegionVpcSettingsArgs\n {\n VpcId = example_secondary.Id,\n SubnetIds = example_secondarySubnet.Select(__item =\u003e __item.Id).ToList(),\n },\n Tags = \n {\n { \"Name\", \"Secondary\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\navailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\nState: pulumi.StringRef(\"available\"),\nFilters: []aws.GetAvailabilityZonesFilter{\n{\nName: \"opt-in-status\",\nValues: []string{\n\"opt-in-not-required\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\nCidrBlock: pulumi.String(\"10.0.0.0/16\"),\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"Primary\"),\n},\n})\nif err != nil {\nreturn err\n}\nvar exampleSubnet []*ec2.Subnet\nfor index := 0; index \u003c 2; index++ {\n key0 := index\n val0 := index\n__res, err := ec2.NewSubnet(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026ec2.SubnetArgs{\nVpcId: exampleVpc.ID(),\nAvailabilityZone: pulumi.String(available.Names[val0]),\nCidrBlock: pulumi.String(exampleVpc.CidrBlock.ApplyT(func(cidrBlock string) (std.CidrsubnetResult, error) {\nreturn std.CidrsubnetResult(interface{}(std.CidrsubnetOutput(ctx, std.CidrsubnetOutputArgs{\nInput: cidrBlock,\nNewbits: 8,\nNetnum: val0,\n}, nil))), nil\n}).(std.CidrsubnetResultOutput).ApplyT(func(invoke std.CidrsubnetResult) (*string, error) {\nreturn invoke.Result, nil\n}).(pulumi.StringPtrOutput)),\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"Primary\"),\n},\n})\nif err != nil {\nreturn err\n}\nexampleSubnet = append(exampleSubnet, __res)\n}\nexampleDirectory, err := directoryservice.NewDirectory(ctx, \"example\", \u0026directoryservice.DirectoryArgs{\nName: pulumi.String(\"example.com\"),\nPassword: pulumi.String(\"SuperSecretPassw0rd\"),\nType: pulumi.String(\"MicrosoftAD\"),\nVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\nVpcId: exampleVpc.ID(),\nSubnetIds: %!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:44,17-36),\n},\n})\nif err != nil {\nreturn err\n}\navailable_secondary, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\nState: pulumi.StringRef(\"available\"),\nFilters: []aws.GetAvailabilityZonesFilter{\n{\nName: \"opt-in-status\",\nValues: []string{\n\"opt-in-not-required\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = ec2.NewVpc(ctx, \"example-secondary\", \u0026ec2.VpcArgs{\nCidrBlock: pulumi.String(\"10.1.0.0/16\"),\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"Secondary\"),\n},\n})\nif err != nil {\nreturn err\n}\nvar example_secondarySubnet []*ec2.Subnet\nfor index := 0; index \u003c 2; index++ {\n key0 := index\n val0 := index\n__res, err := ec2.NewSubnet(ctx, fmt.Sprintf(\"example-secondary-%v\", key0), \u0026ec2.SubnetArgs{\nVpcId: example_secondary.ID(),\nAvailabilityZone: pulumi.String(available_secondary.Names[val0]),\nCidrBlock: pulumi.String(example_secondary.CidrBlock.ApplyT(func(cidrBlock string) (std.CidrsubnetResult, error) {\nreturn std.CidrsubnetResult(interface{}(std.CidrsubnetOutput(ctx, std.CidrsubnetOutputArgs{\nInput: cidrBlock,\nNewbits: 8,\nNetnum: val0,\n}, nil))), nil\n}).(std.CidrsubnetResultOutput).ApplyT(func(invoke std.CidrsubnetResult) (*string, error) {\nreturn invoke.Result, nil\n}).(pulumi.StringPtrOutput)),\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"Secondary\"),\n},\n})\nif err != nil {\nreturn err\n}\nexample_secondarySubnet = append(example_secondarySubnet, __res)\n}\n_, err = directoryservice.NewServiceRegion(ctx, \"example\", \u0026directoryservice.ServiceRegionArgs{\nDirectoryId: exampleDirectory.ID(),\nRegionName: pulumi.String(example.Name),\nVpcSettings: \u0026directoryservice.ServiceRegionVpcSettingsArgs{\nVpcId: example_secondary.ID(),\nSubnetIds: %!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:87,17-46),\n},\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"Secondary\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport com.pulumi.aws.directoryservice.ServiceRegion;\nimport com.pulumi.aws.directoryservice.ServiceRegionArgs;\nimport com.pulumi.aws.directoryservice.inputs.ServiceRegionVpcSettingsArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AwsFunctions.getRegion();\n\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .tags(Map.of(\"Name\", \"Primary\"))\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new Subnet(\"exampleSubnet-\" + i, SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names())[range.value()])\n .cidrBlock(exampleVpc.cidrBlock().applyValue(cidrBlock -\u003e StdFunctions.cidrsubnet()).applyValue(invoke -\u003e invoke.result()))\n .tags(Map.of(\"Name\", \"Primary\"))\n .build());\n\n \n}\n var exampleDirectory = new Directory(\"exampleDirectory\", DirectoryArgs.builder()\n .name(\"example.com\")\n .password(\"SuperSecretPassw0rd\")\n .type(\"MicrosoftAD\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(exampleVpc.id())\n .subnetIds(exampleSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .build());\n\n final var available-secondary = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var example_secondary = new Vpc(\"example-secondary\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .tags(Map.of(\"Name\", \"Secondary\"))\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new Subnet(\"example-secondarySubnet-\" + i, SubnetArgs.builder()\n .vpcId(example_secondary.id())\n .availabilityZone(available_secondary.names()[range.value()])\n .cidrBlock(example_secondary.cidrBlock().applyValue(cidrBlock -\u003e StdFunctions.cidrsubnet()).applyValue(invoke -\u003e invoke.result()))\n .tags(Map.of(\"Name\", \"Secondary\"))\n .build());\n\n \n}\n var exampleServiceRegion = new ServiceRegion(\"exampleServiceRegion\", ServiceRegionArgs.builder()\n .directoryId(exampleDirectory.id())\n .regionName(example.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .vpcSettings(ServiceRegionVpcSettingsArgs.builder()\n .vpcId(example_secondary.id())\n .subnetIds(example_secondarySubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .tags(Map.of(\"Name\", \"Secondary\"))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Replicated Regions using directory ID,Region name. For example:\n\n```sh\n$ pulumi import aws:directoryservice/serviceRegion:ServiceRegion example d-9267651497,us-east-2\n```\n", "properties": { "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the replicated directory. Minimum value of `2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory to which you want to add Region replication.\n" }, "regionName": { "type": "string", "description": "The name of the Region where you want to add domain controllers for replication.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/ServiceRegionVpcSettings:ServiceRegionVpcSettings", "description": "VPC information in the replicated Region. Detailed below.\n" } }, "required": [ "desiredNumberOfDomainControllers", "directoryId", "regionName", "tagsAll", "vpcSettings" ], "inputProperties": { "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the replicated directory. Minimum value of `2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory to which you want to add Region replication.\n", "willReplaceOnChanges": true }, "regionName": { "type": "string", "description": "The name of the Region where you want to add domain controllers for replication.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/ServiceRegionVpcSettings:ServiceRegionVpcSettings", "description": "VPC information in the replicated Region. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "directoryId", "regionName", "vpcSettings" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceRegion resources.\n", "properties": { "desiredNumberOfDomainControllers": { "type": "integer", "description": "The number of domain controllers desired in the replicated directory. Minimum value of `2`.\n" }, "directoryId": { "type": "string", "description": "The identifier of the directory to which you want to add Region replication.\n", "willReplaceOnChanges": true }, "regionName": { "type": "string", "description": "The name of the Region where you want to add domain controllers for replication.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSettings": { "$ref": "#/types/aws:directoryservice/ServiceRegionVpcSettings:ServiceRegionVpcSettings", "description": "VPC information in the replicated Region. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/sharedDirectory:SharedDirectory": { "description": "Manages a directory in your account (directory owner) shared with another account (directory consumer).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directoryservice.Directory(\"example\", {\n name: \"tf-example\",\n password: \"SuperSecretPassw0rd\",\n type: \"MicrosoftAD\",\n edition: \"Standard\",\n vpcSettings: {\n vpcId: exampleAwsVpc.id,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n },\n});\nconst exampleSharedDirectory = new aws.directoryservice.SharedDirectory(\"example\", {\n directoryId: example.id,\n notes: \"You wanna have a catch?\",\n target: {\n id: receiver.accountId,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.Directory(\"example\",\n name=\"tf-example\",\n password=\"SuperSecretPassw0rd\",\n type=\"MicrosoftAD\",\n edition=\"Standard\",\n vpc_settings={\n \"vpc_id\": example_aws_vpc[\"id\"],\n \"subnet_ids\": [__item[\"id\"] for __item in example_aws_subnet],\n })\nexample_shared_directory = aws.directoryservice.SharedDirectory(\"example\",\n directory_id=example.id,\n notes=\"You wanna have a catch?\",\n target={\n \"id\": receiver[\"accountId\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectoryService.Directory(\"example\", new()\n {\n Name = \"tf-example\",\n Password = \"SuperSecretPassw0rd\",\n Type = \"MicrosoftAD\",\n Edition = \"Standard\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = exampleAwsVpc.Id,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n },\n });\n\n var exampleSharedDirectory = new Aws.DirectoryService.SharedDirectory(\"example\", new()\n {\n DirectoryId = example.Id,\n Notes = \"You wanna have a catch?\",\n Target = new Aws.DirectoryService.Inputs.SharedDirectoryTargetArgs\n {\n Id = receiver.AccountId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := directoryservice.NewDirectory(ctx, \"example\", \u0026directoryservice.DirectoryArgs{\nName: pulumi.String(\"tf-example\"),\nPassword: pulumi.String(\"SuperSecretPassw0rd\"),\nType: pulumi.String(\"MicrosoftAD\"),\nEdition: pulumi.String(\"Standard\"),\nVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\nVpcId: pulumi.Any(exampleAwsVpc.Id),\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:7,17-39)),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = directoryservice.NewSharedDirectory(ctx, \"example\", \u0026directoryservice.SharedDirectoryArgs{\nDirectoryId: example.ID(),\nNotes: pulumi.String(\"You wanna have a catch?\"),\nTarget: \u0026directoryservice.SharedDirectoryTargetArgs{\nId: pulumi.Any(receiver.AccountId),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport com.pulumi.aws.directoryservice.SharedDirectory;\nimport com.pulumi.aws.directoryservice.SharedDirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.SharedDirectoryTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Directory(\"example\", DirectoryArgs.builder()\n .name(\"tf-example\")\n .password(\"SuperSecretPassw0rd\")\n .type(\"MicrosoftAD\")\n .edition(\"Standard\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .build());\n\n var exampleSharedDirectory = new SharedDirectory(\"exampleSharedDirectory\", SharedDirectoryArgs.builder()\n .directoryId(example.id())\n .notes(\"You wanna have a catch?\")\n .target(SharedDirectoryTargetArgs.builder()\n .id(receiver.accountId())\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Directory Service Shared Directories using the owner directory ID/shared directory ID. For example:\n\n```sh\n$ pulumi import aws:directoryservice/sharedDirectory:SharedDirectory example d-1234567890/d-9267633ece\n```\n", "properties": { "directoryId": { "type": "string", "description": "Identifier of the Managed Microsoft AD directory that you want to share with other accounts.\n" }, "method": { "type": "string", "description": "Method used when sharing a directory. Valid values are `ORGANIZATIONS` and `HANDSHAKE`. Default is `HANDSHAKE`.\n" }, "notes": { "type": "string", "description": "Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation.\n", "secret": true }, "sharedDirectoryId": { "type": "string", "description": "Identifier of the directory that is stored in the directory consumer account that corresponds to the shared directory in the owner account.\n" }, "target": { "$ref": "#/types/aws:directoryservice/SharedDirectoryTarget:SharedDirectoryTarget", "description": "Identifier for the directory consumer account with whom the directory is to be shared. See below.\n\nThe following arguments are optional:\n" } }, "required": [ "directoryId", "sharedDirectoryId", "target" ], "inputProperties": { "directoryId": { "type": "string", "description": "Identifier of the Managed Microsoft AD directory that you want to share with other accounts.\n", "willReplaceOnChanges": true }, "method": { "type": "string", "description": "Method used when sharing a directory. Valid values are `ORGANIZATIONS` and `HANDSHAKE`. Default is `HANDSHAKE`.\n", "willReplaceOnChanges": true }, "notes": { "type": "string", "description": "Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation.\n", "secret": true, "willReplaceOnChanges": true }, "target": { "$ref": "#/types/aws:directoryservice/SharedDirectoryTarget:SharedDirectoryTarget", "description": "Identifier for the directory consumer account with whom the directory is to be shared. See below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "directoryId", "target" ], "stateInputs": { "description": "Input properties used for looking up and filtering SharedDirectory resources.\n", "properties": { "directoryId": { "type": "string", "description": "Identifier of the Managed Microsoft AD directory that you want to share with other accounts.\n", "willReplaceOnChanges": true }, "method": { "type": "string", "description": "Method used when sharing a directory. Valid values are `ORGANIZATIONS` and `HANDSHAKE`. Default is `HANDSHAKE`.\n", "willReplaceOnChanges": true }, "notes": { "type": "string", "description": "Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation.\n", "secret": true, "willReplaceOnChanges": true }, "sharedDirectoryId": { "type": "string", "description": "Identifier of the directory that is stored in the directory consumer account that corresponds to the shared directory in the owner account.\n" }, "target": { "$ref": "#/types/aws:directoryservice/SharedDirectoryTarget:SharedDirectoryTarget", "description": "Identifier for the directory consumer account with whom the directory is to be shared. See below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/sharedDirectoryAccepter:SharedDirectoryAccepter": { "description": "Accepts a shared directory in a consumer account.\n\n\u003e **NOTE:** Destroying this resource removes the shared directory from the consumer account only.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.directoryservice.SharedDirectory(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n notes: \"example\",\n target: {\n id: receiver.accountId,\n },\n});\nconst exampleSharedDirectoryAccepter = new aws.directoryservice.SharedDirectoryAccepter(\"example\", {sharedDirectoryId: example.sharedDirectoryId});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.SharedDirectory(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n notes=\"example\",\n target={\n \"id\": receiver[\"accountId\"],\n })\nexample_shared_directory_accepter = aws.directoryservice.SharedDirectoryAccepter(\"example\", shared_directory_id=example.shared_directory_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DirectoryService.SharedDirectory(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n Notes = \"example\",\n Target = new Aws.DirectoryService.Inputs.SharedDirectoryTargetArgs\n {\n Id = receiver.AccountId,\n },\n });\n\n var exampleSharedDirectoryAccepter = new Aws.DirectoryService.SharedDirectoryAccepter(\"example\", new()\n {\n SharedDirectoryId = example.SharedDirectoryId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := directoryservice.NewSharedDirectory(ctx, \"example\", \u0026directoryservice.SharedDirectoryArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tNotes: pulumi.String(\"example\"),\n\t\t\tTarget: \u0026directoryservice.SharedDirectoryTargetArgs{\n\t\t\t\tId: pulumi.Any(receiver.AccountId),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewSharedDirectoryAccepter(ctx, \"example\", \u0026directoryservice.SharedDirectoryAccepterArgs{\n\t\t\tSharedDirectoryId: example.SharedDirectoryId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.SharedDirectory;\nimport com.pulumi.aws.directoryservice.SharedDirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.SharedDirectoryTargetArgs;\nimport com.pulumi.aws.directoryservice.SharedDirectoryAccepter;\nimport com.pulumi.aws.directoryservice.SharedDirectoryAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SharedDirectory(\"example\", SharedDirectoryArgs.builder()\n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .notes(\"example\")\n .target(SharedDirectoryTargetArgs.builder()\n .id(receiver.accountId())\n .build())\n .build());\n\n var exampleSharedDirectoryAccepter = new SharedDirectoryAccepter(\"exampleSharedDirectoryAccepter\", SharedDirectoryAccepterArgs.builder()\n .sharedDirectoryId(example.sharedDirectoryId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:directoryservice:SharedDirectory\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n notes: example\n target:\n id: ${receiver.accountId}\n exampleSharedDirectoryAccepter:\n type: aws:directoryservice:SharedDirectoryAccepter\n name: example\n properties:\n sharedDirectoryId: ${example.sharedDirectoryId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Directory Service Shared Directories using the shared directory ID. For example:\n\n```sh\n$ pulumi import aws:directoryservice/sharedDirectoryAccepter:SharedDirectoryAccepter example d-9267633ece\n```\n", "properties": { "method": { "type": "string", "description": "Method used when sharing a directory (i.e., `ORGANIZATIONS` or `HANDSHAKE`).\n" }, "notes": { "type": "string", "description": "Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation.\n" }, "ownerAccountId": { "type": "string", "description": "Account identifier of the directory owner.\n" }, "ownerDirectoryId": { "type": "string", "description": "Identifier of the Managed Microsoft AD directory from the perspective of the directory owner.\n" }, "sharedDirectoryId": { "type": "string", "description": "Identifier of the directory that is stored in the directory consumer account that corresponds to the shared directory in the owner account.\n" } }, "required": [ "method", "notes", "ownerAccountId", "ownerDirectoryId", "sharedDirectoryId" ], "inputProperties": { "sharedDirectoryId": { "type": "string", "description": "Identifier of the directory that is stored in the directory consumer account that corresponds to the shared directory in the owner account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "sharedDirectoryId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SharedDirectoryAccepter resources.\n", "properties": { "method": { "type": "string", "description": "Method used when sharing a directory (i.e., `ORGANIZATIONS` or `HANDSHAKE`).\n" }, "notes": { "type": "string", "description": "Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation.\n" }, "ownerAccountId": { "type": "string", "description": "Account identifier of the directory owner.\n" }, "ownerDirectoryId": { "type": "string", "description": "Identifier of the Managed Microsoft AD directory from the perspective of the directory owner.\n" }, "sharedDirectoryId": { "type": "string", "description": "Identifier of the directory that is stored in the directory consumer account that corresponds to the shared directory in the owner account.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:directoryservice/trust:Trust": { "description": "Manages a trust relationship between two Active Directory Directories.\n\nThe directories may either be both AWS Managed Microsoft AD domains or an AWS Managed Microsoft AD domain and a self-managed Active Directory Domain.\n\nThe Trust relationship must be configured on both sides of the relationship.\nIf a Trust has only been created on one side, it will be in the state `VerifyFailed`.\nOnce the second Trust is created, the first will update to the correct state.\n\n## Example Usage\n\n### Two-Way Trust\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oneDirectory = new aws.directoryservice.Directory(\"one\", {\n name: \"one.example.com\",\n type: \"MicrosoftAD\",\n});\nconst twoDirectory = new aws.directoryservice.Directory(\"two\", {\n name: \"two.example.com\",\n type: \"MicrosoftAD\",\n});\nconst one = new aws.directoryservice.Trust(\"one\", {\n directoryId: oneDirectory.id,\n remoteDomainName: twoDirectory.name,\n trustDirection: \"Two-Way\",\n trustPassword: \"Some0therPassword\",\n conditionalForwarderIpAddrs: twoDirectory.dnsIpAddresses,\n});\nconst two = new aws.directoryservice.Trust(\"two\", {\n directoryId: twoDirectory.id,\n remoteDomainName: oneDirectory.name,\n trustDirection: \"Two-Way\",\n trustPassword: \"Some0therPassword\",\n conditionalForwarderIpAddrs: oneDirectory.dnsIpAddresses,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\none_directory = aws.directoryservice.Directory(\"one\",\n name=\"one.example.com\",\n type=\"MicrosoftAD\")\ntwo_directory = aws.directoryservice.Directory(\"two\",\n name=\"two.example.com\",\n type=\"MicrosoftAD\")\none = aws.directoryservice.Trust(\"one\",\n directory_id=one_directory.id,\n remote_domain_name=two_directory.name,\n trust_direction=\"Two-Way\",\n trust_password=\"Some0therPassword\",\n conditional_forwarder_ip_addrs=two_directory.dns_ip_addresses)\ntwo = aws.directoryservice.Trust(\"two\",\n directory_id=two_directory.id,\n remote_domain_name=one_directory.name,\n trust_direction=\"Two-Way\",\n trust_password=\"Some0therPassword\",\n conditional_forwarder_ip_addrs=one_directory.dns_ip_addresses)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oneDirectory = new Aws.DirectoryService.Directory(\"one\", new()\n {\n Name = \"one.example.com\",\n Type = \"MicrosoftAD\",\n });\n\n var twoDirectory = new Aws.DirectoryService.Directory(\"two\", new()\n {\n Name = \"two.example.com\",\n Type = \"MicrosoftAD\",\n });\n\n var one = new Aws.DirectoryService.Trust(\"one\", new()\n {\n DirectoryId = oneDirectory.Id,\n RemoteDomainName = twoDirectory.Name,\n TrustDirection = \"Two-Way\",\n TrustPassword = \"Some0therPassword\",\n ConditionalForwarderIpAddrs = twoDirectory.DnsIpAddresses,\n });\n\n var two = new Aws.DirectoryService.Trust(\"two\", new()\n {\n DirectoryId = twoDirectory.Id,\n RemoteDomainName = oneDirectory.Name,\n TrustDirection = \"Two-Way\",\n TrustPassword = \"Some0therPassword\",\n ConditionalForwarderIpAddrs = oneDirectory.DnsIpAddresses,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toneDirectory, err := directoryservice.NewDirectory(ctx, \"one\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"one.example.com\"),\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttwoDirectory, err := directoryservice.NewDirectory(ctx, \"two\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"two.example.com\"),\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewTrust(ctx, \"one\", \u0026directoryservice.TrustArgs{\n\t\t\tDirectoryId: oneDirectory.ID(),\n\t\t\tRemoteDomainName: twoDirectory.Name,\n\t\t\tTrustDirection: pulumi.String(\"Two-Way\"),\n\t\t\tTrustPassword: pulumi.String(\"Some0therPassword\"),\n\t\t\tConditionalForwarderIpAddrs: twoDirectory.DnsIpAddresses,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewTrust(ctx, \"two\", \u0026directoryservice.TrustArgs{\n\t\t\tDirectoryId: twoDirectory.ID(),\n\t\t\tRemoteDomainName: oneDirectory.Name,\n\t\t\tTrustDirection: pulumi.String(\"Two-Way\"),\n\t\t\tTrustPassword: pulumi.String(\"Some0therPassword\"),\n\t\t\tConditionalForwarderIpAddrs: oneDirectory.DnsIpAddresses,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.Trust;\nimport com.pulumi.aws.directoryservice.TrustArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oneDirectory = new Directory(\"oneDirectory\", DirectoryArgs.builder()\n .name(\"one.example.com\")\n .type(\"MicrosoftAD\")\n .build());\n\n var twoDirectory = new Directory(\"twoDirectory\", DirectoryArgs.builder()\n .name(\"two.example.com\")\n .type(\"MicrosoftAD\")\n .build());\n\n var one = new Trust(\"one\", TrustArgs.builder()\n .directoryId(oneDirectory.id())\n .remoteDomainName(twoDirectory.name())\n .trustDirection(\"Two-Way\")\n .trustPassword(\"Some0therPassword\")\n .conditionalForwarderIpAddrs(twoDirectory.dnsIpAddresses())\n .build());\n\n var two = new Trust(\"two\", TrustArgs.builder()\n .directoryId(twoDirectory.id())\n .remoteDomainName(oneDirectory.name())\n .trustDirection(\"Two-Way\")\n .trustPassword(\"Some0therPassword\")\n .conditionalForwarderIpAddrs(oneDirectory.dnsIpAddresses())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n one:\n type: aws:directoryservice:Trust\n properties:\n directoryId: ${oneDirectory.id}\n remoteDomainName: ${twoDirectory.name}\n trustDirection: Two-Way\n trustPassword: Some0therPassword\n conditionalForwarderIpAddrs: ${twoDirectory.dnsIpAddresses}\n two:\n type: aws:directoryservice:Trust\n properties:\n directoryId: ${twoDirectory.id}\n remoteDomainName: ${oneDirectory.name}\n trustDirection: Two-Way\n trustPassword: Some0therPassword\n conditionalForwarderIpAddrs: ${oneDirectory.dnsIpAddresses}\n oneDirectory:\n type: aws:directoryservice:Directory\n name: one\n properties:\n name: one.example.com\n type: MicrosoftAD\n twoDirectory:\n type: aws:directoryservice:Directory\n name: two\n properties:\n name: two.example.com\n type: MicrosoftAD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### One-Way Trust\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oneDirectory = new aws.directoryservice.Directory(\"one\", {\n name: \"one.example.com\",\n type: \"MicrosoftAD\",\n});\nconst twoDirectory = new aws.directoryservice.Directory(\"two\", {\n name: \"two.example.com\",\n type: \"MicrosoftAD\",\n});\nconst one = new aws.directoryservice.Trust(\"one\", {\n directoryId: oneDirectory.id,\n remoteDomainName: twoDirectory.name,\n trustDirection: \"One-Way: Incoming\",\n trustPassword: \"Some0therPassword\",\n conditionalForwarderIpAddrs: twoDirectory.dnsIpAddresses,\n});\nconst two = new aws.directoryservice.Trust(\"two\", {\n directoryId: twoDirectory.id,\n remoteDomainName: oneDirectory.name,\n trustDirection: \"One-Way: Outgoing\",\n trustPassword: \"Some0therPassword\",\n conditionalForwarderIpAddrs: oneDirectory.dnsIpAddresses,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\none_directory = aws.directoryservice.Directory(\"one\",\n name=\"one.example.com\",\n type=\"MicrosoftAD\")\ntwo_directory = aws.directoryservice.Directory(\"two\",\n name=\"two.example.com\",\n type=\"MicrosoftAD\")\none = aws.directoryservice.Trust(\"one\",\n directory_id=one_directory.id,\n remote_domain_name=two_directory.name,\n trust_direction=\"One-Way: Incoming\",\n trust_password=\"Some0therPassword\",\n conditional_forwarder_ip_addrs=two_directory.dns_ip_addresses)\ntwo = aws.directoryservice.Trust(\"two\",\n directory_id=two_directory.id,\n remote_domain_name=one_directory.name,\n trust_direction=\"One-Way: Outgoing\",\n trust_password=\"Some0therPassword\",\n conditional_forwarder_ip_addrs=one_directory.dns_ip_addresses)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oneDirectory = new Aws.DirectoryService.Directory(\"one\", new()\n {\n Name = \"one.example.com\",\n Type = \"MicrosoftAD\",\n });\n\n var twoDirectory = new Aws.DirectoryService.Directory(\"two\", new()\n {\n Name = \"two.example.com\",\n Type = \"MicrosoftAD\",\n });\n\n var one = new Aws.DirectoryService.Trust(\"one\", new()\n {\n DirectoryId = oneDirectory.Id,\n RemoteDomainName = twoDirectory.Name,\n TrustDirection = \"One-Way: Incoming\",\n TrustPassword = \"Some0therPassword\",\n ConditionalForwarderIpAddrs = twoDirectory.DnsIpAddresses,\n });\n\n var two = new Aws.DirectoryService.Trust(\"two\", new()\n {\n DirectoryId = twoDirectory.Id,\n RemoteDomainName = oneDirectory.Name,\n TrustDirection = \"One-Way: Outgoing\",\n TrustPassword = \"Some0therPassword\",\n ConditionalForwarderIpAddrs = oneDirectory.DnsIpAddresses,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toneDirectory, err := directoryservice.NewDirectory(ctx, \"one\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"one.example.com\"),\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttwoDirectory, err := directoryservice.NewDirectory(ctx, \"two\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"two.example.com\"),\n\t\t\tType: pulumi.String(\"MicrosoftAD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewTrust(ctx, \"one\", \u0026directoryservice.TrustArgs{\n\t\t\tDirectoryId: oneDirectory.ID(),\n\t\t\tRemoteDomainName: twoDirectory.Name,\n\t\t\tTrustDirection: pulumi.String(\"One-Way: Incoming\"),\n\t\t\tTrustPassword: pulumi.String(\"Some0therPassword\"),\n\t\t\tConditionalForwarderIpAddrs: twoDirectory.DnsIpAddresses,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directoryservice.NewTrust(ctx, \"two\", \u0026directoryservice.TrustArgs{\n\t\t\tDirectoryId: twoDirectory.ID(),\n\t\t\tRemoteDomainName: oneDirectory.Name,\n\t\t\tTrustDirection: pulumi.String(\"One-Way: Outgoing\"),\n\t\t\tTrustPassword: pulumi.String(\"Some0therPassword\"),\n\t\t\tConditionalForwarderIpAddrs: oneDirectory.DnsIpAddresses,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.Trust;\nimport com.pulumi.aws.directoryservice.TrustArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oneDirectory = new Directory(\"oneDirectory\", DirectoryArgs.builder()\n .name(\"one.example.com\")\n .type(\"MicrosoftAD\")\n .build());\n\n var twoDirectory = new Directory(\"twoDirectory\", DirectoryArgs.builder()\n .name(\"two.example.com\")\n .type(\"MicrosoftAD\")\n .build());\n\n var one = new Trust(\"one\", TrustArgs.builder()\n .directoryId(oneDirectory.id())\n .remoteDomainName(twoDirectory.name())\n .trustDirection(\"One-Way: Incoming\")\n .trustPassword(\"Some0therPassword\")\n .conditionalForwarderIpAddrs(twoDirectory.dnsIpAddresses())\n .build());\n\n var two = new Trust(\"two\", TrustArgs.builder()\n .directoryId(twoDirectory.id())\n .remoteDomainName(oneDirectory.name())\n .trustDirection(\"One-Way: Outgoing\")\n .trustPassword(\"Some0therPassword\")\n .conditionalForwarderIpAddrs(oneDirectory.dnsIpAddresses())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n one:\n type: aws:directoryservice:Trust\n properties:\n directoryId: ${oneDirectory.id}\n remoteDomainName: ${twoDirectory.name}\n trustDirection: 'One-Way: Incoming'\n trustPassword: Some0therPassword\n conditionalForwarderIpAddrs: ${twoDirectory.dnsIpAddresses}\n two:\n type: aws:directoryservice:Trust\n properties:\n directoryId: ${twoDirectory.id}\n remoteDomainName: ${oneDirectory.name}\n trustDirection: 'One-Way: Outgoing'\n trustPassword: Some0therPassword\n conditionalForwarderIpAddrs: ${oneDirectory.dnsIpAddresses}\n oneDirectory:\n type: aws:directoryservice:Directory\n name: one\n properties:\n name: one.example.com\n type: MicrosoftAD\n twoDirectory:\n type: aws:directoryservice:Directory\n name: two\n properties:\n name: two.example.com\n type: MicrosoftAD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the Trust relationship using the directory ID and remote domain name, separated by a `/`. For example:\n\n```sh\n$ pulumi import aws:directoryservice/trust:Trust example d-926724cf57/directory.example.com\n```\n", "properties": { "conditionalForwarderIpAddrs": { "type": "array", "items": { "type": "string" }, "description": "Set of IPv4 addresses for the DNS server associated with the remote Directory.\nCan contain between 1 and 4 values.\n" }, "createdDateTime": { "type": "string", "description": "Date and time when the Trust was created.\n" }, "deleteAssociatedConditionalForwarder": { "type": "boolean", "description": "Whether to delete the conditional forwarder when deleting the Trust relationship.\n" }, "directoryId": { "type": "string", "description": "ID of the Directory.\n" }, "lastUpdatedDateTime": { "type": "string", "description": "Date and time when the Trust was last updated.\n" }, "remoteDomainName": { "type": "string", "description": "Fully qualified domain name of the remote Directory.\n" }, "selectiveAuth": { "type": "string", "description": "Whether to enable selective authentication.\nValid values are `Enabled` and `Disabled`.\nDefault value is `Disabled`.\n" }, "stateLastUpdatedDateTime": { "type": "string", "description": "Date and time when the Trust state in `trust_state` was last updated.\n" }, "trustDirection": { "type": "string", "description": "The direction of the Trust relationship.\nValid values are `One-Way: Outgoing`, `One-Way: Incoming`, and `Two-Way`.\n" }, "trustPassword": { "type": "string", "description": "Password for the Trust.\nDoes not need to match the passwords for either Directory.\nCan contain upper- and lower-case letters, numbers, and punctuation characters.\nMay be up to 128 characters long.\n" }, "trustState": { "type": "string", "description": "State of the Trust relationship.\nOne of `Created`, `VerifyFailed`,`Verified`, `UpdateFailed`,`Updated`,`Deleted`, or `Failed`.\n", "language": { "csharp": { "name": "Truststate" } } }, "trustStateReason": { "type": "string", "description": "Reason for the Trust state set in `trust_state`.\n" }, "trustType": { "type": "string", "description": "Type of the Trust relationship.\nValid values are `Forest` and `External`.\nDefault value is `Forest`.\n" } }, "required": [ "createdDateTime", "deleteAssociatedConditionalForwarder", "directoryId", "lastUpdatedDateTime", "remoteDomainName", "selectiveAuth", "stateLastUpdatedDateTime", "trustDirection", "trustPassword", "trustState", "trustStateReason", "trustType" ], "inputProperties": { "conditionalForwarderIpAddrs": { "type": "array", "items": { "type": "string" }, "description": "Set of IPv4 addresses for the DNS server associated with the remote Directory.\nCan contain between 1 and 4 values.\n" }, "deleteAssociatedConditionalForwarder": { "type": "boolean", "description": "Whether to delete the conditional forwarder when deleting the Trust relationship.\n" }, "directoryId": { "type": "string", "description": "ID of the Directory.\n" }, "remoteDomainName": { "type": "string", "description": "Fully qualified domain name of the remote Directory.\n" }, "selectiveAuth": { "type": "string", "description": "Whether to enable selective authentication.\nValid values are `Enabled` and `Disabled`.\nDefault value is `Disabled`.\n" }, "trustDirection": { "type": "string", "description": "The direction of the Trust relationship.\nValid values are `One-Way: Outgoing`, `One-Way: Incoming`, and `Two-Way`.\n" }, "trustPassword": { "type": "string", "description": "Password for the Trust.\nDoes not need to match the passwords for either Directory.\nCan contain upper- and lower-case letters, numbers, and punctuation characters.\nMay be up to 128 characters long.\n" }, "trustType": { "type": "string", "description": "Type of the Trust relationship.\nValid values are `Forest` and `External`.\nDefault value is `Forest`.\n" } }, "requiredInputs": [ "directoryId", "remoteDomainName", "trustDirection", "trustPassword" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trust resources.\n", "properties": { "conditionalForwarderIpAddrs": { "type": "array", "items": { "type": "string" }, "description": "Set of IPv4 addresses for the DNS server associated with the remote Directory.\nCan contain between 1 and 4 values.\n" }, "createdDateTime": { "type": "string", "description": "Date and time when the Trust was created.\n" }, "deleteAssociatedConditionalForwarder": { "type": "boolean", "description": "Whether to delete the conditional forwarder when deleting the Trust relationship.\n" }, "directoryId": { "type": "string", "description": "ID of the Directory.\n" }, "lastUpdatedDateTime": { "type": "string", "description": "Date and time when the Trust was last updated.\n" }, "remoteDomainName": { "type": "string", "description": "Fully qualified domain name of the remote Directory.\n" }, "selectiveAuth": { "type": "string", "description": "Whether to enable selective authentication.\nValid values are `Enabled` and `Disabled`.\nDefault value is `Disabled`.\n" }, "stateLastUpdatedDateTime": { "type": "string", "description": "Date and time when the Trust state in `trust_state` was last updated.\n" }, "trustDirection": { "type": "string", "description": "The direction of the Trust relationship.\nValid values are `One-Way: Outgoing`, `One-Way: Incoming`, and `Two-Way`.\n" }, "trustPassword": { "type": "string", "description": "Password for the Trust.\nDoes not need to match the passwords for either Directory.\nCan contain upper- and lower-case letters, numbers, and punctuation characters.\nMay be up to 128 characters long.\n" }, "trustState": { "type": "string", "description": "State of the Trust relationship.\nOne of `Created`, `VerifyFailed`,`Verified`, `UpdateFailed`,`Updated`,`Deleted`, or `Failed`.\n", "language": { "csharp": { "name": "Truststate" } } }, "trustStateReason": { "type": "string", "description": "Reason for the Trust state set in `trust_state`.\n" }, "trustType": { "type": "string", "description": "Type of the Trust relationship.\nValid values are `Forest` and `External`.\nDefault value is `Forest`.\n" } }, "type": "object" } }, "aws:dlm/lifecyclePolicy:LifecyclePolicy": { "description": "Provides a [Data Lifecycle Manager (DLM) lifecycle policy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html) for managing snapshots.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"dlm.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst dlmLifecycleRole = new aws.iam.Role(\"dlm_lifecycle_role\", {\n name: \"dlm-lifecycle-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst dlmLifecycle = aws.iam.getPolicyDocument({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"ec2:CreateSnapshot\",\n \"ec2:CreateSnapshots\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeInstances\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\",\n ],\n resources: [\"*\"],\n },\n {\n effect: \"Allow\",\n actions: [\"ec2:CreateTags\"],\n resources: [\"arn:aws:ec2:*::snapshot/*\"],\n },\n ],\n});\nconst dlmLifecycleRolePolicy = new aws.iam.RolePolicy(\"dlm_lifecycle\", {\n name: \"dlm-lifecycle-policy\",\n role: dlmLifecycleRole.id,\n policy: dlmLifecycle.then(dlmLifecycle =\u003e dlmLifecycle.json),\n});\nconst example = new aws.dlm.LifecyclePolicy(\"example\", {\n description: \"example DLM lifecycle policy\",\n executionRoleArn: dlmLifecycleRole.arn,\n state: \"ENABLED\",\n policyDetails: {\n resourceTypes: \"VOLUME\",\n schedules: [{\n name: \"2 weeks of daily snapshots\",\n createRule: {\n interval: 24,\n intervalUnit: \"HOURS\",\n times: \"23:45\",\n },\n retainRule: {\n count: 14,\n },\n tagsToAdd: {\n SnapshotCreator: \"DLM\",\n },\n copyTags: false,\n }],\n targetTags: {\n Snapshot: \"true\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"dlm.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ndlm_lifecycle_role = aws.iam.Role(\"dlm_lifecycle_role\",\n name=\"dlm-lifecycle-role\",\n assume_role_policy=assume_role.json)\ndlm_lifecycle = aws.iam.get_policy_document(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"ec2:CreateSnapshot\",\n \"ec2:CreateSnapshots\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeInstances\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\",\n ],\n \"resources\": [\"*\"],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:CreateTags\"],\n \"resources\": [\"arn:aws:ec2:*::snapshot/*\"],\n },\n])\ndlm_lifecycle_role_policy = aws.iam.RolePolicy(\"dlm_lifecycle\",\n name=\"dlm-lifecycle-policy\",\n role=dlm_lifecycle_role.id,\n policy=dlm_lifecycle.json)\nexample = aws.dlm.LifecyclePolicy(\"example\",\n description=\"example DLM lifecycle policy\",\n execution_role_arn=dlm_lifecycle_role.arn,\n state=\"ENABLED\",\n policy_details={\n \"resource_types\": \"VOLUME\",\n \"schedules\": [{\n \"name\": \"2 weeks of daily snapshots\",\n \"create_rule\": {\n \"interval\": 24,\n \"interval_unit\": \"HOURS\",\n \"times\": \"23:45\",\n },\n \"retain_rule\": {\n \"count\": 14,\n },\n \"tags_to_add\": {\n \"snapshot_creator\": \"DLM\",\n },\n \"copy_tags\": False,\n }],\n \"target_tags\": {\n \"snapshot\": \"true\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"dlm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var dlmLifecycleRole = new Aws.Iam.Role(\"dlm_lifecycle_role\", new()\n {\n Name = \"dlm-lifecycle-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var dlmLifecycle = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:CreateSnapshot\",\n \"ec2:CreateSnapshots\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeInstances\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:CreateTags\",\n },\n Resources = new[]\n {\n \"arn:aws:ec2:*::snapshot/*\",\n },\n },\n },\n });\n\n var dlmLifecycleRolePolicy = new Aws.Iam.RolePolicy(\"dlm_lifecycle\", new()\n {\n Name = \"dlm-lifecycle-policy\",\n Role = dlmLifecycleRole.Id,\n Policy = dlmLifecycle.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = new Aws.Dlm.LifecyclePolicy(\"example\", new()\n {\n Description = \"example DLM lifecycle policy\",\n ExecutionRoleArn = dlmLifecycleRole.Arn,\n State = \"ENABLED\",\n PolicyDetails = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsArgs\n {\n ResourceTypes = \"VOLUME\",\n Schedules = new[]\n {\n new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleArgs\n {\n Name = \"2 weeks of daily snapshots\",\n CreateRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs\n {\n Interval = 24,\n IntervalUnit = \"HOURS\",\n Times = \"23:45\",\n },\n RetainRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs\n {\n Count = 14,\n },\n TagsToAdd = \n {\n { \"SnapshotCreator\", \"DLM\" },\n },\n CopyTags = false,\n },\n },\n TargetTags = \n {\n { \"Snapshot\", \"true\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dlm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"dlm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdlmLifecycleRole, err := iam.NewRole(ctx, \"dlm_lifecycle_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"dlm-lifecycle-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdlmLifecycle, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:CreateSnapshot\",\n\t\t\t\t\t\t\"ec2:CreateSnapshots\",\n\t\t\t\t\t\t\"ec2:DeleteSnapshot\",\n\t\t\t\t\t\t\"ec2:DescribeInstances\",\n\t\t\t\t\t\t\"ec2:DescribeVolumes\",\n\t\t\t\t\t\t\"ec2:DescribeSnapshots\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:CreateTags\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:ec2:*::snapshot/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"dlm_lifecycle\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"dlm-lifecycle-policy\"),\n\t\t\tRole: dlmLifecycleRole.ID(),\n\t\t\tPolicy: pulumi.String(dlmLifecycle.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dlm.NewLifecyclePolicy(ctx, \"example\", \u0026dlm.LifecyclePolicyArgs{\n\t\t\tDescription: pulumi.String(\"example DLM lifecycle policy\"),\n\t\t\tExecutionRoleArn: dlmLifecycleRole.Arn,\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t\tPolicyDetails: \u0026dlm.LifecyclePolicyPolicyDetailsArgs{\n\t\t\t\tResourceTypes: pulumi.StringArray(\"VOLUME\"),\n\t\t\t\tSchedules: dlm.LifecyclePolicyPolicyDetailsScheduleArray{\n\t\t\t\t\t\u0026dlm.LifecyclePolicyPolicyDetailsScheduleArgs{\n\t\t\t\t\t\tName: pulumi.String(\"2 weeks of daily snapshots\"),\n\t\t\t\t\t\tCreateRule: \u0026dlm.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs{\n\t\t\t\t\t\t\tInterval: pulumi.Int(24),\n\t\t\t\t\t\t\tIntervalUnit: pulumi.String(\"HOURS\"),\n\t\t\t\t\t\t\tTimes: pulumi.String(\"23:45\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRetainRule: \u0026dlm.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs{\n\t\t\t\t\t\t\tCount: pulumi.Int(14),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTagsToAdd: pulumi.StringMap{\n\t\t\t\t\t\t\t\"SnapshotCreator\": pulumi.String(\"DLM\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tCopyTags: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTargetTags: pulumi.StringMap{\n\t\t\t\t\t\"Snapshot\": pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.dlm.LifecyclePolicy;\nimport com.pulumi.aws.dlm.LifecyclePolicyArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"dlm.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var dlmLifecycleRole = new Role(\"dlmLifecycleRole\", RoleArgs.builder()\n .name(\"dlm-lifecycle-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var dlmLifecycle = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"ec2:CreateSnapshot\",\n \"ec2:CreateSnapshots\",\n \"ec2:DeleteSnapshot\",\n \"ec2:DescribeInstances\",\n \"ec2:DescribeVolumes\",\n \"ec2:DescribeSnapshots\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:CreateTags\")\n .resources(\"arn:aws:ec2:*::snapshot/*\")\n .build())\n .build());\n\n var dlmLifecycleRolePolicy = new RolePolicy(\"dlmLifecycleRolePolicy\", RolePolicyArgs.builder()\n .name(\"dlm-lifecycle-policy\")\n .role(dlmLifecycleRole.id())\n .policy(dlmLifecycle.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example = new LifecyclePolicy(\"example\", LifecyclePolicyArgs.builder()\n .description(\"example DLM lifecycle policy\")\n .executionRoleArn(dlmLifecycleRole.arn())\n .state(\"ENABLED\")\n .policyDetails(LifecyclePolicyPolicyDetailsArgs.builder()\n .resourceTypes(\"VOLUME\")\n .schedules(LifecyclePolicyPolicyDetailsScheduleArgs.builder()\n .name(\"2 weeks of daily snapshots\")\n .createRule(LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs.builder()\n .interval(24)\n .intervalUnit(\"HOURS\")\n .times(\"23:45\")\n .build())\n .retainRule(LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs.builder()\n .count(14)\n .build())\n .tagsToAdd(Map.of(\"SnapshotCreator\", \"DLM\"))\n .copyTags(false)\n .build())\n .targetTags(Map.of(\"Snapshot\", \"true\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dlmLifecycleRole:\n type: aws:iam:Role\n name: dlm_lifecycle_role\n properties:\n name: dlm-lifecycle-role\n assumeRolePolicy: ${assumeRole.json}\n dlmLifecycleRolePolicy:\n type: aws:iam:RolePolicy\n name: dlm_lifecycle\n properties:\n name: dlm-lifecycle-policy\n role: ${dlmLifecycleRole.id}\n policy: ${dlmLifecycle.json}\n example:\n type: aws:dlm:LifecyclePolicy\n properties:\n description: example DLM lifecycle policy\n executionRoleArn: ${dlmLifecycleRole.arn}\n state: ENABLED\n policyDetails:\n resourceTypes: VOLUME\n schedules:\n - name: 2 weeks of daily snapshots\n createRule:\n interval: 24\n intervalUnit: HOURS\n times: 23:45\n retainRule:\n count: 14\n tagsToAdd:\n SnapshotCreator: DLM\n copyTags: false\n targetTags:\n Snapshot: 'true'\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - dlm.amazonaws.com\n actions:\n - sts:AssumeRole\n dlmLifecycle:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:CreateSnapshot\n - ec2:CreateSnapshots\n - ec2:DeleteSnapshot\n - ec2:DescribeInstances\n - ec2:DescribeVolumes\n - ec2:DescribeSnapshots\n resources:\n - '*'\n - effect: Allow\n actions:\n - ec2:CreateTags\n resources:\n - arn:aws:ec2:*::snapshot/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Cross-Region Snapshot Copy Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...other configuration...\nconst current = aws.getCallerIdentity({});\nconst key = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"Enable IAM User Permissions\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current.accountId}:root`],\n }],\n actions: [\"kms:*\"],\n resources: [\"*\"],\n }],\n}));\nconst dlmCrossRegionCopyCmk = new aws.kms.Key(\"dlm_cross_region_copy_cmk\", {\n description: \"Example Alternate Region KMS Key\",\n policy: key.then(key =\u003e key.json),\n});\nconst example = new aws.dlm.LifecyclePolicy(\"example\", {\n description: \"example DLM lifecycle policy\",\n executionRoleArn: dlmLifecycleRole.arn,\n state: \"ENABLED\",\n policyDetails: {\n resourceTypes: \"VOLUME\",\n schedules: [{\n name: \"2 weeks of daily snapshots\",\n createRule: {\n interval: 24,\n intervalUnit: \"HOURS\",\n times: \"23:45\",\n },\n retainRule: {\n count: 14,\n },\n tagsToAdd: {\n SnapshotCreator: \"DLM\",\n },\n copyTags: false,\n crossRegionCopyRules: [{\n target: \"us-west-2\",\n encrypted: true,\n cmkArn: dlmCrossRegionCopyCmk.arn,\n copyTags: true,\n retainRule: {\n interval: 30,\n intervalUnit: \"DAYS\",\n },\n }],\n }],\n targetTags: {\n Snapshot: \"true\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...other configuration...\ncurrent = aws.get_caller_identity()\nkey = aws.iam.get_policy_document(statements=[{\n \"sid\": \"Enable IAM User Permissions\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [f\"arn:aws:iam::{current.account_id}:root\"],\n }],\n \"actions\": [\"kms:*\"],\n \"resources\": [\"*\"],\n}])\ndlm_cross_region_copy_cmk = aws.kms.Key(\"dlm_cross_region_copy_cmk\",\n description=\"Example Alternate Region KMS Key\",\n policy=key.json)\nexample = aws.dlm.LifecyclePolicy(\"example\",\n description=\"example DLM lifecycle policy\",\n execution_role_arn=dlm_lifecycle_role[\"arn\"],\n state=\"ENABLED\",\n policy_details={\n \"resource_types\": \"VOLUME\",\n \"schedules\": [{\n \"name\": \"2 weeks of daily snapshots\",\n \"create_rule\": {\n \"interval\": 24,\n \"interval_unit\": \"HOURS\",\n \"times\": \"23:45\",\n },\n \"retain_rule\": {\n \"count\": 14,\n },\n \"tags_to_add\": {\n \"snapshot_creator\": \"DLM\",\n },\n \"copy_tags\": False,\n \"cross_region_copy_rules\": [{\n \"target\": \"us-west-2\",\n \"encrypted\": True,\n \"cmk_arn\": dlm_cross_region_copy_cmk.arn,\n \"copy_tags\": True,\n \"retain_rule\": {\n \"interval\": 30,\n \"interval_unit\": \"DAYS\",\n },\n }],\n }],\n \"target_tags\": {\n \"snapshot\": \"true\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...other configuration...\n var current = Aws.GetCallerIdentity.Invoke();\n\n var key = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Enable IAM User Permissions\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var dlmCrossRegionCopyCmk = new Aws.Kms.Key(\"dlm_cross_region_copy_cmk\", new()\n {\n Description = \"Example Alternate Region KMS Key\",\n Policy = key.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = new Aws.Dlm.LifecyclePolicy(\"example\", new()\n {\n Description = \"example DLM lifecycle policy\",\n ExecutionRoleArn = dlmLifecycleRole.Arn,\n State = \"ENABLED\",\n PolicyDetails = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsArgs\n {\n ResourceTypes = \"VOLUME\",\n Schedules = new[]\n {\n new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleArgs\n {\n Name = \"2 weeks of daily snapshots\",\n CreateRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs\n {\n Interval = 24,\n IntervalUnit = \"HOURS\",\n Times = \"23:45\",\n },\n RetainRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs\n {\n Count = 14,\n },\n TagsToAdd = \n {\n { \"SnapshotCreator\", \"DLM\" },\n },\n CopyTags = false,\n CrossRegionCopyRules = new[]\n {\n new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleArgs\n {\n Target = \"us-west-2\",\n Encrypted = true,\n CmkArn = dlmCrossRegionCopyCmk.Arn,\n CopyTags = true,\n RetainRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRuleArgs\n {\n Interval = 30,\n IntervalUnit = \"DAYS\",\n },\n },\n },\n },\n },\n TargetTags = \n {\n { \"Snapshot\", \"true\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dlm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...other configuration...\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tkey, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Enable IAM User Permissions\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdlmCrossRegionCopyCmk, err := kms.NewKey(ctx, \"dlm_cross_region_copy_cmk\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example Alternate Region KMS Key\"),\n\t\t\tPolicy: pulumi.String(key.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dlm.NewLifecyclePolicy(ctx, \"example\", \u0026dlm.LifecyclePolicyArgs{\n\t\t\tDescription: pulumi.String(\"example DLM lifecycle policy\"),\n\t\t\tExecutionRoleArn: pulumi.Any(dlmLifecycleRole.Arn),\n\t\t\tState: pulumi.String(\"ENABLED\"),\n\t\t\tPolicyDetails: \u0026dlm.LifecyclePolicyPolicyDetailsArgs{\n\t\t\t\tResourceTypes: pulumi.StringArray(\"VOLUME\"),\n\t\t\t\tSchedules: dlm.LifecyclePolicyPolicyDetailsScheduleArray{\n\t\t\t\t\t\u0026dlm.LifecyclePolicyPolicyDetailsScheduleArgs{\n\t\t\t\t\t\tName: pulumi.String(\"2 weeks of daily snapshots\"),\n\t\t\t\t\t\tCreateRule: \u0026dlm.LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs{\n\t\t\t\t\t\t\tInterval: pulumi.Int(24),\n\t\t\t\t\t\t\tIntervalUnit: pulumi.String(\"HOURS\"),\n\t\t\t\t\t\t\tTimes: pulumi.String(\"23:45\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRetainRule: \u0026dlm.LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs{\n\t\t\t\t\t\t\tCount: pulumi.Int(14),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTagsToAdd: pulumi.StringMap{\n\t\t\t\t\t\t\t\"SnapshotCreator\": pulumi.String(\"DLM\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tCopyTags: pulumi.Bool(false),\n\t\t\t\t\t\tCrossRegionCopyRules: dlm.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleArray{\n\t\t\t\t\t\t\t\u0026dlm.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleArgs{\n\t\t\t\t\t\t\t\tTarget: pulumi.String(\"us-west-2\"),\n\t\t\t\t\t\t\t\tEncrypted: pulumi.Bool(true),\n\t\t\t\t\t\t\t\tCmkArn: dlmCrossRegionCopyCmk.Arn,\n\t\t\t\t\t\t\t\tCopyTags: pulumi.Bool(true),\n\t\t\t\t\t\t\t\tRetainRule: \u0026dlm.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRuleArgs{\n\t\t\t\t\t\t\t\t\tInterval: pulumi.Int(30),\n\t\t\t\t\t\t\t\t\tIntervalUnit: pulumi.String(\"DAYS\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTargetTags: pulumi.StringMap{\n\t\t\t\t\t\"Snapshot\": pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.dlm.LifecyclePolicy;\nimport com.pulumi.aws.dlm.LifecyclePolicyArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...other configuration...\n final var current = AwsFunctions.getCallerIdentity();\n\n final var key = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"Enable IAM User Permissions\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .actions(\"kms:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var dlmCrossRegionCopyCmk = new Key(\"dlmCrossRegionCopyCmk\", KeyArgs.builder()\n .description(\"Example Alternate Region KMS Key\")\n .policy(key.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example = new LifecyclePolicy(\"example\", LifecyclePolicyArgs.builder()\n .description(\"example DLM lifecycle policy\")\n .executionRoleArn(dlmLifecycleRole.arn())\n .state(\"ENABLED\")\n .policyDetails(LifecyclePolicyPolicyDetailsArgs.builder()\n .resourceTypes(\"VOLUME\")\n .schedules(LifecyclePolicyPolicyDetailsScheduleArgs.builder()\n .name(\"2 weeks of daily snapshots\")\n .createRule(LifecyclePolicyPolicyDetailsScheduleCreateRuleArgs.builder()\n .interval(24)\n .intervalUnit(\"HOURS\")\n .times(\"23:45\")\n .build())\n .retainRule(LifecyclePolicyPolicyDetailsScheduleRetainRuleArgs.builder()\n .count(14)\n .build())\n .tagsToAdd(Map.of(\"SnapshotCreator\", \"DLM\"))\n .copyTags(false)\n .crossRegionCopyRules(LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleArgs.builder()\n .target(\"us-west-2\")\n .encrypted(true)\n .cmkArn(dlmCrossRegionCopyCmk.arn())\n .copyTags(true)\n .retainRule(LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRuleArgs.builder()\n .interval(30)\n .intervalUnit(\"DAYS\")\n .build())\n .build())\n .build())\n .targetTags(Map.of(\"Snapshot\", \"true\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dlmCrossRegionCopyCmk:\n type: aws:kms:Key\n name: dlm_cross_region_copy_cmk\n properties:\n description: Example Alternate Region KMS Key\n policy: ${key.json}\n example:\n type: aws:dlm:LifecyclePolicy\n properties:\n description: example DLM lifecycle policy\n executionRoleArn: ${dlmLifecycleRole.arn}\n state: ENABLED\n policyDetails:\n resourceTypes: VOLUME\n schedules:\n - name: 2 weeks of daily snapshots\n createRule:\n interval: 24\n intervalUnit: HOURS\n times: 23:45\n retainRule:\n count: 14\n tagsToAdd:\n SnapshotCreator: DLM\n copyTags: false\n crossRegionCopyRules:\n - target: us-west-2\n encrypted: true\n cmkArn: ${dlmCrossRegionCopyCmk.arn}\n copyTags: true\n retainRule:\n interval: 30\n intervalUnit: DAYS\n targetTags:\n Snapshot: 'true'\nvariables:\n # ...other configuration...\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n key:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Enable IAM User Permissions\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n actions:\n - kms:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Event Based Policy Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst exampleLifecyclePolicy = new aws.dlm.LifecyclePolicy(\"example\", {\n description: \"tf-acc-basic\",\n executionRoleArn: exampleAwsIamRole.arn,\n policyDetails: {\n policyType: \"EVENT_BASED_POLICY\",\n action: {\n name: \"tf-acc-basic\",\n crossRegionCopies: [{\n encryptionConfiguration: {},\n retainRule: {\n interval: 15,\n intervalUnit: \"MONTHS\",\n },\n target: \"us-east-1\",\n }],\n },\n eventSource: {\n type: \"MANAGED_CWE\",\n parameters: {\n descriptionRegex: \"^.*Created for policy: policy-1234567890abcdef0.*$\",\n eventType: \"shareSnapshot\",\n snapshotOwners: [current.then(current =\u003e current.accountId)],\n },\n },\n },\n});\nconst example = aws.iam.getPolicy({\n name: \"AWSDataLifecycleManagerServiceRole\",\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleAwsIamRole.id,\n policyArn: example.then(example =\u003e example.arn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample_lifecycle_policy = aws.dlm.LifecyclePolicy(\"example\",\n description=\"tf-acc-basic\",\n execution_role_arn=example_aws_iam_role[\"arn\"],\n policy_details={\n \"policy_type\": \"EVENT_BASED_POLICY\",\n \"action\": {\n \"name\": \"tf-acc-basic\",\n \"cross_region_copies\": [{\n \"encryption_configuration\": {},\n \"retain_rule\": {\n \"interval\": 15,\n \"interval_unit\": \"MONTHS\",\n },\n \"target\": \"us-east-1\",\n }],\n },\n \"event_source\": {\n \"type\": \"MANAGED_CWE\",\n \"parameters\": {\n \"description_regex\": \"^.*Created for policy: policy-1234567890abcdef0.*$\",\n \"event_type\": \"shareSnapshot\",\n \"snapshot_owners\": [current.account_id],\n },\n },\n })\nexample = aws.iam.get_policy(name=\"AWSDataLifecycleManagerServiceRole\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_aws_iam_role[\"id\"],\n policy_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var exampleLifecyclePolicy = new Aws.Dlm.LifecyclePolicy(\"example\", new()\n {\n Description = \"tf-acc-basic\",\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n PolicyDetails = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsArgs\n {\n PolicyType = \"EVENT_BASED_POLICY\",\n Action = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsActionArgs\n {\n Name = \"tf-acc-basic\",\n CrossRegionCopies = new[]\n {\n new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsActionCrossRegionCopyArgs\n {\n EncryptionConfiguration = null,\n RetainRule = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRuleArgs\n {\n Interval = 15,\n IntervalUnit = \"MONTHS\",\n },\n Target = \"us-east-1\",\n },\n },\n },\n EventSource = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsEventSourceArgs\n {\n Type = \"MANAGED_CWE\",\n Parameters = new Aws.Dlm.Inputs.LifecyclePolicyPolicyDetailsEventSourceParametersArgs\n {\n DescriptionRegex = \"^.*Created for policy: policy-1234567890abcdef0.*$\",\n EventType = \"shareSnapshot\",\n SnapshotOwners = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n },\n });\n\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Name = \"AWSDataLifecycleManagerServiceRole\",\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleAwsIamRole.Id,\n PolicyArn = example.Apply(getPolicyResult =\u003e getPolicyResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dlm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dlm.NewLifecyclePolicy(ctx, \"example\", \u0026dlm.LifecyclePolicyArgs{\n\t\t\tDescription: pulumi.String(\"tf-acc-basic\"),\n\t\t\tExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tPolicyDetails: \u0026dlm.LifecyclePolicyPolicyDetailsArgs{\n\t\t\t\tPolicyType: pulumi.String(\"EVENT_BASED_POLICY\"),\n\t\t\t\tAction: \u0026dlm.LifecyclePolicyPolicyDetailsActionArgs{\n\t\t\t\t\tName: pulumi.String(\"tf-acc-basic\"),\n\t\t\t\t\tCrossRegionCopies: dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopyArray{\n\t\t\t\t\t\t\u0026dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopyArgs{\n\t\t\t\t\t\t\tEncryptionConfiguration: nil,\n\t\t\t\t\t\t\tRetainRule: \u0026dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRuleArgs{\n\t\t\t\t\t\t\t\tInterval: pulumi.Int(15),\n\t\t\t\t\t\t\t\tIntervalUnit: pulumi.String(\"MONTHS\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tTarget: pulumi.String(\"us-east-1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tEventSource: \u0026dlm.LifecyclePolicyPolicyDetailsEventSourceArgs{\n\t\t\t\t\tType: pulumi.String(\"MANAGED_CWE\"),\n\t\t\t\t\tParameters: \u0026dlm.LifecyclePolicyPolicyDetailsEventSourceParametersArgs{\n\t\t\t\t\t\tDescriptionRegex: pulumi.String(\"^.*Created for policy: policy-1234567890abcdef0.*$\"),\n\t\t\t\t\t\tEventType: pulumi.String(\"shareSnapshot\"),\n\t\t\t\t\t\tSnapshotOwners: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(current.AccountId),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"AWSDataLifecycleManagerServiceRole\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Id),\n\t\t\tPolicyArn: pulumi.String(example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.dlm.LifecyclePolicy;\nimport com.pulumi.aws.dlm.LifecyclePolicyArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsActionArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsEventSourceArgs;\nimport com.pulumi.aws.dlm.inputs.LifecyclePolicyPolicyDetailsEventSourceParametersArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var exampleLifecyclePolicy = new LifecyclePolicy(\"exampleLifecyclePolicy\", LifecyclePolicyArgs.builder()\n .description(\"tf-acc-basic\")\n .executionRoleArn(exampleAwsIamRole.arn())\n .policyDetails(LifecyclePolicyPolicyDetailsArgs.builder()\n .policyType(\"EVENT_BASED_POLICY\")\n .action(LifecyclePolicyPolicyDetailsActionArgs.builder()\n .name(\"tf-acc-basic\")\n .crossRegionCopies(LifecyclePolicyPolicyDetailsActionCrossRegionCopyArgs.builder()\n .encryptionConfiguration()\n .retainRule(LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRuleArgs.builder()\n .interval(15)\n .intervalUnit(\"MONTHS\")\n .build())\n .target(\"us-east-1\")\n .build())\n .build())\n .eventSource(LifecyclePolicyPolicyDetailsEventSourceArgs.builder()\n .type(\"MANAGED_CWE\")\n .parameters(LifecyclePolicyPolicyDetailsEventSourceParametersArgs.builder()\n .descriptionRegex(\"^.*Created for policy: policy-1234567890abcdef0.*$\")\n .eventType(\"shareSnapshot\")\n .snapshotOwners(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build())\n .build())\n .build())\n .build());\n\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .name(\"AWSDataLifecycleManagerServiceRole\")\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(exampleAwsIamRole.id())\n .policyArn(example.applyValue(getPolicyResult -\u003e getPolicyResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLifecyclePolicy:\n type: aws:dlm:LifecyclePolicy\n name: example\n properties:\n description: tf-acc-basic\n executionRoleArn: ${exampleAwsIamRole.arn}\n policyDetails:\n policyType: EVENT_BASED_POLICY\n action:\n name: tf-acc-basic\n crossRegionCopies:\n - encryptionConfiguration: {}\n retainRule:\n interval: 15\n intervalUnit: MONTHS\n target: us-east-1\n eventSource:\n type: MANAGED_CWE\n parameters:\n descriptionRegex: '^.*Created for policy: policy-1234567890abcdef0.*$'\n eventType: shareSnapshot\n snapshotOwners:\n - ${current.accountId}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleAwsIamRole.id}\n policyArn: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n name: AWSDataLifecycleManagerServiceRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DLM lifecycle policies using their policy ID. For example:\n\n```sh\n$ pulumi import aws:dlm/lifecyclePolicy:LifecyclePolicy example policy-abcdef12345678901\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DLM Lifecycle Policy.\n" }, "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "executionRoleArn", "policyDetails", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "description", "executionRoleArn", "policyDetails" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecyclePolicy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DLM Lifecycle Policy.\n" }, "description": { "type": "string", "description": "A description for the DLM lifecycle policy.\n" }, "executionRoleArn": { "type": "string", "description": "The ARN of an IAM role that is able to be assumed by the DLM service.\n" }, "policyDetails": { "$ref": "#/types/aws:dlm/LifecyclePolicyPolicyDetails:LifecyclePolicyPolicyDetails", "description": "See the `policy_details` configuration block. Max of 1.\n" }, "state": { "type": "string", "description": "Whether the lifecycle policy should be enabled or disabled. `ENABLED` or `DISABLED` are valid values. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dms/certificate:Certificate": { "description": "Provides a DMS (Data Migration Service) certificate resource. DMS certificates can be created, deleted, and imported.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new certificate\nconst test = new aws.dms.Certificate(\"test\", {\n certificateId: \"test-dms-certificate-tf\",\n certificatePem: \"...\",\n tags: {\n Name: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new certificate\ntest = aws.dms.Certificate(\"test\",\n certificate_id=\"test-dms-certificate-tf\",\n certificate_pem=\"...\",\n tags={\n \"Name\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new certificate\n var test = new Aws.Dms.Certificate(\"test\", new()\n {\n CertificateId = \"test-dms-certificate-tf\",\n CertificatePem = \"...\",\n Tags = \n {\n { \"Name\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new certificate\n\t\t_, err := dms.NewCertificate(ctx, \"test\", \u0026dms.CertificateArgs{\n\t\t\tCertificateId: pulumi.String(\"test-dms-certificate-tf\"),\n\t\t\tCertificatePem: pulumi.String(\"...\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.Certificate;\nimport com.pulumi.aws.dms.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new certificate\n var test = new Certificate(\"test\", CertificateArgs.builder()\n .certificateId(\"test-dms-certificate-tf\")\n .certificatePem(\"...\")\n .tags(Map.of(\"Name\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new certificate\n test:\n type: aws:dms:Certificate\n properties:\n certificateId: test-dms-certificate-tf\n certificatePem: '...'\n tags:\n Name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import certificates using the `certificate_id`. For example:\n\n```sh\n$ pulumi import aws:dms/certificate:Certificate test test-dms-certificate-tf\n```\n", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "certificateId": { "type": "string", "description": "The certificate identifier.\n\n- Must contain from 1 to 255 alphanumeric characters and hyphens.\n" }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL, provided as a base64-encoded String. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "certificateArn", "certificateId", "tagsAll" ], "inputProperties": { "certificateId": { "type": "string", "description": "The certificate identifier.\n\n- Must contain from 1 to 255 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true, "willReplaceOnChanges": true }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL, provided as a base64-encoded String. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "certificateId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the certificate.\n" }, "certificateId": { "type": "string", "description": "The certificate identifier.\n\n- Must contain from 1 to 255 alphanumeric characters and hyphens.\n", "willReplaceOnChanges": true }, "certificatePem": { "type": "string", "description": "The contents of the .pem X.509 certificate file for the certificate. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true, "willReplaceOnChanges": true }, "certificateWallet": { "type": "string", "description": "The contents of the Oracle Wallet certificate for use with SSL, provided as a base64-encoded String. Either `certificate_pem` or `certificate_wallet` must be set.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dms/endpoint:Endpoint": { "description": "Provides a DMS (Data Migration Service) endpoint resource. DMS endpoints can be created, updated, deleted, and imported.\n\n\u003e **Note:** All arguments including the password will be stored in the raw state as plain-text. \u003e **Note:** The `s3_settings` argument is deprecated, may not be maintained, and will be removed in a future version. Use the `aws.dms.S3Endpoint` resource instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new endpoint\nconst test = new aws.dms.Endpoint(\"test\", {\n certificateArn: \"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n databaseName: \"test\",\n endpointId: \"test-dms-endpoint-tf\",\n endpointType: \"source\",\n engineName: \"aurora\",\n extraConnectionAttributes: \"\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n password: \"test\",\n port: 3306,\n serverName: \"test\",\n sslMode: \"none\",\n tags: {\n Name: \"test\",\n },\n username: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new endpoint\ntest = aws.dms.Endpoint(\"test\",\n certificate_arn=\"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n database_name=\"test\",\n endpoint_id=\"test-dms-endpoint-tf\",\n endpoint_type=\"source\",\n engine_name=\"aurora\",\n extra_connection_attributes=\"\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n password=\"test\",\n port=3306,\n server_name=\"test\",\n ssl_mode=\"none\",\n tags={\n \"Name\": \"test\",\n },\n username=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new endpoint\n var test = new Aws.Dms.Endpoint(\"test\", new()\n {\n CertificateArn = \"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\",\n DatabaseName = \"test\",\n EndpointId = \"test-dms-endpoint-tf\",\n EndpointType = \"source\",\n EngineName = \"aurora\",\n ExtraConnectionAttributes = \"\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n Password = \"test\",\n Port = 3306,\n ServerName = \"test\",\n SslMode = \"none\",\n Tags = \n {\n { \"Name\", \"test\" },\n },\n Username = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new endpoint\n\t\t_, err := dms.NewEndpoint(ctx, \"test\", \u0026dms.EndpointArgs{\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tEndpointId: pulumi.String(\"test-dms-endpoint-tf\"),\n\t\t\tEndpointType: pulumi.String(\"source\"),\n\t\t\tEngineName: pulumi.String(\"aurora\"),\n\t\t\tExtraConnectionAttributes: pulumi.String(\"\"),\n\t\t\tKmsKeyArn: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t\tPassword: pulumi.String(\"test\"),\n\t\t\tPort: pulumi.Int(3306),\n\t\t\tServerName: pulumi.String(\"test\"),\n\t\t\tSslMode: pulumi.String(\"none\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tUsername: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.Endpoint;\nimport com.pulumi.aws.dms.EndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new endpoint\n var test = new Endpoint(\"test\", EndpointArgs.builder()\n .certificateArn(\"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\")\n .databaseName(\"test\")\n .endpointId(\"test-dms-endpoint-tf\")\n .endpointType(\"source\")\n .engineName(\"aurora\")\n .extraConnectionAttributes(\"\")\n .kmsKeyArn(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n .password(\"test\")\n .port(3306)\n .serverName(\"test\")\n .sslMode(\"none\")\n .tags(Map.of(\"Name\", \"test\"))\n .username(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new endpoint\n test:\n type: aws:dms:Endpoint\n properties:\n certificateArn: arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012\n databaseName: test\n endpointId: test-dms-endpoint-tf\n endpointType: source\n engineName: aurora\n extraConnectionAttributes:\n kmsKeyArn: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\n password: test\n port: 3306\n serverName: test\n sslMode: none\n tags:\n Name: test\n username: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoints using the `endpoint_id`. For example:\n\n```sh\n$ pulumi import aws:dms/endpoint:Endpoint test test-dms-endpoint-tf\n```\n", "properties": { "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "databaseName": { "type": "string", "description": "Name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block for OpenSearch settings. See below.\n" }, "endpointArn": { "type": "string", "description": "ARN for the endpoint.\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n" }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "engineName": { "type": "string", "description": "Type of engine for the endpoint. Valid values are `aurora`, `aurora-postgresql`, `azuredb`, `azure-sql-managed-instance`, `babelfish`, `db2`, `db2-zos`, `docdb`, `dynamodb`, `elasticsearch`, `kafka`, `kinesis`, `mariadb`, `mongodb`, `mysql`, `opensearch`, `oracle`, `postgres`, `redshift`, `s3`, `sqlserver`, `sybase`. Please note that some of engine names are available only for `target` endpoint type (e.g. `redshift`).\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes for a `source` Endpoint, see [Sources for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.html). For available attributes for a `target` Endpoint, see [Targets for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block for Kafka settings. See below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block for Kinesis settings. See below.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region. To encrypt an S3 target with a KMS Key, use the parameter `s3_settings.server_side_encryption_kms_key_id`. When `engine_name` is `redshift`, `kms_key_arn` is the KMS Key for the Redshift target and the parameter `redshift_settings.server_side_encryption_kms_key_id` encrypts the S3 intermediate storage.\n\nThe following arguments are optional:\n" }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block for MongoDB settings. See below.\n" }, "password": { "type": "string", "description": "Password to be used to login to the endpoint database.\n", "secret": true }, "pauseReplicationTasks": { "type": "boolean" }, "port": { "type": "integer", "description": "Port used by the endpoint database.\n" }, "postgresSettings": { "$ref": "#/types/aws:dms/EndpointPostgresSettings:EndpointPostgresSettings", "description": "Configuration block for Postgres settings. See below.\n" }, "redisSettings": { "$ref": "#/types/aws:dms/EndpointRedisSettings:EndpointRedisSettings" }, "redshiftSettings": { "$ref": "#/types/aws:dms/EndpointRedshiftSettings:EndpointRedshiftSettings", "description": "Configuration block for Redshift settings. See below.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "(**Deprecated**, use the `aws.dms.S3Endpoint` resource instead) Configuration block for S3 settings. See below.\n" }, "secretsManagerAccessRoleArn": { "type": "string", "description": "ARN of the IAM role that specifies AWS DMS as the trusted entity and has the required permissions to access the value in the Secrets Manager secret referred to by `secrets_manager_arn`. The role must allow the `iam:PassRole` action.\n\n\u003e **Note:** You can specify one of two sets of values for these permissions. You can specify the values for this setting and `secrets_manager_arn`. Or you can specify clear-text values for `username`, `password` , `server_name`, and `port`. You can't specify both.\n" }, "secretsManagerArn": { "type": "string", "description": "Full ARN, partial ARN, or friendly name of the Secrets Manager secret that contains the endpoint connection details. Supported only when `engine_name` is `aurora`, `aurora-postgresql`, `mariadb`, `mongodb`, `mysql`, `oracle`, `postgres`, `redshift`, or `sqlserver`.\n" }, "serverName": { "type": "string", "description": "Host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "ARN used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "username": { "type": "string", "description": "User name to be used to login to the endpoint database.\n" } }, "required": [ "certificateArn", "endpointArn", "endpointId", "endpointType", "engineName", "extraConnectionAttributes", "kmsKeyArn", "redshiftSettings", "sslMode", "tagsAll" ], "inputProperties": { "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "databaseName": { "type": "string", "description": "Name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block for OpenSearch settings. See below.\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "engineName": { "type": "string", "description": "Type of engine for the endpoint. Valid values are `aurora`, `aurora-postgresql`, `azuredb`, `azure-sql-managed-instance`, `babelfish`, `db2`, `db2-zos`, `docdb`, `dynamodb`, `elasticsearch`, `kafka`, `kinesis`, `mariadb`, `mongodb`, `mysql`, `opensearch`, `oracle`, `postgres`, `redshift`, `s3`, `sqlserver`, `sybase`. Please note that some of engine names are available only for `target` endpoint type (e.g. `redshift`).\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes for a `source` Endpoint, see [Sources for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.html). For available attributes for a `target` Endpoint, see [Targets for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block for Kafka settings. See below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block for Kinesis settings. See below.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region. To encrypt an S3 target with a KMS Key, use the parameter `s3_settings.server_side_encryption_kms_key_id`. When `engine_name` is `redshift`, `kms_key_arn` is the KMS Key for the Redshift target and the parameter `redshift_settings.server_side_encryption_kms_key_id` encrypts the S3 intermediate storage.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block for MongoDB settings. See below.\n" }, "password": { "type": "string", "description": "Password to be used to login to the endpoint database.\n", "secret": true }, "pauseReplicationTasks": { "type": "boolean" }, "port": { "type": "integer", "description": "Port used by the endpoint database.\n" }, "postgresSettings": { "$ref": "#/types/aws:dms/EndpointPostgresSettings:EndpointPostgresSettings", "description": "Configuration block for Postgres settings. See below.\n" }, "redisSettings": { "$ref": "#/types/aws:dms/EndpointRedisSettings:EndpointRedisSettings" }, "redshiftSettings": { "$ref": "#/types/aws:dms/EndpointRedshiftSettings:EndpointRedshiftSettings", "description": "Configuration block for Redshift settings. See below.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "(**Deprecated**, use the `aws.dms.S3Endpoint` resource instead) Configuration block for S3 settings. See below.\n" }, "secretsManagerAccessRoleArn": { "type": "string", "description": "ARN of the IAM role that specifies AWS DMS as the trusted entity and has the required permissions to access the value in the Secrets Manager secret referred to by `secrets_manager_arn`. The role must allow the `iam:PassRole` action.\n\n\u003e **Note:** You can specify one of two sets of values for these permissions. You can specify the values for this setting and `secrets_manager_arn`. Or you can specify clear-text values for `username`, `password` , `server_name`, and `port`. You can't specify both.\n" }, "secretsManagerArn": { "type": "string", "description": "Full ARN, partial ARN, or friendly name of the Secrets Manager secret that contains the endpoint connection details. Supported only when `engine_name` is `aurora`, `aurora-postgresql`, `mariadb`, `mongodb`, `mysql`, `oracle`, `postgres`, `redshift`, or `sqlserver`.\n" }, "serverName": { "type": "string", "description": "Host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "ARN used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "username": { "type": "string", "description": "User name to be used to login to the endpoint database.\n" } }, "requiredInputs": [ "endpointId", "endpointType", "engineName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "databaseName": { "type": "string", "description": "Name of the endpoint database.\n" }, "elasticsearchSettings": { "$ref": "#/types/aws:dms/EndpointElasticsearchSettings:EndpointElasticsearchSettings", "description": "Configuration block for OpenSearch settings. See below.\n" }, "endpointArn": { "type": "string", "description": "ARN for the endpoint.\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "engineName": { "type": "string", "description": "Type of engine for the endpoint. Valid values are `aurora`, `aurora-postgresql`, `azuredb`, `azure-sql-managed-instance`, `babelfish`, `db2`, `db2-zos`, `docdb`, `dynamodb`, `elasticsearch`, `kafka`, `kinesis`, `mariadb`, `mongodb`, `mysql`, `opensearch`, `oracle`, `postgres`, `redshift`, `s3`, `sqlserver`, `sybase`. Please note that some of engine names are available only for `target` endpoint type (e.g. `redshift`).\n" }, "extraConnectionAttributes": { "type": "string", "description": "Additional attributes associated with the connection. For available attributes for a `source` Endpoint, see [Sources for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.html). For available attributes for a `target` Endpoint, see [Targets for data migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.html).\n" }, "kafkaSettings": { "$ref": "#/types/aws:dms/EndpointKafkaSettings:EndpointKafkaSettings", "description": "Configuration block for Kafka settings. See below.\n" }, "kinesisSettings": { "$ref": "#/types/aws:dms/EndpointKinesisSettings:EndpointKinesisSettings", "description": "Configuration block for Kinesis settings. See below.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region. To encrypt an S3 target with a KMS Key, use the parameter `s3_settings.server_side_encryption_kms_key_id`. When `engine_name` is `redshift`, `kms_key_arn` is the KMS Key for the Redshift target and the parameter `redshift_settings.server_side_encryption_kms_key_id` encrypts the S3 intermediate storage.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mongodbSettings": { "$ref": "#/types/aws:dms/EndpointMongodbSettings:EndpointMongodbSettings", "description": "Configuration block for MongoDB settings. See below.\n" }, "password": { "type": "string", "description": "Password to be used to login to the endpoint database.\n", "secret": true }, "pauseReplicationTasks": { "type": "boolean" }, "port": { "type": "integer", "description": "Port used by the endpoint database.\n" }, "postgresSettings": { "$ref": "#/types/aws:dms/EndpointPostgresSettings:EndpointPostgresSettings", "description": "Configuration block for Postgres settings. See below.\n" }, "redisSettings": { "$ref": "#/types/aws:dms/EndpointRedisSettings:EndpointRedisSettings" }, "redshiftSettings": { "$ref": "#/types/aws:dms/EndpointRedshiftSettings:EndpointRedshiftSettings", "description": "Configuration block for Redshift settings. See below.\n" }, "s3Settings": { "$ref": "#/types/aws:dms/EndpointS3Settings:EndpointS3Settings", "description": "(**Deprecated**, use the `aws.dms.S3Endpoint` resource instead) Configuration block for S3 settings. See below.\n" }, "secretsManagerAccessRoleArn": { "type": "string", "description": "ARN of the IAM role that specifies AWS DMS as the trusted entity and has the required permissions to access the value in the Secrets Manager secret referred to by `secrets_manager_arn`. The role must allow the `iam:PassRole` action.\n\n\u003e **Note:** You can specify one of two sets of values for these permissions. You can specify the values for this setting and `secrets_manager_arn`. Or you can specify clear-text values for `username`, `password` , `server_name`, and `port`. You can't specify both.\n" }, "secretsManagerArn": { "type": "string", "description": "Full ARN, partial ARN, or friendly name of the Secrets Manager secret that contains the endpoint connection details. Supported only when `engine_name` is `aurora`, `aurora-postgresql`, `mariadb`, `mongodb`, `mysql`, `oracle`, `postgres`, `redshift`, or `sqlserver`.\n" }, "serverName": { "type": "string", "description": "Host name of the server.\n" }, "serviceAccessRole": { "type": "string", "description": "ARN used by the service access IAM role for dynamodb endpoints.\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "username": { "type": "string", "description": "User name to be used to login to the endpoint database.\n" } }, "type": "object" } }, "aws:dms/eventSubscription:EventSubscription": { "description": "Provides a DMS (Data Migration Service) event subscription resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.EventSubscription(\"example\", {\n enabled: true,\n eventCategories: [\n \"creation\",\n \"failure\",\n ],\n name: \"my-favorite-event-subscription\",\n snsTopicArn: exampleAwsSnsTopic.arn,\n sourceIds: [exampleAwsDmsReplicationTask.replicationTaskId],\n sourceType: \"replication-task\",\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.EventSubscription(\"example\",\n enabled=True,\n event_categories=[\n \"creation\",\n \"failure\",\n ],\n name=\"my-favorite-event-subscription\",\n sns_topic_arn=example_aws_sns_topic[\"arn\"],\n source_ids=[example_aws_dms_replication_task[\"replicationTaskId\"]],\n source_type=\"replication-task\",\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.EventSubscription(\"example\", new()\n {\n Enabled = true,\n EventCategories = new[]\n {\n \"creation\",\n \"failure\",\n },\n Name = \"my-favorite-event-subscription\",\n SnsTopicArn = exampleAwsSnsTopic.Arn,\n SourceIds = new[]\n {\n exampleAwsDmsReplicationTask.ReplicationTaskId,\n },\n SourceType = \"replication-task\",\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewEventSubscription(ctx, \"example\", \u0026dms.EventSubscriptionArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"creation\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"my-favorite-event-subscription\"),\n\t\t\tSnsTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\texampleAwsDmsReplicationTask.ReplicationTaskId,\n\t\t\t},\n\t\t\tSourceType: pulumi.String(\"replication-task\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.EventSubscription;\nimport com.pulumi.aws.dms.EventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSubscription(\"example\", EventSubscriptionArgs.builder()\n .enabled(true)\n .eventCategories( \n \"creation\",\n \"failure\")\n .name(\"my-favorite-event-subscription\")\n .snsTopicArn(exampleAwsSnsTopic.arn())\n .sourceIds(exampleAwsDmsReplicationTask.replicationTaskId())\n .sourceType(\"replication-task\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:EventSubscription\n properties:\n enabled: true\n eventCategories:\n - creation\n - failure\n name: my-favorite-event-subscription\n snsTopicArn: ${exampleAwsSnsTopic.arn}\n sourceIds:\n - ${exampleAwsDmsReplicationTask.replicationTaskId}\n sourceType: replication-task\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import event subscriptions using the `name`. For example:\n\n```sh\n$ pulumi import aws:dms/eventSubscription:EventSubscription test my-awesome-event-subscription\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DMS Event Subscription.\n" }, "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n" }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to. If you don't specify a value, notifications are provided for all sources.\n" }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "eventCategories", "name", "snsTopicArn", "sourceType", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to. If you don't specify a value, notifications are provided for all sources.\n", "willReplaceOnChanges": true }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "eventCategories", "snsTopicArn", "sourceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DMS Event Subscription.\n" }, "enabled": { "type": "boolean", "description": "Whether the event subscription should be enabled.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "List of event categories to listen for, see `DescribeEventCategories` for a canonical list.\n" }, "name": { "type": "string", "description": "Name of event subscription.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "SNS topic arn to send events on.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "Ids of sources to listen to. If you don't specify a value, notifications are provided for all sources.\n", "willReplaceOnChanges": true }, "sourceType": { "type": "string", "description": "Type of source for events. Valid values: `replication-instance` or `replication-task`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dms/replicationConfig:ReplicationConfig": { "description": "Provides a DMS Serverless replication config resource.\n\n\u003e **NOTE:** Changing most arguments will stop the replication if it is running. You can set `start_replication` to resume the replication afterwards.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst name = new aws.dms.ReplicationConfig(\"name\", {\n replicationConfigIdentifier: \"test-dms-serverless-replication-tf\",\n resourceIdentifier: \"test-dms-serverless-replication-tf\",\n replicationType: \"cdc\",\n sourceEndpointArn: source.endpointArn,\n targetEndpointArn: target.endpointArn,\n tableMappings: ` {\n \"rules\":[{\"rule-type\":\"selection\",\"rule-id\":\"1\",\"rule-name\":\"1\",\"rule-action\":\"include\",\"object-locator\":{\"schema-name\":\"%%\",\"table-name\":\"%%\"}}]\n }\n`,\n startReplication: true,\n computeConfig: {\n replicationSubnetGroupId: _default.replicationSubnetGroupId,\n maxCapacityUnits: 64,\n minCapacityUnits: 2,\n preferredMaintenanceWindow: \"sun:23:45-mon:00:30\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nname = aws.dms.ReplicationConfig(\"name\",\n replication_config_identifier=\"test-dms-serverless-replication-tf\",\n resource_identifier=\"test-dms-serverless-replication-tf\",\n replication_type=\"cdc\",\n source_endpoint_arn=source[\"endpointArn\"],\n target_endpoint_arn=target[\"endpointArn\"],\n table_mappings=\"\"\" {\n \"rules\":[{\"rule-type\":\"selection\",\"rule-id\":\"1\",\"rule-name\":\"1\",\"rule-action\":\"include\",\"object-locator\":{\"schema-name\":\"%%\",\"table-name\":\"%%\"}}]\n }\n\"\"\",\n start_replication=True,\n compute_config={\n \"replication_subnet_group_id\": default[\"replicationSubnetGroupId\"],\n \"max_capacity_units\": 64,\n \"min_capacity_units\": 2,\n \"preferred_maintenance_window\": \"sun:23:45-mon:00:30\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var name = new Aws.Dms.ReplicationConfig(\"name\", new()\n {\n ReplicationConfigIdentifier = \"test-dms-serverless-replication-tf\",\n ResourceIdentifier = \"test-dms-serverless-replication-tf\",\n ReplicationType = \"cdc\",\n SourceEndpointArn = source.EndpointArn,\n TargetEndpointArn = target.EndpointArn,\n TableMappings = @\" {\n \"\"rules\"\":[{\"\"rule-type\"\":\"\"selection\"\",\"\"rule-id\"\":\"\"1\"\",\"\"rule-name\"\":\"\"1\"\",\"\"rule-action\"\":\"\"include\"\",\"\"object-locator\"\":{\"\"schema-name\"\":\"\"%%\"\",\"\"table-name\"\":\"\"%%\"\"}}]\n }\n\",\n StartReplication = true,\n ComputeConfig = new Aws.Dms.Inputs.ReplicationConfigComputeConfigArgs\n {\n ReplicationSubnetGroupId = @default.ReplicationSubnetGroupId,\n MaxCapacityUnits = 64,\n MinCapacityUnits = 2,\n PreferredMaintenanceWindow = \"sun:23:45-mon:00:30\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewReplicationConfig(ctx, \"name\", \u0026dms.ReplicationConfigArgs{\n\t\t\tReplicationConfigIdentifier: pulumi.String(\"test-dms-serverless-replication-tf\"),\n\t\t\tResourceIdentifier: pulumi.String(\"test-dms-serverless-replication-tf\"),\n\t\t\tReplicationType: pulumi.String(\"cdc\"),\n\t\t\tSourceEndpointArn: pulumi.Any(source.EndpointArn),\n\t\t\tTargetEndpointArn: pulumi.Any(target.EndpointArn),\n\t\t\tTableMappings: pulumi.String(\" {\\n \\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"rule-action\\\":\\\"include\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%%\\\",\\\"table-name\\\":\\\"%%\\\"}}]\\n }\\n\"),\n\t\t\tStartReplication: pulumi.Bool(true),\n\t\t\tComputeConfig: \u0026dms.ReplicationConfigComputeConfigArgs{\n\t\t\t\tReplicationSubnetGroupId: pulumi.Any(_default.ReplicationSubnetGroupId),\n\t\t\t\tMaxCapacityUnits: pulumi.Int(64),\n\t\t\t\tMinCapacityUnits: pulumi.Int(2),\n\t\t\t\tPreferredMaintenanceWindow: pulumi.String(\"sun:23:45-mon:00:30\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.ReplicationConfig;\nimport com.pulumi.aws.dms.ReplicationConfigArgs;\nimport com.pulumi.aws.dms.inputs.ReplicationConfigComputeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var name = new ReplicationConfig(\"name\", ReplicationConfigArgs.builder()\n .replicationConfigIdentifier(\"test-dms-serverless-replication-tf\")\n .resourceIdentifier(\"test-dms-serverless-replication-tf\")\n .replicationType(\"cdc\")\n .sourceEndpointArn(source.endpointArn())\n .targetEndpointArn(target.endpointArn())\n .tableMappings(\"\"\"\n {\n \"rules\":[{\"rule-type\":\"selection\",\"rule-id\":\"1\",\"rule-name\":\"1\",\"rule-action\":\"include\",\"object-locator\":{\"schema-name\":\"%%\",\"table-name\":\"%%\"}}]\n }\n \"\"\")\n .startReplication(true)\n .computeConfig(ReplicationConfigComputeConfigArgs.builder()\n .replicationSubnetGroupId(default_.replicationSubnetGroupId())\n .maxCapacityUnits(\"64\")\n .minCapacityUnits(\"2\")\n .preferredMaintenanceWindow(\"sun:23:45-mon:00:30\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n name:\n type: aws:dms:ReplicationConfig\n properties:\n replicationConfigIdentifier: test-dms-serverless-replication-tf\n resourceIdentifier: test-dms-serverless-replication-tf\n replicationType: cdc\n sourceEndpointArn: ${source.endpointArn}\n targetEndpointArn: ${target.endpointArn}\n tableMappings: |2\n {\n \"rules\":[{\"rule-type\":\"selection\",\"rule-id\":\"1\",\"rule-name\":\"1\",\"rule-action\":\"include\",\"object-locator\":{\"schema-name\":\"%%\",\"table-name\":\"%%\"}}]\n }\n startReplication: true\n computeConfig:\n replicationSubnetGroupId: ${default.replicationSubnetGroupId}\n maxCapacityUnits: '64'\n minCapacityUnits: '2'\n preferredMaintenanceWindow: sun:23:45-mon:00:30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a replication config using the `arn`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationConfig:ReplicationConfig example arn:aws:dms:us-east-1:123456789012:replication-config:UX6OL6MHMMJKFFOXE3H7LLJCMEKBDUG4ZV7DRSI\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the serverless replication config.\n" }, "computeConfig": { "$ref": "#/types/aws:dms/ReplicationConfigComputeConfig:ReplicationConfigComputeConfig", "description": "Configuration block for provisioning an DMS Serverless replication.\n" }, "replicationConfigIdentifier": { "type": "string", "description": "Unique identifier that you want to use to create the config.\n" }, "replicationSettings": { "type": "string", "description": "An escaped JSON string that are used to provision this replication configuration. For example, [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html)\n" }, "replicationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "resourceIdentifier": { "type": "string", "description": "Unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess)\n" }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "startReplication": { "type": "boolean", "description": "Whether to run or stop the serverless replication, default is false.\n" }, "supplementalSettings": { "type": "string", "description": "JSON settings for specifying supplemental data. For more information see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html)\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "required": [ "arn", "computeConfig", "replicationConfigIdentifier", "replicationSettings", "replicationType", "resourceIdentifier", "sourceEndpointArn", "tableMappings", "tagsAll", "targetEndpointArn" ], "inputProperties": { "computeConfig": { "$ref": "#/types/aws:dms/ReplicationConfigComputeConfig:ReplicationConfigComputeConfig", "description": "Configuration block for provisioning an DMS Serverless replication.\n" }, "replicationConfigIdentifier": { "type": "string", "description": "Unique identifier that you want to use to create the config.\n", "willReplaceOnChanges": true }, "replicationSettings": { "type": "string", "description": "An escaped JSON string that are used to provision this replication configuration. For example, [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html)\n" }, "replicationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "resourceIdentifier": { "type": "string", "description": "Unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess)\n", "willReplaceOnChanges": true }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "startReplication": { "type": "boolean", "description": "Whether to run or stop the serverless replication, default is false.\n" }, "supplementalSettings": { "type": "string", "description": "JSON settings for specifying supplemental data. For more information see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html)\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "requiredInputs": [ "computeConfig", "replicationConfigIdentifier", "replicationType", "sourceEndpointArn", "tableMappings", "targetEndpointArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the serverless replication config.\n" }, "computeConfig": { "$ref": "#/types/aws:dms/ReplicationConfigComputeConfig:ReplicationConfigComputeConfig", "description": "Configuration block for provisioning an DMS Serverless replication.\n" }, "replicationConfigIdentifier": { "type": "string", "description": "Unique identifier that you want to use to create the config.\n", "willReplaceOnChanges": true }, "replicationSettings": { "type": "string", "description": "An escaped JSON string that are used to provision this replication configuration. For example, [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html)\n" }, "replicationType": { "type": "string", "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "resourceIdentifier": { "type": "string", "description": "Unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess)\n", "willReplaceOnChanges": true }, "sourceEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n" }, "startReplication": { "type": "boolean", "description": "Whether to run or stop the serverless replication, default is false.\n" }, "supplementalSettings": { "type": "string", "description": "JSON settings for specifying supplemental data. For more information see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html)\n" }, "tableMappings": { "type": "string", "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetEndpointArn": { "type": "string", "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n" } }, "type": "object" } }, "aws:dms/replicationInstance:ReplicationInstance": { "description": "Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.\n\n## Example Usage\n\nCreate required roles and then create a DMS instance, setting the depends_on to the required role policy attachments.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Database Migration Service requires the below IAM Roles to be created before\n// replication instances can be created. See the DMS Documentation for\n// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n// * dms-vpc-role\n// * dms-cloudwatch-logs-role\n// * dms-access-for-endpoint\nconst dmsAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"dms.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst dms_access_for_endpoint = new aws.iam.Role(\"dms-access-for-endpoint\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-access-for-endpoint\",\n});\nconst dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role: dms_access_for_endpoint.name,\n});\nconst dms_cloudwatch_logs_role = new aws.iam.Role(\"dms-cloudwatch-logs-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-cloudwatch-logs-role\",\n});\nconst dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role: dms_cloudwatch_logs_role.name,\n});\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-vpc-role\",\n});\nconst dms_vpc_role_AmazonDMSVPCManagementRole = new aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role: dms_vpc_role.name,\n});\n// Create a new replication instance\nconst test = new aws.dms.ReplicationInstance(\"test\", {\n allocatedStorage: 20,\n applyImmediately: true,\n autoMinorVersionUpgrade: true,\n availabilityZone: \"us-west-2c\",\n engineVersion: \"3.1.4\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multiAz: false,\n preferredMaintenanceWindow: \"sun:10:30-sun:14:30\",\n publiclyAccessible: true,\n replicationInstanceClass: \"dms.t2.micro\",\n replicationInstanceId: \"test-dms-replication-instance-tf\",\n replicationSubnetGroupId: test_dms_replication_subnet_group_tf.id,\n tags: {\n Name: \"test\",\n },\n vpcSecurityGroupIds: [\"sg-12345678\"],\n}, {\n dependsOn: [\n dms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n dms_vpc_role_AmazonDMSVPCManagementRole,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Database Migration Service requires the below IAM Roles to be created before\n# replication instances can be created. See the DMS Documentation for\n# additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n# * dms-vpc-role\n# * dms-cloudwatch-logs-role\n# * dms-access-for-endpoint\ndms_assume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"identifiers\": [\"dms.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\ndms_access_for_endpoint = aws.iam.Role(\"dms-access-for-endpoint\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-access-for-endpoint\")\ndms_access_for_endpoint__amazon_dms_redshift_s3_role = aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role=dms_access_for_endpoint.name)\ndms_cloudwatch_logs_role = aws.iam.Role(\"dms-cloudwatch-logs-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-cloudwatch-logs-role\")\ndms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role = aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role=dms_cloudwatch_logs_role.name)\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-vpc-role\")\ndms_vpc_role__amazon_dmsvpc_management_role = aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role=dms_vpc_role.name)\n# Create a new replication instance\ntest = aws.dms.ReplicationInstance(\"test\",\n allocated_storage=20,\n apply_immediately=True,\n auto_minor_version_upgrade=True,\n availability_zone=\"us-west-2c\",\n engine_version=\"3.1.4\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multi_az=False,\n preferred_maintenance_window=\"sun:10:30-sun:14:30\",\n publicly_accessible=True,\n replication_instance_class=\"dms.t2.micro\",\n replication_instance_id=\"test-dms-replication-instance-tf\",\n replication_subnet_group_id=test_dms_replication_subnet_group_tf[\"id\"],\n tags={\n \"Name\": \"test\",\n },\n vpc_security_group_ids=[\"sg-12345678\"],\n opts = pulumi.ResourceOptions(depends_on=[\n dms_access_for_endpoint__amazon_dms_redshift_s3_role,\n dms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role,\n dms_vpc_role__amazon_dmsvpc_management_role,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n var dmsAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"dms.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var dms_access_for_endpoint = new Aws.Iam.Role(\"dms-access-for-endpoint\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-access-for-endpoint\",\n });\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new Aws.Iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n Role = dms_access_for_endpoint.Name,\n });\n\n var dms_cloudwatch_logs_role = new Aws.Iam.Role(\"dms-cloudwatch-logs-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-cloudwatch-logs-role\",\n });\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new Aws.Iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n Role = dms_cloudwatch_logs_role.Name,\n });\n\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-vpc-role\",\n });\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new Aws.Iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n Role = dms_vpc_role.Name,\n });\n\n // Create a new replication instance\n var test = new Aws.Dms.ReplicationInstance(\"test\", new()\n {\n AllocatedStorage = 20,\n ApplyImmediately = true,\n AutoMinorVersionUpgrade = true,\n AvailabilityZone = \"us-west-2c\",\n EngineVersion = \"3.1.4\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n MultiAz = false,\n PreferredMaintenanceWindow = \"sun:10:30-sun:14:30\",\n PubliclyAccessible = true,\n ReplicationInstanceClass = \"dms.t2.micro\",\n ReplicationInstanceId = \"test-dms-replication-instance-tf\",\n ReplicationSubnetGroupId = test_dms_replication_subnet_group_tf.Id,\n Tags = \n {\n { \"Name\", \"test\" },\n },\n VpcSecurityGroupIds = new[]\n {\n \"sg-12345678\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n dms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n dms_vpc_role_AmazonDMSVPCManagementRole,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Database Migration Service requires the below IAM Roles to be created before\n\t\t// replication instances can be created. See the DMS Documentation for\n\t\t// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n\t\t// - dms-vpc-role\n\t\t// - dms-cloudwatch-logs-role\n\t\t// - dms-access-for-endpoint\n\t\tdmsAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"dms.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-access-for-endpoint\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-access-for-endpoint\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\"),\n\t\t\tRole: dms_access_for_endpoint.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-cloudwatch-logs-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-cloudwatch-logs-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\"),\n\t\t\tRole: dms_cloudwatch_logs_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-vpc-role-AmazonDMSVPCManagementRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t\tRole: dms_vpc_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a new replication instance\n\t\t_, err = dms.NewReplicationInstance(ctx, \"test\", \u0026dms.ReplicationInstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(true),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2c\"),\n\t\t\tEngineVersion: pulumi.String(\"3.1.4\"),\n\t\t\tKmsKeyArn: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tPreferredMaintenanceWindow: pulumi.String(\"sun:10:30-sun:14:30\"),\n\t\t\tPubliclyAccessible: pulumi.Bool(true),\n\t\t\tReplicationInstanceClass: pulumi.String(\"dms.t2.micro\"),\n\t\t\tReplicationInstanceId: pulumi.String(\"test-dms-replication-instance-tf\"),\n\t\t\tReplicationSubnetGroupId: pulumi.Any(test_dms_replication_subnet_group_tf.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-12345678\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n\t\t\tdms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n\t\t\tdms_vpc_role_AmazonDMSVPCManagementRole,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationInstance;\nimport com.pulumi.aws.dms.ReplicationInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n final var dmsAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"dms.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var dms_access_for_endpoint = new Role(\"dms-access-for-endpoint\", RoleArgs.builder()\n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-access-for-endpoint\")\n .build());\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\")\n .role(dms_access_for_endpoint.name())\n .build());\n\n var dms_cloudwatch_logs_role = new Role(\"dms-cloudwatch-logs-role\", RoleArgs.builder()\n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-cloudwatch-logs-role\")\n .build());\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\")\n .role(dms_cloudwatch_logs_role.name())\n .build());\n\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder()\n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-vpc-role\")\n .build());\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .role(dms_vpc_role.name())\n .build());\n\n // Create a new replication instance\n var test = new ReplicationInstance(\"test\", ReplicationInstanceArgs.builder()\n .allocatedStorage(20)\n .applyImmediately(true)\n .autoMinorVersionUpgrade(true)\n .availabilityZone(\"us-west-2c\")\n .engineVersion(\"3.1.4\")\n .kmsKeyArn(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n .multiAz(false)\n .preferredMaintenanceWindow(\"sun:10:30-sun:14:30\")\n .publiclyAccessible(true)\n .replicationInstanceClass(\"dms.t2.micro\")\n .replicationInstanceId(\"test-dms-replication-instance-tf\")\n .replicationSubnetGroupId(test_dms_replication_subnet_group_tf.id())\n .tags(Map.of(\"Name\", \"test\"))\n .vpcSecurityGroupIds(\"sg-12345678\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n dms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n dms_vpc_role_AmazonDMSVPCManagementRole)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-access-for-endpoint:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-access-for-endpoint\n dms-access-for-endpoint-AmazonDMSRedshiftS3Role:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\n role: ${[\"dms-access-for-endpoint\"].name}\n dms-cloudwatch-logs-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-cloudwatch-logs-role\n dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\n role: ${[\"dms-cloudwatch-logs-role\"].name}\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-vpc-role\n dms-vpc-role-AmazonDMSVPCManagementRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n role: ${[\"dms-vpc-role\"].name}\n # Create a new replication instance\n test:\n type: aws:dms:ReplicationInstance\n properties:\n allocatedStorage: 20\n applyImmediately: true\n autoMinorVersionUpgrade: true\n availabilityZone: us-west-2c\n engineVersion: 3.1.4\n kmsKeyArn: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\n multiAz: false\n preferredMaintenanceWindow: sun:10:30-sun:14:30\n publiclyAccessible: true\n replicationInstanceClass: dms.t2.micro\n replicationInstanceId: test-dms-replication-instance-tf\n replicationSubnetGroupId: ${[\"test-dms-replication-subnet-group-tf\"].id}\n tags:\n Name: test\n vpcSecurityGroupIds:\n - sg-12345678\n options:\n dependson:\n - ${[\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\"]}\n - ${[\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\"]}\n - ${[\"dms-vpc-role-AmazonDMSVPCManagementRole\"]}\nvariables:\n # Database Migration Service requires the below IAM Roles to be created before\n # replication instances can be created. See the DMS Documentation for\n # additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n # * dms-vpc-role\n # * dms-cloudwatch-logs-role\n # * dms-access-for-endpoint\n dmsAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - identifiers:\n - dms.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication instances using the `replication_instance_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationInstance:ReplicationInstance test test-dms-replication-instance-tf\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version upgrades are allowed.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n" }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "networkType": { "type": "string", "description": "The type of IP address protocol used by a replication instance. Valid values: `IPV4`, `DUAL`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n- Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.\n- Format: `ddd:hh24:mi-ddd:hh24:mi`\n- Valid Days: `mon, tue, wed, thu, fri, sat, sun`\n- Constraints: Minimum 30-minute window.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n" }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. See [AWS DMS User Guide](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Types.html) for available instance sizes and advice on which one to choose.\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen\n- Cannot contain two consecutive hyphens.\n" }, "replicationInstancePrivateIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the private IP addresses of the replication instance.\n" }, "replicationInstancePublicIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the public IP addresses of the replication instance.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "required": [ "allocatedStorage", "autoMinorVersionUpgrade", "availabilityZone", "engineVersion", "kmsKeyArn", "multiAz", "networkType", "preferredMaintenanceWindow", "publiclyAccessible", "replicationInstanceArn", "replicationInstanceClass", "replicationInstanceId", "replicationInstancePrivateIps", "replicationInstancePublicIps", "replicationSubnetGroupId", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version upgrades are allowed.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n", "willReplaceOnChanges": true }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "networkType": { "type": "string", "description": "The type of IP address protocol used by a replication instance. Valid values: `IPV4`, `DUAL`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n- Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.\n- Format: `ddd:hh24:mi-ddd:hh24:mi`\n- Valid Days: `mon, tue, wed, thu, fri, sat, sun`\n- Constraints: Minimum 30-minute window.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n", "willReplaceOnChanges": true }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. See [AWS DMS User Guide](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Types.html) for available instance sizes and advice on which one to choose.\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen\n- Cannot contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "requiredInputs": [ "replicationInstanceClass", "replicationInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationInstance resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version upgrades are allowed.\n" }, "applyImmediately": { "type": "boolean", "description": "Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the replication instance will be created in.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The engine version number of the replication instance.\n" }, "kmsKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n", "willReplaceOnChanges": true }, "multiAz": { "type": "boolean", "description": "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`.\n" }, "networkType": { "type": "string", "description": "The type of IP address protocol used by a replication instance. Valid values: `IPV4`, `DUAL`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n- Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.\n- Format: `ddd:hh24:mi-ddd:hh24:mi`\n- Valid Days: `mon, tue, wed, thu, fri, sat, sun`\n- Constraints: Minimum 30-minute window.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n", "willReplaceOnChanges": true }, "replicationInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replication instance.\n" }, "replicationInstanceClass": { "type": "string", "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. See [AWS DMS User Guide](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Types.html) for available instance sizes and advice on which one to choose.\n" }, "replicationInstanceId": { "type": "string", "description": "The replication instance identifier. This parameter is stored as a lowercase string.\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen\n- Cannot contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "replicationInstancePrivateIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the private IP addresses of the replication instance.\n" }, "replicationInstancePublicIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the public IP addresses of the replication instance.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "A subnet group to associate with the replication instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.\n" } }, "type": "object" } }, "aws:dms/replicationSubnetGroup:ReplicationSubnetGroup": { "description": "Provides a DMS (Data Migration Service) replication subnet group resource. DMS replication subnet groups can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS requires a special IAM role called `dms-vpc-role` when using this resource. See the example below to create it as part of your configuration.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication subnet group\nconst example = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example replication subnet group\",\n replicationSubnetGroupId: \"example-dms-replication-subnet-group-tf\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication subnet group\nexample = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example replication subnet group\",\n replication_subnet_group_id=\"example-dms-replication-subnet-group-tf\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new replication subnet group\n var example = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example replication subnet group\",\n ReplicationSubnetGroupId = \"example-dms-replication-subnet-group-tf\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new replication subnet group\n\t\t_, err := dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example replication subnet group\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-dms-replication-subnet-group-tf\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new replication subnet group\n var example = new ReplicationSubnetGroup(\"example\", ReplicationSubnetGroupArgs.builder()\n .replicationSubnetGroupDescription(\"Example replication subnet group\")\n .replicationSubnetGroupId(\"example-dms-replication-subnet-group-tf\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new replication subnet group\n example:\n type: aws:dms:ReplicationSubnetGroup\n properties:\n replicationSubnetGroupDescription: Example replication subnet group\n replicationSubnetGroupId: example-dms-replication-subnet-group-tf\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating special IAM role\n\nIf your account does not already include the `dms-vpc-role` IAM role, you will need to create it to allow DMS to manage subnets in the VPC.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n name: \"dms-vpc-role\",\n description: \"Allows DMS to manage VPC\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n Service: \"dms.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst example = new aws.iam.RolePolicyAttachment(\"example\", {\n role: dms_vpc_role.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n});\nconst exampleReplicationSubnetGroup = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example\",\n replicationSubnetGroupId: \"example-id\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example-id\",\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n name=\"dms-vpc-role\",\n description=\"Allows DMS to manage VPC\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dms.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\nexample = aws.iam.RolePolicyAttachment(\"example\",\n role=dms_vpc_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\nexample_replication_subnet_group = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example\",\n replication_subnet_group_id=\"example-id\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example-id\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n Name = \"dms-vpc-role\",\n Description = \"Allows DMS to manage VPC\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dms.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = dms_vpc_role.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n });\n\n var exampleReplicationSubnetGroup = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example\",\n ReplicationSubnetGroupId = \"example-id\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example-id\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dms.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t\tDescription: pulumi.String(\"Allows DMS to manage VPC\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: dms_vpc_role.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-id\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-id\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder()\n .name(\"dms-vpc-role\")\n .description(\"Allows DMS to manage VPC\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dms.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var example = new RolePolicyAttachment(\"example\", RolePolicyAttachmentArgs.builder()\n .role(dms_vpc_role.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .build());\n\n var exampleReplicationSubnetGroup = new ReplicationSubnetGroup(\"exampleReplicationSubnetGroup\", ReplicationSubnetGroupArgs.builder()\n .replicationSubnetGroupDescription(\"Example\")\n .replicationSubnetGroupId(\"example-id\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example-id\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n name: dms-vpc-role\n description: Allows DMS to manage VPC\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n Service: dms.amazonaws.com\n Action: sts:AssumeRole\n example:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${[\"dms-vpc-role\"].name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n exampleReplicationSubnetGroup:\n type: aws:dms:ReplicationSubnetGroup\n name: example\n properties:\n replicationSubnetGroupDescription: Example\n replicationSubnetGroupId: example-id\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example-id\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication subnet groups using the `replication_subnet_group_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationSubnetGroup:ReplicationSubnetGroup test test-dms-replication-subnet-group-tf\n```\n", "properties": { "replicationSubnetGroupArn": { "type": "string" }, "replicationSubnetGroupDescription": { "type": "string", "description": "Description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "Name for the replication subnet group. This value is stored as a lowercase string. It must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens and cannot be `default`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of at least 2 EC2 subnet IDs for the subnet group. The subnets must cover at least 2 availability zones.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet group is in.\n" } }, "required": [ "replicationSubnetGroupArn", "replicationSubnetGroupDescription", "replicationSubnetGroupId", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "replicationSubnetGroupDescription": { "type": "string", "description": "Description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "Name for the replication subnet group. This value is stored as a lowercase string. It must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens and cannot be `default`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of at least 2 EC2 subnet IDs for the subnet group. The subnets must cover at least 2 availability zones.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "replicationSubnetGroupDescription", "replicationSubnetGroupId", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationSubnetGroup resources.\n", "properties": { "replicationSubnetGroupArn": { "type": "string" }, "replicationSubnetGroupDescription": { "type": "string", "description": "Description for the subnet group.\n" }, "replicationSubnetGroupId": { "type": "string", "description": "Name for the replication subnet group. This value is stored as a lowercase string. It must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens and cannot be `default`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of at least 2 EC2 subnet IDs for the subnet group. The subnets must cover at least 2 availability zones.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet group is in.\n" } }, "type": "object" } }, "aws:dms/replicationTask:ReplicationTask": { "description": "Provides a DMS (Data Migration Service) replication task resource. DMS replication tasks can be created, updated, deleted, and imported.\n\n\u003e **NOTE:** Changing most arguments will stop the task if it is running. You can set `start_replication_task` to resume the task afterwards.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication task\nconst test = new aws.dms.ReplicationTask(\"test\", {\n cdcStartTime: \"1993-05-21T05:50:00Z\",\n migrationType: \"full-load\",\n replicationInstanceArn: test_dms_replication_instance_tf.replicationInstanceArn,\n replicationTaskId: \"test-dms-replication-task-tf\",\n replicationTaskSettings: \"...\",\n sourceEndpointArn: test_dms_source_endpoint_tf.endpointArn,\n tableMappings: \"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n tags: {\n Name: \"test\",\n },\n targetEndpointArn: test_dms_target_endpoint_tf.endpointArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication task\ntest = aws.dms.ReplicationTask(\"test\",\n cdc_start_time=\"1993-05-21T05:50:00Z\",\n migration_type=\"full-load\",\n replication_instance_arn=test_dms_replication_instance_tf[\"replicationInstanceArn\"],\n replication_task_id=\"test-dms-replication-task-tf\",\n replication_task_settings=\"...\",\n source_endpoint_arn=test_dms_source_endpoint_tf[\"endpointArn\"],\n table_mappings=\"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n tags={\n \"Name\": \"test\",\n },\n target_endpoint_arn=test_dms_target_endpoint_tf[\"endpointArn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new replication task\n var test = new Aws.Dms.ReplicationTask(\"test\", new()\n {\n CdcStartTime = \"1993-05-21T05:50:00Z\",\n MigrationType = \"full-load\",\n ReplicationInstanceArn = test_dms_replication_instance_tf.ReplicationInstanceArn,\n ReplicationTaskId = \"test-dms-replication-task-tf\",\n ReplicationTaskSettings = \"...\",\n SourceEndpointArn = test_dms_source_endpoint_tf.EndpointArn,\n TableMappings = \"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\",\n Tags = \n {\n { \"Name\", \"test\" },\n },\n TargetEndpointArn = test_dms_target_endpoint_tf.EndpointArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new replication task\n\t\t_, err := dms.NewReplicationTask(ctx, \"test\", \u0026dms.ReplicationTaskArgs{\n\t\t\tCdcStartTime: pulumi.String(\"1993-05-21T05:50:00Z\"),\n\t\t\tMigrationType: pulumi.String(\"full-load\"),\n\t\t\tReplicationInstanceArn: pulumi.Any(test_dms_replication_instance_tf.ReplicationInstanceArn),\n\t\t\tReplicationTaskId: pulumi.String(\"test-dms-replication-task-tf\"),\n\t\t\tReplicationTaskSettings: pulumi.String(\"...\"),\n\t\t\tSourceEndpointArn: pulumi.Any(test_dms_source_endpoint_tf.EndpointArn),\n\t\t\tTableMappings: pulumi.String(\"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tTargetEndpointArn: pulumi.Any(test_dms_target_endpoint_tf.EndpointArn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.ReplicationTask;\nimport com.pulumi.aws.dms.ReplicationTaskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new replication task\n var test = new ReplicationTask(\"test\", ReplicationTaskArgs.builder()\n .cdcStartTime(\"1993-05-21T05:50:00Z\")\n .migrationType(\"full-load\")\n .replicationInstanceArn(test_dms_replication_instance_tf.replicationInstanceArn())\n .replicationTaskId(\"test-dms-replication-task-tf\")\n .replicationTaskSettings(\"...\")\n .sourceEndpointArn(test_dms_source_endpoint_tf.endpointArn())\n .tableMappings(\"{\\\"rules\\\":[{\\\"rule-type\\\":\\\"selection\\\",\\\"rule-id\\\":\\\"1\\\",\\\"rule-name\\\":\\\"1\\\",\\\"object-locator\\\":{\\\"schema-name\\\":\\\"%\\\",\\\"table-name\\\":\\\"%\\\"},\\\"rule-action\\\":\\\"include\\\"}]}\")\n .tags(Map.of(\"Name\", \"test\"))\n .targetEndpointArn(test_dms_target_endpoint_tf.endpointArn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new replication task\n test:\n type: aws:dms:ReplicationTask\n properties:\n cdcStartTime: 1993-05-21T05:50:00Z\n migrationType: full-load\n replicationInstanceArn: ${[\"test-dms-replication-instance-tf\"].replicationInstanceArn}\n replicationTaskId: test-dms-replication-task-tf\n replicationTaskSettings: '...'\n sourceEndpointArn: ${[\"test-dms-source-endpoint-tf\"].endpointArn}\n tableMappings: '{\"rules\":[{\"rule-type\":\"selection\",\"rule-id\":\"1\",\"rule-name\":\"1\",\"object-locator\":{\"schema-name\":\"%\",\"table-name\":\"%\"},\"rule-action\":\"include\"}]}'\n tags:\n Name: test\n targetEndpointArn: ${[\"test-dms-target-endpoint-tf\"].endpointArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication tasks using the `replication_task_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationTask:ReplicationTask test test-dms-replication-task-tf\n```\n", "properties": { "cdcStartPosition": { "type": "string", "description": "Indicates when you want a change data capture (CDC) operation to start. The value can be a RFC3339 formatted date, a checkpoint, or a LSN/SCN format depending on the source engine. For more information see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native).\n" }, "cdcStartTime": { "type": "string", "description": "RFC3339 formatted date string or UNIX timestamp for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "Migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "ARN of the replication instance.\n" }, "replicationTaskArn": { "type": "string", "description": "ARN for the replication task.\n" }, "replicationTaskId": { "type": "string", "description": "Replication task identifier which must contain from 1 to 255 alphanumeric characters or hyphens, first character must be a letter, cannot end with a hyphen, and cannot contain two consecutive hyphens.\n" }, "replicationTaskSettings": { "type": "string", "description": "Escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html). Note that `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream` are read only and should not be defined, even as `null`, in the configuration since AWS provides a value for these settings.\n" }, "resourceIdentifier": { "type": "string", "description": "A friendly name for the resource identifier at the end of the EndpointArn response parameter that is returned in the created Endpoint object.\n" }, "sourceEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the source endpoint.\n" }, "startReplicationTask": { "type": "boolean", "description": "Whether to run or stop the replication task.\n" }, "status": { "type": "string", "description": "Replication Task status.\n" }, "tableMappings": { "type": "string", "description": "Escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the target endpoint.\n" } }, "required": [ "cdcStartPosition", "migrationType", "replicationInstanceArn", "replicationTaskArn", "replicationTaskId", "replicationTaskSettings", "sourceEndpointArn", "status", "tableMappings", "tagsAll", "targetEndpointArn" ], "inputProperties": { "cdcStartPosition": { "type": "string", "description": "Indicates when you want a change data capture (CDC) operation to start. The value can be a RFC3339 formatted date, a checkpoint, or a LSN/SCN format depending on the source engine. For more information see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native).\n" }, "cdcStartTime": { "type": "string", "description": "RFC3339 formatted date string or UNIX timestamp for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "Migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "ARN of the replication instance.\n" }, "replicationTaskId": { "type": "string", "description": "Replication task identifier which must contain from 1 to 255 alphanumeric characters or hyphens, first character must be a letter, cannot end with a hyphen, and cannot contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "replicationTaskSettings": { "type": "string", "description": "Escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html). Note that `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream` are read only and should not be defined, even as `null`, in the configuration since AWS provides a value for these settings.\n" }, "resourceIdentifier": { "type": "string", "description": "A friendly name for the resource identifier at the end of the EndpointArn response parameter that is returned in the created Endpoint object.\n", "willReplaceOnChanges": true }, "sourceEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the source endpoint.\n", "willReplaceOnChanges": true }, "startReplicationTask": { "type": "boolean", "description": "Whether to run or stop the replication task.\n" }, "tableMappings": { "type": "string", "description": "Escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the target endpoint.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "migrationType", "replicationInstanceArn", "replicationTaskId", "sourceEndpointArn", "tableMappings", "targetEndpointArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationTask resources.\n", "properties": { "cdcStartPosition": { "type": "string", "description": "Indicates when you want a change data capture (CDC) operation to start. The value can be a RFC3339 formatted date, a checkpoint, or a LSN/SCN format depending on the source engine. For more information see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native).\n" }, "cdcStartTime": { "type": "string", "description": "RFC3339 formatted date string or UNIX timestamp for the start of the Change Data Capture (CDC) operation.\n" }, "migrationType": { "type": "string", "description": "Migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n" }, "replicationInstanceArn": { "type": "string", "description": "ARN of the replication instance.\n" }, "replicationTaskArn": { "type": "string", "description": "ARN for the replication task.\n" }, "replicationTaskId": { "type": "string", "description": "Replication task identifier which must contain from 1 to 255 alphanumeric characters or hyphens, first character must be a letter, cannot end with a hyphen, and cannot contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "replicationTaskSettings": { "type": "string", "description": "Escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html). Note that `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream` are read only and should not be defined, even as `null`, in the configuration since AWS provides a value for these settings.\n" }, "resourceIdentifier": { "type": "string", "description": "A friendly name for the resource identifier at the end of the EndpointArn response parameter that is returned in the created Endpoint object.\n", "willReplaceOnChanges": true }, "sourceEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the source endpoint.\n", "willReplaceOnChanges": true }, "startReplicationTask": { "type": "boolean", "description": "Whether to run or stop the replication task.\n" }, "status": { "type": "string", "description": "Replication Task status.\n" }, "tableMappings": { "type": "string", "description": "Escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetEndpointArn": { "type": "string", "description": "ARN that uniquely identifies the target endpoint.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:dms/s3Endpoint:S3Endpoint": { "description": "Provides a DMS (Data Migration Service) S3 endpoint resource. DMS S3 endpoints can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS is deprecating `extra_connection_attributes`, such as used with `aws.dms.Endpoint`. This resource is an alternative to `aws.dms.Endpoint` and does not use `extra_connection_attributes`. (AWS currently includes `extra_connection_attributes` in the raw responses to the AWS Provider requests and so they may be visible in the logs.)\n\n\u003e **Note:** Some of this resource's arguments have default values that come from the AWS Provider. Other default values are provided by AWS and subject to change without notice. When relying on AWS defaults, the provider state will often have a zero value. For example, the AWS Provider does not provide a default for `cdc_max_batch_interval` but the AWS default is `60` (seconds). However, the provider state will show `0` since this is the value return by AWS when no value is present. Below, we aim to flag the defaults that come from AWS (_e.g._, \"AWS default...\").\n\n## Example Usage\n\n### Minimal Configuration\n\nThis is the minimal configuration for an `aws.dms.S3Endpoint`. This endpoint will rely on the AWS Provider and AWS defaults.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n bucketName: \"beckut_name\",\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n bucket_name=\"beckut_name\",\n service_access_role_arn=example_aws_iam_role[\"arn\"],\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n BucketName = \"beckut_name\",\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tBucketName: pulumi.String(\"beckut_name\"),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder()\n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .bucketName(\"beckut_name\")\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n bucketName: beckut_name\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n sslMode: \"none\",\n tags: {\n Name: \"donnedtipi\",\n Update: \"to-update\",\n Remove: \"to-remove\",\n },\n addColumnName: true,\n addTrailingPaddingCharacter: false,\n bucketFolder: \"folder\",\n bucketName: \"bucket_name\",\n cannedAclForObjects: \"private\",\n cdcInsertsAndUpdates: true,\n cdcInsertsOnly: false,\n cdcMaxBatchInterval: 100,\n cdcMinFileSize: 16,\n cdcPath: \"cdc/path\",\n compressionType: \"GZIP\",\n csvDelimiter: \";\",\n csvNoSupValue: \"x\",\n csvNullValue: \"?\",\n csvRowDelimiter: \"\\\\r\\\\n\",\n dataFormat: \"parquet\",\n dataPageSize: 1100000,\n datePartitionDelimiter: \"UNDERSCORE\",\n datePartitionEnabled: true,\n datePartitionSequence: \"yyyymmddhh\",\n datePartitionTimezone: \"Asia/Seoul\",\n dictPageSizeLimit: 1000000,\n enableStatistics: false,\n encodingType: \"plain\",\n encryptionMode: \"SSE_S3\",\n expectedBucketOwner: current.accountId,\n externalTableDefinition: \"etd\",\n ignoreHeaderRows: 1,\n includeOpForFullLoad: true,\n maxFileSize: 1000000,\n parquetTimestampInMillisecond: true,\n parquetVersion: \"parquet-2-0\",\n preserveTransactions: false,\n rfc4180: false,\n rowGroupLength: 11000,\n serverSideEncryptionKmsKeyId: exampleAwsKmsKey.arn,\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n timestampColumnName: \"tx_commit_time\",\n useCsvNoSupValue: false,\n useTaskStartTimeForFullLoadTimestamp: true,\n glueCatalogGeneration: true,\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n ssl_mode=\"none\",\n tags={\n \"Name\": \"donnedtipi\",\n \"Update\": \"to-update\",\n \"Remove\": \"to-remove\",\n },\n add_column_name=True,\n add_trailing_padding_character=False,\n bucket_folder=\"folder\",\n bucket_name=\"bucket_name\",\n canned_acl_for_objects=\"private\",\n cdc_inserts_and_updates=True,\n cdc_inserts_only=False,\n cdc_max_batch_interval=100,\n cdc_min_file_size=16,\n cdc_path=\"cdc/path\",\n compression_type=\"GZIP\",\n csv_delimiter=\";\",\n csv_no_sup_value=\"x\",\n csv_null_value=\"?\",\n csv_row_delimiter=\"\\\\r\\\\n\",\n data_format=\"parquet\",\n data_page_size=1100000,\n date_partition_delimiter=\"UNDERSCORE\",\n date_partition_enabled=True,\n date_partition_sequence=\"yyyymmddhh\",\n date_partition_timezone=\"Asia/Seoul\",\n dict_page_size_limit=1000000,\n enable_statistics=False,\n encoding_type=\"plain\",\n encryption_mode=\"SSE_S3\",\n expected_bucket_owner=current[\"accountId\"],\n external_table_definition=\"etd\",\n ignore_header_rows=1,\n include_op_for_full_load=True,\n max_file_size=1000000,\n parquet_timestamp_in_millisecond=True,\n parquet_version=\"parquet-2-0\",\n preserve_transactions=False,\n rfc4180=False,\n row_group_length=11000,\n server_side_encryption_kms_key_id=example_aws_kms_key[\"arn\"],\n service_access_role_arn=example_aws_iam_role[\"arn\"],\n timestamp_column_name=\"tx_commit_time\",\n use_csv_no_sup_value=False,\n use_task_start_time_for_full_load_timestamp=True,\n glue_catalog_generation=True,\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n SslMode = \"none\",\n Tags = \n {\n { \"Name\", \"donnedtipi\" },\n { \"Update\", \"to-update\" },\n { \"Remove\", \"to-remove\" },\n },\n AddColumnName = true,\n AddTrailingPaddingCharacter = false,\n BucketFolder = \"folder\",\n BucketName = \"bucket_name\",\n CannedAclForObjects = \"private\",\n CdcInsertsAndUpdates = true,\n CdcInsertsOnly = false,\n CdcMaxBatchInterval = 100,\n CdcMinFileSize = 16,\n CdcPath = \"cdc/path\",\n CompressionType = \"GZIP\",\n CsvDelimiter = \";\",\n CsvNoSupValue = \"x\",\n CsvNullValue = \"?\",\n CsvRowDelimiter = \"\\\\r\\\\n\",\n DataFormat = \"parquet\",\n DataPageSize = 1100000,\n DatePartitionDelimiter = \"UNDERSCORE\",\n DatePartitionEnabled = true,\n DatePartitionSequence = \"yyyymmddhh\",\n DatePartitionTimezone = \"Asia/Seoul\",\n DictPageSizeLimit = 1000000,\n EnableStatistics = false,\n EncodingType = \"plain\",\n EncryptionMode = \"SSE_S3\",\n ExpectedBucketOwner = current.AccountId,\n ExternalTableDefinition = \"etd\",\n IgnoreHeaderRows = 1,\n IncludeOpForFullLoad = true,\n MaxFileSize = 1000000,\n ParquetTimestampInMillisecond = true,\n ParquetVersion = \"parquet-2-0\",\n PreserveTransactions = false,\n Rfc4180 = false,\n RowGroupLength = 11000,\n ServerSideEncryptionKmsKeyId = exampleAwsKmsKey.Arn,\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n TimestampColumnName = \"tx_commit_time\",\n UseCsvNoSupValue = false,\n UseTaskStartTimeForFullLoadTimestamp = true,\n GlueCatalogGeneration = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tSslMode: pulumi.String(\"none\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"donnedtipi\"),\n\t\t\t\t\"Update\": pulumi.String(\"to-update\"),\n\t\t\t\t\"Remove\": pulumi.String(\"to-remove\"),\n\t\t\t},\n\t\t\tAddColumnName: pulumi.Bool(true),\n\t\t\tAddTrailingPaddingCharacter: pulumi.Bool(false),\n\t\t\tBucketFolder: pulumi.String(\"folder\"),\n\t\t\tBucketName: pulumi.String(\"bucket_name\"),\n\t\t\tCannedAclForObjects: pulumi.String(\"private\"),\n\t\t\tCdcInsertsAndUpdates: pulumi.Bool(true),\n\t\t\tCdcInsertsOnly: pulumi.Bool(false),\n\t\t\tCdcMaxBatchInterval: pulumi.Int(100),\n\t\t\tCdcMinFileSize: pulumi.Int(16),\n\t\t\tCdcPath: pulumi.String(\"cdc/path\"),\n\t\t\tCompressionType: pulumi.String(\"GZIP\"),\n\t\t\tCsvDelimiter: pulumi.String(\";\"),\n\t\t\tCsvNoSupValue: pulumi.String(\"x\"),\n\t\t\tCsvNullValue: pulumi.String(\"?\"),\n\t\t\tCsvRowDelimiter: pulumi.String(\"\\\\r\\\\n\"),\n\t\t\tDataFormat: pulumi.String(\"parquet\"),\n\t\t\tDataPageSize: pulumi.Int(1100000),\n\t\t\tDatePartitionDelimiter: pulumi.String(\"UNDERSCORE\"),\n\t\t\tDatePartitionEnabled: pulumi.Bool(true),\n\t\t\tDatePartitionSequence: pulumi.String(\"yyyymmddhh\"),\n\t\t\tDatePartitionTimezone: pulumi.String(\"Asia/Seoul\"),\n\t\t\tDictPageSizeLimit: pulumi.Int(1000000),\n\t\t\tEnableStatistics: pulumi.Bool(false),\n\t\t\tEncodingType: pulumi.String(\"plain\"),\n\t\t\tEncryptionMode: pulumi.String(\"SSE_S3\"),\n\t\t\tExpectedBucketOwner: pulumi.Any(current.AccountId),\n\t\t\tExternalTableDefinition: pulumi.String(\"etd\"),\n\t\t\tIgnoreHeaderRows: pulumi.Int(1),\n\t\t\tIncludeOpForFullLoad: pulumi.Bool(true),\n\t\t\tMaxFileSize: pulumi.Int(1000000),\n\t\t\tParquetTimestampInMillisecond: pulumi.Bool(true),\n\t\t\tParquetVersion: pulumi.String(\"parquet-2-0\"),\n\t\t\tPreserveTransactions: pulumi.Bool(false),\n\t\t\tRfc4180: pulumi.Bool(false),\n\t\t\tRowGroupLength: pulumi.Int(11000),\n\t\t\tServerSideEncryptionKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTimestampColumnName: pulumi.String(\"tx_commit_time\"),\n\t\t\tUseCsvNoSupValue: pulumi.Bool(false),\n\t\t\tUseTaskStartTimeForFullLoadTimestamp: pulumi.Bool(true),\n\t\t\tGlueCatalogGeneration: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder()\n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .sslMode(\"none\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"donnedtipi\"),\n Map.entry(\"Update\", \"to-update\"),\n Map.entry(\"Remove\", \"to-remove\")\n ))\n .addColumnName(true)\n .addTrailingPaddingCharacter(false)\n .bucketFolder(\"folder\")\n .bucketName(\"bucket_name\")\n .cannedAclForObjects(\"private\")\n .cdcInsertsAndUpdates(true)\n .cdcInsertsOnly(false)\n .cdcMaxBatchInterval(100)\n .cdcMinFileSize(16)\n .cdcPath(\"cdc/path\")\n .compressionType(\"GZIP\")\n .csvDelimiter(\";\")\n .csvNoSupValue(\"x\")\n .csvNullValue(\"?\")\n .csvRowDelimiter(\"\\\\r\\\\n\")\n .dataFormat(\"parquet\")\n .dataPageSize(1100000)\n .datePartitionDelimiter(\"UNDERSCORE\")\n .datePartitionEnabled(true)\n .datePartitionSequence(\"yyyymmddhh\")\n .datePartitionTimezone(\"Asia/Seoul\")\n .dictPageSizeLimit(1000000)\n .enableStatistics(false)\n .encodingType(\"plain\")\n .encryptionMode(\"SSE_S3\")\n .expectedBucketOwner(current.accountId())\n .externalTableDefinition(\"etd\")\n .ignoreHeaderRows(1)\n .includeOpForFullLoad(true)\n .maxFileSize(1000000)\n .parquetTimestampInMillisecond(true)\n .parquetVersion(\"parquet-2-0\")\n .preserveTransactions(false)\n .rfc4180(false)\n .rowGroupLength(11000)\n .serverSideEncryptionKmsKeyId(exampleAwsKmsKey.arn())\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .timestampColumnName(\"tx_commit_time\")\n .useCsvNoSupValue(false)\n .useTaskStartTimeForFullLoadTimestamp(true)\n .glueCatalogGeneration(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n sslMode: none\n tags:\n Name: donnedtipi\n Update: to-update\n Remove: to-remove\n addColumnName: true\n addTrailingPaddingCharacter: false\n bucketFolder: folder\n bucketName: bucket_name\n cannedAclForObjects: private\n cdcInsertsAndUpdates: true\n cdcInsertsOnly: false\n cdcMaxBatchInterval: 100\n cdcMinFileSize: 16\n cdcPath: cdc/path\n compressionType: GZIP\n csvDelimiter: ;\n csvNoSupValue: x\n csvNullValue: '?'\n csvRowDelimiter: \\r\\n\n dataFormat: parquet\n dataPageSize: 1.1e+06\n datePartitionDelimiter: UNDERSCORE\n datePartitionEnabled: true\n datePartitionSequence: yyyymmddhh\n datePartitionTimezone: Asia/Seoul\n dictPageSizeLimit: 1e+06\n enableStatistics: false\n encodingType: plain\n encryptionMode: SSE_S3\n expectedBucketOwner: ${current.accountId}\n externalTableDefinition: etd\n ignoreHeaderRows: 1\n includeOpForFullLoad: true\n maxFileSize: 1e+06\n parquetTimestampInMillisecond: true\n parquetVersion: parquet-2-0\n preserveTransactions: false\n rfc4180: false\n rowGroupLength: 11000\n serverSideEncryptionKmsKeyId: ${exampleAwsKmsKey.arn}\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n timestampColumnName: tx_commit_time\n useCsvNoSupValue: false\n useTaskStartTimeForFullLoadTimestamp: true\n glueCatalogGeneration: true\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoints using the `endpoint_id`. For example:\n\n```sh\n$ pulumi import aws:dms/s3Endpoint:S3Endpoint example example-dms-endpoint-tf\n```\n", "properties": { "addColumnName": { "type": "boolean", "description": "Whether to add column name information to the .csv output file. Default is `false`.\n" }, "addTrailingPaddingCharacter": { "type": "boolean", "description": "Whether to add padding. Default is `false`. (Ignored for source endpoints.)\n" }, "bucketFolder": { "type": "string", "description": "S3 object prefix.\n" }, "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "cannedAclForObjects": { "type": "string", "description": "Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`.\n" }, "cdcInsertsAndUpdates": { "type": "boolean", "description": "Whether to write insert and update operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcInsertsOnly": { "type": "boolean", "description": "Whether to write insert operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcMaxBatchInterval": { "type": "integer", "description": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. (AWS default is `60`.)\n" }, "cdcMinFileSize": { "type": "integer", "description": "Minimum file size condition as defined in kilobytes to output a file to Amazon S3. (AWS default is 32000 KB.)\n" }, "cdcPath": { "type": "string", "description": "Folder path of CDC files. If `cdc_path` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later.\n" }, "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "compressionType": { "type": "string", "description": "Set to compress target files. Valid values are `GZIP` and `NONE`. Default is `NONE`. (Ignored for source endpoints.)\n" }, "csvDelimiter": { "type": "string", "description": "Delimiter used to separate columns in the source files. Default is `,`.\n" }, "csvNoSupValue": { "type": "string", "description": "Only applies if output files for a CDC load are written in .csv format. If `use_csv_no_sup_value` is set to `true`, string to use for all columns not included in the supplemental log. If you do not specify a string value, DMS uses the null value for these columns regardless of `use_csv_no_sup_value`. (Ignored for source endpoints.)\n" }, "csvNullValue": { "type": "string", "description": "String to as null when writing to the target. (AWS default is `NULL`.)\n" }, "csvRowDelimiter": { "type": "string", "description": "Delimiter used to separate rows in the source files. Default is newline (_i.e._, `\\n`).\n" }, "dataFormat": { "type": "string", "description": "Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. (Ignored for source endpoints -- only `csv` is valid.)\n" }, "dataPageSize": { "type": "integer", "description": "Size of one data page in bytes. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "datePartitionDelimiter": { "type": "string", "description": "Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. (AWS default is `SLASH`.) (Ignored for source endpoints.)\n" }, "datePartitionEnabled": { "type": "boolean", "description": "Partition S3 bucket folders based on transaction commit dates. Default is `false`. (Ignored for source endpoints.)\n" }, "datePartitionSequence": { "type": "string", "description": "Date format to use during folder partitioning. Use this parameter when `date_partition_enabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. (AWS default is `YYYYMMDD`.) (Ignored for source endpoints.)\n" }, "datePartitionTimezone": { "type": "string", "description": "Convert the current UTC time to a timezone. The conversion occurs when a date partition folder is created and a CDC filename is generated. The timezone format is Area/Location (_e.g._, `Europe/Paris`). Use this when `date_partition_enabled` is `true`. (Ignored for source endpoints.)\n" }, "detachTargetOnLobLookupFailureParquet": { "type": "boolean", "description": "Undocumented argument for use as directed by AWS Support.\n" }, "dictPageSizeLimit": { "type": "integer", "description": "Maximum size in bytes of an encoded dictionary page of a column. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "enableStatistics": { "type": "boolean", "description": "Whether to enable statistics for Parquet pages and row groups. Default is `true`.\n" }, "encodingType": { "type": "string", "description": "Type of encoding to use. Value values are `rle_dictionary`, `plain`, and `plain_dictionary`. (AWS default is `rle_dictionary`.)\n" }, "encryptionMode": { "type": "string", "description": "Server-side encryption mode that you want to encrypt your .csv or .parquet object files copied to S3. Valid values are `SSE_S3` and `SSE_KMS`. (AWS default is `SSE_S3`.) (Ignored for source endpoints -- only `SSE_S3` is valid.)\n" }, "endpointArn": { "type": "string", "description": "ARN for the endpoint.\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n" }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "engineDisplayName": { "type": "string", "description": "Expanded name for the engine name.\n" }, "expectedBucketOwner": { "type": "string", "description": "Bucket owner to prevent sniping. Value is an AWS account ID.\n" }, "externalId": { "type": "string", "description": "Can be used for cross-account validation. Use it in another account with `aws.dms.S3Endpoint` to create the endpoint cross-account.\n" }, "externalTableDefinition": { "type": "string", "description": "JSON document that describes how AWS DMS should interpret the data.\n" }, "glueCatalogGeneration": { "type": "boolean", "description": "Whether to integrate AWS Glue Data Catalog with an Amazon S3 target. See [Using AWS Glue Data Catalog with an Amazon S3 target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.GlueCatalog) for more information. Default is `false`.\n" }, "ignoreHeaderRows": { "type": "integer", "description": "When this value is set to `1`, DMS ignores the first row header in a .csv file. (AWS default is `0`.)\n" }, "includeOpForFullLoad": { "type": "boolean", "description": "Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n" }, "maxFileSize": { "type": "integer", "description": "Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. (AWS default is 1 GB, _i.e._, `1048576`.)\n" }, "parquetTimestampInMillisecond": { "type": "boolean", "description": "Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`. (Ignored for source endpoints.)\n" }, "parquetVersion": { "type": "string", "description": "Version of the .parquet file format. Valid values are `parquet-1-0` and `parquet-2-0`. (AWS default is `parquet-1-0`.) (Ignored for source endpoints.)\n" }, "preserveTransactions": { "type": "boolean", "description": "Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdc_path`. Default is `false`. (Ignored for source endpoints.)\n" }, "rfc4180": { "type": "boolean", "description": "For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`.\n" }, "rowGroupLength": { "type": "integer", "description": "Number of rows in a row group. (AWS default is `10000`.)\n" }, "serverSideEncryptionKmsKeyId": { "type": "string", "description": "When `encryption_mode` is `SSE_KMS`, ARN for the AWS KMS key. (Ignored for source endpoints -- only `SSE_S3` `encryption_mode` is valid.)\n" }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to the S3 Bucket.\n\nThe following arguments are optional:\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`. (AWS default is `none`.)\n" }, "status": { "type": "string", "description": "Status of the endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timestampColumnName": { "type": "string", "description": "Column to add with timestamp information to the endpoint data for an Amazon S3 target.\n" }, "useCsvNoSupValue": { "type": "boolean", "description": "Whether to use `csv_no_sup_value` for columns not included in the supplemental log. (Ignored for source endpoints.)\n" }, "useTaskStartTimeForFullLoadTimestamp": { "type": "boolean", "description": "When set to `true`, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to `true`, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`.\n" } }, "required": [ "bucketName", "certificateArn", "endpointArn", "endpointId", "endpointType", "engineDisplayName", "externalId", "kmsKeyArn", "serviceAccessRoleArn", "sslMode", "status", "tagsAll" ], "inputProperties": { "addColumnName": { "type": "boolean", "description": "Whether to add column name information to the .csv output file. Default is `false`.\n" }, "addTrailingPaddingCharacter": { "type": "boolean", "description": "Whether to add padding. Default is `false`. (Ignored for source endpoints.)\n" }, "bucketFolder": { "type": "string", "description": "S3 object prefix.\n" }, "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "cannedAclForObjects": { "type": "string", "description": "Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`.\n" }, "cdcInsertsAndUpdates": { "type": "boolean", "description": "Whether to write insert and update operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcInsertsOnly": { "type": "boolean", "description": "Whether to write insert operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcMaxBatchInterval": { "type": "integer", "description": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. (AWS default is `60`.)\n" }, "cdcMinFileSize": { "type": "integer", "description": "Minimum file size condition as defined in kilobytes to output a file to Amazon S3. (AWS default is 32000 KB.)\n" }, "cdcPath": { "type": "string", "description": "Folder path of CDC files. If `cdc_path` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later.\n" }, "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "compressionType": { "type": "string", "description": "Set to compress target files. Valid values are `GZIP` and `NONE`. Default is `NONE`. (Ignored for source endpoints.)\n" }, "csvDelimiter": { "type": "string", "description": "Delimiter used to separate columns in the source files. Default is `,`.\n" }, "csvNoSupValue": { "type": "string", "description": "Only applies if output files for a CDC load are written in .csv format. If `use_csv_no_sup_value` is set to `true`, string to use for all columns not included in the supplemental log. If you do not specify a string value, DMS uses the null value for these columns regardless of `use_csv_no_sup_value`. (Ignored for source endpoints.)\n" }, "csvNullValue": { "type": "string", "description": "String to as null when writing to the target. (AWS default is `NULL`.)\n" }, "csvRowDelimiter": { "type": "string", "description": "Delimiter used to separate rows in the source files. Default is newline (_i.e._, `\\n`).\n" }, "dataFormat": { "type": "string", "description": "Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. (Ignored for source endpoints -- only `csv` is valid.)\n" }, "dataPageSize": { "type": "integer", "description": "Size of one data page in bytes. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "datePartitionDelimiter": { "type": "string", "description": "Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. (AWS default is `SLASH`.) (Ignored for source endpoints.)\n" }, "datePartitionEnabled": { "type": "boolean", "description": "Partition S3 bucket folders based on transaction commit dates. Default is `false`. (Ignored for source endpoints.)\n" }, "datePartitionSequence": { "type": "string", "description": "Date format to use during folder partitioning. Use this parameter when `date_partition_enabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. (AWS default is `YYYYMMDD`.) (Ignored for source endpoints.)\n" }, "datePartitionTimezone": { "type": "string", "description": "Convert the current UTC time to a timezone. The conversion occurs when a date partition folder is created and a CDC filename is generated. The timezone format is Area/Location (_e.g._, `Europe/Paris`). Use this when `date_partition_enabled` is `true`. (Ignored for source endpoints.)\n" }, "detachTargetOnLobLookupFailureParquet": { "type": "boolean", "description": "Undocumented argument for use as directed by AWS Support.\n" }, "dictPageSizeLimit": { "type": "integer", "description": "Maximum size in bytes of an encoded dictionary page of a column. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "enableStatistics": { "type": "boolean", "description": "Whether to enable statistics for Parquet pages and row groups. Default is `true`.\n" }, "encodingType": { "type": "string", "description": "Type of encoding to use. Value values are `rle_dictionary`, `plain`, and `plain_dictionary`. (AWS default is `rle_dictionary`.)\n" }, "encryptionMode": { "type": "string", "description": "Server-side encryption mode that you want to encrypt your .csv or .parquet object files copied to S3. Valid values are `SSE_S3` and `SSE_KMS`. (AWS default is `SSE_S3`.) (Ignored for source endpoints -- only `SSE_S3` is valid.)\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "expectedBucketOwner": { "type": "string", "description": "Bucket owner to prevent sniping. Value is an AWS account ID.\n" }, "externalTableDefinition": { "type": "string", "description": "JSON document that describes how AWS DMS should interpret the data.\n" }, "glueCatalogGeneration": { "type": "boolean", "description": "Whether to integrate AWS Glue Data Catalog with an Amazon S3 target. See [Using AWS Glue Data Catalog with an Amazon S3 target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.GlueCatalog) for more information. Default is `false`.\n" }, "ignoreHeaderRows": { "type": "integer", "description": "When this value is set to `1`, DMS ignores the first row header in a .csv file. (AWS default is `0`.)\n", "willReplaceOnChanges": true }, "includeOpForFullLoad": { "type": "boolean", "description": "Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n", "willReplaceOnChanges": true }, "maxFileSize": { "type": "integer", "description": "Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. (AWS default is 1 GB, _i.e._, `1048576`.)\n" }, "parquetTimestampInMillisecond": { "type": "boolean", "description": "Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`. (Ignored for source endpoints.)\n" }, "parquetVersion": { "type": "string", "description": "Version of the .parquet file format. Valid values are `parquet-1-0` and `parquet-2-0`. (AWS default is `parquet-1-0`.) (Ignored for source endpoints.)\n" }, "preserveTransactions": { "type": "boolean", "description": "Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdc_path`. Default is `false`. (Ignored for source endpoints.)\n" }, "rfc4180": { "type": "boolean", "description": "For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`.\n" }, "rowGroupLength": { "type": "integer", "description": "Number of rows in a row group. (AWS default is `10000`.)\n" }, "serverSideEncryptionKmsKeyId": { "type": "string", "description": "When `encryption_mode` is `SSE_KMS`, ARN for the AWS KMS key. (Ignored for source endpoints -- only `SSE_S3` `encryption_mode` is valid.)\n" }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to the S3 Bucket.\n\nThe following arguments are optional:\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`. (AWS default is `none`.)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timestampColumnName": { "type": "string", "description": "Column to add with timestamp information to the endpoint data for an Amazon S3 target.\n" }, "useCsvNoSupValue": { "type": "boolean", "description": "Whether to use `csv_no_sup_value` for columns not included in the supplemental log. (Ignored for source endpoints.)\n" }, "useTaskStartTimeForFullLoadTimestamp": { "type": "boolean", "description": "When set to `true`, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to `true`, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`.\n" } }, "requiredInputs": [ "bucketName", "endpointId", "endpointType", "serviceAccessRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering S3Endpoint resources.\n", "properties": { "addColumnName": { "type": "boolean", "description": "Whether to add column name information to the .csv output file. Default is `false`.\n" }, "addTrailingPaddingCharacter": { "type": "boolean", "description": "Whether to add padding. Default is `false`. (Ignored for source endpoints.)\n" }, "bucketFolder": { "type": "string", "description": "S3 object prefix.\n" }, "bucketName": { "type": "string", "description": "S3 bucket name.\n" }, "cannedAclForObjects": { "type": "string", "description": "Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`.\n" }, "cdcInsertsAndUpdates": { "type": "boolean", "description": "Whether to write insert and update operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcInsertsOnly": { "type": "boolean", "description": "Whether to write insert operations to .csv or .parquet output files. Default is `false`.\n" }, "cdcMaxBatchInterval": { "type": "integer", "description": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. (AWS default is `60`.)\n" }, "cdcMinFileSize": { "type": "integer", "description": "Minimum file size condition as defined in kilobytes to output a file to Amazon S3. (AWS default is 32000 KB.)\n" }, "cdcPath": { "type": "string", "description": "Folder path of CDC files. If `cdc_path` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later.\n" }, "certificateArn": { "type": "string", "description": "ARN for the certificate.\n" }, "compressionType": { "type": "string", "description": "Set to compress target files. Valid values are `GZIP` and `NONE`. Default is `NONE`. (Ignored for source endpoints.)\n" }, "csvDelimiter": { "type": "string", "description": "Delimiter used to separate columns in the source files. Default is `,`.\n" }, "csvNoSupValue": { "type": "string", "description": "Only applies if output files for a CDC load are written in .csv format. If `use_csv_no_sup_value` is set to `true`, string to use for all columns not included in the supplemental log. If you do not specify a string value, DMS uses the null value for these columns regardless of `use_csv_no_sup_value`. (Ignored for source endpoints.)\n" }, "csvNullValue": { "type": "string", "description": "String to as null when writing to the target. (AWS default is `NULL`.)\n" }, "csvRowDelimiter": { "type": "string", "description": "Delimiter used to separate rows in the source files. Default is newline (_i.e._, `\\n`).\n" }, "dataFormat": { "type": "string", "description": "Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. (Ignored for source endpoints -- only `csv` is valid.)\n" }, "dataPageSize": { "type": "integer", "description": "Size of one data page in bytes. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "datePartitionDelimiter": { "type": "string", "description": "Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. (AWS default is `SLASH`.) (Ignored for source endpoints.)\n" }, "datePartitionEnabled": { "type": "boolean", "description": "Partition S3 bucket folders based on transaction commit dates. Default is `false`. (Ignored for source endpoints.)\n" }, "datePartitionSequence": { "type": "string", "description": "Date format to use during folder partitioning. Use this parameter when `date_partition_enabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. (AWS default is `YYYYMMDD`.) (Ignored for source endpoints.)\n" }, "datePartitionTimezone": { "type": "string", "description": "Convert the current UTC time to a timezone. The conversion occurs when a date partition folder is created and a CDC filename is generated. The timezone format is Area/Location (_e.g._, `Europe/Paris`). Use this when `date_partition_enabled` is `true`. (Ignored for source endpoints.)\n" }, "detachTargetOnLobLookupFailureParquet": { "type": "boolean", "description": "Undocumented argument for use as directed by AWS Support.\n" }, "dictPageSizeLimit": { "type": "integer", "description": "Maximum size in bytes of an encoded dictionary page of a column. (AWS default is 1 MiB, _i.e._, `1048576`.)\n" }, "enableStatistics": { "type": "boolean", "description": "Whether to enable statistics for Parquet pages and row groups. Default is `true`.\n" }, "encodingType": { "type": "string", "description": "Type of encoding to use. Value values are `rle_dictionary`, `plain`, and `plain_dictionary`. (AWS default is `rle_dictionary`.)\n" }, "encryptionMode": { "type": "string", "description": "Server-side encryption mode that you want to encrypt your .csv or .parquet object files copied to S3. Valid values are `SSE_S3` and `SSE_KMS`. (AWS default is `SSE_S3`.) (Ignored for source endpoints -- only `SSE_S3` is valid.)\n" }, "endpointArn": { "type": "string", "description": "ARN for the endpoint.\n" }, "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "Type of endpoint. Valid values are `source`, `target`.\n" }, "engineDisplayName": { "type": "string", "description": "Expanded name for the engine name.\n" }, "expectedBucketOwner": { "type": "string", "description": "Bucket owner to prevent sniping. Value is an AWS account ID.\n" }, "externalId": { "type": "string", "description": "Can be used for cross-account validation. Use it in another account with `aws.dms.S3Endpoint` to create the endpoint cross-account.\n" }, "externalTableDefinition": { "type": "string", "description": "JSON document that describes how AWS DMS should interpret the data.\n" }, "glueCatalogGeneration": { "type": "boolean", "description": "Whether to integrate AWS Glue Data Catalog with an Amazon S3 target. See [Using AWS Glue Data Catalog with an Amazon S3 target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.GlueCatalog) for more information. Default is `false`.\n" }, "ignoreHeaderRows": { "type": "integer", "description": "When this value is set to `1`, DMS ignores the first row header in a .csv file. (AWS default is `0`.)\n", "willReplaceOnChanges": true }, "includeOpForFullLoad": { "type": "boolean", "description": "Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for `kms_key_arn`, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.\n", "willReplaceOnChanges": true }, "maxFileSize": { "type": "integer", "description": "Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. (AWS default is 1 GB, _i.e._, `1048576`.)\n" }, "parquetTimestampInMillisecond": { "type": "boolean", "description": "Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`. (Ignored for source endpoints.)\n" }, "parquetVersion": { "type": "string", "description": "Version of the .parquet file format. Valid values are `parquet-1-0` and `parquet-2-0`. (AWS default is `parquet-1-0`.) (Ignored for source endpoints.)\n" }, "preserveTransactions": { "type": "boolean", "description": "Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdc_path`. Default is `false`. (Ignored for source endpoints.)\n" }, "rfc4180": { "type": "boolean", "description": "For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`.\n" }, "rowGroupLength": { "type": "integer", "description": "Number of rows in a row group. (AWS default is `10000`.)\n" }, "serverSideEncryptionKmsKeyId": { "type": "string", "description": "When `encryption_mode` is `SSE_KMS`, ARN for the AWS KMS key. (Ignored for source endpoints -- only `SSE_S3` `encryption_mode` is valid.)\n" }, "serviceAccessRoleArn": { "type": "string", "description": "ARN of the IAM role with permissions to the S3 Bucket.\n\nThe following arguments are optional:\n" }, "sslMode": { "type": "string", "description": "SSL mode to use for the connection. Valid values are `none`, `require`, `verify-ca`, `verify-full`. (AWS default is `none`.)\n" }, "status": { "type": "string", "description": "Status of the endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timestampColumnName": { "type": "string", "description": "Column to add with timestamp information to the endpoint data for an Amazon S3 target.\n" }, "useCsvNoSupValue": { "type": "boolean", "description": "Whether to use `csv_no_sup_value` for columns not included in the supplemental log. (Ignored for source endpoints.)\n" }, "useTaskStartTimeForFullLoadTimestamp": { "type": "boolean", "description": "When set to `true`, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to `true`, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`.\n" } }, "type": "object" } }, "aws:docdb/cluster:Cluster": { "description": "Manages a DocumentDB Cluster.\n\nChanges to a DocumentDB Cluster can occur when you manually change a\nparameter, such as `port`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n\u003e **Note:** using `apply_immediately` can result in a brief downtime as the server reboots.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst docdb = new aws.docdb.Cluster(\"docdb\", {\n clusterIdentifier: \"my-docdb-cluster\",\n engine: \"docdb\",\n masterUsername: \"foo\",\n masterPassword: \"mustbeeightchars\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocdb = aws.docdb.Cluster(\"docdb\",\n cluster_identifier=\"my-docdb-cluster\",\n engine=\"docdb\",\n master_username=\"foo\",\n master_password=\"mustbeeightchars\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var docdb = new Aws.DocDB.Cluster(\"docdb\", new()\n {\n ClusterIdentifier = \"my-docdb-cluster\",\n Engine = \"docdb\",\n MasterUsername = \"foo\",\n MasterPassword = \"mustbeeightchars\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewCluster(ctx, \"docdb\", \u0026docdb.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"my-docdb-cluster\"),\n\t\t\tEngine: pulumi.String(\"docdb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightchars\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var docdb = new Cluster(\"docdb\", ClusterArgs.builder()\n .clusterIdentifier(\"my-docdb-cluster\")\n .engine(\"docdb\")\n .masterUsername(\"foo\")\n .masterPassword(\"mustbeeightchars\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .skipFinalSnapshot(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n docdb:\n type: aws:docdb:Cluster\n properties:\n clusterIdentifier: my-docdb-cluster\n engine: docdb\n masterUsername: foo\n masterPassword: mustbeeightchars\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n skipFinalSnapshot: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocumentDB Clusters using the `cluster_identifier`. For example:\n\n```sh\n$ pulumi import aws:docdb/cluster:Cluster docdb_cluster docdb-prod-cluster\n```\n", "properties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "A value that indicates whether major version upgrades are allowed. Constraints: You must allow major version upgrades when specifying a value for the EngineVersion parameter that is a different major version than the DB cluster's current version.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, the provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocumentDB Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The DocumentDB Cluster Resource ID\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n" }, "deletionProtection": { "type": "boolean", "description": "A boolean value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. Defaults to `false`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocumentDB instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid values: `docdb`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.docdb.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocumentDB Naming Constraints.\n", "secret": true }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the DocumentDB cluster, automatically load-balanced across replicas\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:docdb/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n" }, "storageType": { "type": "string", "description": "The storage type to associate with the DB cluster. Valid values: `standard`, `iopt1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "required": [ "arn", "availabilityZones", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "dbClusterParameterGroupName", "dbSubnetGroupName", "endpoint", "engineVersion", "hostedZoneId", "kmsKeyId", "masterUsername", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "A value that indicates whether major version upgrades are allowed. Constraints: You must allow major version upgrades when specifying a value for the EngineVersion parameter that is a different major version than the DB cluster's current version.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, the provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocumentDB Instances that are a part of this cluster\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "A boolean value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. Defaults to `false`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid values: `docdb`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.docdb.GlobalCluster`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocumentDB Naming Constraints.\n", "secret": true }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:docdb/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n", "willReplaceOnChanges": true }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "The storage type to associate with the DB cluster. Valid values: `standard`, `iopt1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "A value that indicates whether major version upgrades are allowed. Constraints: You must allow major version upgrades when specifying a value for the EngineVersion parameter that is a different major version than the DB cluster's current version.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that\ninstances in the DB cluster can be created in.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, the provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DocumentDB Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The DocumentDB Cluster Resource ID\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbSubnetGroupName": { "type": "string", "description": "A DB subnet group to associate with this DB instance.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "A boolean value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. Defaults to `false`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "List of log types to export to cloudwatch. If omitted, no logs will be exported.\nThe following log types are supported: `audit`, `profiler`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocumentDB instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this DB cluster. Defaults to `docdb`. Valid values: `docdb`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The database engine version. Updating this argument results in an outage.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB cluster is deleted. If omitted, no final snapshot will be\nmade.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.docdb.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may\nshow up in logs, and it will be stored in the state file. Please refer to the DocumentDB Naming Constraints.\n", "secret": true }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the DB accepts connections\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC\nDefault: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the DocumentDB cluster, automatically load-balanced across replicas\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:docdb/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n", "willReplaceOnChanges": true }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false`.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "The storage type to associate with the DB cluster. Valid values: `standard`, `iopt1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate\nwith the Cluster\n" } }, "type": "object" } }, "aws:docdb/clusterInstance:ClusterInstance": { "description": "Provides an DocumentDB Cluster Resource Instance. A Cluster Instance Resource defines\nattributes that are specific to a single instance in a [DocumentDB Cluster][1].\n\nYou do not designate a primary and subsequent replicas. Instead, you simply add DocumentDB\nInstances and DocumentDB manages the replication. You can use the [count][3]\nmeta-parameter to make multiple instances and join them all to the same DocumentDB\nCluster, or you may specify different Cluster Instance resources with various\n`instance_class` sizes.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.docdb.Cluster(\"default\", {\n clusterIdentifier: \"docdb-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n masterUsername: \"foo\",\n masterPassword: \"barbut8chars\",\n});\nconst clusterInstances: aws.docdb.ClusterInstance[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n clusterInstances.push(new aws.docdb.ClusterInstance(`cluster_instances-${range.value}`, {\n identifier: `docdb-cluster-demo-${range.value}`,\n clusterIdentifier: _default.id,\n instanceClass: \"db.r5.large\",\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.docdb.Cluster(\"default\",\n cluster_identifier=\"docdb-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n master_username=\"foo\",\n master_password=\"barbut8chars\")\ncluster_instances = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n cluster_instances.append(aws.docdb.ClusterInstance(f\"cluster_instances-{range['value']}\",\n identifier=f\"docdb-cluster-demo-{range['value']}\",\n cluster_identifier=default.id,\n instance_class=\"db.r5.large\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.DocDB.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"docdb-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n MasterUsername = \"foo\",\n MasterPassword = \"barbut8chars\",\n });\n\n var clusterInstances = new List\u003cAws.DocDB.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n clusterInstances.Add(new Aws.DocDB.ClusterInstance($\"cluster_instances-{range.Value}\", new()\n {\n Identifier = $\"docdb-cluster-demo-{range.Value}\",\n ClusterIdentifier = @default.Id,\n InstanceClass = \"db.r5.large\",\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewCluster(ctx, \"default\", \u0026docdb.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"docdb-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"barbut8chars\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar clusterInstances []*docdb.ClusterInstance\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := docdb.NewClusterInstance(ctx, fmt.Sprintf(\"cluster_instances-%v\", key0), \u0026docdb.ClusterInstanceArgs{\n\t\t\t\tIdentifier: pulumi.String(fmt.Sprintf(\"docdb-cluster-demo-%v\", val0)),\n\t\t\t\tClusterIdentifier: _default.ID(),\n\t\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\tclusterInstances = append(clusterInstances, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport com.pulumi.aws.docdb.ClusterInstance;\nimport com.pulumi.aws.docdb.ClusterInstanceArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"docdb-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .masterUsername(\"foo\")\n .masterPassword(\"barbut8chars\")\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new ClusterInstance(\"clusterInstances-\" + i, ClusterInstanceArgs.builder()\n .identifier(String.format(\"docdb-cluster-demo-%s\", range.value()))\n .clusterIdentifier(default_.id())\n .instanceClass(\"db.r5.large\")\n .build());\n\n \n}\n }\n}\n```\n```yaml\nresources:\n clusterInstances:\n type: aws:docdb:ClusterInstance\n name: cluster_instances\n properties:\n identifier: docdb-cluster-demo-${range.value}\n clusterIdentifier: ${default.id}\n instanceClass: db.r5.large\n options: {}\n default:\n type: aws:docdb:Cluster\n properties:\n clusterIdentifier: docdb-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n masterUsername: foo\n masterPassword: barbut8chars\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocumentDB Cluster Instances using the `identifier`. For example:\n\n```sh\n$ pulumi import aws:docdb/clusterInstance:ClusterInstance prod_instance_1 aurora-cluster-instance-1\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set (see [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_DBInstance.html)). Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the certificate authority (CA) certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all DB instance `tags` to snapshots. Default is `false`.\n" }, "dbSubnetGroupName": { "type": "string", "description": "The DB subnet group to associate with this DB instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "enablePerformanceInsights": { "type": "boolean", "description": "A value that indicates whether to enable Performance Insights for the DB Instance. Default `false`. See [docs] (https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) about the details.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocumentDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version\n" }, "identifier": { "type": "string", "description": "The identifier for the DocumentDB instance, if omitted, the provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocumentDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance).\nDocumentDB currently supports the below instance classes.\nPlease see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r6g.large\n- db.r6g.xlarge\n- db.r6g.2xlarge\n- db.r6g.4xlarge\n- db.r6g.8xlarge\n- db.r6g.12xlarge\n- db.r6g.16xlarge\n- db.r5.large\n- db.r5.xlarge\n- db.r5.2xlarge\n- db.r5.4xlarge\n- db.r5.12xlarge\n- db.r5.24xlarge\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n- db.t4g.medium\n- db.t3.medium\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon DocumentDB uses your default KMS key.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "arn", "availabilityZone", "caCertIdentifier", "clusterIdentifier", "dbSubnetGroupName", "dbiResourceId", "endpoint", "engineVersion", "identifier", "identifierPrefix", "instanceClass", "kmsKeyId", "performanceInsightsKmsKeyId", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "publiclyAccessible", "storageEncrypted", "tagsAll", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set (see [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_DBInstance.html)). Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n", "willReplaceOnChanges": true }, "caCertIdentifier": { "type": "string", "description": "The identifier of the certificate authority (CA) certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all DB instance `tags` to snapshots. Default is `false`.\n" }, "enablePerformanceInsights": { "type": "boolean", "description": "A value that indicates whether to enable Performance Insights for the DB Instance. Default `false`. See [docs] (https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) about the details.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocumentDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n", "willReplaceOnChanges": true }, "identifier": { "type": "string", "description": "The identifier for the DocumentDB instance, if omitted, the provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocumentDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance).\nDocumentDB currently supports the below instance classes.\nPlease see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r6g.large\n- db.r6g.xlarge\n- db.r6g.2xlarge\n- db.r6g.4xlarge\n- db.r6g.8xlarge\n- db.r6g.12xlarge\n- db.r6g.16xlarge\n- db.r5.large\n- db.r5.xlarge\n- db.r5.2xlarge\n- db.r5.4xlarge\n- db.r5.12xlarge\n- db.r5.24xlarge\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n- db.t4g.medium\n- db.t3.medium\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon DocumentDB uses your default KMS key.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterIdentifier", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set (see [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_DBInstance.html)). Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/documentdb/latest/developerguide/API_CreateDBInstance.html) about the details.\n", "willReplaceOnChanges": true }, "caCertIdentifier": { "type": "string", "description": "The identifier of the certificate authority (CA) certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.docdb.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all DB instance `tags` to snapshots. Default is `false`.\n" }, "dbSubnetGroupName": { "type": "string", "description": "The DB subnet group to associate with this DB instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the DB instance.\n" }, "enablePerformanceInsights": { "type": "boolean", "description": "A value that indicates whether to enable Performance Insights for the DB Instance. Default `false`. See [docs] (https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) about the details.\n" }, "endpoint": { "type": "string", "description": "The DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the DocumentDB instance. Defaults to `docdb`. Valid Values: `docdb`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The database engine version\n" }, "identifier": { "type": "string", "description": "The identifier for the DocumentDB instance, if omitted, the provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "description": "The instance class to use. For details on CPU and memory, see [Scaling for DocumentDB Instances](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-manage-performance.html#db-cluster-manage-scaling-instance).\nDocumentDB currently supports the below instance classes.\nPlease see [AWS Documentation](https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs) for complete details.\n- db.r6g.large\n- db.r6g.xlarge\n- db.r6g.2xlarge\n- db.r6g.4xlarge\n- db.r6g.8xlarge\n- db.r6g.12xlarge\n- db.r6g.16xlarge\n- db.r5.large\n- db.r5.xlarge\n- db.r5.2xlarge\n- db.r5.4xlarge\n- db.r5.12xlarge\n- db.r5.24xlarge\n- db.r4.large\n- db.r4.xlarge\n- db.r4.2xlarge\n- db.r4.4xlarge\n- db.r4.8xlarge\n- db.r4.16xlarge\n- db.t4g.medium\n- db.t3.medium\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the cluster.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon DocumentDB uses your default KMS key.\n" }, "port": { "type": "integer", "description": "The database port\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:docdb/clusterParameterGroup:ClusterParameterGroup": { "description": "Manages a DocumentDB Cluster Parameter Group\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.ClusterParameterGroup(\"example\", {\n family: \"docdb3.6\",\n name: \"example\",\n description: \"docdb cluster parameter group\",\n parameters: [{\n name: \"tls\",\n value: \"enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.ClusterParameterGroup(\"example\",\n family=\"docdb3.6\",\n name=\"example\",\n description=\"docdb cluster parameter group\",\n parameters=[{\n \"name\": \"tls\",\n \"value\": \"enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.ClusterParameterGroup(\"example\", new()\n {\n Family = \"docdb3.6\",\n Name = \"example\",\n Description = \"docdb cluster parameter group\",\n Parameters = new[]\n {\n new Aws.DocDB.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"tls\",\n Value = \"enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewClusterParameterGroup(ctx, \"example\", \u0026docdb.ClusterParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"docdb3.6\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"docdb cluster parameter group\"),\n\t\t\tParameters: docdb.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026docdb.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"tls\"),\n\t\t\t\t\tValue: pulumi.String(\"enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.ClusterParameterGroup;\nimport com.pulumi.aws.docdb.ClusterParameterGroupArgs;\nimport com.pulumi.aws.docdb.inputs.ClusterParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterParameterGroup(\"example\", ClusterParameterGroupArgs.builder()\n .family(\"docdb3.6\")\n .name(\"example\")\n .description(\"docdb cluster parameter group\")\n .parameters(ClusterParameterGroupParameterArgs.builder()\n .name(\"tls\")\n .value(\"enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:ClusterParameterGroup\n properties:\n family: docdb3.6\n name: example\n description: docdb cluster parameter group\n parameters:\n - name: tls\n value: enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocumentDB Cluster Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:docdb/clusterParameterGroup:ClusterParameterGroup cluster_pg production-pg-1\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DocumentDB cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DocumentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the DocumentDB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the DocumentDB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DocumentDB parameters to apply. Setting parameters to system default values may show a difference on imported resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DocumentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DocumentDB cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DocumentDB parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DocumentDB parameters to apply. Setting parameters to system default values may show a difference on imported resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DocumentDB cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DocumentDB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DocumentDB cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DocumentDB parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:docdb/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DocumentDB parameters to apply. Setting parameters to system default values may show a difference on imported resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:docdb/clusterSnapshot:ClusterSnapshot": { "description": "Manages a DocumentDB database cluster snapshot for DocumentDB clusters.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: exampleAwsDocdbCluster.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.ClusterSnapshot(\"example\",\n db_cluster_identifier=example_aws_docdb_cluster[\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.ClusterSnapshot(\"example\", new()\n {\n DbClusterIdentifier = exampleAwsDocdbCluster.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewClusterSnapshot(ctx, \"example\", \u0026docdb.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.Any(exampleAwsDocdbCluster.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.ClusterSnapshot;\nimport com.pulumi.aws.docdb.ClusterSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterSnapshot(\"example\", ClusterSnapshotArgs.builder()\n .dbClusterIdentifier(exampleAwsDocdbCluster.id())\n .dbClusterSnapshotIdentifier(\"resourcetestsnapshot1234\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:ClusterSnapshot\n properties:\n dbClusterIdentifier: ${exampleAwsDocdbCluster.id}\n dbClusterSnapshotIdentifier: resourcetestsnapshot1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_docdb_cluster_snapshot` using the cluster snapshot identifier. For example:\n\n```sh\n$ pulumi import aws:docdb/clusterSnapshot:ClusterSnapshot example my-cluster-snapshot\n```\n", "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DocumentDB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DocumentDB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DocumentDB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DocumentDB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DocumentDB cluster snapshot.\n" }, "port": { "type": "integer", "description": "Port that the DocumentDB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DocumentDB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DocumentDB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DocumentDB cluster snapshot.\n" } }, "required": [ "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DocumentDB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DocumentDB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DocumentDB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DocumentDB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DocumentDB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DocumentDB cluster snapshot.\n" }, "port": { "type": "integer", "description": "Port that the DocumentDB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DocumentDB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DocumentDB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DocumentDB cluster snapshot.\n" } }, "type": "object" } }, "aws:docdb/elasticCluster:ElasticCluster": { "description": "Manages an AWS DocDB (DocumentDB) Elastic Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.ElasticCluster(\"example\", {\n name: \"my-docdb-cluster\",\n adminUserName: \"foo\",\n adminUserPassword: \"mustbeeightchars\",\n authType: \"PLAIN_TEXT\",\n shardCapacity: 2,\n shardCount: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.ElasticCluster(\"example\",\n name=\"my-docdb-cluster\",\n admin_user_name=\"foo\",\n admin_user_password=\"mustbeeightchars\",\n auth_type=\"PLAIN_TEXT\",\n shard_capacity=2,\n shard_count=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.ElasticCluster(\"example\", new()\n {\n Name = \"my-docdb-cluster\",\n AdminUserName = \"foo\",\n AdminUserPassword = \"mustbeeightchars\",\n AuthType = \"PLAIN_TEXT\",\n ShardCapacity = 2,\n ShardCount = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewElasticCluster(ctx, \"example\", \u0026docdb.ElasticClusterArgs{\n\t\t\tName: pulumi.String(\"my-docdb-cluster\"),\n\t\t\tAdminUserName: pulumi.String(\"foo\"),\n\t\t\tAdminUserPassword: pulumi.String(\"mustbeeightchars\"),\n\t\t\tAuthType: pulumi.String(\"PLAIN_TEXT\"),\n\t\t\tShardCapacity: pulumi.Int(2),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.ElasticCluster;\nimport com.pulumi.aws.docdb.ElasticClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ElasticCluster(\"example\", ElasticClusterArgs.builder()\n .name(\"my-docdb-cluster\")\n .adminUserName(\"foo\")\n .adminUserPassword(\"mustbeeightchars\")\n .authType(\"PLAIN_TEXT\")\n .shardCapacity(2)\n .shardCount(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:ElasticCluster\n properties:\n name: my-docdb-cluster\n adminUserName: foo\n adminUserPassword: mustbeeightchars\n authType: PLAIN_TEXT\n shardCapacity: 2\n shardCount: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocDB (DocumentDB) Elastic Cluster using the `arn` argument. For example,\n\n```sh\n$ pulumi import aws:docdb/elasticCluster:ElasticCluster example arn:aws:docdb-elastic:us-east-1:000011112222:cluster/12345678-7abc-def0-1234-56789abcdef\n```\n", "properties": { "adminUserName": { "type": "string", "description": "Name of the Elastic DocumentDB cluster administrator\n" }, "adminUserPassword": { "type": "string", "description": "Password for the Elastic DocumentDB cluster administrator. Can contain any printable ASCII characters. Must be at least 8 characters\n", "secret": true }, "arn": { "type": "string", "description": "ARN of the DocumentDB Elastic Cluster\n" }, "authType": { "type": "string", "description": "Authentication type for the Elastic DocumentDB cluster. Valid values are `PLAIN_TEXT` and `SECRET_ARN`\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocDB instance\n" }, "kmsKeyId": { "type": "string", "description": "ARN of a KMS key that is used to encrypt the Elastic DocumentDB cluster. If not specified, the default encryption key that KMS creates for your account is used.\n" }, "name": { "type": "string", "description": "Name of the Elastic DocumentDB cluster\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur in UTC. Format: `ddd:hh24:mi-ddd:hh24:mi`. If not specified, AWS will choose a random 30-minute window on a random day of the week.\n" }, "shardCapacity": { "type": "integer", "description": "Number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64\n" }, "shardCount": { "type": "integer", "description": "Number of shards assigned to the elastic cluster. Maximum is 32\n\nThe following arguments are optional:\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of subnets in which the Elastic DocumentDB Cluster operates.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:docdb/ElasticClusterTimeouts:ElasticClusterTimeouts" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Elastic DocumentDB Cluster\n" } }, "required": [ "adminUserName", "adminUserPassword", "arn", "authType", "endpoint", "kmsKeyId", "name", "preferredMaintenanceWindow", "shardCapacity", "shardCount", "subnetIds", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "adminUserName": { "type": "string", "description": "Name of the Elastic DocumentDB cluster administrator\n" }, "adminUserPassword": { "type": "string", "description": "Password for the Elastic DocumentDB cluster administrator. Can contain any printable ASCII characters. Must be at least 8 characters\n", "secret": true }, "authType": { "type": "string", "description": "Authentication type for the Elastic DocumentDB cluster. Valid values are `PLAIN_TEXT` and `SECRET_ARN`\n" }, "kmsKeyId": { "type": "string", "description": "ARN of a KMS key that is used to encrypt the Elastic DocumentDB cluster. If not specified, the default encryption key that KMS creates for your account is used.\n" }, "name": { "type": "string", "description": "Name of the Elastic DocumentDB cluster\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur in UTC. Format: `ddd:hh24:mi-ddd:hh24:mi`. If not specified, AWS will choose a random 30-minute window on a random day of the week.\n" }, "shardCapacity": { "type": "integer", "description": "Number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64\n" }, "shardCount": { "type": "integer", "description": "Number of shards assigned to the elastic cluster. Maximum is 32\n\nThe following arguments are optional:\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of subnets in which the Elastic DocumentDB Cluster operates.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:docdb/ElasticClusterTimeouts:ElasticClusterTimeouts" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Elastic DocumentDB Cluster\n" } }, "requiredInputs": [ "adminUserName", "adminUserPassword", "authType", "shardCapacity", "shardCount" ], "stateInputs": { "description": "Input properties used for looking up and filtering ElasticCluster resources.\n", "properties": { "adminUserName": { "type": "string", "description": "Name of the Elastic DocumentDB cluster administrator\n" }, "adminUserPassword": { "type": "string", "description": "Password for the Elastic DocumentDB cluster administrator. Can contain any printable ASCII characters. Must be at least 8 characters\n", "secret": true }, "arn": { "type": "string", "description": "ARN of the DocumentDB Elastic Cluster\n" }, "authType": { "type": "string", "description": "Authentication type for the Elastic DocumentDB cluster. Valid values are `PLAIN_TEXT` and `SECRET_ARN`\n" }, "endpoint": { "type": "string", "description": "The DNS address of the DocDB instance\n" }, "kmsKeyId": { "type": "string", "description": "ARN of a KMS key that is used to encrypt the Elastic DocumentDB cluster. If not specified, the default encryption key that KMS creates for your account is used.\n" }, "name": { "type": "string", "description": "Name of the Elastic DocumentDB cluster\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur in UTC. Format: `ddd:hh24:mi-ddd:hh24:mi`. If not specified, AWS will choose a random 30-minute window on a random day of the week.\n" }, "shardCapacity": { "type": "integer", "description": "Number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64\n" }, "shardCount": { "type": "integer", "description": "Number of shards assigned to the elastic cluster. Maximum is 32\n\nThe following arguments are optional:\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of subnets in which the Elastic DocumentDB Cluster operates.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:docdb/ElasticClusterTimeouts:ElasticClusterTimeouts" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Elastic DocumentDB Cluster\n" } }, "type": "object" } }, "aws:docdb/eventSubscription:EventSubscription": { "description": "Provides a DocumentDB event subscription resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.Cluster(\"example\", {\n clusterIdentifier: \"example\",\n availabilityZones: [\n available.names[0],\n available.names[1],\n available.names[2],\n ],\n masterUsername: \"foo\",\n masterPassword: \"mustbeeightcharaters\",\n skipFinalSnapshot: true,\n});\nconst exampleTopic = new aws.sns.Topic(\"example\", {name: \"example-events\"});\nconst exampleEventSubscription = new aws.docdb.EventSubscription(\"example\", {\n name: \"example\",\n enabled: true,\n eventCategories: [\n \"creation\",\n \"failure\",\n ],\n sourceType: \"db-cluster\",\n sourceIds: [example.id],\n snsTopicArn: exampleTopic.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.Cluster(\"example\",\n cluster_identifier=\"example\",\n availability_zones=[\n available[\"names\"],\n available[\"names\"],\n available[\"names\"],\n ],\n master_username=\"foo\",\n master_password=\"mustbeeightcharaters\",\n skip_final_snapshot=True)\nexample_topic = aws.sns.Topic(\"example\", name=\"example-events\")\nexample_event_subscription = aws.docdb.EventSubscription(\"example\",\n name=\"example\",\n enabled=True,\n event_categories=[\n \"creation\",\n \"failure\",\n ],\n source_type=\"db-cluster\",\n source_ids=[example.id],\n sns_topic_arn=example_topic.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example\",\n AvailabilityZones = new[]\n {\n available.Names[0],\n available.Names[1],\n available.Names[2],\n },\n MasterUsername = \"foo\",\n MasterPassword = \"mustbeeightcharaters\",\n SkipFinalSnapshot = true,\n });\n\n var exampleTopic = new Aws.Sns.Topic(\"example\", new()\n {\n Name = \"example-events\",\n });\n\n var exampleEventSubscription = new Aws.DocDB.EventSubscription(\"example\", new()\n {\n Name = \"example\",\n Enabled = true,\n EventCategories = new[]\n {\n \"creation\",\n \"failure\",\n },\n SourceType = \"db-cluster\",\n SourceIds = new[]\n {\n example.Id,\n },\n SnsTopicArn = exampleTopic.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewCluster(ctx, \"example\", \u0026docdb.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tavailable.Names[0],\n\t\t\t\tavailable.Names[1],\n\t\t\t\tavailable.Names[2],\n\t\t\t},\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightcharaters\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := sns.NewTopic(ctx, \"example\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"example-events\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewEventSubscription(ctx, \"example\", \u0026docdb.EventSubscriptionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"creation\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t},\n\t\t\tSourceType: pulumi.String(\"db-cluster\"),\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\texample.ID(),\n\t\t\t},\n\t\t\tSnsTopicArn: exampleTopic.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.docdb.EventSubscription;\nimport com.pulumi.aws.docdb.EventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterIdentifier(\"example\")\n .availabilityZones( \n available.names()[0],\n available.names()[1],\n available.names()[2])\n .masterUsername(\"foo\")\n .masterPassword(\"mustbeeightcharaters\")\n .skipFinalSnapshot(true)\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-events\")\n .build());\n\n var exampleEventSubscription = new EventSubscription(\"exampleEventSubscription\", EventSubscriptionArgs.builder()\n .name(\"example\")\n .enabled(true)\n .eventCategories( \n \"creation\",\n \"failure\")\n .sourceType(\"db-cluster\")\n .sourceIds(example.id())\n .snsTopicArn(exampleTopic.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:Cluster\n properties:\n clusterIdentifier: example\n availabilityZones:\n - ${available.names[0]}\n - ${available.names[1]}\n - ${available.names[2]}\n masterUsername: foo\n masterPassword: mustbeeightcharaters\n skipFinalSnapshot: true\n exampleTopic:\n type: aws:sns:Topic\n name: example\n properties:\n name: example-events\n exampleEventSubscription:\n type: aws:docdb:EventSubscription\n name: example\n properties:\n name: example\n enabled: true\n eventCategories:\n - creation\n - failure\n sourceType: db-cluster\n sourceIds:\n - ${example.id}\n snsTopicArn: ${exampleTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocumentDB Event Subscriptions using the `name`. For example:\n\n```sh\n$ pulumi import aws:docdb/eventSubscription:EventSubscription example event-sub\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the DocumentDB event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the DocumentDB event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/documentdb/latest/developerguide/API_Event.html or run `aws docdb describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DocumentDB event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the DocumentDB event subscription. Conflicts with `name`.\n" }, "snsTopicArn": { "type": "string" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-cluster`, `db-parameter-group`, `db-security-group`,` db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "customerAwsId", "name", "namePrefix", "snsTopicArn", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/documentdb/latest/developerguide/API_Event.html or run `aws docdb describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DocumentDB event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the DocumentDB event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-cluster`, `db-parameter-group`, `db-security-group`,` db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the DocumentDB event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the DocumentDB event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/documentdb/latest/developerguide/API_Event.html or run `aws docdb describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DocumentDB event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the DocumentDB event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-cluster`, `db-parameter-group`, `db-security-group`,` db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:docdb/globalCluster:GlobalCluster": { "description": "Manages an DocumentDB Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon DocumentDB automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about DocumentDB Global Clusters can be found in the [DocumentDB Developer Guide](https://docs.aws.amazon.com/documentdb/latest/developerguide/global-clusters.html).\n\n## Example Usage\n\n### New DocumentDB Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"docdb\",\n engineVersion: \"4.0.0\",\n});\nconst primary = new aws.docdb.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.docdb.ClusterInstance(\"primary\", {\n engine: example.engine,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n});\nconst secondary = new aws.docdb.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primary],\n});\nconst secondaryClusterInstance = new aws.docdb.ClusterInstance(\"secondary\", {\n engine: example.engine,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"docdb\",\n engine_version=\"4.0.0\")\nprimary = aws.docdb.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.docdb.ClusterInstance(\"primary\",\n engine=example.engine,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\")\nsecondary = aws.docdb.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\",\n opts = pulumi.ResourceOptions(depends_on=[primary]))\nsecondary_cluster_instance = aws.docdb.ClusterInstance(\"secondary\",\n engine=example.engine,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\",\n opts = pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"docdb\",\n EngineVersion = \"4.0.0\",\n });\n\n var primary = new Aws.DocDB.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.DocDB.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n });\n\n var secondary = new Aws.DocDB.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primary,\n },\n });\n\n var secondaryClusterInstance = new Aws.DocDB.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"docdb\"),\n\t\t\tEngineVersion: pulumi.String(\"4.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := docdb.NewCluster(ctx, \"primary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := docdb.NewClusterInstance(ctx, \"primary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := docdb.NewCluster(ctx, \"secondary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewClusterInstance(ctx, \"secondary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport com.pulumi.aws.docdb.ClusterInstance;\nimport com.pulumi.aws.docdb.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"global-test\")\n .engine(\"docdb\")\n .engineVersion(\"4.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primary)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: docdb\n engineVersion: 4.0.0\n primary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n secondary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primary}\n secondaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n options:\n dependson:\n - ${primaryClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.Cluster(\"example\")\nexample_global_cluster = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:Cluster\n exampleGlobalCluster:\n type: aws:docdb:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_docdb_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:docdb/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `docdb`. Defaults to `docdb`. Conflicts with `source_db_cluster_identifier`.\n" }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n" }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:docdb/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed.\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n" }, "status": { "type": "string" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n" } }, "required": [ "arn", "engine", "engineVersion", "globalClusterIdentifier", "globalClusterMembers", "globalClusterResourceId", "sourceDbClusterIdentifier", "status", "storageEncrypted" ], "inputProperties": { "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `docdb`. Defaults to `docdb`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n", "willReplaceOnChanges": true }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "globalClusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalCluster resources.\n", "properties": { "arn": { "type": "string", "description": "Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `docdb`. Defaults to `docdb`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n", "willReplaceOnChanges": true }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:docdb/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed.\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "status": { "type": "string" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:docdb/subnetGroup:SubnetGroup": { "description": "Provides an DocumentDB subnet group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.docdb.SubnetGroup(\"default\", {\n name: \"main\",\n subnetIds: [\n frontend.id,\n backend.id,\n ],\n tags: {\n Name: \"My docdb subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.docdb.SubnetGroup(\"default\",\n name=\"main\",\n subnet_ids=[\n frontend[\"id\"],\n backend[\"id\"],\n ],\n tags={\n \"Name\": \"My docdb subnet group\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.DocDB.SubnetGroup(\"default\", new()\n {\n Name = \"main\",\n SubnetIds = new[]\n {\n frontend.Id,\n backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My docdb subnet group\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.NewSubnetGroup(ctx, \"default\", \u0026docdb.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"main\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfrontend.Id,\n\t\t\t\tbackend.Id,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My docdb subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.SubnetGroup;\nimport com.pulumi.aws.docdb.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SubnetGroup(\"default\", SubnetGroupArgs.builder()\n .name(\"main\")\n .subnetIds( \n frontend.id(),\n backend.id())\n .tags(Map.of(\"Name\", \"My docdb subnet group\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:docdb:SubnetGroup\n properties:\n name: main\n subnetIds:\n - ${frontend.id}\n - ${backend.id}\n tags:\n Name: My docdb subnet group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DocumentDB Subnet groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:docdb/subnetGroup:SubnetGroup default production-subnet-group\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the docDB subnet group.\n" }, "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the docDB subnet group.\n" }, "description": { "type": "string", "description": "The description of the docDB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the docDB subnet group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:drs/replicationConfigurationTemplate:ReplicationConfigurationTemplate": { "description": "Provides an Elastic Disaster Recovery replication configuration template resource. Before using DRS, your account must be [initialized](https://docs.aws.amazon.com/drs/latest/userguide/getting-started-initializing.html).\n\n\u003e **NOTE:** Your configuration must use the PIT policy shown in the basic configuration due to AWS rules. The only value that you can change is the `retention_duration` of `rule_id` 3.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import DRS Replication Configuration Template using the `id`. For example:\n\n```sh\n$ pulumi import aws:drs/replicationConfigurationTemplate:ReplicationConfigurationTemplate example templateid\n```\n", "properties": { "arn": { "type": "string", "description": "Replication configuration template ARN.\n" }, "associateDefaultSecurityGroup": { "type": "boolean", "description": "Whether to associate the default Elastic Disaster Recovery Security group with the Replication Configuration Template.\n" }, "autoReplicateNewDisks": { "type": "boolean", "description": "Whether to allow the AWS replication agent to automatically replicate newly added disks.\n" }, "bandwidthThrottling": { "type": "integer", "description": "Configure bandwidth throttling for the outbound data transfer rate of the Source Server in Mbps.\n" }, "createPublicIp": { "type": "boolean", "description": "Whether to create a Public IP for the Recovery Instance by default.\n" }, "dataPlaneRouting": { "type": "string", "description": "Data plane routing mechanism that will be used for replication. Valid values are `PUBLIC_IP` and `PRIVATE_IP`.\n" }, "defaultLargeStagingDiskType": { "type": "string", "description": "Staging Disk EBS volume type to be used during replication. Valid values are `GP2`, `GP3`, `ST1`, or `AUTO`.\n" }, "ebsEncryption": { "type": "string", "description": "Type of EBS encryption to be used during replication. Valid values are `DEFAULT` and `CUSTOM`.\n" }, "ebsEncryptionKeyArn": { "type": "string", "description": "ARN of the EBS encryption key to be used during replication.\n" }, "pitPolicies": { "type": "array", "items": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplatePitPolicy:ReplicationConfigurationTemplatePitPolicy" }, "description": "Configuration block for Point in time (PIT) policy to manage snapshots taken during replication. See below.\n" }, "replicationServerInstanceType": { "type": "string", "description": "Instance type to be used for the replication server.\n" }, "replicationServersSecurityGroupsIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs that will be used by the replication server.\n" }, "stagingAreaSubnetId": { "type": "string", "description": "Subnet to be used by the replication staging area.\n" }, "stagingAreaTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with the Replication Configuration Template resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplateTimeouts:ReplicationConfigurationTemplateTimeouts" }, "useDedicatedReplicationServer": { "type": "boolean", "description": "Whether to use a dedicated Replication Server in the replication staging area.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "associateDefaultSecurityGroup", "autoReplicateNewDisks", "bandwidthThrottling", "createPublicIp", "dataPlaneRouting", "defaultLargeStagingDiskType", "ebsEncryption", "replicationServerInstanceType", "replicationServersSecurityGroupsIds", "stagingAreaSubnetId", "tagsAll", "useDedicatedReplicationServer" ], "inputProperties": { "associateDefaultSecurityGroup": { "type": "boolean", "description": "Whether to associate the default Elastic Disaster Recovery Security group with the Replication Configuration Template.\n" }, "autoReplicateNewDisks": { "type": "boolean", "description": "Whether to allow the AWS replication agent to automatically replicate newly added disks.\n" }, "bandwidthThrottling": { "type": "integer", "description": "Configure bandwidth throttling for the outbound data transfer rate of the Source Server in Mbps.\n" }, "createPublicIp": { "type": "boolean", "description": "Whether to create a Public IP for the Recovery Instance by default.\n" }, "dataPlaneRouting": { "type": "string", "description": "Data plane routing mechanism that will be used for replication. Valid values are `PUBLIC_IP` and `PRIVATE_IP`.\n" }, "defaultLargeStagingDiskType": { "type": "string", "description": "Staging Disk EBS volume type to be used during replication. Valid values are `GP2`, `GP3`, `ST1`, or `AUTO`.\n" }, "ebsEncryption": { "type": "string", "description": "Type of EBS encryption to be used during replication. Valid values are `DEFAULT` and `CUSTOM`.\n" }, "ebsEncryptionKeyArn": { "type": "string", "description": "ARN of the EBS encryption key to be used during replication.\n" }, "pitPolicies": { "type": "array", "items": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplatePitPolicy:ReplicationConfigurationTemplatePitPolicy" }, "description": "Configuration block for Point in time (PIT) policy to manage snapshots taken during replication. See below.\n" }, "replicationServerInstanceType": { "type": "string", "description": "Instance type to be used for the replication server.\n" }, "replicationServersSecurityGroupsIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs that will be used by the replication server.\n" }, "stagingAreaSubnetId": { "type": "string", "description": "Subnet to be used by the replication staging area.\n" }, "stagingAreaTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with the Replication Configuration Template resource.\n" }, "timeouts": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplateTimeouts:ReplicationConfigurationTemplateTimeouts" }, "useDedicatedReplicationServer": { "type": "boolean", "description": "Whether to use a dedicated Replication Server in the replication staging area.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "associateDefaultSecurityGroup", "bandwidthThrottling", "createPublicIp", "dataPlaneRouting", "defaultLargeStagingDiskType", "ebsEncryption", "replicationServerInstanceType", "replicationServersSecurityGroupsIds", "stagingAreaSubnetId", "useDedicatedReplicationServer" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationConfigurationTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "Replication configuration template ARN.\n" }, "associateDefaultSecurityGroup": { "type": "boolean", "description": "Whether to associate the default Elastic Disaster Recovery Security group with the Replication Configuration Template.\n" }, "autoReplicateNewDisks": { "type": "boolean", "description": "Whether to allow the AWS replication agent to automatically replicate newly added disks.\n" }, "bandwidthThrottling": { "type": "integer", "description": "Configure bandwidth throttling for the outbound data transfer rate of the Source Server in Mbps.\n" }, "createPublicIp": { "type": "boolean", "description": "Whether to create a Public IP for the Recovery Instance by default.\n" }, "dataPlaneRouting": { "type": "string", "description": "Data plane routing mechanism that will be used for replication. Valid values are `PUBLIC_IP` and `PRIVATE_IP`.\n" }, "defaultLargeStagingDiskType": { "type": "string", "description": "Staging Disk EBS volume type to be used during replication. Valid values are `GP2`, `GP3`, `ST1`, or `AUTO`.\n" }, "ebsEncryption": { "type": "string", "description": "Type of EBS encryption to be used during replication. Valid values are `DEFAULT` and `CUSTOM`.\n" }, "ebsEncryptionKeyArn": { "type": "string", "description": "ARN of the EBS encryption key to be used during replication.\n" }, "pitPolicies": { "type": "array", "items": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplatePitPolicy:ReplicationConfigurationTemplatePitPolicy" }, "description": "Configuration block for Point in time (PIT) policy to manage snapshots taken during replication. See below.\n" }, "replicationServerInstanceType": { "type": "string", "description": "Instance type to be used for the replication server.\n" }, "replicationServersSecurityGroupsIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs that will be used by the replication server.\n" }, "stagingAreaSubnetId": { "type": "string", "description": "Subnet to be used by the replication staging area.\n" }, "stagingAreaTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Set of tags to be associated with the Replication Configuration Template resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:drs/ReplicationConfigurationTemplateTimeouts:ReplicationConfigurationTemplateTimeouts" }, "useDedicatedReplicationServer": { "type": "boolean", "description": "Whether to use a dedicated Replication Server in the replication staging area.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:dynamodb/contributorInsights:ContributorInsights": { "description": "Provides a DynamoDB contributor insights resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.dynamodb.ContributorInsights(\"test\", {tableName: \"ExampleTableName\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dynamodb.ContributorInsights(\"test\", table_name=\"ExampleTableName\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.DynamoDB.ContributorInsights(\"test\", new()\n {\n TableName = \"ExampleTableName\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewContributorInsights(ctx, \"test\", \u0026dynamodb.ContributorInsightsArgs{\n\t\t\tTableName: pulumi.String(\"ExampleTableName\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.ContributorInsights;\nimport com.pulumi.aws.dynamodb.ContributorInsightsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContributorInsights(\"test\", ContributorInsightsArgs.builder()\n .tableName(\"ExampleTableName\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:dynamodb:ContributorInsights\n properties:\n tableName: ExampleTableName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_dynamodb_contributor_insights` using the format `name:table_name/index:index_name`, followed by the account number. For example:\n\n```sh\n$ pulumi import aws:dynamodb/contributorInsights:ContributorInsights test name:ExampleTableName/index:ExampleIndexName/123456789012\n```\n", "properties": { "indexName": { "type": "string", "description": "The global secondary index name\n" }, "tableName": { "type": "string", "description": "The name of the table to enable contributor insights\n" } }, "required": [ "tableName" ], "inputProperties": { "indexName": { "type": "string", "description": "The global secondary index name\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the table to enable contributor insights\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContributorInsights resources.\n", "properties": { "indexName": { "type": "string", "description": "The global secondary index name\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the table to enable contributor insights\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:dynamodb/globalTable:GlobalTable": { "description": "Manages [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html). These are layered on top of existing DynamoDB Tables.\n\n\u003e **NOTE:** To instead manage [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html), use the `aws.dynamodb.Table` resource `replica` configuration block.\n\n\u003e Note: There are many restrictions before you can properly create DynamoDB Global Tables in multiple regions. See the [AWS DynamoDB Global Table Requirements](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables_reqs_bestpractices.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst us_east_1 = new aws.dynamodb.Table(\"us-east-1\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst us_west_2 = new aws.dynamodb.Table(\"us-west-2\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst myTable = new aws.dynamodb.GlobalTable(\"myTable\", {\n name: \"myTable\",\n replicas: [\n {\n regionName: \"us-east-1\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n}, {\n dependsOn: [\n us_east_1,\n us_west_2,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nus_east_1 = aws.dynamodb.Table(\"us-east-1\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[{\n \"name\": \"myAttribute\",\n \"type\": \"S\",\n }])\nus_west_2 = aws.dynamodb.Table(\"us-west-2\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[{\n \"name\": \"myAttribute\",\n \"type\": \"S\",\n }])\nmy_table = aws.dynamodb.GlobalTable(\"myTable\",\n name=\"myTable\",\n replicas=[\n {\n \"region_name\": \"us-east-1\",\n },\n {\n \"region_name\": \"us-west-2\",\n },\n ],\n opts = pulumi.ResourceOptions(depends_on=[\n us_east_1,\n us_west_2,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var us_east_1 = new Aws.DynamoDB.Table(\"us-east-1\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var us_west_2 = new Aws.DynamoDB.Table(\"us-west-2\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var myTable = new Aws.DynamoDB.GlobalTable(\"myTable\", new()\n {\n Name = \"myTable\",\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-east-1\",\n },\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n us_east_1,\n us_west_2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"us-east-1\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTable(ctx, \"us-west-2\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewGlobalTable(ctx, \"myTable\", \u0026dynamodb.GlobalTableArgs{\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tReplicas: dynamodb.GlobalTableReplicaArray{\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-1\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tus_east_1,\n\t\t\tus_west_2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.GlobalTable;\nimport com.pulumi.aws.dynamodb.GlobalTableArgs;\nimport com.pulumi.aws.dynamodb.inputs.GlobalTableReplicaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var us_east_1 = new Table(\"us-east-1\", TableArgs.builder()\n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var us_west_2 = new Table(\"us-west-2\", TableArgs.builder()\n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var myTable = new GlobalTable(\"myTable\", GlobalTableArgs.builder()\n .name(\"myTable\")\n .replicas( \n GlobalTableReplicaArgs.builder()\n .regionName(\"us-east-1\")\n .build(),\n GlobalTableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n us_east_1,\n us_west_2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n us-east-1:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n us-west-2:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n myTable:\n type: aws:dynamodb:GlobalTable\n properties:\n name: myTable\n replicas:\n - regionName: us-east-1\n - regionName: us-west-2\n options:\n dependson:\n - ${[\"us-east-1\"]}\n - ${[\"us-west-2\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB Global Tables using the global table name. For example:\n\n```sh\n$ pulumi import aws:dynamodb/globalTable:GlobalTable MyTable MyTable\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DynamoDB Global Table\n" }, "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "required": [ "arn", "name", "replicas" ], "inputProperties": { "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n", "willReplaceOnChanges": true }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "requiredInputs": [ "replicas" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DynamoDB Global Table\n" }, "name": { "type": "string", "description": "The name of the global table. Must match underlying DynamoDB Table names in all regions.\n", "willReplaceOnChanges": true }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/GlobalTableReplica:GlobalTableReplica" }, "description": "Underlying DynamoDB Table. At least 1 replica must be defined. See below.\n" } }, "type": "object" } }, "aws:dynamodb/kinesisStreamingDestination:KinesisStreamingDestination": { "description": "Enables a [Kinesis streaming destination](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/kds.html) for data replication of a DynamoDB table.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"orders\",\n hashKey: \"id\",\n attributes: [{\n name: \"id\",\n type: \"S\",\n }],\n});\nconst exampleStream = new aws.kinesis.Stream(\"example\", {\n name: \"order_item_changes\",\n shardCount: 1,\n});\nconst exampleKinesisStreamingDestination = new aws.dynamodb.KinesisStreamingDestination(\"example\", {\n streamArn: exampleStream.arn,\n tableName: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"orders\",\n hash_key=\"id\",\n attributes=[{\n \"name\": \"id\",\n \"type\": \"S\",\n }])\nexample_stream = aws.kinesis.Stream(\"example\",\n name=\"order_item_changes\",\n shard_count=1)\nexample_kinesis_streaming_destination = aws.dynamodb.KinesisStreamingDestination(\"example\",\n stream_arn=example_stream.arn,\n table_name=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"orders\",\n HashKey = \"id\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"id\",\n Type = \"S\",\n },\n },\n });\n\n var exampleStream = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"order_item_changes\",\n ShardCount = 1,\n });\n\n var exampleKinesisStreamingDestination = new Aws.DynamoDB.KinesisStreamingDestination(\"example\", new()\n {\n StreamArn = exampleStream.Arn,\n TableName = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"orders\"),\n\t\t\tHashKey: pulumi.String(\"id\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"id\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStream, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"order_item_changes\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewKinesisStreamingDestination(ctx, \"example\", \u0026dynamodb.KinesisStreamingDestinationArgs{\n\t\t\tStreamArn: exampleStream.Arn,\n\t\t\tTableName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.dynamodb.KinesisStreamingDestination;\nimport com.pulumi.aws.dynamodb.KinesisStreamingDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"orders\")\n .hashKey(\"id\")\n .attributes(TableAttributeArgs.builder()\n .name(\"id\")\n .type(\"S\")\n .build())\n .build());\n\n var exampleStream = new Stream(\"exampleStream\", StreamArgs.builder()\n .name(\"order_item_changes\")\n .shardCount(1)\n .build());\n\n var exampleKinesisStreamingDestination = new KinesisStreamingDestination(\"exampleKinesisStreamingDestination\", KinesisStreamingDestinationArgs.builder()\n .streamArn(exampleStream.arn())\n .tableName(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: orders\n hashKey: id\n attributes:\n - name: id\n type: S\n exampleStream:\n type: aws:kinesis:Stream\n name: example\n properties:\n name: order_item_changes\n shardCount: 1\n exampleKinesisStreamingDestination:\n type: aws:dynamodb:KinesisStreamingDestination\n name: example\n properties:\n streamArn: ${exampleStream.arn}\n tableName: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB Kinesis Streaming Destinations using the `table_name` and `stream_arn` separated by `,`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/kinesisStreamingDestination:KinesisStreamingDestination example example,arn:aws:kinesis:us-east-1:111122223333:exampleStreamName\n```\n", "properties": { "streamArn": { "type": "string", "description": "The ARN for a Kinesis data stream. This must exist in the same account and region as the DynamoDB table.\n" }, "tableName": { "type": "string", "description": "The name of the DynamoDB table. There\ncan only be one Kinesis streaming destination for a given DynamoDB table.\n" } }, "required": [ "streamArn", "tableName" ], "inputProperties": { "streamArn": { "type": "string", "description": "The ARN for a Kinesis data stream. This must exist in the same account and region as the DynamoDB table.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the DynamoDB table. There\ncan only be one Kinesis streaming destination for a given DynamoDB table.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "streamArn", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering KinesisStreamingDestination resources.\n", "properties": { "streamArn": { "type": "string", "description": "The ARN for a Kinesis data stream. This must exist in the same account and region as the DynamoDB table.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the DynamoDB table. There\ncan only be one Kinesis streaming destination for a given DynamoDB table.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:dynamodb/resourcePolicy:ResourcePolicy": { "description": "Resource for managing an AWS DynamoDB Resource Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsDynamodbTable.arn,\n policy: test.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.ResourcePolicy(\"example\",\n resource_arn=example_aws_dynamodb_table[\"arn\"],\n policy=test[\"json\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsDynamodbTable.Arn,\n Policy = test.Json,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewResourcePolicy(ctx, \"example\", \u0026dynamodb.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsDynamodbTable.Arn),\n\t\t\tPolicy: pulumi.Any(test.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.ResourcePolicy;\nimport com.pulumi.aws.dynamodb.ResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsDynamodbTable.arn())\n .policy(test.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsDynamodbTable.arn}\n policy: ${test.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB Resource Policy using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/resourcePolicy:ResourcePolicy example arn:aws:dynamodb:us-east-1:1234567890:table/my-table\n```\n", "properties": { "confirmRemoveSelfResourceAccess": { "type": "boolean", "description": "Set this parameter to true to confirm that you want to remove your permissions to change the policy of this resource in the future.\n" }, "policy": { "type": "string", "description": "n Amazon Web Services resource-based policy document in JSON format. The maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that you should keep in mind while attaching a resource-based policy, see Resource-based policy considerations.\n\nThe following arguments are optional:\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DynamoDB resource to which the policy will be attached. The resources you can specify include tables and streams. You can control index permissions using the base table's policy. To specify the same permission level for your table and its indexes, you can provide both the table and index Amazon Resource Name (ARN)s in the Resource field of a given Statement in your policy document. Alternatively, to specify different permissions for your table, indexes, or both, you can define multiple Statement fields in your policy document.\n" }, "revisionId": { "type": "string", "description": "A unique string that represents the revision ID of the policy. If you are comparing revision IDs, make sure to always use string comparison logic.\n" } }, "required": [ "confirmRemoveSelfResourceAccess", "policy", "resourceArn", "revisionId" ], "inputProperties": { "confirmRemoveSelfResourceAccess": { "type": "boolean", "description": "Set this parameter to true to confirm that you want to remove your permissions to change the policy of this resource in the future.\n" }, "policy": { "type": "string", "description": "n Amazon Web Services resource-based policy document in JSON format. The maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that you should keep in mind while attaching a resource-based policy, see Resource-based policy considerations.\n\nThe following arguments are optional:\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DynamoDB resource to which the policy will be attached. The resources you can specify include tables and streams. You can control index permissions using the base table's policy. To specify the same permission level for your table and its indexes, you can provide both the table and index Amazon Resource Name (ARN)s in the Resource field of a given Statement in your policy document. Alternatively, to specify different permissions for your table, indexes, or both, you can define multiple Statement fields in your policy document.\n" } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "confirmRemoveSelfResourceAccess": { "type": "boolean", "description": "Set this parameter to true to confirm that you want to remove your permissions to change the policy of this resource in the future.\n" }, "policy": { "type": "string", "description": "n Amazon Web Services resource-based policy document in JSON format. The maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that you should keep in mind while attaching a resource-based policy, see Resource-based policy considerations.\n\nThe following arguments are optional:\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DynamoDB resource to which the policy will be attached. The resources you can specify include tables and streams. You can control index permissions using the base table's policy. To specify the same permission level for your table and its indexes, you can provide both the table and index Amazon Resource Name (ARN)s in the Resource field of a given Statement in your policy document. Alternatively, to specify different permissions for your table, indexes, or both, you can define multiple Statement fields in your policy document.\n" }, "revisionId": { "type": "string", "description": "A unique string that represents the revision ID of the policy. If you are comparing revision IDs, make sure to always use string comparison logic.\n" } }, "type": "object" } }, "aws:dynamodb/table:Table": { "description": "Provides a DynamoDB table resource.\n\n\u003e **Note:** It is recommended to use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) for `read_capacity` and/or `write_capacity` if there's `autoscaling policy` attached to the table.\n\n\u003e **Note:** When using aws.dynamodb.TableReplica with this resource, use `lifecycle` `ignore_changes` for `replica`, _e.g._, `lifecycle { ignore_changes = [replica] }`.\n\n## DynamoDB Table attributes\n\nOnly define attributes on the table object that are going to be used as:\n\n* Table hash key or range key\n* LSI or GSI hash key or range key\n\nThe DynamoDB API expects attribute structure (name and type) to be passed along when creating or updating GSI/LSIs or creating the initial table. In these cases it expects the Hash / Range keys to be provided. Because these get re-used in numerous places (i.e the table's range key could be a part of one or more GSIs), they are stored on the table object to prevent duplication and increase consistency. If you add attributes here that are not used in these scenarios it can cause an infinite loop in planning.\n\n## Example Usage\n\n### Basic Example\n\nThe following dynamodb table description models the table and GSI shown in the [AWS SDK example documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst basic_dynamodb_table = new aws.dynamodb.Table(\"basic-dynamodb-table\", {\n name: \"GameScores\",\n billingMode: \"PROVISIONED\",\n readCapacity: 20,\n writeCapacity: 20,\n hashKey: \"UserId\",\n rangeKey: \"GameTitle\",\n attributes: [\n {\n name: \"UserId\",\n type: \"S\",\n },\n {\n name: \"GameTitle\",\n type: \"S\",\n },\n {\n name: \"TopScore\",\n type: \"N\",\n },\n ],\n ttl: {\n attributeName: \"TimeToExist\",\n enabled: true,\n },\n globalSecondaryIndexes: [{\n name: \"GameTitleIndex\",\n hashKey: \"GameTitle\",\n rangeKey: \"TopScore\",\n writeCapacity: 10,\n readCapacity: 10,\n projectionType: \"INCLUDE\",\n nonKeyAttributes: [\"UserId\"],\n }],\n tags: {\n Name: \"dynamodb-table-1\",\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbasic_dynamodb_table = aws.dynamodb.Table(\"basic-dynamodb-table\",\n name=\"GameScores\",\n billing_mode=\"PROVISIONED\",\n read_capacity=20,\n write_capacity=20,\n hash_key=\"UserId\",\n range_key=\"GameTitle\",\n attributes=[\n {\n \"name\": \"UserId\",\n \"type\": \"S\",\n },\n {\n \"name\": \"GameTitle\",\n \"type\": \"S\",\n },\n {\n \"name\": \"TopScore\",\n \"type\": \"N\",\n },\n ],\n ttl={\n \"attribute_name\": \"TimeToExist\",\n \"enabled\": True,\n },\n global_secondary_indexes=[{\n \"name\": \"GameTitleIndex\",\n \"hash_key\": \"GameTitle\",\n \"range_key\": \"TopScore\",\n \"write_capacity\": 10,\n \"read_capacity\": 10,\n \"projection_type\": \"INCLUDE\",\n \"non_key_attributes\": [\"UserId\"],\n }],\n tags={\n \"Name\": \"dynamodb-table-1\",\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic_dynamodb_table = new Aws.DynamoDB.Table(\"basic-dynamodb-table\", new()\n {\n Name = \"GameScores\",\n BillingMode = \"PROVISIONED\",\n ReadCapacity = 20,\n WriteCapacity = 20,\n HashKey = \"UserId\",\n RangeKey = \"GameTitle\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"GameTitle\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TopScore\",\n Type = \"N\",\n },\n },\n Ttl = new Aws.DynamoDB.Inputs.TableTtlArgs\n {\n AttributeName = \"TimeToExist\",\n Enabled = true,\n },\n GlobalSecondaryIndexes = new[]\n {\n new Aws.DynamoDB.Inputs.TableGlobalSecondaryIndexArgs\n {\n Name = \"GameTitleIndex\",\n HashKey = \"GameTitle\",\n RangeKey = \"TopScore\",\n WriteCapacity = 10,\n ReadCapacity = 10,\n ProjectionType = \"INCLUDE\",\n NonKeyAttributes = new[]\n {\n \"UserId\",\n },\n },\n },\n Tags = \n {\n { \"Name\", \"dynamodb-table-1\" },\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"basic-dynamodb-table\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"GameScores\"),\n\t\t\tBillingMode: pulumi.String(\"PROVISIONED\"),\n\t\t\tReadCapacity: pulumi.Int(20),\n\t\t\tWriteCapacity: pulumi.Int(20),\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tRangeKey: pulumi.String(\"GameTitle\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TopScore\"),\n\t\t\t\t\tType: pulumi.String(\"N\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTtl: \u0026dynamodb.TableTtlArgs{\n\t\t\t\tAttributeName: pulumi.String(\"TimeToExist\"),\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tGlobalSecondaryIndexes: dynamodb.TableGlobalSecondaryIndexArray{\n\t\t\t\t\u0026dynamodb.TableGlobalSecondaryIndexArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitleIndex\"),\n\t\t\t\t\tHashKey: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tRangeKey: pulumi.String(\"TopScore\"),\n\t\t\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\t\t\tProjectionType: pulumi.String(\"INCLUDE\"),\n\t\t\t\t\tNonKeyAttributes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"UserId\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"dynamodb-table-1\"),\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableTtlArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableGlobalSecondaryIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic_dynamodb_table = new Table(\"basic-dynamodb-table\", TableArgs.builder()\n .name(\"GameScores\")\n .billingMode(\"PROVISIONED\")\n .readCapacity(20)\n .writeCapacity(20)\n .hashKey(\"UserId\")\n .rangeKey(\"GameTitle\")\n .attributes( \n TableAttributeArgs.builder()\n .name(\"UserId\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"GameTitle\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"TopScore\")\n .type(\"N\")\n .build())\n .ttl(TableTtlArgs.builder()\n .attributeName(\"TimeToExist\")\n .enabled(true)\n .build())\n .globalSecondaryIndexes(TableGlobalSecondaryIndexArgs.builder()\n .name(\"GameTitleIndex\")\n .hashKey(\"GameTitle\")\n .rangeKey(\"TopScore\")\n .writeCapacity(10)\n .readCapacity(10)\n .projectionType(\"INCLUDE\")\n .nonKeyAttributes(\"UserId\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"dynamodb-table-1\"),\n Map.entry(\"Environment\", \"production\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basic-dynamodb-table:\n type: aws:dynamodb:Table\n properties:\n name: GameScores\n billingMode: PROVISIONED\n readCapacity: 20\n writeCapacity: 20\n hashKey: UserId\n rangeKey: GameTitle\n attributes:\n - name: UserId\n type: S\n - name: GameTitle\n type: S\n - name: TopScore\n type: N\n ttl:\n attributeName: TimeToExist\n enabled: true\n globalSecondaryIndexes:\n - name: GameTitleIndex\n hashKey: GameTitle\n rangeKey: TopScore\n writeCapacity: 10\n readCapacity: 10\n projectionType: INCLUDE\n nonKeyAttributes:\n - UserId\n tags:\n Name: dynamodb-table-1\n Environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Tables\n\nThis resource implements support for [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) via `replica` configuration blocks. For working with [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html), see the `aws.dynamodb.GlobalTable` resource.\n\n\u003e **Note:** aws.dynamodb.TableReplica is an alternate way of configuring Global Tables. Do not use `replica` configuration blocks of `aws.dynamodb.Table` together with aws_dynamodb_table_replica.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: \"us-east-2\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": \"us-east-2\",\n },\n {\n \"region_name\": \"us-west-2\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .build(),\n TableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n - regionName: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Replica Tagging\n\nYou can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `aws.dynamodb.Tag` resource for the other.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst current = aws.getRegion({});\nconst alternate = aws.getRegion({});\nconst third = aws.getRegion({});\nconst example = new aws.dynamodb.Table(\"example\", {\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"TestTableHashKey\",\n name: \"example-13281\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: alternate.then(alternate =\u003e alternate.name),\n },\n {\n regionName: third.then(third =\u003e third.name),\n propagateTags: true,\n },\n ],\n tags: {\n Architect: \"Eleanor\",\n Zone: \"SW\",\n },\n});\nconst exampleTag = new aws.dynamodb.Tag(\"example\", {\n resourceArn: pulumi.all([example.arn, current, alternate]).apply(([arn, current, alternate]) =\u003e std.replaceOutput({\n text: arn,\n search: current.name,\n replace: alternate.name,\n })).apply(invoke =\u003e invoke.result),\n key: \"Architect\",\n value: \"Gigi\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ncurrent = aws.get_region()\nalternate = aws.get_region()\nthird = aws.get_region()\nexample = aws.dynamodb.Table(\"example\",\n billing_mode=\"PAY_PER_REQUEST\",\n hash_key=\"TestTableHashKey\",\n name=\"example-13281\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": alternate.name,\n },\n {\n \"region_name\": third.name,\n \"propagate_tags\": True,\n },\n ],\n tags={\n \"Architect\": \"Eleanor\",\n \"Zone\": \"SW\",\n })\nexample_tag = aws.dynamodb.Tag(\"example\",\n resource_arn=example.arn.apply(lambda arn: std.replace_output(text=arn,\n search=current.name,\n replace=alternate.name)).apply(lambda invoke: invoke.result),\n key=\"Architect\",\n value=\"Gigi\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var alternate = Aws.GetRegion.Invoke();\n\n var third = Aws.GetRegion.Invoke();\n\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n BillingMode = \"PAY_PER_REQUEST\",\n HashKey = \"TestTableHashKey\",\n Name = \"example-13281\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = third.Apply(getRegionResult =\u003e getRegionResult.Name),\n PropagateTags = true,\n },\n },\n Tags = \n {\n { \"Architect\", \"Eleanor\" },\n { \"Zone\", \"SW\" },\n },\n });\n\n var exampleTag = new Aws.DynamoDB.Tag(\"example\", new()\n {\n ResourceArn = Output.Tuple(example.Arn, current, alternate).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n var alternate = values.Item3;\n return Std.Replace.Invoke(new()\n {\n Text = arn,\n Search = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n Replace = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n }).Apply(invoke =\u003e invoke.Result),\n Key = \"Architect\",\n Value = \"Gigi\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\talternate, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tthird, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tName: pulumi.String(\"example-13281\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(alternate.Name),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(third.Name),\n\t\t\t\t\tPropagateTags: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Architect\": pulumi.String(\"Eleanor\"),\n\t\t\t\t\"Zone\": pulumi.String(\"SW\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTag(ctx, \"example\", \u0026dynamodb.TagArgs{\n\t\t\tResourceArn: pulumi.String(example.Arn.ApplyT(func(arn string) (std.ReplaceResult, error) {\n\t\t\t\treturn std.ReplaceResult(interface{}(std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\tText: arn,\n\t\t\t\t\tSearch: current.Name,\n\t\t\t\t\tReplace: alternate.Name,\n\t\t\t\t}, nil))), nil\n\t\t\t}).(std.ReplaceResultOutput).ApplyT(func(invoke std.ReplaceResult) (*string, error) {\n\t\t\t\treturn invoke.Result, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tKey: pulumi.String(\"Architect\"),\n\t\t\tValue: pulumi.String(\"Gigi\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport com.pulumi.aws.dynamodb.Tag;\nimport com.pulumi.aws.dynamodb.TagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var alternate = AwsFunctions.getRegion();\n\n final var third = AwsFunctions.getRegion();\n\n var example = new Table(\"example\", TableArgs.builder()\n .billingMode(\"PAY_PER_REQUEST\")\n .hashKey(\"TestTableHashKey\")\n .name(\"example-13281\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(alternate.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build(),\n TableReplicaArgs.builder()\n .regionName(third.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .propagateTags(true)\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Architect\", \"Eleanor\"),\n Map.entry(\"Zone\", \"SW\")\n ))\n .build());\n\n var exampleTag = new Tag(\"exampleTag\", TagArgs.builder()\n .resourceArn(example.arn().applyValue(arn -\u003e StdFunctions.replace()).applyValue(invoke -\u003e invoke.result()))\n .key(\"Architect\")\n .value(\"Gigi\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n billingMode: PAY_PER_REQUEST\n hashKey: TestTableHashKey\n name: example-13281\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: ${alternate.name}\n - regionName: ${third.name}\n propagateTags: true\n tags:\n Architect: Eleanor\n Zone: SW\n exampleTag:\n type: aws:dynamodb:Tag\n name: example\n properties:\n resourceArn:\n fn::invoke:\n Function: std:replace\n Arguments:\n text: ${example.arn}\n search: ${current.name}\n replace: ${alternate.name}\n Return: result\n key: Architect\n value: Gigi\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n alternate:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n third:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB tables using the `name`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/table:Table basic-dynamodb-table GameScores\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the table\n" }, "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "Set of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. See below.\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "deletionProtectionEnabled": { "type": "boolean", "description": "Enables deletion protection for table. Defaults to `false`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.\n" }, "importTable": { "$ref": "#/types/aws:dynamodb/TableImportTable:TableImportTable", "description": "Import Amazon S3 data into a new table. See below.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.\n" }, "name": { "type": "string", "description": "Unique within a region name of the table.\n\nOptional arguments:\n" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Enable point-in-time recovery options. See below.\n" }, "rangeKey": { "type": "string", "description": "Attribute to use as the range (sort) key. Must also be defined as an `attribute`, see below.\n" }, "readCapacity": { "type": "integer", "description": "Number of read units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. See below.\n" }, "restoreDateTime": { "type": "string", "description": "Time of the point-in-time recovery point to restore.\n" }, "restoreSourceName": { "type": "string", "description": "Name of the table to restore. Must match the name of an existing table.\n" }, "restoreToLatestTime": { "type": "boolean", "description": "If set, restores table to the most recent point-in-time recovery point.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS-owned Customer Master Key if this argument isn't specified. See below.\n" }, "streamArn": { "type": "string", "description": "ARN of the Table Stream. Only available when `stream_enabled = true`\n" }, "streamEnabled": { "type": "boolean", "description": "Whether Streams are enabled.\n" }, "streamLabel": { "type": "string", "description": "Timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not a unique identifier for the stream on its own. However, the combination of AWS customer ID, table name and this field is guaranteed to be unique. It can be used for creating CloudWatch Alarms. Only available when `stream_enabled = true`.\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tableClass": { "type": "string", "description": "Storage class of the table.\nValid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`.\nDefault value is `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Configuration block for TTL. See below.\n" }, "writeCapacity": { "type": "integer", "description": "Number of write units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" } }, "required": [ "arn", "attributes", "hashKey", "name", "pointInTimeRecovery", "readCapacity", "serverSideEncryption", "streamArn", "streamLabel", "streamViewType", "tagsAll", "ttl", "writeCapacity" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "Set of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. See below.\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "deletionProtectionEnabled": { "type": "boolean", "description": "Enables deletion protection for table. Defaults to `false`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.\n", "willReplaceOnChanges": true }, "importTable": { "$ref": "#/types/aws:dynamodb/TableImportTable:TableImportTable", "description": "Import Amazon S3 data into a new table. See below.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique within a region name of the table.\n\nOptional arguments:\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Enable point-in-time recovery options. See below.\n" }, "rangeKey": { "type": "string", "description": "Attribute to use as the range (sort) key. Must also be defined as an `attribute`, see below.\n", "willReplaceOnChanges": true }, "readCapacity": { "type": "integer", "description": "Number of read units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. See below.\n" }, "restoreDateTime": { "type": "string", "description": "Time of the point-in-time recovery point to restore.\n", "willReplaceOnChanges": true }, "restoreSourceName": { "type": "string", "description": "Name of the table to restore. Must match the name of an existing table.\n" }, "restoreToLatestTime": { "type": "boolean", "description": "If set, restores table to the most recent point-in-time recovery point.\n", "willReplaceOnChanges": true }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS-owned Customer Master Key if this argument isn't specified. See below.\n" }, "streamEnabled": { "type": "boolean", "description": "Whether Streams are enabled.\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tableClass": { "type": "string", "description": "Storage class of the table.\nValid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`.\nDefault value is `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Configuration block for TTL. See below.\n" }, "writeCapacity": { "type": "integer", "description": "Number of write units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Table resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the table\n" }, "attributes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableAttribute:TableAttribute" }, "description": "Set of nested attribute definitions. Only required for `hash_key` and `range_key` attributes. See below.\n" }, "billingMode": { "type": "string", "description": "Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.\n" }, "deletionProtectionEnabled": { "type": "boolean", "description": "Enables deletion protection for table. Defaults to `false`.\n" }, "globalSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableGlobalSecondaryIndex:TableGlobalSecondaryIndex" }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.\n", "willReplaceOnChanges": true }, "importTable": { "$ref": "#/types/aws:dynamodb/TableImportTable:TableImportTable", "description": "Import Amazon S3 data into a new table. See below.\n" }, "localSecondaryIndexes": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableLocalSecondaryIndex:TableLocalSecondaryIndex" }, "description": "Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique within a region name of the table.\n\nOptional arguments:\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Enable point-in-time recovery options. See below.\n" }, "rangeKey": { "type": "string", "description": "Attribute to use as the range (sort) key. Must also be defined as an `attribute`, see below.\n", "willReplaceOnChanges": true }, "readCapacity": { "type": "integer", "description": "Number of read units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:dynamodb/TableReplica:TableReplica" }, "description": "Configuration block(s) with [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) replication configurations. See below.\n" }, "restoreDateTime": { "type": "string", "description": "Time of the point-in-time recovery point to restore.\n", "willReplaceOnChanges": true }, "restoreSourceName": { "type": "string", "description": "Name of the table to restore. Must match the name of an existing table.\n" }, "restoreToLatestTime": { "type": "boolean", "description": "If set, restores table to the most recent point-in-time recovery point.\n", "willReplaceOnChanges": true }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/TableServerSideEncryption:TableServerSideEncryption", "description": "Encryption at rest options. AWS DynamoDB tables are automatically encrypted at rest with an AWS-owned Customer Master Key if this argument isn't specified. See below.\n" }, "streamArn": { "type": "string", "description": "ARN of the Table Stream. Only available when `stream_enabled = true`\n" }, "streamEnabled": { "type": "boolean", "description": "Whether Streams are enabled.\n" }, "streamLabel": { "type": "string", "description": "Timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not a unique identifier for the stream on its own. However, the combination of AWS customer ID, table name and this field is guaranteed to be unique. It can be used for creating CloudWatch Alarms. Only available when `stream_enabled = true`.\n" }, "streamViewType": { "type": "string", "description": "When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are `KEYS_ONLY`, `NEW_IMAGE`, `OLD_IMAGE`, `NEW_AND_OLD_IMAGES`.\n" }, "tableClass": { "type": "string", "description": "Storage class of the table.\nValid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`.\nDefault value is `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "$ref": "#/types/aws:dynamodb/TableTtl:TableTtl", "description": "Configuration block for TTL. See below.\n" }, "writeCapacity": { "type": "integer", "description": "Number of write units for this table. If the `billing_mode` is `PROVISIONED`, this field is required.\n" } }, "type": "object" } }, "aws:dynamodb/tableExport:TableExport": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucketPrefix: \"example\",\n forceDestroy: true,\n});\nconst exampleTable = new aws.dynamodb.Table(\"example\", {\n name: \"example-table-1\",\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"user_id\",\n attributes: [{\n name: \"user_id\",\n type: \"S\",\n }],\n pointInTimeRecovery: {\n enabled: true,\n },\n});\nconst exampleTableExport = new aws.dynamodb.TableExport(\"example\", {\n tableArn: exampleTable.arn,\n s3Bucket: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket_prefix=\"example\",\n force_destroy=True)\nexample_table = aws.dynamodb.Table(\"example\",\n name=\"example-table-1\",\n billing_mode=\"PAY_PER_REQUEST\",\n hash_key=\"user_id\",\n attributes=[{\n \"name\": \"user_id\",\n \"type\": \"S\",\n }],\n point_in_time_recovery={\n \"enabled\": True,\n })\nexample_table_export = aws.dynamodb.TableExport(\"example\",\n table_arn=example_table.arn,\n s3_bucket=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n BucketPrefix = \"example\",\n ForceDestroy = true,\n });\n\n var exampleTable = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example-table-1\",\n BillingMode = \"PAY_PER_REQUEST\",\n HashKey = \"user_id\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"user_id\",\n Type = \"S\",\n },\n },\n PointInTimeRecovery = new Aws.DynamoDB.Inputs.TablePointInTimeRecoveryArgs\n {\n Enabled = true,\n },\n });\n\n var exampleTableExport = new Aws.DynamoDB.TableExport(\"example\", new()\n {\n TableArn = exampleTable.Arn,\n S3Bucket = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucketPrefix: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTable, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example-table-1\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tHashKey: pulumi.String(\"user_id\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"user_id\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPointInTimeRecovery: \u0026dynamodb.TablePointInTimeRecoveryArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTableExport(ctx, \"example\", \u0026dynamodb.TableExportArgs{\n\t\t\tTableArn: exampleTable.Arn,\n\t\t\tS3Bucket: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TablePointInTimeRecoveryArgs;\nimport com.pulumi.aws.dynamodb.TableExport;\nimport com.pulumi.aws.dynamodb.TableExportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucketPrefix(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleTable = new Table(\"exampleTable\", TableArgs.builder()\n .name(\"example-table-1\")\n .billingMode(\"PAY_PER_REQUEST\")\n .hashKey(\"user_id\")\n .attributes(TableAttributeArgs.builder()\n .name(\"user_id\")\n .type(\"S\")\n .build())\n .pointInTimeRecovery(TablePointInTimeRecoveryArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n var exampleTableExport = new TableExport(\"exampleTableExport\", TableExportArgs.builder()\n .tableArn(exampleTable.arn())\n .s3Bucket(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucketPrefix: example\n forceDestroy: true\n exampleTable:\n type: aws:dynamodb:Table\n name: example\n properties:\n name: example-table-1\n billingMode: PAY_PER_REQUEST\n hashKey: user_id\n attributes:\n - name: user_id\n type: S\n pointInTimeRecovery:\n enabled: true\n exampleTableExport:\n type: aws:dynamodb:TableExport\n name: example\n properties:\n tableArn: ${exampleTable.arn}\n s3Bucket: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with export time\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.TableExport(\"example\", {\n exportTime: \"2023-04-02T11:30:13+01:00\",\n s3Bucket: exampleAwsS3Bucket.id,\n tableArn: exampleAwsDynamodbTable.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.TableExport(\"example\",\n export_time=\"2023-04-02T11:30:13+01:00\",\n s3_bucket=example_aws_s3_bucket[\"id\"],\n table_arn=example_aws_dynamodb_table[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.TableExport(\"example\", new()\n {\n ExportTime = \"2023-04-02T11:30:13+01:00\",\n S3Bucket = exampleAwsS3Bucket.Id,\n TableArn = exampleAwsDynamodbTable.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTableExport(ctx, \"example\", \u0026dynamodb.TableExportArgs{\n\t\t\tExportTime: pulumi.String(\"2023-04-02T11:30:13+01:00\"),\n\t\t\tS3Bucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tTableArn: pulumi.Any(exampleAwsDynamodbTable.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.TableExport;\nimport com.pulumi.aws.dynamodb.TableExportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TableExport(\"example\", TableExportArgs.builder()\n .exportTime(\"2023-04-02T11:30:13+01:00\")\n .s3Bucket(exampleAwsS3Bucket.id())\n .tableArn(exampleAwsDynamodbTable.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:TableExport\n properties:\n exportTime: 2023-04-02T11:30:13+01:00\n s3Bucket: ${exampleAwsS3Bucket.id}\n tableArn: ${exampleAwsDynamodbTable.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB table exports using the `arn`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/tableExport:TableExport example arn:aws:dynamodb:us-west-2:12345678911:table/my-table-1/export/01580735656614-2c2f422e\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Table Export.\n" }, "billedSizeInBytes": { "type": "integer", "description": "Billable size of the table export.\n" }, "endTime": { "type": "string", "description": "Time at which the export task completed.\n" }, "exportFormat": { "type": "string", "description": "Format for the exported data. Valid values are `DYNAMODB_JSON` or `ION`. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.Output.html#S3DataExport.Output_Data) for more information on these export formats. Default is `DYNAMODB_JSON`.\n" }, "exportStatus": { "type": "string", "description": "Status of the export - export can be in one of the following states `IN_PROGRESS`, `COMPLETED`, or `FAILED`.\n" }, "exportTime": { "type": "string", "description": "Time in RFC3339 format from which to export table data. The table export will be a snapshot of the table's state at this point in time. Omitting this value will result in a snapshot from the current time.\n" }, "itemCount": { "type": "integer", "description": "Number of items exported.\n" }, "manifestFilesS3Key": { "type": "string", "description": "Name of the manifest file for the export task. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.Output.html#S3DataExport.Output_Manifest) for more information on this manifest file.\n" }, "s3Bucket": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport_Requesting.html#S3DataExport_Requesting_Permissions) for information on how configure this S3 bucket.\n" }, "s3BucketOwner": { "type": "string", "description": "ID of the AWS account that owns the bucket the export will be stored in.\n" }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n" }, "s3SseAlgorithm": { "type": "string", "description": "Type of encryption used on the bucket where export data will be stored. Valid values are: `AES256`, `KMS`.\n" }, "s3SseKmsKeyId": { "type": "string", "description": "ID of the AWS KMS managed key used to encrypt the S3 bucket where export data will be stored (if applicable).\n" }, "startTime": { "type": "string", "description": "Time at which the export task began.\n" }, "tableArn": { "type": "string", "description": "ARN associated with the table to export.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "billedSizeInBytes", "endTime", "exportStatus", "exportTime", "itemCount", "manifestFilesS3Key", "s3Bucket", "s3BucketOwner", "s3Prefix", "s3SseAlgorithm", "startTime", "tableArn" ], "inputProperties": { "exportFormat": { "type": "string", "description": "Format for the exported data. Valid values are `DYNAMODB_JSON` or `ION`. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.Output.html#S3DataExport.Output_Data) for more information on these export formats. Default is `DYNAMODB_JSON`.\n", "willReplaceOnChanges": true }, "exportTime": { "type": "string", "description": "Time in RFC3339 format from which to export table data. The table export will be a snapshot of the table's state at this point in time. Omitting this value will result in a snapshot from the current time.\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport_Requesting.html#S3DataExport_Requesting_Permissions) for information on how configure this S3 bucket.\n", "willReplaceOnChanges": true }, "s3BucketOwner": { "type": "string", "description": "ID of the AWS account that owns the bucket the export will be stored in.\n", "willReplaceOnChanges": true }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n", "willReplaceOnChanges": true }, "s3SseAlgorithm": { "type": "string", "description": "Type of encryption used on the bucket where export data will be stored. Valid values are: `AES256`, `KMS`.\n", "willReplaceOnChanges": true }, "s3SseKmsKeyId": { "type": "string", "description": "ID of the AWS KMS managed key used to encrypt the S3 bucket where export data will be stored (if applicable).\n", "willReplaceOnChanges": true }, "tableArn": { "type": "string", "description": "ARN associated with the table to export.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "s3Bucket", "tableArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TableExport resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Table Export.\n" }, "billedSizeInBytes": { "type": "integer", "description": "Billable size of the table export.\n" }, "endTime": { "type": "string", "description": "Time at which the export task completed.\n" }, "exportFormat": { "type": "string", "description": "Format for the exported data. Valid values are `DYNAMODB_JSON` or `ION`. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.Output.html#S3DataExport.Output_Data) for more information on these export formats. Default is `DYNAMODB_JSON`.\n", "willReplaceOnChanges": true }, "exportStatus": { "type": "string", "description": "Status of the export - export can be in one of the following states `IN_PROGRESS`, `COMPLETED`, or `FAILED`.\n" }, "exportTime": { "type": "string", "description": "Time in RFC3339 format from which to export table data. The table export will be a snapshot of the table's state at this point in time. Omitting this value will result in a snapshot from the current time.\n", "willReplaceOnChanges": true }, "itemCount": { "type": "integer", "description": "Number of items exported.\n" }, "manifestFilesS3Key": { "type": "string", "description": "Name of the manifest file for the export task. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.Output.html#S3DataExport.Output_Manifest) for more information on this manifest file.\n" }, "s3Bucket": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to. See the [AWS Documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport_Requesting.html#S3DataExport_Requesting_Permissions) for information on how configure this S3 bucket.\n", "willReplaceOnChanges": true }, "s3BucketOwner": { "type": "string", "description": "ID of the AWS account that owns the bucket the export will be stored in.\n", "willReplaceOnChanges": true }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n", "willReplaceOnChanges": true }, "s3SseAlgorithm": { "type": "string", "description": "Type of encryption used on the bucket where export data will be stored. Valid values are: `AES256`, `KMS`.\n", "willReplaceOnChanges": true }, "s3SseKmsKeyId": { "type": "string", "description": "ID of the AWS KMS managed key used to encrypt the S3 bucket where export data will be stored (if applicable).\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "Time at which the export task began.\n" }, "tableArn": { "type": "string", "description": "ARN associated with the table to export.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:dynamodb/tableItem:TableItem": { "description": "Provides a DynamoDB table item resource\n\n\u003e **Note:** This resource is not meant to be used for managing large amounts of data in your table, it is not designed to scale.\n You should perform **regular backups** of all data in the table, see [AWS docs for more](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/BackupRestore.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleTable = new aws.dynamodb.Table(\"example\", {\n name: \"example-name\",\n readCapacity: 10,\n writeCapacity: 10,\n hashKey: \"exampleHashKey\",\n attributes: [{\n name: \"exampleHashKey\",\n type: \"S\",\n }],\n});\nconst example = new aws.dynamodb.TableItem(\"example\", {\n tableName: exampleTable.name,\n hashKey: exampleTable.hashKey,\n item: `{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_table = aws.dynamodb.Table(\"example\",\n name=\"example-name\",\n read_capacity=10,\n write_capacity=10,\n hash_key=\"exampleHashKey\",\n attributes=[{\n \"name\": \"exampleHashKey\",\n \"type\": \"S\",\n }])\nexample = aws.dynamodb.TableItem(\"example\",\n table_name=example_table.name,\n hash_key=example_table.hash_key,\n item=\"\"\"{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleTable = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example-name\",\n ReadCapacity = 10,\n WriteCapacity = 10,\n HashKey = \"exampleHashKey\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"exampleHashKey\",\n Type = \"S\",\n },\n },\n });\n\n var example = new Aws.DynamoDB.TableItem(\"example\", new()\n {\n TableName = exampleTable.Name,\n HashKey = exampleTable.HashKey,\n Item = @\"{\n \"\"exampleHashKey\"\": {\"\"S\"\": \"\"something\"\"},\n \"\"one\"\": {\"\"N\"\": \"\"11111\"\"},\n \"\"two\"\": {\"\"N\"\": \"\"22222\"\"},\n \"\"three\"\": {\"\"N\"\": \"\"33333\"\"},\n \"\"four\"\": {\"\"N\"\": \"\"44444\"\"}\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleTable, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t\tHashKey: pulumi.String(\"exampleHashKey\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTableItem(ctx, \"example\", \u0026dynamodb.TableItemArgs{\n\t\t\tTableName: exampleTable.Name,\n\t\t\tHashKey: exampleTable.HashKey,\n\t\t\tItem: pulumi.String(`{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.TableItem;\nimport com.pulumi.aws.dynamodb.TableItemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleTable = new Table(\"exampleTable\", TableArgs.builder()\n .name(\"example-name\")\n .readCapacity(10)\n .writeCapacity(10)\n .hashKey(\"exampleHashKey\")\n .attributes(TableAttributeArgs.builder()\n .name(\"exampleHashKey\")\n .type(\"S\")\n .build())\n .build());\n\n var example = new TableItem(\"example\", TableItemArgs.builder()\n .tableName(exampleTable.name())\n .hashKey(exampleTable.hashKey())\n .item(\"\"\"\n{\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:TableItem\n properties:\n tableName: ${exampleTable.name}\n hashKey: ${exampleTable.hashKey}\n item: |\n {\n \"exampleHashKey\": {\"S\": \"something\"},\n \"one\": {\"N\": \"11111\"},\n \"two\": {\"N\": \"22222\"},\n \"three\": {\"N\": \"33333\"},\n \"four\": {\"N\": \"44444\"}\n }\n exampleTable:\n type: aws:dynamodb:Table\n name: example\n properties:\n name: example-name\n readCapacity: 10\n writeCapacity: 10\n hashKey: exampleHashKey\n attributes:\n - name: exampleHashKey\n type: S\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import DynamoDB table items.\n\n", "properties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n" }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute. Only the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n" }, "tableName": { "type": "string", "description": "Name of the table to contain the item.\n" } }, "required": [ "hashKey", "item", "tableName" ], "inputProperties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n", "willReplaceOnChanges": true }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute. Only the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "Name of the table to contain the item.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "hashKey", "item", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering TableItem resources.\n", "properties": { "hashKey": { "type": "string", "description": "Hash key to use for lookups and identification of the item\n", "willReplaceOnChanges": true }, "item": { "type": "string", "description": "JSON representation of a map of attribute name/value pairs, one for each attribute. Only the primary key attributes are required; you can optionally provide other attribute name-value pairs for the item.\n" }, "rangeKey": { "type": "string", "description": "Range key to use for lookups and identification of the item. Required if there is range key defined in the table.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "Name of the table to contain the item.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:dynamodb/tableReplica:TableReplica": { "description": "Provides a DynamoDB table replica resource for [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html).\n\n\u003e **Note:** Use `lifecycle` `ignore_changes` for `replica` in the associated aws.dynamodb.Table configuration.\n\n\u003e **Note:** Do not use the `replica` configuration block of aws.dynamodb.Table together with this resource as the two configuration options are mutually exclusive.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"TestTable\",\n hashKey: \"BrodoBaggins\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"BrodoBaggins\",\n type: \"S\",\n }],\n});\nconst exampleTableReplica = new aws.dynamodb.TableReplica(\"example\", {\n globalTableArn: example.arn,\n tags: {\n Name: \"IZPAWS\",\n Pozo: \"Amargo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"TestTable\",\n hash_key=\"BrodoBaggins\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"BrodoBaggins\",\n \"type\": \"S\",\n }])\nexample_table_replica = aws.dynamodb.TableReplica(\"example\",\n global_table_arn=example.arn,\n tags={\n \"Name\": \"IZPAWS\",\n \"Pozo\": \"Amargo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"TestTable\",\n HashKey = \"BrodoBaggins\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"BrodoBaggins\",\n Type = \"S\",\n },\n },\n });\n\n var exampleTableReplica = new Aws.DynamoDB.TableReplica(\"example\", new()\n {\n GlobalTableArn = example.Arn,\n Tags = \n {\n { \"Name\", \"IZPAWS\" },\n { \"Pozo\", \"Amargo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"TestTable\"),\n\t\t\tHashKey: pulumi.String(\"BrodoBaggins\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"BrodoBaggins\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTableReplica(ctx, \"example\", \u0026dynamodb.TableReplicaArgs{\n\t\t\tGlobalTableArn: example.Arn,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"IZPAWS\"),\n\t\t\t\t\"Pozo\": pulumi.String(\"Amargo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.TableReplica;\nimport com.pulumi.aws.dynamodb.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"TestTable\")\n .hashKey(\"BrodoBaggins\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"BrodoBaggins\")\n .type(\"S\")\n .build())\n .build());\n\n var exampleTableReplica = new TableReplica(\"exampleTableReplica\", TableReplicaArgs.builder()\n .globalTableArn(example.arn())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"IZPAWS\"),\n Map.entry(\"Pozo\", \"Amargo\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: TestTable\n hashKey: BrodoBaggins\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: BrodoBaggins\n type: S\n exampleTableReplica:\n type: aws:dynamodb:TableReplica\n name: example\n properties:\n globalTableArn: ${example.arn}\n tags:\n Name: IZPAWS\n Pozo: Amargo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB table replicas using the `table-name:main-region`. For example:\n\n~\u003e __Note:__ When importing, use the region where the initial or _main_ global table resides, _not_ the region of the replica.\n\n```sh\n$ pulumi import aws:dynamodb/tableReplica:TableReplica example TestTable:us-west-2\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the table replica.\n" }, "globalTableArn": { "type": "string", "description": "ARN of the _main_ or global table which this resource will replicate.\n\nOptional arguments:\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.\n" }, "pointInTimeRecovery": { "type": "boolean", "description": "Whether to enable Point In Time Recovery for the replica. Default is `false`.\n" }, "tableClassOverride": { "type": "string", "description": "Storage class of the table replica. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`. If not used, the table replica will use the same class as the global table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "globalTableArn", "kmsKeyArn", "tagsAll" ], "inputProperties": { "globalTableArn": { "type": "string", "description": "ARN of the _main_ or global table which this resource will replicate.\n\nOptional arguments:\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "type": "boolean", "description": "Whether to enable Point In Time Recovery for the replica. Default is `false`.\n" }, "tableClassOverride": { "type": "string", "description": "Storage class of the table replica. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`. If not used, the table replica will use the same class as the global table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "globalTableArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TableReplica resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the table replica.\n" }, "globalTableArn": { "type": "string", "description": "ARN of the _main_ or global table which this resource will replicate.\n\nOptional arguments:\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "type": "boolean", "description": "Whether to enable Point In Time Recovery for the replica. Default is `false`.\n" }, "tableClassOverride": { "type": "string", "description": "Storage class of the table replica. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS`. If not used, the table replica will use the same class as the global table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to populate on the created table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:dynamodb/tag:Tag": { "description": "Manages an individual DynamoDB resource tag. This resource should only be used in cases where DynamoDB resources are created outside the provider (e.g., Table replicas in other regions).\n\n\u003e **NOTE:** This tagging resource should not be combined with the resource for managing the parent resource. For example, using `aws.dynamodb.Table` and `aws.dynamodb.Tag` to manage tags of the same DynamoDB Table in the same region will cause a perpetual difference where the `aws_dynamodb_cluster` resource will try to remove the tag being added by the `aws.dynamodb.Tag` resource.\n\n\u003e **NOTE:** This tagging resource does not use the provider `ignore_tags` configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst replica = aws.getRegion({});\nconst current = aws.getRegion({});\nconst example = new aws.dynamodb.Table(\"example\", {replicas: [{\n regionName: replica.then(replica =\u003e replica.name),\n}]});\nconst test = new aws.dynamodb.Tag(\"test\", {\n resourceArn: pulumi.all([example.arn, current, replica]).apply(([arn, current, replica]) =\u003e std.replaceOutput({\n text: arn,\n search: current.name,\n replace: replica.name,\n })).apply(invoke =\u003e invoke.result),\n key: \"testkey\",\n value: \"testvalue\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nreplica = aws.get_region()\ncurrent = aws.get_region()\nexample = aws.dynamodb.Table(\"example\", replicas=[{\n \"region_name\": replica.name,\n}])\ntest = aws.dynamodb.Tag(\"test\",\n resource_arn=example.arn.apply(lambda arn: std.replace_output(text=arn,\n search=current.name,\n replace=replica.name)).apply(lambda invoke: invoke.result),\n key=\"testkey\",\n value=\"testvalue\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replica = Aws.GetRegion.Invoke();\n\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = replica.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var test = new Aws.DynamoDB.Tag(\"test\", new()\n {\n ResourceArn = Output.Tuple(example.Arn, current, replica).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n var replica = values.Item3;\n return Std.Replace.Invoke(new()\n {\n Text = arn,\n Search = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n Replace = replica.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n }).Apply(invoke =\u003e invoke.Result),\n Key = \"testkey\",\n Value = \"testvalue\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treplica, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(replica.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTag(ctx, \"test\", \u0026dynamodb.TagArgs{\n\t\t\tResourceArn: pulumi.String(example.Arn.ApplyT(func(arn string) (std.ReplaceResult, error) {\n\t\t\t\treturn std.ReplaceResult(interface{}(std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\tText: arn,\n\t\t\t\t\tSearch: current.Name,\n\t\t\t\t\tReplace: replica.Name,\n\t\t\t\t}, nil))), nil\n\t\t\t}).(std.ReplaceResultOutput).ApplyT(func(invoke std.ReplaceResult) (*string, error) {\n\t\t\t\treturn invoke.Result, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tKey: pulumi.String(\"testkey\"),\n\t\t\tValue: pulumi.String(\"testvalue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport com.pulumi.aws.dynamodb.Tag;\nimport com.pulumi.aws.dynamodb.TagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var replica = AwsFunctions.getRegion();\n\n final var current = AwsFunctions.getRegion();\n\n var example = new Table(\"example\", TableArgs.builder()\n .replicas(TableReplicaArgs.builder()\n .regionName(replica.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var test = new Tag(\"test\", TagArgs.builder()\n .resourceArn(example.arn().applyValue(arn -\u003e StdFunctions.replace()).applyValue(invoke -\u003e invoke.result()))\n .key(\"testkey\")\n .value(\"testvalue\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n replicas:\n - regionName: ${replica.name}\n test:\n type: aws:dynamodb:Tag\n properties:\n resourceArn:\n fn::invoke:\n Function: std:replace\n Arguments:\n text: ${example.arn}\n search: ${current.name}\n replace: ${replica.name}\n Return: result\n key: testkey\n value: testvalue\nvariables:\n replica:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_dynamodb_tag` using the DynamoDB resource identifier and key, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:dynamodb/tag:Tag example arn:aws:dynamodb:us-east-1:123456789012:table/example,Name\n```\n", "properties": { "key": { "type": "string", "description": "Tag name.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DynamoDB resource to tag.\n" }, "value": { "type": "string", "description": "Tag value.\n" } }, "required": [ "key", "resourceArn", "value" ], "inputProperties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DynamoDB resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "requiredInputs": [ "key", "resourceArn", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the DynamoDB resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "type": "object" } }, "aws:ebs/defaultKmsKey:DefaultKmsKey": { "description": "Provides a resource to manage the default customer master key (CMK) that your AWS account uses to encrypt EBS volumes.\n\nYour AWS account has an AWS-managed default CMK that is used for encrypting an EBS volume when no CMK is specified in the API call that creates the volume.\nBy using the `aws.ebs.DefaultKmsKey` resource, you can specify a customer-managed CMK to use in place of the AWS-managed default CMK.\n\n\u003e **NOTE:** Creating an `aws.ebs.DefaultKmsKey` resource does not enable default EBS encryption. Use the `aws.ebs.EncryptionByDefault` to enable default EBS encryption.\n\n\u003e **NOTE:** Destroying this resource will reset the default CMK to the account's AWS-managed default CMK for EBS.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.DefaultKmsKey(\"example\", {keyArn: exampleAwsKmsKey.arn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.DefaultKmsKey(\"example\", key_arn=example_aws_kms_key[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.DefaultKmsKey(\"example\", new()\n {\n KeyArn = exampleAwsKmsKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.NewDefaultKmsKey(ctx, \"example\", \u0026ebs.DefaultKmsKeyArgs{\n\t\t\tKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.DefaultKmsKey;\nimport com.pulumi.aws.ebs.DefaultKmsKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DefaultKmsKey(\"example\", DefaultKmsKeyArgs.builder()\n .keyArn(exampleAwsKmsKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:DefaultKmsKey\n properties:\n keyArn: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EBS default KMS CMK using the KMS key ARN. For example:\n\n```sh\n$ pulumi import aws:ebs/defaultKmsKey:DefaultKmsKey example arn:aws:kms:us-east-1:123456789012:key/abcd-1234\n```\n", "properties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n" } }, "required": [ "keyArn" ], "inputProperties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "keyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultKmsKey resources.\n", "properties": { "keyArn": { "type": "string", "description": "The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use to encrypt the EBS volume.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ebs/encryptionByDefault:EncryptionByDefault": { "description": "Provides a resource to manage whether default EBS encryption is enabled for your AWS account in the current AWS region. To manage the default KMS key for the region, see the `aws.ebs.DefaultKmsKey` resource.\n\n\u003e **NOTE:** Removing this resource disables default EBS encryption.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.EncryptionByDefault(\"example\", {enabled: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.EncryptionByDefault(\"example\", enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.EncryptionByDefault(\"example\", new()\n {\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.NewEncryptionByDefault(ctx, \"example\", \u0026ebs.EncryptionByDefaultArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EncryptionByDefault;\nimport com.pulumi.aws.ebs.EncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EncryptionByDefault(\"example\", EncryptionByDefaultArgs.builder()\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:EncryptionByDefault\n properties:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the default EBS encryption state. For example:\n\n```sh\n$ pulumi import aws:ebs/encryptionByDefault:EncryptionByDefault example default\n```\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "inputProperties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering EncryptionByDefault resources.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not default EBS encryption is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "type": "object" } }, "aws:ebs/fastSnapshotRestore:FastSnapshotRestore": { "description": "Resource for managing an EBS (Elastic Block Storage) Fast Snapshot Restore.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.FastSnapshotRestore(\"example\", {\n availabilityZone: \"us-west-2a\",\n snapshotId: exampleAwsEbsSnapshot.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.FastSnapshotRestore(\"example\",\n availability_zone=\"us-west-2a\",\n snapshot_id=example_aws_ebs_snapshot[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.FastSnapshotRestore(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n SnapshotId = exampleAwsEbsSnapshot.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.NewFastSnapshotRestore(ctx, \"example\", \u0026ebs.FastSnapshotRestoreArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSnapshotId: pulumi.Any(exampleAwsEbsSnapshot.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.FastSnapshotRestore;\nimport com.pulumi.aws.ebs.FastSnapshotRestoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FastSnapshotRestore(\"example\", FastSnapshotRestoreArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .snapshotId(exampleAwsEbsSnapshot.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:FastSnapshotRestore\n properties:\n availabilityZone: us-west-2a\n snapshotId: ${exampleAwsEbsSnapshot.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EC2 (Elastic Compute Cloud) EBS Fast Snapshot Restore using the `id`. For example:\n\n```sh\n$ pulumi import aws:ebs/fastSnapshotRestore:FastSnapshotRestore example us-west-2a,snap-abcdef123456\n```\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability zone in which to enable fast snapshot restores.\n" }, "snapshotId": { "type": "string", "description": "ID of the snapshot.\n" }, "state": { "type": "string", "description": "State of fast snapshot restores. Valid values are `enabling`, `optimizing`, `enabled`, `disabling`, `disabled`.\n" }, "timeouts": { "$ref": "#/types/aws:ebs/FastSnapshotRestoreTimeouts:FastSnapshotRestoreTimeouts" } }, "required": [ "availabilityZone", "snapshotId", "state" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "Availability zone in which to enable fast snapshot restores.\n" }, "snapshotId": { "type": "string", "description": "ID of the snapshot.\n" }, "timeouts": { "$ref": "#/types/aws:ebs/FastSnapshotRestoreTimeouts:FastSnapshotRestoreTimeouts" } }, "requiredInputs": [ "availabilityZone", "snapshotId" ], "stateInputs": { "description": "Input properties used for looking up and filtering FastSnapshotRestore resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability zone in which to enable fast snapshot restores.\n" }, "snapshotId": { "type": "string", "description": "ID of the snapshot.\n" }, "state": { "type": "string", "description": "State of fast snapshot restores. Valid values are `enabling`, `optimizing`, `enabled`, `disabling`, `disabled`.\n" }, "timeouts": { "$ref": "#/types/aws:ebs/FastSnapshotRestoreTimeouts:FastSnapshotRestoreTimeouts" } }, "type": "object" } }, "aws:ebs/snapshot:Snapshot": { "description": "Creates a Snapshot of an EBS Volume.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {\n volumeId: example.id,\n tags: {\n Name: \"HelloWorld_snap\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample_snapshot = aws.ebs.Snapshot(\"example_snapshot\",\n volume_id=example.id,\n tags={\n \"Name\": \"HelloWorld_snap\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"example_snapshot\", new()\n {\n VolumeId = example.Id,\n Tags = \n {\n { \"Name\", \"HelloWorld_snap\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewSnapshot(ctx, \"example_snapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tVolumeId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_snap\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport com.pulumi.aws.ebs.Snapshot;\nimport com.pulumi.aws.ebs.SnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .size(40)\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder()\n .volumeId(example.id())\n .tags(Map.of(\"Name\", \"HelloWorld_snap\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n size: 40\n tags:\n Name: HelloWorld\n exampleSnapshot:\n type: aws:ebs:Snapshot\n name: example_snapshot\n properties:\n volumeId: ${example.id}\n tags:\n Name: HelloWorld_snap\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EBS Snapshot using the `id`. For example:\n\n```sh\n$ pulumi import aws:ebs/snapshot:Snapshot id snap-049df61146c4d7901\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create a local snapshot.\n" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "required": [ "arn", "dataEncryptionKeyId", "encrypted", "kmsKeyId", "ownerAlias", "ownerId", "storageTier", "tagsAll", "volumeId", "volumeSize" ], "inputProperties": { "description": { "type": "string", "description": "A description of what the snapshot is.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create a local snapshot.\n", "willReplaceOnChanges": true }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "volumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create a local snapshot.\n", "willReplaceOnChanges": true }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string", "description": "The Volume ID of which to make a snapshot.\n", "willReplaceOnChanges": true }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object" } }, "aws:ebs/snapshotCopy:SnapshotCopy": { "description": "Creates a Snapshot of a snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {\n volumeId: example.id,\n tags: {\n Name: \"HelloWorld_snap\",\n },\n});\nconst exampleCopy = new aws.ebs.SnapshotCopy(\"example_copy\", {\n sourceSnapshotId: exampleSnapshot.id,\n sourceRegion: \"us-west-2\",\n tags: {\n Name: \"HelloWorld_copy_snap\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample_snapshot = aws.ebs.Snapshot(\"example_snapshot\",\n volume_id=example.id,\n tags={\n \"Name\": \"HelloWorld_snap\",\n })\nexample_copy = aws.ebs.SnapshotCopy(\"example_copy\",\n source_snapshot_id=example_snapshot.id,\n source_region=\"us-west-2\",\n tags={\n \"Name\": \"HelloWorld_copy_snap\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"example_snapshot\", new()\n {\n VolumeId = example.Id,\n Tags = \n {\n { \"Name\", \"HelloWorld_snap\" },\n },\n });\n\n var exampleCopy = new Aws.Ebs.SnapshotCopy(\"example_copy\", new()\n {\n SourceSnapshotId = exampleSnapshot.Id,\n SourceRegion = \"us-west-2\",\n Tags = \n {\n { \"Name\", \"HelloWorld_copy_snap\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := ebs.NewSnapshot(ctx, \"example_snapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tVolumeId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_snap\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewSnapshotCopy(ctx, \"example_copy\", \u0026ebs.SnapshotCopyArgs{\n\t\t\tSourceSnapshotId: exampleSnapshot.ID(),\n\t\t\tSourceRegion: pulumi.String(\"us-west-2\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld_copy_snap\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport com.pulumi.aws.ebs.Snapshot;\nimport com.pulumi.aws.ebs.SnapshotArgs;\nimport com.pulumi.aws.ebs.SnapshotCopy;\nimport com.pulumi.aws.ebs.SnapshotCopyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .size(40)\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder()\n .volumeId(example.id())\n .tags(Map.of(\"Name\", \"HelloWorld_snap\"))\n .build());\n\n var exampleCopy = new SnapshotCopy(\"exampleCopy\", SnapshotCopyArgs.builder()\n .sourceSnapshotId(exampleSnapshot.id())\n .sourceRegion(\"us-west-2\")\n .tags(Map.of(\"Name\", \"HelloWorld_copy_snap\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n size: 40\n tags:\n Name: HelloWorld\n exampleSnapshot:\n type: aws:ebs:Snapshot\n name: example_snapshot\n properties:\n volumeId: ${example.id}\n tags:\n Name: HelloWorld_snap\n exampleCopy:\n type: aws:ebs:SnapshotCopy\n name: example_copy\n properties:\n sourceSnapshotId: ${exampleSnapshot.id}\n sourceRegion: us-west-2\n tags:\n Name: HelloWorld_copy_snap\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n" }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "outpostArn": { "type": "string" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n" }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n" }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "required": [ "arn", "dataEncryptionKeyId", "outpostArn", "ownerAlias", "ownerId", "sourceRegion", "sourceSnapshotId", "storageTier", "tagsAll", "volumeId", "volumeSize" ], "inputProperties": { "description": { "type": "string", "description": "A description of what the snapshot is.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n", "willReplaceOnChanges": true }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n", "willReplaceOnChanges": true }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n", "willReplaceOnChanges": true }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" } }, "requiredInputs": [ "sourceRegion", "sourceSnapshotId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "A description of what the snapshot is.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Whether the snapshot is encrypted.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The region of the source snapshot.\n", "willReplaceOnChanges": true }, "sourceSnapshotId": { "type": "string", "description": "The ARN for the snapshot to be copied.\n", "willReplaceOnChanges": true }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags for the snapshot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object" } }, "aws:ebs/snapshotImport:SnapshotImport": { "description": "Imports a disk image from S3 as a Snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.SnapshotImport(\"example\", {\n diskContainer: {\n format: \"VHD\",\n userBucket: {\n s3Bucket: \"disk-images\",\n s3Key: \"source.vhd\",\n },\n },\n roleName: \"disk-image-import\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.SnapshotImport(\"example\",\n disk_container={\n \"format\": \"VHD\",\n \"user_bucket\": {\n \"s3_bucket\": \"disk-images\",\n \"s3_key\": \"source.vhd\",\n },\n },\n role_name=\"disk-image-import\",\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.SnapshotImport(\"example\", new()\n {\n DiskContainer = new Aws.Ebs.Inputs.SnapshotImportDiskContainerArgs\n {\n Format = \"VHD\",\n UserBucket = new Aws.Ebs.Inputs.SnapshotImportDiskContainerUserBucketArgs\n {\n S3Bucket = \"disk-images\",\n S3Key = \"source.vhd\",\n },\n },\n RoleName = \"disk-image-import\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.NewSnapshotImport(ctx, \"example\", \u0026ebs.SnapshotImportArgs{\n\t\t\tDiskContainer: \u0026ebs.SnapshotImportDiskContainerArgs{\n\t\t\t\tFormat: pulumi.String(\"VHD\"),\n\t\t\t\tUserBucket: \u0026ebs.SnapshotImportDiskContainerUserBucketArgs{\n\t\t\t\t\tS3Bucket: pulumi.String(\"disk-images\"),\n\t\t\t\t\tS3Key: pulumi.String(\"source.vhd\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRoleName: pulumi.String(\"disk-image-import\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.SnapshotImport;\nimport com.pulumi.aws.ebs.SnapshotImportArgs;\nimport com.pulumi.aws.ebs.inputs.SnapshotImportDiskContainerArgs;\nimport com.pulumi.aws.ebs.inputs.SnapshotImportDiskContainerUserBucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SnapshotImport(\"example\", SnapshotImportArgs.builder()\n .diskContainer(SnapshotImportDiskContainerArgs.builder()\n .format(\"VHD\")\n .userBucket(SnapshotImportDiskContainerUserBucketArgs.builder()\n .s3Bucket(\"disk-images\")\n .s3Key(\"source.vhd\")\n .build())\n .build())\n .roleName(\"disk-image-import\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:SnapshotImport\n properties:\n diskContainer:\n format: VHD\n userBucket:\n s3Bucket: disk-images\n s3Key: source.vhd\n roleName: disk-image-import\n tags:\n Name: HelloWorld\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "clientData": { "$ref": "#/types/aws:ebs/SnapshotImportClientData:SnapshotImportClientData", "description": "The client-specific data. Detailed below.\n" }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "The description string for the import snapshot task.\n" }, "diskContainer": { "$ref": "#/types/aws:ebs/SnapshotImportDiskContainer:SnapshotImportDiskContainer", "description": "Information about the disk container. Detailed below.\n" }, "encrypted": { "type": "boolean", "description": "Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is used unless you specify a non-default KMS key using KmsKeyId.\n" }, "kmsKeyId": { "type": "string", "description": "An identifier for the symmetric KMS key to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.\n" }, "outpostArn": { "type": "string" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "roleName": { "type": "string", "description": "The name of the IAM Role the VM Import/Export service will assume. This role needs certain permissions. See https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-role. Default: `vmimport`\n" }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "required": [ "arn", "dataEncryptionKeyId", "description", "diskContainer", "outpostArn", "ownerAlias", "ownerId", "storageTier", "tagsAll", "volumeId", "volumeSize" ], "inputProperties": { "clientData": { "$ref": "#/types/aws:ebs/SnapshotImportClientData:SnapshotImportClientData", "description": "The client-specific data. Detailed below.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description string for the import snapshot task.\n", "willReplaceOnChanges": true }, "diskContainer": { "$ref": "#/types/aws:ebs/SnapshotImportDiskContainer:SnapshotImportDiskContainer", "description": "Information about the disk container. Detailed below.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is used unless you specify a non-default KMS key using KmsKeyId.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "An identifier for the symmetric KMS key to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.\n", "willReplaceOnChanges": true }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "roleName": { "type": "string", "description": "The name of the IAM Role the VM Import/Export service will assume. This role needs certain permissions. See https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-role. Default: `vmimport`\n", "willReplaceOnChanges": true }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot.\n" }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" } }, "requiredInputs": [ "diskContainer" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotImport resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EBS Snapshot.\n" }, "clientData": { "$ref": "#/types/aws:ebs/SnapshotImportClientData:SnapshotImportClientData", "description": "The client-specific data. Detailed below.\n", "willReplaceOnChanges": true }, "dataEncryptionKeyId": { "type": "string", "description": "The data encryption key identifier for the snapshot.\n" }, "description": { "type": "string", "description": "The description string for the import snapshot task.\n", "willReplaceOnChanges": true }, "diskContainer": { "$ref": "#/types/aws:ebs/SnapshotImportDiskContainer:SnapshotImportDiskContainer", "description": "Information about the disk container. Detailed below.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is used unless you specify a non-default KMS key using KmsKeyId.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "An identifier for the symmetric KMS key to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is specified, the Encrypted flag must also be set.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string" }, "ownerAlias": { "type": "string", "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the EBS snapshot owner.\n" }, "permanentRestore": { "type": "boolean", "description": "Indicates whether to permanently restore an archived snapshot.\n" }, "roleName": { "type": "string", "description": "The name of the IAM Role the VM Import/Export service will assume. This role needs certain permissions. See https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-role. Default: `vmimport`\n", "willReplaceOnChanges": true }, "storageTier": { "type": "string", "description": "The name of the storage tier. Valid values are `archive` and `standard`. Default value is `standard`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the snapshot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "temporaryRestoreDays": { "type": "integer", "description": "Specifies the number of days for which to temporarily restore an archived snapshot. Required for temporary restores only. The snapshot will be automatically re-archived after this period.\n" }, "volumeId": { "type": "string" }, "volumeSize": { "type": "integer", "description": "The size of the drive in GiBs.\n" } }, "type": "object" } }, "aws:ebs/volume:Volume": { "description": "Manages a single EBS volume.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40,\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .size(40)\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n size: 40\n tags:\n Name: HelloWorld\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** At least one of `size` or `snapshot_id` is required when specifying an EBS volume\n\n## Import\n\nUsing `pulumi import`, import EBS Volumes using the `id`. For example:\n\n```sh\n$ pulumi import aws:ebs/volume:Volume id vol-049df61146c4d7901\n```\n", "properties": { "arn": { "type": "string", "description": "The volume ARN (e.g., arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n" }, "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "finalSnapshot": { "type": "boolean", "description": "If true, snapshot will be created before volume deletion. Any tags on the volume will be migrated to the snapshot. By default set to false\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk. Only valid for `type` of `io1`, `io2` or `gp3`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true. Note: The provider must be running with credentials which have the `GenerateDataKeyWithoutPlaintext` permission on the specified KMS key as required by the [EBS KMS CMK volume provisioning process](https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html#ebs-cmk) to prevent a volume from being created and almost immediately deleted.\n" }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported on `io1` and `io2` volumes.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughput": { "type": "integer", "description": "The throughput that the volume supports, in MiB/s. Only valid for `type` of `gp3`.\n\n\u003e **NOTE:** When changing the `size`, `iops` or `type` of an instance, there are [considerations](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/considerations.html) to be aware of.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `gp2`).\n" } }, "required": [ "arn", "availabilityZone", "encrypted", "iops", "kmsKeyId", "size", "snapshotId", "tagsAll", "throughput", "type" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n", "willReplaceOnChanges": true }, "finalSnapshot": { "type": "boolean", "description": "If true, snapshot will be created before volume deletion. Any tags on the volume will be migrated to the snapshot. By default set to false\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk. Only valid for `type` of `io1`, `io2` or `gp3`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true. Note: The provider must be running with credentials which have the `GenerateDataKeyWithoutPlaintext` permission on the specified KMS key as required by the [EBS KMS CMK volume provisioning process](https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html#ebs-cmk) to prevent a volume from being created and almost immediately deleted.\n", "willReplaceOnChanges": true }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported on `io1` and `io2` volumes.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "throughput": { "type": "integer", "description": "The throughput that the volume supports, in MiB/s. Only valid for `type` of `gp3`.\n\n\u003e **NOTE:** When changing the `size`, `iops` or `type` of an instance, there are [considerations](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/considerations.html) to be aware of.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `gp2`).\n" } }, "requiredInputs": [ "availabilityZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering Volume resources.\n", "properties": { "arn": { "type": "string", "description": "The volume ARN (e.g., arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n" }, "availabilityZone": { "type": "string", "description": "The AZ where the EBS volume will exist.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n", "willReplaceOnChanges": true }, "finalSnapshot": { "type": "boolean", "description": "If true, snapshot will be created before volume deletion. Any tags on the volume will be migrated to the snapshot. By default set to false\n" }, "iops": { "type": "integer", "description": "The amount of IOPS to provision for the disk. Only valid for `type` of `io1`, `io2` or `gp3`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true. Note: The provider must be running with credentials which have the `GenerateDataKeyWithoutPlaintext` permission on the specified KMS key as required by the [EBS KMS CMK volume provisioning process](https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html#ebs-cmk) to prevent a volume from being created and almost immediately deleted.\n", "willReplaceOnChanges": true }, "multiAttachEnabled": { "type": "boolean", "description": "Specifies whether to enable Amazon EBS Multi-Attach. Multi-Attach is supported on `io1` and `io2` volumes.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n", "willReplaceOnChanges": true }, "size": { "type": "integer", "description": "The size of the drive in GiBs.\n" }, "snapshotId": { "type": "string", "description": "A snapshot to base the EBS volume off of.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughput": { "type": "integer", "description": "The throughput that the volume supports, in MiB/s. Only valid for `type` of `gp3`.\n\n\u003e **NOTE:** When changing the `size`, `iops` or `type` of an instance, there are [considerations](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/considerations.html) to be aware of.\n" }, "type": { "type": "string", "description": "The type of EBS volume. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `gp2`).\n" } }, "type": "object" } }, "aws:ec2/ami:Ami": { "description": "The AMI resource allows the creation and management of a completely-custom\n*Amazon Machine Image* (AMI).\n\nIf you just want to duplicate an existing AMI, possibly copying it to another\nregion, it's better to use `aws.ec2.AmiCopy` instead.\n\nIf you just want to share an existing AMI with another AWS account,\nit's better to use `aws.ec2.AmiLaunchPermission` instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create an AMI that will start a machine whose root device is backed by\n// an EBS volume populated from a snapshot. We assume that such a snapshot\n// already exists with the id \"snap-xxxxxxxx\".\nconst example = new aws.ec2.Ami(\"example\", {\n name: \"example\",\n virtualizationType: \"hvm\",\n rootDeviceName: \"/dev/xvda\",\n imdsSupport: \"v2.0\",\n ebsBlockDevices: [{\n deviceName: \"/dev/xvda\",\n snapshotId: \"snap-xxxxxxxx\",\n volumeSize: 8,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create an AMI that will start a machine whose root device is backed by\n# an EBS volume populated from a snapshot. We assume that such a snapshot\n# already exists with the id \"snap-xxxxxxxx\".\nexample = aws.ec2.Ami(\"example\",\n name=\"example\",\n virtualization_type=\"hvm\",\n root_device_name=\"/dev/xvda\",\n imds_support=\"v2.0\",\n ebs_block_devices=[{\n \"device_name\": \"/dev/xvda\",\n \"snapshot_id\": \"snap-xxxxxxxx\",\n \"volume_size\": 8,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create an AMI that will start a machine whose root device is backed by\n // an EBS volume populated from a snapshot. We assume that such a snapshot\n // already exists with the id \"snap-xxxxxxxx\".\n var example = new Aws.Ec2.Ami(\"example\", new()\n {\n Name = \"example\",\n VirtualizationType = \"hvm\",\n RootDeviceName = \"/dev/xvda\",\n ImdsSupport = \"v2.0\",\n EbsBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.AmiEbsBlockDeviceArgs\n {\n DeviceName = \"/dev/xvda\",\n SnapshotId = \"snap-xxxxxxxx\",\n VolumeSize = 8,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create an AMI that will start a machine whose root device is backed by\n\t\t// an EBS volume populated from a snapshot. We assume that such a snapshot\n\t\t// already exists with the id \"snap-xxxxxxxx\".\n\t\t_, err := ec2.NewAmi(ctx, \"example\", \u0026ec2.AmiArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVirtualizationType: pulumi.String(\"hvm\"),\n\t\t\tRootDeviceName: pulumi.String(\"/dev/xvda\"),\n\t\t\tImdsSupport: pulumi.String(\"v2.0\"),\n\t\t\tEbsBlockDevices: ec2.AmiEbsBlockDeviceArray{\n\t\t\t\t\u0026ec2.AmiEbsBlockDeviceArgs{\n\t\t\t\t\tDeviceName: pulumi.String(\"/dev/xvda\"),\n\t\t\t\t\tSnapshotId: pulumi.String(\"snap-xxxxxxxx\"),\n\t\t\t\t\tVolumeSize: pulumi.Int(8),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ami;\nimport com.pulumi.aws.ec2.AmiArgs;\nimport com.pulumi.aws.ec2.inputs.AmiEbsBlockDeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create an AMI that will start a machine whose root device is backed by\n // an EBS volume populated from a snapshot. We assume that such a snapshot\n // already exists with the id \"snap-xxxxxxxx\".\n var example = new Ami(\"example\", AmiArgs.builder()\n .name(\"example\")\n .virtualizationType(\"hvm\")\n .rootDeviceName(\"/dev/xvda\")\n .imdsSupport(\"v2.0\")\n .ebsBlockDevices(AmiEbsBlockDeviceArgs.builder()\n .deviceName(\"/dev/xvda\")\n .snapshotId(\"snap-xxxxxxxx\")\n .volumeSize(8)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create an AMI that will start a machine whose root device is backed by\n # an EBS volume populated from a snapshot. We assume that such a snapshot\n # already exists with the id \"snap-xxxxxxxx\".\n example:\n type: aws:ec2:Ami\n properties:\n name: example\n virtualizationType: hvm\n rootDeviceName: /dev/xvda\n imdsSupport: v2.0\n ebsBlockDevices:\n - deviceName: /dev/xvda\n snapshotId: snap-xxxxxxxx\n volumeSize: 8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ami` using the ID of the AMI. For example:\n\n```sh\n$ pulumi import aws:ec2/ami:Ami example ami-12345678\n```\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "hypervisor": { "type": "string", "description": "Hypervisor type of the image.\n" }, "imageLocation": { "type": "string" }, "imageOwnerAlias": { "type": "string", "description": "AWS account alias (for example, amazon, self) or the AWS account ID of the AMI owner.\n" }, "imageType": { "type": "string", "description": "Type of image.\n" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n" }, "kernelId": { "type": "string" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n" }, "ownerId": { "type": "string", "description": "AWS account ID of the image owner.\n" }, "platform": { "type": "string", "description": "This value is set to windows for Windows AMIs; otherwise, it is blank.\n" }, "platformDetails": { "type": "string", "description": "Platform details associated with the billing code of the AMI.\n" }, "public": { "type": "boolean", "description": "Whether the image has public launch permissions.\n" }, "ramdiskId": { "type": "string" }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string", "description": "Snapshot ID for the root volume (for EBS-backed AMIs)\n" }, "sriovNetSupport": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "usageOperation": { "type": "string", "description": "Operation of the Amazon EC2 instance and the billing code that is associated with the AMI.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "arn", "ebsBlockDevices", "ephemeralBlockDevices", "hypervisor", "imageLocation", "imageOwnerAlias", "imageType", "manageEbsSnapshots", "name", "ownerId", "platform", "platformDetails", "public", "rootSnapshotId", "tagsAll", "usageOperation" ], "inputProperties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n", "willReplaceOnChanges": true }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n", "willReplaceOnChanges": true }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "imageLocation": { "type": "string", "willReplaceOnChanges": true }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n", "willReplaceOnChanges": true }, "kernelId": { "type": "string", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "ramdiskId": { "type": "string", "willReplaceOnChanges": true }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n", "willReplaceOnChanges": true }, "sriovNetSupport": { "type": "string", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n", "willReplaceOnChanges": true }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Ami resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n", "willReplaceOnChanges": true }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEbsBlockDevice:AmiEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiEphemeralBlockDevice:AmiEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "hypervisor": { "type": "string", "description": "Hypervisor type of the image.\n" }, "imageLocation": { "type": "string", "willReplaceOnChanges": true }, "imageOwnerAlias": { "type": "string", "description": "AWS account alias (for example, amazon, self) or the AWS account ID of the AMI owner.\n" }, "imageType": { "type": "string", "description": "Type of image.\n" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n", "willReplaceOnChanges": true }, "kernelId": { "type": "string", "willReplaceOnChanges": true }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "AWS account ID of the image owner.\n" }, "platform": { "type": "string", "description": "This value is set to windows for Windows AMIs; otherwise, it is blank.\n" }, "platformDetails": { "type": "string", "description": "Platform details associated with the billing code of the AMI.\n" }, "public": { "type": "boolean", "description": "Whether the image has public launch permissions.\n" }, "ramdiskId": { "type": "string", "willReplaceOnChanges": true }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n", "willReplaceOnChanges": true }, "rootSnapshotId": { "type": "string", "description": "Snapshot ID for the root volume (for EBS-backed AMIs)\n" }, "sriovNetSupport": { "type": "string", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n", "willReplaceOnChanges": true }, "usageOperation": { "type": "string", "description": "Operation of the Amazon EC2 instance and the billing code that is associated with the AMI.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/amiCopy:AmiCopy": { "description": "The \"AMI copy\" resource allows duplication of an Amazon Machine Image (AMI),\nincluding cross-region copies.\n\nIf the source AMI has associated EBS snapshots, those will also be duplicated\nalong with the AMI.\n\nThis is useful for taking a single AMI provisioned in one region and making\nit available in another for a multi-region deployment.\n\nCopying an AMI can take several minutes. The creation of this resource will\nblock until the new AMI is available for use on new instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiCopy(\"example\", {\n name: \"example\",\n description: \"A copy of ami-xxxxxxxx\",\n sourceAmiId: \"ami-xxxxxxxx\",\n sourceAmiRegion: \"us-west-1\",\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiCopy(\"example\",\n name=\"example\",\n description=\"A copy of ami-xxxxxxxx\",\n source_ami_id=\"ami-xxxxxxxx\",\n source_ami_region=\"us-west-1\",\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AmiCopy(\"example\", new()\n {\n Name = \"example\",\n Description = \"A copy of ami-xxxxxxxx\",\n SourceAmiId = \"ami-xxxxxxxx\",\n SourceAmiRegion = \"us-west-1\",\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewAmiCopy(ctx, \"example\", \u0026ec2.AmiCopyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"A copy of ami-xxxxxxxx\"),\n\t\t\tSourceAmiId: pulumi.String(\"ami-xxxxxxxx\"),\n\t\t\tSourceAmiRegion: pulumi.String(\"us-west-1\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AmiCopy;\nimport com.pulumi.aws.ec2.AmiCopyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AmiCopy(\"example\", AmiCopyArgs.builder()\n .name(\"example\")\n .description(\"A copy of ami-xxxxxxxx\")\n .sourceAmiId(\"ami-xxxxxxxx\")\n .sourceAmiRegion(\"us-west-1\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiCopy\n properties:\n name: example\n description: A copy of ami-xxxxxxxx\n sourceAmiId: ami-xxxxxxxx\n sourceAmiRegion: us-west-1\n tags:\n Name: HelloWorld\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "destinationOutpostArn": { "type": "string", "description": "ARN of the Outpost to which to copy the AMI.\nOnly specify this parameter when copying an AMI from an AWS Region to an Outpost. The AMI must be in the Region of the destination Outpost.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "encrypted": { "type": "boolean", "description": "Whether the destination snapshots of the copied image should be encrypted. Defaults to `false`\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "hypervisor": { "type": "string" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g., created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "imageOwnerAlias": { "type": "string" }, "imageType": { "type": "string" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n" }, "kernelId": { "type": "string", "description": "ID of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "kmsKeyId": { "type": "string", "description": "Full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n" }, "ownerId": { "type": "string" }, "platform": { "type": "string" }, "platformDetails": { "type": "string" }, "public": { "type": "boolean" }, "ramdiskId": { "type": "string", "description": "ID of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "sourceAmiId": { "type": "string", "description": "Id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n" }, "sourceAmiRegion": { "type": "string", "description": "Region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "usageOperation": { "type": "string" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "architecture", "arn", "bootMode", "ebsBlockDevices", "enaSupport", "ephemeralBlockDevices", "hypervisor", "imageLocation", "imageOwnerAlias", "imageType", "imdsSupport", "kernelId", "kmsKeyId", "manageEbsSnapshots", "name", "ownerId", "platform", "platformDetails", "public", "ramdiskId", "rootDeviceName", "rootSnapshotId", "sourceAmiId", "sourceAmiRegion", "sriovNetSupport", "tagsAll", "tpmSupport", "usageOperation", "virtualizationType" ], "inputProperties": { "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "destinationOutpostArn": { "type": "string", "description": "ARN of the Outpost to which to copy the AMI.\nOnly specify this parameter when copying an AMI from an AWS Region to an Outpost. The AMI must be in the Region of the destination Outpost.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "encrypted": { "type": "boolean", "description": "Whether the destination snapshots of the copied image should be encrypted. Defaults to `false`\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "sourceAmiId": { "type": "string", "description": "Id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n", "willReplaceOnChanges": true }, "sourceAmiRegion": { "type": "string", "description": "Region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "sourceAmiId", "sourceAmiRegion" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiCopy resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "destinationOutpostArn": { "type": "string", "description": "ARN of the Outpost to which to copy the AMI.\nOnly specify this parameter when copying an AMI from an AWS Region to an Outpost. The AMI must be in the Region of the destination Outpost.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEbsBlockDevice:AmiCopyEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "encrypted": { "type": "boolean", "description": "Whether the destination snapshots of the copied image should be encrypted. Defaults to `false`\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiCopyEphemeralBlockDevice:AmiCopyEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "hypervisor": { "type": "string" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g., created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "imageOwnerAlias": { "type": "string" }, "imageType": { "type": "string" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n" }, "kernelId": { "type": "string", "description": "ID of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "kmsKeyId": { "type": "string", "description": "Full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used\n", "willReplaceOnChanges": true }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string" }, "platform": { "type": "string" }, "platformDetails": { "type": "string" }, "public": { "type": "boolean" }, "ramdiskId": { "type": "string", "description": "ID of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "sourceAmiId": { "type": "string", "description": "Id of the AMI to copy. This id must be valid in the region\ngiven by `source_ami_region`.\n", "willReplaceOnChanges": true }, "sourceAmiRegion": { "type": "string", "description": "Region from which the AMI will be copied. This may be the\nsame as the AWS provider region in order to create a copy within the same region.\n", "willReplaceOnChanges": true }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "usageOperation": { "type": "string" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "type": "object" } }, "aws:ec2/amiFromInstance:AmiFromInstance": { "description": "The \"AMI from instance\" resource allows the creation of an Amazon Machine\nImage (AMI) modeled after an existing EBS-backed EC2 instance.\n\nThe created AMI will refer to implicitly-created snapshots of the instance's\nEBS volumes and mimick its assigned block device configuration at the time\nthe resource is created.\n\nThis resource is best applied to an instance that is stopped when this instance\nis created, so that the contents of the created image are predictable. When\napplied to an instance that is running, *the instance will be stopped before taking\nthe snapshots and then started back up again*, resulting in a period of\ndowntime.\n\nNote that the source instance is inspected only at the initial creation of this\nresource. Ongoing updates to the referenced instance will not be propagated into\nthe generated AMI. Users may taint or otherwise recreate the resource in order\nto produce a fresh snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiFromInstance(\"example\", {\n name: \"example\",\n sourceInstanceId: \"i-xxxxxxxx\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiFromInstance(\"example\",\n name=\"example\",\n source_instance_id=\"i-xxxxxxxx\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AmiFromInstance(\"example\", new()\n {\n Name = \"example\",\n SourceInstanceId = \"i-xxxxxxxx\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewAmiFromInstance(ctx, \"example\", \u0026ec2.AmiFromInstanceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSourceInstanceId: pulumi.String(\"i-xxxxxxxx\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AmiFromInstance;\nimport com.pulumi.aws.ec2.AmiFromInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AmiFromInstance(\"example\", AmiFromInstanceArgs.builder()\n .name(\"example\")\n .sourceInstanceId(\"i-xxxxxxxx\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiFromInstance\n properties:\n name: example\n sourceInstanceId: i-xxxxxxxx\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n" }, "hypervisor": { "type": "string" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g., created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "imageOwnerAlias": { "type": "string" }, "imageType": { "type": "string" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n" }, "kernelId": { "type": "string", "description": "ID of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n" }, "ownerId": { "type": "string" }, "platform": { "type": "string" }, "platformDetails": { "type": "string" }, "public": { "type": "boolean" }, "ramdiskId": { "type": "string", "description": "ID of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n" }, "sourceInstanceId": { "type": "string", "description": "ID of the instance to use as the basis of the AMI.\n" }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "usageOperation": { "type": "string" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "required": [ "architecture", "arn", "bootMode", "ebsBlockDevices", "enaSupport", "ephemeralBlockDevices", "hypervisor", "imageLocation", "imageOwnerAlias", "imageType", "imdsSupport", "kernelId", "manageEbsSnapshots", "name", "ownerId", "platform", "platformDetails", "public", "ramdiskId", "rootDeviceName", "rootSnapshotId", "sourceInstanceId", "sriovNetSupport", "tagsAll", "tpmSupport", "usageOperation", "virtualizationType" ], "inputProperties": { "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n", "willReplaceOnChanges": true }, "sourceInstanceId": { "type": "string", "description": "ID of the instance to use as the basis of the AMI.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "sourceInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiFromInstance resources.\n", "properties": { "architecture": { "type": "string", "description": "Machine architecture for created instances. Defaults to \"x86_64\".\n" }, "arn": { "type": "string", "description": "ARN of the AMI.\n" }, "bootMode": { "type": "string", "description": "Boot mode of the AMI. For more information, see [Boot modes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "deprecationTime": { "type": "string", "description": "Date and time to deprecate the AMI. If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "description": { "type": "string", "description": "Longer, human-readable description for the AMI.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEbsBlockDevice:AmiFromInstanceEbsBlockDevice" }, "description": "Nested block describing an EBS block device that should be\nattached to created instances. The structure of this block is described below.\n" }, "enaSupport": { "type": "boolean", "description": "Whether enhanced networking with ENA is enabled. Defaults to `false`.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/AmiFromInstanceEphemeralBlockDevice:AmiFromInstanceEphemeralBlockDevice" }, "description": "Nested block describing an ephemeral block device that\nshould be attached to created instances. The structure of this block is described below.\n", "willReplaceOnChanges": true }, "hypervisor": { "type": "string" }, "imageLocation": { "type": "string", "description": "Path to an S3 object containing an image manifest, e.g., created\nby the `ec2-upload-bundle` command in the EC2 command line tools.\n" }, "imageOwnerAlias": { "type": "string" }, "imageType": { "type": "string" }, "imdsSupport": { "type": "string", "description": "If EC2 instances started from this image should require the use of the Instance Metadata Service V2 (IMDSv2), set this argument to `v2.0`. For more information, see [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration).\n" }, "kernelId": { "type": "string", "description": "ID of the kernel image (AKI) that will be used as the paravirtual\nkernel in created instances.\n" }, "manageEbsSnapshots": { "type": "boolean" }, "name": { "type": "string", "description": "Region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string" }, "platform": { "type": "string" }, "platformDetails": { "type": "string" }, "public": { "type": "boolean" }, "ramdiskId": { "type": "string", "description": "ID of an initrd image (ARI) that will be used when booting the\ncreated instances.\n" }, "rootDeviceName": { "type": "string", "description": "Name of the root device (for example, `/dev/sda1`, or `/dev/xvda`).\n" }, "rootSnapshotId": { "type": "string" }, "snapshotWithoutReboot": { "type": "boolean", "description": "Boolean that overrides the behavior of stopping\nthe instance before snapshotting. This is risky since it may cause a snapshot of an\ninconsistent filesystem state, but can be used to avoid downtime if the user otherwise\nguarantees that no filesystem writes will be underway at the time of snapshot.\n", "willReplaceOnChanges": true }, "sourceInstanceId": { "type": "string", "description": "ID of the instance to use as the basis of the AMI.\n", "willReplaceOnChanges": true }, "sriovNetSupport": { "type": "string", "description": "When set to \"simple\" (the default), enables enhanced networking\nfor created instances. No other value is supported at this time.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "tpmSupport": { "type": "string", "description": "If the image is configured for NitroTPM support, the value is `v2.0`. For more information, see [NitroTPM](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon Elastic Compute Cloud User Guide.\n" }, "usageOperation": { "type": "string" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances\nwill use. Can be either \"paravirtual\" (the default) or \"hvm\". The choice of virtualization type\nchanges the set of further arguments that are required, as described below.\n" } }, "type": "object" } }, "aws:ec2/amiLaunchPermission:AmiLaunchPermission": { "description": "Adds a launch permission to an Amazon Machine Image (AMI).\n\n## Example Usage\n\n### AWS Account ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiLaunchPermission(\"example\", {\n imageId: \"ami-12345678\",\n accountId: \"123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiLaunchPermission(\"example\",\n image_id=\"ami-12345678\",\n account_id=\"123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AmiLaunchPermission(\"example\", new()\n {\n ImageId = \"ami-12345678\",\n AccountId = \"123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewAmiLaunchPermission(ctx, \"example\", \u0026ec2.AmiLaunchPermissionArgs{\n\t\t\tImageId: pulumi.String(\"ami-12345678\"),\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AmiLaunchPermission;\nimport com.pulumi.aws.ec2.AmiLaunchPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AmiLaunchPermission(\"example\", AmiLaunchPermissionArgs.builder()\n .imageId(\"ami-12345678\")\n .accountId(\"123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiLaunchPermission\n properties:\n imageId: ami-12345678\n accountId: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiLaunchPermission(\"example\", {\n imageId: \"ami-12345678\",\n group: \"all\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiLaunchPermission(\"example\",\n image_id=\"ami-12345678\",\n group=\"all\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AmiLaunchPermission(\"example\", new()\n {\n ImageId = \"ami-12345678\",\n Group = \"all\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewAmiLaunchPermission(ctx, \"example\", \u0026ec2.AmiLaunchPermissionArgs{\n\t\t\tImageId: pulumi.String(\"ami-12345678\"),\n\t\t\tGroup: pulumi.String(\"all\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AmiLaunchPermission;\nimport com.pulumi.aws.ec2.AmiLaunchPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AmiLaunchPermission(\"example\", AmiLaunchPermissionArgs.builder()\n .imageId(\"ami-12345678\")\n .group(\"all\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiLaunchPermission\n properties:\n imageId: ami-12345678\n group: all\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.organizations.getOrganization({});\nconst example = new aws.ec2.AmiLaunchPermission(\"example\", {\n imageId: \"ami-12345678\",\n organizationArn: current.then(current =\u003e current.arn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.organizations.get_organization()\nexample = aws.ec2.AmiLaunchPermission(\"example\",\n image_id=\"ami-12345678\",\n organization_arn=current.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.Organizations.GetOrganization.Invoke();\n\n var example = new Aws.Ec2.AmiLaunchPermission(\"example\", new()\n {\n ImageId = \"ami-12345678\",\n OrganizationArn = current.Apply(getOrganizationResult =\u003e getOrganizationResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewAmiLaunchPermission(ctx, \"example\", \u0026ec2.AmiLaunchPermissionArgs{\n\t\t\tImageId: pulumi.String(\"ami-12345678\"),\n\t\t\tOrganizationArn: pulumi.String(current.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.ec2.AmiLaunchPermission;\nimport com.pulumi.aws.ec2.AmiLaunchPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = OrganizationsFunctions.getOrganization();\n\n var example = new AmiLaunchPermission(\"example\", AmiLaunchPermissionArgs.builder()\n .imageId(\"ami-12345678\")\n .organizationArn(current.applyValue(getOrganizationResult -\u003e getOrganizationResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiLaunchPermission\n properties:\n imageId: ami-12345678\n organizationArn: ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AMI Launch Permissions using `[ACCOUNT-ID|GROUP-NAME|ORGANIZATION-ARN|ORGANIZATIONAL-UNIT-ARN]/IMAGE-ID`. For example:\n\n```sh\n$ pulumi import aws:ec2/amiLaunchPermission:AmiLaunchPermission example 123456789012/ami-12345678\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the launch permission.\n" }, "group": { "type": "string", "description": "Name of the group for the launch permission. Valid values: `\"all\"`.\n" }, "imageId": { "type": "string", "description": "ID of the AMI.\n" }, "organizationArn": { "type": "string", "description": "ARN of an organization for the launch permission.\n" }, "organizationalUnitArn": { "type": "string", "description": "ARN of an organizational unit for the launch permission.\n" } }, "required": [ "imageId" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID for the launch permission.\n", "willReplaceOnChanges": true }, "group": { "type": "string", "description": "Name of the group for the launch permission. Valid values: `\"all\"`.\n", "willReplaceOnChanges": true }, "imageId": { "type": "string", "description": "ID of the AMI.\n", "willReplaceOnChanges": true }, "organizationArn": { "type": "string", "description": "ARN of an organization for the launch permission.\n", "willReplaceOnChanges": true }, "organizationalUnitArn": { "type": "string", "description": "ARN of an organizational unit for the launch permission.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "imageId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AmiLaunchPermission resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the launch permission.\n", "willReplaceOnChanges": true }, "group": { "type": "string", "description": "Name of the group for the launch permission. Valid values: `\"all\"`.\n", "willReplaceOnChanges": true }, "imageId": { "type": "string", "description": "ID of the AMI.\n", "willReplaceOnChanges": true }, "organizationArn": { "type": "string", "description": "ARN of an organization for the launch permission.\n", "willReplaceOnChanges": true }, "organizationalUnitArn": { "type": "string", "description": "ARN of an organizational unit for the launch permission.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/availabilityZoneGroup:AvailabilityZoneGroup": { "description": "Manages an EC2 Availability Zone Group, such as updating its opt-in status.\n\n\u003e **NOTE:** This is an advanced resource. The provider will automatically assume management of the EC2 Availability Zone Group without import and perform no actions on removal from configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AvailabilityZoneGroup(\"example\", {\n groupName: \"us-west-2-lax-1\",\n optInStatus: \"opted-in\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AvailabilityZoneGroup(\"example\",\n group_name=\"us-west-2-lax-1\",\n opt_in_status=\"opted-in\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AvailabilityZoneGroup(\"example\", new()\n {\n GroupName = \"us-west-2-lax-1\",\n OptInStatus = \"opted-in\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewAvailabilityZoneGroup(ctx, \"example\", \u0026ec2.AvailabilityZoneGroupArgs{\n\t\t\tGroupName: pulumi.String(\"us-west-2-lax-1\"),\n\t\t\tOptInStatus: pulumi.String(\"opted-in\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AvailabilityZoneGroup;\nimport com.pulumi.aws.ec2.AvailabilityZoneGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AvailabilityZoneGroup(\"example\", AvailabilityZoneGroupArgs.builder()\n .groupName(\"us-west-2-lax-1\")\n .optInStatus(\"opted-in\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AvailabilityZoneGroup\n properties:\n groupName: us-west-2-lax-1\n optInStatus: opted-in\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EC2 Availability Zone Groups using the group name. For example:\n\n```sh\n$ pulumi import aws:ec2/availabilityZoneGroup:AvailabilityZoneGroup example us-west-2-lax-1\n```\n", "properties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n" }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "required": [ "groupName", "optInStatus" ], "inputProperties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n", "willReplaceOnChanges": true }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "requiredInputs": [ "groupName", "optInStatus" ], "stateInputs": { "description": "Input properties used for looking up and filtering AvailabilityZoneGroup resources.\n", "properties": { "groupName": { "type": "string", "description": "Name of the Availability Zone Group.\n", "willReplaceOnChanges": true }, "optInStatus": { "type": "string", "description": "Indicates whether to enable or disable Availability Zone Group. Valid values: `opted-in` or `not-opted-in`.\n" } }, "type": "object" } }, "aws:ec2/capacityBlockReservation:CapacityBlockReservation": { "description": "Provides an EC2 Capacity Block Reservation. This allows you to purchase capacity block for your Amazon EC2 instances in a specific Availability Zone for machine learning (ML) Workloads.\n\n\u003e **NOTE:** Once created, a reservation is valid for the `duration` of the provided `capacity_block_offering_id` and cannot be deleted. Performing a `destroy` will only remove the resource from state. For more information see [EC2 Capacity Block Reservation Documentation](https://aws.amazon.com/ec2/instance-types/p5/) and [PurchaseReservedDBInstancesOffering](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-blocks-pricing-billing.html).\n\n\u003e **NOTE:** Due to the expense of testing this resource, we provide it as best effort. If you find it useful, and have the ability to help test or notice issues, consider reaching out to us on GitHub.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getCapacityBlockOffering({\n capacityDurationHours: 24,\n endDateRange: \"2024-05-30T15:04:05Z\",\n instanceCount: 1,\n instanceType: \"p4d.24xlarge\",\n startDateRange: \"2024-04-28T15:04:05Z\",\n});\nconst example = new aws.ec2.CapacityBlockReservation(\"example\", {\n capacityBlockOfferingId: test.then(test =\u003e test.capacityBlockOfferingId),\n instancePlatform: \"Linux/UNIX\",\n tags: {\n Environment: \"dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_capacity_block_offering(capacity_duration_hours=24,\n end_date_range=\"2024-05-30T15:04:05Z\",\n instance_count=1,\n instance_type=\"p4d.24xlarge\",\n start_date_range=\"2024-04-28T15:04:05Z\")\nexample = aws.ec2.CapacityBlockReservation(\"example\",\n capacity_block_offering_id=test.capacity_block_offering_id,\n instance_platform=\"Linux/UNIX\",\n tags={\n \"Environment\": \"dev\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetCapacityBlockOffering.Invoke(new()\n {\n CapacityDurationHours = 24,\n EndDateRange = \"2024-05-30T15:04:05Z\",\n InstanceCount = 1,\n InstanceType = \"p4d.24xlarge\",\n StartDateRange = \"2024-04-28T15:04:05Z\",\n });\n\n var example = new Aws.Ec2.CapacityBlockReservation(\"example\", new()\n {\n CapacityBlockOfferingId = test.Apply(getCapacityBlockOfferingResult =\u003e getCapacityBlockOfferingResult.CapacityBlockOfferingId),\n InstancePlatform = \"Linux/UNIX\",\n Tags = \n {\n { \"Environment\", \"dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.GetCapacityBlockOffering(ctx, \u0026ec2.GetCapacityBlockOfferingArgs{\n\t\t\tCapacityDurationHours: 24,\n\t\t\tEndDateRange: pulumi.StringRef(\"2024-05-30T15:04:05Z\"),\n\t\t\tInstanceCount: 1,\n\t\t\tInstanceType: \"p4d.24xlarge\",\n\t\t\tStartDateRange: pulumi.StringRef(\"2024-04-28T15:04:05Z\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewCapacityBlockReservation(ctx, \"example\", \u0026ec2.CapacityBlockReservationArgs{\n\t\t\tCapacityBlockOfferingId: pulumi.String(test.CapacityBlockOfferingId),\n\t\t\tInstancePlatform: pulumi.String(\"Linux/UNIX\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetCapacityBlockOfferingArgs;\nimport com.pulumi.aws.ec2.CapacityBlockReservation;\nimport com.pulumi.aws.ec2.CapacityBlockReservationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getCapacityBlockOffering(GetCapacityBlockOfferingArgs.builder()\n .capacityDurationHours(24)\n .endDateRange(\"2024-05-30T15:04:05Z\")\n .instanceCount(1)\n .instanceType(\"p4d.24xlarge\")\n .startDateRange(\"2024-04-28T15:04:05Z\")\n .build());\n\n var example = new CapacityBlockReservation(\"example\", CapacityBlockReservationArgs.builder()\n .capacityBlockOfferingId(test.applyValue(getCapacityBlockOfferingResult -\u003e getCapacityBlockOfferingResult.capacityBlockOfferingId()))\n .instancePlatform(\"Linux/UNIX\")\n .tags(Map.of(\"Environment\", \"dev\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:CapacityBlockReservation\n properties:\n capacityBlockOfferingId: ${test.capacityBlockOfferingId}\n instancePlatform: Linux/UNIX\n tags:\n Environment: dev\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getCapacityBlockOffering\n Arguments:\n capacityDurationHours: 24\n endDateRange: 2024-05-30T15:04:05Z\n instanceCount: 1\n instanceType: p4d.24xlarge\n startDateRange: 2024-04-28T15:04:05Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Block Reservation.\n" }, "capacityBlockOfferingId": { "type": "string", "description": "The Capacity Block Reservation ID.\n" }, "createdDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation was created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation expires. When a Capacity Block Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instancePlatform": { "type": "string", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "description": "The instance type for which to reserve capacity.\n" }, "outpostArn": { "type": "string", "description": "The ARN of the Outpost on which to create the Capacity Block Reservation.\n" }, "placementGroupArn": { "type": "string", "description": "The ARN of the placement group in which to create the Capacity Block Reservation.\n" }, "reservationType": { "type": "string", "description": "The type of Capacity Reservation.\n" }, "startDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation starts. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Indicates the tenancy of the Capacity Block Reservation. Specify either `default` or `dedicated`.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/CapacityBlockReservationTimeouts:CapacityBlockReservationTimeouts" } }, "required": [ "arn", "availabilityZone", "capacityBlockOfferingId", "createdDate", "ebsOptimized", "endDate", "endDateType", "instanceCount", "instancePlatform", "instanceType", "outpostArn", "placementGroupArn", "reservationType", "startDate", "tagsAll", "tenancy" ], "inputProperties": { "capacityBlockOfferingId": { "type": "string", "description": "The Capacity Block Reservation ID.\n" }, "instancePlatform": { "type": "string", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/CapacityBlockReservationTimeouts:CapacityBlockReservationTimeouts" } }, "requiredInputs": [ "capacityBlockOfferingId", "instancePlatform" ], "stateInputs": { "description": "Input properties used for looking up and filtering CapacityBlockReservation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Block Reservation.\n" }, "capacityBlockOfferingId": { "type": "string", "description": "The Capacity Block Reservation ID.\n" }, "createdDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation was created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation expires. When a Capacity Block Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instancePlatform": { "type": "string", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "description": "The instance type for which to reserve capacity.\n" }, "outpostArn": { "type": "string", "description": "The ARN of the Outpost on which to create the Capacity Block Reservation.\n" }, "placementGroupArn": { "type": "string", "description": "The ARN of the placement group in which to create the Capacity Block Reservation.\n" }, "reservationType": { "type": "string", "description": "The type of Capacity Reservation.\n" }, "startDate": { "type": "string", "description": "The date and time at which the Capacity Block Reservation starts. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Indicates the tenancy of the Capacity Block Reservation. Specify either `default` or `dedicated`.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/CapacityBlockReservationTimeouts:CapacityBlockReservationTimeouts" } }, "type": "object" } }, "aws:ec2/capacityReservation:CapacityReservation": { "description": "Provides an EC2 Capacity Reservation. This allows you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.CapacityReservation(\"default\", {\n instanceType: aws.ec2.InstanceType.T2_Micro,\n instancePlatform: aws.ec2.InstancePlatform.LinuxUnix,\n availabilityZone: \"eu-west-1a\",\n instanceCount: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.CapacityReservation(\"default\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n instance_platform=aws.ec2.InstancePlatform.LINUX_UNIX,\n availability_zone=\"eu-west-1a\",\n instance_count=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.CapacityReservation(\"default\", new()\n {\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n InstancePlatform = Aws.Ec2.InstancePlatform.LinuxUnix,\n AvailabilityZone = \"eu-west-1a\",\n InstanceCount = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewCapacityReservation(ctx, \"default\", \u0026ec2.CapacityReservationArgs{\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tInstancePlatform: pulumi.String(ec2.InstancePlatformLinuxUnix),\n\t\t\tAvailabilityZone: pulumi.String(\"eu-west-1a\"),\n\t\t\tInstanceCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.CapacityReservation;\nimport com.pulumi.aws.ec2.CapacityReservationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new CapacityReservation(\"default\", CapacityReservationArgs.builder()\n .instanceType(\"t2.micro\")\n .instancePlatform(\"Linux/UNIX\")\n .availabilityZone(\"eu-west-1a\")\n .instanceCount(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:CapacityReservation\n properties:\n instanceType: t2.micro\n instancePlatform: Linux/UNIX\n availabilityZone: eu-west-1a\n instanceCount: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Capacity Reservations using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/capacityReservation:CapacityReservation web cr-0123456789abcdef0\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Capacity Reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n" }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n" }, "instancePlatform": { "type": "string", "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n" }, "instanceType": { "type": "string", "description": "The instance type for which to reserve capacity.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Capacity Reservation.\n" }, "placementGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n" } }, "required": [ "arn", "availabilityZone", "instanceCount", "instancePlatform", "instanceType", "ownerId", "tagsAll" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n", "willReplaceOnChanges": true }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n", "willReplaceOnChanges": true }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n", "willReplaceOnChanges": true }, "instancePlatform": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstancePlatform:InstancePlatform" } ], "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstanceType:InstanceType" } ], "description": "The instance type for which to reserve capacity.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.\n" }, "placementGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tenancy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/Tenancy:Tenancy" } ], "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "availabilityZone", "instanceCount", "instancePlatform", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering CapacityReservation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Capacity Reservation.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create the Capacity Reservation.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances.\n", "willReplaceOnChanges": true }, "endDate": { "type": "string", "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "endDateType": { "type": "string", "description": "Indicates the way in which the Capacity Reservation ends. Specify either `unlimited` or `limited`.\n" }, "ephemeralStorage": { "type": "boolean", "description": "Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.\n", "willReplaceOnChanges": true }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceMatchCriteria": { "type": "string", "description": "Indicates the type of instance launches that the Capacity Reservation accepts. Specify either `open` or `targeted`.\n", "willReplaceOnChanges": true }, "instancePlatform": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstancePlatform:InstancePlatform" } ], "description": "The type of operating system for which to reserve capacity. Valid options are `Linux/UNIX`, `Red Hat Enterprise Linux`, `SUSE Linux`, `Windows`, `Windows with SQL Server`, `Windows with SQL Server Enterprise`, `Windows with SQL Server Standard` or `Windows with SQL Server Web`.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstanceType:InstanceType" } ], "description": "The instance type for which to reserve capacity.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Capacity Reservation.\n" }, "placementGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/Tenancy:Tenancy" } ], "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/carrierGateway:CarrierGateway": { "description": "Manages an EC2 Carrier Gateway. See the AWS [documentation](https://docs.aws.amazon.com/vpc/latest/userguide/Carrier_Gateway.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.CarrierGateway(\"example\", {\n vpcId: exampleAwsVpc.id,\n tags: {\n Name: \"example-carrier-gateway\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.CarrierGateway(\"example\",\n vpc_id=example_aws_vpc[\"id\"],\n tags={\n \"Name\": \"example-carrier-gateway\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.CarrierGateway(\"example\", new()\n {\n VpcId = exampleAwsVpc.Id,\n Tags = \n {\n { \"Name\", \"example-carrier-gateway\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewCarrierGateway(ctx, \"example\", \u0026ec2.CarrierGatewayArgs{\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-carrier-gateway\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.CarrierGateway;\nimport com.pulumi.aws.ec2.CarrierGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CarrierGateway(\"example\", CarrierGatewayArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .tags(Map.of(\"Name\", \"example-carrier-gateway\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:CarrierGateway\n properties:\n vpcId: ${exampleAwsVpc.id}\n tags:\n Name: example-carrier-gateway\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_carrier_gateway` using the carrier gateway's ID. For example:\n\n```sh\n$ pulumi import aws:ec2/carrierGateway:CarrierGateway example cgw-12345\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the carrier gateway.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the carrier gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the carrier gateway.\n" } }, "required": [ "arn", "ownerId", "tagsAll", "vpcId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the carrier gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CarrierGateway resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the carrier gateway.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the carrier gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the carrier gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/customerGateway:CustomerGateway": { "description": "Provides a customer gateway inside a VPC. These objects can be connected to VPN gateways via VPN connections, and allow you to establish tunnels between your network and the VPC.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.CustomerGateway(\"main\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.83.124.10\",\n type: \"ipsec.1\",\n tags: {\n Name: \"main-customer-gateway\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.CustomerGateway(\"main\",\n bgp_asn=\"65000\",\n ip_address=\"172.83.124.10\",\n type=\"ipsec.1\",\n tags={\n \"Name\": \"main-customer-gateway\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.CustomerGateway(\"main\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.83.124.10\",\n Type = \"ipsec.1\",\n Tags = \n {\n { \"Name\", \"main-customer-gateway\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewCustomerGateway(ctx, \"main\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.83.124.10\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main-customer-gateway\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new CustomerGateway(\"main\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.83.124.10\")\n .type(\"ipsec.1\")\n .tags(Map.of(\"Name\", \"main-customer-gateway\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:CustomerGateway\n properties:\n bgpAsn: 65000\n ipAddress: 172.83.124.10\n type: ipsec.1\n tags:\n Name: main-customer-gateway\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Customer Gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/customerGateway:CustomerGateway main cgw-b4dc3961\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the customer gateway.\n" }, "bgpAsn": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `1` to `2147483647`. Conflicts with `bgp_asn_extended`.\n" }, "bgpAsnExtended": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `2147483648` to `4294967295` Conflicts with `bgp_asn`.\n" }, "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the customer gateway certificate.\n" }, "deviceName": { "type": "string", "description": "A name for the customer gateway device.\n" }, "ipAddress": { "type": "string", "description": "The IPv4 address for the customer gateway device's outside interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n" } }, "required": [ "arn", "tagsAll", "type" ], "inputProperties": { "bgpAsn": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `1` to `2147483647`. Conflicts with `bgp_asn_extended`.\n", "willReplaceOnChanges": true }, "bgpAsnExtended": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `2147483648` to `4294967295` Conflicts with `bgp_asn`.\n", "willReplaceOnChanges": true }, "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the customer gateway certificate.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "A name for the customer gateway device.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The IPv4 address for the customer gateway device's outside interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomerGateway resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the customer gateway.\n" }, "bgpAsn": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `1` to `2147483647`. Conflicts with `bgp_asn_extended`.\n", "willReplaceOnChanges": true }, "bgpAsnExtended": { "type": "string", "description": "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN). Valid values are from `2147483648` to `4294967295` Conflicts with `bgp_asn`.\n", "willReplaceOnChanges": true }, "certificateArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the customer gateway certificate.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "A name for the customer gateway device.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The IPv4 address for the customer gateway device's outside interface.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of customer gateway. The only type AWS\nsupports at this time is \"ipsec.1\".\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/dedicatedHost:DedicatedHost": { "description": "Provides an EC2 Host resource. This allows Dedicated Hosts to be allocated, modified, and released.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new host with instance type of c5.18xlarge with Auto Placement\n// and Host Recovery enabled.\nconst test = new aws.ec2.DedicatedHost(\"test\", {\n instanceType: \"c5.18xlarge\",\n availabilityZone: \"us-west-2a\",\n hostRecovery: \"on\",\n autoPlacement: \"on\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new host with instance type of c5.18xlarge with Auto Placement\n# and Host Recovery enabled.\ntest = aws.ec2.DedicatedHost(\"test\",\n instance_type=\"c5.18xlarge\",\n availability_zone=\"us-west-2a\",\n host_recovery=\"on\",\n auto_placement=\"on\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new host with instance type of c5.18xlarge with Auto Placement\n // and Host Recovery enabled.\n var test = new Aws.Ec2.DedicatedHost(\"test\", new()\n {\n InstanceType = \"c5.18xlarge\",\n AvailabilityZone = \"us-west-2a\",\n HostRecovery = \"on\",\n AutoPlacement = \"on\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new host with instance type of c5.18xlarge with Auto Placement\n\t\t// and Host Recovery enabled.\n\t\t_, err := ec2.NewDedicatedHost(ctx, \"test\", \u0026ec2.DedicatedHostArgs{\n\t\t\tInstanceType: pulumi.String(\"c5.18xlarge\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tHostRecovery: pulumi.String(\"on\"),\n\t\t\tAutoPlacement: pulumi.String(\"on\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DedicatedHost;\nimport com.pulumi.aws.ec2.DedicatedHostArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new host with instance type of c5.18xlarge with Auto Placement\n // and Host Recovery enabled.\n var test = new DedicatedHost(\"test\", DedicatedHostArgs.builder()\n .instanceType(\"c5.18xlarge\")\n .availabilityZone(\"us-west-2a\")\n .hostRecovery(\"on\")\n .autoPlacement(\"on\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new host with instance type of c5.18xlarge with Auto Placement\n # and Host Recovery enabled.\n test:\n type: aws:ec2:DedicatedHost\n properties:\n instanceType: c5.18xlarge\n availabilityZone: us-west-2a\n hostRecovery: on\n autoPlacement: on\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import hosts using the host `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/dedicatedHost:DedicatedHost example h-0385a99d0e4b20cbb\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Dedicated Host.\n" }, "assetId": { "type": "string", "description": "The ID of the Outpost hardware asset on which to allocate the Dedicated Hosts. This parameter is supported only if you specify OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this parameter.\n" }, "autoPlacement": { "type": "string", "description": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. Valid values: `on`, `off`. Default: `on`.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to allocate the Dedicated Host.\n" }, "hostRecovery": { "type": "string", "description": "Indicates whether to enable or disable host recovery for the Dedicated Host. Valid values: `on`, `off`. Default: `off`.\n" }, "instanceFamily": { "type": "string", "description": "Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "instanceType": { "type": "string", "description": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Outpost on which to allocate the Dedicated Host.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Dedicated Host.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "assetId", "availabilityZone", "ownerId", "tagsAll" ], "inputProperties": { "assetId": { "type": "string", "description": "The ID of the Outpost hardware asset on which to allocate the Dedicated Hosts. This parameter is supported only if you specify OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this parameter.\n", "willReplaceOnChanges": true }, "autoPlacement": { "type": "string", "description": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. Valid values: `on`, `off`. Default: `on`.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to allocate the Dedicated Host.\n", "willReplaceOnChanges": true }, "hostRecovery": { "type": "string", "description": "Indicates whether to enable or disable host recovery for the Dedicated Host. Valid values: `on`, `off`. Default: `off`.\n" }, "instanceFamily": { "type": "string", "description": "Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "instanceType": { "type": "string", "description": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Outpost on which to allocate the Dedicated Host.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "availabilityZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering DedicatedHost resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Dedicated Host.\n" }, "assetId": { "type": "string", "description": "The ID of the Outpost hardware asset on which to allocate the Dedicated Hosts. This parameter is supported only if you specify OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this parameter.\n", "willReplaceOnChanges": true }, "autoPlacement": { "type": "string", "description": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. Valid values: `on`, `off`. Default: `on`.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to allocate the Dedicated Host.\n", "willReplaceOnChanges": true }, "hostRecovery": { "type": "string", "description": "Indicates whether to enable or disable host recovery for the Dedicated Host. Valid values: `on`, `off`. Default: `off`.\n" }, "instanceFamily": { "type": "string", "description": "Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "instanceType": { "type": "string", "description": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only. Exactly one of `instance_family` or `instance_type` must be specified.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Outpost on which to allocate the Dedicated Host.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the Dedicated Host.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/defaultNetworkAcl:DefaultNetworkAcl": { "description": "Provides a resource to manage a VPC's default network ACL. This resource can manage the default network ACL of the default or a non-default VPC.\n\n\u003e **NOTE:** This is an advanced resource with special caveats. Please read this document in its entirety before using this resource. The `aws.ec2.DefaultNetworkAcl` behaves differently from normal resources. This provider does not _create_ this resource but instead attempts to \"adopt\" it into management.\n\nEvery VPC has a default network ACL that can be managed but not destroyed. When the provider first adopts the Default Network ACL, it **immediately removes all rules in the ACL**. It then proceeds to create any rules specified in the configuration. This step is required so that only the rules specified in the configuration are created.\n\nThis resource treats its inline rules as absolute; only the rules defined inline are created, and any additions/removals external to this resource will result in diffs being shown. For these reasons, this resource is incompatible with the `aws.ec2.NetworkAclRule` resource.\n\nFor more information about Network ACLs, see the AWS Documentation on [Network ACLs][aws-network-acls].\n\n## Example Usage\n\n### Basic Example\n\nThe following config gives the Default Network ACL the same rules that AWS includes but pulls the resource under management by this provider. This means that any ACL rules added or changed will be detected as drift.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {\n defaultNetworkAclId: mainvpc.defaultNetworkAclId,\n ingress: [{\n protocol: \"-1\",\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: \"0.0.0.0/0\",\n fromPort: 0,\n toPort: 0,\n }],\n egress: [{\n protocol: \"-1\",\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: \"0.0.0.0/0\",\n fromPort: 0,\n toPort: 0,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\",\n default_network_acl_id=mainvpc.default_network_acl_id,\n ingress=[{\n \"protocol\": \"-1\",\n \"rule_no\": 100,\n \"action\": \"allow\",\n \"cidr_block\": \"0.0.0.0/0\",\n \"from_port\": 0,\n \"to_port\": 0,\n }],\n egress=[{\n \"protocol\": \"-1\",\n \"rule_no\": 100,\n \"action\": \"allow\",\n \"cidr_block\": \"0.0.0.0/0\",\n \"from_port\": 0,\n \"to_port\": 0,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new()\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.DefaultNetworkAclIngressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = \"0.0.0.0/0\",\n FromPort = 0,\n ToPort = 0,\n },\n },\n Egress = new[]\n {\n new Aws.Ec2.Inputs.DefaultNetworkAclEgressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = \"0.0.0.0/0\",\n FromPort = 0,\n ToPort = 0,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t\tIngress: ec2.DefaultNetworkAclIngressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEgress: ec2.DefaultNetworkAclEgressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclEgressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n mainvpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n default:\n type: aws:ec2:DefaultNetworkAcl\n properties:\n defaultNetworkAclId: ${mainvpc.defaultNetworkAclId}\n ingress:\n - protocol: -1\n ruleNo: 100\n action: allow\n cidrBlock: 0.0.0.0/0\n fromPort: 0\n toPort: 0\n egress:\n - protocol: -1\n ruleNo: 100\n action: allow\n cidrBlock: 0.0.0.0/0\n fromPort: 0\n toPort: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example: Deny All Egress Traffic, Allow Ingress\n\nThe following denies all Egress traffic by omitting any `egress` rules, while including the default `ingress` rule to allow all traffic.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {\n defaultNetworkAclId: mainvpc.defaultNetworkAclId,\n ingress: [{\n protocol: \"-1\",\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: mainvpcAwsDefaultVpc.cidrBlock,\n fromPort: 0,\n toPort: 0,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\",\n default_network_acl_id=mainvpc.default_network_acl_id,\n ingress=[{\n \"protocol\": \"-1\",\n \"rule_no\": 100,\n \"action\": \"allow\",\n \"cidr_block\": mainvpc_aws_default_vpc[\"cidrBlock\"],\n \"from_port\": 0,\n \"to_port\": 0,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new()\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.DefaultNetworkAclIngressArgs\n {\n Protocol = \"-1\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = mainvpcAwsDefaultVpc.CidrBlock,\n FromPort = 0,\n ToPort = 0,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t\tIngress: ec2.DefaultNetworkAclIngressArray{\n\t\t\t\t\u0026ec2.DefaultNetworkAclIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.Any(mainvpcAwsDefaultVpc.CidrBlock),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n mainvpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n default:\n type: aws:ec2:DefaultNetworkAcl\n properties:\n defaultNetworkAclId: ${mainvpc.defaultNetworkAclId}\n ingress:\n - protocol: -1\n ruleNo: 100\n action: allow\n cidrBlock: ${mainvpcAwsDefaultVpc.cidrBlock}\n fromPort: 0\n toPort: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example: Deny All Traffic To Any Subnet In The Default Network ACL\n\nThis config denies all traffic in the Default ACL. This can be useful if you want to lock down the VPC to force all resources to assign a non-default ACL.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {defaultNetworkAclId: mainvpc.defaultNetworkAclId});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultNetworkAcl(\"default\", default_network_acl_id=mainvpc.default_network_acl_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\", new()\n {\n DefaultNetworkAclId = mainvpc.DefaultNetworkAclId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultNetworkAcl(ctx, \"default\", \u0026ec2.DefaultNetworkAclArgs{\n\t\t\tDefaultNetworkAclId: mainvpc.DefaultNetworkAclId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.DefaultNetworkAcl;\nimport com.pulumi.aws.ec2.DefaultNetworkAclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mainvpc = new Vpc(\"mainvpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var default_ = new DefaultNetworkAcl(\"default\", DefaultNetworkAclArgs.builder()\n .defaultNetworkAclId(mainvpc.defaultNetworkAclId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mainvpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n default:\n type: aws:ec2:DefaultNetworkAcl\n properties:\n defaultNetworkAclId: ${mainvpc.defaultNetworkAclId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managing Subnets In A Default Network ACL\n\nWithin a VPC, all Subnets must be associated with a Network ACL. In order to \"delete\" the association between a Subnet and a non-default Network ACL, the association is destroyed by replacing it with an association between the Subnet and the Default ACL instead.\n\nWhen managing the Default Network ACL, you cannot \"remove\" Subnets. Instead, they must be reassigned to another Network ACL, or the Subnet itself must be destroyed. Because of these requirements, removing the `subnet_ids` attribute from the configuration of a `aws.ec2.DefaultNetworkAcl` resource may result in a reoccurring plan, until the Subnets are reassigned to another Network ACL or are destroyed.\n\nBecause Subnets are by default associated with the Default Network ACL, any non-explicit association will show up as a plan to remove the Subnet. For example: if you have a custom `aws.ec2.NetworkAcl` with two subnets attached, and you remove the `aws.ec2.NetworkAcl` resource, after successfully destroying this resource future plans will show a diff on the managed `aws.ec2.DefaultNetworkAcl`, as those two Subnets have been orphaned by the now destroyed network acl and thus adopted by the Default Network ACL. In order to avoid a reoccurring plan, they will need to be reassigned, destroyed, or added to the `subnet_ids` attribute of the `aws.ec2.DefaultNetworkAcl` entry.\n\nAs an alternative to the above, you can also specify the following lifecycle configuration in your `aws.ec2.DefaultNetworkAcl` resource:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.DefaultNetworkAcl(\"default\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.DefaultNetworkAcl(\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.DefaultNetworkAcl(\"default\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultNetworkAcl(ctx, \"default\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultNetworkAcl;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new DefaultNetworkAcl(\"default\");\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:DefaultNetworkAcl\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Removing `aws.ec2.DefaultNetworkAcl` From Your Configuration\n\nEach AWS VPC comes with a Default Network ACL that cannot be deleted. The `aws.ec2.DefaultNetworkAcl` allows you to manage this Network ACL, but the provider cannot destroy it. Removing this resource from your configuration will remove it from your statefile and management, **but will not destroy the Network ACL.** All Subnets associations and ingress or egress rules will be left as they are at the time of removal. You can resume managing them via the AWS Console.\n\n## Import\n\nUsing `pulumi import`, import Default Network ACLs using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultNetworkAcl:DefaultNetworkAcl sample acl-7aaabd18\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Default Network ACL\n" }, "defaultNetworkAclId": { "type": "string", "description": "Network ACL ID to manage. This attribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n\nThe following arguments are optional:\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Configuration block for an egress rule. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Configuration block for an ingress rule. Detailed below.\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns the Default Network ACL\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of Subnet IDs to apply the ACL to. See the notes above on Managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "ID of the associated VPC\n" } }, "required": [ "arn", "defaultNetworkAclId", "ownerId", "tagsAll", "vpcId" ], "inputProperties": { "defaultNetworkAclId": { "type": "string", "description": "Network ACL ID to manage. This attribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Configuration block for an egress rule. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Configuration block for an ingress rule. Detailed below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of Subnet IDs to apply the ACL to. See the notes above on Managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultNetworkAclId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultNetworkAcl resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Default Network ACL\n" }, "defaultNetworkAclId": { "type": "string", "description": "Network ACL ID to manage. This attribute is exported from `aws.ec2.Vpc`, or manually found via the AWS Console.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclEgress:DefaultNetworkAclEgress" }, "description": "Configuration block for an egress rule. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultNetworkAclIngress:DefaultNetworkAclIngress" }, "description": "Configuration block for an ingress rule. Detailed below.\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns the Default Network ACL\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of Subnet IDs to apply the ACL to. See the notes above on Managing Subnets in the Default Network ACL\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "ID of the associated VPC\n" } }, "type": "object" } }, "aws:ec2/defaultRouteTable:DefaultRouteTable": { "description": "Provides a resource to manage a default route table of a VPC. This resource can manage the default route table of the default or a non-default VPC.\n\n\u003e **NOTE:** This is an advanced resource with special caveats. Please read this document in its entirety before using this resource. The `aws.ec2.DefaultRouteTable` resource behaves differently from normal resources. This provider does not _create_ this resource but instead attempts to \"adopt\" it into management. **Do not** use both `aws.ec2.DefaultRouteTable` to manage a default route table **and** `aws.ec2.MainRouteTableAssociation` with the same VPC due to possible route conflicts. See aws.ec2.MainRouteTableAssociation documentation for more details.\n\nEvery VPC has a default route table that can be managed but not destroyed. When the provider first adopts a default route table, it **immediately removes all defined routes**. It then proceeds to create any routes specified in the configuration. This step is required so that only the routes specified in the configuration exist in the default route table.\n\nFor more information, see the Amazon VPC User Guide on [Route Tables](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html). For information about managing normal route tables in this provider, see `aws.ec2.RouteTable`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.DefaultRouteTable(\"example\", {\n defaultRouteTableId: exampleAwsVpc.defaultRouteTableId,\n routes: [\n {\n cidrBlock: \"10.0.1.0/24\",\n gatewayId: exampleAwsInternetGateway.id,\n },\n {\n ipv6CidrBlock: \"::/0\",\n egressOnlyGatewayId: exampleAwsEgressOnlyInternetGateway.id,\n },\n ],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.DefaultRouteTable(\"example\",\n default_route_table_id=example_aws_vpc[\"defaultRouteTableId\"],\n routes=[\n {\n \"cidr_block\": \"10.0.1.0/24\",\n \"gateway_id\": example_aws_internet_gateway[\"id\"],\n },\n {\n \"ipv6_cidr_block\": \"::/0\",\n \"egress_only_gateway_id\": example_aws_egress_only_internet_gateway[\"id\"],\n },\n ],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.DefaultRouteTable(\"example\", new()\n {\n DefaultRouteTableId = exampleAwsVpc.DefaultRouteTableId,\n Routes = new[]\n {\n new Aws.Ec2.Inputs.DefaultRouteTableRouteArgs\n {\n CidrBlock = \"10.0.1.0/24\",\n GatewayId = exampleAwsInternetGateway.Id,\n },\n new Aws.Ec2.Inputs.DefaultRouteTableRouteArgs\n {\n Ipv6CidrBlock = \"::/0\",\n EgressOnlyGatewayId = exampleAwsEgressOnlyInternetGateway.Id,\n },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultRouteTable(ctx, \"example\", \u0026ec2.DefaultRouteTableArgs{\n\t\t\tDefaultRouteTableId: pulumi.Any(exampleAwsVpc.DefaultRouteTableId),\n\t\t\tRoutes: ec2.DefaultRouteTableRouteArray{\n\t\t\t\t\u0026ec2.DefaultRouteTableRouteArgs{\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\t\t\tGatewayId: pulumi.Any(exampleAwsInternetGateway.Id),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.DefaultRouteTableRouteArgs{\n\t\t\t\t\tIpv6CidrBlock: pulumi.String(\"::/0\"),\n\t\t\t\t\tEgressOnlyGatewayId: pulumi.Any(exampleAwsEgressOnlyInternetGateway.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultRouteTable;\nimport com.pulumi.aws.ec2.DefaultRouteTableArgs;\nimport com.pulumi.aws.ec2.inputs.DefaultRouteTableRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DefaultRouteTable(\"example\", DefaultRouteTableArgs.builder()\n .defaultRouteTableId(exampleAwsVpc.defaultRouteTableId())\n .routes( \n DefaultRouteTableRouteArgs.builder()\n .cidrBlock(\"10.0.1.0/24\")\n .gatewayId(exampleAwsInternetGateway.id())\n .build(),\n DefaultRouteTableRouteArgs.builder()\n .ipv6CidrBlock(\"::/0\")\n .egressOnlyGatewayId(exampleAwsEgressOnlyInternetGateway.id())\n .build())\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:DefaultRouteTable\n properties:\n defaultRouteTableId: ${exampleAwsVpc.defaultRouteTableId}\n routes:\n - cidrBlock: 10.0.1.0/24\n gatewayId: ${exampleAwsInternetGateway.id}\n - ipv6CidrBlock: ::/0\n egressOnlyGatewayId: ${exampleAwsEgressOnlyInternetGateway.id}\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo subsequently remove all managed routes:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.DefaultRouteTable(\"example\", {\n defaultRouteTableId: exampleAwsVpc.defaultRouteTableId,\n routes: [],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.DefaultRouteTable(\"example\",\n default_route_table_id=example_aws_vpc[\"defaultRouteTableId\"],\n routes=[],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.DefaultRouteTable(\"example\", new()\n {\n DefaultRouteTableId = exampleAwsVpc.DefaultRouteTableId,\n Routes = new[] {},\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultRouteTable(ctx, \"example\", \u0026ec2.DefaultRouteTableArgs{\n\t\t\tDefaultRouteTableId: pulumi.Any(exampleAwsVpc.DefaultRouteTableId),\n\t\t\tRoutes: ec2.DefaultRouteTableRouteArray{},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultRouteTable;\nimport com.pulumi.aws.ec2.DefaultRouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DefaultRouteTable(\"example\", DefaultRouteTableArgs.builder()\n .defaultRouteTableId(exampleAwsVpc.defaultRouteTableId())\n .routes()\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:DefaultRouteTable\n properties:\n defaultRouteTableId: ${exampleAwsVpc.defaultRouteTableId}\n routes: []\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Default VPC route tables using the `vpc_id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultRouteTable:DefaultRouteTable example vpc-33cc44dd\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the route table.\n" }, "defaultRouteTableId": { "type": "string", "description": "ID of the default route table.\n\nThe following arguments are optional:\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "List of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "Set of objects. Detailed below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "ID of the VPC.\n" } }, "required": [ "arn", "defaultRouteTableId", "ownerId", "routes", "tagsAll", "vpcId" ], "inputProperties": { "defaultRouteTableId": { "type": "string", "description": "ID of the default route table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "List of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "Set of objects. Detailed below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultRouteTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the route table.\n" }, "defaultRouteTableId": { "type": "string", "description": "ID of the default route table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "List of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultRouteTableRoute:DefaultRouteTableRoute" }, "description": "Set of objects. Detailed below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "ID of the VPC.\n" } }, "type": "object" } }, "aws:ec2/defaultSecurityGroup:DefaultSecurityGroup": { "description": "Provides a resource to manage a default security group. This resource can manage the default security group of the default or a non-default VPC.\n\n\u003e **NOTE:** This is an advanced resource with special caveats. Please read this document in its entirety before using this resource. The `aws.ec2.DefaultSecurityGroup` resource behaves differently from normal resources. This provider does not _create_ this resource but instead attempts to \"adopt\" it into management.\n\nWhen the provider first begins managing the default security group, it **immediately removes all ingress and egress rules in the Security Group**. It then creates any rules specified in the configuration. This way only the rules specified in the configuration are created.\n\nThis resource treats its inline rules as absolute; only the rules defined inline are created, and any additions/removals external to this resource will result in diff shown. For these reasons, this resource is incompatible with the `aws.ec2.SecurityGroupRule` resource.\n\nFor more information about default security groups, see the AWS documentation on [Default Security Groups][aws-default-security-groups]. To manage normal security groups, see the `aws.ec2.SecurityGroup` resource.\n\n## Example Usage\n\nThe following config gives the default security group the same rules that AWS provides by default but under management by this provider. This means that any ingress or egress rules added or changed will be detected as drift.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultSecurityGroup(\"default\", {\n vpcId: mainvpc.id,\n ingress: [{\n protocol: \"-1\",\n self: true,\n fromPort: 0,\n toPort: 0,\n }],\n egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultSecurityGroup(\"default\",\n vpc_id=mainvpc.id,\n ingress=[{\n \"protocol\": \"-1\",\n \"self\": True,\n \"from_port\": 0,\n \"to_port\": 0,\n }],\n egress=[{\n \"from_port\": 0,\n \"to_port\": 0,\n \"protocol\": \"-1\",\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var @default = new Aws.Ec2.DefaultSecurityGroup(\"default\", new()\n {\n VpcId = mainvpc.Id,\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupIngressArgs\n {\n Protocol = \"-1\",\n Self = true,\n FromPort = 0,\n ToPort = 0,\n },\n },\n Egress = new[]\n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultSecurityGroup(ctx, \"default\", \u0026ec2.DefaultSecurityGroupArgs{\n\t\t\tVpcId: mainvpc.ID(),\n\t\t\tIngress: ec2.DefaultSecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tSelf: pulumi.Bool(true),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEgress: ec2.DefaultSecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n mainvpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n default:\n type: aws:ec2:DefaultSecurityGroup\n properties:\n vpcId: ${mainvpc.id}\n ingress:\n - protocol: -1\n self: true\n fromPort: 0\n toPort: 0\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n cidrBlocks:\n - 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Config To Deny All Egress Traffic, Allowing Ingress\n\nThe following denies all Egress traffic by omitting any `egress` rules, while including the default `ingress` rule to allow all traffic.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mainvpc = new aws.ec2.Vpc(\"mainvpc\", {cidrBlock: \"10.1.0.0/16\"});\nconst _default = new aws.ec2.DefaultSecurityGroup(\"default\", {\n vpcId: mainvpc.id,\n ingress: [{\n protocol: \"-1\",\n self: true,\n fromPort: 0,\n toPort: 0,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmainvpc = aws.ec2.Vpc(\"mainvpc\", cidr_block=\"10.1.0.0/16\")\ndefault = aws.ec2.DefaultSecurityGroup(\"default\",\n vpc_id=mainvpc.id,\n ingress=[{\n \"protocol\": \"-1\",\n \"self\": True,\n \"from_port\": 0,\n \"to_port\": 0,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mainvpc = new Aws.Ec2.Vpc(\"mainvpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var @default = new Aws.Ec2.DefaultSecurityGroup(\"default\", new()\n {\n VpcId = mainvpc.Id,\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.DefaultSecurityGroupIngressArgs\n {\n Protocol = \"-1\",\n Self = true,\n FromPort = 0,\n ToPort = 0,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmainvpc, err := ec2.NewVpc(ctx, \"mainvpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewDefaultSecurityGroup(ctx, \"default\", \u0026ec2.DefaultSecurityGroupArgs{\n\t\t\tVpcId: mainvpc.ID(),\n\t\t\tIngress: ec2.DefaultSecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.DefaultSecurityGroupIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tSelf: pulumi.Bool(true),\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n mainvpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n default:\n type: aws:ec2:DefaultSecurityGroup\n properties:\n vpcId: ${mainvpc.id}\n ingress:\n - protocol: -1\n self: true\n fromPort: 0\n toPort: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Removing `aws.ec2.DefaultSecurityGroup` From Your Configuration\n\nRemoving this resource from your configuration will remove it from your statefile and management, but will not destroy the Security Group. All ingress or egress rules will be left as they are at the time of removal. You can resume managing them via the AWS Console.\n\n## Import\n\nUsing `pulumi import`, import Security Groups using the security group `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultSecurityGroup:DefaultSecurityGroup default_sg sg-903004f8\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the security group.\n" }, "description": { "type": "string", "description": "Description of the security group.\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Configuration block. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security group.\n" }, "namePrefix": { "type": "string" }, "ownerId": { "type": "string", "description": "Owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "VPC ID. **Note that changing the `vpc_id` will _not_ restore any default security group rules that were modified, added, or removed.** It will be left in its current state.\n" } }, "required": [ "arn", "description", "egress", "ingress", "name", "namePrefix", "ownerId", "tagsAll", "vpcId" ], "inputProperties": { "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Configuration block. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Configuration block. Detailed below.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "VPC ID. **Note that changing the `vpc_id` will _not_ restore any default security group rules that were modified, added, or removed.** It will be left in its current state.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultSecurityGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the security group.\n" }, "description": { "type": "string", "description": "Description of the security group.\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupEgress:DefaultSecurityGroupEgress" }, "description": "Configuration block. Detailed below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/DefaultSecurityGroupIngress:DefaultSecurityGroupIngress" }, "description": "Configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security group.\n" }, "namePrefix": { "type": "string" }, "ownerId": { "type": "string", "description": "Owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "VPC ID. **Note that changing the `vpc_id` will _not_ restore any default security group rules that were modified, added, or removed.** It will be left in its current state.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/defaultSubnet:DefaultSubnet": { "description": "Provides a resource to manage a [default subnet](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html#default-vpc-basics) in the current region.\n\n**This is an advanced resource** and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.\n\nThe `aws.ec2.DefaultSubnet` resource behaves differently from normal resources in that if a default subnet exists in the specified Availability Zone, this provider does not _create_ this resource, but instead \"adopts\" it into management.\nIf no default subnet exists, this provider creates a new default subnet.\nBy default, `pulumi destroy` does not delete the default subnet but does remove the resource from the state.\nSet the `force_destroy` argument to `true` to delete the default subnet.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultAz1 = new aws.ec2.DefaultSubnet(\"default_az1\", {\n availabilityZone: \"us-west-2a\",\n tags: {\n Name: \"Default subnet for us-west-2a\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_az1 = aws.ec2.DefaultSubnet(\"default_az1\",\n availability_zone=\"us-west-2a\",\n tags={\n \"Name\": \"Default subnet for us-west-2a\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultAz1 = new Aws.Ec2.DefaultSubnet(\"default_az1\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Tags = \n {\n { \"Name\", \"Default subnet for us-west-2a\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultSubnet(ctx, \"default_az1\", \u0026ec2.DefaultSubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Default subnet for us-west-2a\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultSubnet;\nimport com.pulumi.aws.ec2.DefaultSubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultAz1 = new DefaultSubnet(\"defaultAz1\", DefaultSubnetArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .tags(Map.of(\"Name\", \"Default subnet for us-west-2a\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n defaultAz1:\n type: aws:ec2:DefaultSubnet\n name: default_az1\n properties:\n availabilityZone: us-west-2a\n tags:\n Name: Default subnet for us-west-2a\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import subnets using the subnet `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultSubnet:DefaultSubnet public_subnet subnet-9d4a7b6c\n```\n", "properties": { "arn": { "type": "string" }, "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string", "description": "is required\n* The `availability_zone_id`, `cidr_block` and `vpc_id` arguments become computed attributes\n* The default value for `map_public_ip_on_launch` is `true`\n\nThis resource supports the following additional arguments:\n" }, "availabilityZoneId": { "type": "string", "description": "The AZ ID of the subnet\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block assigned to the subnet\n" }, "customerOwnedIpv4Pool": { "type": "string" }, "enableDns64": { "type": "boolean" }, "enableLniAtDeviceIndex": { "type": "integer" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean" }, "existingDefaultSubnet": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default subnet. Default: `false`\n" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockAssociationId": { "type": "string" }, "ipv6Native": { "type": "boolean" }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean" }, "mapPublicIpOnLaunch": { "type": "boolean" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string" }, "privateDnsHostnameTypeOnLaunch": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet is in\n" } }, "required": [ "arn", "availabilityZone", "availabilityZoneId", "cidrBlock", "enableLniAtDeviceIndex", "existingDefaultSubnet", "ipv6CidrBlock", "ipv6CidrBlockAssociationId", "outpostArn", "ownerId", "privateDnsHostnameTypeOnLaunch", "tagsAll", "vpcId" ], "inputProperties": { "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string", "description": "is required\n* The `availability_zone_id`, `cidr_block` and `vpc_id` arguments become computed attributes\n* The default value for `map_public_ip_on_launch` is `true`\n\nThis resource supports the following additional arguments:\n", "willReplaceOnChanges": true }, "customerOwnedIpv4Pool": { "type": "string" }, "enableDns64": { "type": "boolean" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default subnet. Default: `false`\n" }, "ipv6CidrBlock": { "type": "string" }, "ipv6Native": { "type": "boolean", "willReplaceOnChanges": true }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean" }, "mapPublicIpOnLaunch": { "type": "boolean" }, "privateDnsHostnameTypeOnLaunch": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "availabilityZone" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultSubnet resources.\n", "properties": { "arn": { "type": "string" }, "assignIpv6AddressOnCreation": { "type": "boolean" }, "availabilityZone": { "type": "string", "description": "is required\n* The `availability_zone_id`, `cidr_block` and `vpc_id` arguments become computed attributes\n* The default value for `map_public_ip_on_launch` is `true`\n\nThis resource supports the following additional arguments:\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "The AZ ID of the subnet\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block assigned to the subnet\n" }, "customerOwnedIpv4Pool": { "type": "string" }, "enableDns64": { "type": "boolean" }, "enableLniAtDeviceIndex": { "type": "integer" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean" }, "existingDefaultSubnet": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default subnet. Default: `false`\n" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockAssociationId": { "type": "string" }, "ipv6Native": { "type": "boolean", "willReplaceOnChanges": true }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean" }, "mapPublicIpOnLaunch": { "type": "boolean" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string" }, "privateDnsHostnameTypeOnLaunch": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the VPC the subnet is in\n" } }, "type": "object" } }, "aws:ec2/defaultVpc:DefaultVpc": { "description": "Provides a resource to manage the [default AWS VPC](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html)\nin the current AWS Region.\n\nIf you created your AWS account after 2013-12-04 you have a default VPC in each AWS Region.\n\n**This is an advanced resource** and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.\n\nThe `aws.ec2.DefaultVpc` resource behaves differently from normal resources in that if a default VPC exists, this provider does not _create_ this resource, but instead \"adopts\" it into management.\nIf no default VPC exists, the provider creates a new default VPC, which leads to the implicit creation of [other resources](https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#default-vpc-components).\nBy default, `pulumi destroy` does not delete the default VPC but does remove the resource from the state.\nSet the `force_destroy` argument to `true` to delete the default VPC.\n\n## Example Usage\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.DefaultVpc(\"default\", {tags: {\n Name: \"Default VPC\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.DefaultVpc(\"default\", tags={\n \"Name\": \"Default VPC\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.DefaultVpc(\"default\", new()\n {\n Tags = \n {\n { \"Name\", \"Default VPC\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultVpc(ctx, \"default\", \u0026ec2.DefaultVpcArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Default VPC\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultVpc;\nimport com.pulumi.aws.ec2.DefaultVpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new DefaultVpc(\"default\", DefaultVpcArgs.builder()\n .tags(Map.of(\"Name\", \"Default VPC\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:DefaultVpc\n properties:\n tags:\n Name: Default VPC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Default VPCs using the VPC `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultVpc:DefaultVpc default vpc-a01106c2\n```\n", "properties": { "arn": { "type": "string" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean" }, "cidrBlock": { "type": "string", "description": "The primary IPv4 CIDR block for the VPC\n" }, "defaultNetworkAclId": { "type": "string" }, "defaultRouteTableId": { "type": "string" }, "defaultSecurityGroupId": { "type": "string" }, "dhcpOptionsId": { "type": "string" }, "enableDnsHostnames": { "type": "boolean" }, "enableDnsSupport": { "type": "boolean" }, "enableNetworkAddressUsageMetrics": { "type": "boolean" }, "existingDefaultVpc": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default VPC. Default: `false`\n" }, "instanceTenancy": { "type": "string", "description": "The allowed tenancy of instances launched into the VPC\n" }, "ipv6AssociationId": { "type": "string" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string" }, "ipv6IpamPoolId": { "type": "string" }, "ipv6NetmaskLength": { "type": "integer" }, "mainRouteTableId": { "type": "string" }, "ownerId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "cidrBlock", "defaultNetworkAclId", "defaultRouteTableId", "defaultSecurityGroupId", "dhcpOptionsId", "enableNetworkAddressUsageMetrics", "existingDefaultVpc", "instanceTenancy", "ipv6AssociationId", "ipv6CidrBlock", "ipv6CidrBlockNetworkBorderGroup", "mainRouteTableId", "ownerId", "tagsAll" ], "inputProperties": { "assignGeneratedIpv6CidrBlock": { "type": "boolean" }, "enableDnsHostnames": { "type": "boolean" }, "enableDnsSupport": { "type": "boolean" }, "enableNetworkAddressUsageMetrics": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default VPC. Default: `false`\n" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string" }, "ipv6IpamPoolId": { "type": "string" }, "ipv6NetmaskLength": { "type": "integer" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultVpc resources.\n", "properties": { "arn": { "type": "string" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean" }, "cidrBlock": { "type": "string", "description": "The primary IPv4 CIDR block for the VPC\n" }, "defaultNetworkAclId": { "type": "string" }, "defaultRouteTableId": { "type": "string" }, "defaultSecurityGroupId": { "type": "string" }, "dhcpOptionsId": { "type": "string" }, "enableDnsHostnames": { "type": "boolean" }, "enableDnsSupport": { "type": "boolean" }, "enableNetworkAddressUsageMetrics": { "type": "boolean" }, "existingDefaultVpc": { "type": "boolean" }, "forceDestroy": { "type": "boolean", "description": "Whether destroying the resource deletes the default VPC. Default: `false`\n" }, "instanceTenancy": { "type": "string", "description": "The allowed tenancy of instances launched into the VPC\n" }, "ipv6AssociationId": { "type": "string" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string" }, "ipv6IpamPoolId": { "type": "string" }, "ipv6NetmaskLength": { "type": "integer" }, "mainRouteTableId": { "type": "string" }, "ownerId": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/defaultVpcDhcpOptions:DefaultVpcDhcpOptions": { "description": "Provides a resource to manage the [default AWS DHCP Options Set](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html#AmazonDNS)\nin the current region.\n\nEach AWS region comes with a default set of DHCP options.\n**This is an advanced resource**, and has special caveats to be aware of when\nusing it. Please read this document in its entirety before using this resource.\n\nThe `aws.ec2.DefaultVpcDhcpOptions` behaves differently from normal resources, in that\nthis provider does not _create_ this resource, but instead \"adopts\" it\ninto management.\n\n## Example Usage\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.DefaultVpcDhcpOptions(\"default\", {tags: {\n Name: \"Default DHCP Option Set\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.DefaultVpcDhcpOptions(\"default\", tags={\n \"Name\": \"Default DHCP Option Set\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.DefaultVpcDhcpOptions(\"default\", new()\n {\n Tags = \n {\n { \"Name\", \"Default DHCP Option Set\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewDefaultVpcDhcpOptions(ctx, \"default\", \u0026ec2.DefaultVpcDhcpOptionsArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Default DHCP Option Set\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DefaultVpcDhcpOptions;\nimport com.pulumi.aws.ec2.DefaultVpcDhcpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new DefaultVpcDhcpOptions(\"default\", DefaultVpcDhcpOptionsArgs.builder()\n .tags(Map.of(\"Name\", \"Default DHCP Option Set\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:DefaultVpcDhcpOptions\n properties:\n tags:\n Name: Default DHCP Option Set\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC DHCP Options using the DHCP Options `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/defaultVpcDhcpOptions:DefaultVpcDhcpOptions default_options dopt-d9070ebb\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string" }, "domainNameServers": { "type": "string" }, "ipv6AddressPreferredLeaseTime": { "type": "string" }, "netbiosNameServers": { "type": "string", "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "domainName", "domainNameServers", "ipv6AddressPreferredLeaseTime", "netbiosNameServers", "netbiosNodeType", "ntpServers", "ownerId", "tagsAll" ], "inputProperties": { "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DefaultVpcDhcpOptions resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string" }, "domainNameServers": { "type": "string" }, "ipv6AddressPreferredLeaseTime": { "type": "string" }, "netbiosNameServers": { "type": "string", "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "string" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway": { "description": "[IPv6 only] Creates an egress-only Internet gateway for your VPC.\nAn egress-only Internet gateway is used to enable outbound communication\nover IPv6 from instances in your VPC to the Internet, and prevents hosts\noutside of your VPC from initiating an IPv6 connection with your instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.1.0.0/16\",\n assignGeneratedIpv6CidrBlock: true,\n});\nconst exampleEgressOnlyInternetGateway = new aws.ec2.EgressOnlyInternetGateway(\"example\", {\n vpcId: example.id,\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.1.0.0/16\",\n assign_generated_ipv6_cidr_block=True)\nexample_egress_only_internet_gateway = aws.ec2.EgressOnlyInternetGateway(\"example\",\n vpc_id=example.id,\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n AssignGeneratedIpv6CidrBlock = true,\n });\n\n var exampleEgressOnlyInternetGateway = new Aws.Ec2.EgressOnlyInternetGateway(\"example\", new()\n {\n VpcId = example.Id,\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t\tAssignGeneratedIpv6CidrBlock: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEgressOnlyInternetGateway(ctx, \"example\", \u0026ec2.EgressOnlyInternetGatewayArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.EgressOnlyInternetGateway;\nimport com.pulumi.aws.ec2.EgressOnlyInternetGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .assignGeneratedIpv6CidrBlock(true)\n .build());\n\n var exampleEgressOnlyInternetGateway = new EgressOnlyInternetGateway(\"exampleEgressOnlyInternetGateway\", EgressOnlyInternetGatewayArgs.builder()\n .vpcId(example.id())\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n assignGeneratedIpv6CidrBlock: true\n exampleEgressOnlyInternetGateway:\n type: aws:ec2:EgressOnlyInternetGateway\n name: example\n properties:\n vpcId: ${example.id}\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Egress-only Internet gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway example eigw-015e0e244e24dfe8a\n```\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "required": [ "tagsAll", "vpcId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EgressOnlyInternetGateway resources.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/eip:Eip": { "description": "Provides an Elastic IP resource.\n\n\u003e **Note:** EIP may require IGW to exist prior to association. Use `depends_on` to set an explicit dependency on the IGW.\n\n\u003e **Note:** Do not use `network_interface` to associate the EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n## Example Usage\n\n### Single EIP associated with an instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.ec2.Eip(\"lb\", {\n instance: web.id,\n domain: \"vpc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.ec2.Eip(\"lb\",\n instance=web[\"id\"],\n domain=\"vpc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Ec2.Eip(\"lb\", new()\n {\n Instance = web.Id,\n Domain = \"vpc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"lb\", \u0026ec2.EipArgs{\n\t\t\tInstance: pulumi.Any(web.Id),\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new Eip(\"lb\", EipArgs.builder()\n .instance(web.id())\n .domain(\"vpc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:ec2:Eip\n properties:\n instance: ${web.id}\n domain: vpc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple EIPs associated with a single network interface\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multi_ip = new aws.ec2.NetworkInterface(\"multi-ip\", {\n subnetId: main.id,\n privateIps: [\n \"10.0.0.10\",\n \"10.0.0.11\",\n ],\n});\nconst one = new aws.ec2.Eip(\"one\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.10\",\n});\nconst two = new aws.ec2.Eip(\"two\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.11\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_ip = aws.ec2.NetworkInterface(\"multi-ip\",\n subnet_id=main[\"id\"],\n private_ips=[\n \"10.0.0.10\",\n \"10.0.0.11\",\n ])\none = aws.ec2.Eip(\"one\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.10\")\ntwo = aws.ec2.Eip(\"two\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.11\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var multi_ip = new Aws.Ec2.NetworkInterface(\"multi-ip\", new()\n {\n SubnetId = main.Id,\n PrivateIps = new[]\n {\n \"10.0.0.10\",\n \"10.0.0.11\",\n },\n });\n\n var one = new Aws.Ec2.Eip(\"one\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.10\",\n });\n\n var two = new Aws.Ec2.Eip(\"two\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.11\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInterface(ctx, \"multi-ip\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: pulumi.Any(main.Id),\n\t\t\tPrivateIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.10\"),\n\t\t\t\tpulumi.String(\"10.0.0.11\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"one\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.10\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"two\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.11\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var multi_ip = new NetworkInterface(\"multi-ip\", NetworkInterfaceArgs.builder()\n .subnetId(main.id())\n .privateIps( \n \"10.0.0.10\",\n \"10.0.0.11\")\n .build());\n\n var one = new Eip(\"one\", EipArgs.builder()\n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.10\")\n .build());\n\n var two = new Eip(\"two\", EipArgs.builder()\n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.11\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n multi-ip:\n type: aws:ec2:NetworkInterface\n properties:\n subnetId: ${main.id}\n privateIps:\n - 10.0.0.10\n - 10.0.0.11\n one:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.10\n two:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.11\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Attaching an EIP to an Instance with a pre-assigned private ip (VPC Only)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.Vpc(\"default\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n});\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: _default.id});\nconst myTestSubnet = new aws.ec2.Subnet(\"my_test_subnet\", {\n vpcId: _default.id,\n cidrBlock: \"10.0.0.0/24\",\n mapPublicIpOnLaunch: true,\n}, {\n dependsOn: [gw],\n});\nconst foo = new aws.ec2.Instance(\"foo\", {\n ami: \"ami-5189a661\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n privateIp: \"10.0.0.12\",\n subnetId: myTestSubnet.id,\n});\nconst bar = new aws.ec2.Eip(\"bar\", {\n domain: \"vpc\",\n instance: foo.id,\n associateWithPrivateIp: \"10.0.0.12\",\n}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.Vpc(\"default\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True)\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=default.id)\nmy_test_subnet = aws.ec2.Subnet(\"my_test_subnet\",\n vpc_id=default.id,\n cidr_block=\"10.0.0.0/24\",\n map_public_ip_on_launch=True,\n opts = pulumi.ResourceOptions(depends_on=[gw]))\nfoo = aws.ec2.Instance(\"foo\",\n ami=\"ami-5189a661\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n private_ip=\"10.0.0.12\",\n subnet_id=my_test_subnet.id)\nbar = aws.ec2.Eip(\"bar\",\n domain=\"vpc\",\n instance=foo.id,\n associate_with_private_ip=\"10.0.0.12\",\n opts = pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.Vpc(\"default\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n });\n\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = @default.Id,\n });\n\n var myTestSubnet = new Aws.Ec2.Subnet(\"my_test_subnet\", new()\n {\n VpcId = @default.Id,\n CidrBlock = \"10.0.0.0/24\",\n MapPublicIpOnLaunch = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw,\n },\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n Ami = \"ami-5189a661\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n PrivateIp = \"10.0.0.12\",\n SubnetId = myTestSubnet.Id,\n });\n\n var bar = new Aws.Ec2.Eip(\"bar\", new()\n {\n Domain = \"vpc\",\n Instance = foo.Id,\n AssociateWithPrivateIp = \"10.0.0.12\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"default\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyTestSubnet, err := ec2.NewSubnet(ctx, \"my_test_subnet\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tMapPublicIpOnLaunch: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewInstance(ctx, \"foo\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-5189a661\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t\tSubnetId: myTestSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"bar\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tInstance: foo.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Vpc(\"default\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsHostnames(true)\n .build());\n\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder()\n .vpcId(default_.id())\n .build());\n\n var myTestSubnet = new Subnet(\"myTestSubnet\", SubnetArgs.builder()\n .vpcId(default_.id())\n .cidrBlock(\"10.0.0.0/24\")\n .mapPublicIpOnLaunch(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.builder()\n .ami(\"ami-5189a661\")\n .instanceType(\"t2.micro\")\n .privateIp(\"10.0.0.12\")\n .subnetId(myTestSubnet.id())\n .build());\n\n var bar = new Eip(\"bar\", EipArgs.builder()\n .domain(\"vpc\")\n .instance(foo.id())\n .associateWithPrivateIp(\"10.0.0.12\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsHostnames: true\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${default.id}\n myTestSubnet:\n type: aws:ec2:Subnet\n name: my_test_subnet\n properties:\n vpcId: ${default.id}\n cidrBlock: 10.0.0.0/24\n mapPublicIpOnLaunch: true\n options:\n dependson:\n - ${gw}\n foo:\n type: aws:ec2:Instance\n properties:\n ami: ami-5189a661\n instanceType: t2.micro\n privateIp: 10.0.0.12\n subnetId: ${myTestSubnet.id}\n bar:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n instance: ${foo.id}\n associateWithPrivateIp: 10.0.0.12\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allocating EIP from the BYOIP pool\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byoip_ip = new aws.ec2.Eip(\"byoip-ip\", {\n domain: \"vpc\",\n publicIpv4Pool: \"ipv4pool-ec2-012345\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyoip_ip = aws.ec2.Eip(\"byoip-ip\",\n domain=\"vpc\",\n public_ipv4_pool=\"ipv4pool-ec2-012345\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byoip_ip = new Aws.Ec2.Eip(\"byoip-ip\", new()\n {\n Domain = \"vpc\",\n PublicIpv4Pool = \"ipv4pool-ec2-012345\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"byoip-ip\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tPublicIpv4Pool: pulumi.String(\"ipv4pool-ec2-012345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var byoip_ip = new Eip(\"byoip-ip\", EipArgs.builder()\n .domain(\"vpc\")\n .publicIpv4Pool(\"ipv4pool-ec2-012345\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n byoip-ip:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n publicIpv4Pool: ipv4pool-ec2-012345\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EIPs in a VPC using their Allocation ID. For example:\n\n```sh\n$ pulumi import aws:ec2/eip:Eip bar eipalloc-00a10e96\n```\n", "properties": { "address": { "type": "string", "description": "IP address from an EC2 BYOIP pool. This option is only available for VPC EIPs.\n" }, "allocationId": { "type": "string", "description": "ID that AWS assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.\n" }, "arn": { "type": "string" }, "associateWithPrivateIp": { "type": "string", "description": "User-specified primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.\n" }, "associationId": { "type": "string", "description": "ID representing the association of the address with an instance in a VPC.\n" }, "carrierIp": { "type": "string", "description": "Carrier IP address.\n" }, "customerOwnedIp": { "type": "string", "description": "Customer owned IP.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing).\n" }, "domain": { "type": "string", "description": "Indicates if this EIP is for use in VPC (`vpc`).\n" }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkBorderGroup": { "type": "string", "description": "Location from which the IP address is advertised. Use this parameter to limit the address to this location.\n" }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "privateDns": { "type": "string", "description": "The Private DNS associated with the Elastic IP address (if in VPC).\n" }, "privateIp": { "type": "string", "description": "Contains the private IP address (if in VPC).\n" }, "ptrRecord": { "type": "string", "description": "The DNS pointer (PTR) record for the IP address.\n" }, "publicDns": { "type": "string", "description": "Public DNS associated with the Elastic IP address.\n" }, "publicIp": { "type": "string", "description": "Contains the public IP address.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`.\nThis option is only available for VPC EIPs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Tags can only be applied to EIPs in a VPC. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not. Use `domain` instead.\nDefaults to `true` unless the region supports EC2-Classic.\n\n\u003e **NOTE:** You can specify either the `instance` ID or the `network_interface` ID, but not both. Including both will **not** return an error from the AWS API, but will have undefined behavior. See the relevant [AssociateAddress API Call][1] for more information.\n\n\u003e **NOTE:** Specifying both `public_ipv4_pool` and `address` won't cause an error but `address` will be used in the\ncase both options are defined as the api only requires one or the other.\n", "deprecationMessage": "use domain attribute instead" } }, "required": [ "allocationId", "arn", "associationId", "carrierIp", "customerOwnedIp", "domain", "instance", "networkBorderGroup", "networkInterface", "privateDns", "privateIp", "ptrRecord", "publicDns", "publicIp", "publicIpv4Pool", "tagsAll", "vpc" ], "inputProperties": { "address": { "type": "string", "description": "IP address from an EC2 BYOIP pool. This option is only available for VPC EIPs.\n", "willReplaceOnChanges": true }, "associateWithPrivateIp": { "type": "string", "description": "User-specified primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing).\n" }, "domain": { "type": "string", "description": "Indicates if this EIP is for use in VPC (`vpc`).\n", "willReplaceOnChanges": true }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkBorderGroup": { "type": "string", "description": "Location from which the IP address is advertised. Use this parameter to limit the address to this location.\n", "willReplaceOnChanges": true }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`.\nThis option is only available for VPC EIPs.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Tags can only be applied to EIPs in a VPC. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not. Use `domain` instead.\nDefaults to `true` unless the region supports EC2-Classic.\n\n\u003e **NOTE:** You can specify either the `instance` ID or the `network_interface` ID, but not both. Including both will **not** return an error from the AWS API, but will have undefined behavior. See the relevant [AssociateAddress API Call][1] for more information.\n\n\u003e **NOTE:** Specifying both `public_ipv4_pool` and `address` won't cause an error but `address` will be used in the\ncase both options are defined as the api only requires one or the other.\n", "deprecationMessage": "use domain attribute instead", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Eip resources.\n", "properties": { "address": { "type": "string", "description": "IP address from an EC2 BYOIP pool. This option is only available for VPC EIPs.\n", "willReplaceOnChanges": true }, "allocationId": { "type": "string", "description": "ID that AWS assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.\n" }, "arn": { "type": "string" }, "associateWithPrivateIp": { "type": "string", "description": "User-specified primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.\n" }, "associationId": { "type": "string", "description": "ID representing the association of the address with an instance in a VPC.\n" }, "carrierIp": { "type": "string", "description": "Carrier IP address.\n" }, "customerOwnedIp": { "type": "string", "description": "Customer owned IP.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of a customer-owned address pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing).\n" }, "domain": { "type": "string", "description": "Indicates if this EIP is for use in VPC (`vpc`).\n", "willReplaceOnChanges": true }, "instance": { "type": "string", "description": "EC2 instance ID.\n" }, "networkBorderGroup": { "type": "string", "description": "Location from which the IP address is advertised. Use this parameter to limit the address to this location.\n", "willReplaceOnChanges": true }, "networkInterface": { "type": "string", "description": "Network interface ID to associate with.\n" }, "privateDns": { "type": "string", "description": "The Private DNS associated with the Elastic IP address (if in VPC).\n" }, "privateIp": { "type": "string", "description": "Contains the private IP address (if in VPC).\n" }, "ptrRecord": { "type": "string", "description": "The DNS pointer (PTR) record for the IP address.\n" }, "publicDns": { "type": "string", "description": "Public DNS associated with the Elastic IP address.\n" }, "publicIp": { "type": "string", "description": "Contains the public IP address.\n" }, "publicIpv4Pool": { "type": "string", "description": "EC2 IPv4 address pool identifier or `amazon`.\nThis option is only available for VPC EIPs.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Tags can only be applied to EIPs in a VPC. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpc": { "type": "boolean", "description": "Boolean if the EIP is in a VPC or not. Use `domain` instead.\nDefaults to `true` unless the region supports EC2-Classic.\n\n\u003e **NOTE:** You can specify either the `instance` ID or the `network_interface` ID, but not both. Including both will **not** return an error from the AWS API, but will have undefined behavior. See the relevant [AssociateAddress API Call][1] for more information.\n\n\u003e **NOTE:** Specifying both `public_ipv4_pool` and `address` won't cause an error but `address` will be used in the\ncase both options are defined as the api only requires one or the other.\n", "deprecationMessage": "use domain attribute instead", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/eipAssociation:EipAssociation": { "description": "Provides an AWS EIP Association as a top level resource, to associate and\ndisassociate Elastic IPs from AWS Instances and Network Interfaces.\n\n\u003e **NOTE:** Do not use this resource to associate an EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n\u003e **NOTE:** `aws.ec2.EipAssociation` is useful in scenarios where EIPs are either\npre-existing or distributed to customers or users and therefore cannot be changed.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-21f78e11\",\n availabilityZone: \"us-west-2a\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst eipAssoc = new aws.ec2.EipAssociation(\"eip_assoc\", {\n instanceId: web.id,\n allocationId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-21f78e11\",\n availability_zone=\"us-west-2a\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\neip_assoc = aws.ec2.EipAssociation(\"eip_assoc\",\n instance_id=web.id,\n allocation_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var web = new Aws.Ec2.Instance(\"web\", new()\n {\n Ami = \"ami-21f78e11\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var eipAssoc = new Aws.Ec2.EipAssociation(\"eip_assoc\", new()\n {\n InstanceId = web.Id,\n AllocationId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tweb, err := ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-21f78e11\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEipAssociation(ctx, \"eip_assoc\", \u0026ec2.EipAssociationArgs{\n\t\t\tInstanceId: web.ID(),\n\t\t\tAllocationId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.ec2.EipAssociation;\nimport com.pulumi.aws.ec2.EipAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var web = new Instance(\"web\", InstanceArgs.builder()\n .ami(\"ami-21f78e11\")\n .availabilityZone(\"us-west-2a\")\n .instanceType(\"t2.micro\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n var example = new Eip(\"example\", EipArgs.builder()\n .domain(\"vpc\")\n .build());\n\n var eipAssoc = new EipAssociation(\"eipAssoc\", EipAssociationArgs.builder()\n .instanceId(web.id())\n .allocationId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n eipAssoc:\n type: aws:ec2:EipAssociation\n name: eip_assoc\n properties:\n instanceId: ${web.id}\n allocationId: ${example.id}\n web:\n type: aws:ec2:Instance\n properties:\n ami: ami-21f78e11\n availabilityZone: us-west-2a\n instanceType: t2.micro\n tags:\n Name: HelloWorld\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EIP Assocations using their association IDs. For example:\n\n```sh\n$ pulumi import aws:ec2/eipAssociation:EipAssociation test eipassoc-ab12c345\n```\n", "properties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n" }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n" }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n" }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n" }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n" } }, "required": [ "allocationId", "instanceId", "networkInterfaceId", "privateIpAddress", "publicIp" ], "inputProperties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n", "willReplaceOnChanges": true }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n", "willReplaceOnChanges": true }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n", "willReplaceOnChanges": true }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering EipAssociation resources.\n", "properties": { "allocationId": { "type": "string", "description": "The allocation ID. This is required for EC2-VPC.\n", "willReplaceOnChanges": true }, "allowReassociation": { "type": "boolean", "description": "Whether to allow an Elastic IP to\nbe re-associated. Defaults to `true` in VPC.\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "The ID of the instance. This is required for\nEC2-Classic. For EC2-VPC, you can specify either the instance ID or the\nnetwork interface ID, but not both. The operation fails if you specify an\ninstance ID unless exactly one network interface is attached.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface. If the\ninstance has more than one network interface, you must specify a network\ninterface ID.\n", "willReplaceOnChanges": true }, "privateIpAddress": { "type": "string", "description": "The primary or secondary private IP address\nto associate with the Elastic IP address. If no private IP address is\nspecified, the Elastic IP address is associated with the primary private IP\naddress.\n", "willReplaceOnChanges": true }, "publicIp": { "type": "string", "description": "The Elastic IP address. This is required for EC2-Classic.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/eipDomainName:EipDomainName": { "description": "Assigns a static reverse DNS record to an Elastic IP addresses. See [Using reverse DNS for email applications](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst exampleRecord = new aws.route53.Record(\"example\", {\n zoneId: main.zoneId,\n name: \"reverse\",\n type: aws.route53.RecordType.A,\n records: [example.publicIp],\n});\nconst exampleEipDomainName = new aws.ec2.EipDomainName(\"example\", {\n allocationId: example.allocationId,\n domainName: exampleRecord.fqdn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\nexample_record = aws.route53.Record(\"example\",\n zone_id=main[\"zoneId\"],\n name=\"reverse\",\n type=aws.route53.RecordType.A,\n records=[example.public_ip])\nexample_eip_domain_name = aws.ec2.EipDomainName(\"example\",\n allocation_id=example.allocation_id,\n domain_name=example_record.fqdn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n ZoneId = main.ZoneId,\n Name = \"reverse\",\n Type = Aws.Route53.RecordType.A,\n Records = new[]\n {\n example.PublicIp,\n },\n });\n\n var exampleEipDomainName = new Aws.Ec2.EipDomainName(\"example\", new()\n {\n AllocationId = example.AllocationId,\n DomainName = exampleRecord.Fqdn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRecord, err := route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(main.ZoneId),\n\t\t\tName: pulumi.String(\"reverse\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.PublicIp,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEipDomainName(ctx, \"example\", \u0026ec2.EipDomainNameArgs{\n\t\t\tAllocationId: example.AllocationId,\n\t\t\tDomainName: exampleRecord.Fqdn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.ec2.EipDomainName;\nimport com.pulumi.aws.ec2.EipDomainNameArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Eip(\"example\", EipArgs.builder()\n .domain(\"vpc\")\n .build());\n\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .zoneId(main.zoneId())\n .name(\"reverse\")\n .type(\"A\")\n .records(example.publicIp())\n .build());\n\n var exampleEipDomainName = new EipDomainName(\"exampleEipDomainName\", EipDomainNameArgs.builder()\n .allocationId(example.allocationId())\n .domainName(exampleRecord.fqdn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n zoneId: ${main.zoneId}\n name: reverse\n type: A\n records:\n - ${example.publicIp}\n exampleEipDomainName:\n type: aws:ec2:EipDomainName\n name: example\n properties:\n allocationId: ${example.allocationId}\n domainName: ${exampleRecord.fqdn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "allocationId": { "type": "string", "description": "The allocation ID.\n" }, "domainName": { "type": "string", "description": "The domain name to modify for the IP address.\n" }, "ptrRecord": { "type": "string", "description": "The DNS pointer (PTR) record for the IP address.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/EipDomainNameTimeouts:EipDomainNameTimeouts" } }, "required": [ "allocationId", "domainName", "ptrRecord" ], "inputProperties": { "allocationId": { "type": "string", "description": "The allocation ID.\n" }, "domainName": { "type": "string", "description": "The domain name to modify for the IP address.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/EipDomainNameTimeouts:EipDomainNameTimeouts" } }, "requiredInputs": [ "allocationId", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EipDomainName resources.\n", "properties": { "allocationId": { "type": "string", "description": "The allocation ID.\n" }, "domainName": { "type": "string", "description": "The domain name to modify for the IP address.\n" }, "ptrRecord": { "type": "string", "description": "The DNS pointer (PTR) record for the IP address.\n" }, "timeouts": { "$ref": "#/types/aws:ec2/EipDomainNameTimeouts:EipDomainNameTimeouts" } }, "type": "object" } }, "aws:ec2/fleet:Fleet": { "description": "Provides a resource to manage EC2 Fleets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Fleet(\"example\", {\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n launchTemplateId: exampleAwsLaunchTemplate.id,\n version: exampleAwsLaunchTemplate.latestVersion,\n },\n }],\n targetCapacitySpecification: {\n defaultTargetCapacityType: \"spot\",\n totalTargetCapacity: 5,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Fleet(\"example\",\n launch_template_configs=[{\n \"launch_template_specification\": {\n \"launch_template_id\": example_aws_launch_template[\"id\"],\n \"version\": example_aws_launch_template[\"latestVersion\"],\n },\n }],\n target_capacity_specification={\n \"default_target_capacity_type\": \"spot\",\n \"total_target_capacity\": 5,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Fleet(\"example\", new()\n {\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.FleetLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n LaunchTemplateId = exampleAwsLaunchTemplate.Id,\n Version = exampleAwsLaunchTemplate.LatestVersion,\n },\n },\n },\n TargetCapacitySpecification = new Aws.Ec2.Inputs.FleetTargetCapacitySpecificationArgs\n {\n DefaultTargetCapacityType = \"spot\",\n TotalTargetCapacity = 5,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewFleet(ctx, \"example\", \u0026ec2.FleetArgs{\n\t\t\tLaunchTemplateConfigs: ec2.FleetLaunchTemplateConfigArray{\n\t\t\t\t\u0026ec2.FleetLaunchTemplateConfigArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026ec2.FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tLaunchTemplateId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t\t\t\tVersion: pulumi.Any(exampleAwsLaunchTemplate.LatestVersion),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargetCapacitySpecification: \u0026ec2.FleetTargetCapacitySpecificationArgs{\n\t\t\t\tDefaultTargetCapacityType: pulumi.String(\"spot\"),\n\t\t\t\tTotalTargetCapacity: pulumi.Int(5),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Fleet;\nimport com.pulumi.aws.ec2.FleetArgs;\nimport com.pulumi.aws.ec2.inputs.FleetLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport com.pulumi.aws.ec2.inputs.FleetTargetCapacitySpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .launchTemplateConfigs(FleetLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(FleetLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .launchTemplateId(exampleAwsLaunchTemplate.id())\n .version(exampleAwsLaunchTemplate.latestVersion())\n .build())\n .build())\n .targetCapacitySpecification(FleetTargetCapacitySpecificationArgs.builder()\n .defaultTargetCapacityType(\"spot\")\n .totalTargetCapacity(5)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Fleet\n properties:\n launchTemplateConfigs:\n - launchTemplateSpecification:\n launchTemplateId: ${exampleAwsLaunchTemplate.id}\n version: ${exampleAwsLaunchTemplate.latestVersion}\n targetCapacitySpecification:\n defaultTargetCapacityType: spot\n totalTargetCapacity: 5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_fleet` using the Fleet identifier. For example:\n\n```sh\n$ pulumi import aws:ec2/fleet:Fleet example fleet-b9b55d27-c5fc-41ac-a6f3-48fcc91f080c\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the fleet\n" }, "context": { "type": "string", "description": "Reserved.\n" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`. Supported only for fleets of type `maintain`.\n" }, "fleetInstanceSets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetFleetInstanceSet:FleetFleetInstanceSet" }, "description": "Information about the instances that were launched by the fleet. Available only when `type` is set to `instant`.\n" }, "fleetState": { "type": "string", "description": "The state of the EC2 Fleet.\n", "language": { "csharp": { "name": "State" } } }, "fulfilledCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target capacity.\n" }, "fulfilledOnDemandCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target On-Demand capacity.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig" }, "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`. Supported only for fleets of type `maintain`.\n" }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n" }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`, `instant`. Defaults to `maintain`.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.\n" } }, "required": [ "arn", "fleetInstanceSets", "fleetState", "fulfilledCapacity", "fulfilledOnDemandCapacity", "launchTemplateConfigs", "tagsAll", "targetCapacitySpecification" ], "inputProperties": { "context": { "type": "string", "description": "Reserved.\n" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`. Supported only for fleets of type `maintain`.\n" }, "fleetInstanceSets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetFleetInstanceSet:FleetFleetInstanceSet" }, "description": "Information about the instances that were launched by the fleet. Available only when `type` is set to `instant`.\n" }, "fleetState": { "type": "string", "description": "The state of the EC2 Fleet.\n", "language": { "csharp": { "name": "State" } } }, "fulfilledCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target capacity.\n" }, "fulfilledOnDemandCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target On-Demand capacity.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig" }, "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n", "willReplaceOnChanges": true }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`. Supported only for fleets of type `maintain`.\n", "willReplaceOnChanges": true }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`, `instant`. Defaults to `maintain`.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "launchTemplateConfigs", "targetCapacitySpecification" ], "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the fleet\n" }, "context": { "type": "string", "description": "Reserved.\n" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: `no-termination`, `termination`. Defaults to `termination`. Supported only for fleets of type `maintain`.\n" }, "fleetInstanceSets": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetFleetInstanceSet:FleetFleetInstanceSet" }, "description": "Information about the instances that were launched by the fleet. Available only when `type` is set to `instant`.\n" }, "fleetState": { "type": "string", "description": "The state of the EC2 Fleet.\n", "language": { "csharp": { "name": "State" } } }, "fulfilledCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target capacity.\n" }, "fulfilledOnDemandCapacity": { "type": "number", "description": "The number of units fulfilled by this request compared to the set target On-Demand capacity.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/FleetLaunchTemplateConfig:FleetLaunchTemplateConfig" }, "description": "Nested argument containing EC2 Launch Template configurations. Defined below.\n" }, "onDemandOptions": { "$ref": "#/types/aws:ec2/FleetOnDemandOptions:FleetOnDemandOptions", "description": "Nested argument containing On-Demand configurations. Defined below.\n", "willReplaceOnChanges": true }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Whether EC2 Fleet should replace unhealthy instances. Defaults to `false`. Supported only for fleets of type `maintain`.\n", "willReplaceOnChanges": true }, "spotOptions": { "$ref": "#/types/aws:ec2/FleetSpotOptions:FleetSpotOptions", "description": "Nested argument containing Spot configurations. Defined below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCapacitySpecification": { "$ref": "#/types/aws:ec2/FleetTargetCapacitySpecification:FleetTargetCapacitySpecification", "description": "Nested argument containing target capacity configurations. Defined below.\n" }, "terminateInstances": { "type": "boolean", "description": "Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to `false`.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Whether running instances should be terminated when the EC2 Fleet expires. Defaults to `false`.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: `maintain`, `request`, `instant`. Defaults to `maintain`.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/flowLog:FlowLog": { "description": "Provides a VPC/Subnet/ENI/Transit Gateway/Transit Gateway Attachment Flow Log to capture IP traffic for a specific network\ninterface, subnet, or VPC. Logs are sent to a CloudWatch Log Group, a S3 Bucket, or Amazon Kinesis Data Firehose\n\n## Example Usage\n\n### CloudWatch Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"vpc-flow-logs.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleFlowLog = new aws.ec2.FlowLog(\"example\", {\n iamRoleArn: exampleRole.arn,\n logDestination: exampleLogGroup.arn,\n trafficType: \"ALL\",\n vpcId: exampleAwsVpc.id,\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n ],\n resources: [\"*\"],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"example\",\n role: exampleRole.id,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"vpc-flow-logs.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=assume_role.json)\nexample_flow_log = aws.ec2.FlowLog(\"example\",\n iam_role_arn=example_role.arn,\n log_destination=example_log_group.arn,\n traffic_type=\"ALL\",\n vpc_id=example_aws_vpc[\"id\"])\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n ],\n \"resources\": [\"*\"],\n}])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"example\",\n role=example_role.id,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"vpc-flow-logs.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleFlowLog = new Aws.Ec2.FlowLog(\"example\", new()\n {\n IamRoleArn = exampleRole.Arn,\n LogDestination = exampleLogGroup.Arn,\n TrafficType = \"ALL\",\n VpcId = exampleAwsVpc.Id,\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"example\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"vpc-flow-logs.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewFlowLog(ctx, \"example\", \u0026ec2.FlowLogArgs{\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t\tLogDestination: exampleLogGroup.Arn,\n\t\t\tTrafficType: pulumi.String(\"ALL\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogGroup\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:DescribeLogGroups\",\n\t\t\t\t\t\t\"logs:DescribeLogStreams\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.ec2.FlowLog;\nimport com.pulumi.aws.ec2.FlowLogArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"vpc-flow-logs.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleFlowLog = new FlowLog(\"exampleFlowLog\", FlowLogArgs.builder()\n .iamRoleArn(exampleRole.arn())\n .logDestination(exampleLogGroup.arn())\n .trafficType(\"ALL\")\n .vpcId(exampleAwsVpc.id())\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\")\n .resources(\"*\")\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .name(\"example\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleFlowLog:\n type: aws:ec2:FlowLog\n name: example\n properties:\n iamRoleArn: ${exampleRole.arn}\n logDestination: ${exampleLogGroup.arn}\n trafficType: ALL\n vpcId: ${exampleAwsVpc.id}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: example\n role: ${exampleRole.id}\n policy: ${example.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - vpc-flow-logs.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:PutLogEvents\n - logs:DescribeLogGroups\n - logs:DescribeLogStreams\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon Kinesis Data Firehose logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.ec2.FlowLog;\nimport com.pulumi.aws.ec2.FlowLogArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"firehose_test_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleFirehoseDeliveryStream = new FirehoseDeliveryStream(\"exampleFirehoseDeliveryStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis_firehose_test\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(exampleRole.arn())\n .bucketArn(exampleBucketV2.arn())\n .build())\n .tags(Map.of(\"LogDeliveryEnabled\", \"true\"))\n .build());\n\n var exampleFlowLog = new FlowLog(\"exampleFlowLog\", FlowLogArgs.builder()\n .logDestination(exampleFirehoseDeliveryStream.arn())\n .logDestinationType(\"kinesis-data-firehose\")\n .trafficType(\"ALL\")\n .vpcId(exampleAwsVpc.id())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogDelivery\",\n \"logs:DeleteLogDelivery\",\n \"logs:ListLogDeliveries\",\n \"logs:GetLogDelivery\",\n \"firehose:TagDeliveryStream\")\n .resources(\"*\")\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .name(\"test\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleFlowLog:\n type: aws:ec2:FlowLog\n name: example\n properties:\n logDestination: ${exampleFirehoseDeliveryStream.arn}\n logDestinationType: kinesis-data-firehose\n trafficType: ALL\n vpcId: ${exampleAwsVpc.id}\n exampleFirehoseDeliveryStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: example\n properties:\n name: kinesis_firehose_test\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${exampleRole.arn}\n bucketArn: ${exampleBucketV2.arn}\n tags:\n LogDeliveryEnabled: 'true'\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: firehose_test_role\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: test\n role: ${exampleRole.id}\n policy: ${example.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n effect: Allow\n actions:\n - logs:CreateLogDelivery\n - logs:DeleteLogDelivery\n - logs:ListLogDeliveries\n - logs:GetLogDelivery\n - firehose:TagDeliveryStream\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example = new aws.ec2.FlowLog(\"example\", {\n logDestination: exampleBucketV2.arn,\n logDestinationType: \"s3\",\n trafficType: \"ALL\",\n vpcId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample = aws.ec2.FlowLog(\"example\",\n log_destination=example_bucket_v2.arn,\n log_destination_type=\"s3\",\n traffic_type=\"ALL\",\n vpc_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example = new Aws.Ec2.FlowLog(\"example\", new()\n {\n LogDestination = exampleBucketV2.Arn,\n LogDestinationType = \"s3\",\n TrafficType = \"ALL\",\n VpcId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewFlowLog(ctx, \"example\", \u0026ec2.FlowLogArgs{\n\t\t\tLogDestination: exampleBucketV2.Arn,\n\t\t\tLogDestinationType: pulumi.String(\"s3\"),\n\t\t\tTrafficType: pulumi.String(\"ALL\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.ec2.FlowLog;\nimport com.pulumi.aws.ec2.FlowLogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example = new FlowLog(\"example\", FlowLogArgs.builder()\n .logDestination(exampleBucketV2.arn())\n .logDestinationType(\"s3\")\n .trafficType(\"ALL\")\n .vpcId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:FlowLog\n properties:\n logDestination: ${exampleBucketV2.arn}\n logDestinationType: s3\n trafficType: ALL\n vpcId: ${exampleAwsVpc.id}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Logging in Apache Parquet format with per-hour partitions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example = new aws.ec2.FlowLog(\"example\", {\n logDestination: exampleBucketV2.arn,\n logDestinationType: \"s3\",\n trafficType: \"ALL\",\n vpcId: exampleAwsVpc.id,\n destinationOptions: {\n fileFormat: \"parquet\",\n perHourPartition: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample = aws.ec2.FlowLog(\"example\",\n log_destination=example_bucket_v2.arn,\n log_destination_type=\"s3\",\n traffic_type=\"ALL\",\n vpc_id=example_aws_vpc[\"id\"],\n destination_options={\n \"file_format\": \"parquet\",\n \"per_hour_partition\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example = new Aws.Ec2.FlowLog(\"example\", new()\n {\n LogDestination = exampleBucketV2.Arn,\n LogDestinationType = \"s3\",\n TrafficType = \"ALL\",\n VpcId = exampleAwsVpc.Id,\n DestinationOptions = new Aws.Ec2.Inputs.FlowLogDestinationOptionsArgs\n {\n FileFormat = \"parquet\",\n PerHourPartition = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewFlowLog(ctx, \"example\", \u0026ec2.FlowLogArgs{\n\t\t\tLogDestination: exampleBucketV2.Arn,\n\t\t\tLogDestinationType: pulumi.String(\"s3\"),\n\t\t\tTrafficType: pulumi.String(\"ALL\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tDestinationOptions: \u0026ec2.FlowLogDestinationOptionsArgs{\n\t\t\t\tFileFormat: pulumi.String(\"parquet\"),\n\t\t\t\tPerHourPartition: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.ec2.FlowLog;\nimport com.pulumi.aws.ec2.FlowLogArgs;\nimport com.pulumi.aws.ec2.inputs.FlowLogDestinationOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example = new FlowLog(\"example\", FlowLogArgs.builder()\n .logDestination(exampleBucketV2.arn())\n .logDestinationType(\"s3\")\n .trafficType(\"ALL\")\n .vpcId(exampleAwsVpc.id())\n .destinationOptions(FlowLogDestinationOptionsArgs.builder()\n .fileFormat(\"parquet\")\n .perHourPartition(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:FlowLog\n properties:\n logDestination: ${exampleBucketV2.arn}\n logDestinationType: s3\n trafficType: ALL\n vpcId: ${exampleAwsVpc.id}\n destinationOptions:\n fileFormat: parquet\n perHourPartition: true\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Flow Logs using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/flowLog:FlowLog test_flow_log fl-1a2b3c4d\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Flow Log.\n" }, "deliverCrossAccountRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts.\n" }, "destinationOptions": { "$ref": "#/types/aws:ec2/FlowLogDestinationOptions:FlowLogDestinationOptions", "description": "Describes the destination options for a flow log. More details below.\n" }, "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n" }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n" }, "logDestination": { "type": "string", "description": "The ARN of the logging destination. Either `log_destination` or `log_group_name` must be set.\n" }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`, `kinesis-data-firehose`. Default: `cloud-watch-logs`.\n" }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record. Accepted format example: `\"$${interface-id} $${srcaddr} $${dstaddr} $${srcport} $${dstport}\"`.\n" }, "logGroupName": { "type": "string", "description": "**Deprecated:** Use `log_destination` instead. The name of the CloudWatch log group. Either `log_group_name` or `log_destination` must be set.\n", "deprecationMessage": "use 'log_destination' argument instead" }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`. When `transit_gateway_id` or `transit_gateway_attachment_id` is specified, `max_aggregation_interval` *must* be 60 seconds (1 minute).\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Transit Gateway Attachment ID to attach to\n" }, "transitGatewayId": { "type": "string", "description": "Transit Gateway ID to attach to\n" }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n" } }, "required": [ "arn", "logDestination", "logFormat", "logGroupName", "tagsAll" ], "inputProperties": { "deliverCrossAccountRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts.\n", "willReplaceOnChanges": true }, "destinationOptions": { "$ref": "#/types/aws:ec2/FlowLogDestinationOptions:FlowLogDestinationOptions", "description": "Describes the destination options for a flow log. More details below.\n", "willReplaceOnChanges": true }, "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n", "willReplaceOnChanges": true }, "logDestination": { "type": "string", "description": "The ARN of the logging destination. Either `log_destination` or `log_group_name` must be set.\n", "willReplaceOnChanges": true }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`, `kinesis-data-firehose`. Default: `cloud-watch-logs`.\n", "willReplaceOnChanges": true }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record. Accepted format example: `\"$${interface-id} $${srcaddr} $${dstaddr} $${srcport} $${dstport}\"`.\n", "willReplaceOnChanges": true }, "logGroupName": { "type": "string", "description": "**Deprecated:** Use `log_destination` instead. The name of the CloudWatch log group. Either `log_group_name` or `log_destination` must be set.\n", "deprecationMessage": "use 'log_destination' argument instead", "willReplaceOnChanges": true }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`. When `transit_gateway_id` or `transit_gateway_attachment_id` is specified, `max_aggregation_interval` *must* be 60 seconds (1 minute).\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "Transit Gateway Attachment ID to attach to\n", "willReplaceOnChanges": true }, "transitGatewayId": { "type": "string", "description": "Transit Gateway ID to attach to\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering FlowLog resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Flow Log.\n" }, "deliverCrossAccountRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts.\n", "willReplaceOnChanges": true }, "destinationOptions": { "$ref": "#/types/aws:ec2/FlowLogDestinationOptions:FlowLogDestinationOptions", "description": "Describes the destination options for a flow log. More details below.\n", "willReplaceOnChanges": true }, "eniId": { "type": "string", "description": "Elastic Network Interface ID to attach to\n", "willReplaceOnChanges": true }, "iamRoleArn": { "type": "string", "description": "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group\n", "willReplaceOnChanges": true }, "logDestination": { "type": "string", "description": "The ARN of the logging destination. Either `log_destination` or `log_group_name` must be set.\n", "willReplaceOnChanges": true }, "logDestinationType": { "type": "string", "description": "The type of the logging destination. Valid values: `cloud-watch-logs`, `s3`, `kinesis-data-firehose`. Default: `cloud-watch-logs`.\n", "willReplaceOnChanges": true }, "logFormat": { "type": "string", "description": "The fields to include in the flow log record. Accepted format example: `\"$${interface-id} $${srcaddr} $${dstaddr} $${srcport} $${dstport}\"`.\n", "willReplaceOnChanges": true }, "logGroupName": { "type": "string", "description": "**Deprecated:** Use `log_destination` instead. The name of the CloudWatch log group. Either `log_group_name` or `log_destination` must be set.\n", "deprecationMessage": "use 'log_destination' argument instead", "willReplaceOnChanges": true }, "maxAggregationInterval": { "type": "integer", "description": "The maximum interval of time\nduring which a flow of packets is captured and aggregated into a flow\nlog record. Valid Values: `60` seconds (1 minute) or `600` seconds (10\nminutes). Default: `600`. When `transit_gateway_id` or `transit_gateway_attachment_id` is specified, `max_aggregation_interval` *must* be 60 seconds (1 minute).\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "Subnet ID to attach to\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficType": { "type": "string", "description": "The type of traffic to capture. Valid values: `ACCEPT`,`REJECT`, `ALL`.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "Transit Gateway Attachment ID to attach to\n", "willReplaceOnChanges": true }, "transitGatewayId": { "type": "string", "description": "Transit Gateway ID to attach to\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "VPC ID to attach to\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/imageBlockPublicAccess:ImageBlockPublicAccess": { "description": "Provides a regional public access block for AMIs. This prevents AMIs from being made publicly accessible.\nIf you already have public AMIs, they will remain publicly available.\n\n\u003e **NOTE:** Deleting this resource does not change the block public access value, the resource in simply removed from state instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Prevent making AMIs publicly accessible in the region and account for which the provider is configured\nconst test = new aws.ec2.ImageBlockPublicAccess(\"test\", {state: \"block-new-sharing\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Prevent making AMIs publicly accessible in the region and account for which the provider is configured\ntest = aws.ec2.ImageBlockPublicAccess(\"test\", state=\"block-new-sharing\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Prevent making AMIs publicly accessible in the region and account for which the provider is configured\n var test = new Aws.Ec2.ImageBlockPublicAccess(\"test\", new()\n {\n State = \"block-new-sharing\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Prevent making AMIs publicly accessible in the region and account for which the provider is configured\n\t\t_, err := ec2.NewImageBlockPublicAccess(ctx, \"test\", \u0026ec2.ImageBlockPublicAccessArgs{\n\t\t\tState: pulumi.String(\"block-new-sharing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.ImageBlockPublicAccess;\nimport com.pulumi.aws.ec2.ImageBlockPublicAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Prevent making AMIs publicly accessible in the region and account for which the provider is configured\n var test = new ImageBlockPublicAccess(\"test\", ImageBlockPublicAccessArgs.builder()\n .state(\"block-new-sharing\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Prevent making AMIs publicly accessible in the region and account for which the provider is configured\n test:\n type: aws:ec2:ImageBlockPublicAccess\n properties:\n state: block-new-sharing\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "state": { "type": "string", "description": "The state of block public access for AMIs at the account level in the configured AWS Region. Valid values: `unblocked` and `block-new-sharing`.\n" } }, "required": [ "state" ], "inputProperties": { "state": { "type": "string", "description": "The state of block public access for AMIs at the account level in the configured AWS Region. Valid values: `unblocked` and `block-new-sharing`.\n" } }, "requiredInputs": [ "state" ], "stateInputs": { "description": "Input properties used for looking up and filtering ImageBlockPublicAccess resources.\n", "properties": { "state": { "type": "string", "description": "The state of block public access for AMIs at the account level in the configured AWS Region. Valid values: `unblocked` and `block-new-sharing`.\n" } }, "type": "object" } }, "aws:ec2/instance:Instance": { "description": "Provides an EC2 instance resource. This allows instances to be created, updated, and deleted.\n\n## Example Usage\n\n### Basic example using AMI lookup\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = aws.ec2.getAmi({\n mostRecent: true,\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n owners: [\"099720109477\"],\n});\nconst web = new aws.ec2.Instance(\"web\", {\n ami: ubuntu.then(ubuntu =\u003e ubuntu.id),\n instanceType: aws.ec2.InstanceType.T3_Micro,\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_ami(most_recent=True,\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n owners=[\"099720109477\"])\nweb = aws.ec2.Instance(\"web\",\n ami=ubuntu.id,\n instance_type=aws.ec2.InstanceType.T3_MICRO,\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ubuntu = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"virtualization-type\",\n Values = new[]\n {\n \"hvm\",\n },\n },\n },\n Owners = new[]\n {\n \"099720109477\",\n },\n });\n\n var web = new Aws.Ec2.Instance(\"web\", new()\n {\n Ami = ubuntu.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T3_Micro,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tubuntu, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T3_Micro),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ubuntu = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"virtualization-type\")\n .values(\"hvm\")\n .build())\n .owners(\"099720109477\")\n .build());\n\n var web = new Instance(\"web\", InstanceArgs.builder()\n .ami(ubuntu.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t3.micro\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n web:\n type: aws:ec2:Instance\n properties:\n ami: ${ubuntu.id}\n instanceType: t3.micro\n tags:\n Name: HelloWorld\nvariables:\n ubuntu:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n filters:\n - name: name\n values:\n - ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*\n - name: virtualization-type\n values:\n - hvm\n owners:\n - '099720109477'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Spot instance example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst this = aws.ec2.getAmi({\n mostRecent: true,\n owners: [\"amazon\"],\n filters: [\n {\n name: \"architecture\",\n values: [\"arm64\"],\n },\n {\n name: \"name\",\n values: [\"al2023-ami-2023*\"],\n },\n ],\n});\nconst thisInstance = new aws.ec2.Instance(\"this\", {\n ami: _this.then(_this =\u003e _this.id),\n instanceMarketOptions: {\n spotOptions: {\n maxPrice: \"0.0031\",\n },\n },\n instanceType: aws.ec2.InstanceType.T4g_Nano,\n tags: {\n Name: \"test-spot\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.ec2.get_ami(most_recent=True,\n owners=[\"amazon\"],\n filters=[\n {\n \"name\": \"architecture\",\n \"values\": [\"arm64\"],\n },\n {\n \"name\": \"name\",\n \"values\": [\"al2023-ami-2023*\"],\n },\n ])\nthis_instance = aws.ec2.Instance(\"this\",\n ami=this.id,\n instance_market_options={\n \"spot_options\": {\n \"max_price\": \"0.0031\",\n },\n },\n instance_type=aws.ec2.InstanceType.T4G_NANO,\n tags={\n \"Name\": \"test-spot\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"amazon\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"architecture\",\n Values = new[]\n {\n \"arm64\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"al2023-ami-2023*\",\n },\n },\n },\n });\n\n var thisInstance = new Aws.Ec2.Instance(\"this\", new()\n {\n Ami = @this.Apply(@this =\u003e @this.Apply(getAmiResult =\u003e getAmiResult.Id)),\n InstanceMarketOptions = new Aws.Ec2.Inputs.InstanceInstanceMarketOptionsArgs\n {\n SpotOptions = new Aws.Ec2.Inputs.InstanceInstanceMarketOptionsSpotOptionsArgs\n {\n MaxPrice = \"0.0031\",\n },\n },\n InstanceType = Aws.Ec2.InstanceType.T4g_Nano,\n Tags = \n {\n { \"Name\", \"test-spot\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"architecture\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"arm64\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"al2023-ami-2023*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"this\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(this.Id),\n\t\t\tInstanceMarketOptions: \u0026ec2.InstanceInstanceMarketOptionsArgs{\n\t\t\t\tSpotOptions: \u0026ec2.InstanceInstanceMarketOptionsSpotOptionsArgs{\n\t\t\t\t\tMaxPrice: pulumi.String(\"0.0031\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T4g_Nano),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test-spot\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.inputs.InstanceInstanceMarketOptionsArgs;\nimport com.pulumi.aws.ec2.inputs.InstanceInstanceMarketOptionsSpotOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var this = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .owners(\"amazon\")\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"architecture\")\n .values(\"arm64\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"al2023-ami-2023*\")\n .build())\n .build());\n\n var thisInstance = new Instance(\"thisInstance\", InstanceArgs.builder()\n .ami(this_.id())\n .instanceMarketOptions(InstanceInstanceMarketOptionsArgs.builder()\n .spotOptions(InstanceInstanceMarketOptionsSpotOptionsArgs.builder()\n .maxPrice(0.0031)\n .build())\n .build())\n .instanceType(\"t4g.nano\")\n .tags(Map.of(\"Name\", \"test-spot\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n thisInstance:\n type: aws:ec2:Instance\n name: this\n properties:\n ami: ${this.id}\n instanceMarketOptions:\n spotOptions:\n maxPrice: 0.0031\n instanceType: t4g.nano\n tags:\n Name: test-spot\nvariables:\n this:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n owners:\n - amazon\n filters:\n - name: architecture\n values:\n - arm64\n - name: name\n values:\n - al2023-ami-2023*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network and credit specification example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myVpc = new aws.ec2.Vpc(\"my_vpc\", {\n cidrBlock: \"172.16.0.0/16\",\n tags: {\n Name: \"tf-example\",\n },\n});\nconst mySubnet = new aws.ec2.Subnet(\"my_subnet\", {\n vpcId: myVpc.id,\n cidrBlock: \"172.16.10.0/24\",\n availabilityZone: \"us-west-2a\",\n tags: {\n Name: \"tf-example\",\n },\n});\nconst foo = new aws.ec2.NetworkInterface(\"foo\", {\n subnetId: mySubnet.id,\n privateIps: [\"172.16.10.100\"],\n tags: {\n Name: \"primary_network_interface\",\n },\n});\nconst fooInstance = new aws.ec2.Instance(\"foo\", {\n ami: \"ami-005e54dee72cc1d00\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n networkInterfaces: [{\n networkInterfaceId: foo.id,\n deviceIndex: 0,\n }],\n creditSpecification: {\n cpuCredits: \"unlimited\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_vpc = aws.ec2.Vpc(\"my_vpc\",\n cidr_block=\"172.16.0.0/16\",\n tags={\n \"Name\": \"tf-example\",\n })\nmy_subnet = aws.ec2.Subnet(\"my_subnet\",\n vpc_id=my_vpc.id,\n cidr_block=\"172.16.10.0/24\",\n availability_zone=\"us-west-2a\",\n tags={\n \"Name\": \"tf-example\",\n })\nfoo = aws.ec2.NetworkInterface(\"foo\",\n subnet_id=my_subnet.id,\n private_ips=[\"172.16.10.100\"],\n tags={\n \"Name\": \"primary_network_interface\",\n })\nfoo_instance = aws.ec2.Instance(\"foo\",\n ami=\"ami-005e54dee72cc1d00\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n network_interfaces=[{\n \"network_interface_id\": foo.id,\n \"device_index\": 0,\n }],\n credit_specification={\n \"cpu_credits\": \"unlimited\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myVpc = new Aws.Ec2.Vpc(\"my_vpc\", new()\n {\n CidrBlock = \"172.16.0.0/16\",\n Tags = \n {\n { \"Name\", \"tf-example\" },\n },\n });\n\n var mySubnet = new Aws.Ec2.Subnet(\"my_subnet\", new()\n {\n VpcId = myVpc.Id,\n CidrBlock = \"172.16.10.0/24\",\n AvailabilityZone = \"us-west-2a\",\n Tags = \n {\n { \"Name\", \"tf-example\" },\n },\n });\n\n var foo = new Aws.Ec2.NetworkInterface(\"foo\", new()\n {\n SubnetId = mySubnet.Id,\n PrivateIps = new[]\n {\n \"172.16.10.100\",\n },\n Tags = \n {\n { \"Name\", \"primary_network_interface\" },\n },\n });\n\n var fooInstance = new Aws.Ec2.Instance(\"foo\", new()\n {\n Ami = \"ami-005e54dee72cc1d00\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n NetworkInterfaces = new[]\n {\n new Aws.Ec2.Inputs.InstanceNetworkInterfaceArgs\n {\n NetworkInterfaceId = foo.Id,\n DeviceIndex = 0,\n },\n },\n CreditSpecification = new Aws.Ec2.Inputs.InstanceCreditSpecificationArgs\n {\n CpuCredits = \"unlimited\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyVpc, err := ec2.NewVpc(ctx, \"my_vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"172.16.0.0/16\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmySubnet, err := ec2.NewSubnet(ctx, \"my_subnet\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: myVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"172.16.10.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewNetworkInterface(ctx, \"foo\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: mySubnet.ID(),\n\t\t\tPrivateIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.16.10.100\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"primary_network_interface\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-005e54dee72cc1d00\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tNetworkInterfaces: ec2.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026ec2.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tNetworkInterfaceId: foo.ID(),\n\t\t\t\t\tDeviceIndex: pulumi.Int(0),\n\t\t\t\t},\n\t\t\t},\n\t\t\tCreditSpecification: \u0026ec2.InstanceCreditSpecificationArgs{\n\t\t\t\tCpuCredits: pulumi.String(\"unlimited\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.inputs.InstanceCreditSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myVpc = new Vpc(\"myVpc\", VpcArgs.builder()\n .cidrBlock(\"172.16.0.0/16\")\n .tags(Map.of(\"Name\", \"tf-example\"))\n .build());\n\n var mySubnet = new Subnet(\"mySubnet\", SubnetArgs.builder()\n .vpcId(myVpc.id())\n .cidrBlock(\"172.16.10.0/24\")\n .availabilityZone(\"us-west-2a\")\n .tags(Map.of(\"Name\", \"tf-example\"))\n .build());\n\n var foo = new NetworkInterface(\"foo\", NetworkInterfaceArgs.builder()\n .subnetId(mySubnet.id())\n .privateIps(\"172.16.10.100\")\n .tags(Map.of(\"Name\", \"primary_network_interface\"))\n .build());\n\n var fooInstance = new Instance(\"fooInstance\", InstanceArgs.builder()\n .ami(\"ami-005e54dee72cc1d00\")\n .instanceType(\"t2.micro\")\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .networkInterfaceId(foo.id())\n .deviceIndex(0)\n .build())\n .creditSpecification(InstanceCreditSpecificationArgs.builder()\n .cpuCredits(\"unlimited\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myVpc:\n type: aws:ec2:Vpc\n name: my_vpc\n properties:\n cidrBlock: 172.16.0.0/16\n tags:\n Name: tf-example\n mySubnet:\n type: aws:ec2:Subnet\n name: my_subnet\n properties:\n vpcId: ${myVpc.id}\n cidrBlock: 172.16.10.0/24\n availabilityZone: us-west-2a\n tags:\n Name: tf-example\n foo:\n type: aws:ec2:NetworkInterface\n properties:\n subnetId: ${mySubnet.id}\n privateIps:\n - 172.16.10.100\n tags:\n Name: primary_network_interface\n fooInstance:\n type: aws:ec2:Instance\n name: foo\n properties:\n ami: ami-005e54dee72cc1d00\n instanceType: t2.micro\n networkInterfaces:\n - networkInterfaceId: ${foo.id}\n deviceIndex: 0\n creditSpecification:\n cpuCredits: unlimited\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CPU options example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"172.16.0.0/16\",\n tags: {\n Name: \"tf-example\",\n },\n});\nconst exampleSubnet = new aws.ec2.Subnet(\"example\", {\n vpcId: example.id,\n cidrBlock: \"172.16.10.0/24\",\n availabilityZone: \"us-east-2a\",\n tags: {\n Name: \"tf-example\",\n },\n});\nconst amzn-linux-2023-ami = aws.ec2.getAmi({\n mostRecent: true,\n owners: [\"amazon\"],\n filters: [{\n name: \"name\",\n values: [\"al2023-ami-2023.*-x86_64\"],\n }],\n});\nconst exampleInstance = new aws.ec2.Instance(\"example\", {\n ami: amzn_linux_2023_ami.then(amzn_linux_2023_ami =\u003e amzn_linux_2023_ami.id),\n instanceType: aws.ec2.InstanceType.C6a_2XLarge,\n subnetId: exampleSubnet.id,\n cpuOptions: {\n coreCount: 2,\n threadsPerCore: 2,\n },\n tags: {\n Name: \"tf-example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"172.16.0.0/16\",\n tags={\n \"Name\": \"tf-example\",\n })\nexample_subnet = aws.ec2.Subnet(\"example\",\n vpc_id=example.id,\n cidr_block=\"172.16.10.0/24\",\n availability_zone=\"us-east-2a\",\n tags={\n \"Name\": \"tf-example\",\n })\namzn_linux_2023_ami = aws.ec2.get_ami(most_recent=True,\n owners=[\"amazon\"],\n filters=[{\n \"name\": \"name\",\n \"values\": [\"al2023-ami-2023.*-x86_64\"],\n }])\nexample_instance = aws.ec2.Instance(\"example\",\n ami=amzn_linux_2023_ami.id,\n instance_type=aws.ec2.InstanceType.C6A_2_X_LARGE,\n subnet_id=example_subnet.id,\n cpu_options={\n \"core_count\": 2,\n \"threads_per_core\": 2,\n },\n tags={\n \"Name\": \"tf-example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"172.16.0.0/16\",\n Tags = \n {\n { \"Name\", \"tf-example\" },\n },\n });\n\n var exampleSubnet = new Aws.Ec2.Subnet(\"example\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"172.16.10.0/24\",\n AvailabilityZone = \"us-east-2a\",\n Tags = \n {\n { \"Name\", \"tf-example\" },\n },\n });\n\n var amzn_linux_2023_ami = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"amazon\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"al2023-ami-2023.*-x86_64\",\n },\n },\n },\n });\n\n var exampleInstance = new Aws.Ec2.Instance(\"example\", new()\n {\n Ami = amzn_linux_2023_ami.Apply(amzn_linux_2023_ami =\u003e amzn_linux_2023_ami.Apply(getAmiResult =\u003e getAmiResult.Id)),\n InstanceType = Aws.Ec2.InstanceType.C6a_2XLarge,\n SubnetId = exampleSubnet.Id,\n CpuOptions = new Aws.Ec2.Inputs.InstanceCpuOptionsArgs\n {\n CoreCount = 2,\n ThreadsPerCore = 2,\n },\n Tags = \n {\n { \"Name\", \"tf-example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"172.16.0.0/16\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"172.16.10.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-2a\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamzn_linux_2023_ami, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"al2023-ami-2023.*-x86_64\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"example\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(amzn_linux_2023_ami.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_C6a_2XLarge),\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tCpuOptions: \u0026ec2.InstanceCpuOptionsArgs{\n\t\t\t\tCoreCount: pulumi.Int(2),\n\t\t\t\tThreadsPerCore: pulumi.Int(2),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.inputs.InstanceCpuOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"172.16.0.0/16\")\n .tags(Map.of(\"Name\", \"tf-example\"))\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"172.16.10.0/24\")\n .availabilityZone(\"us-east-2a\")\n .tags(Map.of(\"Name\", \"tf-example\"))\n .build());\n\n final var amzn-linux-2023-ami = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .owners(\"amazon\")\n .filters(GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"al2023-ami-2023.*-x86_64\")\n .build())\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .ami(amzn_linux_2023_ami.id())\n .instanceType(\"c6a.2xlarge\")\n .subnetId(exampleSubnet.id())\n .cpuOptions(InstanceCpuOptionsArgs.builder()\n .coreCount(2)\n .threadsPerCore(2)\n .build())\n .tags(Map.of(\"Name\", \"tf-example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 172.16.0.0/16\n tags:\n Name: tf-example\n exampleSubnet:\n type: aws:ec2:Subnet\n name: example\n properties:\n vpcId: ${example.id}\n cidrBlock: 172.16.10.0/24\n availabilityZone: us-east-2a\n tags:\n Name: tf-example\n exampleInstance:\n type: aws:ec2:Instance\n name: example\n properties:\n ami: ${[\"amzn-linux-2023-ami\"].id}\n instanceType: c6a.2xlarge\n subnetId: ${exampleSubnet.id}\n cpuOptions:\n coreCount: 2\n threadsPerCore: 2\n tags:\n Name: tf-example\nvariables:\n amzn-linux-2023-ami:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n owners:\n - amazon\n filters:\n - name: name\n values:\n - al2023-ami-2023.*-x86_64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Host resource group or License Manager registered AMI example\n\nA host resource group is a collection of Dedicated Hosts that you can manage as a single entity. As you launch instances, License Manager allocates the hosts and launches instances on them based on the settings that you configured. You can add existing Dedicated Hosts to a host resource group and take advantage of automated host management through License Manager.\n\n\u003e **NOTE:** A dedicated host is automatically associated with a License Manager host resource group if **Allocate hosts automatically** is enabled. Otherwise, use the `host_resource_group_arn` argument to explicitly associate the instance with the host resource group.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _this = new aws.ec2.Instance(\"this\", {\n ami: \"ami-0dcc1e21636832c5d\",\n instanceType: aws.ec2.InstanceType.M5_Large,\n hostResourceGroupArn: \"arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\",\n tenancy: \"host\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.ec2.Instance(\"this\",\n ami=\"ami-0dcc1e21636832c5d\",\n instance_type=aws.ec2.InstanceType.M5_LARGE,\n host_resource_group_arn=\"arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\",\n tenancy=\"host\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Aws.Ec2.Instance(\"this\", new()\n {\n Ami = \"ami-0dcc1e21636832c5d\",\n InstanceType = Aws.Ec2.InstanceType.M5_Large,\n HostResourceGroupArn = \"arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\",\n Tenancy = \"host\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInstance(ctx, \"this\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-0dcc1e21636832c5d\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_M5_Large),\n\t\t\tHostResourceGroupArn: pulumi.String(\"arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\"),\n\t\t\tTenancy: pulumi.String(\"host\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Instance(\"this\", InstanceArgs.builder()\n .ami(\"ami-0dcc1e21636832c5d\")\n .instanceType(\"m5.large\")\n .hostResourceGroupArn(\"arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\")\n .tenancy(\"host\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: aws:ec2:Instance\n properties:\n ami: ami-0dcc1e21636832c5d\n instanceType: m5.large\n hostResourceGroupArn: arn:aws:resource-groups:us-west-2:012345678901:group/win-testhost\n tenancy: host\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Tag Guide\n\nThese are the five types of tags you might encounter relative to an `aws.ec2.Instance`:\n\n1. **Instance tags**: Applied to instances but not to `ebs_block_device` and `root_block_device` volumes.\n2. **Default tags**: Applied to the instance and to `ebs_block_device` and `root_block_device` volumes.\n3. **Volume tags**: Applied during creation to `ebs_block_device` and `root_block_device` volumes.\n4. **Root block device tags**: Applied only to the `root_block_device` volume. These conflict with `volume_tags`.\n5. **EBS block device tags**: Applied only to the specific `ebs_block_device` volume you configure them for and cannot be updated. These conflict with `volume_tags`.\n\nDo not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n\n## Import\n\nUsing `pulumi import`, import instances using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/instance:Instance web i-12345678\n```\n", "properties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n" }, "arn": { "type": "string", "description": "ARN of the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n" }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/InstanceCapacityReservationSpecification:InstanceCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead" }, "cpuOptions": { "$ref": "#/types/aws:ec2/InstanceCpuOptions:InstanceCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead" }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "enclaveOptions": { "$ref": "#/types/aws:ec2/InstanceEnclaveOptions:InstanceEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n" }, "iamInstanceProfile": { "type": "string", "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceLifecycle": { "type": "string", "description": "Indicates whether this is a Spot Instance or a Scheduled Instance.\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/InstanceInstanceMarketOptions:InstanceInstanceMarketOptions", "description": "Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.\n" }, "instanceState": { "type": "string", "description": "State of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n", "language": { "csharp": { "name": "State" } } }, "instanceType": { "type": "string", "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "launchTemplate": { "$ref": "#/types/aws:ec2/InstanceLaunchTemplate:InstanceLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n" }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/InstanceMaintenanceOptions:InstanceMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string", "description": "ARN of the Outpost the instance is assigned to.\n" }, "passwordData": { "type": "string", "description": "Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true. Note that this encrypted value will be stored in the state file, as with all exported attributes. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n" }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n" }, "primaryNetworkInterfaceId": { "type": "string", "description": "ID of the instance's primary network interface.\n" }, "privateDns": { "type": "string", "description": "Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/InstancePrivateDnsNameOptions:InstancePrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n" }, "publicDns": { "type": "string", "description": "Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.\n" }, "publicIp": { "type": "string", "description": "Public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n" }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates." }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotInstanceRequestId": { "type": "string", "description": "If the request is a Spot Instance request, the ID of the request.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n" }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n" } }, "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "capacityReservationSpecification", "cpuCoreCount", "cpuOptions", "cpuThreadsPerCore", "disableApiStop", "disableApiTermination", "ebsBlockDevices", "ebsOptimized", "enclaveOptions", "ephemeralBlockDevices", "hostId", "hostResourceGroupArn", "iamInstanceProfile", "instanceInitiatedShutdownBehavior", "instanceLifecycle", "instanceMarketOptions", "instanceState", "instanceType", "ipv6AddressCount", "ipv6Addresses", "keyName", "maintenanceOptions", "metadataOptions", "monitoring", "networkInterfaces", "outpostArn", "passwordData", "placementGroup", "placementPartitionNumber", "primaryNetworkInterfaceId", "privateDns", "privateDnsNameOptions", "privateIp", "publicDns", "publicIp", "rootBlockDevice", "secondaryPrivateIps", "securityGroups", "spotInstanceRequestId", "subnetId", "tagsAll", "tenancy", "userData", "userDataBase64", "vpcSecurityGroupIds" ], "inputProperties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n", "willReplaceOnChanges": true }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n", "willReplaceOnChanges": true }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/InstanceCapacityReservationSpecification:InstanceCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "cpuOptions": { "$ref": "#/types/aws:ec2/InstanceCpuOptions:InstanceCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n", "willReplaceOnChanges": true }, "enclaveOptions": { "$ref": "#/types/aws:ec2/InstanceEnclaveOptions:InstanceEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n", "willReplaceOnChanges": true }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n", "willReplaceOnChanges": true }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/InstanceInstanceMarketOptions:InstanceInstanceMarketOptions", "description": "Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstanceType:InstanceType" } ], "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n", "willReplaceOnChanges": true }, "launchTemplate": { "$ref": "#/types/aws:ec2/InstanceLaunchTemplate:InstanceLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n", "willReplaceOnChanges": true }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/InstanceMaintenanceOptions:InstanceMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n", "willReplaceOnChanges": true }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n", "willReplaceOnChanges": true }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/InstancePrivateDnsNameOptions:InstancePrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n", "willReplaceOnChanges": true }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n", "willReplaceOnChanges": true }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n" }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates.", "willReplaceOnChanges": true }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tenancy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/Tenancy:Tenancy" } ], "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the instance.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n", "willReplaceOnChanges": true }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/InstanceCapacityReservationSpecification:InstanceCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "cpuOptions": { "$ref": "#/types/aws:ec2/InstanceCpuOptions:InstanceCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "creditSpecification": { "$ref": "#/types/aws:ec2/InstanceCreditSpecification:InstanceCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n", "willReplaceOnChanges": true }, "enclaveOptions": { "$ref": "#/types/aws:ec2/InstanceEnclaveOptions:InstanceEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n", "willReplaceOnChanges": true }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n", "willReplaceOnChanges": true }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n" }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceLifecycle": { "type": "string", "description": "Indicates whether this is a Spot Instance or a Scheduled Instance.\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/InstanceInstanceMarketOptions:InstanceInstanceMarketOptions", "description": "Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.\n", "willReplaceOnChanges": true }, "instanceState": { "type": "string", "description": "State of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n", "language": { "csharp": { "name": "State" } } }, "instanceType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/InstanceType:InstanceType" } ], "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n", "willReplaceOnChanges": true }, "launchTemplate": { "$ref": "#/types/aws:ec2/InstanceLaunchTemplate:InstanceLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n", "willReplaceOnChanges": true }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/InstanceMaintenanceOptions:InstanceMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/InstanceMetadataOptions:InstanceMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/InstanceNetworkInterface:InstanceNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string", "description": "ARN of the Outpost the instance is assigned to.\n" }, "passwordData": { "type": "string", "description": "Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true. Note that this encrypted value will be stored in the state file, as with all exported attributes. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n", "willReplaceOnChanges": true }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n", "willReplaceOnChanges": true }, "primaryNetworkInterfaceId": { "type": "string", "description": "ID of the instance's primary network interface.\n" }, "privateDns": { "type": "string", "description": "Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/InstancePrivateDnsNameOptions:InstancePrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n", "willReplaceOnChanges": true }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n", "willReplaceOnChanges": true }, "publicDns": { "type": "string", "description": "Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.\n" }, "publicIp": { "type": "string", "description": "Public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/InstanceRootBlockDevice:InstanceRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n" }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n", "deprecationMessage": "Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates.", "willReplaceOnChanges": true }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotInstanceRequestId": { "type": "string", "description": "If the request is a Spot Instance request, the ID of the request.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/Tenancy:Tenancy" } ], "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n" } }, "type": "object" } }, "aws:ec2/instanceMetadataDefaults:InstanceMetadataDefaults": { "description": "Manages regional EC2 instance metadata default settings.\nMore information can be found in the [Configure instance metadata options for new instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html) user guide.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst enforce_imdsv2 = new aws.ec2.InstanceMetadataDefaults(\"enforce-imdsv2\", {\n httpTokens: \"required\",\n httpPutResponseHopLimit: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nenforce_imdsv2 = aws.ec2.InstanceMetadataDefaults(\"enforce-imdsv2\",\n http_tokens=\"required\",\n http_put_response_hop_limit=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var enforce_imdsv2 = new Aws.Ec2.InstanceMetadataDefaults(\"enforce-imdsv2\", new()\n {\n HttpTokens = \"required\",\n HttpPutResponseHopLimit = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInstanceMetadataDefaults(ctx, \"enforce-imdsv2\", \u0026ec2.InstanceMetadataDefaultsArgs{\n\t\t\tHttpTokens: pulumi.String(\"required\"),\n\t\t\tHttpPutResponseHopLimit: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InstanceMetadataDefaults;\nimport com.pulumi.aws.ec2.InstanceMetadataDefaultsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var enforce_imdsv2 = new InstanceMetadataDefaults(\"enforce-imdsv2\", InstanceMetadataDefaultsArgs.builder()\n .httpTokens(\"required\")\n .httpPutResponseHopLimit(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n enforce-imdsv2:\n type: aws:ec2:InstanceMetadataDefaults\n properties:\n httpTokens: required\n httpPutResponseHopLimit: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`, or `-1` to indicate no preference. Default: `-1`.\n" }, "httpTokens": { "type": "string", "description": "Whether the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `\"optional\"`, `\"required\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" } }, "required": [ "httpEndpoint", "httpPutResponseHopLimit", "httpTokens", "instanceMetadataTags" ], "inputProperties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`, or `-1` to indicate no preference. Default: `-1`.\n" }, "httpTokens": { "type": "string", "description": "Whether the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `\"optional\"`, `\"required\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InstanceMetadataDefaults resources.\n", "properties": { "httpEndpoint": { "type": "string", "description": "Whether the metadata service is available. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "httpPutResponseHopLimit": { "type": "integer", "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`, or `-1` to indicate no preference. Default: `-1`.\n" }, "httpTokens": { "type": "string", "description": "Whether the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `\"optional\"`, `\"required\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" }, "instanceMetadataTags": { "type": "string", "description": "Enables or disables access to instance tags from the instance metadata service. Can be `\"enabled\"`, `\"disabled\"`, or `\"no-preference\"`. Default: `\"no-preference\"`.\n" } }, "type": "object" } }, "aws:ec2/internetGateway:InternetGateway": { "description": "Provides a resource to create a VPC Internet Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {\n vpcId: main.id,\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\",\n vpc_id=main[\"id\"],\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder()\n .vpcId(main.id())\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Internet Gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/internetGateway:InternetGateway gw igw-c0a643a9\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Internet Gateway.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the internet gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts = pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder()\n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in. See the aws.ec2.InternetGatewayAttachment resource for an alternate way to attach an Internet Gateway to a VPC.\n" } }, "required": [ "arn", "ownerId", "tagsAll", "vpcId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts = pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder()\n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in. See the aws.ec2.InternetGatewayAttachment resource for an alternate way to attach an Internet Gateway to a VPC.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InternetGateway resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Internet Gateway.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the internet gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts = pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder()\n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in. See the aws.ec2.InternetGatewayAttachment resource for an alternate way to attach an Internet Gateway to a VPC.\n" } }, "type": "object" } }, "aws:ec2/internetGatewayAttachment:InternetGatewayAttachment": { "description": "Provides a resource to create a VPC Internet Gateway Attachment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.1.0.0/16\"});\nconst exampleInternetGateway = new aws.ec2.InternetGateway(\"example\", {});\nconst example = new aws.ec2.InternetGatewayAttachment(\"example\", {\n internetGatewayId: exampleInternetGateway.id,\n vpcId: exampleVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.1.0.0/16\")\nexample_internet_gateway = aws.ec2.InternetGateway(\"example\")\nexample = aws.ec2.InternetGatewayAttachment(\"example\",\n internet_gateway_id=example_internet_gateway.id,\n vpc_id=example_vpc.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var exampleInternetGateway = new Aws.Ec2.InternetGateway(\"example\");\n\n var example = new Aws.Ec2.InternetGatewayAttachment(\"example\", new()\n {\n InternetGatewayId = exampleInternetGateway.Id,\n VpcId = exampleVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleInternetGateway, err := ec2.NewInternetGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInternetGatewayAttachment(ctx, \"example\", \u0026ec2.InternetGatewayAttachmentArgs{\n\t\t\tInternetGatewayId: exampleInternetGateway.ID(),\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayAttachment;\nimport com.pulumi.aws.ec2.InternetGatewayAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var exampleInternetGateway = new InternetGateway(\"exampleInternetGateway\");\n\n var example = new InternetGatewayAttachment(\"example\", InternetGatewayAttachmentArgs.builder()\n .internetGatewayId(exampleInternetGateway.id())\n .vpcId(exampleVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:InternetGatewayAttachment\n properties:\n internetGatewayId: ${exampleInternetGateway.id}\n vpcId: ${exampleVpc.id}\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.1.0.0/16\n exampleInternetGateway:\n type: aws:ec2:InternetGateway\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Internet Gateway Attachments using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/internetGatewayAttachment:InternetGatewayAttachment example igw-c0a643a9:vpc-123456\n```\n", "properties": { "internetGatewayId": { "type": "string", "description": "The ID of the internet gateway.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC.\n" } }, "required": [ "internetGatewayId", "vpcId" ], "inputProperties": { "internetGatewayId": { "type": "string", "description": "The ID of the internet gateway.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "internetGatewayId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InternetGatewayAttachment resources.\n", "properties": { "internetGatewayId": { "type": "string", "description": "The ID of the internet gateway.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/keyPair:KeyPair": { "description": "Provides an [EC2 key pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) resource. A key pair is used to control login access to EC2 instances.\n\nCurrently this resource requires an existing user-supplied key pair. This key pair's public key will be registered with AWS to allow logging-in to EC2 instances.\n\nWhen importing an existing key pair the public key material may be in any format supported by AWS. Supported formats (per the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws)) are:\n\n* OpenSSH public key format (the format in ~/.ssh/authorized_keys)\n* Base64 encoded DER format\n* SSH public key file format as specified in RFC4716\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst deployer = new aws.ec2.KeyPair(\"deployer\", {\n keyName: \"deployer-key\",\n publicKey: \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndeployer = aws.ec2.KeyPair(\"deployer\",\n key_name=\"deployer-key\",\n public_key=\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var deployer = new Aws.Ec2.KeyPair(\"deployer\", new()\n {\n KeyName = \"deployer-key\",\n PublicKey = \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewKeyPair(ctx, \"deployer\", \u0026ec2.KeyPairArgs{\n\t\t\tKeyName: pulumi.String(\"deployer-key\"),\n\t\t\tPublicKey: pulumi.String(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.KeyPair;\nimport com.pulumi.aws.ec2.KeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var deployer = new KeyPair(\"deployer\", KeyPairArgs.builder()\n .keyName(\"deployer-key\")\n .publicKey(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n deployer:\n type: aws:ec2:KeyPair\n properties:\n keyName: deployer-key\n publicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Key Pairs using the `key_name`. For example:\n\n```sh\n$ pulumi import aws:ec2/keyPair:KeyPair deployer deployer-key\n```\n~\u003e __NOTE:__ The AWS API does not include the public key in the response, so `pulumi up` will attempt to replace the key pair. There is currently no supported workaround for this limitation.\n\n", "properties": { "arn": { "type": "string", "description": "The key pair ARN.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "keyName": { "type": "string", "description": "The name for the key pair. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n" }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n" }, "keyPairId": { "type": "string", "description": "The key pair ID.\n" }, "keyType": { "type": "string", "description": "The type of key pair.\n" }, "publicKey": { "type": "string", "description": "The public key material.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "fingerprint", "keyName", "keyNamePrefix", "keyPairId", "keyType", "publicKey", "tagsAll" ], "inputProperties": { "keyName": { "type": "string", "description": "The name for the key pair. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n", "willReplaceOnChanges": true }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "The public key material.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "publicKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyPair resources.\n", "properties": { "arn": { "type": "string", "description": "The key pair ARN.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "keyName": { "type": "string", "description": "The name for the key pair. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n", "willReplaceOnChanges": true }, "keyNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `key_name`. If neither `key_name` nor `key_name_prefix` is provided, the provider will create a unique key name.\n", "willReplaceOnChanges": true }, "keyPairId": { "type": "string", "description": "The key pair ID.\n" }, "keyType": { "type": "string", "description": "The type of key pair.\n" }, "publicKey": { "type": "string", "description": "The public key material.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/launchConfiguration:LaunchConfiguration": { "description": "Provides a resource to create a new launch configuration, used for autoscaling groups.\n\n!\u003e **WARNING:** The use of launch configurations is discouraged in favor of launch templates. Read more in the [AWS EC2 Documentation](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html).\n\n\u003e **Note** When using `aws.ec2.LaunchConfiguration` with `aws.autoscaling.Group`, it is recommended to use the `name_prefix` (Optional) instead of the `name` (Optional) attribute.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = aws.ec2.getAmi({\n mostRecent: true,\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n owners: [\"099720109477\"],\n});\nconst asConf = new aws.ec2.LaunchConfiguration(\"as_conf\", {\n name: \"web_config\",\n imageId: ubuntu.then(ubuntu =\u003e ubuntu.id),\n instanceType: \"t2.micro\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_ami(most_recent=True,\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n owners=[\"099720109477\"])\nas_conf = aws.ec2.LaunchConfiguration(\"as_conf\",\n name=\"web_config\",\n image_id=ubuntu.id,\n instance_type=\"t2.micro\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ubuntu = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"virtualization-type\",\n Values = new[]\n {\n \"hvm\",\n },\n },\n },\n Owners = new[]\n {\n \"099720109477\",\n },\n });\n\n var asConf = new Aws.Ec2.LaunchConfiguration(\"as_conf\", new()\n {\n Name = \"web_config\",\n ImageId = ubuntu.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = \"t2.micro\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tubuntu, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewLaunchConfiguration(ctx, \"as_conf\", \u0026ec2.LaunchConfigurationArgs{\n\t\t\tName: pulumi.String(\"web_config\"),\n\t\t\tImageId: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.LaunchConfiguration;\nimport com.pulumi.aws.ec2.LaunchConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ubuntu = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"virtualization-type\")\n .values(\"hvm\")\n .build())\n .owners(\"099720109477\")\n .build());\n\n var asConf = new LaunchConfiguration(\"asConf\", LaunchConfigurationArgs.builder()\n .name(\"web_config\")\n .imageId(ubuntu.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t2.micro\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n asConf:\n type: aws:ec2:LaunchConfiguration\n name: as_conf\n properties:\n name: web_config\n imageId: ${ubuntu.id}\n instanceType: t2.micro\nvariables:\n ubuntu:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n filters:\n - name: name\n values:\n - ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*\n - name: virtualization-type\n values:\n - hvm\n owners:\n - '099720109477'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import launch configurations using the `name`. For example:\n\n```sh\n$ pulumi import aws:ec2/launchConfiguration:LaunchConfiguration as_conf pulumi-lg-123456\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the launch configuration.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the instance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n" }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details.\n" }, "iamInstanceProfile": { "type": "string", "description": "The name attribute of the IAM instance profile to associate with launched instances.\n" }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n" }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n\nThe following arguments are optional:\n" }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchConfigurationMetadataOptions:LaunchConfigurationMetadataOptions", "description": "The metadata options for the instance.\n" }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave this blank, this provider will auto-generate a unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are `default` or `dedicated`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html) for more details.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block device of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n" }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n" } }, "required": [ "arn", "ebsBlockDevices", "ebsOptimized", "imageId", "instanceType", "keyName", "metadataOptions", "name", "namePrefix", "rootBlockDevice" ], "inputProperties": { "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the instance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n", "willReplaceOnChanges": true }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details.\n", "willReplaceOnChanges": true }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The name attribute of the IAM instance profile to associate with launched instances.\n", "willReplaceOnChanges": true }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n", "willReplaceOnChanges": true }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchConfigurationMetadataOptions:LaunchConfigurationMetadataOptions", "description": "The metadata options for the instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave this blank, this provider will auto-generate a unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are `default` or `dedicated`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html) for more details.\n", "willReplaceOnChanges": true }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block device of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n", "willReplaceOnChanges": true }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n", "willReplaceOnChanges": true }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "imageId", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering LaunchConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the launch configuration.\n" }, "associatePublicIpAddress": { "type": "boolean", "description": "Associate a public ip address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEbsBlockDevice:LaunchConfigurationEbsBlockDevice" }, "description": "Additional EBS block devices to attach to the instance. See Block Devices below for details.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized.\n", "willReplaceOnChanges": true }, "enableMonitoring": { "type": "boolean", "description": "Enables/disables detailed monitoring. This is enabled by default.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchConfigurationEphemeralBlockDevice:LaunchConfigurationEphemeralBlockDevice" }, "description": "Customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details.\n", "willReplaceOnChanges": true }, "iamInstanceProfile": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/instanceProfile:InstanceProfile" } ], "description": "The name attribute of the IAM instance profile to associate with launched instances.\n", "willReplaceOnChanges": true }, "imageId": { "type": "string", "description": "The EC2 image ID to launch.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "The size of instance to launch.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "The key name that should be used for the instance.\n", "willReplaceOnChanges": true }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchConfigurationMetadataOptions:LaunchConfigurationMetadataOptions", "description": "The metadata options for the instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the launch configuration. If you leave this blank, this provider will auto-generate a unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "placementTenancy": { "type": "string", "description": "The tenancy of the instance. Valid values are `default` or `dedicated`, see [AWS's Create Launch Configuration](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html) for more details.\n", "willReplaceOnChanges": true }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/LaunchConfigurationRootBlockDevice:LaunchConfigurationRootBlockDevice", "description": "Customize details about the root block device of the instance. See Block Devices below for details.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of associated security group IDS.\n", "willReplaceOnChanges": true }, "spotPrice": { "type": "string", "description": "The maximum price to use for reserving spot instances.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead.\n", "willReplaceOnChanges": true }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/launchTemplate:LaunchTemplate": { "description": "Provides an EC2 launch template resource. Can be used to create instances or auto scaling groups.\n\n## Import\n\nUsing `pulumi import`, import Launch Templates using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/launchTemplate:LaunchTemplate web lt-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the launch template.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "Default Version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html).\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingDisableAPITermination.html)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "enclaveOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateEnclaveOptions:LaunchTemplateEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance or use a Systems Manager parameter convention e.g. `resolve:ssm:parameter-name`. See [docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id) for more details.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceRequirements": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirements:LaunchTemplateInstanceRequirements", "description": "The attribute requirements for the type of instance. If present then `instance_type` cannot be present.\n" }, "instanceType": { "type": "string", "description": "The type of the instance. If present then `instance_requirements` cannot be present.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "latestVersion": { "type": "integer", "description": "The latest version of the launch template.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMaintenanceOptions:LaunchTemplateMaintenanceOptions", "description": "The maintenance options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, the provider will auto-generate a unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/LaunchTemplatePrivateDnsNameOptions:LaunchTemplatePrivateDnsNameOptions", "description": "The options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details. Default tags are currently not propagated to ASG created resources so you may wish to inject your default tags into this variable against the relevant child resource types created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateDefaultVersion": { "type": "boolean", "description": "Whether to update Default Version each update. Conflicts with `default_version`.\n" }, "userData": { "type": "string", "description": "The base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with. Conflicts with `network_interfaces.security_groups`\n" } }, "required": [ "arn", "defaultVersion", "latestVersion", "metadataOptions", "name", "namePrefix", "tagsAll" ], "inputProperties": { "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "Default Version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html).\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingDisableAPITermination.html)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "enclaveOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateEnclaveOptions:LaunchTemplateEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance or use a Systems Manager parameter convention e.g. `resolve:ssm:parameter-name`. See [docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id) for more details.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceRequirements": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirements:LaunchTemplateInstanceRequirements", "description": "The attribute requirements for the type of instance. If present then `instance_type` cannot be present.\n" }, "instanceType": { "type": "string", "description": "The type of the instance. If present then `instance_requirements` cannot be present.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMaintenanceOptions:LaunchTemplateMaintenanceOptions", "description": "The maintenance options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, the provider will auto-generate a unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/LaunchTemplatePrivateDnsNameOptions:LaunchTemplatePrivateDnsNameOptions", "description": "The options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details. Default tags are currently not propagated to ASG created resources so you may wish to inject your default tags into this variable against the relevant child resource types created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "updateDefaultVersion": { "type": "boolean", "description": "Whether to update Default Version each update. Conflicts with `default_version`.\n" }, "userData": { "type": "string", "description": "The base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with. Conflicts with `network_interfaces.security_groups`\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LaunchTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the launch template.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateBlockDeviceMapping:LaunchTemplateBlockDeviceMapping" }, "description": "Specify volumes to attach to the instance besides the volumes specified by the AMI.\nSee Block Devices below for details.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCapacityReservationSpecification:LaunchTemplateCapacityReservationSpecification", "description": "Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.\n" }, "cpuOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateCpuOptions:LaunchTemplateCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "creditSpecification": { "$ref": "#/types/aws:ec2/LaunchTemplateCreditSpecification:LaunchTemplateCreditSpecification", "description": "Customize the credit specification of the instance. See Credit\nSpecification below for more details.\n" }, "defaultVersion": { "type": "integer", "description": "Default Version of the launch template.\n" }, "description": { "type": "string", "description": "Description of the launch template.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html).\n" }, "disableApiTermination": { "type": "boolean", "description": "If `true`, enables [EC2 Instance\nTermination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingDisableAPITermination.html)\n" }, "ebsOptimized": { "type": "string", "description": "If `true`, the launched EC2 instance will be EBS-optimized.\n" }, "elasticGpuSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticGpuSpecification:LaunchTemplateElasticGpuSpecification" }, "description": "The elastic GPU to attach to the instance. See Elastic GPU\nbelow for more details.\n" }, "elasticInferenceAccelerator": { "$ref": "#/types/aws:ec2/LaunchTemplateElasticInferenceAccelerator:LaunchTemplateElasticInferenceAccelerator", "description": "Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.\n" }, "enclaveOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateEnclaveOptions:LaunchTemplateEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "hibernationOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateHibernationOptions:LaunchTemplateHibernationOptions", "description": "The hibernation options for the instance. See Hibernation Options below for more details.\n" }, "iamInstanceProfile": { "$ref": "#/types/aws:ec2/LaunchTemplateIamInstanceProfile:LaunchTemplateIamInstanceProfile", "description": "The IAM Instance Profile to launch the instance with. See Instance Profile\nbelow for more details.\n" }, "imageId": { "type": "string", "description": "The AMI from which to launch the instance or use a Systems Manager parameter convention e.g. `resolve:ssm:parameter-name`. See [docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id) for more details.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Can be `stop` or `terminate`.\n(Default: `stop`).\n" }, "instanceMarketOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceMarketOptions:LaunchTemplateInstanceMarketOptions", "description": "The market (purchasing) option for the instance. See Market Options\nbelow for details.\n" }, "instanceRequirements": { "$ref": "#/types/aws:ec2/LaunchTemplateInstanceRequirements:LaunchTemplateInstanceRequirements", "description": "The attribute requirements for the type of instance. If present then `instance_type` cannot be present.\n" }, "instanceType": { "type": "string", "description": "The type of the instance. If present then `instance_requirements` cannot be present.\n" }, "kernelId": { "type": "string", "description": "The kernel ID.\n" }, "keyName": { "type": "string", "description": "The key name to use for the instance.\n" }, "latestVersion": { "type": "integer", "description": "The latest version of the launch template.\n" }, "licenseSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateLicenseSpecification:LaunchTemplateLicenseSpecification" }, "description": "A list of license specifications to associate with. See License Specification below for more details.\n" }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMaintenanceOptions:LaunchTemplateMaintenanceOptions", "description": "The maintenance options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/LaunchTemplateMetadataOptions:LaunchTemplateMetadataOptions", "description": "Customize the metadata options for the instance. See Metadata Options below for more details.\n" }, "monitoring": { "$ref": "#/types/aws:ec2/LaunchTemplateMonitoring:LaunchTemplateMonitoring", "description": "The monitoring option for the instance. See Monitoring below for more details.\n" }, "name": { "type": "string", "description": "The name of the launch template. If you leave this blank, the provider will auto-generate a unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateNetworkInterface:LaunchTemplateNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network\nInterfaces below for more details.\n" }, "placement": { "$ref": "#/types/aws:ec2/LaunchTemplatePlacement:LaunchTemplatePlacement", "description": "The placement of the instance. See Placement below for more details.\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/LaunchTemplatePrivateDnsNameOptions:LaunchTemplatePrivateDnsNameOptions", "description": "The options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n" }, "ramDiskId": { "type": "string", "description": "The ID of the RAM disk.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "A list of security group names to associate with. If you are creating Instances in a VPC, use\n`vpc_security_group_ids` instead.\n" }, "tagSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/LaunchTemplateTagSpecification:LaunchTemplateTagSpecification" }, "description": "The tags to apply to the resources during launch. See Tag Specifications below for more details. Default tags are currently not propagated to ASG created resources so you may wish to inject your default tags into this variable against the relevant child resource types created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the launch template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateDefaultVersion": { "type": "boolean", "description": "Whether to update Default Version each update. Conflicts with `default_version`.\n" }, "userData": { "type": "string", "description": "The base64-encoded user data to provide when launching the instance.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to associate with. Conflicts with `network_interfaces.security_groups`\n" } }, "type": "object" } }, "aws:ec2/localGatewayRoute:LocalGatewayRoute": { "description": "Manages an EC2 Local Gateway Route. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.LocalGatewayRoute(\"example\", {\n destinationCidrBlock: \"172.16.0.0/16\",\n localGatewayRouteTableId: exampleAwsEc2LocalGatewayRouteTable.id,\n localGatewayVirtualInterfaceGroupId: exampleAwsEc2LocalGatewayVirtualInterfaceGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.LocalGatewayRoute(\"example\",\n destination_cidr_block=\"172.16.0.0/16\",\n local_gateway_route_table_id=example_aws_ec2_local_gateway_route_table[\"id\"],\n local_gateway_virtual_interface_group_id=example_aws_ec2_local_gateway_virtual_interface_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.LocalGatewayRoute(\"example\", new()\n {\n DestinationCidrBlock = \"172.16.0.0/16\",\n LocalGatewayRouteTableId = exampleAwsEc2LocalGatewayRouteTable.Id,\n LocalGatewayVirtualInterfaceGroupId = exampleAwsEc2LocalGatewayVirtualInterfaceGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewLocalGatewayRoute(ctx, \"example\", \u0026ec2.LocalGatewayRouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"172.16.0.0/16\"),\n\t\t\tLocalGatewayRouteTableId: pulumi.Any(exampleAwsEc2LocalGatewayRouteTable.Id),\n\t\t\tLocalGatewayVirtualInterfaceGroupId: pulumi.Any(exampleAwsEc2LocalGatewayVirtualInterfaceGroup.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LocalGatewayRoute;\nimport com.pulumi.aws.ec2.LocalGatewayRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LocalGatewayRoute(\"example\", LocalGatewayRouteArgs.builder()\n .destinationCidrBlock(\"172.16.0.0/16\")\n .localGatewayRouteTableId(exampleAwsEc2LocalGatewayRouteTable.id())\n .localGatewayVirtualInterfaceGroupId(exampleAwsEc2LocalGatewayVirtualInterfaceGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:LocalGatewayRoute\n properties:\n destinationCidrBlock: 172.16.0.0/16\n localGatewayRouteTableId: ${exampleAwsEc2LocalGatewayRouteTable.id}\n localGatewayVirtualInterfaceGroupId: ${exampleAwsEc2LocalGatewayVirtualInterfaceGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_local_gateway_route` using the EC2 Local Gateway Route Table identifier and destination CIDR block separated by underscores (`_`). For example:\n\n```sh\n$ pulumi import aws:ec2/localGatewayRoute:LocalGatewayRoute example lgw-rtb-12345678_172.16.0.0/16\n```\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" } }, "required": [ "destinationCidrBlock", "localGatewayRouteTableId", "localGatewayVirtualInterfaceGroupId" ], "inputProperties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n", "willReplaceOnChanges": true }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n", "willReplaceOnChanges": true }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationCidrBlock", "localGatewayRouteTableId", "localGatewayVirtualInterfaceGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocalGatewayRoute resources.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "IPv4 CIDR range used for destination matches. Routing decisions are based on the most specific match.\n", "willReplaceOnChanges": true }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n", "willReplaceOnChanges": true }, "localGatewayVirtualInterfaceGroupId": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/localGatewayRouteTableVpcAssociation:LocalGatewayRouteTableVpcAssociation": { "description": "Manages an EC2 Local Gateway Route Table VPC Association. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-local-gateways.html#vpc-associations).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getLocalGatewayRouteTable({\n outpostArn: \"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleLocalGatewayRouteTableVpcAssociation = new aws.ec2.LocalGatewayRouteTableVpcAssociation(\"example\", {\n localGatewayRouteTableId: example.then(example =\u003e example.id),\n vpcId: exampleVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_local_gateway_route_table(outpost_arn=\"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\")\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_local_gateway_route_table_vpc_association = aws.ec2.LocalGatewayRouteTableVpcAssociation(\"example\",\n local_gateway_route_table_id=example.id,\n vpc_id=example_vpc.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetLocalGatewayRouteTable.Invoke(new()\n {\n OutpostArn = \"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\",\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleLocalGatewayRouteTableVpcAssociation = new Aws.Ec2.LocalGatewayRouteTableVpcAssociation(\"example\", new()\n {\n LocalGatewayRouteTableId = example.Apply(getLocalGatewayRouteTableResult =\u003e getLocalGatewayRouteTableResult.Id),\n VpcId = exampleVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetLocalGatewayRouteTable(ctx, \u0026ec2.GetLocalGatewayRouteTableArgs{\n\t\t\tOutpostArn: pulumi.StringRef(\"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewLocalGatewayRouteTableVpcAssociation(ctx, \"example\", \u0026ec2.LocalGatewayRouteTableVpcAssociationArgs{\n\t\t\tLocalGatewayRouteTableId: pulumi.String(example.Id),\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayRouteTableArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.LocalGatewayRouteTableVpcAssociation;\nimport com.pulumi.aws.ec2.LocalGatewayRouteTableVpcAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getLocalGatewayRouteTable(GetLocalGatewayRouteTableArgs.builder()\n .outpostArn(\"arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\")\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleLocalGatewayRouteTableVpcAssociation = new LocalGatewayRouteTableVpcAssociation(\"exampleLocalGatewayRouteTableVpcAssociation\", LocalGatewayRouteTableVpcAssociationArgs.builder()\n .localGatewayRouteTableId(example.applyValue(getLocalGatewayRouteTableResult -\u003e getLocalGatewayRouteTableResult.id()))\n .vpcId(exampleVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleLocalGatewayRouteTableVpcAssociation:\n type: aws:ec2:LocalGatewayRouteTableVpcAssociation\n name: example\n properties:\n localGatewayRouteTableId: ${example.id}\n vpcId: ${exampleVpc.id}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getLocalGatewayRouteTable\n Arguments:\n outpostArn: arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567890abcdef\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_local_gateway_route_table_vpc_association` using the Local Gateway Route Table VPC Association identifier. For example:\n\n```sh\n$ pulumi import aws:ec2/localGatewayRouteTableVpcAssociation:LocalGatewayRouteTableVpcAssociation example lgw-vpc-assoc-1234567890abcdef\n```\n", "properties": { "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n\nThe following arguments are optional:\n" } }, "required": [ "localGatewayId", "localGatewayRouteTableId", "tagsAll", "vpcId" ], "inputProperties": { "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "localGatewayRouteTableId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LocalGatewayRouteTableVpcAssociation resources.\n", "properties": { "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Local Gateway Route Table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/mainRouteTableAssociation:MainRouteTableAssociation": { "description": "Provides a resource for managing the main routing table of a VPC.\n\n\u003e **NOTE:** **Do not** use both `aws.ec2.DefaultRouteTable` to manage a default route table **and** `aws.ec2.MainRouteTableAssociation` with the same VPC due to possible route conflicts. See aws.ec2.DefaultRouteTable documentation for more details.\nFor more information, see the Amazon VPC User Guide on [Route Tables][aws-route-tables]. For information about managing normal route tables in Pulumi, see [`aws.ec2.RouteTable`][tf-route-tables].\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst a = new aws.ec2.MainRouteTableAssociation(\"a\", {\n vpcId: foo.id,\n routeTableId: bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na = aws.ec2.MainRouteTableAssociation(\"a\",\n vpc_id=foo[\"id\"],\n route_table_id=bar[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var a = new Aws.Ec2.MainRouteTableAssociation(\"a\", new()\n {\n VpcId = foo.Id,\n RouteTableId = bar.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewMainRouteTableAssociation(ctx, \"a\", \u0026ec2.MainRouteTableAssociationArgs{\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t\tRouteTableId: pulumi.Any(bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.MainRouteTableAssociation;\nimport com.pulumi.aws.ec2.MainRouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var a = new MainRouteTableAssociation(\"a\", MainRouteTableAssociationArgs.builder()\n .vpcId(foo.id())\n .routeTableId(bar.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n a:\n type: aws:ec2:MainRouteTableAssociation\n properties:\n vpcId: ${foo.id}\n routeTableId: ${bar.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Notes\n\nOn VPC creation, the AWS API always creates an initial Main Route Table. This\nresource records the ID of that Route Table under `original_route_table_id`.\nThe \"Delete\" action for a `main_route_table_association` consists of resetting\nthis original table as the Main Route Table for the VPC. You'll see this\nadditional Route Table in the AWS console; it must remain intact in order for\nthe `main_route_table_association` delete to work properly.\n", "properties": { "originalRouteTableId": { "type": "string", "description": "Used internally, see **Notes** below\n" }, "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "required": [ "originalRouteTableId", "routeTableId", "vpcId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "requiredInputs": [ "routeTableId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MainRouteTableAssociation resources.\n", "properties": { "originalRouteTableId": { "type": "string", "description": "Used internally, see **Notes** below\n" }, "routeTableId": { "type": "string", "description": "The ID of the Route Table to set as the new\nmain route table for the target VPC\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC whose main route table should be set\n" } }, "type": "object" } }, "aws:ec2/managedPrefixList:ManagedPrefixList": { "description": "Provides a managed prefix list resource.\n\n\u003e **NOTE on Managed Prefix Lists and Managed Prefix List Entries:** The provider\ncurrently provides both a standalone Managed Prefix List Entry resource (a single entry),\nand a Managed Prefix List resource with entries defined in-line. At this time you\ncannot use a Managed Prefix List with in-line rules in conjunction with any Managed\nPrefix List Entry resources. Doing so will cause a conflict of entries and will overwrite entries.\n\n\u003e **NOTE on `max_entries`:** When you reference a Prefix List in a resource,\nthe maximum number of entries for the prefix lists counts as the same number of rules\nor entries for the resource. For example, if you create a prefix list with a maximum\nof 20 entries and you reference that prefix list in a security group rule, this counts\nas 20 rules for the security group.\n\n## Example Usage\n\nBasic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.ManagedPrefixList(\"example\", {\n name: \"All VPC CIDR-s\",\n addressFamily: \"IPv4\",\n maxEntries: 5,\n entries: [\n {\n cidr: exampleAwsVpc.cidrBlock,\n description: \"Primary\",\n },\n {\n cidr: exampleAwsVpcIpv4CidrBlockAssociation.cidrBlock,\n description: \"Secondary\",\n },\n ],\n tags: {\n Env: \"live\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.ManagedPrefixList(\"example\",\n name=\"All VPC CIDR-s\",\n address_family=\"IPv4\",\n max_entries=5,\n entries=[\n {\n \"cidr\": example_aws_vpc[\"cidrBlock\"],\n \"description\": \"Primary\",\n },\n {\n \"cidr\": example_aws_vpc_ipv4_cidr_block_association[\"cidrBlock\"],\n \"description\": \"Secondary\",\n },\n ],\n tags={\n \"Env\": \"live\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.ManagedPrefixList(\"example\", new()\n {\n Name = \"All VPC CIDR-s\",\n AddressFamily = \"IPv4\",\n MaxEntries = 5,\n Entries = new[]\n {\n new Aws.Ec2.Inputs.ManagedPrefixListEntryArgs\n {\n Cidr = exampleAwsVpc.CidrBlock,\n Description = \"Primary\",\n },\n new Aws.Ec2.Inputs.ManagedPrefixListEntryArgs\n {\n Cidr = exampleAwsVpcIpv4CidrBlockAssociation.CidrBlock,\n Description = \"Secondary\",\n },\n },\n Tags = \n {\n { \"Env\", \"live\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewManagedPrefixList(ctx, \"example\", \u0026ec2.ManagedPrefixListArgs{\n\t\t\tName: pulumi.String(\"All VPC CIDR-s\"),\n\t\t\tAddressFamily: pulumi.String(\"IPv4\"),\n\t\t\tMaxEntries: pulumi.Int(5),\n\t\t\tEntries: ec2.ManagedPrefixListEntryTypeArray{\n\t\t\t\t\u0026ec2.ManagedPrefixListEntryTypeArgs{\n\t\t\t\t\tCidr: pulumi.Any(exampleAwsVpc.CidrBlock),\n\t\t\t\t\tDescription: pulumi.String(\"Primary\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.ManagedPrefixListEntryTypeArgs{\n\t\t\t\t\tCidr: pulumi.Any(exampleAwsVpcIpv4CidrBlockAssociation.CidrBlock),\n\t\t\t\t\tDescription: pulumi.String(\"Secondary\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"live\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.ManagedPrefixList;\nimport com.pulumi.aws.ec2.ManagedPrefixListArgs;\nimport com.pulumi.aws.ec2.inputs.ManagedPrefixListEntryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ManagedPrefixList(\"example\", ManagedPrefixListArgs.builder()\n .name(\"All VPC CIDR-s\")\n .addressFamily(\"IPv4\")\n .maxEntries(5)\n .entries( \n ManagedPrefixListEntryArgs.builder()\n .cidr(exampleAwsVpc.cidrBlock())\n .description(\"Primary\")\n .build(),\n ManagedPrefixListEntryArgs.builder()\n .cidr(exampleAwsVpcIpv4CidrBlockAssociation.cidrBlock())\n .description(\"Secondary\")\n .build())\n .tags(Map.of(\"Env\", \"live\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:ManagedPrefixList\n properties:\n name: All VPC CIDR-s\n addressFamily: IPv4\n maxEntries: 5\n entries:\n - cidr: ${exampleAwsVpc.cidrBlock}\n description: Primary\n - cidr: ${exampleAwsVpcIpv4CidrBlockAssociation.cidrBlock}\n description: Secondary\n tags:\n Env: live\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Prefix Lists using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/managedPrefixList:ManagedPrefixList default pl-0570a1d2d725c16be\n```\n", "properties": { "addressFamily": { "type": "string", "description": "Address family (`IPv4` or `IPv6`) of this prefix list.\n" }, "arn": { "type": "string", "description": "ARN of the prefix list.\n" }, "entries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/ManagedPrefixListEntry:ManagedPrefixListEntry" }, "description": "Configuration block for prefix list entry. Detailed below. Different entries may have overlapping CIDR blocks, but a particular CIDR should not be duplicated.\n" }, "maxEntries": { "type": "integer", "description": "Maximum number of entries that this prefix list can contain.\n" }, "name": { "type": "string", "description": "Name of this resource. The name must not start with `com.amazonaws`.\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns this prefix list.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "Latest version of this prefix list.\n" } }, "required": [ "addressFamily", "arn", "entries", "maxEntries", "name", "ownerId", "tagsAll", "version" ], "inputProperties": { "addressFamily": { "type": "string", "description": "Address family (`IPv4` or `IPv6`) of this prefix list.\n", "willReplaceOnChanges": true }, "entries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/ManagedPrefixListEntry:ManagedPrefixListEntry" }, "description": "Configuration block for prefix list entry. Detailed below. Different entries may have overlapping CIDR blocks, but a particular CIDR should not be duplicated.\n" }, "maxEntries": { "type": "integer", "description": "Maximum number of entries that this prefix list can contain.\n" }, "name": { "type": "string", "description": "Name of this resource. The name must not start with `com.amazonaws`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "addressFamily", "maxEntries" ], "stateInputs": { "description": "Input properties used for looking up and filtering ManagedPrefixList resources.\n", "properties": { "addressFamily": { "type": "string", "description": "Address family (`IPv4` or `IPv6`) of this prefix list.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the prefix list.\n" }, "entries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/ManagedPrefixListEntry:ManagedPrefixListEntry" }, "description": "Configuration block for prefix list entry. Detailed below. Different entries may have overlapping CIDR blocks, but a particular CIDR should not be duplicated.\n" }, "maxEntries": { "type": "integer", "description": "Maximum number of entries that this prefix list can contain.\n" }, "name": { "type": "string", "description": "Name of this resource. The name must not start with `com.amazonaws`.\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns this prefix list.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "Latest version of this prefix list.\n" } }, "type": "object" } }, "aws:ec2/managedPrefixListEntry:ManagedPrefixListEntry": { "description": "Use the `aws_prefix_list_entry` resource to manage a managed prefix list entry.\n\n\u003e **NOTE:** Pulumi currently provides two resources for managing Managed Prefix Lists and Managed Prefix List Entries. The standalone resource, Managed Prefix List Entry, is used to manage a single entry. The Managed Prefix List resource is used to manage multiple entries defined in-line. It is important to note that you cannot use a Managed Prefix List with in-line rules in conjunction with any Managed Prefix List Entry resources. This will result in a conflict of entries and will cause the entries to be overwritten.\n\n\u003e **NOTE:** To improve execution times on larger updates, it is recommended to use the inline `entry` block as part of the Managed Prefix List resource when creating a prefix list with more than 100 entries. You can find more information about the resource here.\n\n## Example Usage\n\nBasic usage.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.ManagedPrefixList(\"example\", {\n name: \"All VPC CIDR-s\",\n addressFamily: \"IPv4\",\n maxEntries: 5,\n tags: {\n Env: \"live\",\n },\n});\nconst entry1 = new aws.ec2.ManagedPrefixListEntry(\"entry_1\", {\n cidr: exampleAwsVpc.cidrBlock,\n description: \"Primary\",\n prefixListId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.ManagedPrefixList(\"example\",\n name=\"All VPC CIDR-s\",\n address_family=\"IPv4\",\n max_entries=5,\n tags={\n \"Env\": \"live\",\n })\nentry1 = aws.ec2.ManagedPrefixListEntry(\"entry_1\",\n cidr=example_aws_vpc[\"cidrBlock\"],\n description=\"Primary\",\n prefix_list_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.ManagedPrefixList(\"example\", new()\n {\n Name = \"All VPC CIDR-s\",\n AddressFamily = \"IPv4\",\n MaxEntries = 5,\n Tags = \n {\n { \"Env\", \"live\" },\n },\n });\n\n var entry1 = new Aws.Ec2.ManagedPrefixListEntry(\"entry_1\", new()\n {\n Cidr = exampleAwsVpc.CidrBlock,\n Description = \"Primary\",\n PrefixListId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewManagedPrefixList(ctx, \"example\", \u0026ec2.ManagedPrefixListArgs{\n\t\t\tName: pulumi.String(\"All VPC CIDR-s\"),\n\t\t\tAddressFamily: pulumi.String(\"IPv4\"),\n\t\t\tMaxEntries: pulumi.Int(5),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"live\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewManagedPrefixListEntry(ctx, \"entry_1\", \u0026ec2.ManagedPrefixListEntryArgs{\n\t\t\tCidr: pulumi.Any(exampleAwsVpc.CidrBlock),\n\t\t\tDescription: pulumi.String(\"Primary\"),\n\t\t\tPrefixListId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.ManagedPrefixList;\nimport com.pulumi.aws.ec2.ManagedPrefixListArgs;\nimport com.pulumi.aws.ec2.ManagedPrefixListEntry;\nimport com.pulumi.aws.ec2.ManagedPrefixListEntryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ManagedPrefixList(\"example\", ManagedPrefixListArgs.builder()\n .name(\"All VPC CIDR-s\")\n .addressFamily(\"IPv4\")\n .maxEntries(5)\n .tags(Map.of(\"Env\", \"live\"))\n .build());\n\n var entry1 = new ManagedPrefixListEntry(\"entry1\", ManagedPrefixListEntryArgs.builder()\n .cidr(exampleAwsVpc.cidrBlock())\n .description(\"Primary\")\n .prefixListId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:ManagedPrefixList\n properties:\n name: All VPC CIDR-s\n addressFamily: IPv4\n maxEntries: 5\n tags:\n Env: live\n entry1:\n type: aws:ec2:ManagedPrefixListEntry\n name: entry_1\n properties:\n cidr: ${exampleAwsVpc.cidrBlock}\n description: Primary\n prefixListId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import prefix list entries using `prefix_list_id` and `cidr` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ec2/managedPrefixListEntry:ManagedPrefixListEntry default pl-0570a1d2d725c16be,10.0.3.0/24\n```\n", "properties": { "cidr": { "type": "string", "description": "CIDR block of this entry.\n" }, "description": { "type": "string", "description": "Description of this entry. Please note that due to API limitations, updating only the description of an entry will require recreating the entry.\n" }, "prefixListId": { "type": "string", "description": "The ID of the prefix list.\n" } }, "required": [ "cidr", "prefixListId" ], "inputProperties": { "cidr": { "type": "string", "description": "CIDR block of this entry.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of this entry. Please note that due to API limitations, updating only the description of an entry will require recreating the entry.\n", "willReplaceOnChanges": true }, "prefixListId": { "type": "string", "description": "The ID of the prefix list.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cidr", "prefixListId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ManagedPrefixListEntry resources.\n", "properties": { "cidr": { "type": "string", "description": "CIDR block of this entry.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of this entry. Please note that due to API limitations, updating only the description of an entry will require recreating the entry.\n", "willReplaceOnChanges": true }, "prefixListId": { "type": "string", "description": "The ID of the prefix list.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/natGateway:NatGateway": { "description": "Provides a resource to create a VPC NAT Gateway.\n\n## Example Usage\n\n### Public NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n tags: {\n Name: \"gw NAT\",\n },\n}, {\n dependsOn: [exampleAwsInternetGateway],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_internet_gateway]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsInternetGateway,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"gw NAT\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsInternetGateway,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder()\n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .tags(Map.of(\"Name\", \"gw NAT\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsInternetGateway)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n tags:\n Name: gw NAT\n options:\n dependson:\n - ${exampleAwsInternetGateway}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n secondaryAllocationIds: [secondary.id],\n secondaryPrivateIpAddresses: [\"10.0.1.5\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n secondary_allocation_ids=[secondary[\"id\"]],\n secondary_private_ip_addresses=[\"10.0.1.5\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n SecondaryAllocationIds = new[]\n {\n secondary.Id,\n },\n SecondaryPrivateIpAddresses = new[]\n {\n \"10.0.1.5\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryAllocationIds: pulumi.StringArray{\n\t\t\t\tsecondary.Id,\n\t\t\t},\n\t\t\tSecondaryPrivateIpAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.1.5\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder()\n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .secondaryAllocationIds(secondary.id())\n .secondaryPrivateIpAddresses(\"10.0.1.5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n secondaryAllocationIds:\n - ${secondary.id}\n secondaryPrivateIpAddresses:\n - 10.0.1.5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder()\n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n secondaryPrivateIpAddressCount: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"],\n secondary_private_ip_address_count=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n SecondaryPrivateIpAddressCount = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryPrivateIpAddressCount: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder()\n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .secondaryPrivateIpAddressCount(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n secondaryPrivateIpAddressCount: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import NAT Gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/natGateway:NatGateway private_gw nat-05dba92075d71c408\n```\n", "properties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the NAT Gateway. Required for `connectivity_type` of `public`.\n" }, "associationId": { "type": "string", "description": "The association ID of the Elastic IP address that's associated with the NAT Gateway. Only available when `connectivity_type` is `public`.\n" }, "connectivityType": { "type": "string", "description": "Connectivity type for the NAT Gateway. Valid values are `private` and `public`. Defaults to `public`.\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface associated with the NAT Gateway.\n" }, "privateIp": { "type": "string", "description": "The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.\n" }, "publicIp": { "type": "string", "description": "The Elastic IP address associated with the NAT Gateway.\n" }, "secondaryAllocationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary allocation EIP IDs for this NAT Gateway.\n" }, "secondaryPrivateIpAddressCount": { "type": "integer", "description": "[Private NAT Gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.\n" }, "secondaryPrivateIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary private IPv4 addresses to assign to the NAT Gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the NAT Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "associationId", "networkInterfaceId", "privateIp", "publicIp", "secondaryPrivateIpAddressCount", "secondaryPrivateIpAddresses", "subnetId", "tagsAll" ], "inputProperties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the NAT Gateway. Required for `connectivity_type` of `public`.\n", "willReplaceOnChanges": true }, "connectivityType": { "type": "string", "description": "Connectivity type for the NAT Gateway. Valid values are `private` and `public`. Defaults to `public`.\n", "willReplaceOnChanges": true }, "privateIp": { "type": "string", "description": "The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.\n", "willReplaceOnChanges": true }, "secondaryAllocationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary allocation EIP IDs for this NAT Gateway.\n" }, "secondaryPrivateIpAddressCount": { "type": "integer", "description": "[Private NAT Gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.\n", "willReplaceOnChanges": true }, "secondaryPrivateIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary private IPv4 addresses to assign to the NAT Gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the NAT Gateway.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NatGateway resources.\n", "properties": { "allocationId": { "type": "string", "description": "The Allocation ID of the Elastic IP address for the NAT Gateway. Required for `connectivity_type` of `public`.\n", "willReplaceOnChanges": true }, "associationId": { "type": "string", "description": "The association ID of the Elastic IP address that's associated with the NAT Gateway. Only available when `connectivity_type` is `public`.\n" }, "connectivityType": { "type": "string", "description": "Connectivity type for the NAT Gateway. Valid values are `private` and `public`. Defaults to `public`.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface associated with the NAT Gateway.\n" }, "privateIp": { "type": "string", "description": "The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.\n", "willReplaceOnChanges": true }, "publicIp": { "type": "string", "description": "The Elastic IP address associated with the NAT Gateway.\n" }, "secondaryAllocationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary allocation EIP IDs for this NAT Gateway.\n" }, "secondaryPrivateIpAddressCount": { "type": "integer", "description": "[Private NAT Gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.\n", "willReplaceOnChanges": true }, "secondaryPrivateIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "A list of secondary private IPv4 addresses to assign to the NAT Gateway.\n" }, "subnetId": { "type": "string", "description": "The Subnet ID of the subnet in which to place the NAT Gateway.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/networkAcl:NetworkAcl": { "description": "Provides an network ACL resource. You might set up network ACLs with rules similar\nto your security groups in order to add an additional layer of security to your VPC.\n\n\u003e **NOTE on Network ACLs and Network ACL Rules:** This provider currently\nprovides both a standalone Network ACL Rule resource and a Network ACL resource with rules\ndefined in-line. At this time you cannot use a Network ACL with in-line rules\nin conjunction with any Network ACL Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE on Network ACLs and Network ACL Associations:** the provider provides both a standalone network ACL association\nresource and a network ACL resource with a `subnet_ids` attribute. Do not use the same subnet ID in both a network ACL\nresource and a network ACL association resource. Doing so will cause a conflict of associations and will overwrite the association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.NetworkAcl(\"main\", {\n vpcId: mainAwsVpc.id,\n egress: [{\n protocol: \"tcp\",\n ruleNo: 200,\n action: \"allow\",\n cidrBlock: \"10.3.0.0/18\",\n fromPort: 443,\n toPort: 443,\n }],\n ingress: [{\n protocol: \"tcp\",\n ruleNo: 100,\n action: \"allow\",\n cidrBlock: \"10.3.0.0/18\",\n fromPort: 80,\n toPort: 80,\n }],\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.NetworkAcl(\"main\",\n vpc_id=main_aws_vpc[\"id\"],\n egress=[{\n \"protocol\": \"tcp\",\n \"rule_no\": 200,\n \"action\": \"allow\",\n \"cidr_block\": \"10.3.0.0/18\",\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n ingress=[{\n \"protocol\": \"tcp\",\n \"rule_no\": 100,\n \"action\": \"allow\",\n \"cidr_block\": \"10.3.0.0/18\",\n \"from_port\": 80,\n \"to_port\": 80,\n }],\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.NetworkAcl(\"main\", new()\n {\n VpcId = mainAwsVpc.Id,\n Egress = new[]\n {\n new Aws.Ec2.Inputs.NetworkAclEgressArgs\n {\n Protocol = \"tcp\",\n RuleNo = 200,\n Action = \"allow\",\n CidrBlock = \"10.3.0.0/18\",\n FromPort = 443,\n ToPort = 443,\n },\n },\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.NetworkAclIngressArgs\n {\n Protocol = \"tcp\",\n RuleNo = 100,\n Action = \"allow\",\n CidrBlock = \"10.3.0.0/18\",\n FromPort = 80,\n ToPort = 80,\n },\n },\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkAcl(ctx, \"main\", \u0026ec2.NetworkAclArgs{\n\t\t\tVpcId: pulumi.Any(mainAwsVpc.Id),\n\t\t\tEgress: ec2.NetworkAclEgressArray{\n\t\t\t\t\u0026ec2.NetworkAclEgressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tRuleNo: pulumi.Int(200),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.3.0.0/18\"),\n\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIngress: ec2.NetworkAclIngressArray{\n\t\t\t\t\u0026ec2.NetworkAclIngressArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tRuleNo: pulumi.Int(100),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.3.0.0/18\"),\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkAcl;\nimport com.pulumi.aws.ec2.NetworkAclArgs;\nimport com.pulumi.aws.ec2.inputs.NetworkAclEgressArgs;\nimport com.pulumi.aws.ec2.inputs.NetworkAclIngressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new NetworkAcl(\"main\", NetworkAclArgs.builder()\n .vpcId(mainAwsVpc.id())\n .egress(NetworkAclEgressArgs.builder()\n .protocol(\"tcp\")\n .ruleNo(200)\n .action(\"allow\")\n .cidrBlock(\"10.3.0.0/18\")\n .fromPort(443)\n .toPort(443)\n .build())\n .ingress(NetworkAclIngressArgs.builder()\n .protocol(\"tcp\")\n .ruleNo(100)\n .action(\"allow\")\n .cidrBlock(\"10.3.0.0/18\")\n .fromPort(80)\n .toPort(80)\n .build())\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:NetworkAcl\n properties:\n vpcId: ${mainAwsVpc.id}\n egress:\n - protocol: tcp\n ruleNo: 200\n action: allow\n cidrBlock: 10.3.0.0/18\n fromPort: 443\n toPort: 443\n ingress:\n - protocol: tcp\n ruleNo: 100\n action: allow\n cidrBlock: 10.3.0.0/18\n fromPort: 80\n toPort: 80\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network ACLs using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/networkAcl:NetworkAcl main acl-7aaabd18\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the network ACL\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the network ACL.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n" } }, "required": [ "arn", "egress", "ingress", "ownerId", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAcl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the network ACL\n" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclEgress:NetworkAclEgress" }, "description": "Specifies an egress rule. Parameters defined below.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkAclIngress:NetworkAclIngress" }, "description": "Specifies an ingress rule. Parameters defined below.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the network ACL.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Subnet IDs to apply the ACL to\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the associated VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/networkAclAssociation:NetworkAclAssociation": { "description": "Provides an network ACL association resource which allows you to associate your network ACL with any subnet(s).\n\n\u003e **NOTE on Network ACLs and Network ACL Associations:** the provider provides both a standalone network ACL association resource\nand a network ACL resource with a `subnet_ids` attribute. Do not use the same subnet ID in both a network ACL\nresource and a network ACL association resource. Doing so will cause a conflict of associations and will overwrite the association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.NetworkAclAssociation(\"main\", {\n networkAclId: mainAwsNetworkAcl.id,\n subnetId: mainAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.NetworkAclAssociation(\"main\",\n network_acl_id=main_aws_network_acl[\"id\"],\n subnet_id=main_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.NetworkAclAssociation(\"main\", new()\n {\n NetworkAclId = mainAwsNetworkAcl.Id,\n SubnetId = mainAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkAclAssociation(ctx, \"main\", \u0026ec2.NetworkAclAssociationArgs{\n\t\t\tNetworkAclId: pulumi.Any(mainAwsNetworkAcl.Id),\n\t\t\tSubnetId: pulumi.Any(mainAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkAclAssociation;\nimport com.pulumi.aws.ec2.NetworkAclAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new NetworkAclAssociation(\"main\", NetworkAclAssociationArgs.builder()\n .networkAclId(mainAwsNetworkAcl.id())\n .subnetId(mainAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:NetworkAclAssociation\n properties:\n networkAclId: ${mainAwsNetworkAcl.id}\n subnetId: ${mainAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network ACL associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/networkAclAssociation:NetworkAclAssociation main aclassoc-02baf37f20966b3e6\n```\n", "properties": { "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n" }, "subnetId": { "type": "string", "description": "The ID of the associated Subnet.\n" } }, "required": [ "networkAclId", "subnetId" ], "inputProperties": { "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the associated Subnet.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "networkAclId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAclAssociation resources.\n", "properties": { "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the associated Subnet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/networkAclRule:NetworkAclRule": { "description": "Creates an entry (a rule) in a network ACL with the specified rule number.\n\n\u003e **NOTE on Network ACLs and Network ACL Rules:** This provider currently\nprovides both a standalone Network ACL Rule resource and a Network ACL resource with rules\ndefined in-line. At this time you cannot use a Network ACL with in-line rules\nin conjunction with any Network ACL Rule resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.ec2.NetworkAcl(\"bar\", {vpcId: foo.id});\nconst barNetworkAclRule = new aws.ec2.NetworkAclRule(\"bar\", {\n networkAclId: bar.id,\n ruleNumber: 200,\n egress: false,\n protocol: \"tcp\",\n ruleAction: \"allow\",\n cidrBlock: foo.cidrBlock,\n fromPort: 22,\n toPort: 22,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ec2.NetworkAcl(\"bar\", vpc_id=foo[\"id\"])\nbar_network_acl_rule = aws.ec2.NetworkAclRule(\"bar\",\n network_acl_id=bar.id,\n rule_number=200,\n egress=False,\n protocol=\"tcp\",\n rule_action=\"allow\",\n cidr_block=foo[\"cidrBlock\"],\n from_port=22,\n to_port=22)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Ec2.NetworkAcl(\"bar\", new()\n {\n VpcId = foo.Id,\n });\n\n var barNetworkAclRule = new Aws.Ec2.NetworkAclRule(\"bar\", new()\n {\n NetworkAclId = bar.Id,\n RuleNumber = 200,\n Egress = false,\n Protocol = \"tcp\",\n RuleAction = \"allow\",\n CidrBlock = foo.CidrBlock,\n FromPort = 22,\n ToPort = 22,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := ec2.NewNetworkAcl(ctx, \"bar\", \u0026ec2.NetworkAclArgs{\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkAclRule(ctx, \"bar\", \u0026ec2.NetworkAclRuleArgs{\n\t\t\tNetworkAclId: bar.ID(),\n\t\t\tRuleNumber: pulumi.Int(200),\n\t\t\tEgress: pulumi.Bool(false),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\tRuleAction: pulumi.String(\"allow\"),\n\t\t\tCidrBlock: pulumi.Any(foo.CidrBlock),\n\t\t\tFromPort: pulumi.Int(22),\n\t\t\tToPort: pulumi.Int(22),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkAcl;\nimport com.pulumi.aws.ec2.NetworkAclArgs;\nimport com.pulumi.aws.ec2.NetworkAclRule;\nimport com.pulumi.aws.ec2.NetworkAclRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new NetworkAcl(\"bar\", NetworkAclArgs.builder()\n .vpcId(foo.id())\n .build());\n\n var barNetworkAclRule = new NetworkAclRule(\"barNetworkAclRule\", NetworkAclRuleArgs.builder()\n .networkAclId(bar.id())\n .ruleNumber(200)\n .egress(false)\n .protocol(\"tcp\")\n .ruleAction(\"allow\")\n .cidrBlock(foo.cidrBlock())\n .fromPort(22)\n .toPort(22)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:ec2:NetworkAcl\n properties:\n vpcId: ${foo.id}\n barNetworkAclRule:\n type: aws:ec2:NetworkAclRule\n name: bar\n properties:\n networkAclId: ${bar.id}\n ruleNumber: 200\n egress: false\n protocol: tcp\n ruleAction: allow\n cidrBlock: ${foo.cidrBlock}\n fromPort: 22\n toPort: 22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** One of either `cidr_block` or `ipv6_cidr_block` is required.\n\n## Import\n\nUsing the procotol's decimal value:\n\n__Using `pulumi import` to import__ individual rules using `NETWORK_ACL_ID:RULE_NUMBER:PROTOCOL:EGRESS`, where `PROTOCOL` can be a decimal (such as \"6\") or string (such as \"tcp\") value. For example:\n\nUsing the procotol's string value:\n\n```sh\n$ pulumi import aws:ec2/networkAclRule:NetworkAclRule my_rule acl-7aaabd18:100:tcp:false\n```\nUsing the procotol's decimal value:\n\n```sh\n$ pulumi import aws:ec2/networkAclRule:NetworkAclRule my_rule acl-7aaabd18:100:6:false\n```\n", "properties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n" }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n" }, "fromPort": { "type": "integer", "description": "The from port to match.\n" }, "icmpCode": { "type": "integer", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocolE.g., -1\n\n\u003e **NOTE:** If the value of `protocol` is `-1` or `all`, the `from_port` and `to_port` values will be ignored and the rule will apply to all ports.\n\n\u003e **NOTE:** If the value of `icmp_type` is `-1` (which results in a wildcard ICMP type), the `icmp_code` must also be set to `-1` (wildcard ICMP code).\n\n\u003e Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml\n" }, "icmpType": { "type": "integer", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocolE.g., -1\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n" }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n" }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n" }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n" }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n" }, "toPort": { "type": "integer", "description": "The to port to match.\n" } }, "required": [ "networkAclId", "protocol", "ruleAction", "ruleNumber" ], "inputProperties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n", "willReplaceOnChanges": true }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n", "willReplaceOnChanges": true }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "willReplaceOnChanges": true }, "icmpCode": { "type": "integer", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocolE.g., -1\n\n\u003e **NOTE:** If the value of `protocol` is `-1` or `all`, the `from_port` and `to_port` values will be ignored and the rule will apply to all ports.\n\n\u003e **NOTE:** If the value of `icmp_type` is `-1` (which results in a wildcard ICMP type), the `icmp_code` must also be set to `-1` (wildcard ICMP code).\n\n\u003e Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml\n", "willReplaceOnChanges": true }, "icmpType": { "type": "integer", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocolE.g., -1\n", "willReplaceOnChanges": true }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n", "willReplaceOnChanges": true }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n", "willReplaceOnChanges": true }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n", "willReplaceOnChanges": true }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n", "willReplaceOnChanges": true }, "toPort": { "type": "integer", "description": "The to port to match.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "networkAclId", "protocol", "ruleAction", "ruleNumber" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAclRule resources.\n", "properties": { "cidrBlock": { "type": "string", "description": "The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).\n", "willReplaceOnChanges": true }, "egress": { "type": "boolean", "description": "Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.\n", "willReplaceOnChanges": true }, "fromPort": { "type": "integer", "description": "The from port to match.\n", "willReplaceOnChanges": true }, "icmpCode": { "type": "integer", "description": "ICMP protocol: The ICMP code. Required if specifying ICMP for the protocolE.g., -1\n\n\u003e **NOTE:** If the value of `protocol` is `-1` or `all`, the `from_port` and `to_port` values will be ignored and the rule will apply to all ports.\n\n\u003e **NOTE:** If the value of `icmp_type` is `-1` (which results in a wildcard ICMP type), the `icmp_code` must also be set to `-1` (wildcard ICMP code).\n\n\u003e Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml\n", "willReplaceOnChanges": true }, "icmpType": { "type": "integer", "description": "ICMP protocol: The ICMP type. Required if specifying ICMP for the protocolE.g., -1\n", "willReplaceOnChanges": true }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block to allow or deny.\n", "willReplaceOnChanges": true }, "networkAclId": { "type": "string", "description": "The ID of the network ACL.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "The protocol. A value of -1 means all protocols.\n", "willReplaceOnChanges": true }, "ruleAction": { "type": "string", "description": "Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`\n", "willReplaceOnChanges": true }, "ruleNumber": { "type": "integer", "description": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.\n", "willReplaceOnChanges": true }, "toPort": { "type": "integer", "description": "The to port to match.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/networkInsightsAnalysis:NetworkInsightsAnalysis": { "description": "Provides a Network Insights Analysis resource. Part of the \"Reachability Analyzer\" service in the AWS VPC console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst path = new aws.ec2.NetworkInsightsPath(\"path\", {\n source: source.id,\n destination: destination.id,\n protocol: \"tcp\",\n});\nconst analysis = new aws.ec2.NetworkInsightsAnalysis(\"analysis\", {networkInsightsPathId: path.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npath = aws.ec2.NetworkInsightsPath(\"path\",\n source=source[\"id\"],\n destination=destination[\"id\"],\n protocol=\"tcp\")\nanalysis = aws.ec2.NetworkInsightsAnalysis(\"analysis\", network_insights_path_id=path.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var path = new Aws.Ec2.NetworkInsightsPath(\"path\", new()\n {\n Source = source.Id,\n Destination = destination.Id,\n Protocol = \"tcp\",\n });\n\n var analysis = new Aws.Ec2.NetworkInsightsAnalysis(\"analysis\", new()\n {\n NetworkInsightsPathId = path.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpath, err := ec2.NewNetworkInsightsPath(ctx, \"path\", \u0026ec2.NetworkInsightsPathArgs{\n\t\t\tSource: pulumi.Any(source.Id),\n\t\t\tDestination: pulumi.Any(destination.Id),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkInsightsAnalysis(ctx, \"analysis\", \u0026ec2.NetworkInsightsAnalysisArgs{\n\t\t\tNetworkInsightsPathId: path.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInsightsPath;\nimport com.pulumi.aws.ec2.NetworkInsightsPathArgs;\nimport com.pulumi.aws.ec2.NetworkInsightsAnalysis;\nimport com.pulumi.aws.ec2.NetworkInsightsAnalysisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var path = new NetworkInsightsPath(\"path\", NetworkInsightsPathArgs.builder()\n .source(source.id())\n .destination(destination.id())\n .protocol(\"tcp\")\n .build());\n\n var analysis = new NetworkInsightsAnalysis(\"analysis\", NetworkInsightsAnalysisArgs.builder()\n .networkInsightsPathId(path.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n path:\n type: aws:ec2:NetworkInsightsPath\n properties:\n source: ${source.id}\n destination: ${destination.id}\n protocol: tcp\n analysis:\n type: aws:ec2:NetworkInsightsAnalysis\n properties:\n networkInsightsPathId: ${path.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Insights Analyzes using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/networkInsightsAnalysis:NetworkInsightsAnalysis test nia-0462085c957f11a55\n```\n", "properties": { "alternatePathHints": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisAlternatePathHint:NetworkInsightsAnalysisAlternatePathHint" }, "description": "Potential intermediate components of a feasible path. Described below.\n" }, "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "explanations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanation:NetworkInsightsAnalysisExplanation" }, "description": "Explanation codes for an unreachable path. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Explanation.html) for details.\n" }, "filterInArns": { "type": "array", "items": { "type": "string" }, "description": "A list of ARNs for resources the path must traverse.\n" }, "forwardPathComponents": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponent:NetworkInsightsAnalysisForwardPathComponent" }, "description": "The components in the path from source to destination. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PathComponent.html) for details.\n" }, "networkInsightsPathId": { "type": "string", "description": "ID of the Network Insights Path to run an analysis on.\n\nThe following arguments are optional:\n" }, "pathFound": { "type": "boolean", "description": "Set to `true` if the destination was reachable.\n" }, "returnPathComponents": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponent:NetworkInsightsAnalysisReturnPathComponent" }, "description": "The components in the path from destination to source. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PathComponent.html) for details.\n" }, "startDate": { "type": "string", "description": "The date/time the analysis was started.\n" }, "status": { "type": "string", "description": "The status of the analysis. `succeeded` means the analysis was completed, not that a path was found, for that see `path_found`.\n" }, "statusMessage": { "type": "string", "description": "A message to provide more context when the `status` is `failed`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "waitForCompletion": { "type": "boolean", "description": "If enabled, the resource will wait for the Network Insights Analysis status to change to `succeeded` or `failed`. Setting this to `false` will skip the process. Default: `true`.\n" }, "warningMessage": { "type": "string", "description": "The warning message.\n" } }, "required": [ "alternatePathHints", "arn", "explanations", "forwardPathComponents", "networkInsightsPathId", "pathFound", "returnPathComponents", "startDate", "status", "statusMessage", "tagsAll", "warningMessage" ], "inputProperties": { "filterInArns": { "type": "array", "items": { "type": "string" }, "description": "A list of ARNs for resources the path must traverse.\n", "willReplaceOnChanges": true }, "networkInsightsPathId": { "type": "string", "description": "ID of the Network Insights Path to run an analysis on.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "waitForCompletion": { "type": "boolean", "description": "If enabled, the resource will wait for the Network Insights Analysis status to change to `succeeded` or `failed`. Setting this to `false` will skip the process. Default: `true`.\n" } }, "requiredInputs": [ "networkInsightsPathId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInsightsAnalysis resources.\n", "properties": { "alternatePathHints": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisAlternatePathHint:NetworkInsightsAnalysisAlternatePathHint" }, "description": "Potential intermediate components of a feasible path. Described below.\n" }, "arn": { "type": "string", "description": "ARN of the Network Insights Analysis.\n" }, "explanations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisExplanation:NetworkInsightsAnalysisExplanation" }, "description": "Explanation codes for an unreachable path. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Explanation.html) for details.\n" }, "filterInArns": { "type": "array", "items": { "type": "string" }, "description": "A list of ARNs for resources the path must traverse.\n", "willReplaceOnChanges": true }, "forwardPathComponents": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisForwardPathComponent:NetworkInsightsAnalysisForwardPathComponent" }, "description": "The components in the path from source to destination. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PathComponent.html) for details.\n" }, "networkInsightsPathId": { "type": "string", "description": "ID of the Network Insights Path to run an analysis on.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "pathFound": { "type": "boolean", "description": "Set to `true` if the destination was reachable.\n" }, "returnPathComponents": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInsightsAnalysisReturnPathComponent:NetworkInsightsAnalysisReturnPathComponent" }, "description": "The components in the path from destination to source. See the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PathComponent.html) for details.\n" }, "startDate": { "type": "string", "description": "The date/time the analysis was started.\n" }, "status": { "type": "string", "description": "The status of the analysis. `succeeded` means the analysis was completed, not that a path was found, for that see `path_found`.\n" }, "statusMessage": { "type": "string", "description": "A message to provide more context when the `status` is `failed`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "waitForCompletion": { "type": "boolean", "description": "If enabled, the resource will wait for the Network Insights Analysis status to change to `succeeded` or `failed`. Setting this to `false` will skip the process. Default: `true`.\n" }, "warningMessage": { "type": "string", "description": "The warning message.\n" } }, "type": "object" } }, "aws:ec2/networkInsightsPath:NetworkInsightsPath": { "description": "Provides a Network Insights Path resource. Part of the \"Reachability Analyzer\" service in the AWS VPC console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.NetworkInsightsPath(\"test\", {\n source: source.id,\n destination: destination.id,\n protocol: \"tcp\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.NetworkInsightsPath(\"test\",\n source=source[\"id\"],\n destination=destination[\"id\"],\n protocol=\"tcp\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.NetworkInsightsPath(\"test\", new()\n {\n Source = source.Id,\n Destination = destination.Id,\n Protocol = \"tcp\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInsightsPath(ctx, \"test\", \u0026ec2.NetworkInsightsPathArgs{\n\t\t\tSource: pulumi.Any(source.Id),\n\t\t\tDestination: pulumi.Any(destination.Id),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInsightsPath;\nimport com.pulumi.aws.ec2.NetworkInsightsPathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new NetworkInsightsPath(\"test\", NetworkInsightsPathArgs.builder()\n .source(source.id())\n .destination(destination.id())\n .protocol(\"tcp\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:NetworkInsightsPath\n properties:\n source: ${source.id}\n destination: ${destination.id}\n protocol: tcp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Insights Paths using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/networkInsightsPath:NetworkInsightsPath test nip-00edfba169923aefd\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Path.\n" }, "destination": { "type": "string", "description": "ID or ARN of the resource which is the destination of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n" }, "destinationArn": { "type": "string", "description": "ARN of the destination.\n" }, "destinationIp": { "type": "string", "description": "IP address of the destination resource.\n" }, "destinationPort": { "type": "integer", "description": "Destination port to analyze access to.\n" }, "protocol": { "type": "string", "description": "Protocol to use for analysis. Valid options are `tcp` or `udp`.\n\nThe following arguments are optional:\n" }, "source": { "type": "string", "description": "ID or ARN of the resource which is the source of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n" }, "sourceArn": { "type": "string", "description": "ARN of the source.\n" }, "sourceIp": { "type": "string", "description": "IP address of the source resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "destinationArn", "protocol", "source", "sourceArn", "tagsAll" ], "inputProperties": { "destination": { "type": "string", "description": "ID or ARN of the resource which is the destination of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n", "willReplaceOnChanges": true }, "destinationIp": { "type": "string", "description": "IP address of the destination resource.\n", "willReplaceOnChanges": true }, "destinationPort": { "type": "integer", "description": "Destination port to analyze access to.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "Protocol to use for analysis. Valid options are `tcp` or `udp`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "source": { "type": "string", "description": "ID or ARN of the resource which is the source of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n", "willReplaceOnChanges": true }, "sourceIp": { "type": "string", "description": "IP address of the source resource.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "protocol", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInsightsPath resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Network Insights Path.\n" }, "destination": { "type": "string", "description": "ID or ARN of the resource which is the destination of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n", "willReplaceOnChanges": true }, "destinationArn": { "type": "string", "description": "ARN of the destination.\n" }, "destinationIp": { "type": "string", "description": "IP address of the destination resource.\n", "willReplaceOnChanges": true }, "destinationPort": { "type": "integer", "description": "Destination port to analyze access to.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "Protocol to use for analysis. Valid options are `tcp` or `udp`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "source": { "type": "string", "description": "ID or ARN of the resource which is the source of the path. Can be an Instance, Internet Gateway, Network Interface, Transit Gateway, VPC Endpoint, VPC Peering Connection or VPN Gateway. If the resource is in another account, you must specify an ARN.\n", "willReplaceOnChanges": true }, "sourceArn": { "type": "string", "description": "ARN of the source.\n" }, "sourceIp": { "type": "string", "description": "IP address of the source resource.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/networkInterface:NetworkInterface": { "description": "Provides an Elastic network interface (ENI) resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.NetworkInterface(\"test\", {\n subnetId: publicA.id,\n privateIps: [\"10.0.0.50\"],\n securityGroups: [web.id],\n attachments: [{\n instance: testAwsInstance.id,\n deviceIndex: 1,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.NetworkInterface(\"test\",\n subnet_id=public_a[\"id\"],\n private_ips=[\"10.0.0.50\"],\n security_groups=[web[\"id\"]],\n attachments=[{\n \"instance\": test_aws_instance[\"id\"],\n \"device_index\": 1,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.NetworkInterface(\"test\", new()\n {\n SubnetId = publicA.Id,\n PrivateIps = new[]\n {\n \"10.0.0.50\",\n },\n SecurityGroups = new[]\n {\n web.Id,\n },\n Attachments = new[]\n {\n new Aws.Ec2.Inputs.NetworkInterfaceAttachmentArgs\n {\n Instance = testAwsInstance.Id,\n DeviceIndex = 1,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInterface(ctx, \"test\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: pulumi.Any(publicA.Id),\n\t\t\tPrivateIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.50\"),\n\t\t\t},\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tweb.Id,\n\t\t\t},\n\t\t\tAttachments: ec2.NetworkInterfaceAttachmentTypeArray{\n\t\t\t\t\u0026ec2.NetworkInterfaceAttachmentTypeArgs{\n\t\t\t\t\tInstance: pulumi.Any(testAwsInstance.Id),\n\t\t\t\t\tDeviceIndex: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.inputs.NetworkInterfaceAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new NetworkInterface(\"test\", NetworkInterfaceArgs.builder()\n .subnetId(publicA.id())\n .privateIps(\"10.0.0.50\")\n .securityGroups(web.id())\n .attachments(NetworkInterfaceAttachmentArgs.builder()\n .instance(testAwsInstance.id())\n .deviceIndex(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:NetworkInterface\n properties:\n subnetId: ${publicA.id}\n privateIps:\n - 10.0.0.50\n securityGroups:\n - ${web.id}\n attachments:\n - instance: ${testAwsInstance.id}\n deviceIndex: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Managing Multiple IPs on a Network Interface\n\nBy default, private IPs are managed through the `private_ips` and `private_ips_count` arguments which manage IPs as a set of IPs that are configured without regard to order. For a new network interface, the same primary IP address is consistently selected from a given set of addresses, regardless of the order provided. However, modifications of the set of addresses of an existing interface will not alter the current primary IP address unless it has been removed from the set.\n\nIn order to manage the private IPs as a sequentially ordered list, configure `private_ip_list_enabled` to `true` and use `private_ip_list` to manage the IPs. This will disable the `private_ips` and `private_ips_count` settings, which must be removed from the config file but are still exported. Note that changing the first address of `private_ip_list`, which is the primary, always requires a new interface.\n\nIf you are managing a specific set or list of IPs, instead of just using `private_ips_count`, this is a potential workflow for also leveraging `private_ips_count` to have AWS automatically assign additional IP addresses:\n\n1. Comment out `private_ips`, `private_ip_list`, `private_ip_list_enabled` in your configuration\n2. Set the desired `private_ips_count` (count of the number of secondaries, the primary is not included)\n3. Apply to assign the extra IPs\n4. Remove `private_ips_count` and restore your settings from the first step\n5. Add the new IPs to your current settings\n6. Apply again to update the stored state\n\nThis process can also be used to remove IP addresses in addition to the option of manually removing them. Adding IP addresses in a manually is more difficult because it requires knowledge of which addresses are available.\n\n## Import\n\nUsing `pulumi import`, import Network Interfaces using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/networkInterface:NetworkInterface test eni-e5aa89a3\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the network interface.\n" }, "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Configuration block to define the attachment of the ENI. See Attachment below for more details!\n" }, "description": { "type": "string", "description": "Description for the network interface.\n" }, "interfaceType": { "type": "string", "description": "Type of network interface to create. Set to `efa` for Elastic Fabric Adapter. Changing `interface_type` will cause the resource to be destroyed and re-created.\n" }, "ipv4PrefixCount": { "type": "integer", "description": "Number of IPv4 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv4Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 prefixes assigned to the network interface.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to assign to a network interface. You can't use this option if specifying specific `ipv6_addresses`. If your subnet has the AssignIpv6AddressOnCreation attribute set to `true`, you can specify `0` to override this setting.\n" }, "ipv6AddressListEnabled": { "type": "boolean", "description": "Whether `ipv6_address_list` is allowed and controls the IPs to assign to the ENI and `ipv6_addresses` and `ipv6_address_count` become read-only. Default false.\n" }, "ipv6AddressLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Addresses are assigned without regard to order. You can't use this option if you're specifying `ipv6_address_count`.\n" }, "ipv6PrefixCount": { "type": "integer", "description": "Number of IPv6 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv6Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv6 prefixes assigned to the network interface.\n" }, "macAddress": { "type": "string", "description": "MAC address of the network interface.\n" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string", "description": "AWS account ID of the owner of the network interface.\n" }, "privateDnsName": { "type": "string", "description": "Private DNS name of the network interface (IPv4).\n" }, "privateIp": { "type": "string" }, "privateIpListEnabled": { "type": "boolean", "description": "Whether `private_ip_list` is allowed and controls the IPs to assign to the ENI and `private_ips` and `private_ips_count` become read-only. Default false.\n" }, "privateIpLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order. Requires setting `private_ip_list_enabled` to `true`.\n" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI without regard to order.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + `private_ips_count`, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "attachments", "interfaceType", "ipv4PrefixCount", "ipv4Prefixes", "ipv6AddressCount", "ipv6AddressLists", "ipv6Addresses", "ipv6PrefixCount", "ipv6Prefixes", "macAddress", "outpostArn", "ownerId", "privateDnsName", "privateIp", "privateIpLists", "privateIps", "privateIpsCount", "securityGroups", "subnetId", "tagsAll" ], "inputProperties": { "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Configuration block to define the attachment of the ENI. See Attachment below for more details!\n" }, "description": { "type": "string", "description": "Description for the network interface.\n" }, "interfaceType": { "type": "string", "description": "Type of network interface to create. Set to `efa` for Elastic Fabric Adapter. Changing `interface_type` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "ipv4PrefixCount": { "type": "integer", "description": "Number of IPv4 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv4Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 prefixes assigned to the network interface.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to assign to a network interface. You can't use this option if specifying specific `ipv6_addresses`. If your subnet has the AssignIpv6AddressOnCreation attribute set to `true`, you can specify `0` to override this setting.\n" }, "ipv6AddressListEnabled": { "type": "boolean", "description": "Whether `ipv6_address_list` is allowed and controls the IPs to assign to the ENI and `ipv6_addresses` and `ipv6_address_count` become read-only. Default false.\n" }, "ipv6AddressLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Addresses are assigned without regard to order. You can't use this option if you're specifying `ipv6_address_count`.\n" }, "ipv6PrefixCount": { "type": "integer", "description": "Number of IPv6 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv6Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv6 prefixes assigned to the network interface.\n" }, "privateIp": { "type": "string" }, "privateIpListEnabled": { "type": "boolean", "description": "Whether `private_ip_list` is allowed and controls the IPs to assign to the ENI and `private_ips` and `private_ips_count` become read-only. Default false.\n" }, "privateIpLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order. Requires setting `private_ip_list_enabled` to `true`.\n" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI without regard to order.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + `private_ips_count`, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterface resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the network interface.\n" }, "attachments": { "type": "array", "items": { "$ref": "#/types/aws:ec2/NetworkInterfaceAttachment:NetworkInterfaceAttachment" }, "description": "Configuration block to define the attachment of the ENI. See Attachment below for more details!\n" }, "description": { "type": "string", "description": "Description for the network interface.\n" }, "interfaceType": { "type": "string", "description": "Type of network interface to create. Set to `efa` for Elastic Fabric Adapter. Changing `interface_type` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "ipv4PrefixCount": { "type": "integer", "description": "Number of IPv4 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv4Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 prefixes assigned to the network interface.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to assign to a network interface. You can't use this option if specifying specific `ipv6_addresses`. If your subnet has the AssignIpv6AddressOnCreation attribute set to `true`, you can specify `0` to override this setting.\n" }, "ipv6AddressListEnabled": { "type": "boolean", "description": "Whether `ipv6_address_list` is allowed and controls the IPs to assign to the ENI and `ipv6_addresses` and `ipv6_address_count` become read-only. Default false.\n" }, "ipv6AddressLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Addresses are assigned without regard to order. You can't use this option if you're specifying `ipv6_address_count`.\n" }, "ipv6PrefixCount": { "type": "integer", "description": "Number of IPv6 prefixes that AWS automatically assigns to the network interface.\n" }, "ipv6Prefixes": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv6 prefixes assigned to the network interface.\n" }, "macAddress": { "type": "string", "description": "MAC address of the network interface.\n" }, "outpostArn": { "type": "string" }, "ownerId": { "type": "string", "description": "AWS account ID of the owner of the network interface.\n" }, "privateDnsName": { "type": "string", "description": "Private DNS name of the network interface (IPv4).\n" }, "privateIp": { "type": "string" }, "privateIpListEnabled": { "type": "boolean", "description": "Whether `private_ip_list` is allowed and controls the IPs to assign to the ENI and `private_ips` and `private_ips_count` become read-only. Default false.\n" }, "privateIpLists": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI in sequential order. Requires setting `private_ip_list_enabled` to `true`.\n" }, "privateIps": { "type": "array", "items": { "type": "string" }, "description": "List of private IPs to assign to the ENI without regard to order.\n" }, "privateIpsCount": { "type": "integer", "description": "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + `private_ips_count`, as a primary private IP will be assiged to an ENI by default.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the ENI.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Whether to enable source destination checking for the ENI. Default true.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to create the ENI in.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/networkInterfaceAttachment:NetworkInterfaceAttachment": { "description": "Attach an Elastic network interface (ENI) resource with EC2 instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.NetworkInterfaceAttachment(\"test\", {\n instanceId: testAwsInstance.id,\n networkInterfaceId: testAwsNetworkInterface.id,\n deviceIndex: 0,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.NetworkInterfaceAttachment(\"test\",\n instance_id=test_aws_instance[\"id\"],\n network_interface_id=test_aws_network_interface[\"id\"],\n device_index=0)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.NetworkInterfaceAttachment(\"test\", new()\n {\n InstanceId = testAwsInstance.Id,\n NetworkInterfaceId = testAwsNetworkInterface.Id,\n DeviceIndex = 0,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInterfaceAttachment(ctx, \"test\", \u0026ec2.NetworkInterfaceAttachmentArgs{\n\t\t\tInstanceId: pulumi.Any(testAwsInstance.Id),\n\t\t\tNetworkInterfaceId: pulumi.Any(testAwsNetworkInterface.Id),\n\t\t\tDeviceIndex: pulumi.Int(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInterfaceAttachment;\nimport com.pulumi.aws.ec2.NetworkInterfaceAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new NetworkInterfaceAttachment(\"test\", NetworkInterfaceAttachmentArgs.builder()\n .instanceId(testAwsInstance.id())\n .networkInterfaceId(testAwsNetworkInterface.id())\n .deviceIndex(0)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:NetworkInterfaceAttachment\n properties:\n instanceId: ${testAwsInstance.id}\n networkInterfaceId: ${testAwsNetworkInterface.id}\n deviceIndex: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elastic network interface (ENI) Attachments using its Attachment ID. For example:\n\n```sh\n$ pulumi import aws:ec2/networkInterfaceAttachment:NetworkInterfaceAttachment secondary_nic eni-attach-0a33842b4ec347c4c\n```\n", "properties": { "attachmentId": { "type": "string", "description": "The ENI Attachment ID.\n" }, "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n" }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n" }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n" }, "status": { "type": "string", "description": "The status of the Network Interface Attachment.\n" } }, "required": [ "attachmentId", "deviceIndex", "instanceId", "networkInterfaceId", "status" ], "inputProperties": { "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "deviceIndex", "instanceId", "networkInterfaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterfaceAttachment resources.\n", "properties": { "attachmentId": { "type": "string", "description": "The ENI Attachment ID.\n" }, "deviceIndex": { "type": "integer", "description": "Network interface index (int).\n", "willReplaceOnChanges": true }, "instanceId": { "type": "string", "description": "Instance ID to attach.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "ENI ID to attach.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the Network Interface Attachment.\n" } }, "type": "object" } }, "aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment": { "description": "This resource attaches a security group to an Elastic Network Interface (ENI).\nIt can be used to attach a security group to any existing ENI, be it a\nsecondary ENI or one attached as the primary interface on an instance.\n\n\u003e **NOTE on instances, interfaces, and security groups:** This provider currently\nprovides the capability to assign security groups via the [`aws.ec2.Instance`][1]\nand the [`aws.ec2.NetworkInterface`][2] resources. Using this resource in\nconjunction with security groups provided in-line in those resources will cause\nconflicts, and will lead to spurious diffs and undefined behavior - please use\none or the other.\n\n## Example Usage\n\nThe following provides a very basic example of setting up an instance (provided\nby `instance`) in the default security group, creating a security group\n(provided by `sg`) and then attaching the security group to the instance's\nprimary network interface via the `aws.ec2.NetworkInterfaceSecurityGroupAttachment` resource,\nnamed `sg_attachment`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ami = aws.ec2.getAmi({\n mostRecent: true,\n filters: [{\n name: \"name\",\n values: [\"amzn-ami-hvm-*\"],\n }],\n owners: [\"amazon\"],\n});\nconst instance = new aws.ec2.Instance(\"instance\", {\n instanceType: aws.ec2.InstanceType.T2_Micro,\n ami: ami.then(ami =\u003e ami.id),\n tags: {\n type: \"test-instance\",\n },\n});\nconst sg = new aws.ec2.SecurityGroup(\"sg\", {tags: {\n type: \"test-security-group\",\n}});\nconst sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", {\n securityGroupId: sg.id,\n networkInterfaceId: instance.primaryNetworkInterfaceId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nami = aws.ec2.get_ami(most_recent=True,\n filters=[{\n \"name\": \"name\",\n \"values\": [\"amzn-ami-hvm-*\"],\n }],\n owners=[\"amazon\"])\ninstance = aws.ec2.Instance(\"instance\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n ami=ami.id,\n tags={\n \"type\": \"test-instance\",\n })\nsg = aws.ec2.SecurityGroup(\"sg\", tags={\n \"type\": \"test-security-group\",\n})\nsg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\",\n security_group_id=sg.id,\n network_interface_id=instance.primary_network_interface_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ami = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"amzn-ami-hvm-*\",\n },\n },\n },\n Owners = new[]\n {\n \"amazon\",\n },\n });\n\n var instance = new Aws.Ec2.Instance(\"instance\", new()\n {\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n Ami = ami.Apply(getAmiResult =\u003e getAmiResult.Id),\n Tags = \n {\n { \"type\", \"test-instance\" },\n },\n });\n\n var sg = new Aws.Ec2.SecurityGroup(\"sg\", new()\n {\n Tags = \n {\n { \"type\", \"test-security-group\" },\n },\n });\n\n var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", new()\n {\n SecurityGroupId = sg.Id,\n NetworkInterfaceId = instance.PrimaryNetworkInterfaceId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tami, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amzn-ami-hvm-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance, err := ec2.NewInstance(ctx, \"instance\", \u0026ec2.InstanceArgs{\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tAmi: pulumi.String(ami.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"type\": pulumi.String(\"test-instance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsg, err := ec2.NewSecurityGroup(ctx, \"sg\", \u0026ec2.SecurityGroupArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"type\": pulumi.String(\"test-security-group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, \"sg_attachment\", \u0026ec2.NetworkInterfaceSecurityGroupAttachmentArgs{\n\t\t\tSecurityGroupId: sg.ID(),\n\t\t\tNetworkInterfaceId: instance.PrimaryNetworkInterfaceId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachment;\nimport com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ami = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .filters(GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"amzn-ami-hvm-*\")\n .build())\n .owners(\"amazon\")\n .build());\n\n var instance = new Instance(\"instance\", InstanceArgs.builder()\n .instanceType(\"t2.micro\")\n .ami(ami.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .tags(Map.of(\"type\", \"test-instance\"))\n .build());\n\n var sg = new SecurityGroup(\"sg\", SecurityGroupArgs.builder()\n .tags(Map.of(\"type\", \"test-security-group\"))\n .build());\n\n var sgAttachment = new NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\", NetworkInterfaceSecurityGroupAttachmentArgs.builder()\n .securityGroupId(sg.id())\n .networkInterfaceId(instance.primaryNetworkInterfaceId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n instance:\n type: aws:ec2:Instance\n properties:\n instanceType: t2.micro\n ami: ${ami.id}\n tags:\n type: test-instance\n sg:\n type: aws:ec2:SecurityGroup\n properties:\n tags:\n type: test-security-group\n sgAttachment:\n type: aws:ec2:NetworkInterfaceSecurityGroupAttachment\n name: sg_attachment\n properties:\n securityGroupId: ${sg.id}\n networkInterfaceId: ${instance.primaryNetworkInterfaceId}\nvariables:\n ami:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n filters:\n - name: name\n values:\n - amzn-ami-hvm-*\n owners:\n - amazon\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIn this example, `instance` is provided by the `aws.ec2.Instance` data source,\nfetching an external instance, possibly not managed by this provider.\n`sg_attachment` then attaches to the output instance's `network_interface_id`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instance = aws.ec2.getInstance({\n instanceId: \"i-1234567890abcdef0\",\n});\nconst sg = new aws.ec2.SecurityGroup(\"sg\", {tags: {\n type: \"test-security-group\",\n}});\nconst sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", {\n securityGroupId: sg.id,\n networkInterfaceId: instance.then(instance =\u003e instance.networkInterfaceId),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance = aws.ec2.get_instance(instance_id=\"i-1234567890abcdef0\")\nsg = aws.ec2.SecurityGroup(\"sg\", tags={\n \"type\": \"test-security-group\",\n})\nsg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\",\n security_group_id=sg.id,\n network_interface_id=instance.network_interface_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var instance = Aws.Ec2.GetInstance.Invoke(new()\n {\n InstanceId = \"i-1234567890abcdef0\",\n });\n\n var sg = new Aws.Ec2.SecurityGroup(\"sg\", new()\n {\n Tags = \n {\n { \"type\", \"test-security-group\" },\n },\n });\n\n var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment(\"sg_attachment\", new()\n {\n SecurityGroupId = sg.Id,\n NetworkInterfaceId = instance.Apply(getInstanceResult =\u003e getInstanceResult.NetworkInterfaceId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinstance, err := ec2.LookupInstance(ctx, \u0026ec2.LookupInstanceArgs{\n\t\t\tInstanceId: pulumi.StringRef(\"i-1234567890abcdef0\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsg, err := ec2.NewSecurityGroup(ctx, \"sg\", \u0026ec2.SecurityGroupArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"type\": pulumi.String(\"test-security-group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, \"sg_attachment\", \u0026ec2.NetworkInterfaceSecurityGroupAttachmentArgs{\n\t\t\tSecurityGroupId: sg.ID(),\n\t\t\tNetworkInterfaceId: pulumi.String(instance.NetworkInterfaceId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachment;\nimport com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var instance = Ec2Functions.getInstance(GetInstanceArgs.builder()\n .instanceId(\"i-1234567890abcdef0\")\n .build());\n\n var sg = new SecurityGroup(\"sg\", SecurityGroupArgs.builder()\n .tags(Map.of(\"type\", \"test-security-group\"))\n .build());\n\n var sgAttachment = new NetworkInterfaceSecurityGroupAttachment(\"sgAttachment\", NetworkInterfaceSecurityGroupAttachmentArgs.builder()\n .securityGroupId(sg.id())\n .networkInterfaceId(instance.applyValue(getInstanceResult -\u003e getInstanceResult.networkInterfaceId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sg:\n type: aws:ec2:SecurityGroup\n properties:\n tags:\n type: test-security-group\n sgAttachment:\n type: aws:ec2:NetworkInterfaceSecurityGroupAttachment\n name: sg_attachment\n properties:\n securityGroupId: ${sg.id}\n networkInterfaceId: ${instance.networkInterfaceId}\nvariables:\n instance:\n fn::invoke:\n Function: aws:ec2:getInstance\n Arguments:\n instanceId: i-1234567890abcdef0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Interface Security Group attachments using the associated network interface ID and security group ID, separated by an underscore (`_`). For example:\n\n```sh\n$ pulumi import aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment sg_attachment eni-1234567890abcdef0_sg-1234567890abcdef0\n```\n", "properties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" } }, "required": [ "networkInterfaceId", "securityGroupId" ], "inputProperties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "networkInterfaceId", "securityGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkInterfaceSecurityGroupAttachment resources.\n", "properties": { "networkInterfaceId": { "type": "string", "description": "The ID of the network interface to attach to.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/peeringConnectionOptions:PeeringConnectionOptions": { "description": "Provides a resource to manage VPC peering connection options.\n\n\u003e **NOTE on VPC Peering Connections and VPC Peering Connection Options:** This provider provides\nboth a standalone VPC Peering Connection Options and a VPC Peering Connection\nresource with `accepter` and `requester` attributes. Do not manage options for the same VPC peering\nconnection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource.\nDoing so will cause a conflict of options and will overwrite the options.\nUsing a VPC Peering Connection Options resource decouples management of the connection options from\nmanagement of the VPC Peering Connection and allows options to be set correctly in cross-region and\ncross-account scenarios.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.0.0.0/16\"});\nconst bar = new aws.ec2.Vpc(\"bar\", {cidrBlock: \"10.1.0.0/16\"});\nconst fooVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"foo\", {\n vpcId: foo.id,\n peerVpcId: bar.id,\n autoAccept: true,\n});\nconst fooPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions(\"foo\", {\n vpcPeeringConnectionId: fooVpcPeeringConnection.id,\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.0.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.1.0.0/16\")\nfoo_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"foo\",\n vpc_id=foo.id,\n peer_vpc_id=bar.id,\n auto_accept=True)\nfoo_peering_connection_options = aws.ec2.PeeringConnectionOptions(\"foo\",\n vpc_peering_connection_id=foo_vpc_peering_connection.id,\n accepter={\n \"allow_remote_vpc_dns_resolution\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var bar = new Aws.Ec2.Vpc(\"bar\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var fooVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"foo\", new()\n {\n VpcId = foo.Id,\n PeerVpcId = bar.Id,\n AutoAccept = true,\n });\n\n var fooPeeringConnectionOptions = new Aws.Ec2.PeeringConnectionOptions(\"foo\", new()\n {\n VpcPeeringConnectionId = fooVpcPeeringConnection.Id,\n Accepter = new Aws.Ec2.Inputs.PeeringConnectionOptionsAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewVpc(ctx, \"bar\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooVpcPeeringConnection, err := ec2.NewVpcPeeringConnection(ctx, \"foo\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tVpcId: foo.ID(),\n\t\t\tPeerVpcId: bar.ID(),\n\t\t\tAutoAccept: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewPeeringConnectionOptions(ctx, \"foo\", \u0026ec2.PeeringConnectionOptionsArgs{\n\t\t\tVpcPeeringConnectionId: fooVpcPeeringConnection.ID(),\n\t\t\tAccepter: \u0026ec2.PeeringConnectionOptionsAccepterArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport com.pulumi.aws.ec2.PeeringConnectionOptions;\nimport com.pulumi.aws.ec2.PeeringConnectionOptionsArgs;\nimport com.pulumi.aws.ec2.inputs.PeeringConnectionOptionsAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Vpc(\"foo\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var bar = new Vpc(\"bar\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var fooVpcPeeringConnection = new VpcPeeringConnection(\"fooVpcPeeringConnection\", VpcPeeringConnectionArgs.builder()\n .vpcId(foo.id())\n .peerVpcId(bar.id())\n .autoAccept(true)\n .build());\n\n var fooPeeringConnectionOptions = new PeeringConnectionOptions(\"fooPeeringConnectionOptions\", PeeringConnectionOptionsArgs.builder()\n .vpcPeeringConnectionId(fooVpcPeeringConnection.id())\n .accepter(PeeringConnectionOptionsAccepterArgs.builder()\n .allowRemoteVpcDnsResolution(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n bar:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n fooVpcPeeringConnection:\n type: aws:ec2:VpcPeeringConnection\n name: foo\n properties:\n vpcId: ${foo.id}\n peerVpcId: ${bar.id}\n autoAccept: true\n fooPeeringConnectionOptions:\n type: aws:ec2:PeeringConnectionOptions\n name: foo\n properties:\n vpcPeeringConnectionId: ${fooVpcPeeringConnection.id}\n accepter:\n allowRemoteVpcDnsResolution: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Cross-Account Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst peerVpc = new aws.ec2.Vpc(\"peer\", {\n cidrBlock: \"10.1.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst peer = aws.getCallerIdentity({});\n// Requester's side of the connection.\nconst peerVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"peer\", {\n vpcId: main.id,\n peerVpcId: peerVpc.id,\n peerOwnerId: peer.then(peer =\u003e peer.accountId),\n autoAccept: false,\n tags: {\n Side: \"Requester\",\n },\n});\n// Accepter's side of the connection.\nconst peerVpcPeeringConnectionAccepter = new aws.ec2.VpcPeeringConnectionAccepter(\"peer\", {\n vpcPeeringConnectionId: peerVpcPeeringConnection.id,\n autoAccept: true,\n tags: {\n Side: \"Accepter\",\n },\n});\nconst requester = new aws.ec2.PeeringConnectionOptions(\"requester\", {\n vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,\n requester: {\n allowRemoteVpcDnsResolution: true,\n },\n});\nconst accepter = new aws.ec2.PeeringConnectionOptions(\"accepter\", {\n vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\npeer_vpc = aws.ec2.Vpc(\"peer\",\n cidr_block=\"10.1.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\npeer = aws.get_caller_identity()\n# Requester's side of the connection.\npeer_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"peer\",\n vpc_id=main.id,\n peer_vpc_id=peer_vpc.id,\n peer_owner_id=peer.account_id,\n auto_accept=False,\n tags={\n \"Side\": \"Requester\",\n })\n# Accepter's side of the connection.\npeer_vpc_peering_connection_accepter = aws.ec2.VpcPeeringConnectionAccepter(\"peer\",\n vpc_peering_connection_id=peer_vpc_peering_connection.id,\n auto_accept=True,\n tags={\n \"Side\": \"Accepter\",\n })\nrequester = aws.ec2.PeeringConnectionOptions(\"requester\",\n vpc_peering_connection_id=peer_vpc_peering_connection_accepter.id,\n requester={\n \"allow_remote_vpc_dns_resolution\": True,\n })\naccepter = aws.ec2.PeeringConnectionOptions(\"accepter\",\n vpc_peering_connection_id=peer_vpc_peering_connection_accepter.id,\n accepter={\n \"allow_remote_vpc_dns_resolution\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var peerVpc = new Aws.Ec2.Vpc(\"peer\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var peer = Aws.GetCallerIdentity.Invoke();\n\n // Requester's side of the connection.\n var peerVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"peer\", new()\n {\n VpcId = main.Id,\n PeerVpcId = peerVpc.Id,\n PeerOwnerId = peer.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n AutoAccept = false,\n Tags = \n {\n { \"Side\", \"Requester\" },\n },\n });\n\n // Accepter's side of the connection.\n var peerVpcPeeringConnectionAccepter = new Aws.Ec2.VpcPeeringConnectionAccepter(\"peer\", new()\n {\n VpcPeeringConnectionId = peerVpcPeeringConnection.Id,\n AutoAccept = true,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n var requester = new Aws.Ec2.PeeringConnectionOptions(\"requester\", new()\n {\n VpcPeeringConnectionId = peerVpcPeeringConnectionAccepter.Id,\n Requester = new Aws.Ec2.Inputs.PeeringConnectionOptionsRequesterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n });\n\n var accepter = new Aws.Ec2.PeeringConnectionOptions(\"accepter\", new()\n {\n VpcPeeringConnectionId = peerVpcPeeringConnectionAccepter.Id,\n Accepter = new Aws.Ec2.Inputs.PeeringConnectionOptionsAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpeerVpc, err := ec2.NewVpc(ctx, \"peer\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpeer, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Requester's side of the connection.\n\t\tpeerVpcPeeringConnection, err := ec2.NewVpcPeeringConnection(ctx, \"peer\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tPeerVpcId: peerVpc.ID(),\n\t\t\tPeerOwnerId: pulumi.String(peer.AccountId),\n\t\t\tAutoAccept: pulumi.Bool(false),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Requester\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the connection.\n\t\tpeerVpcPeeringConnectionAccepter, err := ec2.NewVpcPeeringConnectionAccepter(ctx, \"peer\", \u0026ec2.VpcPeeringConnectionAccepterArgs{\n\t\t\tVpcPeeringConnectionId: peerVpcPeeringConnection.ID(),\n\t\t\tAutoAccept: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewPeeringConnectionOptions(ctx, \"requester\", \u0026ec2.PeeringConnectionOptionsArgs{\n\t\t\tVpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.ID(),\n\t\t\tRequester: \u0026ec2.PeeringConnectionOptionsRequesterArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewPeeringConnectionOptions(ctx, \"accepter\", \u0026ec2.PeeringConnectionOptionsArgs{\n\t\t\tVpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.ID(),\n\t\t\tAccepter: \u0026ec2.PeeringConnectionOptionsAccepterArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionAccepter;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionAccepterArgs;\nimport com.pulumi.aws.ec2.PeeringConnectionOptions;\nimport com.pulumi.aws.ec2.PeeringConnectionOptionsArgs;\nimport com.pulumi.aws.ec2.inputs.PeeringConnectionOptionsRequesterArgs;\nimport com.pulumi.aws.ec2.inputs.PeeringConnectionOptionsAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var peerVpc = new Vpc(\"peerVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n final var peer = AwsFunctions.getCallerIdentity();\n\n // Requester's side of the connection.\n var peerVpcPeeringConnection = new VpcPeeringConnection(\"peerVpcPeeringConnection\", VpcPeeringConnectionArgs.builder()\n .vpcId(main.id())\n .peerVpcId(peerVpc.id())\n .peerOwnerId(peer.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .autoAccept(false)\n .tags(Map.of(\"Side\", \"Requester\"))\n .build());\n\n // Accepter's side of the connection.\n var peerVpcPeeringConnectionAccepter = new VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\", VpcPeeringConnectionAccepterArgs.builder()\n .vpcPeeringConnectionId(peerVpcPeeringConnection.id())\n .autoAccept(true)\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n var requester = new PeeringConnectionOptions(\"requester\", PeeringConnectionOptionsArgs.builder()\n .vpcPeeringConnectionId(peerVpcPeeringConnectionAccepter.id())\n .requester(PeeringConnectionOptionsRequesterArgs.builder()\n .allowRemoteVpcDnsResolution(true)\n .build())\n .build());\n\n var accepter = new PeeringConnectionOptions(\"accepter\", PeeringConnectionOptionsArgs.builder()\n .vpcPeeringConnectionId(peerVpcPeeringConnectionAccepter.id())\n .accepter(PeeringConnectionOptionsAccepterArgs.builder()\n .allowRemoteVpcDnsResolution(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n peerVpc:\n type: aws:ec2:Vpc\n name: peer\n properties:\n cidrBlock: 10.1.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n # Requester's side of the connection.\n peerVpcPeeringConnection:\n type: aws:ec2:VpcPeeringConnection\n name: peer\n properties:\n vpcId: ${main.id}\n peerVpcId: ${peerVpc.id}\n peerOwnerId: ${peer.accountId}\n autoAccept: false\n tags:\n Side: Requester\n # Accepter's side of the connection.\n peerVpcPeeringConnectionAccepter:\n type: aws:ec2:VpcPeeringConnectionAccepter\n name: peer\n properties:\n vpcPeeringConnectionId: ${peerVpcPeeringConnection.id}\n autoAccept: true\n tags:\n Side: Accepter\n requester:\n type: aws:ec2:PeeringConnectionOptions\n properties:\n vpcPeeringConnectionId: ${peerVpcPeeringConnectionAccepter.id}\n requester:\n allowRemoteVpcDnsResolution: true\n accepter:\n type: aws:ec2:PeeringConnectionOptions\n properties:\n vpcPeeringConnectionId: ${peerVpcPeeringConnectionAccepter.id}\n accepter:\n allowRemoteVpcDnsResolution: true\nvariables:\n peer:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Peering Connection Options using the VPC peering `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/peeringConnectionOptions:PeeringConnectionOptions foo pcx-111aaa111\n```\n", "properties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that acceptsthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requeststhe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n" } }, "required": [ "accepter", "requester", "vpcPeeringConnectionId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that acceptsthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requeststhe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcPeeringConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PeeringConnectionOptions resources.\n", "properties": { "accepter": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsAccepter:PeeringConnectionOptionsAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that acceptsthe peering connection (a maximum of one).\n" }, "requester": { "$ref": "#/types/aws:ec2/PeeringConnectionOptionsRequester:PeeringConnectionOptionsRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requeststhe peering connection (a maximum of one).\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The ID of the requester VPC peering connection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/placementGroup:PlacementGroup": { "description": "Provides an EC2 placement group. Read more about placement groups\nin [AWS Docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.PlacementGroup(\"web\", {\n name: \"hunky-dory-pg\",\n strategy: aws.ec2.PlacementStrategy.Cluster,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.PlacementGroup(\"web\",\n name=\"hunky-dory-pg\",\n strategy=aws.ec2.PlacementStrategy.CLUSTER)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var web = new Aws.Ec2.PlacementGroup(\"web\", new()\n {\n Name = \"hunky-dory-pg\",\n Strategy = Aws.Ec2.PlacementStrategy.Cluster,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewPlacementGroup(ctx, \"web\", \u0026ec2.PlacementGroupArgs{\n\t\t\tName: pulumi.String(\"hunky-dory-pg\"),\n\t\t\tStrategy: pulumi.String(ec2.PlacementStrategyCluster),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.PlacementGroup;\nimport com.pulumi.aws.ec2.PlacementGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var web = new PlacementGroup(\"web\", PlacementGroupArgs.builder()\n .name(\"hunky-dory-pg\")\n .strategy(\"cluster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n web:\n type: aws:ec2:PlacementGroup\n properties:\n name: hunky-dory-pg\n strategy: cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import placement groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:ec2/placementGroup:PlacementGroup prod_pg production-placement-group\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the placement group.\n" }, "name": { "type": "string", "description": "The name of the placement group.\n" }, "partitionCount": { "type": "integer", "description": "The number of partitions to create in the\nplacement group. Can only be specified when the `strategy` is set to\n`partition`. Valid values are 1 - 7 (default is `2`).\n" }, "placementGroupId": { "type": "string", "description": "The ID of the placement group.\n" }, "spreadLevel": { "type": "string", "description": "Determines how placement groups spread instances. Can only be used\nwhen the `strategy` is set to `spread`. Can be `host` or `rack`. `host` can only be used for Outpost placement groups. Defaults to `rack`.\n" }, "strategy": { "type": "string", "description": "The placement strategy. Can be `cluster`, `partition` or `spread`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "partitionCount", "placementGroupId", "spreadLevel", "strategy", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the placement group.\n", "willReplaceOnChanges": true }, "partitionCount": { "type": "integer", "description": "The number of partitions to create in the\nplacement group. Can only be specified when the `strategy` is set to\n`partition`. Valid values are 1 - 7 (default is `2`).\n", "willReplaceOnChanges": true }, "spreadLevel": { "type": "string", "description": "Determines how placement groups spread instances. Can only be used\nwhen the `strategy` is set to `spread`. Can be `host` or `rack`. `host` can only be used for Outpost placement groups. Defaults to `rack`.\n", "willReplaceOnChanges": true }, "strategy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/PlacementStrategy:PlacementStrategy" } ], "description": "The placement strategy. Can be `cluster`, `partition` or `spread`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "strategy" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlacementGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the placement group.\n" }, "name": { "type": "string", "description": "The name of the placement group.\n", "willReplaceOnChanges": true }, "partitionCount": { "type": "integer", "description": "The number of partitions to create in the\nplacement group. Can only be specified when the `strategy` is set to\n`partition`. Valid values are 1 - 7 (default is `2`).\n", "willReplaceOnChanges": true }, "placementGroupId": { "type": "string", "description": "The ID of the placement group.\n" }, "spreadLevel": { "type": "string", "description": "Determines how placement groups spread instances. Can only be used\nwhen the `strategy` is set to `spread`. Can be `host` or `rack`. `host` can only be used for Outpost placement groups. Defaults to `rack`.\n", "willReplaceOnChanges": true }, "strategy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/PlacementStrategy:PlacementStrategy" } ], "description": "The placement strategy. Can be `cluster`, `partition` or `spread`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/proxyProtocolPolicy:ProxyProtocolPolicy": { "description": "Provides a proxy protocol policy, which allows an ELB to carry a client connection information to a backend.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n name: \"test-lb\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [\n {\n instancePort: 25,\n instanceProtocol: \"tcp\",\n lbPort: 25,\n lbProtocol: \"tcp\",\n },\n {\n instancePort: 587,\n instanceProtocol: \"tcp\",\n lbPort: 587,\n lbProtocol: \"tcp\",\n },\n ],\n});\nconst smtp = new aws.ec2.ProxyProtocolPolicy(\"smtp\", {\n loadBalancer: lb.name,\n instancePorts: [\n \"25\",\n \"587\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n name=\"test-lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[\n {\n \"instance_port\": 25,\n \"instance_protocol\": \"tcp\",\n \"lb_port\": 25,\n \"lb_protocol\": \"tcp\",\n },\n {\n \"instance_port\": 587,\n \"instance_protocol\": \"tcp\",\n \"lb_port\": 587,\n \"lb_protocol\": \"tcp\",\n },\n ])\nsmtp = aws.ec2.ProxyProtocolPolicy(\"smtp\",\n load_balancer=lb.name,\n instance_ports=[\n \"25\",\n \"587\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new()\n {\n Name = \"test-lb\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 25,\n InstanceProtocol = \"tcp\",\n LbPort = 25,\n LbProtocol = \"tcp\",\n },\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 587,\n InstanceProtocol = \"tcp\",\n LbPort = 587,\n LbProtocol = \"tcp\",\n },\n },\n });\n\n var smtp = new Aws.Ec2.ProxyProtocolPolicy(\"smtp\", new()\n {\n LoadBalancer = lb.Name,\n InstancePorts = new[]\n {\n \"25\",\n \"587\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"test-lb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(25),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tLbPort: pulumi.Int(25),\n\t\t\t\t\tLbProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(587),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tLbPort: pulumi.Int(587),\n\t\t\t\t\tLbProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewProxyProtocolPolicy(ctx, \"smtp\", \u0026ec2.ProxyProtocolPolicyArgs{\n\t\t\tLoadBalancer: lb.Name,\n\t\t\tInstancePorts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"25\"),\n\t\t\t\tpulumi.String(\"587\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.ec2.ProxyProtocolPolicy;\nimport com.pulumi.aws.ec2.ProxyProtocolPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new LoadBalancer(\"lb\", LoadBalancerArgs.builder()\n .name(\"test-lb\")\n .availabilityZones(\"us-east-1a\")\n .listeners( \n LoadBalancerListenerArgs.builder()\n .instancePort(25)\n .instanceProtocol(\"tcp\")\n .lbPort(25)\n .lbProtocol(\"tcp\")\n .build(),\n LoadBalancerListenerArgs.builder()\n .instancePort(587)\n .instanceProtocol(\"tcp\")\n .lbPort(587)\n .lbProtocol(\"tcp\")\n .build())\n .build());\n\n var smtp = new ProxyProtocolPolicy(\"smtp\", ProxyProtocolPolicyArgs.builder()\n .loadBalancer(lb.name())\n .instancePorts( \n \"25\",\n \"587\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:elb:LoadBalancer\n properties:\n name: test-lb\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 25\n instanceProtocol: tcp\n lbPort: 25\n lbProtocol: tcp\n - instancePort: 587\n instanceProtocol: tcp\n lbPort: 587\n lbProtocol: tcp\n smtp:\n type: aws:ec2:ProxyProtocolPolicy\n properties:\n loadBalancer: ${lb.name}\n instancePorts:\n - '25'\n - '587'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "required": [ "instancePorts", "loadBalancer" ], "inputProperties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "requiredInputs": [ "instancePorts", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProxyProtocolPolicy resources.\n", "properties": { "instancePorts": { "type": "array", "items": { "type": "string" }, "description": "List of instance ports to which the policy\nshould be applied. This can be specified if the protocol is SSL or TCP.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" } }, "type": "object" } }, "aws:ec2/route:Route": { "description": "Provides a resource to create a routing table entry (a route) in a VPC routing table.\n\n\u003e **NOTE on Route Tables and Routes:** This provider currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE on `gateway_id` attribute:** The AWS API is very forgiving with the resource ID passed in the `gateway_id` attribute. For example an `aws.ec2.Route` resource can be created with an `aws.ec2.NatGateway` or `aws.ec2.EgressOnlyInternetGateway` ID specified for the `gateway_id` attribute. Specifying anything other than an `aws.ec2.InternetGateway` or `aws.ec2.VpnGateway` ID will lead to this provider reporting a permanent diff between your configuration and recorded state, as the AWS API returns the more-specific attribute. If you are experiencing constant diffs with an `aws.ec2.Route` resource, the first thing to check is that the correct attribute is being specified.\n\n\u003e **NOTE on combining `vpc_endpoint_id` and `destination_prefix_list_id` attributes:** To associate a Gateway VPC Endpoint (such as S3) with destination prefix list, use the `aws.ec2.VpcEndpointRouteTableAssociation` resource instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst r = new aws.ec2.Route(\"r\", {\n routeTableId: testing.id,\n destinationCidrBlock: \"10.0.1.0/22\",\n vpcPeeringConnectionId: \"pcx-45ff3dc1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nr = aws.ec2.Route(\"r\",\n route_table_id=testing[\"id\"],\n destination_cidr_block=\"10.0.1.0/22\",\n vpc_peering_connection_id=\"pcx-45ff3dc1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var r = new Aws.Ec2.Route(\"r\", new()\n {\n RouteTableId = testing.Id,\n DestinationCidrBlock = \"10.0.1.0/22\",\n VpcPeeringConnectionId = \"pcx-45ff3dc1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewRoute(ctx, \"r\", \u0026ec2.RouteArgs{\n\t\t\tRouteTableId: pulumi.Any(testing.Id),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.1.0/22\"),\n\t\t\tVpcPeeringConnectionId: pulumi.String(\"pcx-45ff3dc1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Route;\nimport com.pulumi.aws.ec2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var r = new Route(\"r\", RouteArgs.builder()\n .routeTableId(testing.id())\n .destinationCidrBlock(\"10.0.1.0/22\")\n .vpcPeeringConnectionId(\"pcx-45ff3dc1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n r:\n type: aws:ec2:Route\n properties:\n routeTableId: ${testing.id}\n destinationCidrBlock: 10.0.1.0/22\n vpcPeeringConnectionId: pcx-45ff3dc1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example IPv6 Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {\n cidrBlock: \"10.1.0.0/16\",\n assignGeneratedIpv6CidrBlock: true,\n});\nconst egress = new aws.ec2.EgressOnlyInternetGateway(\"egress\", {vpcId: vpc.id});\nconst r = new aws.ec2.Route(\"r\", {\n routeTableId: \"rtb-4fbb3ac4\",\n destinationIpv6CidrBlock: \"::/0\",\n egressOnlyGatewayId: egress.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\",\n cidr_block=\"10.1.0.0/16\",\n assign_generated_ipv6_cidr_block=True)\negress = aws.ec2.EgressOnlyInternetGateway(\"egress\", vpc_id=vpc.id)\nr = aws.ec2.Route(\"r\",\n route_table_id=\"rtb-4fbb3ac4\",\n destination_ipv6_cidr_block=\"::/0\",\n egress_only_gateway_id=egress.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n AssignGeneratedIpv6CidrBlock = true,\n });\n\n var egress = new Aws.Ec2.EgressOnlyInternetGateway(\"egress\", new()\n {\n VpcId = vpc.Id,\n });\n\n var r = new Aws.Ec2.Route(\"r\", new()\n {\n RouteTableId = \"rtb-4fbb3ac4\",\n DestinationIpv6CidrBlock = \"::/0\",\n EgressOnlyGatewayId = egress.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t\tAssignGeneratedIpv6CidrBlock: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tegress, err := ec2.NewEgressOnlyInternetGateway(ctx, \"egress\", \u0026ec2.EgressOnlyInternetGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRoute(ctx, \"r\", \u0026ec2.RouteArgs{\n\t\t\tRouteTableId: pulumi.String(\"rtb-4fbb3ac4\"),\n\t\t\tDestinationIpv6CidrBlock: pulumi.String(\"::/0\"),\n\t\t\tEgressOnlyGatewayId: egress.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.EgressOnlyInternetGateway;\nimport com.pulumi.aws.ec2.EgressOnlyInternetGatewayArgs;\nimport com.pulumi.aws.ec2.Route;\nimport com.pulumi.aws.ec2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpc = new Vpc(\"vpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .assignGeneratedIpv6CidrBlock(true)\n .build());\n\n var egress = new EgressOnlyInternetGateway(\"egress\", EgressOnlyInternetGatewayArgs.builder()\n .vpcId(vpc.id())\n .build());\n\n var r = new Route(\"r\", RouteArgs.builder()\n .routeTableId(\"rtb-4fbb3ac4\")\n .destinationIpv6CidrBlock(\"::/0\")\n .egressOnlyGatewayId(egress.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n assignGeneratedIpv6CidrBlock: true\n egress:\n type: aws:ec2:EgressOnlyInternetGateway\n properties:\n vpcId: ${vpc.id}\n r:\n type: aws:ec2:Route\n properties:\n routeTableId: rtb-4fbb3ac4\n destinationIpv6CidrBlock: ::/0\n egressOnlyGatewayId: ${egress.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport a route in route table `rtb-656C65616E6F72` with an IPv6 destination CIDR of `2620:0:2d0:200::8/125`:\n\nImport a route in route table `rtb-656C65616E6F72` with a managed prefix list destination of `pl-0570a1d2d725c16be`:\n\n__Using `pulumi import` to import__ individual routes using `ROUTETABLEID_DESTINATION`. Import [local routes](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html#RouteTables) using the VPC's IPv4 or IPv6 CIDR blocks. For example:\n\nImport a route in route table `rtb-656C65616E6F72` with an IPv4 destination CIDR of `10.42.0.0/16`:\n\n```sh\n$ pulumi import aws:ec2/route:Route my_route rtb-656C65616E6F72_10.42.0.0/16\n```\nImport a route in route table `rtb-656C65616E6F72` with an IPv6 destination CIDR of `2620:0:2d0:200::8/125`:\n\n```sh\n$ pulumi import aws:ec2/route:Route my_route rtb-656C65616E6F72_2620:0:2d0:200::8/125\n```\nImport a route in route table `rtb-656C65616E6F72` with a managed prefix list destination of `pl-0570a1d2d725c16be`:\n\n```sh\n$ pulumi import aws:ec2/route:Route my_route rtb-656C65616E6F72_pl-0570a1d2d725c16be\n```\n", "properties": { "carrierGatewayId": { "type": "string", "description": "Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.\n" }, "coreNetworkArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a core network.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n" }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination.\n\nOne of the following target arguments must be supplied:\n" }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway. Specify `local` when updating a previously imported local route.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "instanceOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the EC2 instance.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of a Outpost local gateway.\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "origin": { "type": "string", "description": "How the route was created - `CreateRouteTable`, `CreateRoute` or `EnableVgwRoutePropagation`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n\nOne of the following destination arguments must be supplied:\n" }, "state": { "type": "string", "description": "The state of the route - `active` or `blackhole`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of a VPC Endpoint.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n\nNote that the default route, mapping the VPC's CIDR block to \"local\", is created implicitly and cannot be specified.\n" } }, "required": [ "instanceId", "instanceOwnerId", "networkInterfaceId", "origin", "routeTableId", "state" ], "inputProperties": { "carrierGatewayId": { "type": "string", "description": "Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.\n" }, "coreNetworkArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a core network.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n", "willReplaceOnChanges": true }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n", "willReplaceOnChanges": true }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination.\n\nOne of the following target arguments must be supplied:\n", "willReplaceOnChanges": true }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway. Specify `local` when updating a previously imported local route.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of a Outpost local gateway.\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n\nOne of the following destination arguments must be supplied:\n", "willReplaceOnChanges": true }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of a VPC Endpoint.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n\nNote that the default route, mapping the VPC's CIDR block to \"local\", is created implicitly and cannot be specified.\n" } }, "requiredInputs": [ "routeTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "carrierGatewayId": { "type": "string", "description": "Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.\n" }, "coreNetworkArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a core network.\n" }, "destinationCidrBlock": { "type": "string", "description": "The destination CIDR block.\n", "willReplaceOnChanges": true }, "destinationIpv6CidrBlock": { "type": "string", "description": "The destination IPv6 CIDR block.\n", "willReplaceOnChanges": true }, "destinationPrefixListId": { "type": "string", "description": "The ID of a managed prefix list destination.\n\nOne of the following target arguments must be supplied:\n", "willReplaceOnChanges": true }, "egressOnlyGatewayId": { "type": "string", "description": "Identifier of a VPC Egress Only Internet Gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of a VPC internet gateway or a virtual private gateway. Specify `local` when updating a previously imported local route.\n" }, "instanceId": { "type": "string", "description": "Identifier of an EC2 instance.\n" }, "instanceOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the EC2 instance.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of a Outpost local gateway.\n" }, "natGatewayId": { "type": "string", "description": "Identifier of a VPC NAT gateway.\n" }, "networkInterfaceId": { "type": "string", "description": "Identifier of an EC2 network interface.\n" }, "origin": { "type": "string", "description": "How the route was created - `CreateRouteTable`, `CreateRoute` or `EnableVgwRoutePropagation`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table.\n\nOne of the following destination arguments must be supplied:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The state of the route - `active` or `blackhole`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of an EC2 Transit Gateway.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of a VPC Endpoint.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "Identifier of a VPC peering connection.\n\nNote that the default route, mapping the VPC's CIDR block to \"local\", is created implicitly and cannot be specified.\n" } }, "type": "object" } }, "aws:ec2/routeTable:RouteTable": { "description": "Provides a resource to create a VPC routing table.\n\n\u003e **NOTE on Route Tables and Routes:** This provider currently\nprovides both a standalone Route resource and a Route Table resource with routes\ndefined in-line. At this time you cannot use a Route Table with in-line routes\nin conjunction with any Route resources. Doing so will cause\na conflict of rule settings and will overwrite rules.\n\n\u003e **NOTE on `gateway_id` and `nat_gateway_id`:** The AWS API is very forgiving with these two\nattributes and the `aws.ec2.RouteTable` resource can be created with a NAT ID specified as a Gateway ID attribute.\nThis _will_ lead to a permanent diff between your configuration and statefile, as the API returns the correct\nparameters in the returned route table. If you're experiencing constant diffs in your `aws.ec2.RouteTable` resources,\nthe first thing to check is whether or not you're specifying a NAT ID instead of a Gateway ID, or vice-versa.\n\n\u003e **NOTE on `propagating_vgws` and the `aws.ec2.VpnGatewayRoutePropagation` resource:**\nIf the `propagating_vgws` argument is present, it's not supported to _also_\ndefine route propagations using `aws.ec2.VpnGatewayRoutePropagation`, since\nthis resource will delete any propagating gateways not explicitly listed in\n`propagating_vgws`. Omit this argument when defining route propagation using\nthe separate resource.\n\n## Example Usage\n\n### Basic example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.RouteTable(\"example\", {\n vpcId: exampleAwsVpc.id,\n routes: [\n {\n cidrBlock: \"10.0.1.0/24\",\n gatewayId: exampleAwsInternetGateway.id,\n },\n {\n ipv6CidrBlock: \"::/0\",\n egressOnlyGatewayId: exampleAwsEgressOnlyInternetGateway.id,\n },\n ],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.RouteTable(\"example\",\n vpc_id=example_aws_vpc[\"id\"],\n routes=[\n {\n \"cidr_block\": \"10.0.1.0/24\",\n \"gateway_id\": example_aws_internet_gateway[\"id\"],\n },\n {\n \"ipv6_cidr_block\": \"::/0\",\n \"egress_only_gateway_id\": example_aws_egress_only_internet_gateway[\"id\"],\n },\n ],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.RouteTable(\"example\", new()\n {\n VpcId = exampleAwsVpc.Id,\n Routes = new[]\n {\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n CidrBlock = \"10.0.1.0/24\",\n GatewayId = exampleAwsInternetGateway.Id,\n },\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n Ipv6CidrBlock = \"::/0\",\n EgressOnlyGatewayId = exampleAwsEgressOnlyInternetGateway.Id,\n },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewRouteTable(ctx, \"example\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tRoutes: ec2.RouteTableRouteArray{\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\t\t\tGatewayId: pulumi.Any(exampleAwsInternetGateway.Id),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tIpv6CidrBlock: pulumi.String(\"::/0\"),\n\t\t\t\t\tEgressOnlyGatewayId: pulumi.Any(exampleAwsEgressOnlyInternetGateway.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.RouteTable;\nimport com.pulumi.aws.ec2.RouteTableArgs;\nimport com.pulumi.aws.ec2.inputs.RouteTableRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteTable(\"example\", RouteTableArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .routes( \n RouteTableRouteArgs.builder()\n .cidrBlock(\"10.0.1.0/24\")\n .gatewayId(exampleAwsInternetGateway.id())\n .build(),\n RouteTableRouteArgs.builder()\n .ipv6CidrBlock(\"::/0\")\n .egressOnlyGatewayId(exampleAwsEgressOnlyInternetGateway.id())\n .build())\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:RouteTable\n properties:\n vpcId: ${exampleAwsVpc.id}\n routes:\n - cidrBlock: 10.0.1.0/24\n gatewayId: ${exampleAwsInternetGateway.id}\n - ipv6CidrBlock: ::/0\n egressOnlyGatewayId: ${exampleAwsEgressOnlyInternetGateway.id}\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo subsequently remove all managed routes:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.RouteTable(\"example\", {\n vpcId: exampleAwsVpc.id,\n routes: [],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.RouteTable(\"example\",\n vpc_id=example_aws_vpc[\"id\"],\n routes=[],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.RouteTable(\"example\", new()\n {\n VpcId = exampleAwsVpc.Id,\n Routes = new[] {},\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewRouteTable(ctx, \"example\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tRoutes: ec2.RouteTableRouteArray{},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.RouteTable;\nimport com.pulumi.aws.ec2.RouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteTable(\"example\", RouteTableArgs.builder()\n .vpcId(exampleAwsVpc.id())\n .routes()\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:RouteTable\n properties:\n vpcId: ${exampleAwsVpc.id}\n routes: []\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Adopting an existing local route\n\nAWS creates certain routes that the AWS provider mostly ignores. You can manage them by importing or adopting them. See Import below for information on importing. This example shows adopting a route and then updating its target.\n\nFirst, adopt an existing AWS-created route:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.Vpc(\"test\", {cidrBlock: \"10.1.0.0/16\"});\nconst testRouteTable = new aws.ec2.RouteTable(\"test\", {\n vpcId: test.id,\n routes: [{\n cidrBlock: \"10.1.0.0/16\",\n gatewayId: \"local\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.Vpc(\"test\", cidr_block=\"10.1.0.0/16\")\ntest_route_table = aws.ec2.RouteTable(\"test\",\n vpc_id=test.id,\n routes=[{\n \"cidr_block\": \"10.1.0.0/16\",\n \"gateway_id\": \"local\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.Vpc(\"test\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var testRouteTable = new Aws.Ec2.RouteTable(\"test\", new()\n {\n VpcId = test.Id,\n Routes = new[]\n {\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n CidrBlock = \"10.1.0.0/16\",\n GatewayId = \"local\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRouteTable(ctx, \"test\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: test.ID(),\n\t\t\tRoutes: ec2.RouteTableRouteArray{\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t\t\t\tGatewayId: pulumi.String(\"local\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.RouteTable;\nimport com.pulumi.aws.ec2.RouteTableArgs;\nimport com.pulumi.aws.ec2.inputs.RouteTableRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Vpc(\"test\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var testRouteTable = new RouteTable(\"testRouteTable\", RouteTableArgs.builder()\n .vpcId(test.id())\n .routes(RouteTableRouteArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .gatewayId(\"local\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n testRouteTable:\n type: aws:ec2:RouteTable\n name: test\n properties:\n vpcId: ${test.id}\n routes:\n - cidrBlock: 10.1.0.0/16\n gatewayId: local\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nNext, update the target of the route:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.Vpc(\"test\", {cidrBlock: \"10.1.0.0/16\"});\nconst testSubnet = new aws.ec2.Subnet(\"test\", {\n cidrBlock: \"10.1.1.0/24\",\n vpcId: test.id,\n});\nconst testNetworkInterface = new aws.ec2.NetworkInterface(\"test\", {subnetId: testSubnet.id});\nconst testRouteTable = new aws.ec2.RouteTable(\"test\", {\n vpcId: test.id,\n routes: [{\n cidrBlock: test.cidrBlock,\n networkInterfaceId: testNetworkInterface.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.Vpc(\"test\", cidr_block=\"10.1.0.0/16\")\ntest_subnet = aws.ec2.Subnet(\"test\",\n cidr_block=\"10.1.1.0/24\",\n vpc_id=test.id)\ntest_network_interface = aws.ec2.NetworkInterface(\"test\", subnet_id=test_subnet.id)\ntest_route_table = aws.ec2.RouteTable(\"test\",\n vpc_id=test.id,\n routes=[{\n \"cidr_block\": test.cidr_block,\n \"network_interface_id\": test_network_interface.id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.Vpc(\"test\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var testSubnet = new Aws.Ec2.Subnet(\"test\", new()\n {\n CidrBlock = \"10.1.1.0/24\",\n VpcId = test.Id,\n });\n\n var testNetworkInterface = new Aws.Ec2.NetworkInterface(\"test\", new()\n {\n SubnetId = testSubnet.Id,\n });\n\n var testRouteTable = new Aws.Ec2.RouteTable(\"test\", new()\n {\n VpcId = test.Id,\n Routes = new[]\n {\n new Aws.Ec2.Inputs.RouteTableRouteArgs\n {\n CidrBlock = test.CidrBlock,\n NetworkInterfaceId = testNetworkInterface.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestSubnet, err := ec2.NewSubnet(ctx, \"test\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tVpcId: test.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestNetworkInterface, err := ec2.NewNetworkInterface(ctx, \"test\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: testSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRouteTable(ctx, \"test\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: test.ID(),\n\t\t\tRoutes: ec2.RouteTableRouteArray{\n\t\t\t\t\u0026ec2.RouteTableRouteArgs{\n\t\t\t\t\tCidrBlock: test.CidrBlock,\n\t\t\t\t\tNetworkInterfaceId: testNetworkInterface.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.RouteTable;\nimport com.pulumi.aws.ec2.RouteTableArgs;\nimport com.pulumi.aws.ec2.inputs.RouteTableRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Vpc(\"test\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var testSubnet = new Subnet(\"testSubnet\", SubnetArgs.builder()\n .cidrBlock(\"10.1.1.0/24\")\n .vpcId(test.id())\n .build());\n\n var testNetworkInterface = new NetworkInterface(\"testNetworkInterface\", NetworkInterfaceArgs.builder()\n .subnetId(testSubnet.id())\n .build());\n\n var testRouteTable = new RouteTable(\"testRouteTable\", RouteTableArgs.builder()\n .vpcId(test.id())\n .routes(RouteTableRouteArgs.builder()\n .cidrBlock(test.cidrBlock())\n .networkInterfaceId(testNetworkInterface.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n testRouteTable:\n type: aws:ec2:RouteTable\n name: test\n properties:\n vpcId: ${test.id}\n routes:\n - cidrBlock: ${test.cidrBlock}\n networkInterfaceId: ${testNetworkInterface.id}\n testSubnet:\n type: aws:ec2:Subnet\n name: test\n properties:\n cidrBlock: 10.1.1.0/24\n vpcId: ${test.id}\n testNetworkInterface:\n type: aws:ec2:NetworkInterface\n name: test\n properties:\n subnetId: ${testSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe target could then be updated again back to `local`.\n\n## Import\n\nUsing `pulumi import`, import Route Tables using the route table `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/routeTable:RouteTable public_rt rtb-4e616f6d69\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the route table.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\nThis means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "arn", "ownerId", "propagatingVgws", "routes", "tagsAll", "vpcId" ], "inputProperties": { "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\nThis means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the route table.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the route table.\n" }, "propagatingVgws": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual gateways for propagation.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/RouteTableRoute:RouteTableRoute" }, "description": "A list of route objects. Their keys are documented below.\nThis means that omitting this argument is interpreted as ignoring any existing routes. To remove all managed routes an empty list should be specified. See the example above.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/routeTableAssociation:RouteTableAssociation": { "description": "Provides a resource to create an association between a route table and a subnet or a route table and an\ninternet gateway or virtual private gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst a = new aws.ec2.RouteTableAssociation(\"a\", {\n subnetId: foo.id,\n routeTableId: bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na = aws.ec2.RouteTableAssociation(\"a\",\n subnet_id=foo[\"id\"],\n route_table_id=bar[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var a = new Aws.Ec2.RouteTableAssociation(\"a\", new()\n {\n SubnetId = foo.Id,\n RouteTableId = bar.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewRouteTableAssociation(ctx, \"a\", \u0026ec2.RouteTableAssociationArgs{\n\t\t\tSubnetId: pulumi.Any(foo.Id),\n\t\t\tRouteTableId: pulumi.Any(bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.RouteTableAssociation;\nimport com.pulumi.aws.ec2.RouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var a = new RouteTableAssociation(\"a\", RouteTableAssociationArgs.builder()\n .subnetId(foo.id())\n .routeTableId(bar.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n a:\n type: aws:ec2:RouteTableAssociation\n properties:\n subnetId: ${foo.id}\n routeTableId: ${bar.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.ec2.RouteTableAssociation(\"b\", {\n gatewayId: foo.id,\n routeTableId: bar.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.ec2.RouteTableAssociation(\"b\",\n gateway_id=foo[\"id\"],\n route_table_id=bar[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.Ec2.RouteTableAssociation(\"b\", new()\n {\n GatewayId = foo.Id,\n RouteTableId = bar.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewRouteTableAssociation(ctx, \"b\", \u0026ec2.RouteTableAssociationArgs{\n\t\t\tGatewayId: pulumi.Any(foo.Id),\n\t\t\tRouteTableId: pulumi.Any(bar.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.RouteTableAssociation;\nimport com.pulumi.aws.ec2.RouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new RouteTableAssociation(\"b\", RouteTableAssociationArgs.builder()\n .gatewayId(foo.id())\n .routeTableId(bar.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n b:\n type: aws:ec2:RouteTableAssociation\n properties:\n gatewayId: ${foo.id}\n routeTableId: ${bar.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nWith EC2 Internet Gateways:\n\n__Using `pulumi import` to import__ EC2 Route Table Associations using the associated resource ID and Route Table ID separated by a forward slash (`/`). For example:\n\nWith EC2 Subnets:\n\n```sh\n$ pulumi import aws:ec2/routeTableAssociation:RouteTableAssociation assoc subnet-6777656e646f6c796e/rtb-656c65616e6f72\n```\nWith EC2 Internet Gateways:\n\n```sh\n$ pulumi import aws:ec2/routeTableAssociation:RouteTableAssociation assoc igw-01b3a60780f8d034a/rtb-656c65616e6f72\n```\n", "properties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n" }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n" } }, "required": [ "routeTableId" ], "inputProperties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n", "willReplaceOnChanges": true }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "routeTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTableAssociation resources.\n", "properties": { "gatewayId": { "type": "string", "description": "The gateway ID to create an association. Conflicts with `subnet_id`.\n", "willReplaceOnChanges": true }, "routeTableId": { "type": "string", "description": "The ID of the routing table to associate with.\n" }, "subnetId": { "type": "string", "description": "The subnet ID to create an association. Conflicts with `gateway_id`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/securityGroup:SecurityGroup": { "description": "Provides a security group resource.\n\n\u003e **NOTE:** Avoid using the `ingress` and `egress` arguments of the `aws.ec2.SecurityGroup` resource to configure in-line rules, as they struggle with managing multiple CIDR blocks, and, due to the historical lack of unique IDs, tags and descriptions. To avoid these problems, use the current best practice of the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources with one CIDR block per rule.\n\n!\u003e **WARNING:** You should not use the `aws.ec2.SecurityGroup` resource with _in-line rules_ (using the `ingress` and `egress` arguments of `aws.ec2.SecurityGroup`) in conjunction with the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources or the `aws.ec2.SecurityGroupRule` resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten.\n\n\u003e **NOTE:** Referencing Security Groups across VPC peering has certain restrictions. More information is available in the [VPC Peering User Guide](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html).\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n\u003e **NOTE:** The `cidr_blocks` and `ipv6_cidr_blocks` parameters are optional in the `ingress` and `egress` blocks. If nothing is specified, traffic will be blocked as described in _NOTE on Egress rules_ later.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst allowTls = new aws.ec2.SecurityGroup(\"allow_tls\", {\n name: \"allow_tls\",\n description: \"Allow TLS inbound traffic and all outbound traffic\",\n vpcId: main.id,\n tags: {\n Name: \"allow_tls\",\n },\n});\nconst allowTlsIpv4 = new aws.vpc.SecurityGroupIngressRule(\"allow_tls_ipv4\", {\n securityGroupId: allowTls.id,\n cidrIpv4: main.cidrBlock,\n fromPort: 443,\n ipProtocol: \"tcp\",\n toPort: 443,\n});\nconst allowTlsIpv6 = new aws.vpc.SecurityGroupIngressRule(\"allow_tls_ipv6\", {\n securityGroupId: allowTls.id,\n cidrIpv6: main.ipv6CidrBlock,\n fromPort: 443,\n ipProtocol: \"tcp\",\n toPort: 443,\n});\nconst allowAllTrafficIpv4 = new aws.vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv4\", {\n securityGroupId: allowTls.id,\n cidrIpv4: \"0.0.0.0/0\",\n ipProtocol: \"-1\",\n});\nconst allowAllTrafficIpv6 = new aws.vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv6\", {\n securityGroupId: allowTls.id,\n cidrIpv6: \"::/0\",\n ipProtocol: \"-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nallow_tls = aws.ec2.SecurityGroup(\"allow_tls\",\n name=\"allow_tls\",\n description=\"Allow TLS inbound traffic and all outbound traffic\",\n vpc_id=main[\"id\"],\n tags={\n \"Name\": \"allow_tls\",\n })\nallow_tls_ipv4 = aws.vpc.SecurityGroupIngressRule(\"allow_tls_ipv4\",\n security_group_id=allow_tls.id,\n cidr_ipv4=main[\"cidrBlock\"],\n from_port=443,\n ip_protocol=\"tcp\",\n to_port=443)\nallow_tls_ipv6 = aws.vpc.SecurityGroupIngressRule(\"allow_tls_ipv6\",\n security_group_id=allow_tls.id,\n cidr_ipv6=main[\"ipv6CidrBlock\"],\n from_port=443,\n ip_protocol=\"tcp\",\n to_port=443)\nallow_all_traffic_ipv4 = aws.vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv4\",\n security_group_id=allow_tls.id,\n cidr_ipv4=\"0.0.0.0/0\",\n ip_protocol=\"-1\")\nallow_all_traffic_ipv6 = aws.vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv6\",\n security_group_id=allow_tls.id,\n cidr_ipv6=\"::/0\",\n ip_protocol=\"-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allowTls = new Aws.Ec2.SecurityGroup(\"allow_tls\", new()\n {\n Name = \"allow_tls\",\n Description = \"Allow TLS inbound traffic and all outbound traffic\",\n VpcId = main.Id,\n Tags = \n {\n { \"Name\", \"allow_tls\" },\n },\n });\n\n var allowTlsIpv4 = new Aws.Vpc.SecurityGroupIngressRule(\"allow_tls_ipv4\", new()\n {\n SecurityGroupId = allowTls.Id,\n CidrIpv4 = main.CidrBlock,\n FromPort = 443,\n IpProtocol = \"tcp\",\n ToPort = 443,\n });\n\n var allowTlsIpv6 = new Aws.Vpc.SecurityGroupIngressRule(\"allow_tls_ipv6\", new()\n {\n SecurityGroupId = allowTls.Id,\n CidrIpv6 = main.Ipv6CidrBlock,\n FromPort = 443,\n IpProtocol = \"tcp\",\n ToPort = 443,\n });\n\n var allowAllTrafficIpv4 = new Aws.Vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv4\", new()\n {\n SecurityGroupId = allowTls.Id,\n CidrIpv4 = \"0.0.0.0/0\",\n IpProtocol = \"-1\",\n });\n\n var allowAllTrafficIpv6 = new Aws.Vpc.SecurityGroupEgressRule(\"allow_all_traffic_ipv6\", new()\n {\n SecurityGroupId = allowTls.Id,\n CidrIpv6 = \"::/0\",\n IpProtocol = \"-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tallowTls, err := ec2.NewSecurityGroup(ctx, \"allow_tls\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"allow_tls\"),\n\t\t\tDescription: pulumi.String(\"Allow TLS inbound traffic and all outbound traffic\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"allow_tls\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpc.NewSecurityGroupIngressRule(ctx, \"allow_tls_ipv4\", \u0026vpc.SecurityGroupIngressRuleArgs{\n\t\t\tSecurityGroupId: allowTls.ID(),\n\t\t\tCidrIpv4: pulumi.Any(main.CidrBlock),\n\t\t\tFromPort: pulumi.Int(443),\n\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\tToPort: pulumi.Int(443),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpc.NewSecurityGroupIngressRule(ctx, \"allow_tls_ipv6\", \u0026vpc.SecurityGroupIngressRuleArgs{\n\t\t\tSecurityGroupId: allowTls.ID(),\n\t\t\tCidrIpv6: pulumi.Any(main.Ipv6CidrBlock),\n\t\t\tFromPort: pulumi.Int(443),\n\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\tToPort: pulumi.Int(443),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpc.NewSecurityGroupEgressRule(ctx, \"allow_all_traffic_ipv4\", \u0026vpc.SecurityGroupEgressRuleArgs{\n\t\t\tSecurityGroupId: allowTls.ID(),\n\t\t\tCidrIpv4: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tIpProtocol: pulumi.String(\"-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpc.NewSecurityGroupEgressRule(ctx, \"allow_all_traffic_ipv6\", \u0026vpc.SecurityGroupEgressRuleArgs{\n\t\t\tSecurityGroupId: allowTls.ID(),\n\t\t\tCidrIpv6: pulumi.String(\"::/0\"),\n\t\t\tIpProtocol: pulumi.String(\"-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.vpc.SecurityGroupIngressRule;\nimport com.pulumi.aws.vpc.SecurityGroupIngressRuleArgs;\nimport com.pulumi.aws.vpc.SecurityGroupEgressRule;\nimport com.pulumi.aws.vpc.SecurityGroupEgressRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allowTls = new SecurityGroup(\"allowTls\", SecurityGroupArgs.builder()\n .name(\"allow_tls\")\n .description(\"Allow TLS inbound traffic and all outbound traffic\")\n .vpcId(main.id())\n .tags(Map.of(\"Name\", \"allow_tls\"))\n .build());\n\n var allowTlsIpv4 = new SecurityGroupIngressRule(\"allowTlsIpv4\", SecurityGroupIngressRuleArgs.builder()\n .securityGroupId(allowTls.id())\n .cidrIpv4(main.cidrBlock())\n .fromPort(443)\n .ipProtocol(\"tcp\")\n .toPort(443)\n .build());\n\n var allowTlsIpv6 = new SecurityGroupIngressRule(\"allowTlsIpv6\", SecurityGroupIngressRuleArgs.builder()\n .securityGroupId(allowTls.id())\n .cidrIpv6(main.ipv6CidrBlock())\n .fromPort(443)\n .ipProtocol(\"tcp\")\n .toPort(443)\n .build());\n\n var allowAllTrafficIpv4 = new SecurityGroupEgressRule(\"allowAllTrafficIpv4\", SecurityGroupEgressRuleArgs.builder()\n .securityGroupId(allowTls.id())\n .cidrIpv4(\"0.0.0.0/0\")\n .ipProtocol(\"-1\")\n .build());\n\n var allowAllTrafficIpv6 = new SecurityGroupEgressRule(\"allowAllTrafficIpv6\", SecurityGroupEgressRuleArgs.builder()\n .securityGroupId(allowTls.id())\n .cidrIpv6(\"::/0\")\n .ipProtocol(\"-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowTls:\n type: aws:ec2:SecurityGroup\n name: allow_tls\n properties:\n name: allow_tls\n description: Allow TLS inbound traffic and all outbound traffic\n vpcId: ${main.id}\n tags:\n Name: allow_tls\n allowTlsIpv4:\n type: aws:vpc:SecurityGroupIngressRule\n name: allow_tls_ipv4\n properties:\n securityGroupId: ${allowTls.id}\n cidrIpv4: ${main.cidrBlock}\n fromPort: 443\n ipProtocol: tcp\n toPort: 443\n allowTlsIpv6:\n type: aws:vpc:SecurityGroupIngressRule\n name: allow_tls_ipv6\n properties:\n securityGroupId: ${allowTls.id}\n cidrIpv6: ${main.ipv6CidrBlock}\n fromPort: 443\n ipProtocol: tcp\n toPort: 443\n allowAllTrafficIpv4:\n type: aws:vpc:SecurityGroupEgressRule\n name: allow_all_traffic_ipv4\n properties:\n securityGroupId: ${allowTls.id}\n cidrIpv4: 0.0.0.0/0\n ipProtocol: '-1'\n allowAllTrafficIpv6:\n type: aws:vpc:SecurityGroupEgressRule\n name: allow_all_traffic_ipv6\n properties:\n securityGroupId: ${allowTls.id}\n cidrIpv6: ::/0\n ipProtocol: '-1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE on Egress rules:** By default, AWS creates an `ALLOW ALL` egress rule when creating a new Security Group inside of a VPC. When creating a new Security Group inside a VPC, **this provider will remove this default rule**, and require you specifically re-create it if you desire that rule. We feel this leads to fewer surprises in terms of controlling your egress rules. If you desire this rule to be in place, you can use this `egress` block:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroup(\"example\", {egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n ipv6CidrBlocks: [\"::/0\"],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroup(\"example\", egress=[{\n \"from_port\": 0,\n \"to_port\": 0,\n \"protocol\": \"-1\",\n \"cidr_blocks\": [\"0.0.0.0/0\"],\n \"ipv6_cidr_blocks\": [\"::/0\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Egress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n Ipv6CidrBlocks = new[]\n {\n \"::/0\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t\tIpv6CidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"::/0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupEgressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .egress(SecurityGroupEgressArgs.builder()\n .fromPort(0)\n .toPort(0)\n .protocol(\"-1\")\n .cidrBlocks(\"0.0.0.0/0\")\n .ipv6CidrBlocks(\"::/0\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n cidrBlocks:\n - 0.0.0.0/0\n ipv6CidrBlocks:\n - ::/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With Prefix List IDs\n\nPrefix Lists are either managed by AWS internally, or created by the customer using a\nPrefix List resource. Prefix Lists provided by\nAWS are associated with a prefix list name, or service name, that is linked to a specific region.\nPrefix list IDs are exported on VPC Endpoints, so you can use this format:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myEndpoint = new aws.ec2.VpcEndpoint(\"my_endpoint\", {});\nconst example = new aws.ec2.SecurityGroup(\"example\", {egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n prefixListIds: [myEndpoint.prefixListId],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_endpoint = aws.ec2.VpcEndpoint(\"my_endpoint\")\nexample = aws.ec2.SecurityGroup(\"example\", egress=[{\n \"from_port\": 0,\n \"to_port\": 0,\n \"protocol\": \"-1\",\n \"prefix_list_ids\": [my_endpoint.prefix_list_id],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myEndpoint = new Aws.Ec2.VpcEndpoint(\"my_endpoint\");\n\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Egress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n PrefixListIds = new[]\n {\n myEndpoint.PrefixListId,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyEndpoint, err := ec2.NewVpcEndpoint(ctx, \"my_endpoint\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tPrefixListIds: pulumi.StringArray{\n\t\t\t\t\t\tmyEndpoint.PrefixListId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupEgressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myEndpoint = new VpcEndpoint(\"myEndpoint\");\n\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .egress(SecurityGroupEgressArgs.builder()\n .fromPort(0)\n .toPort(0)\n .protocol(\"-1\")\n .prefixListIds(myEndpoint.prefixListId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n prefixListIds:\n - ${myEndpoint.prefixListId}\n myEndpoint:\n type: aws:ec2:VpcEndpoint\n name: my_endpoint\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nYou can also find a specific Prefix List using the `aws.ec2.getPrefixList` data source.\n\n### Removing All Ingress and Egress Rules\n\nThe `ingress` and `egress` arguments are processed in attributes-as-blocks mode. Due to this, removing these arguments from the configuration will **not** cause the provider to destroy the managed rules. To subsequently remove all managed ingress and egress rules:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroup(\"example\", {\n name: \"sg\",\n vpcId: exampleAwsVpc.id,\n ingress: [],\n egress: [],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroup(\"example\",\n name=\"sg\",\n vpc_id=example_aws_vpc[\"id\"],\n ingress=[],\n egress=[])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"sg\",\n VpcId = exampleAwsVpc.Id,\n Ingress = new[] {},\n Egress = new[] {},\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"sg\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tIngress: ec2.SecurityGroupIngressArray{},\n\t\t\tEgress: ec2.SecurityGroupEgressArray{},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .name(\"sg\")\n .vpcId(exampleAwsVpc.id())\n .ingress()\n .egress()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n name: sg\n vpcId: ${exampleAwsVpc.id}\n ingress: []\n egress: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Recreating a Security Group\n\nA simple security group `name` change \"forces new\" the security group--the provider destroys the security group and creates a new one. (Likewise, `description`, `name_prefix`, or `vpc_id` [cannot be changed](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#creating-security-group).) Attempting to recreate the security group leads to a variety of complications depending on how it is used.\n\nSecurity groups are generally associated with other resources--**more than 100** AWS Provider resources reference security groups. Referencing a resource from another resource creates a one-way dependency. For example, if you create an EC2 `aws.ec2.Instance` that has a `vpc_security_group_ids` argument that refers to an `aws.ec2.SecurityGroup` resource, the `aws.ec2.SecurityGroup` is a dependent of the `aws.ec2.Instance`. Because of this, the provider will create the security group first so that it can then be associated with the EC2 instance.\n\nHowever, the dependency relationship actually goes both directions causing the _Security Group Deletion Problem_. AWS does not allow you to delete the security group associated with another resource (_e.g._, the `aws.ec2.Instance`).\n\nThe provider does not model bi-directional dependencies like this, but, even if it did, simply knowing the dependency situation would not be enough to solve it. For example, some resources must always have an associated security group while others don't need to. In addition, when the `aws.ec2.SecurityGroup` resource attempts to recreate, it receives a dependent object error, which does not provide information on whether the dependent object is a security group rule or, for example, an associated EC2 instance. Within the provider, the associated resource (_e.g._, `aws.ec2.Instance`) does not receive an error when the `aws.ec2.SecurityGroup` is trying to recreate even though that is where changes to the associated resource would need to take place (_e.g._, removing the security group association).\n\nDespite these sticky problems, below are some ways to improve your experience when you find it necessary to recreate a security group.\n\n### Shorter timeout\n\n(This example is one approach to recreating security groups. For more information on the challenges and the _Security Group Deletion Problem_, see the section above.)\n\nIf destroying a security group takes a long time, it may be because the provider cannot distinguish between a dependent object (_e.g._, a security group rule or EC2 instance) that is _in the process of being deleted_ and one that is not. In other words, it may be waiting for a train that isn't scheduled to arrive. To fail faster, shorten the `delete` timeout from the default timeout:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroup(\"example\", {name: \"izizavle\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroup(\"example\", name=\"izizavle\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"izizavle\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"izizavle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .name(\"izizavle\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n name: izizavle\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Provisioners\n\n(This example is one approach to recreating security groups. For more information on the challenges and the _Security Group Deletion Problem_, see the section above.)\n\n**DISCLAIMER:** We **_HIGHLY_** recommend using one of the above approaches and _NOT_ using local provisioners. Provisioners, like the one shown below, should be considered a **last resort** since they are _not readable_, _require skills outside standard configuration_, are _error prone_ and _difficult to maintain_, are not compatible with cloud environments and upgrade tools, require AWS CLI installation, and are subject to changes outside the AWS Provider.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as _null from \"@pulumi/null\";\nimport * as aws from \"@pulumi/aws\";\nimport * as command from \"@pulumi/command\";\nimport * as std from \"@pulumi/std\";\n\nconst default = aws.ec2.getSecurityGroup({\n name: \"default\",\n});\nconst example = new aws.ec2.SecurityGroup(\"example\", {\n name: \"sg\",\n tags: {\n workaround1: \"tagged-name\",\n workaround2: _default.then(_default =\u003e _default.id),\n },\n});\nconst exampleProvisioner0 = new command.local.Command(\"exampleProvisioner0\", {\n create: \"true\",\n update: \"true\",\n \"delete\": ` ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \"Name=tag:Name,Values=${tags.workaround1}\" --query \"VpcEndpoints[0].VpcEndpointId\" --output text` \u0026\u0026\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${ENDPOINT_ID} --add-security-group-ids ${tags.workaround2} --remove-security-group-ids ${id}\n`,\n}, {\n dependsOn: [example],\n});\nconst exampleResource = new _null.Resource(\"example\", {triggers: {\n rerun_upon_change_of: std.join({\n separator: \",\",\n input: exampleAwsVpcEndpoint.securityGroupIds,\n }).then(invoke =\u003e invoke.result),\n}});\nconst exampleResourceProvisioner0 = new command.local.Command(\"exampleResourceProvisioner0\", {create: ` aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${exampleAwsVpcEndpoint.id} --remove-security-group-ids ${_default.id}\n`}, {\n dependsOn: [exampleResource],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_command as command\nimport pulumi_null as null\nimport pulumi_std as std\n\ndefault = aws.ec2.get_security_group(name=\"default\")\nexample = aws.ec2.SecurityGroup(\"example\",\n name=\"sg\",\n tags={\n \"workaround1\": \"tagged-name\",\n \"workaround2\": default.id,\n })\nexample_provisioner0 = command.local.Command(\"exampleProvisioner0\",\n create=true,\n update=true,\n delete=f ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \"Name=tag:Name,Values={tags.workaround1}\" --query \"VpcEndpoints[0].VpcEndpointId\" --output text` \u0026\u0026\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${{ENDPOINT_ID}} --add-security-group-ids {tags.workaround2} --remove-security-group-ids {id}\n,\n opts = pulumi.ResourceOptions(depends_on=[example]))\nexample_resource = null.Resource(\"example\", triggers={\n \"rerun_upon_change_of\": std.join(separator=\",\",\n input=example_aws_vpc_endpoint[\"securityGroupIds\"]).result,\n})\nexample_resource_provisioner0 = command.local.Command(\"exampleResourceProvisioner0\", create=f aws ec2 modify-vpc-endpoint --vpc-endpoint-id {example_aws_vpc_endpoint.id} --remove-security-group-ids {default.id}\n,\nopts = pulumi.ResourceOptions(depends_on=[example_resource]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Command = Pulumi.Command;\nusing Null = Pulumi.Null;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.Ec2.GetSecurityGroup.Invoke(new()\n {\n Name = \"default\",\n });\n\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"sg\",\n Tags = \n {\n { \"workaround1\", \"tagged-name\" },\n { \"workaround2\", @default.Apply(@default =\u003e @default.Apply(getSecurityGroupResult =\u003e getSecurityGroupResult.Id)) },\n },\n });\n\n var exampleProvisioner0 = new Command.Local.Command(\"exampleProvisioner0\", new()\n {\n Create = \"true\",\n Update = \"true\",\n Delete = @$\" ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \"\"Name=tag:Name,Values={tags.Workaround1}\"\" --query \"\"VpcEndpoints[0].VpcEndpointId\"\" --output text` \u0026\u0026\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${{ENDPOINT_ID}} --add-security-group-ids {tags.Workaround2} --remove-security-group-ids {id}\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleResource = new Null.Resource(\"example\", new()\n {\n Triggers = \n {\n { \"rerun_upon_change_of\", Std.Join.Invoke(new()\n {\n Separator = \",\",\n Input = exampleAwsVpcEndpoint.SecurityGroupIds,\n }).Apply(invoke =\u003e invoke.Result) },\n },\n });\n\n var exampleResourceProvisioner0 = new Command.Local.Command(\"exampleResourceProvisioner0\", new()\n {\n Create = @$\" aws ec2 modify-vpc-endpoint --vpc-endpoint-id {exampleAwsVpcEndpoint.Id} --remove-security-group-ids {@default.Apply(getSecurityGroupResult =\u003e getSecurityGroupResult.Id)}\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleResource,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-command/sdk/go/command/local\"\n\t\"github.com/pulumi/pulumi-null/sdk/go/null\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_default, err := ec2.LookupSecurityGroup(ctx, \u0026ec2.LookupSecurityGroupArgs{\n\t\t\tName: pulumi.StringRef(\"default\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"sg\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"workaround1\": pulumi.String(\"tagged-name\"),\n\t\t\t\t\"workaround2\": pulumi.String(_default.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = local.NewCommand(ctx, \"exampleProvisioner0\", \u0026local.CommandArgs{\n\t\t\tCreate: \"true\",\n\t\t\tUpdate: \"true\",\n\t\t\tDelete: fmt.Sprintf(\" ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \\\"Name=tag:Name,Values=%v\\\" --query \\\"VpcEndpoints[0].VpcEndpointId\\\" --output text` \u0026\u0026\\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${ENDPOINT_ID} --add-security-group-ids %v --remove-security-group-ids %v\\n\", tags.Workaround1, tags.Workaround2, id),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeJoin, err := std.Join(ctx, \u0026std.JoinArgs{\n\t\t\tSeparator: \",\",\n\t\t\tInput: exampleAwsVpcEndpoint.SecurityGroupIds,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleResource, err := null.NewResource(ctx, \"example\", \u0026null.ResourceArgs{\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"rerun_upon_change_of\": pulumi.String(invokeJoin.Result),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = local.NewCommand(ctx, \"exampleResourceProvisioner0\", \u0026local.CommandArgs{\n\t\t\tCreate: fmt.Sprintf(\" aws ec2 modify-vpc-endpoint --vpc-endpoint-id %v --remove-security-group-ids %v\\n\", exampleAwsVpcEndpoint.Id, _default.Id),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleResource,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSecurityGroupArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.command.local.Command;\nimport com.pulumi.command.local.CommandArgs;\nimport com.pulumi.null.Resource;\nimport com.pulumi.null.ResourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = Ec2Functions.getSecurityGroup(GetSecurityGroupArgs.builder()\n .name(\"default\")\n .build());\n\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .name(\"sg\")\n .tags(Map.ofEntries(\n Map.entry(\"workaround1\", \"tagged-name\"),\n Map.entry(\"workaround2\", default_.id())\n ))\n .build());\n\n var exampleProvisioner0 = new Command(\"exampleProvisioner0\", CommandArgs.builder()\n .create(\"true\")\n .update(\"true\")\n .delete(\"\"\"\n ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \"Name=tag:Name,Values=%s\" --query \"VpcEndpoints[0].VpcEndpointId\" --output text` \u0026\u0026\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${ENDPOINT_ID} --add-security-group-ids %s --remove-security-group-ids %s\n\", tags.workaround1(),tags.workaround2(),id))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleResource = new Resource(\"exampleResource\", ResourceArgs.builder()\n .triggers(Map.of(\"rerun_upon_change_of\", StdFunctions.join(JoinArgs.builder()\n .separator(\",\")\n .input(exampleAwsVpcEndpoint.securityGroupIds())\n .build()).result()))\n .build());\n\n var exampleResourceProvisioner0 = new Command(\"exampleResourceProvisioner0\", CommandArgs.builder()\n .create(\"\"\"\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id %s --remove-security-group-ids %s\n\", exampleAwsVpcEndpoint.id(),default_.id()))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleResource)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n name: sg\n tags:\n workaround1: tagged-name\n workaround2: ${default.id}\n exampleProvisioner0:\n type: command:local:Command\n properties:\n create: 'true'\n update: 'true'\n delete: |2\n ENDPOINT_ID=`aws ec2 describe-vpc-endpoints --filters \"Name=tag:Name,Values=${tags.workaround1}\" --query \"VpcEndpoints[0].VpcEndpointId\" --output text` \u0026\u0026\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${ENDPOINT_ID} --add-security-group-ids ${tags.workaround2} --remove-security-group-ids ${id}\n options:\n dependson:\n - ${example}\n exampleResource:\n type: null:Resource\n name: example\n properties:\n triggers:\n rerun_upon_change_of:\n fn::invoke:\n Function: std:join\n Arguments:\n separator: ','\n input: ${exampleAwsVpcEndpoint.securityGroupIds}\n Return: result\n exampleResourceProvisioner0:\n type: command:local:Command\n properties:\n create: |2\n aws ec2 modify-vpc-endpoint --vpc-endpoint-id ${exampleAwsVpcEndpoint.id} --remove-security-group-ids ${default.id}\n options:\n dependson:\n - ${exampleResource}\nvariables:\n default:\n fn::invoke:\n Function: aws:ec2:getSecurityGroup\n Arguments:\n name: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Groups using the security group `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/securityGroup:SecurityGroup elb_sg sg-903004f8\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the security group.\n" }, "description": { "type": "string", "description": "Security group description. Defaults to `Managed by Pulumi`. Cannot be `\"\"`. **NOTE**: This field maps to the AWS `GroupDescription` attribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, use `tags`.\n", "default": "Managed by Pulumi" }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "name": { "type": "string", "description": "Name of the security group. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "ownerId": { "type": "string", "description": "Owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "VPC ID. Defaults to the region's default VPC.\n" } }, "required": [ "arn", "description", "egress", "ingress", "name", "namePrefix", "ownerId", "tagsAll", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "Security group description. Defaults to `Managed by Pulumi`. Cannot be `\"\"`. **NOTE**: This field maps to the AWS `GroupDescription` attribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, use `tags`.\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "name": { "type": "string", "description": "Name of the security group. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "VPC ID. Defaults to the region's default VPC.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the security group.\n" }, "description": { "type": "string", "description": "Security group description. Defaults to `Managed by Pulumi`. Cannot be `\"\"`. **NOTE**: This field maps to the AWS `GroupDescription` attribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, use `tags`.\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "egress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress" }, "description": "Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "ingress": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress" }, "description": "Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.\n" }, "name": { "type": "string", "description": "Name of the security group. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "Owner ID.\n" }, "revokeRulesOnDelete": { "type": "boolean", "description": "Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "VPC ID. Defaults to the region's default VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/securityGroupAssociation:SecurityGroupAssociation": { "description": "Provides a resource to create an association between a VPC endpoint and a security group.\n\n\u003e **NOTE on VPC Endpoints and VPC Endpoint Security Group Associations:** The provider provides\nboth a standalone VPC Endpoint Security Group Association (an association between a VPC endpoint\nand a single `security_group_id`) and a VPC Endpoint resource with a `security_group_ids`\nattribute. Do not use the same security group ID in both a VPC Endpoint resource and a VPC Endpoint Security\nGroup Association resource. Doing so will cause a conflict of associations and will overwrite the association.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sgEc2 = new aws.ec2.SecurityGroupAssociation(\"sg_ec2\", {\n vpcEndpointId: ec2.id,\n securityGroupId: sg.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsg_ec2 = aws.ec2.SecurityGroupAssociation(\"sg_ec2\",\n vpc_endpoint_id=ec2[\"id\"],\n security_group_id=sg[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sgEc2 = new Aws.Ec2.SecurityGroupAssociation(\"sg_ec2\", new()\n {\n VpcEndpointId = ec2.Id,\n SecurityGroupId = sg.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSecurityGroupAssociation(ctx, \"sg_ec2\", \u0026ec2.SecurityGroupAssociationArgs{\n\t\t\tVpcEndpointId: pulumi.Any(ec2.Id),\n\t\t\tSecurityGroupId: pulumi.Any(sg.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroupAssociation;\nimport com.pulumi.aws.ec2.SecurityGroupAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sgEc2 = new SecurityGroupAssociation(\"sgEc2\", SecurityGroupAssociationArgs.builder()\n .vpcEndpointId(ec2.id())\n .securityGroupId(sg.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sgEc2:\n type: aws:ec2:SecurityGroupAssociation\n name: sg_ec2\n properties:\n vpcEndpointId: ${ec2.id}\n securityGroupId: ${sg.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "replaceDefaultAssociation": { "type": "boolean", "description": "Whether this association should replace the association with the VPC's default security group that is created when no security groups are specified during VPC endpoint creation. At most 1 association per-VPC endpoint should be configured with `replace_default_association = true`.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group to be associated with the VPC endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the security group will be associated.\n" } }, "required": [ "securityGroupId", "vpcEndpointId" ], "inputProperties": { "replaceDefaultAssociation": { "type": "boolean", "description": "Whether this association should replace the association with the VPC's default security group that is created when no security groups are specified during VPC endpoint creation. At most 1 association per-VPC endpoint should be configured with `replace_default_association = true`.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group to be associated with the VPC endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the security group will be associated.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "securityGroupId", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroupAssociation resources.\n", "properties": { "replaceDefaultAssociation": { "type": "boolean", "description": "Whether this association should replace the association with the VPC's default security group that is created when no security groups are specified during VPC endpoint creation. At most 1 association per-VPC endpoint should be configured with `replace_default_association = true`.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "The ID of the security group to be associated with the VPC endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the security group will be associated.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/securityGroupRule:SecurityGroupRule": { "description": "Provides a security group rule resource. Represents a single `ingress` or `egress` group rule, which can be added to external Security Groups.\n\n\u003e **NOTE:** Avoid using the `aws.ec2.SecurityGroupRule` resource, as it struggles with managing multiple CIDR blocks, and, due to the historical lack of unique IDs, tags and descriptions. To avoid these problems, use the current best practice of the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources with one CIDR block per rule.\n\n!\u003e **WARNING:** You should not use the `aws.ec2.SecurityGroupRule` resource in conjunction with `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources or with an `aws.ec2.SecurityGroup` resource that has in-line rules. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten.\n\n\u003e **NOTE:** Setting `protocol = \"all\"` or `protocol = -1` with `from_port` and `to_port` will result in the EC2 API creating a security group rule with all ports open. This API behavior cannot be controlled by this provider and may generate warnings in the future.\n\n\u003e **NOTE:** Referencing Security Groups across VPC peering has certain restrictions. More information is available in the [VPC Peering User Guide](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html).\n\n## Example Usage\n\nBasic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroupRule(\"example\", {\n type: \"ingress\",\n fromPort: 0,\n toPort: 65535,\n protocol: aws.ec2.ProtocolType.TCP,\n cidrBlocks: [exampleAwsVpc.cidrBlock],\n ipv6CidrBlocks: [exampleAwsVpc.ipv6CidrBlock],\n securityGroupId: \"sg-123456\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroupRule(\"example\",\n type=\"ingress\",\n from_port=0,\n to_port=65535,\n protocol=aws.ec2.ProtocolType.TCP,\n cidr_blocks=[example_aws_vpc[\"cidrBlock\"]],\n ipv6_cidr_blocks=[example_aws_vpc[\"ipv6CidrBlock\"]],\n security_group_id=\"sg-123456\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SecurityGroupRule(\"example\", new()\n {\n Type = \"ingress\",\n FromPort = 0,\n ToPort = 65535,\n Protocol = Aws.Ec2.ProtocolType.TCP,\n CidrBlocks = new[]\n {\n exampleAwsVpc.CidrBlock,\n },\n Ipv6CidrBlocks = new[]\n {\n exampleAwsVpc.Ipv6CidrBlock,\n },\n SecurityGroupId = \"sg-123456\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSecurityGroupRule(ctx, \"example\", \u0026ec2.SecurityGroupRuleArgs{\n\t\t\tType: pulumi.String(\"ingress\"),\n\t\t\tFromPort: pulumi.Int(0),\n\t\t\tToPort: pulumi.Int(65535),\n\t\t\tProtocol: pulumi.String(ec2.ProtocolTypeTCP),\n\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\texampleAwsVpc.CidrBlock,\n\t\t\t},\n\t\t\tIpv6CidrBlocks: pulumi.StringArray{\n\t\t\t\texampleAwsVpc.Ipv6CidrBlock,\n\t\t\t},\n\t\t\tSecurityGroupId: pulumi.String(\"sg-123456\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroupRule;\nimport com.pulumi.aws.ec2.SecurityGroupRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroupRule(\"example\", SecurityGroupRuleArgs.builder()\n .type(\"ingress\")\n .fromPort(0)\n .toPort(65535)\n .protocol(\"tcp\")\n .cidrBlocks(exampleAwsVpc.cidrBlock())\n .ipv6CidrBlocks(exampleAwsVpc.ipv6CidrBlock())\n .securityGroupId(\"sg-123456\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroupRule\n properties:\n type: ingress\n fromPort: 0\n toPort: 65535\n protocol: tcp\n cidrBlocks:\n - ${exampleAwsVpc.cidrBlock}\n ipv6CidrBlocks:\n - ${exampleAwsVpc.ipv6CidrBlock}\n securityGroupId: sg-123456\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With Prefix List IDs\n\nPrefix Lists are either managed by AWS internally, or created by the customer using a\nManaged Prefix List resource. Prefix Lists provided by\nAWS are associated with a prefix list name, or service name, that is linked to a specific region.\n\nPrefix list IDs are exported on VPC Endpoints, so you can use this format:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst myEndpoint = new aws.ec2.VpcEndpoint(\"my_endpoint\", {});\nconst allowAll = new aws.ec2.SecurityGroupRule(\"allow_all\", {\n type: \"egress\",\n toPort: 0,\n protocol: \"-1\",\n prefixListIds: [myEndpoint.prefixListId],\n fromPort: 0,\n securityGroupId: \"sg-123456\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nmy_endpoint = aws.ec2.VpcEndpoint(\"my_endpoint\")\nallow_all = aws.ec2.SecurityGroupRule(\"allow_all\",\n type=\"egress\",\n to_port=0,\n protocol=\"-1\",\n prefix_list_ids=[my_endpoint.prefix_list_id],\n from_port=0,\n security_group_id=\"sg-123456\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...\n var myEndpoint = new Aws.Ec2.VpcEndpoint(\"my_endpoint\");\n\n var allowAll = new Aws.Ec2.SecurityGroupRule(\"allow_all\", new()\n {\n Type = \"egress\",\n ToPort = 0,\n Protocol = \"-1\",\n PrefixListIds = new[]\n {\n myEndpoint.PrefixListId,\n },\n FromPort = 0,\n SecurityGroupId = \"sg-123456\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...\n\t\tmyEndpoint, err := ec2.NewVpcEndpoint(ctx, \"my_endpoint\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroupRule(ctx, \"allow_all\", \u0026ec2.SecurityGroupRuleArgs{\n\t\t\tType: pulumi.String(\"egress\"),\n\t\t\tToPort: pulumi.Int(0),\n\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\tPrefixListIds: pulumi.StringArray{\n\t\t\t\tmyEndpoint.PrefixListId,\n\t\t\t},\n\t\t\tFromPort: pulumi.Int(0),\n\t\t\tSecurityGroupId: pulumi.String(\"sg-123456\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.SecurityGroupRule;\nimport com.pulumi.aws.ec2.SecurityGroupRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...\n var myEndpoint = new VpcEndpoint(\"myEndpoint\");\n\n var allowAll = new SecurityGroupRule(\"allowAll\", SecurityGroupRuleArgs.builder()\n .type(\"egress\")\n .toPort(0)\n .protocol(\"-1\")\n .prefixListIds(myEndpoint.prefixListId())\n .fromPort(0)\n .securityGroupId(\"sg-123456\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowAll:\n type: aws:ec2:SecurityGroupRule\n name: allow_all\n properties:\n type: egress\n toPort: 0\n protocol: '-1'\n prefixListIds:\n - ${myEndpoint.prefixListId}\n fromPort: 0\n securityGroupId: sg-123456\n # ...\n myEndpoint:\n type: aws:ec2:VpcEndpoint\n name: my_endpoint\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nYou can also find a specific Prefix List using the `aws.ec2.getPrefixList`\nor `ec2_managed_prefix_list` data sources:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst s3 = current.then(current =\u003e aws.ec2.getPrefixList({\n name: `com.amazonaws.${current.name}.s3`,\n}));\nconst s3GatewayEgress = new aws.ec2.SecurityGroupRule(\"s3_gateway_egress\", {\n description: \"S3 Gateway Egress\",\n type: \"egress\",\n securityGroupId: \"sg-123456\",\n fromPort: 443,\n toPort: 443,\n protocol: aws.ec2.ProtocolType.TCP,\n prefixListIds: [s3.then(s3 =\u003e s3.id)],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ns3 = aws.ec2.get_prefix_list(name=f\"com.amazonaws.{current.name}.s3\")\ns3_gateway_egress = aws.ec2.SecurityGroupRule(\"s3_gateway_egress\",\n description=\"S3 Gateway Egress\",\n type=\"egress\",\n security_group_id=\"sg-123456\",\n from_port=443,\n to_port=443,\n protocol=aws.ec2.ProtocolType.TCP,\n prefix_list_ids=[s3.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var s3 = Aws.Ec2.GetPrefixList.Invoke(new()\n {\n Name = $\"com.amazonaws.{current.Apply(getRegionResult =\u003e getRegionResult.Name)}.s3\",\n });\n\n var s3GatewayEgress = new Aws.Ec2.SecurityGroupRule(\"s3_gateway_egress\", new()\n {\n Description = \"S3 Gateway Egress\",\n Type = \"egress\",\n SecurityGroupId = \"sg-123456\",\n FromPort = 443,\n ToPort = 443,\n Protocol = Aws.Ec2.ProtocolType.TCP,\n PrefixListIds = new[]\n {\n s3.Apply(getPrefixListResult =\u003e getPrefixListResult.Id),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ts3, err := ec2.GetPrefixList(ctx, \u0026ec2.GetPrefixListArgs{\n\t\t\tName: pulumi.StringRef(fmt.Sprintf(\"com.amazonaws.%v.s3\", current.Name)),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroupRule(ctx, \"s3_gateway_egress\", \u0026ec2.SecurityGroupRuleArgs{\n\t\t\tDescription: pulumi.String(\"S3 Gateway Egress\"),\n\t\t\tType: pulumi.String(\"egress\"),\n\t\t\tSecurityGroupId: pulumi.String(\"sg-123456\"),\n\t\t\tFromPort: pulumi.Int(443),\n\t\t\tToPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(ec2.ProtocolTypeTCP),\n\t\t\tPrefixListIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(s3.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPrefixListArgs;\nimport com.pulumi.aws.ec2.SecurityGroupRule;\nimport com.pulumi.aws.ec2.SecurityGroupRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var s3 = Ec2Functions.getPrefixList(GetPrefixListArgs.builder()\n .name(String.format(\"com.amazonaws.%s.s3\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build());\n\n var s3GatewayEgress = new SecurityGroupRule(\"s3GatewayEgress\", SecurityGroupRuleArgs.builder()\n .description(\"S3 Gateway Egress\")\n .type(\"egress\")\n .securityGroupId(\"sg-123456\")\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .prefixListIds(s3.applyValue(getPrefixListResult -\u003e getPrefixListResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3GatewayEgress:\n type: aws:ec2:SecurityGroupRule\n name: s3_gateway_egress\n properties:\n description: S3 Gateway Egress\n type: egress\n securityGroupId: sg-123456\n fromPort: 443\n toPort: 443\n protocol: tcp\n prefixListIds:\n - ${s3.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n s3:\n fn::invoke:\n Function: aws:ec2:getPrefixList\n Arguments:\n name: com.amazonaws.${current.name}.s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport a rule with various IPv4 and IPv6 source CIDR blocks:\n\nImport a rule, applicable to all ports, with a protocol other than TCP/UDP/ICMP/ICMPV6/ALL, e.g., Multicast Transport Protocol (MTP), using the IANA protocol number. For example: 92.\n\nImport a default any/any egress rule to 0.0.0.0/0:\n\nImport an egress rule with a prefix list ID destination:\n\nImport a rule applicable to all protocols and ports with a security group source:\n\nImport a rule that has itself and an IPv6 CIDR block as sources:\n\n__Using `pulumi import` to import__ Security Group Rules using the `security_group_id`, `type`, `protocol`, `from_port`, `to_port`, and source(s)/destination(s) (such as a `cidr_block`) separated by underscores (`_`). All parts are required. For example:\n\n__NOTE:__ Not all rule permissions (e.g., not all of a rule's CIDR blocks) need to be imported for this provider to manage rule permissions. However, importing some of a rule's permissions but not others, and then making changes to the rule will result in the creation of an additional rule to capture the updated permissions. Rule permissions that were not imported are left intact in the original rule.\n\nImport an ingress rule in security group `sg-6e616f6d69` for TCP port 8000 with an IPv4 destination CIDR of `10.0.3.0/24`:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule ingress sg-6e616f6d69_ingress_tcp_8000_8000_10.0.3.0/24\n```\nImport a rule with various IPv4 and IPv6 source CIDR blocks:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule ingress sg-4973616163_ingress_tcp_100_121_10.1.0.0/16_2001:db8::/48_10.2.0.0/16_2002:db8::/48\n```\nImport a rule, applicable to all ports, with a protocol other than TCP/UDP/ICMP/ICMPV6/ALL, e.g., Multicast Transport Protocol (MTP), using the IANA protocol number. For example: 92.\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule ingress sg-6777656e646f6c796e_ingress_92_0_65536_10.0.3.0/24_10.0.4.0/24\n```\nImport a default any/any egress rule to 0.0.0.0/0:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule default_egress sg-6777656e646f6c796e_egress_all_0_0_0.0.0.0/0\n```\nImport an egress rule with a prefix list ID destination:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule egress sg-62726f6479_egress_tcp_8000_8000_pl-6469726b\n```\nImport a rule applicable to all protocols and ports with a security group source:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule ingress_rule sg-7472697374616e_ingress_all_0_65536_sg-6176657279\n```\nImport a rule that has itself and an IPv6 CIDR block as sources:\n\n```sh\n$ pulumi import aws:ec2/securityGroupRule:SecurityGroupRule rule_name sg-656c65616e6f72_ingress_tcp_80_80_self_2001:db8::/48\n```\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n" }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n" }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n" }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of Prefix List IDs.\n" }, "protocol": { "type": "string", "description": "Protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n" }, "securityGroupId": { "type": "string", "description": "Security group to apply this rule to.\n" }, "securityGroupRuleId": { "type": "string", "description": "If the `aws.ec2.SecurityGroupRule` resource has a single source or destination then this is the AWS Security Group Rule resource ID. Otherwise it is empty.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this ingress rule. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `source_security_group_id`.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "Security group id to allow access to/from, depending on the `type`. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `self`.\n" }, "toPort": { "type": "integer", "description": "End port (or ICMP code if protocol is \"icmp\").\n" }, "type": { "type": "string", "description": "Type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n\nThe following arguments are optional:\n\n\u003e **Note** Although `cidr_blocks`, `ipv6_cidr_blocks`, `prefix_list_ids`, and `source_security_group_id` are all marked as optional, you _must_ provide one of them in order to configure the source of the traffic.\n" } }, "required": [ "fromPort", "protocol", "securityGroupId", "securityGroupRuleId", "sourceSecurityGroupId", "toPort", "type" ], "inputProperties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n", "willReplaceOnChanges": true }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n", "willReplaceOnChanges": true }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of Prefix List IDs.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/ProtocolType:ProtocolType" } ], "description": "Protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "Security group to apply this rule to.\n", "willReplaceOnChanges": true }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this ingress rule. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `source_security_group_id`.\n", "willReplaceOnChanges": true }, "sourceSecurityGroupId": { "type": "string", "description": "Security group id to allow access to/from, depending on the `type`. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `self`.\n", "willReplaceOnChanges": true }, "toPort": { "type": "integer", "description": "End port (or ICMP code if protocol is \"icmp\").\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n\nThe following arguments are optional:\n\n\u003e **Note** Although `cidr_blocks`, `ipv6_cidr_blocks`, `prefix_list_ids`, and `source_security_group_id` are all marked as optional, you _must_ provide one of them in order to configure the source of the traffic.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "fromPort", "protocol", "securityGroupId", "toPort", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroupRule resources.\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the rule.\n" }, "fromPort": { "type": "integer", "description": "Start port (or ICMP type number if protocol is \"icmp\" or \"icmpv6\").\n", "willReplaceOnChanges": true }, "ipv6CidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 CIDR blocks. Cannot be specified with `source_security_group_id` or `self`.\n", "willReplaceOnChanges": true }, "prefixListIds": { "type": "array", "items": { "type": "string" }, "description": "List of Prefix List IDs.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ec2/ProtocolType:ProtocolType" } ], "description": "Protocol. If not icmp, icmpv6, tcp, udp, or all use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "Security group to apply this rule to.\n", "willReplaceOnChanges": true }, "securityGroupRuleId": { "type": "string", "description": "If the `aws.ec2.SecurityGroupRule` resource has a single source or destination then this is the AWS Security Group Rule resource ID. Otherwise it is empty.\n" }, "self": { "type": "boolean", "description": "Whether the security group itself will be added as a source to this ingress rule. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `source_security_group_id`.\n", "willReplaceOnChanges": true }, "sourceSecurityGroupId": { "type": "string", "description": "Security group id to allow access to/from, depending on the `type`. Cannot be specified with `cidr_blocks`, `ipv6_cidr_blocks`, or `self`.\n", "willReplaceOnChanges": true }, "toPort": { "type": "integer", "description": "End port (or ICMP code if protocol is \"icmp\").\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of rule being created. Valid options are `ingress` (inbound)\nor `egress` (outbound).\n\nThe following arguments are optional:\n\n\u003e **Note** Although `cidr_blocks`, `ipv6_cidr_blocks`, `prefix_list_ids`, and `source_security_group_id` are all marked as optional, you _must_ provide one of them in order to configure the source of the traffic.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/serialConsoleAccess:SerialConsoleAccess": { "description": "Provides a resource to manage whether serial console access is enabled for your AWS account in the current AWS region.\n\n\u003e **NOTE:** Removing this resource disables serial console access.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SerialConsoleAccess(\"example\", {enabled: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SerialConsoleAccess(\"example\", enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SerialConsoleAccess(\"example\", new()\n {\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSerialConsoleAccess(ctx, \"example\", \u0026ec2.SerialConsoleAccessArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SerialConsoleAccess;\nimport com.pulumi.aws.ec2.SerialConsoleAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SerialConsoleAccess(\"example\", SerialConsoleAccessArgs.builder()\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SerialConsoleAccess\n properties:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import serial console access state. For example:\n\n```sh\n$ pulumi import aws:ec2/serialConsoleAccess:SerialConsoleAccess example default\n```\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not serial console access is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "inputProperties": { "enabled": { "type": "boolean", "description": "Whether or not serial console access is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SerialConsoleAccess resources.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether or not serial console access is enabled. Valid values are `true` or `false`. Defaults to `true`.\n" } }, "type": "object" } }, "aws:ec2/snapshotCreateVolumePermission:SnapshotCreateVolumePermission": { "description": "Adds permission to create volumes off of a given EBS Snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 40,\n});\nconst exampleSnapshot = new aws.ebs.Snapshot(\"example_snapshot\", {volumeId: example.id});\nconst examplePerm = new aws.ec2.SnapshotCreateVolumePermission(\"example_perm\", {\n snapshotId: exampleSnapshot.id,\n accountId: \"12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=40)\nexample_snapshot = aws.ebs.Snapshot(\"example_snapshot\", volume_id=example.id)\nexample_perm = aws.ec2.SnapshotCreateVolumePermission(\"example_perm\",\n snapshot_id=example_snapshot.id,\n account_id=\"12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 40,\n });\n\n var exampleSnapshot = new Aws.Ebs.Snapshot(\"example_snapshot\", new()\n {\n VolumeId = example.Id,\n });\n\n var examplePerm = new Aws.Ec2.SnapshotCreateVolumePermission(\"example_perm\", new()\n {\n SnapshotId = exampleSnapshot.Id,\n AccountId = \"12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(40),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := ebs.NewSnapshot(ctx, \"example_snapshot\", \u0026ebs.SnapshotArgs{\n\t\t\tVolumeId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSnapshotCreateVolumePermission(ctx, \"example_perm\", \u0026ec2.SnapshotCreateVolumePermissionArgs{\n\t\t\tSnapshotId: exampleSnapshot.ID(),\n\t\t\tAccountId: pulumi.String(\"12345678\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport com.pulumi.aws.ebs.Snapshot;\nimport com.pulumi.aws.ebs.SnapshotArgs;\nimport com.pulumi.aws.ec2.SnapshotCreateVolumePermission;\nimport com.pulumi.aws.ec2.SnapshotCreateVolumePermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .size(40)\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder()\n .volumeId(example.id())\n .build());\n\n var examplePerm = new SnapshotCreateVolumePermission(\"examplePerm\", SnapshotCreateVolumePermissionArgs.builder()\n .snapshotId(exampleSnapshot.id())\n .accountId(\"12345678\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePerm:\n type: aws:ec2:SnapshotCreateVolumePermission\n name: example_perm\n properties:\n snapshotId: ${exampleSnapshot.id}\n accountId: '12345678'\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n size: 40\n exampleSnapshot:\n type: aws:ebs:Snapshot\n name: example_snapshot\n properties:\n volumeId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions. The AWS Account cannot be the snapshot's owner\n" }, "snapshotId": { "type": "string", "description": "A snapshot ID\n" } }, "required": [ "accountId", "snapshotId" ], "inputProperties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions. The AWS Account cannot be the snapshot's owner\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "A snapshot ID\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId", "snapshotId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCreateVolumePermission resources.\n", "properties": { "accountId": { "type": "string", "description": "An AWS Account ID to add create volume permissions. The AWS Account cannot be the snapshot's owner\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "A snapshot ID\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/spotDatafeedSubscription:SpotDatafeedSubscription": { "description": "\u003e **Note:** There is only a single subscription allowed per account.\n\nTo help you understand the charges for your Spot instances, Amazon EC2 provides a data feed that describes your Spot instance usage and pricing.\nThis data feed is sent to an Amazon S3 bucket that you specify when you subscribe to the data feed.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.s3.BucketV2(\"default\", {bucket: \"tf-spot-datafeed\"});\nconst defaultSpotDatafeedSubscription = new aws.ec2.SpotDatafeedSubscription(\"default\", {\n bucket: _default.id,\n prefix: \"my_subdirectory\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.s3.BucketV2(\"default\", bucket=\"tf-spot-datafeed\")\ndefault_spot_datafeed_subscription = aws.ec2.SpotDatafeedSubscription(\"default\",\n bucket=default.id,\n prefix=\"my_subdirectory\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.S3.BucketV2(\"default\", new()\n {\n Bucket = \"tf-spot-datafeed\",\n });\n\n var defaultSpotDatafeedSubscription = new Aws.Ec2.SpotDatafeedSubscription(\"default\", new()\n {\n Bucket = @default.Id,\n Prefix = \"my_subdirectory\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketV2(ctx, \"default\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-spot-datafeed\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSpotDatafeedSubscription(ctx, \"default\", \u0026ec2.SpotDatafeedSubscriptionArgs{\n\t\t\tBucket: _default.ID(),\n\t\t\tPrefix: pulumi.String(\"my_subdirectory\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.ec2.SpotDatafeedSubscription;\nimport com.pulumi.aws.ec2.SpotDatafeedSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new BucketV2(\"default\", BucketV2Args.builder()\n .bucket(\"tf-spot-datafeed\")\n .build());\n\n var defaultSpotDatafeedSubscription = new SpotDatafeedSubscription(\"defaultSpotDatafeedSubscription\", SpotDatafeedSubscriptionArgs.builder()\n .bucket(default_.id())\n .prefix(\"my_subdirectory\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-spot-datafeed\n defaultSpotDatafeedSubscription:\n type: aws:ec2:SpotDatafeedSubscription\n name: default\n properties:\n bucket: ${default.id}\n prefix: my_subdirectory\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a Spot Datafeed Subscription using the word `spot-datafeed-subscription`. For example:\n\n```sh\n$ pulumi import aws:ec2/spotDatafeedSubscription:SpotDatafeedSubscription mysubscription spot-datafeed-subscription\n```\n", "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n" }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n" } }, "required": [ "bucket" ], "inputProperties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering SpotDatafeedSubscription resources.\n", "properties": { "bucket": { "type": "string", "description": "The Amazon S3 bucket in which to store the Spot instance data feed.\n", "willReplaceOnChanges": true }, "prefix": { "type": "string", "description": "Path of folder inside bucket to place spot pricing data.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/spotFleetRequest:SpotFleetRequest": { "description": "Provides an EC2 Spot Fleet Request resource. This allows a fleet of Spot\ninstances to be requested on the Spot market.\n\n\u003e **NOTE [AWS strongly discourages](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) the use of the legacy APIs called by this resource.\nWe recommend using the EC2 Fleet or Auto Scaling Group resources instead.\n\n## Example Usage\n\n### Using launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a Spot fleet\nconst cheapCompute = new aws.ec2.SpotFleetRequest(\"cheap_compute\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.03\",\n allocationStrategy: \"diversified\",\n targetCapacity: 6,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m4.10xlarge\",\n ami: \"ami-1234\",\n spotPrice: \"2.793\",\n placementTenancy: \"dedicated\",\n iamInstanceProfileArn: example.arn,\n },\n {\n instanceType: \"m4.4xlarge\",\n ami: \"ami-5678\",\n keyName: \"my-key\",\n spotPrice: \"1.117\",\n iamInstanceProfileArn: example.arn,\n availabilityZone: \"us-west-1a\",\n subnetId: \"subnet-1234\",\n weightedCapacity: \"35\",\n rootBlockDevices: [{\n volumeSize: 300,\n volumeType: \"gp2\",\n }],\n tags: {\n Name: \"spot-fleet-example\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a Spot fleet\ncheap_compute = aws.ec2.SpotFleetRequest(\"cheap_compute\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.03\",\n allocation_strategy=\"diversified\",\n target_capacity=6,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n {\n \"instance_type\": \"m4.10xlarge\",\n \"ami\": \"ami-1234\",\n \"spot_price\": \"2.793\",\n \"placement_tenancy\": \"dedicated\",\n \"iam_instance_profile_arn\": example[\"arn\"],\n },\n {\n \"instance_type\": \"m4.4xlarge\",\n \"ami\": \"ami-5678\",\n \"key_name\": \"my-key\",\n \"spot_price\": \"1.117\",\n \"iam_instance_profile_arn\": example[\"arn\"],\n \"availability_zone\": \"us-west-1a\",\n \"subnet_id\": \"subnet-1234\",\n \"weighted_capacity\": \"35\",\n \"root_block_devices\": [{\n \"volume_size\": 300,\n \"volume_type\": \"gp2\",\n }],\n \"tags\": {\n \"name\": \"spot-fleet-example\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Request a Spot fleet\n var cheapCompute = new Aws.Ec2.SpotFleetRequest(\"cheap_compute\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.03\",\n AllocationStrategy = \"diversified\",\n TargetCapacity = 6,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.10xlarge\",\n Ami = \"ami-1234\",\n SpotPrice = \"2.793\",\n PlacementTenancy = \"dedicated\",\n IamInstanceProfileArn = example.Arn,\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.4xlarge\",\n Ami = \"ami-5678\",\n KeyName = \"my-key\",\n SpotPrice = \"1.117\",\n IamInstanceProfileArn = example.Arn,\n AvailabilityZone = \"us-west-1a\",\n SubnetId = \"subnet-1234\",\n WeightedCapacity = \"35\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 300,\n VolumeType = \"gp2\",\n },\n },\n Tags = \n {\n { \"Name\", \"spot-fleet-example\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Request a Spot fleet\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"cheap_compute\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tAllocationStrategy: pulumi.String(\"diversified\"),\n\t\t\tTargetCapacity: pulumi.Int(6),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.10xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"2.793\"),\n\t\t\t\t\tPlacementTenancy: pulumi.String(\"dedicated\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.4xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-5678\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"1.117\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-1a\"),\n\t\t\t\t\tSubnetId: pulumi.String(\"subnet-1234\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"35\"),\n\t\t\t\t\tRootBlockDevices: ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArray{\n\t\t\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs{\n\t\t\t\t\t\t\tVolumeSize: pulumi.Int(300),\n\t\t\t\t\t\t\tVolumeType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\"Name\": pulumi.String(\"spot-fleet-example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Request a Spot fleet\n var cheapCompute = new SpotFleetRequest(\"cheapCompute\", SpotFleetRequestArgs.builder()\n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.03\")\n .allocationStrategy(\"diversified\")\n .targetCapacity(6)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.10xlarge\")\n .ami(\"ami-1234\")\n .spotPrice(\"2.793\")\n .placementTenancy(\"dedicated\")\n .iamInstanceProfileArn(example.arn())\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.4xlarge\")\n .ami(\"ami-5678\")\n .keyName(\"my-key\")\n .spotPrice(\"1.117\")\n .iamInstanceProfileArn(example.arn())\n .availabilityZone(\"us-west-1a\")\n .subnetId(\"subnet-1234\")\n .weightedCapacity(35)\n .rootBlockDevices(SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs.builder()\n .volumeSize(\"300\")\n .volumeType(\"gp2\")\n .build())\n .tags(Map.of(\"Name\", \"spot-fleet-example\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Request a Spot fleet\n cheapCompute:\n type: aws:ec2:SpotFleetRequest\n name: cheap_compute\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.03'\n allocationStrategy: diversified\n targetCapacity: 6\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m4.10xlarge\n ami: ami-1234\n spotPrice: '2.793'\n placementTenancy: dedicated\n iamInstanceProfileArn: ${example.arn}\n - instanceType: m4.4xlarge\n ami: ami-5678\n keyName: my-key\n spotPrice: '1.117'\n iamInstanceProfileArn: ${example.arn}\n availabilityZone: us-west-1a\n subnetId: subnet-1234\n weightedCapacity: 35\n rootBlockDevices:\n - volumeSize: '300'\n volumeType: gp2\n tags:\n Name: spot-fleet-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using launch templates\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n }],\n}, {\n dependsOn: [test_attach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[{\n \"launch_template_specification\": {\n \"id\": foo.id,\n \"version\": foo.latest_version,\n },\n }],\n opts = pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test_attach,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tName: pulumi.String(\"launch-template\"),\n\t\t\tImageId: pulumi.String(\"ami-516b9131\"),\n\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\tKeyName: pulumi.String(\"some-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tId: foo.ID(),\n\t\t\t\t\t\tVersion: foo.LatestVersion,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest_attach,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder()\n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder()\n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test_attach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n options:\n dependson:\n - ${[\"test-attach\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** This provider does not support the functionality where multiple `subnet_id` or `availability_zone` parameters can be specified in the same\nlaunch configuration block. If you want to specify multiple values, then separate launch configuration blocks should be used or launch template overrides should be configured, one per subnet:\n\n### Using multiple launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m1.small\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n {\n instanceType: \"m5.large\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n {\n \"instance_type\": \"m1.small\",\n \"ami\": \"ami-d06a90b0\",\n \"key_name\": \"my-key\",\n \"availability_zone\": \"us-west-2a\",\n },\n {\n \"instance_type\": \"m5.large\",\n \"ami\": \"ami-d06a90b0\",\n \"key_name\": \"my-key\",\n \"availability_zone\": \"us-west-2a\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m1.small\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m5.large\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m5.large\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new SpotFleetRequest(\"foo\", SpotFleetRequestArgs.builder()\n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m1.small\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m5.large\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:SpotFleetRequest\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m1.small\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n - instanceType: m5.large\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e In this example, we use a `dynamic` block to define zero or more `launch_specification` blocks, producing one for each element in the list of subnet ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnets = config.requireObject(\"subnets\");\nconst example = new aws.ec2.SpotFleetRequest(\"example\", {\n launchSpecifications: .map(s =\u003e ({\n subnetId: s[1],\n })).map((v, k) =\u003e ({key: k, value: v})).map(entry =\u003e ({\n ami: \"ami-1234\",\n instanceType: \"m4.4xlarge\",\n subnetId: entry.value.subnetId,\n vpcSecurityGroupIds: \"sg-123456\",\n rootBlockDevices: [{\n volumeSize: 8,\n volumeType: \"gp2\",\n deleteOnTermination: true,\n }],\n tags: {\n Name: \"Spot Node\",\n tag_builder: \"builder\",\n },\n })),\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n targetCapacity: 3,\n validUntil: \"2019-11-04T20:44:20Z\",\n allocationStrategy: \"lowestPrice\",\n fleetType: \"request\",\n waitForFulfillment: true,\n terminateInstancesWithExpiration: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnets = config.require_object(\"subnets\")\nexample = aws.ec2.SpotFleetRequest(\"example\",\n launch_specifications=[{\n \"ami\": \"ami-1234\",\n \"instance_type\": \"m4.4xlarge\",\n \"subnet_id\": entry[\"value\"][\"subnetId\"],\n \"vpc_security_group_ids\": \"sg-123456\",\n \"root_block_devices\": [{\n \"volume_size\": 8,\n \"volume_type\": \"gp2\",\n \"delete_on_termination\": True,\n }],\n \"tags\": {\n \"name\": \"Spot Node\",\n \"tag_builder\": \"builder\",\n },\n } for entry in [{\"key\": k, \"value\": v} for k, v in [{\n \"subnetId\": s[1],\n } for s in subnets]]],\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n target_capacity=3,\n valid_until=\"2019-11-04T20:44:20Z\",\n allocation_strategy=\"lowestPrice\",\n fleet_type=\"request\",\n wait_for_fulfillment=True,\n terminate_instances_with_expiration=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnets = config.RequireObject\u003cdynamic\u003e(\"subnets\");\n var example = new Aws.Ec2.SpotFleetRequest(\"example\", new()\n {\n LaunchSpecifications = .Select(s =\u003e \n {\n return \n {\n { \"subnetId\", s[1] },\n };\n }).ToList().Select((v, k) =\u003e new { Key = k, Value = v }).Select(entry =\u003e \n {\n return new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-1234\",\n InstanceType = \"m4.4xlarge\",\n SubnetId = entry.Value.SubnetId,\n VpcSecurityGroupIds = \"sg-123456\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 8,\n VolumeType = \"gp2\",\n DeleteOnTermination = true,\n },\n },\n Tags = \n {\n { \"Name\", \"Spot Node\" },\n { \"tag_builder\", \"builder\" },\n },\n };\n }).ToList(),\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n TargetCapacity = 3,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n AllocationStrategy = \"lowestPrice\",\n FleetType = \"request\",\n WaitForFulfillment = true,\n TerminateInstancesWithExpiration = true,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using multiple launch configurations\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [vpcId],\n }],\n});\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n overrides: [\n {\n subnetId: example.then(example =\u003e example.ids?.[0]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[1]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[2]),\n },\n ],\n }],\n}, {\n dependsOn: [test_attach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_subnets(filters=[{\n \"name\": \"vpc-id\",\n \"values\": [vpc_id],\n}])\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[{\n \"launch_template_specification\": {\n \"id\": foo.id,\n \"version\": foo.latest_version,\n },\n \"overrides\": [\n {\n \"subnet_id\": example.ids[0],\n },\n {\n \"subnet_id\": example.ids[1],\n },\n {\n \"subnet_id\": example.ids[2],\n },\n ],\n }],\n opts = pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n vpcId,\n },\n },\n },\n });\n\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n Overrides = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[2]),\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test_attach,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nvpcId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\nName: pulumi.String(\"launch-template\"),\nImageId: pulumi.String(\"ami-516b9131\"),\nInstanceType: pulumi.String(\"m1.small\"),\nKeyName: pulumi.String(\"some-key\"),\n})\nif err != nil {\nreturn err\n}\n_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\nIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\nSpotPrice: pulumi.String(\"0.005\"),\nTargetCapacity: pulumi.Int(2),\nValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\nLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\nLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\nId: foo.ID(),\nVersion: foo.LatestVersion,\n},\nOverrides: ec2.SpotFleetRequestLaunchTemplateConfigOverrideArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[0]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[1]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[2]),\n},\n},\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest_attach,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(vpcId)\n .build())\n .build());\n\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder()\n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder()\n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .overrides( \n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[2]))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test_attach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n overrides:\n - subnetId: ${example.ids[0]}\n - subnetId: ${example.ids[1]}\n - subnetId: ${example.ids[2]}\n options:\n dependson:\n - ${[\"test-attach\"]}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Spot Fleet Requests using `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/spotFleetRequest:SpotFleetRequest fleet sfr-005e9ec8-5546-4c31-b317-31a62325411e\n```\n", "properties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. Valid values: `lowestPrice`, `diversified`, `capacityOptimized`, `capacityOptimizedPrioritized`, and `priceCapacityOptimized`. The default is\n`lowestPrice`.\n" }, "clientToken": { "type": "string" }, "context": { "type": "string", "description": "Reserved.\n" }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n" }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n" }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n" }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n" }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n\n**Note**: This takes in similar but not\nidentical inputs as `aws.ec2.Instance`. There are limitations on\nwhat you can specify. See the list of officially supported inputs in the\n[reference documentation](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetLaunchSpecification.html). Any normal `aws.ec2.Instance` parameter that corresponds to those inputs may be used and it have\na additional parameter `iam_instance_profile_arn` takes `aws.iam.InstanceProfile` attribute `arn` as input.\n" }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n" }, "onDemandAllocationStrategy": { "type": "string", "description": "The order of the launch template overrides to use in fulfilling On-Demand capacity. the possible values are: `lowestPrice` and `prioritized`. the default is `lowestPrice`.\n" }, "onDemandMaxTotalPrice": { "type": "string", "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.\n" }, "onDemandTargetCapacity": { "type": "integer", "description": "The number of On-Demand units to request. If the request type is `maintain`, you can specify a target capacity of 0 and add capacity later.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n" }, "spotMaintenanceStrategies": { "$ref": "#/types/aws:ec2/SpotFleetRequestSpotMaintenanceStrategies:SpotFleetRequestSpotMaintenanceStrategies", "description": "Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below.\n" }, "spotPrice": { "type": "string", "description": "The maximum bid price per unit hour.\n" }, "spotRequestState": { "type": "string", "description": "The state of the Spot fleet request.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetCapacityUnitType": { "type": "string", "description": "The unit for the target capacity. This can only be done with `instance_requirements` defined\n" }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n" }, "terminateInstancesOnDelete": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated when the resource is deleted (and the Spot fleet request cancelled).\nIf no value is specified, the value of the `terminate_instances_with_expiration` argument is used.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "required": [ "clientToken", "iamFleetRole", "loadBalancers", "spotRequestState", "tagsAll", "targetCapacity", "targetGroupArns" ], "inputProperties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. Valid values: `lowestPrice`, `diversified`, `capacityOptimized`, `capacityOptimizedPrioritized`, and `priceCapacityOptimized`. The default is\n`lowestPrice`.\n", "willReplaceOnChanges": true }, "context": { "type": "string", "description": "Reserved.\n", "willReplaceOnChanges": true }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n", "willReplaceOnChanges": true }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n", "willReplaceOnChanges": true }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n", "willReplaceOnChanges": true }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n", "willReplaceOnChanges": true }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n\n**Note**: This takes in similar but not\nidentical inputs as `aws.ec2.Instance`. There are limitations on\nwhat you can specify. See the list of officially supported inputs in the\n[reference documentation](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetLaunchSpecification.html). Any normal `aws.ec2.Instance` parameter that corresponds to those inputs may be used and it have\na additional parameter `iam_instance_profile_arn` takes `aws.iam.InstanceProfile` attribute `arn` as input.\n", "willReplaceOnChanges": true }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n", "willReplaceOnChanges": true }, "onDemandAllocationStrategy": { "type": "string", "description": "The order of the launch template overrides to use in fulfilling On-Demand capacity. the possible values are: `lowestPrice` and `prioritized`. the default is `lowestPrice`.\n", "willReplaceOnChanges": true }, "onDemandMaxTotalPrice": { "type": "string", "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.\n", "willReplaceOnChanges": true }, "onDemandTargetCapacity": { "type": "integer", "description": "The number of On-Demand units to request. If the request type is `maintain`, you can specify a target capacity of 0 and add capacity later.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n", "willReplaceOnChanges": true }, "spotMaintenanceStrategies": { "$ref": "#/types/aws:ec2/SpotFleetRequestSpotMaintenanceStrategies:SpotFleetRequestSpotMaintenanceStrategies", "description": "Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below.\n" }, "spotPrice": { "type": "string", "description": "The maximum bid price per unit hour.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetCapacityUnitType": { "type": "string", "description": "The unit for the target capacity. This can only be done with `instance_requirements` defined\n", "willReplaceOnChanges": true }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n", "willReplaceOnChanges": true }, "terminateInstancesOnDelete": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated when the resource is deleted (and the Spot fleet request cancelled).\nIf no value is specified, the value of the `terminate_instances_with_expiration` argument is used.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request.\n", "willReplaceOnChanges": true }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "requiredInputs": [ "iamFleetRole", "targetCapacity" ], "stateInputs": { "description": "Input properties used for looking up and filtering SpotFleetRequest resources.\n", "properties": { "allocationStrategy": { "type": "string", "description": "Indicates how to allocate the target capacity across\nthe Spot pools specified by the Spot fleet request. Valid values: `lowestPrice`, `diversified`, `capacityOptimized`, `capacityOptimizedPrioritized`, and `priceCapacityOptimized`. The default is\n`lowestPrice`.\n", "willReplaceOnChanges": true }, "clientToken": { "type": "string" }, "context": { "type": "string", "description": "Reserved.\n", "willReplaceOnChanges": true }, "excessCapacityTerminationPolicy": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated if the target capacity of the Spot fleet\nrequest is decreased below the current size of the Spot fleet.\n" }, "fleetType": { "type": "string", "description": "The type of fleet request. Indicates whether the Spot Fleet only requests the target\ncapacity or also attempts to maintain it. Default is `maintain`.\n", "willReplaceOnChanges": true }, "iamFleetRole": { "type": "string", "description": "Grants the Spot fleet permission to terminate\nSpot instances on your behalf when you cancel its Spot fleet request using\nCancelSpotFleetRequests or when the Spot fleet request expires, if you set\nterminateInstancesWithExpiration.\n", "willReplaceOnChanges": true }, "instanceInterruptionBehaviour": { "type": "string", "description": "Indicates whether a Spot\ninstance stops or terminates when it is interrupted. Default is\n`terminate`.\n", "willReplaceOnChanges": true }, "instancePoolsToUseCount": { "type": "integer", "description": "The number of Spot pools across which to allocate your target Spot capacity.\nValid only when `allocation_strategy` is set to `lowestPrice`. Spot Fleet selects\nthe cheapest Spot pools and evenly allocates your target Spot capacity across\nthe number of Spot pools that you specify.\n", "willReplaceOnChanges": true }, "launchSpecifications": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchSpecification:SpotFleetRequestLaunchSpecification" }, "description": "Used to define the launch configuration of the\nspot-fleet request. Can be specified multiple times to define different bids\nacross different markets and instance types. Conflicts with `launch_template_config`. At least one of `launch_specification` or `launch_template_config` is required.\n\n**Note**: This takes in similar but not\nidentical inputs as `aws.ec2.Instance`. There are limitations on\nwhat you can specify. See the list of officially supported inputs in the\n[reference documentation](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetLaunchSpecification.html). Any normal `aws.ec2.Instance` parameter that corresponds to those inputs may be used and it have\na additional parameter `iam_instance_profile_arn` takes `aws.iam.InstanceProfile` attribute `arn` as input.\n", "willReplaceOnChanges": true }, "launchTemplateConfigs": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotFleetRequestLaunchTemplateConfig:SpotFleetRequestLaunchTemplateConfig" }, "description": "Launch template configuration block. See Launch Template Configs below for more details. Conflicts with `launch_specification`. At least one of `launch_specification` or `launch_template_config` is required.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "A list of elastic load balancer names to add to the Spot fleet.\n", "willReplaceOnChanges": true }, "onDemandAllocationStrategy": { "type": "string", "description": "The order of the launch template overrides to use in fulfilling On-Demand capacity. the possible values are: `lowestPrice` and `prioritized`. the default is `lowestPrice`.\n", "willReplaceOnChanges": true }, "onDemandMaxTotalPrice": { "type": "string", "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.\n", "willReplaceOnChanges": true }, "onDemandTargetCapacity": { "type": "integer", "description": "The number of On-Demand units to request. If the request type is `maintain`, you can specify a target capacity of 0 and add capacity later.\n" }, "replaceUnhealthyInstances": { "type": "boolean", "description": "Indicates whether Spot fleet should replace unhealthy instances. Default `false`.\n", "willReplaceOnChanges": true }, "spotMaintenanceStrategies": { "$ref": "#/types/aws:ec2/SpotFleetRequestSpotMaintenanceStrategies:SpotFleetRequestSpotMaintenanceStrategies", "description": "Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below.\n" }, "spotPrice": { "type": "string", "description": "The maximum bid price per unit hour.\n", "willReplaceOnChanges": true }, "spotRequestState": { "type": "string", "description": "The state of the Spot fleet request.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCapacity": { "type": "integer", "description": "The number of units to request. You can choose to set the\ntarget capacity in terms of instances or a performance characteristic that is\nimportant to your application workload, such as vCPUs, memory, or I/O.\n" }, "targetCapacityUnitType": { "type": "string", "description": "The unit for the target capacity. This can only be done with `instance_requirements` defined\n", "willReplaceOnChanges": true }, "targetGroupArns": { "type": "array", "items": { "type": "string" }, "description": "A list of `aws.alb.TargetGroup` ARNs, for use with Application Load Balancing.\n", "willReplaceOnChanges": true }, "terminateInstancesOnDelete": { "type": "string", "description": "Indicates whether running Spot\ninstances should be terminated when the resource is deleted (and the Spot fleet request cancelled).\nIf no value is specified, the value of the `terminate_instances_with_expiration` argument is used.\n" }, "terminateInstancesWithExpiration": { "type": "boolean", "description": "Indicates whether running Spot\ninstances should be terminated when the Spot fleet request expires.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request.\n", "willReplaceOnChanges": true }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "type": "object" } }, "aws:ec2/spotInstanceRequest:SpotInstanceRequest": { "description": "Provides an EC2 Spot Instance Request resource. This allows instances to be\nrequested on the spot market.\n\nBy default this provider creates Spot Instance Requests with a `persistent` type,\nwhich means that for the duration of their lifetime, AWS will launch an\ninstance with the configured details if and when the spot market will accept\nthe requested price.\n\nOn destruction, this provider will make an attempt to terminate the associated Spot\nInstance if there is one present.\n\nSpot Instances requests with a `one-time` type will close the spot request\nwhen the instance is terminated either by the request being below the current spot\nprice availability or by a user.\n\n\u003e **NOTE:** Because their behavior depends on the live status of the spot\nmarket, Spot Instance Requests have a unique lifecycle that makes them behave\ndifferently than other resources. Most importantly: there is __no\nguarantee__ that a Spot Instance exists to fulfill the request at any given\npoint in time. See the [AWS Spot Instance\ndocumentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html)\nfor more information.\n\n\u003e **NOTE [AWS strongly discourages](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) the use of the legacy APIs called by this resource.\nWe recommend using the EC2 Instance resource with `instance_market_options` instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a spot instance at $0.03\nconst cheapWorker = new aws.ec2.SpotInstanceRequest(\"cheap_worker\", {\n ami: \"ami-1234\",\n spotPrice: \"0.03\",\n instanceType: \"c4.xlarge\",\n tags: {\n Name: \"CheapWorker\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a spot instance at $0.03\ncheap_worker = aws.ec2.SpotInstanceRequest(\"cheap_worker\",\n ami=\"ami-1234\",\n spot_price=\"0.03\",\n instance_type=\"c4.xlarge\",\n tags={\n \"Name\": \"CheapWorker\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Request a spot instance at $0.03\n var cheapWorker = new Aws.Ec2.SpotInstanceRequest(\"cheap_worker\", new()\n {\n Ami = \"ami-1234\",\n SpotPrice = \"0.03\",\n InstanceType = \"c4.xlarge\",\n Tags = \n {\n { \"Name\", \"CheapWorker\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Request a spot instance at $0.03\n\t\t_, err := ec2.NewSpotInstanceRequest(ctx, \"cheap_worker\", \u0026ec2.SpotInstanceRequestArgs{\n\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tInstanceType: pulumi.String(\"c4.xlarge\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"CheapWorker\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotInstanceRequest;\nimport com.pulumi.aws.ec2.SpotInstanceRequestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Request a spot instance at $0.03\n var cheapWorker = new SpotInstanceRequest(\"cheapWorker\", SpotInstanceRequestArgs.builder()\n .ami(\"ami-1234\")\n .spotPrice(\"0.03\")\n .instanceType(\"c4.xlarge\")\n .tags(Map.of(\"Name\", \"CheapWorker\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Request a spot instance at $0.03\n cheapWorker:\n type: aws:ec2:SpotInstanceRequest\n name: cheap_worker\n properties:\n ami: ami-1234\n spotPrice: '0.03'\n instanceType: c4.xlarge\n tags:\n Name: CheapWorker\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n" }, "arn": { "type": "string" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n" }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n" }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n" }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCapacityReservationSpecification:SpotInstanceRequestCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n" }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead" }, "cpuOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCpuOptions:SpotInstanceRequestCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n" }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead" }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n" }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n" }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n" }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n" }, "enclaveOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEnclaveOptions:SpotInstanceRequestEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n" }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n" }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n" }, "iamInstanceProfile": { "type": "string", "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n" }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n" }, "instanceInterruptionBehavior": { "type": "string", "description": "Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate`. Default value is `terminate`.\n" }, "instanceState": { "type": "string" }, "instanceType": { "type": "string", "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n" }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n" }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n" }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n" }, "launchTemplate": { "$ref": "#/types/aws:ec2/SpotInstanceRequestLaunchTemplate:SpotInstanceRequestLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n" }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMaintenanceOptions:SpotInstanceRequestMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n" }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n" }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n" }, "outpostArn": { "type": "string" }, "passwordData": { "type": "string" }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n" }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n" }, "primaryNetworkInterfaceId": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestPrivateDnsNameOptions:SpotInstanceRequestPrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n" }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n" }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n" }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n" }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n" }, "spotBidStatus": { "type": "string", "description": "The current [bid\nstatus](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html)\nof the Spot Instance Request.\n" }, "spotInstanceId": { "type": "string", "description": "The Instance ID (if any) that is currently fulfilling\nthe Spot Instance request.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n" }, "spotRequestState": { "type": "string", "description": "The current [request\nstate](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#creating-spot-request-status)\nof the Spot Instance Request.\n" }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n" }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n" }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n" }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n" }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n" }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n" }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "capacityReservationSpecification", "cpuCoreCount", "cpuOptions", "cpuThreadsPerCore", "disableApiStop", "disableApiTermination", "ebsBlockDevices", "ebsOptimized", "enclaveOptions", "ephemeralBlockDevices", "hostId", "hostResourceGroupArn", "iamInstanceProfile", "instanceInitiatedShutdownBehavior", "instanceState", "instanceType", "ipv6AddressCount", "ipv6Addresses", "keyName", "maintenanceOptions", "metadataOptions", "monitoring", "networkInterfaces", "outpostArn", "passwordData", "placementGroup", "placementPartitionNumber", "primaryNetworkInterfaceId", "privateDns", "privateDnsNameOptions", "privateIp", "publicDns", "publicIp", "rootBlockDevice", "secondaryPrivateIps", "securityGroups", "spotBidStatus", "spotInstanceId", "spotPrice", "spotRequestState", "subnetId", "tagsAll", "tenancy", "userData", "userDataBase64", "validFrom", "validUntil", "vpcSecurityGroupIds" ], "inputProperties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n", "willReplaceOnChanges": true }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n", "willReplaceOnChanges": true }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n", "willReplaceOnChanges": true }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCapacityReservationSpecification:SpotInstanceRequestCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "cpuOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCpuOptions:SpotInstanceRequestCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n", "willReplaceOnChanges": true }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n", "willReplaceOnChanges": true }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n", "willReplaceOnChanges": true }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n", "willReplaceOnChanges": true }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n", "willReplaceOnChanges": true }, "enclaveOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEnclaveOptions:SpotInstanceRequestEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n", "willReplaceOnChanges": true }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n", "willReplaceOnChanges": true }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n", "willReplaceOnChanges": true }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n", "willReplaceOnChanges": true }, "iamInstanceProfile": { "type": "string", "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n", "willReplaceOnChanges": true }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n", "willReplaceOnChanges": true }, "instanceInterruptionBehavior": { "type": "string", "description": "Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate`. Default value is `terminate`.\n", "willReplaceOnChanges": true }, "instanceType": { "type": "string", "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n", "willReplaceOnChanges": true }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n", "willReplaceOnChanges": true }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n", "willReplaceOnChanges": true }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n", "willReplaceOnChanges": true }, "launchTemplate": { "$ref": "#/types/aws:ec2/SpotInstanceRequestLaunchTemplate:SpotInstanceRequestLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n", "willReplaceOnChanges": true }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMaintenanceOptions:SpotInstanceRequestMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n", "willReplaceOnChanges": true }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n", "willReplaceOnChanges": true }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n", "willReplaceOnChanges": true }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n", "willReplaceOnChanges": true }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n", "willReplaceOnChanges": true }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n", "willReplaceOnChanges": true }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestPrivateDnsNameOptions:SpotInstanceRequestPrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n", "willReplaceOnChanges": true }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n", "willReplaceOnChanges": true }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n", "willReplaceOnChanges": true }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n", "willReplaceOnChanges": true }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n", "willReplaceOnChanges": true }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n", "willReplaceOnChanges": true }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tenancy": { "type": "string", "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n", "willReplaceOnChanges": true }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n", "willReplaceOnChanges": true }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n", "willReplaceOnChanges": true }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n", "willReplaceOnChanges": true }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SpotInstanceRequest resources.\n", "properties": { "ami": { "type": "string", "description": "AMI to use for the instance. Required unless `launch_template` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.\n", "willReplaceOnChanges": true }, "arn": { "type": "string" }, "associatePublicIpAddress": { "type": "boolean", "description": "Whether to associate a public IP address with an instance in a VPC.\n", "willReplaceOnChanges": true }, "availabilityZone": { "type": "string", "description": "AZ to start the instance in.\n", "willReplaceOnChanges": true }, "blockDurationMinutes": { "type": "integer", "description": "The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).\nThe duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates.\nNote that you can't specify an Availability Zone group or a launch group if you specify a duration.\n", "willReplaceOnChanges": true }, "capacityReservationSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCapacityReservationSpecification:SpotInstanceRequestCapacityReservationSpecification", "description": "Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.\n\n\u003e **NOTE:** Changing `cpu_core_count` and/or `cpu_threads_per_core` will cause the resource to be destroyed and re-created.\n", "willReplaceOnChanges": true }, "cpuCoreCount": { "type": "integer", "description": "Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "cpuOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCpuOptions:SpotInstanceRequestCpuOptions", "description": "The CPU options for the instance. See CPU Options below for more details.\n", "willReplaceOnChanges": true }, "cpuThreadsPerCore": { "type": "integer", "description": "If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information.\n", "deprecationMessage": "use 'cpu_options' argument instead", "willReplaceOnChanges": true }, "creditSpecification": { "$ref": "#/types/aws:ec2/SpotInstanceRequestCreditSpecification:SpotInstanceRequestCreditSpecification", "description": "Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.\n", "willReplaceOnChanges": true }, "disableApiStop": { "type": "boolean", "description": "If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).\n", "willReplaceOnChanges": true }, "disableApiTermination": { "type": "boolean", "description": "If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).\n", "willReplaceOnChanges": true }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEbsBlockDevice:SpotInstanceRequestEbsBlockDevice" }, "description": "One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.\n", "willReplaceOnChanges": true }, "enclaveOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEnclaveOptions:SpotInstanceRequestEnclaveOptions", "description": "Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.\n", "willReplaceOnChanges": true }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestEphemeralBlockDevice:SpotInstanceRequestEphemeralBlockDevice" }, "description": "One or more configuration blocks to customize Ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.\n", "willReplaceOnChanges": true }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n", "willReplaceOnChanges": true }, "hibernation": { "type": "boolean", "description": "If true, the launched EC2 instance will support hibernation.\n", "willReplaceOnChanges": true }, "hostId": { "type": "string", "description": "ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.\n", "willReplaceOnChanges": true }, "hostResourceGroupArn": { "type": "string", "description": "ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.\n", "willReplaceOnChanges": true }, "iamInstanceProfile": { "type": "string", "description": "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.\n", "willReplaceOnChanges": true }, "instanceInitiatedShutdownBehavior": { "type": "string", "description": "Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.\n", "willReplaceOnChanges": true }, "instanceInterruptionBehavior": { "type": "string", "description": "Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate`. Default value is `terminate`.\n", "willReplaceOnChanges": true }, "instanceState": { "type": "string" }, "instanceType": { "type": "string", "description": "Instance type to use for the instance. Required unless `launch_template` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instance_type` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.\n", "willReplaceOnChanges": true }, "ipv6AddressCount": { "type": "integer", "description": "Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\n", "willReplaceOnChanges": true }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", "description": "Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.\n", "willReplaceOnChanges": true }, "launchGroup": { "type": "string", "description": "A launch group is a group of spot instances that launch together and terminate together.\nIf left empty instances are launched and terminated individually.\n", "willReplaceOnChanges": true }, "launchTemplate": { "$ref": "#/types/aws:ec2/SpotInstanceRequestLaunchTemplate:SpotInstanceRequestLaunchTemplate", "description": "Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.\n", "willReplaceOnChanges": true }, "maintenanceOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMaintenanceOptions:SpotInstanceRequestMaintenanceOptions", "description": "Maintenance and recovery options for the instance. See Maintenance Options below for more details.\n", "willReplaceOnChanges": true }, "metadataOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestMetadataOptions:SpotInstanceRequestMetadataOptions", "description": "Customize the metadata options of the instance. See Metadata Options below for more details.\n", "willReplaceOnChanges": true }, "monitoring": { "type": "boolean", "description": "If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)\n", "willReplaceOnChanges": true }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:ec2/SpotInstanceRequestNetworkInterface:SpotInstanceRequestNetworkInterface" }, "description": "Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.\n", "willReplaceOnChanges": true }, "outpostArn": { "type": "string" }, "passwordData": { "type": "string" }, "placementGroup": { "type": "string", "description": "Placement Group to start the instance in.\n", "willReplaceOnChanges": true }, "placementPartitionNumber": { "type": "integer", "description": "Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `\"partition\"`.\n", "willReplaceOnChanges": true }, "primaryNetworkInterfaceId": { "type": "string" }, "privateDns": { "type": "string", "description": "The private DNS name assigned to the instance. Can only be\nused inside the Amazon EC2, and only available if you've enabled DNS hostnames\nfor your VPC\n" }, "privateDnsNameOptions": { "$ref": "#/types/aws:ec2/SpotInstanceRequestPrivateDnsNameOptions:SpotInstanceRequestPrivateDnsNameOptions", "description": "Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.\n", "willReplaceOnChanges": true }, "privateIp": { "type": "string", "description": "Private IP address to associate with the instance in a VPC.\n", "willReplaceOnChanges": true }, "publicDns": { "type": "string", "description": "The public DNS name assigned to the instance. For EC2-VPC, this\nis only available if you've enabled DNS hostnames for your VPC\n" }, "publicIp": { "type": "string", "description": "The public IP address assigned to the instance, if applicable.\n" }, "rootBlockDevice": { "$ref": "#/types/aws:ec2/SpotInstanceRequestRootBlockDevice:SpotInstanceRequestRootBlockDevice", "description": "Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.\n", "willReplaceOnChanges": true }, "secondaryPrivateIps": { "type": "array", "items": { "type": "string" }, "description": "List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `network_interface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group names to associate with.\n\n\u003e **NOTE:** If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.\n", "willReplaceOnChanges": true }, "sourceDestCheck": { "type": "boolean", "description": "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.\n", "willReplaceOnChanges": true }, "spotBidStatus": { "type": "string", "description": "The current [bid\nstatus](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html)\nof the Spot Instance Request.\n" }, "spotInstanceId": { "type": "string", "description": "The Instance ID (if any) that is currently fulfilling\nthe Spot Instance request.\n" }, "spotPrice": { "type": "string", "description": "The maximum price to request on the spot market.\n", "willReplaceOnChanges": true }, "spotRequestState": { "type": "string", "description": "The current [request\nstate](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#creating-spot-request-status)\nof the Spot Instance Request.\n" }, "spotType": { "type": "string", "description": "If set to `one-time`, after\nthe instance is terminated, the spot request will be closed.\n" }, "subnetId": { "type": "string", "description": "VPC Subnet ID to launch in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tenancy": { "type": "string", "description": "Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.\n", "willReplaceOnChanges": true }, "userData": { "type": "string", "description": "User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `user_data_base64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n", "willReplaceOnChanges": true }, "userDataBase64": { "type": "string", "description": "Can be used instead of `user_data` to pass base64-encoded binary data directly. Use this instead of `user_data` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `user_data_replace_on_change` is set then updates to this field will trigger a destroy and recreate.\n", "willReplaceOnChanges": true }, "userDataReplaceOnChange": { "type": "boolean", "description": "When used in combination with `user_data` or `user_data_base64` will trigger a destroy and recreate when set to `true`. Defaults to `false` if not set.\n", "willReplaceOnChanges": true }, "validFrom": { "type": "string", "description": "The start date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.\n", "willReplaceOnChanges": true }, "validUntil": { "type": "string", "description": "The end date and time of the request, in UTC [RFC3339](https://tools.ietf.org/html/rfc3339#section-5.8) format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.\n", "willReplaceOnChanges": true }, "volumeTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign, at instance-creation time, to root and EBS volumes.\n\n\u003e **NOTE:** Do not use `volume_tags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to associate with.\n", "willReplaceOnChanges": true }, "waitForFulfillment": { "type": "boolean", "description": "If set, this provider will\nwait for the Spot Request to be fulfilled, and will throw an error if the\ntimeout of 10m is reached.\n" } }, "type": "object" } }, "aws:ec2/subnet:Subnet": { "description": "Provides an VPC subnet resource.\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), subnets associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Subnet(\"main\", {\n vpcId: mainAwsVpc.id,\n cidrBlock: \"10.0.1.0/24\",\n tags: {\n Name: \"Main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Subnet(\"main\",\n vpc_id=main_aws_vpc[\"id\"],\n cidr_block=\"10.0.1.0/24\",\n tags={\n \"Name\": \"Main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Subnet(\"main\", new()\n {\n VpcId = mainAwsVpc.Id,\n CidrBlock = \"10.0.1.0/24\",\n Tags = \n {\n { \"Name\", \"Main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSubnet(ctx, \"main\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: pulumi.Any(mainAwsVpc.Id),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Subnet(\"main\", SubnetArgs.builder()\n .vpcId(mainAwsVpc.id())\n .cidrBlock(\"10.0.1.0/24\")\n .tags(Map.of(\"Name\", \"Main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${mainAwsVpc.id}\n cidrBlock: 10.0.1.0/24\n tags:\n Name: Main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Subnets In Secondary VPC CIDR Blocks\n\nWhen managing subnets in one of a VPC's secondary CIDR blocks created using a `aws.ec2.VpcIpv4CidrBlockAssociation`\nresource, it is recommended to reference that resource's `vpc_id` attribute to ensure correct dependency ordering.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst secondaryCidr = new aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", {\n vpcId: main.id,\n cidrBlock: \"172.20.0.0/16\",\n});\nconst inSecondaryCidr = new aws.ec2.Subnet(\"in_secondary_cidr\", {\n vpcId: secondaryCidr.vpcId,\n cidrBlock: \"172.20.0.0/24\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsecondary_cidr = aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\",\n vpc_id=main[\"id\"],\n cidr_block=\"172.20.0.0/16\")\nin_secondary_cidr = aws.ec2.Subnet(\"in_secondary_cidr\",\n vpc_id=secondary_cidr.vpc_id,\n cidr_block=\"172.20.0.0/24\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secondaryCidr = new Aws.Ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", new()\n {\n VpcId = main.Id,\n CidrBlock = \"172.20.0.0/16\",\n });\n\n var inSecondaryCidr = new Aws.Ec2.Subnet(\"in_secondary_cidr\", new()\n {\n VpcId = secondaryCidr.VpcId,\n CidrBlock = \"172.20.0.0/24\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecondaryCidr, err := ec2.NewVpcIpv4CidrBlockAssociation(ctx, \"secondary_cidr\", \u0026ec2.VpcIpv4CidrBlockAssociationArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tCidrBlock: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"in_secondary_cidr\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: secondaryCidr.VpcId,\n\t\t\tCidrBlock: pulumi.String(\"172.20.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcIpv4CidrBlockAssociation;\nimport com.pulumi.aws.ec2.VpcIpv4CidrBlockAssociationArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var secondaryCidr = new VpcIpv4CidrBlockAssociation(\"secondaryCidr\", VpcIpv4CidrBlockAssociationArgs.builder()\n .vpcId(main.id())\n .cidrBlock(\"172.20.0.0/16\")\n .build());\n\n var inSecondaryCidr = new Subnet(\"inSecondaryCidr\", SubnetArgs.builder()\n .vpcId(secondaryCidr.vpcId())\n .cidrBlock(\"172.20.0.0/24\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n secondaryCidr:\n type: aws:ec2:VpcIpv4CidrBlockAssociation\n name: secondary_cidr\n properties:\n vpcId: ${main.id}\n cidrBlock: 172.20.0.0/16\n inSecondaryCidr:\n type: aws:ec2:Subnet\n name: in_secondary_cidr\n properties:\n vpcId: ${secondaryCidr.vpcId}\n cidrBlock: 172.20.0.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import subnets using the subnet `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/subnet:Subnet public_subnet subnet-9d4a7b6c\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet.\n" }, "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "AZ for the subnet.\n" }, "availabilityZoneId": { "type": "string", "description": "AZ ID of the subnet. This argument is not supported in all regions or partitions. If necessary, use `availability_zone` instead.\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the subnet.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The customer owned IPv4 address pool. Typically used with the `map_customer_owned_ip_on_launch` argument. The `outpost_arn` argument must be specified when configured.\n" }, "enableDns64": { "type": "boolean", "description": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. Default: `false`.\n" }, "enableLniAtDeviceIndex": { "type": "integer", "description": "Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1). A local network interface cannot be the primary network interface (eth0).\n" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. Default: `false`.\n" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. Default: `false`.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "ipv6CidrBlockAssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6Native": { "type": "boolean", "description": "Indicates whether to create an IPv6-only subnet. Default: `false`.\n" }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean", "description": "Specify `true` to indicate that network interfaces created in the subnet should be assigned a customer owned IP address. The `customer_owned_ipv4_pool` and `outpost_arn` arguments must be specified when set to `true`. Default is `false`.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "privateDnsHostnameTypeOnLaunch": { "type": "string", "description": "The type of hostnames to assign to instances in the subnet at launch. For IPv6-only subnets, an instance DNS name must be based on the instance ID. For dual-stack and IPv4-only subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name`, `resource-name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID.\n" } }, "required": [ "arn", "availabilityZone", "availabilityZoneId", "ipv6CidrBlockAssociationId", "ownerId", "privateDnsHostnameTypeOnLaunch", "tagsAll", "vpcId" ], "inputProperties": { "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "AZ for the subnet.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "AZ ID of the subnet. This argument is not supported in all regions or partitions. If necessary, use `availability_zone` instead.\n", "willReplaceOnChanges": true }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the subnet.\n", "willReplaceOnChanges": true }, "customerOwnedIpv4Pool": { "type": "string", "description": "The customer owned IPv4 address pool. Typically used with the `map_customer_owned_ip_on_launch` argument. The `outpost_arn` argument must be specified when configured.\n" }, "enableDns64": { "type": "boolean", "description": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. Default: `false`.\n" }, "enableLniAtDeviceIndex": { "type": "integer", "description": "Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1). A local network interface cannot be the primary network interface (eth0).\n" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. Default: `false`.\n" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. Default: `false`.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "ipv6Native": { "type": "boolean", "description": "Indicates whether to create an IPv6-only subnet. Default: `false`.\n", "willReplaceOnChanges": true }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean", "description": "Specify `true` to indicate that network interfaces created in the subnet should be assigned a customer owned IP address. The `customer_owned_ipv4_pool` and `outpost_arn` arguments must be specified when set to `true`. Default is `false`.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n", "willReplaceOnChanges": true }, "privateDnsHostnameTypeOnLaunch": { "type": "string", "description": "The type of hostnames to assign to instances in the subnet at launch. For IPv6-only subnets, an instance DNS name must be based on the instance ID. For dual-stack and IPv4-only subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name`, `resource-name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The VPC ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Subnet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet.\n" }, "assignIpv6AddressOnCreation": { "type": "boolean", "description": "Specify true to indicate\nthat network interfaces created in the specified subnet should be\nassigned an IPv6 address. Default is `false`\n" }, "availabilityZone": { "type": "string", "description": "AZ for the subnet.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "AZ ID of the subnet. This argument is not supported in all regions or partitions. If necessary, use `availability_zone` instead.\n", "willReplaceOnChanges": true }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the subnet.\n", "willReplaceOnChanges": true }, "customerOwnedIpv4Pool": { "type": "string", "description": "The customer owned IPv4 address pool. Typically used with the `map_customer_owned_ip_on_launch` argument. The `outpost_arn` argument must be specified when configured.\n" }, "enableDns64": { "type": "boolean", "description": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. Default: `false`.\n" }, "enableLniAtDeviceIndex": { "type": "integer", "description": "Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1). A local network interface cannot be the primary network interface (eth0).\n" }, "enableResourceNameDnsARecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. Default: `false`.\n" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "type": "boolean", "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. Default: `false`.\n" }, "ipv6CidrBlock": { "type": "string", "description": "The IPv6 network range for the subnet,\nin CIDR notation. The subnet size must use a /64 prefix length.\n" }, "ipv6CidrBlockAssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6Native": { "type": "boolean", "description": "Indicates whether to create an IPv6-only subnet. Default: `false`.\n", "willReplaceOnChanges": true }, "mapCustomerOwnedIpOnLaunch": { "type": "boolean", "description": "Specify `true` to indicate that network interfaces created in the subnet should be assigned a customer owned IP address. The `customer_owned_ipv4_pool` and `outpost_arn` arguments must be specified when set to `true`. Default is `false`.\n" }, "mapPublicIpOnLaunch": { "type": "boolean", "description": "Specify true to indicate\nthat instances launched into the subnet should be assigned\na public IP address. Default is `false`.\n" }, "outpostArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Outpost.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the subnet.\n" }, "privateDnsHostnameTypeOnLaunch": { "type": "string", "description": "The type of hostnames to assign to instances in the subnet at launch. For IPv6-only subnets, an instance DNS name must be based on the instance ID. For dual-stack and IPv4-only subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name`, `resource-name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/subnetCidrReservation:SubnetCidrReservation": { "description": "Provides a subnet CIDR reservation resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SubnetCidrReservation(\"example\", {\n cidrBlock: \"10.0.0.16/28\",\n reservationType: \"prefix\",\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SubnetCidrReservation(\"example\",\n cidr_block=\"10.0.0.16/28\",\n reservation_type=\"prefix\",\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SubnetCidrReservation(\"example\", new()\n {\n CidrBlock = \"10.0.0.16/28\",\n ReservationType = \"prefix\",\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSubnetCidrReservation(ctx, \"example\", \u0026ec2.SubnetCidrReservationArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.16/28\"),\n\t\t\tReservationType: pulumi.String(\"prefix\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SubnetCidrReservation;\nimport com.pulumi.aws.ec2.SubnetCidrReservationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SubnetCidrReservation(\"example\", SubnetCidrReservationArgs.builder()\n .cidrBlock(\"10.0.0.16/28\")\n .reservationType(\"prefix\")\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SubnetCidrReservation\n properties:\n cidrBlock: 10.0.0.16/28\n reservationType: prefix\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Existing CIDR reservations using `SUBNET_ID:RESERVATION_ID`. For example:\n\n```sh\n$ pulumi import aws:ec2/subnetCidrReservation:SubnetCidrReservation example subnet-01llsxvsxabqiymcz:scr-4mnvz6wb7otksjcs9\n```\n", "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block for the reservation.\n" }, "description": { "type": "string", "description": "A brief description of the reservation.\n" }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns this CIDR reservation.\n" }, "reservationType": { "type": "string", "description": "The type of reservation to create. Valid values: `explicit`, `prefix`\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to create the reservation for.\n" } }, "required": [ "cidrBlock", "ownerId", "reservationType", "subnetId" ], "inputProperties": { "cidrBlock": { "type": "string", "description": "The CIDR block for the reservation.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the reservation.\n", "willReplaceOnChanges": true }, "reservationType": { "type": "string", "description": "The type of reservation to create. Valid values: `explicit`, `prefix`\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet to create the reservation for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cidrBlock", "reservationType", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetCidrReservation resources.\n", "properties": { "cidrBlock": { "type": "string", "description": "The CIDR block for the reservation.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the reservation.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "ID of the AWS account that owns this CIDR reservation.\n" }, "reservationType": { "type": "string", "description": "The type of reservation to create. Valid values: `explicit`, `prefix`\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet to create the reservation for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/tag:Tag": { "description": "Manages an individual EC2 resource tag. This resource should only be used in cases where EC2 resources are created outside the provider (e.g. AMIs), being shared via Resource Access Manager (RAM), or implicitly created by other means (e.g. Transit Gateway VPN Attachments).\n\n\u003e **NOTE:** This tagging resource should not be combined with the providers resource for managing the parent resource. For example, using `aws.ec2.Vpc` and `aws.ec2.Tag` to manage tags of the same VPC will cause a perpetual difference where the `aws.ec2.Vpc` resource will try to remove the tag being added by the `aws.ec2.Tag` resource.\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: example.id,\n type: exampleCustomerGateway.type,\n});\nconst exampleTag = new aws.ec2.Tag(\"example\", {\n resourceId: exampleVpnConnection.transitGatewayAttachmentId,\n key: \"Name\",\n value: \"Hello World\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"65000\",\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example.id,\n type=example_customer_gateway.type)\nexample_tag = aws.ec2.Tag(\"example\",\n resource_id=example_vpn_connection.transit_gateway_attachment_id,\n key=\"Name\",\n value=\"Hello World\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = example.Id,\n Type = exampleCustomerGateway.Type,\n });\n\n var exampleTag = new Aws.Ec2.Tag(\"example\", new()\n {\n ResourceId = exampleVpnConnection.TransitGatewayAttachmentId,\n Key = \"Name\",\n Value = \"Hello World\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnConnection, err := ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: example.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTag(ctx, \"example\", \u0026ec2.TagArgs{\n\t\t\tResourceId: exampleVpnConnection.TransitGatewayAttachmentId,\n\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\tValue: pulumi.String(\"Hello World\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport com.pulumi.aws.ec2.Tag;\nimport com.pulumi.aws.ec2.TagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGateway(\"example\");\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.0.0.1\")\n .type(\"ipsec.1\")\n .build());\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder()\n .customerGatewayId(exampleCustomerGateway.id())\n .transitGatewayId(example.id())\n .type(exampleCustomerGateway.type())\n .build());\n\n var exampleTag = new Tag(\"exampleTag\", TagArgs.builder()\n .resourceId(exampleVpnConnection.transitGatewayAttachmentId())\n .key(\"Name\")\n .value(\"Hello World\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:TransitGateway\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 65000\n ipAddress: 172.0.0.1\n type: ipsec.1\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n transitGatewayId: ${example.id}\n type: ${exampleCustomerGateway.type}\n exampleTag:\n type: aws:ec2:Tag\n name: example\n properties:\n resourceId: ${exampleVpnConnection.transitGatewayAttachmentId}\n key: Name\n value: Hello World\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_tag` using the EC2 resource identifier and key, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ec2/tag:Tag example tgw-attach-1234567890abcdef,Name\n```\n", "properties": { "key": { "type": "string", "description": "The tag name.\n" }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n" }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "required": [ "key", "resourceId", "value" ], "inputProperties": { "key": { "type": "string", "description": "The tag name.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "requiredInputs": [ "key", "resourceId", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "key": { "type": "string", "description": "The tag name.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The ID of the EC2 resource to manage the tag for.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "The value of the tag.\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorFilter:TrafficMirrorFilter": { "description": "Provides an Traffic mirror filter. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n## Example Usage\n\nTo create a basic traffic mirror filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.TrafficMirrorFilter(\"foo\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.TrafficMirrorFilter(\"foo\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.TrafficMirrorFilter(\"foo\", new()\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = new[]\n {\n \"amazon-dns\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewTrafficMirrorFilter(ctx, \"foo\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.TrafficMirrorFilter;\nimport com.pulumi.aws.ec2.TrafficMirrorFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new TrafficMirrorFilter(\"foo\", TrafficMirrorFilterArgs.builder()\n .description(\"traffic mirror filter - example\")\n .networkServices(\"amazon-dns\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:TrafficMirrorFilter\n properties:\n description: traffic mirror filter - example\n networkServices:\n - amazon-dns\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import traffic mirror filter using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/trafficMirrorFilter:TrafficMirrorFilter foo tmf-0fbb93ddf38198f64\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror filter.\n" }, "description": { "type": "string", "description": "A description of the filter.\n" }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description of the filter.\n", "willReplaceOnChanges": true }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorFilter resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror filter.\n" }, "description": { "type": "string", "description": "A description of the filter.\n", "willReplaceOnChanges": true }, "networkServices": { "type": "array", "items": { "type": "string" }, "description": "List of amazon network services that should be mirrored. Valid values: `amazon-dns`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule": { "description": "Provides an Traffic mirror filter rule. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n## Example Usage\n\nTo create a basic traffic mirror session\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ec2.TrafficMirrorFilter(\"filter\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\nconst ruleout = new aws.ec2.TrafficMirrorFilterRule(\"ruleout\", {\n description: \"test rule\",\n trafficMirrorFilterId: filter.id,\n destinationCidrBlock: \"10.0.0.0/8\",\n sourceCidrBlock: \"10.0.0.0/8\",\n ruleNumber: 1,\n ruleAction: \"accept\",\n trafficDirection: \"egress\",\n});\nconst rulein = new aws.ec2.TrafficMirrorFilterRule(\"rulein\", {\n description: \"test rule\",\n trafficMirrorFilterId: filter.id,\n destinationCidrBlock: \"10.0.0.0/8\",\n sourceCidrBlock: \"10.0.0.0/8\",\n ruleNumber: 1,\n ruleAction: \"accept\",\n trafficDirection: \"ingress\",\n protocol: 6,\n destinationPortRange: {\n fromPort: 22,\n toPort: 53,\n },\n sourcePortRange: {\n fromPort: 0,\n toPort: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ec2.TrafficMirrorFilter(\"filter\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\nruleout = aws.ec2.TrafficMirrorFilterRule(\"ruleout\",\n description=\"test rule\",\n traffic_mirror_filter_id=filter.id,\n destination_cidr_block=\"10.0.0.0/8\",\n source_cidr_block=\"10.0.0.0/8\",\n rule_number=1,\n rule_action=\"accept\",\n traffic_direction=\"egress\")\nrulein = aws.ec2.TrafficMirrorFilterRule(\"rulein\",\n description=\"test rule\",\n traffic_mirror_filter_id=filter.id,\n destination_cidr_block=\"10.0.0.0/8\",\n source_cidr_block=\"10.0.0.0/8\",\n rule_number=1,\n rule_action=\"accept\",\n traffic_direction=\"ingress\",\n protocol=6,\n destination_port_range={\n \"from_port\": 22,\n \"to_port\": 53,\n },\n source_port_range={\n \"from_port\": 0,\n \"to_port\": 10,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filter = new Aws.Ec2.TrafficMirrorFilter(\"filter\", new()\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = new[]\n {\n \"amazon-dns\",\n },\n });\n\n var ruleout = new Aws.Ec2.TrafficMirrorFilterRule(\"ruleout\", new()\n {\n Description = \"test rule\",\n TrafficMirrorFilterId = filter.Id,\n DestinationCidrBlock = \"10.0.0.0/8\",\n SourceCidrBlock = \"10.0.0.0/8\",\n RuleNumber = 1,\n RuleAction = \"accept\",\n TrafficDirection = \"egress\",\n });\n\n var rulein = new Aws.Ec2.TrafficMirrorFilterRule(\"rulein\", new()\n {\n Description = \"test rule\",\n TrafficMirrorFilterId = filter.Id,\n DestinationCidrBlock = \"10.0.0.0/8\",\n SourceCidrBlock = \"10.0.0.0/8\",\n RuleNumber = 1,\n RuleAction = \"accept\",\n TrafficDirection = \"ingress\",\n Protocol = 6,\n DestinationPortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs\n {\n FromPort = 22,\n ToPort = 53,\n },\n SourcePortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleSourcePortRangeArgs\n {\n FromPort = 0,\n ToPort = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfilter, err := ec2.NewTrafficMirrorFilter(ctx, \"filter\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorFilterRule(ctx, \"ruleout\", \u0026ec2.TrafficMirrorFilterRuleArgs{\n\t\t\tDescription: pulumi.String(\"test rule\"),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tSourceCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tRuleNumber: pulumi.Int(1),\n\t\t\tRuleAction: pulumi.String(\"accept\"),\n\t\t\tTrafficDirection: pulumi.String(\"egress\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorFilterRule(ctx, \"rulein\", \u0026ec2.TrafficMirrorFilterRuleArgs{\n\t\t\tDescription: pulumi.String(\"test rule\"),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tSourceCidrBlock: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tRuleNumber: pulumi.Int(1),\n\t\t\tRuleAction: pulumi.String(\"accept\"),\n\t\t\tTrafficDirection: pulumi.String(\"ingress\"),\n\t\t\tProtocol: pulumi.Int(6),\n\t\t\tDestinationPortRange: \u0026ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs{\n\t\t\t\tFromPort: pulumi.Int(22),\n\t\t\t\tToPort: pulumi.Int(53),\n\t\t\t},\n\t\t\tSourcePortRange: \u0026ec2.TrafficMirrorFilterRuleSourcePortRangeArgs{\n\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\tToPort: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.TrafficMirrorFilter;\nimport com.pulumi.aws.ec2.TrafficMirrorFilterArgs;\nimport com.pulumi.aws.ec2.TrafficMirrorFilterRule;\nimport com.pulumi.aws.ec2.TrafficMirrorFilterRuleArgs;\nimport com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs;\nimport com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleSourcePortRangeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var filter = new TrafficMirrorFilter(\"filter\", TrafficMirrorFilterArgs.builder()\n .description(\"traffic mirror filter - example\")\n .networkServices(\"amazon-dns\")\n .build());\n\n var ruleout = new TrafficMirrorFilterRule(\"ruleout\", TrafficMirrorFilterRuleArgs.builder()\n .description(\"test rule\")\n .trafficMirrorFilterId(filter.id())\n .destinationCidrBlock(\"10.0.0.0/8\")\n .sourceCidrBlock(\"10.0.0.0/8\")\n .ruleNumber(1)\n .ruleAction(\"accept\")\n .trafficDirection(\"egress\")\n .build());\n\n var rulein = new TrafficMirrorFilterRule(\"rulein\", TrafficMirrorFilterRuleArgs.builder()\n .description(\"test rule\")\n .trafficMirrorFilterId(filter.id())\n .destinationCidrBlock(\"10.0.0.0/8\")\n .sourceCidrBlock(\"10.0.0.0/8\")\n .ruleNumber(1)\n .ruleAction(\"accept\")\n .trafficDirection(\"ingress\")\n .protocol(6)\n .destinationPortRange(TrafficMirrorFilterRuleDestinationPortRangeArgs.builder()\n .fromPort(22)\n .toPort(53)\n .build())\n .sourcePortRange(TrafficMirrorFilterRuleSourcePortRangeArgs.builder()\n .fromPort(0)\n .toPort(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n filter:\n type: aws:ec2:TrafficMirrorFilter\n properties:\n description: traffic mirror filter - example\n networkServices:\n - amazon-dns\n ruleout:\n type: aws:ec2:TrafficMirrorFilterRule\n properties:\n description: test rule\n trafficMirrorFilterId: ${filter.id}\n destinationCidrBlock: 10.0.0.0/8\n sourceCidrBlock: 10.0.0.0/8\n ruleNumber: 1\n ruleAction: accept\n trafficDirection: egress\n rulein:\n type: aws:ec2:TrafficMirrorFilterRule\n properties:\n description: test rule\n trafficMirrorFilterId: ${filter.id}\n destinationCidrBlock: 10.0.0.0/8\n sourceCidrBlock: 10.0.0.0/8\n ruleNumber: 1\n ruleAction: accept\n trafficDirection: ingress\n protocol: 6\n destinationPortRange:\n fromPort: 22\n toPort: 53\n sourcePortRange:\n fromPort: 0\n toPort: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import traffic mirror rules using the `traffic_mirror_filter_id` and `id` separated by `:`. For example:\n\n```sh\n$ pulumi import aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule rule tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the traffic mirror filter rule.\n" }, "description": { "type": "string", "description": "Description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "Destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "Action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "Source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "Direction of traffic to be captured. Valid values are `ingress` and `egress`\n\nTraffic mirror port range support following attributes:\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n" } }, "required": [ "arn", "destinationCidrBlock", "ruleAction", "ruleNumber", "sourceCidrBlock", "trafficDirection", "trafficMirrorFilterId" ], "inputProperties": { "description": { "type": "string", "description": "Description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "Destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "Action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "Source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "Direction of traffic to be captured. Valid values are `ingress` and `egress`\n\nTraffic mirror port range support following attributes:\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationCidrBlock", "ruleAction", "ruleNumber", "sourceCidrBlock", "trafficDirection", "trafficMirrorFilterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorFilterRule resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the traffic mirror filter rule.\n" }, "description": { "type": "string", "description": "Description of the traffic mirror filter rule.\n" }, "destinationCidrBlock": { "type": "string", "description": "Destination CIDR block to assign to the Traffic Mirror rule.\n" }, "destinationPortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleDestinationPortRange:TrafficMirrorFilterRuleDestinationPortRange", "description": "Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "protocol": { "type": "integer", "description": "Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see [Protocol Numbers](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.\n" }, "ruleAction": { "type": "string", "description": "Action to take (accept | reject) on the filtered traffic. Valid values are `accept` and `reject`\n" }, "ruleNumber": { "type": "integer", "description": "Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.\n" }, "sourceCidrBlock": { "type": "string", "description": "Source CIDR block to assign to the Traffic Mirror rule.\n" }, "sourcePortRange": { "$ref": "#/types/aws:ec2/TrafficMirrorFilterRuleSourcePortRange:TrafficMirrorFilterRuleSourcePortRange", "description": "Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below\n" }, "trafficDirection": { "type": "string", "description": "Direction of traffic to be captured. Valid values are `ingress` and `egress`\n\nTraffic mirror port range support following attributes:\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to which this rule should be added\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/trafficMirrorSession:TrafficMirrorSession": { "description": "Provides an Traffic mirror session. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n## Example Usage\n\nTo create a basic traffic mirror session\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ec2.TrafficMirrorFilter(\"filter\", {\n description: \"traffic mirror filter - example\",\n networkServices: [\"amazon-dns\"],\n});\nconst target = new aws.ec2.TrafficMirrorTarget(\"target\", {networkLoadBalancerArn: lb.arn});\nconst session = new aws.ec2.TrafficMirrorSession(\"session\", {\n description: \"traffic mirror session - example\",\n networkInterfaceId: test.primaryNetworkInterfaceId,\n sessionNumber: 1,\n trafficMirrorFilterId: filter.id,\n trafficMirrorTargetId: target.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ec2.TrafficMirrorFilter(\"filter\",\n description=\"traffic mirror filter - example\",\n network_services=[\"amazon-dns\"])\ntarget = aws.ec2.TrafficMirrorTarget(\"target\", network_load_balancer_arn=lb[\"arn\"])\nsession = aws.ec2.TrafficMirrorSession(\"session\",\n description=\"traffic mirror session - example\",\n network_interface_id=test[\"primaryNetworkInterfaceId\"],\n session_number=1,\n traffic_mirror_filter_id=filter.id,\n traffic_mirror_target_id=target.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filter = new Aws.Ec2.TrafficMirrorFilter(\"filter\", new()\n {\n Description = \"traffic mirror filter - example\",\n NetworkServices = new[]\n {\n \"amazon-dns\",\n },\n });\n\n var target = new Aws.Ec2.TrafficMirrorTarget(\"target\", new()\n {\n NetworkLoadBalancerArn = lb.Arn,\n });\n\n var session = new Aws.Ec2.TrafficMirrorSession(\"session\", new()\n {\n Description = \"traffic mirror session - example\",\n NetworkInterfaceId = test.PrimaryNetworkInterfaceId,\n SessionNumber = 1,\n TrafficMirrorFilterId = filter.Id,\n TrafficMirrorTargetId = target.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfilter, err := ec2.NewTrafficMirrorFilter(ctx, \"filter\", \u0026ec2.TrafficMirrorFilterArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror filter - example\"),\n\t\t\tNetworkServices: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"amazon-dns\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttarget, err := ec2.NewTrafficMirrorTarget(ctx, \"target\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tNetworkLoadBalancerArn: pulumi.Any(lb.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorSession(ctx, \"session\", \u0026ec2.TrafficMirrorSessionArgs{\n\t\t\tDescription: pulumi.String(\"traffic mirror session - example\"),\n\t\t\tNetworkInterfaceId: pulumi.Any(test.PrimaryNetworkInterfaceId),\n\t\t\tSessionNumber: pulumi.Int(1),\n\t\t\tTrafficMirrorFilterId: filter.ID(),\n\t\t\tTrafficMirrorTargetId: target.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.TrafficMirrorFilter;\nimport com.pulumi.aws.ec2.TrafficMirrorFilterArgs;\nimport com.pulumi.aws.ec2.TrafficMirrorTarget;\nimport com.pulumi.aws.ec2.TrafficMirrorTargetArgs;\nimport com.pulumi.aws.ec2.TrafficMirrorSession;\nimport com.pulumi.aws.ec2.TrafficMirrorSessionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var filter = new TrafficMirrorFilter(\"filter\", TrafficMirrorFilterArgs.builder()\n .description(\"traffic mirror filter - example\")\n .networkServices(\"amazon-dns\")\n .build());\n\n var target = new TrafficMirrorTarget(\"target\", TrafficMirrorTargetArgs.builder()\n .networkLoadBalancerArn(lb.arn())\n .build());\n\n var session = new TrafficMirrorSession(\"session\", TrafficMirrorSessionArgs.builder()\n .description(\"traffic mirror session - example\")\n .networkInterfaceId(test.primaryNetworkInterfaceId())\n .sessionNumber(1)\n .trafficMirrorFilterId(filter.id())\n .trafficMirrorTargetId(target.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n filter:\n type: aws:ec2:TrafficMirrorFilter\n properties:\n description: traffic mirror filter - example\n networkServices:\n - amazon-dns\n target:\n type: aws:ec2:TrafficMirrorTarget\n properties:\n networkLoadBalancerArn: ${lb.arn}\n session:\n type: aws:ec2:TrafficMirrorSession\n properties:\n description: traffic mirror session - example\n networkInterfaceId: ${test.primaryNetworkInterfaceId}\n sessionNumber: 1\n trafficMirrorFilterId: ${filter.id}\n trafficMirrorTargetId: ${target.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import traffic mirror sessions using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/trafficMirrorSession:TrafficMirrorSession session tms-0d8aa3ca35897b82e\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror session.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the session owner.\n" }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "required": [ "arn", "networkInterfaceId", "ownerId", "packetLength", "sessionNumber", "tagsAll", "trafficMirrorFilterId", "trafficMirrorTargetId", "virtualNetworkId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n", "willReplaceOnChanges": true }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "requiredInputs": [ "networkInterfaceId", "sessionNumber", "trafficMirrorFilterId", "trafficMirrorTargetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorSession resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror session.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "networkInterfaceId": { "type": "string", "description": "ID of the source network interface. Not all network interfaces are eligible as mirror sources. On EC2 instances only nitro based instances support mirroring.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The AWS account ID of the session owner.\n" }, "packetLength": { "type": "integer", "description": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror.\n" }, "sessionNumber": { "type": "integer", "description": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trafficMirrorFilterId": { "type": "string", "description": "ID of the traffic mirror filter to be used\n" }, "trafficMirrorTargetId": { "type": "string", "description": "ID of the traffic mirror target to be used\n" }, "virtualNetworkId": { "type": "integer", "description": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see RFC 7348. If you do not specify a VirtualNetworkId, an account-wide unique id is chosen at random.\n" } }, "type": "object" } }, "aws:ec2/trafficMirrorTarget:TrafficMirrorTarget": { "description": "Provides a Traffic mirror target. \nRead [limits and considerations](https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) for traffic mirroring\n\n## Example Usage\n\nTo create a basic traffic mirror session\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst nlb = new aws.ec2.TrafficMirrorTarget(\"nlb\", {\n description: \"NLB target\",\n networkLoadBalancerArn: lb.arn,\n});\nconst eni = new aws.ec2.TrafficMirrorTarget(\"eni\", {\n description: \"ENI target\",\n networkInterfaceId: test.primaryNetworkInterfaceId,\n});\nconst gwlb = new aws.ec2.TrafficMirrorTarget(\"gwlb\", {\n description: \"GWLB target\",\n gatewayLoadBalancerEndpointId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnlb = aws.ec2.TrafficMirrorTarget(\"nlb\",\n description=\"NLB target\",\n network_load_balancer_arn=lb[\"arn\"])\neni = aws.ec2.TrafficMirrorTarget(\"eni\",\n description=\"ENI target\",\n network_interface_id=test[\"primaryNetworkInterfaceId\"])\ngwlb = aws.ec2.TrafficMirrorTarget(\"gwlb\",\n description=\"GWLB target\",\n gateway_load_balancer_endpoint_id=example[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var nlb = new Aws.Ec2.TrafficMirrorTarget(\"nlb\", new()\n {\n Description = \"NLB target\",\n NetworkLoadBalancerArn = lb.Arn,\n });\n\n var eni = new Aws.Ec2.TrafficMirrorTarget(\"eni\", new()\n {\n Description = \"ENI target\",\n NetworkInterfaceId = test.PrimaryNetworkInterfaceId,\n });\n\n var gwlb = new Aws.Ec2.TrafficMirrorTarget(\"gwlb\", new()\n {\n Description = \"GWLB target\",\n GatewayLoadBalancerEndpointId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewTrafficMirrorTarget(ctx, \"nlb\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tDescription: pulumi.String(\"NLB target\"),\n\t\t\tNetworkLoadBalancerArn: pulumi.Any(lb.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorTarget(ctx, \"eni\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tDescription: pulumi.String(\"ENI target\"),\n\t\t\tNetworkInterfaceId: pulumi.Any(test.PrimaryNetworkInterfaceId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewTrafficMirrorTarget(ctx, \"gwlb\", \u0026ec2.TrafficMirrorTargetArgs{\n\t\t\tDescription: pulumi.String(\"GWLB target\"),\n\t\t\tGatewayLoadBalancerEndpointId: pulumi.Any(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.TrafficMirrorTarget;\nimport com.pulumi.aws.ec2.TrafficMirrorTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var nlb = new TrafficMirrorTarget(\"nlb\", TrafficMirrorTargetArgs.builder()\n .description(\"NLB target\")\n .networkLoadBalancerArn(lb.arn())\n .build());\n\n var eni = new TrafficMirrorTarget(\"eni\", TrafficMirrorTargetArgs.builder()\n .description(\"ENI target\")\n .networkInterfaceId(test.primaryNetworkInterfaceId())\n .build());\n\n var gwlb = new TrafficMirrorTarget(\"gwlb\", TrafficMirrorTargetArgs.builder()\n .description(\"GWLB target\")\n .gatewayLoadBalancerEndpointId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n nlb:\n type: aws:ec2:TrafficMirrorTarget\n properties:\n description: NLB target\n networkLoadBalancerArn: ${lb.arn}\n eni:\n type: aws:ec2:TrafficMirrorTarget\n properties:\n description: ENI target\n networkInterfaceId: ${test.primaryNetworkInterfaceId}\n gwlb:\n type: aws:ec2:TrafficMirrorTarget\n properties:\n description: GWLB target\n gatewayLoadBalancerEndpointId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import traffic mirror targets using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/trafficMirrorTarget:TrafficMirrorTarget target tmt-0c13a005422b86606\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror target.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n" }, "gatewayLoadBalancerEndpointId": { "type": "string", "description": "The VPC Endpoint Id of the Gateway Load Balancer that is associated with the target.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n" }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the traffic mirror target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n**NOTE:** Either `network_interface_id` or `network_load_balancer_arn` should be specified and both should not be specified together\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ownerId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description of the traffic mirror session.\n", "willReplaceOnChanges": true }, "gatewayLoadBalancerEndpointId": { "type": "string", "description": "The VPC Endpoint Id of the Gateway Load Balancer that is associated with the target.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n", "willReplaceOnChanges": true }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n**NOTE:** Either `network_interface_id` or `network_load_balancer_arn` should be specified and both should not be specified together\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TrafficMirrorTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the traffic mirror target.\n" }, "description": { "type": "string", "description": "A description of the traffic mirror session.\n", "willReplaceOnChanges": true }, "gatewayLoadBalancerEndpointId": { "type": "string", "description": "The VPC Endpoint Id of the Gateway Load Balancer that is associated with the target.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that is associated with the target.\n", "willReplaceOnChanges": true }, "networkLoadBalancerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the traffic mirror target.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n**NOTE:** Either `network_interface_id` or `network_load_balancer_arn` should be specified and both should not be specified together\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/volumeAttachment:VolumeAttachment": { "description": "Provides an AWS EBS Volume Attachment as a top level resource, to attach and\ndetach volumes from AWS Instances.\n\n\u003e **NOTE on EBS block devices:** If you use `ebs_block_device` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, and treats additional block devices as drift. For this reason, `ebs_block_device` cannot be mixed with external `aws.ebs.Volume` + `aws.ec2.VolumeAttachment` resources for a given instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-21f78e11\",\n availabilityZone: \"us-west-2a\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n size: 1,\n});\nconst ebsAtt = new aws.ec2.VolumeAttachment(\"ebs_att\", {\n deviceName: \"/dev/sdh\",\n volumeId: example.id,\n instanceId: web.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-21f78e11\",\n availability_zone=\"us-west-2a\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n tags={\n \"Name\": \"HelloWorld\",\n })\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n size=1)\nebs_att = aws.ec2.VolumeAttachment(\"ebs_att\",\n device_name=\"/dev/sdh\",\n volume_id=example.id,\n instance_id=web.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var web = new Aws.Ec2.Instance(\"web\", new()\n {\n Ami = \"ami-21f78e11\",\n AvailabilityZone = \"us-west-2a\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Size = 1,\n });\n\n var ebsAtt = new Aws.Ec2.VolumeAttachment(\"ebs_att\", new()\n {\n DeviceName = \"/dev/sdh\",\n VolumeId = example.Id,\n InstanceId = web.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tweb, err := ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-21f78e11\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tSize: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVolumeAttachment(ctx, \"ebs_att\", \u0026ec2.VolumeAttachmentArgs{\n\t\t\tDeviceName: pulumi.String(\"/dev/sdh\"),\n\t\t\tVolumeId: example.ID(),\n\t\t\tInstanceId: web.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport com.pulumi.aws.ec2.VolumeAttachment;\nimport com.pulumi.aws.ec2.VolumeAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var web = new Instance(\"web\", InstanceArgs.builder()\n .ami(\"ami-21f78e11\")\n .availabilityZone(\"us-west-2a\")\n .instanceType(\"t2.micro\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .size(1)\n .build());\n\n var ebsAtt = new VolumeAttachment(\"ebsAtt\", VolumeAttachmentArgs.builder()\n .deviceName(\"/dev/sdh\")\n .volumeId(example.id())\n .instanceId(web.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ebsAtt:\n type: aws:ec2:VolumeAttachment\n name: ebs_att\n properties:\n deviceName: /dev/sdh\n volumeId: ${example.id}\n instanceId: ${web.id}\n web:\n type: aws:ec2:Instance\n properties:\n ami: ami-21f78e11\n availabilityZone: us-west-2a\n instanceType: t2.micro\n tags:\n Name: HelloWorld\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n size: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EBS Volume Attachments using `DEVICE_NAME:VOLUME_ID:INSTANCE_ID`. For example:\n\n```sh\n$ pulumi import aws:ec2/volumeAttachment:VolumeAttachment example /dev/sdh:vol-049df61146c4d7901:i-12345678\n```\n", "properties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n" }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n" }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "stopInstanceBeforeDetaching": { "type": "boolean", "description": "Set this to true to ensure that the target instance is stopped\nbefore trying to detach the volume. Stops the instance, if it is not already stopped.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n" } }, "required": [ "deviceName", "instanceId", "volumeId" ], "inputProperties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n", "willReplaceOnChanges": true }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "stopInstanceBeforeDetaching": { "type": "boolean", "description": "Set this to true to ensure that the target instance is stopped\nbefore trying to detach the volume. Stops the instance, if it is not already stopped.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "deviceName", "instanceId", "volumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VolumeAttachment resources.\n", "properties": { "deviceName": { "type": "string", "description": "The device name to expose to the instance (for\nexample, `/dev/sdh` or `xvdh`). See [Device Naming on Linux Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names) and [Device Naming on Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/device_naming.html#available-ec2-device-names) for more information.\n", "willReplaceOnChanges": true }, "forceDetach": { "type": "boolean", "description": "Set to `true` if you want to force the\nvolume to detach. Useful if previous attempts failed, but use this option only\nas a last resort, as this can result in **data loss**. See\n[Detaching an Amazon EBS Volume from an Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) for more information.\n" }, "instanceId": { "type": "string", "description": "ID of the Instance to attach to\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Set this to true if you do not wish\nto detach the volume from the instance to which it is attached at destroy\ntime, and instead just remove the attachment from this provider state. This is\nuseful when destroying an instance which has volumes created by some other\nmeans attached.\n" }, "stopInstanceBeforeDetaching": { "type": "boolean", "description": "Set this to true to ensure that the target instance is stopped\nbefore trying to detach the volume. Stops the instance, if it is not already stopped.\n" }, "volumeId": { "type": "string", "description": "ID of the Volume to be attached\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpc:Vpc": { "description": "Provides a VPC resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n instanceTenancy: \"default\",\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n instance_tenancy=\"default\",\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n InstanceTenancy = \"default\",\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tInstanceTenancy: pulumi.String(\"default\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .instanceTenancy(\"default\")\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n instanceTenancy: default\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nVPC with CIDR from AWS IPAM:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst test = new aws.ec2.VpcIpam(\"test\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst testVpcIpamPool = new aws.ec2.VpcIpamPool(\"test\", {\n addressFamily: \"ipv4\",\n ipamScopeId: test.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst testVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"test\", {\n ipamPoolId: testVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst testVpc = new aws.ec2.Vpc(\"test\", {\n ipv4IpamPoolId: testVpcIpamPool.id,\n ipv4NetmaskLength: 28,\n}, {\n dependsOn: [testVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ntest = aws.ec2.VpcIpam(\"test\", operating_regions=[{\n \"region_name\": current.name,\n}])\ntest_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"test\",\n address_family=\"ipv4\",\n ipam_scope_id=test.private_default_scope_id,\n locale=current.name)\ntest_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"test\",\n ipam_pool_id=test_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\ntest_vpc = aws.ec2.Vpc(\"test\",\n ipv4_ipam_pool_id=test_vpc_ipam_pool.id,\n ipv4_netmask_length=28,\n opts = pulumi.ResourceOptions(depends_on=[test_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var test = new Aws.Ec2.VpcIpam(\"test\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var testVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"test\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = test.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var testVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"test\", new()\n {\n IpamPoolId = testVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var testVpc = new Aws.Ec2.Vpc(\"test\", new()\n {\n Ipv4IpamPoolId = testVpcIpamPool.Id,\n Ipv4NetmaskLength = 28,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testVpcIpamPoolCidr,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewVpcIpam(ctx, \"test\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"test\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: test.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"test\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: testVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tIpv4IpamPoolId: testVpcIpamPool.ID(),\n\t\t\tIpv4NetmaskLength: pulumi.Int(28),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var test = new VpcIpam(\"test\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var testVpcIpamPool = new VpcIpamPool(\"testVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(test.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var testVpcIpamPoolCidr = new VpcIpamPoolCidr(\"testVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(testVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var testVpc = new Vpc(\"testVpc\", VpcArgs.builder()\n .ipv4IpamPoolId(testVpcIpamPool.id())\n .ipv4NetmaskLength(28)\n .build(), CustomResourceOptions.builder()\n .dependsOn(testVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n testVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: test\n properties:\n addressFamily: ipv4\n ipamScopeId: ${test.privateDefaultScopeId}\n locale: ${current.name}\n testVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: test\n properties:\n ipamPoolId: ${testVpcIpamPool.id}\n cidr: 172.20.0.0/16\n testVpc:\n type: aws:ec2:Vpc\n name: test\n properties:\n ipv4IpamPoolId: ${testVpcIpamPool.id}\n ipv4NetmaskLength: 28\n options:\n dependson:\n - ${testVpcIpamPoolCidr}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPCs using the VPC `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpc:Vpc test_vpc vpc-a01106c2\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is `false`. Conflicts with `ipv6_ipam_pool_id`\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n" }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string", "description": "DHCP options id of the desired VPC.\n" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults to true.\n" }, "enableNetworkAddressUsageMetrics": { "type": "boolean", "description": "Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC. Default is `default`, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is `dedicated`, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.\n" }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n" }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n" }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using `ipv6_netmask_length`.\n" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string", "description": "By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.\n" }, "ipv6IpamPoolId": { "type": "string", "description": "IPAM Pool ID for a IPv6 pool. Conflicts with `assign_generated_ipv6_cidr_block`.\n" }, "ipv6NetmaskLength": { "type": "integer", "description": "Netmask length to request from IPAM Pool. Conflicts with `ipv6_cidr_block`. This can be omitted if IPAM pool as a `allocation_default_netmask_length` set. Valid values: `56`.\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "cidrBlock", "defaultNetworkAclId", "defaultRouteTableId", "defaultSecurityGroupId", "dhcpOptionsId", "enableDnsHostnames", "enableNetworkAddressUsageMetrics", "ipv6AssociationId", "ipv6CidrBlock", "ipv6CidrBlockNetworkBorderGroup", "mainRouteTableId", "ownerId", "tagsAll" ], "inputProperties": { "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is `false`. Conflicts with `ipv6_ipam_pool_id`\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n", "willReplaceOnChanges": true }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults to true.\n" }, "enableNetworkAddressUsageMetrics": { "type": "boolean", "description": "Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC. Default is `default`, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is `dedicated`, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.\n" }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n", "willReplaceOnChanges": true }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n", "willReplaceOnChanges": true }, "ipv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using `ipv6_netmask_length`.\n" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string", "description": "By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.\n" }, "ipv6IpamPoolId": { "type": "string", "description": "IPAM Pool ID for a IPv6 pool. Conflicts with `assign_generated_ipv6_cidr_block`.\n" }, "ipv6NetmaskLength": { "type": "integer", "description": "Netmask length to request from IPAM Pool. Conflicts with `ipv6_cidr_block`. This can be omitted if IPAM pool as a `allocation_default_netmask_length` set. Valid values: `56`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Vpc resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of VPC\n" }, "assignGeneratedIpv6CidrBlock": { "type": "boolean", "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is `false`. Conflicts with `ipv6_ipam_pool_id`\n" }, "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n", "willReplaceOnChanges": true }, "defaultNetworkAclId": { "type": "string", "description": "The ID of the network ACL created by default on VPC creation\n" }, "defaultRouteTableId": { "type": "string", "description": "The ID of the route table created by default on VPC creation\n" }, "defaultSecurityGroupId": { "type": "string", "description": "The ID of the security group created by default on VPC creation\n" }, "dhcpOptionsId": { "type": "string", "description": "DHCP options id of the desired VPC.\n" }, "enableDnsHostnames": { "type": "boolean", "description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n" }, "enableDnsSupport": { "type": "boolean", "description": "A boolean flag to enable/disable DNS support in the VPC. Defaults to true.\n" }, "enableNetworkAddressUsageMetrics": { "type": "boolean", "description": "Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.\n" }, "instanceTenancy": { "type": "string", "description": "A tenancy option for instances launched into the VPC. Default is `default`, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is `dedicated`, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.\n" }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n", "willReplaceOnChanges": true }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n", "willReplaceOnChanges": true }, "ipv6AssociationId": { "type": "string", "description": "The association ID for the IPv6 CIDR block.\n" }, "ipv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using `ipv6_netmask_length`.\n" }, "ipv6CidrBlockNetworkBorderGroup": { "type": "string", "description": "By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.\n" }, "ipv6IpamPoolId": { "type": "string", "description": "IPAM Pool ID for a IPv6 pool. Conflicts with `assign_generated_ipv6_cidr_block`.\n" }, "ipv6NetmaskLength": { "type": "integer", "description": "Netmask length to request from IPAM Pool. Conflicts with `ipv6_cidr_block`. This can be omitted if IPAM pool as a `allocation_default_netmask_length` set. Valid values: `56`.\n" }, "mainRouteTableId": { "type": "string", "description": "The ID of the main route table associated with\nthis VPC. Note that you can change a VPC's main route table by using an\n`aws.ec2.MainRouteTableAssociation`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcDhcpOptions:VpcDhcpOptions": { "description": "Provides a VPC DHCP Options resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dnsResolver = new aws.ec2.VpcDhcpOptions(\"dns_resolver\", {domainNameServers: [\n \"8.8.8.8\",\n \"8.8.4.4\",\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndns_resolver = aws.ec2.VpcDhcpOptions(\"dns_resolver\", domain_name_servers=[\n \"8.8.8.8\",\n \"8.8.4.4\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dnsResolver = new Aws.Ec2.VpcDhcpOptions(\"dns_resolver\", new()\n {\n DomainNameServers = new[]\n {\n \"8.8.8.8\",\n \"8.8.4.4\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcDhcpOptions(ctx, \"dns_resolver\", \u0026ec2.VpcDhcpOptionsArgs{\n\t\t\tDomainNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"8.8.8.8\"),\n\t\t\t\tpulumi.String(\"8.8.4.4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcDhcpOptions;\nimport com.pulumi.aws.ec2.VpcDhcpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dnsResolver = new VpcDhcpOptions(\"dnsResolver\", VpcDhcpOptionsArgs.builder()\n .domainNameServers( \n \"8.8.8.8\",\n \"8.8.4.4\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dnsResolver:\n type: aws:ec2:VpcDhcpOptions\n name: dns_resolver\n properties:\n domainNameServers:\n - 8.8.8.8\n - 8.8.4.4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFull usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcDhcpOptions(\"foo\", {\n domainName: \"service.consul\",\n domainNameServers: [\n \"127.0.0.1\",\n \"10.0.0.2\",\n ],\n ipv6AddressPreferredLeaseTime: \"1440\",\n ntpServers: [\"127.0.0.1\"],\n netbiosNameServers: [\"127.0.0.1\"],\n netbiosNodeType: \"2\",\n tags: {\n Name: \"foo-name\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcDhcpOptions(\"foo\",\n domain_name=\"service.consul\",\n domain_name_servers=[\n \"127.0.0.1\",\n \"10.0.0.2\",\n ],\n ipv6_address_preferred_lease_time=\"1440\",\n ntp_servers=[\"127.0.0.1\"],\n netbios_name_servers=[\"127.0.0.1\"],\n netbios_node_type=\"2\",\n tags={\n \"Name\": \"foo-name\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.VpcDhcpOptions(\"foo\", new()\n {\n DomainName = \"service.consul\",\n DomainNameServers = new[]\n {\n \"127.0.0.1\",\n \"10.0.0.2\",\n },\n Ipv6AddressPreferredLeaseTime = \"1440\",\n NtpServers = new[]\n {\n \"127.0.0.1\",\n },\n NetbiosNameServers = new[]\n {\n \"127.0.0.1\",\n },\n NetbiosNodeType = \"2\",\n Tags = \n {\n { \"Name\", \"foo-name\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcDhcpOptions(ctx, \"foo\", \u0026ec2.VpcDhcpOptionsArgs{\n\t\t\tDomainName: pulumi.String(\"service.consul\"),\n\t\t\tDomainNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t\tpulumi.String(\"10.0.0.2\"),\n\t\t\t},\n\t\t\tIpv6AddressPreferredLeaseTime: pulumi.String(\"1440\"),\n\t\t\tNtpServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t},\n\t\t\tNetbiosNameServers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1\"),\n\t\t\t},\n\t\t\tNetbiosNodeType: pulumi.String(\"2\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo-name\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcDhcpOptions;\nimport com.pulumi.aws.ec2.VpcDhcpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new VpcDhcpOptions(\"foo\", VpcDhcpOptionsArgs.builder()\n .domainName(\"service.consul\")\n .domainNameServers( \n \"127.0.0.1\",\n \"10.0.0.2\")\n .ipv6AddressPreferredLeaseTime(1440)\n .ntpServers(\"127.0.0.1\")\n .netbiosNameServers(\"127.0.0.1\")\n .netbiosNodeType(2)\n .tags(Map.of(\"Name\", \"foo-name\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:VpcDhcpOptions\n properties:\n domainName: service.consul\n domainNameServers:\n - 127.0.0.1\n - 10.0.0.2\n ipv6AddressPreferredLeaseTime: 1440\n ntpServers:\n - 127.0.0.1\n netbiosNameServers:\n - 127.0.0.1\n netbiosNodeType: 2\n tags:\n Name: foo-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Remarks\n\n* Notice that all arguments are optional but you have to specify at least one argument.\n* `domain_name_servers`, `netbios_name_servers`, `ntp_servers` are limited by AWS to maximum four servers only.\n* To actually use the DHCP Options Set you need to associate it to a VPC using `aws.ec2.VpcDhcpOptionsAssociation`.\n* If you delete a DHCP Options Set, all VPCs using it will be associated to AWS's `default` DHCP Option Set.\n* In most cases unless you're configuring your own DNS you'll want to set `domain_name_servers` to `AmazonProvidedDNS`.\n\n## Import\n\nUsing `pulumi import`, import VPC DHCP Options using the DHCP Options `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcDhcpOptions:VpcDhcpOptions my_options dopt-d9070ebb\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n" }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n" }, "ipv6AddressPreferredLeaseTime": { "type": "string", "description": "How frequently, in seconds, a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.\n" }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n" }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n" }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ownerId", "tagsAll" ], "inputProperties": { "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n", "willReplaceOnChanges": true }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n", "willReplaceOnChanges": true }, "ipv6AddressPreferredLeaseTime": { "type": "string", "description": "How frequently, in seconds, a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.\n", "willReplaceOnChanges": true }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n", "willReplaceOnChanges": true }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n", "willReplaceOnChanges": true }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VpcDhcpOptions resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the DHCP Options Set.\n" }, "domainName": { "type": "string", "description": "the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the `search` value in the `/etc/resolv.conf` file.\n", "willReplaceOnChanges": true }, "domainNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of name servers to configure in `/etc/resolv.conf`. If you want to use the default AWS nameservers you should set this to `AmazonProvidedDNS`.\n", "willReplaceOnChanges": true }, "ipv6AddressPreferredLeaseTime": { "type": "string", "description": "How frequently, in seconds, a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.\n", "willReplaceOnChanges": true }, "netbiosNameServers": { "type": "array", "items": { "type": "string" }, "description": "List of NETBIOS name servers.\n", "willReplaceOnChanges": true }, "netbiosNodeType": { "type": "string", "description": "The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n", "willReplaceOnChanges": true }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "List of NTP servers to configure.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the DHCP options set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation": { "description": "Provides a VPC DHCP Options Association resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dnsResolver = new aws.ec2.VpcDhcpOptionsAssociation(\"dns_resolver\", {\n vpcId: fooAwsVpc.id,\n dhcpOptionsId: foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndns_resolver = aws.ec2.VpcDhcpOptionsAssociation(\"dns_resolver\",\n vpc_id=foo_aws_vpc[\"id\"],\n dhcp_options_id=foo[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dnsResolver = new Aws.Ec2.VpcDhcpOptionsAssociation(\"dns_resolver\", new()\n {\n VpcId = fooAwsVpc.Id,\n DhcpOptionsId = foo.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcDhcpOptionsAssociation(ctx, \"dns_resolver\", \u0026ec2.VpcDhcpOptionsAssociationArgs{\n\t\t\tVpcId: pulumi.Any(fooAwsVpc.Id),\n\t\t\tDhcpOptionsId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcDhcpOptionsAssociation;\nimport com.pulumi.aws.ec2.VpcDhcpOptionsAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dnsResolver = new VpcDhcpOptionsAssociation(\"dnsResolver\", VpcDhcpOptionsAssociationArgs.builder()\n .vpcId(fooAwsVpc.id())\n .dhcpOptionsId(foo.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dnsResolver:\n type: aws:ec2:VpcDhcpOptionsAssociation\n name: dns_resolver\n properties:\n vpcId: ${fooAwsVpc.id}\n dhcpOptionsId: ${foo.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Remarks\n\n* You can only associate one DHCP Options Set to a given VPC ID.\n* Removing the DHCP Options Association automatically sets AWS's `default` DHCP Options Set to the VPC.\n\n## Import\n\nUsing `pulumi import`, import DHCP associations using the VPC ID associated with the options. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation imported vpc-0f001273ec18911b1\n```\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n" } }, "required": [ "dhcpOptionsId", "vpcId" ], "inputProperties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dhcpOptionsId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcDhcpOptionsAssociation resources.\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "The ID of the DHCP Options Set to associate to the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to which we would like to associate a DHCP Options Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpoint:VpcEndpoint": { "description": "Provides a VPC Endpoint resource.\n\n\u003e **NOTE on VPC Endpoints and VPC Endpoint Associations:** The provider provides both standalone VPC Endpoint Associations for\nRoute Tables - (an association between a VPC endpoint and a single `route_table_id`),\nSecurity Groups - (an association between a VPC endpoint and a single `security_group_id`),\nand Subnets - (an association between a VPC endpoint and a single `subnet_id`) and\na VPC Endpoint resource with `route_table_ids` and `subnet_ids` attributes.\nDo not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource.\nDoing so will cause a conflict of associations and will overwrite the association.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n vpcId: main.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n vpc_id=main[\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new()\n {\n VpcId = main.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"s3\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new VpcEndpoint(\"s3\", VpcEndpointArgs.builder()\n .vpcId(main.id())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${main.id}\n serviceName: com.amazonaws.us-west-2.s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic w/ Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n vpcId: main.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n vpc_id=main[\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\",\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new()\n {\n VpcId = main.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"s3\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new VpcEndpoint(\"s3\", VpcEndpointArgs.builder()\n .vpcId(main.id())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${main.id}\n serviceName: com.amazonaws.us-west-2.s3\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Interface Endpoint Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.ec2.VpcEndpoint(\"ec2\", {\n vpcId: main.id,\n serviceName: \"com.amazonaws.us-west-2.ec2\",\n vpcEndpointType: \"Interface\",\n securityGroupIds: [sg1.id],\n privateDnsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.ec2.VpcEndpoint(\"ec2\",\n vpc_id=main[\"id\"],\n service_name=\"com.amazonaws.us-west-2.ec2\",\n vpc_endpoint_type=\"Interface\",\n security_group_ids=[sg1[\"id\"]],\n private_dns_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2 = new Aws.Ec2.VpcEndpoint(\"ec2\", new()\n {\n VpcId = main.Id,\n ServiceName = \"com.amazonaws.us-west-2.ec2\",\n VpcEndpointType = \"Interface\",\n SecurityGroupIds = new[]\n {\n sg1.Id,\n },\n PrivateDnsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"ec2\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.ec2\"),\n\t\t\tVpcEndpointType: pulumi.String(\"Interface\"),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tsg1.Id,\n\t\t\t},\n\t\t\tPrivateDnsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec2 = new VpcEndpoint(\"ec2\", VpcEndpointArgs.builder()\n .vpcId(main.id())\n .serviceName(\"com.amazonaws.us-west-2.ec2\")\n .vpcEndpointType(\"Interface\")\n .securityGroupIds(sg1.id())\n .privateDnsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec2:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${main.id}\n serviceName: com.amazonaws.us-west-2.ec2\n vpcEndpointType: Interface\n securityGroupIds:\n - ${sg1.id}\n privateDnsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Interface Endpoint Type with User-Defined IP Address\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.ec2.VpcEndpoint(\"ec2\", {\n vpcId: example.id,\n serviceName: \"com.amazonaws.us-west-2.ec2\",\n vpcEndpointType: \"Interface\",\n subnetConfigurations: [\n {\n ipv4: \"10.0.1.10\",\n subnetId: example1.id,\n },\n {\n ipv4: \"10.0.2.10\",\n subnetId: example2.id,\n },\n ],\n subnetIds: [\n example1.id,\n example2.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.ec2.VpcEndpoint(\"ec2\",\n vpc_id=example[\"id\"],\n service_name=\"com.amazonaws.us-west-2.ec2\",\n vpc_endpoint_type=\"Interface\",\n subnet_configurations=[\n {\n \"ipv4\": \"10.0.1.10\",\n \"subnet_id\": example1[\"id\"],\n },\n {\n \"ipv4\": \"10.0.2.10\",\n \"subnet_id\": example2[\"id\"],\n },\n ],\n subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2 = new Aws.Ec2.VpcEndpoint(\"ec2\", new()\n {\n VpcId = example.Id,\n ServiceName = \"com.amazonaws.us-west-2.ec2\",\n VpcEndpointType = \"Interface\",\n SubnetConfigurations = new[]\n {\n new Aws.Ec2.Inputs.VpcEndpointSubnetConfigurationArgs\n {\n Ipv4 = \"10.0.1.10\",\n SubnetId = example1.Id,\n },\n new Aws.Ec2.Inputs.VpcEndpointSubnetConfigurationArgs\n {\n Ipv4 = \"10.0.2.10\",\n SubnetId = example2.Id,\n },\n },\n SubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"ec2\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(example.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.ec2\"),\n\t\t\tVpcEndpointType: pulumi.String(\"Interface\"),\n\t\t\tSubnetConfigurations: ec2.VpcEndpointSubnetConfigurationArray{\n\t\t\t\t\u0026ec2.VpcEndpointSubnetConfigurationArgs{\n\t\t\t\t\tIpv4: pulumi.String(\"10.0.1.10\"),\n\t\t\t\t\tSubnetId: pulumi.Any(example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.VpcEndpointSubnetConfigurationArgs{\n\t\t\t\t\tIpv4: pulumi.String(\"10.0.2.10\"),\n\t\t\t\t\tSubnetId: pulumi.Any(example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport com.pulumi.aws.ec2.inputs.VpcEndpointSubnetConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec2 = new VpcEndpoint(\"ec2\", VpcEndpointArgs.builder()\n .vpcId(example.id())\n .serviceName(\"com.amazonaws.us-west-2.ec2\")\n .vpcEndpointType(\"Interface\")\n .subnetConfigurations( \n VpcEndpointSubnetConfigurationArgs.builder()\n .ipv4(\"10.0.1.10\")\n .subnetId(example1.id())\n .build(),\n VpcEndpointSubnetConfigurationArgs.builder()\n .ipv4(\"10.0.2.10\")\n .subnetId(example2.id())\n .build())\n .subnetIds( \n example1.id(),\n example2.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec2:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${example.id}\n serviceName: com.amazonaws.us-west-2.ec2\n vpcEndpointType: Interface\n subnetConfigurations:\n - ipv4: 10.0.1.10\n subnetId: ${example1.id}\n - ipv4: 10.0.2.10\n subnetId: ${example2.id}\n subnetIds:\n - ${example1.id}\n - ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Endpoint Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n allowedPrincipals: [current.then(current =\u003e current.arn)],\n gatewayLoadBalancerArns: [exampleAwsLb.arn],\n});\nconst exampleVpcEndpoint = new aws.ec2.VpcEndpoint(\"example\", {\n serviceName: example.serviceName,\n subnetIds: [exampleAwsSubnet.id],\n vpcEndpointType: example.serviceType,\n vpcId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n allowed_principals=[current.arn],\n gateway_load_balancer_arns=[example_aws_lb[\"arn\"]])\nexample_vpc_endpoint = aws.ec2.VpcEndpoint(\"example\",\n service_name=example.service_name,\n subnet_ids=[example_aws_subnet[\"id\"]],\n vpc_endpoint_type=example.service_type,\n vpc_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new()\n {\n AcceptanceRequired = false,\n AllowedPrincipals = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n GatewayLoadBalancerArns = new[]\n {\n exampleAwsLb.Arn,\n },\n });\n\n var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"example\", new()\n {\n ServiceName = example.ServiceName,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n VpcEndpointType = example.ServiceType,\n VpcId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tAllowedPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.Arn),\n\t\t\t},\n\t\t\tGatewayLoadBalancerArns: pulumi.StringArray{\n\t\t\t\texampleAwsLb.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"example\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: example.ServiceName,\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tVpcEndpointType: example.ServiceType,\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpcEndpointService;\nimport com.pulumi.aws.ec2.VpcEndpointServiceArgs;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new VpcEndpointService(\"example\", VpcEndpointServiceArgs.builder()\n .acceptanceRequired(false)\n .allowedPrincipals(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .gatewayLoadBalancerArns(exampleAwsLb.arn())\n .build());\n\n var exampleVpcEndpoint = new VpcEndpoint(\"exampleVpcEndpoint\", VpcEndpointArgs.builder()\n .serviceName(example.serviceName())\n .subnetIds(exampleAwsSubnet.id())\n .vpcEndpointType(example.serviceType())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n allowedPrincipals:\n - ${current.arn}\n gatewayLoadBalancerArns:\n - ${exampleAwsLb.arn}\n exampleVpcEndpoint:\n type: aws:ec2:VpcEndpoint\n name: example\n properties:\n serviceName: ${example.serviceName}\n subnetIds:\n - ${exampleAwsSubnet.id}\n vpcEndpointType: ${example.serviceType}\n vpcId: ${exampleAwsVpc.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoints using the VPC endpoint `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpoint:VpcEndpoint endpoint1 vpce-3ecf2a57\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint.\n" }, "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry" }, "description": "The DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS blocks are documented below.\n" }, "dnsOptions": { "$ref": "#/types/aws:ec2/VpcEndpointDnsOptions:VpcEndpointDnsOptions", "description": "The DNS options for the endpoint. See dns_options below.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4`, `dualstack`, and `ipv6`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC endpoint.\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "prefixListId": { "type": "string", "description": "The prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`. Most users will want this enabled to allow services within the VPC to automatically use the endpoint.\nDefaults to `false`.\n" }, "requesterManaged": { "type": "boolean", "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type `Interface`.\nIf no security groups are specified, the VPC's [default security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#DefaultSecurityGroup) is associated with the endpoint.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "state": { "type": "string", "description": "The state of the VPC endpoint.\n" }, "subnetConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointSubnetConfiguration:VpcEndpointSubnetConfiguration" }, "description": "Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `GatewayLoadBalancer` and `Interface`. Interface type endpoints cannot function without being assigned to a subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway`, `GatewayLoadBalancer`, or `Interface`. Defaults to `Gateway`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n" } }, "required": [ "arn", "cidrBlocks", "dnsEntries", "dnsOptions", "ipAddressType", "networkInterfaceIds", "ownerId", "policy", "prefixListId", "privateDnsEnabled", "requesterManaged", "routeTableIds", "securityGroupIds", "serviceName", "state", "subnetConfigurations", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "dnsOptions": { "$ref": "#/types/aws:ec2/VpcEndpointDnsOptions:VpcEndpointDnsOptions", "description": "The DNS options for the endpoint. See dns_options below.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4`, `dualstack`, and `ipv6`.\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`. Most users will want this enabled to allow services within the VPC to automatically use the endpoint.\nDefaults to `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type `Interface`.\nIf no security groups are specified, the VPC's [default security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#DefaultSecurityGroup) is associated with the endpoint.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n", "willReplaceOnChanges": true }, "subnetConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointSubnetConfiguration:VpcEndpointSubnetConfiguration" }, "description": "Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `GatewayLoadBalancer` and `Interface`. Interface type endpoints cannot function without being assigned to a subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway`, `GatewayLoadBalancer`, or `Interface`. Defaults to `Gateway`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "serviceName", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint.\n" }, "autoAccept": { "type": "boolean", "description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).\n" }, "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointDnsEntry:VpcEndpointDnsEntry" }, "description": "The DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS blocks are documented below.\n" }, "dnsOptions": { "$ref": "#/types/aws:ec2/VpcEndpointDnsOptions:VpcEndpointDnsOptions", "description": "The DNS options for the endpoint. See dns_options below.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4`, `dualstack`, and `ipv6`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that owns the VPC endpoint.\n" }, "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "prefixListId": { "type": "string", "description": "The prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n" }, "privateDnsEnabled": { "type": "boolean", "description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type `Interface`. Most users will want this enabled to allow services within the VPC to automatically use the endpoint.\nDefaults to `false`.\n" }, "requesterManaged": { "type": "boolean", "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type `Interface`.\nIf no security groups are specified, the VPC's [default security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#DefaultSecurityGroup) is associated with the endpoint.\n" }, "serviceName": { "type": "string", "description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The state of the VPC endpoint.\n" }, "subnetConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointSubnetConfiguration:VpcEndpointSubnetConfiguration" }, "description": "Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `GatewayLoadBalancer` and `Interface`. Interface type endpoints cannot function without being assigned to a subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointType": { "type": "string", "description": "The VPC endpoint type, `Gateway`, `GatewayLoadBalancer`, or `Interface`. Defaults to `Gateway`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the endpoint will be used.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpointConnectionAccepter:VpcEndpointConnectionAccepter": { "description": "Provides a resource to accept a pending VPC Endpoint Connection accept request to VPC Endpoint Service.\n\n## Example Usage\n\n### Accept cross-account request\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [exampleAwsLb.arn],\n});\nconst exampleVpcEndpoint = new aws.ec2.VpcEndpoint(\"example\", {\n vpcId: testAlternate.id,\n serviceName: testAwsVpcEndpointService.serviceName,\n vpcEndpointType: \"Interface\",\n privateDnsEnabled: false,\n securityGroupIds: [test.id],\n});\nconst exampleVpcEndpointConnectionAccepter = new aws.ec2.VpcEndpointConnectionAccepter(\"example\", {\n vpcEndpointServiceId: example.id,\n vpcEndpointId: exampleVpcEndpoint.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n network_load_balancer_arns=[example_aws_lb[\"arn\"]])\nexample_vpc_endpoint = aws.ec2.VpcEndpoint(\"example\",\n vpc_id=test_alternate[\"id\"],\n service_name=test_aws_vpc_endpoint_service[\"serviceName\"],\n vpc_endpoint_type=\"Interface\",\n private_dns_enabled=False,\n security_group_ids=[test[\"id\"]])\nexample_vpc_endpoint_connection_accepter = aws.ec2.VpcEndpointConnectionAccepter(\"example\",\n vpc_endpoint_service_id=example.id,\n vpc_endpoint_id=example_vpc_endpoint.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new()\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = new[]\n {\n exampleAwsLb.Arn,\n },\n });\n\n var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"example\", new()\n {\n VpcId = testAlternate.Id,\n ServiceName = testAwsVpcEndpointService.ServiceName,\n VpcEndpointType = \"Interface\",\n PrivateDnsEnabled = false,\n SecurityGroupIds = new[]\n {\n test.Id,\n },\n });\n\n var exampleVpcEndpointConnectionAccepter = new Aws.Ec2.VpcEndpointConnectionAccepter(\"example\", new()\n {\n VpcEndpointServiceId = example.Id,\n VpcEndpointId = exampleVpcEndpoint.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\texampleAwsLb.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcEndpoint, err := ec2.NewVpcEndpoint(ctx, \"example\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(testAlternate.Id),\n\t\t\tServiceName: pulumi.Any(testAwsVpcEndpointService.ServiceName),\n\t\t\tVpcEndpointType: pulumi.String(\"Interface\"),\n\t\t\tPrivateDnsEnabled: pulumi.Bool(false),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttest.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointConnectionAccepter(ctx, \"example\", \u0026ec2.VpcEndpointConnectionAccepterArgs{\n\t\t\tVpcEndpointServiceId: example.ID(),\n\t\t\tVpcEndpointId: exampleVpcEndpoint.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpointService;\nimport com.pulumi.aws.ec2.VpcEndpointServiceArgs;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport com.pulumi.aws.ec2.VpcEndpointConnectionAccepter;\nimport com.pulumi.aws.ec2.VpcEndpointConnectionAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcEndpointService(\"example\", VpcEndpointServiceArgs.builder()\n .acceptanceRequired(false)\n .networkLoadBalancerArns(exampleAwsLb.arn())\n .build());\n\n var exampleVpcEndpoint = new VpcEndpoint(\"exampleVpcEndpoint\", VpcEndpointArgs.builder()\n .vpcId(testAlternate.id())\n .serviceName(testAwsVpcEndpointService.serviceName())\n .vpcEndpointType(\"Interface\")\n .privateDnsEnabled(false)\n .securityGroupIds(test.id())\n .build());\n\n var exampleVpcEndpointConnectionAccepter = new VpcEndpointConnectionAccepter(\"exampleVpcEndpointConnectionAccepter\", VpcEndpointConnectionAccepterArgs.builder()\n .vpcEndpointServiceId(example.id())\n .vpcEndpointId(exampleVpcEndpoint.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n networkLoadBalancerArns:\n - ${exampleAwsLb.arn}\n exampleVpcEndpoint:\n type: aws:ec2:VpcEndpoint\n name: example\n properties:\n vpcId: ${testAlternate.id}\n serviceName: ${testAwsVpcEndpointService.serviceName}\n vpcEndpointType: Interface\n privateDnsEnabled: false\n securityGroupIds:\n - ${test.id}\n exampleVpcEndpointConnectionAccepter:\n type: aws:ec2:VpcEndpointConnectionAccepter\n name: example\n properties:\n vpcEndpointServiceId: ${example.id}\n vpcEndpointId: ${exampleVpcEndpoint.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint Services using ID of the connection, which is the `VPC Endpoint Service ID` and `VPC Endpoint ID` separated by underscore (`_`).. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointConnectionAccepter:VpcEndpointConnectionAccepter foo vpce-svc-0f97a19d3fa8220bc_vpce-010601a6db371e263\n```\n", "properties": { "vpcEndpointId": { "type": "string", "description": "AWS VPC Endpoint ID.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "AWS VPC Endpoint Service ID.\n" }, "vpcEndpointState": { "type": "string", "description": "State of the VPC Endpoint.\n" } }, "required": [ "vpcEndpointId", "vpcEndpointServiceId", "vpcEndpointState" ], "inputProperties": { "vpcEndpointId": { "type": "string", "description": "AWS VPC Endpoint ID.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "AWS VPC Endpoint Service ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcEndpointId", "vpcEndpointServiceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointConnectionAccepter resources.\n", "properties": { "vpcEndpointId": { "type": "string", "description": "AWS VPC Endpoint ID.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "AWS VPC Endpoint Service ID.\n", "willReplaceOnChanges": true }, "vpcEndpointState": { "type": "string", "description": "State of the VPC Endpoint.\n" } }, "type": "object" } }, "aws:ec2/vpcEndpointConnectionNotification:VpcEndpointConnectionNotification": { "description": "Provides a VPC Endpoint connection notification resource.\nConnection notifications notify subscribers of VPC Endpoint events.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst topic = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"vpce.amazonaws.com\"],\n }],\n actions: [\"SNS:Publish\"],\n resources: [\"arn:aws:sns:*:*:vpce-notification-topic\"],\n }],\n});\nconst topicTopic = new aws.sns.Topic(\"topic\", {\n name: \"vpce-notification-topic\",\n policy: topic.then(topic =\u003e topic.json),\n});\nconst foo = new aws.ec2.VpcEndpointService(\"foo\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [test.arn],\n});\nconst fooVpcEndpointConnectionNotification = new aws.ec2.VpcEndpointConnectionNotification(\"foo\", {\n vpcEndpointServiceId: foo.id,\n connectionNotificationArn: topicTopic.arn,\n connectionEvents: [\n \"Accept\",\n \"Reject\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntopic = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"vpce.amazonaws.com\"],\n }],\n \"actions\": [\"SNS:Publish\"],\n \"resources\": [\"arn:aws:sns:*:*:vpce-notification-topic\"],\n}])\ntopic_topic = aws.sns.Topic(\"topic\",\n name=\"vpce-notification-topic\",\n policy=topic.json)\nfoo = aws.ec2.VpcEndpointService(\"foo\",\n acceptance_required=False,\n network_load_balancer_arns=[test[\"arn\"]])\nfoo_vpc_endpoint_connection_notification = aws.ec2.VpcEndpointConnectionNotification(\"foo\",\n vpc_endpoint_service_id=foo.id,\n connection_notification_arn=topic_topic.arn,\n connection_events=[\n \"Accept\",\n \"Reject\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var topic = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"vpce.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Resources = new[]\n {\n \"arn:aws:sns:*:*:vpce-notification-topic\",\n },\n },\n },\n });\n\n var topicTopic = new Aws.Sns.Topic(\"topic\", new()\n {\n Name = \"vpce-notification-topic\",\n Policy = topic.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Ec2.VpcEndpointService(\"foo\", new()\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = new[]\n {\n test.Arn,\n },\n });\n\n var fooVpcEndpointConnectionNotification = new Aws.Ec2.VpcEndpointConnectionNotification(\"foo\", new()\n {\n VpcEndpointServiceId = foo.Id,\n ConnectionNotificationArn = topicTopic.Arn,\n ConnectionEvents = new[]\n {\n \"Accept\",\n \"Reject\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttopic, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"vpce.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"SNS:Publish\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:sns:*:*:vpce-notification-topic\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopicTopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"vpce-notification-topic\"),\n\t\t\tPolicy: pulumi.String(topic.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewVpcEndpointService(ctx, \"foo\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointConnectionNotification(ctx, \"foo\", \u0026ec2.VpcEndpointConnectionNotificationArgs{\n\t\t\tVpcEndpointServiceId: foo.ID(),\n\t\t\tConnectionNotificationArn: topicTopic.Arn,\n\t\t\tConnectionEvents: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Accept\"),\n\t\t\t\tpulumi.String(\"Reject\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.ec2.VpcEndpointService;\nimport com.pulumi.aws.ec2.VpcEndpointServiceArgs;\nimport com.pulumi.aws.ec2.VpcEndpointConnectionNotification;\nimport com.pulumi.aws.ec2.VpcEndpointConnectionNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var topic = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"vpce.amazonaws.com\")\n .build())\n .actions(\"SNS:Publish\")\n .resources(\"arn:aws:sns:*:*:vpce-notification-topic\")\n .build())\n .build());\n\n var topicTopic = new Topic(\"topicTopic\", TopicArgs.builder()\n .name(\"vpce-notification-topic\")\n .policy(topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new VpcEndpointService(\"foo\", VpcEndpointServiceArgs.builder()\n .acceptanceRequired(false)\n .networkLoadBalancerArns(test.arn())\n .build());\n\n var fooVpcEndpointConnectionNotification = new VpcEndpointConnectionNotification(\"fooVpcEndpointConnectionNotification\", VpcEndpointConnectionNotificationArgs.builder()\n .vpcEndpointServiceId(foo.id())\n .connectionNotificationArn(topicTopic.arn())\n .connectionEvents( \n \"Accept\",\n \"Reject\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n topicTopic:\n type: aws:sns:Topic\n name: topic\n properties:\n name: vpce-notification-topic\n policy: ${topic.json}\n foo:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n networkLoadBalancerArns:\n - ${test.arn}\n fooVpcEndpointConnectionNotification:\n type: aws:ec2:VpcEndpointConnectionNotification\n name: foo\n properties:\n vpcEndpointServiceId: ${foo.id}\n connectionNotificationArn: ${topicTopic.arn}\n connectionEvents:\n - Accept\n - Reject\nvariables:\n topic:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - vpce.amazonaws.com\n actions:\n - SNS:Publish\n resources:\n - arn:aws:sns:*:*:vpce-notification-topic\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint connection notifications using the VPC endpoint connection notification `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointConnectionNotification:VpcEndpointConnectionNotification foo vpce-nfn-09e6ed3b4efba2263\n```\n", "properties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n\n\u003e **NOTE:** One of `vpc_endpoint_service_id` or `vpc_endpoint_id` must be specified.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "notificationType": { "type": "string", "description": "The type of notification.\n" }, "state": { "type": "string", "description": "The state of the notification.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n" } }, "required": [ "connectionEvents", "connectionNotificationArn", "notificationType", "state" ], "inputProperties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n\n\u003e **NOTE:** One of `vpc_endpoint_service_id` or `vpc_endpoint_id` must be specified.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionEvents", "connectionNotificationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointConnectionNotification resources.\n", "properties": { "connectionEvents": { "type": "array", "items": { "type": "string" }, "description": "One or more endpoint [events](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html#API_CreateVpcEndpointConnectionNotification_RequestParameters) for which to receive notifications.\n\n\u003e **NOTE:** One of `vpc_endpoint_service_id` or `vpc_endpoint_id` must be specified.\n" }, "connectionNotificationArn": { "type": "string", "description": "The ARN of the SNS topic for the notifications.\n" }, "notificationType": { "type": "string", "description": "The type of notification.\n" }, "state": { "type": "string", "description": "The state of the notification.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC Endpoint to receive notifications for.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC Endpoint Service to receive notifications for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpointPolicy:VpcEndpointPolicy": { "description": "Provides a VPC Endpoint Policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getVpcEndpointService({\n service: \"dynamodb\",\n});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleVpcEndpoint = new aws.ec2.VpcEndpoint(\"example\", {\n serviceName: example.then(example =\u003e example.serviceName),\n vpcId: exampleVpc.id,\n});\nconst exampleVpcEndpointPolicy = new aws.ec2.VpcEndpointPolicy(\"example\", {\n vpcEndpointId: exampleVpcEndpoint.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"AllowAll\",\n Effect: \"Allow\",\n Principal: {\n AWS: \"*\",\n },\n Action: [\"dynamodb:*\"],\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_vpc_endpoint_service(service=\"dynamodb\")\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_vpc_endpoint = aws.ec2.VpcEndpoint(\"example\",\n service_name=example.service_name,\n vpc_id=example_vpc.id)\nexample_vpc_endpoint_policy = aws.ec2.VpcEndpointPolicy(\"example\",\n vpc_endpoint_id=example_vpc_endpoint.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"AllowAll\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Action\": [\"dynamodb:*\"],\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetVpcEndpointService.Invoke(new()\n {\n Service = \"dynamodb\",\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"example\", new()\n {\n ServiceName = example.Apply(getVpcEndpointServiceResult =\u003e getVpcEndpointServiceResult.ServiceName),\n VpcId = exampleVpc.Id,\n });\n\n var exampleVpcEndpointPolicy = new Aws.Ec2.VpcEndpointPolicy(\"example\", new()\n {\n VpcEndpointId = exampleVpcEndpoint.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"AllowAll\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Action\"] = new[]\n {\n \"dynamodb:*\",\n },\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tService: pulumi.StringRef(\"dynamodb\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcEndpoint, err := ec2.NewVpcEndpoint(ctx, \"example\", \u0026ec2.VpcEndpointArgs{\n\t\t\tServiceName: pulumi.String(example.ServiceName),\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"AllowAll\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"dynamodb:*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = ec2.NewVpcEndpointPolicy(ctx, \"example\", \u0026ec2.VpcEndpointPolicyArgs{\n\t\t\tVpcEndpointId: exampleVpcEndpoint.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcEndpointServiceArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport com.pulumi.aws.ec2.VpcEndpointPolicy;\nimport com.pulumi.aws.ec2.VpcEndpointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getVpcEndpointService(GetVpcEndpointServiceArgs.builder()\n .service(\"dynamodb\")\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleVpcEndpoint = new VpcEndpoint(\"exampleVpcEndpoint\", VpcEndpointArgs.builder()\n .serviceName(example.applyValue(getVpcEndpointServiceResult -\u003e getVpcEndpointServiceResult.serviceName()))\n .vpcId(exampleVpc.id())\n .build());\n\n var exampleVpcEndpointPolicy = new VpcEndpointPolicy(\"exampleVpcEndpointPolicy\", VpcEndpointPolicyArgs.builder()\n .vpcEndpointId(exampleVpcEndpoint.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"AllowAll\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Action\", jsonArray(\"dynamodb:*\")),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleVpcEndpoint:\n type: aws:ec2:VpcEndpoint\n name: example\n properties:\n serviceName: ${example.serviceName}\n vpcId: ${exampleVpc.id}\n exampleVpcEndpointPolicy:\n type: aws:ec2:VpcEndpointPolicy\n name: example\n properties:\n vpcEndpointId: ${exampleVpcEndpoint.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: AllowAll\n Effect: Allow\n Principal:\n AWS: '*'\n Action:\n - dynamodb:*\n Resource: '*'\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpcEndpointService\n Arguments:\n service: dynamodb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint Policies using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointPolicy:VpcEndpointPolicy example vpce-3ecf2a57\n```\n", "properties": { "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "vpcEndpointId": { "type": "string", "description": "The VPC Endpoint ID.\n" } }, "required": [ "policy", "vpcEndpointId" ], "inputProperties": { "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "vpcEndpointId": { "type": "string", "description": "The VPC Endpoint ID.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointPolicy resources.\n", "properties": { "policy": { "type": "string", "description": "A policy to attach to the endpoint that controls access to the service. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n" }, "vpcEndpointId": { "type": "string", "description": "The VPC Endpoint ID.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpointRouteTableAssociation:VpcEndpointRouteTableAssociation": { "description": "Manages a VPC Endpoint Route Table Association\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointRouteTableAssociation(\"example\", {\n routeTableId: exampleAwsRouteTable.id,\n vpcEndpointId: exampleAwsVpcEndpoint.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointRouteTableAssociation(\"example\",\n route_table_id=example_aws_route_table[\"id\"],\n vpc_endpoint_id=example_aws_vpc_endpoint[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpcEndpointRouteTableAssociation(\"example\", new()\n {\n RouteTableId = exampleAwsRouteTable.Id,\n VpcEndpointId = exampleAwsVpcEndpoint.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpointRouteTableAssociation(ctx, \"example\", \u0026ec2.VpcEndpointRouteTableAssociationArgs{\n\t\t\tRouteTableId: pulumi.Any(exampleAwsRouteTable.Id),\n\t\t\tVpcEndpointId: pulumi.Any(exampleAwsVpcEndpoint.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpointRouteTableAssociation;\nimport com.pulumi.aws.ec2.VpcEndpointRouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcEndpointRouteTableAssociation(\"example\", VpcEndpointRouteTableAssociationArgs.builder()\n .routeTableId(exampleAwsRouteTable.id())\n .vpcEndpointId(exampleAwsVpcEndpoint.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcEndpointRouteTableAssociation\n properties:\n routeTableId: ${exampleAwsRouteTable.id}\n vpcEndpointId: ${exampleAwsVpcEndpoint.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint Route Table Associations using `vpc_endpoint_id` together with `route_table_id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointRouteTableAssociation:VpcEndpointRouteTableAssociation example vpce-aaaaaaaa/rtb-bbbbbbbb\n```\n", "properties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n" } }, "required": [ "routeTableId", "vpcEndpointId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "routeTableId", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointRouteTableAssociation resources.\n", "properties": { "routeTableId": { "type": "string", "description": "Identifier of the EC2 Route Table to be associated with the VPC Endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpointService:VpcEndpointService": { "description": "Provides a VPC Endpoint Service resource.\nService consumers can create an _Interface_ VPC Endpoint to connect to the service.\n\n\u003e **NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals:** This provider provides\nboth a standalone VPC Endpoint Service Allowed Principal resource\nand a VPC Endpoint Service resource with an `allowed_principals` attribute. Do not use the same principal ARN in both\na VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict\nand will overwrite the association.\n\n## Example Usage\n\n### Network Load Balancers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n networkLoadBalancerArns: [exampleAwsLb.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n network_load_balancer_arns=[example_aws_lb[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new()\n {\n AcceptanceRequired = false,\n NetworkLoadBalancerArns = new[]\n {\n exampleAwsLb.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tNetworkLoadBalancerArns: pulumi.StringArray{\n\t\t\t\texampleAwsLb.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpointService;\nimport com.pulumi.aws.ec2.VpcEndpointServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcEndpointService(\"example\", VpcEndpointServiceArgs.builder()\n .acceptanceRequired(false)\n .networkLoadBalancerArns(exampleAwsLb.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n networkLoadBalancerArns:\n - ${exampleAwsLb.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcEndpointService(\"example\", {\n acceptanceRequired: false,\n gatewayLoadBalancerArns: [exampleAwsLb.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcEndpointService(\"example\",\n acceptance_required=False,\n gateway_load_balancer_arns=[example_aws_lb[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpcEndpointService(\"example\", new()\n {\n AcceptanceRequired = false,\n GatewayLoadBalancerArns = new[]\n {\n exampleAwsLb.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpointService(ctx, \"example\", \u0026ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tGatewayLoadBalancerArns: pulumi.StringArray{\n\t\t\t\texampleAwsLb.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpointService;\nimport com.pulumi.aws.ec2.VpcEndpointServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcEndpointService(\"example\", VpcEndpointServiceArgs.builder()\n .acceptanceRequired(false)\n .gatewayLoadBalancerArns(exampleAwsLb.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n gatewayLoadBalancerArns:\n - ${exampleAwsLb.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint Services using the VPC endpoint service `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointService:VpcEndpointService foo vpce-svc-0f97a19d3fa8220bc\n```\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint service.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A set of Availability Zones in which the service is available.\n" }, "baseEndpointDnsNames": { "type": "array", "items": { "type": "string" }, "description": "A set of DNS names for the service.\n" }, "gatewayLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Gateway Load Balancers for the endpoint service.\n" }, "managesVpcEndpoints": { "type": "boolean", "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Network Load Balancers for the endpoint service.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "privateDnsNameConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointServicePrivateDnsNameConfiguration:VpcEndpointServicePrivateDnsNameConfiguration" }, "description": "List of objects containing information about the endpoint service private DNS name configuration.\n" }, "serviceName": { "type": "string", "description": "The service name.\n" }, "serviceType": { "type": "string", "description": "The service type, `Gateway` or `Interface`.\n" }, "state": { "type": "string", "description": "Verification state of the VPC endpoint service. Consumers of the endpoint service can use the private name only when the state is `verified`.\n" }, "supportedIpAddressTypes": { "type": "array", "items": { "type": "string" }, "description": "The supported IP address types. The possible values are `ipv4` and `ipv6`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "acceptanceRequired", "allowedPrincipals", "arn", "availabilityZones", "baseEndpointDnsNames", "managesVpcEndpoints", "privateDnsName", "privateDnsNameConfigurations", "serviceName", "serviceType", "state", "supportedIpAddressTypes", "tagsAll" ], "inputProperties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "gatewayLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Gateway Load Balancers for the endpoint service.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Network Load Balancers for the endpoint service.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "supportedIpAddressTypes": { "type": "array", "items": { "type": "string" }, "description": "The supported IP address types. The possible values are `ipv4` and `ipv6`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "acceptanceRequired" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointService resources.\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n" }, "allowedPrincipals": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of one or more principals allowed to discover the endpoint service.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC endpoint service.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A set of Availability Zones in which the service is available.\n" }, "baseEndpointDnsNames": { "type": "array", "items": { "type": "string" }, "description": "A set of DNS names for the service.\n" }, "gatewayLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Gateway Load Balancers for the endpoint service.\n" }, "managesVpcEndpoints": { "type": "boolean", "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n" }, "networkLoadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of one or more Network Load Balancers for the endpoint service.\n" }, "privateDnsName": { "type": "string", "description": "The private DNS name for the service.\n" }, "privateDnsNameConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcEndpointServicePrivateDnsNameConfiguration:VpcEndpointServicePrivateDnsNameConfiguration" }, "description": "List of objects containing information about the endpoint service private DNS name configuration.\n" }, "serviceName": { "type": "string", "description": "The service name.\n" }, "serviceType": { "type": "string", "description": "The service type, `Gateway` or `Interface`.\n" }, "state": { "type": "string", "description": "Verification state of the VPC endpoint service. Consumers of the endpoint service can use the private name only when the state is `verified`.\n" }, "supportedIpAddressTypes": { "type": "array", "items": { "type": "string" }, "description": "The supported IP address types. The possible values are `ipv4` and `ipv6`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcEndpointServiceAllowedPrinciple:VpcEndpointServiceAllowedPrinciple": { "description": "Provides a resource to allow a principal to discover a VPC endpoint service.\n\n\u003e **NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals:** This provider provides\nboth a standalone VPC Endpoint Service Allowed Principal resource\nand a VPC Endpoint Service resource with an `allowed_principals` attribute. Do not use the same principal ARN in both\na VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict\nand will overwrite the association.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst allowMeToFoo = new aws.ec2.VpcEndpointServiceAllowedPrinciple(\"allow_me_to_foo\", {\n vpcEndpointServiceId: foo.id,\n principalArn: current.then(current =\u003e current.arn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nallow_me_to_foo = aws.ec2.VpcEndpointServiceAllowedPrinciple(\"allow_me_to_foo\",\n vpc_endpoint_service_id=foo[\"id\"],\n principal_arn=current.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var allowMeToFoo = new Aws.Ec2.VpcEndpointServiceAllowedPrinciple(\"allow_me_to_foo\", new()\n {\n VpcEndpointServiceId = foo.Id,\n PrincipalArn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointServiceAllowedPrinciple(ctx, \"allow_me_to_foo\", \u0026ec2.VpcEndpointServiceAllowedPrincipleArgs{\n\t\t\tVpcEndpointServiceId: pulumi.Any(foo.Id),\n\t\t\tPrincipalArn: pulumi.String(current.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpcEndpointServiceAllowedPrinciple;\nimport com.pulumi.aws.ec2.VpcEndpointServiceAllowedPrincipleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var allowMeToFoo = new VpcEndpointServiceAllowedPrinciple(\"allowMeToFoo\", VpcEndpointServiceAllowedPrincipleArgs.builder()\n .vpcEndpointServiceId(foo.id())\n .principalArn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowMeToFoo:\n type: aws:ec2:VpcEndpointServiceAllowedPrinciple\n name: allow_me_to_foo\n properties:\n vpcEndpointServiceId: ${foo.id}\n principalArn: ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n" }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n" } }, "required": [ "principalArn", "vpcEndpointServiceId" ], "inputProperties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "principalArn", "vpcEndpointServiceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointServiceAllowedPrinciple resources.\n", "properties": { "principalArn": { "type": "string", "description": "The ARN of the principal to allow permissions.\n", "willReplaceOnChanges": true }, "vpcEndpointServiceId": { "type": "string", "description": "The ID of the VPC endpoint service to allow permission.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcEndpointSubnetAssociation:VpcEndpointSubnetAssociation": { "description": "Provides a resource to create an association between a VPC endpoint and a subnet.\n\n\u003e **NOTE on VPC Endpoints and VPC Endpoint Subnet Associations:** This provider provides\nboth a standalone VPC Endpoint Subnet Association (an association between a VPC endpoint\nand a single `subnet_id`) and a VPC Endpoint resource with a `subnet_ids`\nattribute. Do not use the same subnet ID in both a VPC Endpoint resource and a VPC Endpoint Subnet\nAssociation resource. Doing so will cause a conflict of associations and will overwrite the association.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst snEc2 = new aws.ec2.VpcEndpointSubnetAssociation(\"sn_ec2\", {\n vpcEndpointId: ec2.id,\n subnetId: sn.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsn_ec2 = aws.ec2.VpcEndpointSubnetAssociation(\"sn_ec2\",\n vpc_endpoint_id=ec2[\"id\"],\n subnet_id=sn[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var snEc2 = new Aws.Ec2.VpcEndpointSubnetAssociation(\"sn_ec2\", new()\n {\n VpcEndpointId = ec2.Id,\n SubnetId = sn.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpointSubnetAssociation(ctx, \"sn_ec2\", \u0026ec2.VpcEndpointSubnetAssociationArgs{\n\t\t\tVpcEndpointId: pulumi.Any(ec2.Id),\n\t\t\tSubnetId: pulumi.Any(sn.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpointSubnetAssociation;\nimport com.pulumi.aws.ec2.VpcEndpointSubnetAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var snEc2 = new VpcEndpointSubnetAssociation(\"snEc2\", VpcEndpointSubnetAssociationArgs.builder()\n .vpcEndpointId(ec2.id())\n .subnetId(sn.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n snEc2:\n type: aws:ec2:VpcEndpointSubnetAssociation\n name: sn_ec2\n properties:\n vpcEndpointId: ${ec2.id}\n subnetId: ${sn.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Endpoint Subnet Associations using `vpc_endpoint_id` together with `subnet_id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcEndpointSubnetAssociation:VpcEndpointSubnetAssociation example vpce-aaaaaaaa/subnet-bbbbbbbbbbbbbbbbb\n```\n", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n" }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n" } }, "required": [ "subnetId", "vpcEndpointId" ], "inputProperties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "subnetId", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpointSubnetAssociation resources.\n", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to be associated with the VPC endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpointId": { "type": "string", "description": "The ID of the VPC endpoint with which the subnet will be associated.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcIpam:VpcIpam": { "description": "Provides an IPAM resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst main = new aws.ec2.VpcIpam(\"main\", {\n description: \"My IPAM\",\n operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n }],\n tags: {\n Test: \"Main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nmain = aws.ec2.VpcIpam(\"main\",\n description=\"My IPAM\",\n operating_regions=[{\n \"region_name\": current.name,\n }],\n tags={\n \"Test\": \"Main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var main = new Aws.Ec2.VpcIpam(\"main\", new()\n {\n Description = \"My IPAM\",\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n Tags = \n {\n { \"Test\", \"Main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpam(ctx, \"main\", \u0026ec2.VpcIpamArgs{\n\t\t\tDescription: pulumi.String(\"My IPAM\"),\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Test\": pulumi.String(\"Main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var main = new VpcIpam(\"main\", VpcIpamArgs.builder()\n .description(\"My IPAM\")\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .tags(Map.of(\"Test\", \"Main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:VpcIpam\n properties:\n description: My IPAM\n operatingRegions:\n - regionName: ${current.name}\n tags:\n Test: Main\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nShared with multiple operating_regions:\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the IPAM `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpam:VpcIpam example ipam-0178368ad2146a492\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM\n" }, "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM, private scopes, pools in private scopes, and any allocations in the pools in private scopes.\n" }, "defaultResourceDiscoveryAssociationId": { "type": "string", "description": "The IPAM's default resource discovery association ID.\n" }, "defaultResourceDiscoveryId": { "type": "string", "description": "The IPAM's default resource discovery ID.\n" }, "description": { "type": "string", "description": "A description for the IPAM.\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamOperatingRegion:VpcIpamOperatingRegion" }, "description": "Determines which locales can be chosen when you create pools. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. You **must** set your provider block region as an operating_region.\n" }, "privateDefaultScopeId": { "type": "string", "description": "The ID of the IPAM's private scope. A scope is a top-level container in IPAM. Each scope represents an IP-independent network. Scopes enable you to represent networks where you have overlapping IP space. When you create an IPAM, IPAM automatically creates two scopes: public and private. The private scope is intended for private IP space. The public scope is intended for all internet-routable IP space.\n" }, "publicDefaultScopeId": { "type": "string", "description": "The ID of the IPAM's public scope. A scope is a top-level container in IPAM. Each scope represents an IP-independent network. Scopes enable you to represent networks where you have overlapping IP space. When you create an IPAM, IPAM automatically creates two scopes: public and private. The private scope is intended for private\nIP space. The public scope is intended for all internet-routable IP space.\n" }, "scopeCount": { "type": "integer", "description": "The number of scopes in the IPAM.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tier": { "type": "string", "description": "specifies the IPAM tier. Valid options include `free` and `advanced`. Default is `advanced`.\n" } }, "required": [ "arn", "defaultResourceDiscoveryAssociationId", "defaultResourceDiscoveryId", "operatingRegions", "privateDefaultScopeId", "publicDefaultScopeId", "scopeCount", "tagsAll" ], "inputProperties": { "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM, private scopes, pools in private scopes, and any allocations in the pools in private scopes.\n" }, "description": { "type": "string", "description": "A description for the IPAM.\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamOperatingRegion:VpcIpamOperatingRegion" }, "description": "Determines which locales can be chosen when you create pools. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. You **must** set your provider block region as an operating_region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tier": { "type": "string", "description": "specifies the IPAM tier. Valid options include `free` and `advanced`. Default is `advanced`.\n" } }, "requiredInputs": [ "operatingRegions" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpam resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM\n" }, "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM, private scopes, pools in private scopes, and any allocations in the pools in private scopes.\n" }, "defaultResourceDiscoveryAssociationId": { "type": "string", "description": "The IPAM's default resource discovery association ID.\n" }, "defaultResourceDiscoveryId": { "type": "string", "description": "The IPAM's default resource discovery ID.\n" }, "description": { "type": "string", "description": "A description for the IPAM.\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamOperatingRegion:VpcIpamOperatingRegion" }, "description": "Determines which locales can be chosen when you create pools. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. You **must** set your provider block region as an operating_region.\n" }, "privateDefaultScopeId": { "type": "string", "description": "The ID of the IPAM's private scope. A scope is a top-level container in IPAM. Each scope represents an IP-independent network. Scopes enable you to represent networks where you have overlapping IP space. When you create an IPAM, IPAM automatically creates two scopes: public and private. The private scope is intended for private IP space. The public scope is intended for all internet-routable IP space.\n" }, "publicDefaultScopeId": { "type": "string", "description": "The ID of the IPAM's public scope. A scope is a top-level container in IPAM. Each scope represents an IP-independent network. Scopes enable you to represent networks where you have overlapping IP space. When you create an IPAM, IPAM automatically creates two scopes: public and private. The private scope is intended for private\nIP space. The public scope is intended for all internet-routable IP space.\n" }, "scopeCount": { "type": "integer", "description": "The number of scopes in the IPAM.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tier": { "type": "string", "description": "specifies the IPAM tier. Valid options include `free` and `advanced`. Default is `advanced`.\n" } }, "type": "object" } }, "aws:ec2/vpcIpamOrganizationAdminAccount:VpcIpamOrganizationAdminAccount": { "description": "Enables the IPAM Service and promotes a delegated administrator.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst delegated = aws.getCallerIdentity({});\nconst example = new aws.ec2.VpcIpamOrganizationAdminAccount(\"example\", {delegatedAdminAccountId: delegated.then(delegated =\u003e delegated.accountId)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndelegated = aws.get_caller_identity()\nexample = aws.ec2.VpcIpamOrganizationAdminAccount(\"example\", delegated_admin_account_id=delegated.account_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var delegated = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.VpcIpamOrganizationAdminAccount(\"example\", new()\n {\n DelegatedAdminAccountId = delegated.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdelegated, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamOrganizationAdminAccount(ctx, \"example\", \u0026ec2.VpcIpamOrganizationAdminAccountArgs{\n\t\t\tDelegatedAdminAccountId: pulumi.String(delegated.AccountId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpcIpamOrganizationAdminAccount;\nimport com.pulumi.aws.ec2.VpcIpamOrganizationAdminAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var delegated = AwsFunctions.getCallerIdentity();\n\n var example = new VpcIpamOrganizationAdminAccount(\"example\", VpcIpamOrganizationAdminAccountArgs.builder()\n .delegatedAdminAccountId(delegated.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamOrganizationAdminAccount\n properties:\n delegatedAdminAccountId: ${delegated.accountId}\nvariables:\n delegated:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the delegate account `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamOrganizationAdminAccount:VpcIpamOrganizationAdminAccount example 12345678901\n```\n", "properties": { "arn": { "type": "string", "description": "The Organizations ARN for the delegate account.\n" }, "delegatedAdminAccountId": { "type": "string" }, "email": { "type": "string", "description": "The Organizations email for the delegate account.\n" }, "name": { "type": "string", "description": "The Organizations name for the delegate account.\n" }, "servicePrincipal": { "type": "string", "description": "The AWS service principal.\n" } }, "required": [ "arn", "delegatedAdminAccountId", "email", "name", "servicePrincipal" ], "inputProperties": { "delegatedAdminAccountId": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "delegatedAdminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamOrganizationAdminAccount resources.\n", "properties": { "arn": { "type": "string", "description": "The Organizations ARN for the delegate account.\n" }, "delegatedAdminAccountId": { "type": "string", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The Organizations email for the delegate account.\n" }, "name": { "type": "string", "description": "The Organizations name for the delegate account.\n" }, "servicePrincipal": { "type": "string", "description": "The AWS service principal.\n" } }, "type": "object" } }, "aws:ec2/vpcIpamPool:VpcIpamPool": { "description": "Provides an IP address pool resource for IPAM.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: example.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example.private_default_scope_id,\n locale=current.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = example.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: example.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new VpcIpam(\"example\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(example.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${example.privateDefaultScopeId}\n locale: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nNested Pools:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst parent = new aws.ec2.VpcIpamPool(\"parent\", {\n addressFamily: \"ipv4\",\n ipamScopeId: example.privateDefaultScopeId,\n});\nconst parentTest = new aws.ec2.VpcIpamPoolCidr(\"parent_test\", {\n ipamPoolId: parent.id,\n cidr: \"172.20.0.0/16\",\n});\nconst child = new aws.ec2.VpcIpamPool(\"child\", {\n addressFamily: \"ipv4\",\n ipamScopeId: example.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n sourceIpamPoolId: parent.id,\n});\nconst childTest = new aws.ec2.VpcIpamPoolCidr(\"child_test\", {\n ipamPoolId: child.id,\n cidr: \"172.20.0.0/24\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nparent = aws.ec2.VpcIpamPool(\"parent\",\n address_family=\"ipv4\",\n ipam_scope_id=example.private_default_scope_id)\nparent_test = aws.ec2.VpcIpamPoolCidr(\"parent_test\",\n ipam_pool_id=parent.id,\n cidr=\"172.20.0.0/16\")\nchild = aws.ec2.VpcIpamPool(\"child\",\n address_family=\"ipv4\",\n ipam_scope_id=example.private_default_scope_id,\n locale=current.name,\n source_ipam_pool_id=parent.id)\nchild_test = aws.ec2.VpcIpamPoolCidr(\"child_test\",\n ipam_pool_id=child.id,\n cidr=\"172.20.0.0/24\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var parent = new Aws.Ec2.VpcIpamPool(\"parent\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = example.PrivateDefaultScopeId,\n });\n\n var parentTest = new Aws.Ec2.VpcIpamPoolCidr(\"parent_test\", new()\n {\n IpamPoolId = parent.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var child = new Aws.Ec2.VpcIpamPool(\"child\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = example.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n SourceIpamPoolId = parent.Id,\n });\n\n var childTest = new Aws.Ec2.VpcIpamPoolCidr(\"child_test\", new()\n {\n IpamPoolId = child.Id,\n Cidr = \"172.20.0.0/24\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tparent, err := ec2.NewVpcIpamPool(ctx, \"parent\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: example.PrivateDefaultScopeId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"parent_test\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: parent.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tchild, err := ec2.NewVpcIpamPool(ctx, \"child\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: example.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t\tSourceIpamPoolId: parent.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"child_test\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: child.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new VpcIpam(\"example\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var parent = new VpcIpamPool(\"parent\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(example.privateDefaultScopeId())\n .build());\n\n var parentTest = new VpcIpamPoolCidr(\"parentTest\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(parent.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var child = new VpcIpamPool(\"child\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(example.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .sourceIpamPoolId(parent.id())\n .build());\n\n var childTest = new VpcIpamPoolCidr(\"childTest\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(child.id())\n .cidr(\"172.20.0.0/24\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n parent:\n type: aws:ec2:VpcIpamPool\n properties:\n addressFamily: ipv4\n ipamScopeId: ${example.privateDefaultScopeId}\n parentTest:\n type: aws:ec2:VpcIpamPoolCidr\n name: parent_test\n properties:\n ipamPoolId: ${parent.id}\n cidr: 172.20.0.0/16\n child:\n type: aws:ec2:VpcIpamPool\n properties:\n addressFamily: ipv4\n ipamScopeId: ${example.privateDefaultScopeId}\n locale: ${current.name}\n sourceIpamPoolId: ${parent.id}\n childTest:\n type: aws:ec2:VpcIpamPoolCidr\n name: child_test\n properties:\n ipamPoolId: ${child.id}\n cidr: 172.20.0.0/24\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the IPAM pool `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamPool:VpcIpamPool example ipam-pool-0958f95207d978e1e\n```\n", "properties": { "addressFamily": { "type": "string", "description": "The IP protocol assigned to this pool. You must choose either IPv4 or IPv6 protocol for a pool.\n" }, "allocationDefaultNetmaskLength": { "type": "integer", "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16 (unless you provide a different netmask value when you create the new allocation).\n" }, "allocationMaxNetmaskLength": { "type": "integer", "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationMinNetmaskLength": { "type": "integer", "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM\n" }, "autoImport": { "type": "boolean", "description": "If you include this argument, IPAM automatically imports any VPCs you have in your scope that fall\nwithin the CIDR range in the pool.\n" }, "awsService": { "type": "string", "description": "Limits which AWS service the pool can be used in. Only useable on public scopes. Valid Values: `ec2`.\n" }, "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM pool and all resources within that pool, including provisioned CIDRs, allocations, and other pools.\n" }, "description": { "type": "string", "description": "A description for the IPAM pool.\n" }, "ipamScopeId": { "type": "string", "description": "The ID of the scope in which you would like to create the IPAM pool.\n" }, "ipamScopeType": { "type": "string" }, "locale": { "type": "string", "description": "The locale in which you would like to create the IPAM pool. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. Possible values: Any AWS region, such as `us-east-1`.\n" }, "poolDepth": { "type": "integer" }, "publicIpSource": { "type": "string", "description": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Valid values are `byoip` or `amazon`. Default is `byoip`.\n" }, "publiclyAdvertisable": { "type": "boolean", "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet. This argument is required if `address_family = \"ipv6\"` and `public_ip_source = \"byoip\"`, default is `false`. This option is not available for IPv4 pool space or if `public_ip_source = \"amazon\"`.\n" }, "sourceIpamPoolId": { "type": "string", "description": "The ID of the source IPAM pool. Use this argument to create a child pool within an existing pool.\n" }, "state": { "type": "string", "description": "The ID of the IPAM\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "addressFamily", "arn", "ipamScopeId", "ipamScopeType", "poolDepth", "state", "tagsAll" ], "inputProperties": { "addressFamily": { "type": "string", "description": "The IP protocol assigned to this pool. You must choose either IPv4 or IPv6 protocol for a pool.\n", "willReplaceOnChanges": true }, "allocationDefaultNetmaskLength": { "type": "integer", "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16 (unless you provide a different netmask value when you create the new allocation).\n" }, "allocationMaxNetmaskLength": { "type": "integer", "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationMinNetmaskLength": { "type": "integer", "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.\n" }, "autoImport": { "type": "boolean", "description": "If you include this argument, IPAM automatically imports any VPCs you have in your scope that fall\nwithin the CIDR range in the pool.\n" }, "awsService": { "type": "string", "description": "Limits which AWS service the pool can be used in. Only useable on public scopes. Valid Values: `ec2`.\n", "willReplaceOnChanges": true }, "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM pool and all resources within that pool, including provisioned CIDRs, allocations, and other pools.\n" }, "description": { "type": "string", "description": "A description for the IPAM pool.\n" }, "ipamScopeId": { "type": "string", "description": "The ID of the scope in which you would like to create the IPAM pool.\n", "willReplaceOnChanges": true }, "locale": { "type": "string", "description": "The locale in which you would like to create the IPAM pool. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. Possible values: Any AWS region, such as `us-east-1`.\n", "willReplaceOnChanges": true }, "publicIpSource": { "type": "string", "description": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Valid values are `byoip` or `amazon`. Default is `byoip`.\n", "willReplaceOnChanges": true }, "publiclyAdvertisable": { "type": "boolean", "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet. This argument is required if `address_family = \"ipv6\"` and `public_ip_source = \"byoip\"`, default is `false`. This option is not available for IPv4 pool space or if `public_ip_source = \"amazon\"`.\n" }, "sourceIpamPoolId": { "type": "string", "description": "The ID of the source IPAM pool. Use this argument to create a child pool within an existing pool.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "addressFamily", "ipamScopeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamPool resources.\n", "properties": { "addressFamily": { "type": "string", "description": "The IP protocol assigned to this pool. You must choose either IPv4 or IPv6 protocol for a pool.\n", "willReplaceOnChanges": true }, "allocationDefaultNetmaskLength": { "type": "integer", "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16 (unless you provide a different netmask value when you create the new allocation).\n" }, "allocationMaxNetmaskLength": { "type": "integer", "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationMinNetmaskLength": { "type": "integer", "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n" }, "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM\n" }, "autoImport": { "type": "boolean", "description": "If you include this argument, IPAM automatically imports any VPCs you have in your scope that fall\nwithin the CIDR range in the pool.\n" }, "awsService": { "type": "string", "description": "Limits which AWS service the pool can be used in. Only useable on public scopes. Valid Values: `ec2`.\n", "willReplaceOnChanges": true }, "cascade": { "type": "boolean", "description": "Enables you to quickly delete an IPAM pool and all resources within that pool, including provisioned CIDRs, allocations, and other pools.\n" }, "description": { "type": "string", "description": "A description for the IPAM pool.\n" }, "ipamScopeId": { "type": "string", "description": "The ID of the scope in which you would like to create the IPAM pool.\n", "willReplaceOnChanges": true }, "ipamScopeType": { "type": "string" }, "locale": { "type": "string", "description": "The locale in which you would like to create the IPAM pool. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region. Possible values: Any AWS region, such as `us-east-1`.\n", "willReplaceOnChanges": true }, "poolDepth": { "type": "integer" }, "publicIpSource": { "type": "string", "description": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Valid values are `byoip` or `amazon`. Default is `byoip`.\n", "willReplaceOnChanges": true }, "publiclyAdvertisable": { "type": "boolean", "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet. This argument is required if `address_family = \"ipv6\"` and `public_ip_source = \"byoip\"`, default is `false`. This option is not available for IPv4 pool space or if `public_ip_source = \"amazon\"`.\n" }, "sourceIpamPoolId": { "type": "string", "description": "The ID of the source IPAM pool. Use this argument to create a child pool within an existing pool.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The ID of the IPAM\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcIpamPoolCidr:VpcIpamPoolCidr": { "description": "Provisions a CIDR from an IPAM address pool.\n\n\u003e **NOTE:** Provisioning Public IPv4 or Public IPv6 require [steps outside the scope of this resource](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#prepare-for-byoip). The resource accepts `message` and `signature` as part of the `cidr_authorization_context` attribute but those must be generated ahead of time. Public IPv6 CIDRs that are provisioned into a Pool with `publicly_advertisable = true` and all public IPv4 CIDRs also require creating a Route Origin Authorization (ROA) object in your Regional Internet Registry (RIR).\n\n\u003e **NOTE:** In order to deprovision CIDRs all Allocations must be released. Allocations created by a VPC take up to 30 minutes to be released. However, for IPAM to properly manage the removal of allocation records created by VPCs and other resources, you must [grant it permissions](https://docs.aws.amazon.com/vpc/latest/ipam/choose-single-user-or-orgs-ipam.html) in\neither a single account or organizationally. If you are unable to deprovision a cidr after waiting over 30 minutes, you may be missing the Service Linked Role.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: example.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = example.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: example.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new VpcIpam(\"example\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(example.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${example.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nProvision Public IPv6 Pool CIDRs:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst ipv6TestPublic = new aws.ec2.VpcIpamPool(\"ipv6_test_public\", {\n addressFamily: \"ipv6\",\n ipamScopeId: example.publicDefaultScopeId,\n locale: \"us-east-1\",\n description: \"public ipv6\",\n publiclyAdvertisable: false,\n publicIpSource: \"amazon\",\n awsService: \"ec2\",\n});\nconst ipv6TestPublicVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"ipv6_test_public\", {\n ipamPoolId: ipv6TestPublic.id,\n netmaskLength: 52,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nipv6_test_public = aws.ec2.VpcIpamPool(\"ipv6_test_public\",\n address_family=\"ipv6\",\n ipam_scope_id=example.public_default_scope_id,\n locale=\"us-east-1\",\n description=\"public ipv6\",\n publicly_advertisable=False,\n public_ip_source=\"amazon\",\n aws_service=\"ec2\")\nipv6_test_public_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"ipv6_test_public\",\n ipam_pool_id=ipv6_test_public.id,\n netmask_length=52)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var ipv6TestPublic = new Aws.Ec2.VpcIpamPool(\"ipv6_test_public\", new()\n {\n AddressFamily = \"ipv6\",\n IpamScopeId = example.PublicDefaultScopeId,\n Locale = \"us-east-1\",\n Description = \"public ipv6\",\n PubliclyAdvertisable = false,\n PublicIpSource = \"amazon\",\n AwsService = \"ec2\",\n });\n\n var ipv6TestPublicVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"ipv6_test_public\", new()\n {\n IpamPoolId = ipv6TestPublic.Id,\n NetmaskLength = 52,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tipv6TestPublic, err := ec2.NewVpcIpamPool(ctx, \"ipv6_test_public\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv6\"),\n\t\t\tIpamScopeId: example.PublicDefaultScopeId,\n\t\t\tLocale: pulumi.String(\"us-east-1\"),\n\t\t\tDescription: pulumi.String(\"public ipv6\"),\n\t\t\tPubliclyAdvertisable: pulumi.Bool(false),\n\t\t\tPublicIpSource: pulumi.String(\"amazon\"),\n\t\t\tAwsService: pulumi.String(\"ec2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"ipv6_test_public\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: ipv6TestPublic.ID(),\n\t\t\tNetmaskLength: pulumi.Int(52),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new VpcIpam(\"example\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var ipv6TestPublic = new VpcIpamPool(\"ipv6TestPublic\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv6\")\n .ipamScopeId(example.publicDefaultScopeId())\n .locale(\"us-east-1\")\n .description(\"public ipv6\")\n .publiclyAdvertisable(false)\n .publicIpSource(\"amazon\")\n .awsService(\"ec2\")\n .build());\n\n var ipv6TestPublicVpcIpamPoolCidr = new VpcIpamPoolCidr(\"ipv6TestPublicVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(ipv6TestPublic.id())\n .netmaskLength(52)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n ipv6TestPublic:\n type: aws:ec2:VpcIpamPool\n name: ipv6_test_public\n properties:\n addressFamily: ipv6\n ipamScopeId: ${example.publicDefaultScopeId}\n locale: us-east-1\n description: public ipv6\n publiclyAdvertisable: false\n publicIpSource: amazon\n awsService: ec2\n ipv6TestPublicVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: ipv6_test_public\n properties:\n ipamPoolId: ${ipv6TestPublic.id}\n netmaskLength: 52\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the `\u003ccidr\u003e_\u003cipam-pool-id\u003e`. For example:\n\n__NOTE:__ Do not use the IPAM Pool Cidr ID as this was introduced after the resource already existed.\n\n```sh\n$ pulumi import aws:ec2/vpcIpamPoolCidr:VpcIpamPoolCidr example 172.20.0.0/24_ipam-pool-0e634f5a1517cccdc\n```\n", "properties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool. Conflicts with `netmask_length`.\n" }, "cidrAuthorizationContext": { "$ref": "#/types/aws:ec2/VpcIpamPoolCidrCidrAuthorizationContext:VpcIpamPoolCidrCidrAuthorizationContext", "description": "A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP. This is not stored in the state file. See cidr_authorization_context for more information.\n" }, "ipamPoolCidrId": { "type": "string", "description": "The unique ID generated by AWS for the pool cidr. Typically this is the resource `id` but this attribute was added to the API calls after the fact and is therefore not used as the resource id.\n" }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n" }, "netmaskLength": { "type": "integer", "description": "If provided, the cidr provisioned into the specified pool will be the next available cidr given this declared netmask length. Conflicts with `cidr`.\n" } }, "required": [ "cidr", "ipamPoolCidrId", "ipamPoolId" ], "inputProperties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool. Conflicts with `netmask_length`.\n", "willReplaceOnChanges": true }, "cidrAuthorizationContext": { "$ref": "#/types/aws:ec2/VpcIpamPoolCidrCidrAuthorizationContext:VpcIpamPoolCidrCidrAuthorizationContext", "description": "A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP. This is not stored in the state file. See cidr_authorization_context for more information.\n", "willReplaceOnChanges": true }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "If provided, the cidr provisioned into the specified pool will be the next available cidr given this declared netmask length. Conflicts with `cidr`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ipamPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamPoolCidr resources.\n", "properties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool. Conflicts with `netmask_length`.\n", "willReplaceOnChanges": true }, "cidrAuthorizationContext": { "$ref": "#/types/aws:ec2/VpcIpamPoolCidrCidrAuthorizationContext:VpcIpamPoolCidrCidrAuthorizationContext", "description": "A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP. This is not stored in the state file. See cidr_authorization_context for more information.\n", "willReplaceOnChanges": true }, "ipamPoolCidrId": { "type": "string", "description": "The unique ID generated by AWS for the pool cidr. Typically this is the resource `id` but this attribute was added to the API calls after the fact and is therefore not used as the resource id.\n" }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "If provided, the cidr provisioned into the specified pool will be the next available cidr given this declared netmask length. Conflicts with `cidr`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation": { "description": "Allocates (reserves) a CIDR from an IPAM address pool, preventing usage by IPAM. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/24\",\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/24\",\n opts = pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/24\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/24\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/24\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/24\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith the `disallowed_cidrs` attribute:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.20.0.0/28\"],\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.20.0.0/28\"],\n opts = pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.20.0.0/28\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.20.0.0/28\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.20.0.0/28\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.20.0.0/28\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAM allocations using the allocation `id` and `pool id`, separated by `_`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation example ipam-pool-alloc-0dc6d196509c049ba8b549ff99f639736_ipam-pool-07cfb559e0921fcbe\n```\n", "properties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool.\n" }, "description": { "type": "string", "description": "The description for the allocation.\n" }, "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n" }, "ipamPoolAllocationId": { "type": "string" }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n" }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to allocate to the IPAM pool. Valid Values: `0-128`.\n" }, "resourceId": { "type": "string", "description": "The ID of the resource.\n" }, "resourceOwner": { "type": "string", "description": "The owner of the resource.\n" }, "resourceType": { "type": "string", "description": "The type of the resource.\n" } }, "required": [ "cidr", "ipamPoolAllocationId", "ipamPoolId", "resourceId", "resourceOwner", "resourceType" ], "inputProperties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description for the allocation.\n", "willReplaceOnChanges": true }, "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n", "willReplaceOnChanges": true }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to allocate to the IPAM pool. Valid Values: `0-128`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ipamPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamPoolCidrAllocation resources.\n", "properties": { "cidr": { "type": "string", "description": "The CIDR you want to assign to the pool.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description for the allocation.\n", "willReplaceOnChanges": true }, "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n", "willReplaceOnChanges": true }, "ipamPoolAllocationId": { "type": "string" }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to allocate to the IPAM pool. Valid Values: `0-128`.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The ID of the resource.\n" }, "resourceOwner": { "type": "string", "description": "The owner of the resource.\n" }, "resourceType": { "type": "string", "description": "The type of the resource.\n" } }, "type": "object" } }, "aws:ec2/vpcIpamPreviewNextCidr:VpcIpamPreviewNextCidr": { "description": "Previews a CIDR from an IPAM address pool. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPreviewNextCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.2.0.0/32\"],\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPreviewNextCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.2.0.0/32\"],\n opts = pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPreviewNextCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.2.0.0/32\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPreviewNextCidr(ctx, \"example\", \u0026ec2.VpcIpamPreviewNextCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.2.0.0/32\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidr;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidrArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder()\n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPreviewNextCidr(\"example\", VpcIpamPreviewNextCidrArgs.builder()\n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.2.0.0/32\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPreviewNextCidr\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.2.0.0/32\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "cidr": { "type": "string", "description": "The previewed CIDR from the pool.\n" }, "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n" }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n" }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to preview from the IPAM pool.\n" } }, "required": [ "cidr", "ipamPoolId" ], "inputProperties": { "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n", "willReplaceOnChanges": true }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to preview from the IPAM pool.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ipamPoolId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamPreviewNextCidr resources.\n", "properties": { "cidr": { "type": "string", "description": "The previewed CIDR from the pool.\n" }, "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n", "willReplaceOnChanges": true }, "ipamPoolId": { "type": "string", "description": "The ID of the pool to which you want to assign a CIDR.\n", "willReplaceOnChanges": true }, "netmaskLength": { "type": "integer", "description": "The netmask length of the CIDR you would like to preview from the IPAM pool.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcIpamResourceDiscovery:VpcIpamResourceDiscovery": { "description": "Provides an IPAM Resource Discovery resource. IPAM Resource Discoveries are resources meant for multi-organization customers. If you wish to use a single IPAM across multiple orgs, a resource discovery can be created and shared from a subordinate organization to the management organizations IPAM delegated admin account. For a full deployment example, see `aws.ec2.VpcIpamResourceDiscoveryAssociation` resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst main = new aws.ec2.VpcIpamResourceDiscovery(\"main\", {\n description: \"My IPAM Resource Discovery\",\n operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n }],\n tags: {\n Test: \"Main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nmain = aws.ec2.VpcIpamResourceDiscovery(\"main\",\n description=\"My IPAM Resource Discovery\",\n operating_regions=[{\n \"region_name\": current.name,\n }],\n tags={\n \"Test\": \"Main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var main = new Aws.Ec2.VpcIpamResourceDiscovery(\"main\", new()\n {\n Description = \"My IPAM Resource Discovery\",\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamResourceDiscoveryOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n Tags = \n {\n { \"Test\", \"Main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamResourceDiscovery(ctx, \"main\", \u0026ec2.VpcIpamResourceDiscoveryArgs{\n\t\t\tDescription: pulumi.String(\"My IPAM Resource Discovery\"),\n\t\t\tOperatingRegions: ec2.VpcIpamResourceDiscoveryOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamResourceDiscoveryOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Test\": pulumi.String(\"Main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamResourceDiscovery;\nimport com.pulumi.aws.ec2.VpcIpamResourceDiscoveryArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamResourceDiscoveryOperatingRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var main = new VpcIpamResourceDiscovery(\"main\", VpcIpamResourceDiscoveryArgs.builder()\n .description(\"My IPAM Resource Discovery\")\n .operatingRegions(VpcIpamResourceDiscoveryOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .tags(Map.of(\"Test\", \"Main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:VpcIpamResourceDiscovery\n properties:\n description: My IPAM Resource Discovery\n operatingRegions:\n - regionName: ${current.name}\n tags:\n Test: Main\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the IPAM resource discovery `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamResourceDiscovery:VpcIpamResourceDiscovery example ipam-res-disco-0178368ad2146a492\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM Resource Discovery\n" }, "description": { "type": "string", "description": "A description for the IPAM Resource Discovery.\n" }, "ipamResourceDiscoveryRegion": { "type": "string", "description": "The home region of the Resource Discovery\n" }, "isDefault": { "type": "boolean", "description": "A boolean to identify if the Resource Discovery is the accounts default resource discovery\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamResourceDiscoveryOperatingRegion:VpcIpamResourceDiscoveryOperatingRegion" }, "description": "Determines which regions the Resource Discovery will enable IPAM features for usage and monitoring. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM Resource Discovery. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. **You must set your provider block region as an operating_region.**\n" }, "ownerId": { "type": "string", "description": "The account ID for the account that manages the Resource Discovery\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ipamResourceDiscoveryRegion", "isDefault", "operatingRegions", "ownerId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description for the IPAM Resource Discovery.\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamResourceDiscoveryOperatingRegion:VpcIpamResourceDiscoveryOperatingRegion" }, "description": "Determines which regions the Resource Discovery will enable IPAM features for usage and monitoring. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM Resource Discovery. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. **You must set your provider block region as an operating_region.**\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "operatingRegions" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamResourceDiscovery resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of IPAM Resource Discovery\n" }, "description": { "type": "string", "description": "A description for the IPAM Resource Discovery.\n" }, "ipamResourceDiscoveryRegion": { "type": "string", "description": "The home region of the Resource Discovery\n" }, "isDefault": { "type": "boolean", "description": "A boolean to identify if the Resource Discovery is the accounts default resource discovery\n" }, "operatingRegions": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpcIpamResourceDiscoveryOperatingRegion:VpcIpamResourceDiscoveryOperatingRegion" }, "description": "Determines which regions the Resource Discovery will enable IPAM features for usage and monitoring. Locale is the Region where you want to make an IPAM pool available for allocations. You can only create pools with locales that match the operating Regions of the IPAM Resource Discovery. You can only create VPCs from a pool whose locale matches the VPC's Region. You specify a region using the region_name parameter. **You must set your provider block region as an operating_region.**\n" }, "ownerId": { "type": "string", "description": "The account ID for the account that manages the Resource Discovery\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcIpamResourceDiscoveryAssociation:VpcIpamResourceDiscoveryAssociation": { "description": "Provides an association between an Amazon IP Address Manager (IPAM) and a IPAM Resource Discovery. IPAM Resource Discoveries are resources meant for multi-organization customers. If you wish to use a single IPAM across multiple orgs, a resource discovery can be created and shared from a subordinate organization to the management organizations IPAM delegated admin account.\n\nOnce an association is created between two organizations via IPAM \u0026 a IPAM Resource Discovery, IPAM Pools can be shared via Resource Access Manager (RAM) to accounts in the subordinate organization; these RAM shares must be accepted by the end user account. Pools can then also discover and monitor IPAM resources in the subordinate organization.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.VpcIpamResourceDiscoveryAssociation(\"test\", {\n ipamId: testAwsVpcIpam.id,\n ipamResourceDiscoveryId: testAwsVpcIpamResourceDiscovery.id,\n tags: {\n Name: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.VpcIpamResourceDiscoveryAssociation(\"test\",\n ipam_id=test_aws_vpc_ipam[\"id\"],\n ipam_resource_discovery_id=test_aws_vpc_ipam_resource_discovery[\"id\"],\n tags={\n \"Name\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.VpcIpamResourceDiscoveryAssociation(\"test\", new()\n {\n IpamId = testAwsVpcIpam.Id,\n IpamResourceDiscoveryId = testAwsVpcIpamResourceDiscovery.Id,\n Tags = \n {\n { \"Name\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcIpamResourceDiscoveryAssociation(ctx, \"test\", \u0026ec2.VpcIpamResourceDiscoveryAssociationArgs{\n\t\t\tIpamId: pulumi.Any(testAwsVpcIpam.Id),\n\t\t\tIpamResourceDiscoveryId: pulumi.Any(testAwsVpcIpamResourceDiscovery.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcIpamResourceDiscoveryAssociation;\nimport com.pulumi.aws.ec2.VpcIpamResourceDiscoveryAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new VpcIpamResourceDiscoveryAssociation(\"test\", VpcIpamResourceDiscoveryAssociationArgs.builder()\n .ipamId(testAwsVpcIpam.id())\n .ipamResourceDiscoveryId(testAwsVpcIpamResourceDiscovery.id())\n .tags(Map.of(\"Name\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:VpcIpamResourceDiscoveryAssociation\n properties:\n ipamId: ${testAwsVpcIpam.id}\n ipamResourceDiscoveryId: ${testAwsVpcIpamResourceDiscovery.id}\n tags:\n Name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the IPAM resource discovery association `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamResourceDiscoveryAssociation:VpcIpamResourceDiscoveryAssociation example ipam-res-disco-assoc-0178368ad2146a492\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of IPAM Resource Discovery Association.\n" }, "ipamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IPAM.\n" }, "ipamId": { "type": "string", "description": "The ID of the IPAM to associate.\n" }, "ipamRegion": { "type": "string", "description": "The home region of the IPAM.\n" }, "ipamResourceDiscoveryId": { "type": "string", "description": "The ID of the Resource Discovery to associate.\n" }, "isDefault": { "type": "boolean", "description": "A boolean to identify if the Resource Discovery is the accounts default resource discovery.\n" }, "ownerId": { "type": "string", "description": "The account ID for the account that manages the Resource Discovery\n" }, "state": { "type": "string", "description": "The lifecycle state of the association when you associate or disassociate a resource discovery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to add to the IPAM resource discovery association resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ipamArn", "ipamId", "ipamRegion", "ipamResourceDiscoveryId", "isDefault", "ownerId", "state", "tagsAll" ], "inputProperties": { "ipamId": { "type": "string", "description": "The ID of the IPAM to associate.\n" }, "ipamResourceDiscoveryId": { "type": "string", "description": "The ID of the Resource Discovery to associate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to add to the IPAM resource discovery association resource.\n" } }, "requiredInputs": [ "ipamId", "ipamResourceDiscoveryId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamResourceDiscoveryAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of IPAM Resource Discovery Association.\n" }, "ipamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IPAM.\n" }, "ipamId": { "type": "string", "description": "The ID of the IPAM to associate.\n" }, "ipamRegion": { "type": "string", "description": "The home region of the IPAM.\n" }, "ipamResourceDiscoveryId": { "type": "string", "description": "The ID of the Resource Discovery to associate.\n" }, "isDefault": { "type": "boolean", "description": "A boolean to identify if the Resource Discovery is the accounts default resource discovery.\n" }, "ownerId": { "type": "string", "description": "The account ID for the account that manages the Resource Discovery\n" }, "state": { "type": "string", "description": "The lifecycle state of the association when you associate or disassociate a resource discovery.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to add to the IPAM resource discovery association resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcIpamScope:VpcIpamScope": { "description": "Creates a scope for AWS IPAM.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamScope = new aws.ec2.VpcIpamScope(\"example\", {\n ipamId: example.id,\n description: \"Another Scope\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.VpcIpam(\"example\", operating_regions=[{\n \"region_name\": current.name,\n}])\nexample_vpc_ipam_scope = aws.ec2.VpcIpamScope(\"example\",\n ipam_id=example.id,\n description=\"Another Scope\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamScope = new Aws.Ec2.VpcIpamScope(\"example\", new()\n {\n IpamId = example.Id,\n Description = \"Another Scope\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamScope(ctx, \"example\", \u0026ec2.VpcIpamScopeArgs{\n\t\t\tIpamId: example.ID(),\n\t\t\tDescription: pulumi.String(\"Another Scope\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamScope;\nimport com.pulumi.aws.ec2.VpcIpamScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new VpcIpam(\"example\", VpcIpamArgs.builder()\n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamScope = new VpcIpamScope(\"exampleVpcIpamScope\", VpcIpamScopeArgs.builder()\n .ipamId(example.id())\n .description(\"Another Scope\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n exampleVpcIpamScope:\n type: aws:ec2:VpcIpamScope\n name: example\n properties:\n ipamId: ${example.id}\n description: Another Scope\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAMs using the `scope_id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamScope:VpcIpamScope example ipam-scope-0513c69f283d11dfb\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the scope.\n" }, "description": { "type": "string", "description": "A description for the scope you're creating.\n" }, "ipamArn": { "type": "string", "description": "The ARN of the IPAM for which you're creating this scope.\n" }, "ipamId": { "type": "string", "description": "The ID of the IPAM for which you're creating this scope.\n" }, "ipamScopeType": { "type": "string" }, "isDefault": { "type": "boolean", "description": "Defines if the scope is the default scope or not.\n" }, "poolCount": { "type": "integer", "description": "The number of pools in the scope.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ipamArn", "ipamId", "ipamScopeType", "isDefault", "poolCount", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description for the scope you're creating.\n" }, "ipamId": { "type": "string", "description": "The ID of the IPAM for which you're creating this scope.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "ipamId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpamScope resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the scope.\n" }, "description": { "type": "string", "description": "A description for the scope you're creating.\n" }, "ipamArn": { "type": "string", "description": "The ARN of the IPAM for which you're creating this scope.\n" }, "ipamId": { "type": "string", "description": "The ID of the IPAM for which you're creating this scope.\n" }, "ipamScopeType": { "type": "string" }, "isDefault": { "type": "boolean", "description": "Defines if the scope is the default scope or not.\n" }, "poolCount": { "type": "integer", "description": "The number of pools in the scope.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation": { "description": "Provides a resource to associate additional IPv4 CIDR blocks with a VPC.\n\nWhen a VPC is created, a primary IPv4 CIDR block for the VPC must be specified.\nThe `aws.ec2.VpcIpv4CidrBlockAssociation` resource allows further IPv4 CIDR blocks to be added to the VPC.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst secondaryCidr = new aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", {\n vpcId: main.id,\n cidrBlock: \"172.20.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nsecondary_cidr = aws.ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\",\n vpc_id=main.id,\n cidr_block=\"172.20.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var secondaryCidr = new Aws.Ec2.VpcIpv4CidrBlockAssociation(\"secondary_cidr\", new()\n {\n VpcId = main.Id,\n CidrBlock = \"172.20.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpv4CidrBlockAssociation(ctx, \"secondary_cidr\", \u0026ec2.VpcIpv4CidrBlockAssociationArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tCidrBlock: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcIpv4CidrBlockAssociation;\nimport com.pulumi.aws.ec2.VpcIpv4CidrBlockAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var secondaryCidr = new VpcIpv4CidrBlockAssociation(\"secondaryCidr\", VpcIpv4CidrBlockAssociationArgs.builder()\n .vpcId(main.id())\n .cidrBlock(\"172.20.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n secondaryCidr:\n type: aws:ec2:VpcIpv4CidrBlockAssociation\n name: secondary_cidr\n properties:\n vpcId: ${main.id}\n cidrBlock: 172.20.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_vpc_ipv4_cidr_block_association` using the VPC CIDR Association ID. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation example vpc-cidr-assoc-xxxxxxxx\n```\n", "properties": { "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n" }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n" }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n" } }, "required": [ "cidrBlock", "vpcId" ], "inputProperties": { "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n", "willReplaceOnChanges": true }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n", "willReplaceOnChanges": true }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpv4CidrBlockAssociation resources.\n", "properties": { "cidrBlock": { "type": "string", "description": "The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length`.\n", "willReplaceOnChanges": true }, "ipv4IpamPoolId": { "type": "string", "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n", "willReplaceOnChanges": true }, "ipv4NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcIpv6CidrBlockAssociation:VpcIpv6CidrBlockAssociation": { "description": "Provides a resource to associate additional IPv6 CIDR blocks with a VPC.\n\nThe `aws.ec2.VpcIpv6CidrBlockAssociation` resource allows IPv6 CIDR blocks to be added to the VPC.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ec2.Vpc(\"test\", {cidrBlock: \"10.0.0.0/16\"});\nconst testVpcIpv6CidrBlockAssociation = new aws.ec2.VpcIpv6CidrBlockAssociation(\"test\", {\n ipv6IpamPoolId: testAwsVpcIpamPool.id,\n vpcId: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.Vpc(\"test\", cidr_block=\"10.0.0.0/16\")\ntest_vpc_ipv6_cidr_block_association = aws.ec2.VpcIpv6CidrBlockAssociation(\"test\",\n ipv6_ipam_pool_id=test_aws_vpc_ipam_pool[\"id\"],\n vpc_id=test.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ec2.Vpc(\"test\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var testVpcIpv6CidrBlockAssociation = new Aws.Ec2.VpcIpv6CidrBlockAssociation(\"test\", new()\n {\n Ipv6IpamPoolId = testAwsVpcIpamPool.Id,\n VpcId = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpv6CidrBlockAssociation(ctx, \"test\", \u0026ec2.VpcIpv6CidrBlockAssociationArgs{\n\t\t\tIpv6IpamPoolId: pulumi.Any(testAwsVpcIpamPool.Id),\n\t\t\tVpcId: test.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcIpv6CidrBlockAssociation;\nimport com.pulumi.aws.ec2.VpcIpv6CidrBlockAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Vpc(\"test\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var testVpcIpv6CidrBlockAssociation = new VpcIpv6CidrBlockAssociation(\"testVpcIpv6CidrBlockAssociation\", VpcIpv6CidrBlockAssociationArgs.builder()\n .ipv6IpamPoolId(testAwsVpcIpamPool.id())\n .vpcId(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n testVpcIpv6CidrBlockAssociation:\n type: aws:ec2:VpcIpv6CidrBlockAssociation\n name: test\n properties:\n ipv6IpamPoolId: ${testAwsVpcIpamPool.id}\n vpcId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_vpc_ipv6_cidr_block_association` using the VPC CIDR Association ID. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpv6CidrBlockAssociation:VpcIpv6CidrBlockAssociation example vpc-cidr-assoc-xxxxxxxx\n```\n", "properties": { "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv6_netmask_length`. This parameter is required if `ipv6_netmask_length` is not set and the IPAM pool does not have `allocation_default_netmask` set.\n" }, "ipv6IpamPoolId": { "type": "string", "description": "The ID of an IPv6 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts.\n" }, "ipv6NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv6 CIDR you want to allocate to this VPC. Requires specifying a `ipv6_ipam_pool_id`. This parameter is optional if the IPAM pool has `allocation_default_netmask` set, otherwise it or `cidr_block` are required\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n" } }, "required": [ "ipv6CidrBlock", "ipv6IpamPoolId", "vpcId" ], "inputProperties": { "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv6_netmask_length`. This parameter is required if `ipv6_netmask_length` is not set and the IPAM pool does not have `allocation_default_netmask` set.\n", "willReplaceOnChanges": true }, "ipv6IpamPoolId": { "type": "string", "description": "The ID of an IPv6 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts.\n", "willReplaceOnChanges": true }, "ipv6NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv6 CIDR you want to allocate to this VPC. Requires specifying a `ipv6_ipam_pool_id`. This parameter is optional if the IPAM pool has `allocation_default_netmask` set, otherwise it or `cidr_block` are required\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ipv6IpamPoolId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcIpv6CidrBlockAssociation resources.\n", "properties": { "ipv6CidrBlock": { "type": "string", "description": "The IPv6 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv6_netmask_length`. This parameter is required if `ipv6_netmask_length` is not set and the IPAM pool does not have `allocation_default_netmask` set.\n", "willReplaceOnChanges": true }, "ipv6IpamPoolId": { "type": "string", "description": "The ID of an IPv6 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts.\n", "willReplaceOnChanges": true }, "ipv6NetmaskLength": { "type": "integer", "description": "The netmask length of the IPv6 CIDR you want to allocate to this VPC. Requires specifying a `ipv6_ipam_pool_id`. This parameter is optional if the IPAM pool has `allocation_default_netmask` set, otherwise it or `cidr_block` are required\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to make the association with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcNetworkPerformanceMetricSubscription:VpcNetworkPerformanceMetricSubscription": { "description": "Provides a resource to manage an Infrastructure Performance subscription.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpcNetworkPerformanceMetricSubscription(\"example\", {\n source: \"us-east-1\",\n destination: \"us-west-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpcNetworkPerformanceMetricSubscription(\"example\",\n source=\"us-east-1\",\n destination=\"us-west-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpcNetworkPerformanceMetricSubscription(\"example\", new()\n {\n Source = \"us-east-1\",\n Destination = \"us-west-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcNetworkPerformanceMetricSubscription(ctx, \"example\", \u0026ec2.VpcNetworkPerformanceMetricSubscriptionArgs{\n\t\t\tSource: pulumi.String(\"us-east-1\"),\n\t\t\tDestination: pulumi.String(\"us-west-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcNetworkPerformanceMetricSubscription;\nimport com.pulumi.aws.ec2.VpcNetworkPerformanceMetricSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcNetworkPerformanceMetricSubscription(\"example\", VpcNetworkPerformanceMetricSubscriptionArgs.builder()\n .source(\"us-east-1\")\n .destination(\"us-west-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcNetworkPerformanceMetricSubscription\n properties:\n source: us-east-1\n destination: us-west-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "destination": { "type": "string", "description": "The target Region or Availability Zone that the metric subscription is enabled for. For example, `eu-west-1`.\n" }, "metric": { "type": "string", "description": "The metric used for the enabled subscription. Valid values: `aggregate-latency`. Default: `aggregate-latency`.\n" }, "period": { "type": "string", "description": "The data aggregation time for the subscription.\n" }, "source": { "type": "string", "description": "The source Region or Availability Zone that the metric subscription is enabled for. For example, `us-east-1`.\n" }, "statistic": { "type": "string", "description": "The statistic used for the enabled subscription. Valid values: `p50`. Default: `p50`.\n" } }, "required": [ "destination", "period", "source" ], "inputProperties": { "destination": { "type": "string", "description": "The target Region or Availability Zone that the metric subscription is enabled for. For example, `eu-west-1`.\n", "willReplaceOnChanges": true }, "metric": { "type": "string", "description": "The metric used for the enabled subscription. Valid values: `aggregate-latency`. Default: `aggregate-latency`.\n", "willReplaceOnChanges": true }, "source": { "type": "string", "description": "The source Region or Availability Zone that the metric subscription is enabled for. For example, `us-east-1`.\n", "willReplaceOnChanges": true }, "statistic": { "type": "string", "description": "The statistic used for the enabled subscription. Valid values: `p50`. Default: `p50`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destination", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcNetworkPerformanceMetricSubscription resources.\n", "properties": { "destination": { "type": "string", "description": "The target Region or Availability Zone that the metric subscription is enabled for. For example, `eu-west-1`.\n", "willReplaceOnChanges": true }, "metric": { "type": "string", "description": "The metric used for the enabled subscription. Valid values: `aggregate-latency`. Default: `aggregate-latency`.\n", "willReplaceOnChanges": true }, "period": { "type": "string", "description": "The data aggregation time for the subscription.\n" }, "source": { "type": "string", "description": "The source Region or Availability Zone that the metric subscription is enabled for. For example, `us-east-1`.\n", "willReplaceOnChanges": true }, "statistic": { "type": "string", "description": "The statistic used for the enabled subscription. Valid values: `p50`. Default: `p50`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcPeeringConnection:VpcPeeringConnection": { "description": "Provides a resource to manage a VPC peering connection.\n\n\u003e **NOTE on VPC Peering Connections and VPC Peering Connection Options:** This provider provides\nboth a standalone VPC Peering Connection Options and a VPC Peering Connection\nresource with `accepter` and `requester` attributes. Do not manage options for the same VPC peering\nconnection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource.\nDoing so will cause a conflict of options and will overwrite the options.\nUsing a VPC Peering Connection Options resource decouples management of the connection options from\nmanagement of the VPC Peering Connection and allows options to be set correctly in cross-account scenarios.\n\n\u003e **Note:** For cross-account (requester's AWS account differs from the accepter's AWS account) or inter-region\nVPC Peering Connections use the `aws.ec2.VpcPeeringConnection` resource to manage the requester's side of the\nconnection and use the `aws.ec2.VpcPeeringConnectionAccepter` resource to manage the accepter's side of the connection.\n\n\u003e **Note:** Creating multiple `aws.ec2.VpcPeeringConnection` resources with the same `peer_vpc_id` and `vpc_id` will not produce an error. Instead, AWS will return the connection `id` that already exists, resulting in multiple `aws.ec2.VpcPeeringConnection` resources with the same `id`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n peerOwnerId: peerOwnerId,\n peerVpcId: bar.id,\n vpcId: fooAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n peer_owner_id=peer_owner_id,\n peer_vpc_id=bar[\"id\"],\n vpc_id=foo_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new()\n {\n PeerOwnerId = peerOwnerId,\n PeerVpcId = bar.Id,\n VpcId = fooAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcPeeringConnection(ctx, \"foo\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tPeerOwnerId: pulumi.Any(peerOwnerId),\n\t\t\tPeerVpcId: pulumi.Any(bar.Id),\n\t\t\tVpcId: pulumi.Any(fooAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new VpcPeeringConnection(\"foo\", VpcPeeringConnectionArgs.builder()\n .peerOwnerId(peerOwnerId)\n .peerVpcId(bar.id())\n .vpcId(fooAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:VpcPeeringConnection\n properties:\n peerOwnerId: ${peerOwnerId}\n peerVpcId: ${bar.id}\n vpcId: ${fooAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with connection options:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n peerOwnerId: peerOwnerId,\n peerVpcId: bar.id,\n vpcId: fooAwsVpc.id,\n accepter: {\n allowRemoteVpcDnsResolution: true,\n },\n requester: {\n allowRemoteVpcDnsResolution: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n peer_owner_id=peer_owner_id,\n peer_vpc_id=bar[\"id\"],\n vpc_id=foo_aws_vpc[\"id\"],\n accepter={\n \"allow_remote_vpc_dns_resolution\": True,\n },\n requester={\n \"allow_remote_vpc_dns_resolution\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new()\n {\n PeerOwnerId = peerOwnerId,\n PeerVpcId = bar.Id,\n VpcId = fooAwsVpc.Id,\n Accepter = new Aws.Ec2.Inputs.VpcPeeringConnectionAccepterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n Requester = new Aws.Ec2.Inputs.VpcPeeringConnectionRequesterArgs\n {\n AllowRemoteVpcDnsResolution = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcPeeringConnection(ctx, \"foo\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tPeerOwnerId: pulumi.Any(peerOwnerId),\n\t\t\tPeerVpcId: pulumi.Any(bar.Id),\n\t\t\tVpcId: pulumi.Any(fooAwsVpc.Id),\n\t\t\tAccepter: \u0026ec2.VpcPeeringConnectionAccepterTypeArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t\tRequester: \u0026ec2.VpcPeeringConnectionRequesterArgs{\n\t\t\t\tAllowRemoteVpcDnsResolution: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport com.pulumi.aws.ec2.inputs.VpcPeeringConnectionAccepterArgs;\nimport com.pulumi.aws.ec2.inputs.VpcPeeringConnectionRequesterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new VpcPeeringConnection(\"foo\", VpcPeeringConnectionArgs.builder()\n .peerOwnerId(peerOwnerId)\n .peerVpcId(bar.id())\n .vpcId(fooAwsVpc.id())\n .accepter(VpcPeeringConnectionAccepterArgs.builder()\n .allowRemoteVpcDnsResolution(true)\n .build())\n .requester(VpcPeeringConnectionRequesterArgs.builder()\n .allowRemoteVpcDnsResolution(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:VpcPeeringConnection\n properties:\n peerOwnerId: ${peerOwnerId}\n peerVpcId: ${bar.id}\n vpcId: ${fooAwsVpc.id}\n accepter:\n allowRemoteVpcDnsResolution: true\n requester:\n allowRemoteVpcDnsResolution: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.1.0.0/16\"});\nconst bar = new aws.ec2.Vpc(\"bar\", {cidrBlock: \"10.2.0.0/16\"});\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n peerOwnerId: peerOwnerId,\n peerVpcId: bar.id,\n vpcId: fooVpc.id,\n autoAccept: true,\n tags: {\n Name: \"VPC Peering between foo and bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"foo\", cidr_block=\"10.1.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.2.0.0/16\")\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n peer_owner_id=peer_owner_id,\n peer_vpc_id=bar.id,\n vpc_id=foo_vpc.id,\n auto_accept=True,\n tags={\n \"Name\": \"VPC Peering between foo and bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fooVpc = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var bar = new Aws.Ec2.Vpc(\"bar\", new()\n {\n CidrBlock = \"10.2.0.0/16\",\n });\n\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new()\n {\n PeerOwnerId = peerOwnerId,\n PeerVpcId = bar.Id,\n VpcId = fooVpc.Id,\n AutoAccept = true,\n Tags = \n {\n { \"Name\", \"VPC Peering between foo and bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewVpc(ctx, \"bar\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.2.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcPeeringConnection(ctx, \"foo\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tPeerOwnerId: pulumi.Any(peerOwnerId),\n\t\t\tPeerVpcId: bar.ID(),\n\t\t\tVpcId: fooVpc.ID(),\n\t\t\tAutoAccept: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"VPC Peering between foo and bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooVpc = new Vpc(\"fooVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var bar = new Vpc(\"bar\", VpcArgs.builder()\n .cidrBlock(\"10.2.0.0/16\")\n .build());\n\n var foo = new VpcPeeringConnection(\"foo\", VpcPeeringConnectionArgs.builder()\n .peerOwnerId(peerOwnerId)\n .peerVpcId(bar.id())\n .vpcId(fooVpc.id())\n .autoAccept(true)\n .tags(Map.of(\"Name\", \"VPC Peering between foo and bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:VpcPeeringConnection\n properties:\n peerOwnerId: ${peerOwnerId}\n peerVpcId: ${bar.id}\n vpcId: ${fooVpc.id}\n autoAccept: true\n tags:\n Name: VPC Peering between foo and bar\n fooVpc:\n type: aws:ec2:Vpc\n name: foo\n properties:\n cidrBlock: 10.1.0.0/16\n bar:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.2.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with region:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.1.0.0/16\"});\nconst bar = new aws.ec2.Vpc(\"bar\", {cidrBlock: \"10.2.0.0/16\"});\nconst foo = new aws.ec2.VpcPeeringConnection(\"foo\", {\n peerOwnerId: peerOwnerId,\n peerVpcId: bar.id,\n vpcId: fooVpc.id,\n peerRegion: \"us-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_vpc = aws.ec2.Vpc(\"foo\", cidr_block=\"10.1.0.0/16\")\nbar = aws.ec2.Vpc(\"bar\", cidr_block=\"10.2.0.0/16\")\nfoo = aws.ec2.VpcPeeringConnection(\"foo\",\n peer_owner_id=peer_owner_id,\n peer_vpc_id=bar.id,\n vpc_id=foo_vpc.id,\n peer_region=\"us-east-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fooVpc = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var bar = new Aws.Ec2.Vpc(\"bar\", new()\n {\n CidrBlock = \"10.2.0.0/16\",\n });\n\n var foo = new Aws.Ec2.VpcPeeringConnection(\"foo\", new()\n {\n PeerOwnerId = peerOwnerId,\n PeerVpcId = bar.Id,\n VpcId = fooVpc.Id,\n PeerRegion = \"us-east-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewVpc(ctx, \"bar\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.2.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcPeeringConnection(ctx, \"foo\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tPeerOwnerId: pulumi.Any(peerOwnerId),\n\t\t\tPeerVpcId: bar.ID(),\n\t\t\tVpcId: fooVpc.ID(),\n\t\t\tPeerRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooVpc = new Vpc(\"fooVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var bar = new Vpc(\"bar\", VpcArgs.builder()\n .cidrBlock(\"10.2.0.0/16\")\n .build());\n\n var foo = new VpcPeeringConnection(\"foo\", VpcPeeringConnectionArgs.builder()\n .peerOwnerId(peerOwnerId)\n .peerVpcId(bar.id())\n .vpcId(fooVpc.id())\n .peerRegion(\"us-east-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:VpcPeeringConnection\n properties:\n peerOwnerId: ${peerOwnerId}\n peerVpcId: ${bar.id}\n vpcId: ${fooVpc.id}\n peerRegion: us-east-1\n fooVpc:\n type: aws:ec2:Vpc\n name: foo\n properties:\n cidrBlock: 10.1.0.0/16\n bar:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.2.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Notes\n\nIf both VPCs are not in the same AWS account and region do not enable the `auto_accept` attribute.\nThe accepter can manage its side of the connection using the `aws.ec2.VpcPeeringConnectionAccepter` resource\nor accept the connection manually using the AWS Management Console, AWS CLI, through SDKs, etc.\n\n## Import\n\nUsing `pulumi import`, import VPC Peering resources using the VPC peering `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcPeeringConnection:VpcPeeringConnection test_connection pcx-111aaa111\n```\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account and region).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the target peer VPC.\nDefaults to the account ID the [AWS provider][1] is currently connected to, so must be managed if connecting cross-account.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the VPC Peering Connection. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the target VPC with which you are creating the VPC Peering Connection.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n" } }, "required": [ "acceptStatus", "accepter", "peerOwnerId", "peerRegion", "peerVpcId", "requester", "tagsAll", "vpcId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account and region).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the target peer VPC.\nDefaults to the account ID the [AWS provider][1] is currently connected to, so must be managed if connecting cross-account.\n", "willReplaceOnChanges": true }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the VPC Peering Connection. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n", "willReplaceOnChanges": true }, "peerVpcId": { "type": "string", "description": "The ID of the target VPC with which you are creating the VPC Peering Connection.\n", "willReplaceOnChanges": true }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "peerVpcId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcPeeringConnection resources.\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter", "description": "An optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts\nthe peering connection (a maximum of one).\n" }, "autoAccept": { "type": "boolean", "description": "Accept the peering (both VPCs need to be in the same AWS account and region).\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the target peer VPC.\nDefaults to the account ID the [AWS provider][1] is currently connected to, so must be managed if connecting cross-account.\n", "willReplaceOnChanges": true }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC of the VPC Peering Connection. `auto_accept` must be `false`,\nand use the `aws.ec2.VpcPeeringConnectionAccepter` to manage the accepter side.\n", "willReplaceOnChanges": true }, "peerVpcId": { "type": "string", "description": "The ID of the target VPC with which you are creating the VPC Peering Connection.\n", "willReplaceOnChanges": true }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionRequester:VpcPeeringConnectionRequester", "description": "A optional configuration block that allows for [VPC Peering Connection](https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests\nthe peering connection (a maximum of one).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the requester VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter": { "description": "Provides a resource to manage the accepter's side of a VPC Peering Connection.\n\nWhen a cross-account (requester's AWS account differs from the accepter's AWS account) or an inter-region\nVPC Peering Connection is created, a VPC Peering Connection resource is automatically created in the\naccepter's account.\nThe requester can use the `aws.ec2.VpcPeeringConnection` resource to manage its side of the connection\nand the accepter can use the `aws.ec2.VpcPeeringConnectionAccepter` resource to \"adopt\" its side of the\nconnection into management.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst peerVpc = new aws.ec2.Vpc(\"peer\", {cidrBlock: \"10.1.0.0/16\"});\nconst peer = aws.getCallerIdentity({});\n// Requester's side of the connection.\nconst peerVpcPeeringConnection = new aws.ec2.VpcPeeringConnection(\"peer\", {\n vpcId: main.id,\n peerVpcId: peerVpc.id,\n peerOwnerId: peer.then(peer =\u003e peer.accountId),\n peerRegion: \"us-west-2\",\n autoAccept: false,\n tags: {\n Side: \"Requester\",\n },\n});\n// Accepter's side of the connection.\nconst peerVpcPeeringConnectionAccepter = new aws.ec2.VpcPeeringConnectionAccepter(\"peer\", {\n vpcPeeringConnectionId: peerVpcPeeringConnection.id,\n autoAccept: true,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\npeer_vpc = aws.ec2.Vpc(\"peer\", cidr_block=\"10.1.0.0/16\")\npeer = aws.get_caller_identity()\n# Requester's side of the connection.\npeer_vpc_peering_connection = aws.ec2.VpcPeeringConnection(\"peer\",\n vpc_id=main.id,\n peer_vpc_id=peer_vpc.id,\n peer_owner_id=peer.account_id,\n peer_region=\"us-west-2\",\n auto_accept=False,\n tags={\n \"Side\": \"Requester\",\n })\n# Accepter's side of the connection.\npeer_vpc_peering_connection_accepter = aws.ec2.VpcPeeringConnectionAccepter(\"peer\",\n vpc_peering_connection_id=peer_vpc_peering_connection.id,\n auto_accept=True,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var peerVpc = new Aws.Ec2.Vpc(\"peer\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var peer = Aws.GetCallerIdentity.Invoke();\n\n // Requester's side of the connection.\n var peerVpcPeeringConnection = new Aws.Ec2.VpcPeeringConnection(\"peer\", new()\n {\n VpcId = main.Id,\n PeerVpcId = peerVpc.Id,\n PeerOwnerId = peer.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n PeerRegion = \"us-west-2\",\n AutoAccept = false,\n Tags = \n {\n { \"Side\", \"Requester\" },\n },\n });\n\n // Accepter's side of the connection.\n var peerVpcPeeringConnectionAccepter = new Aws.Ec2.VpcPeeringConnectionAccepter(\"peer\", new()\n {\n VpcPeeringConnectionId = peerVpcPeeringConnection.Id,\n AutoAccept = true,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpeerVpc, err := ec2.NewVpc(ctx, \"peer\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpeer, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Requester's side of the connection.\n\t\tpeerVpcPeeringConnection, err := ec2.NewVpcPeeringConnection(ctx, \"peer\", \u0026ec2.VpcPeeringConnectionArgs{\n\t\t\tVpcId: main.ID(),\n\t\t\tPeerVpcId: peerVpc.ID(),\n\t\t\tPeerOwnerId: pulumi.String(peer.AccountId),\n\t\t\tPeerRegion: pulumi.String(\"us-west-2\"),\n\t\t\tAutoAccept: pulumi.Bool(false),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Requester\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the connection.\n\t\t_, err = ec2.NewVpcPeeringConnectionAccepter(ctx, \"peer\", \u0026ec2.VpcPeeringConnectionAccepterArgs{\n\t\t\tVpcPeeringConnectionId: peerVpcPeeringConnection.ID(),\n\t\t\tAutoAccept: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnection;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionArgs;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionAccepter;\nimport com.pulumi.aws.ec2.VpcPeeringConnectionAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var peerVpc = new Vpc(\"peerVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n final var peer = AwsFunctions.getCallerIdentity();\n\n // Requester's side of the connection.\n var peerVpcPeeringConnection = new VpcPeeringConnection(\"peerVpcPeeringConnection\", VpcPeeringConnectionArgs.builder()\n .vpcId(main.id())\n .peerVpcId(peerVpc.id())\n .peerOwnerId(peer.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .peerRegion(\"us-west-2\")\n .autoAccept(false)\n .tags(Map.of(\"Side\", \"Requester\"))\n .build());\n\n // Accepter's side of the connection.\n var peerVpcPeeringConnectionAccepter = new VpcPeeringConnectionAccepter(\"peerVpcPeeringConnectionAccepter\", VpcPeeringConnectionAccepterArgs.builder()\n .vpcPeeringConnectionId(peerVpcPeeringConnection.id())\n .autoAccept(true)\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n peerVpc:\n type: aws:ec2:Vpc\n name: peer\n properties:\n cidrBlock: 10.1.0.0/16\n # Requester's side of the connection.\n peerVpcPeeringConnection:\n type: aws:ec2:VpcPeeringConnection\n name: peer\n properties:\n vpcId: ${main.id}\n peerVpcId: ${peerVpc.id}\n peerOwnerId: ${peer.accountId}\n peerRegion: us-west-2\n autoAccept: false\n tags:\n Side: Requester\n # Accepter's side of the connection.\n peerVpcPeeringConnectionAccepter:\n type: aws:ec2:VpcPeeringConnectionAccepter\n name: peer\n properties:\n vpcPeeringConnectionId: ${peerVpcPeeringConnection.id}\n autoAccept: true\n tags:\n Side: Accepter\nvariables:\n peer:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Peering Connection Accepters using the Peering Connection ID. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter example pcx-12345678\n```\nCertain resource arguments, like `auto_accept`, do not have an EC2 API method for reading the information after peering connection creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the requester VPC.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the requester VPC.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the accepter VPC.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n" } }, "required": [ "acceptStatus", "accepter", "peerOwnerId", "peerRegion", "peerVpcId", "requester", "tagsAll", "vpcId", "vpcPeeringConnectionId" ], "inputProperties": { "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcPeeringConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcPeeringConnectionAccepter resources.\n", "properties": { "acceptStatus": { "type": "string", "description": "The status of the VPC Peering Connection request.\n" }, "accepter": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterAccepter:VpcPeeringConnectionAccepterAccepter", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n" }, "autoAccept": { "type": "boolean", "description": "Whether or not to accept the peering request. Defaults to `false`.\n" }, "peerOwnerId": { "type": "string", "description": "The AWS account ID of the owner of the requester VPC.\n" }, "peerRegion": { "type": "string", "description": "The region of the accepter VPC.\n" }, "peerVpcId": { "type": "string", "description": "The ID of the requester VPC.\n" }, "requester": { "$ref": "#/types/aws:ec2/VpcPeeringConnectionAccepterRequester:VpcPeeringConnectionAccepterRequester", "description": "A configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of the accepter VPC.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "The VPC Peering Connection ID to manage.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpnConnection:VpnConnection": { "description": "Manages a Site-to-Site VPN connection. A Site-to-Site VPN connection is an Internet Protocol security (IPsec) VPN connection between a VPC and an on-premises network.\nAny new Site-to-Site VPN connection that you create is an [AWS VPN connection](https://docs.aws.amazon.com/vpn/latest/s2svpn/vpn-categories.html).\n\n\u003e **Note:** The CIDR blocks in the arguments `tunnel1_inside_cidr` and `tunnel2_inside_cidr` must have a prefix of /30 and be a part of a specific range.\n[Read more about this in the AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_VpnTunnelOptionsSpecification.html).\n\n## Example Usage\n\n### EC2 Transit Gateway\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: example.id,\n type: exampleCustomerGateway.type,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"65000\",\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example.id,\n type=example_customer_gateway.type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = example.Id,\n Type = exampleCustomerGateway.Type,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: example.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGateway(\"example\");\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.0.0.1\")\n .type(\"ipsec.1\")\n .build());\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder()\n .customerGatewayId(exampleCustomerGateway.id())\n .transitGatewayId(example.id())\n .type(exampleCustomerGateway.type())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:TransitGateway\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 65000\n ipAddress: 172.0.0.1\n type: ipsec.1\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n transitGatewayId: ${example.id}\n type: ${exampleCustomerGateway.type}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Virtual Private Gateway\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {cidrBlock: \"10.0.0.0/16\"});\nconst vpnGateway = new aws.ec2.VpnGateway(\"vpn_gateway\", {vpcId: vpc.id});\nconst customerGateway = new aws.ec2.CustomerGateway(\"customer_gateway\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst main = new aws.ec2.VpnConnection(\"main\", {\n vpnGatewayId: vpnGateway.id,\n customerGatewayId: customerGateway.id,\n type: \"ipsec.1\",\n staticRoutesOnly: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\", cidr_block=\"10.0.0.0/16\")\nvpn_gateway = aws.ec2.VpnGateway(\"vpn_gateway\", vpc_id=vpc.id)\ncustomer_gateway = aws.ec2.CustomerGateway(\"customer_gateway\",\n bgp_asn=\"65000\",\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nmain = aws.ec2.VpnConnection(\"main\",\n vpn_gateway_id=vpn_gateway.id,\n customer_gateway_id=customer_gateway.id,\n type=\"ipsec.1\",\n static_routes_only=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var vpnGateway = new Aws.Ec2.VpnGateway(\"vpn_gateway\", new()\n {\n VpcId = vpc.Id,\n });\n\n var customerGateway = new Aws.Ec2.CustomerGateway(\"customer_gateway\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n\n var main = new Aws.Ec2.VpnConnection(\"main\", new()\n {\n VpnGatewayId = vpnGateway.Id,\n CustomerGatewayId = customerGateway.Id,\n Type = \"ipsec.1\",\n StaticRoutesOnly = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := ec2.NewVpnGateway(ctx, \"vpn_gateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomerGateway, err := ec2.NewCustomerGateway(ctx, \"customer_gateway\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"main\", \u0026ec2.VpnConnectionArgs{\n\t\t\tVpnGatewayId: vpnGateway.ID(),\n\t\t\tCustomerGatewayId: customerGateway.ID(),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpc = new Vpc(\"vpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var vpnGateway = new VpnGateway(\"vpnGateway\", VpnGatewayArgs.builder()\n .vpcId(vpc.id())\n .build());\n\n var customerGateway = new CustomerGateway(\"customerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.0.0.1\")\n .type(\"ipsec.1\")\n .build());\n\n var main = new VpnConnection(\"main\", VpnConnectionArgs.builder()\n .vpnGatewayId(vpnGateway.id())\n .customerGatewayId(customerGateway.id())\n .type(\"ipsec.1\")\n .staticRoutesOnly(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n vpnGateway:\n type: aws:ec2:VpnGateway\n name: vpn_gateway\n properties:\n vpcId: ${vpc.id}\n customerGateway:\n type: aws:ec2:CustomerGateway\n name: customer_gateway\n properties:\n bgpAsn: 65000\n ipAddress: 172.0.0.1\n type: ipsec.1\n main:\n type: aws:ec2:VpnConnection\n properties:\n vpnGatewayId: ${vpnGateway.id}\n customerGatewayId: ${customerGateway.id}\n type: ipsec.1\n staticRoutesOnly: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Site to Site Private VPN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGateway = new aws.directconnect.Gateway(\"example\", {\n name: \"example_ipsec_vpn_example\",\n amazonSideAsn: \"64512\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {\n amazonSideAsn: 64513,\n description: \"example_ipsec_vpn_example\",\n transitGatewayCidrBlocks: [\"10.0.0.0/24\"],\n});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"64514\",\n ipAddress: \"10.0.0.1\",\n type: \"ipsec.1\",\n tags: {\n Name: \"example_ipsec_vpn_example\",\n },\n});\nconst exampleGatewayAssociation = new aws.directconnect.GatewayAssociation(\"example\", {\n dxGatewayId: exampleGateway.id,\n associatedGatewayId: exampleTransitGateway.id,\n allowedPrefixes: [\"10.0.0.0/8\"],\n});\nconst example = aws.ec2transitgateway.getDirectConnectGatewayAttachmentOutput({\n transitGatewayId: exampleTransitGateway.id,\n dxGatewayId: exampleGateway.id,\n});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n outsideIpAddressType: \"PrivateIpv4\",\n transitGatewayId: exampleTransitGateway.id,\n transportTransitGatewayAttachmentId: example.apply(example =\u003e example.id),\n type: \"ipsec.1\",\n tags: {\n Name: \"example_ipsec_vpn_example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_gateway = aws.directconnect.Gateway(\"example\",\n name=\"example_ipsec_vpn_example\",\n amazon_side_asn=\"64512\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\",\n amazon_side_asn=64513,\n description=\"example_ipsec_vpn_example\",\n transit_gateway_cidr_blocks=[\"10.0.0.0/24\"])\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"64514\",\n ip_address=\"10.0.0.1\",\n type=\"ipsec.1\",\n tags={\n \"Name\": \"example_ipsec_vpn_example\",\n })\nexample_gateway_association = aws.directconnect.GatewayAssociation(\"example\",\n dx_gateway_id=example_gateway.id,\n associated_gateway_id=example_transit_gateway.id,\n allowed_prefixes=[\"10.0.0.0/8\"])\nexample = aws.ec2transitgateway.get_direct_connect_gateway_attachment_output(transit_gateway_id=example_transit_gateway.id,\n dx_gateway_id=example_gateway.id)\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n outside_ip_address_type=\"PrivateIpv4\",\n transit_gateway_id=example_transit_gateway.id,\n transport_transit_gateway_attachment_id=example.id,\n type=\"ipsec.1\",\n tags={\n \"Name\": \"example_ipsec_vpn_example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGateway = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"example_ipsec_vpn_example\",\n AmazonSideAsn = \"64512\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new()\n {\n AmazonSideAsn = 64513,\n Description = \"example_ipsec_vpn_example\",\n TransitGatewayCidrBlocks = new[]\n {\n \"10.0.0.0/24\",\n },\n });\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"64514\",\n IpAddress = \"10.0.0.1\",\n Type = \"ipsec.1\",\n Tags = \n {\n { \"Name\", \"example_ipsec_vpn_example\" },\n },\n });\n\n var exampleGatewayAssociation = new Aws.DirectConnect.GatewayAssociation(\"example\", new()\n {\n DxGatewayId = exampleGateway.Id,\n AssociatedGatewayId = exampleTransitGateway.Id,\n AllowedPrefixes = new[]\n {\n \"10.0.0.0/8\",\n },\n });\n\n var example = Aws.Ec2TransitGateway.GetDirectConnectGatewayAttachment.Invoke(new()\n {\n TransitGatewayId = exampleTransitGateway.Id,\n DxGatewayId = exampleGateway.Id,\n });\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n OutsideIpAddressType = \"PrivateIpv4\",\n TransitGatewayId = exampleTransitGateway.Id,\n TransportTransitGatewayAttachmentId = example.Apply(getDirectConnectGatewayAttachmentResult =\u003e getDirectConnectGatewayAttachmentResult.Id),\n Type = \"ipsec.1\",\n Tags = \n {\n { \"Name\", \"example_ipsec_vpn_example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleGateway, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"example_ipsec_vpn_example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tAmazonSideAsn: pulumi.Int(64513),\n\t\t\tDescription: pulumi.String(\"example_ipsec_vpn_example\"),\n\t\t\tTransitGatewayCidrBlocks: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/24\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"64514\"),\n\t\t\tIpAddress: pulumi.String(\"10.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example_ipsec_vpn_example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewGatewayAssociation(ctx, \"example\", \u0026directconnect.GatewayAssociationArgs{\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t\tAssociatedGatewayId: exampleTransitGateway.ID(),\n\t\t\tAllowedPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/8\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := ec2transitgateway.GetDirectConnectGatewayAttachmentOutput(ctx, ec2transitgateway.GetDirectConnectGatewayAttachmentOutputArgs{\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tDxGatewayId: exampleGateway.ID(),\n\t\t}, nil)\n\t\t_, err = ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tOutsideIpAddressType: pulumi.String(\"PrivateIpv4\"),\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tTransportTransitGatewayAttachmentId: pulumi.String(example.ApplyT(func(example ec2transitgateway.GetDirectConnectGatewayAttachmentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example_ipsec_vpn_example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.directconnect.GatewayAssociation;\nimport com.pulumi.aws.directconnect.GatewayAssociationArgs;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetDirectConnectGatewayAttachmentArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGateway = new Gateway(\"exampleGateway\", GatewayArgs.builder()\n .name(\"example_ipsec_vpn_example\")\n .amazonSideAsn(\"64512\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\", TransitGatewayArgs.builder()\n .amazonSideAsn(\"64513\")\n .description(\"example_ipsec_vpn_example\")\n .transitGatewayCidrBlocks(\"10.0.0.0/24\")\n .build());\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(64514)\n .ipAddress(\"10.0.0.1\")\n .type(\"ipsec.1\")\n .tags(Map.of(\"Name\", \"example_ipsec_vpn_example\"))\n .build());\n\n var exampleGatewayAssociation = new GatewayAssociation(\"exampleGatewayAssociation\", GatewayAssociationArgs.builder()\n .dxGatewayId(exampleGateway.id())\n .associatedGatewayId(exampleTransitGateway.id())\n .allowedPrefixes(\"10.0.0.0/8\")\n .build());\n\n final var example = Ec2transitgatewayFunctions.getDirectConnectGatewayAttachment(GetDirectConnectGatewayAttachmentArgs.builder()\n .transitGatewayId(exampleTransitGateway.id())\n .dxGatewayId(exampleGateway.id())\n .build());\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder()\n .customerGatewayId(exampleCustomerGateway.id())\n .outsideIpAddressType(\"PrivateIpv4\")\n .transitGatewayId(exampleTransitGateway.id())\n .transportTransitGatewayAttachmentId(example.applyValue(getDirectConnectGatewayAttachmentResult -\u003e getDirectConnectGatewayAttachmentResult).applyValue(example -\u003e example.applyValue(getDirectConnectGatewayAttachmentResult -\u003e getDirectConnectGatewayAttachmentResult.id())))\n .type(\"ipsec.1\")\n .tags(Map.of(\"Name\", \"example_ipsec_vpn_example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleGateway:\n type: aws:directconnect:Gateway\n name: example\n properties:\n name: example_ipsec_vpn_example\n amazonSideAsn: '64512'\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n properties:\n amazonSideAsn: '64513'\n description: example_ipsec_vpn_example\n transitGatewayCidrBlocks:\n - 10.0.0.0/24\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 64514\n ipAddress: 10.0.0.1\n type: ipsec.1\n tags:\n Name: example_ipsec_vpn_example\n exampleGatewayAssociation:\n type: aws:directconnect:GatewayAssociation\n name: example\n properties:\n dxGatewayId: ${exampleGateway.id}\n associatedGatewayId: ${exampleTransitGateway.id}\n allowedPrefixes:\n - 10.0.0.0/8\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n outsideIpAddressType: PrivateIpv4\n transitGatewayId: ${exampleTransitGateway.id}\n transportTransitGatewayAttachmentId: ${example.id}\n type: ipsec.1\n tags:\n Name: example_ipsec_vpn_example\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getDirectConnectGatewayAttachment\n Arguments:\n transitGatewayId: ${exampleTransitGateway.id}\n dxGatewayId: ${exampleGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPN Connections using the VPN connection `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpnConnection:VpnConnection testvpnconnection vpn-40f41529\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Connection.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkAttachmentArn": { "type": "string", "description": "The ARN of the core network attachment.\n" }, "customerGatewayConfiguration": { "type": "string", "description": "The configuration information for the VPN connection's customer gateway (in the native XML format).\n", "secret": true }, "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "enableAcceleration": { "type": "boolean", "description": "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway.\n" }, "localIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "localIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "outsideIpAddressType": { "type": "string", "description": "Indicates if a Public S2S VPN or Private S2S VPN over AWS Direct Connect. Valid values are `PublicIpv4 | PrivateIpv4`\n" }, "remoteIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the AWS side of the VPN connection.\n" }, "remoteIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the AWS side of the VPN connection.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionRoute:VpnConnectionRoute" }, "description": "The static routes associated with the VPN connection. Detailed below.\n" }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "When associated with an EC2 Transit Gateway (`transit_gateway_id` argument), the attachment ID. See also the `aws.ec2.Tag` resource for tagging the EC2 Transit Gateway VPN Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "transportTransitGatewayAttachmentId": { "type": "string", "description": ". The attachment ID of the Transit Gateway attachment to Direct Connect Gateway. The ID is obtained through a data source only.\n" }, "tunnel1Address": { "type": "string", "description": "The public IP address of the first VPN tunnel.\n" }, "tunnel1BgpAsn": { "type": "string", "description": "The bgp asn number of the first VPN tunnel.\n" }, "tunnel1BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the first VPN tunnel.\n" }, "tunnel1CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).\n" }, "tunnel1DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the first VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel1DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the first VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel1EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the first VPN tunnel. Valid values are `true | false`.\n" }, "tunnel1IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the first VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n" }, "tunnel1InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the first VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n" }, "tunnel1LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel1LogOptions:VpnConnectionTunnel1LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel1Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel1Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel1RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the first VPN tunnel (determined by `tunnel1_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel1RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the first VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel1_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel1_phase2_lifetime_seconds`.\n" }, "tunnel1ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the first VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel1StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the first VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnel1VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).\n" }, "tunnel2Address": { "type": "string", "description": "The public IP address of the second VPN tunnel.\n" }, "tunnel2BgpAsn": { "type": "string", "description": "The bgp asn number of the second VPN tunnel.\n" }, "tunnel2BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the second VPN tunnel.\n" }, "tunnel2CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).\n" }, "tunnel2DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the second VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel2DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the second VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel2EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the second VPN tunnel. Valid values are `true | false`.\n" }, "tunnel2IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the second VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n" }, "tunnel2InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the second VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n" }, "tunnel2LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel2LogOptions:VpnConnectionTunnel2LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel2Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel2Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel2RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the second VPN tunnel (determined by `tunnel2_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel2RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel2_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel2_phase2_lifetime_seconds`.\n" }, "tunnel2ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel2StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnel2VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.\n" }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n" }, "vgwTelemetries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry" }, "description": "Telemetry for the VPN tunnels. Detailed below.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "required": [ "arn", "coreNetworkArn", "coreNetworkAttachmentArn", "customerGatewayConfiguration", "customerGatewayId", "enableAcceleration", "localIpv4NetworkCidr", "localIpv6NetworkCidr", "outsideIpAddressType", "remoteIpv4NetworkCidr", "remoteIpv6NetworkCidr", "routes", "staticRoutesOnly", "tagsAll", "transitGatewayAttachmentId", "tunnel1Address", "tunnel1BgpAsn", "tunnel1BgpHoldtime", "tunnel1CgwInsideAddress", "tunnel1InsideCidr", "tunnel1InsideIpv6Cidr", "tunnel1LogOptions", "tunnel1PresharedKey", "tunnel1VgwInsideAddress", "tunnel2Address", "tunnel2BgpAsn", "tunnel2BgpHoldtime", "tunnel2CgwInsideAddress", "tunnel2InsideCidr", "tunnel2InsideIpv6Cidr", "tunnel2LogOptions", "tunnel2PresharedKey", "tunnel2VgwInsideAddress", "tunnelInsideIpVersion", "type", "vgwTelemetries" ], "inputProperties": { "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "enableAcceleration": { "type": "boolean", "description": "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "localIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "localIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "outsideIpAddressType": { "type": "string", "description": "Indicates if a Public S2S VPN or Private S2S VPN over AWS Direct Connect. Valid values are `PublicIpv4 | PrivateIpv4`\n" }, "remoteIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the AWS side of the VPN connection.\n" }, "remoteIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the AWS side of the VPN connection.\n" }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "transportTransitGatewayAttachmentId": { "type": "string", "description": ". The attachment ID of the Transit Gateway attachment to Direct Connect Gateway. The ID is obtained through a data source only.\n" }, "tunnel1DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the first VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel1DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the first VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel1EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the first VPN tunnel. Valid values are `true | false`.\n" }, "tunnel1IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the first VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n", "willReplaceOnChanges": true }, "tunnel1InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the first VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n", "willReplaceOnChanges": true }, "tunnel1LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel1LogOptions:VpnConnectionTunnel1LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel1Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel1Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel1RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the first VPN tunnel (determined by `tunnel1_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel1RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the first VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel1_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel1_phase2_lifetime_seconds`.\n" }, "tunnel1ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the first VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel1StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the first VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnel2DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the second VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel2DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the second VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel2EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the second VPN tunnel. Valid values are `true | false`.\n" }, "tunnel2IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the second VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n", "willReplaceOnChanges": true }, "tunnel2InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the second VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n", "willReplaceOnChanges": true }, "tunnel2LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel2LogOptions:VpnConnectionTunnel2LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel2Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel2Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel2RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the second VPN tunnel (determined by `tunnel2_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel2RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel2_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel2_phase2_lifetime_seconds`.\n" }, "tunnel2ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel2StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "requiredInputs": [ "customerGatewayId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnConnection resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Connection.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkAttachmentArn": { "type": "string", "description": "The ARN of the core network attachment.\n" }, "customerGatewayConfiguration": { "type": "string", "description": "The configuration information for the VPN connection's customer gateway (in the native XML format).\n", "secret": true }, "customerGatewayId": { "type": "string", "description": "The ID of the customer gateway.\n" }, "enableAcceleration": { "type": "boolean", "description": "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "localIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "localIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n" }, "outsideIpAddressType": { "type": "string", "description": "Indicates if a Public S2S VPN or Private S2S VPN over AWS Direct Connect. Valid values are `PublicIpv4 | PrivateIpv4`\n" }, "remoteIpv4NetworkCidr": { "type": "string", "description": "The IPv4 CIDR on the AWS side of the VPN connection.\n" }, "remoteIpv6NetworkCidr": { "type": "string", "description": "The IPv6 CIDR on the AWS side of the VPN connection.\n" }, "routes": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionRoute:VpnConnectionRoute" }, "description": "The static routes associated with the VPN connection. Detailed below.\n" }, "staticRoutesOnly": { "type": "boolean", "description": "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "When associated with an EC2 Transit Gateway (`transit_gateway_id` argument), the attachment ID. See also the `aws.ec2.Tag` resource for tagging the EC2 Transit Gateway VPN Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "The ID of the EC2 Transit Gateway.\n" }, "transportTransitGatewayAttachmentId": { "type": "string", "description": ". The attachment ID of the Transit Gateway attachment to Direct Connect Gateway. The ID is obtained through a data source only.\n" }, "tunnel1Address": { "type": "string", "description": "The public IP address of the first VPN tunnel.\n" }, "tunnel1BgpAsn": { "type": "string", "description": "The bgp asn number of the first VPN tunnel.\n" }, "tunnel1BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the first VPN tunnel.\n" }, "tunnel1CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).\n" }, "tunnel1DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the first VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel1DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the first VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel1EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the first VPN tunnel. Valid values are `true | false`.\n" }, "tunnel1IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the first VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel1InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the first VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n", "willReplaceOnChanges": true }, "tunnel1InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the first VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n", "willReplaceOnChanges": true }, "tunnel1LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel1LogOptions:VpnConnectionTunnel1LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel1Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel1Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel1Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel1Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel1Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel1PresharedKey": { "type": "string", "description": "The preshared key of the first VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel1RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the first VPN tunnel (determined by `tunnel1_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel1RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the first VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel1_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel1_phase2_lifetime_seconds`.\n" }, "tunnel1ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the first VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel1StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the first VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnel1VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).\n" }, "tunnel2Address": { "type": "string", "description": "The public IP address of the second VPN tunnel.\n" }, "tunnel2BgpAsn": { "type": "string", "description": "The bgp asn number of the second VPN tunnel.\n" }, "tunnel2BgpHoldtime": { "type": "integer", "description": "The bgp holdtime of the second VPN tunnel.\n" }, "tunnel2CgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).\n" }, "tunnel2DpdTimeoutAction": { "type": "string", "description": "The action to take after DPD timeout occurs for the second VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are `clear | none | restart`.\n" }, "tunnel2DpdTimeoutSeconds": { "type": "integer", "description": "The number of seconds after which a DPD timeout occurs for the second VPN tunnel. Valid value is equal or higher than `30`.\n" }, "tunnel2EnableTunnelLifecycleControl": { "type": "boolean", "description": "Turn on or off tunnel endpoint lifecycle control feature for the second VPN tunnel. Valid values are `true | false`.\n" }, "tunnel2IkeVersions": { "type": "array", "items": { "type": "string" }, "description": "The IKE versions that are permitted for the second VPN tunnel. Valid values are `ikev1 | ikev2`.\n" }, "tunnel2InsideCidr": { "type": "string", "description": "The CIDR block of the inside IP addresses for the second VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.\n", "willReplaceOnChanges": true }, "tunnel2InsideIpv6Cidr": { "type": "string", "description": "The range of inside IPv6 addresses for the second VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.\n", "willReplaceOnChanges": true }, "tunnel2LogOptions": { "$ref": "#/types/aws:ec2/VpnConnectionTunnel2LogOptions:VpnConnectionTunnel2LogOptions", "description": "Options for logging VPN tunnel activity. See Log Options below for more details.\n" }, "tunnel2Phase1DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are ` 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase1EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase1IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "One or more integrity algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase1LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 1 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `28800`.\n" }, "tunnel2Phase2DhGroupNumbers": { "type": "array", "items": { "type": "integer" }, "description": "List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24`.\n" }, "tunnel2Phase2EncryptionAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16`.\n" }, "tunnel2Phase2IntegrityAlgorithms": { "type": "array", "items": { "type": "string" }, "description": "List of one or more integrity algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are `SHA1 | SHA2-256 | SHA2-384 | SHA2-512`.\n" }, "tunnel2Phase2LifetimeSeconds": { "type": "integer", "description": "The lifetime for phase 2 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between `900` and `3600`.\n" }, "tunnel2PresharedKey": { "type": "string", "description": "The preshared key of the second VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).\n", "secret": true }, "tunnel2RekeyFuzzPercentage": { "type": "integer", "description": "The percentage of the rekey window for the second VPN tunnel (determined by `tunnel2_rekey_margin_time_seconds`) during which the rekey time is randomly selected. Valid value is between `0` and `100`.\n" }, "tunnel2RekeyMarginTimeSeconds": { "type": "integer", "description": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel2_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel2_phase2_lifetime_seconds`.\n" }, "tunnel2ReplayWindowSize": { "type": "integer", "description": "The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.\n" }, "tunnel2StartupAction": { "type": "string", "description": "The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, "tunnel2VgwInsideAddress": { "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of VPN connection. The only type AWS supports at this time is \"ipsec.1\".\n", "willReplaceOnChanges": true }, "vgwTelemetries": { "type": "array", "items": { "$ref": "#/types/aws:ec2/VpnConnectionVgwTelemetry:VpnConnectionVgwTelemetry" }, "description": "Telemetry for the VPN tunnels. Detailed below.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "type": "object" } }, "aws:ec2/vpnConnectionRoute:VpnConnectionRoute": { "description": "Provides a static route between a VPN connection and a customer gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {cidrBlock: \"10.0.0.0/16\"});\nconst vpnGateway = new aws.ec2.VpnGateway(\"vpn_gateway\", {vpcId: vpc.id});\nconst customerGateway = new aws.ec2.CustomerGateway(\"customer_gateway\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.0.0.1\",\n type: \"ipsec.1\",\n});\nconst main = new aws.ec2.VpnConnection(\"main\", {\n vpnGatewayId: vpnGateway.id,\n customerGatewayId: customerGateway.id,\n type: \"ipsec.1\",\n staticRoutesOnly: true,\n});\nconst office = new aws.ec2.VpnConnectionRoute(\"office\", {\n destinationCidrBlock: \"192.168.10.0/24\",\n vpnConnectionId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\", cidr_block=\"10.0.0.0/16\")\nvpn_gateway = aws.ec2.VpnGateway(\"vpn_gateway\", vpc_id=vpc.id)\ncustomer_gateway = aws.ec2.CustomerGateway(\"customer_gateway\",\n bgp_asn=\"65000\",\n ip_address=\"172.0.0.1\",\n type=\"ipsec.1\")\nmain = aws.ec2.VpnConnection(\"main\",\n vpn_gateway_id=vpn_gateway.id,\n customer_gateway_id=customer_gateway.id,\n type=\"ipsec.1\",\n static_routes_only=True)\noffice = aws.ec2.VpnConnectionRoute(\"office\",\n destination_cidr_block=\"192.168.10.0/24\",\n vpn_connection_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var vpnGateway = new Aws.Ec2.VpnGateway(\"vpn_gateway\", new()\n {\n VpcId = vpc.Id,\n });\n\n var customerGateway = new Aws.Ec2.CustomerGateway(\"customer_gateway\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.0.0.1\",\n Type = \"ipsec.1\",\n });\n\n var main = new Aws.Ec2.VpnConnection(\"main\", new()\n {\n VpnGatewayId = vpnGateway.Id,\n CustomerGatewayId = customerGateway.Id,\n Type = \"ipsec.1\",\n StaticRoutesOnly = true,\n });\n\n var office = new Aws.Ec2.VpnConnectionRoute(\"office\", new()\n {\n DestinationCidrBlock = \"192.168.10.0/24\",\n VpnConnectionId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := ec2.NewVpnGateway(ctx, \"vpn_gateway\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomerGateway, err := ec2.NewCustomerGateway(ctx, \"customer_gateway\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.0.0.1\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := ec2.NewVpnConnection(ctx, \"main\", \u0026ec2.VpnConnectionArgs{\n\t\t\tVpnGatewayId: vpnGateway.ID(),\n\t\t\tCustomerGatewayId: customerGateway.ID(),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnectionRoute(ctx, \"office\", \u0026ec2.VpnConnectionRouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"192.168.10.0/24\"),\n\t\t\tVpnConnectionId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport com.pulumi.aws.ec2.VpnConnectionRoute;\nimport com.pulumi.aws.ec2.VpnConnectionRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpc = new Vpc(\"vpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var vpnGateway = new VpnGateway(\"vpnGateway\", VpnGatewayArgs.builder()\n .vpcId(vpc.id())\n .build());\n\n var customerGateway = new CustomerGateway(\"customerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.0.0.1\")\n .type(\"ipsec.1\")\n .build());\n\n var main = new VpnConnection(\"main\", VpnConnectionArgs.builder()\n .vpnGatewayId(vpnGateway.id())\n .customerGatewayId(customerGateway.id())\n .type(\"ipsec.1\")\n .staticRoutesOnly(true)\n .build());\n\n var office = new VpnConnectionRoute(\"office\", VpnConnectionRouteArgs.builder()\n .destinationCidrBlock(\"192.168.10.0/24\")\n .vpnConnectionId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n vpnGateway:\n type: aws:ec2:VpnGateway\n name: vpn_gateway\n properties:\n vpcId: ${vpc.id}\n customerGateway:\n type: aws:ec2:CustomerGateway\n name: customer_gateway\n properties:\n bgpAsn: 65000\n ipAddress: 172.0.0.1\n type: ipsec.1\n main:\n type: aws:ec2:VpnConnection\n properties:\n vpnGatewayId: ${vpnGateway.id}\n customerGatewayId: ${customerGateway.id}\n type: ipsec.1\n staticRoutesOnly: true\n office:\n type: aws:ec2:VpnConnectionRoute\n properties:\n destinationCidrBlock: 192.168.10.0/24\n vpnConnectionId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n" }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n" } }, "required": [ "destinationCidrBlock", "vpnConnectionId" ], "inputProperties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n", "willReplaceOnChanges": true }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationCidrBlock", "vpnConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnConnectionRoute resources.\n", "properties": { "destinationCidrBlock": { "type": "string", "description": "The CIDR block associated with the local subnet of the customer network.\n", "willReplaceOnChanges": true }, "vpnConnectionId": { "type": "string", "description": "The ID of the VPN connection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpnGateway:VpnGateway": { "description": "Provides a resource to create a VPC VPN Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {\n vpcId: main.id,\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpn_gw = aws.ec2.VpnGateway(\"vpn_gw\",\n vpc_id=main[\"id\"],\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpn_gw\", new()\n {\n VpcId = main.Id,\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpnGateway(ctx, \"vpn_gw\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpnGw = new VpnGateway(\"vpnGw\", VpnGatewayArgs.builder()\n .vpcId(main.id())\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpnGw:\n type: aws:ec2:VpnGateway\n name: vpn_gw\n properties:\n vpcId: ${main.id}\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPN Gateways using the VPN gateway `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpnGateway:VpnGateway testvpngateway vgw-9a4cacf3\n```\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Gateway.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "required": [ "amazonSideAsn", "arn", "tagsAll", "vpcId" ], "inputProperties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n", "willReplaceOnChanges": true }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VpnGateway resources.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "The Autonomous System Number (ASN) for the Amazon side of the gateway. If you don't specify an ASN, the virtual private gateway is created with the default ASN.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPN Gateway.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone for the virtual private gateway.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID to create in.\n" } }, "type": "object" } }, "aws:ec2/vpnGatewayAttachment:VpnGatewayAttachment": { "description": "Provides a Virtual Private Gateway attachment resource, allowing for an existing\nhardware VPN gateway to be attached and/or detached from a VPC.\n\n\u003e **Note:** The `aws.ec2.VpnGateway`\nresource can also automatically attach the Virtual Private Gateway it creates\nto an existing VPC by setting the `vpc_id` attribute accordingly.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.ec2.Vpc(\"network\", {cidrBlock: \"10.0.0.0/16\"});\nconst vpn = new aws.ec2.VpnGateway(\"vpn\", {tags: {\n Name: \"example-vpn-gateway\",\n}});\nconst vpnAttachment = new aws.ec2.VpnGatewayAttachment(\"vpn_attachment\", {\n vpcId: network.id,\n vpnGatewayId: vpn.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnetwork = aws.ec2.Vpc(\"network\", cidr_block=\"10.0.0.0/16\")\nvpn = aws.ec2.VpnGateway(\"vpn\", tags={\n \"Name\": \"example-vpn-gateway\",\n})\nvpn_attachment = aws.ec2.VpnGatewayAttachment(\"vpn_attachment\",\n vpc_id=network.id,\n vpn_gateway_id=vpn.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Aws.Ec2.Vpc(\"network\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var vpn = new Aws.Ec2.VpnGateway(\"vpn\", new()\n {\n Tags = \n {\n { \"Name\", \"example-vpn-gateway\" },\n },\n });\n\n var vpnAttachment = new Aws.Ec2.VpnGatewayAttachment(\"vpn_attachment\", new()\n {\n VpcId = network.Id,\n VpnGatewayId = vpn.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := ec2.NewVpc(ctx, \"network\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpn, err := ec2.NewVpnGateway(ctx, \"vpn\", \u0026ec2.VpnGatewayArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-vpn-gateway\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnGatewayAttachment(ctx, \"vpn_attachment\", \u0026ec2.VpnGatewayAttachmentArgs{\n\t\t\tVpcId: network.ID(),\n\t\t\tVpnGatewayId: vpn.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.ec2.VpnGatewayAttachment;\nimport com.pulumi.aws.ec2.VpnGatewayAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Vpc(\"network\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var vpn = new VpnGateway(\"vpn\", VpnGatewayArgs.builder()\n .tags(Map.of(\"Name\", \"example-vpn-gateway\"))\n .build());\n\n var vpnAttachment = new VpnGatewayAttachment(\"vpnAttachment\", VpnGatewayAttachmentArgs.builder()\n .vpcId(network.id())\n .vpnGatewayId(vpn.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n vpn:\n type: aws:ec2:VpnGateway\n properties:\n tags:\n Name: example-vpn-gateway\n vpnAttachment:\n type: aws:ec2:VpnGatewayAttachment\n name: vpn_attachment\n properties:\n vpcId: ${network.id}\n vpnGatewayId: ${vpn.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nSee [Virtual Private Cloud](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html)\nand [Virtual Private Gateway](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) user\nguides for more information.\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n" }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n" } }, "required": [ "vpcId", "vpnGatewayId" ], "inputProperties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId", "vpnGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnGatewayAttachment resources.\n", "properties": { "vpcId": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The ID of the Virtual Private Gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation": { "description": "Requests automatic route propagation between a VPN gateway and a route table.\n\n\u003e **Note:** This resource should not be used with a route table that has\nthe `propagating_vgws` argument set. If that argument is set, any route\npropagation not explicitly listed in its value will be removed.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.VpnGatewayRoutePropagation(\"example\", {\n vpnGatewayId: exampleAwsVpnGateway.id,\n routeTableId: exampleAwsRouteTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.VpnGatewayRoutePropagation(\"example\",\n vpn_gateway_id=example_aws_vpn_gateway[\"id\"],\n route_table_id=example_aws_route_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.VpnGatewayRoutePropagation(\"example\", new()\n {\n VpnGatewayId = exampleAwsVpnGateway.Id,\n RouteTableId = exampleAwsRouteTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpnGatewayRoutePropagation(ctx, \"example\", \u0026ec2.VpnGatewayRoutePropagationArgs{\n\t\t\tVpnGatewayId: pulumi.Any(exampleAwsVpnGateway.Id),\n\t\t\tRouteTableId: pulumi.Any(exampleAwsRouteTable.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpnGatewayRoutePropagation;\nimport com.pulumi.aws.ec2.VpnGatewayRoutePropagationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpnGatewayRoutePropagation(\"example\", VpnGatewayRoutePropagationArgs.builder()\n .vpnGatewayId(exampleAwsVpnGateway.id())\n .routeTableId(exampleAwsRouteTable.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpnGatewayRoutePropagation\n properties:\n vpnGatewayId: ${exampleAwsVpnGateway.id}\n routeTableId: ${exampleAwsRouteTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n" }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n" } }, "required": [ "routeTableId", "vpnGatewayId" ], "inputProperties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "routeTableId", "vpnGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpnGatewayRoutePropagation resources.\n", "properties": { "routeTableId": { "type": "string", "description": "The id of the `aws.ec2.RouteTable` to propagate routes into.\n", "willReplaceOnChanges": true }, "vpnGatewayId": { "type": "string", "description": "The id of the `aws.ec2.VpnGateway` to propagate routes from.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2clientvpn/authorizationRule:AuthorizationRule": { "description": "Provides authorization rules for AWS Client VPN endpoints. For more information on usage, please see the\n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2clientvpn.AuthorizationRule(\"example\", {\n clientVpnEndpointId: exampleAwsEc2ClientVpnEndpoint.id,\n targetNetworkCidr: exampleAwsSubnet.cidrBlock,\n authorizeAllGroups: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.AuthorizationRule(\"example\",\n client_vpn_endpoint_id=example_aws_ec2_client_vpn_endpoint[\"id\"],\n target_network_cidr=example_aws_subnet[\"cidrBlock\"],\n authorize_all_groups=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2ClientVpn.AuthorizationRule(\"example\", new()\n {\n ClientVpnEndpointId = exampleAwsEc2ClientVpnEndpoint.Id,\n TargetNetworkCidr = exampleAwsSubnet.CidrBlock,\n AuthorizeAllGroups = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2clientvpn.NewAuthorizationRule(ctx, \"example\", \u0026ec2clientvpn.AuthorizationRuleArgs{\n\t\t\tClientVpnEndpointId: pulumi.Any(exampleAwsEc2ClientVpnEndpoint.Id),\n\t\t\tTargetNetworkCidr: pulumi.Any(exampleAwsSubnet.CidrBlock),\n\t\t\tAuthorizeAllGroups: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.AuthorizationRule;\nimport com.pulumi.aws.ec2clientvpn.AuthorizationRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthorizationRule(\"example\", AuthorizationRuleArgs.builder()\n .clientVpnEndpointId(exampleAwsEc2ClientVpnEndpoint.id())\n .targetNetworkCidr(exampleAwsSubnet.cidrBlock())\n .authorizeAllGroups(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2clientvpn:AuthorizationRule\n properties:\n clientVpnEndpointId: ${exampleAwsEc2ClientVpnEndpoint.id}\n targetNetworkCidr: ${exampleAwsSubnet.cidrBlock}\n authorizeAllGroups: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing the endpoint ID, target network CIDR, and group name:\n\n__Using `pulumi import` to import__ AWS Client VPN authorization rules using the endpoint ID and target network CIDR. If there is a specific group name, include that also. All values are separated by a `,`. For example:\n\nUsing the endpoint ID and target network CIDR:\n\n```sh\n$ pulumi import aws:ec2clientvpn/authorizationRule:AuthorizationRule example cvpn-endpoint-0ac3a1abbccddd666,10.1.0.0/24\n```\nUsing the endpoint ID, target network CIDR, and group name:\n\n```sh\n$ pulumi import aws:ec2clientvpn/authorizationRule:AuthorizationRule example cvpn-endpoint-0ac3a1abbccddd666,10.1.0.0/24,team-a\n```\n", "properties": { "accessGroupId": { "type": "string", "description": "The ID of the group to which the authorization rule grants access. One of `access_group_id` or `authorize_all_groups` must be set.\n" }, "authorizeAllGroups": { "type": "boolean", "description": "Indicates whether the authorization rule grants access to all clients. One of `access_group_id` or `authorize_all_groups` must be set.\n" }, "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "description": { "type": "string", "description": "A brief description of the authorization rule.\n" }, "targetNetworkCidr": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the network to which the authorization rule applies.\n" } }, "required": [ "clientVpnEndpointId", "targetNetworkCidr" ], "inputProperties": { "accessGroupId": { "type": "string", "description": "The ID of the group to which the authorization rule grants access. One of `access_group_id` or `authorize_all_groups` must be set.\n", "willReplaceOnChanges": true }, "authorizeAllGroups": { "type": "boolean", "description": "Indicates whether the authorization rule grants access to all clients. One of `access_group_id` or `authorize_all_groups` must be set.\n", "willReplaceOnChanges": true }, "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the authorization rule.\n", "willReplaceOnChanges": true }, "targetNetworkCidr": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the network to which the authorization rule applies.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientVpnEndpointId", "targetNetworkCidr" ], "stateInputs": { "description": "Input properties used for looking up and filtering AuthorizationRule resources.\n", "properties": { "accessGroupId": { "type": "string", "description": "The ID of the group to which the authorization rule grants access. One of `access_group_id` or `authorize_all_groups` must be set.\n", "willReplaceOnChanges": true }, "authorizeAllGroups": { "type": "boolean", "description": "Indicates whether the authorization rule grants access to all clients. One of `access_group_id` or `authorize_all_groups` must be set.\n", "willReplaceOnChanges": true }, "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the authorization rule.\n", "willReplaceOnChanges": true }, "targetNetworkCidr": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the network to which the authorization rule applies.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2clientvpn/endpoint:Endpoint": { "description": "Provides an AWS Client VPN endpoint for OpenVPN clients. For more information on usage, please see the\n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2clientvpn.Endpoint(\"example\", {\n description: \"clientvpn-example\",\n serverCertificateArn: cert.arn,\n clientCidrBlock: \"10.0.0.0/16\",\n authenticationOptions: [{\n type: \"certificate-authentication\",\n rootCertificateChainArn: rootCert.arn,\n }],\n connectionLogOptions: {\n enabled: true,\n cloudwatchLogGroup: lg.name,\n cloudwatchLogStream: ls.name,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.Endpoint(\"example\",\n description=\"clientvpn-example\",\n server_certificate_arn=cert[\"arn\"],\n client_cidr_block=\"10.0.0.0/16\",\n authentication_options=[{\n \"type\": \"certificate-authentication\",\n \"root_certificate_chain_arn\": root_cert[\"arn\"],\n }],\n connection_log_options={\n \"enabled\": True,\n \"cloudwatch_log_group\": lg[\"name\"],\n \"cloudwatch_log_stream\": ls[\"name\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2ClientVpn.Endpoint(\"example\", new()\n {\n Description = \"clientvpn-example\",\n ServerCertificateArn = cert.Arn,\n ClientCidrBlock = \"10.0.0.0/16\",\n AuthenticationOptions = new[]\n {\n new Aws.Ec2ClientVpn.Inputs.EndpointAuthenticationOptionArgs\n {\n Type = \"certificate-authentication\",\n RootCertificateChainArn = rootCert.Arn,\n },\n },\n ConnectionLogOptions = new Aws.Ec2ClientVpn.Inputs.EndpointConnectionLogOptionsArgs\n {\n Enabled = true,\n CloudwatchLogGroup = lg.Name,\n CloudwatchLogStream = ls.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2clientvpn.NewEndpoint(ctx, \"example\", \u0026ec2clientvpn.EndpointArgs{\n\t\t\tDescription: pulumi.String(\"clientvpn-example\"),\n\t\t\tServerCertificateArn: pulumi.Any(cert.Arn),\n\t\t\tClientCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tAuthenticationOptions: ec2clientvpn.EndpointAuthenticationOptionArray{\n\t\t\t\t\u0026ec2clientvpn.EndpointAuthenticationOptionArgs{\n\t\t\t\t\tType: pulumi.String(\"certificate-authentication\"),\n\t\t\t\t\tRootCertificateChainArn: pulumi.Any(rootCert.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConnectionLogOptions: \u0026ec2clientvpn.EndpointConnectionLogOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tCloudwatchLogGroup: pulumi.Any(lg.Name),\n\t\t\t\tCloudwatchLogStream: pulumi.Any(ls.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.Endpoint;\nimport com.pulumi.aws.ec2clientvpn.EndpointArgs;\nimport com.pulumi.aws.ec2clientvpn.inputs.EndpointAuthenticationOptionArgs;\nimport com.pulumi.aws.ec2clientvpn.inputs.EndpointConnectionLogOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Endpoint(\"example\", EndpointArgs.builder()\n .description(\"clientvpn-example\")\n .serverCertificateArn(cert.arn())\n .clientCidrBlock(\"10.0.0.0/16\")\n .authenticationOptions(EndpointAuthenticationOptionArgs.builder()\n .type(\"certificate-authentication\")\n .rootCertificateChainArn(rootCert.arn())\n .build())\n .connectionLogOptions(EndpointConnectionLogOptionsArgs.builder()\n .enabled(true)\n .cloudwatchLogGroup(lg.name())\n .cloudwatchLogStream(ls.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2clientvpn:Endpoint\n properties:\n description: clientvpn-example\n serverCertificateArn: ${cert.arn}\n clientCidrBlock: 10.0.0.0/16\n authenticationOptions:\n - type: certificate-authentication\n rootCertificateChainArn: ${rootCert.arn}\n connectionLogOptions:\n enabled: true\n cloudwatchLogGroup: ${lg.name}\n cloudwatchLogStream: ${ls.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Client VPN endpoints using the `id` value found via `aws ec2 describe-client-vpn-endpoints`. For example:\n\n```sh\n$ pulumi import aws:ec2clientvpn/endpoint:Endpoint example cvpn-endpoint-0ac3a1abbccddd666\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Client VPN endpoint.\n" }, "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n" }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n" }, "clientConnectOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientConnectOptions:EndpointClientConnectOptions", "description": "The options for managing connection authorization for new client connections.\n" }, "clientLoginBannerOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientLoginBannerOptions:EndpointClientLoginBannerOptions", "description": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "A brief description of the Client VPN endpoint.\n" }, "dnsName": { "type": "string", "description": "The DNS name to be used by clients when establishing their VPN session.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the connecting device is used.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.\n" }, "selfServicePortal": { "type": "string", "description": "Specify whether to enable the self-service portal for the Client VPN endpoint. Values can be `enabled` or `disabled`. Default value is `disabled`.\n" }, "selfServicePortalUrl": { "type": "string", "description": "The URL of the self-service portal.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "sessionTimeoutHours": { "type": "integer", "description": "The maximum session duration is a trigger by which end-users are required to re-authenticate prior to establishing a VPN session. Default value is `24` - Valid values: `8 | 10 | 12 | 24`\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.\n" }, "vpnPort": { "type": "integer", "description": "The port number for the Client VPN endpoint. Valid values are `443` and `1194`. Default value is `443`.\n" } }, "required": [ "arn", "authenticationOptions", "clientCidrBlock", "clientConnectOptions", "clientLoginBannerOptions", "connectionLogOptions", "dnsName", "securityGroupIds", "selfServicePortalUrl", "serverCertificateArn", "tagsAll", "vpcId" ], "inputProperties": { "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n", "willReplaceOnChanges": true }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n", "willReplaceOnChanges": true }, "clientConnectOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientConnectOptions:EndpointClientConnectOptions", "description": "The options for managing connection authorization for new client connections.\n" }, "clientLoginBannerOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientLoginBannerOptions:EndpointClientLoginBannerOptions", "description": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "A brief description of the Client VPN endpoint.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the connecting device is used.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.\n" }, "selfServicePortal": { "type": "string", "description": "Specify whether to enable the self-service portal for the Client VPN endpoint. Values can be `enabled` or `disabled`. Default value is `disabled`.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "sessionTimeoutHours": { "type": "integer", "description": "The maximum session duration is a trigger by which end-users are required to re-authenticate prior to establishing a VPN session. Default value is `24` - Valid values: `8 | 10 | 12 | 24`\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.\n" }, "vpnPort": { "type": "integer", "description": "The port number for the Client VPN endpoint. Valid values are `443` and `1194`. Default value is `443`.\n" } }, "requiredInputs": [ "authenticationOptions", "clientCidrBlock", "connectionLogOptions", "serverCertificateArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Client VPN endpoint.\n" }, "authenticationOptions": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/EndpointAuthenticationOption:EndpointAuthenticationOption" }, "description": "Information about the authentication method to be used to authenticate clients.\n", "willReplaceOnChanges": true }, "clientCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.\n", "willReplaceOnChanges": true }, "clientConnectOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientConnectOptions:EndpointClientConnectOptions", "description": "The options for managing connection authorization for new client connections.\n" }, "clientLoginBannerOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointClientLoginBannerOptions:EndpointClientLoginBannerOptions", "description": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n" }, "connectionLogOptions": { "$ref": "#/types/aws:ec2clientvpn/EndpointConnectionLogOptions:EndpointConnectionLogOptions", "description": "Information about the client connection logging options.\n" }, "description": { "type": "string", "description": "A brief description of the Client VPN endpoint.\n" }, "dnsName": { "type": "string", "description": "The DNS name to be used by clients when establishing their VPN session.\n" }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the connecting device is used.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.\n" }, "selfServicePortal": { "type": "string", "description": "Specify whether to enable the self-service portal for the Client VPN endpoint. Values can be `enabled` or `disabled`. Default value is `disabled`.\n" }, "selfServicePortalUrl": { "type": "string", "description": "The URL of the self-service portal.\n" }, "serverCertificateArn": { "type": "string", "description": "The ARN of the ACM server certificate.\n" }, "sessionTimeoutHours": { "type": "integer", "description": "The maximum session duration is a trigger by which end-users are required to re-authenticate prior to establishing a VPN session. Default value is `24` - Valid values: `8 | 10 | 12 | 24`\n" }, "splitTunnel": { "type": "boolean", "description": "Indicates whether split-tunnel is enabled on VPN endpoint. Default value is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transportProtocol": { "type": "string", "description": "The transport protocol to be used by the VPN session. Default value is `udp`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.\n" }, "vpnPort": { "type": "integer", "description": "The port number for the Client VPN endpoint. Valid values are `443` and `1194`. Default value is `443`.\n" } }, "type": "object" } }, "aws:ec2clientvpn/networkAssociation:NetworkAssociation": { "description": "Provides network associations for AWS Client VPN endpoints. For more information on usage, please see the\n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2clientvpn.NetworkAssociation(\"example\", {\n clientVpnEndpointId: exampleAwsEc2ClientVpnEndpoint.id,\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.NetworkAssociation(\"example\",\n client_vpn_endpoint_id=example_aws_ec2_client_vpn_endpoint[\"id\"],\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2ClientVpn.NetworkAssociation(\"example\", new()\n {\n ClientVpnEndpointId = exampleAwsEc2ClientVpnEndpoint.Id,\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2clientvpn.NewNetworkAssociation(ctx, \"example\", \u0026ec2clientvpn.NetworkAssociationArgs{\n\t\t\tClientVpnEndpointId: pulumi.Any(exampleAwsEc2ClientVpnEndpoint.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.NetworkAssociation;\nimport com.pulumi.aws.ec2clientvpn.NetworkAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NetworkAssociation(\"example\", NetworkAssociationArgs.builder()\n .clientVpnEndpointId(exampleAwsEc2ClientVpnEndpoint.id())\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2clientvpn:NetworkAssociation\n properties:\n clientVpnEndpointId: ${exampleAwsEc2ClientVpnEndpoint.id}\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Client VPN network associations using the endpoint ID and the association ID. Values are separated by a `,`. For example:\n\n```sh\n$ pulumi import aws:ec2clientvpn/networkAssociation:NetworkAssociation example cvpn-endpoint-0ac3a1abbccddd666,cvpn-assoc-0b8db902465d069ad\n```\n", "properties": { "associationId": { "type": "string", "description": "The unique ID of the target network association.\n" }, "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the target subnet is located.\n" } }, "required": [ "associationId", "clientVpnEndpointId", "subnetId", "vpcId" ], "inputProperties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientVpnEndpointId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NetworkAssociation resources.\n", "properties": { "associationId": { "type": "string", "description": "The unique ID of the target network association.\n" }, "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the target subnet is located.\n" } }, "type": "object" } }, "aws:ec2clientvpn/route:Route": { "description": "Provides additional routes for AWS Client VPN endpoints. For more information on usage, please see the\n[AWS Client VPN Administrator's Guide](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleEndpoint = new aws.ec2clientvpn.Endpoint(\"example\", {\n description: \"Example Client VPN endpoint\",\n serverCertificateArn: exampleAwsAcmCertificate.arn,\n clientCidrBlock: \"10.0.0.0/16\",\n authenticationOptions: [{\n type: \"certificate-authentication\",\n rootCertificateChainArn: exampleAwsAcmCertificate.arn,\n }],\n connectionLogOptions: {\n enabled: false,\n },\n});\nconst exampleNetworkAssociation = new aws.ec2clientvpn.NetworkAssociation(\"example\", {\n clientVpnEndpointId: exampleEndpoint.id,\n subnetId: exampleAwsSubnet.id,\n});\nconst example = new aws.ec2clientvpn.Route(\"example\", {\n clientVpnEndpointId: exampleEndpoint.id,\n destinationCidrBlock: \"0.0.0.0/0\",\n targetVpcSubnetId: exampleNetworkAssociation.subnetId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_endpoint = aws.ec2clientvpn.Endpoint(\"example\",\n description=\"Example Client VPN endpoint\",\n server_certificate_arn=example_aws_acm_certificate[\"arn\"],\n client_cidr_block=\"10.0.0.0/16\",\n authentication_options=[{\n \"type\": \"certificate-authentication\",\n \"root_certificate_chain_arn\": example_aws_acm_certificate[\"arn\"],\n }],\n connection_log_options={\n \"enabled\": False,\n })\nexample_network_association = aws.ec2clientvpn.NetworkAssociation(\"example\",\n client_vpn_endpoint_id=example_endpoint.id,\n subnet_id=example_aws_subnet[\"id\"])\nexample = aws.ec2clientvpn.Route(\"example\",\n client_vpn_endpoint_id=example_endpoint.id,\n destination_cidr_block=\"0.0.0.0/0\",\n target_vpc_subnet_id=example_network_association.subnet_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleEndpoint = new Aws.Ec2ClientVpn.Endpoint(\"example\", new()\n {\n Description = \"Example Client VPN endpoint\",\n ServerCertificateArn = exampleAwsAcmCertificate.Arn,\n ClientCidrBlock = \"10.0.0.0/16\",\n AuthenticationOptions = new[]\n {\n new Aws.Ec2ClientVpn.Inputs.EndpointAuthenticationOptionArgs\n {\n Type = \"certificate-authentication\",\n RootCertificateChainArn = exampleAwsAcmCertificate.Arn,\n },\n },\n ConnectionLogOptions = new Aws.Ec2ClientVpn.Inputs.EndpointConnectionLogOptionsArgs\n {\n Enabled = false,\n },\n });\n\n var exampleNetworkAssociation = new Aws.Ec2ClientVpn.NetworkAssociation(\"example\", new()\n {\n ClientVpnEndpointId = exampleEndpoint.Id,\n SubnetId = exampleAwsSubnet.Id,\n });\n\n var example = new Aws.Ec2ClientVpn.Route(\"example\", new()\n {\n ClientVpnEndpointId = exampleEndpoint.Id,\n DestinationCidrBlock = \"0.0.0.0/0\",\n TargetVpcSubnetId = exampleNetworkAssociation.SubnetId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleEndpoint, err := ec2clientvpn.NewEndpoint(ctx, \"example\", \u0026ec2clientvpn.EndpointArgs{\n\t\t\tDescription: pulumi.String(\"Example Client VPN endpoint\"),\n\t\t\tServerCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\tClientCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tAuthenticationOptions: ec2clientvpn.EndpointAuthenticationOptionArray{\n\t\t\t\t\u0026ec2clientvpn.EndpointAuthenticationOptionArgs{\n\t\t\t\t\tType: pulumi.String(\"certificate-authentication\"),\n\t\t\t\t\tRootCertificateChainArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConnectionLogOptions: \u0026ec2clientvpn.EndpointConnectionLogOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleNetworkAssociation, err := ec2clientvpn.NewNetworkAssociation(ctx, \"example\", \u0026ec2clientvpn.NetworkAssociationArgs{\n\t\t\tClientVpnEndpointId: exampleEndpoint.ID(),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2clientvpn.NewRoute(ctx, \"example\", \u0026ec2clientvpn.RouteArgs{\n\t\t\tClientVpnEndpointId: exampleEndpoint.ID(),\n\t\t\tDestinationCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tTargetVpcSubnetId: exampleNetworkAssociation.SubnetId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.Endpoint;\nimport com.pulumi.aws.ec2clientvpn.EndpointArgs;\nimport com.pulumi.aws.ec2clientvpn.inputs.EndpointAuthenticationOptionArgs;\nimport com.pulumi.aws.ec2clientvpn.inputs.EndpointConnectionLogOptionsArgs;\nimport com.pulumi.aws.ec2clientvpn.NetworkAssociation;\nimport com.pulumi.aws.ec2clientvpn.NetworkAssociationArgs;\nimport com.pulumi.aws.ec2clientvpn.Route;\nimport com.pulumi.aws.ec2clientvpn.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder()\n .description(\"Example Client VPN endpoint\")\n .serverCertificateArn(exampleAwsAcmCertificate.arn())\n .clientCidrBlock(\"10.0.0.0/16\")\n .authenticationOptions(EndpointAuthenticationOptionArgs.builder()\n .type(\"certificate-authentication\")\n .rootCertificateChainArn(exampleAwsAcmCertificate.arn())\n .build())\n .connectionLogOptions(EndpointConnectionLogOptionsArgs.builder()\n .enabled(false)\n .build())\n .build());\n\n var exampleNetworkAssociation = new NetworkAssociation(\"exampleNetworkAssociation\", NetworkAssociationArgs.builder()\n .clientVpnEndpointId(exampleEndpoint.id())\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n var example = new Route(\"example\", RouteArgs.builder()\n .clientVpnEndpointId(exampleEndpoint.id())\n .destinationCidrBlock(\"0.0.0.0/0\")\n .targetVpcSubnetId(exampleNetworkAssociation.subnetId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2clientvpn:Route\n properties:\n clientVpnEndpointId: ${exampleEndpoint.id}\n destinationCidrBlock: 0.0.0.0/0\n targetVpcSubnetId: ${exampleNetworkAssociation.subnetId}\n exampleNetworkAssociation:\n type: aws:ec2clientvpn:NetworkAssociation\n name: example\n properties:\n clientVpnEndpointId: ${exampleEndpoint.id}\n subnetId: ${exampleAwsSubnet.id}\n exampleEndpoint:\n type: aws:ec2clientvpn:Endpoint\n name: example\n properties:\n description: Example Client VPN endpoint\n serverCertificateArn: ${exampleAwsAcmCertificate.arn}\n clientCidrBlock: 10.0.0.0/16\n authenticationOptions:\n - type: certificate-authentication\n rootCertificateChainArn: ${exampleAwsAcmCertificate.arn}\n connectionLogOptions:\n enabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Client VPN routes using the endpoint ID, target subnet ID, and destination CIDR block. All values are separated by a `,`. For example:\n\n```sh\n$ pulumi import aws:ec2clientvpn/route:Route example cvpn-endpoint-1234567890abcdef,subnet-9876543210fedcba,10.1.0.0/24\n```\n", "properties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n" }, "description": { "type": "string", "description": "A brief description of the route.\n" }, "destinationCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the route destination.\n" }, "origin": { "type": "string", "description": "Indicates how the Client VPN route was added. Will be `add-route` for routes created by this resource.\n" }, "targetVpcSubnetId": { "type": "string", "description": "The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.\n" }, "type": { "type": "string", "description": "The type of the route.\n" } }, "required": [ "clientVpnEndpointId", "destinationCidrBlock", "origin", "targetVpcSubnetId", "type" ], "inputProperties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the route.\n", "willReplaceOnChanges": true }, "destinationCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the route destination.\n", "willReplaceOnChanges": true }, "targetVpcSubnetId": { "type": "string", "description": "The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientVpnEndpointId", "destinationCidrBlock", "targetVpcSubnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "clientVpnEndpointId": { "type": "string", "description": "The ID of the Client VPN endpoint.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A brief description of the route.\n", "willReplaceOnChanges": true }, "destinationCidrBlock": { "type": "string", "description": "The IPv4 address range, in CIDR notation, of the route destination.\n", "willReplaceOnChanges": true }, "origin": { "type": "string", "description": "Indicates how the Client VPN route was added. Will be `add-route` for routes created by this resource.\n" }, "targetVpcSubnetId": { "type": "string", "description": "The ID of the Subnet to route the traffic through. It must already be attached to the Client VPN.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "The type of the route.\n" } }, "type": "object" } }, "aws:ec2transitgateway/connect:Connect": { "description": "Manages an EC2 Transit Gateway Connect.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.VpcAttachment(\"example\", {\n subnetIds: [exampleAwsSubnet.id],\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n vpcId: exampleAwsVpc.id,\n});\nconst attachment = new aws.ec2transitgateway.Connect(\"attachment\", {\n transportAttachmentId: example.id,\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.VpcAttachment(\"example\",\n subnet_ids=[example_aws_subnet[\"id\"]],\n transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"],\n vpc_id=example_aws_vpc[\"id\"])\nattachment = aws.ec2transitgateway.Connect(\"attachment\",\n transport_attachment_id=example.id,\n transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.VpcAttachment(\"example\", new()\n {\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n VpcId = exampleAwsVpc.Id,\n });\n\n var attachment = new Aws.Ec2TransitGateway.Connect(\"attachment\", new()\n {\n TransportAttachmentId = example.Id,\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2transitgateway.NewVpcAttachment(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewConnect(ctx, \"attachment\", \u0026ec2transitgateway.ConnectArgs{\n\t\t\tTransportAttachmentId: example.ID(),\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachment;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentArgs;\nimport com.pulumi.aws.ec2transitgateway.Connect;\nimport com.pulumi.aws.ec2transitgateway.ConnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetIds(exampleAwsSubnet.id())\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n var attachment = new Connect(\"attachment\", ConnectArgs.builder()\n .transportAttachmentId(example.id())\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:VpcAttachment\n properties:\n subnetIds:\n - ${exampleAwsSubnet.id}\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n vpcId: ${exampleAwsVpc.id}\n attachment:\n type: aws:ec2transitgateway:Connect\n properties:\n transportAttachmentId: ${example.id}\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_connect` using the EC2 Transit Gateway Connect identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/connect:Connect example tgw-attach-12345678\n```\n", "properties": { "protocol": { "type": "string", "description": "The tunnel protocol. Valid values: `gre`. Default is `gre`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the Connect should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the Connect should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "transportAttachmentId": { "type": "string", "description": "The underlaying VPC attachment\n" } }, "required": [ "tagsAll", "transitGatewayId", "transportAttachmentId" ], "inputProperties": { "protocol": { "type": "string", "description": "The tunnel protocol. Valid values: `gre`. Default is `gre`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the Connect should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the Connect should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "transportAttachmentId": { "type": "string", "description": "The underlaying VPC attachment\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayId", "transportAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connect resources.\n", "properties": { "protocol": { "type": "string", "description": "The tunnel protocol. Valid values: `gre`. Default is `gre`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the Connect should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the Connect should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "transportAttachmentId": { "type": "string", "description": "The underlaying VPC attachment\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/connectPeer:ConnectPeer": { "description": "Manages an EC2 Transit Gateway Connect Peer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.Connect(\"example\", {\n transportAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n});\nconst exampleConnectPeer = new aws.ec2transitgateway.ConnectPeer(\"example\", {\n peerAddress: \"10.1.2.3\",\n insideCidrBlocks: [\"169.254.100.0/29\"],\n transitGatewayAttachmentId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.Connect(\"example\",\n transport_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"])\nexample_connect_peer = aws.ec2transitgateway.ConnectPeer(\"example\",\n peer_address=\"10.1.2.3\",\n inside_cidr_blocks=[\"169.254.100.0/29\"],\n transit_gateway_attachment_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.Connect(\"example\", new()\n {\n TransportAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n });\n\n var exampleConnectPeer = new Aws.Ec2TransitGateway.ConnectPeer(\"example\", new()\n {\n PeerAddress = \"10.1.2.3\",\n InsideCidrBlocks = new[]\n {\n \"169.254.100.0/29\",\n },\n TransitGatewayAttachmentId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2transitgateway.NewConnect(ctx, \"example\", \u0026ec2transitgateway.ConnectArgs{\n\t\t\tTransportAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewConnectPeer(ctx, \"example\", \u0026ec2transitgateway.ConnectPeerArgs{\n\t\t\tPeerAddress: pulumi.String(\"10.1.2.3\"),\n\t\t\tInsideCidrBlocks: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"169.254.100.0/29\"),\n\t\t\t},\n\t\t\tTransitGatewayAttachmentId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Connect;\nimport com.pulumi.aws.ec2transitgateway.ConnectArgs;\nimport com.pulumi.aws.ec2transitgateway.ConnectPeer;\nimport com.pulumi.aws.ec2transitgateway.ConnectPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connect(\"example\", ConnectArgs.builder()\n .transportAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder()\n .peerAddress(\"10.1.2.3\")\n .insideCidrBlocks(\"169.254.100.0/29\")\n .transitGatewayAttachmentId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:Connect\n properties:\n transportAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n exampleConnectPeer:\n type: aws:ec2transitgateway:ConnectPeer\n name: example\n properties:\n peerAddress: 10.1.2.3\n insideCidrBlocks:\n - 169.254.100.0/29\n transitGatewayAttachmentId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_connect_peer` using the EC2 Transit Gateway Connect Peer identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/connectPeer:ConnectPeer example tgw-connect-peer-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Connect Peer ARN\n" }, "bgpAsn": { "type": "string", "description": "The BGP ASN number assigned customer device. If not provided, it will use the same BGP ASN as is associated with Transit Gateway.\n" }, "bgpPeerAddress": { "type": "string", "description": "The IP address assigned to customer device, which is used as BGP IP address.\n" }, "bgpTransitGatewayAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses assigned to Transit Gateway, which are used as BGP IP addresses.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The CIDR block that will be used for addressing within the tunnel. It must contain exactly one IPv4 CIDR block and up to one IPv6 CIDR block. The IPv4 CIDR block must be /29 size and must be within 169.254.0.0/16 range, with exception of: 169.254.0.0/29, 169.254.1.0/29, 169.254.2.0/29, 169.254.3.0/29, 169.254.4.0/29, 169.254.5.0/29, 169.254.169.248/29. The IPv6 CIDR block must be /125 size and must be within fd00::/8. The first IP from each CIDR block is assigned for customer gateway, the second and third is for Transit Gateway (An example: from range 169.254.100.0/29, .1 is assigned to customer gateway and .2 and .3 are assigned to Transit Gateway)\n" }, "peerAddress": { "type": "string", "description": "The IP addressed assigned to customer device, which will be used as tunnel endpoint. It can be IPv4 or IPv6 address, but must be the same address family as `transit_gateway_address`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect Peer. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAddress": { "type": "string", "description": "The IP address assigned to Transit Gateway, which will be used as tunnel endpoint. This address must be from associated Transit Gateway CIDR block. The address must be from the same address family as `peer_address`. If not set explicitly, it will be selected from associated Transit Gateway CIDR blocks\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The Transit Gateway Connect\n" } }, "required": [ "arn", "bgpAsn", "bgpPeerAddress", "bgpTransitGatewayAddresses", "insideCidrBlocks", "peerAddress", "tagsAll", "transitGatewayAddress", "transitGatewayAttachmentId" ], "inputProperties": { "bgpAsn": { "type": "string", "description": "The BGP ASN number assigned customer device. If not provided, it will use the same BGP ASN as is associated with Transit Gateway.\n", "willReplaceOnChanges": true }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The CIDR block that will be used for addressing within the tunnel. It must contain exactly one IPv4 CIDR block and up to one IPv6 CIDR block. The IPv4 CIDR block must be /29 size and must be within 169.254.0.0/16 range, with exception of: 169.254.0.0/29, 169.254.1.0/29, 169.254.2.0/29, 169.254.3.0/29, 169.254.4.0/29, 169.254.5.0/29, 169.254.169.248/29. The IPv6 CIDR block must be /125 size and must be within fd00::/8. The first IP from each CIDR block is assigned for customer gateway, the second and third is for Transit Gateway (An example: from range 169.254.100.0/29, .1 is assigned to customer gateway and .2 and .3 are assigned to Transit Gateway)\n", "willReplaceOnChanges": true }, "peerAddress": { "type": "string", "description": "The IP addressed assigned to customer device, which will be used as tunnel endpoint. It can be IPv4 or IPv6 address, but must be the same address family as `transit_gateway_address`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect Peer. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayAddress": { "type": "string", "description": "The IP address assigned to Transit Gateway, which will be used as tunnel endpoint. This address must be from associated Transit Gateway CIDR block. The address must be from the same address family as `peer_address`. If not set explicitly, it will be selected from associated Transit Gateway CIDR blocks\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "The Transit Gateway Connect\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "insideCidrBlocks", "peerAddress", "transitGatewayAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectPeer resources.\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Connect Peer ARN\n" }, "bgpAsn": { "type": "string", "description": "The BGP ASN number assigned customer device. If not provided, it will use the same BGP ASN as is associated with Transit Gateway.\n", "willReplaceOnChanges": true }, "bgpPeerAddress": { "type": "string", "description": "The IP address assigned to customer device, which is used as BGP IP address.\n" }, "bgpTransitGatewayAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses assigned to Transit Gateway, which are used as BGP IP addresses.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The CIDR block that will be used for addressing within the tunnel. It must contain exactly one IPv4 CIDR block and up to one IPv6 CIDR block. The IPv4 CIDR block must be /29 size and must be within 169.254.0.0/16 range, with exception of: 169.254.0.0/29, 169.254.1.0/29, 169.254.2.0/29, 169.254.3.0/29, 169.254.4.0/29, 169.254.5.0/29, 169.254.169.248/29. The IPv6 CIDR block must be /125 size and must be within fd00::/8. The first IP from each CIDR block is assigned for customer gateway, the second and third is for Transit Gateway (An example: from range 169.254.100.0/29, .1 is assigned to customer gateway and .2 and .3 are assigned to Transit Gateway)\n", "willReplaceOnChanges": true }, "peerAddress": { "type": "string", "description": "The IP addressed assigned to customer device, which will be used as tunnel endpoint. It can be IPv4 or IPv6 address, but must be the same address family as `transit_gateway_address`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect Peer. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAddress": { "type": "string", "description": "The IP address assigned to Transit Gateway, which will be used as tunnel endpoint. This address must be from associated Transit Gateway CIDR block. The address must be from the same address family as `peer_address`. If not set explicitly, it will be selected from associated Transit Gateway CIDR blocks\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "The Transit Gateway Connect\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/instanceConnectEndpoint:InstanceConnectEndpoint": { "description": "Manages an EC2 Instance Connect Endpoint.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.InstanceConnectEndpoint(\"example\", {subnetId: exampleAwsSubnet.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.InstanceConnectEndpoint(\"example\", subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.InstanceConnectEndpoint(\"example\", new()\n {\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewInstanceConnectEndpoint(ctx, \"example\", \u0026ec2transitgateway.InstanceConnectEndpointArgs{\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.InstanceConnectEndpoint;\nimport com.pulumi.aws.ec2transitgateway.InstanceConnectEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceConnectEndpoint(\"example\", InstanceConnectEndpointArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:InstanceConnectEndpoint\n properties:\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EC2 Instance Connect Endpoints using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/instanceConnectEndpoint:InstanceConnectEndpoint example eice-012345678\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone of the EC2 Instance Connect Endpoint.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the EC2 Instance Connect Endpoint.\n" }, "fipsDnsName": { "type": "string", "description": "The DNS name of the EC2 Instance Connect FIPS Endpoint.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the ENIs that Amazon EC2 automatically created when creating the EC2 Instance Connect Endpoint.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that created the EC2 Instance Connect Endpoint.\n" }, "preserveClientIp": { "type": "boolean", "description": "Indicates whether your client's IP address is preserved as the source. Default: `true`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for the VPC will be associated with the endpoint.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:ec2transitgateway/InstanceConnectEndpointTimeouts:InstanceConnectEndpointTimeouts" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the EC2 Instance Connect Endpoint was created.\n" } }, "required": [ "arn", "availabilityZone", "dnsName", "fipsDnsName", "networkInterfaceIds", "ownerId", "preserveClientIp", "securityGroupIds", "subnetId", "tagsAll", "vpcId" ], "inputProperties": { "preserveClientIp": { "type": "boolean", "description": "Indicates whether your client's IP address is preserved as the source. Default: `true`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for the VPC will be associated with the endpoint.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:ec2transitgateway/InstanceConnectEndpointTimeouts:InstanceConnectEndpointTimeouts" } }, "requiredInputs": [ "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceConnectEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone of the EC2 Instance Connect Endpoint.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the EC2 Instance Connect Endpoint.\n" }, "fipsDnsName": { "type": "string", "description": "The DNS name of the EC2 Instance Connect FIPS Endpoint.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the ENIs that Amazon EC2 automatically created when creating the EC2 Instance Connect Endpoint.\n" }, "ownerId": { "type": "string", "description": "The ID of the AWS account that created the EC2 Instance Connect Endpoint.\n" }, "preserveClientIp": { "type": "boolean", "description": "Indicates whether your client's IP address is preserved as the source. Default: `true`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for the VPC will be associated with the endpoint.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:ec2transitgateway/InstanceConnectEndpointTimeouts:InstanceConnectEndpointTimeouts" }, "vpcId": { "type": "string", "description": "The ID of the VPC in which the EC2 Instance Connect Endpoint was created.\n" } }, "type": "object" } }, "aws:ec2transitgateway/instanceState:InstanceState": { "description": "Provides an EC2 instance state resource. This allows managing an instance power state.\n\n\u003e **NOTE on Instance State Management:** AWS does not currently have an EC2 API operation to determine an instance has finished processing user data. As a result, this resource can interfere with user data processing. For example, this resource may stop an instance while the user data script is in mid run.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = aws.ec2.getAmi({\n mostRecent: true,\n filters: [\n {\n name: \"name\",\n values: [\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n owners: [\"099720109477\"],\n});\nconst test = new aws.ec2.Instance(\"test\", {\n ami: ubuntu.then(ubuntu =\u003e ubuntu.id),\n instanceType: aws.ec2.InstanceType.T3_Micro,\n tags: {\n Name: \"HelloWorld\",\n },\n});\nconst testInstanceState = new aws.ec2transitgateway.InstanceState(\"test\", {\n instanceId: test.id,\n state: \"stopped\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_ami(most_recent=True,\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ],\n owners=[\"099720109477\"])\ntest = aws.ec2.Instance(\"test\",\n ami=ubuntu.id,\n instance_type=aws.ec2.InstanceType.T3_MICRO,\n tags={\n \"Name\": \"HelloWorld\",\n })\ntest_instance_state = aws.ec2transitgateway.InstanceState(\"test\",\n instance_id=test.id,\n state=\"stopped\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ubuntu = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"virtualization-type\",\n Values = new[]\n {\n \"hvm\",\n },\n },\n },\n Owners = new[]\n {\n \"099720109477\",\n },\n });\n\n var test = new Aws.Ec2.Instance(\"test\", new()\n {\n Ami = ubuntu.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T3_Micro,\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n var testInstanceState = new Aws.Ec2TransitGateway.InstanceState(\"test\", new()\n {\n InstanceId = test.Id,\n State = \"stopped\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tubuntu, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewInstance(ctx, \"test\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(ubuntu.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T3_Micro),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewInstanceState(ctx, \"test\", \u0026ec2transitgateway.InstanceStateArgs{\n\t\t\tInstanceId: test.ID(),\n\t\t\tState: pulumi.String(\"stopped\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2transitgateway.InstanceState;\nimport com.pulumi.aws.ec2transitgateway.InstanceStateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ubuntu = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"virtualization-type\")\n .values(\"hvm\")\n .build())\n .owners(\"099720109477\")\n .build());\n\n var test = new Instance(\"test\", InstanceArgs.builder()\n .ami(ubuntu.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t3.micro\")\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n var testInstanceState = new InstanceState(\"testInstanceState\", InstanceStateArgs.builder()\n .instanceId(test.id())\n .state(\"stopped\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Instance\n properties:\n ami: ${ubuntu.id}\n instanceType: t3.micro\n tags:\n Name: HelloWorld\n testInstanceState:\n type: aws:ec2transitgateway:InstanceState\n name: test\n properties:\n instanceId: ${test.id}\n state: stopped\nvariables:\n ubuntu:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n filters:\n - name: name\n values:\n - ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\n - name: virtualization-type\n values:\n - hvm\n owners:\n - '099720109477'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_instance_state` using the `instance_id` attribute. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/instanceState:InstanceState test i-02cae6557dfcf2f96\n```\n", "properties": { "force": { "type": "boolean", "description": "Whether to request a forced stop when `state` is `stopped`. Otherwise (_i.e._, `state` is `running`), ignored. When an instance is forced to stop, it does not flush file system caches or file system metadata, and you must subsequently perform file system check and repair. Not recommended for Windows instances. Defaults to `false`.\n" }, "instanceId": { "type": "string", "description": "ID of the instance.\n" }, "state": { "type": "string", "description": "State of the instance. Valid values are `stopped`, `running`.\n\nThe following arguments are optional:\n" } }, "required": [ "instanceId", "state" ], "inputProperties": { "force": { "type": "boolean", "description": "Whether to request a forced stop when `state` is `stopped`. Otherwise (_i.e._, `state` is `running`), ignored. When an instance is forced to stop, it does not flush file system caches or file system metadata, and you must subsequently perform file system check and repair. Not recommended for Windows instances. Defaults to `false`.\n" }, "instanceId": { "type": "string", "description": "ID of the instance.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the instance. Valid values are `stopped`, `running`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "instanceId", "state" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceState resources.\n", "properties": { "force": { "type": "boolean", "description": "Whether to request a forced stop when `state` is `stopped`. Otherwise (_i.e._, `state` is `running`), ignored. When an instance is forced to stop, it does not flush file system caches or file system metadata, and you must subsequently perform file system check and repair. Not recommended for Windows instances. Defaults to `false`.\n" }, "instanceId": { "type": "string", "description": "ID of the instance.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the instance. Valid values are `stopped`, `running`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:ec2transitgateway/multicastDomain:MulticastDomain": { "description": "Manages an EC2 Transit Gateway Multicast Domain.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst amazonLinux = aws.ec2.getAmi({\n mostRecent: true,\n owners: [\"amazon\"],\n filters: [\n {\n name: \"name\",\n values: [\"amzn-ami-hvm-*-x86_64-gp2\"],\n },\n {\n name: \"owner-alias\",\n values: [\"amazon\"],\n },\n ],\n});\nconst vpc1 = new aws.ec2.Vpc(\"vpc1\", {cidrBlock: \"10.0.0.0/16\"});\nconst vpc2 = new aws.ec2.Vpc(\"vpc2\", {cidrBlock: \"10.1.0.0/16\"});\nconst subnet1 = new aws.ec2.Subnet(\"subnet1\", {\n vpcId: vpc1.id,\n cidrBlock: \"10.0.1.0/24\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n});\nconst subnet2 = new aws.ec2.Subnet(\"subnet2\", {\n vpcId: vpc1.id,\n cidrBlock: \"10.0.2.0/24\",\n availabilityZone: available.then(available =\u003e available.names?.[1]),\n});\nconst subnet3 = new aws.ec2.Subnet(\"subnet3\", {\n vpcId: vpc2.id,\n cidrBlock: \"10.1.1.0/24\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n});\nconst instance1 = new aws.ec2.Instance(\"instance1\", {\n ami: amazonLinux.then(amazonLinux =\u003e amazonLinux.id),\n instanceType: aws.ec2.InstanceType.T2_Micro,\n subnetId: subnet1.id,\n});\nconst instance2 = new aws.ec2.Instance(\"instance2\", {\n ami: amazonLinux.then(amazonLinux =\u003e amazonLinux.id),\n instanceType: aws.ec2.InstanceType.T2_Micro,\n subnetId: subnet2.id,\n});\nconst instance3 = new aws.ec2.Instance(\"instance3\", {\n ami: amazonLinux.then(amazonLinux =\u003e amazonLinux.id),\n instanceType: aws.ec2.InstanceType.T2_Micro,\n subnetId: subnet3.id,\n});\nconst tgw = new aws.ec2transitgateway.TransitGateway(\"tgw\", {multicastSupport: \"enable\"});\nconst attachment1 = new aws.ec2transitgateway.VpcAttachment(\"attachment1\", {\n subnetIds: [\n subnet1.id,\n subnet2.id,\n ],\n transitGatewayId: tgw.id,\n vpcId: vpc1.id,\n});\nconst attachment2 = new aws.ec2transitgateway.VpcAttachment(\"attachment2\", {\n subnetIds: [subnet3.id],\n transitGatewayId: tgw.id,\n vpcId: vpc2.id,\n});\nconst domain = new aws.ec2transitgateway.MulticastDomain(\"domain\", {\n transitGatewayId: tgw.id,\n staticSourcesSupport: \"enable\",\n tags: {\n Name: \"Transit_Gateway_Multicast_Domain_Example\",\n },\n});\nconst association3 = new aws.ec2transitgateway.MulticastDomainAssociation(\"association3\", {\n subnetId: subnet3.id,\n transitGatewayAttachmentId: attachment2.id,\n transitGatewayMulticastDomainId: domain.id,\n});\nconst source = new aws.ec2transitgateway.MulticastGroupSource(\"source\", {\n groupIpAddress: \"224.0.0.1\",\n networkInterfaceId: instance3.primaryNetworkInterfaceId,\n transitGatewayMulticastDomainId: association3.transitGatewayMulticastDomainId,\n});\nconst association1 = new aws.ec2transitgateway.MulticastDomainAssociation(\"association1\", {\n subnetId: subnet1.id,\n transitGatewayAttachmentId: attachment1.id,\n transitGatewayMulticastDomainId: domain.id,\n});\nconst association2 = new aws.ec2transitgateway.MulticastDomainAssociation(\"association2\", {\n subnetId: subnet2.id,\n transitGatewayAttachmentId: attachment2.id,\n transitGatewayMulticastDomainId: domain.id,\n});\nconst member1 = new aws.ec2transitgateway.MulticastGroupMember(\"member1\", {\n groupIpAddress: \"224.0.0.1\",\n networkInterfaceId: instance1.primaryNetworkInterfaceId,\n transitGatewayMulticastDomainId: association1.transitGatewayMulticastDomainId,\n});\nconst member2 = new aws.ec2transitgateway.MulticastGroupMember(\"member2\", {\n groupIpAddress: \"224.0.0.1\",\n networkInterfaceId: instance2.primaryNetworkInterfaceId,\n transitGatewayMulticastDomainId: association1.transitGatewayMulticastDomainId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\")\namazon_linux = aws.ec2.get_ami(most_recent=True,\n owners=[\"amazon\"],\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"amzn-ami-hvm-*-x86_64-gp2\"],\n },\n {\n \"name\": \"owner-alias\",\n \"values\": [\"amazon\"],\n },\n ])\nvpc1 = aws.ec2.Vpc(\"vpc1\", cidr_block=\"10.0.0.0/16\")\nvpc2 = aws.ec2.Vpc(\"vpc2\", cidr_block=\"10.1.0.0/16\")\nsubnet1 = aws.ec2.Subnet(\"subnet1\",\n vpc_id=vpc1.id,\n cidr_block=\"10.0.1.0/24\",\n availability_zone=available.names[0])\nsubnet2 = aws.ec2.Subnet(\"subnet2\",\n vpc_id=vpc1.id,\n cidr_block=\"10.0.2.0/24\",\n availability_zone=available.names[1])\nsubnet3 = aws.ec2.Subnet(\"subnet3\",\n vpc_id=vpc2.id,\n cidr_block=\"10.1.1.0/24\",\n availability_zone=available.names[0])\ninstance1 = aws.ec2.Instance(\"instance1\",\n ami=amazon_linux.id,\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n subnet_id=subnet1.id)\ninstance2 = aws.ec2.Instance(\"instance2\",\n ami=amazon_linux.id,\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n subnet_id=subnet2.id)\ninstance3 = aws.ec2.Instance(\"instance3\",\n ami=amazon_linux.id,\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n subnet_id=subnet3.id)\ntgw = aws.ec2transitgateway.TransitGateway(\"tgw\", multicast_support=\"enable\")\nattachment1 = aws.ec2transitgateway.VpcAttachment(\"attachment1\",\n subnet_ids=[\n subnet1.id,\n subnet2.id,\n ],\n transit_gateway_id=tgw.id,\n vpc_id=vpc1.id)\nattachment2 = aws.ec2transitgateway.VpcAttachment(\"attachment2\",\n subnet_ids=[subnet3.id],\n transit_gateway_id=tgw.id,\n vpc_id=vpc2.id)\ndomain = aws.ec2transitgateway.MulticastDomain(\"domain\",\n transit_gateway_id=tgw.id,\n static_sources_support=\"enable\",\n tags={\n \"Name\": \"Transit_Gateway_Multicast_Domain_Example\",\n })\nassociation3 = aws.ec2transitgateway.MulticastDomainAssociation(\"association3\",\n subnet_id=subnet3.id,\n transit_gateway_attachment_id=attachment2.id,\n transit_gateway_multicast_domain_id=domain.id)\nsource = aws.ec2transitgateway.MulticastGroupSource(\"source\",\n group_ip_address=\"224.0.0.1\",\n network_interface_id=instance3.primary_network_interface_id,\n transit_gateway_multicast_domain_id=association3.transit_gateway_multicast_domain_id)\nassociation1 = aws.ec2transitgateway.MulticastDomainAssociation(\"association1\",\n subnet_id=subnet1.id,\n transit_gateway_attachment_id=attachment1.id,\n transit_gateway_multicast_domain_id=domain.id)\nassociation2 = aws.ec2transitgateway.MulticastDomainAssociation(\"association2\",\n subnet_id=subnet2.id,\n transit_gateway_attachment_id=attachment2.id,\n transit_gateway_multicast_domain_id=domain.id)\nmember1 = aws.ec2transitgateway.MulticastGroupMember(\"member1\",\n group_ip_address=\"224.0.0.1\",\n network_interface_id=instance1.primary_network_interface_id,\n transit_gateway_multicast_domain_id=association1.transit_gateway_multicast_domain_id)\nmember2 = aws.ec2transitgateway.MulticastGroupMember(\"member2\",\n group_ip_address=\"224.0.0.1\",\n network_interface_id=instance2.primary_network_interface_id,\n transit_gateway_multicast_domain_id=association1.transit_gateway_multicast_domain_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var amazonLinux = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"amazon\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"amzn-ami-hvm-*-x86_64-gp2\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"owner-alias\",\n Values = new[]\n {\n \"amazon\",\n },\n },\n },\n });\n\n var vpc1 = new Aws.Ec2.Vpc(\"vpc1\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var vpc2 = new Aws.Ec2.Vpc(\"vpc2\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var subnet1 = new Aws.Ec2.Subnet(\"subnet1\", new()\n {\n VpcId = vpc1.Id,\n CidrBlock = \"10.0.1.0/24\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n var subnet2 = new Aws.Ec2.Subnet(\"subnet2\", new()\n {\n VpcId = vpc1.Id,\n CidrBlock = \"10.0.2.0/24\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n });\n\n var subnet3 = new Aws.Ec2.Subnet(\"subnet3\", new()\n {\n VpcId = vpc2.Id,\n CidrBlock = \"10.1.1.0/24\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n var instance1 = new Aws.Ec2.Instance(\"instance1\", new()\n {\n Ami = amazonLinux.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n SubnetId = subnet1.Id,\n });\n\n var instance2 = new Aws.Ec2.Instance(\"instance2\", new()\n {\n Ami = amazonLinux.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n SubnetId = subnet2.Id,\n });\n\n var instance3 = new Aws.Ec2.Instance(\"instance3\", new()\n {\n Ami = amazonLinux.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n SubnetId = subnet3.Id,\n });\n\n var tgw = new Aws.Ec2TransitGateway.TransitGateway(\"tgw\", new()\n {\n MulticastSupport = \"enable\",\n });\n\n var attachment1 = new Aws.Ec2TransitGateway.VpcAttachment(\"attachment1\", new()\n {\n SubnetIds = new[]\n {\n subnet1.Id,\n subnet2.Id,\n },\n TransitGatewayId = tgw.Id,\n VpcId = vpc1.Id,\n });\n\n var attachment2 = new Aws.Ec2TransitGateway.VpcAttachment(\"attachment2\", new()\n {\n SubnetIds = new[]\n {\n subnet3.Id,\n },\n TransitGatewayId = tgw.Id,\n VpcId = vpc2.Id,\n });\n\n var domain = new Aws.Ec2TransitGateway.MulticastDomain(\"domain\", new()\n {\n TransitGatewayId = tgw.Id,\n StaticSourcesSupport = \"enable\",\n Tags = \n {\n { \"Name\", \"Transit_Gateway_Multicast_Domain_Example\" },\n },\n });\n\n var association3 = new Aws.Ec2TransitGateway.MulticastDomainAssociation(\"association3\", new()\n {\n SubnetId = subnet3.Id,\n TransitGatewayAttachmentId = attachment2.Id,\n TransitGatewayMulticastDomainId = domain.Id,\n });\n\n var source = new Aws.Ec2TransitGateway.MulticastGroupSource(\"source\", new()\n {\n GroupIpAddress = \"224.0.0.1\",\n NetworkInterfaceId = instance3.PrimaryNetworkInterfaceId,\n TransitGatewayMulticastDomainId = association3.TransitGatewayMulticastDomainId,\n });\n\n var association1 = new Aws.Ec2TransitGateway.MulticastDomainAssociation(\"association1\", new()\n {\n SubnetId = subnet1.Id,\n TransitGatewayAttachmentId = attachment1.Id,\n TransitGatewayMulticastDomainId = domain.Id,\n });\n\n var association2 = new Aws.Ec2TransitGateway.MulticastDomainAssociation(\"association2\", new()\n {\n SubnetId = subnet2.Id,\n TransitGatewayAttachmentId = attachment2.Id,\n TransitGatewayMulticastDomainId = domain.Id,\n });\n\n var member1 = new Aws.Ec2TransitGateway.MulticastGroupMember(\"member1\", new()\n {\n GroupIpAddress = \"224.0.0.1\",\n NetworkInterfaceId = instance1.PrimaryNetworkInterfaceId,\n TransitGatewayMulticastDomainId = association1.TransitGatewayMulticastDomainId,\n });\n\n var member2 = new Aws.Ec2TransitGateway.MulticastGroupMember(\"member2\", new()\n {\n GroupIpAddress = \"224.0.0.1\",\n NetworkInterfaceId = instance2.PrimaryNetworkInterfaceId,\n TransitGatewayMulticastDomainId = association1.TransitGatewayMulticastDomainId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamazonLinux, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amzn-ami-hvm-*-x86_64-gp2\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"owner-alias\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amazon\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpc1, err := ec2.NewVpc(ctx, \"vpc1\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpc2, err := ec2.NewVpc(ctx, \"vpc2\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnet1, err := ec2.NewSubnet(ctx, \"subnet1\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: vpc1.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnet2, err := ec2.NewSubnet(ctx, \"subnet2\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: vpc1.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[1]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnet3, err := ec2.NewSubnet(ctx, \"subnet3\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: vpc2.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance1, err := ec2.NewInstance(ctx, \"instance1\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(amazonLinux.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tSubnetId: subnet1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance2, err := ec2.NewInstance(ctx, \"instance2\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(amazonLinux.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tSubnetId: subnet2.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance3, err := ec2.NewInstance(ctx, \"instance3\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(amazonLinux.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tSubnetId: subnet3.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttgw, err := ec2transitgateway.NewTransitGateway(ctx, \"tgw\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tMulticastSupport: pulumi.String(\"enable\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tattachment1, err := ec2transitgateway.NewVpcAttachment(ctx, \"attachment1\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tsubnet1.ID(),\n\t\t\t\tsubnet2.ID(),\n\t\t\t},\n\t\t\tTransitGatewayId: tgw.ID(),\n\t\t\tVpcId: vpc1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tattachment2, err := ec2transitgateway.NewVpcAttachment(ctx, \"attachment2\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tsubnet3.ID(),\n\t\t\t},\n\t\t\tTransitGatewayId: tgw.ID(),\n\t\t\tVpcId: vpc2.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := ec2transitgateway.NewMulticastDomain(ctx, \"domain\", \u0026ec2transitgateway.MulticastDomainArgs{\n\t\t\tTransitGatewayId: tgw.ID(),\n\t\t\tStaticSourcesSupport: pulumi.String(\"enable\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Transit_Gateway_Multicast_Domain_Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassociation3, err := ec2transitgateway.NewMulticastDomainAssociation(ctx, \"association3\", \u0026ec2transitgateway.MulticastDomainAssociationArgs{\n\t\t\tSubnetId: subnet3.ID(),\n\t\t\tTransitGatewayAttachmentId: attachment2.ID(),\n\t\t\tTransitGatewayMulticastDomainId: domain.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewMulticastGroupSource(ctx, \"source\", \u0026ec2transitgateway.MulticastGroupSourceArgs{\n\t\t\tGroupIpAddress: pulumi.String(\"224.0.0.1\"),\n\t\t\tNetworkInterfaceId: instance3.PrimaryNetworkInterfaceId,\n\t\t\tTransitGatewayMulticastDomainId: association3.TransitGatewayMulticastDomainId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassociation1, err := ec2transitgateway.NewMulticastDomainAssociation(ctx, \"association1\", \u0026ec2transitgateway.MulticastDomainAssociationArgs{\n\t\t\tSubnetId: subnet1.ID(),\n\t\t\tTransitGatewayAttachmentId: attachment1.ID(),\n\t\t\tTransitGatewayMulticastDomainId: domain.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewMulticastDomainAssociation(ctx, \"association2\", \u0026ec2transitgateway.MulticastDomainAssociationArgs{\n\t\t\tSubnetId: subnet2.ID(),\n\t\t\tTransitGatewayAttachmentId: attachment2.ID(),\n\t\t\tTransitGatewayMulticastDomainId: domain.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewMulticastGroupMember(ctx, \"member1\", \u0026ec2transitgateway.MulticastGroupMemberArgs{\n\t\t\tGroupIpAddress: pulumi.String(\"224.0.0.1\"),\n\t\t\tNetworkInterfaceId: instance1.PrimaryNetworkInterfaceId,\n\t\t\tTransitGatewayMulticastDomainId: association1.TransitGatewayMulticastDomainId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewMulticastGroupMember(ctx, \"member2\", \u0026ec2transitgateway.MulticastGroupMemberArgs{\n\t\t\tGroupIpAddress: pulumi.String(\"224.0.0.1\"),\n\t\t\tNetworkInterfaceId: instance2.PrimaryNetworkInterfaceId,\n\t\t\tTransitGatewayMulticastDomainId: association1.TransitGatewayMulticastDomainId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachment;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomain;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainAssociation;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainAssociationArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupSource;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupSourceArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupMember;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n final var amazonLinux = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .owners(\"amazon\")\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"amzn-ami-hvm-*-x86_64-gp2\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"owner-alias\")\n .values(\"amazon\")\n .build())\n .build());\n\n var vpc1 = new Vpc(\"vpc1\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var vpc2 = new Vpc(\"vpc2\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var subnet1 = new Subnet(\"subnet1\", SubnetArgs.builder()\n .vpcId(vpc1.id())\n .cidrBlock(\"10.0.1.0/24\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n var subnet2 = new Subnet(\"subnet2\", SubnetArgs.builder()\n .vpcId(vpc1.id())\n .cidrBlock(\"10.0.2.0/24\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .build());\n\n var subnet3 = new Subnet(\"subnet3\", SubnetArgs.builder()\n .vpcId(vpc2.id())\n .cidrBlock(\"10.1.1.0/24\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n var instance1 = new Instance(\"instance1\", InstanceArgs.builder()\n .ami(amazonLinux.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t2.micro\")\n .subnetId(subnet1.id())\n .build());\n\n var instance2 = new Instance(\"instance2\", InstanceArgs.builder()\n .ami(amazonLinux.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t2.micro\")\n .subnetId(subnet2.id())\n .build());\n\n var instance3 = new Instance(\"instance3\", InstanceArgs.builder()\n .ami(amazonLinux.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t2.micro\")\n .subnetId(subnet3.id())\n .build());\n\n var tgw = new TransitGateway(\"tgw\", TransitGatewayArgs.builder()\n .multicastSupport(\"enable\")\n .build());\n\n var attachment1 = new VpcAttachment(\"attachment1\", VpcAttachmentArgs.builder()\n .subnetIds( \n subnet1.id(),\n subnet2.id())\n .transitGatewayId(tgw.id())\n .vpcId(vpc1.id())\n .build());\n\n var attachment2 = new VpcAttachment(\"attachment2\", VpcAttachmentArgs.builder()\n .subnetIds(subnet3.id())\n .transitGatewayId(tgw.id())\n .vpcId(vpc2.id())\n .build());\n\n var domain = new MulticastDomain(\"domain\", MulticastDomainArgs.builder()\n .transitGatewayId(tgw.id())\n .staticSourcesSupport(\"enable\")\n .tags(Map.of(\"Name\", \"Transit_Gateway_Multicast_Domain_Example\"))\n .build());\n\n var association3 = new MulticastDomainAssociation(\"association3\", MulticastDomainAssociationArgs.builder()\n .subnetId(subnet3.id())\n .transitGatewayAttachmentId(attachment2.id())\n .transitGatewayMulticastDomainId(domain.id())\n .build());\n\n var source = new MulticastGroupSource(\"source\", MulticastGroupSourceArgs.builder()\n .groupIpAddress(\"224.0.0.1\")\n .networkInterfaceId(instance3.primaryNetworkInterfaceId())\n .transitGatewayMulticastDomainId(association3.transitGatewayMulticastDomainId())\n .build());\n\n var association1 = new MulticastDomainAssociation(\"association1\", MulticastDomainAssociationArgs.builder()\n .subnetId(subnet1.id())\n .transitGatewayAttachmentId(attachment1.id())\n .transitGatewayMulticastDomainId(domain.id())\n .build());\n\n var association2 = new MulticastDomainAssociation(\"association2\", MulticastDomainAssociationArgs.builder()\n .subnetId(subnet2.id())\n .transitGatewayAttachmentId(attachment2.id())\n .transitGatewayMulticastDomainId(domain.id())\n .build());\n\n var member1 = new MulticastGroupMember(\"member1\", MulticastGroupMemberArgs.builder()\n .groupIpAddress(\"224.0.0.1\")\n .networkInterfaceId(instance1.primaryNetworkInterfaceId())\n .transitGatewayMulticastDomainId(association1.transitGatewayMulticastDomainId())\n .build());\n\n var member2 = new MulticastGroupMember(\"member2\", MulticastGroupMemberArgs.builder()\n .groupIpAddress(\"224.0.0.1\")\n .networkInterfaceId(instance2.primaryNetworkInterfaceId())\n .transitGatewayMulticastDomainId(association1.transitGatewayMulticastDomainId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpc1:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n vpc2:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n subnet1:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${vpc1.id}\n cidrBlock: 10.0.1.0/24\n availabilityZone: ${available.names[0]}\n subnet2:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${vpc1.id}\n cidrBlock: 10.0.2.0/24\n availabilityZone: ${available.names[1]}\n subnet3:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${vpc2.id}\n cidrBlock: 10.1.1.0/24\n availabilityZone: ${available.names[0]}\n instance1:\n type: aws:ec2:Instance\n properties:\n ami: ${amazonLinux.id}\n instanceType: t2.micro\n subnetId: ${subnet1.id}\n instance2:\n type: aws:ec2:Instance\n properties:\n ami: ${amazonLinux.id}\n instanceType: t2.micro\n subnetId: ${subnet2.id}\n instance3:\n type: aws:ec2:Instance\n properties:\n ami: ${amazonLinux.id}\n instanceType: t2.micro\n subnetId: ${subnet3.id}\n tgw:\n type: aws:ec2transitgateway:TransitGateway\n properties:\n multicastSupport: enable\n attachment1:\n type: aws:ec2transitgateway:VpcAttachment\n properties:\n subnetIds:\n - ${subnet1.id}\n - ${subnet2.id}\n transitGatewayId: ${tgw.id}\n vpcId: ${vpc1.id}\n attachment2:\n type: aws:ec2transitgateway:VpcAttachment\n properties:\n subnetIds:\n - ${subnet3.id}\n transitGatewayId: ${tgw.id}\n vpcId: ${vpc2.id}\n domain:\n type: aws:ec2transitgateway:MulticastDomain\n properties:\n transitGatewayId: ${tgw.id}\n staticSourcesSupport: enable\n tags:\n Name: Transit_Gateway_Multicast_Domain_Example\n association3:\n type: aws:ec2transitgateway:MulticastDomainAssociation\n properties:\n subnetId: ${subnet3.id}\n transitGatewayAttachmentId: ${attachment2.id}\n transitGatewayMulticastDomainId: ${domain.id}\n source:\n type: aws:ec2transitgateway:MulticastGroupSource\n properties:\n groupIpAddress: 224.0.0.1\n networkInterfaceId: ${instance3.primaryNetworkInterfaceId}\n transitGatewayMulticastDomainId: ${association3.transitGatewayMulticastDomainId}\n association1:\n type: aws:ec2transitgateway:MulticastDomainAssociation\n properties:\n subnetId: ${subnet1.id}\n transitGatewayAttachmentId: ${attachment1.id}\n transitGatewayMulticastDomainId: ${domain.id}\n association2:\n type: aws:ec2transitgateway:MulticastDomainAssociation\n properties:\n subnetId: ${subnet2.id}\n transitGatewayAttachmentId: ${attachment2.id}\n transitGatewayMulticastDomainId: ${domain.id}\n member1:\n type: aws:ec2transitgateway:MulticastGroupMember\n properties:\n groupIpAddress: 224.0.0.1\n networkInterfaceId: ${instance1.primaryNetworkInterfaceId}\n transitGatewayMulticastDomainId: ${association1.transitGatewayMulticastDomainId}\n member2:\n type: aws:ec2transitgateway:MulticastGroupMember\n properties:\n groupIpAddress: 224.0.0.1\n networkInterfaceId: ${instance2.primaryNetworkInterfaceId}\n transitGatewayMulticastDomainId: ${association1.transitGatewayMulticastDomainId}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n amazonLinux:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n owners:\n - amazon\n filters:\n - name: name\n values:\n - amzn-ami-hvm-*-x86_64-gp2\n - name: owner-alias\n values:\n - amazon\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_multicast_domain` using the EC2 Transit Gateway Multicast Domain identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/multicastDomain:MulticastDomain example tgw-mcast-domain-12345\n```\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Multicast Domain Amazon Resource Name (ARN).\n" }, "autoAcceptSharedAssociations": { "type": "string", "description": "Whether to automatically accept cross-account subnet associations that are associated with the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "igmpv2Support": { "type": "string", "description": "Whether to enable Internet Group Management Protocol (IGMP) version 2 for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway Multicast Domain.\n" }, "staticSourcesSupport": { "type": "string", "description": "Whether to enable support for statically configuring multicast group sources for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Multicast Domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier. The EC2 Transit Gateway must have `multicast_support` enabled.\n" } }, "required": [ "arn", "ownerId", "tagsAll", "transitGatewayId" ], "inputProperties": { "autoAcceptSharedAssociations": { "type": "string", "description": "Whether to automatically accept cross-account subnet associations that are associated with the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "igmpv2Support": { "type": "string", "description": "Whether to enable Internet Group Management Protocol (IGMP) version 2 for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "staticSourcesSupport": { "type": "string", "description": "Whether to enable support for statically configuring multicast group sources for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Multicast Domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier. The EC2 Transit Gateway must have `multicast_support` enabled.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MulticastDomain resources.\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Multicast Domain Amazon Resource Name (ARN).\n" }, "autoAcceptSharedAssociations": { "type": "string", "description": "Whether to automatically accept cross-account subnet associations that are associated with the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "igmpv2Support": { "type": "string", "description": "Whether to enable Internet Group Management Protocol (IGMP) version 2 for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway Multicast Domain.\n" }, "staticSourcesSupport": { "type": "string", "description": "Whether to enable support for statically configuring multicast group sources for the EC2 Transit Gateway Multicast Domain. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Multicast Domain. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier. The EC2 Transit Gateway must have `multicast_support` enabled.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/multicastDomainAssociation:MulticastDomainAssociation": { "description": "Associates the specified subnet and transit gateway attachment with the specified transit gateway multicast domain.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.TransitGateway(\"example\", {multicastSupport: \"enable\"});\nconst exampleVpcAttachment = new aws.ec2transitgateway.VpcAttachment(\"example\", {\n subnetIds: [exampleAwsSubnet.id],\n transitGatewayId: example.id,\n vpcId: exampleAwsVpc.id,\n});\nconst exampleMulticastDomain = new aws.ec2transitgateway.MulticastDomain(\"example\", {transitGatewayId: example.id});\nconst exampleMulticastDomainAssociation = new aws.ec2transitgateway.MulticastDomainAssociation(\"example\", {\n subnetId: exampleAwsSubnet.id,\n transitGatewayAttachmentId: exampleVpcAttachment.id,\n transitGatewayMulticastDomainId: exampleMulticastDomain.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.TransitGateway(\"example\", multicast_support=\"enable\")\nexample_vpc_attachment = aws.ec2transitgateway.VpcAttachment(\"example\",\n subnet_ids=[example_aws_subnet[\"id\"]],\n transit_gateway_id=example.id,\n vpc_id=example_aws_vpc[\"id\"])\nexample_multicast_domain = aws.ec2transitgateway.MulticastDomain(\"example\", transit_gateway_id=example.id)\nexample_multicast_domain_association = aws.ec2transitgateway.MulticastDomainAssociation(\"example\",\n subnet_id=example_aws_subnet[\"id\"],\n transit_gateway_attachment_id=example_vpc_attachment.id,\n transit_gateway_multicast_domain_id=example_multicast_domain.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new()\n {\n MulticastSupport = \"enable\",\n });\n\n var exampleVpcAttachment = new Aws.Ec2TransitGateway.VpcAttachment(\"example\", new()\n {\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n TransitGatewayId = example.Id,\n VpcId = exampleAwsVpc.Id,\n });\n\n var exampleMulticastDomain = new Aws.Ec2TransitGateway.MulticastDomain(\"example\", new()\n {\n TransitGatewayId = example.Id,\n });\n\n var exampleMulticastDomainAssociation = new Aws.Ec2TransitGateway.MulticastDomainAssociation(\"example\", new()\n {\n SubnetId = exampleAwsSubnet.Id,\n TransitGatewayAttachmentId = exampleVpcAttachment.Id,\n TransitGatewayMulticastDomainId = exampleMulticastDomain.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tMulticastSupport: pulumi.String(\"enable\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcAttachment, err := ec2transitgateway.NewVpcAttachment(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tTransitGatewayId: example.ID(),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleMulticastDomain, err := ec2transitgateway.NewMulticastDomain(ctx, \"example\", \u0026ec2transitgateway.MulticastDomainArgs{\n\t\t\tTransitGatewayId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewMulticastDomainAssociation(ctx, \"example\", \u0026ec2transitgateway.MulticastDomainAssociationArgs{\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tTransitGatewayAttachmentId: exampleVpcAttachment.ID(),\n\t\t\tTransitGatewayMulticastDomainId: exampleMulticastDomain.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachment;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomain;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainArgs;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainAssociation;\nimport com.pulumi.aws.ec2transitgateway.MulticastDomainAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGateway(\"example\", TransitGatewayArgs.builder()\n .multicastSupport(\"enable\")\n .build());\n\n var exampleVpcAttachment = new VpcAttachment(\"exampleVpcAttachment\", VpcAttachmentArgs.builder()\n .subnetIds(exampleAwsSubnet.id())\n .transitGatewayId(example.id())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n var exampleMulticastDomain = new MulticastDomain(\"exampleMulticastDomain\", MulticastDomainArgs.builder()\n .transitGatewayId(example.id())\n .build());\n\n var exampleMulticastDomainAssociation = new MulticastDomainAssociation(\"exampleMulticastDomainAssociation\", MulticastDomainAssociationArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .transitGatewayAttachmentId(exampleVpcAttachment.id())\n .transitGatewayMulticastDomainId(exampleMulticastDomain.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:TransitGateway\n properties:\n multicastSupport: enable\n exampleVpcAttachment:\n type: aws:ec2transitgateway:VpcAttachment\n name: example\n properties:\n subnetIds:\n - ${exampleAwsSubnet.id}\n transitGatewayId: ${example.id}\n vpcId: ${exampleAwsVpc.id}\n exampleMulticastDomain:\n type: aws:ec2transitgateway:MulticastDomain\n name: example\n properties:\n transitGatewayId: ${example.id}\n exampleMulticastDomainAssociation:\n type: aws:ec2transitgateway:MulticastDomainAssociation\n name: example\n properties:\n subnetId: ${exampleAwsSubnet.id}\n transitGatewayAttachmentId: ${exampleVpcAttachment.id}\n transitGatewayMulticastDomainId: ${exampleMulticastDomain.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the transit gateway multicast domain.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the transit gateway attachment.\n" }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n" } }, "required": [ "subnetId", "transitGatewayAttachmentId", "transitGatewayMulticastDomainId" ], "inputProperties": { "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the transit gateway multicast domain.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the transit gateway attachment.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "subnetId", "transitGatewayAttachmentId", "transitGatewayMulticastDomainId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MulticastDomainAssociation resources.\n", "properties": { "subnetId": { "type": "string", "description": "The ID of the subnet to associate with the transit gateway multicast domain.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the transit gateway attachment.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/multicastGroupMember:MulticastGroupMember": { "description": "Registers members (network interfaces) with the transit gateway multicast group.\nA member is a network interface associated with a supported EC2 instance that receives multicast traffic.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.MulticastGroupMember(\"example\", {\n groupIpAddress: \"224.0.0.1\",\n networkInterfaceId: exampleAwsNetworkInterface.id,\n transitGatewayMulticastDomainId: exampleAwsEc2TransitGatewayMulticastDomain.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.MulticastGroupMember(\"example\",\n group_ip_address=\"224.0.0.1\",\n network_interface_id=example_aws_network_interface[\"id\"],\n transit_gateway_multicast_domain_id=example_aws_ec2_transit_gateway_multicast_domain[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.MulticastGroupMember(\"example\", new()\n {\n GroupIpAddress = \"224.0.0.1\",\n NetworkInterfaceId = exampleAwsNetworkInterface.Id,\n TransitGatewayMulticastDomainId = exampleAwsEc2TransitGatewayMulticastDomain.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewMulticastGroupMember(ctx, \"example\", \u0026ec2transitgateway.MulticastGroupMemberArgs{\n\t\t\tGroupIpAddress: pulumi.String(\"224.0.0.1\"),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsNetworkInterface.Id),\n\t\t\tTransitGatewayMulticastDomainId: pulumi.Any(exampleAwsEc2TransitGatewayMulticastDomain.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupMember;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MulticastGroupMember(\"example\", MulticastGroupMemberArgs.builder()\n .groupIpAddress(\"224.0.0.1\")\n .networkInterfaceId(exampleAwsNetworkInterface.id())\n .transitGatewayMulticastDomainId(exampleAwsEc2TransitGatewayMulticastDomain.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:MulticastGroupMember\n properties:\n groupIpAddress: 224.0.0.1\n networkInterfaceId: ${exampleAwsNetworkInterface.id}\n transitGatewayMulticastDomainId: ${exampleAwsEc2TransitGatewayMulticastDomain.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n" }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n" }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n" } }, "required": [ "groupIpAddress", "networkInterfaceId", "transitGatewayMulticastDomainId" ], "inputProperties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupIpAddress", "networkInterfaceId", "transitGatewayMulticastDomainId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MulticastGroupMember resources.\n", "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/multicastGroupSource:MulticastGroupSource": { "description": "Registers sources (network interfaces) with the transit gateway multicast group.\nA multicast source is a network interface attached to a supported instance that sends multicast traffic.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.MulticastGroupSource(\"example\", {\n groupIpAddress: \"224.0.0.1\",\n networkInterfaceId: exampleAwsNetworkInterface.id,\n transitGatewayMulticastDomainId: exampleAwsEc2TransitGatewayMulticastDomain.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.MulticastGroupSource(\"example\",\n group_ip_address=\"224.0.0.1\",\n network_interface_id=example_aws_network_interface[\"id\"],\n transit_gateway_multicast_domain_id=example_aws_ec2_transit_gateway_multicast_domain[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.MulticastGroupSource(\"example\", new()\n {\n GroupIpAddress = \"224.0.0.1\",\n NetworkInterfaceId = exampleAwsNetworkInterface.Id,\n TransitGatewayMulticastDomainId = exampleAwsEc2TransitGatewayMulticastDomain.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewMulticastGroupSource(ctx, \"example\", \u0026ec2transitgateway.MulticastGroupSourceArgs{\n\t\t\tGroupIpAddress: pulumi.String(\"224.0.0.1\"),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsNetworkInterface.Id),\n\t\t\tTransitGatewayMulticastDomainId: pulumi.Any(exampleAwsEc2TransitGatewayMulticastDomain.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupSource;\nimport com.pulumi.aws.ec2transitgateway.MulticastGroupSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MulticastGroupSource(\"example\", MulticastGroupSourceArgs.builder()\n .groupIpAddress(\"224.0.0.1\")\n .networkInterfaceId(exampleAwsNetworkInterface.id())\n .transitGatewayMulticastDomainId(exampleAwsEc2TransitGatewayMulticastDomain.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:MulticastGroupSource\n properties:\n groupIpAddress: 224.0.0.1\n networkInterfaceId: ${exampleAwsNetworkInterface.id}\n transitGatewayMulticastDomainId: ${exampleAwsEc2TransitGatewayMulticastDomain.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n" }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n" }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n" } }, "required": [ "groupIpAddress", "networkInterfaceId", "transitGatewayMulticastDomainId" ], "inputProperties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupIpAddress", "networkInterfaceId", "transitGatewayMulticastDomainId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MulticastGroupSource resources.\n", "properties": { "groupIpAddress": { "type": "string", "description": "The IP address assigned to the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The group members' network interface ID to register with the transit gateway multicast group.\n", "willReplaceOnChanges": true }, "transitGatewayMulticastDomainId": { "type": "string", "description": "The ID of the transit gateway multicast domain.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/peeringAttachment:PeeringAttachment": { "description": "Manages an EC2 Transit Gateway Peering Attachment.\nFor examples of custom route table association and propagation, see the [EC2 Transit Gateway Networking Examples Guide](https://docs.aws.amazon.com/vpc/latest/tgw/TGW_Scenarios.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst peer = aws.getRegion({});\nconst local = new aws.ec2transitgateway.TransitGateway(\"local\", {tags: {\n Name: \"Local TGW\",\n}});\nconst peerTransitGateway = new aws.ec2transitgateway.TransitGateway(\"peer\", {tags: {\n Name: \"Peer TGW\",\n}});\nconst example = new aws.ec2transitgateway.PeeringAttachment(\"example\", {\n peerAccountId: peerTransitGateway.ownerId,\n peerRegion: peer.then(peer =\u003e peer.name),\n peerTransitGatewayId: peerTransitGateway.id,\n transitGatewayId: local.id,\n tags: {\n Name: \"TGW Peering Requestor\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npeer = aws.get_region()\nlocal = aws.ec2transitgateway.TransitGateway(\"local\", tags={\n \"Name\": \"Local TGW\",\n})\npeer_transit_gateway = aws.ec2transitgateway.TransitGateway(\"peer\", tags={\n \"Name\": \"Peer TGW\",\n})\nexample = aws.ec2transitgateway.PeeringAttachment(\"example\",\n peer_account_id=peer_transit_gateway.owner_id,\n peer_region=peer.name,\n peer_transit_gateway_id=peer_transit_gateway.id,\n transit_gateway_id=local.id,\n tags={\n \"Name\": \"TGW Peering Requestor\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = Aws.GetRegion.Invoke();\n\n var local = new Aws.Ec2TransitGateway.TransitGateway(\"local\", new()\n {\n Tags = \n {\n { \"Name\", \"Local TGW\" },\n },\n });\n\n var peerTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"peer\", new()\n {\n Tags = \n {\n { \"Name\", \"Peer TGW\" },\n },\n });\n\n var example = new Aws.Ec2TransitGateway.PeeringAttachment(\"example\", new()\n {\n PeerAccountId = peerTransitGateway.OwnerId,\n PeerRegion = peer.Apply(getRegionResult =\u003e getRegionResult.Name),\n PeerTransitGatewayId = peerTransitGateway.Id,\n TransitGatewayId = local.Id,\n Tags = \n {\n { \"Name\", \"TGW Peering Requestor\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpeer, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlocal, err := ec2transitgateway.NewTransitGateway(ctx, \"local\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Local TGW\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpeerTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"peer\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Peer TGW\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2transitgateway.NewPeeringAttachment(ctx, \"example\", \u0026ec2transitgateway.PeeringAttachmentArgs{\n\t\t\tPeerAccountId: peerTransitGateway.OwnerId,\n\t\t\tPeerRegion: pulumi.String(peer.Name),\n\t\t\tPeerTransitGatewayId: peerTransitGateway.ID(),\n\t\t\tTransitGatewayId: local.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"TGW Peering Requestor\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.PeeringAttachment;\nimport com.pulumi.aws.ec2transitgateway.PeeringAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var peer = AwsFunctions.getRegion();\n\n var local = new TransitGateway(\"local\", TransitGatewayArgs.builder()\n .tags(Map.of(\"Name\", \"Local TGW\"))\n .build());\n\n var peerTransitGateway = new TransitGateway(\"peerTransitGateway\", TransitGatewayArgs.builder()\n .tags(Map.of(\"Name\", \"Peer TGW\"))\n .build());\n\n var example = new PeeringAttachment(\"example\", PeeringAttachmentArgs.builder()\n .peerAccountId(peerTransitGateway.ownerId())\n .peerRegion(peer.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .peerTransitGatewayId(peerTransitGateway.id())\n .transitGatewayId(local.id())\n .tags(Map.of(\"Name\", \"TGW Peering Requestor\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n local:\n type: aws:ec2transitgateway:TransitGateway\n properties:\n tags:\n Name: Local TGW\n peerTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: peer\n properties:\n tags:\n Name: Peer TGW\n example:\n type: aws:ec2transitgateway:PeeringAttachment\n properties:\n peerAccountId: ${peerTransitGateway.ownerId}\n peerRegion: ${peer.name}\n peerTransitGatewayId: ${peerTransitGateway.id}\n transitGatewayId: ${local.id}\n tags:\n Name: TGW Peering Requestor\nvariables:\n peer:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_peering_attachment` using the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/peeringAttachment:PeeringAttachment example tgw-attach-12345678\n```\n", "properties": { "options": { "$ref": "#/types/aws:ec2transitgateway/PeeringAttachmentOptions:PeeringAttachmentOptions", "description": "Describes whether dynamic routing is enabled or disabled for the transit gateway peering request. See options below for more details!\n" }, "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the AWS provider is currently connected to.\n" }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "peerAccountId", "peerRegion", "peerTransitGatewayId", "state", "tagsAll", "transitGatewayId" ], "inputProperties": { "options": { "$ref": "#/types/aws:ec2transitgateway/PeeringAttachmentOptions:PeeringAttachmentOptions", "description": "Describes whether dynamic routing is enabled or disabled for the transit gateway peering request. See options below for more details!\n", "willReplaceOnChanges": true }, "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n", "willReplaceOnChanges": true }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "peerRegion", "peerTransitGatewayId", "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PeeringAttachment resources.\n", "properties": { "options": { "$ref": "#/types/aws:ec2transitgateway/PeeringAttachmentOptions:PeeringAttachmentOptions", "description": "Describes whether dynamic routing is enabled or disabled for the transit gateway peering request. See options below for more details!\n", "willReplaceOnChanges": true }, "peerAccountId": { "type": "string", "description": "Account ID of EC2 Transit Gateway to peer with. Defaults to the account ID the AWS provider is currently connected to.\n", "willReplaceOnChanges": true }, "peerRegion": { "type": "string", "description": "Region of EC2 Transit Gateway to peer with.\n", "willReplaceOnChanges": true }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n", "willReplaceOnChanges": true }, "state": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/peeringAttachmentAccepter:PeeringAttachmentAccepter": { "description": "Manages the accepter's side of an EC2 Transit Gateway Peering Attachment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.PeeringAttachmentAccepter(\"example\", {\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayPeeringAttachment.id,\n tags: {\n Name: \"Example cross-account attachment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.PeeringAttachmentAccepter(\"example\",\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_peering_attachment[\"id\"],\n tags={\n \"Name\": \"Example cross-account attachment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.PeeringAttachmentAccepter(\"example\", new()\n {\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayPeeringAttachment.Id,\n Tags = \n {\n { \"Name\", \"Example cross-account attachment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewPeeringAttachmentAccepter(ctx, \"example\", \u0026ec2transitgateway.PeeringAttachmentAccepterArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayPeeringAttachment.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example cross-account attachment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.PeeringAttachmentAccepter;\nimport com.pulumi.aws.ec2transitgateway.PeeringAttachmentAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PeeringAttachmentAccepter(\"example\", PeeringAttachmentAccepterArgs.builder()\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayPeeringAttachment.id())\n .tags(Map.of(\"Name\", \"Example cross-account attachment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:PeeringAttachmentAccepter\n properties:\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayPeeringAttachment.id}\n tags:\n Name: Example cross-account attachment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_peering_attachment_accepter` using the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/peeringAttachmentAccepter:PeeringAttachmentAccepter example tgw-attach-12345678\n```\n", "properties": { "peerAccountId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 TGW peering.\n" }, "peerRegion": { "type": "string" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "peerAccountId", "peerRegion", "peerTransitGatewayId", "tagsAll", "transitGatewayAttachmentId", "transitGatewayId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PeeringAttachmentAccepter resources.\n", "properties": { "peerAccountId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 TGW peering.\n" }, "peerRegion": { "type": "string" }, "peerTransitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway to peer with.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Peering Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Peering Attachment to manage.\n", "willReplaceOnChanges": true }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:ec2/transitGatewayPeeringAttachmentAccepter:TransitGatewayPeeringAttachmentAccepter" } ] }, "aws:ec2transitgateway/policyTable:PolicyTable": { "description": "Manages an EC2 Transit Gateway Policy Table.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.PolicyTable(\"example\", {\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n tags: {\n Name: \"Example Policy Table\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.PolicyTable(\"example\",\n transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"],\n tags={\n \"Name\": \"Example Policy Table\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.PolicyTable(\"example\", new()\n {\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n Tags = \n {\n { \"Name\", \"Example Policy Table\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewPolicyTable(ctx, \"example\", \u0026ec2transitgateway.PolicyTableArgs{\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Policy Table\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.PolicyTable;\nimport com.pulumi.aws.ec2transitgateway.PolicyTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyTable(\"example\", PolicyTableArgs.builder()\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .tags(Map.of(\"Name\", \"Example Policy Table\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:PolicyTable\n properties:\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n tags:\n Name: Example Policy Table\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_policy_table` using the EC2 Transit Gateway Policy Table identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/policyTable:PolicyTable example tgw-rtb-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Policy Table Amazon Resource Name (ARN).\n" }, "state": { "type": "string", "description": "The state of the EC2 Transit Gateway Policy Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Policy Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier.\n" } }, "required": [ "arn", "state", "tagsAll", "transitGatewayId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Policy Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyTable resources.\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Policy Table Amazon Resource Name (ARN).\n" }, "state": { "type": "string", "description": "The state of the EC2 Transit Gateway Policy Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Policy Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway identifier.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/policyTableAssociation:PolicyTableAssociation": { "description": "Manages an EC2 Transit Gateway Policy Table association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.PolicyTableAssociation(\"example\", {\n transitGatewayAttachmentId: exampleAwsNetworkmanagerTransitGatewayPeering.transitGatewayPeeringAttachmentId,\n transitGatewayPolicyTableId: exampleAwsEc2TransitGatewayPolicyTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.PolicyTableAssociation(\"example\",\n transit_gateway_attachment_id=example_aws_networkmanager_transit_gateway_peering[\"transitGatewayPeeringAttachmentId\"],\n transit_gateway_policy_table_id=example_aws_ec2_transit_gateway_policy_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.PolicyTableAssociation(\"example\", new()\n {\n TransitGatewayAttachmentId = exampleAwsNetworkmanagerTransitGatewayPeering.TransitGatewayPeeringAttachmentId,\n TransitGatewayPolicyTableId = exampleAwsEc2TransitGatewayPolicyTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewPolicyTableAssociation(ctx, \"example\", \u0026ec2transitgateway.PolicyTableAssociationArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsNetworkmanagerTransitGatewayPeering.TransitGatewayPeeringAttachmentId),\n\t\t\tTransitGatewayPolicyTableId: pulumi.Any(exampleAwsEc2TransitGatewayPolicyTable.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.PolicyTableAssociation;\nimport com.pulumi.aws.ec2transitgateway.PolicyTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyTableAssociation(\"example\", PolicyTableAssociationArgs.builder()\n .transitGatewayAttachmentId(exampleAwsNetworkmanagerTransitGatewayPeering.transitGatewayPeeringAttachmentId())\n .transitGatewayPolicyTableId(exampleAwsEc2TransitGatewayPolicyTable.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:PolicyTableAssociation\n properties:\n transitGatewayAttachmentId: ${exampleAwsNetworkmanagerTransitGatewayPeering.transitGatewayPeeringAttachmentId}\n transitGatewayPolicyTableId: ${exampleAwsEc2TransitGatewayPolicyTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_policy_table_association` using the EC2 Transit Gateway Policy Table identifier, an underscore, and the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/policyTableAssociation:PolicyTableAssociation example tgw-rtb-12345678_tgw-attach-87654321\n```\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayPolicyTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Policy Table.\n" } }, "required": [ "resourceId", "resourceType", "transitGatewayAttachmentId", "transitGatewayPolicyTableId" ], "inputProperties": { "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayPolicyTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Policy Table.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayAttachmentId", "transitGatewayPolicyTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyTableAssociation resources.\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayPolicyTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Policy Table.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/prefixListReference:PrefixListReference": { "description": "Manages an EC2 Transit Gateway Prefix List Reference.\n\n## Example Usage\n\n### Attachment Routing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.PrefixListReference(\"example\", {\n prefixListId: exampleAwsEc2ManagedPrefixList.id,\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n transitGatewayRouteTableId: exampleAwsEc2TransitGateway.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.PrefixListReference(\"example\",\n prefix_list_id=example_aws_ec2_managed_prefix_list[\"id\"],\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway[\"associationDefaultRouteTableId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.PrefixListReference(\"example\", new()\n {\n PrefixListId = exampleAwsEc2ManagedPrefixList.Id,\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewPrefixListReference(ctx, \"example\", \u0026ec2transitgateway.PrefixListReferenceArgs{\n\t\t\tPrefixListId: pulumi.Any(exampleAwsEc2ManagedPrefixList.Id),\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.PrefixListReference;\nimport com.pulumi.aws.ec2transitgateway.PrefixListReferenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PrefixListReference(\"example\", PrefixListReferenceArgs.builder()\n .prefixListId(exampleAwsEc2ManagedPrefixList.id())\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .transitGatewayRouteTableId(exampleAwsEc2TransitGateway.associationDefaultRouteTableId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:PrefixListReference\n properties:\n prefixListId: ${exampleAwsEc2ManagedPrefixList.id}\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGateway.associationDefaultRouteTableId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blackhole Routing\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.PrefixListReference(\"example\", {\n blackhole: true,\n prefixListId: exampleAwsEc2ManagedPrefixList.id,\n transitGatewayRouteTableId: exampleAwsEc2TransitGateway.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.PrefixListReference(\"example\",\n blackhole=True,\n prefix_list_id=example_aws_ec2_managed_prefix_list[\"id\"],\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway[\"associationDefaultRouteTableId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.PrefixListReference(\"example\", new()\n {\n Blackhole = true,\n PrefixListId = exampleAwsEc2ManagedPrefixList.Id,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewPrefixListReference(ctx, \"example\", \u0026ec2transitgateway.PrefixListReferenceArgs{\n\t\t\tBlackhole: pulumi.Bool(true),\n\t\t\tPrefixListId: pulumi.Any(exampleAwsEc2ManagedPrefixList.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.PrefixListReference;\nimport com.pulumi.aws.ec2transitgateway.PrefixListReferenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PrefixListReference(\"example\", PrefixListReferenceArgs.builder()\n .blackhole(true)\n .prefixListId(exampleAwsEc2ManagedPrefixList.id())\n .transitGatewayRouteTableId(exampleAwsEc2TransitGateway.associationDefaultRouteTableId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:PrefixListReference\n properties:\n blackhole: true\n prefixListId: ${exampleAwsEc2ManagedPrefixList.id}\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGateway.associationDefaultRouteTableId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_prefix_list_reference` using the EC2 Transit Gateway Route Table identifier and EC2 Prefix List identifier, separated by an underscore (`_`). For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/prefixListReference:PrefixListReference example tgw-rtb-12345678_pl-12345678\n```\n", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches the Prefix List. Defaults to `false`.\n" }, "prefixListId": { "type": "string", "description": "Identifier of EC2 Prefix List.\n" }, "prefixListOwnerId": { "type": "string" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nThe following arguments are optional:\n" } }, "required": [ "prefixListId", "prefixListOwnerId", "transitGatewayRouteTableId" ], "inputProperties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches the Prefix List. Defaults to `false`.\n" }, "prefixListId": { "type": "string", "description": "Identifier of EC2 Prefix List.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "prefixListId", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrefixListReference resources.\n", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches the Prefix List. Defaults to `false`.\n" }, "prefixListId": { "type": "string", "description": "Identifier of EC2 Prefix List.\n", "willReplaceOnChanges": true }, "prefixListOwnerId": { "type": "string" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/route:Route": { "description": "Manages an EC2 Transit Gateway Route.\n\n## Example Usage\n\n### Standard usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.Route(\"example\", {\n destinationCidrBlock: \"0.0.0.0/0\",\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n transitGatewayRouteTableId: exampleAwsEc2TransitGateway.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.Route(\"example\",\n destination_cidr_block=\"0.0.0.0/0\",\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway[\"associationDefaultRouteTableId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.Route(\"example\", new()\n {\n DestinationCidrBlock = \"0.0.0.0/0\",\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewRoute(ctx, \"example\", \u0026ec2transitgateway.RouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Route;\nimport com.pulumi.aws.ec2transitgateway.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Route(\"example\", RouteArgs.builder()\n .destinationCidrBlock(\"0.0.0.0/0\")\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .transitGatewayRouteTableId(exampleAwsEc2TransitGateway.associationDefaultRouteTableId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:Route\n properties:\n destinationCidrBlock: 0.0.0.0/0\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGateway.associationDefaultRouteTableId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blackhole route\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.Route(\"example\", {\n destinationCidrBlock: \"0.0.0.0/0\",\n blackhole: true,\n transitGatewayRouteTableId: exampleAwsEc2TransitGateway.associationDefaultRouteTableId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.Route(\"example\",\n destination_cidr_block=\"0.0.0.0/0\",\n blackhole=True,\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway[\"associationDefaultRouteTableId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.Route(\"example\", new()\n {\n DestinationCidrBlock = \"0.0.0.0/0\",\n Blackhole = true,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewRoute(ctx, \"example\", \u0026ec2transitgateway.RouteArgs{\n\t\t\tDestinationCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\tBlackhole: pulumi.Bool(true),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGateway.AssociationDefaultRouteTableId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Route;\nimport com.pulumi.aws.ec2transitgateway.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Route(\"example\", RouteArgs.builder()\n .destinationCidrBlock(\"0.0.0.0/0\")\n .blackhole(true)\n .transitGatewayRouteTableId(exampleAwsEc2TransitGateway.associationDefaultRouteTableId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:Route\n properties:\n destinationCidrBlock: 0.0.0.0/0\n blackhole: true\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGateway.associationDefaultRouteTableId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_route` using the EC2 Transit Gateway Route Table, an underscore, and the destination. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/route:Route example tgw-rtb-12345678_0.0.0.0/0\n```\n", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n" }, "destinationCidrBlock": { "type": "string", "description": "IPv4 or IPv6 RFC1924 CIDR used for destination matches. Routing decisions are based on the most specific match.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "destinationCidrBlock", "transitGatewayRouteTableId" ], "inputProperties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n", "willReplaceOnChanges": true }, "destinationCidrBlock": { "type": "string", "description": "IPv4 or IPv6 RFC1924 CIDR used for destination matches. Routing decisions are based on the most specific match.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationCidrBlock", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Route resources.\n", "properties": { "blackhole": { "type": "boolean", "description": "Indicates whether to drop traffic that matches this route (default to `false`).\n", "willReplaceOnChanges": true }, "destinationCidrBlock": { "type": "string", "description": "IPv4 or IPv6 RFC1924 CIDR used for destination matches. Routing decisions are based on the most specific match.\n", "willReplaceOnChanges": true }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment (required if `blackhole` is set to false).\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/routeTable:RouteTable": { "description": "Manages an EC2 Transit Gateway Route Table.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTable(\"example\", {transitGatewayId: exampleAwsEc2TransitGateway.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTable(\"example\", transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.RouteTable(\"example\", new()\n {\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewRouteTable(ctx, \"example\", \u0026ec2transitgateway.RouteTableArgs{\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.RouteTable;\nimport com.pulumi.aws.ec2transitgateway.RouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteTable(\"example\", RouteTableArgs.builder()\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:RouteTable\n properties:\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_route_table` using the EC2 Transit Gateway Route Table identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/routeTable:RouteTable example tgw-rtb-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Route Table Amazon Resource Name (ARN).\n" }, "defaultAssociationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway.\n" }, "defaultPropagationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" } }, "required": [ "arn", "defaultAssociationRouteTable", "defaultPropagationRouteTable", "tagsAll", "transitGatewayId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTable resources.\n", "properties": { "arn": { "type": "string", "description": "EC2 Transit Gateway Route Table Amazon Resource Name (ARN).\n" }, "defaultAssociationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway.\n" }, "defaultPropagationRouteTable": { "type": "boolean", "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/routeTableAssociation:RouteTableAssociation": { "description": "Manages an EC2 Transit Gateway Route Table association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTableAssociation(\"example\", {\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n transitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTableAssociation(\"example\",\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway_route_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.RouteTableAssociation(\"example\", new()\n {\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGatewayRouteTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewRouteTableAssociation(ctx, \"example\", \u0026ec2transitgateway.RouteTableAssociationArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGatewayRouteTable.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.RouteTableAssociation;\nimport com.pulumi.aws.ec2transitgateway.RouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteTableAssociation(\"example\", RouteTableAssociationArgs.builder()\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .transitGatewayRouteTableId(exampleAwsEc2TransitGatewayRouteTable.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:RouteTableAssociation\n properties:\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGatewayRouteTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_route_table_association` using the EC2 Transit Gateway Route Table identifier, an underscore, and the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/routeTableAssociation:RouteTableAssociation example tgw-rtb-12345678_tgw-attach-87654321\n```\n", "properties": { "replaceExistingAssociation": { "type": "boolean", "description": "Boolean whether the Gateway Attachment should remove any current Route Table association before associating with the specified Route Table. Default value: `false`. This argument is intended for use with EC2 Transit Gateways shared into the current account, otherwise the `transit_gateway_default_route_table_association` argument of the `aws.ec2transitgateway.VpcAttachment` resource should be used.\n" }, "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "resourceId", "resourceType", "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "inputProperties": { "replaceExistingAssociation": { "type": "boolean", "description": "Boolean whether the Gateway Attachment should remove any current Route Table association before associating with the specified Route Table. Default value: `false`. This argument is intended for use with EC2 Transit Gateways shared into the current account, otherwise the `transit_gateway_default_route_table_association` argument of the `aws.ec2transitgateway.VpcAttachment` resource should be used.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTableAssociation resources.\n", "properties": { "replaceExistingAssociation": { "type": "boolean", "description": "Boolean whether the Gateway Attachment should remove any current Route Table association before associating with the specified Route Table. Default value: `false`. This argument is intended for use with EC2 Transit Gateways shared into the current account, otherwise the `transit_gateway_default_route_table_association` argument of the `aws.ec2transitgateway.VpcAttachment` resource should be used.\n" }, "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/routeTablePropagation:RouteTablePropagation": { "description": "Manages an EC2 Transit Gateway Route Table propagation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.RouteTablePropagation(\"example\", {\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n transitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.RouteTablePropagation(\"example\",\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n transit_gateway_route_table_id=example_aws_ec2_transit_gateway_route_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.RouteTablePropagation(\"example\", new()\n {\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n TransitGatewayRouteTableId = exampleAwsEc2TransitGatewayRouteTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewRouteTablePropagation(ctx, \"example\", \u0026ec2transitgateway.RouteTablePropagationArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTransitGatewayRouteTableId: pulumi.Any(exampleAwsEc2TransitGatewayRouteTable.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.RouteTablePropagation;\nimport com.pulumi.aws.ec2transitgateway.RouteTablePropagationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteTablePropagation(\"example\", RouteTablePropagationArgs.builder()\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .transitGatewayRouteTableId(exampleAwsEc2TransitGatewayRouteTable.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:RouteTablePropagation\n properties:\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGatewayRouteTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_route_table_propagation` using the EC2 Transit Gateway Route Table identifier, an underscore, and the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/routeTablePropagation:RouteTablePropagation example tgw-rtb-12345678_tgw-attach-87654321\n```\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n" } }, "required": [ "resourceId", "resourceType", "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "inputProperties": { "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "transitGatewayAttachmentId", "transitGatewayRouteTableId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteTablePropagation resources.\n", "properties": { "resourceId": { "type": "string", "description": "Identifier of the resource\n" }, "resourceType": { "type": "string", "description": "Type of the resource\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Attachment.\n", "willReplaceOnChanges": true }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ec2transitgateway/transitGateway:TransitGateway": { "description": "Manages an EC2 Transit Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.TransitGateway(\"example\", {description: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.TransitGateway(\"example\", description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new()\n {\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGateway(\"example\", TransitGatewayArgs.builder()\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:TransitGateway\n properties:\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway` using the EC2 Transit Gateway identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/transitGateway:TransitGateway example tgw-12345678\n```\n", "properties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n\n\u003e **NOTE:** Modifying `amazon_side_asn` on a Transit Gateway with active BGP sessions is [not allowed](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayOptions.html). You must first delete all Transit Gateway attachments that have BGP configured prior to modifying `amazon_side_asn`.\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "EC2 Transit Gateway Amazon Resource Name (ARN)\n" }, "associationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default association route table\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "multicastSupport": { "type": "string", "description": "Whether Multicast support is enabled. Required to use `ec2_transit_gateway_multicast_domain`. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n" }, "propagationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default propagation route table\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "required": [ "arn", "associationDefaultRouteTableId", "ownerId", "propagationDefaultRouteTableId", "tagsAll" ], "inputProperties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n\n\u003e **NOTE:** Modifying `amazon_side_asn` on a Transit Gateway with active BGP sessions is [not allowed](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayOptions.html). You must first delete all Transit Gateway attachments that have BGP configured prior to modifying `amazon_side_asn`.\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "multicastSupport": { "type": "string", "description": "Whether Multicast support is enabled. Required to use `ec2_transit_gateway_multicast_domain`. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TransitGateway resources.\n", "properties": { "amazonSideAsn": { "type": "integer", "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is `64512` to `65534` for 16-bit ASNs and `4200000000` to `4294967294` for 32-bit ASNs. Default value: `64512`.\n\n\u003e **NOTE:** Modifying `amazon_side_asn` on a Transit Gateway with active BGP sessions is [not allowed](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayOptions.html). You must first delete all Transit Gateway attachments that have BGP configured prior to modifying `amazon_side_asn`.\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "EC2 Transit Gateway Amazon Resource Name (ARN)\n" }, "associationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default association route table\n" }, "autoAcceptSharedAttachments": { "type": "string", "description": "Whether resource attachment requests are automatically accepted. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "defaultRouteTableAssociation": { "type": "string", "description": "Whether resource attachments are automatically associated with the default association route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "defaultRouteTablePropagation": { "type": "string", "description": "Whether resource attachments automatically propagate routes to the default propagation route table. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "description": { "type": "string", "description": "Description of the EC2 Transit Gateway.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "multicastSupport": { "type": "string", "description": "Whether Multicast support is enabled. Required to use `ec2_transit_gateway_multicast_domain`. Valid values: `disable`, `enable`. Default value: `disable`.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n" }, "propagationDefaultRouteTableId": { "type": "string", "description": "Identifier of the default propagation route table\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.\n" }, "vpnEcmpSupport": { "type": "string", "description": "Whether VPN Equal Cost Multipath Protocol support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" } }, "type": "object" } }, "aws:ec2transitgateway/vpcAttachment:VpcAttachment": { "description": "Manages an EC2 Transit Gateway VPC Attachment. For examples of custom route table association and propagation, see the EC2 Transit Gateway Networking Examples Guide.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.VpcAttachment(\"example\", {\n subnetIds: [exampleAwsSubnet.id],\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n vpcId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.VpcAttachment(\"example\",\n subnet_ids=[example_aws_subnet[\"id\"]],\n transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"],\n vpc_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.VpcAttachment(\"example\", new()\n {\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n VpcId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewVpcAttachment(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentArgs{\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tTransitGatewayId: pulumi.Any(exampleAwsEc2TransitGateway.Id),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachment;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetIds(exampleAwsSubnet.id())\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:VpcAttachment\n properties:\n subnetIds:\n - ${exampleAwsSubnet.id}\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n vpcId: ${exampleAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_vpc_attachment` using the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/vpcAttachment:VpcAttachment example tgw-attach-12345678\n```\n", "properties": { "applianceModeSupport": { "type": "string", "description": "Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "required": [ "subnetIds", "tagsAll", "transitGatewayDefaultRouteTableAssociation", "transitGatewayDefaultRouteTablePropagation", "transitGatewayId", "vpcId", "vpcOwnerId" ], "inputProperties": { "applianceModeSupport": { "type": "string", "description": "Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "subnetIds", "transitGatewayId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAttachment resources.\n", "properties": { "applianceModeSupport": { "type": "string", "description": "Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`. Default value: `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`. Default value: `disable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n", "willReplaceOnChanges": true }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "type": "object" } }, "aws:ec2transitgateway/vpcAttachmentAccepter:VpcAttachmentAccepter": { "description": "Manages the accepter's side of an EC2 Transit Gateway VPC Attachment.\n\nWhen a cross-account (requester's AWS account differs from the accepter's AWS account) EC2 Transit Gateway VPC Attachment\nis created, an EC2 Transit Gateway VPC Attachment resource is automatically created in the accepter's account.\nThe requester can use the `aws.ec2transitgateway.VpcAttachment` resource to manage its side of the connection\nand the accepter can use the `aws.ec2transitgateway.VpcAttachmentAccepter` resource to \"adopt\" its side of the\nconnection into management.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2transitgateway.VpcAttachmentAccepter(\"example\", {\n transitGatewayAttachmentId: exampleAwsEc2TransitGatewayVpcAttachment.id,\n tags: {\n Name: \"Example cross-account attachment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.VpcAttachmentAccepter(\"example\",\n transit_gateway_attachment_id=example_aws_ec2_transit_gateway_vpc_attachment[\"id\"],\n tags={\n \"Name\": \"Example cross-account attachment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2TransitGateway.VpcAttachmentAccepter(\"example\", new()\n {\n TransitGatewayAttachmentId = exampleAwsEc2TransitGatewayVpcAttachment.Id,\n Tags = \n {\n { \"Name\", \"Example cross-account attachment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.NewVpcAttachmentAccepter(ctx, \"example\", \u0026ec2transitgateway.VpcAttachmentAccepterArgs{\n\t\t\tTransitGatewayAttachmentId: pulumi.Any(exampleAwsEc2TransitGatewayVpcAttachment.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example cross-account attachment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentAccepter;\nimport com.pulumi.aws.ec2transitgateway.VpcAttachmentAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachmentAccepter(\"example\", VpcAttachmentAccepterArgs.builder()\n .transitGatewayAttachmentId(exampleAwsEc2TransitGatewayVpcAttachment.id())\n .tags(Map.of(\"Name\", \"Example cross-account attachment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2transitgateway:VpcAttachmentAccepter\n properties:\n transitGatewayAttachmentId: ${exampleAwsEc2TransitGatewayVpcAttachment.id}\n tags:\n Name: Example cross-account attachment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ec2_transit_gateway_vpc_attachment_accepter` using the EC2 Transit Gateway Attachment identifier. For example:\n\n```sh\n$ pulumi import aws:ec2transitgateway/vpcAttachmentAccepter:VpcAttachmentAccepter example tgw-attach-12345678\n```\n", "properties": { "applianceModeSupport": { "type": "string", "description": "Whether Appliance Mode support is enabled. Valid values: `disable`, `enable`.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n" }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "required": [ "applianceModeSupport", "dnsSupport", "ipv6Support", "subnetIds", "tagsAll", "transitGatewayAttachmentId", "transitGatewayId", "vpcId", "vpcOwnerId" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n", "willReplaceOnChanges": true }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" } }, "requiredInputs": [ "transitGatewayAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAttachmentAccepter resources.\n", "properties": { "applianceModeSupport": { "type": "string", "description": "Whether Appliance Mode support is enabled. Valid values: `disable`, `enable`.\n" }, "dnsSupport": { "type": "string", "description": "Whether DNS support is enabled. Valid values: `disable`, `enable`.\n" }, "ipv6Support": { "type": "string", "description": "Whether IPv6 support is enabled. Valid values: `disable`, `enable`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayAttachmentId": { "type": "string", "description": "The ID of the EC2 Transit Gateway Attachment to manage.\n", "willReplaceOnChanges": true }, "transitGatewayDefaultRouteTableAssociation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. Default value: `true`.\n" }, "transitGatewayDefaultRouteTablePropagation": { "type": "boolean", "description": "Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. Default value: `true`.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of EC2 Transit Gateway.\n" }, "vpcId": { "type": "string", "description": "Identifier of EC2 VPC.\n" }, "vpcOwnerId": { "type": "string", "description": "Identifier of the AWS account that owns the EC2 VPC.\n" } }, "type": "object" } }, "aws:ecr/lifecyclePolicy:LifecyclePolicy": { "description": "Manages an ECR repository lifecycle policy.\n\n\u003e **NOTE:** Only one `aws.ecr.LifecyclePolicy` resource can be used with the same ECR repository. To apply multiple rules, they must be combined in the `policy` JSON.\n\n\u003e **NOTE:** The AWS ECR API seems to reorder rules based on `rulePriority`. If you define multiple rules that are not sorted in ascending `rulePriority` order in the this provider code, the resource will be flagged for recreation every deployment.\n\n## Example Usage\n\n### Policy on untagged image\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecr.Repository(\"example\", {name: \"example-repo\"});\nconst exampleLifecyclePolicy = new aws.ecr.LifecyclePolicy(\"example\", {\n repository: example.name,\n policy: `{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecr.Repository(\"example\", name=\"example-repo\")\nexample_lifecycle_policy = aws.ecr.LifecyclePolicy(\"example\",\n repository=example.name,\n policy=\"\"\"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecr.Repository(\"example\", new()\n {\n Name = \"example-repo\",\n });\n\n var exampleLifecyclePolicy = new Aws.Ecr.LifecyclePolicy(\"example\", new()\n {\n Repository = example.Name,\n Policy = @\"{\n \"\"rules\"\": [\n {\n \"\"rulePriority\"\": 1,\n \"\"description\"\": \"\"Expire images older than 14 days\"\",\n \"\"selection\"\": {\n \"\"tagStatus\"\": \"\"untagged\"\",\n \"\"countType\"\": \"\"sinceImagePushed\"\",\n \"\"countUnit\"\": \"\"days\"\",\n \"\"countNumber\"\": 14\n },\n \"\"action\"\": {\n \"\"type\"\": \"\"expire\"\"\n }\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ecr.NewRepository(ctx, \"example\", \u0026ecr.RepositoryArgs{\n\t\t\tName: pulumi.String(\"example-repo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewLifecyclePolicy(ctx, \"example\", \u0026ecr.LifecyclePolicyArgs{\n\t\t\tRepository: example.Name,\n\t\t\tPolicy: pulumi.Any(`{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.Repository;\nimport com.pulumi.aws.ecr.RepositoryArgs;\nimport com.pulumi.aws.ecr.LifecyclePolicy;\nimport com.pulumi.aws.ecr.LifecyclePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Repository(\"example\", RepositoryArgs.builder()\n .name(\"example-repo\")\n .build());\n\n var exampleLifecyclePolicy = new LifecyclePolicy(\"exampleLifecyclePolicy\", LifecyclePolicyArgs.builder()\n .repository(example.name())\n .policy(\"\"\"\n{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:Repository\n properties:\n name: example-repo\n exampleLifecyclePolicy:\n type: aws:ecr:LifecyclePolicy\n name: example\n properties:\n repository: ${example.name}\n policy: |\n {\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Policy on tagged image\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecr.Repository(\"example\", {name: \"example-repo\"});\nconst exampleLifecyclePolicy = new aws.ecr.LifecyclePolicy(\"example\", {\n repository: example.name,\n policy: `{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecr.Repository(\"example\", name=\"example-repo\")\nexample_lifecycle_policy = aws.ecr.LifecyclePolicy(\"example\",\n repository=example.name,\n policy=\"\"\"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecr.Repository(\"example\", new()\n {\n Name = \"example-repo\",\n });\n\n var exampleLifecyclePolicy = new Aws.Ecr.LifecyclePolicy(\"example\", new()\n {\n Repository = example.Name,\n Policy = @\"{\n \"\"rules\"\": [\n {\n \"\"rulePriority\"\": 1,\n \"\"description\"\": \"\"Keep last 30 images\"\",\n \"\"selection\"\": {\n \"\"tagStatus\"\": \"\"tagged\"\",\n \"\"tagPrefixList\"\": [\"\"v\"\"],\n \"\"countType\"\": \"\"imageCountMoreThan\"\",\n \"\"countNumber\"\": 30\n },\n \"\"action\"\": {\n \"\"type\"\": \"\"expire\"\"\n }\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ecr.NewRepository(ctx, \"example\", \u0026ecr.RepositoryArgs{\n\t\t\tName: pulumi.String(\"example-repo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewLifecyclePolicy(ctx, \"example\", \u0026ecr.LifecyclePolicyArgs{\n\t\t\tRepository: example.Name,\n\t\t\tPolicy: pulumi.Any(`{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.Repository;\nimport com.pulumi.aws.ecr.RepositoryArgs;\nimport com.pulumi.aws.ecr.LifecyclePolicy;\nimport com.pulumi.aws.ecr.LifecyclePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Repository(\"example\", RepositoryArgs.builder()\n .name(\"example-repo\")\n .build());\n\n var exampleLifecyclePolicy = new LifecyclePolicy(\"exampleLifecyclePolicy\", LifecyclePolicyArgs.builder()\n .repository(example.name())\n .policy(\"\"\"\n{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:Repository\n properties:\n name: example-repo\n exampleLifecyclePolicy:\n type: aws:ecr:LifecyclePolicy\n name: example\n properties:\n repository: ${example.name}\n policy: |\n {\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Keep last 30 images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"v\"],\n \"countType\": \"imageCountMoreThan\",\n \"countNumber\": 30\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Lifecycle Policy using the name of the repository. For example:\n\n```sh\n$ pulumi import aws:ecr/lifecyclePolicy:LifecyclePolicy example tf-example\n```\n", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs. Consider using the `aws.ecr.getLifecyclePolicyDocument` data_source to generate/manage the JSON document used for the `policy` argument.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "required": [ "policy", "registryId", "repository" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ecr/lifecyclePolicyDocument:LifecyclePolicyDocument" } ], "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs. Consider using the `aws.ecr.getLifecyclePolicyDocument` data_source to generate/manage the JSON document used for the `policy` argument.\n", "willReplaceOnChanges": true }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering LifecyclePolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ecr/lifecyclePolicyDocument:LifecyclePolicyDocument" } ], "description": "The policy document. This is a JSON formatted string. See more details about [Policy Parameters](http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html#lifecycle_policy_parameters) in the official AWS docs. Consider using the `aws.ecr.getLifecyclePolicyDocument` data_source to generate/manage the JSON document used for the `policy` argument.\n", "willReplaceOnChanges": true }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ecr/pullThroughCacheRule:PullThroughCacheRule": { "description": "Provides an Elastic Container Registry Pull Through Cache Rule.\n\nMore information about pull through cache rules, including the set of supported\nupstream repositories, see [Using pull through cache rules](https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecr.PullThroughCacheRule(\"example\", {\n ecrRepositoryPrefix: \"ecr-public\",\n upstreamRegistryUrl: \"public.ecr.aws\",\n credentialArn: \"arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecr.PullThroughCacheRule(\"example\",\n ecr_repository_prefix=\"ecr-public\",\n upstream_registry_url=\"public.ecr.aws\",\n credential_arn=\"arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecr.PullThroughCacheRule(\"example\", new()\n {\n EcrRepositoryPrefix = \"ecr-public\",\n UpstreamRegistryUrl = \"public.ecr.aws\",\n CredentialArn = \"arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.NewPullThroughCacheRule(ctx, \"example\", \u0026ecr.PullThroughCacheRuleArgs{\n\t\t\tEcrRepositoryPrefix: pulumi.String(\"ecr-public\"),\n\t\t\tUpstreamRegistryUrl: pulumi.String(\"public.ecr.aws\"),\n\t\t\tCredentialArn: pulumi.String(\"arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.PullThroughCacheRule;\nimport com.pulumi.aws.ecr.PullThroughCacheRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PullThroughCacheRule(\"example\", PullThroughCacheRuleArgs.builder()\n .ecrRepositoryPrefix(\"ecr-public\")\n .upstreamRegistryUrl(\"public.ecr.aws\")\n .credentialArn(\"arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:PullThroughCacheRule\n properties:\n ecrRepositoryPrefix: ecr-public\n upstreamRegistryUrl: public.ecr.aws\n credentialArn: arn:aws:secretsmanager:us-east-1:123456789:secret:ecr-pullthroughcache/ecrpublic\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a pull-through cache rule using the `ecr_repository_prefix`. For example:\n\n```sh\n$ pulumi import aws:ecr/pullThroughCacheRule:PullThroughCacheRule example ecr-public\n```\n", "properties": { "credentialArn": { "type": "string", "description": "ARN of the Secret which will be used to authenticate against the registry.\n" }, "ecrRepositoryPrefix": { "type": "string", "description": "The repository name prefix to use when caching images from the source registry.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "upstreamRegistryUrl": { "type": "string", "description": "The registry URL of the upstream public registry to use as the source.\n" } }, "required": [ "ecrRepositoryPrefix", "registryId", "upstreamRegistryUrl" ], "inputProperties": { "credentialArn": { "type": "string", "description": "ARN of the Secret which will be used to authenticate against the registry.\n" }, "ecrRepositoryPrefix": { "type": "string", "description": "The repository name prefix to use when caching images from the source registry.\n", "willReplaceOnChanges": true }, "upstreamRegistryUrl": { "type": "string", "description": "The registry URL of the upstream public registry to use as the source.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ecrRepositoryPrefix", "upstreamRegistryUrl" ], "stateInputs": { "description": "Input properties used for looking up and filtering PullThroughCacheRule resources.\n", "properties": { "credentialArn": { "type": "string", "description": "ARN of the Secret which will be used to authenticate against the registry.\n" }, "ecrRepositoryPrefix": { "type": "string", "description": "The repository name prefix to use when caching images from the source registry.\n", "willReplaceOnChanges": true }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "upstreamRegistryUrl": { "type": "string", "description": "The registry URL of the upstream public registry to use as the source.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ecr/registryPolicy:RegistryPolicy": { "description": "Provides an Elastic Container Registry Policy.\n\n\u003e **NOTE on ECR Registry Policies:** While the AWS Management Console interface may suggest the ability to define multiple policies by creating multiple statements, ECR registry policies are effectively managed as singular entities at the regional level by the AWS APIs. Therefore, the `aws.ecr.RegistryPolicy` resource should be configured only once per region with all necessary statements defined in the same policy. Attempting to define multiple `aws.ecr.RegistryPolicy` resources may result in perpetual differences, with one policy overriding another.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.ecr.RegistryPolicy(\"example\", {policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"testpolicy\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\"ecr:ReplicateImage\"],\n Resource: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*`)],\n }],\n})});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ncurrent_get_partition = aws.get_partition()\nexample = aws.ecr.RegistryPolicy(\"example\", policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"testpolicy\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\"ecr:ReplicateImage\"],\n \"Resource\": [f\"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*\"],\n }],\n}))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Ecr.RegistryPolicy(\"example\", new()\n {\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"testpolicy\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"ecr:ReplicateImage\",\n },\n [\"Resource\"] = new[]\n {\n Output.Tuple(currentGetPartition, currentGetRegion, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var currentGetRegion = values.Item2;\n var current = values.Item3;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:ecr:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:repository/*\";\n }),\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"testpolicy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ecr:ReplicateImage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:%v:ecr:%v:%v:repository/*\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = ecr.NewRegistryPolicy(ctx, \"example\", \u0026ecr.RegistryPolicyArgs{\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.ecr.RegistryPolicy;\nimport com.pulumi.aws.ecr.RegistryPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new RegistryPolicy(\"example\", RegistryPolicyArgs.builder()\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"testpolicy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\"ecr:ReplicateImage\")),\n jsonProperty(\"Resource\", jsonArray(String.format(\"arn:%s:ecr:%s:%s:repository/*\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:RegistryPolicy\n properties:\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: testpolicy\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - ecr:ReplicateImage\n Resource:\n - arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Registry Policy using the registry id. For example:\n\n```sh\n$ pulumi import aws:ecr/registryPolicy:RegistryPolicy example 123456789012\n```\n", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the registry was created.\n" } }, "required": [ "policy", "registryId" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegistryPolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the registry was created.\n" } }, "type": "object" } }, "aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration": { "description": "Provides an Elastic Container Registry Scanning Configuration. Can't be completely deleted, instead reverts to the default `BASIC` scanning configuration without rules.\n\n## Example Usage\n\n### Basic example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst configuration = new aws.ecr.RegistryScanningConfiguration(\"configuration\", {\n scanType: \"ENHANCED\",\n rules: [{\n scanFrequency: \"CONTINUOUS_SCAN\",\n repositoryFilters: [{\n filter: \"example\",\n filterType: \"WILDCARD\",\n }],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfiguration = aws.ecr.RegistryScanningConfiguration(\"configuration\",\n scan_type=\"ENHANCED\",\n rules=[{\n \"scan_frequency\": \"CONTINUOUS_SCAN\",\n \"repository_filters\": [{\n \"filter\": \"example\",\n \"filter_type\": \"WILDCARD\",\n }],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var configuration = new Aws.Ecr.RegistryScanningConfiguration(\"configuration\", new()\n {\n ScanType = \"ENHANCED\",\n Rules = new[]\n {\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs\n {\n ScanFrequency = \"CONTINUOUS_SCAN\",\n RepositoryFilters = new[]\n {\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs\n {\n Filter = \"example\",\n FilterType = \"WILDCARD\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.NewRegistryScanningConfiguration(ctx, \"configuration\", \u0026ecr.RegistryScanningConfigurationArgs{\n\t\t\tScanType: pulumi.String(\"ENHANCED\"),\n\t\t\tRules: ecr.RegistryScanningConfigurationRuleArray{\n\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleArgs{\n\t\t\t\t\tScanFrequency: pulumi.String(\"CONTINUOUS_SCAN\"),\n\t\t\t\t\tRepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{\n\t\t\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{\n\t\t\t\t\t\t\tFilter: pulumi.String(\"example\"),\n\t\t\t\t\t\t\tFilterType: pulumi.String(\"WILDCARD\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.RegistryScanningConfiguration;\nimport com.pulumi.aws.ecr.RegistryScanningConfigurationArgs;\nimport com.pulumi.aws.ecr.inputs.RegistryScanningConfigurationRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var configuration = new RegistryScanningConfiguration(\"configuration\", RegistryScanningConfigurationArgs.builder()\n .scanType(\"ENHANCED\")\n .rules(RegistryScanningConfigurationRuleArgs.builder()\n .scanFrequency(\"CONTINUOUS_SCAN\")\n .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()\n .filter(\"example\")\n .filterType(\"WILDCARD\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n configuration:\n type: aws:ecr:RegistryScanningConfiguration\n properties:\n scanType: ENHANCED\n rules:\n - scanFrequency: CONTINUOUS_SCAN\n repositoryFilters:\n - filter: example\n filterType: WILDCARD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple rules\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ecr.RegistryScanningConfiguration(\"test\", {\n scanType: \"ENHANCED\",\n rules: [\n {\n scanFrequency: \"SCAN_ON_PUSH\",\n repositoryFilters: [{\n filter: \"*\",\n filterType: \"WILDCARD\",\n }],\n },\n {\n scanFrequency: \"CONTINUOUS_SCAN\",\n repositoryFilters: [{\n filter: \"example\",\n filterType: \"WILDCARD\",\n }],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ecr.RegistryScanningConfiguration(\"test\",\n scan_type=\"ENHANCED\",\n rules=[\n {\n \"scan_frequency\": \"SCAN_ON_PUSH\",\n \"repository_filters\": [{\n \"filter\": \"*\",\n \"filter_type\": \"WILDCARD\",\n }],\n },\n {\n \"scan_frequency\": \"CONTINUOUS_SCAN\",\n \"repository_filters\": [{\n \"filter\": \"example\",\n \"filter_type\": \"WILDCARD\",\n }],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ecr.RegistryScanningConfiguration(\"test\", new()\n {\n ScanType = \"ENHANCED\",\n Rules = new[]\n {\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs\n {\n ScanFrequency = \"SCAN_ON_PUSH\",\n RepositoryFilters = new[]\n {\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs\n {\n Filter = \"*\",\n FilterType = \"WILDCARD\",\n },\n },\n },\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs\n {\n ScanFrequency = \"CONTINUOUS_SCAN\",\n RepositoryFilters = new[]\n {\n new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs\n {\n Filter = \"example\",\n FilterType = \"WILDCARD\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.NewRegistryScanningConfiguration(ctx, \"test\", \u0026ecr.RegistryScanningConfigurationArgs{\n\t\t\tScanType: pulumi.String(\"ENHANCED\"),\n\t\t\tRules: ecr.RegistryScanningConfigurationRuleArray{\n\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleArgs{\n\t\t\t\t\tScanFrequency: pulumi.String(\"SCAN_ON_PUSH\"),\n\t\t\t\t\tRepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{\n\t\t\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{\n\t\t\t\t\t\t\tFilter: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tFilterType: pulumi.String(\"WILDCARD\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleArgs{\n\t\t\t\t\tScanFrequency: pulumi.String(\"CONTINUOUS_SCAN\"),\n\t\t\t\t\tRepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{\n\t\t\t\t\t\t\u0026ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{\n\t\t\t\t\t\t\tFilter: pulumi.String(\"example\"),\n\t\t\t\t\t\t\tFilterType: pulumi.String(\"WILDCARD\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.RegistryScanningConfiguration;\nimport com.pulumi.aws.ecr.RegistryScanningConfigurationArgs;\nimport com.pulumi.aws.ecr.inputs.RegistryScanningConfigurationRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new RegistryScanningConfiguration(\"test\", RegistryScanningConfigurationArgs.builder()\n .scanType(\"ENHANCED\")\n .rules( \n RegistryScanningConfigurationRuleArgs.builder()\n .scanFrequency(\"SCAN_ON_PUSH\")\n .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()\n .filter(\"*\")\n .filterType(\"WILDCARD\")\n .build())\n .build(),\n RegistryScanningConfigurationRuleArgs.builder()\n .scanFrequency(\"CONTINUOUS_SCAN\")\n .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()\n .filter(\"example\")\n .filterType(\"WILDCARD\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ecr:RegistryScanningConfiguration\n properties:\n scanType: ENHANCED\n rules:\n - scanFrequency: SCAN_ON_PUSH\n repositoryFilters:\n - filter: '*'\n filterType: WILDCARD\n - scanFrequency: CONTINUOUS_SCAN\n repositoryFilters:\n - filter: example\n filterType: WILDCARD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Scanning Configurations using the `registry_id`. For example:\n\n```sh\n$ pulumi import aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration example 012345678901\n```\n", "properties": { "registryId": { "type": "string", "description": "The registry ID the scanning configuration applies to.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RegistryScanningConfigurationRule:RegistryScanningConfigurationRule" }, "description": "One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.\n" }, "scanType": { "type": "string", "description": "the scanning type to set for the registry. Can be either `ENHANCED` or `BASIC`.\n" } }, "required": [ "registryId", "scanType" ], "inputProperties": { "rules": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RegistryScanningConfigurationRule:RegistryScanningConfigurationRule" }, "description": "One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.\n" }, "scanType": { "type": "string", "description": "the scanning type to set for the registry. Can be either `ENHANCED` or `BASIC`.\n" } }, "requiredInputs": [ "scanType" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegistryScanningConfiguration resources.\n", "properties": { "registryId": { "type": "string", "description": "The registry ID the scanning configuration applies to.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RegistryScanningConfigurationRule:RegistryScanningConfigurationRule" }, "description": "One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.\n" }, "scanType": { "type": "string", "description": "the scanning type to set for the registry. Can be either `ENHANCED` or `BASIC`.\n" } }, "type": "object" } }, "aws:ecr/replicationConfiguration:ReplicationConfiguration": { "description": "Provides an Elastic Container Registry Replication Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = aws.getRegions({});\nconst exampleReplicationConfiguration = new aws.ecr.ReplicationConfiguration(\"example\", {replicationConfiguration: {\n rules: [{\n destinations: [{\n region: example.then(example =\u003e example.names?.[0]),\n registryId: current.then(current =\u003e current.accountId),\n }],\n }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.get_regions()\nexample_replication_configuration = aws.ecr.ReplicationConfiguration(\"example\", replication_configuration={\n \"rules\": [{\n \"destinations\": [{\n \"region\": example.names[0],\n \"registry_id\": current.account_id,\n }],\n }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.GetRegions.Invoke();\n\n var exampleReplicationConfiguration = new Aws.Ecr.ReplicationConfiguration(\"example\", new()\n {\n ReplicationConfigurationDetails = new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationArgs\n {\n Rules = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleArgs\n {\n Destinations = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs\n {\n Region = example.Apply(getRegionsResult =\u003e getRegionsResult.Names[0]),\n RegistryId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := aws.GetRegions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewReplicationConfiguration(ctx, \"example\", \u0026ecr.ReplicationConfigurationArgs{\n\t\t\tReplicationConfiguration: \u0026ecr.ReplicationConfigurationReplicationConfigurationArgs{\n\t\t\t\tRules: ecr.ReplicationConfigurationReplicationConfigurationRuleArray{\n\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleArgs{\n\t\t\t\t\t\tDestinations: ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArray{\n\t\t\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs{\n\t\t\t\t\t\t\t\tRegion: pulumi.String(example.Names[0]),\n\t\t\t\t\t\t\t\tRegistryId: pulumi.String(current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport com.pulumi.aws.ecr.ReplicationConfiguration;\nimport com.pulumi.aws.ecr.ReplicationConfigurationArgs;\nimport com.pulumi.aws.ecr.inputs.ReplicationConfigurationReplicationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = AwsFunctions.getRegions();\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .replicationConfiguration(ReplicationConfigurationReplicationConfigurationArgs.builder()\n .rules(ReplicationConfigurationReplicationConfigurationRuleArgs.builder()\n .destinations(ReplicationConfigurationReplicationConfigurationRuleDestinationArgs.builder()\n .region(example.applyValue(getRegionsResult -\u003e getRegionsResult.names()[0]))\n .registryId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleReplicationConfiguration:\n type: aws:ecr:ReplicationConfiguration\n name: example\n properties:\n replicationConfiguration:\n rules:\n - destinations:\n - region: ${example.names[0]}\n registryId: ${current.accountId}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:getRegions\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Multiple Region Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = aws.getRegions({});\nconst exampleReplicationConfiguration = new aws.ecr.ReplicationConfiguration(\"example\", {replicationConfiguration: {\n rules: [{\n destinations: [\n {\n region: example.then(example =\u003e example.names?.[0]),\n registryId: current.then(current =\u003e current.accountId),\n },\n {\n region: example.then(example =\u003e example.names?.[1]),\n registryId: current.then(current =\u003e current.accountId),\n },\n ],\n }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.get_regions()\nexample_replication_configuration = aws.ecr.ReplicationConfiguration(\"example\", replication_configuration={\n \"rules\": [{\n \"destinations\": [\n {\n \"region\": example.names[0],\n \"registry_id\": current.account_id,\n },\n {\n \"region\": example.names[1],\n \"registry_id\": current.account_id,\n },\n ],\n }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.GetRegions.Invoke();\n\n var exampleReplicationConfiguration = new Aws.Ecr.ReplicationConfiguration(\"example\", new()\n {\n ReplicationConfigurationDetails = new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationArgs\n {\n Rules = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleArgs\n {\n Destinations = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs\n {\n Region = example.Apply(getRegionsResult =\u003e getRegionsResult.Names[0]),\n RegistryId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs\n {\n Region = example.Apply(getRegionsResult =\u003e getRegionsResult.Names[1]),\n RegistryId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := aws.GetRegions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewReplicationConfiguration(ctx, \"example\", \u0026ecr.ReplicationConfigurationArgs{\n\t\t\tReplicationConfiguration: \u0026ecr.ReplicationConfigurationReplicationConfigurationArgs{\n\t\t\t\tRules: ecr.ReplicationConfigurationReplicationConfigurationRuleArray{\n\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleArgs{\n\t\t\t\t\t\tDestinations: ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArray{\n\t\t\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs{\n\t\t\t\t\t\t\t\tRegion: pulumi.String(example.Names[0]),\n\t\t\t\t\t\t\t\tRegistryId: pulumi.String(current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs{\n\t\t\t\t\t\t\t\tRegion: pulumi.String(example.Names[1]),\n\t\t\t\t\t\t\t\tRegistryId: pulumi.String(current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport com.pulumi.aws.ecr.ReplicationConfiguration;\nimport com.pulumi.aws.ecr.ReplicationConfigurationArgs;\nimport com.pulumi.aws.ecr.inputs.ReplicationConfigurationReplicationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = AwsFunctions.getRegions();\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .replicationConfiguration(ReplicationConfigurationReplicationConfigurationArgs.builder()\n .rules(ReplicationConfigurationReplicationConfigurationRuleArgs.builder()\n .destinations( \n ReplicationConfigurationReplicationConfigurationRuleDestinationArgs.builder()\n .region(example.applyValue(getRegionsResult -\u003e getRegionsResult.names()[0]))\n .registryId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build(),\n ReplicationConfigurationReplicationConfigurationRuleDestinationArgs.builder()\n .region(example.applyValue(getRegionsResult -\u003e getRegionsResult.names()[1]))\n .registryId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleReplicationConfiguration:\n type: aws:ecr:ReplicationConfiguration\n name: example\n properties:\n replicationConfiguration:\n rules:\n - destinations:\n - region: ${example.names[0]}\n registryId: ${current.accountId}\n - region: ${example.names[1]}\n registryId: ${current.accountId}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:getRegions\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Repository Filter Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = aws.getRegions({});\nconst exampleReplicationConfiguration = new aws.ecr.ReplicationConfiguration(\"example\", {replicationConfiguration: {\n rules: [{\n destinations: [{\n region: example.then(example =\u003e example.names?.[0]),\n registryId: current.then(current =\u003e current.accountId),\n }],\n repositoryFilters: [{\n filter: \"prod-microservice\",\n filterType: \"PREFIX_MATCH\",\n }],\n }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.get_regions()\nexample_replication_configuration = aws.ecr.ReplicationConfiguration(\"example\", replication_configuration={\n \"rules\": [{\n \"destinations\": [{\n \"region\": example.names[0],\n \"registry_id\": current.account_id,\n }],\n \"repository_filters\": [{\n \"filter\": \"prod-microservice\",\n \"filter_type\": \"PREFIX_MATCH\",\n }],\n }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.GetRegions.Invoke();\n\n var exampleReplicationConfiguration = new Aws.Ecr.ReplicationConfiguration(\"example\", new()\n {\n ReplicationConfigurationDetails = new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationArgs\n {\n Rules = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleArgs\n {\n Destinations = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs\n {\n Region = example.Apply(getRegionsResult =\u003e getRegionsResult.Names[0]),\n RegistryId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n RepositoryFilters = new[]\n {\n new Aws.Ecr.Inputs.ReplicationConfigurationReplicationConfigurationRuleRepositoryFilterArgs\n {\n Filter = \"prod-microservice\",\n FilterType = \"PREFIX_MATCH\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := aws.GetRegions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewReplicationConfiguration(ctx, \"example\", \u0026ecr.ReplicationConfigurationArgs{\n\t\t\tReplicationConfiguration: \u0026ecr.ReplicationConfigurationReplicationConfigurationArgs{\n\t\t\t\tRules: ecr.ReplicationConfigurationReplicationConfigurationRuleArray{\n\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleArgs{\n\t\t\t\t\t\tDestinations: ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArray{\n\t\t\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleDestinationArgs{\n\t\t\t\t\t\t\t\tRegion: pulumi.String(example.Names[0]),\n\t\t\t\t\t\t\t\tRegistryId: pulumi.String(current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRepositoryFilters: ecr.ReplicationConfigurationReplicationConfigurationRuleRepositoryFilterArray{\n\t\t\t\t\t\t\t\u0026ecr.ReplicationConfigurationReplicationConfigurationRuleRepositoryFilterArgs{\n\t\t\t\t\t\t\t\tFilter: pulumi.String(\"prod-microservice\"),\n\t\t\t\t\t\t\t\tFilterType: pulumi.String(\"PREFIX_MATCH\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport com.pulumi.aws.ecr.ReplicationConfiguration;\nimport com.pulumi.aws.ecr.ReplicationConfigurationArgs;\nimport com.pulumi.aws.ecr.inputs.ReplicationConfigurationReplicationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = AwsFunctions.getRegions();\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .replicationConfiguration(ReplicationConfigurationReplicationConfigurationArgs.builder()\n .rules(ReplicationConfigurationReplicationConfigurationRuleArgs.builder()\n .destinations(ReplicationConfigurationReplicationConfigurationRuleDestinationArgs.builder()\n .region(example.applyValue(getRegionsResult -\u003e getRegionsResult.names()[0]))\n .registryId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build())\n .repositoryFilters(ReplicationConfigurationReplicationConfigurationRuleRepositoryFilterArgs.builder()\n .filter(\"prod-microservice\")\n .filterType(\"PREFIX_MATCH\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleReplicationConfiguration:\n type: aws:ecr:ReplicationConfiguration\n name: example\n properties:\n replicationConfiguration:\n rules:\n - destinations:\n - region: ${example.names[0]}\n registryId: ${current.accountId}\n repositoryFilters:\n - filter: prod-microservice\n filterType: PREFIX_MATCH\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:getRegions\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Replication Configuration using the `registry_id`. For example:\n\n```sh\n$ pulumi import aws:ecr/replicationConfiguration:ReplicationConfiguration service 012345678912\n```\n", "properties": { "registryId": { "type": "string", "description": "The registry ID where the replication configuration was created.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfiguration:ReplicationConfigurationReplicationConfiguration", "description": "Replication configuration for a registry. See Replication Configuration.\n", "language": { "csharp": { "name": "ReplicationConfigurationDetails" } } } }, "required": [ "registryId" ], "inputProperties": { "replicationConfiguration": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfiguration:ReplicationConfigurationReplicationConfiguration", "description": "Replication configuration for a registry. See Replication Configuration.\n", "language": { "csharp": { "name": "ReplicationConfigurationDetails" } } } }, "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationConfiguration resources.\n", "properties": { "registryId": { "type": "string", "description": "The registry ID where the replication configuration was created.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:ecr/ReplicationConfigurationReplicationConfiguration:ReplicationConfigurationReplicationConfiguration", "description": "Replication configuration for a registry. See Replication Configuration.\n", "language": { "csharp": { "name": "ReplicationConfigurationDetails" } } } }, "type": "object" } }, "aws:ecr/repository:Repository": { "description": "Provides an Elastic Container Registry Repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecr.Repository(\"foo\", {\n name: \"bar\",\n imageTagMutability: \"MUTABLE\",\n imageScanningConfiguration: {\n scanOnPush: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecr.Repository(\"foo\",\n name=\"bar\",\n image_tag_mutability=\"MUTABLE\",\n image_scanning_configuration={\n \"scan_on_push\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ecr.Repository(\"foo\", new()\n {\n Name = \"bar\",\n ImageTagMutability = \"MUTABLE\",\n ImageScanningConfiguration = new Aws.Ecr.Inputs.RepositoryImageScanningConfigurationArgs\n {\n ScanOnPush = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.NewRepository(ctx, \"foo\", \u0026ecr.RepositoryArgs{\n\t\t\tName: pulumi.String(\"bar\"),\n\t\t\tImageTagMutability: pulumi.String(\"MUTABLE\"),\n\t\t\tImageScanningConfiguration: \u0026ecr.RepositoryImageScanningConfigurationArgs{\n\t\t\t\tScanOnPush: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.Repository;\nimport com.pulumi.aws.ecr.RepositoryArgs;\nimport com.pulumi.aws.ecr.inputs.RepositoryImageScanningConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Repository(\"foo\", RepositoryArgs.builder()\n .name(\"bar\")\n .imageTagMutability(\"MUTABLE\")\n .imageScanningConfiguration(RepositoryImageScanningConfigurationArgs.builder()\n .scanOnPush(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ecr:Repository\n properties:\n name: bar\n imageTagMutability: MUTABLE\n imageScanningConfiguration:\n scanOnPush: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Repositories using the `name`. For example:\n\n```sh\n$ pulumi import aws:ecr/repository:Repository service test-service\n```\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RepositoryEncryptionConfiguration:RepositoryEncryptionConfiguration" }, "description": "Encryption configuration for the repository. See below for schema.\n" }, "forceDelete": { "type": "boolean", "description": "If `true`, will delete the repository even if it contains images.\nDefaults to `false`.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryUrl": { "type": "string", "description": "The URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "registryId", "repositoryUrl", "tagsAll" ], "inputProperties": { "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RepositoryEncryptionConfiguration:RepositoryEncryptionConfiguration" }, "description": "Encryption configuration for the repository. See below for schema.\n", "willReplaceOnChanges": true }, "forceDelete": { "type": "boolean", "description": "If `true`, will delete the repository even if it contains images.\nDefaults to `false`.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:ecr/RepositoryEncryptionConfiguration:RepositoryEncryptionConfiguration" }, "description": "Encryption configuration for the repository. See below for schema.\n", "willReplaceOnChanges": true }, "forceDelete": { "type": "boolean", "description": "If `true`, will delete the repository even if it contains images.\nDefaults to `false`.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration", "description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n" }, "imageTagMutability": { "type": "string", "description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n" }, "name": { "type": "string", "description": "Name of the repository.\n", "willReplaceOnChanges": true }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryUrl": { "type": "string", "description": "The URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ecr/repositoryPolicy:RepositoryPolicy": { "description": "Provides an Elastic Container Registry Repository Policy.\n\nNote that currently only one policy may be applied to a repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRepository = new aws.ecr.Repository(\"example\", {name: \"example-repo\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"new policy\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n actions: [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n ],\n }],\n});\nconst exampleRepositoryPolicy = new aws.ecr.RepositoryPolicy(\"example\", {\n repository: exampleRepository.name,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_repository = aws.ecr.Repository(\"example\", name=\"example-repo\")\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"new policy\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n \"actions\": [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n ],\n}])\nexample_repository_policy = aws.ecr.RepositoryPolicy(\"example\",\n repository=example_repository.name,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRepository = new Aws.Ecr.Repository(\"example\", new()\n {\n Name = \"example-repo\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"new policy\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n Actions = new[]\n {\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n },\n },\n },\n });\n\n var exampleRepositoryPolicy = new Aws.Ecr.RepositoryPolicy(\"example\", new()\n {\n Repository = exampleRepository.Name,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRepository, err := ecr.NewRepository(ctx, \"example\", \u0026ecr.RepositoryArgs{\n\t\t\tName: pulumi.String(\"example-repo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"new policy\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"123456789012\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ecr:GetDownloadUrlForLayer\",\n\t\t\t\t\t\t\"ecr:BatchGetImage\",\n\t\t\t\t\t\t\"ecr:BatchCheckLayerAvailability\",\n\t\t\t\t\t\t\"ecr:PutImage\",\n\t\t\t\t\t\t\"ecr:InitiateLayerUpload\",\n\t\t\t\t\t\t\"ecr:UploadLayerPart\",\n\t\t\t\t\t\t\"ecr:CompleteLayerUpload\",\n\t\t\t\t\t\t\"ecr:DescribeRepositories\",\n\t\t\t\t\t\t\"ecr:GetRepositoryPolicy\",\n\t\t\t\t\t\t\"ecr:ListImages\",\n\t\t\t\t\t\t\"ecr:DeleteRepository\",\n\t\t\t\t\t\t\"ecr:BatchDeleteImage\",\n\t\t\t\t\t\t\"ecr:SetRepositoryPolicy\",\n\t\t\t\t\t\t\"ecr:DeleteRepositoryPolicy\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewRepositoryPolicy(ctx, \"example\", \u0026ecr.RepositoryPolicyArgs{\n\t\t\tRepository: exampleRepository.Name,\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.Repository;\nimport com.pulumi.aws.ecr.RepositoryArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ecr.RepositoryPolicy;\nimport com.pulumi.aws.ecr.RepositoryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRepository = new Repository(\"exampleRepository\", RepositoryArgs.builder()\n .name(\"example-repo\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"new policy\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .actions( \n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\")\n .build())\n .build());\n\n var exampleRepositoryPolicy = new RepositoryPolicy(\"exampleRepositoryPolicy\", RepositoryPolicyArgs.builder()\n .repository(exampleRepository.name())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRepository:\n type: aws:ecr:Repository\n name: example\n properties:\n name: example-repo\n exampleRepositoryPolicy:\n type: aws:ecr:RepositoryPolicy\n name: example\n properties:\n repository: ${exampleRepository.name}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: new policy\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '123456789012'\n actions:\n - ecr:GetDownloadUrlForLayer\n - ecr:BatchGetImage\n - ecr:BatchCheckLayerAvailability\n - ecr:PutImage\n - ecr:InitiateLayerUpload\n - ecr:UploadLayerPart\n - ecr:CompleteLayerUpload\n - ecr:DescribeRepositories\n - ecr:GetRepositoryPolicy\n - ecr:ListImages\n - ecr:DeleteRepository\n - ecr:BatchDeleteImage\n - ecr:SetRepositoryPolicy\n - ecr:DeleteRepositoryPolicy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Repository Policy using the repository name. For example:\n\n```sh\n$ pulumi import aws:ecr/repositoryPolicy:RepositoryPolicy example example\n```\n", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "required": [ "policy", "registryId", "repository" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "repository" ], "stateInputs": { "description": "Input properties used for looking up and filtering RepositoryPolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repository": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ecrpublic/repository:Repository": { "description": "Provides a Public Elastic Container Registry Repository.\n\n\u003e **NOTE:** This resource can only be used in the `us-east-1` region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst foo = new aws.ecrpublic.Repository(\"foo\", {\n repositoryName: \"bar\",\n catalogData: {\n aboutText: \"About Text\",\n architectures: [\"ARM\"],\n description: \"Description\",\n logoImageBlob: std.filebase64({\n input: png,\n }).then(invoke =\u003e invoke.result),\n operatingSystems: [\"Linux\"],\n usageText: \"Usage Text\",\n },\n tags: {\n env: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nfoo = aws.ecrpublic.Repository(\"foo\",\n repository_name=\"bar\",\n catalog_data={\n \"about_text\": \"About Text\",\n \"architectures\": [\"ARM\"],\n \"description\": \"Description\",\n \"logo_image_blob\": std.filebase64(input=png).result,\n \"operating_systems\": [\"Linux\"],\n \"usage_text\": \"Usage Text\",\n },\n tags={\n \"env\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.EcrPublic.Repository(\"foo\", new()\n {\n RepositoryName = \"bar\",\n CatalogData = new Aws.EcrPublic.Inputs.RepositoryCatalogDataArgs\n {\n AboutText = \"About Text\",\n Architectures = new[]\n {\n \"ARM\",\n },\n Description = \"Description\",\n LogoImageBlob = Std.Filebase64.Invoke(new()\n {\n Input = png,\n }).Apply(invoke =\u003e invoke.Result),\n OperatingSystems = new[]\n {\n \"Linux\",\n },\n UsageText = \"Usage Text\",\n },\n Tags = \n {\n { \"env\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecrpublic\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: png,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecrpublic.NewRepository(ctx, \"foo\", \u0026ecrpublic.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"bar\"),\n\t\t\tCatalogData: \u0026ecrpublic.RepositoryCatalogDataArgs{\n\t\t\t\tAboutText: pulumi.String(\"About Text\"),\n\t\t\t\tArchitectures: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"ARM\"),\n\t\t\t\t},\n\t\t\t\tDescription: pulumi.String(\"Description\"),\n\t\t\t\tLogoImageBlob: pulumi.String(invokeFilebase64.Result),\n\t\t\t\tOperatingSystems: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"Linux\"),\n\t\t\t\t},\n\t\t\t\tUsageText: pulumi.String(\"Usage Text\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecrpublic.Repository;\nimport com.pulumi.aws.ecrpublic.RepositoryArgs;\nimport com.pulumi.aws.ecrpublic.inputs.RepositoryCatalogDataArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Repository(\"foo\", RepositoryArgs.builder()\n .repositoryName(\"bar\")\n .catalogData(RepositoryCatalogDataArgs.builder()\n .aboutText(\"About Text\")\n .architectures(\"ARM\")\n .description(\"Description\")\n .logoImageBlob(StdFunctions.filebase64(Filebase64Args.builder()\n .input(png)\n .build()).result())\n .operatingSystems(\"Linux\")\n .usageText(\"Usage Text\")\n .build())\n .tags(Map.of(\"env\", \"production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ecrpublic:Repository\n properties:\n repositoryName: bar\n catalogData:\n aboutText: About Text\n architectures:\n - ARM\n description: Description\n logoImageBlob:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: ${png}\n Return: result\n operatingSystems:\n - Linux\n usageText: Usage Text\n tags:\n env: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Public Repositories using the `repository_name`. For example:\n\n```sh\n$ pulumi import aws:ecrpublic/repository:Repository example example\n```\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "catalogData": { "$ref": "#/types/aws:ecrpublic/RepositoryCatalogData:RepositoryCatalogData", "description": "Catalog data configuration for the repository. See below for schema.\n" }, "forceDestroy": { "type": "boolean" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository.\n" }, "repositoryUri": { "type": "string", "description": "The URI of the repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "registryId", "repositoryName", "repositoryUri", "tagsAll" ], "inputProperties": { "catalogData": { "$ref": "#/types/aws:ecrpublic/RepositoryCatalogData:RepositoryCatalogData", "description": "Catalog data configuration for the repository. See below for schema.\n" }, "forceDestroy": { "type": "boolean" }, "repositoryName": { "type": "string", "description": "Name of the repository.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "repositoryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Repository resources.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the repository.\n" }, "catalogData": { "$ref": "#/types/aws:ecrpublic/RepositoryCatalogData:RepositoryCatalogData", "description": "Catalog data configuration for the repository. See below for schema.\n" }, "forceDestroy": { "type": "boolean" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository.\n", "willReplaceOnChanges": true }, "repositoryUri": { "type": "string", "description": "The URI of the repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ecrpublic/repositoryPolicy:RepositoryPolicy": { "description": "Provides an Elastic Container Registry Public Repository Policy.\n\nNote that currently only one policy may be applied to a repository.\n\n\u003e **NOTE:** This resource can only be used in the `us-east-1` region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRepository = new aws.ecrpublic.Repository(\"example\", {repositoryName: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"new policy\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n actions: [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n ],\n }],\n});\nconst exampleRepositoryPolicy = new aws.ecrpublic.RepositoryPolicy(\"example\", {\n repositoryName: exampleRepository.repositoryName,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_repository = aws.ecrpublic.Repository(\"example\", repository_name=\"example\")\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"new policy\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n \"actions\": [\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n ],\n}])\nexample_repository_policy = aws.ecrpublic.RepositoryPolicy(\"example\",\n repository_name=example_repository.repository_name,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRepository = new Aws.EcrPublic.Repository(\"example\", new()\n {\n RepositoryName = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"new policy\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n Actions = new[]\n {\n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\",\n },\n },\n },\n });\n\n var exampleRepositoryPolicy = new Aws.EcrPublic.RepositoryPolicy(\"example\", new()\n {\n RepositoryName = exampleRepository.RepositoryName,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecrpublic\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRepository, err := ecrpublic.NewRepository(ctx, \"example\", \u0026ecrpublic.RepositoryArgs{\n\t\t\tRepositoryName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"new policy\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"123456789012\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ecr:GetDownloadUrlForLayer\",\n\t\t\t\t\t\t\"ecr:BatchGetImage\",\n\t\t\t\t\t\t\"ecr:BatchCheckLayerAvailability\",\n\t\t\t\t\t\t\"ecr:PutImage\",\n\t\t\t\t\t\t\"ecr:InitiateLayerUpload\",\n\t\t\t\t\t\t\"ecr:UploadLayerPart\",\n\t\t\t\t\t\t\"ecr:CompleteLayerUpload\",\n\t\t\t\t\t\t\"ecr:DescribeRepositories\",\n\t\t\t\t\t\t\"ecr:GetRepositoryPolicy\",\n\t\t\t\t\t\t\"ecr:ListImages\",\n\t\t\t\t\t\t\"ecr:DeleteRepository\",\n\t\t\t\t\t\t\"ecr:BatchDeleteImage\",\n\t\t\t\t\t\t\"ecr:SetRepositoryPolicy\",\n\t\t\t\t\t\t\"ecr:DeleteRepositoryPolicy\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecrpublic.NewRepositoryPolicy(ctx, \"example\", \u0026ecrpublic.RepositoryPolicyArgs{\n\t\t\tRepositoryName: exampleRepository.RepositoryName,\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecrpublic.Repository;\nimport com.pulumi.aws.ecrpublic.RepositoryArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ecrpublic.RepositoryPolicy;\nimport com.pulumi.aws.ecrpublic.RepositoryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRepository = new Repository(\"exampleRepository\", RepositoryArgs.builder()\n .repositoryName(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"new policy\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .actions( \n \"ecr:GetDownloadUrlForLayer\",\n \"ecr:BatchGetImage\",\n \"ecr:BatchCheckLayerAvailability\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:UploadLayerPart\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:DescribeRepositories\",\n \"ecr:GetRepositoryPolicy\",\n \"ecr:ListImages\",\n \"ecr:DeleteRepository\",\n \"ecr:BatchDeleteImage\",\n \"ecr:SetRepositoryPolicy\",\n \"ecr:DeleteRepositoryPolicy\")\n .build())\n .build());\n\n var exampleRepositoryPolicy = new RepositoryPolicy(\"exampleRepositoryPolicy\", RepositoryPolicyArgs.builder()\n .repositoryName(exampleRepository.repositoryName())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRepository:\n type: aws:ecrpublic:Repository\n name: example\n properties:\n repositoryName: example\n exampleRepositoryPolicy:\n type: aws:ecrpublic:RepositoryPolicy\n name: example\n properties:\n repositoryName: ${exampleRepository.repositoryName}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: new policy\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '123456789012'\n actions:\n - ecr:GetDownloadUrlForLayer\n - ecr:BatchGetImage\n - ecr:BatchCheckLayerAvailability\n - ecr:PutImage\n - ecr:InitiateLayerUpload\n - ecr:UploadLayerPart\n - ecr:CompleteLayerUpload\n - ecr:DescribeRepositories\n - ecr:GetRepositoryPolicy\n - ecr:ListImages\n - ecr:DeleteRepository\n - ecr:BatchDeleteImage\n - ecr:SetRepositoryPolicy\n - ecr:DeleteRepositoryPolicy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Public Repository Policy using the repository name. For example:\n\n```sh\n$ pulumi import aws:ecrpublic/repositoryPolicy:RepositoryPolicy example example\n```\n", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository to apply the policy.\n" } }, "required": [ "policy", "registryId", "repositoryName" ], "inputProperties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "repositoryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RepositoryPolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "registryId": { "type": "string", "description": "The registry ID where the repository was created.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository to apply the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ecs/accountSettingDefault:AccountSettingDefault": { "description": "Provides an ECS default account setting for a specific ECS Resource name within a specific region. More information can be found on the [ECS Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html).\n\n\u003e **NOTE:** The AWS API does not delete this resource. When you run `destroy`, the provider will attempt to disable the setting.\n\n\u003e **NOTE:** Your AWS account may not support disabling `containerInstanceLongArnFormat`, `serviceLongArnFormat`, and `taskLongArnFormat`. If your account does not support disabling these, \"destroying\" this resource will not disable the setting nor cause a provider error. However, the AWS Provider will log an AWS error: `InvalidParameterException: You can no longer disable Long Arn settings`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ecs.AccountSettingDefault(\"test\", {\n name: \"taskLongArnFormat\",\n value: \"enabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ecs.AccountSettingDefault(\"test\",\n name=\"taskLongArnFormat\",\n value=\"enabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ecs.AccountSettingDefault(\"test\", new()\n {\n Name = \"taskLongArnFormat\",\n Value = \"enabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewAccountSettingDefault(ctx, \"test\", \u0026ecs.AccountSettingDefaultArgs{\n\t\t\tName: pulumi.String(\"taskLongArnFormat\"),\n\t\t\tValue: pulumi.String(\"enabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.AccountSettingDefault;\nimport com.pulumi.aws.ecs.AccountSettingDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AccountSettingDefault(\"test\", AccountSettingDefaultArgs.builder()\n .name(\"taskLongArnFormat\")\n .value(\"enabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ecs:AccountSettingDefault\n properties:\n name: taskLongArnFormat\n value: enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS Account Setting defaults using the `name`. For example:\n\n```sh\n$ pulumi import aws:ecs/accountSettingDefault:AccountSettingDefault example taskLongArnFormat\n```\n", "properties": { "name": { "type": "string", "description": "Name of the account setting to set.\n" }, "principalArn": { "type": "string" }, "value": { "type": "string", "description": "State of the setting.\n" } }, "required": [ "name", "principalArn", "value" ], "inputProperties": { "name": { "type": "string", "description": "Name of the account setting to set.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "State of the setting.\n" } }, "requiredInputs": [ "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountSettingDefault resources.\n", "properties": { "name": { "type": "string", "description": "Name of the account setting to set.\n", "willReplaceOnChanges": true }, "principalArn": { "type": "string" }, "value": { "type": "string", "description": "State of the setting.\n" } }, "type": "object" } }, "aws:ecs/capacityProvider:CapacityProvider": { "description": "Provides an ECS cluster capacity provider. More information can be found on the [ECS Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-capacity-providers.html).\n\n\u003e **NOTE:** Associating an ECS Capacity Provider to an Auto Scaling Group will automatically add the `AmazonECSManaged` tag to the Auto Scaling Group. This tag should be included in the `aws.autoscaling.Group` resource configuration to prevent the provider from removing it in subsequent executions as well as ensuring the `AmazonECSManaged` tag is propagated to all EC2 Instances in the Auto Scaling Group if `min_size` is above 0 on creation. Any EC2 Instances in the Auto Scaling Group without this tag must be manually be updated, otherwise they may cause unexpected scaling behavior and metrics.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.autoscaling.Group(\"test\", {tags: [{\n key: \"AmazonECSManaged\",\n value: \"true\",\n propagateAtLaunch: true,\n}]});\nconst testCapacityProvider = new aws.ecs.CapacityProvider(\"test\", {\n name: \"test\",\n autoScalingGroupProvider: {\n autoScalingGroupArn: test.arn,\n managedTerminationProtection: \"ENABLED\",\n managedScaling: {\n maximumScalingStepSize: 1000,\n minimumScalingStepSize: 1,\n status: \"ENABLED\",\n targetCapacity: 10,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.autoscaling.Group(\"test\", tags=[{\n \"key\": \"AmazonECSManaged\",\n \"value\": \"true\",\n \"propagate_at_launch\": True,\n}])\ntest_capacity_provider = aws.ecs.CapacityProvider(\"test\",\n name=\"test\",\n auto_scaling_group_provider={\n \"auto_scaling_group_arn\": test.arn,\n \"managed_termination_protection\": \"ENABLED\",\n \"managed_scaling\": {\n \"maximum_scaling_step_size\": 1000,\n \"minimum_scaling_step_size\": 1,\n \"status\": \"ENABLED\",\n \"target_capacity\": 10,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.AutoScaling.Group(\"test\", new()\n {\n Tags = new[]\n {\n new Aws.AutoScaling.Inputs.GroupTagArgs\n {\n Key = \"AmazonECSManaged\",\n Value = \"true\",\n PropagateAtLaunch = true,\n },\n },\n });\n\n var testCapacityProvider = new Aws.Ecs.CapacityProvider(\"test\", new()\n {\n Name = \"test\",\n AutoScalingGroupProvider = new Aws.Ecs.Inputs.CapacityProviderAutoScalingGroupProviderArgs\n {\n AutoScalingGroupArn = test.Arn,\n ManagedTerminationProtection = \"ENABLED\",\n ManagedScaling = new Aws.Ecs.Inputs.CapacityProviderAutoScalingGroupProviderManagedScalingArgs\n {\n MaximumScalingStepSize = 1000,\n MinimumScalingStepSize = 1,\n Status = \"ENABLED\",\n TargetCapacity = 10,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := autoscaling.NewGroup(ctx, \"test\", \u0026autoscaling.GroupArgs{\n\t\t\tTags: autoscaling.GroupTagArray{\n\t\t\t\t\u0026autoscaling.GroupTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"AmazonECSManaged\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t\tPropagateAtLaunch: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewCapacityProvider(ctx, \"test\", \u0026ecs.CapacityProviderArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tAutoScalingGroupProvider: \u0026ecs.CapacityProviderAutoScalingGroupProviderArgs{\n\t\t\t\tAutoScalingGroupArn: test.Arn,\n\t\t\t\tManagedTerminationProtection: pulumi.String(\"ENABLED\"),\n\t\t\t\tManagedScaling: \u0026ecs.CapacityProviderAutoScalingGroupProviderManagedScalingArgs{\n\t\t\t\t\tMaximumScalingStepSize: pulumi.Int(1000),\n\t\t\t\t\tMinimumScalingStepSize: pulumi.Int(1),\n\t\t\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\t\tTargetCapacity: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.Group;\nimport com.pulumi.aws.autoscaling.GroupArgs;\nimport com.pulumi.aws.autoscaling.inputs.GroupTagArgs;\nimport com.pulumi.aws.ecs.CapacityProvider;\nimport com.pulumi.aws.ecs.CapacityProviderArgs;\nimport com.pulumi.aws.ecs.inputs.CapacityProviderAutoScalingGroupProviderArgs;\nimport com.pulumi.aws.ecs.inputs.CapacityProviderAutoScalingGroupProviderManagedScalingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Group(\"test\", GroupArgs.builder()\n .tags(GroupTagArgs.builder()\n .key(\"AmazonECSManaged\")\n .value(true)\n .propagateAtLaunch(true)\n .build())\n .build());\n\n var testCapacityProvider = new CapacityProvider(\"testCapacityProvider\", CapacityProviderArgs.builder()\n .name(\"test\")\n .autoScalingGroupProvider(CapacityProviderAutoScalingGroupProviderArgs.builder()\n .autoScalingGroupArn(test.arn())\n .managedTerminationProtection(\"ENABLED\")\n .managedScaling(CapacityProviderAutoScalingGroupProviderManagedScalingArgs.builder()\n .maximumScalingStepSize(1000)\n .minimumScalingStepSize(1)\n .status(\"ENABLED\")\n .targetCapacity(10)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:autoscaling:Group\n properties:\n tags:\n - key: AmazonECSManaged\n value: true\n propagateAtLaunch: true\n testCapacityProvider:\n type: aws:ecs:CapacityProvider\n name: test\n properties:\n name: test\n autoScalingGroupProvider:\n autoScalingGroupArn: ${test.arn}\n managedTerminationProtection: ENABLED\n managedScaling:\n maximumScalingStepSize: 1000\n minimumScalingStepSize: 1\n status: ENABLED\n targetCapacity: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS Capacity Providers using the `name`. For example:\n\n```sh\n$ pulumi import aws:ecs/capacityProvider:CapacityProvider example example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN that identifies the capacity provider.\n" }, "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Configuration block for the provider for the ECS auto scaling group. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the capacity provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "autoScalingGroupProvider", "name", "tagsAll" ], "inputProperties": { "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Configuration block for the provider for the ECS auto scaling group. Detailed below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the capacity provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "autoScalingGroupProvider" ], "stateInputs": { "description": "Input properties used for looking up and filtering CapacityProvider resources.\n", "properties": { "arn": { "type": "string", "description": "ARN that identifies the capacity provider.\n" }, "autoScalingGroupProvider": { "$ref": "#/types/aws:ecs/CapacityProviderAutoScalingGroupProvider:CapacityProviderAutoScalingGroupProvider", "description": "Configuration block for the provider for the ECS auto scaling group. Detailed below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the capacity provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ecs/cluster:Cluster": { "description": "Provides an ECS cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ecs.Cluster(\"foo\", {\n name: \"white-hart\",\n settings: [{\n name: \"containerInsights\",\n value: \"enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ecs.Cluster(\"foo\",\n name=\"white-hart\",\n settings=[{\n \"name\": \"containerInsights\",\n \"value\": \"enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ecs.Cluster(\"foo\", new()\n {\n Name = \"white-hart\",\n Settings = new[]\n {\n new Aws.Ecs.Inputs.ClusterSettingArgs\n {\n Name = \"containerInsights\",\n Value = \"enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewCluster(ctx, \"foo\", \u0026ecs.ClusterArgs{\n\t\t\tName: pulumi.String(\"white-hart\"),\n\t\t\tSettings: ecs.ClusterSettingArray{\n\t\t\t\t\u0026ecs.ClusterSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"containerInsights\"),\n\t\t\t\t\tValue: pulumi.String(\"enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Cluster;\nimport com.pulumi.aws.ecs.ClusterArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterSettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Cluster(\"foo\", ClusterArgs.builder()\n .name(\"white-hart\")\n .settings(ClusterSettingArgs.builder()\n .name(\"containerInsights\")\n .value(\"enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ecs:Cluster\n properties:\n name: white-hart\n settings:\n - name: containerInsights\n value: enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Execute Command Configuration with Override Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 7,\n});\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst test = new aws.ecs.Cluster(\"test\", {\n name: \"example\",\n configuration: {\n executeCommandConfiguration: {\n kmsKeyId: example.arn,\n logging: \"OVERRIDE\",\n logConfiguration: {\n cloudWatchEncryptionEnabled: true,\n cloudWatchLogGroupName: exampleLogGroup.name,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=7)\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\ntest = aws.ecs.Cluster(\"test\",\n name=\"example\",\n configuration={\n \"execute_command_configuration\": {\n \"kms_key_id\": example.arn,\n \"logging\": \"OVERRIDE\",\n \"log_configuration\": {\n \"cloud_watch_encryption_enabled\": True,\n \"cloud_watch_log_group_name\": example_log_group.name,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 7,\n });\n\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var test = new Aws.Ecs.Cluster(\"test\", new()\n {\n Name = \"example\",\n Configuration = new Aws.Ecs.Inputs.ClusterConfigurationArgs\n {\n ExecuteCommandConfiguration = new Aws.Ecs.Inputs.ClusterConfigurationExecuteCommandConfigurationArgs\n {\n KmsKeyId = example.Arn,\n Logging = \"OVERRIDE\",\n LogConfiguration = new Aws.Ecs.Inputs.ClusterConfigurationExecuteCommandConfigurationLogConfigurationArgs\n {\n CloudWatchEncryptionEnabled = true,\n CloudWatchLogGroupName = exampleLogGroup.Name,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewCluster(ctx, \"test\", \u0026ecs.ClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026ecs.ClusterConfigurationArgs{\n\t\t\t\tExecuteCommandConfiguration: \u0026ecs.ClusterConfigurationExecuteCommandConfigurationArgs{\n\t\t\t\t\tKmsKeyId: example.Arn,\n\t\t\t\t\tLogging: pulumi.String(\"OVERRIDE\"),\n\t\t\t\t\tLogConfiguration: \u0026ecs.ClusterConfigurationExecuteCommandConfigurationLogConfigurationArgs{\n\t\t\t\t\t\tCloudWatchEncryptionEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tCloudWatchLogGroupName: exampleLogGroup.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.ecs.Cluster;\nimport com.pulumi.aws.ecs.ClusterArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterConfigurationArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterConfigurationExecuteCommandConfigurationArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterConfigurationExecuteCommandConfigurationLogConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n var test = new Cluster(\"test\", ClusterArgs.builder()\n .name(\"example\")\n .configuration(ClusterConfigurationArgs.builder()\n .executeCommandConfiguration(ClusterConfigurationExecuteCommandConfigurationArgs.builder()\n .kmsKeyId(example.arn())\n .logging(\"OVERRIDE\")\n .logConfiguration(ClusterConfigurationExecuteCommandConfigurationLogConfigurationArgs.builder()\n .cloudWatchEncryptionEnabled(true)\n .cloudWatchLogGroupName(exampleLogGroup.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n deletionWindowInDays: 7\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n test:\n type: aws:ecs:Cluster\n properties:\n name: example\n configuration:\n executeCommandConfiguration:\n kmsKeyId: ${example.arn}\n logging: OVERRIDE\n logConfiguration:\n cloudWatchEncryptionEnabled: true\n cloudWatchLogGroupName: ${exampleLogGroup.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fargate Ephemeral Storage Encryption with Customer-Managed KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 7,\n});\nconst exampleKeyPolicy = new aws.kms.KeyPolicy(\"example\", {\n keyId: example.id,\n policy: JSON.stringify({\n Id: \"ECSClusterFargatePolicy\",\n Statement: [\n {\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: \"*\",\n },\n Action: \"kms:*\",\n Resource: \"*\",\n },\n {\n Sid: \"Allow generate data key access for Fargate tasks.\",\n Effect: \"Allow\",\n Principal: {\n Service: \"fargate.amazonaws.com\",\n },\n Action: [\"kms:GenerateDataKeyWithoutPlaintext\"],\n Condition: {\n StringEquals: {\n \"kms:EncryptionContext:aws:ecs:clusterAccount\": [current.then(current =\u003e current.accountId)],\n \"kms:EncryptionContext:aws:ecs:clusterName\": [\"example\"],\n },\n },\n Resource: \"*\",\n },\n {\n Sid: \"Allow grant creation permission for Fargate tasks.\",\n Effect: \"Allow\",\n Principal: {\n Service: \"fargate.amazonaws.com\",\n },\n Action: [\"kms:CreateGrant\"],\n Condition: {\n StringEquals: {\n \"kms:EncryptionContext:aws:ecs:clusterAccount\": [current.then(current =\u003e current.accountId)],\n \"kms:EncryptionContext:aws:ecs:clusterName\": [\"example\"],\n },\n \"ForAllValues:StringEquals\": {\n \"kms:GrantOperations\": [\"Decrypt\"],\n },\n },\n Resource: \"*\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst test = new aws.ecs.Cluster(\"test\", {\n name: \"example\",\n configuration: {\n managedStorageConfiguration: {\n fargateEphemeralStorageKmsKeyId: example.id,\n },\n },\n}, {\n dependsOn: [exampleKeyPolicy],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=7)\nexample_key_policy = aws.kms.KeyPolicy(\"example\",\n key_id=example.id,\n policy=json.dumps({\n \"Id\": \"ECSClusterFargatePolicy\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow generate data key access for Fargate tasks.\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"fargate.amazonaws.com\",\n },\n \"Action\": [\"kms:GenerateDataKeyWithoutPlaintext\"],\n \"Condition\": {\n \"StringEquals\": {\n \"kms:EncryptionContext:aws:ecs:clusterAccount\": [current.account_id],\n \"kms:EncryptionContext:aws:ecs:clusterName\": [\"example\"],\n },\n },\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow grant creation permission for Fargate tasks.\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"fargate.amazonaws.com\",\n },\n \"Action\": [\"kms:CreateGrant\"],\n \"Condition\": {\n \"StringEquals\": {\n \"kms:EncryptionContext:aws:ecs:clusterAccount\": [current.account_id],\n \"kms:EncryptionContext:aws:ecs:clusterName\": [\"example\"],\n },\n \"ForAllValues:StringEquals\": {\n \"kms:GrantOperations\": [\"Decrypt\"],\n },\n },\n \"Resource\": \"*\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\ntest = aws.ecs.Cluster(\"test\",\n name=\"example\",\n configuration={\n \"managed_storage_configuration\": {\n \"fargate_ephemeral_storage_kms_key_id\": example.id,\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_key_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKeyPolicy = new Aws.Kms.KeyPolicy(\"example\", new()\n {\n KeyId = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Id\"] = \"ECSClusterFargatePolicy\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow generate data key access for Fargate tasks.\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"fargate.amazonaws.com\",\n },\n [\"Action\"] = new[]\n {\n \"kms:GenerateDataKeyWithoutPlaintext\",\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:EncryptionContext:aws:ecs:clusterAccount\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"kms:EncryptionContext:aws:ecs:clusterName\"] = new[]\n {\n \"example\",\n },\n },\n },\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow grant creation permission for Fargate tasks.\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"fargate.amazonaws.com\",\n },\n [\"Action\"] = new[]\n {\n \"kms:CreateGrant\",\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:EncryptionContext:aws:ecs:clusterAccount\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"kms:EncryptionContext:aws:ecs:clusterName\"] = new[]\n {\n \"example\",\n },\n },\n [\"ForAllValues:StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantOperations\"] = new[]\n {\n \"Decrypt\",\n },\n },\n },\n [\"Resource\"] = \"*\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var test = new Aws.Ecs.Cluster(\"test\", new()\n {\n Name = \"example\",\n Configuration = new Aws.Ecs.Inputs.ClusterConfigurationArgs\n {\n ManagedStorageConfiguration = new Aws.Ecs.Inputs.ClusterConfigurationManagedStorageConfigurationArgs\n {\n FargateEphemeralStorageKmsKeyId = example.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeyPolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Id\": \"ECSClusterFargatePolicy\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow generate data key access for Fargate tasks.\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"fargate.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:GenerateDataKeyWithoutPlaintext\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:EncryptionContext:aws:ecs:clusterAccount\": []*string{\n\t\t\t\t\t\t\t\tcurrent.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"kms:EncryptionContext:aws:ecs:clusterName\": []string{\n\t\t\t\t\t\t\t\t\"example\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow grant creation permission for Fargate tasks.\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"fargate.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:CreateGrant\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:EncryptionContext:aws:ecs:clusterAccount\": []*string{\n\t\t\t\t\t\t\t\tcurrent.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"kms:EncryptionContext:aws:ecs:clusterName\": []string{\n\t\t\t\t\t\t\t\t\"example\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"ForAllValues:StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantOperations\": []string{\n\t\t\t\t\t\t\t\t\"Decrypt\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleKeyPolicy, err := kms.NewKeyPolicy(ctx, \"example\", \u0026kms.KeyPolicyArgs{\n\t\t\tKeyId: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewCluster(ctx, \"test\", \u0026ecs.ClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026ecs.ClusterConfigurationArgs{\n\t\t\t\tManagedStorageConfiguration: \u0026ecs.ClusterConfigurationManagedStorageConfigurationArgs{\n\t\t\t\t\tFargateEphemeralStorageKmsKeyId: example.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeyPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KeyPolicy;\nimport com.pulumi.aws.kms.KeyPolicyArgs;\nimport com.pulumi.aws.ecs.Cluster;\nimport com.pulumi.aws.ecs.ClusterArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterConfigurationArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterConfigurationManagedStorageConfigurationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKeyPolicy = new KeyPolicy(\"exampleKeyPolicy\", KeyPolicyArgs.builder()\n .keyId(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Id\", \"ECSClusterFargatePolicy\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow generate data key access for Fargate tasks.\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"fargate.amazonaws.com\")\n )),\n jsonProperty(\"Action\", jsonArray(\"kms:GenerateDataKeyWithoutPlaintext\")),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"kms:EncryptionContext:aws:ecs:clusterAccount\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))),\n jsonProperty(\"kms:EncryptionContext:aws:ecs:clusterName\", jsonArray(\"example\"))\n ))\n )),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow grant creation permission for Fargate tasks.\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"fargate.amazonaws.com\")\n )),\n jsonProperty(\"Action\", jsonArray(\"kms:CreateGrant\")),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"kms:EncryptionContext:aws:ecs:clusterAccount\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))),\n jsonProperty(\"kms:EncryptionContext:aws:ecs:clusterName\", jsonArray(\"example\"))\n )),\n jsonProperty(\"ForAllValues:StringEquals\", jsonObject(\n jsonProperty(\"kms:GrantOperations\", jsonArray(\"Decrypt\"))\n ))\n )),\n jsonProperty(\"Resource\", \"*\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var test = new Cluster(\"test\", ClusterArgs.builder()\n .name(\"example\")\n .configuration(ClusterConfigurationArgs.builder()\n .managedStorageConfiguration(ClusterConfigurationManagedStorageConfigurationArgs.builder()\n .fargateEphemeralStorageKmsKeyId(example.id())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeyPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n deletionWindowInDays: 7\n exampleKeyPolicy:\n type: aws:kms:KeyPolicy\n name: example\n properties:\n keyId: ${example.id}\n policy:\n fn::toJSON:\n Id: ECSClusterFargatePolicy\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: '*'\n Action: kms:*\n Resource: '*'\n - Sid: Allow generate data key access for Fargate tasks.\n Effect: Allow\n Principal:\n Service: fargate.amazonaws.com\n Action:\n - kms:GenerateDataKeyWithoutPlaintext\n Condition:\n StringEquals:\n kms:EncryptionContext:aws:ecs:clusterAccount:\n - ${current.accountId}\n kms:EncryptionContext:aws:ecs:clusterName:\n - example\n Resource: '*'\n - Sid: Allow grant creation permission for Fargate tasks.\n Effect: Allow\n Principal:\n Service: fargate.amazonaws.com\n Action:\n - kms:CreateGrant\n Condition:\n StringEquals:\n kms:EncryptionContext:aws:ecs:clusterAccount:\n - ${current.accountId}\n kms:EncryptionContext:aws:ecs:clusterName:\n - example\n ForAllValues:StringEquals:\n kms:GrantOperations:\n - Decrypt\n Resource: '*'\n Version: 2012-10-17\n test:\n type: aws:ecs:Cluster\n properties:\n name: example\n configuration:\n managedStorageConfiguration:\n fargateEphemeralStorageKmsKeyId: ${example.id}\n options:\n dependson:\n - ${exampleKeyPolicy}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS clusters using the cluster name. For example:\n\n```sh\n$ pulumi import aws:ecs/cluster:Cluster stateless stateless-app\n```\n", "properties": { "arn": { "type": "string", "description": "ARN that identifies the cluster.\n" }, "configuration": { "$ref": "#/types/aws:ecs/ClusterConfiguration:ClusterConfiguration", "description": "Execute command configuration for the cluster. See `configueration` Block for details.\n" }, "name": { "type": "string", "description": "Name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n" }, "serviceConnectDefaults": { "$ref": "#/types/aws:ecs/ClusterServiceConnectDefaults:ClusterServiceConnectDefaults", "description": "Default Service Connect namespace. See `service_connect_defaults` Block for details.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. See `setting` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "settings", "tagsAll" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:ecs/ClusterConfiguration:ClusterConfiguration", "description": "Execute command configuration for the cluster. See `configueration` Block for details.\n" }, "name": { "type": "string", "description": "Name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "serviceConnectDefaults": { "$ref": "#/types/aws:ecs/ClusterServiceConnectDefaults:ClusterServiceConnectDefaults", "description": "Default Service Connect namespace. See `service_connect_defaults` Block for details.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. See `setting` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "ARN that identifies the cluster.\n" }, "configuration": { "$ref": "#/types/aws:ecs/ClusterConfiguration:ClusterConfiguration", "description": "Execute command configuration for the cluster. See `configueration` Block for details.\n" }, "name": { "type": "string", "description": "Name of the cluster (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "serviceConnectDefaults": { "$ref": "#/types/aws:ecs/ClusterServiceConnectDefaults:ClusterServiceConnectDefaults", "description": "Default Service Connect namespace. See `service_connect_defaults` Block for details.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterSetting:ClusterSetting" }, "description": "Configuration block(s) with cluster settings. For example, this can be used to enable CloudWatch Container Insights for a cluster. See `setting` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ecs/clusterCapacityProviders:ClusterCapacityProviders": { "description": "Manages the capacity providers of an ECS Cluster.\n\nMore information about capacity providers can be found in the [ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-capacity-providers.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Cluster(\"example\", {name: \"my-cluster\"});\nconst exampleClusterCapacityProviders = new aws.ecs.ClusterCapacityProviders(\"example\", {\n clusterName: example.name,\n capacityProviders: [\"FARGATE\"],\n defaultCapacityProviderStrategies: [{\n base: 1,\n weight: 100,\n capacityProvider: \"FARGATE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Cluster(\"example\", name=\"my-cluster\")\nexample_cluster_capacity_providers = aws.ecs.ClusterCapacityProviders(\"example\",\n cluster_name=example.name,\n capacity_providers=[\"FARGATE\"],\n default_capacity_provider_strategies=[{\n \"base\": 1,\n \"weight\": 100,\n \"capacity_provider\": \"FARGATE\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Cluster(\"example\", new()\n {\n Name = \"my-cluster\",\n });\n\n var exampleClusterCapacityProviders = new Aws.Ecs.ClusterCapacityProviders(\"example\", new()\n {\n ClusterName = example.Name,\n CapacityProviders = new[]\n {\n \"FARGATE\",\n },\n DefaultCapacityProviderStrategies = new[]\n {\n new Aws.Ecs.Inputs.ClusterCapacityProvidersDefaultCapacityProviderStrategyArgs\n {\n Base = 1,\n Weight = 100,\n CapacityProvider = \"FARGATE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ecs.NewCluster(ctx, \"example\", \u0026ecs.ClusterArgs{\n\t\t\tName: pulumi.String(\"my-cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewClusterCapacityProviders(ctx, \"example\", \u0026ecs.ClusterCapacityProvidersArgs{\n\t\t\tClusterName: example.Name,\n\t\t\tCapacityProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tDefaultCapacityProviderStrategies: ecs.ClusterCapacityProvidersDefaultCapacityProviderStrategyArray{\n\t\t\t\t\u0026ecs.ClusterCapacityProvidersDefaultCapacityProviderStrategyArgs{\n\t\t\t\t\tBase: pulumi.Int(1),\n\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\tCapacityProvider: pulumi.String(\"FARGATE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Cluster;\nimport com.pulumi.aws.ecs.ClusterArgs;\nimport com.pulumi.aws.ecs.ClusterCapacityProviders;\nimport com.pulumi.aws.ecs.ClusterCapacityProvidersArgs;\nimport com.pulumi.aws.ecs.inputs.ClusterCapacityProvidersDefaultCapacityProviderStrategyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .name(\"my-cluster\")\n .build());\n\n var exampleClusterCapacityProviders = new ClusterCapacityProviders(\"exampleClusterCapacityProviders\", ClusterCapacityProvidersArgs.builder()\n .clusterName(example.name())\n .capacityProviders(\"FARGATE\")\n .defaultCapacityProviderStrategies(ClusterCapacityProvidersDefaultCapacityProviderStrategyArgs.builder()\n .base(1)\n .weight(100)\n .capacityProvider(\"FARGATE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Cluster\n properties:\n name: my-cluster\n exampleClusterCapacityProviders:\n type: aws:ecs:ClusterCapacityProviders\n name: example\n properties:\n clusterName: ${example.name}\n capacityProviders:\n - FARGATE\n defaultCapacityProviderStrategies:\n - base: 1\n weight: 100\n capacityProvider: FARGATE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS cluster capacity providers using the `cluster_name` attribute. For example:\n\n```sh\n$ pulumi import aws:ecs/clusterCapacityProviders:ClusterCapacityProviders example my-cluster\n```\n", "properties": { "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "Set of names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "clusterName": { "type": "string", "description": "Name of the ECS cluster to manage capacity providers for.\n" }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterCapacityProvidersDefaultCapacityProviderStrategy:ClusterCapacityProvidersDefaultCapacityProviderStrategy" }, "description": "Set of capacity provider strategies to use by default for the cluster. Detailed below.\n" } }, "required": [ "clusterName" ], "inputProperties": { "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "Set of names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "clusterName": { "type": "string", "description": "Name of the ECS cluster to manage capacity providers for.\n", "willReplaceOnChanges": true }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterCapacityProvidersDefaultCapacityProviderStrategy:ClusterCapacityProvidersDefaultCapacityProviderStrategy" }, "description": "Set of capacity provider strategies to use by default for the cluster. Detailed below.\n" } }, "requiredInputs": [ "clusterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterCapacityProviders resources.\n", "properties": { "capacityProviders": { "type": "array", "items": { "type": "string" }, "description": "Set of names of one or more capacity providers to associate with the cluster. Valid values also include `FARGATE` and `FARGATE_SPOT`.\n" }, "clusterName": { "type": "string", "description": "Name of the ECS cluster to manage capacity providers for.\n", "willReplaceOnChanges": true }, "defaultCapacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ClusterCapacityProvidersDefaultCapacityProviderStrategy:ClusterCapacityProvidersDefaultCapacityProviderStrategy" }, "description": "Set of capacity provider strategies to use by default for the cluster. Detailed below.\n" } }, "type": "object" } }, "aws:ecs/service:Service": { "description": "\u003e **Note:** To prevent a race condition during service deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicy`; otherwise, the policy may be destroyed too soon and the ECS service will then get stuck in the `DRAINING` state.\n\nProvides an ECS service - effectively a task that is expected to run until an error occurs or a user terminates it (typically a webserver or a database).\n\nSee [ECS Services section in AWS developer guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mongo = new aws.ecs.Service(\"mongo\", {\n name: \"mongodb\",\n cluster: fooAwsEcsCluster.id,\n taskDefinition: mongoAwsEcsTaskDefinition.arn,\n desiredCount: 3,\n iamRole: fooAwsIamRole.arn,\n orderedPlacementStrategies: [{\n type: \"binpack\",\n field: \"cpu\",\n }],\n loadBalancers: [{\n targetGroupArn: fooAwsLbTargetGroup.arn,\n containerName: \"mongo\",\n containerPort: 8080,\n }],\n placementConstraints: [{\n type: \"memberOf\",\n expression: \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }],\n}, {\n dependsOn: [foo],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmongo = aws.ecs.Service(\"mongo\",\n name=\"mongodb\",\n cluster=foo_aws_ecs_cluster[\"id\"],\n task_definition=mongo_aws_ecs_task_definition[\"arn\"],\n desired_count=3,\n iam_role=foo_aws_iam_role[\"arn\"],\n ordered_placement_strategies=[{\n \"type\": \"binpack\",\n \"field\": \"cpu\",\n }],\n load_balancers=[{\n \"target_group_arn\": foo_aws_lb_target_group[\"arn\"],\n \"container_name\": \"mongo\",\n \"container_port\": 8080,\n }],\n placement_constraints=[{\n \"type\": \"memberOf\",\n \"expression\": \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[foo]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Aws.Ecs.Service(\"mongo\", new()\n {\n Name = \"mongodb\",\n Cluster = fooAwsEcsCluster.Id,\n TaskDefinition = mongoAwsEcsTaskDefinition.Arn,\n DesiredCount = 3,\n IamRole = fooAwsIamRole.Arn,\n OrderedPlacementStrategies = new[]\n {\n new Aws.Ecs.Inputs.ServiceOrderedPlacementStrategyArgs\n {\n Type = \"binpack\",\n Field = \"cpu\",\n },\n },\n LoadBalancers = new[]\n {\n new Aws.Ecs.Inputs.ServiceLoadBalancerArgs\n {\n TargetGroupArn = fooAwsLbTargetGroup.Arn,\n ContainerName = \"mongo\",\n ContainerPort = 8080,\n },\n },\n PlacementConstraints = new[]\n {\n new Aws.Ecs.Inputs.ServicePlacementConstraintArgs\n {\n Type = \"memberOf\",\n Expression = \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n foo,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"mongo\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"mongodb\"),\n\t\t\tCluster: pulumi.Any(fooAwsEcsCluster.Id),\n\t\t\tTaskDefinition: pulumi.Any(mongoAwsEcsTaskDefinition.Arn),\n\t\t\tDesiredCount: pulumi.Int(3),\n\t\t\tIamRole: pulumi.Any(fooAwsIamRole.Arn),\n\t\t\tOrderedPlacementStrategies: ecs.ServiceOrderedPlacementStrategyArray{\n\t\t\t\t\u0026ecs.ServiceOrderedPlacementStrategyArgs{\n\t\t\t\t\tType: pulumi.String(\"binpack\"),\n\t\t\t\t\tField: pulumi.String(\"cpu\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancers: ecs.ServiceLoadBalancerArray{\n\t\t\t\t\u0026ecs.ServiceLoadBalancerArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(fooAwsLbTargetGroup.Arn),\n\t\t\t\t\tContainerName: pulumi.String(\"mongo\"),\n\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPlacementConstraints: ecs.ServicePlacementConstraintArray{\n\t\t\t\t\u0026ecs.ServicePlacementConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"memberOf\"),\n\t\t\t\t\tExpression: pulumi.String(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfoo,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceOrderedPlacementStrategyArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceLoadBalancerArgs;\nimport com.pulumi.aws.ecs.inputs.ServicePlacementConstraintArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Service(\"mongo\", ServiceArgs.builder()\n .name(\"mongodb\")\n .cluster(fooAwsEcsCluster.id())\n .taskDefinition(mongoAwsEcsTaskDefinition.arn())\n .desiredCount(3)\n .iamRole(fooAwsIamRole.arn())\n .orderedPlacementStrategies(ServiceOrderedPlacementStrategyArgs.builder()\n .type(\"binpack\")\n .field(\"cpu\")\n .build())\n .loadBalancers(ServiceLoadBalancerArgs.builder()\n .targetGroupArn(fooAwsLbTargetGroup.arn())\n .containerName(\"mongo\")\n .containerPort(8080)\n .build())\n .placementConstraints(ServicePlacementConstraintArgs.builder()\n .type(\"memberOf\")\n .expression(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(foo)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: aws:ecs:Service\n properties:\n name: mongodb\n cluster: ${fooAwsEcsCluster.id}\n taskDefinition: ${mongoAwsEcsTaskDefinition.arn}\n desiredCount: 3\n iamRole: ${fooAwsIamRole.arn}\n orderedPlacementStrategies:\n - type: binpack\n field: cpu\n loadBalancers:\n - targetGroupArn: ${fooAwsLbTargetGroup.arn}\n containerName: mongo\n containerPort: 8080\n placementConstraints:\n - type: memberOf\n expression: attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\n options:\n dependson:\n - ${foo}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Count\n\nYou can use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to create an ECS service with an initial count of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {desiredCount: 2});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\", desired_count=2)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n DesiredCount = 2,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tDesiredCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .desiredCount(2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n desiredCount: 2 # Optional: Allow external changes without this provider plan difference\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Daemon Scheduling Strategy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.ecs.Service(\"bar\", {\n name: \"bar\",\n cluster: foo.id,\n taskDefinition: barAwsEcsTaskDefinition.arn,\n schedulingStrategy: \"DAEMON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ecs.Service(\"bar\",\n name=\"bar\",\n cluster=foo[\"id\"],\n task_definition=bar_aws_ecs_task_definition[\"arn\"],\n scheduling_strategy=\"DAEMON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Ecs.Service(\"bar\", new()\n {\n Name = \"bar\",\n Cluster = foo.Id,\n TaskDefinition = barAwsEcsTaskDefinition.Arn,\n SchedulingStrategy = \"DAEMON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"bar\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"bar\"),\n\t\t\tCluster: pulumi.Any(foo.Id),\n\t\t\tTaskDefinition: pulumi.Any(barAwsEcsTaskDefinition.Arn),\n\t\t\tSchedulingStrategy: pulumi.String(\"DAEMON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Service(\"bar\", ServiceArgs.builder()\n .name(\"bar\")\n .cluster(foo.id())\n .taskDefinition(barAwsEcsTaskDefinition.arn())\n .schedulingStrategy(\"DAEMON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:ecs:Service\n properties:\n name: bar\n cluster: ${foo.id}\n taskDefinition: ${barAwsEcsTaskDefinition.arn}\n schedulingStrategy: DAEMON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudWatch Deployment Alarms\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n alarms: {\n enable: true,\n rollback: true,\n alarmNames: [exampleAwsCloudwatchMetricAlarm.alarmName],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n alarms={\n \"enable\": True,\n \"rollback\": True,\n \"alarm_names\": [example_aws_cloudwatch_metric_alarm[\"alarmName\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n Alarms = new Aws.Ecs.Inputs.ServiceAlarmsArgs\n {\n Enable = true,\n Rollback = true,\n AlarmNames = new[]\n {\n exampleAwsCloudwatchMetricAlarm.AlarmName,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tAlarms: \u0026ecs.ServiceAlarmsArgs{\n\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\tRollback: pulumi.Bool(true),\n\t\t\t\tAlarmNames: pulumi.StringArray{\n\t\t\t\t\texampleAwsCloudwatchMetricAlarm.AlarmName,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceAlarmsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .alarms(ServiceAlarmsArgs.builder()\n .enable(true)\n .rollback(true)\n .alarmNames(exampleAwsCloudwatchMetricAlarm.alarmName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n alarms:\n enable: true\n rollback: true\n alarmNames:\n - ${exampleAwsCloudwatchMetricAlarm.alarmName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### External Deployment Controller\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n deploymentController: {\n type: \"EXTERNAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n deployment_controller={\n \"type\": \"EXTERNAL\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n DeploymentController = new Aws.Ecs.Inputs.ServiceDeploymentControllerArgs\n {\n Type = \"EXTERNAL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tDeploymentController: \u0026ecs.ServiceDeploymentControllerArgs{\n\t\t\t\tType: pulumi.String(\"EXTERNAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceDeploymentControllerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .deploymentController(ServiceDeploymentControllerArgs.builder()\n .type(\"EXTERNAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n deploymentController:\n type: EXTERNAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redeploy Service On Every Apply\n\nThe key used with `triggers` is arbitrary.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n forceNewDeployment: true,\n triggers: {\n redeployment: \"plantimestamp()\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n force_new_deployment=True,\n triggers={\n \"redeployment\": \"plantimestamp()\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n ForceNewDeployment = true,\n Triggers = \n {\n { \"redeployment\", \"plantimestamp()\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tForceNewDeployment: pulumi.Bool(true),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"redeployment\": pulumi.String(\"plantimestamp()\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .forceNewDeployment(true)\n .triggers(Map.of(\"redeployment\", \"plantimestamp()\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n forceNewDeployment: true\n triggers:\n redeployment: plantimestamp()\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS services using the `name` together with ecs cluster `name`. For example:\n\n```sh\n$ pulumi import aws:ecs/service:Service imported cluster-name/service-name\n```\n", "properties": { "alarms": { "$ref": "#/types/aws:ecs/ServiceAlarms:ServiceAlarms", "description": "Information about the CloudWatch alarms. See below.\n" }, "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "Capacity provider strategies to use for the service. Can be one or more. These can be updated without destroying and recreating the service only if `force_new_deployment = true` and not changing from 0 `capacity_provider_strategy` blocks to greater than 0, or vice versa. See below. Conflicts with `launch_type`.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster.\n" }, "deploymentCircuitBreaker": { "$ref": "#/types/aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker", "description": "Configuration block for deployment circuit breaker. See below.\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block for deployment controller configuration. See below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "Number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Whether to enable Amazon ECS Exec for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g., `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n" }, "launchType": { "type": "string", "description": "Launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`. Conflicts with `capacity_provider_strategy`.\n" }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "Configuration block for load balancers. See below.\n" }, "name": { "type": "string", "description": "Name of the service (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. See below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "Rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. See below.\n" }, "platformVersion": { "type": "string", "description": "Platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "Scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n" }, "serviceConnectConfiguration": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfiguration:ServiceServiceConnectConfiguration", "description": "ECS Service Connect configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace. See below.\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "Service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskDefinition": { "type": "string", "description": "Family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an in-place update (redeployment). Useful with `\"plantimestamp()\"`. When using the triggers property you also need to set the forceNewDeployment property to True.\n" }, "volumeConfiguration": { "$ref": "#/types/aws:ecs/ServiceVolumeConfiguration:ServiceVolumeConfiguration", "description": "Configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume. See below.\n" }, "waitForSteadyState": { "type": "boolean", "description": "If `true`, this provider will wait for the service to reach a steady state (like [`aws ecs wait services-stable`](https://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) before continuing. Default `false`.\n" } }, "required": [ "cluster", "iamRole", "launchType", "name", "platformVersion", "tagsAll", "triggers" ], "inputProperties": { "alarms": { "$ref": "#/types/aws:ecs/ServiceAlarms:ServiceAlarms", "description": "Information about the CloudWatch alarms. See below.\n" }, "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "Capacity provider strategies to use for the service. Can be one or more. These can be updated without destroying and recreating the service only if `force_new_deployment = true` and not changing from 0 `capacity_provider_strategy` blocks to greater than 0, or vice versa. See below. Conflicts with `launch_type`.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster.\n", "willReplaceOnChanges": true }, "deploymentCircuitBreaker": { "$ref": "#/types/aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker", "description": "Configuration block for deployment circuit breaker. See below.\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block for deployment controller configuration. See below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "Number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Whether to enable Amazon ECS Exec for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g., `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n", "willReplaceOnChanges": true }, "launchType": { "type": "string", "description": "Launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`. Conflicts with `capacity_provider_strategy`.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "Configuration block for load balancers. See below.\n" }, "name": { "type": "string", "description": "Name of the service (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. See below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "Rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. See below.\n" }, "platformVersion": { "type": "string", "description": "Platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "Scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n", "willReplaceOnChanges": true }, "serviceConnectConfiguration": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfiguration:ServiceServiceConnectConfiguration", "description": "ECS Service Connect configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace. See below.\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "Service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taskDefinition": { "type": "string", "description": "Family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an in-place update (redeployment). Useful with `\"plantimestamp()\"`. When using the triggers property you also need to set the forceNewDeployment property to True.\n" }, "volumeConfiguration": { "$ref": "#/types/aws:ecs/ServiceVolumeConfiguration:ServiceVolumeConfiguration", "description": "Configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume. See below.\n" }, "waitForSteadyState": { "type": "boolean", "description": "If `true`, this provider will wait for the service to reach a steady state (like [`aws ecs wait services-stable`](https://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) before continuing. Default `false`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "alarms": { "$ref": "#/types/aws:ecs/ServiceAlarms:ServiceAlarms", "description": "Information about the CloudWatch alarms. See below.\n" }, "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceCapacityProviderStrategy:ServiceCapacityProviderStrategy" }, "description": "Capacity provider strategies to use for the service. Can be one or more. These can be updated without destroying and recreating the service only if `force_new_deployment = true` and not changing from 0 `capacity_provider_strategy` blocks to greater than 0, or vice versa. See below. Conflicts with `launch_type`.\n" }, "cluster": { "type": "string", "description": "ARN of an ECS cluster.\n", "willReplaceOnChanges": true }, "deploymentCircuitBreaker": { "$ref": "#/types/aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker", "description": "Configuration block for deployment circuit breaker. See below.\n" }, "deploymentController": { "$ref": "#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController", "description": "Configuration block for deployment controller configuration. See below.\n" }, "deploymentMaximumPercent": { "type": "integer", "description": "Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n" }, "deploymentMinimumHealthyPercent": { "type": "integer", "description": "Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n" }, "desiredCount": { "type": "integer", "description": "Number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Whether to enable Amazon ECS Exec for the tasks within the service.\n" }, "forceNewDeployment": { "type": "boolean", "description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g., `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n" }, "healthCheckGracePeriodSeconds": { "type": "integer", "description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n" }, "iamRole": { "type": "string", "description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n", "willReplaceOnChanges": true }, "launchType": { "type": "string", "description": "Launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`. Conflicts with `capacity_provider_strategy`.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer" }, "description": "Configuration block for load balancers. See below.\n" }, "name": { "type": "string", "description": "Name of the service (up to 255 letters, numbers, hyphens, and underscores)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration", "description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n" }, "orderedPlacementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy" }, "description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. See below.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint" }, "description": "Rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. See below.\n" }, "platformVersion": { "type": "string", "description": "Platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "propagateTags": { "type": "string", "description": "Whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n" }, "schedulingStrategy": { "type": "string", "description": "Scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n", "willReplaceOnChanges": true }, "serviceConnectConfiguration": { "$ref": "#/types/aws:ecs/ServiceServiceConnectConfiguration:ServiceServiceConnectConfiguration", "description": "ECS Service Connect configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace. See below.\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries", "description": "Service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskDefinition": { "type": "string", "description": "Family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Required unless using the `EXTERNAL` deployment controller. If a revision is not specified, the latest `ACTIVE` revision is used.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an in-place update (redeployment). Useful with `\"plantimestamp()\"`. When using the triggers property you also need to set the forceNewDeployment property to True.\n" }, "volumeConfiguration": { "$ref": "#/types/aws:ecs/ServiceVolumeConfiguration:ServiceVolumeConfiguration", "description": "Configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume. See below.\n" }, "waitForSteadyState": { "type": "boolean", "description": "If `true`, this provider will wait for the service to reach a steady state (like [`aws ecs wait services-stable`](https://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) before continuing. Default `false`.\n" } }, "type": "object" } }, "aws:ecs/tag:Tag": { "description": "Manages an individual ECS resource tag. This resource should only be used in cases where ECS resources are created outside the provider (e.g., ECS Clusters implicitly created by Batch Compute Environments).\n\n\u003e **NOTE:** This tagging resource should not be combined with the resource for managing the parent resource. For example, using `aws.ecs.Cluster` and `aws.ecs.Tag` to manage tags of the same ECS Cluster will cause a perpetual difference where the `aws.ecs.Cluster` resource will try to remove the tag being added by the `aws.ecs.Tag` resource.\n\n\u003e **NOTE:** This tagging resource does not use the provider `ignore_tags` configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.batch.ComputeEnvironment(\"example\", {\n computeEnvironmentName: \"example\",\n serviceRole: exampleAwsIamRole.arn,\n type: \"UNMANAGED\",\n});\nconst exampleTag = new aws.ecs.Tag(\"example\", {\n resourceArn: example.ecsClusterArn,\n key: \"Name\",\n value: \"Hello World\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.batch.ComputeEnvironment(\"example\",\n compute_environment_name=\"example\",\n service_role=example_aws_iam_role[\"arn\"],\n type=\"UNMANAGED\")\nexample_tag = aws.ecs.Tag(\"example\",\n resource_arn=example.ecs_cluster_arn,\n key=\"Name\",\n value=\"Hello World\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Batch.ComputeEnvironment(\"example\", new()\n {\n ComputeEnvironmentName = \"example\",\n ServiceRole = exampleAwsIamRole.Arn,\n Type = \"UNMANAGED\",\n });\n\n var exampleTag = new Aws.Ecs.Tag(\"example\", new()\n {\n ResourceArn = example.EcsClusterArn,\n Key = \"Name\",\n Value = \"Hello World\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := batch.NewComputeEnvironment(ctx, \"example\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"example\"),\n\t\t\tServiceRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tType: pulumi.String(\"UNMANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewTag(ctx, \"example\", \u0026ecs.TagArgs{\n\t\t\tResourceArn: example.EcsClusterArn,\n\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\tValue: pulumi.String(\"Hello World\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.ecs.Tag;\nimport com.pulumi.aws.ecs.TagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ComputeEnvironment(\"example\", ComputeEnvironmentArgs.builder()\n .computeEnvironmentName(\"example\")\n .serviceRole(exampleAwsIamRole.arn())\n .type(\"UNMANAGED\")\n .build());\n\n var exampleTag = new Tag(\"exampleTag\", TagArgs.builder()\n .resourceArn(example.ecsClusterArn())\n .key(\"Name\")\n .value(\"Hello World\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: example\n serviceRole: ${exampleAwsIamRole.arn}\n type: UNMANAGED\n exampleTag:\n type: aws:ecs:Tag\n name: example\n properties:\n resourceArn: ${example.ecsClusterArn}\n key: Name\n value: Hello World\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ecs_tag` using the ECS resource identifier and key, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ecs/tag:Tag example arn:aws:ecs:us-east-1:123456789012:cluster/example,Name\n```\n", "properties": { "key": { "type": "string", "description": "Tag name.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the ECS resource to tag.\n" }, "value": { "type": "string", "description": "Tag value.\n" } }, "required": [ "key", "resourceArn", "value" ], "inputProperties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the ECS resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "requiredInputs": [ "key", "resourceArn", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the ECS resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "type": "object" } }, "aws:ecs/taskDefinition:TaskDefinition": { "description": "Manages a revision of an ECS task definition to be used in `aws.ecs.Service`.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst service = new aws.ecs.TaskDefinition(\"service\", {\n family: \"service\",\n containerDefinitions: JSON.stringify([\n {\n name: \"first\",\n image: \"service-first\",\n cpu: 10,\n memory: 512,\n essential: true,\n portMappings: [{\n containerPort: 80,\n hostPort: 80,\n }],\n },\n {\n name: \"second\",\n image: \"service-second\",\n cpu: 10,\n memory: 256,\n essential: true,\n portMappings: [{\n containerPort: 443,\n hostPort: 443,\n }],\n },\n ]),\n volumes: [{\n name: \"service-storage\",\n hostPath: \"/ecs/service-storage\",\n }],\n placementConstraints: [{\n type: \"memberOf\",\n expression: \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nservice = aws.ecs.TaskDefinition(\"service\",\n family=\"service\",\n container_definitions=json.dumps([\n {\n \"name\": \"first\",\n \"image\": \"service-first\",\n \"cpu\": 10,\n \"memory\": 512,\n \"essential\": True,\n \"portMappings\": [{\n \"containerPort\": 80,\n \"hostPort\": 80,\n }],\n },\n {\n \"name\": \"second\",\n \"image\": \"service-second\",\n \"cpu\": 10,\n \"memory\": 256,\n \"essential\": True,\n \"portMappings\": [{\n \"containerPort\": 443,\n \"hostPort\": 443,\n }],\n },\n ]),\n volumes=[{\n \"name\": \"service-storage\",\n \"host_path\": \"/ecs/service-storage\",\n }],\n placement_constraints=[{\n \"type\": \"memberOf\",\n \"expression\": \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var service = new Aws.Ecs.TaskDefinition(\"service\", new()\n {\n Family = \"service\",\n ContainerDefinitions = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"first\",\n [\"image\"] = \"service-first\",\n [\"cpu\"] = 10,\n [\"memory\"] = 512,\n [\"essential\"] = true,\n [\"portMappings\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"containerPort\"] = 80,\n [\"hostPort\"] = 80,\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"second\",\n [\"image\"] = \"service-second\",\n [\"cpu\"] = 10,\n [\"memory\"] = 256,\n [\"essential\"] = true,\n [\"portMappings\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"containerPort\"] = 443,\n [\"hostPort\"] = 443,\n },\n },\n },\n }),\n Volumes = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionVolumeArgs\n {\n Name = \"service-storage\",\n HostPath = \"/ecs/service-storage\",\n },\n },\n PlacementConstraints = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionPlacementConstraintArgs\n {\n Type = \"memberOf\",\n Expression = \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"name\": \"first\",\n\t\t\t\t\"image\": \"service-first\",\n\t\t\t\t\"cpu\": 10,\n\t\t\t\t\"memory\": 512,\n\t\t\t\t\"essential\": true,\n\t\t\t\t\"portMappings\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"containerPort\": 80,\n\t\t\t\t\t\t\"hostPort\": 80,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"name\": \"second\",\n\t\t\t\t\"image\": \"service-second\",\n\t\t\t\t\"cpu\": 10,\n\t\t\t\t\"memory\": 256,\n\t\t\t\t\"essential\": true,\n\t\t\t\t\"portMappings\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"containerPort\": 443,\n\t\t\t\t\t\t\"hostPort\": 443,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = ecs.NewTaskDefinition(ctx, \"service\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"service\"),\n\t\t\tContainerDefinitions: pulumi.String(json0),\n\t\t\tVolumes: ecs.TaskDefinitionVolumeArray{\n\t\t\t\t\u0026ecs.TaskDefinitionVolumeArgs{\n\t\t\t\t\tName: pulumi.String(\"service-storage\"),\n\t\t\t\t\tHostPath: pulumi.String(\"/ecs/service-storage\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPlacementConstraints: ecs.TaskDefinitionPlacementConstraintArray{\n\t\t\t\t\u0026ecs.TaskDefinitionPlacementConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"memberOf\"),\n\t\t\t\t\tExpression: pulumi.String(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionPlacementConstraintArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var service = new TaskDefinition(\"service\", TaskDefinitionArgs.builder()\n .family(\"service\")\n .containerDefinitions(serializeJson(\n jsonArray(\n jsonObject(\n jsonProperty(\"name\", \"first\"),\n jsonProperty(\"image\", \"service-first\"),\n jsonProperty(\"cpu\", 10),\n jsonProperty(\"memory\", 512),\n jsonProperty(\"essential\", true),\n jsonProperty(\"portMappings\", jsonArray(jsonObject(\n jsonProperty(\"containerPort\", 80),\n jsonProperty(\"hostPort\", 80)\n )))\n ), \n jsonObject(\n jsonProperty(\"name\", \"second\"),\n jsonProperty(\"image\", \"service-second\"),\n jsonProperty(\"cpu\", 10),\n jsonProperty(\"memory\", 256),\n jsonProperty(\"essential\", true),\n jsonProperty(\"portMappings\", jsonArray(jsonObject(\n jsonProperty(\"containerPort\", 443),\n jsonProperty(\"hostPort\", 443)\n )))\n )\n )))\n .volumes(TaskDefinitionVolumeArgs.builder()\n .name(\"service-storage\")\n .hostPath(\"/ecs/service-storage\")\n .build())\n .placementConstraints(TaskDefinitionPlacementConstraintArgs.builder()\n .type(\"memberOf\")\n .expression(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n service:\n type: aws:ecs:TaskDefinition\n properties:\n family: service\n containerDefinitions:\n fn::toJSON:\n - name: first\n image: service-first\n cpu: 10\n memory: 512\n essential: true\n portMappings:\n - containerPort: 80\n hostPort: 80\n - name: second\n image: service-second\n cpu: 10\n memory: 256\n essential: true\n portMappings:\n - containerPort: 443\n hostPort: 443\n volumes:\n - name: service-storage\n hostPath: /ecs/service-storage\n placementConstraints:\n - type: memberOf\n expression: attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With AppMesh Proxy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst service = new aws.ecs.TaskDefinition(\"service\", {\n family: \"service\",\n containerDefinitions: std.file({\n input: \"task-definitions/service.json\",\n }).then(invoke =\u003e invoke.result),\n proxyConfiguration: {\n type: \"APPMESH\",\n containerName: \"applicationContainerName\",\n properties: {\n AppPorts: \"8080\",\n EgressIgnoredIPs: \"169.254.170.2,169.254.169.254\",\n IgnoredUID: \"1337\",\n ProxyEgressPort: \"15001\",\n ProxyIngressPort: \"15000\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nservice = aws.ecs.TaskDefinition(\"service\",\n family=\"service\",\n container_definitions=std.file(input=\"task-definitions/service.json\").result,\n proxy_configuration={\n \"type\": \"APPMESH\",\n \"container_name\": \"applicationContainerName\",\n \"properties\": {\n \"app_ports\": \"8080\",\n \"egress_ignored_ips\": \"169.254.170.2,169.254.169.254\",\n \"ignored_uid\": \"1337\",\n \"proxy_egress_port\": \"15001\",\n \"proxy_ingress_port\": \"15000\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var service = new Aws.Ecs.TaskDefinition(\"service\", new()\n {\n Family = \"service\",\n ContainerDefinitions = Std.File.Invoke(new()\n {\n Input = \"task-definitions/service.json\",\n }).Apply(invoke =\u003e invoke.Result),\n ProxyConfiguration = new Aws.Ecs.Inputs.TaskDefinitionProxyConfigurationArgs\n {\n Type = \"APPMESH\",\n ContainerName = \"applicationContainerName\",\n Properties = \n {\n { \"AppPorts\", \"8080\" },\n { \"EgressIgnoredIPs\", \"169.254.170.2,169.254.169.254\" },\n { \"IgnoredUID\", \"1337\" },\n { \"ProxyEgressPort\", \"15001\" },\n { \"ProxyIngressPort\", \"15000\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"task-definitions/service.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewTaskDefinition(ctx, \"service\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"service\"),\n\t\t\tContainerDefinitions: pulumi.String(invokeFile.Result),\n\t\t\tProxyConfiguration: \u0026ecs.TaskDefinitionProxyConfigurationArgs{\n\t\t\t\tType: pulumi.String(\"APPMESH\"),\n\t\t\t\tContainerName: pulumi.String(\"applicationContainerName\"),\n\t\t\t\tProperties: pulumi.StringMap{\n\t\t\t\t\t\"AppPorts\": pulumi.String(\"8080\"),\n\t\t\t\t\t\"EgressIgnoredIPs\": pulumi.String(\"169.254.170.2,169.254.169.254\"),\n\t\t\t\t\t\"IgnoredUID\": pulumi.String(\"1337\"),\n\t\t\t\t\t\"ProxyEgressPort\": pulumi.String(\"15001\"),\n\t\t\t\t\t\"ProxyIngressPort\": pulumi.String(\"15000\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionProxyConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var service = new TaskDefinition(\"service\", TaskDefinitionArgs.builder()\n .family(\"service\")\n .containerDefinitions(StdFunctions.file(FileArgs.builder()\n .input(\"task-definitions/service.json\")\n .build()).result())\n .proxyConfiguration(TaskDefinitionProxyConfigurationArgs.builder()\n .type(\"APPMESH\")\n .containerName(\"applicationContainerName\")\n .properties(Map.ofEntries(\n Map.entry(\"AppPorts\", \"8080\"),\n Map.entry(\"EgressIgnoredIPs\", \"169.254.170.2,169.254.169.254\"),\n Map.entry(\"IgnoredUID\", \"1337\"),\n Map.entry(\"ProxyEgressPort\", 15001),\n Map.entry(\"ProxyIngressPort\", 15000)\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n service:\n type: aws:ecs:TaskDefinition\n properties:\n family: service\n containerDefinitions:\n fn::invoke:\n Function: std:file\n Arguments:\n input: task-definitions/service.json\n Return: result\n proxyConfiguration:\n type: APPMESH\n containerName: applicationContainerName\n properties:\n AppPorts: '8080'\n EgressIgnoredIPs: 169.254.170.2,169.254.169.254\n IgnoredUID: '1337'\n ProxyEgressPort: 15001\n ProxyIngressPort: 15000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using `docker_volume_configuration`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst service = new aws.ecs.TaskDefinition(\"service\", {\n family: \"service\",\n containerDefinitions: std.file({\n input: \"task-definitions/service.json\",\n }).then(invoke =\u003e invoke.result),\n volumes: [{\n name: \"service-storage\",\n dockerVolumeConfiguration: {\n scope: \"shared\",\n autoprovision: true,\n driver: \"local\",\n driverOpts: {\n type: \"nfs\",\n device: `${fs.dnsName}:/`,\n o: `addr=${fs.dnsName},rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport`,\n },\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nservice = aws.ecs.TaskDefinition(\"service\",\n family=\"service\",\n container_definitions=std.file(input=\"task-definitions/service.json\").result,\n volumes=[{\n \"name\": \"service-storage\",\n \"docker_volume_configuration\": {\n \"scope\": \"shared\",\n \"autoprovision\": True,\n \"driver\": \"local\",\n \"driver_opts\": {\n \"type\": \"nfs\",\n \"device\": f\"{fs['dnsName']}:/\",\n \"o\": f\"addr={fs['dnsName']},rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport\",\n },\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var service = new Aws.Ecs.TaskDefinition(\"service\", new()\n {\n Family = \"service\",\n ContainerDefinitions = Std.File.Invoke(new()\n {\n Input = \"task-definitions/service.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Volumes = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionVolumeArgs\n {\n Name = \"service-storage\",\n DockerVolumeConfiguration = new Aws.Ecs.Inputs.TaskDefinitionVolumeDockerVolumeConfigurationArgs\n {\n Scope = \"shared\",\n Autoprovision = true,\n Driver = \"local\",\n DriverOpts = \n {\n { \"type\", \"nfs\" },\n { \"device\", $\"{fs.DnsName}:/\" },\n { \"o\", $\"addr={fs.DnsName},rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport\" },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"task-definitions/service.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewTaskDefinition(ctx, \"service\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"service\"),\n\t\t\tContainerDefinitions: pulumi.String(invokeFile.Result),\n\t\t\tVolumes: ecs.TaskDefinitionVolumeArray{\n\t\t\t\t\u0026ecs.TaskDefinitionVolumeArgs{\n\t\t\t\t\tName: pulumi.String(\"service-storage\"),\n\t\t\t\t\tDockerVolumeConfiguration: \u0026ecs.TaskDefinitionVolumeDockerVolumeConfigurationArgs{\n\t\t\t\t\t\tScope: pulumi.String(\"shared\"),\n\t\t\t\t\t\tAutoprovision: pulumi.Bool(true),\n\t\t\t\t\t\tDriver: pulumi.String(\"local\"),\n\t\t\t\t\t\tDriverOpts: pulumi.StringMap{\n\t\t\t\t\t\t\t\"type\": pulumi.String(\"nfs\"),\n\t\t\t\t\t\t\t\"device\": pulumi.String(fmt.Sprintf(\"%v:/\", fs.DnsName)),\n\t\t\t\t\t\t\t\"o\": pulumi.String(fmt.Sprintf(\"addr=%v,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport\", fs.DnsName)),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeDockerVolumeConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var service = new TaskDefinition(\"service\", TaskDefinitionArgs.builder()\n .family(\"service\")\n .containerDefinitions(StdFunctions.file(FileArgs.builder()\n .input(\"task-definitions/service.json\")\n .build()).result())\n .volumes(TaskDefinitionVolumeArgs.builder()\n .name(\"service-storage\")\n .dockerVolumeConfiguration(TaskDefinitionVolumeDockerVolumeConfigurationArgs.builder()\n .scope(\"shared\")\n .autoprovision(true)\n .driver(\"local\")\n .driverOpts(Map.ofEntries(\n Map.entry(\"type\", \"nfs\"),\n Map.entry(\"device\", String.format(\"%s:/\", fs.dnsName())),\n Map.entry(\"o\", String.format(\"addr=%s,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport\", fs.dnsName()))\n ))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n service:\n type: aws:ecs:TaskDefinition\n properties:\n family: service\n containerDefinitions:\n fn::invoke:\n Function: std:file\n Arguments:\n input: task-definitions/service.json\n Return: result\n volumes:\n - name: service-storage\n dockerVolumeConfiguration:\n scope: shared\n autoprovision: true\n driver: local\n driverOpts:\n type: nfs\n device: ${fs.dnsName}:/\n o: addr=${fs.dnsName},rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using `efs_volume_configuration`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst service = new aws.ecs.TaskDefinition(\"service\", {\n family: \"service\",\n containerDefinitions: std.file({\n input: \"task-definitions/service.json\",\n }).then(invoke =\u003e invoke.result),\n volumes: [{\n name: \"service-storage\",\n efsVolumeConfiguration: {\n fileSystemId: fs.id,\n rootDirectory: \"/opt/data\",\n transitEncryption: \"ENABLED\",\n transitEncryptionPort: 2999,\n authorizationConfig: {\n accessPointId: test.id,\n iam: \"ENABLED\",\n },\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nservice = aws.ecs.TaskDefinition(\"service\",\n family=\"service\",\n container_definitions=std.file(input=\"task-definitions/service.json\").result,\n volumes=[{\n \"name\": \"service-storage\",\n \"efs_volume_configuration\": {\n \"file_system_id\": fs[\"id\"],\n \"root_directory\": \"/opt/data\",\n \"transit_encryption\": \"ENABLED\",\n \"transit_encryption_port\": 2999,\n \"authorization_config\": {\n \"access_point_id\": test[\"id\"],\n \"iam\": \"ENABLED\",\n },\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var service = new Aws.Ecs.TaskDefinition(\"service\", new()\n {\n Family = \"service\",\n ContainerDefinitions = Std.File.Invoke(new()\n {\n Input = \"task-definitions/service.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Volumes = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionVolumeArgs\n {\n Name = \"service-storage\",\n EfsVolumeConfiguration = new Aws.Ecs.Inputs.TaskDefinitionVolumeEfsVolumeConfigurationArgs\n {\n FileSystemId = fs.Id,\n RootDirectory = \"/opt/data\",\n TransitEncryption = \"ENABLED\",\n TransitEncryptionPort = 2999,\n AuthorizationConfig = new Aws.Ecs.Inputs.TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfigArgs\n {\n AccessPointId = test.Id,\n Iam = \"ENABLED\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"task-definitions/service.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewTaskDefinition(ctx, \"service\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"service\"),\n\t\t\tContainerDefinitions: pulumi.String(invokeFile.Result),\n\t\t\tVolumes: ecs.TaskDefinitionVolumeArray{\n\t\t\t\t\u0026ecs.TaskDefinitionVolumeArgs{\n\t\t\t\t\tName: pulumi.String(\"service-storage\"),\n\t\t\t\t\tEfsVolumeConfiguration: \u0026ecs.TaskDefinitionVolumeEfsVolumeConfigurationArgs{\n\t\t\t\t\t\tFileSystemId: pulumi.Any(fs.Id),\n\t\t\t\t\t\tRootDirectory: pulumi.String(\"/opt/data\"),\n\t\t\t\t\t\tTransitEncryption: pulumi.String(\"ENABLED\"),\n\t\t\t\t\t\tTransitEncryptionPort: pulumi.Int(2999),\n\t\t\t\t\t\tAuthorizationConfig: \u0026ecs.TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfigArgs{\n\t\t\t\t\t\t\tAccessPointId: pulumi.Any(test.Id),\n\t\t\t\t\t\t\tIam: pulumi.String(\"ENABLED\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeEfsVolumeConfigurationArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var service = new TaskDefinition(\"service\", TaskDefinitionArgs.builder()\n .family(\"service\")\n .containerDefinitions(StdFunctions.file(FileArgs.builder()\n .input(\"task-definitions/service.json\")\n .build()).result())\n .volumes(TaskDefinitionVolumeArgs.builder()\n .name(\"service-storage\")\n .efsVolumeConfiguration(TaskDefinitionVolumeEfsVolumeConfigurationArgs.builder()\n .fileSystemId(fs.id())\n .rootDirectory(\"/opt/data\")\n .transitEncryption(\"ENABLED\")\n .transitEncryptionPort(2999)\n .authorizationConfig(TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfigArgs.builder()\n .accessPointId(test.id())\n .iam(\"ENABLED\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n service:\n type: aws:ecs:TaskDefinition\n properties:\n family: service\n containerDefinitions:\n fn::invoke:\n Function: std:file\n Arguments:\n input: task-definitions/service.json\n Return: result\n volumes:\n - name: service-storage\n efsVolumeConfiguration:\n fileSystemId: ${fs.id}\n rootDirectory: /opt/data\n transitEncryption: ENABLED\n transitEncryptionPort: 2999\n authorizationConfig:\n accessPointId: ${test.id}\n iam: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using `fsx_windows_file_server_volume_configuration`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.secretsmanager.SecretVersion(\"test\", {\n secretId: testAwsSecretsmanagerSecret.id,\n secretString: JSON.stringify({\n username: \"admin\",\n password: testAwsDirectoryServiceDirectory.password,\n }),\n});\nconst service = new aws.ecs.TaskDefinition(\"service\", {\n family: \"service\",\n containerDefinitions: std.file({\n input: \"task-definitions/service.json\",\n }).then(invoke =\u003e invoke.result),\n volumes: [{\n name: \"service-storage\",\n fsxWindowsFileServerVolumeConfiguration: {\n fileSystemId: testAwsFsxWindowsFileSystem.id,\n rootDirectory: \"\\\\data\",\n authorizationConfig: {\n credentialsParameter: test.arn,\n domain: testAwsDirectoryServiceDirectory.name,\n },\n },\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.secretsmanager.SecretVersion(\"test\",\n secret_id=test_aws_secretsmanager_secret[\"id\"],\n secret_string=json.dumps({\n \"username\": \"admin\",\n \"password\": test_aws_directory_service_directory[\"password\"],\n }))\nservice = aws.ecs.TaskDefinition(\"service\",\n family=\"service\",\n container_definitions=std.file(input=\"task-definitions/service.json\").result,\n volumes=[{\n \"name\": \"service-storage\",\n \"fsx_windows_file_server_volume_configuration\": {\n \"file_system_id\": test_aws_fsx_windows_file_system[\"id\"],\n \"root_directory\": \"\\\\data\",\n \"authorization_config\": {\n \"credentials_parameter\": test.arn,\n \"domain\": test_aws_directory_service_directory[\"name\"],\n },\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.SecretsManager.SecretVersion(\"test\", new()\n {\n SecretId = testAwsSecretsmanagerSecret.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"admin\",\n [\"password\"] = testAwsDirectoryServiceDirectory.Password,\n }),\n });\n\n var service = new Aws.Ecs.TaskDefinition(\"service\", new()\n {\n Family = \"service\",\n ContainerDefinitions = Std.File.Invoke(new()\n {\n Input = \"task-definitions/service.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Volumes = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionVolumeArgs\n {\n Name = \"service-storage\",\n FsxWindowsFileServerVolumeConfiguration = new Aws.Ecs.Inputs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationArgs\n {\n FileSystemId = testAwsFsxWindowsFileSystem.Id,\n RootDirectory = \"\\\\data\",\n AuthorizationConfig = new Aws.Ecs.Inputs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfigArgs\n {\n CredentialsParameter = test.Arn,\n Domain = testAwsDirectoryServiceDirectory.Name,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"admin\",\n\t\t\t\"password\": testAwsDirectoryServiceDirectory.Password,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := secretsmanager.NewSecretVersion(ctx, \"test\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: pulumi.Any(testAwsSecretsmanagerSecret.Id),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"task-definitions/service.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewTaskDefinition(ctx, \"service\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"service\"),\n\t\t\tContainerDefinitions: pulumi.String(invokeFile.Result),\n\t\t\tVolumes: ecs.TaskDefinitionVolumeArray{\n\t\t\t\t\u0026ecs.TaskDefinitionVolumeArgs{\n\t\t\t\t\tName: pulumi.String(\"service-storage\"),\n\t\t\t\t\tFsxWindowsFileServerVolumeConfiguration: \u0026ecs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationArgs{\n\t\t\t\t\t\tFileSystemId: pulumi.Any(testAwsFsxWindowsFileSystem.Id),\n\t\t\t\t\t\tRootDirectory: pulumi.String(\"\\\\data\"),\n\t\t\t\t\t\tAuthorizationConfig: \u0026ecs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfigArgs{\n\t\t\t\t\t\t\tCredentialsParameter: test.Arn,\n\t\t\t\t\t\t\tDomain: pulumi.Any(testAwsDirectoryServiceDirectory.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretVersion(\"test\", SecretVersionArgs.builder()\n .secretId(testAwsSecretsmanagerSecret.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"admin\"),\n jsonProperty(\"password\", testAwsDirectoryServiceDirectory.password())\n )))\n .build());\n\n var service = new TaskDefinition(\"service\", TaskDefinitionArgs.builder()\n .family(\"service\")\n .containerDefinitions(StdFunctions.file(FileArgs.builder()\n .input(\"task-definitions/service.json\")\n .build()).result())\n .volumes(TaskDefinitionVolumeArgs.builder()\n .name(\"service-storage\")\n .fsxWindowsFileServerVolumeConfiguration(TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationArgs.builder()\n .fileSystemId(testAwsFsxWindowsFileSystem.id())\n .rootDirectory(\"\\\\data\")\n .authorizationConfig(TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfigArgs.builder()\n .credentialsParameter(test.arn())\n .domain(testAwsDirectoryServiceDirectory.name())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n service:\n type: aws:ecs:TaskDefinition\n properties:\n family: service\n containerDefinitions:\n fn::invoke:\n Function: std:file\n Arguments:\n input: task-definitions/service.json\n Return: result\n volumes:\n - name: service-storage\n fsxWindowsFileServerVolumeConfiguration:\n fileSystemId: ${testAwsFsxWindowsFileSystem.id}\n rootDirectory: \\data\n authorizationConfig:\n credentialsParameter: ${test.arn}\n domain: ${testAwsDirectoryServiceDirectory.name}\n test:\n type: aws:secretsmanager:SecretVersion\n properties:\n secretId: ${testAwsSecretsmanagerSecret.id}\n secretString:\n fn::toJSON:\n username: admin\n password: ${testAwsDirectoryServiceDirectory.password}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using `container_definitions` and `inference_accelerator`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ecs.TaskDefinition(\"test\", {\n family: \"test\",\n containerDefinitions: `[\n {\n \"cpu\": 10,\n \"command\": [\"sleep\", \"10\"],\n \"entryPoint\": [\"/\"],\n \"environment\": [\n {\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n ],\n \"essential\": true,\n \"image\": \"jenkins\",\n \"memory\": 128,\n \"name\": \"jenkins\",\n \"portMappings\": [\n {\n \"containerPort\": 80,\n \"hostPort\": 8080\n }\n ],\n \"resourceRequirements\":[\n {\n \"type\":\"InferenceAccelerator\",\n \"value\":\"device_1\"\n }\n ]\n }\n]\n`,\n inferenceAccelerators: [{\n deviceName: \"device_1\",\n deviceType: \"eia1.medium\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ecs.TaskDefinition(\"test\",\n family=\"test\",\n container_definitions=\"\"\"[\n {\n \"cpu\": 10,\n \"command\": [\"sleep\", \"10\"],\n \"entryPoint\": [\"/\"],\n \"environment\": [\n {\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n ],\n \"essential\": true,\n \"image\": \"jenkins\",\n \"memory\": 128,\n \"name\": \"jenkins\",\n \"portMappings\": [\n {\n \"containerPort\": 80,\n \"hostPort\": 8080\n }\n ],\n \"resourceRequirements\":[\n {\n \"type\":\"InferenceAccelerator\",\n \"value\":\"device_1\"\n }\n ]\n }\n]\n\"\"\",\n inference_accelerators=[{\n \"device_name\": \"device_1\",\n \"device_type\": \"eia1.medium\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ecs.TaskDefinition(\"test\", new()\n {\n Family = \"test\",\n ContainerDefinitions = @\"[\n {\n \"\"cpu\"\": 10,\n \"\"command\"\": [\"\"sleep\"\", \"\"10\"\"],\n \"\"entryPoint\"\": [\"\"/\"\"],\n \"\"environment\"\": [\n {\"\"name\"\": \"\"VARNAME\"\", \"\"value\"\": \"\"VARVAL\"\"}\n ],\n \"\"essential\"\": true,\n \"\"image\"\": \"\"jenkins\"\",\n \"\"memory\"\": 128,\n \"\"name\"\": \"\"jenkins\"\",\n \"\"portMappings\"\": [\n {\n \"\"containerPort\"\": 80,\n \"\"hostPort\"\": 8080\n }\n ],\n \"\"resourceRequirements\"\":[\n {\n \"\"type\"\":\"\"InferenceAccelerator\"\",\n \"\"value\"\":\"\"device_1\"\"\n }\n ]\n }\n]\n\",\n InferenceAccelerators = new[]\n {\n new Aws.Ecs.Inputs.TaskDefinitionInferenceAcceleratorArgs\n {\n DeviceName = \"device_1\",\n DeviceType = \"eia1.medium\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewTaskDefinition(ctx, \"test\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"test\"),\n\t\t\tContainerDefinitions: pulumi.String(`[\n {\n \"cpu\": 10,\n \"command\": [\"sleep\", \"10\"],\n \"entryPoint\": [\"/\"],\n \"environment\": [\n {\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n ],\n \"essential\": true,\n \"image\": \"jenkins\",\n \"memory\": 128,\n \"name\": \"jenkins\",\n \"portMappings\": [\n {\n \"containerPort\": 80,\n \"hostPort\": 8080\n }\n ],\n \"resourceRequirements\":[\n {\n \"type\":\"InferenceAccelerator\",\n \"value\":\"device_1\"\n }\n ]\n }\n]\n`),\n\t\t\tInferenceAccelerators: ecs.TaskDefinitionInferenceAcceleratorArray{\n\t\t\t\t\u0026ecs.TaskDefinitionInferenceAcceleratorArgs{\n\t\t\t\t\tDeviceName: pulumi.String(\"device_1\"),\n\t\t\t\t\tDeviceType: pulumi.String(\"eia1.medium\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionInferenceAcceleratorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TaskDefinition(\"test\", TaskDefinitionArgs.builder()\n .family(\"test\")\n .containerDefinitions(\"\"\"\n[\n {\n \"cpu\": 10,\n \"command\": [\"sleep\", \"10\"],\n \"entryPoint\": [\"/\"],\n \"environment\": [\n {\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n ],\n \"essential\": true,\n \"image\": \"jenkins\",\n \"memory\": 128,\n \"name\": \"jenkins\",\n \"portMappings\": [\n {\n \"containerPort\": 80,\n \"hostPort\": 8080\n }\n ],\n \"resourceRequirements\":[\n {\n \"type\":\"InferenceAccelerator\",\n \"value\":\"device_1\"\n }\n ]\n }\n]\n \"\"\")\n .inferenceAccelerators(TaskDefinitionInferenceAcceleratorArgs.builder()\n .deviceName(\"device_1\")\n .deviceType(\"eia1.medium\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ecs:TaskDefinition\n properties:\n family: test\n containerDefinitions: |\n [\n {\n \"cpu\": 10,\n \"command\": [\"sleep\", \"10\"],\n \"entryPoint\": [\"/\"],\n \"environment\": [\n {\"name\": \"VARNAME\", \"value\": \"VARVAL\"}\n ],\n \"essential\": true,\n \"image\": \"jenkins\",\n \"memory\": 128,\n \"name\": \"jenkins\",\n \"portMappings\": [\n {\n \"containerPort\": 80,\n \"hostPort\": 8080\n }\n ],\n \"resourceRequirements\":[\n {\n \"type\":\"InferenceAccelerator\",\n \"value\":\"device_1\"\n }\n ]\n }\n ]\n inferenceAccelerators:\n - deviceName: device_1\n deviceType: eia1.medium\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using `runtime_platform` and `fargate`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ecs.TaskDefinition(\"test\", {\n family: \"test\",\n requiresCompatibilities: [\"FARGATE\"],\n networkMode: \"awsvpc\",\n cpu: \"1024\",\n memory: \"2048\",\n containerDefinitions: `[\n {\n \"name\": \"iis\",\n \"image\": \"mcr.microsoft.com/windows/servercore/iis\",\n \"cpu\": 1024,\n \"memory\": 2048,\n \"essential\": true\n }\n]\n`,\n runtimePlatform: {\n operatingSystemFamily: \"WINDOWS_SERVER_2019_CORE\",\n cpuArchitecture: \"X86_64\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ecs.TaskDefinition(\"test\",\n family=\"test\",\n requires_compatibilities=[\"FARGATE\"],\n network_mode=\"awsvpc\",\n cpu=\"1024\",\n memory=\"2048\",\n container_definitions=\"\"\"[\n {\n \"name\": \"iis\",\n \"image\": \"mcr.microsoft.com/windows/servercore/iis\",\n \"cpu\": 1024,\n \"memory\": 2048,\n \"essential\": true\n }\n]\n\"\"\",\n runtime_platform={\n \"operating_system_family\": \"WINDOWS_SERVER_2019_CORE\",\n \"cpu_architecture\": \"X86_64\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ecs.TaskDefinition(\"test\", new()\n {\n Family = \"test\",\n RequiresCompatibilities = new[]\n {\n \"FARGATE\",\n },\n NetworkMode = \"awsvpc\",\n Cpu = \"1024\",\n Memory = \"2048\",\n ContainerDefinitions = @\"[\n {\n \"\"name\"\": \"\"iis\"\",\n \"\"image\"\": \"\"mcr.microsoft.com/windows/servercore/iis\"\",\n \"\"cpu\"\": 1024,\n \"\"memory\"\": 2048,\n \"\"essential\"\": true\n }\n]\n\",\n RuntimePlatform = new Aws.Ecs.Inputs.TaskDefinitionRuntimePlatformArgs\n {\n OperatingSystemFamily = \"WINDOWS_SERVER_2019_CORE\",\n CpuArchitecture = \"X86_64\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewTaskDefinition(ctx, \"test\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"test\"),\n\t\t\tRequiresCompatibilities: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tNetworkMode: pulumi.String(\"awsvpc\"),\n\t\t\tCpu: pulumi.String(\"1024\"),\n\t\t\tMemory: pulumi.String(\"2048\"),\n\t\t\tContainerDefinitions: pulumi.String(`[\n {\n \"name\": \"iis\",\n \"image\": \"mcr.microsoft.com/windows/servercore/iis\",\n \"cpu\": 1024,\n \"memory\": 2048,\n \"essential\": true\n }\n]\n`),\n\t\t\tRuntimePlatform: \u0026ecs.TaskDefinitionRuntimePlatformArgs{\n\t\t\t\tOperatingSystemFamily: pulumi.String(\"WINDOWS_SERVER_2019_CORE\"),\n\t\t\t\tCpuArchitecture: pulumi.String(\"X86_64\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.inputs.TaskDefinitionRuntimePlatformArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TaskDefinition(\"test\", TaskDefinitionArgs.builder()\n .family(\"test\")\n .requiresCompatibilities(\"FARGATE\")\n .networkMode(\"awsvpc\")\n .cpu(1024)\n .memory(2048)\n .containerDefinitions(\"\"\"\n[\n {\n \"name\": \"iis\",\n \"image\": \"mcr.microsoft.com/windows/servercore/iis\",\n \"cpu\": 1024,\n \"memory\": 2048,\n \"essential\": true\n }\n]\n \"\"\")\n .runtimePlatform(TaskDefinitionRuntimePlatformArgs.builder()\n .operatingSystemFamily(\"WINDOWS_SERVER_2019_CORE\")\n .cpuArchitecture(\"X86_64\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ecs:TaskDefinition\n properties:\n family: test\n requiresCompatibilities:\n - FARGATE\n networkMode: awsvpc\n cpu: 1024\n memory: 2048\n containerDefinitions: |\n [\n {\n \"name\": \"iis\",\n \"image\": \"mcr.microsoft.com/windows/servercore/iis\",\n \"cpu\": 1024,\n \"memory\": 2048,\n \"essential\": true\n }\n ]\n runtimePlatform:\n operatingSystemFamily: WINDOWS_SERVER_2019_CORE\n cpuArchitecture: X86_64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS Task Definitions using their ARNs. For example:\n\n```sh\n$ pulumi import aws:ecs/taskDefinition:TaskDefinition example arn:aws:ecs:us-east-1:012345678910:task-definition/mytaskfamily:123\n```\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the Task Definition (including both `family` and `revision`).\n" }, "arnWithoutRevision": { "type": "string", "description": "ARN of the Task Definition with the trailing `revision` removed. This may be useful for situations where the latest task definition is always desired. If a revision isn't specified, the latest ACTIVE revision is used. See the [AWS documentation](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StartTask.html#ECS-StartTask-request-taskDefinition) for details.\n" }, "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a single valid JSON document. Please note that you should only provide values that are part of the container definition document. For a detailed description of what parameters are available, see the [Task Definition Parameters](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the official [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n" }, "cpu": { "type": "string", "description": "Number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "ephemeralStorage": { "$ref": "#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage", "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n" }, "executionRoleArn": { "type": "string", "description": "ARN of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n" }, "family": { "type": "string", "description": "A unique name for your task definition.\n\nThe following arguments are optional:\n" }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n" }, "ipcMode": { "type": "string", "description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n" }, "memory": { "type": "string", "description": "Amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n" }, "networkMode": { "type": "string", "description": "Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host`.\n" }, "pidMode": { "type": "string", "description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n" }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "Configuration block for the App Mesh proxy. Detailed below.\n" }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "Set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n" }, "revision": { "type": "integer", "description": "Revision of the task in a particular family.\n" }, "runtimePlatform": { "$ref": "#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform", "description": "Configuration block for runtime_platform that containers in your task may use.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old revision when the resource is destroyed or replacement is necessary. Default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskRoleArn": { "type": "string", "description": "ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n" }, "trackLatest": { "type": "boolean", "description": "Whether should track latest `ACTIVE` task definition on AWS or the one created with the resource stored in state. Default is `false`. Useful in the event the task definition is modified outside of this resource.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "Configuration block for volumes that containers in your task may use. Detailed below.\n" } }, "required": [ "arn", "arnWithoutRevision", "containerDefinitions", "family", "networkMode", "revision", "tagsAll" ], "inputProperties": { "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a single valid JSON document. Please note that you should only provide values that are part of the container definition document. For a detailed description of what parameters are available, see the [Task Definition Parameters](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the official [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n", "willReplaceOnChanges": true }, "cpu": { "type": "string", "description": "Number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n", "willReplaceOnChanges": true }, "ephemeralStorage": { "$ref": "#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage", "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n", "willReplaceOnChanges": true }, "executionRoleArn": { "type": "string", "description": "ARN of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "A unique name for your task definition.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n", "willReplaceOnChanges": true }, "ipcMode": { "type": "string", "description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n", "willReplaceOnChanges": true }, "memory": { "type": "string", "description": "Amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n", "willReplaceOnChanges": true }, "networkMode": { "type": "string", "description": "Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host`.\n", "willReplaceOnChanges": true }, "pidMode": { "type": "string", "description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n", "willReplaceOnChanges": true }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n", "willReplaceOnChanges": true }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "Configuration block for the App Mesh proxy. Detailed below.\n", "willReplaceOnChanges": true }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "Set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n", "willReplaceOnChanges": true }, "runtimePlatform": { "$ref": "#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform", "description": "Configuration block for runtime_platform that containers in your task may use.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old revision when the resource is destroyed or replacement is necessary. Default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taskRoleArn": { "type": "string", "description": "ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n", "willReplaceOnChanges": true }, "trackLatest": { "type": "boolean", "description": "Whether should track latest `ACTIVE` task definition on AWS or the one created with the resource stored in state. Default is `false`. Useful in the event the task definition is modified outside of this resource.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "Configuration block for volumes that containers in your task may use. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "containerDefinitions", "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering TaskDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the Task Definition (including both `family` and `revision`).\n" }, "arnWithoutRevision": { "type": "string", "description": "ARN of the Task Definition with the trailing `revision` removed. This may be useful for situations where the latest task definition is always desired. If a revision isn't specified, the latest ACTIVE revision is used. See the [AWS documentation](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StartTask.html#ECS-StartTask-request-taskDefinition) for details.\n" }, "containerDefinitions": { "type": "string", "description": "A list of valid [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) provided as a single valid JSON document. Please note that you should only provide values that are part of the container definition document. For a detailed description of what parameters are available, see the [Task Definition Parameters](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) section from the official [Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide).\n", "willReplaceOnChanges": true }, "cpu": { "type": "string", "description": "Number of cpu units used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n", "willReplaceOnChanges": true }, "ephemeralStorage": { "$ref": "#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage", "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n", "willReplaceOnChanges": true }, "executionRoleArn": { "type": "string", "description": "ARN of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "A unique name for your task definition.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "inferenceAccelerators": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator" }, "description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n", "willReplaceOnChanges": true }, "ipcMode": { "type": "string", "description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n", "willReplaceOnChanges": true }, "memory": { "type": "string", "description": "Amount (in MiB) of memory used by the task. If the `requires_compatibilities` is `FARGATE` this field is required.\n", "willReplaceOnChanges": true }, "networkMode": { "type": "string", "description": "Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host`.\n", "willReplaceOnChanges": true }, "pidMode": { "type": "string", "description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n", "willReplaceOnChanges": true }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint" }, "description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n", "willReplaceOnChanges": true }, "proxyConfiguration": { "$ref": "#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration", "description": "Configuration block for the App Mesh proxy. Detailed below.\n", "willReplaceOnChanges": true }, "requiresCompatibilities": { "type": "array", "items": { "type": "string" }, "description": "Set of launch types required by the task. The valid values are `EC2` and `FARGATE`.\n", "willReplaceOnChanges": true }, "revision": { "type": "integer", "description": "Revision of the task in a particular family.\n" }, "runtimePlatform": { "$ref": "#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform", "description": "Configuration block for runtime_platform that containers in your task may use.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old revision when the resource is destroyed or replacement is necessary. Default is `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskRoleArn": { "type": "string", "description": "ARN of IAM role that allows your Amazon ECS container task to make calls to other AWS services.\n", "willReplaceOnChanges": true }, "trackLatest": { "type": "boolean", "description": "Whether should track latest `ACTIVE` task definition on AWS or the one created with the resource stored in state. Default is `false`. Useful in the event the task definition is modified outside of this resource.\n" }, "volumes": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume" }, "description": "Configuration block for volumes that containers in your task may use. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ecs/taskSet:TaskSet": { "description": "Provides an ECS task set - effectively a task that is expected to run until an error occurs or a user terminates it (typically a webserver or a database).\n\nSee [ECS Task Set section in AWS developer guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-external.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.TaskSet(\"example\", {\n service: exampleAwsEcsService.id,\n cluster: exampleAwsEcsCluster.id,\n taskDefinition: exampleAwsEcsTaskDefinition.arn,\n loadBalancers: [{\n targetGroupArn: exampleAwsLbTargetGroup.arn,\n containerName: \"mongo\",\n containerPort: 8080,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.TaskSet(\"example\",\n service=example_aws_ecs_service[\"id\"],\n cluster=example_aws_ecs_cluster[\"id\"],\n task_definition=example_aws_ecs_task_definition[\"arn\"],\n load_balancers=[{\n \"target_group_arn\": example_aws_lb_target_group[\"arn\"],\n \"container_name\": \"mongo\",\n \"container_port\": 8080,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.TaskSet(\"example\", new()\n {\n Service = exampleAwsEcsService.Id,\n Cluster = exampleAwsEcsCluster.Id,\n TaskDefinition = exampleAwsEcsTaskDefinition.Arn,\n LoadBalancers = new[]\n {\n new Aws.Ecs.Inputs.TaskSetLoadBalancerArgs\n {\n TargetGroupArn = exampleAwsLbTargetGroup.Arn,\n ContainerName = \"mongo\",\n ContainerPort = 8080,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewTaskSet(ctx, \"example\", \u0026ecs.TaskSetArgs{\n\t\t\tService: pulumi.Any(exampleAwsEcsService.Id),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tTaskDefinition: pulumi.Any(exampleAwsEcsTaskDefinition.Arn),\n\t\t\tLoadBalancers: ecs.TaskSetLoadBalancerArray{\n\t\t\t\t\u0026ecs.TaskSetLoadBalancerArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(exampleAwsLbTargetGroup.Arn),\n\t\t\t\t\tContainerName: pulumi.String(\"mongo\"),\n\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskSet;\nimport com.pulumi.aws.ecs.TaskSetArgs;\nimport com.pulumi.aws.ecs.inputs.TaskSetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TaskSet(\"example\", TaskSetArgs.builder()\n .service(exampleAwsEcsService.id())\n .cluster(exampleAwsEcsCluster.id())\n .taskDefinition(exampleAwsEcsTaskDefinition.arn())\n .loadBalancers(TaskSetLoadBalancerArgs.builder()\n .targetGroupArn(exampleAwsLbTargetGroup.arn())\n .containerName(\"mongo\")\n .containerPort(8080)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:TaskSet\n properties:\n service: ${exampleAwsEcsService.id}\n cluster: ${exampleAwsEcsCluster.id}\n taskDefinition: ${exampleAwsEcsTaskDefinition.arn}\n loadBalancers:\n - targetGroupArn: ${exampleAwsLbTargetGroup.arn}\n containerName: mongo\n containerPort: 8080\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Scale\n\nYou can utilize the generic resource lifecycle configuration block with `ignore_changes` to create an ECS service with an initial count of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.TaskSet(\"example\", {scale: {\n value: 50,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.TaskSet(\"example\", scale={\n \"value\": 50,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.TaskSet(\"example\", new()\n {\n Scale = new Aws.Ecs.Inputs.TaskSetScaleArgs\n {\n Value = 50,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewTaskSet(ctx, \"example\", \u0026ecs.TaskSetArgs{\n\t\t\tScale: \u0026ecs.TaskSetScaleArgs{\n\t\t\t\tValue: pulumi.Float64(50),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskSet;\nimport com.pulumi.aws.ecs.TaskSetArgs;\nimport com.pulumi.aws.ecs.inputs.TaskSetScaleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TaskSet(\"example\", TaskSetArgs.builder()\n .scale(TaskSetScaleArgs.builder()\n .value(50)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:TaskSet\n properties:\n scale:\n value: 50\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS Task Sets using the `task_set_id`, `service`, and `cluster` separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:ecs/taskSet:TaskSet example ecs-svc/7177320696926227436,arn:aws:ecs:us-west-2:123456789101:service/example/example-1234567890,arn:aws:ecs:us-west-2:123456789101:cluster/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the task set.\n" }, "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetCapacityProviderStrategy:TaskSetCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n" }, "cluster": { "type": "string", "description": "The short name or ARN of the cluster that hosts the service to create the task set in.\n" }, "externalId": { "type": "string", "description": "The external ID associated with the task set.\n" }, "forceDelete": { "type": "boolean", "description": "Whether to allow deleting the task set without waiting for scaling down to 0. You can force a task set to delete even if it's in the process of scaling a resource. Normally, the provider drains all the tasks before deleting the task set. This bypasses that behavior and potentially leaves resources dangling.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`.\n" }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetLoadBalancer:TaskSetLoadBalancer" }, "description": "Details on load balancers that are used with a task set. Detailed below.\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/TaskSetNetworkConfiguration:TaskSetNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. Detailed below.\n" }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n" }, "scale": { "$ref": "#/types/aws:ecs/TaskSetScale:TaskSetScale", "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set. Detailed below.\n" }, "service": { "type": "string", "description": "The short name or ARN of the ECS service.\n" }, "serviceRegistries": { "$ref": "#/types/aws:ecs/TaskSetServiceRegistries:TaskSetServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. Detailed below.\n" }, "stabilityStatus": { "type": "string", "description": "The stability status. This indicates whether the task set has reached a steady state.\n" }, "status": { "type": "string", "description": "The status of the task set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service.\n\nThe following arguments are optional:\n" }, "taskSetId": { "type": "string", "description": "The ID of the task set.\n" }, "waitUntilStable": { "type": "boolean", "description": "Whether the provider should wait until the task set has reached `STEADY_STATE`.\n" }, "waitUntilStableTimeout": { "type": "string", "description": "Wait timeout for task set to reach `STEADY_STATE`. Valid time units include `ns`, `us` (or `µs`), `ms`, `s`, `m`, and `h`. Default `10m`.\n" } }, "required": [ "arn", "cluster", "externalId", "launchType", "platformVersion", "scale", "service", "stabilityStatus", "status", "tagsAll", "taskDefinition", "taskSetId" ], "inputProperties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetCapacityProviderStrategy:TaskSetCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n", "willReplaceOnChanges": true }, "cluster": { "type": "string", "description": "The short name or ARN of the cluster that hosts the service to create the task set in.\n", "willReplaceOnChanges": true }, "externalId": { "type": "string", "description": "The external ID associated with the task set.\n", "willReplaceOnChanges": true }, "forceDelete": { "type": "boolean", "description": "Whether to allow deleting the task set without waiting for scaling down to 0. You can force a task set to delete even if it's in the process of scaling a resource. Normally, the provider drains all the tasks before deleting the task set. This bypasses that behavior and potentially leaves resources dangling.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetLoadBalancer:TaskSetLoadBalancer" }, "description": "Details on load balancers that are used with a task set. Detailed below.\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:ecs/TaskSetNetworkConfiguration:TaskSetNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. Detailed below.\n", "willReplaceOnChanges": true }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n", "willReplaceOnChanges": true }, "scale": { "$ref": "#/types/aws:ecs/TaskSetScale:TaskSetScale", "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set. Detailed below.\n" }, "service": { "type": "string", "description": "The short name or ARN of the ECS service.\n", "willReplaceOnChanges": true }, "serviceRegistries": { "$ref": "#/types/aws:ecs/TaskSetServiceRegistries:TaskSetServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "waitUntilStable": { "type": "boolean", "description": "Whether the provider should wait until the task set has reached `STEADY_STATE`.\n" }, "waitUntilStableTimeout": { "type": "string", "description": "Wait timeout for task set to reach `STEADY_STATE`. Valid time units include `ns`, `us` (or `µs`), `ms`, `s`, `m`, and `h`. Default `10m`.\n" } }, "requiredInputs": [ "cluster", "service", "taskDefinition" ], "stateInputs": { "description": "Input properties used for looking up and filtering TaskSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the task set.\n" }, "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetCapacityProviderStrategy:TaskSetCapacityProviderStrategy" }, "description": "The capacity provider strategy to use for the service. Can be one or more. Defined below.\n", "willReplaceOnChanges": true }, "cluster": { "type": "string", "description": "The short name or ARN of the cluster that hosts the service to create the task set in.\n", "willReplaceOnChanges": true }, "externalId": { "type": "string", "description": "The external ID associated with the task set.\n", "willReplaceOnChanges": true }, "forceDelete": { "type": "boolean", "description": "Whether to allow deleting the task set without waiting for scaling down to 0. You can force a task set to delete even if it's in the process of scaling a resource. Normally, the provider drains all the tasks before deleting the task set. This bypasses that behavior and potentially leaves resources dangling.\n" }, "launchType": { "type": "string", "description": "The launch type on which to run your service. The valid values are `EC2`, `FARGATE`, and `EXTERNAL`. Defaults to `EC2`.\n", "willReplaceOnChanges": true }, "loadBalancers": { "type": "array", "items": { "$ref": "#/types/aws:ecs/TaskSetLoadBalancer:TaskSetLoadBalancer" }, "description": "Details on load balancers that are used with a task set. Detailed below.\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:ecs/TaskSetNetworkConfiguration:TaskSetNetworkConfiguration", "description": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. Detailed below.\n", "willReplaceOnChanges": true }, "platformVersion": { "type": "string", "description": "The platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n", "willReplaceOnChanges": true }, "scale": { "$ref": "#/types/aws:ecs/TaskSetScale:TaskSetScale", "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set. Detailed below.\n" }, "service": { "type": "string", "description": "The short name or ARN of the ECS service.\n", "willReplaceOnChanges": true }, "serviceRegistries": { "$ref": "#/types/aws:ecs/TaskSetServiceRegistries:TaskSetServiceRegistries", "description": "The service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. Detailed below.\n", "willReplaceOnChanges": true }, "stabilityStatus": { "type": "string", "description": "The stability status. This indicates whether the task set has reached a steady state.\n" }, "status": { "type": "string", "description": "The status of the task set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taskDefinition": { "type": "string", "description": "The family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "taskSetId": { "type": "string", "description": "The ID of the task set.\n" }, "waitUntilStable": { "type": "boolean", "description": "Whether the provider should wait until the task set has reached `STEADY_STATE`.\n" }, "waitUntilStableTimeout": { "type": "string", "description": "Wait timeout for task set to reach `STEADY_STATE`. Valid time units include `ns`, `us` (or `µs`), `ms`, `s`, `m`, and `h`. Default `10m`.\n" } }, "type": "object" } }, "aws:efs/accessPoint:AccessPoint": { "description": "Provides an Elastic File System (EFS) access point.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.efs.AccessPoint(\"test\", {fileSystemId: foo.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.AccessPoint(\"test\", file_system_id=foo[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Efs.AccessPoint(\"test\", new()\n {\n FileSystemId = foo.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.NewAccessPoint(ctx, \"test\", \u0026efs.AccessPointArgs{\n\t\t\tFileSystemId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.AccessPoint;\nimport com.pulumi.aws.efs.AccessPointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AccessPoint(\"test\", AccessPointArgs.builder()\n .fileSystemId(foo.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:efs:AccessPoint\n properties:\n fileSystemId: ${foo.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EFS access points using the `id`. For example:\n\n```sh\n$ pulumi import aws:efs/accessPoint:AccessPoint test fsap-52a643fb\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the access point.\n" }, "fileSystemArn": { "type": "string", "description": "ARN of the file system.\n" }, "fileSystemId": { "type": "string", "description": "ID of the file system for which the access point is intended.\n" }, "ownerId": { "type": "string" }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "Operating system user and group applied to all file system requests made using the access point. Detailed below.\n" }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Directory on the Amazon EFS file system that the access point provides access to. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "fileSystemArn", "fileSystemId", "ownerId", "rootDirectory", "tagsAll" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "ID of the file system for which the access point is intended.\n", "willReplaceOnChanges": true }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "Operating system user and group applied to all file system requests made using the access point. Detailed below.\n", "willReplaceOnChanges": true }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Directory on the Amazon EFS file system that the access point provides access to. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "fileSystemId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPoint resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the access point.\n" }, "fileSystemArn": { "type": "string", "description": "ARN of the file system.\n" }, "fileSystemId": { "type": "string", "description": "ID of the file system for which the access point is intended.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string" }, "posixUser": { "$ref": "#/types/aws:efs/AccessPointPosixUser:AccessPointPosixUser", "description": "Operating system user and group applied to all file system requests made using the access point. Detailed below.\n", "willReplaceOnChanges": true }, "rootDirectory": { "$ref": "#/types/aws:efs/AccessPointRootDirectory:AccessPointRootDirectory", "description": "Directory on the Amazon EFS file system that the access point provides access to. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:efs/backupPolicy:BackupPolicy": { "description": "Provides an Elastic File System (EFS) Backup Policy resource.\nBackup policies turn automatic backups on or off for an existing file system.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fs = new aws.efs.FileSystem(\"fs\", {creationToken: \"my-product\"});\nconst policy = new aws.efs.BackupPolicy(\"policy\", {\n fileSystemId: fs.id,\n backupPolicy: {\n status: \"ENABLED\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfs = aws.efs.FileSystem(\"fs\", creation_token=\"my-product\")\npolicy = aws.efs.BackupPolicy(\"policy\",\n file_system_id=fs.id,\n backup_policy={\n \"status\": \"ENABLED\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fs = new Aws.Efs.FileSystem(\"fs\", new()\n {\n CreationToken = \"my-product\",\n });\n\n var policy = new Aws.Efs.BackupPolicy(\"policy\", new()\n {\n FileSystemId = fs.Id,\n BackupPolicyDetails = new Aws.Efs.Inputs.BackupPolicyBackupPolicyArgs\n {\n Status = \"ENABLED\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfs, err := efs.NewFileSystem(ctx, \"fs\", \u0026efs.FileSystemArgs{\n\t\t\tCreationToken: pulumi.String(\"my-product\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewBackupPolicy(ctx, \"policy\", \u0026efs.BackupPolicyArgs{\n\t\t\tFileSystemId: fs.ID(),\n\t\t\tBackupPolicy: \u0026efs.BackupPolicyBackupPolicyArgs{\n\t\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.efs.BackupPolicy;\nimport com.pulumi.aws.efs.BackupPolicyArgs;\nimport com.pulumi.aws.efs.inputs.BackupPolicyBackupPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fs = new FileSystem(\"fs\", FileSystemArgs.builder()\n .creationToken(\"my-product\")\n .build());\n\n var policy = new BackupPolicy(\"policy\", BackupPolicyArgs.builder()\n .fileSystemId(fs.id())\n .backupPolicy(BackupPolicyBackupPolicyArgs.builder()\n .status(\"ENABLED\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fs:\n type: aws:efs:FileSystem\n properties:\n creationToken: my-product\n policy:\n type: aws:efs:BackupPolicy\n properties:\n fileSystemId: ${fs.id}\n backupPolicy:\n status: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EFS backup policies using the `id`. For example:\n\n```sh\n$ pulumi import aws:efs/backupPolicy:BackupPolicy example fs-6fa144c6\n```\n", "properties": { "backupPolicy": { "$ref": "#/types/aws:efs/BackupPolicyBackupPolicy:BackupPolicyBackupPolicy", "description": "A backup_policy object (documented below).\n", "language": { "csharp": { "name": "BackupPolicyDetails" } } }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n" } }, "required": [ "backupPolicy", "fileSystemId" ], "inputProperties": { "backupPolicy": { "$ref": "#/types/aws:efs/BackupPolicyBackupPolicy:BackupPolicyBackupPolicy", "description": "A backup_policy object (documented below).\n", "language": { "csharp": { "name": "BackupPolicyDetails" } } }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "backupPolicy", "fileSystemId" ], "stateInputs": { "description": "Input properties used for looking up and filtering BackupPolicy resources.\n", "properties": { "backupPolicy": { "$ref": "#/types/aws:efs/BackupPolicyBackupPolicy:BackupPolicyBackupPolicy", "description": "A backup_policy object (documented below).\n", "language": { "csharp": { "name": "BackupPolicyDetails" } } }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:efs/fileSystem:FileSystem": { "description": "Provides an Elastic File System (EFS) File System resource.\n\n## Example Usage\n\n### EFS File System w/ tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.efs.FileSystem(\"foo\", {\n creationToken: \"my-product\",\n tags: {\n Name: \"MyProduct\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.efs.FileSystem(\"foo\",\n creation_token=\"my-product\",\n tags={\n \"Name\": \"MyProduct\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Efs.FileSystem(\"foo\", new()\n {\n CreationToken = \"my-product\",\n Tags = \n {\n { \"Name\", \"MyProduct\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.NewFileSystem(ctx, \"foo\", \u0026efs.FileSystemArgs{\n\t\t\tCreationToken: pulumi.String(\"my-product\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"MyProduct\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new FileSystem(\"foo\", FileSystemArgs.builder()\n .creationToken(\"my-product\")\n .tags(Map.of(\"Name\", \"MyProduct\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:efs:FileSystem\n properties:\n creationToken: my-product\n tags:\n Name: MyProduct\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using lifecycle policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooWithLifecylePolicy = new aws.efs.FileSystem(\"foo_with_lifecyle_policy\", {\n creationToken: \"my-product\",\n lifecyclePolicies: [{\n transitionToIa: \"AFTER_30_DAYS\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_with_lifecyle_policy = aws.efs.FileSystem(\"foo_with_lifecyle_policy\",\n creation_token=\"my-product\",\n lifecycle_policies=[{\n \"transition_to_ia\": \"AFTER_30_DAYS\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fooWithLifecylePolicy = new Aws.Efs.FileSystem(\"foo_with_lifecyle_policy\", new()\n {\n CreationToken = \"my-product\",\n LifecyclePolicies = new[]\n {\n new Aws.Efs.Inputs.FileSystemLifecyclePolicyArgs\n {\n TransitionToIa = \"AFTER_30_DAYS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.NewFileSystem(ctx, \"foo_with_lifecyle_policy\", \u0026efs.FileSystemArgs{\n\t\t\tCreationToken: pulumi.String(\"my-product\"),\n\t\t\tLifecyclePolicies: efs.FileSystemLifecyclePolicyArray{\n\t\t\t\t\u0026efs.FileSystemLifecyclePolicyArgs{\n\t\t\t\t\tTransitionToIa: pulumi.String(\"AFTER_30_DAYS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.efs.inputs.FileSystemLifecyclePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooWithLifecylePolicy = new FileSystem(\"fooWithLifecylePolicy\", FileSystemArgs.builder()\n .creationToken(\"my-product\")\n .lifecyclePolicies(FileSystemLifecyclePolicyArgs.builder()\n .transitionToIa(\"AFTER_30_DAYS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooWithLifecylePolicy:\n type: aws:efs:FileSystem\n name: foo_with_lifecyle_policy\n properties:\n creationToken: my-product\n lifecyclePolicies:\n - transitionToIa: AFTER_30_DAYS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EFS file systems using the `id`. For example:\n\n```sh\n$ pulumi import aws:efs/fileSystem:FileSystem foo fs-6fa144c6\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "availabilityZoneId": { "type": "string", "description": "The identifier of the Availability Zone in which the file system's One Zone storage classes exist.\n" }, "availabilityZoneName": { "type": "string", "description": "the AWS Availability Zone in which to create the file system. Used to create a file system that uses One Zone storage classes. See [user guide](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html) for more information.\n" }, "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\nuser guide for more information.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n" }, "lifecyclePolicies": { "type": "array", "items": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy" }, "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object. See `lifecycle_policy` block below for details.\n" }, "name": { "type": "string", "description": "The value of the file system's `Name` tag.\n" }, "numberOfMountTargets": { "type": "integer", "description": "The current number of mount targets that the file system has.\n" }, "ownerId": { "type": "string", "description": "The AWS account that created the file system. If the file system was createdby an IAM user, the parent account to which the user belongs is the owner.\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n" }, "protection": { "$ref": "#/types/aws:efs/FileSystemProtection:FileSystemProtection", "description": "A file system [protection](https://docs.aws.amazon.com/efs/latest/ug/API_FileSystemProtectionDescription.html) object. See `protection` block below for details.\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "sizeInBytes": { "type": "array", "items": { "$ref": "#/types/aws:efs/FileSystemSizeInByte:FileSystemSizeInByte" }, "description": "The latest known metered size (in bytes) of data stored in the file system, the value is not the exact size that the file system was at any point in time. See Size In Bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`, or `elastic`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "required": [ "arn", "availabilityZoneId", "availabilityZoneName", "creationToken", "dnsName", "encrypted", "kmsKeyId", "name", "numberOfMountTargets", "ownerId", "performanceMode", "protection", "sizeInBytes", "tagsAll" ], "inputProperties": { "availabilityZoneName": { "type": "string", "description": "the AWS Availability Zone in which to create the file system. Used to create a file system that uses One Zone storage classes. See [user guide](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html) for more information.\n", "willReplaceOnChanges": true }, "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\nuser guide for more information.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n", "willReplaceOnChanges": true }, "lifecyclePolicies": { "type": "array", "items": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy" }, "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object. See `lifecycle_policy` block below for details.\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n", "willReplaceOnChanges": true }, "protection": { "$ref": "#/types/aws:efs/FileSystemProtection:FileSystemProtection", "description": "A file system [protection](https://docs.aws.amazon.com/efs/latest/ug/API_FileSystemProtectionDescription.html) object. See `protection` block below for details.\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`, or `elastic`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering FileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "availabilityZoneId": { "type": "string", "description": "The identifier of the Availability Zone in which the file system's One Zone storage classes exist.\n" }, "availabilityZoneName": { "type": "string", "description": "the AWS Availability Zone in which to create the file system. Used to create a file system that uses One Zone storage classes. See [user guide](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html) for more information.\n", "willReplaceOnChanges": true }, "creationToken": { "type": "string", "description": "A unique name (a maximum of 64 characters are allowed)\nused as reference when creating the Elastic File System to ensure idempotent file\nsystem creation. By default generated by this provider. See [Elastic File System]\nuser guide for more information.\n", "willReplaceOnChanges": true }, "dnsName": { "type": "string", "description": "The DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "encrypted": { "type": "boolean", "description": "If true, the disk will be encrypted.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true.\n", "willReplaceOnChanges": true }, "lifecyclePolicies": { "type": "array", "items": { "$ref": "#/types/aws:efs/FileSystemLifecyclePolicy:FileSystemLifecyclePolicy" }, "description": "A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object. See `lifecycle_policy` block below for details.\n" }, "name": { "type": "string", "description": "The value of the file system's `Name` tag.\n" }, "numberOfMountTargets": { "type": "integer", "description": "The current number of mount targets that the file system has.\n" }, "ownerId": { "type": "string", "description": "The AWS account that created the file system. If the file system was createdby an IAM user, the parent account to which the user belongs is the owner.\n" }, "performanceMode": { "type": "string", "description": "The file system performance mode. Can be either `\"generalPurpose\"` or `\"maxIO\"` (Default: `\"generalPurpose\"`).\n", "willReplaceOnChanges": true }, "protection": { "$ref": "#/types/aws:efs/FileSystemProtection:FileSystemProtection", "description": "A file system [protection](https://docs.aws.amazon.com/efs/latest/ug/API_FileSystemProtectionDescription.html) object. See `protection` block below for details.\n" }, "provisionedThroughputInMibps": { "type": "number", "description": "The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`.\n" }, "sizeInBytes": { "type": "array", "items": { "$ref": "#/types/aws:efs/FileSystemSizeInByte:FileSystemSizeInByte" }, "description": "The latest known metered size (in bytes) of data stored in the file system, the value is not the exact size that the file system was at any point in time. See Size In Bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputMode": { "type": "string", "description": "Throughput mode for the file system. Defaults to `bursting`. Valid values: `bursting`, `provisioned`, or `elastic`. When using `provisioned`, also set `provisioned_throughput_in_mibps`.\n" } }, "type": "object" } }, "aws:efs/fileSystemPolicy:FileSystemPolicy": { "description": "Provides an Elastic File System (EFS) File System Policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fs = new aws.efs.FileSystem(\"fs\", {creationToken: \"my-product\"});\nconst policy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"ExampleStatement01\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n actions: [\n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\",\n ],\n resources: [fs.arn],\n conditions: [{\n test: \"Bool\",\n variable: \"aws:SecureTransport\",\n values: [\"true\"],\n }],\n }],\n});\nconst policyFileSystemPolicy = new aws.efs.FileSystemPolicy(\"policy\", {\n fileSystemId: fs.id,\n policy: policy.apply(policy =\u003e policy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfs = aws.efs.FileSystem(\"fs\", creation_token=\"my-product\")\npolicy = aws.iam.get_policy_document_output(statements=[{\n \"sid\": \"ExampleStatement01\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\",\n ],\n \"resources\": [fs.arn],\n \"conditions\": [{\n \"test\": \"Bool\",\n \"variable\": \"aws:SecureTransport\",\n \"values\": [\"true\"],\n }],\n}])\npolicy_file_system_policy = aws.efs.FileSystemPolicy(\"policy\",\n file_system_id=fs.id,\n policy=policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fs = new Aws.Efs.FileSystem(\"fs\", new()\n {\n CreationToken = \"my-product\",\n });\n\n var policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"ExampleStatement01\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\",\n },\n Resources = new[]\n {\n fs.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"Bool\",\n Variable = \"aws:SecureTransport\",\n Values = new[]\n {\n \"true\",\n },\n },\n },\n },\n },\n });\n\n var policyFileSystemPolicy = new Aws.Efs.FileSystemPolicy(\"policy\", new()\n {\n FileSystemId = fs.Id,\n Policy = policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfs, err := efs.NewFileSystem(ctx, \"fs\", \u0026efs.FileSystemArgs{\n\t\t\tCreationToken: pulumi.String(\"my-product\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"ExampleStatement01\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"elasticfilesystem:ClientMount\"),\n\t\t\t\t\t\tpulumi.String(\"elasticfilesystem:ClientWrite\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tfs.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"Bool\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SecureTransport\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"true\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = efs.NewFileSystemPolicy(ctx, \"policy\", \u0026efs.FileSystemPolicyArgs{\n\t\t\tFileSystemId: fs.ID(),\n\t\t\tPolicy: pulumi.String(policy.ApplyT(func(policy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026policy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.efs.FileSystemPolicy;\nimport com.pulumi.aws.efs.FileSystemPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fs = new FileSystem(\"fs\", FileSystemArgs.builder()\n .creationToken(\"my-product\")\n .build());\n\n final var policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"ExampleStatement01\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .actions( \n \"elasticfilesystem:ClientMount\",\n \"elasticfilesystem:ClientWrite\")\n .resources(fs.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"Bool\")\n .variable(\"aws:SecureTransport\")\n .values(\"true\")\n .build())\n .build())\n .build());\n\n var policyFileSystemPolicy = new FileSystemPolicy(\"policyFileSystemPolicy\", FileSystemPolicyArgs.builder()\n .fileSystemId(fs.id())\n .policy(policy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(policy -\u003e policy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fs:\n type: aws:efs:FileSystem\n properties:\n creationToken: my-product\n policyFileSystemPolicy:\n type: aws:efs:FileSystemPolicy\n name: policy\n properties:\n fileSystemId: ${fs.id}\n policy: ${policy.json}\nvariables:\n policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: ExampleStatement01\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n actions:\n - elasticfilesystem:ClientMount\n - elasticfilesystem:ClientWrite\n resources:\n - ${fs.arn}\n conditions:\n - test: Bool\n variable: aws:SecureTransport\n values:\n - 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EFS file system policies using the `id`. For example:\n\n```sh\n$ pulumi import aws:efs/fileSystemPolicy:FileSystemPolicy foo fs-6fa144c6\n```\n", "properties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the `aws.efs.FileSystemPolicy` lockout safety check. The policy lockout safety check determines whether the policy in the request will prevent the principal making the request will be locked out from making future `PutFileSystemPolicy` requests on the file system. Set `bypass_policy_lockout_safety_check` to `true` only when you intend to prevent the principal that is making the request from making a subsequent `PutFileSystemPolicy` request on the file system. The default value is `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n" }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n\nThe following arguments are optional:\n" } }, "required": [ "fileSystemId", "policy" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the `aws.efs.FileSystemPolicy` lockout safety check. The policy lockout safety check determines whether the policy in the request will prevent the principal making the request will be locked out from making future `PutFileSystemPolicy` requests on the file system. Set `bypass_policy_lockout_safety_check` to `true` only when you intend to prevent the principal that is making the request from making a subsequent `PutFileSystemPolicy` request on the file system. The default value is `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "fileSystemId", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering FileSystemPolicy resources.\n", "properties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the `aws.efs.FileSystemPolicy` lockout safety check. The policy lockout safety check determines whether the policy in the request will prevent the principal making the request will be locked out from making future `PutFileSystemPolicy` requests on the file system. Set `bypass_policy_lockout_safety_check` to `true` only when you intend to prevent the principal that is making the request from making a subsequent `PutFileSystemPolicy` request on the file system. The default value is `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the EFS file system.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:efs/mountTarget:MountTarget": { "description": "Provides an Elastic File System (EFS) mount target.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.0.0.0/16\"});\nconst alphaSubnet = new aws.ec2.Subnet(\"alpha\", {\n vpcId: foo.id,\n availabilityZone: \"us-west-2a\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst alpha = new aws.efs.MountTarget(\"alpha\", {\n fileSystemId: fooAwsEfsFileSystem.id,\n subnetId: alphaSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.0.0.0/16\")\nalpha_subnet = aws.ec2.Subnet(\"alpha\",\n vpc_id=foo.id,\n availability_zone=\"us-west-2a\",\n cidr_block=\"10.0.1.0/24\")\nalpha = aws.efs.MountTarget(\"alpha\",\n file_system_id=foo_aws_efs_file_system[\"id\"],\n subnet_id=alpha_subnet.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var alphaSubnet = new Aws.Ec2.Subnet(\"alpha\", new()\n {\n VpcId = foo.Id,\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var alpha = new Aws.Efs.MountTarget(\"alpha\", new()\n {\n FileSystemId = fooAwsEfsFileSystem.Id,\n SubnetId = alphaSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\talphaSubnet, err := ec2.NewSubnet(ctx, \"alpha\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: foo.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewMountTarget(ctx, \"alpha\", \u0026efs.MountTargetArgs{\n\t\t\tFileSystemId: pulumi.Any(fooAwsEfsFileSystem.Id),\n\t\t\tSubnetId: alphaSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.efs.MountTarget;\nimport com.pulumi.aws.efs.MountTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Vpc(\"foo\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var alphaSubnet = new Subnet(\"alphaSubnet\", SubnetArgs.builder()\n .vpcId(foo.id())\n .availabilityZone(\"us-west-2a\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var alpha = new MountTarget(\"alpha\", MountTargetArgs.builder()\n .fileSystemId(fooAwsEfsFileSystem.id())\n .subnetId(alphaSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alpha:\n type: aws:efs:MountTarget\n properties:\n fileSystemId: ${fooAwsEfsFileSystem.id}\n subnetId: ${alphaSubnet.id}\n foo:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n alphaSubnet:\n type: aws:ec2:Subnet\n name: alpha\n properties:\n vpcId: ${foo.id}\n availabilityZone: us-west-2a\n cidrBlock: 10.0.1.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the EFS mount targets using the `id`. For example:\n\n```sh\n$ pulumi import aws:efs/mountTarget:MountTarget alpha fsmt-52a643fb\n```\n", "properties": { "availabilityZoneId": { "type": "string", "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n" }, "availabilityZoneName": { "type": "string", "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the EFS file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n" }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n" }, "mountTargetDnsName": { "type": "string", "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n" }, "ownerId": { "type": "string", "description": "AWS account ID that owns the resource.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n" } }, "required": [ "availabilityZoneId", "availabilityZoneName", "dnsName", "fileSystemArn", "fileSystemId", "ipAddress", "mountTargetDnsName", "networkInterfaceId", "ownerId", "securityGroups", "subnetId" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "fileSystemId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MountTarget resources.\n", "properties": { "availabilityZoneId": { "type": "string", "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n" }, "availabilityZoneName": { "type": "string", "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n" }, "dnsName": { "type": "string", "description": "The DNS name for the EFS file system.\n" }, "fileSystemArn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system for which the mount target is intended.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The address (within the address range of the specified subnet) at\nwhich the file system may be mounted via the mount target.\n", "willReplaceOnChanges": true }, "mountTargetDnsName": { "type": "string", "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n" }, "networkInterfaceId": { "type": "string", "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n" }, "ownerId": { "type": "string", "description": "AWS account ID that owns the resource.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of up to 5 VPC security group IDs (that must\nbe for the same VPC as subnet specified) in effect for the mount target.\n" }, "subnetId": { "type": "string", "description": "The ID of the subnet to add the mount target in.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:efs/replicationConfiguration:ReplicationConfiguration": { "description": "Creates a replica of an existing EFS file system in the same or another region. Creating this resource causes the source EFS file system to be replicated to a new read-only destination EFS file system (unless using the `destination.file_system_id` attribute). Deleting this resource will cause the replication from source to destination to stop and the destination file system will no longer be read only.\n\n\u003e **NOTE:** Deleting this resource does **not** delete the destination file system that was created.\n\n## Example Usage\n\nWill create a replica using regional storage in us-west-2 that will be encrypted by the default EFS KMS key `/aws/elasticfilesystem`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.efs.FileSystem(\"example\", {});\nconst exampleReplicationConfiguration = new aws.efs.ReplicationConfiguration(\"example\", {\n sourceFileSystemId: example.id,\n destination: {\n region: \"us-west-2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.efs.FileSystem(\"example\")\nexample_replication_configuration = aws.efs.ReplicationConfiguration(\"example\",\n source_file_system_id=example.id,\n destination={\n \"region\": \"us-west-2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Efs.FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new Aws.Efs.ReplicationConfiguration(\"example\", new()\n {\n SourceFileSystemId = example.Id,\n Destination = new Aws.Efs.Inputs.ReplicationConfigurationDestinationArgs\n {\n Region = \"us-west-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := efs.NewFileSystem(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewReplicationConfiguration(ctx, \"example\", \u0026efs.ReplicationConfigurationArgs{\n\t\t\tSourceFileSystemId: example.ID(),\n\t\t\tDestination: \u0026efs.ReplicationConfigurationDestinationArgs{\n\t\t\t\tRegion: pulumi.String(\"us-west-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.ReplicationConfiguration;\nimport com.pulumi.aws.efs.ReplicationConfigurationArgs;\nimport com.pulumi.aws.efs.inputs.ReplicationConfigurationDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .sourceFileSystemId(example.id())\n .destination(ReplicationConfigurationDestinationArgs.builder()\n .region(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:efs:FileSystem\n exampleReplicationConfiguration:\n type: aws:efs:ReplicationConfiguration\n name: example\n properties:\n sourceFileSystemId: ${example.id}\n destination:\n region: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nReplica will be created as One Zone storage in the us-west-2b Availability Zone and encrypted with the specified KMS key.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.efs.FileSystem(\"example\", {});\nconst exampleReplicationConfiguration = new aws.efs.ReplicationConfiguration(\"example\", {\n sourceFileSystemId: example.id,\n destination: {\n availabilityZoneName: \"us-west-2b\",\n kmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.efs.FileSystem(\"example\")\nexample_replication_configuration = aws.efs.ReplicationConfiguration(\"example\",\n source_file_system_id=example.id,\n destination={\n \"availability_zone_name\": \"us-west-2b\",\n \"kms_key_id\": \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Efs.FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new Aws.Efs.ReplicationConfiguration(\"example\", new()\n {\n SourceFileSystemId = example.Id,\n Destination = new Aws.Efs.Inputs.ReplicationConfigurationDestinationArgs\n {\n AvailabilityZoneName = \"us-west-2b\",\n KmsKeyId = \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := efs.NewFileSystem(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewReplicationConfiguration(ctx, \"example\", \u0026efs.ReplicationConfigurationArgs{\n\t\t\tSourceFileSystemId: example.ID(),\n\t\t\tDestination: \u0026efs.ReplicationConfigurationDestinationArgs{\n\t\t\t\tAvailabilityZoneName: pulumi.String(\"us-west-2b\"),\n\t\t\t\tKmsKeyId: pulumi.String(\"1234abcd-12ab-34cd-56ef-1234567890ab\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.ReplicationConfiguration;\nimport com.pulumi.aws.efs.ReplicationConfigurationArgs;\nimport com.pulumi.aws.efs.inputs.ReplicationConfigurationDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .sourceFileSystemId(example.id())\n .destination(ReplicationConfigurationDestinationArgs.builder()\n .availabilityZoneName(\"us-west-2b\")\n .kmsKeyId(\"1234abcd-12ab-34cd-56ef-1234567890ab\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:efs:FileSystem\n exampleReplicationConfiguration:\n type: aws:efs:ReplicationConfiguration\n name: example\n properties:\n sourceFileSystemId: ${example.id}\n destination:\n availabilityZoneName: us-west-2b\n kmsKeyId: 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWill create a replica and set the existing file system with id `fs-1234567890` in us-west-2 as destination.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.efs.FileSystem(\"example\", {});\nconst exampleReplicationConfiguration = new aws.efs.ReplicationConfiguration(\"example\", {\n sourceFileSystemId: example.id,\n destination: {\n fileSystemId: \"fs-1234567890\",\n region: \"us-west-2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.efs.FileSystem(\"example\")\nexample_replication_configuration = aws.efs.ReplicationConfiguration(\"example\",\n source_file_system_id=example.id,\n destination={\n \"file_system_id\": \"fs-1234567890\",\n \"region\": \"us-west-2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Efs.FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new Aws.Efs.ReplicationConfiguration(\"example\", new()\n {\n SourceFileSystemId = example.Id,\n Destination = new Aws.Efs.Inputs.ReplicationConfigurationDestinationArgs\n {\n FileSystemId = \"fs-1234567890\",\n Region = \"us-west-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := efs.NewFileSystem(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.NewReplicationConfiguration(ctx, \"example\", \u0026efs.ReplicationConfigurationArgs{\n\t\t\tSourceFileSystemId: example.ID(),\n\t\t\tDestination: \u0026efs.ReplicationConfigurationDestinationArgs{\n\t\t\t\tFileSystemId: pulumi.String(\"fs-1234567890\"),\n\t\t\t\tRegion: pulumi.String(\"us-west-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.ReplicationConfiguration;\nimport com.pulumi.aws.efs.ReplicationConfigurationArgs;\nimport com.pulumi.aws.efs.inputs.ReplicationConfigurationDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystem(\"example\");\n\n var exampleReplicationConfiguration = new ReplicationConfiguration(\"exampleReplicationConfiguration\", ReplicationConfigurationArgs.builder()\n .sourceFileSystemId(example.id())\n .destination(ReplicationConfigurationDestinationArgs.builder()\n .fileSystemId(\"fs-1234567890\")\n .region(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:efs:FileSystem\n exampleReplicationConfiguration:\n type: aws:efs:ReplicationConfiguration\n name: example\n properties:\n sourceFileSystemId: ${example.id}\n destination:\n fileSystemId: fs-1234567890\n region: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EFS Replication Configurations using the file system ID of either the source or destination file system. When importing, the `availability_zone_name` and `kms_key_id` attributes must __not__ be set in the configuration. The AWS API does not return these values when querying the replication configuration and their presence will therefore show as a diff in a subsequent plan. For example:\n\n```sh\n$ pulumi import aws:efs/replicationConfiguration:ReplicationConfiguration example fs-id\n```\n", "properties": { "creationTime": { "type": "string", "description": "When the replication configuration was created.\n* `destination[0].file_system_id` - The fs ID of the replica.\n* `destination[0].status` - The status of the replication.\n" }, "destination": { "$ref": "#/types/aws:efs/ReplicationConfigurationDestination:ReplicationConfigurationDestination", "description": "A destination configuration block (documented below).\n" }, "originalSourceFileSystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the original source Amazon EFS file system in the replication configuration.\n" }, "sourceFileSystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.\n" }, "sourceFileSystemId": { "type": "string", "description": "The ID of the file system that is to be replicated.\n" }, "sourceFileSystemRegion": { "type": "string", "description": "The AWS Region in which the source Amazon EFS file system is located.\n" } }, "required": [ "creationTime", "destination", "originalSourceFileSystemArn", "sourceFileSystemArn", "sourceFileSystemId", "sourceFileSystemRegion" ], "inputProperties": { "destination": { "$ref": "#/types/aws:efs/ReplicationConfigurationDestination:ReplicationConfigurationDestination", "description": "A destination configuration block (documented below).\n", "willReplaceOnChanges": true }, "sourceFileSystemId": { "type": "string", "description": "The ID of the file system that is to be replicated.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destination", "sourceFileSystemId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationConfiguration resources.\n", "properties": { "creationTime": { "type": "string", "description": "When the replication configuration was created.\n* `destination[0].file_system_id` - The fs ID of the replica.\n* `destination[0].status` - The status of the replication.\n" }, "destination": { "$ref": "#/types/aws:efs/ReplicationConfigurationDestination:ReplicationConfigurationDestination", "description": "A destination configuration block (documented below).\n", "willReplaceOnChanges": true }, "originalSourceFileSystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the original source Amazon EFS file system in the replication configuration.\n" }, "sourceFileSystemArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.\n" }, "sourceFileSystemId": { "type": "string", "description": "The ID of the file system that is to be replicated.\n", "willReplaceOnChanges": true }, "sourceFileSystemRegion": { "type": "string", "description": "The AWS Region in which the source Amazon EFS file system is located.\n" } }, "type": "object" } }, "aws:eks/accessEntry:AccessEntry": { "description": "Access Entry Configurations for an EKS Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.AccessEntry(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n principalArn: exampleAwsIamRole.arn,\n kubernetesGroups: [\n \"group-1\",\n \"group-2\",\n ],\n type: \"STANDARD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.AccessEntry(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n principal_arn=example_aws_iam_role[\"arn\"],\n kubernetes_groups=[\n \"group-1\",\n \"group-2\",\n ],\n type=\"STANDARD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.AccessEntry(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n PrincipalArn = exampleAwsIamRole.Arn,\n KubernetesGroups = new[]\n {\n \"group-1\",\n \"group-2\",\n },\n Type = \"STANDARD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewAccessEntry(ctx, \"example\", \u0026eks.AccessEntryArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tPrincipalArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tKubernetesGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"group-1\"),\n\t\t\t\tpulumi.String(\"group-2\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"STANDARD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.AccessEntry;\nimport com.pulumi.aws.eks.AccessEntryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessEntry(\"example\", AccessEntryArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .principalArn(exampleAwsIamRole.arn())\n .kubernetesGroups( \n \"group-1\",\n \"group-2\")\n .type(\"STANDARD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:AccessEntry\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n principalArn: ${exampleAwsIamRole.arn}\n kubernetesGroups:\n - group-1\n - group-2\n type: STANDARD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS access entry using the `cluster_name` and `principal_arn` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/accessEntry:AccessEntry my_eks_access_entry my_cluster_name:my_principal_arn\n```\n", "properties": { "accessEntryArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Access Entry.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n" }, "kubernetesGroups": { "type": "array", "items": { "type": "string" }, "description": "List of string which can optionally specify the Kubernetes groups the user would belong to when creating an access entry.\n" }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n" }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(Optional) Key-value map of resource tags, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Defaults to STANDARD which provides the standard workflow. EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX types disallow users to input a username or groups, and prevent associations.\n" }, "userName": { "type": "string", "description": "Defaults to principal ARN if user is principal else defaults to assume-role/session-name is role is used.\n" } }, "required": [ "accessEntryArn", "clusterName", "createdAt", "kubernetesGroups", "modifiedAt", "principalArn", "tagsAll", "userName" ], "inputProperties": { "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "kubernetesGroups": { "type": "array", "items": { "type": "string" }, "description": "List of string which can optionally specify the Kubernetes groups the user would belong to when creating an access entry.\n" }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Defaults to STANDARD which provides the standard workflow. EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX types disallow users to input a username or groups, and prevent associations.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "Defaults to principal ARN if user is principal else defaults to assume-role/session-name is role is used.\n" } }, "requiredInputs": [ "clusterName", "principalArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessEntry resources.\n", "properties": { "accessEntryArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Access Entry.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n" }, "kubernetesGroups": { "type": "array", "items": { "type": "string" }, "description": "List of string which can optionally specify the Kubernetes groups the user would belong to when creating an access entry.\n" }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n" }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(Optional) Key-value map of resource tags, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Defaults to STANDARD which provides the standard workflow. EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX types disallow users to input a username or groups, and prevent associations.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "Defaults to principal ARN if user is principal else defaults to assume-role/session-name is role is used.\n" } }, "type": "object" } }, "aws:eks/accessPolicyAssociation:AccessPolicyAssociation": { "description": "Access Entry Policy Association for an EKS Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.AccessPolicyAssociation(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n policyArn: \"arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\",\n principalArn: exampleAwsIamUser.arn,\n accessScope: {\n type: \"namespace\",\n namespaces: [\"example-namespace\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.AccessPolicyAssociation(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n policy_arn=\"arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\",\n principal_arn=example_aws_iam_user[\"arn\"],\n access_scope={\n \"type\": \"namespace\",\n \"namespaces\": [\"example-namespace\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.AccessPolicyAssociation(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n PolicyArn = \"arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\",\n PrincipalArn = exampleAwsIamUser.Arn,\n AccessScope = new Aws.Eks.Inputs.AccessPolicyAssociationAccessScopeArgs\n {\n Type = \"namespace\",\n Namespaces = new[]\n {\n \"example-namespace\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewAccessPolicyAssociation(ctx, \"example\", \u0026eks.AccessPolicyAssociationArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\"),\n\t\t\tPrincipalArn: pulumi.Any(exampleAwsIamUser.Arn),\n\t\t\tAccessScope: \u0026eks.AccessPolicyAssociationAccessScopeArgs{\n\t\t\t\tType: pulumi.String(\"namespace\"),\n\t\t\t\tNamespaces: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example-namespace\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.AccessPolicyAssociation;\nimport com.pulumi.aws.eks.AccessPolicyAssociationArgs;\nimport com.pulumi.aws.eks.inputs.AccessPolicyAssociationAccessScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessPolicyAssociation(\"example\", AccessPolicyAssociationArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .policyArn(\"arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\")\n .principalArn(exampleAwsIamUser.arn())\n .accessScope(AccessPolicyAssociationAccessScopeArgs.builder()\n .type(\"namespace\")\n .namespaces(\"example-namespace\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:AccessPolicyAssociation\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n policyArn: arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy\n principalArn: ${exampleAwsIamUser.arn}\n accessScope:\n type: namespace\n namespaces:\n - example-namespace\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS access entry using the `cluster_name` `principal_arn` and `policy_arn` separated by a colon (`#`). For example:\n\n```sh\n$ pulumi import aws:eks/accessPolicyAssociation:AccessPolicyAssociation my_eks_access_entry my_cluster_name#my_principal_arn#my_policy_arn\n```\n", "properties": { "accessScope": { "$ref": "#/types/aws:eks/AccessPolicyAssociationAccessScope:AccessPolicyAssociationAccessScope", "description": "The configuration block to determine the scope of the access. See `access_scope` Block below.\n" }, "associatedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the policy was associated.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the policy was updated.\n" }, "policyArn": { "type": "string", "description": "The ARN of the access policy that you're associating.\n" }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n" } }, "required": [ "accessScope", "associatedAt", "clusterName", "modifiedAt", "policyArn", "principalArn" ], "inputProperties": { "accessScope": { "$ref": "#/types/aws:eks/AccessPolicyAssociationAccessScope:AccessPolicyAssociationAccessScope", "description": "The configuration block to determine the scope of the access. See `access_scope` Block below.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "policyArn": { "type": "string", "description": "The ARN of the access policy that you're associating.\n", "willReplaceOnChanges": true }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accessScope", "clusterName", "policyArn", "principalArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPolicyAssociation resources.\n", "properties": { "accessScope": { "$ref": "#/types/aws:eks/AccessPolicyAssociationAccessScope:AccessPolicyAssociationAccessScope", "description": "The configuration block to determine the scope of the access. See `access_scope` Block below.\n", "willReplaceOnChanges": true }, "associatedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the policy was associated.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the policy was updated.\n" }, "policyArn": { "type": "string", "description": "The ARN of the access policy that you're associating.\n", "willReplaceOnChanges": true }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:eks/addon:Addon": { "description": "Manages an EKS add-on.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.Addon(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n addonName: \"vpc-cni\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.Addon(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n addon_name=\"vpc-cni\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Addon(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n AddonName = \"vpc-cni\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewAddon(ctx, \"example\", \u0026eks.AddonArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tAddonName: pulumi.String(\"vpc-cni\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Addon;\nimport com.pulumi.aws.eks.AddonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Addon(\"example\", AddonArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .addonName(\"vpc-cni\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Addon\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n addonName: vpc-cni\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example Update add-on usage with resolve_conflicts_on_update and PRESERVE\n\n`resolve_conflicts_on_update` with `PRESERVE` can be used to retain the config changes applied to the add-on with kubectl while upgrading to a newer version of the add-on.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.Addon(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n addonName: \"coredns\",\n addonVersion: \"v1.10.1-eksbuild.1\",\n resolveConflictsOnUpdate: \"PRESERVE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.Addon(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n addon_name=\"coredns\",\n addon_version=\"v1.10.1-eksbuild.1\",\n resolve_conflicts_on_update=\"PRESERVE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Addon(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n AddonName = \"coredns\",\n AddonVersion = \"v1.10.1-eksbuild.1\",\n ResolveConflictsOnUpdate = \"PRESERVE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewAddon(ctx, \"example\", \u0026eks.AddonArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tAddonName: pulumi.String(\"coredns\"),\n\t\t\tAddonVersion: pulumi.String(\"v1.10.1-eksbuild.1\"),\n\t\t\tResolveConflictsOnUpdate: pulumi.String(\"PRESERVE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Addon;\nimport com.pulumi.aws.eks.AddonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Addon(\"example\", AddonArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .addonName(\"coredns\")\n .addonVersion(\"v1.10.1-eksbuild.1\")\n .resolveConflictsOnUpdate(\"PRESERVE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Addon\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n addonName: coredns\n addonVersion: v1.10.1-eksbuild.1\n resolveConflictsOnUpdate: PRESERVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example add-on usage with custom configuration_values\n\nCustom add-on configuration can be passed using `configuration_values` as a single JSON string while creating or updating the add-on.\n\n\u003e **Note:** `configuration_values` is a single JSON string should match the valid JSON schema for each add-on with specific version.\n\nTo find the correct JSON schema for each add-on can be extracted using [describe-addon-configuration](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-configuration.html) call.\nThis below is an example for extracting the `configuration_values` schema for `coredns`.\n\n```bash\n aws eks describe-addon-configuration \\\n --addon-name coredns \\\n --addon-version v1.10.1-eksbuild.1\n```\n\nExample to create a `coredns` managed addon with custom `configuration_values`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.Addon(\"example\", {\n clusterName: \"mycluster\",\n addonName: \"coredns\",\n addonVersion: \"v1.10.1-eksbuild.1\",\n resolveConflictsOnCreate: \"OVERWRITE\",\n configurationValues: JSON.stringify({\n replicaCount: 4,\n resources: {\n limits: {\n cpu: \"100m\",\n memory: \"150Mi\",\n },\n requests: {\n cpu: \"100m\",\n memory: \"150Mi\",\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.eks.Addon(\"example\",\n cluster_name=\"mycluster\",\n addon_name=\"coredns\",\n addon_version=\"v1.10.1-eksbuild.1\",\n resolve_conflicts_on_create=\"OVERWRITE\",\n configuration_values=json.dumps({\n \"replicaCount\": 4,\n \"resources\": {\n \"limits\": {\n \"cpu\": \"100m\",\n \"memory\": \"150Mi\",\n },\n \"requests\": {\n \"cpu\": \"100m\",\n \"memory\": \"150Mi\",\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Addon(\"example\", new()\n {\n ClusterName = \"mycluster\",\n AddonName = \"coredns\",\n AddonVersion = \"v1.10.1-eksbuild.1\",\n ResolveConflictsOnCreate = \"OVERWRITE\",\n ConfigurationValues = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"replicaCount\"] = 4,\n [\"resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"limits\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"cpu\"] = \"100m\",\n [\"memory\"] = \"150Mi\",\n },\n [\"requests\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"cpu\"] = \"100m\",\n [\"memory\"] = \"150Mi\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"replicaCount\": 4,\n\t\t\t\"resources\": map[string]interface{}{\n\t\t\t\t\"limits\": map[string]interface{}{\n\t\t\t\t\t\"cpu\": \"100m\",\n\t\t\t\t\t\"memory\": \"150Mi\",\n\t\t\t\t},\n\t\t\t\t\"requests\": map[string]interface{}{\n\t\t\t\t\t\"cpu\": \"100m\",\n\t\t\t\t\t\"memory\": \"150Mi\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = eks.NewAddon(ctx, \"example\", \u0026eks.AddonArgs{\n\t\t\tClusterName: pulumi.String(\"mycluster\"),\n\t\t\tAddonName: pulumi.String(\"coredns\"),\n\t\t\tAddonVersion: pulumi.String(\"v1.10.1-eksbuild.1\"),\n\t\t\tResolveConflictsOnCreate: pulumi.String(\"OVERWRITE\"),\n\t\t\tConfigurationValues: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Addon;\nimport com.pulumi.aws.eks.AddonArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Addon(\"example\", AddonArgs.builder()\n .clusterName(\"mycluster\")\n .addonName(\"coredns\")\n .addonVersion(\"v1.10.1-eksbuild.1\")\n .resolveConflictsOnCreate(\"OVERWRITE\")\n .configurationValues(serializeJson(\n jsonObject(\n jsonProperty(\"replicaCount\", 4),\n jsonProperty(\"resources\", jsonObject(\n jsonProperty(\"limits\", jsonObject(\n jsonProperty(\"cpu\", \"100m\"),\n jsonProperty(\"memory\", \"150Mi\")\n )),\n jsonProperty(\"requests\", jsonObject(\n jsonProperty(\"cpu\", \"100m\"),\n jsonProperty(\"memory\", \"150Mi\")\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Addon\n properties:\n clusterName: mycluster\n addonName: coredns\n addonVersion: v1.10.1-eksbuild.1\n resolveConflictsOnCreate: OVERWRITE\n configurationValues:\n fn::toJSON:\n replicaCount: 4\n resources:\n limits:\n cpu: 100m\n memory: 150Mi\n requests:\n cpu: 100m\n memory: 150Mi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Addon \"vpc-cni\" with AWS managed policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\nconst exampleCluster = new aws.eks.Cluster(\"example\", {});\nconst example = exampleCluster.identities.apply(identities =\u003e tls.getCertificateOutput({\n url: identities[0].oidcs?.[0]?.issuer,\n}));\nconst exampleOpenIdConnectProvider = new aws.iam.OpenIdConnectProvider(\"example\", {\n clientIdLists: [\"sts.amazonaws.com\"],\n thumbprintLists: [example.apply(example =\u003e example.certificates?.[0]?.sha1Fingerprint)],\n url: exampleCluster.identities.apply(identities =\u003e identities[0].oidcs?.[0]?.issuer),\n});\nconst exampleAssumeRolePolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRoleWithWebIdentity\"],\n effect: \"Allow\",\n conditions: [{\n test: \"StringEquals\",\n variable: std.replaceOutput({\n text: exampleOpenIdConnectProvider.url,\n search: \"https://\",\n replace: \"\",\n }).apply(invoke =\u003e `${invoke.result}:sub`),\n values: [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n principals: [{\n identifiers: [exampleOpenIdConnectProvider.arn],\n type: \"Federated\",\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.apply(exampleAssumeRolePolicy =\u003e exampleAssumeRolePolicy.json),\n name: \"example-vpc-cni-role\",\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role: exampleRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\nimport pulumi_tls as tls\n\nexample_cluster = aws.eks.Cluster(\"example\")\nexample = example_cluster.identities.apply(lambda identities: tls.get_certificate_output(url=identities[0].oidcs[0].issuer))\nexample_open_id_connect_provider = aws.iam.OpenIdConnectProvider(\"example\",\n client_id_lists=[\"sts.amazonaws.com\"],\n thumbprint_lists=[example.certificates[0].sha1_fingerprint],\n url=example_cluster.identities[0].oidcs[0].issuer)\nexample_assume_role_policy = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"sts:AssumeRoleWithWebIdentity\"],\n \"effect\": \"Allow\",\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": std.replace_output(text=example_open_id_connect_provider.url,\n search=\"https://\",\n replace=\"\").apply(lambda invoke: f\"{invoke.result}:sub\"),\n \"values\": [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n \"principals\": [{\n \"identifiers\": [example_open_id_connect_provider.arn],\n \"type\": \"Federated\",\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy.json,\n name=\"example-vpc-cni-role\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role=example_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Eks.Cluster(\"example\");\n\n var example = Tls.GetCertificate.Invoke(new()\n {\n Url = exampleCluster.Identities[0].Oidcs[0]?.Issuer,\n });\n\n var exampleOpenIdConnectProvider = new Aws.Iam.OpenIdConnectProvider(\"example\", new()\n {\n ClientIdLists = new[]\n {\n \"sts.amazonaws.com\",\n },\n ThumbprintLists = new[]\n {\n example.Apply(getCertificateResult =\u003e getCertificateResult.Certificates[0]?.Sha1Fingerprint),\n },\n Url = exampleCluster.Identities.Apply(identities =\u003e identities[0].Oidcs[0]?.Issuer),\n });\n\n var exampleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRoleWithWebIdentity\",\n },\n Effect = \"Allow\",\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = $\"{Std.Replace.Invoke(new()\n {\n Text = exampleOpenIdConnectProvider.Url,\n Search = \"https://\",\n Replace = \"\",\n }).Result}:sub\",\n Values = new[]\n {\n \"system:serviceaccount:kube-system:aws-node\",\n },\n },\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n exampleOpenIdConnectProvider.Arn,\n },\n Type = \"Federated\",\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"example-vpc-cni-role\",\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n Role = exampleRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := eks.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := exampleCluster.Identities.ApplyT(func(identities []eks.ClusterIdentity) (tls.GetCertificateResult, error) {\n\t\t\treturn tls.GetCertificateResult(interface{}(tls.GetCertificateOutput(ctx, tls.GetCertificateOutputArgs{\n\t\t\t\tUrl: identities[0].Oidcs[0].Issuer,\n\t\t\t}, nil))), nil\n\t\t}).(tls.GetCertificateResultOutput)\n\t\texampleOpenIdConnectProvider, err := iam.NewOpenIdConnectProvider(ctx, \"example\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sts.amazonaws.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(example.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\t\treturn \u0026example.Certificates[0].Sha1Fingerprint, nil\n\t\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\t},\n\t\t\tUrl: pulumi.String(exampleCluster.Identities.ApplyT(func(identities []eks.ClusterIdentity) (*string, error) {\n\t\t\t\treturn \u0026identities[0].Oidcs[0].Issuer, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAssumeRolePolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRoleWithWebIdentity\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\t\t\t\tText: exampleOpenIdConnectProvider.Url,\n\t\t\t\t\t\t\t\tSearch: pulumi.String(\"https://\"),\n\t\t\t\t\t\t\t\tReplace: pulumi.String(\"\"),\n\t\t\t\t\t\t\t}, nil).ApplyT(func(invoke std.ReplaceResult) (string, error) {\n\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:sub\", invoke.Result), nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"system:serviceaccount:kube-system:aws-node\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleOpenIdConnectProvider.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Federated\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(exampleAssumeRolePolicy.ApplyT(func(exampleAssumeRolePolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026exampleAssumeRolePolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tName: pulumi.String(\"example-vpc-cni-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\"),\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.tls.TlsFunctions;\nimport com.pulumi.tls.inputs.GetCertificateArgs;\nimport com.pulumi.aws.iam.OpenIdConnectProvider;\nimport com.pulumi.aws.iam.OpenIdConnectProviderArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\");\n\n final var example = TlsFunctions.getCertificate(GetCertificateArgs.builder()\n .url(exampleCluster.identities().applyValue(identities -\u003e identities[0].oidcs()[0].issuer()))\n .build());\n\n var exampleOpenIdConnectProvider = new OpenIdConnectProvider(\"exampleOpenIdConnectProvider\", OpenIdConnectProviderArgs.builder()\n .clientIdLists(\"sts.amazonaws.com\")\n .thumbprintLists(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.certificates()[0].sha1Fingerprint())))\n .url(exampleCluster.identities().applyValue(identities -\u003e identities[0].oidcs()[0].issuer()))\n .build());\n\n final var exampleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRoleWithWebIdentity\")\n .effect(\"Allow\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(StdFunctions.replace().applyValue(invoke -\u003e String.format(\"%s:sub\", invoke.result())))\n .values(\"system:serviceaccount:kube-system:aws-node\")\n .build())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(exampleOpenIdConnectProvider.arn())\n .type(\"Federated\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .assumeRolePolicy(exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(exampleAssumeRolePolicy -\u003e exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .name(\"example-vpc-cni-role\")\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\")\n .role(exampleRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n exampleOpenIdConnectProvider:\n type: aws:iam:OpenIdConnectProvider\n name: example\n properties:\n clientIdLists:\n - sts.amazonaws.com\n thumbprintLists:\n - ${example.certificates[0].sha1Fingerprint}\n url: ${exampleCluster.identities[0].oidcs[0].issuer}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example-vpc-cni-role\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\n role: ${exampleRole.name}\nvariables:\n example:\n fn::invoke:\n Function: tls:getCertificate\n Arguments:\n url: ${exampleCluster.identities[0].oidcs[0].issuer}\n exampleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRoleWithWebIdentity\n effect: Allow\n conditions:\n - test: StringEquals\n variable:\n fn::join:\n -\n - - fn::invoke:\n Function: std:replace\n Arguments:\n text: ${exampleOpenIdConnectProvider.url}\n search: https://\n replace:\n Return: result\n - :sub\n values:\n - system:serviceaccount:kube-system:aws-node\n principals:\n - identifiers:\n - ${exampleOpenIdConnectProvider.arn}\n type: Federated\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS add-on using the `cluster_name` and `addon_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/addon:Addon my_eks_addon my_cluster_name:my_addon_name\n```\n", "properties": { "addonName": { "type": "string", "description": "Name of the EKS add-on. The name must match one of\nthe names returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n" }, "addonVersion": { "type": "string", "description": "The version of the EKS add-on. The version must\nmatch one of the versions returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS add-on.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n\nThe following arguments are optional:\n" }, "configurationValues": { "type": "string", "description": "custom configuration values for addons with single JSON string. This JSON string value must match the JSON schema derived from [describe-addon-configuration](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-configuration.html).\n" }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n" }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n" }, "preserve": { "type": "boolean", "description": "Indicates if you want to preserve the created resources when deleting the EKS add-on.\n" }, "resolveConflicts": { "type": "string", "description": "Define how to resolve parameter value conflicts when migrating an existing add-on to an Amazon EKS add-on or when applying version updates to the add-on. Valid values are `NONE`, `OVERWRITE` and `PRESERVE`. Note that `PRESERVE` is only valid on addon update, not for initial addon creation. If you need to set this to `PRESERVE`, use the `resolve_conflicts_on_create` and `resolve_conflicts_on_update` attributes instead. For more details check [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n", "deprecationMessage": "The \"resolve_conflicts\" attribute can't be set to \"PRESERVE\" on initial resource creation. Use \"resolve_conflicts_on_create\" and/or \"resolve_conflicts_on_update\" instead" }, "resolveConflictsOnCreate": { "type": "string", "description": "How to resolve field value conflicts when migrating a self-managed add-on to an Amazon EKS add-on. Valid values are `NONE` and `OVERWRITE`. For more details see the [CreateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html) API Docs.\n" }, "resolveConflictsOnUpdate": { "type": "string", "description": "How to resolve field value conflicts for an Amazon EKS add-on if you've changed a value from the Amazon EKS default value. Valid values are `NONE`, `OVERWRITE`, and `PRESERVE`. For more details see the [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n" }, "serviceAccountRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an\nexisting IAM role to bind to the add-on's service account. The role must be\nassigned the IAM permissions required by the add-on. If you don't specify\nan existing IAM role, then the add-on uses the permissions assigned to the node\nIAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)\nin the Amazon EKS User Guide.\n\n\u003e **Note:** To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC)\nprovider created for your cluster. For more information, [see Enabling IAM roles\nfor service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html)\nin the Amazon EKS User Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(Optional) Key-value map of resource tags, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "addonName", "addonVersion", "arn", "clusterName", "configurationValues", "createdAt", "modifiedAt", "tagsAll" ], "inputProperties": { "addonName": { "type": "string", "description": "Name of the EKS add-on. The name must match one of\nthe names returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n", "willReplaceOnChanges": true }, "addonVersion": { "type": "string", "description": "The version of the EKS add-on. The version must\nmatch one of the versions returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "configurationValues": { "type": "string", "description": "custom configuration values for addons with single JSON string. This JSON string value must match the JSON schema derived from [describe-addon-configuration](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-configuration.html).\n" }, "preserve": { "type": "boolean", "description": "Indicates if you want to preserve the created resources when deleting the EKS add-on.\n" }, "resolveConflicts": { "type": "string", "description": "Define how to resolve parameter value conflicts when migrating an existing add-on to an Amazon EKS add-on or when applying version updates to the add-on. Valid values are `NONE`, `OVERWRITE` and `PRESERVE`. Note that `PRESERVE` is only valid on addon update, not for initial addon creation. If you need to set this to `PRESERVE`, use the `resolve_conflicts_on_create` and `resolve_conflicts_on_update` attributes instead. For more details check [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n", "deprecationMessage": "The \"resolve_conflicts\" attribute can't be set to \"PRESERVE\" on initial resource creation. Use \"resolve_conflicts_on_create\" and/or \"resolve_conflicts_on_update\" instead" }, "resolveConflictsOnCreate": { "type": "string", "description": "How to resolve field value conflicts when migrating a self-managed add-on to an Amazon EKS add-on. Valid values are `NONE` and `OVERWRITE`. For more details see the [CreateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html) API Docs.\n" }, "resolveConflictsOnUpdate": { "type": "string", "description": "How to resolve field value conflicts for an Amazon EKS add-on if you've changed a value from the Amazon EKS default value. Valid values are `NONE`, `OVERWRITE`, and `PRESERVE`. For more details see the [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n" }, "serviceAccountRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an\nexisting IAM role to bind to the add-on's service account. The role must be\nassigned the IAM permissions required by the add-on. If you don't specify\nan existing IAM role, then the add-on uses the permissions assigned to the node\nIAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)\nin the Amazon EKS User Guide.\n\n\u003e **Note:** To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC)\nprovider created for your cluster. For more information, [see Enabling IAM roles\nfor service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html)\nin the Amazon EKS User Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "addonName", "clusterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Addon resources.\n", "properties": { "addonName": { "type": "string", "description": "Name of the EKS add-on. The name must match one of\nthe names returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n", "willReplaceOnChanges": true }, "addonVersion": { "type": "string", "description": "The version of the EKS add-on. The version must\nmatch one of the versions returned by [describe-addon-versions](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-versions.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS add-on.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "configurationValues": { "type": "string", "description": "custom configuration values for addons with single JSON string. This JSON string value must match the JSON schema derived from [describe-addon-configuration](https://docs.aws.amazon.com/cli/latest/reference/eks/describe-addon-configuration.html).\n" }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n" }, "modifiedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n" }, "preserve": { "type": "boolean", "description": "Indicates if you want to preserve the created resources when deleting the EKS add-on.\n" }, "resolveConflicts": { "type": "string", "description": "Define how to resolve parameter value conflicts when migrating an existing add-on to an Amazon EKS add-on or when applying version updates to the add-on. Valid values are `NONE`, `OVERWRITE` and `PRESERVE`. Note that `PRESERVE` is only valid on addon update, not for initial addon creation. If you need to set this to `PRESERVE`, use the `resolve_conflicts_on_create` and `resolve_conflicts_on_update` attributes instead. For more details check [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n", "deprecationMessage": "The \"resolve_conflicts\" attribute can't be set to \"PRESERVE\" on initial resource creation. Use \"resolve_conflicts_on_create\" and/or \"resolve_conflicts_on_update\" instead" }, "resolveConflictsOnCreate": { "type": "string", "description": "How to resolve field value conflicts when migrating a self-managed add-on to an Amazon EKS add-on. Valid values are `NONE` and `OVERWRITE`. For more details see the [CreateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html) API Docs.\n" }, "resolveConflictsOnUpdate": { "type": "string", "description": "How to resolve field value conflicts for an Amazon EKS add-on if you've changed a value from the Amazon EKS default value. Valid values are `NONE`, `OVERWRITE`, and `PRESERVE`. For more details see the [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) API Docs.\n" }, "serviceAccountRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an\nexisting IAM role to bind to the add-on's service account. The role must be\nassigned the IAM permissions required by the add-on. If you don't specify\nan existing IAM role, then the add-on uses the permissions assigned to the node\nIAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)\nin the Amazon EKS User Guide.\n\n\u003e **Note:** To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC)\nprovider created for your cluster. For more information, [see Enabling IAM roles\nfor service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html)\nin the Amazon EKS User Guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(Optional) Key-value map of resource tags, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:eks/cluster:Cluster": { "description": "Manages an EKS Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = new aws.eks.Cluster(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n vpcConfig: {\n subnetIds: [\n example1.id,\n example2.id,\n ],\n },\n }, {\n dependsOn: [\n example_AmazonEKSClusterPolicy,\n example_AmazonEKSVPCResourceController,\n ],\n });\n return {\n endpoint: example.endpoint,\n \"kubeconfig-certificate-authority-data\": example.certificateAuthority.apply(certificateAuthority =\u003e certificateAuthority.data),\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.Cluster(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_config={\n \"subnet_ids\": [\n example1[\"id\"],\n example2[\"id\"],\n ],\n },\n opts = pulumi.ResourceOptions(depends_on=[\n example__amazon_eks_cluster_policy,\n example__amazon_eksvpc_resource_controller,\n ]))\npulumi.export(\"endpoint\", example.endpoint)\npulumi.export(\"kubeconfig-certificate-authority-data\", example.certificate_authority.data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n SubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example_AmazonEKSClusterPolicy,\n example_AmazonEKSVPCResourceController,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"endpoint\"] = example.Endpoint,\n [\"kubeconfig-certificate-authority-data\"] = example.CertificateAuthority.Apply(certificateAuthority =\u003e certificateAuthority.Data),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texample1.Id,\n\t\t\t\t\texample2.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample_AmazonEKSClusterPolicy,\n\t\t\texample_AmazonEKSVPCResourceController,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"endpoint\", example.Endpoint)\n\t\tctx.Export(\"kubeconfig-certificate-authority-data\", example.CertificateAuthority.ApplyT(func(certificateAuthority eks.ClusterCertificateAuthority) (*string, error) {\n\t\t\treturn \u0026certificateAuthority.Data, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .subnetIds( \n example1.id(),\n example2.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example_AmazonEKSClusterPolicy,\n example_AmazonEKSVPCResourceController)\n .build());\n\n ctx.export(\"endpoint\", example.endpoint());\n ctx.export(\"kubeconfig-certificate-authority-data\", example.certificateAuthority().applyValue(certificateAuthority -\u003e certificateAuthority.data()));\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n vpcConfig:\n subnetIds:\n - ${example1.id}\n - ${example2.id}\n options:\n dependson:\n - ${[\"example-AmazonEKSClusterPolicy\"]}\n - ${[\"example-AmazonEKSVPCResourceController\"]}\noutputs:\n endpoint: ${example.endpoint}\n kubeconfig-certificate-authority-data: ${example.certificateAuthority.data}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"eks.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-cluster-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example_AmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role: example.name,\n});\n// Optionally, enable Security Groups for Pods\n// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nconst example_AmazonEKSVPCResourceController = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"eks.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample = aws.iam.Role(\"example\",\n name=\"eks-cluster-example\",\n assume_role_policy=assume_role.json)\nexample__amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role=example.name)\n# Optionally, enable Security Groups for Pods\n# Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nexample__amazon_eksvpc_resource_controller = aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"eks.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-cluster-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example_AmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n Role = example.Name,\n });\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"eks.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-cluster-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSClusterPolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Optionally, enable Security Groups for Pods\n\t\t// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSVPCResourceController\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"eks.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"eks-cluster-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example_AmazonEKSClusterPolicy = new RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\")\n .role(example.name())\n .build());\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-cluster-example\n assumeRolePolicy: ${assumeRole.json}\n example-AmazonEKSClusterPolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\n role: ${example.name}\n # Optionally, enable Security Groups for Pods\n # Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n example-AmazonEKSVPCResourceController:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\n role: ${example.name}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - eks.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling Control Plane Logging\n\n[EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) can be enabled via the `enabled_cluster_log_types` argument. To manage the CloudWatch Log Group retention period, the `aws.cloudwatch.LogGroup` resource can be used.\n\n\u003e The below configuration uses [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) to prevent ordering issues with EKS automatically creating the log group first and a variable for naming consistency. Other ordering and naming methodologies may be more appropriate for your environment.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst clusterName = config.get(\"clusterName\") || \"example\";\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/eks/${clusterName}/cluster`,\n retentionInDays: 7,\n});\nconst example = new aws.eks.Cluster(\"example\", {\n enabledClusterLogTypes: [\n \"api\",\n \"audit\",\n ],\n name: clusterName,\n}, {\n dependsOn: [exampleLogGroup],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncluster_name = config.get(\"clusterName\")\nif cluster_name is None:\n cluster_name = \"example\"\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/eks/{cluster_name}/cluster\",\n retention_in_days=7)\nexample = aws.eks.Cluster(\"example\",\n enabled_cluster_log_types=[\n \"api\",\n \"audit\",\n ],\n name=cluster_name,\n opts = pulumi.ResourceOptions(depends_on=[example_log_group]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var clusterName = config.Get(\"clusterName\") ?? \"example\";\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/eks/{clusterName}/cluster\",\n RetentionInDays = 7,\n });\n\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n EnabledClusterLogTypes = new[]\n {\n \"api\",\n \"audit\",\n },\n Name = clusterName,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleLogGroup,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tclusterName := \"example\"\n\t\tif param := cfg.Get(\"clusterName\"); param != \"\" {\n\t\t\tclusterName = param\n\t\t}\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/eks/%v/cluster\", clusterName)),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tEnabledClusterLogTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t\tpulumi.String(\"audit\"),\n\t\t\t},\n\t\t\tName: pulumi.String(clusterName),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleLogGroup,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var clusterName = config.get(\"clusterName\").orElse(\"example\");\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(String.format(\"/aws/eks/%s/cluster\", clusterName))\n .retentionInDays(7)\n .build());\n\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .enabledClusterLogTypes( \n \"api\",\n \"audit\")\n .name(clusterName)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleLogGroup)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n clusterName:\n type: string\n default: example\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n enabledClusterLogTypes:\n - api\n - audit\n name: ${clusterName}\n options:\n dependson:\n - ${exampleLogGroup}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: /aws/eks/${clusterName}/cluster\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling IAM Roles for Service Accounts\n\nFor more information about this feature, see the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\nconst exampleCluster = new aws.eks.Cluster(\"example\", {});\nconst example = exampleCluster.identities.apply(identities =\u003e tls.getCertificateOutput({\n url: identities[0].oidcs?.[0]?.issuer,\n}));\nconst exampleOpenIdConnectProvider = new aws.iam.OpenIdConnectProvider(\"example\", {\n clientIdLists: [\"sts.amazonaws.com\"],\n thumbprintLists: [example.apply(example =\u003e example.certificates?.[0]?.sha1Fingerprint)],\n url: example.apply(example =\u003e example.url),\n});\nconst exampleAssumeRolePolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRoleWithWebIdentity\"],\n effect: \"Allow\",\n conditions: [{\n test: \"StringEquals\",\n variable: std.replaceOutput({\n text: exampleOpenIdConnectProvider.url,\n search: \"https://\",\n replace: \"\",\n }).apply(invoke =\u003e `${invoke.result}:sub`),\n values: [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n principals: [{\n identifiers: [exampleOpenIdConnectProvider.arn],\n type: \"Federated\",\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.apply(exampleAssumeRolePolicy =\u003e exampleAssumeRolePolicy.json),\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\nimport pulumi_tls as tls\n\nexample_cluster = aws.eks.Cluster(\"example\")\nexample = example_cluster.identities.apply(lambda identities: tls.get_certificate_output(url=identities[0].oidcs[0].issuer))\nexample_open_id_connect_provider = aws.iam.OpenIdConnectProvider(\"example\",\n client_id_lists=[\"sts.amazonaws.com\"],\n thumbprint_lists=[example.certificates[0].sha1_fingerprint],\n url=example.url)\nexample_assume_role_policy = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"sts:AssumeRoleWithWebIdentity\"],\n \"effect\": \"Allow\",\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": std.replace_output(text=example_open_id_connect_provider.url,\n search=\"https://\",\n replace=\"\").apply(lambda invoke: f\"{invoke.result}:sub\"),\n \"values\": [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n \"principals\": [{\n \"identifiers\": [example_open_id_connect_provider.arn],\n \"type\": \"Federated\",\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy.json,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Eks.Cluster(\"example\");\n\n var example = Tls.GetCertificate.Invoke(new()\n {\n Url = exampleCluster.Identities[0].Oidcs[0]?.Issuer,\n });\n\n var exampleOpenIdConnectProvider = new Aws.Iam.OpenIdConnectProvider(\"example\", new()\n {\n ClientIdLists = new[]\n {\n \"sts.amazonaws.com\",\n },\n ThumbprintLists = new[]\n {\n example.Apply(getCertificateResult =\u003e getCertificateResult.Certificates[0]?.Sha1Fingerprint),\n },\n Url = example.Apply(getCertificateResult =\u003e getCertificateResult.Url),\n });\n\n var exampleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRoleWithWebIdentity\",\n },\n Effect = \"Allow\",\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = $\"{Std.Replace.Invoke(new()\n {\n Text = exampleOpenIdConnectProvider.Url,\n Search = \"https://\",\n Replace = \"\",\n }).Result}:sub\",\n Values = new[]\n {\n \"system:serviceaccount:kube-system:aws-node\",\n },\n },\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n exampleOpenIdConnectProvider.Arn,\n },\n Type = \"Federated\",\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := eks.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := exampleCluster.Identities.ApplyT(func(identities []eks.ClusterIdentity) (tls.GetCertificateResult, error) {\n\t\t\treturn tls.GetCertificateResult(interface{}(tls.GetCertificateOutput(ctx, tls.GetCertificateOutputArgs{\n\t\t\t\tUrl: identities[0].Oidcs[0].Issuer,\n\t\t\t}, nil))), nil\n\t\t}).(tls.GetCertificateResultOutput)\n\t\texampleOpenIdConnectProvider, err := iam.NewOpenIdConnectProvider(ctx, \"example\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sts.amazonaws.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(example.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\t\treturn \u0026example.Certificates[0].Sha1Fingerprint, nil\n\t\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\t},\n\t\t\tUrl: pulumi.String(example.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\treturn \u0026example.Url, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAssumeRolePolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRoleWithWebIdentity\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\t\t\t\tText: exampleOpenIdConnectProvider.Url,\n\t\t\t\t\t\t\t\tSearch: pulumi.String(\"https://\"),\n\t\t\t\t\t\t\t\tReplace: pulumi.String(\"\"),\n\t\t\t\t\t\t\t}, nil).ApplyT(func(invoke std.ReplaceResult) (string, error) {\n\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:sub\", invoke.Result), nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"system:serviceaccount:kube-system:aws-node\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleOpenIdConnectProvider.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Federated\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(exampleAssumeRolePolicy.ApplyT(func(exampleAssumeRolePolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026exampleAssumeRolePolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.tls.TlsFunctions;\nimport com.pulumi.tls.inputs.GetCertificateArgs;\nimport com.pulumi.aws.iam.OpenIdConnectProvider;\nimport com.pulumi.aws.iam.OpenIdConnectProviderArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\");\n\n final var example = TlsFunctions.getCertificate(GetCertificateArgs.builder()\n .url(exampleCluster.identities().applyValue(identities -\u003e identities[0].oidcs()[0].issuer()))\n .build());\n\n var exampleOpenIdConnectProvider = new OpenIdConnectProvider(\"exampleOpenIdConnectProvider\", OpenIdConnectProviderArgs.builder()\n .clientIdLists(\"sts.amazonaws.com\")\n .thumbprintLists(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.certificates()[0].sha1Fingerprint())))\n .url(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.url())))\n .build());\n\n final var exampleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRoleWithWebIdentity\")\n .effect(\"Allow\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(StdFunctions.replace().applyValue(invoke -\u003e String.format(\"%s:sub\", invoke.result())))\n .values(\"system:serviceaccount:kube-system:aws-node\")\n .build())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(exampleOpenIdConnectProvider.arn())\n .type(\"Federated\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .assumeRolePolicy(exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(exampleAssumeRolePolicy -\u003e exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n exampleOpenIdConnectProvider:\n type: aws:iam:OpenIdConnectProvider\n name: example\n properties:\n clientIdLists:\n - sts.amazonaws.com\n thumbprintLists:\n - ${example.certificates[0].sha1Fingerprint}\n url: ${example.url}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\nvariables:\n example:\n fn::invoke:\n Function: tls:getCertificate\n Arguments:\n url: ${exampleCluster.identities[0].oidcs[0].issuer}\n exampleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRoleWithWebIdentity\n effect: Allow\n conditions:\n - test: StringEquals\n variable:\n fn::join:\n -\n - - fn::invoke:\n Function: std:replace\n Arguments:\n text: ${exampleOpenIdConnectProvider.url}\n search: https://\n replace:\n Return: result\n - :sub\n values:\n - system:serviceaccount:kube-system:aws-node\n principals:\n - identifiers:\n - ${exampleOpenIdConnectProvider.arn}\n type: Federated\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster on AWS Outpost\n\n[Creating a local Amazon EKS cluster on an AWS Outpost](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster-outpost.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n outpostConfig: {\n controlPlaneInstanceType: \"m5d.large\",\n outpostArns: [exampleAwsOutpostsOutpost.arn],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config={\n \"endpoint_private_access\": True,\n \"endpoint_public_access\": False,\n },\n outpost_config={\n \"control_plane_instance_type\": \"m5d.large\",\n \"outpost_arns\": [example_aws_outposts_outpost[\"arn\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n OutpostConfig = new Aws.Eks.Inputs.ClusterOutpostConfigArgs\n {\n ControlPlaneInstanceType = \"m5d.large\",\n OutpostArns = new[]\n {\n exampleAwsOutpostsOutpost.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tOutpostConfig: \u0026eks.ClusterOutpostConfigArgs{\n\t\t\t\tControlPlaneInstanceType: pulumi.String(\"m5d.large\"),\n\t\t\t\tOutpostArns: pulumi.StringArray{\n\t\t\t\t\texampleAwsOutpostsOutpost.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterOutpostConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .outpostConfig(ClusterOutpostConfigArgs.builder()\n .controlPlaneInstanceType(\"m5d.large\")\n .outpostArns(exampleAwsOutpostsOutpost.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n outpostConfig:\n controlPlaneInstanceType: m5d.large\n outpostArns:\n - ${exampleAwsOutpostsOutpost.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster with Access Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n accessConfig: {\n authenticationMode: \"CONFIG_MAP\",\n bootstrapClusterCreatorAdminPermissions: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config={\n \"endpoint_private_access\": True,\n \"endpoint_public_access\": False,\n },\n access_config={\n \"authentication_mode\": \"CONFIG_MAP\",\n \"bootstrap_cluster_creator_admin_permissions\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs\n {\n AuthenticationMode = \"CONFIG_MAP\",\n BootstrapClusterCreatorAdminPermissions = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tAccessConfig: \u0026eks.ClusterAccessConfigArgs{\n\t\t\t\tAuthenticationMode: pulumi.String(\"CONFIG_MAP\"),\n\t\t\t\tBootstrapClusterCreatorAdminPermissions: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .accessConfig(ClusterAccessConfigArgs.builder()\n .authenticationMode(\"CONFIG_MAP\")\n .bootstrapClusterCreatorAdminPermissions(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n accessConfig:\n authenticationMode: CONFIG_MAP\n bootstrapClusterCreatorAdminPermissions: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAfter adding inline IAM Policies (e.g., `aws.iam.RolePolicy` resource) or attaching IAM Policies (e.g., `aws.iam.Policy` resource and `aws.iam.RolePolicyAttachment` resource) with the desired permissions to the IAM Role, annotate the Kubernetes service account (e.g., `kubernetes_service_account` resource) and recreate any pods.\n\n## Import\n\nUsing `pulumi import`, import EKS Clusters using the `name`. For example:\n\n```sh\n$ pulumi import aws:eks/cluster:Cluster my_cluster my_cluster\n```\n", "properties": { "accessConfig": { "$ref": "#/types/aws:eks/ClusterAccessConfig:ClusterAccessConfig", "description": "Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html).\n" }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "bootstrapSelfManagedAddons": { "type": "boolean", "description": "Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.\n" }, "certificateAuthorities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority" } }, "certificateAuthority": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority", "description": "Attribute block containing `certificate-authority-data` for your cluster. Detailed below.\n" }, "clusterId": { "type": "string", "description": "The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.\n" }, "createdAt": { "type": "string", "description": "Unix epoch timestamp in seconds for when the cluster was created.\n" }, "defaultAddonsToRemoves": { "type": "array", "items": { "type": "string" } }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "endpoint": { "type": "string", "description": "Endpoint for your Kubernetes API server.\n" }, "identities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentity:ClusterIdentity" }, "description": "Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.\n" }, "kubernetesNetworkConfig": { "$ref": "#/types/aws:eks/ClusterKubernetesNetworkConfig:ClusterKubernetesNetworkConfig", "description": "Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.\n" }, "name": { "type": "string", "description": "Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\\-_]*$`).\n" }, "outpostConfig": { "$ref": "#/types/aws:eks/ClusterOutpostConfig:ClusterOutpostConfig", "description": "Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.\n" }, "platformVersion": { "type": "string", "description": "Platform version for the cluster.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `depends_on` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n" }, "status": { "type": "string", "description": "Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.\n\nThe following arguments are optional:\n" } }, "required": [ "accessConfig", "arn", "certificateAuthorities", "certificateAuthority", "clusterId", "createdAt", "endpoint", "identities", "kubernetesNetworkConfig", "name", "platformVersion", "roleArn", "status", "tagsAll", "version", "vpcConfig" ], "inputProperties": { "accessConfig": { "$ref": "#/types/aws:eks/ClusterAccessConfig:ClusterAccessConfig", "description": "Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html).\n" }, "bootstrapSelfManagedAddons": { "type": "boolean", "description": "Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.\n", "willReplaceOnChanges": true }, "defaultAddonsToRemoves": { "type": "array", "items": { "type": "string" } }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "kubernetesNetworkConfig": { "$ref": "#/types/aws:eks/ClusterKubernetesNetworkConfig:ClusterKubernetesNetworkConfig", "description": "Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.\n" }, "name": { "type": "string", "description": "Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\\-_]*$`).\n", "willReplaceOnChanges": true }, "outpostConfig": { "$ref": "#/types/aws:eks/ClusterOutpostConfig:ClusterOutpostConfig", "description": "Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `depends_on` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "roleArn", "vpcConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "accessConfig": { "$ref": "#/types/aws:eks/ClusterAccessConfig:ClusterAccessConfig", "description": "Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html).\n" }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "bootstrapSelfManagedAddons": { "type": "boolean", "description": "Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.\n", "willReplaceOnChanges": true }, "certificateAuthorities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority" } }, "certificateAuthority": { "$ref": "#/types/aws:eks/ClusterCertificateAuthority:ClusterCertificateAuthority", "description": "Attribute block containing `certificate-authority-data` for your cluster. Detailed below.\n" }, "clusterId": { "type": "string", "description": "The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.\n" }, "createdAt": { "type": "string", "description": "Unix epoch timestamp in seconds for when the cluster was created.\n" }, "defaultAddonsToRemoves": { "type": "array", "items": { "type": "string" } }, "enabledClusterLogTypes": { "type": "array", "items": { "type": "string" }, "description": "List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).\n" }, "encryptionConfig": { "$ref": "#/types/aws:eks/ClusterEncryptionConfig:ClusterEncryptionConfig", "description": "Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.\n" }, "endpoint": { "type": "string", "description": "Endpoint for your Kubernetes API server.\n" }, "identities": { "type": "array", "items": { "$ref": "#/types/aws:eks/ClusterIdentity:ClusterIdentity" }, "description": "Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.\n" }, "kubernetesNetworkConfig": { "$ref": "#/types/aws:eks/ClusterKubernetesNetworkConfig:ClusterKubernetesNetworkConfig", "description": "Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.\n" }, "name": { "type": "string", "description": "Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\\-_]*$`).\n", "willReplaceOnChanges": true }, "outpostConfig": { "$ref": "#/types/aws:eks/ClusterOutpostConfig:ClusterOutpostConfig", "description": "Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.\n" }, "platformVersion": { "type": "string", "description": "Platform version for the cluster.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `depends_on` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.\n" }, "vpcConfig": { "$ref": "#/types/aws:eks/ClusterVpcConfig:ClusterVpcConfig", "description": "Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:eks/fargateProfile:FargateProfile": { "description": "Manages an EKS Fargate Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.FargateProfile(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n fargateProfileName: \"example\",\n podExecutionRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n selectors: [{\n namespace: \"example\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.FargateProfile(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n fargate_profile_name=\"example\",\n pod_execution_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n selectors=[{\n \"namespace\": \"example\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.FargateProfile(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n FargateProfileName = \"example\",\n PodExecutionRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n Selectors = new[]\n {\n new Aws.Eks.Inputs.FargateProfileSelectorArgs\n {\n Namespace = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewFargateProfile(ctx, \"example\", \u0026eks.FargateProfileArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nFargateProfileName: pulumi.String(\"example\"),\nPodExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nSelectors: eks.FargateProfileSelectorArray{\n\u0026eks.FargateProfileSelectorArgs{\nNamespace: pulumi.String(\"example\"),\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.FargateProfile;\nimport com.pulumi.aws.eks.FargateProfileArgs;\nimport com.pulumi.aws.eks.inputs.FargateProfileSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FargateProfile(\"example\", FargateProfileArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .fargateProfileName(\"example\")\n .podExecutionRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .selectors(FargateProfileSelectorArgs.builder()\n .namespace(\"example\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Fargate Profile\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-fargate-profile-example\",\n assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSFargatePodExecutionRolePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-fargate-profile-example\",\n assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\nexample__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-fargate-profile-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"eks-fargate-pods.amazonaws.com\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"eks-fargate-pods.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-fargate-profile-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSFargatePodExecutionRolePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"eks-fargate-profile-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"eks-fargate-pods.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-fargate-profile-example\n assumeRolePolicy:\n fn::toJSON:\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: eks-fargate-pods.amazonaws.com\n Version: 2012-10-17\n example-AmazonEKSFargatePodExecutionRolePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Fargate Profiles using the `cluster_name` and `fargate_profile_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/fargateProfile:FargateProfile my_fargate_profile my_cluster:my_fargate_profile\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Fargate Profile.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n" }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n" }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Fargate Profile.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterName", "fargateProfileName", "podExecutionRoleArn", "selectors", "status", "tagsAll" ], "inputProperties": { "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n", "willReplaceOnChanges": true }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n", "willReplaceOnChanges": true }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterName", "podExecutionRoleArn", "selectors" ], "stateInputs": { "description": "Input properties used for looking up and filtering FargateProfile resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Fargate Profile.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "fargateProfileName": { "type": "string", "description": "Name of the EKS Fargate Profile.\n", "willReplaceOnChanges": true }, "podExecutionRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Fargate Profile.\n", "willReplaceOnChanges": true }, "selectors": { "type": "array", "items": { "$ref": "#/types/aws:eks/FargateProfileSelector:FargateProfileSelector" }, "description": "Configuration block(s) for selecting Kubernetes Pods to execute with this EKS Fargate Profile. Detailed below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the EKS Fargate Profile.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of private EC2 Subnets to associate with the EKS Fargate Profile. These subnets must have the following resource tag: `kubernetes.io/cluster/CLUSTER_NAME` (where `CLUSTER_NAME` is replaced with the name of the EKS Cluster).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:eks/identityProviderConfig:IdentityProviderConfig": { "description": "Manages an EKS Identity Provider Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.IdentityProviderConfig(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n oidc: {\n clientId: \"your client_id\",\n identityProviderConfigName: \"example\",\n issuerUrl: \"your issuer_url\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.IdentityProviderConfig(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n oidc={\n \"client_id\": \"your client_id\",\n \"identity_provider_config_name\": \"example\",\n \"issuer_url\": \"your issuer_url\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.IdentityProviderConfig(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n Oidc = new Aws.Eks.Inputs.IdentityProviderConfigOidcArgs\n {\n ClientId = \"your client_id\",\n IdentityProviderConfigName = \"example\",\n IssuerUrl = \"your issuer_url\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewIdentityProviderConfig(ctx, \"example\", \u0026eks.IdentityProviderConfigArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tOidc: \u0026eks.IdentityProviderConfigOidcArgs{\n\t\t\t\tClientId: pulumi.String(\"your client_id\"),\n\t\t\t\tIdentityProviderConfigName: pulumi.String(\"example\"),\n\t\t\t\tIssuerUrl: pulumi.String(\"your issuer_url\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.IdentityProviderConfig;\nimport com.pulumi.aws.eks.IdentityProviderConfigArgs;\nimport com.pulumi.aws.eks.inputs.IdentityProviderConfigOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IdentityProviderConfig(\"example\", IdentityProviderConfigArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .oidc(IdentityProviderConfigOidcArgs.builder()\n .clientId(\"your client_id\")\n .identityProviderConfigName(\"example\")\n .issuerUrl(\"your issuer_url\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:IdentityProviderConfig\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n oidc:\n clientId: your client_id\n identityProviderConfigName: example\n issuerUrl: your issuer_url\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Identity Provider Configurations using the `cluster_name` and `identity_provider_config_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/identityProviderConfig:IdentityProviderConfig my_identity_provider_config my_cluster:my_identity_provider_config\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Identity Provider Configuration.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "oidc": { "$ref": "#/types/aws:eks/IdentityProviderConfigOidc:IdentityProviderConfigOidc", "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the EKS Identity Provider Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterName", "oidc", "status", "tagsAll" ], "inputProperties": { "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "oidc": { "$ref": "#/types/aws:eks/IdentityProviderConfigOidc:IdentityProviderConfigOidc", "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterName", "oidc" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityProviderConfig resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Identity Provider Configuration.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "oidc": { "$ref": "#/types/aws:eks/IdentityProviderConfigOidc:IdentityProviderConfigOidc", "description": "Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. Detailed below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the EKS Identity Provider Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:eks/nodeGroup:NodeGroup": { "description": "Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n nodeGroupName: \"example\",\n nodeRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n scalingConfig: {\n desiredSize: 1,\n maxSize: 2,\n minSize: 1,\n },\n updateConfig: {\n maxUnavailable: 1,\n },\n}, {\n dependsOn: [\n example_AmazonEKSWorkerNodePolicy,\n example_AmazonEKSCNIPolicy,\n example_AmazonEC2ContainerRegistryReadOnly,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n node_group_name=\"example\",\n node_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n scaling_config={\n \"desired_size\": 1,\n \"max_size\": 2,\n \"min_size\": 1,\n },\n update_config={\n \"max_unavailable\": 1,\n },\n opts = pulumi.ResourceOptions(depends_on=[\n example__amazon_eks_worker_node_policy,\n example__amazon_ekscni_policy,\n example__amazon_ec2_container_registry_read_only,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n NodeGroupName = \"example\",\n NodeRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 1,\n MaxSize = 2,\n MinSize = 1,\n },\n UpdateConfig = new Aws.Eks.Inputs.NodeGroupUpdateConfigArgs\n {\n MaxUnavailable = 1,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example_AmazonEKSWorkerNodePolicy,\n example_AmazonEKSCNIPolicy,\n example_AmazonEC2ContainerRegistryReadOnly,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nNodeGroupName: pulumi.String(\"example\"),\nNodeRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\nDesiredSize: pulumi.Int(1),\nMaxSize: pulumi.Int(2),\nMinSize: pulumi.Int(1),\n},\nUpdateConfig: \u0026eks.NodeGroupUpdateConfigArgs{\nMaxUnavailable: pulumi.Int(1),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexample_AmazonEKSWorkerNodePolicy,\nexample_AmazonEKSCNIPolicy,\nexample_AmazonEC2ContainerRegistryReadOnly,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupUpdateConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .nodeGroupName(\"example\")\n .nodeRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(1)\n .maxSize(2)\n .minSize(1)\n .build())\n .updateConfig(NodeGroupUpdateConfigArgs.builder()\n .maxUnavailable(1)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example_AmazonEKSWorkerNodePolicy,\n example_AmazonEKSCNIPolicy,\n example_AmazonEC2ContainerRegistryReadOnly)\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Size\n\nYou can utilize [ignoreChanges](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) create an EKS Node Group with an initial size of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {scalingConfig: {\n desiredSize: 2,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\", scaling_config={\n \"desired_size\": 2,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\n\t\t\tScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\n\t\t\t\tDesiredSize: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder()\n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(2)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:NodeGroup\n properties:\n scalingConfig:\n desiredSize: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-node-group-example\",\n assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role: example.name,\n});\nconst example_AmazonEKSCNIPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role: example.name,\n});\nconst example_AmazonEC2ContainerRegistryReadOnly = new aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-node-group-example\",\n assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\nexample__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role=example.name)\nexample__amazon_ekscni_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role=example.name)\nexample__amazon_ec2_container_registry_read_only = aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-node-group-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSWorkerNodePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n Role = example.Name,\n });\n\n var example_AmazonEKSCNIPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n Role = example.Name,\n });\n\n var example_AmazonEC2ContainerRegistryReadOnly = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-node-group-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSWorkerNodePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKS_CNI_Policy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEC2ContainerRegistryReadOnly\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"eks-node-group-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSWorkerNodePolicy = new RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\")\n .role(example.name())\n .build());\n\n var example_AmazonEKSCNIPolicy = new RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\")\n .role(example.name())\n .build());\n\n var example_AmazonEC2ContainerRegistryReadOnly = new RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-node-group-example\n assumeRolePolicy:\n fn::toJSON:\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: ec2.amazonaws.com\n Version: 2012-10-17\n example-AmazonEKSWorkerNodePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\n role: ${example.name}\n example-AmazonEKSCNIPolicy:\n type: aws:iam:RolePolicyAttachment\n name: example-AmazonEKS_CNI_Policy\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\n role: ${example.name}\n example-AmazonEC2ContainerRegistryReadOnly:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Subnets for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst example: aws.ec2.Subnet[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n example.push(new aws.ec2.Subnet(`example-${range.value}`, {\n availabilityZone: available.then(available =\u003e available.names[range.value]),\n cidrBlock: std.cidrsubnet({\n input: exampleAwsVpc.cidrBlock,\n newbits: 8,\n netnum: range.value,\n }).then(invoke =\u003e invoke.result),\n vpcId: exampleAwsVpc.id,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\navailable = aws.get_availability_zones(state=\"available\")\nexample = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example.append(aws.ec2.Subnet(f\"example-{range['value']}\",\n availability_zone=available.names[range[\"value\"]],\n cidr_block=std.cidrsubnet(input=example_aws_vpc[\"cidrBlock\"],\n newbits=8,\n netnum=range[\"value\"]).result,\n vpc_id=example_aws_vpc[\"id\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var example = new List\u003cAws.Ec2.Subnet\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Subnet($\"example-{range.Value}\", new()\n {\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names)[range.Value],\n CidrBlock = Std.Cidrsubnet.Invoke(new()\n {\n Input = exampleAwsVpc.CidrBlock,\n Newbits = 8,\n Netnum = range.Value,\n }).Apply(invoke =\u003e invoke.Result),\n VpcId = exampleAwsVpc.Id,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeCidrsubnet, err := std.Cidrsubnet(ctx, \u0026std.CidrsubnetArgs{\n\t\t\tInput: exampleAwsVpc.CidrBlock,\n\t\t\tNewbits: 8,\n\t\t\tNetnum: val0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar example []*ec2.Subnet\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := ec2.NewSubnet(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026ec2.SubnetArgs{\n\t\t\t\tAvailabilityZone: pulumi.String(available.Names[val0]),\n\t\t\t\tCidrBlock: pulumi.String(invokeCidrsubnet.Result),\n\t\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\texample = append(example, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new Subnet(\"example-\" + i, SubnetArgs.builder()\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names())[range.value()])\n .cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()\n .input(exampleAwsVpc.cidrBlock())\n .newbits(8)\n .netnum(range.value())\n .build()).result())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Node Groups using the `cluster_name` and `node_group_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/nodeGroup:NodeGroup my_node_group my_cluster:my_node_group\n```\n", "properties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. See the [AWS documentation](https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType) for valid values. This provider will only perform drift detection if a configuration value is provided.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Node Group.\n" }, "capacityType": { "type": "string", "description": "Type of capacity associated with the EKS Node Group. Valid values: `ON_DEMAND`, `SPOT`. This provider will only perform drift detection if a configuration value is provided.\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `50` for Windows, `20` all other node groups. The provider will only perform drift detection if a configuration value is provided.\n" }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. The provider will only perform drift detection if a configuration value is provided.\n" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "launchTemplate": { "$ref": "#/types/aws:eks/NodeGroupLaunchTemplate:NodeGroupLaunchTemplate", "description": "Configuration block with Launch Template settings. See `launch_template` below for details. Conflicts with `remote_access`.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group. If omitted, the provider will assign a random, unique name. Conflicts with `node_group_name_prefix`. The node group name can't be longer than 63 characters. It must start with a letter or digit, but can also include hyphens and underscores for the remaining characters.\n" }, "nodeGroupNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `node_group_name`.\n" }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n" }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. See `remote_access` below for details. Conflicts with `launch_template`.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResource:NodeGroupResource" }, "description": "List of objects containing information about underlying resources.\n" }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. See `scaling_config` below for details.\n" }, "status": { "type": "string", "description": "Status of the EKS Node Group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taints": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupTaint:NodeGroupTaint" }, "description": "The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group. See taint below for details.\n" }, "updateConfig": { "$ref": "#/types/aws:eks/NodeGroupUpdateConfig:NodeGroupUpdateConfig", "description": "Configuration block with update settings. See `update_config` below for details.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. The provider will only perform drift detection if a configuration value is provided.\n" } }, "required": [ "amiType", "arn", "capacityType", "clusterName", "diskSize", "instanceTypes", "nodeGroupName", "nodeGroupNamePrefix", "nodeRoleArn", "releaseVersion", "resources", "scalingConfig", "status", "subnetIds", "tagsAll", "updateConfig", "version" ], "inputProperties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. See the [AWS documentation](https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType) for valid values. This provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "capacityType": { "type": "string", "description": "Type of capacity associated with the EKS Node Group. Valid values: `ON_DEMAND`, `SPOT`. This provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `50` for Windows, `20` all other node groups. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "launchTemplate": { "$ref": "#/types/aws:eks/NodeGroupLaunchTemplate:NodeGroupLaunchTemplate", "description": "Configuration block with Launch Template settings. See `launch_template` below for details. Conflicts with `remote_access`.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group. If omitted, the provider will assign a random, unique name. Conflicts with `node_group_name_prefix`. The node group name can't be longer than 63 characters. It must start with a letter or digit, but can also include hyphens and underscores for the remaining characters.\n", "willReplaceOnChanges": true }, "nodeGroupNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `node_group_name`.\n", "willReplaceOnChanges": true }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n", "willReplaceOnChanges": true }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. See `remote_access` below for details. Conflicts with `launch_template`.\n", "willReplaceOnChanges": true }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. See `scaling_config` below for details.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taints": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupTaint:NodeGroupTaint" }, "description": "The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group. See taint below for details.\n" }, "updateConfig": { "$ref": "#/types/aws:eks/NodeGroupUpdateConfig:NodeGroupUpdateConfig", "description": "Configuration block with update settings. See `update_config` below for details.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. The provider will only perform drift detection if a configuration value is provided.\n" } }, "requiredInputs": [ "clusterName", "nodeRoleArn", "scalingConfig", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering NodeGroup resources.\n", "properties": { "amiType": { "type": "string", "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group. See the [AWS documentation](https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType) for valid values. This provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the EKS Node Group.\n" }, "capacityType": { "type": "string", "description": "Type of capacity associated with the EKS Node Group. Valid values: `ON_DEMAND`, `SPOT`. This provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n", "willReplaceOnChanges": true }, "diskSize": { "type": "integer", "description": "Disk size in GiB for worker nodes. Defaults to `50` for Windows, `20` all other node groups. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "forceUpdateVersion": { "type": "boolean", "description": "Force version update if existing pods are unable to be drained due to a pod disruption budget issue.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "List of instance types associated with the EKS Node Group. Defaults to `[\"t3.medium\"]`. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n" }, "launchTemplate": { "$ref": "#/types/aws:eks/NodeGroupLaunchTemplate:NodeGroupLaunchTemplate", "description": "Configuration block with Launch Template settings. See `launch_template` below for details. Conflicts with `remote_access`.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the EKS Node Group. If omitted, the provider will assign a random, unique name. Conflicts with `node_group_name_prefix`. The node group name can't be longer than 63 characters. It must start with a letter or digit, but can also include hyphens and underscores for the remaining characters.\n", "willReplaceOnChanges": true }, "nodeGroupNamePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `node_group_name`.\n", "willReplaceOnChanges": true }, "nodeRoleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.\n", "willReplaceOnChanges": true }, "releaseVersion": { "type": "string", "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.\n" }, "remoteAccess": { "$ref": "#/types/aws:eks/NodeGroupRemoteAccess:NodeGroupRemoteAccess", "description": "Configuration block with remote access settings. See `remote_access` below for details. Conflicts with `launch_template`.\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupResource:NodeGroupResource" }, "description": "List of objects containing information about underlying resources.\n" }, "scalingConfig": { "$ref": "#/types/aws:eks/NodeGroupScalingConfig:NodeGroupScalingConfig", "description": "Configuration block with scaling settings. See `scaling_config` below for details.\n" }, "status": { "type": "string", "description": "Status of the EKS Node Group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "taints": { "type": "array", "items": { "$ref": "#/types/aws:eks/NodeGroupTaint:NodeGroupTaint" }, "description": "The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group. See taint below for details.\n" }, "updateConfig": { "$ref": "#/types/aws:eks/NodeGroupUpdateConfig:NodeGroupUpdateConfig", "description": "Configuration block with update settings. See `update_config` below for details.\n" }, "version": { "type": "string", "description": "Kubernetes version. Defaults to EKS Cluster Kubernetes version. The provider will only perform drift detection if a configuration value is provided.\n" } }, "type": "object" } }, "aws:eks/podIdentityAssociation:PodIdentityAssociation": { "description": "Resource for managing an AWS EKS (Elastic Kubernetes) Pod Identity Association.\n\nCreates an EKS Pod Identity association between a service account in an Amazon EKS cluster and an IAM role with EKS Pod Identity. Use EKS Pod Identity to give temporary IAM credentials to pods and the credentials are rotated automatically.\n\nAmazon EKS Pod Identity associations provide the ability to manage credentials for your applications, similar to the way that EC2 instance profiles provide credentials to Amazon EC2 instances.\n\nIf a pod uses a service account that has an association, Amazon EKS sets environment variables in the containers of the pod. The environment variables configure the Amazon Web Services SDKs, including the Command Line Interface, to use the EKS Pod Identity credentials.\n\nPod Identity is a simpler method than IAM roles for service accounts, as this method doesn’t use OIDC identity providers. Additionally, you can configure a role for Pod Identity once, and reuse it across clusters.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"pods.eks.amazonaws.com\"],\n }],\n actions: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-pod-identity-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleS3 = new aws.iam.RolePolicyAttachment(\"example_s3\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\",\n role: example.name,\n});\nconst examplePodIdentityAssociation = new aws.eks.PodIdentityAssociation(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n namespace: \"example\",\n serviceAccount: \"example-sa\",\n roleArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"pods.eks.amazonaws.com\"],\n }],\n \"actions\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n ],\n}])\nexample = aws.iam.Role(\"example\",\n name=\"eks-pod-identity-example\",\n assume_role_policy=assume_role.json)\nexample_s3 = aws.iam.RolePolicyAttachment(\"example_s3\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\",\n role=example.name)\nexample_pod_identity_association = aws.eks.PodIdentityAssociation(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n namespace=\"example\",\n service_account=\"example-sa\",\n role_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"pods.eks.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-pod-identity-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleS3 = new Aws.Iam.RolePolicyAttachment(\"example_s3\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\",\n Role = example.Name,\n });\n\n var examplePodIdentityAssociation = new Aws.Eks.PodIdentityAssociation(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n Namespace = \"example\",\n ServiceAccount = \"example-sa\",\n RoleArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"pods.eks.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-pod-identity-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example_s3\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewPodIdentityAssociation(ctx, \"example\", \u0026eks.PodIdentityAssociationArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\tNamespace: pulumi.String(\"example\"),\n\t\t\tServiceAccount: pulumi.String(\"example-sa\"),\n\t\t\tRoleArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.eks.PodIdentityAssociation;\nimport com.pulumi.aws.eks.PodIdentityAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"pods.eks.amazonaws.com\")\n .build())\n .actions( \n \"sts:AssumeRole\",\n \"sts:TagSession\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"eks-pod-identity-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleS3 = new RolePolicyAttachment(\"exampleS3\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\")\n .role(example.name())\n .build());\n\n var examplePodIdentityAssociation = new PodIdentityAssociation(\"examplePodIdentityAssociation\", PodIdentityAssociationArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .namespace(\"example\")\n .serviceAccount(\"example-sa\")\n .roleArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-pod-identity-example\n assumeRolePolicy: ${assumeRole.json}\n exampleS3:\n type: aws:iam:RolePolicyAttachment\n name: example_s3\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess\n role: ${example.name}\n examplePodIdentityAssociation:\n type: aws:eks:PodIdentityAssociation\n name: example\n properties:\n clusterName: ${exampleAwsEksCluster.name}\n namespace: example\n serviceAccount: example-sa\n roleArn: ${example.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - pods.eks.amazonaws.com\n actions:\n - sts:AssumeRole\n - sts:TagSession\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS (Elastic Kubernetes) Pod Identity Association using the `cluster_name` and `association_id` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:eks/podIdentityAssociation:PodIdentityAssociation example example,a-12345678\n```\n", "properties": { "associationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the association.\n" }, "associationId": { "type": "string", "description": "The ID of the association.\n" }, "clusterName": { "type": "string", "description": "The name of the cluster to create the association in.\n" }, "namespace": { "type": "string", "description": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.\n" }, "serviceAccount": { "type": "string", "description": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "associationArn", "associationId", "clusterName", "namespace", "roleArn", "serviceAccount", "tagsAll" ], "inputProperties": { "clusterName": { "type": "string", "description": "The name of the cluster to create the association in.\n" }, "namespace": { "type": "string", "description": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.\n" }, "serviceAccount": { "type": "string", "description": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterName", "namespace", "roleArn", "serviceAccount" ], "stateInputs": { "description": "Input properties used for looking up and filtering PodIdentityAssociation resources.\n", "properties": { "associationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the association.\n" }, "associationId": { "type": "string", "description": "The ID of the association.\n" }, "clusterName": { "type": "string", "description": "The name of the cluster to create the association in.\n" }, "namespace": { "type": "string", "description": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.\n" }, "serviceAccount": { "type": "string", "description": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:elasticache/cluster:Cluster": { "description": "Provides an ElastiCache Cluster resource, which manages either a\n[Memcached cluster](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/WhatIs.html), a\n[single-node Redis instance](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html), or a\n[read replica in a Redis (Cluster Mode Enabled) replication group].\n\nFor working with Redis (Cluster Mode Enabled) replication groups, see the\n`aws.elasticache.ReplicationGroup` resource.\n\n\u003e **Note:** When you change an attribute, such as `num_cache_nodes`, by default\nit is applied in the next maintenance window. Because of this, this provider may report\na difference in its planning phase because the actual modification has not yet taken\nplace. You can use the `apply_immediately` flag to instruct the service to apply the\nchange immediately. Using `apply_immediately` can result in a brief downtime as the server reboots.\nSee the AWS Documentation on Modifying an ElastiCache Cache Cluster for\n[ElastiCache for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/Clusters.Modify.html) or\n[ElastiCache for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.Modify.html)\nfor more information.\n\n\u003e **Note:** Any attribute changes that re-create the resource will be applied immediately, regardless of the value of `apply_immediately`.\n\n## Example Usage\n\n### Memcached Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.Cluster(\"example\", {\n clusterId: \"cluster-example\",\n engine: \"memcached\",\n nodeType: \"cache.m4.large\",\n numCacheNodes: 2,\n parameterGroupName: \"default.memcached1.4\",\n port: 11211,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.Cluster(\"example\",\n cluster_id=\"cluster-example\",\n engine=\"memcached\",\n node_type=\"cache.m4.large\",\n num_cache_nodes=2,\n parameter_group_name=\"default.memcached1.4\",\n port=11211)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.Cluster(\"example\", new()\n {\n ClusterId = \"cluster-example\",\n Engine = \"memcached\",\n NodeType = \"cache.m4.large\",\n NumCacheNodes = 2,\n ParameterGroupName = \"default.memcached1.4\",\n Port = 11211,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewCluster(ctx, \"example\", \u0026elasticache.ClusterArgs{\n\t\t\tClusterId: pulumi.String(\"cluster-example\"),\n\t\t\tEngine: pulumi.String(\"memcached\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheNodes: pulumi.Int(2),\n\t\t\tParameterGroupName: pulumi.String(\"default.memcached1.4\"),\n\t\t\tPort: pulumi.Int(11211),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterId(\"cluster-example\")\n .engine(\"memcached\")\n .nodeType(\"cache.m4.large\")\n .numCacheNodes(2)\n .parameterGroupName(\"default.memcached1.4\")\n .port(11211)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:Cluster\n properties:\n clusterId: cluster-example\n engine: memcached\n nodeType: cache.m4.large\n numCacheNodes: 2\n parameterGroupName: default.memcached1.4\n port: 11211\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.Cluster(\"example\", {\n clusterId: \"cluster-example\",\n engine: \"redis\",\n nodeType: \"cache.m4.large\",\n numCacheNodes: 1,\n parameterGroupName: \"default.redis3.2\",\n engineVersion: \"3.2.10\",\n port: 6379,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.Cluster(\"example\",\n cluster_id=\"cluster-example\",\n engine=\"redis\",\n node_type=\"cache.m4.large\",\n num_cache_nodes=1,\n parameter_group_name=\"default.redis3.2\",\n engine_version=\"3.2.10\",\n port=6379)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.Cluster(\"example\", new()\n {\n ClusterId = \"cluster-example\",\n Engine = \"redis\",\n NodeType = \"cache.m4.large\",\n NumCacheNodes = 1,\n ParameterGroupName = \"default.redis3.2\",\n EngineVersion = \"3.2.10\",\n Port = 6379,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewCluster(ctx, \"example\", \u0026elasticache.ClusterArgs{\n\t\t\tClusterId: pulumi.String(\"cluster-example\"),\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheNodes: pulumi.Int(1),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2\"),\n\t\t\tEngineVersion: pulumi.String(\"3.2.10\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterId(\"cluster-example\")\n .engine(\"redis\")\n .nodeType(\"cache.m4.large\")\n .numCacheNodes(1)\n .parameterGroupName(\"default.redis3.2\")\n .engineVersion(\"3.2.10\")\n .port(6379)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:Cluster\n properties:\n clusterId: cluster-example\n engine: redis\n nodeType: cache.m4.large\n numCacheNodes: 1\n parameterGroupName: default.redis3.2\n engineVersion: 3.2.10\n port: 6379\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Cluster Mode Disabled Read Replica Instance\n\nThese inherit their settings from the replication group.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replica = new aws.elasticache.Cluster(\"replica\", {\n clusterId: \"cluster-example\",\n replicationGroupId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplica = aws.elasticache.Cluster(\"replica\",\n cluster_id=\"cluster-example\",\n replication_group_id=example[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replica = new Aws.ElastiCache.Cluster(\"replica\", new()\n {\n ClusterId = \"cluster-example\",\n ReplicationGroupId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewCluster(ctx, \"replica\", \u0026elasticache.ClusterArgs{\n\t\t\tClusterId: pulumi.String(\"cluster-example\"),\n\t\t\tReplicationGroupId: pulumi.Any(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replica = new Cluster(\"replica\", ClusterArgs.builder()\n .clusterId(\"cluster-example\")\n .replicationGroupId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replica:\n type: aws:elasticache:Cluster\n properties:\n clusterId: cluster-example\n replicationGroupId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Log Delivery configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.Cluster(\"test\", {\n clusterId: \"mycluster\",\n engine: \"redis\",\n nodeType: \"cache.t3.micro\",\n numCacheNodes: 1,\n port: 6379,\n applyImmediately: true,\n logDeliveryConfigurations: [\n {\n destination: example.name,\n destinationType: \"cloudwatch-logs\",\n logFormat: \"text\",\n logType: \"slow-log\",\n },\n {\n destination: exampleAwsKinesisFirehoseDeliveryStream.name,\n destinationType: \"kinesis-firehose\",\n logFormat: \"json\",\n logType: \"engine-log\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.Cluster(\"test\",\n cluster_id=\"mycluster\",\n engine=\"redis\",\n node_type=\"cache.t3.micro\",\n num_cache_nodes=1,\n port=6379,\n apply_immediately=True,\n log_delivery_configurations=[\n {\n \"destination\": example[\"name\"],\n \"destination_type\": \"cloudwatch-logs\",\n \"log_format\": \"text\",\n \"log_type\": \"slow-log\",\n },\n {\n \"destination\": example_aws_kinesis_firehose_delivery_stream[\"name\"],\n \"destination_type\": \"kinesis-firehose\",\n \"log_format\": \"json\",\n \"log_type\": \"engine-log\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.Cluster(\"test\", new()\n {\n ClusterId = \"mycluster\",\n Engine = \"redis\",\n NodeType = \"cache.t3.micro\",\n NumCacheNodes = 1,\n Port = 6379,\n ApplyImmediately = true,\n LogDeliveryConfigurations = new[]\n {\n new Aws.ElastiCache.Inputs.ClusterLogDeliveryConfigurationArgs\n {\n Destination = example.Name,\n DestinationType = \"cloudwatch-logs\",\n LogFormat = \"text\",\n LogType = \"slow-log\",\n },\n new Aws.ElastiCache.Inputs.ClusterLogDeliveryConfigurationArgs\n {\n Destination = exampleAwsKinesisFirehoseDeliveryStream.Name,\n DestinationType = \"kinesis-firehose\",\n LogFormat = \"json\",\n LogType = \"engine-log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewCluster(ctx, \"test\", \u0026elasticache.ClusterArgs{\n\t\t\tClusterId: pulumi.String(\"mycluster\"),\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tNodeType: pulumi.String(\"cache.t3.micro\"),\n\t\t\tNumCacheNodes: pulumi.Int(1),\n\t\t\tPort: pulumi.Int(6379),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tLogDeliveryConfigurations: elasticache.ClusterLogDeliveryConfigurationArray{\n\t\t\t\t\u0026elasticache.ClusterLogDeliveryConfigurationArgs{\n\t\t\t\t\tDestination: pulumi.Any(example.Name),\n\t\t\t\t\tDestinationType: pulumi.String(\"cloudwatch-logs\"),\n\t\t\t\t\tLogFormat: pulumi.String(\"text\"),\n\t\t\t\t\tLogType: pulumi.String(\"slow-log\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticache.ClusterLogDeliveryConfigurationArgs{\n\t\t\t\t\tDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),\n\t\t\t\t\tDestinationType: pulumi.String(\"kinesis-firehose\"),\n\t\t\t\t\tLogFormat: pulumi.String(\"json\"),\n\t\t\t\t\tLogType: pulumi.String(\"engine-log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport com.pulumi.aws.elasticache.inputs.ClusterLogDeliveryConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Cluster(\"test\", ClusterArgs.builder()\n .clusterId(\"mycluster\")\n .engine(\"redis\")\n .nodeType(\"cache.t3.micro\")\n .numCacheNodes(1)\n .port(6379)\n .applyImmediately(true)\n .logDeliveryConfigurations( \n ClusterLogDeliveryConfigurationArgs.builder()\n .destination(example.name())\n .destinationType(\"cloudwatch-logs\")\n .logFormat(\"text\")\n .logType(\"slow-log\")\n .build(),\n ClusterLogDeliveryConfigurationArgs.builder()\n .destination(exampleAwsKinesisFirehoseDeliveryStream.name())\n .destinationType(\"kinesis-firehose\")\n .logFormat(\"json\")\n .logType(\"engine-log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:Cluster\n properties:\n clusterId: mycluster\n engine: redis\n nodeType: cache.t3.micro\n numCacheNodes: 1\n port: 6379\n applyImmediately: true\n logDeliveryConfigurations:\n - destination: ${example.name}\n destinationType: cloudwatch-logs\n logFormat: text\n logType: slow-log\n - destination: ${exampleAwsKinesisFirehoseDeliveryStream.name}\n destinationType: kinesis-firehose\n logFormat: json\n logType: engine-log\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticache Cluster in Outpost\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutposts({});\nconst exampleGetOutpost = example.then(example =\u003e aws.outposts.getOutpost({\n id: example.ids?.[0],\n}));\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleSubnet = new aws.ec2.Subnet(\"example\", {\n vpcId: exampleVpc.id,\n cidrBlock: \"10.0.1.0/24\",\n tags: {\n Name: \"my-subnet\",\n },\n});\nconst exampleSubnetGroup = new aws.elasticache.SubnetGroup(\"example\", {\n name: \"my-cache-subnet\",\n subnetIds: [exampleSubnet.id],\n});\nconst exampleCluster = new aws.elasticache.Cluster(\"example\", {\n clusterId: \"cluster-example\",\n outpostMode: \"single-outpost\",\n preferredOutpostArn: exampleGetOutpost.then(exampleGetOutpost =\u003e exampleGetOutpost.arn),\n engine: \"memcached\",\n nodeType: \"cache.r5.large\",\n numCacheNodes: 2,\n parameterGroupName: \"default.memcached1.4\",\n port: 11211,\n subnetGroupName: exampleSubnetGroup.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outposts()\nexample_get_outpost = aws.outposts.get_outpost(id=example.ids[0])\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_subnet = aws.ec2.Subnet(\"example\",\n vpc_id=example_vpc.id,\n cidr_block=\"10.0.1.0/24\",\n tags={\n \"Name\": \"my-subnet\",\n })\nexample_subnet_group = aws.elasticache.SubnetGroup(\"example\",\n name=\"my-cache-subnet\",\n subnet_ids=[example_subnet.id])\nexample_cluster = aws.elasticache.Cluster(\"example\",\n cluster_id=\"cluster-example\",\n outpost_mode=\"single-outpost\",\n preferred_outpost_arn=example_get_outpost.arn,\n engine=\"memcached\",\n node_type=\"cache.r5.large\",\n num_cache_nodes=2,\n parameter_group_name=\"default.memcached1.4\",\n port=11211,\n subnet_group_name=example_subnet_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetOutposts.Invoke();\n\n var exampleGetOutpost = Aws.Outposts.GetOutpost.Invoke(new()\n {\n Id = example.Apply(getOutpostsResult =\u003e getOutpostsResult.Ids[0]),\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleSubnet = new Aws.Ec2.Subnet(\"example\", new()\n {\n VpcId = exampleVpc.Id,\n CidrBlock = \"10.0.1.0/24\",\n Tags = \n {\n { \"Name\", \"my-subnet\" },\n },\n });\n\n var exampleSubnetGroup = new Aws.ElastiCache.SubnetGroup(\"example\", new()\n {\n Name = \"my-cache-subnet\",\n SubnetIds = new[]\n {\n exampleSubnet.Id,\n },\n });\n\n var exampleCluster = new Aws.ElastiCache.Cluster(\"example\", new()\n {\n ClusterId = \"cluster-example\",\n OutpostMode = \"single-outpost\",\n PreferredOutpostArn = exampleGetOutpost.Apply(getOutpostResult =\u003e getOutpostResult.Arn),\n Engine = \"memcached\",\n NodeType = \"cache.r5.large\",\n NumCacheNodes = 2,\n ParameterGroupName = \"default.memcached1.4\",\n Port = 11211,\n SubnetGroupName = exampleSubnetGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := outposts.GetOutposts(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetOutpost, err := outposts.GetOutpost(ctx, \u0026outposts.GetOutpostArgs{\n\t\t\tId: pulumi.StringRef(example.Ids[0]),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"my-subnet\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnetGroup, err := elasticache.NewSubnetGroup(ctx, \"example\", \u0026elasticache.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"my-cache-subnet\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleSubnet.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewCluster(ctx, \"example\", \u0026elasticache.ClusterArgs{\n\t\t\tClusterId: pulumi.String(\"cluster-example\"),\n\t\t\tOutpostMode: pulumi.String(\"single-outpost\"),\n\t\t\tPreferredOutpostArn: pulumi.String(exampleGetOutpost.Arn),\n\t\t\tEngine: pulumi.String(\"memcached\"),\n\t\t\tNodeType: pulumi.String(\"cache.r5.large\"),\n\t\t\tNumCacheNodes: pulumi.Int(2),\n\t\t\tParameterGroupName: pulumi.String(\"default.memcached1.4\"),\n\t\t\tPort: pulumi.Int(11211),\n\t\t\tSubnetGroupName: exampleSubnetGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetOutpostsArgs;\nimport com.pulumi.aws.outposts.inputs.GetOutpostArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.elasticache.SubnetGroup;\nimport com.pulumi.aws.elasticache.SubnetGroupArgs;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getOutposts();\n\n final var exampleGetOutpost = OutpostsFunctions.getOutpost(GetOutpostArgs.builder()\n .id(example.applyValue(getOutpostsResult -\u003e getOutpostsResult.ids()[0]))\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .cidrBlock(\"10.0.1.0/24\")\n .tags(Map.of(\"Name\", \"my-subnet\"))\n .build());\n\n var exampleSubnetGroup = new SubnetGroup(\"exampleSubnetGroup\", SubnetGroupArgs.builder()\n .name(\"my-cache-subnet\")\n .subnetIds(exampleSubnet.id())\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .clusterId(\"cluster-example\")\n .outpostMode(\"single-outpost\")\n .preferredOutpostArn(exampleGetOutpost.applyValue(getOutpostResult -\u003e getOutpostResult.arn()))\n .engine(\"memcached\")\n .nodeType(\"cache.r5.large\")\n .numCacheNodes(2)\n .parameterGroupName(\"default.memcached1.4\")\n .port(11211)\n .subnetGroupName(exampleSubnetGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleSubnet:\n type: aws:ec2:Subnet\n name: example\n properties:\n vpcId: ${exampleVpc.id}\n cidrBlock: 10.0.1.0/24\n tags:\n Name: my-subnet\n exampleSubnetGroup:\n type: aws:elasticache:SubnetGroup\n name: example\n properties:\n name: my-cache-subnet\n subnetIds:\n - ${exampleSubnet.id}\n exampleCluster:\n type: aws:elasticache:Cluster\n name: example\n properties:\n clusterId: cluster-example\n outpostMode: single-outpost\n preferredOutpostArn: ${exampleGetOutpost.arn}\n engine: memcached\n nodeType: cache.r5.large\n numCacheNodes: 2\n parameterGroupName: default.memcached1.4\n port: 11211\n subnetGroupName: ${exampleSubnetGroup.name}\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getOutposts\n Arguments: {}\n exampleGetOutpost:\n fn::invoke:\n Function: aws:outposts:getOutpost\n Arguments:\n id: ${example.ids[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Clusters using the `cluster_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/cluster:Cluster my_cluster my_cluster\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Whether any database modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html).\n" }, "arn": { "type": "string", "description": "The ARN of the created ElastiCache Cluster.\n" }, "autoMinorVersionUpgrade": { "type": "string", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "availabilityZone": { "type": "string", "description": "Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone. Changing this value will re-create the resource.\n" }, "azMode": { "type": "string", "description": "Whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`.\n" }, "cacheNodes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterCacheNode:ClusterCacheNode" }, "description": "List of node objects including `id`, `address`, `port` and `availability_zone`.\n" }, "clusterAddress": { "type": "string", "description": "(Memcached only) DNS name of the cache cluster without the port appended.\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts this name to lowercase. Changing this value will re-create the resource.\n" }, "configurationEndpoint": { "type": "string", "description": "(Memcached only) Configuration endpoint to allow host discovery.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nIf not set, defaults to the latest version.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\nWhen `engine` is `redis` and the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. Cannot be provided with `replication_group_id.`\n" }, "engineVersionActual": { "type": "string", "description": "Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final cluster snapshot. If omitted, no final snapshot will be made.\n" }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterLogDeliveryConfiguration:ClusterLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. IPv6 is supported with Redis engine `6.2` onword or Memcached version `1.6.6` for all [Nitro system](https://aws.amazon.com/ec2/nitro/) instances. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n" }, "nodeType": { "type": "string", "description": "The instance class used. See AWS documentation for information on [supported node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). See AWS documentation for information on [supported node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/nodes-select-size.html). For Memcached, changing this value will re-create the resource.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`.\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the cache cluster will have. For Redis, this value must be 1. For Memcached, this value must be between 1 and 40. If this number is reduced on subsequent runs, the highest numbered nodes will be removed.\n" }, "outpostMode": { "type": "string", "description": "Specify the outpost mode that will apply to the cache cluster creation. Valid values are `\"single-outpost\"` and `\"cross-outpost\"`, however AWS currently only supports `\"single-outpost\"` mode.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this cache cluster.\n\nThe following arguments are optional:\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcached the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`. Changing this value will re-create the resource.\n" }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "preferredOutpostArn": { "type": "string", "description": "The outpost ARN in which the cache cluster will be created.\n" }, "replicationGroupId": { "type": "string", "description": "ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated with the cache cluster. Cannot be provided with `replication_group_id.`\n" }, "snapshotArns": { "type": "string", "description": "Single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. The object name cannot contain any commas. Changing `snapshot_arns` forces a new resource.\n" }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the cache cluster. Changing this value will re-create the resource. Cannot be provided with `replication_group_id.`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitEncryptionEnabled": { "type": "boolean", "description": "Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC. See the [ElastiCache in-transit encryption](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/in-transit-encryption-mc.html) documentation for more details.\n" } }, "required": [ "applyImmediately", "arn", "availabilityZone", "azMode", "cacheNodes", "clusterAddress", "clusterId", "configurationEndpoint", "engine", "engineVersion", "engineVersionActual", "ipDiscovery", "maintenanceWindow", "networkType", "nodeType", "numCacheNodes", "parameterGroupName", "port", "preferredOutpostArn", "replicationGroupId", "securityGroupIds", "snapshotWindow", "subnetGroupName", "tagsAll", "transitEncryptionEnabled" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Whether any database modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html).\n" }, "autoMinorVersionUpgrade": { "type": "string", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "availabilityZone": { "type": "string", "description": "Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "Whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`.\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts this name to lowercase. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nIf not set, defaults to the latest version.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\nWhen `engine` is `redis` and the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. Cannot be provided with `replication_group_id.`\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final cluster snapshot. If omitted, no final snapshot will be made.\n" }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterLogDeliveryConfiguration:ClusterLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. IPv6 is supported with Redis engine `6.2` onword or Memcached version `1.6.6` for all [Nitro system](https://aws.amazon.com/ec2/nitro/) instances. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "The instance class used. See AWS documentation for information on [supported node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). See AWS documentation for information on [supported node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/nodes-select-size.html). For Memcached, changing this value will re-create the resource.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`.\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the cache cluster will have. For Redis, this value must be 1. For Memcached, this value must be between 1 and 40. If this number is reduced on subsequent runs, the highest numbered nodes will be removed.\n" }, "outpostMode": { "type": "string", "description": "Specify the outpost mode that will apply to the cache cluster creation. Valid values are `\"single-outpost\"` and `\"cross-outpost\"`, however AWS currently only supports `\"single-outpost\"` mode.\n", "willReplaceOnChanges": true }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this cache cluster.\n\nThe following arguments are optional:\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcached the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "preferredOutpostArn": { "type": "string", "description": "The outpost ARN in which the cache cluster will be created.\n", "willReplaceOnChanges": true }, "replicationGroupId": { "type": "string", "description": "ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated with the cache cluster. Cannot be provided with `replication_group_id.`\n" }, "snapshotArns": { "type": "string", "description": "Single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. The object name cannot contain any commas. Changing `snapshot_arns` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing `snapshot_name` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the cache cluster. Changing this value will re-create the resource. Cannot be provided with `replication_group_id.`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC. See the [ElastiCache in-transit encryption](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/in-transit-encryption-mc.html) documentation for more details.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Whether any database modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon ElastiCache Documentation for more information.](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html).\n" }, "arn": { "type": "string", "description": "The ARN of the created ElastiCache Cluster.\n" }, "autoMinorVersionUpgrade": { "type": "string", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "availabilityZone": { "type": "string", "description": "Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferred_availability_zones` instead. Default: System chosen Availability Zone. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "Whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are `single-az` or `cross-az`, default is `single-az`. If you want to choose `cross-az`, `num_cache_nodes` must be greater than `1`.\n" }, "cacheNodes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterCacheNode:ClusterCacheNode" }, "description": "List of node objects including `id`, `address`, `port` and `availability_zone`.\n" }, "clusterAddress": { "type": "string", "description": "(Memcached only) DNS name of the cache cluster without the port appended.\n" }, "clusterId": { "type": "string", "description": "Group identifier. ElastiCache converts this name to lowercase. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "configurationEndpoint": { "type": "string", "description": "(Memcached only) Configuration endpoint to allow host discovery.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used.\nIf not set, defaults to the latest version.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\nWhen `engine` is `redis` and the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. Cannot be provided with `replication_group_id.`\n" }, "engineVersionActual": { "type": "string", "description": "Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final cluster snapshot. If omitted, no final snapshot will be made.\n" }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ClusterLogDeliveryConfiguration:ClusterLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC).\nThe minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. IPv6 is supported with Redis engine `6.2` onword or Memcached version `1.6.6` for all [Nitro system](https://aws.amazon.com/ec2/nitro/) instances. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "The instance class used. See AWS documentation for information on [supported node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Redis](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). See AWS documentation for information on [supported node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types for Memcached](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/nodes-select-size.html). For Memcached, changing this value will re-create the resource.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`.\n" }, "numCacheNodes": { "type": "integer", "description": "The initial number of cache nodes that the cache cluster will have. For Redis, this value must be 1. For Memcached, this value must be between 1 and 40. If this number is reduced on subsequent runs, the highest numbered nodes will be removed.\n" }, "outpostMode": { "type": "string", "description": "Specify the outpost mode that will apply to the cache cluster creation. Valid values are `\"single-outpost\"` and `\"cross-outpost\"`, however AWS currently only supports `\"single-outpost\"` mode.\n", "willReplaceOnChanges": true }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group to associate with this cache cluster.\n\nThe following arguments are optional:\n" }, "port": { "type": "integer", "description": "The port number on which each of the cache nodes will accept connections. For Memcached the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replication_group_id`. Changing this value will re-create the resource.\n", "willReplaceOnChanges": true }, "preferredAvailabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of the Availability Zones in which cache nodes are created. If you are creating your cluster in an Amazon VPC you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group. The number of Availability Zones listed must equal the value of `num_cache_nodes`. If you want all the nodes in the same Availability Zone, use `availability_zone` instead, or repeat the Availability Zone multiple times in the list. Default: System chosen Availability Zones. Detecting drift of existing node availability zone is not currently supported. Updating this argument by itself to migrate existing node availability zones is not currently supported and will show a perpetual difference.\n" }, "preferredOutpostArn": { "type": "string", "description": "The outpost ARN in which the cache cluster will be created.\n", "willReplaceOnChanges": true }, "replicationGroupId": { "type": "string", "description": "ID of the replication group to which this cluster should belong. If this parameter is specified, the cluster is added to the specified replication group as a read replica; otherwise, the cluster is a standalone primary that is not part of any replication group.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security groups associated with the cache cluster. Cannot be provided with `replication_group_id.`\n" }, "snapshotArns": { "type": "string", "description": "Single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. The object name cannot contain any commas. Changing `snapshot_arns` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing `snapshot_name` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. Example: 05:00-09:00\n" }, "subnetGroupName": { "type": "string", "description": "Name of the subnet group to be used for the cache cluster. Changing this value will re-create the resource. Cannot be provided with `replication_group_id.`\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitEncryptionEnabled": { "type": "boolean", "description": "Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC. See the [ElastiCache in-transit encryption](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/in-transit-encryption-mc.html) documentation for more details.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elasticache/globalReplicationGroup:GlobalReplicationGroup": { "description": "Provides an ElastiCache Global Replication Group resource, which manages replication between two or more Replication Groups in different regions. For more information, see the [ElastiCache User Guide](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Redis-Global-Datastore.html).\n\n## Example Usage\n\n### Global replication group with one secondary replication group\n\nThe global replication group depends on the primary group existing. Secondary replication groups depend on the global replication group. the provider dependency management will handle this transparently using resource value references.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.elasticache.ReplicationGroup(\"primary\", {\n replicationGroupId: \"example-primary\",\n description: \"primary replication group\",\n engine: \"redis\",\n engineVersion: \"5.0.6\",\n nodeType: \"cache.m5.large\",\n numCacheClusters: 1,\n});\nconst example = new aws.elasticache.GlobalReplicationGroup(\"example\", {\n globalReplicationGroupIdSuffix: \"example\",\n primaryReplicationGroupId: primary.id,\n});\nconst secondary = new aws.elasticache.ReplicationGroup(\"secondary\", {\n replicationGroupId: \"example-secondary\",\n description: \"secondary replication group\",\n globalReplicationGroupId: example.globalReplicationGroupId,\n numCacheClusters: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.elasticache.ReplicationGroup(\"primary\",\n replication_group_id=\"example-primary\",\n description=\"primary replication group\",\n engine=\"redis\",\n engine_version=\"5.0.6\",\n node_type=\"cache.m5.large\",\n num_cache_clusters=1)\nexample = aws.elasticache.GlobalReplicationGroup(\"example\",\n global_replication_group_id_suffix=\"example\",\n primary_replication_group_id=primary.id)\nsecondary = aws.elasticache.ReplicationGroup(\"secondary\",\n replication_group_id=\"example-secondary\",\n description=\"secondary replication group\",\n global_replication_group_id=example.global_replication_group_id,\n num_cache_clusters=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.ElastiCache.ReplicationGroup(\"primary\", new()\n {\n ReplicationGroupId = \"example-primary\",\n Description = \"primary replication group\",\n Engine = \"redis\",\n EngineVersion = \"5.0.6\",\n NodeType = \"cache.m5.large\",\n NumCacheClusters = 1,\n });\n\n var example = new Aws.ElastiCache.GlobalReplicationGroup(\"example\", new()\n {\n GlobalReplicationGroupIdSuffix = \"example\",\n PrimaryReplicationGroupId = primary.Id,\n });\n\n var secondary = new Aws.ElastiCache.ReplicationGroup(\"secondary\", new()\n {\n ReplicationGroupId = \"example-secondary\",\n Description = \"secondary replication group\",\n GlobalReplicationGroupId = example.GlobalReplicationGroupId,\n NumCacheClusters = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := elasticache.NewReplicationGroup(ctx, \"primary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-primary\"),\n\t\t\tDescription: pulumi.String(\"primary replication group\"),\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tEngineVersion: pulumi.String(\"5.0.6\"),\n\t\t\tNodeType: pulumi.String(\"cache.m5.large\"),\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := elasticache.NewGlobalReplicationGroup(ctx, \"example\", \u0026elasticache.GlobalReplicationGroupArgs{\n\t\t\tGlobalReplicationGroupIdSuffix: pulumi.String(\"example\"),\n\t\t\tPrimaryReplicationGroupId: primary.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewReplicationGroup(ctx, \"secondary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-secondary\"),\n\t\t\tDescription: pulumi.String(\"secondary replication group\"),\n\t\t\tGlobalReplicationGroupId: example.GlobalReplicationGroupId,\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroup;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new ReplicationGroup(\"primary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-primary\")\n .description(\"primary replication group\")\n .engine(\"redis\")\n .engineVersion(\"5.0.6\")\n .nodeType(\"cache.m5.large\")\n .numCacheClusters(1)\n .build());\n\n var example = new GlobalReplicationGroup(\"example\", GlobalReplicationGroupArgs.builder()\n .globalReplicationGroupIdSuffix(\"example\")\n .primaryReplicationGroupId(primary.id())\n .build());\n\n var secondary = new ReplicationGroup(\"secondary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-secondary\")\n .description(\"secondary replication group\")\n .globalReplicationGroupId(example.globalReplicationGroupId())\n .numCacheClusters(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:GlobalReplicationGroup\n properties:\n globalReplicationGroupIdSuffix: example\n primaryReplicationGroupId: ${primary.id}\n primary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-primary\n description: primary replication group\n engine: redis\n engineVersion: 5.0.6\n nodeType: cache.m5.large\n numCacheClusters: 1\n secondary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-secondary\n description: secondary replication group\n globalReplicationGroupId: ${example.globalReplicationGroupId}\n numCacheClusters: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managing Redis Engine Versions\n\nThe initial Redis version is determined by the version set on the primary replication group.\nHowever, once it is part of a Global Replication Group,\nthe Global Replication Group manages the version of all member replication groups.\n\nThe member replication groups must have `lifecycle.ignore_changes[engine_version]` set,\nor the provider will always return a diff.\n\nIn this example,\nthe primary replication group will be created with Redis 6.0,\nand then upgraded to Redis 6.2 once added to the Global Replication Group.\nThe secondary replication group will be created with Redis 6.2.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.elasticache.ReplicationGroup(\"primary\", {\n replicationGroupId: \"example-primary\",\n description: \"primary replication group\",\n engine: \"redis\",\n engineVersion: \"6.0\",\n nodeType: \"cache.m5.large\",\n numCacheClusters: 1,\n});\nconst example = new aws.elasticache.GlobalReplicationGroup(\"example\", {\n globalReplicationGroupIdSuffix: \"example\",\n primaryReplicationGroupId: primary.id,\n engineVersion: \"6.2\",\n});\nconst secondary = new aws.elasticache.ReplicationGroup(\"secondary\", {\n replicationGroupId: \"example-secondary\",\n description: \"secondary replication group\",\n globalReplicationGroupId: example.globalReplicationGroupId,\n numCacheClusters: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.elasticache.ReplicationGroup(\"primary\",\n replication_group_id=\"example-primary\",\n description=\"primary replication group\",\n engine=\"redis\",\n engine_version=\"6.0\",\n node_type=\"cache.m5.large\",\n num_cache_clusters=1)\nexample = aws.elasticache.GlobalReplicationGroup(\"example\",\n global_replication_group_id_suffix=\"example\",\n primary_replication_group_id=primary.id,\n engine_version=\"6.2\")\nsecondary = aws.elasticache.ReplicationGroup(\"secondary\",\n replication_group_id=\"example-secondary\",\n description=\"secondary replication group\",\n global_replication_group_id=example.global_replication_group_id,\n num_cache_clusters=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.ElastiCache.ReplicationGroup(\"primary\", new()\n {\n ReplicationGroupId = \"example-primary\",\n Description = \"primary replication group\",\n Engine = \"redis\",\n EngineVersion = \"6.0\",\n NodeType = \"cache.m5.large\",\n NumCacheClusters = 1,\n });\n\n var example = new Aws.ElastiCache.GlobalReplicationGroup(\"example\", new()\n {\n GlobalReplicationGroupIdSuffix = \"example\",\n PrimaryReplicationGroupId = primary.Id,\n EngineVersion = \"6.2\",\n });\n\n var secondary = new Aws.ElastiCache.ReplicationGroup(\"secondary\", new()\n {\n ReplicationGroupId = \"example-secondary\",\n Description = \"secondary replication group\",\n GlobalReplicationGroupId = example.GlobalReplicationGroupId,\n NumCacheClusters = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := elasticache.NewReplicationGroup(ctx, \"primary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-primary\"),\n\t\t\tDescription: pulumi.String(\"primary replication group\"),\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tEngineVersion: pulumi.String(\"6.0\"),\n\t\t\tNodeType: pulumi.String(\"cache.m5.large\"),\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := elasticache.NewGlobalReplicationGroup(ctx, \"example\", \u0026elasticache.GlobalReplicationGroupArgs{\n\t\t\tGlobalReplicationGroupIdSuffix: pulumi.String(\"example\"),\n\t\t\tPrimaryReplicationGroupId: primary.ID(),\n\t\t\tEngineVersion: pulumi.String(\"6.2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewReplicationGroup(ctx, \"secondary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-secondary\"),\n\t\t\tDescription: pulumi.String(\"secondary replication group\"),\n\t\t\tGlobalReplicationGroupId: example.GlobalReplicationGroupId,\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroup;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new ReplicationGroup(\"primary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-primary\")\n .description(\"primary replication group\")\n .engine(\"redis\")\n .engineVersion(\"6.0\")\n .nodeType(\"cache.m5.large\")\n .numCacheClusters(1)\n .build());\n\n var example = new GlobalReplicationGroup(\"example\", GlobalReplicationGroupArgs.builder()\n .globalReplicationGroupIdSuffix(\"example\")\n .primaryReplicationGroupId(primary.id())\n .engineVersion(\"6.2\")\n .build());\n\n var secondary = new ReplicationGroup(\"secondary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-secondary\")\n .description(\"secondary replication group\")\n .globalReplicationGroupId(example.globalReplicationGroupId())\n .numCacheClusters(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:GlobalReplicationGroup\n properties:\n globalReplicationGroupIdSuffix: example\n primaryReplicationGroupId: ${primary.id}\n engineVersion: '6.2'\n primary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-primary\n description: primary replication group\n engine: redis\n engineVersion: '6.0'\n nodeType: cache.m5.large\n numCacheClusters: 1\n secondary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-secondary\n description: secondary replication group\n globalReplicationGroupId: ${example.globalReplicationGroupId}\n numCacheClusters: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Global Replication Groups using the `global_replication_group_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/globalReplicationGroup:GlobalReplicationGroup my_global_replication_group okuqm-global-replication-group-1\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ElastiCache Global Replication Group.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "A flag that indicate whether the encryption at rest is enabled.\n" }, "authTokenEnabled": { "type": "boolean", "description": "A flag that indicate whether AuthToken (password) is enabled.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether read-only replicas will be automatically promoted to read/write primary if the existing primary fails.\nWhen creating, by default the Global Replication Group inherits the automatic failover setting of the primary replication group.\n" }, "cacheNodeType": { "type": "string", "description": "The instance class used.\nSee AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html)\nand [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html).\nWhen creating, by default the Global Replication Group inherits the node type of the primary replication group.\n" }, "clusterEnabled": { "type": "boolean", "description": "Indicates whether the Global Datastore is cluster enabled.\n" }, "engine": { "type": "string", "description": "The name of the cache engine to be used for the clusters in this global replication group.\n" }, "engineVersion": { "type": "string", "description": "Redis version to use for the Global Replication Group.\nWhen creating, by default the Global Replication Group inherits the version of the primary replication group.\nIf a version is specified, the Global Replication Group and all member replication groups will be upgraded to this version.\nCannot be downgraded without replacing the Global Replication Group and all member replication groups.\nWhen the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "The full version number of the cache engine running on the members of this global replication group.\n" }, "globalNodeGroups": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/GlobalReplicationGroupGlobalNodeGroup:GlobalReplicationGroupGlobalNodeGroup" }, "description": "Set of node groups (shards) on the global replication group.\nHas the values:\n" }, "globalReplicationGroupDescription": { "type": "string", "description": "A user-created description for the global replication group.\n" }, "globalReplicationGroupId": { "type": "string", "description": "The full ID of the global replication group.\n" }, "globalReplicationGroupIdSuffix": { "type": "string", "description": "The suffix name of a Global Datastore. If `global_replication_group_id_suffix` is changed, creates a new resource.\n" }, "numNodeGroups": { "type": "integer", "description": "The number of node groups (shards) on the global replication group.\n" }, "parameterGroupName": { "type": "string", "description": "An ElastiCache Parameter Group to use for the Global Replication Group.\nRequired when upgrading a major engine version, but will be ignored if left configured after the upgrade is complete.\nSpecifying without a major version upgrade will fail.\nNote that ElastiCache creates a copy of this parameter group for each member replication group.\n" }, "primaryReplicationGroupId": { "type": "string", "description": "The ID of the primary cluster that accepts writes and will replicate updates to the secondary cluster. If `primary_replication_group_id` is changed, creates a new resource.\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "A flag that indicates whether the encryption in transit is enabled.\n" } }, "required": [ "arn", "atRestEncryptionEnabled", "authTokenEnabled", "automaticFailoverEnabled", "cacheNodeType", "clusterEnabled", "engine", "engineVersion", "engineVersionActual", "globalNodeGroups", "globalReplicationGroupId", "globalReplicationGroupIdSuffix", "numNodeGroups", "primaryReplicationGroupId", "transitEncryptionEnabled" ], "inputProperties": { "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether read-only replicas will be automatically promoted to read/write primary if the existing primary fails.\nWhen creating, by default the Global Replication Group inherits the automatic failover setting of the primary replication group.\n" }, "cacheNodeType": { "type": "string", "description": "The instance class used.\nSee AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html)\nand [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html).\nWhen creating, by default the Global Replication Group inherits the node type of the primary replication group.\n" }, "engineVersion": { "type": "string", "description": "Redis version to use for the Global Replication Group.\nWhen creating, by default the Global Replication Group inherits the version of the primary replication group.\nIf a version is specified, the Global Replication Group and all member replication groups will be upgraded to this version.\nCannot be downgraded without replacing the Global Replication Group and all member replication groups.\nWhen the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "globalReplicationGroupDescription": { "type": "string", "description": "A user-created description for the global replication group.\n" }, "globalReplicationGroupIdSuffix": { "type": "string", "description": "The suffix name of a Global Datastore. If `global_replication_group_id_suffix` is changed, creates a new resource.\n", "willReplaceOnChanges": true }, "numNodeGroups": { "type": "integer", "description": "The number of node groups (shards) on the global replication group.\n" }, "parameterGroupName": { "type": "string", "description": "An ElastiCache Parameter Group to use for the Global Replication Group.\nRequired when upgrading a major engine version, but will be ignored if left configured after the upgrade is complete.\nSpecifying without a major version upgrade will fail.\nNote that ElastiCache creates a copy of this parameter group for each member replication group.\n" }, "primaryReplicationGroupId": { "type": "string", "description": "The ID of the primary cluster that accepts writes and will replicate updates to the secondary cluster. If `primary_replication_group_id` is changed, creates a new resource.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "globalReplicationGroupIdSuffix", "primaryReplicationGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalReplicationGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ElastiCache Global Replication Group.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "A flag that indicate whether the encryption at rest is enabled.\n" }, "authTokenEnabled": { "type": "boolean", "description": "A flag that indicate whether AuthToken (password) is enabled.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether read-only replicas will be automatically promoted to read/write primary if the existing primary fails.\nWhen creating, by default the Global Replication Group inherits the automatic failover setting of the primary replication group.\n" }, "cacheNodeType": { "type": "string", "description": "The instance class used.\nSee AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html)\nand [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html).\nWhen creating, by default the Global Replication Group inherits the node type of the primary replication group.\n" }, "clusterEnabled": { "type": "boolean", "description": "Indicates whether the Global Datastore is cluster enabled.\n" }, "engine": { "type": "string", "description": "The name of the cache engine to be used for the clusters in this global replication group.\n" }, "engineVersion": { "type": "string", "description": "Redis version to use for the Global Replication Group.\nWhen creating, by default the Global Replication Group inherits the version of the primary replication group.\nIf a version is specified, the Global Replication Group and all member replication groups will be upgraded to this version.\nCannot be downgraded without replacing the Global Replication Group and all member replication groups.\nWhen the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nWhen the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "The full version number of the cache engine running on the members of this global replication group.\n" }, "globalNodeGroups": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/GlobalReplicationGroupGlobalNodeGroup:GlobalReplicationGroupGlobalNodeGroup" }, "description": "Set of node groups (shards) on the global replication group.\nHas the values:\n" }, "globalReplicationGroupDescription": { "type": "string", "description": "A user-created description for the global replication group.\n" }, "globalReplicationGroupId": { "type": "string", "description": "The full ID of the global replication group.\n" }, "globalReplicationGroupIdSuffix": { "type": "string", "description": "The suffix name of a Global Datastore. If `global_replication_group_id_suffix` is changed, creates a new resource.\n", "willReplaceOnChanges": true }, "numNodeGroups": { "type": "integer", "description": "The number of node groups (shards) on the global replication group.\n" }, "parameterGroupName": { "type": "string", "description": "An ElastiCache Parameter Group to use for the Global Replication Group.\nRequired when upgrading a major engine version, but will be ignored if left configured after the upgrade is complete.\nSpecifying without a major version upgrade will fail.\nNote that ElastiCache creates a copy of this parameter group for each member replication group.\n" }, "primaryReplicationGroupId": { "type": "string", "description": "The ID of the primary cluster that accepts writes and will replicate updates to the secondary cluster. If `primary_replication_group_id` is changed, creates a new resource.\n", "willReplaceOnChanges": true }, "transitEncryptionEnabled": { "type": "boolean", "description": "A flag that indicates whether the encryption in transit is enabled.\n" } }, "type": "object" } }, "aws:elasticache/parameterGroup:ParameterGroup": { "description": "Provides an ElastiCache parameter group resource.\n\n\u003e **NOTE:** Attempting to remove the `reserved-memory` parameter when `family` is set to `redis2.6` or `redis2.8` may show a perpetual difference in this provider due to an ElastiCache API limitation. Leave that parameter configured with any value to workaround the issue.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.elasticache.ParameterGroup(\"default\", {\n name: \"cache-params\",\n family: \"redis2.8\",\n parameters: [\n {\n name: \"activerehashing\",\n value: \"yes\",\n },\n {\n name: \"min-slaves-to-write\",\n value: \"2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.elasticache.ParameterGroup(\"default\",\n name=\"cache-params\",\n family=\"redis2.8\",\n parameters=[\n {\n \"name\": \"activerehashing\",\n \"value\": \"yes\",\n },\n {\n \"name\": \"min-slaves-to-write\",\n \"value\": \"2\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.ElastiCache.ParameterGroup(\"default\", new()\n {\n Name = \"cache-params\",\n Family = \"redis2.8\",\n Parameters = new[]\n {\n new Aws.ElastiCache.Inputs.ParameterGroupParameterArgs\n {\n Name = \"activerehashing\",\n Value = \"yes\",\n },\n new Aws.ElastiCache.Inputs.ParameterGroupParameterArgs\n {\n Name = \"min-slaves-to-write\",\n Value = \"2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewParameterGroup(ctx, \"default\", \u0026elasticache.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"cache-params\"),\n\t\t\tFamily: pulumi.String(\"redis2.8\"),\n\t\t\tParameters: elasticache.ParameterGroupParameterArray{\n\t\t\t\t\u0026elasticache.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"activerehashing\"),\n\t\t\t\t\tValue: pulumi.String(\"yes\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticache.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"min-slaves-to-write\"),\n\t\t\t\t\tValue: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ParameterGroup;\nimport com.pulumi.aws.elasticache.ParameterGroupArgs;\nimport com.pulumi.aws.elasticache.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new ParameterGroup(\"default\", ParameterGroupArgs.builder()\n .name(\"cache-params\")\n .family(\"redis2.8\")\n .parameters( \n ParameterGroupParameterArgs.builder()\n .name(\"activerehashing\")\n .value(\"yes\")\n .build(),\n ParameterGroupParameterArgs.builder()\n .name(\"min-slaves-to-write\")\n .value(\"2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:elasticache:ParameterGroup\n properties:\n name: cache-params\n family: redis2.8\n parameters:\n - name: activerehashing\n value: yes\n - name: min-slaves-to-write\n value: '2'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:elasticache/parameterGroup:ParameterGroup default redis-params\n```\n", "properties": { "arn": { "type": "string", "description": "The AWS ARN associated with the parameter group.\n" }, "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n" }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "family", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The AWS ARN associated with the parameter group.\n" }, "description": { "type": "string", "description": "The description of the ElastiCache parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the ElastiCache parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the ElastiCache parameter.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of ElastiCache parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:elasticache/replicationGroup:ReplicationGroup": { "description": "Provides an ElastiCache Replication Group resource.\n\nFor working with a [Memcached cluster](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/WhatIs.html) or a\n[single-node Redis instance (Cluster Mode Disabled)](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html),\nsee the `aws.elasticache.Cluster` resource.\n\n\u003e **Note:** When you change an attribute, such as `engine_version`, by\ndefault the ElastiCache API applies it in the next maintenance window. Because\nof this, this provider may report a difference in its planning phase because the\nactual modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change\nimmediately. Using `apply_immediately` can result in a brief downtime as\nservers reboots.\nSee the AWS Documentation on\n[Modifying an ElastiCache Cache Cluster](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.Modify.html)\nfor more information.\n\n\u003e **Note:** Any attribute changes that re-create the resource will be applied immediately, regardless of the value of `apply_immediately`.\n\n\u003e **Note:** Be aware of the terminology collision around \"cluster\" for `aws.elasticache.ReplicationGroup`. For example, it is possible to create a [\"Cluster Mode Disabled [Redis] Cluster\"](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.Create.CON.Redis.html). With \"Cluster Mode Enabled\", the data will be stored in shards (called \"node groups\"). See [Redis Cluster Configuration](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/cluster-create-determine-requirements.html#redis-cluster-configuration) for a diagram of the differences. To enable cluster mode, use a parameter group that has cluster mode enabled. The default parameter groups provided by AWS end with \".cluster.on\", for example `default.redis6.x.cluster.on`.\n\n## Example Usage\n\n### Redis Cluster Mode Disabled\n\nTo create a single shard primary with single read replica:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.ReplicationGroup(\"example\", {\n automaticFailoverEnabled: true,\n preferredCacheClusterAzs: [\n \"us-west-2a\",\n \"us-west-2b\",\n ],\n replicationGroupId: \"tf-rep-group-1\",\n description: \"example description\",\n nodeType: \"cache.m4.large\",\n numCacheClusters: 2,\n parameterGroupName: \"default.redis3.2\",\n port: 6379,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.ReplicationGroup(\"example\",\n automatic_failover_enabled=True,\n preferred_cache_cluster_azs=[\n \"us-west-2a\",\n \"us-west-2b\",\n ],\n replication_group_id=\"tf-rep-group-1\",\n description=\"example description\",\n node_type=\"cache.m4.large\",\n num_cache_clusters=2,\n parameter_group_name=\"default.redis3.2\",\n port=6379)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.ReplicationGroup(\"example\", new()\n {\n AutomaticFailoverEnabled = true,\n PreferredCacheClusterAzs = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n },\n ReplicationGroupId = \"tf-rep-group-1\",\n Description = \"example description\",\n NodeType = \"cache.m4.large\",\n NumCacheClusters = 2,\n ParameterGroupName = \"default.redis3.2\",\n Port = 6379,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewReplicationGroup(ctx, \"example\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tAutomaticFailoverEnabled: pulumi.Bool(true),\n\t\t\tPreferredCacheClusterAzs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t},\n\t\t\tReplicationGroupId: pulumi.String(\"tf-rep-group-1\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheClusters: pulumi.Int(2),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReplicationGroup(\"example\", ReplicationGroupArgs.builder()\n .automaticFailoverEnabled(true)\n .preferredCacheClusterAzs( \n \"us-west-2a\",\n \"us-west-2b\")\n .replicationGroupId(\"tf-rep-group-1\")\n .description(\"example description\")\n .nodeType(\"cache.m4.large\")\n .numCacheClusters(2)\n .parameterGroupName(\"default.redis3.2\")\n .port(6379)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:ReplicationGroup\n properties:\n automaticFailoverEnabled: true\n preferredCacheClusterAzs:\n - us-west-2a\n - us-west-2b\n replicationGroupId: tf-rep-group-1\n description: example description\n nodeType: cache.m4.large\n numCacheClusters: 2\n parameterGroupName: default.redis3.2\n port: 6379\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nYou have two options for adjusting the number of replicas:\n\n* Adjusting `num_cache_clusters` directly. This will attempt to automatically add or remove replicas, but provides no granular control (e.g., preferred availability zone, cache cluster ID) for the added or removed replicas. This also currently expects cache cluster IDs in the form of `replication_group_id-00#`.\n* Otherwise for fine grained control of the underlying cache clusters, they can be added or removed with the `aws.elasticache.Cluster` resource and its `replication_group_id` attribute. In this situation, you will need to utilize [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to prevent perpetual differences with the `number_cache_cluster` attribute.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.ReplicationGroup(\"example\", {\n automaticFailoverEnabled: true,\n preferredCacheClusterAzs: [\n \"us-west-2a\",\n \"us-west-2b\",\n ],\n replicationGroupId: \"tf-rep-group-1\",\n description: \"example description\",\n nodeType: \"cache.m4.large\",\n numCacheClusters: 2,\n parameterGroupName: \"default.redis3.2\",\n port: 6379,\n});\nconst replica: aws.elasticache.Cluster[] = [];\nfor (const range = {value: 0}; range.value \u003c 1; range.value++) {\n replica.push(new aws.elasticache.Cluster(`replica-${range.value}`, {\n clusterId: `tf-rep-group-1-${range.value}`,\n replicationGroupId: example.id,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.ReplicationGroup(\"example\",\n automatic_failover_enabled=True,\n preferred_cache_cluster_azs=[\n \"us-west-2a\",\n \"us-west-2b\",\n ],\n replication_group_id=\"tf-rep-group-1\",\n description=\"example description\",\n node_type=\"cache.m4.large\",\n num_cache_clusters=2,\n parameter_group_name=\"default.redis3.2\",\n port=6379)\nreplica = []\nfor range in [{\"value\": i} for i in range(0, 1)]:\n replica.append(aws.elasticache.Cluster(f\"replica-{range['value']}\",\n cluster_id=f\"tf-rep-group-1-{range['value']}\",\n replication_group_id=example.id))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.ReplicationGroup(\"example\", new()\n {\n AutomaticFailoverEnabled = true,\n PreferredCacheClusterAzs = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n },\n ReplicationGroupId = \"tf-rep-group-1\",\n Description = \"example description\",\n NodeType = \"cache.m4.large\",\n NumCacheClusters = 2,\n ParameterGroupName = \"default.redis3.2\",\n Port = 6379,\n });\n\n var replica = new List\u003cAws.ElastiCache.Cluster\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 1; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n replica.Add(new Aws.ElastiCache.Cluster($\"replica-{range.Value}\", new()\n {\n ClusterId = $\"tf-rep-group-1-{range.Value}\",\n ReplicationGroupId = example.Id,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticache.NewReplicationGroup(ctx, \"example\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tAutomaticFailoverEnabled: pulumi.Bool(true),\n\t\t\tPreferredCacheClusterAzs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t},\n\t\t\tReplicationGroupId: pulumi.String(\"tf-rep-group-1\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tNodeType: pulumi.String(\"cache.m4.large\"),\n\t\t\tNumCacheClusters: pulumi.Int(2),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar replica []*elasticache.Cluster\n\t\tfor index := 0; index \u003c 1; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := elasticache.NewCluster(ctx, fmt.Sprintf(\"replica-%v\", key0), \u0026elasticache.ClusterArgs{\n\t\t\t\tClusterId: pulumi.String(fmt.Sprintf(\"tf-rep-group-1-%v\", val0)),\n\t\t\t\tReplicationGroupId: example.ID(),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\treplica = append(replica, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport com.pulumi.aws.elasticache.Cluster;\nimport com.pulumi.aws.elasticache.ClusterArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReplicationGroup(\"example\", ReplicationGroupArgs.builder()\n .automaticFailoverEnabled(true)\n .preferredCacheClusterAzs( \n \"us-west-2a\",\n \"us-west-2b\")\n .replicationGroupId(\"tf-rep-group-1\")\n .description(\"example description\")\n .nodeType(\"cache.m4.large\")\n .numCacheClusters(2)\n .parameterGroupName(\"default.redis3.2\")\n .port(6379)\n .build());\n\n for (var i = 0; i \u003c 1; i++) {\n new Cluster(\"replica-\" + i, ClusterArgs.builder()\n .clusterId(String.format(\"tf-rep-group-1-%s\", range.value()))\n .replicationGroupId(example.id())\n .build());\n\n \n}\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:ReplicationGroup\n properties:\n automaticFailoverEnabled: true\n preferredCacheClusterAzs:\n - us-west-2a\n - us-west-2b\n replicationGroupId: tf-rep-group-1\n description: example description\n nodeType: cache.m4.large\n numCacheClusters: 2\n parameterGroupName: default.redis3.2\n port: 6379\n replica:\n type: aws:elasticache:Cluster\n properties:\n clusterId: tf-rep-group-1-${range.value}\n replicationGroupId: ${example.id}\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Cluster Mode Enabled\n\nTo create two shards with a primary and a single read replica each:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst baz = new aws.elasticache.ReplicationGroup(\"baz\", {\n replicationGroupId: \"tf-redis-cluster\",\n description: \"example description\",\n nodeType: \"cache.t2.small\",\n port: 6379,\n parameterGroupName: \"default.redis3.2.cluster.on\",\n automaticFailoverEnabled: true,\n numNodeGroups: 2,\n replicasPerNodeGroup: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbaz = aws.elasticache.ReplicationGroup(\"baz\",\n replication_group_id=\"tf-redis-cluster\",\n description=\"example description\",\n node_type=\"cache.t2.small\",\n port=6379,\n parameter_group_name=\"default.redis3.2.cluster.on\",\n automatic_failover_enabled=True,\n num_node_groups=2,\n replicas_per_node_group=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var baz = new Aws.ElastiCache.ReplicationGroup(\"baz\", new()\n {\n ReplicationGroupId = \"tf-redis-cluster\",\n Description = \"example description\",\n NodeType = \"cache.t2.small\",\n Port = 6379,\n ParameterGroupName = \"default.redis3.2.cluster.on\",\n AutomaticFailoverEnabled = true,\n NumNodeGroups = 2,\n ReplicasPerNodeGroup = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewReplicationGroup(ctx, \"baz\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"tf-redis-cluster\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tNodeType: pulumi.String(\"cache.t2.small\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t\tParameterGroupName: pulumi.String(\"default.redis3.2.cluster.on\"),\n\t\t\tAutomaticFailoverEnabled: pulumi.Bool(true),\n\t\t\tNumNodeGroups: pulumi.Int(2),\n\t\t\tReplicasPerNodeGroup: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var baz = new ReplicationGroup(\"baz\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"tf-redis-cluster\")\n .description(\"example description\")\n .nodeType(\"cache.t2.small\")\n .port(6379)\n .parameterGroupName(\"default.redis3.2.cluster.on\")\n .automaticFailoverEnabled(true)\n .numNodeGroups(2)\n .replicasPerNodeGroup(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n baz:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: tf-redis-cluster\n description: example description\n nodeType: cache.t2.small\n port: 6379\n parameterGroupName: default.redis3.2.cluster.on\n automaticFailoverEnabled: true\n numNodeGroups: 2\n replicasPerNodeGroup: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Log Delivery configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.ReplicationGroup(\"test\", {\n replicationGroupId: \"myreplicaciongroup\",\n description: \"test description\",\n nodeType: \"cache.t3.small\",\n port: 6379,\n applyImmediately: true,\n autoMinorVersionUpgrade: false,\n maintenanceWindow: \"tue:06:30-tue:07:30\",\n snapshotWindow: \"01:00-02:00\",\n logDeliveryConfigurations: [\n {\n destination: example.name,\n destinationType: \"cloudwatch-logs\",\n logFormat: \"text\",\n logType: \"slow-log\",\n },\n {\n destination: exampleAwsKinesisFirehoseDeliveryStream.name,\n destinationType: \"kinesis-firehose\",\n logFormat: \"json\",\n logType: \"engine-log\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.ReplicationGroup(\"test\",\n replication_group_id=\"myreplicaciongroup\",\n description=\"test description\",\n node_type=\"cache.t3.small\",\n port=6379,\n apply_immediately=True,\n auto_minor_version_upgrade=False,\n maintenance_window=\"tue:06:30-tue:07:30\",\n snapshot_window=\"01:00-02:00\",\n log_delivery_configurations=[\n {\n \"destination\": example[\"name\"],\n \"destination_type\": \"cloudwatch-logs\",\n \"log_format\": \"text\",\n \"log_type\": \"slow-log\",\n },\n {\n \"destination\": example_aws_kinesis_firehose_delivery_stream[\"name\"],\n \"destination_type\": \"kinesis-firehose\",\n \"log_format\": \"json\",\n \"log_type\": \"engine-log\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.ReplicationGroup(\"test\", new()\n {\n ReplicationGroupId = \"myreplicaciongroup\",\n Description = \"test description\",\n NodeType = \"cache.t3.small\",\n Port = 6379,\n ApplyImmediately = true,\n AutoMinorVersionUpgrade = false,\n MaintenanceWindow = \"tue:06:30-tue:07:30\",\n SnapshotWindow = \"01:00-02:00\",\n LogDeliveryConfigurations = new[]\n {\n new Aws.ElastiCache.Inputs.ReplicationGroupLogDeliveryConfigurationArgs\n {\n Destination = example.Name,\n DestinationType = \"cloudwatch-logs\",\n LogFormat = \"text\",\n LogType = \"slow-log\",\n },\n new Aws.ElastiCache.Inputs.ReplicationGroupLogDeliveryConfigurationArgs\n {\n Destination = exampleAwsKinesisFirehoseDeliveryStream.Name,\n DestinationType = \"kinesis-firehose\",\n LogFormat = \"json\",\n LogType = \"engine-log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewReplicationGroup(ctx, \"test\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"myreplicaciongroup\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tNodeType: pulumi.String(\"cache.t3.small\"),\n\t\t\tPort: pulumi.Int(6379),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(false),\n\t\t\tMaintenanceWindow: pulumi.String(\"tue:06:30-tue:07:30\"),\n\t\t\tSnapshotWindow: pulumi.String(\"01:00-02:00\"),\n\t\t\tLogDeliveryConfigurations: elasticache.ReplicationGroupLogDeliveryConfigurationArray{\n\t\t\t\t\u0026elasticache.ReplicationGroupLogDeliveryConfigurationArgs{\n\t\t\t\t\tDestination: pulumi.Any(example.Name),\n\t\t\t\t\tDestinationType: pulumi.String(\"cloudwatch-logs\"),\n\t\t\t\t\tLogFormat: pulumi.String(\"text\"),\n\t\t\t\t\tLogType: pulumi.String(\"slow-log\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticache.ReplicationGroupLogDeliveryConfigurationArgs{\n\t\t\t\t\tDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),\n\t\t\t\t\tDestinationType: pulumi.String(\"kinesis-firehose\"),\n\t\t\t\t\tLogFormat: pulumi.String(\"json\"),\n\t\t\t\t\tLogType: pulumi.String(\"engine-log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport com.pulumi.aws.elasticache.inputs.ReplicationGroupLogDeliveryConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ReplicationGroup(\"test\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"myreplicaciongroup\")\n .description(\"test description\")\n .nodeType(\"cache.t3.small\")\n .port(6379)\n .applyImmediately(true)\n .autoMinorVersionUpgrade(false)\n .maintenanceWindow(\"tue:06:30-tue:07:30\")\n .snapshotWindow(\"01:00-02:00\")\n .logDeliveryConfigurations( \n ReplicationGroupLogDeliveryConfigurationArgs.builder()\n .destination(example.name())\n .destinationType(\"cloudwatch-logs\")\n .logFormat(\"text\")\n .logType(\"slow-log\")\n .build(),\n ReplicationGroupLogDeliveryConfigurationArgs.builder()\n .destination(exampleAwsKinesisFirehoseDeliveryStream.name())\n .destinationType(\"kinesis-firehose\")\n .logFormat(\"json\")\n .logType(\"engine-log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: myreplicaciongroup\n description: test description\n nodeType: cache.t3.small\n port: 6379\n applyImmediately: true\n autoMinorVersionUpgrade: false\n maintenanceWindow: tue:06:30-tue:07:30\n snapshotWindow: 01:00-02:00\n logDeliveryConfigurations:\n - destination: ${example.name}\n destinationType: cloudwatch-logs\n logFormat: text\n logType: slow-log\n - destination: ${exampleAwsKinesisFirehoseDeliveryStream.name}\n destinationType: kinesis-firehose\n logFormat: json\n logType: engine-log\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** We currently do not support passing a `primary_cluster_id` in order to create the Replication Group.\n\n\u003e **Note:** Automatic Failover is unavailable for Redis versions earlier than 2.8.6,\nand unavailable on T1 node types. For T2 node types, it is only available on Redis version 3.2.4 or later with cluster mode enabled. See the [High Availability Using Replication Groups](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Replication.html) guide\nfor full details on using Replication Groups.\n\n### Creating a secondary replication group for a global replication group\n\nA Global Replication Group can have one one two secondary Replication Groups in different regions. These are added to an existing Global Replication Group.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.elasticache.ReplicationGroup(\"primary\", {\n replicationGroupId: \"example-primary\",\n description: \"primary replication group\",\n engine: \"redis\",\n engineVersion: \"5.0.6\",\n nodeType: \"cache.m5.large\",\n numCacheClusters: 1,\n});\nconst example = new aws.elasticache.GlobalReplicationGroup(\"example\", {\n globalReplicationGroupIdSuffix: \"example\",\n primaryReplicationGroupId: primary.id,\n});\nconst secondary = new aws.elasticache.ReplicationGroup(\"secondary\", {\n replicationGroupId: \"example-secondary\",\n description: \"secondary replication group\",\n globalReplicationGroupId: example.globalReplicationGroupId,\n numCacheClusters: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.elasticache.ReplicationGroup(\"primary\",\n replication_group_id=\"example-primary\",\n description=\"primary replication group\",\n engine=\"redis\",\n engine_version=\"5.0.6\",\n node_type=\"cache.m5.large\",\n num_cache_clusters=1)\nexample = aws.elasticache.GlobalReplicationGroup(\"example\",\n global_replication_group_id_suffix=\"example\",\n primary_replication_group_id=primary.id)\nsecondary = aws.elasticache.ReplicationGroup(\"secondary\",\n replication_group_id=\"example-secondary\",\n description=\"secondary replication group\",\n global_replication_group_id=example.global_replication_group_id,\n num_cache_clusters=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.ElastiCache.ReplicationGroup(\"primary\", new()\n {\n ReplicationGroupId = \"example-primary\",\n Description = \"primary replication group\",\n Engine = \"redis\",\n EngineVersion = \"5.0.6\",\n NodeType = \"cache.m5.large\",\n NumCacheClusters = 1,\n });\n\n var example = new Aws.ElastiCache.GlobalReplicationGroup(\"example\", new()\n {\n GlobalReplicationGroupIdSuffix = \"example\",\n PrimaryReplicationGroupId = primary.Id,\n });\n\n var secondary = new Aws.ElastiCache.ReplicationGroup(\"secondary\", new()\n {\n ReplicationGroupId = \"example-secondary\",\n Description = \"secondary replication group\",\n GlobalReplicationGroupId = example.GlobalReplicationGroupId,\n NumCacheClusters = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := elasticache.NewReplicationGroup(ctx, \"primary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-primary\"),\n\t\t\tDescription: pulumi.String(\"primary replication group\"),\n\t\t\tEngine: pulumi.String(\"redis\"),\n\t\t\tEngineVersion: pulumi.String(\"5.0.6\"),\n\t\t\tNodeType: pulumi.String(\"cache.m5.large\"),\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := elasticache.NewGlobalReplicationGroup(ctx, \"example\", \u0026elasticache.GlobalReplicationGroupArgs{\n\t\t\tGlobalReplicationGroupIdSuffix: pulumi.String(\"example\"),\n\t\t\tPrimaryReplicationGroupId: primary.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewReplicationGroup(ctx, \"secondary\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example-secondary\"),\n\t\t\tDescription: pulumi.String(\"secondary replication group\"),\n\t\t\tGlobalReplicationGroupId: example.GlobalReplicationGroupId,\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroup;\nimport com.pulumi.aws.elasticache.GlobalReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new ReplicationGroup(\"primary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-primary\")\n .description(\"primary replication group\")\n .engine(\"redis\")\n .engineVersion(\"5.0.6\")\n .nodeType(\"cache.m5.large\")\n .numCacheClusters(1)\n .build());\n\n var example = new GlobalReplicationGroup(\"example\", GlobalReplicationGroupArgs.builder()\n .globalReplicationGroupIdSuffix(\"example\")\n .primaryReplicationGroupId(primary.id())\n .build());\n\n var secondary = new ReplicationGroup(\"secondary\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example-secondary\")\n .description(\"secondary replication group\")\n .globalReplicationGroupId(example.globalReplicationGroupId())\n .numCacheClusters(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n secondary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-secondary\n description: secondary replication group\n globalReplicationGroupId: ${example.globalReplicationGroupId}\n numCacheClusters: 1\n example:\n type: aws:elasticache:GlobalReplicationGroup\n properties:\n globalReplicationGroupIdSuffix: example\n primaryReplicationGroupId: ${primary.id}\n primary:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example-primary\n description: primary replication group\n engine: redis\n engineVersion: 5.0.6\n nodeType: cache.m5.large\n numCacheClusters: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis AUTH and In-Transit Encryption Enabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.ReplicationGroup(\"example\", {\n replicationGroupId: \"example\",\n description: \"example with authentication\",\n nodeType: \"cache.t2.micro\",\n numCacheClusters: 1,\n port: 6379,\n subnetGroupName: exampleAwsElasticacheSubnetGroup.name,\n securityGroupIds: [exampleAwsSecurityGroup.id],\n parameterGroupName: \"default.redis5.0\",\n engineVersion: \"5.0.6\",\n transitEncryptionEnabled: true,\n authToken: \"abcdefgh1234567890\",\n authTokenUpdateStrategy: \"ROTATE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.ReplicationGroup(\"example\",\n replication_group_id=\"example\",\n description=\"example with authentication\",\n node_type=\"cache.t2.micro\",\n num_cache_clusters=1,\n port=6379,\n subnet_group_name=example_aws_elasticache_subnet_group[\"name\"],\n security_group_ids=[example_aws_security_group[\"id\"]],\n parameter_group_name=\"default.redis5.0\",\n engine_version=\"5.0.6\",\n transit_encryption_enabled=True,\n auth_token=\"abcdefgh1234567890\",\n auth_token_update_strategy=\"ROTATE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.ReplicationGroup(\"example\", new()\n {\n ReplicationGroupId = \"example\",\n Description = \"example with authentication\",\n NodeType = \"cache.t2.micro\",\n NumCacheClusters = 1,\n Port = 6379,\n SubnetGroupName = exampleAwsElasticacheSubnetGroup.Name,\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n ParameterGroupName = \"default.redis5.0\",\n EngineVersion = \"5.0.6\",\n TransitEncryptionEnabled = true,\n AuthToken = \"abcdefgh1234567890\",\n AuthTokenUpdateStrategy = \"ROTATE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewReplicationGroup(ctx, \"example\", \u0026elasticache.ReplicationGroupArgs{\n\t\t\tReplicationGroupId: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example with authentication\"),\n\t\t\tNodeType: pulumi.String(\"cache.t2.micro\"),\n\t\t\tNumCacheClusters: pulumi.Int(1),\n\t\t\tPort: pulumi.Int(6379),\n\t\t\tSubnetGroupName: pulumi.Any(exampleAwsElasticacheSubnetGroup.Name),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tParameterGroupName: pulumi.String(\"default.redis5.0\"),\n\t\t\tEngineVersion: pulumi.String(\"5.0.6\"),\n\t\t\tTransitEncryptionEnabled: pulumi.Bool(true),\n\t\t\tAuthToken: pulumi.String(\"abcdefgh1234567890\"),\n\t\t\tAuthTokenUpdateStrategy: pulumi.String(\"ROTATE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ReplicationGroup;\nimport com.pulumi.aws.elasticache.ReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReplicationGroup(\"example\", ReplicationGroupArgs.builder()\n .replicationGroupId(\"example\")\n .description(\"example with authentication\")\n .nodeType(\"cache.t2.micro\")\n .numCacheClusters(1)\n .port(6379)\n .subnetGroupName(exampleAwsElasticacheSubnetGroup.name())\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .parameterGroupName(\"default.redis5.0\")\n .engineVersion(\"5.0.6\")\n .transitEncryptionEnabled(true)\n .authToken(\"abcdefgh1234567890\")\n .authTokenUpdateStrategy(\"ROTATE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticache:ReplicationGroup\n properties:\n replicationGroupId: example\n description: example with authentication\n nodeType: cache.t2.micro\n numCacheClusters: 1\n port: 6379\n subnetGroupName: ${exampleAwsElasticacheSubnetGroup.name}\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n parameterGroupName: default.redis5.0\n engineVersion: 5.0.6\n transitEncryptionEnabled: true\n authToken: abcdefgh1234567890\n authTokenUpdateStrategy: ROTATE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e When adding a new `auth_token` to a previously passwordless replication group, using the `ROTATE` update strategy will result in support for **both** the new token and passwordless authentication. To immediately require authorization when adding the initial token, use the `SET` strategy instead. See the [Authenticating with the Redis AUTH command](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html) guide for additional details.\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Replication Groups using the `replication_group_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/replicationGroup:ReplicationGroup my_replication_group replication-group-1\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "ARN of the created ElastiCache Replication Group.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n" }, "authToken": { "type": "string", "description": "Password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n", "secret": true }, "authTokenUpdateStrategy": { "type": "string", "description": "Strategy to use when updating the `auth_token`. Valid values are `SET`, `ROTATE`, and `DELETE`. Defaults to `ROTATE`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If enabled, `num_cache_clusters` must be greater than 1. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "clusterEnabled": { "type": "boolean", "description": "Indicates if cluster mode is enabled.\n" }, "clusterMode": { "type": "string", "description": "Specifies whether cluster mode is enabled or disabled. Valid values are `enabled` or `disabled` or `compatible`\n" }, "configurationEndpointAddress": { "type": "string", "description": "Address of the replication group configuration endpoint when cluster mode is enabled.\n" }, "dataTieringEnabled": { "type": "boolean", "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to `true` when using r6gd nodes.\n" }, "description": { "type": "string", "description": "User-created description for the replication group. Must not be empty.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for the clusters in this replication group. The only valid value is `redis`.\n" }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used for the cache clusters in this replication group.\nIf the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nIf the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made.\n" }, "globalReplicationGroupId": { "type": "string", "description": "The ID of the global replication group to which this replication group should belong. If this parameter is specified, the replication group is added to the specified global replication group as a secondary replication group; otherwise, the replication group is not part of any global replication group. If `global_replication_group_id` is set, the `num_node_groups` parameter cannot be set.\n" }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n" }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ReplicationGroupLogDeliveryConfiguration:ReplicationGroupLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance on the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "memberClusters": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of all the nodes that are part of this replication group.\n" }, "multiAzEnabled": { "type": "boolean", "description": "Specifies whether to enable Multi-AZ Support for the replication group.\nIf `true`, `automatic_failover_enabled` must also be enabled.\nDefaults to `false`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n" }, "nodeType": { "type": "string", "description": "Instance class to be used. See AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). Required unless `global_replication_group_id` is set. Cannot be set if `global_replication_group_id` is set.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheClusters": { "type": "integer", "description": "Number of cache clusters (primary and replicas) this replication group will have.\nIf `automatic_failover_enabled` or `multi_az_enabled` are `true`, must be at least 2.\nUpdates will occur before other modifications.\nConflicts with `num_node_groups` and `replicas_per_node_group`.\nDefaults to `1`.\n" }, "numNodeGroups": { "type": "integer", "description": "Number of node groups (shards) for this Redis replication group.\nChanging this number will trigger a resizing operation before other settings modifications.\nConflicts with `num_cache_clusters`.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used. To enable \"cluster mode\", i.e., data sharding, use a parameter group that has the parameter `cluster-enabled` set to true.\n" }, "port": { "type": "integer", "description": "Port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n" }, "preferredCacheClusterAzs": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is considered. The first item in the list will be the primary node. Ignored when updating.\n" }, "primaryEndpointAddress": { "type": "string", "description": "(Redis only) Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled.\n" }, "readerEndpointAddress": { "type": "string", "description": "(Redis only) Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled.\n" }, "replicasPerNodeGroup": { "type": "integer", "description": "Number of replica nodes in each node group.\nChanging this number will trigger a resizing operation before other settings modifications.\nValid values are 0 to 5.\nConflicts with `num_cache_clusters`.\nCan only be set if `num_node_groups` is set.\n" }, "replicationGroupId": { "type": "string", "description": "Replication group identifier. This parameter is stored as a lowercase string.\n\nThe following arguments are optional:\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Names of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs that identify Redis RDB snapshot files stored in Amazon S3. The names object names cannot contain any commas.\n" }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of `snapshot_retention_limit` is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "Name of the cache subnet group to be used for the replication group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Adding tags to this resource will add or overwrite any existing tags on the clusters in the replication group and not to the group itself. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\nChanging this argument with an `engine_version` \u003c `7.0.5` will force a replacement.\nEngine versions prior to `7.0.5` only allow this transit encryption to be configured during creation of the replication group.\n" }, "transitEncryptionMode": { "type": "string", "description": "A setting that enables clients to migrate to in-transit encryption with no downtime.\nValid values are `preferred` and `required`.\nWhen enabling encryption on an existing replication group, this must first be set to `preferred` before setting it to `required` in a subsequent apply.\nSee the `TransitEncryptionMode` field in the [`CreateReplicationGroup` API documentation](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html) for additional details.\n" }, "userGroupIds": { "type": "array", "items": { "type": "string" }, "description": "User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid. **NOTE:** This argument _is_ a set because the AWS specification allows for multiple IDs. However, in practice, AWS only allows a maximum size of one.\n" } }, "required": [ "applyImmediately", "arn", "atRestEncryptionEnabled", "autoMinorVersionUpgrade", "clusterEnabled", "clusterMode", "configurationEndpointAddress", "dataTieringEnabled", "description", "engineVersion", "engineVersionActual", "globalReplicationGroupId", "ipDiscovery", "maintenanceWindow", "memberClusters", "networkType", "nodeType", "numCacheClusters", "numNodeGroups", "parameterGroupName", "primaryEndpointAddress", "readerEndpointAddress", "replicasPerNodeGroup", "replicationGroupId", "securityGroupIds", "securityGroupNames", "snapshotWindow", "subnetGroupName", "tagsAll", "transitEncryptionEnabled", "transitEncryptionMode" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n", "willReplaceOnChanges": true }, "authToken": { "type": "string", "description": "Password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n", "secret": true }, "authTokenUpdateStrategy": { "type": "string", "description": "Strategy to use when updating the `auth_token`. Valid values are `SET`, `ROTATE`, and `DELETE`. Defaults to `ROTATE`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If enabled, `num_cache_clusters` must be greater than 1. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "clusterMode": { "type": "string", "description": "Specifies whether cluster mode is enabled or disabled. Valid values are `enabled` or `disabled` or `compatible`\n" }, "dataTieringEnabled": { "type": "boolean", "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to `true` when using r6gd nodes.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "User-created description for the replication group. Must not be empty.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for the clusters in this replication group. The only valid value is `redis`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used for the cache clusters in this replication group.\nIf the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nIf the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made.\n" }, "globalReplicationGroupId": { "type": "string", "description": "The ID of the global replication group to which this replication group should belong. If this parameter is specified, the replication group is added to the specified global replication group as a secondary replication group; otherwise, the replication group is not part of any global replication group. If `global_replication_group_id` is set, the `num_node_groups` parameter cannot be set.\n", "willReplaceOnChanges": true }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n", "willReplaceOnChanges": true }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ReplicationGroupLogDeliveryConfiguration:ReplicationGroupLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance on the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "multiAzEnabled": { "type": "boolean", "description": "Specifies whether to enable Multi-AZ Support for the replication group.\nIf `true`, `automatic_failover_enabled` must also be enabled.\nDefaults to `false`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "Instance class to be used. See AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). Required unless `global_replication_group_id` is set. Cannot be set if `global_replication_group_id` is set.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheClusters": { "type": "integer", "description": "Number of cache clusters (primary and replicas) this replication group will have.\nIf `automatic_failover_enabled` or `multi_az_enabled` are `true`, must be at least 2.\nUpdates will occur before other modifications.\nConflicts with `num_node_groups` and `replicas_per_node_group`.\nDefaults to `1`.\n" }, "numNodeGroups": { "type": "integer", "description": "Number of node groups (shards) for this Redis replication group.\nChanging this number will trigger a resizing operation before other settings modifications.\nConflicts with `num_cache_clusters`.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used. To enable \"cluster mode\", i.e., data sharding, use a parameter group that has the parameter `cluster-enabled` set to true.\n" }, "port": { "type": "integer", "description": "Port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n", "willReplaceOnChanges": true }, "preferredCacheClusterAzs": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is considered. The first item in the list will be the primary node. Ignored when updating.\n" }, "replicasPerNodeGroup": { "type": "integer", "description": "Number of replica nodes in each node group.\nChanging this number will trigger a resizing operation before other settings modifications.\nValid values are 0 to 5.\nConflicts with `num_cache_clusters`.\nCan only be set if `num_node_groups` is set.\n" }, "replicationGroupId": { "type": "string", "description": "Replication group identifier. This parameter is stored as a lowercase string.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Names of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n", "willReplaceOnChanges": true }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs that identify Redis RDB snapshot files stored in Amazon S3. The names object names cannot contain any commas.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of `snapshot_retention_limit` is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "Name of the cache subnet group to be used for the replication group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Adding tags to this resource will add or overwrite any existing tags on the clusters in the replication group and not to the group itself. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\nChanging this argument with an `engine_version` \u003c `7.0.5` will force a replacement.\nEngine versions prior to `7.0.5` only allow this transit encryption to be configured during creation of the replication group.\n" }, "transitEncryptionMode": { "type": "string", "description": "A setting that enables clients to migrate to in-transit encryption with no downtime.\nValid values are `preferred` and `required`.\nWhen enabling encryption on an existing replication group, this must first be set to `preferred` before setting it to `required` in a subsequent apply.\nSee the `TransitEncryptionMode` field in the [`CreateReplicationGroup` API documentation](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html) for additional details.\n" }, "userGroupIds": { "type": "array", "items": { "type": "string" }, "description": "User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid. **NOTE:** This argument _is_ a set because the AWS specification allows for multiple IDs. However, in practice, AWS only allows a maximum size of one.\n" } }, "requiredInputs": [ "description" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationGroup resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "ARN of the created ElastiCache Replication Group.\n" }, "atRestEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption at rest.\n", "willReplaceOnChanges": true }, "authToken": { "type": "string", "description": "Password used to access a password protected server. Can be specified only if `transit_encryption_enabled = true`.\n", "secret": true }, "authTokenUpdateStrategy": { "type": "string", "description": "Strategy to use when updating the `auth_token`. Valid values are `SET`, `ROTATE`, and `DELETE`. Defaults to `ROTATE`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window.\nOnly supported for engine type `\"redis\"` and if the engine version is 6 or higher.\nDefaults to `true`.\n" }, "automaticFailoverEnabled": { "type": "boolean", "description": "Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. If enabled, `num_cache_clusters` must be greater than 1. Must be enabled for Redis (cluster mode enabled) replication groups. Defaults to `false`.\n" }, "clusterEnabled": { "type": "boolean", "description": "Indicates if cluster mode is enabled.\n" }, "clusterMode": { "type": "string", "description": "Specifies whether cluster mode is enabled or disabled. Valid values are `enabled` or `disabled` or `compatible`\n" }, "configurationEndpointAddress": { "type": "string", "description": "Address of the replication group configuration endpoint when cluster mode is enabled.\n" }, "dataTieringEnabled": { "type": "boolean", "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to `true` when using r6gd nodes.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "User-created description for the replication group. Must not be empty.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for the clusters in this replication group. The only valid value is `redis`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version number of the cache engine to be used for the cache clusters in this replication group.\nIf the version is 7 or higher, the major and minor version should be set, e.g., `7.2`.\nIf the version is 6, the major and minor version can be set, e.g., `6.2`,\nor the minor version can be unspecified which will use the latest version at creation time, e.g., `6.x`.\nOtherwise, specify the full version desired, e.g., `5.0.6`.\nThe actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made.\n" }, "globalReplicationGroupId": { "type": "string", "description": "The ID of the global replication group to which this replication group should belong. If this parameter is specified, the replication group is added to the specified global replication group as a secondary replication group; otherwise, the replication group is not part of any global replication group. If `global_replication_group_id` is set, the `num_node_groups` parameter cannot be set.\n", "willReplaceOnChanges": true }, "ipDiscovery": { "type": "string", "description": "The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6`.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`.\n", "willReplaceOnChanges": true }, "logDeliveryConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ReplicationGroupLogDeliveryConfiguration:ReplicationGroupLogDeliveryConfiguration" }, "description": "Specifies the destination and format of Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See the documentation on [Amazon ElastiCache](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log). See Log Delivery Configuration below for more details.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range for when maintenance on the cache cluster is performed. The format is `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:05:00-sun:09:00`\n" }, "memberClusters": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of all the nodes that are part of this replication group.\n" }, "multiAzEnabled": { "type": "boolean", "description": "Specifies whether to enable Multi-AZ Support for the replication group.\nIf `true`, `automatic_failover_enabled` must also be enabled.\nDefaults to `false`.\n" }, "networkType": { "type": "string", "description": "The IP versions for cache cluster connections. Valid values are `ipv4`, `ipv6` or `dual_stack`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "Instance class to be used. See AWS documentation for information on [supported node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html) and [guidance on selecting node types](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/nodes-select-size.html). Required unless `global_replication_group_id` is set. Cannot be set if `global_replication_group_id` is set.\n" }, "notificationTopicArn": { "type": "string", "description": "ARN of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`\n" }, "numCacheClusters": { "type": "integer", "description": "Number of cache clusters (primary and replicas) this replication group will have.\nIf `automatic_failover_enabled` or `multi_az_enabled` are `true`, must be at least 2.\nUpdates will occur before other modifications.\nConflicts with `num_node_groups` and `replicas_per_node_group`.\nDefaults to `1`.\n" }, "numNodeGroups": { "type": "integer", "description": "Number of node groups (shards) for this Redis replication group.\nChanging this number will trigger a resizing operation before other settings modifications.\nConflicts with `num_cache_clusters`.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used. To enable \"cluster mode\", i.e., data sharding, use a parameter group that has the parameter `cluster-enabled` set to true.\n" }, "port": { "type": "integer", "description": "Port number on which each of the cache nodes will accept connections. For Memcache the default is 11211, and for Redis the default port is 6379.\n", "willReplaceOnChanges": true }, "preferredCacheClusterAzs": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is considered. The first item in the list will be the primary node. Ignored when updating.\n" }, "primaryEndpointAddress": { "type": "string", "description": "(Redis only) Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled.\n" }, "readerEndpointAddress": { "type": "string", "description": "(Redis only) Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled.\n" }, "replicasPerNodeGroup": { "type": "integer", "description": "Number of replica nodes in each node group.\nChanging this number will trigger a resizing operation before other settings modifications.\nValid values are 0 to 5.\nConflicts with `num_cache_clusters`.\nCan only be set if `num_node_groups` is set.\n" }, "replicationGroupId": { "type": "string", "description": "Replication group identifier. This parameter is stored as a lowercase string.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "IDs of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n" }, "securityGroupNames": { "type": "array", "items": { "type": "string" }, "description": "Names of one or more Amazon VPC security groups associated with this replication group. Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud.\n", "willReplaceOnChanges": true }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs that identify Redis RDB snapshot files stored in Amazon S3. The names object names cannot contain any commas.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "Name of a snapshot from which to restore data into the new node group. Changing the `snapshot_name` forces a new resource.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of `snapshot_retention_limit` is set to zero (0), backups are turned off. Please note that setting a `snapshot_retention_limit` is not supported on cache.t1.micro cache nodes\n" }, "snapshotWindow": { "type": "string", "description": "Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. The minimum snapshot window is a 60 minute period. Example: `05:00-09:00`\n" }, "subnetGroupName": { "type": "string", "description": "Name of the cache subnet group to be used for the replication group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. Adding tags to this resource will add or overwrite any existing tags on the clusters in the replication group and not to the group itself. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitEncryptionEnabled": { "type": "boolean", "description": "Whether to enable encryption in transit.\nChanging this argument with an `engine_version` \u003c `7.0.5` will force a replacement.\nEngine versions prior to `7.0.5` only allow this transit encryption to be configured during creation of the replication group.\n" }, "transitEncryptionMode": { "type": "string", "description": "A setting that enables clients to migrate to in-transit encryption with no downtime.\nValid values are `preferred` and `required`.\nWhen enabling encryption on an existing replication group, this must first be set to `preferred` before setting it to `required` in a subsequent apply.\nSee the `TransitEncryptionMode` field in the [`CreateReplicationGroup` API documentation](https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html) for additional details.\n" }, "userGroupIds": { "type": "array", "items": { "type": "string" }, "description": "User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid. **NOTE:** This argument _is_ a set because the AWS specification allows for multiple IDs. However, in practice, AWS only allows a maximum size of one.\n" } }, "type": "object" } }, "aws:elasticache/serverlessCache:ServerlessCache": { "description": "Provides an ElastiCache Serverless Cache resource which manages memcached or redis.\n\n## Example Usage\n\n### Memcached Serverless\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.ServerlessCache(\"example\", {\n engine: \"memcached\",\n name: \"example\",\n cacheUsageLimits: {\n dataStorage: {\n maximum: 10,\n unit: \"GB\",\n },\n ecpuPerSeconds: [{\n maximum: 5000,\n }],\n },\n description: \"Test Server\",\n kmsKeyId: test.arn,\n majorEngineVersion: \"1.6\",\n securityGroupIds: [testAwsSecurityGroup.id],\n subnetIds: testAwsSubnet.map(__item =\u003e __item.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.ServerlessCache(\"example\",\n engine=\"memcached\",\n name=\"example\",\n cache_usage_limits={\n \"data_storage\": {\n \"maximum\": 10,\n \"unit\": \"GB\",\n },\n \"ecpu_per_seconds\": [{\n \"maximum\": 5000,\n }],\n },\n description=\"Test Server\",\n kms_key_id=test[\"arn\"],\n major_engine_version=\"1.6\",\n security_group_ids=[test_aws_security_group[\"id\"]],\n subnet_ids=[__item[\"id\"] for __item in test_aws_subnet])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.ServerlessCache(\"example\", new()\n {\n Engine = \"memcached\",\n Name = \"example\",\n CacheUsageLimits = new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsArgs\n {\n DataStorage = new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsDataStorageArgs\n {\n Maximum = 10,\n Unit = \"GB\",\n },\n EcpuPerSeconds = new[]\n {\n new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs\n {\n Maximum = 5000,\n },\n },\n },\n Description = \"Test Server\",\n KmsKeyId = test.Arn,\n MajorEngineVersion = \"1.6\",\n SecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SubnetIds = testAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range testAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := elasticache.NewServerlessCache(ctx, \"example\", \u0026elasticache.ServerlessCacheArgs{\nEngine: pulumi.String(\"memcached\"),\nName: pulumi.String(\"example\"),\nCacheUsageLimits: \u0026elasticache.ServerlessCacheCacheUsageLimitsArgs{\nDataStorage: \u0026elasticache.ServerlessCacheCacheUsageLimitsDataStorageArgs{\nMaximum: pulumi.Int(10),\nUnit: pulumi.String(\"GB\"),\n},\nEcpuPerSeconds: elasticache.ServerlessCacheCacheUsageLimitsEcpuPerSecondArray{\n\u0026elasticache.ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs{\nMaximum: pulumi.Int(5000),\n},\n},\n},\nDescription: pulumi.String(\"Test Server\"),\nKmsKeyId: pulumi.Any(test.Arn),\nMajorEngineVersion: pulumi.String(\"1.6\"),\nSecurityGroupIds: pulumi.StringArray{\ntestAwsSecurityGroup.Id,\n},\nSubnetIds: toPulumiArray(splat0),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ServerlessCache;\nimport com.pulumi.aws.elasticache.ServerlessCacheArgs;\nimport com.pulumi.aws.elasticache.inputs.ServerlessCacheCacheUsageLimitsArgs;\nimport com.pulumi.aws.elasticache.inputs.ServerlessCacheCacheUsageLimitsDataStorageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessCache(\"example\", ServerlessCacheArgs.builder()\n .engine(\"memcached\")\n .name(\"example\")\n .cacheUsageLimits(ServerlessCacheCacheUsageLimitsArgs.builder()\n .dataStorage(ServerlessCacheCacheUsageLimitsDataStorageArgs.builder()\n .maximum(10)\n .unit(\"GB\")\n .build())\n .ecpuPerSeconds(ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs.builder()\n .maximum(5000)\n .build())\n .build())\n .description(\"Test Server\")\n .kmsKeyId(test.arn())\n .majorEngineVersion(\"1.6\")\n .securityGroupIds(testAwsSecurityGroup.id())\n .subnetIds(testAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redis Serverless\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticache.ServerlessCache(\"example\", {\n engine: \"redis\",\n name: \"example\",\n cacheUsageLimits: {\n dataStorage: {\n maximum: 10,\n unit: \"GB\",\n },\n ecpuPerSeconds: [{\n maximum: 5000,\n }],\n },\n dailySnapshotTime: \"09:00\",\n description: \"Test Server\",\n kmsKeyId: test.arn,\n majorEngineVersion: \"7\",\n snapshotRetentionLimit: 1,\n securityGroupIds: [testAwsSecurityGroup.id],\n subnetIds: testAwsSubnet.map(__item =\u003e __item.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.ServerlessCache(\"example\",\n engine=\"redis\",\n name=\"example\",\n cache_usage_limits={\n \"data_storage\": {\n \"maximum\": 10,\n \"unit\": \"GB\",\n },\n \"ecpu_per_seconds\": [{\n \"maximum\": 5000,\n }],\n },\n daily_snapshot_time=\"09:00\",\n description=\"Test Server\",\n kms_key_id=test[\"arn\"],\n major_engine_version=\"7\",\n snapshot_retention_limit=1,\n security_group_ids=[test_aws_security_group[\"id\"]],\n subnet_ids=[__item[\"id\"] for __item in test_aws_subnet])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElastiCache.ServerlessCache(\"example\", new()\n {\n Engine = \"redis\",\n Name = \"example\",\n CacheUsageLimits = new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsArgs\n {\n DataStorage = new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsDataStorageArgs\n {\n Maximum = 10,\n Unit = \"GB\",\n },\n EcpuPerSeconds = new[]\n {\n new Aws.ElastiCache.Inputs.ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs\n {\n Maximum = 5000,\n },\n },\n },\n DailySnapshotTime = \"09:00\",\n Description = \"Test Server\",\n KmsKeyId = test.Arn,\n MajorEngineVersion = \"7\",\n SnapshotRetentionLimit = 1,\n SecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SubnetIds = testAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range testAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := elasticache.NewServerlessCache(ctx, \"example\", \u0026elasticache.ServerlessCacheArgs{\nEngine: pulumi.String(\"redis\"),\nName: pulumi.String(\"example\"),\nCacheUsageLimits: \u0026elasticache.ServerlessCacheCacheUsageLimitsArgs{\nDataStorage: \u0026elasticache.ServerlessCacheCacheUsageLimitsDataStorageArgs{\nMaximum: pulumi.Int(10),\nUnit: pulumi.String(\"GB\"),\n},\nEcpuPerSeconds: elasticache.ServerlessCacheCacheUsageLimitsEcpuPerSecondArray{\n\u0026elasticache.ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs{\nMaximum: pulumi.Int(5000),\n},\n},\n},\nDailySnapshotTime: pulumi.String(\"09:00\"),\nDescription: pulumi.String(\"Test Server\"),\nKmsKeyId: pulumi.Any(test.Arn),\nMajorEngineVersion: pulumi.String(\"7\"),\nSnapshotRetentionLimit: pulumi.Int(1),\nSecurityGroupIds: pulumi.StringArray{\ntestAwsSecurityGroup.Id,\n},\nSubnetIds: toPulumiArray(splat0),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ServerlessCache;\nimport com.pulumi.aws.elasticache.ServerlessCacheArgs;\nimport com.pulumi.aws.elasticache.inputs.ServerlessCacheCacheUsageLimitsArgs;\nimport com.pulumi.aws.elasticache.inputs.ServerlessCacheCacheUsageLimitsDataStorageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessCache(\"example\", ServerlessCacheArgs.builder()\n .engine(\"redis\")\n .name(\"example\")\n .cacheUsageLimits(ServerlessCacheCacheUsageLimitsArgs.builder()\n .dataStorage(ServerlessCacheCacheUsageLimitsDataStorageArgs.builder()\n .maximum(10)\n .unit(\"GB\")\n .build())\n .ecpuPerSeconds(ServerlessCacheCacheUsageLimitsEcpuPerSecondArgs.builder()\n .maximum(5000)\n .build())\n .build())\n .dailySnapshotTime(\"09:00\")\n .description(\"Test Server\")\n .kmsKeyId(test.arn())\n .majorEngineVersion(\"7\")\n .snapshotRetentionLimit(1)\n .securityGroupIds(testAwsSecurityGroup.id())\n .subnetIds(testAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Serverless Cache using the `name`. For example:\n\n```sh\n$ pulumi import aws:elasticache/serverlessCache:ServerlessCache my_cluster my_cluster\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the serverless cache.\n" }, "cacheUsageLimits": { "$ref": "#/types/aws:elasticache/ServerlessCacheCacheUsageLimits:ServerlessCacheCacheUsageLimits", "description": "Sets the cache usage limits for storage and ElastiCache Processing Units for the cache. See configuration below.\n" }, "createTime": { "type": "string", "description": "Timestamp of when the serverless cache was created.\n" }, "dailySnapshotTime": { "type": "string", "description": "The daily time that snapshots will be created from the new serverless cache. Only supported for engine type `\"redis\"`. Defaults to `0`.\n" }, "description": { "type": "string", "description": "User-provided description for the serverless cache. The default is NULL.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ServerlessCacheEndpoint:ServerlessCacheEndpoint" }, "description": "Represents the information required for client programs to connect to a cache node. See config below for details.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n" }, "fullEngineVersion": { "type": "string", "description": "The name and version number of the engine the serverless cache is compatible with.\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the customer managed key for encrypting the data at rest. If no KMS key is provided, a default service key is used.\n" }, "majorEngineVersion": { "type": "string", "description": "The version of the cache engine that will be used to create the serverless cache.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\n" }, "name": { "type": "string", "description": "The Cluster name which serves as a unique identifier to the serverless cache\n\nThe following arguments are optional:\n" }, "readerEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ServerlessCacheReaderEndpoint:ServerlessCacheReaderEndpoint" }, "description": "Represents the information required for client programs to connect to a cache node. See config below for details.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the one or more VPC security groups to be associated with the serverless cache. The security group will authorize traffic access for the VPC end-point (private-link). If no other information is given this will be the VPC’s Default Security Group that is associated with the cluster VPC end-point.\n" }, "snapshotArnsToRestores": { "type": "array", "items": { "type": "string" }, "description": "The list of ARN(s) of the snapshot that the new serverless cache will be created from. Available for Redis only.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of snapshots that will be retained for the serverless cache that is being created. As new snapshots beyond this limit are added, the oldest snapshots will be deleted on a rolling basis. Available for Redis only.\n" }, "status": { "type": "string", "description": "The current status of the serverless cache. The allowed values are CREATING, AVAILABLE, DELETING, CREATE-FAILED and MODIFYING.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the subnets where the VPC endpoint for the serverless cache will be deployed. All the subnetIds must belong to the same VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:elasticache/ServerlessCacheTimeouts:ServerlessCacheTimeouts" }, "userGroupId": { "type": "string", "description": "The identifier of the UserGroup to be associated with the serverless cache. Available for Redis only. Default is NULL.\n" } }, "required": [ "arn", "createTime", "dailySnapshotTime", "description", "endpoints", "engine", "fullEngineVersion", "majorEngineVersion", "name", "readerEndpoints", "securityGroupIds", "snapshotRetentionLimit", "status", "subnetIds", "tagsAll" ], "inputProperties": { "cacheUsageLimits": { "$ref": "#/types/aws:elasticache/ServerlessCacheCacheUsageLimits:ServerlessCacheCacheUsageLimits", "description": "Sets the cache usage limits for storage and ElastiCache Processing Units for the cache. See configuration below.\n" }, "dailySnapshotTime": { "type": "string", "description": "The daily time that snapshots will be created from the new serverless cache. Only supported for engine type `\"redis\"`. Defaults to `0`.\n" }, "description": { "type": "string", "description": "User-provided description for the serverless cache. The default is NULL.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the customer managed key for encrypting the data at rest. If no KMS key is provided, a default service key is used.\n" }, "majorEngineVersion": { "type": "string", "description": "The version of the cache engine that will be used to create the serverless cache.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\n" }, "name": { "type": "string", "description": "The Cluster name which serves as a unique identifier to the serverless cache\n\nThe following arguments are optional:\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the one or more VPC security groups to be associated with the serverless cache. The security group will authorize traffic access for the VPC end-point (private-link). If no other information is given this will be the VPC’s Default Security Group that is associated with the cluster VPC end-point.\n" }, "snapshotArnsToRestores": { "type": "array", "items": { "type": "string" }, "description": "The list of ARN(s) of the snapshot that the new serverless cache will be created from. Available for Redis only.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of snapshots that will be retained for the serverless cache that is being created. As new snapshots beyond this limit are added, the oldest snapshots will be deleted on a rolling basis. Available for Redis only.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the subnets where the VPC endpoint for the serverless cache will be deployed. All the subnetIds must belong to the same VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:elasticache/ServerlessCacheTimeouts:ServerlessCacheTimeouts" }, "userGroupId": { "type": "string", "description": "The identifier of the UserGroup to be associated with the serverless cache. Available for Redis only. Default is NULL.\n" } }, "requiredInputs": [ "engine" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessCache resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the serverless cache.\n" }, "cacheUsageLimits": { "$ref": "#/types/aws:elasticache/ServerlessCacheCacheUsageLimits:ServerlessCacheCacheUsageLimits", "description": "Sets the cache usage limits for storage and ElastiCache Processing Units for the cache. See configuration below.\n" }, "createTime": { "type": "string", "description": "Timestamp of when the serverless cache was created.\n" }, "dailySnapshotTime": { "type": "string", "description": "The daily time that snapshots will be created from the new serverless cache. Only supported for engine type `\"redis\"`. Defaults to `0`.\n" }, "description": { "type": "string", "description": "User-provided description for the serverless cache. The default is NULL.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ServerlessCacheEndpoint:ServerlessCacheEndpoint" }, "description": "Represents the information required for client programs to connect to a cache node. See config below for details.\n" }, "engine": { "type": "string", "description": "Name of the cache engine to be used for this cache cluster. Valid values are `memcached` or `redis`.\n" }, "fullEngineVersion": { "type": "string", "description": "The name and version number of the engine the serverless cache is compatible with.\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the customer managed key for encrypting the data at rest. If no KMS key is provided, a default service key is used.\n" }, "majorEngineVersion": { "type": "string", "description": "The version of the cache engine that will be used to create the serverless cache.\nSee [Describe Cache Engine Versions](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-engine-versions.html) in the AWS Documentation for supported versions.\n" }, "name": { "type": "string", "description": "The Cluster name which serves as a unique identifier to the serverless cache\n\nThe following arguments are optional:\n" }, "readerEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/ServerlessCacheReaderEndpoint:ServerlessCacheReaderEndpoint" }, "description": "Represents the information required for client programs to connect to a cache node. See config below for details.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the one or more VPC security groups to be associated with the serverless cache. The security group will authorize traffic access for the VPC end-point (private-link). If no other information is given this will be the VPC’s Default Security Group that is associated with the cluster VPC end-point.\n" }, "snapshotArnsToRestores": { "type": "array", "items": { "type": "string" }, "description": "The list of ARN(s) of the snapshot that the new serverless cache will be created from. Available for Redis only.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of snapshots that will be retained for the serverless cache that is being created. As new snapshots beyond this limit are added, the oldest snapshots will be deleted on a rolling basis. Available for Redis only.\n" }, "status": { "type": "string", "description": "The current status of the serverless cache. The allowed values are CREATING, AVAILABLE, DELETING, CREATE-FAILED and MODIFYING.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of the identifiers of the subnets where the VPC endpoint for the serverless cache will be deployed. All the subnetIds must belong to the same VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:elasticache/ServerlessCacheTimeouts:ServerlessCacheTimeouts" }, "userGroupId": { "type": "string", "description": "The identifier of the UserGroup to be associated with the serverless cache. Available for Redis only. Default is NULL.\n" } }, "type": "object" } }, "aws:elasticache/subnetGroup:SubnetGroup": { "description": "Provides an ElastiCache Subnet Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.Vpc(\"foo\", {\n cidrBlock: \"10.0.0.0/16\",\n tags: {\n Name: \"tf-test\",\n },\n});\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n vpcId: foo.id,\n cidrBlock: \"10.0.0.0/24\",\n availabilityZone: \"us-west-2a\",\n tags: {\n Name: \"tf-test\",\n },\n});\nconst bar = new aws.elasticache.SubnetGroup(\"bar\", {\n name: \"tf-test-cache-subnet\",\n subnetIds: [fooSubnet.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.Vpc(\"foo\",\n cidr_block=\"10.0.0.0/16\",\n tags={\n \"Name\": \"tf-test\",\n })\nfoo_subnet = aws.ec2.Subnet(\"foo\",\n vpc_id=foo.id,\n cidr_block=\"10.0.0.0/24\",\n availability_zone=\"us-west-2a\",\n tags={\n \"Name\": \"tf-test\",\n })\nbar = aws.elasticache.SubnetGroup(\"bar\",\n name=\"tf-test-cache-subnet\",\n subnet_ids=[foo_subnet.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n Tags = \n {\n { \"Name\", \"tf-test\" },\n },\n });\n\n var fooSubnet = new Aws.Ec2.Subnet(\"foo\", new()\n {\n VpcId = foo.Id,\n CidrBlock = \"10.0.0.0/24\",\n AvailabilityZone = \"us-west-2a\",\n Tags = \n {\n { \"Name\", \"tf-test\" },\n },\n });\n\n var bar = new Aws.ElastiCache.SubnetGroup(\"bar\", new()\n {\n Name = \"tf-test-cache-subnet\",\n SubnetIds = new[]\n {\n fooSubnet.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: foo.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewSubnetGroup(ctx, \"bar\", \u0026elasticache.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-test-cache-subnet\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.elasticache.SubnetGroup;\nimport com.pulumi.aws.elasticache.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Vpc(\"foo\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .tags(Map.of(\"Name\", \"tf-test\"))\n .build());\n\n var fooSubnet = new Subnet(\"fooSubnet\", SubnetArgs.builder()\n .vpcId(foo.id())\n .cidrBlock(\"10.0.0.0/24\")\n .availabilityZone(\"us-west-2a\")\n .tags(Map.of(\"Name\", \"tf-test\"))\n .build());\n\n var bar = new SubnetGroup(\"bar\", SubnetGroupArgs.builder()\n .name(\"tf-test-cache-subnet\")\n .subnetIds(fooSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n tags:\n Name: tf-test\n fooSubnet:\n type: aws:ec2:Subnet\n name: foo\n properties:\n vpcId: ${foo.id}\n cidrBlock: 10.0.0.0/24\n availabilityZone: us-west-2a\n tags:\n Name: tf-test\n bar:\n type: aws:elasticache:SubnetGroup\n properties:\n name: tf-test-cache-subnet\n subnetIds:\n - ${fooSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache Subnet Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:elasticache/subnetGroup:SubnetGroup bar tf-test-cache-subnet\n```\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. ElastiCache converts this name to lowercase.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the cache subnet group.\n" } }, "required": [ "arn", "description", "name", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. ElastiCache converts this name to lowercase.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "Description for the cache subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "Name for the cache subnet group. ElastiCache converts this name to lowercase.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC Subnet IDs for the cache subnet group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the cache subnet group.\n" } }, "type": "object" } }, "aws:elasticache/user:User": { "description": "Provides an ElastiCache user resource.\n\n\u003e **Note:** All arguments including the username and passwords will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.User(\"test\", {\n userId: \"testUserId\",\n userName: \"testUserName\",\n accessString: \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine: \"REDIS\",\n passwords: [\"password123456789\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.User(\"test\",\n user_id=\"testUserId\",\n user_name=\"testUserName\",\n access_string=\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine=\"REDIS\",\n passwords=[\"password123456789\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.User(\"test\", new()\n {\n UserId = \"testUserId\",\n UserName = \"testUserName\",\n AccessString = \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n Engine = \"REDIS\",\n Passwords = new[]\n {\n \"password123456789\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewUser(ctx, \"test\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"testUserId\"),\n\t\t\tUserName: pulumi.String(\"testUserName\"),\n\t\t\tAccessString: pulumi.String(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"password123456789\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.User;\nimport com.pulumi.aws.elasticache.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new User(\"test\", UserArgs.builder()\n .userId(\"testUserId\")\n .userName(\"testUserName\")\n .accessString(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\")\n .engine(\"REDIS\")\n .passwords(\"password123456789\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:User\n properties:\n userId: testUserId\n userName: testUserName\n accessString: on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\n engine: REDIS\n passwords:\n - password123456789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.User(\"test\", {\n userId: \"testUserId\",\n userName: \"testUserName\",\n accessString: \"on ~* +@all\",\n engine: \"REDIS\",\n authenticationMode: {\n type: \"iam\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.User(\"test\",\n user_id=\"testUserId\",\n user_name=\"testUserName\",\n access_string=\"on ~* +@all\",\n engine=\"REDIS\",\n authentication_mode={\n \"type\": \"iam\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.User(\"test\", new()\n {\n UserId = \"testUserId\",\n UserName = \"testUserName\",\n AccessString = \"on ~* +@all\",\n Engine = \"REDIS\",\n AuthenticationMode = new Aws.ElastiCache.Inputs.UserAuthenticationModeArgs\n {\n Type = \"iam\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewUser(ctx, \"test\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"testUserId\"),\n\t\t\tUserName: pulumi.String(\"testUserName\"),\n\t\t\tAccessString: pulumi.String(\"on ~* +@all\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tAuthenticationMode: \u0026elasticache.UserAuthenticationModeArgs{\n\t\t\t\tType: pulumi.String(\"iam\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.User;\nimport com.pulumi.aws.elasticache.UserArgs;\nimport com.pulumi.aws.elasticache.inputs.UserAuthenticationModeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new User(\"test\", UserArgs.builder()\n .userId(\"testUserId\")\n .userName(\"testUserName\")\n .accessString(\"on ~* +@all\")\n .engine(\"REDIS\")\n .authenticationMode(UserAuthenticationModeArgs.builder()\n .type(\"iam\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:User\n properties:\n userId: testUserId\n userName: testUserName\n accessString: on ~* +@all\n engine: REDIS\n authenticationMode:\n type: iam\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.User(\"test\", {\n userId: \"testUserId\",\n userName: \"testUserName\",\n accessString: \"on ~* +@all\",\n engine: \"REDIS\",\n authenticationMode: {\n type: \"password\",\n passwords: [\n \"password1\",\n \"password2\",\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.User(\"test\",\n user_id=\"testUserId\",\n user_name=\"testUserName\",\n access_string=\"on ~* +@all\",\n engine=\"REDIS\",\n authentication_mode={\n \"type\": \"password\",\n \"passwords\": [\n \"password1\",\n \"password2\",\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.User(\"test\", new()\n {\n UserId = \"testUserId\",\n UserName = \"testUserName\",\n AccessString = \"on ~* +@all\",\n Engine = \"REDIS\",\n AuthenticationMode = new Aws.ElastiCache.Inputs.UserAuthenticationModeArgs\n {\n Type = \"password\",\n Passwords = new[]\n {\n \"password1\",\n \"password2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewUser(ctx, \"test\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"testUserId\"),\n\t\t\tUserName: pulumi.String(\"testUserName\"),\n\t\t\tAccessString: pulumi.String(\"on ~* +@all\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tAuthenticationMode: \u0026elasticache.UserAuthenticationModeArgs{\n\t\t\t\tType: pulumi.String(\"password\"),\n\t\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"password1\"),\n\t\t\t\t\tpulumi.String(\"password2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.User;\nimport com.pulumi.aws.elasticache.UserArgs;\nimport com.pulumi.aws.elasticache.inputs.UserAuthenticationModeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new User(\"test\", UserArgs.builder()\n .userId(\"testUserId\")\n .userName(\"testUserName\")\n .accessString(\"on ~* +@all\")\n .engine(\"REDIS\")\n .authenticationMode(UserAuthenticationModeArgs.builder()\n .type(\"password\")\n .passwords( \n \"password1\",\n \"password2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:User\n properties:\n userId: testUserId\n userName: testUserName\n accessString: on ~* +@all\n engine: REDIS\n authenticationMode:\n type: password\n passwords:\n - password1\n - password2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache users using the `user_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/user:User my_user userId1\n```\n", "properties": { "accessString": { "type": "string", "description": "Access permissions string used for this user. See [Specifying Permissions Using an Access String](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.RBAC.html#Access-string) for more details.\n" }, "arn": { "type": "string", "description": "The ARN of the created ElastiCache User.\n" }, "authenticationMode": { "$ref": "#/types/aws:elasticache/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n" }, "noPasswordRequired": { "type": "boolean", "description": "Indicates a password is not required for this user.\n" }, "passwords": { "type": "array", "items": { "type": "string" }, "description": "Passwords used for this user. You can create up to two passwords for each user.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to be added to this resource. A tag is a key-value pair.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "userId": { "type": "string", "description": "The ID of the user.\n" }, "userName": { "type": "string", "description": "The username of the user.\n\nThe following arguments are optional:\n" } }, "required": [ "accessString", "arn", "authenticationMode", "engine", "tagsAll", "userId", "userName" ], "inputProperties": { "accessString": { "type": "string", "description": "Access permissions string used for this user. See [Specifying Permissions Using an Access String](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.RBAC.html#Access-string) for more details.\n" }, "authenticationMode": { "$ref": "#/types/aws:elasticache/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n", "willReplaceOnChanges": true }, "noPasswordRequired": { "type": "boolean", "description": "Indicates a password is not required for this user.\n" }, "passwords": { "type": "array", "items": { "type": "string" }, "description": "Passwords used for this user. You can create up to two passwords for each user.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to be added to this resource. A tag is a key-value pair.\n" }, "userId": { "type": "string", "description": "The ID of the user.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The username of the user.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accessString", "engine", "userId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "accessString": { "type": "string", "description": "Access permissions string used for this user. See [Specifying Permissions Using an Access String](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.RBAC.html#Access-string) for more details.\n" }, "arn": { "type": "string", "description": "The ARN of the created ElastiCache User.\n" }, "authenticationMode": { "$ref": "#/types/aws:elasticache/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n", "willReplaceOnChanges": true }, "noPasswordRequired": { "type": "boolean", "description": "Indicates a password is not required for this user.\n" }, "passwords": { "type": "array", "items": { "type": "string" }, "description": "Passwords used for this user. You can create up to two passwords for each user.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to be added to this resource. A tag is a key-value pair.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "userId": { "type": "string", "description": "The ID of the user.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The username of the user.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elasticache/userGroup:UserGroup": { "description": "Provides an ElastiCache user group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.elasticache.User(\"test\", {\n userId: \"testUserId\",\n userName: \"default\",\n accessString: \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine: \"REDIS\",\n passwords: [\"password123456789\"],\n});\nconst testUserGroup = new aws.elasticache.UserGroup(\"test\", {\n engine: \"REDIS\",\n userGroupId: \"userGroupId\",\n userIds: [test.userId],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.elasticache.User(\"test\",\n user_id=\"testUserId\",\n user_name=\"default\",\n access_string=\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine=\"REDIS\",\n passwords=[\"password123456789\"])\ntest_user_group = aws.elasticache.UserGroup(\"test\",\n engine=\"REDIS\",\n user_group_id=\"userGroupId\",\n user_ids=[test.user_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ElastiCache.User(\"test\", new()\n {\n UserId = \"testUserId\",\n UserName = \"default\",\n AccessString = \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n Engine = \"REDIS\",\n Passwords = new[]\n {\n \"password123456789\",\n },\n });\n\n var testUserGroup = new Aws.ElastiCache.UserGroup(\"test\", new()\n {\n Engine = \"REDIS\",\n UserGroupId = \"userGroupId\",\n UserIds = new[]\n {\n test.UserId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := elasticache.NewUser(ctx, \"test\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"testUserId\"),\n\t\t\tUserName: pulumi.String(\"default\"),\n\t\t\tAccessString: pulumi.String(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"password123456789\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewUserGroup(ctx, \"test\", \u0026elasticache.UserGroupArgs{\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tUserGroupId: pulumi.String(\"userGroupId\"),\n\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\ttest.UserId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.User;\nimport com.pulumi.aws.elasticache.UserArgs;\nimport com.pulumi.aws.elasticache.UserGroup;\nimport com.pulumi.aws.elasticache.UserGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new User(\"test\", UserArgs.builder()\n .userId(\"testUserId\")\n .userName(\"default\")\n .accessString(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\")\n .engine(\"REDIS\")\n .passwords(\"password123456789\")\n .build());\n\n var testUserGroup = new UserGroup(\"testUserGroup\", UserGroupArgs.builder()\n .engine(\"REDIS\")\n .userGroupId(\"userGroupId\")\n .userIds(test.userId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:elasticache:User\n properties:\n userId: testUserId\n userName: default\n accessString: on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\n engine: REDIS\n passwords:\n - password123456789\n testUserGroup:\n type: aws:elasticache:UserGroup\n name: test\n properties:\n engine: REDIS\n userGroupId: userGroupId\n userIds:\n - ${test.userId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache user groups using the `user_group_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/userGroup:UserGroup my_user_group userGoupId1\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that identifies the user group.\n" }, "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userGroupId": { "type": "string", "description": "The ID of the user group.\n\nThe following arguments are optional:\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The list of user IDs that belong to the user group.\n" } }, "required": [ "arn", "engine", "tagsAll", "userGroupId" ], "inputProperties": { "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userGroupId": { "type": "string", "description": "The ID of the user group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The list of user IDs that belong to the user group.\n" } }, "requiredInputs": [ "engine", "userGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that identifies the user group.\n" }, "engine": { "type": "string", "description": "The current supported value is `REDIS`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userGroupId": { "type": "string", "description": "The ID of the user group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The list of user IDs that belong to the user group.\n" } }, "type": "object" } }, "aws:elasticache/userGroupAssociation:UserGroupAssociation": { "description": "Associate an existing ElastiCache user and an existing user group.\n\n\u003e **NOTE:** The provider will detect changes in the `aws.elasticache.UserGroup` since `aws.elasticache.UserGroupAssociation` changes the user IDs associated with the user group. You can ignore these changes with the `ignore_changes` option as shown in the example.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.elasticache.User(\"default\", {\n userId: \"defaultUserID\",\n userName: \"default\",\n accessString: \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine: \"REDIS\",\n passwords: [\"password123456789\"],\n});\nconst example = new aws.elasticache.UserGroup(\"example\", {\n engine: \"REDIS\",\n userGroupId: \"userGroupId\",\n userIds: [_default.userId],\n});\nconst exampleUser = new aws.elasticache.User(\"example\", {\n userId: \"exampleUserID\",\n userName: \"exampleuser\",\n accessString: \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine: \"REDIS\",\n passwords: [\"password123456789\"],\n});\nconst exampleUserGroupAssociation = new aws.elasticache.UserGroupAssociation(\"example\", {\n userGroupId: example.userGroupId,\n userId: exampleUser.userId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.elasticache.User(\"default\",\n user_id=\"defaultUserID\",\n user_name=\"default\",\n access_string=\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine=\"REDIS\",\n passwords=[\"password123456789\"])\nexample = aws.elasticache.UserGroup(\"example\",\n engine=\"REDIS\",\n user_group_id=\"userGroupId\",\n user_ids=[default.user_id])\nexample_user = aws.elasticache.User(\"example\",\n user_id=\"exampleUserID\",\n user_name=\"exampleuser\",\n access_string=\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n engine=\"REDIS\",\n passwords=[\"password123456789\"])\nexample_user_group_association = aws.elasticache.UserGroupAssociation(\"example\",\n user_group_id=example.user_group_id,\n user_id=example_user.user_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.ElastiCache.User(\"default\", new()\n {\n UserId = \"defaultUserID\",\n UserName = \"default\",\n AccessString = \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n Engine = \"REDIS\",\n Passwords = new[]\n {\n \"password123456789\",\n },\n });\n\n var example = new Aws.ElastiCache.UserGroup(\"example\", new()\n {\n Engine = \"REDIS\",\n UserGroupId = \"userGroupId\",\n UserIds = new[]\n {\n @default.UserId,\n },\n });\n\n var exampleUser = new Aws.ElastiCache.User(\"example\", new()\n {\n UserId = \"exampleUserID\",\n UserName = \"exampleuser\",\n AccessString = \"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\",\n Engine = \"REDIS\",\n Passwords = new[]\n {\n \"password123456789\",\n },\n });\n\n var exampleUserGroupAssociation = new Aws.ElastiCache.UserGroupAssociation(\"example\", new()\n {\n UserGroupId = example.UserGroupId,\n UserId = exampleUser.UserId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.NewUser(ctx, \"default\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"defaultUserID\"),\n\t\t\tUserName: pulumi.String(\"default\"),\n\t\t\tAccessString: pulumi.String(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"password123456789\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := elasticache.NewUserGroup(ctx, \"example\", \u0026elasticache.UserGroupArgs{\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tUserGroupId: pulumi.String(\"userGroupId\"),\n\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\t_default.UserId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := elasticache.NewUser(ctx, \"example\", \u0026elasticache.UserArgs{\n\t\t\tUserId: pulumi.String(\"exampleUserID\"),\n\t\t\tUserName: pulumi.String(\"exampleuser\"),\n\t\t\tAccessString: pulumi.String(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\"),\n\t\t\tEngine: pulumi.String(\"REDIS\"),\n\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"password123456789\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticache.NewUserGroupAssociation(ctx, \"example\", \u0026elasticache.UserGroupAssociationArgs{\n\t\t\tUserGroupId: example.UserGroupId,\n\t\t\tUserId: exampleUser.UserId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.User;\nimport com.pulumi.aws.elasticache.UserArgs;\nimport com.pulumi.aws.elasticache.UserGroup;\nimport com.pulumi.aws.elasticache.UserGroupArgs;\nimport com.pulumi.aws.elasticache.UserGroupAssociation;\nimport com.pulumi.aws.elasticache.UserGroupAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new User(\"default\", UserArgs.builder()\n .userId(\"defaultUserID\")\n .userName(\"default\")\n .accessString(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\")\n .engine(\"REDIS\")\n .passwords(\"password123456789\")\n .build());\n\n var example = new UserGroup(\"example\", UserGroupArgs.builder()\n .engine(\"REDIS\")\n .userGroupId(\"userGroupId\")\n .userIds(default_.userId())\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .userId(\"exampleUserID\")\n .userName(\"exampleuser\")\n .accessString(\"on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\")\n .engine(\"REDIS\")\n .passwords(\"password123456789\")\n .build());\n\n var exampleUserGroupAssociation = new UserGroupAssociation(\"exampleUserGroupAssociation\", UserGroupAssociationArgs.builder()\n .userGroupId(example.userGroupId())\n .userId(exampleUser.userId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:elasticache:User\n properties:\n userId: defaultUserID\n userName: default\n accessString: on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\n engine: REDIS\n passwords:\n - password123456789\n example:\n type: aws:elasticache:UserGroup\n properties:\n engine: REDIS\n userGroupId: userGroupId\n userIds:\n - ${default.userId}\n exampleUser:\n type: aws:elasticache:User\n name: example\n properties:\n userId: exampleUserID\n userName: exampleuser\n accessString: on ~app::* -@all +@read +@hash +@bitmap +@geo -setbit -bitfield -hset -hsetnx -hmset -hincrby -hincrbyfloat -hdel -bitop -geoadd -georadius -georadiusbymember\n engine: REDIS\n passwords:\n - password123456789\n exampleUserGroupAssociation:\n type: aws:elasticache:UserGroupAssociation\n name: example\n properties:\n userGroupId: ${example.userGroupId}\n userId: ${exampleUser.userId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ElastiCache user group associations using the `user_group_id` and `user_id`. For example:\n\n```sh\n$ pulumi import aws:elasticache/userGroupAssociation:UserGroupAssociation example userGoupId1,userId\n```\n", "properties": { "userGroupId": { "type": "string", "description": "ID of the user group.\n" }, "userId": { "type": "string", "description": "ID of the user to associated with the user group.\n" } }, "required": [ "userGroupId", "userId" ], "inputProperties": { "userGroupId": { "type": "string", "description": "ID of the user group.\n", "willReplaceOnChanges": true }, "userId": { "type": "string", "description": "ID of the user to associated with the user group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "userGroupId", "userId" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroupAssociation resources.\n", "properties": { "userGroupId": { "type": "string", "description": "ID of the user group.\n", "willReplaceOnChanges": true }, "userId": { "type": "string", "description": "ID of the user to associated with the user group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elasticbeanstalk/application:Application": { "description": "Provides an Elastic Beanstalk Application Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nThis resource creates an application that has one configuration template named\n`default`, and no application versions\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n name: \"tf-test-name\",\n description: \"tf-test-desc\",\n appversionLifecycle: {\n serviceRole: beanstalkService.arn,\n maxCount: 128,\n deleteSourceFromS3: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\",\n name=\"tf-test-name\",\n description=\"tf-test-desc\",\n appversion_lifecycle={\n \"service_role\": beanstalk_service[\"arn\"],\n \"max_count\": 128,\n \"delete_source_from_s3\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new()\n {\n Name = \"tf-test-name\",\n Description = \"tf-test-desc\",\n AppversionLifecycle = new Aws.ElasticBeanstalk.Inputs.ApplicationAppversionLifecycleArgs\n {\n ServiceRole = beanstalkService.Arn,\n MaxCount = 128,\n DeleteSourceFromS3 = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t\tAppversionLifecycle: \u0026elasticbeanstalk.ApplicationAppversionLifecycleArgs{\n\t\t\t\tServiceRole: pulumi.Any(beanstalkService.Arn),\n\t\t\t\tMaxCount: pulumi.Int(128),\n\t\t\t\tDeleteSourceFromS3: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.Application;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationArgs;\nimport com.pulumi.aws.elasticbeanstalk.inputs.ApplicationAppversionLifecycleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tftest = new Application(\"tftest\", ApplicationArgs.builder()\n .name(\"tf-test-name\")\n .description(\"tf-test-desc\")\n .appversionLifecycle(ApplicationAppversionLifecycleArgs.builder()\n .serviceRole(beanstalkService.arn())\n .maxCount(128)\n .deleteSourceFromS3(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tftest:\n type: aws:elasticbeanstalk:Application\n properties:\n name: tf-test-name\n description: tf-test-desc\n appversionLifecycle:\n serviceRole: ${beanstalkService.arn}\n maxCount: 128\n deleteSourceFromS3: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elastic Beanstalk Applications using the `name`. For example:\n\n```sh\n$ pulumi import aws:elasticbeanstalk/application:Application tf_test tf-test-name\n```\n", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/ApplicationAppversionLifecycle:ApplicationAppversionLifecycle" }, "arn": { "type": "string", "description": "The ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "description": { "type": "string", "description": "Short description of the application\n" }, "name": { "type": "string", "description": "The name of the application, must be unique within your account\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:elasticbeanstalk/applicationVersion:ApplicationVersion": { "description": "Provides an Elastic Beanstalk Application Version Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nThis resource creates a Beanstalk Application Version that can be deployed to a Beanstalk\nEnvironment.\n\n\u003e **NOTE on Application Version Resource:** When using the Application Version resource with multiple\nElastic Beanstalk Environments it is possible that an error may be returned\nwhen attempting to delete an Application Version while it is still in use by a different environment.\nTo work around this you can either create each environment in a separate AWS account or create your `aws.elasticbeanstalk.ApplicationVersion` resources with a unique names in your Elastic Beanstalk Application. For example \u0026lt;revision\u0026gt;-\u0026lt;environment\u0026gt;.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.s3.BucketV2(\"default\", {bucket: \"tftest.applicationversion.bucket\"});\nconst defaultBucketObjectv2 = new aws.s3.BucketObjectv2(\"default\", {\n bucket: _default.id,\n key: \"beanstalk/go-v1.zip\",\n source: new pulumi.asset.FileAsset(\"go-v1.zip\"),\n});\nconst defaultApplication = new aws.elasticbeanstalk.Application(\"default\", {\n name: \"tf-test-name\",\n description: \"tf-test-desc\",\n});\nconst defaultApplicationVersion = new aws.elasticbeanstalk.ApplicationVersion(\"default\", {\n name: \"tf-test-version-label\",\n application: \"tf-test-name\",\n description: \"application version\",\n bucket: _default.id,\n key: defaultBucketObjectv2.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.s3.BucketV2(\"default\", bucket=\"tftest.applicationversion.bucket\")\ndefault_bucket_objectv2 = aws.s3.BucketObjectv2(\"default\",\n bucket=default.id,\n key=\"beanstalk/go-v1.zip\",\n source=pulumi.FileAsset(\"go-v1.zip\"))\ndefault_application = aws.elasticbeanstalk.Application(\"default\",\n name=\"tf-test-name\",\n description=\"tf-test-desc\")\ndefault_application_version = aws.elasticbeanstalk.ApplicationVersion(\"default\",\n name=\"tf-test-version-label\",\n application=\"tf-test-name\",\n description=\"application version\",\n bucket=default.id,\n key=default_bucket_objectv2.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.S3.BucketV2(\"default\", new()\n {\n Bucket = \"tftest.applicationversion.bucket\",\n });\n\n var defaultBucketObjectv2 = new Aws.S3.BucketObjectv2(\"default\", new()\n {\n Bucket = @default.Id,\n Key = \"beanstalk/go-v1.zip\",\n Source = new FileAsset(\"go-v1.zip\"),\n });\n\n var defaultApplication = new Aws.ElasticBeanstalk.Application(\"default\", new()\n {\n Name = \"tf-test-name\",\n Description = \"tf-test-desc\",\n });\n\n var defaultApplicationVersion = new Aws.ElasticBeanstalk.ApplicationVersion(\"default\", new()\n {\n Name = \"tf-test-version-label\",\n Application = \"tf-test-name\",\n Description = \"application version\",\n Bucket = @default.Id,\n Key = defaultBucketObjectv2.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketV2(ctx, \"default\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tftest.applicationversion.bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"default\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: _default.ID(),\n\t\t\tKey: pulumi.String(\"beanstalk/go-v1.zip\"),\n\t\t\tSource: pulumi.NewFileAsset(\"go-v1.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewApplication(ctx, \"default\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewApplicationVersion(ctx, \"default\", \u0026elasticbeanstalk.ApplicationVersionArgs{\n\t\t\tName: pulumi.String(\"tf-test-version-label\"),\n\t\t\tApplication: pulumi.Any(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"application version\"),\n\t\t\tBucket: _default.ID(),\n\t\t\tKey: defaultBucketObjectv2.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.elasticbeanstalk.Application;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationArgs;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationVersion;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationVersionArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new BucketV2(\"default\", BucketV2Args.builder()\n .bucket(\"tftest.applicationversion.bucket\")\n .build());\n\n var defaultBucketObjectv2 = new BucketObjectv2(\"defaultBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(default_.id())\n .key(\"beanstalk/go-v1.zip\")\n .source(new FileAsset(\"go-v1.zip\"))\n .build());\n\n var defaultApplication = new Application(\"defaultApplication\", ApplicationArgs.builder()\n .name(\"tf-test-name\")\n .description(\"tf-test-desc\")\n .build());\n\n var defaultApplicationVersion = new ApplicationVersion(\"defaultApplicationVersion\", ApplicationVersionArgs.builder()\n .name(\"tf-test-version-label\")\n .application(\"tf-test-name\")\n .description(\"application version\")\n .bucket(default_.id())\n .key(defaultBucketObjectv2.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:s3:BucketV2\n properties:\n bucket: tftest.applicationversion.bucket\n defaultBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: default\n properties:\n bucket: ${default.id}\n key: beanstalk/go-v1.zip\n source:\n fn::FileAsset: go-v1.zip\n defaultApplication:\n type: aws:elasticbeanstalk:Application\n name: default\n properties:\n name: tf-test-name\n description: tf-test-desc\n defaultApplicationVersion:\n type: aws:elasticbeanstalk:ApplicationVersion\n name: default\n properties:\n name: tf-test-version-label\n application: tf-test-name\n description: application version\n bucket: ${default.id}\n key: ${defaultBucketObjectv2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "application": { "type": "string", "description": "Name of the Beanstalk Application the version is associated with.\n" }, "arn": { "type": "string", "description": "ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "bucket": { "type": "string", "description": "S3 bucket that contains the Application Version source bundle.\n" }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use by multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n" }, "name": { "type": "string", "description": "Unique name for the this Application Version.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "application", "arn", "bucket", "key", "name", "tagsAll" ], "inputProperties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the Beanstalk Application the version is associated with.\n", "willReplaceOnChanges": true }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "S3 bucket that contains the Application Version source bundle.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use by multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the this Application Version.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "application", "bucket", "key" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationVersion resources.\n", "properties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the Beanstalk Application the version is associated with.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN assigned by AWS for this Elastic Beanstalk Application.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "S3 bucket that contains the Application Version source bundle.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Application Version.\n" }, "forceDelete": { "type": "boolean", "description": "On delete, force an Application Version to be deleted when it may be in use by multiple Elastic Beanstalk Environments.\n" }, "key": { "type": "string", "description": "S3 object that is the Application Version source bundle.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the this Application Version.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Elastic Beanstalk Application Version. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:elasticbeanstalk/configurationTemplate:ConfigurationTemplate": { "description": "Provides an Elastic Beanstalk Configuration Template, which are associated with\na specific application and are used to deploy different versions of the\napplication with the same configuration settings.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n name: \"tf-test-name\",\n description: \"tf-test-desc\",\n});\nconst myTemplate = new aws.elasticbeanstalk.ConfigurationTemplate(\"my_template\", {\n name: \"tf-test-template-config\",\n application: tftest.name,\n solutionStackName: \"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\",\n name=\"tf-test-name\",\n description=\"tf-test-desc\")\nmy_template = aws.elasticbeanstalk.ConfigurationTemplate(\"my_template\",\n name=\"tf-test-template-config\",\n application=tftest.name,\n solution_stack_name=\"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new()\n {\n Name = \"tf-test-name\",\n Description = \"tf-test-desc\",\n });\n\n var myTemplate = new Aws.ElasticBeanstalk.ConfigurationTemplate(\"my_template\", new()\n {\n Name = \"tf-test-template-config\",\n Application = tftest.Name,\n SolutionStackName = \"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewConfigurationTemplate(ctx, \"my_template\", \u0026elasticbeanstalk.ConfigurationTemplateArgs{\n\t\t\tName: pulumi.String(\"tf-test-template-config\"),\n\t\t\tApplication: tftest.Name,\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.Application;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationArgs;\nimport com.pulumi.aws.elasticbeanstalk.ConfigurationTemplate;\nimport com.pulumi.aws.elasticbeanstalk.ConfigurationTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tftest = new Application(\"tftest\", ApplicationArgs.builder()\n .name(\"tf-test-name\")\n .description(\"tf-test-desc\")\n .build());\n\n var myTemplate = new ConfigurationTemplate(\"myTemplate\", ConfigurationTemplateArgs.builder()\n .name(\"tf-test-template-config\")\n .application(tftest.name())\n .solutionStackName(\"64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tftest:\n type: aws:elasticbeanstalk:Application\n properties:\n name: tf-test-name\n description: tf-test-desc\n myTemplate:\n type: aws:elasticbeanstalk:ConfigurationTemplate\n name: my_template\n properties:\n name: tf-test-template-config\n application: ${tftest.name}\n solutionStackName: 64bit Amazon Linux 2015.09 v2.0.8 running Go 1.4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Option Settings\n\nThe `setting` field supports the following format:\n\n* `namespace` - unique namespace identifying the option's associated AWS resource\n* `name` - name of the configuration option\n* `value` - value for the configuration option\n* `resource` - (Optional) resource name for [scheduled action](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-autoscalingscheduledaction)\n", "properties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n" }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n" }, "name": { "type": "string", "description": "A unique name for this Template.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation][1]\n" } }, "required": [ "application", "name", "settings" ], "inputProperties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A unique name for this Template.\n", "willReplaceOnChanges": true }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation][1]\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "application" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationTemplate resources.\n", "properties": { "application": { "type": "string", "description": "name of the application to associate with this configuration template\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Template\n" }, "environmentId": { "type": "string", "description": "The ID of the environment used with this configuration template\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A unique name for this Template.\n", "willReplaceOnChanges": true }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/ConfigurationTemplateSetting:ConfigurationTemplateSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your Template\noff of. Example stacks can be found in the [Amazon API documentation][1]\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elasticbeanstalk/environment:Environment": { "description": "Provides an Elastic Beanstalk Environment Resource. Elastic Beanstalk allows\nyou to deploy and manage applications in the AWS cloud without worrying about\nthe infrastructure that runs those applications.\n\nEnvironments are often things such as `development`, `integration`, or\n`production`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n name: \"tf-test-name\",\n description: \"tf-test-desc\",\n});\nconst tfenvtest = new aws.elasticbeanstalk.Environment(\"tfenvtest\", {\n name: \"tf-test-name\",\n application: tftest.name,\n solutionStackName: \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\",\n name=\"tf-test-name\",\n description=\"tf-test-desc\")\ntfenvtest = aws.elasticbeanstalk.Environment(\"tfenvtest\",\n name=\"tf-test-name\",\n application=tftest.name,\n solution_stack_name=\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new()\n {\n Name = \"tf-test-name\",\n Description = \"tf-test-desc\",\n });\n\n var tfenvtest = new Aws.ElasticBeanstalk.Environment(\"tfenvtest\", new()\n {\n Name = \"tf-test-name\",\n Application = tftest.Name,\n SolutionStackName = \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewEnvironment(ctx, \"tfenvtest\", \u0026elasticbeanstalk.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tApplication: tftest.Name,\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.Application;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationArgs;\nimport com.pulumi.aws.elasticbeanstalk.Environment;\nimport com.pulumi.aws.elasticbeanstalk.EnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tftest = new Application(\"tftest\", ApplicationArgs.builder()\n .name(\"tf-test-name\")\n .description(\"tf-test-desc\")\n .build());\n\n var tfenvtest = new Environment(\"tfenvtest\", EnvironmentArgs.builder()\n .name(\"tf-test-name\")\n .application(tftest.name())\n .solutionStackName(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tftest:\n type: aws:elasticbeanstalk:Application\n properties:\n name: tf-test-name\n description: tf-test-desc\n tfenvtest:\n type: aws:elasticbeanstalk:Environment\n properties:\n name: tf-test-name\n application: ${tftest.name}\n solutionStackName: 64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Option Settings\n\nSome options can be stack-specific, check [AWS Docs](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html)\nfor supported options and examples.\n\nThe `setting` and `all_settings` mappings support the following format:\n\n* `namespace` - unique namespace identifying the option's associated AWS resource\n* `name` - name of the configuration option\n* `value` - value for the configuration option\n* `resource` - (Optional) resource name for [scheduled action](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-autoscalingscheduledaction)\n\n### Example With Options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tftest = new aws.elasticbeanstalk.Application(\"tftest\", {\n name: \"tf-test-name\",\n description: \"tf-test-desc\",\n});\nconst tfenvtest = new aws.elasticbeanstalk.Environment(\"tfenvtest\", {\n name: \"tf-test-name\",\n application: tftest.name,\n solutionStackName: \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n settings: [\n {\n namespace: \"aws:ec2:vpc\",\n name: \"VPCId\",\n value: \"vpc-xxxxxxxx\",\n },\n {\n namespace: \"aws:ec2:vpc\",\n name: \"Subnets\",\n value: \"subnet-xxxxxxxx\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntftest = aws.elasticbeanstalk.Application(\"tftest\",\n name=\"tf-test-name\",\n description=\"tf-test-desc\")\ntfenvtest = aws.elasticbeanstalk.Environment(\"tfenvtest\",\n name=\"tf-test-name\",\n application=tftest.name,\n solution_stack_name=\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n settings=[\n {\n \"namespace\": \"aws:ec2:vpc\",\n \"name\": \"VPCId\",\n \"value\": \"vpc-xxxxxxxx\",\n },\n {\n \"namespace\": \"aws:ec2:vpc\",\n \"name\": \"Subnets\",\n \"value\": \"subnet-xxxxxxxx\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tftest = new Aws.ElasticBeanstalk.Application(\"tftest\", new()\n {\n Name = \"tf-test-name\",\n Description = \"tf-test-desc\",\n });\n\n var tfenvtest = new Aws.ElasticBeanstalk.Environment(\"tfenvtest\", new()\n {\n Name = \"tf-test-name\",\n Application = tftest.Name,\n SolutionStackName = \"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\",\n Settings = new[]\n {\n new Aws.ElasticBeanstalk.Inputs.EnvironmentSettingArgs\n {\n Namespace = \"aws:ec2:vpc\",\n Name = \"VPCId\",\n Value = \"vpc-xxxxxxxx\",\n },\n new Aws.ElasticBeanstalk.Inputs.EnvironmentSettingArgs\n {\n Namespace = \"aws:ec2:vpc\",\n Name = \"Subnets\",\n Value = \"subnet-xxxxxxxx\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttftest, err := elasticbeanstalk.NewApplication(ctx, \"tftest\", \u0026elasticbeanstalk.ApplicationArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tDescription: pulumi.String(\"tf-test-desc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticbeanstalk.NewEnvironment(ctx, \"tfenvtest\", \u0026elasticbeanstalk.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"tf-test-name\"),\n\t\t\tApplication: tftest.Name,\n\t\t\tSolutionStackName: pulumi.String(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\"),\n\t\t\tSettings: elasticbeanstalk.EnvironmentSettingArray{\n\t\t\t\t\u0026elasticbeanstalk.EnvironmentSettingArgs{\n\t\t\t\t\tNamespace: pulumi.String(\"aws:ec2:vpc\"),\n\t\t\t\t\tName: pulumi.String(\"VPCId\"),\n\t\t\t\t\tValue: pulumi.String(\"vpc-xxxxxxxx\"),\n\t\t\t\t},\n\t\t\t\t\u0026elasticbeanstalk.EnvironmentSettingArgs{\n\t\t\t\t\tNamespace: pulumi.String(\"aws:ec2:vpc\"),\n\t\t\t\t\tName: pulumi.String(\"Subnets\"),\n\t\t\t\t\tValue: pulumi.String(\"subnet-xxxxxxxx\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.Application;\nimport com.pulumi.aws.elasticbeanstalk.ApplicationArgs;\nimport com.pulumi.aws.elasticbeanstalk.Environment;\nimport com.pulumi.aws.elasticbeanstalk.EnvironmentArgs;\nimport com.pulumi.aws.elasticbeanstalk.inputs.EnvironmentSettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tftest = new Application(\"tftest\", ApplicationArgs.builder()\n .name(\"tf-test-name\")\n .description(\"tf-test-desc\")\n .build());\n\n var tfenvtest = new Environment(\"tfenvtest\", EnvironmentArgs.builder()\n .name(\"tf-test-name\")\n .application(tftest.name())\n .solutionStackName(\"64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\")\n .settings( \n EnvironmentSettingArgs.builder()\n .namespace(\"aws:ec2:vpc\")\n .name(\"VPCId\")\n .value(\"vpc-xxxxxxxx\")\n .build(),\n EnvironmentSettingArgs.builder()\n .namespace(\"aws:ec2:vpc\")\n .name(\"Subnets\")\n .value(\"subnet-xxxxxxxx\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tftest:\n type: aws:elasticbeanstalk:Application\n properties:\n name: tf-test-name\n description: tf-test-desc\n tfenvtest:\n type: aws:elasticbeanstalk:Environment\n properties:\n name: tf-test-name\n application: ${tftest.name}\n solutionStackName: 64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4\n settings:\n - namespace: aws:ec2:vpc\n name: VPCId\n value: vpc-xxxxxxxx\n - namespace: aws:ec2:vpc\n name: Subnets\n value: subnet-xxxxxxxx\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elastic Beanstalk Environments using the `id`. For example:\n\n```sh\n$ pulumi import aws:elasticbeanstalk/environment:Environment prodenv e-rpqsewtp2j\n```\n", "properties": { "allSettings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting" }, "description": "List of all option settings configured in this Environment. These\nare a combination of default settings and their overrides from `setting` in\nthe configuration.\n" }, "application": { "type": "string", "description": "Name of the application that contains the version\nto be deployed\n" }, "arn": { "type": "string" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "The autoscaling groups used by this Environment.\n" }, "cname": { "type": "string", "description": "Fully qualified DNS name for this Environment.\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n" }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "endpointUrl": { "type": "string", "description": "The URL to the Load Balancer for this Environment\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "Instances used by this Environment.\n" }, "launchConfigurations": { "type": "array", "items": { "type": "string" }, "description": "Launch configurations in use by this Environment.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "Elastic load balancers in use by this Environment.\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n" }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "queues": { "type": "array", "items": { "type": "string" }, "description": "SQS queues in use by this Environment.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n" }, "triggers": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling triggers in use by this Environment.\n" }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "required": [ "allSettings", "application", "arn", "autoscalingGroups", "cname", "cnamePrefix", "endpointUrl", "instances", "launchConfigurations", "loadBalancers", "name", "platformArn", "queues", "solutionStackName", "tagsAll", "triggers", "version" ], "inputProperties": { "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the application that contains the version\nto be deployed\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n", "willReplaceOnChanges": true }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "requiredInputs": [ "application" ], "stateInputs": { "description": "Input properties used for looking up and filtering Environment resources.\n", "properties": { "allSettings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentAllSetting:EnvironmentAllSetting" }, "description": "List of all option settings configured in this Environment. These\nare a combination of default settings and their overrides from `setting` in\nthe configuration.\n" }, "application": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/application:Application" } ], "description": "Name of the application that contains the version\nto be deployed\n" }, "arn": { "type": "string" }, "autoscalingGroups": { "type": "array", "items": { "type": "string" }, "description": "The autoscaling groups used by this Environment.\n" }, "cname": { "type": "string", "description": "Fully qualified DNS name for this Environment.\n" }, "cnamePrefix": { "type": "string", "description": "Prefix to use for the fully qualified DNS name of\nthe Environment.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Short description of the Environment\n" }, "endpointUrl": { "type": "string", "description": "The URL to the Load Balancer for this Environment\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "Instances used by this Environment.\n" }, "launchConfigurations": { "type": "array", "items": { "type": "string" }, "description": "Launch configurations in use by this Environment.\n" }, "loadBalancers": { "type": "array", "items": { "type": "string" }, "description": "Elastic load balancers in use by this Environment.\n" }, "name": { "type": "string", "description": "A unique name for this Environment. This name is used\nin the application URL\n", "willReplaceOnChanges": true }, "platformArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Elastic Beanstalk [Platform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk-environment.html#cfn-beanstalk-environment-platformarn)\nto use in deployment\n" }, "pollInterval": { "type": "string", "description": "The time between polling the AWS API to\ncheck if changes have been applied. Use this to adjust the rate of API calls\nfor any `create` or `update` action. Minimum `10s`, maximum `180s`. Omit this to\nuse the default behavior, which is an exponential backoff\n" }, "queues": { "type": "array", "items": { "type": "string" }, "description": "SQS queues in use by this Environment.\n" }, "settings": { "type": "array", "items": { "$ref": "#/types/aws:elasticbeanstalk/EnvironmentSetting:EnvironmentSetting" }, "description": "Option settings to configure the new Environment. These\noverride specific values that are set as defaults. The format is detailed\nbelow in Option Settings\n" }, "solutionStackName": { "type": "string", "description": "A solution stack to base your environment\noff of. Example stacks can be found in the [Amazon API documentation](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A set of tags to apply to the Environment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateName": { "type": "string", "description": "The name of the Elastic Beanstalk Configuration\ntemplate to use in deployment\n" }, "tier": { "type": "string", "description": "Elastic Beanstalk Environment tier. Valid values are `Worker`\nor `WebServer`. If tier is left blank `WebServer` will be used.\n", "willReplaceOnChanges": true }, "triggers": { "type": "array", "items": { "type": "string" }, "description": "Autoscaling triggers in use by this Environment.\n" }, "version": { "type": "string", "$ref": "#/types/aws:elasticbeanstalk/applicationVersion:ApplicationVersion", "description": "The name of the Elastic Beanstalk Application Version\nto use in deployment.\n" }, "waitForReadyTimeout": { "type": "string", "description": "The maximum\n[duration](https://golang.org/pkg/time/#ParseDuration) that this provider should\nwait for an Elastic Beanstalk Environment to be in a ready state before timing\nout.\n" } }, "type": "object" } }, "aws:elasticsearch/domain:Domain": { "description": "Manages an AWS Elasticsearch Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: \"example\",\n elasticsearchVersion: \"7.10\",\n clusterConfig: {\n instanceType: \"r4.large.elasticsearch\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=\"example\",\n elasticsearch_version=\"7.10\",\n cluster_config={\n \"instance_type\": \"r4.large.elasticsearch\",\n },\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n ElasticsearchVersion = \"7.10\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.elasticsearch\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tElasticsearchVersion: pulumi.String(\"7.10\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.elasticsearch\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .elasticsearchVersion(\"7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.elasticsearch\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: example\n elasticsearchVersion: '7.10'\n clusterConfig:\n instanceType: r4.large.elasticsearch\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.elasticsearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=domain,\n access_policies=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": [\"66.193.100.22/32\"]}}\n }}\n }}\n ]\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": [\"\"66.193.100.22/32\"\"]}}\n }}\n }}\n ]\n}}\n\";\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(domain)\n .accessPolicies(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: ${domain}\n accessPolicies: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n }\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log Publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.elasticsearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"es.amazonaws.com\"],\n }],\n \"actions\": [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n \"resources\": [\"arn:aws:logs:*\"],\n}])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.elasticsearch.Domain(\"example\", log_publishing_options=[{\n \"cloudwatch_log_group_arn\": example_log_group.arn,\n \"log_type\": \"INDEX_SLOW_LOGS\",\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.ElasticSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tLogPublishingOptions: elasticsearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026elasticsearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:elasticsearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based ES\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst selected = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst selectedGetSubnets = selected.then(selected =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [selected.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst es = new aws.ec2.SecurityGroup(\"es\", {\n name: `${vpc}-elasticsearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: selected.then(selected =\u003e selected.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [selected.then(selected =\u003e selected.cidrBlock)],\n }],\n});\nconst esServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"es\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst esDomain = new aws.elasticsearch.Domain(\"es\", {\n domainName: domain,\n elasticsearchVersion: \"6.3\",\n clusterConfig: {\n instanceType: \"m4.large.elasticsearch\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[0]),\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [es.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n\t\t}\n\t]\n}\n`),\n tags: {\n Domain: \"TestDomain\",\n },\n}, {\n dependsOn: [esServiceLinkedRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nselected = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nselected_get_subnets = aws.ec2.get_subnets(filters=[{\n \"name\": \"vpc-id\",\n \"values\": [selected.id],\n }],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nes = aws.ec2.SecurityGroup(\"es\",\n name=f\"{vpc}-elasticsearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=selected.id,\n ingress=[{\n \"from_port\": 443,\n \"to_port\": 443,\n \"protocol\": \"tcp\",\n \"cidr_blocks\": [selected.cidr_block],\n }])\nes_service_linked_role = aws.iam.ServiceLinkedRole(\"es\", aws_service_name=\"opensearchservice.amazonaws.com\")\nes_domain = aws.elasticsearch.Domain(\"es\",\n domain_name=domain,\n elasticsearch_version=\"6.3\",\n cluster_config={\n \"instance_type\": \"m4.large.elasticsearch\",\n \"zone_awareness_enabled\": True,\n },\n vpc_options={\n \"subnet_ids\": [\n selected_get_subnets.ids[0],\n selected_get_subnets.ids[1],\n ],\n \"security_group_ids\": [es.id],\n },\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=f\"\"\"{{\n\\x09\"Version\": \"2012-10-17\",\n\\x09\"Statement\": [\n\\x09\\x09{{\n\\x09\\x09\\x09\"Action\": \"es:*\",\n\\x09\\x09\\x09\"Principal\": \"*\",\n\\x09\\x09\\x09\"Effect\": \"Allow\",\n\\x09\\x09\\x09\"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"\n\\x09\\x09}}\n\\x09]\n}}\n\"\"\",\n tags={\n \"Domain\": \"TestDomain\",\n },\n opts = pulumi.ResourceOptions(depends_on=[es_service_linked_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var selected = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var selectedGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var es = new Aws.Ec2.SecurityGroup(\"es\", new()\n {\n Name = $\"{vpc}-elasticsearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var esServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"es\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var esDomain = new Aws.ElasticSearch.Domain(\"es\", new()\n {\n DomainName = domain,\n ElasticsearchVersion = \"6.3\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.elasticsearch\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n es.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{{\n\t\t\t\"\"Action\"\": \"\"es:*\"\",\n\t\t\t\"\"Principal\"\": \"\"*\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\"\n\t\t}}\n\t]\n}}\n\";\n }),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n esServiceLinkedRole,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nselected, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: pulumi.StringMap{\n\"Name\": vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nselectedGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nselected.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nes, err := ec2.NewSecurityGroup(ctx, \"es\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-elasticsearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(selected.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(selected.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nesServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, \"es\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\n_, err = elasticsearch.NewDomain(ctx, \"es\", \u0026elasticsearch.DomainArgs{\nDomainName: pulumi.String(domain),\nElasticsearchVersion: pulumi.String(\"6.3\"),\nClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.elasticsearch\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(selectedGetSubnets.Ids[0]),\npulumi.String(selectedGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nes.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\"\n\t\t}\n\t]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nesServiceLinkedRole,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var selected = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var selectedGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var es = new SecurityGroup(\"es\", SecurityGroupArgs.builder()\n .name(String.format(\"%s-elasticsearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(selected.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var esServiceLinkedRole = new ServiceLinkedRole(\"esServiceLinkedRole\", ServiceLinkedRoleArgs.builder()\n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n var esDomain = new Domain(\"esDomain\", DomainArgs.builder()\n .domainName(domain)\n .elasticsearchVersion(\"6.3\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.elasticsearch\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(es.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(\"\"\"\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\"\n\t\t}\n\t]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(esServiceLinkedRole)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n es:\n type: aws:ec2:SecurityGroup\n properties:\n name: ${vpc}-elasticsearch-${domain}\n description: Managed by Pulumi\n vpcId: ${selected.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${selected.cidrBlock}\n esServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: es\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n esDomain:\n type: aws:elasticsearch:Domain\n name: es\n properties:\n domainName: ${domain}\n elasticsearchVersion: '6.3'\n clusterConfig:\n instanceType: m4.large.elasticsearch\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${selectedGetSubnets.ids[0]}\n - ${selectedGetSubnets.ids[1]}\n securityGroupIds:\n - ${es.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: |\n {\n \t\"Version\": \"2012-10-17\",\n \t\"Statement\": [\n \t\t{\n \t\t\t\"Action\": \"es:*\",\n \t\t\t\"Principal\": \"*\",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n \t\t}\n \t]\n }\n tags:\n Domain: TestDomain\n options:\n dependson:\n - ${esServiceLinkedRole}\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n selectedGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${selected.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elasticsearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:elasticsearch/domain:Domain example domain_name\n```\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your Elasticsearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:elasticsearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the domain.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:elasticsearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating Kibana with Cognito. Detailed below.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n" }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). Detailed below.\n" }, "elasticsearchVersion": { "type": "string", "description": "Version of Elasticsearch to deploy. Defaults to `1.5`.\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). Detailed below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "kibanaEndpoint": { "type": "string", "description": "Domain-specific endpoint for kibana without https scheme.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running Elasticsearch 5.3 and later, Amazon ES takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions of Elasticsearch, Amazon ES takes daily automated snapshots.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)). Detailed below.\n" } }, "required": [ "accessPolicies", "advancedOptions", "advancedSecurityOptions", "arn", "autoTuneOptions", "clusterConfig", "domainEndpointOptions", "domainId", "domainName", "ebsOptions", "encryptAtRest", "endpoint", "kibanaEndpoint", "nodeToNodeEncryption", "tagsAll" ], "inputProperties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your Elasticsearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:elasticsearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:elasticsearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating Kibana with Cognito. Detailed below.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). Detailed below.\n" }, "elasticsearchVersion": { "type": "string", "description": "Version of Elasticsearch to deploy. Defaults to `1.5`.\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). Detailed below.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running Elasticsearch 5.3 and later, Amazon ES takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions of Elasticsearch, Amazon ES takes daily automated snapshots.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)). Detailed below.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your Elasticsearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:elasticsearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the domain.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:elasticsearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:elasticsearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:elasticsearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating Kibana with Cognito. Detailed below.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:elasticsearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "ebsOptions": { "$ref": "#/types/aws:elasticsearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). Detailed below.\n" }, "elasticsearchVersion": { "type": "string", "description": "Version of Elasticsearch to deploy. Defaults to `1.5`.\n" }, "encryptAtRest": { "$ref": "#/types/aws:elasticsearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). Detailed below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "kibanaEndpoint": { "type": "string", "description": "Domain-specific endpoint for kibana without https scheme.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:elasticsearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:elasticsearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:elasticsearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running Elasticsearch 5.3 and later, Amazon ES takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions of Elasticsearch, Amazon ES takes daily automated snapshots.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)). Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elasticsearch/domainPolicy:DomainPolicy": { "description": "Allows setting policy to an Elasticsearch domain while referencing domain attributes (e.g., ARN)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: \"tf-test\",\n elasticsearchVersion: \"2.3\",\n});\nconst main = new aws.elasticsearch.DomainPolicy(\"main\", {\n domainName: example.domainName,\n accessPolicies: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"127.0.0.1/32\"}\n },\n \"Resource\": \"${example.arn}/*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=\"tf-test\",\n elasticsearch_version=\"2.3\")\nmain = aws.elasticsearch.DomainPolicy(\"main\",\n domain_name=example.domain_name,\n access_policies=example.arn.apply(lambda arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": \"127.0.0.1/32\"}}\n }},\n \"Resource\": \"{arn}/*\"\n }}\n ]\n}}\n\"\"\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = \"tf-test\",\n ElasticsearchVersion = \"2.3\",\n });\n\n var main = new Aws.ElasticSearch.DomainPolicy(\"main\", new()\n {\n DomainName = example.DomainName,\n AccessPolicies = example.Arn.Apply(arn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": \"\"127.0.0.1/32\"\"}}\n }},\n \"\"Resource\"\": \"\"{arn}/*\"\"\n }}\n ]\n}}\n\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"tf-test\"),\n\t\t\tElasticsearchVersion: pulumi.String(\"2.3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomainPolicy(ctx, \"main\", \u0026elasticsearch.DomainPolicyArgs{\n\t\t\tDomainName: example.DomainName,\n\t\t\tAccessPolicies: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"127.0.0.1/32\"}\n },\n \"Resource\": \"%v/*\"\n }\n ]\n}\n`, arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.DomainPolicy;\nimport com.pulumi.aws.elasticsearch.DomainPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"tf-test\")\n .elasticsearchVersion(\"2.3\")\n .build());\n\n var main = new DomainPolicy(\"main\", DomainPolicyArgs.builder()\n .domainName(example.domainName())\n .accessPolicies(example.arn().applyValue(arn -\u003e \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"127.0.0.1/32\"}\n },\n \"Resource\": \"%s/*\"\n }\n ]\n}\n\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: tf-test\n elasticsearchVersion: '2.3'\n main:\n type: aws:elasticsearch:DomainPolicy\n properties:\n domainName: ${example.domainName}\n accessPolicies: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": \"127.0.0.1/32\"}\n },\n \"Resource\": \"${example.arn}/*\"\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "required": [ "accessPolicies", "domainName" ], "inputProperties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "requiredInputs": [ "accessPolicies", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainPolicy resources.\n", "properties": { "accessPolicies": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "type": "object" } }, "aws:elasticsearch/domainSamlOptions:DomainSamlOptions": { "description": "Manages SAML authentication options for an AWS Elasticsearch Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: \"example\",\n elasticsearchVersion: \"1.5\",\n clusterConfig: {\n instanceType: \"r4.large.elasticsearch\",\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23,\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\nconst exampleDomainSamlOptions = new aws.elasticsearch.DomainSamlOptions(\"example\", {\n domainName: example.domainName,\n samlOptions: {\n enabled: true,\n idp: {\n entityId: \"https://example.com\",\n metadataContent: std.file({\n input: \"./saml-metadata.xml\",\n }).then(invoke =\u003e invoke.result),\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=\"example\",\n elasticsearch_version=\"1.5\",\n cluster_config={\n \"instance_type\": \"r4.large.elasticsearch\",\n },\n snapshot_options={\n \"automated_snapshot_start_hour\": 23,\n },\n tags={\n \"Domain\": \"TestDomain\",\n })\nexample_domain_saml_options = aws.elasticsearch.DomainSamlOptions(\"example\",\n domain_name=example.domain_name,\n saml_options={\n \"enabled\": True,\n \"idp\": {\n \"entity_id\": \"https://example.com\",\n \"metadata_content\": std.file(input=\"./saml-metadata.xml\").result,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n ElasticsearchVersion = \"1.5\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.elasticsearch\",\n },\n SnapshotOptions = new Aws.ElasticSearch.Inputs.DomainSnapshotOptionsArgs\n {\n AutomatedSnapshotStartHour = 23,\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n var exampleDomainSamlOptions = new Aws.ElasticSearch.DomainSamlOptions(\"example\", new()\n {\n DomainName = example.DomainName,\n SamlOptions = new Aws.ElasticSearch.Inputs.DomainSamlOptionsSamlOptionsArgs\n {\n Enabled = true,\n Idp = new Aws.ElasticSearch.Inputs.DomainSamlOptionsSamlOptionsIdpArgs\n {\n EntityId = \"https://example.com\",\n MetadataContent = Std.File.Invoke(new()\n {\n Input = \"./saml-metadata.xml\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tElasticsearchVersion: pulumi.String(\"1.5\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.elasticsearch\"),\n\t\t\t},\n\t\t\tSnapshotOptions: \u0026elasticsearch.DomainSnapshotOptionsArgs{\n\t\t\t\tAutomatedSnapshotStartHour: pulumi.Int(23),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./saml-metadata.xml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomainSamlOptions(ctx, \"example\", \u0026elasticsearch.DomainSamlOptionsArgs{\n\t\t\tDomainName: example.DomainName,\n\t\t\tSamlOptions: \u0026elasticsearch.DomainSamlOptionsSamlOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tIdp: \u0026elasticsearch.DomainSamlOptionsSamlOptionsIdpArgs{\n\t\t\t\t\tEntityId: pulumi.String(\"https://example.com\"),\n\t\t\t\t\tMetadataContent: pulumi.String(invokeFile.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainSnapshotOptionsArgs;\nimport com.pulumi.aws.elasticsearch.DomainSamlOptions;\nimport com.pulumi.aws.elasticsearch.DomainSamlOptionsArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainSamlOptionsSamlOptionsArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainSamlOptionsSamlOptionsIdpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .elasticsearchVersion(\"1.5\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.elasticsearch\")\n .build())\n .snapshotOptions(DomainSnapshotOptionsArgs.builder()\n .automatedSnapshotStartHour(23)\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n var exampleDomainSamlOptions = new DomainSamlOptions(\"exampleDomainSamlOptions\", DomainSamlOptionsArgs.builder()\n .domainName(example.domainName())\n .samlOptions(DomainSamlOptionsSamlOptionsArgs.builder()\n .enabled(true)\n .idp(DomainSamlOptionsSamlOptionsIdpArgs.builder()\n .entityId(\"https://example.com\")\n .metadataContent(StdFunctions.file(FileArgs.builder()\n .input(\"./saml-metadata.xml\")\n .build()).result())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: example\n elasticsearchVersion: '1.5'\n clusterConfig:\n instanceType: r4.large.elasticsearch\n snapshotOptions:\n automatedSnapshotStartHour: 23\n tags:\n Domain: TestDomain\n exampleDomainSamlOptions:\n type: aws:elasticsearch:DomainSamlOptions\n name: example\n properties:\n domainName: ${example.domainName}\n samlOptions:\n enabled: true\n idp:\n entityId: https://example.com\n metadataContent:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./saml-metadata.xml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elasticsearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:elasticsearch/domainSamlOptions:DomainSamlOptions example domain_name\n```\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n" }, "samlOptions": { "$ref": "#/types/aws:elasticsearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "The SAML authentication options for an AWS Elasticsearch Domain.\n" } }, "required": [ "domainName" ], "inputProperties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "samlOptions": { "$ref": "#/types/aws:elasticsearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "The SAML authentication options for an AWS Elasticsearch Domain.\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainSamlOptions resources.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "samlOptions": { "$ref": "#/types/aws:elasticsearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "The SAML authentication options for an AWS Elasticsearch Domain.\n" } }, "type": "object" } }, "aws:elasticsearch/vpcEndpoint:VpcEndpoint": { "description": "Manages an [AWS Elasticsearch VPC Endpoint](https://docs.aws.amazon.com/elasticsearch-service/latest/APIReference/API_CreateVpcEndpoint.html). Creates an Amazon elasticsearch Service-managed VPC endpoint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.elasticsearch.VpcEndpoint(\"foo\", {\n domainArn: domain1.arn,\n vpcOptions: {\n securityGroupIds: [\n test.id,\n test2.id,\n ],\n subnetIds: [\n testAwsSubnet.id,\n test2AwsSubnet.id,\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.elasticsearch.VpcEndpoint(\"foo\",\n domain_arn=domain1[\"arn\"],\n vpc_options={\n \"security_group_ids\": [\n test[\"id\"],\n test2[\"id\"],\n ],\n \"subnet_ids\": [\n test_aws_subnet[\"id\"],\n test2_aws_subnet[\"id\"],\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.ElasticSearch.VpcEndpoint(\"foo\", new()\n {\n DomainArn = domain1.Arn,\n VpcOptions = new Aws.ElasticSearch.Inputs.VpcEndpointVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n test.Id,\n test2.Id,\n },\n SubnetIds = new[]\n {\n testAwsSubnet.Id,\n test2AwsSubnet.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.NewVpcEndpoint(ctx, \"foo\", \u0026elasticsearch.VpcEndpointArgs{\n\t\t\tDomainArn: pulumi.Any(domain1.Arn),\n\t\t\tVpcOptions: \u0026elasticsearch.VpcEndpointVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\ttest.Id,\n\t\t\t\t\ttest2.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\ttestAwsSubnet.Id,\n\t\t\t\t\ttest2AwsSubnet.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.VpcEndpoint;\nimport com.pulumi.aws.elasticsearch.VpcEndpointArgs;\nimport com.pulumi.aws.elasticsearch.inputs.VpcEndpointVpcOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new VpcEndpoint(\"foo\", VpcEndpointArgs.builder()\n .domainArn(domain1.arn())\n .vpcOptions(VpcEndpointVpcOptionsArgs.builder()\n .securityGroupIds( \n test.id(),\n test2.id())\n .subnetIds( \n testAwsSubnet.id(),\n test2AwsSubnet.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:elasticsearch:VpcEndpoint\n properties:\n domainArn: ${domain1.arn}\n vpcOptions:\n securityGroupIds:\n - ${test.id}\n - ${test2.id}\n subnetIds:\n - ${testAwsSubnet.id}\n - ${test2AwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import elasticsearch VPC endpoint connections using the `id`. For example:\n\n```sh\n$ pulumi import aws:elasticsearch/vpcEndpoint:VpcEndpoint example endpoint-id\n```\n", "properties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n" }, "endpoint": { "type": "string", "description": "The connection endpoint ID for connecting to the domain.\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "required": [ "domainArn", "endpoint", "vpcOptions" ], "inputProperties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n", "willReplaceOnChanges": true }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "requiredInputs": [ "domainArn", "vpcOptions" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpoint resources.\n", "properties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The connection endpoint ID for connecting to the domain.\n" }, "vpcOptions": { "$ref": "#/types/aws:elasticsearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "type": "object" } }, "aws:elastictranscoder/pipeline:Pipeline": { "description": "Provides an Elastic Transcoder pipeline resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.elastictranscoder.Pipeline(\"bar\", {\n inputBucket: inputBucket.id,\n name: \"aws_elastictranscoder_pipeline_my_test_\",\n role: testRole.arn,\n contentConfig: {\n bucket: contentBucket.id,\n storageClass: \"Standard\",\n },\n thumbnailConfig: {\n bucket: thumbBucket.id,\n storageClass: \"Standard\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elastictranscoder.Pipeline(\"bar\",\n input_bucket=input_bucket[\"id\"],\n name=\"aws_elastictranscoder_pipeline_my_test_\",\n role=test_role[\"arn\"],\n content_config={\n \"bucket\": content_bucket[\"id\"],\n \"storage_class\": \"Standard\",\n },\n thumbnail_config={\n \"bucket\": thumb_bucket[\"id\"],\n \"storage_class\": \"Standard\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.ElasticTranscoder.Pipeline(\"bar\", new()\n {\n InputBucket = inputBucket.Id,\n Name = \"aws_elastictranscoder_pipeline_my_test_\",\n Role = testRole.Arn,\n ContentConfig = new Aws.ElasticTranscoder.Inputs.PipelineContentConfigArgs\n {\n Bucket = contentBucket.Id,\n StorageClass = \"Standard\",\n },\n ThumbnailConfig = new Aws.ElasticTranscoder.Inputs.PipelineThumbnailConfigArgs\n {\n Bucket = thumbBucket.Id,\n StorageClass = \"Standard\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elastictranscoder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elastictranscoder.NewPipeline(ctx, \"bar\", \u0026elastictranscoder.PipelineArgs{\n\t\t\tInputBucket: pulumi.Any(inputBucket.Id),\n\t\t\tName: pulumi.String(\"aws_elastictranscoder_pipeline_my_test_\"),\n\t\t\tRole: pulumi.Any(testRole.Arn),\n\t\t\tContentConfig: \u0026elastictranscoder.PipelineContentConfigArgs{\n\t\t\t\tBucket: pulumi.Any(contentBucket.Id),\n\t\t\t\tStorageClass: pulumi.String(\"Standard\"),\n\t\t\t},\n\t\t\tThumbnailConfig: \u0026elastictranscoder.PipelineThumbnailConfigArgs{\n\t\t\t\tBucket: pulumi.Any(thumbBucket.Id),\n\t\t\t\tStorageClass: pulumi.String(\"Standard\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elastictranscoder.Pipeline;\nimport com.pulumi.aws.elastictranscoder.PipelineArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PipelineContentConfigArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PipelineThumbnailConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Pipeline(\"bar\", PipelineArgs.builder()\n .inputBucket(inputBucket.id())\n .name(\"aws_elastictranscoder_pipeline_my_test_\")\n .role(testRole.arn())\n .contentConfig(PipelineContentConfigArgs.builder()\n .bucket(contentBucket.id())\n .storageClass(\"Standard\")\n .build())\n .thumbnailConfig(PipelineThumbnailConfigArgs.builder()\n .bucket(thumbBucket.id())\n .storageClass(\"Standard\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:elastictranscoder:Pipeline\n properties:\n inputBucket: ${inputBucket.id}\n name: aws_elastictranscoder_pipeline_my_test_\n role: ${testRole.arn}\n contentConfig:\n bucket: ${contentBucket.id}\n storageClass: Standard\n thumbnailConfig:\n bucket: ${thumbBucket.id}\n storageClass: Standard\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elastic Transcoder pipelines using the `id`. For example:\n\n```sh\n$ pulumi import aws:elastictranscoder/pipeline:Pipeline basic_pipeline 1407981661351-cttk8b\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Elastictranscoder pipeline.\n" }, "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n" }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n\nThe `content_config` object specifies information about the Amazon S3 bucket in\nwhich you want Elastic Transcoder to save transcoded files and playlists: which\nbucket to use, and the storage class that you want to assign to the files. If\nyou specify values for `content_config`, you must also specify values for\n`thumbnail_config`. If you specify values for `content_config` and\n`thumbnail_config`, omit the `output_bucket` object.\n" } }, "required": [ "arn", "contentConfig", "inputBucket", "name", "outputBucket", "role", "thumbnailConfig" ], "inputProperties": { "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n", "willReplaceOnChanges": true }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n\nThe `content_config` object specifies information about the Amazon S3 bucket in\nwhich you want Elastic Transcoder to save transcoded files and playlists: which\nbucket to use, and the storage class that you want to assign to the files. If\nyou specify values for `content_config`, you must also specify values for\n`thumbnail_config`. If you specify values for `content_config` and\n`thumbnail_config`, omit the `output_bucket` object.\n" } }, "requiredInputs": [ "inputBucket", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Elastictranscoder pipeline.\n" }, "awsKmsKeyArn": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that you want to use with this pipeline.\n" }, "contentConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfig:PipelineContentConfig", "description": "The ContentConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. (documented below)\n" }, "contentConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineContentConfigPermission:PipelineContentConfigPermission" }, "description": "The permissions for the `content_config` object. (documented below)\n" }, "inputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you saved the media files that you want to transcode and the graphics that you want to use as watermarks.\n" }, "name": { "type": "string", "description": "The name of the pipeline. Maximum 40 characters\n", "willReplaceOnChanges": true }, "notifications": { "$ref": "#/types/aws:elastictranscoder/PipelineNotifications:PipelineNotifications", "description": "The Amazon Simple Notification Service (Amazon SNS) topic that you want to notify to report job status. (documented below)\n" }, "outputBucket": { "type": "string", "description": "The Amazon S3 bucket in which you want Elastic Transcoder to save the transcoded files.\n" }, "role": { "type": "string", "description": "The IAM Amazon Resource Name (ARN) for the role that you want Elastic Transcoder to use to transcode jobs for this pipeline.\n" }, "thumbnailConfig": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfig:PipelineThumbnailConfig", "description": "The ThumbnailConfig object specifies information about the Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. (documented below)\n" }, "thumbnailConfigPermissions": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PipelineThumbnailConfigPermission:PipelineThumbnailConfigPermission" }, "description": "The permissions for the `thumbnail_config` object. (documented below)\n\nThe `content_config` object specifies information about the Amazon S3 bucket in\nwhich you want Elastic Transcoder to save transcoded files and playlists: which\nbucket to use, and the storage class that you want to assign to the files. If\nyou specify values for `content_config`, you must also specify values for\n`thumbnail_config`. If you specify values for `content_config` and\n`thumbnail_config`, omit the `output_bucket` object.\n" } }, "type": "object" } }, "aws:elastictranscoder/preset:Preset": { "description": "Provides an Elastic Transcoder preset resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.elastictranscoder.Preset(\"bar\", {\n container: \"mp4\",\n description: \"Sample Preset\",\n name: \"sample_preset\",\n audio: {\n audioPackingMode: \"SingleTrack\",\n bitRate: \"96\",\n channels: \"2\",\n codec: \"AAC\",\n sampleRate: \"44100\",\n },\n audioCodecOptions: {\n profile: \"AAC-LC\",\n },\n video: {\n bitRate: \"1600\",\n codec: \"H.264\",\n displayAspectRatio: \"16:9\",\n fixedGop: \"false\",\n frameRate: \"auto\",\n maxFrameRate: \"60\",\n keyframesMaxDist: \"240\",\n maxHeight: \"auto\",\n maxWidth: \"auto\",\n paddingPolicy: \"Pad\",\n sizingPolicy: \"Fit\",\n },\n videoCodecOptions: {\n Profile: \"main\",\n Level: \"2.2\",\n MaxReferenceFrames: \"3\",\n InterlacedMode: \"Progressive\",\n ColorSpaceConversionMode: \"None\",\n },\n videoWatermarks: [{\n id: \"Test\",\n maxWidth: \"20%\",\n maxHeight: \"20%\",\n sizingPolicy: \"ShrinkToFit\",\n horizontalAlign: \"Right\",\n horizontalOffset: \"10px\",\n verticalAlign: \"Bottom\",\n verticalOffset: \"10px\",\n opacity: \"55.5\",\n target: \"Content\",\n }],\n thumbnails: {\n format: \"png\",\n interval: \"120\",\n maxWidth: \"auto\",\n maxHeight: \"auto\",\n paddingPolicy: \"Pad\",\n sizingPolicy: \"Fit\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elastictranscoder.Preset(\"bar\",\n container=\"mp4\",\n description=\"Sample Preset\",\n name=\"sample_preset\",\n audio={\n \"audio_packing_mode\": \"SingleTrack\",\n \"bit_rate\": \"96\",\n \"channels\": \"2\",\n \"codec\": \"AAC\",\n \"sample_rate\": \"44100\",\n },\n audio_codec_options={\n \"profile\": \"AAC-LC\",\n },\n video={\n \"bit_rate\": \"1600\",\n \"codec\": \"H.264\",\n \"display_aspect_ratio\": \"16:9\",\n \"fixed_gop\": \"false\",\n \"frame_rate\": \"auto\",\n \"max_frame_rate\": \"60\",\n \"keyframes_max_dist\": \"240\",\n \"max_height\": \"auto\",\n \"max_width\": \"auto\",\n \"padding_policy\": \"Pad\",\n \"sizing_policy\": \"Fit\",\n },\n video_codec_options={\n \"Profile\": \"main\",\n \"Level\": \"2.2\",\n \"MaxReferenceFrames\": \"3\",\n \"InterlacedMode\": \"Progressive\",\n \"ColorSpaceConversionMode\": \"None\",\n },\n video_watermarks=[{\n \"id\": \"Test\",\n \"max_width\": \"20%\",\n \"max_height\": \"20%\",\n \"sizing_policy\": \"ShrinkToFit\",\n \"horizontal_align\": \"Right\",\n \"horizontal_offset\": \"10px\",\n \"vertical_align\": \"Bottom\",\n \"vertical_offset\": \"10px\",\n \"opacity\": \"55.5\",\n \"target\": \"Content\",\n }],\n thumbnails={\n \"format\": \"png\",\n \"interval\": \"120\",\n \"max_width\": \"auto\",\n \"max_height\": \"auto\",\n \"padding_policy\": \"Pad\",\n \"sizing_policy\": \"Fit\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.ElasticTranscoder.Preset(\"bar\", new()\n {\n Container = \"mp4\",\n Description = \"Sample Preset\",\n Name = \"sample_preset\",\n Audio = new Aws.ElasticTranscoder.Inputs.PresetAudioArgs\n {\n AudioPackingMode = \"SingleTrack\",\n BitRate = \"96\",\n Channels = \"2\",\n Codec = \"AAC\",\n SampleRate = \"44100\",\n },\n AudioCodecOptions = new Aws.ElasticTranscoder.Inputs.PresetAudioCodecOptionsArgs\n {\n Profile = \"AAC-LC\",\n },\n Video = new Aws.ElasticTranscoder.Inputs.PresetVideoArgs\n {\n BitRate = \"1600\",\n Codec = \"H.264\",\n DisplayAspectRatio = \"16:9\",\n FixedGop = \"false\",\n FrameRate = \"auto\",\n MaxFrameRate = \"60\",\n KeyframesMaxDist = \"240\",\n MaxHeight = \"auto\",\n MaxWidth = \"auto\",\n PaddingPolicy = \"Pad\",\n SizingPolicy = \"Fit\",\n },\n VideoCodecOptions = \n {\n { \"Profile\", \"main\" },\n { \"Level\", \"2.2\" },\n { \"MaxReferenceFrames\", \"3\" },\n { \"InterlacedMode\", \"Progressive\" },\n { \"ColorSpaceConversionMode\", \"None\" },\n },\n VideoWatermarks = new[]\n {\n new Aws.ElasticTranscoder.Inputs.PresetVideoWatermarkArgs\n {\n Id = \"Test\",\n MaxWidth = \"20%\",\n MaxHeight = \"20%\",\n SizingPolicy = \"ShrinkToFit\",\n HorizontalAlign = \"Right\",\n HorizontalOffset = \"10px\",\n VerticalAlign = \"Bottom\",\n VerticalOffset = \"10px\",\n Opacity = \"55.5\",\n Target = \"Content\",\n },\n },\n Thumbnails = new Aws.ElasticTranscoder.Inputs.PresetThumbnailsArgs\n {\n Format = \"png\",\n Interval = \"120\",\n MaxWidth = \"auto\",\n MaxHeight = \"auto\",\n PaddingPolicy = \"Pad\",\n SizingPolicy = \"Fit\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elastictranscoder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elastictranscoder.NewPreset(ctx, \"bar\", \u0026elastictranscoder.PresetArgs{\n\t\t\tContainer: pulumi.String(\"mp4\"),\n\t\t\tDescription: pulumi.String(\"Sample Preset\"),\n\t\t\tName: pulumi.String(\"sample_preset\"),\n\t\t\tAudio: \u0026elastictranscoder.PresetAudioArgs{\n\t\t\t\tAudioPackingMode: pulumi.String(\"SingleTrack\"),\n\t\t\t\tBitRate: pulumi.String(\"96\"),\n\t\t\t\tChannels: pulumi.String(\"2\"),\n\t\t\t\tCodec: pulumi.String(\"AAC\"),\n\t\t\t\tSampleRate: pulumi.String(\"44100\"),\n\t\t\t},\n\t\t\tAudioCodecOptions: \u0026elastictranscoder.PresetAudioCodecOptionsArgs{\n\t\t\t\tProfile: pulumi.String(\"AAC-LC\"),\n\t\t\t},\n\t\t\tVideo: \u0026elastictranscoder.PresetVideoArgs{\n\t\t\t\tBitRate: pulumi.String(\"1600\"),\n\t\t\t\tCodec: pulumi.String(\"H.264\"),\n\t\t\t\tDisplayAspectRatio: pulumi.String(\"16:9\"),\n\t\t\t\tFixedGop: pulumi.String(\"false\"),\n\t\t\t\tFrameRate: pulumi.String(\"auto\"),\n\t\t\t\tMaxFrameRate: pulumi.String(\"60\"),\n\t\t\t\tKeyframesMaxDist: pulumi.String(\"240\"),\n\t\t\t\tMaxHeight: pulumi.String(\"auto\"),\n\t\t\t\tMaxWidth: pulumi.String(\"auto\"),\n\t\t\t\tPaddingPolicy: pulumi.String(\"Pad\"),\n\t\t\t\tSizingPolicy: pulumi.String(\"Fit\"),\n\t\t\t},\n\t\t\tVideoCodecOptions: pulumi.StringMap{\n\t\t\t\t\"Profile\": pulumi.String(\"main\"),\n\t\t\t\t\"Level\": pulumi.String(\"2.2\"),\n\t\t\t\t\"MaxReferenceFrames\": pulumi.String(\"3\"),\n\t\t\t\t\"InterlacedMode\": pulumi.String(\"Progressive\"),\n\t\t\t\t\"ColorSpaceConversionMode\": pulumi.String(\"None\"),\n\t\t\t},\n\t\t\tVideoWatermarks: elastictranscoder.PresetVideoWatermarkArray{\n\t\t\t\t\u0026elastictranscoder.PresetVideoWatermarkArgs{\n\t\t\t\t\tId: pulumi.String(\"Test\"),\n\t\t\t\t\tMaxWidth: pulumi.String(\"20%\"),\n\t\t\t\t\tMaxHeight: pulumi.String(\"20%\"),\n\t\t\t\t\tSizingPolicy: pulumi.String(\"ShrinkToFit\"),\n\t\t\t\t\tHorizontalAlign: pulumi.String(\"Right\"),\n\t\t\t\t\tHorizontalOffset: pulumi.String(\"10px\"),\n\t\t\t\t\tVerticalAlign: pulumi.String(\"Bottom\"),\n\t\t\t\t\tVerticalOffset: pulumi.String(\"10px\"),\n\t\t\t\t\tOpacity: pulumi.String(\"55.5\"),\n\t\t\t\t\tTarget: pulumi.String(\"Content\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThumbnails: \u0026elastictranscoder.PresetThumbnailsArgs{\n\t\t\t\tFormat: pulumi.String(\"png\"),\n\t\t\t\tInterval: pulumi.String(\"120\"),\n\t\t\t\tMaxWidth: pulumi.String(\"auto\"),\n\t\t\t\tMaxHeight: pulumi.String(\"auto\"),\n\t\t\t\tPaddingPolicy: pulumi.String(\"Pad\"),\n\t\t\t\tSizingPolicy: pulumi.String(\"Fit\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elastictranscoder.Preset;\nimport com.pulumi.aws.elastictranscoder.PresetArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PresetAudioArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PresetAudioCodecOptionsArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PresetVideoArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PresetVideoWatermarkArgs;\nimport com.pulumi.aws.elastictranscoder.inputs.PresetThumbnailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Preset(\"bar\", PresetArgs.builder()\n .container(\"mp4\")\n .description(\"Sample Preset\")\n .name(\"sample_preset\")\n .audio(PresetAudioArgs.builder()\n .audioPackingMode(\"SingleTrack\")\n .bitRate(96)\n .channels(2)\n .codec(\"AAC\")\n .sampleRate(44100)\n .build())\n .audioCodecOptions(PresetAudioCodecOptionsArgs.builder()\n .profile(\"AAC-LC\")\n .build())\n .video(PresetVideoArgs.builder()\n .bitRate(\"1600\")\n .codec(\"H.264\")\n .displayAspectRatio(\"16:9\")\n .fixedGop(\"false\")\n .frameRate(\"auto\")\n .maxFrameRate(\"60\")\n .keyframesMaxDist(240)\n .maxHeight(\"auto\")\n .maxWidth(\"auto\")\n .paddingPolicy(\"Pad\")\n .sizingPolicy(\"Fit\")\n .build())\n .videoCodecOptions(Map.ofEntries(\n Map.entry(\"Profile\", \"main\"),\n Map.entry(\"Level\", \"2.2\"),\n Map.entry(\"MaxReferenceFrames\", 3),\n Map.entry(\"InterlacedMode\", \"Progressive\"),\n Map.entry(\"ColorSpaceConversionMode\", \"None\")\n ))\n .videoWatermarks(PresetVideoWatermarkArgs.builder()\n .id(\"Test\")\n .maxWidth(\"20%\")\n .maxHeight(\"20%\")\n .sizingPolicy(\"ShrinkToFit\")\n .horizontalAlign(\"Right\")\n .horizontalOffset(\"10px\")\n .verticalAlign(\"Bottom\")\n .verticalOffset(\"10px\")\n .opacity(\"55.5\")\n .target(\"Content\")\n .build())\n .thumbnails(PresetThumbnailsArgs.builder()\n .format(\"png\")\n .interval(120)\n .maxWidth(\"auto\")\n .maxHeight(\"auto\")\n .paddingPolicy(\"Pad\")\n .sizingPolicy(\"Fit\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:elastictranscoder:Preset\n properties:\n container: mp4\n description: Sample Preset\n name: sample_preset\n audio:\n audioPackingMode: SingleTrack\n bitRate: 96\n channels: 2\n codec: AAC\n sampleRate: 44100\n audioCodecOptions:\n profile: AAC-LC\n video:\n bitRate: '1600'\n codec: H.264\n displayAspectRatio: 16:9\n fixedGop: 'false'\n frameRate: auto\n maxFrameRate: '60'\n keyframesMaxDist: 240\n maxHeight: auto\n maxWidth: auto\n paddingPolicy: Pad\n sizingPolicy: Fit\n videoCodecOptions:\n Profile: main\n Level: '2.2'\n MaxReferenceFrames: 3\n InterlacedMode: Progressive\n ColorSpaceConversionMode: None\n videoWatermarks:\n - id: Test\n maxWidth: 20%\n maxHeight: 20%\n sizingPolicy: ShrinkToFit\n horizontalAlign: Right\n horizontalOffset: 10px\n verticalAlign: Bottom\n verticalOffset: 10px\n opacity: '55.5'\n target: Content\n thumbnails:\n format: png\n interval: 120\n maxWidth: auto\n maxHeight: auto\n paddingPolicy: Pad\n sizingPolicy: Fit\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elastic Transcoder presets using the `id`. For example:\n\n```sh\n$ pulumi import aws:elastictranscoder/preset:Preset basic_preset 1407981661351-cttk8b\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Elastic Transcoder Preset.\n" }, "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n" }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n" }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n" }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n" }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n" }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n" }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n" }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n" }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n" } }, "required": [ "arn", "audioCodecOptions", "container", "name", "type" ], "inputProperties": { "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n", "willReplaceOnChanges": true }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n", "willReplaceOnChanges": true }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n", "willReplaceOnChanges": true }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n", "willReplaceOnChanges": true }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n", "willReplaceOnChanges": true }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n", "willReplaceOnChanges": true }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "container" ], "stateInputs": { "description": "Input properties used for looking up and filtering Preset resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Elastic Transcoder Preset.\n" }, "audio": { "$ref": "#/types/aws:elastictranscoder/PresetAudio:PresetAudio", "description": "Audio parameters object (documented below).\n", "willReplaceOnChanges": true }, "audioCodecOptions": { "$ref": "#/types/aws:elastictranscoder/PresetAudioCodecOptions:PresetAudioCodecOptions", "description": "Codec options for the audio parameters (documented below)\n", "willReplaceOnChanges": true }, "container": { "type": "string", "description": "The container type for the output file. Valid values are `flac`, `flv`, `fmp4`, `gif`, `mp3`, `mp4`, `mpg`, `mxf`, `oga`, `ogg`, `ts`, and `webm`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the preset (maximum 255 characters)\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the preset. (maximum 40 characters)\n", "willReplaceOnChanges": true }, "thumbnails": { "$ref": "#/types/aws:elastictranscoder/PresetThumbnails:PresetThumbnails", "description": "Thumbnail parameters object (documented below)\n", "willReplaceOnChanges": true }, "type": { "type": "string" }, "video": { "$ref": "#/types/aws:elastictranscoder/PresetVideo:PresetVideo", "description": "Video parameters object (documented below)\n", "willReplaceOnChanges": true }, "videoCodecOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Codec options for the video parameters\n", "willReplaceOnChanges": true }, "videoWatermarks": { "type": "array", "items": { "$ref": "#/types/aws:elastictranscoder/PresetVideoWatermark:PresetVideoWatermark" }, "description": "Watermark parameters for the video parameters (documented below)\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:elb/appCookieStickinessPolicy:AppCookieStickinessPolicy": { "description": "Provides an application cookie stickiness policy, which allows an ELB to wed its sticky cookie's expiration to a cookie generated by your application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n name: \"test-lb\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.AppCookieStickinessPolicy(\"foo\", {\n name: \"foo_policy\",\n loadBalancer: lb.name,\n lbPort: 80,\n cookieName: \"MyAppCookie\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n name=\"test-lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instance_protocol\": \"http\",\n \"lb_port\": 80,\n \"lb_protocol\": \"http\",\n }])\nfoo = aws.elb.AppCookieStickinessPolicy(\"foo\",\n name=\"foo_policy\",\n load_balancer=lb.name,\n lb_port=80,\n cookie_name=\"MyAppCookie\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new()\n {\n Name = \"test-lb\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n\n var foo = new Aws.Elb.AppCookieStickinessPolicy(\"foo\", new()\n {\n Name = \"foo_policy\",\n LoadBalancer = lb.Name,\n LbPort = 80,\n CookieName = \"MyAppCookie\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"test-lb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewAppCookieStickinessPolicy(ctx, \"foo\", \u0026elb.AppCookieStickinessPolicyArgs{\n\t\t\tName: pulumi.String(\"foo_policy\"),\n\t\t\tLoadBalancer: lb.Name,\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tCookieName: pulumi.String(\"MyAppCookie\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.AppCookieStickinessPolicy;\nimport com.pulumi.aws.elb.AppCookieStickinessPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new LoadBalancer(\"lb\", LoadBalancerArgs.builder()\n .name(\"test-lb\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"http\")\n .lbPort(80)\n .lbProtocol(\"http\")\n .build())\n .build());\n\n var foo = new AppCookieStickinessPolicy(\"foo\", AppCookieStickinessPolicyArgs.builder()\n .name(\"foo_policy\")\n .loadBalancer(lb.name())\n .lbPort(80)\n .cookieName(\"MyAppCookie\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:elb:LoadBalancer\n properties:\n name: test-lb\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 8000\n instanceProtocol: http\n lbPort: 80\n lbProtocol: http\n foo:\n type: aws:elb:AppCookieStickinessPolicy\n properties:\n name: foo_policy\n loadBalancer: ${lb.name}\n lbPort: 80\n cookieName: MyAppCookie\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import application cookie stickiness policies using the ELB name, port, and policy name separated by colons (`:`). For example:\n\n```sh\n$ pulumi import aws:elb/appCookieStickinessPolicy:AppCookieStickinessPolicy example my-elb:80:my-policy\n```\n", "properties": { "cookieName": { "type": "string", "description": "Application cookie whose lifetime the ELB's cookie should follow.\n" }, "lbPort": { "type": "integer", "description": "Load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "Name of load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "Name of the stickiness policy.\n" } }, "required": [ "cookieName", "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieName": { "type": "string", "description": "Application cookie whose lifetime the ELB's cookie should follow.\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "Load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "Name of load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the stickiness policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cookieName", "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppCookieStickinessPolicy resources.\n", "properties": { "cookieName": { "type": "string", "description": "Application cookie whose lifetime the ELB's cookie should follow.\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "Load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "Name of load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the stickiness policy.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/appCookieStickinessPolicy:AppCookieStickinessPolicy" } ] }, "aws:elb/attachment:Attachment": { "description": "Attaches an EC2 instance to an Elastic Load Balancer (ELB). For attaching resources with Application Load Balancer (ALB) or Network Load Balancer (NLB), see the `aws.lb.TargetGroupAttachment` resource.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently provides\nboth a standalone ELB Attachment resource (describing an instance attached to\nan ELB), and an Elastic Load Balancer resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with an ELB Attachment resource. Doing so will cause a\nconflict and will overwrite attachments.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer attachment\nconst baz = new aws.elb.Attachment(\"baz\", {\n elb: bar.id,\n instance: foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer attachment\nbaz = aws.elb.Attachment(\"baz\",\n elb=bar[\"id\"],\n instance=foo[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new load balancer attachment\n var baz = new Aws.Elb.Attachment(\"baz\", new()\n {\n Elb = bar.Id,\n Instance = foo.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new load balancer attachment\n\t\t_, err := elb.NewAttachment(ctx, \"baz\", \u0026elb.AttachmentArgs{\n\t\t\tElb: pulumi.Any(bar.Id),\n\t\t\tInstance: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.Attachment;\nimport com.pulumi.aws.elb.AttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new load balancer attachment\n var baz = new Attachment(\"baz\", AttachmentArgs.builder()\n .elb(bar.id())\n .instance(foo.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new load balancer attachment\n baz:\n type: aws:elb:Attachment\n properties:\n elb: ${bar.id}\n instance: ${foo.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n" }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n" } }, "required": [ "elb", "instance" ], "inputProperties": { "elb": { "type": "string", "description": "The name of the ELB.\n", "willReplaceOnChanges": true }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "elb", "instance" ], "stateInputs": { "description": "Input properties used for looking up and filtering Attachment resources.\n", "properties": { "elb": { "type": "string", "description": "The name of the ELB.\n", "willReplaceOnChanges": true }, "instance": { "type": "string", "description": "Instance ID to place in the ELB pool.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/attachment:Attachment" } ] }, "aws:elb/listenerPolicy:ListenerPolicy": { "description": "Attaches a load balancer policy to an ELB Listener.\n\n## Example Usage\n\n### Custom Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n name: \"wu-tang\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n name=\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instance_protocol\": \"http\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\",\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ])\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new()\n {\n Name = \"wu-tang\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n });\n\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new()\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = new[]\n {\n wu_tang_ssl.PolicyName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.NewLoadBalancer(ctx, \"wu-tang\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"wu-tang\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(443),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"wu-tang\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ssl\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ssl\"),\n\t\t\tPolicyTypeName: pulumi.String(\"SSLNegotiationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"ECDHE-ECDSA-AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.2\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewListenerPolicy(ctx, \"wu-tang-listener-policies-443\", \u0026elb.ListenerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tLoadBalancerPort: pulumi.Int(443),\n\t\t\tPolicyNames: pulumi.StringArray{\n\t\t\t\twu_tang_ssl.PolicyName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.LoadBalancerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerPolicyArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerPolicyPolicyAttributeArgs;\nimport com.pulumi.aws.elb.ListenerPolicy;\nimport com.pulumi.aws.elb.ListenerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var wu_tang = new LoadBalancer(\"wu-tang\", LoadBalancerArgs.builder()\n .name(\"wu-tang\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(443)\n .instanceProtocol(\"http\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\")\n .build())\n .tags(Map.of(\"Name\", \"wu-tang\"))\n .build());\n\n var wu_tang_ssl = new LoadBalancerPolicy(\"wu-tang-ssl\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ssl\")\n .policyTypeName(\"SSLNegotiationPolicyType\")\n .policyAttributes( \n LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"ECDHE-ECDSA-AES128-GCM-SHA256\")\n .value(\"true\")\n .build(),\n LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"Protocol-TLSv1.2\")\n .value(\"true\")\n .build())\n .build());\n\n var wu_tang_listener_policies_443 = new ListenerPolicy(\"wu-tang-listener-policies-443\", ListenerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .loadBalancerPort(443)\n .policyNames(wu_tang_ssl.policyName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n wu-tang:\n type: aws:elb:LoadBalancer\n properties:\n name: wu-tang\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 443\n instanceProtocol: http\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::000000000000:server-certificate/wu-tang.net\n tags:\n Name: wu-tang\n wu-tang-ssl:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ssl\n policyTypeName: SSLNegotiationPolicyType\n policyAttributes:\n - name: ECDHE-ECDSA-AES128-GCM-SHA256\n value: 'true'\n - name: Protocol-TLSv1.2\n value: 'true'\n wu-tang-listener-policies-443:\n type: aws:elb:ListenerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n loadBalancerPort: 443\n policyNames:\n - ${[\"wu-tang-ssl\"].policyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThis example shows how to customize the TLS settings of an HTTPS listener.\n\n### AWS Predefined Security Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n name: \"wu-tang\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl_tls_1_1.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n name=\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instance_protocol\": \"http\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\",\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }])\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl_tls_1_1.policy_name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new()\n {\n Name = \"wu-tang\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n });\n\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new()\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = new[]\n {\n wu_tang_ssl_tls_1_1.PolicyName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.NewLoadBalancer(ctx, \"wu-tang\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"wu-tang\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(443),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"wu-tang\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ssl-tls-1-1\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ssl\"),\n\t\t\tPolicyTypeName: pulumi.String(\"SSLNegotiationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Reference-Security-Policy\"),\n\t\t\t\t\tValue: pulumi.String(\"ELBSecurityPolicy-TLS-1-1-2017-01\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewListenerPolicy(ctx, \"wu-tang-listener-policies-443\", \u0026elb.ListenerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tLoadBalancerPort: pulumi.Int(443),\n\t\t\tPolicyNames: pulumi.StringArray{\n\t\t\t\twu_tang_ssl_tls_1_1.PolicyName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.LoadBalancerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerPolicyArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerPolicyPolicyAttributeArgs;\nimport com.pulumi.aws.elb.ListenerPolicy;\nimport com.pulumi.aws.elb.ListenerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var wu_tang = new LoadBalancer(\"wu-tang\", LoadBalancerArgs.builder()\n .name(\"wu-tang\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(443)\n .instanceProtocol(\"http\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\")\n .build())\n .tags(Map.of(\"Name\", \"wu-tang\"))\n .build());\n\n var wu_tang_ssl_tls_1_1 = new LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ssl\")\n .policyTypeName(\"SSLNegotiationPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"Reference-Security-Policy\")\n .value(\"ELBSecurityPolicy-TLS-1-1-2017-01\")\n .build())\n .build());\n\n var wu_tang_listener_policies_443 = new ListenerPolicy(\"wu-tang-listener-policies-443\", ListenerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .loadBalancerPort(443)\n .policyNames(wu_tang_ssl_tls_1_1.policyName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n wu-tang:\n type: aws:elb:LoadBalancer\n properties:\n name: wu-tang\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 443\n instanceProtocol: http\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::000000000000:server-certificate/wu-tang.net\n tags:\n Name: wu-tang\n wu-tang-ssl-tls-1-1:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ssl\n policyTypeName: SSLNegotiationPolicyType\n policyAttributes:\n - name: Reference-Security-Policy\n value: ELBSecurityPolicy-TLS-1-1-2017-01\n wu-tang-listener-policies-443:\n type: aws:elb:ListenerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n loadBalancerPort: 443\n policyNames:\n - ${[\"wu-tang-ssl-tls-1-1\"].policyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThis example shows how to add a [Predefined Security Policy for ELBs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html)\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an update.\n" } }, "required": [ "loadBalancerName", "loadBalancerPort" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an update.\n" } }, "requiredInputs": [ "loadBalancerName", "loadBalancerPort" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "loadBalancerPort": { "type": "integer", "description": "The load balancer listener port to apply the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger an update.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/listenerPolicy:ListenerPolicy" } ] }, "aws:elb/loadBalancer:LoadBalancer": { "description": "Provides an Elastic Load Balancer resource, also known as a \"Classic\nLoad Balancer\" after the release of\nApplication/Network Load Balancers.\n\n\u003e **NOTE on ELB Instances and ELB Attachments:** This provider currently\nprovides both a standalone ELB Attachment resource\n(describing an instance attached to an ELB), and an ELB resource with\n`instances` defined in-line. At this time you cannot use an ELB with in-line\ninstances in conjunction with a ELB Attachment resources. Doing so will cause a\nconflict and will overwrite attachments.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new load balancer\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n name: \"foobar-elb\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n accessLogs: {\n bucket: \"foo\",\n bucketPrefix: \"bar\",\n interval: 60,\n },\n listeners: [\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n },\n {\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n healthCheck: {\n healthyThreshold: 2,\n unhealthyThreshold: 2,\n timeout: 3,\n target: \"HTTP:8000/\",\n interval: 30,\n },\n instances: [foo.id],\n crossZoneLoadBalancing: true,\n idleTimeout: 400,\n connectionDraining: true,\n connectionDrainingTimeout: 400,\n tags: {\n Name: \"foobar-elb\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new load balancer\nbar = aws.elb.LoadBalancer(\"bar\",\n name=\"foobar-elb\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n access_logs={\n \"bucket\": \"foo\",\n \"bucket_prefix\": \"bar\",\n \"interval\": 60,\n },\n listeners=[\n {\n \"instance_port\": 8000,\n \"instance_protocol\": \"http\",\n \"lb_port\": 80,\n \"lb_protocol\": \"http\",\n },\n {\n \"instance_port\": 8000,\n \"instance_protocol\": \"http\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n ],\n health_check={\n \"healthy_threshold\": 2,\n \"unhealthy_threshold\": 2,\n \"timeout\": 3,\n \"target\": \"HTTP:8000/\",\n \"interval\": 30,\n },\n instances=[foo[\"id\"]],\n cross_zone_load_balancing=True,\n idle_timeout=400,\n connection_draining=True,\n connection_draining_timeout=400,\n tags={\n \"Name\": \"foobar-elb\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new load balancer\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new()\n {\n Name = \"foobar-elb\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = \"foo\",\n BucketPrefix = \"bar\",\n Interval = 60,\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n HealthCheck = new Aws.Elb.Inputs.LoadBalancerHealthCheckArgs\n {\n HealthyThreshold = 2,\n UnhealthyThreshold = 2,\n Timeout = 3,\n Target = \"HTTP:8000/\",\n Interval = 30,\n },\n Instances = new[]\n {\n foo.Id,\n },\n CrossZoneLoadBalancing = true,\n IdleTimeout = 400,\n ConnectionDraining = true,\n ConnectionDrainingTimeout = 400,\n Tags = \n {\n { \"Name\", \"foobar-elb\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new load balancer\n\t\t_, err := elb.NewLoadBalancer(ctx, \"bar\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"foobar-elb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tAccessLogs: \u0026elb.LoadBalancerAccessLogsArgs{\n\t\t\t\tBucket: pulumi.String(\"foo\"),\n\t\t\t\tBucketPrefix: pulumi.String(\"bar\"),\n\t\t\t\tInterval: pulumi.Int(60),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::123456789012:server-certificate/certName\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tHealthCheck: \u0026elb.LoadBalancerHealthCheckArgs{\n\t\t\t\tHealthyThreshold: pulumi.Int(2),\n\t\t\t\tUnhealthyThreshold: pulumi.Int(2),\n\t\t\t\tTimeout: pulumi.Int(3),\n\t\t\t\tTarget: pulumi.String(\"HTTP:8000/\"),\n\t\t\t\tInterval: pulumi.Int(30),\n\t\t\t},\n\t\t\tInstances: pulumi.StringArray{\n\t\t\t\tfoo.Id,\n\t\t\t},\n\t\t\tCrossZoneLoadBalancing: pulumi.Bool(true),\n\t\t\tIdleTimeout: pulumi.Int(400),\n\t\t\tConnectionDraining: pulumi.Bool(true),\n\t\t\tConnectionDrainingTimeout: pulumi.Int(400),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foobar-elb\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerAccessLogsArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerHealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new load balancer\n var bar = new LoadBalancer(\"bar\", LoadBalancerArgs.builder()\n .name(\"foobar-elb\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .accessLogs(LoadBalancerAccessLogsArgs.builder()\n .bucket(\"foo\")\n .bucketPrefix(\"bar\")\n .interval(60)\n .build())\n .listeners( \n LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"http\")\n .lbPort(80)\n .lbProtocol(\"http\")\n .build(),\n LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"http\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::123456789012:server-certificate/certName\")\n .build())\n .healthCheck(LoadBalancerHealthCheckArgs.builder()\n .healthyThreshold(2)\n .unhealthyThreshold(2)\n .timeout(3)\n .target(\"HTTP:8000/\")\n .interval(30)\n .build())\n .instances(foo.id())\n .crossZoneLoadBalancing(true)\n .idleTimeout(400)\n .connectionDraining(true)\n .connectionDrainingTimeout(400)\n .tags(Map.of(\"Name\", \"foobar-elb\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new load balancer\n bar:\n type: aws:elb:LoadBalancer\n properties:\n name: foobar-elb\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n accessLogs:\n bucket: foo\n bucketPrefix: bar\n interval: 60\n listeners:\n - instancePort: 8000\n instanceProtocol: http\n lbPort: 80\n lbProtocol: http\n - instancePort: 8000\n instanceProtocol: http\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::123456789012:server-certificate/certName\n healthCheck:\n healthyThreshold: 2\n unhealthyThreshold: 2\n timeout: 3\n target: HTTP:8000/\n interval: 30\n instances:\n - ${foo.id}\n crossZoneLoadBalancing: true\n idleTimeout: 400\n connectionDraining: true\n connectionDrainingTimeout: 400\n tags:\n Name: foobar-elb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Note on ECDSA Key Algorithm\n\nIf the ARN of the `ssl_certificate_id` that is pointed to references a\ncertificate that was signed by an ECDSA key, note that ELB only supports the\nP256 and P384 curves. Using a certificate signed by a key using a different\ncurve could produce the error `ERR_SSL_VERSION_OR_CIPHER_MISMATCH` in your\nbrowser.\n\n## Import\n\nUsing `pulumi import`, import ELBs using the `name`. For example:\n\n```sh\n$ pulumi import aws:elb/loadBalancer:LoadBalancer bar elb-production-12345\n```\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "desyncMitigationMode": { "type": "string", "description": "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n" }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB. When an update to subnets will remove all current subnets, this will force a new resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nExactly one of `availability_zones` or `subnets` must be specified: this\ndetermines if the ELB exists in a VPC or in EC2-classic.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "required": [ "arn", "availabilityZones", "dnsName", "healthCheck", "instances", "internal", "listeners", "name", "namePrefix", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "tagsAll", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "desyncMitigationMode": { "type": "string", "description": "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n", "willReplaceOnChanges": true }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB. When an update to subnets will remove all current subnets, this will force a new resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nExactly one of `availability_zones` or `subnets` must be specified: this\ndetermines if the ELB exists in a VPC or in EC2-classic.\n" } }, "requiredInputs": [ "listeners" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "An Access Logs block. Access Logs documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the ELB\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The AZ's to serve traffic in.\n" }, "connectionDraining": { "type": "boolean", "description": "Boolean to enable connection draining. Default: `false`\n" }, "connectionDrainingTimeout": { "type": "integer", "description": "The time in seconds to allow for connections to drain. Default: `300`\n" }, "crossZoneLoadBalancing": { "type": "boolean", "description": "Enable cross-zone load balancing. Default: `true`\n" }, "desyncMitigationMode": { "type": "string", "description": "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the ELB\n" }, "healthCheck": { "$ref": "#/types/aws:elb/LoadBalancerHealthCheck:LoadBalancerHealthCheck", "description": "A health_check block. Health Check documented below.\n" }, "idleTimeout": { "type": "integer", "description": "The time in seconds that the connection is allowed to be idle. Default: `60`\n" }, "instances": { "type": "array", "items": { "type": "string" }, "description": "A list of instance ids to place in the ELB pool.\n" }, "internal": { "type": "boolean", "description": "If true, ELB will be an internal ELB.\n", "willReplaceOnChanges": true }, "listeners": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerListener:LoadBalancerListener" }, "description": "A list of listener blocks. Listeners documented below.\n" }, "name": { "type": "string", "description": "The name of the ELB. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs to assign to the ELB.\nOnly valid if creating an ELB within a VPC\n" }, "sourceSecurityGroup": { "type": "string", "description": "The name of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Use this for Classic or Default VPC only.\n" }, "sourceSecurityGroupId": { "type": "string", "description": "The ID of the security group that you can use as\npart of your inbound rules for your load balancer's back-end application\ninstances. Only available on ELBs launched in a VPC.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to attach to the ELB. When an update to subnets will remove all current subnets, this will force a new resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nExactly one of `availability_zones` or `subnets` must be specified: this\ndetermines if the ELB exists in a VPC or in EC2-classic.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "zoneId": { "type": "string", "description": "The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancer:LoadBalancer" } ] }, "aws:elb/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy": { "description": "Attaches a load balancer policy to an ELB backend server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n name: \"wu-tang\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n policyAttributes: [{\n name: \"PublicKey\",\n value: std.file({\n input: \"wu-tang-pubkey\",\n }).then(invoke =\u003e invoke.result),\n }],\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: wu_tang_root_ca_pubkey_policy.policyName,\n }],\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n loadBalancerName: wu_tang.name,\n instancePort: 443,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n name=\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instance_protocol\": \"http\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\",\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": std.file(input=\"wu-tang-pubkey\").result,\n }])\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\",\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": wu_tang_root_ca_pubkey_policy[\"policyName\"],\n }])\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n load_balancer_name=wu_tang.name,\n instance_port=443,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new()\n {\n Name = \"wu-tang\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = Std.File.Invoke(new()\n {\n Input = \"wu-tang-pubkey\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n });\n\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = wu_tang_root_ca_pubkey_policy.PolicyName,\n },\n },\n });\n\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new()\n {\n LoadBalancerName = wu_tang.Name,\n InstancePort = 443,\n PolicyNames = new[]\n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.NewLoadBalancer(ctx, \"wu-tang\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"wu-tang\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(443),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"wu-tang\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"wu-tang-pubkey\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ca-pubkey-policy\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ca-pubkey-policy\"),\n\t\t\tPolicyTypeName: pulumi.String(\"PublicKeyPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"PublicKey\"),\n\t\t\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-root-ca-backend-auth-policy\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-root-ca-backend-auth-policy\"),\n\t\t\tPolicyTypeName: pulumi.String(\"BackendServerAuthenticationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"PublicKeyPolicyName\"),\n\t\t\t\t\tValue: pulumi.Any(wu_tang_root_ca_pubkey_policy.PolicyName),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerBackendServerPolicy(ctx, \"wu-tang-backend-auth-policies-443\", \u0026elb.LoadBalancerBackendServerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tInstancePort: pulumi.Int(443),\n\t\t\tPolicyNames: pulumi.StringArray{\n\t\t\t\twu_tang_root_ca_backend_auth_policy.PolicyName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.LoadBalancerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerPolicyArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerPolicyPolicyAttributeArgs;\nimport com.pulumi.aws.elb.LoadBalancerBackendServerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerBackendServerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var wu_tang = new LoadBalancer(\"wu-tang\", LoadBalancerArgs.builder()\n .name(\"wu-tang\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(443)\n .instanceProtocol(\"http\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\")\n .build())\n .tags(Map.of(\"Name\", \"wu-tang\"))\n .build());\n\n var wu_tang_ca_pubkey_policy = new LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ca-pubkey-policy\")\n .policyTypeName(\"PublicKeyPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"PublicKey\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"wu-tang-pubkey\")\n .build()).result())\n .build())\n .build());\n\n var wu_tang_root_ca_backend_auth_policy = new LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-root-ca-backend-auth-policy\")\n .policyTypeName(\"BackendServerAuthenticationPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"PublicKeyPolicyName\")\n .value(wu_tang_root_ca_pubkey_policy.policyName())\n .build())\n .build());\n\n var wu_tang_backend_auth_policies_443 = new LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", LoadBalancerBackendServerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .instancePort(443)\n .policyNames(wu_tang_root_ca_backend_auth_policy.policyName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n wu-tang:\n type: aws:elb:LoadBalancer\n properties:\n name: wu-tang\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 443\n instanceProtocol: http\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::000000000000:server-certificate/wu-tang.net\n tags:\n Name: wu-tang\n wu-tang-ca-pubkey-policy:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ca-pubkey-policy\n policyTypeName: PublicKeyPolicyType\n policyAttributes:\n - name: PublicKey\n value:\n fn::invoke:\n Function: std:file\n Arguments:\n input: wu-tang-pubkey\n Return: result\n wu-tang-root-ca-backend-auth-policy:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-root-ca-backend-auth-policy\n policyTypeName: BackendServerAuthenticationPolicyType\n policyAttributes:\n - name: PublicKeyPolicyName\n value: ${[\"wu-tang-root-ca-pubkey-policy\"].policyName}\n wu-tang-backend-auth-policies-443:\n type: aws:elb:LoadBalancerBackendServerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n instancePort: 443\n policyNames:\n - ${[\"wu-tang-root-ca-backend-auth-policy\"].policyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "required": [ "instancePort", "loadBalancerName" ], "inputProperties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "requiredInputs": [ "instancePort", "loadBalancerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerBackendServerPolicy resources.\n", "properties": { "instancePort": { "type": "integer", "description": "The instance port to apply the policy to.\n" }, "loadBalancerName": { "type": "string", "description": "The load balancer to attach the policy to.\n" }, "policyNames": { "type": "array", "items": { "type": "string" }, "description": "List of Policy Names to apply to the backend server.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy" } ] }, "aws:elb/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy": { "description": "Provides a load balancer cookie stickiness policy, which allows an ELB to control the sticky session lifetime of the browser.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n name: \"test-lb\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst foo = new aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\", {\n name: \"foo-policy\",\n loadBalancer: lb.id,\n lbPort: 80,\n cookieExpirationPeriod: 600,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n name=\"test-lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instance_protocol\": \"http\",\n \"lb_port\": 80,\n \"lb_protocol\": \"http\",\n }])\nfoo = aws.elb.LoadBalancerCookieStickinessPolicy(\"foo\",\n name=\"foo-policy\",\n load_balancer=lb.id,\n lb_port=80,\n cookie_expiration_period=600)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new()\n {\n Name = \"test-lb\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n\n var foo = new Aws.Elb.LoadBalancerCookieStickinessPolicy(\"foo\", new()\n {\n Name = \"foo-policy\",\n LoadBalancer = lb.Id,\n LbPort = 80,\n CookieExpirationPeriod = 600,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"test-lb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerCookieStickinessPolicy(ctx, \"foo\", \u0026elb.LoadBalancerCookieStickinessPolicyArgs{\n\t\t\tName: pulumi.String(\"foo-policy\"),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t\tLbPort: pulumi.Int(80),\n\t\t\tCookieExpirationPeriod: pulumi.Int(600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.LoadBalancerCookieStickinessPolicy;\nimport com.pulumi.aws.elb.LoadBalancerCookieStickinessPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new LoadBalancer(\"lb\", LoadBalancerArgs.builder()\n .name(\"test-lb\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"http\")\n .lbPort(80)\n .lbProtocol(\"http\")\n .build())\n .build());\n\n var foo = new LoadBalancerCookieStickinessPolicy(\"foo\", LoadBalancerCookieStickinessPolicyArgs.builder()\n .name(\"foo-policy\")\n .loadBalancer(lb.id())\n .lbPort(80)\n .cookieExpirationPeriod(600)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:elb:LoadBalancer\n properties:\n name: test-lb\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 8000\n instanceProtocol: http\n lbPort: 80\n lbProtocol: http\n foo:\n type: aws:elb:LoadBalancerCookieStickinessPolicy\n properties:\n name: foo-policy\n loadBalancer: ${lb.id}\n lbPort: 80\n cookieExpirationPeriod: 600\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the stickiness policy.\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the stickiness policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerCookieStickinessPolicy resources.\n", "properties": { "cookieExpirationPeriod": { "type": "integer", "description": "The time period after which\nthe session cookie should be considered stale, expressed in seconds.\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the stickiness policy.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy" } ] }, "aws:elb/loadBalancerPolicy:LoadBalancerPolicy": { "description": "Provides a load balancer policy, which can be attached to an ELB listener or backend server.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst wu_tang = new aws.elb.LoadBalancer(\"wu-tang\", {\n name: \"wu-tang\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 443,\n instanceProtocol: \"http\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags: {\n Name: \"wu-tang\",\n },\n});\nconst wu_tang_ca_pubkey_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ca-pubkey-policy\",\n policyTypeName: \"PublicKeyPolicyType\",\n policyAttributes: [{\n name: \"PublicKey\",\n value: std.file({\n input: \"wu-tang-pubkey\",\n }).then(invoke =\u003e invoke.result),\n }],\n});\nconst wu_tang_root_ca_backend_auth_policy = new aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-root-ca-backend-auth-policy\",\n policyTypeName: \"BackendServerAuthenticationPolicyType\",\n policyAttributes: [{\n name: \"PublicKeyPolicyName\",\n value: wu_tang_root_ca_pubkey_policy.policyName,\n }],\n});\nconst wu_tang_ssl = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n policyAttributes: [\n {\n name: \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n ],\n});\nconst wu_tang_ssl_tls_1_1 = new aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", {\n loadBalancerName: wu_tang.name,\n policyName: \"wu-tang-ssl\",\n policyTypeName: \"SSLNegotiationPolicyType\",\n policyAttributes: [{\n name: \"Reference-Security-Policy\",\n value: \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }],\n});\nconst wu_tang_backend_auth_policies_443 = new aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", {\n loadBalancerName: wu_tang.name,\n instancePort: 443,\n policyNames: [wu_tang_root_ca_backend_auth_policy.policyName],\n});\nconst wu_tang_listener_policies_443 = new aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\", {\n loadBalancerName: wu_tang.name,\n loadBalancerPort: 443,\n policyNames: [wu_tang_ssl.policyName],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nwu_tang = aws.elb.LoadBalancer(\"wu-tang\",\n name=\"wu-tang\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 443,\n \"instance_protocol\": \"http\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n }],\n tags={\n \"Name\": \"wu-tang\",\n })\nwu_tang_ca_pubkey_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ca-pubkey-policy\",\n policy_type_name=\"PublicKeyPolicyType\",\n policy_attributes=[{\n \"name\": \"PublicKey\",\n \"value\": std.file(input=\"wu-tang-pubkey\").result,\n }])\nwu_tang_root_ca_backend_auth_policy = aws.elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-root-ca-backend-auth-policy\",\n policy_type_name=\"BackendServerAuthenticationPolicyType\",\n policy_attributes=[{\n \"name\": \"PublicKeyPolicyName\",\n \"value\": wu_tang_root_ca_pubkey_policy[\"policyName\"],\n }])\nwu_tang_ssl = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\",\n policy_attributes=[\n {\n \"name\": \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n ])\nwu_tang_ssl_tls_1_1 = aws.elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\",\n load_balancer_name=wu_tang.name,\n policy_name=\"wu-tang-ssl\",\n policy_type_name=\"SSLNegotiationPolicyType\",\n policy_attributes=[{\n \"name\": \"Reference-Security-Policy\",\n \"value\": \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n }])\nwu_tang_backend_auth_policies_443 = aws.elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\",\n load_balancer_name=wu_tang.name,\n instance_port=443,\n policy_names=[wu_tang_root_ca_backend_auth_policy.policy_name])\nwu_tang_listener_policies_443 = aws.elb.ListenerPolicy(\"wu-tang-listener-policies-443\",\n load_balancer_name=wu_tang.name,\n load_balancer_port=443,\n policy_names=[wu_tang_ssl.policy_name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var wu_tang = new Aws.Elb.LoadBalancer(\"wu-tang\", new()\n {\n Name = \"wu-tang\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 443,\n InstanceProtocol = \"http\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::000000000000:server-certificate/wu-tang.net\",\n },\n },\n Tags = \n {\n { \"Name\", \"wu-tang\" },\n },\n });\n\n var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ca-pubkey-policy\",\n PolicyTypeName = \"PublicKeyPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKey\",\n Value = Std.File.Invoke(new()\n {\n Input = \"wu-tang-pubkey\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n });\n\n var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-root-ca-backend-auth-policy\",\n PolicyTypeName = \"BackendServerAuthenticationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"PublicKeyPolicyName\",\n Value = wu_tang_root_ca_pubkey_policy.PolicyName,\n },\n },\n });\n\n var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"ECDHE-ECDSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n },\n });\n\n var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", new()\n {\n LoadBalancerName = wu_tang.Name,\n PolicyName = \"wu-tang-ssl\",\n PolicyTypeName = \"SSLNegotiationPolicyType\",\n PolicyAttributes = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs\n {\n Name = \"Reference-Security-Policy\",\n Value = \"ELBSecurityPolicy-TLS-1-1-2017-01\",\n },\n },\n });\n\n var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", new()\n {\n LoadBalancerName = wu_tang.Name,\n InstancePort = 443,\n PolicyNames = new[]\n {\n wu_tang_root_ca_backend_auth_policy.PolicyName,\n },\n });\n\n var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy(\"wu-tang-listener-policies-443\", new()\n {\n LoadBalancerName = wu_tang.Name,\n LoadBalancerPort = 443,\n PolicyNames = new[]\n {\n wu_tang_ssl.PolicyName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elb.NewLoadBalancer(ctx, \"wu-tang\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"wu-tang\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(443),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"wu-tang\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"wu-tang-pubkey\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ca-pubkey-policy\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ca-pubkey-policy\"),\n\t\t\tPolicyTypeName: pulumi.String(\"PublicKeyPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"PublicKey\"),\n\t\t\t\t\tValue: pulumi.String(invokeFile.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-root-ca-backend-auth-policy\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-root-ca-backend-auth-policy\"),\n\t\t\tPolicyTypeName: pulumi.String(\"BackendServerAuthenticationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"PublicKeyPolicyName\"),\n\t\t\t\t\tValue: pulumi.Any(wu_tang_root_ca_pubkey_policy.PolicyName),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ssl\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ssl\"),\n\t\t\tPolicyTypeName: pulumi.String(\"SSLNegotiationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"ECDHE-ECDSA-AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.2\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerPolicy(ctx, \"wu-tang-ssl-tls-1-1\", \u0026elb.LoadBalancerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tPolicyName: pulumi.String(\"wu-tang-ssl\"),\n\t\t\tPolicyTypeName: pulumi.String(\"SSLNegotiationPolicyType\"),\n\t\t\tPolicyAttributes: elb.LoadBalancerPolicyPolicyAttributeArray{\n\t\t\t\t\u0026elb.LoadBalancerPolicyPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Reference-Security-Policy\"),\n\t\t\t\t\tValue: pulumi.String(\"ELBSecurityPolicy-TLS-1-1-2017-01\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancerBackendServerPolicy(ctx, \"wu-tang-backend-auth-policies-443\", \u0026elb.LoadBalancerBackendServerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tInstancePort: pulumi.Int(443),\n\t\t\tPolicyNames: pulumi.StringArray{\n\t\t\t\twu_tang_root_ca_backend_auth_policy.PolicyName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewListenerPolicy(ctx, \"wu-tang-listener-policies-443\", \u0026elb.ListenerPolicyArgs{\n\t\t\tLoadBalancerName: wu_tang.Name,\n\t\t\tLoadBalancerPort: pulumi.Int(443),\n\t\t\tPolicyNames: pulumi.StringArray{\n\t\t\t\twu_tang_ssl.PolicyName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.LoadBalancerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerPolicyArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerPolicyPolicyAttributeArgs;\nimport com.pulumi.aws.elb.LoadBalancerBackendServerPolicy;\nimport com.pulumi.aws.elb.LoadBalancerBackendServerPolicyArgs;\nimport com.pulumi.aws.elb.ListenerPolicy;\nimport com.pulumi.aws.elb.ListenerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var wu_tang = new LoadBalancer(\"wu-tang\", LoadBalancerArgs.builder()\n .name(\"wu-tang\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(443)\n .instanceProtocol(\"http\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::000000000000:server-certificate/wu-tang.net\")\n .build())\n .tags(Map.of(\"Name\", \"wu-tang\"))\n .build());\n\n var wu_tang_ca_pubkey_policy = new LoadBalancerPolicy(\"wu-tang-ca-pubkey-policy\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ca-pubkey-policy\")\n .policyTypeName(\"PublicKeyPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"PublicKey\")\n .value(StdFunctions.file(FileArgs.builder()\n .input(\"wu-tang-pubkey\")\n .build()).result())\n .build())\n .build());\n\n var wu_tang_root_ca_backend_auth_policy = new LoadBalancerPolicy(\"wu-tang-root-ca-backend-auth-policy\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-root-ca-backend-auth-policy\")\n .policyTypeName(\"BackendServerAuthenticationPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"PublicKeyPolicyName\")\n .value(wu_tang_root_ca_pubkey_policy.policyName())\n .build())\n .build());\n\n var wu_tang_ssl = new LoadBalancerPolicy(\"wu-tang-ssl\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ssl\")\n .policyTypeName(\"SSLNegotiationPolicyType\")\n .policyAttributes( \n LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"ECDHE-ECDSA-AES128-GCM-SHA256\")\n .value(\"true\")\n .build(),\n LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"Protocol-TLSv1.2\")\n .value(\"true\")\n .build())\n .build());\n\n var wu_tang_ssl_tls_1_1 = new LoadBalancerPolicy(\"wu-tang-ssl-tls-1-1\", LoadBalancerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .policyName(\"wu-tang-ssl\")\n .policyTypeName(\"SSLNegotiationPolicyType\")\n .policyAttributes(LoadBalancerPolicyPolicyAttributeArgs.builder()\n .name(\"Reference-Security-Policy\")\n .value(\"ELBSecurityPolicy-TLS-1-1-2017-01\")\n .build())\n .build());\n\n var wu_tang_backend_auth_policies_443 = new LoadBalancerBackendServerPolicy(\"wu-tang-backend-auth-policies-443\", LoadBalancerBackendServerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .instancePort(443)\n .policyNames(wu_tang_root_ca_backend_auth_policy.policyName())\n .build());\n\n var wu_tang_listener_policies_443 = new ListenerPolicy(\"wu-tang-listener-policies-443\", ListenerPolicyArgs.builder()\n .loadBalancerName(wu_tang.name())\n .loadBalancerPort(443)\n .policyNames(wu_tang_ssl.policyName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n wu-tang:\n type: aws:elb:LoadBalancer\n properties:\n name: wu-tang\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 443\n instanceProtocol: http\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::000000000000:server-certificate/wu-tang.net\n tags:\n Name: wu-tang\n wu-tang-ca-pubkey-policy:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ca-pubkey-policy\n policyTypeName: PublicKeyPolicyType\n policyAttributes:\n - name: PublicKey\n value:\n fn::invoke:\n Function: std:file\n Arguments:\n input: wu-tang-pubkey\n Return: result\n wu-tang-root-ca-backend-auth-policy:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-root-ca-backend-auth-policy\n policyTypeName: BackendServerAuthenticationPolicyType\n policyAttributes:\n - name: PublicKeyPolicyName\n value: ${[\"wu-tang-root-ca-pubkey-policy\"].policyName}\n wu-tang-ssl:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ssl\n policyTypeName: SSLNegotiationPolicyType\n policyAttributes:\n - name: ECDHE-ECDSA-AES128-GCM-SHA256\n value: 'true'\n - name: Protocol-TLSv1.2\n value: 'true'\n wu-tang-ssl-tls-1-1:\n type: aws:elb:LoadBalancerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n policyName: wu-tang-ssl\n policyTypeName: SSLNegotiationPolicyType\n policyAttributes:\n - name: Reference-Security-Policy\n value: ELBSecurityPolicy-TLS-1-1-2017-01\n wu-tang-backend-auth-policies-443:\n type: aws:elb:LoadBalancerBackendServerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n instancePort: 443\n policyNames:\n - ${[\"wu-tang-root-ca-backend-auth-policy\"].policyName}\n wu-tang-listener-policies-443:\n type: aws:elb:ListenerPolicy\n properties:\n loadBalancerName: ${[\"wu-tang\"].name}\n loadBalancerPort: 443\n policyNames:\n - ${[\"wu-tang-ssl\"].policyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n" }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n" }, "policyTypeName": { "type": "string", "description": "The policy type.\n" } }, "required": [ "loadBalancerName", "policyAttributes", "policyName", "policyTypeName" ], "inputProperties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n", "willReplaceOnChanges": true }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n", "willReplaceOnChanges": true }, "policyTypeName": { "type": "string", "description": "The policy type.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "loadBalancerName", "policyName", "policyTypeName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancerPolicy resources.\n", "properties": { "loadBalancerName": { "type": "string", "description": "The load balancer on which the policy is defined.\n", "willReplaceOnChanges": true }, "policyAttributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/LoadBalancerPolicyPolicyAttribute:LoadBalancerPolicyPolicyAttribute" }, "description": "Policy attribute to apply to the policy.\n" }, "policyName": { "type": "string", "description": "The name of the load balancer policy.\n", "willReplaceOnChanges": true }, "policyTypeName": { "type": "string", "description": "The policy type.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/loadBalancerPolicy:LoadBalancerPolicy" } ] }, "aws:elb/sslNegotiationPolicy:SslNegotiationPolicy": { "description": "Provides a load balancer SSL negotiation policy, which allows an ELB to control the ciphers and protocols that are supported during SSL negotiations between a client and a load balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.elb.LoadBalancer(\"lb\", {\n name: \"test-lb\",\n availabilityZones: [\"us-east-1a\"],\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"https\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: \"arn:aws:iam::123456789012:server-certificate/certName\",\n }],\n});\nconst foo = new aws.elb.SslNegotiationPolicy(\"foo\", {\n name: \"foo-policy\",\n loadBalancer: lb.id,\n lbPort: 443,\n attributes: [\n {\n name: \"Protocol-TLSv1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.1\",\n value: \"false\",\n },\n {\n name: \"Protocol-TLSv1.2\",\n value: \"true\",\n },\n {\n name: \"Server-Defined-Cipher-Order\",\n value: \"true\",\n },\n {\n name: \"ECDHE-RSA-AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"AES128-GCM-SHA256\",\n value: \"true\",\n },\n {\n name: \"EDH-RSA-DES-CBC3-SHA\",\n value: \"false\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.elb.LoadBalancer(\"lb\",\n name=\"test-lb\",\n availability_zones=[\"us-east-1a\"],\n listeners=[{\n \"instance_port\": 8000,\n \"instance_protocol\": \"https\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": \"arn:aws:iam::123456789012:server-certificate/certName\",\n }])\nfoo = aws.elb.SslNegotiationPolicy(\"foo\",\n name=\"foo-policy\",\n load_balancer=lb.id,\n lb_port=443,\n attributes=[\n {\n \"name\": \"Protocol-TLSv1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.1\",\n \"value\": \"false\",\n },\n {\n \"name\": \"Protocol-TLSv1.2\",\n \"value\": \"true\",\n },\n {\n \"name\": \"Server-Defined-Cipher-Order\",\n \"value\": \"true\",\n },\n {\n \"name\": \"ECDHE-RSA-AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"AES128-GCM-SHA256\",\n \"value\": \"true\",\n },\n {\n \"name\": \"EDH-RSA-DES-CBC3-SHA\",\n \"value\": \"false\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Elb.LoadBalancer(\"lb\", new()\n {\n Name = \"test-lb\",\n AvailabilityZones = new[]\n {\n \"us-east-1a\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"https\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = \"arn:aws:iam::123456789012:server-certificate/certName\",\n },\n },\n });\n\n var foo = new Aws.Elb.SslNegotiationPolicy(\"foo\", new()\n {\n Name = \"foo-policy\",\n LoadBalancer = lb.Id,\n LbPort = 443,\n Attributes = new[]\n {\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.1\",\n Value = \"false\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Protocol-TLSv1.2\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"Server-Defined-Cipher-Order\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"ECDHE-RSA-AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"AES128-GCM-SHA256\",\n Value = \"true\",\n },\n new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs\n {\n Name = \"EDH-RSA-DES-CBC3-SHA\",\n Value = \"false\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := elb.NewLoadBalancer(ctx, \"lb\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"test-lb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1a\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(\"arn:aws:iam::123456789012:server-certificate/certName\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewSslNegotiationPolicy(ctx, \"foo\", \u0026elb.SslNegotiationPolicyArgs{\n\t\t\tName: pulumi.String(\"foo-policy\"),\n\t\t\tLoadBalancer: lb.ID(),\n\t\t\tLbPort: pulumi.Int(443),\n\t\t\tAttributes: elb.SslNegotiationPolicyAttributeArray{\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.1\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Protocol-TLSv1.2\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"Server-Defined-Cipher-Order\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"ECDHE-RSA-AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"AES128-GCM-SHA256\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026elb.SslNegotiationPolicyAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"EDH-RSA-DES-CBC3-SHA\"),\n\t\t\t\t\tValue: pulumi.String(\"false\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.elb.SslNegotiationPolicy;\nimport com.pulumi.aws.elb.SslNegotiationPolicyArgs;\nimport com.pulumi.aws.elb.inputs.SslNegotiationPolicyAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new LoadBalancer(\"lb\", LoadBalancerArgs.builder()\n .name(\"test-lb\")\n .availabilityZones(\"us-east-1a\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"https\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(\"arn:aws:iam::123456789012:server-certificate/certName\")\n .build())\n .build());\n\n var foo = new SslNegotiationPolicy(\"foo\", SslNegotiationPolicyArgs.builder()\n .name(\"foo-policy\")\n .loadBalancer(lb.id())\n .lbPort(443)\n .attributes( \n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"Protocol-TLSv1\")\n .value(\"false\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"Protocol-TLSv1.1\")\n .value(\"false\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"Protocol-TLSv1.2\")\n .value(\"true\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"Server-Defined-Cipher-Order\")\n .value(\"true\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"ECDHE-RSA-AES128-GCM-SHA256\")\n .value(\"true\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"AES128-GCM-SHA256\")\n .value(\"true\")\n .build(),\n SslNegotiationPolicyAttributeArgs.builder()\n .name(\"EDH-RSA-DES-CBC3-SHA\")\n .value(\"false\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:elb:LoadBalancer\n properties:\n name: test-lb\n availabilityZones:\n - us-east-1a\n listeners:\n - instancePort: 8000\n instanceProtocol: https\n lbPort: 443\n lbProtocol: https\n sslCertificateId: arn:aws:iam::123456789012:server-certificate/certName\n foo:\n type: aws:elb:SslNegotiationPolicy\n properties:\n name: foo-policy\n loadBalancer: ${lb.id}\n lbPort: 443\n attributes:\n - name: Protocol-TLSv1\n value: 'false'\n - name: Protocol-TLSv1.1\n value: 'false'\n - name: Protocol-TLSv1.2\n value: 'true'\n - name: Server-Defined-Cipher-Order\n value: 'true'\n - name: ECDHE-RSA-AES128-GCM-SHA256\n value: 'true'\n - name: AES128-GCM-SHA256\n value: 'true'\n - name: EDH-RSA-DES-CBC3-SHA\n value: 'false'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n" }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n" }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n" }, "name": { "type": "string", "description": "The name of the SSL negotiation policy.\n" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n\nTo set your attributes, please see the [AWS Elastic Load Balancing Developer Guide](http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html) for a listing of the supported SSL protocols, SSL options, and SSL ciphers.\n\n\u003e **NOTE:** The AWS documentation references Server Order Preference, which the AWS Elastic Load Balancing API refers to as `Server-Defined-Cipher-Order`. If you wish to set Server Order Preference, use this value instead.\n" } }, "required": [ "lbPort", "loadBalancer", "name" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the SSL negotiation policy.\n", "willReplaceOnChanges": true }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n\nTo set your attributes, please see the [AWS Elastic Load Balancing Developer Guide](http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html) for a listing of the supported SSL protocols, SSL options, and SSL ciphers.\n\n\u003e **NOTE:** The AWS documentation references Server Order Preference, which the AWS Elastic Load Balancing API refers to as `Server-Defined-Cipher-Order`. If you wish to set Server Order Preference, use this value instead.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "lbPort", "loadBalancer" ], "stateInputs": { "description": "Input properties used for looking up and filtering SslNegotiationPolicy resources.\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:elb/SslNegotiationPolicyAttribute:SslNegotiationPolicyAttribute" }, "description": "An SSL Negotiation policy attribute. Each has two properties:\n", "willReplaceOnChanges": true }, "lbPort": { "type": "integer", "description": "The load balancer port to which the policy\nshould be applied. This must be an active listener on the load\nbalancer.\n", "willReplaceOnChanges": true }, "loadBalancer": { "type": "string", "description": "The load balancer to which the policy\nshould be attached.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the SSL negotiation policy.\n", "willReplaceOnChanges": true }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a redeployment.\n\nTo set your attributes, please see the [AWS Elastic Load Balancing Developer Guide](http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html) for a listing of the supported SSL protocols, SSL options, and SSL ciphers.\n\n\u003e **NOTE:** The AWS documentation references Server Order Preference, which the AWS Elastic Load Balancing API refers to as `Server-Defined-Cipher-Order`. If you wish to set Server Order Preference, use this value instead.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancing/sslNegotiationPolicy:SslNegotiationPolicy" } ] }, "aws:emr/blockPublicAccessConfiguration:BlockPublicAccessConfiguration": { "description": "Resource for managing an AWS EMR block public access configuration. This region level security configuration restricts the launch of EMR clusters that have associated security groups permitting public access on unspecified ports. See the [EMR Block Public Access Configuration](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-block-public-access.html) documentation for further information.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.BlockPublicAccessConfiguration(\"example\", {blockPublicSecurityGroupRules: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.BlockPublicAccessConfiguration(\"example\", block_public_security_group_rules=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.BlockPublicAccessConfiguration(\"example\", new()\n {\n BlockPublicSecurityGroupRules = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewBlockPublicAccessConfiguration(ctx, \"example\", \u0026emr.BlockPublicAccessConfigurationArgs{\n\t\t\tBlockPublicSecurityGroupRules: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.BlockPublicAccessConfiguration;\nimport com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BlockPublicAccessConfiguration(\"example\", BlockPublicAccessConfigurationArgs.builder()\n .blockPublicSecurityGroupRules(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:BlockPublicAccessConfiguration\n properties:\n blockPublicSecurityGroupRules: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Default Configuration\n\nBy default, each AWS region is equipped with a block public access configuration that prevents EMR clusters from being launched if they have security group rules permitting public access on any port except for port 22. The default configuration can be managed using this resource.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.BlockPublicAccessConfiguration(\"example\", {\n blockPublicSecurityGroupRules: true,\n permittedPublicSecurityGroupRuleRanges: [{\n minRange: 22,\n maxRange: 22,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.BlockPublicAccessConfiguration(\"example\",\n block_public_security_group_rules=True,\n permitted_public_security_group_rule_ranges=[{\n \"min_range\": 22,\n \"max_range\": 22,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.BlockPublicAccessConfiguration(\"example\", new()\n {\n BlockPublicSecurityGroupRules = true,\n PermittedPublicSecurityGroupRuleRanges = new[]\n {\n new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs\n {\n MinRange = 22,\n MaxRange = 22,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewBlockPublicAccessConfiguration(ctx, \"example\", \u0026emr.BlockPublicAccessConfigurationArgs{\n\t\t\tBlockPublicSecurityGroupRules: pulumi.Bool(true),\n\t\t\tPermittedPublicSecurityGroupRuleRanges: emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArray{\n\t\t\t\t\u0026emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{\n\t\t\t\t\tMinRange: pulumi.Int(22),\n\t\t\t\t\tMaxRange: pulumi.Int(22),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.BlockPublicAccessConfiguration;\nimport com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;\nimport com.pulumi.aws.emr.inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BlockPublicAccessConfiguration(\"example\", BlockPublicAccessConfigurationArgs.builder()\n .blockPublicSecurityGroupRules(true)\n .permittedPublicSecurityGroupRuleRanges(BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()\n .minRange(22)\n .maxRange(22)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:BlockPublicAccessConfiguration\n properties:\n blockPublicSecurityGroupRules: true\n permittedPublicSecurityGroupRuleRanges:\n - minRange: 22\n maxRange: 22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** If an `aws.emr.BlockPublicAccessConfiguration` resource is destroyed, the configuration will reset to this default configuration.\n\n### Multiple Permitted Public Security Group Rule Ranges\n\nThe resource permits specification of multiple `permitted_public_security_group_rule_range` blocks.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.BlockPublicAccessConfiguration(\"example\", {\n blockPublicSecurityGroupRules: true,\n permittedPublicSecurityGroupRuleRanges: [\n {\n minRange: 22,\n maxRange: 22,\n },\n {\n minRange: 100,\n maxRange: 101,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.BlockPublicAccessConfiguration(\"example\",\n block_public_security_group_rules=True,\n permitted_public_security_group_rule_ranges=[\n {\n \"min_range\": 22,\n \"max_range\": 22,\n },\n {\n \"min_range\": 100,\n \"max_range\": 101,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.BlockPublicAccessConfiguration(\"example\", new()\n {\n BlockPublicSecurityGroupRules = true,\n PermittedPublicSecurityGroupRuleRanges = new[]\n {\n new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs\n {\n MinRange = 22,\n MaxRange = 22,\n },\n new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs\n {\n MinRange = 100,\n MaxRange = 101,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewBlockPublicAccessConfiguration(ctx, \"example\", \u0026emr.BlockPublicAccessConfigurationArgs{\n\t\t\tBlockPublicSecurityGroupRules: pulumi.Bool(true),\n\t\t\tPermittedPublicSecurityGroupRuleRanges: emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArray{\n\t\t\t\t\u0026emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{\n\t\t\t\t\tMinRange: pulumi.Int(22),\n\t\t\t\t\tMaxRange: pulumi.Int(22),\n\t\t\t\t},\n\t\t\t\t\u0026emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{\n\t\t\t\t\tMinRange: pulumi.Int(100),\n\t\t\t\t\tMaxRange: pulumi.Int(101),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.BlockPublicAccessConfiguration;\nimport com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;\nimport com.pulumi.aws.emr.inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BlockPublicAccessConfiguration(\"example\", BlockPublicAccessConfigurationArgs.builder()\n .blockPublicSecurityGroupRules(true)\n .permittedPublicSecurityGroupRuleRanges( \n BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()\n .minRange(22)\n .maxRange(22)\n .build(),\n BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()\n .minRange(100)\n .maxRange(101)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:BlockPublicAccessConfiguration\n properties:\n blockPublicSecurityGroupRules: true\n permittedPublicSecurityGroupRuleRanges:\n - minRange: 22\n maxRange: 22\n - minRange: 100\n maxRange: 101\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Disabling Block Public Access\n\nTo permit EMR clusters to be launched in the configured region regardless of associated security group rules, the Block Public Access feature can be disabled using this resource.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.BlockPublicAccessConfiguration(\"example\", {blockPublicSecurityGroupRules: false});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.BlockPublicAccessConfiguration(\"example\", block_public_security_group_rules=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.BlockPublicAccessConfiguration(\"example\", new()\n {\n BlockPublicSecurityGroupRules = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewBlockPublicAccessConfiguration(ctx, \"example\", \u0026emr.BlockPublicAccessConfigurationArgs{\n\t\t\tBlockPublicSecurityGroupRules: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.BlockPublicAccessConfiguration;\nimport com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BlockPublicAccessConfiguration(\"example\", BlockPublicAccessConfigurationArgs.builder()\n .blockPublicSecurityGroupRules(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:BlockPublicAccessConfiguration\n properties:\n blockPublicSecurityGroupRules: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the current EMR Block Public Access Configuration. For example:\n\n```sh\n$ pulumi import aws:emr/blockPublicAccessConfiguration:BlockPublicAccessConfiguration example current\n```\n", "properties": { "blockPublicSecurityGroupRules": { "type": "boolean", "description": "Enable or disable EMR Block Public Access.\n\nThe following arguments are optional:\n" }, "permittedPublicSecurityGroupRuleRanges": { "type": "array", "items": { "$ref": "#/types/aws:emr/BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange:BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange" }, "description": "Configuration block for defining permitted public security group rule port ranges. Can be defined multiple times per resource. Only valid if `block_public_security_group_rules` is set to `true`.\n" } }, "required": [ "blockPublicSecurityGroupRules" ], "inputProperties": { "blockPublicSecurityGroupRules": { "type": "boolean", "description": "Enable or disable EMR Block Public Access.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "permittedPublicSecurityGroupRuleRanges": { "type": "array", "items": { "$ref": "#/types/aws:emr/BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange:BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange" }, "description": "Configuration block for defining permitted public security group rule port ranges. Can be defined multiple times per resource. Only valid if `block_public_security_group_rules` is set to `true`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "blockPublicSecurityGroupRules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BlockPublicAccessConfiguration resources.\n", "properties": { "blockPublicSecurityGroupRules": { "type": "boolean", "description": "Enable or disable EMR Block Public Access.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "permittedPublicSecurityGroupRuleRanges": { "type": "array", "items": { "$ref": "#/types/aws:emr/BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange:BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRange" }, "description": "Configuration block for defining permitted public security group rule port ranges. Can be defined multiple times per resource. Only valid if `block_public_security_group_rules` is set to `true`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emr/cluster:Cluster": { "description": "Provides an Elastic MapReduce Cluster, a web service that makes it easy to process large amounts of data efficiently. See [Amazon Elastic MapReduce Documentation](https://aws.amazon.com/documentation/elastic-mapreduce/) for more information.\n\nTo configure [Instance Groups](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for [task nodes](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-task), see the `aws.emr.InstanceGroup` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = new aws.emr.Cluster(\"cluster\", {\n name: \"emr-test-arn\",\n releaseLabel: \"emr-4.6.0\",\n applications: [\"Spark\"],\n additionalInfo: `{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n`,\n terminationProtection: false,\n keepJobFlowAliveWhenNoSteps: true,\n ec2Attributes: {\n subnetId: main.id,\n emrManagedMasterSecurityGroup: sg.id,\n emrManagedSlaveSecurityGroup: sg.id,\n instanceProfile: emrProfile.arn,\n },\n masterInstanceGroup: {\n instanceType: \"m4.large\",\n },\n coreInstanceGroup: {\n instanceType: \"c4.large\",\n instanceCount: 1,\n ebsConfigs: [{\n size: 40,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n bidPrice: \"0.30\",\n autoscalingPolicy: `{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n`,\n },\n ebsRootVolumeSize: 100,\n tags: {\n role: \"rolename\",\n env: \"env\",\n },\n bootstrapActions: [{\n path: \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n name: \"runif\",\n args: [\n \"instance.isMaster=true\",\n \"echo running on master node\",\n ],\n }],\n configurationsJson: ` [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n`,\n serviceRole: iamEmrServiceRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.emr.Cluster(\"cluster\",\n name=\"emr-test-arn\",\n release_label=\"emr-4.6.0\",\n applications=[\"Spark\"],\n additional_info=\"\"\"{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n\"\"\",\n termination_protection=False,\n keep_job_flow_alive_when_no_steps=True,\n ec2_attributes={\n \"subnet_id\": main[\"id\"],\n \"emr_managed_master_security_group\": sg[\"id\"],\n \"emr_managed_slave_security_group\": sg[\"id\"],\n \"instance_profile\": emr_profile[\"arn\"],\n },\n master_instance_group={\n \"instance_type\": \"m4.large\",\n },\n core_instance_group={\n \"instance_type\": \"c4.large\",\n \"instance_count\": 1,\n \"ebs_configs\": [{\n \"size\": 40,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"bid_price\": \"0.30\",\n \"autoscaling_policy\": \"\"\"{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n\"\"\",\n },\n ebs_root_volume_size=100,\n tags={\n \"role\": \"rolename\",\n \"env\": \"env\",\n },\n bootstrap_actions=[{\n \"path\": \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n \"name\": \"runif\",\n \"args\": [\n \"instance.isMaster=true\",\n \"echo running on master node\",\n ],\n }],\n configurations_json=\"\"\" [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n\"\"\",\n service_role=iam_emr_service_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = new Aws.Emr.Cluster(\"cluster\", new()\n {\n Name = \"emr-test-arn\",\n ReleaseLabel = \"emr-4.6.0\",\n Applications = new[]\n {\n \"Spark\",\n },\n AdditionalInfo = @\"{\n \"\"instanceAwsClientConfiguration\"\": {\n \"\"proxyPort\"\": 8099,\n \"\"proxyHost\"\": \"\"myproxy.example.com\"\"\n }\n}\n\",\n TerminationProtection = false,\n KeepJobFlowAliveWhenNoSteps = true,\n Ec2Attributes = new Aws.Emr.Inputs.ClusterEc2AttributesArgs\n {\n SubnetId = main.Id,\n EmrManagedMasterSecurityGroup = sg.Id,\n EmrManagedSlaveSecurityGroup = sg.Id,\n InstanceProfile = emrProfile.Arn,\n },\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceType = \"m4.large\",\n },\n CoreInstanceGroup = new Aws.Emr.Inputs.ClusterCoreInstanceGroupArgs\n {\n InstanceType = \"c4.large\",\n InstanceCount = 1,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceGroupEbsConfigArgs\n {\n Size = 40,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n BidPrice = \"0.30\",\n AutoscalingPolicy = @\"{\n\"\"Constraints\"\": {\n \"\"MinCapacity\"\": 1,\n \"\"MaxCapacity\"\": 2\n},\n\"\"Rules\"\": [\n {\n \"\"Name\"\": \"\"ScaleOutMemoryPercentage\"\",\n \"\"Description\"\": \"\"Scale out if YARNMemoryAvailablePercentage is less than 15\"\",\n \"\"Action\"\": {\n \"\"SimpleScalingPolicyConfiguration\"\": {\n \"\"AdjustmentType\"\": \"\"CHANGE_IN_CAPACITY\"\",\n \"\"ScalingAdjustment\"\": 1,\n \"\"CoolDown\"\": 300\n }\n },\n \"\"Trigger\"\": {\n \"\"CloudWatchAlarmDefinition\"\": {\n \"\"ComparisonOperator\"\": \"\"LESS_THAN\"\",\n \"\"EvaluationPeriods\"\": 1,\n \"\"MetricName\"\": \"\"YARNMemoryAvailablePercentage\"\",\n \"\"Namespace\"\": \"\"AWS/ElasticMapReduce\"\",\n \"\"Period\"\": 300,\n \"\"Statistic\"\": \"\"AVERAGE\"\",\n \"\"Threshold\"\": 15.0,\n \"\"Unit\"\": \"\"PERCENT\"\"\n }\n }\n }\n]\n}\n\",\n },\n EbsRootVolumeSize = 100,\n Tags = \n {\n { \"role\", \"rolename\" },\n { \"env\", \"env\" },\n },\n BootstrapActions = new[]\n {\n new Aws.Emr.Inputs.ClusterBootstrapActionArgs\n {\n Path = \"s3://elasticmapreduce/bootstrap-actions/run-if\",\n Name = \"runif\",\n Args = new[]\n {\n \"instance.isMaster=true\",\n \"echo running on master node\",\n },\n },\n },\n ConfigurationsJson = @\" [\n {\n \"\"Classification\"\": \"\"hadoop-env\"\",\n \"\"Configurations\"\": [\n {\n \"\"Classification\"\": \"\"export\"\",\n \"\"Properties\"\": {\n \"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n }\n }\n ],\n \"\"Properties\"\": {}\n },\n {\n \"\"Classification\"\": \"\"spark-env\"\",\n \"\"Configurations\"\": [\n {\n \"\"Classification\"\": \"\"export\"\",\n \"\"Properties\"\": {\n \"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n }\n }\n ],\n \"\"Properties\"\": {}\n }\n ]\n\",\n ServiceRole = iamEmrServiceRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewCluster(ctx, \"cluster\", \u0026emr.ClusterArgs{\n\t\t\tName: pulumi.String(\"emr-test-arn\"),\n\t\t\tReleaseLabel: pulumi.String(\"emr-4.6.0\"),\n\t\t\tApplications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Spark\"),\n\t\t\t},\n\t\t\tAdditionalInfo: pulumi.String(`{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n`),\n\t\t\tTerminationProtection: pulumi.Bool(false),\n\t\t\tKeepJobFlowAliveWhenNoSteps: pulumi.Bool(true),\n\t\t\tEc2Attributes: \u0026emr.ClusterEc2AttributesArgs{\n\t\t\t\tSubnetId: pulumi.Any(main.Id),\n\t\t\t\tEmrManagedMasterSecurityGroup: pulumi.Any(sg.Id),\n\t\t\t\tEmrManagedSlaveSecurityGroup: pulumi.Any(sg.Id),\n\t\t\t\tInstanceProfile: pulumi.Any(emrProfile.Arn),\n\t\t\t},\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(\"m4.large\"),\n\t\t\t},\n\t\t\tCoreInstanceGroup: \u0026emr.ClusterCoreInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\t\tEbsConfigs: emr.ClusterCoreInstanceGroupEbsConfigArray{\n\t\t\t\t\t\u0026emr.ClusterCoreInstanceGroupEbsConfigArgs{\n\t\t\t\t\t\tSize: pulumi.Int(40),\n\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tBidPrice: pulumi.String(\"0.30\"),\n\t\t\t\tAutoscalingPolicy: pulumi.String(`{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n`),\n\t\t\t},\n\t\t\tEbsRootVolumeSize: pulumi.Int(100),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"role\": pulumi.String(\"rolename\"),\n\t\t\t\t\"env\": pulumi.String(\"env\"),\n\t\t\t},\n\t\t\tBootstrapActions: emr.ClusterBootstrapActionArray{\n\t\t\t\t\u0026emr.ClusterBootstrapActionArgs{\n\t\t\t\t\tPath: pulumi.String(\"s3://elasticmapreduce/bootstrap-actions/run-if\"),\n\t\t\t\t\tName: pulumi.String(\"runif\"),\n\t\t\t\t\tArgs: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"instance.isMaster=true\"),\n\t\t\t\t\t\tpulumi.String(\"echo running on master node\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConfigurationsJson: pulumi.String(` [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n`),\n\t\t\tServiceRole: pulumi.Any(iamEmrServiceRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterEc2AttributesArgs;\nimport com.pulumi.aws.emr.inputs.ClusterMasterInstanceGroupArgs;\nimport com.pulumi.aws.emr.inputs.ClusterCoreInstanceGroupArgs;\nimport com.pulumi.aws.emr.inputs.ClusterBootstrapActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cluster = new Cluster(\"cluster\", ClusterArgs.builder()\n .name(\"emr-test-arn\")\n .releaseLabel(\"emr-4.6.0\")\n .applications(\"Spark\")\n .additionalInfo(\"\"\"\n{\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n}\n \"\"\")\n .terminationProtection(false)\n .keepJobFlowAliveWhenNoSteps(true)\n .ec2Attributes(ClusterEc2AttributesArgs.builder()\n .subnetId(main.id())\n .emrManagedMasterSecurityGroup(sg.id())\n .emrManagedSlaveSecurityGroup(sg.id())\n .instanceProfile(emrProfile.arn())\n .build())\n .masterInstanceGroup(ClusterMasterInstanceGroupArgs.builder()\n .instanceType(\"m4.large\")\n .build())\n .coreInstanceGroup(ClusterCoreInstanceGroupArgs.builder()\n .instanceType(\"c4.large\")\n .instanceCount(1)\n .ebsConfigs(ClusterCoreInstanceGroupEbsConfigArgs.builder()\n .size(\"40\")\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .bidPrice(\"0.30\")\n .autoscalingPolicy(\"\"\"\n{\n\"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n},\n\"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n]\n}\n \"\"\")\n .build())\n .ebsRootVolumeSize(100)\n .tags(Map.ofEntries(\n Map.entry(\"role\", \"rolename\"),\n Map.entry(\"env\", \"env\")\n ))\n .bootstrapActions(ClusterBootstrapActionArgs.builder()\n .path(\"s3://elasticmapreduce/bootstrap-actions/run-if\")\n .name(\"runif\")\n .args( \n \"instance.isMaster=true\",\n \"echo running on master node\")\n .build())\n .configurationsJson(\"\"\"\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n \"\"\")\n .serviceRole(iamEmrServiceRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster:\n type: aws:emr:Cluster\n properties:\n name: emr-test-arn\n releaseLabel: emr-4.6.0\n applications:\n - Spark\n additionalInfo: |\n {\n \"instanceAwsClientConfiguration\": {\n \"proxyPort\": 8099,\n \"proxyHost\": \"myproxy.example.com\"\n }\n }\n terminationProtection: false\n keepJobFlowAliveWhenNoSteps: true\n ec2Attributes:\n subnetId: ${main.id}\n emrManagedMasterSecurityGroup: ${sg.id}\n emrManagedSlaveSecurityGroup: ${sg.id}\n instanceProfile: ${emrProfile.arn}\n masterInstanceGroup:\n instanceType: m4.large\n coreInstanceGroup:\n instanceType: c4.large\n instanceCount: 1\n ebsConfigs:\n - size: '40'\n type: gp2\n volumesPerInstance: 1\n bidPrice: '0.30'\n autoscalingPolicy: |\n {\n \"Constraints\": {\n \"MinCapacity\": 1,\n \"MaxCapacity\": 2\n },\n \"Rules\": [\n {\n \"Name\": \"ScaleOutMemoryPercentage\",\n \"Description\": \"Scale out if YARNMemoryAvailablePercentage is less than 15\",\n \"Action\": {\n \"SimpleScalingPolicyConfiguration\": {\n \"AdjustmentType\": \"CHANGE_IN_CAPACITY\",\n \"ScalingAdjustment\": 1,\n \"CoolDown\": 300\n }\n },\n \"Trigger\": {\n \"CloudWatchAlarmDefinition\": {\n \"ComparisonOperator\": \"LESS_THAN\",\n \"EvaluationPeriods\": 1,\n \"MetricName\": \"YARNMemoryAvailablePercentage\",\n \"Namespace\": \"AWS/ElasticMapReduce\",\n \"Period\": 300,\n \"Statistic\": \"AVERAGE\",\n \"Threshold\": 15.0,\n \"Unit\": \"PERCENT\"\n }\n }\n }\n ]\n }\n ebsRootVolumeSize: 100\n tags:\n role: rolename\n env: env\n bootstrapActions:\n - path: s3://elasticmapreduce/bootstrap-actions/run-if\n name: runif\n args:\n - instance.isMaster=true\n - echo running on master node\n configurationsJson: |2\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n },\n {\n \"Classification\": \"spark-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n serviceRole: ${iamEmrServiceRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe `aws.emr.Cluster` resource typically requires two IAM roles, one for the EMR Cluster to use as a service role, and another is assigned to every EC2 instance in a cluster and each application process that runs on a cluster assumes this role for permissions to interact with other AWS services. An additional role, the Auto Scaling role, is required if your cluster uses automatic scaling in Amazon EMR.\n\nThe default AWS managed EMR service role is called `EMR_DefaultRole` with Amazon managed policy `AmazonEMRServicePolicy_v2` attached. The name of default instance profile role is `EMR_EC2_DefaultRole` with default managed policy `AmazonElasticMapReduceforEC2Role` attached, but it is on the path to deprecation and will not be replaced with another default managed policy. You'll need to create and specify an instance profile to replace the deprecated role and default policy. See the [Configure IAM service roles for Amazon EMR](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-iam-roles.html) guide for more information on these IAM roles. There is also a fully-bootable example Pulumi configuration at the bottom of this page.\n\n### Instance Fleet\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.Cluster(\"example\", {\n masterInstanceFleet: {\n instanceTypeConfigs: [{\n instanceType: \"m4.xlarge\",\n }],\n targetOnDemandCapacity: 1,\n },\n coreInstanceFleet: {\n instanceTypeConfigs: [\n {\n bidPriceAsPercentageOfOnDemandPrice: 80,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m3.xlarge\",\n weightedCapacity: 1,\n },\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.xlarge\",\n weightedCapacity: 1,\n },\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.2xlarge\",\n weightedCapacity: 2,\n },\n ],\n launchSpecifications: {\n spotSpecifications: [{\n allocationStrategy: \"capacity-optimized\",\n blockDurationMinutes: 0,\n timeoutAction: \"SWITCH_TO_ON_DEMAND\",\n timeoutDurationMinutes: 10,\n }],\n },\n name: \"core fleet\",\n targetOnDemandCapacity: 2,\n targetSpotCapacity: 2,\n },\n});\nconst task = new aws.emr.InstanceFleet(\"task\", {\n clusterId: example.id,\n instanceTypeConfigs: [\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.xlarge\",\n weightedCapacity: 1,\n },\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.2xlarge\",\n weightedCapacity: 2,\n },\n ],\n launchSpecifications: {\n spotSpecifications: [{\n allocationStrategy: \"capacity-optimized\",\n blockDurationMinutes: 0,\n timeoutAction: \"TERMINATE_CLUSTER\",\n timeoutDurationMinutes: 10,\n }],\n },\n name: \"task fleet\",\n targetOnDemandCapacity: 1,\n targetSpotCapacity: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.Cluster(\"example\",\n master_instance_fleet={\n \"instance_type_configs\": [{\n \"instance_type\": \"m4.xlarge\",\n }],\n \"target_on_demand_capacity\": 1,\n },\n core_instance_fleet={\n \"instance_type_configs\": [\n {\n \"bid_price_as_percentage_of_on_demand_price\": 80,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m3.xlarge\",\n \"weighted_capacity\": 1,\n },\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.xlarge\",\n \"weighted_capacity\": 1,\n },\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.2xlarge\",\n \"weighted_capacity\": 2,\n },\n ],\n \"launch_specifications\": {\n \"spot_specifications\": [{\n \"allocation_strategy\": \"capacity-optimized\",\n \"block_duration_minutes\": 0,\n \"timeout_action\": \"SWITCH_TO_ON_DEMAND\",\n \"timeout_duration_minutes\": 10,\n }],\n },\n \"name\": \"core fleet\",\n \"target_on_demand_capacity\": 2,\n \"target_spot_capacity\": 2,\n })\ntask = aws.emr.InstanceFleet(\"task\",\n cluster_id=example.id,\n instance_type_configs=[\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.xlarge\",\n \"weighted_capacity\": 1,\n },\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.2xlarge\",\n \"weighted_capacity\": 2,\n },\n ],\n launch_specifications={\n \"spot_specifications\": [{\n \"allocation_strategy\": \"capacity-optimized\",\n \"block_duration_minutes\": 0,\n \"timeout_action\": \"TERMINATE_CLUSTER\",\n \"timeout_duration_minutes\": 10,\n }],\n },\n name=\"task fleet\",\n target_on_demand_capacity=1,\n target_spot_capacity=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.Cluster(\"example\", new()\n {\n MasterInstanceFleet = new Aws.Emr.Inputs.ClusterMasterInstanceFleetArgs\n {\n InstanceTypeConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterMasterInstanceFleetInstanceTypeConfigArgs\n {\n InstanceType = \"m4.xlarge\",\n },\n },\n TargetOnDemandCapacity = 1,\n },\n CoreInstanceFleet = new Aws.Emr.Inputs.ClusterCoreInstanceFleetArgs\n {\n InstanceTypeConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 80,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m3.xlarge\",\n WeightedCapacity = 1,\n },\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.xlarge\",\n WeightedCapacity = 1,\n },\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.2xlarge\",\n WeightedCapacity = 2,\n },\n },\n LaunchSpecifications = new Aws.Emr.Inputs.ClusterCoreInstanceFleetLaunchSpecificationsArgs\n {\n SpotSpecifications = new[]\n {\n new Aws.Emr.Inputs.ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecificationArgs\n {\n AllocationStrategy = \"capacity-optimized\",\n BlockDurationMinutes = 0,\n TimeoutAction = \"SWITCH_TO_ON_DEMAND\",\n TimeoutDurationMinutes = 10,\n },\n },\n },\n Name = \"core fleet\",\n TargetOnDemandCapacity = 2,\n TargetSpotCapacity = 2,\n },\n });\n\n var task = new Aws.Emr.InstanceFleet(\"task\", new()\n {\n ClusterId = example.Id,\n InstanceTypeConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.xlarge\",\n WeightedCapacity = 1,\n },\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.2xlarge\",\n WeightedCapacity = 2,\n },\n },\n LaunchSpecifications = new Aws.Emr.Inputs.InstanceFleetLaunchSpecificationsArgs\n {\n SpotSpecifications = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetLaunchSpecificationsSpotSpecificationArgs\n {\n AllocationStrategy = \"capacity-optimized\",\n BlockDurationMinutes = 0,\n TimeoutAction = \"TERMINATE_CLUSTER\",\n TimeoutDurationMinutes = 10,\n },\n },\n },\n Name = \"task fleet\",\n TargetOnDemandCapacity = 1,\n TargetSpotCapacity = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := emr.NewCluster(ctx, \"example\", \u0026emr.ClusterArgs{\n\t\t\tMasterInstanceFleet: \u0026emr.ClusterMasterInstanceFleetArgs{\n\t\t\t\tInstanceTypeConfigs: emr.ClusterMasterInstanceFleetInstanceTypeConfigArray{\n\t\t\t\t\t\u0026emr.ClusterMasterInstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\t\tInstanceType: pulumi.String(\"m4.xlarge\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTargetOnDemandCapacity: pulumi.Int(1),\n\t\t\t},\n\t\t\tCoreInstanceFleet: \u0026emr.ClusterCoreInstanceFleetArgs{\n\t\t\t\tInstanceTypeConfigs: emr.ClusterCoreInstanceFleetInstanceTypeConfigArray{\n\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(80),\n\t\t\t\t\t\tEbsConfigs: emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tInstanceType: pulumi.String(\"m3.xlarge\"),\n\t\t\t\t\t\tWeightedCapacity: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\t\tEbsConfigs: emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tInstanceType: pulumi.String(\"m4.xlarge\"),\n\t\t\t\t\t\tWeightedCapacity: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\t\tEbsConfigs: emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tInstanceType: pulumi.String(\"m4.2xlarge\"),\n\t\t\t\t\t\tWeightedCapacity: pulumi.Int(2),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLaunchSpecifications: \u0026emr.ClusterCoreInstanceFleetLaunchSpecificationsArgs{\n\t\t\t\t\tSpotSpecifications: emr.ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecificationArray{\n\t\t\t\t\t\t\u0026emr.ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecificationArgs{\n\t\t\t\t\t\t\tAllocationStrategy: pulumi.String(\"capacity-optimized\"),\n\t\t\t\t\t\t\tBlockDurationMinutes: pulumi.Int(0),\n\t\t\t\t\t\t\tTimeoutAction: pulumi.String(\"SWITCH_TO_ON_DEMAND\"),\n\t\t\t\t\t\t\tTimeoutDurationMinutes: pulumi.Int(10),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tName: pulumi.String(\"core fleet\"),\n\t\t\t\tTargetOnDemandCapacity: pulumi.Int(2),\n\t\t\t\tTargetSpotCapacity: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = emr.NewInstanceFleet(ctx, \"task\", \u0026emr.InstanceFleetArgs{\n\t\t\tClusterId: example.ID(),\n\t\t\tInstanceTypeConfigs: emr.InstanceFleetInstanceTypeConfigArray{\n\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\tEbsConfigs: emr.InstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\tEbsConfigs: emr.InstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.2xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchSpecifications: \u0026emr.InstanceFleetLaunchSpecificationsArgs{\n\t\t\t\tSpotSpecifications: emr.InstanceFleetLaunchSpecificationsSpotSpecificationArray{\n\t\t\t\t\t\u0026emr.InstanceFleetLaunchSpecificationsSpotSpecificationArgs{\n\t\t\t\t\t\tAllocationStrategy: pulumi.String(\"capacity-optimized\"),\n\t\t\t\t\t\tBlockDurationMinutes: pulumi.Int(0),\n\t\t\t\t\t\tTimeoutAction: pulumi.String(\"TERMINATE_CLUSTER\"),\n\t\t\t\t\t\tTimeoutDurationMinutes: pulumi.Int(10),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"task fleet\"),\n\t\t\tTargetOnDemandCapacity: pulumi.Int(1),\n\t\t\tTargetSpotCapacity: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterMasterInstanceFleetArgs;\nimport com.pulumi.aws.emr.inputs.ClusterCoreInstanceFleetArgs;\nimport com.pulumi.aws.emr.inputs.ClusterCoreInstanceFleetLaunchSpecificationsArgs;\nimport com.pulumi.aws.emr.InstanceFleet;\nimport com.pulumi.aws.emr.InstanceFleetArgs;\nimport com.pulumi.aws.emr.inputs.InstanceFleetInstanceTypeConfigArgs;\nimport com.pulumi.aws.emr.inputs.InstanceFleetLaunchSpecificationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .masterInstanceFleet(ClusterMasterInstanceFleetArgs.builder()\n .instanceTypeConfigs(ClusterMasterInstanceFleetInstanceTypeConfigArgs.builder()\n .instanceType(\"m4.xlarge\")\n .build())\n .targetOnDemandCapacity(1)\n .build())\n .coreInstanceFleet(ClusterCoreInstanceFleetArgs.builder()\n .instanceTypeConfigs( \n ClusterCoreInstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(80)\n .ebsConfigs(ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m3.xlarge\")\n .weightedCapacity(1)\n .build(),\n ClusterCoreInstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.xlarge\")\n .weightedCapacity(1)\n .build(),\n ClusterCoreInstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(ClusterCoreInstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.2xlarge\")\n .weightedCapacity(2)\n .build())\n .launchSpecifications(ClusterCoreInstanceFleetLaunchSpecificationsArgs.builder()\n .spotSpecifications(ClusterCoreInstanceFleetLaunchSpecificationsSpotSpecificationArgs.builder()\n .allocationStrategy(\"capacity-optimized\")\n .blockDurationMinutes(0)\n .timeoutAction(\"SWITCH_TO_ON_DEMAND\")\n .timeoutDurationMinutes(10)\n .build())\n .build())\n .name(\"core fleet\")\n .targetOnDemandCapacity(2)\n .targetSpotCapacity(2)\n .build())\n .build());\n\n var task = new InstanceFleet(\"task\", InstanceFleetArgs.builder()\n .clusterId(example.id())\n .instanceTypeConfigs( \n InstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(InstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.xlarge\")\n .weightedCapacity(1)\n .build(),\n InstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(InstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.2xlarge\")\n .weightedCapacity(2)\n .build())\n .launchSpecifications(InstanceFleetLaunchSpecificationsArgs.builder()\n .spotSpecifications(InstanceFleetLaunchSpecificationsSpotSpecificationArgs.builder()\n .allocationStrategy(\"capacity-optimized\")\n .blockDurationMinutes(0)\n .timeoutAction(\"TERMINATE_CLUSTER\")\n .timeoutDurationMinutes(10)\n .build())\n .build())\n .name(\"task fleet\")\n .targetOnDemandCapacity(1)\n .targetSpotCapacity(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:Cluster\n properties:\n masterInstanceFleet:\n instanceTypeConfigs:\n - instanceType: m4.xlarge\n targetOnDemandCapacity: 1\n coreInstanceFleet:\n instanceTypeConfigs:\n - bidPriceAsPercentageOfOnDemandPrice: 80\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m3.xlarge\n weightedCapacity: 1\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.xlarge\n weightedCapacity: 1\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.2xlarge\n weightedCapacity: 2\n launchSpecifications:\n spotSpecifications:\n - allocationStrategy: capacity-optimized\n blockDurationMinutes: 0\n timeoutAction: SWITCH_TO_ON_DEMAND\n timeoutDurationMinutes: 10\n name: core fleet\n targetOnDemandCapacity: 2\n targetSpotCapacity: 2\n task:\n type: aws:emr:InstanceFleet\n properties:\n clusterId: ${example.id}\n instanceTypeConfigs:\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.xlarge\n weightedCapacity: 1\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.2xlarge\n weightedCapacity: 2\n launchSpecifications:\n spotSpecifications:\n - allocationStrategy: capacity-optimized\n blockDurationMinutes: 0\n timeoutAction: TERMINATE_CLUSTER\n timeoutDurationMinutes: 10\n name: task fleet\n targetOnDemandCapacity: 1\n targetSpotCapacity: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable Debug Logging\n\n[Debug logging in EMR](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-debugging.html) is implemented as a step. It is highly recommended that you utilize the resource options configuration with `ignoreChanges` if other steps are being managed outside of this provider.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.Cluster(\"example\", {steps: [{\n actionOnFailure: \"TERMINATE_CLUSTER\",\n name: \"Setup Hadoop Debugging\",\n hadoopJarStep: {\n jar: \"command-runner.jar\",\n args: [\"state-pusher-script\"],\n },\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.Cluster(\"example\", steps=[{\n \"action_on_failure\": \"TERMINATE_CLUSTER\",\n \"name\": \"Setup Hadoop Debugging\",\n \"hadoop_jar_step\": {\n \"jar\": \"command-runner.jar\",\n \"args\": [\"state-pusher-script\"],\n },\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.Cluster(\"example\", new()\n {\n Steps = new[]\n {\n new Aws.Emr.Inputs.ClusterStepArgs\n {\n ActionOnFailure = \"TERMINATE_CLUSTER\",\n Name = \"Setup Hadoop Debugging\",\n HadoopJarStep = new Aws.Emr.Inputs.ClusterStepHadoopJarStepArgs\n {\n Jar = \"command-runner.jar\",\n Args = new[]\n {\n \"state-pusher-script\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewCluster(ctx, \"example\", \u0026emr.ClusterArgs{\n\t\t\tSteps: emr.ClusterStepArray{\n\t\t\t\t\u0026emr.ClusterStepArgs{\n\t\t\t\t\tActionOnFailure: pulumi.String(\"TERMINATE_CLUSTER\"),\n\t\t\t\t\tName: pulumi.String(\"Setup Hadoop Debugging\"),\n\t\t\t\t\tHadoopJarStep: \u0026emr.ClusterStepHadoopJarStepArgs{\n\t\t\t\t\t\tJar: pulumi.String(\"command-runner.jar\"),\n\t\t\t\t\t\tArgs: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"state-pusher-script\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterStepArgs;\nimport com.pulumi.aws.emr.inputs.ClusterStepHadoopJarStepArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .steps(ClusterStepArgs.builder()\n .actionOnFailure(\"TERMINATE_CLUSTER\")\n .name(\"Setup Hadoop Debugging\")\n .hadoopJarStep(ClusterStepHadoopJarStepArgs.builder()\n .jar(\"command-runner.jar\")\n .args(\"state-pusher-script\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:Cluster\n properties:\n steps:\n - actionOnFailure: TERMINATE_CLUSTER\n name: Setup Hadoop Debugging\n hadoopJarStep:\n jar: command-runner.jar\n args:\n - state-pusher-script\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple Node Master Instance Group\n\nAvailable in EMR version 5.23.0 and later, an EMR Cluster can be launched with three master nodes for high availability. Additional information about this functionality and its requirements can be found in the [EMR Management Guide](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-ha.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// This configuration is for illustrative purposes and highlights\n// only relevant configurations for working with this functionality.\n// Map public IP on launch must be enabled for public (Internet accessible) subnets\nconst example = new aws.ec2.Subnet(\"example\", {mapPublicIpOnLaunch: true});\nconst exampleCluster = new aws.emr.Cluster(\"example\", {\n releaseLabel: \"emr-5.24.1\",\n terminationProtection: true,\n ec2Attributes: {\n subnetId: example.id,\n },\n masterInstanceGroup: {\n instanceCount: 3,\n },\n coreInstanceGroup: {},\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# This configuration is for illustrative purposes and highlights\n# only relevant configurations for working with this functionality.\n# Map public IP on launch must be enabled for public (Internet accessible) subnets\nexample = aws.ec2.Subnet(\"example\", map_public_ip_on_launch=True)\nexample_cluster = aws.emr.Cluster(\"example\",\n release_label=\"emr-5.24.1\",\n termination_protection=True,\n ec2_attributes={\n \"subnet_id\": example.id,\n },\n master_instance_group={\n \"instance_count\": 3,\n },\n core_instance_group={})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // This configuration is for illustrative purposes and highlights\n // only relevant configurations for working with this functionality.\n // Map public IP on launch must be enabled for public (Internet accessible) subnets\n var example = new Aws.Ec2.Subnet(\"example\", new()\n {\n MapPublicIpOnLaunch = true,\n });\n\n var exampleCluster = new Aws.Emr.Cluster(\"example\", new()\n {\n ReleaseLabel = \"emr-5.24.1\",\n TerminationProtection = true,\n Ec2Attributes = new Aws.Emr.Inputs.ClusterEc2AttributesArgs\n {\n SubnetId = example.Id,\n },\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceCount = 3,\n },\n CoreInstanceGroup = null,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// This configuration is for illustrative purposes and highlights\n\t\t// only relevant configurations for working with this functionality.\n\t\t// Map public IP on launch must be enabled for public (Internet accessible) subnets\n\t\texample, err := ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tMapPublicIpOnLaunch: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = emr.NewCluster(ctx, \"example\", \u0026emr.ClusterArgs{\n\t\t\tReleaseLabel: pulumi.String(\"emr-5.24.1\"),\n\t\t\tTerminationProtection: pulumi.Bool(true),\n\t\t\tEc2Attributes: \u0026emr.ClusterEc2AttributesArgs{\n\t\t\t\tSubnetId: example.ID(),\n\t\t\t},\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceCount: pulumi.Int(3),\n\t\t\t},\n\t\t\tCoreInstanceGroup: nil,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterEc2AttributesArgs;\nimport com.pulumi.aws.emr.inputs.ClusterMasterInstanceGroupArgs;\nimport com.pulumi.aws.emr.inputs.ClusterCoreInstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // This configuration is for illustrative purposes and highlights\n // only relevant configurations for working with this functionality.\n // Map public IP on launch must be enabled for public (Internet accessible) subnets\n var example = new Subnet(\"example\", SubnetArgs.builder()\n .mapPublicIpOnLaunch(true)\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .releaseLabel(\"emr-5.24.1\")\n .terminationProtection(true)\n .ec2Attributes(ClusterEc2AttributesArgs.builder()\n .subnetId(example.id())\n .build())\n .masterInstanceGroup(ClusterMasterInstanceGroupArgs.builder()\n .instanceCount(3)\n .build())\n .coreInstanceGroup()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # This configuration is for illustrative purposes and highlights\n # only relevant configurations for working with this functionality.\n\n # Map public IP on launch must be enabled for public (Internet accessible) subnets\n example:\n type: aws:ec2:Subnet\n properties:\n mapPublicIpOnLaunch: true\n exampleCluster:\n type: aws:emr:Cluster\n name: example\n properties:\n releaseLabel: emr-5.24.1\n terminationProtection: true\n ec2Attributes:\n subnetId: ${example.id}\n masterInstanceGroup:\n instanceCount: 3\n coreInstanceGroup: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR clusters using the `id`. For example:\n\n```sh\n$ pulumi import aws:emr/cluster:Cluster cluster j-123456ABCDEF\n```\nSince the API does not return the actual values for Kerberos configurations, environments with those options set will need to use the `lifecycle` configuration block `ignore_changes` argument available to all Pulumi resources to prevent perpetual differences. For example:\n\n", "properties": { "additionalInfo": { "type": "string", "description": "JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore the provider cannot detect drift from the actual EMR cluster if its value is changed outside the provider.\n" }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A case-insensitive list of applications for Amazon EMR to install and configure when launching the cluster. For a list of applications available for each Amazon EMR release version, see the [Amazon EMR Release Guide](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html).\n" }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "autoTerminationPolicy": { "$ref": "#/types/aws:emr/ClusterAutoTerminationPolicy:ClusterAutoTerminationPolicy", "description": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. See Auto Termination Policy Below.\n" }, "autoscalingRole": { "type": "string", "description": "IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n" }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. See below.\n" }, "clusterState": { "type": "string", "language": { "csharp": { "name": "State" } } }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating. Supply a configuration object for applications to override their default configuration. See [AWS Documentation](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) for more information.\n" }, "configurationsJson": { "type": "string", "description": "JSON string for supplying list of configurations for the EMR cluster.\n\n\u003e **NOTE on `configurations_json`:** If the `Configurations` value is empty then you should skip the `Configurations` field instead of providing an empty list as a value, `\"Configurations\": []`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = new aws.emr.Cluster(\"cluster\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.emr.Cluster(\"cluster\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = new Aws.Emr.Cluster(\"cluster\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewCluster(ctx, \"cluster\", \u0026emr.ClusterArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cluster = new Cluster(\"cluster\", ClusterArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster:\n type: aws:emr:Cluster\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "coreInstanceFleet": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleet:ClusterCoreInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the core node type. Cannot be specified if any `core_instance_group` configuration blocks are set. Detailed below.\n" }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core).\n" }, "customAmiId": { "type": "string", "description": "Custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n" }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n" }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. See below.\n" }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n" }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. See below.\n" }, "listStepsStates": { "type": "array", "items": { "type": "string" }, "description": "List of [step states](https://docs.aws.amazon.com/emr/latest/APIReference/API_StepStatus.html) used to filter returned steps\n" }, "logEncryptionKmsKeyId": { "type": "string", "description": "AWS KMS customer master key (CMK) key ID or arn used for encrypting log files. This attribute is only available with EMR version 5.30.0 and later, excluding EMR 6.0.0.\n" }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created.\n" }, "masterInstanceFleet": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleet:ClusterMasterInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the master node type. Cannot be specified if any `master_instance_group` configuration blocks are set. Detailed below.\n" }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master).\n" }, "masterPublicDns": { "type": "string", "description": "The DNS name of the master node. If the cluster is on a private subnet, this is the private DNS name. On a public subnet, this is the public DNS name.\n" }, "name": { "type": "string", "description": "Name of the job flow.\n" }, "placementGroupConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterPlacementGroupConfig:ClusterPlacementGroupConfig" }, "description": "The specified placement group configuration for an Amazon EMR cluster.\n" }, "releaseLabel": { "type": "string", "description": "Release label for the Amazon EMR release.\n" }, "scaleDownBehavior": { "type": "string", "description": "Way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n" }, "securityConfiguration": { "type": "string", "description": "Security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater.\n" }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources.\n\nThe following arguments are optional:\n" }, "stepConcurrencyLevel": { "type": "integer", "description": "Number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater (default is 1).\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. See below. It is highly recommended to utilize the lifecycle resource options block with `ignoreChanges` if other steps are being managed outside of this provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "unhealthyNodeReplacement": { "type": "boolean", "description": "Whether whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster. Default value is `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default value is `true`.\n" } }, "required": [ "arn", "clusterState", "coreInstanceFleet", "coreInstanceGroup", "keepJobFlowAliveWhenNoSteps", "masterInstanceFleet", "masterInstanceGroup", "masterPublicDns", "name", "releaseLabel", "scaleDownBehavior", "serviceRole", "steps", "tagsAll", "terminationProtection" ], "inputProperties": { "additionalInfo": { "type": "string", "description": "JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore the provider cannot detect drift from the actual EMR cluster if its value is changed outside the provider.\n", "willReplaceOnChanges": true }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A case-insensitive list of applications for Amazon EMR to install and configure when launching the cluster. For a list of applications available for each Amazon EMR release version, see the [Amazon EMR Release Guide](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html).\n", "willReplaceOnChanges": true }, "autoTerminationPolicy": { "$ref": "#/types/aws:emr/ClusterAutoTerminationPolicy:ClusterAutoTerminationPolicy", "description": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. See Auto Termination Policy Below.\n" }, "autoscalingRole": { "type": "string", "description": "IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n", "willReplaceOnChanges": true }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. See below.\n", "willReplaceOnChanges": true }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating. Supply a configuration object for applications to override their default configuration. See [AWS Documentation](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) for more information.\n", "willReplaceOnChanges": true }, "configurationsJson": { "type": "string", "description": "JSON string for supplying list of configurations for the EMR cluster.\n\n\u003e **NOTE on `configurations_json`:** If the `Configurations` value is empty then you should skip the `Configurations` field instead of providing an empty list as a value, `\"Configurations\": []`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = new aws.emr.Cluster(\"cluster\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.emr.Cluster(\"cluster\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = new Aws.Emr.Cluster(\"cluster\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewCluster(ctx, \"cluster\", \u0026emr.ClusterArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cluster = new Cluster(\"cluster\", ClusterArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster:\n type: aws:emr:Cluster\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "willReplaceOnChanges": true }, "coreInstanceFleet": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleet:ClusterCoreInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the core node type. Cannot be specified if any `core_instance_group` configuration blocks are set. Detailed below.\n", "willReplaceOnChanges": true }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core).\n", "willReplaceOnChanges": true }, "customAmiId": { "type": "string", "description": "Custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n", "willReplaceOnChanges": true }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n", "willReplaceOnChanges": true }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. See below.\n", "willReplaceOnChanges": true }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n", "willReplaceOnChanges": true }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. See below.\n", "willReplaceOnChanges": true }, "listStepsStates": { "type": "array", "items": { "type": "string" }, "description": "List of [step states](https://docs.aws.amazon.com/emr/latest/APIReference/API_StepStatus.html) used to filter returned steps\n" }, "logEncryptionKmsKeyId": { "type": "string", "description": "AWS KMS customer master key (CMK) key ID or arn used for encrypting log files. This attribute is only available with EMR version 5.30.0 and later, excluding EMR 6.0.0.\n", "willReplaceOnChanges": true }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created.\n", "willReplaceOnChanges": true }, "masterInstanceFleet": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleet:ClusterMasterInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the master node type. Cannot be specified if any `master_instance_group` configuration blocks are set. Detailed below.\n", "willReplaceOnChanges": true }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master).\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the job flow.\n", "willReplaceOnChanges": true }, "placementGroupConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterPlacementGroupConfig:ClusterPlacementGroupConfig" }, "description": "The specified placement group configuration for an Amazon EMR cluster.\n", "willReplaceOnChanges": true }, "releaseLabel": { "type": "string", "description": "Release label for the Amazon EMR release.\n", "willReplaceOnChanges": true }, "scaleDownBehavior": { "type": "string", "description": "Way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n", "willReplaceOnChanges": true }, "securityConfiguration": { "type": "string", "description": "Security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater.\n", "willReplaceOnChanges": true }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "stepConcurrencyLevel": { "type": "integer", "description": "Number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater (default is 1).\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. See below. It is highly recommended to utilize the lifecycle resource options block with `ignoreChanges` if other steps are being managed outside of this provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "unhealthyNodeReplacement": { "type": "boolean", "description": "Whether whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster. Default value is `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default value is `true`.\n" } }, "requiredInputs": [ "releaseLabel", "serviceRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "additionalInfo": { "type": "string", "description": "JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore the provider cannot detect drift from the actual EMR cluster if its value is changed outside the provider.\n", "willReplaceOnChanges": true }, "applications": { "type": "array", "items": { "type": "string" }, "description": "A case-insensitive list of applications for Amazon EMR to install and configure when launching the cluster. For a list of applications available for each Amazon EMR release version, see the [Amazon EMR Release Guide](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html).\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "autoTerminationPolicy": { "$ref": "#/types/aws:emr/ClusterAutoTerminationPolicy:ClusterAutoTerminationPolicy", "description": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. See Auto Termination Policy Below.\n" }, "autoscalingRole": { "type": "string", "description": "IAM role for automatic scaling policies. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.\n", "willReplaceOnChanges": true }, "bootstrapActions": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterBootstrapAction:ClusterBootstrapAction" }, "description": "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes. See below.\n", "willReplaceOnChanges": true }, "clusterState": { "type": "string", "language": { "csharp": { "name": "State" } } }, "configurations": { "type": "string", "description": "List of configurations supplied for the EMR cluster you are creating. Supply a configuration object for applications to override their default configuration. See [AWS Documentation](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) for more information.\n", "willReplaceOnChanges": true }, "configurationsJson": { "type": "string", "description": "JSON string for supplying list of configurations for the EMR cluster.\n\n\u003e **NOTE on `configurations_json`:** If the `Configurations` value is empty then you should skip the `Configurations` field instead of providing an empty list as a value, `\"Configurations\": []`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = new aws.emr.Cluster(\"cluster\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.emr.Cluster(\"cluster\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = new Aws.Emr.Cluster(\"cluster\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewCluster(ctx, \"cluster\", \u0026emr.ClusterArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cluster = new Cluster(\"cluster\", ClusterArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster:\n type: aws:emr:Cluster\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "willReplaceOnChanges": true }, "coreInstanceFleet": { "$ref": "#/types/aws:emr/ClusterCoreInstanceFleet:ClusterCoreInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the core node type. Cannot be specified if any `core_instance_group` configuration blocks are set. Detailed below.\n", "willReplaceOnChanges": true }, "coreInstanceGroup": { "$ref": "#/types/aws:emr/ClusterCoreInstanceGroup:ClusterCoreInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [core node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-core).\n", "willReplaceOnChanges": true }, "customAmiId": { "type": "string", "description": "Custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later.\n", "willReplaceOnChanges": true }, "ebsRootVolumeSize": { "type": "integer", "description": "Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later.\n", "willReplaceOnChanges": true }, "ec2Attributes": { "$ref": "#/types/aws:emr/ClusterEc2Attributes:ClusterEc2Attributes", "description": "Attributes for the EC2 instances running the job flow. See below.\n", "willReplaceOnChanges": true }, "keepJobFlowAliveWhenNoSteps": { "type": "boolean", "description": "Switch on/off run cluster with no steps or when all steps are complete (default is on)\n", "willReplaceOnChanges": true }, "kerberosAttributes": { "$ref": "#/types/aws:emr/ClusterKerberosAttributes:ClusterKerberosAttributes", "description": "Kerberos configuration for the cluster. See below.\n", "willReplaceOnChanges": true }, "listStepsStates": { "type": "array", "items": { "type": "string" }, "description": "List of [step states](https://docs.aws.amazon.com/emr/latest/APIReference/API_StepStatus.html) used to filter returned steps\n" }, "logEncryptionKmsKeyId": { "type": "string", "description": "AWS KMS customer master key (CMK) key ID or arn used for encrypting log files. This attribute is only available with EMR version 5.30.0 and later, excluding EMR 6.0.0.\n", "willReplaceOnChanges": true }, "logUri": { "type": "string", "description": "S3 bucket to write the log files of the job flow. If a value is not provided, logs are not created.\n", "willReplaceOnChanges": true }, "masterInstanceFleet": { "$ref": "#/types/aws:emr/ClusterMasterInstanceFleet:ClusterMasterInstanceFleet", "description": "Configuration block to use an [Instance Fleet](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-fleet.html) for the master node type. Cannot be specified if any `master_instance_group` configuration blocks are set. Detailed below.\n", "willReplaceOnChanges": true }, "masterInstanceGroup": { "$ref": "#/types/aws:emr/ClusterMasterInstanceGroup:ClusterMasterInstanceGroup", "description": "Configuration block to use an [Instance Group](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-instance-group-configuration.html#emr-plan-instance-groups) for the [master node type](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html#emr-plan-master).\n", "willReplaceOnChanges": true }, "masterPublicDns": { "type": "string", "description": "The DNS name of the master node. If the cluster is on a private subnet, this is the private DNS name. On a public subnet, this is the public DNS name.\n" }, "name": { "type": "string", "description": "Name of the job flow.\n", "willReplaceOnChanges": true }, "placementGroupConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterPlacementGroupConfig:ClusterPlacementGroupConfig" }, "description": "The specified placement group configuration for an Amazon EMR cluster.\n", "willReplaceOnChanges": true }, "releaseLabel": { "type": "string", "description": "Release label for the Amazon EMR release.\n", "willReplaceOnChanges": true }, "scaleDownBehavior": { "type": "string", "description": "Way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an `instance group` is resized.\n", "willReplaceOnChanges": true }, "securityConfiguration": { "type": "string", "description": "Security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater.\n", "willReplaceOnChanges": true }, "serviceRole": { "type": "string", "description": "IAM role that will be assumed by the Amazon EMR service to access AWS resources.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "stepConcurrencyLevel": { "type": "integer", "description": "Number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with `release_label` 5.28.0 or greater (default is 1).\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:emr/ClusterStep:ClusterStep" }, "description": "List of steps to run when creating the cluster. See below. It is highly recommended to utilize the lifecycle resource options block with `ignoreChanges` if other steps are being managed outside of this provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminationProtection": { "type": "boolean", "description": "Switch on/off termination protection (default is `false`, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to `false`.\n" }, "unhealthyNodeReplacement": { "type": "boolean", "description": "Whether whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster. Default value is `false`.\n" }, "visibleToAllUsers": { "type": "boolean", "description": "Whether the job flow is visible to all IAM users of the AWS account associated with the job flow. Default value is `true`.\n" } }, "type": "object" } }, "aws:emr/instanceFleet:InstanceFleet": { "description": "Provides an Elastic MapReduce Cluster Instance Fleet configuration.\nSee [Amazon Elastic MapReduce Documentation](https://aws.amazon.com/documentation/emr/) for more information.\n\n\u003e **NOTE:** At this time, Instance Fleets cannot be destroyed through the API nor\nweb interface. Instance Fleets are destroyed when the EMR Cluster is destroyed.\nthe provider will resize any Instance Fleet to zero when destroying the resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceFleet(\"task\", {\n clusterId: cluster.id,\n instanceTypeConfigs: [\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.xlarge\",\n weightedCapacity: 1,\n },\n {\n bidPriceAsPercentageOfOnDemandPrice: 100,\n ebsConfigs: [{\n size: 100,\n type: \"gp2\",\n volumesPerInstance: 1,\n }],\n instanceType: \"m4.2xlarge\",\n weightedCapacity: 2,\n },\n ],\n launchSpecifications: {\n spotSpecifications: [{\n allocationStrategy: \"capacity-optimized\",\n blockDurationMinutes: 0,\n timeoutAction: \"TERMINATE_CLUSTER\",\n timeoutDurationMinutes: 10,\n }],\n },\n name: \"task fleet\",\n targetOnDemandCapacity: 1,\n targetSpotCapacity: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceFleet(\"task\",\n cluster_id=cluster[\"id\"],\n instance_type_configs=[\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.xlarge\",\n \"weighted_capacity\": 1,\n },\n {\n \"bid_price_as_percentage_of_on_demand_price\": 100,\n \"ebs_configs\": [{\n \"size\": 100,\n \"type\": \"gp2\",\n \"volumes_per_instance\": 1,\n }],\n \"instance_type\": \"m4.2xlarge\",\n \"weighted_capacity\": 2,\n },\n ],\n launch_specifications={\n \"spot_specifications\": [{\n \"allocation_strategy\": \"capacity-optimized\",\n \"block_duration_minutes\": 0,\n \"timeout_action\": \"TERMINATE_CLUSTER\",\n \"timeout_duration_minutes\": 10,\n }],\n },\n name=\"task fleet\",\n target_on_demand_capacity=1,\n target_spot_capacity=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var task = new Aws.Emr.InstanceFleet(\"task\", new()\n {\n ClusterId = cluster.Id,\n InstanceTypeConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.xlarge\",\n WeightedCapacity = 1,\n },\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigArgs\n {\n BidPriceAsPercentageOfOnDemandPrice = 100,\n EbsConfigs = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetInstanceTypeConfigEbsConfigArgs\n {\n Size = 100,\n Type = \"gp2\",\n VolumesPerInstance = 1,\n },\n },\n InstanceType = \"m4.2xlarge\",\n WeightedCapacity = 2,\n },\n },\n LaunchSpecifications = new Aws.Emr.Inputs.InstanceFleetLaunchSpecificationsArgs\n {\n SpotSpecifications = new[]\n {\n new Aws.Emr.Inputs.InstanceFleetLaunchSpecificationsSpotSpecificationArgs\n {\n AllocationStrategy = \"capacity-optimized\",\n BlockDurationMinutes = 0,\n TimeoutAction = \"TERMINATE_CLUSTER\",\n TimeoutDurationMinutes = 10,\n },\n },\n },\n Name = \"task fleet\",\n TargetOnDemandCapacity = 1,\n TargetSpotCapacity = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewInstanceFleet(ctx, \"task\", \u0026emr.InstanceFleetArgs{\n\t\t\tClusterId: pulumi.Any(cluster.Id),\n\t\t\tInstanceTypeConfigs: emr.InstanceFleetInstanceTypeConfigArray{\n\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\tEbsConfigs: emr.InstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigArgs{\n\t\t\t\t\tBidPriceAsPercentageOfOnDemandPrice: pulumi.Float64(100),\n\t\t\t\t\tEbsConfigs: emr.InstanceFleetInstanceTypeConfigEbsConfigArray{\n\t\t\t\t\t\t\u0026emr.InstanceFleetInstanceTypeConfigEbsConfigArgs{\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t\tVolumesPerInstance: pulumi.Int(1),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.2xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchSpecifications: \u0026emr.InstanceFleetLaunchSpecificationsArgs{\n\t\t\t\tSpotSpecifications: emr.InstanceFleetLaunchSpecificationsSpotSpecificationArray{\n\t\t\t\t\t\u0026emr.InstanceFleetLaunchSpecificationsSpotSpecificationArgs{\n\t\t\t\t\t\tAllocationStrategy: pulumi.String(\"capacity-optimized\"),\n\t\t\t\t\t\tBlockDurationMinutes: pulumi.Int(0),\n\t\t\t\t\t\tTimeoutAction: pulumi.String(\"TERMINATE_CLUSTER\"),\n\t\t\t\t\t\tTimeoutDurationMinutes: pulumi.Int(10),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"task fleet\"),\n\t\t\tTargetOnDemandCapacity: pulumi.Int(1),\n\t\t\tTargetSpotCapacity: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.InstanceFleet;\nimport com.pulumi.aws.emr.InstanceFleetArgs;\nimport com.pulumi.aws.emr.inputs.InstanceFleetInstanceTypeConfigArgs;\nimport com.pulumi.aws.emr.inputs.InstanceFleetLaunchSpecificationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var task = new InstanceFleet(\"task\", InstanceFleetArgs.builder()\n .clusterId(cluster.id())\n .instanceTypeConfigs( \n InstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(InstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.xlarge\")\n .weightedCapacity(1)\n .build(),\n InstanceFleetInstanceTypeConfigArgs.builder()\n .bidPriceAsPercentageOfOnDemandPrice(100)\n .ebsConfigs(InstanceFleetInstanceTypeConfigEbsConfigArgs.builder()\n .size(100)\n .type(\"gp2\")\n .volumesPerInstance(1)\n .build())\n .instanceType(\"m4.2xlarge\")\n .weightedCapacity(2)\n .build())\n .launchSpecifications(InstanceFleetLaunchSpecificationsArgs.builder()\n .spotSpecifications(InstanceFleetLaunchSpecificationsSpotSpecificationArgs.builder()\n .allocationStrategy(\"capacity-optimized\")\n .blockDurationMinutes(0)\n .timeoutAction(\"TERMINATE_CLUSTER\")\n .timeoutDurationMinutes(10)\n .build())\n .build())\n .name(\"task fleet\")\n .targetOnDemandCapacity(1)\n .targetSpotCapacity(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n task:\n type: aws:emr:InstanceFleet\n properties:\n clusterId: ${cluster.id}\n instanceTypeConfigs:\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.xlarge\n weightedCapacity: 1\n - bidPriceAsPercentageOfOnDemandPrice: 100\n ebsConfigs:\n - size: 100\n type: gp2\n volumesPerInstance: 1\n instanceType: m4.2xlarge\n weightedCapacity: 2\n launchSpecifications:\n spotSpecifications:\n - allocationStrategy: capacity-optimized\n blockDurationMinutes: 0\n timeoutAction: TERMINATE_CLUSTER\n timeoutDurationMinutes: 10\n name: task fleet\n targetOnDemandCapacity: 1\n targetSpotCapacity: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR Instance Fleet using the EMR Cluster identifier and Instance Fleet identifier separated by a forward slash (`/`). For example:\n\n```sh\n$ pulumi import aws:emr/instanceFleet:InstanceFleet example j-123456ABCDEF/if-15EK4O09RZLNR\n```\n", "properties": { "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n" }, "instanceTypeConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetInstanceTypeConfig:InstanceFleetInstanceTypeConfig" }, "description": "Configuration block for instance fleet\n" }, "launchSpecifications": { "$ref": "#/types/aws:emr/InstanceFleetLaunchSpecifications:InstanceFleetLaunchSpecifications", "description": "Configuration block for launch specification\n" }, "name": { "type": "string", "description": "Friendly name given to the instance fleet.\n" }, "provisionedOnDemandCapacity": { "type": "integer", "description": "The number of On-Demand units that have been provisioned for the instance\nfleet to fulfill TargetOnDemandCapacity. This provisioned capacity might be less than or greater than TargetOnDemandCapacity.\n" }, "provisionedSpotCapacity": { "type": "integer", "description": "The number of Spot units that have been provisioned for this instance fleet\nto fulfill TargetSpotCapacity. This provisioned capacity might be less than or greater than TargetSpotCapacity.\n" }, "targetOnDemandCapacity": { "type": "integer", "description": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision.\n" }, "targetSpotCapacity": { "type": "integer", "description": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision.\n" } }, "required": [ "clusterId", "name", "provisionedOnDemandCapacity", "provisionedSpotCapacity" ], "inputProperties": { "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "instanceTypeConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetInstanceTypeConfig:InstanceFleetInstanceTypeConfig" }, "description": "Configuration block for instance fleet\n", "willReplaceOnChanges": true }, "launchSpecifications": { "$ref": "#/types/aws:emr/InstanceFleetLaunchSpecifications:InstanceFleetLaunchSpecifications", "description": "Configuration block for launch specification\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance fleet.\n", "willReplaceOnChanges": true }, "targetOnDemandCapacity": { "type": "integer", "description": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision.\n" }, "targetSpotCapacity": { "type": "integer", "description": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision.\n" } }, "requiredInputs": [ "clusterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceFleet resources.\n", "properties": { "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "instanceTypeConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceFleetInstanceTypeConfig:InstanceFleetInstanceTypeConfig" }, "description": "Configuration block for instance fleet\n", "willReplaceOnChanges": true }, "launchSpecifications": { "$ref": "#/types/aws:emr/InstanceFleetLaunchSpecifications:InstanceFleetLaunchSpecifications", "description": "Configuration block for launch specification\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name given to the instance fleet.\n", "willReplaceOnChanges": true }, "provisionedOnDemandCapacity": { "type": "integer", "description": "The number of On-Demand units that have been provisioned for the instance\nfleet to fulfill TargetOnDemandCapacity. This provisioned capacity might be less than or greater than TargetOnDemandCapacity.\n" }, "provisionedSpotCapacity": { "type": "integer", "description": "The number of Spot units that have been provisioned for this instance fleet\nto fulfill TargetSpotCapacity. This provisioned capacity might be less than or greater than TargetSpotCapacity.\n" }, "targetOnDemandCapacity": { "type": "integer", "description": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision.\n" }, "targetSpotCapacity": { "type": "integer", "description": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision.\n" } }, "type": "object" } }, "aws:emr/instanceGroup:InstanceGroup": { "description": "Provides an Elastic MapReduce Cluster Instance Group configuration.\nSee [Amazon Elastic MapReduce Documentation](https://aws.amazon.com/documentation/emr/) for more information.\n\n\u003e **NOTE:** At this time, Instance Groups cannot be destroyed through the API nor\nweb interface. Instance Groups are destroyed when the EMR Cluster is destroyed.\nthis provider will resize any Instance Group to zero when destroying the resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceGroup(\"task\", {\n clusterId: tf_test_cluster.id,\n instanceCount: 1,\n instanceType: \"m5.xlarge\",\n name: \"my little instance group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceGroup(\"task\",\n cluster_id=tf_test_cluster[\"id\"],\n instance_count=1,\n instance_type=\"m5.xlarge\",\n name=\"my little instance group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var task = new Aws.Emr.InstanceGroup(\"task\", new()\n {\n ClusterId = tf_test_cluster.Id,\n InstanceCount = 1,\n InstanceType = \"m5.xlarge\",\n Name = \"my little instance group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewInstanceGroup(ctx, \"task\", \u0026emr.InstanceGroupArgs{\n\t\t\tClusterId: pulumi.Any(tf_test_cluster.Id),\n\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\tInstanceType: pulumi.String(\"m5.xlarge\"),\n\t\t\tName: pulumi.String(\"my little instance group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.InstanceGroup;\nimport com.pulumi.aws.emr.InstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var task = new InstanceGroup(\"task\", InstanceGroupArgs.builder()\n .clusterId(tf_test_cluster.id())\n .instanceCount(1)\n .instanceType(\"m5.xlarge\")\n .name(\"my little instance group\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n task:\n type: aws:emr:InstanceGroup\n properties:\n clusterId: ${[\"tf-test-cluster\"].id}\n instanceCount: 1\n instanceType: m5.xlarge\n name: my little instance group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR task instance group using their EMR Cluster id and Instance Group id separated by a forward-slash `/`. For example:\n\n```sh\n$ pulumi import aws:emr/instanceGroup:InstanceGroup task_group j-123456ABCDEF/ig-15EK4O09RZLNR\n```\n", "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n" }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n" }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceGroup(\"task\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceGroup(\"task\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var task = new Aws.Emr.InstanceGroup(\"task\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewInstanceGroup(ctx, \"task\", \u0026emr.InstanceGroupArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.InstanceGroup;\nimport com.pulumi.aws.emr.InstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var task = new InstanceGroup(\"task\", InstanceGroupArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n task:\n type: aws:emr:InstanceGroup\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n" }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n" }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n" }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n" }, "runningInstanceCount": { "type": "integer", "description": "The number of instances currently running in this instance group.\n" }, "status": { "type": "string", "description": "The current status of the instance group.\n" } }, "required": [ "clusterId", "ebsConfigs", "instanceCount", "instanceType", "name", "runningInstanceCount", "status" ], "inputProperties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "willReplaceOnChanges": true }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceGroup(\"task\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceGroup(\"task\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var task = new Aws.Emr.InstanceGroup(\"task\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewInstanceGroup(ctx, \"task\", \u0026emr.InstanceGroupArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.InstanceGroup;\nimport com.pulumi.aws.emr.InstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var task = new InstanceGroup(\"task\", InstanceGroupArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n task:\n type: aws:emr:InstanceGroup\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clusterId", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceGroup resources.\n", "properties": { "autoscalingPolicy": { "type": "string", "description": "The autoscaling policy document. This is a JSON formatted string. See [EMR Auto Scaling](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-automatic-scaling.html)\n" }, "bidPrice": { "type": "string", "description": "If set, the bid price for each EC2 instance in the instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances.\n", "willReplaceOnChanges": true }, "clusterId": { "type": "string", "description": "ID of the EMR Cluster to attach to. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "configurationsJson": { "type": "string", "description": "A JSON string for supplying list of configurations specific to the EMR instance group. Note that this can only be changed when using EMR release 5.21 or later.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst task = new aws.emr.InstanceGroup(\"task\", {configurationsJson: `[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntask = aws.emr.InstanceGroup(\"task\", configurations_json=\"\"\"[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var task = new Aws.Emr.InstanceGroup(\"task\", new()\n {\n ConfigurationsJson = @\"[\n{\n\"\"Classification\"\": \"\"hadoop-env\"\",\n\"\"Configurations\"\": [\n{\n\"\"Classification\"\": \"\"export\"\",\n\"\"Properties\"\": {\n\"\"JAVA_HOME\"\": \"\"/usr/lib/jvm/java-1.8.0\"\"\n}\n}\n],\n\"\"Properties\"\": {}\n}\n]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewInstanceGroup(ctx, \"task\", \u0026emr.InstanceGroupArgs{\n\t\t\tConfigurationsJson: pulumi.String(`[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.InstanceGroup;\nimport com.pulumi.aws.emr.InstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var task = new InstanceGroup(\"task\", InstanceGroupArgs.builder()\n .configurationsJson(\"\"\"\n[\n{\n\"Classification\": \"hadoop-env\",\n\"Configurations\": [\n{\n\"Classification\": \"export\",\n\"Properties\": {\n\"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n}\n}\n],\n\"Properties\": {}\n}\n]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n task:\n type: aws:emr:InstanceGroup\n properties:\n configurationsJson: |\n [\n {\n \"Classification\": \"hadoop-env\",\n \"Configurations\": [\n {\n \"Classification\": \"export\",\n \"Properties\": {\n \"JAVA_HOME\": \"/usr/lib/jvm/java-1.8.0\"\n }\n }\n ],\n \"Properties\": {}\n }\n ]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "ebsConfigs": { "type": "array", "items": { "$ref": "#/types/aws:emr/InstanceGroupEbsConfig:InstanceGroupEbsConfig" }, "description": "One or more `ebs_config` blocks as defined below. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Indicates whether an Amazon EBS volume is EBS-optimized. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "instanceCount": { "type": "integer", "description": "target number of instances for the instance group. defaults to 0.\n" }, "instanceType": { "type": "string", "description": "The EC2 instance type for all instances in the instance group. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Human friendly name given to the instance group. Changing this forces a new resource to be created.\n", "willReplaceOnChanges": true }, "runningInstanceCount": { "type": "integer", "description": "The number of instances currently running in this instance group.\n" }, "status": { "type": "string", "description": "The current status of the instance group.\n" } }, "type": "object" } }, "aws:emr/managedScalingPolicy:ManagedScalingPolicy": { "description": "Provides a Managed Scaling policy for EMR Cluster. With Amazon EMR versions 5.30.0 and later (except for Amazon EMR 6.0.0), you can enable EMR managed scaling to automatically increase or decrease the number of instances or units in your cluster based on workload. See [Using EMR Managed Scaling in Amazon EMR](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-scaling.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.emr.Cluster(\"sample\", {\n name: \"emr-sample-cluster\",\n releaseLabel: \"emr-5.30.0\",\n masterInstanceGroup: {\n instanceType: \"m4.large\",\n },\n coreInstanceGroup: {\n instanceType: \"c4.large\",\n },\n});\nconst samplepolicy = new aws.emr.ManagedScalingPolicy(\"samplepolicy\", {\n clusterId: sample.id,\n computeLimits: [{\n unitType: \"Instances\",\n minimumCapacityUnits: 2,\n maximumCapacityUnits: 10,\n maximumOndemandCapacityUnits: 2,\n maximumCoreCapacityUnits: 10,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.emr.Cluster(\"sample\",\n name=\"emr-sample-cluster\",\n release_label=\"emr-5.30.0\",\n master_instance_group={\n \"instance_type\": \"m4.large\",\n },\n core_instance_group={\n \"instance_type\": \"c4.large\",\n })\nsamplepolicy = aws.emr.ManagedScalingPolicy(\"samplepolicy\",\n cluster_id=sample.id,\n compute_limits=[{\n \"unit_type\": \"Instances\",\n \"minimum_capacity_units\": 2,\n \"maximum_capacity_units\": 10,\n \"maximum_ondemand_capacity_units\": 2,\n \"maximum_core_capacity_units\": 10,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Emr.Cluster(\"sample\", new()\n {\n Name = \"emr-sample-cluster\",\n ReleaseLabel = \"emr-5.30.0\",\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceType = \"m4.large\",\n },\n CoreInstanceGroup = new Aws.Emr.Inputs.ClusterCoreInstanceGroupArgs\n {\n InstanceType = \"c4.large\",\n },\n });\n\n var samplepolicy = new Aws.Emr.ManagedScalingPolicy(\"samplepolicy\", new()\n {\n ClusterId = sample.Id,\n ComputeLimits = new[]\n {\n new Aws.Emr.Inputs.ManagedScalingPolicyComputeLimitArgs\n {\n UnitType = \"Instances\",\n MinimumCapacityUnits = 2,\n MaximumCapacityUnits = 10,\n MaximumOndemandCapacityUnits = 2,\n MaximumCoreCapacityUnits = 10,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsample, err := emr.NewCluster(ctx, \"sample\", \u0026emr.ClusterArgs{\n\t\t\tName: pulumi.String(\"emr-sample-cluster\"),\n\t\t\tReleaseLabel: pulumi.String(\"emr-5.30.0\"),\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(\"m4.large\"),\n\t\t\t},\n\t\t\tCoreInstanceGroup: \u0026emr.ClusterCoreInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(\"c4.large\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = emr.NewManagedScalingPolicy(ctx, \"samplepolicy\", \u0026emr.ManagedScalingPolicyArgs{\n\t\t\tClusterId: sample.ID(),\n\t\t\tComputeLimits: emr.ManagedScalingPolicyComputeLimitArray{\n\t\t\t\t\u0026emr.ManagedScalingPolicyComputeLimitArgs{\n\t\t\t\t\tUnitType: pulumi.String(\"Instances\"),\n\t\t\t\t\tMinimumCapacityUnits: pulumi.Int(2),\n\t\t\t\t\tMaximumCapacityUnits: pulumi.Int(10),\n\t\t\t\t\tMaximumOndemandCapacityUnits: pulumi.Int(2),\n\t\t\t\t\tMaximumCoreCapacityUnits: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterMasterInstanceGroupArgs;\nimport com.pulumi.aws.emr.inputs.ClusterCoreInstanceGroupArgs;\nimport com.pulumi.aws.emr.ManagedScalingPolicy;\nimport com.pulumi.aws.emr.ManagedScalingPolicyArgs;\nimport com.pulumi.aws.emr.inputs.ManagedScalingPolicyComputeLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new Cluster(\"sample\", ClusterArgs.builder()\n .name(\"emr-sample-cluster\")\n .releaseLabel(\"emr-5.30.0\")\n .masterInstanceGroup(ClusterMasterInstanceGroupArgs.builder()\n .instanceType(\"m4.large\")\n .build())\n .coreInstanceGroup(ClusterCoreInstanceGroupArgs.builder()\n .instanceType(\"c4.large\")\n .build())\n .build());\n\n var samplepolicy = new ManagedScalingPolicy(\"samplepolicy\", ManagedScalingPolicyArgs.builder()\n .clusterId(sample.id())\n .computeLimits(ManagedScalingPolicyComputeLimitArgs.builder()\n .unitType(\"Instances\")\n .minimumCapacityUnits(2)\n .maximumCapacityUnits(10)\n .maximumOndemandCapacityUnits(2)\n .maximumCoreCapacityUnits(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:emr:Cluster\n properties:\n name: emr-sample-cluster\n releaseLabel: emr-5.30.0\n masterInstanceGroup:\n instanceType: m4.large\n coreInstanceGroup:\n instanceType: c4.large\n samplepolicy:\n type: aws:emr:ManagedScalingPolicy\n properties:\n clusterId: ${sample.id}\n computeLimits:\n - unitType: Instances\n minimumCapacityUnits: 2\n maximumCapacityUnits: 10\n maximumOndemandCapacityUnits: 2\n maximumCoreCapacityUnits: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR Managed Scaling Policies using the EMR Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:emr/managedScalingPolicy:ManagedScalingPolicy example j-123456ABCDEF\n```\n", "properties": { "clusterId": { "type": "string", "description": "ID of the EMR cluster\n" }, "computeLimits": { "type": "array", "items": { "$ref": "#/types/aws:emr/ManagedScalingPolicyComputeLimit:ManagedScalingPolicyComputeLimit" }, "description": "Configuration block with compute limit settings. Described below.\n" } }, "required": [ "clusterId", "computeLimits" ], "inputProperties": { "clusterId": { "type": "string", "description": "ID of the EMR cluster\n", "willReplaceOnChanges": true }, "computeLimits": { "type": "array", "items": { "$ref": "#/types/aws:emr/ManagedScalingPolicyComputeLimit:ManagedScalingPolicyComputeLimit" }, "description": "Configuration block with compute limit settings. Described below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clusterId", "computeLimits" ], "stateInputs": { "description": "Input properties used for looking up and filtering ManagedScalingPolicy resources.\n", "properties": { "clusterId": { "type": "string", "description": "ID of the EMR cluster\n", "willReplaceOnChanges": true }, "computeLimits": { "type": "array", "items": { "$ref": "#/types/aws:emr/ManagedScalingPolicyComputeLimit:ManagedScalingPolicyComputeLimit" }, "description": "Configuration block with compute limit settings. Described below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emr/securityConfiguration:SecurityConfiguration": { "description": "Provides a resource to manage AWS EMR Security Configurations\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.emr.SecurityConfiguration(\"foo\", {\n name: \"emrsc_other\",\n configuration: `{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.emr.SecurityConfiguration(\"foo\",\n name=\"emrsc_other\",\n configuration=\"\"\"{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Emr.SecurityConfiguration(\"foo\", new()\n {\n Name = \"emrsc_other\",\n Configuration = @\"{\n \"\"EncryptionConfiguration\"\": {\n \"\"AtRestEncryptionConfiguration\"\": {\n \"\"S3EncryptionConfiguration\"\": {\n \"\"EncryptionMode\"\": \"\"SSE-S3\"\"\n },\n \"\"LocalDiskEncryptionConfiguration\"\": {\n \"\"EncryptionKeyProviderType\"\": \"\"AwsKms\"\",\n \"\"AwsKmsKey\"\": \"\"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\"\n }\n },\n \"\"EnableInTransitEncryption\"\": false,\n \"\"EnableAtRestEncryption\"\": true\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewSecurityConfiguration(ctx, \"foo\", \u0026emr.SecurityConfigurationArgs{\n\t\t\tName: pulumi.String(\"emrsc_other\"),\n\t\t\tConfiguration: pulumi.String(`{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.SecurityConfiguration;\nimport com.pulumi.aws.emr.SecurityConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new SecurityConfiguration(\"foo\", SecurityConfigurationArgs.builder()\n .name(\"emrsc_other\")\n .configuration(\"\"\"\n{\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:emr:SecurityConfiguration\n properties:\n name: emrsc_other\n configuration: |\n {\n \"EncryptionConfiguration\": {\n \"AtRestEncryptionConfiguration\": {\n \"S3EncryptionConfiguration\": {\n \"EncryptionMode\": \"SSE-S3\"\n },\n \"LocalDiskEncryptionConfiguration\": {\n \"EncryptionKeyProviderType\": \"AwsKms\",\n \"AwsKmsKey\": \"arn:aws:kms:us-west-2:187416307283:alias/my_emr_test_key\"\n }\n },\n \"EnableInTransitEncryption\": false,\n \"EnableAtRestEncryption\": true\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR Security Configurations using the `name`. For example:\n\n```sh\n$ pulumi import aws:emr/securityConfiguration:SecurityConfiguration sc example-sc-name\n```\n", "properties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n" }, "creationDate": { "type": "string", "description": "Date the Security Configuration was created\n" }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" } }, "required": [ "configuration", "creationDate", "name", "namePrefix" ], "inputProperties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "configuration" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityConfiguration resources.\n", "properties": { "configuration": { "type": "string", "description": "A JSON formatted Security Configuration\n", "willReplaceOnChanges": true }, "creationDate": { "type": "string", "description": "Date the Security Configuration was created\n" }, "name": { "type": "string", "description": "The name of the EMR Security Configuration. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emr/studio:Studio": { "description": "Provides an Elastic MapReduce Studio.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.Studio(\"example\", {\n authMode: \"SSO\",\n defaultS3Location: `s3://${test.bucket}/test`,\n engineSecurityGroupId: testAwsSecurityGroup.id,\n name: \"example\",\n serviceRole: testAwsIamRole.arn,\n subnetIds: [testAwsSubnet.id],\n userRole: testAwsIamRole.arn,\n vpcId: testAwsVpc.id,\n workspaceSecurityGroupId: testAwsSecurityGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.Studio(\"example\",\n auth_mode=\"SSO\",\n default_s3_location=f\"s3://{test['bucket']}/test\",\n engine_security_group_id=test_aws_security_group[\"id\"],\n name=\"example\",\n service_role=test_aws_iam_role[\"arn\"],\n subnet_ids=[test_aws_subnet[\"id\"]],\n user_role=test_aws_iam_role[\"arn\"],\n vpc_id=test_aws_vpc[\"id\"],\n workspace_security_group_id=test_aws_security_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.Studio(\"example\", new()\n {\n AuthMode = \"SSO\",\n DefaultS3Location = $\"s3://{test.Bucket}/test\",\n EngineSecurityGroupId = testAwsSecurityGroup.Id,\n Name = \"example\",\n ServiceRole = testAwsIamRole.Arn,\n SubnetIds = new[]\n {\n testAwsSubnet.Id,\n },\n UserRole = testAwsIamRole.Arn,\n VpcId = testAwsVpc.Id,\n WorkspaceSecurityGroupId = testAwsSecurityGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewStudio(ctx, \"example\", \u0026emr.StudioArgs{\n\t\t\tAuthMode: pulumi.String(\"SSO\"),\n\t\t\tDefaultS3Location: pulumi.String(fmt.Sprintf(\"s3://%v/test\", test.Bucket)),\n\t\t\tEngineSecurityGroupId: pulumi.Any(testAwsSecurityGroup.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tServiceRole: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttestAwsSubnet.Id,\n\t\t\t},\n\t\t\tUserRole: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tVpcId: pulumi.Any(testAwsVpc.Id),\n\t\t\tWorkspaceSecurityGroupId: pulumi.Any(testAwsSecurityGroup.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.Studio;\nimport com.pulumi.aws.emr.StudioArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Studio(\"example\", StudioArgs.builder()\n .authMode(\"SSO\")\n .defaultS3Location(String.format(\"s3://%s/test\", test.bucket()))\n .engineSecurityGroupId(testAwsSecurityGroup.id())\n .name(\"example\")\n .serviceRole(testAwsIamRole.arn())\n .subnetIds(testAwsSubnet.id())\n .userRole(testAwsIamRole.arn())\n .vpcId(testAwsVpc.id())\n .workspaceSecurityGroupId(testAwsSecurityGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:Studio\n properties:\n authMode: SSO\n defaultS3Location: s3://${test.bucket}/test\n engineSecurityGroupId: ${testAwsSecurityGroup.id}\n name: example\n serviceRole: ${testAwsIamRole.arn}\n subnetIds:\n - ${testAwsSubnet.id}\n userRole: ${testAwsIamRole.arn}\n vpcId: ${testAwsVpc.id}\n workspaceSecurityGroupId: ${testAwsSecurityGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR studios using the `id`. For example:\n\n```sh\n$ pulumi import aws:emr/studio:Studio studio es-123456ABCDEF\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the studio.\n" }, "authMode": { "type": "string", "description": "Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO. Valid values are `SSO` or `IAM`.\n" }, "defaultS3Location": { "type": "string", "description": "The Amazon S3 location to back up Amazon EMR Studio Workspaces and notebook files.\n" }, "description": { "type": "string", "description": "A detailed description of the Amazon EMR Studio.\n" }, "engineSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `vpc_id`.\n" }, "idpAuthUrl": { "type": "string", "description": "The authentication endpoint of your identity provider (IdP). Specify this value when you use IAM authentication and want to let federated users log in to a Studio with the Studio URL and credentials from your IdP. Amazon EMR Studio redirects users to this endpoint to enter credentials.\n" }, "idpRelayStateParameterName": { "type": "string", "description": "The name that your identity provider (IdP) uses for its RelayState parameter. For example, RelayState or TargetSource. Specify this value when you use IAM authentication and want to let federated users log in to a Studio using the Studio URL. The RelayState parameter differs by IdP.\n" }, "name": { "type": "string", "description": "A descriptive name for the Amazon EMR Studio.\n" }, "serviceRole": { "type": "string", "description": "The IAM role that the Amazon EMR Studio assumes. The service role provides a way for Amazon EMR Studio to interoperate with other Amazon Web Services services.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `vpc_id`. Studio users can create a Workspace in any of the specified subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The unique access URL of the Amazon EMR Studio.\n" }, "userRole": { "type": "string", "description": "The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a User Role when you use Amazon Web Services SSO authentication. The permissions attached to the User Role can be scoped down for each user or group using session policies.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.\n" }, "workspaceSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by `vpc_id`.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "authMode", "defaultS3Location", "engineSecurityGroupId", "name", "serviceRole", "subnetIds", "tagsAll", "url", "vpcId", "workspaceSecurityGroupId" ], "inputProperties": { "authMode": { "type": "string", "description": "Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO. Valid values are `SSO` or `IAM`.\n", "willReplaceOnChanges": true }, "defaultS3Location": { "type": "string", "description": "The Amazon S3 location to back up Amazon EMR Studio Workspaces and notebook files.\n" }, "description": { "type": "string", "description": "A detailed description of the Amazon EMR Studio.\n" }, "engineSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `vpc_id`.\n", "willReplaceOnChanges": true }, "idpAuthUrl": { "type": "string", "description": "The authentication endpoint of your identity provider (IdP). Specify this value when you use IAM authentication and want to let federated users log in to a Studio with the Studio URL and credentials from your IdP. Amazon EMR Studio redirects users to this endpoint to enter credentials.\n", "willReplaceOnChanges": true }, "idpRelayStateParameterName": { "type": "string", "description": "The name that your identity provider (IdP) uses for its RelayState parameter. For example, RelayState or TargetSource. Specify this value when you use IAM authentication and want to let federated users log in to a Studio using the Studio URL. The RelayState parameter differs by IdP.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A descriptive name for the Amazon EMR Studio.\n" }, "serviceRole": { "type": "string", "description": "The IAM role that the Amazon EMR Studio assumes. The service role provides a way for Amazon EMR Studio to interoperate with other Amazon Web Services services.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `vpc_id`. Studio users can create a Workspace in any of the specified subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userRole": { "type": "string", "description": "The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a User Role when you use Amazon Web Services SSO authentication. The permissions attached to the User Role can be scoped down for each user or group using session policies.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.\n", "willReplaceOnChanges": true }, "workspaceSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by `vpc_id`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authMode", "defaultS3Location", "engineSecurityGroupId", "serviceRole", "subnetIds", "vpcId", "workspaceSecurityGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Studio resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the studio.\n" }, "authMode": { "type": "string", "description": "Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO. Valid values are `SSO` or `IAM`.\n", "willReplaceOnChanges": true }, "defaultS3Location": { "type": "string", "description": "The Amazon S3 location to back up Amazon EMR Studio Workspaces and notebook files.\n" }, "description": { "type": "string", "description": "A detailed description of the Amazon EMR Studio.\n" }, "engineSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `vpc_id`.\n", "willReplaceOnChanges": true }, "idpAuthUrl": { "type": "string", "description": "The authentication endpoint of your identity provider (IdP). Specify this value when you use IAM authentication and want to let federated users log in to a Studio with the Studio URL and credentials from your IdP. Amazon EMR Studio redirects users to this endpoint to enter credentials.\n", "willReplaceOnChanges": true }, "idpRelayStateParameterName": { "type": "string", "description": "The name that your identity provider (IdP) uses for its RelayState parameter. For example, RelayState or TargetSource. Specify this value when you use IAM authentication and want to let federated users log in to a Studio using the Studio URL. The RelayState parameter differs by IdP.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A descriptive name for the Amazon EMR Studio.\n" }, "serviceRole": { "type": "string", "description": "The IAM role that the Amazon EMR Studio assumes. The service role provides a way for Amazon EMR Studio to interoperate with other Amazon Web Services services.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `vpc_id`. Studio users can create a Workspace in any of the specified subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "list of tags to apply to the EMR Cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The unique access URL of the Amazon EMR Studio.\n" }, "userRole": { "type": "string", "description": "The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a User Role when you use Amazon Web Services SSO authentication. The permissions attached to the User Role can be scoped down for each user or group using session policies.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.\n", "willReplaceOnChanges": true }, "workspaceSecurityGroupId": { "type": "string", "description": "The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by `vpc_id`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emr/studioSessionMapping:StudioSessionMapping": { "description": "Provides an Elastic MapReduce Studio Session Mapping.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emr.StudioSessionMapping(\"example\", {\n studioId: exampleAwsEmrStudio.id,\n identityType: \"USER\",\n identityId: \"example\",\n sessionPolicyArn: exampleAwsIamPolicy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.StudioSessionMapping(\"example\",\n studio_id=example_aws_emr_studio[\"id\"],\n identity_type=\"USER\",\n identity_id=\"example\",\n session_policy_arn=example_aws_iam_policy[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Emr.StudioSessionMapping(\"example\", new()\n {\n StudioId = exampleAwsEmrStudio.Id,\n IdentityType = \"USER\",\n IdentityId = \"example\",\n SessionPolicyArn = exampleAwsIamPolicy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.NewStudioSessionMapping(ctx, \"example\", \u0026emr.StudioSessionMappingArgs{\n\t\t\tStudioId: pulumi.Any(exampleAwsEmrStudio.Id),\n\t\t\tIdentityType: pulumi.String(\"USER\"),\n\t\t\tIdentityId: pulumi.String(\"example\"),\n\t\t\tSessionPolicyArn: pulumi.Any(exampleAwsIamPolicy.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.StudioSessionMapping;\nimport com.pulumi.aws.emr.StudioSessionMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StudioSessionMapping(\"example\", StudioSessionMappingArgs.builder()\n .studioId(exampleAwsEmrStudio.id())\n .identityType(\"USER\")\n .identityId(\"example\")\n .sessionPolicyArn(exampleAwsIamPolicy.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emr:StudioSessionMapping\n properties:\n studioId: ${exampleAwsEmrStudio.id}\n identityType: USER\n identityId: example\n sessionPolicyArn: ${exampleAwsIamPolicy.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR studio session mappings using `studio-id:identity-type:identity-id`. For example:\n\n```sh\n$ pulumi import aws:emr/studioSessionMapping:StudioSessionMapping example es-xxxxx:USER:xxxxx-xxx-xxx\n```\n", "properties": { "identityId": { "type": "string", "description": "The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store.\n" }, "identityName": { "type": "string", "description": "The name of the user or group from the Amazon Web Services SSO Identity Store.\n" }, "identityType": { "type": "string", "description": "Specifies whether the identity to map to the Amazon EMR Studio is a `USER` or a `GROUP`.\n" }, "sessionPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. You should specify the ARN for the session policy that you want to apply, not the ARN of your user role.\n" }, "studioId": { "type": "string", "description": "The ID of the Amazon EMR Studio to which the user or group will be mapped.\n" } }, "required": [ "identityId", "identityName", "identityType", "sessionPolicyArn", "studioId" ], "inputProperties": { "identityId": { "type": "string", "description": "The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store.\n", "willReplaceOnChanges": true }, "identityName": { "type": "string", "description": "The name of the user or group from the Amazon Web Services SSO Identity Store.\n", "willReplaceOnChanges": true }, "identityType": { "type": "string", "description": "Specifies whether the identity to map to the Amazon EMR Studio is a `USER` or a `GROUP`.\n", "willReplaceOnChanges": true }, "sessionPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. You should specify the ARN for the session policy that you want to apply, not the ARN of your user role.\n" }, "studioId": { "type": "string", "description": "The ID of the Amazon EMR Studio to which the user or group will be mapped.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "identityType", "sessionPolicyArn", "studioId" ], "stateInputs": { "description": "Input properties used for looking up and filtering StudioSessionMapping resources.\n", "properties": { "identityId": { "type": "string", "description": "The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store.\n", "willReplaceOnChanges": true }, "identityName": { "type": "string", "description": "The name of the user or group from the Amazon Web Services SSO Identity Store.\n", "willReplaceOnChanges": true }, "identityType": { "type": "string", "description": "Specifies whether the identity to map to the Amazon EMR Studio is a `USER` or a `GROUP`.\n", "willReplaceOnChanges": true }, "sessionPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. You should specify the ARN for the session policy that you want to apply, not the ARN of your user role.\n" }, "studioId": { "type": "string", "description": "The ID of the Amazon EMR Studio to which the user or group will be mapped.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emrcontainers/jobTemplate:JobTemplate": { "description": "Manages an EMR Containers (EMR on EKS) Job Template.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emrcontainers.JobTemplate(\"example\", {\n jobTemplateData: {\n executionRoleArn: exampleAwsIamRole.arn,\n releaseLabel: \"emr-6.10.0-latest\",\n jobDriver: {\n sparkSqlJobDriver: {\n entryPoint: \"default\",\n },\n },\n },\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrcontainers.JobTemplate(\"example\",\n job_template_data={\n \"execution_role_arn\": example_aws_iam_role[\"arn\"],\n \"release_label\": \"emr-6.10.0-latest\",\n \"job_driver\": {\n \"spark_sql_job_driver\": {\n \"entry_point\": \"default\",\n },\n },\n },\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.EmrContainers.JobTemplate(\"example\", new()\n {\n JobTemplateData = new Aws.EmrContainers.Inputs.JobTemplateJobTemplateDataArgs\n {\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n ReleaseLabel = \"emr-6.10.0-latest\",\n JobDriver = new Aws.EmrContainers.Inputs.JobTemplateJobTemplateDataJobDriverArgs\n {\n SparkSqlJobDriver = new Aws.EmrContainers.Inputs.JobTemplateJobTemplateDataJobDriverSparkSqlJobDriverArgs\n {\n EntryPoint = \"default\",\n },\n },\n },\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrcontainers\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emrcontainers.NewJobTemplate(ctx, \"example\", \u0026emrcontainers.JobTemplateArgs{\n\t\t\tJobTemplateData: \u0026emrcontainers.JobTemplateJobTemplateDataArgs{\n\t\t\t\tExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\tReleaseLabel: pulumi.String(\"emr-6.10.0-latest\"),\n\t\t\t\tJobDriver: \u0026emrcontainers.JobTemplateJobTemplateDataJobDriverArgs{\n\t\t\t\t\tSparkSqlJobDriver: \u0026emrcontainers.JobTemplateJobTemplateDataJobDriverSparkSqlJobDriverArgs{\n\t\t\t\t\t\tEntryPoint: pulumi.String(\"default\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrcontainers.JobTemplate;\nimport com.pulumi.aws.emrcontainers.JobTemplateArgs;\nimport com.pulumi.aws.emrcontainers.inputs.JobTemplateJobTemplateDataArgs;\nimport com.pulumi.aws.emrcontainers.inputs.JobTemplateJobTemplateDataJobDriverArgs;\nimport com.pulumi.aws.emrcontainers.inputs.JobTemplateJobTemplateDataJobDriverSparkSqlJobDriverArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new JobTemplate(\"example\", JobTemplateArgs.builder()\n .jobTemplateData(JobTemplateJobTemplateDataArgs.builder()\n .executionRoleArn(exampleAwsIamRole.arn())\n .releaseLabel(\"emr-6.10.0-latest\")\n .jobDriver(JobTemplateJobTemplateDataJobDriverArgs.builder()\n .sparkSqlJobDriver(JobTemplateJobTemplateDataJobDriverSparkSqlJobDriverArgs.builder()\n .entryPoint(\"default\")\n .build())\n .build())\n .build())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emrcontainers:JobTemplate\n properties:\n jobTemplateData:\n executionRoleArn: ${exampleAwsIamRole.arn}\n releaseLabel: emr-6.10.0-latest\n jobDriver:\n sparkSqlJobDriver:\n entryPoint: default\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS job templates using the `id`. For example:\n\n```sh\n$ pulumi import aws:emrcontainers/jobTemplate:JobTemplate example a1b2c3d4e5f6g7h8i9j10k11l\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the job template.\n" }, "jobTemplateData": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateData:JobTemplateJobTemplateData", "description": "The job template data which holds values of StartJobRun API request.\n" }, "kmsKeyArn": { "type": "string", "description": "The KMS key ARN used to encrypt the job template.\n" }, "name": { "type": "string", "description": "The specified name of the job template.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "jobTemplateData", "name", "tagsAll" ], "inputProperties": { "jobTemplateData": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateData:JobTemplateJobTemplateData", "description": "The job template data which holds values of StartJobRun API request.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "The KMS key ARN used to encrypt the job template.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The specified name of the job template.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "jobTemplateData" ], "stateInputs": { "description": "Input properties used for looking up and filtering JobTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the job template.\n" }, "jobTemplateData": { "$ref": "#/types/aws:emrcontainers/JobTemplateJobTemplateData:JobTemplateJobTemplateData", "description": "The job template data which holds values of StartJobRun API request.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "The KMS key ARN used to encrypt the job template.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The specified name of the job template.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:emrcontainers/virtualCluster:VirtualCluster": { "description": "Manages an EMR Containers (EMR on EKS) Virtual Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emrcontainers.VirtualCluster(\"example\", {\n containerProvider: {\n id: exampleAwsEksCluster.name,\n type: \"EKS\",\n info: {\n eksInfo: {\n namespace: \"default\",\n },\n },\n },\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrcontainers.VirtualCluster(\"example\",\n container_provider={\n \"id\": example_aws_eks_cluster[\"name\"],\n \"type\": \"EKS\",\n \"info\": {\n \"eks_info\": {\n \"namespace\": \"default\",\n },\n },\n },\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.EmrContainers.VirtualCluster(\"example\", new()\n {\n ContainerProvider = new Aws.EmrContainers.Inputs.VirtualClusterContainerProviderArgs\n {\n Id = exampleAwsEksCluster.Name,\n Type = \"EKS\",\n Info = new Aws.EmrContainers.Inputs.VirtualClusterContainerProviderInfoArgs\n {\n EksInfo = new Aws.EmrContainers.Inputs.VirtualClusterContainerProviderInfoEksInfoArgs\n {\n Namespace = \"default\",\n },\n },\n },\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrcontainers\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emrcontainers.NewVirtualCluster(ctx, \"example\", \u0026emrcontainers.VirtualClusterArgs{\n\t\t\tContainerProvider: \u0026emrcontainers.VirtualClusterContainerProviderArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsEksCluster.Name),\n\t\t\t\tType: pulumi.String(\"EKS\"),\n\t\t\t\tInfo: \u0026emrcontainers.VirtualClusterContainerProviderInfoArgs{\n\t\t\t\t\tEksInfo: \u0026emrcontainers.VirtualClusterContainerProviderInfoEksInfoArgs{\n\t\t\t\t\t\tNamespace: pulumi.String(\"default\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrcontainers.VirtualCluster;\nimport com.pulumi.aws.emrcontainers.VirtualClusterArgs;\nimport com.pulumi.aws.emrcontainers.inputs.VirtualClusterContainerProviderArgs;\nimport com.pulumi.aws.emrcontainers.inputs.VirtualClusterContainerProviderInfoArgs;\nimport com.pulumi.aws.emrcontainers.inputs.VirtualClusterContainerProviderInfoEksInfoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VirtualCluster(\"example\", VirtualClusterArgs.builder()\n .containerProvider(VirtualClusterContainerProviderArgs.builder()\n .id(exampleAwsEksCluster.name())\n .type(\"EKS\")\n .info(VirtualClusterContainerProviderInfoArgs.builder()\n .eksInfo(VirtualClusterContainerProviderInfoEksInfoArgs.builder()\n .namespace(\"default\")\n .build())\n .build())\n .build())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emrcontainers:VirtualCluster\n properties:\n containerProvider:\n id: ${exampleAwsEksCluster.name}\n type: EKS\n info:\n eksInfo:\n namespace: default\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Clusters using the `id`. For example:\n\n```sh\n$ pulumi import aws:emrcontainers/virtualCluster:VirtualCluster example a1b2c3d4e5f6g7h8i9j10k11l\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "containerProvider": { "$ref": "#/types/aws:emrcontainers/VirtualClusterContainerProvider:VirtualClusterContainerProvider", "description": "Configuration block for the container provider associated with your cluster.\n" }, "name": { "type": "string", "description": "Name of the virtual cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "containerProvider", "name", "tagsAll" ], "inputProperties": { "containerProvider": { "$ref": "#/types/aws:emrcontainers/VirtualClusterContainerProvider:VirtualClusterContainerProvider", "description": "Configuration block for the container provider associated with your cluster.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the virtual cluster.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "containerProvider" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualCluster resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "containerProvider": { "$ref": "#/types/aws:emrcontainers/VirtualClusterContainerProvider:VirtualClusterContainerProvider", "description": "Configuration block for the container provider associated with your cluster.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the virtual cluster.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:emrserverless/application:Application": { "description": "Manages an EMR Serverless Application.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emrserverless.Application(\"example\", {\n name: \"example\",\n releaseLabel: \"emr-6.6.0\",\n type: \"hive\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrserverless.Application(\"example\",\n name=\"example\",\n release_label=\"emr-6.6.0\",\n type=\"hive\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.EmrServerless.Application(\"example\", new()\n {\n Name = \"example\",\n ReleaseLabel = \"emr-6.6.0\",\n Type = \"hive\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emrserverless.NewApplication(ctx, \"example\", \u0026emrserverless.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tReleaseLabel: pulumi.String(\"emr-6.6.0\"),\n\t\t\tType: pulumi.String(\"hive\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrserverless.Application;\nimport com.pulumi.aws.emrserverless.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"example\")\n .releaseLabel(\"emr-6.6.0\")\n .type(\"hive\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emrserverless:Application\n properties:\n name: example\n releaseLabel: emr-6.6.0\n type: hive\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Initial Capacity Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emrserverless.Application(\"example\", {\n name: \"example\",\n releaseLabel: \"emr-6.6.0\",\n type: \"hive\",\n initialCapacities: [{\n initialCapacityType: \"HiveDriver\",\n initialCapacityConfig: {\n workerCount: 1,\n workerConfiguration: {\n cpu: \"2 vCPU\",\n memory: \"10 GB\",\n },\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrserverless.Application(\"example\",\n name=\"example\",\n release_label=\"emr-6.6.0\",\n type=\"hive\",\n initial_capacities=[{\n \"initial_capacity_type\": \"HiveDriver\",\n \"initial_capacity_config\": {\n \"worker_count\": 1,\n \"worker_configuration\": {\n \"cpu\": \"2 vCPU\",\n \"memory\": \"10 GB\",\n },\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.EmrServerless.Application(\"example\", new()\n {\n Name = \"example\",\n ReleaseLabel = \"emr-6.6.0\",\n Type = \"hive\",\n InitialCapacities = new[]\n {\n new Aws.EmrServerless.Inputs.ApplicationInitialCapacityArgs\n {\n InitialCapacityType = \"HiveDriver\",\n InitialCapacityConfig = new Aws.EmrServerless.Inputs.ApplicationInitialCapacityInitialCapacityConfigArgs\n {\n WorkerCount = 1,\n WorkerConfiguration = new Aws.EmrServerless.Inputs.ApplicationInitialCapacityInitialCapacityConfigWorkerConfigurationArgs\n {\n Cpu = \"2 vCPU\",\n Memory = \"10 GB\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emrserverless.NewApplication(ctx, \"example\", \u0026emrserverless.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tReleaseLabel: pulumi.String(\"emr-6.6.0\"),\n\t\t\tType: pulumi.String(\"hive\"),\n\t\t\tInitialCapacities: emrserverless.ApplicationInitialCapacityArray{\n\t\t\t\t\u0026emrserverless.ApplicationInitialCapacityArgs{\n\t\t\t\t\tInitialCapacityType: pulumi.String(\"HiveDriver\"),\n\t\t\t\t\tInitialCapacityConfig: \u0026emrserverless.ApplicationInitialCapacityInitialCapacityConfigArgs{\n\t\t\t\t\t\tWorkerCount: pulumi.Int(1),\n\t\t\t\t\t\tWorkerConfiguration: \u0026emrserverless.ApplicationInitialCapacityInitialCapacityConfigWorkerConfigurationArgs{\n\t\t\t\t\t\t\tCpu: pulumi.String(\"2 vCPU\"),\n\t\t\t\t\t\t\tMemory: pulumi.String(\"10 GB\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrserverless.Application;\nimport com.pulumi.aws.emrserverless.ApplicationArgs;\nimport com.pulumi.aws.emrserverless.inputs.ApplicationInitialCapacityArgs;\nimport com.pulumi.aws.emrserverless.inputs.ApplicationInitialCapacityInitialCapacityConfigArgs;\nimport com.pulumi.aws.emrserverless.inputs.ApplicationInitialCapacityInitialCapacityConfigWorkerConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"example\")\n .releaseLabel(\"emr-6.6.0\")\n .type(\"hive\")\n .initialCapacities(ApplicationInitialCapacityArgs.builder()\n .initialCapacityType(\"HiveDriver\")\n .initialCapacityConfig(ApplicationInitialCapacityInitialCapacityConfigArgs.builder()\n .workerCount(1)\n .workerConfiguration(ApplicationInitialCapacityInitialCapacityConfigWorkerConfigurationArgs.builder()\n .cpu(\"2 vCPU\")\n .memory(\"10 GB\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emrserverless:Application\n properties:\n name: example\n releaseLabel: emr-6.6.0\n type: hive\n initialCapacities:\n - initialCapacityType: HiveDriver\n initialCapacityConfig:\n workerCount: 1\n workerConfiguration:\n cpu: 2 vCPU\n memory: 10 GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Maximum Capacity Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.emrserverless.Application(\"example\", {\n name: \"example\",\n releaseLabel: \"emr-6.6.0\",\n type: \"hive\",\n maximumCapacity: {\n cpu: \"2 vCPU\",\n memory: \"10 GB\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrserverless.Application(\"example\",\n name=\"example\",\n release_label=\"emr-6.6.0\",\n type=\"hive\",\n maximum_capacity={\n \"cpu\": \"2 vCPU\",\n \"memory\": \"10 GB\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.EmrServerless.Application(\"example\", new()\n {\n Name = \"example\",\n ReleaseLabel = \"emr-6.6.0\",\n Type = \"hive\",\n MaximumCapacity = new Aws.EmrServerless.Inputs.ApplicationMaximumCapacityArgs\n {\n Cpu = \"2 vCPU\",\n Memory = \"10 GB\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emrserverless.NewApplication(ctx, \"example\", \u0026emrserverless.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tReleaseLabel: pulumi.String(\"emr-6.6.0\"),\n\t\t\tType: pulumi.String(\"hive\"),\n\t\t\tMaximumCapacity: \u0026emrserverless.ApplicationMaximumCapacityArgs{\n\t\t\t\tCpu: pulumi.String(\"2 vCPU\"),\n\t\t\t\tMemory: pulumi.String(\"10 GB\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrserverless.Application;\nimport com.pulumi.aws.emrserverless.ApplicationArgs;\nimport com.pulumi.aws.emrserverless.inputs.ApplicationMaximumCapacityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"example\")\n .releaseLabel(\"emr-6.6.0\")\n .type(\"hive\")\n .maximumCapacity(ApplicationMaximumCapacityArgs.builder()\n .cpu(\"2 vCPU\")\n .memory(\"10 GB\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:emrserverless:Application\n properties:\n name: example\n releaseLabel: emr-6.6.0\n type: hive\n maximumCapacity:\n cpu: 2 vCPU\n memory: 10 GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EMR Severless applications using the `id`. For example:\n\n```sh\n$ pulumi import aws:emrserverless/application:Application example id\n```\n", "properties": { "architecture": { "type": "string", "description": "The CPU architecture of an application. Valid values are `ARM64` or `X86_64`. Default value is `X86_64`.\n" }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "autoStartConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStartConfiguration:ApplicationAutoStartConfiguration", "description": "The configuration for an application to automatically start on job submission.\n" }, "autoStopConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStopConfiguration:ApplicationAutoStopConfiguration", "description": "The configuration for an application to automatically stop after a certain amount of time being idle.\n" }, "imageConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationImageConfiguration:ApplicationImageConfiguration", "description": "The image configuration applied to all worker types.\n" }, "initialCapacities": { "type": "array", "items": { "$ref": "#/types/aws:emrserverless/ApplicationInitialCapacity:ApplicationInitialCapacity" }, "description": "The capacity to initialize when the application is created.\n" }, "interactiveConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationInteractiveConfiguration:ApplicationInteractiveConfiguration", "description": "Enables the interactive use cases to use when running an application.\n" }, "maximumCapacity": { "$ref": "#/types/aws:emrserverless/ApplicationMaximumCapacity:ApplicationMaximumCapacity", "description": "The maximum capacity to allocate when the application is created. This is cumulative across all workers at any given point in time, not just when an application is created. No new resources will be created once any one of the defined limits is hit.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "networkConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationNetworkConfiguration:ApplicationNetworkConfiguration", "description": "The network configuration for customer VPC connectivity.\n" }, "releaseLabel": { "type": "string", "description": "The EMR release version associated with the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of application you want to start, such as `spark` or `hive`.\n" } }, "required": [ "arn", "autoStartConfiguration", "autoStopConfiguration", "imageConfiguration", "interactiveConfiguration", "maximumCapacity", "name", "releaseLabel", "tagsAll", "type" ], "inputProperties": { "architecture": { "type": "string", "description": "The CPU architecture of an application. Valid values are `ARM64` or `X86_64`. Default value is `X86_64`.\n" }, "autoStartConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStartConfiguration:ApplicationAutoStartConfiguration", "description": "The configuration for an application to automatically start on job submission.\n" }, "autoStopConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStopConfiguration:ApplicationAutoStopConfiguration", "description": "The configuration for an application to automatically stop after a certain amount of time being idle.\n" }, "imageConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationImageConfiguration:ApplicationImageConfiguration", "description": "The image configuration applied to all worker types.\n" }, "initialCapacities": { "type": "array", "items": { "$ref": "#/types/aws:emrserverless/ApplicationInitialCapacity:ApplicationInitialCapacity" }, "description": "The capacity to initialize when the application is created.\n" }, "interactiveConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationInteractiveConfiguration:ApplicationInteractiveConfiguration", "description": "Enables the interactive use cases to use when running an application.\n" }, "maximumCapacity": { "$ref": "#/types/aws:emrserverless/ApplicationMaximumCapacity:ApplicationMaximumCapacity", "description": "The maximum capacity to allocate when the application is created. This is cumulative across all workers at any given point in time, not just when an application is created. No new resources will be created once any one of the defined limits is hit.\n" }, "name": { "type": "string", "description": "The name of the application.\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationNetworkConfiguration:ApplicationNetworkConfiguration", "description": "The network configuration for customer VPC connectivity.\n" }, "releaseLabel": { "type": "string", "description": "The EMR release version associated with the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of application you want to start, such as `spark` or `hive`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "releaseLabel", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "architecture": { "type": "string", "description": "The CPU architecture of an application. Valid values are `ARM64` or `X86_64`. Default value is `X86_64`.\n" }, "arn": { "type": "string", "description": "ARN of the cluster.\n" }, "autoStartConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStartConfiguration:ApplicationAutoStartConfiguration", "description": "The configuration for an application to automatically start on job submission.\n" }, "autoStopConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationAutoStopConfiguration:ApplicationAutoStopConfiguration", "description": "The configuration for an application to automatically stop after a certain amount of time being idle.\n" }, "imageConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationImageConfiguration:ApplicationImageConfiguration", "description": "The image configuration applied to all worker types.\n" }, "initialCapacities": { "type": "array", "items": { "$ref": "#/types/aws:emrserverless/ApplicationInitialCapacity:ApplicationInitialCapacity" }, "description": "The capacity to initialize when the application is created.\n" }, "interactiveConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationInteractiveConfiguration:ApplicationInteractiveConfiguration", "description": "Enables the interactive use cases to use when running an application.\n" }, "maximumCapacity": { "$ref": "#/types/aws:emrserverless/ApplicationMaximumCapacity:ApplicationMaximumCapacity", "description": "The maximum capacity to allocate when the application is created. This is cumulative across all workers at any given point in time, not just when an application is created. No new resources will be created once any one of the defined limits is hit.\n" }, "name": { "type": "string", "description": "The name of the application.\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:emrserverless/ApplicationNetworkConfiguration:ApplicationNetworkConfiguration", "description": "The network configuration for customer VPC connectivity.\n" }, "releaseLabel": { "type": "string", "description": "The EMR release version associated with the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of application you want to start, such as `spark` or `hive`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:evidently/feature:Feature": { "description": "Provides a CloudWatch Evidently Feature resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Feature(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n description: \"example description\",\n variations: [{\n name: \"Variation1\",\n value: {\n stringValue: \"example\",\n },\n }],\n tags: {\n Key1: \"example Feature\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Feature(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n description=\"example description\",\n variations=[{\n \"name\": \"Variation1\",\n \"value\": {\n \"string_value\": \"example\",\n },\n }],\n tags={\n \"Key1\": \"example Feature\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Feature(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Description = \"example description\",\n Variations = new[]\n {\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation1\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"example\",\n },\n },\n },\n Tags = \n {\n { \"Key1\", \"example Feature\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewFeature(ctx, \"example\", \u0026evidently.FeatureArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tVariations: evidently.FeatureVariationArray{\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Feature\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Feature;\nimport com.pulumi.aws.evidently.FeatureArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationValueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Feature(\"example\", FeatureArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .description(\"example description\")\n .variations(FeatureVariationArgs.builder()\n .name(\"Variation1\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"example\")\n .build())\n .build())\n .tags(Map.of(\"Key1\", \"example Feature\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Feature\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n description: example description\n variations:\n - name: Variation1\n value:\n stringValue: example\n tags:\n Key1: example Feature\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With default variation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Feature(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n defaultVariation: \"Variation2\",\n variations: [\n {\n name: \"Variation1\",\n value: {\n stringValue: \"exampleval1\",\n },\n },\n {\n name: \"Variation2\",\n value: {\n stringValue: \"exampleval2\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Feature(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n default_variation=\"Variation2\",\n variations=[\n {\n \"name\": \"Variation1\",\n \"value\": {\n \"string_value\": \"exampleval1\",\n },\n },\n {\n \"name\": \"Variation2\",\n \"value\": {\n \"string_value\": \"exampleval2\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Feature(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n DefaultVariation = \"Variation2\",\n Variations = new[]\n {\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation1\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"exampleval1\",\n },\n },\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation2\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"exampleval2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewFeature(ctx, \"example\", \u0026evidently.FeatureArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tDefaultVariation: pulumi.String(\"Variation2\"),\n\t\t\tVariations: evidently.FeatureVariationArray{\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"exampleval1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation2\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"exampleval2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Feature;\nimport com.pulumi.aws.evidently.FeatureArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationValueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Feature(\"example\", FeatureArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .defaultVariation(\"Variation2\")\n .variations( \n FeatureVariationArgs.builder()\n .name(\"Variation1\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"exampleval1\")\n .build())\n .build(),\n FeatureVariationArgs.builder()\n .name(\"Variation2\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"exampleval2\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Feature\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n defaultVariation: Variation2\n variations:\n - name: Variation1\n value:\n stringValue: exampleval1\n - name: Variation2\n value:\n stringValue: exampleval2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With entity overrides\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Feature(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n entityOverrides: {\n test1: \"Variation1\",\n },\n variations: [\n {\n name: \"Variation1\",\n value: {\n stringValue: \"exampleval1\",\n },\n },\n {\n name: \"Variation2\",\n value: {\n stringValue: \"exampleval2\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Feature(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n entity_overrides={\n \"test1\": \"Variation1\",\n },\n variations=[\n {\n \"name\": \"Variation1\",\n \"value\": {\n \"string_value\": \"exampleval1\",\n },\n },\n {\n \"name\": \"Variation2\",\n \"value\": {\n \"string_value\": \"exampleval2\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Feature(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n EntityOverrides = \n {\n { \"test1\", \"Variation1\" },\n },\n Variations = new[]\n {\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation1\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"exampleval1\",\n },\n },\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation2\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"exampleval2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewFeature(ctx, \"example\", \u0026evidently.FeatureArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tEntityOverrides: pulumi.StringMap{\n\t\t\t\t\"test1\": pulumi.String(\"Variation1\"),\n\t\t\t},\n\t\t\tVariations: evidently.FeatureVariationArray{\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"exampleval1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation2\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"exampleval2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Feature;\nimport com.pulumi.aws.evidently.FeatureArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationValueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Feature(\"example\", FeatureArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .entityOverrides(Map.of(\"test1\", \"Variation1\"))\n .variations( \n FeatureVariationArgs.builder()\n .name(\"Variation1\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"exampleval1\")\n .build())\n .build(),\n FeatureVariationArgs.builder()\n .name(\"Variation2\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"exampleval2\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Feature\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n entityOverrides:\n test1: Variation1\n variations:\n - name: Variation1\n value:\n stringValue: exampleval1\n - name: Variation2\n value:\n stringValue: exampleval2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With evaluation strategy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Feature(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n evaluationStrategy: \"ALL_RULES\",\n entityOverrides: {\n test1: \"Variation1\",\n },\n variations: [{\n name: \"Variation1\",\n value: {\n stringValue: \"exampleval1\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Feature(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n evaluation_strategy=\"ALL_RULES\",\n entity_overrides={\n \"test1\": \"Variation1\",\n },\n variations=[{\n \"name\": \"Variation1\",\n \"value\": {\n \"string_value\": \"exampleval1\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Feature(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n EvaluationStrategy = \"ALL_RULES\",\n EntityOverrides = \n {\n { \"test1\", \"Variation1\" },\n },\n Variations = new[]\n {\n new Aws.Evidently.Inputs.FeatureVariationArgs\n {\n Name = \"Variation1\",\n Value = new Aws.Evidently.Inputs.FeatureVariationValueArgs\n {\n StringValue = \"exampleval1\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewFeature(ctx, \"example\", \u0026evidently.FeatureArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tEvaluationStrategy: pulumi.String(\"ALL_RULES\"),\n\t\t\tEntityOverrides: pulumi.StringMap{\n\t\t\t\t\"test1\": pulumi.String(\"Variation1\"),\n\t\t\t},\n\t\t\tVariations: evidently.FeatureVariationArray{\n\t\t\t\t\u0026evidently.FeatureVariationArgs{\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tValue: \u0026evidently.FeatureVariationValueArgs{\n\t\t\t\t\t\tStringValue: pulumi.String(\"exampleval1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Feature;\nimport com.pulumi.aws.evidently.FeatureArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationArgs;\nimport com.pulumi.aws.evidently.inputs.FeatureVariationValueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Feature(\"example\", FeatureArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .evaluationStrategy(\"ALL_RULES\")\n .entityOverrides(Map.of(\"test1\", \"Variation1\"))\n .variations(FeatureVariationArgs.builder()\n .name(\"Variation1\")\n .value(FeatureVariationValueArgs.builder()\n .stringValue(\"exampleval1\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Feature\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n evaluationStrategy: ALL_RULES\n entityOverrides:\n test1: Variation1\n variations:\n - name: Variation1\n value:\n stringValue: exampleval1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Evidently Feature using the feature `name` and `name` or `arn` of the hosting CloudWatch Evidently Project separated by a `:`. For example:\n\n```sh\n$ pulumi import aws:evidently/feature:Feature example exampleFeatureName:arn:aws:evidently:us-east-1:123456789012:project/example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the feature.\n" }, "createdTime": { "type": "string", "description": "The date and time that the feature is created.\n" }, "defaultVariation": { "type": "string", "description": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature. This variation must also be listed in the `variations` structure. If you omit `default_variation`, the first variation listed in the `variations` structure is used as the default variation.\n" }, "description": { "type": "string", "description": "Specifies the description of the feature.\n" }, "entityOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.\n" }, "evaluationRules": { "type": "array", "items": { "$ref": "#/types/aws:evidently/FeatureEvaluationRule:FeatureEvaluationRule" }, "description": "One or more blocks that define the evaluation rules for the feature. Detailed below\n" }, "evaluationStrategy": { "type": "string", "description": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the feature was most recently updated.\n" }, "name": { "type": "string", "description": "The name for the new feature. Minimum length of `1`. Maximum length of `127`.\n" }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new feature.\n" }, "status": { "type": "string", "description": "The current state of the feature. Valid values are `AVAILABLE` and `UPDATING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the feature. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "valueType": { "type": "string", "description": "Defines the type of value used to define the different feature variations. Valid Values: `STRING`, `LONG`, `DOUBLE`, `BOOLEAN`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:evidently/FeatureVariation:FeatureVariation" }, "description": "One or more blocks that contain the configuration of the feature's different variations. Detailed below\n" } }, "required": [ "arn", "createdTime", "defaultVariation", "evaluationRules", "evaluationStrategy", "lastUpdatedTime", "name", "project", "status", "tagsAll", "valueType", "variations" ], "inputProperties": { "defaultVariation": { "type": "string", "description": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature. This variation must also be listed in the `variations` structure. If you omit `default_variation`, the first variation listed in the `variations` structure is used as the default variation.\n" }, "description": { "type": "string", "description": "Specifies the description of the feature.\n" }, "entityOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.\n" }, "evaluationStrategy": { "type": "string", "description": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.\n" }, "name": { "type": "string", "description": "The name for the new feature. Minimum length of `1`. Maximum length of `127`.\n", "willReplaceOnChanges": true }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new feature.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the feature. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:evidently/FeatureVariation:FeatureVariation" }, "description": "One or more blocks that contain the configuration of the feature's different variations. Detailed below\n" } }, "requiredInputs": [ "project", "variations" ], "stateInputs": { "description": "Input properties used for looking up and filtering Feature resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the feature.\n" }, "createdTime": { "type": "string", "description": "The date and time that the feature is created.\n" }, "defaultVariation": { "type": "string", "description": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature. This variation must also be listed in the `variations` structure. If you omit `default_variation`, the first variation listed in the `variations` structure is used as the default variation.\n" }, "description": { "type": "string", "description": "Specifies the description of the feature.\n" }, "entityOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.\n" }, "evaluationRules": { "type": "array", "items": { "$ref": "#/types/aws:evidently/FeatureEvaluationRule:FeatureEvaluationRule" }, "description": "One or more blocks that define the evaluation rules for the feature. Detailed below\n" }, "evaluationStrategy": { "type": "string", "description": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the feature was most recently updated.\n" }, "name": { "type": "string", "description": "The name for the new feature. Minimum length of `1`. Maximum length of `127`.\n", "willReplaceOnChanges": true }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new feature.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The current state of the feature. Valid values are `AVAILABLE` and `UPDATING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the feature. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "valueType": { "type": "string", "description": "Defines the type of value used to define the different feature variations. Valid Values: `STRING`, `LONG`, `DOUBLE`, `BOOLEAN`.\n" }, "variations": { "type": "array", "items": { "$ref": "#/types/aws:evidently/FeatureVariation:FeatureVariation" }, "description": "One or more blocks that contain the configuration of the feature's different variations. Detailed below\n" } }, "type": "object" } }, "aws:evidently/launch:Launch": { "description": "Provides a CloudWatch Evidently Launch resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n groups: [{\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n }],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n groups=[{\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n }],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .groups(LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.of(\"Variation1\", 0))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n startTime: 2024-01-07 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With description\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n description: \"example description\",\n groups: [{\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n }],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n description=\"example description\",\n groups=[{\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n }],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Description = \"example description\",\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .description(\"example description\")\n .groups(LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.of(\"Variation1\", 0))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n description: example description\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n startTime: 2024-01-07 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With multiple groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n groups: [\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n description: \"first-group\",\n },\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation2\",\n variation: \"Variation2\",\n description: \"second-group\",\n },\n ],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n Variation2: 0,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n groups=[\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n \"description\": \"first-group\",\n },\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation2\",\n \"variation\": \"Variation2\",\n \"description\": \"second-group\",\n },\n ],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n \"variation2\": 0,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n Description = \"first-group\",\n },\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation2\",\n Variation = \"Variation2\",\n Description = \"second-group\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n { \"Variation2\", 0 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t\tDescription: pulumi.String(\"first-group\"),\n\t\t\t\t},\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation2\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation2\"),\n\t\t\t\t\tDescription: pulumi.String(\"second-group\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .groups( \n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .description(\"first-group\")\n .build(),\n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation2\")\n .variation(\"Variation2\")\n .description(\"second-group\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.ofEntries(\n Map.entry(\"Variation1\", 0),\n Map.entry(\"Variation2\", 0)\n ))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n description: first-group\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation2\n variation: Variation2\n description: second-group\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n Variation2: 0\n startTime: 2024-01-07 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With metric_monitors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n groups: [{\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n }],\n metricMonitors: [\n {\n metricDefinition: {\n entityIdKey: \"entity_id_key1\",\n eventPattern: \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",11,\\\"\u003c=\\\",22]}]}\",\n name: \"name1\",\n unitLabel: \"unit_label1\",\n valueKey: \"value_key1\",\n },\n },\n {\n metricDefinition: {\n entityIdKey: \"entity_id_key2\",\n eventPattern: \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",9,\\\"\u003c=\\\",19]}]}\",\n name: \"name2\",\n unitLabel: \"unit_label2\",\n valueKey: \"value_key2\",\n },\n },\n ],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n groups=[{\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n }],\n metric_monitors=[\n {\n \"metric_definition\": {\n \"entity_id_key\": \"entity_id_key1\",\n \"event_pattern\": \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",11,\\\"\u003c=\\\",22]}]}\",\n \"name\": \"name1\",\n \"unit_label\": \"unit_label1\",\n \"value_key\": \"value_key1\",\n },\n },\n {\n \"metric_definition\": {\n \"entity_id_key\": \"entity_id_key2\",\n \"event_pattern\": \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",9,\\\"\u003c=\\\",19]}]}\",\n \"name\": \"name2\",\n \"unit_label\": \"unit_label2\",\n \"value_key\": \"value_key2\",\n },\n },\n ],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n },\n MetricMonitors = new[]\n {\n new Aws.Evidently.Inputs.LaunchMetricMonitorArgs\n {\n MetricDefinition = new Aws.Evidently.Inputs.LaunchMetricMonitorMetricDefinitionArgs\n {\n EntityIdKey = \"entity_id_key1\",\n EventPattern = \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",11,\\\"\u003c=\\\",22]}]}\",\n Name = \"name1\",\n UnitLabel = \"unit_label1\",\n ValueKey = \"value_key1\",\n },\n },\n new Aws.Evidently.Inputs.LaunchMetricMonitorArgs\n {\n MetricDefinition = new Aws.Evidently.Inputs.LaunchMetricMonitorMetricDefinitionArgs\n {\n EntityIdKey = \"entity_id_key2\",\n EventPattern = \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",9,\\\"\u003c=\\\",19]}]}\",\n Name = \"name2\",\n UnitLabel = \"unit_label2\",\n ValueKey = \"value_key2\",\n },\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMetricMonitors: evidently.LaunchMetricMonitorArray{\n\t\t\t\t\u0026evidently.LaunchMetricMonitorArgs{\n\t\t\t\t\tMetricDefinition: \u0026evidently.LaunchMetricMonitorMetricDefinitionArgs{\n\t\t\t\t\t\tEntityIdKey: pulumi.String(\"entity_id_key1\"),\n\t\t\t\t\t\tEventPattern: pulumi.String(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",11,\\\"\u003c=\\\",22]}]}\"),\n\t\t\t\t\t\tName: pulumi.String(\"name1\"),\n\t\t\t\t\t\tUnitLabel: pulumi.String(\"unit_label1\"),\n\t\t\t\t\t\tValueKey: pulumi.String(\"value_key1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026evidently.LaunchMetricMonitorArgs{\n\t\t\t\t\tMetricDefinition: \u0026evidently.LaunchMetricMonitorMetricDefinitionArgs{\n\t\t\t\t\t\tEntityIdKey: pulumi.String(\"entity_id_key2\"),\n\t\t\t\t\t\tEventPattern: pulumi.String(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",9,\\\"\u003c=\\\",19]}]}\"),\n\t\t\t\t\t\tName: pulumi.String(\"name2\"),\n\t\t\t\t\t\tUnitLabel: pulumi.String(\"unit_label2\"),\n\t\t\t\t\t\tValueKey: pulumi.String(\"value_key2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchMetricMonitorArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchMetricMonitorMetricDefinitionArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .groups(LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build())\n .metricMonitors( \n LaunchMetricMonitorArgs.builder()\n .metricDefinition(LaunchMetricMonitorMetricDefinitionArgs.builder()\n .entityIdKey(\"entity_id_key1\")\n .eventPattern(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",11,\\\"\u003c=\\\",22]}]}\")\n .name(\"name1\")\n .unitLabel(\"unit_label1\")\n .valueKey(\"value_key1\")\n .build())\n .build(),\n LaunchMetricMonitorArgs.builder()\n .metricDefinition(LaunchMetricMonitorMetricDefinitionArgs.builder()\n .entityIdKey(\"entity_id_key2\")\n .eventPattern(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",9,\\\"\u003c=\\\",19]}]}\")\n .name(\"name2\")\n .unitLabel(\"unit_label2\")\n .valueKey(\"value_key2\")\n .build())\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.of(\"Variation1\", 0))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n metricMonitors:\n - metricDefinition:\n entityIdKey: entity_id_key1\n eventPattern: '{\"Price\":[{\"numeric\":[\"\u003e\",11,\"\u003c=\",22]}]}'\n name: name1\n unitLabel: unit_label1\n valueKey: value_key1\n - metricDefinition:\n entityIdKey: entity_id_key2\n eventPattern: '{\"Price\":[{\"numeric\":[\"\u003e\",9,\"\u003c=\",19]}]}'\n name: name2\n unitLabel: unit_label2\n valueKey: value_key2\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n startTime: 2024-01-07 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With randomization_salt\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n randomizationSalt: \"example randomization salt\",\n groups: [{\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n }],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n randomization_salt=\"example randomization salt\",\n groups=[{\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n }],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n RandomizationSalt = \"example randomization salt\",\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tRandomizationSalt: pulumi.String(\"example randomization salt\"),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .randomizationSalt(\"example randomization salt\")\n .groups(LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.of(\"Variation1\", 0))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n randomizationSalt: example randomization salt\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n startTime: 2024-01-07 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With multiple steps\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n groups: [\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n },\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation2\",\n variation: \"Variation2\",\n },\n ],\n scheduledSplitsConfig: {\n steps: [\n {\n groupWeights: {\n Variation1: 15,\n Variation2: 10,\n },\n startTime: \"2024-01-07 01:43:59+00:00\",\n },\n {\n groupWeights: {\n Variation1: 20,\n Variation2: 25,\n },\n startTime: \"2024-01-08 01:43:59+00:00\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n groups=[\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n },\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation2\",\n \"variation\": \"Variation2\",\n },\n ],\n scheduled_splits_config={\n \"steps\": [\n {\n \"group_weights\": {\n \"variation1\": 15,\n \"variation2\": 10,\n },\n \"start_time\": \"2024-01-07 01:43:59+00:00\",\n },\n {\n \"group_weights\": {\n \"variation1\": 20,\n \"variation2\": 25,\n },\n \"start_time\": \"2024-01-08 01:43:59+00:00\",\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation2\",\n Variation = \"Variation2\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 15 },\n { \"Variation2\", 10 },\n },\n StartTime = \"2024-01-07 01:43:59+00:00\",\n },\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 20 },\n { \"Variation2\", 25 },\n },\n StartTime = \"2024-01-08 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation2\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(15),\n\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(10),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-07 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(20),\n\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(25),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-08 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .groups( \n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build(),\n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation2\")\n .variation(\"Variation2\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps( \n LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.ofEntries(\n Map.entry(\"Variation1\", 15),\n Map.entry(\"Variation2\", 10)\n ))\n .startTime(\"2024-01-07 01:43:59+00:00\")\n .build(),\n LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.ofEntries(\n Map.entry(\"Variation1\", 20),\n Map.entry(\"Variation2\", 25)\n ))\n .startTime(\"2024-01-08 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation2\n variation: Variation2\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 15\n Variation2: 10\n startTime: 2024-01-07 01:43:59+00:00\n - groupWeights:\n Variation1: 20\n Variation2: 25\n startTime: 2024-01-08 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With segment overrides\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Launch(\"example\", {\n name: \"example\",\n project: exampleAwsEvidentlyProject.name,\n groups: [\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation1\",\n variation: \"Variation1\",\n },\n {\n feature: exampleAwsEvidentlyFeature.name,\n name: \"Variation2\",\n variation: \"Variation2\",\n },\n ],\n scheduledSplitsConfig: {\n steps: [{\n groupWeights: {\n Variation1: 0,\n Variation2: 0,\n },\n segmentOverrides: [\n {\n evaluationOrder: 1,\n segment: exampleAwsEvidentlySegment.name,\n weights: {\n Variation2: 10000,\n },\n },\n {\n evaluationOrder: 2,\n segment: exampleAwsEvidentlySegment.name,\n weights: {\n Variation1: 40000,\n Variation2: 30000,\n },\n },\n ],\n startTime: \"2024-01-08 01:43:59+00:00\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Launch(\"example\",\n name=\"example\",\n project=example_aws_evidently_project[\"name\"],\n groups=[\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation1\",\n \"variation\": \"Variation1\",\n },\n {\n \"feature\": example_aws_evidently_feature[\"name\"],\n \"name\": \"Variation2\",\n \"variation\": \"Variation2\",\n },\n ],\n scheduled_splits_config={\n \"steps\": [{\n \"group_weights\": {\n \"variation1\": 0,\n \"variation2\": 0,\n },\n \"segment_overrides\": [\n {\n \"evaluation_order\": 1,\n \"segment\": example_aws_evidently_segment[\"name\"],\n \"weights\": {\n \"variation2\": 10000,\n },\n },\n {\n \"evaluation_order\": 2,\n \"segment\": example_aws_evidently_segment[\"name\"],\n \"weights\": {\n \"variation1\": 40000,\n \"variation2\": 30000,\n },\n },\n ],\n \"start_time\": \"2024-01-08 01:43:59+00:00\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Launch(\"example\", new()\n {\n Name = \"example\",\n Project = exampleAwsEvidentlyProject.Name,\n Groups = new[]\n {\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation1\",\n Variation = \"Variation1\",\n },\n new Aws.Evidently.Inputs.LaunchGroupArgs\n {\n Feature = exampleAwsEvidentlyFeature.Name,\n Name = \"Variation2\",\n Variation = \"Variation2\",\n },\n },\n ScheduledSplitsConfig = new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigArgs\n {\n Steps = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepArgs\n {\n GroupWeights = \n {\n { \"Variation1\", 0 },\n { \"Variation2\", 0 },\n },\n SegmentOverrides = new[]\n {\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepSegmentOverrideArgs\n {\n EvaluationOrder = 1,\n Segment = exampleAwsEvidentlySegment.Name,\n Weights = \n {\n { \"Variation2\", 10000 },\n },\n },\n new Aws.Evidently.Inputs.LaunchScheduledSplitsConfigStepSegmentOverrideArgs\n {\n EvaluationOrder = 2,\n Segment = exampleAwsEvidentlySegment.Name,\n Weights = \n {\n { \"Variation1\", 40000 },\n { \"Variation2\", 30000 },\n },\n },\n },\n StartTime = \"2024-01-08 01:43:59+00:00\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewLaunch(ctx, \"example\", \u0026evidently.LaunchArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProject: pulumi.Any(exampleAwsEvidentlyProject.Name),\n\t\t\tGroups: evidently.LaunchGroupArray{\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation1\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation1\"),\n\t\t\t\t},\n\t\t\t\t\u0026evidently.LaunchGroupArgs{\n\t\t\t\t\tFeature: pulumi.Any(exampleAwsEvidentlyFeature.Name),\n\t\t\t\t\tName: pulumi.String(\"Variation2\"),\n\t\t\t\t\tVariation: pulumi.String(\"Variation2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tScheduledSplitsConfig: \u0026evidently.LaunchScheduledSplitsConfigArgs{\n\t\t\t\tSteps: evidently.LaunchScheduledSplitsConfigStepArray{\n\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepArgs{\n\t\t\t\t\t\tGroupWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(0),\n\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSegmentOverrides: evidently.LaunchScheduledSplitsConfigStepSegmentOverrideArray{\n\t\t\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepSegmentOverrideArgs{\n\t\t\t\t\t\t\t\tEvaluationOrder: pulumi.Int(1),\n\t\t\t\t\t\t\t\tSegment: pulumi.Any(exampleAwsEvidentlySegment.Name),\n\t\t\t\t\t\t\t\tWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(10000),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026evidently.LaunchScheduledSplitsConfigStepSegmentOverrideArgs{\n\t\t\t\t\t\t\t\tEvaluationOrder: pulumi.Int(2),\n\t\t\t\t\t\t\t\tSegment: pulumi.Any(exampleAwsEvidentlySegment.Name),\n\t\t\t\t\t\t\t\tWeights: pulumi.IntMap{\n\t\t\t\t\t\t\t\t\t\"Variation1\": pulumi.Int(40000),\n\t\t\t\t\t\t\t\t\t\"Variation2\": pulumi.Int(30000),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartTime: pulumi.String(\"2024-01-08 01:43:59+00:00\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Launch;\nimport com.pulumi.aws.evidently.LaunchArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchGroupArgs;\nimport com.pulumi.aws.evidently.inputs.LaunchScheduledSplitsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Launch(\"example\", LaunchArgs.builder()\n .name(\"example\")\n .project(exampleAwsEvidentlyProject.name())\n .groups( \n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation1\")\n .variation(\"Variation1\")\n .build(),\n LaunchGroupArgs.builder()\n .feature(exampleAwsEvidentlyFeature.name())\n .name(\"Variation2\")\n .variation(\"Variation2\")\n .build())\n .scheduledSplitsConfig(LaunchScheduledSplitsConfigArgs.builder()\n .steps(LaunchScheduledSplitsConfigStepArgs.builder()\n .groupWeights(Map.ofEntries(\n Map.entry(\"Variation1\", 0),\n Map.entry(\"Variation2\", 0)\n ))\n .segmentOverrides( \n LaunchScheduledSplitsConfigStepSegmentOverrideArgs.builder()\n .evaluationOrder(1)\n .segment(exampleAwsEvidentlySegment.name())\n .weights(Map.of(\"Variation2\", 10000))\n .build(),\n LaunchScheduledSplitsConfigStepSegmentOverrideArgs.builder()\n .evaluationOrder(2)\n .segment(exampleAwsEvidentlySegment.name())\n .weights(Map.ofEntries(\n Map.entry(\"Variation1\", 40000),\n Map.entry(\"Variation2\", 30000)\n ))\n .build())\n .startTime(\"2024-01-08 01:43:59+00:00\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Launch\n properties:\n name: example\n project: ${exampleAwsEvidentlyProject.name}\n groups:\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation1\n variation: Variation1\n - feature: ${exampleAwsEvidentlyFeature.name}\n name: Variation2\n variation: Variation2\n scheduledSplitsConfig:\n steps:\n - groupWeights:\n Variation1: 0\n Variation2: 0\n segmentOverrides:\n - evaluationOrder: 1\n segment: ${exampleAwsEvidentlySegment.name}\n weights:\n Variation2: 10000\n - evaluationOrder: 2\n segment: ${exampleAwsEvidentlySegment.name}\n weights:\n Variation1: 40000\n Variation2: 30000\n startTime: 2024-01-08 01:43:59+00:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using the `name` of the launch and `arn` of the project separated by a `:`:\n\n__Using `pulumi import` to import__ CloudWatch Evidently Launch using the `name` of the launch and `name` of the project or `arn` of the hosting CloudWatch Evidently Project separated by a `:`. For example:\n\nImport using the `name` of the launch and `name` of the project separated by a `:`:\n\n```sh\n$ pulumi import aws:evidently/launch:Launch example exampleLaunchName:exampleProjectName\n```\nImport using the `name` of the launch and `arn` of the project separated by a `:`:\n\n```sh\n$ pulumi import aws:evidently/launch:Launch example exampleLaunchName:arn:aws:evidently:us-east-1:123456789012:project/exampleProjectName\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the launch.\n" }, "createdTime": { "type": "string", "description": "The date and time that the launch is created.\n" }, "description": { "type": "string", "description": "Specifies the description of the launch.\n" }, "executions": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchExecution:LaunchExecution" }, "description": "A block that contains information about the start and end times of the launch. Detailed below\n" }, "groups": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchGroup:LaunchGroup" }, "description": "One or up to five blocks that contain the feature and variations that are to be used for the launch. Detailed below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the launch was most recently updated.\n" }, "metricMonitors": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchMetricMonitor:LaunchMetricMonitor" }, "description": "One or up to three blocks that define the metrics that will be used to monitor the launch performance. Detailed below.\n" }, "name": { "type": "string", "description": "The name for the new launch. Minimum length of `1`. Maximum length of `127`.\n" }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new launch.\n" }, "randomizationSalt": { "type": "string", "description": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and randomizationSalt. If you omit randomizationSalt, Evidently uses the launch name as the randomizationSalt.\n" }, "scheduledSplitsConfig": { "$ref": "#/types/aws:evidently/LaunchScheduledSplitsConfig:LaunchScheduledSplitsConfig", "description": "A block that defines the traffic allocation percentages among the feature variations during each step of the launch. Detailed below.\n" }, "status": { "type": "string", "description": "The current state of the launch. Valid values are `CREATED`, `UPDATING`, `RUNNING`, `COMPLETED`, and `CANCELLED`.\n" }, "statusReason": { "type": "string", "description": "If the launch was stopped, this is the string that was entered by the person who stopped the launch, to explain why it was stopped.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the launch. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of launch.\n" } }, "required": [ "arn", "createdTime", "executions", "groups", "lastUpdatedTime", "name", "project", "status", "statusReason", "tagsAll", "type" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the launch.\n" }, "groups": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchGroup:LaunchGroup" }, "description": "One or up to five blocks that contain the feature and variations that are to be used for the launch. Detailed below.\n" }, "metricMonitors": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchMetricMonitor:LaunchMetricMonitor" }, "description": "One or up to three blocks that define the metrics that will be used to monitor the launch performance. Detailed below.\n" }, "name": { "type": "string", "description": "The name for the new launch. Minimum length of `1`. Maximum length of `127`.\n", "willReplaceOnChanges": true }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new launch.\n", "willReplaceOnChanges": true }, "randomizationSalt": { "type": "string", "description": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and randomizationSalt. If you omit randomizationSalt, Evidently uses the launch name as the randomizationSalt.\n" }, "scheduledSplitsConfig": { "$ref": "#/types/aws:evidently/LaunchScheduledSplitsConfig:LaunchScheduledSplitsConfig", "description": "A block that defines the traffic allocation percentages among the feature variations during each step of the launch. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the launch. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "groups", "project" ], "stateInputs": { "description": "Input properties used for looking up and filtering Launch resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the launch.\n" }, "createdTime": { "type": "string", "description": "The date and time that the launch is created.\n" }, "description": { "type": "string", "description": "Specifies the description of the launch.\n" }, "executions": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchExecution:LaunchExecution" }, "description": "A block that contains information about the start and end times of the launch. Detailed below\n" }, "groups": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchGroup:LaunchGroup" }, "description": "One or up to five blocks that contain the feature and variations that are to be used for the launch. Detailed below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the launch was most recently updated.\n" }, "metricMonitors": { "type": "array", "items": { "$ref": "#/types/aws:evidently/LaunchMetricMonitor:LaunchMetricMonitor" }, "description": "One or up to three blocks that define the metrics that will be used to monitor the launch performance. Detailed below.\n" }, "name": { "type": "string", "description": "The name for the new launch. Minimum length of `1`. Maximum length of `127`.\n", "willReplaceOnChanges": true }, "project": { "type": "string", "description": "The name or ARN of the project that is to contain the new launch.\n", "willReplaceOnChanges": true }, "randomizationSalt": { "type": "string", "description": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and randomizationSalt. If you omit randomizationSalt, Evidently uses the launch name as the randomizationSalt.\n" }, "scheduledSplitsConfig": { "$ref": "#/types/aws:evidently/LaunchScheduledSplitsConfig:LaunchScheduledSplitsConfig", "description": "A block that defines the traffic allocation percentages among the feature variations during each step of the launch. Detailed below.\n" }, "status": { "type": "string", "description": "The current state of the launch. Valid values are `CREATED`, `UPDATING`, `RUNNING`, `COMPLETED`, and `CANCELLED`.\n" }, "statusReason": { "type": "string", "description": "If the launch was stopped, this is the string that was entered by the person who stopped the launch, to explain why it was stopped.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the launch. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of launch.\n" } }, "type": "object" } }, "aws:evidently/project:Project": { "description": "Provides a CloudWatch Evidently Project resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Project(\"example\", {\n name: \"Example\",\n description: \"Example Description\",\n tags: {\n Key1: \"example Project\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Project(\"example\",\n name=\"Example\",\n description=\"Example Description\",\n tags={\n \"Key1\": \"example Project\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Project(\"example\", new()\n {\n Name = \"Example\",\n Description = \"Example Description\",\n Tags = \n {\n { \"Key1\", \"example Project\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewProject(ctx, \"example\", \u0026evidently.ProjectArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Project\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Project;\nimport com.pulumi.aws.evidently.ProjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"Example\")\n .description(\"Example Description\")\n .tags(Map.of(\"Key1\", \"example Project\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Project\n properties:\n name: Example\n description: Example Description\n tags:\n Key1: example Project\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Store evaluation events in a CloudWatch Log Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Project(\"example\", {\n name: \"Example\",\n description: \"Example Description\",\n dataDelivery: {\n cloudwatchLogs: {\n logGroup: \"example-log-group-name\",\n },\n },\n tags: {\n Key1: \"example Project\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Project(\"example\",\n name=\"Example\",\n description=\"Example Description\",\n data_delivery={\n \"cloudwatch_logs\": {\n \"log_group\": \"example-log-group-name\",\n },\n },\n tags={\n \"Key1\": \"example Project\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Project(\"example\", new()\n {\n Name = \"Example\",\n Description = \"Example Description\",\n DataDelivery = new Aws.Evidently.Inputs.ProjectDataDeliveryArgs\n {\n CloudwatchLogs = new Aws.Evidently.Inputs.ProjectDataDeliveryCloudwatchLogsArgs\n {\n LogGroup = \"example-log-group-name\",\n },\n },\n Tags = \n {\n { \"Key1\", \"example Project\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewProject(ctx, \"example\", \u0026evidently.ProjectArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tDataDelivery: \u0026evidently.ProjectDataDeliveryArgs{\n\t\t\t\tCloudwatchLogs: \u0026evidently.ProjectDataDeliveryCloudwatchLogsArgs{\n\t\t\t\t\tLogGroup: pulumi.String(\"example-log-group-name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Project\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Project;\nimport com.pulumi.aws.evidently.ProjectArgs;\nimport com.pulumi.aws.evidently.inputs.ProjectDataDeliveryArgs;\nimport com.pulumi.aws.evidently.inputs.ProjectDataDeliveryCloudwatchLogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"Example\")\n .description(\"Example Description\")\n .dataDelivery(ProjectDataDeliveryArgs.builder()\n .cloudwatchLogs(ProjectDataDeliveryCloudwatchLogsArgs.builder()\n .logGroup(\"example-log-group-name\")\n .build())\n .build())\n .tags(Map.of(\"Key1\", \"example Project\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Project\n properties:\n name: Example\n description: Example Description\n dataDelivery:\n cloudwatchLogs:\n logGroup: example-log-group-name\n tags:\n Key1: example Project\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Store evaluation events in an S3 bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Project(\"example\", {\n name: \"Example\",\n description: \"Example Description\",\n dataDelivery: {\n s3Destination: {\n bucket: \"example-bucket-name\",\n prefix: \"example\",\n },\n },\n tags: {\n Key1: \"example Project\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Project(\"example\",\n name=\"Example\",\n description=\"Example Description\",\n data_delivery={\n \"s3_destination\": {\n \"bucket\": \"example-bucket-name\",\n \"prefix\": \"example\",\n },\n },\n tags={\n \"Key1\": \"example Project\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Project(\"example\", new()\n {\n Name = \"Example\",\n Description = \"Example Description\",\n DataDelivery = new Aws.Evidently.Inputs.ProjectDataDeliveryArgs\n {\n S3Destination = new Aws.Evidently.Inputs.ProjectDataDeliveryS3DestinationArgs\n {\n Bucket = \"example-bucket-name\",\n Prefix = \"example\",\n },\n },\n Tags = \n {\n { \"Key1\", \"example Project\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewProject(ctx, \"example\", \u0026evidently.ProjectArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tDataDelivery: \u0026evidently.ProjectDataDeliveryArgs{\n\t\t\t\tS3Destination: \u0026evidently.ProjectDataDeliveryS3DestinationArgs{\n\t\t\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\t\t\tPrefix: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Project\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Project;\nimport com.pulumi.aws.evidently.ProjectArgs;\nimport com.pulumi.aws.evidently.inputs.ProjectDataDeliveryArgs;\nimport com.pulumi.aws.evidently.inputs.ProjectDataDeliveryS3DestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"Example\")\n .description(\"Example Description\")\n .dataDelivery(ProjectDataDeliveryArgs.builder()\n .s3Destination(ProjectDataDeliveryS3DestinationArgs.builder()\n .bucket(\"example-bucket-name\")\n .prefix(\"example\")\n .build())\n .build())\n .tags(Map.of(\"Key1\", \"example Project\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Project\n properties:\n name: Example\n description: Example Description\n dataDelivery:\n s3Destination:\n bucket: example-bucket-name\n prefix: example\n tags:\n Key1: example Project\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Evidently Project using the `arn`. For example:\n\n```sh\n$ pulumi import aws:evidently/project:Project example arn:aws:evidently:us-east-1:123456789012:segment/example\n```\n", "properties": { "activeExperimentCount": { "type": "integer", "description": "The number of ongoing experiments currently in the project.\n" }, "activeLaunchCount": { "type": "integer", "description": "The number of ongoing launches currently in the project.\n" }, "arn": { "type": "string", "description": "The ARN of the project.\n" }, "createdTime": { "type": "string", "description": "The date and time that the project is created.\n" }, "dataDelivery": { "$ref": "#/types/aws:evidently/ProjectDataDelivery:ProjectDataDelivery", "description": "A block that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view. See below.\n" }, "description": { "type": "string", "description": "Specifies the description of the project.\n" }, "experimentCount": { "type": "integer", "description": "The number of experiments currently in the project. This includes all experiments that have been created and not deleted, whether they are ongoing or not.\n" }, "featureCount": { "type": "integer", "description": "The number of features currently in the project.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the project was most recently updated.\n" }, "launchCount": { "type": "integer", "description": "The number of launches currently in the project. This includes all launches that have been created and not deleted, whether they are ongoing or not.\n" }, "name": { "type": "string", "description": "A name for the project.\n" }, "status": { "type": "string", "description": "The current state of the project. Valid values are `AVAILABLE` and `UPDATING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the project. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "activeExperimentCount", "activeLaunchCount", "arn", "createdTime", "experimentCount", "featureCount", "lastUpdatedTime", "launchCount", "name", "status", "tagsAll" ], "inputProperties": { "dataDelivery": { "$ref": "#/types/aws:evidently/ProjectDataDelivery:ProjectDataDelivery", "description": "A block that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view. See below.\n" }, "description": { "type": "string", "description": "Specifies the description of the project.\n" }, "name": { "type": "string", "description": "A name for the project.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the project. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "activeExperimentCount": { "type": "integer", "description": "The number of ongoing experiments currently in the project.\n" }, "activeLaunchCount": { "type": "integer", "description": "The number of ongoing launches currently in the project.\n" }, "arn": { "type": "string", "description": "The ARN of the project.\n" }, "createdTime": { "type": "string", "description": "The date and time that the project is created.\n" }, "dataDelivery": { "$ref": "#/types/aws:evidently/ProjectDataDelivery:ProjectDataDelivery", "description": "A block that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view. See below.\n" }, "description": { "type": "string", "description": "Specifies the description of the project.\n" }, "experimentCount": { "type": "integer", "description": "The number of experiments currently in the project. This includes all experiments that have been created and not deleted, whether they are ongoing or not.\n" }, "featureCount": { "type": "integer", "description": "The number of features currently in the project.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that the project was most recently updated.\n" }, "launchCount": { "type": "integer", "description": "The number of launches currently in the project. This includes all launches that have been created and not deleted, whether they are ongoing or not.\n" }, "name": { "type": "string", "description": "A name for the project.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The current state of the project. Valid values are `AVAILABLE` and `UPDATING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the project. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:evidently/segment:Segment": { "description": "Provides a CloudWatch Evidently Segment resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Segment(\"example\", {\n name: \"example\",\n pattern: \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n tags: {\n Key1: \"example Segment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Segment(\"example\",\n name=\"example\",\n pattern=\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n tags={\n \"Key1\": \"example Segment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Segment(\"example\", new()\n {\n Name = \"example\",\n Pattern = \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n Tags = \n {\n { \"Key1\", \"example Segment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewSegment(ctx, \"example\", \u0026evidently.SegmentArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPattern: pulumi.String(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Segment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Segment;\nimport com.pulumi.aws.evidently.SegmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Segment(\"example\", SegmentArgs.builder()\n .name(\"example\")\n .pattern(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\")\n .tags(Map.of(\"Key1\", \"example Segment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Segment\n properties:\n name: example\n pattern: '{\"Price\":[{\"numeric\":[\"\u003e\",10,\"\u003c=\",20]}]}'\n tags:\n Key1: example Segment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With JSON object in pattern\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Segment(\"example\", {\n name: \"example\",\n pattern: ` {\n \"Price\": [\n {\n \"numeric\": [\"\u003e\",10,\"\u003c=\",20]\n }\n ]\n }\n`,\n tags: {\n Key1: \"example Segment\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Segment(\"example\",\n name=\"example\",\n pattern=\"\"\" {\n \"Price\": [\n {\n \"numeric\": [\"\u003e\",10,\"\u003c=\",20]\n }\n ]\n }\n\"\"\",\n tags={\n \"Key1\": \"example Segment\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Segment(\"example\", new()\n {\n Name = \"example\",\n Pattern = @\" {\n \"\"Price\"\": [\n {\n \"\"numeric\"\": [\"\"\u003e\"\",10,\"\"\u003c=\"\",20]\n }\n ]\n }\n\",\n Tags = \n {\n { \"Key1\", \"example Segment\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewSegment(ctx, \"example\", \u0026evidently.SegmentArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPattern: pulumi.String(` {\n \"Price\": [\n {\n \"numeric\": [\"\u003e\",10,\"\u003c=\",20]\n }\n ]\n }\n`),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"example Segment\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Segment;\nimport com.pulumi.aws.evidently.SegmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Segment(\"example\", SegmentArgs.builder()\n .name(\"example\")\n .pattern(\"\"\"\n {\n \"Price\": [\n {\n \"numeric\": [\"\u003e\",10,\"\u003c=\",20]\n }\n ]\n }\n \"\"\")\n .tags(Map.of(\"Key1\", \"example Segment\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Segment\n properties:\n name: example\n pattern: |2\n {\n \"Price\": [\n {\n \"numeric\": [\"\u003e\",10,\"\u003c=\",20]\n }\n ]\n }\n tags:\n Key1: example Segment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Description\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.evidently.Segment(\"example\", {\n name: \"example\",\n pattern: \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.evidently.Segment(\"example\",\n name=\"example\",\n pattern=\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Evidently.Segment(\"example\", new()\n {\n Name = \"example\",\n Pattern = \"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\",\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/evidently\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := evidently.NewSegment(ctx, \"example\", \u0026evidently.SegmentArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPattern: pulumi.String(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.evidently.Segment;\nimport com.pulumi.aws.evidently.SegmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Segment(\"example\", SegmentArgs.builder()\n .name(\"example\")\n .pattern(\"{\\\"Price\\\":[{\\\"numeric\\\":[\\\"\u003e\\\",10,\\\"\u003c=\\\",20]}]}\")\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:evidently:Segment\n properties:\n name: example\n pattern: '{\"Price\":[{\"numeric\":[\"\u003e\",10,\"\u003c=\",20]}]}'\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Evidently Segment using the `arn`. For example:\n\n```sh\n$ pulumi import aws:evidently/segment:Segment example arn:aws:evidently:us-west-2:123456789012:segment/example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the segment.\n" }, "createdTime": { "type": "string", "description": "The date and time that the segment is created.\n" }, "description": { "type": "string", "description": "Specifies the description of the segment.\n" }, "experimentCount": { "type": "integer", "description": "The number of experiments that this segment is used in. This count includes all current experiments, not just those that are currently running.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that this segment was most recently updated.\n" }, "launchCount": { "type": "integer", "description": "The number of launches that this segment is used in. This count includes all current launches, not just those that are currently running.\n" }, "name": { "type": "string", "description": "A name for the segment.\n" }, "pattern": { "type": "string", "description": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the segment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdTime", "experimentCount", "lastUpdatedTime", "launchCount", "name", "pattern", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Specifies the description of the segment.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the segment.\n", "willReplaceOnChanges": true }, "pattern": { "type": "string", "description": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax.html).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the segment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "pattern" ], "stateInputs": { "description": "Input properties used for looking up and filtering Segment resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the segment.\n" }, "createdTime": { "type": "string", "description": "The date and time that the segment is created.\n" }, "description": { "type": "string", "description": "Specifies the description of the segment.\n", "willReplaceOnChanges": true }, "experimentCount": { "type": "integer", "description": "The number of experiments that this segment is used in. This count includes all current experiments, not just those that are currently running.\n" }, "lastUpdatedTime": { "type": "string", "description": "The date and time that this segment was most recently updated.\n" }, "launchCount": { "type": "integer", "description": "The number of launches that this segment is used in. This count includes all current launches, not just those that are currently running.\n" }, "name": { "type": "string", "description": "A name for the segment.\n", "willReplaceOnChanges": true }, "pattern": { "type": "string", "description": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax.html).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the segment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:finspace/kxCluster:KxCluster": { "description": "Resource for managing an AWS FinSpace Kx Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.finspace.KxCluster;\nimport com.pulumi.aws.finspace.KxClusterArgs;\nimport com.pulumi.aws.finspace.inputs.KxClusterCapacityConfigurationArgs;\nimport com.pulumi.aws.finspace.inputs.KxClusterVpcConfigurationArgs;\nimport com.pulumi.aws.finspace.inputs.KxClusterCacheStorageConfigurationArgs;\nimport com.pulumi.aws.finspace.inputs.KxClusterDatabaseArgs;\nimport com.pulumi.aws.finspace.inputs.KxClusterCodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KxCluster(\"example\", KxClusterArgs.builder()\n .name(\"my-tf-kx-cluster\")\n .environmentId(exampleAwsFinspaceKxEnvironment.id())\n .type(\"HDB\")\n .releaseLabel(\"1.0\")\n .azMode(\"SINGLE\")\n .availabilityZoneId(\"use1-az2\")\n .capacityConfiguration(KxClusterCapacityConfigurationArgs.builder()\n .nodeType(\"kx.s.2xlarge\")\n .nodeCount(2)\n .build())\n .vpcConfiguration(KxClusterVpcConfigurationArgs.builder()\n .vpcId(test.id())\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(exampleAwsSubnet.id())\n .ipAddressType(\"IP_V4\")\n .build())\n .cacheStorageConfigurations(KxClusterCacheStorageConfigurationArgs.builder()\n .type(\"CACHE_1000\")\n .size(1200)\n .build())\n .databases(KxClusterDatabaseArgs.builder()\n .databaseName(exampleAwsFinspaceKxDatabase.name())\n .cacheConfiguration(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .code(KxClusterCodeArgs.builder()\n .s3Bucket(testAwsS3Bucket.id())\n .s3Key(object.key())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:finspace:KxCluster\n properties:\n name: my-tf-kx-cluster\n environmentId: ${exampleAwsFinspaceKxEnvironment.id}\n type: HDB\n releaseLabel: '1.0'\n azMode: SINGLE\n availabilityZoneId: use1-az2\n capacityConfiguration:\n nodeType: kx.s.2xlarge\n nodeCount: 2\n vpcConfiguration:\n vpcId: ${test.id}\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n ipAddressType: IP_V4\n cacheStorageConfigurations:\n - type: CACHE_1000\n size: 1200\n databases:\n - databaseName: ${exampleAwsFinspaceKxDatabase.name}\n cacheConfiguration:\n - cacheType: CACHE_1000\n dbPaths: /\n code:\n s3Bucket: ${testAwsS3Bucket.id}\n s3Key: ${object.key}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Cluster using the `id` (environment ID and cluster name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxCluster:KxCluster example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-cluster\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX cluster.\n" }, "autoScalingConfiguration": { "$ref": "#/types/aws:finspace/KxClusterAutoScalingConfiguration:KxClusterAutoScalingConfiguration", "description": "Configuration based on which FinSpace will scale in or scale out nodes in your cluster. See auto_scaling_configuration.\n" }, "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions. Required when `az_mode` is set to SINGLE.\n" }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* SINGLE - Assigns one availability zone per cluster.\n* MULTI - Assigns all the availability zones per cluster.\n" }, "cacheStorageConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterCacheStorageConfiguration:KxClusterCacheStorageConfiguration" }, "description": "Configurations for a read only cache storage associated with a cluster. This cache will be stored as an FSx Lustre that reads from the S3 store. See cache_storage_configuration.\n" }, "capacityConfiguration": { "$ref": "#/types/aws:finspace/KxClusterCapacityConfiguration:KxClusterCapacityConfiguration", "description": "Structure for the metadata of a cluster. Includes information like the CPUs needed, memory of instances, and number of instances. See capacity_configuration.\n" }, "code": { "$ref": "#/types/aws:finspace/KxClusterCode:KxClusterCode", "description": "Details of the custom code that you want to use inside a cluster when analyzing data. Consists of the S3 source bucket, location, object version, and the relative path from where the custom code is loaded into the cluster. See code.\n" }, "commandLineArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs to make available inside the cluster.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the cluster is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "databases": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterDatabase:KxClusterDatabase" }, "description": "KX database that will be available for querying. Defined below.\n" }, "description": { "type": "string", "description": "Description of the cluster.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n" }, "executionRole": { "type": "string", "description": "An IAM role that defines a set of permissions associated with a cluster. These permissions are assumed when a cluster attempts to access another cluster.\n" }, "initializationScript": { "type": "string", "description": "Path to Q program that will be run at launch of a cluster. This is a relative path within .zip file that contains the custom code, which will be loaded on the cluster. It must include the file name itself. For example, somedir/init.q.\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the cluster was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the cluster that you want to create.\n" }, "releaseLabel": { "type": "string", "description": "Version of FinSpace Managed kdb to run.\n" }, "savedownStorageConfiguration": { "$ref": "#/types/aws:finspace/KxClusterSavedownStorageConfiguration:KxClusterSavedownStorageConfiguration", "description": "Size and type of the temporary storage that is used to hold data during the savedown process. This parameter is required when you choose `type` as RDB. All the data written to this storage space is lost when the cluster node is restarted. See savedown_storage_configuration.\n" }, "scalingGroupConfiguration": { "$ref": "#/types/aws:finspace/KxClusterScalingGroupConfiguration:KxClusterScalingGroupConfiguration", "description": "The structure that stores the configuration details of a scaling group.\n" }, "status": { "type": "string" }, "statusReason": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tickerplantLogConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterTickerplantLogConfiguration:KxClusterTickerplantLogConfiguration" }, "description": "A configuration to store Tickerplant logs. It consists of a list of volumes that will be mounted to your cluster. For the cluster type Tickerplant , the location of the TP volume on the cluster will be available by using the global variable .aws.tp_log_path.\n" }, "type": { "type": "string", "description": "Type of KDB database. The following types are available:\n* HDB - Historical Database. The data is only accessible with read-only permissions from one of the FinSpace managed KX databases mounted to the cluster.\n* RDB - Realtime Database. This type of database captures all the data from a ticker plant and stores it in memory until the end of day, after which it writes all of its data to a disk and reloads the HDB. This cluster type requires local storage for temporary storage of data during the savedown process. If you specify this field in your request, you must provide the `savedownStorageConfiguration` parameter.\n* GATEWAY - A gateway cluster allows you to access data across processes in kdb systems. It allows you to create your own routing logic using the initialization scripts and custom code. This type of cluster does not require a writable local storage.\n* GP - A general purpose cluster allows you to quickly iterate on code during development by granting greater access to system commands and enabling a fast reload of custom code. This cluster type can optionally mount databases including cache and savedown storage. For this cluster type, the node count is fixed at 1. It does not support autoscaling and supports only `SINGLE` AZ mode.\n* Tickerplant – A tickerplant cluster allows you to subscribe to feed handlers based on IAM permissions. It can publish to RDBs, other Tickerplants, and real-time subscribers (RTS). Tickerplants can persist messages to log, which is readable by any RDB environment. It supports only single-node that is only one kdb process.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:finspace/KxClusterVpcConfiguration:KxClusterVpcConfiguration", "description": "Configuration details about the network where the Privatelink endpoint of the cluster resides. See vpc_configuration.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "azMode", "createdTimestamp", "environmentId", "lastModifiedTimestamp", "name", "releaseLabel", "status", "statusReason", "tagsAll", "type", "vpcConfiguration" ], "inputProperties": { "autoScalingConfiguration": { "$ref": "#/types/aws:finspace/KxClusterAutoScalingConfiguration:KxClusterAutoScalingConfiguration", "description": "Configuration based on which FinSpace will scale in or scale out nodes in your cluster. See auto_scaling_configuration.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions. Required when `az_mode` is set to SINGLE.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* SINGLE - Assigns one availability zone per cluster.\n* MULTI - Assigns all the availability zones per cluster.\n", "willReplaceOnChanges": true }, "cacheStorageConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterCacheStorageConfiguration:KxClusterCacheStorageConfiguration" }, "description": "Configurations for a read only cache storage associated with a cluster. This cache will be stored as an FSx Lustre that reads from the S3 store. See cache_storage_configuration.\n", "willReplaceOnChanges": true }, "capacityConfiguration": { "$ref": "#/types/aws:finspace/KxClusterCapacityConfiguration:KxClusterCapacityConfiguration", "description": "Structure for the metadata of a cluster. Includes information like the CPUs needed, memory of instances, and number of instances. See capacity_configuration.\n", "willReplaceOnChanges": true }, "code": { "$ref": "#/types/aws:finspace/KxClusterCode:KxClusterCode", "description": "Details of the custom code that you want to use inside a cluster when analyzing data. Consists of the S3 source bucket, location, object version, and the relative path from where the custom code is loaded into the cluster. See code.\n" }, "commandLineArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs to make available inside the cluster.\n" }, "databases": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterDatabase:KxClusterDatabase" }, "description": "KX database that will be available for querying. Defined below.\n" }, "description": { "type": "string", "description": "Description of the cluster.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "executionRole": { "type": "string", "description": "An IAM role that defines a set of permissions associated with a cluster. These permissions are assumed when a cluster attempts to access another cluster.\n", "willReplaceOnChanges": true }, "initializationScript": { "type": "string", "description": "Path to Q program that will be run at launch of a cluster. This is a relative path within .zip file that contains the custom code, which will be loaded on the cluster. It must include the file name itself. For example, somedir/init.q.\n" }, "name": { "type": "string", "description": "Unique name for the cluster that you want to create.\n", "willReplaceOnChanges": true }, "releaseLabel": { "type": "string", "description": "Version of FinSpace Managed kdb to run.\n", "willReplaceOnChanges": true }, "savedownStorageConfiguration": { "$ref": "#/types/aws:finspace/KxClusterSavedownStorageConfiguration:KxClusterSavedownStorageConfiguration", "description": "Size and type of the temporary storage that is used to hold data during the savedown process. This parameter is required when you choose `type` as RDB. All the data written to this storage space is lost when the cluster node is restarted. See savedown_storage_configuration.\n", "willReplaceOnChanges": true }, "scalingGroupConfiguration": { "$ref": "#/types/aws:finspace/KxClusterScalingGroupConfiguration:KxClusterScalingGroupConfiguration", "description": "The structure that stores the configuration details of a scaling group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tickerplantLogConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterTickerplantLogConfiguration:KxClusterTickerplantLogConfiguration" }, "description": "A configuration to store Tickerplant logs. It consists of a list of volumes that will be mounted to your cluster. For the cluster type Tickerplant , the location of the TP volume on the cluster will be available by using the global variable .aws.tp_log_path.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of KDB database. The following types are available:\n* HDB - Historical Database. The data is only accessible with read-only permissions from one of the FinSpace managed KX databases mounted to the cluster.\n* RDB - Realtime Database. This type of database captures all the data from a ticker plant and stores it in memory until the end of day, after which it writes all of its data to a disk and reloads the HDB. This cluster type requires local storage for temporary storage of data during the savedown process. If you specify this field in your request, you must provide the `savedownStorageConfiguration` parameter.\n* GATEWAY - A gateway cluster allows you to access data across processes in kdb systems. It allows you to create your own routing logic using the initialization scripts and custom code. This type of cluster does not require a writable local storage.\n* GP - A general purpose cluster allows you to quickly iterate on code during development by granting greater access to system commands and enabling a fast reload of custom code. This cluster type can optionally mount databases including cache and savedown storage. For this cluster type, the node count is fixed at 1. It does not support autoscaling and supports only `SINGLE` AZ mode.\n* Tickerplant – A tickerplant cluster allows you to subscribe to feed handlers based on IAM permissions. It can publish to RDBs, other Tickerplants, and real-time subscribers (RTS). Tickerplants can persist messages to log, which is readable by any RDB environment. It supports only single-node that is only one kdb process.\n", "willReplaceOnChanges": true }, "vpcConfiguration": { "$ref": "#/types/aws:finspace/KxClusterVpcConfiguration:KxClusterVpcConfiguration", "description": "Configuration details about the network where the Privatelink endpoint of the cluster resides. See vpc_configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "azMode", "environmentId", "releaseLabel", "type", "vpcConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxCluster resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX cluster.\n" }, "autoScalingConfiguration": { "$ref": "#/types/aws:finspace/KxClusterAutoScalingConfiguration:KxClusterAutoScalingConfiguration", "description": "Configuration based on which FinSpace will scale in or scale out nodes in your cluster. See auto_scaling_configuration.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions. Required when `az_mode` is set to SINGLE.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* SINGLE - Assigns one availability zone per cluster.\n* MULTI - Assigns all the availability zones per cluster.\n", "willReplaceOnChanges": true }, "cacheStorageConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterCacheStorageConfiguration:KxClusterCacheStorageConfiguration" }, "description": "Configurations for a read only cache storage associated with a cluster. This cache will be stored as an FSx Lustre that reads from the S3 store. See cache_storage_configuration.\n", "willReplaceOnChanges": true }, "capacityConfiguration": { "$ref": "#/types/aws:finspace/KxClusterCapacityConfiguration:KxClusterCapacityConfiguration", "description": "Structure for the metadata of a cluster. Includes information like the CPUs needed, memory of instances, and number of instances. See capacity_configuration.\n", "willReplaceOnChanges": true }, "code": { "$ref": "#/types/aws:finspace/KxClusterCode:KxClusterCode", "description": "Details of the custom code that you want to use inside a cluster when analyzing data. Consists of the S3 source bucket, location, object version, and the relative path from where the custom code is loaded into the cluster. See code.\n" }, "commandLineArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs to make available inside the cluster.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the cluster is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "databases": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterDatabase:KxClusterDatabase" }, "description": "KX database that will be available for querying. Defined below.\n" }, "description": { "type": "string", "description": "Description of the cluster.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "executionRole": { "type": "string", "description": "An IAM role that defines a set of permissions associated with a cluster. These permissions are assumed when a cluster attempts to access another cluster.\n", "willReplaceOnChanges": true }, "initializationScript": { "type": "string", "description": "Path to Q program that will be run at launch of a cluster. This is a relative path within .zip file that contains the custom code, which will be loaded on the cluster. It must include the file name itself. For example, somedir/init.q.\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the cluster was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the cluster that you want to create.\n", "willReplaceOnChanges": true }, "releaseLabel": { "type": "string", "description": "Version of FinSpace Managed kdb to run.\n", "willReplaceOnChanges": true }, "savedownStorageConfiguration": { "$ref": "#/types/aws:finspace/KxClusterSavedownStorageConfiguration:KxClusterSavedownStorageConfiguration", "description": "Size and type of the temporary storage that is used to hold data during the savedown process. This parameter is required when you choose `type` as RDB. All the data written to this storage space is lost when the cluster node is restarted. See savedown_storage_configuration.\n", "willReplaceOnChanges": true }, "scalingGroupConfiguration": { "$ref": "#/types/aws:finspace/KxClusterScalingGroupConfiguration:KxClusterScalingGroupConfiguration", "description": "The structure that stores the configuration details of a scaling group.\n", "willReplaceOnChanges": true }, "status": { "type": "string" }, "statusReason": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tickerplantLogConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxClusterTickerplantLogConfiguration:KxClusterTickerplantLogConfiguration" }, "description": "A configuration to store Tickerplant logs. It consists of a list of volumes that will be mounted to your cluster. For the cluster type Tickerplant , the location of the TP volume on the cluster will be available by using the global variable .aws.tp_log_path.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of KDB database. The following types are available:\n* HDB - Historical Database. The data is only accessible with read-only permissions from one of the FinSpace managed KX databases mounted to the cluster.\n* RDB - Realtime Database. This type of database captures all the data from a ticker plant and stores it in memory until the end of day, after which it writes all of its data to a disk and reloads the HDB. This cluster type requires local storage for temporary storage of data during the savedown process. If you specify this field in your request, you must provide the `savedownStorageConfiguration` parameter.\n* GATEWAY - A gateway cluster allows you to access data across processes in kdb systems. It allows you to create your own routing logic using the initialization scripts and custom code. This type of cluster does not require a writable local storage.\n* GP - A general purpose cluster allows you to quickly iterate on code during development by granting greater access to system commands and enabling a fast reload of custom code. This cluster type can optionally mount databases including cache and savedown storage. For this cluster type, the node count is fixed at 1. It does not support autoscaling and supports only `SINGLE` AZ mode.\n* Tickerplant – A tickerplant cluster allows you to subscribe to feed handlers based on IAM permissions. It can publish to RDBs, other Tickerplants, and real-time subscribers (RTS). Tickerplants can persist messages to log, which is readable by any RDB environment. It supports only single-node that is only one kdb process.\n", "willReplaceOnChanges": true }, "vpcConfiguration": { "$ref": "#/types/aws:finspace/KxClusterVpcConfiguration:KxClusterVpcConfiguration", "description": "Configuration details about the network where the Privatelink endpoint of the cluster resides. See vpc_configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:finspace/kxDatabase:KxDatabase": { "description": "Resource for managing an AWS FinSpace Kx Database.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Example KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleKxEnvironment = new aws.finspace.KxEnvironment(\"example\", {\n name: \"my-tf-kx-environment\",\n kmsKeyId: example.arn,\n});\nconst exampleKxDatabase = new aws.finspace.KxDatabase(\"example\", {\n environmentId: exampleKxEnvironment.id,\n name: \"my-tf-kx-database\",\n description: \"Example database description\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Example KMS Key\",\n deletion_window_in_days=7)\nexample_kx_environment = aws.finspace.KxEnvironment(\"example\",\n name=\"my-tf-kx-environment\",\n kms_key_id=example.arn)\nexample_kx_database = aws.finspace.KxDatabase(\"example\",\n environment_id=example_kx_environment.id,\n name=\"my-tf-kx-database\",\n description=\"Example database description\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKxEnvironment = new Aws.FinSpace.KxEnvironment(\"example\", new()\n {\n Name = \"my-tf-kx-environment\",\n KmsKeyId = example.Arn,\n });\n\n var exampleKxDatabase = new Aws.FinSpace.KxDatabase(\"example\", new()\n {\n EnvironmentId = exampleKxEnvironment.Id,\n Name = \"my-tf-kx-database\",\n Description = \"Example database description\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKxEnvironment, err := finspace.NewKxEnvironment(ctx, \"example\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxDatabase(ctx, \"example\", \u0026finspace.KxDatabaseArgs{\n\t\t\tEnvironmentId: exampleKxEnvironment.ID(),\n\t\t\tName: pulumi.String(\"my-tf-kx-database\"),\n\t\t\tDescription: pulumi.String(\"Example database description\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport com.pulumi.aws.finspace.KxDatabase;\nimport com.pulumi.aws.finspace.KxDatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Example KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKxEnvironment = new KxEnvironment(\"exampleKxEnvironment\", KxEnvironmentArgs.builder()\n .name(\"my-tf-kx-environment\")\n .kmsKeyId(example.arn())\n .build());\n\n var exampleKxDatabase = new KxDatabase(\"exampleKxDatabase\", KxDatabaseArgs.builder()\n .environmentId(exampleKxEnvironment.id())\n .name(\"my-tf-kx-database\")\n .description(\"Example database description\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n deletionWindowInDays: 7\n exampleKxEnvironment:\n type: aws:finspace:KxEnvironment\n name: example\n properties:\n name: my-tf-kx-environment\n kmsKeyId: ${example.arn}\n exampleKxDatabase:\n type: aws:finspace:KxDatabase\n name: example\n properties:\n environmentId: ${exampleKxEnvironment.id}\n name: my-tf-kx-database\n description: Example database description\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Database using the `id` (environment ID and database name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxDatabase:KxDatabase example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-database\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX database.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the databse is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "description": { "type": "string", "description": "Description of the KX database.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the database was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Name of the KX database.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdTimestamp", "environmentId", "lastModifiedTimestamp", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the KX database.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the KX database.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "environmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxDatabase resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX database.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the databse is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "description": { "type": "string", "description": "Description of the KX database.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the database was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Name of the KX database.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:finspace/kxDataview:KxDataview": { "description": "Resource for managing an AWS FinSpace Kx Dataview.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.finspace.KxDataview(\"example\", {\n name: \"my-tf-kx-dataview\",\n environmentId: exampleAwsFinspaceKxEnvironment.id,\n databaseName: exampleAwsFinspaceKxDatabase.name,\n availabilityZoneId: \"use1-az2\",\n description: \"Terraform managed Kx Dataview\",\n azMode: \"SINGLE\",\n autoUpdate: true,\n segmentConfigurations: [{\n volumeName: exampleAwsFinspaceKxVolume.name,\n dbPaths: [\"/*\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.finspace.KxDataview(\"example\",\n name=\"my-tf-kx-dataview\",\n environment_id=example_aws_finspace_kx_environment[\"id\"],\n database_name=example_aws_finspace_kx_database[\"name\"],\n availability_zone_id=\"use1-az2\",\n description=\"Terraform managed Kx Dataview\",\n az_mode=\"SINGLE\",\n auto_update=True,\n segment_configurations=[{\n \"volume_name\": example_aws_finspace_kx_volume[\"name\"],\n \"db_paths\": [\"/*\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.FinSpace.KxDataview(\"example\", new()\n {\n Name = \"my-tf-kx-dataview\",\n EnvironmentId = exampleAwsFinspaceKxEnvironment.Id,\n DatabaseName = exampleAwsFinspaceKxDatabase.Name,\n AvailabilityZoneId = \"use1-az2\",\n Description = \"Terraform managed Kx Dataview\",\n AzMode = \"SINGLE\",\n AutoUpdate = true,\n SegmentConfigurations = new[]\n {\n new Aws.FinSpace.Inputs.KxDataviewSegmentConfigurationArgs\n {\n VolumeName = exampleAwsFinspaceKxVolume.Name,\n DbPaths = new[]\n {\n \"/*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := finspace.NewKxDataview(ctx, \"example\", \u0026finspace.KxDataviewArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-dataview\"),\n\t\t\tEnvironmentId: pulumi.Any(exampleAwsFinspaceKxEnvironment.Id),\n\t\t\tDatabaseName: pulumi.Any(exampleAwsFinspaceKxDatabase.Name),\n\t\t\tAvailabilityZoneId: pulumi.String(\"use1-az2\"),\n\t\t\tDescription: pulumi.String(\"Terraform managed Kx Dataview\"),\n\t\t\tAzMode: pulumi.String(\"SINGLE\"),\n\t\t\tAutoUpdate: pulumi.Bool(true),\n\t\t\tSegmentConfigurations: finspace.KxDataviewSegmentConfigurationArray{\n\t\t\t\t\u0026finspace.KxDataviewSegmentConfigurationArgs{\n\t\t\t\t\tVolumeName: pulumi.Any(exampleAwsFinspaceKxVolume.Name),\n\t\t\t\t\tDbPaths: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"/*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.finspace.KxDataview;\nimport com.pulumi.aws.finspace.KxDataviewArgs;\nimport com.pulumi.aws.finspace.inputs.KxDataviewSegmentConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KxDataview(\"example\", KxDataviewArgs.builder()\n .name(\"my-tf-kx-dataview\")\n .environmentId(exampleAwsFinspaceKxEnvironment.id())\n .databaseName(exampleAwsFinspaceKxDatabase.name())\n .availabilityZoneId(\"use1-az2\")\n .description(\"Terraform managed Kx Dataview\")\n .azMode(\"SINGLE\")\n .autoUpdate(true)\n .segmentConfigurations(KxDataviewSegmentConfigurationArgs.builder()\n .volumeName(exampleAwsFinspaceKxVolume.name())\n .dbPaths(\"/*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:finspace:KxDataview\n properties:\n name: my-tf-kx-dataview\n environmentId: ${exampleAwsFinspaceKxEnvironment.id}\n databaseName: ${exampleAwsFinspaceKxDatabase.name}\n availabilityZoneId: use1-az2\n description: Terraform managed Kx Dataview\n azMode: SINGLE\n autoUpdate: true\n segmentConfigurations:\n - volumeName: ${exampleAwsFinspaceKxVolume.name}\n dbPaths:\n - /*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Cluster using the `id` (environment ID and cluster name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxDataview:KxDataview example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-database,my-tf-kx-dataview\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX dataview.\n" }, "autoUpdate": { "type": "boolean", "description": "The option to specify whether you want to apply all the future additions and corrections automatically to the dataview, when you ingest new changesets. The default value is false.\n" }, "availabilityZoneId": { "type": "string", "description": "The identifier of the availability zones. If attaching a volume, the volume must be in the same availability zone as the dataview that you are attaching to.\n" }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* `SINGLE` - Assigns one availability zone per cluster.\n* `MULTI` - Assigns all the availability zones per cluster.\n" }, "changesetId": { "type": "string", "description": "A unique identifier of the changeset of the database that you want to use to ingest data.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the dataview was created in FinSpace. Value determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "databaseName": { "type": "string", "description": "The name of the database where you want to create a dataview.\n" }, "description": { "type": "string", "description": "A description for the dataview.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n" }, "lastModifiedTimestamp": { "type": "string", "description": "The last time that the dataview was updated in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "name": { "type": "string", "description": "A unique identifier for the dataview.\n\nThe following arguments are optional:\n" }, "readWrite": { "type": "boolean", "description": "The option to specify whether you want to make the dataview writable to perform database maintenance. The following are some considerations related to writable dataviews.\n* You cannot create partial writable dataviews. When you create writeable dataviews you must provide the entire database path. You cannot perform updates on a writeable dataview. Hence, `auto_update` must be set as `false` if `read_write` is `true` for a dataview.\n* You must also use a unique volume for creating a writeable dataview. So, if you choose a volume that is already in use by another dataview, the dataview creation fails.\n* Once you create a dataview as writeable, you cannot change it to read-only. So, you cannot update the `read_write` parameter later.\n" }, "segmentConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxDataviewSegmentConfiguration:KxDataviewSegmentConfiguration" }, "description": "The configuration that contains the database path of the data that you want to place on each selected volume. Each segment must have a unique database path for each volume. If you do not explicitly specify any database path for a volume, they are accessible from the cluster through the default S3/object store segment. See segment_configurations below.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "autoUpdate", "azMode", "createdTimestamp", "databaseName", "environmentId", "lastModifiedTimestamp", "name", "status", "tagsAll" ], "inputProperties": { "autoUpdate": { "type": "boolean", "description": "The option to specify whether you want to apply all the future additions and corrections automatically to the dataview, when you ingest new changesets. The default value is false.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "The identifier of the availability zones. If attaching a volume, the volume must be in the same availability zone as the dataview that you are attaching to.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* `SINGLE` - Assigns one availability zone per cluster.\n* `MULTI` - Assigns all the availability zones per cluster.\n", "willReplaceOnChanges": true }, "changesetId": { "type": "string", "description": "A unique identifier of the changeset of the database that you want to use to ingest data.\n" }, "databaseName": { "type": "string", "description": "The name of the database where you want to create a dataview.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the dataview.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A unique identifier for the dataview.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "readWrite": { "type": "boolean", "description": "The option to specify whether you want to make the dataview writable to perform database maintenance. The following are some considerations related to writable dataviews.\n* You cannot create partial writable dataviews. When you create writeable dataviews you must provide the entire database path. You cannot perform updates on a writeable dataview. Hence, `auto_update` must be set as `false` if `read_write` is `true` for a dataview.\n* You must also use a unique volume for creating a writeable dataview. So, if you choose a volume that is already in use by another dataview, the dataview creation fails.\n* Once you create a dataview as writeable, you cannot change it to read-only. So, you cannot update the `read_write` parameter later.\n", "willReplaceOnChanges": true }, "segmentConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxDataviewSegmentConfiguration:KxDataviewSegmentConfiguration" }, "description": "The configuration that contains the database path of the data that you want to place on each selected volume. Each segment must have a unique database path for each volume. If you do not explicitly specify any database path for a volume, they are accessible from the cluster through the default S3/object store segment. See segment_configurations below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "autoUpdate", "azMode", "databaseName", "environmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxDataview resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX dataview.\n" }, "autoUpdate": { "type": "boolean", "description": "The option to specify whether you want to apply all the future additions and corrections automatically to the dataview, when you ingest new changesets. The default value is false.\n", "willReplaceOnChanges": true }, "availabilityZoneId": { "type": "string", "description": "The identifier of the availability zones. If attaching a volume, the volume must be in the same availability zone as the dataview that you are attaching to.\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per cluster. This can be one of the following:\n* `SINGLE` - Assigns one availability zone per cluster.\n* `MULTI` - Assigns all the availability zones per cluster.\n", "willReplaceOnChanges": true }, "changesetId": { "type": "string", "description": "A unique identifier of the changeset of the database that you want to use to ingest data.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the dataview was created in FinSpace. Value determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "databaseName": { "type": "string", "description": "The name of the database where you want to create a dataview.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the dataview.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "lastModifiedTimestamp": { "type": "string", "description": "The last time that the dataview was updated in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "name": { "type": "string", "description": "A unique identifier for the dataview.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "readWrite": { "type": "boolean", "description": "The option to specify whether you want to make the dataview writable to perform database maintenance. The following are some considerations related to writable dataviews.\n* You cannot create partial writable dataviews. When you create writeable dataviews you must provide the entire database path. You cannot perform updates on a writeable dataview. Hence, `auto_update` must be set as `false` if `read_write` is `true` for a dataview.\n* You must also use a unique volume for creating a writeable dataview. So, if you choose a volume that is already in use by another dataview, the dataview creation fails.\n* Once you create a dataview as writeable, you cannot change it to read-only. So, you cannot update the `read_write` parameter later.\n", "willReplaceOnChanges": true }, "segmentConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxDataviewSegmentConfiguration:KxDataviewSegmentConfiguration" }, "description": "The configuration that contains the database path of the data that you want to place on each selected volume. Each segment must have a unique database path for each volume. If you do not explicitly specify any database path for a volume, they are accessible from the cluster through the default S3/object store segment. See segment_configurations below.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:finspace/kxEnvironment:KxEnvironment": { "description": "Resource for managing an AWS FinSpace Kx Environment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Sample KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleKxEnvironment = new aws.finspace.KxEnvironment(\"example\", {\n name: \"my-tf-kx-environment\",\n kmsKeyId: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Sample KMS Key\",\n deletion_window_in_days=7)\nexample_kx_environment = aws.finspace.KxEnvironment(\"example\",\n name=\"my-tf-kx-environment\",\n kms_key_id=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Sample KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKxEnvironment = new Aws.FinSpace.KxEnvironment(\"example\", new()\n {\n Name = \"my-tf-kx-environment\",\n KmsKeyId = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Sample KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxEnvironment(ctx, \"example\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Sample KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKxEnvironment = new KxEnvironment(\"exampleKxEnvironment\", KxEnvironmentArgs.builder()\n .name(\"my-tf-kx-environment\")\n .kmsKeyId(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Sample KMS Key\n deletionWindowInDays: 7\n exampleKxEnvironment:\n type: aws:finspace:KxEnvironment\n name: example\n properties:\n name: my-tf-kx-environment\n kmsKeyId: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Transit Gateway Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Sample KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {description: \"example\"});\nconst exampleEnv = new aws.finspace.KxEnvironment(\"example_env\", {\n name: \"my-tf-kx-environment\",\n description: \"Environment description\",\n kmsKeyId: example.arn,\n transitGatewayConfiguration: {\n transitGatewayId: exampleTransitGateway.id,\n routableCidrSpace: \"100.64.0.0/26\",\n },\n customDnsConfigurations: [{\n customDnsServerName: \"example.finspace.amazonaws.com\",\n customDnsServerIp: \"10.0.0.76\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Sample KMS Key\",\n deletion_window_in_days=7)\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\", description=\"example\")\nexample_env = aws.finspace.KxEnvironment(\"example_env\",\n name=\"my-tf-kx-environment\",\n description=\"Environment description\",\n kms_key_id=example.arn,\n transit_gateway_configuration={\n \"transit_gateway_id\": example_transit_gateway.id,\n \"routable_cidr_space\": \"100.64.0.0/26\",\n },\n custom_dns_configurations=[{\n \"custom_dns_server_name\": \"example.finspace.amazonaws.com\",\n \"custom_dns_server_ip\": \"10.0.0.76\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Sample KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleEnv = new Aws.FinSpace.KxEnvironment(\"example_env\", new()\n {\n Name = \"my-tf-kx-environment\",\n Description = \"Environment description\",\n KmsKeyId = example.Arn,\n TransitGatewayConfiguration = new Aws.FinSpace.Inputs.KxEnvironmentTransitGatewayConfigurationArgs\n {\n TransitGatewayId = exampleTransitGateway.Id,\n RoutableCidrSpace = \"100.64.0.0/26\",\n },\n CustomDnsConfigurations = new[]\n {\n new Aws.FinSpace.Inputs.KxEnvironmentCustomDnsConfigurationArgs\n {\n CustomDnsServerName = \"example.finspace.amazonaws.com\",\n CustomDnsServerIp = \"10.0.0.76\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Sample KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxEnvironment(ctx, \"example_env\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tDescription: pulumi.String(\"Environment description\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t\tTransitGatewayConfiguration: \u0026finspace.KxEnvironmentTransitGatewayConfigurationArgs{\n\t\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\t\tRoutableCidrSpace: pulumi.String(\"100.64.0.0/26\"),\n\t\t\t},\n\t\t\tCustomDnsConfigurations: finspace.KxEnvironmentCustomDnsConfigurationArray{\n\t\t\t\t\u0026finspace.KxEnvironmentCustomDnsConfigurationArgs{\n\t\t\t\t\tCustomDnsServerName: pulumi.String(\"example.finspace.amazonaws.com\"),\n\t\t\t\t\tCustomDnsServerIp: pulumi.String(\"10.0.0.76\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2transitgateway.TransitGatewayArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport com.pulumi.aws.finspace.inputs.KxEnvironmentTransitGatewayConfigurationArgs;\nimport com.pulumi.aws.finspace.inputs.KxEnvironmentCustomDnsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Sample KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\", TransitGatewayArgs.builder()\n .description(\"example\")\n .build());\n\n var exampleEnv = new KxEnvironment(\"exampleEnv\", KxEnvironmentArgs.builder()\n .name(\"my-tf-kx-environment\")\n .description(\"Environment description\")\n .kmsKeyId(example.arn())\n .transitGatewayConfiguration(KxEnvironmentTransitGatewayConfigurationArgs.builder()\n .transitGatewayId(exampleTransitGateway.id())\n .routableCidrSpace(\"100.64.0.0/26\")\n .build())\n .customDnsConfigurations(KxEnvironmentCustomDnsConfigurationArgs.builder()\n .customDnsServerName(\"example.finspace.amazonaws.com\")\n .customDnsServerIp(\"10.0.0.76\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Sample KMS Key\n deletionWindowInDays: 7\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n properties:\n description: example\n exampleEnv:\n type: aws:finspace:KxEnvironment\n name: example_env\n properties:\n name: my-tf-kx-environment\n description: Environment description\n kmsKeyId: ${example.arn}\n transitGatewayConfiguration:\n transitGatewayId: ${exampleTransitGateway.id}\n routableCidrSpace: 100.64.0.0/26\n customDnsConfigurations:\n - customDnsServerName: example.finspace.amazonaws.com\n customDnsServerIp: 10.0.0.76\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Transit Gateway Attachment Network ACL Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Sample KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {description: \"example\"});\nconst exampleEnv = new aws.finspace.KxEnvironment(\"example_env\", {\n name: \"my-tf-kx-environment\",\n description: \"Environment description\",\n kmsKeyId: example.arn,\n transitGatewayConfiguration: {\n transitGatewayId: exampleTransitGateway.id,\n routableCidrSpace: \"100.64.0.0/26\",\n attachmentNetworkAclConfigurations: [{\n ruleNumber: 1,\n protocol: \"6\",\n ruleAction: \"allow\",\n cidrBlock: \"0.0.0.0/0\",\n portRange: {\n from: 53,\n to: 53,\n },\n icmpTypeCode: {\n type: -1,\n code: -1,\n },\n }],\n },\n customDnsConfigurations: [{\n customDnsServerName: \"example.finspace.amazonaws.com\",\n customDnsServerIp: \"10.0.0.76\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Sample KMS Key\",\n deletion_window_in_days=7)\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\", description=\"example\")\nexample_env = aws.finspace.KxEnvironment(\"example_env\",\n name=\"my-tf-kx-environment\",\n description=\"Environment description\",\n kms_key_id=example.arn,\n transit_gateway_configuration={\n \"transit_gateway_id\": example_transit_gateway.id,\n \"routable_cidr_space\": \"100.64.0.0/26\",\n \"attachment_network_acl_configurations\": [{\n \"rule_number\": 1,\n \"protocol\": \"6\",\n \"rule_action\": \"allow\",\n \"cidr_block\": \"0.0.0.0/0\",\n \"port_range\": {\n \"from_\": 53,\n \"to\": 53,\n },\n \"icmp_type_code\": {\n \"type\": -1,\n \"code\": -1,\n },\n }],\n },\n custom_dns_configurations=[{\n \"custom_dns_server_name\": \"example.finspace.amazonaws.com\",\n \"custom_dns_server_ip\": \"10.0.0.76\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Sample KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleEnv = new Aws.FinSpace.KxEnvironment(\"example_env\", new()\n {\n Name = \"my-tf-kx-environment\",\n Description = \"Environment description\",\n KmsKeyId = example.Arn,\n TransitGatewayConfiguration = new Aws.FinSpace.Inputs.KxEnvironmentTransitGatewayConfigurationArgs\n {\n TransitGatewayId = exampleTransitGateway.Id,\n RoutableCidrSpace = \"100.64.0.0/26\",\n AttachmentNetworkAclConfigurations = new[]\n {\n new Aws.FinSpace.Inputs.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationArgs\n {\n RuleNumber = 1,\n Protocol = \"6\",\n RuleAction = \"allow\",\n CidrBlock = \"0.0.0.0/0\",\n PortRange = new Aws.FinSpace.Inputs.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRangeArgs\n {\n From = 53,\n To = 53,\n },\n IcmpTypeCode = new Aws.FinSpace.Inputs.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCodeArgs\n {\n Type = -1,\n Code = -1,\n },\n },\n },\n },\n CustomDnsConfigurations = new[]\n {\n new Aws.FinSpace.Inputs.KxEnvironmentCustomDnsConfigurationArgs\n {\n CustomDnsServerName = \"example.finspace.amazonaws.com\",\n CustomDnsServerIp = \"10.0.0.76\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Sample KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", \u0026ec2transitgateway.TransitGatewayArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxEnvironment(ctx, \"example_env\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tDescription: pulumi.String(\"Environment description\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t\tTransitGatewayConfiguration: \u0026finspace.KxEnvironmentTransitGatewayConfigurationArgs{\n\t\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\t\tRoutableCidrSpace: pulumi.String(\"100.64.0.0/26\"),\n\t\t\t\tAttachmentNetworkAclConfigurations: finspace.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationArray{\n\t\t\t\t\t\u0026finspace.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationArgs{\n\t\t\t\t\t\tRuleNumber: pulumi.Int(1),\n\t\t\t\t\t\tProtocol: pulumi.String(\"6\"),\n\t\t\t\t\t\tRuleAction: pulumi.String(\"allow\"),\n\t\t\t\t\t\tCidrBlock: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\tPortRange: \u0026finspace.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationPortRangeArgs{\n\t\t\t\t\t\t\tFrom: pulumi.Int(53),\n\t\t\t\t\t\t\tTo: pulumi.Int(53),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tIcmpTypeCode: \u0026finspace.KxEnvironmentTransitGatewayConfigurationAttachmentNetworkAclConfigurationIcmpTypeCodeArgs{\n\t\t\t\t\t\t\tType: int(-1),\n\t\t\t\t\t\t\tCode: int(-1),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tCustomDnsConfigurations: finspace.KxEnvironmentCustomDnsConfigurationArray{\n\t\t\t\t\u0026finspace.KxEnvironmentCustomDnsConfigurationArgs{\n\t\t\t\t\tCustomDnsServerName: pulumi.String(\"example.finspace.amazonaws.com\"),\n\t\t\t\t\tCustomDnsServerIp: pulumi.String(\"10.0.0.76\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Sample KMS Key\n deletionWindowInDays: 7\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n properties:\n description: example\n exampleEnv:\n type: aws:finspace:KxEnvironment\n name: example_env\n properties:\n name: my-tf-kx-environment\n description: Environment description\n kmsKeyId: ${example.arn}\n transitGatewayConfiguration:\n transitGatewayId: ${exampleTransitGateway.id}\n routableCidrSpace: 100.64.0.0/26\n attachmentNetworkAclConfigurations:\n - ruleNumber: 1\n protocol: '6'\n ruleAction: allow\n cidrBlock: 0.0.0.0/0\n portRange:\n from: 53\n to: 53\n icmpTypeCode:\n type: -1\n code: -1\n customDnsConfigurations:\n - customDnsServerName: example.finspace.amazonaws.com\n customDnsServerIp: 10.0.0.76\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Environment using the `id`. For example:\n\n```sh\n$ pulumi import aws:finspace/kxEnvironment:KxEnvironment example n3ceo7wqxoxcti5tujqwzs\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX environment.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "AWS Availability Zone IDs that this environment is available in. Important when selecting VPC subnets to use in cluster creation.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the environment is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "customDnsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxEnvironmentCustomDnsConfiguration:KxEnvironmentCustomDnsConfiguration" }, "description": "List of DNS server name and server IP. This is used to set up Route-53 outbound resolvers. Defined below.\n" }, "description": { "type": "string", "description": "Description for the KX environment.\n" }, "infrastructureAccountId": { "type": "string", "description": "Unique identifier for the AWS environment infrastructure account.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ID to encrypt your data in the FinSpace environment.\n\nThe following arguments are optional:\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the environment was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Name of the KX environment that you want to create.\n" }, "status": { "type": "string", "description": "Status of environment creation\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayConfiguration": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfiguration:KxEnvironmentTransitGatewayConfiguration", "description": "Transit gateway and network configuration that is used to connect the KX environment to an internal network. Defined below.\n" } }, "required": [ "arn", "availabilityZones", "createdTimestamp", "infrastructureAccountId", "kmsKeyId", "lastModifiedTimestamp", "name", "status", "tagsAll" ], "inputProperties": { "customDnsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxEnvironmentCustomDnsConfiguration:KxEnvironmentCustomDnsConfiguration" }, "description": "List of DNS server name and server IP. This is used to set up Route-53 outbound resolvers. Defined below.\n" }, "description": { "type": "string", "description": "Description for the KX environment.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ID to encrypt your data in the FinSpace environment.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the KX environment that you want to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayConfiguration": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfiguration:KxEnvironmentTransitGatewayConfiguration", "description": "Transit gateway and network configuration that is used to connect the KX environment to an internal network. Defined below.\n" } }, "requiredInputs": [ "kmsKeyId" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxEnvironment resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX environment.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "AWS Availability Zone IDs that this environment is available in. Important when selecting VPC subnets to use in cluster creation.\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp at which the environment is created in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "customDnsConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxEnvironmentCustomDnsConfiguration:KxEnvironmentCustomDnsConfiguration" }, "description": "List of DNS server name and server IP. This is used to set up Route-53 outbound resolvers. Defined below.\n" }, "description": { "type": "string", "description": "Description for the KX environment.\n" }, "infrastructureAccountId": { "type": "string", "description": "Unique identifier for the AWS environment infrastructure account.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ID to encrypt your data in the FinSpace environment.\n\nThe following arguments are optional:\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the environment was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Name of the KX environment that you want to create.\n" }, "status": { "type": "string", "description": "Status of environment creation\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayConfiguration": { "$ref": "#/types/aws:finspace/KxEnvironmentTransitGatewayConfiguration:KxEnvironmentTransitGatewayConfiguration", "description": "Transit gateway and network configuration that is used to connect the KX environment to an internal network. Defined below.\n" } }, "type": "object" } }, "aws:finspace/kxScalingGroup:KxScalingGroup": { "description": "Resource for managing an AWS FinSpace Kx Scaling Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.finspace.KxScalingGroup(\"example\", {\n name: \"my-tf-kx-scalinggroup\",\n environmentId: exampleAwsFinspaceKxEnvironment.id,\n availabilityZoneId: \"use1-az2\",\n hostType: \"kx.sg.4xlarge\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.finspace.KxScalingGroup(\"example\",\n name=\"my-tf-kx-scalinggroup\",\n environment_id=example_aws_finspace_kx_environment[\"id\"],\n availability_zone_id=\"use1-az2\",\n host_type=\"kx.sg.4xlarge\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.FinSpace.KxScalingGroup(\"example\", new()\n {\n Name = \"my-tf-kx-scalinggroup\",\n EnvironmentId = exampleAwsFinspaceKxEnvironment.Id,\n AvailabilityZoneId = \"use1-az2\",\n HostType = \"kx.sg.4xlarge\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := finspace.NewKxScalingGroup(ctx, \"example\", \u0026finspace.KxScalingGroupArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-scalinggroup\"),\n\t\t\tEnvironmentId: pulumi.Any(exampleAwsFinspaceKxEnvironment.Id),\n\t\t\tAvailabilityZoneId: pulumi.String(\"use1-az2\"),\n\t\t\tHostType: pulumi.String(\"kx.sg.4xlarge\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.finspace.KxScalingGroup;\nimport com.pulumi.aws.finspace.KxScalingGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KxScalingGroup(\"example\", KxScalingGroupArgs.builder()\n .name(\"my-tf-kx-scalinggroup\")\n .environmentId(exampleAwsFinspaceKxEnvironment.id())\n .availabilityZoneId(\"use1-az2\")\n .hostType(\"kx.sg.4xlarge\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:finspace:KxScalingGroup\n properties:\n name: my-tf-kx-scalinggroup\n environmentId: ${exampleAwsFinspaceKxEnvironment.id}\n availabilityZoneId: use1-az2\n hostType: kx.sg.4xlarge\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Scaling Group using the `id` (environment ID and scaling group name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxScalingGroup:KxScalingGroup example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-scalinggroup\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX Scaling Group.\n" }, "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions.\n" }, "clusters": { "type": "array", "items": { "type": "string" }, "description": "The list of Managed kdb clusters that are currently active in the given scaling group.\n" }, "createdTimestamp": { "type": "string", "description": "The timestamp at which the scaling group was created in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, where you want to create the scaling group.\n" }, "hostType": { "type": "string", "description": "The memory and CPU capabilities of the scaling group host on which FinSpace Managed kdb clusters will be placed.\n\nThe following arguments are optional:\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the scaling group was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the scaling group that you want to create.\n" }, "status": { "type": "string", "description": "The status of scaling group.\n* `CREATING` – The scaling group creation is in progress.\n* `CREATE_FAILED` – The scaling group creation has failed.\n* `ACTIVE` – The scaling group is active.\n* `UPDATING` – The scaling group is in the process of being updated.\n* `UPDATE_FAILED` – The update action failed.\n* `DELETING` – The scaling group is in the process of being deleted.\n* `DELETE_FAILED` – The system failed to delete the scaling group.\n* `DELETED` – The scaling group is successfully deleted.\n" }, "statusReason": { "type": "string", "description": "The error message when a failed state occurs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. You can add up to 50 tags to a scaling group.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "availabilityZoneId", "clusters", "createdTimestamp", "environmentId", "hostType", "lastModifiedTimestamp", "name", "status", "statusReason", "tagsAll" ], "inputProperties": { "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, where you want to create the scaling group.\n", "willReplaceOnChanges": true }, "hostType": { "type": "string", "description": "The memory and CPU capabilities of the scaling group host on which FinSpace Managed kdb clusters will be placed.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the scaling group that you want to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. You can add up to 50 tags to a scaling group.\n" } }, "requiredInputs": [ "availabilityZoneId", "environmentId", "hostType" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxScalingGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX Scaling Group.\n" }, "availabilityZoneId": { "type": "string", "description": "The availability zone identifiers for the requested regions.\n", "willReplaceOnChanges": true }, "clusters": { "type": "array", "items": { "type": "string" }, "description": "The list of Managed kdb clusters that are currently active in the given scaling group.\n" }, "createdTimestamp": { "type": "string", "description": "The timestamp at which the scaling group was created in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, where you want to create the scaling group.\n", "willReplaceOnChanges": true }, "hostType": { "type": "string", "description": "The memory and CPU capabilities of the scaling group host on which FinSpace Managed kdb clusters will be placed.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the scaling group was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the scaling group that you want to create.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of scaling group.\n* `CREATING` – The scaling group creation is in progress.\n* `CREATE_FAILED` – The scaling group creation has failed.\n* `ACTIVE` – The scaling group is active.\n* `UPDATING` – The scaling group is in the process of being updated.\n* `UPDATE_FAILED` – The update action failed.\n* `DELETING` – The scaling group is in the process of being deleted.\n* `DELETE_FAILED` – The system failed to delete the scaling group.\n* `DELETED` – The scaling group is successfully deleted.\n" }, "statusReason": { "type": "string", "description": "The error message when a failed state occurs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. You can add up to 50 tags to a scaling group.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:finspace/kxUser:KxUser": { "description": "Resource for managing an AWS FinSpace Kx User.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Example KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleKxEnvironment = new aws.finspace.KxEnvironment(\"example\", {\n name: \"my-tf-kx-environment\",\n kmsKeyId: example.arn,\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKxUser = new aws.finspace.KxUser(\"example\", {\n name: \"my-tf-kx-user\",\n environmentId: exampleKxEnvironment.id,\n iamRole: exampleRole.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Example KMS Key\",\n deletion_window_in_days=7)\nexample_kx_environment = aws.finspace.KxEnvironment(\"example\",\n name=\"my-tf-kx-environment\",\n kms_key_id=example.arn)\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_kx_user = aws.finspace.KxUser(\"example\",\n name=\"my-tf-kx-user\",\n environment_id=example_kx_environment.id,\n iam_role=example_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKxEnvironment = new Aws.FinSpace.KxEnvironment(\"example\", new()\n {\n Name = \"my-tf-kx-environment\",\n KmsKeyId = example.Arn,\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKxUser = new Aws.FinSpace.KxUser(\"example\", new()\n {\n Name = \"my-tf-kx-user\",\n EnvironmentId = exampleKxEnvironment.Id,\n IamRole = exampleRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKxEnvironment, err := finspace.NewKxEnvironment(ctx, \"example\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxUser(ctx, \"example\", \u0026finspace.KxUserArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-user\"),\n\t\t\tEnvironmentId: exampleKxEnvironment.ID(),\n\t\t\tIamRole: exampleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.finspace.KxUser;\nimport com.pulumi.aws.finspace.KxUserArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Example KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKxEnvironment = new KxEnvironment(\"exampleKxEnvironment\", KxEnvironmentArgs.builder()\n .name(\"my-tf-kx-environment\")\n .kmsKeyId(example.arn())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example-role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKxUser = new KxUser(\"exampleKxUser\", KxUserArgs.builder()\n .name(\"my-tf-kx-user\")\n .environmentId(exampleKxEnvironment.id())\n .iamRole(exampleRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n deletionWindowInDays: 7\n exampleKxEnvironment:\n type: aws:finspace:KxEnvironment\n name: example\n properties:\n name: my-tf-kx-environment\n kmsKeyId: ${example.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n exampleKxUser:\n type: aws:finspace:KxUser\n name: example\n properties:\n name: my-tf-kx-user\n environmentId: ${exampleKxEnvironment.id}\n iamRole: ${exampleRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx User using the `id` (environment ID and user name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxUser:KxUser example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-user\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX user.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n" }, "iamRole": { "type": "string", "description": "IAM role ARN to be associated with the user.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "A unique identifier for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "environmentId", "iamRole", "name", "tagsAll" ], "inputProperties": { "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "iamRole": { "type": "string", "description": "IAM role ARN to be associated with the user.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "A unique identifier for the user.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "environmentId", "iamRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxUser resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX user.\n" }, "environmentId": { "type": "string", "description": "Unique identifier for the KX environment.\n", "willReplaceOnChanges": true }, "iamRole": { "type": "string", "description": "IAM role ARN to be associated with the user.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "A unique identifier for the user.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:finspace/kxVolume:KxVolume": { "description": "Resource for managing an AWS FinSpace Kx Volume.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.finspace.KxVolume(\"example\", {\n name: \"my-tf-kx-volume\",\n environmentId: exampleAwsFinspaceKxEnvironment.id,\n availabilityZones: \"use1-az2\",\n azMode: \"SINGLE\",\n type: \"NAS_1\",\n nas1Configurations: [{\n size: 1200,\n type: \"SSD_250\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.finspace.KxVolume(\"example\",\n name=\"my-tf-kx-volume\",\n environment_id=example_aws_finspace_kx_environment[\"id\"],\n availability_zones=\"use1-az2\",\n az_mode=\"SINGLE\",\n type=\"NAS_1\",\n nas1_configurations=[{\n \"size\": 1200,\n \"type\": \"SSD_250\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.FinSpace.KxVolume(\"example\", new()\n {\n Name = \"my-tf-kx-volume\",\n EnvironmentId = exampleAwsFinspaceKxEnvironment.Id,\n AvailabilityZones = \"use1-az2\",\n AzMode = \"SINGLE\",\n Type = \"NAS_1\",\n Nas1Configurations = new[]\n {\n new Aws.FinSpace.Inputs.KxVolumeNas1ConfigurationArgs\n {\n Size = 1200,\n Type = \"SSD_250\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := finspace.NewKxVolume(ctx, \"example\", \u0026finspace.KxVolumeArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-volume\"),\n\t\t\tEnvironmentId: pulumi.Any(exampleAwsFinspaceKxEnvironment.Id),\n\t\t\tAvailabilityZones: pulumi.StringArray(\"use1-az2\"),\n\t\t\tAzMode: pulumi.String(\"SINGLE\"),\n\t\t\tType: pulumi.String(\"NAS_1\"),\n\t\t\tNas1Configurations: finspace.KxVolumeNas1ConfigurationArray{\n\t\t\t\t\u0026finspace.KxVolumeNas1ConfigurationArgs{\n\t\t\t\t\tSize: pulumi.Int(1200),\n\t\t\t\t\tType: pulumi.String(\"SSD_250\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.finspace.KxVolume;\nimport com.pulumi.aws.finspace.KxVolumeArgs;\nimport com.pulumi.aws.finspace.inputs.KxVolumeNas1ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new KxVolume(\"example\", KxVolumeArgs.builder()\n .name(\"my-tf-kx-volume\")\n .environmentId(exampleAwsFinspaceKxEnvironment.id())\n .availabilityZones(\"use1-az2\")\n .azMode(\"SINGLE\")\n .type(\"NAS_1\")\n .nas1Configurations(KxVolumeNas1ConfigurationArgs.builder()\n .size(1200)\n .type(\"SSD_250\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:finspace:KxVolume\n properties:\n name: my-tf-kx-volume\n environmentId: ${exampleAwsFinspaceKxEnvironment.id}\n availabilityZones: use1-az2\n azMode: SINGLE\n type: NAS_1\n nas1Configurations:\n - size: 1200\n type: SSD_250\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx Volume using the `id` (environment ID and volume name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxVolume:KxVolume example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-volume\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX volume.\n" }, "attachedClusters": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxVolumeAttachedCluster:KxVolumeAttachedCluster" } }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The identifier of the AWS Availability Zone IDs.\n\nThe following arguments are optional:\n" }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per volume. Currently, Finspace only support SINGLE for volumes.\n* `SINGLE` - Assigns one availability zone per volume.\n" }, "createdTimestamp": { "type": "string", "description": "The timestamp at which the volume was created in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "description": { "type": "string", "description": "Description of the volume.\n" }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, whose clusters can attach to the volume.\n" }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the volume was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the volumr that you want to create.\n" }, "nas1Configurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxVolumeNas1Configuration:KxVolumeNas1Configuration" }, "description": "Specifies the configuration for the Network attached storage (`NAS_1`) file system volume. This parameter is required when `volume_type` is `NAS_1`. See `nas1_configuration` Argument Reference below.\n" }, "status": { "type": "string", "description": "The status of volume creation.\n* `CREATING` – The volume creation is in progress.\n* `CREATE_FAILED` – The volume creation has failed.\n* `ACTIVE` – The volume is active.\n* `UPDATING` – The volume is in the process of being updated.\n* `UPDATE_FAILED` – The update action failed.\n* `UPDATED` – The volume is successfully updated.\n* `DELETING` – The volume is in the process of being deleted.\n* `DELETE_FAILED` – The system failed to delete the volume.\n* `DELETED` – The volume is successfully deleted.\n" }, "statusReason": { "type": "string", "description": "The error message when a failed state occurs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs to label the volume. You can add up to 50 tags to a volume\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of file system volume. Currently, FinSpace only supports the `NAS_1` volume type. When you select the `NAS_1` volume type, you must also provide `nas1_configuration`.\n" } }, "required": [ "arn", "attachedClusters", "availabilityZones", "azMode", "createdTimestamp", "environmentId", "lastModifiedTimestamp", "name", "status", "statusReason", "tagsAll", "type" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The identifier of the AWS Availability Zone IDs.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per volume. Currently, Finspace only support SINGLE for volumes.\n* `SINGLE` - Assigns one availability zone per volume.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the volume.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, whose clusters can attach to the volume.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Unique name for the volumr that you want to create.\n", "willReplaceOnChanges": true }, "nas1Configurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxVolumeNas1Configuration:KxVolumeNas1Configuration" }, "description": "Specifies the configuration for the Network attached storage (`NAS_1`) file system volume. This parameter is required when `volume_type` is `NAS_1`. See `nas1_configuration` Argument Reference below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs to label the volume. You can add up to 50 tags to a volume\n" }, "type": { "type": "string", "description": "The type of file system volume. Currently, FinSpace only supports the `NAS_1` volume type. When you select the `NAS_1` volume type, you must also provide `nas1_configuration`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "availabilityZones", "azMode", "environmentId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering KxVolume resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifier of the KX volume.\n" }, "attachedClusters": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxVolumeAttachedCluster:KxVolumeAttachedCluster" } }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "The identifier of the AWS Availability Zone IDs.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "azMode": { "type": "string", "description": "The number of availability zones you want to assign per volume. Currently, Finspace only support SINGLE for volumes.\n* `SINGLE` - Assigns one availability zone per volume.\n", "willReplaceOnChanges": true }, "createdTimestamp": { "type": "string", "description": "The timestamp at which the volume was created in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.\n" }, "description": { "type": "string", "description": "Description of the volume.\n", "willReplaceOnChanges": true }, "environmentId": { "type": "string", "description": "A unique identifier for the kdb environment, whose clusters can attach to the volume.\n", "willReplaceOnChanges": true }, "lastModifiedTimestamp": { "type": "string", "description": "Last timestamp at which the volume was updated in FinSpace. Value determined as epoch time in seconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000.\n" }, "name": { "type": "string", "description": "Unique name for the volumr that you want to create.\n", "willReplaceOnChanges": true }, "nas1Configurations": { "type": "array", "items": { "$ref": "#/types/aws:finspace/KxVolumeNas1Configuration:KxVolumeNas1Configuration" }, "description": "Specifies the configuration for the Network attached storage (`NAS_1`) file system volume. This parameter is required when `volume_type` is `NAS_1`. See `nas1_configuration` Argument Reference below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of volume creation.\n* `CREATING` – The volume creation is in progress.\n* `CREATE_FAILED` – The volume creation has failed.\n* `ACTIVE` – The volume is active.\n* `UPDATING` – The volume is in the process of being updated.\n* `UPDATE_FAILED` – The update action failed.\n* `UPDATED` – The volume is successfully updated.\n* `DELETING` – The volume is in the process of being deleted.\n* `DELETE_FAILED` – The system failed to delete the volume.\n* `DELETED` – The volume is successfully deleted.\n" }, "statusReason": { "type": "string", "description": "The error message when a failed state occurs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of key-value pairs to label the volume. You can add up to 50 tags to a volume\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of file system volume. Currently, FinSpace only supports the `NAS_1` volume type. When you select the `NAS_1` volume type, you must also provide `nas1_configuration`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fis/experimentTemplate:ExperimentTemplate": { "description": "Provides an FIS Experiment Template, which can be used to run an experiment.\nAn experiment template contains one or more actions to run on specified targets during an experiment.\nIt also contains the stop conditions that prevent the experiment from going out of bounds.\nSee [Amazon Fault Injection Simulator](https://docs.aws.amazon.com/fis/index.html)\nfor more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fis.ExperimentTemplate(\"example\", {\n description: \"example\",\n roleArn: exampleAwsIamRole.arn,\n stopConditions: [{\n source: \"none\",\n }],\n actions: [{\n name: \"example-action\",\n actionId: \"aws:ec2:terminate-instances\",\n target: {\n key: \"Instances\",\n value: \"example-target\",\n },\n }],\n targets: [{\n name: \"example-target\",\n resourceType: \"aws:ec2:instance\",\n selectionMode: \"COUNT(1)\",\n resourceTags: [{\n key: \"env\",\n value: \"example\",\n }],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fis.ExperimentTemplate(\"example\",\n description=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n stop_conditions=[{\n \"source\": \"none\",\n }],\n actions=[{\n \"name\": \"example-action\",\n \"action_id\": \"aws:ec2:terminate-instances\",\n \"target\": {\n \"key\": \"Instances\",\n \"value\": \"example-target\",\n },\n }],\n targets=[{\n \"name\": \"example-target\",\n \"resource_type\": \"aws:ec2:instance\",\n \"selection_mode\": \"COUNT(1)\",\n \"resource_tags\": [{\n \"key\": \"env\",\n \"value\": \"example\",\n }],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fis.ExperimentTemplate(\"example\", new()\n {\n Description = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n StopConditions = new[]\n {\n new Aws.Fis.Inputs.ExperimentTemplateStopConditionArgs\n {\n Source = \"none\",\n },\n },\n Actions = new[]\n {\n new Aws.Fis.Inputs.ExperimentTemplateActionArgs\n {\n Name = \"example-action\",\n ActionId = \"aws:ec2:terminate-instances\",\n Target = new Aws.Fis.Inputs.ExperimentTemplateActionTargetArgs\n {\n Key = \"Instances\",\n Value = \"example-target\",\n },\n },\n },\n Targets = new[]\n {\n new Aws.Fis.Inputs.ExperimentTemplateTargetArgs\n {\n Name = \"example-target\",\n ResourceType = \"aws:ec2:instance\",\n SelectionMode = \"COUNT(1)\",\n ResourceTags = new[]\n {\n new Aws.Fis.Inputs.ExperimentTemplateTargetResourceTagArgs\n {\n Key = \"env\",\n Value = \"example\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fis.NewExperimentTemplate(ctx, \"example\", \u0026fis.ExperimentTemplateArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tStopConditions: fis.ExperimentTemplateStopConditionArray{\n\t\t\t\t\u0026fis.ExperimentTemplateStopConditionArgs{\n\t\t\t\t\tSource: pulumi.String(\"none\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tActions: fis.ExperimentTemplateActionArray{\n\t\t\t\t\u0026fis.ExperimentTemplateActionArgs{\n\t\t\t\t\tName: pulumi.String(\"example-action\"),\n\t\t\t\t\tActionId: pulumi.String(\"aws:ec2:terminate-instances\"),\n\t\t\t\t\tTarget: \u0026fis.ExperimentTemplateActionTargetArgs{\n\t\t\t\t\t\tKey: pulumi.String(\"Instances\"),\n\t\t\t\t\t\tValue: pulumi.String(\"example-target\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargets: fis.ExperimentTemplateTargetArray{\n\t\t\t\t\u0026fis.ExperimentTemplateTargetArgs{\n\t\t\t\t\tName: pulumi.String(\"example-target\"),\n\t\t\t\t\tResourceType: pulumi.String(\"aws:ec2:instance\"),\n\t\t\t\t\tSelectionMode: pulumi.String(\"COUNT(1)\"),\n\t\t\t\t\tResourceTags: fis.ExperimentTemplateTargetResourceTagArray{\n\t\t\t\t\t\t\u0026fis.ExperimentTemplateTargetResourceTagArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"env\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fis.ExperimentTemplate;\nimport com.pulumi.aws.fis.ExperimentTemplateArgs;\nimport com.pulumi.aws.fis.inputs.ExperimentTemplateStopConditionArgs;\nimport com.pulumi.aws.fis.inputs.ExperimentTemplateActionArgs;\nimport com.pulumi.aws.fis.inputs.ExperimentTemplateActionTargetArgs;\nimport com.pulumi.aws.fis.inputs.ExperimentTemplateTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ExperimentTemplate(\"example\", ExperimentTemplateArgs.builder()\n .description(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .stopConditions(ExperimentTemplateStopConditionArgs.builder()\n .source(\"none\")\n .build())\n .actions(ExperimentTemplateActionArgs.builder()\n .name(\"example-action\")\n .actionId(\"aws:ec2:terminate-instances\")\n .target(ExperimentTemplateActionTargetArgs.builder()\n .key(\"Instances\")\n .value(\"example-target\")\n .build())\n .build())\n .targets(ExperimentTemplateTargetArgs.builder()\n .name(\"example-target\")\n .resourceType(\"aws:ec2:instance\")\n .selectionMode(\"COUNT(1)\")\n .resourceTags(ExperimentTemplateTargetResourceTagArgs.builder()\n .key(\"env\")\n .value(\"example\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fis:ExperimentTemplate\n properties:\n description: example\n roleArn: ${exampleAwsIamRole.arn}\n stopConditions:\n - source: none\n actions:\n - name: example-action\n actionId: aws:ec2:terminate-instances\n target:\n key: Instances\n value: example-target\n targets:\n - name: example-target\n resourceType: aws:ec2:instance\n selectionMode: COUNT(1)\n resourceTags:\n - key: env\n value: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FIS Experiment Templates using the `id`. For example:\n\n```sh\n$ pulumi import aws:fis/experimentTemplate:ExperimentTemplate template EXT123AbCdEfGhIjK\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateAction:ExperimentTemplateAction" }, "description": "Action to be performed during an experiment. See below.\n" }, "description": { "type": "string", "description": "Description for the experiment template.\n" }, "experimentOptions": { "$ref": "#/types/aws:fis/ExperimentTemplateExperimentOptions:ExperimentTemplateExperimentOptions", "description": "The experiment options for the experiment template. See experiment_options below for more details!\n" }, "logConfiguration": { "$ref": "#/types/aws:fis/ExperimentTemplateLogConfiguration:ExperimentTemplateLogConfiguration", "description": "The configuration for experiment logging. See below.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.\n" }, "stopConditions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateStopCondition:ExperimentTemplateStopCondition" }, "description": "When an ongoing experiment should be stopped. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateTarget:ExperimentTemplateTarget" }, "description": "Target of an action. See below.\n" } }, "required": [ "actions", "description", "experimentOptions", "roleArn", "stopConditions", "tagsAll" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateAction:ExperimentTemplateAction" }, "description": "Action to be performed during an experiment. See below.\n" }, "description": { "type": "string", "description": "Description for the experiment template.\n" }, "experimentOptions": { "$ref": "#/types/aws:fis/ExperimentTemplateExperimentOptions:ExperimentTemplateExperimentOptions", "description": "The experiment options for the experiment template. See experiment_options below for more details!\n" }, "logConfiguration": { "$ref": "#/types/aws:fis/ExperimentTemplateLogConfiguration:ExperimentTemplateLogConfiguration", "description": "The configuration for experiment logging. See below.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.\n" }, "stopConditions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateStopCondition:ExperimentTemplateStopCondition" }, "description": "When an ongoing experiment should be stopped. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateTarget:ExperimentTemplateTarget" }, "description": "Target of an action. See below.\n" } }, "requiredInputs": [ "actions", "description", "roleArn", "stopConditions" ], "stateInputs": { "description": "Input properties used for looking up and filtering ExperimentTemplate resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateAction:ExperimentTemplateAction" }, "description": "Action to be performed during an experiment. See below.\n" }, "description": { "type": "string", "description": "Description for the experiment template.\n" }, "experimentOptions": { "$ref": "#/types/aws:fis/ExperimentTemplateExperimentOptions:ExperimentTemplateExperimentOptions", "description": "The experiment options for the experiment template. See experiment_options below for more details!\n" }, "logConfiguration": { "$ref": "#/types/aws:fis/ExperimentTemplateLogConfiguration:ExperimentTemplateLogConfiguration", "description": "The configuration for experiment logging. See below.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.\n" }, "stopConditions": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateStopCondition:ExperimentTemplateStopCondition" }, "description": "When an ongoing experiment should be stopped. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:fis/ExperimentTemplateTarget:ExperimentTemplateTarget" }, "description": "Target of an action. See below.\n" } }, "type": "object" } }, "aws:fms/adminAccount:AdminAccount": { "description": "Provides a resource to associate/disassociate an AWS Firewall Manager administrator account. This operation must be performed in the `us-east-1` region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fms.AdminAccount(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fms.AdminAccount(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fms.AdminAccount(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fms.NewAdminAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fms.AdminAccount;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AdminAccount(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fms:AdminAccount\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Firewall Manager administrator account association using the account ID. For example:\n\n```sh\n$ pulumi import aws:fms/adminAccount:AdminAccount example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n" } }, "required": [ "accountId" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering AdminAccount resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fms/policy:Policy": { "description": "Provides a resource to create an AWS Firewall Manager policy. You need to be using AWS organizations and have enabled the Firewall Manager administrator account.\n\n\u003e **NOTE:** Due to limitations with testing, we provide it as best effort. If you find it useful, and have the ability to help test or notice issues, consider reaching out to us on GitHub.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRuleGroup = new aws.wafregional.RuleGroup(\"example\", {\n metricName: \"WAFRuleGroupExample\",\n name: \"WAF-Rule-Group-Example\",\n});\nconst example = new aws.fms.Policy(\"example\", {\n name: \"FMS-Policy-Example\",\n excludeResourceTags: false,\n remediationEnabled: false,\n resourceType: \"AWS::ElasticLoadBalancingV2::LoadBalancer\",\n securityServicePolicyData: {\n type: \"WAF\",\n managedServiceData: pulumi.jsonStringify({\n type: \"WAF\",\n ruleGroups: [{\n id: exampleRuleGroup.id,\n overrideAction: {\n type: \"COUNT\",\n },\n }],\n defaultAction: {\n type: \"BLOCK\",\n },\n overrideCustomerWebACLAssociation: false,\n }),\n },\n tags: {\n Name: \"example-fms-policy\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_rule_group = aws.wafregional.RuleGroup(\"example\",\n metric_name=\"WAFRuleGroupExample\",\n name=\"WAF-Rule-Group-Example\")\nexample = aws.fms.Policy(\"example\",\n name=\"FMS-Policy-Example\",\n exclude_resource_tags=False,\n remediation_enabled=False,\n resource_type=\"AWS::ElasticLoadBalancingV2::LoadBalancer\",\n security_service_policy_data={\n \"type\": \"WAF\",\n \"managed_service_data\": pulumi.Output.json_dumps({\n \"type\": \"WAF\",\n \"rule_groups\": [{\n \"id\": example_rule_group.id,\n \"override_action\": {\n \"type\": \"COUNT\",\n },\n }],\n \"default_action\": {\n \"type\": \"BLOCK\",\n },\n \"override_customer_web_aclassociation\": False,\n }),\n },\n tags={\n \"Name\": \"example-fms-policy\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRuleGroup = new Aws.WafRegional.RuleGroup(\"example\", new()\n {\n MetricName = \"WAFRuleGroupExample\",\n Name = \"WAF-Rule-Group-Example\",\n });\n\n var example = new Aws.Fms.Policy(\"example\", new()\n {\n Name = \"FMS-Policy-Example\",\n ExcludeResourceTags = false,\n RemediationEnabled = false,\n ResourceType = \"AWS::ElasticLoadBalancingV2::LoadBalancer\",\n SecurityServicePolicyData = new Aws.Fms.Inputs.PolicySecurityServicePolicyDataArgs\n {\n Type = \"WAF\",\n ManagedServiceData = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"WAF\",\n [\"ruleGroups\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"id\"] = exampleRuleGroup.Id,\n [\"overrideAction\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"COUNT\",\n },\n },\n },\n [\"defaultAction\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"BLOCK\",\n },\n [\"overrideCustomerWebACLAssociation\"] = false,\n })),\n },\n Tags = \n {\n { \"Name\", \"example-fms-policy\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRuleGroup, err := wafregional.NewRuleGroup(ctx, \"example\", \u0026wafregional.RuleGroupArgs{\n\t\t\tMetricName: pulumi.String(\"WAFRuleGroupExample\"),\n\t\t\tName: pulumi.String(\"WAF-Rule-Group-Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fms.NewPolicy(ctx, \"example\", \u0026fms.PolicyArgs{\n\t\t\tName: pulumi.String(\"FMS-Policy-Example\"),\n\t\t\tExcludeResourceTags: pulumi.Bool(false),\n\t\t\tRemediationEnabled: pulumi.Bool(false),\n\t\t\tResourceType: pulumi.String(\"AWS::ElasticLoadBalancingV2::LoadBalancer\"),\n\t\t\tSecurityServicePolicyData: \u0026fms.PolicySecurityServicePolicyDataArgs{\n\t\t\t\tType: pulumi.String(\"WAF\"),\n\t\t\t\tManagedServiceData: exampleRuleGroup.ID().ApplyT(func(id string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"type\": \"WAF\",\n\t\t\t\t\t\t\"ruleGroups\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"id\": id,\n\t\t\t\t\t\t\t\t\"overrideAction\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"type\": \"COUNT\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"defaultAction\": map[string]interface{}{\n\t\t\t\t\t\t\t\"type\": \"BLOCK\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"overrideCustomerWebACLAssociation\": false,\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-fms-policy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.RuleGroup;\nimport com.pulumi.aws.wafregional.RuleGroupArgs;\nimport com.pulumi.aws.fms.Policy;\nimport com.pulumi.aws.fms.PolicyArgs;\nimport com.pulumi.aws.fms.inputs.PolicySecurityServicePolicyDataArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRuleGroup = new RuleGroup(\"exampleRuleGroup\", RuleGroupArgs.builder()\n .metricName(\"WAFRuleGroupExample\")\n .name(\"WAF-Rule-Group-Example\")\n .build());\n\n var example = new Policy(\"example\", PolicyArgs.builder()\n .name(\"FMS-Policy-Example\")\n .excludeResourceTags(false)\n .remediationEnabled(false)\n .resourceType(\"AWS::ElasticLoadBalancingV2::LoadBalancer\")\n .securityServicePolicyData(PolicySecurityServicePolicyDataArgs.builder()\n .type(\"WAF\")\n .managedServiceData(exampleRuleGroup.id().applyValue(id -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"type\", \"WAF\"),\n jsonProperty(\"ruleGroups\", jsonArray(jsonObject(\n jsonProperty(\"id\", id),\n jsonProperty(\"overrideAction\", jsonObject(\n jsonProperty(\"type\", \"COUNT\")\n ))\n ))),\n jsonProperty(\"defaultAction\", jsonObject(\n jsonProperty(\"type\", \"BLOCK\")\n )),\n jsonProperty(\"overrideCustomerWebACLAssociation\", false)\n ))))\n .build())\n .tags(Map.of(\"Name\", \"example-fms-policy\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fms:Policy\n properties:\n name: FMS-Policy-Example\n excludeResourceTags: false\n remediationEnabled: false\n resourceType: AWS::ElasticLoadBalancingV2::LoadBalancer\n securityServicePolicyData:\n type: WAF\n managedServiceData:\n fn::toJSON:\n type: WAF\n ruleGroups:\n - id: ${exampleRuleGroup.id}\n overrideAction:\n type: COUNT\n defaultAction:\n type: BLOCK\n overrideCustomerWebACLAssociation: false\n tags:\n Name: example-fms-policy\n exampleRuleGroup:\n type: aws:wafregional:RuleGroup\n name: example\n properties:\n metricName: WAFRuleGroupExample\n name: WAF-Rule-Group-Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Firewall Manager policies using the policy ID. For example:\n\n```sh\n$ pulumi import aws:fms/policy:Policy example 5be49585-a7e3-4c49-dde1-a179fe4a619a\n```\n", "properties": { "arn": { "type": "string" }, "deleteAllPolicyResources": { "type": "boolean", "description": "If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)\n" }, "deleteUnusedFmManagedResources": { "type": "boolean", "description": "If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)\n" }, "description": { "type": "string", "description": "The description of the AWS Network Firewall firewall policy.\n" }, "excludeMap": { "$ref": "#/types/aws:fms/PolicyExcludeMap:PolicyExcludeMap", "description": "A map of lists of accounts and OU's to exclude from the policy.\n" }, "excludeResourceTags": { "type": "boolean", "description": "A boolean value, if true the tags that are specified in the `resource_tags` are not protected by this policy. If set to false and resource_tags are populated, resources that contain tags will be protected by this policy.\n" }, "includeMap": { "$ref": "#/types/aws:fms/PolicyIncludeMap:PolicyIncludeMap", "description": "A map of lists of accounts and OU's to include in the policy.\n" }, "name": { "type": "string", "description": "The friendly name of the AWS Firewall Manager Policy.\n" }, "policyUpdateToken": { "type": "string", "description": "A unique identifier for each update to the policy.\n" }, "remediationEnabled": { "type": "boolean", "description": "A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.\n" }, "resourceSetIds": { "type": "array", "items": { "type": "string" } }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.\n" }, "resourceType": { "type": "string", "description": "A resource type to protect. Conflicts with `resource_type_list`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.\n" }, "resourceTypeLists": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types to protect. Conflicts with `resource_type`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resource_type`.\n" }, "securityServicePolicyData": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyData:PolicySecurityServicePolicyData", "description": "The objects to include in Security Service Policy Data. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "excludeResourceTags", "name", "policyUpdateToken", "resourceSetIds", "resourceType", "resourceTypeLists", "securityServicePolicyData", "tagsAll" ], "inputProperties": { "deleteAllPolicyResources": { "type": "boolean", "description": "If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)\n" }, "deleteUnusedFmManagedResources": { "type": "boolean", "description": "If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)\n" }, "description": { "type": "string", "description": "The description of the AWS Network Firewall firewall policy.\n" }, "excludeMap": { "$ref": "#/types/aws:fms/PolicyExcludeMap:PolicyExcludeMap", "description": "A map of lists of accounts and OU's to exclude from the policy.\n" }, "excludeResourceTags": { "type": "boolean", "description": "A boolean value, if true the tags that are specified in the `resource_tags` are not protected by this policy. If set to false and resource_tags are populated, resources that contain tags will be protected by this policy.\n" }, "includeMap": { "$ref": "#/types/aws:fms/PolicyIncludeMap:PolicyIncludeMap", "description": "A map of lists of accounts and OU's to include in the policy.\n" }, "name": { "type": "string", "description": "The friendly name of the AWS Firewall Manager Policy.\n" }, "remediationEnabled": { "type": "boolean", "description": "A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.\n" }, "resourceSetIds": { "type": "array", "items": { "type": "string" } }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.\n" }, "resourceType": { "type": "string", "description": "A resource type to protect. Conflicts with `resource_type_list`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.\n" }, "resourceTypeLists": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types to protect. Conflicts with `resource_type`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resource_type`.\n" }, "securityServicePolicyData": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyData:PolicySecurityServicePolicyData", "description": "The objects to include in Security Service Policy Data. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "excludeResourceTags", "securityServicePolicyData" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string" }, "deleteAllPolicyResources": { "type": "boolean", "description": "If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)\n" }, "deleteUnusedFmManagedResources": { "type": "boolean", "description": "If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)\n" }, "description": { "type": "string", "description": "The description of the AWS Network Firewall firewall policy.\n" }, "excludeMap": { "$ref": "#/types/aws:fms/PolicyExcludeMap:PolicyExcludeMap", "description": "A map of lists of accounts and OU's to exclude from the policy.\n" }, "excludeResourceTags": { "type": "boolean", "description": "A boolean value, if true the tags that are specified in the `resource_tags` are not protected by this policy. If set to false and resource_tags are populated, resources that contain tags will be protected by this policy.\n" }, "includeMap": { "$ref": "#/types/aws:fms/PolicyIncludeMap:PolicyIncludeMap", "description": "A map of lists of accounts and OU's to include in the policy.\n" }, "name": { "type": "string", "description": "The friendly name of the AWS Firewall Manager Policy.\n" }, "policyUpdateToken": { "type": "string", "description": "A unique identifier for each update to the policy.\n" }, "remediationEnabled": { "type": "boolean", "description": "A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.\n" }, "resourceSetIds": { "type": "array", "items": { "type": "string" } }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.\n" }, "resourceType": { "type": "string", "description": "A resource type to protect. Conflicts with `resource_type_list`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.\n" }, "resourceTypeLists": { "type": "array", "items": { "type": "string" }, "description": "A list of resource types to protect. Conflicts with `resource_type`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resource_type`.\n" }, "securityServicePolicyData": { "$ref": "#/types/aws:fms/PolicySecurityServicePolicyData:PolicySecurityServicePolicyData", "description": "The objects to include in Security Service Policy Data. Documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:fms/resourceSet:ResourceSet": { "description": "Resource for managing an AWS FMS (Firewall Manager) Resource Set.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fms.ResourceSet(\"example\", {resourceSets: [{\n name: \"testing\",\n resourceTypeLists: [\"AWS::NetworkFirewall::Firewall\"],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fms.ResourceSet(\"example\", resource_sets=[{\n \"name\": \"testing\",\n \"resource_type_lists\": [\"AWS::NetworkFirewall::Firewall\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fms.ResourceSet(\"example\", new()\n {\n ResourceSets = new[]\n {\n new Aws.Fms.Inputs.ResourceSetResourceSetArgs\n {\n Name = \"testing\",\n ResourceTypeLists = new[]\n {\n \"AWS::NetworkFirewall::Firewall\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fms.NewResourceSet(ctx, \"example\", \u0026fms.ResourceSetArgs{\n\t\t\tResourceSets: fms.ResourceSetResourceSetArray{\n\t\t\t\t\u0026fms.ResourceSetResourceSetArgs{\n\t\t\t\t\tName: pulumi.String(\"testing\"),\n\t\t\t\t\tResourceTypeLists: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AWS::NetworkFirewall::Firewall\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fms.ResourceSet;\nimport com.pulumi.aws.fms.ResourceSetArgs;\nimport com.pulumi.aws.fms.inputs.ResourceSetResourceSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceSet(\"example\", ResourceSetArgs.builder()\n .resourceSets(ResourceSetResourceSetArgs.builder()\n .name(\"testing\")\n .resourceTypeLists(\"AWS::NetworkFirewall::Firewall\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fms:ResourceSet\n properties:\n resourceSets:\n - name: testing\n resourceTypeLists:\n - AWS::NetworkFirewall::Firewall\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FMS (Firewall Manager) Resource Set using the `id`. For example:\n\n```sh\n$ pulumi import aws:fms/resourceSet:ResourceSet example resource_set-id-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Resource Set.\n" }, "resourceSets": { "type": "array", "items": { "$ref": "#/types/aws:fms/ResourceSetResourceSet:ResourceSetResourceSet" }, "description": "Details about the resource set to be created or updated. See `resource_set` Attribute Reference below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:fms/ResourceSetTimeouts:ResourceSetTimeouts" } }, "required": [ "arn", "tagsAll" ], "inputProperties": { "resourceSets": { "type": "array", "items": { "$ref": "#/types/aws:fms/ResourceSetResourceSet:ResourceSetResourceSet" }, "description": "Details about the resource set to be created or updated. See `resource_set` Attribute Reference below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeouts": { "$ref": "#/types/aws:fms/ResourceSetTimeouts:ResourceSetTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResourceSet resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Resource Set.\n" }, "resourceSets": { "type": "array", "items": { "$ref": "#/types/aws:fms/ResourceSetResourceSet:ResourceSetResourceSet" }, "description": "Details about the resource set to be created or updated. See `resource_set` Attribute Reference below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:fms/ResourceSetTimeouts:ResourceSetTimeouts" } }, "type": "object" } }, "aws:fsx/backup:Backup": { "description": "Provides a FSx Backup resource.\n\n## Lustre Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLustreFileSystem = new aws.fsx.LustreFileSystem(\"example\", {\n storageCapacity: 1200,\n subnetIds: exampleAwsSubnet.id,\n deploymentType: \"PERSISTENT_1\",\n perUnitStorageThroughput: 50,\n});\nconst example = new aws.fsx.Backup(\"example\", {fileSystemId: exampleLustreFileSystem.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_lustre_file_system = aws.fsx.LustreFileSystem(\"example\",\n storage_capacity=1200,\n subnet_ids=example_aws_subnet[\"id\"],\n deployment_type=\"PERSISTENT_1\",\n per_unit_storage_throughput=50)\nexample = aws.fsx.Backup(\"example\", file_system_id=example_lustre_file_system.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLustreFileSystem = new Aws.Fsx.LustreFileSystem(\"example\", new()\n {\n StorageCapacity = 1200,\n SubnetIds = exampleAwsSubnet.Id,\n DeploymentType = \"PERSISTENT_1\",\n PerUnitStorageThroughput = 50,\n });\n\n var example = new Aws.Fsx.Backup(\"example\", new()\n {\n FileSystemId = exampleLustreFileSystem.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLustreFileSystem, err := fsx.NewLustreFileSystem(ctx, \"example\", \u0026fsx.LustreFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(1200),\n\t\t\tSubnetIds: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tDeploymentType: pulumi.String(\"PERSISTENT_1\"),\n\t\t\tPerUnitStorageThroughput: pulumi.Int(50),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewBackup(ctx, \"example\", \u0026fsx.BackupArgs{\n\t\t\tFileSystemId: exampleLustreFileSystem.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.LustreFileSystem;\nimport com.pulumi.aws.fsx.LustreFileSystemArgs;\nimport com.pulumi.aws.fsx.Backup;\nimport com.pulumi.aws.fsx.BackupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLustreFileSystem = new LustreFileSystem(\"exampleLustreFileSystem\", LustreFileSystemArgs.builder()\n .storageCapacity(1200)\n .subnetIds(exampleAwsSubnet.id())\n .deploymentType(\"PERSISTENT_1\")\n .perUnitStorageThroughput(50)\n .build());\n\n var example = new Backup(\"example\", BackupArgs.builder()\n .fileSystemId(exampleLustreFileSystem.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:Backup\n properties:\n fileSystemId: ${exampleLustreFileSystem.id}\n exampleLustreFileSystem:\n type: aws:fsx:LustreFileSystem\n name: example\n properties:\n storageCapacity: 1200\n subnetIds: ${exampleAwsSubnet.id}\n deploymentType: PERSISTENT_1\n perUnitStorageThroughput: 50\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Windows Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleWindowsFileSystem = new aws.fsx.WindowsFileSystem(\"example\", {\n activeDirectoryId: eample.id,\n skipFinalBackup: true,\n storageCapacity: 32,\n subnetIds: [example1.id],\n throughputCapacity: 8,\n});\nconst example = new aws.fsx.Backup(\"example\", {fileSystemId: exampleWindowsFileSystem.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_windows_file_system = aws.fsx.WindowsFileSystem(\"example\",\n active_directory_id=eample[\"id\"],\n skip_final_backup=True,\n storage_capacity=32,\n subnet_ids=[example1[\"id\"]],\n throughput_capacity=8)\nexample = aws.fsx.Backup(\"example\", file_system_id=example_windows_file_system.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleWindowsFileSystem = new Aws.Fsx.WindowsFileSystem(\"example\", new()\n {\n ActiveDirectoryId = eample.Id,\n SkipFinalBackup = true,\n StorageCapacity = 32,\n SubnetIds = new[]\n {\n example1.Id,\n },\n ThroughputCapacity = 8,\n });\n\n var example = new Aws.Fsx.Backup(\"example\", new()\n {\n FileSystemId = exampleWindowsFileSystem.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleWindowsFileSystem, err := fsx.NewWindowsFileSystem(ctx, \"example\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.Any(eample.Id),\n\t\t\tSkipFinalBackup: pulumi.Bool(true),\n\t\t\tStorageCapacity: pulumi.Int(32),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewBackup(ctx, \"example\", \u0026fsx.BackupArgs{\n\t\t\tFileSystemId: exampleWindowsFileSystem.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport com.pulumi.aws.fsx.Backup;\nimport com.pulumi.aws.fsx.BackupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleWindowsFileSystem = new WindowsFileSystem(\"exampleWindowsFileSystem\", WindowsFileSystemArgs.builder()\n .activeDirectoryId(eample.id())\n .skipFinalBackup(true)\n .storageCapacity(32)\n .subnetIds(example1.id())\n .throughputCapacity(8)\n .build());\n\n var example = new Backup(\"example\", BackupArgs.builder()\n .fileSystemId(exampleWindowsFileSystem.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:Backup\n properties:\n fileSystemId: ${exampleWindowsFileSystem.id}\n exampleWindowsFileSystem:\n type: aws:fsx:WindowsFileSystem\n name: example\n properties:\n activeDirectoryId: ${eample.id}\n skipFinalBackup: true\n storageCapacity: 32\n subnetIds:\n - ${example1.id}\n throughputCapacity: 8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## ONTAP Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOntapVolume = new aws.fsx.OntapVolume(\"example\", {\n name: \"example\",\n junctionPath: \"/example\",\n sizeInMegabytes: 1024,\n storageEfficiencyEnabled: true,\n storageVirtualMachineId: test.id,\n});\nconst example = new aws.fsx.Backup(\"example\", {volumeId: exampleOntapVolume.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_ontap_volume = aws.fsx.OntapVolume(\"example\",\n name=\"example\",\n junction_path=\"/example\",\n size_in_megabytes=1024,\n storage_efficiency_enabled=True,\n storage_virtual_machine_id=test[\"id\"])\nexample = aws.fsx.Backup(\"example\", volume_id=example_ontap_volume.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOntapVolume = new Aws.Fsx.OntapVolume(\"example\", new()\n {\n Name = \"example\",\n JunctionPath = \"/example\",\n SizeInMegabytes = 1024,\n StorageEfficiencyEnabled = true,\n StorageVirtualMachineId = test.Id,\n });\n\n var example = new Aws.Fsx.Backup(\"example\", new()\n {\n VolumeId = exampleOntapVolume.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOntapVolume, err := fsx.NewOntapVolume(ctx, \"example\", \u0026fsx.OntapVolumeArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tJunctionPath: pulumi.String(\"/example\"),\n\t\t\tSizeInMegabytes: pulumi.Int(1024),\n\t\t\tStorageEfficiencyEnabled: pulumi.Bool(true),\n\t\t\tStorageVirtualMachineId: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewBackup(ctx, \"example\", \u0026fsx.BackupArgs{\n\t\t\tVolumeId: exampleOntapVolume.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapVolume;\nimport com.pulumi.aws.fsx.OntapVolumeArgs;\nimport com.pulumi.aws.fsx.Backup;\nimport com.pulumi.aws.fsx.BackupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOntapVolume = new OntapVolume(\"exampleOntapVolume\", OntapVolumeArgs.builder()\n .name(\"example\")\n .junctionPath(\"/example\")\n .sizeInMegabytes(1024)\n .storageEfficiencyEnabled(true)\n .storageVirtualMachineId(test.id())\n .build());\n\n var example = new Backup(\"example\", BackupArgs.builder()\n .volumeId(exampleOntapVolume.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:Backup\n properties:\n volumeId: ${exampleOntapVolume.id}\n exampleOntapVolume:\n type: aws:fsx:OntapVolume\n name: example\n properties:\n name: example\n junctionPath: /example\n sizeInMegabytes: 1024\n storageEfficiencyEnabled: true\n storageVirtualMachineId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## OpenZFS Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOpenZfsFileSystem = new aws.fsx.OpenZfsFileSystem(\"example\", {\n storageCapacity: 64,\n subnetIds: [exampleAwsSubnet.id],\n deploymentType: \"SINGLE_AZ_1\",\n throughputCapacity: 64,\n});\nconst example = new aws.fsx.Backup(\"example\", {fileSystemId: exampleOpenZfsFileSystem.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_open_zfs_file_system = aws.fsx.OpenZfsFileSystem(\"example\",\n storage_capacity=64,\n subnet_ids=[example_aws_subnet[\"id\"]],\n deployment_type=\"SINGLE_AZ_1\",\n throughput_capacity=64)\nexample = aws.fsx.Backup(\"example\", file_system_id=example_open_zfs_file_system.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOpenZfsFileSystem = new Aws.Fsx.OpenZfsFileSystem(\"example\", new()\n {\n StorageCapacity = 64,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n DeploymentType = \"SINGLE_AZ_1\",\n ThroughputCapacity = 64,\n });\n\n var example = new Aws.Fsx.Backup(\"example\", new()\n {\n FileSystemId = exampleOpenZfsFileSystem.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOpenZfsFileSystem, err := fsx.NewOpenZfsFileSystem(ctx, \"example\", \u0026fsx.OpenZfsFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(64),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_1\"),\n\t\t\tThroughputCapacity: pulumi.Int(64),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewBackup(ctx, \"example\", \u0026fsx.BackupArgs{\n\t\t\tFileSystemId: exampleOpenZfsFileSystem.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OpenZfsFileSystem;\nimport com.pulumi.aws.fsx.OpenZfsFileSystemArgs;\nimport com.pulumi.aws.fsx.Backup;\nimport com.pulumi.aws.fsx.BackupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOpenZfsFileSystem = new OpenZfsFileSystem(\"exampleOpenZfsFileSystem\", OpenZfsFileSystemArgs.builder()\n .storageCapacity(64)\n .subnetIds(exampleAwsSubnet.id())\n .deploymentType(\"SINGLE_AZ_1\")\n .throughputCapacity(64)\n .build());\n\n var example = new Backup(\"example\", BackupArgs.builder()\n .fileSystemId(exampleOpenZfsFileSystem.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:Backup\n properties:\n fileSystemId: ${exampleOpenZfsFileSystem.id}\n exampleOpenZfsFileSystem:\n type: aws:fsx:OpenZfsFileSystem\n name: example\n properties:\n storageCapacity: 64\n subnetIds:\n - ${exampleAwsSubnet.id}\n deploymentType: SINGLE_AZ_1\n throughputCapacity: 64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx Backups using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/backup:Backup example fs-543ab12b1ca672f33\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the backup.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system to back up. Required if backing up Lustre or Windows file systems.\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key used to encrypt the backup of the Amazon FSx file system's data at rest.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the file system backup.\n" }, "volumeId": { "type": "string", "description": "The ID of the volume to back up. Required if backing up a ONTAP Volume.\n" } }, "required": [ "arn", "kmsKeyId", "ownerId", "tagsAll", "type" ], "inputProperties": { "fileSystemId": { "type": "string", "description": "The ID of the file system to back up. Required if backing up Lustre or Windows file systems.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "volumeId": { "type": "string", "description": "The ID of the volume to back up. Required if backing up a ONTAP Volume.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Backup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the backup.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the file system to back up. Required if backing up Lustre or Windows file systems.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key used to encrypt the backup of the Amazon FSx file system's data at rest.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the file system backup.\n" }, "volumeId": { "type": "string", "description": "The ID of the volume to back up. Required if backing up a ONTAP Volume.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fsx/dataRepositoryAssociation:DataRepositoryAssociation": { "description": "Manages a FSx for Lustre Data Repository Association. See [Linking your file system to an S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/create-dra-linked-data-repo.html) for more information.\n\n\u003e **NOTE:** Data Repository Associations are only compatible with AWS FSx for Lustre File Systems and `PERSISTENT_2` deployment type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-bucket\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n});\nconst exampleLustreFileSystem = new aws.fsx.LustreFileSystem(\"example\", {\n storageCapacity: 1200,\n subnetIds: exampleAwsSubnet.id,\n deploymentType: \"PERSISTENT_2\",\n perUnitStorageThroughput: 125,\n});\nconst exampleDataRepositoryAssociation = new aws.fsx.DataRepositoryAssociation(\"example\", {\n fileSystemId: exampleLustreFileSystem.id,\n dataRepositoryPath: pulumi.interpolate`s3://${example.id}`,\n fileSystemPath: \"/my-bucket\",\n s3: {\n autoExportPolicy: {\n events: [\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n ],\n },\n autoImportPolicy: {\n events: [\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-bucket\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\")\nexample_lustre_file_system = aws.fsx.LustreFileSystem(\"example\",\n storage_capacity=1200,\n subnet_ids=example_aws_subnet[\"id\"],\n deployment_type=\"PERSISTENT_2\",\n per_unit_storage_throughput=125)\nexample_data_repository_association = aws.fsx.DataRepositoryAssociation(\"example\",\n file_system_id=example_lustre_file_system.id,\n data_repository_path=example.id.apply(lambda id: f\"s3://{id}\"),\n file_system_path=\"/my-bucket\",\n s3={\n \"auto_export_policy\": {\n \"events\": [\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n ],\n },\n \"auto_import_policy\": {\n \"events\": [\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-bucket\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n });\n\n var exampleLustreFileSystem = new Aws.Fsx.LustreFileSystem(\"example\", new()\n {\n StorageCapacity = 1200,\n SubnetIds = exampleAwsSubnet.Id,\n DeploymentType = \"PERSISTENT_2\",\n PerUnitStorageThroughput = 125,\n });\n\n var exampleDataRepositoryAssociation = new Aws.Fsx.DataRepositoryAssociation(\"example\", new()\n {\n FileSystemId = exampleLustreFileSystem.Id,\n DataRepositoryPath = example.Id.Apply(id =\u003e $\"s3://{id}\"),\n FileSystemPath = \"/my-bucket\",\n S3 = new Aws.Fsx.Inputs.DataRepositoryAssociationS3Args\n {\n AutoExportPolicy = new Aws.Fsx.Inputs.DataRepositoryAssociationS3AutoExportPolicyArgs\n {\n Events = new[]\n {\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n },\n },\n AutoImportPolicy = new Aws.Fsx.Inputs.DataRepositoryAssociationS3AutoImportPolicyArgs\n {\n Events = new[]\n {\n \"NEW\",\n \"CHANGED\",\n \"DELETED\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLustreFileSystem, err := fsx.NewLustreFileSystem(ctx, \"example\", \u0026fsx.LustreFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(1200),\n\t\t\tSubnetIds: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tDeploymentType: pulumi.String(\"PERSISTENT_2\"),\n\t\t\tPerUnitStorageThroughput: pulumi.Int(125),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewDataRepositoryAssociation(ctx, \"example\", \u0026fsx.DataRepositoryAssociationArgs{\n\t\t\tFileSystemId: exampleLustreFileSystem.ID(),\n\t\t\tDataRepositoryPath: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"s3://%v\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tFileSystemPath: pulumi.String(\"/my-bucket\"),\n\t\t\tS3: \u0026fsx.DataRepositoryAssociationS3Args{\n\t\t\t\tAutoExportPolicy: \u0026fsx.DataRepositoryAssociationS3AutoExportPolicyArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"NEW\"),\n\t\t\t\t\t\tpulumi.String(\"CHANGED\"),\n\t\t\t\t\t\tpulumi.String(\"DELETED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAutoImportPolicy: \u0026fsx.DataRepositoryAssociationS3AutoImportPolicyArgs{\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"NEW\"),\n\t\t\t\t\t\tpulumi.String(\"CHANGED\"),\n\t\t\t\t\t\tpulumi.String(\"DELETED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.fsx.LustreFileSystem;\nimport com.pulumi.aws.fsx.LustreFileSystemArgs;\nimport com.pulumi.aws.fsx.DataRepositoryAssociation;\nimport com.pulumi.aws.fsx.DataRepositoryAssociationArgs;\nimport com.pulumi.aws.fsx.inputs.DataRepositoryAssociationS3Args;\nimport com.pulumi.aws.fsx.inputs.DataRepositoryAssociationS3AutoExportPolicyArgs;\nimport com.pulumi.aws.fsx.inputs.DataRepositoryAssociationS3AutoImportPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-bucket\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"private\")\n .build());\n\n var exampleLustreFileSystem = new LustreFileSystem(\"exampleLustreFileSystem\", LustreFileSystemArgs.builder()\n .storageCapacity(1200)\n .subnetIds(exampleAwsSubnet.id())\n .deploymentType(\"PERSISTENT_2\")\n .perUnitStorageThroughput(125)\n .build());\n\n var exampleDataRepositoryAssociation = new DataRepositoryAssociation(\"exampleDataRepositoryAssociation\", DataRepositoryAssociationArgs.builder()\n .fileSystemId(exampleLustreFileSystem.id())\n .dataRepositoryPath(example.id().applyValue(id -\u003e String.format(\"s3://%s\", id)))\n .fileSystemPath(\"/my-bucket\")\n .s3(DataRepositoryAssociationS3Args.builder()\n .autoExportPolicy(DataRepositoryAssociationS3AutoExportPolicyArgs.builder()\n .events( \n \"NEW\",\n \"CHANGED\",\n \"DELETED\")\n .build())\n .autoImportPolicy(DataRepositoryAssociationS3AutoImportPolicyArgs.builder()\n .events( \n \"NEW\",\n \"CHANGED\",\n \"DELETED\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-bucket\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n exampleLustreFileSystem:\n type: aws:fsx:LustreFileSystem\n name: example\n properties:\n storageCapacity: 1200\n subnetIds: ${exampleAwsSubnet.id}\n deploymentType: PERSISTENT_2\n perUnitStorageThroughput: 125\n exampleDataRepositoryAssociation:\n type: aws:fsx:DataRepositoryAssociation\n name: example\n properties:\n fileSystemId: ${exampleLustreFileSystem.id}\n dataRepositoryPath: s3://${example.id}\n fileSystemPath: /my-bucket\n s3:\n autoExportPolicy:\n events:\n - NEW\n - CHANGED\n - DELETED\n autoImportPolicy:\n events:\n - NEW\n - CHANGED\n - DELETED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx Data Repository Associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/dataRepositoryAssociation:DataRepositoryAssociation example dra-0b1cfaeca11088b10\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "associationId": { "type": "string" }, "batchImportMetaDataOnCreate": { "type": "boolean", "description": "Set to true to run an import data repository task to import metadata from the data repository to the file system after the data repository association is created. Defaults to `false`.\n" }, "dataRepositoryPath": { "type": "string", "description": "The path to the Amazon S3 data repository that will be linked to the file system. The path must be an S3 bucket s3://myBucket/myPrefix/. This path specifies where in the S3 data repository files will be imported from or exported to. The same S3 bucket cannot be linked more than once to the same file system.\n" }, "deleteDataInFilesystem": { "type": "boolean", "description": "Set to true to delete files from the file system upon deleting this data repository association. Defaults to `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx file system to on which to create a data repository association.\n" }, "fileSystemPath": { "type": "string", "description": "A path on the file system that points to a high-level directory (such as `/ns1/`) or subdirectory (such as `/ns1/subdir/`) that will be mapped 1-1 with `data_repository_path`. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/`, then you cannot link another data repository with file system path `/ns1/ns2`. This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n" }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n" }, "s3": { "$ref": "#/types/aws:fsx/DataRepositoryAssociationS3:DataRepositoryAssociationS3", "description": "See the `s3` configuration block. Max of 1.\nThe configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the data repository association. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "associationId", "dataRepositoryPath", "fileSystemId", "fileSystemPath", "importedFileChunkSize", "s3", "tagsAll" ], "inputProperties": { "batchImportMetaDataOnCreate": { "type": "boolean", "description": "Set to true to run an import data repository task to import metadata from the data repository to the file system after the data repository association is created. Defaults to `false`.\n" }, "dataRepositoryPath": { "type": "string", "description": "The path to the Amazon S3 data repository that will be linked to the file system. The path must be an S3 bucket s3://myBucket/myPrefix/. This path specifies where in the S3 data repository files will be imported from or exported to. The same S3 bucket cannot be linked more than once to the same file system.\n", "willReplaceOnChanges": true }, "deleteDataInFilesystem": { "type": "boolean", "description": "Set to true to delete files from the file system upon deleting this data repository association. Defaults to `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx file system to on which to create a data repository association.\n", "willReplaceOnChanges": true }, "fileSystemPath": { "type": "string", "description": "A path on the file system that points to a high-level directory (such as `/ns1/`) or subdirectory (such as `/ns1/subdir/`) that will be mapped 1-1 with `data_repository_path`. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/`, then you cannot link another data repository with file system path `/ns1/ns2`. This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n", "willReplaceOnChanges": true }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n" }, "s3": { "$ref": "#/types/aws:fsx/DataRepositoryAssociationS3:DataRepositoryAssociationS3", "description": "See the `s3` configuration block. Max of 1.\nThe configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the data repository association. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dataRepositoryPath", "fileSystemId", "fileSystemPath" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataRepositoryAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "associationId": { "type": "string" }, "batchImportMetaDataOnCreate": { "type": "boolean", "description": "Set to true to run an import data repository task to import metadata from the data repository to the file system after the data repository association is created. Defaults to `false`.\n" }, "dataRepositoryPath": { "type": "string", "description": "The path to the Amazon S3 data repository that will be linked to the file system. The path must be an S3 bucket s3://myBucket/myPrefix/. This path specifies where in the S3 data repository files will be imported from or exported to. The same S3 bucket cannot be linked more than once to the same file system.\n", "willReplaceOnChanges": true }, "deleteDataInFilesystem": { "type": "boolean", "description": "Set to true to delete files from the file system upon deleting this data repository association. Defaults to `false`.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx file system to on which to create a data repository association.\n", "willReplaceOnChanges": true }, "fileSystemPath": { "type": "string", "description": "A path on the file system that points to a high-level directory (such as `/ns1/`) or subdirectory (such as `/ns1/subdir/`) that will be mapped 1-1 with `data_repository_path`. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/`, then you cannot link another data repository with file system path `/ns1/ns2`. This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n", "willReplaceOnChanges": true }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n" }, "s3": { "$ref": "#/types/aws:fsx/DataRepositoryAssociationS3:DataRepositoryAssociationS3", "description": "See the `s3` configuration block. Max of 1.\nThe configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the data repository association. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:fsx/fileCache:FileCache": { "description": "Resource for managing an Amazon File Cache cache.\nSee the [Create File Cache](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileCache.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.FileCache(\"example\", {\n dataRepositoryAssociations: [{\n dataRepositoryPath: \"nfs://filer.domain.com\",\n dataRepositorySubdirectories: [\n \"test\",\n \"test2\",\n ],\n fileCachePath: \"/ns1\",\n nfs: [{\n dnsIps: [\n \"192.168.0.1\",\n \"192.168.0.2\",\n ],\n version: \"NFS3\",\n }],\n }],\n fileCacheType: \"LUSTRE\",\n fileCacheTypeVersion: \"2.12\",\n lustreConfigurations: [{\n deploymentType: \"CACHE_1\",\n metadataConfigurations: [{\n storageCapacity: 2400,\n }],\n perUnitStorageThroughput: 1000,\n weeklyMaintenanceStartTime: \"2:05:00\",\n }],\n subnetIds: [test1.id],\n storageCapacity: 1200,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.FileCache(\"example\",\n data_repository_associations=[{\n \"data_repository_path\": \"nfs://filer.domain.com\",\n \"data_repository_subdirectories\": [\n \"test\",\n \"test2\",\n ],\n \"file_cache_path\": \"/ns1\",\n \"nfs\": [{\n \"dns_ips\": [\n \"192.168.0.1\",\n \"192.168.0.2\",\n ],\n \"version\": \"NFS3\",\n }],\n }],\n file_cache_type=\"LUSTRE\",\n file_cache_type_version=\"2.12\",\n lustre_configurations=[{\n \"deployment_type\": \"CACHE_1\",\n \"metadata_configurations\": [{\n \"storage_capacity\": 2400,\n }],\n \"per_unit_storage_throughput\": 1000,\n \"weekly_maintenance_start_time\": \"2:05:00\",\n }],\n subnet_ids=[test1[\"id\"]],\n storage_capacity=1200)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fsx.FileCache(\"example\", new()\n {\n DataRepositoryAssociations = new[]\n {\n new Aws.Fsx.Inputs.FileCacheDataRepositoryAssociationArgs\n {\n DataRepositoryPath = \"nfs://filer.domain.com\",\n DataRepositorySubdirectories = new[]\n {\n \"test\",\n \"test2\",\n },\n FileCachePath = \"/ns1\",\n Nfs = new[]\n {\n new Aws.Fsx.Inputs.FileCacheDataRepositoryAssociationNfArgs\n {\n DnsIps = new[]\n {\n \"192.168.0.1\",\n \"192.168.0.2\",\n },\n Version = \"NFS3\",\n },\n },\n },\n },\n FileCacheType = \"LUSTRE\",\n FileCacheTypeVersion = \"2.12\",\n LustreConfigurations = new[]\n {\n new Aws.Fsx.Inputs.FileCacheLustreConfigurationArgs\n {\n DeploymentType = \"CACHE_1\",\n MetadataConfigurations = new[]\n {\n new Aws.Fsx.Inputs.FileCacheLustreConfigurationMetadataConfigurationArgs\n {\n StorageCapacity = 2400,\n },\n },\n PerUnitStorageThroughput = 1000,\n WeeklyMaintenanceStartTime = \"2:05:00\",\n },\n },\n SubnetIds = new[]\n {\n test1.Id,\n },\n StorageCapacity = 1200,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewFileCache(ctx, \"example\", \u0026fsx.FileCacheArgs{\n\t\t\tDataRepositoryAssociations: fsx.FileCacheDataRepositoryAssociationArray{\n\t\t\t\t\u0026fsx.FileCacheDataRepositoryAssociationArgs{\n\t\t\t\t\tDataRepositoryPath: pulumi.String(\"nfs://filer.domain.com\"),\n\t\t\t\t\tDataRepositorySubdirectories: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test\"),\n\t\t\t\t\t\tpulumi.String(\"test2\"),\n\t\t\t\t\t},\n\t\t\t\t\tFileCachePath: pulumi.String(\"/ns1\"),\n\t\t\t\t\tNfs: fsx.FileCacheDataRepositoryAssociationNfArray{\n\t\t\t\t\t\t\u0026fsx.FileCacheDataRepositoryAssociationNfArgs{\n\t\t\t\t\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.0.1\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.0.2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tVersion: pulumi.String(\"NFS3\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tFileCacheType: pulumi.String(\"LUSTRE\"),\n\t\t\tFileCacheTypeVersion: pulumi.String(\"2.12\"),\n\t\t\tLustreConfigurations: fsx.FileCacheLustreConfigurationArray{\n\t\t\t\t\u0026fsx.FileCacheLustreConfigurationArgs{\n\t\t\t\t\tDeploymentType: pulumi.String(\"CACHE_1\"),\n\t\t\t\t\tMetadataConfigurations: fsx.FileCacheLustreConfigurationMetadataConfigurationArray{\n\t\t\t\t\t\t\u0026fsx.FileCacheLustreConfigurationMetadataConfigurationArgs{\n\t\t\t\t\t\t\tStorageCapacity: pulumi.Int(2400),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPerUnitStorageThroughput: pulumi.Int(1000),\n\t\t\t\t\tWeeklyMaintenanceStartTime: pulumi.String(\"2:05:00\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t},\n\t\t\tStorageCapacity: pulumi.Int(1200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FileCache;\nimport com.pulumi.aws.fsx.FileCacheArgs;\nimport com.pulumi.aws.fsx.inputs.FileCacheDataRepositoryAssociationArgs;\nimport com.pulumi.aws.fsx.inputs.FileCacheLustreConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileCache(\"example\", FileCacheArgs.builder()\n .dataRepositoryAssociations(FileCacheDataRepositoryAssociationArgs.builder()\n .dataRepositoryPath(\"nfs://filer.domain.com\")\n .dataRepositorySubdirectories( \n \"test\",\n \"test2\")\n .fileCachePath(\"/ns1\")\n .nfs(FileCacheDataRepositoryAssociationNfArgs.builder()\n .dnsIps( \n \"192.168.0.1\",\n \"192.168.0.2\")\n .version(\"NFS3\")\n .build())\n .build())\n .fileCacheType(\"LUSTRE\")\n .fileCacheTypeVersion(\"2.12\")\n .lustreConfigurations(FileCacheLustreConfigurationArgs.builder()\n .deploymentType(\"CACHE_1\")\n .metadataConfigurations(FileCacheLustreConfigurationMetadataConfigurationArgs.builder()\n .storageCapacity(2400)\n .build())\n .perUnitStorageThroughput(1000)\n .weeklyMaintenanceStartTime(\"2:05:00\")\n .build())\n .subnetIds(test1.id())\n .storageCapacity(1200)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:FileCache\n properties:\n dataRepositoryAssociations:\n - dataRepositoryPath: nfs://filer.domain.com\n dataRepositorySubdirectories:\n - test\n - test2\n fileCachePath: /ns1\n nfs:\n - dnsIps:\n - 192.168.0.1\n - 192.168.0.2\n version: NFS3\n fileCacheType: LUSTRE\n fileCacheTypeVersion: '2.12'\n lustreConfigurations:\n - deploymentType: CACHE_1\n metadataConfigurations:\n - storageCapacity: 2400\n perUnitStorageThroughput: 1000\n weeklyMaintenanceStartTime: 2:05:00\n subnetIds:\n - ${test1.id}\n storageCapacity: 1200\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon File Cache cache using the resource `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/fileCache:FileCache example fc-8012925589\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the resource.\n" }, "copyTagsToDataRepositoryAssociations": { "type": "boolean", "description": "A boolean flag indicating whether tags for the cache should be copied to data repository associations. This value defaults to false.\n" }, "dataRepositoryAssociationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs of data repository associations that are associated with this cache.\n" }, "dataRepositoryAssociations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheDataRepositoryAssociation:FileCacheDataRepositoryAssociation" }, "description": "See the `data_repository_association` configuration block. Max of 8.\nA list of up to 8 configurations for data repository associations (DRAs) to be created during the cache creation. The DRAs link the cache to either an Amazon S3 data repository or a Network File System (NFS) data repository that supports the NFSv3 protocol. The DRA configurations must meet the following requirements: 1) All configurations on the list must be of the same data repository type, either all S3 or all NFS. A cache can't link to different data repository types at the same time. 2) An NFS DRA must link to an NFS file system that supports the NFSv3 protocol. DRA automatic import and automatic export is not supported.\n" }, "dnsName": { "type": "string", "description": "The Domain Name System (DNS) name for the cache.\n" }, "fileCacheId": { "type": "string", "description": "The system-generated, unique ID of the cache.\n" }, "fileCacheType": { "type": "string", "description": "The type of cache that you're creating. The only supported value is `LUSTRE`.\n" }, "fileCacheTypeVersion": { "type": "string", "description": "The version for the type of cache that you're creating. The only supported value is `2.12`.\n" }, "kmsKeyId": { "type": "string", "description": "Specifies the ID of the AWS Key Management Service (AWS KMS) key to use for encrypting data on an Amazon File Cache. If a KmsKeyId isn't specified, the Amazon FSx-managed AWS KMS key for your account is used.\n" }, "lustreConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheLustreConfiguration:FileCacheLustreConfiguration" }, "description": "See the `lustre_configuration` block. Required when `file_cache_type` is `LUSTRE`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of network interface IDs.\n" }, "ownerId": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs specifying the security groups to apply to all network interfaces created for Amazon File Cache access.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity of the cache in gibibytes (GiB). Valid values are `1200` GiB, `2400` GiB, and increments of `2400` GiB.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs that the cache will be accessible from. You can specify only one subnet ID.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file cache. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of your virtual private cloud (VPC).\n" } }, "required": [ "arn", "dataRepositoryAssociationIds", "dnsName", "fileCacheId", "fileCacheType", "fileCacheTypeVersion", "kmsKeyId", "networkInterfaceIds", "ownerId", "storageCapacity", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "copyTagsToDataRepositoryAssociations": { "type": "boolean", "description": "A boolean flag indicating whether tags for the cache should be copied to data repository associations. This value defaults to false.\n" }, "dataRepositoryAssociations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheDataRepositoryAssociation:FileCacheDataRepositoryAssociation" }, "description": "See the `data_repository_association` configuration block. Max of 8.\nA list of up to 8 configurations for data repository associations (DRAs) to be created during the cache creation. The DRAs link the cache to either an Amazon S3 data repository or a Network File System (NFS) data repository that supports the NFSv3 protocol. The DRA configurations must meet the following requirements: 1) All configurations on the list must be of the same data repository type, either all S3 or all NFS. A cache can't link to different data repository types at the same time. 2) An NFS DRA must link to an NFS file system that supports the NFSv3 protocol. DRA automatic import and automatic export is not supported.\n", "willReplaceOnChanges": true }, "fileCacheType": { "type": "string", "description": "The type of cache that you're creating. The only supported value is `LUSTRE`.\n", "willReplaceOnChanges": true }, "fileCacheTypeVersion": { "type": "string", "description": "The version for the type of cache that you're creating. The only supported value is `2.12`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Specifies the ID of the AWS Key Management Service (AWS KMS) key to use for encrypting data on an Amazon File Cache. If a KmsKeyId isn't specified, the Amazon FSx-managed AWS KMS key for your account is used.\n", "willReplaceOnChanges": true }, "lustreConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheLustreConfiguration:FileCacheLustreConfiguration" }, "description": "See the `lustre_configuration` block. Required when `file_cache_type` is `LUSTRE`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs specifying the security groups to apply to all network interfaces created for Amazon File Cache access.\n", "willReplaceOnChanges": true }, "storageCapacity": { "type": "integer", "description": "The storage capacity of the cache in gibibytes (GiB). Valid values are `1200` GiB, `2400` GiB, and increments of `2400` GiB.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs that the cache will be accessible from. You can specify only one subnet ID.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file cache. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "fileCacheType", "fileCacheTypeVersion", "storageCapacity", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering FileCache resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the resource.\n" }, "copyTagsToDataRepositoryAssociations": { "type": "boolean", "description": "A boolean flag indicating whether tags for the cache should be copied to data repository associations. This value defaults to false.\n" }, "dataRepositoryAssociationIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs of data repository associations that are associated with this cache.\n" }, "dataRepositoryAssociations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheDataRepositoryAssociation:FileCacheDataRepositoryAssociation" }, "description": "See the `data_repository_association` configuration block. Max of 8.\nA list of up to 8 configurations for data repository associations (DRAs) to be created during the cache creation. The DRAs link the cache to either an Amazon S3 data repository or a Network File System (NFS) data repository that supports the NFSv3 protocol. The DRA configurations must meet the following requirements: 1) All configurations on the list must be of the same data repository type, either all S3 or all NFS. A cache can't link to different data repository types at the same time. 2) An NFS DRA must link to an NFS file system that supports the NFSv3 protocol. DRA automatic import and automatic export is not supported.\n", "willReplaceOnChanges": true }, "dnsName": { "type": "string", "description": "The Domain Name System (DNS) name for the cache.\n" }, "fileCacheId": { "type": "string", "description": "The system-generated, unique ID of the cache.\n" }, "fileCacheType": { "type": "string", "description": "The type of cache that you're creating. The only supported value is `LUSTRE`.\n", "willReplaceOnChanges": true }, "fileCacheTypeVersion": { "type": "string", "description": "The version for the type of cache that you're creating. The only supported value is `2.12`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Specifies the ID of the AWS Key Management Service (AWS KMS) key to use for encrypting data on an Amazon File Cache. If a KmsKeyId isn't specified, the Amazon FSx-managed AWS KMS key for your account is used.\n", "willReplaceOnChanges": true }, "lustreConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:fsx/FileCacheLustreConfiguration:FileCacheLustreConfiguration" }, "description": "See the `lustre_configuration` block. Required when `file_cache_type` is `LUSTRE`.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of network interface IDs.\n" }, "ownerId": { "type": "string" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs specifying the security groups to apply to all network interfaces created for Amazon File Cache access.\n", "willReplaceOnChanges": true }, "storageCapacity": { "type": "integer", "description": "The storage capacity of the cache in gibibytes (GiB). Valid values are `1200` GiB, `2400` GiB, and increments of `2400` GiB.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs that the cache will be accessible from. You can specify only one subnet ID.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file cache. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The ID of your virtual private cloud (VPC).\n" } }, "type": "object" } }, "aws:fsx/lustreFileSystem:LustreFileSystem": { "description": "Manages a FSx Lustre File System. See the [FSx Lustre Guide](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html) for more information.\n\n\u003e **NOTE:** `auto_import_policy`, `export_path`, `import_path` and `imported_file_chunk_size` are not supported with the `PERSISTENT_2` deployment type. Use `aws.fsx.DataRepositoryAssociation` instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.LustreFileSystem(\"example\", {\n importPath: `s3://${exampleAwsS3Bucket.bucket}`,\n storageCapacity: 1200,\n subnetIds: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.LustreFileSystem(\"example\",\n import_path=f\"s3://{example_aws_s3_bucket['bucket']}\",\n storage_capacity=1200,\n subnet_ids=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fsx.LustreFileSystem(\"example\", new()\n {\n ImportPath = $\"s3://{exampleAwsS3Bucket.Bucket}\",\n StorageCapacity = 1200,\n SubnetIds = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewLustreFileSystem(ctx, \"example\", \u0026fsx.LustreFileSystemArgs{\n\t\t\tImportPath: pulumi.String(fmt.Sprintf(\"s3://%v\", exampleAwsS3Bucket.Bucket)),\n\t\t\tStorageCapacity: pulumi.Int(1200),\n\t\t\tSubnetIds: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.LustreFileSystem;\nimport com.pulumi.aws.fsx.LustreFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LustreFileSystem(\"example\", LustreFileSystemArgs.builder()\n .importPath(String.format(\"s3://%s\", exampleAwsS3Bucket.bucket()))\n .storageCapacity(1200)\n .subnetIds(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:LustreFileSystem\n properties:\n importPath: s3://${exampleAwsS3Bucket.bucket}\n storageCapacity: 1200\n subnetIds: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx File Systems using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/lustreFileSystem:LustreFileSystem example fs-543ab12b1ca672f33\n```\nCertain resource arguments, like `security_group_ids`, do not have a FSx API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "autoImportPolicy": { "type": "string", "description": "How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set.\n" }, "dataCompressionType": { "type": "string", "description": "Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "driveCacheType": { "type": "string", "description": "The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`.\n" }, "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`. Only supported on `PERSISTENT_1` deployment types.\n" }, "fileSystemTypeVersion": { "type": "string", "description": "Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types.\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types.\n" }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`. Only supported on `PERSISTENT_1` deployment types.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Defaults to an AWS managed KMS Key.\n" }, "logConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemLogConfiguration:LustreFileSystemLogConfiguration", "description": "The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. See `log_configuration` Block for details.\n" }, "metadataConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemMetadataConfiguration:LustreFileSystemMetadataConfiguration", "description": "The Lustre metadata configuration used when creating an Amazon FSx for Lustre file system. This can be used to specify a user provisioned metadata scale. This is only supported when `deployment_type` is set to `PERSISTENT_2`. See `metadata_configuration` Block for details.\n" }, "mountName": { "type": "string", "description": "The value to be used when mounting the filesystem.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "perUnitStorageThroughput": { "type": "integer", "description": "Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Valid values for `PERSISTENT_1` deployment_type and `SSD` storage_type are 50, 100, 200. Valid values for `PERSISTENT_1` deployment_type and `HDD` storage_type are 12, 40. Valid values for `PERSISTENT_2` deployment_type and ` SSD` storage_type are 125, 250, 500, 1000.\n" }, "rootSquashConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemRootSquashConfiguration:LustreFileSystemRootSquashConfiguration", "description": "The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. See `root_squash_configuration` Block for details.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `true`.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Either `SSD` or `HDD`, defaults to `SSD`. `HDD` is only supported on `PERSISTENT_1` deployment types.\n" }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "autoImportPolicy", "automaticBackupRetentionDays", "dailyAutomaticBackupStartTime", "dnsName", "exportPath", "fileSystemTypeVersion", "importedFileChunkSize", "kmsKeyId", "logConfiguration", "metadataConfiguration", "mountName", "networkInterfaceIds", "ownerId", "subnetIds", "tagsAll", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "autoImportPolicy": { "type": "string", "description": "How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false.\n", "willReplaceOnChanges": true }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set.\n" }, "dataCompressionType": { "type": "string", "description": "Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`.\n", "willReplaceOnChanges": true }, "driveCacheType": { "type": "string", "description": "The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`.\n", "willReplaceOnChanges": true }, "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "fileSystemTypeVersion": { "type": "string", "description": "Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types.\n", "willReplaceOnChanges": true }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "logConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemLogConfiguration:LustreFileSystemLogConfiguration", "description": "The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. See `log_configuration` Block for details.\n" }, "metadataConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemMetadataConfiguration:LustreFileSystemMetadataConfiguration", "description": "The Lustre metadata configuration used when creating an Amazon FSx for Lustre file system. This can be used to specify a user provisioned metadata scale. This is only supported when `deployment_type` is set to `PERSISTENT_2`. See `metadata_configuration` Block for details.\n" }, "perUnitStorageThroughput": { "type": "integer", "description": "Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Valid values for `PERSISTENT_1` deployment_type and `SSD` storage_type are 50, 100, 200. Valid values for `PERSISTENT_1` deployment_type and `HDD` storage_type are 12, 40. Valid values for `PERSISTENT_2` deployment_type and ` SSD` storage_type are 125, 250, 500, 1000.\n" }, "rootSquashConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemRootSquashConfiguration:LustreFileSystemRootSquashConfiguration", "description": "The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. See `root_squash_configuration` Block for details.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `true`.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Either `SSD` or `HDD`, defaults to `SSD`. `HDD` is only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering LustreFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "autoImportPolicy": { "type": "string", "description": "How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false.\n", "willReplaceOnChanges": true }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set.\n" }, "dataCompressionType": { "type": "string", "description": "Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`.\n", "willReplaceOnChanges": true }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "driveCacheType": { "type": "string", "description": "The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`.\n", "willReplaceOnChanges": true }, "exportPath": { "type": "string", "description": "S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "fileSystemTypeVersion": { "type": "string", "description": "Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types.\n", "willReplaceOnChanges": true }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "importPath": { "type": "string", "description": "S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "importedFileChunkSize": { "type": "integer", "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`. Only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "logConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemLogConfiguration:LustreFileSystemLogConfiguration", "description": "The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. See `log_configuration` Block for details.\n" }, "metadataConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemMetadataConfiguration:LustreFileSystemMetadataConfiguration", "description": "The Lustre metadata configuration used when creating an Amazon FSx for Lustre file system. This can be used to specify a user provisioned metadata scale. This is only supported when `deployment_type` is set to `PERSISTENT_2`. See `metadata_configuration` Block for details.\n" }, "mountName": { "type": "string", "description": "The value to be used when mounting the filesystem.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "perUnitStorageThroughput": { "type": "integer", "description": "Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Valid values for `PERSISTENT_1` deployment_type and `SSD` storage_type are 50, 100, 200. Valid values for `PERSISTENT_1` deployment_type and `HDD` storage_type are 12, 40. Valid values for `PERSISTENT_2` deployment_type and ` SSD` storage_type are 125, 250, 500, 1000.\n" }, "rootSquashConfiguration": { "$ref": "#/types/aws:fsx/LustreFileSystemRootSquashConfiguration:LustreFileSystemRootSquashConfiguration", "description": "The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. See `root_squash_configuration` Block for details.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `true`.\n\n**Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Either `SSD` or `HDD`, defaults to `SSD`. `HDD` is only supported on `PERSISTENT_1` deployment types.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "string", "description": "A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:fsx/ontapFileSystem:OntapFileSystem": { "description": "Manages an Amazon FSx for NetApp ONTAP file system.\nSee the [FSx ONTAP User Guide](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/what-is-fsx-ontap.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OntapFileSystem(\"test\", {\n storageCapacity: 1024,\n subnetIds: [\n test1.id,\n test2.id,\n ],\n deploymentType: \"MULTI_AZ_1\",\n throughputCapacity: 512,\n preferredSubnetId: test1.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OntapFileSystem(\"test\",\n storage_capacity=1024,\n subnet_ids=[\n test1[\"id\"],\n test2[\"id\"],\n ],\n deployment_type=\"MULTI_AZ_1\",\n throughput_capacity=512,\n preferred_subnet_id=test1[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OntapFileSystem(\"test\", new()\n {\n StorageCapacity = 1024,\n SubnetIds = new[]\n {\n test1.Id,\n test2.Id,\n },\n DeploymentType = \"MULTI_AZ_1\",\n ThroughputCapacity = 512,\n PreferredSubnetId = test1.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapFileSystem(ctx, \"test\", \u0026fsx.OntapFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(1024),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t\ttest2.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"MULTI_AZ_1\"),\n\t\t\tThroughputCapacity: pulumi.Int(512),\n\t\t\tPreferredSubnetId: pulumi.Any(test1.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapFileSystem;\nimport com.pulumi.aws.fsx.OntapFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OntapFileSystem(\"test\", OntapFileSystemArgs.builder()\n .storageCapacity(1024)\n .subnetIds( \n test1.id(),\n test2.id())\n .deploymentType(\"MULTI_AZ_1\")\n .throughputCapacity(512)\n .preferredSubnetId(test1.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OntapFileSystem\n properties:\n storageCapacity: 1024\n subnetIds:\n - ${test1.id}\n - ${test2.id}\n deploymentType: MULTI_AZ_1\n throughputCapacity: 512\n preferredSubnetId: ${test1.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testhapairs = new aws.fsx.OntapFileSystem(\"testhapairs\", {\n storageCapacity: 2048,\n subnetIds: [test1.id],\n deploymentType: \"SINGLE_AZ_1\",\n haPairs: 2,\n throughputCapacityPerHaPair: 128,\n preferredSubnetId: test1.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntesthapairs = aws.fsx.OntapFileSystem(\"testhapairs\",\n storage_capacity=2048,\n subnet_ids=[test1[\"id\"]],\n deployment_type=\"SINGLE_AZ_1\",\n ha_pairs=2,\n throughput_capacity_per_ha_pair=128,\n preferred_subnet_id=test1[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testhapairs = new Aws.Fsx.OntapFileSystem(\"testhapairs\", new()\n {\n StorageCapacity = 2048,\n SubnetIds = new[]\n {\n test1.Id,\n },\n DeploymentType = \"SINGLE_AZ_1\",\n HaPairs = 2,\n ThroughputCapacityPerHaPair = 128,\n PreferredSubnetId = test1.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapFileSystem(ctx, \"testhapairs\", \u0026fsx.OntapFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(2048),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_1\"),\n\t\t\tHaPairs: pulumi.Int(2),\n\t\t\tThroughputCapacityPerHaPair: pulumi.Int(128),\n\t\t\tPreferredSubnetId: pulumi.Any(test1.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapFileSystem;\nimport com.pulumi.aws.fsx.OntapFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testhapairs = new OntapFileSystem(\"testhapairs\", OntapFileSystemArgs.builder()\n .storageCapacity(2048)\n .subnetIds(test1.id())\n .deploymentType(\"SINGLE_AZ_1\")\n .haPairs(2)\n .throughputCapacityPerHaPair(128)\n .preferredSubnetId(test1.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testhapairs:\n type: aws:fsx:OntapFileSystem\n properties:\n storageCapacity: 2048\n subnetIds:\n - ${test1.id}\n deploymentType: SINGLE_AZ_1\n haPairs: 2\n throughputCapacityPerHaPair: 128\n preferredSubnetId: ${test1.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testsingleazgen2 = new aws.fsx.OntapFileSystem(\"testsingleazgen2\", {\n storageCapacity: 4096,\n subnetIds: [test1.id],\n deploymentType: \"SINGLE_AZ_2\",\n haPairs: 4,\n throughputCapacityPerHaPair: 384,\n preferredSubnetId: test1.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntestsingleazgen2 = aws.fsx.OntapFileSystem(\"testsingleazgen2\",\n storage_capacity=4096,\n subnet_ids=[test1[\"id\"]],\n deployment_type=\"SINGLE_AZ_2\",\n ha_pairs=4,\n throughput_capacity_per_ha_pair=384,\n preferred_subnet_id=test1[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testsingleazgen2 = new Aws.Fsx.OntapFileSystem(\"testsingleazgen2\", new()\n {\n StorageCapacity = 4096,\n SubnetIds = new[]\n {\n test1.Id,\n },\n DeploymentType = \"SINGLE_AZ_2\",\n HaPairs = 4,\n ThroughputCapacityPerHaPair = 384,\n PreferredSubnetId = test1.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapFileSystem(ctx, \"testsingleazgen2\", \u0026fsx.OntapFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(4096),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_2\"),\n\t\t\tHaPairs: pulumi.Int(4),\n\t\t\tThroughputCapacityPerHaPair: pulumi.Int(384),\n\t\t\tPreferredSubnetId: pulumi.Any(test1.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapFileSystem;\nimport com.pulumi.aws.fsx.OntapFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testsingleazgen2 = new OntapFileSystem(\"testsingleazgen2\", OntapFileSystemArgs.builder()\n .storageCapacity(4096)\n .subnetIds(test1.id())\n .deploymentType(\"SINGLE_AZ_2\")\n .haPairs(4)\n .throughputCapacityPerHaPair(384)\n .preferredSubnetId(test1.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testsingleazgen2:\n type: aws:fsx:OntapFileSystem\n properties:\n storageCapacity: 4096\n subnetIds:\n - ${test1.id}\n deploymentType: SINGLE_AZ_2\n haPairs: 4\n throughputCapacityPerHaPair: 384\n preferredSubnetId: ${test1.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testmultiazgen2 = new aws.fsx.OntapFileSystem(\"testmultiazgen2\", {\n storageCapacity: 1024,\n subnetIds: [\n test1.id,\n test2.id,\n ],\n deploymentType: \"MULTI_AZ_2\",\n haPairs: 1,\n throughputCapacityPerHaPair: 384,\n preferredSubnetId: test1.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntestmultiazgen2 = aws.fsx.OntapFileSystem(\"testmultiazgen2\",\n storage_capacity=1024,\n subnet_ids=[\n test1[\"id\"],\n test2[\"id\"],\n ],\n deployment_type=\"MULTI_AZ_2\",\n ha_pairs=1,\n throughput_capacity_per_ha_pair=384,\n preferred_subnet_id=test1[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testmultiazgen2 = new Aws.Fsx.OntapFileSystem(\"testmultiazgen2\", new()\n {\n StorageCapacity = 1024,\n SubnetIds = new[]\n {\n test1.Id,\n test2.Id,\n },\n DeploymentType = \"MULTI_AZ_2\",\n HaPairs = 1,\n ThroughputCapacityPerHaPair = 384,\n PreferredSubnetId = test1.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapFileSystem(ctx, \"testmultiazgen2\", \u0026fsx.OntapFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(1024),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t\ttest2.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"MULTI_AZ_2\"),\n\t\t\tHaPairs: pulumi.Int(1),\n\t\t\tThroughputCapacityPerHaPair: pulumi.Int(384),\n\t\t\tPreferredSubnetId: pulumi.Any(test1.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapFileSystem;\nimport com.pulumi.aws.fsx.OntapFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testmultiazgen2 = new OntapFileSystem(\"testmultiazgen2\", OntapFileSystemArgs.builder()\n .storageCapacity(1024)\n .subnetIds( \n test1.id(),\n test2.id())\n .deploymentType(\"MULTI_AZ_2\")\n .haPairs(1)\n .throughputCapacityPerHaPair(384)\n .preferredSubnetId(test1.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testmultiazgen2:\n type: aws:fsx:OntapFileSystem\n properties:\n storageCapacity: 1024\n subnetIds:\n - ${test1.id}\n - ${test2.id}\n deploymentType: MULTI_AZ_2\n haPairs: 1\n throughputCapacityPerHaPair: 384\n preferredSubnetId: ${test1.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx File Systems using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/ontapFileSystem:OntapFileSystem example fs-543ab12b1ca672f33\n```\nCertain resource arguments, like `security_group_ids`, do not have a FSx API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Supports `MULTI_AZ_1`, `MULTI_AZ_2`, `SINGLE_AZ_1`, and `SINGLE_AZ_2`.\n" }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OntapFileSystemDiskIopsConfiguration:OntapFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for NetApp ONTAP file system. See Disk Iops Configuration below.\n" }, "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the file system. You can mount your file system using its DNS name.\n" }, "endpointIpAddressRange": { "type": "string", "description": "Specifies the IP address range in which the endpoints to access your file system will be created. By default, Amazon FSx selects an unused IP address range for you from the 198.19.* range.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapFileSystemEndpoint:OntapFileSystemEndpoint" }, "description": "The endpoints that are used to access data or to manage the file system using the NetApp ONTAP CLI, REST API, or NetApp SnapMirror. See Endpoints below.\n" }, "fsxAdminPassword": { "type": "string", "description": "The ONTAP administrative password for the fsxadmin user that you can use to administer your file system using the ONTAP CLI and REST API.\n", "secret": true }, "haPairs": { "type": "integer", "description": "The number of ha_pairs to deploy for the file system. Valid value is 1 for `SINGLE_AZ_1` or `MULTI_AZ_1` and `MULTI_AZ_2`. Valid values are 1 through 12 for `SINGLE_AZ_2`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredSubnetId": { "type": "string", "description": "The ID for a subnet. A subnet is a range of IP addresses in your virtual private cloud (VPC).\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies the VPC route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `1024` and `196608` for file systems with deployment_type `SINGLE_AZ_1` and `MULTI_AZ_1`. Valid values are between `1024` and `524288` for `MULTI_AZ_2`. Valid values between `1024` (`1024` per ha pair) and `1048576` for file systems with deployment_type `SINGLE_AZ_2`. For `SINGLE_AZ_2`, the `1048576` (1PB) maximum is only supported when using 2 or more ha_pairs, the maximum is `524288` (512TB) when using 1 ha_pair.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. defaults to `SSD`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. Up to 2 subnets can be provided.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Sets the throughput capacity (in MBps) for the file system that you're creating. Valid values are `128`, `256`, `512`, `1024`, `2048`, and `4096`. This parameter is only supported when not using the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "throughputCapacityPerHaPair": { "type": "integer", "description": "Sets the per-HA-pair throughput capacity (in MBps) for the file system that you're creating, as opposed to `throughput_capacity` which specifies the total throughput capacity for the file system. Valid value for `MULTI_AZ_1` and `SINGLE_AZ_1` are `128`, `256`, `512`, `1024`, `2048`, and `4096`. Valid values for deployment type `MULTI_AZ_2` and `SINGLE_AZ_2` are `384`,`768`,`1536`,`3072`,`6144` where `ha_pairs` is `1`. Valid values for deployment type `SINGLE_AZ_2` are `1536`, `3072`, and `6144` where `ha_pairs` is greater than 1. This parameter is only supported when specifying the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "dailyAutomaticBackupStartTime", "deploymentType", "diskIopsConfiguration", "dnsName", "endpointIpAddressRange", "endpoints", "haPairs", "kmsKeyId", "networkInterfaceIds", "ownerId", "preferredSubnetId", "routeTableIds", "storageCapacity", "subnetIds", "tagsAll", "throughputCapacity", "throughputCapacityPerHaPair", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Supports `MULTI_AZ_1`, `MULTI_AZ_2`, `SINGLE_AZ_1`, and `SINGLE_AZ_2`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OntapFileSystemDiskIopsConfiguration:OntapFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for NetApp ONTAP file system. See Disk Iops Configuration below.\n" }, "endpointIpAddressRange": { "type": "string", "description": "Specifies the IP address range in which the endpoints to access your file system will be created. By default, Amazon FSx selects an unused IP address range for you from the 198.19.* range.\n", "willReplaceOnChanges": true }, "fsxAdminPassword": { "type": "string", "description": "The ONTAP administrative password for the fsxadmin user that you can use to administer your file system using the ONTAP CLI and REST API.\n", "secret": true }, "haPairs": { "type": "integer", "description": "The number of ha_pairs to deploy for the file system. Valid value is 1 for `SINGLE_AZ_1` or `MULTI_AZ_1` and `MULTI_AZ_2`. Valid values are 1 through 12 for `SINGLE_AZ_2`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "preferredSubnetId": { "type": "string", "description": "The ID for a subnet. A subnet is a range of IP addresses in your virtual private cloud (VPC).\n", "willReplaceOnChanges": true }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies the VPC route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `1024` and `196608` for file systems with deployment_type `SINGLE_AZ_1` and `MULTI_AZ_1`. Valid values are between `1024` and `524288` for `MULTI_AZ_2`. Valid values between `1024` (`1024` per ha pair) and `1048576` for file systems with deployment_type `SINGLE_AZ_2`. For `SINGLE_AZ_2`, the `1048576` (1PB) maximum is only supported when using 2 or more ha_pairs, the maximum is `524288` (512TB) when using 1 ha_pair.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. defaults to `SSD`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. Up to 2 subnets can be provided.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "throughputCapacity": { "type": "integer", "description": "Sets the throughput capacity (in MBps) for the file system that you're creating. Valid values are `128`, `256`, `512`, `1024`, `2048`, and `4096`. This parameter is only supported when not using the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "throughputCapacityPerHaPair": { "type": "integer", "description": "Sets the per-HA-pair throughput capacity (in MBps) for the file system that you're creating, as opposed to `throughput_capacity` which specifies the total throughput capacity for the file system. Valid value for `MULTI_AZ_1` and `SINGLE_AZ_1` are `128`, `256`, `512`, `1024`, `2048`, and `4096`. Valid values for deployment type `MULTI_AZ_2` and `SINGLE_AZ_2` are `384`,`768`,`1536`,`3072`,`6144` where `ha_pairs` is `1`. Valid values for deployment type `SINGLE_AZ_2` are `1536`, `3072`, and `6144` where `ha_pairs` is greater than 1. This parameter is only supported when specifying the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "deploymentType", "preferredSubnetId", "storageCapacity", "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering OntapFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Supports `MULTI_AZ_1`, `MULTI_AZ_2`, `SINGLE_AZ_1`, and `SINGLE_AZ_2`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OntapFileSystemDiskIopsConfiguration:OntapFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for NetApp ONTAP file system. See Disk Iops Configuration below.\n" }, "dnsName": { "type": "string", "description": "The Domain Name Service (DNS) name for the file system. You can mount your file system using its DNS name.\n" }, "endpointIpAddressRange": { "type": "string", "description": "Specifies the IP address range in which the endpoints to access your file system will be created. By default, Amazon FSx selects an unused IP address range for you from the 198.19.* range.\n", "willReplaceOnChanges": true }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapFileSystemEndpoint:OntapFileSystemEndpoint" }, "description": "The endpoints that are used to access data or to manage the file system using the NetApp ONTAP CLI, REST API, or NetApp SnapMirror. See Endpoints below.\n" }, "fsxAdminPassword": { "type": "string", "description": "The ONTAP administrative password for the fsxadmin user that you can use to administer your file system using the ONTAP CLI and REST API.\n", "secret": true }, "haPairs": { "type": "integer", "description": "The number of ha_pairs to deploy for the file system. Valid value is 1 for `SINGLE_AZ_1` or `MULTI_AZ_1` and `MULTI_AZ_2`. Valid values are 1 through 12 for `SINGLE_AZ_2`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredSubnetId": { "type": "string", "description": "The ID for a subnet. A subnet is a range of IP addresses in your virtual private cloud (VPC).\n", "willReplaceOnChanges": true }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "Specifies the VPC route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `1024` and `196608` for file systems with deployment_type `SINGLE_AZ_1` and `MULTI_AZ_1`. Valid values are between `1024` and `524288` for `MULTI_AZ_2`. Valid values between `1024` (`1024` per ha pair) and `1048576` for file systems with deployment_type `SINGLE_AZ_2`. For `SINGLE_AZ_2`, the `1048576` (1PB) maximum is only supported when using 2 or more ha_pairs, the maximum is `524288` (512TB) when using 1 ha_pair.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. defaults to `SSD`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. Up to 2 subnets can be provided.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Sets the throughput capacity (in MBps) for the file system that you're creating. Valid values are `128`, `256`, `512`, `1024`, `2048`, and `4096`. This parameter is only supported when not using the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "throughputCapacityPerHaPair": { "type": "integer", "description": "Sets the per-HA-pair throughput capacity (in MBps) for the file system that you're creating, as opposed to `throughput_capacity` which specifies the total throughput capacity for the file system. Valid value for `MULTI_AZ_1` and `SINGLE_AZ_1` are `128`, `256`, `512`, `1024`, `2048`, and `4096`. Valid values for deployment type `MULTI_AZ_2` and `SINGLE_AZ_2` are `384`,`768`,`1536`,`3072`,`6144` where `ha_pairs` is `1`. Valid values for deployment type `SINGLE_AZ_2` are `1536`, `3072`, and `6144` where `ha_pairs` is greater than 1. This parameter is only supported when specifying the ha_pairs parameter. Either throughput_capacity or throughput_capacity_per_ha_pair must be specified.\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:fsx/ontapStorageVirtualMachine:OntapStorageVirtualMachine": { "description": "Manages a FSx Storage Virtual Machine.\nSee the [FSx ONTAP User Guide](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) for more information.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OntapStorageVirtualMachine(\"test\", {\n fileSystemId: testAwsFsxOntapFileSystem.id,\n name: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OntapStorageVirtualMachine(\"test\",\n file_system_id=test_aws_fsx_ontap_file_system[\"id\"],\n name=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OntapStorageVirtualMachine(\"test\", new()\n {\n FileSystemId = testAwsFsxOntapFileSystem.Id,\n Name = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapStorageVirtualMachine(ctx, \"test\", \u0026fsx.OntapStorageVirtualMachineArgs{\n\t\t\tFileSystemId: pulumi.Any(testAwsFsxOntapFileSystem.Id),\n\t\t\tName: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapStorageVirtualMachine;\nimport com.pulumi.aws.fsx.OntapStorageVirtualMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OntapStorageVirtualMachine(\"test\", OntapStorageVirtualMachineArgs.builder()\n .fileSystemId(testAwsFsxOntapFileSystem.id())\n .name(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OntapStorageVirtualMachine\n properties:\n fileSystemId: ${testAwsFsxOntapFileSystem.id}\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a Self-Managed Microsoft Active Directory\n\nAdditional information for using AWS Directory Service with ONTAP File Systems can be found in the [FSx ONTAP Guide](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/self-managed-AD.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OntapStorageVirtualMachine(\"test\", {\n fileSystemId: testAwsFsxOntapFileSystem.id,\n name: \"mysvm\",\n activeDirectoryConfiguration: {\n netbiosName: \"mysvm\",\n selfManagedActiveDirectoryConfiguration: {\n dnsIps: [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n domainName: \"corp.example.com\",\n password: \"avoid-plaintext-passwords\",\n username: \"Admin\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OntapStorageVirtualMachine(\"test\",\n file_system_id=test_aws_fsx_ontap_file_system[\"id\"],\n name=\"mysvm\",\n active_directory_configuration={\n \"netbios_name\": \"mysvm\",\n \"self_managed_active_directory_configuration\": {\n \"dns_ips\": [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n \"domain_name\": \"corp.example.com\",\n \"password\": \"avoid-plaintext-passwords\",\n \"username\": \"Admin\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OntapStorageVirtualMachine(\"test\", new()\n {\n FileSystemId = testAwsFsxOntapFileSystem.Id,\n Name = \"mysvm\",\n ActiveDirectoryConfiguration = new Aws.Fsx.Inputs.OntapStorageVirtualMachineActiveDirectoryConfigurationArgs\n {\n NetbiosName = \"mysvm\",\n SelfManagedActiveDirectoryConfiguration = new Aws.Fsx.Inputs.OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfigurationArgs\n {\n DnsIps = new[]\n {\n \"10.0.0.111\",\n \"10.0.0.222\",\n },\n DomainName = \"corp.example.com\",\n Password = \"avoid-plaintext-passwords\",\n Username = \"Admin\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapStorageVirtualMachine(ctx, \"test\", \u0026fsx.OntapStorageVirtualMachineArgs{\n\t\t\tFileSystemId: pulumi.Any(testAwsFsxOntapFileSystem.Id),\n\t\t\tName: pulumi.String(\"mysvm\"),\n\t\t\tActiveDirectoryConfiguration: \u0026fsx.OntapStorageVirtualMachineActiveDirectoryConfigurationArgs{\n\t\t\t\tNetbiosName: pulumi.String(\"mysvm\"),\n\t\t\t\tSelfManagedActiveDirectoryConfiguration: \u0026fsx.OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfigurationArgs{\n\t\t\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"10.0.0.111\"),\n\t\t\t\t\t\tpulumi.String(\"10.0.0.222\"),\n\t\t\t\t\t},\n\t\t\t\t\tDomainName: pulumi.String(\"corp.example.com\"),\n\t\t\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapStorageVirtualMachine;\nimport com.pulumi.aws.fsx.OntapStorageVirtualMachineArgs;\nimport com.pulumi.aws.fsx.inputs.OntapStorageVirtualMachineActiveDirectoryConfigurationArgs;\nimport com.pulumi.aws.fsx.inputs.OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OntapStorageVirtualMachine(\"test\", OntapStorageVirtualMachineArgs.builder()\n .fileSystemId(testAwsFsxOntapFileSystem.id())\n .name(\"mysvm\")\n .activeDirectoryConfiguration(OntapStorageVirtualMachineActiveDirectoryConfigurationArgs.builder()\n .netbiosName(\"mysvm\")\n .selfManagedActiveDirectoryConfiguration(OntapStorageVirtualMachineActiveDirectoryConfigurationSelfManagedActiveDirectoryConfigurationArgs.builder()\n .dnsIps( \n \"10.0.0.111\",\n \"10.0.0.222\")\n .domainName(\"corp.example.com\")\n .password(\"avoid-plaintext-passwords\")\n .username(\"Admin\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OntapStorageVirtualMachine\n properties:\n fileSystemId: ${testAwsFsxOntapFileSystem.id}\n name: mysvm\n activeDirectoryConfiguration:\n netbiosName: mysvm\n selfManagedActiveDirectoryConfiguration:\n dnsIps:\n - 10.0.0.111\n - 10.0.0.222\n domainName: corp.example.com\n password: avoid-plaintext-passwords\n username: Admin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx Storage Virtual Machine using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/ontapStorageVirtualMachine:OntapStorageVirtualMachine example svm-12345678abcdef123\n```\nCertain resource arguments, like `svm_admin_password` and the `self_managed_active_directory` configuation block `password`, do not have a FSx API method for reading the information after creation. If these arguments are set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "activeDirectoryConfiguration": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfiguration", "description": "Configuration block that Amazon FSx uses to join the FSx ONTAP Storage Virtual Machine(SVM) to your Microsoft Active Directory (AD) directory. Detailed below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the storage virtual machine.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpoint:OntapStorageVirtualMachineEndpoint" }, "description": "The endpoints that are used to access data or to manage the storage virtual machine using the NetApp ONTAP CLI, REST API, or NetApp SnapMirror. See Endpoints below.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx ONTAP File System that this SVM will be created on.\n" }, "name": { "type": "string", "description": "The name of the SVM. You can use a maximum of 47 alphanumeric characters, plus the underscore (_) special character.\n" }, "rootVolumeSecurityStyle": { "type": "string", "description": "Specifies the root volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`. All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume. Default value is `UNIX`.\n" }, "subtype": { "type": "string", "description": "Describes the SVM's subtype, e.g. `DEFAULT`\n" }, "svmAdminPassword": { "type": "string", "description": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's fsxadmin user to manage the SVM.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the storage virtual machine. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uuid": { "type": "string", "description": "The SVM's UUID (universally unique identifier).\n" } }, "required": [ "arn", "endpoints", "fileSystemId", "name", "subtype", "tagsAll", "uuid" ], "inputProperties": { "activeDirectoryConfiguration": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfiguration", "description": "Configuration block that Amazon FSx uses to join the FSx ONTAP Storage Virtual Machine(SVM) to your Microsoft Active Directory (AD) directory. Detailed below.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx ONTAP File System that this SVM will be created on.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the SVM. You can use a maximum of 47 alphanumeric characters, plus the underscore (_) special character.\n", "willReplaceOnChanges": true }, "rootVolumeSecurityStyle": { "type": "string", "description": "Specifies the root volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`. All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume. Default value is `UNIX`.\n", "willReplaceOnChanges": true }, "svmAdminPassword": { "type": "string", "description": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's fsxadmin user to manage the SVM.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the storage virtual machine. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "fileSystemId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OntapStorageVirtualMachine resources.\n", "properties": { "activeDirectoryConfiguration": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineActiveDirectoryConfiguration:OntapStorageVirtualMachineActiveDirectoryConfiguration", "description": "Configuration block that Amazon FSx uses to join the FSx ONTAP Storage Virtual Machine(SVM) to your Microsoft Active Directory (AD) directory. Detailed below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the storage virtual machine.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OntapStorageVirtualMachineEndpoint:OntapStorageVirtualMachineEndpoint" }, "description": "The endpoints that are used to access data or to manage the storage virtual machine using the NetApp ONTAP CLI, REST API, or NetApp SnapMirror. See Endpoints below.\n" }, "fileSystemId": { "type": "string", "description": "The ID of the Amazon FSx ONTAP File System that this SVM will be created on.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the SVM. You can use a maximum of 47 alphanumeric characters, plus the underscore (_) special character.\n", "willReplaceOnChanges": true }, "rootVolumeSecurityStyle": { "type": "string", "description": "Specifies the root volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`. All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume. Default value is `UNIX`.\n", "willReplaceOnChanges": true }, "subtype": { "type": "string", "description": "Describes the SVM's subtype, e.g. `DEFAULT`\n" }, "svmAdminPassword": { "type": "string", "description": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's fsxadmin user to manage the SVM.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the storage virtual machine. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uuid": { "type": "string", "description": "The SVM's UUID (universally unique identifier).\n" } }, "type": "object" } }, "aws:fsx/ontapVolume:OntapVolume": { "description": "Manages a FSx ONTAP Volume.\nSee the [FSx ONTAP User Guide](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html) for more information.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OntapVolume(\"test\", {\n name: \"test\",\n junctionPath: \"/test\",\n sizeInMegabytes: 1024,\n storageEfficiencyEnabled: true,\n storageVirtualMachineId: testAwsFsxOntapStorageVirtualMachine.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OntapVolume(\"test\",\n name=\"test\",\n junction_path=\"/test\",\n size_in_megabytes=1024,\n storage_efficiency_enabled=True,\n storage_virtual_machine_id=test_aws_fsx_ontap_storage_virtual_machine[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OntapVolume(\"test\", new()\n {\n Name = \"test\",\n JunctionPath = \"/test\",\n SizeInMegabytes = 1024,\n StorageEfficiencyEnabled = true,\n StorageVirtualMachineId = testAwsFsxOntapStorageVirtualMachine.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapVolume(ctx, \"test\", \u0026fsx.OntapVolumeArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tJunctionPath: pulumi.String(\"/test\"),\n\t\t\tSizeInMegabytes: pulumi.Int(1024),\n\t\t\tStorageEfficiencyEnabled: pulumi.Bool(true),\n\t\t\tStorageVirtualMachineId: pulumi.Any(testAwsFsxOntapStorageVirtualMachine.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapVolume;\nimport com.pulumi.aws.fsx.OntapVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OntapVolume(\"test\", OntapVolumeArgs.builder()\n .name(\"test\")\n .junctionPath(\"/test\")\n .sizeInMegabytes(1024)\n .storageEfficiencyEnabled(true)\n .storageVirtualMachineId(testAwsFsxOntapStorageVirtualMachine.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OntapVolume\n properties:\n name: test\n junctionPath: /test\n sizeInMegabytes: 1024\n storageEfficiencyEnabled: true\n storageVirtualMachineId: ${testAwsFsxOntapStorageVirtualMachine.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Tiering Policy\n\nAdditional information on tiering policy with ONTAP Volumes can be found in the [FSx ONTAP Guide](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OntapVolume(\"test\", {\n name: \"test\",\n junctionPath: \"/test\",\n sizeInMegabytes: 1024,\n storageEfficiencyEnabled: true,\n storageVirtualMachineId: testAwsFsxOntapStorageVirtualMachine.id,\n tieringPolicy: {\n name: \"AUTO\",\n coolingPeriod: 31,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OntapVolume(\"test\",\n name=\"test\",\n junction_path=\"/test\",\n size_in_megabytes=1024,\n storage_efficiency_enabled=True,\n storage_virtual_machine_id=test_aws_fsx_ontap_storage_virtual_machine[\"id\"],\n tiering_policy={\n \"name\": \"AUTO\",\n \"cooling_period\": 31,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OntapVolume(\"test\", new()\n {\n Name = \"test\",\n JunctionPath = \"/test\",\n SizeInMegabytes = 1024,\n StorageEfficiencyEnabled = true,\n StorageVirtualMachineId = testAwsFsxOntapStorageVirtualMachine.Id,\n TieringPolicy = new Aws.Fsx.Inputs.OntapVolumeTieringPolicyArgs\n {\n Name = \"AUTO\",\n CoolingPeriod = 31,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOntapVolume(ctx, \"test\", \u0026fsx.OntapVolumeArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tJunctionPath: pulumi.String(\"/test\"),\n\t\t\tSizeInMegabytes: pulumi.Int(1024),\n\t\t\tStorageEfficiencyEnabled: pulumi.Bool(true),\n\t\t\tStorageVirtualMachineId: pulumi.Any(testAwsFsxOntapStorageVirtualMachine.Id),\n\t\t\tTieringPolicy: \u0026fsx.OntapVolumeTieringPolicyArgs{\n\t\t\t\tName: pulumi.String(\"AUTO\"),\n\t\t\t\tCoolingPeriod: pulumi.Int(31),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OntapVolume;\nimport com.pulumi.aws.fsx.OntapVolumeArgs;\nimport com.pulumi.aws.fsx.inputs.OntapVolumeTieringPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OntapVolume(\"test\", OntapVolumeArgs.builder()\n .name(\"test\")\n .junctionPath(\"/test\")\n .sizeInMegabytes(1024)\n .storageEfficiencyEnabled(true)\n .storageVirtualMachineId(testAwsFsxOntapStorageVirtualMachine.id())\n .tieringPolicy(OntapVolumeTieringPolicyArgs.builder()\n .name(\"AUTO\")\n .coolingPeriod(31)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OntapVolume\n properties:\n name: test\n junctionPath: /test\n sizeInMegabytes: 1024\n storageEfficiencyEnabled: true\n storageVirtualMachineId: ${testAwsFsxOntapStorageVirtualMachine.id}\n tieringPolicy:\n name: AUTO\n coolingPeriod: 31\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx ONTAP volume using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/ontapVolume:OntapVolume example fsvol-12345678abcdef123\n```\n", "properties": { "aggregateConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeAggregateConfiguration:OntapVolumeAggregateConfiguration", "description": "The Aggregate configuration only applies to `FLEXGROUP` volumes. See [`aggregate_configuration` Block] for details.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the volune.\n" }, "bypassSnaplockEnterpriseRetention": { "type": "boolean", "description": "Setting this to `true` allows a SnapLock administrator to delete an FSx for ONTAP SnapLock Enterprise volume with unexpired write once, read many (WORM) files. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to `false`.\n" }, "fileSystemId": { "type": "string", "description": "Describes the file system for the volume, e.g. `fs-12345679`\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the volume's final backup.\n" }, "flexcacheEndpointType": { "type": "string", "description": "Specifies the FlexCache endpoint type of the volume, Valid values are `NONE`, `ORIGIN`, `CACHE`. Default value is `NONE`. These can be set by the ONTAP CLI or API and are use with FlexCache feature.\n" }, "junctionPath": { "type": "string", "description": "Specifies the location in the storage virtual machine's namespace where the volume is mounted. The junction_path must have a leading forward slash, such as `/vol3`\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n" }, "ontapVolumeType": { "type": "string", "description": "Specifies the type of volume, valid values are `RW`, `DP`. Default value is `RW`. These can be set by the ONTAP CLI or API. This setting is used as part of migration and replication [Migrating to Amazon FSx for NetApp ONTAP](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/migrating-fsx-ontap.html)\n" }, "securityStyle": { "type": "string", "description": "Specifies the volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`.\n" }, "sizeInBytes": { "type": "string", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Can be used for any size but required for volumes over 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "sizeInMegabytes": { "type": "integer", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Supported when creating volumes under 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the volume is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "snaplockConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfiguration:OntapVolumeSnaplockConfiguration", "description": "The SnapLock configuration for an FSx for ONTAP volume. See `snaplock_configuration` Block for details.\n" }, "snapshotPolicy": { "type": "string", "description": "Specifies the snapshot policy for the volume. See [snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx ONTAP User Guide\n" }, "storageEfficiencyEnabled": { "type": "boolean", "description": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume.\n" }, "storageVirtualMachineId": { "type": "string", "description": "Specifies the storage virtual machine in which to create the volume.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the volume. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tieringPolicy": { "$ref": "#/types/aws:fsx/OntapVolumeTieringPolicy:OntapVolumeTieringPolicy", "description": "The data tiering policy for an FSx for ONTAP volume. See `tiering_policy` Block for details.\n" }, "uuid": { "type": "string", "description": "The Volume's UUID (universally unique identifier).\n" }, "volumeStyle": { "type": "string", "description": "Specifies the styles of volume, valid values are `FLEXVOL`, `FLEXGROUP`. Default value is `FLEXVOL`. FLEXGROUPS have a larger minimum and maximum size. See Volume Styles for more details. [Volume Styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-styles.html)\n" }, "volumeType": { "type": "string", "description": "The type of volume, currently the only valid value is `ONTAP`.\n" } }, "required": [ "arn", "fileSystemId", "flexcacheEndpointType", "name", "ontapVolumeType", "securityStyle", "sizeInBytes", "sizeInMegabytes", "snapshotPolicy", "storageVirtualMachineId", "tagsAll", "uuid", "volumeStyle" ], "inputProperties": { "aggregateConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeAggregateConfiguration:OntapVolumeAggregateConfiguration", "description": "The Aggregate configuration only applies to `FLEXGROUP` volumes. See [`aggregate_configuration` Block] for details.\n" }, "bypassSnaplockEnterpriseRetention": { "type": "boolean", "description": "Setting this to `true` allows a SnapLock administrator to delete an FSx for ONTAP SnapLock Enterprise volume with unexpired write once, read many (WORM) files. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to `false`.\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the volume's final backup.\n" }, "junctionPath": { "type": "string", "description": "Specifies the location in the storage virtual machine's namespace where the volume is mounted. The junction_path must have a leading forward slash, such as `/vol3`\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n", "willReplaceOnChanges": true }, "ontapVolumeType": { "type": "string", "description": "Specifies the type of volume, valid values are `RW`, `DP`. Default value is `RW`. These can be set by the ONTAP CLI or API. This setting is used as part of migration and replication [Migrating to Amazon FSx for NetApp ONTAP](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/migrating-fsx-ontap.html)\n", "willReplaceOnChanges": true }, "securityStyle": { "type": "string", "description": "Specifies the volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`.\n" }, "sizeInBytes": { "type": "string", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Can be used for any size but required for volumes over 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "sizeInMegabytes": { "type": "integer", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Supported when creating volumes under 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the volume is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "snaplockConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfiguration:OntapVolumeSnaplockConfiguration", "description": "The SnapLock configuration for an FSx for ONTAP volume. See `snaplock_configuration` Block for details.\n" }, "snapshotPolicy": { "type": "string", "description": "Specifies the snapshot policy for the volume. See [snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx ONTAP User Guide\n" }, "storageEfficiencyEnabled": { "type": "boolean", "description": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume.\n" }, "storageVirtualMachineId": { "type": "string", "description": "Specifies the storage virtual machine in which to create the volume.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the volume. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tieringPolicy": { "$ref": "#/types/aws:fsx/OntapVolumeTieringPolicy:OntapVolumeTieringPolicy", "description": "The data tiering policy for an FSx for ONTAP volume. See `tiering_policy` Block for details.\n" }, "volumeStyle": { "type": "string", "description": "Specifies the styles of volume, valid values are `FLEXVOL`, `FLEXGROUP`. Default value is `FLEXVOL`. FLEXGROUPS have a larger minimum and maximum size. See Volume Styles for more details. [Volume Styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-styles.html)\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "The type of volume, currently the only valid value is `ONTAP`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "storageVirtualMachineId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OntapVolume resources.\n", "properties": { "aggregateConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeAggregateConfiguration:OntapVolumeAggregateConfiguration", "description": "The Aggregate configuration only applies to `FLEXGROUP` volumes. See [`aggregate_configuration` Block] for details.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the volune.\n" }, "bypassSnaplockEnterpriseRetention": { "type": "boolean", "description": "Setting this to `true` allows a SnapLock administrator to delete an FSx for ONTAP SnapLock Enterprise volume with unexpired write once, read many (WORM) files. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to `false`.\n" }, "fileSystemId": { "type": "string", "description": "Describes the file system for the volume, e.g. `fs-12345679`\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the volume's final backup.\n" }, "flexcacheEndpointType": { "type": "string", "description": "Specifies the FlexCache endpoint type of the volume, Valid values are `NONE`, `ORIGIN`, `CACHE`. Default value is `NONE`. These can be set by the ONTAP CLI or API and are use with FlexCache feature.\n" }, "junctionPath": { "type": "string", "description": "Specifies the location in the storage virtual machine's namespace where the volume is mounted. The junction_path must have a leading forward slash, such as `/vol3`\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n", "willReplaceOnChanges": true }, "ontapVolumeType": { "type": "string", "description": "Specifies the type of volume, valid values are `RW`, `DP`. Default value is `RW`. These can be set by the ONTAP CLI or API. This setting is used as part of migration and replication [Migrating to Amazon FSx for NetApp ONTAP](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/migrating-fsx-ontap.html)\n", "willReplaceOnChanges": true }, "securityStyle": { "type": "string", "description": "Specifies the volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`.\n" }, "sizeInBytes": { "type": "string", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Can be used for any size but required for volumes over 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "sizeInMegabytes": { "type": "integer", "description": "Specifies the size of the volume, in megabytes (MB), that you are creating. Supported when creating volumes under 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the volume is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "snaplockConfiguration": { "$ref": "#/types/aws:fsx/OntapVolumeSnaplockConfiguration:OntapVolumeSnaplockConfiguration", "description": "The SnapLock configuration for an FSx for ONTAP volume. See `snaplock_configuration` Block for details.\n" }, "snapshotPolicy": { "type": "string", "description": "Specifies the snapshot policy for the volume. See [snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx ONTAP User Guide\n" }, "storageEfficiencyEnabled": { "type": "boolean", "description": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume.\n" }, "storageVirtualMachineId": { "type": "string", "description": "Specifies the storage virtual machine in which to create the volume.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the volume. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tieringPolicy": { "$ref": "#/types/aws:fsx/OntapVolumeTieringPolicy:OntapVolumeTieringPolicy", "description": "The data tiering policy for an FSx for ONTAP volume. See `tiering_policy` Block for details.\n" }, "uuid": { "type": "string", "description": "The Volume's UUID (universally unique identifier).\n" }, "volumeStyle": { "type": "string", "description": "Specifies the styles of volume, valid values are `FLEXVOL`, `FLEXGROUP`. Default value is `FLEXVOL`. FLEXGROUPS have a larger minimum and maximum size. See Volume Styles for more details. [Volume Styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-styles.html)\n", "willReplaceOnChanges": true }, "volumeType": { "type": "string", "description": "The type of volume, currently the only valid value is `ONTAP`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fsx/openZfsFileSystem:OpenZfsFileSystem": { "description": "Manages an Amazon FSx for OpenZFS file system.\nSee the [FSx OpenZFS User Guide](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/what-is-fsx.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OpenZfsFileSystem(\"test\", {\n storageCapacity: 64,\n subnetIds: [test1.id],\n deploymentType: \"SINGLE_AZ_1\",\n throughputCapacity: 64,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OpenZfsFileSystem(\"test\",\n storage_capacity=64,\n subnet_ids=[test1[\"id\"]],\n deployment_type=\"SINGLE_AZ_1\",\n throughput_capacity=64)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OpenZfsFileSystem(\"test\", new()\n {\n StorageCapacity = 64,\n SubnetIds = new[]\n {\n test1.Id,\n },\n DeploymentType = \"SINGLE_AZ_1\",\n ThroughputCapacity = 64,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOpenZfsFileSystem(ctx, \"test\", \u0026fsx.OpenZfsFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(64),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttest1.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_1\"),\n\t\t\tThroughputCapacity: pulumi.Int(64),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OpenZfsFileSystem;\nimport com.pulumi.aws.fsx.OpenZfsFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OpenZfsFileSystem(\"test\", OpenZfsFileSystemArgs.builder()\n .storageCapacity(64)\n .subnetIds(test1.id())\n .deploymentType(\"SINGLE_AZ_1\")\n .throughputCapacity(64)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OpenZfsFileSystem\n properties:\n storageCapacity: 64\n subnetIds:\n - ${test1.id}\n deploymentType: SINGLE_AZ_1\n throughputCapacity: 64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx File Systems using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/openZfsFileSystem:OpenZfsFileSystem example fs-543ab12b1ca672f33\n```\nCertain resource arguments, like `security_group_ids`, do not have a FSx API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false.\n" }, "copyTagsToVolumes": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deleteOptions": { "type": "array", "items": { "type": "string" }, "description": "List of delete options, which at present supports only one value that specifies whether to delete all child volumes and snapshots when the file system is deleted. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`.\n" }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemDiskIopsConfiguration:OpenZfsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See `disk_iops_configuration` Block for details.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "endpointIpAddress": { "type": "string", "description": "IP address of the endpoint that is used to access data or to manage the file system.\n" }, "endpointIpAddressRange": { "type": "string", "description": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created.\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredSubnetId": { "type": "string", "description": "(Multi-AZ only) Required when `deployment_type` is set to `MULTI_AZ_1`. This specifies the subnet in which you want the preferred file server to be located.\n" }, "rootVolumeConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfiguration:OpenZfsFileSystemRootVolumeConfiguration", "description": "The configuration for the root volume of the file system. All other volumes are children or the root volume. See `root_volume_configuration` Block for details.\n" }, "rootVolumeId": { "type": "string", "description": "Identifier of the root volume, e.g., `fsvol-12345678`\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `64` and `524288`.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Only `SSD` is supported.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Throughput (MB/s) of the file system. Valid values depend on `deployment_type`. Must be one of `64`, `128`, `256`, `512`, `1024`, `2048`, `3072`, `4096` for `SINGLE_AZ_1`. Must be one of `160`, `320`, `640`, `1280`, `2560`, `3840`, `5120`, `7680`, `10240` for `SINGLE_AZ_2`.\n\nThe following arguments are optional:\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "dailyAutomaticBackupStartTime", "deploymentType", "diskIopsConfiguration", "dnsName", "endpointIpAddress", "endpointIpAddressRange", "kmsKeyId", "networkInterfaceIds", "ownerId", "rootVolumeConfiguration", "rootVolumeId", "routeTableIds", "subnetIds", "tagsAll", "throughputCapacity", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false.\n" }, "copyTagsToVolumes": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deleteOptions": { "type": "array", "items": { "type": "string" }, "description": "List of delete options, which at present supports only one value that specifies whether to delete all child volumes and snapshots when the file system is deleted. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemDiskIopsConfiguration:OpenZfsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See `disk_iops_configuration` Block for details.\n" }, "endpointIpAddressRange": { "type": "string", "description": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created.\n", "willReplaceOnChanges": true }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "preferredSubnetId": { "type": "string", "description": "(Multi-AZ only) Required when `deployment_type` is set to `MULTI_AZ_1`. This specifies the subnet in which you want the preferred file server to be located.\n", "willReplaceOnChanges": true }, "rootVolumeConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfiguration:OpenZfsFileSystemRootVolumeConfiguration", "description": "The configuration for the root volume of the file system. All other volumes are children or the root volume. See `root_volume_configuration` Block for details.\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `64` and `524288`.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Only `SSD` is supported.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "throughputCapacity": { "type": "integer", "description": "Throughput (MB/s) of the file system. Valid values depend on `deployment_type`. Must be one of `64`, `128`, `256`, `512`, `1024`, `2048`, `3072`, `4096` for `SINGLE_AZ_1`. Must be one of `160`, `320`, `640`, `1280`, `2560`, `3840`, `5120`, `7680`, `10240` for `SINGLE_AZ_2`.\n\nThe following arguments are optional:\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "deploymentType", "subnetIds", "throughputCapacity" ], "stateInputs": { "description": "Input properties used for looking up and filtering OpenZfsFileSystem resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false.\n" }, "copyTagsToVolumes": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set.\n" }, "deleteOptions": { "type": "array", "items": { "type": "string" }, "description": "List of delete options, which at present supports only one value that specifies whether to delete all child volumes and snapshots when the file system is deleted. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`.\n" }, "deploymentType": { "type": "string", "description": "The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemDiskIopsConfiguration:OpenZfsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See `disk_iops_configuration` Block for details.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com`\n" }, "endpointIpAddress": { "type": "string", "description": "IP address of the endpoint that is used to access data or to manage the file system.\n" }, "endpointIpAddressRange": { "type": "string", "description": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created.\n", "willReplaceOnChanges": true }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredSubnetId": { "type": "string", "description": "(Multi-AZ only) Required when `deployment_type` is set to `MULTI_AZ_1`. This specifies the subnet in which you want the preferred file server to be located.\n", "willReplaceOnChanges": true }, "rootVolumeConfiguration": { "$ref": "#/types/aws:fsx/OpenZfsFileSystemRootVolumeConfiguration:OpenZfsFileSystemRootVolumeConfiguration", "description": "The configuration for the root volume of the file system. All other volumes are children or the root volume. See `root_volume_configuration` Block for details.\n" }, "rootVolumeId": { "type": "string", "description": "Identifier of the root volume, e.g., `fsvol-12345678`\n" }, "routeTableIds": { "type": "array", "items": { "type": "string" }, "description": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "The storage capacity (GiB) of the file system. Valid values between `64` and `524288`.\n" }, "storageType": { "type": "string", "description": "The filesystem storage type. Only `SSD` is supported.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Throughput (MB/s) of the file system. Valid values depend on `deployment_type`. Must be one of `64`, `128`, `256`, `512`, `1024`, `2048`, `3072`, `4096` for `SINGLE_AZ_1`. Must be one of `160`, `320`, `640`, `1280`, `2560`, `3840`, `5120`, `7680`, `10240` for `SINGLE_AZ_2`.\n\nThe following arguments are optional:\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:fsx/openZfsSnapshot:OpenZfsSnapshot": { "description": "Manages an Amazon FSx for OpenZFS volume.\nSee the [FSx OpenZFS User Guide](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/what-is-fsx.html) for more information.\n\n## Example Usage\n\n### Root volume Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOpenZfsFileSystem = new aws.fsx.OpenZfsFileSystem(\"example\", {\n storageCapacity: 64,\n subnetIds: [exampleAwsSubnet.id],\n deploymentType: \"SINGLE_AZ_1\",\n throughputCapacity: 64,\n});\nconst example = new aws.fsx.OpenZfsSnapshot(\"example\", {\n name: \"example\",\n volumeId: exampleOpenZfsFileSystem.rootVolumeId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_open_zfs_file_system = aws.fsx.OpenZfsFileSystem(\"example\",\n storage_capacity=64,\n subnet_ids=[example_aws_subnet[\"id\"]],\n deployment_type=\"SINGLE_AZ_1\",\n throughput_capacity=64)\nexample = aws.fsx.OpenZfsSnapshot(\"example\",\n name=\"example\",\n volume_id=example_open_zfs_file_system.root_volume_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOpenZfsFileSystem = new Aws.Fsx.OpenZfsFileSystem(\"example\", new()\n {\n StorageCapacity = 64,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n DeploymentType = \"SINGLE_AZ_1\",\n ThroughputCapacity = 64,\n });\n\n var example = new Aws.Fsx.OpenZfsSnapshot(\"example\", new()\n {\n Name = \"example\",\n VolumeId = exampleOpenZfsFileSystem.RootVolumeId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOpenZfsFileSystem, err := fsx.NewOpenZfsFileSystem(ctx, \"example\", \u0026fsx.OpenZfsFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(64),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_1\"),\n\t\t\tThroughputCapacity: pulumi.Int(64),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewOpenZfsSnapshot(ctx, \"example\", \u0026fsx.OpenZfsSnapshotArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVolumeId: exampleOpenZfsFileSystem.RootVolumeId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OpenZfsFileSystem;\nimport com.pulumi.aws.fsx.OpenZfsFileSystemArgs;\nimport com.pulumi.aws.fsx.OpenZfsSnapshot;\nimport com.pulumi.aws.fsx.OpenZfsSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOpenZfsFileSystem = new OpenZfsFileSystem(\"exampleOpenZfsFileSystem\", OpenZfsFileSystemArgs.builder()\n .storageCapacity(64)\n .subnetIds(exampleAwsSubnet.id())\n .deploymentType(\"SINGLE_AZ_1\")\n .throughputCapacity(64)\n .build());\n\n var example = new OpenZfsSnapshot(\"example\", OpenZfsSnapshotArgs.builder()\n .name(\"example\")\n .volumeId(exampleOpenZfsFileSystem.rootVolumeId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:OpenZfsSnapshot\n properties:\n name: example\n volumeId: ${exampleOpenZfsFileSystem.rootVolumeId}\n exampleOpenZfsFileSystem:\n type: aws:fsx:OpenZfsFileSystem\n name: example\n properties:\n storageCapacity: 64\n subnetIds:\n - ${exampleAwsSubnet.id}\n deploymentType: SINGLE_AZ_1\n throughputCapacity: 64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Child volume Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOpenZfsFileSystem = new aws.fsx.OpenZfsFileSystem(\"example\", {\n storageCapacity: 64,\n subnetIds: [exampleAwsSubnet.id],\n deploymentType: \"SINGLE_AZ_1\",\n throughputCapacity: 64,\n});\nconst exampleOpenZfsVolume = new aws.fsx.OpenZfsVolume(\"example\", {\n name: \"example\",\n parentVolumeId: exampleOpenZfsFileSystem.rootVolumeId,\n});\nconst example = new aws.fsx.OpenZfsSnapshot(\"example\", {\n name: \"example\",\n volumeId: exampleOpenZfsVolume.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_open_zfs_file_system = aws.fsx.OpenZfsFileSystem(\"example\",\n storage_capacity=64,\n subnet_ids=[example_aws_subnet[\"id\"]],\n deployment_type=\"SINGLE_AZ_1\",\n throughput_capacity=64)\nexample_open_zfs_volume = aws.fsx.OpenZfsVolume(\"example\",\n name=\"example\",\n parent_volume_id=example_open_zfs_file_system.root_volume_id)\nexample = aws.fsx.OpenZfsSnapshot(\"example\",\n name=\"example\",\n volume_id=example_open_zfs_volume.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOpenZfsFileSystem = new Aws.Fsx.OpenZfsFileSystem(\"example\", new()\n {\n StorageCapacity = 64,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n DeploymentType = \"SINGLE_AZ_1\",\n ThroughputCapacity = 64,\n });\n\n var exampleOpenZfsVolume = new Aws.Fsx.OpenZfsVolume(\"example\", new()\n {\n Name = \"example\",\n ParentVolumeId = exampleOpenZfsFileSystem.RootVolumeId,\n });\n\n var example = new Aws.Fsx.OpenZfsSnapshot(\"example\", new()\n {\n Name = \"example\",\n VolumeId = exampleOpenZfsVolume.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOpenZfsFileSystem, err := fsx.NewOpenZfsFileSystem(ctx, \"example\", \u0026fsx.OpenZfsFileSystemArgs{\n\t\t\tStorageCapacity: pulumi.Int(64),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tDeploymentType: pulumi.String(\"SINGLE_AZ_1\"),\n\t\t\tThroughputCapacity: pulumi.Int(64),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOpenZfsVolume, err := fsx.NewOpenZfsVolume(ctx, \"example\", \u0026fsx.OpenZfsVolumeArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParentVolumeId: exampleOpenZfsFileSystem.RootVolumeId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = fsx.NewOpenZfsSnapshot(ctx, \"example\", \u0026fsx.OpenZfsSnapshotArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVolumeId: exampleOpenZfsVolume.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OpenZfsFileSystem;\nimport com.pulumi.aws.fsx.OpenZfsFileSystemArgs;\nimport com.pulumi.aws.fsx.OpenZfsVolume;\nimport com.pulumi.aws.fsx.OpenZfsVolumeArgs;\nimport com.pulumi.aws.fsx.OpenZfsSnapshot;\nimport com.pulumi.aws.fsx.OpenZfsSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOpenZfsFileSystem = new OpenZfsFileSystem(\"exampleOpenZfsFileSystem\", OpenZfsFileSystemArgs.builder()\n .storageCapacity(64)\n .subnetIds(exampleAwsSubnet.id())\n .deploymentType(\"SINGLE_AZ_1\")\n .throughputCapacity(64)\n .build());\n\n var exampleOpenZfsVolume = new OpenZfsVolume(\"exampleOpenZfsVolume\", OpenZfsVolumeArgs.builder()\n .name(\"example\")\n .parentVolumeId(exampleOpenZfsFileSystem.rootVolumeId())\n .build());\n\n var example = new OpenZfsSnapshot(\"example\", OpenZfsSnapshotArgs.builder()\n .name(\"example\")\n .volumeId(exampleOpenZfsVolume.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:OpenZfsSnapshot\n properties:\n name: example\n volumeId: ${exampleOpenZfsVolume.id}\n exampleOpenZfsVolume:\n type: aws:fsx:OpenZfsVolume\n name: example\n properties:\n name: example\n parentVolumeId: ${exampleOpenZfsFileSystem.rootVolumeId}\n exampleOpenZfsFileSystem:\n type: aws:fsx:OpenZfsFileSystem\n name: example\n properties:\n storageCapacity: 64\n subnetIds:\n - ${exampleAwsSubnet.id}\n deploymentType: SINGLE_AZ_1\n throughputCapacity: 64\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx OpenZFS snapshot using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/openZfsSnapshot:OpenZfsSnapshot example fs-543ab12b1ca672f33\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the snapshot.\n" }, "creationTime": { "type": "string" }, "name": { "type": "string", "description": "The name of the Snapshot. You can use a maximum of 203 alphanumeric characters plus either _ or - or : or . for the name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "volumeId": { "type": "string", "description": "The ID of the volume to snapshot. This can be the root volume or a child volume.\n" } }, "required": [ "arn", "creationTime", "name", "tagsAll", "volumeId" ], "inputProperties": { "name": { "type": "string", "description": "The name of the Snapshot. You can use a maximum of 203 alphanumeric characters plus either _ or - or : or . for the name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "volumeId": { "type": "string", "description": "The ID of the volume to snapshot. This can be the root volume or a child volume.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "volumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OpenZfsSnapshot resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the snapshot.\n" }, "creationTime": { "type": "string" }, "name": { "type": "string", "description": "The name of the Snapshot. You can use a maximum of 203 alphanumeric characters plus either _ or - or : or . for the name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. If you have set `copy_tags_to_backups` to true, and you specify one or more tags, no existing file system tags are copied from the file system to the backup.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "volumeId": { "type": "string", "description": "The ID of the volume to snapshot. This can be the root volume or a child volume.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fsx/openZfsVolume:OpenZfsVolume": { "description": "Manages an Amazon FSx for OpenZFS volume.\nSee the [FSx OpenZFS User Guide](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/what-is-fsx.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.fsx.OpenZfsVolume(\"test\", {\n name: \"testvolume\",\n parentVolumeId: testAwsFsxOpenzfsFileSystem.rootVolumeId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.fsx.OpenZfsVolume(\"test\",\n name=\"testvolume\",\n parent_volume_id=test_aws_fsx_openzfs_file_system[\"rootVolumeId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Fsx.OpenZfsVolume(\"test\", new()\n {\n Name = \"testvolume\",\n ParentVolumeId = testAwsFsxOpenzfsFileSystem.RootVolumeId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewOpenZfsVolume(ctx, \"test\", \u0026fsx.OpenZfsVolumeArgs{\n\t\t\tName: pulumi.String(\"testvolume\"),\n\t\t\tParentVolumeId: pulumi.Any(testAwsFsxOpenzfsFileSystem.RootVolumeId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.OpenZfsVolume;\nimport com.pulumi.aws.fsx.OpenZfsVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new OpenZfsVolume(\"test\", OpenZfsVolumeArgs.builder()\n .name(\"testvolume\")\n .parentVolumeId(testAwsFsxOpenzfsFileSystem.rootVolumeId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:fsx:OpenZfsVolume\n properties:\n name: testvolume\n parentVolumeId: ${testAwsFsxOpenzfsFileSystem.rootVolumeId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx Volumes using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/openZfsVolume:OpenZfsVolume example fsvol-543ab12b1ca672f33\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "copyTagsToSnapshots": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n" }, "dataCompressionType": { "type": "string", "description": "Method used to compress the data on the volume. Valid values are `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume.\n" }, "deleteVolumeOptions": { "type": "string", "description": "Whether to delete all child volumes and snapshots. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`. This configuration must be applied separately before attempting to delete the resource to have the desired behavior..\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n" }, "nfsExports": { "$ref": "#/types/aws:fsx/OpenZfsVolumeNfsExports:OpenZfsVolumeNfsExports", "description": "NFS export configuration for the root volume. Exactly 1 item. See `nfs_exports` Block Below for details.\n" }, "originSnapshot": { "$ref": "#/types/aws:fsx/OpenZfsVolumeOriginSnapshot:OpenZfsVolumeOriginSnapshot", "description": "Specifies the configuration to use when creating the OpenZFS volume. See `origin_snapshot` Block below for details.\n" }, "parentVolumeId": { "type": "string", "description": "The volume id of volume that will be the parent volume for the volume being created, this could be the root volume created from the `aws.fsx.OpenZfsFileSystem` resource with the `root_volume_id` or the `id` property of another `aws.fsx.OpenZfsVolume`.\n" }, "readOnly": { "type": "boolean", "description": "specifies whether the volume is read-only. Default is false.\n" }, "recordSizeKib": { "type": "integer", "description": "The record size of an OpenZFS volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB.\n" }, "storageCapacityQuotaGib": { "type": "integer", "description": "The maximum amount of storage in gibibytes (GiB) that the volume can use from its parent.\n" }, "storageCapacityReservationGib": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to reserve from the parent volume.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userAndGroupQuotas": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsVolumeUserAndGroupQuota:OpenZfsVolumeUserAndGroupQuota" }, "description": "Specify how much storage users or groups can use on the volume. Maximum of 100 items. See `user_and_group_quotas` Block Below.\n" }, "volumeType": { "type": "string" } }, "required": [ "arn", "name", "parentVolumeId", "readOnly", "storageCapacityQuotaGib", "storageCapacityReservationGib", "tagsAll", "userAndGroupQuotas" ], "inputProperties": { "copyTagsToSnapshots": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n", "willReplaceOnChanges": true }, "dataCompressionType": { "type": "string", "description": "Method used to compress the data on the volume. Valid values are `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume.\n" }, "deleteVolumeOptions": { "type": "string", "description": "Whether to delete all child volumes and snapshots. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`. This configuration must be applied separately before attempting to delete the resource to have the desired behavior..\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n" }, "nfsExports": { "$ref": "#/types/aws:fsx/OpenZfsVolumeNfsExports:OpenZfsVolumeNfsExports", "description": "NFS export configuration for the root volume. Exactly 1 item. See `nfs_exports` Block Below for details.\n" }, "originSnapshot": { "$ref": "#/types/aws:fsx/OpenZfsVolumeOriginSnapshot:OpenZfsVolumeOriginSnapshot", "description": "Specifies the configuration to use when creating the OpenZFS volume. See `origin_snapshot` Block below for details.\n" }, "parentVolumeId": { "type": "string", "description": "The volume id of volume that will be the parent volume for the volume being created, this could be the root volume created from the `aws.fsx.OpenZfsFileSystem` resource with the `root_volume_id` or the `id` property of another `aws.fsx.OpenZfsVolume`.\n" }, "readOnly": { "type": "boolean", "description": "specifies whether the volume is read-only. Default is false.\n" }, "recordSizeKib": { "type": "integer", "description": "The record size of an OpenZFS volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB.\n" }, "storageCapacityQuotaGib": { "type": "integer", "description": "The maximum amount of storage in gibibytes (GiB) that the volume can use from its parent.\n" }, "storageCapacityReservationGib": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to reserve from the parent volume.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userAndGroupQuotas": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsVolumeUserAndGroupQuota:OpenZfsVolumeUserAndGroupQuota" }, "description": "Specify how much storage users or groups can use on the volume. Maximum of 100 items. See `user_and_group_quotas` Block Below.\n" }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "parentVolumeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OpenZfsVolume resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "copyTagsToSnapshots": { "type": "boolean", "description": "A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false.\n", "willReplaceOnChanges": true }, "dataCompressionType": { "type": "string", "description": "Method used to compress the data on the volume. Valid values are `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume.\n" }, "deleteVolumeOptions": { "type": "string", "description": "Whether to delete all child volumes and snapshots. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`. This configuration must be applied separately before attempting to delete the resource to have the desired behavior..\n" }, "name": { "type": "string", "description": "The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character.\n" }, "nfsExports": { "$ref": "#/types/aws:fsx/OpenZfsVolumeNfsExports:OpenZfsVolumeNfsExports", "description": "NFS export configuration for the root volume. Exactly 1 item. See `nfs_exports` Block Below for details.\n" }, "originSnapshot": { "$ref": "#/types/aws:fsx/OpenZfsVolumeOriginSnapshot:OpenZfsVolumeOriginSnapshot", "description": "Specifies the configuration to use when creating the OpenZFS volume. See `origin_snapshot` Block below for details.\n" }, "parentVolumeId": { "type": "string", "description": "The volume id of volume that will be the parent volume for the volume being created, this could be the root volume created from the `aws.fsx.OpenZfsFileSystem` resource with the `root_volume_id` or the `id` property of another `aws.fsx.OpenZfsVolume`.\n" }, "readOnly": { "type": "boolean", "description": "specifies whether the volume is read-only. Default is false.\n" }, "recordSizeKib": { "type": "integer", "description": "The record size of an OpenZFS volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB.\n" }, "storageCapacityQuotaGib": { "type": "integer", "description": "The maximum amount of storage in gibibytes (GiB) that the volume can use from its parent.\n" }, "storageCapacityReservationGib": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to reserve from the parent volume.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userAndGroupQuotas": { "type": "array", "items": { "$ref": "#/types/aws:fsx/OpenZfsVolumeUserAndGroupQuota:OpenZfsVolumeUserAndGroupQuota" }, "description": "Specify how much storage users or groups can use on the volume. Maximum of 100 items. See `user_and_group_quotas` Block Below.\n" }, "volumeType": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:fsx/windowsFileSystem:WindowsFileSystem": { "description": "Manages a FSx Windows File System. See the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html) for more information.\n\n\u003e **NOTE:** Either the `active_directory_id` argument or `self_managed_active_directory` configuration block must be specified.\n\n## Example Usage\n\n### Using AWS Directory Service\n\nAdditional information for using AWS Directory Service with Windows File Systems can be found in the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/fsx-aws-managed-ad.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.WindowsFileSystem(\"example\", {\n activeDirectoryId: exampleAwsDirectoryServiceDirectory.id,\n kmsKeyId: exampleAwsKmsKey.arn,\n storageCapacity: 300,\n subnetIds: [exampleAwsSubnet.id],\n throughputCapacity: 1024,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.WindowsFileSystem(\"example\",\n active_directory_id=example_aws_directory_service_directory[\"id\"],\n kms_key_id=example_aws_kms_key[\"arn\"],\n storage_capacity=300,\n subnet_ids=[example_aws_subnet[\"id\"]],\n throughput_capacity=1024)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fsx.WindowsFileSystem(\"example\", new()\n {\n ActiveDirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n KmsKeyId = exampleAwsKmsKey.Arn,\n StorageCapacity = 300,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n ThroughputCapacity = 1024,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewWindowsFileSystem(ctx, \"example\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tStorageCapacity: pulumi.Int(300),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(1024),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WindowsFileSystem(\"example\", WindowsFileSystemArgs.builder()\n .activeDirectoryId(exampleAwsDirectoryServiceDirectory.id())\n .kmsKeyId(exampleAwsKmsKey.arn())\n .storageCapacity(300)\n .subnetIds(exampleAwsSubnet.id())\n .throughputCapacity(1024)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:WindowsFileSystem\n properties:\n activeDirectoryId: ${exampleAwsDirectoryServiceDirectory.id}\n kmsKeyId: ${exampleAwsKmsKey.arn}\n storageCapacity: 300\n subnetIds:\n - ${exampleAwsSubnet.id}\n throughputCapacity: 1024\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a Self-Managed Microsoft Active Directory\n\nAdditional information for using AWS Directory Service with Windows File Systems can be found in the [FSx Windows Guide](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.fsx.WindowsFileSystem(\"example\", {\n kmsKeyId: exampleAwsKmsKey.arn,\n storageCapacity: 300,\n subnetIds: [exampleAwsSubnet.id],\n throughputCapacity: 1024,\n selfManagedActiveDirectory: {\n dnsIps: [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n domainName: \"corp.example.com\",\n password: \"avoid-plaintext-passwords\",\n username: \"Admin\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.WindowsFileSystem(\"example\",\n kms_key_id=example_aws_kms_key[\"arn\"],\n storage_capacity=300,\n subnet_ids=[example_aws_subnet[\"id\"]],\n throughput_capacity=1024,\n self_managed_active_directory={\n \"dns_ips\": [\n \"10.0.0.111\",\n \"10.0.0.222\",\n ],\n \"domain_name\": \"corp.example.com\",\n \"password\": \"avoid-plaintext-passwords\",\n \"username\": \"Admin\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Fsx.WindowsFileSystem(\"example\", new()\n {\n KmsKeyId = exampleAwsKmsKey.Arn,\n StorageCapacity = 300,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n ThroughputCapacity = 1024,\n SelfManagedActiveDirectory = new Aws.Fsx.Inputs.WindowsFileSystemSelfManagedActiveDirectoryArgs\n {\n DnsIps = new[]\n {\n \"10.0.0.111\",\n \"10.0.0.222\",\n },\n DomainName = \"corp.example.com\",\n Password = \"avoid-plaintext-passwords\",\n Username = \"Admin\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.NewWindowsFileSystem(ctx, \"example\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tStorageCapacity: pulumi.Int(300),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(1024),\n\t\t\tSelfManagedActiveDirectory: \u0026fsx.WindowsFileSystemSelfManagedActiveDirectoryArgs{\n\t\t\t\tDnsIps: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.0.0.111\"),\n\t\t\t\t\tpulumi.String(\"10.0.0.222\"),\n\t\t\t\t},\n\t\t\t\tDomainName: pulumi.String(\"corp.example.com\"),\n\t\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport com.pulumi.aws.fsx.inputs.WindowsFileSystemSelfManagedActiveDirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WindowsFileSystem(\"example\", WindowsFileSystemArgs.builder()\n .kmsKeyId(exampleAwsKmsKey.arn())\n .storageCapacity(300)\n .subnetIds(exampleAwsSubnet.id())\n .throughputCapacity(1024)\n .selfManagedActiveDirectory(WindowsFileSystemSelfManagedActiveDirectoryArgs.builder()\n .dnsIps( \n \"10.0.0.111\",\n \"10.0.0.222\")\n .domainName(\"corp.example.com\")\n .password(\"avoid-plaintext-passwords\")\n .username(\"Admin\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:fsx:WindowsFileSystem\n properties:\n kmsKeyId: ${exampleAwsKmsKey.arn}\n storageCapacity: 300\n subnetIds:\n - ${exampleAwsSubnet.id}\n throughputCapacity: 1024\n selfManagedActiveDirectory:\n dnsIps:\n - 10.0.0.111\n - 10.0.0.222\n domainName: corp.example.com\n password: avoid-plaintext-passwords\n username: Admin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import FSx File Systems using the `id`. For example:\n\n```sh\n$ pulumi import aws:fsx/windowsFileSystem:WindowsFileSystem example fs-543ab12b1ca672f33\n```\nCertain resource arguments, like `security_group_ids` and the `self_managed_active_directory` configuation block `password`, do not have a FSx API method for reading the information after creation. If these arguments are set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n" }, "aliases": { "type": "array", "items": { "type": "string" }, "description": "An array DNS alias names that you want to associate with the Amazon FSx file system. For more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "auditLogConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemAuditLogConfiguration:WindowsFileSystemAuditLogConfiguration", "description": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See `audit_log_configuration` Block for details.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `90`. Defaults to `7`. Set to `0` to disable.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n" }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n" }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "deploymentType": { "type": "string", "description": "Specifies the file system deployment type, valid values are `MULTI_AZ_1`, `SINGLE_AZ_1` and `SINGLE_AZ_2`. Default value is `SINGLE_AZ_1`.\n" }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemDiskIopsConfiguration:WindowsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See `disk_iops_configuration` Block for details.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.corp.example.com` (domain name matching the Active Directory domain name)\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n" }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredFileServerIp": { "type": "string", "description": "The IP address of the primary, or preferred, file server.\n" }, "preferredSubnetId": { "type": "string", "description": "Specifies the subnet in which you want the preferred file server to be located. Required for when deployment type is `MULTI_AZ_1`.\n" }, "remoteAdministrationEndpoint": { "type": "string", "description": "For `MULTI_AZ_1` deployment types, use this endpoint when performing administrative tasks on the file system using Amazon FSx Remote PowerShell. For `SINGLE_AZ_1` deployment types, this is the DNS name of the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n" }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See `self_managed_active_directory` Block for details.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to `HDD` the minimum value is 2000. Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type, Valid values are `SSD` and `HDD`. `HDD` is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types. Default value is `SSD`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. To specify more than a single subnet set `deployment_type` to `MULTI_AZ_1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n\nThe following arguments are optional:\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "required": [ "arn", "auditLogConfiguration", "dailyAutomaticBackupStartTime", "diskIopsConfiguration", "dnsName", "kmsKeyId", "networkInterfaceIds", "ownerId", "preferredFileServerIp", "preferredSubnetId", "remoteAdministrationEndpoint", "storageCapacity", "subnetIds", "tagsAll", "throughputCapacity", "vpcId", "weeklyMaintenanceStartTime" ], "inputProperties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n", "willReplaceOnChanges": true }, "aliases": { "type": "array", "items": { "type": "string" }, "description": "An array DNS alias names that you want to associate with the Amazon FSx file system. For more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html)\n" }, "auditLogConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemAuditLogConfiguration:WindowsFileSystemAuditLogConfiguration", "description": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See `audit_log_configuration` Block for details.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `90`. Defaults to `7`. Set to `0` to disable.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n", "willReplaceOnChanges": true }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "deploymentType": { "type": "string", "description": "Specifies the file system deployment type, valid values are `MULTI_AZ_1`, `SINGLE_AZ_1` and `SINGLE_AZ_2`. Default value is `SINGLE_AZ_1`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemDiskIopsConfiguration:WindowsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See `disk_iops_configuration` Block for details.\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "preferredSubnetId": { "type": "string", "description": "Specifies the subnet in which you want the preferred file server to be located. Required for when deployment type is `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See `self_managed_active_directory` Block for details.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to `HDD` the minimum value is 2000. Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type, Valid values are `SSD` and `HDD`. `HDD` is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types. Default value is `SSD`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. To specify more than a single subnet set `deployment_type` to `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n\nThe following arguments are optional:\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "requiredInputs": [ "subnetIds", "throughputCapacity" ], "stateInputs": { "description": "Input properties used for looking up and filtering WindowsFileSystem resources.\n", "properties": { "activeDirectoryId": { "type": "string", "description": "The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`.\n", "willReplaceOnChanges": true }, "aliases": { "type": "array", "items": { "type": "string" }, "description": "An array DNS alias names that you want to associate with the Amazon FSx file system. For more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name of the file system.\n" }, "auditLogConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemAuditLogConfiguration:WindowsFileSystemAuditLogConfiguration", "description": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See `audit_log_configuration` Block for details.\n" }, "automaticBackupRetentionDays": { "type": "integer", "description": "The number of days to retain automatic backups. Minimum of `0` and maximum of `90`. Defaults to `7`. Set to `0` to disable.\n" }, "backupId": { "type": "string", "description": "The ID of the source backup to create the filesystem from.\n", "willReplaceOnChanges": true }, "copyTagsToBackups": { "type": "boolean", "description": "A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`.\n", "willReplaceOnChanges": true }, "dailyAutomaticBackupStartTime": { "type": "string", "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n" }, "deploymentType": { "type": "string", "description": "Specifies the file system deployment type, valid values are `MULTI_AZ_1`, `SINGLE_AZ_1` and `SINGLE_AZ_2`. Default value is `SINGLE_AZ_1`.\n", "willReplaceOnChanges": true }, "diskIopsConfiguration": { "$ref": "#/types/aws:fsx/WindowsFileSystemDiskIopsConfiguration:WindowsFileSystemDiskIopsConfiguration", "description": "The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See `disk_iops_configuration` Block for details.\n" }, "dnsName": { "type": "string", "description": "DNS name for the file system, e.g., `fs-12345678.corp.example.com` (domain name matching the Active Directory domain name)\n" }, "finalBackupTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to apply to the file system's final backup.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key.\n", "willReplaceOnChanges": true }, "networkInterfaceIds": { "type": "array", "items": { "type": "string" }, "description": "Set of Elastic Network Interface identifiers from which the file system is accessible.\n" }, "ownerId": { "type": "string", "description": "AWS account identifier that created the file system.\n" }, "preferredFileServerIp": { "type": "string", "description": "The IP address of the primary, or preferred, file server.\n" }, "preferredSubnetId": { "type": "string", "description": "Specifies the subnet in which you want the preferred file server to be located. Required for when deployment type is `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "remoteAdministrationEndpoint": { "type": "string", "description": "For `MULTI_AZ_1` deployment types, use this endpoint when performing administrative tasks on the file system using Amazon FSx Remote PowerShell. For `SINGLE_AZ_1` deployment types, this is the DNS name of the file system.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces.\n", "willReplaceOnChanges": true }, "selfManagedActiveDirectory": { "$ref": "#/types/aws:fsx/WindowsFileSystemSelfManagedActiveDirectory:WindowsFileSystemSelfManagedActiveDirectory", "description": "Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See `self_managed_active_directory` Block for details.\n" }, "skipFinalBackup": { "type": "boolean", "description": "When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`.\n" }, "storageCapacity": { "type": "integer", "description": "Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to `HDD` the minimum value is 2000. Required when not creating filesystem for a backup.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type, Valid values are `SSD` and `HDD`. `HDD` is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types. Default value is `SSD`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for the subnets that the file system will be accessible from. To specify more than a single subnet set `deployment_type` to `MULTI_AZ_1`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "throughputCapacity": { "type": "integer", "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n\nThe following arguments are optional:\n" }, "vpcId": { "type": "string", "description": "Identifier of the Virtual Private Cloud for the file system.\n" }, "weeklyMaintenanceStartTime": { "type": "string", "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n" } }, "type": "object" } }, "aws:gamelift/alias:Alias": { "description": "Provides a GameLift Alias resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.Alias(\"example\", {\n name: \"example-alias\",\n description: \"Example Description\",\n routingStrategy: {\n message: \"Example Message\",\n type: \"TERMINAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.Alias(\"example\",\n name=\"example-alias\",\n description=\"Example Description\",\n routing_strategy={\n \"message\": \"Example Message\",\n \"type\": \"TERMINAL\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.Alias(\"example\", new()\n {\n Name = \"example-alias\",\n Description = \"Example Description\",\n RoutingStrategy = new Aws.GameLift.Inputs.AliasRoutingStrategyArgs\n {\n Message = \"Example Message\",\n Type = \"TERMINAL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewAlias(ctx, \"example\", \u0026gamelift.AliasArgs{\n\t\t\tName: pulumi.String(\"example-alias\"),\n\t\t\tDescription: pulumi.String(\"Example Description\"),\n\t\t\tRoutingStrategy: \u0026gamelift.AliasRoutingStrategyArgs{\n\t\t\t\tMessage: pulumi.String(\"Example Message\"),\n\t\t\t\tType: pulumi.String(\"TERMINAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.Alias;\nimport com.pulumi.aws.gamelift.AliasArgs;\nimport com.pulumi.aws.gamelift.inputs.AliasRoutingStrategyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Alias(\"example\", AliasArgs.builder()\n .name(\"example-alias\")\n .description(\"Example Description\")\n .routingStrategy(AliasRoutingStrategyArgs.builder()\n .message(\"Example Message\")\n .type(\"TERMINAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:Alias\n properties:\n name: example-alias\n description: Example Description\n routingStrategy:\n message: Example Message\n type: TERMINAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Aliases using the ID. For example:\n\n```sh\n$ pulumi import aws:gamelift/alias:Alias example \u003calias-id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "Alias ARN.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "routingStrategy", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "routingStrategy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "Alias ARN.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name of the alias.\n" }, "routingStrategy": { "$ref": "#/types/aws:gamelift/AliasRoutingStrategy:AliasRoutingStrategy", "description": "Specifies the fleet and/or routing type to use for the alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:gamelift/build:Build": { "description": "Provides an GameLift Build resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.gamelift.Build(\"test\", {\n name: \"example-build\",\n operatingSystem: \"WINDOWS_2012\",\n storageLocation: {\n bucket: testAwsS3Bucket.id,\n key: testAwsS3Object.key,\n roleArn: testAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.gamelift.Build(\"test\",\n name=\"example-build\",\n operating_system=\"WINDOWS_2012\",\n storage_location={\n \"bucket\": test_aws_s3_bucket[\"id\"],\n \"key\": test_aws_s3_object[\"key\"],\n \"role_arn\": test_aws_iam_role[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.GameLift.Build(\"test\", new()\n {\n Name = \"example-build\",\n OperatingSystem = \"WINDOWS_2012\",\n StorageLocation = new Aws.GameLift.Inputs.BuildStorageLocationArgs\n {\n Bucket = testAwsS3Bucket.Id,\n Key = testAwsS3Object.Key,\n RoleArn = testAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewBuild(ctx, \"test\", \u0026gamelift.BuildArgs{\n\t\t\tName: pulumi.String(\"example-build\"),\n\t\t\tOperatingSystem: pulumi.String(\"WINDOWS_2012\"),\n\t\t\tStorageLocation: \u0026gamelift.BuildStorageLocationArgs{\n\t\t\t\tBucket: pulumi.Any(testAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(testAwsS3Object.Key),\n\t\t\t\tRoleArn: pulumi.Any(testAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.Build;\nimport com.pulumi.aws.gamelift.BuildArgs;\nimport com.pulumi.aws.gamelift.inputs.BuildStorageLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Build(\"test\", BuildArgs.builder()\n .name(\"example-build\")\n .operatingSystem(\"WINDOWS_2012\")\n .storageLocation(BuildStorageLocationArgs.builder()\n .bucket(testAwsS3Bucket.id())\n .key(testAwsS3Object.key())\n .roleArn(testAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:gamelift:Build\n properties:\n name: example-build\n operatingSystem: WINDOWS_2012\n storageLocation:\n bucket: ${testAwsS3Bucket.id}\n key: ${testAwsS3Object.key}\n roleArn: ${testAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Builds using the ID. For example:\n\n```sh\n$ pulumi import aws:gamelift/build:Build example \u003cbuild-id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "GameLift Build ARN.\n" }, "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. Valid values: `WINDOWS_2012`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `WINDOWS_2016`, `AMAZON_LINUX_2023`.\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "required": [ "arn", "name", "operatingSystem", "storageLocation", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. Valid values: `WINDOWS_2012`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `WINDOWS_2016`, `AMAZON_LINUX_2023`.\n", "willReplaceOnChanges": true }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "requiredInputs": [ "operatingSystem", "storageLocation" ], "stateInputs": { "description": "Input properties used for looking up and filtering Build resources.\n", "properties": { "arn": { "type": "string", "description": "GameLift Build ARN.\n" }, "name": { "type": "string", "description": "Name of the build\n" }, "operatingSystem": { "type": "string", "description": "Operating system that the game server binaries are built to run on. Valid values: `WINDOWS_2012`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `WINDOWS_2016`, `AMAZON_LINUX_2023`.\n", "willReplaceOnChanges": true }, "storageLocation": { "$ref": "#/types/aws:gamelift/BuildStorageLocation:BuildStorageLocation", "description": "Information indicating where your game build files are stored. See below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version that is associated with this build.\n" } }, "type": "object" } }, "aws:gamelift/fleet:Fleet": { "description": "Provides a GameLift Fleet resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.Fleet(\"example\", {\n buildId: exampleAwsGameliftBuild.id,\n ec2InstanceType: \"t2.micro\",\n fleetType: \"ON_DEMAND\",\n name: \"example-fleet-name\",\n runtimeConfiguration: {\n serverProcesses: [{\n concurrentExecutions: 1,\n launchPath: \"C:\\\\game\\\\GomokuServer.exe\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.Fleet(\"example\",\n build_id=example_aws_gamelift_build[\"id\"],\n ec2_instance_type=\"t2.micro\",\n fleet_type=\"ON_DEMAND\",\n name=\"example-fleet-name\",\n runtime_configuration={\n \"server_processes\": [{\n \"concurrent_executions\": 1,\n \"launch_path\": \"C:\\\\game\\\\GomokuServer.exe\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.Fleet(\"example\", new()\n {\n BuildId = exampleAwsGameliftBuild.Id,\n Ec2InstanceType = \"t2.micro\",\n FleetType = \"ON_DEMAND\",\n Name = \"example-fleet-name\",\n RuntimeConfiguration = new Aws.GameLift.Inputs.FleetRuntimeConfigurationArgs\n {\n ServerProcesses = new[]\n {\n new Aws.GameLift.Inputs.FleetRuntimeConfigurationServerProcessArgs\n {\n ConcurrentExecutions = 1,\n LaunchPath = \"C:\\\\game\\\\GomokuServer.exe\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewFleet(ctx, \"example\", \u0026gamelift.FleetArgs{\n\t\t\tBuildId: pulumi.Any(exampleAwsGameliftBuild.Id),\n\t\t\tEc2InstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tFleetType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tName: pulumi.String(\"example-fleet-name\"),\n\t\t\tRuntimeConfiguration: \u0026gamelift.FleetRuntimeConfigurationArgs{\n\t\t\t\tServerProcesses: gamelift.FleetRuntimeConfigurationServerProcessArray{\n\t\t\t\t\t\u0026gamelift.FleetRuntimeConfigurationServerProcessArgs{\n\t\t\t\t\t\tConcurrentExecutions: pulumi.Int(1),\n\t\t\t\t\t\tLaunchPath: pulumi.String(\"C:\\\\game\\\\GomokuServer.exe\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.Fleet;\nimport com.pulumi.aws.gamelift.FleetArgs;\nimport com.pulumi.aws.gamelift.inputs.FleetRuntimeConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .buildId(exampleAwsGameliftBuild.id())\n .ec2InstanceType(\"t2.micro\")\n .fleetType(\"ON_DEMAND\")\n .name(\"example-fleet-name\")\n .runtimeConfiguration(FleetRuntimeConfigurationArgs.builder()\n .serverProcesses(FleetRuntimeConfigurationServerProcessArgs.builder()\n .concurrentExecutions(1)\n .launchPath(\"C:\\\\game\\\\GomokuServer.exe\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:Fleet\n properties:\n buildId: ${exampleAwsGameliftBuild.id}\n ec2InstanceType: t2.micro\n fleetType: ON_DEMAND\n name: example-fleet-name\n runtimeConfiguration:\n serverProcesses:\n - concurrentExecutions: 1\n launchPath: C:\\game\\GomokuServer.exe\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Fleets using the ID. For example:\n\n```sh\n$ pulumi import aws:gamelift/fleet:Fleet example \u003cfleet-id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "Fleet ARN.\n" }, "buildArn": { "type": "string", "description": "Build ARN.\n" }, "buildId": { "type": "string", "description": "ID of the GameLift Build to be deployed on the fleet.\n" }, "certificateConfiguration": { "$ref": "#/types/aws:gamelift/FleetCertificateConfiguration:FleetCertificateConfiguration", "description": "Prompts GameLift to generate a TLS/SSL certificate for the fleet. See certificate_configuration.\n" }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance typeE.g., `t2.micro`\n" }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n" }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n" }, "logPaths": { "type": "array", "items": { "type": "string" } }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleetE.g., `FullProtection`. Defaults to `NoProtection`.\n" }, "operatingSystem": { "type": "string", "description": "Operating system of the fleet's computing resources.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "scriptArn": { "type": "string", "description": "Script ARN.\n" }, "scriptId": { "type": "string", "description": "ID of the GameLift Script to be deployed on the fleet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "buildArn", "certificateConfiguration", "ec2InboundPermissions", "ec2InstanceType", "logPaths", "metricGroups", "name", "operatingSystem", "scriptArn", "tagsAll" ], "inputProperties": { "buildId": { "type": "string", "description": "ID of the GameLift Build to be deployed on the fleet.\n", "willReplaceOnChanges": true }, "certificateConfiguration": { "$ref": "#/types/aws:gamelift/FleetCertificateConfiguration:FleetCertificateConfiguration", "description": "Prompts GameLift to generate a TLS/SSL certificate for the fleet. See certificate_configuration.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance typeE.g., `t2.micro`\n", "willReplaceOnChanges": true }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n", "willReplaceOnChanges": true }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n", "willReplaceOnChanges": true }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleetE.g., `FullProtection`. Defaults to `NoProtection`.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "scriptId": { "type": "string", "description": "ID of the GameLift Script to be deployed on the fleet.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "ec2InstanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "Fleet ARN.\n" }, "buildArn": { "type": "string", "description": "Build ARN.\n" }, "buildId": { "type": "string", "description": "ID of the GameLift Build to be deployed on the fleet.\n", "willReplaceOnChanges": true }, "certificateConfiguration": { "$ref": "#/types/aws:gamelift/FleetCertificateConfiguration:FleetCertificateConfiguration", "description": "Prompts GameLift to generate a TLS/SSL certificate for the fleet. See certificate_configuration.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Human-readable description of the fleet.\n" }, "ec2InboundPermissions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/FleetEc2InboundPermission:FleetEc2InboundPermission" }, "description": "Range of IP addresses and port settings that permit inbound traffic to access server processes running on the fleet. See below.\n" }, "ec2InstanceType": { "type": "string", "description": "Name of an EC2 instance typeE.g., `t2.micro`\n", "willReplaceOnChanges": true }, "fleetType": { "type": "string", "description": "Type of fleet. This value must be `ON_DEMAND` or `SPOT`. Defaults to `ON_DEMAND`.\n", "willReplaceOnChanges": true }, "instanceRoleArn": { "type": "string", "description": "ARN of an IAM role that instances in the fleet can assume.\n", "willReplaceOnChanges": true }, "logPaths": { "type": "array", "items": { "type": "string" } }, "metricGroups": { "type": "array", "items": { "type": "string" }, "description": "List of names of metric groups to add this fleet to. A metric group tracks metrics across all fleets in the group. Defaults to `default`.\n" }, "name": { "type": "string", "description": "The name of the fleet.\n" }, "newGameSessionProtectionPolicy": { "type": "string", "description": "Game session protection policy to apply to all instances in this fleetE.g., `FullProtection`. Defaults to `NoProtection`.\n" }, "operatingSystem": { "type": "string", "description": "Operating system of the fleet's computing resources.\n" }, "resourceCreationLimitPolicy": { "$ref": "#/types/aws:gamelift/FleetResourceCreationLimitPolicy:FleetResourceCreationLimitPolicy", "description": "Policy that limits the number of game sessions an individual player can create over a span of time for this fleet. See below.\n" }, "runtimeConfiguration": { "$ref": "#/types/aws:gamelift/FleetRuntimeConfiguration:FleetRuntimeConfiguration", "description": "Instructions for launching server processes on each instance in the fleet. See below.\n" }, "scriptArn": { "type": "string", "description": "Script ARN.\n" }, "scriptId": { "type": "string", "description": "ID of the GameLift Script to be deployed on the fleet.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:gamelift/gameServerGroup:GameServerGroup": { "description": "Provides an GameLift Game Server Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n gameServerGroupName: \"example\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n },\n {\n instanceType: \"c5a.large\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n}, {\n dependsOn: [exampleAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n game_server_group_name=\"example\",\n instance_definitions=[\n {\n \"instance_type\": \"c5.large\",\n },\n {\n \"instance_type\": \"c5a.large\",\n },\n ],\n launch_template={\n \"id\": example_aws_launch_template[\"id\"],\n },\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"],\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n GameServerGroupName = \"example\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5a.large\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicyAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5a.large\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder()\n .gameServerGroupName(\"example\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5a.large\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n gameServerGroupName: example\n instanceDefinitions:\n - instanceType: c5.large\n - instanceType: c5a.large\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n options:\n dependson:\n - ${exampleAwsIamRolePolicyAttachment}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFull usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n autoScalingPolicy: {\n estimatedInstanceWarmup: 60,\n targetTrackingConfiguration: {\n targetValue: 75,\n },\n },\n balancingStrategy: \"SPOT_ONLY\",\n gameServerGroupName: \"example\",\n gameServerProtectionPolicy: \"FULL_PROTECTION\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n weightedCapacity: \"1\",\n },\n {\n instanceType: \"c5.2xlarge\",\n weightedCapacity: \"2\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n version: \"1\",\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n tags: {\n Name: \"example\",\n },\n vpcSubnets: [\n \"subnet-12345678\",\n \"subnet-23456789\",\n ],\n}, {\n dependsOn: [exampleAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n auto_scaling_policy={\n \"estimated_instance_warmup\": 60,\n \"target_tracking_configuration\": {\n \"target_value\": 75,\n },\n },\n balancing_strategy=\"SPOT_ONLY\",\n game_server_group_name=\"example\",\n game_server_protection_policy=\"FULL_PROTECTION\",\n instance_definitions=[\n {\n \"instance_type\": \"c5.large\",\n \"weighted_capacity\": \"1\",\n },\n {\n \"instance_type\": \"c5.2xlarge\",\n \"weighted_capacity\": \"2\",\n },\n ],\n launch_template={\n \"id\": example_aws_launch_template[\"id\"],\n \"version\": \"1\",\n },\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"],\n tags={\n \"Name\": \"example\",\n },\n vpc_subnets=[\n \"subnet-12345678\",\n \"subnet-23456789\",\n ],\n opts = pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n AutoScalingPolicy = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyArgs\n {\n EstimatedInstanceWarmup = 60,\n TargetTrackingConfiguration = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs\n {\n TargetValue = 75,\n },\n },\n BalancingStrategy = \"SPOT_ONLY\",\n GameServerGroupName = \"example\",\n GameServerProtectionPolicy = \"FULL_PROTECTION\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n WeightedCapacity = \"1\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.2xlarge\",\n WeightedCapacity = \"2\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n Version = \"1\",\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n Tags = \n {\n { \"Name\", \"example\" },\n },\n VpcSubnets = new[]\n {\n \"subnet-12345678\",\n \"subnet-23456789\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicyAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tAutoScalingPolicy: \u0026gamelift.GameServerGroupAutoScalingPolicyArgs{\n\t\t\t\tEstimatedInstanceWarmup: pulumi.Int(60),\n\t\t\t\tTargetTrackingConfiguration: \u0026gamelift.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs{\n\t\t\t\t\tTargetValue: pulumi.Float64(75),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBalancingStrategy: pulumi.String(\"SPOT_ONLY\"),\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tGameServerProtectionPolicy: pulumi.String(\"FULL_PROTECTION\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.2xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t\tVpcSubnets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-23456789\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder()\n .autoScalingPolicy(GameServerGroupAutoScalingPolicyArgs.builder()\n .estimatedInstanceWarmup(60)\n .targetTrackingConfiguration(GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs.builder()\n .targetValue(75)\n .build())\n .build())\n .balancingStrategy(\"SPOT_ONLY\")\n .gameServerGroupName(\"example\")\n .gameServerProtectionPolicy(\"FULL_PROTECTION\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .weightedCapacity(\"1\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.2xlarge\")\n .weightedCapacity(\"2\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .version(\"1\")\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .tags(Map.of(\"Name\", \"example\"))\n .vpcSubnets( \n \"subnet-12345678\",\n \"subnet-23456789\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n autoScalingPolicy:\n estimatedInstanceWarmup: 60\n targetTrackingConfiguration:\n targetValue: 75\n balancingStrategy: SPOT_ONLY\n gameServerGroupName: example\n gameServerProtectionPolicy: FULL_PROTECTION\n instanceDefinitions:\n - instanceType: c5.large\n weightedCapacity: '1'\n - instanceType: c5.2xlarge\n weightedCapacity: '2'\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n version: '1'\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n tags:\n Name: example\n vpcSubnets:\n - subnet-12345678\n - subnet-23456789\n options:\n dependson:\n - ${exampleAwsIamRolePolicyAttachment}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for GameLift Game Server Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getPartition({});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n name: \"gamelift-game-server-group-example\",\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy`),\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample = aws.iam.Role(\"example\",\n assume_role_policy=assume_role.json,\n name=\"gamelift-game-server-group-example\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetPartition.Invoke();\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"gamelift-game-server-group-example\",\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"autoscaling.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t\tName: pulumi.String(\"gamelift-game-server-group-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.Partition)),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getPartition();\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers( \n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"gamelift-game-server-group-example\")\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .policyArn(String.format(\"arn:%s:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${assumeRole.json}\n name: gamelift-game-server-group-example\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\n role: ${example.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - autoscaling.amazonaws.com\n - gamelift.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Game Server Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:gamelift/gameServerGroup:GameServerGroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the GameLift Game Server Group.\n" }, "autoScalingGroupArn": { "type": "string", "description": "The ARN of the created EC2 Auto Scaling group.\n" }, "autoScalingPolicy": { "$ref": "#/types/aws:gamelift/GameServerGroupAutoScalingPolicy:GameServerGroupAutoScalingPolicy" }, "balancingStrategy": { "type": "string", "description": "Indicates how GameLift FleetIQ balances the use of Spot Instances and On-Demand Instances.\nValid values: `SPOT_ONLY`, `SPOT_PREFERRED`, `ON_DEMAND_ONLY`. Defaults to `SPOT_PREFERRED`.\n" }, "gameServerGroupName": { "type": "string", "description": "Name of the game server group.\nThis value is used to generate unique ARN identifiers for the EC2 Auto Scaling group and the GameLift FleetIQ game server group.\n" }, "gameServerProtectionPolicy": { "type": "string", "description": "Indicates whether instances in the game server group are protected from early termination.\nUnprotected instances that have active game servers running might be terminated during a scale-down event,\ncausing players to be dropped from the game.\nProtected instances cannot be terminated while there are active game servers running except in the event\nof a forced game server group deletion.\nValid values: `NO_PROTECTION`, `FULL_PROTECTION`. Defaults to `NO_PROTECTION`.\n" }, "instanceDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameServerGroupInstanceDefinition:GameServerGroupInstanceDefinition" } }, "launchTemplate": { "$ref": "#/types/aws:gamelift/GameServerGroupLaunchTemplate:GameServerGroupLaunchTemplate" }, "maxSize": { "type": "integer", "description": "The maximum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale up the group above this maximum.\n" }, "minSize": { "type": "integer", "description": "The minimum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale down the group below this minimum.\n" }, "roleArn": { "type": "string", "description": "ARN for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcSubnets": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnets to use with instances in the game server group.\nBy default, all GameLift FleetIQ-supported Availability Zones are used.\n" } }, "required": [ "arn", "autoScalingGroupArn", "balancingStrategy", "gameServerGroupName", "gameServerProtectionPolicy", "instanceDefinitions", "launchTemplate", "maxSize", "minSize", "roleArn", "tagsAll" ], "inputProperties": { "autoScalingPolicy": { "$ref": "#/types/aws:gamelift/GameServerGroupAutoScalingPolicy:GameServerGroupAutoScalingPolicy", "willReplaceOnChanges": true }, "balancingStrategy": { "type": "string", "description": "Indicates how GameLift FleetIQ balances the use of Spot Instances and On-Demand Instances.\nValid values: `SPOT_ONLY`, `SPOT_PREFERRED`, `ON_DEMAND_ONLY`. Defaults to `SPOT_PREFERRED`.\n" }, "gameServerGroupName": { "type": "string", "description": "Name of the game server group.\nThis value is used to generate unique ARN identifiers for the EC2 Auto Scaling group and the GameLift FleetIQ game server group.\n", "willReplaceOnChanges": true }, "gameServerProtectionPolicy": { "type": "string", "description": "Indicates whether instances in the game server group are protected from early termination.\nUnprotected instances that have active game servers running might be terminated during a scale-down event,\ncausing players to be dropped from the game.\nProtected instances cannot be terminated while there are active game servers running except in the event\nof a forced game server group deletion.\nValid values: `NO_PROTECTION`, `FULL_PROTECTION`. Defaults to `NO_PROTECTION`.\n" }, "instanceDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameServerGroupInstanceDefinition:GameServerGroupInstanceDefinition" } }, "launchTemplate": { "$ref": "#/types/aws:gamelift/GameServerGroupLaunchTemplate:GameServerGroupLaunchTemplate" }, "maxSize": { "type": "integer", "description": "The maximum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale up the group above this maximum.\n", "willReplaceOnChanges": true }, "minSize": { "type": "integer", "description": "The minimum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale down the group below this minimum.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "vpcSubnets": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnets to use with instances in the game server group.\nBy default, all GameLift FleetIQ-supported Availability Zones are used.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "gameServerGroupName", "instanceDefinitions", "launchTemplate", "maxSize", "minSize", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering GameServerGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the GameLift Game Server Group.\n" }, "autoScalingGroupArn": { "type": "string", "description": "The ARN of the created EC2 Auto Scaling group.\n" }, "autoScalingPolicy": { "$ref": "#/types/aws:gamelift/GameServerGroupAutoScalingPolicy:GameServerGroupAutoScalingPolicy", "willReplaceOnChanges": true }, "balancingStrategy": { "type": "string", "description": "Indicates how GameLift FleetIQ balances the use of Spot Instances and On-Demand Instances.\nValid values: `SPOT_ONLY`, `SPOT_PREFERRED`, `ON_DEMAND_ONLY`. Defaults to `SPOT_PREFERRED`.\n" }, "gameServerGroupName": { "type": "string", "description": "Name of the game server group.\nThis value is used to generate unique ARN identifiers for the EC2 Auto Scaling group and the GameLift FleetIQ game server group.\n", "willReplaceOnChanges": true }, "gameServerProtectionPolicy": { "type": "string", "description": "Indicates whether instances in the game server group are protected from early termination.\nUnprotected instances that have active game servers running might be terminated during a scale-down event,\ncausing players to be dropped from the game.\nProtected instances cannot be terminated while there are active game servers running except in the event\nof a forced game server group deletion.\nValid values: `NO_PROTECTION`, `FULL_PROTECTION`. Defaults to `NO_PROTECTION`.\n" }, "instanceDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameServerGroupInstanceDefinition:GameServerGroupInstanceDefinition" } }, "launchTemplate": { "$ref": "#/types/aws:gamelift/GameServerGroupLaunchTemplate:GameServerGroupLaunchTemplate" }, "maxSize": { "type": "integer", "description": "The maximum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale up the group above this maximum.\n", "willReplaceOnChanges": true }, "minSize": { "type": "integer", "description": "The minimum number of instances allowed in the EC2 Auto Scaling group.\nDuring automatic scaling events, GameLift FleetIQ and EC2 do not scale down the group below this minimum.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpcSubnets": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnets to use with instances in the game server group.\nBy default, all GameLift FleetIQ-supported Availability Zones are used.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:gamelift/gameSessionQueue:GameSessionQueue": { "description": "Provides an GameLift Game Session Queue resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.gamelift.GameSessionQueue(\"test\", {\n name: \"example-session-queue\",\n destinations: [\n usWest2Fleet.arn,\n euCentral1Fleet.arn,\n ],\n notificationTarget: gameSessionQueueNotifications.arn,\n playerLatencyPolicies: [\n {\n maximumIndividualPlayerLatencyMilliseconds: 100,\n policyDurationSeconds: 5,\n },\n {\n maximumIndividualPlayerLatencyMilliseconds: 200,\n },\n ],\n timeoutInSeconds: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.gamelift.GameSessionQueue(\"test\",\n name=\"example-session-queue\",\n destinations=[\n us_west2_fleet[\"arn\"],\n eu_central1_fleet[\"arn\"],\n ],\n notification_target=game_session_queue_notifications[\"arn\"],\n player_latency_policies=[\n {\n \"maximum_individual_player_latency_milliseconds\": 100,\n \"policy_duration_seconds\": 5,\n },\n {\n \"maximum_individual_player_latency_milliseconds\": 200,\n },\n ],\n timeout_in_seconds=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.GameLift.GameSessionQueue(\"test\", new()\n {\n Name = \"example-session-queue\",\n Destinations = new[]\n {\n usWest2Fleet.Arn,\n euCentral1Fleet.Arn,\n },\n NotificationTarget = gameSessionQueueNotifications.Arn,\n PlayerLatencyPolicies = new[]\n {\n new Aws.GameLift.Inputs.GameSessionQueuePlayerLatencyPolicyArgs\n {\n MaximumIndividualPlayerLatencyMilliseconds = 100,\n PolicyDurationSeconds = 5,\n },\n new Aws.GameLift.Inputs.GameSessionQueuePlayerLatencyPolicyArgs\n {\n MaximumIndividualPlayerLatencyMilliseconds = 200,\n },\n },\n TimeoutInSeconds = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameSessionQueue(ctx, \"test\", \u0026gamelift.GameSessionQueueArgs{\n\t\t\tName: pulumi.String(\"example-session-queue\"),\n\t\t\tDestinations: pulumi.StringArray{\n\t\t\t\tusWest2Fleet.Arn,\n\t\t\t\teuCentral1Fleet.Arn,\n\t\t\t},\n\t\t\tNotificationTarget: pulumi.Any(gameSessionQueueNotifications.Arn),\n\t\t\tPlayerLatencyPolicies: gamelift.GameSessionQueuePlayerLatencyPolicyArray{\n\t\t\t\t\u0026gamelift.GameSessionQueuePlayerLatencyPolicyArgs{\n\t\t\t\t\tMaximumIndividualPlayerLatencyMilliseconds: pulumi.Int(100),\n\t\t\t\t\tPolicyDurationSeconds: pulumi.Int(5),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameSessionQueuePlayerLatencyPolicyArgs{\n\t\t\t\t\tMaximumIndividualPlayerLatencyMilliseconds: pulumi.Int(200),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeoutInSeconds: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameSessionQueue;\nimport com.pulumi.aws.gamelift.GameSessionQueueArgs;\nimport com.pulumi.aws.gamelift.inputs.GameSessionQueuePlayerLatencyPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new GameSessionQueue(\"test\", GameSessionQueueArgs.builder()\n .name(\"example-session-queue\")\n .destinations( \n usWest2Fleet.arn(),\n euCentral1Fleet.arn())\n .notificationTarget(gameSessionQueueNotifications.arn())\n .playerLatencyPolicies( \n GameSessionQueuePlayerLatencyPolicyArgs.builder()\n .maximumIndividualPlayerLatencyMilliseconds(100)\n .policyDurationSeconds(5)\n .build(),\n GameSessionQueuePlayerLatencyPolicyArgs.builder()\n .maximumIndividualPlayerLatencyMilliseconds(200)\n .build())\n .timeoutInSeconds(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:gamelift:GameSessionQueue\n properties:\n name: example-session-queue\n destinations:\n - ${usWest2Fleet.arn}\n - ${euCentral1Fleet.arn}\n notificationTarget: ${gameSessionQueueNotifications.arn}\n playerLatencyPolicies:\n - maximumIndividualPlayerLatencyMilliseconds: 100\n policyDurationSeconds: 5\n - maximumIndividualPlayerLatencyMilliseconds: 200\n timeoutInSeconds: 60\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Game Session Queues using their `name`. For example:\n\n```sh\n$ pulumi import aws:gamelift/gameSessionQueue:GameSessionQueue example example\n```\n", "properties": { "arn": { "type": "string", "description": "Game Session Queue ARN.\n" }, "customEventData": { "type": "string", "description": "Information to be added to all events that are related to this game session queue.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n" }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive game session placement notifications.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "customEventData": { "type": "string", "description": "Information to be added to all events that are related to this game session queue.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n", "willReplaceOnChanges": true }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive game session placement notifications.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering GameSessionQueue resources.\n", "properties": { "arn": { "type": "string", "description": "Game Session Queue ARN.\n" }, "customEventData": { "type": "string", "description": "Information to be added to all events that are related to this game session queue.\n" }, "destinations": { "type": "array", "items": { "type": "string" }, "description": "List of fleet/alias ARNs used by session queue for placing game sessions.\n" }, "name": { "type": "string", "description": "Name of the session queue.\n", "willReplaceOnChanges": true }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive game session placement notifications.\n" }, "playerLatencyPolicies": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/GameSessionQueuePlayerLatencyPolicy:GameSessionQueuePlayerLatencyPolicy" }, "description": "One or more policies used to choose fleet based on player latency. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeoutInSeconds": { "type": "integer", "description": "Maximum time a game session request can remain in the queue.\n" } }, "type": "object" } }, "aws:gamelift/matchmakingConfiguration:MatchmakingConfiguration": { "description": "Provides a GameLift Alias resource.\n\n## Import\n\nGameLift Matchmaking Configurations can be imported using the ID, e.g.,\n\n```sh\n$ pulumi import aws:gamelift/matchmakingConfiguration:MatchmakingConfiguration example \u003cmatchmakingconfiguration-id\u003e\n```\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Specifies if the match that was created with this configuration must be accepted by matched players.\n" }, "acceptanceTimeoutSeconds": { "type": "integer", "description": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.\n" }, "additionalPlayerCount": { "type": "integer", "description": "The number of player slots in a match to keep open for future players.\n" }, "arn": { "type": "string", "description": "Matchmaking Configuration ARN.\n" }, "backfillMode": { "type": "string", "description": "The method used to backfill game sessions that are created with this matchmaking configuration.\n" }, "creationTime": { "type": "string", "description": "The time when the Matchmaking Configuration was created.\n" }, "customEventData": { "type": "string", "description": "Information to be added to all events related to this matchmaking configuration.\n" }, "description": { "type": "string", "description": "A human-readable description of the matchmaking configuration.\n" }, "flexMatchMode": { "type": "string", "description": "Indicates whether this matchmaking configuration is being used with GameLift hosting or as a standalone matchmaking solution.\n" }, "gameProperties": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/MatchmakingConfigurationGameProperty:MatchmakingConfigurationGameProperty" }, "description": "One or more custom game properties. See below.\n" }, "gameSessionData": { "type": "string", "description": "A set of custom game session properties.\n" }, "gameSessionQueueArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the GameLift game session queue resources.\n" }, "name": { "type": "string", "description": "Name of the matchmaking configuration\n" }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive matchmaking notifications.\n" }, "requestTimeoutSeconds": { "type": "integer", "description": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out.\n" }, "ruleSetArn": { "type": "string" }, "ruleSetName": { "type": "string", "description": "A rule set names for the matchmaking rule set to use with this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "creationTime", "flexMatchMode", "name", "requestTimeoutSeconds", "ruleSetArn", "ruleSetName", "tagsAll" ], "inputProperties": { "acceptanceRequired": { "type": "boolean", "description": "Specifies if the match that was created with this configuration must be accepted by matched players.\n" }, "acceptanceTimeoutSeconds": { "type": "integer", "description": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.\n" }, "additionalPlayerCount": { "type": "integer", "description": "The number of player slots in a match to keep open for future players.\n" }, "backfillMode": { "type": "string", "description": "The method used to backfill game sessions that are created with this matchmaking configuration.\n" }, "customEventData": { "type": "string", "description": "Information to be added to all events related to this matchmaking configuration.\n" }, "description": { "type": "string", "description": "A human-readable description of the matchmaking configuration.\n" }, "flexMatchMode": { "type": "string", "description": "Indicates whether this matchmaking configuration is being used with GameLift hosting or as a standalone matchmaking solution.\n" }, "gameProperties": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/MatchmakingConfigurationGameProperty:MatchmakingConfigurationGameProperty" }, "description": "One or more custom game properties. See below.\n" }, "gameSessionData": { "type": "string", "description": "A set of custom game session properties.\n" }, "gameSessionQueueArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the GameLift game session queue resources.\n" }, "name": { "type": "string", "description": "Name of the matchmaking configuration\n", "willReplaceOnChanges": true }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive matchmaking notifications.\n" }, "requestTimeoutSeconds": { "type": "integer", "description": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out.\n" }, "ruleSetName": { "type": "string", "description": "A rule set names for the matchmaking rule set to use with this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "requestTimeoutSeconds", "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering MatchmakingConfiguration resources.\n", "properties": { "acceptanceRequired": { "type": "boolean", "description": "Specifies if the match that was created with this configuration must be accepted by matched players.\n" }, "acceptanceTimeoutSeconds": { "type": "integer", "description": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.\n" }, "additionalPlayerCount": { "type": "integer", "description": "The number of player slots in a match to keep open for future players.\n" }, "arn": { "type": "string", "description": "Matchmaking Configuration ARN.\n" }, "backfillMode": { "type": "string", "description": "The method used to backfill game sessions that are created with this matchmaking configuration.\n" }, "creationTime": { "type": "string", "description": "The time when the Matchmaking Configuration was created.\n" }, "customEventData": { "type": "string", "description": "Information to be added to all events related to this matchmaking configuration.\n" }, "description": { "type": "string", "description": "A human-readable description of the matchmaking configuration.\n" }, "flexMatchMode": { "type": "string", "description": "Indicates whether this matchmaking configuration is being used with GameLift hosting or as a standalone matchmaking solution.\n" }, "gameProperties": { "type": "array", "items": { "$ref": "#/types/aws:gamelift/MatchmakingConfigurationGameProperty:MatchmakingConfigurationGameProperty" }, "description": "One or more custom game properties. See below.\n" }, "gameSessionData": { "type": "string", "description": "A set of custom game session properties.\n" }, "gameSessionQueueArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the GameLift game session queue resources.\n" }, "name": { "type": "string", "description": "Name of the matchmaking configuration\n", "willReplaceOnChanges": true }, "notificationTarget": { "type": "string", "description": "An SNS topic ARN that is set up to receive matchmaking notifications.\n" }, "requestTimeoutSeconds": { "type": "integer", "description": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out.\n" }, "ruleSetArn": { "type": "string" }, "ruleSetName": { "type": "string", "description": "A rule set names for the matchmaking rule set to use with this configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "deprecationMessage": "This resource will be removed in the next major version. Consider using https://www.pulumi.com/registry/packages/aws-native/api-docs/gamelift/matchmakingconfiguration/ instead" }, "aws:gamelift/matchmakingRuleSet:MatchmakingRuleSet": { "description": "Provides a GameLift Matchmaking Rule Set resources.\n\n## Import\n\nGameLift Matchmaking Rule Sets can be imported using the ID, e.g.,\n\n```sh\n$ pulumi import aws:gamelift/matchmakingRuleSet:MatchmakingRuleSet example \u003cruleset-id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "Rule Set ARN.\n" }, "name": { "type": "string", "description": "Name of the matchmaking rule set.\n" }, "ruleSetBody": { "type": "string", "description": "JSON encoded string containing rule set data.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "ruleSetBody", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the matchmaking rule set.\n", "willReplaceOnChanges": true }, "ruleSetBody": { "type": "string", "description": "JSON encoded string containing rule set data.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "ruleSetBody" ], "stateInputs": { "description": "Input properties used for looking up and filtering MatchmakingRuleSet resources.\n", "properties": { "arn": { "type": "string", "description": "Rule Set ARN.\n" }, "name": { "type": "string", "description": "Name of the matchmaking rule set.\n", "willReplaceOnChanges": true }, "ruleSetBody": { "type": "string", "description": "JSON encoded string containing rule set data.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "deprecationMessage": "This resource will be removed in the next major version.Consider using https://www.pulumi.com/registry/packages/aws-native/api-docs/gamelift/matchmakingruleset/ instead" }, "aws:gamelift/script:Script": { "description": "Provides an GameLift Script resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.Script(\"example\", {\n name: \"example-script\",\n storageLocation: {\n bucket: exampleAwsS3Bucket.id,\n key: exampleAwsS3Object.key,\n roleArn: exampleAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.Script(\"example\",\n name=\"example-script\",\n storage_location={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": example_aws_s3_object[\"key\"],\n \"role_arn\": example_aws_iam_role[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.Script(\"example\", new()\n {\n Name = \"example-script\",\n StorageLocation = new Aws.GameLift.Inputs.ScriptStorageLocationArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = exampleAwsS3Object.Key,\n RoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewScript(ctx, \"example\", \u0026gamelift.ScriptArgs{\n\t\t\tName: pulumi.String(\"example-script\"),\n\t\t\tStorageLocation: \u0026gamelift.ScriptStorageLocationArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.Script;\nimport com.pulumi.aws.gamelift.ScriptArgs;\nimport com.pulumi.aws.gamelift.inputs.ScriptStorageLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Script(\"example\", ScriptArgs.builder()\n .name(\"example-script\")\n .storageLocation(ScriptStorageLocationArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(exampleAwsS3Object.key())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:Script\n properties:\n name: example-script\n storageLocation:\n bucket: ${exampleAwsS3Bucket.id}\n key: ${exampleAwsS3Object.key}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Scripts using the ID. For example:\n\n```sh\n$ pulumi import aws:gamelift/script:Script example \u003cscript-id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "GameLift Script ARN.\n" }, "name": { "type": "string", "description": "Name of the script\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/ScriptStorageLocation:ScriptStorageLocation", "description": "Information indicating where your game script files are stored. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version that is associated with this script.\n" }, "zipFile": { "type": "string", "description": "A data object containing your Realtime scripts and dependencies as a zip file. The zip file can have one or multiple files. Maximum size of a zip file is 5 MB.\n" } }, "required": [ "arn", "name", "storageLocation", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the script\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/ScriptStorageLocation:ScriptStorageLocation", "description": "Information indicating where your game script files are stored. See below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "version": { "type": "string", "description": "Version that is associated with this script.\n" }, "zipFile": { "type": "string", "description": "A data object containing your Realtime scripts and dependencies as a zip file. The zip file can have one or multiple files. Maximum size of a zip file is 5 MB.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Script resources.\n", "properties": { "arn": { "type": "string", "description": "GameLift Script ARN.\n" }, "name": { "type": "string", "description": "Name of the script\n" }, "storageLocation": { "$ref": "#/types/aws:gamelift/ScriptStorageLocation:ScriptStorageLocation", "description": "Information indicating where your game script files are stored. See below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version that is associated with this script.\n" }, "zipFile": { "type": "string", "description": "A data object containing your Realtime scripts and dependencies as a zip file. The zip file can have one or multiple files. Maximum size of a zip file is 5 MB.\n" } }, "type": "object" } }, "aws:glacier/vault:Vault": { "description": "Provides a Glacier Vault Resource. You can refer to the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/working-with-vaults.html) for a full explanation of the Glacier Vault functionality\n\n\u003e **NOTE:** When removing a Glacier Vault, the Vault must be empty.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsSnsTopic = new aws.sns.Topic(\"aws_sns_topic\", {name: \"glacier-sns-topic\"});\nconst myArchive = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"add-read-only-perm\",\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\",\n ],\n resources: [\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\"],\n }],\n});\nconst myArchiveVault = new aws.glacier.Vault(\"my_archive\", {\n name: \"MyArchive\",\n notification: {\n snsTopic: awsSnsTopic.arn,\n events: [\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n ],\n },\n accessPolicy: myArchive.then(myArchive =\u003e myArchive.json),\n tags: {\n Test: \"MyArchive\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_sns_topic = aws.sns.Topic(\"aws_sns_topic\", name=\"glacier-sns-topic\")\nmy_archive = aws.iam.get_policy_document(statements=[{\n \"sid\": \"add-read-only-perm\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\",\n ],\n \"resources\": [\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\"],\n}])\nmy_archive_vault = aws.glacier.Vault(\"my_archive\",\n name=\"MyArchive\",\n notification={\n \"sns_topic\": aws_sns_topic.arn,\n \"events\": [\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n ],\n },\n access_policy=my_archive.json,\n tags={\n \"Test\": \"MyArchive\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsSnsTopic = new Aws.Sns.Topic(\"aws_sns_topic\", new()\n {\n Name = \"glacier-sns-topic\",\n });\n\n var myArchive = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"add-read-only-perm\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\",\n },\n Resources = new[]\n {\n \"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\",\n },\n },\n },\n });\n\n var myArchiveVault = new Aws.Glacier.Vault(\"my_archive\", new()\n {\n Name = \"MyArchive\",\n Notification = new Aws.Glacier.Inputs.VaultNotificationArgs\n {\n SnsTopic = awsSnsTopic.Arn,\n Events = new[]\n {\n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\",\n },\n },\n AccessPolicy = myArchive.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Tags = \n {\n { \"Test\", \"MyArchive\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tawsSnsTopic, err := sns.NewTopic(ctx, \"aws_sns_topic\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"glacier-sns-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyArchive, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"add-read-only-perm\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"*\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"glacier:InitiateJob\",\n\t\t\t\t\t\t\"glacier:GetJobOutput\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glacier.NewVault(ctx, \"my_archive\", \u0026glacier.VaultArgs{\n\t\t\tName: pulumi.String(\"MyArchive\"),\n\t\t\tNotification: \u0026glacier.VaultNotificationArgs{\n\t\t\t\tSnsTopic: awsSnsTopic.Arn,\n\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"ArchiveRetrievalCompleted\"),\n\t\t\t\t\tpulumi.String(\"InventoryRetrievalCompleted\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAccessPolicy: pulumi.String(myArchive.Json),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Test\": pulumi.String(\"MyArchive\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.glacier.Vault;\nimport com.pulumi.aws.glacier.VaultArgs;\nimport com.pulumi.aws.glacier.inputs.VaultNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var awsSnsTopic = new Topic(\"awsSnsTopic\", TopicArgs.builder()\n .name(\"glacier-sns-topic\")\n .build());\n\n final var myArchive = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"add-read-only-perm\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions( \n \"glacier:InitiateJob\",\n \"glacier:GetJobOutput\")\n .resources(\"arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\")\n .build())\n .build());\n\n var myArchiveVault = new Vault(\"myArchiveVault\", VaultArgs.builder()\n .name(\"MyArchive\")\n .notification(VaultNotificationArgs.builder()\n .snsTopic(awsSnsTopic.arn())\n .events( \n \"ArchiveRetrievalCompleted\",\n \"InventoryRetrievalCompleted\")\n .build())\n .accessPolicy(myArchive.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .tags(Map.of(\"Test\", \"MyArchive\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsSnsTopic:\n type: aws:sns:Topic\n name: aws_sns_topic\n properties:\n name: glacier-sns-topic\n myArchiveVault:\n type: aws:glacier:Vault\n name: my_archive\n properties:\n name: MyArchive\n notification:\n snsTopic: ${awsSnsTopic.arn}\n events:\n - ArchiveRetrievalCompleted\n - InventoryRetrievalCompleted\n accessPolicy: ${myArchive.json}\n tags:\n Test: MyArchive\nvariables:\n myArchive:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: add-read-only-perm\n effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - glacier:InitiateJob\n - glacier:GetJobOutput\n resources:\n - arn:aws:glacier:eu-west-1:432981146916:vaults/MyArchive\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glacier Vaults using the `name`. For example:\n\n```sh\n$ pulumi import aws:glacier/vault:Vault archive my_archive\n```\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "location": { "type": "string", "description": "The URI of the vault that was created.\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n" }, "notification": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification", "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "location", "name", "tagsAll" ], "inputProperties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n", "willReplaceOnChanges": true }, "notification": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification", "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Vault resources.\n", "properties": { "accessPolicy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\nThe heredoc syntax or `file` function is helpful here. Use the [Glacier Developer Guide](https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-access-policy.html) for more information on Glacier Vault Policy\n" }, "arn": { "type": "string", "description": "The ARN of the vault.\n" }, "location": { "type": "string", "description": "The URI of the vault that was created.\n" }, "name": { "type": "string", "description": "The name of the Vault. Names can be between 1 and 255 characters long and the valid characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), and '.' (period).\n", "willReplaceOnChanges": true }, "notification": { "$ref": "#/types/aws:glacier/VaultNotification:VaultNotification", "description": "The notifications for the Vault. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:glacier/vaultLock:VaultLock": { "description": "## Example Usage\n\n### Testing Glacier Vault Lock Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVault = new aws.glacier.Vault(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"glacier:DeleteArchive\"],\n effect: \"Deny\",\n resources: [exampleVault.arn],\n conditions: [{\n test: \"NumericLessThanEquals\",\n variable: \"glacier:ArchiveAgeinDays\",\n values: [\"365\"],\n }],\n }],\n});\nconst exampleVaultLock = new aws.glacier.VaultLock(\"example\", {\n completeLock: false,\n policy: example.apply(example =\u003e example.json),\n vaultName: exampleVault.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vault = aws.glacier.Vault(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"glacier:DeleteArchive\"],\n \"effect\": \"Deny\",\n \"resources\": [example_vault.arn],\n \"conditions\": [{\n \"test\": \"NumericLessThanEquals\",\n \"variable\": \"glacier:ArchiveAgeinDays\",\n \"values\": [\"365\"],\n }],\n}])\nexample_vault_lock = aws.glacier.VaultLock(\"example\",\n complete_lock=False,\n policy=example.json,\n vault_name=example_vault.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVault = new Aws.Glacier.Vault(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"glacier:DeleteArchive\",\n },\n Effect = \"Deny\",\n Resources = new[]\n {\n exampleVault.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"NumericLessThanEquals\",\n Variable = \"glacier:ArchiveAgeinDays\",\n Values = new[]\n {\n \"365\",\n },\n },\n },\n },\n },\n });\n\n var exampleVaultLock = new Aws.Glacier.VaultLock(\"example\", new()\n {\n CompleteLock = false,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n VaultName = exampleVault.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVault, err := glacier.NewVault(ctx, \"example\", \u0026glacier.VaultArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"glacier:DeleteArchive\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Deny\"),\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleVault.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"NumericLessThanEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"glacier:ArchiveAgeinDays\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"365\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = glacier.NewVaultLock(ctx, \"example\", \u0026glacier.VaultLockArgs{\n\t\t\tCompleteLock: pulumi.Bool(false),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tVaultName: exampleVault.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glacier.Vault;\nimport com.pulumi.aws.glacier.VaultArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.glacier.VaultLock;\nimport com.pulumi.aws.glacier.VaultLockArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVault = new Vault(\"exampleVault\", VaultArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"glacier:DeleteArchive\")\n .effect(\"Deny\")\n .resources(exampleVault.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"NumericLessThanEquals\")\n .variable(\"glacier:ArchiveAgeinDays\")\n .values(\"365\")\n .build())\n .build())\n .build());\n\n var exampleVaultLock = new VaultLock(\"exampleVaultLock\", VaultLockArgs.builder()\n .completeLock(false)\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .vaultName(exampleVault.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVault:\n type: aws:glacier:Vault\n name: example\n properties:\n name: example\n exampleVaultLock:\n type: aws:glacier:VaultLock\n name: example\n properties:\n completeLock: false\n policy: ${example.json}\n vaultName: ${exampleVault.name}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - glacier:DeleteArchive\n effect: Deny\n resources:\n - ${exampleVault.arn}\n conditions:\n - test: NumericLessThanEquals\n variable: glacier:ArchiveAgeinDays\n values:\n - '365'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Permanently Applying Glacier Vault Lock Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glacier.VaultLock(\"example\", {\n completeLock: true,\n policy: exampleAwsIamPolicyDocument.json,\n vaultName: exampleAwsGlacierVault.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glacier.VaultLock(\"example\",\n complete_lock=True,\n policy=example_aws_iam_policy_document[\"json\"],\n vault_name=example_aws_glacier_vault[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glacier.VaultLock(\"example\", new()\n {\n CompleteLock = true,\n Policy = exampleAwsIamPolicyDocument.Json,\n VaultName = exampleAwsGlacierVault.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glacier\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glacier.NewVaultLock(ctx, \"example\", \u0026glacier.VaultLockArgs{\n\t\t\tCompleteLock: pulumi.Bool(true),\n\t\t\tPolicy: pulumi.Any(exampleAwsIamPolicyDocument.Json),\n\t\t\tVaultName: pulumi.Any(exampleAwsGlacierVault.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glacier.VaultLock;\nimport com.pulumi.aws.glacier.VaultLockArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VaultLock(\"example\", VaultLockArgs.builder()\n .completeLock(true)\n .policy(exampleAwsIamPolicyDocument.json())\n .vaultName(exampleAwsGlacierVault.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glacier:VaultLock\n properties:\n completeLock: true\n policy: ${exampleAwsIamPolicyDocument.json}\n vaultName: ${exampleAwsGlacierVault.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glacier Vault Locks using the Glacier Vault name. For example:\n\n```sh\n$ pulumi import aws:glacier/vaultLock:VaultLock example example-vault\n```\n", "properties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n" }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n" }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n" } }, "required": [ "completeLock", "policy", "vaultName" ], "inputProperties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n", "willReplaceOnChanges": true }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n", "willReplaceOnChanges": true }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "completeLock", "policy", "vaultName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VaultLock resources.\n", "properties": { "completeLock": { "type": "boolean", "description": "Boolean whether to permanently apply this Glacier Lock Policy. Once completed, this cannot be undone. If set to `false`, the Glacier Lock Policy remains in a testing mode for 24 hours. After that time, the Glacier Lock Policy is automatically removed by Glacier and the this provider resource will show as needing recreation. Changing this from `false` to `true` will show as resource recreation, which is expected. Changing this from `true` to `false` is not possible unless the Glacier Vault is recreated at the same time.\n", "willReplaceOnChanges": true }, "ignoreDeletionError": { "type": "boolean", "description": "Allow this provider to ignore the error returned when attempting to delete the Glacier Lock Policy. This can be used to delete or recreate the Glacier Vault via this provider, for example, if the Glacier Vault Lock policy permits that action. This should only be used in conjunction with `complete_lock` being set to `true`.\n" }, "policy": { "type": "string", "description": "JSON string containing the IAM policy to apply as the Glacier Vault Lock policy.\n", "willReplaceOnChanges": true }, "vaultName": { "type": "string", "description": "The name of the Glacier Vault.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:globalaccelerator/accelerator:Accelerator": { "description": "Creates a Global Accelerator accelerator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.Accelerator(\"example\", {\n name: \"Example\",\n ipAddressType: \"IPV4\",\n ipAddresses: [\"1.2.3.4\"],\n enabled: true,\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.Accelerator(\"example\",\n name=\"Example\",\n ip_address_type=\"IPV4\",\n ip_addresses=[\"1.2.3.4\"],\n enabled=True,\n attributes={\n \"flow_logs_enabled\": True,\n \"flow_logs_s3_bucket\": \"example-bucket\",\n \"flow_logs_s3_prefix\": \"flow-logs/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.Accelerator(\"example\", new()\n {\n Name = \"Example\",\n IpAddressType = \"IPV4\",\n IpAddresses = new[]\n {\n \"1.2.3.4\",\n },\n Enabled = true,\n Attributes = new Aws.GlobalAccelerator.Inputs.AcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewAccelerator(ctx, \"example\", \u0026globalaccelerator.AcceleratorArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\tIpAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.2.3.4\"),\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tAttributes: \u0026globalaccelerator.AcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.Accelerator;\nimport com.pulumi.aws.globalaccelerator.AcceleratorArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.AcceleratorAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Accelerator(\"example\", AcceleratorArgs.builder()\n .name(\"Example\")\n .ipAddressType(\"IPV4\")\n .ipAddresses(\"1.2.3.4\")\n .enabled(true)\n .attributes(AcceleratorAttributesArgs.builder()\n .flowLogsEnabled(true)\n .flowLogsS3Bucket(\"example-bucket\")\n .flowLogsS3Prefix(\"flow-logs/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:Accelerator\n properties:\n name: Example\n ipAddressType: IPV4\n ipAddresses:\n - 1.2.3.4\n enabled: true\n attributes:\n flowLogsEnabled: true\n flowLogsS3Bucket: example-bucket\n flowLogsS3Prefix: flow-logs/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator accelerators using the `arn`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/accelerator:Accelerator example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\n```\n", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n" }, "dualStackDnsName": { "type": "string", "description": "The Domain Name System (DNS) name that Global Accelerator creates that points to a dual-stack accelerator's four static IP addresses: two IPv4 addresses and two IPv6 addresses. For example, `a1234567890abcdef.dualstack.awsglobalaccelerator.com`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "hostedZoneId": { "type": "string", "description": "- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "ipAddressType": { "type": "string", "description": "The value for the address type. Defaults to `IPV4`. Valid values: `IPV4`, `DUAL_STACK`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n" }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "dnsName", "dualStackDnsName", "hostedZoneId", "ipSets", "name", "tagsAll" ], "inputProperties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "ipAddressType": { "type": "string", "description": "The value for the address type. Defaults to `IPV4`. Valid values: `IPV4`, `DUAL_STACK`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Accelerator resources.\n", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/AcceleratorAttributes:AcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n" }, "dualStackDnsName": { "type": "string", "description": "The Domain Name System (DNS) name that Global Accelerator creates that points to a dual-stack accelerator's four static IP addresses: two IPv4 addresses and two IPv6 addresses. For example, `a1234567890abcdef.dualstack.awsglobalaccelerator.com`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "hostedZoneId": { "type": "string", "description": "- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "ipAddressType": { "type": "string", "description": "The value for the address type. Defaults to `IPV4`. Valid values: `IPV4`, `DUAL_STACK`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n", "willReplaceOnChanges": true }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/AcceleratorIpSet:AcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:globalaccelerator/crossAccountAttachment:CrossAccountAttachment": { "description": "Resource for managing an AWS Global Accelerator Cross Account Attachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.CrossAccountAttachment(\"example\", {name: \"example-cross-account-attachment\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.CrossAccountAttachment(\"example\", name=\"example-cross-account-attachment\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.CrossAccountAttachment(\"example\", new()\n {\n Name = \"example-cross-account-attachment\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewCrossAccountAttachment(ctx, \"example\", \u0026globalaccelerator.CrossAccountAttachmentArgs{\n\t\t\tName: pulumi.String(\"example-cross-account-attachment\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.CrossAccountAttachment;\nimport com.pulumi.aws.globalaccelerator.CrossAccountAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CrossAccountAttachment(\"example\", CrossAccountAttachmentArgs.builder()\n .name(\"example-cross-account-attachment\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:CrossAccountAttachment\n properties:\n name: example-cross-account-attachment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Optional Arguments\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.CrossAccountAttachment(\"example\", {\n name: \"example-cross-account-attachment\",\n principals: [\"123456789012\"],\n resources: [{\n endpointId: \"arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\",\n region: \"us-west-2\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.CrossAccountAttachment(\"example\",\n name=\"example-cross-account-attachment\",\n principals=[\"123456789012\"],\n resources=[{\n \"endpoint_id\": \"arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\",\n \"region\": \"us-west-2\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.CrossAccountAttachment(\"example\", new()\n {\n Name = \"example-cross-account-attachment\",\n Principals = new[]\n {\n \"123456789012\",\n },\n Resources = new[]\n {\n new Aws.GlobalAccelerator.Inputs.CrossAccountAttachmentResourceArgs\n {\n EndpointId = \"arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\",\n Region = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewCrossAccountAttachment(ctx, \"example\", \u0026globalaccelerator.CrossAccountAttachmentArgs{\n\t\t\tName: pulumi.String(\"example-cross-account-attachment\"),\n\t\t\tPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tResources: globalaccelerator.CrossAccountAttachmentResourceArray{\n\t\t\t\t\u0026globalaccelerator.CrossAccountAttachmentResourceArgs{\n\t\t\t\t\tEndpointId: pulumi.String(\"arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\"),\n\t\t\t\t\tRegion: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.CrossAccountAttachment;\nimport com.pulumi.aws.globalaccelerator.CrossAccountAttachmentArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CrossAccountAttachmentResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CrossAccountAttachment(\"example\", CrossAccountAttachmentArgs.builder()\n .name(\"example-cross-account-attachment\")\n .principals(\"123456789012\")\n .resources(CrossAccountAttachmentResourceArgs.builder()\n .endpointId(\"arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\")\n .region(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:CrossAccountAttachment\n properties:\n name: example-cross-account-attachment\n principals:\n - '123456789012'\n resources:\n - endpointId: arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\n region: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator Cross Account Attachment using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/crossAccountAttachment:CrossAccountAttachment example arn:aws:globalaccelerator::012345678910:attachment/01234567-abcd-8910-efgh-123456789012\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Cross Account Attachment.\n" }, "createdTime": { "type": "string", "description": "Creation Time when the Cross Account Attachment.\n" }, "lastModifiedTime": { "type": "string", "description": "Last modified time of the Cross Account Attachment.\n" }, "name": { "type": "string", "description": "Name of the Cross Account Attachment.\n\nThe following arguments are optional:\n" }, "principals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account IDs that are allowed to associate resources with the accelerator.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CrossAccountAttachmentResource:CrossAccountAttachmentResource" }, "description": "List of resources to be associated with the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdTime", "lastModifiedTime", "name", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the Cross Account Attachment.\n\nThe following arguments are optional:\n" }, "principals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account IDs that are allowed to associate resources with the accelerator.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CrossAccountAttachmentResource:CrossAccountAttachmentResource" }, "description": "List of resources to be associated with the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering CrossAccountAttachment resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Cross Account Attachment.\n" }, "createdTime": { "type": "string", "description": "Creation Time when the Cross Account Attachment.\n" }, "lastModifiedTime": { "type": "string", "description": "Last modified time of the Cross Account Attachment.\n" }, "name": { "type": "string", "description": "Name of the Cross Account Attachment.\n\nThe following arguments are optional:\n" }, "principals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS account IDs that are allowed to associate resources with the accelerator.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CrossAccountAttachmentResource:CrossAccountAttachmentResource" }, "description": "List of resources to be associated with the accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:globalaccelerator/customRoutingAccelerator:CustomRoutingAccelerator": { "description": "Creates a Global Accelerator custom routing accelerator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.CustomRoutingAccelerator(\"example\", {\n name: \"Example\",\n ipAddressType: \"IPV4\",\n ipAddresses: [\"1.2.3.4\"],\n enabled: true,\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.CustomRoutingAccelerator(\"example\",\n name=\"Example\",\n ip_address_type=\"IPV4\",\n ip_addresses=[\"1.2.3.4\"],\n enabled=True,\n attributes={\n \"flow_logs_enabled\": True,\n \"flow_logs_s3_bucket\": \"example-bucket\",\n \"flow_logs_s3_prefix\": \"flow-logs/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.CustomRoutingAccelerator(\"example\", new()\n {\n Name = \"Example\",\n IpAddressType = \"IPV4\",\n IpAddresses = new[]\n {\n \"1.2.3.4\",\n },\n Enabled = true,\n Attributes = new Aws.GlobalAccelerator.Inputs.CustomRoutingAcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewCustomRoutingAccelerator(ctx, \"example\", \u0026globalaccelerator.CustomRoutingAcceleratorArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\tIpAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.2.3.4\"),\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tAttributes: \u0026globalaccelerator.CustomRoutingAcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingAccelerator;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingAcceleratorArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CustomRoutingAcceleratorAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomRoutingAccelerator(\"example\", CustomRoutingAcceleratorArgs.builder()\n .name(\"Example\")\n .ipAddressType(\"IPV4\")\n .ipAddresses(\"1.2.3.4\")\n .enabled(true)\n .attributes(CustomRoutingAcceleratorAttributesArgs.builder()\n .flowLogsEnabled(true)\n .flowLogsS3Bucket(\"example-bucket\")\n .flowLogsS3Prefix(\"flow-logs/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:CustomRoutingAccelerator\n properties:\n name: Example\n ipAddressType: IPV4\n ipAddresses:\n - 1.2.3.4\n enabled: true\n attributes:\n flowLogsEnabled: true\n flowLogsS3Bucket: example-bucket\n flowLogsS3Prefix: flow-logs/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator custom routing accelerators using the `arn`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/customRoutingAccelerator:CustomRoutingAccelerator example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\n```\n", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingAcceleratorAttributes:CustomRoutingAcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "hostedZoneId": { "type": "string", "description": "- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type that an accelerator supports. For a custom routing accelerator, the value must be `\"IPV4\"`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n" }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingAcceleratorIpSet:CustomRoutingAcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of a custom routing accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "dnsName", "hostedZoneId", "ipSets", "name", "tagsAll" ], "inputProperties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingAcceleratorAttributes:CustomRoutingAcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type that an accelerator supports. For a custom routing accelerator, the value must be `\"IPV4\"`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of a custom routing accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering CustomRoutingAccelerator resources.\n", "properties": { "attributes": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingAcceleratorAttributes:CustomRoutingAcceleratorAttributes", "description": "The attributes of the accelerator. Fields documented below.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the accelerator. For example, `a5d53ff5ee6bca4ce.awsglobalaccelerator.com`.\n" }, "enabled": { "type": "boolean", "description": "Indicates whether the accelerator is enabled. Defaults to `true`. Valid values: `true`, `false`.\n" }, "hostedZoneId": { "type": "string", "description": "- The Global Accelerator Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html) to the Global Accelerator. This attribute\nis simply an alias for the zone ID `Z2BJ6XQ5FK7U4H`.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type that an accelerator supports. For a custom routing accelerator, the value must be `\"IPV4\"`.\n" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses to use for BYOIP accelerators. If not specified, the service assigns IP addresses. Valid values: 1 or 2 IPv4 addresses.\n", "willReplaceOnChanges": true }, "ipSets": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingAcceleratorIpSet:CustomRoutingAcceleratorIpSet" }, "description": "IP address set associated with the accelerator.\n" }, "name": { "type": "string", "description": "The name of a custom routing accelerator.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:globalaccelerator/customRoutingEndpointGroup:CustomRoutingEndpointGroup": { "description": "Provides a Global Accelerator custom routing endpoint group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.CustomRoutingEndpointGroup(\"example\", {\n listenerArn: exampleAwsGlobalacceleratorCustomRoutingListener.id,\n destinationConfigurations: [{\n fromPort: 80,\n toPort: 8080,\n protocols: [\"TCP\"],\n }],\n endpointConfigurations: [{\n endpointId: exampleAwsSubnet.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.CustomRoutingEndpointGroup(\"example\",\n listener_arn=example_aws_globalaccelerator_custom_routing_listener[\"id\"],\n destination_configurations=[{\n \"from_port\": 80,\n \"to_port\": 8080,\n \"protocols\": [\"TCP\"],\n }],\n endpoint_configurations=[{\n \"endpoint_id\": example_aws_subnet[\"id\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.CustomRoutingEndpointGroup(\"example\", new()\n {\n ListenerArn = exampleAwsGlobalacceleratorCustomRoutingListener.Id,\n DestinationConfigurations = new[]\n {\n new Aws.GlobalAccelerator.Inputs.CustomRoutingEndpointGroupDestinationConfigurationArgs\n {\n FromPort = 80,\n ToPort = 8080,\n Protocols = new[]\n {\n \"TCP\",\n },\n },\n },\n EndpointConfigurations = new[]\n {\n new Aws.GlobalAccelerator.Inputs.CustomRoutingEndpointGroupEndpointConfigurationArgs\n {\n EndpointId = exampleAwsSubnet.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewCustomRoutingEndpointGroup(ctx, \"example\", \u0026globalaccelerator.CustomRoutingEndpointGroupArgs{\n\t\t\tListenerArn: pulumi.Any(exampleAwsGlobalacceleratorCustomRoutingListener.Id),\n\t\t\tDestinationConfigurations: globalaccelerator.CustomRoutingEndpointGroupDestinationConfigurationArray{\n\t\t\t\t\u0026globalaccelerator.CustomRoutingEndpointGroupDestinationConfigurationArgs{\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(8080),\n\t\t\t\t\tProtocols: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"TCP\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tEndpointConfigurations: globalaccelerator.CustomRoutingEndpointGroupEndpointConfigurationArray{\n\t\t\t\t\u0026globalaccelerator.CustomRoutingEndpointGroupEndpointConfigurationArgs{\n\t\t\t\t\tEndpointId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingEndpointGroup;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingEndpointGroupArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CustomRoutingEndpointGroupDestinationConfigurationArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CustomRoutingEndpointGroupEndpointConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomRoutingEndpointGroup(\"example\", CustomRoutingEndpointGroupArgs.builder()\n .listenerArn(exampleAwsGlobalacceleratorCustomRoutingListener.id())\n .destinationConfigurations(CustomRoutingEndpointGroupDestinationConfigurationArgs.builder()\n .fromPort(80)\n .toPort(8080)\n .protocols(\"TCP\")\n .build())\n .endpointConfigurations(CustomRoutingEndpointGroupEndpointConfigurationArgs.builder()\n .endpointId(exampleAwsSubnet.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:CustomRoutingEndpointGroup\n properties:\n listenerArn: ${exampleAwsGlobalacceleratorCustomRoutingListener.id}\n destinationConfigurations:\n - fromPort: 80\n toPort: 8080\n protocols:\n - TCP\n endpointConfigurations:\n - endpointId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator custom routing endpoint groups using the `id`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/customRoutingEndpointGroup:CustomRoutingEndpointGroup example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/listener/xxxxxxx/endpoint-group/xxxxxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom routing endpoint group.\n" }, "destinationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupDestinationConfiguration:CustomRoutingEndpointGroupDestinationConfiguration" }, "description": "The port ranges and protocols for all endpoints in a custom routing endpoint group to accept client traffic on. Fields documented below.\n" }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupEndpointConfiguration:CustomRoutingEndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the custom routing endpoint group is located.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom routing listener.\n" } }, "required": [ "arn", "destinationConfigurations", "endpointGroupRegion", "listenerArn" ], "inputProperties": { "destinationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupDestinationConfiguration:CustomRoutingEndpointGroupDestinationConfiguration" }, "description": "The port ranges and protocols for all endpoints in a custom routing endpoint group to accept client traffic on. Fields documented below.\n", "willReplaceOnChanges": true }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupEndpointConfiguration:CustomRoutingEndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n", "willReplaceOnChanges": true }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the custom routing endpoint group is located.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom routing listener.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationConfigurations", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomRoutingEndpointGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom routing endpoint group.\n" }, "destinationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupDestinationConfiguration:CustomRoutingEndpointGroupDestinationConfiguration" }, "description": "The port ranges and protocols for all endpoints in a custom routing endpoint group to accept client traffic on. Fields documented below.\n", "willReplaceOnChanges": true }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingEndpointGroupEndpointConfiguration:CustomRoutingEndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n", "willReplaceOnChanges": true }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the custom routing endpoint group is located.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom routing listener.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:globalaccelerator/customRoutingListener:CustomRoutingListener": { "description": "Provides a Global Accelerator custom routing listener.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.CustomRoutingAccelerator(\"example\", {\n name: \"Example\",\n ipAddressType: \"IPV4\",\n enabled: true,\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n});\nconst exampleCustomRoutingListener = new aws.globalaccelerator.CustomRoutingListener(\"example\", {\n acceleratorArn: example.id,\n portRanges: [{\n fromPort: 80,\n toPort: 80,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.CustomRoutingAccelerator(\"example\",\n name=\"Example\",\n ip_address_type=\"IPV4\",\n enabled=True,\n attributes={\n \"flow_logs_enabled\": True,\n \"flow_logs_s3_bucket\": \"example-bucket\",\n \"flow_logs_s3_prefix\": \"flow-logs/\",\n })\nexample_custom_routing_listener = aws.globalaccelerator.CustomRoutingListener(\"example\",\n accelerator_arn=example.id,\n port_ranges=[{\n \"from_port\": 80,\n \"to_port\": 80,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.CustomRoutingAccelerator(\"example\", new()\n {\n Name = \"Example\",\n IpAddressType = \"IPV4\",\n Enabled = true,\n Attributes = new Aws.GlobalAccelerator.Inputs.CustomRoutingAcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n });\n\n var exampleCustomRoutingListener = new Aws.GlobalAccelerator.CustomRoutingListener(\"example\", new()\n {\n AcceleratorArn = example.Id,\n PortRanges = new[]\n {\n new Aws.GlobalAccelerator.Inputs.CustomRoutingListenerPortRangeArgs\n {\n FromPort = 80,\n ToPort = 80,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := globalaccelerator.NewCustomRoutingAccelerator(ctx, \"example\", \u0026globalaccelerator.CustomRoutingAcceleratorArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tAttributes: \u0026globalaccelerator.CustomRoutingAcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = globalaccelerator.NewCustomRoutingListener(ctx, \"example\", \u0026globalaccelerator.CustomRoutingListenerArgs{\n\t\t\tAcceleratorArn: example.ID(),\n\t\t\tPortRanges: globalaccelerator.CustomRoutingListenerPortRangeArray{\n\t\t\t\t\u0026globalaccelerator.CustomRoutingListenerPortRangeArgs{\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingAccelerator;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingAcceleratorArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CustomRoutingAcceleratorAttributesArgs;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingListener;\nimport com.pulumi.aws.globalaccelerator.CustomRoutingListenerArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.CustomRoutingListenerPortRangeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomRoutingAccelerator(\"example\", CustomRoutingAcceleratorArgs.builder()\n .name(\"Example\")\n .ipAddressType(\"IPV4\")\n .enabled(true)\n .attributes(CustomRoutingAcceleratorAttributesArgs.builder()\n .flowLogsEnabled(true)\n .flowLogsS3Bucket(\"example-bucket\")\n .flowLogsS3Prefix(\"flow-logs/\")\n .build())\n .build());\n\n var exampleCustomRoutingListener = new CustomRoutingListener(\"exampleCustomRoutingListener\", CustomRoutingListenerArgs.builder()\n .acceleratorArn(example.id())\n .portRanges(CustomRoutingListenerPortRangeArgs.builder()\n .fromPort(80)\n .toPort(80)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:CustomRoutingAccelerator\n properties:\n name: Example\n ipAddressType: IPV4\n enabled: true\n attributes:\n flowLogsEnabled: true\n flowLogsS3Bucket: example-bucket\n flowLogsS3Prefix: flow-logs/\n exampleCustomRoutingListener:\n type: aws:globalaccelerator:CustomRoutingListener\n name: example\n properties:\n acceleratorArn: ${example.id}\n portRanges:\n - fromPort: 80\n toPort: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator custom routing listeners using the `id`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/customRoutingListener:CustomRoutingListener example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/listener/xxxxxxxx\n```\n", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a custom routing accelerator.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingListenerPortRange:CustomRoutingListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" } }, "required": [ "acceleratorArn", "portRanges" ], "inputProperties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a custom routing accelerator.\n", "willReplaceOnChanges": true }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingListenerPortRange:CustomRoutingListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" } }, "requiredInputs": [ "acceleratorArn", "portRanges" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomRoutingListener resources.\n", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a custom routing accelerator.\n", "willReplaceOnChanges": true }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/CustomRoutingListenerPortRange:CustomRoutingListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" } }, "type": "object" } }, "aws:globalaccelerator/endpointGroup:EndpointGroup": { "description": "Provides a Global Accelerator endpoint group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.EndpointGroup(\"example\", {\n listenerArn: exampleAwsGlobalacceleratorListener.id,\n endpointConfigurations: [{\n endpointId: exampleAwsLb.arn,\n weight: 100,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.EndpointGroup(\"example\",\n listener_arn=example_aws_globalaccelerator_listener[\"id\"],\n endpoint_configurations=[{\n \"endpoint_id\": example_aws_lb[\"arn\"],\n \"weight\": 100,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.EndpointGroup(\"example\", new()\n {\n ListenerArn = exampleAwsGlobalacceleratorListener.Id,\n EndpointConfigurations = new[]\n {\n new Aws.GlobalAccelerator.Inputs.EndpointGroupEndpointConfigurationArgs\n {\n EndpointId = exampleAwsLb.Arn,\n Weight = 100,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := globalaccelerator.NewEndpointGroup(ctx, \"example\", \u0026globalaccelerator.EndpointGroupArgs{\n\t\t\tListenerArn: pulumi.Any(exampleAwsGlobalacceleratorListener.Id),\n\t\t\tEndpointConfigurations: globalaccelerator.EndpointGroupEndpointConfigurationArray{\n\t\t\t\t\u0026globalaccelerator.EndpointGroupEndpointConfigurationArgs{\n\t\t\t\t\tEndpointId: pulumi.Any(exampleAwsLb.Arn),\n\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.EndpointGroup;\nimport com.pulumi.aws.globalaccelerator.EndpointGroupArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.EndpointGroupEndpointConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointGroup(\"example\", EndpointGroupArgs.builder()\n .listenerArn(exampleAwsGlobalacceleratorListener.id())\n .endpointConfigurations(EndpointGroupEndpointConfigurationArgs.builder()\n .endpointId(exampleAwsLb.arn())\n .weight(100)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:EndpointGroup\n properties:\n listenerArn: ${exampleAwsGlobalacceleratorListener.id}\n endpointConfigurations:\n - endpointId: ${exampleAwsLb.arn}\n weight: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator endpoint groups using the `id`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/endpointGroup:EndpointGroup example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/listener/xxxxxxx/endpoint-group/xxxxxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the endpoint group.\n" }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n" }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (`/`). the provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\nthe provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n" }, "portOverrides": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupPortOverride:EndpointGroupPortOverride" }, "description": "Override specific listener ports used to route traffic to endpoints that are part of this endpoint group. Fields documented below.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "required": [ "arn", "endpointGroupRegion", "healthCheckPath", "healthCheckPort", "listenerArn" ], "inputProperties": { "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n", "willReplaceOnChanges": true }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (`/`). the provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\nthe provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n", "willReplaceOnChanges": true }, "portOverrides": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupPortOverride:EndpointGroupPortOverride" }, "description": "Override specific listener ports used to route traffic to endpoints that are part of this endpoint group. Fields documented below.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "requiredInputs": [ "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the endpoint group.\n" }, "endpointConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupEndpointConfiguration:EndpointGroupEndpointConfiguration" }, "description": "The list of endpoint objects. Fields documented below.\n" }, "endpointGroupRegion": { "type": "string", "description": "The name of the AWS Region where the endpoint group is located.\n", "willReplaceOnChanges": true }, "healthCheckIntervalSeconds": { "type": "integer", "description": "The time—10 seconds or 30 seconds—between each health check for an endpoint. The default value is 30.\n" }, "healthCheckPath": { "type": "string", "description": "If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (`/`). the provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckPort": { "type": "integer", "description": "The port that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default port is the listener port that this endpoint group is associated with. If listener port is a list of ports, Global Accelerator uses the first port in the list.\nthe provider will only perform drift detection of its value when present in a configuration.\n" }, "healthCheckProtocol": { "type": "string", "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints that are part of this endpoint group. The default value is TCP.\n" }, "listenerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the listener.\n", "willReplaceOnChanges": true }, "portOverrides": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/EndpointGroupPortOverride:EndpointGroupPortOverride" }, "description": "Override specific listener ports used to route traffic to endpoints that are part of this endpoint group. Fields documented below.\n" }, "thresholdCount": { "type": "integer", "description": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.\n" }, "trafficDialPercentage": { "type": "number", "description": "The percentage of traffic to send to an AWS Region. Additional traffic is distributed to other endpoint groups for this listener. The default value is 100.\n" } }, "type": "object" } }, "aws:globalaccelerator/listener:Listener": { "description": "Provides a Global Accelerator listener.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.globalaccelerator.Accelerator(\"example\", {\n name: \"Example\",\n ipAddressType: \"IPV4\",\n enabled: true,\n attributes: {\n flowLogsEnabled: true,\n flowLogsS3Bucket: \"example-bucket\",\n flowLogsS3Prefix: \"flow-logs/\",\n },\n});\nconst exampleListener = new aws.globalaccelerator.Listener(\"example\", {\n acceleratorArn: example.id,\n clientAffinity: \"SOURCE_IP\",\n protocol: \"TCP\",\n portRanges: [{\n fromPort: 80,\n toPort: 80,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.globalaccelerator.Accelerator(\"example\",\n name=\"Example\",\n ip_address_type=\"IPV4\",\n enabled=True,\n attributes={\n \"flow_logs_enabled\": True,\n \"flow_logs_s3_bucket\": \"example-bucket\",\n \"flow_logs_s3_prefix\": \"flow-logs/\",\n })\nexample_listener = aws.globalaccelerator.Listener(\"example\",\n accelerator_arn=example.id,\n client_affinity=\"SOURCE_IP\",\n protocol=\"TCP\",\n port_ranges=[{\n \"from_port\": 80,\n \"to_port\": 80,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GlobalAccelerator.Accelerator(\"example\", new()\n {\n Name = \"Example\",\n IpAddressType = \"IPV4\",\n Enabled = true,\n Attributes = new Aws.GlobalAccelerator.Inputs.AcceleratorAttributesArgs\n {\n FlowLogsEnabled = true,\n FlowLogsS3Bucket = \"example-bucket\",\n FlowLogsS3Prefix = \"flow-logs/\",\n },\n });\n\n var exampleListener = new Aws.GlobalAccelerator.Listener(\"example\", new()\n {\n AcceleratorArn = example.Id,\n ClientAffinity = \"SOURCE_IP\",\n Protocol = \"TCP\",\n PortRanges = new[]\n {\n new Aws.GlobalAccelerator.Inputs.ListenerPortRangeArgs\n {\n FromPort = 80,\n ToPort = 80,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := globalaccelerator.NewAccelerator(ctx, \"example\", \u0026globalaccelerator.AcceleratorArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tAttributes: \u0026globalaccelerator.AcceleratorAttributesArgs{\n\t\t\t\tFlowLogsEnabled: pulumi.Bool(true),\n\t\t\t\tFlowLogsS3Bucket: pulumi.String(\"example-bucket\"),\n\t\t\t\tFlowLogsS3Prefix: pulumi.String(\"flow-logs/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = globalaccelerator.NewListener(ctx, \"example\", \u0026globalaccelerator.ListenerArgs{\n\t\t\tAcceleratorArn: example.ID(),\n\t\t\tClientAffinity: pulumi.String(\"SOURCE_IP\"),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tPortRanges: globalaccelerator.ListenerPortRangeArray{\n\t\t\t\t\u0026globalaccelerator.ListenerPortRangeArgs{\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.Accelerator;\nimport com.pulumi.aws.globalaccelerator.AcceleratorArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.AcceleratorAttributesArgs;\nimport com.pulumi.aws.globalaccelerator.Listener;\nimport com.pulumi.aws.globalaccelerator.ListenerArgs;\nimport com.pulumi.aws.globalaccelerator.inputs.ListenerPortRangeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Accelerator(\"example\", AcceleratorArgs.builder()\n .name(\"Example\")\n .ipAddressType(\"IPV4\")\n .enabled(true)\n .attributes(AcceleratorAttributesArgs.builder()\n .flowLogsEnabled(true)\n .flowLogsS3Bucket(\"example-bucket\")\n .flowLogsS3Prefix(\"flow-logs/\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .acceleratorArn(example.id())\n .clientAffinity(\"SOURCE_IP\")\n .protocol(\"TCP\")\n .portRanges(ListenerPortRangeArgs.builder()\n .fromPort(80)\n .toPort(80)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:globalaccelerator:Accelerator\n properties:\n name: Example\n ipAddressType: IPV4\n enabled: true\n attributes:\n flowLogsEnabled: true\n flowLogsS3Bucket: example-bucket\n flowLogsS3Prefix: flow-logs/\n exampleListener:\n type: aws:globalaccelerator:Listener\n name: example\n properties:\n acceleratorArn: ${example.id}\n clientAffinity: SOURCE_IP\n protocol: TCP\n portRanges:\n - fromPort: 80\n toPort: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Global Accelerator listeners using the `id`. For example:\n\n```sh\n$ pulumi import aws:globalaccelerator/listener:Listener example arn:aws:globalaccelerator::111111111111:accelerator/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/listener/xxxxxxxx\n```\n", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n" }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "required": [ "acceleratorArn", "portRanges", "protocol" ], "inputProperties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n", "willReplaceOnChanges": true }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "requiredInputs": [ "acceleratorArn", "portRanges", "protocol" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "acceleratorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your accelerator.\n", "willReplaceOnChanges": true }, "clientAffinity": { "type": "string", "description": "Direct all requests from a user to the same endpoint. Valid values are `NONE`, `SOURCE_IP`. Default: `NONE`. If `NONE`, Global Accelerator uses the \"five-tuple\" properties of source IP address, source port, destination IP address, destination port, and protocol to select the hash value. If `SOURCE_IP`, Global Accelerator uses the \"two-tuple\" properties of source (client) IP address and destination IP address to select the hash value.\n" }, "portRanges": { "type": "array", "items": { "$ref": "#/types/aws:globalaccelerator/ListenerPortRange:ListenerPortRange" }, "description": "The list of port ranges for the connections from clients to the accelerator. Fields documented below.\n" }, "protocol": { "type": "string", "description": "The protocol for the connections from clients to the accelerator. Valid values are `TCP`, `UDP`.\n" } }, "type": "object" } }, "aws:glue/catalogDatabase:CatalogDatabase": { "description": "Provides a Glue Catalog Database Resource. You can refer to the [Glue Developer Guide](http://docs.aws.amazon.com/glue/latest/dg/populate-data-catalog.html) for a full explanation of the Glue Data Catalog functionality\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.CatalogDatabase(\"example\", {name: \"MyCatalogDatabase\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.CatalogDatabase(\"example\", name=\"MyCatalogDatabase\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.CatalogDatabase(\"example\", new()\n {\n Name = \"MyCatalogDatabase\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCatalogDatabase(ctx, \"example\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CatalogDatabase(\"example\", CatalogDatabaseArgs.builder()\n .name(\"MyCatalogDatabase\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:CatalogDatabase\n properties:\n name: MyCatalogDatabase\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create Table Default Permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.CatalogDatabase(\"example\", {\n name: \"MyCatalogDatabase\",\n createTableDefaultPermissions: [{\n permissions: [\"SELECT\"],\n principal: {\n dataLakePrincipalIdentifier: \"IAM_ALLOWED_PRINCIPALS\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.CatalogDatabase(\"example\",\n name=\"MyCatalogDatabase\",\n create_table_default_permissions=[{\n \"permissions\": [\"SELECT\"],\n \"principal\": {\n \"data_lake_principal_identifier\": \"IAM_ALLOWED_PRINCIPALS\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.CatalogDatabase(\"example\", new()\n {\n Name = \"MyCatalogDatabase\",\n CreateTableDefaultPermissions = new[]\n {\n new Aws.Glue.Inputs.CatalogDatabaseCreateTableDefaultPermissionArgs\n {\n Permissions = new[]\n {\n \"SELECT\",\n },\n Principal = new Aws.Glue.Inputs.CatalogDatabaseCreateTableDefaultPermissionPrincipalArgs\n {\n DataLakePrincipalIdentifier = \"IAM_ALLOWED_PRINCIPALS\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCatalogDatabase(ctx, \"example\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t\tCreateTableDefaultPermissions: glue.CatalogDatabaseCreateTableDefaultPermissionArray{\n\t\t\t\t\u0026glue.CatalogDatabaseCreateTableDefaultPermissionArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SELECT\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: \u0026glue.CatalogDatabaseCreateTableDefaultPermissionPrincipalArgs{\n\t\t\t\t\t\tDataLakePrincipalIdentifier: pulumi.String(\"IAM_ALLOWED_PRINCIPALS\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.inputs.CatalogDatabaseCreateTableDefaultPermissionArgs;\nimport com.pulumi.aws.glue.inputs.CatalogDatabaseCreateTableDefaultPermissionPrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CatalogDatabase(\"example\", CatalogDatabaseArgs.builder()\n .name(\"MyCatalogDatabase\")\n .createTableDefaultPermissions(CatalogDatabaseCreateTableDefaultPermissionArgs.builder()\n .permissions(\"SELECT\")\n .principal(CatalogDatabaseCreateTableDefaultPermissionPrincipalArgs.builder()\n .dataLakePrincipalIdentifier(\"IAM_ALLOWED_PRINCIPALS\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:CatalogDatabase\n properties:\n name: MyCatalogDatabase\n createTableDefaultPermissions:\n - permissions:\n - SELECT\n principal:\n dataLakePrincipalIdentifier: IAM_ALLOWED_PRINCIPALS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Catalog Databases using the `catalog_id:name`. If you have not set a Catalog ID specify the AWS Account ID that the database is in. For example:\n\n```sh\n$ pulumi import aws:glue/catalogDatabase:CatalogDatabase database 123456789012:my_database\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Catalog Database.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n" }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogDatabaseCreateTableDefaultPermission:CatalogDatabaseCreateTableDefaultPermission" }, "description": "Creates a set of default permissions on the table for principals. See `create_table_default_permission` below.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "federatedDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseFederatedDatabase:CatalogDatabaseFederatedDatabase", "description": "Configuration block that references an entity outside the AWS Glue Data Catalog. See `federated_database` below.\n" }, "locationUri": { "type": "string", "description": "Location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "Name of the database. The acceptable characters are lowercase letters, numbers, and the underscore character.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs that define parameters and properties of the database.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseTargetDatabase:CatalogDatabaseTargetDatabase", "description": "Configuration block for a target database for resource linking. See `target_database` below.\n" } }, "required": [ "arn", "catalogId", "createTableDefaultPermissions", "locationUri", "name", "tagsAll" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogDatabaseCreateTableDefaultPermission:CatalogDatabaseCreateTableDefaultPermission" }, "description": "Creates a set of default permissions on the table for principals. See `create_table_default_permission` below.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "federatedDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseFederatedDatabase:CatalogDatabaseFederatedDatabase", "description": "Configuration block that references an entity outside the AWS Glue Data Catalog. See `federated_database` below.\n" }, "locationUri": { "type": "string", "description": "Location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "Name of the database. The acceptable characters are lowercase letters, numbers, and the underscore character.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs that define parameters and properties of the database.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseTargetDatabase:CatalogDatabaseTargetDatabase", "description": "Configuration block for a target database for resource linking. See `target_database` below.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering CatalogDatabase resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Catalog Database.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the database in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogDatabaseCreateTableDefaultPermission:CatalogDatabaseCreateTableDefaultPermission" }, "description": "Creates a set of default permissions on the table for principals. See `create_table_default_permission` below.\n" }, "description": { "type": "string", "description": "Description of the database.\n" }, "federatedDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseFederatedDatabase:CatalogDatabaseFederatedDatabase", "description": "Configuration block that references an entity outside the AWS Glue Data Catalog. See `federated_database` below.\n" }, "locationUri": { "type": "string", "description": "Location of the database (for example, an HDFS path).\n" }, "name": { "type": "string", "description": "Name of the database. The acceptable characters are lowercase letters, numbers, and the underscore character.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of key-value pairs that define parameters and properties of the database.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetDatabase": { "$ref": "#/types/aws:glue/CatalogDatabaseTargetDatabase:CatalogDatabaseTargetDatabase", "description": "Configuration block for a target database for resource linking. See `target_database` below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/catalogTable:CatalogTable": { "description": "Provides a Glue Catalog Table Resource. You can refer to the [Glue Developer Guide](http://docs.aws.amazon.com/glue/latest/dg/populate-data-catalog.html) for a full explanation of the Glue Data Catalog functionality.\n\n## Example Usage\n\n### Basic Table\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsGlueCatalogTable = new aws.glue.CatalogTable(\"aws_glue_catalog_table\", {\n name: \"MyCatalogTable\",\n databaseName: \"MyCatalogDatabase\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_glue_catalog_table = aws.glue.CatalogTable(\"aws_glue_catalog_table\",\n name=\"MyCatalogTable\",\n database_name=\"MyCatalogDatabase\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsGlueCatalogTable = new Aws.Glue.CatalogTable(\"aws_glue_catalog_table\", new()\n {\n Name = \"MyCatalogTable\",\n DatabaseName = \"MyCatalogDatabase\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCatalogTable(ctx, \"aws_glue_catalog_table\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"MyCatalogTable\"),\n\t\t\tDatabaseName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var awsGlueCatalogTable = new CatalogTable(\"awsGlueCatalogTable\", CatalogTableArgs.builder()\n .name(\"MyCatalogTable\")\n .databaseName(\"MyCatalogDatabase\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsGlueCatalogTable:\n type: aws:glue:CatalogTable\n name: aws_glue_catalog_table\n properties:\n name: MyCatalogTable\n databaseName: MyCatalogDatabase\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Parquet Table for Athena\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsGlueCatalogTable = new aws.glue.CatalogTable(\"aws_glue_catalog_table\", {\n name: \"MyCatalogTable\",\n databaseName: \"MyCatalogDatabase\",\n tableType: \"EXTERNAL_TABLE\",\n parameters: {\n EXTERNAL: \"TRUE\",\n \"parquet.compression\": \"SNAPPY\",\n },\n storageDescriptor: {\n location: \"s3://my-bucket/event-streams/my-stream\",\n inputFormat: \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n outputFormat: \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n serDeInfo: {\n name: \"my-stream\",\n serializationLibrary: \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n parameters: {\n \"serialization.format\": \"1\",\n },\n },\n columns: [\n {\n name: \"my_string\",\n type: \"string\",\n },\n {\n name: \"my_double\",\n type: \"double\",\n },\n {\n name: \"my_date\",\n type: \"date\",\n comment: \"\",\n },\n {\n name: \"my_bigint\",\n type: \"bigint\",\n comment: \"\",\n },\n {\n name: \"my_struct\",\n type: \"struct\u003cmy_nested_string:string\u003e\",\n comment: \"\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_glue_catalog_table = aws.glue.CatalogTable(\"aws_glue_catalog_table\",\n name=\"MyCatalogTable\",\n database_name=\"MyCatalogDatabase\",\n table_type=\"EXTERNAL_TABLE\",\n parameters={\n \"EXTERNAL\": \"TRUE\",\n \"parquet.compression\": \"SNAPPY\",\n },\n storage_descriptor={\n \"location\": \"s3://my-bucket/event-streams/my-stream\",\n \"input_format\": \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n \"output_format\": \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n \"ser_de_info\": {\n \"name\": \"my-stream\",\n \"serialization_library\": \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n \"parameters\": {\n \"serialization_format\": \"1\",\n },\n },\n \"columns\": [\n {\n \"name\": \"my_string\",\n \"type\": \"string\",\n },\n {\n \"name\": \"my_double\",\n \"type\": \"double\",\n },\n {\n \"name\": \"my_date\",\n \"type\": \"date\",\n \"comment\": \"\",\n },\n {\n \"name\": \"my_bigint\",\n \"type\": \"bigint\",\n \"comment\": \"\",\n },\n {\n \"name\": \"my_struct\",\n \"type\": \"struct\u003cmy_nested_string:string\u003e\",\n \"comment\": \"\",\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsGlueCatalogTable = new Aws.Glue.CatalogTable(\"aws_glue_catalog_table\", new()\n {\n Name = \"MyCatalogTable\",\n DatabaseName = \"MyCatalogDatabase\",\n TableType = \"EXTERNAL_TABLE\",\n Parameters = \n {\n { \"EXTERNAL\", \"TRUE\" },\n { \"parquet.compression\", \"SNAPPY\" },\n },\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n Location = \"s3://my-bucket/event-streams/my-stream\",\n InputFormat = \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\",\n OutputFormat = \"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\",\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"my-stream\",\n SerializationLibrary = \"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\",\n Parameters = \n {\n { \"serialization.format\", \"1\" },\n },\n },\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_string\",\n Type = \"string\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_double\",\n Type = \"double\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_date\",\n Type = \"date\",\n Comment = \"\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_bigint\",\n Type = \"bigint\",\n Comment = \"\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_struct\",\n Type = \"struct\u003cmy_nested_string:string\u003e\",\n Comment = \"\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCatalogTable(ctx, \"aws_glue_catalog_table\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"MyCatalogTable\"),\n\t\t\tDatabaseName: pulumi.String(\"MyCatalogDatabase\"),\n\t\t\tTableType: pulumi.String(\"EXTERNAL_TABLE\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"EXTERNAL\": pulumi.String(\"TRUE\"),\n\t\t\t\t\"parquet.compression\": pulumi.String(\"SNAPPY\"),\n\t\t\t},\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tLocation: pulumi.String(\"s3://my-bucket/event-streams/my-stream\"),\n\t\t\t\tInputFormat: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\"),\n\t\t\t\tOutputFormat: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\"),\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"my-stream\"),\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\"),\n\t\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"serialization.format\": pulumi.String(\"1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_string\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_double\"),\n\t\t\t\t\t\tType: pulumi.String(\"double\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_date\"),\n\t\t\t\t\t\tType: pulumi.String(\"date\"),\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_bigint\"),\n\t\t\t\t\t\tType: pulumi.String(\"bigint\"),\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_struct\"),\n\t\t\t\t\t\tType: pulumi.String(\"struct\u003cmy_nested_string:string\u003e\"),\n\t\t\t\t\t\tComment: pulumi.String(\"\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSerDeInfoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var awsGlueCatalogTable = new CatalogTable(\"awsGlueCatalogTable\", CatalogTableArgs.builder()\n .name(\"MyCatalogTable\")\n .databaseName(\"MyCatalogDatabase\")\n .tableType(\"EXTERNAL_TABLE\")\n .parameters(Map.ofEntries(\n Map.entry(\"EXTERNAL\", \"TRUE\"),\n Map.entry(\"parquet.compression\", \"SNAPPY\")\n ))\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .location(\"s3://my-bucket/event-streams/my-stream\")\n .inputFormat(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\")\n .outputFormat(\"org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\")\n .serDeInfo(CatalogTableStorageDescriptorSerDeInfoArgs.builder()\n .name(\"my-stream\")\n .serializationLibrary(\"org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\")\n .parameters(Map.of(\"serialization.format\", 1))\n .build())\n .columns( \n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_string\")\n .type(\"string\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_double\")\n .type(\"double\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_date\")\n .type(\"date\")\n .comment(\"\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_bigint\")\n .type(\"bigint\")\n .comment(\"\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_struct\")\n .type(\"struct\u003cmy_nested_string:string\u003e\")\n .comment(\"\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsGlueCatalogTable:\n type: aws:glue:CatalogTable\n name: aws_glue_catalog_table\n properties:\n name: MyCatalogTable\n databaseName: MyCatalogDatabase\n tableType: EXTERNAL_TABLE\n parameters:\n EXTERNAL: TRUE\n parquet.compression: SNAPPY\n storageDescriptor:\n location: s3://my-bucket/event-streams/my-stream\n inputFormat: org.apache.hadoop.hive.ql.io.parquet.MapredParquetInputFormat\n outputFormat: org.apache.hadoop.hive.ql.io.parquet.MapredParquetOutputFormat\n serDeInfo:\n name: my-stream\n serializationLibrary: org.apache.hadoop.hive.ql.io.parquet.serde.ParquetHiveSerDe\n parameters:\n serialization.format: 1\n columns:\n - name: my_string\n type: string\n - name: my_double\n type: double\n - name: my_date\n type: date\n comment:\n - name: my_bigint\n type: bigint\n comment:\n - name: my_struct\n type: struct\u003cmy_nested_string:string\u003e\n comment:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Tables using the catalog ID (usually AWS account ID), database name, and table name. For example:\n\n```sh\n$ pulumi import aws:glue/catalogTable:CatalogTable MyTable 123456789012:MyDatabase:MyTable\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Table.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n\nThe follow arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n" }, "openTableFormatInput": { "$ref": "#/types/aws:glue/CatalogTableOpenTableFormatInput:CatalogTableOpenTableFormatInput", "description": "Configuration block for open table formats. See `open_table_format_input` below.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionIndices": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionIndex:CatalogTablePartitionIndex" }, "description": "Configuration block for a maximum of 3 partition indexes. See `partition_index` below.\n" }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "Configuration block of columns by which the table is partitioned. Only primitive types are supported as partition keys. See `partition_keys` below.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "Configuration block for information about the physical storage of this table. For more information, refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor). See `storage_descriptor` below.\n" }, "tableType": { "type": "string", "description": "Type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.). While optional, some Athena DDL queries such as `ALTER TABLE` and `SHOW CREATE TABLE` will fail if this argument is empty.\n" }, "targetTable": { "$ref": "#/types/aws:glue/CatalogTableTargetTable:CatalogTableTargetTable", "description": "Configuration block of a target table for resource linking. See `target_table` below.\n" }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "required": [ "arn", "catalogId", "databaseName", "name", "partitionIndices" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n\nThe follow arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n", "willReplaceOnChanges": true }, "openTableFormatInput": { "$ref": "#/types/aws:glue/CatalogTableOpenTableFormatInput:CatalogTableOpenTableFormatInput", "description": "Configuration block for open table formats. See `open_table_format_input` below.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionIndices": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionIndex:CatalogTablePartitionIndex" }, "description": "Configuration block for a maximum of 3 partition indexes. See `partition_index` below.\n", "willReplaceOnChanges": true }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "Configuration block of columns by which the table is partitioned. Only primitive types are supported as partition keys. See `partition_keys` below.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "Configuration block for information about the physical storage of this table. For more information, refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor). See `storage_descriptor` below.\n" }, "tableType": { "type": "string", "description": "Type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.). While optional, some Athena DDL queries such as `ALTER TABLE` and `SHOW CREATE TABLE` will fail if this argument is empty.\n" }, "targetTable": { "$ref": "#/types/aws:glue/CatalogTableTargetTable:CatalogTableTargetTable", "description": "Configuration block of a target table for resource linking. See `target_table` below.\n", "willReplaceOnChanges": true }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "requiredInputs": [ "databaseName" ], "stateInputs": { "description": "Input properties used for looking up and filtering CatalogTable resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue Table.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n\nThe follow arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the table.\n" }, "name": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n", "willReplaceOnChanges": true }, "openTableFormatInput": { "$ref": "#/types/aws:glue/CatalogTableOpenTableFormatInput:CatalogTableOpenTableFormatInput", "description": "Configuration block for open table formats. See `open_table_format_input` below.\n" }, "owner": { "type": "string", "description": "Owner of the table.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionIndices": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionIndex:CatalogTablePartitionIndex" }, "description": "Configuration block for a maximum of 3 partition indexes. See `partition_index` below.\n", "willReplaceOnChanges": true }, "partitionKeys": { "type": "array", "items": { "$ref": "#/types/aws:glue/CatalogTablePartitionKey:CatalogTablePartitionKey" }, "description": "Configuration block of columns by which the table is partitioned. Only primitive types are supported as partition keys. See `partition_keys` below.\n" }, "retention": { "type": "integer", "description": "Retention time for this table.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/CatalogTableStorageDescriptor:CatalogTableStorageDescriptor", "description": "Configuration block for information about the physical storage of this table. For more information, refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor). See `storage_descriptor` below.\n" }, "tableType": { "type": "string", "description": "Type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.). While optional, some Athena DDL queries such as `ALTER TABLE` and `SHOW CREATE TABLE` will fail if this argument is empty.\n" }, "targetTable": { "$ref": "#/types/aws:glue/CatalogTableTargetTable:CatalogTableTargetTable", "description": "Configuration block of a target table for resource linking. See `target_table` below.\n", "willReplaceOnChanges": true }, "viewExpandedText": { "type": "string", "description": "If the table is a view, the expanded text of the view; otherwise null.\n" }, "viewOriginalText": { "type": "string", "description": "If the table is a view, the original text of the view; otherwise null.\n" } }, "type": "object" } }, "aws:glue/classifier:Classifier": { "description": "Provides a Glue Classifier resource.\n\n\u003e **NOTE:** It is only valid to create one type of classifier (CSV, grok, JSON, or XML). Changing classifier types will recreate the classifier.\n\n## Example Usage\n\n### CSV Classifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n name: \"example\",\n csvClassifier: {\n allowSingleColumn: false,\n containsHeader: \"PRESENT\",\n delimiter: \",\",\n disableValueTrimming: false,\n headers: [\n \"example1\",\n \"example2\",\n ],\n quoteSymbol: \"'\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\",\n name=\"example\",\n csv_classifier={\n \"allow_single_column\": False,\n \"contains_header\": \"PRESENT\",\n \"delimiter\": \",\",\n \"disable_value_trimming\": False,\n \"headers\": [\n \"example1\",\n \"example2\",\n ],\n \"quote_symbol\": \"'\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Classifier(\"example\", new()\n {\n Name = \"example\",\n CsvClassifier = new Aws.Glue.Inputs.ClassifierCsvClassifierArgs\n {\n AllowSingleColumn = false,\n ContainsHeader = \"PRESENT\",\n Delimiter = \",\",\n DisableValueTrimming = false,\n Headers = new[]\n {\n \"example1\",\n \"example2\",\n },\n QuoteSymbol = \"'\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCsvClassifier: \u0026glue.ClassifierCsvClassifierArgs{\n\t\t\t\tAllowSingleColumn: pulumi.Bool(false),\n\t\t\t\tContainsHeader: pulumi.String(\"PRESENT\"),\n\t\t\t\tDelimiter: pulumi.String(\",\"),\n\t\t\t\tDisableValueTrimming: pulumi.Bool(false),\n\t\t\t\tHeaders: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example1\"),\n\t\t\t\t\tpulumi.String(\"example2\"),\n\t\t\t\t},\n\t\t\t\tQuoteSymbol: pulumi.String(\"'\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Classifier;\nimport com.pulumi.aws.glue.ClassifierArgs;\nimport com.pulumi.aws.glue.inputs.ClassifierCsvClassifierArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Classifier(\"example\", ClassifierArgs.builder()\n .name(\"example\")\n .csvClassifier(ClassifierCsvClassifierArgs.builder()\n .allowSingleColumn(false)\n .containsHeader(\"PRESENT\")\n .delimiter(\",\")\n .disableValueTrimming(false)\n .headers( \n \"example1\",\n \"example2\")\n .quoteSymbol(\"'\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Classifier\n properties:\n name: example\n csvClassifier:\n allowSingleColumn: false\n containsHeader: PRESENT\n delimiter: ','\n disableValueTrimming: false\n headers:\n - example1\n - example2\n quoteSymbol: ''''\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grok Classifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n name: \"example\",\n grokClassifier: {\n classification: \"example\",\n grokPattern: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\",\n name=\"example\",\n grok_classifier={\n \"classification\": \"example\",\n \"grok_pattern\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Classifier(\"example\", new()\n {\n Name = \"example\",\n GrokClassifier = new Aws.Glue.Inputs.ClassifierGrokClassifierArgs\n {\n Classification = \"example\",\n GrokPattern = \"example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tGrokClassifier: \u0026glue.ClassifierGrokClassifierArgs{\n\t\t\t\tClassification: pulumi.String(\"example\"),\n\t\t\t\tGrokPattern: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Classifier;\nimport com.pulumi.aws.glue.ClassifierArgs;\nimport com.pulumi.aws.glue.inputs.ClassifierGrokClassifierArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Classifier(\"example\", ClassifierArgs.builder()\n .name(\"example\")\n .grokClassifier(ClassifierGrokClassifierArgs.builder()\n .classification(\"example\")\n .grokPattern(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Classifier\n properties:\n name: example\n grokClassifier:\n classification: example\n grokPattern: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JSON Classifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n name: \"example\",\n jsonClassifier: {\n jsonPath: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\",\n name=\"example\",\n json_classifier={\n \"json_path\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Classifier(\"example\", new()\n {\n Name = \"example\",\n JsonClassifier = new Aws.Glue.Inputs.ClassifierJsonClassifierArgs\n {\n JsonPath = \"example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tJsonClassifier: \u0026glue.ClassifierJsonClassifierArgs{\n\t\t\t\tJsonPath: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Classifier;\nimport com.pulumi.aws.glue.ClassifierArgs;\nimport com.pulumi.aws.glue.inputs.ClassifierJsonClassifierArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Classifier(\"example\", ClassifierArgs.builder()\n .name(\"example\")\n .jsonClassifier(ClassifierJsonClassifierArgs.builder()\n .jsonPath(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Classifier\n properties:\n name: example\n jsonClassifier:\n jsonPath: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### XML Classifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Classifier(\"example\", {\n name: \"example\",\n xmlClassifier: {\n classification: \"example\",\n rowTag: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Classifier(\"example\",\n name=\"example\",\n xml_classifier={\n \"classification\": \"example\",\n \"row_tag\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Classifier(\"example\", new()\n {\n Name = \"example\",\n XmlClassifier = new Aws.Glue.Inputs.ClassifierXmlClassifierArgs\n {\n Classification = \"example\",\n RowTag = \"example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewClassifier(ctx, \"example\", \u0026glue.ClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tXmlClassifier: \u0026glue.ClassifierXmlClassifierArgs{\n\t\t\t\tClassification: pulumi.String(\"example\"),\n\t\t\t\tRowTag: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Classifier;\nimport com.pulumi.aws.glue.ClassifierArgs;\nimport com.pulumi.aws.glue.inputs.ClassifierXmlClassifierArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Classifier(\"example\", ClassifierArgs.builder()\n .name(\"example\")\n .xmlClassifier(ClassifierXmlClassifierArgs.builder()\n .classification(\"example\")\n .rowTag(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Classifier\n properties:\n name: example\n xmlClassifier:\n classification: example\n rowTag: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Classifiers using their name. For example:\n\n```sh\n$ pulumi import aws:glue/classifier:Classifier MyClassifier MyClassifier\n```\n", "properties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for CSV content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n" }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "required": [ "name" ], "inputProperties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for CSV content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n", "willReplaceOnChanges": true }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Classifier resources.\n", "properties": { "csvClassifier": { "$ref": "#/types/aws:glue/ClassifierCsvClassifier:ClassifierCsvClassifier", "description": "A classifier for CSV content. Defined below.\n" }, "grokClassifier": { "$ref": "#/types/aws:glue/ClassifierGrokClassifier:ClassifierGrokClassifier", "description": "A classifier that uses grok patterns. Defined below.\n" }, "jsonClassifier": { "$ref": "#/types/aws:glue/ClassifierJsonClassifier:ClassifierJsonClassifier", "description": "A classifier for JSON content. Defined below.\n" }, "name": { "type": "string", "description": "The name of the classifier.\n", "willReplaceOnChanges": true }, "xmlClassifier": { "$ref": "#/types/aws:glue/ClassifierXmlClassifier:ClassifierXmlClassifier", "description": "A classifier for XML content. Defined below.\n" } }, "type": "object" } }, "aws:glue/connection:Connection": { "description": "Provides a Glue Connection resource.\n\n## Example Usage\n\n### Non-VPC Connection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionProperties: {\n JDBC_CONNECTION_URL: \"jdbc:mysql://example.com/exampledatabase\",\n PASSWORD: \"examplepassword\",\n USERNAME: \"exampleusername\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_properties={\n \"JDBC_CONNECTION_URL\": \"jdbc:mysql://example.com/exampledatabase\",\n \"PASSWORD\": \"examplepassword\",\n \"USERNAME\": \"exampleusername\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionProperties = \n {\n { \"JDBC_CONNECTION_URL\", \"jdbc:mysql://example.com/exampledatabase\" },\n { \"PASSWORD\", \"examplepassword\" },\n { \"USERNAME\", \"exampleusername\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(\"jdbc:mysql://example.com/exampledatabase\"),\n\t\t\t\t\"PASSWORD\": pulumi.String(\"examplepassword\"),\n\t\t\t\t\"USERNAME\": pulumi.String(\"exampleusername\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionProperties(Map.ofEntries(\n Map.entry(\"JDBC_CONNECTION_URL\", \"jdbc:mysql://example.com/exampledatabase\"),\n Map.entry(\"PASSWORD\", \"examplepassword\"),\n Map.entry(\"USERNAME\", \"exampleusername\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Connection\n properties:\n name: example\n connectionProperties:\n JDBC_CONNECTION_URL: jdbc:mysql://example.com/exampledatabase\n PASSWORD: examplepassword\n USERNAME: exampleusername\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Non-VPC Connection with secret manager reference\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.secretsmanager.getSecret({\n name: \"example-secret\",\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionProperties: {\n JDBC_CONNECTION_URL: \"jdbc:mysql://example.com/exampledatabase\",\n SECRET_ID: example.then(example =\u003e example.name),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.get_secret(name=\"example-secret\")\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_properties={\n \"JDBC_CONNECTION_URL\": \"jdbc:mysql://example.com/exampledatabase\",\n \"SECRET_ID\": example.name,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SecretsManager.GetSecret.Invoke(new()\n {\n Name = \"example-secret\",\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionProperties = \n {\n { \"JDBC_CONNECTION_URL\", \"jdbc:mysql://example.com/exampledatabase\" },\n { \"SECRET_ID\", example.Apply(getSecretResult =\u003e getSecretResult.Name) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tName: pulumi.StringRef(\"example-secret\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(\"jdbc:mysql://example.com/exampledatabase\"),\n\t\t\t\t\"SECRET_ID\": pulumi.String(example.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionProperties(Map.ofEntries(\n Map.entry(\"JDBC_CONNECTION_URL\", \"jdbc:mysql://example.com/exampledatabase\"),\n Map.entry(\"SECRET_ID\", example.applyValue(getSecretResult -\u003e getSecretResult.name()))\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionProperties:\n JDBC_CONNECTION_URL: jdbc:mysql://example.com/exampledatabase\n SECRET_ID: ${example.name}\nvariables:\n example:\n fn::invoke:\n Function: aws:secretsmanager:getSecret\n Arguments:\n name: example-secret\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/populate-add-connection.html#connection-JDBC-VPC).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionProperties: {\n JDBC_CONNECTION_URL: `jdbc:mysql://${exampleAwsRdsCluster.endpoint}/exampledatabase`,\n PASSWORD: \"examplepassword\",\n USERNAME: \"exampleusername\",\n },\n physicalConnectionRequirements: {\n availabilityZone: exampleAwsSubnet.availabilityZone,\n securityGroupIdLists: [exampleAwsSecurityGroup.id],\n subnetId: exampleAwsSubnet.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_properties={\n \"JDBC_CONNECTION_URL\": f\"jdbc:mysql://{example_aws_rds_cluster['endpoint']}/exampledatabase\",\n \"PASSWORD\": \"examplepassword\",\n \"USERNAME\": \"exampleusername\",\n },\n physical_connection_requirements={\n \"availability_zone\": example_aws_subnet[\"availabilityZone\"],\n \"security_group_id_lists\": [example_aws_security_group[\"id\"]],\n \"subnet_id\": example_aws_subnet[\"id\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionProperties = \n {\n { \"JDBC_CONNECTION_URL\", $\"jdbc:mysql://{exampleAwsRdsCluster.Endpoint}/exampledatabase\" },\n { \"PASSWORD\", \"examplepassword\" },\n { \"USERNAME\", \"exampleusername\" },\n },\n PhysicalConnectionRequirements = new Aws.Glue.Inputs.ConnectionPhysicalConnectionRequirementsArgs\n {\n AvailabilityZone = exampleAwsSubnet.AvailabilityZone,\n SecurityGroupIdLists = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetId = exampleAwsSubnet.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(fmt.Sprintf(\"jdbc:mysql://%v/exampledatabase\", exampleAwsRdsCluster.Endpoint)),\n\t\t\t\t\"PASSWORD\": pulumi.String(\"examplepassword\"),\n\t\t\t\t\"USERNAME\": pulumi.String(\"exampleusername\"),\n\t\t\t},\n\t\t\tPhysicalConnectionRequirements: \u0026glue.ConnectionPhysicalConnectionRequirementsArgs{\n\t\t\t\tAvailabilityZone: pulumi.Any(exampleAwsSubnet.AvailabilityZone),\n\t\t\t\tSecurityGroupIdLists: pulumi.StringArray{\n\t\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport com.pulumi.aws.glue.inputs.ConnectionPhysicalConnectionRequirementsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionProperties(Map.ofEntries(\n Map.entry(\"JDBC_CONNECTION_URL\", String.format(\"jdbc:mysql://%s/exampledatabase\", exampleAwsRdsCluster.endpoint())),\n Map.entry(\"PASSWORD\", \"examplepassword\"),\n Map.entry(\"USERNAME\", \"exampleusername\")\n ))\n .physicalConnectionRequirements(ConnectionPhysicalConnectionRequirementsArgs.builder()\n .availabilityZone(exampleAwsSubnet.availabilityZone())\n .securityGroupIdLists(exampleAwsSecurityGroup.id())\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Connection\n properties:\n name: example\n connectionProperties:\n JDBC_CONNECTION_URL: jdbc:mysql://${exampleAwsRdsCluster.endpoint}/exampledatabase\n PASSWORD: examplepassword\n USERNAME: exampleusername\n physicalConnectionRequirements:\n availabilityZone: ${exampleAwsSubnet.availabilityZone}\n securityGroupIdLists:\n - ${exampleAwsSecurityGroup.id}\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Connection using a custom connector\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n// Example here being a snowflake jdbc connector with a secret having user and password as keys\nconst example = aws.secretsmanager.getSecret({\n name: \"example-secret\",\n});\nconst example1 = new aws.glue.Connection(\"example1\", {\n name: \"example1\",\n connectionType: \"CUSTOM\",\n connectionProperties: {\n CONNECTOR_CLASS_NAME: \"net.snowflake.client.jdbc.SnowflakeDriver\",\n CONNECTION_TYPE: \"Jdbc\",\n CONNECTOR_URL: \"s3://example/snowflake-jdbc.jar\",\n JDBC_CONNECTION_URL: \"[[\\\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\\\"],\\\",\\\"]\",\n },\n matchCriterias: [\"template-connection\"],\n});\n// Reference the connector using match_criteria with the connector created above.\nconst example2 = new aws.glue.Connection(\"example2\", {\n name: \"example2\",\n connectionType: \"CUSTOM\",\n connectionProperties: {\n CONNECTOR_CLASS_NAME: \"net.snowflake.client.jdbc.SnowflakeDriver\",\n CONNECTION_TYPE: \"Jdbc\",\n CONNECTOR_URL: \"s3://example/snowflake-jdbc.jar\",\n JDBC_CONNECTION_URL: \"jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\",\n SECRET_ID: example.then(example =\u003e example.name),\n },\n matchCriterias: [\n \"Connection\",\n example1.name,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n# Example here being a snowflake jdbc connector with a secret having user and password as keys\nexample = aws.secretsmanager.get_secret(name=\"example-secret\")\nexample1 = aws.glue.Connection(\"example1\",\n name=\"example1\",\n connection_type=\"CUSTOM\",\n connection_properties={\n \"CONNECTOR_CLASS_NAME\": \"net.snowflake.client.jdbc.SnowflakeDriver\",\n \"CONNECTION_TYPE\": \"Jdbc\",\n \"CONNECTOR_URL\": \"s3://example/snowflake-jdbc.jar\",\n \"JDBC_CONNECTION_URL\": \"[[\\\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\\\"],\\\",\\\"]\",\n },\n match_criterias=[\"template-connection\"])\n# Reference the connector using match_criteria with the connector created above.\nexample2 = aws.glue.Connection(\"example2\",\n name=\"example2\",\n connection_type=\"CUSTOM\",\n connection_properties={\n \"CONNECTOR_CLASS_NAME\": \"net.snowflake.client.jdbc.SnowflakeDriver\",\n \"CONNECTION_TYPE\": \"Jdbc\",\n \"CONNECTOR_URL\": \"s3://example/snowflake-jdbc.jar\",\n \"JDBC_CONNECTION_URL\": \"jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\",\n \"SECRET_ID\": example.name,\n },\n match_criterias=[\n \"Connection\",\n example1.name,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n // Example here being a snowflake jdbc connector with a secret having user and password as keys\n var example = Aws.SecretsManager.GetSecret.Invoke(new()\n {\n Name = \"example-secret\",\n });\n\n var example1 = new Aws.Glue.Connection(\"example1\", new()\n {\n Name = \"example1\",\n ConnectionType = \"CUSTOM\",\n ConnectionProperties = \n {\n { \"CONNECTOR_CLASS_NAME\", \"net.snowflake.client.jdbc.SnowflakeDriver\" },\n { \"CONNECTION_TYPE\", \"Jdbc\" },\n { \"CONNECTOR_URL\", \"s3://example/snowflake-jdbc.jar\" },\n { \"JDBC_CONNECTION_URL\", \"[[\\\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\\\"],\\\",\\\"]\" },\n },\n MatchCriterias = new[]\n {\n \"template-connection\",\n },\n });\n\n // Reference the connector using match_criteria with the connector created above.\n var example2 = new Aws.Glue.Connection(\"example2\", new()\n {\n Name = \"example2\",\n ConnectionType = \"CUSTOM\",\n ConnectionProperties = \n {\n { \"CONNECTOR_CLASS_NAME\", \"net.snowflake.client.jdbc.SnowflakeDriver\" },\n { \"CONNECTION_TYPE\", \"Jdbc\" },\n { \"CONNECTOR_URL\", \"s3://example/snowflake-jdbc.jar\" },\n { \"JDBC_CONNECTION_URL\", \"jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\" },\n { \"SECRET_ID\", example.Apply(getSecretResult =\u003e getSecretResult.Name) },\n },\n MatchCriterias = new[]\n {\n \"Connection\",\n example1.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n\t\t// Example here being a snowflake jdbc connector with a secret having user and password as keys\n\t\texample, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tName: pulumi.StringRef(\"example-secret\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample1, err := glue.NewConnection(ctx, \"example1\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example1\"),\n\t\t\tConnectionType: pulumi.String(\"CUSTOM\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"CONNECTOR_CLASS_NAME\": pulumi.String(\"net.snowflake.client.jdbc.SnowflakeDriver\"),\n\t\t\t\t\"CONNECTION_TYPE\": pulumi.String(\"Jdbc\"),\n\t\t\t\t\"CONNECTOR_URL\": pulumi.String(\"s3://example/snowflake-jdbc.jar\"),\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(\"[[\\\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\\\"],\\\",\\\"]\"),\n\t\t\t},\n\t\t\tMatchCriterias: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"template-connection\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Reference the connector using match_criteria with the connector created above.\n\t\t_, err = glue.NewConnection(ctx, \"example2\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example2\"),\n\t\t\tConnectionType: pulumi.String(\"CUSTOM\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"CONNECTOR_CLASS_NAME\": pulumi.String(\"net.snowflake.client.jdbc.SnowflakeDriver\"),\n\t\t\t\t\"CONNECTION_TYPE\": pulumi.String(\"Jdbc\"),\n\t\t\t\t\"CONNECTOR_URL\": pulumi.String(\"s3://example/snowflake-jdbc.jar\"),\n\t\t\t\t\"JDBC_CONNECTION_URL\": pulumi.String(\"jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\"),\n\t\t\t\t\"SECRET_ID\": pulumi.String(example.Name),\n\t\t\t},\n\t\t\tMatchCriterias: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Connection\"),\n\t\t\t\texample1.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n // Example here being a snowflake jdbc connector with a secret having user and password as keys\n final var example = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var example1 = new Connection(\"example1\", ConnectionArgs.builder()\n .name(\"example1\")\n .connectionType(\"CUSTOM\")\n .connectionProperties(Map.ofEntries(\n Map.entry(\"CONNECTOR_CLASS_NAME\", \"net.snowflake.client.jdbc.SnowflakeDriver\"),\n Map.entry(\"CONNECTION_TYPE\", \"Jdbc\"),\n Map.entry(\"CONNECTOR_URL\", \"s3://example/snowflake-jdbc.jar\"),\n Map.entry(\"JDBC_CONNECTION_URL\", \"[[\\\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\\\"],\\\",\\\"]\")\n ))\n .matchCriterias(\"template-connection\")\n .build());\n\n // Reference the connector using match_criteria with the connector created above.\n var example2 = new Connection(\"example2\", ConnectionArgs.builder()\n .name(\"example2\")\n .connectionType(\"CUSTOM\")\n .connectionProperties(Map.ofEntries(\n Map.entry(\"CONNECTOR_CLASS_NAME\", \"net.snowflake.client.jdbc.SnowflakeDriver\"),\n Map.entry(\"CONNECTION_TYPE\", \"Jdbc\"),\n Map.entry(\"CONNECTOR_URL\", \"s3://example/snowflake-jdbc.jar\"),\n Map.entry(\"JDBC_CONNECTION_URL\", \"jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\"),\n Map.entry(\"SECRET_ID\", example.applyValue(getSecretResult -\u003e getSecretResult.name()))\n ))\n .matchCriterias( \n \"Connection\",\n example1.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example1:\n type: aws:glue:Connection\n properties:\n name: example1\n connectionType: CUSTOM\n connectionProperties:\n CONNECTOR_CLASS_NAME: net.snowflake.client.jdbc.SnowflakeDriver\n CONNECTION_TYPE: Jdbc\n CONNECTOR_URL: s3://example/snowflake-jdbc.jar\n JDBC_CONNECTION_URL: '[[\"default=jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\"],\",\"]'\n matchCriterias:\n - template-connection\n # Reference the connector using match_criteria with the connector created above.\n example2:\n type: aws:glue:Connection\n properties:\n name: example2\n connectionType: CUSTOM\n connectionProperties:\n CONNECTOR_CLASS_NAME: net.snowflake.client.jdbc.SnowflakeDriver\n CONNECTION_TYPE: Jdbc\n CONNECTOR_URL: s3://example/snowflake-jdbc.jar\n JDBC_CONNECTION_URL: jdbc:snowflake://example.com/?user=${user}\u0026password=${password}\n SECRET_ID: ${example.name}\n matchCriterias:\n - Connection\n - ${example1.name}\nvariables:\n # Define the custom connector using the connection_type of `CUSTOM` with the match_criteria of `template_connection`\n # Example here being a snowflake jdbc connector with a secret having user and password as keys\n example:\n fn::invoke:\n Function: aws:secretsmanager:getSecret\n Arguments:\n name: example-secret\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Azure Cosmos Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html#connection-properties-azurecosmos).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example-secret\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n username: \"exampleusername\",\n password: \"examplepassword\",\n }),\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionType: \"AZURECOSMOS\",\n connectionProperties: {\n SparkProperties: pulumi.jsonStringify({\n secretId: example.name,\n \"spark.cosmos.accountEndpoint\": \"https://exampledbaccount.documents.azure.com:443/\",\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example-secret\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"username\": \"exampleusername\",\n \"password\": \"examplepassword\",\n }))\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_type=\"AZURECOSMOS\",\n connection_properties={\n \"SparkProperties\": pulumi.Output.json_dumps({\n \"secretId\": example.name,\n \"spark.cosmos.accountEndpoint\": \"https://exampledbaccount.documents.azure.com:443/\",\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example-secret\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"exampleusername\",\n [\"password\"] = \"examplepassword\",\n }),\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionType = \"AZURECOSMOS\",\n ConnectionProperties = \n {\n { \"SparkProperties\", Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"secretId\"] = example.Name,\n [\"spark.cosmos.accountEndpoint\"] = \"https://exampledbaccount.documents.azure.com:443/\",\n })) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"exampleusername\",\n\t\t\t\"password\": \"examplepassword\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionType: pulumi.String(\"AZURECOSMOS\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"SparkProperties\": example.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"secretId\": name,\n\t\t\t\t\t\t\"spark.cosmos.accountEndpoint\": \"https://exampledbaccount.documents.azure.com:443/\",\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"exampleusername\"),\n jsonProperty(\"password\", \"examplepassword\")\n )))\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionType(\"AZURECOSMOS\")\n .connectionProperties(Map.of(\"SparkProperties\", example.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"secretId\", name),\n jsonProperty(\"spark.cosmos.accountEndpoint\", \"https://exampledbaccount.documents.azure.com:443/\")\n )))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example-secret\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n username: exampleusername\n password: examplepassword\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionType: AZURECOSMOS\n connectionProperties:\n SparkProperties:\n fn::toJSON:\n secretId: ${example.name}\n spark.cosmos.accountEndpoint: https://exampledbaccount.documents.azure.com:443/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Azure SQL Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html#connection-properties-azuresql).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example-secret\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n username: \"exampleusername\",\n password: \"examplepassword\",\n }),\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionType: \"AZURECOSMOS\",\n connectionProperties: {\n SparkProperties: pulumi.jsonStringify({\n secretId: example.name,\n url: \"jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\",\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example-secret\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"username\": \"exampleusername\",\n \"password\": \"examplepassword\",\n }))\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_type=\"AZURECOSMOS\",\n connection_properties={\n \"SparkProperties\": pulumi.Output.json_dumps({\n \"secretId\": example.name,\n \"url\": \"jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\",\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example-secret\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"exampleusername\",\n [\"password\"] = \"examplepassword\",\n }),\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionType = \"AZURECOSMOS\",\n ConnectionProperties = \n {\n { \"SparkProperties\", Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"secretId\"] = example.Name,\n [\"url\"] = \"jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\",\n })) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"exampleusername\",\n\t\t\t\"password\": \"examplepassword\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionType: pulumi.String(\"AZURECOSMOS\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"SparkProperties\": example.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"secretId\": name,\n\t\t\t\t\t\t\"url\": \"jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\",\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"exampleusername\"),\n jsonProperty(\"password\", \"examplepassword\")\n )))\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionType(\"AZURECOSMOS\")\n .connectionProperties(Map.of(\"SparkProperties\", example.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"secretId\", name),\n jsonProperty(\"url\", \"jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\")\n )))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example-secret\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n username: exampleusername\n password: examplepassword\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionType: AZURECOSMOS\n connectionProperties:\n SparkProperties:\n fn::toJSON:\n secretId: ${example.name}\n url: jdbc:sqlserver:exampledbserver.database.windows.net:1433;database=exampledatabase\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Google BigQuery Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html#connection-properties-bigquery).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example-secret\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n credentials: std.base64encode({\n input: `{\n \"type\": \"service_account\",\n \"project_id\": \"example-project\",\n \"private_key_id\": \"example-key\",\n \"private_key\": \"-----BEGIN RSA PRIVATE KEY-----\\\\nREDACTED\\\\n-----END RSA PRIVATE KEY-----\",\n \"client_email\": \"example-project@appspot.gserviceaccount.com\",\n \"client_id\": example-client\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\",\n \"universe_domain\": \"googleapis.com\"\n}\n`,\n }).then(invoke =\u003e invoke.result),\n }),\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionType: \"BIGQUERY\",\n connectionProperties: {\n SparkProperties: pulumi.jsonStringify({\n secretId: example.name,\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example-secret\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"credentials\": std.base64encode(input=\"\"\"{\n \"type\": \"service_account\",\n \"project_id\": \"example-project\",\n \"private_key_id\": \"example-key\",\n \"private_key\": \"-----BEGIN RSA PRIVATE KEY-----\\nREDACTED\\n-----END RSA PRIVATE KEY-----\",\n \"client_email\": \"example-project@appspot.gserviceaccount.com\",\n \"client_id\": example-client\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\",\n \"universe_domain\": \"googleapis.com\"\n}\n\"\"\").result,\n }))\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_type=\"BIGQUERY\",\n connection_properties={\n \"SparkProperties\": pulumi.Output.json_dumps({\n \"secretId\": example.name,\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example-secret\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"credentials\"] = Std.Base64encode.Invoke(new()\n {\n Input = @\"{\n \"\"type\"\": \"\"service_account\"\",\n \"\"project_id\"\": \"\"example-project\"\",\n \"\"private_key_id\"\": \"\"example-key\"\",\n \"\"private_key\"\": \"\"-----BEGIN RSA PRIVATE KEY-----\\nREDACTED\\n-----END RSA PRIVATE KEY-----\"\",\n \"\"client_email\"\": \"\"example-project@appspot.gserviceaccount.com\"\",\n \"\"client_id\"\": example-client\"\",\n \"\"auth_uri\"\": \"\"https://accounts.google.com/o/oauth2/auth\"\",\n \"\"token_uri\"\": \"\"https://oauth2.googleapis.com/token\"\",\n \"\"auth_provider_x509_cert_url\"\": \"\"https://www.googleapis.com/oauth2/v1/certs\"\",\n \"\"client_x509_cert_url\"\": \"\"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\"\",\n \"\"universe_domain\"\": \"\"googleapis.com\"\"\n}\n\",\n }).Apply(invoke =\u003e invoke.Result),\n }),\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionType = \"BIGQUERY\",\n ConnectionProperties = \n {\n { \"SparkProperties\", Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"secretId\"] = example.Name,\n })) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"credentials\": std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\t\tInput: `{\n \"type\": \"service_account\",\n \"project_id\": \"example-project\",\n \"private_key_id\": \"example-key\",\n \"private_key\": \"-----BEGIN RSA PRIVATE KEY-----\\nREDACTED\\n-----END RSA PRIVATE KEY-----\",\n \"client_email\": \"example-project@appspot.gserviceaccount.com\",\n \"client_id\": example-client\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\",\n \"universe_domain\": \"googleapis.com\"\n}\n`,\n\t\t\t}, nil).Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionType: pulumi.String(\"BIGQUERY\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"SparkProperties\": example.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"secretId\": name,\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"credentials\", StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"\"\"\n{\n \"type\": \"service_account\",\n \"project_id\": \"example-project\",\n \"private_key_id\": \"example-key\",\n \"private_key\": \"-----BEGIN RSA PRIVATE KEY-----\\nREDACTED\\n-----END RSA PRIVATE KEY-----\",\n \"client_email\": \"example-project@appspot.gserviceaccount.com\",\n \"client_id\": example-client\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\",\n \"universe_domain\": \"googleapis.com\"\n}\n \"\"\")\n .build()).result())\n )))\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionType(\"BIGQUERY\")\n .connectionProperties(Map.of(\"SparkProperties\", example.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"secretId\", name)\n )))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example-secret\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n credentials:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: |\n {\n \"type\": \"service_account\",\n \"project_id\": \"example-project\",\n \"private_key_id\": \"example-key\",\n \"private_key\": \"-----BEGIN RSA PRIVATE KEY-----\\nREDACTED\\n-----END RSA PRIVATE KEY-----\",\n \"client_email\": \"example-project@appspot.gserviceaccount.com\",\n \"client_id\": example-client\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/example-project%%40appspot.gserviceaccount.com\",\n \"universe_domain\": \"googleapis.com\"\n }\n Return: result\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionType: BIGQUERY\n connectionProperties:\n SparkProperties:\n fn::toJSON:\n secretId: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Service Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html#connection-properties-opensearch).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example-secret\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n \"opensearch.net.http.auth.user\": \"exampleusername\",\n \"opensearch.net.http.auth.pass\": \"examplepassword\",\n }),\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionType: \"OPENSEARCH\",\n connectionProperties: {\n SparkProperties: pulumi.jsonStringify({\n secretId: example.name,\n \"opensearch.nodes\": \"https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\",\n \"opensearch.port\": \"443\",\n \"opensearch.aws.sigv4.region\": \"us-east-1\",\n \"opensearch.nodes.wan.only\": \"true\",\n \"opensearch.aws.sigv4.enabled\": \"true\",\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example-secret\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"opensearch.net.http.auth.user\": \"exampleusername\",\n \"opensearch.net.http.auth.pass\": \"examplepassword\",\n }))\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_type=\"OPENSEARCH\",\n connection_properties={\n \"SparkProperties\": pulumi.Output.json_dumps({\n \"secretId\": example.name,\n \"opensearch.nodes\": \"https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\",\n \"opensearch.port\": \"443\",\n \"opensearch.aws.sigv4.region\": \"us-east-1\",\n \"opensearch.nodes.wan.only\": \"true\",\n \"opensearch.aws.sigv4.enabled\": \"true\",\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example-secret\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"opensearch.net.http.auth.user\"] = \"exampleusername\",\n [\"opensearch.net.http.auth.pass\"] = \"examplepassword\",\n }),\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionType = \"OPENSEARCH\",\n ConnectionProperties = \n {\n { \"SparkProperties\", Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"secretId\"] = example.Name,\n [\"opensearch.nodes\"] = \"https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\",\n [\"opensearch.port\"] = \"443\",\n [\"opensearch.aws.sigv4.region\"] = \"us-east-1\",\n [\"opensearch.nodes.wan.only\"] = \"true\",\n [\"opensearch.aws.sigv4.enabled\"] = \"true\",\n })) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"opensearch.net.http.auth.user\": \"exampleusername\",\n\t\t\t\"opensearch.net.http.auth.pass\": \"examplepassword\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionType: pulumi.String(\"OPENSEARCH\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"SparkProperties\": example.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"secretId\": name,\n\t\t\t\t\t\t\"opensearch.nodes\": \"https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\",\n\t\t\t\t\t\t\"opensearch.port\": \"443\",\n\t\t\t\t\t\t\"opensearch.aws.sigv4.region\": \"us-east-1\",\n\t\t\t\t\t\t\"opensearch.nodes.wan.only\": \"true\",\n\t\t\t\t\t\t\"opensearch.aws.sigv4.enabled\": \"true\",\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"opensearch.net.http.auth.user\", \"exampleusername\"),\n jsonProperty(\"opensearch.net.http.auth.pass\", \"examplepassword\")\n )))\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionType(\"OPENSEARCH\")\n .connectionProperties(Map.of(\"SparkProperties\", example.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"secretId\", name),\n jsonProperty(\"opensearch.nodes\", \"https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\"),\n jsonProperty(\"opensearch.port\", \"443\"),\n jsonProperty(\"opensearch.aws.sigv4.region\", \"us-east-1\"),\n jsonProperty(\"opensearch.nodes.wan.only\", \"true\"),\n jsonProperty(\"opensearch.aws.sigv4.enabled\", \"true\")\n )))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example-secret\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n opensearch.net.http.auth.user: exampleusername\n opensearch.net.http.auth.pass: examplepassword\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionType: OPENSEARCH\n connectionProperties:\n SparkProperties:\n fn::toJSON:\n secretId: ${example.name}\n opensearch.nodes: https://search-exampledomain-ixlmh4jieahrau3bfebcgp8cnm.us-east-1.es.amazonaws.com\n opensearch.port: '443'\n opensearch.aws.sigv4.region: us-east-1\n opensearch.nodes.wan.only: 'true'\n opensearch.aws.sigv4.enabled: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Snowflake Connection\n\nFor more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html#connection-properties-snowflake).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example-secret\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n sfUser: \"exampleusername\",\n sfPassword: \"examplepassword\",\n }),\n});\nconst exampleConnection = new aws.glue.Connection(\"example\", {\n name: \"example\",\n connectionType: \"SNOWFLAKE\",\n connectionProperties: {\n SparkProperties: pulumi.jsonStringify({\n secretId: example.name,\n sfRole: \"EXAMPLEETLROLE\",\n sfUrl: \"exampleorg-exampleconnection.snowflakecomputing.com\",\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example-secret\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"sfUser\": \"exampleusername\",\n \"sfPassword\": \"examplepassword\",\n }))\nexample_connection = aws.glue.Connection(\"example\",\n name=\"example\",\n connection_type=\"SNOWFLAKE\",\n connection_properties={\n \"SparkProperties\": pulumi.Output.json_dumps({\n \"secretId\": example.name,\n \"sfRole\": \"EXAMPLEETLROLE\",\n \"sfUrl\": \"exampleorg-exampleconnection.snowflakecomputing.com\",\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example-secret\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"sfUser\"] = \"exampleusername\",\n [\"sfPassword\"] = \"examplepassword\",\n }),\n });\n\n var exampleConnection = new Aws.Glue.Connection(\"example\", new()\n {\n Name = \"example\",\n ConnectionType = \"SNOWFLAKE\",\n ConnectionProperties = \n {\n { \"SparkProperties\", Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"secretId\"] = example.Name,\n [\"sfRole\"] = \"EXAMPLEETLROLE\",\n [\"sfUrl\"] = \"exampleorg-exampleconnection.snowflakecomputing.com\",\n })) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"sfUser\": \"exampleusername\",\n\t\t\t\"sfPassword\": \"examplepassword\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewConnection(ctx, \"example\", \u0026glue.ConnectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConnectionType: pulumi.String(\"SNOWFLAKE\"),\n\t\t\tConnectionProperties: pulumi.StringMap{\n\t\t\t\t\"SparkProperties\": example.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"secretId\": name,\n\t\t\t\t\t\t\"sfRole\": \"EXAMPLEETLROLE\",\n\t\t\t\t\t\t\"sfUrl\": \"exampleorg-exampleconnection.snowflakecomputing.com\",\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.glue.Connection;\nimport com.pulumi.aws.glue.ConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example-secret\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"sfUser\", \"exampleusername\"),\n jsonProperty(\"sfPassword\", \"examplepassword\")\n )))\n .build());\n\n var exampleConnection = new Connection(\"exampleConnection\", ConnectionArgs.builder()\n .name(\"example\")\n .connectionType(\"SNOWFLAKE\")\n .connectionProperties(Map.of(\"SparkProperties\", example.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"secretId\", name),\n jsonProperty(\"sfRole\", \"EXAMPLEETLROLE\"),\n jsonProperty(\"sfUrl\", \"exampleorg-exampleconnection.snowflakecomputing.com\")\n )))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example-secret\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n sfUser: exampleusername\n sfPassword: examplepassword\n exampleConnection:\n type: aws:glue:Connection\n name: example\n properties:\n name: example\n connectionType: SNOWFLAKE\n connectionProperties:\n SparkProperties:\n fn::toJSON:\n secretId: ${example.name}\n sfRole: EXAMPLEETLROLE\n sfUrl: exampleorg-exampleconnection.snowflakecomputing.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Connections using the `CATALOG-ID` (AWS account ID if not custom) and `NAME`. For example:\n\n```sh\n$ pulumi import aws:glue/connection:Connection MyConnection 123456789012:MyConnection\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Connection.\n" }, "catalogId": { "type": "string", "description": "ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n" }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs used as parameters for this connection. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html).\n\n**Note:** Some connection types require the `SparkProperties` property with a JSON document that contains the actual connection properties. For specific examples, refer to Example Usage.\n", "secret": true }, "connectionType": { "type": "string", "description": "Type of the connection. Valid values: `AZURECOSMOS`, `AZURESQL`, `BIGQUERY`, `CUSTOM`, `JDBC`, `KAFKA`, `MARKETPLACE`, `MONGODB`, `NETWORK`, `OPENSEARCH`, `SNOWFLAKE`. Defaults to `JDBC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "List of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "Name of the connection.\n\nThe following arguments are optional:\n" }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "Map of physical connection requirements, such as VPC and SecurityGroup. See `physical_connection_requirements` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "catalogId", "name", "tagsAll" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n", "willReplaceOnChanges": true }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs used as parameters for this connection. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html).\n\n**Note:** Some connection types require the `SparkProperties` property with a JSON document that contains the actual connection properties. For specific examples, refer to Example Usage.\n", "secret": true }, "connectionType": { "type": "string", "description": "Type of the connection. Valid values: `AZURECOSMOS`, `AZURESQL`, `BIGQUERY`, `CUSTOM`, `JDBC`, `KAFKA`, `MARKETPLACE`, `MONGODB`, `NETWORK`, `OPENSEARCH`, `SNOWFLAKE`. Defaults to `JDBC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "List of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "Name of the connection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "Map of physical connection requirements, such as VPC and SecurityGroup. See `physical_connection_requirements` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Connection.\n" }, "catalogId": { "type": "string", "description": "ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.\n", "willReplaceOnChanges": true }, "connectionProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs used as parameters for this connection. For more information, see the [AWS Documentation](https://docs.aws.amazon.com/glue/latest/dg/connection-properties.html).\n\n**Note:** Some connection types require the `SparkProperties` property with a JSON document that contains the actual connection properties. For specific examples, refer to Example Usage.\n", "secret": true }, "connectionType": { "type": "string", "description": "Type of the connection. Valid values: `AZURECOSMOS`, `AZURESQL`, `BIGQUERY`, `CUSTOM`, `JDBC`, `KAFKA`, `MARKETPLACE`, `MONGODB`, `NETWORK`, `OPENSEARCH`, `SNOWFLAKE`. Defaults to `JDBC`.\n" }, "description": { "type": "string", "description": "Description of the connection.\n" }, "matchCriterias": { "type": "array", "items": { "type": "string" }, "description": "List of criteria that can be used in selecting this connection.\n" }, "name": { "type": "string", "description": "Name of the connection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "physicalConnectionRequirements": { "$ref": "#/types/aws:glue/ConnectionPhysicalConnectionRequirements:ConnectionPhysicalConnectionRequirements", "description": "Map of physical connection requirements, such as VPC and SecurityGroup. See `physical_connection_requirements` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:glue/crawler:Crawler": { "description": "Manages a Glue Crawler. More information can be found in the [AWS Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html)\n\n## Example Usage\n\n### DynamoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n dynamodbTargets: [{\n path: \"table-name\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n dynamodb_targets=[{\n \"path\": \"table-name\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n DynamodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerDynamodbTargetArgs\n {\n Path = \"table-name\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDynamodbTargets: glue.CrawlerDynamodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerDynamodbTargetArgs{\n\t\t\t\t\tPath: pulumi.String(\"table-name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerDynamodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .dynamodbTargets(CrawlerDynamodbTargetArgs.builder()\n .path(\"table-name\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n dynamodbTargets:\n - path: table-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JDBC Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n jdbcTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n jdbc_targets=[{\n \"connection_name\": example_aws_glue_connection[\"name\"],\n \"path\": \"database-name/%\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n JdbcTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerJdbcTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tJdbcTargets: glue.CrawlerJdbcTargetArray{\n\t\t\t\t\u0026glue.CrawlerJdbcTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerJdbcTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .jdbcTargets(CrawlerJdbcTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n jdbcTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n s3Targets: [{\n path: `s3://${exampleAwsS3Bucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n s3_targets=[{\n \"path\": f\"s3://{example_aws_s3_bucket['bucket']}\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{exampleAwsS3Bucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", exampleAwsS3Bucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n s3Targets:\n - path: s3://${exampleAwsS3Bucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Catalog Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n catalogTargets: [{\n databaseName: exampleAwsGlueCatalogDatabase.name,\n tables: [exampleAwsGlueCatalogTable.name],\n }],\n schemaChangePolicy: {\n deleteBehavior: \"LOG\",\n },\n configuration: `{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n catalog_targets=[{\n \"database_name\": example_aws_glue_catalog_database[\"name\"],\n \"tables\": [example_aws_glue_catalog_table[\"name\"]],\n }],\n schema_change_policy={\n \"delete_behavior\": \"LOG\",\n },\n configuration=\"\"\"{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n CatalogTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerCatalogTargetArgs\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Tables = new[]\n {\n exampleAwsGlueCatalogTable.Name,\n },\n },\n },\n SchemaChangePolicy = new Aws.Glue.Inputs.CrawlerSchemaChangePolicyArgs\n {\n DeleteBehavior = \"LOG\",\n },\n Configuration = @\"{\n \"\"Version\"\":1.0,\n \"\"Grouping\"\": {\n \"\"TableGroupingPolicy\"\": \"\"CombineCompatibleSchemas\"\"\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCatalogTargets: glue.CrawlerCatalogTargetArray{\n\t\t\t\t\u0026glue.CrawlerCatalogTargetArgs{\n\t\t\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t\t\tTables: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsGlueCatalogTable.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSchemaChangePolicy: \u0026glue.CrawlerSchemaChangePolicyArgs{\n\t\t\t\tDeleteBehavior: pulumi.String(\"LOG\"),\n\t\t\t},\n\t\t\tConfiguration: pulumi.String(`{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerCatalogTargetArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerSchemaChangePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .catalogTargets(CrawlerCatalogTargetArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .tables(exampleAwsGlueCatalogTable.name())\n .build())\n .schemaChangePolicy(CrawlerSchemaChangePolicyArgs.builder()\n .deleteBehavior(\"LOG\")\n .build())\n .configuration(\"\"\"\n{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n catalogTargets:\n - databaseName: ${exampleAwsGlueCatalogDatabase.name}\n tables:\n - ${exampleAwsGlueCatalogTable.name}\n schemaChangePolicy:\n deleteBehavior: LOG\n configuration: |\n {\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MongoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n mongodbTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n mongodb_targets=[{\n \"connection_name\": example_aws_glue_connection[\"name\"],\n \"path\": \"database-name/%\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n MongodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerMongodbTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tMongodbTargets: glue.CrawlerMongodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerMongodbTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerMongodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .mongodbTargets(CrawlerMongodbTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n mongodbTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration Settings Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst eventsCrawler = new aws.glue.Crawler(\"events_crawler\", {\n databaseName: glueDatabase.name,\n schedule: \"cron(0 1 * * ? *)\",\n name: `events_crawler_${environmentName}`,\n role: glueRole.arn,\n tags: tags,\n configuration: JSON.stringify({\n Grouping: {\n TableGroupingPolicy: \"CombineCompatibleSchemas\",\n },\n CrawlerOutput: {\n Partitions: {\n AddOrUpdateBehavior: \"InheritFromTable\",\n },\n },\n Version: 1,\n }),\n s3Targets: [{\n path: `s3://${dataLakeBucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nevents_crawler = aws.glue.Crawler(\"events_crawler\",\n database_name=glue_database[\"name\"],\n schedule=\"cron(0 1 * * ? *)\",\n name=f\"events_crawler_{environment_name}\",\n role=glue_role[\"arn\"],\n tags=tags,\n configuration=json.dumps({\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\",\n },\n \"CrawlerOutput\": {\n \"Partitions\": {\n \"AddOrUpdateBehavior\": \"InheritFromTable\",\n },\n },\n \"Version\": 1,\n }),\n s3_targets=[{\n \"path\": f\"s3://{data_lake_bucket['bucket']}\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var eventsCrawler = new Aws.Glue.Crawler(\"events_crawler\", new()\n {\n DatabaseName = glueDatabase.Name,\n Schedule = \"cron(0 1 * * ? *)\",\n Name = $\"events_crawler_{environmentName}\",\n Role = glueRole.Arn,\n Tags = tags,\n Configuration = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Grouping\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"TableGroupingPolicy\"] = \"CombineCompatibleSchemas\",\n },\n [\"CrawlerOutput\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Partitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AddOrUpdateBehavior\"] = \"InheritFromTable\",\n },\n },\n [\"Version\"] = 1,\n }),\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{dataLakeBucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Grouping\": map[string]interface{}{\n\t\t\t\t\"TableGroupingPolicy\": \"CombineCompatibleSchemas\",\n\t\t\t},\n\t\t\t\"CrawlerOutput\": map[string]interface{}{\n\t\t\t\t\"Partitions\": map[string]interface{}{\n\t\t\t\t\t\"AddOrUpdateBehavior\": \"InheritFromTable\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": 1,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = glue.NewCrawler(ctx, \"events_crawler\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(glueDatabase.Name),\n\t\t\tSchedule: pulumi.String(\"cron(0 1 * * ? *)\"),\n\t\t\tName: pulumi.String(fmt.Sprintf(\"events_crawler_%v\", environmentName)),\n\t\t\tRole: pulumi.Any(glueRole.Arn),\n\t\t\tTags: pulumi.Any(tags),\n\t\t\tConfiguration: pulumi.String(json0),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", dataLakeBucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var eventsCrawler = new Crawler(\"eventsCrawler\", CrawlerArgs.builder()\n .databaseName(glueDatabase.name())\n .schedule(\"cron(0 1 * * ? *)\")\n .name(String.format(\"events_crawler_%s\", environmentName))\n .role(glueRole.arn())\n .tags(tags)\n .configuration(serializeJson(\n jsonObject(\n jsonProperty(\"Grouping\", jsonObject(\n jsonProperty(\"TableGroupingPolicy\", \"CombineCompatibleSchemas\")\n )),\n jsonProperty(\"CrawlerOutput\", jsonObject(\n jsonProperty(\"Partitions\", jsonObject(\n jsonProperty(\"AddOrUpdateBehavior\", \"InheritFromTable\")\n ))\n )),\n jsonProperty(\"Version\", 1)\n )))\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", dataLakeBucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n eventsCrawler:\n type: aws:glue:Crawler\n name: events_crawler\n properties:\n databaseName: ${glueDatabase.name}\n schedule: cron(0 1 * * ? *)\n name: events_crawler_${environmentName}\n role: ${glueRole.arn}\n tags: ${tags}\n configuration:\n fn::toJSON:\n Grouping:\n TableGroupingPolicy: CombineCompatibleSchemas\n CrawlerOutput:\n Partitions:\n AddOrUpdateBehavior: InheritFromTable\n Version: 1\n s3Targets:\n - path: s3://${dataLakeBucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Crawlers using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/crawler:Crawler MyJob MyJob\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the crawler\n" }, "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" }, "description": "List of nested AWS Glue Data Catalog target arguments. See Catalog Target below.\n" }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information. For more details see [Setting Crawler Configuration Options](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html).\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n" }, "deltaTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDeltaTarget:CrawlerDeltaTarget" }, "description": "List of nested Delta Lake target arguments. See Delta Target below.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See Dynamodb Target below.\n" }, "hudiTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerHudiTarget:CrawlerHudiTarget" }, "description": "List of nested Hudi target arguments. See Iceberg Target below.\n" }, "icebergTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerIcebergTarget:CrawlerIcebergTarget" }, "description": "List of nested Iceberg target arguments. See Iceberg Target below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JDBC target arguments. See JDBC Target below.\n" }, "lakeFormationConfiguration": { "$ref": "#/types/aws:glue/CrawlerLakeFormationConfiguration:CrawlerLakeFormationConfiguration", "description": "Specifies Lake Formation configuration settings for the crawler. See Lake Formation Configuration below.\n" }, "lineageConfiguration": { "$ref": "#/types/aws:glue/CrawlerLineageConfiguration:CrawlerLineageConfiguration", "description": "Specifies data lineage configuration settings for the crawler. See Lineage Configuration below.\n" }, "mongodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerMongodbTarget:CrawlerMongodbTarget" }, "description": "List of nested MongoDB target arguments. See MongoDB Target below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n" }, "recrawlPolicy": { "$ref": "#/types/aws:glue/CrawlerRecrawlPolicy:CrawlerRecrawlPolicy", "description": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.. See Recrawl Policy below.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List of nested Amazon S3 target arguments. See S3 Target below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior. See Schema Change Policy below.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "databaseName", "name", "role", "tagsAll" ], "inputProperties": { "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" }, "description": "List of nested AWS Glue Data Catalog target arguments. See Catalog Target below.\n" }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information. For more details see [Setting Crawler Configuration Options](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html).\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n", "willReplaceOnChanges": true }, "deltaTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDeltaTarget:CrawlerDeltaTarget" }, "description": "List of nested Delta Lake target arguments. See Delta Target below.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See Dynamodb Target below.\n" }, "hudiTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerHudiTarget:CrawlerHudiTarget" }, "description": "List of nested Hudi target arguments. See Iceberg Target below.\n" }, "icebergTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerIcebergTarget:CrawlerIcebergTarget" }, "description": "List of nested Iceberg target arguments. See Iceberg Target below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JDBC target arguments. See JDBC Target below.\n" }, "lakeFormationConfiguration": { "$ref": "#/types/aws:glue/CrawlerLakeFormationConfiguration:CrawlerLakeFormationConfiguration", "description": "Specifies Lake Formation configuration settings for the crawler. See Lake Formation Configuration below.\n" }, "lineageConfiguration": { "$ref": "#/types/aws:glue/CrawlerLineageConfiguration:CrawlerLineageConfiguration", "description": "Specifies data lineage configuration settings for the crawler. See Lineage Configuration below.\n" }, "mongodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerMongodbTarget:CrawlerMongodbTarget" }, "description": "List of nested MongoDB target arguments. See MongoDB Target below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n", "willReplaceOnChanges": true }, "recrawlPolicy": { "$ref": "#/types/aws:glue/CrawlerRecrawlPolicy:CrawlerRecrawlPolicy", "description": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.. See Recrawl Policy below.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List of nested Amazon S3 target arguments. See S3 Target below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior. See Schema Change Policy below.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "databaseName", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering Crawler resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the crawler\n" }, "catalogTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerCatalogTarget:CrawlerCatalogTarget" }, "description": "List of nested AWS Glue Data Catalog target arguments. See Catalog Target below.\n" }, "classifiers": { "type": "array", "items": { "type": "string" }, "description": "List of custom classifiers. By default, all AWS classifiers are included in a crawl, but these custom classifiers always override the default classifiers for a given classification.\n" }, "configuration": { "type": "string", "description": "JSON string of configuration information. For more details see [Setting Crawler Configuration Options](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html).\n" }, "databaseName": { "type": "string", "description": "Glue database where results are written.\n", "willReplaceOnChanges": true }, "deltaTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDeltaTarget:CrawlerDeltaTarget" }, "description": "List of nested Delta Lake target arguments. See Delta Target below.\n" }, "description": { "type": "string", "description": "Description of the crawler.\n" }, "dynamodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerDynamodbTarget:CrawlerDynamodbTarget" }, "description": "List of nested DynamoDB target arguments. See Dynamodb Target below.\n" }, "hudiTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerHudiTarget:CrawlerHudiTarget" }, "description": "List of nested Hudi target arguments. See Iceberg Target below.\n" }, "icebergTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerIcebergTarget:CrawlerIcebergTarget" }, "description": "List of nested Iceberg target arguments. See Iceberg Target below.\n" }, "jdbcTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerJdbcTarget:CrawlerJdbcTarget" }, "description": "List of nested JDBC target arguments. See JDBC Target below.\n" }, "lakeFormationConfiguration": { "$ref": "#/types/aws:glue/CrawlerLakeFormationConfiguration:CrawlerLakeFormationConfiguration", "description": "Specifies Lake Formation configuration settings for the crawler. See Lake Formation Configuration below.\n" }, "lineageConfiguration": { "$ref": "#/types/aws:glue/CrawlerLineageConfiguration:CrawlerLineageConfiguration", "description": "Specifies data lineage configuration settings for the crawler. See Lineage Configuration below.\n" }, "mongodbTargets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerMongodbTarget:CrawlerMongodbTarget" }, "description": "List of nested MongoDB target arguments. See MongoDB Target below.\n" }, "name": { "type": "string", "description": "Name of the crawler.\n", "willReplaceOnChanges": true }, "recrawlPolicy": { "$ref": "#/types/aws:glue/CrawlerRecrawlPolicy:CrawlerRecrawlPolicy", "description": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.. See Recrawl Policy below.\n" }, "role": { "type": "string", "description": "The IAM role friendly name (including path without leading slash), or ARN of an IAM role, used by the crawler to access other resources.\n" }, "s3Targets": { "type": "array", "items": { "$ref": "#/types/aws:glue/CrawlerS3Target:CrawlerS3Target" }, "description": "List of nested Amazon S3 target arguments. See S3 Target below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html). For example, to run something every day at 12:15 UTC, you would specify: `cron(15 12 * * ? *)`.\n" }, "schemaChangePolicy": { "$ref": "#/types/aws:glue/CrawlerSchemaChangePolicy:CrawlerSchemaChangePolicy", "description": "Policy for the crawler's update and deletion behavior. See Schema Change Policy below.\n" }, "securityConfiguration": { "type": "string", "description": "The name of Security Configuration to be used by the crawler\n" }, "tablePrefix": { "type": "string", "description": "The table prefix used for catalog tables that are created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:glue/dataCatalogEncryptionSettings:DataCatalogEncryptionSettings": { "description": "Provides a Glue Data Catalog Encryption Settings resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.DataCatalogEncryptionSettings(\"example\", {dataCatalogEncryptionSettings: {\n connectionPasswordEncryption: {\n awsKmsKeyId: test.arn,\n returnConnectionPasswordEncrypted: true,\n },\n encryptionAtRest: {\n catalogEncryptionMode: \"SSE-KMS\",\n catalogEncryptionServiceRole: role.test.arn,\n sseAwsKmsKeyId: test.arn,\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.DataCatalogEncryptionSettings(\"example\", data_catalog_encryption_settings={\n \"connection_password_encryption\": {\n \"aws_kms_key_id\": test[\"arn\"],\n \"return_connection_password_encrypted\": True,\n },\n \"encryption_at_rest\": {\n \"catalog_encryption_mode\": \"SSE-KMS\",\n \"catalog_encryption_service_role\": role[\"test\"][\"arn\"],\n \"sse_aws_kms_key_id\": test[\"arn\"],\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.DataCatalogEncryptionSettings(\"example\", new()\n {\n DataCatalogEncryptionSettingsConfig = new Aws.Glue.Inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsArgs\n {\n ConnectionPasswordEncryption = new Aws.Glue.Inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryptionArgs\n {\n AwsKmsKeyId = test.Arn,\n ReturnConnectionPasswordEncrypted = true,\n },\n EncryptionAtRest = new Aws.Glue.Inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRestArgs\n {\n CatalogEncryptionMode = \"SSE-KMS\",\n CatalogEncryptionServiceRole = role.Test.Arn,\n SseAwsKmsKeyId = test.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewDataCatalogEncryptionSettings(ctx, \"example\", \u0026glue.DataCatalogEncryptionSettingsArgs{\n\t\t\tDataCatalogEncryptionSettings: \u0026glue.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsArgs{\n\t\t\t\tConnectionPasswordEncryption: \u0026glue.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryptionArgs{\n\t\t\t\t\tAwsKmsKeyId: pulumi.Any(test.Arn),\n\t\t\t\t\tReturnConnectionPasswordEncrypted: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tEncryptionAtRest: \u0026glue.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRestArgs{\n\t\t\t\t\tCatalogEncryptionMode: pulumi.String(\"SSE-KMS\"),\n\t\t\t\t\tCatalogEncryptionServiceRole: pulumi.Any(role.Test.Arn),\n\t\t\t\t\tSseAwsKmsKeyId: pulumi.Any(test.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.DataCatalogEncryptionSettings;\nimport com.pulumi.aws.glue.DataCatalogEncryptionSettingsArgs;\nimport com.pulumi.aws.glue.inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsArgs;\nimport com.pulumi.aws.glue.inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryptionArgs;\nimport com.pulumi.aws.glue.inputs.DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRestArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCatalogEncryptionSettings(\"example\", DataCatalogEncryptionSettingsArgs.builder()\n .dataCatalogEncryptionSettings(DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsArgs.builder()\n .connectionPasswordEncryption(DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsConnectionPasswordEncryptionArgs.builder()\n .awsKmsKeyId(test.arn())\n .returnConnectionPasswordEncrypted(true)\n .build())\n .encryptionAtRest(DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRestArgs.builder()\n .catalogEncryptionMode(\"SSE-KMS\")\n .catalogEncryptionServiceRole(role.test().arn())\n .sseAwsKmsKeyId(test.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:DataCatalogEncryptionSettings\n properties:\n dataCatalogEncryptionSettings:\n connectionPasswordEncryption:\n awsKmsKeyId: ${test.arn}\n returnConnectionPasswordEncrypted: true\n encryptionAtRest:\n catalogEncryptionMode: SSE-KMS\n catalogEncryptionServiceRole: ${role.test.arn}\n sseAwsKmsKeyId: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Data Catalog Encryption Settings using `CATALOG-ID` (AWS account ID if not custom). For example:\n\n```sh\n$ pulumi import aws:glue/dataCatalogEncryptionSettings:DataCatalogEncryptionSettings example 123456789012\n```\n", "properties": { "catalogId": { "type": "string", "description": "The ID of the Data Catalog to set the security configuration for. If none is provided, the AWS account ID is used by default.\n" }, "dataCatalogEncryptionSettings": { "$ref": "#/types/aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettings:DataCatalogEncryptionSettingsDataCatalogEncryptionSettings", "description": "The security configuration to set. see Data Catalog Encryption Settings.\n", "language": { "csharp": { "name": "DataCatalogEncryptionSettingsConfig" } } } }, "required": [ "catalogId", "dataCatalogEncryptionSettings" ], "inputProperties": { "catalogId": { "type": "string", "description": "The ID of the Data Catalog to set the security configuration for. If none is provided, the AWS account ID is used by default.\n", "willReplaceOnChanges": true }, "dataCatalogEncryptionSettings": { "$ref": "#/types/aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettings:DataCatalogEncryptionSettingsDataCatalogEncryptionSettings", "description": "The security configuration to set. see Data Catalog Encryption Settings.\n", "language": { "csharp": { "name": "DataCatalogEncryptionSettingsConfig" } } } }, "requiredInputs": [ "dataCatalogEncryptionSettings" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataCatalogEncryptionSettings resources.\n", "properties": { "catalogId": { "type": "string", "description": "The ID of the Data Catalog to set the security configuration for. If none is provided, the AWS account ID is used by default.\n", "willReplaceOnChanges": true }, "dataCatalogEncryptionSettings": { "$ref": "#/types/aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettings:DataCatalogEncryptionSettingsDataCatalogEncryptionSettings", "description": "The security configuration to set. see Data Catalog Encryption Settings.\n", "language": { "csharp": { "name": "DataCatalogEncryptionSettingsConfig" } } } }, "type": "object" } }, "aws:glue/dataQualityRuleset:DataQualityRuleset": { "description": "Provides a Glue Data Quality Ruleset Resource. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/glue-data-quality.html) for a full explanation of the Glue Data Quality Ruleset functionality\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.DataQualityRuleset(\"example\", {\n name: \"example\",\n ruleset: \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.DataQualityRuleset(\"example\",\n name=\"example\",\n ruleset=\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.DataQualityRuleset(\"example\", new()\n {\n Name = \"example\",\n Ruleset = \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewDataQualityRuleset(ctx, \"example\", \u0026glue.DataQualityRulesetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleset: pulumi.String(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.DataQualityRuleset;\nimport com.pulumi.aws.glue.DataQualityRulesetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataQualityRuleset(\"example\", DataQualityRulesetArgs.builder()\n .name(\"example\")\n .ruleset(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:DataQualityRuleset\n properties:\n name: example\n ruleset: Rules = [Completeness \"colA\" between 0.4 and 0.8]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With description\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.DataQualityRuleset(\"example\", {\n name: \"example\",\n description: \"example\",\n ruleset: \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.DataQualityRuleset(\"example\",\n name=\"example\",\n description=\"example\",\n ruleset=\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.DataQualityRuleset(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n Ruleset = \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewDataQualityRuleset(ctx, \"example\", \u0026glue.DataQualityRulesetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tRuleset: pulumi.String(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.DataQualityRuleset;\nimport com.pulumi.aws.glue.DataQualityRulesetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataQualityRuleset(\"example\", DataQualityRulesetArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .ruleset(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:DataQualityRuleset\n properties:\n name: example\n description: example\n ruleset: Rules = [Completeness \"colA\" between 0.4 and 0.8]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.DataQualityRuleset(\"example\", {\n name: \"example\",\n ruleset: \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.DataQualityRuleset(\"example\",\n name=\"example\",\n ruleset=\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.DataQualityRuleset(\"example\", new()\n {\n Name = \"example\",\n Ruleset = \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewDataQualityRuleset(ctx, \"example\", \u0026glue.DataQualityRulesetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleset: pulumi.String(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.DataQualityRuleset;\nimport com.pulumi.aws.glue.DataQualityRulesetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataQualityRuleset(\"example\", DataQualityRulesetArgs.builder()\n .name(\"example\")\n .ruleset(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:DataQualityRuleset\n properties:\n name: example\n ruleset: Rules = [Completeness \"colA\" between 0.4 and 0.8]\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With target_table\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.DataQualityRuleset(\"example\", {\n name: \"example\",\n ruleset: \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n targetTable: {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n tableName: exampleAwsGlueCatalogTable.name,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.DataQualityRuleset(\"example\",\n name=\"example\",\n ruleset=\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n target_table={\n \"database_name\": example_aws_glue_catalog_database[\"name\"],\n \"table_name\": example_aws_glue_catalog_table[\"name\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.DataQualityRuleset(\"example\", new()\n {\n Name = \"example\",\n Ruleset = \"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\",\n TargetTable = new Aws.Glue.Inputs.DataQualityRulesetTargetTableArgs\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n TableName = exampleAwsGlueCatalogTable.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewDataQualityRuleset(ctx, \"example\", \u0026glue.DataQualityRulesetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleset: pulumi.String(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\"),\n\t\t\tTargetTable: \u0026glue.DataQualityRulesetTargetTableArgs{\n\t\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t\tTableName: pulumi.Any(exampleAwsGlueCatalogTable.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.DataQualityRuleset;\nimport com.pulumi.aws.glue.DataQualityRulesetArgs;\nimport com.pulumi.aws.glue.inputs.DataQualityRulesetTargetTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataQualityRuleset(\"example\", DataQualityRulesetArgs.builder()\n .name(\"example\")\n .ruleset(\"Rules = [Completeness \\\"colA\\\" between 0.4 and 0.8]\")\n .targetTable(DataQualityRulesetTargetTableArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .tableName(exampleAwsGlueCatalogTable.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:DataQualityRuleset\n properties:\n name: example\n ruleset: Rules = [Completeness \"colA\" between 0.4 and 0.8]\n targetTable:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n tableName: ${exampleAwsGlueCatalogTable.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Data Quality Ruleset using the `name`. For example:\n\n```sh\n$ pulumi import aws:glue/dataQualityRuleset:DataQualityRuleset example exampleName\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Data Quality Ruleset.\n" }, "createdOn": { "type": "string", "description": "The time and date that this data quality ruleset was created.\n" }, "description": { "type": "string", "description": "Description of the data quality ruleset.\n" }, "lastModifiedOn": { "type": "string", "description": "The time and date that this data quality ruleset was created.\n" }, "name": { "type": "string", "description": "Name of the data quality ruleset.\n" }, "recommendationRunId": { "type": "string", "description": "When a ruleset was created from a recommendation run, this run ID is generated to link the two together.\n" }, "ruleset": { "type": "string", "description": "A Data Quality Definition Language (DQDL) ruleset. For more information, see the AWS Glue developer guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetTable": { "$ref": "#/types/aws:glue/DataQualityRulesetTargetTable:DataQualityRulesetTargetTable", "description": "A Configuration block specifying a target table associated with the data quality ruleset. See `target_table` below.\n" } }, "required": [ "arn", "createdOn", "lastModifiedOn", "name", "recommendationRunId", "ruleset", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the data quality ruleset.\n" }, "name": { "type": "string", "description": "Name of the data quality ruleset.\n", "willReplaceOnChanges": true }, "ruleset": { "type": "string", "description": "A Data Quality Definition Language (DQDL) ruleset. For more information, see the AWS Glue developer guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetTable": { "$ref": "#/types/aws:glue/DataQualityRulesetTargetTable:DataQualityRulesetTargetTable", "description": "A Configuration block specifying a target table associated with the data quality ruleset. See `target_table` below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ruleset" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataQualityRuleset resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Glue Data Quality Ruleset.\n" }, "createdOn": { "type": "string", "description": "The time and date that this data quality ruleset was created.\n" }, "description": { "type": "string", "description": "Description of the data quality ruleset.\n" }, "lastModifiedOn": { "type": "string", "description": "The time and date that this data quality ruleset was created.\n" }, "name": { "type": "string", "description": "Name of the data quality ruleset.\n", "willReplaceOnChanges": true }, "recommendationRunId": { "type": "string", "description": "When a ruleset was created from a recommendation run, this run ID is generated to link the two together.\n" }, "ruleset": { "type": "string", "description": "A Data Quality Definition Language (DQDL) ruleset. For more information, see the AWS Glue developer guide.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetTable": { "$ref": "#/types/aws:glue/DataQualityRulesetTargetTable:DataQualityRulesetTargetTable", "description": "A Configuration block specifying a target table associated with the data quality ruleset. See `target_table` below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/devEndpoint:DevEndpoint": { "description": "Provides a Glue Development Endpoint resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"glue.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"AWSGlueServiceRole-foo\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst exampleDevEndpoint = new aws.glue.DevEndpoint(\"example\", {\n name: \"foo\",\n roleArn: exampleRole.arn,\n});\nconst example_AWSGlueServiceRole = new aws.iam.RolePolicyAttachment(\"example-AWSGlueServiceRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\",\n role: exampleRole.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"glue.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"AWSGlueServiceRole-foo\",\n assume_role_policy=example.json)\nexample_dev_endpoint = aws.glue.DevEndpoint(\"example\",\n name=\"foo\",\n role_arn=example_role.arn)\nexample__aws_glue_service_role = aws.iam.RolePolicyAttachment(\"example-AWSGlueServiceRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\",\n role=example_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"glue.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"AWSGlueServiceRole-foo\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDevEndpoint = new Aws.Glue.DevEndpoint(\"example\", new()\n {\n Name = \"foo\",\n RoleArn = exampleRole.Arn,\n });\n\n var example_AWSGlueServiceRole = new Aws.Iam.RolePolicyAttachment(\"example-AWSGlueServiceRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\",\n Role = exampleRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"glue.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"AWSGlueServiceRole-foo\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewDevEndpoint(ctx, \"example\", \u0026glue.DevEndpointArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tRoleArn: exampleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AWSGlueServiceRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\"),\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.glue.DevEndpoint;\nimport com.pulumi.aws.glue.DevEndpointArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"glue.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"AWSGlueServiceRole-foo\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDevEndpoint = new DevEndpoint(\"exampleDevEndpoint\", DevEndpointArgs.builder()\n .name(\"foo\")\n .roleArn(exampleRole.arn())\n .build());\n\n var example_AWSGlueServiceRole = new RolePolicyAttachment(\"example-AWSGlueServiceRole\", RolePolicyAttachmentArgs.builder()\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\")\n .role(exampleRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDevEndpoint:\n type: aws:glue:DevEndpoint\n name: example\n properties:\n name: foo\n roleArn: ${exampleRole.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: AWSGlueServiceRole-foo\n assumeRolePolicy: ${example.json}\n example-AWSGlueServiceRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole\n role: ${exampleRole.name}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - glue.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a Glue Development Endpoint using the `name`. For example:\n\n```sh\n$ pulumi import aws:glue/devEndpoint:DevEndpoint example foo\n```\n", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arguments used to configure the endpoint.\n" }, "arn": { "type": "string", "description": "The ARN of the endpoint.\n" }, "availabilityZone": { "type": "string", "description": "The AWS availability zone where this endpoint is located.\n" }, "extraJarsS3Path": { "type": "string", "description": "Path to one or more Java Jars in an S3 bucket that should be loaded in this endpoint.\n" }, "extraPythonLibsS3Path": { "type": "string", "description": "Path(s) to one or more Python libraries in an S3 bucket that should be loaded in this endpoint. Multiple values must be complete paths separated by a comma.\n" }, "failureReason": { "type": "string", "description": "The reason for a current failure in this endpoint.\n" }, "glueVersion": { "type": "string", "description": "Specifies the versions of Python and Apache Spark to use. Defaults to AWS Glue version 0.9.\n" }, "name": { "type": "string", "description": "The name of this endpoint. It must be unique in your account.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of AWS Glue Data Processing Units (DPUs) to allocate to this endpoint. Conflicts with `worker_type`.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined worker type that are allocated to this endpoint. This field is available only when you choose worker type G.1X or G.2X.\n" }, "privateAddress": { "type": "string", "description": "A private IP address to access the endpoint within a VPC, if this endpoint is created within one.\n" }, "publicAddress": { "type": "string", "description": "The public IP address used by this endpoint. The PublicAddress field is present only when you create a non-VPC endpoint.\n" }, "publicKey": { "type": "string", "description": "The public key to be used by this endpoint for authentication.\n" }, "publicKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of public keys to be used by this endpoint for authentication.\n" }, "roleArn": { "type": "string", "description": "The IAM role for this endpoint.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration structure to be used with this endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the security groups to be used by this endpoint.\n" }, "status": { "type": "string", "description": "The current status of this endpoint.\n" }, "subnetId": { "type": "string", "description": "The subnet ID for the new endpoint to use.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "he ID of the VPC used by this endpoint.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated to this endpoint. Accepts a value of Standard, G.1X, or G.2X.\n" }, "yarnEndpointAddress": { "type": "string", "description": "The YARN endpoint address used by this endpoint.\n" }, "zeppelinRemoteSparkInterpreterPort": { "type": "integer", "description": "The Apache Zeppelin port for the remote Apache Spark interpreter.\n" } }, "required": [ "arn", "availabilityZone", "failureReason", "name", "privateAddress", "publicAddress", "roleArn", "status", "tagsAll", "vpcId", "yarnEndpointAddress", "zeppelinRemoteSparkInterpreterPort" ], "inputProperties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arguments used to configure the endpoint.\n" }, "extraJarsS3Path": { "type": "string", "description": "Path to one or more Java Jars in an S3 bucket that should be loaded in this endpoint.\n" }, "extraPythonLibsS3Path": { "type": "string", "description": "Path(s) to one or more Python libraries in an S3 bucket that should be loaded in this endpoint. Multiple values must be complete paths separated by a comma.\n" }, "glueVersion": { "type": "string", "description": "Specifies the versions of Python and Apache Spark to use. Defaults to AWS Glue version 0.9.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of this endpoint. It must be unique in your account.\n", "willReplaceOnChanges": true }, "numberOfNodes": { "type": "integer", "description": "The number of AWS Glue Data Processing Units (DPUs) to allocate to this endpoint. Conflicts with `worker_type`.\n", "willReplaceOnChanges": true }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined worker type that are allocated to this endpoint. This field is available only when you choose worker type G.1X or G.2X.\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "The public key to be used by this endpoint for authentication.\n" }, "publicKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of public keys to be used by this endpoint for authentication.\n" }, "roleArn": { "type": "string", "description": "The IAM role for this endpoint.\n", "willReplaceOnChanges": true }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration structure to be used with this endpoint.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the security groups to be used by this endpoint.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The subnet ID for the new endpoint to use.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated to this endpoint. Accepts a value of Standard, G.1X, or G.2X.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DevEndpoint resources.\n", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of arguments used to configure the endpoint.\n" }, "arn": { "type": "string", "description": "The ARN of the endpoint.\n" }, "availabilityZone": { "type": "string", "description": "The AWS availability zone where this endpoint is located.\n" }, "extraJarsS3Path": { "type": "string", "description": "Path to one or more Java Jars in an S3 bucket that should be loaded in this endpoint.\n" }, "extraPythonLibsS3Path": { "type": "string", "description": "Path(s) to one or more Python libraries in an S3 bucket that should be loaded in this endpoint. Multiple values must be complete paths separated by a comma.\n" }, "failureReason": { "type": "string", "description": "The reason for a current failure in this endpoint.\n" }, "glueVersion": { "type": "string", "description": "Specifies the versions of Python and Apache Spark to use. Defaults to AWS Glue version 0.9.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of this endpoint. It must be unique in your account.\n", "willReplaceOnChanges": true }, "numberOfNodes": { "type": "integer", "description": "The number of AWS Glue Data Processing Units (DPUs) to allocate to this endpoint. Conflicts with `worker_type`.\n", "willReplaceOnChanges": true }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined worker type that are allocated to this endpoint. This field is available only when you choose worker type G.1X or G.2X.\n", "willReplaceOnChanges": true }, "privateAddress": { "type": "string", "description": "A private IP address to access the endpoint within a VPC, if this endpoint is created within one.\n" }, "publicAddress": { "type": "string", "description": "The public IP address used by this endpoint. The PublicAddress field is present only when you create a non-VPC endpoint.\n" }, "publicKey": { "type": "string", "description": "The public key to be used by this endpoint for authentication.\n" }, "publicKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of public keys to be used by this endpoint for authentication.\n" }, "roleArn": { "type": "string", "description": "The IAM role for this endpoint.\n", "willReplaceOnChanges": true }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration structure to be used with this endpoint.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Security group IDs for the security groups to be used by this endpoint.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The current status of this endpoint.\n" }, "subnetId": { "type": "string", "description": "The subnet ID for the new endpoint to use.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "he ID of the VPC used by this endpoint.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated to this endpoint. Accepts a value of Standard, G.1X, or G.2X.\n", "willReplaceOnChanges": true }, "yarnEndpointAddress": { "type": "string", "description": "The YARN endpoint address used by this endpoint.\n" }, "zeppelinRemoteSparkInterpreterPort": { "type": "integer", "description": "The Apache Zeppelin port for the remote Apache Spark interpreter.\n" } }, "type": "object" } }, "aws:glue/job:Job": { "description": "Provides a Glue Job resource.\n\n\u003e Glue functionality, such as monitoring and logging of jobs, is typically managed with the `default_arguments` argument. See the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the Glue developer guide for additional information.\n\n## Example Usage\n\n### Python Job\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n command: {\n scriptLocation: `s3://${exampleAwsS3Bucket.bucket}/example.py`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n command={\n \"script_location\": f\"s3://{example_aws_s3_bucket['bucket']}/example.py\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Job(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n ScriptLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/example.py\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"s3://%v/example.py\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Job;\nimport com.pulumi.aws.glue.JobArgs;\nimport com.pulumi.aws.glue.inputs.JobCommandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Job(\"example\", JobArgs.builder()\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .command(JobCommandArgs.builder()\n .scriptLocation(String.format(\"s3://%s/example.py\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Job\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n command:\n scriptLocation: s3://${exampleAwsS3Bucket.bucket}/example.py\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ray Job\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n glueVersion: \"4.0\",\n workerType: \"Z.2X\",\n command: {\n name: \"glueray\",\n pythonVersion: \"3.9\",\n runtime: \"Ray2.4\",\n scriptLocation: `s3://${exampleAwsS3Bucket.bucket}/example.py`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n glue_version=\"4.0\",\n worker_type=\"Z.2X\",\n command={\n \"name\": \"glueray\",\n \"python_version\": \"3.9\",\n \"runtime\": \"Ray2.4\",\n \"script_location\": f\"s3://{example_aws_s3_bucket['bucket']}/example.py\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Job(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n GlueVersion = \"4.0\",\n WorkerType = \"Z.2X\",\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n Name = \"glueray\",\n PythonVersion = \"3.9\",\n Runtime = \"Ray2.4\",\n ScriptLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/example.py\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tGlueVersion: pulumi.String(\"4.0\"),\n\t\t\tWorkerType: pulumi.String(\"Z.2X\"),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"glueray\"),\n\t\t\t\tPythonVersion: pulumi.String(\"3.9\"),\n\t\t\t\tRuntime: pulumi.String(\"Ray2.4\"),\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"s3://%v/example.py\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Job;\nimport com.pulumi.aws.glue.JobArgs;\nimport com.pulumi.aws.glue.inputs.JobCommandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Job(\"example\", JobArgs.builder()\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .glueVersion(\"4.0\")\n .workerType(\"Z.2X\")\n .command(JobCommandArgs.builder()\n .name(\"glueray\")\n .pythonVersion(\"3.9\")\n .runtime(\"Ray2.4\")\n .scriptLocation(String.format(\"s3://%s/example.py\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Job\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n glueVersion: '4.0'\n workerType: Z.2X\n command:\n name: glueray\n pythonVersion: '3.9'\n runtime: Ray2.4\n scriptLocation: s3://${exampleAwsS3Bucket.bucket}/example.py\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Scala Job\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n command: {\n scriptLocation: `s3://${exampleAwsS3Bucket.bucket}/example.scala`,\n },\n defaultArguments: {\n \"--job-language\": \"scala\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n command={\n \"script_location\": f\"s3://{example_aws_s3_bucket['bucket']}/example.scala\",\n },\n default_arguments={\n \"--job-language\": \"scala\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Job(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n ScriptLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/example.scala\",\n },\n DefaultArguments = \n {\n { \"--job-language\", \"scala\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"s3://%v/example.scala\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.StringMap{\n\t\t\t\t\"--job-language\": pulumi.String(\"scala\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Job;\nimport com.pulumi.aws.glue.JobArgs;\nimport com.pulumi.aws.glue.inputs.JobCommandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Job(\"example\", JobArgs.builder()\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .command(JobCommandArgs.builder()\n .scriptLocation(String.format(\"s3://%s/example.scala\", exampleAwsS3Bucket.bucket()))\n .build())\n .defaultArguments(Map.of(\"--job-language\", \"scala\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Job\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n command:\n scriptLocation: s3://${exampleAwsS3Bucket.bucket}/example.scala\n defaultArguments:\n --job-language: scala\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Streaming Job\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Job(\"example\", {\n name: \"example streaming job\",\n roleArn: exampleAwsIamRole.arn,\n command: {\n name: \"gluestreaming\",\n scriptLocation: `s3://${exampleAwsS3Bucket.bucket}/example.script`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Job(\"example\",\n name=\"example streaming job\",\n role_arn=example_aws_iam_role[\"arn\"],\n command={\n \"name\": \"gluestreaming\",\n \"script_location\": f\"s3://{example_aws_s3_bucket['bucket']}/example.script\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Job(\"example\", new()\n {\n Name = \"example streaming job\",\n RoleArn = exampleAwsIamRole.Arn,\n Command = new Aws.Glue.Inputs.JobCommandArgs\n {\n Name = \"gluestreaming\",\n ScriptLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/example.script\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"example streaming job\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"gluestreaming\"),\n\t\t\t\tScriptLocation: pulumi.String(fmt.Sprintf(\"s3://%v/example.script\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Job;\nimport com.pulumi.aws.glue.JobArgs;\nimport com.pulumi.aws.glue.inputs.JobCommandArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Job(\"example\", JobArgs.builder()\n .name(\"example streaming job\")\n .roleArn(exampleAwsIamRole.arn())\n .command(JobCommandArgs.builder()\n .name(\"gluestreaming\")\n .scriptLocation(String.format(\"s3://%s/example.script\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Job\n properties:\n name: example streaming job\n roleArn: ${exampleAwsIamRole.arn}\n command:\n name: gluestreaming\n scriptLocation: s3://${exampleAwsS3Bucket.bucket}/example.script\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling CloudWatch Logs and Metrics\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: \"example\",\n retentionInDays: 14,\n});\nconst exampleJob = new aws.glue.Job(\"example\", {defaultArguments: {\n \"--continuous-log-logGroup\": example.name,\n \"--enable-continuous-cloudwatch-log\": \"true\",\n \"--enable-continuous-log-filter\": \"true\",\n \"--enable-metrics\": \"\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=\"example\",\n retention_in_days=14)\nexample_job = aws.glue.Job(\"example\", default_arguments={\n \"--continuous-log-logGroup\": example.name,\n \"--enable-continuous-cloudwatch-log\": \"true\",\n \"--enable-continuous-log-filter\": \"true\",\n \"--enable-metrics\": \"\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n RetentionInDays = 14,\n });\n\n var exampleJob = new Aws.Glue.Job(\"example\", new()\n {\n DefaultArguments = \n {\n { \"--continuous-log-logGroup\", example.Name },\n { \"--enable-continuous-cloudwatch-log\", \"true\" },\n { \"--enable-continuous-log-filter\", \"true\" },\n { \"--enable-metrics\", \"\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewJob(ctx, \"example\", \u0026glue.JobArgs{\n\t\t\tDefaultArguments: pulumi.StringMap{\n\t\t\t\t\"--continuous-log-logGroup\": example.Name,\n\t\t\t\t\"--enable-continuous-cloudwatch-log\": pulumi.String(\"true\"),\n\t\t\t\t\"--enable-continuous-log-filter\": pulumi.String(\"true\"),\n\t\t\t\t\"--enable-metrics\": pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.glue.Job;\nimport com.pulumi.aws.glue.JobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"example\")\n .retentionInDays(14)\n .build());\n\n var exampleJob = new Job(\"exampleJob\", JobArgs.builder()\n .defaultArguments(Map.ofEntries(\n Map.entry(\"--continuous-log-logGroup\", example.name()),\n Map.entry(\"--enable-continuous-cloudwatch-log\", \"true\"),\n Map.entry(\"--enable-continuous-log-filter\", \"true\"),\n Map.entry(\"--enable-metrics\", \"\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example\n retentionInDays: 14\n exampleJob:\n type: aws:glue:Job\n name: example\n properties:\n defaultArguments:\n --continuous-log-logGroup: ${example.name}\n --enable-continuous-cloudwatch-log: 'true'\n --enable-continuous-log-filter: 'true'\n --enable-metrics:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Jobs using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/job:Job MyJob MyJob\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Job\n" }, "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionClass": { "type": "string", "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources. Valid value: `FLEX`, `STANDARD`.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". Ray jobs should set this to 4.0 or greater. For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the day of the week and hour for the maintenance window for streaming jobs.\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`. Use `number_of_workers` and `worker_type` arguments instead with `glue_version` `2.0` and above.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n" }, "nonOverridableArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Non-overridable arguments for this job, specified as name-value pairs.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours) for `glueetl` and `pythonshell` jobs, and null (unlimited) for `gluestreaming` jobs.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, G.2X, or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n* For the Standard worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n* For the G.1X worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.2X worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.4X worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.8X worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.025X worker type, each worker maps to 0.25 DPU (2 vCPU, 4GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for low volume streaming jobs. Only available for Glue version 3.0.\n* For the Z.2X worker type, each worker maps to 2 M-DPU (8vCPU, 64 GB of m emory, 128 GB disk), and provides up to 8 Ray workers based on the autoscaler.\n" } }, "required": [ "arn", "command", "executionProperty", "glueVersion", "maxCapacity", "name", "notificationProperty", "numberOfWorkers", "roleArn", "tagsAll", "timeout", "workerType" ], "inputProperties": { "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionClass": { "type": "string", "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources. Valid value: `FLEX`, `STANDARD`.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". Ray jobs should set this to 4.0 or greater. For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the day of the week and hour for the maintenance window for streaming jobs.\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`. Use `number_of_workers` and `worker_type` arguments instead with `glue_version` `2.0` and above.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n", "willReplaceOnChanges": true }, "nonOverridableArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Non-overridable arguments for this job, specified as name-value pairs.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours) for `glueetl` and `pythonshell` jobs, and null (unlimited) for `gluestreaming` jobs.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, G.2X, or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n* For the Standard worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n* For the G.1X worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.2X worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.4X worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.8X worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.025X worker type, each worker maps to 0.25 DPU (2 vCPU, 4GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for low volume streaming jobs. Only available for Glue version 3.0.\n* For the Z.2X worker type, each worker maps to 2 M-DPU (8vCPU, 64 GB of m emory, 128 GB disk), and provides up to 8 Ray workers based on the autoscaler.\n" } }, "requiredInputs": [ "command", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Job resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Job\n" }, "command": { "$ref": "#/types/aws:glue/JobCommand:JobCommand", "description": "The command of the job. Defined below.\n" }, "connections": { "type": "array", "items": { "type": "string" }, "description": "The list of connections used for this job.\n" }, "defaultArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes. For information about how to specify and consume your own Job arguments, see the [Calling AWS Glue APIs in Python](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) topic in the developer guide. For information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](http://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-glue-arguments.html) topic in the developer guide.\n" }, "description": { "type": "string", "description": "Description of the job.\n" }, "executionClass": { "type": "string", "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources. Valid value: `FLEX`, `STANDARD`.\n" }, "executionProperty": { "$ref": "#/types/aws:glue/JobExecutionProperty:JobExecutionProperty", "description": "Execution property of the job. Defined below.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". Ray jobs should set this to 4.0 or greater. For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the day of the week and hour for the maintenance window for streaming jobs.\n" }, "maxCapacity": { "type": "number", "description": "The maximum number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. `Required` when `pythonshell` is set, accept either `0.0625` or `1.0`. Use `number_of_workers` and `worker_type` arguments instead with `glue_version` `2.0` and above.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this job if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this job. It must be unique in your account.\n", "willReplaceOnChanges": true }, "nonOverridableArguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Non-overridable arguments for this job, specified as name-value pairs.\n" }, "notificationProperty": { "$ref": "#/types/aws:glue/JobNotificationProperty:JobNotificationProperty", "description": "Notification property of the job. Defined below.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined workerType that are allocated when a job runs.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this job.\n" }, "securityConfiguration": { "type": "string", "description": "The name of the Security Configuration to be associated with the job.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "The job timeout in minutes. The default is 2880 minutes (48 hours) for `glueetl` and `pythonshell` jobs, and null (unlimited) for `gluestreaming` jobs.\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of Standard, G.1X, G.2X, or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n* For the Standard worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n* For the G.1X worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.2X worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. Recommended for memory-intensive jobs.\n* For the G.4X worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.8X worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. Recommended for memory-intensive jobs. Only available for Glue version 3.0. Available AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n* For the G.025X worker type, each worker maps to 0.25 DPU (2 vCPU, 4GB of memory, 64 GB disk), and provides 1 executor per worker. Recommended for low volume streaming jobs. Only available for Glue version 3.0.\n* For the Z.2X worker type, each worker maps to 2 M-DPU (8vCPU, 64 GB of m emory, 128 GB disk), and provides up to 8 Ray workers based on the autoscaler.\n" } }, "type": "object" } }, "aws:glue/mLTransform:MLTransform": { "description": "Provides a Glue ML Transform resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCatalogDatabase = new aws.glue.CatalogDatabase(\"test\", {name: \"example\"});\nconst testCatalogTable = new aws.glue.CatalogTable(\"test\", {\n name: \"example\",\n databaseName: testCatalogDatabase.name,\n owner: \"my_owner\",\n retention: 1,\n tableType: \"VIRTUAL_VIEW\",\n viewExpandedText: \"view_expanded_text_1\",\n viewOriginalText: \"view_original_text_1\",\n storageDescriptor: {\n bucketColumns: [\"bucket_column_1\"],\n compressed: false,\n inputFormat: \"SequenceFileInputFormat\",\n location: \"my_location\",\n numberOfBuckets: 1,\n outputFormat: \"SequenceFileInputFormat\",\n storedAsSubDirectories: false,\n parameters: {\n param1: \"param1_val\",\n },\n columns: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column2_comment\",\n },\n ],\n serDeInfo: {\n name: \"ser_de_name\",\n parameters: {\n param1: \"param_val_1\",\n },\n serializationLibrary: \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n sortColumns: [{\n column: \"my_column_1\",\n sortOrder: 1,\n }],\n skewedInfo: {\n skewedColumnNames: [\"my_column_1\"],\n skewedColumnValueLocationMaps: {\n my_column_1: \"my_column_1_val_loc_map\",\n },\n skewedColumnValues: [\"skewed_val_1\"],\n },\n },\n partitionKeys: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column_1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column_2_comment\",\n },\n ],\n parameters: {\n param1: \"param1_val\",\n },\n});\nconst test = new aws.glue.MLTransform(\"test\", {\n name: \"example\",\n roleArn: testAwsIamRole.arn,\n inputRecordTables: [{\n databaseName: testCatalogTable.databaseName,\n tableName: testCatalogTable.name,\n }],\n parameters: {\n transformType: \"FIND_MATCHES\",\n findMatchesParameters: {\n primaryKeyColumnName: \"my_column_1\",\n },\n },\n}, {\n dependsOn: [testAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_catalog_database = aws.glue.CatalogDatabase(\"test\", name=\"example\")\ntest_catalog_table = aws.glue.CatalogTable(\"test\",\n name=\"example\",\n database_name=test_catalog_database.name,\n owner=\"my_owner\",\n retention=1,\n table_type=\"VIRTUAL_VIEW\",\n view_expanded_text=\"view_expanded_text_1\",\n view_original_text=\"view_original_text_1\",\n storage_descriptor={\n \"bucket_columns\": [\"bucket_column_1\"],\n \"compressed\": False,\n \"input_format\": \"SequenceFileInputFormat\",\n \"location\": \"my_location\",\n \"number_of_buckets\": 1,\n \"output_format\": \"SequenceFileInputFormat\",\n \"stored_as_sub_directories\": False,\n \"parameters\": {\n \"param1\": \"param1_val\",\n },\n \"columns\": [\n {\n \"name\": \"my_column_1\",\n \"type\": \"int\",\n \"comment\": \"my_column1_comment\",\n },\n {\n \"name\": \"my_column_2\",\n \"type\": \"string\",\n \"comment\": \"my_column2_comment\",\n },\n ],\n \"ser_de_info\": {\n \"name\": \"ser_de_name\",\n \"parameters\": {\n \"param1\": \"param_val_1\",\n },\n \"serialization_library\": \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n \"sort_columns\": [{\n \"column\": \"my_column_1\",\n \"sort_order\": 1,\n }],\n \"skewed_info\": {\n \"skewed_column_names\": [\"my_column_1\"],\n \"skewed_column_value_location_maps\": {\n \"my_column_1\": \"my_column_1_val_loc_map\",\n },\n \"skewed_column_values\": [\"skewed_val_1\"],\n },\n },\n partition_keys=[\n {\n \"name\": \"my_column_1\",\n \"type\": \"int\",\n \"comment\": \"my_column_1_comment\",\n },\n {\n \"name\": \"my_column_2\",\n \"type\": \"string\",\n \"comment\": \"my_column_2_comment\",\n },\n ],\n parameters={\n \"param1\": \"param1_val\",\n })\ntest = aws.glue.MLTransform(\"test\",\n name=\"example\",\n role_arn=test_aws_iam_role[\"arn\"],\n input_record_tables=[{\n \"database_name\": test_catalog_table.database_name,\n \"table_name\": test_catalog_table.name,\n }],\n parameters={\n \"transform_type\": \"FIND_MATCHES\",\n \"find_matches_parameters\": {\n \"primary_key_column_name\": \"my_column_1\",\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[test_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCatalogDatabase = new Aws.Glue.CatalogDatabase(\"test\", new()\n {\n Name = \"example\",\n });\n\n var testCatalogTable = new Aws.Glue.CatalogTable(\"test\", new()\n {\n Name = \"example\",\n DatabaseName = testCatalogDatabase.Name,\n Owner = \"my_owner\",\n Retention = 1,\n TableType = \"VIRTUAL_VIEW\",\n ViewExpandedText = \"view_expanded_text_1\",\n ViewOriginalText = \"view_original_text_1\",\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n BucketColumns = new[]\n {\n \"bucket_column_1\",\n },\n Compressed = false,\n InputFormat = \"SequenceFileInputFormat\",\n Location = \"my_location\",\n NumberOfBuckets = 1,\n OutputFormat = \"SequenceFileInputFormat\",\n StoredAsSubDirectories = false,\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column2_comment\",\n },\n },\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"ser_de_name\",\n Parameters = \n {\n { \"param1\", \"param_val_1\" },\n },\n SerializationLibrary = \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n SortColumns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorSortColumnArgs\n {\n Column = \"my_column_1\",\n SortOrder = 1,\n },\n },\n SkewedInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSkewedInfoArgs\n {\n SkewedColumnNames = new[]\n {\n \"my_column_1\",\n },\n SkewedColumnValueLocationMaps = \n {\n { \"my_column_1\", \"my_column_1_val_loc_map\" },\n },\n SkewedColumnValues = new[]\n {\n \"skewed_val_1\",\n },\n },\n },\n PartitionKeys = new[]\n {\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column_1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column_2_comment\",\n },\n },\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n });\n\n var test = new Aws.Glue.MLTransform(\"test\", new()\n {\n Name = \"example\",\n RoleArn = testAwsIamRole.Arn,\n InputRecordTables = new[]\n {\n new Aws.Glue.Inputs.MLTransformInputRecordTableArgs\n {\n DatabaseName = testCatalogTable.DatabaseName,\n TableName = testCatalogTable.Name,\n },\n },\n Parameters = new Aws.Glue.Inputs.MLTransformParametersArgs\n {\n TransformType = \"FIND_MATCHES\",\n FindMatchesParameters = new Aws.Glue.Inputs.MLTransformParametersFindMatchesParametersArgs\n {\n PrimaryKeyColumnName = \"my_column_1\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsIamRolePolicyAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCatalogDatabase, err := glue.NewCatalogDatabase(ctx, \"test\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestCatalogTable, err := glue.NewCatalogTable(ctx, \"test\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDatabaseName: testCatalogDatabase.Name,\n\t\t\tOwner: pulumi.String(\"my_owner\"),\n\t\t\tRetention: pulumi.Int(1),\n\t\t\tTableType: pulumi.String(\"VIRTUAL_VIEW\"),\n\t\t\tViewExpandedText: pulumi.String(\"view_expanded_text_1\"),\n\t\t\tViewOriginalText: pulumi.String(\"view_original_text_1\"),\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tBucketColumns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"bucket_column_1\"),\n\t\t\t\t},\n\t\t\t\tCompressed: pulumi.Bool(false),\n\t\t\t\tInputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tLocation: pulumi.String(\"my_location\"),\n\t\t\t\tNumberOfBuckets: pulumi.Int(1),\n\t\t\t\tOutputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tStoredAsSubDirectories: pulumi.Bool(false),\n\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t\t},\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column1_comment\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column2_comment\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"ser_de_name\"),\n\t\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"param1\": pulumi.String(\"param_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\"),\n\t\t\t\t},\n\t\t\t\tSortColumns: glue.CatalogTableStorageDescriptorSortColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorSortColumnArgs{\n\t\t\t\t\t\tColumn: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tSortOrder: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSkewedInfo: \u0026glue.CatalogTableStorageDescriptorSkewedInfoArgs{\n\t\t\t\t\tSkewedColumnNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my_column_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValueLocationMaps: pulumi.StringMap{\n\t\t\t\t\t\t\"my_column_1\": pulumi.String(\"my_column_1_val_loc_map\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"skewed_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPartitionKeys: glue.CatalogTablePartitionKeyArray{\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_1_comment\"),\n\t\t\t\t},\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_2_comment\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewMLTransform(ctx, \"test\", \u0026glue.MLTransformArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tInputRecordTables: glue.MLTransformInputRecordTableArray{\n\t\t\t\t\u0026glue.MLTransformInputRecordTableArgs{\n\t\t\t\t\tDatabaseName: testCatalogTable.DatabaseName,\n\t\t\t\t\tTableName: testCatalogTable.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: \u0026glue.MLTransformParametersArgs{\n\t\t\t\tTransformType: pulumi.String(\"FIND_MATCHES\"),\n\t\t\t\tFindMatchesParameters: \u0026glue.MLTransformParametersFindMatchesParametersArgs{\n\t\t\t\t\tPrimaryKeyColumnName: pulumi.String(\"my_column_1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSerDeInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSkewedInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTablePartitionKeyArgs;\nimport com.pulumi.aws.glue.MLTransform;\nimport com.pulumi.aws.glue.MLTransformArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformInputRecordTableArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersFindMatchesParametersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCatalogDatabase = new CatalogDatabase(\"testCatalogDatabase\", CatalogDatabaseArgs.builder()\n .name(\"example\")\n .build());\n\n var testCatalogTable = new CatalogTable(\"testCatalogTable\", CatalogTableArgs.builder()\n .name(\"example\")\n .databaseName(testCatalogDatabase.name())\n .owner(\"my_owner\")\n .retention(1)\n .tableType(\"VIRTUAL_VIEW\")\n .viewExpandedText(\"view_expanded_text_1\")\n .viewOriginalText(\"view_original_text_1\")\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .bucketColumns(\"bucket_column_1\")\n .compressed(false)\n .inputFormat(\"SequenceFileInputFormat\")\n .location(\"my_location\")\n .numberOfBuckets(1)\n .outputFormat(\"SequenceFileInputFormat\")\n .storedAsSubDirectories(false)\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .columns( \n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column1_comment\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column2_comment\")\n .build())\n .serDeInfo(CatalogTableStorageDescriptorSerDeInfoArgs.builder()\n .name(\"ser_de_name\")\n .parameters(Map.of(\"param1\", \"param_val_1\"))\n .serializationLibrary(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\")\n .build())\n .sortColumns(CatalogTableStorageDescriptorSortColumnArgs.builder()\n .column(\"my_column_1\")\n .sortOrder(1)\n .build())\n .skewedInfo(CatalogTableStorageDescriptorSkewedInfoArgs.builder()\n .skewedColumnNames(\"my_column_1\")\n .skewedColumnValueLocationMaps(Map.of(\"my_column_1\", \"my_column_1_val_loc_map\"))\n .skewedColumnValues(\"skewed_val_1\")\n .build())\n .build())\n .partitionKeys( \n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column_1_comment\")\n .build(),\n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column_2_comment\")\n .build())\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .build());\n\n var test = new MLTransform(\"test\", MLTransformArgs.builder()\n .name(\"example\")\n .roleArn(testAwsIamRole.arn())\n .inputRecordTables(MLTransformInputRecordTableArgs.builder()\n .databaseName(testCatalogTable.databaseName())\n .tableName(testCatalogTable.name())\n .build())\n .parameters(MLTransformParametersArgs.builder()\n .transformType(\"FIND_MATCHES\")\n .findMatchesParameters(MLTransformParametersFindMatchesParametersArgs.builder()\n .primaryKeyColumnName(\"my_column_1\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:glue:MLTransform\n properties:\n name: example\n roleArn: ${testAwsIamRole.arn}\n inputRecordTables:\n - databaseName: ${testCatalogTable.databaseName}\n tableName: ${testCatalogTable.name}\n parameters:\n transformType: FIND_MATCHES\n findMatchesParameters:\n primaryKeyColumnName: my_column_1\n options:\n dependson:\n - ${testAwsIamRolePolicyAttachment}\n testCatalogDatabase:\n type: aws:glue:CatalogDatabase\n name: test\n properties:\n name: example\n testCatalogTable:\n type: aws:glue:CatalogTable\n name: test\n properties:\n name: example\n databaseName: ${testCatalogDatabase.name}\n owner: my_owner\n retention: 1\n tableType: VIRTUAL_VIEW\n viewExpandedText: view_expanded_text_1\n viewOriginalText: view_original_text_1\n storageDescriptor:\n bucketColumns:\n - bucket_column_1\n compressed: false\n inputFormat: SequenceFileInputFormat\n location: my_location\n numberOfBuckets: 1\n outputFormat: SequenceFileInputFormat\n storedAsSubDirectories: false\n parameters:\n param1: param1_val\n columns:\n - name: my_column_1\n type: int\n comment: my_column1_comment\n - name: my_column_2\n type: string\n comment: my_column2_comment\n serDeInfo:\n name: ser_de_name\n parameters:\n param1: param_val_1\n serializationLibrary: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\n sortColumns:\n - column: my_column_1\n sortOrder: 1\n skewedInfo:\n skewedColumnNames:\n - my_column_1\n skewedColumnValueLocationMaps:\n my_column_1: my_column_1_val_loc_map\n skewedColumnValues:\n - skewed_val_1\n partitionKeys:\n - name: my_column_1\n type: int\n comment: my_column_1_comment\n - name: my_column_2\n type: string\n comment: my_column_2_comment\n parameters:\n param1: param1_val\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue ML Transforms using `id`. For example:\n\n```sh\n$ pulumi import aws:glue/mLTransform:MLTransform example tfm-c2cafbe83b1c575f49eaca9939220e2fcd58e2d5\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue ML Transform.\n" }, "description": { "type": "string", "description": "Description of the ML Transform.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "inputRecordTables": { "type": "array", "items": { "$ref": "#/types/aws:glue/MLTransformInputRecordTable:MLTransformInputRecordTable" }, "description": "A list of AWS Glue table definitions used by the transform. see Input Record Tables.\n" }, "labelCount": { "type": "integer", "description": "The number of labels available for this transform.\n" }, "maxCapacity": { "type": "number", "description": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from `2` to `100` DPUs; the default is `10`. `max_capacity` is a mutually exclusive option with `number_of_workers` and `worker_type`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this ML Transform if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this ML Transform. It must be unique in your account.\n" }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined `worker_type` that are allocated when an ML Transform runs. Required with `worker_type`.\n" }, "parameters": { "$ref": "#/types/aws:glue/MLTransformParameters:MLTransformParameters", "description": "The algorithmic parameters that are specific to the transform type used. Conditionally dependent on the transform type. see Parameters.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this ML Transform.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:glue/MLTransformSchema:MLTransformSchema" }, "description": "The object that represents the schema that this transform accepts. see Schema.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "The ML Transform timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when an ML Transform runs. Accepts a value of `Standard`, `G.1X`, or `G.2X`. Required with `number_of_workers`.\n" } }, "required": [ "arn", "glueVersion", "inputRecordTables", "labelCount", "maxCapacity", "name", "parameters", "roleArn", "schemas", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the ML Transform.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "inputRecordTables": { "type": "array", "items": { "$ref": "#/types/aws:glue/MLTransformInputRecordTable:MLTransformInputRecordTable" }, "description": "A list of AWS Glue table definitions used by the transform. see Input Record Tables.\n", "willReplaceOnChanges": true }, "maxCapacity": { "type": "number", "description": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from `2` to `100` DPUs; the default is `10`. `max_capacity` is a mutually exclusive option with `number_of_workers` and `worker_type`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this ML Transform if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this ML Transform. It must be unique in your account.\n", "willReplaceOnChanges": true }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined `worker_type` that are allocated when an ML Transform runs. Required with `worker_type`.\n" }, "parameters": { "$ref": "#/types/aws:glue/MLTransformParameters:MLTransformParameters", "description": "The algorithmic parameters that are specific to the transform type used. Conditionally dependent on the transform type. see Parameters.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this ML Transform.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeout": { "type": "integer", "description": "The ML Transform timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when an ML Transform runs. Accepts a value of `Standard`, `G.1X`, or `G.2X`. Required with `number_of_workers`.\n" } }, "requiredInputs": [ "inputRecordTables", "parameters", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering MLTransform resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue ML Transform.\n" }, "description": { "type": "string", "description": "Description of the ML Transform.\n" }, "glueVersion": { "type": "string", "description": "The version of glue to use, for example \"1.0\". For information about available versions, see the [AWS Glue Release Notes](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html).\n" }, "inputRecordTables": { "type": "array", "items": { "$ref": "#/types/aws:glue/MLTransformInputRecordTable:MLTransformInputRecordTable" }, "description": "A list of AWS Glue table definitions used by the transform. see Input Record Tables.\n", "willReplaceOnChanges": true }, "labelCount": { "type": "integer", "description": "The number of labels available for this transform.\n" }, "maxCapacity": { "type": "number", "description": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from `2` to `100` DPUs; the default is `10`. `max_capacity` is a mutually exclusive option with `number_of_workers` and `worker_type`.\n" }, "maxRetries": { "type": "integer", "description": "The maximum number of times to retry this ML Transform if it fails.\n" }, "name": { "type": "string", "description": "The name you assign to this ML Transform. It must be unique in your account.\n", "willReplaceOnChanges": true }, "numberOfWorkers": { "type": "integer", "description": "The number of workers of a defined `worker_type` that are allocated when an ML Transform runs. Required with `worker_type`.\n" }, "parameters": { "$ref": "#/types/aws:glue/MLTransformParameters:MLTransformParameters", "description": "The algorithmic parameters that are specific to the transform type used. Conditionally dependent on the transform type. see Parameters.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role associated with this ML Transform.\n" }, "schemas": { "type": "array", "items": { "$ref": "#/types/aws:glue/MLTransformSchema:MLTransformSchema" }, "description": "The object that represents the schema that this transform accepts. see Schema.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "The ML Transform timeout in minutes. The default is 2880 minutes (48 hours).\n" }, "workerType": { "type": "string", "description": "The type of predefined worker that is allocated when an ML Transform runs. Accepts a value of `Standard`, `G.1X`, or `G.2X`. Required with `number_of_workers`.\n" } }, "type": "object" } }, "aws:glue/partition:Partition": { "description": "Provides a Glue Partition Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:glue:Partition\n properties:\n databaseName: some-database\n tableName: some-table\n values:\n - some-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Partitions using the catalog ID (usually AWS account ID), database name, table name and partition values. For example:\n\n```sh\n$ pulumi import aws:glue/partition:Partition part 123456789012:MyDatabase:MyTable:val1#val2\n```\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n" }, "creationTime": { "type": "string", "description": "The time at which the partition was created.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n" }, "lastAccessedTime": { "type": "string", "description": "The last time at which the partition was accessed.\n" }, "lastAnalyzedTime": { "type": "string", "description": "The last time at which column statistics were computed for this partition.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionValues": { "type": "array", "items": { "type": "string" }, "description": "The values that define the partition.\n" }, "storageDescriptor": { "$ref": "#/types/aws:glue/PartitionStorageDescriptor:PartitionStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableName": { "type": "string" } }, "required": [ "catalogId", "creationTime", "databaseName", "lastAccessedTime", "lastAnalyzedTime", "partitionValues", "tableName" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionValues": { "type": "array", "items": { "type": "string" }, "description": "The values that define the partition.\n", "willReplaceOnChanges": true }, "storageDescriptor": { "$ref": "#/types/aws:glue/PartitionStorageDescriptor:PartitionStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableName": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "databaseName", "partitionValues", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Partition resources.\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database to create the table in. If omitted, this defaults to the AWS Account ID plus the database name.\n", "willReplaceOnChanges": true }, "creationTime": { "type": "string", "description": "The time at which the partition was created.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n", "willReplaceOnChanges": true }, "lastAccessedTime": { "type": "string", "description": "The last time at which the partition was accessed.\n" }, "lastAnalyzedTime": { "type": "string", "description": "The last time at which column statistics were computed for this partition.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties associated with this table, as a list of key-value pairs.\n" }, "partitionValues": { "type": "array", "items": { "type": "string" }, "description": "The values that define the partition.\n", "willReplaceOnChanges": true }, "storageDescriptor": { "$ref": "#/types/aws:glue/PartitionStorageDescriptor:PartitionStorageDescriptor", "description": "A storage descriptor object containing information about the physical storage of this table. You can refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor) for a full explanation of this object.\n" }, "tableName": { "type": "string", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/partitionIndex:PartitionIndex": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.CatalogDatabase(\"example\", {name: \"example\"});\nconst exampleCatalogTable = new aws.glue.CatalogTable(\"example\", {\n name: \"example\",\n databaseName: example.name,\n owner: \"my_owner\",\n retention: 1,\n tableType: \"VIRTUAL_VIEW\",\n viewExpandedText: \"view_expanded_text_1\",\n viewOriginalText: \"view_original_text_1\",\n storageDescriptor: {\n bucketColumns: [\"bucket_column_1\"],\n compressed: false,\n inputFormat: \"SequenceFileInputFormat\",\n location: \"my_location\",\n numberOfBuckets: 1,\n outputFormat: \"SequenceFileInputFormat\",\n storedAsSubDirectories: false,\n parameters: {\n param1: \"param1_val\",\n },\n columns: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column2_comment\",\n },\n ],\n serDeInfo: {\n name: \"ser_de_name\",\n parameters: {\n param1: \"param_val_1\",\n },\n serializationLibrary: \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n sortColumns: [{\n column: \"my_column_1\",\n sortOrder: 1,\n }],\n skewedInfo: {\n skewedColumnNames: [\"my_column_1\"],\n skewedColumnValueLocationMaps: {\n my_column_1: \"my_column_1_val_loc_map\",\n },\n skewedColumnValues: [\"skewed_val_1\"],\n },\n },\n partitionKeys: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column_1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column_2_comment\",\n },\n ],\n parameters: {\n param1: \"param1_val\",\n },\n});\nconst examplePartitionIndex = new aws.glue.PartitionIndex(\"example\", {\n databaseName: example.name,\n tableName: exampleCatalogTable.name,\n partitionIndex: {\n indexName: \"example\",\n keys: [\n \"my_column_1\",\n \"my_column_2\",\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.CatalogDatabase(\"example\", name=\"example\")\nexample_catalog_table = aws.glue.CatalogTable(\"example\",\n name=\"example\",\n database_name=example.name,\n owner=\"my_owner\",\n retention=1,\n table_type=\"VIRTUAL_VIEW\",\n view_expanded_text=\"view_expanded_text_1\",\n view_original_text=\"view_original_text_1\",\n storage_descriptor={\n \"bucket_columns\": [\"bucket_column_1\"],\n \"compressed\": False,\n \"input_format\": \"SequenceFileInputFormat\",\n \"location\": \"my_location\",\n \"number_of_buckets\": 1,\n \"output_format\": \"SequenceFileInputFormat\",\n \"stored_as_sub_directories\": False,\n \"parameters\": {\n \"param1\": \"param1_val\",\n },\n \"columns\": [\n {\n \"name\": \"my_column_1\",\n \"type\": \"int\",\n \"comment\": \"my_column1_comment\",\n },\n {\n \"name\": \"my_column_2\",\n \"type\": \"string\",\n \"comment\": \"my_column2_comment\",\n },\n ],\n \"ser_de_info\": {\n \"name\": \"ser_de_name\",\n \"parameters\": {\n \"param1\": \"param_val_1\",\n },\n \"serialization_library\": \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n \"sort_columns\": [{\n \"column\": \"my_column_1\",\n \"sort_order\": 1,\n }],\n \"skewed_info\": {\n \"skewed_column_names\": [\"my_column_1\"],\n \"skewed_column_value_location_maps\": {\n \"my_column_1\": \"my_column_1_val_loc_map\",\n },\n \"skewed_column_values\": [\"skewed_val_1\"],\n },\n },\n partition_keys=[\n {\n \"name\": \"my_column_1\",\n \"type\": \"int\",\n \"comment\": \"my_column_1_comment\",\n },\n {\n \"name\": \"my_column_2\",\n \"type\": \"string\",\n \"comment\": \"my_column_2_comment\",\n },\n ],\n parameters={\n \"param1\": \"param1_val\",\n })\nexample_partition_index = aws.glue.PartitionIndex(\"example\",\n database_name=example.name,\n table_name=example_catalog_table.name,\n partition_index={\n \"index_name\": \"example\",\n \"keys\": [\n \"my_column_1\",\n \"my_column_2\",\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.CatalogDatabase(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleCatalogTable = new Aws.Glue.CatalogTable(\"example\", new()\n {\n Name = \"example\",\n DatabaseName = example.Name,\n Owner = \"my_owner\",\n Retention = 1,\n TableType = \"VIRTUAL_VIEW\",\n ViewExpandedText = \"view_expanded_text_1\",\n ViewOriginalText = \"view_original_text_1\",\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n BucketColumns = new[]\n {\n \"bucket_column_1\",\n },\n Compressed = false,\n InputFormat = \"SequenceFileInputFormat\",\n Location = \"my_location\",\n NumberOfBuckets = 1,\n OutputFormat = \"SequenceFileInputFormat\",\n StoredAsSubDirectories = false,\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column2_comment\",\n },\n },\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"ser_de_name\",\n Parameters = \n {\n { \"param1\", \"param_val_1\" },\n },\n SerializationLibrary = \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n SortColumns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorSortColumnArgs\n {\n Column = \"my_column_1\",\n SortOrder = 1,\n },\n },\n SkewedInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSkewedInfoArgs\n {\n SkewedColumnNames = new[]\n {\n \"my_column_1\",\n },\n SkewedColumnValueLocationMaps = \n {\n { \"my_column_1\", \"my_column_1_val_loc_map\" },\n },\n SkewedColumnValues = new[]\n {\n \"skewed_val_1\",\n },\n },\n },\n PartitionKeys = new[]\n {\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column_1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column_2_comment\",\n },\n },\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n });\n\n var examplePartitionIndex = new Aws.Glue.PartitionIndex(\"example\", new()\n {\n DatabaseName = example.Name,\n TableName = exampleCatalogTable.Name,\n PartitionIndexConfig = new Aws.Glue.Inputs.PartitionIndexPartitionIndexArgs\n {\n IndexName = \"example\",\n Keys = new[]\n {\n \"my_column_1\",\n \"my_column_2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.NewCatalogDatabase(ctx, \"example\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCatalogTable, err := glue.NewCatalogTable(ctx, \"example\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDatabaseName: example.Name,\n\t\t\tOwner: pulumi.String(\"my_owner\"),\n\t\t\tRetention: pulumi.Int(1),\n\t\t\tTableType: pulumi.String(\"VIRTUAL_VIEW\"),\n\t\t\tViewExpandedText: pulumi.String(\"view_expanded_text_1\"),\n\t\t\tViewOriginalText: pulumi.String(\"view_original_text_1\"),\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tBucketColumns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"bucket_column_1\"),\n\t\t\t\t},\n\t\t\t\tCompressed: pulumi.Bool(false),\n\t\t\t\tInputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tLocation: pulumi.String(\"my_location\"),\n\t\t\t\tNumberOfBuckets: pulumi.Int(1),\n\t\t\t\tOutputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tStoredAsSubDirectories: pulumi.Bool(false),\n\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t\t},\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column1_comment\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column2_comment\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"ser_de_name\"),\n\t\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"param1\": pulumi.String(\"param_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\"),\n\t\t\t\t},\n\t\t\t\tSortColumns: glue.CatalogTableStorageDescriptorSortColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorSortColumnArgs{\n\t\t\t\t\t\tColumn: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tSortOrder: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSkewedInfo: \u0026glue.CatalogTableStorageDescriptorSkewedInfoArgs{\n\t\t\t\t\tSkewedColumnNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my_column_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValueLocationMaps: pulumi.StringMap{\n\t\t\t\t\t\t\"my_column_1\": pulumi.String(\"my_column_1_val_loc_map\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"skewed_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPartitionKeys: glue.CatalogTablePartitionKeyArray{\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_1_comment\"),\n\t\t\t\t},\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_2_comment\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewPartitionIndex(ctx, \"example\", \u0026glue.PartitionIndexArgs{\n\t\t\tDatabaseName: example.Name,\n\t\t\tTableName: exampleCatalogTable.Name,\n\t\t\tPartitionIndex: \u0026glue.PartitionIndexPartitionIndexArgs{\n\t\t\t\tIndexName: pulumi.String(\"example\"),\n\t\t\t\tKeys: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my_column_1\"),\n\t\t\t\t\tpulumi.String(\"my_column_2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSerDeInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSkewedInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTablePartitionKeyArgs;\nimport com.pulumi.aws.glue.PartitionIndex;\nimport com.pulumi.aws.glue.PartitionIndexArgs;\nimport com.pulumi.aws.glue.inputs.PartitionIndexPartitionIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CatalogDatabase(\"example\", CatalogDatabaseArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleCatalogTable = new CatalogTable(\"exampleCatalogTable\", CatalogTableArgs.builder()\n .name(\"example\")\n .databaseName(example.name())\n .owner(\"my_owner\")\n .retention(1)\n .tableType(\"VIRTUAL_VIEW\")\n .viewExpandedText(\"view_expanded_text_1\")\n .viewOriginalText(\"view_original_text_1\")\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .bucketColumns(\"bucket_column_1\")\n .compressed(false)\n .inputFormat(\"SequenceFileInputFormat\")\n .location(\"my_location\")\n .numberOfBuckets(1)\n .outputFormat(\"SequenceFileInputFormat\")\n .storedAsSubDirectories(false)\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .columns( \n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column1_comment\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column2_comment\")\n .build())\n .serDeInfo(CatalogTableStorageDescriptorSerDeInfoArgs.builder()\n .name(\"ser_de_name\")\n .parameters(Map.of(\"param1\", \"param_val_1\"))\n .serializationLibrary(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\")\n .build())\n .sortColumns(CatalogTableStorageDescriptorSortColumnArgs.builder()\n .column(\"my_column_1\")\n .sortOrder(1)\n .build())\n .skewedInfo(CatalogTableStorageDescriptorSkewedInfoArgs.builder()\n .skewedColumnNames(\"my_column_1\")\n .skewedColumnValueLocationMaps(Map.of(\"my_column_1\", \"my_column_1_val_loc_map\"))\n .skewedColumnValues(\"skewed_val_1\")\n .build())\n .build())\n .partitionKeys( \n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column_1_comment\")\n .build(),\n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column_2_comment\")\n .build())\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .build());\n\n var examplePartitionIndex = new PartitionIndex(\"examplePartitionIndex\", PartitionIndexArgs.builder()\n .databaseName(example.name())\n .tableName(exampleCatalogTable.name())\n .partitionIndex(PartitionIndexPartitionIndexArgs.builder()\n .indexName(\"example\")\n .keys( \n \"my_column_1\",\n \"my_column_2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:CatalogDatabase\n properties:\n name: example\n exampleCatalogTable:\n type: aws:glue:CatalogTable\n name: example\n properties:\n name: example\n databaseName: ${example.name}\n owner: my_owner\n retention: 1\n tableType: VIRTUAL_VIEW\n viewExpandedText: view_expanded_text_1\n viewOriginalText: view_original_text_1\n storageDescriptor:\n bucketColumns:\n - bucket_column_1\n compressed: false\n inputFormat: SequenceFileInputFormat\n location: my_location\n numberOfBuckets: 1\n outputFormat: SequenceFileInputFormat\n storedAsSubDirectories: false\n parameters:\n param1: param1_val\n columns:\n - name: my_column_1\n type: int\n comment: my_column1_comment\n - name: my_column_2\n type: string\n comment: my_column2_comment\n serDeInfo:\n name: ser_de_name\n parameters:\n param1: param_val_1\n serializationLibrary: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\n sortColumns:\n - column: my_column_1\n sortOrder: 1\n skewedInfo:\n skewedColumnNames:\n - my_column_1\n skewedColumnValueLocationMaps:\n my_column_1: my_column_1_val_loc_map\n skewedColumnValues:\n - skewed_val_1\n partitionKeys:\n - name: my_column_1\n type: int\n comment: my_column_1_comment\n - name: my_column_2\n type: string\n comment: my_column_2_comment\n parameters:\n param1: param1_val\n examplePartitionIndex:\n type: aws:glue:PartitionIndex\n name: example\n properties:\n databaseName: ${example.name}\n tableName: ${exampleCatalogTable.name}\n partitionIndex:\n indexName: example\n keys:\n - my_column_1\n - my_column_2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Partition Indexes using the catalog ID (usually AWS account ID), database name, table name, and index name. For example:\n\n```sh\n$ pulumi import aws:glue/partitionIndex:PartitionIndex example 123456789012:MyDatabase:MyTable:index-name\n```\n", "properties": { "catalogId": { "type": "string", "description": "The catalog ID where the table resides.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n" }, "partitionIndex": { "$ref": "#/types/aws:glue/PartitionIndexPartitionIndex:PartitionIndexPartitionIndex", "description": "Configuration block for a partition index. See `partition_index` below.\n", "language": { "csharp": { "name": "PartitionIndexConfig" } } }, "tableName": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n" } }, "required": [ "catalogId", "databaseName", "partitionIndex", "tableName" ], "inputProperties": { "catalogId": { "type": "string", "description": "The catalog ID where the table resides.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n", "willReplaceOnChanges": true }, "partitionIndex": { "$ref": "#/types/aws:glue/PartitionIndexPartitionIndex:PartitionIndexPartitionIndex", "description": "Configuration block for a partition index. See `partition_index` below.\n", "language": { "csharp": { "name": "PartitionIndexConfig" } }, "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "databaseName", "partitionIndex", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering PartitionIndex resources.\n", "properties": { "catalogId": { "type": "string", "description": "The catalog ID where the table resides.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides. For Hive compatibility, this must be all lowercase.\n", "willReplaceOnChanges": true }, "partitionIndex": { "$ref": "#/types/aws:glue/PartitionIndexPartitionIndex:PartitionIndexPartitionIndex", "description": "Configuration block for a partition index. See `partition_index` below.\n", "language": { "csharp": { "name": "PartitionIndexConfig" } }, "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "Name of the table. For Hive compatibility, this must be entirely lowercase.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/registry:Registry": { "description": "Provides a Glue Registry resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Registry(\"example\", {registryName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Registry(\"example\", registry_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Registry(\"example\", new()\n {\n RegistryName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewRegistry(ctx, \"example\", \u0026glue.RegistryArgs{\n\t\t\tRegistryName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Registry;\nimport com.pulumi.aws.glue.RegistryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Registry(\"example\", RegistryArgs.builder()\n .registryName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Registry\n properties:\n registryName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Registries using `arn`. For example:\n\n```sh\n$ pulumi import aws:glue/registry:Registry example arn:aws:glue:us-west-2:123456789012:registry/example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Registry.\n" }, "description": { "type": "string", "description": "A description of the registry.\n" }, "registryName": { "type": "string", "description": "The Name of the registry.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "registryName", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description of the registry.\n" }, "registryName": { "type": "string", "description": "The Name of the registry.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "registryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Registry resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Registry.\n" }, "description": { "type": "string", "description": "A description of the registry.\n" }, "registryName": { "type": "string", "description": "The Name of the registry.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:glue/resourcePolicy:ResourcePolicy": { "description": "Provides a Glue resource policy. Only one can exist per region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst glue-example-policy = Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"glue:CreateTable\"],\n resources: [`arn:${currentGetPartition.partition}:glue:${currentGetRegion.name}:${current.accountId}:*`],\n principals: [{\n identifiers: [\"*\"],\n type: \"AWS\",\n }],\n }],\n}));\nconst example = new aws.glue.ResourcePolicy(\"example\", {policy: glue_example_policy.then(glue_example_policy =\u003e glue_example_policy.json)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\ncurrent_get_region = aws.get_region()\nglue_example_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"glue:CreateTable\"],\n \"resources\": [f\"arn:{current_get_partition.partition}:glue:{current_get_region.name}:{current.account_id}:*\"],\n \"principals\": [{\n \"identifiers\": [\"*\"],\n \"type\": \"AWS\",\n }],\n}])\nexample = aws.glue.ResourcePolicy(\"example\", policy=glue_example_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var glue_example_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"glue:CreateTable\",\n },\n Resources = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:glue:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"*\",\n },\n Type = \"AWS\",\n },\n },\n },\n },\n });\n\n var example = new Aws.Glue.ResourcePolicy(\"example\", new()\n {\n Policy = glue_example_policy.Apply(glue_example_policy =\u003e glue_example_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tglue_example_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"glue:CreateTable\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:%v:glue:%v:%v:*\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewResourcePolicy(ctx, \"example\", \u0026glue.ResourcePolicyArgs{\n\t\t\tPolicy: pulumi.String(glue_example_policy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.glue.ResourcePolicy;\nimport com.pulumi.aws.glue.ResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var glue-example-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"glue:CreateTable\")\n .resources(String.format(\"arn:%s:glue:%s:%s:*\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"*\")\n .type(\"AWS\")\n .build())\n .build())\n .build());\n\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .policy(glue_example_policy.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:ResourcePolicy\n properties:\n policy: ${[\"glue-example-policy\"].json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n glue-example-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - glue:CreateTable\n resources:\n - arn:${currentGetPartition.partition}:glue:${currentGetRegion.name}:${current.accountId}:*\n principals:\n - identifiers:\n - '*'\n type: AWS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Resource Policy using the account ID. For example:\n\n```sh\n$ pulumi import aws:glue/resourcePolicy:ResourcePolicy Test 12356789012\n```\n", "properties": { "enableHybrid": { "type": "string", "description": "Indicates that you are using both methods to grant cross-account. Valid values are `TRUE` and `FALSE`. Note the provider will not perform drift detetction on this field as its not return on read.\n" }, "policy": { "type": "string", "description": "The policy to be applied to the aws glue data catalog.\n" } }, "required": [ "policy" ], "inputProperties": { "enableHybrid": { "type": "string", "description": "Indicates that you are using both methods to grant cross-account. Valid values are `TRUE` and `FALSE`. Note the provider will not perform drift detetction on this field as its not return on read.\n" }, "policy": { "type": "string", "description": "The policy to be applied to the aws glue data catalog.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "enableHybrid": { "type": "string", "description": "Indicates that you are using both methods to grant cross-account. Valid values are `TRUE` and `FALSE`. Note the provider will not perform drift detetction on this field as its not return on read.\n" }, "policy": { "type": "string", "description": "The policy to be applied to the aws glue data catalog.\n" } }, "type": "object" } }, "aws:glue/schema:Schema": { "description": "Provides a Glue Schema resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Schema(\"example\", {\n schemaName: \"example\",\n registryArn: test.arn,\n dataFormat: \"AVRO\",\n compatibility: \"NONE\",\n schemaDefinition: \"{\\\"type\\\": \\\"record\\\", \\\"name\\\": \\\"r1\\\", \\\"fields\\\": [ {\\\"name\\\": \\\"f1\\\", \\\"type\\\": \\\"int\\\"}, {\\\"name\\\": \\\"f2\\\", \\\"type\\\": \\\"string\\\"} ]}\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Schema(\"example\",\n schema_name=\"example\",\n registry_arn=test[\"arn\"],\n data_format=\"AVRO\",\n compatibility=\"NONE\",\n schema_definition=\"{\\\"type\\\": \\\"record\\\", \\\"name\\\": \\\"r1\\\", \\\"fields\\\": [ {\\\"name\\\": \\\"f1\\\", \\\"type\\\": \\\"int\\\"}, {\\\"name\\\": \\\"f2\\\", \\\"type\\\": \\\"string\\\"} ]}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Schema(\"example\", new()\n {\n SchemaName = \"example\",\n RegistryArn = test.Arn,\n DataFormat = \"AVRO\",\n Compatibility = \"NONE\",\n SchemaDefinition = \"{\\\"type\\\": \\\"record\\\", \\\"name\\\": \\\"r1\\\", \\\"fields\\\": [ {\\\"name\\\": \\\"f1\\\", \\\"type\\\": \\\"int\\\"}, {\\\"name\\\": \\\"f2\\\", \\\"type\\\": \\\"string\\\"} ]}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewSchema(ctx, \"example\", \u0026glue.SchemaArgs{\n\t\t\tSchemaName: pulumi.String(\"example\"),\n\t\t\tRegistryArn: pulumi.Any(test.Arn),\n\t\t\tDataFormat: pulumi.String(\"AVRO\"),\n\t\t\tCompatibility: pulumi.String(\"NONE\"),\n\t\t\tSchemaDefinition: pulumi.String(\"{\\\"type\\\": \\\"record\\\", \\\"name\\\": \\\"r1\\\", \\\"fields\\\": [ {\\\"name\\\": \\\"f1\\\", \\\"type\\\": \\\"int\\\"}, {\\\"name\\\": \\\"f2\\\", \\\"type\\\": \\\"string\\\"} ]}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Schema;\nimport com.pulumi.aws.glue.SchemaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schema(\"example\", SchemaArgs.builder()\n .schemaName(\"example\")\n .registryArn(test.arn())\n .dataFormat(\"AVRO\")\n .compatibility(\"NONE\")\n .schemaDefinition(\"{\\\"type\\\": \\\"record\\\", \\\"name\\\": \\\"r1\\\", \\\"fields\\\": [ {\\\"name\\\": \\\"f1\\\", \\\"type\\\": \\\"int\\\"}, {\\\"name\\\": \\\"f2\\\", \\\"type\\\": \\\"string\\\"} ]}\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Schema\n properties:\n schemaName: example\n registryArn: ${test.arn}\n dataFormat: AVRO\n compatibility: NONE\n schemaDefinition: '{\"type\": \"record\", \"name\": \"r1\", \"fields\": [ {\"name\": \"f1\", \"type\": \"int\"}, {\"name\": \"f2\", \"type\": \"string\"} ]}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Registries using `arn`. For example:\n\n```sh\n$ pulumi import aws:glue/schema:Schema example arn:aws:glue:us-west-2:123456789012:schema/example/example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the schema.\n" }, "compatibility": { "type": "string", "description": "The compatibility mode of the schema. Values values are: `NONE`, `DISABLED`, `BACKWARD`, `BACKWARD_ALL`, `FORWARD`, `FORWARD_ALL`, `FULL`, and `FULL_ALL`.\n" }, "dataFormat": { "type": "string", "description": "The data format of the schema definition. Valid values are `AVRO`, `JSON` and `PROTOBUF`.\n" }, "description": { "type": "string", "description": "A description of the schema.\n" }, "latestSchemaVersion": { "type": "integer", "description": "The latest version of the schema associated with the returned schema definition.\n" }, "nextSchemaVersion": { "type": "integer", "description": "The next version of the schema associated with the returned schema definition.\n" }, "registryArn": { "type": "string", "description": "The ARN of the Glue Registry to create the schema in.\n" }, "registryName": { "type": "string", "description": "The name of the Glue Registry.\n" }, "schemaCheckpoint": { "type": "integer", "description": "The version number of the checkpoint (the last time the compatibility mode was changed).\n" }, "schemaDefinition": { "type": "string", "description": "The schema definition using the `data_format` setting for `schema_name`.\n" }, "schemaName": { "type": "string", "description": "The Name of the schema.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "compatibility", "dataFormat", "latestSchemaVersion", "nextSchemaVersion", "registryArn", "registryName", "schemaCheckpoint", "schemaDefinition", "schemaName", "tagsAll" ], "inputProperties": { "compatibility": { "type": "string", "description": "The compatibility mode of the schema. Values values are: `NONE`, `DISABLED`, `BACKWARD`, `BACKWARD_ALL`, `FORWARD`, `FORWARD_ALL`, `FULL`, and `FULL_ALL`.\n" }, "dataFormat": { "type": "string", "description": "The data format of the schema definition. Valid values are `AVRO`, `JSON` and `PROTOBUF`.\n" }, "description": { "type": "string", "description": "A description of the schema.\n" }, "registryArn": { "type": "string", "description": "The ARN of the Glue Registry to create the schema in.\n" }, "schemaDefinition": { "type": "string", "description": "The schema definition using the `data_format` setting for `schema_name`.\n" }, "schemaName": { "type": "string", "description": "The Name of the schema.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "compatibility", "dataFormat", "schemaDefinition", "schemaName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schema resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the schema.\n" }, "compatibility": { "type": "string", "description": "The compatibility mode of the schema. Values values are: `NONE`, `DISABLED`, `BACKWARD`, `BACKWARD_ALL`, `FORWARD`, `FORWARD_ALL`, `FULL`, and `FULL_ALL`.\n" }, "dataFormat": { "type": "string", "description": "The data format of the schema definition. Valid values are `AVRO`, `JSON` and `PROTOBUF`.\n" }, "description": { "type": "string", "description": "A description of the schema.\n" }, "latestSchemaVersion": { "type": "integer", "description": "The latest version of the schema associated with the returned schema definition.\n" }, "nextSchemaVersion": { "type": "integer", "description": "The next version of the schema associated with the returned schema definition.\n" }, "registryArn": { "type": "string", "description": "The ARN of the Glue Registry to create the schema in.\n" }, "registryName": { "type": "string", "description": "The name of the Glue Registry.\n" }, "schemaCheckpoint": { "type": "integer", "description": "The version number of the checkpoint (the last time the compatibility mode was changed).\n" }, "schemaDefinition": { "type": "string", "description": "The schema definition using the `data_format` setting for `schema_name`.\n" }, "schemaName": { "type": "string", "description": "The Name of the schema.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:glue/securityConfiguration:SecurityConfiguration": { "description": "Manages a Glue Security Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.SecurityConfiguration(\"example\", {\n name: \"example\",\n encryptionConfiguration: {\n cloudwatchEncryption: {\n cloudwatchEncryptionMode: \"DISABLED\",\n },\n jobBookmarksEncryption: {\n jobBookmarksEncryptionMode: \"DISABLED\",\n },\n s3Encryption: {\n kmsKeyArn: exampleAwsKmsKey.arn,\n s3EncryptionMode: \"SSE-KMS\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.SecurityConfiguration(\"example\",\n name=\"example\",\n encryption_configuration={\n \"cloudwatch_encryption\": {\n \"cloudwatch_encryption_mode\": \"DISABLED\",\n },\n \"job_bookmarks_encryption\": {\n \"job_bookmarks_encryption_mode\": \"DISABLED\",\n },\n \"s3_encryption\": {\n \"kms_key_arn\": example_aws_kms_key[\"arn\"],\n \"s3_encryption_mode\": \"SSE-KMS\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.SecurityConfiguration(\"example\", new()\n {\n Name = \"example\",\n EncryptionConfiguration = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationArgs\n {\n CloudwatchEncryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs\n {\n CloudwatchEncryptionMode = \"DISABLED\",\n },\n JobBookmarksEncryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs\n {\n JobBookmarksEncryptionMode = \"DISABLED\",\n },\n S3Encryption = new Aws.Glue.Inputs.SecurityConfigurationEncryptionConfigurationS3EncryptionArgs\n {\n KmsKeyArn = exampleAwsKmsKey.Arn,\n S3EncryptionMode = \"SSE-KMS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewSecurityConfiguration(ctx, \"example\", \u0026glue.SecurityConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEncryptionConfiguration: \u0026glue.SecurityConfigurationEncryptionConfigurationArgs{\n\t\t\t\tCloudwatchEncryption: \u0026glue.SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs{\n\t\t\t\t\tCloudwatchEncryptionMode: pulumi.String(\"DISABLED\"),\n\t\t\t\t},\n\t\t\t\tJobBookmarksEncryption: \u0026glue.SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs{\n\t\t\t\t\tJobBookmarksEncryptionMode: pulumi.String(\"DISABLED\"),\n\t\t\t\t},\n\t\t\t\tS3Encryption: \u0026glue.SecurityConfigurationEncryptionConfigurationS3EncryptionArgs{\n\t\t\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t\t\tS3EncryptionMode: pulumi.String(\"SSE-KMS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.SecurityConfiguration;\nimport com.pulumi.aws.glue.SecurityConfigurationArgs;\nimport com.pulumi.aws.glue.inputs.SecurityConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.glue.inputs.SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs;\nimport com.pulumi.aws.glue.inputs.SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs;\nimport com.pulumi.aws.glue.inputs.SecurityConfigurationEncryptionConfigurationS3EncryptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityConfiguration(\"example\", SecurityConfigurationArgs.builder()\n .name(\"example\")\n .encryptionConfiguration(SecurityConfigurationEncryptionConfigurationArgs.builder()\n .cloudwatchEncryption(SecurityConfigurationEncryptionConfigurationCloudwatchEncryptionArgs.builder()\n .cloudwatchEncryptionMode(\"DISABLED\")\n .build())\n .jobBookmarksEncryption(SecurityConfigurationEncryptionConfigurationJobBookmarksEncryptionArgs.builder()\n .jobBookmarksEncryptionMode(\"DISABLED\")\n .build())\n .s3Encryption(SecurityConfigurationEncryptionConfigurationS3EncryptionArgs.builder()\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .s3EncryptionMode(\"SSE-KMS\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:SecurityConfiguration\n properties:\n name: example\n encryptionConfiguration:\n cloudwatchEncryption:\n cloudwatchEncryptionMode: DISABLED\n jobBookmarksEncryption:\n jobBookmarksEncryptionMode: DISABLED\n s3Encryption:\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n s3EncryptionMode: SSE-KMS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Security Configurations using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/securityConfiguration:SecurityConfiguration example example\n```\n", "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the security configuration.\n" } }, "required": [ "encryptionConfiguration", "name" ], "inputProperties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the security configuration.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "encryptionConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityConfiguration resources.\n", "properties": { "encryptionConfiguration": { "$ref": "#/types/aws:glue/SecurityConfigurationEncryptionConfiguration:SecurityConfigurationEncryptionConfiguration", "description": "Configuration block containing encryption configuration. Detailed below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the security configuration.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/trigger:Trigger": { "description": "Manages a Glue Trigger resource.\n\n## Example Usage\n\n### Conditional Trigger\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n name: \"example\",\n type: \"CONDITIONAL\",\n actions: [{\n jobName: example1.name,\n }],\n predicate: {\n conditions: [{\n jobName: example2.name,\n state: \"SUCCEEDED\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n name=\"example\",\n type=\"CONDITIONAL\",\n actions=[{\n \"job_name\": example1[\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"job_name\": example2[\"name\"],\n \"state\": \"SUCCEEDED\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Trigger(\"example\", new()\n {\n Name = \"example\",\n Type = \"CONDITIONAL\",\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = example2.Name,\n State = \"SUCCEEDED\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.Any(example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.Any(example2.Name),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport com.pulumi.aws.glue.inputs.TriggerPredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trigger(\"example\", TriggerArgs.builder()\n .name(\"example\")\n .type(\"CONDITIONAL\")\n .actions(TriggerActionArgs.builder()\n .jobName(example1.name())\n .build())\n .predicate(TriggerPredicateArgs.builder()\n .conditions(TriggerPredicateConditionArgs.builder()\n .jobName(example2.name())\n .state(\"SUCCEEDED\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Trigger\n properties:\n name: example\n type: CONDITIONAL\n actions:\n - jobName: ${example1.name}\n predicate:\n conditions:\n - jobName: ${example2.name}\n state: SUCCEEDED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### On-Demand Trigger\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n name: \"example\",\n type: \"ON_DEMAND\",\n actions: [{\n jobName: exampleAwsGlueJob.name,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n name=\"example\",\n type=\"ON_DEMAND\",\n actions=[{\n \"job_name\": example_aws_glue_job[\"name\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Trigger(\"example\", new()\n {\n Name = \"example\",\n Type = \"ON_DEMAND\",\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = exampleAwsGlueJob.Name,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.Any(exampleAwsGlueJob.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trigger(\"example\", TriggerArgs.builder()\n .name(\"example\")\n .type(\"ON_DEMAND\")\n .actions(TriggerActionArgs.builder()\n .jobName(exampleAwsGlueJob.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Trigger\n properties:\n name: example\n type: ON_DEMAND\n actions:\n - jobName: ${exampleAwsGlueJob.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Scheduled Trigger\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n name: \"example\",\n schedule: \"cron(15 12 * * ? *)\",\n type: \"SCHEDULED\",\n actions: [{\n jobName: exampleAwsGlueJob.name,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n name=\"example\",\n schedule=\"cron(15 12 * * ? *)\",\n type=\"SCHEDULED\",\n actions=[{\n \"job_name\": example_aws_glue_job[\"name\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Trigger(\"example\", new()\n {\n Name = \"example\",\n Schedule = \"cron(15 12 * * ? *)\",\n Type = \"SCHEDULED\",\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = exampleAwsGlueJob.Name,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSchedule: pulumi.String(\"cron(15 12 * * ? *)\"),\n\t\t\tType: pulumi.String(\"SCHEDULED\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.Any(exampleAwsGlueJob.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trigger(\"example\", TriggerArgs.builder()\n .name(\"example\")\n .schedule(\"cron(15 12 * * ? *)\")\n .type(\"SCHEDULED\")\n .actions(TriggerActionArgs.builder()\n .jobName(exampleAwsGlueJob.name())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Trigger\n properties:\n name: example\n schedule: cron(15 12 * * ? *)\n type: SCHEDULED\n actions:\n - jobName: ${exampleAwsGlueJob.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Conditional Trigger with Crawler Action\n\n**Note:** Triggers can have both a crawler action and a crawler condition, just no example provided.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n name: \"example\",\n type: \"CONDITIONAL\",\n actions: [{\n crawlerName: example1.name,\n }],\n predicate: {\n conditions: [{\n jobName: example2.name,\n state: \"SUCCEEDED\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n name=\"example\",\n type=\"CONDITIONAL\",\n actions=[{\n \"crawler_name\": example1[\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"job_name\": example2[\"name\"],\n \"state\": \"SUCCEEDED\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Trigger(\"example\", new()\n {\n Name = \"example\",\n Type = \"CONDITIONAL\",\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n CrawlerName = example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = example2.Name,\n State = \"SUCCEEDED\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tCrawlerName: pulumi.Any(example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.Any(example2.Name),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport com.pulumi.aws.glue.inputs.TriggerPredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trigger(\"example\", TriggerArgs.builder()\n .name(\"example\")\n .type(\"CONDITIONAL\")\n .actions(TriggerActionArgs.builder()\n .crawlerName(example1.name())\n .build())\n .predicate(TriggerPredicateArgs.builder()\n .conditions(TriggerPredicateConditionArgs.builder()\n .jobName(example2.name())\n .state(\"SUCCEEDED\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Trigger\n properties:\n name: example\n type: CONDITIONAL\n actions:\n - crawlerName: ${example1.name}\n predicate:\n conditions:\n - jobName: ${example2.name}\n state: SUCCEEDED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Conditional Trigger with Crawler Condition\n\n**Note:** Triggers can have both a crawler action and a crawler condition, just no example provided.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Trigger(\"example\", {\n name: \"example\",\n type: \"CONDITIONAL\",\n actions: [{\n jobName: example1.name,\n }],\n predicate: {\n conditions: [{\n crawlerName: example2.name,\n crawlState: \"SUCCEEDED\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Trigger(\"example\",\n name=\"example\",\n type=\"CONDITIONAL\",\n actions=[{\n \"job_name\": example1[\"name\"],\n }],\n predicate={\n \"conditions\": [{\n \"crawler_name\": example2[\"name\"],\n \"crawl_state\": \"SUCCEEDED\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Trigger(\"example\", new()\n {\n Name = \"example\",\n Type = \"CONDITIONAL\",\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = example1.Name,\n },\n },\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n CrawlerName = example2.Name,\n CrawlState = \"SUCCEEDED\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewTrigger(ctx, \"example\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.Any(example1.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tCrawlerName: pulumi.Any(example2.Name),\n\t\t\t\t\t\tCrawlState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport com.pulumi.aws.glue.inputs.TriggerPredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trigger(\"example\", TriggerArgs.builder()\n .name(\"example\")\n .type(\"CONDITIONAL\")\n .actions(TriggerActionArgs.builder()\n .jobName(example1.name())\n .build())\n .predicate(TriggerPredicateArgs.builder()\n .conditions(TriggerPredicateConditionArgs.builder()\n .crawlerName(example2.name())\n .crawlState(\"SUCCEEDED\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Trigger\n properties:\n name: example\n type: CONDITIONAL\n actions:\n - jobName: ${example1.name}\n predicate:\n conditions:\n - crawlerName: ${example2.name}\n crawlState: SUCCEEDED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Triggers using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/trigger:Trigger MyTrigger MyTrigger\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. See Actions Below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Trigger\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`.\n" }, "eventBatchingConditions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerEventBatchingCondition:TriggerEventBatchingCondition" }, "description": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires. See Event Batching Condition.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n" }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. See Predicate Below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "startOnCreation": { "type": "boolean", "description": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.\n" }, "state": { "type": "string", "description": "The current state of the trigger.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `EVENT`, `ON_DEMAND`, and `SCHEDULED`.\n" }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n" } }, "required": [ "actions", "arn", "name", "state", "tagsAll", "type" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. See Actions Below.\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`.\n" }, "eventBatchingConditions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerEventBatchingCondition:TriggerEventBatchingCondition" }, "description": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires. See Event Batching Condition.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n", "willReplaceOnChanges": true }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. See Predicate Below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "startOnCreation": { "type": "boolean", "description": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `EVENT`, `ON_DEMAND`, and `SCHEDULED`.\n", "willReplaceOnChanges": true }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "actions", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Trigger resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerAction:TriggerAction" }, "description": "List of actions initiated by this trigger when it fires. See Actions Below.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Trigger\n" }, "description": { "type": "string", "description": "A description of the new trigger.\n" }, "enabled": { "type": "boolean", "description": "Start the trigger. Defaults to `true`.\n" }, "eventBatchingConditions": { "type": "array", "items": { "$ref": "#/types/aws:glue/TriggerEventBatchingCondition:TriggerEventBatchingCondition" }, "description": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires. See Event Batching Condition.\n" }, "name": { "type": "string", "description": "The name of the trigger.\n", "willReplaceOnChanges": true }, "predicate": { "$ref": "#/types/aws:glue/TriggerPredicate:TriggerPredicate", "description": "A predicate to specify when the new trigger should fire. Required when trigger type is `CONDITIONAL`. See Predicate Below.\n" }, "schedule": { "type": "string", "description": "A cron expression used to specify the schedule. [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html)\n" }, "startOnCreation": { "type": "boolean", "description": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.\n" }, "state": { "type": "string", "description": "The current state of the trigger.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of trigger. Valid values are `CONDITIONAL`, `EVENT`, `ON_DEMAND`, and `SCHEDULED`.\n", "willReplaceOnChanges": true }, "workflowName": { "type": "string", "description": "A workflow to which the trigger should be associated to. Every workflow graph (DAG) needs a starting trigger (`ON_DEMAND` or `SCHEDULED` type) and can contain multiple additional `CONDITIONAL` triggers.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:glue/userDefinedFunction:UserDefinedFunction": { "description": "Provides a Glue User Defined Function Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.CatalogDatabase(\"example\", {name: \"my_database\"});\nconst exampleUserDefinedFunction = new aws.glue.UserDefinedFunction(\"example\", {\n name: \"my_func\",\n catalogId: example.catalogId,\n databaseName: example.name,\n className: \"class\",\n ownerName: \"owner\",\n ownerType: \"GROUP\",\n resourceUris: [{\n resourceType: \"ARCHIVE\",\n uri: \"uri\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.CatalogDatabase(\"example\", name=\"my_database\")\nexample_user_defined_function = aws.glue.UserDefinedFunction(\"example\",\n name=\"my_func\",\n catalog_id=example.catalog_id,\n database_name=example.name,\n class_name=\"class\",\n owner_name=\"owner\",\n owner_type=\"GROUP\",\n resource_uris=[{\n \"resource_type\": \"ARCHIVE\",\n \"uri\": \"uri\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.CatalogDatabase(\"example\", new()\n {\n Name = \"my_database\",\n });\n\n var exampleUserDefinedFunction = new Aws.Glue.UserDefinedFunction(\"example\", new()\n {\n Name = \"my_func\",\n CatalogId = example.CatalogId,\n DatabaseName = example.Name,\n ClassName = \"class\",\n OwnerName = \"owner\",\n OwnerType = \"GROUP\",\n ResourceUris = new[]\n {\n new Aws.Glue.Inputs.UserDefinedFunctionResourceUriArgs\n {\n ResourceType = \"ARCHIVE\",\n Uri = \"uri\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.NewCatalogDatabase(ctx, \"example\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"my_database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewUserDefinedFunction(ctx, \"example\", \u0026glue.UserDefinedFunctionArgs{\n\t\t\tName: pulumi.String(\"my_func\"),\n\t\t\tCatalogId: example.CatalogId,\n\t\t\tDatabaseName: example.Name,\n\t\t\tClassName: pulumi.String(\"class\"),\n\t\t\tOwnerName: pulumi.String(\"owner\"),\n\t\t\tOwnerType: pulumi.String(\"GROUP\"),\n\t\t\tResourceUris: glue.UserDefinedFunctionResourceUriArray{\n\t\t\t\t\u0026glue.UserDefinedFunctionResourceUriArgs{\n\t\t\t\t\tResourceType: pulumi.String(\"ARCHIVE\"),\n\t\t\t\t\tUri: pulumi.String(\"uri\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.UserDefinedFunction;\nimport com.pulumi.aws.glue.UserDefinedFunctionArgs;\nimport com.pulumi.aws.glue.inputs.UserDefinedFunctionResourceUriArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CatalogDatabase(\"example\", CatalogDatabaseArgs.builder()\n .name(\"my_database\")\n .build());\n\n var exampleUserDefinedFunction = new UserDefinedFunction(\"exampleUserDefinedFunction\", UserDefinedFunctionArgs.builder()\n .name(\"my_func\")\n .catalogId(example.catalogId())\n .databaseName(example.name())\n .className(\"class\")\n .ownerName(\"owner\")\n .ownerType(\"GROUP\")\n .resourceUris(UserDefinedFunctionResourceUriArgs.builder()\n .resourceType(\"ARCHIVE\")\n .uri(\"uri\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:CatalogDatabase\n properties:\n name: my_database\n exampleUserDefinedFunction:\n type: aws:glue:UserDefinedFunction\n name: example\n properties:\n name: my_func\n catalogId: ${example.catalogId}\n databaseName: ${example.name}\n className: class\n ownerName: owner\n ownerType: GROUP\n resourceUris:\n - resourceType: ARCHIVE\n uri: uri\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue User Defined Functions using the `catalog_id:database_name:function_name`. If you have not set a Catalog ID specify the AWS Account ID that the database is in. For example:\n\n```sh\n$ pulumi import aws:glue/userDefinedFunction:UserDefinedFunction func 123456789012:my_database:my_func\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue User Defined Function.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the function in. If omitted, this defaults to the AWS Account ID.\n" }, "className": { "type": "string", "description": "The Java class that contains the function code.\n" }, "createTime": { "type": "string", "description": "The time at which the function was created.\n" }, "databaseName": { "type": "string", "description": "The name of the Database to create the Function.\n" }, "name": { "type": "string", "description": "The name of the function.\n" }, "ownerName": { "type": "string", "description": "The owner of the function.\n" }, "ownerType": { "type": "string", "description": "The owner type. can be one of `USER`, `ROLE`, and `GROUP`.\n" }, "resourceUris": { "type": "array", "items": { "$ref": "#/types/aws:glue/UserDefinedFunctionResourceUri:UserDefinedFunctionResourceUri" }, "description": "The configuration block for Resource URIs. See resource uris below for more details.\n" } }, "required": [ "arn", "className", "createTime", "databaseName", "name", "ownerName", "ownerType" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the function in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "className": { "type": "string", "description": "The Java class that contains the function code.\n" }, "databaseName": { "type": "string", "description": "The name of the Database to create the Function.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the function.\n", "willReplaceOnChanges": true }, "ownerName": { "type": "string", "description": "The owner of the function.\n" }, "ownerType": { "type": "string", "description": "The owner type. can be one of `USER`, `ROLE`, and `GROUP`.\n" }, "resourceUris": { "type": "array", "items": { "$ref": "#/types/aws:glue/UserDefinedFunctionResourceUri:UserDefinedFunctionResourceUri" }, "description": "The configuration block for Resource URIs. See resource uris below for more details.\n" } }, "requiredInputs": [ "className", "databaseName", "ownerName", "ownerType" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserDefinedFunction resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Glue User Defined Function.\n" }, "catalogId": { "type": "string", "description": "ID of the Glue Catalog to create the function in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "className": { "type": "string", "description": "The Java class that contains the function code.\n" }, "createTime": { "type": "string", "description": "The time at which the function was created.\n" }, "databaseName": { "type": "string", "description": "The name of the Database to create the Function.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the function.\n", "willReplaceOnChanges": true }, "ownerName": { "type": "string", "description": "The owner of the function.\n" }, "ownerType": { "type": "string", "description": "The owner type. can be one of `USER`, `ROLE`, and `GROUP`.\n" }, "resourceUris": { "type": "array", "items": { "$ref": "#/types/aws:glue/UserDefinedFunctionResourceUri:UserDefinedFunctionResourceUri" }, "description": "The configuration block for Resource URIs. See resource uris below for more details.\n" } }, "type": "object" } }, "aws:glue/workflow:Workflow": { "description": "Provides a Glue Workflow resource.\nThe workflow graph (DAG) can be build using the `aws.glue.Trigger` resource.\nSee the example below for creating a graph with four nodes (two triggers and two jobs).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Workflow(\"example\", {name: \"example\"});\nconst example_start = new aws.glue.Trigger(\"example-start\", {\n name: \"trigger-start\",\n type: \"ON_DEMAND\",\n workflowName: example.name,\n actions: [{\n jobName: \"example-job\",\n }],\n});\nconst example_inner = new aws.glue.Trigger(\"example-inner\", {\n name: \"trigger-inner\",\n type: \"CONDITIONAL\",\n workflowName: example.name,\n predicate: {\n conditions: [{\n jobName: \"example-job\",\n state: \"SUCCEEDED\",\n }],\n },\n actions: [{\n jobName: \"another-example-job\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Workflow(\"example\", name=\"example\")\nexample_start = aws.glue.Trigger(\"example-start\",\n name=\"trigger-start\",\n type=\"ON_DEMAND\",\n workflow_name=example.name,\n actions=[{\n \"job_name\": \"example-job\",\n }])\nexample_inner = aws.glue.Trigger(\"example-inner\",\n name=\"trigger-inner\",\n type=\"CONDITIONAL\",\n workflow_name=example.name,\n predicate={\n \"conditions\": [{\n \"job_name\": \"example-job\",\n \"state\": \"SUCCEEDED\",\n }],\n },\n actions=[{\n \"job_name\": \"another-example-job\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Workflow(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example_start = new Aws.Glue.Trigger(\"example-start\", new()\n {\n Name = \"trigger-start\",\n Type = \"ON_DEMAND\",\n WorkflowName = example.Name,\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = \"example-job\",\n },\n },\n });\n\n var example_inner = new Aws.Glue.Trigger(\"example-inner\", new()\n {\n Name = \"trigger-inner\",\n Type = \"CONDITIONAL\",\n WorkflowName = example.Name,\n Predicate = new Aws.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new Aws.Glue.Inputs.TriggerPredicateConditionArgs\n {\n JobName = \"example-job\",\n State = \"SUCCEEDED\",\n },\n },\n },\n Actions = new[]\n {\n new Aws.Glue.Inputs.TriggerActionArgs\n {\n JobName = \"another-example-job\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.NewWorkflow(ctx, \"example\", \u0026glue.WorkflowArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"example-start\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"trigger-start\"),\n\t\t\tType: pulumi.String(\"ON_DEMAND\"),\n\t\t\tWorkflowName: example.Name,\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(\"example-job\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"example-inner\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"trigger-inner\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tWorkflowName: example.Name,\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerPredicateConditionArray{\n\t\t\t\t\t\u0026glue.TriggerPredicateConditionArgs{\n\t\t\t\t\t\tJobName: pulumi.String(\"example-job\"),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: pulumi.String(\"another-example-job\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Workflow;\nimport com.pulumi.aws.glue.WorkflowArgs;\nimport com.pulumi.aws.glue.Trigger;\nimport com.pulumi.aws.glue.TriggerArgs;\nimport com.pulumi.aws.glue.inputs.TriggerActionArgs;\nimport com.pulumi.aws.glue.inputs.TriggerPredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workflow(\"example\", WorkflowArgs.builder()\n .name(\"example\")\n .build());\n\n var example_start = new Trigger(\"example-start\", TriggerArgs.builder()\n .name(\"trigger-start\")\n .type(\"ON_DEMAND\")\n .workflowName(example.name())\n .actions(TriggerActionArgs.builder()\n .jobName(\"example-job\")\n .build())\n .build());\n\n var example_inner = new Trigger(\"example-inner\", TriggerArgs.builder()\n .name(\"trigger-inner\")\n .type(\"CONDITIONAL\")\n .workflowName(example.name())\n .predicate(TriggerPredicateArgs.builder()\n .conditions(TriggerPredicateConditionArgs.builder()\n .jobName(\"example-job\")\n .state(\"SUCCEEDED\")\n .build())\n .build())\n .actions(TriggerActionArgs.builder()\n .jobName(\"another-example-job\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Workflow\n properties:\n name: example\n example-start:\n type: aws:glue:Trigger\n properties:\n name: trigger-start\n type: ON_DEMAND\n workflowName: ${example.name}\n actions:\n - jobName: example-job\n example-inner:\n type: aws:glue:Trigger\n properties:\n name: trigger-inner\n type: CONDITIONAL\n workflowName: ${example.name}\n predicate:\n conditions:\n - jobName: example-job\n state: SUCCEEDED\n actions:\n - jobName: another-example-job\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Workflows using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/workflow:Workflow MyWorkflow MyWorkflow\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Workflow\n" }, "defaultRunProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "maxConcurrentRuns": { "type": "integer", "description": "Prevents exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "defaultRunProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "maxConcurrentRuns": { "type": "integer", "description": "Prevents exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Workflow resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Glue Workflow\n" }, "defaultRunProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of default run properties for this workflow. These properties are passed to all jobs associated to the workflow.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "maxConcurrentRuns": { "type": "integer", "description": "Prevents exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.\n" }, "name": { "type": "string", "description": "The name you assign to this workflow.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:grafana/licenseAssociation:LicenseAssociation": { "description": "Provides an Amazon Managed Grafana workspace license association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.LicenseAssociation(\"example\", {\n licenseType: \"ENTERPRISE_FREE_TRIAL\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.LicenseAssociation(\"example\",\n license_type=\"ENTERPRISE_FREE_TRIAL\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.LicenseAssociation(\"example\", new()\n {\n LicenseType = \"ENTERPRISE_FREE_TRIAL\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewLicenseAssociation(ctx, \"example\", \u0026grafana.LicenseAssociationArgs{\n\t\t\tLicenseType: pulumi.String(\"ENTERPRISE_FREE_TRIAL\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.LicenseAssociation;\nimport com.pulumi.aws.grafana.LicenseAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder()\n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder()\n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new LicenseAssociation(\"example\", LicenseAssociationArgs.builder()\n .licenseType(\"ENTERPRISE_FREE_TRIAL\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:LicenseAssociation\n properties:\n licenseType: ENTERPRISE_FREE_TRIAL\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana workspace license association using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/licenseAssociation:LicenseAssociation example g-2054c75a02\n```\n", "properties": { "freeTrialExpiration": { "type": "string", "description": "If `license_type` is set to `ENTERPRISE_FREE_TRIAL`, this is the expiration date of the free trial.\n" }, "licenseExpiration": { "type": "string", "description": "If `license_type` is set to `ENTERPRISE`, this is the expiration date of the enterprise license.\n" }, "licenseType": { "type": "string", "description": "The type of license for the workspace license association. Valid values are `ENTERPRISE` and `ENTERPRISE_FREE_TRIAL`.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n" } }, "required": [ "freeTrialExpiration", "licenseExpiration", "licenseType", "workspaceId" ], "inputProperties": { "licenseType": { "type": "string", "description": "The type of license for the workspace license association. Valid values are `ENTERPRISE` and `ENTERPRISE_FREE_TRIAL`.\n", "willReplaceOnChanges": true }, "workspaceId": { "type": "string", "description": "The workspace id.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "licenseType", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LicenseAssociation resources.\n", "properties": { "freeTrialExpiration": { "type": "string", "description": "If `license_type` is set to `ENTERPRISE_FREE_TRIAL`, this is the expiration date of the free trial.\n" }, "licenseExpiration": { "type": "string", "description": "If `license_type` is set to `ENTERPRISE`, this is the expiration date of the enterprise license.\n" }, "licenseType": { "type": "string", "description": "The type of license for the workspace license association. Valid values are `ENTERPRISE` and `ENTERPRISE_FREE_TRIAL`.\n", "willReplaceOnChanges": true }, "workspaceId": { "type": "string", "description": "The workspace id.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:grafana/roleAssociation:RoleAssociation": { "description": "Provides an Amazon Managed Grafana workspace role association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.RoleAssociation(\"example\", {\n role: \"ADMIN\",\n userIds: [\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.RoleAssociation(\"example\",\n role=\"ADMIN\",\n user_ids=[\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.RoleAssociation(\"example\", new()\n {\n Role = \"ADMIN\",\n UserIds = new[]\n {\n \"USER_ID_1\",\n \"USER_ID_2\",\n },\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewRoleAssociation(ctx, \"example\", \u0026grafana.RoleAssociationArgs{\n\t\t\tRole: pulumi.String(\"ADMIN\"),\n\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"USER_ID_1\"),\n\t\t\t\tpulumi.String(\"USER_ID_2\"),\n\t\t\t},\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.RoleAssociation;\nimport com.pulumi.aws.grafana.RoleAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder()\n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder()\n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new RoleAssociation(\"example\", RoleAssociationArgs.builder()\n .role(\"ADMIN\")\n .userIds( \n \"USER_ID_1\",\n \"USER_ID_2\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:RoleAssociation\n properties:\n role: ADMIN\n userIds:\n - USER_ID_1\n - USER_ID_2\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO group ids to be assigned the role given in `role`.\n" }, "role": { "type": "string", "description": "The grafana role. Valid values can be found [here](https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateInstruction.html#ManagedGrafana-Type-UpdateInstruction-role).\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO user ids to be assigned the role given in `role`.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n" } }, "required": [ "role", "workspaceId" ], "inputProperties": { "groupIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO group ids to be assigned the role given in `role`.\n" }, "role": { "type": "string", "description": "The grafana role. Valid values can be found [here](https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateInstruction.html#ManagedGrafana-Type-UpdateInstruction-role).\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO user ids to be assigned the role given in `role`.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "role", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleAssociation resources.\n", "properties": { "groupIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO group ids to be assigned the role given in `role`.\n" }, "role": { "type": "string", "description": "The grafana role. Valid values can be found [here](https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateInstruction.html#ManagedGrafana-Type-UpdateInstruction-role).\n" }, "userIds": { "type": "array", "items": { "type": "string" }, "description": "The AWS SSO user ids to be assigned the role given in `role`.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:grafana/workspace:Workspace": { "description": "Provides an Amazon Managed Grafana workspace resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder()\n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var example = new Workspace(\"example\", WorkspaceArgs.builder()\n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:Workspace\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspace:Workspace example g-2054c75a02\n```\n", "properties": { "accountAccessType": { "type": "string", "description": "The type of account access for the workspace. Valid values are `CURRENT_ACCOUNT` and `ORGANIZATION`. If `ORGANIZATION` is specified, then `organizational_units` must also be present.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Grafana workspace.\n" }, "authenticationProviders": { "type": "array", "items": { "type": "string" }, "description": "The authentication providers for the workspace. Valid values are `AWS_SSO`, `SAML`, or both.\n" }, "configuration": { "type": "string", "description": "The configuration string for the workspace that you create. For more information about the format and configuration options available, see [Working in your Grafana workspace](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html).\n" }, "dataSources": { "type": "array", "items": { "type": "string" }, "description": "The data sources for the workspace. Valid values are `AMAZON_OPENSEARCH_SERVICE`, `ATHENA`, `CLOUDWATCH`, `PROMETHEUS`, `REDSHIFT`, `SITEWISE`, `TIMESTREAM`, `XRAY`\n" }, "description": { "type": "string", "description": "The workspace description.\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Grafana workspace.\n" }, "grafanaVersion": { "type": "string", "description": "Specifies the version of Grafana to support in the new workspace. Supported values are `8.4`, `9.4` and `10.4`. If not specified, defaults to `9.4`.\n" }, "name": { "type": "string", "description": "The Grafana workspace name.\n" }, "networkAccessControl": { "$ref": "#/types/aws:grafana/WorkspaceNetworkAccessControl:WorkspaceNetworkAccessControl", "description": "Configuration for network access to your workspace.See Network Access Control below.\n" }, "notificationDestinations": { "type": "array", "items": { "type": "string" }, "description": "The notification destinations. If a data source is specified here, Amazon Managed Grafana will create IAM roles and permissions needed to use these destinations. Must be set to `SNS`.\n" }, "organizationRoleName": { "type": "string", "description": "The role name that the workspace uses to access resources through Amazon Organizations.\n" }, "organizationalUnits": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Organizations organizational units that the workspace is authorized to use data sources from.\n" }, "permissionType": { "type": "string", "description": "The permission type of the workspace. If `SERVICE_MANAGED` is specified, the IAM roles and IAM policy attachments are generated automatically. If `CUSTOMER_MANAGED` is specified, the IAM roles and IAM policy attachments will not be created.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that the workspace assumes.\n" }, "samlConfigurationStatus": { "type": "string" }, "stackSetName": { "type": "string", "description": "The AWS CloudFormation stack set name that provisions IAM roles to be used by the workspace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfiguration": { "$ref": "#/types/aws:grafana/WorkspaceVpcConfiguration:WorkspaceVpcConfiguration", "description": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to. See VPC Configuration below.\n" } }, "required": [ "accountAccessType", "arn", "authenticationProviders", "configuration", "endpoint", "grafanaVersion", "name", "permissionType", "samlConfigurationStatus", "tagsAll" ], "inputProperties": { "accountAccessType": { "type": "string", "description": "The type of account access for the workspace. Valid values are `CURRENT_ACCOUNT` and `ORGANIZATION`. If `ORGANIZATION` is specified, then `organizational_units` must also be present.\n" }, "authenticationProviders": { "type": "array", "items": { "type": "string" }, "description": "The authentication providers for the workspace. Valid values are `AWS_SSO`, `SAML`, or both.\n", "willReplaceOnChanges": true }, "configuration": { "type": "string", "description": "The configuration string for the workspace that you create. For more information about the format and configuration options available, see [Working in your Grafana workspace](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html).\n" }, "dataSources": { "type": "array", "items": { "type": "string" }, "description": "The data sources for the workspace. Valid values are `AMAZON_OPENSEARCH_SERVICE`, `ATHENA`, `CLOUDWATCH`, `PROMETHEUS`, `REDSHIFT`, `SITEWISE`, `TIMESTREAM`, `XRAY`\n" }, "description": { "type": "string", "description": "The workspace description.\n" }, "grafanaVersion": { "type": "string", "description": "Specifies the version of Grafana to support in the new workspace. Supported values are `8.4`, `9.4` and `10.4`. If not specified, defaults to `9.4`.\n" }, "name": { "type": "string", "description": "The Grafana workspace name.\n" }, "networkAccessControl": { "$ref": "#/types/aws:grafana/WorkspaceNetworkAccessControl:WorkspaceNetworkAccessControl", "description": "Configuration for network access to your workspace.See Network Access Control below.\n" }, "notificationDestinations": { "type": "array", "items": { "type": "string" }, "description": "The notification destinations. If a data source is specified here, Amazon Managed Grafana will create IAM roles and permissions needed to use these destinations. Must be set to `SNS`.\n" }, "organizationRoleName": { "type": "string", "description": "The role name that the workspace uses to access resources through Amazon Organizations.\n" }, "organizationalUnits": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Organizations organizational units that the workspace is authorized to use data sources from.\n" }, "permissionType": { "type": "string", "description": "The permission type of the workspace. If `SERVICE_MANAGED` is specified, the IAM roles and IAM policy attachments are generated automatically. If `CUSTOMER_MANAGED` is specified, the IAM roles and IAM policy attachments will not be created.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that the workspace assumes.\n" }, "stackSetName": { "type": "string", "description": "The AWS CloudFormation stack set name that provisions IAM roles to be used by the workspace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "vpcConfiguration": { "$ref": "#/types/aws:grafana/WorkspaceVpcConfiguration:WorkspaceVpcConfiguration", "description": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to. See VPC Configuration below.\n" } }, "requiredInputs": [ "accountAccessType", "authenticationProviders", "permissionType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workspace resources.\n", "properties": { "accountAccessType": { "type": "string", "description": "The type of account access for the workspace. Valid values are `CURRENT_ACCOUNT` and `ORGANIZATION`. If `ORGANIZATION` is specified, then `organizational_units` must also be present.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Grafana workspace.\n" }, "authenticationProviders": { "type": "array", "items": { "type": "string" }, "description": "The authentication providers for the workspace. Valid values are `AWS_SSO`, `SAML`, or both.\n", "willReplaceOnChanges": true }, "configuration": { "type": "string", "description": "The configuration string for the workspace that you create. For more information about the format and configuration options available, see [Working in your Grafana workspace](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html).\n" }, "dataSources": { "type": "array", "items": { "type": "string" }, "description": "The data sources for the workspace. Valid values are `AMAZON_OPENSEARCH_SERVICE`, `ATHENA`, `CLOUDWATCH`, `PROMETHEUS`, `REDSHIFT`, `SITEWISE`, `TIMESTREAM`, `XRAY`\n" }, "description": { "type": "string", "description": "The workspace description.\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Grafana workspace.\n" }, "grafanaVersion": { "type": "string", "description": "Specifies the version of Grafana to support in the new workspace. Supported values are `8.4`, `9.4` and `10.4`. If not specified, defaults to `9.4`.\n" }, "name": { "type": "string", "description": "The Grafana workspace name.\n" }, "networkAccessControl": { "$ref": "#/types/aws:grafana/WorkspaceNetworkAccessControl:WorkspaceNetworkAccessControl", "description": "Configuration for network access to your workspace.See Network Access Control below.\n" }, "notificationDestinations": { "type": "array", "items": { "type": "string" }, "description": "The notification destinations. If a data source is specified here, Amazon Managed Grafana will create IAM roles and permissions needed to use these destinations. Must be set to `SNS`.\n" }, "organizationRoleName": { "type": "string", "description": "The role name that the workspace uses to access resources through Amazon Organizations.\n" }, "organizationalUnits": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Organizations organizational units that the workspace is authorized to use data sources from.\n" }, "permissionType": { "type": "string", "description": "The permission type of the workspace. If `SERVICE_MANAGED` is specified, the IAM roles and IAM policy attachments are generated automatically. If `CUSTOMER_MANAGED` is specified, the IAM roles and IAM policy attachments will not be created.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "The IAM role ARN that the workspace assumes.\n" }, "samlConfigurationStatus": { "type": "string" }, "stackSetName": { "type": "string", "description": "The AWS CloudFormation stack set name that provisions IAM roles to be used by the workspace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfiguration": { "$ref": "#/types/aws:grafana/WorkspaceVpcConfiguration:WorkspaceVpcConfiguration", "description": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to. See VPC Configuration below.\n" } }, "type": "object" } }, "aws:grafana/workspaceApiKey:WorkspaceApiKey": { "description": "Provides an Amazon Managed Grafana workspace API Key resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst key = new aws.grafana.WorkspaceApiKey(\"key\", {\n keyName: \"test-key\",\n keyRole: \"VIEWER\",\n secondsToLive: 3600,\n workspaceId: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkey = aws.grafana.WorkspaceApiKey(\"key\",\n key_name=\"test-key\",\n key_role=\"VIEWER\",\n seconds_to_live=3600,\n workspace_id=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Aws.Grafana.WorkspaceApiKey(\"key\", new()\n {\n KeyName = \"test-key\",\n KeyRole = \"VIEWER\",\n SecondsToLive = 3600,\n WorkspaceId = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := grafana.NewWorkspaceApiKey(ctx, \"key\", \u0026grafana.WorkspaceApiKeyArgs{\n\t\t\tKeyName: pulumi.String(\"test-key\"),\n\t\t\tKeyRole: pulumi.String(\"VIEWER\"),\n\t\t\tSecondsToLive: pulumi.Int(3600),\n\t\t\tWorkspaceId: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.grafana.WorkspaceApiKey;\nimport com.pulumi.aws.grafana.WorkspaceApiKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new WorkspaceApiKey(\"key\", WorkspaceApiKeyArgs.builder()\n .keyName(\"test-key\")\n .keyRole(\"VIEWER\")\n .secondsToLive(3600)\n .workspaceId(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: aws:grafana:WorkspaceApiKey\n properties:\n keyName: test-key\n keyRole: VIEWER\n secondsToLive: 3600\n workspaceId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "key": { "type": "string", "description": "The key token in JSON format. Use this value as a bearer token to authenticate HTTP requests to the workspace.\n", "secret": true }, "keyName": { "type": "string", "description": "Specifies the name of the API key. Key names must be unique to the workspace.\n" }, "keyRole": { "type": "string", "description": "Specifies the permission level of the API key. Valid values are `VIEWER`, `EDITOR`, or `ADMIN`.\n" }, "secondsToLive": { "type": "integer", "description": "Specifies the time in seconds until the API key expires. Keys can be valid for up to 30 days.\n" }, "workspaceId": { "type": "string", "description": "The ID of the workspace that the API key is valid for.\n" } }, "required": [ "key", "keyName", "keyRole", "secondsToLive", "workspaceId" ], "inputProperties": { "keyName": { "type": "string", "description": "Specifies the name of the API key. Key names must be unique to the workspace.\n", "willReplaceOnChanges": true }, "keyRole": { "type": "string", "description": "Specifies the permission level of the API key. Valid values are `VIEWER`, `EDITOR`, or `ADMIN`.\n", "willReplaceOnChanges": true }, "secondsToLive": { "type": "integer", "description": "Specifies the time in seconds until the API key expires. Keys can be valid for up to 30 days.\n" }, "workspaceId": { "type": "string", "description": "The ID of the workspace that the API key is valid for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "keyName", "keyRole", "secondsToLive", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkspaceApiKey resources.\n", "properties": { "key": { "type": "string", "description": "The key token in JSON format. Use this value as a bearer token to authenticate HTTP requests to the workspace.\n", "secret": true }, "keyName": { "type": "string", "description": "Specifies the name of the API key. Key names must be unique to the workspace.\n", "willReplaceOnChanges": true }, "keyRole": { "type": "string", "description": "Specifies the permission level of the API key. Valid values are `VIEWER`, `EDITOR`, or `ADMIN`.\n", "willReplaceOnChanges": true }, "secondsToLive": { "type": "integer", "description": "Specifies the time in seconds until the API key expires. Keys can be valid for up to 30 days.\n" }, "workspaceId": { "type": "string", "description": "The ID of the workspace that the API key is valid for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration": { "description": "Provides an Amazon Managed Grafana workspace SAML configuration resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.WorkspaceSamlConfiguration(\"example\", {\n editorRoleValues: [\"editor\"],\n idpMetadataUrl: \"https://my_idp_metadata.url\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.WorkspaceSamlConfiguration(\"example\",\n editor_role_values=[\"editor\"],\n idp_metadata_url=\"https://my_idp_metadata.url\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.WorkspaceSamlConfiguration(\"example\", new()\n {\n EditorRoleValues = new[]\n {\n \"editor\",\n },\n IdpMetadataUrl = \"https://my_idp_metadata.url\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspaceSamlConfiguration(ctx, \"example\", \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\tEditorRoleValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"editor\"),\n\t\t\t},\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://my_idp_metadata.url\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfiguration;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfigurationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder()\n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder()\n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new WorkspaceSamlConfiguration(\"example\", WorkspaceSamlConfigurationArgs.builder()\n .editorRoleValues(\"editor\")\n .idpMetadataUrl(\"https://my_idp_metadata.url\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:WorkspaceSamlConfiguration\n properties:\n editorRoleValues:\n - editor\n idpMetadataUrl: https://my_idp_metadata.url\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace SAML configuration using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration example g-2054c75a02\n```\n", "properties": { "adminRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The admin role values.\n" }, "allowedOrganizations": { "type": "array", "items": { "type": "string" }, "description": "The allowed organizations.\n" }, "editorRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The editor role values.\n" }, "emailAssertion": { "type": "string", "description": "The email assertion.\n" }, "groupsAssertion": { "type": "string", "description": "The groups assertion.\n" }, "idpMetadataUrl": { "type": "string", "description": "The IDP Metadata URL. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "idpMetadataXml": { "type": "string", "description": "The IDP Metadata XML. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "loginAssertion": { "type": "string", "description": "The login assertion.\n" }, "loginValidityDuration": { "type": "integer", "description": "The login validity duration.\n" }, "nameAssertion": { "type": "string", "description": "The name assertion.\n" }, "orgAssertion": { "type": "string", "description": "The org assertion.\n" }, "roleAssertion": { "type": "string", "description": "The role assertion.\n" }, "status": { "type": "string", "description": "The status of the SAML configuration.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n" } }, "required": [ "editorRoleValues", "emailAssertion", "loginAssertion", "loginValidityDuration", "nameAssertion", "status", "workspaceId" ], "inputProperties": { "adminRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The admin role values.\n" }, "allowedOrganizations": { "type": "array", "items": { "type": "string" }, "description": "The allowed organizations.\n" }, "editorRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The editor role values.\n" }, "emailAssertion": { "type": "string", "description": "The email assertion.\n" }, "groupsAssertion": { "type": "string", "description": "The groups assertion.\n" }, "idpMetadataUrl": { "type": "string", "description": "The IDP Metadata URL. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "idpMetadataXml": { "type": "string", "description": "The IDP Metadata XML. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "loginAssertion": { "type": "string", "description": "The login assertion.\n" }, "loginValidityDuration": { "type": "integer", "description": "The login validity duration.\n" }, "nameAssertion": { "type": "string", "description": "The name assertion.\n" }, "orgAssertion": { "type": "string", "description": "The org assertion.\n" }, "roleAssertion": { "type": "string", "description": "The role assertion.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "editorRoleValues", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkspaceSamlConfiguration resources.\n", "properties": { "adminRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The admin role values.\n" }, "allowedOrganizations": { "type": "array", "items": { "type": "string" }, "description": "The allowed organizations.\n" }, "editorRoleValues": { "type": "array", "items": { "type": "string" }, "description": "The editor role values.\n" }, "emailAssertion": { "type": "string", "description": "The email assertion.\n" }, "groupsAssertion": { "type": "string", "description": "The groups assertion.\n" }, "idpMetadataUrl": { "type": "string", "description": "The IDP Metadata URL. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "idpMetadataXml": { "type": "string", "description": "The IDP Metadata XML. Note that either `idp_metadata_url` or `idp_metadata_xml` (but not both) must be specified.\n" }, "loginAssertion": { "type": "string", "description": "The login assertion.\n" }, "loginValidityDuration": { "type": "integer", "description": "The login validity duration.\n" }, "nameAssertion": { "type": "string", "description": "The name assertion.\n" }, "orgAssertion": { "type": "string", "description": "The org assertion.\n" }, "roleAssertion": { "type": "string", "description": "The role assertion.\n" }, "status": { "type": "string", "description": "The status of the SAML configuration.\n" }, "workspaceId": { "type": "string", "description": "The workspace id.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:grafana/workspaceServiceAccount:WorkspaceServiceAccount": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.grafana.WorkspaceServiceAccount(\"example\", {\n name: \"example-admin\",\n grafanaRole: \"ADMIN\",\n workspaceId: exampleAwsGrafanaWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.grafana.WorkspaceServiceAccount(\"example\",\n name=\"example-admin\",\n grafana_role=\"ADMIN\",\n workspace_id=example_aws_grafana_workspace[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Grafana.WorkspaceServiceAccount(\"example\", new()\n {\n Name = \"example-admin\",\n GrafanaRole = \"ADMIN\",\n WorkspaceId = exampleAwsGrafanaWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := grafana.NewWorkspaceServiceAccount(ctx, \"example\", \u0026grafana.WorkspaceServiceAccountArgs{\n\t\t\tName: pulumi.String(\"example-admin\"),\n\t\t\tGrafanaRole: pulumi.String(\"ADMIN\"),\n\t\t\tWorkspaceId: pulumi.Any(exampleAwsGrafanaWorkspace.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccount;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WorkspaceServiceAccount(\"example\", WorkspaceServiceAccountArgs.builder()\n .name(\"example-admin\")\n .grafanaRole(\"ADMIN\")\n .workspaceId(exampleAwsGrafanaWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:WorkspaceServiceAccount\n properties:\n name: example-admin\n grafanaRole: ADMIN\n workspaceId: ${exampleAwsGrafanaWorkspace.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Managed Grafana Workspace Service Account using the `workspace_id` and `service_account_id` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:grafana/workspaceServiceAccount:WorkspaceServiceAccount example g-abc12345,1\n```\n", "properties": { "grafanaRole": { "type": "string", "description": "The permission level to use for this service account. For more information about the roles and the permissions each has, see the [User roles](https://docs.aws.amazon.com/grafana/latest/userguide/Grafana-user-roles.html) documentation.\n" }, "name": { "type": "string", "description": "A name for the service account. The name must be unique within the workspace, as it determines the ID associated with the service account.\n" }, "serviceAccountId": { "type": "string", "description": "Identifier of the service account in the given Grafana workspace\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account is associated.\n" } }, "required": [ "grafanaRole", "name", "serviceAccountId", "workspaceId" ], "inputProperties": { "grafanaRole": { "type": "string", "description": "The permission level to use for this service account. For more information about the roles and the permissions each has, see the [User roles](https://docs.aws.amazon.com/grafana/latest/userguide/Grafana-user-roles.html) documentation.\n" }, "name": { "type": "string", "description": "A name for the service account. The name must be unique within the workspace, as it determines the ID associated with the service account.\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account is associated.\n" } }, "requiredInputs": [ "grafanaRole", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkspaceServiceAccount resources.\n", "properties": { "grafanaRole": { "type": "string", "description": "The permission level to use for this service account. For more information about the roles and the permissions each has, see the [User roles](https://docs.aws.amazon.com/grafana/latest/userguide/Grafana-user-roles.html) documentation.\n" }, "name": { "type": "string", "description": "A name for the service account. The name must be unique within the workspace, as it determines the ID associated with the service account.\n" }, "serviceAccountId": { "type": "string", "description": "Identifier of the service account in the given Grafana workspace\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account is associated.\n" } }, "type": "object" } }, "aws:grafana/workspaceServiceAccountToken:WorkspaceServiceAccountToken": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.grafana.WorkspaceServiceAccount(\"example\", {\n name: \"example-admin\",\n grafanaRole: \"ADMIN\",\n workspaceId: exampleAwsGrafanaWorkspace.id,\n});\nconst exampleWorkspaceServiceAccountToken = new aws.grafana.WorkspaceServiceAccountToken(\"example\", {\n name: \"example-key\",\n serviceAccountId: example.serviceAccountId,\n secondsToLive: 3600,\n workspaceId: exampleAwsGrafanaWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.grafana.WorkspaceServiceAccount(\"example\",\n name=\"example-admin\",\n grafana_role=\"ADMIN\",\n workspace_id=example_aws_grafana_workspace[\"id\"])\nexample_workspace_service_account_token = aws.grafana.WorkspaceServiceAccountToken(\"example\",\n name=\"example-key\",\n service_account_id=example.service_account_id,\n seconds_to_live=3600,\n workspace_id=example_aws_grafana_workspace[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Grafana.WorkspaceServiceAccount(\"example\", new()\n {\n Name = \"example-admin\",\n GrafanaRole = \"ADMIN\",\n WorkspaceId = exampleAwsGrafanaWorkspace.Id,\n });\n\n var exampleWorkspaceServiceAccountToken = new Aws.Grafana.WorkspaceServiceAccountToken(\"example\", new()\n {\n Name = \"example-key\",\n ServiceAccountId = example.ServiceAccountId,\n SecondsToLive = 3600,\n WorkspaceId = exampleAwsGrafanaWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := grafana.NewWorkspaceServiceAccount(ctx, \"example\", \u0026grafana.WorkspaceServiceAccountArgs{\n\t\t\tName: pulumi.String(\"example-admin\"),\n\t\t\tGrafanaRole: pulumi.String(\"ADMIN\"),\n\t\t\tWorkspaceId: pulumi.Any(exampleAwsGrafanaWorkspace.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspaceServiceAccountToken(ctx, \"example\", \u0026grafana.WorkspaceServiceAccountTokenArgs{\n\t\t\tName: pulumi.String(\"example-key\"),\n\t\t\tServiceAccountId: example.ServiceAccountId,\n\t\t\tSecondsToLive: pulumi.Int(3600),\n\t\t\tWorkspaceId: pulumi.Any(exampleAwsGrafanaWorkspace.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccount;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccountArgs;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccountToken;\nimport com.pulumi.aws.grafana.WorkspaceServiceAccountTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WorkspaceServiceAccount(\"example\", WorkspaceServiceAccountArgs.builder()\n .name(\"example-admin\")\n .grafanaRole(\"ADMIN\")\n .workspaceId(exampleAwsGrafanaWorkspace.id())\n .build());\n\n var exampleWorkspaceServiceAccountToken = new WorkspaceServiceAccountToken(\"exampleWorkspaceServiceAccountToken\", WorkspaceServiceAccountTokenArgs.builder()\n .name(\"example-key\")\n .serviceAccountId(example.serviceAccountId())\n .secondsToLive(3600)\n .workspaceId(exampleAwsGrafanaWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:WorkspaceServiceAccount\n properties:\n name: example-admin\n grafanaRole: ADMIN\n workspaceId: ${exampleAwsGrafanaWorkspace.id}\n exampleWorkspaceServiceAccountToken:\n type: aws:grafana:WorkspaceServiceAccountToken\n name: example\n properties:\n name: example-key\n serviceAccountId: ${example.serviceAccountId}\n secondsToLive: 3600\n workspaceId: ${exampleAwsGrafanaWorkspace.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "createdAt": { "type": "string", "description": "Specifies when the service account token was created.\n" }, "expiresAt": { "type": "string", "description": "Specifies when the service account token will expire.\n" }, "key": { "type": "string", "description": "The key for the service account token. Used when making calls to the Grafana HTTP APIs to authenticate and authorize the requests.\n", "secret": true }, "name": { "type": "string", "description": "A name for the token to create. The name must be unique within the workspace.\n" }, "secondsToLive": { "type": "integer", "description": "Sets how long the token will be valid, in seconds. You can set the time up to 30 days in the future.\n" }, "serviceAccountId": { "type": "string", "description": "The ID of the service account for which to create a token.\n" }, "serviceAccountTokenId": { "type": "string", "description": "Identifier of the service account token in the given Grafana workspace.\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account token is associated.\n" } }, "required": [ "createdAt", "expiresAt", "key", "name", "secondsToLive", "serviceAccountId", "serviceAccountTokenId", "workspaceId" ], "inputProperties": { "name": { "type": "string", "description": "A name for the token to create. The name must be unique within the workspace.\n" }, "secondsToLive": { "type": "integer", "description": "Sets how long the token will be valid, in seconds. You can set the time up to 30 days in the future.\n" }, "serviceAccountId": { "type": "string", "description": "The ID of the service account for which to create a token.\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account token is associated.\n" } }, "requiredInputs": [ "secondsToLive", "serviceAccountId", "workspaceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkspaceServiceAccountToken resources.\n", "properties": { "createdAt": { "type": "string", "description": "Specifies when the service account token was created.\n" }, "expiresAt": { "type": "string", "description": "Specifies when the service account token will expire.\n" }, "key": { "type": "string", "description": "The key for the service account token. Used when making calls to the Grafana HTTP APIs to authenticate and authorize the requests.\n", "secret": true }, "name": { "type": "string", "description": "A name for the token to create. The name must be unique within the workspace.\n" }, "secondsToLive": { "type": "integer", "description": "Sets how long the token will be valid, in seconds. You can set the time up to 30 days in the future.\n" }, "serviceAccountId": { "type": "string", "description": "The ID of the service account for which to create a token.\n" }, "serviceAccountTokenId": { "type": "string", "description": "Identifier of the service account token in the given Grafana workspace.\n" }, "workspaceId": { "type": "string", "description": "The Grafana workspace with which the service account token is associated.\n" } }, "type": "object" } }, "aws:guardduty/detector:Detector": { "description": "Provides a resource to manage an Amazon GuardDuty detector.\n\n\u003e **NOTE:** Deleting this resource is equivalent to \"disabling\" GuardDuty for an AWS region, which removes all existing findings. You can set the `enable` attribute to `false` to instead \"suspend\" monitoring and feedback reporting while keeping existing data. See the [Suspending or Disabling Amazon GuardDuty documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDetector = new aws.guardduty.Detector(\"MyDetector\", {\n enable: true,\n datasources: {\n s3Logs: {\n enable: true,\n },\n kubernetes: {\n auditLogs: {\n enable: false,\n },\n },\n malwareProtection: {\n scanEc2InstanceWithFindings: {\n ebsVolumes: {\n enable: true,\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_detector = aws.guardduty.Detector(\"MyDetector\",\n enable=True,\n datasources={\n \"s3_logs\": {\n \"enable\": True,\n },\n \"kubernetes\": {\n \"audit_logs\": {\n \"enable\": False,\n },\n },\n \"malware_protection\": {\n \"scan_ec2_instance_with_findings\": {\n \"ebs_volumes\": {\n \"enable\": True,\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDetector = new Aws.GuardDuty.Detector(\"MyDetector\", new()\n {\n Enable = true,\n Datasources = new Aws.GuardDuty.Inputs.DetectorDatasourcesArgs\n {\n S3Logs = new Aws.GuardDuty.Inputs.DetectorDatasourcesS3LogsArgs\n {\n Enable = true,\n },\n Kubernetes = new Aws.GuardDuty.Inputs.DetectorDatasourcesKubernetesArgs\n {\n AuditLogs = new Aws.GuardDuty.Inputs.DetectorDatasourcesKubernetesAuditLogsArgs\n {\n Enable = false,\n },\n },\n MalwareProtection = new Aws.GuardDuty.Inputs.DetectorDatasourcesMalwareProtectionArgs\n {\n ScanEc2InstanceWithFindings = new Aws.GuardDuty.Inputs.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs\n {\n EbsVolumes = new Aws.GuardDuty.Inputs.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs\n {\n Enable = true,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := guardduty.NewDetector(ctx, \"MyDetector\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t\tDatasources: \u0026guardduty.DetectorDatasourcesArgs{\n\t\t\t\tS3Logs: \u0026guardduty.DetectorDatasourcesS3LogsArgs{\n\t\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tKubernetes: \u0026guardduty.DetectorDatasourcesKubernetesArgs{\n\t\t\t\t\tAuditLogs: \u0026guardduty.DetectorDatasourcesKubernetesAuditLogsArgs{\n\t\t\t\t\t\tEnable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tMalwareProtection: \u0026guardduty.DetectorDatasourcesMalwareProtectionArgs{\n\t\t\t\t\tScanEc2InstanceWithFindings: \u0026guardduty.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs{\n\t\t\t\t\t\tEbsVolumes: \u0026guardduty.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs{\n\t\t\t\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesS3LogsArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesKubernetesArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesKubernetesAuditLogsArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesMalwareProtectionArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDetector = new Detector(\"myDetector\", DetectorArgs.builder()\n .enable(true)\n .datasources(DetectorDatasourcesArgs.builder()\n .s3Logs(DetectorDatasourcesS3LogsArgs.builder()\n .enable(true)\n .build())\n .kubernetes(DetectorDatasourcesKubernetesArgs.builder()\n .auditLogs(DetectorDatasourcesKubernetesAuditLogsArgs.builder()\n .enable(false)\n .build())\n .build())\n .malwareProtection(DetectorDatasourcesMalwareProtectionArgs.builder()\n .scanEc2InstanceWithFindings(DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs.builder()\n .ebsVolumes(DetectorDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs.builder()\n .enable(true)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDetector:\n type: aws:guardduty:Detector\n name: MyDetector\n properties:\n enable: true\n datasources:\n s3Logs:\n enable: true\n kubernetes:\n auditLogs:\n enable: false\n malwareProtection:\n scanEc2InstanceWithFindings:\n ebsVolumes:\n enable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty detectors using the detector ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/detector:Detector MyDetector 00b00fd5aecc0ab60a708659477e9617\n```\nThe ID of the detector can be retrieved via the [AWS CLI](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/guardduty/list-detectors.html) using `aws guardduty list-detectors`.\n\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID of the GuardDuty detector\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty detector\n" }, "datasources": { "$ref": "#/types/aws:guardduty/DetectorDatasources:DetectorDatasources", "description": "Describes which data sources will be enabled for the detector. See Data Sources below for more details. [Deprecated](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-feature-object-api-changes-march2023.html) in favor of `aws.guardduty.DetectorFeature` resources.\n" }, "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty primary accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and primary accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accountId", "arn", "datasources", "findingPublishingFrequency", "tagsAll" ], "inputProperties": { "datasources": { "$ref": "#/types/aws:guardduty/DetectorDatasources:DetectorDatasources", "description": "Describes which data sources will be enabled for the detector. See Data Sources below for more details. [Deprecated](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-feature-object-api-changes-march2023.html) in favor of `aws.guardduty.DetectorFeature` resources.\n" }, "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty primary accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and primary accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Detector resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID of the GuardDuty detector\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty detector\n" }, "datasources": { "$ref": "#/types/aws:guardduty/DetectorDatasources:DetectorDatasources", "description": "Describes which data sources will be enabled for the detector. See Data Sources below for more details. [Deprecated](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-feature-object-api-changes-march2023.html) in favor of `aws.guardduty.DetectorFeature` resources.\n" }, "enable": { "type": "boolean", "description": "Enable monitoring and feedback reporting. Setting to `false` is equivalent to \"suspending\" GuardDuty. Defaults to `true`.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty primary accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and primary accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:guardduty/detectorFeature:DetectorFeature": { "description": "Provides a resource to manage a single Amazon GuardDuty [detector feature](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-features-activation-model.html#guardduty-features).\n\n\u003e **NOTE:** Deleting this resource does not disable the detector feature, the resource in simply removed from state instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.guardduty.Detector(\"example\", {enable: true});\nconst eksRuntimeMonitoring = new aws.guardduty.DetectorFeature(\"eks_runtime_monitoring\", {\n detectorId: example.id,\n name: \"EKS_RUNTIME_MONITORING\",\n status: \"ENABLED\",\n additionalConfigurations: [{\n name: \"EKS_ADDON_MANAGEMENT\",\n status: \"ENABLED\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.Detector(\"example\", enable=True)\neks_runtime_monitoring = aws.guardduty.DetectorFeature(\"eks_runtime_monitoring\",\n detector_id=example.id,\n name=\"EKS_RUNTIME_MONITORING\",\n status=\"ENABLED\",\n additional_configurations=[{\n \"name\": \"EKS_ADDON_MANAGEMENT\",\n \"status\": \"ENABLED\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GuardDuty.Detector(\"example\", new()\n {\n Enable = true,\n });\n\n var eksRuntimeMonitoring = new Aws.GuardDuty.DetectorFeature(\"eks_runtime_monitoring\", new()\n {\n DetectorId = example.Id,\n Name = \"EKS_RUNTIME_MONITORING\",\n Status = \"ENABLED\",\n AdditionalConfigurations = new[]\n {\n new Aws.GuardDuty.Inputs.DetectorFeatureAdditionalConfigurationArgs\n {\n Name = \"EKS_ADDON_MANAGEMENT\",\n Status = \"ENABLED\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := guardduty.NewDetector(ctx, \"example\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewDetectorFeature(ctx, \"eks_runtime_monitoring\", \u0026guardduty.DetectorFeatureArgs{\n\t\t\tDetectorId: example.ID(),\n\t\t\tName: pulumi.String(\"EKS_RUNTIME_MONITORING\"),\n\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\tAdditionalConfigurations: guardduty.DetectorFeatureAdditionalConfigurationArray{\n\t\t\t\t\u0026guardduty.DetectorFeatureAdditionalConfigurationArgs{\n\t\t\t\t\tName: pulumi.String(\"EKS_ADDON_MANAGEMENT\"),\n\t\t\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.guardduty.DetectorFeature;\nimport com.pulumi.aws.guardduty.DetectorFeatureArgs;\nimport com.pulumi.aws.guardduty.inputs.DetectorFeatureAdditionalConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Detector(\"example\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var eksRuntimeMonitoring = new DetectorFeature(\"eksRuntimeMonitoring\", DetectorFeatureArgs.builder()\n .detectorId(example.id())\n .name(\"EKS_RUNTIME_MONITORING\")\n .status(\"ENABLED\")\n .additionalConfigurations(DetectorFeatureAdditionalConfigurationArgs.builder()\n .name(\"EKS_ADDON_MANAGEMENT\")\n .status(\"ENABLED\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:guardduty:Detector\n properties:\n enable: true\n eksRuntimeMonitoring:\n type: aws:guardduty:DetectorFeature\n name: eks_runtime_monitoring\n properties:\n detectorId: ${example.id}\n name: EKS_RUNTIME_MONITORING\n status: ENABLED\n additionalConfigurations:\n - name: EKS_ADDON_MANAGEMENT\n status: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/DetectorFeatureAdditionalConfiguration:DetectorFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features`EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n" }, "detectorId": { "type": "string", "description": "Amazon GuardDuty detector ID.\n" }, "name": { "type": "string", "description": "The name of the detector feature. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n" }, "status": { "type": "string", "description": "The status of the detector feature. Valid values: `ENABLED`, `DISABLED`.\n" } }, "required": [ "detectorId", "name", "status" ], "inputProperties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/DetectorFeatureAdditionalConfiguration:DetectorFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features`EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n", "willReplaceOnChanges": true }, "detectorId": { "type": "string", "description": "Amazon GuardDuty detector ID.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the detector feature. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the detector feature. Valid values: `ENABLED`, `DISABLED`.\n" } }, "requiredInputs": [ "detectorId", "status" ], "stateInputs": { "description": "Input properties used for looking up and filtering DetectorFeature resources.\n", "properties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/DetectorFeatureAdditionalConfiguration:DetectorFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features`EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n", "willReplaceOnChanges": true }, "detectorId": { "type": "string", "description": "Amazon GuardDuty detector ID.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the detector feature. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the detector feature. Valid values: `ENABLED`, `DISABLED`.\n" } }, "type": "object" } }, "aws:guardduty/filter:Filter": { "description": "Provides a resource to manage a GuardDuty filter.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myFilter = new aws.guardduty.Filter(\"MyFilter\", {\n name: \"MyFilter\",\n action: \"ARCHIVE\",\n detectorId: example.id,\n rank: 1,\n findingCriteria: {\n criterions: [\n {\n field: \"region\",\n equals: [\"eu-west-1\"],\n },\n {\n field: \"service.additionalInfo.threatListName\",\n notEquals: [\n \"some-threat\",\n \"another-threat\",\n ],\n },\n {\n field: \"updatedAt\",\n greaterThan: \"2020-01-01T00:00:00Z\",\n lessThan: \"2020-02-01T00:00:00Z\",\n },\n {\n field: \"severity\",\n greaterThanOrEqual: \"4\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_filter = aws.guardduty.Filter(\"MyFilter\",\n name=\"MyFilter\",\n action=\"ARCHIVE\",\n detector_id=example[\"id\"],\n rank=1,\n finding_criteria={\n \"criterions\": [\n {\n \"field\": \"region\",\n \"equals\": [\"eu-west-1\"],\n },\n {\n \"field\": \"service.additionalInfo.threatListName\",\n \"not_equals\": [\n \"some-threat\",\n \"another-threat\",\n ],\n },\n {\n \"field\": \"updatedAt\",\n \"greater_than\": \"2020-01-01T00:00:00Z\",\n \"less_than\": \"2020-02-01T00:00:00Z\",\n },\n {\n \"field\": \"severity\",\n \"greater_than_or_equal\": \"4\",\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myFilter = new Aws.GuardDuty.Filter(\"MyFilter\", new()\n {\n Name = \"MyFilter\",\n Action = \"ARCHIVE\",\n DetectorId = example.Id,\n Rank = 1,\n FindingCriteria = new Aws.GuardDuty.Inputs.FilterFindingCriteriaArgs\n {\n Criterions = new[]\n {\n new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs\n {\n Field = \"region\",\n Equals = new[]\n {\n \"eu-west-1\",\n },\n },\n new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs\n {\n Field = \"service.additionalInfo.threatListName\",\n NotEquals = new[]\n {\n \"some-threat\",\n \"another-threat\",\n },\n },\n new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs\n {\n Field = \"updatedAt\",\n GreaterThan = \"2020-01-01T00:00:00Z\",\n LessThan = \"2020-02-01T00:00:00Z\",\n },\n new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs\n {\n Field = \"severity\",\n GreaterThanOrEqual = \"4\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := guardduty.NewFilter(ctx, \"MyFilter\", \u0026guardduty.FilterArgs{\n\t\t\tName: pulumi.String(\"MyFilter\"),\n\t\t\tAction: pulumi.String(\"ARCHIVE\"),\n\t\t\tDetectorId: pulumi.Any(example.Id),\n\t\t\tRank: pulumi.Int(1),\n\t\t\tFindingCriteria: \u0026guardduty.FilterFindingCriteriaArgs{\n\t\t\t\tCriterions: guardduty.FilterFindingCriteriaCriterionArray{\n\t\t\t\t\t\u0026guardduty.FilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"region\"),\n\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026guardduty.FilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"service.additionalInfo.threatListName\"),\n\t\t\t\t\t\tNotEquals: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"some-threat\"),\n\t\t\t\t\t\t\tpulumi.String(\"another-threat\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026guardduty.FilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"updatedAt\"),\n\t\t\t\t\t\tGreaterThan: pulumi.String(\"2020-01-01T00:00:00Z\"),\n\t\t\t\t\t\tLessThan: pulumi.String(\"2020-02-01T00:00:00Z\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026guardduty.FilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"severity\"),\n\t\t\t\t\t\tGreaterThanOrEqual: pulumi.String(\"4\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Filter;\nimport com.pulumi.aws.guardduty.FilterArgs;\nimport com.pulumi.aws.guardduty.inputs.FilterFindingCriteriaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myFilter = new Filter(\"myFilter\", FilterArgs.builder()\n .name(\"MyFilter\")\n .action(\"ARCHIVE\")\n .detectorId(example.id())\n .rank(1)\n .findingCriteria(FilterFindingCriteriaArgs.builder()\n .criterions( \n FilterFindingCriteriaCriterionArgs.builder()\n .field(\"region\")\n .equals(\"eu-west-1\")\n .build(),\n FilterFindingCriteriaCriterionArgs.builder()\n .field(\"service.additionalInfo.threatListName\")\n .notEquals( \n \"some-threat\",\n \"another-threat\")\n .build(),\n FilterFindingCriteriaCriterionArgs.builder()\n .field(\"updatedAt\")\n .greaterThan(\"2020-01-01T00:00:00Z\")\n .lessThan(\"2020-02-01T00:00:00Z\")\n .build(),\n FilterFindingCriteriaCriterionArgs.builder()\n .field(\"severity\")\n .greaterThanOrEqual(\"4\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myFilter:\n type: aws:guardduty:Filter\n name: MyFilter\n properties:\n name: MyFilter\n action: ARCHIVE\n detectorId: ${example.id}\n rank: 1\n findingCriteria:\n criterions:\n - field: region\n equals:\n - eu-west-1\n - field: service.additionalInfo.threatListName\n notEquals:\n - some-threat\n - another-threat\n - field: updatedAt\n greaterThan: 2020-01-01T00:00:00Z\n lessThan: 2020-02-01T00:00:00Z\n - field: severity\n greaterThanOrEqual: '4'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty filters using the detector ID and filter's name separated by a colon. For example:\n\n```sh\n$ pulumi import aws:guardduty/filter:Filter MyFilter 00b00fd5aecc0ab60a708659477e9617:MyFilter\n```\n", "properties": { "action": { "type": "string", "description": "Specifies the action that is to be applied to the findings that match the filter. Can be one of `ARCHIVE` or `NOOP`.\n" }, "arn": { "type": "string", "description": "The ARN of the GuardDuty filter.\n" }, "description": { "type": "string", "description": "Description of the filter.\n" }, "detectorId": { "type": "string", "description": "ID of a GuardDuty detector, attached to your account.\n" }, "findingCriteria": { "$ref": "#/types/aws:guardduty/FilterFindingCriteria:FilterFindingCriteria", "description": "Represents the criteria to be used in the filter for querying findings. Contains one or more `criterion` blocks, documented below.\n" }, "name": { "type": "string", "description": "The name of your filter.\n" }, "rank": { "type": "integer", "description": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "action", "arn", "detectorId", "findingCriteria", "name", "rank", "tagsAll" ], "inputProperties": { "action": { "type": "string", "description": "Specifies the action that is to be applied to the findings that match the filter. Can be one of `ARCHIVE` or `NOOP`.\n" }, "description": { "type": "string", "description": "Description of the filter.\n" }, "detectorId": { "type": "string", "description": "ID of a GuardDuty detector, attached to your account.\n", "willReplaceOnChanges": true }, "findingCriteria": { "$ref": "#/types/aws:guardduty/FilterFindingCriteria:FilterFindingCriteria", "description": "Represents the criteria to be used in the filter for querying findings. Contains one or more `criterion` blocks, documented below.\n" }, "name": { "type": "string", "description": "The name of your filter.\n", "willReplaceOnChanges": true }, "rank": { "type": "integer", "description": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "action", "detectorId", "findingCriteria", "rank" ], "stateInputs": { "description": "Input properties used for looking up and filtering Filter resources.\n", "properties": { "action": { "type": "string", "description": "Specifies the action that is to be applied to the findings that match the filter. Can be one of `ARCHIVE` or `NOOP`.\n" }, "arn": { "type": "string", "description": "The ARN of the GuardDuty filter.\n" }, "description": { "type": "string", "description": "Description of the filter.\n" }, "detectorId": { "type": "string", "description": "ID of a GuardDuty detector, attached to your account.\n", "willReplaceOnChanges": true }, "findingCriteria": { "$ref": "#/types/aws:guardduty/FilterFindingCriteria:FilterFindingCriteria", "description": "Represents the criteria to be used in the filter for querying findings. Contains one or more `criterion` blocks, documented below.\n" }, "name": { "type": "string", "description": "The name of your filter.\n", "willReplaceOnChanges": true }, "rank": { "type": "integer", "description": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:guardduty/iPSet:IPSet": { "description": "Provides a resource to manage a GuardDuty IPSet.\n\n\u003e **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage IPSets. IPSets that are uploaded by the primary account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-ip-set.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {enable: true});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {});\nconst myIPSet = new aws.s3.BucketObjectv2(\"MyIPSet\", {\n content: \"10.0.0.0/8\\n\",\n bucket: bucket.id,\n key: \"MyIPSet\",\n});\nconst example = new aws.guardduty.IPSet(\"example\", {\n activate: true,\n detectorId: primary.id,\n format: \"TXT\",\n location: pulumi.interpolate`https://s3.amazonaws.com/${myIPSet.bucket}/${myIPSet.key}`,\n name: \"MyIPSet\",\n});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\", enable=True)\nbucket = aws.s3.BucketV2(\"bucket\")\nmy_ip_set = aws.s3.BucketObjectv2(\"MyIPSet\",\n content=\"10.0.0.0/8\\n\",\n bucket=bucket.id,\n key=\"MyIPSet\")\nexample = aws.guardduty.IPSet(\"example\",\n activate=True,\n detector_id=primary.id,\n format=\"TXT\",\n location=pulumi.Output.all(my_ip_set.bucket, my_ip_set.key).apply(lambda bucket, key: f\"https://s3.amazonaws.com/{bucket}/{key}\"),\n name=\"MyIPSet\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\", new()\n {\n Enable = true,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\");\n\n var myIPSet = new Aws.S3.BucketObjectv2(\"MyIPSet\", new()\n {\n Content = @\"10.0.0.0/8\n\",\n Bucket = bucket.Id,\n Key = \"MyIPSet\",\n });\n\n var example = new Aws.GuardDuty.IPSet(\"example\", new()\n {\n Activate = true,\n DetectorId = primary.Id,\n Format = \"TXT\",\n Location = Output.Tuple(myIPSet.Bucket, myIPSet.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"https://s3.amazonaws.com/{bucket}/{key}\";\n }),\n Name = \"MyIPSet\",\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyIPSet, err := s3.NewBucketObjectv2(ctx, \"MyIPSet\", \u0026s3.BucketObjectv2Args{\n\t\t\tContent: pulumi.String(\"10.0.0.0/8\\n\"),\n\t\t\tBucket: bucket.ID(),\n\t\t\tKey: pulumi.String(\"MyIPSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewIPSet(ctx, \"example\", \u0026guardduty.IPSetArgs{\n\t\t\tActivate: pulumi.Bool(true),\n\t\t\tDetectorId: primary.ID(),\n\t\t\tFormat: pulumi.String(\"TXT\"),\n\t\t\tLocation: pulumi.All(myIPSet.Bucket, myIPSet.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"https://s3.amazonaws.com/%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tName: pulumi.String(\"MyIPSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.guardduty.IPSet;\nimport com.pulumi.aws.guardduty.IPSetArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var bucket = new BucketV2(\"bucket\");\n\n var myIPSet = new BucketObjectv2(\"myIPSet\", BucketObjectv2Args.builder()\n .content(\"\"\"\n10.0.0.0/8\n \"\"\")\n .bucket(bucket.id())\n .key(\"MyIPSet\")\n .build());\n\n var example = new IPSet(\"example\", IPSetArgs.builder()\n .activate(true)\n .detectorId(primary.id())\n .format(\"TXT\")\n .location(Output.tuple(myIPSet.bucket(), myIPSet.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"https://s3.amazonaws.com/%s/%s\", bucket,key);\n }))\n .name(\"MyIPSet\")\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:guardduty:IPSet\n properties:\n activate: true\n detectorId: ${primary.id}\n format: TXT\n location: https://s3.amazonaws.com/${myIPSet.bucket}/${myIPSet.key}\n name: MyIPSet\n primary:\n type: aws:guardduty:Detector\n properties:\n enable: true\n bucket:\n type: aws:s3:BucketV2\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n myIPSet:\n type: aws:s3:BucketObjectv2\n name: MyIPSet\n properties:\n content: |\n 10.0.0.0/8\n bucket: ${bucket.id}\n key: MyIPSet\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty IPSet using the primary GuardDuty detector ID and IPSet ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/iPSet:IPSet MyIPSet 00b00fd5aecc0ab60a708659477e9617:123456789012\n```\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "activate", "arn", "detectorId", "format", "location", "name", "tagsAll" ], "inputProperties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n", "willReplaceOnChanges": true }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "activate", "detectorId", "format", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering IPSet resources.\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded IPSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty IPSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n", "willReplaceOnChanges": true }, "location": { "type": "string", "description": "The URI of the file that contains the IPSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the IPSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:guardduty/inviteAccepter:InviteAccepter": { "description": "Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct primary account on read, and disassociate with the primary account upon removal.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {});\nconst memberDetector = new aws.guardduty.Detector(\"member\", {});\nconst memberMember = new aws.guardduty.Member(\"member\", {\n accountId: memberDetector.accountId,\n detectorId: primary.id,\n email: \"required@example.com\",\n invite: true,\n});\nconst member = new aws.guardduty.InviteAccepter(\"member\", {\n detectorId: memberDetector.id,\n masterAccountId: primary.accountId,\n}, {\n dependsOn: [memberMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\")\nmember_detector = aws.guardduty.Detector(\"member\")\nmember_member = aws.guardduty.Member(\"member\",\n account_id=member_detector.account_id,\n detector_id=primary.id,\n email=\"required@example.com\",\n invite=True)\nmember = aws.guardduty.InviteAccepter(\"member\",\n detector_id=member_detector.id,\n master_account_id=primary.account_id,\n opts = pulumi.ResourceOptions(depends_on=[member_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\");\n\n var memberDetector = new Aws.GuardDuty.Detector(\"member\");\n\n var memberMember = new Aws.GuardDuty.Member(\"member\", new()\n {\n AccountId = memberDetector.AccountId,\n DetectorId = primary.Id,\n Email = \"required@example.com\",\n Invite = true,\n });\n\n var member = new Aws.GuardDuty.InviteAccepter(\"member\", new()\n {\n DetectorId = memberDetector.Id,\n MasterAccountId = primary.AccountId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n memberMember,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberDetector, err := guardduty.NewDetector(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberMember, err := guardduty.NewMember(ctx, \"member\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: memberDetector.AccountId,\n\t\t\tDetectorId: primary.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewInviteAccepter(ctx, \"member\", \u0026guardduty.InviteAccepterArgs{\n\t\t\tDetectorId: memberDetector.ID(),\n\t\t\tMasterAccountId: primary.AccountId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmemberMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.Member;\nimport com.pulumi.aws.guardduty.MemberArgs;\nimport com.pulumi.aws.guardduty.InviteAccepter;\nimport com.pulumi.aws.guardduty.InviteAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\");\n\n var memberDetector = new Detector(\"memberDetector\");\n\n var memberMember = new Member(\"memberMember\", MemberArgs.builder()\n .accountId(memberDetector.accountId())\n .detectorId(primary.id())\n .email(\"required@example.com\")\n .invite(true)\n .build());\n\n var member = new InviteAccepter(\"member\", InviteAccepterArgs.builder()\n .detectorId(memberDetector.id())\n .masterAccountId(primary.accountId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(memberMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: aws:guardduty:InviteAccepter\n properties:\n detectorId: ${memberDetector.id}\n masterAccountId: ${primary.accountId}\n options:\n dependson:\n - ${memberMember}\n memberMember:\n type: aws:guardduty:Member\n name: member\n properties:\n accountId: ${memberDetector.accountId}\n detectorId: ${primary.id}\n email: required@example.com\n invite: true\n primary:\n type: aws:guardduty:Detector\n memberDetector:\n type: aws:guardduty:Detector\n name: member\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_guardduty_invite_accepter` using the member GuardDuty detector ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/inviteAccepter:InviteAccepter member 00b00fd5aecc0ab60a708659477e9617\n```\n", "properties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n" }, "masterAccountId": { "type": "string", "description": "AWS account ID for primary account.\n" } }, "required": [ "detectorId", "masterAccountId" ], "inputProperties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n", "willReplaceOnChanges": true }, "masterAccountId": { "type": "string", "description": "AWS account ID for primary account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "detectorId", "masterAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InviteAccepter resources.\n", "properties": { "detectorId": { "type": "string", "description": "The detector ID of the member GuardDuty account.\n", "willReplaceOnChanges": true }, "masterAccountId": { "type": "string", "description": "AWS account ID for primary account.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:guardduty/malwareProtectionPlan:MalwareProtectionPlan": { "description": "Provides a resource to manage a GuardDuty malware protection plan.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.MalwareProtectionPlan;\nimport com.pulumi.aws.guardduty.MalwareProtectionPlanArgs;\nimport com.pulumi.aws.guardduty.inputs.MalwareProtectionPlanProtectedResourceArgs;\nimport com.pulumi.aws.guardduty.inputs.MalwareProtectionPlanProtectedResourceS3BucketArgs;\nimport com.pulumi.aws.guardduty.inputs.MalwareProtectionPlanActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MalwareProtectionPlan(\"example\", MalwareProtectionPlanArgs.builder()\n .role(exampleAwsIamRole.arn())\n .protectedResource(MalwareProtectionPlanProtectedResourceArgs.builder()\n .s3Bucket(MalwareProtectionPlanProtectedResourceS3BucketArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .objectPrefixes( \n \"example1\",\n \"example2\")\n .build())\n .build())\n .actions(MalwareProtectionPlanActionArgs.builder()\n .tagging(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:guardduty:MalwareProtectionPlan\n properties:\n role: ${exampleAwsIamRole.arn}\n protectedResource:\n s3Bucket:\n bucketName: ${exampleAwsS3Bucket.id}\n objectPrefixes:\n - example1\n - example2\n actions:\n - tagging:\n - status: ENABLED\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty malware protection plans using their IDs. For example:\n\n```sh\n$ pulumi import aws:guardduty/malwareProtectionPlan:MalwareProtectionPlan example 1234567890abcdef0123\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanAction:MalwareProtectionPlanAction" }, "description": "Information about whether the tags will be added to the S3 object after scanning. See `actions` below.\n" }, "arn": { "type": "string", "description": "The ARN of the GuardDuty malware protection plan\n" }, "createdAt": { "type": "string", "description": "The timestamp when the Malware Protection plan resource was created.\n" }, "protectedResource": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanProtectedResource:MalwareProtectionPlanProtectedResource", "description": "Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource. See `protected_resource` below.\n" }, "role": { "type": "string", "description": "The IAM role that includes the permissions required to scan and add tags to the associated protected resource.\n" }, "status": { "type": "string", "description": "The GuardDuty malware protection plan status. Valid values are `ACTIVE`, `WARNING`, and `ERROR`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "actions", "arn", "createdAt", "role", "status", "tagsAll" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanAction:MalwareProtectionPlanAction" }, "description": "Information about whether the tags will be added to the S3 object after scanning. See `actions` below.\n" }, "protectedResource": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanProtectedResource:MalwareProtectionPlanProtectedResource", "description": "Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource. See `protected_resource` below.\n" }, "role": { "type": "string", "description": "The IAM role that includes the permissions required to scan and add tags to the associated protected resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering MalwareProtectionPlan resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanAction:MalwareProtectionPlanAction" }, "description": "Information about whether the tags will be added to the S3 object after scanning. See `actions` below.\n" }, "arn": { "type": "string", "description": "The ARN of the GuardDuty malware protection plan\n" }, "createdAt": { "type": "string", "description": "The timestamp when the Malware Protection plan resource was created.\n" }, "protectedResource": { "$ref": "#/types/aws:guardduty/MalwareProtectionPlanProtectedResource:MalwareProtectionPlanProtectedResource", "description": "Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource. See `protected_resource` below.\n" }, "role": { "type": "string", "description": "The IAM role that includes the permissions required to scan and add tags to the associated protected resource.\n" }, "status": { "type": "string", "description": "The GuardDuty malware protection plan status. Valid values are `ACTIVE`, `WARNING`, and `ERROR`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:guardduty/member:Member": { "description": "Provides a resource to manage a GuardDuty member. To accept invitations in member accounts, see the `aws.guardduty.InviteAccepter` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {enable: true});\nconst member = new aws.guardduty.Detector(\"member\", {enable: true});\nconst memberMember = new aws.guardduty.Member(\"member\", {\n accountId: member.accountId,\n detectorId: primary.id,\n email: \"required@example.com\",\n invite: true,\n invitationMessage: \"please accept guardduty invitation\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\", enable=True)\nmember = aws.guardduty.Detector(\"member\", enable=True)\nmember_member = aws.guardduty.Member(\"member\",\n account_id=member.account_id,\n detector_id=primary.id,\n email=\"required@example.com\",\n invite=True,\n invitation_message=\"please accept guardduty invitation\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\", new()\n {\n Enable = true,\n });\n\n var member = new Aws.GuardDuty.Detector(\"member\", new()\n {\n Enable = true,\n });\n\n var memberMember = new Aws.GuardDuty.Member(\"member\", new()\n {\n AccountId = member.AccountId,\n DetectorId = primary.Id,\n Email = \"required@example.com\",\n Invite = true,\n InvitationMessage = \"please accept guardduty invitation\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmember, err := guardduty.NewDetector(ctx, \"member\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewMember(ctx, \"member\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: member.AccountId,\n\t\t\tDetectorId: primary.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"please accept guardduty invitation\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.guardduty.Member;\nimport com.pulumi.aws.guardduty.MemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var member = new Detector(\"member\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var memberMember = new Member(\"memberMember\", MemberArgs.builder()\n .accountId(member.accountId())\n .detectorId(primary.id())\n .email(\"required@example.com\")\n .invite(true)\n .invitationMessage(\"please accept guardduty invitation\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:guardduty:Detector\n properties:\n enable: true\n member:\n type: aws:guardduty:Detector\n properties:\n enable: true\n memberMember:\n type: aws:guardduty:Member\n name: member\n properties:\n accountId: ${member.accountId}\n detectorId: ${primary.id}\n email: required@example.com\n invite: true\n invitationMessage: please accept guardduty invitation\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty members using the primary GuardDuty detector ID and member AWS account ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/member:Member MyMember 00b00fd5aecc0ab60a708659477e9617:123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n" }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n" }, "email": { "type": "string", "description": "Email address for member account.\n" }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" }, "relationshipStatus": { "type": "string", "description": "The status of the relationship between the member account and its primary account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).\n" } }, "required": [ "accountId", "detectorId", "email", "relationshipStatus" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n", "willReplaceOnChanges": true }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n", "willReplaceOnChanges": true }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "Email address for member account.\n", "willReplaceOnChanges": true }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n", "willReplaceOnChanges": true }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" } }, "requiredInputs": [ "accountId", "detectorId", "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for member account.\n", "willReplaceOnChanges": true }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account where you want to create member accounts.\n", "willReplaceOnChanges": true }, "disableEmailNotification": { "type": "boolean", "description": "Boolean whether an email notification is sent to the accounts. Defaults to `false`.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "Email address for member account.\n", "willReplaceOnChanges": true }, "invitationMessage": { "type": "string", "description": "Message for invitation.\n", "willReplaceOnChanges": true }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.\n" }, "relationshipStatus": { "type": "string", "description": "The status of the relationship between the member account and its primary account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).\n" } }, "type": "object" } }, "aws:guardduty/organizationAdminAccount:OrganizationAdminAccount": { "description": "Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"guardduty.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleDetector = new aws.guardduty.Detector(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"guardduty.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_detector = aws.guardduty.Detector(\"example\")\nexample_organization_admin_account = aws.guardduty.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleDetector = new Aws.GuardDuty.Detector(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.GuardDuty.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewDetector(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationAdminAccount(ctx, \"example\", \u0026guardduty.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccount;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"guardduty.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleDetector = new Detector(\"exampleDetector\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder()\n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - guardduty.amazonaws.com\n featureSet: ALL\n exampleDetector:\n type: aws:guardduty:Detector\n name: example\n exampleOrganizationAdminAccount:\n type: aws:guardduty:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty Organization Admin Account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n" } }, "required": [ "adminAccountId" ], "inputProperties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "adminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccount resources.\n", "properties": { "adminAccountId": { "type": "string", "description": "AWS account identifier to designate as a delegated administrator for GuardDuty.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:guardduty/organizationConfiguration:OrganizationConfiguration": { "description": "Manages the GuardDuty Organization Configuration in the current AWS Region. The AWS account utilizing this resource must have been assigned as a delegated Organization administrator account, e.g., via the `aws.guardduty.OrganizationAdminAccount` resource. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n\u003e **NOTE:** This is an advanced resource. The provider will automatically assume management of the GuardDuty Organization Configuration without import and perform no actions on removal from the resource configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.guardduty.Detector(\"example\", {enable: true});\nconst exampleOrganizationConfiguration = new aws.guardduty.OrganizationConfiguration(\"example\", {\n autoEnableOrganizationMembers: \"ALL\",\n detectorId: example.id,\n datasources: {\n s3Logs: {\n autoEnable: true,\n },\n kubernetes: {\n auditLogs: {\n enable: true,\n },\n },\n malwareProtection: {\n scanEc2InstanceWithFindings: {\n ebsVolumes: {\n autoEnable: true,\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.Detector(\"example\", enable=True)\nexample_organization_configuration = aws.guardduty.OrganizationConfiguration(\"example\",\n auto_enable_organization_members=\"ALL\",\n detector_id=example.id,\n datasources={\n \"s3_logs\": {\n \"auto_enable\": True,\n },\n \"kubernetes\": {\n \"audit_logs\": {\n \"enable\": True,\n },\n },\n \"malware_protection\": {\n \"scan_ec2_instance_with_findings\": {\n \"ebs_volumes\": {\n \"auto_enable\": True,\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GuardDuty.Detector(\"example\", new()\n {\n Enable = true,\n });\n\n var exampleOrganizationConfiguration = new Aws.GuardDuty.OrganizationConfiguration(\"example\", new()\n {\n AutoEnableOrganizationMembers = \"ALL\",\n DetectorId = example.Id,\n Datasources = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesArgs\n {\n S3Logs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesS3LogsArgs\n {\n AutoEnable = true,\n },\n Kubernetes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesArgs\n {\n AuditLogs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs\n {\n Enable = true,\n },\n },\n MalwareProtection = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionArgs\n {\n ScanEc2InstanceWithFindings = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs\n {\n EbsVolumes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs\n {\n AutoEnable = true,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := guardduty.NewDetector(ctx, \"example\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationConfiguration(ctx, \"example\", \u0026guardduty.OrganizationConfigurationArgs{\n\t\t\tAutoEnableOrganizationMembers: pulumi.String(\"ALL\"),\n\t\t\tDetectorId: example.ID(),\n\t\t\tDatasources: \u0026guardduty.OrganizationConfigurationDatasourcesArgs{\n\t\t\t\tS3Logs: \u0026guardduty.OrganizationConfigurationDatasourcesS3LogsArgs{\n\t\t\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tKubernetes: \u0026guardduty.OrganizationConfigurationDatasourcesKubernetesArgs{\n\t\t\t\t\tAuditLogs: \u0026guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs{\n\t\t\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tMalwareProtection: \u0026guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs{\n\t\t\t\t\tScanEc2InstanceWithFindings: \u0026guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs{\n\t\t\t\t\t\tEbsVolumes: \u0026guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs{\n\t\t\t\t\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.guardduty.OrganizationConfiguration;\nimport com.pulumi.aws.guardduty.OrganizationConfigurationArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesS3LogsArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesKubernetesArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Detector(\"example\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnableOrganizationMembers(\"ALL\")\n .detectorId(example.id())\n .datasources(OrganizationConfigurationDatasourcesArgs.builder()\n .s3Logs(OrganizationConfigurationDatasourcesS3LogsArgs.builder()\n .autoEnable(true)\n .build())\n .kubernetes(OrganizationConfigurationDatasourcesKubernetesArgs.builder()\n .auditLogs(OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs.builder()\n .enable(true)\n .build())\n .build())\n .malwareProtection(OrganizationConfigurationDatasourcesMalwareProtectionArgs.builder()\n .scanEc2InstanceWithFindings(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs.builder()\n .ebsVolumes(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs.builder()\n .autoEnable(true)\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:guardduty:Detector\n properties:\n enable: true\n exampleOrganizationConfiguration:\n type: aws:guardduty:OrganizationConfiguration\n name: example\n properties:\n autoEnableOrganizationMembers: ALL\n detectorId: ${example.id}\n datasources:\n s3Logs:\n autoEnable: true\n kubernetes:\n auditLogs:\n enable: true\n malwareProtection:\n scanEc2InstanceWithFindings:\n ebsVolumes:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty Organization Configurations using the GuardDuty Detector ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/organizationConfiguration:OrganizationConfiguration example 00b00fd5aecc0ab60a708659477e9617\n```\n", "properties": { "autoEnable": { "type": "boolean", "description": "*Deprecated:* Use `auto_enable_organization_members` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n", "deprecationMessage": "Use auto_enable_organization_members instead" }, "autoEnableOrganizationMembers": { "type": "string", "description": "Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`.\n" }, "datasources": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasources:OrganizationConfigurationDatasources", "description": "Configuration for the collected datasources.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n" } }, "required": [ "autoEnable", "autoEnableOrganizationMembers", "datasources", "detectorId" ], "inputProperties": { "autoEnable": { "type": "boolean", "description": "*Deprecated:* Use `auto_enable_organization_members` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n", "deprecationMessage": "Use auto_enable_organization_members instead" }, "autoEnableOrganizationMembers": { "type": "string", "description": "Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`.\n" }, "datasources": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasources:OrganizationConfigurationDatasources", "description": "Configuration for the collected datasources.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "detectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfiguration resources.\n", "properties": { "autoEnable": { "type": "boolean", "description": "*Deprecated:* Use `auto_enable_organization_members` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.\n", "deprecationMessage": "Use auto_enable_organization_members instead" }, "autoEnableOrganizationMembers": { "type": "string", "description": "Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`.\n" }, "datasources": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationDatasources:OrganizationConfigurationDatasources", "description": "Configuration for the collected datasources.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty account.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:guardduty/organizationConfigurationFeature:OrganizationConfigurationFeature": { "description": "Provides a resource to manage a single Amazon GuardDuty [organization configuration feature](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-features-activation-model.html#guardduty-features).\n\n\u003e **NOTE:** Deleting this resource does not disable the organization configuration feature, the resource in simply removed from state instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.guardduty.Detector(\"example\", {enable: true});\nconst eksRuntimeMonitoring = new aws.guardduty.OrganizationConfigurationFeature(\"eks_runtime_monitoring\", {\n detectorId: example.id,\n name: \"EKS_RUNTIME_MONITORING\",\n autoEnable: \"ALL\",\n additionalConfigurations: [{\n name: \"EKS_ADDON_MANAGEMENT\",\n autoEnable: \"NEW\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.Detector(\"example\", enable=True)\neks_runtime_monitoring = aws.guardduty.OrganizationConfigurationFeature(\"eks_runtime_monitoring\",\n detector_id=example.id,\n name=\"EKS_RUNTIME_MONITORING\",\n auto_enable=\"ALL\",\n additional_configurations=[{\n \"name\": \"EKS_ADDON_MANAGEMENT\",\n \"auto_enable\": \"NEW\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GuardDuty.Detector(\"example\", new()\n {\n Enable = true,\n });\n\n var eksRuntimeMonitoring = new Aws.GuardDuty.OrganizationConfigurationFeature(\"eks_runtime_monitoring\", new()\n {\n DetectorId = example.Id,\n Name = \"EKS_RUNTIME_MONITORING\",\n AutoEnable = \"ALL\",\n AdditionalConfigurations = new[]\n {\n new Aws.GuardDuty.Inputs.OrganizationConfigurationFeatureAdditionalConfigurationArgs\n {\n Name = \"EKS_ADDON_MANAGEMENT\",\n AutoEnable = \"NEW\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := guardduty.NewDetector(ctx, \"example\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationConfigurationFeature(ctx, \"eks_runtime_monitoring\", \u0026guardduty.OrganizationConfigurationFeatureArgs{\n\t\t\tDetectorId: example.ID(),\n\t\t\tName: pulumi.String(\"EKS_RUNTIME_MONITORING\"),\n\t\t\tAutoEnable: pulumi.String(\"ALL\"),\n\t\t\tAdditionalConfigurations: guardduty.OrganizationConfigurationFeatureAdditionalConfigurationArray{\n\t\t\t\t\u0026guardduty.OrganizationConfigurationFeatureAdditionalConfigurationArgs{\n\t\t\t\t\tName: pulumi.String(\"EKS_ADDON_MANAGEMENT\"),\n\t\t\t\t\tAutoEnable: pulumi.String(\"NEW\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.guardduty.OrganizationConfigurationFeature;\nimport com.pulumi.aws.guardduty.OrganizationConfigurationFeatureArgs;\nimport com.pulumi.aws.guardduty.inputs.OrganizationConfigurationFeatureAdditionalConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Detector(\"example\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var eksRuntimeMonitoring = new OrganizationConfigurationFeature(\"eksRuntimeMonitoring\", OrganizationConfigurationFeatureArgs.builder()\n .detectorId(example.id())\n .name(\"EKS_RUNTIME_MONITORING\")\n .autoEnable(\"ALL\")\n .additionalConfigurations(OrganizationConfigurationFeatureAdditionalConfigurationArgs.builder()\n .name(\"EKS_ADDON_MANAGEMENT\")\n .autoEnable(\"NEW\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:guardduty:Detector\n properties:\n enable: true\n eksRuntimeMonitoring:\n type: aws:guardduty:OrganizationConfigurationFeature\n name: eks_runtime_monitoring\n properties:\n detectorId: ${example.id}\n name: EKS_RUNTIME_MONITORING\n autoEnable: ALL\n additionalConfigurations:\n - name: EKS_ADDON_MANAGEMENT\n autoEnable: NEW\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationFeatureAdditionalConfiguration:OrganizationConfigurationFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n" }, "autoEnable": { "type": "string", "description": "The status of the feature that is configured for the member accounts within the organization. Valid values: `NEW`, `ALL`, `NONE`.\n" }, "detectorId": { "type": "string", "description": "The ID of the detector that configures the delegated administrator.\n" }, "name": { "type": "string", "description": "The name of the feature that will be configured for the organization. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n" } }, "required": [ "autoEnable", "detectorId", "name" ], "inputProperties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationFeatureAdditionalConfiguration:OrganizationConfigurationFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n", "willReplaceOnChanges": true }, "autoEnable": { "type": "string", "description": "The status of the feature that is configured for the member accounts within the organization. Valid values: `NEW`, `ALL`, `NONE`.\n" }, "detectorId": { "type": "string", "description": "The ID of the detector that configures the delegated administrator.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the feature that will be configured for the organization. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "autoEnable", "detectorId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfigurationFeature resources.\n", "properties": { "additionalConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:guardduty/OrganizationConfigurationFeatureAdditionalConfiguration:OrganizationConfigurationFeatureAdditionalConfiguration" }, "description": "Additional feature configuration block for features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING`. See below.\n", "willReplaceOnChanges": true }, "autoEnable": { "type": "string", "description": "The status of the feature that is configured for the member accounts within the organization. Valid values: `NEW`, `ALL`, `NONE`.\n" }, "detectorId": { "type": "string", "description": "The ID of the detector that configures the delegated administrator.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the feature that will be configured for the organization. Valid values: `S3_DATA_EVENTS`, `EKS_AUDIT_LOGS`, `EBS_MALWARE_PROTECTION`, `RDS_LOGIN_EVENTS`, `EKS_RUNTIME_MONITORING`, `LAMBDA_NETWORK_LOGS`, `RUNTIME_MONITORING`. Only one of two features `EKS_RUNTIME_MONITORING` or `RUNTIME_MONITORING` can be added, adding both features will cause an error. Refer to the [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html) for the current list of supported values.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:guardduty/publishingDestination:PublishingDestination": { "description": "Provides a resource to manage a GuardDuty PublishingDestination. Requires an existing GuardDuty Detector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst gdBucket = new aws.s3.BucketV2(\"gd_bucket\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst bucketPol = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"Allow PutObject\",\n actions: [\"s3:PutObject\"],\n resources: [pulumi.interpolate`${gdBucket.arn}/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow GetBucketLocation\",\n actions: [\"s3:GetBucketLocation\"],\n resources: [gdBucket.arn],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n ],\n});\nconst kmsPol = Promise.all([currentGetRegion, current, currentGetRegion, current, current]).then(([currentGetRegion, current, currentGetRegion1, current1, current2]) =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"Allow GuardDuty to encrypt findings\",\n actions: [\"kms:GenerateDataKey\"],\n resources: [`arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow all users to modify/delete key (test only)\",\n actions: [\"kms:*\"],\n resources: [`arn:aws:kms:${currentGetRegion1.name}:${current1.accountId}:key/*`],\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current2.accountId}:root`],\n }],\n },\n ],\n}));\nconst testGd = new aws.guardduty.Detector(\"test_gd\", {enable: true});\nconst gdBucketAcl = new aws.s3.BucketAclV2(\"gd_bucket_acl\", {\n bucket: gdBucket.id,\n acl: \"private\",\n});\nconst gdBucketPolicy = new aws.s3.BucketPolicy(\"gd_bucket_policy\", {\n bucket: gdBucket.id,\n policy: bucketPol.apply(bucketPol =\u003e bucketPol.json),\n});\nconst gdKey = new aws.kms.Key(\"gd_key\", {\n description: \"Temporary key for AccTest of TF\",\n deletionWindowInDays: 7,\n policy: kmsPol.then(kmsPol =\u003e kmsPol.json),\n});\nconst test = new aws.guardduty.PublishingDestination(\"test\", {\n detectorId: testGd.id,\n destinationArn: gdBucket.arn,\n kmsKeyArn: gdKey.arn,\n}, {\n dependsOn: [gdBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ngd_bucket = aws.s3.BucketV2(\"gd_bucket\",\n bucket=\"example\",\n force_destroy=True)\nbucket_pol = aws.iam.get_policy_document_output(statements=[\n {\n \"sid\": \"Allow PutObject\",\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [gd_bucket.arn.apply(lambda arn: f\"{arn}/*\")],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n \"sid\": \"Allow GetBucketLocation\",\n \"actions\": [\"s3:GetBucketLocation\"],\n \"resources\": [gd_bucket.arn],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"guardduty.amazonaws.com\"],\n }],\n },\n])\nkms_pol = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"Allow GuardDuty to encrypt findings\",\n \"actions\": [\"kms:GenerateDataKey\"],\n \"resources\": [f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n \"sid\": \"Allow all users to modify/delete key (test only)\",\n \"actions\": [\"kms:*\"],\n \"resources\": [f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [f\"arn:aws:iam::{current.account_id}:root\"],\n }],\n },\n])\ntest_gd = aws.guardduty.Detector(\"test_gd\", enable=True)\ngd_bucket_acl = aws.s3.BucketAclV2(\"gd_bucket_acl\",\n bucket=gd_bucket.id,\n acl=\"private\")\ngd_bucket_policy = aws.s3.BucketPolicy(\"gd_bucket_policy\",\n bucket=gd_bucket.id,\n policy=bucket_pol.json)\ngd_key = aws.kms.Key(\"gd_key\",\n description=\"Temporary key for AccTest of TF\",\n deletion_window_in_days=7,\n policy=kms_pol.json)\ntest = aws.guardduty.PublishingDestination(\"test\",\n detector_id=test_gd.id,\n destination_arn=gd_bucket.arn,\n kms_key_arn=gd_key.arn,\n opts = pulumi.ResourceOptions(depends_on=[gd_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var gdBucket = new Aws.S3.BucketV2(\"gd_bucket\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var bucketPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow PutObject\",\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{gdBucket.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GetBucketLocation\",\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n },\n Resources = new[]\n {\n gdBucket.Arn,\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var kmsPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GuardDuty to encrypt findings\",\n Actions = new[]\n {\n \"kms:GenerateDataKey\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow all users to modify/delete key (test only)\",\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n },\n },\n });\n\n var testGd = new Aws.GuardDuty.Detector(\"test_gd\", new()\n {\n Enable = true,\n });\n\n var gdBucketAcl = new Aws.S3.BucketAclV2(\"gd_bucket_acl\", new()\n {\n Bucket = gdBucket.Id,\n Acl = \"private\",\n });\n\n var gdBucketPolicy = new Aws.S3.BucketPolicy(\"gd_bucket_policy\", new()\n {\n Bucket = gdBucket.Id,\n Policy = bucketPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var gdKey = new Aws.Kms.Key(\"gd_key\", new()\n {\n Description = \"Temporary key for AccTest of TF\",\n DeletionWindowInDays = 7,\n Policy = kmsPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = new Aws.GuardDuty.PublishingDestination(\"test\", new()\n {\n DetectorId = testGd.Id,\n DestinationArn = gdBucket.Arn,\n KmsKeyArn = gdKey.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gdBucketPolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdBucket, err := s3.NewBucketV2(ctx, \"gd_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucketPol := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow PutObject\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow GetBucketLocation\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tkmsPol, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow GuardDuty to encrypt findings\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"guardduty.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow all users to modify/delete key (test only)\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGd, err := guardduty.NewDetector(ctx, \"test_gd\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"gd_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdBucketPolicy, err := s3.NewBucketPolicy(ctx, \"gd_bucket_policy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tPolicy: pulumi.String(bucketPol.ApplyT(func(bucketPol iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026bucketPol.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdKey, err := kms.NewKey(ctx, \"gd_key\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Temporary key for AccTest of TF\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPolicy: pulumi.String(kmsPol.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewPublishingDestination(ctx, \"test\", \u0026guardduty.PublishingDestinationArgs{\n\t\t\tDetectorId: testGd.ID(),\n\t\t\tDestinationArn: gdBucket.Arn,\n\t\t\tKmsKeyArn: gdKey.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgdBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.guardduty.PublishingDestination;\nimport com.pulumi.aws.guardduty.PublishingDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var gdBucket = new BucketV2(\"gdBucket\", BucketV2Args.builder()\n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var bucketPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow PutObject\")\n .actions(\"s3:PutObject\")\n .resources(gdBucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GetBucketLocation\")\n .actions(\"s3:GetBucketLocation\")\n .resources(gdBucket.arn())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build())\n .build());\n\n final var kmsPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GuardDuty to encrypt findings\")\n .actions(\"kms:GenerateDataKey\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow all users to modify/delete key (test only)\")\n .actions(\"kms:*\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var testGd = new Detector(\"testGd\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var gdBucketAcl = new BucketAclV2(\"gdBucketAcl\", BucketAclV2Args.builder()\n .bucket(gdBucket.id())\n .acl(\"private\")\n .build());\n\n var gdBucketPolicy = new BucketPolicy(\"gdBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(gdBucket.id())\n .policy(bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(bucketPol -\u003e bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var gdKey = new Key(\"gdKey\", KeyArgs.builder()\n .description(\"Temporary key for AccTest of TF\")\n .deletionWindowInDays(7)\n .policy(kmsPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var test = new PublishingDestination(\"test\", PublishingDestinationArgs.builder()\n .detectorId(testGd.id())\n .destinationArn(gdBucket.arn())\n .kmsKeyArn(gdKey.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(gdBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testGd:\n type: aws:guardduty:Detector\n name: test_gd\n properties:\n enable: true\n gdBucket:\n type: aws:s3:BucketV2\n name: gd_bucket\n properties:\n bucket: example\n forceDestroy: true\n gdBucketAcl:\n type: aws:s3:BucketAclV2\n name: gd_bucket_acl\n properties:\n bucket: ${gdBucket.id}\n acl: private\n gdBucketPolicy:\n type: aws:s3:BucketPolicy\n name: gd_bucket_policy\n properties:\n bucket: ${gdBucket.id}\n policy: ${bucketPol.json}\n gdKey:\n type: aws:kms:Key\n name: gd_key\n properties:\n description: Temporary key for AccTest of TF\n deletionWindowInDays: 7\n policy: ${kmsPol.json}\n test:\n type: aws:guardduty:PublishingDestination\n properties:\n detectorId: ${testGd.id}\n destinationArn: ${gdBucket.arn}\n kmsKeyArn: ${gdKey.arn}\n options:\n dependson:\n - ${gdBucketPolicy}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n bucketPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow PutObject\n actions:\n - s3:PutObject\n resources:\n - ${gdBucket.arn}/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow GetBucketLocation\n actions:\n - s3:GetBucketLocation\n resources:\n - ${gdBucket.arn}\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n kmsPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow GuardDuty to encrypt findings\n actions:\n - kms:GenerateDataKey\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow all users to modify/delete key (test only)\n actions:\n - kms:*\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** Please do not use this simple example for Bucket-Policy and KMS Key Policy in a production environment. It is much too open for such a use-case. Refer to the AWS documentation here: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_exportfindings.html\n\n## Import\n\nUsing `pulumi import`, import GuardDuty PublishingDestination using the master GuardDuty detector ID and PublishingDestinationID. For example:\n\n```sh\n$ pulumi import aws:guardduty/publishingDestination:PublishingDestination test a4b86f26fa42e7e7cf0d1c333ea77777:a4b86f27a0e464e4a7e0516d242f1234\n```\n", "properties": { "destinationArn": { "type": "string", "description": "The bucket arn and prefix under which the findings get exported. Bucket-ARN is required, the prefix is optional and will be `AWSLogs/[Account-ID]/GuardDuty/[Region]/` if not provided\n" }, "destinationType": { "type": "string", "description": "Currently there is only \"S3\" available as destination type which is also the default value\n\n\u003e **Note:** In case of missing permissions (S3 Bucket Policy _or_ KMS Key permissions) the resource will fail to create. If the permissions are changed after resource creation, this can be asked from the AWS API via the \"DescribePublishingDestination\" call (https://docs.aws.amazon.com/cli/latest/reference/guardduty/describe-publishing-destination.html).\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key used to encrypt GuardDuty findings. GuardDuty enforces this to be encrypted.\n" } }, "required": [ "destinationArn", "detectorId", "kmsKeyArn" ], "inputProperties": { "destinationArn": { "type": "string", "description": "The bucket arn and prefix under which the findings get exported. Bucket-ARN is required, the prefix is optional and will be `AWSLogs/[Account-ID]/GuardDuty/[Region]/` if not provided\n" }, "destinationType": { "type": "string", "description": "Currently there is only \"S3\" available as destination type which is also the default value\n\n\u003e **Note:** In case of missing permissions (S3 Bucket Policy _or_ KMS Key permissions) the resource will fail to create. If the permissions are changed after resource creation, this can be asked from the AWS API via the \"DescribePublishingDestination\" call (https://docs.aws.amazon.com/cli/latest/reference/guardduty/describe-publishing-destination.html).\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key used to encrypt GuardDuty findings. GuardDuty enforces this to be encrypted.\n" } }, "requiredInputs": [ "destinationArn", "detectorId", "kmsKeyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PublishingDestination resources.\n", "properties": { "destinationArn": { "type": "string", "description": "The bucket arn and prefix under which the findings get exported. Bucket-ARN is required, the prefix is optional and will be `AWSLogs/[Account-ID]/GuardDuty/[Region]/` if not provided\n" }, "destinationType": { "type": "string", "description": "Currently there is only \"S3\" available as destination type which is also the default value\n\n\u003e **Note:** In case of missing permissions (S3 Bucket Policy _or_ KMS Key permissions) the resource will fail to create. If the permissions are changed after resource creation, this can be asked from the AWS API via the \"DescribePublishingDestination\" call (https://docs.aws.amazon.com/cli/latest/reference/guardduty/describe-publishing-destination.html).\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "The ARN of the KMS key used to encrypt GuardDuty findings. GuardDuty enforces this to be encrypted.\n" } }, "type": "object" } }, "aws:guardduty/threatIntelSet:ThreatIntelSet": { "description": "Provides a resource to manage a GuardDuty ThreatIntelSet.\n\n\u003e **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage ThreatIntelSets. ThreatIntelSets that are uploaded by the primary account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-threat-intel-set.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {enable: true});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst myThreatIntelSet = new aws.s3.BucketObjectv2(\"MyThreatIntelSet\", {\n acl: \"public-read\",\n content: \"10.0.0.0/8\\n\",\n bucket: bucket.id,\n key: \"MyThreatIntelSet\",\n});\nconst myThreatIntelSetThreatIntelSet = new aws.guardduty.ThreatIntelSet(\"MyThreatIntelSet\", {\n activate: true,\n detectorId: primary.id,\n format: \"TXT\",\n location: pulumi.interpolate`https://s3.amazonaws.com/${myThreatIntelSet.bucket}/${myThreatIntelSet.key}`,\n name: \"MyThreatIntelSet\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\", enable=True)\nbucket = aws.s3.BucketV2(\"bucket\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nmy_threat_intel_set = aws.s3.BucketObjectv2(\"MyThreatIntelSet\",\n acl=\"public-read\",\n content=\"10.0.0.0/8\\n\",\n bucket=bucket.id,\n key=\"MyThreatIntelSet\")\nmy_threat_intel_set_threat_intel_set = aws.guardduty.ThreatIntelSet(\"MyThreatIntelSet\",\n activate=True,\n detector_id=primary.id,\n format=\"TXT\",\n location=pulumi.Output.all(my_threat_intel_set.bucket, my_threat_intel_set.key).apply(lambda bucket, key: f\"https://s3.amazonaws.com/{bucket}/{key}\"),\n name=\"MyThreatIntelSet\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\", new()\n {\n Enable = true,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\");\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var myThreatIntelSet = new Aws.S3.BucketObjectv2(\"MyThreatIntelSet\", new()\n {\n Acl = \"public-read\",\n Content = @\"10.0.0.0/8\n\",\n Bucket = bucket.Id,\n Key = \"MyThreatIntelSet\",\n });\n\n var myThreatIntelSetThreatIntelSet = new Aws.GuardDuty.ThreatIntelSet(\"MyThreatIntelSet\", new()\n {\n Activate = true,\n DetectorId = primary.Id,\n Format = \"TXT\",\n Location = Output.Tuple(myThreatIntelSet.Bucket, myThreatIntelSet.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"https://s3.amazonaws.com/{bucket}/{key}\";\n }),\n Name = \"MyThreatIntelSet\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyThreatIntelSet, err := s3.NewBucketObjectv2(ctx, \"MyThreatIntelSet\", \u0026s3.BucketObjectv2Args{\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t\tContent: pulumi.String(\"10.0.0.0/8\\n\"),\n\t\t\tBucket: bucket.ID(),\n\t\t\tKey: pulumi.String(\"MyThreatIntelSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewThreatIntelSet(ctx, \"MyThreatIntelSet\", \u0026guardduty.ThreatIntelSetArgs{\n\t\t\tActivate: pulumi.Bool(true),\n\t\t\tDetectorId: primary.ID(),\n\t\t\tFormat: pulumi.String(\"TXT\"),\n\t\t\tLocation: pulumi.All(myThreatIntelSet.Bucket, myThreatIntelSet.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"https://s3.amazonaws.com/%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tName: pulumi.String(\"MyThreatIntelSet\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.guardduty.ThreatIntelSet;\nimport com.pulumi.aws.guardduty.ThreatIntelSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\", DetectorArgs.builder()\n .enable(true)\n .build());\n\n var bucket = new BucketV2(\"bucket\");\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n var myThreatIntelSet = new BucketObjectv2(\"myThreatIntelSet\", BucketObjectv2Args.builder()\n .acl(\"public-read\")\n .content(\"\"\"\n10.0.0.0/8\n \"\"\")\n .bucket(bucket.id())\n .key(\"MyThreatIntelSet\")\n .build());\n\n var myThreatIntelSetThreatIntelSet = new ThreatIntelSet(\"myThreatIntelSetThreatIntelSet\", ThreatIntelSetArgs.builder()\n .activate(true)\n .detectorId(primary.id())\n .format(\"TXT\")\n .location(Output.tuple(myThreatIntelSet.bucket(), myThreatIntelSet.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"https://s3.amazonaws.com/%s/%s\", bucket,key);\n }))\n .name(\"MyThreatIntelSet\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:guardduty:Detector\n properties:\n enable: true\n bucket:\n type: aws:s3:BucketV2\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n myThreatIntelSet:\n type: aws:s3:BucketObjectv2\n name: MyThreatIntelSet\n properties:\n acl: public-read\n content: |\n 10.0.0.0/8\n bucket: ${bucket.id}\n key: MyThreatIntelSet\n myThreatIntelSetThreatIntelSet:\n type: aws:guardduty:ThreatIntelSet\n name: MyThreatIntelSet\n properties:\n activate: true\n detectorId: ${primary.id}\n format: TXT\n location: https://s3.amazonaws.com/${myThreatIntelSet.bucket}/${myThreatIntelSet.key}\n name: MyThreatIntelSet\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty ThreatIntelSet using the primary GuardDuty detector ID and ThreatIntelSetID. For example:\n\n```sh\n$ pulumi import aws:guardduty/threatIntelSet:ThreatIntelSet MyThreatIntelSet 00b00fd5aecc0ab60a708659477e9617:123456789012\n```\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n" }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n" }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "activate", "arn", "detectorId", "format", "location", "name", "tagsAll" ], "inputProperties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n", "willReplaceOnChanges": true }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "activate", "detectorId", "format", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering ThreatIntelSet resources.\n", "properties": { "activate": { "type": "boolean", "description": "Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the GuardDuty ThreatIntelSet.\n" }, "detectorId": { "type": "string", "description": "The detector ID of the GuardDuty.\n", "willReplaceOnChanges": true }, "format": { "type": "string", "description": "The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`\n", "willReplaceOnChanges": true }, "location": { "type": "string", "description": "The URI of the file that contains the ThreatIntelSet.\n" }, "name": { "type": "string", "description": "The friendly name to identify the ThreatIntelSet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:iam/accessKey:AccessKey": { "description": "Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lbUser = new aws.iam.User(\"lb\", {\n name: \"loadbalancer\",\n path: \"/system/\",\n});\nconst lb = new aws.iam.AccessKey(\"lb\", {\n user: lbUser.name,\n pgpKey: \"keybase:some_person_that_exists\",\n});\nconst lbRo = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"ec2:Describe*\"],\n resources: [\"*\"],\n }],\n});\nconst lbRoUserPolicy = new aws.iam.UserPolicy(\"lb_ro\", {\n name: \"test\",\n user: lbUser.name,\n policy: lbRo.then(lbRo =\u003e lbRo.json),\n});\nexport const secret = lb.encryptedSecret;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb_user = aws.iam.User(\"lb\",\n name=\"loadbalancer\",\n path=\"/system/\")\nlb = aws.iam.AccessKey(\"lb\",\n user=lb_user.name,\n pgp_key=\"keybase:some_person_that_exists\")\nlb_ro = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:Describe*\"],\n \"resources\": [\"*\"],\n}])\nlb_ro_user_policy = aws.iam.UserPolicy(\"lb_ro\",\n name=\"test\",\n user=lb_user.name,\n policy=lb_ro.json)\npulumi.export(\"secret\", lb.encrypted_secret)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lbUser = new Aws.Iam.User(\"lb\", new()\n {\n Name = \"loadbalancer\",\n Path = \"/system/\",\n });\n\n var lb = new Aws.Iam.AccessKey(\"lb\", new()\n {\n User = lbUser.Name,\n PgpKey = \"keybase:some_person_that_exists\",\n });\n\n var lbRo = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:Describe*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var lbRoUserPolicy = new Aws.Iam.UserPolicy(\"lb_ro\", new()\n {\n Name = \"test\",\n User = lbUser.Name,\n Policy = lbRo.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"secret\"] = lb.EncryptedSecret,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlbUser, err := iam.NewUser(ctx, \"lb\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"loadbalancer\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlb, err := iam.NewAccessKey(ctx, \"lb\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lbUser.Name,\n\t\t\tPgpKey: pulumi.String(\"keybase:some_person_that_exists\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlbRo, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"lb_ro\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tUser: lbUser.Name,\n\t\t\tPolicy: pulumi.String(lbRo.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"secret\", lb.EncryptedSecret)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lbUser = new User(\"lbUser\", UserArgs.builder()\n .name(\"loadbalancer\")\n .path(\"/system/\")\n .build());\n\n var lb = new AccessKey(\"lb\", AccessKeyArgs.builder()\n .user(lbUser.name())\n .pgpKey(\"keybase:some_person_that_exists\")\n .build());\n\n final var lbRo = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:Describe*\")\n .resources(\"*\")\n .build())\n .build());\n\n var lbRoUserPolicy = new UserPolicy(\"lbRoUserPolicy\", UserPolicyArgs.builder()\n .name(\"test\")\n .user(lbUser.name())\n .policy(lbRo.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n ctx.export(\"secret\", lb.encryptedSecret());\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:iam:AccessKey\n properties:\n user: ${lbUser.name}\n pgpKey: keybase:some_person_that_exists\n lbUser:\n type: aws:iam:User\n name: lb\n properties:\n name: loadbalancer\n path: /system/\n lbRoUserPolicy:\n type: aws:iam:UserPolicy\n name: lb_ro\n properties:\n name: test\n user: ${lbUser.name}\n policy: ${lbRo.json}\nvariables:\n lbRo:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:Describe*\n resources:\n - '*'\noutputs:\n secret: ${lb.encryptedSecret}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.User(\"test\", {\n name: \"test\",\n path: \"/test/\",\n});\nconst testAccessKey = new aws.iam.AccessKey(\"test\", {user: test.name});\nexport const awsIamSmtpPasswordV4 = testAccessKey.sesSmtpPasswordV4;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.iam.User(\"test\",\n name=\"test\",\n path=\"/test/\")\ntest_access_key = aws.iam.AccessKey(\"test\", user=test.name)\npulumi.export(\"awsIamSmtpPasswordV4\", test_access_key.ses_smtp_password_v4)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.User(\"test\", new()\n {\n Name = \"test\",\n Path = \"/test/\",\n });\n\n var testAccessKey = new Aws.Iam.AccessKey(\"test\", new()\n {\n User = test.Name,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"awsIamSmtpPasswordV4\"] = testAccessKey.SesSmtpPasswordV4,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := iam.NewUser(ctx, \"test\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tPath: pulumi.String(\"/test/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAccessKey, err := iam.NewAccessKey(ctx, \"test\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: test.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"awsIamSmtpPasswordV4\", testAccessKey.SesSmtpPasswordV4)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new User(\"test\", UserArgs.builder()\n .name(\"test\")\n .path(\"/test/\")\n .build());\n\n var testAccessKey = new AccessKey(\"testAccessKey\", AccessKeyArgs.builder()\n .user(test.name())\n .build());\n\n ctx.export(\"awsIamSmtpPasswordV4\", testAccessKey.sesSmtpPasswordV4());\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:User\n properties:\n name: test\n path: /test/\n testAccessKey:\n type: aws:iam:AccessKey\n name: test\n properties:\n user: ${test.name}\noutputs:\n awsIamSmtpPasswordV4: ${testAccessKey.sesSmtpPasswordV4}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Access Keys using the identifier. For example:\n\n```sh\n$ pulumi import aws:iam/accessKey:AccessKey example AKIA1234567890\n```\nResource attributes such as `encrypted_secret`, `key_fingerprint`, `pgp_key`, `secret`, `ses_smtp_password_v4`, and `encrypted_ses_smtp_password_v4` are not available for imported resources as this information cannot be read from the IAM API.\n\n", "properties": { "createDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.\n" }, "encryptedSecret": { "type": "string", "description": "Encrypted secret, base64 encoded, if `pgp_key` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.\n" }, "encryptedSesSmtpPasswordV4": { "type": "string", "description": "Encrypted SES SMTP password, base64 encoded, if `pgp_key` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.\n" }, "keyFingerprint": { "type": "string", "description": "Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encrypted_secret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the \"raw\" version and not the \"armored\" one (e.g. avoid passing the `-a` option to `gpg --export`).\n" }, "secret": { "type": "string", "description": "Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgp_key` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.\n", "secret": true }, "sesSmtpPasswordV4": { "type": "string", "description": "Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).\n", "secret": true }, "status": { "type": "string", "description": "Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "IAM user to associate with this access key.\n" } }, "required": [ "createDate", "encryptedSecret", "encryptedSesSmtpPasswordV4", "keyFingerprint", "secret", "sesSmtpPasswordV4", "user" ], "inputProperties": { "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encrypted_secret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the \"raw\" version and not the \"armored\" one (e.g. avoid passing the `-a` option to `gpg --export`).\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "IAM user to associate with this access key.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessKey resources.\n", "properties": { "createDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.\n" }, "encryptedSecret": { "type": "string", "description": "Encrypted secret, base64 encoded, if `pgp_key` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.\n" }, "encryptedSesSmtpPasswordV4": { "type": "string", "description": "Encrypted SES SMTP password, base64 encoded, if `pgp_key` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.\n" }, "keyFingerprint": { "type": "string", "description": "Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encrypted_secret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the \"raw\" version and not the \"armored\" one (e.g. avoid passing the `-a` option to `gpg --export`).\n", "willReplaceOnChanges": true }, "secret": { "type": "string", "description": "Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgp_key` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.\n", "secret": true }, "sesSmtpPasswordV4": { "type": "string", "description": "Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).\n", "secret": true }, "status": { "type": "string", "description": "Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.\n" }, "user": { "type": "string", "description": "IAM user to associate with this access key.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/accountAlias:AccountAlias": { "description": "\u003e **Note:** There is only a single account alias per AWS account.\n\nManages the account alias for the AWS Account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst alias = new aws.iam.AccountAlias(\"alias\", {accountAlias: \"my-account-alias\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nalias = aws.iam.AccountAlias(\"alias\", account_alias=\"my-account-alias\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @alias = new Aws.Iam.AccountAlias(\"alias\", new()\n {\n Alias = \"my-account-alias\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewAccountAlias(ctx, \"alias\", \u0026iam.AccountAliasArgs{\n\t\t\tAccountAlias: pulumi.String(\"my-account-alias\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.AccountAlias;\nimport com.pulumi.aws.iam.AccountAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alias = new AccountAlias(\"alias\", AccountAliasArgs.builder()\n .accountAlias(\"my-account-alias\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alias:\n type: aws:iam:AccountAlias\n properties:\n accountAlias: my-account-alias\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the current Account Alias using the `account_alias`. For example:\n\n```sh\n$ pulumi import aws:iam/accountAlias:AccountAlias alias my-account-alias\n```\n", "properties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } } } }, "required": [ "accountAlias" ], "inputProperties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } }, "willReplaceOnChanges": true } }, "requiredInputs": [ "accountAlias" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountAlias resources.\n", "properties": { "accountAlias": { "type": "string", "description": "The account alias\n", "language": { "csharp": { "name": "Alias" } }, "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/accountPasswordPolicy:AccountPasswordPolicy": { "description": "\u003e **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.\n\nManages Password Policy for the AWS Account.\nSee more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html)\nin the official AWS docs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst strict = new aws.iam.AccountPasswordPolicy(\"strict\", {\n minimumPasswordLength: 8,\n requireLowercaseCharacters: true,\n requireNumbers: true,\n requireUppercaseCharacters: true,\n requireSymbols: true,\n allowUsersToChangePassword: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstrict = aws.iam.AccountPasswordPolicy(\"strict\",\n minimum_password_length=8,\n require_lowercase_characters=True,\n require_numbers=True,\n require_uppercase_characters=True,\n require_symbols=True,\n allow_users_to_change_password=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var strict = new Aws.Iam.AccountPasswordPolicy(\"strict\", new()\n {\n MinimumPasswordLength = 8,\n RequireLowercaseCharacters = true,\n RequireNumbers = true,\n RequireUppercaseCharacters = true,\n RequireSymbols = true,\n AllowUsersToChangePassword = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewAccountPasswordPolicy(ctx, \"strict\", \u0026iam.AccountPasswordPolicyArgs{\n\t\t\tMinimumPasswordLength: pulumi.Int(8),\n\t\t\tRequireLowercaseCharacters: pulumi.Bool(true),\n\t\t\tRequireNumbers: pulumi.Bool(true),\n\t\t\tRequireUppercaseCharacters: pulumi.Bool(true),\n\t\t\tRequireSymbols: pulumi.Bool(true),\n\t\t\tAllowUsersToChangePassword: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.AccountPasswordPolicy;\nimport com.pulumi.aws.iam.AccountPasswordPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var strict = new AccountPasswordPolicy(\"strict\", AccountPasswordPolicyArgs.builder()\n .minimumPasswordLength(8)\n .requireLowercaseCharacters(true)\n .requireNumbers(true)\n .requireUppercaseCharacters(true)\n .requireSymbols(true)\n .allowUsersToChangePassword(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n strict:\n type: aws:iam:AccountPasswordPolicy\n properties:\n minimumPasswordLength: 8\n requireLowercaseCharacters: true\n requireNumbers: true\n requireUppercaseCharacters: true\n requireSymbols: true\n allowUsersToChangePassword: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Account Password Policy using the word `iam-account-password-policy`. For example:\n\n```sh\n$ pulumi import aws:iam/accountPasswordPolicy:AccountPasswordPolicy strict iam-account-password-policy\n```\n", "properties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "expirePasswords": { "type": "boolean", "description": "Indicates whether passwords in the account expire. Returns `true` if `max_password_age` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "required": [ "expirePasswords", "hardExpiry", "maxPasswordAge", "passwordReusePrevention", "requireLowercaseCharacters", "requireNumbers", "requireSymbols", "requireUppercaseCharacters" ], "inputProperties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccountPasswordPolicy resources.\n", "properties": { "allowUsersToChangePassword": { "type": "boolean", "description": "Whether to allow users to change their own password\n" }, "expirePasswords": { "type": "boolean", "description": "Indicates whether passwords in the account expire. Returns `true` if `max_password_age` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.\n" }, "hardExpiry": { "type": "boolean", "description": "Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)\n" }, "maxPasswordAge": { "type": "integer", "description": "The number of days that an user password is valid.\n" }, "minimumPasswordLength": { "type": "integer", "description": "Minimum length to require for user passwords.\n" }, "passwordReusePrevention": { "type": "integer", "description": "The number of previous passwords that users are prevented from reusing.\n" }, "requireLowercaseCharacters": { "type": "boolean", "description": "Whether to require lowercase characters for user passwords.\n" }, "requireNumbers": { "type": "boolean", "description": "Whether to require numbers for user passwords.\n" }, "requireSymbols": { "type": "boolean", "description": "Whether to require symbols for user passwords.\n" }, "requireUppercaseCharacters": { "type": "boolean", "description": "Whether to require uppercase characters for user passwords.\n" } }, "type": "object" } }, "aws:iam/group:Group": { "description": "Provides an IAM group.\n\n\u003e **NOTE on user management:** Using `aws.iam.GroupMembership` or `aws.iam.UserGroupMembership` resources in addition to manually managing user/group membership using the console may lead to configuration drift or conflicts. For this reason, it's recommended to either manage membership entirely with the provider or entirely within the AWS console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst developers = new aws.iam.Group(\"developers\", {\n name: \"developers\",\n path: \"/users/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndevelopers = aws.iam.Group(\"developers\",\n name=\"developers\",\n path=\"/users/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var developers = new Aws.Iam.Group(\"developers\", new()\n {\n Name = \"developers\",\n Path = \"/users/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewGroup(ctx, \"developers\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"developers\"),\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var developers = new Group(\"developers\", GroupArgs.builder()\n .name(\"developers\")\n .path(\"/users/\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n developers:\n type: aws:iam:Group\n properties:\n name: developers\n path: /users/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/group:Group developers developers\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this group.\n" }, "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "name", "uniqueId" ], "inputProperties": { "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this group.\n" }, "name": { "type": "string", "description": "The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\".\n" }, "path": { "type": "string", "description": "Path in which to create the group.\n" }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/groupMembership:GroupMembership": { "description": "\u003e **WARNING:** Multiple aws.iam.GroupMembership resources with the same group name will produce inconsistent behavior!\n\nProvides a top level resource to manage IAM Group membership for IAM Users. For\nmore information on managing IAM Groups or IAM Users, see IAM Groups or\nIAM Users\n\n\u003e **Note:** `aws.iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the\n`aws.iam.UserGroupMembership` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst group = new aws.iam.Group(\"group\", {name: \"test-group\"});\nconst userOne = new aws.iam.User(\"user_one\", {name: \"test-user\"});\nconst userTwo = new aws.iam.User(\"user_two\", {name: \"test-user-two\"});\nconst team = new aws.iam.GroupMembership(\"team\", {\n name: \"tf-testing-group-membership\",\n users: [\n userOne.name,\n userTwo.name,\n ],\n group: group.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroup = aws.iam.Group(\"group\", name=\"test-group\")\nuser_one = aws.iam.User(\"user_one\", name=\"test-user\")\nuser_two = aws.iam.User(\"user_two\", name=\"test-user-two\")\nteam = aws.iam.GroupMembership(\"team\",\n name=\"tf-testing-group-membership\",\n users=[\n user_one.name,\n user_two.name,\n ],\n group=group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Aws.Iam.Group(\"group\", new()\n {\n Name = \"test-group\",\n });\n\n var userOne = new Aws.Iam.User(\"user_one\", new()\n {\n Name = \"test-user\",\n });\n\n var userTwo = new Aws.Iam.User(\"user_two\", new()\n {\n Name = \"test-user-two\",\n });\n\n var team = new Aws.Iam.GroupMembership(\"team\", new()\n {\n Name = \"tf-testing-group-membership\",\n Users = new[]\n {\n userOne.Name,\n userTwo.Name,\n },\n Group = @group.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"test-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuserOne, err := iam.NewUser(ctx, \"user_one\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuserTwo, err := iam.NewUser(ctx, \"user_two\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test-user-two\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewGroupMembership(ctx, \"team\", \u0026iam.GroupMembershipArgs{\n\t\t\tName: pulumi.String(\"tf-testing-group-membership\"),\n\t\t\tUsers: pulumi.StringArray{\n\t\t\t\tuserOne.Name,\n\t\t\t\tuserTwo.Name,\n\t\t\t},\n\t\t\tGroup: group.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.GroupMembership;\nimport com.pulumi.aws.iam.GroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder()\n .name(\"test-group\")\n .build());\n\n var userOne = new User(\"userOne\", UserArgs.builder()\n .name(\"test-user\")\n .build());\n\n var userTwo = new User(\"userTwo\", UserArgs.builder()\n .name(\"test-user-two\")\n .build());\n\n var team = new GroupMembership(\"team\", GroupMembershipArgs.builder()\n .name(\"tf-testing-group-membership\")\n .users( \n userOne.name(),\n userTwo.name())\n .group(group.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n team:\n type: aws:iam:GroupMembership\n properties:\n name: tf-testing-group-membership\n users:\n - ${userOne.name}\n - ${userTwo.name}\n group: ${group.name}\n group:\n type: aws:iam:Group\n properties:\n name: test-group\n userOne:\n type: aws:iam:User\n name: user_one\n properties:\n name: test-user\n userTwo:\n type: aws:iam:User\n name: user_two\n properties:\n name: test-user-two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n" }, "name": { "type": "string", "description": "The name to identify the Group Membership\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "required": [ "group", "name", "users" ], "inputProperties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name to identify the Group Membership\n", "willReplaceOnChanges": true }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "requiredInputs": [ "group", "users" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMembership resources.\n", "properties": { "group": { "type": "string", "description": "The IAM Group name to attach the list of `users` to\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name to identify the Group Membership\n", "willReplaceOnChanges": true }, "users": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM User names to associate with the Group\n" } }, "type": "object" } }, "aws:iam/groupPolicy:GroupPolicy": { "description": "Provides an IAM policy attached to a group.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDevelopers = new aws.iam.Group(\"my_developers\", {\n name: \"developers\",\n path: \"/users/\",\n});\nconst myDeveloperPolicy = new aws.iam.GroupPolicy(\"my_developer_policy\", {\n name: \"my_developer_policy\",\n group: myDevelopers.name,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_developers = aws.iam.Group(\"my_developers\",\n name=\"developers\",\n path=\"/users/\")\nmy_developer_policy = aws.iam.GroupPolicy(\"my_developer_policy\",\n name=\"my_developer_policy\",\n group=my_developers.name,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDevelopers = new Aws.Iam.Group(\"my_developers\", new()\n {\n Name = \"developers\",\n Path = \"/users/\",\n });\n\n var myDeveloperPolicy = new Aws.Iam.GroupPolicy(\"my_developer_policy\", new()\n {\n Name = \"my_developer_policy\",\n Group = myDevelopers.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDevelopers, err := iam.NewGroup(ctx, \"my_developers\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"developers\"),\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewGroupPolicy(ctx, \"my_developer_policy\", \u0026iam.GroupPolicyArgs{\n\t\t\tName: pulumi.String(\"my_developer_policy\"),\n\t\t\tGroup: myDevelopers.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.GroupPolicy;\nimport com.pulumi.aws.iam.GroupPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDevelopers = new Group(\"myDevelopers\", GroupArgs.builder()\n .name(\"developers\")\n .path(\"/users/\")\n .build());\n\n var myDeveloperPolicy = new GroupPolicy(\"myDeveloperPolicy\", GroupPolicyArgs.builder()\n .name(\"my_developer_policy\")\n .group(myDevelopers.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDeveloperPolicy:\n type: aws:iam:GroupPolicy\n name: my_developer_policy\n properties:\n name: my_developer_policy\n group: ${myDevelopers.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n myDevelopers:\n type: aws:iam:Group\n name: my_developers\n properties:\n name: developers\n path: /users/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Group Policies using the `group_name:group_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n" }, "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" } }, "required": [ "group", "name", "namePrefix", "policy" ], "inputProperties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will\nassign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" } }, "requiredInputs": [ "group", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupPolicy resources.\n", "properties": { "group": { "type": "string", "description": "The IAM group to attach to the policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will\nassign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" } }, "type": "object" } }, "aws:iam/groupPolicyAttachment:GroupPolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM group\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst group = new aws.iam.Group(\"group\", {name: \"test-group\"});\nconst policy = new aws.iam.Policy(\"policy\", {\n name: \"test-policy\",\n description: \"A test policy\",\n policy: \"{ ... policy JSON ... }\",\n});\nconst test_attach = new aws.iam.GroupPolicyAttachment(\"test-attach\", {\n group: group.name,\n policyArn: policy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroup = aws.iam.Group(\"group\", name=\"test-group\")\npolicy = aws.iam.Policy(\"policy\",\n name=\"test-policy\",\n description=\"A test policy\",\n policy=\"{ ... policy JSON ... }\")\ntest_attach = aws.iam.GroupPolicyAttachment(\"test-attach\",\n group=group.name,\n policy_arn=policy.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Aws.Iam.Group(\"group\", new()\n {\n Name = \"test-group\",\n });\n\n var policy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test-policy\",\n Description = \"A test policy\",\n PolicyDocument = \"{ ... policy JSON ... }\",\n });\n\n var test_attach = new Aws.Iam.GroupPolicyAttachment(\"test-attach\", new()\n {\n Group = @group.Name,\n PolicyArn = policy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"test-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test-policy\"),\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.Any(\"{ ... policy JSON ... }\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewGroupPolicyAttachment(ctx, \"test-attach\", \u0026iam.GroupPolicyAttachmentArgs{\n\t\t\tGroup: group.Name,\n\t\t\tPolicyArn: policy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.GroupPolicyAttachment;\nimport com.pulumi.aws.iam.GroupPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder()\n .name(\"test-group\")\n .build());\n\n var policy = new Policy(\"policy\", PolicyArgs.builder()\n .name(\"test-policy\")\n .description(\"A test policy\")\n .policy(\"{ ... policy JSON ... }\")\n .build());\n\n var test_attach = new GroupPolicyAttachment(\"test-attach\", GroupPolicyAttachmentArgs.builder()\n .group(group.name())\n .policyArn(policy.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n group:\n type: aws:iam:Group\n properties:\n name: test-group\n policy:\n type: aws:iam:Policy\n properties:\n name: test-policy\n description: A test policy\n policy: '{ ... policy JSON ... }'\n test-attach:\n type: aws:iam:GroupPolicyAttachment\n properties:\n group: ${group.name}\n policyArn: ${policy.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM group policy attachments using the group name and policy arn separated by `/`. For example:\n\n```sh\n$ pulumi import aws:iam/groupPolicyAttachment:GroupPolicyAttachment test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy\n```\n", "properties": { "group": { "type": "string", "description": "The group the policy should be applied to\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" } }, "required": [ "group", "policyArn" ], "inputProperties": { "group": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ], "description": "The group the policy should be applied to\n", "willReplaceOnChanges": true }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "group", "policyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupPolicyAttachment resources.\n", "properties": { "group": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ], "description": "The group the policy should be applied to\n", "willReplaceOnChanges": true }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/instanceProfile:InstanceProfile": { "description": "Provides an IAM instance profile.\n\n\u003e **NOTE:** When managing instance profiles, remember that the `name` attribute must always be unique. This means that even if you have different `role` or `path` values, duplicating an existing instance profile `name` will lead to an `EntityAlreadyExists` error.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst role = new aws.iam.Role(\"role\", {\n name: \"test_role\",\n path: \"/\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testProfile = new aws.iam.InstanceProfile(\"test_profile\", {\n name: \"test_profile\",\n role: role.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ec2.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nrole = aws.iam.Role(\"role\",\n name=\"test_role\",\n path=\"/\",\n assume_role_policy=assume_role.json)\ntest_profile = aws.iam.InstanceProfile(\"test_profile\",\n name=\"test_profile\",\n role=role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var role = new Aws.Iam.Role(\"role\", new()\n {\n Name = \"test_role\",\n Path = \"/\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testProfile = new Aws.Iam.InstanceProfile(\"test_profile\", new()\n {\n Name = \"test_profile\",\n Role = role.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"test_profile\", \u0026iam.InstanceProfileArgs{\n\t\t\tName: pulumi.String(\"test_profile\"),\n\t\t\tRole: role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.InstanceProfile;\nimport com.pulumi.aws.iam.InstanceProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .name(\"test_role\")\n .path(\"/\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testProfile = new InstanceProfile(\"testProfile\", InstanceProfileArgs.builder()\n .name(\"test_profile\")\n .role(role.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testProfile:\n type: aws:iam:InstanceProfile\n name: test_profile\n properties:\n name: test_profile\n role: ${role.name}\n role:\n type: aws:iam:Role\n properties:\n name: test_role\n path: /\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Instance Profiles using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1\n```\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to the instance profile.\n" }, "createDate": { "type": "string", "description": "Creation timestamp of the instance profile.\n" }, "name": { "type": "string", "description": "Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercase letters.\n" }, "role": { "type": "string", "description": "Name of the role to add to the profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "[Unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "createDate", "name", "namePrefix", "tagsAll", "uniqueId" ], "inputProperties": { "name": { "type": "string", "description": "Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercase letters.\n", "willReplaceOnChanges": true }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "Name of the role to add to the profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering InstanceProfile resources.\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to the instance profile.\n" }, "createDate": { "type": "string", "description": "Creation timestamp of the instance profile.\n" }, "name": { "type": "string", "description": "Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercase letters.\n", "willReplaceOnChanges": true }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "Name of the role to add to the profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "[Unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/openIdConnectProvider:OpenIdConnectProvider": { "description": "Provides an IAM OpenID Connect provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.iam.OpenIdConnectProvider(\"default\", {\n url: \"https://accounts.google.com\",\n clientIdLists: [\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"],\n thumbprintLists: [\"cf23df2207d99a74fbe169e3eba035e633b65d94\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.iam.OpenIdConnectProvider(\"default\",\n url=\"https://accounts.google.com\",\n client_id_lists=[\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"],\n thumbprint_lists=[\"cf23df2207d99a74fbe169e3eba035e633b65d94\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Iam.OpenIdConnectProvider(\"default\", new()\n {\n Url = \"https://accounts.google.com\",\n ClientIdLists = new[]\n {\n \"266362248691-342342xasdasdasda-apps.googleusercontent.com\",\n },\n ThumbprintLists = new[]\n {\n \"cf23df2207d99a74fbe169e3eba035e633b65d94\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewOpenIdConnectProvider(ctx, \"default\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tUrl: pulumi.String(\"https://accounts.google.com\"),\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"266362248691-342342xasdasdasda-apps.googleusercontent.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"cf23df2207d99a74fbe169e3eba035e633b65d94\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.OpenIdConnectProvider;\nimport com.pulumi.aws.iam.OpenIdConnectProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new OpenIdConnectProvider(\"default\", OpenIdConnectProviderArgs.builder()\n .url(\"https://accounts.google.com\")\n .clientIdLists(\"266362248691-342342xasdasdasda-apps.googleusercontent.com\")\n .thumbprintLists(\"cf23df2207d99a74fbe169e3eba035e633b65d94\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:iam:OpenIdConnectProvider\n properties:\n url: https://accounts.google.com\n clientIdLists:\n - 266362248691-342342xasdasdasda-apps.googleusercontent.com\n thumbprintLists:\n - cf23df2207d99a74fbe169e3eba035e633b65d94\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM OpenID Connect Providers using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/openIdConnectProvider:OpenIdConnectProvider default arn:aws:iam::123456789012:oidc-provider/accounts.google.com\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM OIDC provider. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n" } }, "required": [ "arn", "clientIdLists", "tagsAll", "thumbprintLists", "url" ], "inputProperties": { "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM OIDC provider. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientIdLists", "thumbprintLists", "url" ], "stateInputs": { "description": "Input properties used for looking up and filtering OpenIdConnectProvider resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "clientIdLists": { "type": "array", "items": { "type": "string" }, "description": "A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM OIDC provider. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thumbprintLists": { "type": "array", "items": { "type": "string" }, "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n" }, "url": { "type": "string", "description": "The URL of the identity provider. Corresponds to the _iss_ claim.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/policy:Policy": { "description": "Provides an IAM policy.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policy = new aws.iam.Policy(\"policy\", {\n name: \"test_policy\",\n path: \"/\",\n description: \"My test policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy = aws.iam.Policy(\"policy\",\n name=\"test_policy\",\n path=\"/\",\n description=\"My test policy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test_policy\",\n Path = \"/\",\n Description = \"My test policy\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policy = new Policy(\"policy\", PolicyArgs.builder()\n .name(\"test_policy\")\n .path(\"/\")\n .description(\"My test policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: aws:iam:Policy\n properties:\n name: test_policy\n path: /\n description: My test policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Policies using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\n```\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to this policy.\n" }, "attachmentCount": { "type": "integer", "description": "Number of entities (users, groups, and roles) that the policy is attached to.\n" }, "description": { "type": "string", "description": "Description of the IAM policy.\n" }, "name": { "type": "string", "description": "Name of the policy. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "policy": { "type": "string", "description": "Policy document. This is a JSON formatted string. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "policyId": { "type": "string", "description": "Policy's ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Policy. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "attachmentCount", "name", "namePrefix", "policy", "policyId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the IAM policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the policy. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Policy document. This is a JSON formatted string. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Policy. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS to this policy.\n" }, "attachmentCount": { "type": "integer", "description": "Number of entities (users, groups, and roles) that the policy is attached to.\n" }, "description": { "type": "string", "description": "Description of the IAM policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the policy. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Policy document. This is a JSON formatted string. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "policyId": { "type": "string", "description": "Policy's ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM Policy. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:iam/policyAttachment:PolicyAttachment": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user = new aws.iam.User(\"user\", {name: \"test-user\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst role = new aws.iam.Role(\"role\", {\n name: \"test-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst group = new aws.iam.Group(\"group\", {name: \"test-group\"});\nconst policy = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"ec2:Describe*\"],\n resources: [\"*\"],\n }],\n});\nconst policyPolicy = new aws.iam.Policy(\"policy\", {\n name: \"test-policy\",\n description: \"A test policy\",\n policy: policy.then(policy =\u003e policy.json),\n});\nconst test_attach = new aws.iam.PolicyAttachment(\"test-attach\", {\n name: \"test-attachment\",\n users: [user.name],\n roles: [role.name],\n groups: [group.name],\n policyArn: policyPolicy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser = aws.iam.User(\"user\", name=\"test-user\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ec2.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nrole = aws.iam.Role(\"role\",\n name=\"test-role\",\n assume_role_policy=assume_role.json)\ngroup = aws.iam.Group(\"group\", name=\"test-group\")\npolicy = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:Describe*\"],\n \"resources\": [\"*\"],\n}])\npolicy_policy = aws.iam.Policy(\"policy\",\n name=\"test-policy\",\n description=\"A test policy\",\n policy=policy.json)\ntest_attach = aws.iam.PolicyAttachment(\"test-attach\",\n name=\"test-attachment\",\n users=[user.name],\n roles=[role.name],\n groups=[group.name],\n policy_arn=policy_policy.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var user = new Aws.Iam.User(\"user\", new()\n {\n Name = \"test-user\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var role = new Aws.Iam.Role(\"role\", new()\n {\n Name = \"test-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var @group = new Aws.Iam.Group(\"group\", new()\n {\n Name = \"test-group\",\n });\n\n var policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:Describe*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var policyPolicy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test-policy\",\n Description = \"A test policy\",\n PolicyDocument = policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test_attach = new Aws.Iam.PolicyAttachment(\"test-attach\", new()\n {\n Name = \"test-attachment\",\n Users = new[]\n {\n user.Name,\n },\n Roles = new[]\n {\n role.Name,\n },\n Groups = new[]\n {\n @group.Name,\n },\n PolicyArn = policyPolicy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := iam.NewUser(ctx, \"user\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup, err := iam.NewGroup(ctx, \"group\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"test-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicyPolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test-policy\"),\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(policy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewPolicyAttachment(ctx, \"test-attach\", \u0026iam.PolicyAttachmentArgs{\n\t\t\tName: pulumi.String(\"test-attachment\"),\n\t\t\tUsers: pulumi.Array{\n\t\t\t\tuser.Name,\n\t\t\t},\n\t\t\tRoles: pulumi.Array{\n\t\t\t\trole.Name,\n\t\t\t},\n\t\t\tGroups: pulumi.Array{\n\t\t\t\tgroup.Name,\n\t\t\t},\n\t\t\tPolicyArn: policyPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.PolicyAttachment;\nimport com.pulumi.aws.iam.PolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var user = new User(\"user\", UserArgs.builder()\n .name(\"test-user\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .name(\"test-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var group = new Group(\"group\", GroupArgs.builder()\n .name(\"test-group\")\n .build());\n\n final var policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:Describe*\")\n .resources(\"*\")\n .build())\n .build());\n\n var policyPolicy = new Policy(\"policyPolicy\", PolicyArgs.builder()\n .name(\"test-policy\")\n .description(\"A test policy\")\n .policy(policy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var test_attach = new PolicyAttachment(\"test-attach\", PolicyAttachmentArgs.builder()\n .name(\"test-attachment\")\n .users(user.name())\n .roles(role.name())\n .groups(group.name())\n .policyArn(policyPolicy.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n user:\n type: aws:iam:User\n properties:\n name: test-user\n role:\n type: aws:iam:Role\n properties:\n name: test-role\n assumeRolePolicy: ${assumeRole.json}\n group:\n type: aws:iam:Group\n properties:\n name: test-group\n policyPolicy:\n type: aws:iam:Policy\n name: policy\n properties:\n name: test-policy\n description: A test policy\n policy: ${policy.json}\n test-attach:\n type: aws:iam:PolicyAttachment\n properties:\n name: test-attachment\n users:\n - ${user.name}\n roles:\n - ${role.name}\n groups:\n - ${group.name}\n policyArn: ${policyPolicy.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:Describe*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "Group(s) the policy should be applied to.\n" }, "name": { "type": "string", "description": "Name of the attachment. This cannot be an empty string.\n" }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "ARN of the policy you want to apply. Typically this should be a reference to the ARN of another resource to ensure dependency ordering, such as `aws_iam_policy.example.arn`.\n" }, "roles": { "type": "array", "items": { "type": "string" }, "description": "Role(s) the policy should be applied to.\n" }, "users": { "type": "array", "items": { "type": "string" }, "description": "User(s) the policy should be applied to.\n" } }, "required": [ "name", "policyArn" ], "inputProperties": { "groups": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ] }, "description": "Group(s) the policy should be applied to.\n" }, "name": { "type": "string", "description": "Name of the attachment. This cannot be an empty string.\n", "willReplaceOnChanges": true }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "ARN of the policy you want to apply. Typically this should be a reference to the ARN of another resource to ensure dependency ordering, such as `aws_iam_policy.example.arn`.\n", "willReplaceOnChanges": true }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "Role(s) the policy should be applied to.\n" }, "users": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ] }, "description": "User(s) the policy should be applied to.\n" } }, "requiredInputs": [ "policyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "groups": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/group:Group" } ] }, "description": "Group(s) the policy should be applied to.\n" }, "name": { "type": "string", "description": "Name of the attachment. This cannot be an empty string.\n", "willReplaceOnChanges": true }, "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "ARN of the policy you want to apply. Typically this should be a reference to the ARN of another resource to ensure dependency ordering, such as `aws_iam_policy.example.arn`.\n", "willReplaceOnChanges": true }, "roles": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ] }, "description": "Role(s) the policy should be applied to.\n" }, "users": { "type": "array", "items": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ] }, "description": "User(s) the policy should be applied to.\n" } }, "type": "object" } }, "aws:iam/role:Role": { "description": "Provides an IAM role.\n\n\u003e **NOTE:** If policies are attached to the role via the `aws.iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `force_detach_policies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.RolePolicyAttachment` resource (recommended) does not have this requirement.\n\n\u003e **NOTE:** If you use this resource's `managed_policy_arns` argument or `inline_policy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `aws.iam.PolicyAttachment`, `aws.iam.RolePolicyAttachment`, and `aws.iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags={\n \"tag-key\": \"tag-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .tags(Map.of(\"tag-key\", \"tag-value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n tags:\n tag-key: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Using Data Source for Assume Role Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instanceAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n }],\n});\nconst instance = new aws.iam.Role(\"instance\", {\n name: \"instance_role\",\n path: \"/system/\",\n assumeRolePolicy: instanceAssumeRolePolicy.then(instanceAssumeRolePolicy =\u003e instanceAssumeRolePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ec2.amazonaws.com\"],\n }],\n}])\ninstance = aws.iam.Role(\"instance\",\n name=\"instance_role\",\n path=\"/system/\",\n assume_role_policy=instance_assume_role_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var instanceAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var instance = new Aws.Iam.Role(\"instance\", new()\n {\n Name = \"instance_role\",\n Path = \"/system/\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinstanceAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"instance\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"instance_role\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var instanceAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var instance = new Role(\"instance\", RoleArgs.builder()\n .name(\"instance_role\")\n .path(\"/system/\")\n .assumeRolePolicy(instanceAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n instance:\n type: aws:iam:Role\n properties:\n name: instance_role\n path: /system/\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\nvariables:\n instanceAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Inline Policies\n\nThis example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, this provider will remove that policy. If someone deletes these policies out-of-band, this provider will recreate them.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst inlinePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"ec2:DescribeAccountAttributes\"],\n resources: [\"*\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n inlinePolicies: [\n {\n name: \"my_inline_policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n },\n {\n name: \"policy-8675309\",\n policy: inlinePolicy.then(inlinePolicy =\u003e inlinePolicy.json),\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ninline_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"ec2:DescribeAccountAttributes\"],\n \"resources\": [\"*\"],\n}])\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n inline_policies=[\n {\n \"name\": \"my_inline_policy\",\n \"policy\": json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }),\n },\n {\n \"name\": \"policy-8675309\",\n \"policy\": inline_policy.json,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var inlinePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:DescribeAccountAttributes\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"my_inline_policy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n },\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"policy-8675309\",\n Policy = inlinePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinlinePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:DescribeAccountAttributes\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_inline_policy\"),\n\t\t\t\t\tPolicy: pulumi.String(json0),\n\t\t\t\t},\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"policy-8675309\"),\n\t\t\t\t\tPolicy: pulumi.String(inlinePolicy.Json),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var inlinePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:DescribeAccountAttributes\")\n .resources(\"*\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .inlinePolicies( \n RoleInlinePolicyArgs.builder()\n .name(\"my_inline_policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build(),\n RoleInlinePolicyArgs.builder()\n .name(\"policy-8675309\")\n .policy(inlinePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n inlinePolicies:\n - name: my_inline_policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n - name: policy-8675309\n policy: ${inlinePolicy.json}\nvariables:\n inlinePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - ec2:DescribeAccountAttributes\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Inline Policies\n\nThis example creates an IAM role with what appears to be empty IAM `inline_policy` argument instead of using `inline_policy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, this provider will remove that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n inlinePolicies: [{}],\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n inline_policies=[{}],\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n InlinePolicies = new[]\n {\n null,\n },\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .inlinePolicies()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n inlinePolicies:\n - {}\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Managed Policies\n\nThis example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, this provider will detach that policy. If someone detaches these policies out-of-band, this provider will attach them again.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policyOne = new aws.iam.Policy(\"policy_one\", {\n name: \"policy-618033\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst policyTwo = new aws.iam.Policy(\"policy_two\", {\n name: \"policy-381966\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [\n policyOne.arn,\n policyTwo.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy_one = aws.iam.Policy(\"policy_one\",\n name=\"policy-618033\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\npolicy_two = aws.iam.Policy(\"policy_two\",\n name=\"policy-381966\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[\n policy_one.arn,\n policy_two.arn,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policyOne = new Aws.Iam.Policy(\"policy_one\", new()\n {\n Name = \"policy-618033\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var policyTwo = new Aws.Iam.Policy(\"policy_two\", new()\n {\n Name = \"policy-381966\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[]\n {\n policyOne.Arn,\n policyTwo.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tpolicyOne, err := iam.NewPolicy(ctx, \"policy_one\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-618033\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"s3:ListAllMyBuckets\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\"s3:HeadBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tpolicyTwo, err := iam.NewPolicy(ctx, \"policy_two\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-381966\"),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpolicyOne.Arn,\n\t\t\t\tpolicyTwo.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policyOne = new Policy(\"policyOne\", PolicyArgs.builder()\n .name(\"policy-618033\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var policyTwo = new Policy(\"policyTwo\", PolicyArgs.builder()\n .name(\"policy-381966\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"s3:ListAllMyBuckets\", \n \"s3:ListBucket\", \n \"s3:HeadBucket\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns( \n policyOne.arn(),\n policyTwo.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns:\n - ${policyOne.arn}\n - ${policyTwo.arn}\n policyOne:\n type: aws:iam:Policy\n name: policy_one\n properties:\n name: policy-618033\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n policyTwo:\n type: aws:iam:Policy\n name: policy_two\n properties:\n name: policy-381966\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - s3:ListAllMyBuckets\n - s3:ListBucket\n - s3:HeadBucket\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Managed Policies\n\nThis example creates an IAM role with an empty `managed_policy_arns` argument. If someone attaches a policy out-of-band, on the next apply, this provider will detach that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[] {},\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Roles using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/role:Role developer developer_name\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) specifying the role.\n" }, "assumeRolePolicy": { "type": "string", "description": "Policy that grants an entity permission to assume the role.\n\n\u003e **NOTE:** The `assume_role_policy` is very similar to but slightly different than a standard IAM policy and cannot use an `aws.iam.Policy` resource. However, it _can_ use an `aws.iam.getPolicyDocument` data source. See the example above of how this works.\n\nThe following arguments are optional:\n" }, "createDate": { "type": "string", "description": "Creation date of the IAM role.\n" }, "description": { "type": "string", "description": "Description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Whether to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "inlinePolicies": { "type": "array", "items": { "$ref": "#/types/aws:iam/RoleInlinePolicy:RoleInlinePolicy" }, "description": "Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inline_policy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" } }, "maxSessionDuration": { "type": "integer", "description": "Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n" }, "permissionsBoundary": { "type": "string", "description": "ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "Stable and unique string identifying the role.\n" } }, "required": [ "arn", "assumeRolePolicy", "createDate", "inlinePolicies", "managedPolicyArns", "name", "namePrefix", "tagsAll", "uniqueId" ], "inputProperties": { "assumeRolePolicy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Policy that grants an entity permission to assume the role.\n\n\u003e **NOTE:** The `assume_role_policy` is very similar to but slightly different than a standard IAM policy and cannot use an `aws.iam.Policy` resource. However, it _can_ use an `aws.iam.getPolicyDocument` data source. See the example above of how this works.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "Description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Whether to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "inlinePolicies": { "type": "array", "items": { "$ref": "#/types/aws:iam/RoleInlinePolicy:RoleInlinePolicy" }, "description": "Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inline_policy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" } }, "maxSessionDuration": { "type": "integer", "description": "Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "permissionsBoundary": { "type": "string", "description": "ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "assumeRolePolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Role resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) specifying the role.\n" }, "assumeRolePolicy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Policy that grants an entity permission to assume the role.\n\n\u003e **NOTE:** The `assume_role_policy` is very similar to but slightly different than a standard IAM policy and cannot use an `aws.iam.Policy` resource. However, it _can_ use an `aws.iam.getPolicyDocument` data source. See the example above of how this works.\n\nThe following arguments are optional:\n" }, "createDate": { "type": "string", "description": "Creation date of the IAM role.\n" }, "description": { "type": "string", "description": "Description of the role.\n" }, "forceDetachPolicies": { "type": "boolean", "description": "Whether to force detaching any policies the role has before destroying it. Defaults to `false`.\n" }, "inlinePolicies": { "type": "array", "items": { "$ref": "#/types/aws:iam/RoleInlinePolicy:RoleInlinePolicy" }, "description": "Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inline_policy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" } }, "maxSessionDuration": { "type": "integer", "description": "Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n" }, "name": { "type": "string", "description": "Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n", "willReplaceOnChanges": true }, "permissionsBoundary": { "type": "string", "description": "ARN of the policy that is used to set the permissions boundary for the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "Stable and unique string identifying the role.\n" } }, "type": "object" } }, "aws:iam/rolePolicy:RolePolicy": { "description": "Provides an IAM role inline policy.\n\n\u003e **NOTE:** For a given role, this resource is incompatible with using the `aws.iam.Role` resource `inline_policy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"test_policy\",\n role: testRole.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"test_policy\",\n role=test_role.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"test_policy\",\n Role = testRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder()\n .name(\"test_policy\")\n .role(testRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: test_policy\n role: ${testRole.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Role Policies using the `role_name:role_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide\n" }, "role": { "type": "string", "description": "The name of the IAM role to attach to the policy.\n" } }, "required": [ "name", "namePrefix", "policy", "role" ], "inputProperties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The name of the IAM role to attach to the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering RolePolicy resources.\n", "properties": { "name": { "type": "string", "description": "The name of the role policy. If omitted, this provider will\nassign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide\n" }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The name of the IAM role to attach to the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/rolePolicyAttachment:RolePolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM role\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n\u003e **NOTE:** For a given role, this resource is incompatible with using the `aws.iam.Role` resource `managed_policy_arns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and Pulumi will show a permanent difference.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst role = new aws.iam.Role(\"role\", {\n name: \"test-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst policy = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"ec2:Describe*\"],\n resources: [\"*\"],\n }],\n});\nconst policyPolicy = new aws.iam.Policy(\"policy\", {\n name: \"test-policy\",\n description: \"A test policy\",\n policy: policy.then(policy =\u003e policy.json),\n});\nconst test_attach = new aws.iam.RolePolicyAttachment(\"test-attach\", {\n role: role.name,\n policyArn: policyPolicy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ec2.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nrole = aws.iam.Role(\"role\",\n name=\"test-role\",\n assume_role_policy=assume_role.json)\npolicy = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:Describe*\"],\n \"resources\": [\"*\"],\n}])\npolicy_policy = aws.iam.Policy(\"policy\",\n name=\"test-policy\",\n description=\"A test policy\",\n policy=policy.json)\ntest_attach = aws.iam.RolePolicyAttachment(\"test-attach\",\n role=role.name,\n policy_arn=policy_policy.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var role = new Aws.Iam.Role(\"role\", new()\n {\n Name = \"test-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:Describe*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var policyPolicy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test-policy\",\n Description = \"A test policy\",\n PolicyDocument = policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test_attach = new Aws.Iam.RolePolicyAttachment(\"test-attach\", new()\n {\n Role = role.Name,\n PolicyArn = policyPolicy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicyPolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test-policy\"),\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.String(policy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test-attach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: role.Name,\n\t\t\tPolicyArn: policyPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .name(\"test-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:Describe*\")\n .resources(\"*\")\n .build())\n .build());\n\n var policyPolicy = new Policy(\"policyPolicy\", PolicyArgs.builder()\n .name(\"test-policy\")\n .description(\"A test policy\")\n .policy(policy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var test_attach = new RolePolicyAttachment(\"test-attach\", RolePolicyAttachmentArgs.builder()\n .role(role.name())\n .policyArn(policyPolicy.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n role:\n type: aws:iam:Role\n properties:\n name: test-role\n assumeRolePolicy: ${assumeRole.json}\n policyPolicy:\n type: aws:iam:Policy\n name: policy\n properties:\n name: test-policy\n description: A test policy\n policy: ${policy.json}\n test-attach:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${role.name}\n policyArn: ${policyPolicy.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:Describe*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM role policy attachments using the role name and policy arn separated by `/`. For example:\n\n```sh\n$ pulumi import aws:iam/rolePolicyAttachment:RolePolicyAttachment test-attach test-role/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy\n```\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "role": { "type": "string", "description": "The name of the IAM role to which the policy should be applied\n" } }, "required": [ "policyArn", "role" ], "inputProperties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The name of the IAM role to which the policy should be applied\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyArn", "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering RolePolicyAttachment resources.\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true }, "role": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/role:Role" } ], "description": "The name of the IAM role to which the policy should be applied\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/samlProvider:SamlProvider": { "description": "Provides an IAM SAML provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst _default = new aws.iam.SamlProvider(\"default\", {\n name: \"myprovider\",\n samlMetadataDocument: std.file({\n input: \"saml-metadata.xml\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ndefault = aws.iam.SamlProvider(\"default\",\n name=\"myprovider\",\n saml_metadata_document=std.file(input=\"saml-metadata.xml\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Iam.SamlProvider(\"default\", new()\n {\n Name = \"myprovider\",\n SamlMetadataDocument = Std.File.Invoke(new()\n {\n Input = \"saml-metadata.xml\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"saml-metadata.xml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewSamlProvider(ctx, \"default\", \u0026iam.SamlProviderArgs{\n\t\t\tName: pulumi.String(\"myprovider\"),\n\t\t\tSamlMetadataDocument: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.SamlProvider;\nimport com.pulumi.aws.iam.SamlProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SamlProvider(\"default\", SamlProviderArgs.builder()\n .name(\"myprovider\")\n .samlMetadataDocument(StdFunctions.file(FileArgs.builder()\n .input(\"saml-metadata.xml\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:iam:SamlProvider\n properties:\n name: myprovider\n samlMetadataDocument:\n fn::invoke:\n Function: std:file\n Arguments:\n input: saml-metadata.xml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM SAML Providers using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/samlProvider:SamlProvider default arn:aws:iam::123456789012:saml-provider/SAMLADFS\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "name": { "type": "string", "description": "The name of the provider to create.\n" }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM SAML provider. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validUntil": { "type": "string", "description": "The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.\n" } }, "required": [ "arn", "name", "samlMetadataDocument", "tagsAll", "validUntil" ], "inputProperties": { "name": { "type": "string", "description": "The name of the provider to create.\n", "willReplaceOnChanges": true }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM SAML provider. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "samlMetadataDocument" ], "stateInputs": { "description": "Input properties used for looking up and filtering SamlProvider resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this provider.\n" }, "name": { "type": "string", "description": "The name of the provider to create.\n", "willReplaceOnChanges": true }, "samlMetadataDocument": { "type": "string", "description": "An XML document generated by an identity provider that supports SAML 2.0.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM SAML provider. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validUntil": { "type": "string", "description": "The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.\n" } }, "type": "object" } }, "aws:iam/securityTokenServicePreferences:SecurityTokenServicePreferences": { "description": "Provides an IAM Security Token Service Preferences resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.SecurityTokenServicePreferences(\"example\", {globalEndpointTokenVersion: \"v2Token\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.SecurityTokenServicePreferences(\"example\", global_endpoint_token_version=\"v2Token\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.SecurityTokenServicePreferences(\"example\", new()\n {\n GlobalEndpointTokenVersion = \"v2Token\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewSecurityTokenServicePreferences(ctx, \"example\", \u0026iam.SecurityTokenServicePreferencesArgs{\n\t\t\tGlobalEndpointTokenVersion: pulumi.String(\"v2Token\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.SecurityTokenServicePreferences;\nimport com.pulumi.aws.iam.SecurityTokenServicePreferencesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityTokenServicePreferences(\"example\", SecurityTokenServicePreferencesArgs.builder()\n .globalEndpointTokenVersion(\"v2Token\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:SecurityTokenServicePreferences\n properties:\n globalEndpointTokenVersion: v2Token\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "globalEndpointTokenVersion": { "type": "string", "description": "The version of the STS global endpoint token. Valid values: `v1Token`, `v2Token`.\n" } }, "required": [ "globalEndpointTokenVersion" ], "inputProperties": { "globalEndpointTokenVersion": { "type": "string", "description": "The version of the STS global endpoint token. Valid values: `v1Token`, `v2Token`.\n" } }, "requiredInputs": [ "globalEndpointTokenVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityTokenServicePreferences resources.\n", "properties": { "globalEndpointTokenVersion": { "type": "string", "description": "The version of the STS global endpoint token. Valid values: `v1Token`, `v2Token`.\n" } }, "type": "object" } }, "aws:iam/serverCertificate:ServerCertificate": { "description": "Provides an IAM Server Certificate resource to upload Server Certificates.\nCerts uploaded to IAM can easily work with other AWS services such as:\n\n- AWS Elastic Beanstalk\n- Elastic Load Balancing\n- CloudFront\n- AWS OpsWorks\n\nFor information about server certificates in IAM, see [Managing Server\nCertificates][2] in AWS Documentation.\n\n## Example Usage\n\n**Using certs on file:**\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst testCert = new aws.iam.ServerCertificate(\"test_cert\", {\n name: \"some_test_cert\",\n certificateBody: std.file({\n input: \"self-ca-cert.pem\",\n }).then(invoke =\u003e invoke.result),\n privateKey: std.file({\n input: \"test-key.pem\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest_cert = aws.iam.ServerCertificate(\"test_cert\",\n name=\"some_test_cert\",\n certificate_body=std.file(input=\"self-ca-cert.pem\").result,\n private_key=std.file(input=\"test-key.pem\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCert = new Aws.Iam.ServerCertificate(\"test_cert\", new()\n {\n Name = \"some_test_cert\",\n CertificateBody = Std.File.Invoke(new()\n {\n Input = \"self-ca-cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"test-key.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"self-ca-cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"test-key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewServerCertificate(ctx, \"test_cert\", \u0026iam.ServerCertificateArgs{\n\t\t\tName: pulumi.String(\"some_test_cert\"),\n\t\t\tCertificateBody: pulumi.String(invokeFile.Result),\n\t\t\tPrivateKey: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.ServerCertificate;\nimport com.pulumi.aws.iam.ServerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCert = new ServerCertificate(\"testCert\", ServerCertificateArgs.builder()\n .name(\"some_test_cert\")\n .certificateBody(StdFunctions.file(FileArgs.builder()\n .input(\"self-ca-cert.pem\")\n .build()).result())\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"test-key.pem\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCert:\n type: aws:iam:ServerCertificate\n name: test_cert\n properties:\n name: some_test_cert\n certificateBody:\n fn::invoke:\n Function: std:file\n Arguments:\n input: self-ca-cert.pem\n Return: result\n privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: test-key.pem\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n**Example with cert in-line:**\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCertAlt = new aws.iam.ServerCertificate(\"test_cert_alt\", {\n name: \"alt_test_cert\",\n certificateBody: `-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n`,\n privateKey: `-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cert_alt = aws.iam.ServerCertificate(\"test_cert_alt\",\n name=\"alt_test_cert\",\n certificate_body=\"\"\"-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\"\"\",\n private_key=\"\"\"-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCertAlt = new Aws.Iam.ServerCertificate(\"test_cert_alt\", new()\n {\n Name = \"alt_test_cert\",\n CertificateBody = @\"-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\",\n PrivateKey = @\"-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewServerCertificate(ctx, \"test_cert_alt\", \u0026iam.ServerCertificateArgs{\n\t\t\tName: pulumi.String(\"alt_test_cert\"),\n\t\t\tCertificateBody: pulumi.String(\"-----BEGIN CERTIFICATE-----\\n[......] # cert contents\\n-----END CERTIFICATE-----\\n\"),\n\t\t\tPrivateKey: pulumi.String(\"-----BEGIN RSA PRIVATE KEY-----\\n[......] # cert contents\\n-----END RSA PRIVATE KEY-----\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.ServerCertificate;\nimport com.pulumi.aws.iam.ServerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCertAlt = new ServerCertificate(\"testCertAlt\", ServerCertificateArgs.builder()\n .name(\"alt_test_cert\")\n .certificateBody(\"\"\"\n-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n \"\"\")\n .privateKey(\"\"\"\n-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCertAlt:\n type: aws:iam:ServerCertificate\n name: test_cert_alt\n properties:\n name: alt_test_cert\n certificateBody: |\n -----BEGIN CERTIFICATE-----\n [......] # cert contents\n -----END CERTIFICATE-----\n privateKey: |\n -----BEGIN RSA PRIVATE KEY-----\n [......] # cert contents\n -----END RSA PRIVATE KEY-----\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n**Use in combination with an AWS ELB resource:**\n\nSome properties of an IAM Server Certificates cannot be updated while they are\nin use. In order for the provider to effectively manage a Certificate in this situation, it is\nrecommended you utilize the `name_prefix` attribute and enable the\n`create_before_destroy`. This will allow this provider\nto create a new, updated `aws.iam.ServerCertificate` resource and replace it in\ndependant resources before attempting to destroy the old version.\n\n## Import\n\nUsing `pulumi import`, import IAM Server Certificates using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the server certificate.\n" }, "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n" }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n" }, "expiration": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.\n" }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n" }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n" }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the server certificate. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificate_body` contains only one certificate. All other certificates should go in `certificate_chain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uploadDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.\n" } }, "required": [ "arn", "certificateBody", "expiration", "name", "namePrefix", "privateKey", "tagsAll", "uploadDate" ], "inputProperties": { "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n", "willReplaceOnChanges": true }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the server certificate. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificate_body` contains only one certificate. All other certificates should go in `certificate_chain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.\n" } }, "requiredInputs": [ "certificateBody", "privateKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the server certificate.\n" }, "certificateBody": { "type": "string", "description": "The contents of the public key certificate in\nPEM-encoded format.\n", "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "The contents of the certificate chain.\nThis is typically a concatenation of the PEM-encoded public key certificates\nof the chain.\n", "willReplaceOnChanges": true }, "expiration": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.\n" }, "name": { "type": "string", "description": "The name of the Server Certificate. Do not include the\npath in this value. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified\nprefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "path": { "type": "string", "description": "The IAM path for the server certificate. If it is not\nincluded, it defaults to a slash (/). If this certificate is for use with\nAWS CloudFront, the path must be in format `/cloudfront/your_path_here`.\nSee [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.\n", "willReplaceOnChanges": true }, "privateKey": { "type": "string", "description": "The contents of the private key in PEM-encoded format.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the server certificate. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificate_body` contains only one certificate. All other certificates should go in `certificate_chain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uploadDate": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.\n" } }, "type": "object" } }, "aws:iam/serviceLinkedRole:ServiceLinkedRole": { "description": "Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst elasticbeanstalk = new aws.iam.ServiceLinkedRole(\"elasticbeanstalk\", {awsServiceName: \"elasticbeanstalk.amazonaws.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nelasticbeanstalk = aws.iam.ServiceLinkedRole(\"elasticbeanstalk\", aws_service_name=\"elasticbeanstalk.amazonaws.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var elasticbeanstalk = new Aws.Iam.ServiceLinkedRole(\"elasticbeanstalk\", new()\n {\n AwsServiceName = \"elasticbeanstalk.amazonaws.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewServiceLinkedRole(ctx, \"elasticbeanstalk\", \u0026iam.ServiceLinkedRoleArgs{\n\t\t\tAwsServiceName: pulumi.String(\"elasticbeanstalk.amazonaws.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var elasticbeanstalk = new ServiceLinkedRole(\"elasticbeanstalk\", ServiceLinkedRoleArgs.builder()\n .awsServiceName(\"elasticbeanstalk.amazonaws.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n elasticbeanstalk:\n type: aws:iam:ServiceLinkedRole\n properties:\n awsServiceName: elasticbeanstalk.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM service-linked roles using role ARN. For example:\n\n```sh\n$ pulumi import aws:iam/serviceLinkedRole:ServiceLinkedRole elasticbeanstalk arn:aws:iam::123456789012:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n" }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n" }, "description": { "type": "string", "description": "The description of the role.\n" }, "name": { "type": "string", "description": "The name of the role.\n" }, "path": { "type": "string", "description": "The path of the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "required": [ "arn", "awsServiceName", "createDate", "name", "path", "tagsAll", "uniqueId" ], "inputProperties": { "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n", "willReplaceOnChanges": true }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "awsServiceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceLinkedRole resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the role.\n" }, "awsServiceName": { "type": "string", "description": "The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).\n", "willReplaceOnChanges": true }, "createDate": { "type": "string", "description": "The creation date of the IAM role.\n" }, "customSuffix": { "type": "string", "description": "Additional string appended to the role name. Not all AWS services support custom suffixes.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the role.\n" }, "name": { "type": "string", "description": "The name of the role.\n" }, "path": { "type": "string", "description": "The path of the role.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM role. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "The stable and unique string identifying the role.\n" } }, "type": "object" } }, "aws:iam/serviceSpecificCredential:ServiceSpecificCredential": { "description": "Provides an IAM Service Specific Credential.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.User(\"example\", {name: \"example\"});\nconst exampleServiceSpecificCredential = new aws.iam.ServiceSpecificCredential(\"example\", {\n serviceName: \"codecommit.amazonaws.com\",\n userName: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.User(\"example\", name=\"example\")\nexample_service_specific_credential = aws.iam.ServiceSpecificCredential(\"example\",\n service_name=\"codecommit.amazonaws.com\",\n user_name=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.User(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleServiceSpecificCredential = new Aws.Iam.ServiceSpecificCredential(\"example\", new()\n {\n ServiceName = \"codecommit.amazonaws.com\",\n UserName = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewUser(ctx, \"example\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewServiceSpecificCredential(ctx, \"example\", \u0026iam.ServiceSpecificCredentialArgs{\n\t\t\tServiceName: pulumi.String(\"codecommit.amazonaws.com\"),\n\t\t\tUserName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.ServiceSpecificCredential;\nimport com.pulumi.aws.iam.ServiceSpecificCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleServiceSpecificCredential = new ServiceSpecificCredential(\"exampleServiceSpecificCredential\", ServiceSpecificCredentialArgs.builder()\n .serviceName(\"codecommit.amazonaws.com\")\n .userName(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:User\n properties:\n name: example\n exampleServiceSpecificCredential:\n type: aws:iam:ServiceSpecificCredential\n name: example\n properties:\n serviceName: codecommit.amazonaws.com\n userName: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Service Specific Credentials using the `service_name:user_name:service_specific_credential_id`. For example:\n\n```sh\n$ pulumi import aws:iam/serviceSpecificCredential:ServiceSpecificCredential default `codecommit.amazonaws.com:example:some-id`\n```\n", "properties": { "serviceName": { "type": "string", "description": "The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.\n" }, "servicePassword": { "type": "string", "description": "The generated password for the service-specific credential.\n", "secret": true }, "serviceSpecificCredentialId": { "type": "string", "description": "The unique identifier for the service-specific credential.\n" }, "serviceUserName": { "type": "string", "description": "The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.\n" }, "status": { "type": "string", "description": "The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.\n" }, "userName": { "type": "string", "description": "The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.\n" } }, "required": [ "serviceName", "servicePassword", "serviceSpecificCredentialId", "serviceUserName", "userName" ], "inputProperties": { "serviceName": { "type": "string", "description": "The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.\n" }, "userName": { "type": "string", "description": "The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "serviceName", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceSpecificCredential resources.\n", "properties": { "serviceName": { "type": "string", "description": "The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.\n", "willReplaceOnChanges": true }, "servicePassword": { "type": "string", "description": "The generated password for the service-specific credential.\n", "secret": true }, "serviceSpecificCredentialId": { "type": "string", "description": "The unique identifier for the service-specific credential.\n" }, "serviceUserName": { "type": "string", "description": "The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.\n" }, "status": { "type": "string", "description": "The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.\n" }, "userName": { "type": "string", "description": "The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/signingCertificate:SigningCertificate": { "description": "Provides an IAM Signing Certificate resource to upload Signing Certificates.\n\n\u003e **Note:** All arguments including the certificate body will be stored in the raw state as plain-text.\n## Example Usage\n\n**Using certs on file:**\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst testCert = new aws.iam.SigningCertificate(\"test_cert\", {\n username: \"some_test_cert\",\n certificateBody: std.file({\n input: \"self-ca-cert.pem\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest_cert = aws.iam.SigningCertificate(\"test_cert\",\n username=\"some_test_cert\",\n certificate_body=std.file(input=\"self-ca-cert.pem\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCert = new Aws.Iam.SigningCertificate(\"test_cert\", new()\n {\n Username = \"some_test_cert\",\n CertificateBody = Std.File.Invoke(new()\n {\n Input = \"self-ca-cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"self-ca-cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewSigningCertificate(ctx, \"test_cert\", \u0026iam.SigningCertificateArgs{\n\t\t\tUsername: pulumi.String(\"some_test_cert\"),\n\t\t\tCertificateBody: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.SigningCertificate;\nimport com.pulumi.aws.iam.SigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCert = new SigningCertificate(\"testCert\", SigningCertificateArgs.builder()\n .username(\"some_test_cert\")\n .certificateBody(StdFunctions.file(FileArgs.builder()\n .input(\"self-ca-cert.pem\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCert:\n type: aws:iam:SigningCertificate\n name: test_cert\n properties:\n username: some_test_cert\n certificateBody:\n fn::invoke:\n Function: std:file\n Arguments:\n input: self-ca-cert.pem\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n**Example with cert in-line:**\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCertAlt = new aws.iam.SigningCertificate(\"test_cert_alt\", {\n username: \"some_test_cert\",\n certificateBody: `-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cert_alt = aws.iam.SigningCertificate(\"test_cert_alt\",\n username=\"some_test_cert\",\n certificate_body=\"\"\"-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCertAlt = new Aws.Iam.SigningCertificate(\"test_cert_alt\", new()\n {\n Username = \"some_test_cert\",\n CertificateBody = @\"-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewSigningCertificate(ctx, \"test_cert_alt\", \u0026iam.SigningCertificateArgs{\n\t\t\tUsername: pulumi.String(\"some_test_cert\"),\n\t\t\tCertificateBody: pulumi.String(\"-----BEGIN CERTIFICATE-----\\n[......] # cert contents\\n-----END CERTIFICATE-----\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.SigningCertificate;\nimport com.pulumi.aws.iam.SigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCertAlt = new SigningCertificate(\"testCertAlt\", SigningCertificateArgs.builder()\n .username(\"some_test_cert\")\n .certificateBody(\"\"\"\n-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCertAlt:\n type: aws:iam:SigningCertificate\n name: test_cert_alt\n properties:\n username: some_test_cert\n certificateBody: |\n -----BEGIN CERTIFICATE-----\n [......] # cert contents\n -----END CERTIFICATE-----\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Signing Certificates using the `id`. For example:\n\n```sh\n$ pulumi import aws:iam/signingCertificate:SigningCertificate certificate IDIDIDIDID:user-name\n```\n", "properties": { "certificateBody": { "type": "string", "description": "The contents of the signing certificate in PEM-encoded format.\n" }, "certificateId": { "type": "string", "description": "The ID for the signing certificate.\n" }, "status": { "type": "string", "description": "The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.\n" }, "userName": { "type": "string", "description": "The name of the user the signing certificate is for.\n" } }, "required": [ "certificateBody", "certificateId", "userName" ], "inputProperties": { "certificateBody": { "type": "string", "description": "The contents of the signing certificate in PEM-encoded format.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.\n" }, "userName": { "type": "string", "description": "The name of the user the signing certificate is for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateBody", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SigningCertificate resources.\n", "properties": { "certificateBody": { "type": "string", "description": "The contents of the signing certificate in PEM-encoded format.\n", "willReplaceOnChanges": true }, "certificateId": { "type": "string", "description": "The ID for the signing certificate.\n" }, "status": { "type": "string", "description": "The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.\n" }, "userName": { "type": "string", "description": "The name of the user the signing certificate is for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/sshKey:SshKey": { "description": "Uploads an SSH public key and associates it with the specified IAM user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user = new aws.iam.User(\"user\", {\n name: \"test-user\",\n path: \"/\",\n});\nconst userSshKey = new aws.iam.SshKey(\"user\", {\n username: user.name,\n encoding: \"SSH\",\n publicKey: \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser = aws.iam.User(\"user\",\n name=\"test-user\",\n path=\"/\")\nuser_ssh_key = aws.iam.SshKey(\"user\",\n username=user.name,\n encoding=\"SSH\",\n public_key=\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var user = new Aws.Iam.User(\"user\", new()\n {\n Name = \"test-user\",\n Path = \"/\",\n });\n\n var userSshKey = new Aws.Iam.SshKey(\"user\", new()\n {\n Username = user.Name,\n Encoding = \"SSH\",\n PublicKey = \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := iam.NewUser(ctx, \"user\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test-user\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewSshKey(ctx, \"user\", \u0026iam.SshKeyArgs{\n\t\t\tUsername: user.Name,\n\t\t\tEncoding: pulumi.String(\"SSH\"),\n\t\t\tPublicKey: pulumi.String(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.SshKey;\nimport com.pulumi.aws.iam.SshKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var user = new User(\"user\", UserArgs.builder()\n .name(\"test-user\")\n .path(\"/\")\n .build());\n\n var userSshKey = new SshKey(\"userSshKey\", SshKeyArgs.builder()\n .username(user.name())\n .encoding(\"SSH\")\n .publicKey(\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n user:\n type: aws:iam:User\n properties:\n name: test-user\n path: /\n userSshKey:\n type: aws:iam:SshKey\n name: user\n properties:\n username: ${user.name}\n encoding: SSH\n publicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSH public keys using the `username`, `ssh_public_key_id`, and `encoding`. For example:\n\n```sh\n$ pulumi import aws:iam/sshKey:SshKey user user:APKAJNCNNJICVN7CFKCA:SSH\n```\n", "properties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n" }, "fingerprint": { "type": "string", "description": "The MD5 message digest of the SSH public key.\n" }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n" }, "sshPublicKeyId": { "type": "string", "description": "The unique identifier for the SSH public key.\n" }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n" } }, "required": [ "encoding", "fingerprint", "publicKey", "sshPublicKeyId", "status", "username" ], "inputProperties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "encoding", "publicKey", "username" ], "stateInputs": { "description": "Input properties used for looking up and filtering SshKey resources.\n", "properties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n", "willReplaceOnChanges": true }, "fingerprint": { "type": "string", "description": "The MD5 message digest of the SSH public key.\n" }, "publicKey": { "type": "string", "description": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n", "willReplaceOnChanges": true }, "sshPublicKeyId": { "type": "string", "description": "The unique identifier for the SSH public key.\n" }, "status": { "type": "string", "description": "The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.\n" }, "username": { "type": "string", "description": "The name of the IAM user to associate the SSH public key with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/user:User": { "description": "Provides an IAM user.\n\n\u003e *NOTE:* If policies are attached to the user via the `aws.iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `force_destroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.UserPolicyAttachment` resource (recommended) does not have this requirement.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.iam.User(\"lb\", {\n name: \"loadbalancer\",\n path: \"/system/\",\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {user: lb.name});\nconst lbRo = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"ec2:Describe*\"],\n resources: [\"*\"],\n }],\n});\nconst lbRoUserPolicy = new aws.iam.UserPolicy(\"lb_ro\", {\n name: \"test\",\n user: lb.name,\n policy: lbRo.then(lbRo =\u003e lbRo.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.iam.User(\"lb\",\n name=\"loadbalancer\",\n path=\"/system/\",\n tags={\n \"tag-key\": \"tag-value\",\n })\nlb_access_key = aws.iam.AccessKey(\"lb\", user=lb.name)\nlb_ro = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:Describe*\"],\n \"resources\": [\"*\"],\n}])\nlb_ro_user_policy = aws.iam.UserPolicy(\"lb_ro\",\n name=\"test\",\n user=lb.name,\n policy=lb_ro.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Iam.User(\"lb\", new()\n {\n Name = \"loadbalancer\",\n Path = \"/system/\",\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n\n var lbAccessKey = new Aws.Iam.AccessKey(\"lb\", new()\n {\n User = lb.Name,\n });\n\n var lbRo = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:Describe*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var lbRoUserPolicy = new Aws.Iam.UserPolicy(\"lb_ro\", new()\n {\n Name = \"test\",\n User = lb.Name,\n Policy = lbRo.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := iam.NewUser(ctx, \"lb\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"loadbalancer\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lb\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlbRo, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"lb_ro\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tUser: lb.Name,\n\t\t\tPolicy: pulumi.String(lbRo.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new User(\"lb\", UserArgs.builder()\n .name(\"loadbalancer\")\n .path(\"/system/\")\n .tags(Map.of(\"tag-key\", \"tag-value\"))\n .build());\n\n var lbAccessKey = new AccessKey(\"lbAccessKey\", AccessKeyArgs.builder()\n .user(lb.name())\n .build());\n\n final var lbRo = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:Describe*\")\n .resources(\"*\")\n .build())\n .build());\n\n var lbRoUserPolicy = new UserPolicy(\"lbRoUserPolicy\", UserPolicyArgs.builder()\n .name(\"test\")\n .user(lb.name())\n .policy(lbRo.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:iam:User\n properties:\n name: loadbalancer\n path: /system/\n tags:\n tag-key: tag-value\n lbAccessKey:\n type: aws:iam:AccessKey\n name: lb\n properties:\n user: ${lb.name}\n lbRoUserPolicy:\n type: aws:iam:UserPolicy\n name: lb_ro\n properties:\n name: test\n user: ${lb.name}\n policy: ${lbRo.json}\nvariables:\n lbRo:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:Describe*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Users using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/user:User lb loadbalancer\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this user.\n" }, "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "required": [ "arn", "name", "tagsAll", "uniqueId" ], "inputProperties": { "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this user.\n" }, "forceDestroy": { "type": "boolean", "description": "When destroying this user, destroy even if it\nhas non-provider-managed IAM access keys, login profile or MFA devices. Without `force_destroy`\na user with non-provider-managed access keys and login profile will fail to be destroyed.\n" }, "name": { "type": "string", "description": "The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both \"TESTUSER\" and \"testuser\".\n" }, "path": { "type": "string", "description": "Path in which to create the user.\n" }, "permissionsBoundary": { "type": "string", "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM user. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uniqueId": { "type": "string", "description": "The [unique ID][1] assigned by AWS.\n" } }, "type": "object" } }, "aws:iam/userGroupMembership:UserGroupMembership": { "description": "Provides a resource for adding an IAM User to IAM Groups. This\nresource can be used multiple times with the same user for non-overlapping\ngroups.\n\nTo exclusively manage the users in a group, see the\n`aws.iam.GroupMembership` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user1 = new aws.iam.User(\"user1\", {name: \"user1\"});\nconst group1 = new aws.iam.Group(\"group1\", {name: \"group1\"});\nconst group2 = new aws.iam.Group(\"group2\", {name: \"group2\"});\nconst example1 = new aws.iam.UserGroupMembership(\"example1\", {\n user: user1.name,\n groups: [\n group1.name,\n group2.name,\n ],\n});\nconst group3 = new aws.iam.Group(\"group3\", {name: \"group3\"});\nconst example2 = new aws.iam.UserGroupMembership(\"example2\", {\n user: user1.name,\n groups: [group3.name],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser1 = aws.iam.User(\"user1\", name=\"user1\")\ngroup1 = aws.iam.Group(\"group1\", name=\"group1\")\ngroup2 = aws.iam.Group(\"group2\", name=\"group2\")\nexample1 = aws.iam.UserGroupMembership(\"example1\",\n user=user1.name,\n groups=[\n group1.name,\n group2.name,\n ])\ngroup3 = aws.iam.Group(\"group3\", name=\"group3\")\nexample2 = aws.iam.UserGroupMembership(\"example2\",\n user=user1.name,\n groups=[group3.name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var user1 = new Aws.Iam.User(\"user1\", new()\n {\n Name = \"user1\",\n });\n\n var group1 = new Aws.Iam.Group(\"group1\", new()\n {\n Name = \"group1\",\n });\n\n var group2 = new Aws.Iam.Group(\"group2\", new()\n {\n Name = \"group2\",\n });\n\n var example1 = new Aws.Iam.UserGroupMembership(\"example1\", new()\n {\n User = user1.Name,\n Groups = new[]\n {\n group1.Name,\n group2.Name,\n },\n });\n\n var group3 = new Aws.Iam.Group(\"group3\", new()\n {\n Name = \"group3\",\n });\n\n var example2 = new Aws.Iam.UserGroupMembership(\"example2\", new()\n {\n User = user1.Name,\n Groups = new[]\n {\n group3.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser1, err := iam.NewUser(ctx, \"user1\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"user1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup1, err := iam.NewGroup(ctx, \"group1\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"group1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup2, err := iam.NewGroup(ctx, \"group2\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"group2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserGroupMembership(ctx, \"example1\", \u0026iam.UserGroupMembershipArgs{\n\t\t\tUser: user1.Name,\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tgroup1.Name,\n\t\t\t\tgroup2.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgroup3, err := iam.NewGroup(ctx, \"group3\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"group3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserGroupMembership(ctx, \"example2\", \u0026iam.UserGroupMembershipArgs{\n\t\t\tUser: user1.Name,\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tgroup3.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.UserGroupMembership;\nimport com.pulumi.aws.iam.UserGroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var user1 = new User(\"user1\", UserArgs.builder()\n .name(\"user1\")\n .build());\n\n var group1 = new Group(\"group1\", GroupArgs.builder()\n .name(\"group1\")\n .build());\n\n var group2 = new Group(\"group2\", GroupArgs.builder()\n .name(\"group2\")\n .build());\n\n var example1 = new UserGroupMembership(\"example1\", UserGroupMembershipArgs.builder()\n .user(user1.name())\n .groups( \n group1.name(),\n group2.name())\n .build());\n\n var group3 = new Group(\"group3\", GroupArgs.builder()\n .name(\"group3\")\n .build());\n\n var example2 = new UserGroupMembership(\"example2\", UserGroupMembershipArgs.builder()\n .user(user1.name())\n .groups(group3.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example1:\n type: aws:iam:UserGroupMembership\n properties:\n user: ${user1.name}\n groups:\n - ${group1.name}\n - ${group2.name}\n example2:\n type: aws:iam:UserGroupMembership\n properties:\n user: ${user1.name}\n groups:\n - ${group3.name}\n user1:\n type: aws:iam:User\n properties:\n name: user1\n group1:\n type: aws:iam:Group\n properties:\n name: group1\n group2:\n type: aws:iam:Group\n properties:\n name: group2\n group3:\n type: aws:iam:Group\n properties:\n name: group3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM user group membership using the user name and group names separated by `/`. For example:\n\n```sh\n$ pulumi import aws:iam/userGroupMembership:UserGroupMembership example1 user1/group1/group2\n```\n", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Groups to add the user to\n" }, "user": { "type": "string", "description": "The name of the IAM User to add to groups\n" } }, "required": [ "groups", "user" ], "inputProperties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Groups to add the user to\n" }, "user": { "type": "string", "description": "The name of the IAM User to add to groups\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groups", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserGroupMembership resources.\n", "properties": { "groups": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Groups to add the user to\n" }, "user": { "type": "string", "description": "The name of the IAM User to add to groups\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/userLoginProfile:UserLoginProfile": { "description": "Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.\n\n\u003e To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.User(\"example\", {\n name: \"example\",\n path: \"/\",\n forceDestroy: true,\n});\nconst exampleUserLoginProfile = new aws.iam.UserLoginProfile(\"example\", {\n user: example.name,\n pgpKey: \"keybase:some_person_that_exists\",\n});\nexport const password = exampleUserLoginProfile.encryptedPassword;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.User(\"example\",\n name=\"example\",\n path=\"/\",\n force_destroy=True)\nexample_user_login_profile = aws.iam.UserLoginProfile(\"example\",\n user=example.name,\n pgp_key=\"keybase:some_person_that_exists\")\npulumi.export(\"password\", example_user_login_profile.encrypted_password)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.User(\"example\", new()\n {\n Name = \"example\",\n Path = \"/\",\n ForceDestroy = true,\n });\n\n var exampleUserLoginProfile = new Aws.Iam.UserLoginProfile(\"example\", new()\n {\n User = example.Name,\n PgpKey = \"keybase:some_person_that_exists\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"password\"] = exampleUserLoginProfile.EncryptedPassword,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewUser(ctx, \"example\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, \"example\", \u0026iam.UserLoginProfileArgs{\n\t\t\tUser: example.Name,\n\t\t\tPgpKey: pulumi.String(\"keybase:some_person_that_exists\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"password\", exampleUserLoginProfile.EncryptedPassword)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.UserLoginProfile;\nimport com.pulumi.aws.iam.UserLoginProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .name(\"example\")\n .path(\"/\")\n .forceDestroy(true)\n .build());\n\n var exampleUserLoginProfile = new UserLoginProfile(\"exampleUserLoginProfile\", UserLoginProfileArgs.builder()\n .user(example.name())\n .pgpKey(\"keybase:some_person_that_exists\")\n .build());\n\n ctx.export(\"password\", exampleUserLoginProfile.encryptedPassword());\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:User\n properties:\n name: example\n path: /\n forceDestroy: true\n exampleUserLoginProfile:\n type: aws:iam:UserLoginProfile\n name: example\n properties:\n user: ${example.name}\n pgpKey: keybase:some_person_that_exists\noutputs:\n password: ${exampleUserLoginProfile.encryptedPassword}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM User Login Profiles without password information via the IAM User name. For example:\n\n```sh\n$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername\n```\nSince Pulumi has no method to read the PGP or password information during import, use the resource options `ignore_changes` argument to ignore them (unless you want to recreate a password). For example:\n\n", "properties": { "encryptedPassword": { "type": "string", "description": "The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.\n" }, "password": { "type": "string", "description": "The plain text password, only available when `pgp_key` is not provided.\n" }, "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.\n" }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.\n" }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n" }, "user": { "type": "string", "description": "The IAM user's name.\n" } }, "required": [ "encryptedPassword", "keyFingerprint", "password", "passwordResetRequired", "user" ], "inputProperties": { "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.\n", "willReplaceOnChanges": true }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.\n", "willReplaceOnChanges": true }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n", "willReplaceOnChanges": true }, "user": { "type": "string", "description": "The IAM user's name.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserLoginProfile resources.\n", "properties": { "encryptedPassword": { "type": "string", "description": "The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.\n" }, "keyFingerprint": { "type": "string", "description": "The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.\n" }, "password": { "type": "string", "description": "The plain text password, only available when `pgp_key` is not provided.\n" }, "passwordLength": { "type": "integer", "description": "The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.\n", "willReplaceOnChanges": true }, "passwordResetRequired": { "type": "boolean", "description": "Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.\n", "willReplaceOnChanges": true }, "pgpKey": { "type": "string", "description": "Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.\n", "willReplaceOnChanges": true }, "user": { "type": "string", "description": "The IAM user's name.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/userPolicy:UserPolicy": { "description": "Provides an IAM policy attached to a user.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.iam.User(\"lb\", {\n name: \"loadbalancer\",\n path: \"/system/\",\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n name: \"test\",\n user: lb.name,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {user: lb.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nlb = aws.iam.User(\"lb\",\n name=\"loadbalancer\",\n path=\"/system/\")\nlb_ro = aws.iam.UserPolicy(\"lb_ro\",\n name=\"test\",\n user=lb.name,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nlb_access_key = aws.iam.AccessKey(\"lb\", user=lb.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Iam.User(\"lb\", new()\n {\n Name = \"loadbalancer\",\n Path = \"/system/\",\n });\n\n var lbRo = new Aws.Iam.UserPolicy(\"lb_ro\", new()\n {\n Name = \"test\",\n User = lb.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var lbAccessKey = new Aws.Iam.AccessKey(\"lb\", new()\n {\n User = lb.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := iam.NewUser(ctx, \"lb\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"loadbalancer\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewUserPolicy(ctx, \"lb_ro\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tUser: lb.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lb\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new User(\"lb\", UserArgs.builder()\n .name(\"loadbalancer\")\n .path(\"/system/\")\n .build());\n\n var lbRo = new UserPolicy(\"lbRo\", UserPolicyArgs.builder()\n .name(\"test\")\n .user(lb.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var lbAccessKey = new AccessKey(\"lbAccessKey\", AccessKeyArgs.builder()\n .user(lb.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lbRo:\n type: aws:iam:UserPolicy\n name: lb_ro\n properties:\n name: test\n user: ${lb.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n lb:\n type: aws:iam:User\n properties:\n name: loadbalancer\n path: /system/\n lbAccessKey:\n type: aws:iam:AccessKey\n name: lb\n properties:\n user: ${lb.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM User Policies using the `user_name:user_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n" } }, "required": [ "name", "namePrefix", "policy", "user" ], "inputProperties": { "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPolicy resources.\n", "properties": { "name": { "type": "string", "description": "The name of the policy. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The policy document. This is a JSON formatted string.\n" }, "user": { "type": "string", "description": "IAM user to which to attach this policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/userPolicyAttachment:UserPolicyAttachment": { "description": "Attaches a Managed IAM Policy to an IAM user\n\n\u003e **NOTE:** The usage of this resource conflicts with the `aws.iam.PolicyAttachment` resource and will permanently show a difference if both are defined.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst user = new aws.iam.User(\"user\", {name: \"test-user\"});\nconst policy = new aws.iam.Policy(\"policy\", {\n name: \"test-policy\",\n description: \"A test policy\",\n policy: \"{ ... policy JSON ... }\",\n});\nconst test_attach = new aws.iam.UserPolicyAttachment(\"test-attach\", {\n user: user.name,\n policyArn: policy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser = aws.iam.User(\"user\", name=\"test-user\")\npolicy = aws.iam.Policy(\"policy\",\n name=\"test-policy\",\n description=\"A test policy\",\n policy=\"{ ... policy JSON ... }\")\ntest_attach = aws.iam.UserPolicyAttachment(\"test-attach\",\n user=user.name,\n policy_arn=policy.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var user = new Aws.Iam.User(\"user\", new()\n {\n Name = \"test-user\",\n });\n\n var policy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test-policy\",\n Description = \"A test policy\",\n PolicyDocument = \"{ ... policy JSON ... }\",\n });\n\n var test_attach = new Aws.Iam.UserPolicyAttachment(\"test-attach\", new()\n {\n User = user.Name,\n PolicyArn = policy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuser, err := iam.NewUser(ctx, \"user\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"test-user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpolicy, err := iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test-policy\"),\n\t\t\tDescription: pulumi.String(\"A test policy\"),\n\t\t\tPolicy: pulumi.Any(\"{ ... policy JSON ... }\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicyAttachment(ctx, \"test-attach\", \u0026iam.UserPolicyAttachmentArgs{\n\t\t\tUser: user.Name,\n\t\t\tPolicyArn: policy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.UserPolicyAttachment;\nimport com.pulumi.aws.iam.UserPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var user = new User(\"user\", UserArgs.builder()\n .name(\"test-user\")\n .build());\n\n var policy = new Policy(\"policy\", PolicyArgs.builder()\n .name(\"test-policy\")\n .description(\"A test policy\")\n .policy(\"{ ... policy JSON ... }\")\n .build());\n\n var test_attach = new UserPolicyAttachment(\"test-attach\", UserPolicyAttachmentArgs.builder()\n .user(user.name())\n .policyArn(policy.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n user:\n type: aws:iam:User\n properties:\n name: test-user\n policy:\n type: aws:iam:Policy\n properties:\n name: test-policy\n description: A test policy\n policy: '{ ... policy JSON ... }'\n test-attach:\n type: aws:iam:UserPolicyAttachment\n properties:\n user: ${user.name}\n policyArn: ${policy.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM user policy attachments using the user name and policy arn separated by `/`. For example:\n\n```sh\n$ pulumi import aws:iam/userPolicyAttachment:UserPolicyAttachment test-attach test-user/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy\n```\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n" }, "user": { "type": "string", "description": "The user the policy should be applied to\n" } }, "required": [ "policyArn", "user" ], "inputProperties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true }, "user": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ], "description": "The user the policy should be applied to\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyArn", "user" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserPolicyAttachment resources.\n", "properties": { "policyArn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the policy you want to apply\n", "willReplaceOnChanges": true }, "user": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/user:User" } ], "description": "The user the policy should be applied to\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iam/virtualMfaDevice:VirtualMfaDevice": { "description": "Provides an IAM Virtual MFA Device.\n\n\u003e **Note:** All attributes will be stored in the raw state as plain-text.\n\u003e **Note:** A virtual MFA device cannot be directly associated with an IAM User from the provider.\n To associate the virtual MFA device with a user and enable it, use the code returned in either `base_32_string_seed` or `qr_code_png` to generate TOTP authentication codes.\n The authentication codes can then be used with the AWS CLI command [`aws iam enable-mfa-device`](https://docs.aws.amazon.com/cli/latest/reference/iam/enable-mfa-device.html) or the AWS API call [`EnableMFADevice`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html).\n\n## Example Usage\n\n**Using certs on file:**\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.VirtualMfaDevice(\"example\", {virtualMfaDeviceName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.VirtualMfaDevice(\"example\", virtual_mfa_device_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.VirtualMfaDevice(\"example\", new()\n {\n VirtualMfaDeviceName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewVirtualMfaDevice(ctx, \"example\", \u0026iam.VirtualMfaDeviceArgs{\n\t\t\tVirtualMfaDeviceName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.VirtualMfaDevice;\nimport com.pulumi.aws.iam.VirtualMfaDeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VirtualMfaDevice(\"example\", VirtualMfaDeviceArgs.builder()\n .virtualMfaDeviceName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:VirtualMfaDevice\n properties:\n virtualMfaDeviceName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Virtual MFA Devices using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/virtualMfaDevice:VirtualMfaDevice example arn:aws:iam::123456789012:mfa/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the virtual mfa device.\n" }, "base32StringSeed": { "type": "string", "description": "The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base_32_string_seed` is base64-encoded.\n" }, "enableDate": { "type": "string", "description": "The date and time when the virtual MFA device was enabled.\n" }, "path": { "type": "string", "description": "The path for the virtual MFA device.\n" }, "qrCodePng": { "type": "string", "description": "A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the virtual mfa device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The associated IAM User name if the virtual MFA device is enabled.\n" }, "virtualMfaDeviceName": { "type": "string", "description": "The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.\n" } }, "required": [ "arn", "base32StringSeed", "enableDate", "qrCodePng", "tagsAll", "userName", "virtualMfaDeviceName" ], "inputProperties": { "path": { "type": "string", "description": "The path for the virtual MFA device.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the virtual mfa device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "virtualMfaDeviceName": { "type": "string", "description": "The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "virtualMfaDeviceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VirtualMfaDevice resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the virtual mfa device.\n" }, "base32StringSeed": { "type": "string", "description": "The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base_32_string_seed` is base64-encoded.\n" }, "enableDate": { "type": "string", "description": "The date and time when the virtual MFA device was enabled.\n" }, "path": { "type": "string", "description": "The path for the virtual MFA device.\n", "willReplaceOnChanges": true }, "qrCodePng": { "type": "string", "description": "A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the virtual mfa device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The associated IAM User name if the virtual MFA device is enabled.\n" }, "virtualMfaDeviceName": { "type": "string", "description": "The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:identitystore/group:Group": { "description": "Resource for managing an AWS IdentityStore Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _this = new aws.identitystore.Group(\"this\", {\n displayName: \"Example group\",\n description: \"Example description\",\n identityStoreId: example.identityStoreIds[0],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.identitystore.Group(\"this\",\n display_name=\"Example group\",\n description=\"Example description\",\n identity_store_id=example[\"identityStoreIds\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Aws.IdentityStore.Group(\"this\", new()\n {\n DisplayName = \"Example group\",\n Description = \"Example description\",\n IdentityStoreId = example.IdentityStoreIds[0],\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identitystore.NewGroup(ctx, \"this\", \u0026identitystore.GroupArgs{\n\t\t\tDisplayName: pulumi.String(\"Example group\"),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tIdentityStoreId: pulumi.Any(example.IdentityStoreIds[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.identitystore.Group;\nimport com.pulumi.aws.identitystore.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Group(\"this\", GroupArgs.builder()\n .displayName(\"Example group\")\n .description(\"Example description\")\n .identityStoreId(example.identityStoreIds()[0])\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: aws:identitystore:Group\n properties:\n displayName: Example group\n description: Example description\n identityStoreId: ${example.identityStoreIds[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Identity Store Group using the combination `identity_store_id/group_id`. For example:\n\n```sh\n$ pulumi import aws:identitystore/group:Group example d-9c6705e95c/b8a1c340-8031-7071-a2fb-7dc540320c30\n```\n", "properties": { "description": { "type": "string", "description": "A string containing the description of the group.\n" }, "displayName": { "type": "string", "description": "A string containing the name of the group. This value is commonly displayed when the group is referenced.\n" }, "externalIds": { "type": "array", "items": { "$ref": "#/types/aws:identitystore/GroupExternalId:GroupExternalId" }, "description": "A list of external IDs that contains the identifiers issued to this resource by an external identity provider. See External IDs below.\n" }, "groupId": { "type": "string", "description": "The identifier of the newly created group in the identity store.\n" }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store.\n\nThe following arguments are optional:\n" } }, "required": [ "displayName", "externalIds", "groupId", "identityStoreId" ], "inputProperties": { "description": { "type": "string", "description": "A string containing the description of the group.\n" }, "displayName": { "type": "string", "description": "A string containing the name of the group. This value is commonly displayed when the group is referenced.\n", "willReplaceOnChanges": true }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "displayName", "identityStoreId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "description": { "type": "string", "description": "A string containing the description of the group.\n" }, "displayName": { "type": "string", "description": "A string containing the name of the group. This value is commonly displayed when the group is referenced.\n", "willReplaceOnChanges": true }, "externalIds": { "type": "array", "items": { "$ref": "#/types/aws:identitystore/GroupExternalId:GroupExternalId" }, "description": "A list of external IDs that contains the identifiers issued to this resource by an external identity provider. See External IDs below.\n" }, "groupId": { "type": "string", "description": "The identifier of the newly created group in the identity store.\n" }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:identitystore/groupMembership:GroupMembership": { "description": "Resource for managing an AWS IdentityStore Group Membership.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleUser = new aws.identitystore.User(\"example\", {\n identityStoreId: example.then(example =\u003e example.identityStoreIds?.[0]),\n displayName: \"John Doe\",\n userName: \"john.doe@example.com\",\n name: {\n familyName: \"Doe\",\n givenName: \"John\",\n },\n});\nconst exampleGroup = new aws.identitystore.Group(\"example\", {\n identityStoreId: example.then(example =\u003e example.identityStoreIds?.[0]),\n displayName: \"MyGroup\",\n description: \"Some group name\",\n});\nconst exampleGroupMembership = new aws.identitystore.GroupMembership(\"example\", {\n identityStoreId: example.then(example =\u003e example.identityStoreIds?.[0]),\n groupId: exampleGroup.groupId,\n memberId: exampleUser.userId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_user = aws.identitystore.User(\"example\",\n identity_store_id=example.identity_store_ids[0],\n display_name=\"John Doe\",\n user_name=\"john.doe@example.com\",\n name={\n \"family_name\": \"Doe\",\n \"given_name\": \"John\",\n })\nexample_group = aws.identitystore.Group(\"example\",\n identity_store_id=example.identity_store_ids[0],\n display_name=\"MyGroup\",\n description=\"Some group name\")\nexample_group_membership = aws.identitystore.GroupMembership(\"example\",\n identity_store_id=example.identity_store_ids[0],\n group_id=example_group.group_id,\n member_id=example_user.user_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleUser = new Aws.IdentityStore.User(\"example\", new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n DisplayName = \"John Doe\",\n UserName = \"john.doe@example.com\",\n Name = new Aws.IdentityStore.Inputs.UserNameArgs\n {\n FamilyName = \"Doe\",\n GivenName = \"John\",\n },\n });\n\n var exampleGroup = new Aws.IdentityStore.Group(\"example\", new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n DisplayName = \"MyGroup\",\n Description = \"Some group name\",\n });\n\n var exampleGroupMembership = new Aws.IdentityStore.GroupMembership(\"example\", new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n GroupId = exampleGroup.GroupId,\n MemberId = exampleUser.UserId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := identitystore.NewUser(ctx, \"example\", \u0026identitystore.UserArgs{\n\t\t\tIdentityStoreId: pulumi.String(example.IdentityStoreIds[0]),\n\t\t\tDisplayName: pulumi.String(\"John Doe\"),\n\t\t\tUserName: pulumi.String(\"john.doe@example.com\"),\n\t\t\tName: \u0026identitystore.UserNameArgs{\n\t\t\t\tFamilyName: pulumi.String(\"Doe\"),\n\t\t\t\tGivenName: pulumi.String(\"John\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := identitystore.NewGroup(ctx, \"example\", \u0026identitystore.GroupArgs{\n\t\t\tIdentityStoreId: pulumi.String(example.IdentityStoreIds[0]),\n\t\t\tDisplayName: pulumi.String(\"MyGroup\"),\n\t\t\tDescription: pulumi.String(\"Some group name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identitystore.NewGroupMembership(ctx, \"example\", \u0026identitystore.GroupMembershipArgs{\n\t\t\tIdentityStoreId: pulumi.String(example.IdentityStoreIds[0]),\n\t\t\tGroupId: exampleGroup.GroupId,\n\t\t\tMemberId: exampleUser.UserId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.identitystore.User;\nimport com.pulumi.aws.identitystore.UserArgs;\nimport com.pulumi.aws.identitystore.inputs.UserNameArgs;\nimport com.pulumi.aws.identitystore.Group;\nimport com.pulumi.aws.identitystore.GroupArgs;\nimport com.pulumi.aws.identitystore.GroupMembership;\nimport com.pulumi.aws.identitystore.GroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .displayName(\"John Doe\")\n .userName(\"john.doe@example.com\")\n .name(UserNameArgs.builder()\n .familyName(\"Doe\")\n .givenName(\"John\")\n .build())\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .displayName(\"MyGroup\")\n .description(\"Some group name\")\n .build());\n\n var exampleGroupMembership = new GroupMembership(\"exampleGroupMembership\", GroupMembershipArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .groupId(exampleGroup.groupId())\n .memberId(exampleUser.userId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleUser:\n type: aws:identitystore:User\n name: example\n properties:\n identityStoreId: ${example.identityStoreIds[0]}\n displayName: John Doe\n userName: john.doe@example.com\n name:\n familyName: Doe\n givenName: John\n exampleGroup:\n type: aws:identitystore:Group\n name: example\n properties:\n identityStoreId: ${example.identityStoreIds[0]}\n displayName: MyGroup\n description: Some group name\n exampleGroupMembership:\n type: aws:identitystore:GroupMembership\n name: example\n properties:\n identityStoreId: ${example.identityStoreIds[0]}\n groupId: ${exampleGroup.groupId}\n memberId: ${exampleUser.userId}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_identitystore_group_membership` using the `identity_store_id/membership_id`. For example:\n\n```sh\n$ pulumi import aws:identitystore/groupMembership:GroupMembership example d-0000000000/00000000-0000-0000-0000-000000000000\n```\n", "properties": { "groupId": { "type": "string", "description": "The identifier for a group in the Identity Store.\n" }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On Instance.\n" }, "memberId": { "type": "string", "description": "The identifier for a user in the Identity Store.\n" }, "membershipId": { "type": "string", "description": "The identifier of the newly created group membership in the Identity Store.\n" } }, "required": [ "groupId", "identityStoreId", "memberId", "membershipId" ], "inputProperties": { "groupId": { "type": "string", "description": "The identifier for a group in the Identity Store.\n", "willReplaceOnChanges": true }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On Instance.\n", "willReplaceOnChanges": true }, "memberId": { "type": "string", "description": "The identifier for a user in the Identity Store.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupId", "identityStoreId", "memberId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMembership resources.\n", "properties": { "groupId": { "type": "string", "description": "The identifier for a group in the Identity Store.\n", "willReplaceOnChanges": true }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On Instance.\n", "willReplaceOnChanges": true }, "memberId": { "type": "string", "description": "The identifier for a user in the Identity Store.\n", "willReplaceOnChanges": true }, "membershipId": { "type": "string", "description": "The identifier of the newly created group membership in the Identity Store.\n" } }, "type": "object" } }, "aws:identitystore/user:User": { "description": "This resource manages a User resource within an Identity Store.\n\n\u003e **Note:** If you use an external identity provider or Active Directory as your identity source,\nuse this resource with caution. IAM Identity Center does not support outbound synchronization,\nso your identity source does not automatically update with the changes that you make to\nusers using this resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.identitystore.User(\"example\", {\n identityStoreId: exampleAwsSsoadminInstances.identityStoreIds[0],\n displayName: \"John Doe\",\n userName: \"johndoe\",\n name: {\n givenName: \"John\",\n familyName: \"Doe\",\n },\n emails: {\n value: \"john@example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.identitystore.User(\"example\",\n identity_store_id=example_aws_ssoadmin_instances[\"identityStoreIds\"],\n display_name=\"John Doe\",\n user_name=\"johndoe\",\n name={\n \"given_name\": \"John\",\n \"family_name\": \"Doe\",\n },\n emails={\n \"value\": \"john@example.com\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.IdentityStore.User(\"example\", new()\n {\n IdentityStoreId = exampleAwsSsoadminInstances.IdentityStoreIds[0],\n DisplayName = \"John Doe\",\n UserName = \"johndoe\",\n Name = new Aws.IdentityStore.Inputs.UserNameArgs\n {\n GivenName = \"John\",\n FamilyName = \"Doe\",\n },\n Emails = new Aws.IdentityStore.Inputs.UserEmailsArgs\n {\n Value = \"john@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identitystore.NewUser(ctx, \"example\", \u0026identitystore.UserArgs{\n\t\t\tIdentityStoreId: pulumi.Any(exampleAwsSsoadminInstances.IdentityStoreIds[0]),\n\t\t\tDisplayName: pulumi.String(\"John Doe\"),\n\t\t\tUserName: pulumi.String(\"johndoe\"),\n\t\t\tName: \u0026identitystore.UserNameArgs{\n\t\t\t\tGivenName: pulumi.String(\"John\"),\n\t\t\t\tFamilyName: pulumi.String(\"Doe\"),\n\t\t\t},\n\t\t\tEmails: \u0026identitystore.UserEmailsArgs{\n\t\t\t\tValue: pulumi.String(\"john@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.identitystore.User;\nimport com.pulumi.aws.identitystore.UserArgs;\nimport com.pulumi.aws.identitystore.inputs.UserNameArgs;\nimport com.pulumi.aws.identitystore.inputs.UserEmailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .identityStoreId(exampleAwsSsoadminInstances.identityStoreIds()[0])\n .displayName(\"John Doe\")\n .userName(\"johndoe\")\n .name(UserNameArgs.builder()\n .givenName(\"John\")\n .familyName(\"Doe\")\n .build())\n .emails(UserEmailsArgs.builder()\n .value(\"john@example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:identitystore:User\n properties:\n identityStoreId: ${exampleAwsSsoadminInstances.identityStoreIds[0]}\n displayName: John Doe\n userName: johndoe\n name:\n givenName: John\n familyName: Doe\n emails:\n value: john@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Identity Store User using the combination `identity_store_id/user_id`. For example:\n\n```sh\n$ pulumi import aws:identitystore/user:User example d-9c6705e95c/065212b4-9061-703b-5876-13a517ae2a7c\n```\n", "properties": { "addresses": { "$ref": "#/types/aws:identitystore/UserAddresses:UserAddresses", "description": "Details about the user's address. At most 1 address is allowed. Detailed below.\n" }, "displayName": { "type": "string", "description": "The name that is typically displayed when the user is referenced.\n" }, "emails": { "$ref": "#/types/aws:identitystore/UserEmails:UserEmails", "description": "Details about the user's email. At most 1 email is allowed. Detailed below.\n" }, "externalIds": { "type": "array", "items": { "$ref": "#/types/aws:identitystore/UserExternalId:UserExternalId" }, "description": "A list of identifiers issued to this resource by an external identity provider.\n" }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store that this user is in.\n" }, "locale": { "type": "string", "description": "The user's geographical region or location.\n" }, "name": { "$ref": "#/types/aws:identitystore/UserName:UserName", "description": "Details about the user's full name. Detailed below.\n" }, "nickname": { "type": "string", "description": "An alternate name for the user.\n" }, "phoneNumbers": { "$ref": "#/types/aws:identitystore/UserPhoneNumbers:UserPhoneNumbers", "description": "Details about the user's phone number. At most 1 phone number is allowed. Detailed below.\n" }, "preferredLanguage": { "type": "string", "description": "The preferred language of the user.\n" }, "profileUrl": { "type": "string", "description": "An URL that may be associated with the user.\n" }, "timezone": { "type": "string", "description": "The user's time zone.\n" }, "title": { "type": "string", "description": "The user's title.\n" }, "userId": { "type": "string", "description": "The identifier for this user in the identity store.\n" }, "userName": { "type": "string", "description": "A unique string used to identify the user. This value can consist of letters, accented characters, symbols, numbers, and punctuation. This value is specified at the time the user is created and stored as an attribute of the user object in the identity store. The limit is 128 characters.\n\nThe following arguments are optional:\n" }, "userType": { "type": "string", "description": "The user type.\n" } }, "required": [ "displayName", "externalIds", "identityStoreId", "name", "userId", "userName" ], "inputProperties": { "addresses": { "$ref": "#/types/aws:identitystore/UserAddresses:UserAddresses", "description": "Details about the user's address. At most 1 address is allowed. Detailed below.\n" }, "displayName": { "type": "string", "description": "The name that is typically displayed when the user is referenced.\n" }, "emails": { "$ref": "#/types/aws:identitystore/UserEmails:UserEmails", "description": "Details about the user's email. At most 1 email is allowed. Detailed below.\n" }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store that this user is in.\n", "willReplaceOnChanges": true }, "locale": { "type": "string", "description": "The user's geographical region or location.\n" }, "name": { "$ref": "#/types/aws:identitystore/UserName:UserName", "description": "Details about the user's full name. Detailed below.\n" }, "nickname": { "type": "string", "description": "An alternate name for the user.\n" }, "phoneNumbers": { "$ref": "#/types/aws:identitystore/UserPhoneNumbers:UserPhoneNumbers", "description": "Details about the user's phone number. At most 1 phone number is allowed. Detailed below.\n" }, "preferredLanguage": { "type": "string", "description": "The preferred language of the user.\n" }, "profileUrl": { "type": "string", "description": "An URL that may be associated with the user.\n" }, "timezone": { "type": "string", "description": "The user's time zone.\n" }, "title": { "type": "string", "description": "The user's title.\n" }, "userName": { "type": "string", "description": "A unique string used to identify the user. This value can consist of letters, accented characters, symbols, numbers, and punctuation. This value is specified at the time the user is created and stored as an attribute of the user object in the identity store. The limit is 128 characters.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userType": { "type": "string", "description": "The user type.\n" } }, "requiredInputs": [ "displayName", "identityStoreId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "addresses": { "$ref": "#/types/aws:identitystore/UserAddresses:UserAddresses", "description": "Details about the user's address. At most 1 address is allowed. Detailed below.\n" }, "displayName": { "type": "string", "description": "The name that is typically displayed when the user is referenced.\n" }, "emails": { "$ref": "#/types/aws:identitystore/UserEmails:UserEmails", "description": "Details about the user's email. At most 1 email is allowed. Detailed below.\n" }, "externalIds": { "type": "array", "items": { "$ref": "#/types/aws:identitystore/UserExternalId:UserExternalId" }, "description": "A list of identifiers issued to this resource by an external identity provider.\n" }, "identityStoreId": { "type": "string", "description": "The globally unique identifier for the identity store that this user is in.\n", "willReplaceOnChanges": true }, "locale": { "type": "string", "description": "The user's geographical region or location.\n" }, "name": { "$ref": "#/types/aws:identitystore/UserName:UserName", "description": "Details about the user's full name. Detailed below.\n" }, "nickname": { "type": "string", "description": "An alternate name for the user.\n" }, "phoneNumbers": { "$ref": "#/types/aws:identitystore/UserPhoneNumbers:UserPhoneNumbers", "description": "Details about the user's phone number. At most 1 phone number is allowed. Detailed below.\n" }, "preferredLanguage": { "type": "string", "description": "The preferred language of the user.\n" }, "profileUrl": { "type": "string", "description": "An URL that may be associated with the user.\n" }, "timezone": { "type": "string", "description": "The user's time zone.\n" }, "title": { "type": "string", "description": "The user's title.\n" }, "userId": { "type": "string", "description": "The identifier for this user in the identity store.\n" }, "userName": { "type": "string", "description": "A unique string used to identify the user. This value can consist of letters, accented characters, symbols, numbers, and punctuation. This value is specified at the time the user is created and stored as an attribute of the user object in the identity store. The limit is 128 characters.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userType": { "type": "string", "description": "The user type.\n" } }, "type": "object" } }, "aws:imagebuilder/component:Component": { "description": "Manages an Image Builder Component.\n\n## Example Usage\n\n### URI Document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.Component(\"example\", {\n name: \"example\",\n platform: \"Linux\",\n uri: `s3://${exampleAwsS3Object.bucket}/${exampleAwsS3Object.key}`,\n version: \"1.0.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.Component(\"example\",\n name=\"example\",\n platform=\"Linux\",\n uri=f\"s3://{example_aws_s3_object['bucket']}/{example_aws_s3_object['key']}\",\n version=\"1.0.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.Component(\"example\", new()\n {\n Name = \"example\",\n Platform = \"Linux\",\n Uri = $\"s3://{exampleAwsS3Object.Bucket}/{exampleAwsS3Object.Key}\",\n Version = \"1.0.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewComponent(ctx, \"example\", \u0026imagebuilder.ComponentArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPlatform: pulumi.String(\"Linux\"),\n\t\t\tUri: pulumi.String(fmt.Sprintf(\"s3://%v/%v\", exampleAwsS3Object.Bucket, exampleAwsS3Object.Key)),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.Component;\nimport com.pulumi.aws.imagebuilder.ComponentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Component(\"example\", ComponentArgs.builder()\n .name(\"example\")\n .platform(\"Linux\")\n .uri(String.format(\"s3://%s/%s\", exampleAwsS3Object.bucket(),exampleAwsS3Object.key()))\n .version(\"1.0.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:Component\n properties:\n name: example\n platform: Linux\n uri: s3://${exampleAwsS3Object.bucket}/${exampleAwsS3Object.key}\n version: 1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_components` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/component:Component example arn:aws:imagebuilder:us-east-1:123456789012:component/example/1.0.0/1\n```\nCertain resource arguments, such as `uri`, cannot be read via the API and imported into the provider. The provider will display a difference for these arguments the first run after import if declared in the the provider configuration for an imported resource.\n\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the component.\n" }, "changeDescription": { "type": "string", "description": "Change description of the component.\n" }, "data": { "type": "string", "description": "Inline YAML string with data of the component. Exactly one of `data` and `uri` can be specified. the provider will only perform drift detection of its value when present in a configuration.\n" }, "dateCreated": { "type": "string", "description": "Date the component was created.\n" }, "description": { "type": "string", "description": "Description of the component.\n" }, "encrypted": { "type": "boolean", "description": "Encryption status of the component.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the component.\n" }, "name": { "type": "string", "description": "Name of the component.\n" }, "owner": { "type": "string", "description": "Owner of the component.\n" }, "platform": { "type": "string", "description": "Platform of the component.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version when the resource is destroyed or replacement is necessary. Defaults to `false`.\n" }, "supportedOsVersions": { "type": "array", "items": { "type": "string" }, "description": "Set of Operating Systems (OS) supported by the component.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the component. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the component.\n" }, "uri": { "type": "string", "description": "S3 URI with data of the component. Exactly one of `data` and `uri` can be specified.\n\n\u003e **NOTE:** Updating `data` or `uri` requires specifying a new `version`. This causes replacement of the resource. The `skip_destroy` argument can be used to retain the old version.\n" }, "version": { "type": "string", "description": "Version of the component.\n\nThe following attributes are optional:\n" } }, "required": [ "arn", "data", "dateCreated", "encrypted", "name", "owner", "platform", "tagsAll", "type", "version" ], "inputProperties": { "changeDescription": { "type": "string", "description": "Change description of the component.\n", "willReplaceOnChanges": true }, "data": { "type": "string", "description": "Inline YAML string with data of the component. Exactly one of `data` and `uri` can be specified. the provider will only perform drift detection of its value when present in a configuration.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the component.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the component.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the component.\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "Platform of the component.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version when the resource is destroyed or replacement is necessary. Defaults to `false`.\n" }, "supportedOsVersions": { "type": "array", "items": { "type": "string" }, "description": "Set of Operating Systems (OS) supported by the component.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the component. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "uri": { "type": "string", "description": "S3 URI with data of the component. Exactly one of `data` and `uri` can be specified.\n\n\u003e **NOTE:** Updating `data` or `uri` requires specifying a new `version`. This causes replacement of the resource. The `skip_destroy` argument can be used to retain the old version.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the component.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "platform", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering Component resources.\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the component.\n" }, "changeDescription": { "type": "string", "description": "Change description of the component.\n", "willReplaceOnChanges": true }, "data": { "type": "string", "description": "Inline YAML string with data of the component. Exactly one of `data` and `uri` can be specified. the provider will only perform drift detection of its value when present in a configuration.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the component was created.\n" }, "description": { "type": "string", "description": "Description of the component.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Encryption status of the component.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the component.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the component.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "Owner of the component.\n" }, "platform": { "type": "string", "description": "Platform of the component.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version when the resource is destroyed or replacement is necessary. Defaults to `false`.\n" }, "supportedOsVersions": { "type": "array", "items": { "type": "string" }, "description": "Set of Operating Systems (OS) supported by the component.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the component. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the component.\n" }, "uri": { "type": "string", "description": "S3 URI with data of the component. Exactly one of `data` and `uri` can be specified.\n\n\u003e **NOTE:** Updating `data` or `uri` requires specifying a new `version`. This causes replacement of the resource. The `skip_destroy` argument can be used to retain the old version.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the component.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:imagebuilder/containerRecipe:ContainerRecipe": { "description": "Manages an Image Builder Container Recipe.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.ContainerRecipe(\"example\", {\n name: \"example\",\n version: \"1.0.0\",\n containerType: \"DOCKER\",\n parentImage: \"arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\",\n targetRepository: {\n repositoryName: exampleAwsEcrRepository.name,\n service: \"ECR\",\n },\n components: [{\n componentArn: exampleAwsImagebuilderComponent.arn,\n parameters: [\n {\n name: \"Parameter1\",\n value: \"Value1\",\n },\n {\n name: \"Parameter2\",\n value: \"Value2\",\n },\n ],\n }],\n dockerfileTemplateData: `FROM {{{ imagebuilder:parentImage }}}\n{{{ imagebuilder:environments }}}\n{{{ imagebuilder:components }}}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.ContainerRecipe(\"example\",\n name=\"example\",\n version=\"1.0.0\",\n container_type=\"DOCKER\",\n parent_image=\"arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\",\n target_repository={\n \"repository_name\": example_aws_ecr_repository[\"name\"],\n \"service\": \"ECR\",\n },\n components=[{\n \"component_arn\": example_aws_imagebuilder_component[\"arn\"],\n \"parameters\": [\n {\n \"name\": \"Parameter1\",\n \"value\": \"Value1\",\n },\n {\n \"name\": \"Parameter2\",\n \"value\": \"Value2\",\n },\n ],\n }],\n dockerfile_template_data=\"\"\"FROM {{{ imagebuilder:parentImage }}}\n{{{ imagebuilder:environments }}}\n{{{ imagebuilder:components }}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.ContainerRecipe(\"example\", new()\n {\n Name = \"example\",\n Version = \"1.0.0\",\n ContainerType = \"DOCKER\",\n ParentImage = \"arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\",\n TargetRepository = new Aws.ImageBuilder.Inputs.ContainerRecipeTargetRepositoryArgs\n {\n RepositoryName = exampleAwsEcrRepository.Name,\n Service = \"ECR\",\n },\n Components = new[]\n {\n new Aws.ImageBuilder.Inputs.ContainerRecipeComponentArgs\n {\n ComponentArn = exampleAwsImagebuilderComponent.Arn,\n Parameters = new[]\n {\n new Aws.ImageBuilder.Inputs.ContainerRecipeComponentParameterArgs\n {\n Name = \"Parameter1\",\n Value = \"Value1\",\n },\n new Aws.ImageBuilder.Inputs.ContainerRecipeComponentParameterArgs\n {\n Name = \"Parameter2\",\n Value = \"Value2\",\n },\n },\n },\n },\n DockerfileTemplateData = @\"FROM {{{ imagebuilder:parentImage }}}\n{{{ imagebuilder:environments }}}\n{{{ imagebuilder:components }}}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewContainerRecipe(ctx, \"example\", \u0026imagebuilder.ContainerRecipeArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t\tContainerType: pulumi.String(\"DOCKER\"),\n\t\t\tParentImage: pulumi.String(\"arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\"),\n\t\t\tTargetRepository: \u0026imagebuilder.ContainerRecipeTargetRepositoryArgs{\n\t\t\t\tRepositoryName: pulumi.Any(exampleAwsEcrRepository.Name),\n\t\t\t\tService: pulumi.String(\"ECR\"),\n\t\t\t},\n\t\t\tComponents: imagebuilder.ContainerRecipeComponentArray{\n\t\t\t\t\u0026imagebuilder.ContainerRecipeComponentArgs{\n\t\t\t\t\tComponentArn: pulumi.Any(exampleAwsImagebuilderComponent.Arn),\n\t\t\t\t\tParameters: imagebuilder.ContainerRecipeComponentParameterArray{\n\t\t\t\t\t\t\u0026imagebuilder.ContainerRecipeComponentParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Parameter1\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Value1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026imagebuilder.ContainerRecipeComponentParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Parameter2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Value2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDockerfileTemplateData: pulumi.String(\"FROM {{{ imagebuilder:parentImage }}}\\n{{{ imagebuilder:environments }}}\\n{{{ imagebuilder:components }}}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ContainerRecipe;\nimport com.pulumi.aws.imagebuilder.ContainerRecipeArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ContainerRecipeTargetRepositoryArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ContainerRecipeComponentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContainerRecipe(\"example\", ContainerRecipeArgs.builder()\n .name(\"example\")\n .version(\"1.0.0\")\n .containerType(\"DOCKER\")\n .parentImage(\"arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\")\n .targetRepository(ContainerRecipeTargetRepositoryArgs.builder()\n .repositoryName(exampleAwsEcrRepository.name())\n .service(\"ECR\")\n .build())\n .components(ContainerRecipeComponentArgs.builder()\n .componentArn(exampleAwsImagebuilderComponent.arn())\n .parameters( \n ContainerRecipeComponentParameterArgs.builder()\n .name(\"Parameter1\")\n .value(\"Value1\")\n .build(),\n ContainerRecipeComponentParameterArgs.builder()\n .name(\"Parameter2\")\n .value(\"Value2\")\n .build())\n .build())\n .dockerfileTemplateData(\"\"\"\nFROM {{{ imagebuilder:parentImage }}}\n{{{ imagebuilder:environments }}}\n{{{ imagebuilder:components }}}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:ContainerRecipe\n properties:\n name: example\n version: 1.0.0\n containerType: DOCKER\n parentImage: arn:aws:imagebuilder:eu-central-1:aws:image/amazon-linux-x86-latest/x.x.x\n targetRepository:\n repositoryName: ${exampleAwsEcrRepository.name}\n service: ECR\n components:\n - componentArn: ${exampleAwsImagebuilderComponent.arn}\n parameters:\n - name: Parameter1\n value: Value1\n - name: Parameter2\n value: Value2\n dockerfileTemplateData: |\n FROM {{{ imagebuilder:parentImage }}}\n {{{ imagebuilder:environments }}}\n {{{ imagebuilder:components }}}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_container_recipe` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/containerRecipe:ContainerRecipe example arn:aws:imagebuilder:us-east-1:123456789012:container-recipe/example/1.0.0\n```\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the container recipe.\n" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeComponent:ContainerRecipeComponent" }, "description": "Ordered configuration block(s) with components for the container recipe. Detailed below.\n" }, "containerType": { "type": "string", "description": "The type of the container to create. Valid values: `DOCKER`.\n" }, "dateCreated": { "type": "string", "description": "Date the container recipe was created.\n" }, "description": { "type": "string", "description": "The description of the container recipe.\n" }, "dockerfileTemplateData": { "type": "string", "description": "The Dockerfile template used to build the image as an inline data blob.\n" }, "dockerfileTemplateUri": { "type": "string", "description": "The Amazon S3 URI for the Dockerfile that will be used to build the container image.\n" }, "encrypted": { "type": "boolean", "description": "A flag that indicates if the target container is encrypted.\n" }, "instanceConfiguration": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeInstanceConfiguration:ContainerRecipeInstanceConfiguration", "description": "Configuration block used to configure an instance for building and testing container images. Detailed below.\n" }, "kmsKeyId": { "type": "string", "description": "The KMS key used to encrypt the container image.\n" }, "name": { "type": "string", "description": "The name of the container recipe.\n" }, "owner": { "type": "string", "description": "Owner of the container recipe.\n" }, "parentImage": { "type": "string", "description": "The base image for the container recipe.\n" }, "platform": { "type": "string", "description": "Platform of the container recipe.\n" }, "platformOverride": { "type": "string", "description": "Specifies the operating system platform when you use a custom base image.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetRepository": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeTargetRepository:ContainerRecipeTargetRepository", "description": "The destination repository for the container image. Detailed below.\n" }, "version": { "type": "string", "description": "Version of the container recipe.\n\nThe following attributes are optional:\n" }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n" } }, "required": [ "arn", "components", "containerType", "dateCreated", "dockerfileTemplateData", "encrypted", "name", "owner", "parentImage", "platform", "tagsAll", "targetRepository", "version" ], "inputProperties": { "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeComponent:ContainerRecipeComponent" }, "description": "Ordered configuration block(s) with components for the container recipe. Detailed below.\n", "willReplaceOnChanges": true }, "containerType": { "type": "string", "description": "The type of the container to create. Valid values: `DOCKER`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the container recipe.\n", "willReplaceOnChanges": true }, "dockerfileTemplateData": { "type": "string", "description": "The Dockerfile template used to build the image as an inline data blob.\n", "willReplaceOnChanges": true }, "dockerfileTemplateUri": { "type": "string", "description": "The Amazon S3 URI for the Dockerfile that will be used to build the container image.\n", "willReplaceOnChanges": true }, "instanceConfiguration": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeInstanceConfiguration:ContainerRecipeInstanceConfiguration", "description": "Configuration block used to configure an instance for building and testing container images. Detailed below.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The KMS key used to encrypt the container image.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the container recipe.\n", "willReplaceOnChanges": true }, "parentImage": { "type": "string", "description": "The base image for the container recipe.\n", "willReplaceOnChanges": true }, "platformOverride": { "type": "string", "description": "Specifies the operating system platform when you use a custom base image.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetRepository": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeTargetRepository:ContainerRecipeTargetRepository", "description": "The destination repository for the container image. Detailed below.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the container recipe.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "components", "containerType", "parentImage", "targetRepository", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContainerRecipe resources.\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the container recipe.\n" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeComponent:ContainerRecipeComponent" }, "description": "Ordered configuration block(s) with components for the container recipe. Detailed below.\n", "willReplaceOnChanges": true }, "containerType": { "type": "string", "description": "The type of the container to create. Valid values: `DOCKER`.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the container recipe was created.\n" }, "description": { "type": "string", "description": "The description of the container recipe.\n", "willReplaceOnChanges": true }, "dockerfileTemplateData": { "type": "string", "description": "The Dockerfile template used to build the image as an inline data blob.\n", "willReplaceOnChanges": true }, "dockerfileTemplateUri": { "type": "string", "description": "The Amazon S3 URI for the Dockerfile that will be used to build the container image.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "A flag that indicates if the target container is encrypted.\n" }, "instanceConfiguration": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeInstanceConfiguration:ContainerRecipeInstanceConfiguration", "description": "Configuration block used to configure an instance for building and testing container images. Detailed below.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The KMS key used to encrypt the container image.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the container recipe.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "Owner of the container recipe.\n" }, "parentImage": { "type": "string", "description": "The base image for the container recipe.\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "Platform of the container recipe.\n" }, "platformOverride": { "type": "string", "description": "Specifies the operating system platform when you use a custom base image.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetRepository": { "$ref": "#/types/aws:imagebuilder/ContainerRecipeTargetRepository:ContainerRecipeTargetRepository", "description": "The destination repository for the container image. Detailed below.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the container recipe.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:imagebuilder/distributionConfiguration:DistributionConfiguration": { "description": "Manages an Image Builder Distribution Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.DistributionConfiguration(\"example\", {\n name: \"example\",\n distributions: [{\n amiDistributionConfiguration: {\n amiTags: {\n CostCenter: \"IT\",\n },\n name: \"example-{{ imagebuilder:buildDate }}\",\n launchPermission: {\n userIds: [\"123456789012\"],\n },\n },\n launchTemplateConfigurations: [{\n launchTemplateId: \"lt-0aaa1bcde2ff3456\",\n }],\n region: \"us-east-1\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.DistributionConfiguration(\"example\",\n name=\"example\",\n distributions=[{\n \"ami_distribution_configuration\": {\n \"ami_tags\": {\n \"cost_center\": \"IT\",\n },\n \"name\": \"example-{{ imagebuilder:buildDate }}\",\n \"launch_permission\": {\n \"user_ids\": [\"123456789012\"],\n },\n },\n \"launch_template_configurations\": [{\n \"launch_template_id\": \"lt-0aaa1bcde2ff3456\",\n }],\n \"region\": \"us-east-1\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.DistributionConfiguration(\"example\", new()\n {\n Name = \"example\",\n Distributions = new[]\n {\n new Aws.ImageBuilder.Inputs.DistributionConfigurationDistributionArgs\n {\n AmiDistributionConfiguration = new Aws.ImageBuilder.Inputs.DistributionConfigurationDistributionAmiDistributionConfigurationArgs\n {\n AmiTags = \n {\n { \"CostCenter\", \"IT\" },\n },\n Name = \"example-{{ imagebuilder:buildDate }}\",\n LaunchPermission = new Aws.ImageBuilder.Inputs.DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermissionArgs\n {\n UserIds = new[]\n {\n \"123456789012\",\n },\n },\n },\n LaunchTemplateConfigurations = new[]\n {\n new Aws.ImageBuilder.Inputs.DistributionConfigurationDistributionLaunchTemplateConfigurationArgs\n {\n LaunchTemplateId = \"lt-0aaa1bcde2ff3456\",\n },\n },\n Region = \"us-east-1\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewDistributionConfiguration(ctx, \"example\", \u0026imagebuilder.DistributionConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDistributions: imagebuilder.DistributionConfigurationDistributionArray{\n\t\t\t\t\u0026imagebuilder.DistributionConfigurationDistributionArgs{\n\t\t\t\t\tAmiDistributionConfiguration: \u0026imagebuilder.DistributionConfigurationDistributionAmiDistributionConfigurationArgs{\n\t\t\t\t\t\tAmiTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\"CostCenter\": pulumi.String(\"IT\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tName: pulumi.String(\"example-{{ imagebuilder:buildDate }}\"),\n\t\t\t\t\t\tLaunchPermission: \u0026imagebuilder.DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermissionArgs{\n\t\t\t\t\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tLaunchTemplateConfigurations: imagebuilder.DistributionConfigurationDistributionLaunchTemplateConfigurationArray{\n\t\t\t\t\t\t\u0026imagebuilder.DistributionConfigurationDistributionLaunchTemplateConfigurationArgs{\n\t\t\t\t\t\t\tLaunchTemplateId: pulumi.String(\"lt-0aaa1bcde2ff3456\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.DistributionConfiguration;\nimport com.pulumi.aws.imagebuilder.DistributionConfigurationArgs;\nimport com.pulumi.aws.imagebuilder.inputs.DistributionConfigurationDistributionArgs;\nimport com.pulumi.aws.imagebuilder.inputs.DistributionConfigurationDistributionAmiDistributionConfigurationArgs;\nimport com.pulumi.aws.imagebuilder.inputs.DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DistributionConfiguration(\"example\", DistributionConfigurationArgs.builder()\n .name(\"example\")\n .distributions(DistributionConfigurationDistributionArgs.builder()\n .amiDistributionConfiguration(DistributionConfigurationDistributionAmiDistributionConfigurationArgs.builder()\n .amiTags(Map.of(\"CostCenter\", \"IT\"))\n .name(\"example-{{ imagebuilder:buildDate }}\")\n .launchPermission(DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermissionArgs.builder()\n .userIds(\"123456789012\")\n .build())\n .build())\n .launchTemplateConfigurations(DistributionConfigurationDistributionLaunchTemplateConfigurationArgs.builder()\n .launchTemplateId(\"lt-0aaa1bcde2ff3456\")\n .build())\n .region(\"us-east-1\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:DistributionConfiguration\n properties:\n name: example\n distributions:\n - amiDistributionConfiguration:\n amiTags:\n CostCenter: IT\n name: example-{{ imagebuilder:buildDate }}\n launchPermission:\n userIds:\n - '123456789012'\n launchTemplateConfigurations:\n - launchTemplateId: lt-0aaa1bcde2ff3456\n region: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_distribution_configurations` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/distributionConfiguration:DistributionConfiguration example arn:aws:imagebuilder:us-east-1:123456789012:distribution-configuration/example\n```\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the distribution configuration.\n" }, "dateCreated": { "type": "string", "description": "Date the distribution configuration was created.\n" }, "dateUpdated": { "type": "string", "description": "Date the distribution configuration was updated.\n" }, "description": { "type": "string", "description": "Description of the distribution configuration.\n" }, "distributions": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistribution:DistributionConfigurationDistribution" }, "description": "One or more configuration blocks with distribution settings. Detailed below.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the distribution configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the distribution configuration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "dateCreated", "dateUpdated", "distributions", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the distribution configuration.\n" }, "distributions": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistribution:DistributionConfigurationDistribution" }, "description": "One or more configuration blocks with distribution settings. Detailed below.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the distribution configuration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the distribution configuration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "distributions" ], "stateInputs": { "description": "Input properties used for looking up and filtering DistributionConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the distribution configuration.\n" }, "dateCreated": { "type": "string", "description": "Date the distribution configuration was created.\n" }, "dateUpdated": { "type": "string", "description": "Date the distribution configuration was updated.\n" }, "description": { "type": "string", "description": "Description of the distribution configuration.\n" }, "distributions": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/DistributionConfigurationDistribution:DistributionConfigurationDistribution" }, "description": "One or more configuration blocks with distribution settings. Detailed below.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the distribution configuration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the distribution configuration. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:imagebuilder/image:Image": { "description": "Manages an Image Builder Image.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.Image(\"example\", {\n distributionConfigurationArn: exampleAwsImagebuilderDistributionConfiguration.arn,\n imageRecipeArn: exampleAwsImagebuilderImageRecipe.arn,\n infrastructureConfigurationArn: exampleAwsImagebuilderInfrastructureConfiguration.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.Image(\"example\",\n distribution_configuration_arn=example_aws_imagebuilder_distribution_configuration[\"arn\"],\n image_recipe_arn=example_aws_imagebuilder_image_recipe[\"arn\"],\n infrastructure_configuration_arn=example_aws_imagebuilder_infrastructure_configuration[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.Image(\"example\", new()\n {\n DistributionConfigurationArn = exampleAwsImagebuilderDistributionConfiguration.Arn,\n ImageRecipeArn = exampleAwsImagebuilderImageRecipe.Arn,\n InfrastructureConfigurationArn = exampleAwsImagebuilderInfrastructureConfiguration.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewImage(ctx, \"example\", \u0026imagebuilder.ImageArgs{\n\t\t\tDistributionConfigurationArn: pulumi.Any(exampleAwsImagebuilderDistributionConfiguration.Arn),\n\t\t\tImageRecipeArn: pulumi.Any(exampleAwsImagebuilderImageRecipe.Arn),\n\t\t\tInfrastructureConfigurationArn: pulumi.Any(exampleAwsImagebuilderInfrastructureConfiguration.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.Image;\nimport com.pulumi.aws.imagebuilder.ImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Image(\"example\", ImageArgs.builder()\n .distributionConfigurationArn(exampleAwsImagebuilderDistributionConfiguration.arn())\n .imageRecipeArn(exampleAwsImagebuilderImageRecipe.arn())\n .infrastructureConfigurationArn(exampleAwsImagebuilderInfrastructureConfiguration.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:Image\n properties:\n distributionConfigurationArn: ${exampleAwsImagebuilderDistributionConfiguration.arn}\n imageRecipeArn: ${exampleAwsImagebuilderImageRecipe.arn}\n infrastructureConfigurationArn: ${exampleAwsImagebuilderInfrastructureConfiguration.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_image` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/image:Image example arn:aws:imagebuilder:us-east-1:123456789012:image/example/1.0.0/1\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image.\n" }, "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n" }, "dateCreated": { "type": "string", "description": "Date the image was created.\n" }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n" }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n" }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageScanningConfiguration:ImageImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageTestsConfiguration:ImageImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n" }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the AMI.\n" }, "osVersion": { "type": "string", "description": "Operating System version of the image.\n" }, "outputResources": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageOutputResource:ImageOutputResource" }, "description": "List of objects with resources created by the image.\n" }, "platform": { "type": "string", "description": "Platform of the image.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the Image Builder Image. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version of the image.\n" }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageWorkflow:ImageWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n" } }, "required": [ "arn", "dateCreated", "executionRole", "imageScanningConfiguration", "imageTestsConfiguration", "infrastructureConfigurationArn", "name", "osVersion", "outputResources", "platform", "tagsAll", "version", "workflows" ], "inputProperties": { "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n", "willReplaceOnChanges": true }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n", "willReplaceOnChanges": true }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n", "willReplaceOnChanges": true }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n", "willReplaceOnChanges": true }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageScanningConfiguration:ImageImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageTestsConfiguration:ImageImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n", "willReplaceOnChanges": true }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the Image Builder Image. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageWorkflow:ImageWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "infrastructureConfigurationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Image resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image.\n" }, "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the image was created.\n" }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n", "willReplaceOnChanges": true }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n", "willReplaceOnChanges": true }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n", "willReplaceOnChanges": true }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageScanningConfiguration:ImageImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImageImageTestsConfiguration:ImageImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n", "willReplaceOnChanges": true }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the AMI.\n" }, "osVersion": { "type": "string", "description": "Operating System version of the image.\n" }, "outputResources": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageOutputResource:ImageOutputResource" }, "description": "List of objects with resources created by the image.\n" }, "platform": { "type": "string", "description": "Platform of the image.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the Image Builder Image. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "Version of the image.\n" }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageWorkflow:ImageWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:imagebuilder/imagePipeline:ImagePipeline": { "description": "Manages an Image Builder Image Pipeline.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.ImagePipeline(\"example\", {\n imageRecipeArn: exampleAwsImagebuilderImageRecipe.arn,\n infrastructureConfigurationArn: exampleAwsImagebuilderInfrastructureConfiguration.arn,\n name: \"example\",\n schedule: {\n scheduleExpression: \"cron(0 0 * * ? *)\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.ImagePipeline(\"example\",\n image_recipe_arn=example_aws_imagebuilder_image_recipe[\"arn\"],\n infrastructure_configuration_arn=example_aws_imagebuilder_infrastructure_configuration[\"arn\"],\n name=\"example\",\n schedule={\n \"schedule_expression\": \"cron(0 0 * * ? *)\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.ImagePipeline(\"example\", new()\n {\n ImageRecipeArn = exampleAwsImagebuilderImageRecipe.Arn,\n InfrastructureConfigurationArn = exampleAwsImagebuilderInfrastructureConfiguration.Arn,\n Name = \"example\",\n Schedule = new Aws.ImageBuilder.Inputs.ImagePipelineScheduleArgs\n {\n ScheduleExpression = \"cron(0 0 * * ? *)\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewImagePipeline(ctx, \"example\", \u0026imagebuilder.ImagePipelineArgs{\n\t\t\tImageRecipeArn: pulumi.Any(exampleAwsImagebuilderImageRecipe.Arn),\n\t\t\tInfrastructureConfigurationArn: pulumi.Any(exampleAwsImagebuilderInfrastructureConfiguration.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSchedule: \u0026imagebuilder.ImagePipelineScheduleArgs{\n\t\t\t\tScheduleExpression: pulumi.String(\"cron(0 0 * * ? *)\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagePipeline;\nimport com.pulumi.aws.imagebuilder.ImagePipelineArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ImagePipelineScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ImagePipeline(\"example\", ImagePipelineArgs.builder()\n .imageRecipeArn(exampleAwsImagebuilderImageRecipe.arn())\n .infrastructureConfigurationArn(exampleAwsImagebuilderInfrastructureConfiguration.arn())\n .name(\"example\")\n .schedule(ImagePipelineScheduleArgs.builder()\n .scheduleExpression(\"cron(0 0 * * ? *)\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:ImagePipeline\n properties:\n imageRecipeArn: ${exampleAwsImagebuilderImageRecipe.arn}\n infrastructureConfigurationArn: ${exampleAwsImagebuilderInfrastructureConfiguration.arn}\n name: example\n schedule:\n scheduleExpression: cron(0 0 * * ? *)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_image_pipeline` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/imagePipeline:ImagePipeline example arn:aws:imagebuilder:us-east-1:123456789012:image-pipeline/example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image pipeline.\n" }, "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n" }, "dateCreated": { "type": "string", "description": "Date the image pipeline was created.\n" }, "dateLastRun": { "type": "string", "description": "Date the image pipeline was last run.\n" }, "dateNextRun": { "type": "string", "description": "Date the image pipeline will run next.\n" }, "dateUpdated": { "type": "string", "description": "Date the image pipeline was updated.\n" }, "description": { "type": "string", "description": "Description of the image pipeline.\n" }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n" }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n" }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n" }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageScanningConfiguration:ImagePipelineImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageTestsConfiguration:ImagePipelineImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n" }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n" }, "name": { "type": "string", "description": "Name of the image pipeline.\n\nThe following arguments are optional:\n" }, "platform": { "type": "string", "description": "Platform of the image pipeline.\n" }, "schedule": { "$ref": "#/types/aws:imagebuilder/ImagePipelineSchedule:ImagePipelineSchedule", "description": "Configuration block with schedule settings. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the image pipeline. Valid values are `DISABLED` and `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImagePipelineWorkflow:ImagePipelineWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n" } }, "required": [ "arn", "dateCreated", "dateLastRun", "dateNextRun", "dateUpdated", "imageScanningConfiguration", "imageTestsConfiguration", "infrastructureConfigurationArn", "name", "platform", "tagsAll", "workflows" ], "inputProperties": { "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the image pipeline.\n" }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n" }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n" }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n", "willReplaceOnChanges": true }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageScanningConfiguration:ImagePipelineImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageTestsConfiguration:ImagePipelineImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n" }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n" }, "name": { "type": "string", "description": "Name of the image pipeline.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "schedule": { "$ref": "#/types/aws:imagebuilder/ImagePipelineSchedule:ImagePipelineSchedule", "description": "Configuration block with schedule settings. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the image pipeline. Valid values are `DISABLED` and `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImagePipelineWorkflow:ImagePipelineWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n" } }, "requiredInputs": [ "infrastructureConfigurationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ImagePipeline resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image pipeline.\n" }, "containerRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the container recipe.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the image pipeline was created.\n" }, "dateLastRun": { "type": "string", "description": "Date the image pipeline was last run.\n" }, "dateNextRun": { "type": "string", "description": "Date the image pipeline will run next.\n" }, "dateUpdated": { "type": "string", "description": "Date the image pipeline was updated.\n" }, "description": { "type": "string", "description": "Description of the image pipeline.\n" }, "distributionConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Distribution Configuration.\n" }, "enhancedImageMetadataEnabled": { "type": "boolean", "description": "Whether additional information about the image being created is collected. Defaults to `true`.\n" }, "executionRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the service-linked role to be used by Image Builder to [execute workflows](https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-image-workflows.html).\n" }, "imageRecipeArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the image recipe.\n", "willReplaceOnChanges": true }, "imageScanningConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageScanningConfiguration:ImagePipelineImageScanningConfiguration", "description": "Configuration block with image scanning configuration. Detailed below.\n" }, "imageTestsConfiguration": { "$ref": "#/types/aws:imagebuilder/ImagePipelineImageTestsConfiguration:ImagePipelineImageTestsConfiguration", "description": "Configuration block with image tests configuration. Detailed below.\n" }, "infrastructureConfigurationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration.\n" }, "name": { "type": "string", "description": "Name of the image pipeline.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "Platform of the image pipeline.\n" }, "schedule": { "$ref": "#/types/aws:imagebuilder/ImagePipelineSchedule:ImagePipelineSchedule", "description": "Configuration block with schedule settings. Detailed below.\n" }, "status": { "type": "string", "description": "Status of the image pipeline. Valid values are `DISABLED` and `ENABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workflows": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImagePipelineWorkflow:ImagePipelineWorkflow" }, "description": "Configuration block with the workflow configuration. Detailed below.\n" } }, "type": "object" } }, "aws:imagebuilder/imageRecipe:ImageRecipe": { "description": "Manages an Image Builder Image Recipe.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.ImageRecipe(\"example\", {\n blockDeviceMappings: [{\n deviceName: \"/dev/xvdb\",\n ebs: {\n deleteOnTermination: \"true\",\n volumeSize: 100,\n volumeType: \"gp2\",\n },\n }],\n components: [{\n componentArn: exampleAwsImagebuilderComponent.arn,\n parameters: [\n {\n name: \"Parameter1\",\n value: \"Value1\",\n },\n {\n name: \"Parameter2\",\n value: \"Value2\",\n },\n ],\n }],\n name: \"example\",\n parentImage: `arn:${current.partition}:imagebuilder:${currentAwsRegion.name}:aws:image/amazon-linux-2-x86/x.x.x`,\n version: \"1.0.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.ImageRecipe(\"example\",\n block_device_mappings=[{\n \"device_name\": \"/dev/xvdb\",\n \"ebs\": {\n \"delete_on_termination\": \"true\",\n \"volume_size\": 100,\n \"volume_type\": \"gp2\",\n },\n }],\n components=[{\n \"component_arn\": example_aws_imagebuilder_component[\"arn\"],\n \"parameters\": [\n {\n \"name\": \"Parameter1\",\n \"value\": \"Value1\",\n },\n {\n \"name\": \"Parameter2\",\n \"value\": \"Value2\",\n },\n ],\n }],\n name=\"example\",\n parent_image=f\"arn:{current['partition']}:imagebuilder:{current_aws_region['name']}:aws:image/amazon-linux-2-x86/x.x.x\",\n version=\"1.0.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.ImageRecipe(\"example\", new()\n {\n BlockDeviceMappings = new[]\n {\n new Aws.ImageBuilder.Inputs.ImageRecipeBlockDeviceMappingArgs\n {\n DeviceName = \"/dev/xvdb\",\n Ebs = new Aws.ImageBuilder.Inputs.ImageRecipeBlockDeviceMappingEbsArgs\n {\n DeleteOnTermination = \"true\",\n VolumeSize = 100,\n VolumeType = \"gp2\",\n },\n },\n },\n Components = new[]\n {\n new Aws.ImageBuilder.Inputs.ImageRecipeComponentArgs\n {\n ComponentArn = exampleAwsImagebuilderComponent.Arn,\n Parameters = new[]\n {\n new Aws.ImageBuilder.Inputs.ImageRecipeComponentParameterArgs\n {\n Name = \"Parameter1\",\n Value = \"Value1\",\n },\n new Aws.ImageBuilder.Inputs.ImageRecipeComponentParameterArgs\n {\n Name = \"Parameter2\",\n Value = \"Value2\",\n },\n },\n },\n },\n Name = \"example\",\n ParentImage = $\"arn:{current.Partition}:imagebuilder:{currentAwsRegion.Name}:aws:image/amazon-linux-2-x86/x.x.x\",\n Version = \"1.0.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewImageRecipe(ctx, \"example\", \u0026imagebuilder.ImageRecipeArgs{\n\t\t\tBlockDeviceMappings: imagebuilder.ImageRecipeBlockDeviceMappingArray{\n\t\t\t\t\u0026imagebuilder.ImageRecipeBlockDeviceMappingArgs{\n\t\t\t\t\tDeviceName: pulumi.String(\"/dev/xvdb\"),\n\t\t\t\t\tEbs: \u0026imagebuilder.ImageRecipeBlockDeviceMappingEbsArgs{\n\t\t\t\t\t\tDeleteOnTermination: pulumi.String(\"true\"),\n\t\t\t\t\t\tVolumeSize: pulumi.Int(100),\n\t\t\t\t\t\tVolumeType: pulumi.String(\"gp2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tComponents: imagebuilder.ImageRecipeComponentArray{\n\t\t\t\t\u0026imagebuilder.ImageRecipeComponentArgs{\n\t\t\t\t\tComponentArn: pulumi.Any(exampleAwsImagebuilderComponent.Arn),\n\t\t\t\t\tParameters: imagebuilder.ImageRecipeComponentParameterArray{\n\t\t\t\t\t\t\u0026imagebuilder.ImageRecipeComponentParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Parameter1\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Value1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026imagebuilder.ImageRecipeComponentParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"Parameter2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Value2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParentImage: pulumi.String(fmt.Sprintf(\"arn:%v:imagebuilder:%v:aws:image/amazon-linux-2-x86/x.x.x\", current.Partition, currentAwsRegion.Name)),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImageRecipe;\nimport com.pulumi.aws.imagebuilder.ImageRecipeArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ImageRecipeBlockDeviceMappingArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ImageRecipeBlockDeviceMappingEbsArgs;\nimport com.pulumi.aws.imagebuilder.inputs.ImageRecipeComponentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ImageRecipe(\"example\", ImageRecipeArgs.builder()\n .blockDeviceMappings(ImageRecipeBlockDeviceMappingArgs.builder()\n .deviceName(\"/dev/xvdb\")\n .ebs(ImageRecipeBlockDeviceMappingEbsArgs.builder()\n .deleteOnTermination(true)\n .volumeSize(100)\n .volumeType(\"gp2\")\n .build())\n .build())\n .components(ImageRecipeComponentArgs.builder()\n .componentArn(exampleAwsImagebuilderComponent.arn())\n .parameters( \n ImageRecipeComponentParameterArgs.builder()\n .name(\"Parameter1\")\n .value(\"Value1\")\n .build(),\n ImageRecipeComponentParameterArgs.builder()\n .name(\"Parameter2\")\n .value(\"Value2\")\n .build())\n .build())\n .name(\"example\")\n .parentImage(String.format(\"arn:%s:imagebuilder:%s:aws:image/amazon-linux-2-x86/x.x.x\", current.partition(),currentAwsRegion.name()))\n .version(\"1.0.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:ImageRecipe\n properties:\n blockDeviceMappings:\n - deviceName: /dev/xvdb\n ebs:\n deleteOnTermination: true\n volumeSize: 100\n volumeType: gp2\n components:\n - componentArn: ${exampleAwsImagebuilderComponent.arn}\n parameters:\n - name: Parameter1\n value: Value1\n - name: Parameter2\n value: Value2\n name: example\n parentImage: arn:${current.partition}:imagebuilder:${currentAwsRegion.name}:aws:image/amazon-linux-2-x86/x.x.x\n version: 1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_image_recipe` resources using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/imageRecipe:ImageRecipe example arn:aws:imagebuilder:us-east-1:123456789012:image-recipe/example/1.0.0\n```\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the image recipe.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeBlockDeviceMapping:ImageRecipeBlockDeviceMapping" }, "description": "Configuration block(s) with block device mappings for the image recipe. Detailed below.\n" }, "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeComponent:ImageRecipeComponent" }, "description": "Ordered configuration block(s) with components for the image recipe. Detailed below.\n" }, "dateCreated": { "type": "string", "description": "Date the image recipe was created.\n" }, "description": { "type": "string", "description": "Description of the image recipe.\n" }, "name": { "type": "string", "description": "Name of the image recipe.\n" }, "owner": { "type": "string", "description": "Owner of the image recipe.\n" }, "parentImage": { "type": "string", "description": "The image recipe uses this image as a base from which to build your customized image. The value can be the base image ARN or an AMI ID.\n" }, "platform": { "type": "string", "description": "Platform of the image recipe.\n" }, "systemsManagerAgent": { "$ref": "#/types/aws:imagebuilder/ImageRecipeSystemsManagerAgent:ImageRecipeSystemsManagerAgent", "description": "Configuration block for the Systems Manager Agent installed by default by Image Builder. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userDataBase64": { "type": "string", "description": "Base64 encoded user data. Use this to provide commands or a command script to run when you launch your build instance.\n" }, "version": { "type": "string", "description": "The semantic version of the image recipe, which specifies the version in the following format, with numeric values in each position to indicate a specific version: major.minor.patch. For example: 1.0.0.\n\nThe following attributes are optional:\n" }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n" } }, "required": [ "arn", "components", "dateCreated", "name", "owner", "parentImage", "platform", "systemsManagerAgent", "tagsAll", "userDataBase64", "version" ], "inputProperties": { "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeBlockDeviceMapping:ImageRecipeBlockDeviceMapping" }, "description": "Configuration block(s) with block device mappings for the image recipe. Detailed below.\n", "willReplaceOnChanges": true }, "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeComponent:ImageRecipeComponent" }, "description": "Ordered configuration block(s) with components for the image recipe. Detailed below.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the image recipe.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the image recipe.\n", "willReplaceOnChanges": true }, "parentImage": { "type": "string", "description": "The image recipe uses this image as a base from which to build your customized image. The value can be the base image ARN or an AMI ID.\n", "willReplaceOnChanges": true }, "systemsManagerAgent": { "$ref": "#/types/aws:imagebuilder/ImageRecipeSystemsManagerAgent:ImageRecipeSystemsManagerAgent", "description": "Configuration block for the Systems Manager Agent installed by default by Image Builder. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userDataBase64": { "type": "string", "description": "Base64 encoded user data. Use this to provide commands or a command script to run when you launch your build instance.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "The semantic version of the image recipe, which specifies the version in the following format, with numeric values in each position to indicate a specific version: major.minor.patch. For example: 1.0.0.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "components", "parentImage", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering ImageRecipe resources.\n", "properties": { "arn": { "type": "string", "description": "(Required) Amazon Resource Name (ARN) of the image recipe.\n" }, "blockDeviceMappings": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeBlockDeviceMapping:ImageRecipeBlockDeviceMapping" }, "description": "Configuration block(s) with block device mappings for the image recipe. Detailed below.\n", "willReplaceOnChanges": true }, "components": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/ImageRecipeComponent:ImageRecipeComponent" }, "description": "Ordered configuration block(s) with components for the image recipe. Detailed below.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the image recipe was created.\n" }, "description": { "type": "string", "description": "Description of the image recipe.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the image recipe.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "Owner of the image recipe.\n" }, "parentImage": { "type": "string", "description": "The image recipe uses this image as a base from which to build your customized image. The value can be the base image ARN or an AMI ID.\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "Platform of the image recipe.\n" }, "systemsManagerAgent": { "$ref": "#/types/aws:imagebuilder/ImageRecipeSystemsManagerAgent:ImageRecipeSystemsManagerAgent", "description": "Configuration block for the Systems Manager Agent installed by default by Image Builder. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image recipe. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userDataBase64": { "type": "string", "description": "Base64 encoded user data. Use this to provide commands or a command script to run when you launch your build instance.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "The semantic version of the image recipe, which specifies the version in the following format, with numeric values in each position to indicate a specific version: major.minor.patch. For example: 1.0.0.\n\nThe following attributes are optional:\n", "willReplaceOnChanges": true }, "workingDirectory": { "type": "string", "description": "The working directory to be used during build and test workflows.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:imagebuilder/infrastructureConfiguration:InfrastructureConfiguration": { "description": "Manages an Image Builder Infrastructure Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.InfrastructureConfiguration(\"example\", {\n description: \"example description\",\n instanceProfileName: exampleAwsIamInstanceProfile.name,\n instanceTypes: [\n \"t2.nano\",\n \"t3.micro\",\n ],\n keyPair: exampleAwsKeyPair.keyName,\n name: \"example\",\n securityGroupIds: [exampleAwsSecurityGroup.id],\n snsTopicArn: exampleAwsSnsTopic.arn,\n subnetId: main.id,\n terminateInstanceOnFailure: true,\n logging: {\n s3Logs: {\n s3BucketName: exampleAwsS3Bucket.bucket,\n s3KeyPrefix: \"logs\",\n },\n },\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.InfrastructureConfiguration(\"example\",\n description=\"example description\",\n instance_profile_name=example_aws_iam_instance_profile[\"name\"],\n instance_types=[\n \"t2.nano\",\n \"t3.micro\",\n ],\n key_pair=example_aws_key_pair[\"keyName\"],\n name=\"example\",\n security_group_ids=[example_aws_security_group[\"id\"]],\n sns_topic_arn=example_aws_sns_topic[\"arn\"],\n subnet_id=main[\"id\"],\n terminate_instance_on_failure=True,\n logging={\n \"s3_logs\": {\n \"s3_bucket_name\": example_aws_s3_bucket[\"bucket\"],\n \"s3_key_prefix\": \"logs\",\n },\n },\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.InfrastructureConfiguration(\"example\", new()\n {\n Description = \"example description\",\n InstanceProfileName = exampleAwsIamInstanceProfile.Name,\n InstanceTypes = new[]\n {\n \"t2.nano\",\n \"t3.micro\",\n },\n KeyPair = exampleAwsKeyPair.KeyName,\n Name = \"example\",\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SnsTopicArn = exampleAwsSnsTopic.Arn,\n SubnetId = main.Id,\n TerminateInstanceOnFailure = true,\n Logging = new Aws.ImageBuilder.Inputs.InfrastructureConfigurationLoggingArgs\n {\n S3Logs = new Aws.ImageBuilder.Inputs.InfrastructureConfigurationLoggingS3LogsArgs\n {\n S3BucketName = exampleAwsS3Bucket.Bucket,\n S3KeyPrefix = \"logs\",\n },\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewInfrastructureConfiguration(ctx, \"example\", \u0026imagebuilder.InfrastructureConfigurationArgs{\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tInstanceProfileName: pulumi.Any(exampleAwsIamInstanceProfile.Name),\n\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"t2.nano\"),\n\t\t\t\tpulumi.String(\"t3.micro\"),\n\t\t\t},\n\t\t\tKeyPair: pulumi.Any(exampleAwsKeyPair.KeyName),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSnsTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\tSubnetId: pulumi.Any(main.Id),\n\t\t\tTerminateInstanceOnFailure: pulumi.Bool(true),\n\t\t\tLogging: \u0026imagebuilder.InfrastructureConfigurationLoggingArgs{\n\t\t\t\tS3Logs: \u0026imagebuilder.InfrastructureConfigurationLoggingS3LogsArgs{\n\t\t\t\t\tS3BucketName: pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\t\tS3KeyPrefix: pulumi.String(\"logs\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.InfrastructureConfiguration;\nimport com.pulumi.aws.imagebuilder.InfrastructureConfigurationArgs;\nimport com.pulumi.aws.imagebuilder.inputs.InfrastructureConfigurationLoggingArgs;\nimport com.pulumi.aws.imagebuilder.inputs.InfrastructureConfigurationLoggingS3LogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InfrastructureConfiguration(\"example\", InfrastructureConfigurationArgs.builder()\n .description(\"example description\")\n .instanceProfileName(exampleAwsIamInstanceProfile.name())\n .instanceTypes( \n \"t2.nano\",\n \"t3.micro\")\n .keyPair(exampleAwsKeyPair.keyName())\n .name(\"example\")\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .snsTopicArn(exampleAwsSnsTopic.arn())\n .subnetId(main.id())\n .terminateInstanceOnFailure(true)\n .logging(InfrastructureConfigurationLoggingArgs.builder()\n .s3Logs(InfrastructureConfigurationLoggingS3LogsArgs.builder()\n .s3BucketName(exampleAwsS3Bucket.bucket())\n .s3KeyPrefix(\"logs\")\n .build())\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:InfrastructureConfiguration\n properties:\n description: example description\n instanceProfileName: ${exampleAwsIamInstanceProfile.name}\n instanceTypes:\n - t2.nano\n - t3.micro\n keyPair: ${exampleAwsKeyPair.keyName}\n name: example\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n snsTopicArn: ${exampleAwsSnsTopic.arn}\n subnetId: ${main.id}\n terminateInstanceOnFailure: true\n logging:\n s3Logs:\n s3BucketName: ${exampleAwsS3Bucket.bucket}\n s3KeyPrefix: logs\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_imagebuilder_infrastructure_configuration` using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:imagebuilder/infrastructureConfiguration:InfrastructureConfiguration example arn:aws:imagebuilder:us-east-1:123456789012:infrastructure-configuration/example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "dateCreated": { "type": "string", "description": "Date when the configuration was created.\n" }, "dateUpdated": { "type": "string", "description": "Date when the configuration was updated.\n" }, "description": { "type": "string", "description": "Description for the configuration.\n" }, "instanceMetadataOptions": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationInstanceMetadataOptions:InfrastructureConfigurationInstanceMetadataOptions", "description": "Configuration block with instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances. Detailed below.\n" }, "instanceProfileName": { "type": "string", "description": "Name of IAM Instance Profile.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Instance Types.\n" }, "keyPair": { "type": "string", "description": "Name of EC2 Key Pair.\n" }, "logging": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationLogging:InfrastructureConfigurationLogging", "description": "Configuration block with logging settings. Detailed below.\n" }, "name": { "type": "string", "description": "Name for the configuration.\n\nThe following arguments are optional:\n" }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to infrastructure created by the configuration.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group identifiers.\n" }, "snsTopicArn": { "type": "string", "description": "Amazon Resource Name (ARN) of SNS Topic.\n" }, "subnetId": { "type": "string", "description": "EC2 Subnet identifier. Also requires `security_group_ids` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to the configuration. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminateInstanceOnFailure": { "type": "boolean", "description": "Enable if the instance should be terminated when the pipeline fails. Defaults to `false`.\n" } }, "required": [ "arn", "dateCreated", "dateUpdated", "instanceProfileName", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description for the configuration.\n" }, "instanceMetadataOptions": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationInstanceMetadataOptions:InfrastructureConfigurationInstanceMetadataOptions", "description": "Configuration block with instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances. Detailed below.\n" }, "instanceProfileName": { "type": "string", "description": "Name of IAM Instance Profile.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Instance Types.\n" }, "keyPair": { "type": "string", "description": "Name of EC2 Key Pair.\n" }, "logging": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationLogging:InfrastructureConfigurationLogging", "description": "Configuration block with logging settings. Detailed below.\n" }, "name": { "type": "string", "description": "Name for the configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to infrastructure created by the configuration.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group identifiers.\n" }, "snsTopicArn": { "type": "string", "description": "Amazon Resource Name (ARN) of SNS Topic.\n" }, "subnetId": { "type": "string", "description": "EC2 Subnet identifier. Also requires `security_group_ids` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to the configuration. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "terminateInstanceOnFailure": { "type": "boolean", "description": "Enable if the instance should be terminated when the pipeline fails. Defaults to `false`.\n" } }, "requiredInputs": [ "instanceProfileName" ], "stateInputs": { "description": "Input properties used for looking up and filtering InfrastructureConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "dateCreated": { "type": "string", "description": "Date when the configuration was created.\n" }, "dateUpdated": { "type": "string", "description": "Date when the configuration was updated.\n" }, "description": { "type": "string", "description": "Description for the configuration.\n" }, "instanceMetadataOptions": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationInstanceMetadataOptions:InfrastructureConfigurationInstanceMetadataOptions", "description": "Configuration block with instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances. Detailed below.\n" }, "instanceProfileName": { "type": "string", "description": "Name of IAM Instance Profile.\n" }, "instanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Instance Types.\n" }, "keyPair": { "type": "string", "description": "Name of EC2 Key Pair.\n" }, "logging": { "$ref": "#/types/aws:imagebuilder/InfrastructureConfigurationLogging:InfrastructureConfigurationLogging", "description": "Configuration block with logging settings. Detailed below.\n" }, "name": { "type": "string", "description": "Name for the configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to infrastructure created by the configuration.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of EC2 Security Group identifiers.\n" }, "snsTopicArn": { "type": "string", "description": "Amazon Resource Name (ARN) of SNS Topic.\n" }, "subnetId": { "type": "string", "description": "EC2 Subnet identifier. Also requires `security_group_ids` argument.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags to assign to the configuration. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "terminateInstanceOnFailure": { "type": "boolean", "description": "Enable if the instance should be terminated when the pipeline fails. Defaults to `false`.\n" } }, "type": "object" } }, "aws:imagebuilder/workflow:Workflow": { "description": "Resource for managing an AWS EC2 Image Builder Workflow.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.imagebuilder.Workflow(\"example\", {\n name: \"example\",\n version: \"1.0.0\",\n type: \"TEST\",\n data: `name: example\ndescription: Workflow to test an image\nschemaVersion: 1.0\n\nparameters:\n - name: waitForActionAtEnd\n type: boolean\n\nsteps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"ssmAgent\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.: \".stepOutputs.LaunchTestInstance.instanceId\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \".parameters.waitForActionAtEnd\"\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.Workflow(\"example\",\n name=\"example\",\n version=\"1.0.0\",\n type=\"TEST\",\n data=\"\"\"name: example\ndescription: Workflow to test an image\nschemaVersion: 1.0\n\nparameters:\n - name: waitForActionAtEnd\n type: boolean\n\nsteps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"ssmAgent\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.$: \"$.stepOutputs.LaunchTestInstance.instanceId\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \"$.parameters.waitForActionAtEnd\"\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ImageBuilder.Workflow(\"example\", new()\n {\n Name = \"example\",\n Version = \"1.0.0\",\n Type = \"TEST\",\n Data = @\"name: example\ndescription: Workflow to test an image\nschemaVersion: 1.0\n\nparameters:\n - name: waitForActionAtEnd\n type: boolean\n\nsteps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"\"ssmAgent\"\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.$: \"\"$.stepOutputs.LaunchTestInstance.instanceId\"\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \"\"$.parameters.waitForActionAtEnd\"\"\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.NewWorkflow(ctx, \"example\", \u0026imagebuilder.WorkflowArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVersion: pulumi.String(\"1.0.0\"),\n\t\t\tType: pulumi.String(\"TEST\"),\n\t\t\tData: pulumi.String(`name: example\ndescription: Workflow to test an image\nschemaVersion: 1.0\n\nparameters:\n - name: waitForActionAtEnd\n type: boolean\n\nsteps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"ssmAgent\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.$: \"$.stepOutputs.LaunchTestInstance.instanceId\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \"$.parameters.waitForActionAtEnd\"\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.Workflow;\nimport com.pulumi.aws.imagebuilder.WorkflowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workflow(\"example\", WorkflowArgs.builder()\n .name(\"example\")\n .version(\"1.0.0\")\n .type(\"TEST\")\n .data(\"\"\"\nname: example\ndescription: Workflow to test an image\nschemaVersion: 1.0\n\nparameters:\n - name: waitForActionAtEnd\n type: boolean\n\nsteps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"ssmAgent\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.$: \"$.stepOutputs.LaunchTestInstance.instanceId\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \"$.parameters.waitForActionAtEnd\"\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:imagebuilder:Workflow\n properties:\n name: example\n version: 1.0.0\n type: TEST\n data: |\n name: example\n description: Workflow to test an image\n schemaVersion: 1.0\n\n parameters:\n - name: waitForActionAtEnd\n type: boolean\n\n steps:\n - name: LaunchTestInstance\n action: LaunchInstance\n onFailure: Abort\n inputs:\n waitFor: \"ssmAgent\"\n\n - name: TerminateTestInstance\n action: TerminateInstance\n onFailure: Continue\n inputs:\n instanceId.$: \"$.stepOutputs.LaunchTestInstance.instanceId\"\n\n - name: WaitForActionAtEnd\n action: WaitForAction\n if:\n booleanEquals: true\n value: \"$.parameters.waitForActionAtEnd\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EC2 Image Builder Workflow using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:imagebuilder/workflow:Workflow example arn:aws:imagebuilder:us-east-1:aws:workflow/test/example/1.0.1/1\n```\nCertain resource arguments, such as `uri`, cannot be read via the API and imported into Terraform. Terraform will display a difference for these arguments the first run after import if declared in the Terraform configuration for an imported resource.\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workflow.\n" }, "changeDescription": { "type": "string", "description": "Change description of the workflow.\n" }, "data": { "type": "string", "description": "Inline YAML string with data of the workflow. Exactly one of `data` and `uri` can be specified.\n" }, "dateCreated": { "type": "string", "description": "Date the workflow was created.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n" }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the workflow.\n" }, "name": { "type": "string", "description": "Name of the workflow.\n" }, "owner": { "type": "string", "description": "Owner of the workflow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workflow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the workflow. Valid values: `BUILD`, `TEST`, `DISTRIBUTION`.\n" }, "uri": { "type": "string", "description": "S3 URI with data of the workflow. Exactly one of `data` and `uri` can be specified.\n" }, "version": { "type": "string", "description": "Version of the workflow.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "data", "dateCreated", "name", "owner", "tagsAll", "type", "version" ], "inputProperties": { "changeDescription": { "type": "string", "description": "Change description of the workflow.\n", "willReplaceOnChanges": true }, "data": { "type": "string", "description": "Inline YAML string with data of the workflow. Exactly one of `data` and `uri` can be specified.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the workflow.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the workflow.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the workflow.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workflow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of the workflow. Valid values: `BUILD`, `TEST`, `DISTRIBUTION`.\n", "willReplaceOnChanges": true }, "uri": { "type": "string", "description": "S3 URI with data of the workflow. Exactly one of `data` and `uri` can be specified.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the workflow.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "type", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workflow resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the workflow.\n" }, "changeDescription": { "type": "string", "description": "Change description of the workflow.\n", "willReplaceOnChanges": true }, "data": { "type": "string", "description": "Inline YAML string with data of the workflow. Exactly one of `data` and `uri` can be specified.\n", "willReplaceOnChanges": true }, "dateCreated": { "type": "string", "description": "Date the workflow was created.\n" }, "description": { "type": "string", "description": "Description of the workflow.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the workflow.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the workflow.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "Owner of the workflow.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the workflow. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of the workflow. Valid values: `BUILD`, `TEST`, `DISTRIBUTION`.\n", "willReplaceOnChanges": true }, "uri": { "type": "string", "description": "S3 URI with data of the workflow. Exactly one of `data` and `uri` can be specified.\n", "willReplaceOnChanges": true }, "version": { "type": "string", "description": "Version of the workflow.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:inspector/assessmentTarget:AssessmentTarget": { "description": "Provides an Inspector Classic Assessment Target\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.inspector.ResourceGroup(\"bar\", {tags: {\n Name: \"foo\",\n Env: \"bar\",\n}});\nconst foo = new aws.inspector.AssessmentTarget(\"foo\", {\n name: \"assessment target\",\n resourceGroupArn: bar.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.inspector.ResourceGroup(\"bar\", tags={\n \"Name\": \"foo\",\n \"Env\": \"bar\",\n})\nfoo = aws.inspector.AssessmentTarget(\"foo\",\n name=\"assessment target\",\n resource_group_arn=bar.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Inspector.ResourceGroup(\"bar\", new()\n {\n Tags = \n {\n { \"Name\", \"foo\" },\n { \"Env\", \"bar\" },\n },\n });\n\n var foo = new Aws.Inspector.AssessmentTarget(\"foo\", new()\n {\n Name = \"assessment target\",\n ResourceGroupArn = bar.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := inspector.NewResourceGroup(ctx, \"bar\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t\t\"Env\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector.NewAssessmentTarget(ctx, \"foo\", \u0026inspector.AssessmentTargetArgs{\n\t\t\tName: pulumi.String(\"assessment target\"),\n\t\t\tResourceGroupArn: bar.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector.ResourceGroup;\nimport com.pulumi.aws.inspector.ResourceGroupArgs;\nimport com.pulumi.aws.inspector.AssessmentTarget;\nimport com.pulumi.aws.inspector.AssessmentTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new ResourceGroup(\"bar\", ResourceGroupArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"foo\"),\n Map.entry(\"Env\", \"bar\")\n ))\n .build());\n\n var foo = new AssessmentTarget(\"foo\", AssessmentTargetArgs.builder()\n .name(\"assessment target\")\n .resourceGroupArn(bar.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:inspector:ResourceGroup\n properties:\n tags:\n Name: foo\n Env: bar\n foo:\n type: aws:inspector:AssessmentTarget\n properties:\n name: assessment target\n resourceGroupArn: ${bar.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Inspector Classic Assessment Targets using their Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:inspector/assessmentTarget:AssessmentTarget example arn:aws:inspector:us-east-1:123456789012:target/0-xxxxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "The target assessment ARN.\n" }, "name": { "type": "string", "description": "The name of the assessment target.\n" }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the assessment target.\n", "willReplaceOnChanges": true }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentTarget resources.\n", "properties": { "arn": { "type": "string", "description": "The target assessment ARN.\n" }, "name": { "type": "string", "description": "The name of the assessment target.\n", "willReplaceOnChanges": true }, "resourceGroupArn": { "type": "string", "description": "Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.\n" } }, "type": "object" } }, "aws:inspector/assessmentTemplate:AssessmentTemplate": { "description": "Provides an Inspector Classic Assessment Template\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector.AssessmentTemplate(\"example\", {\n name: \"example\",\n targetArn: exampleAwsInspectorAssessmentTarget.arn,\n duration: 3600,\n rulesPackageArns: [\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n ],\n eventSubscriptions: [{\n event: \"ASSESSMENT_RUN_COMPLETED\",\n topicArn: exampleAwsSnsTopic.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector.AssessmentTemplate(\"example\",\n name=\"example\",\n target_arn=example_aws_inspector_assessment_target[\"arn\"],\n duration=3600,\n rules_package_arns=[\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n ],\n event_subscriptions=[{\n \"event\": \"ASSESSMENT_RUN_COMPLETED\",\n \"topic_arn\": example_aws_sns_topic[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Inspector.AssessmentTemplate(\"example\", new()\n {\n Name = \"example\",\n TargetArn = exampleAwsInspectorAssessmentTarget.Arn,\n Duration = 3600,\n RulesPackageArns = new[]\n {\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\",\n },\n EventSubscriptions = new[]\n {\n new Aws.Inspector.Inputs.AssessmentTemplateEventSubscriptionArgs\n {\n Event = \"ASSESSMENT_RUN_COMPLETED\",\n TopicArn = exampleAwsSnsTopic.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inspector.NewAssessmentTemplate(ctx, \"example\", \u0026inspector.AssessmentTemplateArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTargetArn: pulumi.Any(exampleAwsInspectorAssessmentTarget.Arn),\n\t\t\tDuration: pulumi.Int(3600),\n\t\t\tRulesPackageArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\"),\n\t\t\t\tpulumi.String(\"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\"),\n\t\t\t},\n\t\t\tEventSubscriptions: inspector.AssessmentTemplateEventSubscriptionArray{\n\t\t\t\t\u0026inspector.AssessmentTemplateEventSubscriptionArgs{\n\t\t\t\t\tEvent: pulumi.String(\"ASSESSMENT_RUN_COMPLETED\"),\n\t\t\t\t\tTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector.AssessmentTemplate;\nimport com.pulumi.aws.inspector.AssessmentTemplateArgs;\nimport com.pulumi.aws.inspector.inputs.AssessmentTemplateEventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AssessmentTemplate(\"example\", AssessmentTemplateArgs.builder()\n .name(\"example\")\n .targetArn(exampleAwsInspectorAssessmentTarget.arn())\n .duration(3600)\n .rulesPackageArns( \n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\",\n \"arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\")\n .eventSubscriptions(AssessmentTemplateEventSubscriptionArgs.builder()\n .event(\"ASSESSMENT_RUN_COMPLETED\")\n .topicArn(exampleAwsSnsTopic.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector:AssessmentTemplate\n properties:\n name: example\n targetArn: ${exampleAwsInspectorAssessmentTarget.arn}\n duration: 3600\n rulesPackageArns:\n - arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p\n - arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc\n - arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ\n - arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD\n eventSubscriptions:\n - event: ASSESSMENT_RUN_COMPLETED\n topicArn: ${exampleAwsSnsTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_inspector_assessment_template` using the template assessment ARN. For example:\n\n```sh\n$ pulumi import aws:inspector/assessmentTemplate:AssessmentTemplate example arn:aws:inspector:us-west-2:123456789012:target/0-9IaAzhGR/template/0-WEcjR8CH\n```\n", "properties": { "arn": { "type": "string", "description": "The template assessment ARN.\n" }, "duration": { "type": "integer", "description": "The duration of the inspector run.\n" }, "eventSubscriptions": { "type": "array", "items": { "$ref": "#/types/aws:inspector/AssessmentTemplateEventSubscription:AssessmentTemplateEventSubscription" }, "description": "A block that enables sending notifications about a specified assessment template event to a designated SNS topic. See Event Subscriptions for details.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n" }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n" } }, "required": [ "arn", "duration", "name", "rulesPackageArns", "tagsAll", "targetArn" ], "inputProperties": { "duration": { "type": "integer", "description": "The duration of the inspector run.\n", "willReplaceOnChanges": true }, "eventSubscriptions": { "type": "array", "items": { "$ref": "#/types/aws:inspector/AssessmentTemplateEventSubscription:AssessmentTemplateEventSubscription" }, "description": "A block that enables sending notifications about a specified assessment template event to a designated SNS topic. See Event Subscriptions for details.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n", "willReplaceOnChanges": true }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "duration", "rulesPackageArns", "targetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering AssessmentTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "The template assessment ARN.\n" }, "duration": { "type": "integer", "description": "The duration of the inspector run.\n", "willReplaceOnChanges": true }, "eventSubscriptions": { "type": "array", "items": { "$ref": "#/types/aws:inspector/AssessmentTemplateEventSubscription:AssessmentTemplateEventSubscription" }, "description": "A block that enables sending notifications about a specified assessment template event to a designated SNS topic. See Event Subscriptions for details.\n" }, "name": { "type": "string", "description": "The name of the assessment template.\n", "willReplaceOnChanges": true }, "rulesPackageArns": { "type": "array", "items": { "type": "string" }, "description": "The rules to be used during the run.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Inspector assessment template. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "The assessment target ARN to attach the template to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:inspector/resourceGroup:ResourceGroup": { "description": "Provides an Amazon Inspector Classic Resource Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector.ResourceGroup(\"example\", {tags: {\n Name: \"foo\",\n Env: \"bar\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector.ResourceGroup(\"example\", tags={\n \"Name\": \"foo\",\n \"Env\": \"bar\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Inspector.ResourceGroup(\"example\", new()\n {\n Tags = \n {\n { \"Name\", \"foo\" },\n { \"Env\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inspector.NewResourceGroup(ctx, \"example\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t\t\"Env\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector.ResourceGroup;\nimport com.pulumi.aws.inspector.ResourceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"foo\"),\n Map.entry(\"Env\", \"bar\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector:ResourceGroup\n properties:\n tags:\n Name: foo\n Env: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The resource group ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.\n" } }, "required": [ "arn", "tags" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "tags" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The resource group ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:inspector2/delegatedAdminAccount:DelegatedAdminAccount": { "description": "Resource for managing an Amazon Inspector Delegated Admin Account.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.inspector2.DelegatedAdminAccount(\"example\", {accountId: current.then(current =\u003e current.accountId)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.inspector2.DelegatedAdminAccount(\"example\", account_id=current.account_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Inspector2.DelegatedAdminAccount(\"example\", new()\n {\n AccountId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector2.NewDelegatedAdminAccount(ctx, \"example\", \u0026inspector2.DelegatedAdminAccountArgs{\n\t\t\tAccountId: pulumi.String(current.AccountId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inspector2.DelegatedAdminAccount;\nimport com.pulumi.aws.inspector2.DelegatedAdminAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new DelegatedAdminAccount(\"example\", DelegatedAdminAccountArgs.builder()\n .accountId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector2:DelegatedAdminAccount\n properties:\n accountId: ${current.accountId}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Inspector Delegated Admin Account using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:inspector2/delegatedAdminAccount:DelegatedAdminAccount example 012345678901\n```\n", "properties": { "accountId": { "type": "string", "description": "Account to enable as delegated admin account.\n" }, "relationshipStatus": { "type": "string", "description": "Status of this delegated admin account.\n" } }, "required": [ "accountId", "relationshipStatus" ], "inputProperties": { "accountId": { "type": "string", "description": "Account to enable as delegated admin account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DelegatedAdminAccount resources.\n", "properties": { "accountId": { "type": "string", "description": "Account to enable as delegated admin account.\n", "willReplaceOnChanges": true }, "relationshipStatus": { "type": "string", "description": "Status of this delegated admin account.\n" } }, "type": "object" } }, "aws:inspector2/enabler:Enabler": { "description": "Resource for enabling Amazon Inspector resource scans.\n\nThis resource must be created in the Organization's Administrator Account.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector2.Enabler(\"example\", {\n accountIds: [\"123456789012\"],\n resourceTypes: [\"EC2\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector2.Enabler(\"example\",\n account_ids=[\"123456789012\"],\n resource_types=[\"EC2\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Inspector2.Enabler(\"example\", new()\n {\n AccountIds = new[]\n {\n \"123456789012\",\n },\n ResourceTypes = new[]\n {\n \"EC2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inspector2.NewEnabler(ctx, \"example\", \u0026inspector2.EnablerArgs{\n\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"EC2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector2.Enabler;\nimport com.pulumi.aws.inspector2.EnablerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Enabler(\"example\", EnablerArgs.builder()\n .accountIds(\"123456789012\")\n .resourceTypes(\"EC2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector2:Enabler\n properties:\n accountIds:\n - '123456789012'\n resourceTypes:\n - EC2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### For the Calling Account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst test = new aws.inspector2.Enabler(\"test\", {\n accountIds: [current.then(current =\u003e current.accountId)],\n resourceTypes: [\n \"ECR\",\n \"EC2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ntest = aws.inspector2.Enabler(\"test\",\n account_ids=[current.account_id],\n resource_types=[\n \"ECR\",\n \"EC2\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var test = new Aws.Inspector2.Enabler(\"test\", new()\n {\n AccountIds = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n ResourceTypes = new[]\n {\n \"ECR\",\n \"EC2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector2.NewEnabler(ctx, \"test\", \u0026inspector2.EnablerArgs{\n\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.AccountId),\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ECR\"),\n\t\t\t\tpulumi.String(\"EC2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inspector2.Enabler;\nimport com.pulumi.aws.inspector2.EnablerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var test = new Enabler(\"test\", EnablerArgs.builder()\n .accountIds(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .resourceTypes( \n \"ECR\",\n \"EC2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:inspector2:Enabler\n properties:\n accountIds:\n - ${current.accountId}\n resourceTypes:\n - ECR\n - EC2\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "accountIds": { "type": "array", "items": { "type": "string" }, "description": "Set of account IDs.\nCan contain one of: the Organization's Administrator Account, or one or more Member Accounts.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Type of resources to scan.\nValid values are `EC2`, `ECR`, `LAMBDA` and `LAMBDA_CODE`.\nAt least one item is required.\n" } }, "required": [ "accountIds", "resourceTypes" ], "inputProperties": { "accountIds": { "type": "array", "items": { "type": "string" }, "description": "Set of account IDs.\nCan contain one of: the Organization's Administrator Account, or one or more Member Accounts.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Type of resources to scan.\nValid values are `EC2`, `ECR`, `LAMBDA` and `LAMBDA_CODE`.\nAt least one item is required.\n" } }, "requiredInputs": [ "accountIds", "resourceTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering Enabler resources.\n", "properties": { "accountIds": { "type": "array", "items": { "type": "string" }, "description": "Set of account IDs.\nCan contain one of: the Organization's Administrator Account, or one or more Member Accounts.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Type of resources to scan.\nValid values are `EC2`, `ECR`, `LAMBDA` and `LAMBDA_CODE`.\nAt least one item is required.\n" } }, "type": "object" } }, "aws:inspector2/memberAssociation:MemberAssociation": { "description": "Resource for associating accounts to existing Inspector instances.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector2.MemberAssociation(\"example\", {accountId: \"123456789012\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector2.MemberAssociation(\"example\", account_id=\"123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Inspector2.MemberAssociation(\"example\", new()\n {\n AccountId = \"123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inspector2.NewMemberAssociation(ctx, \"example\", \u0026inspector2.MemberAssociationArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector2.MemberAssociation;\nimport com.pulumi.aws.inspector2.MemberAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MemberAssociation(\"example\", MemberAssociationArgs.builder()\n .accountId(\"123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector2:MemberAssociation\n properties:\n accountId: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Inspector Member Association using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:inspector2/memberAssociation:MemberAssociation example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "ID of the account to associate\n" }, "delegatedAdminAccountId": { "type": "string", "description": "Account ID of the delegated administrator account\n" }, "relationshipStatus": { "type": "string", "description": "Status of the member relationship\n" }, "updatedAt": { "type": "string", "description": "Date and time of the last update of the relationship\n" } }, "required": [ "accountId", "delegatedAdminAccountId", "relationshipStatus", "updatedAt" ], "inputProperties": { "accountId": { "type": "string", "description": "ID of the account to associate\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MemberAssociation resources.\n", "properties": { "accountId": { "type": "string", "description": "ID of the account to associate\n", "willReplaceOnChanges": true }, "delegatedAdminAccountId": { "type": "string", "description": "Account ID of the delegated administrator account\n" }, "relationshipStatus": { "type": "string", "description": "Status of the member relationship\n" }, "updatedAt": { "type": "string", "description": "Date and time of the last update of the relationship\n" } }, "type": "object" } }, "aws:inspector2/organizationConfiguration:OrganizationConfiguration": { "description": "Resource for managing an Amazon Inspector Organization Configuration.\n\n\u003e **NOTE:** In order for this resource to work, the account you use must be an Inspector Delegated Admin Account.\n\n\u003e **NOTE:** When this resource is deleted, EC2, ECR, Lambda, and Lambda code scans will no longer be automatically enabled for new members of your Amazon Inspector organization.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.inspector2.OrganizationConfiguration(\"example\", {autoEnable: {\n ec2: true,\n ecr: false,\n lambda: true,\n lambdaCode: true,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.inspector2.OrganizationConfiguration(\"example\", auto_enable={\n \"ec2\": True,\n \"ecr\": False,\n \"lambda_\": True,\n \"lambda_code\": True,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Inspector2.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = new Aws.Inspector2.Inputs.OrganizationConfigurationAutoEnableArgs\n {\n Ec2 = true,\n Ecr = false,\n Lambda = true,\n LambdaCode = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := inspector2.NewOrganizationConfiguration(ctx, \"example\", \u0026inspector2.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: \u0026inspector2.OrganizationConfigurationAutoEnableArgs{\n\t\t\t\tEc2: pulumi.Bool(true),\n\t\t\t\tEcr: pulumi.Bool(false),\n\t\t\t\tLambda: pulumi.Bool(true),\n\t\t\t\tLambdaCode: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector2.OrganizationConfiguration;\nimport com.pulumi.aws.inspector2.OrganizationConfigurationArgs;\nimport com.pulumi.aws.inspector2.inputs.OrganizationConfigurationAutoEnableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationConfiguration(\"example\", OrganizationConfigurationArgs.builder()\n .autoEnable(OrganizationConfigurationAutoEnableArgs.builder()\n .ec2(true)\n .ecr(false)\n .lambda(true)\n .lambdaCode(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:inspector2:OrganizationConfiguration\n properties:\n autoEnable:\n ec2: true\n ecr: false\n lambda: true\n lambdaCode: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "autoEnable": { "$ref": "#/types/aws:inspector2/OrganizationConfigurationAutoEnable:OrganizationConfigurationAutoEnable", "description": "Configuration block for auto enabling. See below.\n" }, "maxAccountLimitReached": { "type": "boolean", "description": "Whether your configuration reached the max account limit.\n" } }, "required": [ "autoEnable", "maxAccountLimitReached" ], "inputProperties": { "autoEnable": { "$ref": "#/types/aws:inspector2/OrganizationConfigurationAutoEnable:OrganizationConfigurationAutoEnable", "description": "Configuration block for auto enabling. See below.\n" } }, "requiredInputs": [ "autoEnable" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfiguration resources.\n", "properties": { "autoEnable": { "$ref": "#/types/aws:inspector2/OrganizationConfigurationAutoEnable:OrganizationConfigurationAutoEnable", "description": "Configuration block for auto enabling. See below.\n" }, "maxAccountLimitReached": { "type": "boolean", "description": "Whether your configuration reached the max account limit.\n" } }, "type": "object" } }, "aws:iot/authorizer:Authorizer": { "description": "Creates and manages an AWS IoT Authorizer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.iot.Authorizer(\"example\", {\n name: \"example\",\n authorizerFunctionArn: exampleAwsLambdaFunction.arn,\n signingDisabled: false,\n status: \"ACTIVE\",\n tokenKeyName: \"Token-Header\",\n tokenSigningPublicKeys: {\n Key1: std.file({\n input: \"test-fixtures/iot-authorizer-signing-key.pem\",\n }).then(invoke =\u003e invoke.result),\n },\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.iot.Authorizer(\"example\",\n name=\"example\",\n authorizer_function_arn=example_aws_lambda_function[\"arn\"],\n signing_disabled=False,\n status=\"ACTIVE\",\n token_key_name=\"Token-Header\",\n token_signing_public_keys={\n \"Key1\": std.file(input=\"test-fixtures/iot-authorizer-signing-key.pem\").result,\n },\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.Authorizer(\"example\", new()\n {\n Name = \"example\",\n AuthorizerFunctionArn = exampleAwsLambdaFunction.Arn,\n SigningDisabled = false,\n Status = \"ACTIVE\",\n TokenKeyName = \"Token-Header\",\n TokenSigningPublicKeys = \n {\n { \"Key1\", Std.File.Invoke(new()\n {\n Input = \"test-fixtures/iot-authorizer-signing-key.pem\",\n }).Apply(invoke =\u003e invoke.Result) },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"test-fixtures/iot-authorizer-signing-key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewAuthorizer(ctx, \"example\", \u0026iot.AuthorizerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAuthorizerFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tSigningDisabled: pulumi.Bool(false),\n\t\t\tStatus: pulumi.String(\"ACTIVE\"),\n\t\t\tTokenKeyName: pulumi.String(\"Token-Header\"),\n\t\t\tTokenSigningPublicKeys: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(invokeFile.Result),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Authorizer;\nimport com.pulumi.aws.iot.AuthorizerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Authorizer(\"example\", AuthorizerArgs.builder()\n .name(\"example\")\n .authorizerFunctionArn(exampleAwsLambdaFunction.arn())\n .signingDisabled(false)\n .status(\"ACTIVE\")\n .tokenKeyName(\"Token-Header\")\n .tokenSigningPublicKeys(Map.of(\"Key1\", StdFunctions.file(FileArgs.builder()\n .input(\"test-fixtures/iot-authorizer-signing-key.pem\")\n .build()).result()))\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:Authorizer\n properties:\n name: example\n authorizerFunctionArn: ${exampleAwsLambdaFunction.arn}\n signingDisabled: false\n status: ACTIVE\n tokenKeyName: Token-Header\n tokenSigningPublicKeys:\n Key1:\n fn::invoke:\n Function: std:file\n Arguments:\n input: test-fixtures/iot-authorizer-signing-key.pem\n Return: result\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IOT Authorizers using the name. For example:\n\n```sh\n$ pulumi import aws:iot/authorizer:Authorizer example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the authorizer.\n" }, "authorizerFunctionArn": { "type": "string", "description": "The ARN of the authorizer's Lambda function.\n" }, "enableCachingForHttp": { "type": "boolean", "description": "Specifies whether the HTTP caching is enabled or not. Default: `false`.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" }, "signingDisabled": { "type": "boolean", "description": "Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.\n" }, "status": { "type": "string", "description": "The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tokenKeyName": { "type": "string", "description": "The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.\n" }, "tokenSigningPublicKeys": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.\n", "secret": true } }, "required": [ "arn", "authorizerFunctionArn", "name", "tagsAll" ], "inputProperties": { "authorizerFunctionArn": { "type": "string", "description": "The ARN of the authorizer's Lambda function.\n" }, "enableCachingForHttp": { "type": "boolean", "description": "Specifies whether the HTTP caching is enabled or not. Default: `false`.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" }, "signingDisabled": { "type": "boolean", "description": "Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.\n" }, "status": { "type": "string", "description": "The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tokenKeyName": { "type": "string", "description": "The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.\n" }, "tokenSigningPublicKeys": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.\n", "secret": true } }, "requiredInputs": [ "authorizerFunctionArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Authorizer resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the authorizer.\n" }, "authorizerFunctionArn": { "type": "string", "description": "The ARN of the authorizer's Lambda function.\n" }, "enableCachingForHttp": { "type": "boolean", "description": "Specifies whether the HTTP caching is enabled or not. Default: `false`.\n" }, "name": { "type": "string", "description": "The name of the authorizer.\n" }, "signingDisabled": { "type": "boolean", "description": "Specifies whether AWS IoT validates the token signature in an authorization request. Default: `false`.\n" }, "status": { "type": "string", "description": "The status of Authorizer request at creation. Valid values: `ACTIVE`, `INACTIVE`. Default: `ACTIVE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tokenKeyName": { "type": "string", "description": "The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.\n" }, "tokenSigningPublicKeys": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.\n", "secret": true } }, "type": "object" } }, "aws:iot/billingGroup:BillingGroup": { "description": "Manages an AWS IoT Billing Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.BillingGroup(\"example\", {\n name: \"example\",\n properties: {\n description: \"This is my billing group\",\n },\n tags: {\n terraform: \"true\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.BillingGroup(\"example\",\n name=\"example\",\n properties={\n \"description\": \"This is my billing group\",\n },\n tags={\n \"terraform\": \"true\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.BillingGroup(\"example\", new()\n {\n Name = \"example\",\n Properties = new Aws.Iot.Inputs.BillingGroupPropertiesArgs\n {\n Description = \"This is my billing group\",\n },\n Tags = \n {\n { \"terraform\", \"true\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewBillingGroup(ctx, \"example\", \u0026iot.BillingGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProperties: \u0026iot.BillingGroupPropertiesArgs{\n\t\t\t\tDescription: pulumi.String(\"This is my billing group\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"terraform\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.BillingGroup;\nimport com.pulumi.aws.iot.BillingGroupArgs;\nimport com.pulumi.aws.iot.inputs.BillingGroupPropertiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BillingGroup(\"example\", BillingGroupArgs.builder()\n .name(\"example\")\n .properties(BillingGroupPropertiesArgs.builder()\n .description(\"This is my billing group\")\n .build())\n .tags(Map.of(\"terraform\", \"true\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:BillingGroup\n properties:\n name: example\n properties:\n description: This is my billing group\n tags:\n terraform: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT Billing Groups using the name. For example:\n\n```sh\n$ pulumi import aws:iot/billingGroup:BillingGroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Billing Group.\n" }, "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:iot/BillingGroupMetadata:BillingGroupMetadata" } }, "name": { "type": "string", "description": "The name of the Billing Group.\n" }, "properties": { "$ref": "#/types/aws:iot/BillingGroupProperties:BillingGroupProperties", "description": "The Billing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The current version of the Billing Group record in the registry.\n" } }, "required": [ "arn", "metadatas", "name", "tagsAll", "version" ], "inputProperties": { "name": { "type": "string", "description": "The name of the Billing Group.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/BillingGroupProperties:BillingGroupProperties", "description": "The Billing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering BillingGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Billing Group.\n" }, "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:iot/BillingGroupMetadata:BillingGroupMetadata" } }, "name": { "type": "string", "description": "The name of the Billing Group.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/BillingGroupProperties:BillingGroupProperties", "description": "The Billing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The current version of the Billing Group record in the registry.\n" } }, "type": "object" } }, "aws:iot/caCertificate:CaCertificate": { "description": "Creates and manages an AWS IoT CA Certificate.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as tls from \"@pulumi/tls\";\n\nconst caPrivateKey = new tls.PrivateKey(\"ca\", {algorithm: \"RSA\"});\nconst ca = new tls.SelfSignedCert(\"ca\", {\n privateKeyPem: caPrivateKey.privateKeyPem,\n subject: {\n commonName: \"example.com\",\n organization: \"ACME Examples, Inc\",\n },\n validityPeriodHours: 12,\n allowedUses: [\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n isCaCertificate: true,\n});\nconst verificationPrivateKey = new tls.PrivateKey(\"verification\", {algorithm: \"RSA\"});\nconst example = aws.iot.getRegistrationCode({});\nconst verification = new tls.CertRequest(\"verification\", {\n privateKeyPem: verificationPrivateKey.privateKeyPem,\n subject: {\n commonName: example.then(example =\u003e example.registrationCode),\n },\n});\nconst verificationLocallySignedCert = new tls.LocallySignedCert(\"verification\", {\n certRequestPem: verification.certRequestPem,\n caPrivateKeyPem: caPrivateKey.privateKeyPem,\n caCertPem: ca.certPem,\n validityPeriodHours: 12,\n allowedUses: [\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n});\nconst exampleCaCertificate = new aws.iot.CaCertificate(\"example\", {\n active: true,\n caCertificatePem: ca.certPem,\n verificationCertificatePem: verificationLocallySignedCert.certPem,\n allowAutoRegistration: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_tls as tls\n\nca_private_key = tls.PrivateKey(\"ca\", algorithm=\"RSA\")\nca = tls.SelfSignedCert(\"ca\",\n private_key_pem=ca_private_key.private_key_pem,\n subject=tls.SelfSignedCertSubjectArgs(\n common_name=\"example.com\",\n organization=\"ACME Examples, Inc\",\n ),\n validity_period_hours=12,\n allowed_uses=[\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ],\n is_ca_certificate=True)\nverification_private_key = tls.PrivateKey(\"verification\", algorithm=\"RSA\")\nexample = aws.iot.get_registration_code()\nverification = tls.CertRequest(\"verification\",\n private_key_pem=verification_private_key.private_key_pem,\n subject=tls.CertRequestSubjectArgs(\n common_name=example.registration_code,\n ))\nverification_locally_signed_cert = tls.LocallySignedCert(\"verification\",\n cert_request_pem=verification.cert_request_pem,\n ca_private_key_pem=ca_private_key.private_key_pem,\n ca_cert_pem=ca.cert_pem,\n validity_period_hours=12,\n allowed_uses=[\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n ])\nexample_ca_certificate = aws.iot.CaCertificate(\"example\",\n active=True,\n ca_certificate_pem=ca.cert_pem,\n verification_certificate_pem=verification_locally_signed_cert.cert_pem,\n allow_auto_registration=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var caPrivateKey = new Tls.PrivateKey(\"ca\", new()\n {\n Algorithm = \"RSA\",\n });\n\n var ca = new Tls.SelfSignedCert(\"ca\", new()\n {\n PrivateKeyPem = caPrivateKey.PrivateKeyPem,\n Subject = new Tls.Inputs.SelfSignedCertSubjectArgs\n {\n CommonName = \"example.com\",\n Organization = \"ACME Examples, Inc\",\n },\n ValidityPeriodHours = 12,\n AllowedUses = new[]\n {\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n },\n IsCaCertificate = true,\n });\n\n var verificationPrivateKey = new Tls.PrivateKey(\"verification\", new()\n {\n Algorithm = \"RSA\",\n });\n\n var example = Aws.Iot.GetRegistrationCode.Invoke();\n\n var verification = new Tls.CertRequest(\"verification\", new()\n {\n PrivateKeyPem = verificationPrivateKey.PrivateKeyPem,\n Subject = new Tls.Inputs.CertRequestSubjectArgs\n {\n CommonName = example.Apply(getRegistrationCodeResult =\u003e getRegistrationCodeResult.RegistrationCode),\n },\n });\n\n var verificationLocallySignedCert = new Tls.LocallySignedCert(\"verification\", new()\n {\n CertRequestPem = verification.CertRequestPem,\n CaPrivateKeyPem = caPrivateKey.PrivateKeyPem,\n CaCertPem = ca.CertPem,\n ValidityPeriodHours = 12,\n AllowedUses = new[]\n {\n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\",\n },\n });\n\n var exampleCaCertificate = new Aws.Iot.CaCertificate(\"example\", new()\n {\n Active = true,\n CaCertificatePem = ca.CertPem,\n VerificationCertificatePem = verificationLocallySignedCert.CertPem,\n AllowAutoRegistration = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcaPrivateKey, err := tls.NewPrivateKey(ctx, \"ca\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tca, err := tls.NewSelfSignedCert(ctx, \"ca\", \u0026tls.SelfSignedCertArgs{\n\t\t\tPrivateKeyPem: caPrivateKey.PrivateKeyPem,\n\t\t\tSubject: \u0026tls.SelfSignedCertSubjectArgs{\n\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\tOrganization: pulumi.String(\"ACME Examples, Inc\"),\n\t\t\t},\n\t\t\tValidityPeriodHours: pulumi.Int(12),\n\t\t\tAllowedUses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"key_encipherment\"),\n\t\t\t\tpulumi.String(\"digital_signature\"),\n\t\t\t\tpulumi.String(\"server_auth\"),\n\t\t\t},\n\t\t\tIsCaCertificate: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tverificationPrivateKey, err := tls.NewPrivateKey(ctx, \"verification\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iot.GetRegistrationCode(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tverification, err := tls.NewCertRequest(ctx, \"verification\", \u0026tls.CertRequestArgs{\n\t\t\tPrivateKeyPem: verificationPrivateKey.PrivateKeyPem,\n\t\t\tSubject: \u0026tls.CertRequestSubjectArgs{\n\t\t\t\tCommonName: pulumi.String(example.RegistrationCode),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tverificationLocallySignedCert, err := tls.NewLocallySignedCert(ctx, \"verification\", \u0026tls.LocallySignedCertArgs{\n\t\t\tCertRequestPem: verification.CertRequestPem,\n\t\t\tCaPrivateKeyPem: caPrivateKey.PrivateKeyPem,\n\t\t\tCaCertPem: ca.CertPem,\n\t\t\tValidityPeriodHours: pulumi.Int(12),\n\t\t\tAllowedUses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"key_encipherment\"),\n\t\t\t\tpulumi.String(\"digital_signature\"),\n\t\t\t\tpulumi.String(\"server_auth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewCaCertificate(ctx, \"example\", \u0026iot.CaCertificateArgs{\n\t\t\tActive: pulumi.Bool(true),\n\t\t\tCaCertificatePem: ca.CertPem,\n\t\t\tVerificationCertificatePem: verificationLocallySignedCert.CertPem,\n\t\t\tAllowAutoRegistration: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.tls.SelfSignedCert;\nimport com.pulumi.tls.SelfSignedCertArgs;\nimport com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;\nimport com.pulumi.aws.iot.IotFunctions;\nimport com.pulumi.tls.CertRequest;\nimport com.pulumi.tls.CertRequestArgs;\nimport com.pulumi.tls.inputs.CertRequestSubjectArgs;\nimport com.pulumi.tls.LocallySignedCert;\nimport com.pulumi.tls.LocallySignedCertArgs;\nimport com.pulumi.aws.iot.CaCertificate;\nimport com.pulumi.aws.iot.CaCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var caPrivateKey = new PrivateKey(\"caPrivateKey\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .build());\n\n var ca = new SelfSignedCert(\"ca\", SelfSignedCertArgs.builder()\n .privateKeyPem(caPrivateKey.privateKeyPem())\n .subject(SelfSignedCertSubjectArgs.builder()\n .commonName(\"example.com\")\n .organization(\"ACME Examples, Inc\")\n .build())\n .validityPeriodHours(12)\n .allowedUses( \n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\")\n .isCaCertificate(true)\n .build());\n\n var verificationPrivateKey = new PrivateKey(\"verificationPrivateKey\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .build());\n\n final var example = IotFunctions.getRegistrationCode();\n\n var verification = new CertRequest(\"verification\", CertRequestArgs.builder()\n .privateKeyPem(verificationPrivateKey.privateKeyPem())\n .subject(CertRequestSubjectArgs.builder()\n .commonName(example.applyValue(getRegistrationCodeResult -\u003e getRegistrationCodeResult.registrationCode()))\n .build())\n .build());\n\n var verificationLocallySignedCert = new LocallySignedCert(\"verificationLocallySignedCert\", LocallySignedCertArgs.builder()\n .certRequestPem(verification.certRequestPem())\n .caPrivateKeyPem(caPrivateKey.privateKeyPem())\n .caCertPem(ca.certPem())\n .validityPeriodHours(12)\n .allowedUses( \n \"key_encipherment\",\n \"digital_signature\",\n \"server_auth\")\n .build());\n\n var exampleCaCertificate = new CaCertificate(\"exampleCaCertificate\", CaCertificateArgs.builder()\n .active(true)\n .caCertificatePem(ca.certPem())\n .verificationCertificatePem(verificationLocallySignedCert.certPem())\n .allowAutoRegistration(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ca:\n type: tls:SelfSignedCert\n properties:\n privateKeyPem: ${caPrivateKey.privateKeyPem}\n subject:\n commonName: example.com\n organization: ACME Examples, Inc\n validityPeriodHours: 12\n allowedUses:\n - key_encipherment\n - digital_signature\n - server_auth\n isCaCertificate: true\n caPrivateKey:\n type: tls:PrivateKey\n name: ca\n properties:\n algorithm: RSA\n verification:\n type: tls:CertRequest\n properties:\n privateKeyPem: ${verificationPrivateKey.privateKeyPem}\n subject:\n commonName: ${example.registrationCode}\n verificationPrivateKey:\n type: tls:PrivateKey\n name: verification\n properties:\n algorithm: RSA\n verificationLocallySignedCert:\n type: tls:LocallySignedCert\n name: verification\n properties:\n certRequestPem: ${verification.certRequestPem}\n caPrivateKeyPem: ${caPrivateKey.privateKeyPem}\n caCertPem: ${ca.certPem}\n validityPeriodHours: 12\n allowedUses:\n - key_encipherment\n - digital_signature\n - server_auth\n exampleCaCertificate:\n type: aws:iot:CaCertificate\n name: example\n properties:\n active: true\n caCertificatePem: ${ca.certPem}\n verificationCertificatePem: ${verificationLocallySignedCert.certPem}\n allowAutoRegistration: true\nvariables:\n example:\n fn::invoke:\n Function: aws:iot:getRegistrationCode\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device authentication.\n" }, "allowAutoRegistration": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device regisration.\n" }, "arn": { "type": "string", "description": "The ARN of the created CA certificate.\n" }, "caCertificatePem": { "type": "string", "description": "PEM encoded CA certificate.\n", "secret": true }, "certificateMode": { "type": "string", "description": "The certificate mode in which the CA will be registered. Valida values: `DEFAULT` and `SNI_ONLY`. Default: `DEFAULT`.\n" }, "customerVersion": { "type": "integer", "description": "The customer version of the CA certificate.\n" }, "generationId": { "type": "string", "description": "The generation ID of the CA certificate.\n" }, "registrationConfig": { "$ref": "#/types/aws:iot/CaCertificateRegistrationConfig:CaCertificateRegistrationConfig", "description": "Information about the registration configuration. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validities": { "type": "array", "items": { "$ref": "#/types/aws:iot/CaCertificateValidity:CaCertificateValidity" }, "description": "When the CA certificate is valid.\n" }, "verificationCertificatePem": { "type": "string", "description": "PEM encoded verification certificate containing the common name of a registration code. Review\n[CreateVerificationCSR](https://docs.aws.amazon.com/iot/latest/developerguide/register-CA-cert.html). Reuired if `certificate_mode` is `DEFAULT`.\n", "secret": true } }, "required": [ "active", "allowAutoRegistration", "arn", "caCertificatePem", "customerVersion", "generationId", "tagsAll", "validities" ], "inputProperties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device authentication.\n" }, "allowAutoRegistration": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device regisration.\n" }, "caCertificatePem": { "type": "string", "description": "PEM encoded CA certificate.\n", "secret": true, "willReplaceOnChanges": true }, "certificateMode": { "type": "string", "description": "The certificate mode in which the CA will be registered. Valida values: `DEFAULT` and `SNI_ONLY`. Default: `DEFAULT`.\n", "willReplaceOnChanges": true }, "registrationConfig": { "$ref": "#/types/aws:iot/CaCertificateRegistrationConfig:CaCertificateRegistrationConfig", "description": "Information about the registration configuration. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "verificationCertificatePem": { "type": "string", "description": "PEM encoded verification certificate containing the common name of a registration code. Review\n[CreateVerificationCSR](https://docs.aws.amazon.com/iot/latest/developerguide/register-CA-cert.html). Reuired if `certificate_mode` is `DEFAULT`.\n", "secret": true, "willReplaceOnChanges": true } }, "requiredInputs": [ "active", "allowAutoRegistration", "caCertificatePem" ], "stateInputs": { "description": "Input properties used for looking up and filtering CaCertificate resources.\n", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device authentication.\n" }, "allowAutoRegistration": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active for device regisration.\n" }, "arn": { "type": "string", "description": "The ARN of the created CA certificate.\n" }, "caCertificatePem": { "type": "string", "description": "PEM encoded CA certificate.\n", "secret": true, "willReplaceOnChanges": true }, "certificateMode": { "type": "string", "description": "The certificate mode in which the CA will be registered. Valida values: `DEFAULT` and `SNI_ONLY`. Default: `DEFAULT`.\n", "willReplaceOnChanges": true }, "customerVersion": { "type": "integer", "description": "The customer version of the CA certificate.\n" }, "generationId": { "type": "string", "description": "The generation ID of the CA certificate.\n" }, "registrationConfig": { "$ref": "#/types/aws:iot/CaCertificateRegistrationConfig:CaCertificateRegistrationConfig", "description": "Information about the registration configuration. See below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validities": { "type": "array", "items": { "$ref": "#/types/aws:iot/CaCertificateValidity:CaCertificateValidity" }, "description": "When the CA certificate is valid.\n" }, "verificationCertificatePem": { "type": "string", "description": "PEM encoded verification certificate containing the common name of a registration code. Review\n[CreateVerificationCSR](https://docs.aws.amazon.com/iot/latest/developerguide/register-CA-cert.html). Reuired if `certificate_mode` is `DEFAULT`.\n", "secret": true, "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/certificate:Certificate": { "description": "Creates and manages an AWS IoT certificate.\n\n## Example Usage\n\n### With CSR\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst cert = new aws.iot.Certificate(\"cert\", {\n csr: std.file({\n input: \"/my/csr.pem\",\n }).then(invoke =\u003e invoke.result),\n active: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ncert = aws.iot.Certificate(\"cert\",\n csr=std.file(input=\"/my/csr.pem\").result,\n active=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cert = new Aws.Iot.Certificate(\"cert\", new()\n {\n Csr = Std.File.Invoke(new()\n {\n Input = \"/my/csr.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Active = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"/my/csr.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tCsr: pulumi.String(invokeFile.Result),\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Certificate;\nimport com.pulumi.aws.iot.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .csr(StdFunctions.file(FileArgs.builder()\n .input(\"/my/csr.pem\")\n .build()).result())\n .active(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cert:\n type: aws:iot:Certificate\n properties:\n csr:\n fn::invoke:\n Function: std:file\n Arguments:\n input: /my/csr.pem\n Return: result\n active: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Without CSR\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cert = new aws.iot.Certificate(\"cert\", {active: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncert = aws.iot.Certificate(\"cert\", active=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cert = new Aws.Iot.Certificate(\"cert\", new()\n {\n Active = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Certificate;\nimport com.pulumi.aws.iot.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .active(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cert:\n type: aws:iot:Certificate\n properties:\n active: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### From existing certificate without a CA\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst cert = new aws.iot.Certificate(\"cert\", {\n certificatePem: std.file({\n input: \"/my/cert.pem\",\n }).then(invoke =\u003e invoke.result),\n active: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ncert = aws.iot.Certificate(\"cert\",\n certificate_pem=std.file(input=\"/my/cert.pem\").result,\n active=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cert = new Aws.Iot.Certificate(\"cert\", new()\n {\n CertificatePem = Std.File.Invoke(new()\n {\n Input = \"/my/cert.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Active = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"/my/cert.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tCertificatePem: pulumi.String(invokeFile.Result),\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Certificate;\nimport com.pulumi.aws.iot.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .certificatePem(StdFunctions.file(FileArgs.builder()\n .input(\"/my/cert.pem\")\n .build()).result())\n .active(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cert:\n type: aws:iot:Certificate\n properties:\n certificatePem:\n fn::invoke:\n Function: std:file\n Arguments:\n input: /my/cert.pem\n Return: result\n active: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "arn": { "type": "string", "description": "The ARN of the created certificate.\n" }, "caCertificateId": { "type": "string", "description": "The certificate ID of the CA certificate used to sign the certificate.\n" }, "caPem": { "type": "string", "description": "The CA certificate for the certificate to be registered. If this is set, the CA needs to be registered with AWS IoT beforehand.\n", "secret": true }, "certificatePem": { "type": "string", "description": "The certificate to be registered. If `ca_pem` is unspecified, review\n[RegisterCertificateWithoutCA](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html).\nIf `ca_pem` is specified, review\n[RegisterCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html)\nfor more information on registering a certificate.\n", "secret": true }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n" }, "privateKey": { "type": "string", "description": "When neither CSR nor certificate is provided, the private key.\n", "secret": true }, "publicKey": { "type": "string", "description": "When neither CSR nor certificate is provided, the public key.\n", "secret": true } }, "required": [ "active", "arn", "caCertificateId", "certificatePem", "privateKey", "publicKey" ], "inputProperties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "caPem": { "type": "string", "description": "The CA certificate for the certificate to be registered. If this is set, the CA needs to be registered with AWS IoT beforehand.\n", "secret": true, "willReplaceOnChanges": true }, "certificatePem": { "type": "string", "description": "The certificate to be registered. If `ca_pem` is unspecified, review\n[RegisterCertificateWithoutCA](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html).\nIf `ca_pem` is specified, review\n[RegisterCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html)\nfor more information on registering a certificate.\n", "secret": true, "willReplaceOnChanges": true }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "active" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "active": { "type": "boolean", "description": "Boolean flag to indicate if the certificate should be active\n" }, "arn": { "type": "string", "description": "The ARN of the created certificate.\n" }, "caCertificateId": { "type": "string", "description": "The certificate ID of the CA certificate used to sign the certificate.\n" }, "caPem": { "type": "string", "description": "The CA certificate for the certificate to be registered. If this is set, the CA needs to be registered with AWS IoT beforehand.\n", "secret": true, "willReplaceOnChanges": true }, "certificatePem": { "type": "string", "description": "The certificate to be registered. If `ca_pem` is unspecified, review\n[RegisterCertificateWithoutCA](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html).\nIf `ca_pem` is specified, review\n[RegisterCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html)\nfor more information on registering a certificate.\n", "secret": true, "willReplaceOnChanges": true }, "csr": { "type": "string", "description": "The certificate signing request. Review\n[CreateCertificateFromCsr](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html)\nfor more information on generating a certificate from a certificate signing request (CSR).\nIf none is specified both the certificate and keys will be generated, review [CreateKeysAndCertificate](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html)\nfor more information on generating keys and a certificate.\n", "willReplaceOnChanges": true }, "privateKey": { "type": "string", "description": "When neither CSR nor certificate is provided, the private key.\n", "secret": true }, "publicKey": { "type": "string", "description": "When neither CSR nor certificate is provided, the public key.\n", "secret": true } }, "type": "object" } }, "aws:iot/domainConfiguration:DomainConfiguration": { "description": "Creates and manages an AWS IoT domain configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iot = new aws.iot.DomainConfiguration(\"iot\", {\n name: \"iot-\",\n domainName: \"iot.example.com\",\n serviceType: \"DATA\",\n serverCertificateArns: [cert.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\niot = aws.iot.DomainConfiguration(\"iot\",\n name=\"iot-\",\n domain_name=\"iot.example.com\",\n service_type=\"DATA\",\n server_certificate_arns=[cert[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iot = new Aws.Iot.DomainConfiguration(\"iot\", new()\n {\n Name = \"iot-\",\n DomainName = \"iot.example.com\",\n ServiceType = \"DATA\",\n ServerCertificateArns = new[]\n {\n cert.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewDomainConfiguration(ctx, \"iot\", \u0026iot.DomainConfigurationArgs{\n\t\t\tName: pulumi.String(\"iot-\"),\n\t\t\tDomainName: pulumi.String(\"iot.example.com\"),\n\t\t\tServiceType: pulumi.String(\"DATA\"),\n\t\t\tServerCertificateArns: pulumi.StringArray{\n\t\t\t\tcert.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.DomainConfiguration;\nimport com.pulumi.aws.iot.DomainConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var iot = new DomainConfiguration(\"iot\", DomainConfigurationArgs.builder()\n .name(\"iot-\")\n .domainName(\"iot.example.com\")\n .serviceType(\"DATA\")\n .serverCertificateArns(cert.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iot:\n type: aws:iot:DomainConfiguration\n properties:\n name: iot-\n domainName: iot.example.com\n serviceType: DATA\n serverCertificateArns:\n - ${cert.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import domain configurations using the name. For example:\n\n```sh\n$ pulumi import aws:iot/domainConfiguration:DomainConfiguration example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain configuration.\n" }, "authorizerConfig": { "$ref": "#/types/aws:iot/DomainConfigurationAuthorizerConfig:DomainConfigurationAuthorizerConfig", "description": "An object that specifies the authorization service for a domain. See the `authorizer_config` Block below for details.\n" }, "domainName": { "type": "string", "description": "Fully-qualified domain name.\n" }, "domainType": { "type": "string", "description": "The type of the domain.\n" }, "name": { "type": "string", "description": "The name of the domain configuration. This value must be unique to a region.\n" }, "serverCertificateArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the certificates that IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for Amazon Web Services-managed domains. When using a custom `domain_name`, the cert must include it.\n" }, "serviceType": { "type": "string", "description": "The type of service delivered by the endpoint. Note: Amazon Web Services IoT Core currently supports only the `DATA` service type.\n" }, "status": { "type": "string", "description": "The status to which the domain configuration should be set. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tlsConfig": { "$ref": "#/types/aws:iot/DomainConfigurationTlsConfig:DomainConfigurationTlsConfig", "description": "An object that specifies the TLS configuration for a domain. See the `tls_config` Block below for details.\n" }, "validationCertificateArn": { "type": "string", "description": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for Amazon Web Services-managed domains.\n" } }, "required": [ "arn", "domainType", "name", "tagsAll", "tlsConfig" ], "inputProperties": { "authorizerConfig": { "$ref": "#/types/aws:iot/DomainConfigurationAuthorizerConfig:DomainConfigurationAuthorizerConfig", "description": "An object that specifies the authorization service for a domain. See the `authorizer_config` Block below for details.\n" }, "domainName": { "type": "string", "description": "Fully-qualified domain name.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the domain configuration. This value must be unique to a region.\n", "willReplaceOnChanges": true }, "serverCertificateArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the certificates that IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for Amazon Web Services-managed domains. When using a custom `domain_name`, the cert must include it.\n", "willReplaceOnChanges": true }, "serviceType": { "type": "string", "description": "The type of service delivered by the endpoint. Note: Amazon Web Services IoT Core currently supports only the `DATA` service type.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status to which the domain configuration should be set. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tlsConfig": { "$ref": "#/types/aws:iot/DomainConfigurationTlsConfig:DomainConfigurationTlsConfig", "description": "An object that specifies the TLS configuration for a domain. See the `tls_config` Block below for details.\n" }, "validationCertificateArn": { "type": "string", "description": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for Amazon Web Services-managed domains.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering DomainConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain configuration.\n" }, "authorizerConfig": { "$ref": "#/types/aws:iot/DomainConfigurationAuthorizerConfig:DomainConfigurationAuthorizerConfig", "description": "An object that specifies the authorization service for a domain. See the `authorizer_config` Block below for details.\n" }, "domainName": { "type": "string", "description": "Fully-qualified domain name.\n", "willReplaceOnChanges": true }, "domainType": { "type": "string", "description": "The type of the domain.\n" }, "name": { "type": "string", "description": "The name of the domain configuration. This value must be unique to a region.\n", "willReplaceOnChanges": true }, "serverCertificateArns": { "type": "array", "items": { "type": "string" }, "description": "The ARNs of the certificates that IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for Amazon Web Services-managed domains. When using a custom `domain_name`, the cert must include it.\n", "willReplaceOnChanges": true }, "serviceType": { "type": "string", "description": "The type of service delivered by the endpoint. Note: Amazon Web Services IoT Core currently supports only the `DATA` service type.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status to which the domain configuration should be set. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tlsConfig": { "$ref": "#/types/aws:iot/DomainConfigurationTlsConfig:DomainConfigurationTlsConfig", "description": "An object that specifies the TLS configuration for a domain. See the `tls_config` Block below for details.\n" }, "validationCertificateArn": { "type": "string", "description": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for Amazon Web Services-managed domains.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/eventConfigurations:EventConfigurations": { "description": "Manages IoT event configurations.\n\n\u003e **NOTE:** Deleting this resource does not disable the event configurations, the resource in simply removed from state instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.EventConfigurations(\"example\", {eventConfigurations: {\n THING: true,\n THING_GROUP: false,\n THING_TYPE: false,\n THING_GROUP_MEMBERSHIP: false,\n THING_GROUP_HIERARCHY: false,\n THING_TYPE_ASSOCIATION: false,\n JOB: false,\n JOB_EXECUTION: false,\n POLICY: false,\n CERTIFICATE: true,\n CA_CERTIFICATE: false,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.EventConfigurations(\"example\", event_configurations={\n \"THING\": True,\n \"THING_GROUP\": False,\n \"THING_TYPE\": False,\n \"THING_GROUP_MEMBERSHIP\": False,\n \"THING_GROUP_HIERARCHY\": False,\n \"THING_TYPE_ASSOCIATION\": False,\n \"JOB\": False,\n \"JOB_EXECUTION\": False,\n \"POLICY\": False,\n \"CERTIFICATE\": True,\n \"CA_CERTIFICATE\": False,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.EventConfigurations(\"example\", new()\n {\n Configurations = \n {\n { \"THING\", true },\n { \"THING_GROUP\", false },\n { \"THING_TYPE\", false },\n { \"THING_GROUP_MEMBERSHIP\", false },\n { \"THING_GROUP_HIERARCHY\", false },\n { \"THING_TYPE_ASSOCIATION\", false },\n { \"JOB\", false },\n { \"JOB_EXECUTION\", false },\n { \"POLICY\", false },\n { \"CERTIFICATE\", true },\n { \"CA_CERTIFICATE\", false },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewEventConfigurations(ctx, \"example\", \u0026iot.EventConfigurationsArgs{\n\t\t\tEventConfigurations: pulumi.BoolMap{\n\t\t\t\t\"THING\": pulumi.Bool(true),\n\t\t\t\t\"THING_GROUP\": pulumi.Bool(false),\n\t\t\t\t\"THING_TYPE\": pulumi.Bool(false),\n\t\t\t\t\"THING_GROUP_MEMBERSHIP\": pulumi.Bool(false),\n\t\t\t\t\"THING_GROUP_HIERARCHY\": pulumi.Bool(false),\n\t\t\t\t\"THING_TYPE_ASSOCIATION\": pulumi.Bool(false),\n\t\t\t\t\"JOB\": pulumi.Bool(false),\n\t\t\t\t\"JOB_EXECUTION\": pulumi.Bool(false),\n\t\t\t\t\"POLICY\": pulumi.Bool(false),\n\t\t\t\t\"CERTIFICATE\": pulumi.Bool(true),\n\t\t\t\t\"CA_CERTIFICATE\": pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.EventConfigurations;\nimport com.pulumi.aws.iot.EventConfigurationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventConfigurations(\"example\", EventConfigurationsArgs.builder()\n .eventConfigurations(Map.ofEntries(\n Map.entry(\"THING\", true),\n Map.entry(\"THING_GROUP\", false),\n Map.entry(\"THING_TYPE\", false),\n Map.entry(\"THING_GROUP_MEMBERSHIP\", false),\n Map.entry(\"THING_GROUP_HIERARCHY\", false),\n Map.entry(\"THING_TYPE_ASSOCIATION\", false),\n Map.entry(\"JOB\", false),\n Map.entry(\"JOB_EXECUTION\", false),\n Map.entry(\"POLICY\", false),\n Map.entry(\"CERTIFICATE\", true),\n Map.entry(\"CA_CERTIFICATE\", false)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:EventConfigurations\n properties:\n eventConfigurations:\n THING: true\n THING_GROUP: false\n THING_TYPE: false\n THING_GROUP_MEMBERSHIP: false\n THING_GROUP_HIERARCHY: false\n THING_TYPE_ASSOCIATION: false\n JOB: false\n JOB_EXECUTION: false\n POLICY: false\n CERTIFICATE: true\n CA_CERTIFICATE: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT Event Configurations using the AWS Region. For example:\n\n```sh\n$ pulumi import aws:iot/eventConfigurations:EventConfigurations example us-west-2\n```\n", "properties": { "eventConfigurations": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map. The new event configuration values. You can use only these strings as keys: `THING_GROUP_HIERARCHY`, `THING_GROUP_MEMBERSHIP`, `THING_TYPE`, `THING_TYPE_ASSOCIATION`, `THING_GROUP`, `THING`, `POLICY`, `CA_CERTIFICATE`, `JOB_EXECUTION`, `CERTIFICATE`, `JOB`. Use boolean for values of mapping.\n", "language": { "csharp": { "name": "Configurations" } } } }, "required": [ "eventConfigurations" ], "inputProperties": { "eventConfigurations": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map. The new event configuration values. You can use only these strings as keys: `THING_GROUP_HIERARCHY`, `THING_GROUP_MEMBERSHIP`, `THING_TYPE`, `THING_TYPE_ASSOCIATION`, `THING_GROUP`, `THING`, `POLICY`, `CA_CERTIFICATE`, `JOB_EXECUTION`, `CERTIFICATE`, `JOB`. Use boolean for values of mapping.\n", "language": { "csharp": { "name": "Configurations" } } } }, "requiredInputs": [ "eventConfigurations" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventConfigurations resources.\n", "properties": { "eventConfigurations": { "type": "object", "additionalProperties": { "type": "boolean" }, "description": "Map. The new event configuration values. You can use only these strings as keys: `THING_GROUP_HIERARCHY`, `THING_GROUP_MEMBERSHIP`, `THING_TYPE`, `THING_TYPE_ASSOCIATION`, `THING_GROUP`, `THING`, `POLICY`, `CA_CERTIFICATE`, `JOB_EXECUTION`, `CERTIFICATE`, `JOB`. Use boolean for values of mapping.\n", "language": { "csharp": { "name": "Configurations" } } } }, "type": "object" } }, "aws:iot/indexingConfiguration:IndexingConfiguration": { "description": "Managing [IoT Thing indexing](https://docs.aws.amazon.com/iot/latest/developerguide/managing-index.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.IndexingConfiguration(\"example\", {thingIndexingConfiguration: {\n thingIndexingMode: \"REGISTRY_AND_SHADOW\",\n thingConnectivityIndexingMode: \"STATUS\",\n deviceDefenderIndexingMode: \"VIOLATIONS\",\n namedShadowIndexingMode: \"ON\",\n filter: {\n namedShadowNames: [\"thing1shadow\"],\n },\n customFields: [\n {\n name: \"shadow.desired.power\",\n type: \"Boolean\",\n },\n {\n name: \"attributes.version\",\n type: \"Number\",\n },\n {\n name: \"shadow.name.thing1shadow.desired.DefaultDesired\",\n type: \"String\",\n },\n {\n name: \"deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\",\n type: \"Number\",\n },\n ],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.IndexingConfiguration(\"example\", thing_indexing_configuration={\n \"thing_indexing_mode\": \"REGISTRY_AND_SHADOW\",\n \"thing_connectivity_indexing_mode\": \"STATUS\",\n \"device_defender_indexing_mode\": \"VIOLATIONS\",\n \"named_shadow_indexing_mode\": \"ON\",\n \"filter\": {\n \"named_shadow_names\": [\"thing1shadow\"],\n },\n \"custom_fields\": [\n {\n \"name\": \"shadow.desired.power\",\n \"type\": \"Boolean\",\n },\n {\n \"name\": \"attributes.version\",\n \"type\": \"Number\",\n },\n {\n \"name\": \"shadow.name.thing1shadow.desired.DefaultDesired\",\n \"type\": \"String\",\n },\n {\n \"name\": \"deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\",\n \"type\": \"Number\",\n },\n ],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.IndexingConfiguration(\"example\", new()\n {\n ThingIndexingConfiguration = new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationArgs\n {\n ThingIndexingMode = \"REGISTRY_AND_SHADOW\",\n ThingConnectivityIndexingMode = \"STATUS\",\n DeviceDefenderIndexingMode = \"VIOLATIONS\",\n NamedShadowIndexingMode = \"ON\",\n Filter = new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationFilterArgs\n {\n NamedShadowNames = new[]\n {\n \"thing1shadow\",\n },\n },\n CustomFields = new[]\n {\n new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs\n {\n Name = \"shadow.desired.power\",\n Type = \"Boolean\",\n },\n new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs\n {\n Name = \"attributes.version\",\n Type = \"Number\",\n },\n new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs\n {\n Name = \"shadow.name.thing1shadow.desired.DefaultDesired\",\n Type = \"String\",\n },\n new Aws.Iot.Inputs.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs\n {\n Name = \"deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\",\n Type = \"Number\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewIndexingConfiguration(ctx, \"example\", \u0026iot.IndexingConfigurationArgs{\n\t\t\tThingIndexingConfiguration: \u0026iot.IndexingConfigurationThingIndexingConfigurationArgs{\n\t\t\t\tThingIndexingMode: pulumi.String(\"REGISTRY_AND_SHADOW\"),\n\t\t\t\tThingConnectivityIndexingMode: pulumi.String(\"STATUS\"),\n\t\t\t\tDeviceDefenderIndexingMode: pulumi.String(\"VIOLATIONS\"),\n\t\t\t\tNamedShadowIndexingMode: pulumi.String(\"ON\"),\n\t\t\t\tFilter: \u0026iot.IndexingConfigurationThingIndexingConfigurationFilterArgs{\n\t\t\t\t\tNamedShadowNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"thing1shadow\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCustomFields: iot.IndexingConfigurationThingIndexingConfigurationCustomFieldArray{\n\t\t\t\t\t\u0026iot.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs{\n\t\t\t\t\t\tName: pulumi.String(\"shadow.desired.power\"),\n\t\t\t\t\t\tType: pulumi.String(\"Boolean\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026iot.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs{\n\t\t\t\t\t\tName: pulumi.String(\"attributes.version\"),\n\t\t\t\t\t\tType: pulumi.String(\"Number\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026iot.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs{\n\t\t\t\t\t\tName: pulumi.String(\"shadow.name.thing1shadow.desired.DefaultDesired\"),\n\t\t\t\t\t\tType: pulumi.String(\"String\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026iot.IndexingConfigurationThingIndexingConfigurationCustomFieldArgs{\n\t\t\t\t\t\tName: pulumi.String(\"deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\"),\n\t\t\t\t\t\tType: pulumi.String(\"Number\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.IndexingConfiguration;\nimport com.pulumi.aws.iot.IndexingConfigurationArgs;\nimport com.pulumi.aws.iot.inputs.IndexingConfigurationThingIndexingConfigurationArgs;\nimport com.pulumi.aws.iot.inputs.IndexingConfigurationThingIndexingConfigurationFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IndexingConfiguration(\"example\", IndexingConfigurationArgs.builder()\n .thingIndexingConfiguration(IndexingConfigurationThingIndexingConfigurationArgs.builder()\n .thingIndexingMode(\"REGISTRY_AND_SHADOW\")\n .thingConnectivityIndexingMode(\"STATUS\")\n .deviceDefenderIndexingMode(\"VIOLATIONS\")\n .namedShadowIndexingMode(\"ON\")\n .filter(IndexingConfigurationThingIndexingConfigurationFilterArgs.builder()\n .namedShadowNames(\"thing1shadow\")\n .build())\n .customFields( \n IndexingConfigurationThingIndexingConfigurationCustomFieldArgs.builder()\n .name(\"shadow.desired.power\")\n .type(\"Boolean\")\n .build(),\n IndexingConfigurationThingIndexingConfigurationCustomFieldArgs.builder()\n .name(\"attributes.version\")\n .type(\"Number\")\n .build(),\n IndexingConfigurationThingIndexingConfigurationCustomFieldArgs.builder()\n .name(\"shadow.name.thing1shadow.desired.DefaultDesired\")\n .type(\"String\")\n .build(),\n IndexingConfigurationThingIndexingConfigurationCustomFieldArgs.builder()\n .name(\"deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\")\n .type(\"Number\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:IndexingConfiguration\n properties:\n thingIndexingConfiguration:\n thingIndexingMode: REGISTRY_AND_SHADOW\n thingConnectivityIndexingMode: STATUS\n deviceDefenderIndexingMode: VIOLATIONS\n namedShadowIndexingMode: ON\n filter:\n namedShadowNames:\n - thing1shadow\n customFields:\n - name: shadow.desired.power\n type: Boolean\n - name: attributes.version\n type: Number\n - name: shadow.name.thing1shadow.desired.DefaultDesired\n type: String\n - name: deviceDefender.securityProfile1.NUMBER_VALUE_BEHAVIOR.lastViolationValue.number\n type: Number\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "thingGroupIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingGroupIndexingConfiguration:IndexingConfigurationThingGroupIndexingConfiguration", "description": "Thing group indexing configuration. See below.\n" }, "thingIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfiguration:IndexingConfigurationThingIndexingConfiguration", "description": "Thing indexing configuration. See below.\n" } }, "required": [ "thingGroupIndexingConfiguration", "thingIndexingConfiguration" ], "inputProperties": { "thingGroupIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingGroupIndexingConfiguration:IndexingConfigurationThingGroupIndexingConfiguration", "description": "Thing group indexing configuration. See below.\n" }, "thingIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfiguration:IndexingConfigurationThingIndexingConfiguration", "description": "Thing indexing configuration. See below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering IndexingConfiguration resources.\n", "properties": { "thingGroupIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingGroupIndexingConfiguration:IndexingConfigurationThingGroupIndexingConfiguration", "description": "Thing group indexing configuration. See below.\n" }, "thingIndexingConfiguration": { "$ref": "#/types/aws:iot/IndexingConfigurationThingIndexingConfiguration:IndexingConfigurationThingIndexingConfiguration", "description": "Thing indexing configuration. See below.\n" } }, "type": "object" } }, "aws:iot/loggingOptions:LoggingOptions": { "description": "Provides a resource to manage [default logging options](https://docs.aws.amazon.com/iot/latest/developerguide/configure-logging.html#configure-logging-console).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.LoggingOptions(\"example\", {\n defaultLogLevel: \"WARN\",\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.LoggingOptions(\"example\",\n default_log_level=\"WARN\",\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.LoggingOptions(\"example\", new()\n {\n DefaultLogLevel = \"WARN\",\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewLoggingOptions(ctx, \"example\", \u0026iot.LoggingOptionsArgs{\n\t\t\tDefaultLogLevel: pulumi.String(\"WARN\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.LoggingOptions;\nimport com.pulumi.aws.iot.LoggingOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoggingOptions(\"example\", LoggingOptionsArgs.builder()\n .defaultLogLevel(\"WARN\")\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:LoggingOptions\n properties:\n defaultLogLevel: WARN\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "defaultLogLevel": { "type": "string", "description": "The default logging level. Valid Values: `\"DEBUG\"`, `\"INFO\"`, `\"ERROR\"`, `\"WARN\"`, `\"DISABLED\"`.\n" }, "disableAllLogs": { "type": "boolean", "description": "If `true` all logs are disabled. The default is `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role that allows IoT to write to Cloudwatch logs.\n" } }, "required": [ "defaultLogLevel", "roleArn" ], "inputProperties": { "defaultLogLevel": { "type": "string", "description": "The default logging level. Valid Values: `\"DEBUG\"`, `\"INFO\"`, `\"ERROR\"`, `\"WARN\"`, `\"DISABLED\"`.\n" }, "disableAllLogs": { "type": "boolean", "description": "If `true` all logs are disabled. The default is `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role that allows IoT to write to Cloudwatch logs.\n" } }, "requiredInputs": [ "defaultLogLevel", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoggingOptions resources.\n", "properties": { "defaultLogLevel": { "type": "string", "description": "The default logging level. Valid Values: `\"DEBUG\"`, `\"INFO\"`, `\"ERROR\"`, `\"WARN\"`, `\"DISABLED\"`.\n" }, "disableAllLogs": { "type": "boolean", "description": "If `true` all logs are disabled. The default is `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role that allows IoT to write to Cloudwatch logs.\n" } }, "type": "object" } }, "aws:iot/policy:Policy": { "description": "Provides an IoT policy.\n\n\u003e **NOTE on policy versions:** Updating this resource creates a new, default policy version. If updating the resource would exceed the maximum number of versions (5), the oldest non-default version of the policy is deleted before the new policy version is created.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pubsub = new aws.iot.Policy(\"pubsub\", {\n name: \"PubSubToAnyTopic\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"iot:*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npubsub = aws.iot.Policy(\"pubsub\",\n name=\"PubSubToAnyTopic\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"iot:*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pubsub = new Aws.Iot.Policy(\"pubsub\", new()\n {\n Name = \"PubSubToAnyTopic\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"iot:*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"iot:*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iot.NewPolicy(ctx, \"pubsub\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"PubSubToAnyTopic\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pubsub = new Policy(\"pubsub\", PolicyArgs.builder()\n .name(\"PubSubToAnyTopic\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"iot:*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pubsub:\n type: aws:iot:Policy\n properties:\n name: PubSubToAnyTopic\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - iot:*\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT policies using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/policy:Policy pubsub PubSubToAnyTopic\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "defaultVersionId": { "type": "string", "description": "The default version of this policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n" }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultVersionId", "name", "policy", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS to this policy.\n" }, "defaultVersionId": { "type": "string", "description": "The default version of this policy.\n" }, "name": { "type": "string", "description": "The name of the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The policy document. This is a JSON formatted string. Use the [IoT Developer Guide](http://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) for more information on IoT Policies.\n", "language": { "csharp": { "name": "PolicyDocument" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:iot/policyAttachment:PolicyAttachment": { "description": "Provides an IoT policy attachment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst pubsub = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"iot:*\"],\n resources: [\"*\"],\n }],\n});\nconst pubsubPolicy = new aws.iot.Policy(\"pubsub\", {\n name: \"PubSubToAnyTopic\",\n policy: pubsub.then(pubsub =\u003e pubsub.json),\n});\nconst cert = new aws.iot.Certificate(\"cert\", {\n csr: std.file({\n input: \"csr.pem\",\n }).then(invoke =\u003e invoke.result),\n active: true,\n});\nconst att = new aws.iot.PolicyAttachment(\"att\", {\n policy: pubsubPolicy.name,\n target: cert.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\npubsub = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"iot:*\"],\n \"resources\": [\"*\"],\n}])\npubsub_policy = aws.iot.Policy(\"pubsub\",\n name=\"PubSubToAnyTopic\",\n policy=pubsub.json)\ncert = aws.iot.Certificate(\"cert\",\n csr=std.file(input=\"csr.pem\").result,\n active=True)\natt = aws.iot.PolicyAttachment(\"att\",\n policy=pubsub_policy.name,\n target=cert.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pubsub = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"iot:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var pubsubPolicy = new Aws.Iot.Policy(\"pubsub\", new()\n {\n Name = \"PubSubToAnyTopic\",\n PolicyDocument = pubsub.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var cert = new Aws.Iot.Certificate(\"cert\", new()\n {\n Csr = Std.File.Invoke(new()\n {\n Input = \"csr.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Active = true,\n });\n\n var att = new Aws.Iot.PolicyAttachment(\"att\", new()\n {\n Policy = pubsubPolicy.Name,\n Target = cert.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpubsub, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"iot:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpubsubPolicy, err := iot.NewPolicy(ctx, \"pubsub\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"PubSubToAnyTopic\"),\n\t\t\tPolicy: pulumi.String(pubsub.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"csr.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcert, err := iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tCsr: pulumi.String(invokeFile.Result),\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewPolicyAttachment(ctx, \"att\", \u0026iot.PolicyAttachmentArgs{\n\t\t\tPolicy: pubsubPolicy.Name,\n\t\t\tTarget: cert.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport com.pulumi.aws.iot.Certificate;\nimport com.pulumi.aws.iot.CertificateArgs;\nimport com.pulumi.aws.iot.PolicyAttachment;\nimport com.pulumi.aws.iot.PolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var pubsub = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"iot:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var pubsubPolicy = new Policy(\"pubsubPolicy\", PolicyArgs.builder()\n .name(\"PubSubToAnyTopic\")\n .policy(pubsub.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .csr(StdFunctions.file(FileArgs.builder()\n .input(\"csr.pem\")\n .build()).result())\n .active(true)\n .build());\n\n var att = new PolicyAttachment(\"att\", PolicyAttachmentArgs.builder()\n .policy(pubsubPolicy.name())\n .target(cert.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pubsubPolicy:\n type: aws:iot:Policy\n name: pubsub\n properties:\n name: PubSubToAnyTopic\n policy: ${pubsub.json}\n cert:\n type: aws:iot:Certificate\n properties:\n csr:\n fn::invoke:\n Function: std:file\n Arguments:\n input: csr.pem\n Return: result\n active: true\n att:\n type: aws:iot:PolicyAttachment\n properties:\n policy: ${pubsubPolicy.name}\n target: ${cert.arn}\nvariables:\n pubsub:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - iot:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "policy": { "type": "string", "description": "The name of the policy to attach.\n" }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n" } }, "required": [ "policy", "target" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iot/policy:Policy" } ], "description": "The name of the policy to attach.\n", "willReplaceOnChanges": true }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "target" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iot/policy:Policy" } ], "description": "The name of the policy to attach.\n", "willReplaceOnChanges": true }, "target": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The identity to which the policy is attached.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/provisioningTemplate:ProvisioningTemplate": { "description": "Manages an IoT fleet provisioning template. For more info, see the AWS documentation on [fleet provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iotAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"iot.amazonaws.com\"],\n }],\n }],\n});\nconst iotFleetProvisioning = new aws.iam.Role(\"iot_fleet_provisioning\", {\n name: \"IoTProvisioningServiceRole\",\n path: \"/service-role/\",\n assumeRolePolicy: iotAssumeRolePolicy.then(iotAssumeRolePolicy =\u003e iotAssumeRolePolicy.json),\n});\nconst iotFleetProvisioningRegistration = new aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", {\n role: iotFleetProvisioning.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n});\nconst devicePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"iot:Subscribe\"],\n resources: [\"*\"],\n }],\n});\nconst devicePolicyPolicy = new aws.iot.Policy(\"device_policy\", {\n name: \"DevicePolicy\",\n policy: devicePolicy.then(devicePolicy =\u003e devicePolicy.json),\n});\nconst fleet = new aws.iot.ProvisioningTemplate(\"fleet\", {\n name: \"FleetTemplate\",\n description: \"My provisioning template\",\n provisioningRoleArn: iotFleetProvisioning.arn,\n enabled: true,\n templateBody: pulumi.jsonStringify({\n Parameters: {\n SerialNumber: {\n Type: \"String\",\n },\n },\n Resources: {\n certificate: {\n Properties: {\n CertificateId: {\n Ref: \"AWS::IoT::Certificate::Id\",\n },\n Status: \"Active\",\n },\n Type: \"AWS::IoT::Certificate\",\n },\n policy: {\n Properties: {\n PolicyName: devicePolicyPolicy.name,\n },\n Type: \"AWS::IoT::Policy\",\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niot_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"iot.amazonaws.com\"],\n }],\n}])\niot_fleet_provisioning = aws.iam.Role(\"iot_fleet_provisioning\",\n name=\"IoTProvisioningServiceRole\",\n path=\"/service-role/\",\n assume_role_policy=iot_assume_role_policy.json)\niot_fleet_provisioning_registration = aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\",\n role=iot_fleet_provisioning.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\ndevice_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"iot:Subscribe\"],\n \"resources\": [\"*\"],\n}])\ndevice_policy_policy = aws.iot.Policy(\"device_policy\",\n name=\"DevicePolicy\",\n policy=device_policy.json)\nfleet = aws.iot.ProvisioningTemplate(\"fleet\",\n name=\"FleetTemplate\",\n description=\"My provisioning template\",\n provisioning_role_arn=iot_fleet_provisioning.arn,\n enabled=True,\n template_body=pulumi.Output.json_dumps({\n \"Parameters\": {\n \"SerialNumber\": {\n \"Type\": \"String\",\n },\n },\n \"Resources\": {\n \"certificate\": {\n \"Properties\": {\n \"CertificateId\": {\n \"Ref\": \"AWS::IoT::Certificate::Id\",\n },\n \"Status\": \"Active\",\n },\n \"Type\": \"AWS::IoT::Certificate\",\n },\n \"policy\": {\n \"Properties\": {\n \"PolicyName\": device_policy_policy.name,\n },\n \"Type\": \"AWS::IoT::Policy\",\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iotAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"iot.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var iotFleetProvisioning = new Aws.Iam.Role(\"iot_fleet_provisioning\", new()\n {\n Name = \"IoTProvisioningServiceRole\",\n Path = \"/service-role/\",\n AssumeRolePolicy = iotAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var iotFleetProvisioningRegistration = new Aws.Iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", new()\n {\n Role = iotFleetProvisioning.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n });\n\n var devicePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"iot:Subscribe\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var devicePolicyPolicy = new Aws.Iot.Policy(\"device_policy\", new()\n {\n Name = \"DevicePolicy\",\n PolicyDocument = devicePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fleet = new Aws.Iot.ProvisioningTemplate(\"fleet\", new()\n {\n Name = \"FleetTemplate\",\n Description = \"My provisioning template\",\n ProvisioningRoleArn = iotFleetProvisioning.Arn,\n Enabled = true,\n TemplateBody = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"SerialNumber\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"certificate\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CertificateId\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"AWS::IoT::Certificate::Id\",\n },\n [\"Status\"] = \"Active\",\n },\n [\"Type\"] = \"AWS::IoT::Certificate\",\n },\n [\"policy\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"PolicyName\"] = devicePolicyPolicy.Name,\n },\n [\"Type\"] = \"AWS::IoT::Policy\",\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiotAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"iot.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiotFleetProvisioning, err := iam.NewRole(ctx, \"iot_fleet_provisioning\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"IoTProvisioningServiceRole\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(iotAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"iot_fleet_provisioning_registration\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: iotFleetProvisioning.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"iot:Subscribe\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicyPolicy, err := iot.NewPolicy(ctx, \"device_policy\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"DevicePolicy\"),\n\t\t\tPolicy: pulumi.String(devicePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewProvisioningTemplate(ctx, \"fleet\", \u0026iot.ProvisioningTemplateArgs{\n\t\t\tName: pulumi.String(\"FleetTemplate\"),\n\t\t\tDescription: pulumi.String(\"My provisioning template\"),\n\t\t\tProvisioningRoleArn: iotFleetProvisioning.Arn,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tTemplateBody: devicePolicyPolicy.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"SerialNumber\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\t\t\"certificate\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"CertificateId\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Ref\": \"AWS::IoT::Certificate::Id\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"Status\": \"Active\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Type\": \"AWS::IoT::Certificate\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"policy\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"PolicyName\": name,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Type\": \"AWS::IoT::Policy\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport com.pulumi.aws.iot.ProvisioningTemplate;\nimport com.pulumi.aws.iot.ProvisioningTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var iotAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"iot.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var iotFleetProvisioning = new Role(\"iotFleetProvisioning\", RoleArgs.builder()\n .name(\"IoTProvisioningServiceRole\")\n .path(\"/service-role/\")\n .assumeRolePolicy(iotAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var iotFleetProvisioningRegistration = new RolePolicyAttachment(\"iotFleetProvisioningRegistration\", RolePolicyAttachmentArgs.builder()\n .role(iotFleetProvisioning.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\n .build());\n\n final var devicePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"iot:Subscribe\")\n .resources(\"*\")\n .build())\n .build());\n\n var devicePolicyPolicy = new Policy(\"devicePolicyPolicy\", PolicyArgs.builder()\n .name(\"DevicePolicy\")\n .policy(devicePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fleet = new ProvisioningTemplate(\"fleet\", ProvisioningTemplateArgs.builder()\n .name(\"FleetTemplate\")\n .description(\"My provisioning template\")\n .provisioningRoleArn(iotFleetProvisioning.arn())\n .enabled(true)\n .templateBody(devicePolicyPolicy.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"SerialNumber\", jsonObject(\n jsonProperty(\"Type\", \"String\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"certificate\", jsonObject(\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CertificateId\", jsonObject(\n jsonProperty(\"Ref\", \"AWS::IoT::Certificate::Id\")\n )),\n jsonProperty(\"Status\", \"Active\")\n )),\n jsonProperty(\"Type\", \"AWS::IoT::Certificate\")\n )),\n jsonProperty(\"policy\", jsonObject(\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"PolicyName\", name)\n )),\n jsonProperty(\"Type\", \"AWS::IoT::Policy\")\n ))\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iotFleetProvisioning:\n type: aws:iam:Role\n name: iot_fleet_provisioning\n properties:\n name: IoTProvisioningServiceRole\n path: /service-role/\n assumeRolePolicy: ${iotAssumeRolePolicy.json}\n iotFleetProvisioningRegistration:\n type: aws:iam:RolePolicyAttachment\n name: iot_fleet_provisioning_registration\n properties:\n role: ${iotFleetProvisioning.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\n devicePolicyPolicy:\n type: aws:iot:Policy\n name: device_policy\n properties:\n name: DevicePolicy\n policy: ${devicePolicy.json}\n fleet:\n type: aws:iot:ProvisioningTemplate\n properties:\n name: FleetTemplate\n description: My provisioning template\n provisioningRoleArn: ${iotFleetProvisioning.arn}\n enabled: true\n templateBody:\n fn::toJSON:\n Parameters:\n SerialNumber:\n Type: String\n Resources:\n certificate:\n Properties:\n CertificateId:\n Ref: AWS::IoT::Certificate::Id\n Status: Active\n Type: AWS::IoT::Certificate\n policy:\n Properties:\n PolicyName: ${devicePolicyPolicy.name}\n Type: AWS::IoT::Policy\nvariables:\n iotAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - iot.amazonaws.com\n devicePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - iot:Subscribe\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT fleet provisioning templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/provisioningTemplate:ProvisioningTemplate fleet FleetProvisioningTemplate\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that identifies the provisioning template.\n" }, "defaultVersionId": { "type": "integer", "description": "The default version of the fleet provisioning template.\n" }, "description": { "type": "string", "description": "The description of the fleet provisioning template.\n" }, "enabled": { "type": "boolean", "description": "True to enable the fleet provisioning template, otherwise false.\n" }, "name": { "type": "string", "description": "The name of the fleet provisioning template.\n" }, "preProvisioningHook": { "$ref": "#/types/aws:iot/ProvisioningTemplatePreProvisioningHook:ProvisioningTemplatePreProvisioningHook", "description": "Creates a pre-provisioning hook template. Details below.\n" }, "provisioningRoleArn": { "type": "string", "description": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "The JSON formatted contents of the fleet provisioning template.\n" }, "type": { "type": "string", "description": "The type you define in a provisioning template.\n" } }, "required": [ "arn", "defaultVersionId", "name", "provisioningRoleArn", "tagsAll", "templateBody", "type" ], "inputProperties": { "description": { "type": "string", "description": "The description of the fleet provisioning template.\n" }, "enabled": { "type": "boolean", "description": "True to enable the fleet provisioning template, otherwise false.\n" }, "name": { "type": "string", "description": "The name of the fleet provisioning template.\n", "willReplaceOnChanges": true }, "preProvisioningHook": { "$ref": "#/types/aws:iot/ProvisioningTemplatePreProvisioningHook:ProvisioningTemplatePreProvisioningHook", "description": "Creates a pre-provisioning hook template. Details below.\n" }, "provisioningRoleArn": { "type": "string", "description": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "templateBody": { "type": "string", "description": "The JSON formatted contents of the fleet provisioning template.\n" }, "type": { "type": "string", "description": "The type you define in a provisioning template.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "provisioningRoleArn", "templateBody" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProvisioningTemplate resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that identifies the provisioning template.\n" }, "defaultVersionId": { "type": "integer", "description": "The default version of the fleet provisioning template.\n" }, "description": { "type": "string", "description": "The description of the fleet provisioning template.\n" }, "enabled": { "type": "boolean", "description": "True to enable the fleet provisioning template, otherwise false.\n" }, "name": { "type": "string", "description": "The name of the fleet provisioning template.\n", "willReplaceOnChanges": true }, "preProvisioningHook": { "$ref": "#/types/aws:iot/ProvisioningTemplatePreProvisioningHook:ProvisioningTemplatePreProvisioningHook", "description": "Creates a pre-provisioning hook template. Details below.\n" }, "provisioningRoleArn": { "type": "string", "description": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateBody": { "type": "string", "description": "The JSON formatted contents of the fleet provisioning template.\n" }, "type": { "type": "string", "description": "The type you define in a provisioning template.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/roleAlias:RoleAlias": { "description": "Provides an IoT role alias.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iot.RoleAlias;\nimport com.pulumi.aws.iot.RoleAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .effect(\"Allow\")\n .principals(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .actions(\"sts:AssumeRole\")\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .name(\"dynamodb-access-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var alias = new RoleAlias(\"alias\", RoleAliasArgs.builder()\n .alias(\"Thermostat-dynamodb-access-role-alias\")\n .roleArn(role.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n role:\n type: aws:iam:Role\n properties:\n name: dynamodb-access-role\n assumeRolePolicy: ${assumeRole.json}\n alias:\n type: aws:iot:RoleAlias\n properties:\n alias: Thermostat-dynamodb-access-role-alias\n roleArn: ${role.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - credentials.iot.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IOT Role Alias using the alias. For example:\n\n```sh\n$ pulumi import aws:iot/roleAlias:RoleAlias example myalias\n```\n", "properties": { "alias": { "type": "string", "description": "The name of the role alias.\n" }, "arn": { "type": "string", "description": "The ARN assigned by AWS to this role alias.\n" }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 43200 seconds (12 hours).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "alias", "arn", "roleArn", "tagsAll" ], "inputProperties": { "alias": { "type": "string", "description": "The name of the role alias.\n", "willReplaceOnChanges": true }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 43200 seconds (12 hours).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "alias", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleAlias resources.\n", "properties": { "alias": { "type": "string", "description": "The name of the role alias.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The ARN assigned by AWS to this role alias.\n" }, "credentialDuration": { "type": "integer", "description": "The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 43200 seconds (12 hours).\n" }, "roleArn": { "type": "string", "description": "The identity of the role to which the alias refers.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:iot/thing:Thing": { "description": "Creates and manages an AWS IoT Thing.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.Thing(\"example\", {\n name: \"example\",\n attributes: {\n First: \"examplevalue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.Thing(\"example\",\n name=\"example\",\n attributes={\n \"First\": \"examplevalue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.Thing(\"example\", new()\n {\n Name = \"example\",\n Attributes = \n {\n { \"First\", \"examplevalue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewThing(ctx, \"example\", \u0026iot.ThingArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\"First\": pulumi.String(\"examplevalue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Thing;\nimport com.pulumi.aws.iot.ThingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Thing(\"example\", ThingArgs.builder()\n .name(\"example\")\n .attributes(Map.of(\"First\", \"examplevalue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:Thing\n properties:\n name: example\n attributes:\n First: examplevalue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IOT Things using the name. For example:\n\n```sh\n$ pulumi import aws:iot/thing:Thing example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the thing.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "defaultClientId": { "type": "string", "description": "The default client ID.\n" }, "name": { "type": "string", "description": "The name of the thing.\n" }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" }, "version": { "type": "integer", "description": "The current version of the thing record in the registry.\n" } }, "required": [ "arn", "defaultClientId", "name", "version" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "name": { "type": "string", "description": "The name of the thing.\n", "willReplaceOnChanges": true }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Thing resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the thing.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of attributes of the thing.\n" }, "defaultClientId": { "type": "string", "description": "The default client ID.\n" }, "name": { "type": "string", "description": "The name of the thing.\n", "willReplaceOnChanges": true }, "thingTypeName": { "type": "string", "description": "The thing type name.\n" }, "version": { "type": "integer", "description": "The current version of the thing record in the registry.\n" } }, "type": "object" } }, "aws:iot/thingGroup:ThingGroup": { "description": "Manages an AWS IoT Thing Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst parent = new aws.iot.ThingGroup(\"parent\", {name: \"parent\"});\nconst example = new aws.iot.ThingGroup(\"example\", {\n name: \"example\",\n parentGroupName: parent.name,\n properties: {\n attributePayload: {\n attributes: {\n One: \"11111\",\n Two: \"TwoTwo\",\n },\n },\n description: \"This is my thing group\",\n },\n tags: {\n managed: \"true\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nparent = aws.iot.ThingGroup(\"parent\", name=\"parent\")\nexample = aws.iot.ThingGroup(\"example\",\n name=\"example\",\n parent_group_name=parent.name,\n properties={\n \"attribute_payload\": {\n \"attributes\": {\n \"one\": \"11111\",\n \"two\": \"TwoTwo\",\n },\n },\n \"description\": \"This is my thing group\",\n },\n tags={\n \"managed\": \"true\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parent = new Aws.Iot.ThingGroup(\"parent\", new()\n {\n Name = \"parent\",\n });\n\n var example = new Aws.Iot.ThingGroup(\"example\", new()\n {\n Name = \"example\",\n ParentGroupName = parent.Name,\n Properties = new Aws.Iot.Inputs.ThingGroupPropertiesArgs\n {\n AttributePayload = new Aws.Iot.Inputs.ThingGroupPropertiesAttributePayloadArgs\n {\n Attributes = \n {\n { \"One\", \"11111\" },\n { \"Two\", \"TwoTwo\" },\n },\n },\n Description = \"This is my thing group\",\n },\n Tags = \n {\n { \"managed\", \"true\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tparent, err := iot.NewThingGroup(ctx, \"parent\", \u0026iot.ThingGroupArgs{\n\t\t\tName: pulumi.String(\"parent\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewThingGroup(ctx, \"example\", \u0026iot.ThingGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParentGroupName: parent.Name,\n\t\t\tProperties: \u0026iot.ThingGroupPropertiesArgs{\n\t\t\t\tAttributePayload: \u0026iot.ThingGroupPropertiesAttributePayloadArgs{\n\t\t\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\t\t\"One\": pulumi.String(\"11111\"),\n\t\t\t\t\t\t\"Two\": pulumi.String(\"TwoTwo\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDescription: pulumi.String(\"This is my thing group\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"managed\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.ThingGroup;\nimport com.pulumi.aws.iot.ThingGroupArgs;\nimport com.pulumi.aws.iot.inputs.ThingGroupPropertiesArgs;\nimport com.pulumi.aws.iot.inputs.ThingGroupPropertiesAttributePayloadArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parent = new ThingGroup(\"parent\", ThingGroupArgs.builder()\n .name(\"parent\")\n .build());\n\n var example = new ThingGroup(\"example\", ThingGroupArgs.builder()\n .name(\"example\")\n .parentGroupName(parent.name())\n .properties(ThingGroupPropertiesArgs.builder()\n .attributePayload(ThingGroupPropertiesAttributePayloadArgs.builder()\n .attributes(Map.ofEntries(\n Map.entry(\"One\", \"11111\"),\n Map.entry(\"Two\", \"TwoTwo\")\n ))\n .build())\n .description(\"This is my thing group\")\n .build())\n .tags(Map.of(\"managed\", \"true\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parent:\n type: aws:iot:ThingGroup\n properties:\n name: parent\n example:\n type: aws:iot:ThingGroup\n properties:\n name: example\n parentGroupName: ${parent.name}\n properties:\n attributePayload:\n attributes:\n One: '11111'\n Two: TwoTwo\n description: This is my thing group\n tags:\n managed: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT Things Groups using the name. For example:\n\n```sh\n$ pulumi import aws:iot/thingGroup:ThingGroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Thing Group.\n" }, "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:iot/ThingGroupMetadata:ThingGroupMetadata" } }, "name": { "type": "string", "description": "The name of the Thing Group.\n" }, "parentGroupName": { "type": "string", "description": "The name of the parent Thing Group.\n" }, "properties": { "$ref": "#/types/aws:iot/ThingGroupProperties:ThingGroupProperties", "description": "The Thing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The current version of the Thing Group record in the registry.\n" } }, "required": [ "arn", "metadatas", "name", "tagsAll", "version" ], "inputProperties": { "name": { "type": "string", "description": "The name of the Thing Group.\n", "willReplaceOnChanges": true }, "parentGroupName": { "type": "string", "description": "The name of the parent Thing Group.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/ThingGroupProperties:ThingGroupProperties", "description": "The Thing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ThingGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Thing Group.\n" }, "metadatas": { "type": "array", "items": { "$ref": "#/types/aws:iot/ThingGroupMetadata:ThingGroupMetadata" } }, "name": { "type": "string", "description": "The name of the Thing Group.\n", "willReplaceOnChanges": true }, "parentGroupName": { "type": "string", "description": "The name of the parent Thing Group.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/ThingGroupProperties:ThingGroupProperties", "description": "The Thing Group properties. Defined below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The current version of the Thing Group record in the registry.\n" } }, "type": "object" } }, "aws:iot/thingGroupMembership:ThingGroupMembership": { "description": "Adds an IoT Thing to an IoT Thing Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.ThingGroupMembership(\"example\", {\n thingName: \"example-thing\",\n thingGroupName: \"example-group\",\n overrideDynamicGroup: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.ThingGroupMembership(\"example\",\n thing_name=\"example-thing\",\n thing_group_name=\"example-group\",\n override_dynamic_group=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.ThingGroupMembership(\"example\", new()\n {\n ThingName = \"example-thing\",\n ThingGroupName = \"example-group\",\n OverrideDynamicGroup = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewThingGroupMembership(ctx, \"example\", \u0026iot.ThingGroupMembershipArgs{\n\t\t\tThingName: pulumi.String(\"example-thing\"),\n\t\t\tThingGroupName: pulumi.String(\"example-group\"),\n\t\t\tOverrideDynamicGroup: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.ThingGroupMembership;\nimport com.pulumi.aws.iot.ThingGroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ThingGroupMembership(\"example\", ThingGroupMembershipArgs.builder()\n .thingName(\"example-thing\")\n .thingGroupName(\"example-group\")\n .overrideDynamicGroup(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:ThingGroupMembership\n properties:\n thingName: example-thing\n thingGroupName: example-group\n overrideDynamicGroup: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT Thing Group Membership using the thing group name and thing name. For example:\n\n```sh\n$ pulumi import aws:iot/thingGroupMembership:ThingGroupMembership example thing_group_name/thing_name\n```\n", "properties": { "overrideDynamicGroup": { "type": "boolean", "description": "Override dynamic thing groups with static thing groups when 10-group limit is reached. If a thing belongs to 10 thing groups, and one or more of those groups are dynamic thing groups, adding a thing to a static group removes the thing from the last dynamic group.\n" }, "thingGroupName": { "type": "string", "description": "The name of the group to which you are adding a thing.\n" }, "thingName": { "type": "string", "description": "The name of the thing to add to a group.\n" } }, "required": [ "thingGroupName", "thingName" ], "inputProperties": { "overrideDynamicGroup": { "type": "boolean", "description": "Override dynamic thing groups with static thing groups when 10-group limit is reached. If a thing belongs to 10 thing groups, and one or more of those groups are dynamic thing groups, adding a thing to a static group removes the thing from the last dynamic group.\n", "willReplaceOnChanges": true }, "thingGroupName": { "type": "string", "description": "The name of the group to which you are adding a thing.\n", "willReplaceOnChanges": true }, "thingName": { "type": "string", "description": "The name of the thing to add to a group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "thingGroupName", "thingName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ThingGroupMembership resources.\n", "properties": { "overrideDynamicGroup": { "type": "boolean", "description": "Override dynamic thing groups with static thing groups when 10-group limit is reached. If a thing belongs to 10 thing groups, and one or more of those groups are dynamic thing groups, adding a thing to a static group removes the thing from the last dynamic group.\n", "willReplaceOnChanges": true }, "thingGroupName": { "type": "string", "description": "The name of the group to which you are adding a thing.\n", "willReplaceOnChanges": true }, "thingName": { "type": "string", "description": "The name of the thing to add to a group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/thingPrincipalAttachment:ThingPrincipalAttachment": { "description": "Attaches Principal to AWS IoT Thing.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.iot.Thing(\"example\", {name: \"example\"});\nconst cert = new aws.iot.Certificate(\"cert\", {\n csr: std.file({\n input: \"csr.pem\",\n }).then(invoke =\u003e invoke.result),\n active: true,\n});\nconst att = new aws.iot.ThingPrincipalAttachment(\"att\", {\n principal: cert.arn,\n thing: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.iot.Thing(\"example\", name=\"example\")\ncert = aws.iot.Certificate(\"cert\",\n csr=std.file(input=\"csr.pem\").result,\n active=True)\natt = aws.iot.ThingPrincipalAttachment(\"att\",\n principal=cert.arn,\n thing=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.Thing(\"example\", new()\n {\n Name = \"example\",\n });\n\n var cert = new Aws.Iot.Certificate(\"cert\", new()\n {\n Csr = Std.File.Invoke(new()\n {\n Input = \"csr.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n Active = true,\n });\n\n var att = new Aws.Iot.ThingPrincipalAttachment(\"att\", new()\n {\n Principal = cert.Arn,\n Thing = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iot.NewThing(ctx, \"example\", \u0026iot.ThingArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"csr.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcert, err := iot.NewCertificate(ctx, \"cert\", \u0026iot.CertificateArgs{\n\t\t\tCsr: pulumi.String(invokeFile.Result),\n\t\t\tActive: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewThingPrincipalAttachment(ctx, \"att\", \u0026iot.ThingPrincipalAttachmentArgs{\n\t\t\tPrincipal: cert.Arn,\n\t\t\tThing: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Thing;\nimport com.pulumi.aws.iot.ThingArgs;\nimport com.pulumi.aws.iot.Certificate;\nimport com.pulumi.aws.iot.CertificateArgs;\nimport com.pulumi.aws.iot.ThingPrincipalAttachment;\nimport com.pulumi.aws.iot.ThingPrincipalAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Thing(\"example\", ThingArgs.builder()\n .name(\"example\")\n .build());\n\n var cert = new Certificate(\"cert\", CertificateArgs.builder()\n .csr(StdFunctions.file(FileArgs.builder()\n .input(\"csr.pem\")\n .build()).result())\n .active(true)\n .build());\n\n var att = new ThingPrincipalAttachment(\"att\", ThingPrincipalAttachmentArgs.builder()\n .principal(cert.arn())\n .thing(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iot:Thing\n properties:\n name: example\n cert:\n type: aws:iot:Certificate\n properties:\n csr:\n fn::invoke:\n Function: std:file\n Arguments:\n input: csr.pem\n Return: result\n active: true\n att:\n type: aws:iot:ThingPrincipalAttachment\n properties:\n principal: ${cert.arn}\n thing: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n" }, "thing": { "type": "string", "description": "The name of the thing.\n" } }, "required": [ "principal", "thing" ], "inputProperties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n", "willReplaceOnChanges": true }, "thing": { "type": "string", "description": "The name of the thing.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "principal", "thing" ], "stateInputs": { "description": "Input properties used for looking up and filtering ThingPrincipalAttachment resources.\n", "properties": { "principal": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The AWS IoT Certificate ARN or Amazon Cognito Identity ID.\n", "willReplaceOnChanges": true }, "thing": { "type": "string", "description": "The name of the thing.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:iot/thingType:ThingType": { "description": "Creates and manages an AWS IoT Thing Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.iot.ThingType(\"foo\", {name: \"my_iot_thing\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.iot.ThingType(\"foo\", name=\"my_iot_thing\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Iot.ThingType(\"foo\", new()\n {\n Name = \"my_iot_thing\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iot.NewThingType(ctx, \"foo\", \u0026iot.ThingTypeArgs{\n\t\t\tName: pulumi.String(\"my_iot_thing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.ThingType;\nimport com.pulumi.aws.iot.ThingTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new ThingType(\"foo\", ThingTypeArgs.builder()\n .name(\"my_iot_thing\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:iot:ThingType\n properties:\n name: my_iot_thing\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IOT Thing Types using the name. For example:\n\n```sh\n$ pulumi import aws:iot/thingType:ThingType example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created AWS IoT Thing Type.\n" }, "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n" }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ThingType resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created AWS IoT Thing Type.\n" }, "deprecated": { "type": "boolean", "description": "Whether the thing type is deprecated. If true, no new things could be associated with this type.\n" }, "name": { "type": "string", "description": "The name of the thing type.\n", "willReplaceOnChanges": true }, "properties": { "$ref": "#/types/aws:iot/ThingTypeProperties:ThingTypeProperties", "description": ", Configuration block that can contain the following properties of the thing type:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:iot/topicRule:TopicRule": { "description": "Creates and manages an AWS IoT topic rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mytopic = new aws.sns.Topic(\"mytopic\", {name: \"mytopic\"});\nconst myerrortopic = new aws.sns.Topic(\"myerrortopic\", {name: \"myerrortopic\"});\nconst rule = new aws.iot.TopicRule(\"rule\", {\n name: \"MyRule\",\n description: \"Example rule\",\n enabled: true,\n sql: \"SELECT * FROM 'topic/test'\",\n sqlVersion: \"2016-03-23\",\n sns: [{\n messageFormat: \"RAW\",\n roleArn: role.arn,\n targetArn: mytopic.arn,\n }],\n errorAction: {\n sns: {\n messageFormat: \"RAW\",\n roleArn: role.arn,\n targetArn: myerrortopic.arn,\n },\n },\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"iot.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst myrole = new aws.iam.Role(\"myrole\", {\n name: \"myrole\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst mypolicy = mytopic.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"sns:Publish\"],\n resources: [arn],\n }],\n}));\nconst mypolicyRolePolicy = new aws.iam.RolePolicy(\"mypolicy\", {\n name: \"mypolicy\",\n role: myrole.id,\n policy: mypolicy.apply(mypolicy =\u003e mypolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmytopic = aws.sns.Topic(\"mytopic\", name=\"mytopic\")\nmyerrortopic = aws.sns.Topic(\"myerrortopic\", name=\"myerrortopic\")\nrule = aws.iot.TopicRule(\"rule\",\n name=\"MyRule\",\n description=\"Example rule\",\n enabled=True,\n sql=\"SELECT * FROM 'topic/test'\",\n sql_version=\"2016-03-23\",\n sns=[{\n \"message_format\": \"RAW\",\n \"role_arn\": role[\"arn\"],\n \"target_arn\": mytopic.arn,\n }],\n error_action={\n \"sns\": {\n \"message_format\": \"RAW\",\n \"role_arn\": role[\"arn\"],\n \"target_arn\": myerrortopic.arn,\n },\n })\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"iot.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nmyrole = aws.iam.Role(\"myrole\",\n name=\"myrole\",\n assume_role_policy=assume_role.json)\nmypolicy = mytopic.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"sns:Publish\"],\n \"resources\": [arn],\n}]))\nmypolicy_role_policy = aws.iam.RolePolicy(\"mypolicy\",\n name=\"mypolicy\",\n role=myrole.id,\n policy=mypolicy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mytopic = new Aws.Sns.Topic(\"mytopic\", new()\n {\n Name = \"mytopic\",\n });\n\n var myerrortopic = new Aws.Sns.Topic(\"myerrortopic\", new()\n {\n Name = \"myerrortopic\",\n });\n\n var rule = new Aws.Iot.TopicRule(\"rule\", new()\n {\n Name = \"MyRule\",\n Description = \"Example rule\",\n Enabled = true,\n Sql = \"SELECT * FROM 'topic/test'\",\n SqlVersion = \"2016-03-23\",\n Sns = new[]\n {\n new Aws.Iot.Inputs.TopicRuleSnsArgs\n {\n MessageFormat = \"RAW\",\n RoleArn = role.Arn,\n TargetArn = mytopic.Arn,\n },\n },\n ErrorAction = new Aws.Iot.Inputs.TopicRuleErrorActionArgs\n {\n Sns = new Aws.Iot.Inputs.TopicRuleErrorActionSnsArgs\n {\n MessageFormat = \"RAW\",\n RoleArn = role.Arn,\n TargetArn = myerrortopic.Arn,\n },\n },\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"iot.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var myrole = new Aws.Iam.Role(\"myrole\", new()\n {\n Name = \"myrole\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var mypolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"sns:Publish\",\n },\n Resources = new[]\n {\n mytopic.Arn,\n },\n },\n },\n });\n\n var mypolicyRolePolicy = new Aws.Iam.RolePolicy(\"mypolicy\", new()\n {\n Name = \"mypolicy\",\n Role = myrole.Id,\n Policy = mypolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nmytopic, err := sns.NewTopic(ctx, \"mytopic\", \u0026sns.TopicArgs{\nName: pulumi.String(\"mytopic\"),\n})\nif err != nil {\nreturn err\n}\nmyerrortopic, err := sns.NewTopic(ctx, \"myerrortopic\", \u0026sns.TopicArgs{\nName: pulumi.String(\"myerrortopic\"),\n})\nif err != nil {\nreturn err\n}\n_, err = iot.NewTopicRule(ctx, \"rule\", \u0026iot.TopicRuleArgs{\nName: pulumi.String(\"MyRule\"),\nDescription: pulumi.String(\"Example rule\"),\nEnabled: pulumi.Bool(true),\nSql: pulumi.String(\"SELECT * FROM 'topic/test'\"),\nSqlVersion: pulumi.String(\"2016-03-23\"),\nSns: iot.TopicRuleSnsArray{\n\u0026iot.TopicRuleSnsArgs{\nMessageFormat: pulumi.String(\"RAW\"),\nRoleArn: pulumi.Any(role.Arn),\nTargetArn: mytopic.Arn,\n},\n},\nErrorAction: \u0026iot.TopicRuleErrorActionArgs{\nSns: \u0026iot.TopicRuleErrorActionSnsArgs{\nMessageFormat: pulumi.String(\"RAW\"),\nRoleArn: pulumi.Any(role.Arn),\nTargetArn: myerrortopic.Arn,\n},\n},\n})\nif err != nil {\nreturn err\n}\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"iot.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nmyrole, err := iam.NewRole(ctx, \"myrole\", \u0026iam.RoleArgs{\nName: pulumi.String(\"myrole\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\nmypolicy := mytopic.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nActions: []string{\n\"sns:Publish\",\n},\nResources: interface{}{\narn,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = iam.NewRolePolicy(ctx, \"mypolicy\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"mypolicy\"),\nRole: myrole.ID(),\nPolicy: pulumi.String(mypolicy.ApplyT(func(mypolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026mypolicy.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iot.TopicRule;\nimport com.pulumi.aws.iot.TopicRuleArgs;\nimport com.pulumi.aws.iot.inputs.TopicRuleSnsArgs;\nimport com.pulumi.aws.iot.inputs.TopicRuleErrorActionArgs;\nimport com.pulumi.aws.iot.inputs.TopicRuleErrorActionSnsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mytopic = new Topic(\"mytopic\", TopicArgs.builder()\n .name(\"mytopic\")\n .build());\n\n var myerrortopic = new Topic(\"myerrortopic\", TopicArgs.builder()\n .name(\"myerrortopic\")\n .build());\n\n var rule = new TopicRule(\"rule\", TopicRuleArgs.builder()\n .name(\"MyRule\")\n .description(\"Example rule\")\n .enabled(true)\n .sql(\"SELECT * FROM 'topic/test'\")\n .sqlVersion(\"2016-03-23\")\n .sns(TopicRuleSnsArgs.builder()\n .messageFormat(\"RAW\")\n .roleArn(role.arn())\n .targetArn(mytopic.arn())\n .build())\n .errorAction(TopicRuleErrorActionArgs.builder()\n .sns(TopicRuleErrorActionSnsArgs.builder()\n .messageFormat(\"RAW\")\n .roleArn(role.arn())\n .targetArn(myerrortopic.arn())\n .build())\n .build())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"iot.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var myrole = new Role(\"myrole\", RoleArgs.builder()\n .name(\"myrole\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var mypolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"sns:Publish\")\n .resources(mytopic.arn())\n .build())\n .build());\n\n var mypolicyRolePolicy = new RolePolicy(\"mypolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"mypolicy\")\n .role(myrole.id())\n .policy(mypolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(mypolicy -\u003e mypolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n rule:\n type: aws:iot:TopicRule\n properties:\n name: MyRule\n description: Example rule\n enabled: true\n sql: SELECT * FROM 'topic/test'\n sqlVersion: 2016-03-23\n sns:\n - messageFormat: RAW\n roleArn: ${role.arn}\n targetArn: ${mytopic.arn}\n errorAction:\n sns:\n messageFormat: RAW\n roleArn: ${role.arn}\n targetArn: ${myerrortopic.arn}\n mytopic:\n type: aws:sns:Topic\n properties:\n name: mytopic\n myerrortopic:\n type: aws:sns:Topic\n properties:\n name: myerrortopic\n myrole:\n type: aws:iam:Role\n properties:\n name: myrole\n assumeRolePolicy: ${assumeRole.json}\n mypolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: mypolicy\n properties:\n name: mypolicy\n role: ${myrole.id}\n policy: ${mypolicy.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - iot.amazonaws.com\n actions:\n - sts:AssumeRole\n mypolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - sns:Publish\n resources:\n - ${mytopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT Topic Rules using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/topicRule:TopicRule rule \u003cname\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule\n" }, "cloudwatchAlarms": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" } }, "cloudwatchLogs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchLog:TopicRuleCloudwatchLog" } }, "cloudwatchMetrics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" } }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodbs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" } }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" } }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_logs`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `http`, `iot_analytics`, `iot_events`, `kafka`, `kinesis`, `lambda`, `republish`, `s3`, `sns`, `sqs`, `step_functions`, `timestream` configuration blocks for further configuration details.\n" }, "firehoses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleHttp:TopicRuleHttp" } }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kafkas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKafka:TopicRuleKafka" } }, "kineses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" } }, "lambdas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" } }, "name": { "type": "string", "description": "The name of the rule.\n" }, "republishes": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" } }, "s3": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" } }, "sns": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" } }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" } }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timestreams": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleTimestream:TopicRuleTimestream" } } }, "required": [ "arn", "enabled", "name", "sql", "sqlVersion", "tagsAll" ], "inputProperties": { "cloudwatchAlarms": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" } }, "cloudwatchLogs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchLog:TopicRuleCloudwatchLog" } }, "cloudwatchMetrics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" } }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodbs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" } }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" } }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_logs`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `http`, `iot_analytics`, `iot_events`, `kafka`, `kinesis`, `lambda`, `republish`, `s3`, `sns`, `sqs`, `step_functions`, `timestream` configuration blocks for further configuration details.\n" }, "firehoses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleHttp:TopicRuleHttp" } }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kafkas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKafka:TopicRuleKafka" } }, "kineses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" } }, "lambdas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" } }, "name": { "type": "string", "description": "The name of the rule.\n", "willReplaceOnChanges": true }, "republishes": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" } }, "s3": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" } }, "sns": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" } }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" } }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timestreams": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleTimestream:TopicRuleTimestream" } } }, "requiredInputs": [ "enabled", "sql", "sqlVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule\n" }, "cloudwatchAlarms": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchAlarm:TopicRuleCloudwatchAlarm" } }, "cloudwatchLogs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchLog:TopicRuleCloudwatchLog" } }, "cloudwatchMetrics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleCloudwatchMetric:TopicRuleCloudwatchMetric" } }, "description": { "type": "string", "description": "The description of the rule.\n" }, "dynamodbs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodb:TopicRuleDynamodb" } }, "dynamodbv2s": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleDynamodbv2:TopicRuleDynamodbv2" } }, "elasticsearch": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleElasticsearch:TopicRuleElasticsearch" } }, "enabled": { "type": "boolean", "description": "Specifies whether the rule is enabled.\n" }, "errorAction": { "$ref": "#/types/aws:iot/TopicRuleErrorAction:TopicRuleErrorAction", "description": "Configuration block with error action to be associated with the rule. See the documentation for `cloudwatch_alarm`, `cloudwatch_logs`, `cloudwatch_metric`, `dynamodb`, `dynamodbv2`, `elasticsearch`, `firehose`, `http`, `iot_analytics`, `iot_events`, `kafka`, `kinesis`, `lambda`, `republish`, `s3`, `sns`, `sqs`, `step_functions`, `timestream` configuration blocks for further configuration details.\n" }, "firehoses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleFirehose:TopicRuleFirehose" } }, "https": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleHttp:TopicRuleHttp" } }, "iotAnalytics": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotAnalytic:TopicRuleIotAnalytic" } }, "iotEvents": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleIotEvent:TopicRuleIotEvent" } }, "kafkas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKafka:TopicRuleKafka" } }, "kineses": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleKinesis:TopicRuleKinesis" } }, "lambdas": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleLambda:TopicRuleLambda" } }, "name": { "type": "string", "description": "The name of the rule.\n", "willReplaceOnChanges": true }, "republishes": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleRepublish:TopicRuleRepublish" } }, "s3": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleS3:TopicRuleS3" } }, "sns": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSns:TopicRuleSns" } }, "sql": { "type": "string", "description": "The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide.\n" }, "sqlVersion": { "type": "string", "description": "The version of the SQL rules engine to use when evaluating the rule.\n" }, "sqs": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleSqs:TopicRuleSqs" } }, "stepFunctions": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleStepFunction:TopicRuleStepFunction" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timestreams": { "type": "array", "items": { "$ref": "#/types/aws:iot/TopicRuleTimestream:TopicRuleTimestream" } } }, "type": "object" } }, "aws:iot/topicRuleDestination:TopicRuleDestination": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iot.TopicRuleDestination(\"example\", {vpcConfiguration: {\n roleArn: exampleAwsIamRole.arn,\n securityGroups: [exampleAwsSecurityGroup.id],\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n vpcId: exampleAwsVpc.id,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iot.TopicRuleDestination(\"example\", vpc_configuration={\n \"role_arn\": example_aws_iam_role[\"arn\"],\n \"security_groups\": [example_aws_security_group[\"id\"]],\n \"subnet_ids\": [__item[\"id\"] for __item in example_aws_subnet],\n \"vpc_id\": example_aws_vpc[\"id\"],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iot.TopicRuleDestination(\"example\", new()\n {\n VpcConfiguration = new Aws.Iot.Inputs.TopicRuleDestinationVpcConfigurationArgs\n {\n RoleArn = exampleAwsIamRole.Arn,\n SecurityGroups = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n VpcId = exampleAwsVpc.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := iot.NewTopicRuleDestination(ctx, \"example\", \u0026iot.TopicRuleDestinationArgs{\nVpcConfiguration: \u0026iot.TopicRuleDestinationVpcConfigurationArgs{\nRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSecurityGroups: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:4,22-44)),\nVpcId: pulumi.Any(exampleAwsVpc.Id),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.TopicRuleDestination;\nimport com.pulumi.aws.iot.TopicRuleDestinationArgs;\nimport com.pulumi.aws.iot.inputs.TopicRuleDestinationVpcConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TopicRuleDestination(\"example\", TopicRuleDestinationArgs.builder()\n .vpcConfiguration(TopicRuleDestinationVpcConfigurationArgs.builder()\n .roleArn(exampleAwsIamRole.arn())\n .securityGroups(exampleAwsSecurityGroup.id())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .vpcId(exampleAwsVpc.id())\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT topic rule destinations using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iot/topicRuleDestination:TopicRuleDestination example arn:aws:iot:us-west-2:123456789012:ruledestination/vpc/2ce781c8-68a6-4c52-9c62-63fe489ecc60\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule destination\n" }, "enabled": { "type": "boolean", "description": "Whether or not to enable the destination. Default: `true`.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:iot/TopicRuleDestinationVpcConfiguration:TopicRuleDestinationVpcConfiguration", "description": "Configuration of the virtual private cloud (VPC) connection. For more info, see the [AWS documentation](https://docs.aws.amazon.com/iot/latest/developerguide/vpc-rule-action.html).\n" } }, "required": [ "arn", "vpcConfiguration" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether or not to enable the destination. Default: `true`.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:iot/TopicRuleDestinationVpcConfiguration:TopicRuleDestinationVpcConfiguration", "description": "Configuration of the virtual private cloud (VPC) connection. For more info, see the [AWS documentation](https://docs.aws.amazon.com/iot/latest/developerguide/vpc-rule-action.html).\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicRuleDestination resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the topic rule destination\n" }, "enabled": { "type": "boolean", "description": "Whether or not to enable the destination. Default: `true`.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:iot/TopicRuleDestinationVpcConfiguration:TopicRuleDestinationVpcConfiguration", "description": "Configuration of the virtual private cloud (VPC) connection. For more info, see the [AWS documentation](https://docs.aws.amazon.com/iot/latest/developerguide/vpc-rule-action.html).\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ivs/channel:Channel": { "description": "Resource for managing an AWS IVS (Interactive Video) Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ivs.Channel(\"example\", {name: \"channel-1\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ivs.Channel(\"example\", name=\"channel-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ivs.Channel(\"example\", new()\n {\n Name = \"channel-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ivs.NewChannel(ctx, \"example\", \u0026ivs.ChannelArgs{\n\t\t\tName: pulumi.String(\"channel-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ivs.Channel;\nimport com.pulumi.aws.ivs.ChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Channel(\"example\", ChannelArgs.builder()\n .name(\"channel-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ivs:Channel\n properties:\n name: channel-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IVS (Interactive Video) Channel using the ARN. For example:\n\n```sh\n$ pulumi import aws:ivs/channel:Channel example arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Channel.\n" }, "authorized": { "type": "boolean", "description": "If `true`, channel is private (enabled for playback authorization).\n" }, "ingestEndpoint": { "type": "string", "description": "Channel ingest endpoint, part of the definition of an ingest server, used when setting up streaming software.\n" }, "latencyMode": { "type": "string", "description": "Channel latency mode. Valid values: `NORMAL`, `LOW`.\n" }, "name": { "type": "string", "description": "Channel name.\n" }, "playbackUrl": { "type": "string", "description": "Channel playback URL.\n" }, "recordingConfigurationArn": { "type": "string", "description": "Recording configuration ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Channel type, which determines the allowable resolution and bitrate. Valid values: `STANDARD`, `BASIC`.\n" } }, "required": [ "arn", "authorized", "ingestEndpoint", "latencyMode", "name", "playbackUrl", "recordingConfigurationArn", "tagsAll", "type" ], "inputProperties": { "authorized": { "type": "boolean", "description": "If `true`, channel is private (enabled for playback authorization).\n" }, "latencyMode": { "type": "string", "description": "Channel latency mode. Valid values: `NORMAL`, `LOW`.\n" }, "name": { "type": "string", "description": "Channel name.\n" }, "recordingConfigurationArn": { "type": "string", "description": "Recording configuration ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Channel type, which determines the allowable resolution and bitrate. Valid values: `STANDARD`, `BASIC`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Channel resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Channel.\n" }, "authorized": { "type": "boolean", "description": "If `true`, channel is private (enabled for playback authorization).\n" }, "ingestEndpoint": { "type": "string", "description": "Channel ingest endpoint, part of the definition of an ingest server, used when setting up streaming software.\n" }, "latencyMode": { "type": "string", "description": "Channel latency mode. Valid values: `NORMAL`, `LOW`.\n" }, "name": { "type": "string", "description": "Channel name.\n" }, "playbackUrl": { "type": "string", "description": "Channel playback URL.\n" }, "recordingConfigurationArn": { "type": "string", "description": "Recording configuration ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Channel type, which determines the allowable resolution and bitrate. Valid values: `STANDARD`, `BASIC`.\n" } }, "type": "object" } }, "aws:ivs/playbackKeyPair:PlaybackKeyPair": { "description": "Resource for managing an AWS IVS (Interactive Video) Playback Key Pair.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.ivs.PlaybackKeyPair(\"example\", {publicKey: std.file({\n input: \"./public-key.pem\",\n}).then(invoke =\u003e invoke.result)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.ivs.PlaybackKeyPair(\"example\", public_key=std.file(input=\"./public-key.pem\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ivs.PlaybackKeyPair(\"example\", new()\n {\n PublicKey = Std.File.Invoke(new()\n {\n Input = \"./public-key.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivs\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./public-key.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ivs.NewPlaybackKeyPair(ctx, \"example\", \u0026ivs.PlaybackKeyPairArgs{\n\t\t\tPublicKey: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ivs.PlaybackKeyPair;\nimport com.pulumi.aws.ivs.PlaybackKeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PlaybackKeyPair(\"example\", PlaybackKeyPairArgs.builder()\n .publicKey(StdFunctions.file(FileArgs.builder()\n .input(\"./public-key.pem\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ivs:PlaybackKeyPair\n properties:\n publicKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./public-key.pem\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IVS (Interactive Video) Playback Key Pair using the ARN. For example:\n\n```sh\n$ pulumi import aws:ivs/playbackKeyPair:PlaybackKeyPair example arn:aws:ivs:us-west-2:326937407773:playback-key/KDJRJNQhiQzA\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Playback Key Pair.\n" }, "fingerprint": { "type": "string", "description": "Key-pair identifier.\n" }, "name": { "type": "string", "description": "Playback Key Pair name.\n" }, "publicKey": { "type": "string", "description": "Public portion of a customer-generated key pair. Must be an ECDSA public key in PEM format.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "fingerprint", "name", "publicKey", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Playback Key Pair name.\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "Public portion of a customer-generated key pair. Must be an ECDSA public key in PEM format.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "publicKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlaybackKeyPair resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Playback Key Pair.\n" }, "fingerprint": { "type": "string", "description": "Key-pair identifier.\n" }, "name": { "type": "string", "description": "Playback Key Pair name.\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "Public portion of a customer-generated key pair. Must be an ECDSA public key in PEM format.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ivs/recordingConfiguration:RecordingConfiguration": { "description": "Resource for managing an AWS IVS (Interactive Video) Recording Configuration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ivs.RecordingConfiguration(\"example\", {\n name: \"recording_configuration-1\",\n destinationConfiguration: {\n s3: {\n bucketName: \"ivs-stream-archive\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ivs.RecordingConfiguration(\"example\",\n name=\"recording_configuration-1\",\n destination_configuration={\n \"s3\": {\n \"bucket_name\": \"ivs-stream-archive\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ivs.RecordingConfiguration(\"example\", new()\n {\n Name = \"recording_configuration-1\",\n DestinationConfiguration = new Aws.Ivs.Inputs.RecordingConfigurationDestinationConfigurationArgs\n {\n S3 = new Aws.Ivs.Inputs.RecordingConfigurationDestinationConfigurationS3Args\n {\n BucketName = \"ivs-stream-archive\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ivs.NewRecordingConfiguration(ctx, \"example\", \u0026ivs.RecordingConfigurationArgs{\n\t\t\tName: pulumi.String(\"recording_configuration-1\"),\n\t\t\tDestinationConfiguration: \u0026ivs.RecordingConfigurationDestinationConfigurationArgs{\n\t\t\t\tS3: \u0026ivs.RecordingConfigurationDestinationConfigurationS3Args{\n\t\t\t\t\tBucketName: pulumi.String(\"ivs-stream-archive\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ivs.RecordingConfiguration;\nimport com.pulumi.aws.ivs.RecordingConfigurationArgs;\nimport com.pulumi.aws.ivs.inputs.RecordingConfigurationDestinationConfigurationArgs;\nimport com.pulumi.aws.ivs.inputs.RecordingConfigurationDestinationConfigurationS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RecordingConfiguration(\"example\", RecordingConfigurationArgs.builder()\n .name(\"recording_configuration-1\")\n .destinationConfiguration(RecordingConfigurationDestinationConfigurationArgs.builder()\n .s3(RecordingConfigurationDestinationConfigurationS3Args.builder()\n .bucketName(\"ivs-stream-archive\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ivs:RecordingConfiguration\n properties:\n name: recording_configuration-1\n destinationConfiguration:\n s3:\n bucketName: ivs-stream-archive\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IVS (Interactive Video) Recording Configuration using the ARN. For example:\n\n```sh\n$ pulumi import aws:ivs/recordingConfiguration:RecordingConfiguration example arn:aws:ivs:us-west-2:326937407773:recording-configuration/KAk1sHBl2L47\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Recording Configuration.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationDestinationConfiguration:RecordingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where recorded video will be stored.\n" }, "name": { "type": "string", "description": "Recording Configuration name.\n" }, "recordingReconnectWindowSeconds": { "type": "integer", "description": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n" }, "state": { "type": "string", "description": "The current state of the Recording Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thumbnailConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationThumbnailConfiguration:RecordingConfigurationThumbnailConfiguration", "description": "Object containing information to enable/disable the recording of thumbnails for a live session and modify the interval at which thumbnails are generated for the live session.\n" } }, "required": [ "arn", "destinationConfiguration", "name", "recordingReconnectWindowSeconds", "state", "tagsAll", "thumbnailConfiguration" ], "inputProperties": { "destinationConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationDestinationConfiguration:RecordingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where recorded video will be stored.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Recording Configuration name.\n", "willReplaceOnChanges": true }, "recordingReconnectWindowSeconds": { "type": "integer", "description": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "thumbnailConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationThumbnailConfiguration:RecordingConfigurationThumbnailConfiguration", "description": "Object containing information to enable/disable the recording of thumbnails for a live session and modify the interval at which thumbnails are generated for the live session.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering RecordingConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Recording Configuration.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationDestinationConfiguration:RecordingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where recorded video will be stored.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Recording Configuration name.\n", "willReplaceOnChanges": true }, "recordingReconnectWindowSeconds": { "type": "integer", "description": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The current state of the Recording Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true }, "thumbnailConfiguration": { "$ref": "#/types/aws:ivs/RecordingConfigurationThumbnailConfiguration:RecordingConfigurationThumbnailConfiguration", "description": "Object containing information to enable/disable the recording of thumbnails for a live session and modify the interval at which thumbnails are generated for the live session.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ivschat/loggingConfiguration:LoggingConfiguration": { "description": "Resource for managing an AWS IVS (Interactive Video) Chat Logging Configuration.\n\n## Example Usage\n\n### Basic Usage - Logging to CloudWatch\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {});\nconst exampleLoggingConfiguration = new aws.ivschat.LoggingConfiguration(\"example\", {destinationConfiguration: {\n cloudwatchLogs: {\n logGroupName: example.name,\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\")\nexample_logging_configuration = aws.ivschat.LoggingConfiguration(\"example\", destination_configuration={\n \"cloudwatch_logs\": {\n \"log_group_name\": example.name,\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\");\n\n var exampleLoggingConfiguration = new Aws.IvsChat.LoggingConfiguration(\"example\", new()\n {\n DestinationConfiguration = new Aws.IvsChat.Inputs.LoggingConfigurationDestinationConfigurationArgs\n {\n CloudwatchLogs = new Aws.IvsChat.Inputs.LoggingConfigurationDestinationConfigurationCloudwatchLogsArgs\n {\n LogGroupName = example.Name,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivschat\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ivschat.NewLoggingConfiguration(ctx, \"example\", \u0026ivschat.LoggingConfigurationArgs{\n\t\t\tDestinationConfiguration: \u0026ivschat.LoggingConfigurationDestinationConfigurationArgs{\n\t\t\t\tCloudwatchLogs: \u0026ivschat.LoggingConfigurationDestinationConfigurationCloudwatchLogsArgs{\n\t\t\t\t\tLogGroupName: example.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.ivschat.LoggingConfiguration;\nimport com.pulumi.aws.ivschat.LoggingConfigurationArgs;\nimport com.pulumi.aws.ivschat.inputs.LoggingConfigurationDestinationConfigurationArgs;\nimport com.pulumi.aws.ivschat.inputs.LoggingConfigurationDestinationConfigurationCloudwatchLogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\");\n\n var exampleLoggingConfiguration = new LoggingConfiguration(\"exampleLoggingConfiguration\", LoggingConfigurationArgs.builder()\n .destinationConfiguration(LoggingConfigurationDestinationConfigurationArgs.builder()\n .cloudwatchLogs(LoggingConfigurationDestinationConfigurationCloudwatchLogsArgs.builder()\n .logGroupName(example.name())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n exampleLoggingConfiguration:\n type: aws:ivschat:LoggingConfiguration\n name: example\n properties:\n destinationConfiguration:\n cloudwatchLogs:\n logGroupName: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Usage - Logging to Kinesis Firehose with Extended S3\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucketPrefix: \"tf-ivschat-logging-bucket\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"firehose_example_role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = new aws.kinesis.FirehoseDeliveryStream(\"example\", {\n name: \"pulumi-kinesis-firehose-extended-s3-example-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: exampleRole.arn,\n bucketArn: exampleBucketV2.arn,\n },\n tags: {\n LogDeliveryEnabled: \"true\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n acl: \"private\",\n});\nconst exampleLoggingConfiguration = new aws.ivschat.LoggingConfiguration(\"example\", {destinationConfiguration: {\n firehose: {\n deliveryStreamName: example.name,\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket_prefix=\"tf-ivschat-logging-bucket\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"firehose.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"firehose_example_role\",\n assume_role_policy=assume_role.json)\nexample = aws.kinesis.FirehoseDeliveryStream(\"example\",\n name=\"pulumi-kinesis-firehose-extended-s3-example-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": example_role.arn,\n \"bucket_arn\": example_bucket_v2.arn,\n },\n tags={\n \"LogDeliveryEnabled\": \"true\",\n })\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n acl=\"private\")\nexample_logging_configuration = aws.ivschat.LoggingConfiguration(\"example\", destination_configuration={\n \"firehose\": {\n \"delivery_stream_name\": example.name,\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n BucketPrefix = \"tf-ivschat-logging-bucket\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"firehose_example_role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = new Aws.Kinesis.FirehoseDeliveryStream(\"example\", new()\n {\n Name = \"pulumi-kinesis-firehose-extended-s3-example-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = exampleRole.Arn,\n BucketArn = exampleBucketV2.Arn,\n },\n Tags = \n {\n { \"LogDeliveryEnabled\", \"true\" },\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Acl = \"private\",\n });\n\n var exampleLoggingConfiguration = new Aws.IvsChat.LoggingConfiguration(\"example\", new()\n {\n DestinationConfiguration = new Aws.IvsChat.Inputs.LoggingConfigurationDestinationConfigurationArgs\n {\n Firehose = new Aws.IvsChat.Inputs.LoggingConfigurationDestinationConfigurationFirehoseArgs\n {\n DeliveryStreamName = example.Name,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivschat\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucketPrefix: pulumi.String(\"tf-ivschat-logging-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"firehose_example_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := kinesis.NewFirehoseDeliveryStream(ctx, \"example\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"pulumi-kinesis-firehose-extended-s3-example-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t\tBucketArn: exampleBucketV2.Arn,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"LogDeliveryEnabled\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ivschat.NewLoggingConfiguration(ctx, \"example\", \u0026ivschat.LoggingConfigurationArgs{\n\t\t\tDestinationConfiguration: \u0026ivschat.LoggingConfigurationDestinationConfigurationArgs{\n\t\t\t\tFirehose: \u0026ivschat.LoggingConfigurationDestinationConfigurationFirehoseArgs{\n\t\t\t\t\tDeliveryStreamName: example.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.ivschat.LoggingConfiguration;\nimport com.pulumi.aws.ivschat.LoggingConfigurationArgs;\nimport com.pulumi.aws.ivschat.inputs.LoggingConfigurationDestinationConfigurationArgs;\nimport com.pulumi.aws.ivschat.inputs.LoggingConfigurationDestinationConfigurationFirehoseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucketPrefix(\"tf-ivschat-logging-bucket\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"firehose_example_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example = new FirehoseDeliveryStream(\"example\", FirehoseDeliveryStreamArgs.builder()\n .name(\"pulumi-kinesis-firehose-extended-s3-example-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(exampleRole.arn())\n .bucketArn(exampleBucketV2.arn())\n .build())\n .tags(Map.of(\"LogDeliveryEnabled\", \"true\"))\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n var exampleLoggingConfiguration = new LoggingConfiguration(\"exampleLoggingConfiguration\", LoggingConfigurationArgs.builder()\n .destinationConfiguration(LoggingConfigurationDestinationConfigurationArgs.builder()\n .firehose(LoggingConfigurationDestinationConfigurationFirehoseArgs.builder()\n .deliveryStreamName(example.name())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: pulumi-kinesis-firehose-extended-s3-example-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${exampleRole.arn}\n bucketArn: ${exampleBucketV2.arn}\n tags:\n LogDeliveryEnabled: 'true'\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucketPrefix: tf-ivschat-logging-bucket\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: firehose_example_role\n assumeRolePolicy: ${assumeRole.json}\n exampleLoggingConfiguration:\n type: aws:ivschat:LoggingConfiguration\n name: example\n properties:\n destinationConfiguration:\n firehose:\n deliveryStreamName: ${example.name}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Usage - Logging to S3\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucketName: tf-ivschat-logging\n forceDestroy: true\n exampleLoggingConfiguration:\n type: aws:ivschat:LoggingConfiguration\n name: example\n properties:\n destinationConfiguration:\n s3:\n bucketName: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IVS (Interactive Video) Chat Logging Configuration using the ARN. For example:\n\n```sh\n$ pulumi import aws:ivschat/loggingConfiguration:LoggingConfiguration example arn:aws:ivschat:us-west-2:326937407773:logging-configuration/MMUQc8wcqZmC\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Logging Configuration.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfiguration:LoggingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where chat activity will be logged. This object must contain exactly one of the following children arguments:\n" }, "name": { "type": "string", "description": "Logging Configuration name.\n" }, "state": { "type": "string", "description": "State of the Logging Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "state", "tagsAll" ], "inputProperties": { "destinationConfiguration": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfiguration:LoggingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where chat activity will be logged. This object must contain exactly one of the following children arguments:\n" }, "name": { "type": "string", "description": "Logging Configuration name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoggingConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Logging Configuration.\n" }, "destinationConfiguration": { "$ref": "#/types/aws:ivschat/LoggingConfigurationDestinationConfiguration:LoggingConfigurationDestinationConfiguration", "description": "Object containing destination configuration for where chat activity will be logged. This object must contain exactly one of the following children arguments:\n" }, "name": { "type": "string", "description": "Logging Configuration name.\n" }, "state": { "type": "string", "description": "State of the Logging Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ivschat/room:Room": { "description": "Resource for managing an AWS IVS (Interactive Video) Chat Room.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ivschat.Room(\"example\", {name: \"tf-room\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ivschat.Room(\"example\", name=\"tf-room\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.IvsChat.Room(\"example\", new()\n {\n Name = \"tf-room\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivschat\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ivschat.NewRoom(ctx, \"example\", \u0026ivschat.RoomArgs{\n\t\t\tName: pulumi.String(\"tf-room\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ivschat.Room;\nimport com.pulumi.aws.ivschat.RoomArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Room(\"example\", RoomArgs.builder()\n .name(\"tf-room\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ivschat:Room\n properties:\n name: tf-room\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IVS (Interactive Video) Chat Room using the ARN. For example:\n\n```sh\n$ pulumi import aws:ivschat/room:Room example arn:aws:ivschat:us-west-2:326937407773:room/GoXEXyB4VwHb\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Room.\n" }, "loggingConfigurationIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of Logging Configuration\nARNs to attach to the room.\n" }, "maximumMessageLength": { "type": "integer", "description": "Maximum number of characters in a single\nmessage. Messages are expected to be UTF-8 encoded and this limit applies\nspecifically to rune/code-point count, not number of bytes.\n" }, "maximumMessageRatePerSecond": { "type": "integer", "description": "Maximum number of messages per\nsecond that can be sent to the room (by all clients).\n" }, "messageReviewHandler": { "$ref": "#/types/aws:ivschat/RoomMessageReviewHandler:RoomMessageReviewHandler", "description": "Configuration information for optional\nreview of messages.\n" }, "name": { "type": "string", "description": "Room name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "maximumMessageLength", "maximumMessageRatePerSecond", "name", "tagsAll" ], "inputProperties": { "loggingConfigurationIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of Logging Configuration\nARNs to attach to the room.\n" }, "maximumMessageLength": { "type": "integer", "description": "Maximum number of characters in a single\nmessage. Messages are expected to be UTF-8 encoded and this limit applies\nspecifically to rune/code-point count, not number of bytes.\n" }, "maximumMessageRatePerSecond": { "type": "integer", "description": "Maximum number of messages per\nsecond that can be sent to the room (by all clients).\n" }, "messageReviewHandler": { "$ref": "#/types/aws:ivschat/RoomMessageReviewHandler:RoomMessageReviewHandler", "description": "Configuration information for optional\nreview of messages.\n" }, "name": { "type": "string", "description": "Room name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Room resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Room.\n" }, "loggingConfigurationIdentifiers": { "type": "array", "items": { "type": "string" }, "description": "List of Logging Configuration\nARNs to attach to the room.\n" }, "maximumMessageLength": { "type": "integer", "description": "Maximum number of characters in a single\nmessage. Messages are expected to be UTF-8 encoded and this limit applies\nspecifically to rune/code-point count, not number of bytes.\n" }, "maximumMessageRatePerSecond": { "type": "integer", "description": "Maximum number of messages per\nsecond that can be sent to the room (by all clients).\n" }, "messageReviewHandler": { "$ref": "#/types/aws:ivschat/RoomMessageReviewHandler:RoomMessageReviewHandler", "description": "Configuration information for optional\nreview of messages.\n" }, "name": { "type": "string", "description": "Room name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:kendra/dataSource:DataSource": { "description": "Resource for managing an AWS Kendra Data Source.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n description: \"example\",\n languageCode: \"en\",\n type: \"CUSTOM\",\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n description=\"example\",\n language_code=\"en\",\n type=\"CUSTOM\",\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Description = \"example\",\n LanguageCode = \"en\",\n Type = \"CUSTOM\",\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tType: pulumi.String(\"CUSTOM\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .description(\"example\")\n .languageCode(\"en\")\n .type(\"CUSTOM\")\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n description: example\n languageCode: en\n type: CUSTOM\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Connector\n\n### With Schedule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n schedule: \"cron(9 10 1 * ? *)\",\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n schedule=\"cron(9 10 1 * ? *)\",\n configuration={\n \"s3_configuration\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Schedule = \"cron(9 10 1 * ? *)\",\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSchedule: pulumi.String(\"cron(9 10 1 * ? *)\"),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .schedule(\"cron(9 10 1 * ? *)\")\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n schedule: cron(9 10 1 * ? *)\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Access Control List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n accessControlListConfiguration: {\n keyPath: `s3://${exampleAwsS3Bucket.id}/path-1`,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"s3_configuration\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"access_control_list_configuration\": {\n \"key_path\": f\"s3://{example_aws_s3_bucket['id']}/path-1\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n AccessControlListConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs\n {\n KeyPath = $\"s3://{exampleAwsS3Bucket.Id}/path-1\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tAccessControlListConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs{\n\t\t\t\t\t\tKeyPath: pulumi.String(fmt.Sprintf(\"s3://%v/path-1\", exampleAwsS3Bucket.Id)),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .accessControlListConfiguration(DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs.builder()\n .keyPath(String.format(\"s3://%s/path-1\", exampleAwsS3Bucket.id()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n accessControlListConfiguration:\n keyPath: s3://${exampleAwsS3Bucket.id}/path-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Documents Metadata Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n exclusionPatterns: [\"example\"],\n inclusionPatterns: [\"hello\"],\n inclusionPrefixes: [\"world\"],\n documentsMetadataConfiguration: {\n s3Prefix: \"example\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"s3_configuration\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"exclusion_patterns\": [\"example\"],\n \"inclusion_patterns\": [\"hello\"],\n \"inclusion_prefixes\": [\"world\"],\n \"documents_metadata_configuration\": {\n \"s3_prefix\": \"example\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n ExclusionPatterns = new[]\n {\n \"example\",\n },\n InclusionPatterns = new[]\n {\n \"hello\",\n },\n InclusionPrefixes = new[]\n {\n \"world\",\n },\n DocumentsMetadataConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs\n {\n S3Prefix = \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPrefixes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"world\"),\n\t\t\t\t\t},\n\t\t\t\t\tDocumentsMetadataConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs{\n\t\t\t\t\t\tS3Prefix: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .exclusionPatterns(\"example\")\n .inclusionPatterns(\"hello\")\n .inclusionPrefixes(\"world\")\n .documentsMetadataConfiguration(DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs.builder()\n .s3Prefix(\"example\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n exclusionPatterns:\n - example\n inclusionPatterns:\n - hello\n inclusionPrefixes:\n - world\n documentsMetadataConfiguration:\n s3Prefix: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Web Crawler Connector\n\n### With Seed URLs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Site Maps\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n siteMapsConfiguration: {\n siteMaps: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"urls\": {\n \"site_maps_configuration\": {\n \"site_maps\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SiteMapsConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs\n {\n SiteMaps = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSiteMapsConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs{\n\t\t\t\t\t\t\tSiteMaps: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .siteMapsConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs.builder()\n .siteMaps(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n siteMapsConfiguration:\n siteMaps:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Web Crawler Mode\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n webCrawlerMode: \"SUBDOMAINS\",\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"urls\": {\n \"seed_url_configuration\": {\n \"web_crawler_mode\": \"SUBDOMAINS\",\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n WebCrawlerMode = \"SUBDOMAINS\",\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tWebCrawlerMode: pulumi.String(\"SUBDOMAINS\"),\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .webCrawlerMode(\"SUBDOMAINS\")\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n webCrawlerMode: SUBDOMAINS\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Authentication Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n authenticationConfiguration: {\n basicAuthentications: [{\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n }],\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n}, {\n dependsOn: [exampleAwsSecretsmanagerSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"authentication_configuration\": {\n \"basic_authentications\": [{\n \"credentials\": example_aws_secretsmanager_secret[\"arn\"],\n \"host\": \"a.example.com\",\n \"port\": 443,\n }],\n },\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n AuthenticationConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs\n {\n BasicAuthentications = new[]\n {\n new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n },\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecretsmanagerSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tAuthenticationConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs{\n\t\t\t\t\t\tBasicAuthentications: kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArray{\n\t\t\t\t\t\t\t\u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs{\n\t\t\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecretsmanagerSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .authenticationConfiguration(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs.builder()\n .basicAuthentications(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecretsmanagerSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n authenticationConfiguration:\n basicAuthentications:\n - credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n options:\n dependson:\n - ${exampleAwsSecretsmanagerSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Crawl Depth\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n crawlDepth: 3,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"crawl_depth\": 3,\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n CrawlDepth = 3,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tCrawlDepth: pulumi.Int(3),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .crawlDepth(3)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n crawlDepth: 3\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Links Per Page\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxLinksPerPage: 100,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"max_links_per_page\": 100,\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxLinksPerPage = 100,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxLinksPerPage: pulumi.Int(100),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxLinksPerPage(100)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxLinksPerPage: 100\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Urls Per Minute Crawl Rate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxUrlsPerMinuteCrawlRate: 300,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"max_urls_per_minute_crawl_rate\": 300,\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxUrlsPerMinuteCrawlRate = 300,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxUrlsPerMinuteCrawlRate: pulumi.Int(300),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxUrlsPerMinuteCrawlRate(300)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxUrlsPerMinuteCrawlRate: 300\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Proxy Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n proxyConfiguration: {\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n}, {\n dependsOn: [exampleAwsSecretsmanagerSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"proxy_configuration\": {\n \"credentials\": example_aws_secretsmanager_secret[\"arn\"],\n \"host\": \"a.example.com\",\n \"port\": 443,\n },\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n ProxyConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecretsmanagerSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tProxyConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs{\n\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecretsmanagerSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .proxyConfiguration(DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecretsmanagerSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n proxyConfiguration:\n credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n options:\n dependson:\n - ${exampleAwsSecretsmanagerSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With URL Exclusion and Inclusion Patterns\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urlExclusionPatterns: [\"example\"],\n urlInclusionPatterns: [\"hello\"],\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"web_crawler_configuration\": {\n \"url_exclusion_patterns\": [\"example\"],\n \"url_inclusion_patterns\": [\"hello\"],\n \"urls\": {\n \"seed_url_configuration\": {\n \"seed_urls\": [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n UrlExclusionPatterns = new[]\n {\n \"example\",\n },\n UrlInclusionPatterns = new[]\n {\n \"hello\",\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrlExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrlInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urlExclusionPatterns(\"example\")\n .urlInclusionPatterns(\"hello\")\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urlExclusionPatterns:\n - example\n urlInclusionPatterns:\n - hello\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kendra Data Source using the unique identifiers of the data_source and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/dataSource:DataSource example 1045d08d-66ef-4882-b3ed-dfb7df183e90/b34dfdf7-1f2b-4704-9581-79e00296845f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Data Source.\n" }, "configuration": { "$ref": "#/types/aws:kendra/DataSourceConfiguration:DataSourceConfiguration", "description": "A block with the configuration information to connect to your Data Source repository. You can't specify the `configuration` block when the `type` parameter is set to `CUSTOM`. Detailed below.\n" }, "createdAt": { "type": "string", "description": "The Unix timestamp of when the Data Source was created.\n" }, "customDocumentEnrichmentConfiguration": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfiguration:DataSourceCustomDocumentEnrichmentConfiguration", "description": "A block with the configuration information for altering document metadata and content during the document ingestion process. For more information on how to create, modify and delete document metadata, or make other content alterations when you ingest documents into Amazon Kendra, see [Customizing document metadata during the ingestion process](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html). Detailed below.\n" }, "dataSourceId": { "type": "string", "description": "The unique identifiers of the Data Source.\n" }, "description": { "type": "string", "description": "A description for the Data Source connector.\n" }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, the ErrorMessage field contains a description of the error that caused the Data Source to fail.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra data source.\n" }, "languageCode": { "type": "string", "description": "The code for a language. This allows you to support a language for all documents when creating the Data Source connector. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html).\n" }, "name": { "type": "string", "description": "A name for your data source connector.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the data source connector. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html). You can't specify the `role_arn` parameter when the `type` parameter is set to `CUSTOM`. The `role_arn` parameter is required for all other data sources.\n" }, "schedule": { "type": "string", "description": "Sets the frequency for Amazon Kendra to check the documents in your Data Source repository and update the index. If you don't set a schedule Amazon Kendra will not periodically update the index. You can call the `StartDataSourceSyncJob` API to update the index.\n" }, "status": { "type": "string", "description": "The current status of the Data Source. When the status is `ACTIVE` the Data Source is ready to use. When the status is `FAILED`, the `error_message` field contains the reason that the Data Source failed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of data source repository. For an updated list of values, refer to [Valid Values for Type](https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html#Kendra-CreateDataSource-request-Type).\n\nThe following arguments are optional:\n" }, "updatedAt": { "type": "string", "description": "The Unix timestamp of when the Data Source was last updated.\n" } }, "required": [ "arn", "createdAt", "dataSourceId", "errorMessage", "indexId", "languageCode", "name", "status", "tagsAll", "type", "updatedAt" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:kendra/DataSourceConfiguration:DataSourceConfiguration", "description": "A block with the configuration information to connect to your Data Source repository. You can't specify the `configuration` block when the `type` parameter is set to `CUSTOM`. Detailed below.\n" }, "customDocumentEnrichmentConfiguration": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfiguration:DataSourceCustomDocumentEnrichmentConfiguration", "description": "A block with the configuration information for altering document metadata and content during the document ingestion process. For more information on how to create, modify and delete document metadata, or make other content alterations when you ingest documents into Amazon Kendra, see [Customizing document metadata during the ingestion process](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html). Detailed below.\n" }, "description": { "type": "string", "description": "A description for the Data Source connector.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra data source.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The code for a language. This allows you to support a language for all documents when creating the Data Source connector. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html).\n" }, "name": { "type": "string", "description": "A name for your data source connector.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the data source connector. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html). You can't specify the `role_arn` parameter when the `type` parameter is set to `CUSTOM`. The `role_arn` parameter is required for all other data sources.\n" }, "schedule": { "type": "string", "description": "Sets the frequency for Amazon Kendra to check the documents in your Data Source repository and update the index. If you don't set a schedule Amazon Kendra will not periodically update the index. You can call the `StartDataSourceSyncJob` API to update the index.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of data source repository. For an updated list of values, refer to [Valid Values for Type](https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html#Kendra-CreateDataSource-request-Type).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "indexId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSource resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Data Source.\n" }, "configuration": { "$ref": "#/types/aws:kendra/DataSourceConfiguration:DataSourceConfiguration", "description": "A block with the configuration information to connect to your Data Source repository. You can't specify the `configuration` block when the `type` parameter is set to `CUSTOM`. Detailed below.\n" }, "createdAt": { "type": "string", "description": "The Unix timestamp of when the Data Source was created.\n" }, "customDocumentEnrichmentConfiguration": { "$ref": "#/types/aws:kendra/DataSourceCustomDocumentEnrichmentConfiguration:DataSourceCustomDocumentEnrichmentConfiguration", "description": "A block with the configuration information for altering document metadata and content during the document ingestion process. For more information on how to create, modify and delete document metadata, or make other content alterations when you ingest documents into Amazon Kendra, see [Customizing document metadata during the ingestion process](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html). Detailed below.\n" }, "dataSourceId": { "type": "string", "description": "The unique identifiers of the Data Source.\n" }, "description": { "type": "string", "description": "A description for the Data Source connector.\n" }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, the ErrorMessage field contains a description of the error that caused the Data Source to fail.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra data source.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The code for a language. This allows you to support a language for all documents when creating the Data Source connector. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html).\n" }, "name": { "type": "string", "description": "A name for your data source connector.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the data source connector. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html). You can't specify the `role_arn` parameter when the `type` parameter is set to `CUSTOM`. The `role_arn` parameter is required for all other data sources.\n" }, "schedule": { "type": "string", "description": "Sets the frequency for Amazon Kendra to check the documents in your Data Source repository and update the index. If you don't set a schedule Amazon Kendra will not periodically update the index. You can call the `StartDataSourceSyncJob` API to update the index.\n" }, "status": { "type": "string", "description": "The current status of the Data Source. When the status is `ACTIVE` the Data Source is ready to use. When the status is `FAILED`, the `error_message` field contains the reason that the Data Source failed.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of data source repository. For an updated list of values, refer to [Valid Values for Type](https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html#Kendra-CreateDataSource-request-Type).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "updatedAt": { "type": "string", "description": "The Unix timestamp of when the Data Source was last updated.\n" } }, "type": "object" } }, "aws:kendra/experience:Experience": { "description": "Resource for managing an AWS Kendra Experience.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Experience(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n description: \"My Kendra Experience\",\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n contentSourceConfiguration: {\n directPutContent: true,\n faqIds: [exampleAwsKendraFaq.faqId],\n },\n userIdentityConfiguration: {\n identityAttributeName: \"12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Experience(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n description=\"My Kendra Experience\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration={\n \"content_source_configuration\": {\n \"direct_put_content\": True,\n \"faq_ids\": [example_aws_kendra_faq[\"faqId\"]],\n },\n \"user_identity_configuration\": {\n \"identity_attribute_name\": \"12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Experience(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Description = \"My Kendra Experience\",\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.ExperienceConfigurationArgs\n {\n ContentSourceConfiguration = new Aws.Kendra.Inputs.ExperienceConfigurationContentSourceConfigurationArgs\n {\n DirectPutContent = true,\n FaqIds = new[]\n {\n exampleAwsKendraFaq.FaqId,\n },\n },\n UserIdentityConfiguration = new Aws.Kendra.Inputs.ExperienceConfigurationUserIdentityConfigurationArgs\n {\n IdentityAttributeName = \"12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewExperience(ctx, \"example\", \u0026kendra.ExperienceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tDescription: pulumi.String(\"My Kendra Experience\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.ExperienceConfigurationArgs{\n\t\t\t\tContentSourceConfiguration: \u0026kendra.ExperienceConfigurationContentSourceConfigurationArgs{\n\t\t\t\t\tDirectPutContent: pulumi.Bool(true),\n\t\t\t\t\tFaqIds: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsKendraFaq.FaqId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUserIdentityConfiguration: \u0026kendra.ExperienceConfigurationUserIdentityConfigurationArgs{\n\t\t\t\t\tIdentityAttributeName: pulumi.String(\"12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Experience;\nimport com.pulumi.aws.kendra.ExperienceArgs;\nimport com.pulumi.aws.kendra.inputs.ExperienceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.ExperienceConfigurationContentSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.ExperienceConfigurationUserIdentityConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Experience(\"example\", ExperienceArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .description(\"My Kendra Experience\")\n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(ExperienceConfigurationArgs.builder()\n .contentSourceConfiguration(ExperienceConfigurationContentSourceConfigurationArgs.builder()\n .directPutContent(true)\n .faqIds(exampleAwsKendraFaq.faqId())\n .build())\n .userIdentityConfiguration(ExperienceConfigurationUserIdentityConfigurationArgs.builder()\n .identityAttributeName(\"12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Experience\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n description: My Kendra Experience\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n contentSourceConfiguration:\n directPutContent: true\n faqIds:\n - ${exampleAwsKendraFaq.faqId}\n userIdentityConfiguration:\n identityAttributeName: 12345ec453-1546651e-79c4-4554-91fa-00b43ccfa245\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kendra Experience using the unique identifiers of the experience and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/experience:Experience example 1045d08d-66ef-4882-b3ed-dfb7df183e90/b34dfdf7-1f2b-4704-9581-79e00296845f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Experience.\n" }, "configuration": { "$ref": "#/types/aws:kendra/ExperienceConfiguration:ExperienceConfiguration", "description": "Configuration information for your Amazon Kendra experience. The provider will only perform drift detection of its value when present in a configuration. Detailed below.\n" }, "description": { "type": "string", "description": "A description for your Amazon Kendra experience.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:kendra/ExperienceEndpoint:ExperienceEndpoint" }, "description": "Shows the endpoint URLs for your Amazon Kendra experiences. The URLs are unique and fully hosted by AWS.\n" }, "experienceId": { "type": "string", "description": "The unique identifier of the experience.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra experience.\n" }, "name": { "type": "string", "description": "A name for your Amazon Kendra experience.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access `Query API`, `QuerySuggestions API`, `SubmitFeedback API`, and `AWS SSO` that stores your user and group information. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "The current processing status of your Amazon Kendra experience.\n" } }, "required": [ "arn", "configuration", "endpoints", "experienceId", "indexId", "name", "roleArn", "status" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:kendra/ExperienceConfiguration:ExperienceConfiguration", "description": "Configuration information for your Amazon Kendra experience. The provider will only perform drift detection of its value when present in a configuration. Detailed below.\n" }, "description": { "type": "string", "description": "A description for your Amazon Kendra experience.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra experience.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for your Amazon Kendra experience.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access `Query API`, `QuerySuggestions API`, `SubmitFeedback API`, and `AWS SSO` that stores your user and group information. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "indexId", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Experience resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Experience.\n" }, "configuration": { "$ref": "#/types/aws:kendra/ExperienceConfiguration:ExperienceConfiguration", "description": "Configuration information for your Amazon Kendra experience. The provider will only perform drift detection of its value when present in a configuration. Detailed below.\n" }, "description": { "type": "string", "description": "A description for your Amazon Kendra experience.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:kendra/ExperienceEndpoint:ExperienceEndpoint" }, "description": "Shows the endpoint URLs for your Amazon Kendra experiences. The URLs are unique and fully hosted by AWS.\n" }, "experienceId": { "type": "string", "description": "The unique identifier of the experience.\n" }, "indexId": { "type": "string", "description": "The identifier of the index for your Amazon Kendra experience.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for your Amazon Kendra experience.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access `Query API`, `QuerySuggestions API`, `SubmitFeedback API`, and `AWS SSO` that stores your user and group information. For more information, see [IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "The current processing status of your Amazon Kendra experience.\n" } }, "type": "object" } }, "aws:kendra/faq:Faq": { "description": "Resource for managing an AWS Kendra FAQ.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Faq(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"Example\",\n roleArn: exampleAwsIamRole.arn,\n s3Path: {\n bucket: exampleAwsS3Bucket.id,\n key: exampleAwsS3Object.key,\n },\n tags: {\n Name: \"Example Kendra Faq\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Faq(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"Example\",\n role_arn=example_aws_iam_role[\"arn\"],\n s3_path={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": example_aws_s3_object[\"key\"],\n },\n tags={\n \"Name\": \"Example Kendra Faq\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Faq(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"Example\",\n RoleArn = exampleAwsIamRole.Arn,\n S3Path = new Aws.Kendra.Inputs.FaqS3PathArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = exampleAwsS3Object.Key,\n },\n Tags = \n {\n { \"Name\", \"Example Kendra Faq\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewFaq(ctx, \"example\", \u0026kendra.FaqArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Path: \u0026kendra.FaqS3PathArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Kendra Faq\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Faq;\nimport com.pulumi.aws.kendra.FaqArgs;\nimport com.pulumi.aws.kendra.inputs.FaqS3PathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Faq(\"example\", FaqArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"Example\")\n .roleArn(exampleAwsIamRole.arn())\n .s3Path(FaqS3PathArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(exampleAwsS3Object.key())\n .build())\n .tags(Map.of(\"Name\", \"Example Kendra Faq\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Faq\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: Example\n roleArn: ${exampleAwsIamRole.arn}\n s3Path:\n bucket: ${exampleAwsS3Bucket.id}\n key: ${exampleAwsS3Object.key}\n tags:\n Name: Example Kendra Faq\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With File Format\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Faq(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"Example\",\n fileFormat: \"CSV\",\n roleArn: exampleAwsIamRole.arn,\n s3Path: {\n bucket: exampleAwsS3Bucket.id,\n key: exampleAwsS3Object.key,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Faq(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"Example\",\n file_format=\"CSV\",\n role_arn=example_aws_iam_role[\"arn\"],\n s3_path={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": example_aws_s3_object[\"key\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Faq(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"Example\",\n FileFormat = \"CSV\",\n RoleArn = exampleAwsIamRole.Arn,\n S3Path = new Aws.Kendra.Inputs.FaqS3PathArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = exampleAwsS3Object.Key,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewFaq(ctx, \"example\", \u0026kendra.FaqArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tFileFormat: pulumi.String(\"CSV\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Path: \u0026kendra.FaqS3PathArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Faq;\nimport com.pulumi.aws.kendra.FaqArgs;\nimport com.pulumi.aws.kendra.inputs.FaqS3PathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Faq(\"example\", FaqArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"Example\")\n .fileFormat(\"CSV\")\n .roleArn(exampleAwsIamRole.arn())\n .s3Path(FaqS3PathArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(exampleAwsS3Object.key())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Faq\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: Example\n fileFormat: CSV\n roleArn: ${exampleAwsIamRole.arn}\n s3Path:\n bucket: ${exampleAwsS3Bucket.id}\n key: ${exampleAwsS3Object.key}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Language Code\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Faq(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"Example\",\n languageCode: \"en\",\n roleArn: exampleAwsIamRole.arn,\n s3Path: {\n bucket: exampleAwsS3Bucket.id,\n key: exampleAwsS3Object.key,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Faq(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"Example\",\n language_code=\"en\",\n role_arn=example_aws_iam_role[\"arn\"],\n s3_path={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": example_aws_s3_object[\"key\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Faq(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"Example\",\n LanguageCode = \"en\",\n RoleArn = exampleAwsIamRole.Arn,\n S3Path = new Aws.Kendra.Inputs.FaqS3PathArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = exampleAwsS3Object.Key,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewFaq(ctx, \"example\", \u0026kendra.FaqArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Path: \u0026kendra.FaqS3PathArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Faq;\nimport com.pulumi.aws.kendra.FaqArgs;\nimport com.pulumi.aws.kendra.inputs.FaqS3PathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Faq(\"example\", FaqArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"Example\")\n .languageCode(\"en\")\n .roleArn(exampleAwsIamRole.arn())\n .s3Path(FaqS3PathArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(exampleAwsS3Object.key())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Faq\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: Example\n languageCode: en\n roleArn: ${exampleAwsIamRole.arn}\n s3Path:\n bucket: ${exampleAwsS3Bucket.id}\n key: ${exampleAwsS3Object.key}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_kendra_faq` using the unique identifiers of the FAQ and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/faq:Faq example faq-123456780/idx-8012925589\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the FAQ.\n" }, "createdAt": { "type": "string", "description": "The Unix datetime that the FAQ was created.\n" }, "description": { "type": "string" }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, this contains a message that explains why.\n" }, "faqId": { "type": "string", "description": "The identifier of the FAQ.\n" }, "fileFormat": { "type": "string" }, "indexId": { "type": "string", "description": "The identifier of the index for a FAQ.\n" }, "languageCode": { "type": "string" }, "name": { "type": "string", "description": "The name that should be associated with the FAQ.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQs. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n" }, "s3Path": { "$ref": "#/types/aws:kendra/FaqS3Path:FaqS3Path", "description": "The S3 location of the FAQ input data. Detailed below.\n" }, "status": { "type": "string", "description": "The status of the FAQ. It is ready to use when the status is ACTIVE.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updatedAt": { "type": "string", "description": "The date and time that the FAQ was last updated.\n" } }, "required": [ "arn", "createdAt", "errorMessage", "faqId", "indexId", "languageCode", "name", "roleArn", "s3Path", "status", "tagsAll", "updatedAt" ], "inputProperties": { "description": { "type": "string", "willReplaceOnChanges": true }, "fileFormat": { "type": "string", "willReplaceOnChanges": true }, "indexId": { "type": "string", "description": "The identifier of the index for a FAQ.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name that should be associated with the FAQ.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQs. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n", "willReplaceOnChanges": true }, "s3Path": { "$ref": "#/types/aws:kendra/FaqS3Path:FaqS3Path", "description": "The S3 location of the FAQ input data. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "indexId", "roleArn", "s3Path" ], "stateInputs": { "description": "Input properties used for looking up and filtering Faq resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the FAQ.\n" }, "createdAt": { "type": "string", "description": "The Unix datetime that the FAQ was created.\n" }, "description": { "type": "string", "willReplaceOnChanges": true }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, this contains a message that explains why.\n" }, "faqId": { "type": "string", "description": "The identifier of the FAQ.\n" }, "fileFormat": { "type": "string", "willReplaceOnChanges": true }, "indexId": { "type": "string", "description": "The identifier of the index for a FAQ.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name that should be associated with the FAQ.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQs. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n", "willReplaceOnChanges": true }, "s3Path": { "$ref": "#/types/aws:kendra/FaqS3Path:FaqS3Path", "description": "The S3 location of the FAQ input data. Detailed below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the FAQ. It is ready to use when the status is ACTIVE.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updatedAt": { "type": "string", "description": "The date and time that the FAQ was last updated.\n" } }, "type": "object" } }, "aws:kendra/index:Index": { "description": "Provides an Amazon Kendra Index resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n description: \"example\",\n edition: \"DEVELOPER_EDITION\",\n roleArn: _this.arn,\n tags: {\n Key1: \"Value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n description=\"example\",\n edition=\"DEVELOPER_EDITION\",\n role_arn=this[\"arn\"],\n tags={\n \"Key1\": \"Value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n Edition = \"DEVELOPER_EDITION\",\n RoleArn = @this.Arn,\n Tags = \n {\n { \"Key1\", \"Value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tEdition: pulumi.String(\"DEVELOPER_EDITION\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .edition(\"DEVELOPER_EDITION\")\n .roleArn(this_.arn())\n .tags(Map.of(\"Key1\", \"Value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n description: example\n edition: DEVELOPER_EDITION\n roleArn: ${this.arn}\n tags:\n Key1: Value1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With capacity units\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n edition: \"DEVELOPER_EDITION\",\n roleArn: _this.arn,\n capacityUnits: {\n queryCapacityUnits: 2,\n storageCapacityUnits: 2,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n edition=\"DEVELOPER_EDITION\",\n role_arn=this[\"arn\"],\n capacity_units={\n \"query_capacity_units\": 2,\n \"storage_capacity_units\": 2,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n Edition = \"DEVELOPER_EDITION\",\n RoleArn = @this.Arn,\n CapacityUnits = new Aws.Kendra.Inputs.IndexCapacityUnitsArgs\n {\n QueryCapacityUnits = 2,\n StorageCapacityUnits = 2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEdition: pulumi.String(\"DEVELOPER_EDITION\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tCapacityUnits: \u0026kendra.IndexCapacityUnitsArgs{\n\t\t\t\tQueryCapacityUnits: pulumi.Int(2),\n\t\t\t\tStorageCapacityUnits: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexCapacityUnitsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .edition(\"DEVELOPER_EDITION\")\n .roleArn(this_.arn())\n .capacityUnits(IndexCapacityUnitsArgs.builder()\n .queryCapacityUnits(2)\n .storageCapacityUnits(2)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n edition: DEVELOPER_EDITION\n roleArn: ${this.arn}\n capacityUnits:\n queryCapacityUnits: 2\n storageCapacityUnits: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With server side encryption configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n roleArn: thisAwsIamRole.arn,\n serverSideEncryptionConfiguration: {\n kmsKeyId: _this.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n role_arn=this_aws_iam_role[\"arn\"],\n server_side_encryption_configuration={\n \"kms_key_id\": this[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n RoleArn = thisAwsIamRole.Arn,\n ServerSideEncryptionConfiguration = new Aws.Kendra.Inputs.IndexServerSideEncryptionConfigurationArgs\n {\n KmsKeyId = @this.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(thisAwsIamRole.Arn),\n\t\t\tServerSideEncryptionConfiguration: \u0026kendra.IndexServerSideEncryptionConfigurationArgs{\n\t\t\t\tKmsKeyId: pulumi.Any(this.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexServerSideEncryptionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .roleArn(thisAwsIamRole.arn())\n .serverSideEncryptionConfiguration(IndexServerSideEncryptionConfigurationArgs.builder()\n .kmsKeyId(this_.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n roleArn: ${thisAwsIamRole.arn}\n serverSideEncryptionConfiguration:\n kmsKeyId: ${this.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With user group resolution configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n roleArn: _this.arn,\n userGroupResolutionConfiguration: {\n userGroupResolutionMode: \"AWS_SSO\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n role_arn=this[\"arn\"],\n user_group_resolution_configuration={\n \"user_group_resolution_mode\": \"AWS_SSO\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n RoleArn = @this.Arn,\n UserGroupResolutionConfiguration = new Aws.Kendra.Inputs.IndexUserGroupResolutionConfigurationArgs\n {\n UserGroupResolutionMode = \"AWS_SSO\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tUserGroupResolutionConfiguration: \u0026kendra.IndexUserGroupResolutionConfigurationArgs{\n\t\t\t\tUserGroupResolutionMode: pulumi.String(\"AWS_SSO\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexUserGroupResolutionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .roleArn(this_.arn())\n .userGroupResolutionConfiguration(IndexUserGroupResolutionConfigurationArgs.builder()\n .userGroupResolutionMode(\"AWS_SSO\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n roleArn: ${this.arn}\n userGroupResolutionConfiguration:\n userGroupResolutionMode: AWS_SSO\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Document Metadata Configuration Updates\n\n### Specifying the predefined elements\n\nRefer to [Amazon Kendra documentation on built-in document fields](https://docs.aws.amazon.com/kendra/latest/dg/hiw-index.html#index-reserved-fields) for more information.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n roleArn: _this.arn,\n documentMetadataConfigurationUpdates: [\n {\n name: \"_authors\",\n type: \"STRING_LIST_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 1,\n },\n },\n {\n name: \"_category\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_created_at\",\n type: \"DATE_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n freshness: false,\n importance: 1,\n duration: \"25920000s\",\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_data_source_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_document_title\",\n type: \"STRING_VALUE\",\n search: {\n displayable: true,\n facetable: false,\n searchable: true,\n sortable: true,\n },\n relevance: {\n importance: 2,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_excerpt_page_number\",\n type: \"LONG_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 2,\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_faq_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_file_type\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_language_code\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_last_updated_at\",\n type: \"DATE_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n freshness: false,\n importance: 1,\n duration: \"25920000s\",\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_source_uri\",\n type: \"STRING_VALUE\",\n search: {\n displayable: true,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_tenant_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_version\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_view_count\",\n type: \"LONG_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n rankOrder: \"ASCENDING\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n role_arn=this[\"arn\"],\n document_metadata_configuration_updates=[\n {\n \"name\": \"_authors\",\n \"type\": \"STRING_LIST_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 1,\n },\n },\n {\n \"name\": \"_category\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_created_at\",\n \"type\": \"DATE_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"freshness\": False,\n \"importance\": 1,\n \"duration\": \"25920000s\",\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_data_source_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_document_title\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": False,\n \"searchable\": True,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 2,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_excerpt_page_number\",\n \"type\": \"LONG_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 2,\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_faq_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_file_type\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_language_code\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_last_updated_at\",\n \"type\": \"DATE_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"freshness\": False,\n \"importance\": 1,\n \"duration\": \"25920000s\",\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_source_uri\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_tenant_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_version\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_view_count\",\n \"type\": \"LONG_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"rank_order\": \"ASCENDING\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n RoleArn = @this.Arn,\n DocumentMetadataConfigurationUpdates = new[]\n {\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_authors\",\n Type = \"STRING_LIST_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_category\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_created_at\",\n Type = \"DATE_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Freshness = false,\n Importance = 1,\n Duration = \"25920000s\",\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_data_source_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_document_title\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = false,\n Searchable = true,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 2,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_excerpt_page_number\",\n Type = \"LONG_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 2,\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_faq_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_file_type\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_language_code\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_last_updated_at\",\n Type = \"DATE_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Freshness = false,\n Importance = 1,\n Duration = \"25920000s\",\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_source_uri\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_tenant_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_version\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_view_count\",\n Type = \"LONG_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n RankOrder = \"ASCENDING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tDocumentMetadataConfigurationUpdates: kendra.IndexDocumentMetadataConfigurationUpdateArray{\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_authors\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_LIST_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_category\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_created_at\"),\n\t\t\t\t\tType: pulumi.String(\"DATE_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tFreshness: pulumi.Bool(false),\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tDuration: pulumi.String(\"25920000s\"),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_data_source_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_document_title\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(true),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(2),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_excerpt_page_number\"),\n\t\t\t\t\tType: pulumi.String(\"LONG_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(2),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_faq_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_file_type\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_language_code\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_last_updated_at\"),\n\t\t\t\t\tType: pulumi.String(\"DATE_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tFreshness: pulumi.Bool(false),\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tDuration: pulumi.String(\"25920000s\"),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_source_uri\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_tenant_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_version\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_view_count\"),\n\t\t\t\t\tType: pulumi.String(\"LONG_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .roleArn(this_.arn())\n .documentMetadataConfigurationUpdates( \n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_authors\")\n .type(\"STRING_LIST_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_category\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_created_at\")\n .type(\"DATE_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .freshness(false)\n .importance(1)\n .duration(\"25920000s\")\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_data_source_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_document_title\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(false)\n .searchable(true)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(2)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_excerpt_page_number\")\n .type(\"LONG_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(2)\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_faq_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_file_type\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_language_code\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_last_updated_at\")\n .type(\"DATE_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .freshness(false)\n .importance(1)\n .duration(\"25920000s\")\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_source_uri\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_tenant_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_version\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_view_count\")\n .type(\"LONG_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .rankOrder(\"ASCENDING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n roleArn: ${this.arn}\n documentMetadataConfigurationUpdates:\n - name: _authors\n type: STRING_LIST_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 1\n - name: _category\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _created_at\n type: DATE_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n freshness: false\n importance: 1\n duration: 25920000s\n rankOrder: ASCENDING\n - name: _data_source_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _document_title\n type: STRING_VALUE\n search:\n displayable: true\n facetable: false\n searchable: true\n sortable: true\n relevance:\n importance: 2\n valuesImportanceMap: {}\n - name: _excerpt_page_number\n type: LONG_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 2\n rankOrder: ASCENDING\n - name: _faq_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _file_type\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _language_code\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _last_updated_at\n type: DATE_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n freshness: false\n importance: 1\n duration: 25920000s\n rankOrder: ASCENDING\n - name: _source_uri\n type: STRING_VALUE\n search:\n displayable: true\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _tenant_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _version\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _view_count\n type: LONG_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n rankOrder: ASCENDING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Appending additional elements\n\nThe example below shows additional elements with names, `example-string-value`, `example-long-value`, `example-string-list-value`, `example-date-value` representing the 4 types of `STRING_VALUE`, `LONG_VALUE`, `STRING_LIST_VALUE`, `DATE_VALUE` respectively.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n roleArn: _this.arn,\n documentMetadataConfigurationUpdates: [\n {\n name: \"_authors\",\n type: \"STRING_LIST_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 1,\n },\n },\n {\n name: \"_category\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_created_at\",\n type: \"DATE_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n freshness: false,\n importance: 1,\n duration: \"25920000s\",\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_data_source_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_document_title\",\n type: \"STRING_VALUE\",\n search: {\n displayable: true,\n facetable: false,\n searchable: true,\n sortable: true,\n },\n relevance: {\n importance: 2,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_excerpt_page_number\",\n type: \"LONG_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 2,\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_faq_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_file_type\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_language_code\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_last_updated_at\",\n type: \"DATE_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n freshness: false,\n importance: 1,\n duration: \"25920000s\",\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"_source_uri\",\n type: \"STRING_VALUE\",\n search: {\n displayable: true,\n facetable: false,\n searchable: false,\n sortable: false,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_tenant_id\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_version\",\n type: \"STRING_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"_view_count\",\n type: \"LONG_VALUE\",\n search: {\n displayable: false,\n facetable: false,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"example-string-value\",\n type: \"STRING_VALUE\",\n search: {\n displayable: true,\n facetable: true,\n searchable: true,\n sortable: true,\n },\n relevance: {\n importance: 1,\n valuesImportanceMap: {},\n },\n },\n {\n name: \"example-long-value\",\n type: \"LONG_VALUE\",\n search: {\n displayable: true,\n facetable: true,\n searchable: false,\n sortable: true,\n },\n relevance: {\n importance: 1,\n rankOrder: \"ASCENDING\",\n },\n },\n {\n name: \"example-string-list-value\",\n type: \"STRING_LIST_VALUE\",\n search: {\n displayable: true,\n facetable: true,\n searchable: true,\n sortable: false,\n },\n relevance: {\n importance: 1,\n },\n },\n {\n name: \"example-date-value\",\n type: \"DATE_VALUE\",\n search: {\n displayable: true,\n facetable: true,\n searchable: false,\n sortable: false,\n },\n relevance: {\n freshness: false,\n importance: 1,\n duration: \"25920000s\",\n rankOrder: \"ASCENDING\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n role_arn=this[\"arn\"],\n document_metadata_configuration_updates=[\n {\n \"name\": \"_authors\",\n \"type\": \"STRING_LIST_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 1,\n },\n },\n {\n \"name\": \"_category\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_created_at\",\n \"type\": \"DATE_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"freshness\": False,\n \"importance\": 1,\n \"duration\": \"25920000s\",\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_data_source_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_document_title\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": False,\n \"searchable\": True,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 2,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_excerpt_page_number\",\n \"type\": \"LONG_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 2,\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_faq_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_file_type\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_language_code\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_last_updated_at\",\n \"type\": \"DATE_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"freshness\": False,\n \"importance\": 1,\n \"duration\": \"25920000s\",\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"_source_uri\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_tenant_id\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_version\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"_view_count\",\n \"type\": \"LONG_VALUE\",\n \"search\": {\n \"displayable\": False,\n \"facetable\": False,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"example-string-value\",\n \"type\": \"STRING_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": True,\n \"searchable\": True,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"values_importance_map\": {},\n },\n },\n {\n \"name\": \"example-long-value\",\n \"type\": \"LONG_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": True,\n \"searchable\": False,\n \"sortable\": True,\n },\n \"relevance\": {\n \"importance\": 1,\n \"rank_order\": \"ASCENDING\",\n },\n },\n {\n \"name\": \"example-string-list-value\",\n \"type\": \"STRING_LIST_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": True,\n \"searchable\": True,\n \"sortable\": False,\n },\n \"relevance\": {\n \"importance\": 1,\n },\n },\n {\n \"name\": \"example-date-value\",\n \"type\": \"DATE_VALUE\",\n \"search\": {\n \"displayable\": True,\n \"facetable\": True,\n \"searchable\": False,\n \"sortable\": False,\n },\n \"relevance\": {\n \"freshness\": False,\n \"importance\": 1,\n \"duration\": \"25920000s\",\n \"rank_order\": \"ASCENDING\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n RoleArn = @this.Arn,\n DocumentMetadataConfigurationUpdates = new[]\n {\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_authors\",\n Type = \"STRING_LIST_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_category\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_created_at\",\n Type = \"DATE_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Freshness = false,\n Importance = 1,\n Duration = \"25920000s\",\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_data_source_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_document_title\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = false,\n Searchable = true,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 2,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_excerpt_page_number\",\n Type = \"LONG_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 2,\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_faq_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_file_type\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_language_code\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_last_updated_at\",\n Type = \"DATE_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Freshness = false,\n Importance = 1,\n Duration = \"25920000s\",\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_source_uri\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = false,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_tenant_id\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_version\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"_view_count\",\n Type = \"LONG_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = false,\n Facetable = false,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"example-string-value\",\n Type = \"STRING_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = true,\n Searchable = true,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n ValuesImportanceMap = null,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"example-long-value\",\n Type = \"LONG_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = true,\n Searchable = false,\n Sortable = true,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n RankOrder = \"ASCENDING\",\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"example-string-list-value\",\n Type = \"STRING_LIST_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = true,\n Searchable = true,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Importance = 1,\n },\n },\n new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateArgs\n {\n Name = \"example-date-value\",\n Type = \"DATE_VALUE\",\n Search = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs\n {\n Displayable = true,\n Facetable = true,\n Searchable = false,\n Sortable = false,\n },\n Relevance = new Aws.Kendra.Inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs\n {\n Freshness = false,\n Importance = 1,\n Duration = \"25920000s\",\n RankOrder = \"ASCENDING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tDocumentMetadataConfigurationUpdates: kendra.IndexDocumentMetadataConfigurationUpdateArray{\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_authors\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_LIST_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_category\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_created_at\"),\n\t\t\t\t\tType: pulumi.String(\"DATE_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tFreshness: pulumi.Bool(false),\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tDuration: pulumi.String(\"25920000s\"),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_data_source_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_document_title\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(true),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(2),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_excerpt_page_number\"),\n\t\t\t\t\tType: pulumi.String(\"LONG_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(2),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_faq_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_file_type\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_language_code\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_last_updated_at\"),\n\t\t\t\t\tType: pulumi.String(\"DATE_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tFreshness: pulumi.Bool(false),\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tDuration: pulumi.String(\"25920000s\"),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_source_uri\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_tenant_id\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_version\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"_view_count\"),\n\t\t\t\t\tType: pulumi.String(\"LONG_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(false),\n\t\t\t\t\t\tFacetable: pulumi.Bool(false),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"example-string-value\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(true),\n\t\t\t\t\t\tSearchable: pulumi.Bool(true),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tValuesImportanceMap: nil,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"example-long-value\"),\n\t\t\t\t\tType: pulumi.String(\"LONG_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(true),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"example-string-list-value\"),\n\t\t\t\t\tType: pulumi.String(\"STRING_LIST_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(true),\n\t\t\t\t\t\tSearchable: pulumi.Bool(true),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026kendra.IndexDocumentMetadataConfigurationUpdateArgs{\n\t\t\t\t\tName: pulumi.String(\"example-date-value\"),\n\t\t\t\t\tType: pulumi.String(\"DATE_VALUE\"),\n\t\t\t\t\tSearch: \u0026kendra.IndexDocumentMetadataConfigurationUpdateSearchArgs{\n\t\t\t\t\t\tDisplayable: pulumi.Bool(true),\n\t\t\t\t\t\tFacetable: pulumi.Bool(true),\n\t\t\t\t\t\tSearchable: pulumi.Bool(false),\n\t\t\t\t\t\tSortable: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tRelevance: \u0026kendra.IndexDocumentMetadataConfigurationUpdateRelevanceArgs{\n\t\t\t\t\t\tFreshness: pulumi.Bool(false),\n\t\t\t\t\t\tImportance: pulumi.Int(1),\n\t\t\t\t\t\tDuration: pulumi.String(\"25920000s\"),\n\t\t\t\t\t\tRankOrder: pulumi.String(\"ASCENDING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateSearchArgs;\nimport com.pulumi.aws.kendra.inputs.IndexDocumentMetadataConfigurationUpdateRelevanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .roleArn(this_.arn())\n .documentMetadataConfigurationUpdates( \n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_authors\")\n .type(\"STRING_LIST_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_category\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_created_at\")\n .type(\"DATE_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .freshness(false)\n .importance(1)\n .duration(\"25920000s\")\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_data_source_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_document_title\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(false)\n .searchable(true)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(2)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_excerpt_page_number\")\n .type(\"LONG_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(2)\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_faq_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_file_type\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_language_code\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_last_updated_at\")\n .type(\"DATE_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .freshness(false)\n .importance(1)\n .duration(\"25920000s\")\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_source_uri\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(false)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_tenant_id\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_version\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"_view_count\")\n .type(\"LONG_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(false)\n .facetable(false)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"example-string-value\")\n .type(\"STRING_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(true)\n .searchable(true)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .valuesImportanceMap()\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"example-long-value\")\n .type(\"LONG_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(true)\n .searchable(false)\n .sortable(true)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .rankOrder(\"ASCENDING\")\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"example-string-list-value\")\n .type(\"STRING_LIST_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(true)\n .searchable(true)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .importance(1)\n .build())\n .build(),\n IndexDocumentMetadataConfigurationUpdateArgs.builder()\n .name(\"example-date-value\")\n .type(\"DATE_VALUE\")\n .search(IndexDocumentMetadataConfigurationUpdateSearchArgs.builder()\n .displayable(true)\n .facetable(true)\n .searchable(false)\n .sortable(false)\n .build())\n .relevance(IndexDocumentMetadataConfigurationUpdateRelevanceArgs.builder()\n .freshness(false)\n .importance(1)\n .duration(\"25920000s\")\n .rankOrder(\"ASCENDING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n roleArn: ${this.arn}\n documentMetadataConfigurationUpdates:\n - name: _authors\n type: STRING_LIST_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 1\n - name: _category\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _created_at\n type: DATE_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n freshness: false\n importance: 1\n duration: 25920000s\n rankOrder: ASCENDING\n - name: _data_source_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _document_title\n type: STRING_VALUE\n search:\n displayable: true\n facetable: false\n searchable: true\n sortable: true\n relevance:\n importance: 2\n valuesImportanceMap: {}\n - name: _excerpt_page_number\n type: LONG_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 2\n rankOrder: ASCENDING\n - name: _faq_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _file_type\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _language_code\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _last_updated_at\n type: DATE_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n freshness: false\n importance: 1\n duration: 25920000s\n rankOrder: ASCENDING\n - name: _source_uri\n type: STRING_VALUE\n search:\n displayable: true\n facetable: false\n searchable: false\n sortable: false\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _tenant_id\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _version\n type: STRING_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: _view_count\n type: LONG_VALUE\n search:\n displayable: false\n facetable: false\n searchable: false\n sortable: true\n relevance:\n importance: 1\n rankOrder: ASCENDING\n - name: example-string-value\n type: STRING_VALUE\n search:\n displayable: true\n facetable: true\n searchable: true\n sortable: true\n relevance:\n importance: 1\n valuesImportanceMap: {}\n - name: example-long-value\n type: LONG_VALUE\n search:\n displayable: true\n facetable: true\n searchable: false\n sortable: true\n relevance:\n importance: 1\n rankOrder: ASCENDING\n - name: example-string-list-value\n type: STRING_LIST_VALUE\n search:\n displayable: true\n facetable: true\n searchable: true\n sortable: false\n relevance:\n importance: 1\n - name: example-date-value\n type: DATE_VALUE\n search:\n displayable: true\n facetable: true\n searchable: false\n sortable: false\n relevance:\n freshness: false\n importance: 1\n duration: 25920000s\n rankOrder: ASCENDING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With JSON token type configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Index(\"example\", {\n name: \"example\",\n roleArn: _this.arn,\n userTokenConfigurations: {\n jsonTokenTypeConfiguration: {\n groupAttributeField: \"groups\",\n userNameAttributeField: \"username\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Index(\"example\",\n name=\"example\",\n role_arn=this[\"arn\"],\n user_token_configurations={\n \"json_token_type_configuration\": {\n \"group_attribute_field\": \"groups\",\n \"user_name_attribute_field\": \"username\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Index(\"example\", new()\n {\n Name = \"example\",\n RoleArn = @this.Arn,\n UserTokenConfigurations = new Aws.Kendra.Inputs.IndexUserTokenConfigurationsArgs\n {\n JsonTokenTypeConfiguration = new Aws.Kendra.Inputs.IndexUserTokenConfigurationsJsonTokenTypeConfigurationArgs\n {\n GroupAttributeField = \"groups\",\n UserNameAttributeField = \"username\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewIndex(ctx, \"example\", \u0026kendra.IndexArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(this.Arn),\n\t\t\tUserTokenConfigurations: \u0026kendra.IndexUserTokenConfigurationsArgs{\n\t\t\t\tJsonTokenTypeConfiguration: \u0026kendra.IndexUserTokenConfigurationsJsonTokenTypeConfigurationArgs{\n\t\t\t\t\tGroupAttributeField: pulumi.String(\"groups\"),\n\t\t\t\t\tUserNameAttributeField: pulumi.String(\"username\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Index;\nimport com.pulumi.aws.kendra.IndexArgs;\nimport com.pulumi.aws.kendra.inputs.IndexUserTokenConfigurationsArgs;\nimport com.pulumi.aws.kendra.inputs.IndexUserTokenConfigurationsJsonTokenTypeConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .name(\"example\")\n .roleArn(this_.arn())\n .userTokenConfigurations(IndexUserTokenConfigurationsArgs.builder()\n .jsonTokenTypeConfiguration(IndexUserTokenConfigurationsJsonTokenTypeConfigurationArgs.builder()\n .groupAttributeField(\"groups\")\n .userNameAttributeField(\"username\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Index\n properties:\n name: example\n roleArn: ${this.arn}\n userTokenConfigurations:\n jsonTokenTypeConfiguration:\n groupAttributeField: groups\n userNameAttributeField: username\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Kendra Indexes using its `id`. For example:\n\n```sh\n$ pulumi import aws:kendra/index:Index example 12345678-1234-5678-9123-123456789123\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Index.\n" }, "capacityUnits": { "$ref": "#/types/aws:kendra/IndexCapacityUnits:IndexCapacityUnits", "description": "A block that sets the number of additional document storage and query capacity units that should be used by the index. Detailed below.\n" }, "createdAt": { "type": "string", "description": "The Unix datetime that the index was created.\n" }, "description": { "type": "string", "description": "The description of the Index.\n" }, "documentMetadataConfigurationUpdates": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexDocumentMetadataConfigurationUpdate:IndexDocumentMetadataConfigurationUpdate" }, "description": "One or more blocks that specify the configuration settings for any metadata applied to the documents in the index. Minimum number of 0 items. Maximum number of 500 items. If specified, you must define all elements, including those that are provided by default. These index fields are documented at [Amazon Kendra Index documentation](https://docs.aws.amazon.com/kendra/latest/dg/hiw-index.html). For an example resource that defines these default index fields, refer to the default example above. For an example resource that appends additional index fields, refer to the append example above. All arguments for each block must be specified. Note that blocks cannot be removed since index fields cannot be deleted. This argument is detailed below.\n" }, "edition": { "type": "string", "description": "The Amazon Kendra edition to use for the index. Choose `DEVELOPER_EDITION` for indexes intended for development, testing, or proof of concept. Use `ENTERPRISE_EDITION` for your production databases. Once you set the edition for an index, it can't be changed. Defaults to `ENTERPRISE_EDITION`\n" }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, this contains a message that explains why.\n" }, "indexStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexIndexStatistic:IndexIndexStatistic" }, "description": "A block that provides information about the number of FAQ questions and answers and the number of text documents indexed. Detailed below.\n" }, "name": { "type": "string", "description": "Specifies the name of the Index.\n" }, "roleArn": { "type": "string", "description": "An AWS Identity and Access Management (IAM) role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role you use when you call the `BatchPutDocument` API to index documents from an Amazon S3 bucket.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:kendra/IndexServerSideEncryptionConfiguration:IndexServerSideEncryptionConfiguration", "description": "A block that specifies the identifier of the AWS KMS customer managed key (CMK) that's used to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs. Detailed below.\n" }, "status": { "type": "string", "description": "The current status of the index. When the value is `ACTIVE`, the index is ready for use. If the Status field value is `FAILED`, the `error_message` field contains a message that explains why.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Index. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updatedAt": { "type": "string", "description": "The Unix datetime that the index was last updated.\n" }, "userContextPolicy": { "type": "string", "description": "The user context policy. Valid values are `ATTRIBUTE_FILTER` or `USER_TOKEN`. For more information, refer to [UserContextPolicy](https://docs.aws.amazon.com/kendra/latest/APIReference/API_CreateIndex.html#kendra-CreateIndex-request-UserContextPolicy). Defaults to `ATTRIBUTE_FILTER`.\n" }, "userGroupResolutionConfiguration": { "$ref": "#/types/aws:kendra/IndexUserGroupResolutionConfiguration:IndexUserGroupResolutionConfiguration", "description": "A block that enables fetching access levels of groups and users from an AWS Single Sign-On identity source. To configure this, see [UserGroupResolutionConfiguration](https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html). Detailed below.\n" }, "userTokenConfigurations": { "$ref": "#/types/aws:kendra/IndexUserTokenConfigurations:IndexUserTokenConfigurations", "description": "A block that specifies the user token configuration. Detailed below.\n" } }, "required": [ "arn", "capacityUnits", "createdAt", "documentMetadataConfigurationUpdates", "errorMessage", "indexStatistics", "name", "roleArn", "status", "tagsAll", "updatedAt" ], "inputProperties": { "capacityUnits": { "$ref": "#/types/aws:kendra/IndexCapacityUnits:IndexCapacityUnits", "description": "A block that sets the number of additional document storage and query capacity units that should be used by the index. Detailed below.\n" }, "description": { "type": "string", "description": "The description of the Index.\n" }, "documentMetadataConfigurationUpdates": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexDocumentMetadataConfigurationUpdate:IndexDocumentMetadataConfigurationUpdate" }, "description": "One or more blocks that specify the configuration settings for any metadata applied to the documents in the index. Minimum number of 0 items. Maximum number of 500 items. If specified, you must define all elements, including those that are provided by default. These index fields are documented at [Amazon Kendra Index documentation](https://docs.aws.amazon.com/kendra/latest/dg/hiw-index.html). For an example resource that defines these default index fields, refer to the default example above. For an example resource that appends additional index fields, refer to the append example above. All arguments for each block must be specified. Note that blocks cannot be removed since index fields cannot be deleted. This argument is detailed below.\n" }, "edition": { "type": "string", "description": "The Amazon Kendra edition to use for the index. Choose `DEVELOPER_EDITION` for indexes intended for development, testing, or proof of concept. Use `ENTERPRISE_EDITION` for your production databases. Once you set the edition for an index, it can't be changed. Defaults to `ENTERPRISE_EDITION`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Specifies the name of the Index.\n" }, "roleArn": { "type": "string", "description": "An AWS Identity and Access Management (IAM) role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role you use when you call the `BatchPutDocument` API to index documents from an Amazon S3 bucket.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:kendra/IndexServerSideEncryptionConfiguration:IndexServerSideEncryptionConfiguration", "description": "A block that specifies the identifier of the AWS KMS customer managed key (CMK) that's used to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs. Detailed below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Index. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userContextPolicy": { "type": "string", "description": "The user context policy. Valid values are `ATTRIBUTE_FILTER` or `USER_TOKEN`. For more information, refer to [UserContextPolicy](https://docs.aws.amazon.com/kendra/latest/APIReference/API_CreateIndex.html#kendra-CreateIndex-request-UserContextPolicy). Defaults to `ATTRIBUTE_FILTER`.\n" }, "userGroupResolutionConfiguration": { "$ref": "#/types/aws:kendra/IndexUserGroupResolutionConfiguration:IndexUserGroupResolutionConfiguration", "description": "A block that enables fetching access levels of groups and users from an AWS Single Sign-On identity source. To configure this, see [UserGroupResolutionConfiguration](https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html). Detailed below.\n" }, "userTokenConfigurations": { "$ref": "#/types/aws:kendra/IndexUserTokenConfigurations:IndexUserTokenConfigurations", "description": "A block that specifies the user token configuration. Detailed below.\n" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Index resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Index.\n" }, "capacityUnits": { "$ref": "#/types/aws:kendra/IndexCapacityUnits:IndexCapacityUnits", "description": "A block that sets the number of additional document storage and query capacity units that should be used by the index. Detailed below.\n" }, "createdAt": { "type": "string", "description": "The Unix datetime that the index was created.\n" }, "description": { "type": "string", "description": "The description of the Index.\n" }, "documentMetadataConfigurationUpdates": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexDocumentMetadataConfigurationUpdate:IndexDocumentMetadataConfigurationUpdate" }, "description": "One or more blocks that specify the configuration settings for any metadata applied to the documents in the index. Minimum number of 0 items. Maximum number of 500 items. If specified, you must define all elements, including those that are provided by default. These index fields are documented at [Amazon Kendra Index documentation](https://docs.aws.amazon.com/kendra/latest/dg/hiw-index.html). For an example resource that defines these default index fields, refer to the default example above. For an example resource that appends additional index fields, refer to the append example above. All arguments for each block must be specified. Note that blocks cannot be removed since index fields cannot be deleted. This argument is detailed below.\n" }, "edition": { "type": "string", "description": "The Amazon Kendra edition to use for the index. Choose `DEVELOPER_EDITION` for indexes intended for development, testing, or proof of concept. Use `ENTERPRISE_EDITION` for your production databases. Once you set the edition for an index, it can't be changed. Defaults to `ENTERPRISE_EDITION`\n", "willReplaceOnChanges": true }, "errorMessage": { "type": "string", "description": "When the Status field value is `FAILED`, this contains a message that explains why.\n" }, "indexStatistics": { "type": "array", "items": { "$ref": "#/types/aws:kendra/IndexIndexStatistic:IndexIndexStatistic" }, "description": "A block that provides information about the number of FAQ questions and answers and the number of text documents indexed. Detailed below.\n" }, "name": { "type": "string", "description": "Specifies the name of the Index.\n" }, "roleArn": { "type": "string", "description": "An AWS Identity and Access Management (IAM) role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role you use when you call the `BatchPutDocument` API to index documents from an Amazon S3 bucket.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:kendra/IndexServerSideEncryptionConfiguration:IndexServerSideEncryptionConfiguration", "description": "A block that specifies the identifier of the AWS KMS customer managed key (CMK) that's used to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs. Detailed below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The current status of the index. When the value is `ACTIVE`, the index is ready for use. If the Status field value is `FAILED`, the `error_message` field contains a message that explains why.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the Index. If configured with a provider\n`default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updatedAt": { "type": "string", "description": "The Unix datetime that the index was last updated.\n" }, "userContextPolicy": { "type": "string", "description": "The user context policy. Valid values are `ATTRIBUTE_FILTER` or `USER_TOKEN`. For more information, refer to [UserContextPolicy](https://docs.aws.amazon.com/kendra/latest/APIReference/API_CreateIndex.html#kendra-CreateIndex-request-UserContextPolicy). Defaults to `ATTRIBUTE_FILTER`.\n" }, "userGroupResolutionConfiguration": { "$ref": "#/types/aws:kendra/IndexUserGroupResolutionConfiguration:IndexUserGroupResolutionConfiguration", "description": "A block that enables fetching access levels of groups and users from an AWS Single Sign-On identity source. To configure this, see [UserGroupResolutionConfiguration](https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html). Detailed below.\n" }, "userTokenConfigurations": { "$ref": "#/types/aws:kendra/IndexUserTokenConfigurations:IndexUserTokenConfigurations", "description": "A block that specifies the user token configuration. Detailed below.\n" } }, "type": "object" } }, "aws:kendra/querySuggestionsBlockList:QuerySuggestionsBlockList": { "description": "Use the `aws_kendra_index_block_list` resource to manage an AWS Kendra block list used for query suggestions for an index.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.QuerySuggestionsBlockList(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"Example\",\n roleArn: exampleAwsIamRole.arn,\n sourceS3Path: {\n bucket: exampleAwsS3Bucket.id,\n key: \"example/suggestions.txt\",\n },\n tags: {\n Name: \"Example Kendra Index\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.QuerySuggestionsBlockList(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"Example\",\n role_arn=example_aws_iam_role[\"arn\"],\n source_s3_path={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": \"example/suggestions.txt\",\n },\n tags={\n \"Name\": \"Example Kendra Index\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.QuerySuggestionsBlockList(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"Example\",\n RoleArn = exampleAwsIamRole.Arn,\n SourceS3Path = new Aws.Kendra.Inputs.QuerySuggestionsBlockListSourceS3PathArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = \"example/suggestions.txt\",\n },\n Tags = \n {\n { \"Name\", \"Example Kendra Index\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewQuerySuggestionsBlockList(ctx, \"example\", \u0026kendra.QuerySuggestionsBlockListArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSourceS3Path: \u0026kendra.QuerySuggestionsBlockListSourceS3PathArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.String(\"example/suggestions.txt\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Kendra Index\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.QuerySuggestionsBlockList;\nimport com.pulumi.aws.kendra.QuerySuggestionsBlockListArgs;\nimport com.pulumi.aws.kendra.inputs.QuerySuggestionsBlockListSourceS3PathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new QuerySuggestionsBlockList(\"example\", QuerySuggestionsBlockListArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"Example\")\n .roleArn(exampleAwsIamRole.arn())\n .sourceS3Path(QuerySuggestionsBlockListSourceS3PathArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(\"example/suggestions.txt\")\n .build())\n .tags(Map.of(\"Name\", \"Example Kendra Index\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:QuerySuggestionsBlockList\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: Example\n roleArn: ${exampleAwsIamRole.arn}\n sourceS3Path:\n bucket: ${exampleAwsS3Bucket.id}\n key: example/suggestions.txt\n tags:\n Name: Example Kendra Index\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the `aws_kendra_query_suggestions_block_list` resource using the unique identifiers of the block list and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/querySuggestionsBlockList:QuerySuggestionsBlockList example blocklist-123456780/idx-8012925589\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the block list.\n" }, "description": { "type": "string" }, "indexId": { "type": "string", "description": "Identifier of the index for a block list.\n" }, "name": { "type": "string", "description": "Name for the block list.\n" }, "querySuggestionsBlockListId": { "type": "string", "description": "Unique identifier of the block list.\n" }, "roleArn": { "type": "string", "description": "IAM (Identity and Access Management) role used to access the block list text file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/QuerySuggestionsBlockListSourceS3Path:QuerySuggestionsBlockListSourceS3Path", "description": "S3 path where your block list text file is located. See details below.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider's default_tags configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "indexId", "name", "querySuggestionsBlockListId", "roleArn", "sourceS3Path", "status", "tagsAll" ], "inputProperties": { "description": { "type": "string" }, "indexId": { "type": "string", "description": "Identifier of the index for a block list.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name for the block list.\n" }, "roleArn": { "type": "string", "description": "IAM (Identity and Access Management) role used to access the block list text file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/QuerySuggestionsBlockListSourceS3Path:QuerySuggestionsBlockListSourceS3Path", "description": "S3 path where your block list text file is located. See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "indexId", "roleArn", "sourceS3Path" ], "stateInputs": { "description": "Input properties used for looking up and filtering QuerySuggestionsBlockList resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the block list.\n" }, "description": { "type": "string" }, "indexId": { "type": "string", "description": "Identifier of the index for a block list.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name for the block list.\n" }, "querySuggestionsBlockListId": { "type": "string", "description": "Unique identifier of the block list.\n" }, "roleArn": { "type": "string", "description": "IAM (Identity and Access Management) role used to access the block list text file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/QuerySuggestionsBlockListSourceS3Path:QuerySuggestionsBlockListSourceS3Path", "description": "S3 path where your block list text file is located. See details below.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider's default_tags configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:kendra/thesaurus:Thesaurus": { "description": "Resource for managing an AWS Kendra Thesaurus.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.Thesaurus(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"Example\",\n roleArn: exampleAwsIamRole.arn,\n sourceS3Path: {\n bucket: exampleAwsS3Bucket.id,\n key: exampleAwsS3Object.key,\n },\n tags: {\n Name: \"Example Kendra Thesaurus\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.Thesaurus(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"Example\",\n role_arn=example_aws_iam_role[\"arn\"],\n source_s3_path={\n \"bucket\": example_aws_s3_bucket[\"id\"],\n \"key\": example_aws_s3_object[\"key\"],\n },\n tags={\n \"Name\": \"Example Kendra Thesaurus\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.Thesaurus(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"Example\",\n RoleArn = exampleAwsIamRole.Arn,\n SourceS3Path = new Aws.Kendra.Inputs.ThesaurusSourceS3PathArgs\n {\n Bucket = exampleAwsS3Bucket.Id,\n Key = exampleAwsS3Object.Key,\n },\n Tags = \n {\n { \"Name\", \"Example Kendra Thesaurus\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewThesaurus(ctx, \"example\", \u0026kendra.ThesaurusArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSourceS3Path: \u0026kendra.ThesaurusSourceS3PathArgs{\n\t\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\tKey: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Kendra Thesaurus\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.Thesaurus;\nimport com.pulumi.aws.kendra.ThesaurusArgs;\nimport com.pulumi.aws.kendra.inputs.ThesaurusSourceS3PathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Thesaurus(\"example\", ThesaurusArgs.builder()\n .indexId(exampleAwsKendraIndex.id())\n .name(\"Example\")\n .roleArn(exampleAwsIamRole.arn())\n .sourceS3Path(ThesaurusSourceS3PathArgs.builder()\n .bucket(exampleAwsS3Bucket.id())\n .key(exampleAwsS3Object.key())\n .build())\n .tags(Map.of(\"Name\", \"Example Kendra Thesaurus\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:Thesaurus\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: Example\n roleArn: ${exampleAwsIamRole.arn}\n sourceS3Path:\n bucket: ${exampleAwsS3Bucket.id}\n key: ${exampleAwsS3Object.key}\n tags:\n Name: Example Kendra Thesaurus\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_kendra_thesaurus` using the unique identifiers of the thesaurus and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/thesaurus:Thesaurus example thesaurus-123456780/idx-8012925589\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the thesaurus.\n" }, "description": { "type": "string" }, "indexId": { "type": "string", "description": "The identifier of the index for a thesaurus.\n" }, "name": { "type": "string", "description": "The name for the thesaurus.\n" }, "roleArn": { "type": "string", "description": "The IAM (Identity and Access Management) role used to access the thesaurus file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/ThesaurusSourceS3Path:ThesaurusSourceS3Path", "description": "The S3 path where your thesaurus file sits in S3. Detailed below.\n" }, "status": { "type": "string", "description": "The current status of the thesaurus.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thesaurusId": { "type": "string" } }, "required": [ "arn", "indexId", "name", "roleArn", "sourceS3Path", "status", "tagsAll", "thesaurusId" ], "inputProperties": { "description": { "type": "string" }, "indexId": { "type": "string", "description": "The identifier of the index for a thesaurus.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the thesaurus.\n" }, "roleArn": { "type": "string", "description": "The IAM (Identity and Access Management) role used to access the thesaurus file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/ThesaurusSourceS3Path:ThesaurusSourceS3Path", "description": "The S3 path where your thesaurus file sits in S3. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "indexId", "roleArn", "sourceS3Path" ], "stateInputs": { "description": "Input properties used for looking up and filtering Thesaurus resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the thesaurus.\n" }, "description": { "type": "string" }, "indexId": { "type": "string", "description": "The identifier of the index for a thesaurus.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name for the thesaurus.\n" }, "roleArn": { "type": "string", "description": "The IAM (Identity and Access Management) role used to access the thesaurus file in S3.\n" }, "sourceS3Path": { "$ref": "#/types/aws:kendra/ThesaurusSourceS3Path:ThesaurusSourceS3Path", "description": "The S3 path where your thesaurus file sits in S3. Detailed below.\n" }, "status": { "type": "string", "description": "The current status of the thesaurus.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "thesaurusId": { "type": "string" } }, "type": "object" } }, "aws:keyspaces/keyspace:Keyspace": { "description": "Provides a Keyspaces Keyspace.\n\nMore information about keyspaces can be found in the [Keyspaces User Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/what-is-keyspaces.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.keyspaces.Keyspace(\"example\", {name: \"my_keyspace\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.keyspaces.Keyspace(\"example\", name=\"my_keyspace\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Keyspaces.Keyspace(\"example\", new()\n {\n Name = \"my_keyspace\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/keyspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := keyspaces.NewKeyspace(ctx, \"example\", \u0026keyspaces.KeyspaceArgs{\n\t\t\tName: pulumi.String(\"my_keyspace\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.keyspaces.Keyspace;\nimport com.pulumi.aws.keyspaces.KeyspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Keyspace(\"example\", KeyspaceArgs.builder()\n .name(\"my_keyspace\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:keyspaces:Keyspace\n properties:\n name: my_keyspace\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a keyspace using the `name`. For example:\n\n```sh\n$ pulumi import aws:keyspaces/keyspace:Keyspace example my_keyspace\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the keyspace.\n" }, "name": { "type": "string", "description": "The name of the keyspace to be created.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the keyspace to be created.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Keyspace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the keyspace.\n" }, "name": { "type": "string", "description": "The name of the keyspace to be created.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:keyspaces/table:Table": { "description": "Provides a Keyspaces Table.\n\nMore information about Keyspaces tables can be found in the [Keyspaces Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/working-with-tables.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.keyspaces.Table(\"example\", {\n keyspaceName: exampleAwsKeyspacesKeyspace.name,\n tableName: \"my_table\",\n schemaDefinition: {\n columns: [{\n name: \"Message\",\n type: \"ASCII\",\n }],\n partitionKeys: [{\n name: \"Message\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.keyspaces.Table(\"example\",\n keyspace_name=example_aws_keyspaces_keyspace[\"name\"],\n table_name=\"my_table\",\n schema_definition={\n \"columns\": [{\n \"name\": \"Message\",\n \"type\": \"ASCII\",\n }],\n \"partition_keys\": [{\n \"name\": \"Message\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Keyspaces.Table(\"example\", new()\n {\n KeyspaceName = exampleAwsKeyspacesKeyspace.Name,\n TableName = \"my_table\",\n SchemaDefinition = new Aws.Keyspaces.Inputs.TableSchemaDefinitionArgs\n {\n Columns = new[]\n {\n new Aws.Keyspaces.Inputs.TableSchemaDefinitionColumnArgs\n {\n Name = \"Message\",\n Type = \"ASCII\",\n },\n },\n PartitionKeys = new[]\n {\n new Aws.Keyspaces.Inputs.TableSchemaDefinitionPartitionKeyArgs\n {\n Name = \"Message\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/keyspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := keyspaces.NewTable(ctx, \"example\", \u0026keyspaces.TableArgs{\n\t\t\tKeyspaceName: pulumi.Any(exampleAwsKeyspacesKeyspace.Name),\n\t\t\tTableName: pulumi.String(\"my_table\"),\n\t\t\tSchemaDefinition: \u0026keyspaces.TableSchemaDefinitionArgs{\n\t\t\t\tColumns: keyspaces.TableSchemaDefinitionColumnArray{\n\t\t\t\t\t\u0026keyspaces.TableSchemaDefinitionColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"Message\"),\n\t\t\t\t\t\tType: pulumi.String(\"ASCII\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tPartitionKeys: keyspaces.TableSchemaDefinitionPartitionKeyArray{\n\t\t\t\t\t\u0026keyspaces.TableSchemaDefinitionPartitionKeyArgs{\n\t\t\t\t\t\tName: pulumi.String(\"Message\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.keyspaces.Table;\nimport com.pulumi.aws.keyspaces.TableArgs;\nimport com.pulumi.aws.keyspaces.inputs.TableSchemaDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .keyspaceName(exampleAwsKeyspacesKeyspace.name())\n .tableName(\"my_table\")\n .schemaDefinition(TableSchemaDefinitionArgs.builder()\n .columns(TableSchemaDefinitionColumnArgs.builder()\n .name(\"Message\")\n .type(\"ASCII\")\n .build())\n .partitionKeys(TableSchemaDefinitionPartitionKeyArgs.builder()\n .name(\"Message\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:keyspaces:Table\n properties:\n keyspaceName: ${exampleAwsKeyspacesKeyspace.name}\n tableName: my_table\n schemaDefinition:\n columns:\n - name: Message\n type: ASCII\n partitionKeys:\n - name: Message\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a table using the `keyspace_name` and `table_name` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:keyspaces/table:Table example my_keyspace/my_table\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the table.\n" }, "capacitySpecification": { "$ref": "#/types/aws:keyspaces/TableCapacitySpecification:TableCapacitySpecification", "description": "Specifies the read/write throughput capacity mode for the table.\n" }, "clientSideTimestamps": { "$ref": "#/types/aws:keyspaces/TableClientSideTimestamps:TableClientSideTimestamps", "description": "Enables client-side timestamps for the table. By default, the setting is disabled.\n" }, "comment": { "$ref": "#/types/aws:keyspaces/TableComment:TableComment", "description": "A description of the table.\n" }, "defaultTimeToLive": { "type": "integer", "description": "The default Time to Live setting in seconds for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl).\n" }, "encryptionSpecification": { "$ref": "#/types/aws:keyspaces/TableEncryptionSpecification:TableEncryptionSpecification", "description": "Specifies how the encryption key for encryption at rest is managed for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html).\n" }, "keyspaceName": { "type": "string", "description": "The name of the keyspace that the table is going to be created in.\n" }, "pointInTimeRecovery": { "$ref": "#/types/aws:keyspaces/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Specifies if point-in-time recovery is enabled or disabled for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/PointInTimeRecovery.html).\n" }, "schemaDefinition": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinition:TableSchemaDefinition", "description": "Describes the schema of the table.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "$ref": "#/types/aws:keyspaces/TableTtl:TableTtl", "description": "Enables Time to Live custom settings for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL.html).\n" } }, "required": [ "arn", "capacitySpecification", "comment", "encryptionSpecification", "keyspaceName", "pointInTimeRecovery", "schemaDefinition", "tableName", "tagsAll" ], "inputProperties": { "capacitySpecification": { "$ref": "#/types/aws:keyspaces/TableCapacitySpecification:TableCapacitySpecification", "description": "Specifies the read/write throughput capacity mode for the table.\n" }, "clientSideTimestamps": { "$ref": "#/types/aws:keyspaces/TableClientSideTimestamps:TableClientSideTimestamps", "description": "Enables client-side timestamps for the table. By default, the setting is disabled.\n" }, "comment": { "$ref": "#/types/aws:keyspaces/TableComment:TableComment", "description": "A description of the table.\n", "willReplaceOnChanges": true }, "defaultTimeToLive": { "type": "integer", "description": "The default Time to Live setting in seconds for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl).\n" }, "encryptionSpecification": { "$ref": "#/types/aws:keyspaces/TableEncryptionSpecification:TableEncryptionSpecification", "description": "Specifies how the encryption key for encryption at rest is managed for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html).\n" }, "keyspaceName": { "type": "string", "description": "The name of the keyspace that the table is going to be created in.\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "$ref": "#/types/aws:keyspaces/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Specifies if point-in-time recovery is enabled or disabled for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/PointInTimeRecovery.html).\n" }, "schemaDefinition": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinition:TableSchemaDefinition", "description": "Describes the schema of the table.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "ttl": { "$ref": "#/types/aws:keyspaces/TableTtl:TableTtl", "description": "Enables Time to Live custom settings for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL.html).\n" } }, "requiredInputs": [ "keyspaceName", "schemaDefinition", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Table resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the table.\n" }, "capacitySpecification": { "$ref": "#/types/aws:keyspaces/TableCapacitySpecification:TableCapacitySpecification", "description": "Specifies the read/write throughput capacity mode for the table.\n" }, "clientSideTimestamps": { "$ref": "#/types/aws:keyspaces/TableClientSideTimestamps:TableClientSideTimestamps", "description": "Enables client-side timestamps for the table. By default, the setting is disabled.\n" }, "comment": { "$ref": "#/types/aws:keyspaces/TableComment:TableComment", "description": "A description of the table.\n", "willReplaceOnChanges": true }, "defaultTimeToLive": { "type": "integer", "description": "The default Time to Live setting in seconds for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl).\n" }, "encryptionSpecification": { "$ref": "#/types/aws:keyspaces/TableEncryptionSpecification:TableEncryptionSpecification", "description": "Specifies how the encryption key for encryption at rest is managed for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html).\n" }, "keyspaceName": { "type": "string", "description": "The name of the keyspace that the table is going to be created in.\n", "willReplaceOnChanges": true }, "pointInTimeRecovery": { "$ref": "#/types/aws:keyspaces/TablePointInTimeRecovery:TablePointInTimeRecovery", "description": "Specifies if point-in-time recovery is enabled or disabled for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/PointInTimeRecovery.html).\n" }, "schemaDefinition": { "$ref": "#/types/aws:keyspaces/TableSchemaDefinition:TableSchemaDefinition", "description": "Describes the schema of the table.\n" }, "tableName": { "type": "string", "description": "The name of the table.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "ttl": { "$ref": "#/types/aws:keyspaces/TableTtl:TableTtl", "description": "Enables Time to Live custom settings for the table. More information can be found in the [Developer Guide](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL.html).\n" } }, "type": "object" } }, "aws:kinesis/analyticsApplication:AnalyticsApplication": { "description": "Provides a Kinesis Analytics Application resource. Kinesis Analytics is a managed service that\nallows processing and analyzing streaming data using standard SQL.\n\nFor more details, see the [Amazon Kinesis Analytics Documentation](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/what-is.html).\n\n\u003e **Note:** To manage Amazon Kinesis Data Analytics for Apache Flink applications, use the `aws.kinesisanalyticsv2.Application` resource.\n\n## Example Usage\n\n### Kinesis Stream Input\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n name: \"kinesis-test\",\n shardCount: 1,\n});\nconst testApplication = new aws.kinesis.AnalyticsApplication(\"test_application\", {\n name: \"kinesis-analytics-application-test\",\n inputs: {\n namePrefix: \"test_prefix\",\n kinesisStream: {\n resourceArn: testStream.arn,\n roleArn: test.arn,\n },\n parallelism: {\n count: 1,\n },\n schema: {\n recordColumns: [{\n mapping: \"$.test\",\n name: \"test\",\n sqlType: \"VARCHAR(8)\",\n }],\n recordEncoding: \"UTF-8\",\n recordFormat: {\n mappingParameters: {\n json: {\n recordRowPath: \"$\",\n },\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.Stream(\"test_stream\",\n name=\"kinesis-test\",\n shard_count=1)\ntest_application = aws.kinesis.AnalyticsApplication(\"test_application\",\n name=\"kinesis-analytics-application-test\",\n inputs={\n \"name_prefix\": \"test_prefix\",\n \"kinesis_stream\": {\n \"resource_arn\": test_stream.arn,\n \"role_arn\": test[\"arn\"],\n },\n \"parallelism\": {\n \"count\": 1,\n },\n \"schema\": {\n \"record_columns\": [{\n \"mapping\": \"$.test\",\n \"name\": \"test\",\n \"sql_type\": \"VARCHAR(8)\",\n }],\n \"record_encoding\": \"UTF-8\",\n \"record_format\": {\n \"mapping_parameters\": {\n \"json\": {\n \"record_row_path\": \"$\",\n },\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.Stream(\"test_stream\", new()\n {\n Name = \"kinesis-test\",\n ShardCount = 1,\n });\n\n var testApplication = new Aws.Kinesis.AnalyticsApplication(\"test_application\", new()\n {\n Name = \"kinesis-analytics-application-test\",\n Inputs = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsArgs\n {\n NamePrefix = \"test_prefix\",\n KinesisStream = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsKinesisStreamArgs\n {\n ResourceArn = testStream.Arn,\n RoleArn = test.Arn,\n },\n Parallelism = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsParallelismArgs\n {\n Count = 1,\n },\n Schema = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaArgs\n {\n RecordColumns = new[]\n {\n new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordColumnArgs\n {\n Mapping = \"$.test\",\n Name = \"test\",\n SqlType = \"VARCHAR(8)\",\n },\n },\n RecordEncoding = \"UTF-8\",\n RecordFormat = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatArgs\n {\n MappingParameters = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs\n {\n Json = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs\n {\n RecordRowPath = \"$\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestStream, err := kinesis.NewStream(ctx, \"test_stream\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-test\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewAnalyticsApplication(ctx, \"test_application\", \u0026kinesis.AnalyticsApplicationArgs{\n\t\t\tName: pulumi.String(\"kinesis-analytics-application-test\"),\n\t\t\tInputs: \u0026kinesis.AnalyticsApplicationInputsArgs{\n\t\t\t\tNamePrefix: pulumi.String(\"test_prefix\"),\n\t\t\t\tKinesisStream: \u0026kinesis.AnalyticsApplicationInputsKinesisStreamArgs{\n\t\t\t\t\tResourceArn: testStream.Arn,\n\t\t\t\t\tRoleArn: pulumi.Any(test.Arn),\n\t\t\t\t},\n\t\t\t\tParallelism: \u0026kinesis.AnalyticsApplicationInputsParallelismArgs{\n\t\t\t\t\tCount: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t\tSchema: \u0026kinesis.AnalyticsApplicationInputsSchemaArgs{\n\t\t\t\t\tRecordColumns: kinesis.AnalyticsApplicationInputsSchemaRecordColumnArray{\n\t\t\t\t\t\t\u0026kinesis.AnalyticsApplicationInputsSchemaRecordColumnArgs{\n\t\t\t\t\t\t\tMapping: pulumi.String(\"$.test\"),\n\t\t\t\t\t\t\tName: pulumi.String(\"test\"),\n\t\t\t\t\t\t\tSqlType: pulumi.String(\"VARCHAR(8)\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tRecordEncoding: pulumi.String(\"UTF-8\"),\n\t\t\t\t\tRecordFormat: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatArgs{\n\t\t\t\t\t\tMappingParameters: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs{\n\t\t\t\t\t\t\tJson: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs{\n\t\t\t\t\t\t\t\tRecordRowPath: pulumi.String(\"$\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.kinesis.AnalyticsApplication;\nimport com.pulumi.aws.kinesis.AnalyticsApplicationArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsKinesisStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsParallelismArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new Stream(\"testStream\", StreamArgs.builder()\n .name(\"kinesis-test\")\n .shardCount(1)\n .build());\n\n var testApplication = new AnalyticsApplication(\"testApplication\", AnalyticsApplicationArgs.builder()\n .name(\"kinesis-analytics-application-test\")\n .inputs(AnalyticsApplicationInputsArgs.builder()\n .namePrefix(\"test_prefix\")\n .kinesisStream(AnalyticsApplicationInputsKinesisStreamArgs.builder()\n .resourceArn(testStream.arn())\n .roleArn(test.arn())\n .build())\n .parallelism(AnalyticsApplicationInputsParallelismArgs.builder()\n .count(1)\n .build())\n .schema(AnalyticsApplicationInputsSchemaArgs.builder()\n .recordColumns(AnalyticsApplicationInputsSchemaRecordColumnArgs.builder()\n .mapping(\"$.test\")\n .name(\"test\")\n .sqlType(\"VARCHAR(8)\")\n .build())\n .recordEncoding(\"UTF-8\")\n .recordFormat(AnalyticsApplicationInputsSchemaRecordFormatArgs.builder()\n .mappingParameters(AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs.builder()\n .json(AnalyticsApplicationInputsSchemaRecordFormatMappingParametersJsonArgs.builder()\n .recordRowPath(\"$\")\n .build())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:Stream\n name: test_stream\n properties:\n name: kinesis-test\n shardCount: 1\n testApplication:\n type: aws:kinesis:AnalyticsApplication\n name: test_application\n properties:\n name: kinesis-analytics-application-test\n inputs:\n namePrefix: test_prefix\n kinesisStream:\n resourceArn: ${testStream.arn}\n roleArn: ${test.arn}\n parallelism:\n count: 1\n schema:\n recordColumns:\n - mapping: $.test\n name: test\n sqlType: VARCHAR(8)\n recordEncoding: UTF-8\n recordFormat:\n mappingParameters:\n json:\n recordRowPath: $\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Starting An Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"analytics\"});\nconst exampleLogStream = new aws.cloudwatch.LogStream(\"example\", {\n name: \"example-kinesis-application\",\n logGroupName: example.name,\n});\nconst exampleStream = new aws.kinesis.Stream(\"example\", {\n name: \"example-kinesis-stream\",\n shardCount: 1,\n});\nconst exampleFirehoseDeliveryStream = new aws.kinesis.FirehoseDeliveryStream(\"example\", {\n name: \"example-kinesis-delivery-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n bucketArn: exampleAwsS3Bucket.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n});\nconst test = new aws.kinesis.AnalyticsApplication(\"test\", {\n name: \"example-application\",\n cloudwatchLoggingOptions: {\n logStreamArn: exampleLogStream.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n inputs: {\n namePrefix: \"example_prefix\",\n schema: {\n recordColumns: [{\n name: \"COLUMN_1\",\n sqlType: \"INTEGER\",\n }],\n recordFormat: {\n mappingParameters: {\n csv: {\n recordColumnDelimiter: \",\",\n recordRowDelimiter: \"|\",\n },\n },\n },\n },\n kinesisStream: {\n resourceArn: exampleStream.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n startingPositionConfigurations: [{\n startingPosition: \"NOW\",\n }],\n },\n outputs: [{\n name: \"OUTPUT_1\",\n schema: {\n recordFormatType: \"CSV\",\n },\n kinesisFirehose: {\n resourceArn: exampleFirehoseDeliveryStream.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n }],\n startApplication: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"analytics\")\nexample_log_stream = aws.cloudwatch.LogStream(\"example\",\n name=\"example-kinesis-application\",\n log_group_name=example.name)\nexample_stream = aws.kinesis.Stream(\"example\",\n name=\"example-kinesis-stream\",\n shard_count=1)\nexample_firehose_delivery_stream = aws.kinesis.FirehoseDeliveryStream(\"example\",\n name=\"example-kinesis-delivery-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"bucket_arn\": example_aws_s3_bucket[\"arn\"],\n \"role_arn\": example_aws_iam_role[\"arn\"],\n })\ntest = aws.kinesis.AnalyticsApplication(\"test\",\n name=\"example-application\",\n cloudwatch_logging_options={\n \"log_stream_arn\": example_log_stream.arn,\n \"role_arn\": example_aws_iam_role[\"arn\"],\n },\n inputs={\n \"name_prefix\": \"example_prefix\",\n \"schema\": {\n \"record_columns\": [{\n \"name\": \"COLUMN_1\",\n \"sql_type\": \"INTEGER\",\n }],\n \"record_format\": {\n \"mapping_parameters\": {\n \"csv\": {\n \"record_column_delimiter\": \",\",\n \"record_row_delimiter\": \"|\",\n },\n },\n },\n },\n \"kinesis_stream\": {\n \"resource_arn\": example_stream.arn,\n \"role_arn\": example_aws_iam_role[\"arn\"],\n },\n \"starting_position_configurations\": [{\n \"starting_position\": \"NOW\",\n }],\n },\n outputs=[{\n \"name\": \"OUTPUT_1\",\n \"schema\": {\n \"record_format_type\": \"CSV\",\n },\n \"kinesis_firehose\": {\n \"resource_arn\": example_firehose_delivery_stream.arn,\n \"role_arn\": example_aws_iam_role[\"arn\"],\n },\n }],\n start_application=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"analytics\",\n });\n\n var exampleLogStream = new Aws.CloudWatch.LogStream(\"example\", new()\n {\n Name = \"example-kinesis-application\",\n LogGroupName = example.Name,\n });\n\n var exampleStream = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"example-kinesis-stream\",\n ShardCount = 1,\n });\n\n var exampleFirehoseDeliveryStream = new Aws.Kinesis.FirehoseDeliveryStream(\"example\", new()\n {\n Name = \"example-kinesis-delivery-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n BucketArn = exampleAwsS3Bucket.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n var test = new Aws.Kinesis.AnalyticsApplication(\"test\", new()\n {\n Name = \"example-application\",\n CloudwatchLoggingOptions = new Aws.Kinesis.Inputs.AnalyticsApplicationCloudwatchLoggingOptionsArgs\n {\n LogStreamArn = exampleLogStream.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n Inputs = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsArgs\n {\n NamePrefix = \"example_prefix\",\n Schema = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaArgs\n {\n RecordColumns = new[]\n {\n new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordColumnArgs\n {\n Name = \"COLUMN_1\",\n SqlType = \"INTEGER\",\n },\n },\n RecordFormat = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatArgs\n {\n MappingParameters = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs\n {\n Csv = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsvArgs\n {\n RecordColumnDelimiter = \",\",\n RecordRowDelimiter = \"|\",\n },\n },\n },\n },\n KinesisStream = new Aws.Kinesis.Inputs.AnalyticsApplicationInputsKinesisStreamArgs\n {\n ResourceArn = exampleStream.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n StartingPositionConfigurations = new[]\n {\n new Aws.Kinesis.Inputs.AnalyticsApplicationInputsStartingPositionConfigurationArgs\n {\n StartingPosition = \"NOW\",\n },\n },\n },\n Outputs = new[]\n {\n new Aws.Kinesis.Inputs.AnalyticsApplicationOutputArgs\n {\n Name = \"OUTPUT_1\",\n Schema = new Aws.Kinesis.Inputs.AnalyticsApplicationOutputSchemaArgs\n {\n RecordFormatType = \"CSV\",\n },\n KinesisFirehose = new Aws.Kinesis.Inputs.AnalyticsApplicationOutputKinesisFirehoseArgs\n {\n ResourceArn = exampleFirehoseDeliveryStream.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n },\n },\n StartApplication = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"analytics\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogStream, err := cloudwatch.NewLogStream(ctx, \"example\", \u0026cloudwatch.LogStreamArgs{\n\t\t\tName: pulumi.String(\"example-kinesis-application\"),\n\t\t\tLogGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStream, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"example-kinesis-stream\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFirehoseDeliveryStream, err := kinesis.NewFirehoseDeliveryStream(ctx, \"example\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"example-kinesis-delivery-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewAnalyticsApplication(ctx, \"test\", \u0026kinesis.AnalyticsApplicationArgs{\n\t\t\tName: pulumi.String(\"example-application\"),\n\t\t\tCloudwatchLoggingOptions: \u0026kinesis.AnalyticsApplicationCloudwatchLoggingOptionsArgs{\n\t\t\t\tLogStreamArn: exampleLogStream.Arn,\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t\tInputs: \u0026kinesis.AnalyticsApplicationInputsArgs{\n\t\t\t\tNamePrefix: pulumi.String(\"example_prefix\"),\n\t\t\t\tSchema: \u0026kinesis.AnalyticsApplicationInputsSchemaArgs{\n\t\t\t\t\tRecordColumns: kinesis.AnalyticsApplicationInputsSchemaRecordColumnArray{\n\t\t\t\t\t\t\u0026kinesis.AnalyticsApplicationInputsSchemaRecordColumnArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"COLUMN_1\"),\n\t\t\t\t\t\t\tSqlType: pulumi.String(\"INTEGER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tRecordFormat: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatArgs{\n\t\t\t\t\t\tMappingParameters: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs{\n\t\t\t\t\t\t\tCsv: \u0026kinesis.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsvArgs{\n\t\t\t\t\t\t\t\tRecordColumnDelimiter: pulumi.String(\",\"),\n\t\t\t\t\t\t\t\tRecordRowDelimiter: pulumi.String(\"|\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tKinesisStream: \u0026kinesis.AnalyticsApplicationInputsKinesisStreamArgs{\n\t\t\t\t\tResourceArn: exampleStream.Arn,\n\t\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t},\n\t\t\t\tStartingPositionConfigurations: kinesis.AnalyticsApplicationInputsStartingPositionConfigurationArray{\n\t\t\t\t\t\u0026kinesis.AnalyticsApplicationInputsStartingPositionConfigurationArgs{\n\t\t\t\t\t\tStartingPosition: pulumi.String(\"NOW\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOutputs: kinesis.AnalyticsApplicationOutputTypeArray{\n\t\t\t\t\u0026kinesis.AnalyticsApplicationOutputTypeArgs{\n\t\t\t\t\tName: pulumi.String(\"OUTPUT_1\"),\n\t\t\t\t\tSchema: \u0026kinesis.AnalyticsApplicationOutputSchemaArgs{\n\t\t\t\t\t\tRecordFormatType: pulumi.String(\"CSV\"),\n\t\t\t\t\t},\n\t\t\t\t\tKinesisFirehose: \u0026kinesis.AnalyticsApplicationOutputKinesisFirehoseArgs{\n\t\t\t\t\t\tResourceArn: exampleFirehoseDeliveryStream.Arn,\n\t\t\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tStartApplication: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudwatch.LogStream;\nimport com.pulumi.aws.cloudwatch.LogStreamArgs;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.AnalyticsApplication;\nimport com.pulumi.aws.kinesis.AnalyticsApplicationArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationCloudwatchLoggingOptionsArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsvArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationInputsKinesisStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationOutputArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationOutputSchemaArgs;\nimport com.pulumi.aws.kinesis.inputs.AnalyticsApplicationOutputKinesisFirehoseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"analytics\")\n .build());\n\n var exampleLogStream = new LogStream(\"exampleLogStream\", LogStreamArgs.builder()\n .name(\"example-kinesis-application\")\n .logGroupName(example.name())\n .build());\n\n var exampleStream = new Stream(\"exampleStream\", StreamArgs.builder()\n .name(\"example-kinesis-stream\")\n .shardCount(1)\n .build());\n\n var exampleFirehoseDeliveryStream = new FirehoseDeliveryStream(\"exampleFirehoseDeliveryStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"example-kinesis-delivery-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .bucketArn(exampleAwsS3Bucket.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n var test = new AnalyticsApplication(\"test\", AnalyticsApplicationArgs.builder()\n .name(\"example-application\")\n .cloudwatchLoggingOptions(AnalyticsApplicationCloudwatchLoggingOptionsArgs.builder()\n .logStreamArn(exampleLogStream.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .inputs(AnalyticsApplicationInputsArgs.builder()\n .namePrefix(\"example_prefix\")\n .schema(AnalyticsApplicationInputsSchemaArgs.builder()\n .recordColumns(AnalyticsApplicationInputsSchemaRecordColumnArgs.builder()\n .name(\"COLUMN_1\")\n .sqlType(\"INTEGER\")\n .build())\n .recordFormat(AnalyticsApplicationInputsSchemaRecordFormatArgs.builder()\n .mappingParameters(AnalyticsApplicationInputsSchemaRecordFormatMappingParametersArgs.builder()\n .csv(AnalyticsApplicationInputsSchemaRecordFormatMappingParametersCsvArgs.builder()\n .recordColumnDelimiter(\",\")\n .recordRowDelimiter(\"|\")\n .build())\n .build())\n .build())\n .build())\n .kinesisStream(AnalyticsApplicationInputsKinesisStreamArgs.builder()\n .resourceArn(exampleStream.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .startingPositionConfigurations(AnalyticsApplicationInputsStartingPositionConfigurationArgs.builder()\n .startingPosition(\"NOW\")\n .build())\n .build())\n .outputs(AnalyticsApplicationOutputArgs.builder()\n .name(\"OUTPUT_1\")\n .schema(AnalyticsApplicationOutputSchemaArgs.builder()\n .recordFormatType(\"CSV\")\n .build())\n .kinesisFirehose(AnalyticsApplicationOutputKinesisFirehoseArgs.builder()\n .resourceArn(exampleFirehoseDeliveryStream.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build())\n .startApplication(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: analytics\n exampleLogStream:\n type: aws:cloudwatch:LogStream\n name: example\n properties:\n name: example-kinesis-application\n logGroupName: ${example.name}\n exampleStream:\n type: aws:kinesis:Stream\n name: example\n properties:\n name: example-kinesis-stream\n shardCount: 1\n exampleFirehoseDeliveryStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: example\n properties:\n name: example-kinesis-delivery-stream\n destination: extended_s3\n extendedS3Configuration:\n bucketArn: ${exampleAwsS3Bucket.arn}\n roleArn: ${exampleAwsIamRole.arn}\n test:\n type: aws:kinesis:AnalyticsApplication\n properties:\n name: example-application\n cloudwatchLoggingOptions:\n logStreamArn: ${exampleLogStream.arn}\n roleArn: ${exampleAwsIamRole.arn}\n inputs:\n namePrefix: example_prefix\n schema:\n recordColumns:\n - name: COLUMN_1\n sqlType: INTEGER\n recordFormat:\n mappingParameters:\n csv:\n recordColumnDelimiter: ','\n recordRowDelimiter: '|'\n kinesisStream:\n resourceArn: ${exampleStream.arn}\n roleArn: ${exampleAwsIamRole.arn}\n startingPositionConfigurations:\n - startingPosition: NOW\n outputs:\n - name: OUTPUT_1\n schema:\n recordFormatType: CSV\n kinesisFirehose:\n resourceArn: ${exampleFirehoseDeliveryStream.arn}\n roleArn: ${exampleAwsIamRole.arn}\n startApplication: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Analytics Application using ARN. For example:\n\n```sh\n$ pulumi import aws:kinesis/analyticsApplication:AnalyticsApplication example arn:aws:kinesisanalytics:us-west-2:1234567890:application/example\n```\n", "properties": { "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the Kinesis Analytics Appliation.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "createTimestamp": { "type": "string", "description": "The Timestamp when the application version was created.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The Timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the Kinesis Analytics Application. To start an application, an input with a defined `starting_position` must be configured.\nTo modify an application's starting position, first stop the application by setting `start_application = false`, then update `starting_position` and set `start_application = true`.\n" }, "status": { "type": "string", "description": "The Status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The Version of the application.\n" } }, "required": [ "arn", "createTimestamp", "lastUpdateTimestamp", "name", "status", "tagsAll", "version" ], "inputProperties": { "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "description": { "type": "string", "description": "Description of the application.\n", "willReplaceOnChanges": true }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n", "willReplaceOnChanges": true }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the Kinesis Analytics Application. To start an application, an input with a defined `starting_position` must be configured.\nTo modify an application's starting position, first stop the application by setting `start_application = false`, then update `starting_position` and set `start_application = true`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AnalyticsApplication resources.\n", "properties": { "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the Kinesis Analytics Appliation.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationCloudwatchLoggingOptions:AnalyticsApplicationCloudwatchLoggingOptions", "description": "The CloudWatch log stream options to monitor application errors.\nSee CloudWatch Logging Options below for more details.\n" }, "code": { "type": "string", "description": "SQL Code to transform input data, and generate output.\n" }, "createTimestamp": { "type": "string", "description": "The Timestamp when the application version was created.\n" }, "description": { "type": "string", "description": "Description of the application.\n", "willReplaceOnChanges": true }, "inputs": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationInputs:AnalyticsApplicationInputs", "description": "Input configuration of the application. See Inputs below for more details.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The Timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "Name of the Kinesis Analytics Application.\n", "willReplaceOnChanges": true }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationOutput:AnalyticsApplicationOutput" }, "description": "Output destination configuration of the application. See Outputs below for more details.\n" }, "referenceDataSources": { "$ref": "#/types/aws:kinesis/AnalyticsApplicationReferenceDataSources:AnalyticsApplicationReferenceDataSources", "description": "An S3 Reference Data Source for the application.\nSee Reference Data Sources below for more details.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the Kinesis Analytics Application. To start an application, an input with a defined `starting_position` must be configured.\nTo modify an application's starting position, first stop the application by setting `start_application = false`, then update `starting_position` and set `start_application = true`.\n" }, "status": { "type": "string", "description": "The Status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the Kinesis Analytics Application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "integer", "description": "The Version of the application.\n" } }, "type": "object" } }, "aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream": { "description": "Provides a Kinesis Firehose Delivery Stream resource. Amazon Kinesis Firehose is a fully managed, elastic service to easily deliver real-time data streams to destinations such as Amazon S3 , Amazon Redshift and Snowflake.\n\nFor more details, see the [Amazon Kinesis Firehose Documentation](https://aws.amazon.com/documentation/firehose/).\n\n## Example Usage\n\n### Extended S3 Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"tf-test-bucket\"});\nconst firehoseAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst firehoseRole = new aws.iam.Role(\"firehose_role\", {\n name: \"firehose_test_role\",\n assumeRolePolicy: firehoseAssumeRole.then(firehoseAssumeRole =\u003e firehoseAssumeRole.json),\n});\nconst lambdaAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst lambdaIam = new aws.iam.Role(\"lambda_iam\", {\n name: \"lambda_iam\",\n assumeRolePolicy: lambdaAssumeRole.then(lambdaAssumeRole =\u003e lambdaAssumeRole.json),\n});\nconst lambdaProcessor = new aws.lambda.Function(\"lambda_processor\", {\n code: new pulumi.asset.FileArchive(\"lambda.zip\"),\n name: \"firehose_lambda_processor\",\n role: lambdaIam.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: pulumi.interpolate`${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"tf-test-bucket\")\nfirehose_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"firehose.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nfirehose_role = aws.iam.Role(\"firehose_role\",\n name=\"firehose_test_role\",\n assume_role_policy=firehose_assume_role.json)\nlambda_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nlambda_iam = aws.iam.Role(\"lambda_iam\",\n name=\"lambda_iam\",\n assume_role_policy=lambda_assume_role.json)\nlambda_processor = aws.lambda_.Function(\"lambda_processor\",\n code=pulumi.FileArchive(\"lambda.zip\"),\n name=\"firehose_lambda_processor\",\n role=lambda_iam.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": firehose_role.arn,\n \"bucket_arn\": bucket.arn,\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [{\n \"type\": \"Lambda\",\n \"parameters\": [{\n \"parameter_name\": \"LambdaArn\",\n \"parameter_value\": lambda_processor.arn.apply(lambda arn: f\"{arn}:$LATEST\"),\n }],\n }],\n },\n })\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"tf-test-bucket\",\n });\n\n var firehoseAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var firehoseRole = new Aws.Iam.Role(\"firehose_role\", new()\n {\n Name = \"firehose_test_role\",\n AssumeRolePolicy = firehoseAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var lambdaIam = new Aws.Iam.Role(\"lambda_iam\", new()\n {\n Name = \"lambda_iam\",\n AssumeRolePolicy = lambdaAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaProcessor = new Aws.Lambda.Function(\"lambda_processor\", new()\n {\n Code = new FileArchive(\"lambda.zip\"),\n Name = \"firehose_lambda_processor\",\n Role = lambdaIam.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = lambdaProcessor.Arn.Apply(arn =\u003e $\"{arn}:$LATEST\"),\n },\n },\n },\n },\n },\n },\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseRole, err := iam.NewRole(ctx, \"firehose_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"firehose_test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(firehoseAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaIam, err := iam.NewRole(ctx, \"lambda_iam\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"lambda_iam\"),\n\t\t\tAssumeRolePolicy: pulumi.String(lambdaAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaProcessor, err := lambda.NewFunction(ctx, \"lambda_processor\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda.zip\"),\n\t\t\tName: pulumi.String(\"firehose_lambda_processor\"),\n\t\t\tRole: lambdaIam.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: firehoseRole.Arn,\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: lambdaProcessor.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:$LATEST\", arn), nil\n\t\t\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket\")\n .build());\n\n final var firehoseAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var firehoseRole = new Role(\"firehoseRole\", RoleArgs.builder()\n .name(\"firehose_test_role\")\n .assumeRolePolicy(firehoseAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambdaAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var lambdaIam = new Role(\"lambdaIam\", RoleArgs.builder()\n .name(\"lambda_iam\")\n .assumeRolePolicy(lambdaAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaProcessor = new Function(\"lambdaProcessor\", FunctionArgs.builder()\n .code(new FileArchive(\"lambda.zip\"))\n .name(\"firehose_lambda_processor\")\n .role(lambdaIam.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(lambdaProcessor.arn().applyValue(arn -\u003e String.format(\"%s:$LATEST\", arn)))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n firehoseRole:\n type: aws:iam:Role\n name: firehose_role\n properties:\n name: firehose_test_role\n assumeRolePolicy: ${firehoseAssumeRole.json}\n lambdaIam:\n type: aws:iam:Role\n name: lambda_iam\n properties:\n name: lambda_iam\n assumeRolePolicy: ${lambdaAssumeRole.json}\n lambdaProcessor:\n type: aws:lambda:Function\n name: lambda_processor\n properties:\n code:\n fn::FileArchive: lambda.zip\n name: firehose_lambda_processor\n role: ${lambdaIam.arn}\n handler: exports.handler\n runtime: nodejs16.x\nvariables:\n firehoseAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n lambdaAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Extended S3 Destination with dynamic partitioning\n\nThese examples use built-in Firehose functionality, rather than requiring a lambda.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [\n {\n type: \"RecordDeAggregation\",\n parameters: [{\n parameterName: \"SubRecordType\",\n parameterValue: \"JSON\",\n }],\n },\n {\n type: \"AppendDelimiterToRecord\",\n },\n {\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{customer_id:.customer_id}\",\n },\n ],\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 64,\n \"dynamic_partitioning_configuration\": {\n \"enabled\": True,\n },\n \"prefix\": \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n \"error_output_prefix\": \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [\n {\n \"type\": \"RecordDeAggregation\",\n \"parameters\": [{\n \"parameter_name\": \"SubRecordType\",\n \"parameter_value\": \"JSON\",\n }],\n },\n {\n \"type\": \"AppendDelimiterToRecord\",\n },\n {\n \"type\": \"MetadataExtraction\",\n \"parameters\": [\n {\n \"parameter_name\": \"JsonParsingEngine\",\n \"parameter_value\": \"JQ-1.6\",\n },\n {\n \"parameter_name\": \"MetadataExtractionQuery\",\n \"parameter_value\": \"{customer_id:.customer_id}\",\n },\n ],\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"RecordDeAggregation\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"SubRecordType\",\n ParameterValue = \"JSON\",\n },\n },\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"AppendDelimiterToRecord\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"RecordDeAggregation\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"SubRecordType\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AppendDelimiterToRecord\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"RecordDeAggregation\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"SubRecordType\")\n .parameterValue(\"JSON\")\n .build())\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"AppendDelimiterToRecord\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: RecordDeAggregation\n parameters:\n - parameterName: SubRecordType\n parameterValue: JSON\n - type: AppendDelimiterToRecord\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nMultiple Dynamic Partitioning Keys (maximum of 50) can be added by comma separating the `parameter_value`.\n\nThe following example adds the Dynamic Partitioning Keys: `store_id` and `customer_id` to the S3 prefix.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 64,\n \"dynamic_partitioning_configuration\": {\n \"enabled\": True,\n },\n \"prefix\": \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n \"error_output_prefix\": \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [{\n \"type\": \"MetadataExtraction\",\n \"parameters\": [\n {\n \"parameter_name\": \"JsonParsingEngine\",\n \"parameter_value\": \"JQ-1.6\",\n },\n {\n \"parameter_name\": \"MetadataExtractionQuery\",\n \"parameter_value\": \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n ],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{store_id:.store_id,customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{store_id:.store_id,customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{store_id:.store_id,customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redshift Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.redshift.Cluster(\"test_cluster\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"test\",\n masterUsername: \"testuser\",\n masterPassword: \"T3stPass\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"redshift\",\n redshiftConfiguration: {\n roleArn: firehoseRole.arn,\n clusterJdbcurl: pulumi.interpolate`jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}`,\n username: \"testuser\",\n password: \"T3stPass\",\n dataTableName: \"test-table\",\n copyOptions: \"delimiter '|'\",\n dataTableColumns: \"test-col\",\n s3BackupMode: \"Enabled\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n s3BackupConfiguration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 15,\n bufferingInterval: 300,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.redshift.Cluster(\"test_cluster\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"test\",\n master_username=\"testuser\",\n master_password=\"T3stPass\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"redshift\",\n redshift_configuration={\n \"role_arn\": firehose_role[\"arn\"],\n \"cluster_jdbcurl\": pulumi.Output.all(test_cluster.endpoint, test_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n \"username\": \"testuser\",\n \"password\": \"T3stPass\",\n \"data_table_name\": \"test-table\",\n \"copy_options\": \"delimiter '|'\",\n \"data_table_columns\": \"test-col\",\n \"s3_backup_mode\": \"Enabled\",\n \"s3_configuration\": {\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n \"s3_backup_configuration\": {\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 15,\n \"buffering_interval\": 300,\n \"compression_format\": \"GZIP\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.RedShift.Cluster(\"test_cluster\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"test\",\n MasterUsername = \"testuser\",\n MasterPassword = \"T3stPass\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"redshift\",\n RedshiftConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n ClusterJdbcurl = Output.Tuple(testCluster.Endpoint, testCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n Username = \"testuser\",\n Password = \"T3stPass\",\n DataTableName = \"test-table\",\n CopyOptions = \"delimiter '|'\",\n DataTableColumns = \"test-col\",\n S3BackupMode = \"Enabled\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n S3BackupConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 15,\n BufferingInterval = 300,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := redshift.NewCluster(ctx, \"test_cluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tMasterUsername: pulumi.String(\"testuser\"),\n\t\t\tMasterPassword: pulumi.String(\"T3stPass\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"redshift\"),\n\t\t\tRedshiftConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tClusterJdbcurl: pulumi.All(testCluster.Endpoint, testCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tUsername: pulumi.String(\"testuser\"),\n\t\t\t\tPassword: pulumi.String(\"T3stPass\"),\n\t\t\t\tDataTableName: pulumi.String(\"test-table\"),\n\t\t\t\tCopyOptions: pulumi.String(\"delimiter '|'\"),\n\t\t\t\tDataTableColumns: pulumi.String(\"test-col\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"Enabled\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tS3BackupConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\t\tBufferingInterval: pulumi.Int(300),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Cluster(\"testCluster\", ClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"test\")\n .masterUsername(\"testuser\")\n .masterPassword(\"T3stPass\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"redshift\")\n .redshiftConfiguration(FirehoseDeliveryStreamRedshiftConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .clusterJdbcurl(Output.tuple(testCluster.endpoint(), testCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .username(\"testuser\")\n .password(\"T3stPass\")\n .dataTableName(\"test-table\")\n .copyOptions(\"delimiter '|'\")\n .dataTableColumns(\"test-col\")\n .s3BackupMode(\"Enabled\")\n .s3Configuration(FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .s3BackupConfiguration(FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(15)\n .bufferingInterval(300)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:redshift:Cluster\n name: test_cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: test\n masterUsername: testuser\n masterPassword: T3stPass\n nodeType: dc1.large\n clusterType: single-node\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: redshift\n redshiftConfiguration:\n roleArn: ${firehoseRole.arn}\n clusterJdbcurl: jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}\n username: testuser\n password: T3stPass\n dataTableName: test-table\n copyOptions: delimiter '|'\n dataTableColumns: test-col\n s3BackupMode: Enabled\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n s3BackupConfiguration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 15\n bufferingInterval: 300\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {domainName: \"firehose-es-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\", domain_name=\"firehose-es-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"elasticsearch\",\n elasticsearch_configuration={\n \"domain_arn\": test_cluster.arn,\n \"role_arn\": firehose_role[\"arn\"],\n \"index_name\": \"test\",\n \"type_name\": \"test\",\n \"s3_configuration\": {\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [{\n \"type\": \"Lambda\",\n \"parameters\": [{\n \"parameter_name\": \"LambdaArn\",\n \"parameter_value\": f\"{lambda_processor['arn']}:$LATEST\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-es-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-es-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder()\n .domainName(\"firehose-es-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-es-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"t2.small.elasticsearch\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose-elasticsearch = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"es:*\"],\n resources: [\n testCluster.arn,\n pulumi.interpolate`${testCluster.arn}/*`,\n ],\n },\n {\n effect: \"Allow\",\n actions: [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n resources: [\"*\"],\n },\n ],\n});\nconst firehose_elasticsearchRolePolicy = new aws.iam.RolePolicy(\"firehose-elasticsearch\", {\n name: \"elasticsearch\",\n role: firehose.id,\n policy: firehose_elasticsearch.apply(firehose_elasticsearch =\u003e firehose_elasticsearch.json),\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"kinesis-firehose-es\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n}, {\n dependsOn: [firehose_elasticsearchRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config={\n \"instance_count\": 2,\n \"zone_awareness_enabled\": True,\n \"instance_type\": \"t2.small.elasticsearch\",\n },\n ebs_options={\n \"ebs_enabled\": True,\n \"volume_size\": 10,\n },\n vpc_options={\n \"security_group_ids\": [first[\"id\"]],\n \"subnet_ids\": [\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n })\nfirehose_elasticsearch = aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\"es:*\"],\n \"resources\": [\n test_cluster.arn,\n test_cluster.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n \"resources\": [\"*\"],\n },\n])\nfirehose_elasticsearch_role_policy = aws.iam.RolePolicy(\"firehose-elasticsearch\",\n name=\"elasticsearch\",\n role=firehose[\"id\"],\n policy=firehose_elasticsearch.json)\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"kinesis-firehose-es\",\n destination=\"elasticsearch\",\n elasticsearch_configuration={\n \"domain_arn\": test_cluster.arn,\n \"role_arn\": firehose[\"arn\"],\n \"index_name\": \"test\",\n \"type_name\": \"test\",\n \"s3_configuration\": {\n \"role_arn\": firehose[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n },\n \"vpc_config\": {\n \"subnet_ids\": [\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n \"security_group_ids\": [first[\"id\"]],\n \"role_arn\": firehose[\"arn\"],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[firehose_elasticsearch_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"t2.small.elasticsearch\",\n },\n EbsOptions = new Aws.ElasticSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_elasticsearch = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n testCluster.Arn,\n $\"{testCluster.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var firehose_elasticsearchRolePolicy = new Aws.Iam.RolePolicy(\"firehose-elasticsearch\", new()\n {\n Name = \"elasticsearch\",\n Role = firehose.Id,\n Policy = firehose_elasticsearch.Apply(firehose_elasticsearch =\u003e firehose_elasticsearch.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"kinesis-firehose-es\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n firehose_elasticsearchRolePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"t2.small.elasticsearch\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026elasticsearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehose_elasticsearch := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"es:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestCluster.Arn,\n\t\t\t\t\t\ttestCluster.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcs\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcAttribute\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSubnets\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSecurityGroups\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeNetworkInterfaces\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterface\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterfacePermission\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DeleteNetworkInterface\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-elasticsearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"elasticsearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: pulumi.String(firehose_elasticsearch.ApplyT(func(firehose_elasticsearch iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026firehose_elasticsearch.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-es\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfirehose_elasticsearchRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder()\n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"t2.small.elasticsearch\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n final var firehose-elasticsearch = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"es:*\")\n .resources( \n testCluster.arn(),\n testCluster.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\")\n .resources(\"*\")\n .build())\n .build());\n\n var firehose_elasticsearchRolePolicy = new RolePolicy(\"firehose-elasticsearchRolePolicy\", RolePolicyArgs.builder()\n .name(\"elasticsearch\")\n .role(firehose.id())\n .policy(firehose_elasticsearch.applyValue(firehose_elasticsearch -\u003e firehose_elasticsearch.json()))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-es\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(firehose_elasticsearchRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: t2.small.elasticsearch\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-elasticsearchRolePolicy:\n type: aws:iam:RolePolicy\n name: firehose-elasticsearch\n properties:\n name: elasticsearch\n role: ${firehose.id}\n policy: ${[\"firehose-elasticsearch\"].json}\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: kinesis-firehose-es\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\n options:\n dependson:\n - ${[\"firehose-elasticsearchRolePolicy\"]}\nvariables:\n firehose-elasticsearch:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - es:*\n resources:\n - ${testCluster.arn}\n - ${testCluster.arn}/*\n - effect: Allow\n actions:\n - ec2:DescribeVpcs\n - ec2:DescribeVpcAttribute\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n - ec2:DescribeNetworkInterfaces\n - ec2:CreateNetworkInterface\n - ec2:CreateNetworkInterfacePermission\n - ec2:DeleteNetworkInterface\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {domainName: \"firehose-os-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\", domain_name=\"firehose-os-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearch\",\n opensearch_configuration={\n \"domain_arn\": test_cluster.arn,\n \"role_arn\": firehose_role[\"arn\"],\n \"index_name\": \"test\",\n \"s3_configuration\": {\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [{\n \"type\": \"Lambda\",\n \"parameters\": [{\n \"parameter_name\": \"LambdaArn\",\n \"parameter_value\": f\"{lambda_processor['arn']}:$LATEST\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-os-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-os-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder()\n .domainName(\"firehose-os-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-os-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"m4.large.search\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose_opensearch = new aws.iam.RolePolicy(\"firehose-opensearch\", {\n name: \"opensearch\",\n role: firehose.id,\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`,\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"pulumi-kinesis-firehose-os\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n}, {\n dependsOn: [firehose_opensearch],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config={\n \"instance_count\": 2,\n \"zone_awareness_enabled\": True,\n \"instance_type\": \"m4.large.search\",\n },\n ebs_options={\n \"ebs_enabled\": True,\n \"volume_size\": 10,\n },\n vpc_options={\n \"security_group_ids\": [first[\"id\"]],\n \"subnet_ids\": [\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n })\nfirehose_opensearch = aws.iam.RolePolicy(\"firehose-opensearch\",\n name=\"opensearch\",\n role=firehose[\"id\"],\n policy=pulumi.Output.all(test_cluster.arn, test_cluster.arn).apply(lambda testClusterArn, testClusterArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"{test_cluster_arn}\",\n \"{test_cluster_arn1}/*\"\n ]\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }}\n ]\n}}\n\"\"\"))\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"pulumi-kinesis-firehose-os\",\n destination=\"opensearch\",\n opensearch_configuration={\n \"domain_arn\": test_cluster.arn,\n \"role_arn\": firehose[\"arn\"],\n \"index_name\": \"test\",\n \"s3_configuration\": {\n \"role_arn\": firehose[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n },\n \"vpc_config\": {\n \"subnet_ids\": [\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n \"security_group_ids\": [first[\"id\"]],\n \"role_arn\": firehose[\"arn\"],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[firehose_opensearch]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"m4.large.search\",\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_opensearch = new Aws.Iam.RolePolicy(\"firehose-opensearch\", new()\n {\n Name = \"opensearch\",\n Role = firehose.Id,\n Policy = Output.Tuple(testCluster.Arn, testCluster.Arn).Apply(values =\u003e\n {\n var testClusterArn = values.Item1;\n var testClusterArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"es:*\"\"\n ],\n \"\"Resource\"\": [\n \"\"{testClusterArn}\"\",\n \"\"{testClusterArn1}/*\"\"\n ]\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:DescribeVpcs\"\",\n \"\"ec2:DescribeVpcAttribute\"\",\n \"\"ec2:DescribeSubnets\"\",\n \"\"ec2:DescribeSecurityGroups\"\",\n \"\"ec2:DescribeNetworkInterfaces\"\",\n \"\"ec2:CreateNetworkInterface\"\",\n \"\"ec2:CreateNetworkInterfacePermission\"\",\n \"\"ec2:DeleteNetworkInterface\"\"\n ],\n \"\"Resource\"\": [\n \"\"*\"\"\n ]\n }}\n ]\n}}\n\";\n }),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"pulumi-kinesis-firehose-os\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n firehose_opensearch,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"m4.large.search\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-opensearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"opensearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: pulumi.All(testCluster.Arn, testCluster.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\ttestClusterArn := _args[0].(string)\n\t\t\t\ttestClusterArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%v\",\n \"%v/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`, testClusterArn, testClusterArn1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"pulumi-kinesis-firehose-os\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfirehose_opensearch,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder()\n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"m4.large.search\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n var firehose_opensearch = new RolePolicy(\"firehose-opensearch\", RolePolicyArgs.builder()\n .name(\"opensearch\")\n .role(firehose.id())\n .policy(Output.tuple(testCluster.arn(), testCluster.arn()).applyValue(values -\u003e {\n var testClusterArn = values.t1;\n var testClusterArn1 = values.t2;\n return \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%s\",\n \"%s/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n\", testClusterArn,testClusterArn1);\n }))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder()\n .name(\"pulumi-kinesis-firehose-os\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(firehose_opensearch)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: m4.large.search\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-opensearch:\n type: aws:iam:RolePolicy\n properties:\n name: opensearch\n role: ${firehose.id}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n }\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: pulumi-kinesis-firehose-os\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\n options:\n dependson:\n - ${[\"firehose-opensearch\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Serverless Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCollection = new aws.opensearch.ServerlessCollection(\"test_collection\", {name: \"firehose-osserverless-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearchserverless\",\n opensearchserverlessConfiguration: {\n collectionEndpoint: testCollection.collectionEndpoint,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_collection = aws.opensearch.ServerlessCollection(\"test_collection\", name=\"firehose-osserverless-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearchserverless\",\n opensearchserverless_configuration={\n \"collection_endpoint\": test_collection.collection_endpoint,\n \"role_arn\": firehose_role[\"arn\"],\n \"index_name\": \"test\",\n \"s3_configuration\": {\n \"role_arn\": firehose_role[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n \"processing_configuration\": {\n \"enabled\": True,\n \"processors\": [{\n \"type\": \"Lambda\",\n \"parameters\": [{\n \"parameter_name\": \"LambdaArn\",\n \"parameter_value\": f\"{lambda_processor['arn']}:$LATEST\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCollection = new Aws.OpenSearch.ServerlessCollection(\"test_collection\", new()\n {\n Name = \"firehose-osserverless-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearchserverless\",\n OpensearchserverlessConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs\n {\n CollectionEndpoint = testCollection.CollectionEndpoint,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCollection, err := opensearch.NewServerlessCollection(ctx, \"test_collection\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"firehose-osserverless-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearchserverless\"),\n\t\t\tOpensearchserverlessConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs{\n\t\t\t\tCollectionEndpoint: testCollection.CollectionEndpoint,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCollection = new ServerlessCollection(\"testCollection\", ServerlessCollectionArgs.builder()\n .name(\"firehose-osserverless-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearchserverless\")\n .opensearchserverlessConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs.builder()\n .collectionEndpoint(testCollection.collectionEndpoint())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCollection:\n type: aws:opensearch:ServerlessCollection\n name: test_collection\n properties:\n name: firehose-osserverless-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearchserverless\n opensearchserverlessConfiguration:\n collectionEndpoint: ${testCollection.collectionEndpoint}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Splunk Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"splunk\",\n splunkConfiguration: {\n hecEndpoint: \"https://http-inputs-mydomain.splunkcloud.com:443\",\n hecToken: \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n hecAcknowledgmentTimeout: 600,\n hecEndpointType: \"Event\",\n s3BackupMode: \"FailedEventsOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"splunk\",\n splunk_configuration={\n \"hec_endpoint\": \"https://http-inputs-mydomain.splunkcloud.com:443\",\n \"hec_token\": \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n \"hec_acknowledgment_timeout\": 600,\n \"hec_endpoint_type\": \"Event\",\n \"s3_backup_mode\": \"FailedEventsOnly\",\n \"s3_configuration\": {\n \"role_arn\": firehose[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"splunk\",\n SplunkConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationArgs\n {\n HecEndpoint = \"https://http-inputs-mydomain.splunkcloud.com:443\",\n HecToken = \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n HecAcknowledgmentTimeout = 600,\n HecEndpointType = \"Event\",\n S3BackupMode = \"FailedEventsOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"splunk\"),\n\t\t\tSplunkConfiguration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs{\n\t\t\t\tHecEndpoint: pulumi.String(\"https://http-inputs-mydomain.splunkcloud.com:443\"),\n\t\t\t\tHecToken: pulumi.String(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\"),\n\t\t\t\tHecAcknowledgmentTimeout: pulumi.Int(600),\n\t\t\t\tHecEndpointType: pulumi.String(\"Event\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedEventsOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"splunk\")\n .splunkConfiguration(FirehoseDeliveryStreamSplunkConfigurationArgs.builder()\n .hecEndpoint(\"https://http-inputs-mydomain.splunkcloud.com:443\")\n .hecToken(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\")\n .hecAcknowledgmentTimeout(600)\n .hecEndpointType(\"Event\")\n .s3BackupMode(\"FailedEventsOnly\")\n .s3Configuration(FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: splunk\n splunkConfiguration:\n hecEndpoint: https://http-inputs-mydomain.splunkcloud.com:443\n hecToken: 51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\n hecAcknowledgmentTimeout: 600\n hecEndpointType: Event\n s3BackupMode: FailedEventsOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTP Endpoint (e.g., New Relic) Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"http_endpoint\",\n httpEndpointConfiguration: {\n url: \"https://aws-api.newrelic.com/firehose/v1\",\n name: \"New Relic\",\n accessKey: \"my-key\",\n bufferingSize: 15,\n bufferingInterval: 600,\n roleArn: firehose.arn,\n s3BackupMode: \"FailedDataOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n requestConfiguration: {\n contentEncoding: \"GZIP\",\n commonAttributes: [\n {\n name: \"testname\",\n value: \"testvalue\",\n },\n {\n name: \"testname2\",\n value: \"testvalue2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"http_endpoint\",\n http_endpoint_configuration={\n \"url\": \"https://aws-api.newrelic.com/firehose/v1\",\n \"name\": \"New Relic\",\n \"access_key\": \"my-key\",\n \"buffering_size\": 15,\n \"buffering_interval\": 600,\n \"role_arn\": firehose[\"arn\"],\n \"s3_backup_mode\": \"FailedDataOnly\",\n \"s3_configuration\": {\n \"role_arn\": firehose[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n \"request_configuration\": {\n \"content_encoding\": \"GZIP\",\n \"common_attributes\": [\n {\n \"name\": \"testname\",\n \"value\": \"testvalue\",\n },\n {\n \"name\": \"testname2\",\n \"value\": \"testvalue2\",\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"http_endpoint\",\n HttpEndpointConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs\n {\n Url = \"https://aws-api.newrelic.com/firehose/v1\",\n Name = \"New Relic\",\n AccessKey = \"my-key\",\n BufferingSize = 15,\n BufferingInterval = 600,\n RoleArn = firehose.Arn,\n S3BackupMode = \"FailedDataOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n RequestConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs\n {\n ContentEncoding = \"GZIP\",\n CommonAttributes = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname\",\n Value = \"testvalue\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname2\",\n Value = \"testvalue2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"http_endpoint\"),\n\t\t\tHttpEndpointConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationArgs{\n\t\t\t\tUrl: pulumi.String(\"https://aws-api.newrelic.com/firehose/v1\"),\n\t\t\t\tName: pulumi.String(\"New Relic\"),\n\t\t\t\tAccessKey: pulumi.String(\"my-key\"),\n\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\tBufferingInterval: pulumi.Int(600),\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedDataOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tRequestConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs{\n\t\t\t\t\tContentEncoding: pulumi.String(\"GZIP\"),\n\t\t\t\t\tCommonAttributes: kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-test-stream\")\n .destination(\"http_endpoint\")\n .httpEndpointConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationArgs.builder()\n .url(\"https://aws-api.newrelic.com/firehose/v1\")\n .name(\"New Relic\")\n .accessKey(\"my-key\")\n .bufferingSize(15)\n .bufferingInterval(600)\n .roleArn(firehose.arn())\n .s3BackupMode(\"FailedDataOnly\")\n .s3Configuration(FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .requestConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs.builder()\n .contentEncoding(\"GZIP\")\n .commonAttributes( \n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname\")\n .value(\"testvalue\")\n .build(),\n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname2\")\n .value(\"testvalue2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: http_endpoint\n httpEndpointConfiguration:\n url: https://aws-api.newrelic.com/firehose/v1\n name: New Relic\n accessKey: my-key\n bufferingSize: 15\n bufferingInterval: 600\n roleArn: ${firehose.arn}\n s3BackupMode: FailedDataOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n requestConfiguration:\n contentEncoding: GZIP\n commonAttributes:\n - name: testname\n value: testvalue\n - name: testname2\n value: testvalue2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Snowflake Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleSnowflakeDestination = new aws.kinesis.FirehoseDeliveryStream(\"example_snowflake_destination\", {\n name: \"example-snowflake-destination\",\n destination: \"snowflake\",\n snowflakeConfiguration: {\n accountUrl: \"https://example.snowflakecomputing.com\",\n database: \"example-db\",\n privateKey: \"...\",\n roleArn: firehose.arn,\n schema: \"example-schema\",\n table: \"example-table\",\n user: \"example-usr\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_snowflake_destination = aws.kinesis.FirehoseDeliveryStream(\"example_snowflake_destination\",\n name=\"example-snowflake-destination\",\n destination=\"snowflake\",\n snowflake_configuration={\n \"account_url\": \"https://example.snowflakecomputing.com\",\n \"database\": \"example-db\",\n \"private_key\": \"...\",\n \"role_arn\": firehose[\"arn\"],\n \"schema\": \"example-schema\",\n \"table\": \"example-table\",\n \"user\": \"example-usr\",\n \"s3_configuration\": {\n \"role_arn\": firehose[\"arn\"],\n \"bucket_arn\": bucket[\"arn\"],\n \"buffering_size\": 10,\n \"buffering_interval\": 400,\n \"compression_format\": \"GZIP\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleSnowflakeDestination = new Aws.Kinesis.FirehoseDeliveryStream(\"example_snowflake_destination\", new()\n {\n Name = \"example-snowflake-destination\",\n Destination = \"snowflake\",\n SnowflakeConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSnowflakeConfigurationArgs\n {\n AccountUrl = \"https://example.snowflakecomputing.com\",\n Database = \"example-db\",\n PrivateKey = \"...\",\n RoleArn = firehose.Arn,\n Schema = \"example-schema\",\n Table = \"example-table\",\n User = \"example-usr\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"example_snowflake_destination\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"example-snowflake-destination\"),\n\t\t\tDestination: pulumi.String(\"snowflake\"),\n\t\t\tSnowflakeConfiguration: \u0026kinesis.FirehoseDeliveryStreamSnowflakeConfigurationArgs{\n\t\t\t\tAccountUrl: pulumi.String(\"https://example.snowflakecomputing.com\"),\n\t\t\t\tDatabase: pulumi.String(\"example-db\"),\n\t\t\t\tPrivateKey: pulumi.String(\"...\"),\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tSchema: pulumi.String(\"example-schema\"),\n\t\t\t\tTable: pulumi.String(\"example-table\"),\n\t\t\t\tUser: pulumi.String(\"example-usr\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSnowflakeConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleSnowflakeDestination = new FirehoseDeliveryStream(\"exampleSnowflakeDestination\", FirehoseDeliveryStreamArgs.builder()\n .name(\"example-snowflake-destination\")\n .destination(\"snowflake\")\n .snowflakeConfiguration(FirehoseDeliveryStreamSnowflakeConfigurationArgs.builder()\n .accountUrl(\"https://example.snowflakecomputing.com\")\n .database(\"example-db\")\n .privateKey(\"...\")\n .roleArn(firehose.arn())\n .schema(\"example-schema\")\n .table(\"example-table\")\n .user(\"example-usr\")\n .s3Configuration(FirehoseDeliveryStreamSnowflakeConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleSnowflakeDestination:\n type: aws:kinesis:FirehoseDeliveryStream\n name: example_snowflake_destination\n properties:\n name: example-snowflake-destination\n destination: snowflake\n snowflakeConfiguration:\n accountUrl: https://example.snowflakecomputing.com\n database: example-db\n privateKey: '...'\n roleArn: ${firehose.arn}\n schema: example-schema\n table: example-table\n user: example-usr\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Firehose Delivery streams using the stream ARN. For example:\n\n```sh\n$ pulumi import aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream foo arn:aws:firehose:us-east-1:XXX:deliverystream/example\n```\nNote: Import does not work for stream destination `s3`. Consider using `extended_s3` since `s3` destination is deprecated.\n\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, `splunk`, `http_endpoint`, `opensearch`, `opensearchserverless` and `snowflake`.\n" }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options when `destination` is `elasticsearch`. See `elasticsearch_configuration` block below for details.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. See `extended_s3_configuration` block below for details.\n" }, "httpEndpointConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfiguration:FirehoseDeliveryStreamHttpEndpointConfiguration", "description": "Configuration options when `destination` is `http_endpoint`. Requires the user to also specify an `s3_configuration` block. See `http_endpoint_configuration` block below for details.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "The stream and role Amazon Resource Names (ARNs) for a Kinesis data stream used as the source for a delivery stream. See `kinesis_source_configuration` block below for details.\n" }, "mskSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamMskSourceConfiguration:FirehoseDeliveryStreamMskSourceConfiguration", "description": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream. See `msk_source_configuration` block below for details.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in. When using for WAF logging, name must be prefixed with `aws-waf-logs-`. See [AWS Documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-policies.html#waf-policies-logging-config) for more details.\n" }, "opensearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfiguration:FirehoseDeliveryStreamOpensearchConfiguration", "description": "Configuration options when `destination` is `opensearch`. See `opensearch_configuration` block below for details.\n" }, "opensearchserverlessConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfiguration", "description": "Configuration options when `destination` is `opensearchserverless`. See `opensearchserverless_configuration` block below for details.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options when `destination` is `redshift`. Requires the user to also specify an `s3_configuration` block. See `redshift_configuration` block below for details.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options. See `server_side_encryption` block below for details.\n\n**NOTE:** Server-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "snowflakeConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfiguration:FirehoseDeliveryStreamSnowflakeConfiguration", "description": "Configuration options when `destination` is `snowflake`. See `snowflake_configuration` block below for details.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration", "description": "Configuration options when `destination` is `splunk`. See `splunk_configuration` block below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string" } }, "required": [ "arn", "destination", "destinationId", "name", "tagsAll", "versionId" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, `splunk`, `http_endpoint`, `opensearch`, `opensearchserverless` and `snowflake`.\n", "willReplaceOnChanges": true }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options when `destination` is `elasticsearch`. See `elasticsearch_configuration` block below for details.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. See `extended_s3_configuration` block below for details.\n" }, "httpEndpointConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfiguration:FirehoseDeliveryStreamHttpEndpointConfiguration", "description": "Configuration options when `destination` is `http_endpoint`. Requires the user to also specify an `s3_configuration` block. See `http_endpoint_configuration` block below for details.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "The stream and role Amazon Resource Names (ARNs) for a Kinesis data stream used as the source for a delivery stream. See `kinesis_source_configuration` block below for details.\n", "willReplaceOnChanges": true }, "mskSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamMskSourceConfiguration:FirehoseDeliveryStreamMskSourceConfiguration", "description": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream. See `msk_source_configuration` block below for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in. When using for WAF logging, name must be prefixed with `aws-waf-logs-`. See [AWS Documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-policies.html#waf-policies-logging-config) for more details.\n", "willReplaceOnChanges": true }, "opensearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfiguration:FirehoseDeliveryStreamOpensearchConfiguration", "description": "Configuration options when `destination` is `opensearch`. See `opensearch_configuration` block below for details.\n" }, "opensearchserverlessConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfiguration", "description": "Configuration options when `destination` is `opensearchserverless`. See `opensearchserverless_configuration` block below for details.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options when `destination` is `redshift`. Requires the user to also specify an `s3_configuration` block. See `redshift_configuration` block below for details.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options. See `server_side_encryption` block below for details.\n\n**NOTE:** Server-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "snowflakeConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfiguration:FirehoseDeliveryStreamSnowflakeConfiguration", "description": "Configuration options when `destination` is `snowflake`. See `snowflake_configuration` block below for details.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration", "description": "Configuration options when `destination` is `splunk`. See `splunk_configuration` block below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "versionId": { "type": "string" } }, "requiredInputs": [ "destination" ], "stateInputs": { "description": "Input properties used for looking up and filtering FirehoseDeliveryStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream\n" }, "destination": { "type": "string", "description": "This is the destination to where the data is delivered. The only options are `s3` (Deprecated, use `extended_s3` instead), `extended_s3`, `redshift`, `elasticsearch`, `splunk`, `http_endpoint`, `opensearch`, `opensearchserverless` and `snowflake`.\n", "willReplaceOnChanges": true }, "destinationId": { "type": "string" }, "elasticsearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamElasticsearchConfiguration:FirehoseDeliveryStreamElasticsearchConfiguration", "description": "Configuration options when `destination` is `elasticsearch`. See `elasticsearch_configuration` block below for details.\n" }, "extendedS3Configuration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamExtendedS3Configuration:FirehoseDeliveryStreamExtendedS3Configuration", "description": "Enhanced configuration options for the s3 destination. See `extended_s3_configuration` block below for details.\n" }, "httpEndpointConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamHttpEndpointConfiguration:FirehoseDeliveryStreamHttpEndpointConfiguration", "description": "Configuration options when `destination` is `http_endpoint`. Requires the user to also specify an `s3_configuration` block. See `http_endpoint_configuration` block below for details.\n" }, "kinesisSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamKinesisSourceConfiguration:FirehoseDeliveryStreamKinesisSourceConfiguration", "description": "The stream and role Amazon Resource Names (ARNs) for a Kinesis data stream used as the source for a delivery stream. See `kinesis_source_configuration` block below for details.\n", "willReplaceOnChanges": true }, "mskSourceConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamMskSourceConfiguration:FirehoseDeliveryStreamMskSourceConfiguration", "description": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream. See `msk_source_configuration` block below for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in. When using for WAF logging, name must be prefixed with `aws-waf-logs-`. See [AWS Documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-policies.html#waf-policies-logging-config) for more details.\n", "willReplaceOnChanges": true }, "opensearchConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchConfiguration:FirehoseDeliveryStreamOpensearchConfiguration", "description": "Configuration options when `destination` is `opensearch`. See `opensearch_configuration` block below for details.\n" }, "opensearchserverlessConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamOpensearchserverlessConfiguration:FirehoseDeliveryStreamOpensearchserverlessConfiguration", "description": "Configuration options when `destination` is `opensearchserverless`. See `opensearchserverless_configuration` block below for details.\n" }, "redshiftConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamRedshiftConfiguration:FirehoseDeliveryStreamRedshiftConfiguration", "description": "Configuration options when `destination` is `redshift`. Requires the user to also specify an `s3_configuration` block. See `redshift_configuration` block below for details.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamServerSideEncryption:FirehoseDeliveryStreamServerSideEncryption", "description": "Encrypt at rest options. See `server_side_encryption` block below for details.\n\n**NOTE:** Server-side encryption should not be enabled when a kinesis stream is configured as the source of the firehose delivery stream.\n" }, "snowflakeConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSnowflakeConfiguration:FirehoseDeliveryStreamSnowflakeConfiguration", "description": "Configuration options when `destination` is `snowflake`. See `snowflake_configuration` block below for details.\n" }, "splunkConfiguration": { "$ref": "#/types/aws:kinesis/FirehoseDeliveryStreamSplunkConfiguration:FirehoseDeliveryStreamSplunkConfiguration", "description": "Configuration options when `destination` is `splunk`. See `splunk_configuration` block below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string" } }, "type": "object" } }, "aws:kinesis/resourcePolicy:ResourcePolicy": { "description": "Provides a resource to manage an Amazon Kinesis Streams resource policy.\nUse a resource policy to manage cross-account access to your data streams or consumers.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kinesis.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsKinesisStream.arn,\n policy: `{\n \"Version\": \"2012-10-17\",\n \"Id\": \"writePolicy\",\n \"Statement\": [{\n \"Sid\": \"writestatement\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:ListShards\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\"\n ],\n \"Resource\": \"${exampleAwsKinesisStream.arn}\"\n }]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kinesis.ResourcePolicy(\"example\",\n resource_arn=example_aws_kinesis_stream[\"arn\"],\n policy=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Id\": \"writePolicy\",\n \"Statement\": [{{\n \"Sid\": \"writestatement\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"AWS\": \"123456789456\"\n }},\n \"Action\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:ListShards\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\"\n ],\n \"Resource\": \"{example_aws_kinesis_stream[\"arn\"]}\"\n }}]\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kinesis.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsKinesisStream.Arn,\n Policy = @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Id\"\": \"\"writePolicy\"\",\n \"\"Statement\"\": [{{\n \"\"Sid\"\": \"\"writestatement\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": \"\"123456789456\"\"\n }},\n \"\"Action\"\": [\n \"\"kinesis:DescribeStreamSummary\"\",\n \"\"kinesis:ListShards\"\",\n \"\"kinesis:PutRecord\"\",\n \"\"kinesis:PutRecords\"\"\n ],\n \"\"Resource\"\": \"\"{exampleAwsKinesisStream.Arn}\"\"\n }}]\n}}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewResourcePolicy(ctx, \"example\", \u0026kinesis.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\tPolicy: pulumi.String(fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Id\": \"writePolicy\",\n \"Statement\": [{\n \"Sid\": \"writestatement\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:ListShards\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\"\n ],\n \"Resource\": \"%v\"\n }]\n}\n`, exampleAwsKinesisStream.Arn)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.ResourcePolicy;\nimport com.pulumi.aws.kinesis.ResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsKinesisStream.arn())\n .policy(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Id\": \"writePolicy\",\n \"Statement\": [{\n \"Sid\": \"writestatement\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:ListShards\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\"\n ],\n \"Resource\": \"%s\"\n }]\n}\n\", exampleAwsKinesisStream.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kinesis:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsKinesisStream.arn}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Id\": \"writePolicy\",\n \"Statement\": [{\n \"Sid\": \"writestatement\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:ListShards\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\"\n ],\n \"Resource\": \"${exampleAwsKinesisStream.arn}\"\n }]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis resource policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:kinesis/resourcePolicy:ResourcePolicy example arn:aws:kinesis:us-west-2:123456789012:stream/example\n```\n", "properties": { "policy": { "type": "string", "description": "The policy document.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the data stream or consumer.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "The policy document.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the data stream or consumer.\n" } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The policy document.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the data stream or consumer.\n" } }, "type": "object" } }, "aws:kinesis/stream:Stream": { "description": "Provides a Kinesis Stream resource. Amazon Kinesis is a managed service that\nscales elastically for real-time processing of streaming big data.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n name: \"kinesis-test\",\n shardCount: 1,\n retentionPeriod: 48,\n shardLevelMetrics: [\n \"IncomingBytes\",\n \"OutgoingBytes\",\n ],\n streamModeDetails: {\n streamMode: \"PROVISIONED\",\n },\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.Stream(\"test_stream\",\n name=\"kinesis-test\",\n shard_count=1,\n retention_period=48,\n shard_level_metrics=[\n \"IncomingBytes\",\n \"OutgoingBytes\",\n ],\n stream_mode_details={\n \"stream_mode\": \"PROVISIONED\",\n },\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.Stream(\"test_stream\", new()\n {\n Name = \"kinesis-test\",\n ShardCount = 1,\n RetentionPeriod = 48,\n ShardLevelMetrics = new[]\n {\n \"IncomingBytes\",\n \"OutgoingBytes\",\n },\n StreamModeDetails = new Aws.Kinesis.Inputs.StreamStreamModeDetailsArgs\n {\n StreamMode = \"PROVISIONED\",\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewStream(ctx, \"test_stream\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-test\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t\tRetentionPeriod: pulumi.Int(48),\n\t\t\tShardLevelMetrics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"IncomingBytes\"),\n\t\t\t\tpulumi.String(\"OutgoingBytes\"),\n\t\t\t},\n\t\t\tStreamModeDetails: \u0026kinesis.StreamStreamModeDetailsArgs{\n\t\t\t\tStreamMode: pulumi.String(\"PROVISIONED\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.kinesis.inputs.StreamStreamModeDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new Stream(\"testStream\", StreamArgs.builder()\n .name(\"kinesis-test\")\n .shardCount(1)\n .retentionPeriod(48)\n .shardLevelMetrics( \n \"IncomingBytes\",\n \"OutgoingBytes\")\n .streamModeDetails(StreamStreamModeDetailsArgs.builder()\n .streamMode(\"PROVISIONED\")\n .build())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:Stream\n name: test_stream\n properties:\n name: kinesis-test\n shardCount: 1\n retentionPeriod: 48\n shardLevelMetrics:\n - IncomingBytes\n - OutgoingBytes\n streamModeDetails:\n streamMode: PROVISIONED\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Streams using the `name`. For example:\n\n```sh\n$ pulumi import aws:kinesis/stream:Stream test_stream pulumi-kinesis-test\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n" }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 8760 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use. If the `stream_mode` is `PROVISIONED`, this field is required.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "streamModeDetails": { "$ref": "#/types/aws:kinesis/StreamStreamModeDetails:StreamStreamModeDetails", "description": "Indicates the [capacity mode](https://docs.aws.amazon.com/streams/latest/dev/how-do-i-size-a-stream.html) of the data stream. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "streamModeDetails", "tagsAll" ], "inputProperties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 8760 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use. If the `stream_mode` is `PROVISIONED`, this field is required.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "streamModeDetails": { "$ref": "#/types/aws:kinesis/StreamStreamModeDetails:StreamStreamModeDetails", "description": "Indicates the [capacity mode](https://docs.aws.amazon.com/streams/latest/dev/how-do-i-size-a-stream.html) of the data stream. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Stream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "encryptionType": { "type": "string", "description": "The encryption type to use. The only acceptable values are `NONE` or `KMS`. The default value is `NONE`.\n" }, "enforceConsumerDeletion": { "type": "boolean", "description": "A boolean that indicates all registered consumers should be deregistered from the stream so that the stream can be destroyed without error. The default value is `false`.\n" }, "kmsKeyId": { "type": "string", "description": "The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias `alias/aws/kinesis`.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the AWS account and region the Stream is created in.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "type": "integer", "description": "Length of time data records are accessible after they are added to the stream. The maximum value of a stream's retention period is 8760 hours. Minimum value is 24. Default is 24.\n" }, "shardCount": { "type": "integer", "description": "The number of shards that the stream will use. If the `stream_mode` is `PROVISIONED`, this field is required.\nAmazon has guidelines for specifying the Stream size that should be referenced when creating a Kinesis stream. See [Amazon Kinesis Streams](https://docs.aws.amazon.com/kinesis/latest/dev/amazon-kinesis-streams.html) for more.\n" }, "shardLevelMetrics": { "type": "array", "items": { "type": "string" }, "description": "A list of shard-level CloudWatch metrics which can be enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more. Note that the value ALL should not be used; instead you should provide an explicit list of metrics you wish to enable.\n" }, "streamModeDetails": { "$ref": "#/types/aws:kinesis/StreamStreamModeDetails:StreamStreamModeDetails", "description": "Indicates the [capacity mode](https://docs.aws.amazon.com/streams/latest/dev/how-do-i-size-a-stream.html) of the data stream. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:kinesis/streamConsumer:StreamConsumer": { "description": "Provides a resource to manage a Kinesis Stream Consumer.\n\n\u003e **Note:** You can register up to 20 consumers per stream. A given consumer can only be registered with one stream at a time.\n\nFor more details, see the [Amazon Kinesis Stream Consumer Documentation](https://docs.aws.amazon.com/streams/latest/dev/amazon-kinesis-consumers.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kinesis.Stream(\"example\", {\n name: \"example-stream\",\n shardCount: 1,\n});\nconst exampleStreamConsumer = new aws.kinesis.StreamConsumer(\"example\", {\n name: \"example-consumer\",\n streamArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kinesis.Stream(\"example\",\n name=\"example-stream\",\n shard_count=1)\nexample_stream_consumer = aws.kinesis.StreamConsumer(\"example\",\n name=\"example-consumer\",\n stream_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"example-stream\",\n ShardCount = 1,\n });\n\n var exampleStreamConsumer = new Aws.Kinesis.StreamConsumer(\"example\", new()\n {\n Name = \"example-consumer\",\n StreamArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"example-stream\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewStreamConsumer(ctx, \"example\", \u0026kinesis.StreamConsumerArgs{\n\t\t\tName: pulumi.String(\"example-consumer\"),\n\t\t\tStreamArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.kinesis.StreamConsumer;\nimport com.pulumi.aws.kinesis.StreamConsumerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Stream(\"example\", StreamArgs.builder()\n .name(\"example-stream\")\n .shardCount(1)\n .build());\n\n var exampleStreamConsumer = new StreamConsumer(\"exampleStreamConsumer\", StreamConsumerArgs.builder()\n .name(\"example-consumer\")\n .streamArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kinesis:Stream\n properties:\n name: example-stream\n shardCount: 1\n exampleStreamConsumer:\n type: aws:kinesis:StreamConsumer\n name: example\n properties:\n name: example-consumer\n streamArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Stream Consumers using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:kinesis/streamConsumer:StreamConsumer example arn:aws:kinesis:us-west-2:123456789012:stream/example/consumer/example:1616044553\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the stream consumer.\n" }, "creationTimestamp": { "type": "string", "description": "Approximate timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of when the stream consumer was created.\n" }, "name": { "type": "string", "description": "Name of the stream consumer.\n" }, "streamArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data stream the consumer is registered with.\n" } }, "required": [ "arn", "creationTimestamp", "name", "streamArn" ], "inputProperties": { "name": { "type": "string", "description": "Name of the stream consumer.\n", "willReplaceOnChanges": true }, "streamArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data stream the consumer is registered with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "streamArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StreamConsumer resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the stream consumer.\n" }, "creationTimestamp": { "type": "string", "description": "Approximate timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of when the stream consumer was created.\n" }, "name": { "type": "string", "description": "Name of the stream consumer.\n", "willReplaceOnChanges": true }, "streamArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data stream the consumer is registered with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kinesis/videoStream:VideoStream": { "description": "Provides a Kinesis Video Stream resource. Amazon Kinesis Video Streams makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.kinesis.VideoStream(\"default\", {\n name: \"kinesis-video-stream\",\n dataRetentionInHours: 1,\n deviceName: \"kinesis-video-device-name\",\n mediaType: \"video/h264\",\n tags: {\n Name: \"kinesis-video-stream\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.kinesis.VideoStream(\"default\",\n name=\"kinesis-video-stream\",\n data_retention_in_hours=1,\n device_name=\"kinesis-video-device-name\",\n media_type=\"video/h264\",\n tags={\n \"Name\": \"kinesis-video-stream\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Kinesis.VideoStream(\"default\", new()\n {\n Name = \"kinesis-video-stream\",\n DataRetentionInHours = 1,\n DeviceName = \"kinesis-video-device-name\",\n MediaType = \"video/h264\",\n Tags = \n {\n { \"Name\", \"kinesis-video-stream\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewVideoStream(ctx, \"default\", \u0026kinesis.VideoStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-video-stream\"),\n\t\t\tDataRetentionInHours: pulumi.Int(1),\n\t\t\tDeviceName: pulumi.String(\"kinesis-video-device-name\"),\n\t\t\tMediaType: pulumi.String(\"video/h264\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"kinesis-video-stream\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.VideoStream;\nimport com.pulumi.aws.kinesis.VideoStreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VideoStream(\"default\", VideoStreamArgs.builder()\n .name(\"kinesis-video-stream\")\n .dataRetentionInHours(1)\n .deviceName(\"kinesis-video-device-name\")\n .mediaType(\"video/h264\")\n .tags(Map.of(\"Name\", \"kinesis-video-stream\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:kinesis:VideoStream\n properties:\n name: kinesis-video-stream\n dataRetentionInHours: 1\n deviceName: kinesis-video-device-name\n mediaType: video/h264\n tags:\n Name: kinesis-video-stream\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Streams using the `arn`. For example:\n\n```sh\n$ pulumi import aws:kinesis/videoStream:VideoStream test_stream arn:aws:kinesisvideo:us-west-2:123456789012:stream/pulumi-kinesis-test/1554978910975\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "creationTime": { "type": "string", "description": "A time stamp that indicates when the stream was created.\n" }, "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n" }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n" }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The version of the stream.\n" } }, "required": [ "arn", "creationTime", "kmsKeyId", "name", "tagsAll", "version" ], "inputProperties": { "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n", "willReplaceOnChanges": true }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering VideoStream resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the Stream (same as `id`)\n" }, "creationTime": { "type": "string", "description": "A time stamp that indicates when the stream was created.\n" }, "dataRetentionInHours": { "type": "integer", "description": "The number of hours that you want to retain the data in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. The default value is `0`, indicating that the stream does not persist data.\n", "willReplaceOnChanges": true }, "deviceName": { "type": "string", "description": "The name of the device that is writing to the stream. **In the current implementation, Kinesis Video Streams does not use this name.**\n" }, "kmsKeyId": { "type": "string", "description": "The ID of the AWS Key Management Service (AWS KMS) key that you want Kinesis Video Streams to use to encrypt stream data. If no key ID is specified, the default, Kinesis Video-managed key (`aws/kinesisvideo`) is used.\n", "willReplaceOnChanges": true }, "mediaType": { "type": "string", "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream. For more information about media types, see [Media Types](http://www.iana.org/assignments/media-types/media-types.xhtml). If you choose to specify the MediaType, see [Naming Requirements](https://tools.ietf.org/html/rfc6838#section-4.2) for guidelines.\n" }, "name": { "type": "string", "description": "A name to identify the stream. This is unique to the\nAWS account and region the Stream is created in.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The version of the stream.\n" } }, "type": "object" } }, "aws:kinesisanalyticsv2/application:Application": { "description": "Manages a Kinesis Analytics v2 Application.\nThis resource can be used to manage both Kinesis Data Analytics for SQL applications and Kinesis Data Analytics for Apache Flink applications.\n\n\u003e **Note:** Kinesis Data Analytics for SQL applications created using this resource cannot currently be viewed in the AWS Console. To manage Kinesis Data Analytics for SQL applications that can also be viewed in the AWS Console, use the `aws.kinesis.AnalyticsApplication` resource.\n\n## Example Usage\n\n### Apache Flink Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example-flink-application\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: example.id,\n key: \"example-flink-application\",\n source: new pulumi.asset.FileAsset(\"flink-app.jar\"),\n});\nconst exampleApplication = new aws.kinesisanalyticsv2.Application(\"example\", {\n name: \"example-flink-application\",\n runtimeEnvironment: \"FLINK-1_8\",\n serviceExecutionRole: exampleAwsIamRole.arn,\n applicationConfiguration: {\n applicationCodeConfiguration: {\n codeContent: {\n s3ContentLocation: {\n bucketArn: example.arn,\n fileKey: exampleBucketObjectv2.key,\n },\n },\n codeContentType: \"ZIPFILE\",\n },\n environmentProperties: {\n propertyGroups: [\n {\n propertyGroupId: \"PROPERTY-GROUP-1\",\n propertyMap: {\n Key1: \"Value1\",\n },\n },\n {\n propertyGroupId: \"PROPERTY-GROUP-2\",\n propertyMap: {\n KeyA: \"ValueA\",\n KeyB: \"ValueB\",\n },\n },\n ],\n },\n flinkApplicationConfiguration: {\n checkpointConfiguration: {\n configurationType: \"DEFAULT\",\n },\n monitoringConfiguration: {\n configurationType: \"CUSTOM\",\n logLevel: \"DEBUG\",\n metricsLevel: \"TASK\",\n },\n parallelismConfiguration: {\n autoScalingEnabled: true,\n configurationType: \"CUSTOM\",\n parallelism: 10,\n parallelismPerKpu: 4,\n },\n },\n },\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example-flink-application\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example.id,\n key=\"example-flink-application\",\n source=pulumi.FileAsset(\"flink-app.jar\"))\nexample_application = aws.kinesisanalyticsv2.Application(\"example\",\n name=\"example-flink-application\",\n runtime_environment=\"FLINK-1_8\",\n service_execution_role=example_aws_iam_role[\"arn\"],\n application_configuration={\n \"application_code_configuration\": {\n \"code_content\": {\n \"s3_content_location\": {\n \"bucket_arn\": example.arn,\n \"file_key\": example_bucket_objectv2.key,\n },\n },\n \"code_content_type\": \"ZIPFILE\",\n },\n \"environment_properties\": {\n \"property_groups\": [\n {\n \"property_group_id\": \"PROPERTY-GROUP-1\",\n \"property_map\": {\n \"key1\": \"Value1\",\n },\n },\n {\n \"property_group_id\": \"PROPERTY-GROUP-2\",\n \"property_map\": {\n \"key_a\": \"ValueA\",\n \"key_b\": \"ValueB\",\n },\n },\n ],\n },\n \"flink_application_configuration\": {\n \"checkpoint_configuration\": {\n \"configuration_type\": \"DEFAULT\",\n },\n \"monitoring_configuration\": {\n \"configuration_type\": \"CUSTOM\",\n \"log_level\": \"DEBUG\",\n \"metrics_level\": \"TASK\",\n },\n \"parallelism_configuration\": {\n \"auto_scaling_enabled\": True,\n \"configuration_type\": \"CUSTOM\",\n \"parallelism\": 10,\n \"parallelism_per_kpu\": 4,\n },\n },\n },\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-flink-application\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = example.Id,\n Key = \"example-flink-application\",\n Source = new FileAsset(\"flink-app.jar\"),\n });\n\n var exampleApplication = new Aws.KinesisAnalyticsV2.Application(\"example\", new()\n {\n Name = \"example-flink-application\",\n RuntimeEnvironment = \"FLINK-1_8\",\n ServiceExecutionRole = exampleAwsIamRole.Arn,\n ApplicationConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationArgs\n {\n ApplicationCodeConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs\n {\n CodeContent = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs\n {\n S3ContentLocation = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs\n {\n BucketArn = example.Arn,\n FileKey = exampleBucketObjectv2.Key,\n },\n },\n CodeContentType = \"ZIPFILE\",\n },\n EnvironmentProperties = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationEnvironmentPropertiesArgs\n {\n PropertyGroups = new[]\n {\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs\n {\n PropertyGroupId = \"PROPERTY-GROUP-1\",\n PropertyMap = \n {\n { \"Key1\", \"Value1\" },\n },\n },\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs\n {\n PropertyGroupId = \"PROPERTY-GROUP-2\",\n PropertyMap = \n {\n { \"KeyA\", \"ValueA\" },\n { \"KeyB\", \"ValueB\" },\n },\n },\n },\n },\n FlinkApplicationConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationArgs\n {\n CheckpointConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfigurationArgs\n {\n ConfigurationType = \"DEFAULT\",\n },\n MonitoringConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfigurationArgs\n {\n ConfigurationType = \"CUSTOM\",\n LogLevel = \"DEBUG\",\n MetricsLevel = \"TASK\",\n },\n ParallelismConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfigurationArgs\n {\n AutoScalingEnabled = true,\n ConfigurationType = \"CUSTOM\",\n Parallelism = 10,\n ParallelismPerKpu = 4,\n },\n },\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesisanalyticsv2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-flink-application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"example-flink-application\"),\n\t\t\tSource: pulumi.NewFileAsset(\"flink-app.jar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesisanalyticsv2.NewApplication(ctx, \"example\", \u0026kinesisanalyticsv2.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-flink-application\"),\n\t\t\tRuntimeEnvironment: pulumi.String(\"FLINK-1_8\"),\n\t\t\tServiceExecutionRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tApplicationConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationArgs{\n\t\t\t\tApplicationCodeConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs{\n\t\t\t\t\tCodeContent: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs{\n\t\t\t\t\t\tS3ContentLocation: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs{\n\t\t\t\t\t\t\tBucketArn: example.Arn,\n\t\t\t\t\t\t\tFileKey: exampleBucketObjectv2.Key,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tCodeContentType: pulumi.String(\"ZIPFILE\"),\n\t\t\t\t},\n\t\t\t\tEnvironmentProperties: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationEnvironmentPropertiesArgs{\n\t\t\t\t\tPropertyGroups: kinesisanalyticsv2.ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArray{\n\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs{\n\t\t\t\t\t\t\tPropertyGroupId: pulumi.String(\"PROPERTY-GROUP-1\"),\n\t\t\t\t\t\t\tPropertyMap: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs{\n\t\t\t\t\t\t\tPropertyGroupId: pulumi.String(\"PROPERTY-GROUP-2\"),\n\t\t\t\t\t\t\tPropertyMap: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"KeyA\": pulumi.String(\"ValueA\"),\n\t\t\t\t\t\t\t\t\"KeyB\": pulumi.String(\"ValueB\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tFlinkApplicationConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationFlinkApplicationConfigurationArgs{\n\t\t\t\t\tCheckpointConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfigurationArgs{\n\t\t\t\t\t\tConfigurationType: pulumi.String(\"DEFAULT\"),\n\t\t\t\t\t},\n\t\t\t\t\tMonitoringConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfigurationArgs{\n\t\t\t\t\t\tConfigurationType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\tLogLevel: pulumi.String(\"DEBUG\"),\n\t\t\t\t\t\tMetricsLevel: pulumi.String(\"TASK\"),\n\t\t\t\t\t},\n\t\t\t\t\tParallelismConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfigurationArgs{\n\t\t\t\t\t\tAutoScalingEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tConfigurationType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\tParallelism: pulumi.Int(10),\n\t\t\t\t\t\tParallelismPerKpu: pulumi.Int(4),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.kinesisanalyticsv2.Application;\nimport com.pulumi.aws.kinesisanalyticsv2.ApplicationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationEnvironmentPropertiesArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfigurationArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-flink-application\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(example.id())\n .key(\"example-flink-application\")\n .source(new FileAsset(\"flink-app.jar\"))\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example-flink-application\")\n .runtimeEnvironment(\"FLINK-1_8\")\n .serviceExecutionRole(exampleAwsIamRole.arn())\n .applicationConfiguration(ApplicationApplicationConfigurationArgs.builder()\n .applicationCodeConfiguration(ApplicationApplicationConfigurationApplicationCodeConfigurationArgs.builder()\n .codeContent(ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs.builder()\n .s3ContentLocation(ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs.builder()\n .bucketArn(example.arn())\n .fileKey(exampleBucketObjectv2.key())\n .build())\n .build())\n .codeContentType(\"ZIPFILE\")\n .build())\n .environmentProperties(ApplicationApplicationConfigurationEnvironmentPropertiesArgs.builder()\n .propertyGroups( \n ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs.builder()\n .propertyGroupId(\"PROPERTY-GROUP-1\")\n .propertyMap(Map.of(\"Key1\", \"Value1\"))\n .build(),\n ApplicationApplicationConfigurationEnvironmentPropertiesPropertyGroupArgs.builder()\n .propertyGroupId(\"PROPERTY-GROUP-2\")\n .propertyMap(Map.ofEntries(\n Map.entry(\"KeyA\", \"ValueA\"),\n Map.entry(\"KeyB\", \"ValueB\")\n ))\n .build())\n .build())\n .flinkApplicationConfiguration(ApplicationApplicationConfigurationFlinkApplicationConfigurationArgs.builder()\n .checkpointConfiguration(ApplicationApplicationConfigurationFlinkApplicationConfigurationCheckpointConfigurationArgs.builder()\n .configurationType(\"DEFAULT\")\n .build())\n .monitoringConfiguration(ApplicationApplicationConfigurationFlinkApplicationConfigurationMonitoringConfigurationArgs.builder()\n .configurationType(\"CUSTOM\")\n .logLevel(\"DEBUG\")\n .metricsLevel(\"TASK\")\n .build())\n .parallelismConfiguration(ApplicationApplicationConfigurationFlinkApplicationConfigurationParallelismConfigurationArgs.builder()\n .autoScalingEnabled(true)\n .configurationType(\"CUSTOM\")\n .parallelism(10)\n .parallelismPerKpu(4)\n .build())\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-flink-application\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${example.id}\n key: example-flink-application\n source:\n fn::FileAsset: flink-app.jar\n exampleApplication:\n type: aws:kinesisanalyticsv2:Application\n name: example\n properties:\n name: example-flink-application\n runtimeEnvironment: FLINK-1_8\n serviceExecutionRole: ${exampleAwsIamRole.arn}\n applicationConfiguration:\n applicationCodeConfiguration:\n codeContent:\n s3ContentLocation:\n bucketArn: ${example.arn}\n fileKey: ${exampleBucketObjectv2.key}\n codeContentType: ZIPFILE\n environmentProperties:\n propertyGroups:\n - propertyGroupId: PROPERTY-GROUP-1\n propertyMap:\n Key1: Value1\n - propertyGroupId: PROPERTY-GROUP-2\n propertyMap:\n KeyA: ValueA\n KeyB: ValueB\n flinkApplicationConfiguration:\n checkpointConfiguration:\n configurationType: DEFAULT\n monitoringConfiguration:\n configurationType: CUSTOM\n logLevel: DEBUG\n metricsLevel: TASK\n parallelismConfiguration:\n autoScalingEnabled: true\n configurationType: CUSTOM\n parallelism: 10\n parallelismPerKpu: 4\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQL Application\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"example-sql-application\"});\nconst exampleLogStream = new aws.cloudwatch.LogStream(\"example\", {\n name: \"example-sql-application\",\n logGroupName: example.name,\n});\nconst exampleApplication = new aws.kinesisanalyticsv2.Application(\"example\", {\n name: \"example-sql-application\",\n runtimeEnvironment: \"SQL-1_0\",\n serviceExecutionRole: exampleAwsIamRole.arn,\n applicationConfiguration: {\n applicationCodeConfiguration: {\n codeContent: {\n textContent: \"SELECT 1;\\n\",\n },\n codeContentType: \"PLAINTEXT\",\n },\n sqlApplicationConfiguration: {\n input: {\n namePrefix: \"PREFIX_1\",\n inputParallelism: {\n count: 3,\n },\n inputSchema: {\n recordColumns: [\n {\n name: \"COLUMN_1\",\n sqlType: \"VARCHAR(8)\",\n mapping: \"MAPPING-1\",\n },\n {\n name: \"COLUMN_2\",\n sqlType: \"DOUBLE\",\n },\n ],\n recordEncoding: \"UTF-8\",\n recordFormat: {\n recordFormatType: \"CSV\",\n mappingParameters: {\n csvMappingParameters: {\n recordColumnDelimiter: \",\",\n recordRowDelimiter: \"\\n\",\n },\n },\n },\n },\n kinesisStreamsInput: {\n resourceArn: exampleAwsKinesisStream.arn,\n },\n },\n outputs: [\n {\n name: \"OUTPUT_1\",\n destinationSchema: {\n recordFormatType: \"JSON\",\n },\n lambdaOutput: {\n resourceArn: exampleAwsLambdaFunction.arn,\n },\n },\n {\n name: \"OUTPUT_2\",\n destinationSchema: {\n recordFormatType: \"CSV\",\n },\n kinesisFirehoseOutput: {\n resourceArn: exampleAwsKinesisFirehoseDeliveryStream.arn,\n },\n },\n ],\n referenceDataSource: {\n tableName: \"TABLE-1\",\n referenceSchema: {\n recordColumns: [{\n name: \"COLUMN_1\",\n sqlType: \"INTEGER\",\n }],\n recordFormat: {\n recordFormatType: \"JSON\",\n mappingParameters: {\n jsonMappingParameters: {\n recordRowPath: \"$\",\n },\n },\n },\n },\n s3ReferenceDataSource: {\n bucketArn: exampleAwsS3Bucket.arn,\n fileKey: \"KEY-1\",\n },\n },\n },\n },\n cloudwatchLoggingOptions: {\n logStreamArn: exampleLogStream.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"example-sql-application\")\nexample_log_stream = aws.cloudwatch.LogStream(\"example\",\n name=\"example-sql-application\",\n log_group_name=example.name)\nexample_application = aws.kinesisanalyticsv2.Application(\"example\",\n name=\"example-sql-application\",\n runtime_environment=\"SQL-1_0\",\n service_execution_role=example_aws_iam_role[\"arn\"],\n application_configuration={\n \"application_code_configuration\": {\n \"code_content\": {\n \"text_content\": \"SELECT 1;\\n\",\n },\n \"code_content_type\": \"PLAINTEXT\",\n },\n \"sql_application_configuration\": {\n \"input\": {\n \"name_prefix\": \"PREFIX_1\",\n \"input_parallelism\": {\n \"count\": 3,\n },\n \"input_schema\": {\n \"record_columns\": [\n {\n \"name\": \"COLUMN_1\",\n \"sql_type\": \"VARCHAR(8)\",\n \"mapping\": \"MAPPING-1\",\n },\n {\n \"name\": \"COLUMN_2\",\n \"sql_type\": \"DOUBLE\",\n },\n ],\n \"record_encoding\": \"UTF-8\",\n \"record_format\": {\n \"record_format_type\": \"CSV\",\n \"mapping_parameters\": {\n \"csv_mapping_parameters\": {\n \"record_column_delimiter\": \",\",\n \"record_row_delimiter\": \"\\n\",\n },\n },\n },\n },\n \"kinesis_streams_input\": {\n \"resource_arn\": example_aws_kinesis_stream[\"arn\"],\n },\n },\n \"outputs\": [\n {\n \"name\": \"OUTPUT_1\",\n \"destination_schema\": {\n \"record_format_type\": \"JSON\",\n },\n \"lambda_output\": {\n \"resource_arn\": example_aws_lambda_function[\"arn\"],\n },\n },\n {\n \"name\": \"OUTPUT_2\",\n \"destination_schema\": {\n \"record_format_type\": \"CSV\",\n },\n \"kinesis_firehose_output\": {\n \"resource_arn\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n },\n },\n ],\n \"reference_data_source\": {\n \"table_name\": \"TABLE-1\",\n \"reference_schema\": {\n \"record_columns\": [{\n \"name\": \"COLUMN_1\",\n \"sql_type\": \"INTEGER\",\n }],\n \"record_format\": {\n \"record_format_type\": \"JSON\",\n \"mapping_parameters\": {\n \"json_mapping_parameters\": {\n \"record_row_path\": \"$\",\n },\n },\n },\n },\n \"s3_reference_data_source\": {\n \"bucket_arn\": example_aws_s3_bucket[\"arn\"],\n \"file_key\": \"KEY-1\",\n },\n },\n },\n },\n cloudwatch_logging_options={\n \"log_stream_arn\": example_log_stream.arn,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example-sql-application\",\n });\n\n var exampleLogStream = new Aws.CloudWatch.LogStream(\"example\", new()\n {\n Name = \"example-sql-application\",\n LogGroupName = example.Name,\n });\n\n var exampleApplication = new Aws.KinesisAnalyticsV2.Application(\"example\", new()\n {\n Name = \"example-sql-application\",\n RuntimeEnvironment = \"SQL-1_0\",\n ServiceExecutionRole = exampleAwsIamRole.Arn,\n ApplicationConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationArgs\n {\n ApplicationCodeConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs\n {\n CodeContent = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs\n {\n TextContent = @\"SELECT 1;\n\",\n },\n CodeContentType = \"PLAINTEXT\",\n },\n SqlApplicationConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationArgs\n {\n Input = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputArgs\n {\n NamePrefix = \"PREFIX_1\",\n InputParallelism = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelismArgs\n {\n Count = 3,\n },\n InputSchema = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaArgs\n {\n RecordColumns = new[]\n {\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs\n {\n Name = \"COLUMN_1\",\n SqlType = \"VARCHAR(8)\",\n Mapping = \"MAPPING-1\",\n },\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs\n {\n Name = \"COLUMN_2\",\n SqlType = \"DOUBLE\",\n },\n },\n RecordEncoding = \"UTF-8\",\n RecordFormat = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatArgs\n {\n RecordFormatType = \"CSV\",\n MappingParameters = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersArgs\n {\n CsvMappingParameters = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParametersArgs\n {\n RecordColumnDelimiter = \",\",\n RecordRowDelimiter = @\"\n\",\n },\n },\n },\n },\n KinesisStreamsInput = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInputArgs\n {\n ResourceArn = exampleAwsKinesisStream.Arn,\n },\n },\n Outputs = new[]\n {\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputArgs\n {\n Name = \"OUTPUT_1\",\n DestinationSchema = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs\n {\n RecordFormatType = \"JSON\",\n },\n LambdaOutput = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutputArgs\n {\n ResourceArn = exampleAwsLambdaFunction.Arn,\n },\n },\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputArgs\n {\n Name = \"OUTPUT_2\",\n DestinationSchema = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs\n {\n RecordFormatType = \"CSV\",\n },\n KinesisFirehoseOutput = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutputArgs\n {\n ResourceArn = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n },\n },\n },\n ReferenceDataSource = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceArgs\n {\n TableName = \"TABLE-1\",\n ReferenceSchema = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaArgs\n {\n RecordColumns = new[]\n {\n new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumnArgs\n {\n Name = \"COLUMN_1\",\n SqlType = \"INTEGER\",\n },\n },\n RecordFormat = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatArgs\n {\n RecordFormatType = \"JSON\",\n MappingParameters = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersArgs\n {\n JsonMappingParameters = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParametersArgs\n {\n RecordRowPath = \"$\",\n },\n },\n },\n },\n S3ReferenceDataSource = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSourceArgs\n {\n BucketArn = exampleAwsS3Bucket.Arn,\n FileKey = \"KEY-1\",\n },\n },\n },\n },\n CloudwatchLoggingOptions = new Aws.KinesisAnalyticsV2.Inputs.ApplicationCloudwatchLoggingOptionsArgs\n {\n LogStreamArn = exampleLogStream.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesisanalyticsv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example-sql-application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogStream, err := cloudwatch.NewLogStream(ctx, \"example\", \u0026cloudwatch.LogStreamArgs{\n\t\t\tName: pulumi.String(\"example-sql-application\"),\n\t\t\tLogGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesisanalyticsv2.NewApplication(ctx, \"example\", \u0026kinesisanalyticsv2.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-sql-application\"),\n\t\t\tRuntimeEnvironment: pulumi.String(\"SQL-1_0\"),\n\t\t\tServiceExecutionRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tApplicationConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationArgs{\n\t\t\t\tApplicationCodeConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs{\n\t\t\t\t\tCodeContent: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs{\n\t\t\t\t\t\tTextContent: pulumi.String(\"SELECT 1;\\n\"),\n\t\t\t\t\t},\n\t\t\t\t\tCodeContentType: pulumi.String(\"PLAINTEXT\"),\n\t\t\t\t},\n\t\t\t\tSqlApplicationConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationArgs{\n\t\t\t\t\tInput: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputTypeArgs{\n\t\t\t\t\t\tNamePrefix: pulumi.String(\"PREFIX_1\"),\n\t\t\t\t\t\tInputParallelism: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelismArgs{\n\t\t\t\t\t\t\tCount: pulumi.Int(3),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tInputSchema: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaArgs{\n\t\t\t\t\t\t\tRecordColumns: kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArray{\n\t\t\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"COLUMN_1\"),\n\t\t\t\t\t\t\t\t\tSqlType: pulumi.String(\"VARCHAR(8)\"),\n\t\t\t\t\t\t\t\t\tMapping: pulumi.String(\"MAPPING-1\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"COLUMN_2\"),\n\t\t\t\t\t\t\t\t\tSqlType: pulumi.String(\"DOUBLE\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tRecordEncoding: pulumi.String(\"UTF-8\"),\n\t\t\t\t\t\t\tRecordFormat: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatArgs{\n\t\t\t\t\t\t\t\tRecordFormatType: pulumi.String(\"CSV\"),\n\t\t\t\t\t\t\t\tMappingParameters: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersArgs{\n\t\t\t\t\t\t\t\t\tCsvMappingParameters: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParametersArgs{\n\t\t\t\t\t\t\t\t\t\tRecordColumnDelimiter: pulumi.String(\",\"),\n\t\t\t\t\t\t\t\t\t\tRecordRowDelimiter: pulumi.String(\"\\n\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tKinesisStreamsInput: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInputArgs{\n\t\t\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tOutputs: kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputTypeArray{\n\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputTypeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"OUTPUT_1\"),\n\t\t\t\t\t\t\tDestinationSchema: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs{\n\t\t\t\t\t\t\t\tRecordFormatType: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tLambdaOutput: kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutputArgs{\n\t\t\t\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputTypeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"OUTPUT_2\"),\n\t\t\t\t\t\t\tDestinationSchema: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs{\n\t\t\t\t\t\t\t\tRecordFormatType: pulumi.String(\"CSV\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tKinesisFirehoseOutput: kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutputArgs{\n\t\t\t\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tReferenceDataSource: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceArgs{\n\t\t\t\t\t\tTableName: pulumi.String(\"TABLE-1\"),\n\t\t\t\t\t\tReferenceSchema: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaArgs{\n\t\t\t\t\t\t\tRecordColumns: kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumnArray{\n\t\t\t\t\t\t\t\t\u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumnArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"COLUMN_1\"),\n\t\t\t\t\t\t\t\t\tSqlType: pulumi.String(\"INTEGER\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tRecordFormat: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatArgs{\n\t\t\t\t\t\t\t\tRecordFormatType: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t\t\tMappingParameters: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersArgs{\n\t\t\t\t\t\t\t\t\tJsonMappingParameters: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParametersArgs{\n\t\t\t\t\t\t\t\t\t\tRecordRowPath: pulumi.String(\"$\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tS3ReferenceDataSource: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSourceArgs{\n\t\t\t\t\t\t\tBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\t\t\t\t\tFileKey: pulumi.String(\"KEY-1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tCloudwatchLoggingOptions: \u0026kinesisanalyticsv2.ApplicationCloudwatchLoggingOptionsArgs{\n\t\t\t\tLogStreamArn: exampleLogStream.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudwatch.LogStream;\nimport com.pulumi.aws.cloudwatch.LogStreamArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.Application;\nimport com.pulumi.aws.kinesisanalyticsv2.ApplicationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelismArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParametersArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInputArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParametersArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSourceArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationCloudwatchLoggingOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(\"example-sql-application\")\n .build());\n\n var exampleLogStream = new LogStream(\"exampleLogStream\", LogStreamArgs.builder()\n .name(\"example-sql-application\")\n .logGroupName(example.name())\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example-sql-application\")\n .runtimeEnvironment(\"SQL-1_0\")\n .serviceExecutionRole(exampleAwsIamRole.arn())\n .applicationConfiguration(ApplicationApplicationConfigurationArgs.builder()\n .applicationCodeConfiguration(ApplicationApplicationConfigurationApplicationCodeConfigurationArgs.builder()\n .codeContent(ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs.builder()\n .textContent(\"\"\"\nSELECT 1;\n \"\"\")\n .build())\n .codeContentType(\"PLAINTEXT\")\n .build())\n .sqlApplicationConfiguration(ApplicationApplicationConfigurationSqlApplicationConfigurationArgs.builder()\n .input(ApplicationApplicationConfigurationSqlApplicationConfigurationInputArgs.builder()\n .namePrefix(\"PREFIX_1\")\n .inputParallelism(ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputParallelismArgs.builder()\n .count(3)\n .build())\n .inputSchema(ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaArgs.builder()\n .recordColumns( \n ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs.builder()\n .name(\"COLUMN_1\")\n .sqlType(\"VARCHAR(8)\")\n .mapping(\"MAPPING-1\")\n .build(),\n ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordColumnArgs.builder()\n .name(\"COLUMN_2\")\n .sqlType(\"DOUBLE\")\n .build())\n .recordEncoding(\"UTF-8\")\n .recordFormat(ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatArgs.builder()\n .recordFormatType(\"CSV\")\n .mappingParameters(ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersArgs.builder()\n .csvMappingParameters(ApplicationApplicationConfigurationSqlApplicationConfigurationInputInputSchemaRecordFormatMappingParametersCsvMappingParametersArgs.builder()\n .recordColumnDelimiter(\",\")\n .recordRowDelimiter(\"\"\"\n\n \"\"\")\n .build())\n .build())\n .build())\n .build())\n .kinesisStreamsInput(ApplicationApplicationConfigurationSqlApplicationConfigurationInputKinesisStreamsInputArgs.builder()\n .resourceArn(exampleAwsKinesisStream.arn())\n .build())\n .build())\n .outputs( \n ApplicationApplicationConfigurationSqlApplicationConfigurationOutputArgs.builder()\n .name(\"OUTPUT_1\")\n .destinationSchema(ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs.builder()\n .recordFormatType(\"JSON\")\n .build())\n .lambdaOutput(ApplicationApplicationConfigurationSqlApplicationConfigurationOutputLambdaOutputArgs.builder()\n .resourceArn(exampleAwsLambdaFunction.arn())\n .build())\n .build(),\n ApplicationApplicationConfigurationSqlApplicationConfigurationOutputArgs.builder()\n .name(\"OUTPUT_2\")\n .destinationSchema(ApplicationApplicationConfigurationSqlApplicationConfigurationOutputDestinationSchemaArgs.builder()\n .recordFormatType(\"CSV\")\n .build())\n .kinesisFirehoseOutput(ApplicationApplicationConfigurationSqlApplicationConfigurationOutputKinesisFirehoseOutputArgs.builder()\n .resourceArn(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .build())\n .build())\n .referenceDataSource(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceArgs.builder()\n .tableName(\"TABLE-1\")\n .referenceSchema(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaArgs.builder()\n .recordColumns(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordColumnArgs.builder()\n .name(\"COLUMN_1\")\n .sqlType(\"INTEGER\")\n .build())\n .recordFormat(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatArgs.builder()\n .recordFormatType(\"JSON\")\n .mappingParameters(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersArgs.builder()\n .jsonMappingParameters(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceReferenceSchemaRecordFormatMappingParametersJsonMappingParametersArgs.builder()\n .recordRowPath(\"$\")\n .build())\n .build())\n .build())\n .build())\n .s3ReferenceDataSource(ApplicationApplicationConfigurationSqlApplicationConfigurationReferenceDataSourceS3ReferenceDataSourceArgs.builder()\n .bucketArn(exampleAwsS3Bucket.arn())\n .fileKey(\"KEY-1\")\n .build())\n .build())\n .build())\n .build())\n .cloudwatchLoggingOptions(ApplicationCloudwatchLoggingOptionsArgs.builder()\n .logStreamArn(exampleLogStream.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example-sql-application\n exampleLogStream:\n type: aws:cloudwatch:LogStream\n name: example\n properties:\n name: example-sql-application\n logGroupName: ${example.name}\n exampleApplication:\n type: aws:kinesisanalyticsv2:Application\n name: example\n properties:\n name: example-sql-application\n runtimeEnvironment: SQL-1_0\n serviceExecutionRole: ${exampleAwsIamRole.arn}\n applicationConfiguration:\n applicationCodeConfiguration:\n codeContent:\n textContent: |\n SELECT 1;\n codeContentType: PLAINTEXT\n sqlApplicationConfiguration:\n input:\n namePrefix: PREFIX_1\n inputParallelism:\n count: 3\n inputSchema:\n recordColumns:\n - name: COLUMN_1\n sqlType: VARCHAR(8)\n mapping: MAPPING-1\n - name: COLUMN_2\n sqlType: DOUBLE\n recordEncoding: UTF-8\n recordFormat:\n recordFormatType: CSV\n mappingParameters:\n csvMappingParameters:\n recordColumnDelimiter: ','\n recordRowDelimiter: |2+\n kinesisStreamsInput:\n resourceArn: ${exampleAwsKinesisStream.arn}\n outputs:\n - name: OUTPUT_1\n destinationSchema:\n recordFormatType: JSON\n lambdaOutput:\n resourceArn: ${exampleAwsLambdaFunction.arn}\n - name: OUTPUT_2\n destinationSchema:\n recordFormatType: CSV\n kinesisFirehoseOutput:\n resourceArn: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n referenceDataSource:\n tableName: TABLE-1\n referenceSchema:\n recordColumns:\n - name: COLUMN_1\n sqlType: INTEGER\n recordFormat:\n recordFormatType: JSON\n mappingParameters:\n jsonMappingParameters:\n recordRowPath: $\n s3ReferenceDataSource:\n bucketArn: ${exampleAwsS3Bucket.arn}\n fileKey: KEY-1\n cloudwatchLoggingOptions:\n logStreamArn: ${exampleLogStream.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example-flink-application\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: example.id,\n key: \"example-flink-application\",\n source: new pulumi.asset.FileAsset(\"flink-app.jar\"),\n});\nconst exampleApplication = new aws.kinesisanalyticsv2.Application(\"example\", {\n name: \"example-flink-application\",\n runtimeEnvironment: \"FLINK-1_8\",\n serviceExecutionRole: exampleAwsIamRole.arn,\n applicationConfiguration: {\n applicationCodeConfiguration: {\n codeContent: {\n s3ContentLocation: {\n bucketArn: example.arn,\n fileKey: exampleBucketObjectv2.key,\n },\n },\n codeContentType: \"ZIPFILE\",\n },\n vpcConfiguration: {\n securityGroupIds: [\n exampleAwsSecurityGroup[0].id,\n exampleAwsSecurityGroup[1].id,\n ],\n subnetIds: [exampleAwsSubnet.id],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example-flink-application\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example.id,\n key=\"example-flink-application\",\n source=pulumi.FileAsset(\"flink-app.jar\"))\nexample_application = aws.kinesisanalyticsv2.Application(\"example\",\n name=\"example-flink-application\",\n runtime_environment=\"FLINK-1_8\",\n service_execution_role=example_aws_iam_role[\"arn\"],\n application_configuration={\n \"application_code_configuration\": {\n \"code_content\": {\n \"s3_content_location\": {\n \"bucket_arn\": example.arn,\n \"file_key\": example_bucket_objectv2.key,\n },\n },\n \"code_content_type\": \"ZIPFILE\",\n },\n \"vpc_configuration\": {\n \"security_group_ids\": [\n example_aws_security_group[0][\"id\"],\n example_aws_security_group[1][\"id\"],\n ],\n \"subnet_ids\": [example_aws_subnet[\"id\"]],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-flink-application\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = example.Id,\n Key = \"example-flink-application\",\n Source = new FileAsset(\"flink-app.jar\"),\n });\n\n var exampleApplication = new Aws.KinesisAnalyticsV2.Application(\"example\", new()\n {\n Name = \"example-flink-application\",\n RuntimeEnvironment = \"FLINK-1_8\",\n ServiceExecutionRole = exampleAwsIamRole.Arn,\n ApplicationConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationArgs\n {\n ApplicationCodeConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs\n {\n CodeContent = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs\n {\n S3ContentLocation = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs\n {\n BucketArn = example.Arn,\n FileKey = exampleBucketObjectv2.Key,\n },\n },\n CodeContentType = \"ZIPFILE\",\n },\n VpcConfiguration = new Aws.KinesisAnalyticsV2.Inputs.ApplicationApplicationConfigurationVpcConfigurationArgs\n {\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup[0].Id,\n exampleAwsSecurityGroup[1].Id,\n },\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesisanalyticsv2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-flink-application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"example-flink-application\"),\n\t\t\tSource: pulumi.NewFileAsset(\"flink-app.jar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesisanalyticsv2.NewApplication(ctx, \"example\", \u0026kinesisanalyticsv2.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example-flink-application\"),\n\t\t\tRuntimeEnvironment: pulumi.String(\"FLINK-1_8\"),\n\t\t\tServiceExecutionRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tApplicationConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationArgs{\n\t\t\t\tApplicationCodeConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs{\n\t\t\t\t\tCodeContent: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs{\n\t\t\t\t\t\tS3ContentLocation: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs{\n\t\t\t\t\t\t\tBucketArn: example.Arn,\n\t\t\t\t\t\t\tFileKey: exampleBucketObjectv2.Key,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tCodeContentType: pulumi.String(\"ZIPFILE\"),\n\t\t\t\t},\n\t\t\t\tVpcConfiguration: \u0026kinesisanalyticsv2.ApplicationApplicationConfigurationVpcConfigurationArgs{\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsSecurityGroup[0].Id,\n\t\t\t\t\t\texampleAwsSecurityGroup[1].Id,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsSubnet.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.kinesisanalyticsv2.Application;\nimport com.pulumi.aws.kinesisanalyticsv2.ApplicationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs;\nimport com.pulumi.aws.kinesisanalyticsv2.inputs.ApplicationApplicationConfigurationVpcConfigurationArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-flink-application\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(example.id())\n .key(\"example-flink-application\")\n .source(new FileAsset(\"flink-app.jar\"))\n .build());\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example-flink-application\")\n .runtimeEnvironment(\"FLINK-1_8\")\n .serviceExecutionRole(exampleAwsIamRole.arn())\n .applicationConfiguration(ApplicationApplicationConfigurationArgs.builder()\n .applicationCodeConfiguration(ApplicationApplicationConfigurationApplicationCodeConfigurationArgs.builder()\n .codeContent(ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentArgs.builder()\n .s3ContentLocation(ApplicationApplicationConfigurationApplicationCodeConfigurationCodeContentS3ContentLocationArgs.builder()\n .bucketArn(example.arn())\n .fileKey(exampleBucketObjectv2.key())\n .build())\n .build())\n .codeContentType(\"ZIPFILE\")\n .build())\n .vpcConfiguration(ApplicationApplicationConfigurationVpcConfigurationArgs.builder()\n .securityGroupIds( \n exampleAwsSecurityGroup[0].id(),\n exampleAwsSecurityGroup[1].id())\n .subnetIds(exampleAwsSubnet.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-flink-application\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${example.id}\n key: example-flink-application\n source:\n fn::FileAsset: flink-app.jar\n exampleApplication:\n type: aws:kinesisanalyticsv2:Application\n name: example\n properties:\n name: example-flink-application\n runtimeEnvironment: FLINK-1_8\n serviceExecutionRole: ${exampleAwsIamRole.arn}\n applicationConfiguration:\n applicationCodeConfiguration:\n codeContent:\n s3ContentLocation:\n bucketArn: ${example.arn}\n fileKey: ${exampleBucketObjectv2.key}\n codeContentType: ZIPFILE\n vpcConfiguration:\n securityGroupIds:\n - ${exampleAwsSecurityGroup[0].id}\n - ${exampleAwsSecurityGroup[1].id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_kinesisanalyticsv2_application` using the application ARN. For example:\n\n```sh\n$ pulumi import aws:kinesisanalyticsv2/application:Application example arn:aws:kinesisanalytics:us-west-2:123456789012:application/example-sql-application\n```\n", "properties": { "applicationConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfiguration:ApplicationApplicationConfiguration", "description": "The application's configuration\n" }, "applicationMode": { "type": "string", "description": "The application's mode. Valid values are `STREAMING`, `INTERACTIVE`.\n" }, "arn": { "type": "string", "description": "The ARN of the application.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationCloudwatchLoggingOptions:ApplicationCloudwatchLoggingOptions", "description": "A CloudWatch log stream to monitor application configuration errors.\n" }, "createTimestamp": { "type": "string", "description": "The current timestamp when the application was created.\n" }, "description": { "type": "string", "description": "A summary description of the application.\n" }, "forceStop": { "type": "boolean", "description": "Whether to force stop an unresponsive Flink-based application.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The current timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "The name of the application.\n" }, "runtimeEnvironment": { "type": "string", "description": "The runtime environment for the application. Valid values: `SQL-1_0`, `FLINK-1_6`, `FLINK-1_8`, `FLINK-1_11`, `FLINK-1_13`, `FLINK-1_15`, `FLINK-1_18`, `FLINK-1_19`.\n" }, "serviceExecutionRole": { "type": "string", "description": "The ARN of the IAM role used by the application to access Kinesis data streams, Kinesis Data Firehose delivery streams, Amazon S3 objects, and other external resources.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the application.\n" }, "status": { "type": "string", "description": "The status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "integer", "description": "The current application version. Kinesis Data Analytics updates the `version_id` each time the application is updated.\n" } }, "required": [ "applicationConfiguration", "applicationMode", "arn", "createTimestamp", "lastUpdateTimestamp", "name", "runtimeEnvironment", "serviceExecutionRole", "status", "tagsAll", "versionId" ], "inputProperties": { "applicationConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfiguration:ApplicationApplicationConfiguration", "description": "The application's configuration\n" }, "applicationMode": { "type": "string", "description": "The application's mode. Valid values are `STREAMING`, `INTERACTIVE`.\n", "willReplaceOnChanges": true }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationCloudwatchLoggingOptions:ApplicationCloudwatchLoggingOptions", "description": "A CloudWatch log stream to monitor application configuration errors.\n" }, "description": { "type": "string", "description": "A summary description of the application.\n", "willReplaceOnChanges": true }, "forceStop": { "type": "boolean", "description": "Whether to force stop an unresponsive Flink-based application.\n" }, "name": { "type": "string", "description": "The name of the application.\n", "willReplaceOnChanges": true }, "runtimeEnvironment": { "type": "string", "description": "The runtime environment for the application. Valid values: `SQL-1_0`, `FLINK-1_6`, `FLINK-1_8`, `FLINK-1_11`, `FLINK-1_13`, `FLINK-1_15`, `FLINK-1_18`, `FLINK-1_19`.\n", "willReplaceOnChanges": true }, "serviceExecutionRole": { "type": "string", "description": "The ARN of the IAM role used by the application to access Kinesis data streams, Kinesis Data Firehose delivery streams, Amazon S3 objects, and other external resources.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "runtimeEnvironment", "serviceExecutionRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "applicationConfiguration": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationApplicationConfiguration:ApplicationApplicationConfiguration", "description": "The application's configuration\n" }, "applicationMode": { "type": "string", "description": "The application's mode. Valid values are `STREAMING`, `INTERACTIVE`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The ARN of the application.\n" }, "cloudwatchLoggingOptions": { "$ref": "#/types/aws:kinesisanalyticsv2/ApplicationCloudwatchLoggingOptions:ApplicationCloudwatchLoggingOptions", "description": "A CloudWatch log stream to monitor application configuration errors.\n" }, "createTimestamp": { "type": "string", "description": "The current timestamp when the application was created.\n" }, "description": { "type": "string", "description": "A summary description of the application.\n", "willReplaceOnChanges": true }, "forceStop": { "type": "boolean", "description": "Whether to force stop an unresponsive Flink-based application.\n" }, "lastUpdateTimestamp": { "type": "string", "description": "The current timestamp when the application was last updated.\n" }, "name": { "type": "string", "description": "The name of the application.\n", "willReplaceOnChanges": true }, "runtimeEnvironment": { "type": "string", "description": "The runtime environment for the application. Valid values: `SQL-1_0`, `FLINK-1_6`, `FLINK-1_8`, `FLINK-1_11`, `FLINK-1_13`, `FLINK-1_15`, `FLINK-1_18`, `FLINK-1_19`.\n", "willReplaceOnChanges": true }, "serviceExecutionRole": { "type": "string", "description": "The ARN of the IAM role used by the application to access Kinesis data streams, Kinesis Data Firehose delivery streams, Amazon S3 objects, and other external resources.\n" }, "startApplication": { "type": "boolean", "description": "Whether to start or stop the application.\n" }, "status": { "type": "string", "description": "The status of the application.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the application. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "integer", "description": "The current application version. Kinesis Data Analytics updates the `version_id` each time the application is updated.\n" } }, "type": "object" } }, "aws:kinesisanalyticsv2/applicationSnapshot:ApplicationSnapshot": { "description": "Manages a Kinesis Analytics v2 Application Snapshot.\nSnapshots are the AWS implementation of [Flink Savepoints](https://ci.apache.org/projects/flink/flink-docs-release-1.11/ops/state/savepoints.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kinesisanalyticsv2.ApplicationSnapshot(\"example\", {\n applicationName: exampleAwsKinesisanalyticsv2Application.name,\n snapshotName: \"example-snapshot\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kinesisanalyticsv2.ApplicationSnapshot(\"example\",\n application_name=example_aws_kinesisanalyticsv2_application[\"name\"],\n snapshot_name=\"example-snapshot\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.KinesisAnalyticsV2.ApplicationSnapshot(\"example\", new()\n {\n ApplicationName = exampleAwsKinesisanalyticsv2Application.Name,\n SnapshotName = \"example-snapshot\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesisanalyticsv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesisanalyticsv2.NewApplicationSnapshot(ctx, \"example\", \u0026kinesisanalyticsv2.ApplicationSnapshotArgs{\n\t\t\tApplicationName: pulumi.Any(exampleAwsKinesisanalyticsv2Application.Name),\n\t\t\tSnapshotName: pulumi.String(\"example-snapshot\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesisanalyticsv2.ApplicationSnapshot;\nimport com.pulumi.aws.kinesisanalyticsv2.ApplicationSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationSnapshot(\"example\", ApplicationSnapshotArgs.builder()\n .applicationName(exampleAwsKinesisanalyticsv2Application.name())\n .snapshotName(\"example-snapshot\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kinesisanalyticsv2:ApplicationSnapshot\n properties:\n applicationName: ${exampleAwsKinesisanalyticsv2Application.name}\n snapshotName: example-snapshot\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_kinesisanalyticsv2_application` using `application_name` together with `snapshot_name`. For example:\n\n```sh\n$ pulumi import aws:kinesisanalyticsv2/applicationSnapshot:ApplicationSnapshot example example-application/example-snapshot\n```\n", "properties": { "applicationName": { "type": "string", "description": "The name of an existing Kinesis Analytics v2 Application. Note that the application must be running for a snapshot to be created.\n" }, "applicationVersionId": { "type": "integer", "description": "The current application version ID when the snapshot was created.\n" }, "snapshotCreationTimestamp": { "type": "string", "description": "The timestamp of the application snapshot.\n" }, "snapshotName": { "type": "string", "description": "The name of the application snapshot.\n" } }, "required": [ "applicationName", "applicationVersionId", "snapshotCreationTimestamp", "snapshotName" ], "inputProperties": { "applicationName": { "type": "string", "description": "The name of an existing Kinesis Analytics v2 Application. Note that the application must be running for a snapshot to be created.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "The name of the application snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "applicationName", "snapshotName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationSnapshot resources.\n", "properties": { "applicationName": { "type": "string", "description": "The name of an existing Kinesis Analytics v2 Application. Note that the application must be running for a snapshot to be created.\n", "willReplaceOnChanges": true }, "applicationVersionId": { "type": "integer", "description": "The current application version ID when the snapshot was created.\n" }, "snapshotCreationTimestamp": { "type": "string", "description": "The timestamp of the application snapshot.\n" }, "snapshotName": { "type": "string", "description": "The name of the application snapshot.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kms/alias:Alias": { "description": "Provides an alias for a KMS customer master key. AWS Console enforces 1-to-1 mapping between aliases \u0026 keys,\nbut API (hence this provider too) allows you to create as many aliases as\nthe [account limits](http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) allow you.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst a = new aws.kms.Key(\"a\", {});\nconst aAlias = new aws.kms.Alias(\"a\", {\n name: \"alias/my-key-alias\",\n targetKeyId: a.keyId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\na = aws.kms.Key(\"a\")\na_alias = aws.kms.Alias(\"a\",\n name=\"alias/my-key-alias\",\n target_key_id=a.key_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var a = new Aws.Kms.Key(\"a\");\n\n var aAlias = new Aws.Kms.Alias(\"a\", new()\n {\n Name = \"alias/my-key-alias\",\n TargetKeyId = a.KeyId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ta, err := kms.NewKey(ctx, \"a\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewAlias(ctx, \"a\", \u0026kms.AliasArgs{\n\t\t\tName: pulumi.String(\"alias/my-key-alias\"),\n\t\t\tTargetKeyId: a.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.Alias;\nimport com.pulumi.aws.kms.AliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var a = new Key(\"a\");\n\n var aAlias = new Alias(\"aAlias\", AliasArgs.builder()\n .name(\"alias/my-key-alias\")\n .targetKeyId(a.keyId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n a:\n type: aws:kms:Key\n aAlias:\n type: aws:kms:Alias\n name: a\n properties:\n name: alias/my-key-alias\n targetKeyId: ${a.keyId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS aliases using the `name`. For example:\n\n```sh\n$ pulumi import aws:kms/alias:Alias a alias/my-key-alias\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key alias.\n" }, "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n" }, "targetKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target key identifier.\n" }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "required": [ "arn", "name", "namePrefix", "targetKeyArn", "targetKeyId" ], "inputProperties": { "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n", "willReplaceOnChanges": true }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "requiredInputs": [ "targetKeyId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key alias.\n" }, "name": { "type": "string", "description": "The display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates an unique alias beginning with the specified prefix.\nThe name must start with the word \"alias\" followed by a forward slash (alias/). Conflicts with `name`.\n", "willReplaceOnChanges": true }, "targetKeyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the target key identifier.\n" }, "targetKeyId": { "type": "string", "description": "Identifier for the key for which the alias is for, can be either an ARN or key_id.\n" } }, "type": "object" } }, "aws:kms/ciphertext:Ciphertext": { "description": "The KMS ciphertext resource allows you to encrypt plaintext into ciphertext\nby using an AWS KMS customer master key. The value returned by this resource\nis stable across every apply. For a changing ciphertext value each apply, see\nthe `aws.kms.Ciphertext` data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oauthConfig = new aws.kms.Key(\"oauth_config\", {\n description: \"oauth config\",\n isEnabled: true,\n});\nconst oauth = new aws.kms.Ciphertext(\"oauth\", {\n keyId: oauthConfig.keyId,\n plaintext: `{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noauth_config = aws.kms.Key(\"oauth_config\",\n description=\"oauth config\",\n is_enabled=True)\noauth = aws.kms.Ciphertext(\"oauth\",\n key_id=oauth_config.key_id,\n plaintext=\"\"\"{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oauthConfig = new Aws.Kms.Key(\"oauth_config\", new()\n {\n Description = \"oauth config\",\n IsEnabled = true,\n });\n\n var oauth = new Aws.Kms.Ciphertext(\"oauth\", new()\n {\n KeyId = oauthConfig.KeyId,\n Plaintext = @\"{\n \"\"client_id\"\": \"\"e587dbae22222f55da22\"\",\n \"\"client_secret\"\": \"\"8289575d00000ace55e1815ec13673955721b8a5\"\"\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toauthConfig, err := kms.NewKey(ctx, \"oauth_config\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"oauth config\"),\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewCiphertext(ctx, \"oauth\", \u0026kms.CiphertextArgs{\n\t\t\tKeyId: oauthConfig.KeyId,\n\t\t\tPlaintext: pulumi.String(\"{\\n \\\"client_id\\\": \\\"e587dbae22222f55da22\\\",\\n \\\"client_secret\\\": \\\"8289575d00000ace55e1815ec13673955721b8a5\\\"\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.Ciphertext;\nimport com.pulumi.aws.kms.CiphertextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oauthConfig = new Key(\"oauthConfig\", KeyArgs.builder()\n .description(\"oauth config\")\n .isEnabled(true)\n .build());\n\n var oauth = new Ciphertext(\"oauth\", CiphertextArgs.builder()\n .keyId(oauthConfig.keyId())\n .plaintext(\"\"\"\n{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n oauthConfig:\n type: aws:kms:Key\n name: oauth_config\n properties:\n description: oauth config\n isEnabled: true\n oauth:\n type: aws:kms:Ciphertext\n properties:\n keyId: ${oauthConfig.keyId}\n plaintext: |\n {\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "ciphertextBlob": { "type": "string", "description": "Base64 encoded ciphertext\n" }, "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n", "secret": true } }, "required": [ "ciphertextBlob", "keyId", "plaintext" ], "inputProperties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n", "willReplaceOnChanges": true }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n", "willReplaceOnChanges": true }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n", "secret": true, "willReplaceOnChanges": true } }, "requiredInputs": [ "keyId", "plaintext" ], "stateInputs": { "description": "Input properties used for looking up and filtering Ciphertext resources.\n", "properties": { "ciphertextBlob": { "type": "string", "description": "Base64 encoded ciphertext\n" }, "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n", "willReplaceOnChanges": true }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n", "willReplaceOnChanges": true }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n", "secret": true, "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kms/customKeyStore:CustomKeyStore": { "description": "Resource for managing an AWS KMS (Key Management) Custom Key Store.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.kms.CustomKeyStore(\"test\", {\n cloudHsmClusterId: cloudHsmClusterId,\n customKeyStoreName: \"kms-custom-key-store-test\",\n keyStorePassword: \"noplaintextpasswords1\",\n trustAnchorCertificate: std.file({\n input: \"anchor-certificate.crt\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.kms.CustomKeyStore(\"test\",\n cloud_hsm_cluster_id=cloud_hsm_cluster_id,\n custom_key_store_name=\"kms-custom-key-store-test\",\n key_store_password=\"noplaintextpasswords1\",\n trust_anchor_certificate=std.file(input=\"anchor-certificate.crt\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Kms.CustomKeyStore(\"test\", new()\n {\n CloudHsmClusterId = cloudHsmClusterId,\n CustomKeyStoreName = \"kms-custom-key-store-test\",\n KeyStorePassword = \"noplaintextpasswords1\",\n TrustAnchorCertificate = Std.File.Invoke(new()\n {\n Input = \"anchor-certificate.crt\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"anchor-certificate.crt\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewCustomKeyStore(ctx, \"test\", \u0026kms.CustomKeyStoreArgs{\n\t\t\tCloudHsmClusterId: pulumi.Any(cloudHsmClusterId),\n\t\t\tCustomKeyStoreName: pulumi.String(\"kms-custom-key-store-test\"),\n\t\t\tKeyStorePassword: pulumi.String(\"noplaintextpasswords1\"),\n\t\t\tTrustAnchorCertificate: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.CustomKeyStore;\nimport com.pulumi.aws.kms.CustomKeyStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new CustomKeyStore(\"test\", CustomKeyStoreArgs.builder()\n .cloudHsmClusterId(cloudHsmClusterId)\n .customKeyStoreName(\"kms-custom-key-store-test\")\n .keyStorePassword(\"noplaintextpasswords1\")\n .trustAnchorCertificate(StdFunctions.file(FileArgs.builder()\n .input(\"anchor-certificate.crt\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:kms:CustomKeyStore\n properties:\n cloudHsmClusterId: ${cloudHsmClusterId}\n customKeyStoreName: kms-custom-key-store-test\n keyStorePassword: noplaintextpasswords1\n trustAnchorCertificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: anchor-certificate.crt\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS (Key Management) Custom Key Store using the `id`. For example:\n\n```sh\n$ pulumi import aws:kms/customKeyStore:CustomKeyStore example cks-5ebd4ef395a96288e\n```\n", "properties": { "cloudHsmClusterId": { "type": "string", "description": "Cluster ID of CloudHSM.\n" }, "customKeyStoreName": { "type": "string", "description": "Unique name for Custom Key Store.\n" }, "keyStorePassword": { "type": "string", "description": "Password for `kmsuser` on CloudHSM.\n" }, "trustAnchorCertificate": { "type": "string", "description": "Customer certificate used for signing on CloudHSM.\n" } }, "required": [ "cloudHsmClusterId", "customKeyStoreName", "keyStorePassword", "trustAnchorCertificate" ], "inputProperties": { "cloudHsmClusterId": { "type": "string", "description": "Cluster ID of CloudHSM.\n", "willReplaceOnChanges": true }, "customKeyStoreName": { "type": "string", "description": "Unique name for Custom Key Store.\n" }, "keyStorePassword": { "type": "string", "description": "Password for `kmsuser` on CloudHSM.\n" }, "trustAnchorCertificate": { "type": "string", "description": "Customer certificate used for signing on CloudHSM.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cloudHsmClusterId", "customKeyStoreName", "keyStorePassword", "trustAnchorCertificate" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomKeyStore resources.\n", "properties": { "cloudHsmClusterId": { "type": "string", "description": "Cluster ID of CloudHSM.\n", "willReplaceOnChanges": true }, "customKeyStoreName": { "type": "string", "description": "Unique name for Custom Key Store.\n" }, "keyStorePassword": { "type": "string", "description": "Password for `kmsuser` on CloudHSM.\n" }, "trustAnchorCertificate": { "type": "string", "description": "Customer certificate used for signing on CloudHSM.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kms/externalKey:ExternalKey": { "description": "Manages a single-Region or multi-Region primary KMS key that uses external key material.\nTo instead manage a single-Region or multi-Region primary KMS key where AWS automatically generates and potentially rotates key material, see the `aws.kms.Key` resource.\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.ExternalKey(\"example\", {description: \"KMS EXTERNAL for AMI encryption\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.ExternalKey(\"example\", description=\"KMS EXTERNAL for AMI encryption\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.ExternalKey(\"example\", new()\n {\n Description = \"KMS EXTERNAL for AMI encryption\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.NewExternalKey(ctx, \"example\", \u0026kms.ExternalKeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS EXTERNAL for AMI encryption\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.ExternalKey;\nimport com.pulumi.aws.kms.ExternalKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ExternalKey(\"example\", ExternalKeyArgs.builder()\n .description(\"KMS EXTERNAL for AMI encryption\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:ExternalKey\n properties:\n description: KMS EXTERNAL for AMI encryption\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS External Keys using the `id`. For example:\n\n```sh\n$ pulumi import aws:kms/externalKey:ExternalKey a arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to `true` increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the AWS Key Management Service Developer Guide. Defaults to `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n", "secret": true }, "keyState": { "type": "string", "description": "The state of the CMK.\n" }, "keyUsage": { "type": "string", "description": "The cryptographic operations for which you can use the CMK.\n" }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n" }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "required": [ "arn", "enabled", "expirationModel", "keyState", "keyUsage", "multiRegion", "policy", "tagsAll" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to `true` increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the AWS Key Management Service Developer Guide. Defaults to `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n", "secret": true, "willReplaceOnChanges": true }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ExternalKey resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to `true` increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the AWS Key Management Service Developer Guide. Defaults to `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "Duration in days after which the key is deleted after destruction of the resource. Must be between `7` and `30` days. Defaults to `30`.\n" }, "description": { "type": "string", "description": "Description of the key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.\n", "secret": true, "willReplaceOnChanges": true }, "keyState": { "type": "string", "description": "The state of the CMK.\n" }, "keyUsage": { "type": "string", "description": "The cryptographic operations for which you can use the CMK.\n" }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A key-value map of tags to assign to the key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "type": "object" } }, "aws:kms/grant:Grant": { "description": "Provides a resource-based access control mechanism for a KMS customer master key.\n\n\u003e **Note:** All arguments including the grant token will be stored in the raw state as plain-text.\n## Import\n\nUsing `pulumi import`, import KMS Grants using the Key ID and Grant ID separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:kms/grant:Grant test 1234abcd-12ab-34cd-56ef-1234567890ab:abcde1237f76e4ba7987489ac329fbfba6ad343d6f7075dbd1ef191f0120514\n```\n", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n" }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n" }, "grantId": { "type": "string", "description": "The unique identifier for the grant.\n" }, "grantToken": { "type": "string", "description": "The grant token for the created grant. For more information, see [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token).\n", "secret": true }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n" }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n" }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt`, `Encrypt`, `GenerateDataKey`, `GenerateDataKeyWithoutPlaintext`, `ReEncryptFrom`, `ReEncryptTo`, `Sign`, `Verify`, `GetPublicKey`, `CreateGrant`, `RetireGrant`, `DescribeKey`, `GenerateDataKeyPair`, or `GenerateDataKeyPairWithoutPlaintext`.\n" }, "retireOnDelete": { "type": "boolean", "description": "If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n" }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n" } }, "required": [ "grantId", "grantToken", "granteePrincipal", "keyId", "name", "operations" ], "inputProperties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n", "willReplaceOnChanges": true }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n", "willReplaceOnChanges": true }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n", "willReplaceOnChanges": true }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n", "willReplaceOnChanges": true }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt`, `Encrypt`, `GenerateDataKey`, `GenerateDataKeyWithoutPlaintext`, `ReEncryptFrom`, `ReEncryptTo`, `Sign`, `Verify`, `GetPublicKey`, `CreateGrant`, `RetireGrant`, `DescribeKey`, `GenerateDataKeyPair`, or `GenerateDataKeyPairWithoutPlaintext`.\n", "willReplaceOnChanges": true }, "retireOnDelete": { "type": "boolean", "description": "If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n", "willReplaceOnChanges": true }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "granteePrincipal", "keyId", "operations" ], "stateInputs": { "description": "Input properties used for looking up and filtering Grant resources.\n", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/aws:kms/GrantConstraint:GrantConstraint" }, "description": "A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see [Encryption Context](http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html).\n", "willReplaceOnChanges": true }, "grantCreationTokens": { "type": "array", "items": { "type": "string" }, "description": "A list of grant tokens to be used when creating the grant. See [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) for more information about grant tokens.\n", "willReplaceOnChanges": true }, "grantId": { "type": "string", "description": "The unique identifier for the grant.\n" }, "grantToken": { "type": "string", "description": "The grant token for the created grant. For more information, see [Grant Tokens](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token).\n", "secret": true }, "granteePrincipal": { "type": "string", "description": "The principal that is given permission to perform the operations that the grant permits in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n", "willReplaceOnChanges": true }, "keyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name for identifying the grant.\n", "willReplaceOnChanges": true }, "operations": { "type": "array", "items": { "type": "string" }, "description": "A list of operations that the grant permits. The permitted values are: `Decrypt`, `Encrypt`, `GenerateDataKey`, `GenerateDataKeyWithoutPlaintext`, `ReEncryptFrom`, `ReEncryptTo`, `Sign`, `Verify`, `GetPublicKey`, `CreateGrant`, `RetireGrant`, `DescribeKey`, `GenerateDataKeyPair`, or `GenerateDataKeyPairWithoutPlaintext`.\n", "willReplaceOnChanges": true }, "retireOnDelete": { "type": "boolean", "description": "If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.\nSee [RetireGrant](https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html) for more information.\n", "willReplaceOnChanges": true }, "retiringPrincipal": { "type": "string", "description": "The principal that is given permission to retire the grant by using RetireGrant operation in ARN format. Note that due to eventual consistency issues around IAM principals, the providers's state may not always be refreshed to reflect what is true in AWS.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kms/key:Key": { "description": "Manages a single-Region or multi-Region primary KMS key.\n\n\u003e **NOTE on KMS Key Policy:** KMS Key Policy can be configured in either the standalone resource `aws.kms.KeyPolicy`\nor with the parameter `policy` in this resource.\nConfiguring with both will cause inconsistencies and may overwrite configuration.\n\n## Example Usage\n\n### Symmetric Encryption KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"An example symmetric encryption KMS key\",\n enableKeyRotation: true,\n deletionWindowInDays: 20,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Id: \"key-default-1\",\n Statement: [\n {\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Action: \"kms:*\",\n Resource: \"*\",\n },\n {\n Sid: \"Allow administration of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:user/Alice`),\n },\n Action: [\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n Resource: \"*\",\n },\n {\n Sid: \"Allow use of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:user/Bob`),\n },\n Action: [\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n ],\n Resource: \"*\",\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"An example symmetric encryption KMS key\",\n enable_key_rotation=True,\n deletion_window_in_days=20,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default-1\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow administration of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:user/Alice\",\n },\n \"Action\": [\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:user/Bob\",\n },\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n ],\n \"Resource\": \"*\",\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"An example symmetric encryption KMS key\",\n EnableKeyRotation = true,\n DeletionWindowInDays = 20,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"key-default-1\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow administration of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:user/Alice\",\n },\n [\"Action\"] = new[]\n {\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n },\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow use of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:user/Bob\",\n },\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n },\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Id\": \"key-default-1\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow administration of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:user/Alice\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:ReplicateKey\",\n\t\t\t\t\t\t\"kms:Create*\",\n\t\t\t\t\t\t\"kms:Describe*\",\n\t\t\t\t\t\t\"kms:Enable*\",\n\t\t\t\t\t\t\"kms:List*\",\n\t\t\t\t\t\t\"kms:Put*\",\n\t\t\t\t\t\t\"kms:Update*\",\n\t\t\t\t\t\t\"kms:Revoke*\",\n\t\t\t\t\t\t\"kms:Disable*\",\n\t\t\t\t\t\t\"kms:Get*\",\n\t\t\t\t\t\t\"kms:Delete*\",\n\t\t\t\t\t\t\"kms:ScheduleKeyDeletion\",\n\t\t\t\t\t\t\"kms:CancelKeyDeletion\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow use of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:user/Bob\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:Encrypt\",\n\t\t\t\t\t\t\"kms:Decrypt\",\n\t\t\t\t\t\t\"kms:ReEncrypt*\",\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t\t\"kms:GenerateDataKeyWithoutPlaintext\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"An example symmetric encryption KMS key\"),\n\t\t\tEnableKeyRotation: pulumi.Bool(true),\n\t\t\tDeletionWindowInDays: pulumi.Int(20),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"An example symmetric encryption KMS key\")\n .enableKeyRotation(true)\n .deletionWindowInDays(20)\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"key-default-1\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow administration of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:user/Alice\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:ReplicateKey\", \n \"kms:Create*\", \n \"kms:Describe*\", \n \"kms:Enable*\", \n \"kms:List*\", \n \"kms:Put*\", \n \"kms:Update*\", \n \"kms:Revoke*\", \n \"kms:Disable*\", \n \"kms:Get*\", \n \"kms:Delete*\", \n \"kms:ScheduleKeyDeletion\", \n \"kms:CancelKeyDeletion\"\n )),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow use of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:user/Bob\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:Encrypt\", \n \"kms:Decrypt\", \n \"kms:ReEncrypt*\", \n \"kms:GenerateDataKey\", \n \"kms:GenerateDataKeyWithoutPlaintext\"\n )),\n jsonProperty(\"Resource\", \"*\")\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: An example symmetric encryption KMS key\n enableKeyRotation: true\n deletionWindowInDays: 20\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: key-default-1\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Action: kms:*\n Resource: '*'\n - Sid: Allow administration of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:user/Alice\n Action:\n - kms:ReplicateKey\n - kms:Create*\n - kms:Describe*\n - kms:Enable*\n - kms:List*\n - kms:Put*\n - kms:Update*\n - kms:Revoke*\n - kms:Disable*\n - kms:Get*\n - kms:Delete*\n - kms:ScheduleKeyDeletion\n - kms:CancelKeyDeletion\n Resource: '*'\n - Sid: Allow use of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:user/Bob\n Action:\n - kms:DescribeKey\n - kms:Encrypt\n - kms:Decrypt\n - kms:ReEncrypt*\n - kms:GenerateDataKey\n - kms:GenerateDataKeyWithoutPlaintext\n Resource: '*'\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Symmetric Encryption KMS Key With Standalone Policy Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"An example symmetric encryption KMS key\",\n enableKeyRotation: true,\n deletionWindowInDays: 20,\n});\nconst exampleKeyPolicy = new aws.kms.KeyPolicy(\"example\", {\n keyId: example.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Id: \"key-default-1\",\n Statement: [{\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Action: \"kms:*\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"An example symmetric encryption KMS key\",\n enable_key_rotation=True,\n deletion_window_in_days=20)\nexample_key_policy = aws.kms.KeyPolicy(\"example\",\n key_id=example.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default-1\",\n \"Statement\": [{\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"An example symmetric encryption KMS key\",\n EnableKeyRotation = true,\n DeletionWindowInDays = 20,\n });\n\n var exampleKeyPolicy = new Aws.Kms.KeyPolicy(\"example\", new()\n {\n KeyId = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"key-default-1\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"An example symmetric encryption KMS key\"),\n\t\t\tEnableKeyRotation: pulumi.Bool(true),\n\t\t\tDeletionWindowInDays: pulumi.Int(20),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Id\": \"key-default-1\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKeyPolicy(ctx, \"example\", \u0026kms.KeyPolicyArgs{\n\t\t\tKeyId: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KeyPolicy;\nimport com.pulumi.aws.kms.KeyPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"An example symmetric encryption KMS key\")\n .enableKeyRotation(true)\n .deletionWindowInDays(20)\n .build());\n\n var exampleKeyPolicy = new KeyPolicy(\"exampleKeyPolicy\", KeyPolicyArgs.builder()\n .keyId(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"key-default-1\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: An example symmetric encryption KMS key\n enableKeyRotation: true\n deletionWindowInDays: 20\n exampleKeyPolicy:\n type: aws:kms:KeyPolicy\n name: example\n properties:\n keyId: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: key-default-1\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Action: kms:*\n Resource: '*'\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Asymmetric KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"RSA-3072 asymmetric KMS key for signing and verification\",\n customerMasterKeySpec: \"RSA_3072\",\n keyUsage: \"SIGN_VERIFY\",\n enableKeyRotation: false,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Id: \"key-default-1\",\n Statement: [\n {\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Action: \"kms:*\",\n Resource: \"*\",\n },\n {\n Sid: \"Allow administration of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:role/Admin`),\n },\n Action: [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n Resource: \"*\",\n },\n {\n Sid: \"Allow use of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:role/Developer`),\n },\n Action: [\n \"kms:Sign\",\n \"kms:Verify\",\n \"kms:DescribeKey\",\n ],\n Resource: \"*\",\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"RSA-3072 asymmetric KMS key for signing and verification\",\n customer_master_key_spec=\"RSA_3072\",\n key_usage=\"SIGN_VERIFY\",\n enable_key_rotation=False,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default-1\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow administration of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:role/Admin\",\n },\n \"Action\": [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:role/Developer\",\n },\n \"Action\": [\n \"kms:Sign\",\n \"kms:Verify\",\n \"kms:DescribeKey\",\n ],\n \"Resource\": \"*\",\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"RSA-3072 asymmetric KMS key for signing and verification\",\n CustomerMasterKeySpec = \"RSA_3072\",\n KeyUsage = \"SIGN_VERIFY\",\n EnableKeyRotation = false,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"key-default-1\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow administration of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:role/Admin\",\n },\n [\"Action\"] = new[]\n {\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n },\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow use of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:role/Developer\",\n },\n [\"Action\"] = new[]\n {\n \"kms:Sign\",\n \"kms:Verify\",\n \"kms:DescribeKey\",\n },\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Id\": \"key-default-1\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow administration of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:role/Admin\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:Create*\",\n\t\t\t\t\t\t\"kms:Describe*\",\n\t\t\t\t\t\t\"kms:Enable*\",\n\t\t\t\t\t\t\"kms:List*\",\n\t\t\t\t\t\t\"kms:Put*\",\n\t\t\t\t\t\t\"kms:Update*\",\n\t\t\t\t\t\t\"kms:Revoke*\",\n\t\t\t\t\t\t\"kms:Disable*\",\n\t\t\t\t\t\t\"kms:Get*\",\n\t\t\t\t\t\t\"kms:Delete*\",\n\t\t\t\t\t\t\"kms:ScheduleKeyDeletion\",\n\t\t\t\t\t\t\"kms:CancelKeyDeletion\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow use of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:role/Developer\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t\t\"kms:Verify\",\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"RSA-3072 asymmetric KMS key for signing and verification\"),\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"RSA_3072\"),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tEnableKeyRotation: pulumi.Bool(false),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"RSA-3072 asymmetric KMS key for signing and verification\")\n .customerMasterKeySpec(\"RSA_3072\")\n .keyUsage(\"SIGN_VERIFY\")\n .enableKeyRotation(false)\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"key-default-1\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow administration of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:role/Admin\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:Create*\", \n \"kms:Describe*\", \n \"kms:Enable*\", \n \"kms:List*\", \n \"kms:Put*\", \n \"kms:Update*\", \n \"kms:Revoke*\", \n \"kms:Disable*\", \n \"kms:Get*\", \n \"kms:Delete*\", \n \"kms:ScheduleKeyDeletion\", \n \"kms:CancelKeyDeletion\"\n )),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow use of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:role/Developer\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:Sign\", \n \"kms:Verify\", \n \"kms:DescribeKey\"\n )),\n jsonProperty(\"Resource\", \"*\")\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: RSA-3072 asymmetric KMS key for signing and verification\n customerMasterKeySpec: RSA_3072\n keyUsage: SIGN_VERIFY\n enableKeyRotation: false\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: key-default-1\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Action: kms:*\n Resource: '*'\n - Sid: Allow administration of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:role/Admin\n Action:\n - kms:Create*\n - kms:Describe*\n - kms:Enable*\n - kms:List*\n - kms:Put*\n - kms:Update*\n - kms:Revoke*\n - kms:Disable*\n - kms:Get*\n - kms:Delete*\n - kms:ScheduleKeyDeletion\n - kms:CancelKeyDeletion\n Resource: '*'\n - Sid: Allow use of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:role/Developer\n Action:\n - kms:Sign\n - kms:Verify\n - kms:DescribeKey\n Resource: '*'\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HMAC KMS key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"HMAC_384 key for tokens\",\n customerMasterKeySpec: \"HMAC_384\",\n keyUsage: \"GENERATE_VERIFY_MAC\",\n enableKeyRotation: false,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Id: \"key-default-1\",\n Statement: [\n {\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Action: \"kms:*\",\n Resource: \"*\",\n },\n {\n Sid: \"Allow administration of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:role/Admin`),\n },\n Action: [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n Resource: \"*\",\n },\n {\n Sid: \"Allow use of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:role/Developer`),\n },\n Action: [\n \"kms:GenerateMac\",\n \"kms:VerifyMac\",\n \"kms:DescribeKey\",\n ],\n Resource: \"*\",\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"HMAC_384 key for tokens\",\n customer_master_key_spec=\"HMAC_384\",\n key_usage=\"GENERATE_VERIFY_MAC\",\n enable_key_rotation=False,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default-1\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow administration of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:role/Admin\",\n },\n \"Action\": [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:role/Developer\",\n },\n \"Action\": [\n \"kms:GenerateMac\",\n \"kms:VerifyMac\",\n \"kms:DescribeKey\",\n ],\n \"Resource\": \"*\",\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"HMAC_384 key for tokens\",\n CustomerMasterKeySpec = \"HMAC_384\",\n KeyUsage = \"GENERATE_VERIFY_MAC\",\n EnableKeyRotation = false,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"key-default-1\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow administration of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:role/Admin\",\n },\n [\"Action\"] = new[]\n {\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n },\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow use of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:role/Developer\",\n },\n [\"Action\"] = new[]\n {\n \"kms:GenerateMac\",\n \"kms:VerifyMac\",\n \"kms:DescribeKey\",\n },\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Id\": \"key-default-1\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow administration of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:role/Admin\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:Create*\",\n\t\t\t\t\t\t\"kms:Describe*\",\n\t\t\t\t\t\t\"kms:Enable*\",\n\t\t\t\t\t\t\"kms:List*\",\n\t\t\t\t\t\t\"kms:Put*\",\n\t\t\t\t\t\t\"kms:Update*\",\n\t\t\t\t\t\t\"kms:Revoke*\",\n\t\t\t\t\t\t\"kms:Disable*\",\n\t\t\t\t\t\t\"kms:Get*\",\n\t\t\t\t\t\t\"kms:Delete*\",\n\t\t\t\t\t\t\"kms:ScheduleKeyDeletion\",\n\t\t\t\t\t\t\"kms:CancelKeyDeletion\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow use of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:role/Developer\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:GenerateMac\",\n\t\t\t\t\t\t\"kms:VerifyMac\",\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"HMAC_384 key for tokens\"),\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"HMAC_384\"),\n\t\t\tKeyUsage: pulumi.String(\"GENERATE_VERIFY_MAC\"),\n\t\t\tEnableKeyRotation: pulumi.Bool(false),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"HMAC_384 key for tokens\")\n .customerMasterKeySpec(\"HMAC_384\")\n .keyUsage(\"GENERATE_VERIFY_MAC\")\n .enableKeyRotation(false)\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"key-default-1\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow administration of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:role/Admin\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:Create*\", \n \"kms:Describe*\", \n \"kms:Enable*\", \n \"kms:List*\", \n \"kms:Put*\", \n \"kms:Update*\", \n \"kms:Revoke*\", \n \"kms:Disable*\", \n \"kms:Get*\", \n \"kms:Delete*\", \n \"kms:ScheduleKeyDeletion\", \n \"kms:CancelKeyDeletion\"\n )),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow use of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:role/Developer\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:GenerateMac\", \n \"kms:VerifyMac\", \n \"kms:DescribeKey\"\n )),\n jsonProperty(\"Resource\", \"*\")\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: HMAC_384 key for tokens\n customerMasterKeySpec: HMAC_384\n keyUsage: GENERATE_VERIFY_MAC\n enableKeyRotation: false\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: key-default-1\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Action: kms:*\n Resource: '*'\n - Sid: Allow administration of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:role/Admin\n Action:\n - kms:Create*\n - kms:Describe*\n - kms:Enable*\n - kms:List*\n - kms:Put*\n - kms:Update*\n - kms:Revoke*\n - kms:Disable*\n - kms:Get*\n - kms:Delete*\n - kms:ScheduleKeyDeletion\n - kms:CancelKeyDeletion\n Resource: '*'\n - Sid: Allow use of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:role/Developer\n Action:\n - kms:GenerateMac\n - kms:VerifyMac\n - kms:DescribeKey\n Resource: '*'\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multi-Region Primary Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n description: \"An example multi-Region primary key\",\n multiRegion: true,\n enableKeyRotation: true,\n deletionWindowInDays: 10,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Id: \"key-default-1\",\n Statement: [\n {\n Sid: \"Enable IAM User Permissions\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Action: \"kms:*\",\n Resource: \"*\",\n },\n {\n Sid: \"Allow administration of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:user/Alice`),\n },\n Action: [\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n Resource: \"*\",\n },\n {\n Sid: \"Allow use of the key\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:user/Bob`),\n },\n Action: [\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n ],\n Resource: \"*\",\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n description=\"An example multi-Region primary key\",\n multi_region=True,\n enable_key_rotation=True,\n deletion_window_in_days=10,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default-1\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow administration of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:user/Alice\",\n },\n \"Action\": [\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n ],\n \"Resource\": \"*\",\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:user/Bob\",\n },\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n ],\n \"Resource\": \"*\",\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"An example multi-Region primary key\",\n MultiRegion = true,\n EnableKeyRotation = true,\n DeletionWindowInDays = 10,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"key-default-1\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Enable IAM User Permissions\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Action\"] = \"kms:*\",\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow administration of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:user/Alice\",\n },\n [\"Action\"] = new[]\n {\n \"kms:ReplicateKey\",\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\",\n },\n [\"Resource\"] = \"*\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Allow use of the key\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:user/Bob\",\n },\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey\",\n \"kms:GenerateDataKeyWithoutPlaintext\",\n },\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Id\": \"key-default-1\",\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow administration of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:user/Alice\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:ReplicateKey\",\n\t\t\t\t\t\t\"kms:Create*\",\n\t\t\t\t\t\t\"kms:Describe*\",\n\t\t\t\t\t\t\"kms:Enable*\",\n\t\t\t\t\t\t\"kms:List*\",\n\t\t\t\t\t\t\"kms:Put*\",\n\t\t\t\t\t\t\"kms:Update*\",\n\t\t\t\t\t\t\"kms:Revoke*\",\n\t\t\t\t\t\t\"kms:Disable*\",\n\t\t\t\t\t\t\"kms:Get*\",\n\t\t\t\t\t\t\"kms:Delete*\",\n\t\t\t\t\t\t\"kms:ScheduleKeyDeletion\",\n\t\t\t\t\t\t\"kms:CancelKeyDeletion\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Allow use of the key\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:user/Bob\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:Encrypt\",\n\t\t\t\t\t\t\"kms:Decrypt\",\n\t\t\t\t\t\t\"kms:ReEncrypt*\",\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t\t\"kms:GenerateDataKeyWithoutPlaintext\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"An example multi-Region primary key\"),\n\t\t\tMultiRegion: pulumi.Bool(true),\n\t\t\tEnableKeyRotation: pulumi.Bool(true),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"An example multi-Region primary key\")\n .multiRegion(true)\n .enableKeyRotation(true)\n .deletionWindowInDays(10)\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"key-default-1\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow administration of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:user/Alice\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:ReplicateKey\", \n \"kms:Create*\", \n \"kms:Describe*\", \n \"kms:Enable*\", \n \"kms:List*\", \n \"kms:Put*\", \n \"kms:Update*\", \n \"kms:Revoke*\", \n \"kms:Disable*\", \n \"kms:Get*\", \n \"kms:Delete*\", \n \"kms:ScheduleKeyDeletion\", \n \"kms:CancelKeyDeletion\"\n )),\n jsonProperty(\"Resource\", \"*\")\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Allow use of the key\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:user/Bob\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:Encrypt\", \n \"kms:Decrypt\", \n \"kms:ReEncrypt*\", \n \"kms:GenerateDataKey\", \n \"kms:GenerateDataKeyWithoutPlaintext\"\n )),\n jsonProperty(\"Resource\", \"*\")\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: An example multi-Region primary key\n multiRegion: true\n enableKeyRotation: true\n deletionWindowInDays: 10\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: key-default-1\n Statement:\n - Sid: Enable IAM User Permissions\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Action: kms:*\n Resource: '*'\n - Sid: Allow administration of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:user/Alice\n Action:\n - kms:ReplicateKey\n - kms:Create*\n - kms:Describe*\n - kms:Enable*\n - kms:List*\n - kms:Put*\n - kms:Update*\n - kms:Revoke*\n - kms:Disable*\n - kms:Get*\n - kms:Delete*\n - kms:ScheduleKeyDeletion\n - kms:CancelKeyDeletion\n Resource: '*'\n - Sid: Allow use of the key\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:user/Bob\n Action:\n - kms:DescribeKey\n - kms:Encrypt\n - kms:Decrypt\n - kms:ReEncrypt*\n - kms:GenerateDataKey\n - kms:GenerateDataKeyWithoutPlaintext\n Resource: '*'\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS Keys using the `id`. For example:\n\n```sh\n$ pulumi import aws:kms/key:Key a 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "customKeyStoreId": { "type": "string", "description": "ID of the KMS [Custom Key Store](https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html) where the key will be stored instead of KMS (eg CloudHSM).\n" }, "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_256`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\nIf the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) is enabled. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to `true`.\n" }, "keyId": { "type": "string", "description": "The globally unique identifier for the key.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT`, `SIGN_VERIFY`, or `GENERATE_VERIFY_MAC`.\nDefaults to `ENCRYPT_DECRYPT`.\n" }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" }, "rotationPeriodInDays": { "type": "integer", "description": "Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "xksKeyId": { "type": "string", "description": "Identifies the external key that serves as key material for the KMS key in an external key store.\n" } }, "required": [ "arn", "description", "keyId", "multiRegion", "policy", "rotationPeriodInDays", "tagsAll" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "customKeyStoreId": { "type": "string", "description": "ID of the KMS [Custom Key Store](https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html) where the key will be stored instead of KMS (eg CloudHSM).\n", "willReplaceOnChanges": true }, "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_256`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n", "willReplaceOnChanges": true }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\nIf the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) is enabled. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to `true`.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT`, `SIGN_VERIFY`, or `GENERATE_VERIFY_MAC`.\nDefaults to `ENCRYPT_DECRYPT`.\n", "willReplaceOnChanges": true }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" }, "rotationPeriodInDays": { "type": "integer", "description": "Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "xksKeyId": { "type": "string", "description": "Identifies the external key that serves as key material for the KMS key in an external key store.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Key resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the key.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "customKeyStoreId": { "type": "string", "description": "ID of the KMS [Custom Key Store](https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html) where the key will be stored instead of KMS (eg CloudHSM).\n", "willReplaceOnChanges": true }, "customerMasterKeySpec": { "type": "string", "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.\nValid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_256`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).\n", "willReplaceOnChanges": true }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\nIf the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n" }, "description": { "type": "string", "description": "The description of the key as viewed in AWS console.\n" }, "enableKeyRotation": { "type": "boolean", "description": "Specifies whether [key rotation](http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) is enabled. Defaults to `false`.\n" }, "isEnabled": { "type": "boolean", "description": "Specifies whether the key is enabled. Defaults to `true`.\n" }, "keyId": { "type": "string", "description": "The globally unique identifier for the key.\n" }, "keyUsage": { "type": "string", "description": "Specifies the intended use of the key. Valid values: `ENCRYPT_DECRYPT`, `SIGN_VERIFY`, or `GENERATE_VERIFY_MAC`.\nDefaults to `ENCRYPT_DECRYPT`.\n", "willReplaceOnChanges": true }, "multiRegion": { "type": "boolean", "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key. Defaults to `false`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" }, "rotationPeriodInDays": { "type": "integer", "description": "Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "xksKeyId": { "type": "string", "description": "Identifies the external key that serves as key material for the KMS key in an external key store.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:kms/keyPolicy:KeyPolicy": { "description": "Attaches a policy to a KMS Key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"example\"});\nconst exampleKeyPolicy = new aws.kms.KeyPolicy(\"example\", {\n keyId: example.id,\n policy: JSON.stringify({\n Id: \"example\",\n Statement: [{\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: \"*\",\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"example\")\nexample_key_policy = aws.kms.KeyPolicy(\"example\",\n key_id=example.id,\n policy=json.dumps({\n \"Id\": \"example\",\n \"Statement\": [{\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleKeyPolicy = new Aws.Kms.KeyPolicy(\"example\", new()\n {\n KeyId = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Id\"] = \"example\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Id\": \"example\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKeyPolicy(ctx, \"example\", \u0026kms.KeyPolicyArgs{\n\t\t\tKeyId: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KeyPolicy;\nimport com.pulumi.aws.kms.KeyPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"example\")\n .build());\n\n var exampleKeyPolicy = new KeyPolicy(\"exampleKeyPolicy\", KeyPolicyArgs.builder()\n .keyId(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Id\", \"example\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n exampleKeyPolicy:\n type: aws:kms:KeyPolicy\n name: example\n properties:\n keyId: ${example.id}\n policy:\n fn::toJSON:\n Id: example\n Statement:\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: '*'\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS Key Policies using the `key_id`. For example:\n\n```sh\n$ pulumi import aws:kms/keyPolicy:KeyPolicy a 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. If this value is set, and the resource is destroyed, a warning will be shown, and the resource will be removed from state.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\n" }, "keyId": { "type": "string", "description": "The ID of the KMS Key to attach the policy.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used. For more information about building policy documents, see the AWS IAM Policy Document Guide.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, or this resource is destroyed, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" } }, "required": [ "keyId", "policy" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. If this value is set, and the resource is destroyed, a warning will be shown, and the resource will be removed from state.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\n" }, "keyId": { "type": "string", "description": "The ID of the KMS Key to attach the policy.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used. For more information about building policy documents, see the AWS IAM Policy Document Guide.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, or this resource is destroyed, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" } }, "requiredInputs": [ "keyId", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyPolicy resources.\n", "properties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. If this value is set, and the resource is destroyed, a warning will be shown, and the resource will be removed from state.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\n" }, "keyId": { "type": "string", "description": "The ID of the KMS Key to attach the policy.\n" }, "policy": { "type": "string", "description": "A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws.iam.getPolicyDocument`, in the form that designates a principal, can be used. For more information about building policy documents, see the AWS IAM Policy Document Guide.\n\n\u003e **NOTE:** Note: All KMS keys must have a key policy. If a key policy is not specified, or this resource is destroyed, AWS gives the KMS key a [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) that gives all principals in the owning account unlimited access to all KMS operations for the key. This default key policy effectively delegates all access control to IAM policies and KMS grants.\n" } }, "type": "object" } }, "aws:kms/replicaExternalKey:ReplicaExternalKey": { "description": "Manages a KMS multi-Region replica key that uses external key material.\nSee the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-import.html) for more information on importing key material into multi-Region keys.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.kms.ExternalKey(\"primary\", {\n description: \"Multi-Region primary key\",\n deletionWindowInDays: 30,\n multiRegion: true,\n enabled: true,\n keyMaterialBase64: \"...\",\n});\nconst replica = new aws.kms.ReplicaExternalKey(\"replica\", {\n description: \"Multi-Region replica key\",\n deletionWindowInDays: 7,\n primaryKeyArn: primaryAwsKmsExternal.arn,\n keyMaterialBase64: \"...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.kms.ExternalKey(\"primary\",\n description=\"Multi-Region primary key\",\n deletion_window_in_days=30,\n multi_region=True,\n enabled=True,\n key_material_base64=\"...\")\nreplica = aws.kms.ReplicaExternalKey(\"replica\",\n description=\"Multi-Region replica key\",\n deletion_window_in_days=7,\n primary_key_arn=primary_aws_kms_external[\"arn\"],\n key_material_base64=\"...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Kms.ExternalKey(\"primary\", new()\n {\n Description = \"Multi-Region primary key\",\n DeletionWindowInDays = 30,\n MultiRegion = true,\n Enabled = true,\n KeyMaterialBase64 = \"...\",\n });\n\n var replica = new Aws.Kms.ReplicaExternalKey(\"replica\", new()\n {\n Description = \"Multi-Region replica key\",\n DeletionWindowInDays = 7,\n PrimaryKeyArn = primaryAwsKmsExternal.Arn,\n KeyMaterialBase64 = \"...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.NewExternalKey(ctx, \"primary\", \u0026kms.ExternalKeyArgs{\n\t\t\tDescription: pulumi.String(\"Multi-Region primary key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(30),\n\t\t\tMultiRegion: pulumi.Bool(true),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tKeyMaterialBase64: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewReplicaExternalKey(ctx, \"replica\", \u0026kms.ReplicaExternalKeyArgs{\n\t\t\tDescription: pulumi.String(\"Multi-Region replica key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPrimaryKeyArn: pulumi.Any(primaryAwsKmsExternal.Arn),\n\t\t\tKeyMaterialBase64: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.ExternalKey;\nimport com.pulumi.aws.kms.ExternalKeyArgs;\nimport com.pulumi.aws.kms.ReplicaExternalKey;\nimport com.pulumi.aws.kms.ReplicaExternalKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new ExternalKey(\"primary\", ExternalKeyArgs.builder()\n .description(\"Multi-Region primary key\")\n .deletionWindowInDays(30)\n .multiRegion(true)\n .enabled(true)\n .keyMaterialBase64(\"...\")\n .build());\n\n var replica = new ReplicaExternalKey(\"replica\", ReplicaExternalKeyArgs.builder()\n .description(\"Multi-Region replica key\")\n .deletionWindowInDays(7)\n .primaryKeyArn(primaryAwsKmsExternal.arn())\n .keyMaterialBase64(\"...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:kms:ExternalKey\n properties:\n description: Multi-Region primary key\n deletionWindowInDays: 30\n multiRegion: true\n enabled: true\n keyMaterialBase64: '...'\n replica:\n type: aws:kms:ReplicaExternalKey\n properties:\n description: Multi-Region replica key\n deletionWindowInDays: 7\n primaryKeyArn: ${primaryAwsKmsExternal.arn}\n keyMaterialBase64: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS multi-Region replica keys using the `id`. For example:\n\n```sh\n$ pulumi import aws:kms/replicaExternalKey:ReplicaExternalKey example 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyId": { "type": "string", "description": "The key ID of the replica key. Related multi-Region keys have the same key ID.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be [reimported](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material), but you cannot import different key material.\n", "secret": true }, "keyState": { "type": "string", "description": "The state of the replica key.\n" }, "keyUsage": { "type": "string", "description": "The [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. This is a shared property of multi-Region keys.\n" }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "required": [ "arn", "enabled", "expirationModel", "keyId", "keyState", "keyUsage", "policy", "primaryKeyArn", "tagsAll" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be [reimported](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material), but you cannot import different key material.\n", "secret": true, "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "requiredInputs": [ "primaryKeyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicaExternalKey resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be `false`. Imported keys default to `true` unless expired.\n" }, "expirationModel": { "type": "string", "description": "Whether the key material expires. Empty when pending key material import, otherwise `KEY_MATERIAL_EXPIRES` or `KEY_MATERIAL_DOES_NOT_EXPIRE`.\n" }, "keyId": { "type": "string", "description": "The key ID of the replica key. Related multi-Region keys have the same key ID.\n" }, "keyMaterialBase64": { "type": "string", "description": "Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be [reimported](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material), but you cannot import different key material.\n", "secret": true, "willReplaceOnChanges": true }, "keyState": { "type": "string", "description": "The state of the replica key.\n" }, "keyUsage": { "type": "string", "description": "The [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. This is a shared property of multi-Region keys.\n" }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validTo": { "type": "string", "description": "Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "type": "object" } }, "aws:kms/replicaKey:ReplicaKey": { "description": "Manages a KMS multi-Region replica key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.kms.Key(\"primary\", {\n description: \"Multi-Region primary key\",\n deletionWindowInDays: 30,\n multiRegion: true,\n});\nconst replica = new aws.kms.ReplicaKey(\"replica\", {\n description: \"Multi-Region replica key\",\n deletionWindowInDays: 7,\n primaryKeyArn: primary.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.kms.Key(\"primary\",\n description=\"Multi-Region primary key\",\n deletion_window_in_days=30,\n multi_region=True)\nreplica = aws.kms.ReplicaKey(\"replica\",\n description=\"Multi-Region replica key\",\n deletion_window_in_days=7,\n primary_key_arn=primary.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Kms.Key(\"primary\", new()\n {\n Description = \"Multi-Region primary key\",\n DeletionWindowInDays = 30,\n MultiRegion = true,\n });\n\n var replica = new Aws.Kms.ReplicaKey(\"replica\", new()\n {\n Description = \"Multi-Region replica key\",\n DeletionWindowInDays = 7,\n PrimaryKeyArn = primary.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := kms.NewKey(ctx, \"primary\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Multi-Region primary key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(30),\n\t\t\tMultiRegion: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewReplicaKey(ctx, \"replica\", \u0026kms.ReplicaKeyArgs{\n\t\t\tDescription: pulumi.String(\"Multi-Region replica key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPrimaryKeyArn: primary.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.ReplicaKey;\nimport com.pulumi.aws.kms.ReplicaKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Key(\"primary\", KeyArgs.builder()\n .description(\"Multi-Region primary key\")\n .deletionWindowInDays(30)\n .multiRegion(true)\n .build());\n\n var replica = new ReplicaKey(\"replica\", ReplicaKeyArgs.builder()\n .description(\"Multi-Region replica key\")\n .deletionWindowInDays(7)\n .primaryKeyArn(primary.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:kms:Key\n properties:\n description: Multi-Region primary key\n deletionWindowInDays: 30\n multiRegion: true\n replica:\n type: aws:kms:ReplicaKey\n properties:\n description: Multi-Region replica key\n deletionWindowInDays: 7\n primaryKeyArn: ${primary.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS multi-Region replica keys using the `id`. For example:\n\n```sh\n$ pulumi import aws:kms/replicaKey:ReplicaKey example 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is `true`.\n" }, "keyId": { "type": "string", "description": "The key ID of the replica key. Related multi-Region keys have the same key ID.\n" }, "keyRotationEnabled": { "type": "boolean", "description": "A Boolean value that specifies whether key rotation is enabled. This is a shared property of multi-Region keys.\n" }, "keySpec": { "type": "string", "description": "The type of key material in the KMS key. This is a shared property of multi-Region keys.\n" }, "keyUsage": { "type": "string", "description": "The [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. This is a shared property of multi-Region keys.\n" }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "keyId", "keyRotationEnabled", "keySpec", "keyUsage", "policy", "primaryKeyArn", "tagsAll" ], "inputProperties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is `true`.\n" }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "primaryKeyArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicaKey resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.\n" }, "bypassPolicyLockoutSafetyCheck": { "type": "boolean", "description": "A flag to indicate whether to bypass the key policy lockout safety check.\nSetting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\nFor more information, refer to the scenario in the [Default Key Policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the _AWS Key Management Service Developer Guide_.\nThe default value is `false`.\n" }, "deletionWindowInDays": { "type": "integer", "description": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.\nIf you specify a value, it must be between `7` and `30`, inclusive. If you do not specify a value, it defaults to `30`.\n" }, "description": { "type": "string", "description": "A description of the KMS key.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is `true`.\n" }, "keyId": { "type": "string", "description": "The key ID of the replica key. Related multi-Region keys have the same key ID.\n" }, "keyRotationEnabled": { "type": "boolean", "description": "A Boolean value that specifies whether key rotation is enabled. This is a shared property of multi-Region keys.\n" }, "keySpec": { "type": "string", "description": "The type of key material in the KMS key. This is a shared property of multi-Region keys.\n" }, "keyUsage": { "type": "string", "description": "The [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. This is a shared property of multi-Region keys.\n" }, "policy": { "type": "string", "description": "The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the [default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) to the KMS key.\n" }, "primaryKeyArn": { "type": "string", "description": "The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the replica key. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lakeformation/dataCellsFilter:DataCellsFilter": { "description": "Resource for managing an AWS Lake Formation Data Cells Filter.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.DataCellsFilter(\"example\", {tableData: {\n databaseName: test.name,\n name: \"example\",\n tableCatalogId: current.accountId,\n tableName: testAwsGlueCatalogTable.name,\n columnNames: [\"my_column\"],\n rowFilter: {\n filterExpression: \"my_column='example'\",\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.DataCellsFilter(\"example\", table_data={\n \"database_name\": test[\"name\"],\n \"name\": \"example\",\n \"table_catalog_id\": current[\"accountId\"],\n \"table_name\": test_aws_glue_catalog_table[\"name\"],\n \"column_names\": [\"my_column\"],\n \"row_filter\": {\n \"filter_expression\": \"my_column='example'\",\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.DataCellsFilter(\"example\", new()\n {\n TableData = new Aws.LakeFormation.Inputs.DataCellsFilterTableDataArgs\n {\n DatabaseName = test.Name,\n Name = \"example\",\n TableCatalogId = current.AccountId,\n TableName = testAwsGlueCatalogTable.Name,\n ColumnNames = new[]\n {\n \"my_column\",\n },\n RowFilter = new Aws.LakeFormation.Inputs.DataCellsFilterTableDataRowFilterArgs\n {\n FilterExpression = \"my_column='example'\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewDataCellsFilter(ctx, \"example\", \u0026lakeformation.DataCellsFilterArgs{\n\t\t\tTableData: \u0026lakeformation.DataCellsFilterTableDataArgs{\n\t\t\t\tDatabaseName: pulumi.Any(test.Name),\n\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\tTableCatalogId: pulumi.Any(current.AccountId),\n\t\t\t\tTableName: pulumi.Any(testAwsGlueCatalogTable.Name),\n\t\t\t\tColumnNames: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"my_column\"),\n\t\t\t\t},\n\t\t\t\tRowFilter: \u0026lakeformation.DataCellsFilterTableDataRowFilterArgs{\n\t\t\t\t\tFilterExpression: pulumi.String(\"my_column='example'\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.DataCellsFilter;\nimport com.pulumi.aws.lakeformation.DataCellsFilterArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataCellsFilterTableDataArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataCellsFilterTableDataRowFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataCellsFilter(\"example\", DataCellsFilterArgs.builder()\n .tableData(DataCellsFilterTableDataArgs.builder()\n .databaseName(test.name())\n .name(\"example\")\n .tableCatalogId(current.accountId())\n .tableName(testAwsGlueCatalogTable.name())\n .columnNames(\"my_column\")\n .rowFilter(DataCellsFilterTableDataRowFilterArgs.builder()\n .filterExpression(\"my_column='example'\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:DataCellsFilter\n properties:\n tableData:\n databaseName: ${test.name}\n name: example\n tableCatalogId: ${current.accountId}\n tableName: ${testAwsGlueCatalogTable.name}\n columnNames:\n - my_column\n rowFilter:\n filterExpression: my_column='example'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lake Formation Data Cells Filter using the `id`. For example:\n\n```sh\n$ pulumi import aws:lakeformation/dataCellsFilter:DataCellsFilter example database_name,name,table_catalog_id,table_name\n```\n", "properties": { "tableData": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableData:DataCellsFilterTableData", "description": "Information about the data cells filter. See Table Data below for details.\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTimeouts:DataCellsFilterTimeouts" } }, "inputProperties": { "tableData": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableData:DataCellsFilterTableData", "description": "Information about the data cells filter. See Table Data below for details.\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTimeouts:DataCellsFilterTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DataCellsFilter resources.\n", "properties": { "tableData": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTableData:DataCellsFilterTableData", "description": "Information about the data cells filter. See Table Data below for details.\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/DataCellsFilterTimeouts:DataCellsFilterTimeouts" } }, "type": "object" } }, "aws:lakeformation/dataLakeSettings:DataLakeSettings": { "description": "Manages Lake Formation principals designated as data lake administrators and lists of principal permission entries for default create database and default create table permissions.\n\n\u003e **NOTE:** Lake Formation introduces fine-grained access control for data in your data lake. Part of the changes include the `IAMAllowedPrincipals` principal in order to make Lake Formation backwards compatible with existing IAM and Glue permissions. For more information, see [Changing the Default Security Settings for Your Data Lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) and [Upgrading AWS Glue Data Permissions to the AWS Lake Formation Model](https://docs.aws.amazon.com/lake-formation/latest/dg/upgrade-glue-lake-formation.html).\n\n## Example Usage\n\n### Data Lake Admins\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.DataLakeSettings(\"example\", {admins: [\n test.arn,\n testAwsIamRole.arn,\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.DataLakeSettings(\"example\", admins=[\n test[\"arn\"],\n test_aws_iam_role[\"arn\"],\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.DataLakeSettings(\"example\", new()\n {\n Admins = new[]\n {\n test.Arn,\n testAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewDataLakeSettings(ctx, \"example\", \u0026lakeformation.DataLakeSettingsArgs{\n\t\t\tAdmins: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t\ttestAwsIamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.DataLakeSettings;\nimport com.pulumi.aws.lakeformation.DataLakeSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataLakeSettings(\"example\", DataLakeSettingsArgs.builder()\n .admins( \n test.arn(),\n testAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:DataLakeSettings\n properties:\n admins:\n - ${test.arn}\n - ${testAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create Default Permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.DataLakeSettings(\"example\", {\n admins: [\n test.arn,\n testAwsIamRole.arn,\n ],\n createDatabaseDefaultPermissions: [{\n permissions: [\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n ],\n principal: test.arn,\n }],\n createTableDefaultPermissions: [{\n permissions: [\"ALL\"],\n principal: testAwsIamRole.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.DataLakeSettings(\"example\",\n admins=[\n test[\"arn\"],\n test_aws_iam_role[\"arn\"],\n ],\n create_database_default_permissions=[{\n \"permissions\": [\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n ],\n \"principal\": test[\"arn\"],\n }],\n create_table_default_permissions=[{\n \"permissions\": [\"ALL\"],\n \"principal\": test_aws_iam_role[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.DataLakeSettings(\"example\", new()\n {\n Admins = new[]\n {\n test.Arn,\n testAwsIamRole.Arn,\n },\n CreateDatabaseDefaultPermissions = new[]\n {\n new Aws.LakeFormation.Inputs.DataLakeSettingsCreateDatabaseDefaultPermissionArgs\n {\n Permissions = new[]\n {\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n },\n Principal = test.Arn,\n },\n },\n CreateTableDefaultPermissions = new[]\n {\n new Aws.LakeFormation.Inputs.DataLakeSettingsCreateTableDefaultPermissionArgs\n {\n Permissions = new[]\n {\n \"ALL\",\n },\n Principal = testAwsIamRole.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewDataLakeSettings(ctx, \"example\", \u0026lakeformation.DataLakeSettingsArgs{\n\t\t\tAdmins: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t\ttestAwsIamRole.Arn,\n\t\t\t},\n\t\t\tCreateDatabaseDefaultPermissions: lakeformation.DataLakeSettingsCreateDatabaseDefaultPermissionArray{\n\t\t\t\t\u0026lakeformation.DataLakeSettingsCreateDatabaseDefaultPermissionArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SELECT\"),\n\t\t\t\t\t\tpulumi.String(\"ALTER\"),\n\t\t\t\t\t\tpulumi.String(\"DROP\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(test.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tCreateTableDefaultPermissions: lakeformation.DataLakeSettingsCreateTableDefaultPermissionArray{\n\t\t\t\t\u0026lakeformation.DataLakeSettingsCreateTableDefaultPermissionArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ALL\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(testAwsIamRole.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.DataLakeSettings;\nimport com.pulumi.aws.lakeformation.DataLakeSettingsArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataLakeSettingsCreateDatabaseDefaultPermissionArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataLakeSettingsCreateTableDefaultPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataLakeSettings(\"example\", DataLakeSettingsArgs.builder()\n .admins( \n test.arn(),\n testAwsIamRole.arn())\n .createDatabaseDefaultPermissions(DataLakeSettingsCreateDatabaseDefaultPermissionArgs.builder()\n .permissions( \n \"SELECT\",\n \"ALTER\",\n \"DROP\")\n .principal(test.arn())\n .build())\n .createTableDefaultPermissions(DataLakeSettingsCreateTableDefaultPermissionArgs.builder()\n .permissions(\"ALL\")\n .principal(testAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:DataLakeSettings\n properties:\n admins:\n - ${test.arn}\n - ${testAwsIamRole.arn}\n createDatabaseDefaultPermissions:\n - permissions:\n - SELECT\n - ALTER\n - DROP\n principal: ${test.arn}\n createTableDefaultPermissions:\n - permissions:\n - ALL\n principal: ${testAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable EMR access to LakeFormation resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.DataLakeSettings(\"example\", {\n admins: [\n test.arn,\n testAwsIamRole.arn,\n ],\n createDatabaseDefaultPermissions: [{\n permissions: [\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n ],\n principal: test.arn,\n }],\n createTableDefaultPermissions: [{\n permissions: [\"ALL\"],\n principal: testAwsIamRole.arn,\n }],\n allowExternalDataFiltering: true,\n externalDataFilteringAllowLists: [\n current.accountId,\n thirdParty.accountId,\n ],\n authorizedSessionTagValueLists: [\"Amazon EMR\"],\n allowFullTableExternalDataAccess: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.DataLakeSettings(\"example\",\n admins=[\n test[\"arn\"],\n test_aws_iam_role[\"arn\"],\n ],\n create_database_default_permissions=[{\n \"permissions\": [\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n ],\n \"principal\": test[\"arn\"],\n }],\n create_table_default_permissions=[{\n \"permissions\": [\"ALL\"],\n \"principal\": test_aws_iam_role[\"arn\"],\n }],\n allow_external_data_filtering=True,\n external_data_filtering_allow_lists=[\n current[\"accountId\"],\n third_party[\"accountId\"],\n ],\n authorized_session_tag_value_lists=[\"Amazon EMR\"],\n allow_full_table_external_data_access=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.DataLakeSettings(\"example\", new()\n {\n Admins = new[]\n {\n test.Arn,\n testAwsIamRole.Arn,\n },\n CreateDatabaseDefaultPermissions = new[]\n {\n new Aws.LakeFormation.Inputs.DataLakeSettingsCreateDatabaseDefaultPermissionArgs\n {\n Permissions = new[]\n {\n \"SELECT\",\n \"ALTER\",\n \"DROP\",\n },\n Principal = test.Arn,\n },\n },\n CreateTableDefaultPermissions = new[]\n {\n new Aws.LakeFormation.Inputs.DataLakeSettingsCreateTableDefaultPermissionArgs\n {\n Permissions = new[]\n {\n \"ALL\",\n },\n Principal = testAwsIamRole.Arn,\n },\n },\n AllowExternalDataFiltering = true,\n ExternalDataFilteringAllowLists = new[]\n {\n current.AccountId,\n thirdParty.AccountId,\n },\n AuthorizedSessionTagValueLists = new[]\n {\n \"Amazon EMR\",\n },\n AllowFullTableExternalDataAccess = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewDataLakeSettings(ctx, \"example\", \u0026lakeformation.DataLakeSettingsArgs{\n\t\t\tAdmins: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t\ttestAwsIamRole.Arn,\n\t\t\t},\n\t\t\tCreateDatabaseDefaultPermissions: lakeformation.DataLakeSettingsCreateDatabaseDefaultPermissionArray{\n\t\t\t\t\u0026lakeformation.DataLakeSettingsCreateDatabaseDefaultPermissionArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SELECT\"),\n\t\t\t\t\t\tpulumi.String(\"ALTER\"),\n\t\t\t\t\t\tpulumi.String(\"DROP\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(test.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tCreateTableDefaultPermissions: lakeformation.DataLakeSettingsCreateTableDefaultPermissionArray{\n\t\t\t\t\u0026lakeformation.DataLakeSettingsCreateTableDefaultPermissionArgs{\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ALL\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(testAwsIamRole.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAllowExternalDataFiltering: pulumi.Bool(true),\n\t\t\tExternalDataFilteringAllowLists: pulumi.StringArray{\n\t\t\t\tcurrent.AccountId,\n\t\t\t\tthirdParty.AccountId,\n\t\t\t},\n\t\t\tAuthorizedSessionTagValueLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Amazon EMR\"),\n\t\t\t},\n\t\t\tAllowFullTableExternalDataAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.DataLakeSettings;\nimport com.pulumi.aws.lakeformation.DataLakeSettingsArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataLakeSettingsCreateDatabaseDefaultPermissionArgs;\nimport com.pulumi.aws.lakeformation.inputs.DataLakeSettingsCreateTableDefaultPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataLakeSettings(\"example\", DataLakeSettingsArgs.builder()\n .admins( \n test.arn(),\n testAwsIamRole.arn())\n .createDatabaseDefaultPermissions(DataLakeSettingsCreateDatabaseDefaultPermissionArgs.builder()\n .permissions( \n \"SELECT\",\n \"ALTER\",\n \"DROP\")\n .principal(test.arn())\n .build())\n .createTableDefaultPermissions(DataLakeSettingsCreateTableDefaultPermissionArgs.builder()\n .permissions(\"ALL\")\n .principal(testAwsIamRole.arn())\n .build())\n .allowExternalDataFiltering(true)\n .externalDataFilteringAllowLists( \n current.accountId(),\n thirdParty.accountId())\n .authorizedSessionTagValueLists(\"Amazon EMR\")\n .allowFullTableExternalDataAccess(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:DataLakeSettings\n properties:\n admins:\n - ${test.arn}\n - ${testAwsIamRole.arn}\n createDatabaseDefaultPermissions:\n - permissions:\n - SELECT\n - ALTER\n - DROP\n principal: ${test.arn}\n createTableDefaultPermissions:\n - permissions:\n - ALL\n principal: ${testAwsIamRole.arn}\n allowExternalDataFiltering: true\n externalDataFilteringAllowLists:\n - ${current.accountId}\n - ${thirdParty.accountId}\n authorizedSessionTagValueLists:\n - Amazon EMR\n allowFullTableExternalDataAccess: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "admins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles).\n" }, "allowExternalDataFiltering": { "type": "boolean", "description": "Whether to allow Amazon EMR clusters to access data managed by Lake Formation.\n" }, "allowFullTableExternalDataAccess": { "type": "boolean", "description": "Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.\n\n\u003e **NOTE:** Although optional, not including `admins`, `create_database_default_permissions`, `create_table_default_permissions`, and/or `trusted_resource_owners` results in the setting being cleared.\n" }, "authorizedSessionTagValueLists": { "type": "array", "items": { "type": "string" }, "description": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.\n" }, "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID.\n" }, "createDatabaseDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateDatabaseDefaultPermission:DataLakeSettingsCreateDatabaseDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create database permissions. Detailed below.\n" }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateTableDefaultPermission:DataLakeSettingsCreateTableDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create table permissions. Detailed below.\n" }, "externalDataFilteringAllowLists": { "type": "array", "items": { "type": "string" }, "description": "A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.\n" }, "readOnlyAdmins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles) with only view access to the resources.\n" }, "trustedResourceOwners": { "type": "array", "items": { "type": "string" }, "description": "List of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).\n" } }, "required": [ "admins", "authorizedSessionTagValueLists", "createDatabaseDefaultPermissions", "createTableDefaultPermissions", "externalDataFilteringAllowLists", "readOnlyAdmins", "trustedResourceOwners" ], "inputProperties": { "admins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles).\n" }, "allowExternalDataFiltering": { "type": "boolean", "description": "Whether to allow Amazon EMR clusters to access data managed by Lake Formation.\n" }, "allowFullTableExternalDataAccess": { "type": "boolean", "description": "Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.\n\n\u003e **NOTE:** Although optional, not including `admins`, `create_database_default_permissions`, `create_table_default_permissions`, and/or `trusted_resource_owners` results in the setting being cleared.\n" }, "authorizedSessionTagValueLists": { "type": "array", "items": { "type": "string" }, "description": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.\n" }, "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID.\n", "willReplaceOnChanges": true }, "createDatabaseDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateDatabaseDefaultPermission:DataLakeSettingsCreateDatabaseDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create database permissions. Detailed below.\n" }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateTableDefaultPermission:DataLakeSettingsCreateTableDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create table permissions. Detailed below.\n" }, "externalDataFilteringAllowLists": { "type": "array", "items": { "type": "string" }, "description": "A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.\n" }, "readOnlyAdmins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles) with only view access to the resources.\n" }, "trustedResourceOwners": { "type": "array", "items": { "type": "string" }, "description": "List of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering DataLakeSettings resources.\n", "properties": { "admins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles).\n" }, "allowExternalDataFiltering": { "type": "boolean", "description": "Whether to allow Amazon EMR clusters to access data managed by Lake Formation.\n" }, "allowFullTableExternalDataAccess": { "type": "boolean", "description": "Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.\n\n\u003e **NOTE:** Although optional, not including `admins`, `create_database_default_permissions`, `create_table_default_permissions`, and/or `trusted_resource_owners` results in the setting being cleared.\n" }, "authorizedSessionTagValueLists": { "type": "array", "items": { "type": "string" }, "description": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.\n" }, "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID.\n", "willReplaceOnChanges": true }, "createDatabaseDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateDatabaseDefaultPermission:DataLakeSettingsCreateDatabaseDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create database permissions. Detailed below.\n" }, "createTableDefaultPermissions": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/DataLakeSettingsCreateTableDefaultPermission:DataLakeSettingsCreateTableDefaultPermission" }, "description": "Up to three configuration blocks of principal permissions for default create table permissions. Detailed below.\n" }, "externalDataFilteringAllowLists": { "type": "array", "items": { "type": "string" }, "description": "A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.\n" }, "readOnlyAdmins": { "type": "array", "items": { "type": "string" }, "description": "Set of ARNs of AWS Lake Formation principals (IAM users or roles) with only view access to the resources.\n" }, "trustedResourceOwners": { "type": "array", "items": { "type": "string" }, "description": "List of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).\n" } }, "type": "object" } }, "aws:lakeformation/lfTag:LfTag": { "description": "Creates an LF-Tag with the specified name and values. Each key must have at least one value. The maximum number of values permitted is 1000.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.LfTag(\"example\", {\n key: \"module\",\n values: [\n \"Orders\",\n \"Sales\",\n \"Customers\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.LfTag(\"example\",\n key=\"module\",\n values=[\n \"Orders\",\n \"Sales\",\n \"Customers\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.LfTag(\"example\", new()\n {\n Key = \"module\",\n Values = new[]\n {\n \"Orders\",\n \"Sales\",\n \"Customers\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewLfTag(ctx, \"example\", \u0026lakeformation.LfTagArgs{\n\t\t\tKey: pulumi.String(\"module\"),\n\t\t\tValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Orders\"),\n\t\t\t\tpulumi.String(\"Sales\"),\n\t\t\t\tpulumi.String(\"Customers\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LfTag;\nimport com.pulumi.aws.lakeformation.LfTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LfTag(\"example\", LfTagArgs.builder()\n .key(\"module\")\n .values( \n \"Orders\",\n \"Sales\",\n \"Customers\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:LfTag\n properties:\n key: module\n values:\n - Orders\n - Sales\n - Customers\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lake Formation LF-Tags using the `catalog_id:key`. If you have not set a Catalog ID specify the AWS Account ID that the database is in. For example:\n\n```sh\n$ pulumi import aws:lakeformation/lfTag:LfTag example 123456789012:some_key\n```\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog to create the tag in. If omitted, this defaults to the AWS Account ID.\n" }, "key": { "type": "string", "description": "Key-name for the tag.\n" }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of possible values an attribute can take.\n" } }, "required": [ "catalogId", "key", "values" ], "inputProperties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog to create the tag in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "Key-name for the tag.\n", "willReplaceOnChanges": true }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of possible values an attribute can take.\n" } }, "requiredInputs": [ "key", "values" ], "stateInputs": { "description": "Input properties used for looking up and filtering LfTag resources.\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog to create the tag in. If omitted, this defaults to the AWS Account ID.\n", "willReplaceOnChanges": true }, "key": { "type": "string", "description": "Key-name for the tag.\n", "willReplaceOnChanges": true }, "values": { "type": "array", "items": { "type": "string" }, "description": "List of possible values an attribute can take.\n" } }, "type": "object" } }, "aws:lakeformation/permissions:Permissions": { "description": "Grants permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. Permissions are granted to a principal, in a Data Catalog, relative to a Lake Formation resource, which includes the Data Catalog, databases, tables, LF-tags, and LF-tag policies. For more information, see [Security and Access Control to Metadata and Data in Lake Formation](https://docs.aws.amazon.com/lake-formation/latest/dg/security-data-access.html).\n\n!\u003e **WARNING:** Lake Formation permissions are not in effect by default within AWS. Using this resource will not secure your data and will result in errors if you do not change the security settings for existing resources and the default security settings for new resources. See Default Behavior and `IAMAllowedPrincipals` for additional details.\n\n\u003e **NOTE:** In general, the `principal` should _NOT_ be a Lake Formation administrator or the entity (e.g., IAM role) that is running the deployment. Administrators have implicit permissions. These should be managed by granting or not granting administrator rights using `aws.lakeformation.DataLakeSettings`, _not_ with this resource.\n\n## Default Behavior and `IAMAllowedPrincipals`\n\n**_Lake Formation permissions are not in effect by default within AWS._** `IAMAllowedPrincipals` (i.e., `IAM_ALLOWED_PRINCIPALS`) conflicts with individual Lake Formation permissions (i.e., non-`IAMAllowedPrincipals` permissions), will cause unexpected behavior, and may result in errors.\n\nWhen using Lake Formation, choose ONE of the following options as they are mutually exclusive:\n\n1. Use this resource (`aws.lakeformation.Permissions`), change the default security settings using `aws.lakeformation.DataLakeSettings`, and remove existing `IAMAllowedPrincipals` permissions\n2. Use `IAMAllowedPrincipals` without `aws.lakeformation.Permissions`\n\nThis example shows removing the `IAMAllowedPrincipals` default security settings and making the caller a Lake Formation admin. Since `create_database_default_permissions` and `create_table_default_permissions` are not set in the `aws.lakeformation.DataLakeSettings` resource, they are cleared.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetSessionContext = current.then(current =\u003e aws.iam.getSessionContext({\n arn: current.arn,\n}));\nconst test = new aws.lakeformation.DataLakeSettings(\"test\", {admins: [currentGetSessionContext.then(currentGetSessionContext =\u003e currentGetSessionContext.issuerArn)]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_session_context = aws.iam.get_session_context(arn=current.arn)\ntest = aws.lakeformation.DataLakeSettings(\"test\", admins=[current_get_session_context.issuer_arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetSessionContext = Aws.Iam.GetSessionContext.Invoke(new()\n {\n Arn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n });\n\n var test = new Aws.LakeFormation.DataLakeSettings(\"test\", new()\n {\n Admins = new[]\n {\n currentGetSessionContext.Apply(getSessionContextResult =\u003e getSessionContextResult.IssuerArn),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetSessionContext, err := iam.GetSessionContext(ctx, \u0026iam.GetSessionContextArgs{\n\t\t\tArn: current.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewDataLakeSettings(ctx, \"test\", \u0026lakeformation.DataLakeSettingsArgs{\n\t\t\tAdmins: pulumi.StringArray{\n\t\t\t\tpulumi.String(currentGetSessionContext.IssuerArn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetSessionContextArgs;\nimport com.pulumi.aws.lakeformation.DataLakeSettings;\nimport com.pulumi.aws.lakeformation.DataLakeSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetSessionContext = IamFunctions.getSessionContext(GetSessionContextArgs.builder()\n .arn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .build());\n\n var test = new DataLakeSettings(\"test\", DataLakeSettingsArgs.builder()\n .admins(currentGetSessionContext.applyValue(getSessionContextResult -\u003e getSessionContextResult.issuerArn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lakeformation:DataLakeSettings\n properties:\n admins:\n - ${currentGetSessionContext.issuerArn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetSessionContext:\n fn::invoke:\n Function: aws:iam:getSessionContext\n Arguments:\n arn: ${current.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo remove existing `IAMAllowedPrincipals` permissions, use the [AWS Lake Formation Console](https://console.aws.amazon.com/lakeformation/) or [AWS CLI](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lakeformation/batch-revoke-permissions.html).\n\n`IAMAllowedPrincipals` is a hook to maintain backwards compatibility with AWS Glue. `IAMAllowedPrincipals` is a pseudo-entity group that acts like a Lake Formation principal. The group includes any IAM users and roles that are allowed access to your Data Catalog resources by your IAM policies.\n\nThis is Lake Formation's default behavior:\n\n* Lake Formation grants `Super` permission to `IAMAllowedPrincipals` on all existing AWS Glue Data Catalog resources.\n* Lake Formation enables \"Use only IAM access control\" for new Data Catalog resources.\n\nFor more details, see [Changing the Default Security Settings for Your Data Lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html).\n\n### Problem Using `IAMAllowedPrincipals`\n\nAWS does not support combining `IAMAllowedPrincipals` permissions and non-`IAMAllowedPrincipals` permissions. Doing so results in unexpected permissions and behaviors. For example, this configuration grants a user `SELECT` on a column in a table.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.CatalogDatabase(\"example\", {name: \"sadabate\"});\nconst exampleCatalogTable = new aws.glue.CatalogTable(\"example\", {\n name: \"abelt\",\n databaseName: test.name,\n storageDescriptor: {\n columns: [{\n name: \"event\",\n type: \"string\",\n }],\n },\n});\nconst examplePermissions = new aws.lakeformation.Permissions(\"example\", {\n permissions: [\"SELECT\"],\n principal: \"arn:aws:iam:us-east-1:123456789012:user/SanHolo\",\n tableWithColumns: {\n databaseName: exampleCatalogTable.databaseName,\n name: exampleCatalogTable.name,\n columnNames: [\"event\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.CatalogDatabase(\"example\", name=\"sadabate\")\nexample_catalog_table = aws.glue.CatalogTable(\"example\",\n name=\"abelt\",\n database_name=test[\"name\"],\n storage_descriptor={\n \"columns\": [{\n \"name\": \"event\",\n \"type\": \"string\",\n }],\n })\nexample_permissions = aws.lakeformation.Permissions(\"example\",\n permissions=[\"SELECT\"],\n principal=\"arn:aws:iam:us-east-1:123456789012:user/SanHolo\",\n table_with_columns={\n \"database_name\": example_catalog_table.database_name,\n \"name\": example_catalog_table.name,\n \"column_names\": [\"event\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.CatalogDatabase(\"example\", new()\n {\n Name = \"sadabate\",\n });\n\n var exampleCatalogTable = new Aws.Glue.CatalogTable(\"example\", new()\n {\n Name = \"abelt\",\n DatabaseName = test.Name,\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"event\",\n Type = \"string\",\n },\n },\n },\n });\n\n var examplePermissions = new Aws.LakeFormation.Permissions(\"example\", new()\n {\n PermissionDetails = new[]\n {\n \"SELECT\",\n },\n Principal = \"arn:aws:iam:us-east-1:123456789012:user/SanHolo\",\n TableWithColumns = new Aws.LakeFormation.Inputs.PermissionsTableWithColumnsArgs\n {\n DatabaseName = exampleCatalogTable.DatabaseName,\n Name = exampleCatalogTable.Name,\n ColumnNames = new[]\n {\n \"event\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCatalogDatabase(ctx, \"example\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"sadabate\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCatalogTable, err := glue.NewCatalogTable(ctx, \"example\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"abelt\"),\n\t\t\tDatabaseName: pulumi.Any(test.Name),\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"event\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewPermissions(ctx, \"example\", \u0026lakeformation.PermissionsArgs{\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SELECT\"),\n\t\t\t},\n\t\t\tPrincipal: pulumi.String(\"arn:aws:iam:us-east-1:123456789012:user/SanHolo\"),\n\t\t\tTableWithColumns: \u0026lakeformation.PermissionsTableWithColumnsArgs{\n\t\t\t\tDatabaseName: exampleCatalogTable.DatabaseName,\n\t\t\t\tName: exampleCatalogTable.Name,\n\t\t\t\tColumnNames: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"event\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.lakeformation.Permissions;\nimport com.pulumi.aws.lakeformation.PermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.PermissionsTableWithColumnsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CatalogDatabase(\"example\", CatalogDatabaseArgs.builder()\n .name(\"sadabate\")\n .build());\n\n var exampleCatalogTable = new CatalogTable(\"exampleCatalogTable\", CatalogTableArgs.builder()\n .name(\"abelt\")\n .databaseName(test.name())\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .columns(CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"event\")\n .type(\"string\")\n .build())\n .build())\n .build());\n\n var examplePermissions = new Permissions(\"examplePermissions\", PermissionsArgs.builder()\n .permissions(\"SELECT\")\n .principal(\"arn:aws:iam:us-east-1:123456789012:user/SanHolo\")\n .tableWithColumns(PermissionsTableWithColumnsArgs.builder()\n .databaseName(exampleCatalogTable.databaseName())\n .name(exampleCatalogTable.name())\n .columnNames(\"event\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:CatalogDatabase\n properties:\n name: sadabate\n exampleCatalogTable:\n type: aws:glue:CatalogTable\n name: example\n properties:\n name: abelt\n databaseName: ${test.name}\n storageDescriptor:\n columns:\n - name: event\n type: string\n examplePermissions:\n type: aws:lakeformation:Permissions\n name: example\n properties:\n permissions:\n - SELECT\n principal: arn:aws:iam:us-east-1:123456789012:user/SanHolo\n tableWithColumns:\n databaseName: ${exampleCatalogTable.databaseName}\n name: ${exampleCatalogTable.name}\n columnNames:\n - event\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe resulting permissions depend on whether the table had `IAMAllowedPrincipals` (IAP) permissions or not.\n\n| Result With IAP | Result Without IAP |\n| ---- | ---- |\n| `SELECT` column wildcard (i.e., all columns) | `SELECT` on `\"event\"` (as expected) |\n\n## Using Lake Formation Permissions\n\nLake Formation grants implicit permissions to data lake administrators, database creators, and table creators. These implicit permissions cannot be revoked _per se_. If this resource reads implicit permissions, it will attempt to revoke them, which causes an error when the resource is destroyed.\n\nThere are two ways to avoid these errors. First, and the way we recommend, is to avoid using this resource with principals that have implicit permissions. A second, error-prone option, is to grant explicit permissions (and `permissions_with_grant_option`) to \"overwrite\" a principal's implicit permissions, which you can then revoke with this resource. For more information, see [Implicit Lake Formation Permissions](https://docs.aws.amazon.com/lake-formation/latest/dg/implicit-permissions.html).\n\nIf the `principal` is also a data lake administrator, AWS grants implicit permissions that can cause errors using this resource. For example, AWS implicitly grants a `principal`/administrator `permissions` and `permissions_with_grant_option` of `ALL`, `ALTER`, `DELETE`, `DESCRIBE`, `DROP`, `INSERT`, and `SELECT` on a table. If you use this resource to explicitly grant the `principal`/administrator `permissions` but _not_ `permissions_with_grant_option` of `ALL`, `ALTER`, `DELETE`, `DESCRIBE`, `DROP`, `INSERT`, and `SELECT` on the table, this resource will read the implicit `permissions_with_grant_option` and attempt to revoke them when the resource is destroyed. Doing so will cause an `InvalidInputException: No permissions revoked` error because you cannot revoke implicit permissions _per se_. To workaround this problem, explicitly grant the `principal`/administrator `permissions` _and_ `permissions_with_grant_option`, which can then be revoked. Similarly, granting a `principal`/administrator permissions on a table with columns and providing `column_names`, will result in a `InvalidInputException: Permissions modification is invalid` error because you are narrowing the implicit permissions. Instead, set `wildcard` to `true` and remove the `column_names`.\n\n## Example Usage\n\n### Grant Permissions For A Lake Formation S3 Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.Permissions(\"example\", {\n principal: workflowRole.arn,\n permissions: [\"DATA_LOCATION_ACCESS\"],\n dataLocation: {\n arn: exampleAwsLakeformationResource.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.Permissions(\"example\",\n principal=workflow_role[\"arn\"],\n permissions=[\"DATA_LOCATION_ACCESS\"],\n data_location={\n \"arn\": example_aws_lakeformation_resource[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.Permissions(\"example\", new()\n {\n Principal = workflowRole.Arn,\n PermissionDetails = new[]\n {\n \"DATA_LOCATION_ACCESS\",\n },\n DataLocation = new Aws.LakeFormation.Inputs.PermissionsDataLocationArgs\n {\n Arn = exampleAwsLakeformationResource.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewPermissions(ctx, \"example\", \u0026lakeformation.PermissionsArgs{\n\t\t\tPrincipal: pulumi.Any(workflowRole.Arn),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"DATA_LOCATION_ACCESS\"),\n\t\t\t},\n\t\t\tDataLocation: \u0026lakeformation.PermissionsDataLocationArgs{\n\t\t\t\tArn: pulumi.Any(exampleAwsLakeformationResource.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.Permissions;\nimport com.pulumi.aws.lakeformation.PermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.PermissionsDataLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Permissions(\"example\", PermissionsArgs.builder()\n .principal(workflowRole.arn())\n .permissions(\"DATA_LOCATION_ACCESS\")\n .dataLocation(PermissionsDataLocationArgs.builder()\n .arn(exampleAwsLakeformationResource.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:Permissions\n properties:\n principal: ${workflowRole.arn}\n permissions:\n - DATA_LOCATION_ACCESS\n dataLocation:\n arn: ${exampleAwsLakeformationResource.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant Permissions For A Glue Catalog Database\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.Permissions(\"example\", {\n principal: workflowRole.arn,\n permissions: [\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n ],\n database: {\n name: exampleAwsGlueCatalogDatabase.name,\n catalogId: \"110376042874\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.Permissions(\"example\",\n principal=workflow_role[\"arn\"],\n permissions=[\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n ],\n database={\n \"name\": example_aws_glue_catalog_database[\"name\"],\n \"catalog_id\": \"110376042874\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.Permissions(\"example\", new()\n {\n Principal = workflowRole.Arn,\n PermissionDetails = new[]\n {\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n },\n Database = new Aws.LakeFormation.Inputs.PermissionsDatabaseArgs\n {\n Name = exampleAwsGlueCatalogDatabase.Name,\n CatalogId = \"110376042874\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewPermissions(ctx, \"example\", \u0026lakeformation.PermissionsArgs{\n\t\t\tPrincipal: pulumi.Any(workflowRole.Arn),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE_TABLE\"),\n\t\t\t\tpulumi.String(\"ALTER\"),\n\t\t\t\tpulumi.String(\"DROP\"),\n\t\t\t},\n\t\t\tDatabase: \u0026lakeformation.PermissionsDatabaseArgs{\n\t\t\t\tName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t\tCatalogId: pulumi.String(\"110376042874\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.Permissions;\nimport com.pulumi.aws.lakeformation.PermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.PermissionsDatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Permissions(\"example\", PermissionsArgs.builder()\n .principal(workflowRole.arn())\n .permissions( \n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\")\n .database(PermissionsDatabaseArgs.builder()\n .name(exampleAwsGlueCatalogDatabase.name())\n .catalogId(\"110376042874\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:Permissions\n properties:\n principal: ${workflowRole.arn}\n permissions:\n - CREATE_TABLE\n - ALTER\n - DROP\n database:\n name: ${exampleAwsGlueCatalogDatabase.name}\n catalogId: '110376042874'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant Permissions Using Tag-Based Access Control\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lakeformation.Permissions(\"test\", {\n principal: salesRole.arn,\n permissions: [\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n ],\n lfTagPolicy: {\n resourceType: \"DATABASE\",\n expressions: [\n {\n key: \"Team\",\n values: [\"Sales\"],\n },\n {\n key: \"Environment\",\n values: [\n \"Dev\",\n \"Production\",\n ],\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lakeformation.Permissions(\"test\",\n principal=sales_role[\"arn\"],\n permissions=[\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n ],\n lf_tag_policy={\n \"resource_type\": \"DATABASE\",\n \"expressions\": [\n {\n \"key\": \"Team\",\n \"values\": [\"Sales\"],\n },\n {\n \"key\": \"Environment\",\n \"values\": [\n \"Dev\",\n \"Production\",\n ],\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LakeFormation.Permissions(\"test\", new()\n {\n Principal = salesRole.Arn,\n PermissionDetails = new[]\n {\n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\",\n },\n LfTagPolicy = new Aws.LakeFormation.Inputs.PermissionsLfTagPolicyArgs\n {\n ResourceType = \"DATABASE\",\n Expressions = new[]\n {\n new Aws.LakeFormation.Inputs.PermissionsLfTagPolicyExpressionArgs\n {\n Key = \"Team\",\n Values = new[]\n {\n \"Sales\",\n },\n },\n new Aws.LakeFormation.Inputs.PermissionsLfTagPolicyExpressionArgs\n {\n Key = \"Environment\",\n Values = new[]\n {\n \"Dev\",\n \"Production\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewPermissions(ctx, \"test\", \u0026lakeformation.PermissionsArgs{\n\t\t\tPrincipal: pulumi.Any(salesRole.Arn),\n\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE_TABLE\"),\n\t\t\t\tpulumi.String(\"ALTER\"),\n\t\t\t\tpulumi.String(\"DROP\"),\n\t\t\t},\n\t\t\tLfTagPolicy: \u0026lakeformation.PermissionsLfTagPolicyArgs{\n\t\t\t\tResourceType: pulumi.String(\"DATABASE\"),\n\t\t\t\tExpressions: lakeformation.PermissionsLfTagPolicyExpressionArray{\n\t\t\t\t\t\u0026lakeformation.PermissionsLfTagPolicyExpressionArgs{\n\t\t\t\t\t\tKey: pulumi.String(\"Team\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Sales\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026lakeformation.PermissionsLfTagPolicyExpressionArgs{\n\t\t\t\t\t\tKey: pulumi.String(\"Environment\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Dev\"),\n\t\t\t\t\t\t\tpulumi.String(\"Production\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.Permissions;\nimport com.pulumi.aws.lakeformation.PermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.PermissionsLfTagPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Permissions(\"test\", PermissionsArgs.builder()\n .principal(salesRole.arn())\n .permissions( \n \"CREATE_TABLE\",\n \"ALTER\",\n \"DROP\")\n .lfTagPolicy(PermissionsLfTagPolicyArgs.builder()\n .resourceType(\"DATABASE\")\n .expressions( \n PermissionsLfTagPolicyExpressionArgs.builder()\n .key(\"Team\")\n .values(\"Sales\")\n .build(),\n PermissionsLfTagPolicyExpressionArgs.builder()\n .key(\"Environment\")\n .values( \n \"Dev\",\n \"Production\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lakeformation:Permissions\n properties:\n principal: ${salesRole.arn}\n permissions:\n - CREATE_TABLE\n - ALTER\n - DROP\n lfTagPolicy:\n resourceType: DATABASE\n expressions:\n - key: Team\n values:\n - Sales\n - key: Environment\n values:\n - Dev\n - Production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "catalogResource": { "type": "boolean", "description": "Whether the permissions are to be granted for the Data Catalog. Defaults to `false`.\n" }, "dataCellsFilter": { "$ref": "#/types/aws:lakeformation/PermissionsDataCellsFilter:PermissionsDataCellsFilter", "description": "Configuration block for a data cells filter resource. Detailed below.\n" }, "dataLocation": { "$ref": "#/types/aws:lakeformation/PermissionsDataLocation:PermissionsDataLocation", "description": "Configuration block for a data location resource. Detailed below.\n" }, "database": { "$ref": "#/types/aws:lakeformation/PermissionsDatabase:PermissionsDatabase", "description": "Configuration block for a database resource. Detailed below.\n" }, "lfTag": { "$ref": "#/types/aws:lakeformation/PermissionsLfTag:PermissionsLfTag", "description": "Configuration block for an LF-tag resource. Detailed below.\n" }, "lfTagPolicy": { "$ref": "#/types/aws:lakeformation/PermissionsLfTagPolicy:PermissionsLfTagPolicy", "description": "Configuration block for an LF-tag policy resource. Detailed below.\n" }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions granted to the principal. Valid values may include `ALL`, `ALTER`, `ASSOCIATE`, `CREATE_DATABASE`, `CREATE_TABLE`, `DATA_LOCATION_ACCESS`, `DELETE`, `DESCRIBE`, `DROP`, `INSERT`, and `SELECT`. For details on each permission, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n", "language": { "csharp": { "name": "PermissionDetails" } } }, "permissionsWithGrantOptions": { "type": "array", "items": { "type": "string" }, "description": "Subset of `permissions` which the principal can pass.\n" }, "principal": { "type": "string", "description": "Principal to be granted the permissions on the resource. Supported principals include `IAM_ALLOWED_PRINCIPALS` (see Default Behavior and `IAMAllowedPrincipals` above), IAM roles, users, groups, SAML groups and users, QuickSight groups, OUs, and organizations as well as AWS account IDs for cross-account permissions. For more information, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n\n\u003e **NOTE:** We highly recommend that the `principal` _NOT_ be a Lake Formation administrator (granted using `aws.lakeformation.DataLakeSettings`). The entity (e.g., IAM role) running the deployment will most likely need to be a Lake Formation administrator. As such, the entity will have implicit permissions and does not need permissions granted through this resource.\n\nOne of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/PermissionsTable:PermissionsTable", "description": "Configuration block for a table resource. Detailed below.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/PermissionsTableWithColumns:PermissionsTableWithColumns", "description": "Configuration block for a table with columns resource. Detailed below.\n\nThe following arguments are optional:\n" } }, "required": [ "dataLocation", "database", "lfTag", "lfTagPolicy", "permissions", "permissionsWithGrantOptions", "principal", "table", "tableWithColumns" ], "inputProperties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n", "willReplaceOnChanges": true }, "catalogResource": { "type": "boolean", "description": "Whether the permissions are to be granted for the Data Catalog. Defaults to `false`.\n", "willReplaceOnChanges": true }, "dataCellsFilter": { "$ref": "#/types/aws:lakeformation/PermissionsDataCellsFilter:PermissionsDataCellsFilter", "description": "Configuration block for a data cells filter resource. Detailed below.\n", "willReplaceOnChanges": true }, "dataLocation": { "$ref": "#/types/aws:lakeformation/PermissionsDataLocation:PermissionsDataLocation", "description": "Configuration block for a data location resource. Detailed below.\n", "willReplaceOnChanges": true }, "database": { "$ref": "#/types/aws:lakeformation/PermissionsDatabase:PermissionsDatabase", "description": "Configuration block for a database resource. Detailed below.\n", "willReplaceOnChanges": true }, "lfTag": { "$ref": "#/types/aws:lakeformation/PermissionsLfTag:PermissionsLfTag", "description": "Configuration block for an LF-tag resource. Detailed below.\n", "willReplaceOnChanges": true }, "lfTagPolicy": { "$ref": "#/types/aws:lakeformation/PermissionsLfTagPolicy:PermissionsLfTagPolicy", "description": "Configuration block for an LF-tag policy resource. Detailed below.\n", "willReplaceOnChanges": true }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions granted to the principal. Valid values may include `ALL`, `ALTER`, `ASSOCIATE`, `CREATE_DATABASE`, `CREATE_TABLE`, `DATA_LOCATION_ACCESS`, `DELETE`, `DESCRIBE`, `DROP`, `INSERT`, and `SELECT`. For details on each permission, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n", "language": { "csharp": { "name": "PermissionDetails" } }, "willReplaceOnChanges": true }, "permissionsWithGrantOptions": { "type": "array", "items": { "type": "string" }, "description": "Subset of `permissions` which the principal can pass.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "Principal to be granted the permissions on the resource. Supported principals include `IAM_ALLOWED_PRINCIPALS` (see Default Behavior and `IAMAllowedPrincipals` above), IAM roles, users, groups, SAML groups and users, QuickSight groups, OUs, and organizations as well as AWS account IDs for cross-account permissions. For more information, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n\n\u003e **NOTE:** We highly recommend that the `principal` _NOT_ be a Lake Formation administrator (granted using `aws.lakeformation.DataLakeSettings`). The entity (e.g., IAM role) running the deployment will most likely need to be a Lake Formation administrator. As such, the entity will have implicit permissions and does not need permissions granted through this resource.\n\nOne of the following is required:\n", "willReplaceOnChanges": true }, "table": { "$ref": "#/types/aws:lakeformation/PermissionsTable:PermissionsTable", "description": "Configuration block for a table resource. Detailed below.\n", "willReplaceOnChanges": true }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/PermissionsTableWithColumns:PermissionsTableWithColumns", "description": "Configuration block for a table with columns resource. Detailed below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "permissions", "principal" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permissions resources.\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n", "willReplaceOnChanges": true }, "catalogResource": { "type": "boolean", "description": "Whether the permissions are to be granted for the Data Catalog. Defaults to `false`.\n", "willReplaceOnChanges": true }, "dataCellsFilter": { "$ref": "#/types/aws:lakeformation/PermissionsDataCellsFilter:PermissionsDataCellsFilter", "description": "Configuration block for a data cells filter resource. Detailed below.\n", "willReplaceOnChanges": true }, "dataLocation": { "$ref": "#/types/aws:lakeformation/PermissionsDataLocation:PermissionsDataLocation", "description": "Configuration block for a data location resource. Detailed below.\n", "willReplaceOnChanges": true }, "database": { "$ref": "#/types/aws:lakeformation/PermissionsDatabase:PermissionsDatabase", "description": "Configuration block for a database resource. Detailed below.\n", "willReplaceOnChanges": true }, "lfTag": { "$ref": "#/types/aws:lakeformation/PermissionsLfTag:PermissionsLfTag", "description": "Configuration block for an LF-tag resource. Detailed below.\n", "willReplaceOnChanges": true }, "lfTagPolicy": { "$ref": "#/types/aws:lakeformation/PermissionsLfTagPolicy:PermissionsLfTagPolicy", "description": "Configuration block for an LF-tag policy resource. Detailed below.\n", "willReplaceOnChanges": true }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "List of permissions granted to the principal. Valid values may include `ALL`, `ALTER`, `ASSOCIATE`, `CREATE_DATABASE`, `CREATE_TABLE`, `DATA_LOCATION_ACCESS`, `DELETE`, `DESCRIBE`, `DROP`, `INSERT`, and `SELECT`. For details on each permission, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n", "language": { "csharp": { "name": "PermissionDetails" } }, "willReplaceOnChanges": true }, "permissionsWithGrantOptions": { "type": "array", "items": { "type": "string" }, "description": "Subset of `permissions` which the principal can pass.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "Principal to be granted the permissions on the resource. Supported principals include `IAM_ALLOWED_PRINCIPALS` (see Default Behavior and `IAMAllowedPrincipals` above), IAM roles, users, groups, SAML groups and users, QuickSight groups, OUs, and organizations as well as AWS account IDs for cross-account permissions. For more information, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n\n\u003e **NOTE:** We highly recommend that the `principal` _NOT_ be a Lake Formation administrator (granted using `aws.lakeformation.DataLakeSettings`). The entity (e.g., IAM role) running the deployment will most likely need to be a Lake Formation administrator. As such, the entity will have implicit permissions and does not need permissions granted through this resource.\n\nOne of the following is required:\n", "willReplaceOnChanges": true }, "table": { "$ref": "#/types/aws:lakeformation/PermissionsTable:PermissionsTable", "description": "Configuration block for a table resource. Detailed below.\n", "willReplaceOnChanges": true }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/PermissionsTableWithColumns:PermissionsTableWithColumns", "description": "Configuration block for a table with columns resource. Detailed below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lakeformation/resource:Resource": { "description": "Registers a Lake Formation resource (e.g., S3 bucket) as managed by the Data Catalog. In other words, the S3 path is added to the data lake.\n\nChoose a role that has read/write access to the chosen Amazon S3 path or use the service-linked role.\nWhen you register the S3 path, the service-linked role and a new inline policy are created on your behalf.\nLake Formation adds the first path to the inline policy and attaches it to the service-linked role.\nWhen you register subsequent paths, Lake Formation adds the path to the existing policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.s3.getBucket({\n bucket: \"an-example-bucket\",\n});\nconst exampleResource = new aws.lakeformation.Resource(\"example\", {arn: example.then(example =\u003e example.arn)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.get_bucket(bucket=\"an-example-bucket\")\nexample_resource = aws.lakeformation.Resource(\"example\", arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"an-example-bucket\",\n });\n\n var exampleResource = new Aws.LakeFormation.Resource(\"example\", new()\n {\n Arn = example.Apply(getBucketResult =\u003e getBucketResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"an-example-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewResource(ctx, \"example\", \u0026lakeformation.ResourceArgs{\n\t\t\tArn: pulumi.String(example.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.lakeformation.Resource;\nimport com.pulumi.aws.lakeformation.ResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"an-example-bucket\")\n .build());\n\n var exampleResource = new Resource(\"exampleResource\", ResourceArgs.builder()\n .arn(example.applyValue(getBucketResult -\u003e getBucketResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResource:\n type: aws:lakeformation:Resource\n name: example\n properties:\n arn: ${example.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: an-example-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource.\n\nThe following arguments are optional:\n" }, "hybridAccessEnabled": { "type": "boolean", "description": "Flag to enable AWS LakeFormation hybrid access permission mode.\n\n\u003e **NOTE:** AWS does not support registering an S3 location with an IAM role and subsequently updating the S3 location registration to a service-linked role.\n" }, "lastModified": { "type": "string", "description": "Date and time the resource was last modified in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "roleArn": { "type": "string", "description": "Role that has read/write access to the resource.\n" }, "useServiceLinkedRole": { "type": "boolean", "description": "Designates an AWS Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog.\n" }, "withFederation": { "type": "boolean" } }, "required": [ "arn", "hybridAccessEnabled", "lastModified", "roleArn", "withFederation" ], "inputProperties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "hybridAccessEnabled": { "type": "boolean", "description": "Flag to enable AWS LakeFormation hybrid access permission mode.\n\n\u003e **NOTE:** AWS does not support registering an S3 location with an IAM role and subsequently updating the S3 location registration to a service-linked role.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "Role that has read/write access to the resource.\n", "willReplaceOnChanges": true }, "useServiceLinkedRole": { "type": "boolean", "description": "Designates an AWS Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog.\n", "willReplaceOnChanges": true }, "withFederation": { "type": "boolean", "willReplaceOnChanges": true } }, "requiredInputs": [ "arn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resource resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "hybridAccessEnabled": { "type": "boolean", "description": "Flag to enable AWS LakeFormation hybrid access permission mode.\n\n\u003e **NOTE:** AWS does not support registering an S3 location with an IAM role and subsequently updating the S3 location registration to a service-linked role.\n", "willReplaceOnChanges": true }, "lastModified": { "type": "string", "description": "Date and time the resource was last modified in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "roleArn": { "type": "string", "description": "Role that has read/write access to the resource.\n", "willReplaceOnChanges": true }, "useServiceLinkedRole": { "type": "boolean", "description": "Designates an AWS Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog.\n", "willReplaceOnChanges": true }, "withFederation": { "type": "boolean", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lakeformation/resourceLfTag:ResourceLfTag": { "description": "Resource for managing an AWS Lake Formation Resource LF Tag.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.ResourceLfTag(\"example\", {\n database: {\n name: exampleAwsGlueCatalogDatabase.name,\n },\n lfTag: {\n key: exampleAwsLakeformationLfTag.key,\n value: \"stowe\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.ResourceLfTag(\"example\",\n database={\n \"name\": example_aws_glue_catalog_database[\"name\"],\n },\n lf_tag={\n \"key\": example_aws_lakeformation_lf_tag[\"key\"],\n \"value\": \"stowe\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.ResourceLfTag(\"example\", new()\n {\n Database = new Aws.LakeFormation.Inputs.ResourceLfTagDatabaseArgs\n {\n Name = exampleAwsGlueCatalogDatabase.Name,\n },\n LfTag = new Aws.LakeFormation.Inputs.ResourceLfTagLfTagArgs\n {\n Key = exampleAwsLakeformationLfTag.Key,\n Value = \"stowe\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewResourceLfTag(ctx, \"example\", \u0026lakeformation.ResourceLfTagArgs{\n\t\t\tDatabase: \u0026lakeformation.ResourceLfTagDatabaseArgs{\n\t\t\t\tName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t},\n\t\t\tLfTag: \u0026lakeformation.ResourceLfTagLfTagArgs{\n\t\t\t\tKey: pulumi.Any(exampleAwsLakeformationLfTag.Key),\n\t\t\t\tValue: pulumi.String(\"stowe\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.ResourceLfTag;\nimport com.pulumi.aws.lakeformation.ResourceLfTagArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagDatabaseArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagLfTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceLfTag(\"example\", ResourceLfTagArgs.builder()\n .database(ResourceLfTagDatabaseArgs.builder()\n .name(exampleAwsGlueCatalogDatabase.name())\n .build())\n .lfTag(ResourceLfTagLfTagArgs.builder()\n .key(exampleAwsLakeformationLfTag.key())\n .value(\"stowe\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:ResourceLfTag\n properties:\n database:\n name: ${exampleAwsGlueCatalogDatabase.name}\n lfTag:\n key: ${exampleAwsLakeformationLfTag.key}\n value: stowe\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagDatabase:ResourceLfTagDatabase", "description": "Configuration block for a database resource. See Database for more details.\n" }, "lfTag": { "$ref": "#/types/aws:lakeformation/ResourceLfTagLfTag:ResourceLfTagLfTag", "description": "Set of LF-tags to attach to the resource. See LF Tag for more details.\n\nExactly one of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTable:ResourceLfTagTable", "description": "Configuration block for a table resource. See Table for more details.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTableWithColumns:ResourceLfTagTableWithColumns", "description": "Configuration block for a table with columns resource. See Table With Columns for more details.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTimeouts:ResourceLfTagTimeouts" } }, "inputProperties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagDatabase:ResourceLfTagDatabase", "description": "Configuration block for a database resource. See Database for more details.\n" }, "lfTag": { "$ref": "#/types/aws:lakeformation/ResourceLfTagLfTag:ResourceLfTagLfTag", "description": "Set of LF-tags to attach to the resource. See LF Tag for more details.\n\nExactly one of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTable:ResourceLfTagTable", "description": "Configuration block for a table resource. See Table for more details.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTableWithColumns:ResourceLfTagTableWithColumns", "description": "Configuration block for a table with columns resource. See Table With Columns for more details.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTimeouts:ResourceLfTagTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResourceLfTag resources.\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagDatabase:ResourceLfTagDatabase", "description": "Configuration block for a database resource. See Database for more details.\n" }, "lfTag": { "$ref": "#/types/aws:lakeformation/ResourceLfTagLfTag:ResourceLfTagLfTag", "description": "Set of LF-tags to attach to the resource. See LF Tag for more details.\n\nExactly one of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTable:ResourceLfTagTable", "description": "Configuration block for a table resource. See Table for more details.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTableWithColumns:ResourceLfTagTableWithColumns", "description": "Configuration block for a table with columns resource. See Table With Columns for more details.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:lakeformation/ResourceLfTagTimeouts:ResourceLfTagTimeouts" } }, "type": "object" } }, "aws:lakeformation/resourceLfTags:ResourceLfTags": { "description": "Manages an attachment between one or more existing LF-tags and an existing Lake Formation resource.\n\n## Example Usage\n\n### Database Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.LfTag(\"example\", {\n key: \"right\",\n values: [\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n ],\n});\nconst exampleResourceLfTags = new aws.lakeformation.ResourceLfTags(\"example\", {\n database: {\n name: exampleAwsGlueCatalogDatabase.name,\n },\n lfTags: [{\n key: example.key,\n value: \"stowe\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.LfTag(\"example\",\n key=\"right\",\n values=[\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n ])\nexample_resource_lf_tags = aws.lakeformation.ResourceLfTags(\"example\",\n database={\n \"name\": example_aws_glue_catalog_database[\"name\"],\n },\n lf_tags=[{\n \"key\": example.key,\n \"value\": \"stowe\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.LfTag(\"example\", new()\n {\n Key = \"right\",\n Values = new[]\n {\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n },\n });\n\n var exampleResourceLfTags = new Aws.LakeFormation.ResourceLfTags(\"example\", new()\n {\n Database = new Aws.LakeFormation.Inputs.ResourceLfTagsDatabaseArgs\n {\n Name = exampleAwsGlueCatalogDatabase.Name,\n },\n LfTags = new[]\n {\n new Aws.LakeFormation.Inputs.ResourceLfTagsLfTagArgs\n {\n Key = example.Key,\n Value = \"stowe\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lakeformation.NewLfTag(ctx, \"example\", \u0026lakeformation.LfTagArgs{\n\t\t\tKey: pulumi.String(\"right\"),\n\t\t\tValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"abbey\"),\n\t\t\t\tpulumi.String(\"village\"),\n\t\t\t\tpulumi.String(\"luffield\"),\n\t\t\t\tpulumi.String(\"woodcote\"),\n\t\t\t\tpulumi.String(\"copse\"),\n\t\t\t\tpulumi.String(\"chapel\"),\n\t\t\t\tpulumi.String(\"stowe\"),\n\t\t\t\tpulumi.String(\"club\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewResourceLfTags(ctx, \"example\", \u0026lakeformation.ResourceLfTagsArgs{\n\t\t\tDatabase: \u0026lakeformation.ResourceLfTagsDatabaseArgs{\n\t\t\t\tName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t},\n\t\t\tLfTags: lakeformation.ResourceLfTagsLfTagArray{\n\t\t\t\t\u0026lakeformation.ResourceLfTagsLfTagArgs{\n\t\t\t\t\tKey: example.Key,\n\t\t\t\t\tValue: pulumi.String(\"stowe\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LfTag;\nimport com.pulumi.aws.lakeformation.LfTagArgs;\nimport com.pulumi.aws.lakeformation.ResourceLfTags;\nimport com.pulumi.aws.lakeformation.ResourceLfTagsArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagsDatabaseArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagsLfTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LfTag(\"example\", LfTagArgs.builder()\n .key(\"right\")\n .values( \n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\")\n .build());\n\n var exampleResourceLfTags = new ResourceLfTags(\"exampleResourceLfTags\", ResourceLfTagsArgs.builder()\n .database(ResourceLfTagsDatabaseArgs.builder()\n .name(exampleAwsGlueCatalogDatabase.name())\n .build())\n .lfTags(ResourceLfTagsLfTagArgs.builder()\n .key(example.key())\n .value(\"stowe\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:LfTag\n properties:\n key: right\n values:\n - abbey\n - village\n - luffield\n - woodcote\n - copse\n - chapel\n - stowe\n - club\n exampleResourceLfTags:\n type: aws:lakeformation:ResourceLfTags\n name: example\n properties:\n database:\n name: ${exampleAwsGlueCatalogDatabase.name}\n lfTags:\n - key: ${example.key}\n value: stowe\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple Tags Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lakeformation.LfTag(\"example\", {\n key: \"right\",\n values: [\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n ],\n});\nconst example2 = new aws.lakeformation.LfTag(\"example2\", {\n key: \"left\",\n values: [\n \"farm\",\n \"theloop\",\n \"aintree\",\n \"brooklands\",\n \"maggotts\",\n \"becketts\",\n \"vale\",\n ],\n});\nconst exampleResourceLfTags = new aws.lakeformation.ResourceLfTags(\"example\", {\n database: {\n name: exampleAwsGlueCatalogDatabase.name,\n },\n lfTags: [\n {\n key: \"right\",\n value: \"luffield\",\n },\n {\n key: \"left\",\n value: \"aintree\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.LfTag(\"example\",\n key=\"right\",\n values=[\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n ])\nexample2 = aws.lakeformation.LfTag(\"example2\",\n key=\"left\",\n values=[\n \"farm\",\n \"theloop\",\n \"aintree\",\n \"brooklands\",\n \"maggotts\",\n \"becketts\",\n \"vale\",\n ])\nexample_resource_lf_tags = aws.lakeformation.ResourceLfTags(\"example\",\n database={\n \"name\": example_aws_glue_catalog_database[\"name\"],\n },\n lf_tags=[\n {\n \"key\": \"right\",\n \"value\": \"luffield\",\n },\n {\n \"key\": \"left\",\n \"value\": \"aintree\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LakeFormation.LfTag(\"example\", new()\n {\n Key = \"right\",\n Values = new[]\n {\n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\",\n },\n });\n\n var example2 = new Aws.LakeFormation.LfTag(\"example2\", new()\n {\n Key = \"left\",\n Values = new[]\n {\n \"farm\",\n \"theloop\",\n \"aintree\",\n \"brooklands\",\n \"maggotts\",\n \"becketts\",\n \"vale\",\n },\n });\n\n var exampleResourceLfTags = new Aws.LakeFormation.ResourceLfTags(\"example\", new()\n {\n Database = new Aws.LakeFormation.Inputs.ResourceLfTagsDatabaseArgs\n {\n Name = exampleAwsGlueCatalogDatabase.Name,\n },\n LfTags = new[]\n {\n new Aws.LakeFormation.Inputs.ResourceLfTagsLfTagArgs\n {\n Key = \"right\",\n Value = \"luffield\",\n },\n new Aws.LakeFormation.Inputs.ResourceLfTagsLfTagArgs\n {\n Key = \"left\",\n Value = \"aintree\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.NewLfTag(ctx, \"example\", \u0026lakeformation.LfTagArgs{\n\t\t\tKey: pulumi.String(\"right\"),\n\t\t\tValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"abbey\"),\n\t\t\t\tpulumi.String(\"village\"),\n\t\t\t\tpulumi.String(\"luffield\"),\n\t\t\t\tpulumi.String(\"woodcote\"),\n\t\t\t\tpulumi.String(\"copse\"),\n\t\t\t\tpulumi.String(\"chapel\"),\n\t\t\t\tpulumi.String(\"stowe\"),\n\t\t\t\tpulumi.String(\"club\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewLfTag(ctx, \"example2\", \u0026lakeformation.LfTagArgs{\n\t\t\tKey: pulumi.String(\"left\"),\n\t\t\tValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"farm\"),\n\t\t\t\tpulumi.String(\"theloop\"),\n\t\t\t\tpulumi.String(\"aintree\"),\n\t\t\t\tpulumi.String(\"brooklands\"),\n\t\t\t\tpulumi.String(\"maggotts\"),\n\t\t\t\tpulumi.String(\"becketts\"),\n\t\t\t\tpulumi.String(\"vale\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lakeformation.NewResourceLfTags(ctx, \"example\", \u0026lakeformation.ResourceLfTagsArgs{\n\t\t\tDatabase: \u0026lakeformation.ResourceLfTagsDatabaseArgs{\n\t\t\t\tName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t},\n\t\t\tLfTags: lakeformation.ResourceLfTagsLfTagArray{\n\t\t\t\t\u0026lakeformation.ResourceLfTagsLfTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"right\"),\n\t\t\t\t\tValue: pulumi.String(\"luffield\"),\n\t\t\t\t},\n\t\t\t\t\u0026lakeformation.ResourceLfTagsLfTagArgs{\n\t\t\t\t\tKey: pulumi.String(\"left\"),\n\t\t\t\t\tValue: pulumi.String(\"aintree\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LfTag;\nimport com.pulumi.aws.lakeformation.LfTagArgs;\nimport com.pulumi.aws.lakeformation.ResourceLfTags;\nimport com.pulumi.aws.lakeformation.ResourceLfTagsArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagsDatabaseArgs;\nimport com.pulumi.aws.lakeformation.inputs.ResourceLfTagsLfTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LfTag(\"example\", LfTagArgs.builder()\n .key(\"right\")\n .values( \n \"abbey\",\n \"village\",\n \"luffield\",\n \"woodcote\",\n \"copse\",\n \"chapel\",\n \"stowe\",\n \"club\")\n .build());\n\n var example2 = new LfTag(\"example2\", LfTagArgs.builder()\n .key(\"left\")\n .values( \n \"farm\",\n \"theloop\",\n \"aintree\",\n \"brooklands\",\n \"maggotts\",\n \"becketts\",\n \"vale\")\n .build());\n\n var exampleResourceLfTags = new ResourceLfTags(\"exampleResourceLfTags\", ResourceLfTagsArgs.builder()\n .database(ResourceLfTagsDatabaseArgs.builder()\n .name(exampleAwsGlueCatalogDatabase.name())\n .build())\n .lfTags( \n ResourceLfTagsLfTagArgs.builder()\n .key(\"right\")\n .value(\"luffield\")\n .build(),\n ResourceLfTagsLfTagArgs.builder()\n .key(\"left\")\n .value(\"aintree\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lakeformation:LfTag\n properties:\n key: right\n values:\n - abbey\n - village\n - luffield\n - woodcote\n - copse\n - chapel\n - stowe\n - club\n example2:\n type: aws:lakeformation:LfTag\n properties:\n key: left\n values:\n - farm\n - theloop\n - aintree\n - brooklands\n - maggotts\n - becketts\n - vale\n exampleResourceLfTags:\n type: aws:lakeformation:ResourceLfTags\n name: example\n properties:\n database:\n name: ${exampleAwsGlueCatalogDatabase.name}\n lfTags:\n - key: right\n value: luffield\n - key: left\n value: aintree\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsDatabase:ResourceLfTagsDatabase", "description": "Configuration block for a database resource. See below.\n" }, "lfTags": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsLfTag:ResourceLfTagsLfTag" }, "description": "Set of LF-tags to attach to the resource. See below.\n\nExactly one of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTable:ResourceLfTagsTable", "description": "Configuration block for a table resource. See below.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTableWithColumns:ResourceLfTagsTableWithColumns", "description": "Configuration block for a table with columns resource. See below.\n\nThe following arguments are optional:\n" } }, "required": [ "catalogId", "database", "lfTags", "table", "tableWithColumns" ], "inputProperties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n", "willReplaceOnChanges": true }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsDatabase:ResourceLfTagsDatabase", "description": "Configuration block for a database resource. See below.\n", "willReplaceOnChanges": true }, "lfTags": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsLfTag:ResourceLfTagsLfTag" }, "description": "Set of LF-tags to attach to the resource. See below.\n\nExactly one of the following is required:\n", "willReplaceOnChanges": true }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTable:ResourceLfTagsTable", "description": "Configuration block for a table resource. See below.\n", "willReplaceOnChanges": true }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTableWithColumns:ResourceLfTagsTableWithColumns", "description": "Configuration block for a table with columns resource. See below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "lfTags" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceLfTags resources.\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n", "willReplaceOnChanges": true }, "database": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsDatabase:ResourceLfTagsDatabase", "description": "Configuration block for a database resource. See below.\n", "willReplaceOnChanges": true }, "lfTags": { "type": "array", "items": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsLfTag:ResourceLfTagsLfTag" }, "description": "Set of LF-tags to attach to the resource. See below.\n\nExactly one of the following is required:\n", "willReplaceOnChanges": true }, "table": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTable:ResourceLfTagsTable", "description": "Configuration block for a table resource. See below.\n", "willReplaceOnChanges": true }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/ResourceLfTagsTableWithColumns:ResourceLfTagsTableWithColumns", "description": "Configuration block for a table with columns resource. See below.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lambda/alias:Alias": { "description": "Creates a Lambda function alias. Creates an alias that points to the specified Lambda function version.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\nFor information about function aliases, see [CreateAlias](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateAlias.html) and [AliasRoutingConfiguration](https://docs.aws.amazon.com/lambda/latest/dg/API_AliasRoutingConfiguration.html) in the API docs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testLambdaAlias = new aws.lambda.Alias(\"test_lambda_alias\", {\n name: \"my_alias\",\n description: \"a sample description\",\n functionName: lambdaFunctionTest.arn,\n functionVersion: \"1\",\n routingConfig: {\n additionalVersionWeights: {\n \"2\": 0.5,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_lambda_alias = aws.lambda_.Alias(\"test_lambda_alias\",\n name=\"my_alias\",\n description=\"a sample description\",\n function_name=lambda_function_test[\"arn\"],\n function_version=\"1\",\n routing_config={\n \"additional_version_weights\": {\n \"_2\": 0.5,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testLambdaAlias = new Aws.Lambda.Alias(\"test_lambda_alias\", new()\n {\n Name = \"my_alias\",\n Description = \"a sample description\",\n FunctionName = lambdaFunctionTest.Arn,\n FunctionVersion = \"1\",\n RoutingConfig = new Aws.Lambda.Inputs.AliasRoutingConfigArgs\n {\n AdditionalVersionWeights = \n {\n { \"2\", 0.5 },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewAlias(ctx, \"test_lambda_alias\", \u0026lambda.AliasArgs{\n\t\t\tName: pulumi.String(\"my_alias\"),\n\t\t\tDescription: pulumi.String(\"a sample description\"),\n\t\t\tFunctionName: pulumi.Any(lambdaFunctionTest.Arn),\n\t\t\tFunctionVersion: pulumi.String(\"1\"),\n\t\t\tRoutingConfig: \u0026lambda.AliasRoutingConfigArgs{\n\t\t\t\tAdditionalVersionWeights: pulumi.Float64Map{\n\t\t\t\t\t\"2\": pulumi.Float64(0.5),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Alias;\nimport com.pulumi.aws.lambda.AliasArgs;\nimport com.pulumi.aws.lambda.inputs.AliasRoutingConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testLambdaAlias = new Alias(\"testLambdaAlias\", AliasArgs.builder()\n .name(\"my_alias\")\n .description(\"a sample description\")\n .functionName(lambdaFunctionTest.arn())\n .functionVersion(\"1\")\n .routingConfig(AliasRoutingConfigArgs.builder()\n .additionalVersionWeights(Map.of(\"2\", 0.5))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testLambdaAlias:\n type: aws:lambda:Alias\n name: test_lambda_alias\n properties:\n name: my_alias\n description: a sample description\n functionName: ${lambdaFunctionTest.arn}\n functionVersion: '1'\n routingConfig:\n additionalVersionWeights:\n '2': 0.5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda Function Aliases using the `function_name/alias`. For example:\n\n```sh\n$ pulumi import aws:lambda/alias:Alias test_lambda_alias my_test_lambda_function/my_alias\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda function alias.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "Lambda Function name or ARN.\n" }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n" }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "required": [ "arn", "functionName", "functionVersion", "invokeArn", "name" ], "inputProperties": { "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "Lambda Function name or ARN.\n", "willReplaceOnChanges": true }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n", "willReplaceOnChanges": true }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "requiredInputs": [ "functionName", "functionVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your Lambda function alias.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "functionName": { "type": "string", "description": "Lambda Function name or ARN.\n", "willReplaceOnChanges": true }, "functionVersion": { "type": "string", "description": "Lambda function version for which you are creating the alias. Pattern: `(\\$LATEST|[0-9]+)`.\n" }, "invokeArn": { "type": "string", "description": "The ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`\n" }, "name": { "type": "string", "description": "Name for the alias you are creating. Pattern: `(?!^[0-9]+$)([a-zA-Z0-9-_]+)`\n", "willReplaceOnChanges": true }, "routingConfig": { "$ref": "#/types/aws:lambda/AliasRoutingConfig:AliasRoutingConfig", "description": "The Lambda alias' route configuration settings. Fields documented below\n" } }, "type": "object" } }, "aws:lambda/codeSigningConfig:CodeSigningConfig": { "description": "Provides a Lambda Code Signing Config resource. A code signing configuration defines a list of allowed signing profiles and defines the code-signing validation policy (action to be taken if deployment validation checks fail).\n\nFor information about Lambda code signing configurations and how to use them, see [configuring code signing for Lambda functions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst newCsc = new aws.lambda.CodeSigningConfig(\"new_csc\", {\n allowedPublishers: {\n signingProfileVersionArns: [\n example1.arn,\n example2.arn,\n ],\n },\n policies: {\n untrustedArtifactOnDeployment: \"Warn\",\n },\n description: \"My awesome code signing config.\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnew_csc = aws.lambda_.CodeSigningConfig(\"new_csc\",\n allowed_publishers={\n \"signing_profile_version_arns\": [\n example1[\"arn\"],\n example2[\"arn\"],\n ],\n },\n policies={\n \"untrusted_artifact_on_deployment\": \"Warn\",\n },\n description=\"My awesome code signing config.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var newCsc = new Aws.Lambda.CodeSigningConfig(\"new_csc\", new()\n {\n AllowedPublishers = new Aws.Lambda.Inputs.CodeSigningConfigAllowedPublishersArgs\n {\n SigningProfileVersionArns = new[]\n {\n example1.Arn,\n example2.Arn,\n },\n },\n Policies = new Aws.Lambda.Inputs.CodeSigningConfigPoliciesArgs\n {\n UntrustedArtifactOnDeployment = \"Warn\",\n },\n Description = \"My awesome code signing config.\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewCodeSigningConfig(ctx, \"new_csc\", \u0026lambda.CodeSigningConfigArgs{\n\t\t\tAllowedPublishers: \u0026lambda.CodeSigningConfigAllowedPublishersArgs{\n\t\t\t\tSigningProfileVersionArns: pulumi.StringArray{\n\t\t\t\t\texample1.Arn,\n\t\t\t\t\texample2.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tPolicies: \u0026lambda.CodeSigningConfigPoliciesArgs{\n\t\t\t\tUntrustedArtifactOnDeployment: pulumi.String(\"Warn\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"My awesome code signing config.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.CodeSigningConfig;\nimport com.pulumi.aws.lambda.CodeSigningConfigArgs;\nimport com.pulumi.aws.lambda.inputs.CodeSigningConfigAllowedPublishersArgs;\nimport com.pulumi.aws.lambda.inputs.CodeSigningConfigPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var newCsc = new CodeSigningConfig(\"newCsc\", CodeSigningConfigArgs.builder()\n .allowedPublishers(CodeSigningConfigAllowedPublishersArgs.builder()\n .signingProfileVersionArns( \n example1.arn(),\n example2.arn())\n .build())\n .policies(CodeSigningConfigPoliciesArgs.builder()\n .untrustedArtifactOnDeployment(\"Warn\")\n .build())\n .description(\"My awesome code signing config.\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n newCsc:\n type: aws:lambda:CodeSigningConfig\n name: new_csc\n properties:\n allowedPublishers:\n signingProfileVersionArns:\n - ${example1.arn}\n - ${example2.arn}\n policies:\n untrustedArtifactOnDeployment: Warn\n description: My awesome code signing config.\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Code Signing Configs using their ARN. For example:\n\n```sh\n$ pulumi import aws:lambda/codeSigningConfig:CodeSigningConfig imported_csc arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-0f6c334abcdea4d8b\n```\n", "properties": { "allowedPublishers": { "$ref": "#/types/aws:lambda/CodeSigningConfigAllowedPublishers:CodeSigningConfigAllowedPublishers", "description": "A configuration block of allowed publishers as signing profiles for this code signing configuration. Detailed below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the code signing configuration.\n" }, "configId": { "type": "string", "description": "Unique identifier for the code signing configuration.\n" }, "description": { "type": "string", "description": "Descriptive name for this code signing configuration.\n" }, "lastModified": { "type": "string", "description": "The date and time that the code signing configuration was last modified.\n" }, "policies": { "$ref": "#/types/aws:lambda/CodeSigningConfigPolicies:CodeSigningConfigPolicies", "description": "A configuration block of code signing policies that define the actions to take if the validation checks fail. Detailed below.\n" } }, "required": [ "allowedPublishers", "arn", "configId", "lastModified", "policies" ], "inputProperties": { "allowedPublishers": { "$ref": "#/types/aws:lambda/CodeSigningConfigAllowedPublishers:CodeSigningConfigAllowedPublishers", "description": "A configuration block of allowed publishers as signing profiles for this code signing configuration. Detailed below.\n" }, "description": { "type": "string", "description": "Descriptive name for this code signing configuration.\n" }, "policies": { "$ref": "#/types/aws:lambda/CodeSigningConfigPolicies:CodeSigningConfigPolicies", "description": "A configuration block of code signing policies that define the actions to take if the validation checks fail. Detailed below.\n" } }, "requiredInputs": [ "allowedPublishers" ], "stateInputs": { "description": "Input properties used for looking up and filtering CodeSigningConfig resources.\n", "properties": { "allowedPublishers": { "$ref": "#/types/aws:lambda/CodeSigningConfigAllowedPublishers:CodeSigningConfigAllowedPublishers", "description": "A configuration block of allowed publishers as signing profiles for this code signing configuration. Detailed below.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the code signing configuration.\n" }, "configId": { "type": "string", "description": "Unique identifier for the code signing configuration.\n" }, "description": { "type": "string", "description": "Descriptive name for this code signing configuration.\n" }, "lastModified": { "type": "string", "description": "The date and time that the code signing configuration was last modified.\n" }, "policies": { "$ref": "#/types/aws:lambda/CodeSigningConfigPolicies:CodeSigningConfigPolicies", "description": "A configuration block of code signing policies that define the actions to take if the validation checks fail. Detailed below.\n" } }, "type": "object" } }, "aws:lambda/eventSourceMapping:EventSourceMapping": { "description": "Provides a Lambda event source mapping. This allows Lambda functions to get events from Kinesis, DynamoDB, SQS, Amazon MQ and Managed Streaming for Apache Kafka (MSK).\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html).\nFor information about event source mappings, see [CreateEventSourceMapping](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html) in the API docs.\n\n## Example Usage\n\n### DynamoDB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsDynamodbTable.streamArn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_dynamodb_table[\"streamArn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsDynamodbTable.StreamArn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsDynamodbTable.StreamArn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .eventSourceArn(exampleAwsDynamodbTable.streamArn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsDynamodbTable.streamArn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kinesis\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsKinesisStream.arn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_kinesis_stream[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsKinesisStream.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .eventSourceArn(exampleAwsKinesisStream.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsKinesisStream.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Streaming for Apache Kafka (MSK)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsMskCluster.arn,\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_msk_cluster[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsMskCluster.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .eventSourceArn(exampleAwsMskCluster.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsMskCluster.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Self Managed Apache Kafka\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n selfManagedEventSource: {\n endpoints: {\n KAFKA_BOOTSTRAP_SERVERS: \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n },\n sourceAccessConfigurations: [\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example1\",\n },\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example2\",\n },\n {\n type: \"VPC_SECURITY_GROUP\",\n uri: \"security_group:sg-example\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\",\n self_managed_event_source={\n \"endpoints\": {\n \"kafk_a__bootstra_p__servers\": \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n },\n source_access_configurations=[\n {\n \"type\": \"VPC_SUBNET\",\n \"uri\": \"subnet:subnet-example1\",\n },\n {\n \"type\": \"VPC_SUBNET\",\n \"uri\": \"subnet:subnet-example2\",\n },\n {\n \"type\": \"VPC_SECURITY_GROUP\",\n \"uri\": \"security_group:sg-example\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n SelfManagedEventSource = new Aws.Lambda.Inputs.EventSourceMappingSelfManagedEventSourceArgs\n {\n Endpoints = \n {\n { \"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\" },\n },\n },\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example1\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example2\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SECURITY_GROUP\",\n Uri = \"security_group:sg-example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t\tSelfManagedEventSource: \u0026lambda.EventSourceMappingSelfManagedEventSourceArgs{\n\t\t\t\tEndpoints: pulumi.StringMap{\n\t\t\t\t\t\"KAFKA_BOOTSTRAP_SERVERS\": pulumi.String(\"kafka1.example.com:9092,kafka2.example.com:9092\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example1\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example2\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SECURITY_GROUP\"),\n\t\t\t\t\tUri: pulumi.String(\"security_group:sg-example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSelfManagedEventSourceArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .selfManagedEventSource(EventSourceMappingSelfManagedEventSourceArgs.builder()\n .endpoints(Map.of(\"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\"))\n .build())\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example1\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example2\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SECURITY_GROUP\")\n .uri(\"security_group:sg-example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n selfManagedEventSource:\n endpoints:\n KAFKA_BOOTSTRAP_SERVERS: kafka1.example.com:9092,kafka2.example.com:9092\n sourceAccessConfigurations:\n - type: VPC_SUBNET\n uri: subnet:subnet-example1\n - type: VPC_SUBNET\n uri: subnet:subnet-example2\n - type: VPC_SECURITY_GROUP\n uri: security_group:sg-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS with event filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n body: {\n Temperature: [{\n numeric: [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n Location: [\"New York\"],\n },\n }),\n }],\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n filter_criteria={\n \"filters\": [{\n \"pattern\": json.dumps({\n \"body\": {\n \"temperature\": [{\n \"numeric\": [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n \"location\": [\"New York\"],\n },\n }),\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n FilterCriteria = new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"body\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Temperature\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"numeric\"] = new object?[]\n {\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n },\n },\n },\n [\"Location\"] = new[]\n {\n \"New York\",\n },\n },\n }),\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"body\": map[string]interface{}{\n\t\t\t\t\"Temperature\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"numeric\": []interface{}{\n\t\t\t\t\t\t\t\"\u003e\",\n\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\"\u003c=\",\n\t\t\t\t\t\t\t100,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Location\": []string{\n\t\t\t\t\t\"New York\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tFilterCriteria: \u0026lambda.EventSourceMappingFilterCriteriaArgs{\n\t\t\t\tFilters: lambda.EventSourceMappingFilterCriteriaFilterArray{\n\t\t\t\t\t\u0026lambda.EventSourceMappingFilterCriteriaFilterArgs{\n\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .filterCriteria(EventSourceMappingFilterCriteriaArgs.builder()\n .filters(EventSourceMappingFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"body\", jsonObject(\n jsonProperty(\"Temperature\", jsonArray(jsonObject(\n jsonProperty(\"numeric\", jsonArray(\n \"\u003e\", \n 0, \n \"\u003c=\", \n 100\n ))\n ))),\n jsonProperty(\"Location\", jsonArray(\"New York\"))\n ))\n )))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n body:\n Temperature:\n - numeric:\n - '\u003e'\n - 0\n - \u003c=\n - 100\n Location:\n - New York\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (ActiveMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 10,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [{\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=10,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[{\n \"type\": \"BASIC_AUTH\",\n \"uri\": example_aws_secretsmanager_secret_version[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 10,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(10),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .batchSize(10)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations(EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 10\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (RabbitMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 1,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [\n {\n type: \"VIRTUAL_HOST\",\n uri: \"/example\",\n },\n {\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=1,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[\n {\n \"type\": \"VIRTUAL_HOST\",\n \"uri\": \"/example\",\n },\n {\n \"type\": \"BASIC_AUTH\",\n \"uri\": example_aws_secretsmanager_secret_version[\"arn\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 1,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VIRTUAL_HOST\",\n Uri = \"/example\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(1),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VIRTUAL_HOST\"),\n\t\t\t\t\tUri: pulumi.String(\"/example\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder()\n .batchSize(1)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VIRTUAL_HOST\")\n .uri(\"/example\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 1\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: VIRTUAL_HOST\n uri: /example\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda event source mappings using the `UUID` (event source mapping identifier). For example:\n\n```sh\n$ pulumi import aws:lambda/eventSourceMapping:EventSourceMapping event_source_mapping 12345kxodurf3443\n```\n", "properties": { "amazonManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingAmazonManagedKafkaEventSourceConfig:EventSourceMappingAmazonManagedKafkaEventSourceConfig", "description": "Additional configuration block for Amazon Managed Kafka sources. Incompatible with \"self_managed_event_source\" and \"self_managed_kafka_event_source_config\". Detailed below.\n" }, "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB, Kinesis, MQ and MSK, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean", "description": "- (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig", "description": "- (Optional) An Amazon SQS queue, Amazon SNS topic or Amazon S3 bucket (only available for Kafka sources) destination for failed records. Only available for stream sources (DynamoDB and Kinesis) and Kafka sources (Amazon MSK and Self-managed Apache Kafka). Detailed below.\n" }, "documentDbEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDocumentDbEventSourceConfig:EventSourceMappingDocumentDbEventSourceConfig", "description": "- (Optional) Configuration settings for a DocumentDB event source. Detailed below.\n" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - this is required for Kinesis stream, DynamoDB stream, SQS queue, MQ broker, MSK cluster or DocumentDB change stream. It is incompatible with a Self Managed Kafka source.\n" }, "filterCriteria": { "$ref": "#/types/aws:lambda/EventSourceMappingFilterCriteria:EventSourceMappingFilterCriteria", "description": "The criteria to use for [event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) Kinesis stream, DynamoDB stream, SQS queue event sources. Detailed below.\n" }, "functionArn": { "type": "string", "description": "The the ARN of the Lambda function the event source mapping is sending events to. (Note: this is a computed value that differs from `function_name` above.)\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "functionResponseTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of current response type enums applied to the event source mapping for [AWS Lambda checkpointing](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting). Only available for SQS and stream sources (DynamoDB and Kinesis). Valid values: `ReportBatchItemFailures`.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "lastProcessingResult": { "type": "string", "description": "The result of the last AWS Lambda invocation of your Lambda function.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds (between 0 and 300). Records will continue to buffer (or accumulate in the case of an SQS queue event source) until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. For streaming event sources, defaults to as soon as records are available in the stream. If the batch it reads from the stream/queue only has one record in it, Lambda only sends one record to the function. Only available for stream sources (DynamoDB and Kinesis) and SQS standard queues.\n" }, "maximumRecordAgeInSeconds": { "type": "integer", "description": "- (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Must be either -1 (forever, and the default value) or between 60 and 604800 (inclusive).\n" }, "maximumRetryAttempts": { "type": "integer", "description": "- (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of -1 (forever), maximum of 10000.\n" }, "parallelizationFactor": { "type": "integer", "description": "- (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n" }, "queues": { "type": "string", "description": "The name of the Amazon MQ broker destination queue to consume. Only available for MQ sources. The list must contain exactly one queue name.\n" }, "scalingConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingScalingConfig:EventSourceMappingScalingConfig", "description": "Scaling configuration of the event source. Only available for SQS queues. Detailed below.\n" }, "selfManagedEventSource": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedEventSource:EventSourceMappingSelfManagedEventSource", "description": "- (Optional) For Self Managed Kafka sources, the location of the self managed cluster. If set, configuration must also include `source_access_configuration`. Detailed below.\n" }, "selfManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedKafkaEventSourceConfig:EventSourceMappingSelfManagedKafkaEventSourceConfig", "description": "Additional configuration block for Self Managed Kafka sources. Incompatible with \"event_source_arn\" and \"amazon_managed_kafka_event_source_config\". Detailed below.\n" }, "sourceAccessConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:lambda/EventSourceMappingSourceAccessConfiguration:EventSourceMappingSourceAccessConfiguration" }, "description": "For Self Managed Kafka sources, the access configuration for the source. If set, configuration must also include `self_managed_event_source`. Detailed below.\n" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis, DynamoDB, MSK or Self Managed Apache Kafka. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n" }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n" }, "state": { "type": "string", "description": "The state of the event source mapping.\n" }, "stateTransitionReason": { "type": "string", "description": "The reason the event source mapping is in its current state.\n" }, "topics": { "type": "array", "items": { "type": "string" }, "description": "The name of the Kafka topics. Only available for MSK sources. A single topic name must be specified.\n" }, "tumblingWindowInSeconds": { "type": "integer", "description": "The duration in seconds of a processing window for [AWS Lambda streaming analytics](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-windows). The range is between 1 second up to 900 seconds. Only available for stream sources (DynamoDB and Kinesis).\n" }, "uuid": { "type": "string", "description": "The UUID of the created event source mapping.\n" } }, "required": [ "amazonManagedKafkaEventSourceConfig", "functionArn", "functionName", "lastModified", "lastProcessingResult", "maximumRecordAgeInSeconds", "maximumRetryAttempts", "parallelizationFactor", "selfManagedKafkaEventSourceConfig", "state", "stateTransitionReason", "uuid" ], "inputProperties": { "amazonManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingAmazonManagedKafkaEventSourceConfig:EventSourceMappingAmazonManagedKafkaEventSourceConfig", "description": "Additional configuration block for Amazon Managed Kafka sources. Incompatible with \"self_managed_event_source\" and \"self_managed_kafka_event_source_config\". Detailed below.\n", "willReplaceOnChanges": true }, "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB, Kinesis, MQ and MSK, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean", "description": "- (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig", "description": "- (Optional) An Amazon SQS queue, Amazon SNS topic or Amazon S3 bucket (only available for Kafka sources) destination for failed records. Only available for stream sources (DynamoDB and Kinesis) and Kafka sources (Amazon MSK and Self-managed Apache Kafka). Detailed below.\n" }, "documentDbEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDocumentDbEventSourceConfig:EventSourceMappingDocumentDbEventSourceConfig", "description": "- (Optional) Configuration settings for a DocumentDB event source. Detailed below.\n" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - this is required for Kinesis stream, DynamoDB stream, SQS queue, MQ broker, MSK cluster or DocumentDB change stream. It is incompatible with a Self Managed Kafka source.\n", "willReplaceOnChanges": true }, "filterCriteria": { "$ref": "#/types/aws:lambda/EventSourceMappingFilterCriteria:EventSourceMappingFilterCriteria", "description": "The criteria to use for [event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) Kinesis stream, DynamoDB stream, SQS queue event sources. Detailed below.\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "functionResponseTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of current response type enums applied to the event source mapping for [AWS Lambda checkpointing](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting). Only available for SQS and stream sources (DynamoDB and Kinesis). Valid values: `ReportBatchItemFailures`.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds (between 0 and 300). Records will continue to buffer (or accumulate in the case of an SQS queue event source) until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. For streaming event sources, defaults to as soon as records are available in the stream. If the batch it reads from the stream/queue only has one record in it, Lambda only sends one record to the function. Only available for stream sources (DynamoDB and Kinesis) and SQS standard queues.\n" }, "maximumRecordAgeInSeconds": { "type": "integer", "description": "- (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Must be either -1 (forever, and the default value) or between 60 and 604800 (inclusive).\n" }, "maximumRetryAttempts": { "type": "integer", "description": "- (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of -1 (forever), maximum of 10000.\n" }, "parallelizationFactor": { "type": "integer", "description": "- (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n" }, "queues": { "type": "string", "description": "The name of the Amazon MQ broker destination queue to consume. Only available for MQ sources. The list must contain exactly one queue name.\n", "willReplaceOnChanges": true }, "scalingConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingScalingConfig:EventSourceMappingScalingConfig", "description": "Scaling configuration of the event source. Only available for SQS queues. Detailed below.\n" }, "selfManagedEventSource": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedEventSource:EventSourceMappingSelfManagedEventSource", "description": "- (Optional) For Self Managed Kafka sources, the location of the self managed cluster. If set, configuration must also include `source_access_configuration`. Detailed below.\n", "willReplaceOnChanges": true }, "selfManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedKafkaEventSourceConfig:EventSourceMappingSelfManagedKafkaEventSourceConfig", "description": "Additional configuration block for Self Managed Kafka sources. Incompatible with \"event_source_arn\" and \"amazon_managed_kafka_event_source_config\". Detailed below.\n", "willReplaceOnChanges": true }, "sourceAccessConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:lambda/EventSourceMappingSourceAccessConfiguration:EventSourceMappingSourceAccessConfiguration" }, "description": "For Self Managed Kafka sources, the access configuration for the source. If set, configuration must also include `self_managed_event_source`. Detailed below.\n" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis, DynamoDB, MSK or Self Managed Apache Kafka. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n", "willReplaceOnChanges": true }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n", "willReplaceOnChanges": true }, "topics": { "type": "array", "items": { "type": "string" }, "description": "The name of the Kafka topics. Only available for MSK sources. A single topic name must be specified.\n", "willReplaceOnChanges": true }, "tumblingWindowInSeconds": { "type": "integer", "description": "The duration in seconds of a processing window for [AWS Lambda streaming analytics](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-windows). The range is between 1 second up to 900 seconds. Only available for stream sources (DynamoDB and Kinesis).\n" } }, "requiredInputs": [ "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSourceMapping resources.\n", "properties": { "amazonManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingAmazonManagedKafkaEventSourceConfig:EventSourceMappingAmazonManagedKafkaEventSourceConfig", "description": "Additional configuration block for Amazon Managed Kafka sources. Incompatible with \"self_managed_event_source\" and \"self_managed_kafka_event_source_config\". Detailed below.\n", "willReplaceOnChanges": true }, "batchSize": { "type": "integer", "description": "The largest number of records that Lambda will retrieve from your event source at the time of invocation. Defaults to `100` for DynamoDB, Kinesis, MQ and MSK, `10` for SQS.\n" }, "bisectBatchOnFunctionError": { "type": "boolean", "description": "- (Optional) If the function returns an error, split the batch in two and retry. Only available for stream sources (DynamoDB and Kinesis). Defaults to `false`.\n" }, "destinationConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDestinationConfig:EventSourceMappingDestinationConfig", "description": "- (Optional) An Amazon SQS queue, Amazon SNS topic or Amazon S3 bucket (only available for Kafka sources) destination for failed records. Only available for stream sources (DynamoDB and Kinesis) and Kafka sources (Amazon MSK and Self-managed Apache Kafka). Detailed below.\n" }, "documentDbEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingDocumentDbEventSourceConfig:EventSourceMappingDocumentDbEventSourceConfig", "description": "- (Optional) Configuration settings for a DocumentDB event source. Detailed below.\n" }, "enabled": { "type": "boolean", "description": "Determines if the mapping will be enabled on creation. Defaults to `true`.\n" }, "eventSourceArn": { "type": "string", "description": "The event source ARN - this is required for Kinesis stream, DynamoDB stream, SQS queue, MQ broker, MSK cluster or DocumentDB change stream. It is incompatible with a Self Managed Kafka source.\n", "willReplaceOnChanges": true }, "filterCriteria": { "$ref": "#/types/aws:lambda/EventSourceMappingFilterCriteria:EventSourceMappingFilterCriteria", "description": "The criteria to use for [event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) Kinesis stream, DynamoDB stream, SQS queue event sources. Detailed below.\n" }, "functionArn": { "type": "string", "description": "The the ARN of the Lambda function the event source mapping is sending events to. (Note: this is a computed value that differs from `function_name` above.)\n" }, "functionName": { "type": "string", "description": "The name or the ARN of the Lambda function that will be subscribing to events.\n" }, "functionResponseTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of current response type enums applied to the event source mapping for [AWS Lambda checkpointing](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting). Only available for SQS and stream sources (DynamoDB and Kinesis). Valid values: `ReportBatchItemFailures`.\n" }, "lastModified": { "type": "string", "description": "The date this resource was last modified.\n" }, "lastProcessingResult": { "type": "string", "description": "The result of the last AWS Lambda invocation of your Lambda function.\n" }, "maximumBatchingWindowInSeconds": { "type": "integer", "description": "The maximum amount of time to gather records before invoking the function, in seconds (between 0 and 300). Records will continue to buffer (or accumulate in the case of an SQS queue event source) until either `maximum_batching_window_in_seconds` expires or `batch_size` has been met. For streaming event sources, defaults to as soon as records are available in the stream. If the batch it reads from the stream/queue only has one record in it, Lambda only sends one record to the function. Only available for stream sources (DynamoDB and Kinesis) and SQS standard queues.\n" }, "maximumRecordAgeInSeconds": { "type": "integer", "description": "- (Optional) The maximum age of a record that Lambda sends to a function for processing. Only available for stream sources (DynamoDB and Kinesis). Must be either -1 (forever, and the default value) or between 60 and 604800 (inclusive).\n" }, "maximumRetryAttempts": { "type": "integer", "description": "- (Optional) The maximum number of times to retry when the function returns an error. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of -1 (forever), maximum of 10000.\n" }, "parallelizationFactor": { "type": "integer", "description": "- (Optional) The number of batches to process from each shard concurrently. Only available for stream sources (DynamoDB and Kinesis). Minimum and default of 1, maximum of 10.\n" }, "queues": { "type": "string", "description": "The name of the Amazon MQ broker destination queue to consume. Only available for MQ sources. The list must contain exactly one queue name.\n", "willReplaceOnChanges": true }, "scalingConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingScalingConfig:EventSourceMappingScalingConfig", "description": "Scaling configuration of the event source. Only available for SQS queues. Detailed below.\n" }, "selfManagedEventSource": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedEventSource:EventSourceMappingSelfManagedEventSource", "description": "- (Optional) For Self Managed Kafka sources, the location of the self managed cluster. If set, configuration must also include `source_access_configuration`. Detailed below.\n", "willReplaceOnChanges": true }, "selfManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingSelfManagedKafkaEventSourceConfig:EventSourceMappingSelfManagedKafkaEventSourceConfig", "description": "Additional configuration block for Self Managed Kafka sources. Incompatible with \"event_source_arn\" and \"amazon_managed_kafka_event_source_config\". Detailed below.\n", "willReplaceOnChanges": true }, "sourceAccessConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:lambda/EventSourceMappingSourceAccessConfiguration:EventSourceMappingSourceAccessConfiguration" }, "description": "For Self Managed Kafka sources, the access configuration for the source. If set, configuration must also include `self_managed_event_source`. Detailed below.\n" }, "startingPosition": { "type": "string", "description": "The position in the stream where AWS Lambda should start reading. Must be one of `AT_TIMESTAMP` (Kinesis only), `LATEST` or `TRIM_HORIZON` if getting events from Kinesis, DynamoDB, MSK or Self Managed Apache Kafka. Must not be provided if getting events from SQS. More information about these positions can be found in the [AWS DynamoDB Streams API Reference](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html) and [AWS Kinesis API Reference](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType).\n", "willReplaceOnChanges": true }, "startingPositionTimestamp": { "type": "string", "description": "A timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of the data record which to start reading when using `starting_position` set to `AT_TIMESTAMP`. If a record with this exact timestamp does not exist, the next later record is chosen. If the timestamp is older than the current trim horizon, the oldest available record is chosen.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The state of the event source mapping.\n" }, "stateTransitionReason": { "type": "string", "description": "The reason the event source mapping is in its current state.\n" }, "topics": { "type": "array", "items": { "type": "string" }, "description": "The name of the Kafka topics. Only available for MSK sources. A single topic name must be specified.\n", "willReplaceOnChanges": true }, "tumblingWindowInSeconds": { "type": "integer", "description": "The duration in seconds of a processing window for [AWS Lambda streaming analytics](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-windows). The range is between 1 second up to 900 seconds. Only available for stream sources (DynamoDB and Kinesis).\n" }, "uuid": { "type": "string", "description": "The UUID of the created event source mapping.\n" } }, "type": "object" } }, "aws:lambda/function:Function": { "description": "Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\n\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n\u003e **NOTE:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking an `aws.lambda.Function` with environment variables, the IAM role associated with the function may have been deleted and recreated _after_ the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to `taint` the function and `apply` your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n\u003e To give an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function, use the `aws.lambda.Permission` resource. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details. On the other hand, the `role` argument of this resource is the function's execution role for identity and access to AWS services and resources.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as archive from \"@pulumi/archive\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst lambda = archive.getFile({\n type: \"zip\",\n sourceFile: \"lambda.js\",\n outputPath: \"lambda_function_payload.zip\",\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n sourceCodeHash: lambda.then(lambda =\u003e lambda.outputBase64sha256),\n runtime: aws.lambda.Runtime.NodeJS18dX,\n environment: {\n variables: {\n foo: \"bar\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_archive as archive\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nlambda_ = archive.get_file(type=\"zip\",\n source_file=\"lambda.js\",\n output_path=\"lambda_function_payload.zip\")\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n source_code_hash=lambda_.output_base64sha256,\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n environment={\n \"variables\": {\n \"foo\": \"bar\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Archive = Pulumi.Archive;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambda = Archive.GetFile.Invoke(new()\n {\n Type = \"zip\",\n SourceFile = \"lambda.js\",\n OutputPath = \"lambda_function_payload.zip\",\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n SourceCodeHash = lambda.Apply(getFileResult =\u003e getFileResult.OutputBase64sha256),\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs\n {\n Variables = \n {\n { \"foo\", \"bar\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-archive/sdk/go/archive\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambda, err := archive.LookupFile(ctx, \u0026archive.LookupFileArgs{\n\t\t\tType: \"zip\",\n\t\t\tSourceFile: pulumi.StringRef(\"lambda.js\"),\n\t\t\tOutputPath: \"lambda_function_payload.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tSourceCodeHash: pulumi.String(lambda.OutputBase64sha256),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEnvironment: \u0026lambda.FunctionEnvironmentArgs{\n\t\t\t\tVariables: pulumi.StringMap{\n\t\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.archive.ArchiveFunctions;\nimport com.pulumi.archive.inputs.GetFileArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEnvironmentArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder()\n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambda = ArchiveFunctions.getFile(GetFileArgs.builder()\n .type(\"zip\")\n .sourceFile(\"lambda.js\")\n .outputPath(\"lambda_function_payload.zip\")\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .sourceCodeHash(lambda.applyValue(getFileResult -\u003e getFileResult.outputBase64sha256()))\n .runtime(\"nodejs18.x\")\n .environment(FunctionEnvironmentArgs.builder()\n .variables(Map.of(\"foo\", \"bar\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n sourceCodeHash: ${lambda.outputBase64sha256}\n runtime: nodejs18.x\n environment:\n variables:\n foo: bar\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n lambda:\n fn::invoke:\n Function: archive:getFile\n Arguments:\n type: zip\n sourceFile: lambda.js\n outputPath: lambda_function_payload.zip\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Layers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.LayerVersion(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {layers: [example.arn]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.LayerVersion(\"example\")\nexample_function = aws.lambda_.Function(\"example\", layers=[example.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.LayerVersion(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\", new()\n {\n Layers = new[]\n {\n example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewLayerVersion(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tLayers: pulumi.StringArray{\n\t\t\t\texample.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LayerVersion;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LayerVersion(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\", FunctionArgs.builder()\n .layers(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:LayerVersion\n exampleFunction:\n type: aws:lambda:Function\n name: example\n properties:\n layers:\n - ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Ephemeral Storage\n\nLambda Function Ephemeral Storage(`/tmp`) allows you to configure the storage upto `10` GB. The default value set to `512` MB.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n runtime: aws.lambda.Runtime.NodeJS18dX,\n ephemeralStorage: {\n size: 10240,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n ephemeral_storage={\n \"size\": 10240,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs\n {\n Size = 10240,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEphemeralStorage: \u0026lambda.FunctionEphemeralStorageArgs{\n\t\t\t\tSize: pulumi.Int(10240),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEphemeralStorageArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder()\n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .runtime(\"nodejs18.x\")\n .ephemeralStorage(FunctionEphemeralStorageArgs.builder()\n .size(10240)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n runtime: nodejs18.x\n ephemeralStorage:\n size: 10240\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda File Systems\n\nLambda File Systems allow you to connect an Amazon Elastic File System (EFS) file system to a Lambda function to share data across function invocations, access existing data including large files, and save function state.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// EFS file system\nconst efsForLambda = new aws.efs.FileSystem(\"efs_for_lambda\", {tags: {\n Name: \"efs_for_lambda\",\n}});\n// Mount target connects the file system to the subnet\nconst alpha = new aws.efs.MountTarget(\"alpha\", {\n fileSystemId: efsForLambda.id,\n subnetId: subnetForLambda.id,\n securityGroups: [sgForLambda.id],\n});\n// EFS access point used by lambda file system\nconst accessPointForLambda = new aws.efs.AccessPoint(\"access_point_for_lambda\", {\n fileSystemId: efsForLambda.id,\n rootDirectory: {\n path: \"/lambda\",\n creationInfo: {\n ownerGid: 1000,\n ownerUid: 1000,\n permissions: \"777\",\n },\n },\n posixUser: {\n gid: 1000,\n uid: 1000,\n },\n});\n// A lambda function connected to an EFS file system\nconst example = new aws.lambda.Function(\"example\", {\n fileSystemConfig: {\n arn: accessPointForLambda.arn,\n localMountPath: \"/mnt/efs\",\n },\n vpcConfig: {\n subnetIds: [subnetForLambda.id],\n securityGroupIds: [sgForLambda.id],\n },\n}, {\n dependsOn: [alpha],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# EFS file system\nefs_for_lambda = aws.efs.FileSystem(\"efs_for_lambda\", tags={\n \"Name\": \"efs_for_lambda\",\n})\n# Mount target connects the file system to the subnet\nalpha = aws.efs.MountTarget(\"alpha\",\n file_system_id=efs_for_lambda.id,\n subnet_id=subnet_for_lambda[\"id\"],\n security_groups=[sg_for_lambda[\"id\"]])\n# EFS access point used by lambda file system\naccess_point_for_lambda = aws.efs.AccessPoint(\"access_point_for_lambda\",\n file_system_id=efs_for_lambda.id,\n root_directory={\n \"path\": \"/lambda\",\n \"creation_info\": {\n \"owner_gid\": 1000,\n \"owner_uid\": 1000,\n \"permissions\": \"777\",\n },\n },\n posix_user={\n \"gid\": 1000,\n \"uid\": 1000,\n })\n# A lambda function connected to an EFS file system\nexample = aws.lambda_.Function(\"example\",\n file_system_config={\n \"arn\": access_point_for_lambda.arn,\n \"local_mount_path\": \"/mnt/efs\",\n },\n vpc_config={\n \"subnet_ids\": [subnet_for_lambda[\"id\"]],\n \"security_group_ids\": [sg_for_lambda[\"id\"]],\n },\n opts = pulumi.ResourceOptions(depends_on=[alpha]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // EFS file system\n var efsForLambda = new Aws.Efs.FileSystem(\"efs_for_lambda\", new()\n {\n Tags = \n {\n { \"Name\", \"efs_for_lambda\" },\n },\n });\n\n // Mount target connects the file system to the subnet\n var alpha = new Aws.Efs.MountTarget(\"alpha\", new()\n {\n FileSystemId = efsForLambda.Id,\n SubnetId = subnetForLambda.Id,\n SecurityGroups = new[]\n {\n sgForLambda.Id,\n },\n });\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new Aws.Efs.AccessPoint(\"access_point_for_lambda\", new()\n {\n FileSystemId = efsForLambda.Id,\n RootDirectory = new Aws.Efs.Inputs.AccessPointRootDirectoryArgs\n {\n Path = \"/lambda\",\n CreationInfo = new Aws.Efs.Inputs.AccessPointRootDirectoryCreationInfoArgs\n {\n OwnerGid = 1000,\n OwnerUid = 1000,\n Permissions = \"777\",\n },\n },\n PosixUser = new Aws.Efs.Inputs.AccessPointPosixUserArgs\n {\n Gid = 1000,\n Uid = 1000,\n },\n });\n\n // A lambda function connected to an EFS file system\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs\n {\n Arn = accessPointForLambda.Arn,\n LocalMountPath = \"/mnt/efs\",\n },\n VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs\n {\n SubnetIds = new[]\n {\n subnetForLambda.Id,\n },\n SecurityGroupIds = new[]\n {\n sgForLambda.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n alpha,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// EFS file system\n\t\tefsForLambda, err := efs.NewFileSystem(ctx, \"efs_for_lambda\", \u0026efs.FileSystemArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"efs_for_lambda\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Mount target connects the file system to the subnet\n\t\talpha, err := efs.NewMountTarget(ctx, \"alpha\", \u0026efs.MountTargetArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tSubnetId: pulumi.Any(subnetForLambda.Id),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tsgForLambda.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// EFS access point used by lambda file system\n\t\taccessPointForLambda, err := efs.NewAccessPoint(ctx, \"access_point_for_lambda\", \u0026efs.AccessPointArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tRootDirectory: \u0026efs.AccessPointRootDirectoryArgs{\n\t\t\t\tPath: pulumi.String(\"/lambda\"),\n\t\t\t\tCreationInfo: \u0026efs.AccessPointRootDirectoryCreationInfoArgs{\n\t\t\t\t\tOwnerGid: pulumi.Int(1000),\n\t\t\t\t\tOwnerUid: pulumi.Int(1000),\n\t\t\t\t\tPermissions: pulumi.String(\"777\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPosixUser: \u0026efs.AccessPointPosixUserArgs{\n\t\t\t\tGid: pulumi.Int(1000),\n\t\t\t\tUid: pulumi.Int(1000),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// A lambda function connected to an EFS file system\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tFileSystemConfig: \u0026lambda.FunctionFileSystemConfigArgs{\n\t\t\t\tArn: accessPointForLambda.Arn,\n\t\t\t\tLocalMountPath: pulumi.String(\"/mnt/efs\"),\n\t\t\t},\n\t\t\tVpcConfig: \u0026lambda.FunctionVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tsubnetForLambda.Id,\n\t\t\t\t},\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsgForLambda.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\talpha,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.efs.MountTarget;\nimport com.pulumi.aws.efs.MountTargetArgs;\nimport com.pulumi.aws.efs.AccessPoint;\nimport com.pulumi.aws.efs.AccessPointArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryCreationInfoArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointPosixUserArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionFileSystemConfigArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // EFS file system\n var efsForLambda = new FileSystem(\"efsForLambda\", FileSystemArgs.builder()\n .tags(Map.of(\"Name\", \"efs_for_lambda\"))\n .build());\n\n // Mount target connects the file system to the subnet\n var alpha = new MountTarget(\"alpha\", MountTargetArgs.builder()\n .fileSystemId(efsForLambda.id())\n .subnetId(subnetForLambda.id())\n .securityGroups(sgForLambda.id())\n .build());\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new AccessPoint(\"accessPointForLambda\", AccessPointArgs.builder()\n .fileSystemId(efsForLambda.id())\n .rootDirectory(AccessPointRootDirectoryArgs.builder()\n .path(\"/lambda\")\n .creationInfo(AccessPointRootDirectoryCreationInfoArgs.builder()\n .ownerGid(1000)\n .ownerUid(1000)\n .permissions(\"777\")\n .build())\n .build())\n .posixUser(AccessPointPosixUserArgs.builder()\n .gid(1000)\n .uid(1000)\n .build())\n .build());\n\n // A lambda function connected to an EFS file system\n var example = new Function(\"example\", FunctionArgs.builder()\n .fileSystemConfig(FunctionFileSystemConfigArgs.builder()\n .arn(accessPointForLambda.arn())\n .localMountPath(\"/mnt/efs\")\n .build())\n .vpcConfig(FunctionVpcConfigArgs.builder()\n .subnetIds(subnetForLambda.id())\n .securityGroupIds(sgForLambda.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(alpha)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # A lambda function connected to an EFS file system\n example:\n type: aws:lambda:Function\n properties:\n fileSystemConfig:\n arn: ${accessPointForLambda.arn}\n localMountPath: /mnt/efs\n vpcConfig:\n subnetIds:\n - ${subnetForLambda.id}\n securityGroupIds:\n - ${sgForLambda.id}\n options:\n dependson:\n - ${alpha}\n # EFS file system\n efsForLambda:\n type: aws:efs:FileSystem\n name: efs_for_lambda\n properties:\n tags:\n Name: efs_for_lambda\n # Mount target connects the file system to the subnet\n alpha:\n type: aws:efs:MountTarget\n properties:\n fileSystemId: ${efsForLambda.id}\n subnetId: ${subnetForLambda.id}\n securityGroups:\n - ${sgForLambda.id}\n # EFS access point used by lambda file system\n accessPointForLambda:\n type: aws:efs:AccessPoint\n name: access_point_for_lambda\n properties:\n fileSystemId: ${efsForLambda.id}\n rootDirectory:\n path: /lambda\n creationInfo:\n ownerGid: 1000\n ownerUid: 1000\n permissions: '777'\n posixUser:\n gid: 1000\n uid: 1000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda retries\n\nLambda Functions allow you to configure error handling for asynchronous invocation. The settings that it supports are `Maximum age of event` and `Retry attempts` as stated in [Lambda documentation for Configuring error handling for asynchronous invocation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-errors). To configure these settings, refer to the aws.lambda.FunctionEventInvokeConfig resource.\n\n## CloudWatch Logging and Permissions\n\nFor more information about CloudWatch Logs for Lambda, see the [Lambda User Guide](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lambdaFunctionName = config.get(\"lambdaFunctionName\") || \"lambda_function_name\";\n// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/lambda/${lambdaFunctionName}`,\n retentionInDays: 14,\n});\n// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nconst lambdaLogging = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:*\"],\n }],\n});\nconst lambdaLoggingPolicy = new aws.iam.Policy(\"lambda_logging\", {\n name: \"lambda_logging\",\n path: \"/\",\n description: \"IAM policy for logging from a lambda\",\n policy: lambdaLogging.then(lambdaLogging =\u003e lambdaLogging.json),\n});\nconst lambdaLogs = new aws.iam.RolePolicyAttachment(\"lambda_logs\", {\n role: iamForLambda.name,\n policyArn: lambdaLoggingPolicy.arn,\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n name: lambdaFunctionName,\n loggingConfig: {\n logFormat: \"Text\",\n },\n}, {\n dependsOn: [\n lambdaLogs,\n example,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlambda_function_name = config.get(\"lambdaFunctionName\")\nif lambda_function_name is None:\n lambda_function_name = \"lambda_function_name\"\n# This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n# If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/lambda/{lambda_function_name}\",\n retention_in_days=14)\n# See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nlambda_logging = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"resources\": [\"arn:aws:logs:*:*:*\"],\n}])\nlambda_logging_policy = aws.iam.Policy(\"lambda_logging\",\n name=\"lambda_logging\",\n path=\"/\",\n description=\"IAM policy for logging from a lambda\",\n policy=lambda_logging.json)\nlambda_logs = aws.iam.RolePolicyAttachment(\"lambda_logs\",\n role=iam_for_lambda[\"name\"],\n policy_arn=lambda_logging_policy.arn)\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n name=lambda_function_name,\n logging_config={\n \"log_format\": \"Text\",\n },\n opts = pulumi.ResourceOptions(depends_on=[\n lambda_logs,\n example,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lambdaFunctionName = config.Get(\"lambdaFunctionName\") ?? \"lambda_function_name\";\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/lambda/{lambdaFunctionName}\",\n RetentionInDays = 14,\n });\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n var lambdaLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:*\",\n },\n },\n },\n });\n\n var lambdaLoggingPolicy = new Aws.Iam.Policy(\"lambda_logging\", new()\n {\n Name = \"lambda_logging\",\n Path = \"/\",\n Description = \"IAM policy for logging from a lambda\",\n PolicyDocument = lambdaLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaLogs = new Aws.Iam.RolePolicyAttachment(\"lambda_logs\", new()\n {\n Role = iamForLambda.Name,\n PolicyArn = lambdaLoggingPolicy.Arn,\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Name = lambdaFunctionName,\n LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs\n {\n LogFormat = \"Text\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n lambdaLogs,\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlambdaFunctionName := \"lambda_function_name\"\n\t\tif param := cfg.Get(\"lambdaFunctionName\"); param != \"\" {\n\t\t\tlambdaFunctionName = param\n\t\t}\n\t\t// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n\t\t// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/lambda/%v\", lambdaFunctionName)),\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n\t\tlambdaLogging, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogGroup\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLoggingPolicy, err := iam.NewPolicy(ctx, \"lambda_logging\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"lambda_logging\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"IAM policy for logging from a lambda\"),\n\t\t\tPolicy: pulumi.String(lambdaLogging.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLogs, err := iam.NewRolePolicyAttachment(ctx, \"lambda_logs\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: pulumi.Any(iamForLambda.Name),\n\t\t\tPolicyArn: lambdaLoggingPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tName: pulumi.String(lambdaFunctionName),\n\t\t\tLoggingConfig: \u0026lambda.FunctionLoggingConfigArgs{\n\t\t\t\tLogFormat: pulumi.String(\"Text\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlambdaLogs,\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lambdaFunctionName = config.get(\"lambdaFunctionName\").orElse(\"lambda_function_name\");\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new LogGroup(\"example\", LogGroupArgs.builder()\n .name(String.format(\"/aws/lambda/%s\", lambdaFunctionName))\n .retentionInDays(14)\n .build());\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n final var lambdaLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:*\")\n .build())\n .build());\n\n var lambdaLoggingPolicy = new Policy(\"lambdaLoggingPolicy\", PolicyArgs.builder()\n .name(\"lambda_logging\")\n .path(\"/\")\n .description(\"IAM policy for logging from a lambda\")\n .policy(lambdaLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaLogs = new RolePolicyAttachment(\"lambdaLogs\", RolePolicyAttachmentArgs.builder()\n .role(iamForLambda.name())\n .policyArn(lambdaLoggingPolicy.arn())\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .name(lambdaFunctionName)\n .loggingConfig(FunctionLoggingConfigArgs.builder()\n .logFormat(\"Text\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n lambdaLogs,\n example)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lambdaFunctionName:\n type: string\n default: lambda_function_name\nresources:\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n name: ${lambdaFunctionName}\n loggingConfig:\n logFormat: Text\n options:\n dependson:\n - ${lambdaLogs}\n - ${example}\n # This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n # If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /aws/lambda/${lambdaFunctionName}\n retentionInDays: 14\n lambdaLoggingPolicy:\n type: aws:iam:Policy\n name: lambda_logging\n properties:\n name: lambda_logging\n path: /\n description: IAM policy for logging from a lambda\n policy: ${lambdaLogging.json}\n lambdaLogs:\n type: aws:iam:RolePolicyAttachment\n name: lambda_logs\n properties:\n role: ${iamForLambda.name}\n policyArn: ${lambdaLoggingPolicy.arn}\nvariables:\n # See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n lambdaLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Specifying the Deployment Package\n\nAWS Lambda expects source code to be provided as a deployment package whose structure varies depending on which `runtime` is in use. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for the valid values of `runtime`. The expected structure of the deployment package can be found in [the AWS Lambda documentation for each runtime](https://docs.aws.amazon.com/lambda/latest/dg/deployment-package-v2.html).\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or indirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment package via S3 it may be useful to use the `aws.s3.BucketObjectv2` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading large files efficiently.\n\n## Import\n\nUsing `pulumi import`, import Lambda Functions using the `function_name`. For example:\n\n```sh\n$ pulumi import aws:lambda/function:Function test_lambda my_test_lambda_function\n```\n", "properties": { "architectures": { "type": "array", "items": { "type": "string" }, "description": "Instruction set architecture for your Lambda function. Valid values are `[\"x86_64\"]` and `[\"arm64\"]`. Default is `[\"x86_64\"]`. Removing this attribute, function's architecture stay the same.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your Lambda Function.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "codeSha256": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "codeSigningConfigArn": { "type": "string", "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "Configuration block. Detailed below.\n" }, "ephemeralStorage": { "$ref": "#/types/aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage", "description": "The amount of Ephemeral storage(`/tmp`) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of `512`MB. Detailed below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "Configuration block. Detailed below.\n" }, "handler": { "type": "string", "description": "Function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "imageConfig": { "$ref": "#/types/aws:lambda/FunctionImageConfig:FunctionImageConfig", "description": "Configuration block. Detailed below.\n" }, "imageUri": { "type": "string", "description": "ECR image URI containing the function's deployment package. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "invokeArn": { "type": "string", "description": "ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "lastModified": { "type": "string", "description": "Date this resource was last modified.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "loggingConfig": { "$ref": "#/types/aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig", "description": "Configuration block used to specify advanced logging settings. Detailed below.\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "Unique name for your Lambda Function.\n" }, "packageType": { "type": "string", "description": "Lambda deployment package type. Valid values are `Zip` and `Image`. Defaults to `Zip`.\n" }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "qualifiedArn": { "type": "string", "description": "ARN identifying your Lambda Function Version (if versioning is enabled via `publish = true`).\n" }, "qualifiedInvokeArn": { "type": "string", "description": "Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" }, "replaceSecurityGroupsOnDestroy": { "type": "boolean", "description": "Whether to replace the security groups on the function's VPC configuration prior to destruction.\nRemoving these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.\nBy default, the security groups will be replaced with the `default` security group in the function's configured VPC.\nSet the `replacement_security_group_ids` attribute to use a custom list of security groups for replacement.\n" }, "replacementSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the function's VPC configuration prior to destruction.\n`replace_security_groups_on_destroy` must be set to `true` to use this attribute.\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "Amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.\n\nThe following arguments are optional:\n" }, "runtime": { "type": "string", "description": "Identifier of the function's runtime. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename` and `image_uri`.\n" }, "signingJobArn": { "type": "string", "description": "ARN of the signing job.\n" }, "signingProfileVersionArn": { "type": "string", "description": "ARN of the signing profile version.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.\n" }, "snapStart": { "$ref": "#/types/aws:lambda/FunctionSnapStart:FunctionSnapStart", "description": "Snap start settings block. Detailed below.\n" }, "sourceCodeHash": { "type": "string" }, "sourceCodeSize": { "type": "integer", "description": "Size in bytes of the function .zip file.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "Amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html).\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig", "description": "Configuration block. Detailed below.\n" }, "version": { "type": "string", "description": "Latest published version of your Lambda Function.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "required": [ "architectures", "arn", "codeSha256", "ephemeralStorage", "name", "invokeArn", "lastModified", "loggingConfig", "qualifiedArn", "qualifiedInvokeArn", "role", "signingJobArn", "signingProfileVersionArn", "sourceCodeHash", "sourceCodeSize", "tagsAll", "tracingConfig", "version" ], "inputProperties": { "architectures": { "type": "array", "items": { "type": "string" }, "description": "Instruction set architecture for your Lambda function. Valid values are `[\"x86_64\"]` and `[\"arm64\"]`. Default is `[\"x86_64\"]`. Removing this attribute, function's architecture stay the same.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "codeSigningConfigArn": { "type": "string", "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "Configuration block. Detailed below.\n" }, "ephemeralStorage": { "$ref": "#/types/aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage", "description": "The amount of Ephemeral storage(`/tmp`) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of `512`MB. Detailed below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "Configuration block. Detailed below.\n" }, "handler": { "type": "string", "description": "Function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "imageConfig": { "$ref": "#/types/aws:lambda/FunctionImageConfig:FunctionImageConfig", "description": "Configuration block. Detailed below.\n" }, "imageUri": { "type": "string", "description": "ECR image URI containing the function's deployment package. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "loggingConfig": { "$ref": "#/types/aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig", "description": "Configuration block used to specify advanced logging settings. Detailed below.\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "Unique name for your Lambda Function.\n", "willReplaceOnChanges": true }, "packageType": { "type": "string", "description": "Lambda deployment package type. Valid values are `Zip` and `Image`. Defaults to `Zip`.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "replaceSecurityGroupsOnDestroy": { "type": "boolean", "description": "Whether to replace the security groups on the function's VPC configuration prior to destruction.\nRemoving these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.\nBy default, the security groups will be replaced with the `default` security group in the function's configured VPC.\nSet the `replacement_security_group_ids` attribute to use a custom list of security groups for replacement.\n" }, "replacementSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the function's VPC configuration prior to destruction.\n`replace_security_groups_on_destroy` must be set to `true` to use this attribute.\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "Amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.\n\nThe following arguments are optional:\n" }, "runtime": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/Runtime:Runtime" } ], "description": "Identifier of the function's runtime. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename` and `image_uri`.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.\n" }, "snapStart": { "$ref": "#/types/aws:lambda/FunctionSnapStart:FunctionSnapStart", "description": "Snap start settings block. Detailed below.\n" }, "sourceCodeHash": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeout": { "type": "integer", "description": "Amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html).\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig", "description": "Configuration block. Detailed below.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "requiredInputs": [ "role" ], "stateInputs": { "description": "Input properties used for looking up and filtering Function resources.\n", "properties": { "architectures": { "type": "array", "items": { "type": "string" }, "description": "Instruction set architecture for your Lambda function. Valid values are `[\"x86_64\"]` and `[\"arm64\"]`. Default is `[\"x86_64\"]`. Removing this attribute, function's architecture stay the same.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) identifying your Lambda Function.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "codeSha256": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "codeSigningConfigArn": { "type": "string", "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/FunctionDeadLetterConfig:FunctionDeadLetterConfig", "description": "Configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Function does.\n" }, "environment": { "$ref": "#/types/aws:lambda/FunctionEnvironment:FunctionEnvironment", "description": "Configuration block. Detailed below.\n" }, "ephemeralStorage": { "$ref": "#/types/aws:lambda/FunctionEphemeralStorage:FunctionEphemeralStorage", "description": "The amount of Ephemeral storage(`/tmp`) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of `512`MB. Detailed below.\n" }, "fileSystemConfig": { "$ref": "#/types/aws:lambda/FunctionFileSystemConfig:FunctionFileSystemConfig", "description": "Configuration block. Detailed below.\n" }, "handler": { "type": "string", "description": "Function [entrypoint](https://docs.aws.amazon.com/lambda/latest/dg/walkthrough-custom-events-create-test-function.html) in your code.\n" }, "imageConfig": { "$ref": "#/types/aws:lambda/FunctionImageConfig:FunctionImageConfig", "description": "Configuration block. Detailed below.\n" }, "imageUri": { "type": "string", "description": "ECR image URI containing the function's deployment package. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified.\n" }, "invokeArn": { "type": "string", "description": "ARN to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.\n" }, "lastModified": { "type": "string", "description": "Date this resource was last modified.\n" }, "layers": { "type": "array", "items": { "type": "string" }, "description": "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\n" }, "loggingConfig": { "$ref": "#/types/aws:lambda/FunctionLoggingConfig:FunctionLoggingConfig", "description": "Configuration block used to specify advanced logging settings. Detailed below.\n" }, "memorySize": { "type": "integer", "description": "Amount of memory in MB your Lambda Function can use at runtime. Defaults to `128`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)\n" }, "name": { "type": "string", "description": "Unique name for your Lambda Function.\n", "willReplaceOnChanges": true }, "packageType": { "type": "string", "description": "Lambda deployment package type. Valid values are `Zip` and `Image`. Defaults to `Zip`.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Whether to publish creation/change as new Lambda Function Version. Defaults to `false`.\n" }, "qualifiedArn": { "type": "string", "description": "ARN identifying your Lambda Function Version (if versioning is enabled via `publish = true`).\n" }, "qualifiedInvokeArn": { "type": "string", "description": "Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in `aws.apigateway.Integration`'s `uri`.\n" }, "replaceSecurityGroupsOnDestroy": { "type": "boolean", "description": "Whether to replace the security groups on the function's VPC configuration prior to destruction.\nRemoving these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.\nBy default, the security groups will be replaced with the `default` security group in the function's configured VPC.\nSet the `replacement_security_group_ids` attribute to use a custom list of security groups for replacement.\n" }, "replacementSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the function's VPC configuration prior to destruction.\n`replace_security_groups_on_destroy` must be set to `true` to use this attribute.\n" }, "reservedConcurrentExecutions": { "type": "integer", "description": "Amount of reserved concurrent executions for this lambda function. A value of `0` disables lambda from being triggered and `-1` removes any concurrency limitations. Defaults to Unreserved Concurrency Limits `-1`. See [Managing Concurrency](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html)\n" }, "role": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.\n\nThe following arguments are optional:\n" }, "runtime": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/Runtime:Runtime" } ], "description": "Identifier of the function's runtime. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for valid values.\n" }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of `filename`, `image_uri`, or `s3_bucket` must be specified. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. When `s3_bucket` is set, `s3_key` is required.\n" }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename` and `image_uri`.\n" }, "signingJobArn": { "type": "string", "description": "ARN of the signing job.\n" }, "signingProfileVersionArn": { "type": "string", "description": "ARN of the signing profile version.\n" }, "skipDestroy": { "type": "boolean", "description": "Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.\n" }, "snapStart": { "$ref": "#/types/aws:lambda/FunctionSnapStart:FunctionSnapStart", "description": "Snap start settings block. Detailed below.\n" }, "sourceCodeHash": { "type": "string" }, "sourceCodeSize": { "type": "integer", "description": "Size in bytes of the function .zip file.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeout": { "type": "integer", "description": "Amount of time your Lambda Function has to run in seconds. Defaults to `3`. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html).\n" }, "tracingConfig": { "$ref": "#/types/aws:lambda/FunctionTracingConfig:FunctionTracingConfig", "description": "Configuration block. Detailed below.\n" }, "version": { "type": "string", "description": "Latest published version of your Lambda Function.\n" }, "vpcConfig": { "$ref": "#/types/aws:lambda/FunctionVpcConfig:FunctionVpcConfig", "description": "Configuration block. Detailed below.\n" } }, "type": "object" } }, "aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig": { "description": "Manages an asynchronous invocation configuration for a Lambda Function or Alias. More information about asynchronous invocations and the configurable values can be found in the [Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html).\n\n## Example Usage\n\n### Destination Configuration\n\n\u003e **NOTE:** Ensure the Lambda Function IAM Role has necessary permissions for the destination, such as `sqs:SendMessage` or `sns:Publish`, otherwise the API will return a generic `InvalidParameterValueException: The destination ARN arn:PARTITION:SERVICE:REGION:ACCOUNT:RESOURCE is invalid.` error.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: exampleAwsLambdaAlias.functionName,\n destinationConfig: {\n onFailure: {\n destination: exampleAwsSqsQueue.arn,\n },\n onSuccess: {\n destination: exampleAwsSnsTopic.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=example_aws_lambda_alias[\"functionName\"],\n destination_config={\n \"on_failure\": {\n \"destination\": example_aws_sqs_queue[\"arn\"],\n },\n \"on_success\": {\n \"destination\": example_aws_sns_topic[\"arn\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaAlias.FunctionName,\n DestinationConfig = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigArgs\n {\n OnFailure = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs\n {\n Destination = exampleAwsSqsQueue.Arn,\n },\n OnSuccess = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs\n {\n Destination = exampleAwsSnsTopic.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaAlias.FunctionName),\n\t\t\tDestinationConfig: \u0026lambda.FunctionEventInvokeConfigDestinationConfigArgs{\n\t\t\t\tOnFailure: \u0026lambda.FunctionEventInvokeConfigDestinationConfigOnFailureArgs{\n\t\t\t\t\tDestination: pulumi.Any(exampleAwsSqsQueue.Arn),\n\t\t\t\t},\n\t\t\t\tOnSuccess: \u0026lambda.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs{\n\t\t\t\t\tDestination: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfig;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FunctionEventInvokeConfig(\"example\", FunctionEventInvokeConfigArgs.builder()\n .functionName(exampleAwsLambdaAlias.functionName())\n .destinationConfig(FunctionEventInvokeConfigDestinationConfigArgs.builder()\n .onFailure(FunctionEventInvokeConfigDestinationConfigOnFailureArgs.builder()\n .destination(exampleAwsSqsQueue.arn())\n .build())\n .onSuccess(FunctionEventInvokeConfigDestinationConfigOnSuccessArgs.builder()\n .destination(exampleAwsSnsTopic.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:FunctionEventInvokeConfig\n properties:\n functionName: ${exampleAwsLambdaAlias.functionName}\n destinationConfig:\n onFailure:\n destination: ${exampleAwsSqsQueue.arn}\n onSuccess:\n destination: ${exampleAwsSnsTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Error Handling Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: exampleAwsLambdaAlias.functionName,\n maximumEventAgeInSeconds: 60,\n maximumRetryAttempts: 0,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=example_aws_lambda_alias[\"functionName\"],\n maximum_event_age_in_seconds=60,\n maximum_retry_attempts=0)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaAlias.FunctionName,\n MaximumEventAgeInSeconds = 60,\n MaximumRetryAttempts = 0,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaAlias.FunctionName),\n\t\t\tMaximumEventAgeInSeconds: pulumi.Int(60),\n\t\t\tMaximumRetryAttempts: pulumi.Int(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfig;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FunctionEventInvokeConfig(\"example\", FunctionEventInvokeConfigArgs.builder()\n .functionName(exampleAwsLambdaAlias.functionName())\n .maximumEventAgeInSeconds(60)\n .maximumRetryAttempts(0)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:FunctionEventInvokeConfig\n properties:\n functionName: ${exampleAwsLambdaAlias.functionName}\n maximumEventAgeInSeconds: 60\n maximumRetryAttempts: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration for Alias Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: exampleAwsLambdaAlias.functionName,\n qualifier: exampleAwsLambdaAlias.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=example_aws_lambda_alias[\"functionName\"],\n qualifier=example_aws_lambda_alias[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaAlias.FunctionName,\n Qualifier = exampleAwsLambdaAlias.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaAlias.FunctionName),\n\t\t\tQualifier: pulumi.Any(exampleAwsLambdaAlias.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfig;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FunctionEventInvokeConfig(\"example\", FunctionEventInvokeConfigArgs.builder()\n .functionName(exampleAwsLambdaAlias.functionName())\n .qualifier(exampleAwsLambdaAlias.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:FunctionEventInvokeConfig\n properties:\n functionName: ${exampleAwsLambdaAlias.functionName}\n qualifier: ${exampleAwsLambdaAlias.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration for Function Latest Unpublished Version\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n qualifier: \"$LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n qualifier=\"$LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Qualifier = \"$LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tQualifier: pulumi.String(\"$LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfig;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FunctionEventInvokeConfig(\"example\", FunctionEventInvokeConfigArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .qualifier(\"$LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:FunctionEventInvokeConfig\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n qualifier: $LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration for Function Published Version\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.FunctionEventInvokeConfig(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n qualifier: exampleAwsLambdaFunction.version,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.FunctionEventInvokeConfig(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n qualifier=example_aws_lambda_function[\"version\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.FunctionEventInvokeConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Qualifier = exampleAwsLambdaFunction.Version,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionEventInvokeConfig(ctx, \"example\", \u0026lambda.FunctionEventInvokeConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tQualifier: pulumi.Any(exampleAwsLambdaFunction.Version),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfig;\nimport com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FunctionEventInvokeConfig(\"example\", FunctionEventInvokeConfigArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .qualifier(exampleAwsLambdaFunction.version())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:FunctionEventInvokeConfig\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n qualifier: ${exampleAwsLambdaFunction.version}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nARN with qualifier:\n\nName without qualifier (all versions and aliases):\n\nName with qualifier:\n\n__Using `pulumi import` to import__ Lambda Function Event Invoke Configs using the fully qualified Function name or Amazon Resource Name (ARN). For example:\n\nARN without qualifier (all versions and aliases):\n\n```sh\n$ pulumi import aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig example arn:aws:us-east-1:123456789012:function:my_function\n```\nARN with qualifier:\n\n```sh\n$ pulumi import aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig example arn:aws:us-east-1:123456789012:function:my_function:production\n```\nName without qualifier (all versions and aliases):\n\n```sh\n$ pulumi import aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig example my_function\n```\nName with qualifier:\n\n```sh\n$ pulumi import aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig example my_function:production\n```\n", "properties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n\nThe following arguments are optional:\n" }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n" } }, "required": [ "functionName" ], "inputProperties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering FunctionEventInvokeConfig resources.\n", "properties": { "destinationConfig": { "$ref": "#/types/aws:lambda/FunctionEventInvokeConfigDestinationConfig:FunctionEventInvokeConfigDestinationConfig", "description": "Configuration block with destination configuration. See below for details.\n" }, "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function, omitting any version or alias qualifier.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "maximumEventAgeInSeconds": { "type": "integer", "description": "Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600.\n" }, "maximumRetryAttempts": { "type": "integer", "description": "Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2.\n" }, "qualifier": { "type": "string", "description": "Lambda Function published version, `$LATEST`, or Lambda Alias name.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lambda/functionUrl:FunctionUrl": { "description": "Provides a Lambda function URL resource. A function URL is a dedicated HTTP(S) endpoint for a Lambda function.\n\nSee the [AWS Lambda documentation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testLatest = new aws.lambda.FunctionUrl(\"test_latest\", {\n functionName: test.functionName,\n authorizationType: \"NONE\",\n});\nconst testLive = new aws.lambda.FunctionUrl(\"test_live\", {\n functionName: test.functionName,\n qualifier: \"my_alias\",\n authorizationType: \"AWS_IAM\",\n cors: {\n allowCredentials: true,\n allowOrigins: [\"*\"],\n allowMethods: [\"*\"],\n allowHeaders: [\n \"date\",\n \"keep-alive\",\n ],\n exposeHeaders: [\n \"keep-alive\",\n \"date\",\n ],\n maxAge: 86400,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_latest = aws.lambda_.FunctionUrl(\"test_latest\",\n function_name=test[\"functionName\"],\n authorization_type=\"NONE\")\ntest_live = aws.lambda_.FunctionUrl(\"test_live\",\n function_name=test[\"functionName\"],\n qualifier=\"my_alias\",\n authorization_type=\"AWS_IAM\",\n cors={\n \"allow_credentials\": True,\n \"allow_origins\": [\"*\"],\n \"allow_methods\": [\"*\"],\n \"allow_headers\": [\n \"date\",\n \"keep-alive\",\n ],\n \"expose_headers\": [\n \"keep-alive\",\n \"date\",\n ],\n \"max_age\": 86400,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testLatest = new Aws.Lambda.FunctionUrl(\"test_latest\", new()\n {\n FunctionName = test.FunctionName,\n AuthorizationType = \"NONE\",\n });\n\n var testLive = new Aws.Lambda.FunctionUrl(\"test_live\", new()\n {\n FunctionName = test.FunctionName,\n Qualifier = \"my_alias\",\n AuthorizationType = \"AWS_IAM\",\n Cors = new Aws.Lambda.Inputs.FunctionUrlCorsArgs\n {\n AllowCredentials = true,\n AllowOrigins = new[]\n {\n \"*\",\n },\n AllowMethods = new[]\n {\n \"*\",\n },\n AllowHeaders = new[]\n {\n \"date\",\n \"keep-alive\",\n },\n ExposeHeaders = new[]\n {\n \"keep-alive\",\n \"date\",\n },\n MaxAge = 86400,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionUrl(ctx, \"test_latest\", \u0026lambda.FunctionUrlArgs{\n\t\t\tFunctionName: pulumi.Any(test.FunctionName),\n\t\t\tAuthorizationType: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunctionUrl(ctx, \"test_live\", \u0026lambda.FunctionUrlArgs{\n\t\t\tFunctionName: pulumi.Any(test.FunctionName),\n\t\t\tQualifier: pulumi.String(\"my_alias\"),\n\t\t\tAuthorizationType: pulumi.String(\"AWS_IAM\"),\n\t\t\tCors: \u0026lambda.FunctionUrlCorsArgs{\n\t\t\t\tAllowCredentials: pulumi.Bool(true),\n\t\t\t\tAllowOrigins: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t},\n\t\t\t\tAllowMethods: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t},\n\t\t\t\tAllowHeaders: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"date\"),\n\t\t\t\t\tpulumi.String(\"keep-alive\"),\n\t\t\t\t},\n\t\t\t\tExposeHeaders: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"keep-alive\"),\n\t\t\t\t\tpulumi.String(\"date\"),\n\t\t\t\t},\n\t\t\t\tMaxAge: pulumi.Int(86400),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionUrl;\nimport com.pulumi.aws.lambda.FunctionUrlArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionUrlCorsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testLatest = new FunctionUrl(\"testLatest\", FunctionUrlArgs.builder()\n .functionName(test.functionName())\n .authorizationType(\"NONE\")\n .build());\n\n var testLive = new FunctionUrl(\"testLive\", FunctionUrlArgs.builder()\n .functionName(test.functionName())\n .qualifier(\"my_alias\")\n .authorizationType(\"AWS_IAM\")\n .cors(FunctionUrlCorsArgs.builder()\n .allowCredentials(true)\n .allowOrigins(\"*\")\n .allowMethods(\"*\")\n .allowHeaders( \n \"date\",\n \"keep-alive\")\n .exposeHeaders( \n \"keep-alive\",\n \"date\")\n .maxAge(86400)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testLatest:\n type: aws:lambda:FunctionUrl\n name: test_latest\n properties:\n functionName: ${test.functionName}\n authorizationType: NONE\n testLive:\n type: aws:lambda:FunctionUrl\n name: test_live\n properties:\n functionName: ${test.functionName}\n qualifier: my_alias\n authorizationType: AWS_IAM\n cors:\n allowCredentials: true\n allowOrigins:\n - '*'\n allowMethods:\n - '*'\n allowHeaders:\n - date\n - keep-alive\n exposeHeaders:\n - keep-alive\n - date\n maxAge: 86400\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda function URLs using the `function_name` or `function_name/qualifier`. For example:\n\n```sh\n$ pulumi import aws:lambda/functionUrl:FunctionUrl test_lambda_url my_test_lambda_function\n```\n", "properties": { "authorizationType": { "type": "string", "description": "The type of authentication that the function URL uses. Set to `\"AWS_IAM\"` to restrict access to authenticated IAM users only. Set to `\"NONE\"` to bypass IAM authentication and create a public endpoint. See the [AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) for more details.\n" }, "cors": { "$ref": "#/types/aws:lambda/FunctionUrlCors:FunctionUrlCors", "description": "The [cross-origin resource sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for the function URL. Documented below.\n" }, "functionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the function.\n" }, "functionName": { "type": "string", "description": "The name (or ARN) of the Lambda function.\n" }, "functionUrl": { "type": "string", "description": "The HTTP URL endpoint for the function in the format `https://\u003curl_id\u003e.lambda-url.\u003cregion\u003e.on.aws/`.\n", "language": { "csharp": { "name": "FunctionUrlResult" } } }, "invokeMode": { "type": "string", "description": "Determines how the Lambda function responds to an invocation. Valid values are `BUFFERED` (default) and `RESPONSE_STREAM`. See more in [Configuring a Lambda function to stream responses](https://docs.aws.amazon.com/lambda/latest/dg/configuration-response-streaming.html).\n" }, "qualifier": { "type": "string", "description": "The alias name or `\"$LATEST\"`.\n" }, "urlId": { "type": "string", "description": "A generated ID for the endpoint.\n" } }, "required": [ "authorizationType", "functionArn", "functionName", "functionUrl", "urlId" ], "inputProperties": { "authorizationType": { "type": "string", "description": "The type of authentication that the function URL uses. Set to `\"AWS_IAM\"` to restrict access to authenticated IAM users only. Set to `\"NONE\"` to bypass IAM authentication and create a public endpoint. See the [AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) for more details.\n" }, "cors": { "$ref": "#/types/aws:lambda/FunctionUrlCors:FunctionUrlCors", "description": "The [cross-origin resource sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for the function URL. Documented below.\n" }, "functionName": { "type": "string", "description": "The name (or ARN) of the Lambda function.\n", "willReplaceOnChanges": true }, "invokeMode": { "type": "string", "description": "Determines how the Lambda function responds to an invocation. Valid values are `BUFFERED` (default) and `RESPONSE_STREAM`. See more in [Configuring a Lambda function to stream responses](https://docs.aws.amazon.com/lambda/latest/dg/configuration-response-streaming.html).\n" }, "qualifier": { "type": "string", "description": "The alias name or `\"$LATEST\"`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authorizationType", "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering FunctionUrl resources.\n", "properties": { "authorizationType": { "type": "string", "description": "The type of authentication that the function URL uses. Set to `\"AWS_IAM\"` to restrict access to authenticated IAM users only. Set to `\"NONE\"` to bypass IAM authentication and create a public endpoint. See the [AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) for more details.\n" }, "cors": { "$ref": "#/types/aws:lambda/FunctionUrlCors:FunctionUrlCors", "description": "The [cross-origin resource sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for the function URL. Documented below.\n" }, "functionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the function.\n" }, "functionName": { "type": "string", "description": "The name (or ARN) of the Lambda function.\n", "willReplaceOnChanges": true }, "functionUrl": { "type": "string", "description": "The HTTP URL endpoint for the function in the format `https://\u003curl_id\u003e.lambda-url.\u003cregion\u003e.on.aws/`.\n", "language": { "csharp": { "name": "FunctionUrlResult" } } }, "invokeMode": { "type": "string", "description": "Determines how the Lambda function responds to an invocation. Valid values are `BUFFERED` (default) and `RESPONSE_STREAM`. See more in [Configuring a Lambda function to stream responses](https://docs.aws.amazon.com/lambda/latest/dg/configuration-response-streaming.html).\n" }, "qualifier": { "type": "string", "description": "The alias name or `\"$LATEST\"`.\n", "willReplaceOnChanges": true }, "urlId": { "type": "string", "description": "A generated ID for the endpoint.\n" } }, "type": "object" } }, "aws:lambda/invocation:Invocation": { "description": "Use this resource to invoke a lambda function. The lambda function is invoked with the [RequestResponse](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) invocation type.\n\n\u003e **NOTE:** By default this resource _only_ invokes the function when the arguments call for a create or replace. In other words, after an initial invocation on _apply_, if the arguments do not change, a subsequent _apply_ does not invoke the function again. To dynamically invoke the function, see the `triggers` example below. To always invoke a function on each _apply_, see the `aws.lambda.Invocation` data source. To invoke the lambda function when the Pulumi resource is updated and deleted, see the CRUD Lifecycle Scope example below.\n\n\u003e **NOTE:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking an `aws.lambda.Function` with environment variables, the IAM role associated with the function may have been deleted and recreated _after_ the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to `taint` the function and `apply` your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n## Example Usage\n\n### Dynamic Invocation Example Using Triggers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: lambdaFunctionTest.functionName,\n triggers: {\n redeployment: std.sha1({\n input: JSON.stringify([exampleAwsLambdaFunction.environment]),\n }).then(invoke =\u003e invoke.result),\n },\n input: JSON.stringify({\n key1: \"value1\",\n key2: \"value2\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=lambda_function_test[\"functionName\"],\n triggers={\n \"redeployment\": std.sha1(input=json.dumps([example_aws_lambda_function[\"environment\"]])).result,\n },\n input=json.dumps({\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = lambdaFunctionTest.FunctionName,\n Triggers = \n {\n { \"redeployment\", Std.Sha1.Invoke(new()\n {\n Input = JsonSerializer.Serialize(new[]\n {\n exampleAwsLambdaFunction.Environment,\n }),\n }).Apply(invoke =\u003e invoke.Result) },\n },\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"key1\"] = \"value1\",\n [\"key2\"] = \"value2\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]interface{}{\n\t\t\texampleAwsLambdaFunction.Environment,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tinvokeSha1, err := std.Sha1(ctx, \u0026std.Sha1Args{\n\t\t\tInput: json0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"key1\": \"value1\",\n\t\t\t\"key2\": \"value2\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(lambdaFunctionTest.FunctionName),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"redeployment\": pulumi.String(invokeSha1.Result),\n\t\t\t},\n\t\t\tInput: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(lambdaFunctionTest.functionName())\n .triggers(Map.of(\"redeployment\", StdFunctions.sha1(Sha1Args.builder()\n .input(serializeJson(\n jsonArray(exampleAwsLambdaFunction.environment())))\n .build()).result()))\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"key1\", \"value1\"),\n jsonProperty(\"key2\", \"value2\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${lambdaFunctionTest.functionName}\n triggers:\n redeployment:\n fn::invoke:\n Function: std:sha1\n Arguments:\n input:\n fn::toJSON:\n - ${exampleAwsLambdaFunction.environment}\n Return: result\n input:\n fn::toJSON:\n key1: value1\n key2: value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CRUD Lifecycle Scope\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: lambdaFunctionTest.functionName,\n input: JSON.stringify({\n key1: \"value1\",\n key2: \"value2\",\n }),\n lifecycleScope: \"CRUD\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=lambda_function_test[\"functionName\"],\n input=json.dumps({\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n }),\n lifecycle_scope=\"CRUD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = lambdaFunctionTest.FunctionName,\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"key1\"] = \"value1\",\n [\"key2\"] = \"value2\",\n }),\n LifecycleScope = \"CRUD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"key1\": \"value1\",\n\t\t\t\"key2\": \"value2\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(lambdaFunctionTest.FunctionName),\n\t\t\tInput: pulumi.String(json0),\n\t\t\tLifecycleScope: pulumi.String(\"CRUD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(lambdaFunctionTest.functionName())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"key1\", \"value1\"),\n jsonProperty(\"key2\", \"value2\")\n )))\n .lifecycleScope(\"CRUD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${lambdaFunctionTest.functionName}\n input:\n fn::toJSON:\n key1: value1\n key2: value2\n lifecycleScope: CRUD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** `lifecycle_scope = \"CRUD\"` will inject a key `tf` in the input event to pass lifecycle information! This allows the lambda function to handle different lifecycle transitions uniquely. If you need to use a key `tf` in your own input JSON, the default key name can be overridden with the `pulumi_key` argument.\n\nThe key `tf` gets added with subkeys:\n\n* `action` - Action Pulumi performs on the resource. Values are `create`, `update`, or `delete`.\n* `prev_input` - Input JSON payload from the previous invocation. This can be used to handle update and delete events.\n\nWhen the resource from the example above is created, the Lambda will get following JSON payload:\n\n```json\n{\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n \"tf\": {\n \"action\": \"create\",\n \"prev_input\": null\n }\n}\n```\n\nIf the input value of `key1` changes to \"valueB\", then the lambda will be invoked again with the following JSON payload:\n\n```json\n{\n \"key1\": \"valueB\",\n \"key2\": \"value2\",\n \"tf\": {\n \"action\": \"update\",\n \"prev_input\": {\n \"key1\": \"value1\",\n \"key2\": \"value2\"\n }\n }\n}\n```\n\nWhen the invocation resource is removed, the final invocation will have the following JSON payload:\n\n```json\n{\n \"key1\": \"valueB\",\n \"key2\": \"value2\",\n \"tf\": {\n \"action\": \"delete\",\n \"prev_input\": {\n \"key1\": \"valueB\",\n \"key2\": \"value2\"\n }\n }\n}\n```\n", "properties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n" }, "input": { "type": "string", "description": "JSON payload to the lambda function.\n\nThe following arguments are optional:\n" }, "lifecycleScope": { "type": "string", "description": "Lifecycle scope of the resource to manage. Valid values are `CREATE_ONLY` and `CRUD`. Defaults to `CREATE_ONLY`. `CREATE_ONLY` will invoke the function only on creation or replacement. `CRUD` will invoke the function on each lifecycle event, and augment the input JSON payload with additional lifecycle information.\n" }, "qualifier": { "type": "string", "description": "Qualifier (i.e., version) of the lambda function. Defaults to `$LATEST`.\n" }, "result": { "type": "string", "description": "String result of the lambda function invocation.\n" }, "terraformKey": { "type": "string" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a re-invocation.\n" } }, "required": [ "functionName", "input", "result" ], "inputProperties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n", "willReplaceOnChanges": true }, "input": { "type": "string", "description": "JSON payload to the lambda function.\n\nThe following arguments are optional:\n" }, "lifecycleScope": { "type": "string", "description": "Lifecycle scope of the resource to manage. Valid values are `CREATE_ONLY` and `CRUD`. Defaults to `CREATE_ONLY`. `CREATE_ONLY` will invoke the function only on creation or replacement. `CRUD` will invoke the function on each lifecycle event, and augment the input JSON payload with additional lifecycle information.\n" }, "qualifier": { "type": "string", "description": "Qualifier (i.e., version) of the lambda function. Defaults to `$LATEST`.\n", "willReplaceOnChanges": true }, "terraformKey": { "type": "string" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a re-invocation.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "functionName", "input" ], "stateInputs": { "description": "Input properties used for looking up and filtering Invocation resources.\n", "properties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n", "willReplaceOnChanges": true }, "input": { "type": "string", "description": "JSON payload to the lambda function.\n\nThe following arguments are optional:\n" }, "lifecycleScope": { "type": "string", "description": "Lifecycle scope of the resource to manage. Valid values are `CREATE_ONLY` and `CRUD`. Defaults to `CREATE_ONLY`. `CREATE_ONLY` will invoke the function only on creation or replacement. `CRUD` will invoke the function on each lifecycle event, and augment the input JSON payload with additional lifecycle information.\n" }, "qualifier": { "type": "string", "description": "Qualifier (i.e., version) of the lambda function. Defaults to `$LATEST`.\n", "willReplaceOnChanges": true }, "result": { "type": "string", "description": "String result of the lambda function invocation.\n" }, "terraformKey": { "type": "string" }, "triggers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of arbitrary keys and values that, when changed, will trigger a re-invocation.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lambda/layerVersion:LayerVersion": { "description": "Provides a Lambda Layer Version resource. Lambda Layers allow you to reuse shared bits of code across multiple lambda functions.\n\nFor information about Lambda Layers and how to use them, see [AWS Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html).\n\n\u003e **NOTE:** Setting `skip_destroy` to `true` means that the AWS Provider will _not_ destroy any layer version, even when running destroy. Layer versions are thus intentional dangling resources that are _not_ managed by the provider and may incur extra expense in your AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambdaLayer = new aws.lambda.LayerVersion(\"lambda_layer\", {\n code: new pulumi.asset.FileArchive(\"lambda_layer_payload.zip\"),\n layerName: \"lambda_layer_name\",\n compatibleRuntimes: [\"nodejs16.x\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_layer = aws.lambda_.LayerVersion(\"lambda_layer\",\n code=pulumi.FileArchive(\"lambda_layer_payload.zip\"),\n layer_name=\"lambda_layer_name\",\n compatible_runtimes=[\"nodejs16.x\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambdaLayer = new Aws.Lambda.LayerVersion(\"lambda_layer\", new()\n {\n Code = new FileArchive(\"lambda_layer_payload.zip\"),\n LayerName = \"lambda_layer_name\",\n CompatibleRuntimes = new[]\n {\n \"nodejs16.x\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewLayerVersion(ctx, \"lambda_layer\", \u0026lambda.LayerVersionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_layer_payload.zip\"),\n\t\t\tLayerName: pulumi.String(\"lambda_layer_name\"),\n\t\t\tCompatibleRuntimes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"nodejs16.x\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LayerVersion;\nimport com.pulumi.aws.lambda.LayerVersionArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambdaLayer = new LayerVersion(\"lambdaLayer\", LayerVersionArgs.builder()\n .code(new FileArchive(\"lambda_layer_payload.zip\"))\n .layerName(\"lambda_layer_name\")\n .compatibleRuntimes(\"nodejs16.x\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambdaLayer:\n type: aws:lambda:LayerVersion\n name: lambda_layer\n properties:\n code:\n fn::FileArchive: lambda_layer_payload.zip\n layerName: lambda_layer_name\n compatibleRuntimes:\n - nodejs16.x\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Specifying the Deployment Package\n\nAWS Lambda Layers expect source code to be provided as a deployment package whose structure varies depending on which `compatible_runtimes` this layer specifies.\nSee [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) for the valid values of `compatible_runtimes`.\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or\nindirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment\npackage via S3 it may be useful to use the `aws.s3.BucketObjectv2` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading large files efficiently.\n\n## Import\n\nUsing `pulumi import`, import Lambda Layers using `arn`. For example:\n\n```sh\n$ pulumi import aws:lambda/layerVersion:LayerVersion test_layer arn:aws:lambda:_REGION_:_ACCOUNT_ID_:layer:_LAYER_NAME_:_LAYER_VERSION_\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Lambda Layer with version.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n" }, "codeSha256": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "compatibleArchitectures": { "type": "array", "items": { "type": "string" }, "description": "List of [Architectures](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleArchitectures) this layer is compatible with. Currently `x86_64` and `arm64` can be specified.\n" }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "List of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 15 runtimes can be specified.\n" }, "createdDate": { "type": "string", "description": "Date this resource was created.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n" }, "layerArn": { "type": "string", "description": "ARN of the Lambda Layer without version.\n" }, "layerName": { "type": "string", "description": "Unique name for your Lambda Layer\n\nThe following arguments are optional:\n" }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n" }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n" }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n" }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename`.\n" }, "signingJobArn": { "type": "string", "description": "ARN of a signing job.\n" }, "signingProfileVersionArn": { "type": "string", "description": "ARN for a signing profile version.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n" }, "sourceCodeHash": { "type": "string" }, "sourceCodeSize": { "type": "integer", "description": "Size in bytes of the function .zip file.\n" }, "version": { "type": "string", "description": "Lambda Layer version.\n" } }, "required": [ "arn", "codeSha256", "createdDate", "layerArn", "layerName", "signingJobArn", "signingProfileVersionArn", "sourceCodeHash", "sourceCodeSize", "version" ], "inputProperties": { "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n", "willReplaceOnChanges": true }, "compatibleArchitectures": { "type": "array", "items": { "type": "string" }, "description": "List of [Architectures](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleArchitectures) this layer is compatible with. Currently `x86_64` and `arm64` can be specified.\n", "willReplaceOnChanges": true }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "List of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 15 runtimes can be specified.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n", "willReplaceOnChanges": true }, "layerName": { "type": "string", "description": "Unique name for your Lambda Layer\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n", "willReplaceOnChanges": true }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n", "willReplaceOnChanges": true }, "sourceCodeHash": { "type": "string", "willReplaceOnChanges": true } }, "requiredInputs": [ "layerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LayerVersion resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Lambda Layer with version.\n" }, "code": { "$ref": "pulumi.json#/Archive", "description": "Path to the function's deployment package within the local filesystem. If defined, The `s3_`-prefixed options cannot be used.\n", "willReplaceOnChanges": true }, "codeSha256": { "type": "string", "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n" }, "compatibleArchitectures": { "type": "array", "items": { "type": "string" }, "description": "List of [Architectures](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleArchitectures) this layer is compatible with. Currently `x86_64` and `arm64` can be specified.\n", "willReplaceOnChanges": true }, "compatibleRuntimes": { "type": "array", "items": { "type": "string" }, "description": "List of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-CompatibleRuntimes) this layer is compatible with. Up to 15 runtimes can be specified.\n", "willReplaceOnChanges": true }, "createdDate": { "type": "string", "description": "Date this resource was created.\n" }, "description": { "type": "string", "description": "Description of what your Lambda Layer does.\n", "willReplaceOnChanges": true }, "layerArn": { "type": "string", "description": "ARN of the Lambda Layer without version.\n" }, "layerName": { "type": "string", "description": "Unique name for your Lambda Layer\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "licenseInfo": { "type": "string", "description": "License info for your Lambda Layer. See [License Info](https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html#SSS-PublishLayerVersion-request-LicenseInfo).\n", "willReplaceOnChanges": true }, "s3Bucket": { "type": "string", "description": "S3 bucket location containing the function's deployment package. Conflicts with `filename`. This bucket must reside in the same AWS region where you are creating the Lambda function.\n", "willReplaceOnChanges": true }, "s3Key": { "type": "string", "description": "S3 key of an object containing the function's deployment package. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "s3ObjectVersion": { "type": "string", "description": "Object version containing the function's deployment package. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "signingJobArn": { "type": "string", "description": "ARN of a signing job.\n" }, "signingProfileVersionArn": { "type": "string", "description": "ARN for a signing profile version.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n", "willReplaceOnChanges": true }, "sourceCodeHash": { "type": "string", "willReplaceOnChanges": true }, "sourceCodeSize": { "type": "integer", "description": "Size in bytes of the function .zip file.\n" }, "version": { "type": "string", "description": "Lambda Layer version.\n" } }, "type": "object" } }, "aws:lambda/layerVersionPermission:LayerVersionPermission": { "description": "Provides a Lambda Layer Version Permission resource. It allows you to share you own Lambda Layers to another account by account ID, to all accounts in AWS organization or even to all AWS accounts.\n\nFor information about Lambda Layer Permissions and how to use them, see [Using Resource-based Policies for AWS Lambda][1]\n\n\u003e **NOTE:** Setting `skip_destroy` to `true` means that the AWS Provider will _not_ destroy any layer version permission, even when running `pulumi destroy`. Layer version permissions are thus intentional dangling resources that are _not_ managed by Pulumi and may incur extra expense in your AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambdaLayerPermission = new aws.lambda.LayerVersionPermission(\"lambda_layer_permission\", {\n layerName: \"arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\",\n versionNumber: 1,\n principal: \"111111111111\",\n action: \"lambda:GetLayerVersion\",\n statementId: \"dev-account\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_layer_permission = aws.lambda_.LayerVersionPermission(\"lambda_layer_permission\",\n layer_name=\"arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\",\n version_number=1,\n principal=\"111111111111\",\n action=\"lambda:GetLayerVersion\",\n statement_id=\"dev-account\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambdaLayerPermission = new Aws.Lambda.LayerVersionPermission(\"lambda_layer_permission\", new()\n {\n LayerName = \"arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\",\n VersionNumber = 1,\n Principal = \"111111111111\",\n Action = \"lambda:GetLayerVersion\",\n StatementId = \"dev-account\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewLayerVersionPermission(ctx, \"lambda_layer_permission\", \u0026lambda.LayerVersionPermissionArgs{\n\t\t\tLayerName: pulumi.String(\"arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\"),\n\t\t\tVersionNumber: pulumi.Int(1),\n\t\t\tPrincipal: pulumi.String(\"111111111111\"),\n\t\t\tAction: pulumi.String(\"lambda:GetLayerVersion\"),\n\t\t\tStatementId: pulumi.String(\"dev-account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LayerVersionPermission;\nimport com.pulumi.aws.lambda.LayerVersionPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambdaLayerPermission = new LayerVersionPermission(\"lambdaLayerPermission\", LayerVersionPermissionArgs.builder()\n .layerName(\"arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\")\n .versionNumber(1)\n .principal(\"111111111111\")\n .action(\"lambda:GetLayerVersion\")\n .statementId(\"dev-account\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambdaLayerPermission:\n type: aws:lambda:LayerVersionPermission\n name: lambda_layer_permission\n properties:\n layerName: arn:aws:lambda:us-west-2:123456654321:layer:test_layer1\n versionNumber: 1\n principal: '111111111111'\n action: lambda:GetLayerVersion\n statementId: dev-account\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda Layer Permissions using `layer_name` and `version_number`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:lambda/layerVersionPermission:LayerVersionPermission example arn:aws:lambda:us-west-2:123456654321:layer:test_layer1,1\n```\n", "properties": { "action": { "type": "string", "description": "Action, which will be allowed. `lambda:GetLayerVersion` value is suggested by AWS documantation.\n" }, "layerName": { "type": "string", "description": "The name or ARN of the Lambda Layer, which you want to grant access to.\n" }, "organizationId": { "type": "string", "description": "An identifier of AWS Organization, which should be able to use your Lambda Layer. `principal` should be equal to `*` if `organization_id` provided.\n" }, "policy": { "type": "string", "description": "Full Lambda Layer Permission policy.\n" }, "principal": { "type": "string", "description": "AWS account ID which should be able to use your Lambda Layer. `*` can be used here, if you want to share your Lambda Layer widely.\n" }, "revisionId": { "type": "string", "description": "A unique identifier for the current revision of the policy.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n" }, "statementId": { "type": "string", "description": "The name of Lambda Layer Permission, for example `dev-account` - human readable note about what is this permission for.\n" }, "versionNumber": { "type": "integer", "description": "Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.\n" } }, "required": [ "action", "layerName", "policy", "principal", "revisionId", "statementId", "versionNumber" ], "inputProperties": { "action": { "type": "string", "description": "Action, which will be allowed. `lambda:GetLayerVersion` value is suggested by AWS documantation.\n", "willReplaceOnChanges": true }, "layerName": { "type": "string", "description": "The name or ARN of the Lambda Layer, which you want to grant access to.\n", "willReplaceOnChanges": true }, "organizationId": { "type": "string", "description": "An identifier of AWS Organization, which should be able to use your Lambda Layer. `principal` should be equal to `*` if `organization_id` provided.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "AWS account ID which should be able to use your Lambda Layer. `*` can be used here, if you want to share your Lambda Layer widely.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "The name of Lambda Layer Permission, for example `dev-account` - human readable note about what is this permission for.\n", "willReplaceOnChanges": true }, "versionNumber": { "type": "integer", "description": "Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "action", "layerName", "principal", "statementId", "versionNumber" ], "stateInputs": { "description": "Input properties used for looking up and filtering LayerVersionPermission resources.\n", "properties": { "action": { "type": "string", "description": "Action, which will be allowed. `lambda:GetLayerVersion` value is suggested by AWS documantation.\n", "willReplaceOnChanges": true }, "layerName": { "type": "string", "description": "The name or ARN of the Lambda Layer, which you want to grant access to.\n", "willReplaceOnChanges": true }, "organizationId": { "type": "string", "description": "An identifier of AWS Organization, which should be able to use your Lambda Layer. `principal` should be equal to `*` if `organization_id` provided.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Full Lambda Layer Permission policy.\n" }, "principal": { "type": "string", "description": "AWS account ID which should be able to use your Lambda Layer. `*` can be used here, if you want to share your Lambda Layer widely.\n", "willReplaceOnChanges": true }, "revisionId": { "type": "string", "description": "A unique identifier for the current revision of the policy.\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the old version of a previously deployed Lambda Layer. Default is `false`. When this is not set to `true`, changing any of `compatible_architectures`, `compatible_runtimes`, `description`, `filename`, `layer_name`, `license_info`, `s3_bucket`, `s3_key`, `s3_object_version`, or `source_code_hash` forces deletion of the existing layer version and creation of a new layer version.\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "The name of Lambda Layer Permission, for example `dev-account` - human readable note about what is this permission for.\n", "willReplaceOnChanges": true }, "versionNumber": { "type": "integer", "description": "Version of Lambda Layer, which you want to grant access to. Note: permissions only apply to a single version of a layer.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lambda/permission:Permission": { "description": "Gives an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst testAlias = new aws.lambda.Alias(\"test_alias\", {\n name: \"testalias\",\n description: \"a sample description\",\n functionName: testLambda.name,\n functionVersion: \"$LATEST\",\n});\nconst allowCloudwatch = new aws.lambda.Permission(\"allow_cloudwatch\", {\n statementId: \"AllowExecutionFromCloudWatch\",\n action: \"lambda:InvokeFunction\",\n \"function\": testLambda.name,\n principal: \"events.amazonaws.com\",\n sourceArn: \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier: testAlias.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\ntest_alias = aws.lambda_.Alias(\"test_alias\",\n name=\"testalias\",\n description=\"a sample description\",\n function_name=test_lambda.name,\n function_version=\"$LATEST\")\nallow_cloudwatch = aws.lambda_.Permission(\"allow_cloudwatch\",\n statement_id=\"AllowExecutionFromCloudWatch\",\n action=\"lambda:InvokeFunction\",\n function=test_lambda.name,\n principal=\"events.amazonaws.com\",\n source_arn=\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier=test_alias.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var testAlias = new Aws.Lambda.Alias(\"test_alias\", new()\n {\n Name = \"testalias\",\n Description = \"a sample description\",\n FunctionName = testLambda.Name,\n FunctionVersion = \"$LATEST\",\n });\n\n var allowCloudwatch = new Aws.Lambda.Permission(\"allow_cloudwatch\", new()\n {\n StatementId = \"AllowExecutionFromCloudWatch\",\n Action = \"lambda:InvokeFunction\",\n Function = testLambda.Name,\n Principal = \"events.amazonaws.com\",\n SourceArn = \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n Qualifier = testAlias.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLambda, err := lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAlias, err := lambda.NewAlias(ctx, \"test_alias\", \u0026lambda.AliasArgs{\n\t\t\tName: pulumi.String(\"testalias\"),\n\t\t\tDescription: pulumi.String(\"a sample description\"),\n\t\t\tFunctionName: testLambda.Name,\n\t\t\tFunctionVersion: pulumi.String(\"$LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_cloudwatch\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromCloudWatch\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testLambda.Name,\n\t\t\tPrincipal: pulumi.String(\"events.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.String(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\"),\n\t\t\tQualifier: testAlias.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Alias;\nimport com.pulumi.aws.lambda.AliasArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder()\n .name(\"iam_for_lambda\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var testAlias = new Alias(\"testAlias\", AliasArgs.builder()\n .name(\"testalias\")\n .description(\"a sample description\")\n .functionName(testLambda.name())\n .functionVersion(\"$LATEST\")\n .build());\n\n var allowCloudwatch = new Permission(\"allowCloudwatch\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromCloudWatch\")\n .action(\"lambda:InvokeFunction\")\n .function(testLambda.name())\n .principal(\"events.amazonaws.com\")\n .sourceArn(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n .qualifier(testAlias.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowCloudwatch:\n type: aws:lambda:Permission\n name: allow_cloudwatch\n properties:\n statementId: AllowExecutionFromCloudWatch\n action: lambda:InvokeFunction\n function: ${testLambda.name}\n principal: events.amazonaws.com\n sourceArn: arn:aws:events:eu-west-1:111122223333:rule/RunDaily\n qualifier: ${testAlias.name}\n testAlias:\n type: aws:lambda:Alias\n name: test_alias\n properties:\n name: testalias\n description: a sample description\n functionName: ${testLambda.name}\n functionVersion: $LATEST\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: exports.handler\n runtime: nodejs16.x\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SNS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.sns.Topic(\"default\", {name: \"call-lambda-maybe\"});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_with_sns\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_called_from_sns\",\n role: defaultRole.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst withSns = new aws.lambda.Permission(\"with_sns\", {\n statementId: \"AllowExecutionFromSNS\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.name,\n principal: \"sns.amazonaws.com\",\n sourceArn: _default.arn,\n});\nconst lambda = new aws.sns.TopicSubscription(\"lambda\", {\n topic: _default.arn,\n protocol: \"lambda\",\n endpoint: func.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndefault = aws.sns.Topic(\"default\", name=\"call-lambda-maybe\")\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_with_sns\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_called_from_sns\",\n role=default_role.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nwith_sns = aws.lambda_.Permission(\"with_sns\",\n statement_id=\"AllowExecutionFromSNS\",\n action=\"lambda:InvokeFunction\",\n function=func.name,\n principal=\"sns.amazonaws.com\",\n source_arn=default.arn)\nlambda_ = aws.sns.TopicSubscription(\"lambda\",\n topic=default.arn,\n protocol=\"lambda\",\n endpoint=func.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"call-lambda-maybe\",\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_with_sns\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_called_from_sns\",\n Role = defaultRole.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var withSns = new Aws.Lambda.Permission(\"with_sns\", new()\n {\n StatementId = \"AllowExecutionFromSNS\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Name,\n Principal = \"sns.amazonaws.com\",\n SourceArn = @default.Arn,\n });\n\n var lambda = new Aws.Sns.TopicSubscription(\"lambda\", new()\n {\n Topic = @default.Arn,\n Protocol = \"lambda\",\n Endpoint = func.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"call-lambda-maybe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_with_sns\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_sns\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"with_sns\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromSNS\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Name,\n\t\t\tPrincipal: pulumi.String(\"sns.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicSubscription(ctx, \"lambda\", \u0026sns.TopicSubscriptionArgs{\n\t\t\tTopic: _default.Arn,\n\t\t\tProtocol: pulumi.String(\"lambda\"),\n\t\t\tEndpoint: _func.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Topic(\"default\", TopicArgs.builder()\n .name(\"call-lambda-maybe\")\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder()\n .name(\"iam_for_lambda_with_sns\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder()\n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_called_from_sns\")\n .role(defaultRole.arn())\n .handler(\"exports.handler\")\n .runtime(\"python3.7\")\n .build());\n\n var withSns = new Permission(\"withSns\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromSNS\")\n .action(\"lambda:InvokeFunction\")\n .function(func.name())\n .principal(\"sns.amazonaws.com\")\n .sourceArn(default_.arn())\n .build());\n\n var lambda = new TopicSubscription(\"lambda\", TopicSubscriptionArgs.builder()\n .topic(default_.arn())\n .protocol(\"lambda\")\n .endpoint(func.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withSns:\n type: aws:lambda:Permission\n name: with_sns\n properties:\n statementId: AllowExecutionFromSNS\n action: lambda:InvokeFunction\n function: ${func.name}\n principal: sns.amazonaws.com\n sourceArn: ${default.arn}\n default:\n type: aws:sns:Topic\n properties:\n name: call-lambda-maybe\n lambda:\n type: aws:sns:TopicSubscription\n properties:\n topic: ${default.arn}\n protocol: lambda\n endpoint: ${func.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_called_from_sns\n role: ${defaultRole.arn}\n handler: exports.handler\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_with_sns\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With API Gateway REST API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst lambdaPermission = new aws.lambda.Permission(\"lambda_permission\", {\n statementId: \"AllowMyDemoAPIInvoke\",\n action: \"lambda:InvokeFunction\",\n \"function\": \"MyDemoFunction\",\n principal: \"apigateway.amazonaws.com\",\n sourceArn: pulumi.interpolate`${myDemoAPI.executionArn}/*`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nlambda_permission = aws.lambda_.Permission(\"lambda_permission\",\n statement_id=\"AllowMyDemoAPIInvoke\",\n action=\"lambda:InvokeFunction\",\n function=\"MyDemoFunction\",\n principal=\"apigateway.amazonaws.com\",\n source_arn=my_demo_api.execution_arn.apply(lambda execution_arn: f\"{execution_arn}/*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var lambdaPermission = new Aws.Lambda.Permission(\"lambda_permission\", new()\n {\n StatementId = \"AllowMyDemoAPIInvoke\",\n Action = \"lambda:InvokeFunction\",\n Function = \"MyDemoFunction\",\n Principal = \"apigateway.amazonaws.com\",\n SourceArn = myDemoAPI.ExecutionArn.Apply(executionArn =\u003e $\"{executionArn}/*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"lambda_permission\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowMyDemoAPIInvoke\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(\"MyDemoFunction\"),\n\t\t\tPrincipal: pulumi.String(\"apigateway.amazonaws.com\"),\n\t\t\tSourceArn: myDemoAPI.ExecutionArn.ApplyT(func(executionArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/*\", executionArn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder()\n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var lambdaPermission = new Permission(\"lambdaPermission\", PermissionArgs.builder()\n .statementId(\"AllowMyDemoAPIInvoke\")\n .action(\"lambda:InvokeFunction\")\n .function(\"MyDemoFunction\")\n .principal(\"apigateway.amazonaws.com\")\n .sourceArn(myDemoAPI.executionArn().applyValue(executionArn -\u003e String.format(\"%s/*\", executionArn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n lambdaPermission:\n type: aws:lambda:Permission\n name: lambda_permission\n properties:\n statementId: AllowMyDemoAPIInvoke\n action: lambda:InvokeFunction\n function: MyDemoFunction\n principal: apigateway.amazonaws.com\n sourceArn: ${myDemoAPI.executionArn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With CloudWatch Log Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.cloudwatch.LogGroup(\"default\", {name: \"/default\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_called_from_cloudwatch_logs\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst loggingFunction = new aws.lambda.Function(\"logging\", {\n code: new pulumi.asset.FileArchive(\"lamba_logging.zip\"),\n name: \"lambda_called_from_cloudwatch_logs\",\n handler: \"exports.handler\",\n role: defaultRole.arn,\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst logging = new aws.lambda.Permission(\"logging\", {\n action: \"lambda:InvokeFunction\",\n \"function\": loggingFunction.name,\n principal: \"logs.eu-west-1.amazonaws.com\",\n sourceArn: pulumi.interpolate`${_default.arn}:*`,\n});\nconst loggingLogSubscriptionFilter = new aws.cloudwatch.LogSubscriptionFilter(\"logging\", {\n destinationArn: loggingFunction.arn,\n filterPattern: \"\",\n logGroup: _default.name,\n name: \"logging_default\",\n}, {\n dependsOn: [logging],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.cloudwatch.LogGroup(\"default\", name=\"/default\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_called_from_cloudwatch_logs\",\n assume_role_policy=assume_role.json)\nlogging_function = aws.lambda_.Function(\"logging\",\n code=pulumi.FileArchive(\"lamba_logging.zip\"),\n name=\"lambda_called_from_cloudwatch_logs\",\n handler=\"exports.handler\",\n role=default_role.arn,\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nlogging = aws.lambda_.Permission(\"logging\",\n action=\"lambda:InvokeFunction\",\n function=logging_function.name,\n principal=\"logs.eu-west-1.amazonaws.com\",\n source_arn=default.arn.apply(lambda arn: f\"{arn}:*\"))\nlogging_log_subscription_filter = aws.cloudwatch.LogSubscriptionFilter(\"logging\",\n destination_arn=logging_function.arn,\n filter_pattern=\"\",\n log_group=default.name,\n name=\"logging_default\",\n opts = pulumi.ResourceOptions(depends_on=[logging]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.CloudWatch.LogGroup(\"default\", new()\n {\n Name = \"/default\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_called_from_cloudwatch_logs\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var loggingFunction = new Aws.Lambda.Function(\"logging\", new()\n {\n Code = new FileArchive(\"lamba_logging.zip\"),\n Name = \"lambda_called_from_cloudwatch_logs\",\n Handler = \"exports.handler\",\n Role = defaultRole.Arn,\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var logging = new Aws.Lambda.Permission(\"logging\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = loggingFunction.Name,\n Principal = \"logs.eu-west-1.amazonaws.com\",\n SourceArn = @default.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n var loggingLogSubscriptionFilter = new Aws.CloudWatch.LogSubscriptionFilter(\"logging\", new()\n {\n DestinationArn = loggingFunction.Arn,\n FilterPattern = \"\",\n LogGroup = @default.Name,\n Name = \"logging_default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n logging,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogGroup(ctx, \"default\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"/default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_called_from_cloudwatch_logs\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tloggingFunction, err := lambda.NewFunction(ctx, \"logging\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lamba_logging.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_cloudwatch_logs\"),\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogging, err := lambda.NewPermission(ctx, \"logging\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: loggingFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"logs.eu-west-1.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogSubscriptionFilter(ctx, \"logging\", \u0026cloudwatch.LogSubscriptionFilterArgs{\n\t\t\tDestinationArn: loggingFunction.Arn,\n\t\t\tFilterPattern: pulumi.String(\"\"),\n\t\t\tLogGroup: _default.Name,\n\t\t\tName: pulumi.String(\"logging_default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlogging,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilter;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new LogGroup(\"default\", LogGroupArgs.builder()\n .name(\"/default\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder()\n .name(\"iam_for_lambda_called_from_cloudwatch_logs\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var loggingFunction = new Function(\"loggingFunction\", FunctionArgs.builder()\n .code(new FileArchive(\"lamba_logging.zip\"))\n .name(\"lambda_called_from_cloudwatch_logs\")\n .handler(\"exports.handler\")\n .role(defaultRole.arn())\n .runtime(\"python3.7\")\n .build());\n\n var logging = new Permission(\"logging\", PermissionArgs.builder()\n .action(\"lambda:InvokeFunction\")\n .function(loggingFunction.name())\n .principal(\"logs.eu-west-1.amazonaws.com\")\n .sourceArn(default_.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n var loggingLogSubscriptionFilter = new LogSubscriptionFilter(\"loggingLogSubscriptionFilter\", LogSubscriptionFilterArgs.builder()\n .destinationArn(loggingFunction.arn())\n .filterPattern(\"\")\n .logGroup(default_.name())\n .name(\"logging_default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(logging)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n logging:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${loggingFunction.name}\n principal: logs.eu-west-1.amazonaws.com\n sourceArn: ${default.arn}:*\n default:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /default\n loggingLogSubscriptionFilter:\n type: aws:cloudwatch:LogSubscriptionFilter\n name: logging\n properties:\n destinationArn: ${loggingFunction.arn}\n filterPattern:\n logGroup: ${default.name}\n name: logging_default\n options:\n dependson:\n - ${logging}\n loggingFunction:\n type: aws:lambda:Function\n name: logging\n properties:\n code:\n fn::FileArchive: lamba_logging.zip\n name: lambda_called_from_cloudwatch_logs\n handler: exports.handler\n role: ${defaultRole.arn}\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_called_from_cloudwatch_logs\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Cross-Account Invocation Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst url = new aws.lambda.FunctionUrl(\"url\", {\n functionName: example.functionName,\n authorizationType: \"AWS_IAM\",\n});\nconst urlPermission = new aws.lambda.Permission(\"url\", {\n action: \"lambda:InvokeFunctionUrl\",\n \"function\": example.functionName,\n principal: \"arn:aws:iam::444455556666:role/example\",\n sourceAccount: \"444455556666\",\n functionUrlAuthType: \"AWS_IAM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nurl = aws.lambda_.FunctionUrl(\"url\",\n function_name=example[\"functionName\"],\n authorization_type=\"AWS_IAM\")\nurl_permission = aws.lambda_.Permission(\"url\",\n action=\"lambda:InvokeFunctionUrl\",\n function=example[\"functionName\"],\n principal=\"arn:aws:iam::444455556666:role/example\",\n source_account=\"444455556666\",\n function_url_auth_type=\"AWS_IAM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var url = new Aws.Lambda.FunctionUrl(\"url\", new()\n {\n FunctionName = example.FunctionName,\n AuthorizationType = \"AWS_IAM\",\n });\n\n var urlPermission = new Aws.Lambda.Permission(\"url\", new()\n {\n Action = \"lambda:InvokeFunctionUrl\",\n Function = example.FunctionName,\n Principal = \"arn:aws:iam::444455556666:role/example\",\n SourceAccount = \"444455556666\",\n FunctionUrlAuthType = \"AWS_IAM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionUrl(ctx, \"url\", \u0026lambda.FunctionUrlArgs{\n\t\t\tFunctionName: pulumi.Any(example.FunctionName),\n\t\t\tAuthorizationType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"url\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunctionUrl\"),\n\t\t\tFunction: pulumi.Any(example.FunctionName),\n\t\t\tPrincipal: pulumi.String(\"arn:aws:iam::444455556666:role/example\"),\n\t\t\tSourceAccount: pulumi.String(\"444455556666\"),\n\t\t\tFunctionUrlAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionUrl;\nimport com.pulumi.aws.lambda.FunctionUrlArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var url = new FunctionUrl(\"url\", FunctionUrlArgs.builder()\n .functionName(example.functionName())\n .authorizationType(\"AWS_IAM\")\n .build());\n\n var urlPermission = new Permission(\"urlPermission\", PermissionArgs.builder()\n .action(\"lambda:InvokeFunctionUrl\")\n .function(example.functionName())\n .principal(\"arn:aws:iam::444455556666:role/example\")\n .sourceAccount(\"444455556666\")\n .functionUrlAuthType(\"AWS_IAM\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n url:\n type: aws:lambda:FunctionUrl\n properties:\n functionName: ${example.functionName}\n authorizationType: AWS_IAM\n urlPermission:\n type: aws:lambda:Permission\n name: url\n properties:\n action: lambda:InvokeFunctionUrl\n function: ${example.functionName}\n principal: arn:aws:iam::444455556666:role/example\n sourceAccount: '444455556666'\n functionUrlAuthType: AWS_IAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda permission statements using function_name/statement_id with an optional qualifier. For example:\n\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function/AllowExecutionFromCloudWatch\n```\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function:qualifier_name/AllowExecutionFromCloudWatch\n```\n", "properties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g., `lambda:InvokeFunction`)\n" }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n" }, "function": { "type": "string", "description": "Name of the Lambda function whose resource policy you are updating\n" }, "functionUrlAuthType": { "type": "string", "description": "Lambda Function URLs [authentication type](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). Valid values are: `AWS_IAM` or `NONE`. Only supported for `lambda:InvokeFunctionUrl` action.\n" }, "principal": { "type": "string", "description": "The principal who is getting this permission e.g., `s3.amazonaws.com`, an AWS account ID, or AWS IAM principal, or AWS service principal such as `events.amazonaws.com` or `sns.amazonaws.com`.\n" }, "principalOrgId": { "type": "string", "description": "The identifier for your organization in AWS Organizations. Use this to grant permissions to all the AWS accounts under this organization.\n\n[1]: https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli\n[2]: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html\n[3]: https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html\n" }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name. The permission will then apply to the specific qualified ARN e.g., `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n" }, "sourceAccount": { "type": "string", "description": "This parameter is used when allowing cross-account access, or for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n" }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor EventBridge events, this should be the ARN of the EventBridge Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n" }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n" }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n" } }, "required": [ "action", "function", "principal", "statementId", "statementIdPrefix" ], "inputProperties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g., `lambda:InvokeFunction`)\n", "willReplaceOnChanges": true }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n", "willReplaceOnChanges": true }, "function": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/function:Function" } ], "description": "Name of the Lambda function whose resource policy you are updating\n", "willReplaceOnChanges": true }, "functionUrlAuthType": { "type": "string", "description": "Lambda Function URLs [authentication type](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). Valid values are: `AWS_IAM` or `NONE`. Only supported for `lambda:InvokeFunctionUrl` action.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The principal who is getting this permission e.g., `s3.amazonaws.com`, an AWS account ID, or AWS IAM principal, or AWS service principal such as `events.amazonaws.com` or `sns.amazonaws.com`.\n", "willReplaceOnChanges": true }, "principalOrgId": { "type": "string", "description": "The identifier for your organization in AWS Organizations. Use this to grant permissions to all the AWS accounts under this organization.\n\n[1]: https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli\n[2]: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html\n[3]: https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html\n", "willReplaceOnChanges": true }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name. The permission will then apply to the specific qualified ARN e.g., `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n", "willReplaceOnChanges": true }, "sourceAccount": { "type": "string", "description": "This parameter is used when allowing cross-account access, or for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n", "willReplaceOnChanges": true }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor EventBridge events, this should be the ARN of the EventBridge Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n", "willReplaceOnChanges": true }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "action", "function", "principal" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permission resources.\n", "properties": { "action": { "type": "string", "description": "The AWS Lambda action you want to allow in this statement. (e.g., `lambda:InvokeFunction`)\n", "willReplaceOnChanges": true }, "eventSourceToken": { "type": "string", "description": "The Event Source Token to validate. Used with [Alexa Skills](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli).\n", "willReplaceOnChanges": true }, "function": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:lambda/function:Function" } ], "description": "Name of the Lambda function whose resource policy you are updating\n", "willReplaceOnChanges": true }, "functionUrlAuthType": { "type": "string", "description": "Lambda Function URLs [authentication type](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). Valid values are: `AWS_IAM` or `NONE`. Only supported for `lambda:InvokeFunctionUrl` action.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The principal who is getting this permission e.g., `s3.amazonaws.com`, an AWS account ID, or AWS IAM principal, or AWS service principal such as `events.amazonaws.com` or `sns.amazonaws.com`.\n", "willReplaceOnChanges": true }, "principalOrgId": { "type": "string", "description": "The identifier for your organization in AWS Organizations. Use this to grant permissions to all the AWS accounts under this organization.\n\n[1]: https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli\n[2]: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html\n[3]: https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html\n", "willReplaceOnChanges": true }, "qualifier": { "type": "string", "description": "Query parameter to specify function version or alias name. The permission will then apply to the specific qualified ARN e.g., `arn:aws:lambda:aws-region:acct-id:function:function-name:2`\n", "willReplaceOnChanges": true }, "sourceAccount": { "type": "string", "description": "This parameter is used when allowing cross-account access, or for S3 and SES. The AWS account ID (without a hyphen) of the source owner.\n", "willReplaceOnChanges": true }, "sourceArn": { "type": "string", "description": "When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to.\nWithout this, any resource from `principal` will be granted permission – even if that resource is from another account.\nFor S3, this should be the ARN of the S3 Bucket.\nFor EventBridge events, this should be the ARN of the EventBridge Rule.\nFor API Gateway, this should be the ARN of the API, as described [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html).\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n", "willReplaceOnChanges": true }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lambda/provisionedConcurrencyConfig:ProvisionedConcurrencyConfig": { "description": "Manages a Lambda Provisioned Concurrency Configuration.\n\n\u003e **NOTE:** Setting `skip_destroy` to `true` means that the AWS Provider will _not_ destroy a provisioned concurrency configuration, even when running `pulumi destroy`. The configuration is thus an intentional dangling resource that is _not_ managed by Pulumi and may incur extra expense in your AWS account.\n\n## Example Usage\n\n### Alias Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.ProvisionedConcurrencyConfig(\"example\", {\n functionName: exampleAwsLambdaAlias.functionName,\n provisionedConcurrentExecutions: 1,\n qualifier: exampleAwsLambdaAlias.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.ProvisionedConcurrencyConfig(\"example\",\n function_name=example_aws_lambda_alias[\"functionName\"],\n provisioned_concurrent_executions=1,\n qualifier=example_aws_lambda_alias[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.ProvisionedConcurrencyConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaAlias.FunctionName,\n ProvisionedConcurrentExecutions = 1,\n Qualifier = exampleAwsLambdaAlias.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewProvisionedConcurrencyConfig(ctx, \"example\", \u0026lambda.ProvisionedConcurrencyConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaAlias.FunctionName),\n\t\t\tProvisionedConcurrentExecutions: pulumi.Int(1),\n\t\t\tQualifier: pulumi.Any(exampleAwsLambdaAlias.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.ProvisionedConcurrencyConfig;\nimport com.pulumi.aws.lambda.ProvisionedConcurrencyConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProvisionedConcurrencyConfig(\"example\", ProvisionedConcurrencyConfigArgs.builder()\n .functionName(exampleAwsLambdaAlias.functionName())\n .provisionedConcurrentExecutions(1)\n .qualifier(exampleAwsLambdaAlias.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:ProvisionedConcurrencyConfig\n properties:\n functionName: ${exampleAwsLambdaAlias.functionName}\n provisionedConcurrentExecutions: 1\n qualifier: ${exampleAwsLambdaAlias.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Function Version\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.ProvisionedConcurrencyConfig(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n provisionedConcurrentExecutions: 1,\n qualifier: exampleAwsLambdaFunction.version,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.ProvisionedConcurrencyConfig(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n provisioned_concurrent_executions=1,\n qualifier=example_aws_lambda_function[\"version\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.ProvisionedConcurrencyConfig(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n ProvisionedConcurrentExecutions = 1,\n Qualifier = exampleAwsLambdaFunction.Version,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewProvisionedConcurrencyConfig(ctx, \"example\", \u0026lambda.ProvisionedConcurrencyConfigArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tProvisionedConcurrentExecutions: pulumi.Int(1),\n\t\t\tQualifier: pulumi.Any(exampleAwsLambdaFunction.Version),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.ProvisionedConcurrencyConfig;\nimport com.pulumi.aws.lambda.ProvisionedConcurrencyConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProvisionedConcurrencyConfig(\"example\", ProvisionedConcurrencyConfigArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .provisionedConcurrentExecutions(1)\n .qualifier(exampleAwsLambdaFunction.version())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:ProvisionedConcurrencyConfig\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n provisionedConcurrentExecutions: 1\n qualifier: ${exampleAwsLambdaFunction.version}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a Lambda Provisioned Concurrency Configuration using the `function_name` and `qualifier` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:lambda/provisionedConcurrencyConfig:ProvisionedConcurrencyConfig example my_function,production\n```\n", "properties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n" }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n\nThe following arguments are optional:\n" }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the provisoned concurrency configuration upon destruction. Defaults to `false`. If set to `true`, the resource in simply removed from state instead.\n" } }, "required": [ "functionName", "provisionedConcurrentExecutions", "qualifier" ], "inputProperties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n", "willReplaceOnChanges": true }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the provisoned concurrency configuration upon destruction. Defaults to `false`. If set to `true`, the resource in simply removed from state instead.\n" } }, "requiredInputs": [ "functionName", "provisionedConcurrentExecutions", "qualifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProvisionedConcurrencyConfig resources.\n", "properties": { "functionName": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the Lambda Function.\n", "willReplaceOnChanges": true }, "provisionedConcurrentExecutions": { "type": "integer", "description": "Amount of capacity to allocate. Must be greater than or equal to `1`.\n" }, "qualifier": { "type": "string", "description": "Lambda Function version or Lambda Alias name.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "Whether to retain the provisoned concurrency configuration upon destruction. Defaults to `false`. If set to `true`, the resource in simply removed from state instead.\n" } }, "type": "object" } }, "aws:lambda/runtimeManagementConfig:RuntimeManagementConfig": { "description": "Resource for managing an AWS Lambda Runtime Management Config.\n\nRefer to the [AWS Lambda documentation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) for supported runtimes.\n\n\u003e Deletion of this resource returns the runtime update mode to `Auto` (the default behavior).\nTo leave the configured runtime management options in-place, use a `removed` block with the destroy lifecycle set to `false`.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.RuntimeManagementConfig(\"example\", {\n functionName: test.functionName,\n updateRuntimeOn: \"FunctionUpdate\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.RuntimeManagementConfig(\"example\",\n function_name=test[\"functionName\"],\n update_runtime_on=\"FunctionUpdate\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.RuntimeManagementConfig(\"example\", new()\n {\n FunctionName = test.FunctionName,\n UpdateRuntimeOn = \"FunctionUpdate\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewRuntimeManagementConfig(ctx, \"example\", \u0026lambda.RuntimeManagementConfigArgs{\n\t\t\tFunctionName: pulumi.Any(test.FunctionName),\n\t\t\tUpdateRuntimeOn: pulumi.String(\"FunctionUpdate\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.RuntimeManagementConfig;\nimport com.pulumi.aws.lambda.RuntimeManagementConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuntimeManagementConfig(\"example\", RuntimeManagementConfigArgs.builder()\n .functionName(test.functionName())\n .updateRuntimeOn(\"FunctionUpdate\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:RuntimeManagementConfig\n properties:\n functionName: ${test.functionName}\n updateRuntimeOn: FunctionUpdate\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### `Manual` Update\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.RuntimeManagementConfig(\"example\", {\n functionName: test.functionName,\n updateRuntimeOn: \"Manual\",\n runtimeVersionArn: \"arn:aws:lambda:us-east-1::runtime:abcd1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.RuntimeManagementConfig(\"example\",\n function_name=test[\"functionName\"],\n update_runtime_on=\"Manual\",\n runtime_version_arn=\"arn:aws:lambda:us-east-1::runtime:abcd1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.RuntimeManagementConfig(\"example\", new()\n {\n FunctionName = test.FunctionName,\n UpdateRuntimeOn = \"Manual\",\n RuntimeVersionArn = \"arn:aws:lambda:us-east-1::runtime:abcd1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewRuntimeManagementConfig(ctx, \"example\", \u0026lambda.RuntimeManagementConfigArgs{\n\t\t\tFunctionName: pulumi.Any(test.FunctionName),\n\t\t\tUpdateRuntimeOn: pulumi.String(\"Manual\"),\n\t\t\tRuntimeVersionArn: pulumi.String(\"arn:aws:lambda:us-east-1::runtime:abcd1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.RuntimeManagementConfig;\nimport com.pulumi.aws.lambda.RuntimeManagementConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuntimeManagementConfig(\"example\", RuntimeManagementConfigArgs.builder()\n .functionName(test.functionName())\n .updateRuntimeOn(\"Manual\")\n .runtimeVersionArn(\"arn:aws:lambda:us-east-1::runtime:abcd1234\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:RuntimeManagementConfig\n properties:\n functionName: ${test.functionName}\n updateRuntimeOn: Manual\n runtimeVersionArn: arn:aws:lambda:us-east-1::runtime:abcd1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e Once the runtime update mode is set to `Manual`, the `aws.lambda.Function` `runtime` cannot be updated. To upgrade a runtime, the `update_runtime_on` argument must be set to `Auto` or `FunctionUpdate` prior to changing the function's `runtime` argument.\n\n## Import\n\nUsing `pulumi import`, import Lambda Runtime Management Config using a comma-delimited string combining `function_name` and `qualifier`. For example:\n\n```sh\n$ pulumi import aws:lambda/runtimeManagementConfig:RuntimeManagementConfig example my-function,$LATEST\n```\n", "properties": { "functionArn": { "type": "string", "description": "ARN of the function.\n" }, "functionName": { "type": "string", "description": "Name or ARN of the Lambda function.\n\nThe following arguments are optional:\n" }, "qualifier": { "type": "string", "description": "Version of the function. This can be `$LATEST` or a published version number. If omitted, this resource will manage the runtime configuration for `$LATEST`.\n" }, "runtimeVersionArn": { "type": "string", "description": "ARN of the runtime version. Only required when `update_runtime_on` is `Manual`.\n" }, "updateRuntimeOn": { "type": "string", "description": "Runtime update mode. Valid values are `Auto`, `FunctionUpdate`, and `Manual`. When a function is created, the default mode is `Auto`.\n" } }, "required": [ "functionArn", "functionName" ], "inputProperties": { "functionName": { "type": "string", "description": "Name or ARN of the Lambda function.\n\nThe following arguments are optional:\n" }, "qualifier": { "type": "string", "description": "Version of the function. This can be `$LATEST` or a published version number. If omitted, this resource will manage the runtime configuration for `$LATEST`.\n" }, "runtimeVersionArn": { "type": "string", "description": "ARN of the runtime version. Only required when `update_runtime_on` is `Manual`.\n" }, "updateRuntimeOn": { "type": "string", "description": "Runtime update mode. Valid values are `Auto`, `FunctionUpdate`, and `Manual`. When a function is created, the default mode is `Auto`.\n" } }, "requiredInputs": [ "functionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuntimeManagementConfig resources.\n", "properties": { "functionArn": { "type": "string", "description": "ARN of the function.\n" }, "functionName": { "type": "string", "description": "Name or ARN of the Lambda function.\n\nThe following arguments are optional:\n" }, "qualifier": { "type": "string", "description": "Version of the function. This can be `$LATEST` or a published version number. If omitted, this resource will manage the runtime configuration for `$LATEST`.\n" }, "runtimeVersionArn": { "type": "string", "description": "ARN of the runtime version. Only required when `update_runtime_on` is `Manual`.\n" }, "updateRuntimeOn": { "type": "string", "description": "Runtime update mode. Valid values are `Auto`, `FunctionUpdate`, and `Manual`. When a function is created, the default mode is `Auto`.\n" } }, "type": "object" } }, "aws:lb/listener:Listener": { "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"443\")\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(\"443\")\n .protocol(\"TLS\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/listener:Listener front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n```\n", "properties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "arn": { "type": "string", "description": "ARN of the listener (matches `id`).\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n" }, "mutualAuthentication": { "$ref": "#/types/aws:lb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultActions", "loadBalancerArn", "mutualAuthentication", "protocol", "sslPolicy", "tagsAll" ], "inputProperties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mutualAuthentication": { "$ref": "#/types/aws:lb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" } }, "requiredInputs": [ "defaultActions", "loadBalancerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "alpnPolicy": { "type": "string", "description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n" }, "arn": { "type": "string", "description": "ARN of the listener (matches `id`).\n" }, "certificateArn": { "type": "string", "description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n" }, "defaultActions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction" }, "description": "Configuration block for default actions. Detailed below.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "mutualAuthentication": { "$ref": "#/types/aws:lb/ListenerMutualAuthentication:ListenerMutualAuthentication", "description": "The mutual authentication configuration information. Detailed below.\n" }, "port": { "type": "integer", "description": "Port on which the load balancer is listening. Not valid for Gateway Load Balancers.\n" }, "protocol": { "type": "string", "description": "Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are `HTTP` and `HTTPS`, with a default of `HTTP`. For Network Load Balancers, valid values are `TCP`, `TLS`, `UDP`, and `TCP_UDP`. Not valid to use `UDP` or `TCP_UDP` if dual-stack mode is enabled. Not valid for Gateway Load Balancers.\n" }, "sslPolicy": { "type": "string", "description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE::** Please note that listeners that are attached to Application Load Balancers must use either `HTTP` or `HTTPS` protocols while listeners that are attached to Network Load Balancers must use the `TCP` protocol.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listener:Listener" } ] }, "aws:lb/listenerCertificate:ListenerCertificate": { "description": "Provides a Load Balancer Listener Certificate resource.\n\nThis resource is for additional certificates and does not replace the default certificate on the listener.\n\n\u003e **Note:** `aws.alb.ListenerCertificate` is known as `aws.lb.ListenerCertificate`. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acm.Certificate(\"example\", {});\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst exampleListenerCertificate = new aws.lb.ListenerCertificate(\"example\", {\n listenerArn: frontEndListener.arn,\n certificateArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.Certificate(\"example\")\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nexample_listener_certificate = aws.lb.ListenerCertificate(\"example\",\n listener_arn=front_end_listener.arn,\n certificate_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acm.Certificate(\"example\");\n\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var exampleListenerCertificate = new Aws.LB.ListenerCertificate(\"example\", new()\n {\n ListenerArn = frontEndListener.Arn,\n CertificateArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acm.NewCertificate(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerCertificate(ctx, \"example\", \u0026lb.ListenerCertificateArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tCertificateArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerCertificate;\nimport com.pulumi.aws.lb.ListenerCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Certificate(\"example\");\n\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var exampleListenerCertificate = new ListenerCertificate(\"exampleListenerCertificate\", ListenerCertificateArgs.builder()\n .listenerArn(frontEndListener.arn())\n .certificateArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acm:Certificate\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n exampleListenerCertificate:\n type: aws:lb:ListenerCertificate\n name: example\n properties:\n listenerArn: ${frontEndListener.arn}\n certificateArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Listener Certificates using the listener arn and certificate arn, separated by an underscore (`_`). For example:\n\n```sh\n$ pulumi import aws:lb/listenerCertificate:ListenerCertificate example arn:aws:elasticloadbalancing:us-west-2:123456789012:listener/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b_arn:aws:iam::123456789012:server-certificate/tf-acc-test-6453083910015726063\n```\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n" } }, "required": [ "certificateArn", "listenerArn" ], "inputProperties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateArn", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerCertificate resources.\n", "properties": { "certificateArn": { "type": "string", "description": "The ARN of the certificate to attach to the listener.\n", "willReplaceOnChanges": true }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the certificate.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listenerCertificate:ListenerCertificate" } ] }, "aws:lb/listenerRule:ListenerRule": { "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n listenerArn: frontEndListener.arn,\n priority: 100,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n});\n// Forward action\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Weighted Forward action\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: main.arn,\n weight: 80,\n },\n {\n arn: canary.arn,\n weight: 20,\n },\n ],\n stickiness: {\n enabled: true,\n duration: 600,\n },\n },\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Redirect action\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n});\n// Fixed-response action\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n});\n// Authenticate-cognito Action\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// Authenticate-oidc Action\nconst oidc = new aws.lb.ListenerRule(\"oidc\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nstatic = aws.lb.ListenerRule(\"static\",\n listener_arn=front_end_listener.arn,\n priority=100,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[\n {\n \"path_pattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"host_header\": {\n \"values\": [\"example.com\"],\n },\n },\n ])\n# Forward action\nhost_based_weighted_routing = aws.lb.ListenerRule(\"host_based_weighted_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Weighted Forward action\nhost_based_routing = aws.lb.ListenerRule(\"host_based_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": main[\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": canary[\"arn\"],\n \"weight\": 20,\n },\n ],\n \"stickiness\": {\n \"enabled\": True,\n \"duration\": 600,\n },\n },\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Redirect action\nredirect_http_to_https = aws.lb.ListenerRule(\"redirect_http_to_https\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }],\n conditions=[{\n \"http_header\": {\n \"http_header_name\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }])\n# Fixed-response action\nhealth_check = aws.lb.ListenerRule(\"health_check\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n }],\n conditions=[{\n \"query_strings\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }])\n# Authenticate-cognito Action\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# Authenticate-oidc Action\noidc = aws.lb.ListenerRule(\"oidc\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var @static = new Aws.LB.ListenerRule(\"static\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"example.com\",\n },\n },\n },\n },\n });\n\n // Forward action\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"host_based_weighted_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Weighted Forward action\n var hostBasedRouting = new Aws.LB.ListenerRule(\"host_based_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = main.Arn,\n Weight = 80,\n },\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = canary.Arn,\n Weight = 20,\n },\n },\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Enabled = true,\n Duration = 600,\n },\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Redirect action\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirect_http_to_https\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = new[]\n {\n \"192.168.1.*\",\n },\n },\n },\n },\n });\n\n // Fixed-response action\n var healthCheck = new Aws.LB.ListenerRule(\"health_check\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryStrings = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Key = \"health\",\n Value = \"check\",\n },\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Value = \"bar\",\n },\n },\n },\n },\n });\n\n // Authenticate-cognito Action\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var admin = new Aws.LB.ListenerRule(\"admin\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // Authenticate-oidc Action\n var oidc = new Aws.LB.ListenerRule(\"oidc\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_weighted_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Weighted Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(main.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(canary.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Redirect action\n\t\t_, err = lb.NewListenerRule(ctx, \"redirect_http_to_https\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Fixed-response action\n\t\t_, err = lb.NewListenerRule(ctx, \"health_check\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryStrings: lb.ListenerRuleConditionQueryStringArray{\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"health\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-cognito Action\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerRuleActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-oidc Action\n\t\t_, err = lb.NewListenerRule(ctx, \"oidc\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerRule;\nimport com.pulumi.aws.lb.ListenerRuleArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var static_ = new ListenerRule(\"static\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(100)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions( \n ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"/static/*\")\n .build())\n .build(),\n ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"example.com\")\n .build())\n .build())\n .build());\n\n // Forward action\n var hostBasedWeightedRouting = new ListenerRule(\"hostBasedWeightedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Weighted Forward action\n var hostBasedRouting = new ListenerRule(\"hostBasedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerRuleActionForwardArgs.builder()\n .targetGroups( \n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(main.arn())\n .weight(80)\n .build(),\n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(canary.arn())\n .weight(20)\n .build())\n .stickiness(ListenerRuleActionForwardStickinessArgs.builder()\n .enabled(true)\n .duration(600)\n .build())\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Redirect action\n var redirectHttpToHttps = new ListenerRule(\"redirectHttpToHttps\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerRuleActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()\n .httpHeaderName(\"X-Forwarded-For\")\n .values(\"192.168.1.*\")\n .build())\n .build())\n .build());\n\n // Fixed-response action\n var healthCheck = new ListenerRule(\"healthCheck\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"HEALTHY\")\n .statusCode(\"200\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .queryStrings( \n ListenerRuleConditionQueryStringArgs.builder()\n .key(\"health\")\n .value(\"check\")\n .build(),\n ListenerRuleConditionQueryStringArgs.builder()\n .value(\"bar\")\n .build())\n .build())\n .build());\n\n // Authenticate-cognito Action\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var admin = new ListenerRule(\"admin\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // Authenticate-oidc Action\n var oidc = new ListenerRule(\"oidc\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n static:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 100\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - /static/*\n - hostHeader:\n values:\n - example.com\n # Forward action\n hostBasedWeightedRouting:\n type: aws:lb:ListenerRule\n name: host_based_weighted_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Weighted Forward action\n hostBasedRouting:\n type: aws:lb:ListenerRule\n name: host_based_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${main.arn}\n weight: 80\n - arn: ${canary.arn}\n weight: 20\n stickiness:\n enabled: true\n duration: 600\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Redirect action\n redirectHttpToHttps:\n type: aws:lb:ListenerRule\n name: redirect_http_to_https\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n conditions:\n - httpHeader:\n httpHeaderName: X-Forwarded-For\n values:\n - 192.168.1.*\n # Fixed-response action\n healthCheck:\n type: aws:lb:ListenerRule\n name: health_check\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: HEALTHY\n statusCode: '200'\n conditions:\n - queryStrings:\n - key: health\n value: check\n - value: bar\n # Authenticate-cognito Action\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n admin:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # Authenticate-oidc Action\n oidc:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import rules using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/listenerRule:ListenerRule front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the rule (matches `id`)\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n" }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "actions", "arn", "conditions", "listenerArn", "priority", "tagsAll" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "actions", "conditions", "listenerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleAction:ListenerRuleAction" }, "description": "An Action block. Action blocks are documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the rule (matches `id`)\n" }, "conditions": { "type": "array", "items": { "$ref": "#/types/aws:lb/ListenerRuleCondition:ListenerRuleCondition" }, "description": "A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.\n" }, "listenerArn": { "type": "string", "description": "The ARN of the listener to which to attach the rule.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/listenerRule:ListenerRule" } ] }, "aws:lb/loadBalancer:LoadBalancer": { "description": "Provides a Load Balancer resource.\n\n\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\n## Example Usage\n\n### Application Load Balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n name: \"test-lb-tf\",\n internal: false,\n loadBalancerType: \"application\",\n securityGroups: [lbSg.id],\n subnets: .map(subnet =\u003e (subnet.id)),\n enableDeletionProtection: true,\n accessLogs: {\n bucket: lbLogs.id,\n prefix: \"test-lb\",\n enabled: true,\n },\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n name=\"test-lb-tf\",\n internal=False,\n load_balancer_type=\"application\",\n security_groups=[lb_sg[\"id\"]],\n subnets=[subnet[\"id\"] for subnet in public],\n enable_deletion_protection=True,\n access_logs={\n \"bucket\": lb_logs[\"id\"],\n \"prefix\": \"test-lb\",\n \"enabled\": True,\n },\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.LoadBalancer(\"test\", new()\n {\n Name = \"test-lb-tf\",\n Internal = false,\n LoadBalancerType = \"application\",\n SecurityGroups = new[]\n {\n lbSg.Id,\n },\n Subnets = .Select(subnet =\u003e \n {\n return subnet.Id;\n }).ToList(),\n EnableDeletionProtection = true,\n AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = lbLogs.Id,\n Prefix = \"test-lb\",\n Enabled = true,\n },\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Load Balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.LoadBalancer(\"test\", {\n name: \"test-lb-tf\",\n internal: false,\n loadBalancerType: \"network\",\n subnets: .map(subnet =\u003e (subnet.id)),\n enableDeletionProtection: true,\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.LoadBalancer(\"test\",\n name=\"test-lb-tf\",\n internal=False,\n load_balancer_type=\"network\",\n subnets=[subnet[\"id\"] for subnet in public],\n enable_deletion_protection=True,\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.LoadBalancer(\"test\", new()\n {\n Name = \"test-lb-tf\",\n Internal = false,\n LoadBalancerType = \"network\",\n Subnets = .Select(subnet =\u003e \n {\n return subnet.Id;\n }).ToList(),\n EnableDeletionProtection = true,\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying Elastic IPs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n name: \"example\",\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n subnetId: example1AwsSubnet.id,\n allocationId: example1.id,\n },\n {\n subnetId: example2AwsSubnet.id,\n allocationId: example2.id,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n name=\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"subnet_id\": example1_aws_subnet[\"id\"],\n \"allocation_id\": example1[\"id\"],\n },\n {\n \"subnet_id\": example2_aws_subnet[\"id\"],\n \"allocation_id\": example2[\"id\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n Name = \"example\",\n LoadBalancerType = \"network\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example1AwsSubnet.Id,\n AllocationId = example1.Id,\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example2AwsSubnet.Id,\n AllocationId = example2.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example1AwsSubnet.Id),\n\t\t\t\t\tAllocationId: pulumi.Any(example1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example2AwsSubnet.Id),\n\t\t\t\t\tAllocationId: pulumi.Any(example2.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .name(\"example\")\n .loadBalancerType(\"network\")\n .subnetMappings( \n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example1AwsSubnet.id())\n .allocationId(example1.id())\n .build(),\n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example2AwsSubnet.id())\n .allocationId(example2.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n name: example\n loadBalancerType: network\n subnetMappings:\n - subnetId: ${example1AwsSubnet.id}\n allocationId: ${example1.id}\n - subnetId: ${example2AwsSubnet.id}\n allocationId: ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying private IP addresses for an internal-facing load balancer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n name: \"example\",\n loadBalancerType: \"network\",\n subnetMappings: [\n {\n subnetId: example1.id,\n privateIpv4Address: \"10.0.1.15\",\n },\n {\n subnetId: example2.id,\n privateIpv4Address: \"10.0.2.15\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n name=\"example\",\n load_balancer_type=\"network\",\n subnet_mappings=[\n {\n \"subnet_id\": example1[\"id\"],\n \"private_ipv4_address\": \"10.0.1.15\",\n },\n {\n \"subnet_id\": example2[\"id\"],\n \"private_ipv4_address\": \"10.0.2.15\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n Name = \"example\",\n LoadBalancerType = \"network\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example1.Id,\n PrivateIpv4Address = \"10.0.1.15\",\n },\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = example2.Id,\n PrivateIpv4Address = \"10.0.2.15\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLoadBalancerType: pulumi.String(\"network\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example1.Id),\n\t\t\t\t\tPrivateIpv4Address: pulumi.String(\"10.0.1.15\"),\n\t\t\t\t},\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(example2.Id),\n\t\t\t\t\tPrivateIpv4Address: pulumi.String(\"10.0.2.15\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .name(\"example\")\n .loadBalancerType(\"network\")\n .subnetMappings( \n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example1.id())\n .privateIpv4Address(\"10.0.1.15\")\n .build(),\n LoadBalancerSubnetMappingArgs.builder()\n .subnetId(example2.id())\n .privateIpv4Address(\"10.0.2.15\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n name: example\n loadBalancerType: network\n subnetMappings:\n - subnetId: ${example1.id}\n privateIpv4Address: 10.0.1.15\n - subnetId: ${example2.id}\n privateIpv4Address: 10.0.2.15\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import LBs using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/loadBalancer:LoadBalancer bar arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188\n```\n", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "arn": { "type": "string", "description": "ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:lb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n" }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "DNS name of the load balancer.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n" }, "ipAddressType": { "type": "string", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n" }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" }, "zoneId": { "type": "string", "description": "Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "required": [ "arn", "arnSuffix", "dnsName", "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic", "internal", "ipAddressType", "name", "namePrefix", "securityGroups", "subnetMappings", "subnets", "tagsAll", "vpcId", "zoneId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:lb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n", "willReplaceOnChanges": true }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering LoadBalancer resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs", "description": "Access Logs block. See below.\n" }, "arn": { "type": "string", "description": "ARN of the load balancer (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "clientKeepAlive": { "type": "integer", "description": "Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n" }, "connectionLogs": { "$ref": "#/types/aws:lb/LoadBalancerConnectionLogs:LoadBalancerConnectionLogs", "description": "Connection Logs block. See below. Only valid for Load Balancers of type `application`.\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "ID of the customer owned ipv4 pool to use for this load balancer.\n", "willReplaceOnChanges": true }, "desyncMitigationMode": { "type": "string", "description": "How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n" }, "dnsName": { "type": "string", "description": "DNS name of the load balancer.\n" }, "dnsRecordClientRoutingPolicy": { "type": "string", "description": "How traffic is distributed among the load balancer Availability Zones. Possible values are `any_availability_zone` (default), `availability_zone_affinity`, or `partial_availability_zone_affinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.\n" }, "dropInvalidHeaderFields": { "type": "boolean", "description": "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n" }, "enableCrossZoneLoadBalancing": { "type": "boolean", "description": "If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.\n" }, "enableDeletionProtection": { "type": "boolean", "description": "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n" }, "enableHttp2": { "type": "boolean", "description": "Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean", "description": "Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`\n" }, "enableWafFailOpen": { "type": "boolean", "description": "Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n" }, "enableXffClientPort": { "type": "boolean", "description": "Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.\n" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string", "description": "Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.\n" }, "idleTimeout": { "type": "integer", "description": "Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n" }, "internal": { "type": "boolean", "description": "If true, the LB will be internal. Defaults to `false`.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string", "description": "Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).\n" }, "loadBalancerType": { "type": "string", "description": "Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "preserveHostHeader": { "type": "boolean", "description": "Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping" }, "description": "Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.\n" }, "subnets": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string", "description": "Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.\n" }, "zoneId": { "type": "string", "description": "Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).\n" } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/loadBalancer:LoadBalancer" } ] }, "aws:lb/targetGroup:TargetGroup": { "description": "Provides a Target Group resource for use with Load Balancer resources.\n\n\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n## Example Usage\n\n### Instance Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"tf-example-lb-tg\",\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n name=\"tf-example-lb-tg\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"tf-example-lb-tg\",\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .port(80)\n .protocol(\"HTTP\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n port: 80\n protocol: HTTP\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n name: \"tf-example-lb-tg\",\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n name=\"tf-example-lb-tg\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new()\n {\n Name = \"tf-example-lb-tg\",\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var ip_example = new TargetGroup(\"ip-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .port(80)\n .protocol(\"HTTP\")\n .targetType(\"ip\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ip-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n port: 80\n protocol: HTTP\n targetType: ip\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n name: \"tf-example-lb-tg\",\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\",\n name=\"tf-example-lb-tg\",\n target_type=\"lambda\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new()\n {\n Name = \"tf-example-lb-tg\",\n TargetType = \"lambda\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"lambda-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-tg\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambda_example = new TargetGroup(\"lambda-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-tg\")\n .targetType(\"lambda\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambda-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-tg\n targetType: lambda\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ALB Target Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst alb_example = new aws.lb.TargetGroup(\"alb-example\", {\n name: \"tf-example-lb-alb-tg\",\n targetType: \"alb\",\n port: 80,\n protocol: \"TCP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nalb_example = aws.lb.TargetGroup(\"alb-example\",\n name=\"tf-example-lb-alb-tg\",\n target_type=\"alb\",\n port=80,\n protocol=\"TCP\",\n vpc_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alb_example = new Aws.LB.TargetGroup(\"alb-example\", new()\n {\n Name = \"tf-example-lb-alb-tg\",\n TargetType = \"alb\",\n Port = 80,\n Protocol = \"TCP\",\n VpcId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"alb-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-alb-tg\"),\n\t\t\tTargetType: pulumi.String(\"alb\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alb_example = new TargetGroup(\"alb-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-alb-tg\")\n .targetType(\"alb\")\n .port(80)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alb-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-alb-tg\n targetType: alb\n port: 80\n protocol: TCP\n vpcId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Target group with unhealthy connection termination disabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tcp_example = new aws.lb.TargetGroup(\"tcp-example\", {\n name: \"tf-example-lb-nlb-tg\",\n port: 25,\n protocol: \"TCP\",\n vpcId: main.id,\n targetHealthStates: [{\n enableUnhealthyConnectionTermination: false,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntcp_example = aws.lb.TargetGroup(\"tcp-example\",\n name=\"tf-example-lb-nlb-tg\",\n port=25,\n protocol=\"TCP\",\n vpc_id=main[\"id\"],\n target_health_states=[{\n \"enable_unhealthy_connection_termination\": False,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tcp_example = new Aws.LB.TargetGroup(\"tcp-example\", new()\n {\n Name = \"tf-example-lb-nlb-tg\",\n Port = 25,\n Protocol = \"TCP\",\n VpcId = main.Id,\n TargetHealthStates = new[]\n {\n new Aws.LB.Inputs.TargetGroupTargetHealthStateArgs\n {\n EnableUnhealthyConnectionTermination = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"tcp-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-nlb-tg\"),\n\t\t\tPort: pulumi.Int(25),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTargetHealthStates: lb.TargetGroupTargetHealthStateArray{\n\t\t\t\t\u0026lb.TargetGroupTargetHealthStateArgs{\n\t\t\t\t\tEnableUnhealthyConnectionTermination: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetHealthStateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tcp_example = new TargetGroup(\"tcp-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-nlb-tg\")\n .port(25)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .targetHealthStates(TargetGroupTargetHealthStateArgs.builder()\n .enableUnhealthyConnectionTermination(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tcp-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-nlb-tg\n port: 25\n protocol: TCP\n vpcId: ${main.id}\n targetHealthStates:\n - enableUnhealthyConnectionTermination: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Target group with health requirements\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tcp_example = new aws.lb.TargetGroup(\"tcp-example\", {\n name: \"tf-example-lb-nlb-tg\",\n port: 80,\n protocol: \"TCP\",\n vpcId: main.id,\n targetGroupHealth: {\n dnsFailover: {\n minimumHealthyTargetsCount: \"1\",\n minimumHealthyTargetsPercentage: \"off\",\n },\n unhealthyStateRouting: {\n minimumHealthyTargetsCount: 1,\n minimumHealthyTargetsPercentage: \"off\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntcp_example = aws.lb.TargetGroup(\"tcp-example\",\n name=\"tf-example-lb-nlb-tg\",\n port=80,\n protocol=\"TCP\",\n vpc_id=main[\"id\"],\n target_group_health={\n \"dns_failover\": {\n \"minimum_healthy_targets_count\": \"1\",\n \"minimum_healthy_targets_percentage\": \"off\",\n },\n \"unhealthy_state_routing\": {\n \"minimum_healthy_targets_count\": 1,\n \"minimum_healthy_targets_percentage\": \"off\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tcp_example = new Aws.LB.TargetGroup(\"tcp-example\", new()\n {\n Name = \"tf-example-lb-nlb-tg\",\n Port = 80,\n Protocol = \"TCP\",\n VpcId = main.Id,\n TargetGroupHealth = new Aws.LB.Inputs.TargetGroupTargetGroupHealthArgs\n {\n DnsFailover = new Aws.LB.Inputs.TargetGroupTargetGroupHealthDnsFailoverArgs\n {\n MinimumHealthyTargetsCount = \"1\",\n MinimumHealthyTargetsPercentage = \"off\",\n },\n UnhealthyStateRouting = new Aws.LB.Inputs.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs\n {\n MinimumHealthyTargetsCount = 1,\n MinimumHealthyTargetsPercentage = \"off\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"tcp-example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-nlb-tg\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTargetGroupHealth: \u0026lb.TargetGroupTargetGroupHealthArgs{\n\t\t\t\tDnsFailover: \u0026lb.TargetGroupTargetGroupHealthDnsFailoverArgs{\n\t\t\t\t\tMinimumHealthyTargetsCount: pulumi.String(\"1\"),\n\t\t\t\t\tMinimumHealthyTargetsPercentage: pulumi.String(\"off\"),\n\t\t\t\t},\n\t\t\t\tUnhealthyStateRouting: \u0026lb.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs{\n\t\t\t\t\tMinimumHealthyTargetsCount: pulumi.Int(1),\n\t\t\t\t\tMinimumHealthyTargetsPercentage: pulumi.String(\"off\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthDnsFailoverArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var tcp_example = new TargetGroup(\"tcp-example\", TargetGroupArgs.builder()\n .name(\"tf-example-lb-nlb-tg\")\n .port(80)\n .protocol(\"TCP\")\n .vpcId(main.id())\n .targetGroupHealth(TargetGroupTargetGroupHealthArgs.builder()\n .dnsFailover(TargetGroupTargetGroupHealthDnsFailoverArgs.builder()\n .minimumHealthyTargetsCount(\"1\")\n .minimumHealthyTargetsPercentage(\"off\")\n .build())\n .unhealthyStateRouting(TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs.builder()\n .minimumHealthyTargetsCount(\"1\")\n .minimumHealthyTargetsPercentage(\"off\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n tcp-example:\n type: aws:lb:TargetGroup\n properties:\n name: tf-example-lb-nlb-tg\n port: 80\n protocol: TCP\n vpcId: ${main.id}\n targetGroupHealth:\n dnsFailover:\n minimumHealthyTargetsCount: '1'\n minimumHealthyTargetsPercentage: off\n unhealthyStateRouting:\n minimumHealthyTargetsCount: '1'\n minimumHealthyTargetsPercentage: off\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Target Groups using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/targetGroup:TargetGroup app_front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:targetgroup/app-front-end/20cfe21448b66314\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Target Group (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "ARNs of the Load Balancers associated with the Target Group.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n" }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n" }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n" }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:lb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n" }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n" } }, "required": [ "arn", "arnSuffix", "connectionTermination", "healthCheck", "ipAddressType", "loadBalancerArns", "loadBalancingAlgorithmType", "loadBalancingAnomalyMitigation", "loadBalancingCrossZoneEnabled", "name", "namePrefix", "preserveClientIp", "protocolVersion", "stickiness", "tagsAll", "targetFailovers", "targetGroupHealth", "targetHealthStates" ], "inputProperties": { "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n", "willReplaceOnChanges": true }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n", "willReplaceOnChanges": true }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:lb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Target Group (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "connectionTermination": { "type": "boolean", "description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n" }, "deregistrationDelay": { "type": "integer", "description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n" }, "healthCheck": { "$ref": "#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck", "description": "Health Check configuration block. Detailed below.\n" }, "ipAddressType": { "type": "string", "description": "The type of IP addresses used by the target group, only supported when target type is set to `ip`. Possible values are `ipv4` or `ipv6`.\n", "willReplaceOnChanges": true }, "lambdaMultiValueHeadersEnabled": { "type": "boolean", "description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n" }, "loadBalancerArns": { "type": "array", "items": { "type": "string" }, "description": "ARNs of the Load Balancers associated with the Target Group.\n" }, "loadBalancingAlgorithmType": { "type": "string", "description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin`, `least_outstanding_requests`, or `weighted_random`. The default is `round_robin`.\n" }, "loadBalancingAnomalyMitigation": { "type": "string", "description": "Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the `weighted_random` load balancing algorithm type. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights) for more information. The value is `\"on\"` or `\"off\"`. The default is `\"off\"`.\n" }, "loadBalancingCrossZoneEnabled": { "type": "string", "description": "Indicates whether cross zone load balancing is enabled. The value is `\"true\"`, `\"false\"` or `\"use_load_balancer_configuration\"`. The default is `\"use_load_balancer_configuration\"`.\n" }, "name": { "type": "string", "description": "Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Port on which targets receive traffic, unless overridden when registering a specific target. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "preserveClientIp": { "type": "string", "description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n" }, "protocol": { "type": "string", "description": "Protocol to use for routing traffic to the targets.\nShould be one of `GENEVE`, `HTTP`, `HTTPS`, `TCP`, `TCP_UDP`, `TLS`, or `UDP`.\nRequired when `target_type` is `instance`, `ip`, or `alb`.\nDoes not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true }, "protocolVersion": { "type": "string", "description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify `GRPC` to send requests to targets using gRPC. Specify `HTTP2` to send requests to targets using HTTP/2. The default is `HTTP1`, which sends requests to targets using HTTP/1.1\n", "willReplaceOnChanges": true }, "proxyProtocolV2": { "type": "boolean", "description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n" }, "slowStart": { "type": "integer", "description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n" }, "stickiness": { "$ref": "#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness", "description": "Stickiness configuration block. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetFailovers": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetFailover:TargetGroupTargetFailover" }, "description": "Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.\n" }, "targetGroupHealth": { "$ref": "#/types/aws:lb/TargetGroupTargetGroupHealth:TargetGroupTargetGroupHealth", "description": "Target health requirements block. See target_group_health for more information.\n" }, "targetHealthStates": { "type": "array", "items": { "$ref": "#/types/aws:lb/TargetGroupTargetHealthState:TargetGroupTargetHealthState" }, "description": "Target health state block. Only applicable for Network Load Balancer target groups when `protocol` is `TCP` or `TLS`. See target_health_state for more information.\n" }, "targetType": { "type": "string", "description": "Type of target that you must specify when registering targets with this target group.\nSee [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values.\nThe default is `instance`.\n\nNote that you can't specify targets for a target group using both instance IDs and IP addresses.\n\nIf the target type is `ip`, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n\nNetwork Load Balancers do not support the `lambda` target type.\n\nApplication Load Balancers do not support the `alb` target type.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/targetGroup:TargetGroup" } ] }, "aws:lb/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder()\n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n}, {\n dependsOn: [withLb],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn,\n opts = pulumi.ResourceOptions(depends_on=[with_lb]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n withLb,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twithLb, err := lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twithLb,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder()\n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder()\n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(withLb)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n options:\n dependson:\n - ${withLb}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar example []*ec2.Instance\nfor index := 0; index \u003c 3; index++ {\n key0 := index\n _ := index\n__res, err := ec2.NewInstance(ctx, fmt.Sprintf(\"example-%v\", key0), nil)\nif err != nil {\nreturn err\n}\nexample = append(example, __res)\n}\nexampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nvar exampleTargetGroupAttachment []*lb.TargetGroupAttachment\nfor key0, val0 := range %!v(PANIC=Format method: fatal: An assertion has failed: tok: ) {\n__res, err := lb.NewTargetGroupAttachment(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026lb.TargetGroupAttachmentArgs{\nTargetGroupArn: exampleTargetGroup.Arn,\nTargetId: pulumi.String(val0),\nPort: pulumi.Int(80),\n})\nif err != nil {\nreturn err\n}\nexampleTargetGroupAttachment = append(exampleTargetGroupAttachment, __res)\n}\nreturn nil\n})\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n" }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n" }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n" }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n" } }, "required": [ "targetGroupArn", "targetId" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n", "willReplaceOnChanges": true }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "targetGroupArn", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "availabilityZone": { "type": "string", "description": "The Availability Zone where the IP address of the target is to be registered. If the private IP address is outside of the VPC scope, this value must be set to `all`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which targets receive traffic.\n", "willReplaceOnChanges": true }, "targetGroupArn": { "type": "string", "description": "The ARN of the target group with which to register targets.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is `ip`, specify an IP address. If the target type is `lambda`, specify the Lambda function ARN. If the target type is `alb`, specify the ALB ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" }, "aliases": [ { "type": "aws:elasticloadbalancingv2/targetGroupAttachment:TargetGroupAttachment" } ] }, "aws:lb/trustStore:TrustStore": { "description": "Provides a ELBv2 Trust Store for use with Application Load Balancer Listener resources.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import Target Groups using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/trustStore:TrustStore example arn:aws:elasticloadbalancing:us-west-2:187416307283:truststore/my-trust-store/20cfe21448b66314\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Trust Store (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "caCertificatesBundleS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n" }, "name": { "type": "string", "description": "Name of the Trust Store. If omitted, the provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "arnSuffix", "caCertificatesBundleS3Bucket", "caCertificatesBundleS3Key", "name", "namePrefix", "tagsAll" ], "inputProperties": { "caCertificatesBundleS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n" }, "name": { "type": "string", "description": "Name of the Trust Store. If omitted, the provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "caCertificatesBundleS3Bucket", "caCertificatesBundleS3Key" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrustStore resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Trust Store (matches `id`).\n" }, "arnSuffix": { "type": "string", "description": "ARN suffix for use with CloudWatch Metrics.\n" }, "caCertificatesBundleS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n" }, "caCertificatesBundleS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n" }, "name": { "type": "string", "description": "Name of the Trust Store. If omitted, the provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lb/trustStoreRevocation:TrustStoreRevocation": { "description": "Provides a ELBv2 Trust Store Revocation for use with Application Load Balancer Listener resources.\n\n## Example Usage\n\n### Trust Store With Revocations\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TrustStore(\"test\", {\n name: \"tf-example-lb-ts\",\n caCertificatesBundleS3Bucket: \"...\",\n caCertificatesBundleS3Key: \"...\",\n});\nconst testTrustStoreRevocation = new aws.lb.TrustStoreRevocation(\"test\", {\n trustStoreArn: test.arn,\n revocationsS3Bucket: \"...\",\n revocationsS3Key: \"...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TrustStore(\"test\",\n name=\"tf-example-lb-ts\",\n ca_certificates_bundle_s3_bucket=\"...\",\n ca_certificates_bundle_s3_key=\"...\")\ntest_trust_store_revocation = aws.lb.TrustStoreRevocation(\"test\",\n trust_store_arn=test.arn,\n revocations_s3_bucket=\"...\",\n revocations_s3_key=\"...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TrustStore(\"test\", new()\n {\n Name = \"tf-example-lb-ts\",\n CaCertificatesBundleS3Bucket = \"...\",\n CaCertificatesBundleS3Key = \"...\",\n });\n\n var testTrustStoreRevocation = new Aws.LB.TrustStoreRevocation(\"test\", new()\n {\n TrustStoreArn = test.Arn,\n RevocationsS3Bucket = \"...\",\n RevocationsS3Key = \"...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTrustStore(ctx, \"test\", \u0026lb.TrustStoreArgs{\n\t\t\tName: pulumi.String(\"tf-example-lb-ts\"),\n\t\t\tCaCertificatesBundleS3Bucket: pulumi.String(\"...\"),\n\t\t\tCaCertificatesBundleS3Key: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTrustStoreRevocation(ctx, \"test\", \u0026lb.TrustStoreRevocationArgs{\n\t\t\tTrustStoreArn: test.Arn,\n\t\t\tRevocationsS3Bucket: pulumi.String(\"...\"),\n\t\t\tRevocationsS3Key: pulumi.String(\"...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TrustStore;\nimport com.pulumi.aws.lb.TrustStoreArgs;\nimport com.pulumi.aws.lb.TrustStoreRevocation;\nimport com.pulumi.aws.lb.TrustStoreRevocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TrustStore(\"test\", TrustStoreArgs.builder()\n .name(\"tf-example-lb-ts\")\n .caCertificatesBundleS3Bucket(\"...\")\n .caCertificatesBundleS3Key(\"...\")\n .build());\n\n var testTrustStoreRevocation = new TrustStoreRevocation(\"testTrustStoreRevocation\", TrustStoreRevocationArgs.builder()\n .trustStoreArn(test.arn())\n .revocationsS3Bucket(\"...\")\n .revocationsS3Key(\"...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TrustStore\n properties:\n name: tf-example-lb-ts\n caCertificatesBundleS3Bucket: '...'\n caCertificatesBundleS3Key: '...'\n testTrustStoreRevocation:\n type: aws:lb:TrustStoreRevocation\n name: test\n properties:\n trustStoreArn: ${test.arn}\n revocationsS3Bucket: '...'\n revocationsS3Key: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Trust Store Revocations using their ARN. For example:\n\n```sh\n$ pulumi import aws:lb/trustStoreRevocation:TrustStoreRevocation example arn:aws:elasticloadbalancing:us-west-2:187416307283:truststore/my-trust-store/20cfe21448b66314,6\n```\n", "properties": { "revocationId": { "type": "integer", "description": "AWS assigned RevocationId, (number).\n" }, "revocationsS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n" }, "revocationsS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n" }, "revocationsS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n" }, "trustStoreArn": { "type": "string", "description": "Trust Store ARN.\n" } }, "required": [ "revocationId", "revocationsS3Bucket", "revocationsS3Key", "trustStoreArn" ], "inputProperties": { "revocationsS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n", "willReplaceOnChanges": true }, "revocationsS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n", "willReplaceOnChanges": true }, "revocationsS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n", "willReplaceOnChanges": true }, "trustStoreArn": { "type": "string", "description": "Trust Store ARN.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "revocationsS3Bucket", "revocationsS3Key", "trustStoreArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrustStoreRevocation resources.\n", "properties": { "revocationId": { "type": "integer", "description": "AWS assigned RevocationId, (number).\n" }, "revocationsS3Bucket": { "type": "string", "description": "S3 Bucket name holding the client certificate CA bundle.\n", "willReplaceOnChanges": true }, "revocationsS3Key": { "type": "string", "description": "S3 object key holding the client certificate CA bundle.\n", "willReplaceOnChanges": true }, "revocationsS3ObjectVersion": { "type": "string", "description": "Version Id of CA bundle S3 bucket object, if versioned, defaults to latest if omitted.\n", "willReplaceOnChanges": true }, "trustStoreArn": { "type": "string", "description": "Trust Store ARN.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lex/bot:Bot": { "description": "Provides an Amazon Lex Bot resource. For more information see\n[Amazon Lex: How It Works](https://docs.aws.amazon.com/lex/latest/dg/how-it-works.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowersBot = new aws.lex.Bot(\"order_flowers_bot\", {\n abortStatement: {\n messages: [{\n content: \"Sorry, I am not able to assist at this time\",\n contentType: \"PlainText\",\n }],\n },\n childDirected: false,\n clarificationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"I didn't understand you, what would you like to do?\",\n contentType: \"PlainText\",\n }],\n },\n createVersion: false,\n description: \"Bot to order flowers on the behalf of a user\",\n idleSessionTtlInSeconds: 600,\n intents: [{\n intentName: \"OrderFlowers\",\n intentVersion: \"1\",\n }],\n locale: \"en-US\",\n name: \"OrderFlowers\",\n processBehavior: \"BUILD\",\n voiceId: \"Salli\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers_bot = aws.lex.Bot(\"order_flowers_bot\",\n abort_statement={\n \"messages\": [{\n \"content\": \"Sorry, I am not able to assist at this time\",\n \"content_type\": \"PlainText\",\n }],\n },\n child_directed=False,\n clarification_prompt={\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"I didn't understand you, what would you like to do?\",\n \"content_type\": \"PlainText\",\n }],\n },\n create_version=False,\n description=\"Bot to order flowers on the behalf of a user\",\n idle_session_ttl_in_seconds=600,\n intents=[{\n \"intent_name\": \"OrderFlowers\",\n \"intent_version\": \"1\",\n }],\n locale=\"en-US\",\n name=\"OrderFlowers\",\n process_behavior=\"BUILD\",\n voice_id=\"Salli\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowersBot = new Aws.Lex.Bot(\"order_flowers_bot\", new()\n {\n AbortStatement = new Aws.Lex.Inputs.BotAbortStatementArgs\n {\n Messages = new[]\n {\n new Aws.Lex.Inputs.BotAbortStatementMessageArgs\n {\n Content = \"Sorry, I am not able to assist at this time\",\n ContentType = \"PlainText\",\n },\n },\n },\n ChildDirected = false,\n ClarificationPrompt = new Aws.Lex.Inputs.BotClarificationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.BotClarificationPromptMessageArgs\n {\n Content = \"I didn't understand you, what would you like to do?\",\n ContentType = \"PlainText\",\n },\n },\n },\n CreateVersion = false,\n Description = \"Bot to order flowers on the behalf of a user\",\n IdleSessionTtlInSeconds = 600,\n Intents = new[]\n {\n new Aws.Lex.Inputs.BotIntentArgs\n {\n IntentName = \"OrderFlowers\",\n IntentVersion = \"1\",\n },\n },\n Locale = \"en-US\",\n Name = \"OrderFlowers\",\n ProcessBehavior = \"BUILD\",\n VoiceId = \"Salli\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewBot(ctx, \"order_flowers_bot\", \u0026lex.BotArgs{\n\t\t\tAbortStatement: \u0026lex.BotAbortStatementArgs{\n\t\t\t\tMessages: lex.BotAbortStatementMessageArray{\n\t\t\t\t\t\u0026lex.BotAbortStatementMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"Sorry, I am not able to assist at this time\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tChildDirected: pulumi.Bool(false),\n\t\t\tClarificationPrompt: \u0026lex.BotClarificationPromptArgs{\n\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\tMessages: lex.BotClarificationPromptMessageArray{\n\t\t\t\t\t\u0026lex.BotClarificationPromptMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"I didn't understand you, what would you like to do?\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tCreateVersion: pulumi.Bool(false),\n\t\t\tDescription: pulumi.String(\"Bot to order flowers on the behalf of a user\"),\n\t\t\tIdleSessionTtlInSeconds: pulumi.Int(600),\n\t\t\tIntents: lex.BotIntentArray{\n\t\t\t\t\u0026lex.BotIntentArgs{\n\t\t\t\t\tIntentName: pulumi.String(\"OrderFlowers\"),\n\t\t\t\t\tIntentVersion: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLocale: pulumi.String(\"en-US\"),\n\t\t\tName: pulumi.String(\"OrderFlowers\"),\n\t\t\tProcessBehavior: pulumi.String(\"BUILD\"),\n\t\t\tVoiceId: pulumi.String(\"Salli\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.Bot;\nimport com.pulumi.aws.lex.BotArgs;\nimport com.pulumi.aws.lex.inputs.BotAbortStatementArgs;\nimport com.pulumi.aws.lex.inputs.BotClarificationPromptArgs;\nimport com.pulumi.aws.lex.inputs.BotIntentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var orderFlowersBot = new Bot(\"orderFlowersBot\", BotArgs.builder()\n .abortStatement(BotAbortStatementArgs.builder()\n .messages(BotAbortStatementMessageArgs.builder()\n .content(\"Sorry, I am not able to assist at this time\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .childDirected(false)\n .clarificationPrompt(BotClarificationPromptArgs.builder()\n .maxAttempts(2)\n .messages(BotClarificationPromptMessageArgs.builder()\n .content(\"I didn't understand you, what would you like to do?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .createVersion(false)\n .description(\"Bot to order flowers on the behalf of a user\")\n .idleSessionTtlInSeconds(600)\n .intents(BotIntentArgs.builder()\n .intentName(\"OrderFlowers\")\n .intentVersion(\"1\")\n .build())\n .locale(\"en-US\")\n .name(\"OrderFlowers\")\n .processBehavior(\"BUILD\")\n .voiceId(\"Salli\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n orderFlowersBot:\n type: aws:lex:Bot\n name: order_flowers_bot\n properties:\n abortStatement:\n messages:\n - content: Sorry, I am not able to assist at this time\n contentType: PlainText\n childDirected: false\n clarificationPrompt:\n maxAttempts: 2\n messages:\n - content: I didn't understand you, what would you like to do?\n contentType: PlainText\n createVersion: false\n description: Bot to order flowers on the behalf of a user\n idleSessionTtlInSeconds: 600\n intents:\n - intentName: OrderFlowers\n intentVersion: '1'\n locale: en-US\n name: OrderFlowers\n processBehavior: BUILD\n voiceId: Salli\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import bots using their name. For example:\n\n```sh\n$ pulumi import aws:lex/bot:Bot order_flowers_bot OrderFlowers\n```\n", "properties": { "abortStatement": { "$ref": "#/types/aws:lex/BotAbortStatement:BotAbortStatement", "description": "The message that Amazon Lex uses to abort a conversation. Attributes are documented under statement.\n" }, "arn": { "type": "string" }, "checksum": { "type": "string", "description": "Checksum identifying the version of the bot that was created. The checksum is not\nincluded as an argument because the resource will add it automatically when updating the bot.\n" }, "childDirected": { "type": "boolean", "description": "By specifying true, you confirm that your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. For more information see the [Amazon Lex FAQ](https://aws.amazon.com/lex/faqs#data-security) and the [Amazon Lex PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-childDirected).\n" }, "clarificationPrompt": { "$ref": "#/types/aws:lex/BotClarificationPrompt:BotClarificationPrompt", "description": "The message that Amazon Lex uses when it doesn't understand the user's request. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new bot version is created when the initial resource is created and on each update. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the bot version was created.\n" }, "description": { "type": "string", "description": "A description of the bot. Must be less than or equal to 200 characters in length.\n" }, "detectSentiment": { "type": "boolean", "description": "When set to true user utterances are sent to Amazon Comprehend for sentiment analysis. If you don't specify detectSentiment, the default is `false`.\n" }, "enableModelImprovements": { "type": "boolean", "description": "Set to `true` to enable access to natural language understanding improvements. When you set the `enable_model_improvements` parameter to true you can use the `nlu_intent_confidence_threshold` parameter to configure confidence scores. For more information, see [Confidence Scores](https://docs.aws.amazon.com/lex/latest/dg/confidence-scores.html). You can only set the `enable_model_improvements` parameter in certain Regions. If you set the parameter to true, your bot has access to accuracy improvements. For more information see the [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-enableModelImprovements).\n" }, "failureReason": { "type": "string", "description": "If status is FAILED, Amazon Lex provides the reason that it failed to build the bot.\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "The maximum time in seconds that Amazon Lex retains the data gathered in a conversation. Default is `300`. Must be a number between 60 and 86400 (inclusive).\n" }, "intents": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotIntent:BotIntent" }, "description": "A set of Intent objects. Each intent represents a command that a user can express. Attributes are documented under intent. Can have up to 250 Intent objects.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the $LATEST version of this bot was updated.\n" }, "locale": { "type": "string", "description": "Specifies the target locale for the bot. Any intent used in the bot must be compatible with the locale of the bot. For available locales, see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-locale). Default is `en-US`.\n" }, "name": { "type": "string", "description": "The name of the bot that you want to create, case sensitive. Must be between 2 and 50 characters in length.\n" }, "nluIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents in a PostContent or PostText response. AMAZON.FallbackIntent and AMAZON.KendraSearchIntent are only inserted if they are configured for the bot. For more information see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-nluIntentConfidenceThreshold) This value requires `enable_model_improvements` to be set to `true` and the default is `0`. Must be a float between 0 and 1.\n" }, "processBehavior": { "type": "string", "description": "If you set the `process_behavior` element to `BUILD`, Amazon Lex builds the bot so that it can be run. If you set the element to `SAVE` Amazon Lex saves the bot, but doesn't build it. Default is `SAVE`.\n" }, "status": { "type": "string", "description": "When you send a request to create or update a bot, Amazon Lex sets the status response\nelement to BUILDING. After Amazon Lex builds the bot, it sets status to READY. If Amazon Lex can't\nbuild the bot, it sets status to FAILED. Amazon Lex returns the reason for the failure in the\nfailure_reason response element.\n" }, "version": { "type": "string", "description": "The version of the bot.\n" }, "voiceId": { "type": "string", "description": "The Amazon Polly voice ID that you want Amazon Lex to use for voice interactions with the user. The locale configured for the voice must match the locale of the bot. For more information, see [Available Voices](http://docs.aws.amazon.com/polly/latest/dg/voicelist.html) in the Amazon Polly Developer Guide.\n" } }, "required": [ "abortStatement", "arn", "checksum", "childDirected", "createdDate", "failureReason", "intents", "lastUpdatedDate", "name", "status", "version", "voiceId" ], "inputProperties": { "abortStatement": { "$ref": "#/types/aws:lex/BotAbortStatement:BotAbortStatement", "description": "The message that Amazon Lex uses to abort a conversation. Attributes are documented under statement.\n" }, "childDirected": { "type": "boolean", "description": "By specifying true, you confirm that your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. For more information see the [Amazon Lex FAQ](https://aws.amazon.com/lex/faqs#data-security) and the [Amazon Lex PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-childDirected).\n" }, "clarificationPrompt": { "$ref": "#/types/aws:lex/BotClarificationPrompt:BotClarificationPrompt", "description": "The message that Amazon Lex uses when it doesn't understand the user's request. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new bot version is created when the initial resource is created and on each update. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A description of the bot. Must be less than or equal to 200 characters in length.\n" }, "detectSentiment": { "type": "boolean", "description": "When set to true user utterances are sent to Amazon Comprehend for sentiment analysis. If you don't specify detectSentiment, the default is `false`.\n" }, "enableModelImprovements": { "type": "boolean", "description": "Set to `true` to enable access to natural language understanding improvements. When you set the `enable_model_improvements` parameter to true you can use the `nlu_intent_confidence_threshold` parameter to configure confidence scores. For more information, see [Confidence Scores](https://docs.aws.amazon.com/lex/latest/dg/confidence-scores.html). You can only set the `enable_model_improvements` parameter in certain Regions. If you set the parameter to true, your bot has access to accuracy improvements. For more information see the [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-enableModelImprovements).\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "The maximum time in seconds that Amazon Lex retains the data gathered in a conversation. Default is `300`. Must be a number between 60 and 86400 (inclusive).\n" }, "intents": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotIntent:BotIntent" }, "description": "A set of Intent objects. Each intent represents a command that a user can express. Attributes are documented under intent. Can have up to 250 Intent objects.\n" }, "locale": { "type": "string", "description": "Specifies the target locale for the bot. Any intent used in the bot must be compatible with the locale of the bot. For available locales, see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-locale). Default is `en-US`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the bot that you want to create, case sensitive. Must be between 2 and 50 characters in length.\n", "willReplaceOnChanges": true }, "nluIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents in a PostContent or PostText response. AMAZON.FallbackIntent and AMAZON.KendraSearchIntent are only inserted if they are configured for the bot. For more information see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-nluIntentConfidenceThreshold) This value requires `enable_model_improvements` to be set to `true` and the default is `0`. Must be a float between 0 and 1.\n" }, "processBehavior": { "type": "string", "description": "If you set the `process_behavior` element to `BUILD`, Amazon Lex builds the bot so that it can be run. If you set the element to `SAVE` Amazon Lex saves the bot, but doesn't build it. Default is `SAVE`.\n" }, "voiceId": { "type": "string", "description": "The Amazon Polly voice ID that you want Amazon Lex to use for voice interactions with the user. The locale configured for the voice must match the locale of the bot. For more information, see [Available Voices](http://docs.aws.amazon.com/polly/latest/dg/voicelist.html) in the Amazon Polly Developer Guide.\n" } }, "requiredInputs": [ "abortStatement", "childDirected", "intents" ], "stateInputs": { "description": "Input properties used for looking up and filtering Bot resources.\n", "properties": { "abortStatement": { "$ref": "#/types/aws:lex/BotAbortStatement:BotAbortStatement", "description": "The message that Amazon Lex uses to abort a conversation. Attributes are documented under statement.\n" }, "arn": { "type": "string" }, "checksum": { "type": "string", "description": "Checksum identifying the version of the bot that was created. The checksum is not\nincluded as an argument because the resource will add it automatically when updating the bot.\n" }, "childDirected": { "type": "boolean", "description": "By specifying true, you confirm that your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. For more information see the [Amazon Lex FAQ](https://aws.amazon.com/lex/faqs#data-security) and the [Amazon Lex PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-childDirected).\n" }, "clarificationPrompt": { "$ref": "#/types/aws:lex/BotClarificationPrompt:BotClarificationPrompt", "description": "The message that Amazon Lex uses when it doesn't understand the user's request. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new bot version is created when the initial resource is created and on each update. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the bot version was created.\n" }, "description": { "type": "string", "description": "A description of the bot. Must be less than or equal to 200 characters in length.\n" }, "detectSentiment": { "type": "boolean", "description": "When set to true user utterances are sent to Amazon Comprehend for sentiment analysis. If you don't specify detectSentiment, the default is `false`.\n" }, "enableModelImprovements": { "type": "boolean", "description": "Set to `true` to enable access to natural language understanding improvements. When you set the `enable_model_improvements` parameter to true you can use the `nlu_intent_confidence_threshold` parameter to configure confidence scores. For more information, see [Confidence Scores](https://docs.aws.amazon.com/lex/latest/dg/confidence-scores.html). You can only set the `enable_model_improvements` parameter in certain Regions. If you set the parameter to true, your bot has access to accuracy improvements. For more information see the [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-enableModelImprovements).\n" }, "failureReason": { "type": "string", "description": "If status is FAILED, Amazon Lex provides the reason that it failed to build the bot.\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "The maximum time in seconds that Amazon Lex retains the data gathered in a conversation. Default is `300`. Must be a number between 60 and 86400 (inclusive).\n" }, "intents": { "type": "array", "items": { "$ref": "#/types/aws:lex/BotIntent:BotIntent" }, "description": "A set of Intent objects. Each intent represents a command that a user can express. Attributes are documented under intent. Can have up to 250 Intent objects.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the $LATEST version of this bot was updated.\n" }, "locale": { "type": "string", "description": "Specifies the target locale for the bot. Any intent used in the bot must be compatible with the locale of the bot. For available locales, see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-locale). Default is `en-US`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the bot that you want to create, case sensitive. Must be between 2 and 50 characters in length.\n", "willReplaceOnChanges": true }, "nluIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents in a PostContent or PostText response. AMAZON.FallbackIntent and AMAZON.KendraSearchIntent are only inserted if they are configured for the bot. For more information see [Amazon Lex Bot PutBot API Docs](https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html#lex-PutBot-request-nluIntentConfidenceThreshold) This value requires `enable_model_improvements` to be set to `true` and the default is `0`. Must be a float between 0 and 1.\n" }, "processBehavior": { "type": "string", "description": "If you set the `process_behavior` element to `BUILD`, Amazon Lex builds the bot so that it can be run. If you set the element to `SAVE` Amazon Lex saves the bot, but doesn't build it. Default is `SAVE`.\n" }, "status": { "type": "string", "description": "When you send a request to create or update a bot, Amazon Lex sets the status response\nelement to BUILDING. After Amazon Lex builds the bot, it sets status to READY. If Amazon Lex can't\nbuild the bot, it sets status to FAILED. Amazon Lex returns the reason for the failure in the\nfailure_reason response element.\n" }, "version": { "type": "string", "description": "The version of the bot.\n" }, "voiceId": { "type": "string", "description": "The Amazon Polly voice ID that you want Amazon Lex to use for voice interactions with the user. The locale configured for the voice must match the locale of the bot. For more information, see [Available Voices](http://docs.aws.amazon.com/polly/latest/dg/voicelist.html) in the Amazon Polly Developer Guide.\n" } }, "type": "object" } }, "aws:lex/botAlias:BotAlias": { "description": "Provides an Amazon Lex Bot Alias resource. For more information see\n[Amazon Lex: How It Works](https://docs.aws.amazon.com/lex/latest/dg/how-it-works.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowersProd = new aws.lex.BotAlias(\"order_flowers_prod\", {\n botName: \"OrderFlowers\",\n botVersion: \"1\",\n description: \"Production Version of the OrderFlowers Bot.\",\n name: \"OrderFlowersProd\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers_prod = aws.lex.BotAlias(\"order_flowers_prod\",\n bot_name=\"OrderFlowers\",\n bot_version=\"1\",\n description=\"Production Version of the OrderFlowers Bot.\",\n name=\"OrderFlowersProd\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowersProd = new Aws.Lex.BotAlias(\"order_flowers_prod\", new()\n {\n BotName = \"OrderFlowers\",\n BotVersion = \"1\",\n Description = \"Production Version of the OrderFlowers Bot.\",\n Name = \"OrderFlowersProd\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewBotAlias(ctx, \"order_flowers_prod\", \u0026lex.BotAliasArgs{\n\t\t\tBotName: pulumi.String(\"OrderFlowers\"),\n\t\t\tBotVersion: pulumi.String(\"1\"),\n\t\t\tDescription: pulumi.String(\"Production Version of the OrderFlowers Bot.\"),\n\t\t\tName: pulumi.String(\"OrderFlowersProd\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.BotAlias;\nimport com.pulumi.aws.lex.BotAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var orderFlowersProd = new BotAlias(\"orderFlowersProd\", BotAliasArgs.builder()\n .botName(\"OrderFlowers\")\n .botVersion(\"1\")\n .description(\"Production Version of the OrderFlowers Bot.\")\n .name(\"OrderFlowersProd\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n orderFlowersProd:\n type: aws:lex:BotAlias\n name: order_flowers_prod\n properties:\n botName: OrderFlowers\n botVersion: '1'\n description: Production Version of the OrderFlowers Bot.\n name: OrderFlowersProd\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import bot aliases using an ID with the format `bot_name:bot_alias_name`. For example:\n\n```sh\n$ pulumi import aws:lex/botAlias:BotAlias order_flowers_prod OrderFlowers:OrderFlowersProd\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the bot alias.\n" }, "botName": { "type": "string", "description": "The name of the bot.\n" }, "botVersion": { "type": "string", "description": "The version of the bot.\n" }, "checksum": { "type": "string", "description": "Checksum of the bot alias.\n" }, "conversationLogs": { "$ref": "#/types/aws:lex/BotAliasConversationLogs:BotAliasConversationLogs", "description": "The settings that determine how Amazon Lex uses conversation logs for the alias. Attributes are documented under conversation_logs.\n" }, "createdDate": { "type": "string", "description": "The date that the bot alias was created.\n" }, "description": { "type": "string", "description": "A description of the alias. Must be less than or equal to 200 characters in length.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date that the bot alias was updated. When you create a resource, the creation date and the last updated date are the same.\n" }, "name": { "type": "string", "description": "The name of the alias. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n" } }, "required": [ "arn", "botName", "botVersion", "checksum", "createdDate", "lastUpdatedDate", "name" ], "inputProperties": { "botName": { "type": "string", "description": "The name of the bot.\n", "willReplaceOnChanges": true }, "botVersion": { "type": "string", "description": "The version of the bot.\n" }, "conversationLogs": { "$ref": "#/types/aws:lex/BotAliasConversationLogs:BotAliasConversationLogs", "description": "The settings that determine how Amazon Lex uses conversation logs for the alias. Attributes are documented under conversation_logs.\n" }, "description": { "type": "string", "description": "A description of the alias. Must be less than or equal to 200 characters in length.\n" }, "name": { "type": "string", "description": "The name of the alias. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "botName", "botVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering BotAlias resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the bot alias.\n" }, "botName": { "type": "string", "description": "The name of the bot.\n", "willReplaceOnChanges": true }, "botVersion": { "type": "string", "description": "The version of the bot.\n" }, "checksum": { "type": "string", "description": "Checksum of the bot alias.\n" }, "conversationLogs": { "$ref": "#/types/aws:lex/BotAliasConversationLogs:BotAliasConversationLogs", "description": "The settings that determine how Amazon Lex uses conversation logs for the alias. Attributes are documented under conversation_logs.\n" }, "createdDate": { "type": "string", "description": "The date that the bot alias was created.\n" }, "description": { "type": "string", "description": "A description of the alias. Must be less than or equal to 200 characters in length.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date that the bot alias was updated. When you create a resource, the creation date and the last updated date are the same.\n" }, "name": { "type": "string", "description": "The name of the alias. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lex/intent:Intent": { "description": "Provides an Amazon Lex Intent resource. For more information see\n[Amazon Lex: How It Works](https://docs.aws.amazon.com/lex/latest/dg/how-it-works.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowersIntent = new aws.lex.Intent(\"order_flowers_intent\", {\n confirmationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\",\n contentType: \"PlainText\",\n }],\n },\n createVersion: false,\n name: \"OrderFlowers\",\n description: \"Intent to order a bouquet of flowers for pick up\",\n fulfillmentActivity: {\n type: \"ReturnIntent\",\n },\n rejectionStatement: {\n messages: [{\n content: \"Okay, I will not place your order.\",\n contentType: \"PlainText\",\n }],\n },\n sampleUtterances: [\n \"I would like to order some flowers\",\n \"I would like to pick up flowers\",\n ],\n slots: [\n {\n description: \"The type of flowers to pick up\",\n name: \"FlowerType\",\n priority: 1,\n sampleUtterances: [\"I would like to order {FlowerType}\"],\n slotConstraint: \"Required\",\n slotType: \"FlowerTypes\",\n slotTypeVersion: \"$$LATEST\",\n valueElicitationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"What type of flowers would you like to order?\",\n contentType: \"PlainText\",\n }],\n },\n },\n {\n description: \"The date to pick up the flowers\",\n name: \"PickupDate\",\n priority: 2,\n sampleUtterances: [\"I would like to order {FlowerType}\"],\n slotConstraint: \"Required\",\n slotType: \"AMAZON.DATE\",\n slotTypeVersion: \"$$LATEST\",\n valueElicitationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"What day do you want the {FlowerType} to be picked up?\",\n contentType: \"PlainText\",\n }],\n },\n },\n {\n description: \"The time to pick up the flowers\",\n name: \"PickupTime\",\n priority: 3,\n sampleUtterances: [\"I would like to order {FlowerType}\"],\n slotConstraint: \"Required\",\n slotType: \"AMAZON.TIME\",\n slotTypeVersion: \"$$LATEST\",\n valueElicitationPrompt: {\n maxAttempts: 2,\n messages: [{\n content: \"Pick up the {FlowerType} at what time on {PickupDate}?\",\n contentType: \"PlainText\",\n }],\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers_intent = aws.lex.Intent(\"order_flowers_intent\",\n confirmation_prompt={\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\",\n \"content_type\": \"PlainText\",\n }],\n },\n create_version=False,\n name=\"OrderFlowers\",\n description=\"Intent to order a bouquet of flowers for pick up\",\n fulfillment_activity={\n \"type\": \"ReturnIntent\",\n },\n rejection_statement={\n \"messages\": [{\n \"content\": \"Okay, I will not place your order.\",\n \"content_type\": \"PlainText\",\n }],\n },\n sample_utterances=[\n \"I would like to order some flowers\",\n \"I would like to pick up flowers\",\n ],\n slots=[\n {\n \"description\": \"The type of flowers to pick up\",\n \"name\": \"FlowerType\",\n \"priority\": 1,\n \"sample_utterances\": [\"I would like to order {FlowerType}\"],\n \"slot_constraint\": \"Required\",\n \"slot_type\": \"FlowerTypes\",\n \"slot_type_version\": \"$$LATEST\",\n \"value_elicitation_prompt\": {\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"What type of flowers would you like to order?\",\n \"content_type\": \"PlainText\",\n }],\n },\n },\n {\n \"description\": \"The date to pick up the flowers\",\n \"name\": \"PickupDate\",\n \"priority\": 2,\n \"sample_utterances\": [\"I would like to order {FlowerType}\"],\n \"slot_constraint\": \"Required\",\n \"slot_type\": \"AMAZON.DATE\",\n \"slot_type_version\": \"$$LATEST\",\n \"value_elicitation_prompt\": {\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"What day do you want the {FlowerType} to be picked up?\",\n \"content_type\": \"PlainText\",\n }],\n },\n },\n {\n \"description\": \"The time to pick up the flowers\",\n \"name\": \"PickupTime\",\n \"priority\": 3,\n \"sample_utterances\": [\"I would like to order {FlowerType}\"],\n \"slot_constraint\": \"Required\",\n \"slot_type\": \"AMAZON.TIME\",\n \"slot_type_version\": \"$$LATEST\",\n \"value_elicitation_prompt\": {\n \"max_attempts\": 2,\n \"messages\": [{\n \"content\": \"Pick up the {FlowerType} at what time on {PickupDate}?\",\n \"content_type\": \"PlainText\",\n }],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowersIntent = new Aws.Lex.Intent(\"order_flowers_intent\", new()\n {\n ConfirmationPrompt = new Aws.Lex.Inputs.IntentConfirmationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.IntentConfirmationPromptMessageArgs\n {\n Content = \"Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\",\n ContentType = \"PlainText\",\n },\n },\n },\n CreateVersion = false,\n Name = \"OrderFlowers\",\n Description = \"Intent to order a bouquet of flowers for pick up\",\n FulfillmentActivity = new Aws.Lex.Inputs.IntentFulfillmentActivityArgs\n {\n Type = \"ReturnIntent\",\n },\n RejectionStatement = new Aws.Lex.Inputs.IntentRejectionStatementArgs\n {\n Messages = new[]\n {\n new Aws.Lex.Inputs.IntentRejectionStatementMessageArgs\n {\n Content = \"Okay, I will not place your order.\",\n ContentType = \"PlainText\",\n },\n },\n },\n SampleUtterances = new[]\n {\n \"I would like to order some flowers\",\n \"I would like to pick up flowers\",\n },\n Slots = new[]\n {\n new Aws.Lex.Inputs.IntentSlotArgs\n {\n Description = \"The type of flowers to pick up\",\n Name = \"FlowerType\",\n Priority = 1,\n SampleUtterances = new[]\n {\n \"I would like to order {FlowerType}\",\n },\n SlotConstraint = \"Required\",\n SlotType = \"FlowerTypes\",\n SlotTypeVersion = \"$$LATEST\",\n ValueElicitationPrompt = new Aws.Lex.Inputs.IntentSlotValueElicitationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.IntentSlotValueElicitationPromptMessageArgs\n {\n Content = \"What type of flowers would you like to order?\",\n ContentType = \"PlainText\",\n },\n },\n },\n },\n new Aws.Lex.Inputs.IntentSlotArgs\n {\n Description = \"The date to pick up the flowers\",\n Name = \"PickupDate\",\n Priority = 2,\n SampleUtterances = new[]\n {\n \"I would like to order {FlowerType}\",\n },\n SlotConstraint = \"Required\",\n SlotType = \"AMAZON.DATE\",\n SlotTypeVersion = \"$$LATEST\",\n ValueElicitationPrompt = new Aws.Lex.Inputs.IntentSlotValueElicitationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.IntentSlotValueElicitationPromptMessageArgs\n {\n Content = \"What day do you want the {FlowerType} to be picked up?\",\n ContentType = \"PlainText\",\n },\n },\n },\n },\n new Aws.Lex.Inputs.IntentSlotArgs\n {\n Description = \"The time to pick up the flowers\",\n Name = \"PickupTime\",\n Priority = 3,\n SampleUtterances = new[]\n {\n \"I would like to order {FlowerType}\",\n },\n SlotConstraint = \"Required\",\n SlotType = \"AMAZON.TIME\",\n SlotTypeVersion = \"$$LATEST\",\n ValueElicitationPrompt = new Aws.Lex.Inputs.IntentSlotValueElicitationPromptArgs\n {\n MaxAttempts = 2,\n Messages = new[]\n {\n new Aws.Lex.Inputs.IntentSlotValueElicitationPromptMessageArgs\n {\n Content = \"Pick up the {FlowerType} at what time on {PickupDate}?\",\n ContentType = \"PlainText\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewIntent(ctx, \"order_flowers_intent\", \u0026lex.IntentArgs{\n\t\t\tConfirmationPrompt: \u0026lex.IntentConfirmationPromptArgs{\n\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\tMessages: lex.IntentConfirmationPromptMessageArray{\n\t\t\t\t\t\u0026lex.IntentConfirmationPromptMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tCreateVersion: pulumi.Bool(false),\n\t\t\tName: pulumi.String(\"OrderFlowers\"),\n\t\t\tDescription: pulumi.String(\"Intent to order a bouquet of flowers for pick up\"),\n\t\t\tFulfillmentActivity: \u0026lex.IntentFulfillmentActivityArgs{\n\t\t\t\tType: pulumi.String(\"ReturnIntent\"),\n\t\t\t},\n\t\t\tRejectionStatement: \u0026lex.IntentRejectionStatementArgs{\n\t\t\t\tMessages: lex.IntentRejectionStatementMessageArray{\n\t\t\t\t\t\u0026lex.IntentRejectionStatementMessageArgs{\n\t\t\t\t\t\tContent: pulumi.String(\"Okay, I will not place your order.\"),\n\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSampleUtterances: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"I would like to order some flowers\"),\n\t\t\t\tpulumi.String(\"I would like to pick up flowers\"),\n\t\t\t},\n\t\t\tSlots: lex.IntentSlotArray{\n\t\t\t\t\u0026lex.IntentSlotArgs{\n\t\t\t\t\tDescription: pulumi.String(\"The type of flowers to pick up\"),\n\t\t\t\t\tName: pulumi.String(\"FlowerType\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tSampleUtterances: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"I would like to order {FlowerType}\"),\n\t\t\t\t\t},\n\t\t\t\t\tSlotConstraint: pulumi.String(\"Required\"),\n\t\t\t\t\tSlotType: pulumi.String(\"FlowerTypes\"),\n\t\t\t\t\tSlotTypeVersion: pulumi.String(\"$$LATEST\"),\n\t\t\t\t\tValueElicitationPrompt: \u0026lex.IntentSlotValueElicitationPromptArgs{\n\t\t\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\t\t\tMessages: lex.IntentSlotValueElicitationPromptMessageArray{\n\t\t\t\t\t\t\t\u0026lex.IntentSlotValueElicitationPromptMessageArgs{\n\t\t\t\t\t\t\t\tContent: pulumi.String(\"What type of flowers would you like to order?\"),\n\t\t\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lex.IntentSlotArgs{\n\t\t\t\t\tDescription: pulumi.String(\"The date to pick up the flowers\"),\n\t\t\t\t\tName: pulumi.String(\"PickupDate\"),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tSampleUtterances: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"I would like to order {FlowerType}\"),\n\t\t\t\t\t},\n\t\t\t\t\tSlotConstraint: pulumi.String(\"Required\"),\n\t\t\t\t\tSlotType: pulumi.String(\"AMAZON.DATE\"),\n\t\t\t\t\tSlotTypeVersion: pulumi.String(\"$$LATEST\"),\n\t\t\t\t\tValueElicitationPrompt: \u0026lex.IntentSlotValueElicitationPromptArgs{\n\t\t\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\t\t\tMessages: lex.IntentSlotValueElicitationPromptMessageArray{\n\t\t\t\t\t\t\t\u0026lex.IntentSlotValueElicitationPromptMessageArgs{\n\t\t\t\t\t\t\t\tContent: pulumi.String(\"What day do you want the {FlowerType} to be picked up?\"),\n\t\t\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lex.IntentSlotArgs{\n\t\t\t\t\tDescription: pulumi.String(\"The time to pick up the flowers\"),\n\t\t\t\t\tName: pulumi.String(\"PickupTime\"),\n\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t\tSampleUtterances: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"I would like to order {FlowerType}\"),\n\t\t\t\t\t},\n\t\t\t\t\tSlotConstraint: pulumi.String(\"Required\"),\n\t\t\t\t\tSlotType: pulumi.String(\"AMAZON.TIME\"),\n\t\t\t\t\tSlotTypeVersion: pulumi.String(\"$$LATEST\"),\n\t\t\t\t\tValueElicitationPrompt: \u0026lex.IntentSlotValueElicitationPromptArgs{\n\t\t\t\t\t\tMaxAttempts: pulumi.Int(2),\n\t\t\t\t\t\tMessages: lex.IntentSlotValueElicitationPromptMessageArray{\n\t\t\t\t\t\t\t\u0026lex.IntentSlotValueElicitationPromptMessageArgs{\n\t\t\t\t\t\t\t\tContent: pulumi.String(\"Pick up the {FlowerType} at what time on {PickupDate}?\"),\n\t\t\t\t\t\t\t\tContentType: pulumi.String(\"PlainText\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.Intent;\nimport com.pulumi.aws.lex.IntentArgs;\nimport com.pulumi.aws.lex.inputs.IntentConfirmationPromptArgs;\nimport com.pulumi.aws.lex.inputs.IntentFulfillmentActivityArgs;\nimport com.pulumi.aws.lex.inputs.IntentRejectionStatementArgs;\nimport com.pulumi.aws.lex.inputs.IntentSlotArgs;\nimport com.pulumi.aws.lex.inputs.IntentSlotValueElicitationPromptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var orderFlowersIntent = new Intent(\"orderFlowersIntent\", IntentArgs.builder()\n .confirmationPrompt(IntentConfirmationPromptArgs.builder()\n .maxAttempts(2)\n .messages(IntentConfirmationPromptMessageArgs.builder()\n .content(\"Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .createVersion(false)\n .name(\"OrderFlowers\")\n .description(\"Intent to order a bouquet of flowers for pick up\")\n .fulfillmentActivity(IntentFulfillmentActivityArgs.builder()\n .type(\"ReturnIntent\")\n .build())\n .rejectionStatement(IntentRejectionStatementArgs.builder()\n .messages(IntentRejectionStatementMessageArgs.builder()\n .content(\"Okay, I will not place your order.\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .sampleUtterances( \n \"I would like to order some flowers\",\n \"I would like to pick up flowers\")\n .slots( \n IntentSlotArgs.builder()\n .description(\"The type of flowers to pick up\")\n .name(\"FlowerType\")\n .priority(1)\n .sampleUtterances(\"I would like to order {FlowerType}\")\n .slotConstraint(\"Required\")\n .slotType(\"FlowerTypes\")\n .slotTypeVersion(\"$$LATEST\")\n .valueElicitationPrompt(IntentSlotValueElicitationPromptArgs.builder()\n .maxAttempts(2)\n .messages(IntentSlotValueElicitationPromptMessageArgs.builder()\n .content(\"What type of flowers would you like to order?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .build(),\n IntentSlotArgs.builder()\n .description(\"The date to pick up the flowers\")\n .name(\"PickupDate\")\n .priority(2)\n .sampleUtterances(\"I would like to order {FlowerType}\")\n .slotConstraint(\"Required\")\n .slotType(\"AMAZON.DATE\")\n .slotTypeVersion(\"$$LATEST\")\n .valueElicitationPrompt(IntentSlotValueElicitationPromptArgs.builder()\n .maxAttempts(2)\n .messages(IntentSlotValueElicitationPromptMessageArgs.builder()\n .content(\"What day do you want the {FlowerType} to be picked up?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .build(),\n IntentSlotArgs.builder()\n .description(\"The time to pick up the flowers\")\n .name(\"PickupTime\")\n .priority(3)\n .sampleUtterances(\"I would like to order {FlowerType}\")\n .slotConstraint(\"Required\")\n .slotType(\"AMAZON.TIME\")\n .slotTypeVersion(\"$$LATEST\")\n .valueElicitationPrompt(IntentSlotValueElicitationPromptArgs.builder()\n .maxAttempts(2)\n .messages(IntentSlotValueElicitationPromptMessageArgs.builder()\n .content(\"Pick up the {FlowerType} at what time on {PickupDate}?\")\n .contentType(\"PlainText\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n orderFlowersIntent:\n type: aws:lex:Intent\n name: order_flowers_intent\n properties:\n confirmationPrompt:\n maxAttempts: 2\n messages:\n - content: Okay, your {FlowerType} will be ready for pickup by {PickupTime} on {PickupDate}. Does this sound okay?\n contentType: PlainText\n createVersion: false\n name: OrderFlowers\n description: Intent to order a bouquet of flowers for pick up\n fulfillmentActivity:\n type: ReturnIntent\n rejectionStatement:\n messages:\n - content: Okay, I will not place your order.\n contentType: PlainText\n sampleUtterances:\n - I would like to order some flowers\n - I would like to pick up flowers\n slots:\n - description: The type of flowers to pick up\n name: FlowerType\n priority: 1\n sampleUtterances:\n - I would like to order {FlowerType}\n slotConstraint: Required\n slotType: FlowerTypes\n slotTypeVersion: $$LATEST\n valueElicitationPrompt:\n maxAttempts: 2\n messages:\n - content: What type of flowers would you like to order?\n contentType: PlainText\n - description: The date to pick up the flowers\n name: PickupDate\n priority: 2\n sampleUtterances:\n - I would like to order {FlowerType}\n slotConstraint: Required\n slotType: AMAZON.DATE\n slotTypeVersion: $$LATEST\n valueElicitationPrompt:\n maxAttempts: 2\n messages:\n - content: What day do you want the {FlowerType} to be picked up?\n contentType: PlainText\n - description: The time to pick up the flowers\n name: PickupTime\n priority: 3\n sampleUtterances:\n - I would like to order {FlowerType}\n slotConstraint: Required\n slotType: AMAZON.TIME\n slotTypeVersion: $$LATEST\n valueElicitationPrompt:\n maxAttempts: 2\n messages:\n - content: Pick up the {FlowerType} at what time on {PickupDate}?\n contentType: PlainText\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import intents using their name. For example:\n\n```sh\n$ pulumi import aws:lex/intent:Intent order_flowers_intent OrderFlowers\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lex intent.\n" }, "checksum": { "type": "string", "description": "Checksum identifying the version of the intent that was created. The checksum is not\nincluded as an argument because the resource will add it automatically when updating the intent.\n" }, "conclusionStatement": { "$ref": "#/types/aws:lex/IntentConclusionStatement:IntentConclusionStatement", "description": "The statement that you want Amazon Lex to convey to the user\nafter the intent is successfully fulfilled by the Lambda function. This element is relevant only if\nyou provide a Lambda function in the `fulfillment_activity`. If you return the intent to the client\napplication, you can't specify this element. The `follow_up_prompt` and `conclusion_statement` are\nmutually exclusive. You can specify only one. Attributes are documented under statement.\n" }, "confirmationPrompt": { "$ref": "#/types/aws:lex/IntentConfirmationPrompt:IntentConfirmationPrompt", "description": "Prompts the user to confirm the intent. This question should\nhave a yes or no answer. You you must provide both the `rejection_statement` and `confirmation_prompt`,\nor neither. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial\nresource is created and on each update. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the intent version was created.\n" }, "description": { "type": "string", "description": "A description of the intent. Must be less than or equal to 200 characters in length.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/IntentDialogCodeHook:IntentDialogCodeHook", "description": "Specifies a Lambda function to invoke for each user input. You can\ninvoke this Lambda function to personalize user interaction. Attributes are documented under code_hook.\n" }, "followUpPrompt": { "$ref": "#/types/aws:lex/IntentFollowUpPrompt:IntentFollowUpPrompt", "description": "Amazon Lex uses this prompt to solicit additional activity after\nfulfilling an intent. For example, after the OrderPizza intent is fulfilled, you might prompt the\nuser to order a drink. The `follow_up_prompt` field and the `conclusion_statement` field are mutually\nexclusive. You can specify only one. Attributes are documented under follow_up_prompt.\n" }, "fulfillmentActivity": { "$ref": "#/types/aws:lex/IntentFulfillmentActivity:IntentFulfillmentActivity", "description": "Describes how the intent is fulfilled. For example, after a\nuser provides all of the information for a pizza order, `fulfillment_activity` defines how the bot\nplaces an order with a local pizza store. Attributes are documented under fulfillment_activity.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the $LATEST version of this intent was updated.\n" }, "name": { "type": "string", "description": "The name of the intent, not case sensitive. Must be less than or equal to 100 characters in length.\n" }, "parentIntentSignature": { "type": "string", "description": "A unique identifier for the built-in intent to base this\nintent on. To find the signature for an intent, see\n[Standard Built-in Intents](https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/built-in-intent-ref/standard-intents)\nin the Alexa Skills Kit.\n" }, "rejectionStatement": { "$ref": "#/types/aws:lex/IntentRejectionStatement:IntentRejectionStatement", "description": "When the user answers \"no\" to the question defined in\n`confirmation_prompt`, Amazon Lex responds with this statement to acknowledge that the intent was\ncanceled. You must provide both the `rejection_statement` and the `confirmation_prompt`, or neither.\nAttributes are documented under statement.\n" }, "sampleUtterances": { "type": "array", "items": { "type": "string" }, "description": "An array of utterances (strings) that a user might say to signal\nthe intent. For example, \"I want {PizzaSize} pizza\", \"Order {Quantity} {PizzaSize} pizzas\".\nIn each utterance, a slot name is enclosed in curly braces. Must have between 1 and 10 items in the list, and each item must be less than or equal to 200 characters in length.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentSlot:IntentSlot" }, "description": "An list of intent slots. At runtime, Amazon Lex elicits required slot values\nfrom the user using prompts defined in the slots. Attributes are documented under slot.\n" }, "version": { "type": "string", "description": "The version of the bot.\n" } }, "required": [ "arn", "checksum", "createdDate", "fulfillmentActivity", "lastUpdatedDate", "name", "version" ], "inputProperties": { "conclusionStatement": { "$ref": "#/types/aws:lex/IntentConclusionStatement:IntentConclusionStatement", "description": "The statement that you want Amazon Lex to convey to the user\nafter the intent is successfully fulfilled by the Lambda function. This element is relevant only if\nyou provide a Lambda function in the `fulfillment_activity`. If you return the intent to the client\napplication, you can't specify this element. The `follow_up_prompt` and `conclusion_statement` are\nmutually exclusive. You can specify only one. Attributes are documented under statement.\n" }, "confirmationPrompt": { "$ref": "#/types/aws:lex/IntentConfirmationPrompt:IntentConfirmationPrompt", "description": "Prompts the user to confirm the intent. This question should\nhave a yes or no answer. You you must provide both the `rejection_statement` and `confirmation_prompt`,\nor neither. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial\nresource is created and on each update. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A description of the intent. Must be less than or equal to 200 characters in length.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/IntentDialogCodeHook:IntentDialogCodeHook", "description": "Specifies a Lambda function to invoke for each user input. You can\ninvoke this Lambda function to personalize user interaction. Attributes are documented under code_hook.\n" }, "followUpPrompt": { "$ref": "#/types/aws:lex/IntentFollowUpPrompt:IntentFollowUpPrompt", "description": "Amazon Lex uses this prompt to solicit additional activity after\nfulfilling an intent. For example, after the OrderPizza intent is fulfilled, you might prompt the\nuser to order a drink. The `follow_up_prompt` field and the `conclusion_statement` field are mutually\nexclusive. You can specify only one. Attributes are documented under follow_up_prompt.\n" }, "fulfillmentActivity": { "$ref": "#/types/aws:lex/IntentFulfillmentActivity:IntentFulfillmentActivity", "description": "Describes how the intent is fulfilled. For example, after a\nuser provides all of the information for a pizza order, `fulfillment_activity` defines how the bot\nplaces an order with a local pizza store. Attributes are documented under fulfillment_activity.\n" }, "name": { "type": "string", "description": "The name of the intent, not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true }, "parentIntentSignature": { "type": "string", "description": "A unique identifier for the built-in intent to base this\nintent on. To find the signature for an intent, see\n[Standard Built-in Intents](https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/built-in-intent-ref/standard-intents)\nin the Alexa Skills Kit.\n" }, "rejectionStatement": { "$ref": "#/types/aws:lex/IntentRejectionStatement:IntentRejectionStatement", "description": "When the user answers \"no\" to the question defined in\n`confirmation_prompt`, Amazon Lex responds with this statement to acknowledge that the intent was\ncanceled. You must provide both the `rejection_statement` and the `confirmation_prompt`, or neither.\nAttributes are documented under statement.\n" }, "sampleUtterances": { "type": "array", "items": { "type": "string" }, "description": "An array of utterances (strings) that a user might say to signal\nthe intent. For example, \"I want {PizzaSize} pizza\", \"Order {Quantity} {PizzaSize} pizzas\".\nIn each utterance, a slot name is enclosed in curly braces. Must have between 1 and 10 items in the list, and each item must be less than or equal to 200 characters in length.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentSlot:IntentSlot" }, "description": "An list of intent slots. At runtime, Amazon Lex elicits required slot values\nfrom the user using prompts defined in the slots. Attributes are documented under slot.\n" } }, "requiredInputs": [ "fulfillmentActivity" ], "stateInputs": { "description": "Input properties used for looking up and filtering Intent resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lex intent.\n" }, "checksum": { "type": "string", "description": "Checksum identifying the version of the intent that was created. The checksum is not\nincluded as an argument because the resource will add it automatically when updating the intent.\n" }, "conclusionStatement": { "$ref": "#/types/aws:lex/IntentConclusionStatement:IntentConclusionStatement", "description": "The statement that you want Amazon Lex to convey to the user\nafter the intent is successfully fulfilled by the Lambda function. This element is relevant only if\nyou provide a Lambda function in the `fulfillment_activity`. If you return the intent to the client\napplication, you can't specify this element. The `follow_up_prompt` and `conclusion_statement` are\nmutually exclusive. You can specify only one. Attributes are documented under statement.\n" }, "confirmationPrompt": { "$ref": "#/types/aws:lex/IntentConfirmationPrompt:IntentConfirmationPrompt", "description": "Prompts the user to confirm the intent. This question should\nhave a yes or no answer. You you must provide both the `rejection_statement` and `confirmation_prompt`,\nor neither. Attributes are documented under prompt.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial\nresource is created and on each update. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the intent version was created.\n" }, "description": { "type": "string", "description": "A description of the intent. Must be less than or equal to 200 characters in length.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/IntentDialogCodeHook:IntentDialogCodeHook", "description": "Specifies a Lambda function to invoke for each user input. You can\ninvoke this Lambda function to personalize user interaction. Attributes are documented under code_hook.\n" }, "followUpPrompt": { "$ref": "#/types/aws:lex/IntentFollowUpPrompt:IntentFollowUpPrompt", "description": "Amazon Lex uses this prompt to solicit additional activity after\nfulfilling an intent. For example, after the OrderPizza intent is fulfilled, you might prompt the\nuser to order a drink. The `follow_up_prompt` field and the `conclusion_statement` field are mutually\nexclusive. You can specify only one. Attributes are documented under follow_up_prompt.\n" }, "fulfillmentActivity": { "$ref": "#/types/aws:lex/IntentFulfillmentActivity:IntentFulfillmentActivity", "description": "Describes how the intent is fulfilled. For example, after a\nuser provides all of the information for a pizza order, `fulfillment_activity` defines how the bot\nplaces an order with a local pizza store. Attributes are documented under fulfillment_activity.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the $LATEST version of this intent was updated.\n" }, "name": { "type": "string", "description": "The name of the intent, not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true }, "parentIntentSignature": { "type": "string", "description": "A unique identifier for the built-in intent to base this\nintent on. To find the signature for an intent, see\n[Standard Built-in Intents](https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/built-in-intent-ref/standard-intents)\nin the Alexa Skills Kit.\n" }, "rejectionStatement": { "$ref": "#/types/aws:lex/IntentRejectionStatement:IntentRejectionStatement", "description": "When the user answers \"no\" to the question defined in\n`confirmation_prompt`, Amazon Lex responds with this statement to acknowledge that the intent was\ncanceled. You must provide both the `rejection_statement` and the `confirmation_prompt`, or neither.\nAttributes are documented under statement.\n" }, "sampleUtterances": { "type": "array", "items": { "type": "string" }, "description": "An array of utterances (strings) that a user might say to signal\nthe intent. For example, \"I want {PizzaSize} pizza\", \"Order {Quantity} {PizzaSize} pizzas\".\nIn each utterance, a slot name is enclosed in curly braces. Must have between 1 and 10 items in the list, and each item must be less than or equal to 200 characters in length.\n" }, "slots": { "type": "array", "items": { "$ref": "#/types/aws:lex/IntentSlot:IntentSlot" }, "description": "An list of intent slots. At runtime, Amazon Lex elicits required slot values\nfrom the user using prompts defined in the slots. Attributes are documented under slot.\n" }, "version": { "type": "string", "description": "The version of the bot.\n" } }, "type": "object" } }, "aws:lex/slotType:SlotType": { "description": "Provides an Amazon Lex Slot Type resource. For more information see\n[Amazon Lex: How It Works](https://docs.aws.amazon.com/lex/latest/dg/how-it-works.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst flowerTypes = new aws.lex.SlotType(\"flower_types\", {\n createVersion: true,\n description: \"Types of flowers to order\",\n enumerationValues: [\n {\n synonyms: [\n \"Lirium\",\n \"Martagon\",\n ],\n value: \"lilies\",\n },\n {\n synonyms: [\n \"Eduardoregelia\",\n \"Podonix\",\n ],\n value: \"tulips\",\n },\n ],\n name: \"FlowerTypes\",\n valueSelectionStrategy: \"ORIGINAL_VALUE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nflower_types = aws.lex.SlotType(\"flower_types\",\n create_version=True,\n description=\"Types of flowers to order\",\n enumeration_values=[\n {\n \"synonyms\": [\n \"Lirium\",\n \"Martagon\",\n ],\n \"value\": \"lilies\",\n },\n {\n \"synonyms\": [\n \"Eduardoregelia\",\n \"Podonix\",\n ],\n \"value\": \"tulips\",\n },\n ],\n name=\"FlowerTypes\",\n value_selection_strategy=\"ORIGINAL_VALUE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var flowerTypes = new Aws.Lex.SlotType(\"flower_types\", new()\n {\n CreateVersion = true,\n Description = \"Types of flowers to order\",\n EnumerationValues = new[]\n {\n new Aws.Lex.Inputs.SlotTypeEnumerationValueArgs\n {\n Synonyms = new[]\n {\n \"Lirium\",\n \"Martagon\",\n },\n Value = \"lilies\",\n },\n new Aws.Lex.Inputs.SlotTypeEnumerationValueArgs\n {\n Synonyms = new[]\n {\n \"Eduardoregelia\",\n \"Podonix\",\n },\n Value = \"tulips\",\n },\n },\n Name = \"FlowerTypes\",\n ValueSelectionStrategy = \"ORIGINAL_VALUE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewSlotType(ctx, \"flower_types\", \u0026lex.SlotTypeArgs{\n\t\t\tCreateVersion: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Types of flowers to order\"),\n\t\t\tEnumerationValues: lex.SlotTypeEnumerationValueArray{\n\t\t\t\t\u0026lex.SlotTypeEnumerationValueArgs{\n\t\t\t\t\tSynonyms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Lirium\"),\n\t\t\t\t\t\tpulumi.String(\"Martagon\"),\n\t\t\t\t\t},\n\t\t\t\t\tValue: pulumi.String(\"lilies\"),\n\t\t\t\t},\n\t\t\t\t\u0026lex.SlotTypeEnumerationValueArgs{\n\t\t\t\t\tSynonyms: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Eduardoregelia\"),\n\t\t\t\t\t\tpulumi.String(\"Podonix\"),\n\t\t\t\t\t},\n\t\t\t\t\tValue: pulumi.String(\"tulips\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"FlowerTypes\"),\n\t\t\tValueSelectionStrategy: pulumi.String(\"ORIGINAL_VALUE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.SlotType;\nimport com.pulumi.aws.lex.SlotTypeArgs;\nimport com.pulumi.aws.lex.inputs.SlotTypeEnumerationValueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var flowerTypes = new SlotType(\"flowerTypes\", SlotTypeArgs.builder()\n .createVersion(true)\n .description(\"Types of flowers to order\")\n .enumerationValues( \n SlotTypeEnumerationValueArgs.builder()\n .synonyms( \n \"Lirium\",\n \"Martagon\")\n .value(\"lilies\")\n .build(),\n SlotTypeEnumerationValueArgs.builder()\n .synonyms( \n \"Eduardoregelia\",\n \"Podonix\")\n .value(\"tulips\")\n .build())\n .name(\"FlowerTypes\")\n .valueSelectionStrategy(\"ORIGINAL_VALUE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n flowerTypes:\n type: aws:lex:SlotType\n name: flower_types\n properties:\n createVersion: true\n description: Types of flowers to order\n enumerationValues:\n - synonyms:\n - Lirium\n - Martagon\n value: lilies\n - synonyms:\n - Eduardoregelia\n - Podonix\n value: tulips\n name: FlowerTypes\n valueSelectionStrategy: ORIGINAL_VALUE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import slot types using their name. For example:\n\n```sh\n$ pulumi import aws:lex/slotType:SlotType flower_types FlowerTypes\n```\n", "properties": { "checksum": { "type": "string", "description": "Checksum identifying the version of the slot type that was created. The checksum is\nnot included as an argument because the resource will add it automatically when updating the slot type.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial resource is created and on each\nupdate. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the slot type version was created.\n" }, "description": { "type": "string", "description": "A description of the slot type. Must be less than or equal to 200 characters in length.\n" }, "enumerationValues": { "type": "array", "items": { "$ref": "#/types/aws:lex/SlotTypeEnumerationValue:SlotTypeEnumerationValue" }, "description": "A list of EnumerationValue objects that defines the values that\nthe slot type can take. Each value can have a list of synonyms, which are additional values that help\ntrain the machine learning model about the values that it resolves for a slot. Attributes are\ndocumented under enumeration_value.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the `$LATEST` version of this slot type was updated.\n" }, "name": { "type": "string", "description": "The name of the slot type. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n" }, "valueSelectionStrategy": { "type": "string", "description": "Determines the slot resolution strategy that Amazon Lex\nuses to return slot type values. `ORIGINAL_VALUE` returns the value entered by the user if the user\nvalue is similar to the slot value. `TOP_RESOLUTION` returns the first value in the resolution list\nif there is a resolution list for the slot, otherwise null is returned. Defaults to `ORIGINAL_VALUE`.\n" }, "version": { "type": "string", "description": "The version of the slot type.\n" } }, "required": [ "checksum", "createdDate", "enumerationValues", "lastUpdatedDate", "name", "version" ], "inputProperties": { "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial resource is created and on each\nupdate. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A description of the slot type. Must be less than or equal to 200 characters in length.\n" }, "enumerationValues": { "type": "array", "items": { "$ref": "#/types/aws:lex/SlotTypeEnumerationValue:SlotTypeEnumerationValue" }, "description": "A list of EnumerationValue objects that defines the values that\nthe slot type can take. Each value can have a list of synonyms, which are additional values that help\ntrain the machine learning model about the values that it resolves for a slot. Attributes are\ndocumented under enumeration_value.\n" }, "name": { "type": "string", "description": "The name of the slot type. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true }, "valueSelectionStrategy": { "type": "string", "description": "Determines the slot resolution strategy that Amazon Lex\nuses to return slot type values. `ORIGINAL_VALUE` returns the value entered by the user if the user\nvalue is similar to the slot value. `TOP_RESOLUTION` returns the first value in the resolution list\nif there is a resolution list for the slot, otherwise null is returned. Defaults to `ORIGINAL_VALUE`.\n" } }, "requiredInputs": [ "enumerationValues" ], "stateInputs": { "description": "Input properties used for looking up and filtering SlotType resources.\n", "properties": { "checksum": { "type": "string", "description": "Checksum identifying the version of the slot type that was created. The checksum is\nnot included as an argument because the resource will add it automatically when updating the slot type.\n" }, "createVersion": { "type": "boolean", "description": "Determines if a new slot type version is created when the initial resource is created and on each\nupdate. Defaults to `false`.\n" }, "createdDate": { "type": "string", "description": "The date when the slot type version was created.\n" }, "description": { "type": "string", "description": "A description of the slot type. Must be less than or equal to 200 characters in length.\n" }, "enumerationValues": { "type": "array", "items": { "$ref": "#/types/aws:lex/SlotTypeEnumerationValue:SlotTypeEnumerationValue" }, "description": "A list of EnumerationValue objects that defines the values that\nthe slot type can take. Each value can have a list of synonyms, which are additional values that help\ntrain the machine learning model about the values that it resolves for a slot. Attributes are\ndocumented under enumeration_value.\n" }, "lastUpdatedDate": { "type": "string", "description": "The date when the `$LATEST` version of this slot type was updated.\n" }, "name": { "type": "string", "description": "The name of the slot type. The name is not case sensitive. Must be less than or equal to 100 characters in length.\n", "willReplaceOnChanges": true }, "valueSelectionStrategy": { "type": "string", "description": "Determines the slot resolution strategy that Amazon Lex\nuses to return slot type values. `ORIGINAL_VALUE` returns the value entered by the user if the user\nvalue is similar to the slot value. `TOP_RESOLUTION` returns the first value in the resolution list\nif there is a resolution list for the slot, otherwise null is returned. Defaults to `ORIGINAL_VALUE`.\n" }, "version": { "type": "string", "description": "The version of the slot type.\n" } }, "type": "object" } }, "aws:lex/v2modelsBot:V2modelsBot": { "description": "Resource for managing an AWS Lex V2 Models Bot.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lex.V2modelsBot(\"example\", {\n name: \"example\",\n dataPrivacies: [{\n childDirected: \"boolean\",\n }],\n idleSessionTtlInSeconds: 10,\n roleArn: \"bot_example_arn\",\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lex.V2modelsBot(\"example\",\n name=\"example\",\n data_privacies=[{\n \"child_directed\": \"boolean\",\n }],\n idle_session_ttl_in_seconds=10,\n role_arn=\"bot_example_arn\",\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lex.V2modelsBot(\"example\", new()\n {\n Name = \"example\",\n DataPrivacies = new[]\n {\n new Aws.Lex.Inputs.V2modelsBotDataPrivacyArgs\n {\n ChildDirected = \"boolean\",\n },\n },\n IdleSessionTtlInSeconds = 10,\n RoleArn = \"bot_example_arn\",\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewV2modelsBot(ctx, \"example\", \u0026lex.V2modelsBotArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataPrivacies: lex.V2modelsBotDataPrivacyArray{\n\t\t\t\t\u0026lex.V2modelsBotDataPrivacyArgs{\n\t\t\t\t\tChildDirected: pulumi.Bool(\"boolean\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdleSessionTtlInSeconds: pulumi.Int(10),\n\t\t\tRoleArn: pulumi.String(\"bot_example_arn\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.V2modelsBot;\nimport com.pulumi.aws.lex.V2modelsBotArgs;\nimport com.pulumi.aws.lex.inputs.V2modelsBotDataPrivacyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new V2modelsBot(\"example\", V2modelsBotArgs.builder()\n .name(\"example\")\n .dataPrivacies(V2modelsBotDataPrivacyArgs.builder()\n .childDirected(\"boolean\")\n .build())\n .idleSessionTtlInSeconds(10)\n .roleArn(\"bot_example_arn\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lex:V2modelsBot\n properties:\n name: example\n dataPrivacies:\n - childDirected: boolean\n idleSessionTtlInSeconds: 10\n roleArn: bot_example_arn\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Bot using the `id`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsBot:V2modelsBot example bot-id-12345678\n```\n", "properties": { "arn": { "type": "string" }, "dataPrivacies": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotDataPrivacy:V2modelsBotDataPrivacy" }, "description": "Provides information on additional privacy protections Amazon Lex should use with the bot's data. See `data_privacy`\n" }, "description": { "type": "string", "description": "Description of the bot. It appears in lists to help you identify a particular bot.\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot. You can specify between 60 (1 minute) and 86,400 (24 hours) seconds.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotMember:V2modelsBotMember" }, "description": "List of bot members in a network to be created. See `bot_members`.\n" }, "name": { "type": "string", "description": "Name of the bot. The bot name must be unique in the account that creates the bot. Type String. Length Constraints: Minimum length of 1. Maximum length of 100.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that has permission to access the bot.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the bot. You can only add tags when you create a bot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "testBotAliasTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the test alias for a bot. You can only add tags when you create a bot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotTimeouts:V2modelsBotTimeouts" }, "type": { "type": "string", "description": "Type of a bot to create. Possible values are `\"Bot\"` and `\"BotNetwork\"`.\n" } }, "required": [ "arn", "idleSessionTtlInSeconds", "name", "roleArn", "tagsAll", "type" ], "inputProperties": { "dataPrivacies": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotDataPrivacy:V2modelsBotDataPrivacy" }, "description": "Provides information on additional privacy protections Amazon Lex should use with the bot's data. See `data_privacy`\n" }, "description": { "type": "string", "description": "Description of the bot. It appears in lists to help you identify a particular bot.\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot. You can specify between 60 (1 minute) and 86,400 (24 hours) seconds.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotMember:V2modelsBotMember" }, "description": "List of bot members in a network to be created. See `bot_members`.\n" }, "name": { "type": "string", "description": "Name of the bot. The bot name must be unique in the account that creates the bot. Type String. Length Constraints: Minimum length of 1. Maximum length of 100.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that has permission to access the bot.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the bot. You can only add tags when you create a bot.\n" }, "testBotAliasTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the test alias for a bot. You can only add tags when you create a bot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotTimeouts:V2modelsBotTimeouts" }, "type": { "type": "string", "description": "Type of a bot to create. Possible values are `\"Bot\"` and `\"BotNetwork\"`.\n" } }, "requiredInputs": [ "idleSessionTtlInSeconds", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsBot resources.\n", "properties": { "arn": { "type": "string" }, "dataPrivacies": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotDataPrivacy:V2modelsBotDataPrivacy" }, "description": "Provides information on additional privacy protections Amazon Lex should use with the bot's data. See `data_privacy`\n" }, "description": { "type": "string", "description": "Description of the bot. It appears in lists to help you identify a particular bot.\n" }, "idleSessionTtlInSeconds": { "type": "integer", "description": "Time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot. You can specify between 60 (1 minute) and 86,400 (24 hours) seconds.\n" }, "members": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsBotMember:V2modelsBotMember" }, "description": "List of bot members in a network to be created. See `bot_members`.\n" }, "name": { "type": "string", "description": "Name of the bot. The bot name must be unique in the account that creates the bot. Type String. Length Constraints: Minimum length of 1. Maximum length of 100.\n" }, "roleArn": { "type": "string", "description": "ARN of an IAM role that has permission to access the bot.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the bot. You can only add tags when you create a bot.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "testBotAliasTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags to add to the test alias for a bot. You can only add tags when you create a bot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotTimeouts:V2modelsBotTimeouts" }, "type": { "type": "string", "description": "Type of a bot to create. Possible values are `\"Bot\"` and `\"BotNetwork\"`.\n" } }, "type": "object" } }, "aws:lex/v2modelsBotLocale:V2modelsBotLocale": { "description": "Resource for managing an AWS Lex V2 Models Bot Locale.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lex.V2modelsBotLocale(\"example\", {\n botId: exampleAwsLexv2modelsBot.id,\n botVersion: \"DRAFT\",\n localeId: \"en_US\",\n nLuIntentConfidenceThreshold: 0.7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lex.V2modelsBotLocale(\"example\",\n bot_id=example_aws_lexv2models_bot[\"id\"],\n bot_version=\"DRAFT\",\n locale_id=\"en_US\",\n n_lu_intent_confidence_threshold=0.7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lex.V2modelsBotLocale(\"example\", new()\n {\n BotId = exampleAwsLexv2modelsBot.Id,\n BotVersion = \"DRAFT\",\n LocaleId = \"en_US\",\n NLuIntentConfidenceThreshold = 0.7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewV2modelsBotLocale(ctx, \"example\", \u0026lex.V2modelsBotLocaleArgs{\n\t\t\tBotId: pulumi.Any(exampleAwsLexv2modelsBot.Id),\n\t\t\tBotVersion: pulumi.String(\"DRAFT\"),\n\t\t\tLocaleId: pulumi.String(\"en_US\"),\n\t\t\tNLuIntentConfidenceThreshold: pulumi.Float64(0.7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.V2modelsBotLocale;\nimport com.pulumi.aws.lex.V2modelsBotLocaleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new V2modelsBotLocale(\"example\", V2modelsBotLocaleArgs.builder()\n .botId(exampleAwsLexv2modelsBot.id())\n .botVersion(\"DRAFT\")\n .localeId(\"en_US\")\n .nLuIntentConfidenceThreshold(0.7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lex:V2modelsBotLocale\n properties:\n botId: ${exampleAwsLexv2modelsBot.id}\n botVersion: DRAFT\n localeId: en_US\n nLuIntentConfidenceThreshold: 0.7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Voice Settings\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lex.V2modelsBotLocale(\"example\", {\n botId: exampleAwsLexv2modelsBot.id,\n botVersion: \"DRAFT\",\n localeId: \"en_US\",\n nLuIntentConfidenceThreshold: 0.7,\n voiceSettings: {\n voiceId: \"Kendra\",\n engine: \"standard\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lex.V2modelsBotLocale(\"example\",\n bot_id=example_aws_lexv2models_bot[\"id\"],\n bot_version=\"DRAFT\",\n locale_id=\"en_US\",\n n_lu_intent_confidence_threshold=0.7,\n voice_settings={\n \"voice_id\": \"Kendra\",\n \"engine\": \"standard\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lex.V2modelsBotLocale(\"example\", new()\n {\n BotId = exampleAwsLexv2modelsBot.Id,\n BotVersion = \"DRAFT\",\n LocaleId = \"en_US\",\n NLuIntentConfidenceThreshold = 0.7,\n VoiceSettings = new Aws.Lex.Inputs.V2modelsBotLocaleVoiceSettingsArgs\n {\n VoiceId = \"Kendra\",\n Engine = \"standard\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewV2modelsBotLocale(ctx, \"example\", \u0026lex.V2modelsBotLocaleArgs{\n\t\t\tBotId: pulumi.Any(exampleAwsLexv2modelsBot.Id),\n\t\t\tBotVersion: pulumi.String(\"DRAFT\"),\n\t\t\tLocaleId: pulumi.String(\"en_US\"),\n\t\t\tNLuIntentConfidenceThreshold: pulumi.Float64(0.7),\n\t\t\tVoiceSettings: \u0026lex.V2modelsBotLocaleVoiceSettingsArgs{\n\t\t\t\tVoiceId: pulumi.String(\"Kendra\"),\n\t\t\t\tEngine: pulumi.String(\"standard\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.V2modelsBotLocale;\nimport com.pulumi.aws.lex.V2modelsBotLocaleArgs;\nimport com.pulumi.aws.lex.inputs.V2modelsBotLocaleVoiceSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new V2modelsBotLocale(\"example\", V2modelsBotLocaleArgs.builder()\n .botId(exampleAwsLexv2modelsBot.id())\n .botVersion(\"DRAFT\")\n .localeId(\"en_US\")\n .nLuIntentConfidenceThreshold(0.7)\n .voiceSettings(V2modelsBotLocaleVoiceSettingsArgs.builder()\n .voiceId(\"Kendra\")\n .engine(\"standard\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lex:V2modelsBotLocale\n properties:\n botId: ${exampleAwsLexv2modelsBot.id}\n botVersion: DRAFT\n localeId: en_US\n nLuIntentConfidenceThreshold: 0.7\n voiceSettings:\n voiceId: Kendra\n engine: standard\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Bot Locale using the `id`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsBotLocale:V2modelsBotLocale example en_US,abcd-12345678,1\n```\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot to create the locale for.\n" }, "botVersion": { "type": "string", "description": "Version of the bot to create the locale for. This can only be the draft version of the bot.\n" }, "description": { "type": "string", "description": "Description of the bot locale. Use this to help identify the bot locale in lists.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the bot will be used in. The string must match one of the supported locales. All of the intents, slot types, and slots used in the bot must have the same locale. For more information, see Supported languages (https://docs.aws.amazon.com/lexv2/latest/dg/how-languages.html)\n" }, "nLuIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Specified locale name.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotLocaleTimeouts:V2modelsBotLocaleTimeouts" }, "voiceSettings": { "$ref": "#/types/aws:lex/V2modelsBotLocaleVoiceSettings:V2modelsBotLocaleVoiceSettings", "description": "Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user. See `voice_settings`.\n" } }, "required": [ "botId", "botVersion", "localeId", "nLuIntentConfidenceThreshold", "name" ], "inputProperties": { "botId": { "type": "string", "description": "Identifier of the bot to create the locale for.\n" }, "botVersion": { "type": "string", "description": "Version of the bot to create the locale for. This can only be the draft version of the bot.\n" }, "description": { "type": "string", "description": "Description of the bot locale. Use this to help identify the bot locale in lists.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the bot will be used in. The string must match one of the supported locales. All of the intents, slot types, and slots used in the bot must have the same locale. For more information, see Supported languages (https://docs.aws.amazon.com/lexv2/latest/dg/how-languages.html)\n" }, "nLuIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Specified locale name.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotLocaleTimeouts:V2modelsBotLocaleTimeouts" }, "voiceSettings": { "$ref": "#/types/aws:lex/V2modelsBotLocaleVoiceSettings:V2modelsBotLocaleVoiceSettings", "description": "Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user. See `voice_settings`.\n" } }, "requiredInputs": [ "botId", "botVersion", "localeId", "nLuIntentConfidenceThreshold" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsBotLocale resources.\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot to create the locale for.\n" }, "botVersion": { "type": "string", "description": "Version of the bot to create the locale for. This can only be the draft version of the bot.\n" }, "description": { "type": "string", "description": "Description of the bot locale. Use this to help identify the bot locale in lists.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the bot will be used in. The string must match one of the supported locales. All of the intents, slot types, and slots used in the bot must have the same locale. For more information, see Supported languages (https://docs.aws.amazon.com/lexv2/latest/dg/how-languages.html)\n" }, "nLuIntentConfidenceThreshold": { "type": "number", "description": "Determines the threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Specified locale name.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotLocaleTimeouts:V2modelsBotLocaleTimeouts" }, "voiceSettings": { "$ref": "#/types/aws:lex/V2modelsBotLocaleVoiceSettings:V2modelsBotLocaleVoiceSettings", "description": "Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user. See `voice_settings`.\n" } }, "type": "object" } }, "aws:lex/v2modelsBotVersion:V2modelsBotVersion": { "description": "Resource for managing an AWS Lex V2 Models Bot Version.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lex.V2modelsBotVersion(\"test\", {\n botId: testAwsLexv2models.id,\n localeSpecification: {\n en_US: {\n sourceBotVersion: \"DRAFT\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lex.V2modelsBotVersion(\"test\",\n bot_id=test_aws_lexv2models[\"id\"],\n locale_specification={\n \"en_US\": {\n \"source_bot_version\": \"DRAFT\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Lex.V2modelsBotVersion(\"test\", new()\n {\n BotId = testAwsLexv2models.Id,\n LocaleSpecification = \n {\n { \"en_US\", new Aws.Lex.Inputs.V2modelsBotVersionLocaleSpecificationArgs\n {\n SourceBotVersion = \"DRAFT\",\n } },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewV2modelsBotVersion(ctx, \"test\", \u0026lex.V2modelsBotVersionArgs{\n\t\t\tBotId: pulumi.Any(testAwsLexv2models.Id),\n\t\t\tLocaleSpecification: lex.V2modelsBotVersionLocaleSpecificationMap{\n\t\t\t\t\"en_US\": \u0026lex.V2modelsBotVersionLocaleSpecificationArgs{\n\t\t\t\t\tSourceBotVersion: pulumi.String(\"DRAFT\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.V2modelsBotVersion;\nimport com.pulumi.aws.lex.V2modelsBotVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new V2modelsBotVersion(\"test\", V2modelsBotVersionArgs.builder()\n .botId(testAwsLexv2models.id())\n .localeSpecification(Map.of(\"en_US\", Map.of(\"sourceBotVersion\", \"DRAFT\")))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lex:V2modelsBotVersion\n properties:\n botId: ${testAwsLexv2models.id}\n localeSpecification:\n en_US:\n sourceBotVersion: DRAFT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Bot Version using the `id`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsBotVersion:V2modelsBotVersion example id-12345678,1\n```\n", "properties": { "botId": { "type": "string", "description": "Idientifier of the bot to create the version for.\n" }, "botVersion": { "type": "string", "description": "Version number assigned to the version.\n" }, "description": { "type": "string", "description": "A description of the version. Use the description to help identify the version in lists.\n" }, "localeSpecification": { "type": "object", "additionalProperties": { "$ref": "#/types/aws:lex/V2modelsBotVersionLocaleSpecification:V2modelsBotVersionLocaleSpecification" }, "description": "Specifies the locales that Amazon Lex adds to this version. You can choose the draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.\n\nThe attribute value is a map with one or more entries, each of which has a locale name as the key and an object with the following attribute as the value:\n* `sourceBotVersion` - (Required) The version of a bot used for a bot locale. Valid values: `DRAFT`, a numeric version.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotVersionTimeouts:V2modelsBotVersionTimeouts" } }, "required": [ "botId", "botVersion", "localeSpecification" ], "inputProperties": { "botId": { "type": "string", "description": "Idientifier of the bot to create the version for.\n" }, "botVersion": { "type": "string", "description": "Version number assigned to the version.\n" }, "description": { "type": "string", "description": "A description of the version. Use the description to help identify the version in lists.\n" }, "localeSpecification": { "type": "object", "additionalProperties": { "$ref": "#/types/aws:lex/V2modelsBotVersionLocaleSpecification:V2modelsBotVersionLocaleSpecification" }, "description": "Specifies the locales that Amazon Lex adds to this version. You can choose the draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.\n\nThe attribute value is a map with one or more entries, each of which has a locale name as the key and an object with the following attribute as the value:\n* `sourceBotVersion` - (Required) The version of a bot used for a bot locale. Valid values: `DRAFT`, a numeric version.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotVersionTimeouts:V2modelsBotVersionTimeouts" } }, "requiredInputs": [ "botId", "localeSpecification" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsBotVersion resources.\n", "properties": { "botId": { "type": "string", "description": "Idientifier of the bot to create the version for.\n" }, "botVersion": { "type": "string", "description": "Version number assigned to the version.\n" }, "description": { "type": "string", "description": "A description of the version. Use the description to help identify the version in lists.\n" }, "localeSpecification": { "type": "object", "additionalProperties": { "$ref": "#/types/aws:lex/V2modelsBotVersionLocaleSpecification:V2modelsBotVersionLocaleSpecification" }, "description": "Specifies the locales that Amazon Lex adds to this version. You can choose the draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.\n\nThe attribute value is a map with one or more entries, each of which has a locale name as the key and an object with the following attribute as the value:\n* `sourceBotVersion` - (Required) The version of a bot used for a bot locale. Valid values: `DRAFT`, a numeric version.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsBotVersionTimeouts:V2modelsBotVersionTimeouts" } }, "type": "object" } }, "aws:lex/v2modelsIntent:V2modelsIntent": { "description": "\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Intent using the `intent_id:bot_id:bot_version:locale_id`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsIntent:V2modelsIntent example intent-42874:bot-11376:DRAFT:en_US\n```\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this intent.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this intent.\n" }, "closingSetting": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSetting:V2modelsIntentClosingSetting", "description": "Configuration block for the response that Amazon Lex sends to the user when the intent is closed. See `closing_setting`.\n" }, "confirmationSetting": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSetting:V2modelsIntentConfirmationSetting" }, "creationDateTime": { "type": "string", "description": "Timestamp of the date and time that the intent was created.\n" }, "description": { "type": "string", "description": "Description of the intent. Use the description to help identify the intent in lists.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentDialogCodeHook:V2modelsIntentDialogCodeHook", "description": "Configuration block for invoking the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction. See `dialog_code_hook`.\n" }, "fulfillmentCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHook:V2modelsIntentFulfillmentCodeHook", "description": "Configuration block for invoking the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user. See `fulfillment_code_hook`.\n" }, "initialResponseSetting": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSetting:V2modelsIntentInitialResponseSetting", "description": "Configuration block for the response that is sent to the user at the beginning of a conversation, before eliciting slot values. See `initial_response_setting`.\n" }, "inputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInputContext:V2modelsIntentInputContext" }, "description": "Configuration blocks for contexts that must be active for this intent to be considered by Amazon Lex. When an intent has an input context list, Amazon Lex only considers using the intent in an interaction with the user when the specified contexts are included in the active context list for the session. If the contexts are not active, then Amazon Lex will not use the intent. A context can be automatically activated using the outputContexts property or it can be set at runtime. See `input_context`.\n" }, "intentId": { "type": "string", "description": "Unique identifier for the intent.\n" }, "kendraConfiguration": { "$ref": "#/types/aws:lex/V2modelsIntentKendraConfiguration:V2modelsIntentKendraConfiguration", "description": "Configuration block for information required to use the AMAZON.KendraSearchIntent intent to connect to an Amazon Kendra index. The AMAZON.KendraSearchIntent intent is called when Amazon Lex can't determine another intent to invoke. See `kendra_configuration`.\n" }, "lastUpdatedDateTime": { "type": "string", "description": "Timestamp of the last time that the intent was modified.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this intent is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the intent. Intent names must be unique in the locale that contains the intent and cannot match the name of any built-in intent.\n\nThe following arguments are optional:\n" }, "outputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentOutputContext:V2modelsIntentOutputContext" }, "description": "Configuration blocks for contexts that the intent activates when it is fulfilled. You can use an output context to indicate the intents that Amazon Lex should consider for the next turn of the conversation with a customer. When you use the outputContextsList property, all of the contexts specified in the list are activated when the intent is fulfilled. You can set up to 10 output contexts. You can also set the number of conversation turns that the context should be active, or the length of time that the context should be active. See `output_context`.\n" }, "parentIntentSignature": { "type": "string", "description": "Identifier for the built-in intent to base this intent on.\n" }, "sampleUtterances": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSampleUtterance:V2modelsIntentSampleUtterance" }, "description": "Configuration block for strings that a user might say to signal the intent. See `sample_utterance`.\n" }, "slotPriorities": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSlotPriority:V2modelsIntentSlotPriority" }, "description": "Configuration block for a new list of slots and their priorities that are contained by the intent. This is ignored on create and only valid for updates. See `slot_priority`.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsIntentTimeouts:V2modelsIntentTimeouts" } }, "required": [ "botId", "botVersion", "creationDateTime", "intentId", "lastUpdatedDateTime", "localeId", "name" ], "inputProperties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this intent.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this intent.\n" }, "closingSetting": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSetting:V2modelsIntentClosingSetting", "description": "Configuration block for the response that Amazon Lex sends to the user when the intent is closed. See `closing_setting`.\n" }, "confirmationSetting": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSetting:V2modelsIntentConfirmationSetting" }, "description": { "type": "string", "description": "Description of the intent. Use the description to help identify the intent in lists.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentDialogCodeHook:V2modelsIntentDialogCodeHook", "description": "Configuration block for invoking the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction. See `dialog_code_hook`.\n" }, "fulfillmentCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHook:V2modelsIntentFulfillmentCodeHook", "description": "Configuration block for invoking the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user. See `fulfillment_code_hook`.\n" }, "initialResponseSetting": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSetting:V2modelsIntentInitialResponseSetting", "description": "Configuration block for the response that is sent to the user at the beginning of a conversation, before eliciting slot values. See `initial_response_setting`.\n" }, "inputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInputContext:V2modelsIntentInputContext" }, "description": "Configuration blocks for contexts that must be active for this intent to be considered by Amazon Lex. When an intent has an input context list, Amazon Lex only considers using the intent in an interaction with the user when the specified contexts are included in the active context list for the session. If the contexts are not active, then Amazon Lex will not use the intent. A context can be automatically activated using the outputContexts property or it can be set at runtime. See `input_context`.\n" }, "kendraConfiguration": { "$ref": "#/types/aws:lex/V2modelsIntentKendraConfiguration:V2modelsIntentKendraConfiguration", "description": "Configuration block for information required to use the AMAZON.KendraSearchIntent intent to connect to an Amazon Kendra index. The AMAZON.KendraSearchIntent intent is called when Amazon Lex can't determine another intent to invoke. See `kendra_configuration`.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this intent is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the intent. Intent names must be unique in the locale that contains the intent and cannot match the name of any built-in intent.\n\nThe following arguments are optional:\n" }, "outputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentOutputContext:V2modelsIntentOutputContext" }, "description": "Configuration blocks for contexts that the intent activates when it is fulfilled. You can use an output context to indicate the intents that Amazon Lex should consider for the next turn of the conversation with a customer. When you use the outputContextsList property, all of the contexts specified in the list are activated when the intent is fulfilled. You can set up to 10 output contexts. You can also set the number of conversation turns that the context should be active, or the length of time that the context should be active. See `output_context`.\n" }, "parentIntentSignature": { "type": "string", "description": "Identifier for the built-in intent to base this intent on.\n" }, "sampleUtterances": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSampleUtterance:V2modelsIntentSampleUtterance" }, "description": "Configuration block for strings that a user might say to signal the intent. See `sample_utterance`.\n" }, "slotPriorities": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSlotPriority:V2modelsIntentSlotPriority" }, "description": "Configuration block for a new list of slots and their priorities that are contained by the intent. This is ignored on create and only valid for updates. See `slot_priority`.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsIntentTimeouts:V2modelsIntentTimeouts" } }, "requiredInputs": [ "botId", "botVersion", "localeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsIntent resources.\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this intent.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this intent.\n" }, "closingSetting": { "$ref": "#/types/aws:lex/V2modelsIntentClosingSetting:V2modelsIntentClosingSetting", "description": "Configuration block for the response that Amazon Lex sends to the user when the intent is closed. See `closing_setting`.\n" }, "confirmationSetting": { "$ref": "#/types/aws:lex/V2modelsIntentConfirmationSetting:V2modelsIntentConfirmationSetting" }, "creationDateTime": { "type": "string", "description": "Timestamp of the date and time that the intent was created.\n" }, "description": { "type": "string", "description": "Description of the intent. Use the description to help identify the intent in lists.\n" }, "dialogCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentDialogCodeHook:V2modelsIntentDialogCodeHook", "description": "Configuration block for invoking the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction. See `dialog_code_hook`.\n" }, "fulfillmentCodeHook": { "$ref": "#/types/aws:lex/V2modelsIntentFulfillmentCodeHook:V2modelsIntentFulfillmentCodeHook", "description": "Configuration block for invoking the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user. See `fulfillment_code_hook`.\n" }, "initialResponseSetting": { "$ref": "#/types/aws:lex/V2modelsIntentInitialResponseSetting:V2modelsIntentInitialResponseSetting", "description": "Configuration block for the response that is sent to the user at the beginning of a conversation, before eliciting slot values. See `initial_response_setting`.\n" }, "inputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentInputContext:V2modelsIntentInputContext" }, "description": "Configuration blocks for contexts that must be active for this intent to be considered by Amazon Lex. When an intent has an input context list, Amazon Lex only considers using the intent in an interaction with the user when the specified contexts are included in the active context list for the session. If the contexts are not active, then Amazon Lex will not use the intent. A context can be automatically activated using the outputContexts property or it can be set at runtime. See `input_context`.\n" }, "intentId": { "type": "string", "description": "Unique identifier for the intent.\n" }, "kendraConfiguration": { "$ref": "#/types/aws:lex/V2modelsIntentKendraConfiguration:V2modelsIntentKendraConfiguration", "description": "Configuration block for information required to use the AMAZON.KendraSearchIntent intent to connect to an Amazon Kendra index. The AMAZON.KendraSearchIntent intent is called when Amazon Lex can't determine another intent to invoke. See `kendra_configuration`.\n" }, "lastUpdatedDateTime": { "type": "string", "description": "Timestamp of the last time that the intent was modified.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this intent is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the intent. Intent names must be unique in the locale that contains the intent and cannot match the name of any built-in intent.\n\nThe following arguments are optional:\n" }, "outputContexts": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentOutputContext:V2modelsIntentOutputContext" }, "description": "Configuration blocks for contexts that the intent activates when it is fulfilled. You can use an output context to indicate the intents that Amazon Lex should consider for the next turn of the conversation with a customer. When you use the outputContextsList property, all of the contexts specified in the list are activated when the intent is fulfilled. You can set up to 10 output contexts. You can also set the number of conversation turns that the context should be active, or the length of time that the context should be active. See `output_context`.\n" }, "parentIntentSignature": { "type": "string", "description": "Identifier for the built-in intent to base this intent on.\n" }, "sampleUtterances": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSampleUtterance:V2modelsIntentSampleUtterance" }, "description": "Configuration block for strings that a user might say to signal the intent. See `sample_utterance`.\n" }, "slotPriorities": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsIntentSlotPriority:V2modelsIntentSlotPriority" }, "description": "Configuration block for a new list of slots and their priorities that are contained by the intent. This is ignored on create and only valid for updates. See `slot_priority`.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsIntentTimeouts:V2modelsIntentTimeouts" } }, "type": "object" } }, "aws:lex/v2modelsSlot:V2modelsSlot": { "description": "Resource for managing an AWS Lex V2 Models Slot.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lex.V2modelsSlot(\"example\", {\n botId: exampleAwsLexv2modelsBot.id,\n botVersion: exampleAwsLexv2modelsBotVersion.botVersion,\n intentId: exampleAwsLexv2modelsIntent.id,\n localeId: exampleAwsLexv2modelsBotLocale.localeId,\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lex.V2modelsSlot(\"example\",\n bot_id=example_aws_lexv2models_bot[\"id\"],\n bot_version=example_aws_lexv2models_bot_version[\"botVersion\"],\n intent_id=example_aws_lexv2models_intent[\"id\"],\n locale_id=example_aws_lexv2models_bot_locale[\"localeId\"],\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lex.V2modelsSlot(\"example\", new()\n {\n BotId = exampleAwsLexv2modelsBot.Id,\n BotVersion = exampleAwsLexv2modelsBotVersion.BotVersion,\n IntentId = exampleAwsLexv2modelsIntent.Id,\n LocaleId = exampleAwsLexv2modelsBotLocale.LocaleId,\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.NewV2modelsSlot(ctx, \"example\", \u0026lex.V2modelsSlotArgs{\n\t\t\tBotId: pulumi.Any(exampleAwsLexv2modelsBot.Id),\n\t\t\tBotVersion: pulumi.Any(exampleAwsLexv2modelsBotVersion.BotVersion),\n\t\t\tIntentId: pulumi.Any(exampleAwsLexv2modelsIntent.Id),\n\t\t\tLocaleId: pulumi.Any(exampleAwsLexv2modelsBotLocale.LocaleId),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.V2modelsSlot;\nimport com.pulumi.aws.lex.V2modelsSlotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new V2modelsSlot(\"example\", V2modelsSlotArgs.builder()\n .botId(exampleAwsLexv2modelsBot.id())\n .botVersion(exampleAwsLexv2modelsBotVersion.botVersion())\n .intentId(exampleAwsLexv2modelsIntent.id())\n .localeId(exampleAwsLexv2modelsBotLocale.localeId())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lex:V2modelsSlot\n properties:\n botId: ${exampleAwsLexv2modelsBot.id}\n botVersion: ${exampleAwsLexv2modelsBotVersion.botVersion}\n intentId: ${exampleAwsLexv2modelsIntent.id}\n localeId: ${exampleAwsLexv2modelsBotLocale.localeId}\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Slot using the `id`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsSlot:V2modelsSlot example bot-1234,1,intent-5678,en-US,slot-9012\n```\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with the slot.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with the slot.\n" }, "description": { "type": "string", "description": "Description of the slot.\n" }, "intentId": { "type": "string", "description": "Identifier of the intent that contains the slot.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the slot will be used in.\n" }, "multipleValuesSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotMultipleValuesSetting:V2modelsSlotMultipleValuesSetting" }, "description": "Whether the slot returns multiple values in one response. See the `multiple_values_setting` argument reference below.\n" }, "name": { "type": "string", "description": "Name of the slot.\n" }, "obfuscationSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotObfuscationSetting:V2modelsSlotObfuscationSetting" }, "description": "Determines how slot values are used in Amazon CloudWatch logs. See the `obfuscation_setting` argument reference below.\n" }, "slotId": { "type": "string", "description": "Unique identifier associated with the slot.\n" }, "slotTypeId": { "type": "string", "description": "Unique identifier for the slot type associated with this slot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTimeouts:V2modelsSlotTimeouts" }, "valueElicitationSetting": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSetting:V2modelsSlotValueElicitationSetting", "description": "Prompts that Amazon Lex sends to the user to elicit a response that provides the value for the slot.\n\nThe following arguments are optional:\n" } }, "required": [ "botId", "botVersion", "intentId", "localeId", "name", "slotId" ], "inputProperties": { "botId": { "type": "string", "description": "Identifier of the bot associated with the slot.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with the slot.\n" }, "description": { "type": "string", "description": "Description of the slot.\n" }, "intentId": { "type": "string", "description": "Identifier of the intent that contains the slot.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the slot will be used in.\n" }, "multipleValuesSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotMultipleValuesSetting:V2modelsSlotMultipleValuesSetting" }, "description": "Whether the slot returns multiple values in one response. See the `multiple_values_setting` argument reference below.\n" }, "name": { "type": "string", "description": "Name of the slot.\n" }, "obfuscationSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotObfuscationSetting:V2modelsSlotObfuscationSetting" }, "description": "Determines how slot values are used in Amazon CloudWatch logs. See the `obfuscation_setting` argument reference below.\n" }, "slotTypeId": { "type": "string", "description": "Unique identifier for the slot type associated with this slot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTimeouts:V2modelsSlotTimeouts" }, "valueElicitationSetting": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSetting:V2modelsSlotValueElicitationSetting", "description": "Prompts that Amazon Lex sends to the user to elicit a response that provides the value for the slot.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "botId", "botVersion", "intentId", "localeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsSlot resources.\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with the slot.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with the slot.\n" }, "description": { "type": "string", "description": "Description of the slot.\n" }, "intentId": { "type": "string", "description": "Identifier of the intent that contains the slot.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale that the slot will be used in.\n" }, "multipleValuesSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotMultipleValuesSetting:V2modelsSlotMultipleValuesSetting" }, "description": "Whether the slot returns multiple values in one response. See the `multiple_values_setting` argument reference below.\n" }, "name": { "type": "string", "description": "Name of the slot.\n" }, "obfuscationSettings": { "type": "array", "items": { "$ref": "#/types/aws:lex/V2modelsSlotObfuscationSetting:V2modelsSlotObfuscationSetting" }, "description": "Determines how slot values are used in Amazon CloudWatch logs. See the `obfuscation_setting` argument reference below.\n" }, "slotId": { "type": "string", "description": "Unique identifier associated with the slot.\n" }, "slotTypeId": { "type": "string", "description": "Unique identifier for the slot type associated with this slot.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTimeouts:V2modelsSlotTimeouts" }, "valueElicitationSetting": { "$ref": "#/types/aws:lex/V2modelsSlotValueElicitationSetting:V2modelsSlotValueElicitationSetting", "description": "Prompts that Amazon Lex sends to the user to elicit a response that provides the value for the slot.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:lex/v2modelsSlotType:V2modelsSlotType": { "description": "Resource for managing an AWS Lex V2 Models Slot Type.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.RolePolicyAttachment(\"test\", {\n role: testAwsIamRole.name,\n policyArn: `arn:${current.partition}:iam::aws:policy/AmazonLexFullAccess`,\n});\nconst testV2modelsBot = new aws.lex.V2modelsBot(\"test\", {\n name: \"testbot\",\n idleSessionTtlInSeconds: 60,\n roleArn: testAwsIamRole.arn,\n dataPrivacies: [{\n childDirected: true,\n }],\n});\nconst testV2modelsBotLocale = new aws.lex.V2modelsBotLocale(\"test\", {\n localeId: \"en_US\",\n botId: testV2modelsBot.id,\n botVersion: \"DRAFT\",\n nLuIntentConfidenceThreshold: 0.7,\n});\nconst testV2modelsBotVersion = new aws.lex.V2modelsBotVersion(\"test\", {\n botId: testV2modelsBot.id,\n localeSpecification: testV2modelsBotLocale.localeId.apply(localeId =\u003e {\n [localeId]: {\n sourceBotVersion: \"DRAFT\",\n },\n }),\n});\nconst testV2modelsSlotType = new aws.lex.V2modelsSlotType(\"test\", {\n botId: testV2modelsBot.id,\n botVersion: testV2modelsBotLocale.botVersion,\n name: \"test\",\n localeId: testV2modelsBotLocale.localeId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.iam.RolePolicyAttachment(\"test\",\n role=test_aws_iam_role[\"name\"],\n policy_arn=f\"arn:{current['partition']}:iam::aws:policy/AmazonLexFullAccess\")\ntest_v2models_bot = aws.lex.V2modelsBot(\"test\",\n name=\"testbot\",\n idle_session_ttl_in_seconds=60,\n role_arn=test_aws_iam_role[\"arn\"],\n data_privacies=[{\n \"child_directed\": True,\n }])\ntest_v2models_bot_locale = aws.lex.V2modelsBotLocale(\"test\",\n locale_id=\"en_US\",\n bot_id=test_v2models_bot.id,\n bot_version=\"DRAFT\",\n n_lu_intent_confidence_threshold=0.7)\ntest_v2models_bot_version = aws.lex.V2modelsBotVersion(\"test\",\n bot_id=test_v2models_bot.id,\n locale_specification=test_v2models_bot_locale.locale_id.apply(lambda locale_id: {\n locale_id: {\n \"sourceBotVersion\": \"DRAFT\",\n },\n }))\ntest_v2models_slot_type = aws.lex.V2modelsSlotType(\"test\",\n bot_id=test_v2models_bot.id,\n bot_version=test_v2models_bot_locale.bot_version,\n name=\"test\",\n locale_id=test_v2models_bot_locale.locale_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.RolePolicyAttachment(\"test\", new()\n {\n Role = testAwsIamRole.Name,\n PolicyArn = $\"arn:{current.Partition}:iam::aws:policy/AmazonLexFullAccess\",\n });\n\n var testV2modelsBot = new Aws.Lex.V2modelsBot(\"test\", new()\n {\n Name = \"testbot\",\n IdleSessionTtlInSeconds = 60,\n RoleArn = testAwsIamRole.Arn,\n DataPrivacies = new[]\n {\n new Aws.Lex.Inputs.V2modelsBotDataPrivacyArgs\n {\n ChildDirected = true,\n },\n },\n });\n\n var testV2modelsBotLocale = new Aws.Lex.V2modelsBotLocale(\"test\", new()\n {\n LocaleId = \"en_US\",\n BotId = testV2modelsBot.Id,\n BotVersion = \"DRAFT\",\n NLuIntentConfidenceThreshold = 0.7,\n });\n\n var testV2modelsBotVersion = new Aws.Lex.V2modelsBotVersion(\"test\", new()\n {\n BotId = testV2modelsBot.Id,\n LocaleSpecification = testV2modelsBotLocale.LocaleId.Apply(localeId =\u003e \n {\n { localeId, \n {\n { \"sourceBotVersion\", \"DRAFT\" },\n } },\n }),\n });\n\n var testV2modelsSlotType = new Aws.Lex.V2modelsSlotType(\"test\", new()\n {\n BotId = testV2modelsBot.Id,\n BotVersion = testV2modelsBotLocale.BotVersion,\n Name = \"test\",\n LocaleId = testV2modelsBotLocale.LocaleId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := iam.NewRolePolicyAttachment(ctx, \"test\", \u0026iam.RolePolicyAttachmentArgs{\nRole: pulumi.Any(testAwsIamRole.Name),\nPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/AmazonLexFullAccess\", current.Partition)),\n})\nif err != nil {\nreturn err\n}\ntestV2modelsBot, err := lex.NewV2modelsBot(ctx, \"test\", \u0026lex.V2modelsBotArgs{\nName: pulumi.String(\"testbot\"),\nIdleSessionTtlInSeconds: pulumi.Int(60),\nRoleArn: pulumi.Any(testAwsIamRole.Arn),\nDataPrivacies: lex.V2modelsBotDataPrivacyArray{\n\u0026lex.V2modelsBotDataPrivacyArgs{\nChildDirected: pulumi.Bool(true),\n},\n},\n})\nif err != nil {\nreturn err\n}\ntestV2modelsBotLocale, err := lex.NewV2modelsBotLocale(ctx, \"test\", \u0026lex.V2modelsBotLocaleArgs{\nLocaleId: pulumi.String(\"en_US\"),\nBotId: testV2modelsBot.ID(),\nBotVersion: pulumi.String(\"DRAFT\"),\nNLuIntentConfidenceThreshold: pulumi.Float64(0.7),\n})\nif err != nil {\nreturn err\n}\n_, err = lex.NewV2modelsBotVersion(ctx, \"test\", \u0026lex.V2modelsBotVersionArgs{\nBotId: testV2modelsBot.ID(),\nLocaleSpecification: testV2modelsBotLocale.LocaleId.ApplyT(func(localeId string) (map[string]map[string]interface{}, error) {\nreturn map[string]map[string]interface{}{\nlocaleId: map[string]interface{}{\n\"sourceBotVersion\": \"DRAFT\",\n},\n}, nil\n}).(pulumi.Map[string]map[string]interface{}Output),\n})\nif err != nil {\nreturn err\n}\n_, err = lex.NewV2modelsSlotType(ctx, \"test\", \u0026lex.V2modelsSlotTypeArgs{\nBotId: testV2modelsBot.ID(),\nBotVersion: testV2modelsBotLocale.BotVersion,\nName: pulumi.String(\"test\"),\nLocaleId: testV2modelsBotLocale.LocaleId,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.lex.V2modelsBot;\nimport com.pulumi.aws.lex.V2modelsBotArgs;\nimport com.pulumi.aws.lex.inputs.V2modelsBotDataPrivacyArgs;\nimport com.pulumi.aws.lex.V2modelsBotLocale;\nimport com.pulumi.aws.lex.V2modelsBotLocaleArgs;\nimport com.pulumi.aws.lex.V2modelsBotVersion;\nimport com.pulumi.aws.lex.V2modelsBotVersionArgs;\nimport com.pulumi.aws.lex.V2modelsSlotType;\nimport com.pulumi.aws.lex.V2modelsSlotTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new RolePolicyAttachment(\"test\", RolePolicyAttachmentArgs.builder()\n .role(testAwsIamRole.name())\n .policyArn(String.format(\"arn:%s:iam::aws:policy/AmazonLexFullAccess\", current.partition()))\n .build());\n\n var testV2modelsBot = new V2modelsBot(\"testV2modelsBot\", V2modelsBotArgs.builder()\n .name(\"testbot\")\n .idleSessionTtlInSeconds(60)\n .roleArn(testAwsIamRole.arn())\n .dataPrivacies(V2modelsBotDataPrivacyArgs.builder()\n .childDirected(true)\n .build())\n .build());\n\n var testV2modelsBotLocale = new V2modelsBotLocale(\"testV2modelsBotLocale\", V2modelsBotLocaleArgs.builder()\n .localeId(\"en_US\")\n .botId(testV2modelsBot.id())\n .botVersion(\"DRAFT\")\n .nLuIntentConfidenceThreshold(0.7)\n .build());\n\n var testV2modelsBotVersion = new V2modelsBotVersion(\"testV2modelsBotVersion\", V2modelsBotVersionArgs.builder()\n .botId(testV2modelsBot.id())\n .localeSpecification(testV2modelsBotLocale.localeId().applyValue(localeId -\u003e Map.of(localeId, Map.of(\"sourceBotVersion\", \"DRAFT\"))))\n .build());\n\n var testV2modelsSlotType = new V2modelsSlotType(\"testV2modelsSlotType\", V2modelsSlotTypeArgs.builder()\n .botId(testV2modelsBot.id())\n .botVersion(testV2modelsBotLocale.botVersion())\n .name(\"test\")\n .localeId(testV2modelsBotLocale.localeId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${testAwsIamRole.name}\n policyArn: arn:${current.partition}:iam::aws:policy/AmazonLexFullAccess\n testV2modelsBot:\n type: aws:lex:V2modelsBot\n name: test\n properties:\n name: testbot\n idleSessionTtlInSeconds: 60\n roleArn: ${testAwsIamRole.arn}\n dataPrivacies:\n - childDirected: true\n testV2modelsBotLocale:\n type: aws:lex:V2modelsBotLocale\n name: test\n properties:\n localeId: en_US\n botId: ${testV2modelsBot.id}\n botVersion: DRAFT\n nLuIntentConfidenceThreshold: 0.7\n testV2modelsBotVersion:\n type: aws:lex:V2modelsBotVersion\n name: test\n properties:\n botId: ${testV2modelsBot.id}\n localeSpecification:\n ${testV2modelsBotLocale.localeId}:\n sourceBotVersion: DRAFT\n testV2modelsSlotType:\n type: aws:lex:V2modelsSlotType\n name: test\n properties:\n botId: ${testV2modelsBot.id}\n botVersion: ${testV2modelsBotLocale.botVersion}\n name: test\n localeId: ${testV2modelsBotLocale.localeId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lex V2 Models Slot Type using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:lex/v2modelsSlotType:V2modelsSlotType example bot-1234,DRAFT,en_US,slot_type-id-12345678\n```\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this slot type.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this slot type.\n" }, "compositeSlotTypeSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeCompositeSlotTypeSetting:V2modelsSlotTypeCompositeSlotTypeSetting", "description": "Specifications for a composite slot type. See `composite_slot_type_setting` argument reference below.\n" }, "description": { "type": "string", "description": "Description of the slot type.\n" }, "externalSourceSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeExternalSourceSetting:V2modelsSlotTypeExternalSourceSetting", "description": "Type of external information used to create the slot type. See `external_source_setting` argument reference below.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this slot type is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the slot type\n\nThe following arguments are optional:\n" }, "parentSlotTypeSignature": { "type": "string", "description": "Built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent slot type. Only AMAZON.AlphaNumeric is supported.\n" }, "slotTypeId": { "type": "string" }, "slotTypeValues": { "$ref": "#/types/aws:lex/V2modelsSlotTypeSlotTypeValues:V2modelsSlotTypeSlotTypeValues", "description": "List of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for a slot. See `slot_type_values` argument reference below.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTypeTimeouts:V2modelsSlotTypeTimeouts" }, "valueSelectionSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeValueSelectionSetting:V2modelsSlotTypeValueSelectionSetting", "description": "Determines the strategy that Amazon Lex uses to select a value from the list of possible values. The field can be set to one of the following values: `ORIGINAL_VALUE` returns the value entered by the user, if the user value is similar to the slot value. `TOP_RESOLUTION` if there is a resolution list for the slot, return the first value in the resolution list. If there is no resolution list, return null. If you don't specify the valueSelectionSetting parameter, the default is ORIGINAL_VALUE. See `value_selection_setting` argument reference below.\n" } }, "required": [ "botId", "botVersion", "localeId", "name", "slotTypeId" ], "inputProperties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this slot type.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this slot type.\n" }, "compositeSlotTypeSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeCompositeSlotTypeSetting:V2modelsSlotTypeCompositeSlotTypeSetting", "description": "Specifications for a composite slot type. See `composite_slot_type_setting` argument reference below.\n" }, "description": { "type": "string", "description": "Description of the slot type.\n" }, "externalSourceSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeExternalSourceSetting:V2modelsSlotTypeExternalSourceSetting", "description": "Type of external information used to create the slot type. See `external_source_setting` argument reference below.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this slot type is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the slot type\n\nThe following arguments are optional:\n" }, "parentSlotTypeSignature": { "type": "string", "description": "Built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent slot type. Only AMAZON.AlphaNumeric is supported.\n" }, "slotTypeValues": { "$ref": "#/types/aws:lex/V2modelsSlotTypeSlotTypeValues:V2modelsSlotTypeSlotTypeValues", "description": "List of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for a slot. See `slot_type_values` argument reference below.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTypeTimeouts:V2modelsSlotTypeTimeouts" }, "valueSelectionSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeValueSelectionSetting:V2modelsSlotTypeValueSelectionSetting", "description": "Determines the strategy that Amazon Lex uses to select a value from the list of possible values. The field can be set to one of the following values: `ORIGINAL_VALUE` returns the value entered by the user, if the user value is similar to the slot value. `TOP_RESOLUTION` if there is a resolution list for the slot, return the first value in the resolution list. If there is no resolution list, return null. If you don't specify the valueSelectionSetting parameter, the default is ORIGINAL_VALUE. See `value_selection_setting` argument reference below.\n" } }, "requiredInputs": [ "botId", "botVersion", "localeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering V2modelsSlotType resources.\n", "properties": { "botId": { "type": "string", "description": "Identifier of the bot associated with this slot type.\n" }, "botVersion": { "type": "string", "description": "Version of the bot associated with this slot type.\n" }, "compositeSlotTypeSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeCompositeSlotTypeSetting:V2modelsSlotTypeCompositeSlotTypeSetting", "description": "Specifications for a composite slot type. See `composite_slot_type_setting` argument reference below.\n" }, "description": { "type": "string", "description": "Description of the slot type.\n" }, "externalSourceSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeExternalSourceSetting:V2modelsSlotTypeExternalSourceSetting", "description": "Type of external information used to create the slot type. See `external_source_setting` argument reference below.\n" }, "localeId": { "type": "string", "description": "Identifier of the language and locale where this slot type is used. All of the bots, slot types, and slots used by the intent must have the same locale.\n" }, "name": { "type": "string", "description": "Name of the slot type\n\nThe following arguments are optional:\n" }, "parentSlotTypeSignature": { "type": "string", "description": "Built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent slot type. Only AMAZON.AlphaNumeric is supported.\n" }, "slotTypeId": { "type": "string" }, "slotTypeValues": { "$ref": "#/types/aws:lex/V2modelsSlotTypeSlotTypeValues:V2modelsSlotTypeSlotTypeValues", "description": "List of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for a slot. See `slot_type_values` argument reference below.\n" }, "timeouts": { "$ref": "#/types/aws:lex/V2modelsSlotTypeTimeouts:V2modelsSlotTypeTimeouts" }, "valueSelectionSetting": { "$ref": "#/types/aws:lex/V2modelsSlotTypeValueSelectionSetting:V2modelsSlotTypeValueSelectionSetting", "description": "Determines the strategy that Amazon Lex uses to select a value from the list of possible values. The field can be set to one of the following values: `ORIGINAL_VALUE` returns the value entered by the user, if the user value is similar to the slot value. `TOP_RESOLUTION` if there is a resolution list for the slot, return the first value in the resolution list. If there is no resolution list, return null. If you don't specify the valueSelectionSetting parameter, the default is ORIGINAL_VALUE. See `value_selection_setting` argument reference below.\n" } }, "type": "object" } }, "aws:licensemanager/association:Association": { "description": "Provides a License Manager association.\n\n\u003e **Note:** License configurations can also be associated with launch templates by specifying the `license_specifications` block for an `aws.ec2.LaunchTemplate`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getAmi({\n mostRecent: true,\n owners: [\"amazon\"],\n filters: [{\n name: \"name\",\n values: [\"amzn-ami-vpc-nat*\"],\n }],\n});\nconst exampleInstance = new aws.ec2.Instance(\"example\", {\n ami: example.then(example =\u003e example.id),\n instanceType: aws.ec2.InstanceType.T2_Micro,\n});\nconst exampleLicenseConfiguration = new aws.licensemanager.LicenseConfiguration(\"example\", {\n name: \"Example\",\n licenseCountingType: \"Instance\",\n});\nconst exampleAssociation = new aws.licensemanager.Association(\"example\", {\n licenseConfigurationArn: exampleLicenseConfiguration.arn,\n resourceArn: exampleInstance.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_ami(most_recent=True,\n owners=[\"amazon\"],\n filters=[{\n \"name\": \"name\",\n \"values\": [\"amzn-ami-vpc-nat*\"],\n }])\nexample_instance = aws.ec2.Instance(\"example\",\n ami=example.id,\n instance_type=aws.ec2.InstanceType.T2_MICRO)\nexample_license_configuration = aws.licensemanager.LicenseConfiguration(\"example\",\n name=\"Example\",\n license_counting_type=\"Instance\")\nexample_association = aws.licensemanager.Association(\"example\",\n license_configuration_arn=example_license_configuration.arn,\n resource_arn=example_instance.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetAmi.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"amazon\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"amzn-ami-vpc-nat*\",\n },\n },\n },\n });\n\n var exampleInstance = new Aws.Ec2.Instance(\"example\", new()\n {\n Ami = example.Apply(getAmiResult =\u003e getAmiResult.Id),\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n });\n\n var exampleLicenseConfiguration = new Aws.LicenseManager.LicenseConfiguration(\"example\", new()\n {\n Name = \"Example\",\n LicenseCountingType = \"Instance\",\n });\n\n var exampleAssociation = new Aws.LicenseManager.Association(\"example\", new()\n {\n LicenseConfigurationArn = exampleLicenseConfiguration.Arn,\n ResourceArn = exampleInstance.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"amazon\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"amzn-ami-vpc-nat*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleInstance, err := ec2.NewInstance(ctx, \"example\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(example.Id),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLicenseConfiguration, err := licensemanager.NewLicenseConfiguration(ctx, \"example\", \u0026licensemanager.LicenseConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tLicenseCountingType: pulumi.String(\"Instance\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = licensemanager.NewAssociation(ctx, \"example\", \u0026licensemanager.AssociationArgs{\n\t\t\tLicenseConfigurationArn: exampleLicenseConfiguration.Arn,\n\t\t\tResourceArn: exampleInstance.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.licensemanager.LicenseConfiguration;\nimport com.pulumi.aws.licensemanager.LicenseConfigurationArgs;\nimport com.pulumi.aws.licensemanager.Association;\nimport com.pulumi.aws.licensemanager.AssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getAmi(GetAmiArgs.builder()\n .mostRecent(true)\n .owners(\"amazon\")\n .filters(GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"amzn-ami-vpc-nat*\")\n .build())\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .ami(example.applyValue(getAmiResult -\u003e getAmiResult.id()))\n .instanceType(\"t2.micro\")\n .build());\n\n var exampleLicenseConfiguration = new LicenseConfiguration(\"exampleLicenseConfiguration\", LicenseConfigurationArgs.builder()\n .name(\"Example\")\n .licenseCountingType(\"Instance\")\n .build());\n\n var exampleAssociation = new Association(\"exampleAssociation\", AssociationArgs.builder()\n .licenseConfigurationArn(exampleLicenseConfiguration.arn())\n .resourceArn(exampleInstance.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleInstance:\n type: aws:ec2:Instance\n name: example\n properties:\n ami: ${example.id}\n instanceType: t2.micro\n exampleLicenseConfiguration:\n type: aws:licensemanager:LicenseConfiguration\n name: example\n properties:\n name: Example\n licenseCountingType: Instance\n exampleAssociation:\n type: aws:licensemanager:Association\n name: example\n properties:\n licenseConfigurationArn: ${exampleLicenseConfiguration.arn}\n resourceArn: ${exampleInstance.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n mostRecent: true\n owners:\n - amazon\n filters:\n - name: name\n values:\n - amzn-ami-vpc-nat*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import license configurations using `resource_arn,license_configuration_arn`. For example:\n\n```sh\n$ pulumi import aws:licensemanager/association:Association example arn:aws:ec2:eu-west-1:123456789012:image/ami-123456789abcdef01,arn:aws:license-manager:eu-west-1:123456789012:license-configuration:lic-0123456789abcdef0123456789abcdef\n```\n", "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n" } }, "required": [ "licenseConfigurationArn", "resourceArn" ], "inputProperties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "licenseConfigurationArn", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Association resources.\n", "properties": { "licenseConfigurationArn": { "type": "string", "description": "ARN of the license configuration.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "ARN of the resource associated with the license configuration.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:licensemanager/licenseConfiguration:LicenseConfiguration": { "description": "Provides a License Manager license configuration resource.\n\n\u003e **Note:** Removing the `license_count` attribute is not supported by the License Manager API.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.licensemanager.LicenseConfiguration(\"example\", {\n name: \"Example\",\n description: \"Example\",\n licenseCount: 10,\n licenseCountHardLimit: true,\n licenseCountingType: \"Socket\",\n licenseRules: [\"#minimumSockets=2\"],\n tags: {\n foo: \"barr\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.licensemanager.LicenseConfiguration(\"example\",\n name=\"Example\",\n description=\"Example\",\n license_count=10,\n license_count_hard_limit=True,\n license_counting_type=\"Socket\",\n license_rules=[\"#minimumSockets=2\"],\n tags={\n \"foo\": \"barr\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LicenseManager.LicenseConfiguration(\"example\", new()\n {\n Name = \"Example\",\n Description = \"Example\",\n LicenseCount = 10,\n LicenseCountHardLimit = true,\n LicenseCountingType = \"Socket\",\n LicenseRules = new[]\n {\n \"#minimumSockets=2\",\n },\n Tags = \n {\n { \"foo\", \"barr\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.NewLicenseConfiguration(ctx, \"example\", \u0026licensemanager.LicenseConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example\"),\n\t\t\tLicenseCount: pulumi.Int(10),\n\t\t\tLicenseCountHardLimit: pulumi.Bool(true),\n\t\t\tLicenseCountingType: pulumi.String(\"Socket\"),\n\t\t\tLicenseRules: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"#minimumSockets=2\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"barr\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicenseConfiguration;\nimport com.pulumi.aws.licensemanager.LicenseConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LicenseConfiguration(\"example\", LicenseConfigurationArgs.builder()\n .name(\"Example\")\n .description(\"Example\")\n .licenseCount(10)\n .licenseCountHardLimit(true)\n .licenseCountingType(\"Socket\")\n .licenseRules(\"#minimumSockets=2\")\n .tags(Map.of(\"foo\", \"barr\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:licensemanager:LicenseConfiguration\n properties:\n name: Example\n description: Example\n licenseCount: 10\n licenseCountHardLimit: true\n licenseCountingType: Socket\n licenseRules:\n - '#minimumSockets=2'\n tags:\n foo: barr\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Rules\n\nLicense rules should be in the format of `#RuleType=RuleValue`. Supported rule types:\n\n* `minimumVcpus` - Resource must have minimum vCPU count in order to use the license. Default: 1\n* `maximumVcpus` - Resource must have maximum vCPU count in order to use the license. Default: unbounded, limit: 10000\n* `minimumCores` - Resource must have minimum core count in order to use the license. Default: 1\n* `maximumCores` - Resource must have maximum core count in order to use the license. Default: unbounded, limit: 10000\n* `minimumSockets` - Resource must have minimum socket count in order to use the license. Default: 1\n* `maximumSockets` - Resource must have maximum socket count in order to use the license. Default: unbounded, limit: 10000\n* `allowedTenancy` - Defines where the license can be used. If set, restricts license usage to selected tenancies. Specify a comma delimited list of `EC2-Default`, `EC2-DedicatedHost`, `EC2-DedicatedInstance`\n\n## Import\n\nUsing `pulumi import`, import license configurations using the `id`. For example:\n\n```sh\n$ pulumi import aws:licensemanager/licenseConfiguration:LicenseConfiguration example arn:aws:license-manager:eu-west-1:123456789012:license-configuration:lic-0123456789abcdef0123456789abcdef\n```\n", "properties": { "arn": { "type": "string", "description": "The license configuration ARN.\n" }, "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n" }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n" }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "ownerAccountId": { "type": "string", "description": "Account ID of the owner of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "licenseCountingType", "name", "ownerAccountId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n", "willReplaceOnChanges": true }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "licenseCountingType" ], "stateInputs": { "description": "Input properties used for looking up and filtering LicenseConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The license configuration ARN.\n" }, "description": { "type": "string", "description": "Description of the license configuration.\n" }, "licenseCount": { "type": "integer", "description": "Number of licenses managed by the license configuration.\n" }, "licenseCountHardLimit": { "type": "boolean", "description": "Sets the number of available licenses as a hard limit.\n" }, "licenseCountingType": { "type": "string", "description": "Dimension to use to track license inventory. Specify either `vCPU`, `Instance`, `Core` or `Socket`.\n", "willReplaceOnChanges": true }, "licenseRules": { "type": "array", "items": { "type": "string" }, "description": "Array of configured License Manager rules.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the license configuration.\n" }, "ownerAccountId": { "type": "string", "description": "Account ID of the owner of the license configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:licensemanager/licenseGrant:LicenseGrant": { "description": "Provides a License Manager grant. This allows for sharing licenses with other AWS accounts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:licensemanager:LicenseGrant\n properties:\n name: share-license-with-account\n allowedOperations:\n - ListPurchasedLicenses\n - CheckoutLicense\n - CheckInLicense\n - ExtendConsumptionLicense\n - CreateToken\n licenseArn: arn:aws:license-manager::111111111111:license:l-exampleARN\n principal: arn:aws:iam::111111111112:root\n homeRegion: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_licensemanager_grant` using the grant arn. For example:\n\n```sh\n$ pulumi import aws:licensemanager/licenseGrant:LicenseGrant test arn:aws:license-manager::123456789011:grant:g-01d313393d9e443d8664cc054db1e089\n```\n", "properties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of the allowed operations for the grant. This is a subset of the allowed operations on the license.\n" }, "arn": { "type": "string", "description": "The grant ARN.\n" }, "homeRegion": { "type": "string", "description": "The home region for the license.\n" }, "licenseArn": { "type": "string", "description": "The ARN of the license to grant.\n" }, "name": { "type": "string", "description": "The Name of the grant.\n" }, "parentArn": { "type": "string", "description": "The parent ARN.\n" }, "principal": { "type": "string", "description": "The target account for the grant in the form of the ARN for an account principal of the root user.\n" }, "status": { "type": "string", "description": "The grant status.\n" }, "version": { "type": "string", "description": "The grant version.\n" } }, "required": [ "allowedOperations", "arn", "homeRegion", "licenseArn", "name", "parentArn", "principal", "status", "version" ], "inputProperties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of the allowed operations for the grant. This is a subset of the allowed operations on the license.\n" }, "licenseArn": { "type": "string", "description": "The ARN of the license to grant.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The Name of the grant.\n" }, "principal": { "type": "string", "description": "The target account for the grant in the form of the ARN for an account principal of the root user.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "allowedOperations", "licenseArn", "principal" ], "stateInputs": { "description": "Input properties used for looking up and filtering LicenseGrant resources.\n", "properties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of the allowed operations for the grant. This is a subset of the allowed operations on the license.\n" }, "arn": { "type": "string", "description": "The grant ARN.\n" }, "homeRegion": { "type": "string", "description": "The home region for the license.\n" }, "licenseArn": { "type": "string", "description": "The ARN of the license to grant.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The Name of the grant.\n" }, "parentArn": { "type": "string", "description": "The parent ARN.\n" }, "principal": { "type": "string", "description": "The target account for the grant in the form of the ARN for an account principal of the root user.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The grant status.\n" }, "version": { "type": "string", "description": "The grant version.\n" } }, "type": "object" } }, "aws:licensemanager/licenseGrantAccepter:LicenseGrantAccepter": { "description": "Accepts a License Manager grant. This allows for sharing licenses with other aws accounts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.licensemanager.LicenseGrantAccepter(\"test\", {grantArn: \"arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.licensemanager.LicenseGrantAccepter(\"test\", grant_arn=\"arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LicenseManager.LicenseGrantAccepter(\"test\", new()\n {\n GrantArn = \"arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.NewLicenseGrantAccepter(ctx, \"test\", \u0026licensemanager.LicenseGrantAccepterArgs{\n\t\t\tGrantArn: pulumi.String(\"arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicenseGrantAccepter;\nimport com.pulumi.aws.licensemanager.LicenseGrantAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new LicenseGrantAccepter(\"test\", LicenseGrantAccepterArgs.builder()\n .grantArn(\"arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:licensemanager:LicenseGrantAccepter\n properties:\n grantArn: arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_licensemanager_grant_accepter` using the grant arn. For example:\n\n```sh\n$ pulumi import aws:licensemanager/licenseGrantAccepter:LicenseGrantAccepter test arn:aws:license-manager::123456789012:grant:g-1cf9fba4ba2f42dcab11c686c4b4d329\n```\n", "properties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of the allowed operations for the grant.\n" }, "grantArn": { "type": "string", "description": "The ARN of the grant to accept.\n" }, "homeRegion": { "type": "string", "description": "The home region for the license.\n" }, "licenseArn": { "type": "string", "description": "The ARN of the license for the grant.\n" }, "name": { "type": "string", "description": "The Name of the grant.\n" }, "parentArn": { "type": "string", "description": "The parent ARN.\n" }, "principal": { "type": "string", "description": "The target account for the grant.\n" }, "status": { "type": "string", "description": "The grant status.\n" }, "version": { "type": "string", "description": "The grant version.\n" } }, "required": [ "allowedOperations", "grantArn", "homeRegion", "licenseArn", "name", "parentArn", "principal", "status", "version" ], "inputProperties": { "grantArn": { "type": "string", "description": "The ARN of the grant to accept.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "grantArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering LicenseGrantAccepter resources.\n", "properties": { "allowedOperations": { "type": "array", "items": { "type": "string" }, "description": "A list of the allowed operations for the grant.\n" }, "grantArn": { "type": "string", "description": "The ARN of the grant to accept.\n", "willReplaceOnChanges": true }, "homeRegion": { "type": "string", "description": "The home region for the license.\n" }, "licenseArn": { "type": "string", "description": "The ARN of the license for the grant.\n" }, "name": { "type": "string", "description": "The Name of the grant.\n" }, "parentArn": { "type": "string", "description": "The parent ARN.\n" }, "principal": { "type": "string", "description": "The target account for the grant.\n" }, "status": { "type": "string", "description": "The grant status.\n" }, "version": { "type": "string", "description": "The grant version.\n" } }, "type": "object" } }, "aws:lightsail/bucket:Bucket": { "description": "Provides a lightsail bucket.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Bucket(\"test\", {\n name: \"mytestbucket\",\n bundleId: \"small_1_0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Bucket(\"test\",\n name=\"mytestbucket\",\n bundle_id=\"small_1_0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Bucket(\"test\", new()\n {\n Name = \"mytestbucket\",\n BundleId = \"small_1_0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewBucket(ctx, \"test\", \u0026lightsail.BucketArgs{\n\t\t\tName: pulumi.String(\"mytestbucket\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Bucket;\nimport com.pulumi.aws.lightsail.BucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Bucket(\"test\", BucketArgs.builder()\n .name(\"mytestbucket\")\n .bundleId(\"small_1_0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Bucket\n properties:\n name: mytestbucket\n bundleId: small_1_0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_bucket` using the `name` attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/bucket:Bucket test example-bucket\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail bucket.\n" }, "availabilityZone": { "type": "string", "description": "The resource Availability Zone. Follows the format us-east-2a (case-sensitive).\n" }, "bundleId": { "type": "string", "description": "The ID of the bundle to use for the bucket. A bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket. Use the [get-bucket-bundles](https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-bucket-bundles.html) cli command to get a list of bundle IDs that you can specify.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the bucket was created.\n" }, "forceDelete": { "type": "boolean", "description": "Force Delete non-empty buckets using `pulumi destroy`. AWS by default will not delete an s3 bucket which is not empty, to prevent losing bucket data and affecting other resources in lightsail. If `force_delete` is set to `true` the bucket will be deleted even when not empty.\n" }, "name": { "type": "string", "description": "The name for the bucket.\n" }, "region": { "type": "string", "description": "The Amazon Web Services Region name.\n" }, "supportCode": { "type": "string", "description": "The support code for the resource. Include this code in your email to support when you have questions about a resource in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string" } }, "required": [ "arn", "availabilityZone", "bundleId", "createdAt", "name", "region", "supportCode", "tagsAll", "url" ], "inputProperties": { "bundleId": { "type": "string", "description": "The ID of the bundle to use for the bucket. A bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket. Use the [get-bucket-bundles](https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-bucket-bundles.html) cli command to get a list of bundle IDs that you can specify.\n" }, "forceDelete": { "type": "boolean", "description": "Force Delete non-empty buckets using `pulumi destroy`. AWS by default will not delete an s3 bucket which is not empty, to prevent losing bucket data and affecting other resources in lightsail. If `force_delete` is set to `true` the bucket will be deleted even when not empty.\n" }, "name": { "type": "string", "description": "The name for the bucket.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "bundleId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Bucket resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail bucket.\n" }, "availabilityZone": { "type": "string", "description": "The resource Availability Zone. Follows the format us-east-2a (case-sensitive).\n" }, "bundleId": { "type": "string", "description": "The ID of the bundle to use for the bucket. A bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket. Use the [get-bucket-bundles](https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-bucket-bundles.html) cli command to get a list of bundle IDs that you can specify.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the bucket was created.\n" }, "forceDelete": { "type": "boolean", "description": "Force Delete non-empty buckets using `pulumi destroy`. AWS by default will not delete an s3 bucket which is not empty, to prevent losing bucket data and affecting other resources in lightsail. If `force_delete` is set to `true` the bucket will be deleted even when not empty.\n" }, "name": { "type": "string", "description": "The name for the bucket.\n", "willReplaceOnChanges": true }, "region": { "type": "string", "description": "The Amazon Web Services Region name.\n" }, "supportCode": { "type": "string", "description": "The support code for the resource. Include this code in your email to support when you have questions about a resource in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string" } }, "type": "object" } }, "aws:lightsail/bucketAccessKey:BucketAccessKey": { "description": "Provides a lightsail bucket access key. This is a set of credentials that allow API requests to be made to the lightsail bucket.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Bucket(\"test\", {\n name: \"mytestbucket\",\n bundleId: \"small_1_0\",\n});\nconst testLightsailBucketAccessKeyAccessKey = new aws.index.LightsailBucketAccessKeyAccessKey(\"test\", {bucketName: testAwsLightsailBucketAccessKey.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Bucket(\"test\",\n name=\"mytestbucket\",\n bundle_id=\"small_1_0\")\ntest_lightsail_bucket_access_key_access_key = aws.index.LightsailBucketAccessKeyAccessKey(\"test\", bucket_name=test_aws_lightsail_bucket_access_key.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Bucket(\"test\", new()\n {\n Name = \"mytestbucket\",\n BundleId = \"small_1_0\",\n });\n\n var testLightsailBucketAccessKeyAccessKey = new Aws.Index.LightsailBucketAccessKeyAccessKey(\"test\", new()\n {\n BucketName = testAwsLightsailBucketAccessKey.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewBucket(ctx, \"test\", \u0026lightsail.BucketArgs{\n\t\t\tName: pulumi.String(\"mytestbucket\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewLightsailBucketAccessKeyAccessKey(ctx, \"test\", \u0026aws.LightsailBucketAccessKeyAccessKeyArgs{\n\t\t\tBucketName: testAwsLightsailBucketAccessKey.Id,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Bucket;\nimport com.pulumi.aws.lightsail.BucketArgs;\nimport com.pulumi.aws.lightsailBucketAccessKeyAccessKey;\nimport com.pulumi.aws.LightsailBucketAccessKeyAccessKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Bucket(\"test\", BucketArgs.builder()\n .name(\"mytestbucket\")\n .bundleId(\"small_1_0\")\n .build());\n\n var testLightsailBucketAccessKeyAccessKey = new LightsailBucketAccessKeyAccessKey(\"testLightsailBucketAccessKeyAccessKey\", LightsailBucketAccessKeyAccessKeyArgs.builder()\n .bucketName(testAwsLightsailBucketAccessKey.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Bucket\n properties:\n name: mytestbucket\n bundleId: small_1_0\n testLightsailBucketAccessKeyAccessKey:\n type: aws:lightsailBucketAccessKeyAccessKey\n name: test\n properties:\n bucketName: ${testAwsLightsailBucketAccessKey.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_bucket_access_key` using the `id` attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/bucketAccessKey:BucketAccessKey test example-bucket,AKIAIOSFODNN7EXAMPLE\n```\n", "properties": { "accessKeyId": { "type": "string", "description": "The ID of the access key.\n" }, "bucketName": { "type": "string", "description": "The name of the bucket that the new access key will belong to, and grant access to.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the access key was created.\n" }, "secretAccessKey": { "type": "string", "description": "The secret access key used to sign requests. This attribute is not available for imported resources. Note that this will be written to the state file.\n" }, "status": { "type": "string", "description": "The status of the access key.\n" } }, "required": [ "accessKeyId", "bucketName", "createdAt", "secretAccessKey", "status" ], "inputProperties": { "bucketName": { "type": "string", "description": "The name of the bucket that the new access key will belong to, and grant access to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucketName" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketAccessKey resources.\n", "properties": { "accessKeyId": { "type": "string", "description": "The ID of the access key.\n" }, "bucketName": { "type": "string", "description": "The name of the bucket that the new access key will belong to, and grant access to.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "The timestamp when the access key was created.\n" }, "secretAccessKey": { "type": "string", "description": "The secret access key used to sign requests. This attribute is not available for imported resources. Note that this will be written to the state file.\n" }, "status": { "type": "string", "description": "The status of the access key.\n" } }, "type": "object" } }, "aws:lightsail/bucketResourceAccess:BucketResourceAccess": { "description": "Provides a lightsail resource access to a bucket.\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_bucket_resource_access` using the `id` attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/bucketResourceAccess:BucketResourceAccess test example-bucket,example-instance\n```\n", "properties": { "bucketName": { "type": "string", "description": "The name of the bucket to grant access to.\n" }, "resourceName": { "type": "string", "description": "The name of the resource to be granted bucket access.\n" } }, "required": [ "bucketName", "resourceName" ], "inputProperties": { "bucketName": { "type": "string", "description": "The name of the bucket to grant access to.\n", "willReplaceOnChanges": true }, "resourceName": { "type": "string", "description": "The name of the resource to be granted bucket access.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucketName", "resourceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketResourceAccess resources.\n", "properties": { "bucketName": { "type": "string", "description": "The name of the bucket to grant access to.\n", "willReplaceOnChanges": true }, "resourceName": { "type": "string", "description": "The name of the resource to be granted bucket access.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/certificate:Certificate": { "description": "Provides a lightsail certificate.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Certificate(\"test\", {\n name: \"test\",\n domainName: \"testdomain.com\",\n subjectAlternativeNames: [\"www.testdomain.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Certificate(\"test\",\n name=\"test\",\n domain_name=\"testdomain.com\",\n subject_alternative_names=[\"www.testdomain.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Certificate(\"test\", new()\n {\n Name = \"test\",\n DomainName = \"testdomain.com\",\n SubjectAlternativeNames = new[]\n {\n \"www.testdomain.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewCertificate(ctx, \"test\", \u0026lightsail.CertificateArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tDomainName: pulumi.String(\"testdomain.com\"),\n\t\t\tSubjectAlternativeNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"www.testdomain.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Certificate;\nimport com.pulumi.aws.lightsail.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Certificate(\"test\", CertificateArgs.builder()\n .name(\"test\")\n .domainName(\"testdomain.com\")\n .subjectAlternativeNames(\"www.testdomain.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Certificate\n properties:\n name: test\n domainName: testdomain.com\n subjectAlternativeNames:\n - www.testdomain.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_certificate` using the certificate name. For example:\n\n```sh\n$ pulumi import aws:lightsail/certificate:Certificate test CertificateName\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail certificate.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued.\n" }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "Set of domain validation objects which can be used to complete certificate validation. Can have more than one element, e.g., if SANs are defined.\n" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdAt", "domainName", "domainValidationOptions", "name", "subjectAlternativeNames", "tagsAll" ], "inputProperties": { "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail certificate.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "domainName": { "type": "string", "description": "A domain name for which the certificate should be issued.\n", "willReplaceOnChanges": true }, "domainValidationOptions": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/CertificateDomainValidationOption:CertificateDomainValidationOption" }, "description": "Set of domain validation objects which can be used to complete certificate validation. Can have more than one element, e.g., if SANs are defined.\n" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/containerService:ContainerService": { "description": "An Amazon Lightsail container service is a highly scalable compute and networking resource on which you can deploy, run,\nand manage containers. For more information, see\n[Container services in Amazon Lightsail](https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-container-services).\n\n\u003e **Note:** For more information about the AWS Regions in which you can create Amazon Lightsail container services,\nsee [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myContainerService = new aws.lightsail.ContainerService(\"my_container_service\", {\n name: \"container-service-1\",\n power: \"nano\",\n scale: 1,\n isDisabled: false,\n tags: {\n foo1: \"bar1\",\n foo2: \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_container_service = aws.lightsail.ContainerService(\"my_container_service\",\n name=\"container-service-1\",\n power=\"nano\",\n scale=1,\n is_disabled=False,\n tags={\n \"foo1\": \"bar1\",\n \"foo2\": \"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myContainerService = new Aws.LightSail.ContainerService(\"my_container_service\", new()\n {\n Name = \"container-service-1\",\n Power = \"nano\",\n Scale = 1,\n IsDisabled = false,\n Tags = \n {\n { \"foo1\", \"bar1\" },\n { \"foo2\", \"\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewContainerService(ctx, \"my_container_service\", \u0026lightsail.ContainerServiceArgs{\n\t\t\tName: pulumi.String(\"container-service-1\"),\n\t\t\tPower: pulumi.String(\"nano\"),\n\t\t\tScale: pulumi.Int(1),\n\t\t\tIsDisabled: pulumi.Bool(false),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo1\": pulumi.String(\"bar1\"),\n\t\t\t\t\"foo2\": pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.ContainerService;\nimport com.pulumi.aws.lightsail.ContainerServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myContainerService = new ContainerService(\"myContainerService\", ContainerServiceArgs.builder()\n .name(\"container-service-1\")\n .power(\"nano\")\n .scale(1)\n .isDisabled(false)\n .tags(Map.ofEntries(\n Map.entry(\"foo1\", \"bar1\"),\n Map.entry(\"foo2\", \"\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myContainerService:\n type: aws:lightsail:ContainerService\n name: my_container_service\n properties:\n name: container-service-1\n power: nano\n scale: 1\n isDisabled: false\n tags:\n foo1: bar1\n foo2:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public Domain Names\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myContainerService = new aws.lightsail.ContainerService(\"my_container_service\", {publicDomainNames: {\n certificates: [{\n certificateName: \"example-certificate\",\n domainNames: [\"www.example.com\"],\n }],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_container_service = aws.lightsail.ContainerService(\"my_container_service\", public_domain_names={\n \"certificates\": [{\n \"certificate_name\": \"example-certificate\",\n \"domain_names\": [\"www.example.com\"],\n }],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myContainerService = new Aws.LightSail.ContainerService(\"my_container_service\", new()\n {\n PublicDomainNames = new Aws.LightSail.Inputs.ContainerServicePublicDomainNamesArgs\n {\n Certificates = new[]\n {\n new Aws.LightSail.Inputs.ContainerServicePublicDomainNamesCertificateArgs\n {\n CertificateName = \"example-certificate\",\n DomainNames = new[]\n {\n \"www.example.com\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewContainerService(ctx, \"my_container_service\", \u0026lightsail.ContainerServiceArgs{\n\t\t\tPublicDomainNames: \u0026lightsail.ContainerServicePublicDomainNamesArgs{\n\t\t\t\tCertificates: lightsail.ContainerServicePublicDomainNamesCertificateArray{\n\t\t\t\t\t\u0026lightsail.ContainerServicePublicDomainNamesCertificateArgs{\n\t\t\t\t\t\tCertificateName: pulumi.String(\"example-certificate\"),\n\t\t\t\t\t\tDomainNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.ContainerService;\nimport com.pulumi.aws.lightsail.ContainerServiceArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServicePublicDomainNamesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myContainerService = new ContainerService(\"myContainerService\", ContainerServiceArgs.builder()\n .publicDomainNames(ContainerServicePublicDomainNamesArgs.builder()\n .certificates(ContainerServicePublicDomainNamesCertificateArgs.builder()\n .certificateName(\"example-certificate\")\n .domainNames(\"www.example.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myContainerService:\n type: aws:lightsail:ContainerService\n name: my_container_service\n properties:\n publicDomainNames:\n certificates:\n - certificateName: example-certificate\n domainNames:\n - www.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private Registry Access\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultContainerService = new aws.lightsail.ContainerService(\"default\", {privateRegistryAccess: {\n ecrImagePullerRole: {\n isActive: true,\n },\n}});\nconst default = defaultContainerService.privateRegistryAccess.apply(privateRegistryAccess =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [privateRegistryAccess.ecrImagePullerRole?.principalArn],\n }],\n actions: [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n }],\n}));\nconst defaultRepositoryPolicy = new aws.ecr.RepositoryPolicy(\"default\", {\n repository: defaultAwsEcrRepository.name,\n policy: _default.apply(_default =\u003e _default.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_container_service = aws.lightsail.ContainerService(\"default\", private_registry_access={\n \"ecr_image_puller_role\": {\n \"is_active\": True,\n },\n})\ndefault = default_container_service.private_registry_access.apply(lambda private_registry_access: aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [private_registry_access.ecr_image_puller_role.principal_arn],\n }],\n \"actions\": [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n}]))\ndefault_repository_policy = aws.ecr.RepositoryPolicy(\"default\",\n repository=default_aws_ecr_repository[\"name\"],\n policy=default.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultContainerService = new Aws.LightSail.ContainerService(\"default\", new()\n {\n PrivateRegistryAccess = new Aws.LightSail.Inputs.ContainerServicePrivateRegistryAccessArgs\n {\n EcrImagePullerRole = new Aws.LightSail.Inputs.ContainerServicePrivateRegistryAccessEcrImagePullerRoleArgs\n {\n IsActive = true,\n },\n },\n });\n\n var @default = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n defaultContainerService.PrivateRegistryAccess.EcrImagePullerRole?.PrincipalArn,\n },\n },\n },\n Actions = new[]\n {\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n },\n },\n },\n });\n\n var defaultRepositoryPolicy = new Aws.Ecr.RepositoryPolicy(\"default\", new()\n {\n Repository = defaultAwsEcrRepository.Name,\n Policy = @default.Apply(@default =\u003e @default.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ndefaultContainerService, err := lightsail.NewContainerService(ctx, \"default\", \u0026lightsail.ContainerServiceArgs{\nPrivateRegistryAccess: \u0026lightsail.ContainerServicePrivateRegistryAccessArgs{\nEcrImagePullerRole: \u0026lightsail.ContainerServicePrivateRegistryAccessEcrImagePullerRoleArgs{\nIsActive: pulumi.Bool(true),\n},\n},\n})\nif err != nil {\nreturn err\n}\n_default := defaultContainerService.PrivateRegistryAccess.ApplyT(func(privateRegistryAccess lightsail.ContainerServicePrivateRegistryAccess) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nprivateRegistryAccess.EcrImagePullerRole.PrincipalArn,\n},\n},\n},\nActions: []string{\n\"ecr:BatchGetImage\",\n\"ecr:GetDownloadUrlForLayer\",\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = ecr.NewRepositoryPolicy(ctx, \"default\", \u0026ecr.RepositoryPolicyArgs{\nRepository: pulumi.Any(defaultAwsEcrRepository.Name),\nPolicy: pulumi.String(_default.ApplyT(func(_default iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026default.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.ContainerService;\nimport com.pulumi.aws.lightsail.ContainerServiceArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServicePrivateRegistryAccessArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServicePrivateRegistryAccessEcrImagePullerRoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ecr.RepositoryPolicy;\nimport com.pulumi.aws.ecr.RepositoryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultContainerService = new ContainerService(\"defaultContainerService\", ContainerServiceArgs.builder()\n .privateRegistryAccess(ContainerServicePrivateRegistryAccessArgs.builder()\n .ecrImagePullerRole(ContainerServicePrivateRegistryAccessEcrImagePullerRoleArgs.builder()\n .isActive(true)\n .build())\n .build())\n .build());\n\n final var default = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(defaultContainerService.privateRegistryAccess().applyValue(privateRegistryAccess -\u003e privateRegistryAccess.ecrImagePullerRole().principalArn()))\n .build())\n .actions( \n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\")\n .build())\n .build());\n\n var defaultRepositoryPolicy = new RepositoryPolicy(\"defaultRepositoryPolicy\", RepositoryPolicyArgs.builder()\n .repository(defaultAwsEcrRepository.name())\n .policy(default_.applyValue(default_ -\u003e default_.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n defaultContainerService:\n type: aws:lightsail:ContainerService\n name: default\n properties:\n privateRegistryAccess:\n ecrImagePullerRole:\n isActive: true\n defaultRepositoryPolicy:\n type: aws:ecr:RepositoryPolicy\n name: default\n properties:\n repository: ${defaultAwsEcrRepository.name}\n policy: ${default.json}\nvariables:\n default:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${defaultContainerService.privateRegistryAccess.ecrImagePullerRole.principalArn}\n actions:\n - ecr:BatchGetImage\n - ecr:GetDownloadUrlForLayer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Container Service using the `name`. For example:\n\n```sh\n$ pulumi import aws:lightsail/containerService:ContainerService my_container_service container-service-1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the container service.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone. Follows the format us-east-2a (case-sensitive).\n" }, "createdAt": { "type": "string" }, "isDisabled": { "type": "boolean", "description": "A Boolean value indicating whether the container service is disabled. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The name for the container service. Names must be of length 1 to 63, and be\nunique within each AWS Region in your Lightsail account.\n" }, "power": { "type": "string", "description": "The power specification for the container service. The power specifies the amount of memory,\nthe number of vCPUs, and the monthly price of each node of the container service.\nPossible values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`.\n" }, "powerId": { "type": "string", "description": "The ID of the power of the container service.\n" }, "principalArn": { "type": "string", "description": "The principal ARN of the container service. The principal ARN can be used to create a trust\nrelationship between your standard AWS account and your Lightsail container service. This allows you to give your\nservice permission to access resources in your standard AWS account.\n" }, "privateDomainName": { "type": "string", "description": "The private domain name of the container service. The private domain name is accessible only\nby other resources within the default virtual private cloud (VPC) of your Lightsail account.\n" }, "privateRegistryAccess": { "$ref": "#/types/aws:lightsail/ContainerServicePrivateRegistryAccess:ContainerServicePrivateRegistryAccess", "description": "An object to describe the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See Private Registry Access below for more details.\n" }, "publicDomainNames": { "$ref": "#/types/aws:lightsail/ContainerServicePublicDomainNames:ContainerServicePublicDomainNames", "description": "The public domain names to use with the container service, such as example.com\nand www.example.com. You can specify up to four public domain names for a container service. The domain names that you\nspecify are used when you create a deployment with a container configured as the public endpoint of your container\nservice. If you don't specify public domain names, then you can use the default domain of the container service.\nDefined below.\n" }, "resourceType": { "type": "string", "description": "The Lightsail resource type of the container service (i.e., ContainerService).\n" }, "scale": { "type": "integer", "description": "The scale specification for the container service. The scale specifies the allocated compute\nnodes of the container service.\n" }, "state": { "type": "string", "description": "The current state of the container service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of container service tags. To create a key-only tag, use an empty string as the value. To tag at launch, specify the tags in the Launch Template. If\nconfigured with a provider\n`default_tags` configuration block\npresent, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider\n`default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The publicly accessible URL of the container service. If no public endpoint is specified in the\ncurrentDeployment, this URL returns a 404 response.\n" } }, "required": [ "arn", "availabilityZone", "createdAt", "name", "power", "powerId", "principalArn", "privateDomainName", "privateRegistryAccess", "resourceType", "scale", "state", "tagsAll", "url" ], "inputProperties": { "isDisabled": { "type": "boolean", "description": "A Boolean value indicating whether the container service is disabled. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The name for the container service. Names must be of length 1 to 63, and be\nunique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "power": { "type": "string", "description": "The power specification for the container service. The power specifies the amount of memory,\nthe number of vCPUs, and the monthly price of each node of the container service.\nPossible values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`.\n" }, "privateRegistryAccess": { "$ref": "#/types/aws:lightsail/ContainerServicePrivateRegistryAccess:ContainerServicePrivateRegistryAccess", "description": "An object to describe the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See Private Registry Access below for more details.\n" }, "publicDomainNames": { "$ref": "#/types/aws:lightsail/ContainerServicePublicDomainNames:ContainerServicePublicDomainNames", "description": "The public domain names to use with the container service, such as example.com\nand www.example.com. You can specify up to four public domain names for a container service. The domain names that you\nspecify are used when you create a deployment with a container configured as the public endpoint of your container\nservice. If you don't specify public domain names, then you can use the default domain of the container service.\nDefined below.\n" }, "scale": { "type": "integer", "description": "The scale specification for the container service. The scale specifies the allocated compute\nnodes of the container service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of container service tags. To create a key-only tag, use an empty string as the value. To tag at launch, specify the tags in the Launch Template. If\nconfigured with a provider\n`default_tags` configuration block\npresent, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "power", "scale" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContainerService resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the container service.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone. Follows the format us-east-2a (case-sensitive).\n" }, "createdAt": { "type": "string" }, "isDisabled": { "type": "boolean", "description": "A Boolean value indicating whether the container service is disabled. Defaults to `false`.\n" }, "name": { "type": "string", "description": "The name for the container service. Names must be of length 1 to 63, and be\nunique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "power": { "type": "string", "description": "The power specification for the container service. The power specifies the amount of memory,\nthe number of vCPUs, and the monthly price of each node of the container service.\nPossible values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`.\n" }, "powerId": { "type": "string", "description": "The ID of the power of the container service.\n" }, "principalArn": { "type": "string", "description": "The principal ARN of the container service. The principal ARN can be used to create a trust\nrelationship between your standard AWS account and your Lightsail container service. This allows you to give your\nservice permission to access resources in your standard AWS account.\n" }, "privateDomainName": { "type": "string", "description": "The private domain name of the container service. The private domain name is accessible only\nby other resources within the default virtual private cloud (VPC) of your Lightsail account.\n" }, "privateRegistryAccess": { "$ref": "#/types/aws:lightsail/ContainerServicePrivateRegistryAccess:ContainerServicePrivateRegistryAccess", "description": "An object to describe the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See Private Registry Access below for more details.\n" }, "publicDomainNames": { "$ref": "#/types/aws:lightsail/ContainerServicePublicDomainNames:ContainerServicePublicDomainNames", "description": "The public domain names to use with the container service, such as example.com\nand www.example.com. You can specify up to four public domain names for a container service. The domain names that you\nspecify are used when you create a deployment with a container configured as the public endpoint of your container\nservice. If you don't specify public domain names, then you can use the default domain of the container service.\nDefined below.\n" }, "resourceType": { "type": "string", "description": "The Lightsail resource type of the container service (i.e., ContainerService).\n" }, "scale": { "type": "integer", "description": "The scale specification for the container service. The scale specifies the allocated compute\nnodes of the container service.\n" }, "state": { "type": "string", "description": "The current state of the container service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of container service tags. To create a key-only tag, use an empty string as the value. To tag at launch, specify the tags in the Launch Template. If\nconfigured with a provider\n`default_tags` configuration block\npresent, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider\n`default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The publicly accessible URL of the container service. If no public endpoint is specified in the\ncurrentDeployment, this URL returns a 404 response.\n" } }, "type": "object" } }, "aws:lightsail/containerServiceDeploymentVersion:ContainerServiceDeploymentVersion": { "description": "Provides a resource to manage a deployment version for your Amazon Lightsail container service.\n\n\u003e **NOTE:** The Amazon Lightsail container service must be enabled to create a deployment.\n\n\u003e **NOTE:** This resource allows you to manage an Amazon Lightsail container service deployment version but the provider cannot destroy it. Removing this resource from your configuration will remove it from your statefile.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lightsail.ContainerServiceDeploymentVersion(\"example\", {\n containers: [{\n containerName: \"hello-world\",\n image: \"amazon/amazon-lightsail:hello-world\",\n commands: [],\n environment: {\n MY_ENVIRONMENT_VARIABLE: \"my_value\",\n },\n ports: {\n \"80\": \"HTTP\",\n },\n }],\n publicEndpoint: {\n containerName: \"hello-world\",\n containerPort: 80,\n healthCheck: {\n healthyThreshold: 2,\n unhealthyThreshold: 2,\n timeoutSeconds: 2,\n intervalSeconds: 5,\n path: \"/\",\n successCodes: \"200-499\",\n },\n },\n serviceName: exampleAwsLightsailContainerService.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lightsail.ContainerServiceDeploymentVersion(\"example\",\n containers=[{\n \"container_name\": \"hello-world\",\n \"image\": \"amazon/amazon-lightsail:hello-world\",\n \"commands\": [],\n \"environment\": {\n \"m_y__environmen_t__variable\": \"my_value\",\n },\n \"ports\": {\n \"_80\": \"HTTP\",\n },\n }],\n public_endpoint={\n \"container_name\": \"hello-world\",\n \"container_port\": 80,\n \"health_check\": {\n \"healthy_threshold\": 2,\n \"unhealthy_threshold\": 2,\n \"timeout_seconds\": 2,\n \"interval_seconds\": 5,\n \"path\": \"/\",\n \"success_codes\": \"200-499\",\n },\n },\n service_name=example_aws_lightsail_container_service[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LightSail.ContainerServiceDeploymentVersion(\"example\", new()\n {\n Containers = new[]\n {\n new Aws.LightSail.Inputs.ContainerServiceDeploymentVersionContainerArgs\n {\n ContainerName = \"hello-world\",\n Image = \"amazon/amazon-lightsail:hello-world\",\n Commands = new() { },\n Environment = \n {\n { \"MY_ENVIRONMENT_VARIABLE\", \"my_value\" },\n },\n Ports = \n {\n { \"80\", \"HTTP\" },\n },\n },\n },\n PublicEndpoint = new Aws.LightSail.Inputs.ContainerServiceDeploymentVersionPublicEndpointArgs\n {\n ContainerName = \"hello-world\",\n ContainerPort = 80,\n HealthCheck = new Aws.LightSail.Inputs.ContainerServiceDeploymentVersionPublicEndpointHealthCheckArgs\n {\n HealthyThreshold = 2,\n UnhealthyThreshold = 2,\n TimeoutSeconds = 2,\n IntervalSeconds = 5,\n Path = \"/\",\n SuccessCodes = \"200-499\",\n },\n },\n ServiceName = exampleAwsLightsailContainerService.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewContainerServiceDeploymentVersion(ctx, \"example\", \u0026lightsail.ContainerServiceDeploymentVersionArgs{\n\t\t\tContainers: lightsail.ContainerServiceDeploymentVersionContainerArray{\n\t\t\t\t\u0026lightsail.ContainerServiceDeploymentVersionContainerArgs{\n\t\t\t\t\tContainerName: pulumi.String(\"hello-world\"),\n\t\t\t\t\tImage: pulumi.String(\"amazon/amazon-lightsail:hello-world\"),\n\t\t\t\t\tCommands: pulumi.StringArray{},\n\t\t\t\t\tEnvironment: pulumi.StringMap{\n\t\t\t\t\t\t\"MY_ENVIRONMENT_VARIABLE\": pulumi.String(\"my_value\"),\n\t\t\t\t\t},\n\t\t\t\t\tPorts: pulumi.StringMap{\n\t\t\t\t\t\t\"80\": pulumi.String(\"HTTP\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPublicEndpoint: \u0026lightsail.ContainerServiceDeploymentVersionPublicEndpointArgs{\n\t\t\t\tContainerName: pulumi.String(\"hello-world\"),\n\t\t\t\tContainerPort: pulumi.Int(80),\n\t\t\t\tHealthCheck: \u0026lightsail.ContainerServiceDeploymentVersionPublicEndpointHealthCheckArgs{\n\t\t\t\t\tHealthyThreshold: pulumi.Int(2),\n\t\t\t\t\tUnhealthyThreshold: pulumi.Int(2),\n\t\t\t\t\tTimeoutSeconds: pulumi.Int(2),\n\t\t\t\t\tIntervalSeconds: pulumi.Int(5),\n\t\t\t\t\tPath: pulumi.String(\"/\"),\n\t\t\t\t\tSuccessCodes: pulumi.String(\"200-499\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceName: pulumi.Any(exampleAwsLightsailContainerService.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.ContainerServiceDeploymentVersion;\nimport com.pulumi.aws.lightsail.ContainerServiceDeploymentVersionArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServiceDeploymentVersionContainerArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServiceDeploymentVersionPublicEndpointArgs;\nimport com.pulumi.aws.lightsail.inputs.ContainerServiceDeploymentVersionPublicEndpointHealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContainerServiceDeploymentVersion(\"example\", ContainerServiceDeploymentVersionArgs.builder()\n .containers(ContainerServiceDeploymentVersionContainerArgs.builder()\n .containerName(\"hello-world\")\n .image(\"amazon/amazon-lightsail:hello-world\")\n .commands()\n .environment(Map.of(\"MY_ENVIRONMENT_VARIABLE\", \"my_value\"))\n .ports(Map.of(\"80\", \"HTTP\"))\n .build())\n .publicEndpoint(ContainerServiceDeploymentVersionPublicEndpointArgs.builder()\n .containerName(\"hello-world\")\n .containerPort(80)\n .healthCheck(ContainerServiceDeploymentVersionPublicEndpointHealthCheckArgs.builder()\n .healthyThreshold(2)\n .unhealthyThreshold(2)\n .timeoutSeconds(2)\n .intervalSeconds(5)\n .path(\"/\")\n .successCodes(\"200-499\")\n .build())\n .build())\n .serviceName(exampleAwsLightsailContainerService.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lightsail:ContainerServiceDeploymentVersion\n properties:\n containers:\n - containerName: hello-world\n image: amazon/amazon-lightsail:hello-world\n commands: []\n environment:\n MY_ENVIRONMENT_VARIABLE: my_value\n ports:\n '80': HTTP\n publicEndpoint:\n containerName: hello-world\n containerPort: 80\n healthCheck:\n healthyThreshold: 2\n unhealthyThreshold: 2\n timeoutSeconds: 2\n intervalSeconds: 5\n path: /\n successCodes: 200-499\n serviceName: ${exampleAwsLightsailContainerService.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Container Service Deployment Version using the `service_name` and `version` separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:lightsail/containerServiceDeploymentVersion:ContainerServiceDeploymentVersion example container-service-1/1\n```\n", "properties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionContainer:ContainerServiceDeploymentVersionContainer" }, "description": "A set of configuration blocks that describe the settings of the containers that will be launched on the container service. Maximum of 53. Detailed below.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the deployment was created.\n" }, "publicEndpoint": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionPublicEndpoint:ContainerServiceDeploymentVersionPublicEndpoint", "description": "A configuration block that describes the settings of the public endpoint for the container service. Detailed below.\n" }, "serviceName": { "type": "string", "description": "The name for the container service.\n" }, "state": { "type": "string", "description": "The current state of the container service.\n" }, "version": { "type": "integer", "description": "The version number of the deployment.\n" } }, "required": [ "containers", "createdAt", "serviceName", "state", "version" ], "inputProperties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionContainer:ContainerServiceDeploymentVersionContainer" }, "description": "A set of configuration blocks that describe the settings of the containers that will be launched on the container service. Maximum of 53. Detailed below.\n", "willReplaceOnChanges": true }, "publicEndpoint": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionPublicEndpoint:ContainerServiceDeploymentVersionPublicEndpoint", "description": "A configuration block that describes the settings of the public endpoint for the container service. Detailed below.\n", "willReplaceOnChanges": true }, "serviceName": { "type": "string", "description": "The name for the container service.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "containers", "serviceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContainerServiceDeploymentVersion resources.\n", "properties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionContainer:ContainerServiceDeploymentVersionContainer" }, "description": "A set of configuration blocks that describe the settings of the containers that will be launched on the container service. Maximum of 53. Detailed below.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "The timestamp when the deployment was created.\n" }, "publicEndpoint": { "$ref": "#/types/aws:lightsail/ContainerServiceDeploymentVersionPublicEndpoint:ContainerServiceDeploymentVersionPublicEndpoint", "description": "A configuration block that describes the settings of the public endpoint for the container service. Detailed below.\n", "willReplaceOnChanges": true }, "serviceName": { "type": "string", "description": "The name for the container service.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The current state of the container service.\n" }, "version": { "type": "integer", "description": "The version number of the deployment.\n" } }, "type": "object" } }, "aws:lightsail/database:Database": { "description": "Provides a Lightsail Database. Amazon Lightsail is a service to provide easy virtual private servers\nwith custom software already setup. See [What is Amazon Lightsail?](https://lightsail.aws.amazon.com/ls/docs/getting-started/article/what-is-amazon-lightsail)\nfor more information.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones\"](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/) for more details\n\n## Example Usage\n\n### Basic mysql blueprint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Database(\"test\", {\n relationalDatabaseName: \"test\",\n availabilityZone: \"us-east-1a\",\n masterDatabaseName: \"testdatabasename\",\n masterPassword: \"testdatabasepassword\",\n masterUsername: \"test\",\n blueprintId: \"mysql_8_0\",\n bundleId: \"micro_1_0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Database(\"test\",\n relational_database_name=\"test\",\n availability_zone=\"us-east-1a\",\n master_database_name=\"testdatabasename\",\n master_password=\"testdatabasepassword\",\n master_username=\"test\",\n blueprint_id=\"mysql_8_0\",\n bundle_id=\"micro_1_0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Database(\"test\", new()\n {\n RelationalDatabaseName = \"test\",\n AvailabilityZone = \"us-east-1a\",\n MasterDatabaseName = \"testdatabasename\",\n MasterPassword = \"testdatabasepassword\",\n MasterUsername = \"test\",\n BlueprintId = \"mysql_8_0\",\n BundleId = \"micro_1_0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDatabase(ctx, \"test\", \u0026lightsail.DatabaseArgs{\n\t\t\tRelationalDatabaseName: pulumi.String(\"test\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tMasterDatabaseName: pulumi.String(\"testdatabasename\"),\n\t\t\tMasterPassword: pulumi.String(\"testdatabasepassword\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tBlueprintId: pulumi.String(\"mysql_8_0\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Database;\nimport com.pulumi.aws.lightsail.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Database(\"test\", DatabaseArgs.builder()\n .relationalDatabaseName(\"test\")\n .availabilityZone(\"us-east-1a\")\n .masterDatabaseName(\"testdatabasename\")\n .masterPassword(\"testdatabasepassword\")\n .masterUsername(\"test\")\n .blueprintId(\"mysql_8_0\")\n .bundleId(\"micro_1_0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Database\n properties:\n relationalDatabaseName: test\n availabilityZone: us-east-1a\n masterDatabaseName: testdatabasename\n masterPassword: testdatabasepassword\n masterUsername: test\n blueprintId: mysql_8_0\n bundleId: micro_1_0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic postrgres blueprint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Database(\"test\", {\n relationalDatabaseName: \"test\",\n availabilityZone: \"us-east-1a\",\n masterDatabaseName: \"testdatabasename\",\n masterPassword: \"testdatabasepassword\",\n masterUsername: \"test\",\n blueprintId: \"postgres_12\",\n bundleId: \"micro_1_0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Database(\"test\",\n relational_database_name=\"test\",\n availability_zone=\"us-east-1a\",\n master_database_name=\"testdatabasename\",\n master_password=\"testdatabasepassword\",\n master_username=\"test\",\n blueprint_id=\"postgres_12\",\n bundle_id=\"micro_1_0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Database(\"test\", new()\n {\n RelationalDatabaseName = \"test\",\n AvailabilityZone = \"us-east-1a\",\n MasterDatabaseName = \"testdatabasename\",\n MasterPassword = \"testdatabasepassword\",\n MasterUsername = \"test\",\n BlueprintId = \"postgres_12\",\n BundleId = \"micro_1_0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDatabase(ctx, \"test\", \u0026lightsail.DatabaseArgs{\n\t\t\tRelationalDatabaseName: pulumi.String(\"test\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tMasterDatabaseName: pulumi.String(\"testdatabasename\"),\n\t\t\tMasterPassword: pulumi.String(\"testdatabasepassword\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tBlueprintId: pulumi.String(\"postgres_12\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Database;\nimport com.pulumi.aws.lightsail.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Database(\"test\", DatabaseArgs.builder()\n .relationalDatabaseName(\"test\")\n .availabilityZone(\"us-east-1a\")\n .masterDatabaseName(\"testdatabasename\")\n .masterPassword(\"testdatabasepassword\")\n .masterUsername(\"test\")\n .blueprintId(\"postgres_12\")\n .bundleId(\"micro_1_0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Database\n properties:\n relationalDatabaseName: test\n availabilityZone: us-east-1a\n masterDatabaseName: testdatabasename\n masterPassword: testdatabasepassword\n masterUsername: test\n blueprintId: postgres_12\n bundleId: micro_1_0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom backup and maintenance windows\n\nBelow is an example that sets a custom backup and maintenance window. Times are specified in UTC. This example will allow daily backups to take place between 16:00 and 16:30 each day. This example also requires any maintiance tasks (anything that would cause an outage, including changing some attributes) to take place on Tuesdays between 17:00 and 17:30. An action taken against this database that would cause an outage will wait until this time window to make the requested changes.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Database(\"test\", {\n relationalDatabaseName: \"test\",\n availabilityZone: \"us-east-1a\",\n masterDatabaseName: \"testdatabasename\",\n masterPassword: \"testdatabasepassword\",\n masterUsername: \"test\",\n blueprintId: \"postgres_12\",\n bundleId: \"micro_1_0\",\n preferredBackupWindow: \"16:00-16:30\",\n preferredMaintenanceWindow: \"Tue:17:00-Tue:17:30\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Database(\"test\",\n relational_database_name=\"test\",\n availability_zone=\"us-east-1a\",\n master_database_name=\"testdatabasename\",\n master_password=\"testdatabasepassword\",\n master_username=\"test\",\n blueprint_id=\"postgres_12\",\n bundle_id=\"micro_1_0\",\n preferred_backup_window=\"16:00-16:30\",\n preferred_maintenance_window=\"Tue:17:00-Tue:17:30\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Database(\"test\", new()\n {\n RelationalDatabaseName = \"test\",\n AvailabilityZone = \"us-east-1a\",\n MasterDatabaseName = \"testdatabasename\",\n MasterPassword = \"testdatabasepassword\",\n MasterUsername = \"test\",\n BlueprintId = \"postgres_12\",\n BundleId = \"micro_1_0\",\n PreferredBackupWindow = \"16:00-16:30\",\n PreferredMaintenanceWindow = \"Tue:17:00-Tue:17:30\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDatabase(ctx, \"test\", \u0026lightsail.DatabaseArgs{\n\t\t\tRelationalDatabaseName: pulumi.String(\"test\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tMasterDatabaseName: pulumi.String(\"testdatabasename\"),\n\t\t\tMasterPassword: pulumi.String(\"testdatabasepassword\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tBlueprintId: pulumi.String(\"postgres_12\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"16:00-16:30\"),\n\t\t\tPreferredMaintenanceWindow: pulumi.String(\"Tue:17:00-Tue:17:30\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Database;\nimport com.pulumi.aws.lightsail.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Database(\"test\", DatabaseArgs.builder()\n .relationalDatabaseName(\"test\")\n .availabilityZone(\"us-east-1a\")\n .masterDatabaseName(\"testdatabasename\")\n .masterPassword(\"testdatabasepassword\")\n .masterUsername(\"test\")\n .blueprintId(\"postgres_12\")\n .bundleId(\"micro_1_0\")\n .preferredBackupWindow(\"16:00-16:30\")\n .preferredMaintenanceWindow(\"Tue:17:00-Tue:17:30\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Database\n properties:\n relationalDatabaseName: test\n availabilityZone: us-east-1a\n masterDatabaseName: testdatabasename\n masterPassword: testdatabasepassword\n masterUsername: test\n blueprintId: postgres_12\n bundleId: micro_1_0\n preferredBackupWindow: 16:00-16:30\n preferredMaintenanceWindow: Tue:17:00-Tue:17:30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Final Snapshots\n\nTo enable creating a final snapshot of your database on deletion, use the `final_snapshot_name` argument to provide a name to be used for the snapshot.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Database(\"test\", {\n relationalDatabaseName: \"test\",\n availabilityZone: \"us-east-1a\",\n masterDatabaseName: \"testdatabasename\",\n masterPassword: \"testdatabasepassword\",\n masterUsername: \"test\",\n blueprintId: \"postgres_12\",\n bundleId: \"micro_1_0\",\n preferredBackupWindow: \"16:00-16:30\",\n preferredMaintenanceWindow: \"Tue:17:00-Tue:17:30\",\n finalSnapshotName: \"MyFinalSnapshot\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Database(\"test\",\n relational_database_name=\"test\",\n availability_zone=\"us-east-1a\",\n master_database_name=\"testdatabasename\",\n master_password=\"testdatabasepassword\",\n master_username=\"test\",\n blueprint_id=\"postgres_12\",\n bundle_id=\"micro_1_0\",\n preferred_backup_window=\"16:00-16:30\",\n preferred_maintenance_window=\"Tue:17:00-Tue:17:30\",\n final_snapshot_name=\"MyFinalSnapshot\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Database(\"test\", new()\n {\n RelationalDatabaseName = \"test\",\n AvailabilityZone = \"us-east-1a\",\n MasterDatabaseName = \"testdatabasename\",\n MasterPassword = \"testdatabasepassword\",\n MasterUsername = \"test\",\n BlueprintId = \"postgres_12\",\n BundleId = \"micro_1_0\",\n PreferredBackupWindow = \"16:00-16:30\",\n PreferredMaintenanceWindow = \"Tue:17:00-Tue:17:30\",\n FinalSnapshotName = \"MyFinalSnapshot\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDatabase(ctx, \"test\", \u0026lightsail.DatabaseArgs{\n\t\t\tRelationalDatabaseName: pulumi.String(\"test\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tMasterDatabaseName: pulumi.String(\"testdatabasename\"),\n\t\t\tMasterPassword: pulumi.String(\"testdatabasepassword\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tBlueprintId: pulumi.String(\"postgres_12\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t\tPreferredBackupWindow: pulumi.String(\"16:00-16:30\"),\n\t\t\tPreferredMaintenanceWindow: pulumi.String(\"Tue:17:00-Tue:17:30\"),\n\t\t\tFinalSnapshotName: pulumi.String(\"MyFinalSnapshot\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Database;\nimport com.pulumi.aws.lightsail.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Database(\"test\", DatabaseArgs.builder()\n .relationalDatabaseName(\"test\")\n .availabilityZone(\"us-east-1a\")\n .masterDatabaseName(\"testdatabasename\")\n .masterPassword(\"testdatabasepassword\")\n .masterUsername(\"test\")\n .blueprintId(\"postgres_12\")\n .bundleId(\"micro_1_0\")\n .preferredBackupWindow(\"16:00-16:30\")\n .preferredMaintenanceWindow(\"Tue:17:00-Tue:17:30\")\n .finalSnapshotName(\"MyFinalSnapshot\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Database\n properties:\n relationalDatabaseName: test\n availabilityZone: us-east-1a\n masterDatabaseName: testdatabasename\n masterPassword: testdatabasepassword\n masterUsername: test\n blueprintId: postgres_12\n bundleId: micro_1_0\n preferredBackupWindow: 16:00-16:30\n preferredMaintenanceWindow: Tue:17:00-Tue:17:30\n finalSnapshotName: MyFinalSnapshot\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Apply Immediately\n\nTo enable applying changes immediately instead of waiting for a maintiance window, use the `apply_immediately` argument.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Database(\"test\", {\n relationalDatabaseName: \"test\",\n availabilityZone: \"us-east-1a\",\n masterDatabaseName: \"testdatabasename\",\n masterPassword: \"testdatabasepassword\",\n masterUsername: \"test\",\n blueprintId: \"postgres_12\",\n bundleId: \"micro_1_0\",\n applyImmediately: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Database(\"test\",\n relational_database_name=\"test\",\n availability_zone=\"us-east-1a\",\n master_database_name=\"testdatabasename\",\n master_password=\"testdatabasepassword\",\n master_username=\"test\",\n blueprint_id=\"postgres_12\",\n bundle_id=\"micro_1_0\",\n apply_immediately=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Database(\"test\", new()\n {\n RelationalDatabaseName = \"test\",\n AvailabilityZone = \"us-east-1a\",\n MasterDatabaseName = \"testdatabasename\",\n MasterPassword = \"testdatabasepassword\",\n MasterUsername = \"test\",\n BlueprintId = \"postgres_12\",\n BundleId = \"micro_1_0\",\n ApplyImmediately = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDatabase(ctx, \"test\", \u0026lightsail.DatabaseArgs{\n\t\t\tRelationalDatabaseName: pulumi.String(\"test\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tMasterDatabaseName: pulumi.String(\"testdatabasename\"),\n\t\t\tMasterPassword: pulumi.String(\"testdatabasepassword\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tBlueprintId: pulumi.String(\"postgres_12\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Database;\nimport com.pulumi.aws.lightsail.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Database(\"test\", DatabaseArgs.builder()\n .relationalDatabaseName(\"test\")\n .availabilityZone(\"us-east-1a\")\n .masterDatabaseName(\"testdatabasename\")\n .masterPassword(\"testdatabasepassword\")\n .masterUsername(\"test\")\n .blueprintId(\"postgres_12\")\n .bundleId(\"micro_1_0\")\n .applyImmediately(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Database\n properties:\n relationalDatabaseName: test\n availabilityZone: us-east-1a\n masterDatabaseName: testdatabasename\n masterPassword: testdatabasepassword\n masterUsername: test\n blueprintId: postgres_12\n bundleId: micro_1_0\n applyImmediately: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Blueprint Ids\n\nA list of all available Lightsail Blueprints for Relational Databases the [aws lightsail get-relational-database-blueprints](https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-relational-database-blueprints.html) aws cli command.\n\n### Examples\n\n- `mysql_8_0`\n- `postgres_12`\n\n### Prefix\n\nA Blueprint ID starts with a prefix of the engine type.\n\n### Suffix\n\nA Blueprint ID has a sufix of the engine version.\n\n## Bundles\n\nA list of all available Lightsail Bundles for Relational Databases the [aws lightsail get-relational-database-bundles](https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-relational-database-bundles.html) aws cli command.\n\n### Examples\n\n- `small_1_0`\n- `small_ha_1_0`\n- `large_1_0`\n- `large_ha_1_0`\n\n### Prefix\n\nA Bundle ID starts with one of the below size prefixes:\n\n- `micro_`\n- `small_`\n- `medium_`\n- `large_`\n\n### Infixes (Optional for HA Database)\n\nA Bundle Id can have the following infix added in order to use the HA option of the selected bundle.\n\n- `ha_`\n\n### Suffix\n\nA Bundle ID ends with one of the following suffix: `1_0`\n\n## Import\n\nUsing `pulumi import`, import Lightsail Databases using their name. For example:\n\n```sh\n$ pulumi import aws:lightsail/database:Database foo 'bar'\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "When true , applies changes immediately. When false , applies changes during the preferred maintenance window. Some changes may cause an outage.\n" }, "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format.\n" }, "backupRetentionEnabled": { "type": "boolean", "description": "When true, enables automated backup retention for your database. When false, disables automated backup retention for your database. Disabling backup retention deletes all automated database backups. Before disabling this, you may want to create a snapshot of your database.\n" }, "blueprintId": { "type": "string", "description": "The blueprint ID for your new database. A blueprint describes the major engine version of a database. You can get a list of database blueprints IDs by using the AWS CLI command: `aws lightsail get-relational-database-blueprints`\n" }, "bundleId": { "type": "string", "description": "The bundle ID for your new database. A bundle describes the performance specifications for your database (see list below). You can get a list of database bundle IDs by using the AWS CLI command: `aws lightsail get-relational-database-bundles`.\n" }, "caCertificateIdentifier": { "type": "string", "description": "The certificate associated with the database.\n" }, "cpuCount": { "type": "integer", "description": "The number of vCPUs for the database.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "diskSize": { "type": "number", "description": "The size of the disk for the database.\n" }, "engine": { "type": "string", "description": "The database software (for example, MySQL).\n" }, "engineVersion": { "type": "string", "description": "The database engine version (for example, 5.7.23).\n" }, "finalSnapshotName": { "type": "string", "description": "The name of the database snapshot created if skip final snapshot is false, which is the default value for that parameter.\n" }, "masterDatabaseName": { "type": "string", "description": "The name of the master database created when the Lightsail database resource is created.\n" }, "masterEndpointAddress": { "type": "string", "description": "The master endpoint fqdn for the database.\n" }, "masterEndpointPort": { "type": "integer", "description": "The master endpoint network port for the database.\n" }, "masterPassword": { "type": "string", "description": "The password for the master user of your new database. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n", "secret": true }, "masterUsername": { "type": "string", "description": "The master user name for your new database.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created for your new database if automated backups are enabled. Must be in the hh24:mi-hh24:mi format. Example: `16:00-16:30`. Specified in Coordinated Universal Time (UTC).\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur on your new database. Must be in the ddd:hh24:mi-ddd:hh24:mi format. Specified in Coordinated Universal Time (UTC). Example: `Tue:17:00-Tue:17:30`\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database.\n" }, "ramSize": { "type": "number", "description": "The amount of RAM in GB for the database.\n" }, "relationalDatabaseName": { "type": "string", "description": "The name to use for your new Lightsail database resource. Names be unique within each AWS Region in your Lightsail account.\n" }, "secondaryAvailabilityZone": { "type": "string", "description": "Describes the secondary Availability Zone of a high availability database. The secondary database is used for failover support of a high availability database.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final database snapshot is created before your database is deleted. If true is specified, no database snapshot is created. If false is specified, a database snapshot is created before your database is deleted. You must specify the final relational database snapshot name parameter if the skip final snapshot parameter is false.\n" }, "supportCode": { "type": "string", "description": "The support code for the database. Include this code in your email to support when you have questions about a database in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applyImmediately", "arn", "availabilityZone", "blueprintId", "bundleId", "caCertificateIdentifier", "cpuCount", "createdAt", "diskSize", "engine", "engineVersion", "masterDatabaseName", "masterEndpointAddress", "masterEndpointPort", "masterPassword", "masterUsername", "preferredBackupWindow", "preferredMaintenanceWindow", "ramSize", "relationalDatabaseName", "secondaryAvailabilityZone", "supportCode", "tagsAll" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "When true , applies changes immediately. When false , applies changes during the preferred maintenance window. Some changes may cause an outage.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format.\n", "willReplaceOnChanges": true }, "backupRetentionEnabled": { "type": "boolean", "description": "When true, enables automated backup retention for your database. When false, disables automated backup retention for your database. Disabling backup retention deletes all automated database backups. Before disabling this, you may want to create a snapshot of your database.\n" }, "blueprintId": { "type": "string", "description": "The blueprint ID for your new database. A blueprint describes the major engine version of a database. You can get a list of database blueprints IDs by using the AWS CLI command: `aws lightsail get-relational-database-blueprints`\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The bundle ID for your new database. A bundle describes the performance specifications for your database (see list below). You can get a list of database bundle IDs by using the AWS CLI command: `aws lightsail get-relational-database-bundles`.\n", "willReplaceOnChanges": true }, "finalSnapshotName": { "type": "string", "description": "The name of the database snapshot created if skip final snapshot is false, which is the default value for that parameter.\n" }, "masterDatabaseName": { "type": "string", "description": "The name of the master database created when the Lightsail database resource is created.\n", "willReplaceOnChanges": true }, "masterPassword": { "type": "string", "description": "The password for the master user of your new database. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n", "secret": true }, "masterUsername": { "type": "string", "description": "The master user name for your new database.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created for your new database if automated backups are enabled. Must be in the hh24:mi-hh24:mi format. Example: `16:00-16:30`. Specified in Coordinated Universal Time (UTC).\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur on your new database. Must be in the ddd:hh24:mi-ddd:hh24:mi format. Specified in Coordinated Universal Time (UTC). Example: `Tue:17:00-Tue:17:30`\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database.\n" }, "relationalDatabaseName": { "type": "string", "description": "The name to use for your new Lightsail database resource. Names be unique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final database snapshot is created before your database is deleted. If true is specified, no database snapshot is created. If false is specified, a database snapshot is created before your database is deleted. You must specify the final relational database snapshot name parameter if the skip final snapshot parameter is false.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value.\n" } }, "requiredInputs": [ "blueprintId", "bundleId", "masterDatabaseName", "masterPassword", "masterUsername", "relationalDatabaseName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Database resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "When true , applies changes immediately. When false , applies changes during the preferred maintenance window. Some changes may cause an outage.\n" }, "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format.\n", "willReplaceOnChanges": true }, "backupRetentionEnabled": { "type": "boolean", "description": "When true, enables automated backup retention for your database. When false, disables automated backup retention for your database. Disabling backup retention deletes all automated database backups. Before disabling this, you may want to create a snapshot of your database.\n" }, "blueprintId": { "type": "string", "description": "The blueprint ID for your new database. A blueprint describes the major engine version of a database. You can get a list of database blueprints IDs by using the AWS CLI command: `aws lightsail get-relational-database-blueprints`\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The bundle ID for your new database. A bundle describes the performance specifications for your database (see list below). You can get a list of database bundle IDs by using the AWS CLI command: `aws lightsail get-relational-database-bundles`.\n", "willReplaceOnChanges": true }, "caCertificateIdentifier": { "type": "string", "description": "The certificate associated with the database.\n" }, "cpuCount": { "type": "integer", "description": "The number of vCPUs for the database.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "diskSize": { "type": "number", "description": "The size of the disk for the database.\n" }, "engine": { "type": "string", "description": "The database software (for example, MySQL).\n" }, "engineVersion": { "type": "string", "description": "The database engine version (for example, 5.7.23).\n" }, "finalSnapshotName": { "type": "string", "description": "The name of the database snapshot created if skip final snapshot is false, which is the default value for that parameter.\n" }, "masterDatabaseName": { "type": "string", "description": "The name of the master database created when the Lightsail database resource is created.\n", "willReplaceOnChanges": true }, "masterEndpointAddress": { "type": "string", "description": "The master endpoint fqdn for the database.\n" }, "masterEndpointPort": { "type": "integer", "description": "The master endpoint network port for the database.\n" }, "masterPassword": { "type": "string", "description": "The password for the master user of your new database. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n", "secret": true }, "masterUsername": { "type": "string", "description": "The master user name for your new database.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created for your new database if automated backups are enabled. Must be in the hh24:mi-hh24:mi format. Example: `16:00-16:30`. Specified in Coordinated Universal Time (UTC).\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur on your new database. Must be in the ddd:hh24:mi-ddd:hh24:mi format. Specified in Coordinated Universal Time (UTC). Example: `Tue:17:00-Tue:17:30`\n" }, "publiclyAccessible": { "type": "boolean", "description": "Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database.\n" }, "ramSize": { "type": "number", "description": "The amount of RAM in GB for the database.\n" }, "relationalDatabaseName": { "type": "string", "description": "The name to use for your new Lightsail database resource. Names be unique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "secondaryAvailabilityZone": { "type": "string", "description": "Describes the secondary Availability Zone of a high availability database. The secondary database is used for failover support of a high availability database.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final database snapshot is created before your database is deleted. If true is specified, no database snapshot is created. If false is specified, a database snapshot is created before your database is deleted. You must specify the final relational database snapshot name parameter if the skip final snapshot parameter is false.\n" }, "supportCode": { "type": "string", "description": "The support code for the database. Include this code in your email to support when you have questions about a database in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/disk:Disk": { "description": "Provides a Lightsail Disk resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Disk(\"test\", {\n name: \"test\",\n sizeInGb: 8,\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\ntest = aws.lightsail.Disk(\"test\",\n name=\"test\",\n size_in_gb=8,\n availability_zone=available.names[0])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Disk(\"test\", new()\n {\n Name = \"test\",\n SizeInGb = 8,\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDisk(ctx, \"test\", \u0026lightsail.DiskArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tSizeInGb: pulumi.Int(8),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Disk;\nimport com.pulumi.aws.lightsail.DiskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Disk(\"test\", DiskArgs.builder()\n .name(\"test\")\n .sizeInGb(8)\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Disk\n properties:\n name: test\n sizeInGb: 8\n availabilityZone: ${available.names[0]}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_disk` using the name attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/disk:Disk test test\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail load balancer.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your disk.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the load balancer was created.\n" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n" }, "sizeInGb": { "type": "integer", "description": "The instance port the load balancer will connect.\n" }, "supportCode": { "type": "string", "description": "The support code for the disk. Include this code in your email to support when you have questions about a disk in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "availabilityZone", "createdAt", "name", "sizeInGb", "supportCode", "tagsAll" ], "inputProperties": { "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your disk.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "sizeInGb": { "type": "integer", "description": "The instance port the load balancer will connect.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "availabilityZone", "sizeInGb" ], "stateInputs": { "description": "Input properties used for looking up and filtering Disk resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail load balancer.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your disk.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "The timestamp when the load balancer was created.\n" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "sizeInGb": { "type": "integer", "description": "The instance port the load balancer will connect.\n", "willReplaceOnChanges": true }, "supportCode": { "type": "string", "description": "The support code for the disk. Include this code in your email to support when you have questions about a disk in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/disk_attachment:Disk_attachment": { "description": "Attaches a Lightsail disk to a Lightsail Instance\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Disk(\"test\", {\n name: \"test-disk\",\n sizeInGb: 8,\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n});\nconst testDisk_attachment = new aws.lightsail.Disk_attachment(\"test\", {\n diskName: test.name,\n instanceName: testInstance.name,\n diskPath: \"/dev/xvdf\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\ntest = aws.lightsail.Disk(\"test\",\n name=\"test-disk\",\n size_in_gb=8,\n availability_zone=available.names[0])\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\")\ntest_disk_attachment = aws.lightsail.Disk_attachment(\"test\",\n disk_name=test.name,\n instance_name=test_instance.name,\n disk_path=\"/dev/xvdf\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Disk(\"test\", new()\n {\n Name = \"test-disk\",\n SizeInGb = 8,\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n });\n\n var testDisk_attachment = new Aws.LightSail.Disk_attachment(\"test\", new()\n {\n DiskName = test.Name,\n InstanceName = testInstance.Name,\n DiskPath = \"/dev/xvdf\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewDisk(ctx, \"test\", \u0026lightsail.DiskArgs{\n\t\t\tName: pulumi.String(\"test-disk\"),\n\t\t\tSizeInGb: pulumi.Int(8),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDisk_attachment(ctx, \"test\", \u0026lightsail.Disk_attachmentArgs{\n\t\t\tDiskName: test.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t\tDiskPath: pulumi.String(\"/dev/xvdf\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Disk;\nimport com.pulumi.aws.lightsail.DiskArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.Disk_attachment;\nimport com.pulumi.aws.lightsail.Disk_attachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Disk(\"test\", DiskArgs.builder()\n .name(\"test-disk\")\n .sizeInGb(8)\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder()\n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .build());\n\n var testDisk_attachment = new Disk_attachment(\"testDisk_attachment\", Disk_attachmentArgs.builder()\n .diskName(test.name())\n .instanceName(testInstance.name())\n .diskPath(\"/dev/xvdf\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Disk\n properties:\n name: test-disk\n sizeInGb: 8\n availabilityZone: ${available.names[0]}\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n testDisk_attachment:\n type: aws:lightsail:Disk_attachment\n name: test\n properties:\n diskName: ${test.name}\n instanceName: ${testInstance.name}\n diskPath: /dev/xvdf\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_disk` using the id attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/disk_attachment:Disk_attachment test test-disk,test-instance\n```\n", "properties": { "diskName": { "type": "string", "description": "The name of the Lightsail Disk.\n" }, "diskPath": { "type": "string", "description": "The disk path to expose to the instance.\n" }, "instanceName": { "type": "string", "description": "The name of the Lightsail Instance to attach to.\n" } }, "required": [ "diskName", "diskPath", "instanceName" ], "inputProperties": { "diskName": { "type": "string", "description": "The name of the Lightsail Disk.\n", "willReplaceOnChanges": true }, "diskPath": { "type": "string", "description": "The disk path to expose to the instance.\n", "willReplaceOnChanges": true }, "instanceName": { "type": "string", "description": "The name of the Lightsail Instance to attach to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "diskName", "diskPath", "instanceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Disk_attachment resources.\n", "properties": { "diskName": { "type": "string", "description": "The name of the Lightsail Disk.\n", "willReplaceOnChanges": true }, "diskPath": { "type": "string", "description": "The disk path to expose to the instance.\n", "willReplaceOnChanges": true }, "instanceName": { "type": "string", "description": "The name of the Lightsail Instance to attach to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/distribution:Distribution": { "description": "Resource for managing an AWS Lightsail Distribution.\n\n## Example Usage\n\n### Basic Usage\n\nBelow is a basic example with a bucket as an origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Bucket(\"test\", {\n name: \"test-bucket\",\n bundleId: \"small_1_0\",\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: test.region,\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n cacheBehaviorSettings: {\n allowedHttpMethods: \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n cachedHttpMethods: \"GET,HEAD\",\n defaultTtl: 86400,\n maximumTtl: 31536000,\n minimumTtl: 0,\n forwardedCookies: {\n option: \"none\",\n },\n forwardedHeaders: {\n option: \"default\",\n },\n forwardedQueryStrings: {\n option: false,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Bucket(\"test\",\n name=\"test-bucket\",\n bundle_id=\"small_1_0\")\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin={\n \"name\": test.name,\n \"region_name\": test.region,\n },\n default_cache_behavior={\n \"behavior\": \"cache\",\n },\n cache_behavior_settings={\n \"allowed_http_methods\": \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n \"cached_http_methods\": \"GET,HEAD\",\n \"default_ttl\": 86400,\n \"maximum_ttl\": 31536000,\n \"minimum_ttl\": 0,\n \"forwarded_cookies\": {\n \"option\": \"none\",\n },\n \"forwarded_headers\": {\n \"option\": \"default\",\n },\n \"forwarded_query_strings\": {\n \"option\": False,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Bucket(\"test\", new()\n {\n Name = \"test-bucket\",\n BundleId = \"small_1_0\",\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = test.Region,\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n CacheBehaviorSettings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsArgs\n {\n AllowedHttpMethods = \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n CachedHttpMethods = \"GET,HEAD\",\n DefaultTtl = 86400,\n MaximumTtl = 31536000,\n MinimumTtl = 0,\n ForwardedCookies = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs\n {\n Option = \"none\",\n },\n ForwardedHeaders = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs\n {\n Option = \"default\",\n },\n ForwardedQueryStrings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs\n {\n Option = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewBucket(ctx, \"test\", \u0026lightsail.BucketArgs{\n\t\t\tName: pulumi.String(\"test-bucket\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: test.Region,\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t\tCacheBehaviorSettings: \u0026lightsail.DistributionCacheBehaviorSettingsArgs{\n\t\t\t\tAllowedHttpMethods: pulumi.String(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\"),\n\t\t\t\tCachedHttpMethods: pulumi.String(\"GET,HEAD\"),\n\t\t\t\tDefaultTtl: pulumi.Int(86400),\n\t\t\t\tMaximumTtl: pulumi.Int(31536000),\n\t\t\t\tMinimumTtl: pulumi.Int(0),\n\t\t\t\tForwardedCookies: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedCookiesArgs{\n\t\t\t\t\tOption: pulumi.String(\"none\"),\n\t\t\t\t},\n\t\t\t\tForwardedHeaders: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedHeadersArgs{\n\t\t\t\t\tOption: pulumi.String(\"default\"),\n\t\t\t\t},\n\t\t\t\tForwardedQueryStrings: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs{\n\t\t\t\t\tOption: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Bucket;\nimport com.pulumi.aws.lightsail.BucketArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Bucket(\"test\", BucketArgs.builder()\n .name(\"test-bucket\")\n .bundleId(\"small_1_0\")\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder()\n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(test.region())\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .cacheBehaviorSettings(DistributionCacheBehaviorSettingsArgs.builder()\n .allowedHttpMethods(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\")\n .cachedHttpMethods(\"GET,HEAD\")\n .defaultTtl(86400)\n .maximumTtl(31536000)\n .minimumTtl(0)\n .forwardedCookies(DistributionCacheBehaviorSettingsForwardedCookiesArgs.builder()\n .option(\"none\")\n .build())\n .forwardedHeaders(DistributionCacheBehaviorSettingsForwardedHeadersArgs.builder()\n .option(\"default\")\n .build())\n .forwardedQueryStrings(DistributionCacheBehaviorSettingsForwardedQueryStringsArgs.builder()\n .option(false)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Bucket\n properties:\n name: test-bucket\n bundleId: small_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${test.region}\n defaultCacheBehavior:\n behavior: cache\n cacheBehaviorSettings:\n allowedHttpMethods: GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\n cachedHttpMethods: GET,HEAD\n defaultTtl: 86400\n maximumTtl: 3.1536e+07\n minimumTtl: 0\n forwardedCookies:\n option: none\n forwardedHeaders:\n option: default\n forwardedQueryStrings:\n option: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### instance origin example\n\nBelow is an example of an instance as the origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst testStaticIp = new aws.lightsail.StaticIp(\"test\", {name: \"test-static-ip\"});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"micro_1_0\",\n});\nconst test = new aws.lightsail.StaticIpAttachment(\"test\", {\n staticIpName: testStaticIp.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: testInstance.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\ntest_static_ip = aws.lightsail.StaticIp(\"test\", name=\"test-static-ip\")\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"micro_1_0\")\ntest = aws.lightsail.StaticIpAttachment(\"test\",\n static_ip_name=test_static_ip.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin={\n \"name\": test_instance.name,\n \"region_name\": available.id,\n },\n default_cache_behavior={\n \"behavior\": \"cache\",\n },\n opts = pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var testStaticIp = new Aws.LightSail.StaticIp(\"test\", new()\n {\n Name = \"test-static-ip\",\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"micro_1_0\",\n });\n\n var test = new Aws.LightSail.StaticIpAttachment(\"test\", new()\n {\n StaticIpName = testStaticIp.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = testInstance.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStaticIp, err := lightsail.NewStaticIp(ctx, \"test\", \u0026lightsail.StaticIpArgs{\n\t\t\tName: pulumi.String(\"test-static-ip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewStaticIpAttachment(ctx, \"test\", \u0026lightsail.StaticIpAttachmentArgs{\n\t\t\tStaticIpName: testStaticIp.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: testInstance.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.StaticIp;\nimport com.pulumi.aws.lightsail.StaticIpArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.StaticIpAttachment;\nimport com.pulumi.aws.lightsail.StaticIpAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var testStaticIp = new StaticIp(\"testStaticIp\", StaticIpArgs.builder()\n .name(\"test-static-ip\")\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder()\n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"micro_1_0\")\n .build());\n\n var test = new StaticIpAttachment(\"test\", StaticIpAttachmentArgs.builder()\n .staticIpName(testStaticIp.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder()\n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(testInstance.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:StaticIpAttachment\n properties:\n staticIpName: ${testStaticIp.name}\n instanceName: ${testInstance.name}\n testStaticIp:\n type: aws:lightsail:StaticIp\n name: test\n properties:\n name: test-static-ip\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: micro_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${testInstance.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\n options:\n dependson:\n - ${test}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### lb origin example\n\nBelow is an example with a load balancer as an origin\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n});\nconst testLbAttachment = new aws.lightsail.LbAttachment(\"test\", {\n lbName: test.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n}, {\n dependsOn: [testLbAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\")\ntest_lb_attachment = aws.lightsail.LbAttachment(\"test\",\n lb_name=test.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin={\n \"name\": test.name,\n \"region_name\": available.id,\n },\n default_cache_behavior={\n \"behavior\": \"cache\",\n },\n opts = pulumi.ResourceOptions(depends_on=[test_lb_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n });\n\n var testLbAttachment = new Aws.LightSail.LbAttachment(\"test\", new()\n {\n LbName = test.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testLbAttachment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLbAttachment, err := lightsail.NewLbAttachment(ctx, \"test\", \u0026lightsail.LbAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestLbAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.LbAttachment;\nimport com.pulumi.aws.lightsail.LbAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder()\n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .build());\n\n var testLbAttachment = new LbAttachment(\"testLbAttachment\", LbAttachmentArgs.builder()\n .lbName(test.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder()\n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testLbAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n testLbAttachment:\n type: aws:lightsail:LbAttachment\n name: test\n properties:\n lbName: ${test.name}\n instanceName: ${testInstance.name}\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\n options:\n dependson:\n - ${testLbAttachment}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Distribution using the `id`. For example:\n\n```sh\n$ pulumi import aws:lightsail/distribution:Distribution example rft-8012925589\n```\n", "properties": { "alternativeDomainNames": { "type": "array", "items": { "type": "string" }, "description": "The alternate domain names of the distribution.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the distribution.\n" }, "bundleId": { "type": "string", "description": "Bundle ID to use for the distribution.\n" }, "cacheBehaviorSettings": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettings:DistributionCacheBehaviorSettings", "description": "An object that describes the cache behavior settings of the distribution. Detailed below\n\nThe following arguments are optional:\n" }, "cacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/DistributionCacheBehavior:DistributionCacheBehavior" }, "description": "A set of configuration blocks that describe the per-path cache behavior of the distribution. Detailed below\n" }, "certificateName": { "type": "string", "description": "The name of the SSL/TLS certificate attached to the distribution, if any.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the distribution was created.\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:lightsail/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "Object that describes the default cache behavior of the distribution. Detailed below\n" }, "domainName": { "type": "string", "description": "The domain name of the distribution.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type of the distribution. Default: `dualstack`.\n" }, "isEnabled": { "type": "boolean", "description": "Indicates whether the distribution is enabled. Default: `true`.\n" }, "locations": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/DistributionLocation:DistributionLocation" }, "description": "An object that describes the location of the distribution, such as the AWS Region and Availability Zone. Detailed below\n" }, "name": { "type": "string", "description": "Name of the distribution.\n" }, "origin": { "$ref": "#/types/aws:lightsail/DistributionOrigin:DistributionOrigin", "description": "Object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer. Detailed below\n" }, "originPublicDns": { "type": "string", "description": "The public DNS of the origin.\n" }, "resourceType": { "type": "string", "description": "The Lightsail resource type (e.g., Distribution).\n" }, "status": { "type": "string", "description": "The status of the distribution.\n" }, "supportCode": { "type": "string", "description": "The support code. Include this code in your email to support when you have questions about your Lightsail distribution. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the Lightsail Distribution. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "alternativeDomainNames", "arn", "bundleId", "createdAt", "defaultCacheBehavior", "domainName", "locations", "name", "origin", "originPublicDns", "resourceType", "status", "supportCode", "tagsAll" ], "inputProperties": { "bundleId": { "type": "string", "description": "Bundle ID to use for the distribution.\n" }, "cacheBehaviorSettings": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettings:DistributionCacheBehaviorSettings", "description": "An object that describes the cache behavior settings of the distribution. Detailed below\n\nThe following arguments are optional:\n" }, "cacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/DistributionCacheBehavior:DistributionCacheBehavior" }, "description": "A set of configuration blocks that describe the per-path cache behavior of the distribution. Detailed below\n" }, "certificateName": { "type": "string", "description": "The name of the SSL/TLS certificate attached to the distribution, if any.\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:lightsail/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "Object that describes the default cache behavior of the distribution. Detailed below\n" }, "ipAddressType": { "type": "string", "description": "The IP address type of the distribution. Default: `dualstack`.\n" }, "isEnabled": { "type": "boolean", "description": "Indicates whether the distribution is enabled. Default: `true`.\n" }, "name": { "type": "string", "description": "Name of the distribution.\n" }, "origin": { "$ref": "#/types/aws:lightsail/DistributionOrigin:DistributionOrigin", "description": "Object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer. Detailed below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the Lightsail Distribution. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "bundleId", "defaultCacheBehavior", "origin" ], "stateInputs": { "description": "Input properties used for looking up and filtering Distribution resources.\n", "properties": { "alternativeDomainNames": { "type": "array", "items": { "type": "string" }, "description": "The alternate domain names of the distribution.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the distribution.\n" }, "bundleId": { "type": "string", "description": "Bundle ID to use for the distribution.\n" }, "cacheBehaviorSettings": { "$ref": "#/types/aws:lightsail/DistributionCacheBehaviorSettings:DistributionCacheBehaviorSettings", "description": "An object that describes the cache behavior settings of the distribution. Detailed below\n\nThe following arguments are optional:\n" }, "cacheBehaviors": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/DistributionCacheBehavior:DistributionCacheBehavior" }, "description": "A set of configuration blocks that describe the per-path cache behavior of the distribution. Detailed below\n" }, "certificateName": { "type": "string", "description": "The name of the SSL/TLS certificate attached to the distribution, if any.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the distribution was created.\n" }, "defaultCacheBehavior": { "$ref": "#/types/aws:lightsail/DistributionDefaultCacheBehavior:DistributionDefaultCacheBehavior", "description": "Object that describes the default cache behavior of the distribution. Detailed below\n" }, "domainName": { "type": "string", "description": "The domain name of the distribution.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type of the distribution. Default: `dualstack`.\n" }, "isEnabled": { "type": "boolean", "description": "Indicates whether the distribution is enabled. Default: `true`.\n" }, "locations": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/DistributionLocation:DistributionLocation" }, "description": "An object that describes the location of the distribution, such as the AWS Region and Availability Zone. Detailed below\n" }, "name": { "type": "string", "description": "Name of the distribution.\n" }, "origin": { "$ref": "#/types/aws:lightsail/DistributionOrigin:DistributionOrigin", "description": "Object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer. Detailed below\n" }, "originPublicDns": { "type": "string", "description": "The public DNS of the origin.\n" }, "resourceType": { "type": "string", "description": "The Lightsail resource type (e.g., Distribution).\n" }, "status": { "type": "string", "description": "The status of the distribution.\n" }, "supportCode": { "type": "string", "description": "The support code. Include this code in your email to support when you have questions about your Lightsail distribution. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the Lightsail Distribution. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/domain:Domain": { "description": "Creates a domain resource for the specified domain (e.g., example.com).\nYou cannot register a new domain name using Lightsail. You must register\na domain name using Amazon Route 53 or another domain name registrar.\nIf you have already registered your domain, you can enter its name in\nthis parameter to manage the DNS records for that domain.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst domainTest = new aws.lightsail.Domain(\"domain_test\", {domainName: \"mydomain.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndomain_test = aws.lightsail.Domain(\"domain_test\", domain_name=\"mydomain.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var domainTest = new Aws.LightSail.Domain(\"domain_test\", new()\n {\n DomainName = \"mydomain.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDomain(ctx, \"domain_test\", \u0026lightsail.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"mydomain.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Domain;\nimport com.pulumi.aws.lightsail.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var domainTest = new Domain(\"domainTest\", DomainArgs.builder()\n .domainName(\"mydomain.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n domainTest:\n type: aws:lightsail:Domain\n name: domain_test\n properties:\n domainName: mydomain.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail domain\n" }, "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n" } }, "required": [ "arn", "domainName" ], "inputProperties": { "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail domain\n" }, "domainName": { "type": "string", "description": "The name of the Lightsail domain to manage\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/domainEntry:DomainEntry": { "description": "Creates a domain entry resource\n\n\u003e **NOTE on `id`:** In an effort to simplify imports, this resource `id` field has been updated to the standard resource id separator, a comma (`,`). For backward compatibility, the previous separator (underscore `_`) can still be used to read and import existing resources. When state is refreshed, the `id` will be updated to use the new standard separator. The previous separator will be deprecated in a future major release.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Domain(\"test\", {domainName: \"mydomain.com\"});\nconst testDomainEntry = new aws.lightsail.DomainEntry(\"test\", {\n domainName: domainTest.domainName,\n name: \"www\",\n type: \"A\",\n target: \"127.0.0.1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Domain(\"test\", domain_name=\"mydomain.com\")\ntest_domain_entry = aws.lightsail.DomainEntry(\"test\",\n domain_name=domain_test[\"domainName\"],\n name=\"www\",\n type=\"A\",\n target=\"127.0.0.1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Domain(\"test\", new()\n {\n DomainName = \"mydomain.com\",\n });\n\n var testDomainEntry = new Aws.LightSail.DomainEntry(\"test\", new()\n {\n DomainName = domainTest.DomainName,\n Name = \"www\",\n Type = \"A\",\n Target = \"127.0.0.1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewDomain(ctx, \"test\", \u0026lightsail.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"mydomain.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDomainEntry(ctx, \"test\", \u0026lightsail.DomainEntryArgs{\n\t\t\tDomainName: pulumi.Any(domainTest.DomainName),\n\t\t\tName: pulumi.String(\"www\"),\n\t\t\tType: pulumi.String(\"A\"),\n\t\t\tTarget: pulumi.String(\"127.0.0.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Domain;\nimport com.pulumi.aws.lightsail.DomainArgs;\nimport com.pulumi.aws.lightsail.DomainEntry;\nimport com.pulumi.aws.lightsail.DomainEntryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Domain(\"test\", DomainArgs.builder()\n .domainName(\"mydomain.com\")\n .build());\n\n var testDomainEntry = new DomainEntry(\"testDomainEntry\", DomainEntryArgs.builder()\n .domainName(domainTest.domainName())\n .name(\"www\")\n .type(\"A\")\n .target(\"127.0.0.1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Domain\n properties:\n domainName: mydomain.com\n testDomainEntry:\n type: aws:lightsail:DomainEntry\n name: test\n properties:\n domainName: ${domainTest.domainName}\n name: www\n type: A\n target: 127.0.0.1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_domain_entry` using the id attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/domainEntry:DomainEntry example www,mydomain.com,A,127.0.0.1\n```\n", "properties": { "domainName": { "type": "string", "description": "The name of the Lightsail domain in which to create the entry\n" }, "isAlias": { "type": "boolean", "description": "If the entry should be an alias Defaults to `false`\n" }, "name": { "type": "string", "description": "Name of the entry record\n" }, "target": { "type": "string", "description": "Target of the domain entry\n" }, "type": { "type": "string", "description": "Type of record\n" } }, "required": [ "domainName", "name", "target", "type" ], "inputProperties": { "domainName": { "type": "string", "description": "The name of the Lightsail domain in which to create the entry\n", "willReplaceOnChanges": true }, "isAlias": { "type": "boolean", "description": "If the entry should be an alias Defaults to `false`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the entry record\n", "willReplaceOnChanges": true }, "target": { "type": "string", "description": "Target of the domain entry\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of record\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domainName", "target", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainEntry resources.\n", "properties": { "domainName": { "type": "string", "description": "The name of the Lightsail domain in which to create the entry\n", "willReplaceOnChanges": true }, "isAlias": { "type": "boolean", "description": "If the entry should be an alias Defaults to `false`\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the entry record\n", "willReplaceOnChanges": true }, "target": { "type": "string", "description": "Target of the domain entry\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of record\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/instance:Instance": { "description": "Provides a Lightsail Instance. Amazon Lightsail is a service to provide easy virtual private servers\nwith custom software already setup. See [What is Amazon Lightsail?](https://lightsail.aws.amazon.com/ls/docs/getting-started/article/what-is-amazon-lightsail)\nfor more information.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new GitLab Lightsail Instance\nconst gitlabTest = new aws.lightsail.Instance(\"gitlab_test\", {\n name: \"custom_gitlab\",\n availabilityZone: \"us-east-1b\",\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n keyPairName: \"some_key_name\",\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new GitLab Lightsail Instance\ngitlab_test = aws.lightsail.Instance(\"gitlab_test\",\n name=\"custom_gitlab\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\",\n key_pair_name=\"some_key_name\",\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new GitLab Lightsail Instance\n var gitlabTest = new Aws.LightSail.Instance(\"gitlab_test\", new()\n {\n Name = \"custom_gitlab\",\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n KeyPairName = \"some_key_name\",\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new GitLab Lightsail Instance\n\t\t_, err := lightsail.NewInstance(ctx, \"gitlab_test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"custom_gitlab\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t\tKeyPairName: pulumi.String(\"some_key_name\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new GitLab Lightsail Instance\n var gitlabTest = new Instance(\"gitlabTest\", InstanceArgs.builder()\n .name(\"custom_gitlab\")\n .availabilityZone(\"us-east-1b\")\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .keyPairName(\"some_key_name\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new GitLab Lightsail Instance\n gitlabTest:\n type: aws:lightsail:Instance\n name: gitlab_test\n properties:\n name: custom_gitlab\n availabilityZone: us-east-1b\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n keyPairName: some_key_name\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example With User Data\n\nLightsail user data is handled differently than ec2 user data. Lightsail user data only accepts a single lined string. The below example shows installing apache and creating the index page.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst custom = new aws.lightsail.Instance(\"custom\", {\n name: \"custom\",\n availabilityZone: \"us-east-1b\",\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n userData: \"sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncustom = aws.lightsail.Instance(\"custom\",\n name=\"custom\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\",\n user_data=\"sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var custom = new Aws.LightSail.Instance(\"custom\", new()\n {\n Name = \"custom\",\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n UserData = \"sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewInstance(ctx, \"custom\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"custom\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t\tUserData: pulumi.String(\"sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var custom = new Instance(\"custom\", InstanceArgs.builder()\n .name(\"custom\")\n .availabilityZone(\"us-east-1b\")\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .userData(\"sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n custom:\n type: aws:lightsail:Instance\n properties:\n name: custom\n availabilityZone: us-east-1b\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n userData: sudo yum install -y httpd \u0026\u0026 sudo systemctl start httpd \u0026\u0026 sudo systemctl enable httpd \u0026\u0026 echo '\u003ch1\u003eDeployed via Pulumi\u003c/h1\u003e' | sudo tee /var/www/html/index.html\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable Auto Snapshots\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Instance(\"test\", {\n name: \"custom_instance\",\n availabilityZone: \"us-east-1b\",\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n addOn: {\n type: \"AutoSnapshot\",\n snapshotTime: \"06:00\",\n status: \"Enabled\",\n },\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Instance(\"test\",\n name=\"custom_instance\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\",\n add_on={\n \"type\": \"AutoSnapshot\",\n \"snapshot_time\": \"06:00\",\n \"status\": \"Enabled\",\n },\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"custom_instance\",\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n AddOn = new Aws.LightSail.Inputs.InstanceAddOnArgs\n {\n Type = \"AutoSnapshot\",\n SnapshotTime = \"06:00\",\n Status = \"Enabled\",\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"custom_instance\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t\tAddOn: \u0026lightsail.InstanceAddOnArgs{\n\t\t\t\tType: pulumi.String(\"AutoSnapshot\"),\n\t\t\t\tSnapshotTime: pulumi.String(\"06:00\"),\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.inputs.InstanceAddOnArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Instance(\"test\", InstanceArgs.builder()\n .name(\"custom_instance\")\n .availabilityZone(\"us-east-1b\")\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .addOn(InstanceAddOnArgs.builder()\n .type(\"AutoSnapshot\")\n .snapshotTime(\"06:00\")\n .status(\"Enabled\")\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Instance\n properties:\n name: custom_instance\n availabilityZone: us-east-1b\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n addOn:\n type: AutoSnapshot\n snapshotTime: 06:00\n status: Enabled\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Instances using their name. For example:\n\n```sh\n$ pulumi import aws:lightsail/instance:Instance gitlab_test 'custom_gitlab'\n```\n", "properties": { "addOn": { "$ref": "#/types/aws:lightsail/InstanceAddOn:InstanceAddOn", "description": "The add on configuration for the instance. Detailed below.\n" }, "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your instance. A\nlist of available zones can be obtained using the AWS CLI command:\n[`aws lightsail get-regions --include-availability-zones`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-regions.html).\n" }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image. A list of available\nblueprint IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-blueprints`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-blueprints.html).\n" }, "bundleId": { "type": "string", "description": "The bundle of specification information. A list of available\nbundle IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-bundles`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-bundles.html).\n" }, "cpuCount": { "type": "integer", "description": "The number of vCPUs the instance has.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type of the Lightsail Instance. Valid Values: `dualstack` | `ipv4`.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses for the Lightsail instance.\n" }, "isStaticIp": { "type": "boolean", "description": "A Boolean value indicating whether this instance has a static IP assigned to it.\n" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n" }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names must be unique within each AWS Region in your Lightsail account.\n" }, "privateIpAddress": { "type": "string", "description": "The private IP address of the instance.\n" }, "publicIpAddress": { "type": "string", "description": "The public IP address of the instance.\n" }, "ramSize": { "type": "number", "description": "The amount of RAM in GB on the instance (e.g., 1.0).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userData": { "type": "string", "description": "Single lined launch script as a string to configure server with additional user data\n" }, "username": { "type": "string", "description": "The user name for connecting to the instance (e.g., ec2-user).\n" } }, "required": [ "arn", "availabilityZone", "blueprintId", "bundleId", "cpuCount", "createdAt", "ipv6Addresses", "isStaticIp", "name", "privateIpAddress", "publicIpAddress", "ramSize", "tagsAll", "username" ], "inputProperties": { "addOn": { "$ref": "#/types/aws:lightsail/InstanceAddOn:InstanceAddOn", "description": "The add on configuration for the instance. Detailed below.\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your instance. A\nlist of available zones can be obtained using the AWS CLI command:\n[`aws lightsail get-regions --include-availability-zones`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-regions.html).\n", "willReplaceOnChanges": true }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image. A list of available\nblueprint IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-blueprints`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-blueprints.html).\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The bundle of specification information. A list of available\nbundle IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-bundles`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-bundles.html).\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string", "description": "The IP address type of the Lightsail Instance. Valid Values: `dualstack` | `ipv4`.\n" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names must be unique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userData": { "type": "string", "description": "Single lined launch script as a string to configure server with additional user data\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "availabilityZone", "blueprintId", "bundleId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "addOn": { "$ref": "#/types/aws:lightsail/InstanceAddOn:InstanceAddOn", "description": "The add on configuration for the instance. Detailed below.\n" }, "arn": { "type": "string", "description": "The ARN of the Lightsail instance (matches `id`).\n" }, "availabilityZone": { "type": "string", "description": "The Availability Zone in which to create your instance. A\nlist of available zones can be obtained using the AWS CLI command:\n[`aws lightsail get-regions --include-availability-zones`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-regions.html).\n", "willReplaceOnChanges": true }, "blueprintId": { "type": "string", "description": "The ID for a virtual private server image. A list of available\nblueprint IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-blueprints`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-blueprints.html).\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The bundle of specification information. A list of available\nbundle IDs can be obtained using the AWS CLI command:\n[`aws lightsail get-bundles`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lightsail/get-bundles.html).\n", "willReplaceOnChanges": true }, "cpuCount": { "type": "integer", "description": "The number of vCPUs the instance has.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type of the Lightsail Instance. Valid Values: `dualstack` | `ipv4`.\n" }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses for the Lightsail instance.\n" }, "isStaticIp": { "type": "boolean", "description": "A Boolean value indicating whether this instance has a static IP assigned to it.\n" }, "keyPairName": { "type": "string", "description": "The name of your key pair. Created in the\nLightsail console (cannot use `aws.ec2.KeyPair` at this time)\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Lightsail Instance. Names must be unique within each AWS Region in your Lightsail account.\n", "willReplaceOnChanges": true }, "privateIpAddress": { "type": "string", "description": "The private IP address of the instance.\n" }, "publicIpAddress": { "type": "string", "description": "The public IP address of the instance.\n" }, "ramSize": { "type": "number", "description": "The amount of RAM in GB on the instance (e.g., 1.0).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userData": { "type": "string", "description": "Single lined launch script as a string to configure server with additional user data\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "The user name for connecting to the instance (e.g., ec2-user).\n" } }, "type": "object" } }, "aws:lightsail/instancePublicPorts:InstancePublicPorts": { "description": "Opens ports for a specific Amazon Lightsail instance, and specifies the IP addresses allowed to connect to the instance through the ports, and the protocol.\n\n\u003e See [What is Amazon Lightsail?](https://lightsail.aws.amazon.com/ls/docs/getting-started/article/what-is-amazon-lightsail) for more information.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Instance(\"test\", {\n name: \"yak_sail\",\n availabilityZone: available.names[0],\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n});\nconst testInstancePublicPorts = new aws.lightsail.InstancePublicPorts(\"test\", {\n instanceName: test.name,\n portInfos: [{\n protocol: \"tcp\",\n fromPort: 80,\n toPort: 80,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Instance(\"test\",\n name=\"yak_sail\",\n availability_zone=available[\"names\"],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\")\ntest_instance_public_ports = aws.lightsail.InstancePublicPorts(\"test\",\n instance_name=test.name,\n port_infos=[{\n \"protocol\": \"tcp\",\n \"from_port\": 80,\n \"to_port\": 80,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"yak_sail\",\n AvailabilityZone = available.Names[0],\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n });\n\n var testInstancePublicPorts = new Aws.LightSail.InstancePublicPorts(\"test\", new()\n {\n InstanceName = test.Name,\n PortInfos = new[]\n {\n new Aws.LightSail.Inputs.InstancePublicPortsPortInfoArgs\n {\n Protocol = \"tcp\",\n FromPort = 80,\n ToPort = 80,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"yak_sail\"),\n\t\t\tAvailabilityZone: pulumi.Any(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewInstancePublicPorts(ctx, \"test\", \u0026lightsail.InstancePublicPortsArgs{\n\t\t\tInstanceName: test.Name,\n\t\t\tPortInfos: lightsail.InstancePublicPortsPortInfoArray{\n\t\t\t\t\u0026lightsail.InstancePublicPortsPortInfoArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.InstancePublicPorts;\nimport com.pulumi.aws.lightsail.InstancePublicPortsArgs;\nimport com.pulumi.aws.lightsail.inputs.InstancePublicPortsPortInfoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Instance(\"test\", InstanceArgs.builder()\n .name(\"yak_sail\")\n .availabilityZone(available.names()[0])\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .build());\n\n var testInstancePublicPorts = new InstancePublicPorts(\"testInstancePublicPorts\", InstancePublicPortsArgs.builder()\n .instanceName(test.name())\n .portInfos(InstancePublicPortsPortInfoArgs.builder()\n .protocol(\"tcp\")\n .fromPort(80)\n .toPort(80)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Instance\n properties:\n name: yak_sail\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n testInstancePublicPorts:\n type: aws:lightsail:InstancePublicPorts\n name: test\n properties:\n instanceName: ${test.name}\n portInfos:\n - protocol: tcp\n fromPort: 80\n toPort: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "instanceName": { "type": "string", "description": "Name of the Lightsail Instance.\n" }, "portInfos": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/InstancePublicPortsPortInfo:InstancePublicPortsPortInfo" }, "description": "Configuration block with port information. AWS closes all currently open ports that are not included in the `port_info`. Detailed below.\n" } }, "required": [ "instanceName", "portInfos" ], "inputProperties": { "instanceName": { "type": "string", "description": "Name of the Lightsail Instance.\n", "willReplaceOnChanges": true }, "portInfos": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/InstancePublicPortsPortInfo:InstancePublicPortsPortInfo" }, "description": "Configuration block with port information. AWS closes all currently open ports that are not included in the `port_info`. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceName", "portInfos" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstancePublicPorts resources.\n", "properties": { "instanceName": { "type": "string", "description": "Name of the Lightsail Instance.\n", "willReplaceOnChanges": true }, "portInfos": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/InstancePublicPortsPortInfo:InstancePublicPortsPortInfo" }, "description": "Configuration block with port information. AWS closes all currently open ports that are not included in the `port_info`. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/keyPair:KeyPair": { "description": "Provides a Lightsail Key Pair, for use with Lightsail Instances. These key pairs\nare separate from EC2 Key Pairs, and must be created or imported for use with\nLightsail.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n## Example Usage\n\n### Create New Key Pair\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new Lightsail Key Pair\nconst lgKeyPair = new aws.lightsail.KeyPair(\"lg_key_pair\", {name: \"lg_key_pair\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new Lightsail Key Pair\nlg_key_pair = aws.lightsail.KeyPair(\"lg_key_pair\", name=\"lg_key_pair\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new Lightsail Key Pair\n var lgKeyPair = new Aws.LightSail.KeyPair(\"lg_key_pair\", new()\n {\n Name = \"lg_key_pair\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new Lightsail Key Pair\n\t\t_, err := lightsail.NewKeyPair(ctx, \"lg_key_pair\", \u0026lightsail.KeyPairArgs{\n\t\t\tName: pulumi.String(\"lg_key_pair\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.KeyPair;\nimport com.pulumi.aws.lightsail.KeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new Lightsail Key Pair\n var lgKeyPair = new KeyPair(\"lgKeyPair\", KeyPairArgs.builder()\n .name(\"lg_key_pair\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new Lightsail Key Pair\n lgKeyPair:\n type: aws:lightsail:KeyPair\n name: lg_key_pair\n properties:\n name: lg_key_pair\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create New Key Pair with PGP Encrypted Private Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lgKeyPair = new aws.lightsail.KeyPair(\"lg_key_pair\", {\n name: \"lg_key_pair\",\n pgpKey: \"keybase:keybaseusername\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlg_key_pair = aws.lightsail.KeyPair(\"lg_key_pair\",\n name=\"lg_key_pair\",\n pgp_key=\"keybase:keybaseusername\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lgKeyPair = new Aws.LightSail.KeyPair(\"lg_key_pair\", new()\n {\n Name = \"lg_key_pair\",\n PgpKey = \"keybase:keybaseusername\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewKeyPair(ctx, \"lg_key_pair\", \u0026lightsail.KeyPairArgs{\n\t\t\tName: pulumi.String(\"lg_key_pair\"),\n\t\t\tPgpKey: pulumi.String(\"keybase:keybaseusername\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.KeyPair;\nimport com.pulumi.aws.lightsail.KeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lgKeyPair = new KeyPair(\"lgKeyPair\", KeyPairArgs.builder()\n .name(\"lg_key_pair\")\n .pgpKey(\"keybase:keybaseusername\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lgKeyPair:\n type: aws:lightsail:KeyPair\n name: lg_key_pair\n properties:\n name: lg_key_pair\n pgpKey: keybase:keybaseusername\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Existing Public Key Import\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst lgKeyPair = new aws.lightsail.KeyPair(\"lg_key_pair\", {\n name: \"importing\",\n publicKey: std.file({\n input: \"~/.ssh/id_rsa.pub\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nlg_key_pair = aws.lightsail.KeyPair(\"lg_key_pair\",\n name=\"importing\",\n public_key=std.file(input=\"~/.ssh/id_rsa.pub\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lgKeyPair = new Aws.LightSail.KeyPair(\"lg_key_pair\", new()\n {\n Name = \"importing\",\n PublicKey = Std.File.Invoke(new()\n {\n Input = \"~/.ssh/id_rsa.pub\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"~/.ssh/id_rsa.pub\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewKeyPair(ctx, \"lg_key_pair\", \u0026lightsail.KeyPairArgs{\n\t\t\tName: pulumi.String(\"importing\"),\n\t\t\tPublicKey: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.KeyPair;\nimport com.pulumi.aws.lightsail.KeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lgKeyPair = new KeyPair(\"lgKeyPair\", KeyPairArgs.builder()\n .name(\"importing\")\n .publicKey(StdFunctions.file(FileArgs.builder()\n .input(\"~/.ssh/id_rsa.pub\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lgKeyPair:\n type: aws:lightsail:KeyPair\n name: lg_key_pair\n properties:\n name: importing\n publicKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ~/.ssh/id_rsa.pub\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Lightsail Key Pairs because the private and public key are only available on initial creation.\n\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail key pair.\n" }, "encryptedFingerprint": { "type": "string", "description": "The MD5 public key fingerprint for the encrypted private key.\n" }, "encryptedPrivateKey": { "type": "string", "description": "the private key material, base 64 encoded and encrypted with the given `pgp_key`. This is only populated when creating a new key and `pgp_key` is supplied.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique name will be generated by this provider\n" }, "namePrefix": { "type": "string" }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private key material. Only used when creating a new key pair\n" }, "privateKey": { "type": "string", "description": "the private key, base64 encoded. This is only populated when creating a new key, and when no `pgp_key` is provided.\n" }, "publicKey": { "type": "string", "description": "The public key material. This public key will be imported into Lightsail\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** a PGP key is not required, however it is strongly encouraged. Without a PGP key, the private key material will be stored in state unencrypted.`pgp_key` is ignored if `public_key` is supplied.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "encryptedFingerprint", "encryptedPrivateKey", "fingerprint", "name", "namePrefix", "privateKey", "publicKey", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique name will be generated by this provider\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private key material. Only used when creating a new key pair\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "The public key material. This public key will be imported into Lightsail\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** a PGP key is not required, however it is strongly encouraged. Without a PGP key, the private key material will be stored in state unencrypted.`pgp_key` is ignored if `public_key` is supplied.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering KeyPair resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail key pair.\n" }, "encryptedFingerprint": { "type": "string", "description": "The MD5 public key fingerprint for the encrypted private key.\n" }, "encryptedPrivateKey": { "type": "string", "description": "the private key material, base 64 encoded and encrypted with the given `pgp_key`. This is only populated when creating a new key and `pgp_key` is supplied.\n" }, "fingerprint": { "type": "string", "description": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.\n" }, "name": { "type": "string", "description": "The name of the Lightsail Key Pair. If omitted, a unique name will be generated by this provider\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "pgpKey": { "type": "string", "description": "An optional PGP key to encrypt the resulting private key material. Only used when creating a new key pair\n", "willReplaceOnChanges": true }, "privateKey": { "type": "string", "description": "the private key, base64 encoded. This is only populated when creating a new key, and when no `pgp_key` is provided.\n" }, "publicKey": { "type": "string", "description": "The public key material. This public key will be imported into Lightsail\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **NOTE:** a PGP key is not required, however it is strongly encouraged. Without a PGP key, the private key material will be stored in state unencrypted.`pgp_key` is ignored if `public_key` is supplied.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/lb:Lb": { "description": "Creates a Lightsail load balancer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb` using the name attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lb:Lb test example-load-balancer\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail load balancer.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the load balancer was created.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "healthCheckPath": { "type": "string", "description": "The health check path of the load balancer. Default value \"/\".\n" }, "instancePort": { "type": "integer", "description": "The instance port the load balancer will connect.\n" }, "ipAddressType": { "type": "string" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n" }, "protocol": { "type": "string", "description": "The protocol of the load balancer.\n" }, "publicPorts": { "type": "array", "items": { "type": "integer" }, "description": "The public ports of the load balancer.\n" }, "supportCode": { "type": "string", "description": "The support code for the database. Include this code in your email to support when you have questions about a database in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdAt", "dnsName", "instancePort", "name", "protocol", "publicPorts", "supportCode", "tagsAll" ], "inputProperties": { "healthCheckPath": { "type": "string", "description": "The health check path of the load balancer. Default value \"/\".\n" }, "instancePort": { "type": "integer", "description": "The instance port the load balancer will connect.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instancePort" ], "stateInputs": { "description": "Input properties used for looking up and filtering Lb resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail load balancer.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the load balancer was created.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the load balancer.\n" }, "healthCheckPath": { "type": "string", "description": "The health check path of the load balancer. Default value \"/\".\n" }, "instancePort": { "type": "integer", "description": "The instance port the load balancer will connect.\n", "willReplaceOnChanges": true }, "ipAddressType": { "type": "string" }, "name": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "The protocol of the load balancer.\n" }, "publicPorts": { "type": "array", "items": { "type": "integer" }, "description": "The public ports of the load balancer.\n" }, "supportCode": { "type": "string", "description": "The support code for the database. Include this code in your email to support when you have questions about a database in Lightsail. This code enables our support team to look up your Lightsail information more easily.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. To create a key-only tag, use an empty string as the value. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:lightsail/lbAttachment:LbAttachment": { "description": "Attaches a Lightsail Instance to a Lightsail Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_3_0\",\n});\nconst testLbAttachment = new aws.lightsail.LbAttachment(\"test\", {\n lbName: test.name,\n instanceName: testInstance.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n }])\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_3_0\")\ntest_lb_attachment = aws.lightsail.LbAttachment(\"test\",\n lb_name=test.name,\n instance_name=test_instance.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_3_0\",\n });\n\n var testLbAttachment = new Aws.LightSail.LbAttachment(\"test\", new()\n {\n LbName = test.Name,\n InstanceName = testInstance.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_3_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbAttachment(ctx, \"test\", \u0026lightsail.LbAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.LbAttachment;\nimport com.pulumi.aws.lightsail.LbAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder()\n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_3_0\")\n .build());\n\n var testLbAttachment = new LbAttachment(\"testLbAttachment\", LbAttachmentArgs.builder()\n .lbName(test.name())\n .instanceName(testInstance.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_3_0\n testLbAttachment:\n type: aws:lightsail:LbAttachment\n name: test\n properties:\n lbName: ${test.name}\n instanceName: ${testInstance.name}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb_attachment` using the name attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lbAttachment:LbAttachment test example-load-balancer,example-instance\n```\n", "properties": { "instanceName": { "type": "string", "description": "The name of the instance to attach to the load balancer.\n" }, "lbName": { "type": "string", "description": "The name of the Lightsail load balancer.\n" } }, "required": [ "instanceName", "lbName" ], "inputProperties": { "instanceName": { "type": "string", "description": "The name of the instance to attach to the load balancer.\n", "willReplaceOnChanges": true }, "lbName": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceName", "lbName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LbAttachment resources.\n", "properties": { "instanceName": { "type": "string", "description": "The name of the instance to attach to the load balancer.\n", "willReplaceOnChanges": true }, "lbName": { "type": "string", "description": "The name of the Lightsail load balancer.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/lbCertificate:LbCertificate": { "description": "Creates a Lightsail load balancer Certificate resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testLbCertificate = new aws.lightsail.LbCertificate(\"test\", {\n name: \"test-load-balancer-certificate\",\n lbName: test.id,\n domainName: \"test.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_lb_certificate = aws.lightsail.LbCertificate(\"test\",\n name=\"test-load-balancer-certificate\",\n lb_name=test.id,\n domain_name=\"test.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testLbCertificate = new Aws.LightSail.LbCertificate(\"test\", new()\n {\n Name = \"test-load-balancer-certificate\",\n LbName = test.Id,\n DomainName = \"test.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbCertificate(ctx, \"test\", \u0026lightsail.LbCertificateArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer-certificate\"),\n\t\t\tLbName: test.ID(),\n\t\t\tDomainName: pulumi.String(\"test.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.LbCertificate;\nimport com.pulumi.aws.lightsail.LbCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testLbCertificate = new LbCertificate(\"testLbCertificate\", LbCertificateArgs.builder()\n .name(\"test-load-balancer-certificate\")\n .lbName(test.id())\n .domainName(\"test.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testLbCertificate:\n type: aws:lightsail:LbCertificate\n name: test\n properties:\n name: test-load-balancer-certificate\n lbName: ${test.id}\n domainName: test.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb_certificate` using the id attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lbCertificate:LbCertificate test example-load-balancer,example-load-balancer-certificate\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail certificate.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "domainName": { "type": "string", "description": "The domain name (e.g., example.com) for your SSL/TLS certificate.\n" }, "domainValidationRecords": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/LbCertificateDomainValidationRecord:LbCertificateDomainValidationRecord" } }, "lbName": { "type": "string", "description": "The load balancer name where you want to create the SSL/TLS certificate.\n" }, "name": { "type": "string", "description": "The SSL/TLS certificate name.\n" }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n" }, "supportCode": { "type": "string" } }, "required": [ "arn", "createdAt", "domainName", "domainValidationRecords", "lbName", "name", "subjectAlternativeNames", "supportCode" ], "inputProperties": { "domainName": { "type": "string", "description": "The domain name (e.g., example.com) for your SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "lbName": { "type": "string", "description": "The load balancer name where you want to create the SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The SSL/TLS certificate name.\n", "willReplaceOnChanges": true }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "lbName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LbCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the lightsail certificate.\n" }, "createdAt": { "type": "string", "description": "The timestamp when the instance was created.\n" }, "domainName": { "type": "string", "description": "The domain name (e.g., example.com) for your SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "domainValidationRecords": { "type": "array", "items": { "$ref": "#/types/aws:lightsail/LbCertificateDomainValidationRecord:LbCertificateDomainValidationRecord" } }, "lbName": { "type": "string", "description": "The load balancer name where you want to create the SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The SSL/TLS certificate name.\n", "willReplaceOnChanges": true }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "Set of domains that should be SANs in the issued certificate. `domain_name` attribute is automatically added as a Subject Alternative Name.\n", "willReplaceOnChanges": true }, "supportCode": { "type": "string" } }, "type": "object" } }, "aws:lightsail/lbCertificateAttachment:LbCertificateAttachment": { "description": "Attaches a Lightsail Load Balancer Certificate to a Lightsail Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testLbCertificate = new aws.lightsail.LbCertificate(\"test\", {\n name: \"test-load-balancer-certificate\",\n lbName: test.id,\n domainName: \"test.com\",\n});\nconst testLbCertificateAttachment = new aws.lightsail.LbCertificateAttachment(\"test\", {\n lbName: test.name,\n certificateName: testLbCertificate.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_lb_certificate = aws.lightsail.LbCertificate(\"test\",\n name=\"test-load-balancer-certificate\",\n lb_name=test.id,\n domain_name=\"test.com\")\ntest_lb_certificate_attachment = aws.lightsail.LbCertificateAttachment(\"test\",\n lb_name=test.name,\n certificate_name=test_lb_certificate.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testLbCertificate = new Aws.LightSail.LbCertificate(\"test\", new()\n {\n Name = \"test-load-balancer-certificate\",\n LbName = test.Id,\n DomainName = \"test.com\",\n });\n\n var testLbCertificateAttachment = new Aws.LightSail.LbCertificateAttachment(\"test\", new()\n {\n LbName = test.Name,\n CertificateName = testLbCertificate.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLbCertificate, err := lightsail.NewLbCertificate(ctx, \"test\", \u0026lightsail.LbCertificateArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer-certificate\"),\n\t\t\tLbName: test.ID(),\n\t\t\tDomainName: pulumi.String(\"test.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbCertificateAttachment(ctx, \"test\", \u0026lightsail.LbCertificateAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tCertificateName: testLbCertificate.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.LbCertificate;\nimport com.pulumi.aws.lightsail.LbCertificateArgs;\nimport com.pulumi.aws.lightsail.LbCertificateAttachment;\nimport com.pulumi.aws.lightsail.LbCertificateAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testLbCertificate = new LbCertificate(\"testLbCertificate\", LbCertificateArgs.builder()\n .name(\"test-load-balancer-certificate\")\n .lbName(test.id())\n .domainName(\"test.com\")\n .build());\n\n var testLbCertificateAttachment = new LbCertificateAttachment(\"testLbCertificateAttachment\", LbCertificateAttachmentArgs.builder()\n .lbName(test.name())\n .certificateName(testLbCertificate.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testLbCertificate:\n type: aws:lightsail:LbCertificate\n name: test\n properties:\n name: test-load-balancer-certificate\n lbName: ${test.id}\n domainName: test.com\n testLbCertificateAttachment:\n type: aws:lightsail:LbCertificateAttachment\n name: test\n properties:\n lbName: ${test.name}\n certificateName: ${testLbCertificate.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb_certificate_attachment` using the name attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lbCertificateAttachment:LbCertificateAttachment test example-load-balancer,example-certificate\n```\n", "properties": { "certificateName": { "type": "string", "description": "The name of your SSL/TLS certificate.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to associate the SSL/TLS certificate.\n" } }, "required": [ "certificateName", "lbName" ], "inputProperties": { "certificateName": { "type": "string", "description": "The name of your SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to associate the SSL/TLS certificate.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificateName", "lbName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LbCertificateAttachment resources.\n", "properties": { "certificateName": { "type": "string", "description": "The name of your SSL/TLS certificate.\n", "willReplaceOnChanges": true }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to associate the SSL/TLS certificate.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/lbHttpsRedirectionPolicy:LbHttpsRedirectionPolicy": { "description": "Configures Https Redirection for a Lightsail Load Balancer. A valid Certificate must be attached to the load balancer in order to enable https redirection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testLbCertificate = new aws.lightsail.LbCertificate(\"test\", {\n name: \"test-load-balancer-certificate\",\n lbName: test.id,\n domainName: \"test.com\",\n});\nconst testLbCertificateAttachment = new aws.lightsail.LbCertificateAttachment(\"test\", {\n lbName: test.name,\n certificateName: testLbCertificate.name,\n});\nconst testLbHttpsRedirectionPolicy = new aws.lightsail.LbHttpsRedirectionPolicy(\"test\", {\n lbName: test.name,\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_lb_certificate = aws.lightsail.LbCertificate(\"test\",\n name=\"test-load-balancer-certificate\",\n lb_name=test.id,\n domain_name=\"test.com\")\ntest_lb_certificate_attachment = aws.lightsail.LbCertificateAttachment(\"test\",\n lb_name=test.name,\n certificate_name=test_lb_certificate.name)\ntest_lb_https_redirection_policy = aws.lightsail.LbHttpsRedirectionPolicy(\"test\",\n lb_name=test.name,\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testLbCertificate = new Aws.LightSail.LbCertificate(\"test\", new()\n {\n Name = \"test-load-balancer-certificate\",\n LbName = test.Id,\n DomainName = \"test.com\",\n });\n\n var testLbCertificateAttachment = new Aws.LightSail.LbCertificateAttachment(\"test\", new()\n {\n LbName = test.Name,\n CertificateName = testLbCertificate.Name,\n });\n\n var testLbHttpsRedirectionPolicy = new Aws.LightSail.LbHttpsRedirectionPolicy(\"test\", new()\n {\n LbName = test.Name,\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLbCertificate, err := lightsail.NewLbCertificate(ctx, \"test\", \u0026lightsail.LbCertificateArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer-certificate\"),\n\t\t\tLbName: test.ID(),\n\t\t\tDomainName: pulumi.String(\"test.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbCertificateAttachment(ctx, \"test\", \u0026lightsail.LbCertificateAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tCertificateName: testLbCertificate.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbHttpsRedirectionPolicy(ctx, \"test\", \u0026lightsail.LbHttpsRedirectionPolicyArgs{\n\t\t\tLbName: test.Name,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.LbCertificate;\nimport com.pulumi.aws.lightsail.LbCertificateArgs;\nimport com.pulumi.aws.lightsail.LbCertificateAttachment;\nimport com.pulumi.aws.lightsail.LbCertificateAttachmentArgs;\nimport com.pulumi.aws.lightsail.LbHttpsRedirectionPolicy;\nimport com.pulumi.aws.lightsail.LbHttpsRedirectionPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testLbCertificate = new LbCertificate(\"testLbCertificate\", LbCertificateArgs.builder()\n .name(\"test-load-balancer-certificate\")\n .lbName(test.id())\n .domainName(\"test.com\")\n .build());\n\n var testLbCertificateAttachment = new LbCertificateAttachment(\"testLbCertificateAttachment\", LbCertificateAttachmentArgs.builder()\n .lbName(test.name())\n .certificateName(testLbCertificate.name())\n .build());\n\n var testLbHttpsRedirectionPolicy = new LbHttpsRedirectionPolicy(\"testLbHttpsRedirectionPolicy\", LbHttpsRedirectionPolicyArgs.builder()\n .lbName(test.name())\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testLbCertificate:\n type: aws:lightsail:LbCertificate\n name: test\n properties:\n name: test-load-balancer-certificate\n lbName: ${test.id}\n domainName: test.com\n testLbCertificateAttachment:\n type: aws:lightsail:LbCertificateAttachment\n name: test\n properties:\n lbName: ${test.name}\n certificateName: ${testLbCertificate.name}\n testLbHttpsRedirectionPolicy:\n type: aws:lightsail:LbHttpsRedirectionPolicy\n name: test\n properties:\n lbName: ${test.name}\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb_https_redirection_policy` using the `lb_name` attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lbHttpsRedirectionPolicy:LbHttpsRedirectionPolicy test example-load-balancer\n```\n", "properties": { "enabled": { "type": "boolean", "description": "The Https Redirection state of the load balancer. `true` to activate http to https redirection or `false` to deactivate http to https redirection.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable http to https redirection.\n" } }, "required": [ "enabled", "lbName" ], "inputProperties": { "enabled": { "type": "boolean", "description": "The Https Redirection state of the load balancer. `true` to activate http to https redirection or `false` to deactivate http to https redirection.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable http to https redirection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "enabled", "lbName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LbHttpsRedirectionPolicy resources.\n", "properties": { "enabled": { "type": "boolean", "description": "The Https Redirection state of the load balancer. `true` to activate http to https redirection or `false` to deactivate http to https redirection.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable http to https redirection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/lbStickinessPolicy:LbStickinessPolicy": { "description": "Configures Session Stickiness for a Lightsail Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testLbStickinessPolicy = new aws.lightsail.LbStickinessPolicy(\"test\", {\n lbName: test.name,\n cookieDuration: 900,\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_lb_stickiness_policy = aws.lightsail.LbStickinessPolicy(\"test\",\n lb_name=test.name,\n cookie_duration=900,\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testLbStickinessPolicy = new Aws.LightSail.LbStickinessPolicy(\"test\", new()\n {\n LbName = test.Name,\n CookieDuration = 900,\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbStickinessPolicy(ctx, \"test\", \u0026lightsail.LbStickinessPolicyArgs{\n\t\t\tLbName: test.Name,\n\t\t\tCookieDuration: pulumi.Int(900),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.LbStickinessPolicy;\nimport com.pulumi.aws.lightsail.LbStickinessPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Lb(\"test\", LbArgs.builder()\n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testLbStickinessPolicy = new LbStickinessPolicy(\"testLbStickinessPolicy\", LbStickinessPolicyArgs.builder()\n .lbName(test.name())\n .cookieDuration(900)\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testLbStickinessPolicy:\n type: aws:lightsail:LbStickinessPolicy\n name: test\n properties:\n lbName: ${test.name}\n cookieDuration: 900\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_lightsail_lb_stickiness_policy` using the `lb_name` attribute. For example:\n\n```sh\n$ pulumi import aws:lightsail/lbStickinessPolicy:LbStickinessPolicy test example-load-balancer\n```\n", "properties": { "cookieDuration": { "type": "integer", "description": "The cookie duration in seconds. This determines the length of the session stickiness.\n" }, "enabled": { "type": "boolean", "description": "The Session Stickiness state of the load balancer. `true` to activate session stickiness or `false` to deactivate session stickiness.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable session stickiness.\n" } }, "required": [ "cookieDuration", "enabled", "lbName" ], "inputProperties": { "cookieDuration": { "type": "integer", "description": "The cookie duration in seconds. This determines the length of the session stickiness.\n" }, "enabled": { "type": "boolean", "description": "The Session Stickiness state of the load balancer. `true` to activate session stickiness or `false` to deactivate session stickiness.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable session stickiness.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cookieDuration", "enabled", "lbName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LbStickinessPolicy resources.\n", "properties": { "cookieDuration": { "type": "integer", "description": "The cookie duration in seconds. This determines the length of the session stickiness.\n" }, "enabled": { "type": "boolean", "description": "The Session Stickiness state of the load balancer. `true` to activate session stickiness or `false` to deactivate session stickiness.\n" }, "lbName": { "type": "string", "description": "The name of the load balancer to which you want to enable session stickiness.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:lightsail/staticIp:StaticIp": { "description": "Allocates a static IP address.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.StaticIp(\"test\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.StaticIp(\"test\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.StaticIp(\"test\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lightsail.NewStaticIp(ctx, \"test\", \u0026lightsail.StaticIpArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.StaticIp;\nimport com.pulumi.aws.lightsail.StaticIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new StaticIp(\"test\", StaticIpArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:StaticIp\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail static IP\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "name": { "type": "string", "description": "The name for the allocated static IP\n" }, "supportCode": { "type": "string", "description": "The support code.\n" } }, "required": [ "arn", "ipAddress", "name", "supportCode" ], "inputProperties": { "name": { "type": "string", "description": "The name for the allocated static IP\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering StaticIp resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Lightsail static IP\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "name": { "type": "string", "description": "The name for the allocated static IP\n", "willReplaceOnChanges": true }, "supportCode": { "type": "string", "description": "The support code.\n" } }, "type": "object" } }, "aws:lightsail/staticIpAttachment:StaticIpAttachment": { "description": "Provides a static IP address attachment - relationship between a Lightsail static IP \u0026 Lightsail instance.\n\n\u003e **Note:** Lightsail is currently only supported in a limited number of AWS Regions, please see [\"Regions and Availability Zones in Amazon Lightsail\"](https://lightsail.aws.amazon.com/ls/docs/overview/article/understanding-regions-and-availability-zones-in-amazon-lightsail) for more details\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStaticIp = new aws.lightsail.StaticIp(\"test\", {name: \"example\"});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"example\",\n availabilityZone: \"us-east-1b\",\n blueprintId: \"string\",\n bundleId: \"string\",\n keyPairName: \"some_key_name\",\n});\nconst test = new aws.lightsail.StaticIpAttachment(\"test\", {\n staticIpName: testStaticIp.id,\n instanceName: testInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_static_ip = aws.lightsail.StaticIp(\"test\", name=\"example\")\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"example\",\n availability_zone=\"us-east-1b\",\n blueprint_id=\"string\",\n bundle_id=\"string\",\n key_pair_name=\"some_key_name\")\ntest = aws.lightsail.StaticIpAttachment(\"test\",\n static_ip_name=test_static_ip.id,\n instance_name=test_instance.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStaticIp = new Aws.LightSail.StaticIp(\"test\", new()\n {\n Name = \"example\",\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"example\",\n AvailabilityZone = \"us-east-1b\",\n BlueprintId = \"string\",\n BundleId = \"string\",\n KeyPairName = \"some_key_name\",\n });\n\n var test = new Aws.LightSail.StaticIpAttachment(\"test\", new()\n {\n StaticIpName = testStaticIp.Id,\n InstanceName = testInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestStaticIp, err := lightsail.NewStaticIp(ctx, \"test\", \u0026lightsail.StaticIpArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tBlueprintId: pulumi.String(\"string\"),\n\t\t\tBundleId: pulumi.String(\"string\"),\n\t\t\tKeyPairName: pulumi.String(\"some_key_name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewStaticIpAttachment(ctx, \"test\", \u0026lightsail.StaticIpAttachmentArgs{\n\t\t\tStaticIpName: testStaticIp.ID(),\n\t\t\tInstanceName: testInstance.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.StaticIp;\nimport com.pulumi.aws.lightsail.StaticIpArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.StaticIpAttachment;\nimport com.pulumi.aws.lightsail.StaticIpAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStaticIp = new StaticIp(\"testStaticIp\", StaticIpArgs.builder()\n .name(\"example\")\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder()\n .name(\"example\")\n .availabilityZone(\"us-east-1b\")\n .blueprintId(\"string\")\n .bundleId(\"string\")\n .keyPairName(\"some_key_name\")\n .build());\n\n var test = new StaticIpAttachment(\"test\", StaticIpAttachmentArgs.builder()\n .staticIpName(testStaticIp.id())\n .instanceName(testInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:StaticIpAttachment\n properties:\n staticIpName: ${testStaticIp.id}\n instanceName: ${testInstance.id}\n testStaticIp:\n type: aws:lightsail:StaticIp\n name: test\n properties:\n name: example\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: example\n availabilityZone: us-east-1b\n blueprintId: string\n bundleId: string\n keyPairName: some_key_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n" }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n" } }, "required": [ "instanceName", "ipAddress", "staticIpName" ], "inputProperties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n", "willReplaceOnChanges": true }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceName", "staticIpName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StaticIpAttachment resources.\n", "properties": { "instanceName": { "type": "string", "description": "The name of the Lightsail instance to attach the IP to\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The allocated static IP address\n" }, "staticIpName": { "type": "string", "description": "The name of the allocated static IP\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:location/geofenceCollection:GeofenceCollection": { "description": "Resource for managing an AWS Location Geofence Collection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.GeofenceCollection(\"example\", {collectionName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.GeofenceCollection(\"example\", collection_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.GeofenceCollection(\"example\", new()\n {\n CollectionName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.NewGeofenceCollection(ctx, \"example\", \u0026location.GeofenceCollectionArgs{\n\t\t\tCollectionName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.GeofenceCollection;\nimport com.pulumi.aws.location.GeofenceCollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GeofenceCollection(\"example\", GeofenceCollectionArgs.builder()\n .collectionName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:GeofenceCollection\n properties:\n collectionName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Location Geofence Collection using the `collection_name`. For example:\n\n```sh\n$ pulumi import aws:location/geofenceCollection:GeofenceCollection example example\n```\n", "properties": { "collectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the geofence collection resource. Used when you need to specify a resource across all AWS.\n" }, "collectionName": { "type": "string", "description": "The name of the geofence collection.\n\nThe following arguments are optional:\n" }, "createTime": { "type": "string", "description": "The timestamp for when the geofence collection resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "The optional description for the geofence collection.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the geofence collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the geofence collection resource was last updated in ISO 8601 format.\n" } }, "required": [ "collectionArn", "collectionName", "createTime", "tagsAll", "updateTime" ], "inputProperties": { "collectionName": { "type": "string", "description": "The name of the geofence collection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The optional description for the geofence collection.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the geofence collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "collectionName" ], "stateInputs": { "description": "Input properties used for looking up and filtering GeofenceCollection resources.\n", "properties": { "collectionArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the geofence collection resource. Used when you need to specify a resource across all AWS.\n" }, "collectionName": { "type": "string", "description": "The name of the geofence collection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "createTime": { "type": "string", "description": "The timestamp for when the geofence collection resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "The optional description for the geofence collection.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the geofence collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the geofence collection resource was last updated in ISO 8601 format.\n" } }, "type": "object" } }, "aws:location/map:Map": { "description": "Provides a Location Service Map.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.Map(\"example\", {\n configuration: {\n style: \"VectorHereBerlin\",\n },\n mapName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.Map(\"example\",\n configuration={\n \"style\": \"VectorHereBerlin\",\n },\n map_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.Map(\"example\", new()\n {\n Configuration = new Aws.Location.Inputs.MapConfigurationArgs\n {\n Style = \"VectorHereBerlin\",\n },\n MapName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.NewMap(ctx, \"example\", \u0026location.MapArgs{\n\t\t\tConfiguration: \u0026location.MapConfigurationArgs{\n\t\t\t\tStyle: pulumi.String(\"VectorHereBerlin\"),\n\t\t\t},\n\t\t\tMapName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.Map;\nimport com.pulumi.aws.location.MapArgs;\nimport com.pulumi.aws.location.inputs.MapConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Map(\"example\", MapArgs.builder()\n .configuration(MapConfigurationArgs.builder()\n .style(\"VectorHereBerlin\")\n .build())\n .mapName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:Map\n properties:\n configuration:\n style: VectorHereBerlin\n mapName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_location_map` resources using the map name. For example:\n\n```sh\n$ pulumi import aws:location/map:Map example example\n```\n", "properties": { "configuration": { "$ref": "#/types/aws:location/MapConfiguration:MapConfiguration", "description": "Configuration block with the map style selected from an available data provider. Detailed below.\n" }, "createTime": { "type": "string", "description": "The timestamp for when the map resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "An optional description for the map resource.\n" }, "mapArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the map resource. Used to specify a resource across all AWS.\n" }, "mapName": { "type": "string", "description": "The name for the map resource.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the map. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the map resource was last updated in ISO 8601 format.\n" } }, "required": [ "configuration", "createTime", "mapArn", "mapName", "tagsAll", "updateTime" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:location/MapConfiguration:MapConfiguration", "description": "Configuration block with the map style selected from an available data provider. Detailed below.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "An optional description for the map resource.\n" }, "mapName": { "type": "string", "description": "The name for the map resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the map. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "configuration", "mapName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Map resources.\n", "properties": { "configuration": { "$ref": "#/types/aws:location/MapConfiguration:MapConfiguration", "description": "Configuration block with the map style selected from an available data provider. Detailed below.\n", "willReplaceOnChanges": true }, "createTime": { "type": "string", "description": "The timestamp for when the map resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "An optional description for the map resource.\n" }, "mapArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the map resource. Used to specify a resource across all AWS.\n" }, "mapName": { "type": "string", "description": "The name for the map resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the map. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the map resource was last updated in ISO 8601 format.\n" } }, "type": "object" } }, "aws:location/placeIndex:PlaceIndex": { "description": "Provides a Location Service Place Index.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.PlaceIndex(\"example\", {\n dataSource: \"Here\",\n indexName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.PlaceIndex(\"example\",\n data_source=\"Here\",\n index_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.PlaceIndex(\"example\", new()\n {\n DataSource = \"Here\",\n IndexName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.NewPlaceIndex(ctx, \"example\", \u0026location.PlaceIndexArgs{\n\t\t\tDataSource: pulumi.String(\"Here\"),\n\t\t\tIndexName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.PlaceIndex;\nimport com.pulumi.aws.location.PlaceIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PlaceIndex(\"example\", PlaceIndexArgs.builder()\n .dataSource(\"Here\")\n .indexName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:PlaceIndex\n properties:\n dataSource: Here\n indexName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_location_place_index` resources using the place index name. For example:\n\n```sh\n$ pulumi import aws:location/placeIndex:PlaceIndex example example\n```\n", "properties": { "createTime": { "type": "string", "description": "The timestamp for when the place index resource was created in ISO 8601 format.\n" }, "dataSource": { "type": "string", "description": "Specifies the geospatial data provider for the new place index.\n" }, "dataSourceConfiguration": { "$ref": "#/types/aws:location/PlaceIndexDataSourceConfiguration:PlaceIndexDataSourceConfiguration", "description": "Configuration block with the data storage option chosen for requesting Places. Detailed below.\n" }, "description": { "type": "string", "description": "The optional description for the place index resource.\n" }, "indexArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the place index resource. Used to specify a resource across AWS.\n" }, "indexName": { "type": "string", "description": "The name of the place index resource.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the place index resource was last update in ISO 8601.\n" } }, "required": [ "createTime", "dataSource", "dataSourceConfiguration", "indexArn", "indexName", "tagsAll", "updateTime" ], "inputProperties": { "dataSource": { "type": "string", "description": "Specifies the geospatial data provider for the new place index.\n", "willReplaceOnChanges": true }, "dataSourceConfiguration": { "$ref": "#/types/aws:location/PlaceIndexDataSourceConfiguration:PlaceIndexDataSourceConfiguration", "description": "Configuration block with the data storage option chosen for requesting Places. Detailed below.\n" }, "description": { "type": "string", "description": "The optional description for the place index resource.\n" }, "indexName": { "type": "string", "description": "The name of the place index resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dataSource", "indexName" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlaceIndex resources.\n", "properties": { "createTime": { "type": "string", "description": "The timestamp for when the place index resource was created in ISO 8601 format.\n" }, "dataSource": { "type": "string", "description": "Specifies the geospatial data provider for the new place index.\n", "willReplaceOnChanges": true }, "dataSourceConfiguration": { "$ref": "#/types/aws:location/PlaceIndexDataSourceConfiguration:PlaceIndexDataSourceConfiguration", "description": "Configuration block with the data storage option chosen for requesting Places. Detailed below.\n" }, "description": { "type": "string", "description": "The optional description for the place index resource.\n" }, "indexArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the place index resource. Used to specify a resource across AWS.\n" }, "indexName": { "type": "string", "description": "The name of the place index resource.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the place index resource was last update in ISO 8601.\n" } }, "type": "object" } }, "aws:location/routeCalculation:RouteCalculation": { "description": "Provides a Location Service Route Calculator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.RouteCalculation(\"example\", {\n calculatorName: \"example\",\n dataSource: \"Here\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.RouteCalculation(\"example\",\n calculator_name=\"example\",\n data_source=\"Here\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.RouteCalculation(\"example\", new()\n {\n CalculatorName = \"example\",\n DataSource = \"Here\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.NewRouteCalculation(ctx, \"example\", \u0026location.RouteCalculationArgs{\n\t\t\tCalculatorName: pulumi.String(\"example\"),\n\t\t\tDataSource: pulumi.String(\"Here\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.RouteCalculation;\nimport com.pulumi.aws.location.RouteCalculationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RouteCalculation(\"example\", RouteCalculationArgs.builder()\n .calculatorName(\"example\")\n .dataSource(\"Here\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:RouteCalculation\n properties:\n calculatorName: example\n dataSource: Here\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_location_route_calculator` using the route calculator name. For example:\n\n```sh\n$ pulumi import aws:location/routeCalculation:RouteCalculation example example\n```\n", "properties": { "calculatorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the Route calculator resource. Use the ARN when you specify a resource across AWS.\n" }, "calculatorName": { "type": "string", "description": "The name of the route calculator resource.\n" }, "createTime": { "type": "string", "description": "The timestamp for when the route calculator resource was created in ISO 8601 format.\n" }, "dataSource": { "type": "string", "description": "Specifies the data provider of traffic and road network data.\n\nThe following arguments are optional:\n" }, "description": { "type": "string", "description": "The optional description for the route calculator resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the route calculator. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the route calculator resource was last update in ISO 8601.\n" } }, "required": [ "calculatorArn", "calculatorName", "createTime", "dataSource", "tagsAll", "updateTime" ], "inputProperties": { "calculatorName": { "type": "string", "description": "The name of the route calculator resource.\n", "willReplaceOnChanges": true }, "dataSource": { "type": "string", "description": "Specifies the data provider of traffic and road network data.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The optional description for the route calculator resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the route calculator. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "calculatorName", "dataSource" ], "stateInputs": { "description": "Input properties used for looking up and filtering RouteCalculation resources.\n", "properties": { "calculatorArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the Route calculator resource. Use the ARN when you specify a resource across AWS.\n" }, "calculatorName": { "type": "string", "description": "The name of the route calculator resource.\n", "willReplaceOnChanges": true }, "createTime": { "type": "string", "description": "The timestamp for when the route calculator resource was created in ISO 8601 format.\n" }, "dataSource": { "type": "string", "description": "Specifies the data provider of traffic and road network data.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The optional description for the route calculator resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the route calculator. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateTime": { "type": "string", "description": "The timestamp for when the route calculator resource was last update in ISO 8601.\n" } }, "type": "object" } }, "aws:location/tracker:Tracker": { "description": "Provides a Location Service Tracker.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.Tracker(\"example\", {trackerName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.Tracker(\"example\", tracker_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.Tracker(\"example\", new()\n {\n TrackerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.NewTracker(ctx, \"example\", \u0026location.TrackerArgs{\n\t\t\tTrackerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.Tracker;\nimport com.pulumi.aws.location.TrackerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Tracker(\"example\", TrackerArgs.builder()\n .trackerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:Tracker\n properties:\n trackerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_location_tracker` resources using the tracker name. For example:\n\n```sh\n$ pulumi import aws:location/tracker:Tracker example example\n```\n", "properties": { "createTime": { "type": "string", "description": "The timestamp for when the tracker resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "The optional description for the tracker resource.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n" }, "positionFiltering": { "type": "string", "description": "The position filtering method of the tracker resource. Valid values: `TimeBased`, `DistanceBased`, `AccuracyBased`. Default: `TimeBased`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the tracker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trackerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the tracker resource. Used when you need to specify a resource across all AWS.\n" }, "trackerName": { "type": "string", "description": "The name of the tracker resource.\n\nThe following arguments are optional:\n" }, "updateTime": { "type": "string", "description": "The timestamp for when the tracker resource was last updated in ISO 8601 format.\n" } }, "required": [ "createTime", "tagsAll", "trackerArn", "trackerName", "updateTime" ], "inputProperties": { "description": { "type": "string", "description": "The optional description for the tracker resource.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "willReplaceOnChanges": true }, "positionFiltering": { "type": "string", "description": "The position filtering method of the tracker resource. Valid values: `TimeBased`, `DistanceBased`, `AccuracyBased`. Default: `TimeBased`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the tracker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trackerName": { "type": "string", "description": "The name of the tracker resource.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "trackerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tracker resources.\n", "properties": { "createTime": { "type": "string", "description": "The timestamp for when the tracker resource was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "The optional description for the tracker resource.\n" }, "kmsKeyId": { "type": "string", "description": "A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "willReplaceOnChanges": true }, "positionFiltering": { "type": "string", "description": "The position filtering method of the tracker resource. Valid values: `TimeBased`, `DistanceBased`, `AccuracyBased`. Default: `TimeBased`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the tracker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trackerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the tracker resource. Used when you need to specify a resource across all AWS.\n" }, "trackerName": { "type": "string", "description": "The name of the tracker resource.\n\nThe following arguments are optional:\n" }, "updateTime": { "type": "string", "description": "The timestamp for when the tracker resource was last updated in ISO 8601 format.\n" } }, "type": "object" } }, "aws:location/trackerAssociation:TrackerAssociation": { "description": "Resource for managing an AWS Location Tracker Association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.location.GeofenceCollection(\"example\", {collectionName: \"example\"});\nconst exampleTracker = new aws.location.Tracker(\"example\", {trackerName: \"example\"});\nconst exampleTrackerAssociation = new aws.location.TrackerAssociation(\"example\", {\n consumerArn: example.collectionArn,\n trackerName: exampleTracker.trackerName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.GeofenceCollection(\"example\", collection_name=\"example\")\nexample_tracker = aws.location.Tracker(\"example\", tracker_name=\"example\")\nexample_tracker_association = aws.location.TrackerAssociation(\"example\",\n consumer_arn=example.collection_arn,\n tracker_name=example_tracker.tracker_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Location.GeofenceCollection(\"example\", new()\n {\n CollectionName = \"example\",\n });\n\n var exampleTracker = new Aws.Location.Tracker(\"example\", new()\n {\n TrackerName = \"example\",\n });\n\n var exampleTrackerAssociation = new Aws.Location.TrackerAssociation(\"example\", new()\n {\n ConsumerArn = example.CollectionArn,\n TrackerName = exampleTracker.TrackerName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := location.NewGeofenceCollection(ctx, \"example\", \u0026location.GeofenceCollectionArgs{\n\t\t\tCollectionName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTracker, err := location.NewTracker(ctx, \"example\", \u0026location.TrackerArgs{\n\t\t\tTrackerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = location.NewTrackerAssociation(ctx, \"example\", \u0026location.TrackerAssociationArgs{\n\t\t\tConsumerArn: example.CollectionArn,\n\t\t\tTrackerName: exampleTracker.TrackerName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.GeofenceCollection;\nimport com.pulumi.aws.location.GeofenceCollectionArgs;\nimport com.pulumi.aws.location.Tracker;\nimport com.pulumi.aws.location.TrackerArgs;\nimport com.pulumi.aws.location.TrackerAssociation;\nimport com.pulumi.aws.location.TrackerAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GeofenceCollection(\"example\", GeofenceCollectionArgs.builder()\n .collectionName(\"example\")\n .build());\n\n var exampleTracker = new Tracker(\"exampleTracker\", TrackerArgs.builder()\n .trackerName(\"example\")\n .build());\n\n var exampleTrackerAssociation = new TrackerAssociation(\"exampleTrackerAssociation\", TrackerAssociationArgs.builder()\n .consumerArn(example.collectionArn())\n .trackerName(exampleTracker.trackerName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:location:GeofenceCollection\n properties:\n collectionName: example\n exampleTracker:\n type: aws:location:Tracker\n name: example\n properties:\n trackerName: example\n exampleTrackerAssociation:\n type: aws:location:TrackerAssociation\n name: example\n properties:\n consumerArn: ${example.collectionArn}\n trackerName: ${exampleTracker.trackerName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Location Tracker Association using the `tracker_name|consumer_arn`. For example:\n\n```sh\n$ pulumi import aws:location/trackerAssociation:TrackerAssociation example \"tracker_name|consumer_arn\"\n```\n", "properties": { "consumerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS.\n" }, "trackerName": { "type": "string", "description": "The name of the tracker resource to be associated with a geofence collection.\n" } }, "required": [ "consumerArn", "trackerName" ], "inputProperties": { "consumerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS.\n", "willReplaceOnChanges": true }, "trackerName": { "type": "string", "description": "The name of the tracker resource to be associated with a geofence collection.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "consumerArn", "trackerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrackerAssociation resources.\n", "properties": { "consumerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS.\n", "willReplaceOnChanges": true }, "trackerName": { "type": "string", "description": "The name of the tracker resource to be associated with a geofence collection.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:m2/application:Application": { "description": "Resource for managing an [AWS Mainframe Modernization Application](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2.html).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.m2.Application(\"example\", {\n name: \"Example\",\n engineType: \"bluage\",\n definition: {\n content: `{\n \"definition\": {\n \"listeners\": [\n {\n \"port\": 8196,\n \"type\": \"http\"\n }\n ],\n \"ba-application\": {\n \"app-location\": \"${s3_source}/PlanetsDemo-v1.zip\"\n }\n },\n \"source-locations\": [\n {\n \"source-id\": \"s3-source\",\n \"source-type\": \"s3\",\n \"properties\": {\n \"s3-bucket\": \"example-bucket\",\n \"s3-key-prefix\": \"v1\"\n }\n }\n ],\n \"template-version\": \"2.0\"\n}\n\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.m2.Application(\"example\",\n name=\"Example\",\n engine_type=\"bluage\",\n definition={\n \"content\": f\"\"\"{{\n \"definition\": {{\n \"listeners\": [\n {{\n \"port\": 8196,\n \"type\": \"http\"\n }}\n ],\n \"ba-application\": {{\n \"app-location\": \"{s3_source}/PlanetsDemo-v1.zip\"\n }}\n }},\n \"source-locations\": [\n {{\n \"source-id\": \"s3-source\",\n \"source-type\": \"s3\",\n \"properties\": {{\n \"s3-bucket\": \"example-bucket\",\n \"s3-key-prefix\": \"v1\"\n }}\n }}\n ],\n \"template-version\": \"2.0\"\n}}\n\n\"\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.M2.Application(\"example\", new()\n {\n Name = \"Example\",\n EngineType = \"bluage\",\n Definition = new Aws.M2.Inputs.ApplicationDefinitionArgs\n {\n Content = @$\"{{\n \"\"definition\"\": {{\n \"\"listeners\"\": [\n {{\n \"\"port\"\": 8196,\n \"\"type\"\": \"\"http\"\"\n }}\n ],\n \"\"ba-application\"\": {{\n \"\"app-location\"\": \"\"{s3_source}/PlanetsDemo-v1.zip\"\"\n }}\n }},\n \"\"source-locations\"\": [\n {{\n \"\"source-id\"\": \"\"s3-source\"\",\n \"\"source-type\"\": \"\"s3\"\",\n \"\"properties\"\": {{\n \"\"s3-bucket\"\": \"\"example-bucket\"\",\n \"\"s3-key-prefix\"\": \"\"v1\"\"\n }}\n }}\n ],\n \"\"template-version\"\": \"\"2.0\"\"\n}}\n\n\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/m2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := m2.NewApplication(ctx, \"example\", \u0026m2.ApplicationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tEngineType: pulumi.String(\"bluage\"),\n\t\t\tDefinition: \u0026m2.ApplicationDefinitionArgs{\n\t\t\t\tContent: pulumi.String(fmt.Sprintf(`{\n \"definition\": {\n \"listeners\": [\n {\n \"port\": 8196,\n \"type\": \"http\"\n }\n ],\n \"ba-application\": {\n \"app-location\": \"%v/PlanetsDemo-v1.zip\"\n }\n },\n \"source-locations\": [\n {\n \"source-id\": \"s3-source\",\n \"source-type\": \"s3\",\n \"properties\": {\n \"s3-bucket\": \"example-bucket\",\n \"s3-key-prefix\": \"v1\"\n }\n }\n ],\n \"template-version\": \"2.0\"\n}\n\n`, s3_source)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.m2.Application;\nimport com.pulumi.aws.m2.ApplicationArgs;\nimport com.pulumi.aws.m2.inputs.ApplicationDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Application(\"example\", ApplicationArgs.builder()\n .name(\"Example\")\n .engineType(\"bluage\")\n .definition(ApplicationDefinitionArgs.builder()\n .content(\"\"\"\n{\n \"definition\": {\n \"listeners\": [\n {\n \"port\": 8196,\n \"type\": \"http\"\n }\n ],\n \"ba-application\": {\n \"app-location\": \"%s/PlanetsDemo-v1.zip\"\n }\n },\n \"source-locations\": [\n {\n \"source-id\": \"s3-source\",\n \"source-type\": \"s3\",\n \"properties\": {\n \"s3-bucket\": \"example-bucket\",\n \"s3-key-prefix\": \"v1\"\n }\n }\n ],\n \"template-version\": \"2.0\"\n}\n\n\", s3_source))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:m2:Application\n properties:\n name: Example\n engineType: bluage\n definition:\n content: |+\n {\n \"definition\": {\n \"listeners\": [\n {\n \"port\": 8196,\n \"type\": \"http\"\n }\n ],\n \"ba-application\": {\n \"app-location\": \"${[\"s3-source\"]}/PlanetsDemo-v1.zip\"\n }\n },\n \"source-locations\": [\n {\n \"source-id\": \"s3-source\",\n \"source-type\": \"s3\",\n \"properties\": {\n \"s3-bucket\": \"example-bucket\",\n \"s3-key-prefix\": \"v1\"\n }\n }\n ],\n \"template-version\": \"2.0\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Mainframe Modernization Application using the `01234567890abcdef012345678`. For example:\n\n```sh\n$ pulumi import aws:m2/application:Application example 01234567890abcdef012345678\n```\n", "properties": { "applicationId": { "type": "string", "description": "Id of the Application.\n" }, "arn": { "type": "string", "description": "ARN of the Application.\n" }, "currentVersion": { "type": "integer", "description": "Current version of the application deployed.\n" }, "definition": { "$ref": "#/types/aws:m2/ApplicationDefinition:ApplicationDefinition", "description": "The application definition for this application. You can specify either inline JSON or an S3 bucket location.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus | bluage`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS Key to use for the Application.\n" }, "name": { "type": "string", "description": "Unique identifier of the application.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of role for application to use to access AWS resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:m2/ApplicationTimeouts:ApplicationTimeouts" } }, "required": [ "applicationId", "arn", "currentVersion", "engineType", "name", "tagsAll" ], "inputProperties": { "definition": { "$ref": "#/types/aws:m2/ApplicationDefinition:ApplicationDefinition", "description": "The application definition for this application. You can specify either inline JSON or an S3 bucket location.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus | bluage`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS Key to use for the Application.\n" }, "name": { "type": "string", "description": "Unique identifier of the application.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of role for application to use to access AWS resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:m2/ApplicationTimeouts:ApplicationTimeouts" } }, "requiredInputs": [ "engineType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "applicationId": { "type": "string", "description": "Id of the Application.\n" }, "arn": { "type": "string", "description": "ARN of the Application.\n" }, "currentVersion": { "type": "integer", "description": "Current version of the application deployed.\n" }, "definition": { "$ref": "#/types/aws:m2/ApplicationDefinition:ApplicationDefinition", "description": "The application definition for this application. You can specify either inline JSON or an S3 bucket location.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus | bluage`.\n" }, "kmsKeyId": { "type": "string", "description": "KMS Key to use for the Application.\n" }, "name": { "type": "string", "description": "Unique identifier of the application.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "ARN of role for application to use to access AWS resources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:m2/ApplicationTimeouts:ApplicationTimeouts" } }, "type": "object" } }, "aws:m2/deployment:Deployment": { "description": "Resource for managing an [AWS Mainframe Modernization Deployment.](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-deploy.html)\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.m2.Deployment(\"test\", {\n environmentId: \"01234567890abcdef012345678\",\n applicationId: \"34567890abcdef012345678012\",\n applicationVersion: 1,\n start: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.m2.Deployment(\"test\",\n environment_id=\"01234567890abcdef012345678\",\n application_id=\"34567890abcdef012345678012\",\n application_version=1,\n start=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.M2.Deployment(\"test\", new()\n {\n EnvironmentId = \"01234567890abcdef012345678\",\n ApplicationId = \"34567890abcdef012345678012\",\n ApplicationVersion = 1,\n Start = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/m2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := m2.NewDeployment(ctx, \"test\", \u0026m2.DeploymentArgs{\n\t\t\tEnvironmentId: pulumi.String(\"01234567890abcdef012345678\"),\n\t\t\tApplicationId: pulumi.String(\"34567890abcdef012345678012\"),\n\t\t\tApplicationVersion: pulumi.Int(1),\n\t\t\tStart: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.m2.Deployment;\nimport com.pulumi.aws.m2.DeploymentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Deployment(\"test\", DeploymentArgs.builder()\n .environmentId(\"01234567890abcdef012345678\")\n .applicationId(\"34567890abcdef012345678012\")\n .applicationVersion(1)\n .start(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:m2:Deployment\n properties:\n environmentId: 01234567890abcdef012345678\n applicationId: 34567890abcdef012345678012\n applicationVersion: 1\n start: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Mainframe Modernization Deployment using the `APPLICATION-ID,DEPLOYMENT-ID`. For example:\n\n```sh\n$ pulumi import aws:m2/deployment:Deployment example APPLICATION-ID,DEPLOYMENT-ID\n```\n", "properties": { "applicationId": { "type": "string", "description": "Application to deploy.\n" }, "applicationVersion": { "type": "integer", "description": "Version to application to deploy\n" }, "deploymentId": { "type": "string" }, "environmentId": { "type": "string", "description": "Environment to deploy application to.\n" }, "forceStop": { "type": "boolean" }, "start": { "type": "boolean", "description": "Start the application once deployed.\n" }, "timeouts": { "$ref": "#/types/aws:m2/DeploymentTimeouts:DeploymentTimeouts" } }, "required": [ "applicationId", "applicationVersion", "deploymentId", "environmentId", "start" ], "inputProperties": { "applicationId": { "type": "string", "description": "Application to deploy.\n" }, "applicationVersion": { "type": "integer", "description": "Version to application to deploy\n" }, "environmentId": { "type": "string", "description": "Environment to deploy application to.\n" }, "forceStop": { "type": "boolean" }, "start": { "type": "boolean", "description": "Start the application once deployed.\n" }, "timeouts": { "$ref": "#/types/aws:m2/DeploymentTimeouts:DeploymentTimeouts" } }, "requiredInputs": [ "applicationId", "applicationVersion", "environmentId", "start" ], "stateInputs": { "description": "Input properties used for looking up and filtering Deployment resources.\n", "properties": { "applicationId": { "type": "string", "description": "Application to deploy.\n" }, "applicationVersion": { "type": "integer", "description": "Version to application to deploy\n" }, "deploymentId": { "type": "string" }, "environmentId": { "type": "string", "description": "Environment to deploy application to.\n" }, "forceStop": { "type": "boolean" }, "start": { "type": "boolean", "description": "Start the application once deployed.\n" }, "timeouts": { "$ref": "#/types/aws:m2/DeploymentTimeouts:DeploymentTimeouts" } }, "type": "object" } }, "aws:m2/environment:Environment": { "description": "Resource for managing an [AWS Mainframe Modernization Environment](https://docs.aws.amazon.com/m2/latest/userguide/environments-m2.html).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:m2:Environment\n properties:\n name: test-env\n engineType: bluage\n instanceType: M2.m5.large\n securityGroups:\n - sg-01234567890abcdef\n subnetIds:\n - subnet-01234567890abcdef\n - subnet-01234567890abcdea\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### High Availability\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:m2:Environment\n properties:\n name: test-env\n engineType: bluage\n instanceType: M2.m5.large\n securityGroups:\n - sg-01234567890abcdef\n subnetIds:\n - subnet-01234567890abcdef\n - subnet-01234567890abcdea\n highAvailabilityConfig:\n desiredCapacity: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EFS Filesystem\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:m2:Environment\n properties:\n name: test-env\n engineType: bluage\n instanceType: M2.m5.large\n securityGroups:\n - sg-01234567890abcdef\n subnetIds:\n - subnet-01234567890abcdef\n - subnet-01234567890abcdea\n storageConfiguration:\n efs:\n fileSystemId: fs-01234567890abcdef\n mountPoint: /m2/mount/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### FSX Filesystem\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n test:\n type: aws:m2:Environment\n properties:\n name: test-env\n engineType: bluage\n instanceType: M2.m5.large\n securityGroups:\n - sg-01234567890abcdef\n subnetIds:\n - subnet-01234567890abcdef\n - subnet-01234567890abcdea\n storageConfiguration:\n fsx:\n fileSystemId: fs-01234567890abcdef\n mountPoint: /m2/mount/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Mainframe Modernization Environment using the `01234567890abcdef012345678`. For example:\n\n```sh\n$ pulumi import aws:m2/environment:Environment example 01234567890abcdef012345678\n```\n", "properties": { "applyChangesDuringMaintenanceWindow": { "type": "boolean" }, "arn": { "type": "string", "description": "ARN of the Environment.\n" }, "description": { "type": "string" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus` or `bluage`.\n" }, "engineVersion": { "type": "string", "description": "The specific version of the engine for the Environment.\n" }, "environmentId": { "type": "string", "description": "The id of the Environment.\n" }, "forceUpdate": { "type": "boolean", "description": "Force update the environment even if applications are running.\n" }, "highAvailabilityConfig": { "$ref": "#/types/aws:m2/EnvironmentHighAvailabilityConfig:EnvironmentHighAvailabilityConfig" }, "instanceType": { "type": "string", "description": "M2 Instance Type.\n\nThe following arguments are optional:\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS key to use for the Environment.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer created by the Environment.\n" }, "name": { "type": "string", "description": "Name of the runtime environment. Must be unique within the account.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. If not provided a random value will be used.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Allow applications deployed to this environment to be publicly accessible.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group ids.\n" }, "storageConfiguration": { "$ref": "#/types/aws:m2/EnvironmentStorageConfiguration:EnvironmentStorageConfiguration" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet ids to deploy environment to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:m2/EnvironmentTimeouts:EnvironmentTimeouts" } }, "required": [ "arn", "engineType", "engineVersion", "environmentId", "instanceType", "loadBalancerArn", "name", "preferredMaintenanceWindow", "publiclyAccessible", "securityGroupIds", "subnetIds", "tagsAll" ], "inputProperties": { "applyChangesDuringMaintenanceWindow": { "type": "boolean" }, "description": { "type": "string" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus` or `bluage`.\n" }, "engineVersion": { "type": "string", "description": "The specific version of the engine for the Environment.\n" }, "forceUpdate": { "type": "boolean", "description": "Force update the environment even if applications are running.\n" }, "highAvailabilityConfig": { "$ref": "#/types/aws:m2/EnvironmentHighAvailabilityConfig:EnvironmentHighAvailabilityConfig" }, "instanceType": { "type": "string", "description": "M2 Instance Type.\n\nThe following arguments are optional:\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS key to use for the Environment.\n" }, "name": { "type": "string", "description": "Name of the runtime environment. Must be unique within the account.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. If not provided a random value will be used.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Allow applications deployed to this environment to be publicly accessible.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group ids.\n" }, "storageConfiguration": { "$ref": "#/types/aws:m2/EnvironmentStorageConfiguration:EnvironmentStorageConfiguration" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet ids to deploy environment to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:m2/EnvironmentTimeouts:EnvironmentTimeouts" } }, "requiredInputs": [ "engineType", "instanceType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Environment resources.\n", "properties": { "applyChangesDuringMaintenanceWindow": { "type": "boolean" }, "arn": { "type": "string", "description": "ARN of the Environment.\n" }, "description": { "type": "string" }, "engineType": { "type": "string", "description": "Engine type must be `microfocus` or `bluage`.\n" }, "engineVersion": { "type": "string", "description": "The specific version of the engine for the Environment.\n" }, "environmentId": { "type": "string", "description": "The id of the Environment.\n" }, "forceUpdate": { "type": "boolean", "description": "Force update the environment even if applications are running.\n" }, "highAvailabilityConfig": { "$ref": "#/types/aws:m2/EnvironmentHighAvailabilityConfig:EnvironmentHighAvailabilityConfig" }, "instanceType": { "type": "string", "description": "M2 Instance Type.\n\nThe following arguments are optional:\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS key to use for the Environment.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer created by the Environment.\n" }, "name": { "type": "string", "description": "Name of the runtime environment. Must be unique within the account.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. If not provided a random value will be used.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Allow applications deployed to this environment to be publicly accessible.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of security group ids.\n" }, "storageConfiguration": { "$ref": "#/types/aws:m2/EnvironmentStorageConfiguration:EnvironmentStorageConfiguration" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet ids to deploy environment to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the place index. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:m2/EnvironmentTimeouts:EnvironmentTimeouts" } }, "type": "object" } }, "aws:macie/customDataIdentifier:CustomDataIdentifier": { "description": "Provides a resource to manage an [AWS Macie Custom Data Identifier](https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleCustomDataIdentifier = new aws.macie.CustomDataIdentifier(\"example\", {\n name: \"NAME OF CUSTOM DATA IDENTIFIER\",\n regex: \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description: \"DESCRIPTION\",\n maximumMatchDistance: 10,\n keywords: [\"keyword\"],\n ignoreWords: [\"ignore\"],\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_custom_data_identifier = aws.macie.CustomDataIdentifier(\"example\",\n name=\"NAME OF CUSTOM DATA IDENTIFIER\",\n regex=\"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description=\"DESCRIPTION\",\n maximum_match_distance=10,\n keywords=[\"keyword\"],\n ignore_words=[\"ignore\"],\n opts = pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleCustomDataIdentifier = new Aws.Macie.CustomDataIdentifier(\"example\", new()\n {\n Name = \"NAME OF CUSTOM DATA IDENTIFIER\",\n Regex = \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n Description = \"DESCRIPTION\",\n MaximumMatchDistance = 10,\n Keywords = new[]\n {\n \"keyword\",\n },\n IgnoreWords = new[]\n {\n \"ignore\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewCustomDataIdentifier(ctx, \"example\", \u0026macie.CustomDataIdentifierArgs{\n\t\t\tName: pulumi.String(\"NAME OF CUSTOM DATA IDENTIFIER\"),\n\t\t\tRegex: pulumi.String(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tMaximumMatchDistance: pulumi.Int(10),\n\t\t\tKeywords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"keyword\"),\n\t\t\t},\n\t\t\tIgnoreWords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ignore\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.CustomDataIdentifier;\nimport com.pulumi.aws.macie.CustomDataIdentifierArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleCustomDataIdentifier = new CustomDataIdentifier(\"exampleCustomDataIdentifier\", CustomDataIdentifierArgs.builder()\n .name(\"NAME OF CUSTOM DATA IDENTIFIER\")\n .regex(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\")\n .description(\"DESCRIPTION\")\n .maximumMatchDistance(10)\n .keywords(\"keyword\")\n .ignoreWords(\"ignore\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleCustomDataIdentifier:\n type: aws:macie:CustomDataIdentifier\n name: example\n properties:\n name: NAME OF CUSTOM DATA IDENTIFIER\n regex: '[0-9]{3}-[0-9]{2}-[0-9]{4}'\n description: DESCRIPTION\n maximumMatchDistance: 10\n keywords:\n - keyword\n ignoreWords:\n - ignore\n options:\n dependson:\n - ${test}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_custom_data_identifier` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/customDataIdentifier:CustomDataIdentifier example abcd1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom data identifier.\n" }, "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.\n" }, "description": { "type": "string", "description": "A custom description of the custom data identifier. The description can contain as many as 512 characters.\n" }, "ignoreWords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters. Ignore words are case sensitive.\n" }, "keywords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (keywords), one of which must be within proximity (`maximum_match_distance`) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 3 - 90 characters. Keywords aren't case sensitive.\n" }, "maximumMatchDistance": { "type": "integer", "description": "The maximum number of characters that can exist between text that matches the regex pattern and the character sequences specified by the keywords array. Macie includes or excludes a result based on the proximity of a keyword to text that matches the regex pattern. The distance can be 1 - 300 characters. The default value is 50.\n" }, "name": { "type": "string", "description": "A custom name for the custom data identifier. The name can contain as many as 128 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "regex": { "type": "string", "description": "The regular expression (regex) that defines the pattern to match. The expression can contain as many as 512 characters.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the custom data identifier.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdAt", "maximumMatchDistance", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A custom description of the custom data identifier. The description can contain as many as 512 characters.\n", "willReplaceOnChanges": true }, "ignoreWords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters. Ignore words are case sensitive.\n", "willReplaceOnChanges": true }, "keywords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (keywords), one of which must be within proximity (`maximum_match_distance`) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 3 - 90 characters. Keywords aren't case sensitive.\n", "willReplaceOnChanges": true }, "maximumMatchDistance": { "type": "integer", "description": "The maximum number of characters that can exist between text that matches the regex pattern and the character sequences specified by the keywords array. Macie includes or excludes a result based on the proximity of a keyword to text that matches the regex pattern. The distance can be 1 - 300 characters. The default value is 50.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A custom name for the custom data identifier. The name can contain as many as 128 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "regex": { "type": "string", "description": "The regular expression (regex) that defines the pattern to match. The expression can contain as many as 512 characters.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the custom data identifier.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering CustomDataIdentifier resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the custom data identifier.\n" }, "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.\n" }, "description": { "type": "string", "description": "A custom description of the custom data identifier. The description can contain as many as 512 characters.\n", "willReplaceOnChanges": true }, "ignoreWords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters. Ignore words are case sensitive.\n", "willReplaceOnChanges": true }, "keywords": { "type": "array", "items": { "type": "string" }, "description": "An array that lists specific character sequences (keywords), one of which must be within proximity (`maximum_match_distance`) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 3 - 90 characters. Keywords aren't case sensitive.\n", "willReplaceOnChanges": true }, "maximumMatchDistance": { "type": "integer", "description": "The maximum number of characters that can exist between text that matches the regex pattern and the character sequences specified by the keywords array. Macie includes or excludes a result based on the proximity of a keyword to text that matches the regex pattern. The distance can be 1 - 300 characters. The default value is 50.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A custom name for the custom data identifier. The name can contain as many as 128 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "regex": { "type": "string", "description": "The regular expression (regex) that defines the pattern to match. The expression can contain as many as 512 characters.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the custom data identifier.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:macie/findingsFilter:FindingsFilter": { "description": "Provides a resource to manage an [Amazon Macie Findings Filter](https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst test = new aws.macie.FindingsFilter(\"test\", {\n name: \"NAME OF THE FINDINGS FILTER\",\n description: \"DESCRIPTION\",\n position: 1,\n action: \"ARCHIVE\",\n findingCriteria: {\n criterions: [{\n field: \"region\",\n eqs: [current.name],\n }],\n },\n}, {\n dependsOn: [testAwsMacie2Account],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\ntest = aws.macie.FindingsFilter(\"test\",\n name=\"NAME OF THE FINDINGS FILTER\",\n description=\"DESCRIPTION\",\n position=1,\n action=\"ARCHIVE\",\n finding_criteria={\n \"criterions\": [{\n \"field\": \"region\",\n \"eqs\": [current[\"name\"]],\n }],\n },\n opts = pulumi.ResourceOptions(depends_on=[test_aws_macie2_account]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var test = new Aws.Macie.FindingsFilter(\"test\", new()\n {\n Name = \"NAME OF THE FINDINGS FILTER\",\n Description = \"DESCRIPTION\",\n Position = 1,\n Action = \"ARCHIVE\",\n FindingCriteria = new Aws.Macie.Inputs.FindingsFilterFindingCriteriaArgs\n {\n Criterions = new[]\n {\n new Aws.Macie.Inputs.FindingsFilterFindingCriteriaCriterionArgs\n {\n Field = \"region\",\n Eqs = new[]\n {\n current.Name,\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsMacie2Account,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewFindingsFilter(ctx, \"test\", \u0026macie.FindingsFilterArgs{\n\t\t\tName: pulumi.String(\"NAME OF THE FINDINGS FILTER\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tPosition: pulumi.Int(1),\n\t\t\tAction: pulumi.String(\"ARCHIVE\"),\n\t\t\tFindingCriteria: \u0026macie.FindingsFilterFindingCriteriaArgs{\n\t\t\t\tCriterions: macie.FindingsFilterFindingCriteriaCriterionArray{\n\t\t\t\t\t\u0026macie.FindingsFilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"region\"),\n\t\t\t\t\t\tEqs: pulumi.StringArray{\n\t\t\t\t\t\t\tcurrent.Name,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsMacie2Account,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.FindingsFilter;\nimport com.pulumi.aws.macie.FindingsFilterArgs;\nimport com.pulumi.aws.macie.inputs.FindingsFilterFindingCriteriaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var test = new FindingsFilter(\"test\", FindingsFilterArgs.builder()\n .name(\"NAME OF THE FINDINGS FILTER\")\n .description(\"DESCRIPTION\")\n .position(1)\n .action(\"ARCHIVE\")\n .findingCriteria(FindingsFilterFindingCriteriaArgs.builder()\n .criterions(FindingsFilterFindingCriteriaCriterionArgs.builder()\n .field(\"region\")\n .eqs(current.name())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsMacie2Account)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n test:\n type: aws:macie:FindingsFilter\n properties:\n name: NAME OF THE FINDINGS FILTER\n description: DESCRIPTION\n position: 1\n action: ARCHIVE\n findingCriteria:\n criterions:\n - field: region\n eqs:\n - ${current.name}\n options:\n dependson:\n - ${testAwsMacie2Account}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_findings_filter` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/findingsFilter:FindingsFilter example abcd1\n```\n", "properties": { "action": { "type": "string", "description": "The action to perform on findings that meet the filter criteria (`finding_criteria`). Valid values are: `ARCHIVE`, suppress (automatically archive) the findings; and, `NOOP`, don't perform any action on the findings.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Findings Filter.\n" }, "description": { "type": "string", "description": "A custom description of the filter. The description can contain as many as 512 characters.\n" }, "findingCriteria": { "$ref": "#/types/aws:macie/FindingsFilterFindingCriteria:FindingsFilterFindingCriteria", "description": "The criteria to use to filter findings.\n" }, "name": { "type": "string", "description": "A custom name for the filter. The name must contain at least 3 characters and can contain as many as 64 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "position": { "type": "integer", "description": "The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the filter.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "action", "arn", "findingCriteria", "name", "namePrefix", "position", "tagsAll" ], "inputProperties": { "action": { "type": "string", "description": "The action to perform on findings that meet the filter criteria (`finding_criteria`). Valid values are: `ARCHIVE`, suppress (automatically archive) the findings; and, `NOOP`, don't perform any action on the findings.\n" }, "description": { "type": "string", "description": "A custom description of the filter. The description can contain as many as 512 characters.\n" }, "findingCriteria": { "$ref": "#/types/aws:macie/FindingsFilterFindingCriteria:FindingsFilterFindingCriteria", "description": "The criteria to use to filter findings.\n" }, "name": { "type": "string", "description": "A custom name for the filter. The name must contain at least 3 characters and can contain as many as 64 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "position": { "type": "integer", "description": "The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the filter.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "action", "findingCriteria" ], "stateInputs": { "description": "Input properties used for looking up and filtering FindingsFilter resources.\n", "properties": { "action": { "type": "string", "description": "The action to perform on findings that meet the filter criteria (`finding_criteria`). Valid values are: `ARCHIVE`, suppress (automatically archive) the findings; and, `NOOP`, don't perform any action on the findings.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Findings Filter.\n" }, "description": { "type": "string", "description": "A custom description of the filter. The description can contain as many as 512 characters.\n" }, "findingCriteria": { "$ref": "#/types/aws:macie/FindingsFilterFindingCriteria:FindingsFilterFindingCriteria", "description": "The criteria to use to filter findings.\n" }, "name": { "type": "string", "description": "A custom name for the filter. The name must contain at least 3 characters and can contain as many as 64 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "position": { "type": "integer", "description": "The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the filter.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:macie2/account:Account": { "description": "Provides a resource to manage an [AWS Macie Account](https://docs.aws.amazon.com/macie/latest/APIReference/macie.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.macie2.Account(\"test\", {\n findingPublishingFrequency: \"FIFTEEN_MINUTES\",\n status: \"ENABLED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.macie2.Account(\"test\",\n finding_publishing_frequency=\"FIFTEEN_MINUTES\",\n status=\"ENABLED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Macie2.Account(\"test\", new()\n {\n FindingPublishingFrequency = \"FIFTEEN_MINUTES\",\n Status = \"ENABLED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"test\", \u0026macie2.AccountArgs{\n\t\t\tFindingPublishingFrequency: pulumi.String(\"FIFTEEN_MINUTES\"),\n\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.AccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Account(\"test\", AccountArgs.builder()\n .findingPublishingFrequency(\"FIFTEEN_MINUTES\")\n .status(\"ENABLED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:macie2:Account\n properties:\n findingPublishingFrequency: FIFTEEN_MINUTES\n status: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_account` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/account:Account example abcd1\n```\n", "properties": { "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are `FIFTEEN_MINUTES`, `ONE_HOUR` or `SIX_HOURS`.\n" }, "serviceRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the service-linked role that allows Macie to monitor and analyze data in AWS resources for the account.\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" }, "updatedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the Macie account.\n" } }, "required": [ "createdAt", "findingPublishingFrequency", "serviceRole", "status", "updatedAt" ], "inputProperties": { "findingPublishingFrequency": { "type": "string", "description": "Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are `FIFTEEN_MINUTES`, `ONE_HOUR` or `SIX_HOURS`.\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.\n" }, "findingPublishingFrequency": { "type": "string", "description": "Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are `FIFTEEN_MINUTES`, `ONE_HOUR` or `SIX_HOURS`.\n" }, "serviceRole": { "type": "string", "description": "The Amazon Resource Name (ARN) of the service-linked role that allows Macie to monitor and analyze data in AWS resources for the account.\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" }, "updatedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the Macie account.\n" } }, "type": "object" } }, "aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration": { "description": "Provides a resource to manage an [Amazon Macie Classification Export Configuration](https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleClassificationExportConfiguration = new aws.macie2.ClassificationExportConfiguration(\"example\", {s3Destination: {\n bucketName: exampleAwsS3Bucket.bucket,\n keyPrefix: \"exampleprefix/\",\n kmsKeyArn: exampleAwsKmsKey.arn,\n}}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_classification_export_configuration = aws.macie2.ClassificationExportConfiguration(\"example\", s3_destination={\n \"bucket_name\": example_aws_s3_bucket[\"bucket\"],\n \"key_prefix\": \"exampleprefix/\",\n \"kms_key_arn\": example_aws_kms_key[\"arn\"],\n},\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleClassificationExportConfiguration = new Aws.Macie2.ClassificationExportConfiguration(\"example\", new()\n {\n S3Destination = new Aws.Macie2.Inputs.ClassificationExportConfigurationS3DestinationArgs\n {\n BucketName = exampleAwsS3Bucket.Bucket,\n KeyPrefix = \"exampleprefix/\",\n KmsKeyArn = exampleAwsKmsKey.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationExportConfiguration(ctx, \"example\", \u0026macie2.ClassificationExportConfigurationArgs{\n\t\t\tS3Destination: \u0026macie2.ClassificationExportConfigurationS3DestinationArgs{\n\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\tKeyPrefix: pulumi.String(\"exampleprefix/\"),\n\t\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationExportConfiguration;\nimport com.pulumi.aws.macie2.ClassificationExportConfigurationArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationExportConfigurationS3DestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleClassificationExportConfiguration = new ClassificationExportConfiguration(\"exampleClassificationExportConfiguration\", ClassificationExportConfigurationArgs.builder()\n .s3Destination(ClassificationExportConfigurationS3DestinationArgs.builder()\n .bucketName(exampleAwsS3Bucket.bucket())\n .keyPrefix(\"exampleprefix/\")\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleClassificationExportConfiguration:\n type: aws:macie2:ClassificationExportConfiguration\n name: example\n properties:\n s3Destination:\n bucketName: ${exampleAwsS3Bucket.bucket}\n keyPrefix: exampleprefix/\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_export_configuration` using the account ID and region. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration example 123456789012:us-west-2\n```\n", "properties": { "s3Destination": { "$ref": "#/types/aws:macie2/ClassificationExportConfigurationS3Destination:ClassificationExportConfigurationS3Destination", "description": "Configuration block for a S3 Destination. Defined below\n" } }, "inputProperties": { "s3Destination": { "$ref": "#/types/aws:macie2/ClassificationExportConfigurationS3Destination:ClassificationExportConfigurationS3Destination", "description": "Configuration block for a S3 Destination. Defined below\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ClassificationExportConfiguration resources.\n", "properties": { "s3Destination": { "$ref": "#/types/aws:macie2/ClassificationExportConfigurationS3Destination:ClassificationExportConfigurationS3Destination", "description": "Configuration block for a S3 Destination. Defined below\n" } }, "type": "object" } }, "aws:macie2/classificationJob:ClassificationJob": { "description": "Provides a resource to manage an [AWS Macie Classification Job](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.macie2.Account(\"test\", {});\nconst testClassificationJob = new aws.macie2.ClassificationJob(\"test\", {\n jobType: \"ONE_TIME\",\n name: \"NAME OF THE CLASSIFICATION JOB\",\n s3JobDefinition: {\n bucketDefinitions: [{\n accountId: \"ACCOUNT ID\",\n buckets: [\"S3 BUCKET NAME\"],\n }],\n },\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.macie2.Account(\"test\")\ntest_classification_job = aws.macie2.ClassificationJob(\"test\",\n job_type=\"ONE_TIME\",\n name=\"NAME OF THE CLASSIFICATION JOB\",\n s3_job_definition={\n \"bucket_definitions\": [{\n \"account_id\": \"ACCOUNT ID\",\n \"buckets\": [\"S3 BUCKET NAME\"],\n }],\n },\n opts = pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Macie2.Account(\"test\");\n\n var testClassificationJob = new Aws.Macie2.ClassificationJob(\"test\", new()\n {\n JobType = \"ONE_TIME\",\n Name = \"NAME OF THE CLASSIFICATION JOB\",\n S3JobDefinition = new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionArgs\n {\n BucketDefinitions = new[]\n {\n new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionBucketDefinitionArgs\n {\n AccountId = \"ACCOUNT ID\",\n Buckets = new[]\n {\n \"S3 BUCKET NAME\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := macie2.NewAccount(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationJob(ctx, \"test\", \u0026macie2.ClassificationJobArgs{\n\t\t\tJobType: pulumi.String(\"ONE_TIME\"),\n\t\t\tName: pulumi.String(\"NAME OF THE CLASSIFICATION JOB\"),\n\t\t\tS3JobDefinition: \u0026macie2.ClassificationJobS3JobDefinitionArgs{\n\t\t\t\tBucketDefinitions: macie2.ClassificationJobS3JobDefinitionBucketDefinitionArray{\n\t\t\t\t\t\u0026macie2.ClassificationJobS3JobDefinitionBucketDefinitionArgs{\n\t\t\t\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\t\t\t\tBuckets: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"S3 BUCKET NAME\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationJob;\nimport com.pulumi.aws.macie2.ClassificationJobArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationJobS3JobDefinitionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Account(\"test\");\n\n var testClassificationJob = new ClassificationJob(\"testClassificationJob\", ClassificationJobArgs.builder()\n .jobType(\"ONE_TIME\")\n .name(\"NAME OF THE CLASSIFICATION JOB\")\n .s3JobDefinition(ClassificationJobS3JobDefinitionArgs.builder()\n .bucketDefinitions(ClassificationJobS3JobDefinitionBucketDefinitionArgs.builder()\n .accountId(\"ACCOUNT ID\")\n .buckets(\"S3 BUCKET NAME\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:macie2:Account\n testClassificationJob:\n type: aws:macie2:ClassificationJob\n name: test\n properties:\n jobType: ONE_TIME\n name: NAME OF THE CLASSIFICATION JOB\n s3JobDefinition:\n bucketDefinitions:\n - accountId: ACCOUNT ID\n buckets:\n - S3 BUCKET NAME\n options:\n dependson:\n - ${test}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_job` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationJob:ClassificationJob example abcd1\n```\n", "properties": { "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the job was created.\n" }, "customDataIdentifierIds": { "type": "array", "items": { "type": "string" }, "description": "The custom data identifiers to use for data analysis and classification.\n" }, "description": { "type": "string", "description": "A custom description of the job. The description can contain as many as 200 characters.\n" }, "initialRun": { "type": "boolean", "description": "Specifies whether to analyze all existing, eligible objects immediately after the job is created.\n" }, "jobArn": { "type": "string" }, "jobId": { "type": "string" }, "jobStatus": { "type": "string", "description": "The status for the job. Valid values are: `CANCELLED`, `RUNNING` and `USER_PAUSED`\n" }, "jobType": { "type": "string", "description": "The schedule for running the job. Valid values are: `ONE_TIME` - Run the job only once. If you specify this value, don't specify a value for the `schedule_frequency` property. `SCHEDULED` - Run the job on a daily, weekly, or monthly basis. If you specify this value, use the `schedule_frequency` property to define the recurrence pattern for the job.\n" }, "name": { "type": "string", "description": "A custom name for the job. The name can contain as many as 500 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "s3JobDefinition": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinition:ClassificationJobS3JobDefinition", "description": "The S3 buckets that contain the objects to analyze, and the scope of that analysis. (documented below)\n" }, "samplingPercentage": { "type": "integer", "description": "The sampling depth, as a percentage, to apply when processing objects. This value determines the percentage of eligible objects that the job analyzes. If this value is less than 100, Amazon Macie selects the objects to analyze at random, up to the specified percentage, and analyzes all the data in those objects.\n" }, "scheduleFrequency": { "$ref": "#/types/aws:macie2/ClassificationJobScheduleFrequency:ClassificationJobScheduleFrequency", "description": "The recurrence pattern for running the job. To run the job only once, don't specify a value for this property and set the value for the `job_type` property to `ONE_TIME`. (documented below)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the job. A job can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "userPausedDetails": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobUserPausedDetail:ClassificationJobUserPausedDetail" }, "description": "If the current status of the job is `USER_PAUSED`, specifies when the job was paused and when the job or job run will expire and be canceled if it isn't resumed. This value is present only if the value for `job-status` is `USER_PAUSED`.\n" } }, "required": [ "createdAt", "customDataIdentifierIds", "description", "jobArn", "jobId", "jobStatus", "jobType", "name", "namePrefix", "s3JobDefinition", "samplingPercentage", "scheduleFrequency", "tagsAll", "userPausedDetails" ], "inputProperties": { "customDataIdentifierIds": { "type": "array", "items": { "type": "string" }, "description": "The custom data identifiers to use for data analysis and classification.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A custom description of the job. The description can contain as many as 200 characters.\n", "willReplaceOnChanges": true }, "initialRun": { "type": "boolean", "description": "Specifies whether to analyze all existing, eligible objects immediately after the job is created.\n", "willReplaceOnChanges": true }, "jobStatus": { "type": "string", "description": "The status for the job. Valid values are: `CANCELLED`, `RUNNING` and `USER_PAUSED`\n" }, "jobType": { "type": "string", "description": "The schedule for running the job. Valid values are: `ONE_TIME` - Run the job only once. If you specify this value, don't specify a value for the `schedule_frequency` property. `SCHEDULED` - Run the job on a daily, weekly, or monthly basis. If you specify this value, use the `schedule_frequency` property to define the recurrence pattern for the job.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A custom name for the job. The name can contain as many as 500 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "s3JobDefinition": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinition:ClassificationJobS3JobDefinition", "description": "The S3 buckets that contain the objects to analyze, and the scope of that analysis. (documented below)\n", "willReplaceOnChanges": true }, "samplingPercentage": { "type": "integer", "description": "The sampling depth, as a percentage, to apply when processing objects. This value determines the percentage of eligible objects that the job analyzes. If this value is less than 100, Amazon Macie selects the objects to analyze at random, up to the specified percentage, and analyzes all the data in those objects.\n", "willReplaceOnChanges": true }, "scheduleFrequency": { "$ref": "#/types/aws:macie2/ClassificationJobScheduleFrequency:ClassificationJobScheduleFrequency", "description": "The recurrence pattern for running the job. To run the job only once, don't specify a value for this property and set the value for the `job_type` property to `ONE_TIME`. (documented below)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the job. A job can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "jobType", "s3JobDefinition" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClassificationJob resources.\n", "properties": { "createdAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when the job was created.\n" }, "customDataIdentifierIds": { "type": "array", "items": { "type": "string" }, "description": "The custom data identifiers to use for data analysis and classification.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A custom description of the job. The description can contain as many as 200 characters.\n", "willReplaceOnChanges": true }, "initialRun": { "type": "boolean", "description": "Specifies whether to analyze all existing, eligible objects immediately after the job is created.\n", "willReplaceOnChanges": true }, "jobArn": { "type": "string" }, "jobId": { "type": "string" }, "jobStatus": { "type": "string", "description": "The status for the job. Valid values are: `CANCELLED`, `RUNNING` and `USER_PAUSED`\n" }, "jobType": { "type": "string", "description": "The schedule for running the job. Valid values are: `ONE_TIME` - Run the job only once. If you specify this value, don't specify a value for the `schedule_frequency` property. `SCHEDULED` - Run the job on a daily, weekly, or monthly basis. If you specify this value, use the `schedule_frequency` property to define the recurrence pattern for the job.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A custom name for the job. The name can contain as many as 500 characters. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "s3JobDefinition": { "$ref": "#/types/aws:macie2/ClassificationJobS3JobDefinition:ClassificationJobS3JobDefinition", "description": "The S3 buckets that contain the objects to analyze, and the scope of that analysis. (documented below)\n", "willReplaceOnChanges": true }, "samplingPercentage": { "type": "integer", "description": "The sampling depth, as a percentage, to apply when processing objects. This value determines the percentage of eligible objects that the job analyzes. If this value is less than 100, Amazon Macie selects the objects to analyze at random, up to the specified percentage, and analyzes all the data in those objects.\n", "willReplaceOnChanges": true }, "scheduleFrequency": { "$ref": "#/types/aws:macie2/ClassificationJobScheduleFrequency:ClassificationJobScheduleFrequency", "description": "The recurrence pattern for running the job. To run the job only once, don't specify a value for this property and set the value for the `job_type` property to `ONE_TIME`. (documented below)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the job. A job can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true }, "userPausedDetails": { "type": "array", "items": { "$ref": "#/types/aws:macie2/ClassificationJobUserPausedDetail:ClassificationJobUserPausedDetail" }, "description": "If the current status of the job is `USER_PAUSED`, specifies when the job was paused and when the job or job run will expire and be canceled if it isn't resumed. This value is present only if the value for `job-status` is `USER_PAUSED`.\n" } }, "type": "object" } }, "aws:macie2/invitationAccepter:InvitationAccepter": { "description": "Provides a resource to manage an [Amazon Macie Invitation Accepter](https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.macie2.Account(\"primary\", {});\nconst member = new aws.macie2.Account(\"member\", {});\nconst primaryMember = new aws.macie2.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invite\",\n}, {\n dependsOn: [primary],\n});\nconst memberInvitationAccepter = new aws.macie2.InvitationAccepter(\"member\", {administratorAccountId: \"ADMINISTRATOR ACCOUNT ID\"}, {\n dependsOn: [primaryMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.macie2.Account(\"primary\")\nmember = aws.macie2.Account(\"member\")\nprimary_member = aws.macie2.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invite\",\n opts = pulumi.ResourceOptions(depends_on=[primary]))\nmember_invitation_accepter = aws.macie2.InvitationAccepter(\"member\", administrator_account_id=\"ADMINISTRATOR ACCOUNT ID\",\nopts = pulumi.ResourceOptions(depends_on=[primary_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Macie2.Account(\"primary\");\n\n var member = new Aws.Macie2.Account(\"member\");\n\n var primaryMember = new Aws.Macie2.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invite\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primary,\n },\n });\n\n var memberInvitationAccepter = new Aws.Macie2.InvitationAccepter(\"member\", new()\n {\n AdministratorAccountId = \"ADMINISTRATOR ACCOUNT ID\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryMember,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := macie2.NewAccount(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewAccount(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryMember, err := macie2.NewMember(ctx, \"primary\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invite\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewInvitationAccepter(ctx, \"member\", \u0026macie2.InvitationAccepterArgs{\n\t\t\tAdministratorAccountId: pulumi.String(\"ADMINISTRATOR ACCOUNT ID\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport com.pulumi.aws.macie2.InvitationAccepter;\nimport com.pulumi.aws.macie2.InvitationAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Account(\"primary\");\n\n var member = new Account(\"member\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder()\n .accountId(\"ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invite\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primary)\n .build());\n\n var memberInvitationAccepter = new InvitationAccepter(\"memberInvitationAccepter\", InvitationAccepterArgs.builder()\n .administratorAccountId(\"ADMINISTRATOR ACCOUNT ID\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:macie2:Account\n member:\n type: aws:macie2:Account\n primaryMember:\n type: aws:macie2:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invite\n options:\n dependson:\n - ${primary}\n memberInvitationAccepter:\n type: aws:macie2:InvitationAccepter\n name: member\n properties:\n administratorAccountId: ADMINISTRATOR ACCOUNT ID\n options:\n dependson:\n - ${primaryMember}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_invitation_accepter` using the admin account ID. For example:\n\n```sh\n$ pulumi import aws:macie2/invitationAccepter:InvitationAccepter example 123456789012\n```\n", "properties": { "administratorAccountId": { "type": "string", "description": "The AWS account ID for the account that sent the invitation.\n" }, "invitationId": { "type": "string", "description": "The unique identifier for the invitation.\n" } }, "required": [ "administratorAccountId", "invitationId" ], "inputProperties": { "administratorAccountId": { "type": "string", "description": "The AWS account ID for the account that sent the invitation.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "administratorAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InvitationAccepter resources.\n", "properties": { "administratorAccountId": { "type": "string", "description": "The AWS account ID for the account that sent the invitation.\n", "willReplaceOnChanges": true }, "invitationId": { "type": "string", "description": "The unique identifier for the invitation.\n" } }, "type": "object" } }, "aws:macie2/member:Member": { "description": "Provides a resource to manage an [Amazon Macie Member](https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleMember = new aws.macie2.Member(\"example\", {\n accountId: \"AWS ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invitation\",\n invitationDisableEmailNotification: true,\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_member = aws.macie2.Member(\"example\",\n account_id=\"AWS ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invitation\",\n invitation_disable_email_notification=True,\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleMember = new Aws.Macie2.Member(\"example\", new()\n {\n AccountId = \"AWS ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invitation\",\n InvitationDisableEmailNotification = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewMember(ctx, \"example\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"AWS ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invitation\"),\n\t\t\tInvitationDisableEmailNotification: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder()\n .accountId(\"AWS ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invitation\")\n .invitationDisableEmailNotification(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleMember:\n type: aws:macie2:Member\n name: example\n properties:\n accountId: AWS ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invitation\n invitationDisableEmailNotification: true\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_member` using the account ID of the member account. For example:\n\n```sh\n$ pulumi import aws:macie2/member:Member example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the account.\n" }, "administratorAccountId": { "type": "string", "description": "The AWS account ID for the administrator account.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account.\n" }, "email": { "type": "string", "description": "The email address for the account.\n" }, "invitationDisableEmailNotification": { "type": "boolean", "description": "Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to `true`.\n" }, "invitationMessage": { "type": "string", "description": "A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.\n" }, "invite": { "type": "boolean", "description": "Send an invitation to a member\n" }, "invitedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when an Amazon Macie membership invitation was last sent to the account. This value is null if a Macie invitation hasn't been sent to the account.\n" }, "masterAccountId": { "type": "string" }, "relationshipStatus": { "type": "string", "description": "The current status of the relationship between the account and the administrator account.\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "updatedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the relationship between the account and the administrator account.\n" } }, "required": [ "accountId", "administratorAccountId", "arn", "email", "invite", "invitedAt", "masterAccountId", "relationshipStatus", "status", "tagsAll", "updatedAt" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the account.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The email address for the account.\n", "willReplaceOnChanges": true }, "invitationDisableEmailNotification": { "type": "boolean", "description": "Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to `true`.\n" }, "invitationMessage": { "type": "string", "description": "A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.\n" }, "invite": { "type": "boolean", "description": "Send an invitation to a member\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId", "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the account.\n", "willReplaceOnChanges": true }, "administratorAccountId": { "type": "string", "description": "The AWS account ID for the administrator account.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account.\n" }, "email": { "type": "string", "description": "The email address for the account.\n", "willReplaceOnChanges": true }, "invitationDisableEmailNotification": { "type": "boolean", "description": "Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to `true`.\n" }, "invitationMessage": { "type": "string", "description": "A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.\n" }, "invite": { "type": "boolean", "description": "Send an invitation to a member\n" }, "invitedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, when an Amazon Macie membership invitation was last sent to the account. This value is null if a Macie invitation hasn't been sent to the account.\n" }, "masterAccountId": { "type": "string" }, "relationshipStatus": { "type": "string", "description": "The current status of the relationship between the account and the administrator account.\n" }, "status": { "type": "string", "description": "Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to `ENABLED`. Valid values are `ENABLED` or `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true }, "updatedAt": { "type": "string", "description": "The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the relationship between the account and the administrator account.\n" } }, "type": "object" } }, "aws:macie2/organizationAdminAccount:OrganizationAdminAccount": { "description": "Provides a resource to manage an [Amazon Macie Organization Admin Account](https://docs.aws.amazon.com/macie/latest/APIReference/admin.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.macie2.OrganizationAdminAccount(\"example\", {adminAccountId: \"ID OF THE ADMIN ACCOUNT\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_organization_admin_account = aws.macie2.OrganizationAdminAccount(\"example\", admin_account_id=\"ID OF THE ADMIN ACCOUNT\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.Macie2.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"ID OF THE ADMIN ACCOUNT\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewOrganizationAdminAccount(ctx, \"example\", \u0026macie2.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"ID OF THE ADMIN ACCOUNT\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.OrganizationAdminAccount;\nimport com.pulumi.aws.macie2.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder()\n .adminAccountId(\"ID OF THE ADMIN ACCOUNT\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleOrganizationAdminAccount:\n type: aws:macie2:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: ID OF THE ADMIN ACCOUNT\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_organization_admin_account` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/organizationAdminAccount:OrganizationAdminAccount example abcd1\n```\n", "properties": { "adminAccountId": { "type": "string", "description": "The AWS account ID for the account to designate as the delegated Amazon Macie administrator account for the organization.\n" } }, "required": [ "adminAccountId" ], "inputProperties": { "adminAccountId": { "type": "string", "description": "The AWS account ID for the account to designate as the delegated Amazon Macie administrator account for the organization.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "adminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccount resources.\n", "properties": { "adminAccountId": { "type": "string", "description": "The AWS account ID for the account to designate as the delegated Amazon Macie administrator account for the organization.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:mediaconvert/queue:Queue": { "description": "Provides an AWS Elemental MediaConvert Queue.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.mediaconvert.Queue(\"test\", {name: \"tf-test-queue\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.mediaconvert.Queue(\"test\", name=\"tf-test-queue\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.MediaConvert.Queue(\"test\", new()\n {\n Name = \"tf-test-queue\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mediaconvert\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mediaconvert.NewQueue(ctx, \"test\", \u0026mediaconvert.QueueArgs{\n\t\t\tName: pulumi.String(\"tf-test-queue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mediaconvert.Queue;\nimport com.pulumi.aws.mediaconvert.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Queue(\"test\", QueueArgs.builder()\n .name(\"tf-test-queue\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:mediaconvert:Queue\n properties:\n name: tf-test-queue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Media Convert Queue using the queue name. For example:\n\n```sh\n$ pulumi import aws:mediaconvert/queue:Queue test tf-test-queue\n```\n", "properties": { "arn": { "type": "string", "description": "The Arn of the queue\n" }, "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n" }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n" }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "reservationPlanSettings", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n", "willReplaceOnChanges": true }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n", "willReplaceOnChanges": true }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Queue resources.\n", "properties": { "arn": { "type": "string", "description": "The Arn of the queue\n" }, "description": { "type": "string", "description": "A description of the queue\n" }, "name": { "type": "string", "description": "A unique identifier describing the queue\n", "willReplaceOnChanges": true }, "pricingPlan": { "type": "string", "description": "Specifies whether the pricing plan for the queue is on-demand or reserved. Valid values are `ON_DEMAND` or `RESERVED`. Default to `ON_DEMAND`.\n", "willReplaceOnChanges": true }, "reservationPlanSettings": { "$ref": "#/types/aws:mediaconvert/QueueReservationPlanSettings:QueueReservationPlanSettings", "description": "A detail pricing plan of the reserved queue. See below.\n" }, "status": { "type": "string", "description": "A status of the queue. Valid values are `ACTIVE` or `RESERVED`. Default to `PAUSED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:medialive/channel:Channel": { "description": "Resource for managing an AWS MediaLive Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.medialive.Channel(\"example\", {\n name: \"example-channel\",\n channelClass: \"STANDARD\",\n roleArn: exampleAwsIamRole.arn,\n inputSpecification: {\n codec: \"AVC\",\n inputResolution: \"HD\",\n maximumBitrate: \"MAX_20_MBPS\",\n },\n inputAttachments: [{\n inputAttachmentName: \"example-input\",\n inputId: exampleAwsMedialiveInput.id,\n }],\n destinations: [{\n id: \"destination\",\n settings: [\n {\n url: `s3://${main.id}/test1`,\n },\n {\n url: `s3://${main2.id}/test2`,\n },\n ],\n }],\n encoderSettings: {\n timecodeConfig: {\n source: \"EMBEDDED\",\n },\n audioDescriptions: [{\n audioSelectorName: \"example audio selector\",\n name: \"audio-selector\",\n }],\n videoDescriptions: [{\n name: \"example-video\",\n }],\n outputGroups: [{\n outputGroupSettings: {\n archiveGroupSettings: [{\n destination: {\n destinationRefId: \"destination\",\n },\n }],\n },\n outputs: [{\n outputName: \"example-name\",\n videoDescriptionName: \"example-video\",\n audioDescriptionNames: [\"audio-selector\"],\n outputSettings: {\n archiveOutputSettings: {\n nameModifier: \"_1\",\n extension: \"m2ts\",\n containerSettings: {\n m2tsSettings: {\n audioBufferModel: \"ATSC\",\n bufferModel: \"MULTIPLEX\",\n rateMode: \"CBR\",\n },\n },\n },\n },\n }],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.medialive.Channel(\"example\",\n name=\"example-channel\",\n channel_class=\"STANDARD\",\n role_arn=example_aws_iam_role[\"arn\"],\n input_specification={\n \"codec\": \"AVC\",\n \"input_resolution\": \"HD\",\n \"maximum_bitrate\": \"MAX_20_MBPS\",\n },\n input_attachments=[{\n \"input_attachment_name\": \"example-input\",\n \"input_id\": example_aws_medialive_input[\"id\"],\n }],\n destinations=[{\n \"id\": \"destination\",\n \"settings\": [\n {\n \"url\": f\"s3://{main['id']}/test1\",\n },\n {\n \"url\": f\"s3://{main2['id']}/test2\",\n },\n ],\n }],\n encoder_settings={\n \"timecode_config\": {\n \"source\": \"EMBEDDED\",\n },\n \"audio_descriptions\": [{\n \"audio_selector_name\": \"example audio selector\",\n \"name\": \"audio-selector\",\n }],\n \"video_descriptions\": [{\n \"name\": \"example-video\",\n }],\n \"output_groups\": [{\n \"output_group_settings\": {\n \"archive_group_settings\": [{\n \"destination\": {\n \"destination_ref_id\": \"destination\",\n },\n }],\n },\n \"outputs\": [{\n \"output_name\": \"example-name\",\n \"video_description_name\": \"example-video\",\n \"audio_description_names\": [\"audio-selector\"],\n \"output_settings\": {\n \"archive_output_settings\": {\n \"name_modifier\": \"_1\",\n \"extension\": \"m2ts\",\n \"container_settings\": {\n \"m2ts_settings\": {\n \"audio_buffer_model\": \"ATSC\",\n \"buffer_model\": \"MULTIPLEX\",\n \"rate_mode\": \"CBR\",\n },\n },\n },\n },\n }],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MediaLive.Channel(\"example\", new()\n {\n Name = \"example-channel\",\n ChannelClass = \"STANDARD\",\n RoleArn = exampleAwsIamRole.Arn,\n InputSpecification = new Aws.MediaLive.Inputs.ChannelInputSpecificationArgs\n {\n Codec = \"AVC\",\n InputResolution = \"HD\",\n MaximumBitrate = \"MAX_20_MBPS\",\n },\n InputAttachments = new[]\n {\n new Aws.MediaLive.Inputs.ChannelInputAttachmentArgs\n {\n InputAttachmentName = \"example-input\",\n InputId = exampleAwsMedialiveInput.Id,\n },\n },\n Destinations = new[]\n {\n new Aws.MediaLive.Inputs.ChannelDestinationArgs\n {\n Id = \"destination\",\n Settings = new[]\n {\n new Aws.MediaLive.Inputs.ChannelDestinationSettingArgs\n {\n Url = $\"s3://{main.Id}/test1\",\n },\n new Aws.MediaLive.Inputs.ChannelDestinationSettingArgs\n {\n Url = $\"s3://{main2.Id}/test2\",\n },\n },\n },\n },\n EncoderSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsArgs\n {\n TimecodeConfig = new Aws.MediaLive.Inputs.ChannelEncoderSettingsTimecodeConfigArgs\n {\n Source = \"EMBEDDED\",\n },\n AudioDescriptions = new[]\n {\n new Aws.MediaLive.Inputs.ChannelEncoderSettingsAudioDescriptionArgs\n {\n AudioSelectorName = \"example audio selector\",\n Name = \"audio-selector\",\n },\n },\n VideoDescriptions = new[]\n {\n new Aws.MediaLive.Inputs.ChannelEncoderSettingsVideoDescriptionArgs\n {\n Name = \"example-video\",\n },\n },\n OutputGroups = new[]\n {\n new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupArgs\n {\n OutputGroupSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArgs\n {\n ArchiveGroupSettings = new[]\n {\n new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArgs\n {\n Destination = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestinationArgs\n {\n DestinationRefId = \"destination\",\n },\n },\n },\n },\n Outputs = new[]\n {\n new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputArgs\n {\n OutputName = \"example-name\",\n VideoDescriptionName = \"example-video\",\n AudioDescriptionNames = new[]\n {\n \"audio-selector\",\n },\n OutputSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArgs\n {\n ArchiveOutputSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsArgs\n {\n NameModifier = \"_1\",\n Extension = \"m2ts\",\n ContainerSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsArgs\n {\n M2tsSettings = new Aws.MediaLive.Inputs.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsArgs\n {\n AudioBufferModel = \"ATSC\",\n BufferModel = \"MULTIPLEX\",\n RateMode = \"CBR\",\n },\n },\n },\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := medialive.NewChannel(ctx, \"example\", \u0026medialive.ChannelArgs{\n\t\t\tName: pulumi.String(\"example-channel\"),\n\t\t\tChannelClass: pulumi.String(\"STANDARD\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tInputSpecification: \u0026medialive.ChannelInputSpecificationArgs{\n\t\t\t\tCodec: pulumi.String(\"AVC\"),\n\t\t\t\tInputResolution: pulumi.String(\"HD\"),\n\t\t\t\tMaximumBitrate: pulumi.String(\"MAX_20_MBPS\"),\n\t\t\t},\n\t\t\tInputAttachments: medialive.ChannelInputAttachmentArray{\n\t\t\t\t\u0026medialive.ChannelInputAttachmentArgs{\n\t\t\t\t\tInputAttachmentName: pulumi.String(\"example-input\"),\n\t\t\t\t\tInputId: pulumi.Any(exampleAwsMedialiveInput.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDestinations: medialive.ChannelDestinationArray{\n\t\t\t\t\u0026medialive.ChannelDestinationArgs{\n\t\t\t\t\tId: pulumi.String(\"destination\"),\n\t\t\t\t\tSettings: medialive.ChannelDestinationSettingArray{\n\t\t\t\t\t\t\u0026medialive.ChannelDestinationSettingArgs{\n\t\t\t\t\t\t\tUrl: pulumi.String(fmt.Sprintf(\"s3://%v/test1\", main.Id)),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026medialive.ChannelDestinationSettingArgs{\n\t\t\t\t\t\t\tUrl: pulumi.String(fmt.Sprintf(\"s3://%v/test2\", main2.Id)),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncoderSettings: \u0026medialive.ChannelEncoderSettingsArgs{\n\t\t\t\tTimecodeConfig: \u0026medialive.ChannelEncoderSettingsTimecodeConfigArgs{\n\t\t\t\t\tSource: pulumi.String(\"EMBEDDED\"),\n\t\t\t\t},\n\t\t\t\tAudioDescriptions: medialive.ChannelEncoderSettingsAudioDescriptionArray{\n\t\t\t\t\t\u0026medialive.ChannelEncoderSettingsAudioDescriptionArgs{\n\t\t\t\t\t\tAudioSelectorName: pulumi.String(\"example audio selector\"),\n\t\t\t\t\t\tName: pulumi.String(\"audio-selector\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVideoDescriptions: medialive.ChannelEncoderSettingsVideoDescriptionArray{\n\t\t\t\t\t\u0026medialive.ChannelEncoderSettingsVideoDescriptionArgs{\n\t\t\t\t\t\tName: pulumi.String(\"example-video\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tOutputGroups: medialive.ChannelEncoderSettingsOutputGroupArray{\n\t\t\t\t\t\u0026medialive.ChannelEncoderSettingsOutputGroupArgs{\n\t\t\t\t\t\tOutputGroupSettings: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArgs{\n\t\t\t\t\t\t\tArchiveGroupSettings: medialive.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArray{\n\t\t\t\t\t\t\t\t\u0026medialive.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArgs{\n\t\t\t\t\t\t\t\t\tDestination: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestinationArgs{\n\t\t\t\t\t\t\t\t\t\tDestinationRefId: pulumi.String(\"destination\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tOutputs: medialive.ChannelEncoderSettingsOutputGroupOutputTypeArray{\n\t\t\t\t\t\t\t\u0026medialive.ChannelEncoderSettingsOutputGroupOutputTypeArgs{\n\t\t\t\t\t\t\t\tOutputName: pulumi.String(\"example-name\"),\n\t\t\t\t\t\t\t\tVideoDescriptionName: pulumi.String(\"example-video\"),\n\t\t\t\t\t\t\t\tAudioDescriptionNames: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"audio-selector\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tOutputSettings: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArgs{\n\t\t\t\t\t\t\t\t\tArchiveOutputSettings: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsArgs{\n\t\t\t\t\t\t\t\t\t\tNameModifier: pulumi.String(\"_1\"),\n\t\t\t\t\t\t\t\t\t\tExtension: pulumi.String(\"m2ts\"),\n\t\t\t\t\t\t\t\t\t\tContainerSettings: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsArgs{\n\t\t\t\t\t\t\t\t\t\t\tM2tsSettings: \u0026medialive.ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tAudioBufferModel: pulumi.String(\"ATSC\"),\n\t\t\t\t\t\t\t\t\t\t\t\tBufferModel: pulumi.String(\"MULTIPLEX\"),\n\t\t\t\t\t\t\t\t\t\t\t\tRateMode: pulumi.String(\"CBR\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.medialive.Channel;\nimport com.pulumi.aws.medialive.ChannelArgs;\nimport com.pulumi.aws.medialive.inputs.ChannelInputSpecificationArgs;\nimport com.pulumi.aws.medialive.inputs.ChannelInputAttachmentArgs;\nimport com.pulumi.aws.medialive.inputs.ChannelDestinationArgs;\nimport com.pulumi.aws.medialive.inputs.ChannelEncoderSettingsArgs;\nimport com.pulumi.aws.medialive.inputs.ChannelEncoderSettingsTimecodeConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Channel(\"example\", ChannelArgs.builder()\n .name(\"example-channel\")\n .channelClass(\"STANDARD\")\n .roleArn(exampleAwsIamRole.arn())\n .inputSpecification(ChannelInputSpecificationArgs.builder()\n .codec(\"AVC\")\n .inputResolution(\"HD\")\n .maximumBitrate(\"MAX_20_MBPS\")\n .build())\n .inputAttachments(ChannelInputAttachmentArgs.builder()\n .inputAttachmentName(\"example-input\")\n .inputId(exampleAwsMedialiveInput.id())\n .build())\n .destinations(ChannelDestinationArgs.builder()\n .id(\"destination\")\n .settings( \n ChannelDestinationSettingArgs.builder()\n .url(String.format(\"s3://%s/test1\", main.id()))\n .build(),\n ChannelDestinationSettingArgs.builder()\n .url(String.format(\"s3://%s/test2\", main2.id()))\n .build())\n .build())\n .encoderSettings(ChannelEncoderSettingsArgs.builder()\n .timecodeConfig(ChannelEncoderSettingsTimecodeConfigArgs.builder()\n .source(\"EMBEDDED\")\n .build())\n .audioDescriptions(ChannelEncoderSettingsAudioDescriptionArgs.builder()\n .audioSelectorName(\"example audio selector\")\n .name(\"audio-selector\")\n .build())\n .videoDescriptions(ChannelEncoderSettingsVideoDescriptionArgs.builder()\n .name(\"example-video\")\n .build())\n .outputGroups(ChannelEncoderSettingsOutputGroupArgs.builder()\n .outputGroupSettings(ChannelEncoderSettingsOutputGroupOutputGroupSettingsArgs.builder()\n .archiveGroupSettings(ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingArgs.builder()\n .destination(ChannelEncoderSettingsOutputGroupOutputGroupSettingsArchiveGroupSettingDestinationArgs.builder()\n .destinationRefId(\"destination\")\n .build())\n .build())\n .build())\n .outputs(ChannelEncoderSettingsOutputGroupOutputArgs.builder()\n .outputName(\"example-name\")\n .videoDescriptionName(\"example-video\")\n .audioDescriptionNames(\"audio-selector\")\n .outputSettings(ChannelEncoderSettingsOutputGroupOutputOutputSettingsArgs.builder()\n .archiveOutputSettings(ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsArgs.builder()\n .nameModifier(\"_1\")\n .extension(\"m2ts\")\n .containerSettings(ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsArgs.builder()\n .m2tsSettings(ChannelEncoderSettingsOutputGroupOutputOutputSettingsArchiveOutputSettingsContainerSettingsM2tsSettingsArgs.builder()\n .audioBufferModel(\"ATSC\")\n .bufferModel(\"MULTIPLEX\")\n .rateMode(\"CBR\")\n .build())\n .build())\n .build())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:medialive:Channel\n properties:\n name: example-channel\n channelClass: STANDARD\n roleArn: ${exampleAwsIamRole.arn}\n inputSpecification:\n codec: AVC\n inputResolution: HD\n maximumBitrate: MAX_20_MBPS\n inputAttachments:\n - inputAttachmentName: example-input\n inputId: ${exampleAwsMedialiveInput.id}\n destinations:\n - id: destination\n settings:\n - url: s3://${main.id}/test1\n - url: s3://${main2.id}/test2\n encoderSettings:\n timecodeConfig:\n source: EMBEDDED\n audioDescriptions:\n - audioSelectorName: example audio selector\n name: audio-selector\n videoDescriptions:\n - name: example-video\n outputGroups:\n - outputGroupSettings:\n archiveGroupSettings:\n - destination:\n destinationRefId: destination\n outputs:\n - outputName: example-name\n videoDescriptionName: example-video\n audioDescriptionNames:\n - audio-selector\n outputSettings:\n archiveOutputSettings:\n nameModifier: _1\n extension: m2ts\n containerSettings:\n m2tsSettings:\n audioBufferModel: ATSC\n bufferModel: MULTIPLEX\n rateMode: CBR\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaLive Channel using the `channel_id`. For example:\n\n```sh\n$ pulumi import aws:medialive/channel:Channel example 1234567\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Channel.\n" }, "cdiInputSpecification": { "$ref": "#/types/aws:medialive/ChannelCdiInputSpecification:ChannelCdiInputSpecification", "description": "Specification of CDI inputs for this channel. See CDI Input Specification for more details.\n" }, "channelClass": { "type": "string", "description": "Concise argument description.\n" }, "channelId": { "type": "string", "description": "ID of the Channel.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelDestination:ChannelDestination" }, "description": "Destinations for channel. See Destinations for more details.\n" }, "encoderSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettings:ChannelEncoderSettings", "description": "Encoder settings. See Encoder Settings for more details.\n" }, "inputAttachments": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachment:ChannelInputAttachment" }, "description": "Input attachments for the channel. See Input Attachments for more details.\n" }, "inputSpecification": { "$ref": "#/types/aws:medialive/ChannelInputSpecification:ChannelInputSpecification", "description": "Specification of network and file inputs for the channel.\n" }, "logLevel": { "type": "string", "description": "The log level to write to Cloudwatch logs.\n" }, "maintenance": { "$ref": "#/types/aws:medialive/ChannelMaintenance:ChannelMaintenance", "description": "Maintenance settings for this channel. See Maintenance for more details.\n" }, "name": { "type": "string", "description": "Name of the Channel.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "Concise argument description.\n" }, "startChannel": { "type": "boolean", "description": "Whether to start/stop channel. Default: `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the channel. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpc": { "$ref": "#/types/aws:medialive/ChannelVpc:ChannelVpc", "description": "Settings for the VPC outputs. See VPC for more details.\n" } }, "required": [ "arn", "channelClass", "channelId", "destinations", "encoderSettings", "inputAttachments", "inputSpecification", "logLevel", "maintenance", "name", "tagsAll" ], "inputProperties": { "cdiInputSpecification": { "$ref": "#/types/aws:medialive/ChannelCdiInputSpecification:ChannelCdiInputSpecification", "description": "Specification of CDI inputs for this channel. See CDI Input Specification for more details.\n" }, "channelClass": { "type": "string", "description": "Concise argument description.\n", "willReplaceOnChanges": true }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelDestination:ChannelDestination" }, "description": "Destinations for channel. See Destinations for more details.\n" }, "encoderSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettings:ChannelEncoderSettings", "description": "Encoder settings. See Encoder Settings for more details.\n" }, "inputAttachments": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachment:ChannelInputAttachment" }, "description": "Input attachments for the channel. See Input Attachments for more details.\n" }, "inputSpecification": { "$ref": "#/types/aws:medialive/ChannelInputSpecification:ChannelInputSpecification", "description": "Specification of network and file inputs for the channel.\n" }, "logLevel": { "type": "string", "description": "The log level to write to Cloudwatch logs.\n" }, "maintenance": { "$ref": "#/types/aws:medialive/ChannelMaintenance:ChannelMaintenance", "description": "Maintenance settings for this channel. See Maintenance for more details.\n" }, "name": { "type": "string", "description": "Name of the Channel.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "Concise argument description.\n" }, "startChannel": { "type": "boolean", "description": "Whether to start/stop channel. Default: `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the channel. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpc": { "$ref": "#/types/aws:medialive/ChannelVpc:ChannelVpc", "description": "Settings for the VPC outputs. See VPC for more details.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "channelClass", "destinations", "encoderSettings", "inputAttachments", "inputSpecification" ], "stateInputs": { "description": "Input properties used for looking up and filtering Channel resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Channel.\n" }, "cdiInputSpecification": { "$ref": "#/types/aws:medialive/ChannelCdiInputSpecification:ChannelCdiInputSpecification", "description": "Specification of CDI inputs for this channel. See CDI Input Specification for more details.\n" }, "channelClass": { "type": "string", "description": "Concise argument description.\n", "willReplaceOnChanges": true }, "channelId": { "type": "string", "description": "ID of the Channel.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelDestination:ChannelDestination" }, "description": "Destinations for channel. See Destinations for more details.\n" }, "encoderSettings": { "$ref": "#/types/aws:medialive/ChannelEncoderSettings:ChannelEncoderSettings", "description": "Encoder settings. See Encoder Settings for more details.\n" }, "inputAttachments": { "type": "array", "items": { "$ref": "#/types/aws:medialive/ChannelInputAttachment:ChannelInputAttachment" }, "description": "Input attachments for the channel. See Input Attachments for more details.\n" }, "inputSpecification": { "$ref": "#/types/aws:medialive/ChannelInputSpecification:ChannelInputSpecification", "description": "Specification of network and file inputs for the channel.\n" }, "logLevel": { "type": "string", "description": "The log level to write to Cloudwatch logs.\n" }, "maintenance": { "$ref": "#/types/aws:medialive/ChannelMaintenance:ChannelMaintenance", "description": "Maintenance settings for this channel. See Maintenance for more details.\n" }, "name": { "type": "string", "description": "Name of the Channel.\n\nThe following arguments are optional:\n" }, "roleArn": { "type": "string", "description": "Concise argument description.\n" }, "startChannel": { "type": "boolean", "description": "Whether to start/stop channel. Default: `false`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the channel. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vpc": { "$ref": "#/types/aws:medialive/ChannelVpc:ChannelVpc", "description": "Settings for the VPC outputs. See VPC for more details.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:medialive/input:Input": { "description": "Resource for managing an AWS MediaLive Input.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.medialive.InputSecurityGroup(\"example\", {\n whitelistRules: [{\n cidr: \"10.0.0.8/32\",\n }],\n tags: {\n ENVIRONMENT: \"prod\",\n },\n});\nconst exampleInput = new aws.medialive.Input(\"example\", {\n name: \"example-input\",\n inputSecurityGroups: [example.id],\n type: \"UDP_PUSH\",\n tags: {\n ENVIRONMENT: \"prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.medialive.InputSecurityGroup(\"example\",\n whitelist_rules=[{\n \"cidr\": \"10.0.0.8/32\",\n }],\n tags={\n \"ENVIRONMENT\": \"prod\",\n })\nexample_input = aws.medialive.Input(\"example\",\n name=\"example-input\",\n input_security_groups=[example.id],\n type=\"UDP_PUSH\",\n tags={\n \"ENVIRONMENT\": \"prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MediaLive.InputSecurityGroup(\"example\", new()\n {\n WhitelistRules = new[]\n {\n new Aws.MediaLive.Inputs.InputSecurityGroupWhitelistRuleArgs\n {\n Cidr = \"10.0.0.8/32\",\n },\n },\n Tags = \n {\n { \"ENVIRONMENT\", \"prod\" },\n },\n });\n\n var exampleInput = new Aws.MediaLive.Input(\"example\", new()\n {\n Name = \"example-input\",\n InputSecurityGroups = new[]\n {\n example.Id,\n },\n Type = \"UDP_PUSH\",\n Tags = \n {\n { \"ENVIRONMENT\", \"prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := medialive.NewInputSecurityGroup(ctx, \"example\", \u0026medialive.InputSecurityGroupArgs{\n\t\t\tWhitelistRules: medialive.InputSecurityGroupWhitelistRuleArray{\n\t\t\t\t\u0026medialive.InputSecurityGroupWhitelistRuleArgs{\n\t\t\t\t\tCidr: pulumi.String(\"10.0.0.8/32\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = medialive.NewInput(ctx, \"example\", \u0026medialive.InputArgs{\n\t\t\tName: pulumi.String(\"example-input\"),\n\t\t\tInputSecurityGroups: pulumi.StringArray{\n\t\t\t\texample.ID(),\n\t\t\t},\n\t\t\tType: pulumi.String(\"UDP_PUSH\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.medialive.InputSecurityGroup;\nimport com.pulumi.aws.medialive.InputSecurityGroupArgs;\nimport com.pulumi.aws.medialive.inputs.InputSecurityGroupWhitelistRuleArgs;\nimport com.pulumi.aws.medialive.Input;\nimport com.pulumi.aws.medialive.InputArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InputSecurityGroup(\"example\", InputSecurityGroupArgs.builder()\n .whitelistRules(InputSecurityGroupWhitelistRuleArgs.builder()\n .cidr(\"10.0.0.8/32\")\n .build())\n .tags(Map.of(\"ENVIRONMENT\", \"prod\"))\n .build());\n\n var exampleInput = new Input(\"exampleInput\", InputArgs.builder()\n .name(\"example-input\")\n .inputSecurityGroups(example.id())\n .type(\"UDP_PUSH\")\n .tags(Map.of(\"ENVIRONMENT\", \"prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:medialive:InputSecurityGroup\n properties:\n whitelistRules:\n - cidr: 10.0.0.8/32\n tags:\n ENVIRONMENT: prod\n exampleInput:\n type: aws:medialive:Input\n name: example\n properties:\n name: example-input\n inputSecurityGroups:\n - ${example.id}\n type: UDP_PUSH\n tags:\n ENVIRONMENT: prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaLive Input using the `id`. For example:\n\n```sh\n$ pulumi import aws:medialive/input:Input example 12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Input.\n" }, "attachedChannels": { "type": "array", "items": { "type": "string" }, "description": "Channels attached to Input.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputDestination:InputDestination" }, "description": "Destination settings for PUSH type inputs. See Destinations for more details.\n" }, "inputClass": { "type": "string", "description": "The input class.\n" }, "inputDevices": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputInputDevice:InputInputDevice" }, "description": "Settings for the devices. See Input Devices for more details.\n" }, "inputPartnerIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for all Inputs which are partners of this one.\n" }, "inputSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of input security groups.\n" }, "inputSourceType": { "type": "string", "description": "Source type of the input.\n" }, "mediaConnectFlows": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputMediaConnectFlow:InputMediaConnectFlow" }, "description": "A list of the MediaConnect Flows. See Media Connect Flows for more details.\n" }, "name": { "type": "string", "description": "Name of the input.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role this input assumes during and after creation.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSource:InputSource" }, "description": "The source URLs for a PULL-type input. See Sources for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Input. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The different types of inputs that AWS Elemental MediaLive supports.\n\nThe following arguments are optional:\n" }, "vpc": { "$ref": "#/types/aws:medialive/InputVpc:InputVpc", "description": "Settings for a private VPC Input. See VPC for more details.\n" } }, "required": [ "arn", "attachedChannels", "inputClass", "inputDevices", "inputPartnerIds", "inputSourceType", "mediaConnectFlows", "name", "roleArn", "sources", "tagsAll", "type" ], "inputProperties": { "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputDestination:InputDestination" }, "description": "Destination settings for PUSH type inputs. See Destinations for more details.\n" }, "inputDevices": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputInputDevice:InputInputDevice" }, "description": "Settings for the devices. See Input Devices for more details.\n" }, "inputSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of input security groups.\n" }, "mediaConnectFlows": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputMediaConnectFlow:InputMediaConnectFlow" }, "description": "A list of the MediaConnect Flows. See Media Connect Flows for more details.\n" }, "name": { "type": "string", "description": "Name of the input.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role this input assumes during and after creation.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSource:InputSource" }, "description": "The source URLs for a PULL-type input. See Sources for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Input. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The different types of inputs that AWS Elemental MediaLive supports.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "vpc": { "$ref": "#/types/aws:medialive/InputVpc:InputVpc", "description": "Settings for a private VPC Input. See VPC for more details.\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Input resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Input.\n" }, "attachedChannels": { "type": "array", "items": { "type": "string" }, "description": "Channels attached to Input.\n" }, "destinations": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputDestination:InputDestination" }, "description": "Destination settings for PUSH type inputs. See Destinations for more details.\n" }, "inputClass": { "type": "string", "description": "The input class.\n" }, "inputDevices": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputInputDevice:InputInputDevice" }, "description": "Settings for the devices. See Input Devices for more details.\n" }, "inputPartnerIds": { "type": "array", "items": { "type": "string" }, "description": "A list of IDs for all Inputs which are partners of this one.\n" }, "inputSecurityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of input security groups.\n" }, "inputSourceType": { "type": "string", "description": "Source type of the input.\n" }, "mediaConnectFlows": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputMediaConnectFlow:InputMediaConnectFlow" }, "description": "A list of the MediaConnect Flows. See Media Connect Flows for more details.\n" }, "name": { "type": "string", "description": "Name of the input.\n" }, "roleArn": { "type": "string", "description": "The ARN of the role this input assumes during and after creation.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSource:InputSource" }, "description": "The source URLs for a PULL-type input. See Sources for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Input. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The different types of inputs that AWS Elemental MediaLive supports.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "vpc": { "$ref": "#/types/aws:medialive/InputVpc:InputVpc", "description": "Settings for a private VPC Input. See VPC for more details.\n" } }, "type": "object" } }, "aws:medialive/inputSecurityGroup:InputSecurityGroup": { "description": "Resource for managing an AWS MediaLive InputSecurityGroup.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.medialive.InputSecurityGroup(\"example\", {\n whitelistRules: [{\n cidr: \"10.0.0.8/32\",\n }],\n tags: {\n ENVIRONMENT: \"prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.medialive.InputSecurityGroup(\"example\",\n whitelist_rules=[{\n \"cidr\": \"10.0.0.8/32\",\n }],\n tags={\n \"ENVIRONMENT\": \"prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MediaLive.InputSecurityGroup(\"example\", new()\n {\n WhitelistRules = new[]\n {\n new Aws.MediaLive.Inputs.InputSecurityGroupWhitelistRuleArgs\n {\n Cidr = \"10.0.0.8/32\",\n },\n },\n Tags = \n {\n { \"ENVIRONMENT\", \"prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := medialive.NewInputSecurityGroup(ctx, \"example\", \u0026medialive.InputSecurityGroupArgs{\n\t\t\tWhitelistRules: medialive.InputSecurityGroupWhitelistRuleArray{\n\t\t\t\t\u0026medialive.InputSecurityGroupWhitelistRuleArgs{\n\t\t\t\t\tCidr: pulumi.String(\"10.0.0.8/32\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.medialive.InputSecurityGroup;\nimport com.pulumi.aws.medialive.InputSecurityGroupArgs;\nimport com.pulumi.aws.medialive.inputs.InputSecurityGroupWhitelistRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InputSecurityGroup(\"example\", InputSecurityGroupArgs.builder()\n .whitelistRules(InputSecurityGroupWhitelistRuleArgs.builder()\n .cidr(\"10.0.0.8/32\")\n .build())\n .tags(Map.of(\"ENVIRONMENT\", \"prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:medialive:InputSecurityGroup\n properties:\n whitelistRules:\n - cidr: 10.0.0.8/32\n tags:\n ENVIRONMENT: prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaLive InputSecurityGroup using the `id`. For example:\n\n```sh\n$ pulumi import aws:medialive/inputSecurityGroup:InputSecurityGroup example 123456\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the InputSecurityGroup.\n" }, "inputs": { "type": "array", "items": { "type": "string" }, "description": "The list of inputs currently using this InputSecurityGroup.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the InputSecurityGroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "whitelistRules": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSecurityGroupWhitelistRule:InputSecurityGroupWhitelistRule" }, "description": "Whitelist rules. See Whitelist Rules for more details.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "inputs", "tagsAll", "whitelistRules" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the InputSecurityGroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "whitelistRules": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSecurityGroupWhitelistRule:InputSecurityGroupWhitelistRule" }, "description": "Whitelist rules. See Whitelist Rules for more details.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "whitelistRules" ], "stateInputs": { "description": "Input properties used for looking up and filtering InputSecurityGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the InputSecurityGroup.\n" }, "inputs": { "type": "array", "items": { "type": "string" }, "description": "The list of inputs currently using this InputSecurityGroup.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the InputSecurityGroup. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "whitelistRules": { "type": "array", "items": { "$ref": "#/types/aws:medialive/InputSecurityGroupWhitelistRule:InputSecurityGroupWhitelistRule" }, "description": "Whitelist rules. See Whitelist Rules for more details.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:medialive/multiplex:Multiplex": { "description": "Resource for managing an AWS MediaLive Multiplex.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst example = new aws.medialive.Multiplex(\"example\", {\n name: \"example-multiplex-changed\",\n availabilityZones: [\n available.then(available =\u003e available.names?.[0]),\n available.then(available =\u003e available.names?.[1]),\n ],\n multiplexSettings: {\n transportStreamBitrate: 1000000,\n transportStreamId: 1,\n transportStreamReservedBitrate: 1,\n maximumVideoBufferDelayMilliseconds: 1000,\n },\n startMultiplex: true,\n tags: {\n tag1: \"value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\")\nexample = aws.medialive.Multiplex(\"example\",\n name=\"example-multiplex-changed\",\n availability_zones=[\n available.names[0],\n available.names[1],\n ],\n multiplex_settings={\n \"transport_stream_bitrate\": 1000000,\n \"transport_stream_id\": 1,\n \"transport_stream_reserved_bitrate\": 1,\n \"maximum_video_buffer_delay_milliseconds\": 1000,\n },\n start_multiplex=True,\n tags={\n \"tag1\": \"value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var example = new Aws.MediaLive.Multiplex(\"example\", new()\n {\n Name = \"example-multiplex-changed\",\n AvailabilityZones = new[]\n {\n available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n },\n MultiplexSettings = new Aws.MediaLive.Inputs.MultiplexMultiplexSettingsArgs\n {\n TransportStreamBitrate = 1000000,\n TransportStreamId = 1,\n TransportStreamReservedBitrate = 1,\n MaximumVideoBufferDelayMilliseconds = 1000,\n },\n StartMultiplex = true,\n Tags = \n {\n { \"tag1\", \"value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = medialive.NewMultiplex(ctx, \"example\", \u0026medialive.MultiplexArgs{\n\t\t\tName: pulumi.String(\"example-multiplex-changed\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(available.Names[0]),\n\t\t\t\tpulumi.String(available.Names[1]),\n\t\t\t},\n\t\t\tMultiplexSettings: \u0026medialive.MultiplexMultiplexSettingsArgs{\n\t\t\t\tTransportStreamBitrate: pulumi.Int(1000000),\n\t\t\t\tTransportStreamId: pulumi.Int(1),\n\t\t\t\tTransportStreamReservedBitrate: pulumi.Int(1),\n\t\t\t\tMaximumVideoBufferDelayMilliseconds: pulumi.Int(1000),\n\t\t\t},\n\t\t\tStartMultiplex: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.medialive.Multiplex;\nimport com.pulumi.aws.medialive.MultiplexArgs;\nimport com.pulumi.aws.medialive.inputs.MultiplexMultiplexSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n var example = new Multiplex(\"example\", MultiplexArgs.builder()\n .name(\"example-multiplex-changed\")\n .availabilityZones( \n available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]),\n available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .multiplexSettings(MultiplexMultiplexSettingsArgs.builder()\n .transportStreamBitrate(1000000)\n .transportStreamId(1)\n .transportStreamReservedBitrate(1)\n .maximumVideoBufferDelayMilliseconds(1000)\n .build())\n .startMultiplex(true)\n .tags(Map.of(\"tag1\", \"value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:medialive:Multiplex\n properties:\n name: example-multiplex-changed\n availabilityZones:\n - ${available.names[0]}\n - ${available.names[1]}\n multiplexSettings:\n transportStreamBitrate: 1e+06\n transportStreamId: 1\n transportStreamReservedBitrate: 1\n maximumVideoBufferDelayMilliseconds: 1000\n startMultiplex: true\n tags:\n tag1: value1\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaLive Multiplex using the `id`. For example:\n\n```sh\n$ pulumi import aws:medialive/multiplex:Multiplex example 12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Multiplex.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of availability zones. You must specify exactly two.\n" }, "multiplexSettings": { "$ref": "#/types/aws:medialive/MultiplexMultiplexSettings:MultiplexMultiplexSettings", "description": "Multiplex settings. See Multiplex Settings for more details.\n" }, "name": { "type": "string", "description": "name of Multiplex.\n\nThe following arguments are optional:\n" }, "startMultiplex": { "type": "boolean", "description": "Whether to start the Multiplex. Defaults to `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Multiplex. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "availabilityZones", "name", "tagsAll" ], "inputProperties": { "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of availability zones. You must specify exactly two.\n", "willReplaceOnChanges": true }, "multiplexSettings": { "$ref": "#/types/aws:medialive/MultiplexMultiplexSettings:MultiplexMultiplexSettings", "description": "Multiplex settings. See Multiplex Settings for more details.\n" }, "name": { "type": "string", "description": "name of Multiplex.\n\nThe following arguments are optional:\n" }, "startMultiplex": { "type": "boolean", "description": "Whether to start the Multiplex. Defaults to `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Multiplex. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "availabilityZones" ], "stateInputs": { "description": "Input properties used for looking up and filtering Multiplex resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Multiplex.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of availability zones. You must specify exactly two.\n", "willReplaceOnChanges": true }, "multiplexSettings": { "$ref": "#/types/aws:medialive/MultiplexMultiplexSettings:MultiplexMultiplexSettings", "description": "Multiplex settings. See Multiplex Settings for more details.\n" }, "name": { "type": "string", "description": "name of Multiplex.\n\nThe following arguments are optional:\n" }, "startMultiplex": { "type": "boolean", "description": "Whether to start the Multiplex. Defaults to `false`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Multiplex. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:medialive/multiplexProgram:MultiplexProgram": { "description": "Resource for managing an AWS MediaLive MultiplexProgram.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst example = new aws.medialive.Multiplex(\"example\", {\n name: \"example-multiplex-changed\",\n availabilityZones: [\n available.then(available =\u003e available.names?.[0]),\n available.then(available =\u003e available.names?.[1]),\n ],\n multiplexSettings: {\n transportStreamBitrate: 1000000,\n transportStreamId: 1,\n transportStreamReservedBitrate: 1,\n maximumVideoBufferDelayMilliseconds: 1000,\n },\n startMultiplex: true,\n tags: {\n tag1: \"value1\",\n },\n});\nconst exampleMultiplexProgram = new aws.medialive.MultiplexProgram(\"example\", {\n programName: \"example_program\",\n multiplexId: example.id,\n multiplexProgramSettings: {\n programNumber: 1,\n preferredChannelPipeline: \"CURRENTLY_ACTIVE\",\n videoSettings: {\n constantBitrate: 100000,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\")\nexample = aws.medialive.Multiplex(\"example\",\n name=\"example-multiplex-changed\",\n availability_zones=[\n available.names[0],\n available.names[1],\n ],\n multiplex_settings={\n \"transport_stream_bitrate\": 1000000,\n \"transport_stream_id\": 1,\n \"transport_stream_reserved_bitrate\": 1,\n \"maximum_video_buffer_delay_milliseconds\": 1000,\n },\n start_multiplex=True,\n tags={\n \"tag1\": \"value1\",\n })\nexample_multiplex_program = aws.medialive.MultiplexProgram(\"example\",\n program_name=\"example_program\",\n multiplex_id=example.id,\n multiplex_program_settings={\n \"program_number\": 1,\n \"preferred_channel_pipeline\": \"CURRENTLY_ACTIVE\",\n \"video_settings\": {\n \"constant_bitrate\": 100000,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var example = new Aws.MediaLive.Multiplex(\"example\", new()\n {\n Name = \"example-multiplex-changed\",\n AvailabilityZones = new[]\n {\n available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n },\n MultiplexSettings = new Aws.MediaLive.Inputs.MultiplexMultiplexSettingsArgs\n {\n TransportStreamBitrate = 1000000,\n TransportStreamId = 1,\n TransportStreamReservedBitrate = 1,\n MaximumVideoBufferDelayMilliseconds = 1000,\n },\n StartMultiplex = true,\n Tags = \n {\n { \"tag1\", \"value1\" },\n },\n });\n\n var exampleMultiplexProgram = new Aws.MediaLive.MultiplexProgram(\"example\", new()\n {\n ProgramName = \"example_program\",\n MultiplexId = example.Id,\n MultiplexProgramSettings = new Aws.MediaLive.Inputs.MultiplexProgramMultiplexProgramSettingsArgs\n {\n ProgramNumber = 1,\n PreferredChannelPipeline = \"CURRENTLY_ACTIVE\",\n VideoSettings = new Aws.MediaLive.Inputs.MultiplexProgramMultiplexProgramSettingsVideoSettingsArgs\n {\n ConstantBitrate = 100000,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := medialive.NewMultiplex(ctx, \"example\", \u0026medialive.MultiplexArgs{\n\t\t\tName: pulumi.String(\"example-multiplex-changed\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(available.Names[0]),\n\t\t\t\tpulumi.String(available.Names[1]),\n\t\t\t},\n\t\t\tMultiplexSettings: \u0026medialive.MultiplexMultiplexSettingsArgs{\n\t\t\t\tTransportStreamBitrate: pulumi.Int(1000000),\n\t\t\t\tTransportStreamId: pulumi.Int(1),\n\t\t\t\tTransportStreamReservedBitrate: pulumi.Int(1),\n\t\t\t\tMaximumVideoBufferDelayMilliseconds: pulumi.Int(1000),\n\t\t\t},\n\t\t\tStartMultiplex: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = medialive.NewMultiplexProgram(ctx, \"example\", \u0026medialive.MultiplexProgramArgs{\n\t\t\tProgramName: pulumi.String(\"example_program\"),\n\t\t\tMultiplexId: example.ID(),\n\t\t\tMultiplexProgramSettings: \u0026medialive.MultiplexProgramMultiplexProgramSettingsArgs{\n\t\t\t\tProgramNumber: pulumi.Int(1),\n\t\t\t\tPreferredChannelPipeline: pulumi.String(\"CURRENTLY_ACTIVE\"),\n\t\t\t\tVideoSettings: \u0026medialive.MultiplexProgramMultiplexProgramSettingsVideoSettingsArgs{\n\t\t\t\t\tConstantBitrate: pulumi.Int(100000),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.medialive.Multiplex;\nimport com.pulumi.aws.medialive.MultiplexArgs;\nimport com.pulumi.aws.medialive.inputs.MultiplexMultiplexSettingsArgs;\nimport com.pulumi.aws.medialive.MultiplexProgram;\nimport com.pulumi.aws.medialive.MultiplexProgramArgs;\nimport com.pulumi.aws.medialive.inputs.MultiplexProgramMultiplexProgramSettingsArgs;\nimport com.pulumi.aws.medialive.inputs.MultiplexProgramMultiplexProgramSettingsVideoSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n var example = new Multiplex(\"example\", MultiplexArgs.builder()\n .name(\"example-multiplex-changed\")\n .availabilityZones( \n available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]),\n available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .multiplexSettings(MultiplexMultiplexSettingsArgs.builder()\n .transportStreamBitrate(1000000)\n .transportStreamId(1)\n .transportStreamReservedBitrate(1)\n .maximumVideoBufferDelayMilliseconds(1000)\n .build())\n .startMultiplex(true)\n .tags(Map.of(\"tag1\", \"value1\"))\n .build());\n\n var exampleMultiplexProgram = new MultiplexProgram(\"exampleMultiplexProgram\", MultiplexProgramArgs.builder()\n .programName(\"example_program\")\n .multiplexId(example.id())\n .multiplexProgramSettings(MultiplexProgramMultiplexProgramSettingsArgs.builder()\n .programNumber(1)\n .preferredChannelPipeline(\"CURRENTLY_ACTIVE\")\n .videoSettings(MultiplexProgramMultiplexProgramSettingsVideoSettingsArgs.builder()\n .constantBitrate(100000)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:medialive:Multiplex\n properties:\n name: example-multiplex-changed\n availabilityZones:\n - ${available.names[0]}\n - ${available.names[1]}\n multiplexSettings:\n transportStreamBitrate: 1e+06\n transportStreamId: 1\n transportStreamReservedBitrate: 1\n maximumVideoBufferDelayMilliseconds: 1000\n startMultiplex: true\n tags:\n tag1: value1\n exampleMultiplexProgram:\n type: aws:medialive:MultiplexProgram\n name: example\n properties:\n programName: example_program\n multiplexId: ${example.id}\n multiplexProgramSettings:\n programNumber: 1\n preferredChannelPipeline: CURRENTLY_ACTIVE\n videoSettings:\n constantBitrate: 100000\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaLive MultiplexProgram using the `id`, or a combination of \"`program_name`/`multiplex_id`\". For example:\n\n```sh\n$ pulumi import aws:medialive/multiplexProgram:MultiplexProgram example example_program/1234567\n```\n", "properties": { "multiplexId": { "type": "string", "description": "Multiplex ID.\n" }, "multiplexProgramSettings": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettings:MultiplexProgramMultiplexProgramSettings", "description": "MultiplexProgram settings. See Multiplex Program Settings for more details.\n\nThe following arguments are optional:\n" }, "programName": { "type": "string", "description": "Unique program name.\n" } }, "required": [ "multiplexId", "programName" ], "inputProperties": { "multiplexId": { "type": "string", "description": "Multiplex ID.\n" }, "multiplexProgramSettings": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettings:MultiplexProgramMultiplexProgramSettings", "description": "MultiplexProgram settings. See Multiplex Program Settings for more details.\n\nThe following arguments are optional:\n" }, "programName": { "type": "string", "description": "Unique program name.\n" } }, "requiredInputs": [ "multiplexId", "programName" ], "stateInputs": { "description": "Input properties used for looking up and filtering MultiplexProgram resources.\n", "properties": { "multiplexId": { "type": "string", "description": "Multiplex ID.\n" }, "multiplexProgramSettings": { "$ref": "#/types/aws:medialive/MultiplexProgramMultiplexProgramSettings:MultiplexProgramMultiplexProgramSettings", "description": "MultiplexProgram settings. See Multiplex Program Settings for more details.\n\nThe following arguments are optional:\n" }, "programName": { "type": "string", "description": "Unique program name.\n" } }, "type": "object" } }, "aws:mediapackage/channel:Channel": { "description": "Provides an AWS Elemental MediaPackage Channel.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst kittens = new aws.mediapackage.Channel(\"kittens\", {\n channelId: \"kitten-channel\",\n description: \"A channel dedicated to amusing videos of kittens.\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkittens = aws.mediapackage.Channel(\"kittens\",\n channel_id=\"kitten-channel\",\n description=\"A channel dedicated to amusing videos of kittens.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kittens = new Aws.MediaPackage.Channel(\"kittens\", new()\n {\n ChannelId = \"kitten-channel\",\n Description = \"A channel dedicated to amusing videos of kittens.\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mediapackage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mediapackage.NewChannel(ctx, \"kittens\", \u0026mediapackage.ChannelArgs{\n\t\t\tChannelId: pulumi.String(\"kitten-channel\"),\n\t\t\tDescription: pulumi.String(\"A channel dedicated to amusing videos of kittens.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mediapackage.Channel;\nimport com.pulumi.aws.mediapackage.ChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kittens = new Channel(\"kittens\", ChannelArgs.builder()\n .channelId(\"kitten-channel\")\n .description(\"A channel dedicated to amusing videos of kittens.\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kittens:\n type: aws:mediapackage:Channel\n properties:\n channelId: kitten-channel\n description: A channel dedicated to amusing videos of kittens.\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Media Package Channels using the channel ID. For example:\n\n```sh\n$ pulumi import aws:mediapackage/channel:Channel kittens kittens-channel\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the channel\n" }, "channelId": { "type": "string", "description": "A unique identifier describing the channel\n" }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "hlsIngests": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest" }, "description": "A single item list of HLS ingest information\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "channelId", "description", "hlsIngests", "tagsAll" ], "inputProperties": { "channelId": { "type": "string", "description": "A unique identifier describing the channel\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "channelId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Channel resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the channel\n" }, "channelId": { "type": "string", "description": "A unique identifier describing the channel\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description of the channel\n", "default": "Managed by Pulumi" }, "hlsIngests": { "type": "array", "items": { "$ref": "#/types/aws:mediapackage/ChannelHlsIngest:ChannelHlsIngest" }, "description": "A single item list of HLS ingest information\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:mediastore/container:Container": { "description": "Provides a MediaStore Container.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mediastore.Container(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mediastore.Container(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MediaStore.Container(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mediastore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mediastore.NewContainer(ctx, \"example\", \u0026mediastore.ContainerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mediastore.Container;\nimport com.pulumi.aws.mediastore.ContainerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Container(\"example\", ContainerArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mediastore:Container\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaStore Container using the MediaStore Container Name. For example:\n\n```sh\n$ pulumi import aws:mediastore/container:Container example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the container.\n" }, "endpoint": { "type": "string", "description": "The DNS endpoint of the container.\n" }, "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "endpoint", "name", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Container resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the container.\n" }, "endpoint": { "type": "string", "description": "The DNS endpoint of the container.\n" }, "name": { "type": "string", "description": "The name of the container. Must contain alphanumeric characters or underscores.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:mediastore/containerPolicy:ContainerPolicy": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleContainer = new aws.mediastore.Container(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"MediaStoreFullAccess\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [currentGetCallerIdentity.then(currentGetCallerIdentity =\u003e `arn:aws:iam::${currentGetCallerIdentity.accountId}:root`)],\n }],\n actions: [\"mediastore:*\"],\n resources: [pulumi.all([current, currentGetCallerIdentity, exampleContainer.name]).apply(([current, currentGetCallerIdentity, name]) =\u003e `arn:aws:mediastore:${current.name}:${currentGetCallerIdentity.accountId}:container/${name}/*`)],\n conditions: [{\n test: \"Bool\",\n variable: \"aws:SecureTransport\",\n values: [\"true\"],\n }],\n }],\n});\nconst exampleContainerPolicy = new aws.mediastore.ContainerPolicy(\"example\", {\n containerName: exampleContainer.name,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_container = aws.mediastore.Container(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document_output(statements=[{\n \"sid\": \"MediaStoreFullAccess\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [f\"arn:aws:iam::{current_get_caller_identity.account_id}:root\"],\n }],\n \"actions\": [\"mediastore:*\"],\n \"resources\": [example_container.name.apply(lambda name: f\"arn:aws:mediastore:{current.name}:{current_get_caller_identity.account_id}:container/{name}/*\")],\n \"conditions\": [{\n \"test\": \"Bool\",\n \"variable\": \"aws:SecureTransport\",\n \"values\": [\"true\"],\n }],\n}])\nexample_container_policy = aws.mediastore.ContainerPolicy(\"example\",\n container_name=example_container.name,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleContainer = new Aws.MediaStore.Container(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"MediaStoreFullAccess\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n Actions = new[]\n {\n \"mediastore:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:mediastore:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:container/{exampleContainer.Name}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"Bool\",\n Variable = \"aws:SecureTransport\",\n Values = new[]\n {\n \"true\",\n },\n },\n },\n },\n },\n });\n\n var exampleContainerPolicy = new Aws.MediaStore.ContainerPolicy(\"example\", new()\n {\n ContainerName = exampleContainer.Name,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mediastore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleContainer, err := mediastore.NewContainer(ctx, \"example\", \u0026mediastore.ContainerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"MediaStoreFullAccess\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:aws:iam::%v:root\", currentGetCallerIdentity.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"mediastore:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleContainer.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:mediastore:%v:%v:container/%v/*\", current.Name, currentGetCallerIdentity.AccountId, name), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"Bool\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SecureTransport\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"true\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = mediastore.NewContainerPolicy(ctx, \"example\", \u0026mediastore.ContainerPolicyArgs{\n\t\t\tContainerName: exampleContainer.Name,\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.mediastore.Container;\nimport com.pulumi.aws.mediastore.ContainerArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.mediastore.ContainerPolicy;\nimport com.pulumi.aws.mediastore.ContainerPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleContainer = new Container(\"exampleContainer\", ContainerArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"MediaStoreFullAccess\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .actions(\"mediastore:*\")\n .resources(exampleContainer.name().applyValue(name -\u003e String.format(\"arn:aws:mediastore:%s:%s:container/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),name)))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"Bool\")\n .variable(\"aws:SecureTransport\")\n .values(\"true\")\n .build())\n .build())\n .build());\n\n var exampleContainerPolicy = new ContainerPolicy(\"exampleContainerPolicy\", ContainerPolicyArgs.builder()\n .containerName(exampleContainer.name())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleContainer:\n type: aws:mediastore:Container\n name: example\n properties:\n name: example\n exampleContainerPolicy:\n type: aws:mediastore:ContainerPolicy\n name: example\n properties:\n containerName: ${exampleContainer.name}\n policy: ${example.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: MediaStoreFullAccess\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${currentGetCallerIdentity.accountId}:root\n actions:\n - mediastore:*\n resources:\n - arn:aws:mediastore:${current.name}:${currentGetCallerIdentity.accountId}:container/${exampleContainer.name}/*\n conditions:\n - test: Bool\n variable: aws:SecureTransport\n values:\n - 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MediaStore Container Policy using the MediaStore Container Name. For example:\n\n```sh\n$ pulumi import aws:mediastore/containerPolicy:ContainerPolicy example example\n```\n", "properties": { "containerName": { "type": "string", "description": "The name of the container.\n" }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "required": [ "containerName", "policy" ], "inputProperties": { "containerName": { "type": "string", "description": "The name of the container.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "requiredInputs": [ "containerName", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContainerPolicy resources.\n", "properties": { "containerName": { "type": "string", "description": "The name of the container.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The contents of the policy.\n" } }, "type": "object" } }, "aws:memorydb/acl:Acl": { "description": "Provides a MemoryDB ACL.\n\nMore information about users and ACL-s can be found in the [MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/clusters.acls.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.memorydb.Acl(\"example\", {\n name: \"my-acl\",\n userNames: [\n \"my-user-1\",\n \"my-user-2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.Acl(\"example\",\n name=\"my-acl\",\n user_names=[\n \"my-user-1\",\n \"my-user-2\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MemoryDb.Acl(\"example\", new()\n {\n Name = \"my-acl\",\n UserNames = new[]\n {\n \"my-user-1\",\n \"my-user-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.NewAcl(ctx, \"example\", \u0026memorydb.AclArgs{\n\t\t\tName: pulumi.String(\"my-acl\"),\n\t\t\tUserNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my-user-1\"),\n\t\t\t\tpulumi.String(\"my-user-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.Acl;\nimport com.pulumi.aws.memorydb.AclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Acl(\"example\", AclArgs.builder()\n .name(\"my-acl\")\n .userNames( \n \"my-user-1\",\n \"my-user-2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:memorydb:Acl\n properties:\n name: my-acl\n userNames:\n - my-user-1\n - my-user-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an ACL using the `name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/acl:Acl example my-acl\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ACL.\n" }, "minimumEngineVersion": { "type": "string", "description": "The minimum engine version supported by the ACL.\n" }, "name": { "type": "string", "description": "Name of the ACL. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userNames": { "type": "array", "items": { "type": "string" }, "description": "Set of MemoryDB user names to be included in this ACL.\n" } }, "required": [ "arn", "minimumEngineVersion", "name", "namePrefix", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the ACL. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userNames": { "type": "array", "items": { "type": "string" }, "description": "Set of MemoryDB user names to be included in this ACL.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Acl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the ACL.\n" }, "minimumEngineVersion": { "type": "string", "description": "The minimum engine version supported by the ACL.\n" }, "name": { "type": "string", "description": "Name of the ACL. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userNames": { "type": "array", "items": { "type": "string" }, "description": "Set of MemoryDB user names to be included in this ACL.\n" } }, "type": "object" } }, "aws:memorydb/cluster:Cluster": { "description": "Provides a MemoryDB Cluster.\n\nMore information about MemoryDB can be found in the [Developer Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/what-is-memorydb-for-redis.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.memorydb.Cluster(\"example\", {\n aclName: \"open-access\",\n name: \"my-cluster\",\n nodeType: \"db.t4g.small\",\n numShards: 2,\n securityGroupIds: [exampleAwsSecurityGroup.id],\n snapshotRetentionLimit: 7,\n subnetGroupName: exampleAwsMemorydbSubnetGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.Cluster(\"example\",\n acl_name=\"open-access\",\n name=\"my-cluster\",\n node_type=\"db.t4g.small\",\n num_shards=2,\n security_group_ids=[example_aws_security_group[\"id\"]],\n snapshot_retention_limit=7,\n subnet_group_name=example_aws_memorydb_subnet_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MemoryDb.Cluster(\"example\", new()\n {\n AclName = \"open-access\",\n Name = \"my-cluster\",\n NodeType = \"db.t4g.small\",\n NumShards = 2,\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SnapshotRetentionLimit = 7,\n SubnetGroupName = exampleAwsMemorydbSubnetGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.NewCluster(ctx, \"example\", \u0026memorydb.ClusterArgs{\n\t\t\tAclName: pulumi.String(\"open-access\"),\n\t\t\tName: pulumi.String(\"my-cluster\"),\n\t\t\tNodeType: pulumi.String(\"db.t4g.small\"),\n\t\t\tNumShards: pulumi.Int(2),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSnapshotRetentionLimit: pulumi.Int(7),\n\t\t\tSubnetGroupName: pulumi.Any(exampleAwsMemorydbSubnetGroup.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.Cluster;\nimport com.pulumi.aws.memorydb.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .aclName(\"open-access\")\n .name(\"my-cluster\")\n .nodeType(\"db.t4g.small\")\n .numShards(2)\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .snapshotRetentionLimit(7)\n .subnetGroupName(exampleAwsMemorydbSubnetGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:memorydb:Cluster\n properties:\n aclName: open-access\n name: my-cluster\n nodeType: db.t4g.small\n numShards: 2\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n snapshotRetentionLimit: 7\n subnetGroupName: ${exampleAwsMemorydbSubnetGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a cluster using the `name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/cluster:Cluster example my-cluster\n```\n", "properties": { "aclName": { "type": "string", "description": "The name of the Access Control List to associate with the cluster.\n" }, "arn": { "type": "string", "description": "The ARN of the cluster.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "When set to `true`, the cluster will automatically receive minor engine version upgrades after launch. Defaults to `true`.\n" }, "clusterEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterClusterEndpoint:ClusterClusterEndpoint" } }, "dataTiering": { "type": "boolean", "description": "Enables data tiering. This option is not supported by all instance types. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html).\n" }, "description": { "type": "string", "description": "Description for the cluster.\n" }, "enginePatchVersion": { "type": "string", "description": "Patch version number of the Redis engine used by the cluster.\n" }, "engineVersion": { "type": "string", "description": "Version number of the Redis engine to be used for the cluster. Downgrades are not supported.\n" }, "finalSnapshotName": { "type": "string", "description": "Name of the final cluster snapshot to be created when this resource is deleted. If omitted, no final snapshot will be made.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the cluster at rest.\n" }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range during which maintenance on the cluster is performed. Specify as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:23:00-mon:01:30`.\n" }, "name": { "type": "string", "description": "Name of the cluster. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the cluster. See AWS documentation on [supported node types](https://docs.aws.amazon.com/memorydb/latest/devguide/nodes.supportedtypes.html) as well as [vertical scaling](https://docs.aws.amazon.com/memorydb/latest/devguide/cluster-vertical-scaling.html).\n\nThe following arguments are optional:\n" }, "numReplicasPerShard": { "type": "integer", "description": "The number of replicas to apply to each shard, up to a maximum of 5. Defaults to `1` (i.e. 2 nodes per shard).\n" }, "numShards": { "type": "integer", "description": "The number of shards in the cluster. Defaults to `1`.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group associated with the cluster.\n" }, "port": { "type": "integer", "description": "The port number on which each of the nodes accepts connections. Defaults to `6379`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Security Group ID-s to associate with this cluster.\n" }, "shards": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterShard:ClusterShard" }, "description": "Set of shards in this cluster.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARN-s that uniquely identify RDB snapshot files stored in S3. The snapshot files will be used to populate the new cluster. Object names in the ARN-s cannot contain any commas.\n" }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new cluster.\n" }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. When set to `0`, automatic backups are disabled. Defaults to `0`.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: `05:00-09:00`.\n" }, "snsTopicArn": { "type": "string", "description": "ARN of the SNS topic to which cluster notifications are sent.\n" }, "subnetGroupName": { "type": "string", "description": "The name of the subnet group to be used for the cluster. Defaults to a subnet group consisting of default VPC subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tlsEnabled": { "type": "boolean", "description": "A flag to enable in-transit encryption on the cluster. When set to `false`, the `acl_name` must be `open-access`. Defaults to `true`.\n" } }, "required": [ "aclName", "arn", "clusterEndpoints", "enginePatchVersion", "engineVersion", "maintenanceWindow", "name", "namePrefix", "nodeType", "parameterGroupName", "port", "shards", "snapshotRetentionLimit", "snapshotWindow", "subnetGroupName", "tagsAll" ], "inputProperties": { "aclName": { "type": "string", "description": "The name of the Access Control List to associate with the cluster.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "When set to `true`, the cluster will automatically receive minor engine version upgrades after launch. Defaults to `true`.\n", "willReplaceOnChanges": true }, "dataTiering": { "type": "boolean", "description": "Enables data tiering. This option is not supported by all instance types. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description for the cluster.\n" }, "engineVersion": { "type": "string", "description": "Version number of the Redis engine to be used for the cluster. Downgrades are not supported.\n" }, "finalSnapshotName": { "type": "string", "description": "Name of the final cluster snapshot to be created when this resource is deleted. If omitted, no final snapshot will be made.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the cluster at rest.\n", "willReplaceOnChanges": true }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range during which maintenance on the cluster is performed. Specify as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:23:00-mon:01:30`.\n" }, "name": { "type": "string", "description": "Name of the cluster. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the cluster. See AWS documentation on [supported node types](https://docs.aws.amazon.com/memorydb/latest/devguide/nodes.supportedtypes.html) as well as [vertical scaling](https://docs.aws.amazon.com/memorydb/latest/devguide/cluster-vertical-scaling.html).\n\nThe following arguments are optional:\n" }, "numReplicasPerShard": { "type": "integer", "description": "The number of replicas to apply to each shard, up to a maximum of 5. Defaults to `1` (i.e. 2 nodes per shard).\n" }, "numShards": { "type": "integer", "description": "The number of shards in the cluster. Defaults to `1`.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group associated with the cluster.\n" }, "port": { "type": "integer", "description": "The port number on which each of the nodes accepts connections. Defaults to `6379`.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Security Group ID-s to associate with this cluster.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARN-s that uniquely identify RDB snapshot files stored in S3. The snapshot files will be used to populate the new cluster. Object names in the ARN-s cannot contain any commas.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new cluster.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. When set to `0`, automatic backups are disabled. Defaults to `0`.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: `05:00-09:00`.\n" }, "snsTopicArn": { "type": "string", "description": "ARN of the SNS topic to which cluster notifications are sent.\n" }, "subnetGroupName": { "type": "string", "description": "The name of the subnet group to be used for the cluster. Defaults to a subnet group consisting of default VPC subnets.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tlsEnabled": { "type": "boolean", "description": "A flag to enable in-transit encryption on the cluster. When set to `false`, the `acl_name` must be `open-access`. Defaults to `true`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "aclName", "nodeType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "aclName": { "type": "string", "description": "The name of the Access Control List to associate with the cluster.\n" }, "arn": { "type": "string", "description": "The ARN of the cluster.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "When set to `true`, the cluster will automatically receive minor engine version upgrades after launch. Defaults to `true`.\n", "willReplaceOnChanges": true }, "clusterEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterClusterEndpoint:ClusterClusterEndpoint" } }, "dataTiering": { "type": "boolean", "description": "Enables data tiering. This option is not supported by all instance types. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description for the cluster.\n" }, "enginePatchVersion": { "type": "string", "description": "Patch version number of the Redis engine used by the cluster.\n" }, "engineVersion": { "type": "string", "description": "Version number of the Redis engine to be used for the cluster. Downgrades are not supported.\n" }, "finalSnapshotName": { "type": "string", "description": "Name of the final cluster snapshot to be created when this resource is deleted. If omitted, no final snapshot will be made.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the cluster at rest.\n", "willReplaceOnChanges": true }, "maintenanceWindow": { "type": "string", "description": "Specifies the weekly time range during which maintenance on the cluster is performed. Specify as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period. Example: `sun:23:00-mon:01:30`.\n" }, "name": { "type": "string", "description": "Name of the cluster. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", "description": "The compute and memory capacity of the nodes in the cluster. See AWS documentation on [supported node types](https://docs.aws.amazon.com/memorydb/latest/devguide/nodes.supportedtypes.html) as well as [vertical scaling](https://docs.aws.amazon.com/memorydb/latest/devguide/cluster-vertical-scaling.html).\n\nThe following arguments are optional:\n" }, "numReplicasPerShard": { "type": "integer", "description": "The number of replicas to apply to each shard, up to a maximum of 5. Defaults to `1` (i.e. 2 nodes per shard).\n" }, "numShards": { "type": "integer", "description": "The number of shards in the cluster. Defaults to `1`.\n" }, "parameterGroupName": { "type": "string", "description": "The name of the parameter group associated with the cluster.\n" }, "port": { "type": "integer", "description": "The port number on which each of the nodes accepts connections. Defaults to `6379`.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Security Group ID-s to associate with this cluster.\n" }, "shards": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ClusterShard:ClusterShard" }, "description": "Set of shards in this cluster.\n" }, "snapshotArns": { "type": "array", "items": { "type": "string" }, "description": "List of ARN-s that uniquely identify RDB snapshot files stored in S3. The snapshot files will be used to populate the new cluster. Object names in the ARN-s cannot contain any commas.\n", "willReplaceOnChanges": true }, "snapshotName": { "type": "string", "description": "The name of a snapshot from which to restore data into the new cluster.\n", "willReplaceOnChanges": true }, "snapshotRetentionLimit": { "type": "integer", "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. When set to `0`, automatic backups are disabled. Defaults to `0`.\n" }, "snapshotWindow": { "type": "string", "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: `05:00-09:00`.\n" }, "snsTopicArn": { "type": "string", "description": "ARN of the SNS topic to which cluster notifications are sent.\n" }, "subnetGroupName": { "type": "string", "description": "The name of the subnet group to be used for the cluster. Defaults to a subnet group consisting of default VPC subnets.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tlsEnabled": { "type": "boolean", "description": "A flag to enable in-transit encryption on the cluster. When set to `false`, the `acl_name` must be `open-access`. Defaults to `true`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:memorydb/parameterGroup:ParameterGroup": { "description": "Provides a MemoryDB Parameter Group.\n\nMore information about parameter groups can be found in the [MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/parametergroups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.memorydb.ParameterGroup(\"example\", {\n name: \"my-parameter-group\",\n family: \"memorydb_redis6\",\n parameters: [{\n name: \"activedefrag\",\n value: \"yes\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.ParameterGroup(\"example\",\n name=\"my-parameter-group\",\n family=\"memorydb_redis6\",\n parameters=[{\n \"name\": \"activedefrag\",\n \"value\": \"yes\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MemoryDb.ParameterGroup(\"example\", new()\n {\n Name = \"my-parameter-group\",\n Family = \"memorydb_redis6\",\n Parameters = new[]\n {\n new Aws.MemoryDb.Inputs.ParameterGroupParameterArgs\n {\n Name = \"activedefrag\",\n Value = \"yes\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.NewParameterGroup(ctx, \"example\", \u0026memorydb.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"my-parameter-group\"),\n\t\t\tFamily: pulumi.String(\"memorydb_redis6\"),\n\t\t\tParameters: memorydb.ParameterGroupParameterArray{\n\t\t\t\t\u0026memorydb.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"activedefrag\"),\n\t\t\t\t\tValue: pulumi.String(\"yes\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.ParameterGroup;\nimport com.pulumi.aws.memorydb.ParameterGroupArgs;\nimport com.pulumi.aws.memorydb.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ParameterGroup(\"example\", ParameterGroupArgs.builder()\n .name(\"my-parameter-group\")\n .family(\"memorydb_redis6\")\n .parameters(ParameterGroupParameterArgs.builder()\n .name(\"activedefrag\")\n .value(\"yes\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:memorydb:ParameterGroup\n properties:\n name: my-parameter-group\n family: memorydb_redis6\n parameters:\n - name: activedefrag\n value: yes\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a parameter group using the `name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/parameterGroup:ParameterGroup example my-parameter-group\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the parameter group.\n" }, "description": { "type": "string", "description": "Description for the parameter group.\n" }, "family": { "type": "string", "description": "The engine version that the parameter group can be used with.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the parameter group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ParameterGroupParameter:ParameterGroupParameter" }, "description": "Set of MemoryDB parameters to apply. Any parameters not specified will fall back to their family defaults. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description for the parameter group.\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The engine version that the parameter group can be used with.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the parameter group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ParameterGroupParameter:ParameterGroupParameter" }, "description": "Set of MemoryDB parameters to apply. Any parameters not specified will fall back to their family defaults. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the parameter group.\n" }, "description": { "type": "string", "description": "Description for the parameter group.\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The engine version that the parameter group can be used with.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the parameter group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/ParameterGroupParameter:ParameterGroupParameter" }, "description": "Set of MemoryDB parameters to apply. Any parameters not specified will fall back to their family defaults. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:memorydb/snapshot:Snapshot": { "description": "Provides a MemoryDB Snapshot.\n\nMore information about snapshot and restore can be found in the [MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/snapshots.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.memorydb.Snapshot(\"example\", {\n clusterName: exampleAwsMemorydbCluster.name,\n name: \"my-snapshot\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.Snapshot(\"example\",\n cluster_name=example_aws_memorydb_cluster[\"name\"],\n name=\"my-snapshot\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MemoryDb.Snapshot(\"example\", new()\n {\n ClusterName = exampleAwsMemorydbCluster.Name,\n Name = \"my-snapshot\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.NewSnapshot(ctx, \"example\", \u0026memorydb.SnapshotArgs{\n\t\t\tClusterName: pulumi.Any(exampleAwsMemorydbCluster.Name),\n\t\t\tName: pulumi.String(\"my-snapshot\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.Snapshot;\nimport com.pulumi.aws.memorydb.SnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Snapshot(\"example\", SnapshotArgs.builder()\n .clusterName(exampleAwsMemorydbCluster.name())\n .name(\"my-snapshot\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:memorydb:Snapshot\n properties:\n clusterName: ${exampleAwsMemorydbCluster.name}\n name: my-snapshot\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a snapshot using the `name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/snapshot:Snapshot example my-snapshot\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the snapshot.\n" }, "clusterConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/SnapshotClusterConfiguration:SnapshotClusterConfiguration" }, "description": "The configuration of the cluster from which the snapshot was taken.\n" }, "clusterName": { "type": "string", "description": "Name of the MemoryDB cluster to take a snapshot of.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the snapshot at rest.\n" }, "name": { "type": "string", "description": "Name of the snapshot. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "source": { "type": "string", "description": "Indicates whether the snapshot is from an automatic backup (`automated`) or was created manually (`manual`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterConfigurations", "clusterName", "name", "namePrefix", "source", "tagsAll" ], "inputProperties": { "clusterName": { "type": "string", "description": "Name of the MemoryDB cluster to take a snapshot of.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the snapshot at rest.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the snapshot. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the snapshot.\n" }, "clusterConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:memorydb/SnapshotClusterConfiguration:SnapshotClusterConfiguration" }, "description": "The configuration of the cluster from which the snapshot was taken.\n" }, "clusterName": { "type": "string", "description": "Name of the MemoryDB cluster to take a snapshot of.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN of the KMS key used to encrypt the snapshot at rest.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the snapshot. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "source": { "type": "string", "description": "Indicates whether the snapshot is from an automatic backup (`automated`) or was created manually (`manual`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:memorydb/subnetGroup:SubnetGroup": { "description": "Provides a MemoryDB Subnet Group.\n\nMore information about subnet groups can be found in the [MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/subnetgroups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleSubnet = new aws.ec2.Subnet(\"example\", {\n vpcId: example.id,\n cidrBlock: \"10.0.0.0/24\",\n availabilityZone: \"us-west-2a\",\n});\nconst exampleSubnetGroup = new aws.memorydb.SubnetGroup(\"example\", {\n name: \"my-subnet-group\",\n subnetIds: [exampleSubnet.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_subnet = aws.ec2.Subnet(\"example\",\n vpc_id=example.id,\n cidr_block=\"10.0.0.0/24\",\n availability_zone=\"us-west-2a\")\nexample_subnet_group = aws.memorydb.SubnetGroup(\"example\",\n name=\"my-subnet-group\",\n subnet_ids=[example_subnet.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleSubnet = new Aws.Ec2.Subnet(\"example\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"10.0.0.0/24\",\n AvailabilityZone = \"us-west-2a\",\n });\n\n var exampleSubnetGroup = new Aws.MemoryDb.SubnetGroup(\"example\", new()\n {\n Name = \"my-subnet-group\",\n SubnetIds = new[]\n {\n exampleSubnet.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = memorydb.NewSubnetGroup(ctx, \"example\", \u0026memorydb.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"my-subnet-group\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleSubnet.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.memorydb.SubnetGroup;\nimport com.pulumi.aws.memorydb.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"10.0.0.0/24\")\n .availabilityZone(\"us-west-2a\")\n .build());\n\n var exampleSubnetGroup = new SubnetGroup(\"exampleSubnetGroup\", SubnetGroupArgs.builder()\n .name(\"my-subnet-group\")\n .subnetIds(exampleSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n exampleSubnet:\n type: aws:ec2:Subnet\n name: example\n properties:\n vpcId: ${example.id}\n cidrBlock: 10.0.0.0/24\n availabilityZone: us-west-2a\n exampleSubnetGroup:\n type: aws:memorydb:SubnetGroup\n name: example\n properties:\n name: my-subnet-group\n subnetIds:\n - ${exampleSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a subnet group using its `name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/subnetGroup:SubnetGroup example my-subnet-group\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet group.\n" }, "description": { "type": "string", "description": "Description for the subnet group.\n" }, "name": { "type": "string", "description": "Name of the subnet group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Subnet ID-s for the subnet group. At least one subnet must be provided.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC in which the subnet group exists.\n" } }, "required": [ "arn", "name", "namePrefix", "subnetIds", "tagsAll", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "Description for the subnet group.\n" }, "name": { "type": "string", "description": "Name of the subnet group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Subnet ID-s for the subnet group. At least one subnet must be provided.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the subnet group.\n" }, "description": { "type": "string", "description": "Description for the subnet group.\n" }, "name": { "type": "string", "description": "Name of the subnet group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "Set of VPC Subnet ID-s for the subnet group. At least one subnet must be provided.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC in which the subnet group exists.\n" } }, "type": "object" } }, "aws:memorydb/user:User": { "description": "Provides a MemoryDB User.\n\nMore information about users and ACL-s can be found in the [MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/latest/devguide/clusters.acls.html).\n\n\u003e **Note:** All arguments including the username and passwords will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as random from \"@pulumi/random\";\n\nconst example = new random.index.Password(\"example\", {length: 16});\nconst exampleUser = new aws.memorydb.User(\"example\", {\n userName: \"my-user\",\n accessString: \"on ~* \u0026* +@all\",\n authenticationMode: {\n type: \"password\",\n passwords: [example.result],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_random as random\n\nexample = random.index.Password(\"example\", length=16)\nexample_user = aws.memorydb.User(\"example\",\n user_name=\"my-user\",\n access_string=\"on ~* \u0026* +@all\",\n authentication_mode={\n \"type\": \"password\",\n \"passwords\": [example[\"result\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Random.Index.Password(\"example\", new()\n {\n Length = 16,\n });\n\n var exampleUser = new Aws.MemoryDb.User(\"example\", new()\n {\n UserName = \"my-user\",\n AccessString = \"on ~* \u0026* +@all\",\n AuthenticationMode = new Aws.MemoryDb.Inputs.UserAuthenticationModeArgs\n {\n Type = \"password\",\n Passwords = new[]\n {\n example.Result,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := random.NewPassword(ctx, \"example\", \u0026random.PasswordArgs{\n\t\t\tLength: 16,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = memorydb.NewUser(ctx, \"example\", \u0026memorydb.UserArgs{\n\t\t\tUserName: pulumi.String(\"my-user\"),\n\t\t\tAccessString: pulumi.String(\"on ~* \u0026* +@all\"),\n\t\t\tAuthenticationMode: \u0026memorydb.UserAuthenticationModeArgs{\n\t\t\t\tType: pulumi.String(\"password\"),\n\t\t\t\tPasswords: pulumi.StringArray{\n\t\t\t\t\texample.Result,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.password;\nimport com.pulumi.random.PasswordArgs;\nimport com.pulumi.aws.memorydb.User;\nimport com.pulumi.aws.memorydb.UserArgs;\nimport com.pulumi.aws.memorydb.inputs.UserAuthenticationModeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Password(\"example\", PasswordArgs.builder()\n .length(16)\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .userName(\"my-user\")\n .accessString(\"on ~* \u0026* +@all\")\n .authenticationMode(UserAuthenticationModeArgs.builder()\n .type(\"password\")\n .passwords(example.result())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: random:password\n properties:\n length: 16\n exampleUser:\n type: aws:memorydb:User\n name: example\n properties:\n userName: my-user\n accessString: on ~* \u0026* +@all\n authenticationMode:\n type: password\n passwords:\n - ${example.result}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a user using the `user_name`. For example:\n\n```sh\n$ pulumi import aws:memorydb/user:User example my-user\n```\nThe `passwords` are not available for imported resources, as this information cannot be read back from the MemoryDB API.\n\n", "properties": { "accessString": { "type": "string", "description": "Access permissions string used for this user.\n" }, "arn": { "type": "string", "description": "ARN of the user.\n" }, "authenticationMode": { "$ref": "#/types/aws:memorydb/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "minimumEngineVersion": { "type": "string", "description": "Minimum engine version supported for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "Name of the MemoryDB user. Up to 40 characters.\n\nThe following arguments are optional:\n" } }, "required": [ "accessString", "arn", "authenticationMode", "minimumEngineVersion", "tagsAll", "userName" ], "inputProperties": { "accessString": { "type": "string", "description": "Access permissions string used for this user.\n" }, "authenticationMode": { "$ref": "#/types/aws:memorydb/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userName": { "type": "string", "description": "Name of the MemoryDB user. Up to 40 characters.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accessString", "authenticationMode", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "accessString": { "type": "string", "description": "Access permissions string used for this user.\n" }, "arn": { "type": "string", "description": "ARN of the user.\n" }, "authenticationMode": { "$ref": "#/types/aws:memorydb/UserAuthenticationMode:UserAuthenticationMode", "description": "Denotes the user's authentication properties. Detailed below.\n" }, "minimumEngineVersion": { "type": "string", "description": "Minimum engine version supported for the user.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "Name of the MemoryDB user. Up to 40 characters.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:mq/broker:Broker": { "description": "Provides an Amazon MQ broker resource. This resources also manages users for the broker.\n\n\u003e For more information on Amazon MQ, see [Amazon MQ documentation](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/welcome.html).\n\n\u003e **NOTE:** Amazon MQ currently places limits on **RabbitMQ** brokers. For example, a RabbitMQ broker cannot have: instances with an associated IP address of an ENI attached to the broker, an associated LDAP server to authenticate and authorize broker connections, storage type `EFS`, or audit logging. Although this resource allows you to create RabbitMQ users, RabbitMQ users cannot have console access or groups. Also, Amazon MQ does not return information about RabbitMQ users so drift detection is not possible.\n\n\u003e **NOTE:** Changes to an MQ Broker can occur when you change a parameter, such as `configuration` or `user`, and are reflected in the next maintenance window. Because of this, the provider may report a difference in its planning phase because a modification has not yet taken place. You can use the `apply_immediately` flag to instruct the service to apply the change immediately (see documentation below). Using `apply_immediately` can result in a brief downtime as the broker reboots.\n\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Broker(\"example\", {\n brokerName: \"example\",\n configuration: {\n id: test.id,\n revision: test.latestRevision,\n },\n engineType: \"ActiveMQ\",\n engineVersion: \"5.17.6\",\n hostInstanceType: \"mq.t2.micro\",\n securityGroups: [testAwsSecurityGroup.id],\n users: [{\n username: \"ExampleUser\",\n password: \"MindTheGap\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Broker(\"example\",\n broker_name=\"example\",\n configuration={\n \"id\": test[\"id\"],\n \"revision\": test[\"latestRevision\"],\n },\n engine_type=\"ActiveMQ\",\n engine_version=\"5.17.6\",\n host_instance_type=\"mq.t2.micro\",\n security_groups=[test_aws_security_group[\"id\"]],\n users=[{\n \"username\": \"ExampleUser\",\n \"password\": \"MindTheGap\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mq.Broker(\"example\", new()\n {\n BrokerName = \"example\",\n Configuration = new Aws.Mq.Inputs.BrokerConfigurationArgs\n {\n Id = test.Id,\n Revision = test.LatestRevision,\n },\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.17.6\",\n HostInstanceType = \"mq.t2.micro\",\n SecurityGroups = new[]\n {\n testAwsSecurityGroup.Id,\n },\n Users = new[]\n {\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleUser\",\n Password = \"MindTheGap\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.NewBroker(ctx, \"example\", \u0026mq.BrokerArgs{\n\t\t\tBrokerName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026mq.BrokerConfigurationArgs{\n\t\t\t\tId: pulumi.Any(test.Id),\n\t\t\t\tRevision: pulumi.Any(test.LatestRevision),\n\t\t\t},\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.17.6\"),\n\t\t\tHostInstanceType: pulumi.String(\"mq.t2.micro\"),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tUsers: mq.BrokerUserArray{\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"MindTheGap\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.Broker;\nimport com.pulumi.aws.mq.BrokerArgs;\nimport com.pulumi.aws.mq.inputs.BrokerConfigurationArgs;\nimport com.pulumi.aws.mq.inputs.BrokerUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Broker(\"example\", BrokerArgs.builder()\n .brokerName(\"example\")\n .configuration(BrokerConfigurationArgs.builder()\n .id(test.id())\n .revision(test.latestRevision())\n .build())\n .engineType(\"ActiveMQ\")\n .engineVersion(\"5.17.6\")\n .hostInstanceType(\"mq.t2.micro\")\n .securityGroups(testAwsSecurityGroup.id())\n .users(BrokerUserArgs.builder()\n .username(\"ExampleUser\")\n .password(\"MindTheGap\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mq:Broker\n properties:\n brokerName: example\n configuration:\n id: ${test.id}\n revision: ${test.latestRevision}\n engineType: ActiveMQ\n engineVersion: 5.17.6\n hostInstanceType: mq.t2.micro\n securityGroups:\n - ${testAwsSecurityGroup.id}\n users:\n - username: ExampleUser\n password: MindTheGap\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### High-throughput Optimized Example\n\nThis example shows the use of EBS storage for high-throughput optimized performance.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Broker(\"example\", {\n brokerName: \"example\",\n configuration: {\n id: test.id,\n revision: test.latestRevision,\n },\n engineType: \"ActiveMQ\",\n engineVersion: \"5.17.6\",\n storageType: \"ebs\",\n hostInstanceType: \"mq.m5.large\",\n securityGroups: [testAwsSecurityGroup.id],\n users: [{\n username: \"ExampleUser\",\n password: \"MindTheGap\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Broker(\"example\",\n broker_name=\"example\",\n configuration={\n \"id\": test[\"id\"],\n \"revision\": test[\"latestRevision\"],\n },\n engine_type=\"ActiveMQ\",\n engine_version=\"5.17.6\",\n storage_type=\"ebs\",\n host_instance_type=\"mq.m5.large\",\n security_groups=[test_aws_security_group[\"id\"]],\n users=[{\n \"username\": \"ExampleUser\",\n \"password\": \"MindTheGap\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mq.Broker(\"example\", new()\n {\n BrokerName = \"example\",\n Configuration = new Aws.Mq.Inputs.BrokerConfigurationArgs\n {\n Id = test.Id,\n Revision = test.LatestRevision,\n },\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.17.6\",\n StorageType = \"ebs\",\n HostInstanceType = \"mq.m5.large\",\n SecurityGroups = new[]\n {\n testAwsSecurityGroup.Id,\n },\n Users = new[]\n {\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleUser\",\n Password = \"MindTheGap\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.NewBroker(ctx, \"example\", \u0026mq.BrokerArgs{\n\t\t\tBrokerName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026mq.BrokerConfigurationArgs{\n\t\t\t\tId: pulumi.Any(test.Id),\n\t\t\t\tRevision: pulumi.Any(test.LatestRevision),\n\t\t\t},\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.17.6\"),\n\t\t\tStorageType: pulumi.String(\"ebs\"),\n\t\t\tHostInstanceType: pulumi.String(\"mq.m5.large\"),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tUsers: mq.BrokerUserArray{\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"MindTheGap\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.Broker;\nimport com.pulumi.aws.mq.BrokerArgs;\nimport com.pulumi.aws.mq.inputs.BrokerConfigurationArgs;\nimport com.pulumi.aws.mq.inputs.BrokerUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Broker(\"example\", BrokerArgs.builder()\n .brokerName(\"example\")\n .configuration(BrokerConfigurationArgs.builder()\n .id(test.id())\n .revision(test.latestRevision())\n .build())\n .engineType(\"ActiveMQ\")\n .engineVersion(\"5.17.6\")\n .storageType(\"ebs\")\n .hostInstanceType(\"mq.m5.large\")\n .securityGroups(testAwsSecurityGroup.id())\n .users(BrokerUserArgs.builder()\n .username(\"ExampleUser\")\n .password(\"MindTheGap\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mq:Broker\n properties:\n brokerName: example\n configuration:\n id: ${test.id}\n revision: ${test.latestRevision}\n engineType: ActiveMQ\n engineVersion: 5.17.6\n storageType: ebs\n hostInstanceType: mq.m5.large\n securityGroups:\n - ${testAwsSecurityGroup.id}\n users:\n - username: ExampleUser\n password: MindTheGap\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Cross-Region Data Replication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplePrimary = new aws.mq.Broker(\"example_primary\", {\n applyImmediately: true,\n brokerName: \"example_primary\",\n engineType: \"ActiveMQ\",\n engineVersion: \"5.17.6\",\n hostInstanceType: \"mq.m5.large\",\n securityGroups: [examplePrimaryAwsSecurityGroup.id],\n deploymentMode: \"ACTIVE_STANDBY_MULTI_AZ\",\n users: [\n {\n username: \"ExampleUser\",\n password: \"MindTheGap\",\n },\n {\n username: \"ExampleReplicationUser\",\n password: \"Example12345\",\n replicationUser: true,\n },\n ],\n});\nconst example = new aws.mq.Broker(\"example\", {\n applyImmediately: true,\n brokerName: \"example\",\n engineType: \"ActiveMQ\",\n engineVersion: \"5.17.6\",\n hostInstanceType: \"mq.m5.large\",\n securityGroups: [exampleAwsSecurityGroup.id],\n deploymentMode: \"ACTIVE_STANDBY_MULTI_AZ\",\n dataReplicationMode: \"CRDR\",\n dataReplicationPrimaryBrokerArn: primary.arn,\n users: [\n {\n username: \"ExampleUser\",\n password: \"MindTheGap\",\n },\n {\n username: \"ExampleReplicationUser\",\n password: \"Example12345\",\n replicationUser: true,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_primary = aws.mq.Broker(\"example_primary\",\n apply_immediately=True,\n broker_name=\"example_primary\",\n engine_type=\"ActiveMQ\",\n engine_version=\"5.17.6\",\n host_instance_type=\"mq.m5.large\",\n security_groups=[example_primary_aws_security_group[\"id\"]],\n deployment_mode=\"ACTIVE_STANDBY_MULTI_AZ\",\n users=[\n {\n \"username\": \"ExampleUser\",\n \"password\": \"MindTheGap\",\n },\n {\n \"username\": \"ExampleReplicationUser\",\n \"password\": \"Example12345\",\n \"replication_user\": True,\n },\n ])\nexample = aws.mq.Broker(\"example\",\n apply_immediately=True,\n broker_name=\"example\",\n engine_type=\"ActiveMQ\",\n engine_version=\"5.17.6\",\n host_instance_type=\"mq.m5.large\",\n security_groups=[example_aws_security_group[\"id\"]],\n deployment_mode=\"ACTIVE_STANDBY_MULTI_AZ\",\n data_replication_mode=\"CRDR\",\n data_replication_primary_broker_arn=primary[\"arn\"],\n users=[\n {\n \"username\": \"ExampleUser\",\n \"password\": \"MindTheGap\",\n },\n {\n \"username\": \"ExampleReplicationUser\",\n \"password\": \"Example12345\",\n \"replication_user\": True,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplePrimary = new Aws.Mq.Broker(\"example_primary\", new()\n {\n ApplyImmediately = true,\n BrokerName = \"example_primary\",\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.17.6\",\n HostInstanceType = \"mq.m5.large\",\n SecurityGroups = new[]\n {\n examplePrimaryAwsSecurityGroup.Id,\n },\n DeploymentMode = \"ACTIVE_STANDBY_MULTI_AZ\",\n Users = new[]\n {\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleUser\",\n Password = \"MindTheGap\",\n },\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleReplicationUser\",\n Password = \"Example12345\",\n ReplicationUser = true,\n },\n },\n });\n\n var example = new Aws.Mq.Broker(\"example\", new()\n {\n ApplyImmediately = true,\n BrokerName = \"example\",\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.17.6\",\n HostInstanceType = \"mq.m5.large\",\n SecurityGroups = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n DeploymentMode = \"ACTIVE_STANDBY_MULTI_AZ\",\n DataReplicationMode = \"CRDR\",\n DataReplicationPrimaryBrokerArn = primary.Arn,\n Users = new[]\n {\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleUser\",\n Password = \"MindTheGap\",\n },\n new Aws.Mq.Inputs.BrokerUserArgs\n {\n Username = \"ExampleReplicationUser\",\n Password = \"Example12345\",\n ReplicationUser = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.NewBroker(ctx, \"example_primary\", \u0026mq.BrokerArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tBrokerName: pulumi.String(\"example_primary\"),\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.17.6\"),\n\t\t\tHostInstanceType: pulumi.String(\"mq.m5.large\"),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\texamplePrimaryAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tDeploymentMode: pulumi.String(\"ACTIVE_STANDBY_MULTI_AZ\"),\n\t\t\tUsers: mq.BrokerUserArray{\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"MindTheGap\"),\n\t\t\t\t},\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleReplicationUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"Example12345\"),\n\t\t\t\t\tReplicationUser: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.NewBroker(ctx, \"example\", \u0026mq.BrokerArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tBrokerName: pulumi.String(\"example\"),\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.17.6\"),\n\t\t\tHostInstanceType: pulumi.String(\"mq.m5.large\"),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tDeploymentMode: pulumi.String(\"ACTIVE_STANDBY_MULTI_AZ\"),\n\t\t\tDataReplicationMode: pulumi.String(\"CRDR\"),\n\t\t\tDataReplicationPrimaryBrokerArn: pulumi.Any(primary.Arn),\n\t\t\tUsers: mq.BrokerUserArray{\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"MindTheGap\"),\n\t\t\t\t},\n\t\t\t\t\u0026mq.BrokerUserArgs{\n\t\t\t\t\tUsername: pulumi.String(\"ExampleReplicationUser\"),\n\t\t\t\t\tPassword: pulumi.String(\"Example12345\"),\n\t\t\t\t\tReplicationUser: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.Broker;\nimport com.pulumi.aws.mq.BrokerArgs;\nimport com.pulumi.aws.mq.inputs.BrokerUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplePrimary = new Broker(\"examplePrimary\", BrokerArgs.builder()\n .applyImmediately(true)\n .brokerName(\"example_primary\")\n .engineType(\"ActiveMQ\")\n .engineVersion(\"5.17.6\")\n .hostInstanceType(\"mq.m5.large\")\n .securityGroups(examplePrimaryAwsSecurityGroup.id())\n .deploymentMode(\"ACTIVE_STANDBY_MULTI_AZ\")\n .users( \n BrokerUserArgs.builder()\n .username(\"ExampleUser\")\n .password(\"MindTheGap\")\n .build(),\n BrokerUserArgs.builder()\n .username(\"ExampleReplicationUser\")\n .password(\"Example12345\")\n .replicationUser(true)\n .build())\n .build());\n\n var example = new Broker(\"example\", BrokerArgs.builder()\n .applyImmediately(true)\n .brokerName(\"example\")\n .engineType(\"ActiveMQ\")\n .engineVersion(\"5.17.6\")\n .hostInstanceType(\"mq.m5.large\")\n .securityGroups(exampleAwsSecurityGroup.id())\n .deploymentMode(\"ACTIVE_STANDBY_MULTI_AZ\")\n .dataReplicationMode(\"CRDR\")\n .dataReplicationPrimaryBrokerArn(primary.arn())\n .users( \n BrokerUserArgs.builder()\n .username(\"ExampleUser\")\n .password(\"MindTheGap\")\n .build(),\n BrokerUserArgs.builder()\n .username(\"ExampleReplicationUser\")\n .password(\"Example12345\")\n .replicationUser(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePrimary:\n type: aws:mq:Broker\n name: example_primary\n properties:\n applyImmediately: true\n brokerName: example_primary\n engineType: ActiveMQ\n engineVersion: 5.17.6\n hostInstanceType: mq.m5.large\n securityGroups:\n - ${examplePrimaryAwsSecurityGroup.id}\n deploymentMode: ACTIVE_STANDBY_MULTI_AZ\n users:\n - username: ExampleUser\n password: MindTheGap\n - username: ExampleReplicationUser\n password: Example12345\n replicationUser: true\n example:\n type: aws:mq:Broker\n properties:\n applyImmediately: true\n brokerName: example\n engineType: ActiveMQ\n engineVersion: 5.17.6\n hostInstanceType: mq.m5.large\n securityGroups:\n - ${exampleAwsSecurityGroup.id}\n deploymentMode: ACTIVE_STANDBY_MULTI_AZ\n dataReplicationMode: CRDR\n dataReplicationPrimaryBrokerArn: ${primary.arn}\n users:\n - username: ExampleUser\n password: MindTheGap\n - username: ExampleReplicationUser\n password: Example12345\n replicationUser: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nSee the [AWS MQ documentation](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/crdr-for-active-mq.html) on cross-region data replication for additional details.\n\n## Import\n\nUsing `pulumi import`, import MQ Brokers using their broker id. For example:\n\n```sh\n$ pulumi import aws:mq/broker:Broker example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "ARN of the broker.\n" }, "authenticationStrategy": { "type": "string", "description": "Authentication strategy used to secure the broker. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Whether to automatically upgrade to new minor versions of brokers as Amazon MQ makes releases available.\n" }, "brokerName": { "type": "string", "description": "Name of the broker.\n" }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration block for broker configuration. Applies to `engine_type` of `ActiveMQ` and `RabbitMQ` only. Detailed below.\n" }, "dataReplicationMode": { "type": "string", "description": "Defines whether this broker is a part of a data replication pair. Valid values are `CRDR` and `NONE`.\n" }, "dataReplicationPrimaryBrokerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when `data_replication_mode` is `CRDR`.\n" }, "deploymentMode": { "type": "string", "description": "Deployment mode of the broker. Valid values are `SINGLE_INSTANCE`, `ACTIVE_STANDBY_MULTI_AZ`, and `CLUSTER_MULTI_AZ`. Default is `SINGLE_INSTANCE`.\n" }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. Detailed below.\n" }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n" }, "engineVersion": { "type": "string", "description": "Version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions. For example, `5.17.6`.\n" }, "hostInstanceType": { "type": "string", "description": "Broker's instance type. For example, `mq.t3.micro`, `mq.m5.large`.\n" }, "instances": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerInstance:BrokerInstance" }, "description": "List of information about allocated brokers (both active \u0026 standby).\n" }, "ldapServerMetadata": { "$ref": "#/types/aws:mq/BrokerLdapServerMetadata:BrokerLdapServerMetadata", "description": "Configuration block for the LDAP server used to authenticate and authorize connections to the broker. Not supported for `engine_type` `RabbitMQ`. Detailed below. (Currently, AWS may not process changes to LDAP server metadata.)\n" }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Configuration block for the logging configuration of the broker. Detailed below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Configuration block for the maintenance window start time. Detailed below.\n" }, "pendingDataReplicationMode": { "type": "string", "description": "(Optional) The data replication mode that will be applied after reboot.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs assigned to the broker.\n" }, "storageType": { "type": "string", "description": "Storage type of the broker. For `engine_type` `ActiveMQ`, the valid values are `efs` and `ebs`, and the AWS-default is `efs`. For `engine_type` `RabbitMQ`, only `ebs` is supported. When using `ebs`, only the `mq.m5` broker instance type family is supported.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires multiple subnets.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the broker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "Configuration block for broker users. For `engine_type` of `RabbitMQ`, Amazon MQ does not return broker users preventing this resource from making user updates and drift detection. Detailed below.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "authenticationStrategy", "brokerName", "configuration", "dataReplicationMode", "engineType", "engineVersion", "hostInstanceType", "instances", "maintenanceWindowStartTime", "pendingDataReplicationMode", "storageType", "subnetIds", "tagsAll", "users" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "authenticationStrategy": { "type": "string", "description": "Authentication strategy used to secure the broker. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Whether to automatically upgrade to new minor versions of brokers as Amazon MQ makes releases available.\n" }, "brokerName": { "type": "string", "description": "Name of the broker.\n", "willReplaceOnChanges": true }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration block for broker configuration. Applies to `engine_type` of `ActiveMQ` and `RabbitMQ` only. Detailed below.\n" }, "dataReplicationMode": { "type": "string", "description": "Defines whether this broker is a part of a data replication pair. Valid values are `CRDR` and `NONE`.\n" }, "dataReplicationPrimaryBrokerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when `data_replication_mode` is `CRDR`.\n", "willReplaceOnChanges": true }, "deploymentMode": { "type": "string", "description": "Deployment mode of the broker. Valid values are `SINGLE_INSTANCE`, `ACTIVE_STANDBY_MULTI_AZ`, and `CLUSTER_MULTI_AZ`. Default is `SINGLE_INSTANCE`.\n", "willReplaceOnChanges": true }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. Detailed below.\n", "willReplaceOnChanges": true }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions. For example, `5.17.6`.\n" }, "hostInstanceType": { "type": "string", "description": "Broker's instance type. For example, `mq.t3.micro`, `mq.m5.large`.\n" }, "ldapServerMetadata": { "$ref": "#/types/aws:mq/BrokerLdapServerMetadata:BrokerLdapServerMetadata", "description": "Configuration block for the LDAP server used to authenticate and authorize connections to the broker. Not supported for `engine_type` `RabbitMQ`. Detailed below. (Currently, AWS may not process changes to LDAP server metadata.)\n", "willReplaceOnChanges": true }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Configuration block for the logging configuration of the broker. Detailed below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Configuration block for the maintenance window start time. Detailed below.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs assigned to the broker.\n" }, "storageType": { "type": "string", "description": "Storage type of the broker. For `engine_type` `ActiveMQ`, the valid values are `efs` and `ebs`, and the AWS-default is `efs`. For `engine_type` `RabbitMQ`, only `ebs` is supported. When using `ebs`, only the `mq.m5` broker instance type family is supported.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires multiple subnets.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the broker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "Configuration block for broker users. For `engine_type` of `RabbitMQ`, Amazon MQ does not return broker users preventing this resource from making user updates and drift detection. Detailed below.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "engineType", "engineVersion", "hostInstanceType", "users" ], "stateInputs": { "description": "Input properties used for looking up and filtering Broker resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any broker modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "ARN of the broker.\n" }, "authenticationStrategy": { "type": "string", "description": "Authentication strategy used to secure the broker. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Whether to automatically upgrade to new minor versions of brokers as Amazon MQ makes releases available.\n" }, "brokerName": { "type": "string", "description": "Name of the broker.\n", "willReplaceOnChanges": true }, "configuration": { "$ref": "#/types/aws:mq/BrokerConfiguration:BrokerConfiguration", "description": "Configuration block for broker configuration. Applies to `engine_type` of `ActiveMQ` and `RabbitMQ` only. Detailed below.\n" }, "dataReplicationMode": { "type": "string", "description": "Defines whether this broker is a part of a data replication pair. Valid values are `CRDR` and `NONE`.\n" }, "dataReplicationPrimaryBrokerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when `data_replication_mode` is `CRDR`.\n", "willReplaceOnChanges": true }, "deploymentMode": { "type": "string", "description": "Deployment mode of the broker. Valid values are `SINGLE_INSTANCE`, `ACTIVE_STANDBY_MULTI_AZ`, and `CLUSTER_MULTI_AZ`. Default is `SINGLE_INSTANCE`.\n", "willReplaceOnChanges": true }, "encryptionOptions": { "$ref": "#/types/aws:mq/BrokerEncryptionOptions:BrokerEncryptionOptions", "description": "Configuration block containing encryption options. Detailed below.\n", "willReplaceOnChanges": true }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version of the broker engine. See the [AmazonMQ Broker Engine docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) for supported versions. For example, `5.17.6`.\n" }, "hostInstanceType": { "type": "string", "description": "Broker's instance type. For example, `mq.t3.micro`, `mq.m5.large`.\n" }, "instances": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerInstance:BrokerInstance" }, "description": "List of information about allocated brokers (both active \u0026 standby).\n" }, "ldapServerMetadata": { "$ref": "#/types/aws:mq/BrokerLdapServerMetadata:BrokerLdapServerMetadata", "description": "Configuration block for the LDAP server used to authenticate and authorize connections to the broker. Not supported for `engine_type` `RabbitMQ`. Detailed below. (Currently, AWS may not process changes to LDAP server metadata.)\n", "willReplaceOnChanges": true }, "logs": { "$ref": "#/types/aws:mq/BrokerLogs:BrokerLogs", "description": "Configuration block for the logging configuration of the broker. Detailed below.\n" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/BrokerMaintenanceWindowStartTime:BrokerMaintenanceWindowStartTime", "description": "Configuration block for the maintenance window start time. Detailed below.\n" }, "pendingDataReplicationMode": { "type": "string", "description": "(Optional) The data replication mode that will be applied after reboot.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "List of security group IDs assigned to the broker.\n" }, "storageType": { "type": "string", "description": "Storage type of the broker. For `engine_type` `ActiveMQ`, the valid values are `efs` and `ebs`, and the AWS-default is `efs`. For `engine_type` `RabbitMQ`, only `ebs` is supported. When using `ebs`, only the `mq.m5` broker instance type family is supported.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "List of subnet IDs in which to launch the broker. A `SINGLE_INSTANCE` deployment requires one subnet. An `ACTIVE_STANDBY_MULTI_AZ` deployment requires multiple subnets.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the broker. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "users": { "type": "array", "items": { "$ref": "#/types/aws:mq/BrokerUser:BrokerUser" }, "description": "Configuration block for broker users. For `engine_type` of `RabbitMQ`, Amazon MQ does not return broker users preventing this resource from making user updates and drift detection. Detailed below.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:mq/configuration:Configuration": { "description": "Provides an MQ Configuration Resource.\n\nFor more information on Amazon MQ, see [Amazon MQ documentation](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/welcome.html).\n\n## Example Usage\n\n### ActiveMQ\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Configuration(\"example\", {\n description: \"Example Configuration\",\n name: \"example\",\n engineType: \"ActiveMQ\",\n engineVersion: \"5.17.6\",\n data: `\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Configuration(\"example\",\n description=\"Example Configuration\",\n name=\"example\",\n engine_type=\"ActiveMQ\",\n engine_version=\"5.17.6\",\n data=\"\"\"\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mq.Configuration(\"example\", new()\n {\n Description = \"Example Configuration\",\n Name = \"example\",\n EngineType = \"ActiveMQ\",\n EngineVersion = \"5.17.6\",\n Data = @\"\u003c?xml version=\"\"1.0\"\" encoding=\"\"UTF-8\"\" standalone=\"\"yes\"\"?\u003e\n\u003cbroker xmlns=\"\"http://activemq.apache.org/schema/core\"\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"\"true\"\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"\"86400000\"\" zeroExpirationOverride=\"\"86400000\"\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.NewConfiguration(ctx, \"example\", \u0026mq.ConfigurationArgs{\n\t\t\tDescription: pulumi.String(\"Example Configuration\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEngineType: pulumi.String(\"ActiveMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"5.17.6\"),\n\t\t\tData: pulumi.String(`\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.Configuration;\nimport com.pulumi.aws.mq.ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Configuration(\"example\", ConfigurationArgs.builder()\n .description(\"Example Configuration\")\n .name(\"example\")\n .engineType(\"ActiveMQ\")\n .engineVersion(\"5.17.6\")\n .data(\"\"\"\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n\u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n\u003c/broker\u003e\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mq:Configuration\n properties:\n description: Example Configuration\n name: example\n engineType: ActiveMQ\n engineVersion: 5.17.6\n data: |\n \u003c?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?\u003e\n \u003cbroker xmlns=\"http://activemq.apache.org/schema/core\"\u003e\n \u003cplugins\u003e\n \u003cforcePersistencyModeBrokerPlugin persistenceFlag=\"true\"/\u003e\n \u003cstatisticsBrokerPlugin/\u003e\n \u003ctimeStampingBrokerPlugin ttlCeiling=\"86400000\" zeroExpirationOverride=\"86400000\"/\u003e\n \u003c/plugins\u003e\n \u003c/broker\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RabbitMQ\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mq.Configuration(\"example\", {\n description: \"Example Configuration\",\n name: \"example\",\n engineType: \"RabbitMQ\",\n engineVersion: \"3.11.20\",\n data: `# Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\nconsumer_timeout = 1800000\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.Configuration(\"example\",\n description=\"Example Configuration\",\n name=\"example\",\n engine_type=\"RabbitMQ\",\n engine_version=\"3.11.20\",\n data=\"\"\"# Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\nconsumer_timeout = 1800000\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mq.Configuration(\"example\", new()\n {\n Description = \"Example Configuration\",\n Name = \"example\",\n EngineType = \"RabbitMQ\",\n EngineVersion = \"3.11.20\",\n Data = @\"# Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\nconsumer_timeout = 1800000\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.NewConfiguration(ctx, \"example\", \u0026mq.ConfigurationArgs{\n\t\t\tDescription: pulumi.String(\"Example Configuration\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tEngineType: pulumi.String(\"RabbitMQ\"),\n\t\t\tEngineVersion: pulumi.String(\"3.11.20\"),\n\t\t\tData: pulumi.String(\"# Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\\nconsumer_timeout = 1800000\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.Configuration;\nimport com.pulumi.aws.mq.ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Configuration(\"example\", ConfigurationArgs.builder()\n .description(\"Example Configuration\")\n .name(\"example\")\n .engineType(\"RabbitMQ\")\n .engineVersion(\"3.11.20\")\n .data(\"\"\"\n# Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\nconsumer_timeout = 1800000\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mq:Configuration\n properties:\n description: Example Configuration\n name: example\n engineType: RabbitMQ\n engineVersion: 3.11.20\n data: |\n # Default RabbitMQ delivery acknowledgement timeout is 30 minutes in milliseconds\n consumer_timeout = 1800000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MQ Configurations using the configuration ID. For example:\n\n```sh\n$ pulumi import aws:mq/configuration:Configuration example c-0187d1eb-88c8-475a-9b79-16ef5a10c94f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the configuration.\n" }, "authenticationStrategy": { "type": "string", "description": "Authentication strategy associated with the configuration. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "data": { "type": "string", "description": "Broker configuration in XML format for `ActiveMQ` or [Cuttlefish](https://github.com/Kyorai/cuttlefish) format for `RabbitMQ`. See [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html) for supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n" }, "engineVersion": { "type": "string", "description": "Version of the broker engine.\n" }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "authenticationStrategy", "data", "engineType", "engineVersion", "latestRevision", "name", "tagsAll" ], "inputProperties": { "authenticationStrategy": { "type": "string", "description": "Authentication strategy associated with the configuration. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "data": { "type": "string", "description": "Broker configuration in XML format for `ActiveMQ` or [Cuttlefish](https://github.com/Kyorai/cuttlefish) format for `RabbitMQ`. See [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html) for supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version of the broker engine.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "data", "engineType", "engineVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering Configuration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the configuration.\n" }, "authenticationStrategy": { "type": "string", "description": "Authentication strategy associated with the configuration. Valid values are `simple` and `ldap`. `ldap` is not supported for `engine_type` `RabbitMQ`.\n" }, "data": { "type": "string", "description": "Broker configuration in XML format for `ActiveMQ` or [Cuttlefish](https://github.com/Kyorai/cuttlefish) format for `RabbitMQ`. See [official docs](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-broker-configuration-parameters.html) for supported parameters and format of the XML.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "engineType": { "type": "string", "description": "Type of broker engine. Valid values are `ActiveMQ` and `RabbitMQ`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Version of the broker engine.\n", "willReplaceOnChanges": true }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:msk/cluster:Cluster": { "description": "Manages an Amazon MSK cluster.\n\n\u003e **Note:** This resource manages _provisioned_ clusters. To manage a _serverless_ Amazon MSK cluster, use the `aws.msk.ServerlessCluster` resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpc = new aws.ec2.Vpc(\"vpc\", {cidrBlock: \"192.168.0.0/22\"});\nconst azs = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst subnetAz1 = new aws.ec2.Subnet(\"subnet_az1\", {\n availabilityZone: azs.then(azs =\u003e azs.names?.[0]),\n cidrBlock: \"192.168.0.0/24\",\n vpcId: vpc.id,\n});\nconst subnetAz2 = new aws.ec2.Subnet(\"subnet_az2\", {\n availabilityZone: azs.then(azs =\u003e azs.names?.[1]),\n cidrBlock: \"192.168.1.0/24\",\n vpcId: vpc.id,\n});\nconst subnetAz3 = new aws.ec2.Subnet(\"subnet_az3\", {\n availabilityZone: azs.then(azs =\u003e azs.names?.[2]),\n cidrBlock: \"192.168.2.0/24\",\n vpcId: vpc.id,\n});\nconst sg = new aws.ec2.SecurityGroup(\"sg\", {vpcId: vpc.id});\nconst kms = new aws.kms.Key(\"kms\", {description: \"example\"});\nconst test = new aws.cloudwatch.LogGroup(\"test\", {name: \"msk_broker_logs\"});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"msk-broker-logs-bucket\"});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst firehoseRole = new aws.iam.Role(\"firehose_role\", {\n name: \"firehose_test_role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-msk-broker-logs-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n },\n tags: {\n LogDeliveryEnabled: \"placeholder\",\n },\n});\nconst example = new aws.msk.Cluster(\"example\", {\n clusterName: \"example\",\n kafkaVersion: \"3.2.0\",\n numberOfBrokerNodes: 3,\n brokerNodeGroupInfo: {\n instanceType: \"kafka.m5.large\",\n clientSubnets: [\n subnetAz1.id,\n subnetAz2.id,\n subnetAz3.id,\n ],\n storageInfo: {\n ebsStorageInfo: {\n volumeSize: 1000,\n },\n },\n securityGroups: [sg.id],\n },\n encryptionInfo: {\n encryptionAtRestKmsKeyArn: kms.arn,\n },\n openMonitoring: {\n prometheus: {\n jmxExporter: {\n enabledInBroker: true,\n },\n nodeExporter: {\n enabledInBroker: true,\n },\n },\n },\n loggingInfo: {\n brokerLogs: {\n cloudwatchLogs: {\n enabled: true,\n logGroup: test.name,\n },\n firehose: {\n enabled: true,\n deliveryStream: testStream.name,\n },\n s3: {\n enabled: true,\n bucket: bucket.id,\n prefix: \"logs/msk-\",\n },\n },\n },\n tags: {\n foo: \"bar\",\n },\n});\nexport const zookeeperConnectString = example.zookeeperConnectString;\nexport const bootstrapBrokersTls = example.bootstrapBrokersTls;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvpc = aws.ec2.Vpc(\"vpc\", cidr_block=\"192.168.0.0/22\")\nazs = aws.get_availability_zones(state=\"available\")\nsubnet_az1 = aws.ec2.Subnet(\"subnet_az1\",\n availability_zone=azs.names[0],\n cidr_block=\"192.168.0.0/24\",\n vpc_id=vpc.id)\nsubnet_az2 = aws.ec2.Subnet(\"subnet_az2\",\n availability_zone=azs.names[1],\n cidr_block=\"192.168.1.0/24\",\n vpc_id=vpc.id)\nsubnet_az3 = aws.ec2.Subnet(\"subnet_az3\",\n availability_zone=azs.names[2],\n cidr_block=\"192.168.2.0/24\",\n vpc_id=vpc.id)\nsg = aws.ec2.SecurityGroup(\"sg\", vpc_id=vpc.id)\nkms = aws.kms.Key(\"kms\", description=\"example\")\ntest = aws.cloudwatch.LogGroup(\"test\", name=\"msk_broker_logs\")\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"msk-broker-logs-bucket\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"firehose.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nfirehose_role = aws.iam.Role(\"firehose_role\",\n name=\"firehose_test_role\",\n assume_role_policy=assume_role.json)\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-msk-broker-logs-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration={\n \"role_arn\": firehose_role.arn,\n \"bucket_arn\": bucket.arn,\n },\n tags={\n \"LogDeliveryEnabled\": \"placeholder\",\n })\nexample = aws.msk.Cluster(\"example\",\n cluster_name=\"example\",\n kafka_version=\"3.2.0\",\n number_of_broker_nodes=3,\n broker_node_group_info={\n \"instance_type\": \"kafka.m5.large\",\n \"client_subnets\": [\n subnet_az1.id,\n subnet_az2.id,\n subnet_az3.id,\n ],\n \"storage_info\": {\n \"ebs_storage_info\": {\n \"volume_size\": 1000,\n },\n },\n \"security_groups\": [sg.id],\n },\n encryption_info={\n \"encryption_at_rest_kms_key_arn\": kms.arn,\n },\n open_monitoring={\n \"prometheus\": {\n \"jmx_exporter\": {\n \"enabled_in_broker\": True,\n },\n \"node_exporter\": {\n \"enabled_in_broker\": True,\n },\n },\n },\n logging_info={\n \"broker_logs\": {\n \"cloudwatch_logs\": {\n \"enabled\": True,\n \"log_group\": test.name,\n },\n \"firehose\": {\n \"enabled\": True,\n \"delivery_stream\": test_stream.name,\n },\n \"s3\": {\n \"enabled\": True,\n \"bucket\": bucket.id,\n \"prefix\": \"logs/msk-\",\n },\n },\n },\n tags={\n \"foo\": \"bar\",\n })\npulumi.export(\"zookeeperConnectString\", example.zookeeper_connect_string)\npulumi.export(\"bootstrapBrokersTls\", example.bootstrap_brokers_tls)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpc = new Aws.Ec2.Vpc(\"vpc\", new()\n {\n CidrBlock = \"192.168.0.0/22\",\n });\n\n var azs = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var subnetAz1 = new Aws.Ec2.Subnet(\"subnet_az1\", new()\n {\n AvailabilityZone = azs.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n CidrBlock = \"192.168.0.0/24\",\n VpcId = vpc.Id,\n });\n\n var subnetAz2 = new Aws.Ec2.Subnet(\"subnet_az2\", new()\n {\n AvailabilityZone = azs.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n CidrBlock = \"192.168.1.0/24\",\n VpcId = vpc.Id,\n });\n\n var subnetAz3 = new Aws.Ec2.Subnet(\"subnet_az3\", new()\n {\n AvailabilityZone = azs.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[2]),\n CidrBlock = \"192.168.2.0/24\",\n VpcId = vpc.Id,\n });\n\n var sg = new Aws.Ec2.SecurityGroup(\"sg\", new()\n {\n VpcId = vpc.Id,\n });\n\n var kms = new Aws.Kms.Key(\"kms\", new()\n {\n Description = \"example\",\n });\n\n var test = new Aws.CloudWatch.LogGroup(\"test\", new()\n {\n Name = \"msk_broker_logs\",\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"msk-broker-logs-bucket\",\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var firehoseRole = new Aws.Iam.Role(\"firehose_role\", new()\n {\n Name = \"firehose_test_role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-msk-broker-logs-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n },\n Tags = \n {\n { \"LogDeliveryEnabled\", \"placeholder\" },\n },\n });\n\n var example = new Aws.Msk.Cluster(\"example\", new()\n {\n ClusterName = \"example\",\n KafkaVersion = \"3.2.0\",\n NumberOfBrokerNodes = 3,\n BrokerNodeGroupInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoArgs\n {\n InstanceType = \"kafka.m5.large\",\n ClientSubnets = new[]\n {\n subnetAz1.Id,\n subnetAz2.Id,\n subnetAz3.Id,\n },\n StorageInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoStorageInfoArgs\n {\n EbsStorageInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs\n {\n VolumeSize = 1000,\n },\n },\n SecurityGroups = new[]\n {\n sg.Id,\n },\n },\n EncryptionInfo = new Aws.Msk.Inputs.ClusterEncryptionInfoArgs\n {\n EncryptionAtRestKmsKeyArn = kms.Arn,\n },\n OpenMonitoring = new Aws.Msk.Inputs.ClusterOpenMonitoringArgs\n {\n Prometheus = new Aws.Msk.Inputs.ClusterOpenMonitoringPrometheusArgs\n {\n JmxExporter = new Aws.Msk.Inputs.ClusterOpenMonitoringPrometheusJmxExporterArgs\n {\n EnabledInBroker = true,\n },\n NodeExporter = new Aws.Msk.Inputs.ClusterOpenMonitoringPrometheusNodeExporterArgs\n {\n EnabledInBroker = true,\n },\n },\n },\n LoggingInfo = new Aws.Msk.Inputs.ClusterLoggingInfoArgs\n {\n BrokerLogs = new Aws.Msk.Inputs.ClusterLoggingInfoBrokerLogsArgs\n {\n CloudwatchLogs = new Aws.Msk.Inputs.ClusterLoggingInfoBrokerLogsCloudwatchLogsArgs\n {\n Enabled = true,\n LogGroup = test.Name,\n },\n Firehose = new Aws.Msk.Inputs.ClusterLoggingInfoBrokerLogsFirehoseArgs\n {\n Enabled = true,\n DeliveryStream = testStream.Name,\n },\n S3 = new Aws.Msk.Inputs.ClusterLoggingInfoBrokerLogsS3Args\n {\n Enabled = true,\n Bucket = bucket.Id,\n Prefix = \"logs/msk-\",\n },\n },\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"zookeeperConnectString\"] = example.ZookeeperConnectString,\n [\"bootstrapBrokersTls\"] = example.BootstrapBrokersTls,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvpc, err := ec2.NewVpc(ctx, \"vpc\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"192.168.0.0/22\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tazs, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetAz1, err := ec2.NewSubnet(ctx, \"subnet_az1\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(azs.Names[0]),\n\t\t\tCidrBlock: pulumi.String(\"192.168.0.0/24\"),\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetAz2, err := ec2.NewSubnet(ctx, \"subnet_az2\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(azs.Names[1]),\n\t\t\tCidrBlock: pulumi.String(\"192.168.1.0/24\"),\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetAz3, err := ec2.NewSubnet(ctx, \"subnet_az3\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(azs.Names[2]),\n\t\t\tCidrBlock: pulumi.String(\"192.168.2.0/24\"),\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsg, err := ec2.NewSecurityGroup(ctx, \"sg\", \u0026ec2.SecurityGroupArgs{\n\t\t\tVpcId: vpc.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tkms, err := kms.NewKey(ctx, \"kms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := cloudwatch.NewLogGroup(ctx, \"test\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"msk_broker_logs\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"msk-broker-logs-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseRole, err := iam.NewRole(ctx, \"firehose_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"firehose_test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStream, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-msk-broker-logs-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: firehoseRole.Arn,\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"LogDeliveryEnabled\": pulumi.String(\"placeholder\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := msk.NewCluster(ctx, \"example\", \u0026msk.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"example\"),\n\t\t\tKafkaVersion: pulumi.String(\"3.2.0\"),\n\t\t\tNumberOfBrokerNodes: pulumi.Int(3),\n\t\t\tBrokerNodeGroupInfo: \u0026msk.ClusterBrokerNodeGroupInfoArgs{\n\t\t\t\tInstanceType: pulumi.String(\"kafka.m5.large\"),\n\t\t\t\tClientSubnets: pulumi.StringArray{\n\t\t\t\t\tsubnetAz1.ID(),\n\t\t\t\t\tsubnetAz2.ID(),\n\t\t\t\t\tsubnetAz3.ID(),\n\t\t\t\t},\n\t\t\t\tStorageInfo: \u0026msk.ClusterBrokerNodeGroupInfoStorageInfoArgs{\n\t\t\t\t\tEbsStorageInfo: \u0026msk.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs{\n\t\t\t\t\t\tVolumeSize: pulumi.Int(1000),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\t\tsg.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptionInfo: \u0026msk.ClusterEncryptionInfoArgs{\n\t\t\t\tEncryptionAtRestKmsKeyArn: kms.Arn,\n\t\t\t},\n\t\t\tOpenMonitoring: \u0026msk.ClusterOpenMonitoringArgs{\n\t\t\t\tPrometheus: \u0026msk.ClusterOpenMonitoringPrometheusArgs{\n\t\t\t\t\tJmxExporter: \u0026msk.ClusterOpenMonitoringPrometheusJmxExporterArgs{\n\t\t\t\t\t\tEnabledInBroker: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tNodeExporter: \u0026msk.ClusterOpenMonitoringPrometheusNodeExporterArgs{\n\t\t\t\t\t\tEnabledInBroker: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoggingInfo: \u0026msk.ClusterLoggingInfoArgs{\n\t\t\t\tBrokerLogs: \u0026msk.ClusterLoggingInfoBrokerLogsArgs{\n\t\t\t\t\tCloudwatchLogs: \u0026msk.ClusterLoggingInfoBrokerLogsCloudwatchLogsArgs{\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tLogGroup: test.Name,\n\t\t\t\t\t},\n\t\t\t\t\tFirehose: \u0026msk.ClusterLoggingInfoBrokerLogsFirehoseArgs{\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tDeliveryStream: testStream.Name,\n\t\t\t\t\t},\n\t\t\t\t\tS3: \u0026msk.ClusterLoggingInfoBrokerLogsS3Args{\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\tBucket: bucket.ID(),\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/msk-\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"zookeeperConnectString\", example.ZookeeperConnectString)\n\t\tctx.Export(\"bootstrapBrokersTls\", example.BootstrapBrokersTls)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.msk.Cluster;\nimport com.pulumi.aws.msk.ClusterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoStorageInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterEncryptionInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterOpenMonitoringArgs;\nimport com.pulumi.aws.msk.inputs.ClusterOpenMonitoringPrometheusArgs;\nimport com.pulumi.aws.msk.inputs.ClusterOpenMonitoringPrometheusJmxExporterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterOpenMonitoringPrometheusNodeExporterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterLoggingInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterLoggingInfoBrokerLogsArgs;\nimport com.pulumi.aws.msk.inputs.ClusterLoggingInfoBrokerLogsCloudwatchLogsArgs;\nimport com.pulumi.aws.msk.inputs.ClusterLoggingInfoBrokerLogsFirehoseArgs;\nimport com.pulumi.aws.msk.inputs.ClusterLoggingInfoBrokerLogsS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpc = new Vpc(\"vpc\", VpcArgs.builder()\n .cidrBlock(\"192.168.0.0/22\")\n .build());\n\n final var azs = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n var subnetAz1 = new Subnet(\"subnetAz1\", SubnetArgs.builder()\n .availabilityZone(azs.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .cidrBlock(\"192.168.0.0/24\")\n .vpcId(vpc.id())\n .build());\n\n var subnetAz2 = new Subnet(\"subnetAz2\", SubnetArgs.builder()\n .availabilityZone(azs.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .cidrBlock(\"192.168.1.0/24\")\n .vpcId(vpc.id())\n .build());\n\n var subnetAz3 = new Subnet(\"subnetAz3\", SubnetArgs.builder()\n .availabilityZone(azs.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[2]))\n .cidrBlock(\"192.168.2.0/24\")\n .vpcId(vpc.id())\n .build());\n\n var sg = new SecurityGroup(\"sg\", SecurityGroupArgs.builder()\n .vpcId(vpc.id())\n .build());\n\n var kms = new Key(\"kms\", KeyArgs.builder()\n .description(\"example\")\n .build());\n\n var test = new LogGroup(\"test\", LogGroupArgs.builder()\n .name(\"msk_broker_logs\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"msk-broker-logs-bucket\")\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var firehoseRole = new Role(\"firehoseRole\", RoleArgs.builder()\n .name(\"firehose_test_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-msk-broker-logs-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .build())\n .tags(Map.of(\"LogDeliveryEnabled\", \"placeholder\"))\n .build());\n\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterName(\"example\")\n .kafkaVersion(\"3.2.0\")\n .numberOfBrokerNodes(3)\n .brokerNodeGroupInfo(ClusterBrokerNodeGroupInfoArgs.builder()\n .instanceType(\"kafka.m5.large\")\n .clientSubnets( \n subnetAz1.id(),\n subnetAz2.id(),\n subnetAz3.id())\n .storageInfo(ClusterBrokerNodeGroupInfoStorageInfoArgs.builder()\n .ebsStorageInfo(ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs.builder()\n .volumeSize(1000)\n .build())\n .build())\n .securityGroups(sg.id())\n .build())\n .encryptionInfo(ClusterEncryptionInfoArgs.builder()\n .encryptionAtRestKmsKeyArn(kms.arn())\n .build())\n .openMonitoring(ClusterOpenMonitoringArgs.builder()\n .prometheus(ClusterOpenMonitoringPrometheusArgs.builder()\n .jmxExporter(ClusterOpenMonitoringPrometheusJmxExporterArgs.builder()\n .enabledInBroker(true)\n .build())\n .nodeExporter(ClusterOpenMonitoringPrometheusNodeExporterArgs.builder()\n .enabledInBroker(true)\n .build())\n .build())\n .build())\n .loggingInfo(ClusterLoggingInfoArgs.builder()\n .brokerLogs(ClusterLoggingInfoBrokerLogsArgs.builder()\n .cloudwatchLogs(ClusterLoggingInfoBrokerLogsCloudwatchLogsArgs.builder()\n .enabled(true)\n .logGroup(test.name())\n .build())\n .firehose(ClusterLoggingInfoBrokerLogsFirehoseArgs.builder()\n .enabled(true)\n .deliveryStream(testStream.name())\n .build())\n .s3(ClusterLoggingInfoBrokerLogsS3Args.builder()\n .enabled(true)\n .bucket(bucket.id())\n .prefix(\"logs/msk-\")\n .build())\n .build())\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n ctx.export(\"zookeeperConnectString\", example.zookeeperConnectString());\n ctx.export(\"bootstrapBrokersTls\", example.bootstrapBrokersTls());\n }\n}\n```\n```yaml\nresources:\n vpc:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 192.168.0.0/22\n subnetAz1:\n type: aws:ec2:Subnet\n name: subnet_az1\n properties:\n availabilityZone: ${azs.names[0]}\n cidrBlock: 192.168.0.0/24\n vpcId: ${vpc.id}\n subnetAz2:\n type: aws:ec2:Subnet\n name: subnet_az2\n properties:\n availabilityZone: ${azs.names[1]}\n cidrBlock: 192.168.1.0/24\n vpcId: ${vpc.id}\n subnetAz3:\n type: aws:ec2:Subnet\n name: subnet_az3\n properties:\n availabilityZone: ${azs.names[2]}\n cidrBlock: 192.168.2.0/24\n vpcId: ${vpc.id}\n sg:\n type: aws:ec2:SecurityGroup\n properties:\n vpcId: ${vpc.id}\n kms:\n type: aws:kms:Key\n properties:\n description: example\n test:\n type: aws:cloudwatch:LogGroup\n properties:\n name: msk_broker_logs\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: msk-broker-logs-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n firehoseRole:\n type: aws:iam:Role\n name: firehose_role\n properties:\n name: firehose_test_role\n assumeRolePolicy: ${assumeRole.json}\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-msk-broker-logs-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n tags:\n LogDeliveryEnabled: placeholder\n example:\n type: aws:msk:Cluster\n properties:\n clusterName: example\n kafkaVersion: 3.2.0\n numberOfBrokerNodes: 3\n brokerNodeGroupInfo:\n instanceType: kafka.m5.large\n clientSubnets:\n - ${subnetAz1.id}\n - ${subnetAz2.id}\n - ${subnetAz3.id}\n storageInfo:\n ebsStorageInfo:\n volumeSize: 1000\n securityGroups:\n - ${sg.id}\n encryptionInfo:\n encryptionAtRestKmsKeyArn: ${kms.arn}\n openMonitoring:\n prometheus:\n jmxExporter:\n enabledInBroker: true\n nodeExporter:\n enabledInBroker: true\n loggingInfo:\n brokerLogs:\n cloudwatchLogs:\n enabled: true\n logGroup: ${test.name}\n firehose:\n enabled: true\n deliveryStream: ${testStream.name}\n s3:\n enabled: true\n bucket: ${bucket.id}\n prefix: logs/msk-\n tags:\n foo: bar\nvariables:\n azs:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\noutputs:\n zookeeperConnectString: ${example.zookeeperConnectString}\n bootstrapBrokersTls: ${example.bootstrapBrokersTls}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With volume_throughput argument\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.msk.Cluster(\"example\", {\n clusterName: \"example\",\n kafkaVersion: \"2.7.1\",\n numberOfBrokerNodes: 3,\n brokerNodeGroupInfo: {\n instanceType: \"kafka.m5.4xlarge\",\n clientSubnets: [\n subnetAz1.id,\n subnetAz2.id,\n subnetAz3.id,\n ],\n storageInfo: {\n ebsStorageInfo: {\n provisionedThroughput: {\n enabled: true,\n volumeThroughput: 250,\n },\n volumeSize: 1000,\n },\n },\n securityGroups: [sg.id],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.Cluster(\"example\",\n cluster_name=\"example\",\n kafka_version=\"2.7.1\",\n number_of_broker_nodes=3,\n broker_node_group_info={\n \"instance_type\": \"kafka.m5.4xlarge\",\n \"client_subnets\": [\n subnet_az1[\"id\"],\n subnet_az2[\"id\"],\n subnet_az3[\"id\"],\n ],\n \"storage_info\": {\n \"ebs_storage_info\": {\n \"provisioned_throughput\": {\n \"enabled\": True,\n \"volume_throughput\": 250,\n },\n \"volume_size\": 1000,\n },\n },\n \"security_groups\": [sg[\"id\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Msk.Cluster(\"example\", new()\n {\n ClusterName = \"example\",\n KafkaVersion = \"2.7.1\",\n NumberOfBrokerNodes = 3,\n BrokerNodeGroupInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoArgs\n {\n InstanceType = \"kafka.m5.4xlarge\",\n ClientSubnets = new[]\n {\n subnetAz1.Id,\n subnetAz2.Id,\n subnetAz3.Id,\n },\n StorageInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoStorageInfoArgs\n {\n EbsStorageInfo = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs\n {\n ProvisionedThroughput = new Aws.Msk.Inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughputArgs\n {\n Enabled = true,\n VolumeThroughput = 250,\n },\n VolumeSize = 1000,\n },\n },\n SecurityGroups = new[]\n {\n sg.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.NewCluster(ctx, \"example\", \u0026msk.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"example\"),\n\t\t\tKafkaVersion: pulumi.String(\"2.7.1\"),\n\t\t\tNumberOfBrokerNodes: pulumi.Int(3),\n\t\t\tBrokerNodeGroupInfo: \u0026msk.ClusterBrokerNodeGroupInfoArgs{\n\t\t\t\tInstanceType: pulumi.String(\"kafka.m5.4xlarge\"),\n\t\t\t\tClientSubnets: pulumi.StringArray{\n\t\t\t\t\tsubnetAz1.Id,\n\t\t\t\t\tsubnetAz2.Id,\n\t\t\t\t\tsubnetAz3.Id,\n\t\t\t\t},\n\t\t\t\tStorageInfo: \u0026msk.ClusterBrokerNodeGroupInfoStorageInfoArgs{\n\t\t\t\t\tEbsStorageInfo: \u0026msk.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs{\n\t\t\t\t\t\tProvisionedThroughput: \u0026msk.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughputArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t\tVolumeThroughput: pulumi.Int(250),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVolumeSize: pulumi.Int(1000),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\t\tsg.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Cluster;\nimport com.pulumi.aws.msk.ClusterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoStorageInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs;\nimport com.pulumi.aws.msk.inputs.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughputArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterName(\"example\")\n .kafkaVersion(\"2.7.1\")\n .numberOfBrokerNodes(3)\n .brokerNodeGroupInfo(ClusterBrokerNodeGroupInfoArgs.builder()\n .instanceType(\"kafka.m5.4xlarge\")\n .clientSubnets( \n subnetAz1.id(),\n subnetAz2.id(),\n subnetAz3.id())\n .storageInfo(ClusterBrokerNodeGroupInfoStorageInfoArgs.builder()\n .ebsStorageInfo(ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoArgs.builder()\n .provisionedThroughput(ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughputArgs.builder()\n .enabled(true)\n .volumeThroughput(250)\n .build())\n .volumeSize(1000)\n .build())\n .build())\n .securityGroups(sg.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:msk:Cluster\n properties:\n clusterName: example\n kafkaVersion: 2.7.1\n numberOfBrokerNodes: 3\n brokerNodeGroupInfo:\n instanceType: kafka.m5.4xlarge\n clientSubnets:\n - ${subnetAz1.id}\n - ${subnetAz2.id}\n - ${subnetAz3.id}\n storageInfo:\n ebsStorageInfo:\n provisionedThroughput:\n enabled: true\n volumeThroughput: 250\n volumeSize: 1000\n securityGroups:\n - ${sg.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK clusters using the cluster `arn`. For example:\n\n```sh\n$ pulumi import aws:msk/cluster:Cluster example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n" }, "bootstrapBrokers": { "type": "string", "description": "Comma separated list of one or more hostname:port pairs of kafka brokers suitable to bootstrap connectivity to the kafka cluster. Contains a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `PLAINTEXT` or `TLS_PLAINTEXT`. The resource sorts values alphabetically. AWS may not always return all endpoints so this value is not guaranteed to be stable across applies.\n" }, "bootstrapBrokersPublicSaslIam": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersPublicSaslScram": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersPublicTls": { "type": "string", "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersSaslIam": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersSaslScram": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersTls": { "type": "string", "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivitySaslIam": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and SASL IAM port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivitySaslScram": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and SASL SCRAM port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivityTls": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and TLS port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n" }, "clusterUuid": { "type": "string", "description": "UUID of the MSK cluster, for use in IAM policies.\n" }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "currentVersion": { "type": "string", "description": "Current version of the MSK Cluster used for updates, e.g., `K13V1IB3VIYZZH`\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n" }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "storageMode": { "type": "string", "description": "Controls storage mode for supported storage tiers. Valid values are: `LOCAL` or `TIERED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "zookeeperConnectString": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster. The returned values are sorted alphabetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n" }, "zookeeperConnectStringTls": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster via TLS. The returned values are sorted alphabetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n" } }, "required": [ "arn", "bootstrapBrokers", "bootstrapBrokersPublicSaslIam", "bootstrapBrokersPublicSaslScram", "bootstrapBrokersPublicTls", "bootstrapBrokersSaslIam", "bootstrapBrokersSaslScram", "bootstrapBrokersTls", "bootstrapBrokersVpcConnectivitySaslIam", "bootstrapBrokersVpcConnectivitySaslScram", "bootstrapBrokersVpcConnectivityTls", "brokerNodeGroupInfo", "clusterName", "clusterUuid", "currentVersion", "kafkaVersion", "numberOfBrokerNodes", "storageMode", "tagsAll", "zookeeperConnectString", "zookeeperConnectStringTls" ], "inputProperties": { "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n", "willReplaceOnChanges": true }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n", "willReplaceOnChanges": true }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n", "willReplaceOnChanges": true }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "storageMode": { "type": "string", "description": "Controls storage mode for supported storage tiers. Valid values are: `LOCAL` or `TIERED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "brokerNodeGroupInfo", "kafkaVersion", "numberOfBrokerNodes" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n" }, "bootstrapBrokers": { "type": "string", "description": "Comma separated list of one or more hostname:port pairs of kafka brokers suitable to bootstrap connectivity to the kafka cluster. Contains a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `PLAINTEXT` or `TLS_PLAINTEXT`. The resource sorts values alphabetically. AWS may not always return all endpoints so this value is not guaranteed to be stable across applies.\n" }, "bootstrapBrokersPublicSaslIam": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersPublicSaslScram": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersPublicTls": { "type": "string", "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersSaslIam": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersSaslScram": { "type": "string", "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersTls": { "type": "string", "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivitySaslIam": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and SASL IAM port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivitySaslScram": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and SASL SCRAM port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "bootstrapBrokersVpcConnectivityTls": { "type": "string", "description": "A string containing one or more DNS names (or IP addresses) and TLS port pairs for VPC connectivity. AWS may not always return all endpoints so the values may not be stable across applies.\n" }, "brokerNodeGroupInfo": { "$ref": "#/types/aws:msk/ClusterBrokerNodeGroupInfo:ClusterBrokerNodeGroupInfo", "description": "Configuration block for the broker nodes of the Kafka cluster.\n", "willReplaceOnChanges": true }, "clientAuthentication": { "$ref": "#/types/aws:msk/ClusterClientAuthentication:ClusterClientAuthentication", "description": "Configuration block for specifying a client authentication. See below.\n" }, "clusterName": { "type": "string", "description": "Name of the MSK cluster.\n", "willReplaceOnChanges": true }, "clusterUuid": { "type": "string", "description": "UUID of the MSK cluster, for use in IAM policies.\n" }, "configurationInfo": { "$ref": "#/types/aws:msk/ClusterConfigurationInfo:ClusterConfigurationInfo", "description": "Configuration block for specifying a MSK Configuration to attach to Kafka brokers. See below.\n" }, "currentVersion": { "type": "string", "description": "Current version of the MSK Cluster used for updates, e.g., `K13V1IB3VIYZZH`\n" }, "encryptionInfo": { "$ref": "#/types/aws:msk/ClusterEncryptionInfo:ClusterEncryptionInfo", "description": "Configuration block for specifying encryption. See below.\n", "willReplaceOnChanges": true }, "enhancedMonitoring": { "type": "string", "description": "Specify the desired enhanced MSK CloudWatch monitoring level. See [Monitoring Amazon MSK with Amazon CloudWatch](https://docs.aws.amazon.com/msk/latest/developerguide/monitoring.html)\n" }, "kafkaVersion": { "type": "string", "description": "Specify the desired Kafka software version.\n" }, "loggingInfo": { "$ref": "#/types/aws:msk/ClusterLoggingInfo:ClusterLoggingInfo", "description": "Configuration block for streaming broker logs to Cloudwatch/S3/Kinesis Firehose. See below.\n" }, "numberOfBrokerNodes": { "type": "integer", "description": "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets.\n" }, "openMonitoring": { "$ref": "#/types/aws:msk/ClusterOpenMonitoring:ClusterOpenMonitoring", "description": "Configuration block for JMX and Node monitoring for the MSK cluster. See below.\n" }, "storageMode": { "type": "string", "description": "Controls storage mode for supported storage tiers. Valid values are: `LOCAL` or `TIERED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "zookeeperConnectString": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster. The returned values are sorted alphabetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n" }, "zookeeperConnectStringTls": { "type": "string", "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster via TLS. The returned values are sorted alphabetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n" } }, "type": "object" } }, "aws:msk/clusterPolicy:ClusterPolicy": { "description": "Resource for managing an AWS Managed Streaming for Kafka Cluster Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.msk.ClusterPolicy(\"example\", {\n clusterArn: exampleAwsMskCluster.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"ExampleMskClusterPolicy\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n Resource: exampleAwsMskCluster.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.msk.ClusterPolicy(\"example\",\n cluster_arn=example_aws_msk_cluster[\"arn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"ExampleMskClusterPolicy\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n \"Resource\": example_aws_msk_cluster[\"arn\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Msk.ClusterPolicy(\"example\", new()\n {\n ClusterArn = exampleAwsMskCluster.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"ExampleMskClusterPolicy\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n },\n [\"Resource\"] = exampleAwsMskCluster.Arn,\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"ExampleMskClusterPolicy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kafka:Describe*\",\n\t\t\t\t\t\t\"kafka:Get*\",\n\t\t\t\t\t\t\"kafka:CreateVpcConnection\",\n\t\t\t\t\t\t\"kafka:GetBootstrapBrokers\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": exampleAwsMskCluster.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = msk.NewClusterPolicy(ctx, \"example\", \u0026msk.ClusterPolicyArgs{\n\t\t\tClusterArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.msk.ClusterPolicy;\nimport com.pulumi.aws.msk.ClusterPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ClusterPolicy(\"example\", ClusterPolicyArgs.builder()\n .clusterArn(exampleAwsMskCluster.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"ExampleMskClusterPolicy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kafka:Describe*\", \n \"kafka:Get*\", \n \"kafka:CreateVpcConnection\", \n \"kafka:GetBootstrapBrokers\"\n )),\n jsonProperty(\"Resource\", exampleAwsMskCluster.arn())\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:msk:ClusterPolicy\n properties:\n clusterArn: ${exampleAwsMskCluster.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: ExampleMskClusterPolicy\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - kafka:Describe*\n - kafka:Get*\n - kafka:CreateVpcConnection\n - kafka:GetBootstrapBrokers\n Resource: ${exampleAwsMskCluster.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Managed Streaming for Kafka Cluster Policy using the `cluster_arn`. For example:\n\n```sh\n$ pulumi import aws:msk/clusterPolicy:ClusterPolicy example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "clusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.\n" }, "currentVersion": { "type": "string" }, "policy": { "type": "string", "description": "Resource policy for cluster.\n" } }, "required": [ "clusterArn", "currentVersion", "policy" ], "inputProperties": { "clusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.\n" }, "policy": { "type": "string", "description": "Resource policy for cluster.\n" } }, "requiredInputs": [ "clusterArn", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterPolicy resources.\n", "properties": { "clusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.\n" }, "currentVersion": { "type": "string" }, "policy": { "type": "string", "description": "Resource policy for cluster.\n" } }, "type": "object" } }, "aws:msk/configuration:Configuration": { "description": "Manages an Amazon Managed Streaming for Kafka configuration. More information can be found on the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.msk.Configuration(\"example\", {\n kafkaVersions: [\"2.1.0\"],\n name: \"example\",\n serverProperties: `auto.create.topics.enable = true\ndelete.topic.enable = true\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.Configuration(\"example\",\n kafka_versions=[\"2.1.0\"],\n name=\"example\",\n server_properties=\"\"\"auto.create.topics.enable = true\ndelete.topic.enable = true\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Msk.Configuration(\"example\", new()\n {\n KafkaVersions = new[]\n {\n \"2.1.0\",\n },\n Name = \"example\",\n ServerProperties = @\"auto.create.topics.enable = true\ndelete.topic.enable = true\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.NewConfiguration(ctx, \"example\", \u0026msk.ConfigurationArgs{\n\t\t\tKafkaVersions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"2.1.0\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tServerProperties: pulumi.String(\"auto.create.topics.enable = true\\ndelete.topic.enable = true\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Configuration;\nimport com.pulumi.aws.msk.ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Configuration(\"example\", ConfigurationArgs.builder()\n .kafkaVersions(\"2.1.0\")\n .name(\"example\")\n .serverProperties(\"\"\"\nauto.create.topics.enable = true\ndelete.topic.enable = true\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:msk:Configuration\n properties:\n kafkaVersions:\n - 2.1.0\n name: example\n serverProperties: |\n auto.create.topics.enable = true\n delete.topic.enable = true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK configurations using the configuration ARN. For example:\n\n```sh\n$ pulumi import aws:msk/configuration:Configuration example arn:aws:kafka:us-west-2:123456789012:configuration/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n" }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n" }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "required": [ "arn", "latestRevision", "name", "serverProperties" ], "inputProperties": { "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the configuration.\n", "willReplaceOnChanges": true }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "requiredInputs": [ "serverProperties" ], "stateInputs": { "description": "Input properties used for looking up and filtering Configuration resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the configuration.\n" }, "description": { "type": "string", "description": "Description of the configuration.\n" }, "kafkaVersions": { "type": "array", "items": { "type": "string" }, "description": "List of Apache Kafka versions which can use this configuration.\n", "willReplaceOnChanges": true }, "latestRevision": { "type": "integer", "description": "Latest revision of the configuration.\n" }, "name": { "type": "string", "description": "Name of the configuration.\n", "willReplaceOnChanges": true }, "serverProperties": { "type": "string", "description": "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html).\n" } }, "type": "object" } }, "aws:msk/replicator:Replicator": { "description": "Resource for managing an AWS Managed Streaming for Kafka Replicator.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.msk.Replicator(\"test\", {\n replicatorName: \"test-name\",\n description: \"test-description\",\n serviceExecutionRoleArn: sourceAwsIamRole.arn,\n kafkaClusters: [\n {\n amazonMskCluster: {\n mskClusterArn: source.arn,\n },\n vpcConfig: {\n subnetIds: sourceAwsSubnet.map(__item =\u003e __item.id),\n securityGroupsIds: [sourceAwsSecurityGroup.id],\n },\n },\n {\n amazonMskCluster: {\n mskClusterArn: target.arn,\n },\n vpcConfig: {\n subnetIds: targetAwsSubnet.map(__item =\u003e __item.id),\n securityGroupsIds: [targetAwsSecurityGroup.id],\n },\n },\n ],\n replicationInfoList: {\n sourceKafkaClusterArn: source.arn,\n targetKafkaClusterArn: target.arn,\n targetCompressionType: \"NONE\",\n topicReplications: [{\n topicsToReplicates: [\".*\"],\n }],\n consumerGroupReplications: [{\n consumerGroupsToReplicates: [\".*\"],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.msk.Replicator(\"test\",\n replicator_name=\"test-name\",\n description=\"test-description\",\n service_execution_role_arn=source_aws_iam_role[\"arn\"],\n kafka_clusters=[\n {\n \"amazon_msk_cluster\": {\n \"msk_cluster_arn\": source[\"arn\"],\n },\n \"vpc_config\": {\n \"subnet_ids\": [__item[\"id\"] for __item in source_aws_subnet],\n \"security_groups_ids\": [source_aws_security_group[\"id\"]],\n },\n },\n {\n \"amazon_msk_cluster\": {\n \"msk_cluster_arn\": target[\"arn\"],\n },\n \"vpc_config\": {\n \"subnet_ids\": [__item[\"id\"] for __item in target_aws_subnet],\n \"security_groups_ids\": [target_aws_security_group[\"id\"]],\n },\n },\n ],\n replication_info_list={\n \"source_kafka_cluster_arn\": source[\"arn\"],\n \"target_kafka_cluster_arn\": target[\"arn\"],\n \"target_compression_type\": \"NONE\",\n \"topic_replications\": [{\n \"topics_to_replicates\": [\".*\"],\n }],\n \"consumer_group_replications\": [{\n \"consumer_groups_to_replicates\": [\".*\"],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Msk.Replicator(\"test\", new()\n {\n ReplicatorName = \"test-name\",\n Description = \"test-description\",\n ServiceExecutionRoleArn = sourceAwsIamRole.Arn,\n KafkaClusters = new[]\n {\n new Aws.Msk.Inputs.ReplicatorKafkaClusterArgs\n {\n AmazonMskCluster = new Aws.Msk.Inputs.ReplicatorKafkaClusterAmazonMskClusterArgs\n {\n MskClusterArn = source.Arn,\n },\n VpcConfig = new Aws.Msk.Inputs.ReplicatorKafkaClusterVpcConfigArgs\n {\n SubnetIds = sourceAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroupsIds = new[]\n {\n sourceAwsSecurityGroup.Id,\n },\n },\n },\n new Aws.Msk.Inputs.ReplicatorKafkaClusterArgs\n {\n AmazonMskCluster = new Aws.Msk.Inputs.ReplicatorKafkaClusterAmazonMskClusterArgs\n {\n MskClusterArn = target.Arn,\n },\n VpcConfig = new Aws.Msk.Inputs.ReplicatorKafkaClusterVpcConfigArgs\n {\n SubnetIds = targetAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroupsIds = new[]\n {\n targetAwsSecurityGroup.Id,\n },\n },\n },\n },\n ReplicationInfoList = new Aws.Msk.Inputs.ReplicatorReplicationInfoListArgs\n {\n SourceKafkaClusterArn = source.Arn,\n TargetKafkaClusterArn = target.Arn,\n TargetCompressionType = \"NONE\",\n TopicReplications = new[]\n {\n new Aws.Msk.Inputs.ReplicatorReplicationInfoListTopicReplicationArgs\n {\n TopicsToReplicates = new[]\n {\n \".*\",\n },\n },\n },\n ConsumerGroupReplications = new[]\n {\n new Aws.Msk.Inputs.ReplicatorReplicationInfoListConsumerGroupReplicationArgs\n {\n ConsumerGroupsToReplicates = new[]\n {\n \".*\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := msk.NewReplicator(ctx, \"test\", \u0026msk.ReplicatorArgs{\nReplicatorName: pulumi.String(\"test-name\"),\nDescription: pulumi.String(\"test-description\"),\nServiceExecutionRoleArn: pulumi.Any(sourceAwsIamRole.Arn),\nKafkaClusters: msk.ReplicatorKafkaClusterArray{\n\u0026msk.ReplicatorKafkaClusterArgs{\nAmazonMskCluster: \u0026msk.ReplicatorKafkaClusterAmazonMskClusterArgs{\nMskClusterArn: pulumi.Any(source.Arn),\n},\nVpcConfig: \u0026msk.ReplicatorKafkaClusterVpcConfigArgs{\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:9,27-48)),\nSecurityGroupsIds: pulumi.StringArray{\nsourceAwsSecurityGroup.Id,\n},\n},\n},\n\u0026msk.ReplicatorKafkaClusterArgs{\nAmazonMskCluster: \u0026msk.ReplicatorKafkaClusterAmazonMskClusterArgs{\nMskClusterArn: pulumi.Any(target.Arn),\n},\nVpcConfig: \u0026msk.ReplicatorKafkaClusterVpcConfigArgs{\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:17,27-48)),\nSecurityGroupsIds: pulumi.StringArray{\ntargetAwsSecurityGroup.Id,\n},\n},\n},\n},\nReplicationInfoList: \u0026msk.ReplicatorReplicationInfoListArgs{\nSourceKafkaClusterArn: pulumi.Any(source.Arn),\nTargetKafkaClusterArn: pulumi.Any(target.Arn),\nTargetCompressionType: pulumi.String(\"NONE\"),\nTopicReplications: msk.ReplicatorReplicationInfoListTopicReplicationArray{\n\u0026msk.ReplicatorReplicationInfoListTopicReplicationArgs{\nTopicsToReplicates: pulumi.StringArray{\npulumi.String(\".*\"),\n},\n},\n},\nConsumerGroupReplications: msk.ReplicatorReplicationInfoListConsumerGroupReplicationArray{\n\u0026msk.ReplicatorReplicationInfoListConsumerGroupReplicationArgs{\nConsumerGroupsToReplicates: pulumi.StringArray{\npulumi.String(\".*\"),\n},\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Replicator;\nimport com.pulumi.aws.msk.ReplicatorArgs;\nimport com.pulumi.aws.msk.inputs.ReplicatorKafkaClusterArgs;\nimport com.pulumi.aws.msk.inputs.ReplicatorKafkaClusterAmazonMskClusterArgs;\nimport com.pulumi.aws.msk.inputs.ReplicatorKafkaClusterVpcConfigArgs;\nimport com.pulumi.aws.msk.inputs.ReplicatorReplicationInfoListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Replicator(\"test\", ReplicatorArgs.builder()\n .replicatorName(\"test-name\")\n .description(\"test-description\")\n .serviceExecutionRoleArn(sourceAwsIamRole.arn())\n .kafkaClusters( \n ReplicatorKafkaClusterArgs.builder()\n .amazonMskCluster(ReplicatorKafkaClusterAmazonMskClusterArgs.builder()\n .mskClusterArn(source.arn())\n .build())\n .vpcConfig(ReplicatorKafkaClusterVpcConfigArgs.builder()\n .subnetIds(sourceAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroupsIds(sourceAwsSecurityGroup.id())\n .build())\n .build(),\n ReplicatorKafkaClusterArgs.builder()\n .amazonMskCluster(ReplicatorKafkaClusterAmazonMskClusterArgs.builder()\n .mskClusterArn(target.arn())\n .build())\n .vpcConfig(ReplicatorKafkaClusterVpcConfigArgs.builder()\n .subnetIds(targetAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroupsIds(targetAwsSecurityGroup.id())\n .build())\n .build())\n .replicationInfoList(ReplicatorReplicationInfoListArgs.builder()\n .sourceKafkaClusterArn(source.arn())\n .targetKafkaClusterArn(target.arn())\n .targetCompressionType(\"NONE\")\n .topicReplications(ReplicatorReplicationInfoListTopicReplicationArgs.builder()\n .topicsToReplicates(\".*\")\n .build())\n .consumerGroupReplications(ReplicatorReplicationInfoListConsumerGroupReplicationArgs.builder()\n .consumerGroupsToReplicates(\".*\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK replicators using the replicator ARN. For example:\n\n```sh\n$ pulumi import aws:msk/replicator:Replicator example arn:aws:kafka:us-west-2:123456789012:configuration/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Replicator. Do not begin the description with \"An\", \"The\", \"Defines\", \"Indicates\", or \"Specifies,\" as these are verbose. In other words, \"Indicates the amount of storage,\" can be rewritten as \"Amount of storage,\" without losing any information.\n" }, "currentVersion": { "type": "string" }, "description": { "type": "string", "description": "A summary description of the replicator.\n" }, "kafkaClusters": { "type": "array", "items": { "$ref": "#/types/aws:msk/ReplicatorKafkaCluster:ReplicatorKafkaCluster" }, "description": "A list of Kafka clusters which are targets of the replicator.\n" }, "replicationInfoList": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoList:ReplicatorReplicationInfoList", "description": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.\n" }, "replicatorName": { "type": "string", "description": "The name of the replicator.\n" }, "serviceExecutionRoleArn": { "type": "string", "description": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "currentVersion", "kafkaClusters", "replicationInfoList", "replicatorName", "serviceExecutionRoleArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A summary description of the replicator.\n" }, "kafkaClusters": { "type": "array", "items": { "$ref": "#/types/aws:msk/ReplicatorKafkaCluster:ReplicatorKafkaCluster" }, "description": "A list of Kafka clusters which are targets of the replicator.\n", "willReplaceOnChanges": true }, "replicationInfoList": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoList:ReplicatorReplicationInfoList", "description": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.\n", "willReplaceOnChanges": true }, "replicatorName": { "type": "string", "description": "The name of the replicator.\n" }, "serviceExecutionRoleArn": { "type": "string", "description": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "kafkaClusters", "replicationInfoList", "replicatorName", "serviceExecutionRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Replicator resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Replicator. Do not begin the description with \"An\", \"The\", \"Defines\", \"Indicates\", or \"Specifies,\" as these are verbose. In other words, \"Indicates the amount of storage,\" can be rewritten as \"Amount of storage,\" without losing any information.\n" }, "currentVersion": { "type": "string" }, "description": { "type": "string", "description": "A summary description of the replicator.\n" }, "kafkaClusters": { "type": "array", "items": { "$ref": "#/types/aws:msk/ReplicatorKafkaCluster:ReplicatorKafkaCluster" }, "description": "A list of Kafka clusters which are targets of the replicator.\n", "willReplaceOnChanges": true }, "replicationInfoList": { "$ref": "#/types/aws:msk/ReplicatorReplicationInfoList:ReplicatorReplicationInfoList", "description": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.\n", "willReplaceOnChanges": true }, "replicatorName": { "type": "string", "description": "The name of the replicator.\n" }, "serviceExecutionRoleArn": { "type": "string", "description": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:msk/scramSecretAssociation:ScramSecretAssociation": { "description": "Associates SCRAM secrets stored in the Secrets Manager service with a Managed Streaming for Kafka (MSK) cluster.\n\n\u003e **Note:** The following assumes the MSK cluster has SASL/SCRAM authentication enabled. See below for example usage or refer to the [Username/Password Authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html) section of the MSK Developer Guide for more details.\n\nTo set up username and password authentication for a cluster, create an `aws.secretsmanager.Secret` resource and associate\na username and password with the secret with an `aws.secretsmanager.SecretVersion` resource. When creating a secret for the cluster,\nthe `name` must have the prefix `AmazonMSK_` and you must either use an existing custom AWS KMS key or create a new\ncustom AWS KMS key for your secret with the `aws.kms.Key` resource. It is important to note that a policy is required for the `aws.secretsmanager.Secret`\nresource in order for Kafka to be able to read it. This policy is attached automatically when the `aws.msk.ScramSecretAssociation` is used,\nhowever, this policy will not be in the state and as such, will present a diff on plan/apply. For that reason, you must use the `aws.secretsmanager.SecretPolicy`\nresource](/docs/providers/aws/r/secretsmanager_secret_policy.html) as shown below in order to ensure that the state is in a clean state after the creation of secret and the association to the cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCluster = new aws.msk.Cluster(\"example\", {\n clusterName: \"example\",\n clientAuthentication: {\n sasl: {\n scram: true,\n },\n },\n});\nconst exampleKey = new aws.kms.Key(\"example\", {description: \"Example Key for MSK Cluster Scram Secret Association\"});\nconst exampleSecret = new aws.secretsmanager.Secret(\"example\", {\n name: \"AmazonMSK_example\",\n kmsKeyId: exampleKey.keyId,\n});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: exampleSecret.id,\n secretString: JSON.stringify({\n username: \"user\",\n password: \"pass\",\n }),\n});\nconst exampleScramSecretAssociation = new aws.msk.ScramSecretAssociation(\"example\", {\n clusterArn: exampleCluster.arn,\n secretArnLists: [exampleSecret.arn],\n}, {\n dependsOn: [exampleSecretVersion],\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"AWSKafkaResourcePolicy\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"kafka.amazonaws.com\"],\n }],\n actions: [\"secretsmanager:getSecretValue\"],\n resources: [exampleSecret.arn],\n }],\n});\nconst exampleSecretPolicy = new aws.secretsmanager.SecretPolicy(\"example\", {\n secretArn: exampleSecret.arn,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_cluster = aws.msk.Cluster(\"example\",\n cluster_name=\"example\",\n client_authentication={\n \"sasl\": {\n \"scram\": True,\n },\n })\nexample_key = aws.kms.Key(\"example\", description=\"Example Key for MSK Cluster Scram Secret Association\")\nexample_secret = aws.secretsmanager.Secret(\"example\",\n name=\"AmazonMSK_example\",\n kms_key_id=example_key.key_id)\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example_secret.id,\n secret_string=json.dumps({\n \"username\": \"user\",\n \"password\": \"pass\",\n }))\nexample_scram_secret_association = aws.msk.ScramSecretAssociation(\"example\",\n cluster_arn=example_cluster.arn,\n secret_arn_lists=[example_secret.arn],\n opts = pulumi.ResourceOptions(depends_on=[example_secret_version]))\nexample = aws.iam.get_policy_document_output(statements=[{\n \"sid\": \"AWSKafkaResourcePolicy\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"kafka.amazonaws.com\"],\n }],\n \"actions\": [\"secretsmanager:getSecretValue\"],\n \"resources\": [example_secret.arn],\n}])\nexample_secret_policy = aws.secretsmanager.SecretPolicy(\"example\",\n secret_arn=example_secret.arn,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Msk.Cluster(\"example\", new()\n {\n ClusterName = \"example\",\n ClientAuthentication = new Aws.Msk.Inputs.ClusterClientAuthenticationArgs\n {\n Sasl = new Aws.Msk.Inputs.ClusterClientAuthenticationSaslArgs\n {\n Scram = true,\n },\n },\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example Key for MSK Cluster Scram Secret Association\",\n });\n\n var exampleSecret = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"AmazonMSK_example\",\n KmsKeyId = exampleKey.KeyId,\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = exampleSecret.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"user\",\n [\"password\"] = \"pass\",\n }),\n });\n\n var exampleScramSecretAssociation = new Aws.Msk.ScramSecretAssociation(\"example\", new()\n {\n ClusterArn = exampleCluster.Arn,\n SecretArnLists = new[]\n {\n exampleSecret.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleSecretVersion,\n },\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSKafkaResourcePolicy\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"kafka.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"secretsmanager:getSecretValue\",\n },\n Resources = new[]\n {\n exampleSecret.Arn,\n },\n },\n },\n });\n\n var exampleSecretPolicy = new Aws.SecretsManager.SecretPolicy(\"example\", new()\n {\n SecretArn = exampleSecret.Arn,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := msk.NewCluster(ctx, \"example\", \u0026msk.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"example\"),\n\t\t\tClientAuthentication: \u0026msk.ClusterClientAuthenticationArgs{\n\t\t\t\tSasl: \u0026msk.ClusterClientAuthenticationSaslArgs{\n\t\t\t\t\tScram: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example Key for MSK Cluster Scram Secret Association\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecret, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"AmazonMSK_example\"),\n\t\t\tKmsKeyId: exampleKey.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"user\",\n\t\t\t\"password\": \"pass\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: exampleSecret.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = msk.NewScramSecretAssociation(ctx, \"example\", \u0026msk.ScramSecretAssociationArgs{\n\t\t\tClusterArn: exampleCluster.Arn,\n\t\t\tSecretArnLists: pulumi.StringArray{\n\t\t\t\texampleSecret.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSKafkaResourcePolicy\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"kafka.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"secretsmanager:getSecretValue\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleSecret.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = secretsmanager.NewSecretPolicy(ctx, \"example\", \u0026secretsmanager.SecretPolicyArgs{\n\t\t\tSecretArn: exampleSecret.Arn,\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Cluster;\nimport com.pulumi.aws.msk.ClusterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationSaslArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.msk.ScramSecretAssociation;\nimport com.pulumi.aws.msk.ScramSecretAssociationArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.secretsmanager.SecretPolicy;\nimport com.pulumi.aws.secretsmanager.SecretPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .clusterName(\"example\")\n .clientAuthentication(ClusterClientAuthenticationArgs.builder()\n .sasl(ClusterClientAuthenticationSaslArgs.builder()\n .scram(true)\n .build())\n .build())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"Example Key for MSK Cluster Scram Secret Association\")\n .build());\n\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder()\n .name(\"AmazonMSK_example\")\n .kmsKeyId(exampleKey.keyId())\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(exampleSecret.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"user\"),\n jsonProperty(\"password\", \"pass\")\n )))\n .build());\n\n var exampleScramSecretAssociation = new ScramSecretAssociation(\"exampleScramSecretAssociation\", ScramSecretAssociationArgs.builder()\n .clusterArn(exampleCluster.arn())\n .secretArnLists(exampleSecret.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleSecretVersion)\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSKafkaResourcePolicy\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"kafka.amazonaws.com\")\n .build())\n .actions(\"secretsmanager:getSecretValue\")\n .resources(exampleSecret.arn())\n .build())\n .build());\n\n var exampleSecretPolicy = new SecretPolicy(\"exampleSecretPolicy\", SecretPolicyArgs.builder()\n .secretArn(exampleSecret.arn())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleScramSecretAssociation:\n type: aws:msk:ScramSecretAssociation\n name: example\n properties:\n clusterArn: ${exampleCluster.arn}\n secretArnLists:\n - ${exampleSecret.arn}\n options:\n dependson:\n - ${exampleSecretVersion}\n exampleCluster:\n type: aws:msk:Cluster\n name: example\n properties:\n clusterName: example\n clientAuthentication:\n sasl:\n scram: true\n exampleSecret:\n type: aws:secretsmanager:Secret\n name: example\n properties:\n name: AmazonMSK_example\n kmsKeyId: ${exampleKey.keyId}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: Example Key for MSK Cluster Scram Secret Association\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${exampleSecret.id}\n secretString:\n fn::toJSON:\n username: user\n password: pass\n exampleSecretPolicy:\n type: aws:secretsmanager:SecretPolicy\n name: example\n properties:\n secretArn: ${exampleSecret.arn}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSKafkaResourcePolicy\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - kafka.amazonaws.com\n actions:\n - secretsmanager:getSecretValue\n resources:\n - ${exampleSecret.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK SCRAM Secret Associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:msk/scramSecretAssociation:ScramSecretAssociation example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "clusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n" }, "secretArnLists": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Secrets Manager secret ARNs.\n" } }, "required": [ "clusterArn", "secretArnLists" ], "inputProperties": { "clusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n", "willReplaceOnChanges": true }, "secretArnLists": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Secrets Manager secret ARNs.\n" } }, "requiredInputs": [ "clusterArn", "secretArnLists" ], "stateInputs": { "description": "Input properties used for looking up and filtering ScramSecretAssociation resources.\n", "properties": { "clusterArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the MSK cluster.\n", "willReplaceOnChanges": true }, "secretArnLists": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Secrets Manager secret ARNs.\n" } }, "type": "object" } }, "aws:msk/serverlessCluster:ServerlessCluster": { "description": "Manages an Amazon MSK Serverless cluster.\n\n\u003e **Note:** To manage a _provisioned_ Amazon MSK cluster, use the `aws.msk.Cluster` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.msk.ServerlessCluster(\"example\", {\n clusterName: \"Example\",\n vpcConfigs: [{\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n securityGroupIds: [exampleAwsSecurityGroup.id],\n }],\n clientAuthentication: {\n sasl: {\n iam: {\n enabled: true,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.ServerlessCluster(\"example\",\n cluster_name=\"Example\",\n vpc_configs=[{\n \"subnet_ids\": [__item[\"id\"] for __item in example_aws_subnet],\n \"security_group_ids\": [example_aws_security_group[\"id\"]],\n }],\n client_authentication={\n \"sasl\": {\n \"iam\": {\n \"enabled\": True,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Msk.ServerlessCluster(\"example\", new()\n {\n ClusterName = \"Example\",\n VpcConfigs = new[]\n {\n new Aws.Msk.Inputs.ServerlessClusterVpcConfigArgs\n {\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n },\n },\n ClientAuthentication = new Aws.Msk.Inputs.ServerlessClusterClientAuthenticationArgs\n {\n Sasl = new Aws.Msk.Inputs.ServerlessClusterClientAuthenticationSaslArgs\n {\n Iam = new Aws.Msk.Inputs.ServerlessClusterClientAuthenticationSaslIamArgs\n {\n Enabled = true,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := msk.NewServerlessCluster(ctx, \"example\", \u0026msk.ServerlessClusterArgs{\nClusterName: pulumi.String(\"Example\"),\nVpcConfigs: msk.ServerlessClusterVpcConfigArray{\n\u0026msk.ServerlessClusterVpcConfigArgs{\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:3,24-46)),\nSecurityGroupIds: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\n},\n},\nClientAuthentication: \u0026msk.ServerlessClusterClientAuthenticationArgs{\nSasl: \u0026msk.ServerlessClusterClientAuthenticationSaslArgs{\nIam: \u0026msk.ServerlessClusterClientAuthenticationSaslIamArgs{\nEnabled: pulumi.Bool(true),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.ServerlessCluster;\nimport com.pulumi.aws.msk.ServerlessClusterArgs;\nimport com.pulumi.aws.msk.inputs.ServerlessClusterVpcConfigArgs;\nimport com.pulumi.aws.msk.inputs.ServerlessClusterClientAuthenticationArgs;\nimport com.pulumi.aws.msk.inputs.ServerlessClusterClientAuthenticationSaslArgs;\nimport com.pulumi.aws.msk.inputs.ServerlessClusterClientAuthenticationSaslIamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessCluster(\"example\", ServerlessClusterArgs.builder()\n .clusterName(\"Example\")\n .vpcConfigs(ServerlessClusterVpcConfigArgs.builder()\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .build())\n .clientAuthentication(ServerlessClusterClientAuthenticationArgs.builder()\n .sasl(ServerlessClusterClientAuthenticationSaslArgs.builder()\n .iam(ServerlessClusterClientAuthenticationSaslIamArgs.builder()\n .enabled(true)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK serverless clusters using the cluster `arn`. For example:\n\n```sh\n$ pulumi import aws:msk/serverlessCluster:ServerlessCluster example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the serverless cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ServerlessClusterClientAuthentication:ServerlessClusterClientAuthentication", "description": "Specifies client authentication information for the serverless cluster. See below.\n" }, "clusterName": { "type": "string", "description": "The name of the serverless cluster.\n" }, "clusterUuid": { "type": "string", "description": "UUID of the serverless cluster, for use in IAM policies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfigs": { "type": "array", "items": { "$ref": "#/types/aws:msk/ServerlessClusterVpcConfig:ServerlessClusterVpcConfig" }, "description": "VPC configuration information. See below.\n" } }, "required": [ "arn", "clientAuthentication", "clusterName", "clusterUuid", "tagsAll", "vpcConfigs" ], "inputProperties": { "clientAuthentication": { "$ref": "#/types/aws:msk/ServerlessClusterClientAuthentication:ServerlessClusterClientAuthentication", "description": "Specifies client authentication information for the serverless cluster. See below.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "The name of the serverless cluster.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfigs": { "type": "array", "items": { "$ref": "#/types/aws:msk/ServerlessClusterVpcConfig:ServerlessClusterVpcConfig" }, "description": "VPC configuration information. See below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientAuthentication", "vpcConfigs" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessCluster resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the serverless cluster.\n" }, "clientAuthentication": { "$ref": "#/types/aws:msk/ServerlessClusterClientAuthentication:ServerlessClusterClientAuthentication", "description": "Specifies client authentication information for the serverless cluster. See below.\n", "willReplaceOnChanges": true }, "clusterName": { "type": "string", "description": "The name of the serverless cluster.\n", "willReplaceOnChanges": true }, "clusterUuid": { "type": "string", "description": "UUID of the serverless cluster, for use in IAM policies.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfigs": { "type": "array", "items": { "$ref": "#/types/aws:msk/ServerlessClusterVpcConfig:ServerlessClusterVpcConfig" }, "description": "VPC configuration information. See below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:msk/vpcConnection:VpcConnection": { "description": "Resource for managing an AWS Managed Streaming for Kafka VPC Connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.msk.VpcConnection(\"test\", {\n authentication: \"SASL_IAM\",\n targetClusterArn: \"aws_msk_cluster.arn\",\n vpcId: testAwsVpc.id,\n clientSubnets: testAwsSubnet.map(__item =\u003e __item.id),\n securityGroups: [testAwsSecurityGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.msk.VpcConnection(\"test\",\n authentication=\"SASL_IAM\",\n target_cluster_arn=\"aws_msk_cluster.arn\",\n vpc_id=test_aws_vpc[\"id\"],\n client_subnets=[__item[\"id\"] for __item in test_aws_subnet],\n security_groups=[test_aws_security_group[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Msk.VpcConnection(\"test\", new()\n {\n Authentication = \"SASL_IAM\",\n TargetClusterArn = \"aws_msk_cluster.arn\",\n VpcId = testAwsVpc.Id,\n ClientSubnets = testAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroups = new[]\n {\n testAwsSecurityGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range testAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := msk.NewVpcConnection(ctx, \"test\", \u0026msk.VpcConnectionArgs{\nAuthentication: pulumi.String(\"SASL_IAM\"),\nTargetClusterArn: pulumi.String(\"aws_msk_cluster.arn\"),\nVpcId: pulumi.Any(testAwsVpc.Id),\nClientSubnets: toPulumiArray(splat0),\nSecurityGroups: pulumi.StringArray{\ntestAwsSecurityGroup.Id,\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.VpcConnection;\nimport com.pulumi.aws.msk.VpcConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new VpcConnection(\"test\", VpcConnectionArgs.builder()\n .authentication(\"SASL_IAM\")\n .targetClusterArn(\"aws_msk_cluster.arn\")\n .vpcId(testAwsVpc.id())\n .clientSubnets(testAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroups(testAwsSecurityGroup.id())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK configurations using the configuration ARN. For example:\n\n```sh\n$ pulumi import aws:msk/vpcConnection:VpcConnection example arn:aws:kafka:eu-west-2:123456789012:vpc-connection/123456789012/example/38173259-79cd-4ee8-87f3-682ea6023f48-2\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPC connection.\n" }, "authentication": { "type": "string", "description": "The authentication type for the client VPC connection. Specify one of these auth type strings: SASL_IAM, SASL_SCRAM, or TLS.\n" }, "clientSubnets": { "type": "array", "items": { "type": "string" }, "description": "The list of subnets in the client VPC to connect to.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups to attach to the ENIs for the broker nodes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n" }, "vpcId": { "type": "string", "description": "The VPC ID of the remote client.\n" } }, "required": [ "arn", "authentication", "clientSubnets", "securityGroups", "tagsAll", "targetClusterArn", "vpcId" ], "inputProperties": { "authentication": { "type": "string", "description": "The authentication type for the client VPC connection. Specify one of these auth type strings: SASL_IAM, SASL_SCRAM, or TLS.\n", "willReplaceOnChanges": true }, "clientSubnets": { "type": "array", "items": { "type": "string" }, "description": "The list of subnets in the client VPC to connect to.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups to attach to the ENIs for the broker nodes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The VPC ID of the remote client.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authentication", "clientSubnets", "securityGroups", "targetClusterArn", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcConnection resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPC connection.\n" }, "authentication": { "type": "string", "description": "The authentication type for the client VPC connection. Specify one of these auth type strings: SASL_IAM, SASL_SCRAM, or TLS.\n", "willReplaceOnChanges": true }, "clientSubnets": { "type": "array", "items": { "type": "string" }, "description": "The list of subnets in the client VPC to connect to.\n", "willReplaceOnChanges": true }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The security groups to attach to the ENIs for the broker nodes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetClusterArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the cluster.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The VPC ID of the remote client.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:mskconnect/connector:Connector": { "description": "Provides an Amazon MSK Connect Connector resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mskconnect.Connector(\"example\", {\n name: \"example\",\n kafkaconnectVersion: \"2.7.1\",\n capacity: {\n autoscaling: {\n mcuCount: 1,\n minWorkerCount: 1,\n maxWorkerCount: 2,\n scaleInPolicy: {\n cpuUtilizationPercentage: 20,\n },\n scaleOutPolicy: {\n cpuUtilizationPercentage: 80,\n },\n },\n },\n connectorConfiguration: {\n \"connector.class\": \"com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\",\n \"tasks.max\": \"1\",\n topics: \"example\",\n },\n kafkaCluster: {\n apacheKafkaCluster: {\n bootstrapServers: exampleAwsMskCluster.bootstrapBrokersTls,\n vpc: {\n securityGroups: [exampleAwsSecurityGroup.id],\n subnets: [\n example1.id,\n example2.id,\n example3.id,\n ],\n },\n },\n },\n kafkaClusterClientAuthentication: {\n authenticationType: \"NONE\",\n },\n kafkaClusterEncryptionInTransit: {\n encryptionType: \"TLS\",\n },\n plugins: [{\n customPlugin: {\n arn: exampleAwsMskconnectCustomPlugin.arn,\n revision: exampleAwsMskconnectCustomPlugin.latestRevision,\n },\n }],\n serviceExecutionRoleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mskconnect.Connector(\"example\",\n name=\"example\",\n kafkaconnect_version=\"2.7.1\",\n capacity={\n \"autoscaling\": {\n \"mcu_count\": 1,\n \"min_worker_count\": 1,\n \"max_worker_count\": 2,\n \"scale_in_policy\": {\n \"cpu_utilization_percentage\": 20,\n },\n \"scale_out_policy\": {\n \"cpu_utilization_percentage\": 80,\n },\n },\n },\n connector_configuration={\n \"connector.class\": \"com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\",\n \"tasks.max\": \"1\",\n \"topics\": \"example\",\n },\n kafka_cluster={\n \"apache_kafka_cluster\": {\n \"bootstrap_servers\": example_aws_msk_cluster[\"bootstrapBrokersTls\"],\n \"vpc\": {\n \"security_groups\": [example_aws_security_group[\"id\"]],\n \"subnets\": [\n example1[\"id\"],\n example2[\"id\"],\n example3[\"id\"],\n ],\n },\n },\n },\n kafka_cluster_client_authentication={\n \"authentication_type\": \"NONE\",\n },\n kafka_cluster_encryption_in_transit={\n \"encryption_type\": \"TLS\",\n },\n plugins=[{\n \"custom_plugin\": {\n \"arn\": example_aws_mskconnect_custom_plugin[\"arn\"],\n \"revision\": example_aws_mskconnect_custom_plugin[\"latestRevision\"],\n },\n }],\n service_execution_role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MskConnect.Connector(\"example\", new()\n {\n Name = \"example\",\n KafkaconnectVersion = \"2.7.1\",\n Capacity = new Aws.MskConnect.Inputs.ConnectorCapacityArgs\n {\n Autoscaling = new Aws.MskConnect.Inputs.ConnectorCapacityAutoscalingArgs\n {\n McuCount = 1,\n MinWorkerCount = 1,\n MaxWorkerCount = 2,\n ScaleInPolicy = new Aws.MskConnect.Inputs.ConnectorCapacityAutoscalingScaleInPolicyArgs\n {\n CpuUtilizationPercentage = 20,\n },\n ScaleOutPolicy = new Aws.MskConnect.Inputs.ConnectorCapacityAutoscalingScaleOutPolicyArgs\n {\n CpuUtilizationPercentage = 80,\n },\n },\n },\n ConnectorConfiguration = \n {\n { \"connector.class\", \"com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\" },\n { \"tasks.max\", \"1\" },\n { \"topics\", \"example\" },\n },\n KafkaCluster = new Aws.MskConnect.Inputs.ConnectorKafkaClusterArgs\n {\n ApacheKafkaCluster = new Aws.MskConnect.Inputs.ConnectorKafkaClusterApacheKafkaClusterArgs\n {\n BootstrapServers = exampleAwsMskCluster.BootstrapBrokersTls,\n Vpc = new Aws.MskConnect.Inputs.ConnectorKafkaClusterApacheKafkaClusterVpcArgs\n {\n SecurityGroups = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n example1.Id,\n example2.Id,\n example3.Id,\n },\n },\n },\n },\n KafkaClusterClientAuthentication = new Aws.MskConnect.Inputs.ConnectorKafkaClusterClientAuthenticationArgs\n {\n AuthenticationType = \"NONE\",\n },\n KafkaClusterEncryptionInTransit = new Aws.MskConnect.Inputs.ConnectorKafkaClusterEncryptionInTransitArgs\n {\n EncryptionType = \"TLS\",\n },\n Plugins = new[]\n {\n new Aws.MskConnect.Inputs.ConnectorPluginArgs\n {\n CustomPlugin = new Aws.MskConnect.Inputs.ConnectorPluginCustomPluginArgs\n {\n Arn = exampleAwsMskconnectCustomPlugin.Arn,\n Revision = exampleAwsMskconnectCustomPlugin.LatestRevision,\n },\n },\n },\n ServiceExecutionRoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mskconnect.NewConnector(ctx, \"example\", \u0026mskconnect.ConnectorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tKafkaconnectVersion: pulumi.String(\"2.7.1\"),\n\t\t\tCapacity: \u0026mskconnect.ConnectorCapacityArgs{\n\t\t\t\tAutoscaling: \u0026mskconnect.ConnectorCapacityAutoscalingArgs{\n\t\t\t\t\tMcuCount: pulumi.Int(1),\n\t\t\t\t\tMinWorkerCount: pulumi.Int(1),\n\t\t\t\t\tMaxWorkerCount: pulumi.Int(2),\n\t\t\t\t\tScaleInPolicy: \u0026mskconnect.ConnectorCapacityAutoscalingScaleInPolicyArgs{\n\t\t\t\t\t\tCpuUtilizationPercentage: pulumi.Int(20),\n\t\t\t\t\t},\n\t\t\t\t\tScaleOutPolicy: \u0026mskconnect.ConnectorCapacityAutoscalingScaleOutPolicyArgs{\n\t\t\t\t\t\tCpuUtilizationPercentage: pulumi.Int(80),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConnectorConfiguration: pulumi.StringMap{\n\t\t\t\t\"connector.class\": pulumi.String(\"com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\"),\n\t\t\t\t\"tasks.max\": pulumi.String(\"1\"),\n\t\t\t\t\"topics\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t\tKafkaCluster: \u0026mskconnect.ConnectorKafkaClusterArgs{\n\t\t\t\tApacheKafkaCluster: \u0026mskconnect.ConnectorKafkaClusterApacheKafkaClusterArgs{\n\t\t\t\t\tBootstrapServers: pulumi.Any(exampleAwsMskCluster.BootstrapBrokersTls),\n\t\t\t\t\tVpc: \u0026mskconnect.ConnectorKafkaClusterApacheKafkaClusterVpcArgs{\n\t\t\t\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\t\t\texample1.Id,\n\t\t\t\t\t\t\texample2.Id,\n\t\t\t\t\t\t\texample3.Id,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tKafkaClusterClientAuthentication: \u0026mskconnect.ConnectorKafkaClusterClientAuthenticationArgs{\n\t\t\t\tAuthenticationType: pulumi.String(\"NONE\"),\n\t\t\t},\n\t\t\tKafkaClusterEncryptionInTransit: \u0026mskconnect.ConnectorKafkaClusterEncryptionInTransitArgs{\n\t\t\t\tEncryptionType: pulumi.String(\"TLS\"),\n\t\t\t},\n\t\t\tPlugins: mskconnect.ConnectorPluginArray{\n\t\t\t\t\u0026mskconnect.ConnectorPluginArgs{\n\t\t\t\t\tCustomPlugin: \u0026mskconnect.ConnectorPluginCustomPluginArgs{\n\t\t\t\t\t\tArn: pulumi.Any(exampleAwsMskconnectCustomPlugin.Arn),\n\t\t\t\t\t\tRevision: pulumi.Any(exampleAwsMskconnectCustomPlugin.LatestRevision),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mskconnect.Connector;\nimport com.pulumi.aws.mskconnect.ConnectorArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorCapacityArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorCapacityAutoscalingArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorCapacityAutoscalingScaleInPolicyArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorCapacityAutoscalingScaleOutPolicyArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorKafkaClusterArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorKafkaClusterApacheKafkaClusterArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorKafkaClusterApacheKafkaClusterVpcArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorKafkaClusterClientAuthenticationArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorKafkaClusterEncryptionInTransitArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorPluginArgs;\nimport com.pulumi.aws.mskconnect.inputs.ConnectorPluginCustomPluginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connector(\"example\", ConnectorArgs.builder()\n .name(\"example\")\n .kafkaconnectVersion(\"2.7.1\")\n .capacity(ConnectorCapacityArgs.builder()\n .autoscaling(ConnectorCapacityAutoscalingArgs.builder()\n .mcuCount(1)\n .minWorkerCount(1)\n .maxWorkerCount(2)\n .scaleInPolicy(ConnectorCapacityAutoscalingScaleInPolicyArgs.builder()\n .cpuUtilizationPercentage(20)\n .build())\n .scaleOutPolicy(ConnectorCapacityAutoscalingScaleOutPolicyArgs.builder()\n .cpuUtilizationPercentage(80)\n .build())\n .build())\n .build())\n .connectorConfiguration(Map.ofEntries(\n Map.entry(\"connector.class\", \"com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\"),\n Map.entry(\"tasks.max\", \"1\"),\n Map.entry(\"topics\", \"example\")\n ))\n .kafkaCluster(ConnectorKafkaClusterArgs.builder()\n .apacheKafkaCluster(ConnectorKafkaClusterApacheKafkaClusterArgs.builder()\n .bootstrapServers(exampleAwsMskCluster.bootstrapBrokersTls())\n .vpc(ConnectorKafkaClusterApacheKafkaClusterVpcArgs.builder()\n .securityGroups(exampleAwsSecurityGroup.id())\n .subnets( \n example1.id(),\n example2.id(),\n example3.id())\n .build())\n .build())\n .build())\n .kafkaClusterClientAuthentication(ConnectorKafkaClusterClientAuthenticationArgs.builder()\n .authenticationType(\"NONE\")\n .build())\n .kafkaClusterEncryptionInTransit(ConnectorKafkaClusterEncryptionInTransitArgs.builder()\n .encryptionType(\"TLS\")\n .build())\n .plugins(ConnectorPluginArgs.builder()\n .customPlugin(ConnectorPluginCustomPluginArgs.builder()\n .arn(exampleAwsMskconnectCustomPlugin.arn())\n .revision(exampleAwsMskconnectCustomPlugin.latestRevision())\n .build())\n .build())\n .serviceExecutionRoleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mskconnect:Connector\n properties:\n name: example\n kafkaconnectVersion: 2.7.1\n capacity:\n autoscaling:\n mcuCount: 1\n minWorkerCount: 1\n maxWorkerCount: 2\n scaleInPolicy:\n cpuUtilizationPercentage: 20\n scaleOutPolicy:\n cpuUtilizationPercentage: 80\n connectorConfiguration:\n connector.class: com.github.jcustenborder.kafka.connect.simulator.SimulatorSinkConnector\n tasks.max: '1'\n topics: example\n kafkaCluster:\n apacheKafkaCluster:\n bootstrapServers: ${exampleAwsMskCluster.bootstrapBrokersTls}\n vpc:\n securityGroups:\n - ${exampleAwsSecurityGroup.id}\n subnets:\n - ${example1.id}\n - ${example2.id}\n - ${example3.id}\n kafkaClusterClientAuthentication:\n authenticationType: NONE\n kafkaClusterEncryptionInTransit:\n encryptionType: TLS\n plugins:\n - customPlugin:\n arn: ${exampleAwsMskconnectCustomPlugin.arn}\n revision: ${exampleAwsMskconnectCustomPlugin.latestRevision}\n serviceExecutionRoleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK Connect Connector using the connector's `arn`. For example:\n\n```sh\n$ pulumi import aws:mskconnect/connector:Connector example 'arn:aws:kafkaconnect:eu-central-1:123456789012:connector/example/264edee4-17a3-412e-bd76-6681cfc93805-3'\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connector.\n" }, "capacity": { "$ref": "#/types/aws:mskconnect/ConnectorCapacity:ConnectorCapacity", "description": "Information about the capacity allocated to the connector. See `capacity` Block for details.\n" }, "connectorConfiguration": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys to values that represent the configuration for the connector.\n" }, "description": { "type": "string", "description": "A summary description of the connector.\n" }, "kafkaCluster": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaCluster:ConnectorKafkaCluster", "description": "Specifies which Apache Kafka cluster to connect to. See `kafka_cluster` Block for details.\n" }, "kafkaClusterClientAuthentication": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterClientAuthentication:ConnectorKafkaClusterClientAuthentication", "description": "Details of the client authentication used by the Apache Kafka cluster. See `kafka_cluster_client_authentication` Block for details.\n" }, "kafkaClusterEncryptionInTransit": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterEncryptionInTransit:ConnectorKafkaClusterEncryptionInTransit", "description": "Details of encryption in transit to the Apache Kafka cluster. See `kafka_cluster_encryption_in_transit` Block for details.\n" }, "kafkaconnectVersion": { "type": "string", "description": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.\n" }, "logDelivery": { "$ref": "#/types/aws:mskconnect/ConnectorLogDelivery:ConnectorLogDelivery", "description": "Details about log delivery. See `log_delivery` Block for details.\n" }, "name": { "type": "string", "description": "The name of the connector.\n" }, "plugins": { "type": "array", "items": { "$ref": "#/types/aws:mskconnect/ConnectorPlugin:ConnectorPlugin" }, "description": "Specifies which plugins to use for the connector. See `plugin` Block for details.\n" }, "serviceExecutionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access the Amazon Web Services resources that it needs. The types of resources depends on the logic of the connector. For example, a connector that has Amazon S3 as a destination must have permissions that allow it to write to the S3 destination bucket.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The current version of the connector.\n" }, "workerConfiguration": { "$ref": "#/types/aws:mskconnect/ConnectorWorkerConfiguration:ConnectorWorkerConfiguration", "description": "Specifies which worker configuration to use with the connector. See `worker_configuration` Block for details.\n" } }, "required": [ "arn", "capacity", "connectorConfiguration", "kafkaCluster", "kafkaClusterClientAuthentication", "kafkaClusterEncryptionInTransit", "kafkaconnectVersion", "name", "plugins", "serviceExecutionRoleArn", "tagsAll", "version" ], "inputProperties": { "capacity": { "$ref": "#/types/aws:mskconnect/ConnectorCapacity:ConnectorCapacity", "description": "Information about the capacity allocated to the connector. See `capacity` Block for details.\n" }, "connectorConfiguration": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys to values that represent the configuration for the connector.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A summary description of the connector.\n", "willReplaceOnChanges": true }, "kafkaCluster": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaCluster:ConnectorKafkaCluster", "description": "Specifies which Apache Kafka cluster to connect to. See `kafka_cluster` Block for details.\n", "willReplaceOnChanges": true }, "kafkaClusterClientAuthentication": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterClientAuthentication:ConnectorKafkaClusterClientAuthentication", "description": "Details of the client authentication used by the Apache Kafka cluster. See `kafka_cluster_client_authentication` Block for details.\n", "willReplaceOnChanges": true }, "kafkaClusterEncryptionInTransit": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterEncryptionInTransit:ConnectorKafkaClusterEncryptionInTransit", "description": "Details of encryption in transit to the Apache Kafka cluster. See `kafka_cluster_encryption_in_transit` Block for details.\n", "willReplaceOnChanges": true }, "kafkaconnectVersion": { "type": "string", "description": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.\n", "willReplaceOnChanges": true }, "logDelivery": { "$ref": "#/types/aws:mskconnect/ConnectorLogDelivery:ConnectorLogDelivery", "description": "Details about log delivery. See `log_delivery` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connector.\n", "willReplaceOnChanges": true }, "plugins": { "type": "array", "items": { "$ref": "#/types/aws:mskconnect/ConnectorPlugin:ConnectorPlugin" }, "description": "Specifies which plugins to use for the connector. See `plugin` Block for details.\n", "willReplaceOnChanges": true }, "serviceExecutionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access the Amazon Web Services resources that it needs. The types of resources depends on the logic of the connector. For example, a connector that has Amazon S3 as a destination must have permissions that allow it to write to the S3 destination bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workerConfiguration": { "$ref": "#/types/aws:mskconnect/ConnectorWorkerConfiguration:ConnectorWorkerConfiguration", "description": "Specifies which worker configuration to use with the connector. See `worker_configuration` Block for details.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "capacity", "connectorConfiguration", "kafkaCluster", "kafkaClusterClientAuthentication", "kafkaClusterEncryptionInTransit", "kafkaconnectVersion", "plugins", "serviceExecutionRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connector resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connector.\n" }, "capacity": { "$ref": "#/types/aws:mskconnect/ConnectorCapacity:ConnectorCapacity", "description": "Information about the capacity allocated to the connector. See `capacity` Block for details.\n" }, "connectorConfiguration": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of keys to values that represent the configuration for the connector.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A summary description of the connector.\n", "willReplaceOnChanges": true }, "kafkaCluster": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaCluster:ConnectorKafkaCluster", "description": "Specifies which Apache Kafka cluster to connect to. See `kafka_cluster` Block for details.\n", "willReplaceOnChanges": true }, "kafkaClusterClientAuthentication": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterClientAuthentication:ConnectorKafkaClusterClientAuthentication", "description": "Details of the client authentication used by the Apache Kafka cluster. See `kafka_cluster_client_authentication` Block for details.\n", "willReplaceOnChanges": true }, "kafkaClusterEncryptionInTransit": { "$ref": "#/types/aws:mskconnect/ConnectorKafkaClusterEncryptionInTransit:ConnectorKafkaClusterEncryptionInTransit", "description": "Details of encryption in transit to the Apache Kafka cluster. See `kafka_cluster_encryption_in_transit` Block for details.\n", "willReplaceOnChanges": true }, "kafkaconnectVersion": { "type": "string", "description": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.\n", "willReplaceOnChanges": true }, "logDelivery": { "$ref": "#/types/aws:mskconnect/ConnectorLogDelivery:ConnectorLogDelivery", "description": "Details about log delivery. See `log_delivery` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the connector.\n", "willReplaceOnChanges": true }, "plugins": { "type": "array", "items": { "$ref": "#/types/aws:mskconnect/ConnectorPlugin:ConnectorPlugin" }, "description": "Specifies which plugins to use for the connector. See `plugin` Block for details.\n", "willReplaceOnChanges": true }, "serviceExecutionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access the Amazon Web Services resources that it needs. The types of resources depends on the logic of the connector. For example, a connector that has Amazon S3 as a destination must have permissions that allow it to write to the S3 destination bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The current version of the connector.\n" }, "workerConfiguration": { "$ref": "#/types/aws:mskconnect/ConnectorWorkerConfiguration:ConnectorWorkerConfiguration", "description": "Specifies which worker configuration to use with the connector. See `worker_configuration` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:mskconnect/customPlugin:CustomPlugin": { "description": "Provides an Amazon MSK Connect Custom Plugin Resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: example.id,\n key: \"debezium.zip\",\n source: new pulumi.asset.FileAsset(\"debezium.zip\"),\n});\nconst exampleCustomPlugin = new aws.mskconnect.CustomPlugin(\"example\", {\n name: \"debezium-example\",\n contentType: \"ZIP\",\n location: {\n s3: {\n bucketArn: example.arn,\n fileKey: exampleBucketObjectv2.key,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example.id,\n key=\"debezium.zip\",\n source=pulumi.FileAsset(\"debezium.zip\"))\nexample_custom_plugin = aws.mskconnect.CustomPlugin(\"example\",\n name=\"debezium-example\",\n content_type=\"ZIP\",\n location={\n \"s3\": {\n \"bucket_arn\": example.arn,\n \"file_key\": example_bucket_objectv2.key,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = example.Id,\n Key = \"debezium.zip\",\n Source = new FileAsset(\"debezium.zip\"),\n });\n\n var exampleCustomPlugin = new Aws.MskConnect.CustomPlugin(\"example\", new()\n {\n Name = \"debezium-example\",\n ContentType = \"ZIP\",\n Location = new Aws.MskConnect.Inputs.CustomPluginLocationArgs\n {\n S3 = new Aws.MskConnect.Inputs.CustomPluginLocationS3Args\n {\n BucketArn = example.Arn,\n FileKey = exampleBucketObjectv2.Key,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"debezium.zip\"),\n\t\t\tSource: pulumi.NewFileAsset(\"debezium.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mskconnect.NewCustomPlugin(ctx, \"example\", \u0026mskconnect.CustomPluginArgs{\n\t\t\tName: pulumi.String(\"debezium-example\"),\n\t\t\tContentType: pulumi.String(\"ZIP\"),\n\t\t\tLocation: \u0026mskconnect.CustomPluginLocationArgs{\n\t\t\t\tS3: \u0026mskconnect.CustomPluginLocationS3Args{\n\t\t\t\t\tBucketArn: example.Arn,\n\t\t\t\t\tFileKey: exampleBucketObjectv2.Key,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.mskconnect.CustomPlugin;\nimport com.pulumi.aws.mskconnect.CustomPluginArgs;\nimport com.pulumi.aws.mskconnect.inputs.CustomPluginLocationArgs;\nimport com.pulumi.aws.mskconnect.inputs.CustomPluginLocationS3Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(example.id())\n .key(\"debezium.zip\")\n .source(new FileAsset(\"debezium.zip\"))\n .build());\n\n var exampleCustomPlugin = new CustomPlugin(\"exampleCustomPlugin\", CustomPluginArgs.builder()\n .name(\"debezium-example\")\n .contentType(\"ZIP\")\n .location(CustomPluginLocationArgs.builder()\n .s3(CustomPluginLocationS3Args.builder()\n .bucketArn(example.arn())\n .fileKey(exampleBucketObjectv2.key())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${example.id}\n key: debezium.zip\n source:\n fn::FileAsset: debezium.zip\n exampleCustomPlugin:\n type: aws:mskconnect:CustomPlugin\n name: example\n properties:\n name: debezium-example\n contentType: ZIP\n location:\n s3:\n bucketArn: ${example.arn}\n fileKey: ${exampleBucketObjectv2.key}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK Connect Custom Plugin using the plugin's `arn`. For example:\n\n```sh\n$ pulumi import aws:mskconnect/customPlugin:CustomPlugin example 'arn:aws:kafkaconnect:eu-central-1:123456789012:custom-plugin/debezium-example/abcdefgh-1234-5678-9abc-defghijklmno-4'\n```\n", "properties": { "arn": { "type": "string", "description": "the Amazon Resource Name (ARN) of the custom plugin.\n" }, "contentType": { "type": "string", "description": "The type of the plugin file. Allowed values are `ZIP` and `JAR`.\n" }, "description": { "type": "string", "description": "A summary description of the custom plugin.\n" }, "latestRevision": { "type": "integer", "description": "an ID of the latest successfully created revision of the custom plugin.\n" }, "location": { "$ref": "#/types/aws:mskconnect/CustomPluginLocation:CustomPluginLocation", "description": "Information about the location of a custom plugin. See `location` Block for details.\n" }, "name": { "type": "string", "description": "The name of the custom plugin..\n" }, "state": { "type": "string", "description": "the state of the custom plugin.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are optional:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "contentType", "latestRevision", "location", "name", "state", "tagsAll" ], "inputProperties": { "contentType": { "type": "string", "description": "The type of the plugin file. Allowed values are `ZIP` and `JAR`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A summary description of the custom plugin.\n", "willReplaceOnChanges": true }, "location": { "$ref": "#/types/aws:mskconnect/CustomPluginLocation:CustomPluginLocation", "description": "Information about the location of a custom plugin. See `location` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the custom plugin..\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "contentType", "location" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomPlugin resources.\n", "properties": { "arn": { "type": "string", "description": "the Amazon Resource Name (ARN) of the custom plugin.\n" }, "contentType": { "type": "string", "description": "The type of the plugin file. Allowed values are `ZIP` and `JAR`.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A summary description of the custom plugin.\n", "willReplaceOnChanges": true }, "latestRevision": { "type": "integer", "description": "an ID of the latest successfully created revision of the custom plugin.\n" }, "location": { "$ref": "#/types/aws:mskconnect/CustomPluginLocation:CustomPluginLocation", "description": "Information about the location of a custom plugin. See `location` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the custom plugin..\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "the state of the custom plugin.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are optional:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:mskconnect/workerConfiguration:WorkerConfiguration": { "description": "Provides an Amazon MSK Connect Worker Configuration Resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mskconnect.WorkerConfiguration(\"example\", {\n name: \"example\",\n propertiesFileContent: `key.converter=org.apache.kafka.connect.storage.StringConverter\nvalue.converter=org.apache.kafka.connect.storage.StringConverter\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mskconnect.WorkerConfiguration(\"example\",\n name=\"example\",\n properties_file_content=\"\"\"key.converter=org.apache.kafka.connect.storage.StringConverter\nvalue.converter=org.apache.kafka.connect.storage.StringConverter\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.MskConnect.WorkerConfiguration(\"example\", new()\n {\n Name = \"example\",\n PropertiesFileContent = @\"key.converter=org.apache.kafka.connect.storage.StringConverter\nvalue.converter=org.apache.kafka.connect.storage.StringConverter\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mskconnect.NewWorkerConfiguration(ctx, \"example\", \u0026mskconnect.WorkerConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPropertiesFileContent: pulumi.String(\"key.converter=org.apache.kafka.connect.storage.StringConverter\\nvalue.converter=org.apache.kafka.connect.storage.StringConverter\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mskconnect.WorkerConfiguration;\nimport com.pulumi.aws.mskconnect.WorkerConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WorkerConfiguration(\"example\", WorkerConfigurationArgs.builder()\n .name(\"example\")\n .propertiesFileContent(\"\"\"\nkey.converter=org.apache.kafka.connect.storage.StringConverter\nvalue.converter=org.apache.kafka.connect.storage.StringConverter\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:mskconnect:WorkerConfiguration\n properties:\n name: example\n propertiesFileContent: |\n key.converter=org.apache.kafka.connect.storage.StringConverter\n value.converter=org.apache.kafka.connect.storage.StringConverter\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK Connect Worker Configuration using the plugin's `arn`. For example:\n\n```sh\n$ pulumi import aws:mskconnect/workerConfiguration:WorkerConfiguration example 'arn:aws:kafkaconnect:eu-central-1:123456789012:worker-configuration/example/8848493b-7fcc-478c-a646-4a52634e3378-4'\n```\n", "properties": { "arn": { "type": "string", "description": "the Amazon Resource Name (ARN) of the worker configuration.\n" }, "description": { "type": "string", "description": "A summary description of the worker configuration.\n" }, "latestRevision": { "type": "integer", "description": "an ID of the latest successfully created revision of the worker configuration.\n" }, "name": { "type": "string", "description": "The name of the worker configuration.\n" }, "propertiesFileContent": { "type": "string", "description": "Contents of connect-distributed.properties file. The value can be either base64 encoded or in raw format.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "latestRevision", "name", "propertiesFileContent", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A summary description of the worker configuration.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the worker configuration.\n", "willReplaceOnChanges": true }, "propertiesFileContent": { "type": "string", "description": "Contents of connect-distributed.properties file. The value can be either base64 encoded or in raw format.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "propertiesFileContent" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkerConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "the Amazon Resource Name (ARN) of the worker configuration.\n" }, "description": { "type": "string", "description": "A summary description of the worker configuration.\n", "willReplaceOnChanges": true }, "latestRevision": { "type": "integer", "description": "an ID of the latest successfully created revision of the worker configuration.\n" }, "name": { "type": "string", "description": "The name of the worker configuration.\n", "willReplaceOnChanges": true }, "propertiesFileContent": { "type": "string", "description": "Contents of connect-distributed.properties file. The value can be either base64 encoded or in raw format.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:mwaa/environment:Environment": { "description": "Creates a MWAA Environment resource.\n\n## Example Usage\n\nA MWAA Environment requires an IAM role (`aws.iam.Role`), two subnets in the private zone (`aws.ec2.Subnet`) and a versioned S3 bucket (`aws.s3.BucketV2`).\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mwaa.Environment(\"example\", {\n dagS3Path: \"dags/\",\n executionRoleArn: exampleAwsIamRole.arn,\n name: \"example\",\n networkConfiguration: {\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: _private.map(__item =\u003e __item.id),\n },\n sourceBucketArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mwaa.Environment(\"example\",\n dag_s3_path=\"dags/\",\n execution_role_arn=example_aws_iam_role[\"arn\"],\n name=\"example\",\n network_configuration={\n \"security_group_ids\": [example_aws_security_group[\"id\"]],\n \"subnet_ids\": [__item[\"id\"] for __item in private],\n },\n source_bucket_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mwaa.Environment(\"example\", new()\n {\n DagS3Path = \"dags/\",\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n Name = \"example\",\n NetworkConfiguration = new Aws.Mwaa.Inputs.EnvironmentNetworkConfigurationArgs\n {\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = @private.Select(__item =\u003e __item.Id).ToList(),\n },\n SourceBucketArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mwaa\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := mwaa.NewEnvironment(ctx, \"example\", \u0026mwaa.EnvironmentArgs{\nDagS3Path: pulumi.String(\"dags/\"),\nExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nName: pulumi.String(\"example\"),\nNetworkConfiguration: \u0026mwaa.EnvironmentNetworkConfigurationArgs{\nSecurityGroupIds: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:6,24-37)),\n},\nSourceBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mwaa.Environment;\nimport com.pulumi.aws.mwaa.EnvironmentArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .dagS3Path(\"dags/\")\n .executionRoleArn(exampleAwsIamRole.arn())\n .name(\"example\")\n .networkConfiguration(EnvironmentNetworkConfigurationArgs.builder()\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(private_.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .sourceBucketArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with Airflow configuration options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mwaa.Environment(\"example\", {\n airflowConfigurationOptions: {\n \"core.default_task_retries\": \"16\",\n \"core.parallelism\": \"1\",\n },\n dagS3Path: \"dags/\",\n executionRoleArn: exampleAwsIamRole.arn,\n name: \"example\",\n networkConfiguration: {\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: _private.map(__item =\u003e __item.id),\n },\n sourceBucketArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mwaa.Environment(\"example\",\n airflow_configuration_options={\n \"core.default_task_retries\": \"16\",\n \"core.parallelism\": \"1\",\n },\n dag_s3_path=\"dags/\",\n execution_role_arn=example_aws_iam_role[\"arn\"],\n name=\"example\",\n network_configuration={\n \"security_group_ids\": [example_aws_security_group[\"id\"]],\n \"subnet_ids\": [__item[\"id\"] for __item in private],\n },\n source_bucket_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mwaa.Environment(\"example\", new()\n {\n AirflowConfigurationOptions = \n {\n { \"core.default_task_retries\", \"16\" },\n { \"core.parallelism\", \"1\" },\n },\n DagS3Path = \"dags/\",\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n Name = \"example\",\n NetworkConfiguration = new Aws.Mwaa.Inputs.EnvironmentNetworkConfigurationArgs\n {\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = @private.Select(__item =\u003e __item.Id).ToList(),\n },\n SourceBucketArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mwaa\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := mwaa.NewEnvironment(ctx, \"example\", \u0026mwaa.EnvironmentArgs{\nAirflowConfigurationOptions: pulumi.StringMap{\n\"core.default_task_retries\": pulumi.String(\"16\"),\n\"core.parallelism\": pulumi.String(\"1\"),\n},\nDagS3Path: pulumi.String(\"dags/\"),\nExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nName: pulumi.String(\"example\"),\nNetworkConfiguration: \u0026mwaa.EnvironmentNetworkConfigurationArgs{\nSecurityGroupIds: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:10,24-37)),\n},\nSourceBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mwaa.Environment;\nimport com.pulumi.aws.mwaa.EnvironmentArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .airflowConfigurationOptions(Map.ofEntries(\n Map.entry(\"core.default_task_retries\", 16),\n Map.entry(\"core.parallelism\", 1)\n ))\n .dagS3Path(\"dags/\")\n .executionRoleArn(exampleAwsIamRole.arn())\n .name(\"example\")\n .networkConfiguration(EnvironmentNetworkConfigurationArgs.builder()\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(private_.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .sourceBucketArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with logging configurations\n\nNote that Airflow task logs are enabled by default with the `INFO` log level.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mwaa.Environment(\"example\", {\n dagS3Path: \"dags/\",\n executionRoleArn: exampleAwsIamRole.arn,\n loggingConfiguration: {\n dagProcessingLogs: {\n enabled: true,\n logLevel: \"DEBUG\",\n },\n schedulerLogs: {\n enabled: true,\n logLevel: \"INFO\",\n },\n taskLogs: {\n enabled: true,\n logLevel: \"WARNING\",\n },\n webserverLogs: {\n enabled: true,\n logLevel: \"ERROR\",\n },\n workerLogs: {\n enabled: true,\n logLevel: \"CRITICAL\",\n },\n },\n name: \"example\",\n networkConfiguration: {\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: _private.map(__item =\u003e __item.id),\n },\n sourceBucketArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mwaa.Environment(\"example\",\n dag_s3_path=\"dags/\",\n execution_role_arn=example_aws_iam_role[\"arn\"],\n logging_configuration={\n \"dag_processing_logs\": {\n \"enabled\": True,\n \"log_level\": \"DEBUG\",\n },\n \"scheduler_logs\": {\n \"enabled\": True,\n \"log_level\": \"INFO\",\n },\n \"task_logs\": {\n \"enabled\": True,\n \"log_level\": \"WARNING\",\n },\n \"webserver_logs\": {\n \"enabled\": True,\n \"log_level\": \"ERROR\",\n },\n \"worker_logs\": {\n \"enabled\": True,\n \"log_level\": \"CRITICAL\",\n },\n },\n name=\"example\",\n network_configuration={\n \"security_group_ids\": [example_aws_security_group[\"id\"]],\n \"subnet_ids\": [__item[\"id\"] for __item in private],\n },\n source_bucket_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mwaa.Environment(\"example\", new()\n {\n DagS3Path = \"dags/\",\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n LoggingConfiguration = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationArgs\n {\n DagProcessingLogs = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationDagProcessingLogsArgs\n {\n Enabled = true,\n LogLevel = \"DEBUG\",\n },\n SchedulerLogs = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationSchedulerLogsArgs\n {\n Enabled = true,\n LogLevel = \"INFO\",\n },\n TaskLogs = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationTaskLogsArgs\n {\n Enabled = true,\n LogLevel = \"WARNING\",\n },\n WebserverLogs = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationWebserverLogsArgs\n {\n Enabled = true,\n LogLevel = \"ERROR\",\n },\n WorkerLogs = new Aws.Mwaa.Inputs.EnvironmentLoggingConfigurationWorkerLogsArgs\n {\n Enabled = true,\n LogLevel = \"CRITICAL\",\n },\n },\n Name = \"example\",\n NetworkConfiguration = new Aws.Mwaa.Inputs.EnvironmentNetworkConfigurationArgs\n {\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = @private.Select(__item =\u003e __item.Id).ToList(),\n },\n SourceBucketArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mwaa\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := mwaa.NewEnvironment(ctx, \"example\", \u0026mwaa.EnvironmentArgs{\nDagS3Path: pulumi.String(\"dags/\"),\nExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nLoggingConfiguration: \u0026mwaa.EnvironmentLoggingConfigurationArgs{\nDagProcessingLogs: \u0026mwaa.EnvironmentLoggingConfigurationDagProcessingLogsArgs{\nEnabled: pulumi.Bool(true),\nLogLevel: pulumi.String(\"DEBUG\"),\n},\nSchedulerLogs: \u0026mwaa.EnvironmentLoggingConfigurationSchedulerLogsArgs{\nEnabled: pulumi.Bool(true),\nLogLevel: pulumi.String(\"INFO\"),\n},\nTaskLogs: \u0026mwaa.EnvironmentLoggingConfigurationTaskLogsArgs{\nEnabled: pulumi.Bool(true),\nLogLevel: pulumi.String(\"WARNING\"),\n},\nWebserverLogs: \u0026mwaa.EnvironmentLoggingConfigurationWebserverLogsArgs{\nEnabled: pulumi.Bool(true),\nLogLevel: pulumi.String(\"ERROR\"),\n},\nWorkerLogs: \u0026mwaa.EnvironmentLoggingConfigurationWorkerLogsArgs{\nEnabled: pulumi.Bool(true),\nLogLevel: pulumi.String(\"CRITICAL\"),\n},\n},\nName: pulumi.String(\"example\"),\nNetworkConfiguration: \u0026mwaa.EnvironmentNetworkConfigurationArgs{\nSecurityGroupIds: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:28,24-37)),\n},\nSourceBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mwaa.Environment;\nimport com.pulumi.aws.mwaa.EnvironmentArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationDagProcessingLogsArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationSchedulerLogsArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationTaskLogsArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationWebserverLogsArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentLoggingConfigurationWorkerLogsArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .dagS3Path(\"dags/\")\n .executionRoleArn(exampleAwsIamRole.arn())\n .loggingConfiguration(EnvironmentLoggingConfigurationArgs.builder()\n .dagProcessingLogs(EnvironmentLoggingConfigurationDagProcessingLogsArgs.builder()\n .enabled(true)\n .logLevel(\"DEBUG\")\n .build())\n .schedulerLogs(EnvironmentLoggingConfigurationSchedulerLogsArgs.builder()\n .enabled(true)\n .logLevel(\"INFO\")\n .build())\n .taskLogs(EnvironmentLoggingConfigurationTaskLogsArgs.builder()\n .enabled(true)\n .logLevel(\"WARNING\")\n .build())\n .webserverLogs(EnvironmentLoggingConfigurationWebserverLogsArgs.builder()\n .enabled(true)\n .logLevel(\"ERROR\")\n .build())\n .workerLogs(EnvironmentLoggingConfigurationWorkerLogsArgs.builder()\n .enabled(true)\n .logLevel(\"CRITICAL\")\n .build())\n .build())\n .name(\"example\")\n .networkConfiguration(EnvironmentNetworkConfigurationArgs.builder()\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(private_.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .sourceBucketArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.mwaa.Environment(\"example\", {\n dagS3Path: \"dags/\",\n executionRoleArn: exampleAwsIamRole.arn,\n name: \"example\",\n networkConfiguration: {\n securityGroupIds: [exampleAwsSecurityGroup.id],\n subnetIds: _private.map(__item =\u003e __item.id),\n },\n sourceBucketArn: exampleAwsS3Bucket.arn,\n tags: {\n Name: \"example\",\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mwaa.Environment(\"example\",\n dag_s3_path=\"dags/\",\n execution_role_arn=example_aws_iam_role[\"arn\"],\n name=\"example\",\n network_configuration={\n \"security_group_ids\": [example_aws_security_group[\"id\"]],\n \"subnet_ids\": [__item[\"id\"] for __item in private],\n },\n source_bucket_arn=example_aws_s3_bucket[\"arn\"],\n tags={\n \"Name\": \"example\",\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Mwaa.Environment(\"example\", new()\n {\n DagS3Path = \"dags/\",\n ExecutionRoleArn = exampleAwsIamRole.Arn,\n Name = \"example\",\n NetworkConfiguration = new Aws.Mwaa.Inputs.EnvironmentNetworkConfigurationArgs\n {\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n SubnetIds = @private.Select(__item =\u003e __item.Id).ToList(),\n },\n SourceBucketArn = exampleAwsS3Bucket.Arn,\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mwaa\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := mwaa.NewEnvironment(ctx, \"example\", \u0026mwaa.EnvironmentArgs{\nDagS3Path: pulumi.String(\"dags/\"),\nExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nName: pulumi.String(\"example\"),\nNetworkConfiguration: \u0026mwaa.EnvironmentNetworkConfigurationArgs{\nSecurityGroupIds: pulumi.StringArray{\nexampleAwsSecurityGroup.Id,\n},\nSubnetIds: []pulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:6,24-37)),\n},\nSourceBucketArn: pulumi.Any(exampleAwsS3Bucket.Arn),\nTags: pulumi.StringMap{\n\"Name\": pulumi.String(\"example\"),\n\"Environment\": pulumi.String(\"production\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mwaa.Environment;\nimport com.pulumi.aws.mwaa.EnvironmentArgs;\nimport com.pulumi.aws.mwaa.inputs.EnvironmentNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .dagS3Path(\"dags/\")\n .executionRoleArn(exampleAwsIamRole.arn())\n .name(\"example\")\n .networkConfiguration(EnvironmentNetworkConfigurationArgs.builder()\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .subnetIds(private_.stream().map(element -\u003e element.id()).collect(toList()))\n .build())\n .sourceBucketArn(exampleAwsS3Bucket.arn())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Environment\", \"production\")\n ))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MWAA Environment using `Name`. For example:\n\n```sh\n$ pulumi import aws:mwaa/environment:Environment example MyAirflowEnvironment\n```\n", "properties": { "airflowConfigurationOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The `airflow_configuration_options` parameter specifies airflow override options. Check the [Official documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html#configuring-env-variables-reference) for all possible configuration options.\n", "secret": true }, "airflowVersion": { "type": "string", "description": "Airflow version of your environment, will be set by default to the latest version that MWAA supports.\n" }, "arn": { "type": "string", "description": "The ARN of the MWAA Environment\n" }, "createdAt": { "type": "string", "description": "The Created At date of the MWAA Environment\n" }, "dagS3Path": { "type": "string", "description": "The relative path to the DAG folder on your Amazon S3 storage bucket. For example, dags. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "databaseVpcEndpointService": { "type": "string", "description": "The VPC endpoint for the environment's Amazon RDS database\n* `logging_configuration[0].\u003cLOG_CONFIGURATION_TYPE\u003e[0].cloud_watch_log_group_arn` - Provides the ARN for the CloudWatch group where the logs will be published\n" }, "endpointManagement": { "type": "string", "description": "Defines whether the VPC endpoints configured for the environment are created and managed by the customer or by AWS. If set to `SERVICE`, Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER`, you must create, and manage, the VPC endpoints for your VPC. Defaults to `SERVICE` if not set.\n" }, "environmentClass": { "type": "string", "description": "Environment class for the cluster. Possible options are `mw1.small`, `mw1.medium`, `mw1.large`. Will be set by default to `mw1.small`. Please check the [AWS Pricing](https://aws.amazon.com/de/managed-workflows-for-apache-airflow/pricing/) for more information about the environment classes.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon MWAA and its environment can assume. Check the [official AWS documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) for the detailed role specification.\n" }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of your KMS key that you want to use for encryption. Will be set to the ARN of the managed KMS key `aws/airflow` by default. Please check the [Official Documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/custom-keys-certs.html) for more information.\n" }, "lastUpdateds": { "type": "array", "items": { "$ref": "#/types/aws:mwaa/EnvironmentLastUpdated:EnvironmentLastUpdated" } }, "loggingConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfiguration:EnvironmentLoggingConfiguration", "description": "The Apache Airflow logs you want to send to Amazon CloudWatch Logs. See `logging_configuration` Block for details.\n" }, "maxWebservers": { "type": "integer", "description": "The maximum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "maxWorkers": { "type": "integer", "description": "The maximum number of workers that can be automatically scaled up. Value need to be between `1` and `25`. Will be `10` by default.\n" }, "minWebservers": { "type": "integer", "description": "The minimum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "minWorkers": { "type": "integer", "description": "The minimum number of workers that you want to run in your environment. Will be `1` by default.\n" }, "name": { "type": "string", "description": "The name of the Apache Airflow Environment\n" }, "networkConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentNetworkConfiguration:EnvironmentNetworkConfiguration", "description": "Specifies the network configuration for your Apache Airflow Environment. This includes two private subnets as well as security groups for the Airflow environment. Each subnet requires internet connection, otherwise the deployment will fail. See `network_configuration` Block for details.\n" }, "pluginsS3ObjectVersion": { "type": "string", "description": "The plugins.zip file version you want to use.\n" }, "pluginsS3Path": { "type": "string", "description": "The relative path to the plugins.zip file on your Amazon S3 storage bucket. For example, plugins.zip. If a relative path is provided in the request, then plugins_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "requirementsS3ObjectVersion": { "type": "string", "description": "The requirements.txt file version you want to use.\n" }, "requirementsS3Path": { "type": "string", "description": "The relative path to the requirements.txt file on your Amazon S3 storage bucket. For example, requirements.txt. If a relative path is provided in the request, then requirements_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "schedulers": { "type": "integer", "description": "The number of schedulers that you want to run in your environment. v2.0.2 and above accepts `2` - `5`, default `2`. v1.10.12 accepts `1`.\n" }, "serviceRoleArn": { "type": "string", "description": "The Service Role ARN of the Amazon MWAA Environment\n" }, "sourceBucketArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your Amazon S3 storage bucket. For example, arn:aws:s3:::airflow-mybucketname.\n" }, "startupScriptS3ObjectVersion": { "type": "string", "description": "The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script.\n" }, "startupScriptS3Path": { "type": "string", "description": "The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process. Use this script to install dependencies, modify configuration options, and set environment variables. See [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html). Supported for environment versions 2.x and later.\n" }, "status": { "type": "string", "description": "The status of the Amazon MWAA Environment\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "webserverAccessMode": { "type": "string", "description": "Specifies whether the webserver should be accessible over the internet or via your specified VPC. Possible options: `PRIVATE_ONLY` (default) and `PUBLIC_ONLY`.\n" }, "webserverUrl": { "type": "string", "description": "The webserver URL of the MWAA Environment\n" }, "webserverVpcEndpointService": { "type": "string", "description": "The VPC endpoint for the environment's web server\n" }, "weeklyMaintenanceWindowStart": { "type": "string", "description": "Specifies the start date for the weekly maintenance window.\n" } }, "required": [ "airflowVersion", "arn", "createdAt", "dagS3Path", "databaseVpcEndpointService", "endpointManagement", "environmentClass", "executionRoleArn", "lastUpdateds", "loggingConfiguration", "maxWebservers", "maxWorkers", "minWebservers", "minWorkers", "name", "networkConfiguration", "pluginsS3ObjectVersion", "requirementsS3ObjectVersion", "schedulers", "serviceRoleArn", "sourceBucketArn", "startupScriptS3ObjectVersion", "status", "tagsAll", "webserverAccessMode", "webserverUrl", "webserverVpcEndpointService", "weeklyMaintenanceWindowStart" ], "inputProperties": { "airflowConfigurationOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The `airflow_configuration_options` parameter specifies airflow override options. Check the [Official documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html#configuring-env-variables-reference) for all possible configuration options.\n", "secret": true }, "airflowVersion": { "type": "string", "description": "Airflow version of your environment, will be set by default to the latest version that MWAA supports.\n" }, "dagS3Path": { "type": "string", "description": "The relative path to the DAG folder on your Amazon S3 storage bucket. For example, dags. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "endpointManagement": { "type": "string", "description": "Defines whether the VPC endpoints configured for the environment are created and managed by the customer or by AWS. If set to `SERVICE`, Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER`, you must create, and manage, the VPC endpoints for your VPC. Defaults to `SERVICE` if not set.\n", "willReplaceOnChanges": true }, "environmentClass": { "type": "string", "description": "Environment class for the cluster. Possible options are `mw1.small`, `mw1.medium`, `mw1.large`. Will be set by default to `mw1.small`. Please check the [AWS Pricing](https://aws.amazon.com/de/managed-workflows-for-apache-airflow/pricing/) for more information about the environment classes.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon MWAA and its environment can assume. Check the [official AWS documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) for the detailed role specification.\n" }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of your KMS key that you want to use for encryption. Will be set to the ARN of the managed KMS key `aws/airflow` by default. Please check the [Official Documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/custom-keys-certs.html) for more information.\n", "willReplaceOnChanges": true }, "loggingConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfiguration:EnvironmentLoggingConfiguration", "description": "The Apache Airflow logs you want to send to Amazon CloudWatch Logs. See `logging_configuration` Block for details.\n" }, "maxWebservers": { "type": "integer", "description": "The maximum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "maxWorkers": { "type": "integer", "description": "The maximum number of workers that can be automatically scaled up. Value need to be between `1` and `25`. Will be `10` by default.\n" }, "minWebservers": { "type": "integer", "description": "The minimum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "minWorkers": { "type": "integer", "description": "The minimum number of workers that you want to run in your environment. Will be `1` by default.\n" }, "name": { "type": "string", "description": "The name of the Apache Airflow Environment\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentNetworkConfiguration:EnvironmentNetworkConfiguration", "description": "Specifies the network configuration for your Apache Airflow Environment. This includes two private subnets as well as security groups for the Airflow environment. Each subnet requires internet connection, otherwise the deployment will fail. See `network_configuration` Block for details.\n" }, "pluginsS3ObjectVersion": { "type": "string", "description": "The plugins.zip file version you want to use.\n" }, "pluginsS3Path": { "type": "string", "description": "The relative path to the plugins.zip file on your Amazon S3 storage bucket. For example, plugins.zip. If a relative path is provided in the request, then plugins_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "requirementsS3ObjectVersion": { "type": "string", "description": "The requirements.txt file version you want to use.\n" }, "requirementsS3Path": { "type": "string", "description": "The relative path to the requirements.txt file on your Amazon S3 storage bucket. For example, requirements.txt. If a relative path is provided in the request, then requirements_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "schedulers": { "type": "integer", "description": "The number of schedulers that you want to run in your environment. v2.0.2 and above accepts `2` - `5`, default `2`. v1.10.12 accepts `1`.\n" }, "sourceBucketArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your Amazon S3 storage bucket. For example, arn:aws:s3:::airflow-mybucketname.\n" }, "startupScriptS3ObjectVersion": { "type": "string", "description": "The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script.\n" }, "startupScriptS3Path": { "type": "string", "description": "The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process. Use this script to install dependencies, modify configuration options, and set environment variables. See [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html). Supported for environment versions 2.x and later.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "webserverAccessMode": { "type": "string", "description": "Specifies whether the webserver should be accessible over the internet or via your specified VPC. Possible options: `PRIVATE_ONLY` (default) and `PUBLIC_ONLY`.\n" }, "weeklyMaintenanceWindowStart": { "type": "string", "description": "Specifies the start date for the weekly maintenance window.\n" } }, "requiredInputs": [ "dagS3Path", "executionRoleArn", "networkConfiguration", "sourceBucketArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Environment resources.\n", "properties": { "airflowConfigurationOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The `airflow_configuration_options` parameter specifies airflow override options. Check the [Official documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html#configuring-env-variables-reference) for all possible configuration options.\n", "secret": true }, "airflowVersion": { "type": "string", "description": "Airflow version of your environment, will be set by default to the latest version that MWAA supports.\n" }, "arn": { "type": "string", "description": "The ARN of the MWAA Environment\n" }, "createdAt": { "type": "string", "description": "The Created At date of the MWAA Environment\n" }, "dagS3Path": { "type": "string", "description": "The relative path to the DAG folder on your Amazon S3 storage bucket. For example, dags. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "databaseVpcEndpointService": { "type": "string", "description": "The VPC endpoint for the environment's Amazon RDS database\n* `logging_configuration[0].\u003cLOG_CONFIGURATION_TYPE\u003e[0].cloud_watch_log_group_arn` - Provides the ARN for the CloudWatch group where the logs will be published\n" }, "endpointManagement": { "type": "string", "description": "Defines whether the VPC endpoints configured for the environment are created and managed by the customer or by AWS. If set to `SERVICE`, Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER`, you must create, and manage, the VPC endpoints for your VPC. Defaults to `SERVICE` if not set.\n", "willReplaceOnChanges": true }, "environmentClass": { "type": "string", "description": "Environment class for the cluster. Possible options are `mw1.small`, `mw1.medium`, `mw1.large`. Will be set by default to `mw1.small`. Please check the [AWS Pricing](https://aws.amazon.com/de/managed-workflows-for-apache-airflow/pricing/) for more information about the environment classes.\n" }, "executionRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the task execution role that the Amazon MWAA and its environment can assume. Check the [official AWS documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) for the detailed role specification.\n" }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of your KMS key that you want to use for encryption. Will be set to the ARN of the managed KMS key `aws/airflow` by default. Please check the [Official Documentation](https://docs.aws.amazon.com/mwaa/latest/userguide/custom-keys-certs.html) for more information.\n", "willReplaceOnChanges": true }, "lastUpdateds": { "type": "array", "items": { "$ref": "#/types/aws:mwaa/EnvironmentLastUpdated:EnvironmentLastUpdated" } }, "loggingConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentLoggingConfiguration:EnvironmentLoggingConfiguration", "description": "The Apache Airflow logs you want to send to Amazon CloudWatch Logs. See `logging_configuration` Block for details.\n" }, "maxWebservers": { "type": "integer", "description": "The maximum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "maxWorkers": { "type": "integer", "description": "The maximum number of workers that can be automatically scaled up. Value need to be between `1` and `25`. Will be `10` by default.\n" }, "minWebservers": { "type": "integer", "description": "The minimum number of web servers that you want to run in your environment. Value need to be between `2` and `5`. Will be `2` by default.\n" }, "minWorkers": { "type": "integer", "description": "The minimum number of workers that you want to run in your environment. Will be `1` by default.\n" }, "name": { "type": "string", "description": "The name of the Apache Airflow Environment\n", "willReplaceOnChanges": true }, "networkConfiguration": { "$ref": "#/types/aws:mwaa/EnvironmentNetworkConfiguration:EnvironmentNetworkConfiguration", "description": "Specifies the network configuration for your Apache Airflow Environment. This includes two private subnets as well as security groups for the Airflow environment. Each subnet requires internet connection, otherwise the deployment will fail. See `network_configuration` Block for details.\n" }, "pluginsS3ObjectVersion": { "type": "string", "description": "The plugins.zip file version you want to use.\n" }, "pluginsS3Path": { "type": "string", "description": "The relative path to the plugins.zip file on your Amazon S3 storage bucket. For example, plugins.zip. If a relative path is provided in the request, then plugins_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "requirementsS3ObjectVersion": { "type": "string", "description": "The requirements.txt file version you want to use.\n" }, "requirementsS3Path": { "type": "string", "description": "The relative path to the requirements.txt file on your Amazon S3 storage bucket. For example, requirements.txt. If a relative path is provided in the request, then requirements_s3_object_version is required. For more information, see [Importing DAGs on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import.html).\n" }, "schedulers": { "type": "integer", "description": "The number of schedulers that you want to run in your environment. v2.0.2 and above accepts `2` - `5`, default `2`. v1.10.12 accepts `1`.\n" }, "serviceRoleArn": { "type": "string", "description": "The Service Role ARN of the Amazon MWAA Environment\n" }, "sourceBucketArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of your Amazon S3 storage bucket. For example, arn:aws:s3:::airflow-mybucketname.\n" }, "startupScriptS3ObjectVersion": { "type": "string", "description": "The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script.\n" }, "startupScriptS3Path": { "type": "string", "description": "The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process. Use this script to install dependencies, modify configuration options, and set environment variables. See [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html). Supported for environment versions 2.x and later.\n" }, "status": { "type": "string", "description": "The status of the Amazon MWAA Environment\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "webserverAccessMode": { "type": "string", "description": "Specifies whether the webserver should be accessible over the internet or via your specified VPC. Possible options: `PRIVATE_ONLY` (default) and `PUBLIC_ONLY`.\n" }, "webserverUrl": { "type": "string", "description": "The webserver URL of the MWAA Environment\n" }, "webserverVpcEndpointService": { "type": "string", "description": "The VPC endpoint for the environment's web server\n" }, "weeklyMaintenanceWindowStart": { "type": "string", "description": "Specifies the start date for the weekly maintenance window.\n" } }, "type": "object" } }, "aws:neptune/cluster:Cluster": { "description": "Provides an Neptune Cluster Resource. A Cluster Resource defines attributes that are\napplied to the entire cluster of Neptune Cluster Instances.\n\nChanges to a Neptune Cluster can occur when you manually change a\nparameter, such as `backup_retention_period`, and are reflected in the next maintenance\nwindow. Because of this, this provider may report a difference in its planning\nphase because a modification has not yet taken place. You can use the\n`apply_immediately` flag to instruct the service to apply the change immediately\n(see documentation below).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.neptune.Cluster(\"default\", {\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n iamDatabaseAuthenticationEnabled: true,\n applyImmediately: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.Cluster(\"default\",\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True,\n iam_database_authentication_enabled=True,\n apply_immediately=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Neptune.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n IamDatabaseAuthenticationEnabled = true,\n ApplyImmediately = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewCluster(ctx, \"default\", \u0026neptune.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"neptune-cluster-demo\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tIamDatabaseAuthenticationEnabled: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"neptune-cluster-demo\")\n .engine(\"neptune\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .skipFinalSnapshot(true)\n .iamDatabaseAuthenticationEnabled(true)\n .applyImmediately(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:neptune:Cluster\n properties:\n clusterIdentifier: neptune-cluster-demo\n engine: neptune\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n skipFinalSnapshot: true\n iamDatabaseAuthenticationEnabled: true\n applyImmediately: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** AWS Neptune does not support user name/password–based access control.\nSee the AWS [Docs](https://docs.aws.amazon.com/neptune/latest/userguide/limits.html) for more information.\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_cluster` using the cluster identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/cluster:Cluster example my-cluster\n```\n", "properties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "Specifies whether upgrades between different major versions are allowed. You must set it to `true` when providing an `engine_version` parameter that uses a different major version than the DB cluster's current version. Default is `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The Neptune Cluster Amazon Resource Name (ARN)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of Neptune Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The Neptune Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "If set to true, tags are copied to any snapshot of the DB cluster that is created.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit` and `slowquery`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the Neptune instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.neptune.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n" }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneInstanceParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to apply to all instances of the DB cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n" }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Neptune cluster, automatically load-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "serverlessV2ScalingConfiguration": { "$ref": "#/types/aws:neptune/ClusterServerlessV2ScalingConfiguration:ClusterServerlessV2ScalingConfiguration", "description": "If set, create the Neptune cluster as a serverless one. See Serverless for example block attributes.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n" }, "storageType": { "type": "string", "description": "Storage type associated with the cluster `standard/iopt1`. Default: `standard`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "required": [ "allowMajorVersionUpgrade", "applyImmediately", "arn", "availabilityZones", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "endpoint", "engineVersion", "hostedZoneId", "kmsKeyArn", "neptuneSubnetGroupName", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "storageType", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "Specifies whether upgrades between different major versions are allowed. You must set it to `true` when providing an `engine_version` parameter that uses a different major version than the DB cluster's current version. Default is `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "If set to true, tags are copied to any snapshot of the DB cluster that is created.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit` and `slowquery`.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.neptune.GlobalCluster`.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneInstanceParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to apply to all instances of the DB cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "serverlessV2ScalingConfiguration": { "$ref": "#/types/aws:neptune/ClusterServerlessV2ScalingConfiguration:ClusterServerlessV2ScalingConfiguration", "description": "If set, create the Neptune cluster as a serverless one. See Serverless for example block attributes.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "Storage type associated with the cluster `standard/iopt1`. Default: `standard`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "allowMajorVersionUpgrade": { "type": "boolean", "description": "Specifies whether upgrades between different major versions are allowed. You must set it to `true` when providing an `engine_version` parameter that uses a different major version than the DB cluster's current version. Default is `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "arn": { "type": "string", "description": "The Neptune Cluster Amazon Resource Name (ARN)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "A list of EC2 Availability Zones that instances in the Neptune cluster can be created in.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for. Default `1`\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of Neptune Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "The Neptune Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "If set to true, tags are copied to any snapshot of the DB cluster that is created.\n" }, "deletionProtection": { "type": "boolean", "description": "A value that indicates whether the DB cluster has deletion protection enabled.The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n" }, "enableCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "A list of the log types this DB cluster is configured to export to Cloudwatch Logs. Currently only supports `audit` and `slowquery`.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the Neptune instance\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for this Neptune cluster. Defaults to `neptune`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The database engine version.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final Neptune snapshot when this Neptune cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier specified on `aws.neptune.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "The Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A List of ARNs for the IAM roles to associate to the Neptune Cluster.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_arn`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "neptuneClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "neptuneInstanceParameterGroupName": { "type": "string", "description": "The name of the DB parameter group to apply to all instances of the DB cluster.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A Neptune subnet group to associate with this Neptune instance.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the Neptune accepts connections. Default is `8182`.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "A read-only endpoint for the Neptune cluster, automatically load-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source Neptune cluster or Neptune instance if this Neptune cluster is to be created as a Read Replica.\n" }, "serverlessV2ScalingConfiguration": { "$ref": "#/types/aws:neptune/ClusterServerlessV2ScalingConfiguration:ClusterServerlessV2ScalingConfiguration", "description": "If set, create the Neptune cluster as a serverless one. See Serverless for example block attributes.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final Neptune snapshot is created before the Neptune cluster is deleted. If true is specified, no Neptune snapshot is created. If false is specified, a Neptune snapshot is created before the Neptune cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a Neptune cluster snapshot, or the ARN when specifying a Neptune snapshot. Automated snapshots **should not** be used for this attribute, unless from a different cluster. Automated snapshots are deleted as part of cluster destruction when the resource is replaced.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the Neptune cluster is encrypted. The default is `false` if not specified.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "Storage type associated with the cluster `standard/iopt1`. Default: `standard`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "type": "object" } }, "aws:neptune/clusterEndpoint:ClusterEndpoint": { "description": "Provides an Neptune Cluster Endpoint Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ClusterEndpoint(\"example\", {\n clusterIdentifier: test.clusterIdentifier,\n clusterEndpointIdentifier: \"example\",\n endpointType: \"READER\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ClusterEndpoint(\"example\",\n cluster_identifier=test[\"clusterIdentifier\"],\n cluster_endpoint_identifier=\"example\",\n endpoint_type=\"READER\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.ClusterEndpoint(\"example\", new()\n {\n ClusterIdentifier = test.ClusterIdentifier,\n ClusterEndpointIdentifier = \"example\",\n EndpointType = \"READER\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewClusterEndpoint(ctx, \"example\", \u0026neptune.ClusterEndpointArgs{\n\t\t\tClusterIdentifier: pulumi.Any(test.ClusterIdentifier),\n\t\t\tClusterEndpointIdentifier: pulumi.String(\"example\"),\n\t\t\tEndpointType: pulumi.String(\"READER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.ClusterEndpoint;\nimport com.pulumi.aws.neptune.ClusterEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterEndpoint(\"example\", ClusterEndpointArgs.builder()\n .clusterIdentifier(test.clusterIdentifier())\n .clusterEndpointIdentifier(\"example\")\n .endpointType(\"READER\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:ClusterEndpoint\n properties:\n clusterIdentifier: ${test.clusterIdentifier}\n clusterEndpointIdentifier: example\n endpointType: READER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_cluster_endpoint` using the `cluster-identifier:endpoint-identfier`. For example:\n\n```sh\n$ pulumi import aws:neptune/clusterEndpoint:ClusterEndpoint example my-cluster:my-endpoint\n```\n", "properties": { "arn": { "type": "string", "description": "The Neptune Cluster Endpoint Amazon Resource Name (ARN).\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier of the endpoint.\n" }, "clusterIdentifier": { "type": "string", "description": "The DB cluster identifier of the DB cluster associated with the endpoint.\n" }, "endpoint": { "type": "string", "description": "The DNS address of the endpoint.\n" }, "endpointType": { "type": "string", "description": "The type of the endpoint. One of: `READER`, `WRITER`, `ANY`.\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterEndpointIdentifier", "clusterIdentifier", "endpoint", "endpointType", "tagsAll" ], "inputProperties": { "clusterEndpointIdentifier": { "type": "string", "description": "The identifier of the endpoint.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The DB cluster identifier of the DB cluster associated with the endpoint.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "The type of the endpoint. One of: `READER`, `WRITER`, `ANY`.\n", "willReplaceOnChanges": true }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterEndpointIdentifier", "clusterIdentifier", "endpointType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Neptune Cluster Endpoint Amazon Resource Name (ARN).\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier of the endpoint.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The DB cluster identifier of the DB cluster associated with the endpoint.\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The DNS address of the endpoint.\n" }, "endpointType": { "type": "string", "description": "The type of the endpoint. One of: `READER`, `WRITER`, `ANY`.\n", "willReplaceOnChanges": true }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Neptune cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:neptune/clusterInstance:ClusterInstance": { "description": "A Cluster Instance Resource defines attributes that are specific to a single instance in a Neptune Cluster.\n\nYou can simply add neptune instances and Neptune manages the replication. You can use the count\nmeta-parameter to make multiple instances and join them all to the same Neptune Cluster, or you may specify different Cluster Instance resources with various `instance_class` sizes.\n\n## Example Usage\n\nThe following example will create a neptune cluster with two neptune instances(one writer and one reader).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.neptune.Cluster(\"default\", {\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n iamDatabaseAuthenticationEnabled: true,\n applyImmediately: true,\n});\nconst example: aws.neptune.ClusterInstance[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n example.push(new aws.neptune.ClusterInstance(`example-${range.value}`, {\n clusterIdentifier: _default.id,\n engine: \"neptune\",\n instanceClass: \"db.r4.large\",\n applyImmediately: true,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.Cluster(\"default\",\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True,\n iam_database_authentication_enabled=True,\n apply_immediately=True)\nexample = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example.append(aws.neptune.ClusterInstance(f\"example-{range['value']}\",\n cluster_identifier=default.id,\n engine=\"neptune\",\n instance_class=\"db.r4.large\",\n apply_immediately=True))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Neptune.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n IamDatabaseAuthenticationEnabled = true,\n ApplyImmediately = true,\n });\n\n var example = new List\u003cAws.Neptune.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Neptune.ClusterInstance($\"example-{range.Value}\", new()\n {\n ClusterIdentifier = @default.Id,\n Engine = \"neptune\",\n InstanceClass = \"db.r4.large\",\n ApplyImmediately = true,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewCluster(ctx, \"default\", \u0026neptune.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"neptune-cluster-demo\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tIamDatabaseAuthenticationEnabled: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar example []*neptune.ClusterInstance\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\t_ := index\n\t\t\t__res, err := neptune.NewClusterInstance(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026neptune.ClusterInstanceArgs{\n\t\t\t\tClusterIdentifier: _default.ID(),\n\t\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\t\tInstanceClass: pulumi.String(\"db.r4.large\"),\n\t\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\texample = append(example, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport com.pulumi.aws.neptune.ClusterInstance;\nimport com.pulumi.aws.neptune.ClusterInstanceArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"neptune-cluster-demo\")\n .engine(\"neptune\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .skipFinalSnapshot(true)\n .iamDatabaseAuthenticationEnabled(true)\n .applyImmediately(true)\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new ClusterInstance(\"example-\" + i, ClusterInstanceArgs.builder()\n .clusterIdentifier(default_.id())\n .engine(\"neptune\")\n .instanceClass(\"db.r4.large\")\n .applyImmediately(true)\n .build());\n\n \n}\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:neptune:Cluster\n properties:\n clusterIdentifier: neptune-cluster-demo\n engine: neptune\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n skipFinalSnapshot: true\n iamDatabaseAuthenticationEnabled: true\n applyImmediately: true\n example:\n type: aws:neptune:ClusterInstance\n properties:\n clusterIdentifier: ${default.id}\n engine: neptune\n instanceClass: db.r4.large\n applyImmediately: true\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_cluster_instance` using the instance identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/clusterInstance:ClusterInstance example my-instance\n```\n", "properties": { "address": { "type": "string", "description": "The hostname of the instance. See also `endpoint` and `port`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of neptune instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n" }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the neptune instance.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n" }, "engineVersion": { "type": "string", "description": "The neptune engine version. Currently configuring this argumnet has no effect.\n" }, "identifier": { "type": "string", "description": "The identifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the neptune cluster.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n" }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB instance is deleted.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the neptune cluster is encrypted.\n" }, "storageType": { "type": "string", "description": "Storage type associated with the cluster `standard/iopt1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "address", "applyImmediately", "arn", "availabilityZone", "clusterIdentifier", "dbiResourceId", "endpoint", "engineVersion", "identifier", "identifierPrefix", "instanceClass", "kmsKeyArn", "neptuneSubnetGroupName", "preferredBackupWindow", "preferredMaintenanceWindow", "storageEncrypted", "storageType", "tagsAll", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The neptune engine version. Currently configuring this argumnet has no effect.\n" }, "identifier": { "type": "string", "description": "The identifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n", "willReplaceOnChanges": true }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB instance is deleted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterIdentifier", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "address": { "type": "string", "description": "The hostname of the instance. See also `endpoint` and `port`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any instance modifications\nare applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of neptune instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the instance during the maintenance window. Default is `true`.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone that the neptune instance is created in.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The identifier of the `aws.neptune.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "dbiResourceId": { "type": "string", "description": "The region-unique, immutable identifier for the neptune instance.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The name of the database engine to be used for the neptune instance. Defaults to `neptune`. Valid Values: `neptune`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The neptune engine version. Currently configuring this argumnet has no effect.\n" }, "identifier": { "type": "string", "description": "The identifier for the neptune instance, if omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "description": "The instance class to use.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN for the KMS encryption key if one is set to the neptune cluster.\n" }, "neptuneParameterGroupName": { "type": "string", "description": "The name of the neptune parameter group to associate with this instance.\n" }, "neptuneSubnetGroupName": { "type": "string", "description": "A subnet group to associate with this neptune instance. **NOTE:** This must match the `neptune_subnet_group_name` of the attached `aws.neptune.Cluster`.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port on which the DB accepts connections. Defaults to `8182`.\n", "willReplaceOnChanges": true }, "preferredBackupWindow": { "type": "string", "description": "The daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\"\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default is `false`.\n", "willReplaceOnChanges": true }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB instance is deleted.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the neptune cluster is encrypted.\n" }, "storageType": { "type": "string", "description": "Storage type associated with the cluster `standard/iopt1`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:neptune/clusterParameterGroup:ClusterParameterGroup": { "description": "Manages a Neptune Cluster Parameter Group\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ClusterParameterGroup(\"example\", {\n family: \"neptune1\",\n name: \"example\",\n description: \"neptune cluster parameter group\",\n parameters: [{\n name: \"neptune_enable_audit_log\",\n value: \"1\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ClusterParameterGroup(\"example\",\n family=\"neptune1\",\n name=\"example\",\n description=\"neptune cluster parameter group\",\n parameters=[{\n \"name\": \"neptune_enable_audit_log\",\n \"value\": \"1\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.ClusterParameterGroup(\"example\", new()\n {\n Family = \"neptune1\",\n Name = \"example\",\n Description = \"neptune cluster parameter group\",\n Parameters = new[]\n {\n new Aws.Neptune.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"neptune_enable_audit_log\",\n Value = \"1\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewClusterParameterGroup(ctx, \"example\", \u0026neptune.ClusterParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"neptune1\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"neptune cluster parameter group\"),\n\t\t\tParameters: neptune.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026neptune.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"neptune_enable_audit_log\"),\n\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.ClusterParameterGroup;\nimport com.pulumi.aws.neptune.ClusterParameterGroupArgs;\nimport com.pulumi.aws.neptune.inputs.ClusterParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterParameterGroup(\"example\", ClusterParameterGroupArgs.builder()\n .family(\"neptune1\")\n .name(\"example\")\n .description(\"neptune cluster parameter group\")\n .parameters(ClusterParameterGroupParameterArgs.builder()\n .name(\"neptune_enable_audit_log\")\n .value(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:ClusterParameterGroup\n properties:\n family: neptune1\n name: example\n description: neptune cluster parameter group\n parameters:\n - name: neptune_enable_audit_log\n value: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Neptune Cluster Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:neptune/clusterParameterGroup:ClusterParameterGroup cluster_pg production-pg-1\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the neptune parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the neptune parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the neptune cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the neptune cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the neptune parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:neptune/clusterSnapshot:ClusterSnapshot": { "description": "Manages a Neptune database cluster snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: exampleAwsNeptuneCluster.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ClusterSnapshot(\"example\",\n db_cluster_identifier=example_aws_neptune_cluster[\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.ClusterSnapshot(\"example\", new()\n {\n DbClusterIdentifier = exampleAwsNeptuneCluster.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewClusterSnapshot(ctx, \"example\", \u0026neptune.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.Any(exampleAwsNeptuneCluster.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.ClusterSnapshot;\nimport com.pulumi.aws.neptune.ClusterSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterSnapshot(\"example\", ClusterSnapshotArgs.builder()\n .dbClusterIdentifier(exampleAwsNeptuneCluster.id())\n .dbClusterSnapshotIdentifier(\"resourcetestsnapshot1234\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:ClusterSnapshot\n properties:\n dbClusterIdentifier: ${exampleAwsNeptuneCluster.id}\n dbClusterSnapshotIdentifier: resourcetestsnapshot1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_cluster_snapshot` using the cluster snapshot identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/clusterSnapshot:ClusterSnapshot example my-cluster-snapshot\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster snapshot is encrypted.\n" }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "type": "object" } }, "aws:neptune/eventSubscription:EventSubscription": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.neptune.Cluster(\"default\", {\n clusterIdentifier: \"neptune-cluster-demo\",\n engine: \"neptune\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n skipFinalSnapshot: true,\n iamDatabaseAuthenticationEnabled: true,\n applyImmediately: true,\n});\nconst example = new aws.neptune.ClusterInstance(\"example\", {\n clusterIdentifier: _default.id,\n engine: \"neptune\",\n instanceClass: \"db.r4.large\",\n applyImmediately: true,\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {name: \"neptune-events\"});\nconst defaultEventSubscription = new aws.neptune.EventSubscription(\"default\", {\n name: \"neptune-event-sub\",\n snsTopicArn: defaultTopic.arn,\n sourceType: \"db-instance\",\n sourceIds: [example.id],\n eventCategories: [\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n ],\n tags: {\n env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.Cluster(\"default\",\n cluster_identifier=\"neptune-cluster-demo\",\n engine=\"neptune\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\",\n skip_final_snapshot=True,\n iam_database_authentication_enabled=True,\n apply_immediately=True)\nexample = aws.neptune.ClusterInstance(\"example\",\n cluster_identifier=default.id,\n engine=\"neptune\",\n instance_class=\"db.r4.large\",\n apply_immediately=True)\ndefault_topic = aws.sns.Topic(\"default\", name=\"neptune-events\")\ndefault_event_subscription = aws.neptune.EventSubscription(\"default\",\n name=\"neptune-event-sub\",\n sns_topic_arn=default_topic.arn,\n source_type=\"db-instance\",\n source_ids=[example.id],\n event_categories=[\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n ],\n tags={\n \"env\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Neptune.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"neptune-cluster-demo\",\n Engine = \"neptune\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n SkipFinalSnapshot = true,\n IamDatabaseAuthenticationEnabled = true,\n ApplyImmediately = true,\n });\n\n var example = new Aws.Neptune.ClusterInstance(\"example\", new()\n {\n ClusterIdentifier = @default.Id,\n Engine = \"neptune\",\n InstanceClass = \"db.r4.large\",\n ApplyImmediately = true,\n });\n\n var defaultTopic = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"neptune-events\",\n });\n\n var defaultEventSubscription = new Aws.Neptune.EventSubscription(\"default\", new()\n {\n Name = \"neptune-event-sub\",\n SnsTopicArn = defaultTopic.Arn,\n SourceType = \"db-instance\",\n SourceIds = new[]\n {\n example.Id,\n },\n EventCategories = new[]\n {\n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\",\n },\n Tags = \n {\n { \"env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewCluster(ctx, \"default\", \u0026neptune.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"neptune-cluster-demo\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tIamDatabaseAuthenticationEnabled: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := neptune.NewClusterInstance(ctx, \"example\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tInstanceClass: pulumi.String(\"db.r4.large\"),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"neptune-events\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewEventSubscription(ctx, \"default\", \u0026neptune.EventSubscriptionArgs{\n\t\t\tName: pulumi.String(\"neptune-event-sub\"),\n\t\t\tSnsTopicArn: defaultTopic.Arn,\n\t\t\tSourceType: pulumi.String(\"db-instance\"),\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\texample.ID(),\n\t\t\t},\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"maintenance\"),\n\t\t\t\tpulumi.String(\"availability\"),\n\t\t\t\tpulumi.String(\"creation\"),\n\t\t\t\tpulumi.String(\"backup\"),\n\t\t\t\tpulumi.String(\"restoration\"),\n\t\t\t\tpulumi.String(\"recovery\"),\n\t\t\t\tpulumi.String(\"deletion\"),\n\t\t\t\tpulumi.String(\"failover\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t\tpulumi.String(\"notification\"),\n\t\t\t\tpulumi.String(\"configuration change\"),\n\t\t\t\tpulumi.String(\"read replica\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport com.pulumi.aws.neptune.ClusterInstance;\nimport com.pulumi.aws.neptune.ClusterInstanceArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.neptune.EventSubscription;\nimport com.pulumi.aws.neptune.EventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"neptune-cluster-demo\")\n .engine(\"neptune\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .skipFinalSnapshot(true)\n .iamDatabaseAuthenticationEnabled(\"true\")\n .applyImmediately(\"true\")\n .build());\n\n var example = new ClusterInstance(\"example\", ClusterInstanceArgs.builder()\n .clusterIdentifier(default_.id())\n .engine(\"neptune\")\n .instanceClass(\"db.r4.large\")\n .applyImmediately(\"true\")\n .build());\n\n var defaultTopic = new Topic(\"defaultTopic\", TopicArgs.builder()\n .name(\"neptune-events\")\n .build());\n\n var defaultEventSubscription = new EventSubscription(\"defaultEventSubscription\", EventSubscriptionArgs.builder()\n .name(\"neptune-event-sub\")\n .snsTopicArn(defaultTopic.arn())\n .sourceType(\"db-instance\")\n .sourceIds(example.id())\n .eventCategories( \n \"maintenance\",\n \"availability\",\n \"creation\",\n \"backup\",\n \"restoration\",\n \"recovery\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"notification\",\n \"configuration change\",\n \"read replica\")\n .tags(Map.of(\"env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:neptune:Cluster\n properties:\n clusterIdentifier: neptune-cluster-demo\n engine: neptune\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n skipFinalSnapshot: true\n iamDatabaseAuthenticationEnabled: 'true'\n applyImmediately: 'true'\n example:\n type: aws:neptune:ClusterInstance\n properties:\n clusterIdentifier: ${default.id}\n engine: neptune\n instanceClass: db.r4.large\n applyImmediately: 'true'\n defaultTopic:\n type: aws:sns:Topic\n name: default\n properties:\n name: neptune-events\n defaultEventSubscription:\n type: aws:neptune:EventSubscription\n name: default\n properties:\n name: neptune-event-sub\n snsTopicArn: ${defaultTopic.arn}\n sourceType: db-instance\n sourceIds:\n - ${example.id}\n eventCategories:\n - maintenance\n - availability\n - creation\n - backup\n - restoration\n - recovery\n - deletion\n - failover\n - failure\n - notification\n - configuration change\n - read replica\n tags:\n env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_event_subscription` using the event subscription name. For example:\n\n```sh\n$ pulumi import aws:neptune/eventSubscription:EventSubscription example my-event-subscription\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the Neptune event notification subscription.\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the Neptune event notification subscription.\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "customerAwsId", "name", "namePrefix", "snsTopicArn", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the Neptune event notification subscription.\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the Neptune event notification subscription.\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a `source_type` that you want to subscribe to. Run `aws neptune describe-event-categories` to find all the event categories.\n" }, "name": { "type": "string", "description": "The name of the Neptune event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the Neptune event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster` or `db-cluster-snapshot`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:neptune/globalCluster:GlobalCluster": { "description": "Manages a Neptune Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon Neptune automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about Neptune Global Clusters can be found in the [Neptune User Guide](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-global-database.html).\n\n## Example Usage\n\n### New Neptune Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"neptune\",\n engineVersion: \"1.2.0.0\",\n});\nconst primary = new aws.neptune.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.neptune.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n});\nconst secondary = new aws.neptune.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.neptune.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"neptune\",\n engine_version=\"1.2.0.0\")\nprimary = aws.neptune.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.neptune.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\")\nsecondary = aws.neptune.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.neptune.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\",\n opts = pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"neptune\",\n EngineVersion = \"1.2.0.0\",\n });\n\n var primary = new Aws.Neptune.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Neptune.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Neptune.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.Neptune.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tEngineVersion: pulumi.String(\"1.2.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := neptune.NewCluster(ctx, \"primary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := neptune.NewClusterInstance(ctx, \"primary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := neptune.NewCluster(ctx, \"secondary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewClusterInstance(ctx, \"secondary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport com.pulumi.aws.neptune.ClusterInstance;\nimport com.pulumi.aws.neptune.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"global-test\")\n .engine(\"neptune\")\n .engineVersion(\"1.2.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: neptune\n engineVersion: 1.2.0.0\n primary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n primaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n secondary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.Cluster(\"example\")\nexample_global_cluster = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:Cluster\n exampleGlobalCluster:\n type: aws:neptune:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "Global Cluster Amazon Resource Name (ARN)\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `neptune`. Conflicts with `source_db_cluster_identifier`.\n" }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n" }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:neptune/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed.\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n" }, "status": { "type": "string" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n" } }, "required": [ "arn", "engine", "engineVersion", "globalClusterIdentifier", "globalClusterMembers", "globalClusterResourceId", "sourceDbClusterIdentifier", "status", "storageEncrypted" ], "inputProperties": { "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `neptune`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n", "willReplaceOnChanges": true }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "globalClusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalCluster resources.\n", "properties": { "arn": { "type": "string", "description": "Global Cluster Amazon Resource Name (ARN)\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Current Valid values: `neptune`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Engine version of the global database. Upgrading the engine version will result in all cluster members being immediately updated and will.\n* **NOTE:** Upgrading major versions is not supported.\n" }, "globalClusterIdentifier": { "type": "string", "description": "The global cluster identifier.\n", "willReplaceOnChanges": true }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:neptune/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed.\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "status": { "type": "string" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:neptune/parameterGroup:ParameterGroup": { "description": "Manages a Neptune Parameter Group\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.ParameterGroup(\"example\", {\n family: \"neptune1\",\n name: \"example\",\n parameters: [{\n name: \"neptune_query_timeout\",\n value: \"25\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.ParameterGroup(\"example\",\n family=\"neptune1\",\n name=\"example\",\n parameters=[{\n \"name\": \"neptune_query_timeout\",\n \"value\": \"25\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.ParameterGroup(\"example\", new()\n {\n Family = \"neptune1\",\n Name = \"example\",\n Parameters = new[]\n {\n new Aws.Neptune.Inputs.ParameterGroupParameterArgs\n {\n Name = \"neptune_query_timeout\",\n Value = \"25\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewParameterGroup(ctx, \"example\", \u0026neptune.ParameterGroupArgs{\n\t\t\tFamily: pulumi.String(\"neptune1\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParameters: neptune.ParameterGroupParameterArray{\n\t\t\t\t\u0026neptune.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"neptune_query_timeout\"),\n\t\t\t\t\tValue: pulumi.String(\"25\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.ParameterGroup;\nimport com.pulumi.aws.neptune.ParameterGroupArgs;\nimport com.pulumi.aws.neptune.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ParameterGroup(\"example\", ParameterGroupArgs.builder()\n .family(\"neptune1\")\n .name(\"example\")\n .parameters(ParameterGroupParameterArgs.builder()\n .name(\"neptune_query_timeout\")\n .value(\"25\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:ParameterGroup\n properties:\n family: neptune1\n name: example\n parameters:\n - name: neptune_query_timeout\n value: '25'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Neptune Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:neptune/parameterGroup:ParameterGroup some_pg some-pg\n```\n", "properties": { "arn": { "type": "string", "description": "The Neptune parameter group Amazon Resource Name (ARN).\n" }, "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n" }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n" }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Neptune parameter group Amazon Resource Name (ARN).\n" }, "description": { "type": "string", "description": "The description of the Neptune parameter group. Defaults to \"Managed by Pulumi\".\n", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the Neptune parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Neptune parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:neptune/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Neptune parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:neptune/subnetGroup:SubnetGroup": { "description": "Provides an Neptune subnet group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.neptune.SubnetGroup(\"default\", {\n name: \"main\",\n subnetIds: [\n frontend.id,\n backend.id,\n ],\n tags: {\n Name: \"My neptune subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.neptune.SubnetGroup(\"default\",\n name=\"main\",\n subnet_ids=[\n frontend[\"id\"],\n backend[\"id\"],\n ],\n tags={\n \"Name\": \"My neptune subnet group\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Neptune.SubnetGroup(\"default\", new()\n {\n Name = \"main\",\n SubnetIds = new[]\n {\n frontend.Id,\n backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My neptune subnet group\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.NewSubnetGroup(ctx, \"default\", \u0026neptune.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"main\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfrontend.Id,\n\t\t\t\tbackend.Id,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My neptune subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.SubnetGroup;\nimport com.pulumi.aws.neptune.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SubnetGroup(\"default\", SubnetGroupArgs.builder()\n .name(\"main\")\n .subnetIds( \n frontend.id(),\n backend.id())\n .tags(Map.of(\"Name\", \"My neptune subnet group\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:neptune:SubnetGroup\n properties:\n name: main\n subnetIds:\n - ${frontend.id}\n - ${backend.id}\n tags:\n Name: My neptune subnet group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Neptune Subnet groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:neptune/subnetGroup:SubnetGroup default production-subnet-group\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune subnet group.\n" }, "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the neptune subnet group.\n" }, "description": { "type": "string", "description": "The description of the neptune subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the neptune subnet group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkfirewall/firewall:Firewall": { "description": "Provides an AWS Network Firewall Firewall Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.Firewall(\"example\", {\n name: \"example\",\n firewallPolicyArn: exampleAwsNetworkfirewallFirewallPolicy.arn,\n vpcId: exampleAwsVpc.id,\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.Firewall(\"example\",\n name=\"example\",\n firewall_policy_arn=example_aws_networkfirewall_firewall_policy[\"arn\"],\n vpc_id=example_aws_vpc[\"id\"],\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.Firewall(\"example\", new()\n {\n Name = \"example\",\n FirewallPolicyArn = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n VpcId = exampleAwsVpc.Id,\n SubnetMappings = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewFirewall(ctx, \"example\", \u0026networkfirewall.FirewallArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFirewallPolicyArn: pulumi.Any(exampleAwsNetworkfirewallFirewallPolicy.Arn),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tSubnetMappings: networkfirewall.FirewallSubnetMappingArray{\n\t\t\t\t\u0026networkfirewall.FirewallSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.Firewall;\nimport com.pulumi.aws.networkfirewall.FirewallArgs;\nimport com.pulumi.aws.networkfirewall.inputs.FirewallSubnetMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Firewall(\"example\", FirewallArgs.builder()\n .name(\"example\")\n .firewallPolicyArn(exampleAwsNetworkfirewallFirewallPolicy.arn())\n .vpcId(exampleAwsVpc.id())\n .subnetMappings(FirewallSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:Firewall\n properties:\n name: example\n firewallPolicyArn: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n vpcId: ${exampleAwsVpc.id}\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Firewalls using their `arn`. For example:\n\n```sh\n$ pulumi import aws:networkfirewall/firewall:Firewall example arn:aws:network-firewall:us-west-1:123456789012:firewall/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the firewall.\n" }, "deleteProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A friendly description of the firewall.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallEncryptionConfiguration:FirewallEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC Firewall policy.\n" }, "firewallPolicyChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. Defaults to `false`.\n" }, "firewallStatuses": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallFirewallStatus:FirewallFirewallStatus" }, "description": "Nested list of information about the current status of the firewall.\n" }, "name": { "type": "string", "description": "A friendly name of the firewall.\n" }, "subnetChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. Defaults to `false`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallSubnetMapping:FirewallSubnetMapping" }, "description": "Set of configuration blocks describing the public subnets. Each subnet must belong to a different Availability Zone in the VPC. AWS Network Firewall creates a firewall endpoint in each subnet. See Subnet Mapping below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateToken": { "type": "string", "description": "A string token used when updating a firewall.\n" }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC where AWS Network Firewall should create the firewall.\n" } }, "required": [ "arn", "firewallPolicyArn", "firewallStatuses", "name", "subnetMappings", "tagsAll", "updateToken", "vpcId" ], "inputProperties": { "deleteProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A friendly description of the firewall.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallEncryptionConfiguration:FirewallEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC Firewall policy.\n" }, "firewallPolicyChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. Defaults to `false`.\n" }, "name": { "type": "string", "description": "A friendly name of the firewall.\n", "willReplaceOnChanges": true }, "subnetChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. Defaults to `false`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallSubnetMapping:FirewallSubnetMapping" }, "description": "Set of configuration blocks describing the public subnets. Each subnet must belong to a different Availability Zone in the VPC. AWS Network Firewall creates a firewall endpoint in each subnet. See Subnet Mapping below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC where AWS Network Firewall should create the firewall.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "firewallPolicyArn", "subnetMappings", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Firewall resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the firewall.\n" }, "deleteProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. Defaults to `false`.\n" }, "description": { "type": "string", "description": "A friendly description of the firewall.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallEncryptionConfiguration:FirewallEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicyArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the VPC Firewall policy.\n" }, "firewallPolicyChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. Defaults to `false`.\n" }, "firewallStatuses": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallFirewallStatus:FirewallFirewallStatus" }, "description": "Nested list of information about the current status of the firewall.\n" }, "name": { "type": "string", "description": "A friendly name of the firewall.\n", "willReplaceOnChanges": true }, "subnetChangeProtection": { "type": "boolean", "description": "A flag indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. Defaults to `false`.\n" }, "subnetMappings": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/FirewallSubnetMapping:FirewallSubnetMapping" }, "description": "Set of configuration blocks describing the public subnets. Each subnet must belong to a different Availability Zone in the VPC. AWS Network Firewall creates a firewall endpoint in each subnet. See Subnet Mapping below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateToken": { "type": "string", "description": "A string token used when updating a firewall.\n" }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC where AWS Network Firewall should create the firewall.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkfirewall/firewallPolicy:FirewallPolicy": { "description": "Provides an AWS Network Firewall Firewall Policy Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.FirewallPolicy(\"example\", {\n name: \"example\",\n firewallPolicy: {\n statelessDefaultActions: [\"aws:pass\"],\n statelessFragmentDefaultActions: [\"aws:drop\"],\n statelessRuleGroupReferences: [{\n priority: 1,\n resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,\n }],\n tlsInspectionConfigurationArn: \"arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\",\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.FirewallPolicy(\"example\",\n name=\"example\",\n firewall_policy={\n \"stateless_default_actions\": [\"aws:pass\"],\n \"stateless_fragment_default_actions\": [\"aws:drop\"],\n \"stateless_rule_group_references\": [{\n \"priority\": 1,\n \"resource_arn\": example_aws_networkfirewall_rule_group[\"arn\"],\n }],\n \"tls_inspection_configuration_arn\": \"arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\",\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.FirewallPolicy(\"example\", new()\n {\n Name = \"example\",\n FirewallPolicyConfiguration = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyArgs\n {\n StatelessDefaultActions = new[]\n {\n \"aws:pass\",\n },\n StatelessFragmentDefaultActions = new[]\n {\n \"aws:drop\",\n },\n StatelessRuleGroupReferences = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs\n {\n Priority = 1,\n ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn,\n },\n },\n TlsInspectionConfigurationArn = \"arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\",\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewFirewallPolicy(ctx, \"example\", \u0026networkfirewall.FirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFirewallPolicy: \u0026networkfirewall.FirewallPolicyFirewallPolicyArgs{\n\t\t\t\tStatelessDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:pass\"),\n\t\t\t\t},\n\t\t\t\tStatelessFragmentDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:drop\"),\n\t\t\t\t},\n\t\t\t\tStatelessRuleGroupReferences: networkfirewall.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArray{\n\t\t\t\t\t\u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs{\n\t\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallRuleGroup.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTlsInspectionConfigurationArn: pulumi.String(\"arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.FirewallPolicy;\nimport com.pulumi.aws.networkfirewall.FirewallPolicyArgs;\nimport com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FirewallPolicy(\"example\", FirewallPolicyArgs.builder()\n .name(\"example\")\n .firewallPolicy(FirewallPolicyFirewallPolicyArgs.builder()\n .statelessDefaultActions(\"aws:pass\")\n .statelessFragmentDefaultActions(\"aws:drop\")\n .statelessRuleGroupReferences(FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs.builder()\n .priority(1)\n .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn())\n .build())\n .tlsInspectionConfigurationArn(\"arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:FirewallPolicy\n properties:\n name: example\n firewallPolicy:\n statelessDefaultActions:\n - aws:pass\n statelessFragmentDefaultActions:\n - aws:drop\n statelessRuleGroupReferences:\n - priority: 1\n resourceArn: ${exampleAwsNetworkfirewallRuleGroup.arn}\n tlsInspectionConfigurationArn: arn:aws:network-firewall:REGION:ACCT:tls-configuration/example\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Policy with a HOME_NET Override\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.FirewallPolicy(\"example\", {\n name: \"example\",\n firewallPolicy: {\n policyVariables: {\n ruleVariables: [{\n key: \"HOME_NET\",\n ipSet: {\n definitions: [\n \"10.0.0.0/16\",\n \"10.1.0.0/24\",\n ],\n },\n }],\n },\n statelessDefaultActions: [\"aws:pass\"],\n statelessFragmentDefaultActions: [\"aws:drop\"],\n statelessRuleGroupReferences: [{\n priority: 1,\n resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,\n }],\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.FirewallPolicy(\"example\",\n name=\"example\",\n firewall_policy={\n \"policy_variables\": {\n \"rule_variables\": [{\n \"key\": \"HOME_NET\",\n \"ip_set\": {\n \"definitions\": [\n \"10.0.0.0/16\",\n \"10.1.0.0/24\",\n ],\n },\n }],\n },\n \"stateless_default_actions\": [\"aws:pass\"],\n \"stateless_fragment_default_actions\": [\"aws:drop\"],\n \"stateless_rule_group_references\": [{\n \"priority\": 1,\n \"resource_arn\": example_aws_networkfirewall_rule_group[\"arn\"],\n }],\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.FirewallPolicy(\"example\", new()\n {\n Name = \"example\",\n FirewallPolicyConfiguration = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyArgs\n {\n PolicyVariables = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyPolicyVariablesArgs\n {\n RuleVariables = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableArgs\n {\n Key = \"HOME_NET\",\n IpSet = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSetArgs\n {\n Definitions = new[]\n {\n \"10.0.0.0/16\",\n \"10.1.0.0/24\",\n },\n },\n },\n },\n },\n StatelessDefaultActions = new[]\n {\n \"aws:pass\",\n },\n StatelessFragmentDefaultActions = new[]\n {\n \"aws:drop\",\n },\n StatelessRuleGroupReferences = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs\n {\n Priority = 1,\n ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn,\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewFirewallPolicy(ctx, \"example\", \u0026networkfirewall.FirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFirewallPolicy: \u0026networkfirewall.FirewallPolicyFirewallPolicyArgs{\n\t\t\t\tPolicyVariables: \u0026networkfirewall.FirewallPolicyFirewallPolicyPolicyVariablesArgs{\n\t\t\t\t\tRuleVariables: networkfirewall.FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableArray{\n\t\t\t\t\t\t\u0026networkfirewall.FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"HOME_NET\"),\n\t\t\t\t\t\t\tIpSet: \u0026networkfirewall.FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSetArgs{\n\t\t\t\t\t\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"10.1.0.0/24\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tStatelessDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:pass\"),\n\t\t\t\t},\n\t\t\t\tStatelessFragmentDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:drop\"),\n\t\t\t\t},\n\t\t\t\tStatelessRuleGroupReferences: networkfirewall.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArray{\n\t\t\t\t\t\u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs{\n\t\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallRuleGroup.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.FirewallPolicy;\nimport com.pulumi.aws.networkfirewall.FirewallPolicyArgs;\nimport com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyArgs;\nimport com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyPolicyVariablesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FirewallPolicy(\"example\", FirewallPolicyArgs.builder()\n .name(\"example\")\n .firewallPolicy(FirewallPolicyFirewallPolicyArgs.builder()\n .policyVariables(FirewallPolicyFirewallPolicyPolicyVariablesArgs.builder()\n .ruleVariables(FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableArgs.builder()\n .key(\"HOME_NET\")\n .ipSet(FirewallPolicyFirewallPolicyPolicyVariablesRuleVariableIpSetArgs.builder()\n .definitions( \n \"10.0.0.0/16\",\n \"10.1.0.0/24\")\n .build())\n .build())\n .build())\n .statelessDefaultActions(\"aws:pass\")\n .statelessFragmentDefaultActions(\"aws:drop\")\n .statelessRuleGroupReferences(FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs.builder()\n .priority(1)\n .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:FirewallPolicy\n properties:\n name: example\n firewallPolicy:\n policyVariables:\n ruleVariables:\n - key: HOME_NET\n ipSet:\n definitions:\n - 10.0.0.0/16\n - 10.1.0.0/24\n statelessDefaultActions:\n - aws:pass\n statelessFragmentDefaultActions:\n - aws:drop\n statelessRuleGroupReferences:\n - priority: 1\n resourceArn: ${exampleAwsNetworkfirewallRuleGroup.arn}\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Policy with a Custom Action for Stateless Inspection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.networkfirewall.FirewallPolicy(\"test\", {\n name: \"example\",\n firewallPolicy: {\n statelessDefaultActions: [\n \"aws:pass\",\n \"ExampleCustomAction\",\n ],\n statelessFragmentDefaultActions: [\"aws:drop\"],\n statelessCustomActions: [{\n actionDefinition: {\n publishMetricAction: {\n dimensions: [{\n value: \"1\",\n }],\n },\n },\n actionName: \"ExampleCustomAction\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.networkfirewall.FirewallPolicy(\"test\",\n name=\"example\",\n firewall_policy={\n \"stateless_default_actions\": [\n \"aws:pass\",\n \"ExampleCustomAction\",\n ],\n \"stateless_fragment_default_actions\": [\"aws:drop\"],\n \"stateless_custom_actions\": [{\n \"action_definition\": {\n \"publish_metric_action\": {\n \"dimensions\": [{\n \"value\": \"1\",\n }],\n },\n },\n \"action_name\": \"ExampleCustomAction\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.NetworkFirewall.FirewallPolicy(\"test\", new()\n {\n Name = \"example\",\n FirewallPolicyConfiguration = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyArgs\n {\n StatelessDefaultActions = new[]\n {\n \"aws:pass\",\n \"ExampleCustomAction\",\n },\n StatelessFragmentDefaultActions = new[]\n {\n \"aws:drop\",\n },\n StatelessCustomActions = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessCustomActionArgs\n {\n ActionDefinition = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionArgs\n {\n PublishMetricAction = new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionArgs\n {\n Dimensions = new[]\n {\n new Aws.NetworkFirewall.Inputs.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimensionArgs\n {\n Value = \"1\",\n },\n },\n },\n },\n ActionName = \"ExampleCustomAction\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewFirewallPolicy(ctx, \"test\", \u0026networkfirewall.FirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFirewallPolicy: \u0026networkfirewall.FirewallPolicyFirewallPolicyArgs{\n\t\t\t\tStatelessDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:pass\"),\n\t\t\t\t\tpulumi.String(\"ExampleCustomAction\"),\n\t\t\t\t},\n\t\t\t\tStatelessFragmentDefaultActions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"aws:drop\"),\n\t\t\t\t},\n\t\t\t\tStatelessCustomActions: networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionArray{\n\t\t\t\t\t\u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionArgs{\n\t\t\t\t\t\tActionDefinition: \u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionArgs{\n\t\t\t\t\t\t\tPublishMetricAction: \u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionArgs{\n\t\t\t\t\t\t\t\tDimensions: networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimensionArray{\n\t\t\t\t\t\t\t\t\t\u0026networkfirewall.FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimensionArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tActionName: pulumi.String(\"ExampleCustomAction\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.FirewallPolicy;\nimport com.pulumi.aws.networkfirewall.FirewallPolicyArgs;\nimport com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new FirewallPolicy(\"test\", FirewallPolicyArgs.builder()\n .name(\"example\")\n .firewallPolicy(FirewallPolicyFirewallPolicyArgs.builder()\n .statelessDefaultActions( \n \"aws:pass\",\n \"ExampleCustomAction\")\n .statelessFragmentDefaultActions(\"aws:drop\")\n .statelessCustomActions(FirewallPolicyFirewallPolicyStatelessCustomActionArgs.builder()\n .actionDefinition(FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionArgs.builder()\n .publishMetricAction(FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionArgs.builder()\n .dimensions(FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionDimensionArgs.builder()\n .value(\"1\")\n .build())\n .build())\n .build())\n .actionName(\"ExampleCustomAction\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:networkfirewall:FirewallPolicy\n properties:\n name: example\n firewallPolicy:\n statelessDefaultActions:\n - aws:pass\n - ExampleCustomAction\n statelessFragmentDefaultActions:\n - aws:drop\n statelessCustomActions:\n - actionDefinition:\n publishMetricAction:\n dimensions:\n - value: '1'\n actionName: ExampleCustomAction\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Policies using their `arn`. For example:\n\n```sh\n$ pulumi import aws:networkfirewall/firewallPolicy:FirewallPolicy example arn:aws:network-firewall:us-west-1:123456789012:firewall-policy/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the firewall policy.\n" }, "description": { "type": "string", "description": "A friendly description of the firewall policy.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyEncryptionConfiguration:FirewallPolicyEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicy": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicy:FirewallPolicyFirewallPolicy", "description": "A configuration block describing the rule groups and policy actions to use in the firewall policy. See Firewall Policy below for details.\n", "language": { "csharp": { "name": "FirewallPolicyConfiguration" } } }, "name": { "type": "string", "description": "A friendly name of the firewall policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateToken": { "type": "string", "description": "A string token used when updating a firewall policy.\n" } }, "required": [ "arn", "firewallPolicy", "name", "tagsAll", "updateToken" ], "inputProperties": { "description": { "type": "string", "description": "A friendly description of the firewall policy.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyEncryptionConfiguration:FirewallPolicyEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicy": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicy:FirewallPolicyFirewallPolicy", "description": "A configuration block describing the rule groups and policy actions to use in the firewall policy. See Firewall Policy below for details.\n", "language": { "csharp": { "name": "FirewallPolicyConfiguration" } } }, "name": { "type": "string", "description": "A friendly name of the firewall policy.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "firewallPolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering FirewallPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the firewall policy.\n" }, "description": { "type": "string", "description": "A friendly description of the firewall policy.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyEncryptionConfiguration:FirewallPolicyEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "firewallPolicy": { "$ref": "#/types/aws:networkfirewall/FirewallPolicyFirewallPolicy:FirewallPolicyFirewallPolicy", "description": "A configuration block describing the rule groups and policy actions to use in the firewall policy. See Firewall Policy below for details.\n", "language": { "csharp": { "name": "FirewallPolicyConfiguration" } } }, "name": { "type": "string", "description": "A friendly name of the firewall policy.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "updateToken": { "type": "string", "description": "A string token used when updating a firewall policy.\n" } }, "type": "object" } }, "aws:networkfirewall/loggingConfiguration:LoggingConfiguration": { "description": "Provides an AWS Network Firewall Logging Configuration Resource\n\n## Example Usage\n\n### Logging to S3\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.LoggingConfiguration(\"example\", {\n firewallArn: exampleAwsNetworkfirewallFirewall.arn,\n loggingConfiguration: {\n logDestinationConfigs: [{\n logDestination: {\n bucketName: exampleAwsS3Bucket.bucket,\n prefix: \"/example\",\n },\n logDestinationType: \"S3\",\n logType: \"FLOW\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.LoggingConfiguration(\"example\",\n firewall_arn=example_aws_networkfirewall_firewall[\"arn\"],\n logging_configuration={\n \"log_destination_configs\": [{\n \"log_destination\": {\n \"bucket_name\": example_aws_s3_bucket[\"bucket\"],\n \"prefix\": \"/example\",\n },\n \"log_destination_type\": \"S3\",\n \"log_type\": \"FLOW\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.LoggingConfiguration(\"example\", new()\n {\n FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,\n LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs\n {\n LogDestinationConfigs = new[]\n {\n new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs\n {\n LogDestination = \n {\n { \"bucketName\", exampleAwsS3Bucket.Bucket },\n { \"prefix\", \"/example\" },\n },\n LogDestinationType = \"S3\",\n LogType = \"FLOW\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewLoggingConfiguration(ctx, \"example\", \u0026networkfirewall.LoggingConfigurationArgs{\n\t\t\tFirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),\n\t\t\tLoggingConfiguration: \u0026networkfirewall.LoggingConfigurationLoggingConfigurationArgs{\n\t\t\t\tLogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{\n\t\t\t\t\t\u0026networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{\n\t\t\t\t\t\tLogDestination: pulumi.StringMap{\n\t\t\t\t\t\t\t\"bucketName\": pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\t\t\t\t\"prefix\": pulumi.String(\"/example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLogDestinationType: pulumi.String(\"S3\"),\n\t\t\t\t\t\tLogType: pulumi.String(\"FLOW\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.LoggingConfiguration;\nimport com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoggingConfiguration(\"example\", LoggingConfigurationArgs.builder()\n .firewallArn(exampleAwsNetworkfirewallFirewall.arn())\n .loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()\n .logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()\n .logDestination(Map.ofEntries(\n Map.entry(\"bucketName\", exampleAwsS3Bucket.bucket()),\n Map.entry(\"prefix\", \"/example\")\n ))\n .logDestinationType(\"S3\")\n .logType(\"FLOW\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:LoggingConfiguration\n properties:\n firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}\n loggingConfiguration:\n logDestinationConfigs:\n - logDestination:\n bucketName: ${exampleAwsS3Bucket.bucket}\n prefix: /example\n logDestinationType: S3\n logType: FLOW\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging to CloudWatch\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.LoggingConfiguration(\"example\", {\n firewallArn: exampleAwsNetworkfirewallFirewall.arn,\n loggingConfiguration: {\n logDestinationConfigs: [{\n logDestination: {\n logGroup: exampleAwsCloudwatchLogGroup.name,\n },\n logDestinationType: \"CloudWatchLogs\",\n logType: \"ALERT\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.LoggingConfiguration(\"example\",\n firewall_arn=example_aws_networkfirewall_firewall[\"arn\"],\n logging_configuration={\n \"log_destination_configs\": [{\n \"log_destination\": {\n \"log_group\": example_aws_cloudwatch_log_group[\"name\"],\n },\n \"log_destination_type\": \"CloudWatchLogs\",\n \"log_type\": \"ALERT\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.LoggingConfiguration(\"example\", new()\n {\n FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,\n LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs\n {\n LogDestinationConfigs = new[]\n {\n new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs\n {\n LogDestination = \n {\n { \"logGroup\", exampleAwsCloudwatchLogGroup.Name },\n },\n LogDestinationType = \"CloudWatchLogs\",\n LogType = \"ALERT\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewLoggingConfiguration(ctx, \"example\", \u0026networkfirewall.LoggingConfigurationArgs{\n\t\t\tFirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),\n\t\t\tLoggingConfiguration: \u0026networkfirewall.LoggingConfigurationLoggingConfigurationArgs{\n\t\t\t\tLogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{\n\t\t\t\t\t\u0026networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{\n\t\t\t\t\t\tLogDestination: pulumi.StringMap{\n\t\t\t\t\t\t\t\"logGroup\": pulumi.Any(exampleAwsCloudwatchLogGroup.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLogDestinationType: pulumi.String(\"CloudWatchLogs\"),\n\t\t\t\t\t\tLogType: pulumi.String(\"ALERT\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.LoggingConfiguration;\nimport com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoggingConfiguration(\"example\", LoggingConfigurationArgs.builder()\n .firewallArn(exampleAwsNetworkfirewallFirewall.arn())\n .loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()\n .logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()\n .logDestination(Map.of(\"logGroup\", exampleAwsCloudwatchLogGroup.name()))\n .logDestinationType(\"CloudWatchLogs\")\n .logType(\"ALERT\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:LoggingConfiguration\n properties:\n firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}\n loggingConfiguration:\n logDestinationConfigs:\n - logDestination:\n logGroup: ${exampleAwsCloudwatchLogGroup.name}\n logDestinationType: CloudWatchLogs\n logType: ALERT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging to Kinesis Data Firehose\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.LoggingConfiguration(\"example\", {\n firewallArn: exampleAwsNetworkfirewallFirewall.arn,\n loggingConfiguration: {\n logDestinationConfigs: [{\n logDestination: {\n deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,\n },\n logDestinationType: \"KinesisDataFirehose\",\n logType: \"ALERT\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.LoggingConfiguration(\"example\",\n firewall_arn=example_aws_networkfirewall_firewall[\"arn\"],\n logging_configuration={\n \"log_destination_configs\": [{\n \"log_destination\": {\n \"delivery_stream\": example_aws_kinesis_firehose_delivery_stream[\"name\"],\n },\n \"log_destination_type\": \"KinesisDataFirehose\",\n \"log_type\": \"ALERT\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.LoggingConfiguration(\"example\", new()\n {\n FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,\n LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs\n {\n LogDestinationConfigs = new[]\n {\n new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs\n {\n LogDestination = \n {\n { \"deliveryStream\", exampleAwsKinesisFirehoseDeliveryStream.Name },\n },\n LogDestinationType = \"KinesisDataFirehose\",\n LogType = \"ALERT\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewLoggingConfiguration(ctx, \"example\", \u0026networkfirewall.LoggingConfigurationArgs{\n\t\t\tFirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),\n\t\t\tLoggingConfiguration: \u0026networkfirewall.LoggingConfigurationLoggingConfigurationArgs{\n\t\t\t\tLogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{\n\t\t\t\t\t\u0026networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{\n\t\t\t\t\t\tLogDestination: pulumi.StringMap{\n\t\t\t\t\t\t\t\"deliveryStream\": pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLogDestinationType: pulumi.String(\"KinesisDataFirehose\"),\n\t\t\t\t\t\tLogType: pulumi.String(\"ALERT\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.LoggingConfiguration;\nimport com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoggingConfiguration(\"example\", LoggingConfigurationArgs.builder()\n .firewallArn(exampleAwsNetworkfirewallFirewall.arn())\n .loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()\n .logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()\n .logDestination(Map.of(\"deliveryStream\", exampleAwsKinesisFirehoseDeliveryStream.name()))\n .logDestinationType(\"KinesisDataFirehose\")\n .logType(\"ALERT\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:LoggingConfiguration\n properties:\n firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}\n loggingConfiguration:\n logDestinationConfigs:\n - logDestination:\n deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}\n logDestinationType: KinesisDataFirehose\n logType: ALERT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Logging Configurations using the `firewall_arn`. For example:\n\n```sh\n$ pulumi import aws:networkfirewall/loggingConfiguration:LoggingConfiguration example arn:aws:network-firewall:us-west-1:123456789012:firewall/example\n```\n", "properties": { "firewallArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Firewall firewall.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:networkfirewall/LoggingConfigurationLoggingConfiguration:LoggingConfigurationLoggingConfiguration", "description": "A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.\n", "language": { "csharp": { "name": "LoggingConfig" } } } }, "required": [ "firewallArn", "loggingConfiguration" ], "inputProperties": { "firewallArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Firewall firewall.\n", "willReplaceOnChanges": true }, "loggingConfiguration": { "$ref": "#/types/aws:networkfirewall/LoggingConfigurationLoggingConfiguration:LoggingConfigurationLoggingConfiguration", "description": "A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.\n", "language": { "csharp": { "name": "LoggingConfig" } } } }, "requiredInputs": [ "firewallArn", "loggingConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering LoggingConfiguration resources.\n", "properties": { "firewallArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Network Firewall firewall.\n", "willReplaceOnChanges": true }, "loggingConfiguration": { "$ref": "#/types/aws:networkfirewall/LoggingConfigurationLoggingConfiguration:LoggingConfigurationLoggingConfiguration", "description": "A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.\n", "language": { "csharp": { "name": "LoggingConfig" } } } }, "type": "object" } }, "aws:networkfirewall/resourcePolicy:ResourcePolicy": { "description": "Provides an AWS Network Firewall Resource Policy Resource for a rule group or firewall policy.\n\n## Example Usage\n\n### For a Firewall Policy resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallFirewallPolicy.arn,\n policy: JSON.stringify({\n Statement: [{\n Action: [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n Effect: \"Allow\",\n Resource: exampleAwsNetworkfirewallFirewallPolicy.arn,\n Principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_firewall_policy[\"arn\"],\n policy=json.dumps({\n \"Statement\": [{\n \"Action\": [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": example_aws_networkfirewall_firewall_policy[\"arn\"],\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListFirewallPolicies\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewall\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewall\",\n\t\t\t\t\t\t\"network-firewall:AssociateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": exampleAwsNetworkfirewallFirewallPolicy.Arn,\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallFirewallPolicy.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsNetworkfirewallFirewallPolicy.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"network-firewall:ListFirewallPolicies\", \n \"network-firewall:CreateFirewall\", \n \"network-firewall:UpdateFirewall\", \n \"network-firewall:AssociateFirewallPolicy\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", exampleAwsNetworkfirewallFirewallPolicy.arn()),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - network-firewall:ListFirewallPolicies\n - network-firewall:CreateFirewall\n - network-firewall:UpdateFirewall\n - network-firewall:AssociateFirewallPolicy\n Effect: Allow\n Resource: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n Principal:\n AWS: arn:aws:iam::123456789012:root\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### For a Rule Group resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,\n policy: JSON.stringify({\n Statement: [{\n Action: [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n Effect: \"Allow\",\n Resource: exampleAwsNetworkfirewallRuleGroup.arn,\n Principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_rule_group[\"arn\"],\n policy=json.dumps({\n \"Statement\": [{\n \"Action\": [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": example_aws_networkfirewall_rule_group[\"arn\"],\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleAwsNetworkfirewallRuleGroup.Arn,\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListRuleGroups\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewallPolicy\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": exampleAwsNetworkfirewallRuleGroup.Arn,\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallRuleGroup.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"network-firewall:ListRuleGroups\", \n \"network-firewall:CreateFirewallPolicy\", \n \"network-firewall:UpdateFirewallPolicy\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", exampleAwsNetworkfirewallRuleGroup.arn()),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallRuleGroup.arn}\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - network-firewall:ListRuleGroups\n - network-firewall:CreateFirewallPolicy\n - network-firewall:UpdateFirewallPolicy\n Effect: Allow\n Resource: ${exampleAwsNetworkfirewallRuleGroup.arn}\n Principal:\n AWS: arn:aws:iam::123456789012:root\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Resource Policies using the `resource arn`. For example: \n```sh\n$ pulumi import aws:networkfirewall/resourcePolicy:ResourcePolicy example arn:aws:network-firewall:us-west-1:123456789012:stateful-rulegroup/example\n```\n", "properties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the Network Firewall resource. The policy must be provided **without whitespaces**. We recommend using jsonencode for formatting as seen in the examples above. For more details, including available policy statement Actions, see the [Policy](https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html#API_PutResourcePolicy_RequestSyntax) parameter in the AWS API documentation.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule group or firewall policy.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the Network Firewall resource. The policy must be provided **without whitespaces**. We recommend using jsonencode for formatting as seen in the examples above. For more details, including available policy statement Actions, see the [Policy](https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html#API_PutResourcePolicy_RequestSyntax) parameter in the AWS API documentation.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule group or firewall policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "JSON formatted policy document that controls access to the Network Firewall resource. The policy must be provided **without whitespaces**. We recommend using jsonencode for formatting as seen in the examples above. For more details, including available policy statement Actions, see the [Policy](https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html#API_PutResourcePolicy_RequestSyntax) parameter in the AWS API documentation.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rule group or firewall policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkfirewall/ruleGroup:RuleGroup": { "description": "Provides an AWS Network Firewall Rule Group Resource\n\n## Example Usage\n\n### Stateful Inspection for denying access to a domain\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 100,\n name: \"example\",\n type: \"STATEFUL\",\n ruleGroup: {\n rulesSource: {\n rulesSourceList: {\n generatedRulesType: \"DENYLIST\",\n targetTypes: [\"HTTP_HOST\"],\n targets: [\"test.example.com\"],\n },\n },\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=100,\n name=\"example\",\n type=\"STATEFUL\",\n rule_group={\n \"rules_source\": {\n \"rules_source_list\": {\n \"generated_rules_type\": \"DENYLIST\",\n \"target_types\": [\"HTTP_HOST\"],\n \"targets\": [\"test.example.com\"],\n },\n },\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 100,\n Name = \"example\",\n Type = \"STATEFUL\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n RulesSourceList = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceRulesSourceListArgs\n {\n GeneratedRulesType = \"DENYLIST\",\n TargetTypes = new[]\n {\n \"HTTP_HOST\",\n },\n Targets = new[]\n {\n \"test.example.com\",\n },\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATEFUL\"),\n\t\t\tRuleGroup: \u0026networkfirewall.RuleGroupRuleGroupArgs{\n\t\t\t\tRulesSource: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceArgs{\n\t\t\t\t\tRulesSourceList: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceRulesSourceListArgs{\n\t\t\t\t\t\tGeneratedRulesType: pulumi.String(\"DENYLIST\"),\n\t\t\t\t\t\tTargetTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HTTP_HOST\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargets: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"test.example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceRulesSourceListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .capacity(100)\n .name(\"example\")\n .type(\"STATEFUL\")\n .ruleGroup(RuleGroupRuleGroupArgs.builder()\n .rulesSource(RuleGroupRuleGroupRulesSourceArgs.builder()\n .rulesSourceList(RuleGroupRuleGroupRulesSourceRulesSourceListArgs.builder()\n .generatedRulesType(\"DENYLIST\")\n .targetTypes(\"HTTP_HOST\")\n .targets(\"test.example.com\")\n .build())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n capacity: 100\n name: example\n type: STATEFUL\n ruleGroup:\n rulesSource:\n rulesSourceList:\n generatedRulesType: DENYLIST\n targetTypes:\n - HTTP_HOST\n targets:\n - test.example.com\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stateful Inspection for permitting packets from a source IP address\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ips = [\n \"1.1.1.1/32\",\n \"1.0.0.1/32\",\n];\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 50,\n description: \"Permits http traffic from source\",\n name: \"example\",\n type: \"STATEFUL\",\n ruleGroup: {\n rulesSource: {\n statefulRules: ips.map((v, k) =\u003e ({key: k, value: v})).map(entry =\u003e ({\n action: \"PASS\",\n header: {\n destination: \"ANY\",\n destinationPort: \"ANY\",\n protocol: \"HTTP\",\n direction: \"ANY\",\n sourcePort: \"ANY\",\n source: entry.value,\n },\n ruleOptions: [{\n keyword: \"sid\",\n settings: [\"1\"],\n }],\n })),\n },\n },\n tags: {\n Name: \"permit HTTP from source\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nips = [\n \"1.1.1.1/32\",\n \"1.0.0.1/32\",\n]\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=50,\n description=\"Permits http traffic from source\",\n name=\"example\",\n type=\"STATEFUL\",\n rule_group={\n \"rules_source\": {\n \"stateful_rules\": [{\n \"action\": \"PASS\",\n \"header\": {\n \"destination\": \"ANY\",\n \"destination_port\": \"ANY\",\n \"protocol\": \"HTTP\",\n \"direction\": \"ANY\",\n \"source_port\": \"ANY\",\n \"source\": entry[\"value\"],\n },\n \"rule_options\": [{\n \"keyword\": \"sid\",\n \"settings\": [\"1\"],\n }],\n } for entry in [{\"key\": k, \"value\": v} for k, v in ips]],\n },\n },\n tags={\n \"Name\": \"permit HTTP from source\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ips = new[]\n {\n \"1.1.1.1/32\",\n \"1.0.0.1/32\",\n };\n\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 50,\n Description = \"Permits http traffic from source\",\n Name = \"example\",\n Type = \"STATEFUL\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n StatefulRules = ips.Select((v, k) =\u003e new { Key = k, Value = v }).Select(entry =\u003e \n {\n return new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleArgs\n {\n Action = \"PASS\",\n Header = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleHeaderArgs\n {\n Destination = \"ANY\",\n DestinationPort = \"ANY\",\n Protocol = \"HTTP\",\n Direction = \"ANY\",\n SourcePort = \"ANY\",\n Source = entry.Value,\n },\n RuleOptions = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleRuleOptionArgs\n {\n Keyword = \"sid\",\n Settings = new[]\n {\n \"1\",\n },\n },\n },\n };\n }).ToList(),\n },\n },\n Tags = \n {\n { \"Name\", \"permit HTTP from source\" },\n },\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stateful Inspection for blocking packets from going to an intended destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 100,\n name: \"example\",\n type: \"STATEFUL\",\n ruleGroup: {\n rulesSource: {\n statefulRules: [{\n action: \"DROP\",\n header: {\n destination: \"124.1.1.24/32\",\n destinationPort: \"53\",\n direction: \"ANY\",\n protocol: \"TCP\",\n source: \"1.2.3.4/32\",\n sourcePort: \"53\",\n },\n ruleOptions: [{\n keyword: \"sid\",\n settings: [\"1\"],\n }],\n }],\n },\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=100,\n name=\"example\",\n type=\"STATEFUL\",\n rule_group={\n \"rules_source\": {\n \"stateful_rules\": [{\n \"action\": \"DROP\",\n \"header\": {\n \"destination\": \"124.1.1.24/32\",\n \"destination_port\": \"53\",\n \"direction\": \"ANY\",\n \"protocol\": \"TCP\",\n \"source\": \"1.2.3.4/32\",\n \"source_port\": \"53\",\n },\n \"rule_options\": [{\n \"keyword\": \"sid\",\n \"settings\": [\"1\"],\n }],\n }],\n },\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 100,\n Name = \"example\",\n Type = \"STATEFUL\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n StatefulRules = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleArgs\n {\n Action = \"DROP\",\n Header = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleHeaderArgs\n {\n Destination = \"124.1.1.24/32\",\n DestinationPort = \"53\",\n Direction = \"ANY\",\n Protocol = \"TCP\",\n Source = \"1.2.3.4/32\",\n SourcePort = \"53\",\n },\n RuleOptions = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatefulRuleRuleOptionArgs\n {\n Keyword = \"sid\",\n Settings = new[]\n {\n \"1\",\n },\n },\n },\n },\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATEFUL\"),\n\t\t\tRuleGroup: \u0026networkfirewall.RuleGroupRuleGroupArgs{\n\t\t\t\tRulesSource: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceArgs{\n\t\t\t\t\tStatefulRules: networkfirewall.RuleGroupRuleGroupRulesSourceStatefulRuleArray{\n\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatefulRuleArgs{\n\t\t\t\t\t\t\tAction: pulumi.String(\"DROP\"),\n\t\t\t\t\t\t\tHeader: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatefulRuleHeaderArgs{\n\t\t\t\t\t\t\t\tDestination: pulumi.String(\"124.1.1.24/32\"),\n\t\t\t\t\t\t\t\tDestinationPort: pulumi.String(\"53\"),\n\t\t\t\t\t\t\t\tDirection: pulumi.String(\"ANY\"),\n\t\t\t\t\t\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\t\t\t\t\t\tSource: pulumi.String(\"1.2.3.4/32\"),\n\t\t\t\t\t\t\t\tSourcePort: pulumi.String(\"53\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tRuleOptions: networkfirewall.RuleGroupRuleGroupRulesSourceStatefulRuleRuleOptionArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatefulRuleRuleOptionArgs{\n\t\t\t\t\t\t\t\t\tKeyword: pulumi.String(\"sid\"),\n\t\t\t\t\t\t\t\t\tSettings: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\tpulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .capacity(100)\n .name(\"example\")\n .type(\"STATEFUL\")\n .ruleGroup(RuleGroupRuleGroupArgs.builder()\n .rulesSource(RuleGroupRuleGroupRulesSourceArgs.builder()\n .statefulRules(RuleGroupRuleGroupRulesSourceStatefulRuleArgs.builder()\n .action(\"DROP\")\n .header(RuleGroupRuleGroupRulesSourceStatefulRuleHeaderArgs.builder()\n .destination(\"124.1.1.24/32\")\n .destinationPort(53)\n .direction(\"ANY\")\n .protocol(\"TCP\")\n .source(\"1.2.3.4/32\")\n .sourcePort(53)\n .build())\n .ruleOptions(RuleGroupRuleGroupRulesSourceStatefulRuleRuleOptionArgs.builder()\n .keyword(\"sid\")\n .settings(\"1\")\n .build())\n .build())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n capacity: 100\n name: example\n type: STATEFUL\n ruleGroup:\n rulesSource:\n statefulRules:\n - action: DROP\n header:\n destination: 124.1.1.24/32\n destinationPort: 53\n direction: ANY\n protocol: TCP\n source: 1.2.3.4/32\n sourcePort: 53\n ruleOptions:\n - keyword: sid\n settings:\n - '1'\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stateful Inspection from rules specifications defined in Suricata flat format\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 100,\n name: \"example\",\n type: \"STATEFUL\",\n rules: std.file({\n input: \"example.rules\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=100,\n name=\"example\",\n type=\"STATEFUL\",\n rules=std.file(input=\"example.rules\").result,\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 100,\n Name = \"example\",\n Type = \"STATEFUL\",\n Rules = Std.File.Invoke(new()\n {\n Input = \"example.rules\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"example.rules\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATEFUL\"),\n\t\t\tRules: pulumi.String(invokeFile.Result),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .capacity(100)\n .name(\"example\")\n .type(\"STATEFUL\")\n .rules(StdFunctions.file(FileArgs.builder()\n .input(\"example.rules\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n capacity: 100\n name: example\n type: STATEFUL\n rules:\n fn::invoke:\n Function: std:file\n Arguments:\n input: example.rules\n Return: result\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stateful Inspection from rule group specifications using rule variables and Suricata format rules\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 100,\n name: \"example\",\n type: \"STATEFUL\",\n ruleGroup: {\n ruleVariables: {\n ipSets: [\n {\n key: \"WEBSERVERS_HOSTS\",\n ipSet: {\n definitions: [\n \"10.0.0.0/16\",\n \"10.0.1.0/24\",\n \"192.168.0.0/16\",\n ],\n },\n },\n {\n key: \"EXTERNAL_HOST\",\n ipSet: {\n definitions: [\"1.2.3.4/32\"],\n },\n },\n ],\n portSets: [{\n key: \"HTTP_PORTS\",\n portSet: {\n definitions: [\n \"443\",\n \"80\",\n ],\n },\n }],\n },\n rulesSource: {\n rulesString: std.file({\n input: \"suricata_rules_file\",\n }).then(invoke =\u003e invoke.result),\n },\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=100,\n name=\"example\",\n type=\"STATEFUL\",\n rule_group={\n \"rule_variables\": {\n \"ip_sets\": [\n {\n \"key\": \"WEBSERVERS_HOSTS\",\n \"ip_set\": {\n \"definitions\": [\n \"10.0.0.0/16\",\n \"10.0.1.0/24\",\n \"192.168.0.0/16\",\n ],\n },\n },\n {\n \"key\": \"EXTERNAL_HOST\",\n \"ip_set\": {\n \"definitions\": [\"1.2.3.4/32\"],\n },\n },\n ],\n \"port_sets\": [{\n \"key\": \"HTTP_PORTS\",\n \"port_set\": {\n \"definitions\": [\n \"443\",\n \"80\",\n ],\n },\n }],\n },\n \"rules_source\": {\n \"rules_string\": std.file(input=\"suricata_rules_file\").result,\n },\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 100,\n Name = \"example\",\n Type = \"STATEFUL\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RuleVariables = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesArgs\n {\n IpSets = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesIpSetArgs\n {\n Key = \"WEBSERVERS_HOSTS\",\n IpSet = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs\n {\n Definitions = new[]\n {\n \"10.0.0.0/16\",\n \"10.0.1.0/24\",\n \"192.168.0.0/16\",\n },\n },\n },\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesIpSetArgs\n {\n Key = \"EXTERNAL_HOST\",\n IpSet = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs\n {\n Definitions = new[]\n {\n \"1.2.3.4/32\",\n },\n },\n },\n },\n PortSets = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesPortSetArgs\n {\n Key = \"HTTP_PORTS\",\n PortSet = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRuleVariablesPortSetPortSetArgs\n {\n Definitions = new[]\n {\n \"443\",\n \"80\",\n },\n },\n },\n },\n },\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n RulesString = Std.File.Invoke(new()\n {\n Input = \"suricata_rules_file\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"suricata_rules_file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATEFUL\"),\n\t\t\tRuleGroup: \u0026networkfirewall.RuleGroupRuleGroupArgs{\n\t\t\t\tRuleVariables: \u0026networkfirewall.RuleGroupRuleGroupRuleVariablesArgs{\n\t\t\t\t\tIpSets: networkfirewall.RuleGroupRuleGroupRuleVariablesIpSetArray{\n\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRuleVariablesIpSetArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"WEBSERVERS_HOSTS\"),\n\t\t\t\t\t\t\tIpSet: \u0026networkfirewall.RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs{\n\t\t\t\t\t\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"10.0.1.0/24\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"192.168.0.0/16\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRuleVariablesIpSetArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"EXTERNAL_HOST\"),\n\t\t\t\t\t\t\tIpSet: \u0026networkfirewall.RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs{\n\t\t\t\t\t\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"1.2.3.4/32\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPortSets: networkfirewall.RuleGroupRuleGroupRuleVariablesPortSetArray{\n\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRuleVariablesPortSetArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"HTTP_PORTS\"),\n\t\t\t\t\t\t\tPortSet: \u0026networkfirewall.RuleGroupRuleGroupRuleVariablesPortSetPortSetArgs{\n\t\t\t\t\t\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"443\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"80\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRulesSource: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceArgs{\n\t\t\t\t\tRulesString: pulumi.String(invokeFile.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRuleVariablesArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .capacity(100)\n .name(\"example\")\n .type(\"STATEFUL\")\n .ruleGroup(RuleGroupRuleGroupArgs.builder()\n .ruleVariables(RuleGroupRuleGroupRuleVariablesArgs.builder()\n .ipSets( \n RuleGroupRuleGroupRuleVariablesIpSetArgs.builder()\n .key(\"WEBSERVERS_HOSTS\")\n .ipSet(RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs.builder()\n .definitions( \n \"10.0.0.0/16\",\n \"10.0.1.0/24\",\n \"192.168.0.0/16\")\n .build())\n .build(),\n RuleGroupRuleGroupRuleVariablesIpSetArgs.builder()\n .key(\"EXTERNAL_HOST\")\n .ipSet(RuleGroupRuleGroupRuleVariablesIpSetIpSetArgs.builder()\n .definitions(\"1.2.3.4/32\")\n .build())\n .build())\n .portSets(RuleGroupRuleGroupRuleVariablesPortSetArgs.builder()\n .key(\"HTTP_PORTS\")\n .portSet(RuleGroupRuleGroupRuleVariablesPortSetPortSetArgs.builder()\n .definitions( \n \"443\",\n \"80\")\n .build())\n .build())\n .build())\n .rulesSource(RuleGroupRuleGroupRulesSourceArgs.builder()\n .rulesString(StdFunctions.file(FileArgs.builder()\n .input(\"suricata_rules_file\")\n .build()).result())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n capacity: 100\n name: example\n type: STATEFUL\n ruleGroup:\n ruleVariables:\n ipSets:\n - key: WEBSERVERS_HOSTS\n ipSet:\n definitions:\n - 10.0.0.0/16\n - 10.0.1.0/24\n - 192.168.0.0/16\n - key: EXTERNAL_HOST\n ipSet:\n definitions:\n - 1.2.3.4/32\n portSets:\n - key: HTTP_PORTS\n portSet:\n definitions:\n - '443'\n - '80'\n rulesSource:\n rulesString:\n fn::invoke:\n Function: std:file\n Arguments:\n input: suricata_rules_file\n Return: result\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stateless Inspection with a Custom Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n description: \"Stateless Rate Limiting Rule\",\n capacity: 100,\n name: \"example\",\n type: \"STATELESS\",\n ruleGroup: {\n rulesSource: {\n statelessRulesAndCustomActions: {\n customActions: [{\n actionDefinition: {\n publishMetricAction: {\n dimensions: [{\n value: \"2\",\n }],\n },\n },\n actionName: \"ExampleMetricsAction\",\n }],\n statelessRules: [{\n priority: 1,\n ruleDefinition: {\n actions: [\n \"aws:pass\",\n \"ExampleMetricsAction\",\n ],\n matchAttributes: {\n sources: [{\n addressDefinition: \"1.2.3.4/32\",\n }],\n sourcePorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n destinations: [{\n addressDefinition: \"124.1.1.5/32\",\n }],\n destinationPorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n protocols: [6],\n tcpFlags: [{\n flags: [\"SYN\"],\n masks: [\n \"SYN\",\n \"ACK\",\n ],\n }],\n },\n },\n }],\n },\n },\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n description=\"Stateless Rate Limiting Rule\",\n capacity=100,\n name=\"example\",\n type=\"STATELESS\",\n rule_group={\n \"rules_source\": {\n \"stateless_rules_and_custom_actions\": {\n \"custom_actions\": [{\n \"action_definition\": {\n \"publish_metric_action\": {\n \"dimensions\": [{\n \"value\": \"2\",\n }],\n },\n },\n \"action_name\": \"ExampleMetricsAction\",\n }],\n \"stateless_rules\": [{\n \"priority\": 1,\n \"rule_definition\": {\n \"actions\": [\n \"aws:pass\",\n \"ExampleMetricsAction\",\n ],\n \"match_attributes\": {\n \"sources\": [{\n \"address_definition\": \"1.2.3.4/32\",\n }],\n \"source_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"destinations\": [{\n \"address_definition\": \"124.1.1.5/32\",\n }],\n \"destination_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"protocols\": [6],\n \"tcp_flags\": [{\n \"flags\": [\"SYN\"],\n \"masks\": [\n \"SYN\",\n \"ACK\",\n ],\n }],\n },\n },\n }],\n },\n },\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Description = \"Stateless Rate Limiting Rule\",\n Capacity = 100,\n Name = \"example\",\n Type = \"STATELESS\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n StatelessRulesAndCustomActions = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsArgs\n {\n CustomActions = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionArgs\n {\n ActionDefinition = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionArgs\n {\n PublishMetricAction = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionArgs\n {\n Dimensions = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimensionArgs\n {\n Value = \"2\",\n },\n },\n },\n },\n ActionName = \"ExampleMetricsAction\",\n },\n },\n StatelessRules = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleArgs\n {\n Priority = 1,\n RuleDefinition = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionArgs\n {\n Actions = new[]\n {\n \"aws:pass\",\n \"ExampleMetricsAction\",\n },\n MatchAttributes = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesArgs\n {\n Sources = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourceArgs\n {\n AddressDefinition = \"1.2.3.4/32\",\n },\n },\n SourcePorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Destinations = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationArgs\n {\n AddressDefinition = \"124.1.1.5/32\",\n },\n },\n DestinationPorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Protocols = new[]\n {\n 6,\n },\n TcpFlags = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlagArgs\n {\n Flags = new[]\n {\n \"SYN\",\n },\n Masks = new[]\n {\n \"SYN\",\n \"ACK\",\n },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tDescription: pulumi.String(\"Stateless Rate Limiting Rule\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATELESS\"),\n\t\t\tRuleGroup: \u0026networkfirewall.RuleGroupRuleGroupArgs{\n\t\t\t\tRulesSource: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceArgs{\n\t\t\t\t\tStatelessRulesAndCustomActions: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsArgs{\n\t\t\t\t\t\tCustomActions: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionArray{\n\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionArgs{\n\t\t\t\t\t\t\t\tActionDefinition: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionArgs{\n\t\t\t\t\t\t\t\t\tPublishMetricAction: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionArgs{\n\t\t\t\t\t\t\t\t\t\tDimensions: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimensionArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimensionArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"2\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tActionName: pulumi.String(\"ExampleMetricsAction\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStatelessRules: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleArray{\n\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleArgs{\n\t\t\t\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\t\t\t\tRuleDefinition: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionArgs{\n\t\t\t\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\tpulumi.String(\"aws:pass\"),\n\t\t\t\t\t\t\t\t\t\tpulumi.String(\"ExampleMetricsAction\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\tMatchAttributes: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesArgs{\n\t\t\t\t\t\t\t\t\t\tSources: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourceArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourceArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"1.2.3.4/32\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tSourcePorts: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePortArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePortArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tDestinations: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"124.1.1.5/32\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tDestinationPorts: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPortArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPortArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tProtocols: pulumi.IntArray{\n\t\t\t\t\t\t\t\t\t\t\tpulumi.Int(6),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTcpFlags: networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlagArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlagArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tFlags: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\tpulumi.String(\"SYN\"),\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tMasks: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\tpulumi.String(\"SYN\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\tpulumi.String(\"ACK\"),\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .description(\"Stateless Rate Limiting Rule\")\n .capacity(100)\n .name(\"example\")\n .type(\"STATELESS\")\n .ruleGroup(RuleGroupRuleGroupArgs.builder()\n .rulesSource(RuleGroupRuleGroupRulesSourceArgs.builder()\n .statelessRulesAndCustomActions(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsArgs.builder()\n .customActions(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionArgs.builder()\n .actionDefinition(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionArgs.builder()\n .publishMetricAction(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionArgs.builder()\n .dimensions(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsCustomActionActionDefinitionPublishMetricActionDimensionArgs.builder()\n .value(\"2\")\n .build())\n .build())\n .build())\n .actionName(\"ExampleMetricsAction\")\n .build())\n .statelessRules(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleArgs.builder()\n .priority(1)\n .ruleDefinition(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionArgs.builder()\n .actions( \n \"aws:pass\",\n \"ExampleMetricsAction\")\n .matchAttributes(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesArgs.builder()\n .sources(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourceArgs.builder()\n .addressDefinition(\"1.2.3.4/32\")\n .build())\n .sourcePorts(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesSourcePortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .destinations(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationArgs.builder()\n .addressDefinition(\"124.1.1.5/32\")\n .build())\n .destinationPorts(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesDestinationPortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .protocols(6)\n .tcpFlags(RuleGroupRuleGroupRulesSourceStatelessRulesAndCustomActionsStatelessRuleRuleDefinitionMatchAttributesTcpFlagArgs.builder()\n .flags(\"SYN\")\n .masks( \n \"SYN\",\n \"ACK\")\n .build())\n .build())\n .build())\n .build())\n .build())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n description: Stateless Rate Limiting Rule\n capacity: 100\n name: example\n type: STATELESS\n ruleGroup:\n rulesSource:\n statelessRulesAndCustomActions:\n customActions:\n - actionDefinition:\n publishMetricAction:\n dimensions:\n - value: '2'\n actionName: ExampleMetricsAction\n statelessRules:\n - priority: 1\n ruleDefinition:\n actions:\n - aws:pass\n - ExampleMetricsAction\n matchAttributes:\n sources:\n - addressDefinition: 1.2.3.4/32\n sourcePorts:\n - fromPort: 443\n toPort: 443\n destinations:\n - addressDefinition: 124.1.1.5/32\n destinationPorts:\n - fromPort: 443\n toPort: 443\n protocols:\n - 6\n tcpFlags:\n - flags:\n - SYN\n masks:\n - SYN\n - ACK\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Set References to the Rule Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.RuleGroup(\"example\", {\n capacity: 100,\n name: \"example\",\n type: \"STATEFUL\",\n ruleGroup: {\n rulesSource: {\n rulesSourceList: {\n generatedRulesType: \"DENYLIST\",\n targetTypes: [\"HTTP_HOST\"],\n targets: [\"test.example.com\"],\n },\n },\n referenceSets: {\n ipSetReferences: [{\n key: \"example\",\n ipSetReferences: [{\n referenceArn: _this.arn,\n }],\n }],\n },\n },\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.RuleGroup(\"example\",\n capacity=100,\n name=\"example\",\n type=\"STATEFUL\",\n rule_group={\n \"rules_source\": {\n \"rules_source_list\": {\n \"generated_rules_type\": \"DENYLIST\",\n \"target_types\": [\"HTTP_HOST\"],\n \"targets\": [\"test.example.com\"],\n },\n },\n \"reference_sets\": {\n \"ip_set_references\": [{\n \"key\": \"example\",\n \"ip_set_references\": [{\n \"reference_arn\": this[\"arn\"],\n }],\n }],\n },\n },\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.RuleGroup(\"example\", new()\n {\n Capacity = 100,\n Name = \"example\",\n Type = \"STATEFUL\",\n RuleGroupConfiguration = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupArgs\n {\n RulesSource = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceArgs\n {\n RulesSourceList = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupRulesSourceRulesSourceListArgs\n {\n GeneratedRulesType = \"DENYLIST\",\n TargetTypes = new[]\n {\n \"HTTP_HOST\",\n },\n Targets = new[]\n {\n \"test.example.com\",\n },\n },\n },\n ReferenceSets = new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupReferenceSetsArgs\n {\n IpSetReferences = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupReferenceSetsIpSetReferenceArgs\n {\n Key = \"example\",\n IpSetReferences = new[]\n {\n new Aws.NetworkFirewall.Inputs.RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReferenceArgs\n {\n ReferenceArn = @this.Arn,\n },\n },\n },\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewRuleGroup(ctx, \"example\", \u0026networkfirewall.RuleGroupArgs{\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"STATEFUL\"),\n\t\t\tRuleGroup: \u0026networkfirewall.RuleGroupRuleGroupArgs{\n\t\t\t\tRulesSource: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceArgs{\n\t\t\t\t\tRulesSourceList: \u0026networkfirewall.RuleGroupRuleGroupRulesSourceRulesSourceListArgs{\n\t\t\t\t\t\tGeneratedRulesType: pulumi.String(\"DENYLIST\"),\n\t\t\t\t\t\tTargetTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HTTP_HOST\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTargets: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"test.example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tReferenceSets: \u0026networkfirewall.RuleGroupRuleGroupReferenceSetsArgs{\n\t\t\t\t\tIpSetReferences: networkfirewall.RuleGroupRuleGroupReferenceSetsIpSetReferenceArray{\n\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupReferenceSetsIpSetReferenceArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"example\"),\n\t\t\t\t\t\t\tIpSetReferences: networkfirewall.RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReferenceArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReferenceArgs{\n\t\t\t\t\t\t\t\t\tReferenceArn: pulumi.Any(this.Arn),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.RuleGroup;\nimport com.pulumi.aws.networkfirewall.RuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupRulesSourceRulesSourceListArgs;\nimport com.pulumi.aws.networkfirewall.inputs.RuleGroupRuleGroupReferenceSetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .capacity(100)\n .name(\"example\")\n .type(\"STATEFUL\")\n .ruleGroup(RuleGroupRuleGroupArgs.builder()\n .rulesSource(RuleGroupRuleGroupRulesSourceArgs.builder()\n .rulesSourceList(RuleGroupRuleGroupRulesSourceRulesSourceListArgs.builder()\n .generatedRulesType(\"DENYLIST\")\n .targetTypes(\"HTTP_HOST\")\n .targets(\"test.example.com\")\n .build())\n .build())\n .referenceSets(RuleGroupRuleGroupReferenceSetsArgs.builder()\n .ipSetReferences(RuleGroupRuleGroupReferenceSetsIpSetReferenceArgs.builder()\n .key(\"example\")\n .ipSetReferences(RuleGroupRuleGroupReferenceSetsIpSetReferenceIpSetReferenceArgs.builder()\n .referenceArn(this_.arn())\n .build())\n .build())\n .build())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:RuleGroup\n properties:\n capacity: 100\n name: example\n type: STATEFUL\n ruleGroup:\n rulesSource:\n rulesSourceList:\n generatedRulesType: DENYLIST\n targetTypes:\n - HTTP_HOST\n targets:\n - test.example.com\n referenceSets:\n ipSetReferences:\n - key: example\n ipSetReferences:\n - referenceArn: ${this.arn}\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Rule Groups using their `arn`. For example:\n\n```sh\n$ pulumi import aws:networkfirewall/ruleGroup:RuleGroup example arn:aws:network-firewall:us-west-1:123456789012:stateful-rulegroup/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the rule group.\n" }, "capacity": { "type": "integer", "description": "The maximum number of operating resources that this rule group can use. For a stateless rule group, the capacity required is the sum of the capacity requirements of the individual rules. For a stateful rule group, the minimum capacity required is the number of individual rules.\n" }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/RuleGroupEncryptionConfiguration:RuleGroupEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "ruleGroup": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroup:RuleGroupRuleGroup", "description": "A configuration block that defines the rule group rules. Required unless `rules` is specified. See Rule Group below for details.\n", "language": { "csharp": { "name": "RuleGroupConfiguration" } } }, "rules": { "type": "string", "description": "The stateful rule group rules specifications in Suricata file format, with one rule per line. Use this to import your existing Suricata compatible rule groups. Required unless `rule_group` is specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Whether the rule group is stateless (containing stateless rules) or stateful (containing stateful rules). Valid values include: `STATEFUL` or `STATELESS`.\n" }, "updateToken": { "type": "string", "description": "A string token used when updating the rule group.\n" } }, "required": [ "arn", "capacity", "name", "ruleGroup", "tagsAll", "type", "updateToken" ], "inputProperties": { "capacity": { "type": "integer", "description": "The maximum number of operating resources that this rule group can use. For a stateless rule group, the capacity required is the sum of the capacity requirements of the individual rules. For a stateful rule group, the minimum capacity required is the number of individual rules.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/RuleGroupEncryptionConfiguration:RuleGroupEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n", "willReplaceOnChanges": true }, "ruleGroup": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroup:RuleGroupRuleGroup", "description": "A configuration block that defines the rule group rules. Required unless `rules` is specified. See Rule Group below for details.\n", "language": { "csharp": { "name": "RuleGroupConfiguration" } } }, "rules": { "type": "string", "description": "The stateful rule group rules specifications in Suricata file format, with one rule per line. Use this to import your existing Suricata compatible rule groups. Required unless `rule_group` is specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Whether the rule group is stateless (containing stateless rules) or stateful (containing stateful rules). Valid values include: `STATEFUL` or `STATELESS`.\n" } }, "requiredInputs": [ "capacity", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the rule group.\n" }, "capacity": { "type": "integer", "description": "The maximum number of operating resources that this rule group can use. For a stateless rule group, the capacity required is the sum of the capacity requirements of the individual rules. For a stateful rule group, the minimum capacity required is the number of individual rules.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "encryptionConfiguration": { "$ref": "#/types/aws:networkfirewall/RuleGroupEncryptionConfiguration:RuleGroupEncryptionConfiguration", "description": "KMS encryption configuration settings. See Encryption Configuration below for details.\n" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n", "willReplaceOnChanges": true }, "ruleGroup": { "$ref": "#/types/aws:networkfirewall/RuleGroupRuleGroup:RuleGroupRuleGroup", "description": "A configuration block that defines the rule group rules. Required unless `rules` is specified. See Rule Group below for details.\n", "language": { "csharp": { "name": "RuleGroupConfiguration" } } }, "rules": { "type": "string", "description": "The stateful rule group rules specifications in Suricata file format, with one rule per line. Use this to import your existing Suricata compatible rule groups. Required unless `rule_group` is specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Whether the rule group is stateless (containing stateless rules) or stateful (containing stateful rules). Valid values include: `STATEFUL` or `STATELESS`.\n" }, "updateToken": { "type": "string", "description": "A string token used when updating the rule group.\n" } }, "type": "object" } }, "aws:networkfirewall/tlsInspectionConfiguration:TlsInspectionConfiguration": { "description": "Resource for managing an AWS Network Firewall TLS Inspection Configuration.\n\n## Example Usage\n\n\u003e **NOTE:** You must configure either inbound inspection, outbound inspection, or both.\n\n### Basic inbound/ingress inspection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.TlsInspectionConfiguration(\"example\", {\n name: \"example\",\n description: \"example\",\n encryptionConfigurations: [{\n keyId: \"AWS_OWNED_KMS_KEY\",\n type: \"AWS_OWNED_KMS_KEY\",\n }],\n tlsInspectionConfiguration: {\n serverCertificateConfiguration: {\n serverCertificates: [{\n resourceArn: example1.arn,\n }],\n scopes: [{\n protocols: [6],\n destinationPorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n destinations: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n sourcePorts: [{\n fromPort: 0,\n toPort: 65535,\n }],\n sources: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.TlsInspectionConfiguration(\"example\",\n name=\"example\",\n description=\"example\",\n encryption_configurations=[{\n \"key_id\": \"AWS_OWNED_KMS_KEY\",\n \"type\": \"AWS_OWNED_KMS_KEY\",\n }],\n tls_inspection_configuration={\n \"server_certificate_configuration\": {\n \"server_certificates\": [{\n \"resource_arn\": example1[\"arn\"],\n }],\n \"scopes\": [{\n \"protocols\": [6],\n \"destination_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"destinations\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n \"source_ports\": [{\n \"from_port\": 0,\n \"to_port\": 65535,\n }],\n \"sources\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.TlsInspectionConfiguration(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n EncryptionConfigurations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs\n {\n KeyId = \"AWS_OWNED_KMS_KEY\",\n Type = \"AWS_OWNED_KMS_KEY\",\n },\n },\n TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs\n {\n ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs\n {\n ServerCertificates = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs\n {\n ResourceArn = example1.Arn,\n },\n },\n Scopes = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs\n {\n Protocols = new[]\n {\n 6,\n },\n DestinationPorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Destinations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n SourcePorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs\n {\n FromPort = 0,\n ToPort = 65535,\n },\n },\n Sources = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, \"example\", \u0026networkfirewall.TlsInspectionConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tEncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{\n\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\tKeyId: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t\tType: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTlsInspectionConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{\n\t\t\t\tServerCertificateConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{\n\t\t\t\t\tServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{\n\t\t\t\t\t\t\tResourceArn: pulumi.Any(example1.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tScopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{\n\t\t\t\t\t\t\tProtocols: pulumi.IntArray{\n\t\t\t\t\t\t\t\tpulumi.Int(6),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(65535),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TlsInspectionConfiguration(\"example\", TlsInspectionConfigurationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()\n .keyId(\"AWS_OWNED_KMS_KEY\")\n .type(\"AWS_OWNED_KMS_KEY\")\n .build())\n .tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()\n .serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()\n .serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()\n .resourceArn(example1.arn())\n .build())\n .scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()\n .protocols(6)\n .destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()\n .fromPort(0)\n .toPort(65535)\n .build())\n .sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:TlsInspectionConfiguration\n properties:\n name: example\n description: example\n encryptionConfigurations:\n - keyId: AWS_OWNED_KMS_KEY\n type: AWS_OWNED_KMS_KEY\n tlsInspectionConfiguration:\n serverCertificateConfiguration:\n serverCertificates:\n - resourceArn: ${example1.arn}\n scopes:\n - protocols:\n - 6\n destinationPorts:\n - fromPort: 443\n toPort: 443\n destinations:\n - addressDefinition: 0.0.0.0/0\n sourcePorts:\n - fromPort: 0\n toPort: 65535\n sources:\n - addressDefinition: 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic outbound/engress inspection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.TlsInspectionConfiguration(\"example\", {\n name: \"example\",\n description: \"example\",\n encryptionConfigurations: [{\n keyId: \"AWS_OWNED_KMS_KEY\",\n type: \"AWS_OWNED_KMS_KEY\",\n }],\n tlsInspectionConfiguration: {\n serverCertificateConfiguration: {\n certificateAuthorityArn: example1.arn,\n checkCertificateRevocationStatus: {\n revokedStatusAction: \"REJECT\",\n unknownStatusAction: \"PASS\",\n },\n scopes: [{\n protocols: [6],\n destinationPorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n destinations: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n sourcePorts: [{\n fromPort: 0,\n toPort: 65535,\n }],\n sources: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.TlsInspectionConfiguration(\"example\",\n name=\"example\",\n description=\"example\",\n encryption_configurations=[{\n \"key_id\": \"AWS_OWNED_KMS_KEY\",\n \"type\": \"AWS_OWNED_KMS_KEY\",\n }],\n tls_inspection_configuration={\n \"server_certificate_configuration\": {\n \"certificate_authority_arn\": example1[\"arn\"],\n \"check_certificate_revocation_status\": {\n \"revoked_status_action\": \"REJECT\",\n \"unknown_status_action\": \"PASS\",\n },\n \"scopes\": [{\n \"protocols\": [6],\n \"destination_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"destinations\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n \"source_ports\": [{\n \"from_port\": 0,\n \"to_port\": 65535,\n }],\n \"sources\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.TlsInspectionConfiguration(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n EncryptionConfigurations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs\n {\n KeyId = \"AWS_OWNED_KMS_KEY\",\n Type = \"AWS_OWNED_KMS_KEY\",\n },\n },\n TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs\n {\n ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs\n {\n CertificateAuthorityArn = example1.Arn,\n CheckCertificateRevocationStatus = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs\n {\n RevokedStatusAction = \"REJECT\",\n UnknownStatusAction = \"PASS\",\n },\n Scopes = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs\n {\n Protocols = new[]\n {\n 6,\n },\n DestinationPorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Destinations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n SourcePorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs\n {\n FromPort = 0,\n ToPort = 65535,\n },\n },\n Sources = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, \"example\", \u0026networkfirewall.TlsInspectionConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tEncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{\n\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\tKeyId: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t\tType: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTlsInspectionConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{\n\t\t\t\tServerCertificateConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{\n\t\t\t\t\tCertificateAuthorityArn: pulumi.Any(example1.Arn),\n\t\t\t\t\tCheckCertificateRevocationStatus: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs{\n\t\t\t\t\t\tRevokedStatusAction: pulumi.String(\"REJECT\"),\n\t\t\t\t\t\tUnknownStatusAction: pulumi.String(\"PASS\"),\n\t\t\t\t\t},\n\t\t\t\t\tScopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{\n\t\t\t\t\t\t\tProtocols: pulumi.IntArray{\n\t\t\t\t\t\t\t\tpulumi.Int(6),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(65535),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TlsInspectionConfiguration(\"example\", TlsInspectionConfigurationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()\n .keyId(\"AWS_OWNED_KMS_KEY\")\n .type(\"AWS_OWNED_KMS_KEY\")\n .build())\n .tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()\n .serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()\n .certificateAuthorityArn(example1.arn())\n .checkCertificateRevocationStatus(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs.builder()\n .revokedStatusAction(\"REJECT\")\n .unknownStatusAction(\"PASS\")\n .build())\n .scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()\n .protocols(6)\n .destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()\n .fromPort(0)\n .toPort(65535)\n .build())\n .sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:TlsInspectionConfiguration\n properties:\n name: example\n description: example\n encryptionConfigurations:\n - keyId: AWS_OWNED_KMS_KEY\n type: AWS_OWNED_KMS_KEY\n tlsInspectionConfiguration:\n serverCertificateConfiguration:\n certificateAuthorityArn: ${example1.arn}\n checkCertificateRevocationStatus:\n revokedStatusAction: REJECT\n unknownStatusAction: PASS\n scopes:\n - protocols:\n - 6\n destinationPorts:\n - fromPort: 443\n toPort: 443\n destinations:\n - addressDefinition: 0.0.0.0/0\n sourcePorts:\n - fromPort: 0\n toPort: 65535\n sources:\n - addressDefinition: 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Inbound with encryption configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 7,\n});\nconst exampleTlsInspectionConfiguration = new aws.networkfirewall.TlsInspectionConfiguration(\"example\", {\n name: \"example\",\n description: \"example\",\n encryptionConfigurations: [{\n keyId: example.arn,\n type: \"CUSTOMER_KMS\",\n }],\n tlsInspectionConfiguration: {\n serverCertificateConfiguration: {\n serverCertificates: [{\n resourceArn: example1.arn,\n }],\n scopes: [{\n protocols: [6],\n destinationPorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n destinations: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n sourcePorts: [{\n fromPort: 0,\n toPort: 65535,\n }],\n sources: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=7)\nexample_tls_inspection_configuration = aws.networkfirewall.TlsInspectionConfiguration(\"example\",\n name=\"example\",\n description=\"example\",\n encryption_configurations=[{\n \"key_id\": example.arn,\n \"type\": \"CUSTOMER_KMS\",\n }],\n tls_inspection_configuration={\n \"server_certificate_configuration\": {\n \"server_certificates\": [{\n \"resource_arn\": example1[\"arn\"],\n }],\n \"scopes\": [{\n \"protocols\": [6],\n \"destination_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"destinations\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n \"source_ports\": [{\n \"from_port\": 0,\n \"to_port\": 65535,\n }],\n \"sources\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 7,\n });\n\n var exampleTlsInspectionConfiguration = new Aws.NetworkFirewall.TlsInspectionConfiguration(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n EncryptionConfigurations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs\n {\n KeyId = example.Arn,\n Type = \"CUSTOMER_KMS\",\n },\n },\n TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs\n {\n ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs\n {\n ServerCertificates = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs\n {\n ResourceArn = example1.Arn,\n },\n },\n Scopes = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs\n {\n Protocols = new[]\n {\n 6,\n },\n DestinationPorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Destinations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n SourcePorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs\n {\n FromPort = 0,\n ToPort = 65535,\n },\n },\n Sources = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkfirewall.NewTlsInspectionConfiguration(ctx, \"example\", \u0026networkfirewall.TlsInspectionConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tEncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{\n\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\tKeyId: example.Arn,\n\t\t\t\t\tType: pulumi.String(\"CUSTOMER_KMS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTlsInspectionConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{\n\t\t\t\tServerCertificateConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{\n\t\t\t\t\tServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{\n\t\t\t\t\t\t\tResourceArn: pulumi.Any(example1.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tScopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{\n\t\t\t\t\t\t\tProtocols: pulumi.IntArray{\n\t\t\t\t\t\t\t\tpulumi.Int(6),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(65535),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleTlsInspectionConfiguration = new TlsInspectionConfiguration(\"exampleTlsInspectionConfiguration\", TlsInspectionConfigurationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()\n .keyId(example.arn())\n .type(\"CUSTOMER_KMS\")\n .build())\n .tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()\n .serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()\n .serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()\n .resourceArn(example1.arn())\n .build())\n .scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()\n .protocols(6)\n .destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()\n .fromPort(0)\n .toPort(65535)\n .build())\n .sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n deletionWindowInDays: 7\n exampleTlsInspectionConfiguration:\n type: aws:networkfirewall:TlsInspectionConfiguration\n name: example\n properties:\n name: example\n description: example\n encryptionConfigurations:\n - keyId: ${example.arn}\n type: CUSTOMER_KMS\n tlsInspectionConfiguration:\n serverCertificateConfiguration:\n serverCertificates:\n - resourceArn: ${example1.arn}\n scopes:\n - protocols:\n - 6\n destinationPorts:\n - fromPort: 443\n toPort: 443\n destinations:\n - addressDefinition: 0.0.0.0/0\n sourcePorts:\n - fromPort: 0\n toPort: 65535\n sources:\n - addressDefinition: 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Outbound with encryption configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"example\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleTlsInspectionConfiguration = new TlsInspectionConfiguration(\"exampleTlsInspectionConfiguration\", TlsInspectionConfigurationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()\n .keyId(example.arn())\n .type(\"CUSTOMER_KMS\")\n .build())\n .tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()\n .serverCertificateConfigurations(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n deletionWindowInDays: 7\n exampleTlsInspectionConfiguration:\n type: aws:networkfirewall:TlsInspectionConfiguration\n name: example\n properties:\n name: example\n description: example\n encryptionConfigurations:\n - keyId: ${example.arn}\n type: CUSTOMER_KMS\n tlsInspectionConfiguration:\n serverCertificateConfigurations:\n - certificateAuthorityArn: ${example1.arn}\n checkCertificateRevocationStatus:\n - revokedStatusAction: REJECT\n unknownStatusAction: PASS\n scope:\n - protocols:\n - 6\n destinationPorts:\n - fromPort: 443\n toPort: 443\n destination:\n - addressDefinition: 0.0.0.0/0\n sourcePorts:\n - fromPort: 0\n toPort: 65535\n source:\n - addressDefinition: 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Combined inbound and outbound\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.TlsInspectionConfiguration(\"example\", {\n name: \"example\",\n description: \"example\",\n encryptionConfigurations: [{\n keyId: \"AWS_OWNED_KMS_KEY\",\n type: \"AWS_OWNED_KMS_KEY\",\n }],\n tlsInspectionConfiguration: {\n serverCertificateConfiguration: {\n certificateAuthorityArn: example1.arn,\n checkCertificateRevocationStatus: {\n revokedStatusAction: \"REJECT\",\n unknownStatusAction: \"PASS\",\n },\n serverCertificates: [{\n resourceArn: example2.arn,\n }],\n scopes: [{\n protocols: [6],\n destinationPorts: [{\n fromPort: 443,\n toPort: 443,\n }],\n destinations: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n sourcePorts: [{\n fromPort: 0,\n toPort: 65535,\n }],\n sources: [{\n addressDefinition: \"0.0.0.0/0\",\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.TlsInspectionConfiguration(\"example\",\n name=\"example\",\n description=\"example\",\n encryption_configurations=[{\n \"key_id\": \"AWS_OWNED_KMS_KEY\",\n \"type\": \"AWS_OWNED_KMS_KEY\",\n }],\n tls_inspection_configuration={\n \"server_certificate_configuration\": {\n \"certificate_authority_arn\": example1[\"arn\"],\n \"check_certificate_revocation_status\": {\n \"revoked_status_action\": \"REJECT\",\n \"unknown_status_action\": \"PASS\",\n },\n \"server_certificates\": [{\n \"resource_arn\": example2[\"arn\"],\n }],\n \"scopes\": [{\n \"protocols\": [6],\n \"destination_ports\": [{\n \"from_port\": 443,\n \"to_port\": 443,\n }],\n \"destinations\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n \"source_ports\": [{\n \"from_port\": 0,\n \"to_port\": 65535,\n }],\n \"sources\": [{\n \"address_definition\": \"0.0.0.0/0\",\n }],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.TlsInspectionConfiguration(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n EncryptionConfigurations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs\n {\n KeyId = \"AWS_OWNED_KMS_KEY\",\n Type = \"AWS_OWNED_KMS_KEY\",\n },\n },\n TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs\n {\n ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs\n {\n CertificateAuthorityArn = example1.Arn,\n CheckCertificateRevocationStatus = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs\n {\n RevokedStatusAction = \"REJECT\",\n UnknownStatusAction = \"PASS\",\n },\n ServerCertificates = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs\n {\n ResourceArn = example2.Arn,\n },\n },\n Scopes = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs\n {\n Protocols = new[]\n {\n 6,\n },\n DestinationPorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs\n {\n FromPort = 443,\n ToPort = 443,\n },\n },\n Destinations = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n SourcePorts = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs\n {\n FromPort = 0,\n ToPort = 65535,\n },\n },\n Sources = new[]\n {\n new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs\n {\n AddressDefinition = \"0.0.0.0/0\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, \"example\", \u0026networkfirewall.TlsInspectionConfigurationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tEncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{\n\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\tKeyId: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t\tType: pulumi.String(\"AWS_OWNED_KMS_KEY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTlsInspectionConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{\n\t\t\t\tServerCertificateConfiguration: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{\n\t\t\t\t\tCertificateAuthorityArn: pulumi.Any(example1.Arn),\n\t\t\t\t\tCheckCertificateRevocationStatus: \u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs{\n\t\t\t\t\t\tRevokedStatusAction: pulumi.String(\"REJECT\"),\n\t\t\t\t\t\tUnknownStatusAction: pulumi.String(\"PASS\"),\n\t\t\t\t\t},\n\t\t\t\t\tServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{\n\t\t\t\t\t\t\tResourceArn: pulumi.Any(example2.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tScopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{\n\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{\n\t\t\t\t\t\t\tProtocols: pulumi.IntArray{\n\t\t\t\t\t\t\t\tpulumi.Int(6),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDestinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{\n\t\t\t\t\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\t\t\t\t\tToPort: pulumi.Int(65535),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tSources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{\n\t\t\t\t\t\t\t\t\u0026networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{\n\t\t\t\t\t\t\t\t\tAddressDefinition: pulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;\nimport com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;\nimport com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TlsInspectionConfiguration(\"example\", TlsInspectionConfigurationArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()\n .keyId(\"AWS_OWNED_KMS_KEY\")\n .type(\"AWS_OWNED_KMS_KEY\")\n .build())\n .tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()\n .serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()\n .certificateAuthorityArn(example1.arn())\n .checkCertificateRevocationStatus(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs.builder()\n .revokedStatusAction(\"REJECT\")\n .unknownStatusAction(\"PASS\")\n .build())\n .serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()\n .resourceArn(example2.arn())\n .build())\n .scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()\n .protocols(6)\n .destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()\n .fromPort(443)\n .toPort(443)\n .build())\n .destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()\n .fromPort(0)\n .toPort(65535)\n .build())\n .sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()\n .addressDefinition(\"0.0.0.0/0\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:TlsInspectionConfiguration\n properties:\n name: example\n description: example\n encryptionConfigurations:\n - keyId: AWS_OWNED_KMS_KEY\n type: AWS_OWNED_KMS_KEY\n tlsInspectionConfiguration:\n serverCertificateConfiguration:\n certificateAuthorityArn: ${example1.arn}\n checkCertificateRevocationStatus:\n revokedStatusAction: REJECT\n unknownStatusAction: PASS\n serverCertificates:\n - resourceArn: ${example2.arn}\n scopes:\n - protocols:\n - 6\n destinationPorts:\n - fromPort: 443\n toPort: 443\n destinations:\n - addressDefinition: 0.0.0.0/0\n sourcePorts:\n - fromPort: 0\n toPort: 65535\n sources:\n - addressDefinition: 0.0.0.0/0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall TLS Inspection Configuration using the `arn`. For example:\n\n```sh\n$ pulumi import aws:networkfirewall/tlsInspectionConfiguration:TlsInspectionConfiguration example arn:aws:network-firewall::\u003cregion\u003e:\u003caccount_id\u003e:tls-configuration/example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the TLS Inspection Configuration.\n" }, "certificateAuthorities": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationCertificateAuthority:TlsInspectionConfigurationCertificateAuthority" }, "description": "Certificate Manager certificate block. See Certificate Authority below for details.\n" }, "certificates": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationCertificate:TlsInspectionConfigurationCertificate" }, "description": "List of certificate blocks describing certificates associated with the TLS inspection configuration. See Certificates below for details.\n" }, "description": { "type": "string", "description": "Description of the TLS inspection configuration.\n" }, "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationEncryptionConfiguration:TlsInspectionConfigurationEncryptionConfiguration" }, "description": "Encryption configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Descriptive name of the TLS inspection configuration.\n" }, "numberOfAssociations": { "type": "integer", "description": "Number of firewall policies that use this TLS inspection configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTimeouts:TlsInspectionConfigurationTimeouts" }, "tlsInspectionConfiguration": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfiguration:TlsInspectionConfigurationTlsInspectionConfiguration", "description": "TLS inspection configuration block. Detailed below.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "TlsInspectionConfig" } } }, "tlsInspectionConfigurationId": { "type": "string", "description": "A unique identifier for the TLS inspection configuration.\n" }, "updateToken": { "type": "string", "description": "String token used when updating the rule group.\n" } }, "required": [ "arn", "certificateAuthorities", "certificates", "encryptionConfigurations", "name", "numberOfAssociations", "tagsAll", "tlsInspectionConfigurationId", "updateToken" ], "inputProperties": { "description": { "type": "string", "description": "Description of the TLS inspection configuration.\n" }, "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationEncryptionConfiguration:TlsInspectionConfigurationEncryptionConfiguration" }, "description": "Encryption configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Descriptive name of the TLS inspection configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "timeouts": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTimeouts:TlsInspectionConfigurationTimeouts" }, "tlsInspectionConfiguration": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfiguration:TlsInspectionConfigurationTlsInspectionConfiguration", "description": "TLS inspection configuration block. Detailed below.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "TlsInspectionConfig" } } } }, "stateInputs": { "description": "Input properties used for looking up and filtering TlsInspectionConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the TLS Inspection Configuration.\n" }, "certificateAuthorities": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationCertificateAuthority:TlsInspectionConfigurationCertificateAuthority" }, "description": "Certificate Manager certificate block. See Certificate Authority below for details.\n" }, "certificates": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationCertificate:TlsInspectionConfigurationCertificate" }, "description": "List of certificate blocks describing certificates associated with the TLS inspection configuration. See Certificates below for details.\n" }, "description": { "type": "string", "description": "Description of the TLS inspection configuration.\n" }, "encryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationEncryptionConfiguration:TlsInspectionConfigurationEncryptionConfiguration" }, "description": "Encryption configuration block. Detailed below.\n" }, "name": { "type": "string", "description": "Descriptive name of the TLS inspection configuration.\n" }, "numberOfAssociations": { "type": "integer", "description": "Number of firewall policies that use this TLS inspection configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTimeouts:TlsInspectionConfigurationTimeouts" }, "tlsInspectionConfiguration": { "$ref": "#/types/aws:networkfirewall/TlsInspectionConfigurationTlsInspectionConfiguration:TlsInspectionConfigurationTlsInspectionConfiguration", "description": "TLS inspection configuration block. Detailed below.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "TlsInspectionConfig" } } }, "tlsInspectionConfigurationId": { "type": "string", "description": "A unique identifier for the TLS inspection configuration.\n" }, "updateToken": { "type": "string", "description": "String token used when updating the rule group.\n" } }, "type": "object" } }, "aws:networkmanager/attachmentAccepter:AttachmentAccepter": { "description": "Resource for managing an AWS Network Manager Attachment Accepter.\n\n## Example Usage\n\n### Example with VPC attachment\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.networkmanager.AttachmentAccepter(\"test\", {\n attachmentId: vpc.id,\n attachmentType: vpc.attachmentType,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.networkmanager.AttachmentAccepter(\"test\",\n attachment_id=vpc[\"id\"],\n attachment_type=vpc[\"attachmentType\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.NetworkManager.AttachmentAccepter(\"test\", new()\n {\n AttachmentId = vpc.Id,\n AttachmentType = vpc.AttachmentType,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewAttachmentAccepter(ctx, \"test\", \u0026networkmanager.AttachmentAccepterArgs{\n\t\t\tAttachmentId: pulumi.Any(vpc.Id),\n\t\t\tAttachmentType: pulumi.Any(vpc.AttachmentType),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AttachmentAccepter(\"test\", AttachmentAccepterArgs.builder()\n .attachmentId(vpc.id())\n .attachmentType(vpc.attachmentType())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:networkmanager:AttachmentAccepter\n properties:\n attachmentId: ${vpc.id}\n attachmentType: ${vpc.attachmentType}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with site-to-site VPN attachment\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.networkmanager.AttachmentAccepter(\"test\", {\n attachmentId: vpn.id,\n attachmentType: vpn.attachmentType,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.networkmanager.AttachmentAccepter(\"test\",\n attachment_id=vpn[\"id\"],\n attachment_type=vpn[\"attachmentType\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.NetworkManager.AttachmentAccepter(\"test\", new()\n {\n AttachmentId = vpn.Id,\n AttachmentType = vpn.AttachmentType,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewAttachmentAccepter(ctx, \"test\", \u0026networkmanager.AttachmentAccepterArgs{\n\t\t\tAttachmentId: pulumi.Any(vpn.Id),\n\t\t\tAttachmentType: pulumi.Any(vpn.AttachmentType),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AttachmentAccepter(\"test\", AttachmentAccepterArgs.builder()\n .attachmentId(vpn.id())\n .attachmentType(vpn.attachmentType())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:networkmanager:AttachmentAccepter\n properties:\n attachmentId: ${vpn.id}\n attachmentType: ${vpn.attachmentType}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "attachmentId": { "type": "string", "description": "The ID of the attachment.\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment. Valid values can be found in the [AWS Documentation](https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListAttachments.html#API_ListAttachments_RequestSyntax)\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The id of a core network.\n" }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" } }, "required": [ "attachmentId", "attachmentPolicyRuleNumber", "attachmentType", "coreNetworkArn", "coreNetworkId", "edgeLocation", "ownerAccountId", "resourceArn", "segmentName", "state" ], "inputProperties": { "attachmentId": { "type": "string", "description": "The ID of the attachment.\n", "willReplaceOnChanges": true }, "attachmentType": { "type": "string", "description": "The type of attachment. Valid values can be found in the [AWS Documentation](https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListAttachments.html#API_ListAttachments_RequestSyntax)\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "attachmentId", "attachmentType" ], "stateInputs": { "description": "Input properties used for looking up and filtering AttachmentAccepter resources.\n", "properties": { "attachmentId": { "type": "string", "description": "The ID of the attachment.\n", "willReplaceOnChanges": true }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment. Valid values can be found in the [AWS Documentation](https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListAttachments.html#API_ListAttachments_RequestSyntax)\n", "willReplaceOnChanges": true }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The id of a core network.\n" }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" } }, "type": "object" } }, "aws:networkmanager/connectAttachment:ConnectAttachment": { "description": "Resource for managing an AWS Network Manager ConnectAttachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options={\n \"protocol\": \"GRE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n}, {\n dependsOn: [test],\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options={\n \"protocol\": \"GRE\",\n },\n opts = pulumi.ResourceOptions(depends_on=[test]))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test,\n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest,\n}))\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder()\n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder()\n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectAttachment:ConnectAttachment example attachment-0f8fa60d2238d1bd8\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentId": { "type": "string" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network where you want to create the attachment.\n" }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "options": { "$ref": "#/types/aws:networkmanager/ConnectAttachmentOptions:ConnectAttachmentOptions", "description": "Options block. See options for more information.\n\nThe following arguments are optional:\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transportAttachmentId": { "type": "string", "description": "The ID of the attachment between the two connections.\n" } }, "required": [ "arn", "attachmentId", "attachmentPolicyRuleNumber", "attachmentType", "coreNetworkArn", "coreNetworkId", "edgeLocation", "options", "ownerAccountId", "resourceArn", "segmentName", "state", "tagsAll", "transportAttachmentId" ], "inputProperties": { "coreNetworkId": { "type": "string", "description": "The ID of a core network where you want to create the attachment.\n", "willReplaceOnChanges": true }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n", "willReplaceOnChanges": true }, "options": { "$ref": "#/types/aws:networkmanager/ConnectAttachmentOptions:ConnectAttachmentOptions", "description": "Options block. See options for more information.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transportAttachmentId": { "type": "string", "description": "The ID of the attachment between the two connections.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "coreNetworkId", "edgeLocation", "options", "transportAttachmentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectAttachment resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentId": { "type": "string" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network where you want to create the attachment.\n", "willReplaceOnChanges": true }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n", "willReplaceOnChanges": true }, "options": { "$ref": "#/types/aws:networkmanager/ConnectAttachmentOptions:ConnectAttachmentOptions", "description": "Options block. See options for more information.\n\nThe following arguments are optional:\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transportAttachmentId": { "type": "string", "description": "The ID of the attachment between the two connections.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/connectPeer:ConnectPeer": { "description": "Resource for managing an AWS Network Manager Connect Peer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options={\n \"protocol\": \"GRE\",\n })\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options={\n \"peer_asn\": 65000,\n },\n inside_cidr_blocks=[\"172.16.0.0/16\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder()\n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n}, {\n dependsOn: [test],\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65500,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n}, {\n dependsOn: [example2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options={\n \"protocol\": \"GRE\",\n },\n opts = pulumi.ResourceOptions(depends_on=[test]))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options={\n \"peer_asn\": 65500,\n },\n inside_cidr_blocks=[\"172.16.0.0/16\"],\n opts = pulumi.ResourceOptions(depends_on=[example2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test,\n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65500,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest,\n}))\nif err != nil {\nreturn err\n}\nexample2, err := networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65500),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexample2,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder()\n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder()\n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder()\n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65500)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example2)\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with a Tunnel-less Connect attachment\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"NO_ENCAP\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n subnetArn: test2.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options={\n \"protocol\": \"NO_ENCAP\",\n })\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options={\n \"peer_asn\": 65000,\n },\n subnet_arn=test2[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"NO_ENCAP\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n SubnetArn = test2.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"NO_ENCAP\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nSubnetArn: pulumi.Any(test2.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"NO_ENCAP\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder()\n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .subnetArn(test2.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_peer` using the connect peer ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectPeer:ConnectPeer example connect-peer-061f3e96275db1acc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "bgpOptions": { "$ref": "#/types/aws:networkmanager/ConnectPeerBgpOptions:ConnectPeerBgpOptions", "description": "The Connect peer BGP options.\n" }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/ConnectPeerConfiguration:ConnectPeerConfiguration" }, "description": "The configuration of the Connect peer.\n" }, "connectAttachmentId": { "type": "string", "description": "The ID of the connection attachment.\n" }, "connectPeerId": { "type": "string" }, "coreNetworkAddress": { "type": "string", "description": "A Connect peer core network address.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network.\n" }, "createdAt": { "type": "string" }, "edgeLocation": { "type": "string", "description": "The Region where the peer is located.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The inside IP addresses used for BGP peering. Required when the Connect attachment protocol is `GRE`. See `aws.networkmanager.ConnectAttachment` for details.\n" }, "peerAddress": { "type": "string", "description": "The Connect peer address.\n\nThe following arguments are optional:\n" }, "state": { "type": "string", "description": "The state of the Connect peer.\n" }, "subnetArn": { "type": "string", "description": "The subnet ARN for the Connect peer. Required when the Connect attachment protocol is `NO_ENCAP`. See `aws.networkmanager.ConnectAttachment` for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "configurations", "connectAttachmentId", "connectPeerId", "coreNetworkId", "createdAt", "edgeLocation", "peerAddress", "state", "tagsAll" ], "inputProperties": { "bgpOptions": { "$ref": "#/types/aws:networkmanager/ConnectPeerBgpOptions:ConnectPeerBgpOptions", "description": "The Connect peer BGP options.\n", "willReplaceOnChanges": true }, "connectAttachmentId": { "type": "string", "description": "The ID of the connection attachment.\n", "willReplaceOnChanges": true }, "coreNetworkAddress": { "type": "string", "description": "A Connect peer core network address.\n", "willReplaceOnChanges": true }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The inside IP addresses used for BGP peering. Required when the Connect attachment protocol is `GRE`. See `aws.networkmanager.ConnectAttachment` for details.\n", "willReplaceOnChanges": true }, "peerAddress": { "type": "string", "description": "The Connect peer address.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "subnetArn": { "type": "string", "description": "The subnet ARN for the Connect peer. Required when the Connect attachment protocol is `NO_ENCAP`. See `aws.networkmanager.ConnectAttachment` for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "connectAttachmentId", "peerAddress" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectPeer resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "bgpOptions": { "$ref": "#/types/aws:networkmanager/ConnectPeerBgpOptions:ConnectPeerBgpOptions", "description": "The Connect peer BGP options.\n", "willReplaceOnChanges": true }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/ConnectPeerConfiguration:ConnectPeerConfiguration" }, "description": "The configuration of the Connect peer.\n" }, "connectAttachmentId": { "type": "string", "description": "The ID of the connection attachment.\n", "willReplaceOnChanges": true }, "connectPeerId": { "type": "string" }, "coreNetworkAddress": { "type": "string", "description": "A Connect peer core network address.\n", "willReplaceOnChanges": true }, "coreNetworkId": { "type": "string", "description": "The ID of a core network.\n" }, "createdAt": { "type": "string" }, "edgeLocation": { "type": "string", "description": "The Region where the peer is located.\n" }, "insideCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "The inside IP addresses used for BGP peering. Required when the Connect attachment protocol is `GRE`. See `aws.networkmanager.ConnectAttachment` for details.\n", "willReplaceOnChanges": true }, "peerAddress": { "type": "string", "description": "The Connect peer address.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The state of the Connect peer.\n" }, "subnetArn": { "type": "string", "description": "The subnet ARN for the Connect peer. Required when the Connect attachment protocol is `NO_ENCAP`. See `aws.networkmanager.ConnectAttachment` for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmanager/connection:Connection": { "description": "Creates a connection between two devices.\nThe devices can be a physical or virtual appliance that connects to a third-party appliance in a VPC, or a physical appliance that connects to another physical appliance in an on-premises network.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.Connection(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n deviceId: example1.id,\n connectedDeviceId: example2.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.Connection(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n device_id=example1[\"id\"],\n connected_device_id=example2[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.Connection(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n DeviceId = example1.Id,\n ConnectedDeviceId = example2.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewConnection(ctx, \"example\", \u0026networkmanager.ConnectionArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tDeviceId: pulumi.Any(example1.Id),\n\t\t\tConnectedDeviceId: pulumi.Any(example2.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.Connection;\nimport com.pulumi.aws.networkmanager.ConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connection(\"example\", ConnectionArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .deviceId(example1.id())\n .connectedDeviceId(example2.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:Connection\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n deviceId: ${example1.id}\n connectedDeviceId: ${example2.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connection` using the connection ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connection:Connection example arn:aws:networkmanager::123456789012:device/global-network-0d47f6t230mz46dy4/connection-07f6fd08867abc123\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connection.\n" }, "connectedDeviceId": { "type": "string", "description": "The ID of the second device in the connection.\n" }, "connectedLinkId": { "type": "string", "description": "The ID of the link for the second device.\n" }, "description": { "type": "string", "description": "A description of the connection.\n" }, "deviceId": { "type": "string", "description": "The ID of the first device in the connection.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "linkId": { "type": "string", "description": "The ID of the link for the first device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "connectedDeviceId", "deviceId", "globalNetworkId", "tagsAll" ], "inputProperties": { "connectedDeviceId": { "type": "string", "description": "The ID of the second device in the connection.\n", "willReplaceOnChanges": true }, "connectedLinkId": { "type": "string", "description": "The ID of the link for the second device.\n" }, "description": { "type": "string", "description": "A description of the connection.\n" }, "deviceId": { "type": "string", "description": "The ID of the first device in the connection.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link for the first device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "connectedDeviceId", "deviceId", "globalNetworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connection resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the connection.\n" }, "connectedDeviceId": { "type": "string", "description": "The ID of the second device in the connection.\n", "willReplaceOnChanges": true }, "connectedLinkId": { "type": "string", "description": "The ID of the link for the second device.\n" }, "description": { "type": "string", "description": "A description of the connection.\n" }, "deviceId": { "type": "string", "description": "The ID of the first device in the connection.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link for the first device.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmanager/coreNetwork:CoreNetwork": { "description": "Provides a core network resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.CoreNetwork(\"example\", {globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.CoreNetwork(\"example\", global_network_id=example_aws_networkmanager_global_network[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CoreNetwork(\"example\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:CoreNetwork\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With description\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CoreNetwork(\"example\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:CoreNetwork\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CoreNetwork(\"example\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:CoreNetwork\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With VPC Attachment (Single Region)\n\nThe example below illustrates the scenario where your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Set the `create_base_policy` argument to `true` if your core network does not currently have any `LIVE` policies (e.g. this is the first `pulumi up` with the core network resource), since a `LIVE` policy is required before VPCs can be attached to the core network. Otherwise, if your core network already has a `LIVE` policy, you may exclude the `create_base_policy` argument. There are 2 options to implement this:\n\n- Option 1: Use the `base_policy_document` argument that allows the most customizations to a base policy. Use this to customize the `edge_locations` `asn`. In the example below, `us-west-2` and ASN `65500` are used in the base policy.\n- Option 2: Use the `create_base_policy` argument only. This creates a base policy in the region specified in the `provider` block.\n\n### Option 1 - using base_policy_document\n\nIf you require a custom ASN for the edge location, please use the `base_policy_document` argument to pass a specific ASN. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst base = aws.networkmanager.getCoreNetworkPolicyDocument({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n asn: \"65500\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyDocument: base.then(base =\u003e base.json),\n createBasePolicy: true,\n});\nconst exampleVpcAttachment = new aws.networkmanager.VpcAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleAwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n asn: \"65500\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n segmentActions: [{\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"0.0.0.0/0\"],\n destinations: [exampleVpcAttachment.id],\n }],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nbase = aws.networkmanager.get_core_network_policy_document(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }])\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_document=base.json,\n create_base_policy=True)\nexample_vpc_attachment = aws.networkmanager.VpcAttachment(\"example\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }],\n segment_actions=[{\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"0.0.0.0/0\"],\n \"destinations\": [example_vpc_attachment.id],\n }])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var @base = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n });\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyDocument = @base.Apply(@base =\u003e @base.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json)),\n CreateBasePolicy = true,\n });\n\n var exampleVpcAttachment = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n Destinations = new[]\n {\n exampleVpcAttachment.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nbase, err := networkmanager.GetCoreNetworkPolicyDocument(ctx, \u0026networkmanager.GetCoreNetworkPolicyDocumentArgs{\nCoreNetworkConfigurations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfiguration{\n{\nAsnRanges: []string{\n\"65022-65534\",\n},\nEdgeLocations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation{\n{\nLocation: \"us-west-2\",\nAsn: pulumi.StringRef(\"65500\"),\n},\n},\n},\n},\nSegments: []networkmanager.GetCoreNetworkPolicyDocumentSegment{\n{\nName: \"segment\",\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyDocument: pulumi.String(base.Json),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleVpcAttachment, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\nAsn: pulumi.String(\"65500\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"0.0.0.0/0\"),\n},\nDestinations: pulumi.StringArray{\nexampleVpcAttachment.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n final var base = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .build());\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyDocument(base.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json()))\n .createBasePolicy(true)\n .build());\n\n var exampleVpcAttachment = new VpcAttachment(\"exampleVpcAttachment\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"0.0.0.0/0\")\n .destinations(exampleVpcAttachment.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Option 2 - create_base_policy only\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n createBasePolicy: true,\n});\nconst exampleVpcAttachment = new aws.networkmanager.VpcAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleAwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n segmentActions: [{\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"0.0.0.0/0\"],\n destinations: [exampleVpcAttachment.id],\n }],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n create_base_policy=True)\nexample_vpc_attachment = aws.networkmanager.VpcAttachment(\"example\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }],\n segment_actions=[{\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"0.0.0.0/0\"],\n \"destinations\": [example_vpc_attachment.id],\n }])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n CreateBasePolicy = true,\n });\n\n var exampleVpcAttachment = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n Destinations = new[]\n {\n exampleVpcAttachment.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleVpcAttachment, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"0.0.0.0/0\"),\n},\nDestinations: pulumi.StringArray{\nexampleVpcAttachment.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .createBasePolicy(true)\n .build());\n\n var exampleVpcAttachment = new VpcAttachment(\"exampleVpcAttachment\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"0.0.0.0/0\")\n .destinations(exampleVpcAttachment.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With VPC Attachment (Multi-Region)\n\nThe example below illustrates the scenario where your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Set the `create_base_policy` argument of the `aws.networkmanager.CoreNetwork` resource to `true` if your core network does not currently have any `LIVE` policies (e.g. this is the first `pulumi up` with the core network resource), since a `LIVE` policy is required before VPCs can be attached to the core network. Otherwise, if your core network already has a `LIVE` policy, you may exclude the `create_base_policy` argument. For multi-region in a core network that does not yet have a `LIVE` policy, there are 2 options:\n\n- Option 1: Use the `base_policy_document` argument that allows the most customizations to a base policy. Use this to customize the `edge_locations` `asn`. In the example below, `us-west-2`, `us-east-1` and specific ASNs are used in the base policy.\n- Option 2: Pass a list of regions to the `aws.networkmanager.CoreNetwork` `base_policy_regions` argument. In the example below, `us-west-2` and `us-east-1` are specified in the base policy.\n\n### Option 1 - using base_policy_document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst base = aws.networkmanager.getCoreNetworkPolicyDocument({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n asn: \"65500\",\n },\n {\n location: \"us-east-1\",\n asn: \"65501\",\n },\n ],\n }],\n segments: [{\n name: \"segment\",\n }],\n});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyDocument: base.then(base =\u003e base.json),\n createBasePolicy: true,\n});\nconst exampleUsWest2 = new aws.networkmanager.VpcAttachment(\"example_us_west_2\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsWest2AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsWest2AwsVpc.arn,\n});\nconst exampleUsEast1 = new aws.networkmanager.VpcAttachment(\"example_us_east_1\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsEast1AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsEast1AwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n asn: \"65500\",\n },\n {\n location: \"us-east-1\",\n asn: \"65501\",\n },\n ],\n }],\n segments: [\n {\n name: \"segment\",\n },\n {\n name: \"segment2\",\n },\n ],\n segmentActions: [\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.0.0.0/16\"],\n destinations: [exampleUsWest2.id],\n },\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.1.0.0/16\"],\n destinations: [exampleUsEast1.id],\n },\n ],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nbase = aws.networkmanager.get_core_network_policy_document(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n },\n {\n \"location\": \"us-east-1\",\n \"asn\": \"65501\",\n },\n ],\n }],\n segments=[{\n \"name\": \"segment\",\n }])\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_document=base.json,\n create_base_policy=True)\nexample_us_west2 = aws.networkmanager.VpcAttachment(\"example_us_west_2\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_west2_aws_subnet],\n vpc_arn=example_us_west2_aws_vpc[\"arn\"])\nexample_us_east1 = aws.networkmanager.VpcAttachment(\"example_us_east_1\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_east1_aws_subnet],\n vpc_arn=example_us_east1_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n },\n {\n \"location\": \"us-east-1\",\n \"asn\": \"65501\",\n },\n ],\n }],\n segments=[\n {\n \"name\": \"segment\",\n },\n {\n \"name\": \"segment2\",\n },\n ],\n segment_actions=[\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.0.0.0/16\"],\n \"destinations\": [example_us_west2.id],\n },\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.1.0.0/16\"],\n \"destinations\": [example_us_east1.id],\n },\n ])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var @base = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n Asn = \"65501\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n });\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyDocument = @base.Apply(@base =\u003e @base.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json)),\n CreateBasePolicy = true,\n });\n\n var exampleUsWest2 = new Aws.NetworkManager.VpcAttachment(\"example_us_west_2\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsWest2AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsWest2AwsVpc.Arn,\n });\n\n var exampleUsEast1 = new Aws.NetworkManager.VpcAttachment(\"example_us_east_1\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsEast1AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsEast1AwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n Asn = \"65501\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment2\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.0.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsWest2.Id,\n },\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.1.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsEast1.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nbase, err := networkmanager.GetCoreNetworkPolicyDocument(ctx, \u0026networkmanager.GetCoreNetworkPolicyDocumentArgs{\nCoreNetworkConfigurations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfiguration{\n{\nAsnRanges: []string{\n\"65022-65534\",\n},\nEdgeLocations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation{\n{\nLocation: \"us-west-2\",\nAsn: pulumi.StringRef(\"65500\"),\n},\n{\nLocation: \"us-east-1\",\nAsn: pulumi.StringRef(\"65501\"),\n},\n},\n},\n},\nSegments: []networkmanager.GetCoreNetworkPolicyDocumentSegment{\n{\nName: \"segment\",\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyDocument: pulumi.String(base.Json),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleUsWest2AwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleUsWest2, err := networkmanager.NewVpcAttachment(ctx, \"example_us_west_2\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleUsWest2AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nvar splat1 []interface{}\nfor _, val0 := range exampleUsEast1AwsSubnet {\nsplat1 = append(splat1, val0.Arn)\n}\nexampleUsEast1, err := networkmanager.NewVpcAttachment(ctx, \"example_us_east_1\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat1),\nVpcArn: pulumi.Any(exampleUsEast1AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\nAsn: pulumi.String(\"65500\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-east-1\"),\nAsn: pulumi.String(\"65501\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment2\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.0.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsWest2.ID(),\n},\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.1.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsEast1.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n final var base = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .asn(\"65501\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .build());\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyDocument(base.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json()))\n .createBasePolicy(true)\n .build());\n\n var exampleUsWest2 = new VpcAttachment(\"exampleUsWest2\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsWest2AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsWest2AwsVpc.arn())\n .build());\n\n var exampleUsEast1 = new VpcAttachment(\"exampleUsEast1\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsEast1AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsEast1AwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .asn(\"65501\")\n .build())\n .build())\n .segments( \n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build(),\n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment2\")\n .build())\n .segmentActions( \n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.0.0.0/16\")\n .destinations(exampleUsWest2.id())\n .build(),\n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.1.0.0/16\")\n .destinations(exampleUsEast1.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Option 2 - using base_policy_regions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyRegions: [\n \"us-west-2\",\n \"us-east-1\",\n ],\n createBasePolicy: true,\n});\nconst exampleUsWest2 = new aws.networkmanager.VpcAttachment(\"example_us_west_2\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsWest2AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsWest2AwsVpc.arn,\n});\nconst exampleUsEast1 = new aws.networkmanager.VpcAttachment(\"example_us_east_1\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsEast1AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsEast1AwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n },\n {\n location: \"us-east-1\",\n },\n ],\n }],\n segments: [\n {\n name: \"segment\",\n },\n {\n name: \"segment2\",\n },\n ],\n segmentActions: [\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.0.0.0/16\"],\n destinations: [exampleUsWest2.id],\n },\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.1.0.0/16\"],\n destinations: [exampleUsEast1.id],\n },\n ],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_regions=[\n \"us-west-2\",\n \"us-east-1\",\n ],\n create_base_policy=True)\nexample_us_west2 = aws.networkmanager.VpcAttachment(\"example_us_west_2\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_west2_aws_subnet],\n vpc_arn=example_us_west2_aws_vpc[\"arn\"])\nexample_us_east1 = aws.networkmanager.VpcAttachment(\"example_us_east_1\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_east1_aws_subnet],\n vpc_arn=example_us_east1_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n },\n {\n \"location\": \"us-east-1\",\n },\n ],\n }],\n segments=[\n {\n \"name\": \"segment\",\n },\n {\n \"name\": \"segment2\",\n },\n ],\n segment_actions=[\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.0.0.0/16\"],\n \"destinations\": [example_us_west2.id],\n },\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.1.0.0/16\"],\n \"destinations\": [example_us_east1.id],\n },\n ])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyRegions = new[]\n {\n \"us-west-2\",\n \"us-east-1\",\n },\n CreateBasePolicy = true,\n });\n\n var exampleUsWest2 = new Aws.NetworkManager.VpcAttachment(\"example_us_west_2\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsWest2AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsWest2AwsVpc.Arn,\n });\n\n var exampleUsEast1 = new Aws.NetworkManager.VpcAttachment(\"example_us_east_1\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsEast1AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsEast1AwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment2\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.0.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsWest2.Id,\n },\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.1.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsEast1.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyRegions: pulumi.StringArray{\npulumi.String(\"us-west-2\"),\npulumi.String(\"us-east-1\"),\n},\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleUsWest2AwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleUsWest2, err := networkmanager.NewVpcAttachment(ctx, \"example_us_west_2\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleUsWest2AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nvar splat1 []interface{}\nfor _, val0 := range exampleUsEast1AwsSubnet {\nsplat1 = append(splat1, val0.Arn)\n}\nexampleUsEast1, err := networkmanager.NewVpcAttachment(ctx, \"example_us_east_1\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat1),\nVpcArn: pulumi.Any(exampleUsEast1AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-east-1\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment2\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.0.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsWest2.ID(),\n},\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.1.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsEast1.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyRegions( \n \"us-west-2\",\n \"us-east-1\")\n .createBasePolicy(true)\n .build());\n\n var exampleUsWest2 = new VpcAttachment(\"exampleUsWest2\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsWest2AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsWest2AwsVpc.arn())\n .build());\n\n var exampleUsEast1 = new VpcAttachment(\"exampleUsEast1\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsEast1AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsEast1AwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .build())\n .build())\n .segments( \n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build(),\n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment2\")\n .build())\n .segmentActions( \n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.0.0.0/16\")\n .destinations(exampleUsWest2.id())\n .build(),\n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.1.0.0/16\")\n .destinations(exampleUsEast1.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_core_network` using the core network ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/coreNetwork:CoreNetwork example core-network-0d47f6t230mz46dy4\n```\n", "properties": { "arn": { "type": "string", "description": "Core Network Amazon Resource Name (ARN).\n" }, "basePolicyDocument": { "type": "string", "description": "Sets the base policy document for the core network. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" }, "basePolicyRegion": { "type": "string", "description": "The base policy created by setting the `create_base_policy` argument to `true` requires a region to be set in the `edge-locations`, `location` key. If `base_policy_region` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n", "deprecationMessage": "Use the base_policy_regions argument instead. This argument will be removed in the next major version of the provider." }, "basePolicyRegions": { "type": "array", "items": { "type": "string" }, "description": "A list of regions to add to the base policy. The base policy created by setting the `create_base_policy` argument to `true` requires one or more regions to be set in the `edge-locations`, `location` key. If `base_policy_regions` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n" }, "createBasePolicy": { "type": "boolean", "description": "Specifies whether to create a base policy when a core network is created or updated. A base policy is created and set to `LIVE` to allow attachments to the core network (e.g. VPC Attachments) before applying a policy document provided using the `aws.networkmanager.CoreNetworkPolicyAttachment` resource. This base policy is needed if your core network does not have any `LIVE` policies and your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Valid values are `true` or `false`. An example of this Pulumi snippet can be found above for VPC Attachment in a single region and for VPC Attachment multi-region. An example base policy is shown below. This base policy is overridden with the policy that you specify in the `aws.networkmanager.CoreNetworkPolicyAttachment` resource.\n\n```json\n{\n\"version\": \"2021.12\",\n\"core-network-configuration\": {\n\"asn-ranges\": [\n\"64512-65534\"\n],\n\"vpn-ecmp-support\": false,\n\"edge-locations\": [\n{\n\"location\": \"us-east-1\"\n}\n]\n},\n\"segments\": [\n{\n\"name\": \"segment\",\n\"description\": \"base-policy\",\n\"isolate-attachments\": false,\n\"require-attachment-acceptance\": false\n}\n]\n}\n```\n" }, "createdAt": { "type": "string", "description": "Timestamp when a core network was created.\n" }, "description": { "type": "string", "description": "Description of the Core Network.\n" }, "edges": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/CoreNetworkEdge:CoreNetworkEdge" }, "description": "One or more blocks detailing the edges within a core network. Detailed below.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network that a core network will be a part of.\n" }, "segments": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/CoreNetworkSegment:CoreNetworkSegment" }, "description": "One or more blocks detailing the segments within a core network. Detailed below.\n" }, "state": { "type": "string", "description": "Current state of a core network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Core Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdAt", "edges", "globalNetworkId", "segments", "state", "tagsAll" ], "inputProperties": { "basePolicyDocument": { "type": "string", "description": "Sets the base policy document for the core network. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" }, "basePolicyRegion": { "type": "string", "description": "The base policy created by setting the `create_base_policy` argument to `true` requires a region to be set in the `edge-locations`, `location` key. If `base_policy_region` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n", "deprecationMessage": "Use the base_policy_regions argument instead. This argument will be removed in the next major version of the provider." }, "basePolicyRegions": { "type": "array", "items": { "type": "string" }, "description": "A list of regions to add to the base policy. The base policy created by setting the `create_base_policy` argument to `true` requires one or more regions to be set in the `edge-locations`, `location` key. If `base_policy_regions` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n" }, "createBasePolicy": { "type": "boolean", "description": "Specifies whether to create a base policy when a core network is created or updated. A base policy is created and set to `LIVE` to allow attachments to the core network (e.g. VPC Attachments) before applying a policy document provided using the `aws.networkmanager.CoreNetworkPolicyAttachment` resource. This base policy is needed if your core network does not have any `LIVE` policies and your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Valid values are `true` or `false`. An example of this Pulumi snippet can be found above for VPC Attachment in a single region and for VPC Attachment multi-region. An example base policy is shown below. This base policy is overridden with the policy that you specify in the `aws.networkmanager.CoreNetworkPolicyAttachment` resource.\n\n```json\n{\n\"version\": \"2021.12\",\n\"core-network-configuration\": {\n\"asn-ranges\": [\n\"64512-65534\"\n],\n\"vpn-ecmp-support\": false,\n\"edge-locations\": [\n{\n\"location\": \"us-east-1\"\n}\n]\n},\n\"segments\": [\n{\n\"name\": \"segment\",\n\"description\": \"base-policy\",\n\"isolate-attachments\": false,\n\"require-attachment-acceptance\": false\n}\n]\n}\n```\n" }, "description": { "type": "string", "description": "Description of the Core Network.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network that a core network will be a part of.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Core Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "globalNetworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CoreNetwork resources.\n", "properties": { "arn": { "type": "string", "description": "Core Network Amazon Resource Name (ARN).\n" }, "basePolicyDocument": { "type": "string", "description": "Sets the base policy document for the core network. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" }, "basePolicyRegion": { "type": "string", "description": "The base policy created by setting the `create_base_policy` argument to `true` requires a region to be set in the `edge-locations`, `location` key. If `base_policy_region` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n", "deprecationMessage": "Use the base_policy_regions argument instead. This argument will be removed in the next major version of the provider." }, "basePolicyRegions": { "type": "array", "items": { "type": "string" }, "description": "A list of regions to add to the base policy. The base policy created by setting the `create_base_policy` argument to `true` requires one or more regions to be set in the `edge-locations`, `location` key. If `base_policy_regions` is not specified, the region used in the base policy defaults to the region specified in the `provider` block.\n" }, "createBasePolicy": { "type": "boolean", "description": "Specifies whether to create a base policy when a core network is created or updated. A base policy is created and set to `LIVE` to allow attachments to the core network (e.g. VPC Attachments) before applying a policy document provided using the `aws.networkmanager.CoreNetworkPolicyAttachment` resource. This base policy is needed if your core network does not have any `LIVE` policies and your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Valid values are `true` or `false`. An example of this Pulumi snippet can be found above for VPC Attachment in a single region and for VPC Attachment multi-region. An example base policy is shown below. This base policy is overridden with the policy that you specify in the `aws.networkmanager.CoreNetworkPolicyAttachment` resource.\n\n```json\n{\n\"version\": \"2021.12\",\n\"core-network-configuration\": {\n\"asn-ranges\": [\n\"64512-65534\"\n],\n\"vpn-ecmp-support\": false,\n\"edge-locations\": [\n{\n\"location\": \"us-east-1\"\n}\n]\n},\n\"segments\": [\n{\n\"name\": \"segment\",\n\"description\": \"base-policy\",\n\"isolate-attachments\": false,\n\"require-attachment-acceptance\": false\n}\n]\n}\n```\n" }, "createdAt": { "type": "string", "description": "Timestamp when a core network was created.\n" }, "description": { "type": "string", "description": "Description of the Core Network.\n" }, "edges": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/CoreNetworkEdge:CoreNetworkEdge" }, "description": "One or more blocks detailing the edges within a core network. Detailed below.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network that a core network will be a part of.\n", "willReplaceOnChanges": true }, "segments": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/CoreNetworkSegment:CoreNetworkSegment" }, "description": "One or more blocks detailing the segments within a core network. Detailed below.\n" }, "state": { "type": "string", "description": "Current state of a core network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Core Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmanager/coreNetworkPolicyAttachment:CoreNetworkPolicyAttachment": { "description": "Provides a Core Network Policy Attachment resource. This puts a Core Network Policy to an existing Core Network and executes the change set, which deploys changes globally based on the policy submitted (Sets the policy to `LIVE`).\n\n\u003e **NOTE:** Deleting this resource will not delete the current policy defined in this resource. Deleting this resource will also not revert the current `LIVE` policy to the previous version.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.CoreNetwork(\"example\", {globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: example.id,\n policyDocument: exampleAwsNetworkmanagerCoreNetworkPolicyDocument.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.CoreNetwork(\"example\", global_network_id=example_aws_networkmanager_global_network[\"id\"])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example.id,\n policy_document=example_aws_networkmanager_core_network_policy_document[\"json\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = example.Id,\n PolicyDocument = exampleAwsNetworkmanagerCoreNetworkPolicyDocument.Json,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\n\t\t\tCoreNetworkId: example.ID(),\n\t\t\tPolicyDocument: pulumi.Any(exampleAwsNetworkmanagerCoreNetworkPolicyDocument.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CoreNetwork(\"example\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(example.id())\n .policyDocument(exampleAwsNetworkmanagerCoreNetworkPolicyDocument.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:CoreNetwork\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n exampleCoreNetworkPolicyAttachment:\n type: aws:networkmanager:CoreNetworkPolicyAttachment\n name: example\n properties:\n coreNetworkId: ${example.id}\n policyDocument: ${exampleAwsNetworkmanagerCoreNetworkPolicyDocument.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With VPC Attachment (Single Region)\n\nThe example below illustrates the scenario where your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Set the `create_base_policy` argument of the `aws.networkmanager.CoreNetwork` resource to `true` if your core network does not currently have any `LIVE` policies (e.g. this is the first `pulumi up` with the core network resource), since a `LIVE` policy is required before VPCs can be attached to the core network. Otherwise, if your core network already has a `LIVE` policy, you may exclude the `create_base_policy` argument. There are 2 options to implement this:\n\n- Option 1: Use the `base_policy_document` argument in the `aws.networkmanager.CoreNetwork` resource that allows the most customizations to a base policy. Use this to customize the `edge_locations` `asn`. In the example below, `us-west-2` and ASN `65500` are used in the base policy.\n- Option 2: Use the `create_base_policy` argument only. This creates a base policy in the region specified in the `provider` block.\n\n### Option 1 - using base_policy_document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst base = aws.networkmanager.getCoreNetworkPolicyDocument({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n asn: \"65500\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyDocument: base.then(base =\u003e base.json),\n createBasePolicy: true,\n});\nconst exampleVpcAttachment = new aws.networkmanager.VpcAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleAwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n asn: \"65500\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n segmentActions: [{\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"0.0.0.0/0\"],\n destinations: [exampleVpcAttachment.id],\n }],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nbase = aws.networkmanager.get_core_network_policy_document(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }])\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_document=base.json,\n create_base_policy=True)\nexample_vpc_attachment = aws.networkmanager.VpcAttachment(\"example\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }],\n segment_actions=[{\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"0.0.0.0/0\"],\n \"destinations\": [example_vpc_attachment.id],\n }])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var @base = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n });\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyDocument = @base.Apply(@base =\u003e @base.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json)),\n CreateBasePolicy = true,\n });\n\n var exampleVpcAttachment = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n Destinations = new[]\n {\n exampleVpcAttachment.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nbase, err := networkmanager.GetCoreNetworkPolicyDocument(ctx, \u0026networkmanager.GetCoreNetworkPolicyDocumentArgs{\nCoreNetworkConfigurations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfiguration{\n{\nAsnRanges: []string{\n\"65022-65534\",\n},\nEdgeLocations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation{\n{\nLocation: \"us-west-2\",\nAsn: pulumi.StringRef(\"65500\"),\n},\n},\n},\n},\nSegments: []networkmanager.GetCoreNetworkPolicyDocumentSegment{\n{\nName: \"segment\",\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyDocument: pulumi.String(base.Json),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleVpcAttachment, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\nAsn: pulumi.String(\"65500\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"0.0.0.0/0\"),\n},\nDestinations: pulumi.StringArray{\nexampleVpcAttachment.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n final var base = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .build());\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyDocument(base.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json()))\n .createBasePolicy(true)\n .build());\n\n var exampleVpcAttachment = new VpcAttachment(\"exampleVpcAttachment\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"0.0.0.0/0\")\n .destinations(exampleVpcAttachment.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Option 2 - create_base_policy only\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n createBasePolicy: true,\n});\nconst exampleVpcAttachment = new aws.networkmanager.VpcAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleAwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [{\n location: \"us-west-2\",\n }],\n }],\n segments: [{\n name: \"segment\",\n }],\n segmentActions: [{\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"0.0.0.0/0\"],\n destinations: [exampleVpcAttachment.id],\n }],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n create_base_policy=True)\nexample_vpc_attachment = aws.networkmanager.VpcAttachment(\"example\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [{\n \"location\": \"us-west-2\",\n }],\n }],\n segments=[{\n \"name\": \"segment\",\n }],\n segment_actions=[{\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"0.0.0.0/0\"],\n \"destinations\": [example_vpc_attachment.id],\n }])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n CreateBasePolicy = true,\n });\n\n var exampleVpcAttachment = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n Destinations = new[]\n {\n exampleVpcAttachment.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleVpcAttachment, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"0.0.0.0/0\"),\n},\nDestinations: pulumi.StringArray{\nexampleVpcAttachment.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .createBasePolicy(true)\n .build());\n\n var exampleVpcAttachment = new VpcAttachment(\"exampleVpcAttachment\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"0.0.0.0/0\")\n .destinations(exampleVpcAttachment.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With VPC Attachment (Multi-Region)\n\nThe example below illustrates the scenario where your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Set the `create_base_policy` argument of the `aws.networkmanager.CoreNetwork` resource to `true` if your core network does not currently have any `LIVE` policies (e.g. this is the first `pulumi up` with the core network resource), since a `LIVE` policy is required before VPCs can be attached to the core network. Otherwise, if your core network already has a `LIVE` policy, you may exclude the `create_base_policy` argument. For multi-region in a core network that does not yet have a `LIVE` policy, there are 2 options:\n\n- Option 1: Use the `base_policy_document` argument that allows the most customizations to a base policy. Use this to customize the `edge_locations` `asn`. In the example below, `us-west-2`, `us-east-1` and specific ASNs are used in the base policy.\n- Option 2: Pass a list of regions to the `aws.networkmanager.CoreNetwork` resource `base_policy_regions` argument. In the example below, `us-west-2` and `us-east-1` are specified in the base policy.\n\n### Option 1 - using base_policy_document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst base = aws.networkmanager.getCoreNetworkPolicyDocument({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n asn: \"65500\",\n },\n {\n location: \"us-east-1\",\n asn: \"65501\",\n },\n ],\n }],\n segments: [{\n name: \"segment\",\n }],\n});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyDocument: base.then(base =\u003e base.json),\n createBasePolicy: true,\n});\nconst exampleUsWest2 = new aws.networkmanager.VpcAttachment(\"example_us_west_2\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsWest2AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsWest2AwsVpc.arn,\n});\nconst exampleUsEast1 = new aws.networkmanager.VpcAttachment(\"example_us_east_1\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsEast1AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsEast1AwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n asn: \"65500\",\n },\n {\n location: \"us-east-1\",\n asn: \"65501\",\n },\n ],\n }],\n segments: [\n {\n name: \"segment\",\n },\n {\n name: \"segment2\",\n },\n ],\n segmentActions: [\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.0.0.0/16\"],\n destinations: [exampleUsWest2.id],\n },\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.1.0.0/16\"],\n destinations: [exampleUsEast1.id],\n },\n ],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nbase = aws.networkmanager.get_core_network_policy_document(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n },\n {\n \"location\": \"us-east-1\",\n \"asn\": \"65501\",\n },\n ],\n }],\n segments=[{\n \"name\": \"segment\",\n }])\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_document=base.json,\n create_base_policy=True)\nexample_us_west2 = aws.networkmanager.VpcAttachment(\"example_us_west_2\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_west2_aws_subnet],\n vpc_arn=example_us_west2_aws_vpc[\"arn\"])\nexample_us_east1 = aws.networkmanager.VpcAttachment(\"example_us_east_1\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_east1_aws_subnet],\n vpc_arn=example_us_east1_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n \"asn\": \"65500\",\n },\n {\n \"location\": \"us-east-1\",\n \"asn\": \"65501\",\n },\n ],\n }],\n segments=[\n {\n \"name\": \"segment\",\n },\n {\n \"name\": \"segment2\",\n },\n ],\n segment_actions=[\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.0.0.0/16\"],\n \"destinations\": [example_us_west2.id],\n },\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.1.0.0/16\"],\n \"destinations\": [example_us_east1.id],\n },\n ])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var @base = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n Asn = \"65501\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n },\n });\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyDocument = @base.Apply(@base =\u003e @base.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json)),\n CreateBasePolicy = true,\n });\n\n var exampleUsWest2 = new Aws.NetworkManager.VpcAttachment(\"example_us_west_2\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsWest2AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsWest2AwsVpc.Arn,\n });\n\n var exampleUsEast1 = new Aws.NetworkManager.VpcAttachment(\"example_us_east_1\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsEast1AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsEast1AwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n Asn = \"65500\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n Asn = \"65501\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment2\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.0.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsWest2.Id,\n },\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.1.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsEast1.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nbase, err := networkmanager.GetCoreNetworkPolicyDocument(ctx, \u0026networkmanager.GetCoreNetworkPolicyDocumentArgs{\nCoreNetworkConfigurations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfiguration{\n{\nAsnRanges: []string{\n\"65022-65534\",\n},\nEdgeLocations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation{\n{\nLocation: \"us-west-2\",\nAsn: pulumi.StringRef(\"65500\"),\n},\n{\nLocation: \"us-east-1\",\nAsn: pulumi.StringRef(\"65501\"),\n},\n},\n},\n},\nSegments: []networkmanager.GetCoreNetworkPolicyDocumentSegment{\n{\nName: \"segment\",\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyDocument: pulumi.String(base.Json),\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleUsWest2AwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleUsWest2, err := networkmanager.NewVpcAttachment(ctx, \"example_us_west_2\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleUsWest2AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nvar splat1 []interface{}\nfor _, val0 := range exampleUsEast1AwsSubnet {\nsplat1 = append(splat1, val0.Arn)\n}\nexampleUsEast1, err := networkmanager.NewVpcAttachment(ctx, \"example_us_east_1\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat1),\nVpcArn: pulumi.Any(exampleUsEast1AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\nAsn: pulumi.String(\"65500\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-east-1\"),\nAsn: pulumi.String(\"65501\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment2\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.0.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsWest2.ID(),\n},\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.1.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsEast1.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n final var base = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .asn(\"65501\")\n .build())\n .build())\n .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build())\n .build());\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyDocument(base.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json()))\n .createBasePolicy(true)\n .build());\n\n var exampleUsWest2 = new VpcAttachment(\"exampleUsWest2\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsWest2AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsWest2AwsVpc.arn())\n .build());\n\n var exampleUsEast1 = new VpcAttachment(\"exampleUsEast1\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsEast1AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsEast1AwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .asn(\"65500\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .asn(\"65501\")\n .build())\n .build())\n .segments( \n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build(),\n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment2\")\n .build())\n .segmentActions( \n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.0.0.0/16\")\n .destinations(exampleUsWest2.id())\n .build(),\n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.1.0.0/16\")\n .destinations(exampleUsEast1.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Option 2 - using base_policy_regions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGlobalNetwork = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst exampleCoreNetwork = new aws.networkmanager.CoreNetwork(\"example\", {\n globalNetworkId: exampleGlobalNetwork.id,\n basePolicyRegions: [\n \"us-west-2\",\n \"us-east-1\",\n ],\n createBasePolicy: true,\n});\nconst exampleUsWest2 = new aws.networkmanager.VpcAttachment(\"example_us_west_2\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsWest2AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsWest2AwsVpc.arn,\n});\nconst exampleUsEast1 = new aws.networkmanager.VpcAttachment(\"example_us_east_1\", {\n coreNetworkId: exampleCoreNetwork.id,\n subnetArns: exampleUsEast1AwsSubnet.map(__item =\u003e __item.arn),\n vpcArn: exampleUsEast1AwsVpc.arn,\n});\nconst example = aws.networkmanager.getCoreNetworkPolicyDocumentOutput({\n coreNetworkConfigurations: [{\n asnRanges: [\"65022-65534\"],\n edgeLocations: [\n {\n location: \"us-west-2\",\n },\n {\n location: \"us-east-1\",\n },\n ],\n }],\n segments: [\n {\n name: \"segment\",\n },\n {\n name: \"segment2\",\n },\n ],\n segmentActions: [\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.0.0.0/16\"],\n destinations: [exampleUsWest2.id],\n },\n {\n action: \"create-route\",\n segment: \"segment\",\n destinationCidrBlocks: [\"10.1.0.0/16\"],\n destinations: [exampleUsEast1.id],\n },\n ],\n});\nconst exampleCoreNetworkPolicyAttachment = new aws.networkmanager.CoreNetworkPolicyAttachment(\"example\", {\n coreNetworkId: exampleCoreNetwork.id,\n policyDocument: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_global_network = aws.networkmanager.GlobalNetwork(\"example\")\nexample_core_network = aws.networkmanager.CoreNetwork(\"example\",\n global_network_id=example_global_network.id,\n base_policy_regions=[\n \"us-west-2\",\n \"us-east-1\",\n ],\n create_base_policy=True)\nexample_us_west2 = aws.networkmanager.VpcAttachment(\"example_us_west_2\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_west2_aws_subnet],\n vpc_arn=example_us_west2_aws_vpc[\"arn\"])\nexample_us_east1 = aws.networkmanager.VpcAttachment(\"example_us_east_1\",\n core_network_id=example_core_network.id,\n subnet_arns=[__item[\"arn\"] for __item in example_us_east1_aws_subnet],\n vpc_arn=example_us_east1_aws_vpc[\"arn\"])\nexample = aws.networkmanager.get_core_network_policy_document_output(core_network_configurations=[{\n \"asn_ranges\": [\"65022-65534\"],\n \"edge_locations\": [\n {\n \"location\": \"us-west-2\",\n },\n {\n \"location\": \"us-east-1\",\n },\n ],\n }],\n segments=[\n {\n \"name\": \"segment\",\n },\n {\n \"name\": \"segment2\",\n },\n ],\n segment_actions=[\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.0.0.0/16\"],\n \"destinations\": [example_us_west2.id],\n },\n {\n \"action\": \"create-route\",\n \"segment\": \"segment\",\n \"destination_cidr_blocks\": [\"10.1.0.0/16\"],\n \"destinations\": [example_us_east1.id],\n },\n ])\nexample_core_network_policy_attachment = aws.networkmanager.CoreNetworkPolicyAttachment(\"example\",\n core_network_id=example_core_network.id,\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGlobalNetwork = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var exampleCoreNetwork = new Aws.NetworkManager.CoreNetwork(\"example\", new()\n {\n GlobalNetworkId = exampleGlobalNetwork.Id,\n BasePolicyRegions = new[]\n {\n \"us-west-2\",\n \"us-east-1\",\n },\n CreateBasePolicy = true,\n });\n\n var exampleUsWest2 = new Aws.NetworkManager.VpcAttachment(\"example_us_west_2\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsWest2AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsWest2AwsVpc.Arn,\n });\n\n var exampleUsEast1 = new Aws.NetworkManager.VpcAttachment(\"example_us_east_1\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n SubnetArns = exampleUsEast1AwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n VpcArn = exampleUsEast1AwsVpc.Arn,\n });\n\n var example = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n AsnRanges = new[]\n {\n \"65022-65534\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-west-2\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"segment2\",\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.0.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsWest2.Id,\n },\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"create-route\",\n Segment = \"segment\",\n DestinationCidrBlocks = new[]\n {\n \"10.1.0.0/16\",\n },\n Destinations = new[]\n {\n exampleUsEast1.Id,\n },\n },\n },\n });\n\n var exampleCoreNetworkPolicyAttachment = new Aws.NetworkManager.CoreNetworkPolicyAttachment(\"example\", new()\n {\n CoreNetworkId = exampleCoreNetwork.Id,\n PolicyDocument = example.Apply(getCoreNetworkPolicyDocumentResult =\u003e getCoreNetworkPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexampleGlobalNetwork, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\nif err != nil {\nreturn err\n}\nexampleCoreNetwork, err := networkmanager.NewCoreNetwork(ctx, \"example\", \u0026networkmanager.CoreNetworkArgs{\nGlobalNetworkId: exampleGlobalNetwork.ID(),\nBasePolicyRegions: pulumi.StringArray{\npulumi.String(\"us-west-2\"),\npulumi.String(\"us-east-1\"),\n},\nCreateBasePolicy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nvar splat0 []interface{}\nfor _, val0 := range exampleUsWest2AwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexampleUsWest2, err := networkmanager.NewVpcAttachment(ctx, \"example_us_west_2\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat0),\nVpcArn: pulumi.Any(exampleUsWest2AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nvar splat1 []interface{}\nfor _, val0 := range exampleUsEast1AwsSubnet {\nsplat1 = append(splat1, val0.Arn)\n}\nexampleUsEast1, err := networkmanager.NewVpcAttachment(ctx, \"example_us_east_1\", \u0026networkmanager.VpcAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nSubnetArns: toPulumiArray(splat1),\nVpcArn: pulumi.Any(exampleUsEast1AwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexample := networkmanager.GetCoreNetworkPolicyDocumentOutput(ctx, networkmanager.GetCoreNetworkPolicyDocumentOutputArgs{\nCoreNetworkConfigurations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs{\nAsnRanges: pulumi.StringArray{\npulumi.String(\"65022-65534\"),\n},\nEdgeLocations: networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-west-2\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs{\nLocation: pulumi.String(\"us-east-1\"),\n},\n},\n},\n},\nSegments: networkmanager.GetCoreNetworkPolicyDocumentSegmentArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment\"),\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentArgs{\nName: pulumi.String(\"segment2\"),\n},\n},\nSegmentActions: networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArray{\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.0.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsWest2.ID(),\n},\n},\n\u0026networkmanager.GetCoreNetworkPolicyDocumentSegmentActionArgs{\nAction: pulumi.String(\"create-route\"),\nSegment: pulumi.String(\"segment\"),\nDestinationCidrBlocks: pulumi.StringArray{\npulumi.String(\"10.1.0.0/16\"),\n},\nDestinations: pulumi.StringArray{\nexampleUsEast1.ID(),\n},\n},\n},\n}, nil);\n_, err = networkmanager.NewCoreNetworkPolicyAttachment(ctx, \"example\", \u0026networkmanager.CoreNetworkPolicyAttachmentArgs{\nCoreNetworkId: exampleCoreNetwork.ID(),\nPolicyDocument: pulumi.String(example.ApplyT(func(example networkmanager.GetCoreNetworkPolicyDocumentResult) (*string, error) {\nreturn \u0026example.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetwork;\nimport com.pulumi.aws.networkmanager.CoreNetworkArgs;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;\nimport com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGlobalNetwork = new GlobalNetwork(\"exampleGlobalNetwork\");\n\n var exampleCoreNetwork = new CoreNetwork(\"exampleCoreNetwork\", CoreNetworkArgs.builder()\n .globalNetworkId(exampleGlobalNetwork.id())\n .basePolicyRegions( \n \"us-west-2\",\n \"us-east-1\")\n .createBasePolicy(true)\n .build());\n\n var exampleUsWest2 = new VpcAttachment(\"exampleUsWest2\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsWest2AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsWest2AwsVpc.arn())\n .build());\n\n var exampleUsEast1 = new VpcAttachment(\"exampleUsEast1\", VpcAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .subnetArns(exampleUsEast1AwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .vpcArn(exampleUsEast1AwsVpc.arn())\n .build());\n\n final var example = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .asnRanges(\"65022-65534\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-west-2\")\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .build())\n .build())\n .segments( \n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment\")\n .build(),\n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"segment2\")\n .build())\n .segmentActions( \n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.0.0.0/16\")\n .destinations(exampleUsWest2.id())\n .build(),\n GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"create-route\")\n .segment(\"segment\")\n .destinationCidrBlocks(\"10.1.0.0/16\")\n .destinations(exampleUsEast1.id())\n .build())\n .build());\n\n var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment(\"exampleCoreNetworkPolicyAttachment\", CoreNetworkPolicyAttachmentArgs.builder()\n .coreNetworkId(exampleCoreNetwork.id())\n .policyDocument(example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getCoreNetworkPolicyDocumentResult -\u003e getCoreNetworkPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_core_network_policy_attachment` using the core network ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/coreNetworkPolicyAttachment:CoreNetworkPolicyAttachment example core-network-0d47f6t230mz46dy4\n```\n", "properties": { "coreNetworkId": { "type": "string", "description": "The ID of the core network that a policy will be attached to and made `LIVE`.\n" }, "policyDocument": { "type": "string", "description": "Policy document for creating a core network. Note that updating this argument will result in the new policy document version being set as the `LATEST` and `LIVE` policy document. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" }, "state": { "type": "string", "description": "Current state of a core network.\n" } }, "required": [ "coreNetworkId", "policyDocument", "state" ], "inputProperties": { "coreNetworkId": { "type": "string", "description": "The ID of the core network that a policy will be attached to and made `LIVE`.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "Policy document for creating a core network. Note that updating this argument will result in the new policy document version being set as the `LATEST` and `LIVE` policy document. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" } }, "requiredInputs": [ "coreNetworkId", "policyDocument" ], "stateInputs": { "description": "Input properties used for looking up and filtering CoreNetworkPolicyAttachment resources.\n", "properties": { "coreNetworkId": { "type": "string", "description": "The ID of the core network that a policy will be attached to and made `LIVE`.\n", "willReplaceOnChanges": true }, "policyDocument": { "type": "string", "description": "Policy document for creating a core network. Note that updating this argument will result in the new policy document version being set as the `LATEST` and `LIVE` policy document. Refer to the [Core network policies documentation](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) for more information.\n" }, "state": { "type": "string", "description": "Current state of a core network.\n" } }, "type": "object" } }, "aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation": { "description": "Associates a customer gateway with a device and optionally, with a link.\nIf you specify a link, it must be associated with the specified device.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {description: \"example\"});\nconst exampleSite = new aws.networkmanager.Site(\"example\", {globalNetworkId: example.id});\nconst exampleDevice = new aws.networkmanager.Device(\"example\", {\n globalNetworkId: example.id,\n siteId: exampleSite.id,\n});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.83.124.10\",\n type: \"ipsec.1\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: exampleTransitGateway.id,\n type: exampleCustomerGateway.type,\n staticRoutesOnly: true,\n});\nconst exampleTransitGatewayRegistration = new aws.networkmanager.TransitGatewayRegistration(\"example\", {\n globalNetworkId: example.id,\n transitGatewayArn: exampleTransitGateway.arn,\n}, {\n dependsOn: [exampleVpnConnection],\n});\nconst exampleCustomerGatewayAssociation = new aws.networkmanager.CustomerGatewayAssociation(\"example\", {\n globalNetworkId: example.id,\n customerGatewayArn: exampleCustomerGateway.arn,\n deviceId: exampleDevice.id,\n}, {\n dependsOn: [exampleTransitGatewayRegistration],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\", description=\"example\")\nexample_site = aws.networkmanager.Site(\"example\", global_network_id=example.id)\nexample_device = aws.networkmanager.Device(\"example\",\n global_network_id=example.id,\n site_id=example_site.id)\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"65000\",\n ip_address=\"172.83.124.10\",\n type=\"ipsec.1\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example_transit_gateway.id,\n type=example_customer_gateway.type,\n static_routes_only=True)\nexample_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration(\"example\",\n global_network_id=example.id,\n transit_gateway_arn=example_transit_gateway.arn,\n opts = pulumi.ResourceOptions(depends_on=[example_vpn_connection]))\nexample_customer_gateway_association = aws.networkmanager.CustomerGatewayAssociation(\"example\",\n global_network_id=example.id,\n customer_gateway_arn=example_customer_gateway.arn,\n device_id=example_device.id,\n opts = pulumi.ResourceOptions(depends_on=[example_transit_gateway_registration]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleSite = new Aws.NetworkManager.Site(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n });\n\n var exampleDevice = new Aws.NetworkManager.Device(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n SiteId = exampleSite.Id,\n });\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.83.124.10\",\n Type = \"ipsec.1\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = exampleTransitGateway.Id,\n Type = exampleCustomerGateway.Type,\n StaticRoutesOnly = true,\n });\n\n var exampleTransitGatewayRegistration = new Aws.NetworkManager.TransitGatewayRegistration(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n TransitGatewayArn = exampleTransitGateway.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpnConnection,\n },\n });\n\n var exampleCustomerGatewayAssociation = new Aws.NetworkManager.CustomerGatewayAssociation(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n CustomerGatewayArn = exampleCustomerGateway.Arn,\n DeviceId = exampleDevice.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleTransitGatewayRegistration,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewGlobalNetwork(ctx, \"example\", \u0026networkmanager.GlobalNetworkArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSite, err := networkmanager.NewSite(ctx, \"example\", \u0026networkmanager.SiteArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDevice, err := networkmanager.NewDevice(ctx, \"example\", \u0026networkmanager.DeviceArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tSiteId: exampleSite.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.83.124.10\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnConnection, err := ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGatewayRegistration, err := networkmanager.NewTransitGatewayRegistration(ctx, \"example\", \u0026networkmanager.TransitGatewayRegistrationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tTransitGatewayArn: exampleTransitGateway.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpnConnection,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewCustomerGatewayAssociation(ctx, \"example\", \u0026networkmanager.CustomerGatewayAssociationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tCustomerGatewayArn: exampleCustomerGateway.Arn,\n\t\t\tDeviceId: exampleDevice.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleTransitGatewayRegistration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.GlobalNetworkArgs;\nimport com.pulumi.aws.networkmanager.Site;\nimport com.pulumi.aws.networkmanager.SiteArgs;\nimport com.pulumi.aws.networkmanager.Device;\nimport com.pulumi.aws.networkmanager.DeviceArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistration;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistrationArgs;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociation;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\", GlobalNetworkArgs.builder()\n .description(\"example\")\n .build());\n\n var exampleSite = new Site(\"exampleSite\", SiteArgs.builder()\n .globalNetworkId(example.id())\n .build());\n\n var exampleDevice = new Device(\"exampleDevice\", DeviceArgs.builder()\n .globalNetworkId(example.id())\n .siteId(exampleSite.id())\n .build());\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder()\n .bgpAsn(65000)\n .ipAddress(\"172.83.124.10\")\n .type(\"ipsec.1\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\");\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder()\n .customerGatewayId(exampleCustomerGateway.id())\n .transitGatewayId(exampleTransitGateway.id())\n .type(exampleCustomerGateway.type())\n .staticRoutesOnly(true)\n .build());\n\n var exampleTransitGatewayRegistration = new TransitGatewayRegistration(\"exampleTransitGatewayRegistration\", TransitGatewayRegistrationArgs.builder()\n .globalNetworkId(example.id())\n .transitGatewayArn(exampleTransitGateway.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpnConnection)\n .build());\n\n var exampleCustomerGatewayAssociation = new CustomerGatewayAssociation(\"exampleCustomerGatewayAssociation\", CustomerGatewayAssociationArgs.builder()\n .globalNetworkId(example.id())\n .customerGatewayArn(exampleCustomerGateway.arn())\n .deviceId(exampleDevice.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleTransitGatewayRegistration)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n properties:\n description: example\n exampleSite:\n type: aws:networkmanager:Site\n name: example\n properties:\n globalNetworkId: ${example.id}\n exampleDevice:\n type: aws:networkmanager:Device\n name: example\n properties:\n globalNetworkId: ${example.id}\n siteId: ${exampleSite.id}\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 65000\n ipAddress: 172.83.124.10\n type: ipsec.1\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n transitGatewayId: ${exampleTransitGateway.id}\n type: ${exampleCustomerGateway.type}\n staticRoutesOnly: true\n exampleTransitGatewayRegistration:\n type: aws:networkmanager:TransitGatewayRegistration\n name: example\n properties:\n globalNetworkId: ${example.id}\n transitGatewayArn: ${exampleTransitGateway.arn}\n options:\n dependson:\n - ${exampleVpnConnection}\n exampleCustomerGatewayAssociation:\n type: aws:networkmanager:CustomerGatewayAssociation\n name: example\n properties:\n globalNetworkId: ${example.id}\n customerGatewayArn: ${exampleCustomerGateway.arn}\n deviceId: ${exampleDevice.id}\n options:\n dependson:\n - ${exampleTransitGatewayRegistration}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_customer_gateway_association` using the global network ID and customer gateway ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation example global-network-0d47f6t230mz46dy4,arn:aws:ec2:us-west-2:123456789012:customer-gateway/cgw-123abc05e04123abc\n```\n", "properties": { "customerGatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the customer gateway.\n" }, "deviceId": { "type": "string", "description": "The ID of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "linkId": { "type": "string", "description": "The ID of the link.\n" } }, "required": [ "customerGatewayArn", "deviceId", "globalNetworkId" ], "inputProperties": { "customerGatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the customer gateway.\n", "willReplaceOnChanges": true }, "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "customerGatewayArn", "deviceId", "globalNetworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomerGatewayAssociation resources.\n", "properties": { "customerGatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the customer gateway.\n", "willReplaceOnChanges": true }, "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/device:Device": { "description": "Creates a device in a global network. If you specify both a site ID and a location,\nthe location of the site is used for visualization in the Network Manager console.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.Device(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n siteId: exampleAwsNetworkmanagerSite.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.Device(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n site_id=example_aws_networkmanager_site[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.Device(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n SiteId = exampleAwsNetworkmanagerSite.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewDevice(ctx, \"example\", \u0026networkmanager.DeviceArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tSiteId: pulumi.Any(exampleAwsNetworkmanagerSite.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.Device;\nimport com.pulumi.aws.networkmanager.DeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Device(\"example\", DeviceArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .siteId(exampleAwsNetworkmanagerSite.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:Device\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n siteId: ${exampleAwsNetworkmanagerSite.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_device` using the device ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/device:Device example arn:aws:networkmanager::123456789012:device/global-network-0d47f6t230mz46dy4/device-07f6fd08867abc123\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the device.\n" }, "awsLocation": { "$ref": "#/types/aws:networkmanager/DeviceAwsLocation:DeviceAwsLocation", "description": "The AWS location of the device. Documented below.\n" }, "description": { "type": "string", "description": "A description of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "location": { "$ref": "#/types/aws:networkmanager/DeviceLocation:DeviceLocation", "description": "The location of the device. Documented below.\n" }, "model": { "type": "string", "description": "The model of device.\n" }, "serialNumber": { "type": "string", "description": "The serial number of the device.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of device.\n" }, "vendor": { "type": "string", "description": "The vendor of the device.\n" } }, "required": [ "arn", "globalNetworkId", "tagsAll" ], "inputProperties": { "awsLocation": { "$ref": "#/types/aws:networkmanager/DeviceAwsLocation:DeviceAwsLocation", "description": "The AWS location of the device. Documented below.\n" }, "description": { "type": "string", "description": "A description of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "location": { "$ref": "#/types/aws:networkmanager/DeviceLocation:DeviceLocation", "description": "The location of the device. Documented below.\n" }, "model": { "type": "string", "description": "The model of device.\n" }, "serialNumber": { "type": "string", "description": "The serial number of the device.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of device.\n" }, "vendor": { "type": "string", "description": "The vendor of the device.\n" } }, "requiredInputs": [ "globalNetworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Device resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the device.\n" }, "awsLocation": { "$ref": "#/types/aws:networkmanager/DeviceAwsLocation:DeviceAwsLocation", "description": "The AWS location of the device. Documented below.\n" }, "description": { "type": "string", "description": "A description of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "location": { "$ref": "#/types/aws:networkmanager/DeviceLocation:DeviceLocation", "description": "The location of the device. Documented below.\n" }, "model": { "type": "string", "description": "The model of device.\n" }, "serialNumber": { "type": "string", "description": "The serial number of the device.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the device. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of device.\n" }, "vendor": { "type": "string", "description": "The vendor of the device.\n" } }, "type": "object" } }, "aws:networkmanager/globalNetwork:GlobalNetwork": { "description": "Provides a global network resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {description: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\", description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\", new()\n {\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewGlobalNetwork(ctx, \"example\", \u0026networkmanager.GlobalNetworkArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.GlobalNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\", GlobalNetworkArgs.builder()\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n properties:\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_global_network` using the global network ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/globalNetwork:GlobalNetwork example global-network-0d47f6t230mz46dy4\n```\n", "properties": { "arn": { "type": "string", "description": "Global Network Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "Description of the Global Network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Global Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the Global Network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Global Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering GlobalNetwork resources.\n", "properties": { "arn": { "type": "string", "description": "Global Network Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "Description of the Global Network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Global Network. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmanager/link:Link": { "description": "Creates a link for a site.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.Link(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n siteId: exampleAwsNetworkmanagerSite.id,\n bandwidth: {\n uploadSpeed: 10,\n downloadSpeed: 50,\n },\n providerName: \"MegaCorp\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.Link(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n site_id=example_aws_networkmanager_site[\"id\"],\n bandwidth={\n \"upload_speed\": 10,\n \"download_speed\": 50,\n },\n provider_name=\"MegaCorp\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.Link(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n SiteId = exampleAwsNetworkmanagerSite.Id,\n Bandwidth = new Aws.NetworkManager.Inputs.LinkBandwidthArgs\n {\n UploadSpeed = 10,\n DownloadSpeed = 50,\n },\n ProviderName = \"MegaCorp\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewLink(ctx, \"example\", \u0026networkmanager.LinkArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tSiteId: pulumi.Any(exampleAwsNetworkmanagerSite.Id),\n\t\t\tBandwidth: \u0026networkmanager.LinkBandwidthArgs{\n\t\t\t\tUploadSpeed: pulumi.Int(10),\n\t\t\t\tDownloadSpeed: pulumi.Int(50),\n\t\t\t},\n\t\t\tProviderName: pulumi.String(\"MegaCorp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.Link;\nimport com.pulumi.aws.networkmanager.LinkArgs;\nimport com.pulumi.aws.networkmanager.inputs.LinkBandwidthArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Link(\"example\", LinkArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .siteId(exampleAwsNetworkmanagerSite.id())\n .bandwidth(LinkBandwidthArgs.builder()\n .uploadSpeed(10)\n .downloadSpeed(50)\n .build())\n .providerName(\"MegaCorp\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:Link\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n siteId: ${exampleAwsNetworkmanagerSite.id}\n bandwidth:\n uploadSpeed: 10\n downloadSpeed: 50\n providerName: MegaCorp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_link` using the link ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/link:Link example arn:aws:networkmanager::123456789012:link/global-network-0d47f6t230mz46dy4/link-444555aaabbb11223\n```\n", "properties": { "arn": { "type": "string", "description": "Link Amazon Resource Name (ARN).\n" }, "bandwidth": { "$ref": "#/types/aws:networkmanager/LinkBandwidth:LinkBandwidth", "description": "The upload speed and download speed in Mbps. Documented below.\n" }, "description": { "type": "string", "description": "A description of the link.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "providerName": { "type": "string", "description": "The provider of the link.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the link.\n" } }, "required": [ "arn", "bandwidth", "globalNetworkId", "siteId", "tagsAll" ], "inputProperties": { "bandwidth": { "$ref": "#/types/aws:networkmanager/LinkBandwidth:LinkBandwidth", "description": "The upload speed and download speed in Mbps. Documented below.\n" }, "description": { "type": "string", "description": "A description of the link.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "providerName": { "type": "string", "description": "The provider of the link.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of the link.\n" } }, "requiredInputs": [ "bandwidth", "globalNetworkId", "siteId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Link resources.\n", "properties": { "arn": { "type": "string", "description": "Link Amazon Resource Name (ARN).\n" }, "bandwidth": { "$ref": "#/types/aws:networkmanager/LinkBandwidth:LinkBandwidth", "description": "The upload speed and download speed in Mbps. Documented below.\n" }, "description": { "type": "string", "description": "A description of the link.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "providerName": { "type": "string", "description": "The provider of the link.\n" }, "siteId": { "type": "string", "description": "The ID of the site.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the link. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the link.\n" } }, "type": "object" } }, "aws:networkmanager/linkAssociation:LinkAssociation": { "description": "Associates a link to a device.\nA device can be associated to multiple links and a link can be associated to multiple devices.\nThe device and link must be in the same global network and the same site.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.LinkAssociation(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n linkId: exampleAwsNetworkmanagerLink.id,\n deviceId: exampleAwsNetworkmanagerDevice.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.LinkAssociation(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n link_id=example_aws_networkmanager_link[\"id\"],\n device_id=example_aws_networkmanager_device[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.LinkAssociation(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n LinkId = exampleAwsNetworkmanagerLink.Id,\n DeviceId = exampleAwsNetworkmanagerDevice.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewLinkAssociation(ctx, \"example\", \u0026networkmanager.LinkAssociationArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tLinkId: pulumi.Any(exampleAwsNetworkmanagerLink.Id),\n\t\t\tDeviceId: pulumi.Any(exampleAwsNetworkmanagerDevice.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.LinkAssociation;\nimport com.pulumi.aws.networkmanager.LinkAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LinkAssociation(\"example\", LinkAssociationArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .linkId(exampleAwsNetworkmanagerLink.id())\n .deviceId(exampleAwsNetworkmanagerDevice.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:LinkAssociation\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n linkId: ${exampleAwsNetworkmanagerLink.id}\n deviceId: ${exampleAwsNetworkmanagerDevice.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_link_association` using the global network ID, link ID and device ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/linkAssociation:LinkAssociation example global-network-0d47f6t230mz46dy4,link-444555aaabbb11223,device-07f6fd08867abc123\n```\n", "properties": { "deviceId": { "type": "string", "description": "The ID of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "linkId": { "type": "string", "description": "The ID of the link.\n" } }, "required": [ "deviceId", "globalNetworkId", "linkId" ], "inputProperties": { "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "deviceId", "globalNetworkId", "linkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering LinkAssociation resources.\n", "properties": { "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/site:Site": { "description": "Creates a site in a global network.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {});\nconst exampleSite = new aws.networkmanager.Site(\"example\", {globalNetworkId: example.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\")\nexample_site = aws.networkmanager.Site(\"example\", global_network_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\");\n\n var exampleSite = new Aws.NetworkManager.Site(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewGlobalNetwork(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewSite(ctx, \"example\", \u0026networkmanager.SiteArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.Site;\nimport com.pulumi.aws.networkmanager.SiteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\");\n\n var exampleSite = new Site(\"exampleSite\", SiteArgs.builder()\n .globalNetworkId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n exampleSite:\n type: aws:networkmanager:Site\n name: example\n properties:\n globalNetworkId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_site` using the site ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/site:Site example arn:aws:networkmanager::123456789012:site/global-network-0d47f6t230mz46dy4/site-444555aaabbb11223\n```\n", "properties": { "arn": { "type": "string", "description": "Site Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "Description of the Site.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to create the site in.\n" }, "location": { "$ref": "#/types/aws:networkmanager/SiteLocation:SiteLocation", "description": "The site location as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Site. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "globalNetworkId", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the Site.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to create the site in.\n", "willReplaceOnChanges": true }, "location": { "$ref": "#/types/aws:networkmanager/SiteLocation:SiteLocation", "description": "The site location as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Site. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "globalNetworkId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Site resources.\n", "properties": { "arn": { "type": "string", "description": "Site Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "Description of the Site.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to create the site in.\n", "willReplaceOnChanges": true }, "location": { "$ref": "#/types/aws:networkmanager/SiteLocation:SiteLocation", "description": "The site location as documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Site. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmanager/siteToSiteVpnAttachment:SiteToSiteVpnAttachment": { "description": "Resource for managing an AWS Network Manager SiteToSiteAttachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.SiteToSiteVpnAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpnConnectionArn: exampleAwsVpnConnection.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.SiteToSiteVpnAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpn_connection_arn=example_aws_vpn_connection[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.SiteToSiteVpnAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpnConnectionArn = exampleAwsVpnConnection.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewSiteToSiteVpnAttachment(ctx, \"example\", \u0026networkmanager.SiteToSiteVpnAttachmentArgs{\n\t\t\tCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\n\t\t\tVpnConnectionArn: pulumi.Any(exampleAwsVpnConnection.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.SiteToSiteVpnAttachment;\nimport com.pulumi.aws.networkmanager.SiteToSiteVpnAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SiteToSiteVpnAttachment(\"example\", SiteToSiteVpnAttachmentArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpnConnectionArn(exampleAwsVpnConnection.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:SiteToSiteVpnAttachment\n properties:\n coreNetworkId: ${exampleAwsccNetworkmanagerCoreNetwork.id}\n vpnConnectionArn: ${exampleAwsVpnConnection.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_site_to_site_vpn_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/siteToSiteVpnAttachment:SiteToSiteVpnAttachment example attachment-0f8fa60d2238d1bd8\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPN attachment.\n" }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpnConnectionArn": { "type": "string", "description": "The ARN of the site-to-site VPN connection.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "attachmentPolicyRuleNumber", "attachmentType", "coreNetworkArn", "coreNetworkId", "edgeLocation", "ownerAccountId", "resourceArn", "segmentName", "state", "tagsAll", "vpnConnectionArn" ], "inputProperties": { "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPN attachment.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpnConnectionArn": { "type": "string", "description": "The ARN of the site-to-site VPN connection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "coreNetworkId", "vpnConnectionArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering SiteToSiteVpnAttachment resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPN attachment.\n", "willReplaceOnChanges": true }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpnConnectionArn": { "type": "string", "description": "The ARN of the site-to-site VPN connection.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/transitGatewayConnectPeerAssociation:TransitGatewayConnectPeerAssociation": { "description": "Associates a transit gateway Connect peer with a device, and optionally, with a link.\nIf you specify a link, it must be associated with the specified device.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.TransitGatewayConnectPeerAssociation(\"example\", {\n globalNetworkId: exampleAwsNetworkmanagerGlobalNetwork.id,\n deviceId: exampleAwsNetworkmanagerDevice.id,\n transitGatewayConnectPeerArn: exampleAwsEc2TransitGatewayConnectPeer.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.TransitGatewayConnectPeerAssociation(\"example\",\n global_network_id=example_aws_networkmanager_global_network[\"id\"],\n device_id=example_aws_networkmanager_device[\"id\"],\n transit_gateway_connect_peer_arn=example_aws_ec2_transit_gateway_connect_peer[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.TransitGatewayConnectPeerAssociation(\"example\", new()\n {\n GlobalNetworkId = exampleAwsNetworkmanagerGlobalNetwork.Id,\n DeviceId = exampleAwsNetworkmanagerDevice.Id,\n TransitGatewayConnectPeerArn = exampleAwsEc2TransitGatewayConnectPeer.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewTransitGatewayConnectPeerAssociation(ctx, \"example\", \u0026networkmanager.TransitGatewayConnectPeerAssociationArgs{\n\t\t\tGlobalNetworkId: pulumi.Any(exampleAwsNetworkmanagerGlobalNetwork.Id),\n\t\t\tDeviceId: pulumi.Any(exampleAwsNetworkmanagerDevice.Id),\n\t\t\tTransitGatewayConnectPeerArn: pulumi.Any(exampleAwsEc2TransitGatewayConnectPeer.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.TransitGatewayConnectPeerAssociation;\nimport com.pulumi.aws.networkmanager.TransitGatewayConnectPeerAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGatewayConnectPeerAssociation(\"example\", TransitGatewayConnectPeerAssociationArgs.builder()\n .globalNetworkId(exampleAwsNetworkmanagerGlobalNetwork.id())\n .deviceId(exampleAwsNetworkmanagerDevice.id())\n .transitGatewayConnectPeerArn(exampleAwsEc2TransitGatewayConnectPeer.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:TransitGatewayConnectPeerAssociation\n properties:\n globalNetworkId: ${exampleAwsNetworkmanagerGlobalNetwork.id}\n deviceId: ${exampleAwsNetworkmanagerDevice.id}\n transitGatewayConnectPeerArn: ${exampleAwsEc2TransitGatewayConnectPeer.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_transit_gateway_connect_peer_association` using the global network ID and customer gateway ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/transitGatewayConnectPeerAssociation:TransitGatewayConnectPeerAssociation example global-network-0d47f6t230mz46dy4,arn:aws:ec2:us-west-2:123456789012:transit-gateway-connect-peer/tgw-connect-peer-12345678\n```\n", "properties": { "deviceId": { "type": "string", "description": "The ID of the device.\n" }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n" }, "linkId": { "type": "string", "description": "The ID of the link.\n" }, "transitGatewayConnectPeerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Connect peer.\n" } }, "required": [ "deviceId", "globalNetworkId", "transitGatewayConnectPeerArn" ], "inputProperties": { "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true }, "transitGatewayConnectPeerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Connect peer.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "deviceId", "globalNetworkId", "transitGatewayConnectPeerArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitGatewayConnectPeerAssociation resources.\n", "properties": { "deviceId": { "type": "string", "description": "The ID of the device.\n", "willReplaceOnChanges": true }, "globalNetworkId": { "type": "string", "description": "The ID of the global network.\n", "willReplaceOnChanges": true }, "linkId": { "type": "string", "description": "The ID of the link.\n", "willReplaceOnChanges": true }, "transitGatewayConnectPeerArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Connect peer.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/transitGatewayPeering:TransitGatewayPeering": { "description": "Creates a peering connection between an AWS Cloud WAN core network and an AWS Transit Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.TransitGatewayPeering(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transitGatewayArn: exampleAwsEc2TransitGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.TransitGatewayPeering(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transit_gateway_arn=example_aws_ec2_transit_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.TransitGatewayPeering(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransitGatewayArn = exampleAwsEc2TransitGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewTransitGatewayPeering(ctx, \"example\", \u0026networkmanager.TransitGatewayPeeringArgs{\n\t\t\tCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\n\t\t\tTransitGatewayArn: pulumi.Any(exampleAwsEc2TransitGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.TransitGatewayPeering;\nimport com.pulumi.aws.networkmanager.TransitGatewayPeeringArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGatewayPeering(\"example\", TransitGatewayPeeringArgs.builder()\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transitGatewayArn(exampleAwsEc2TransitGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:TransitGatewayPeering\n properties:\n coreNetworkId: ${exampleAwsccNetworkmanagerCoreNetwork.id}\n transitGatewayArn: ${exampleAwsEc2TransitGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_transit_gateway_peering` using the peering ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/transitGatewayPeering:TransitGatewayPeering example peering-444555aaabbb11223\n```\n", "properties": { "arn": { "type": "string", "description": "Peering Amazon Resource Name (ARN).\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network.\n" }, "edgeLocation": { "type": "string", "description": "The edge location for the peer.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the account owner.\n" }, "peeringType": { "type": "string", "description": "The type of peering. This will be `TRANSIT_GATEWAY`.\n" }, "resourceArn": { "type": "string", "description": "The resource ARN of the peer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the peering. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayArn": { "type": "string", "description": "The ARN of the transit gateway for the peering request.\n" }, "transitGatewayPeeringAttachmentId": { "type": "string", "description": "The ID of the transit gateway peering attachment.\n" } }, "required": [ "arn", "coreNetworkArn", "coreNetworkId", "edgeLocation", "ownerAccountId", "peeringType", "resourceArn", "tagsAll", "transitGatewayArn", "transitGatewayPeeringAttachmentId" ], "inputProperties": { "coreNetworkId": { "type": "string", "description": "The ID of a core network.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the peering. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayArn": { "type": "string", "description": "The ARN of the transit gateway for the peering request.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "coreNetworkId", "transitGatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitGatewayPeering resources.\n", "properties": { "arn": { "type": "string", "description": "Peering Amazon Resource Name (ARN).\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network.\n", "willReplaceOnChanges": true }, "edgeLocation": { "type": "string", "description": "The edge location for the peer.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the account owner.\n" }, "peeringType": { "type": "string", "description": "The type of peering. This will be `TRANSIT_GATEWAY`.\n" }, "resourceArn": { "type": "string", "description": "The resource ARN of the peer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the peering. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayArn": { "type": "string", "description": "The ARN of the transit gateway for the peering request.\n", "willReplaceOnChanges": true }, "transitGatewayPeeringAttachmentId": { "type": "string", "description": "The ID of the transit gateway peering attachment.\n" } }, "type": "object" } }, "aws:networkmanager/transitGatewayRegistration:TransitGatewayRegistration": { "description": "Registers a transit gateway to a global network. The transit gateway can be in any AWS Region,\nbut it must be owned by the same AWS account that owns the global network.\nYou cannot register a transit gateway in more than one global network.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {description: \"example\"});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleTransitGatewayRegistration = new aws.networkmanager.TransitGatewayRegistration(\"example\", {\n globalNetworkId: example.id,\n transitGatewayArn: exampleTransitGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\", description=\"example\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration(\"example\",\n global_network_id=example.id,\n transit_gateway_arn=example_transit_gateway.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleTransitGatewayRegistration = new Aws.NetworkManager.TransitGatewayRegistration(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n TransitGatewayArn = exampleTransitGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewGlobalNetwork(ctx, \"example\", \u0026networkmanager.GlobalNetworkArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewTransitGatewayRegistration(ctx, \"example\", \u0026networkmanager.TransitGatewayRegistrationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tTransitGatewayArn: exampleTransitGateway.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.GlobalNetworkArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistration;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\", GlobalNetworkArgs.builder()\n .description(\"example\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\");\n\n var exampleTransitGatewayRegistration = new TransitGatewayRegistration(\"exampleTransitGatewayRegistration\", TransitGatewayRegistrationArgs.builder()\n .globalNetworkId(example.id())\n .transitGatewayArn(exampleTransitGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n properties:\n description: example\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n exampleTransitGatewayRegistration:\n type: aws:networkmanager:TransitGatewayRegistration\n name: example\n properties:\n globalNetworkId: ${example.id}\n transitGatewayArn: ${exampleTransitGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_transit_gateway_registration` using the global network ID and transit gateway ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/transitGatewayRegistration:TransitGatewayRegistration example global-network-0d47f6t230mz46dy4,arn:aws:ec2:us-west-2:123456789012:transit-gateway/tgw-123abc05e04123abc\n```\n", "properties": { "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to register to.\n" }, "transitGatewayArn": { "type": "string", "description": "The ARN of the Transit Gateway to register.\n" } }, "required": [ "globalNetworkId", "transitGatewayArn" ], "inputProperties": { "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to register to.\n", "willReplaceOnChanges": true }, "transitGatewayArn": { "type": "string", "description": "The ARN of the Transit Gateway to register.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "globalNetworkId", "transitGatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitGatewayRegistration resources.\n", "properties": { "globalNetworkId": { "type": "string", "description": "The ID of the Global Network to register to.\n", "willReplaceOnChanges": true }, "transitGatewayArn": { "type": "string", "description": "The ARN of the Transit Gateway to register.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/transitGatewayRouteTableAttachment:TransitGatewayRouteTableAttachment": { "description": "Creates a transit gateway route table attachment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.TransitGatewayRouteTableAttachment(\"example\", {\n peeringId: exampleAwsNetworkmanagerTransitGatewayPeering.id,\n transitGatewayRouteTableArn: exampleAwsEc2TransitGatewayRouteTable.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.TransitGatewayRouteTableAttachment(\"example\",\n peering_id=example_aws_networkmanager_transit_gateway_peering[\"id\"],\n transit_gateway_route_table_arn=example_aws_ec2_transit_gateway_route_table[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.TransitGatewayRouteTableAttachment(\"example\", new()\n {\n PeeringId = exampleAwsNetworkmanagerTransitGatewayPeering.Id,\n TransitGatewayRouteTableArn = exampleAwsEc2TransitGatewayRouteTable.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewTransitGatewayRouteTableAttachment(ctx, \"example\", \u0026networkmanager.TransitGatewayRouteTableAttachmentArgs{\n\t\t\tPeeringId: pulumi.Any(exampleAwsNetworkmanagerTransitGatewayPeering.Id),\n\t\t\tTransitGatewayRouteTableArn: pulumi.Any(exampleAwsEc2TransitGatewayRouteTable.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.TransitGatewayRouteTableAttachment;\nimport com.pulumi.aws.networkmanager.TransitGatewayRouteTableAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TransitGatewayRouteTableAttachment(\"example\", TransitGatewayRouteTableAttachmentArgs.builder()\n .peeringId(exampleAwsNetworkmanagerTransitGatewayPeering.id())\n .transitGatewayRouteTableArn(exampleAwsEc2TransitGatewayRouteTable.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:TransitGatewayRouteTableAttachment\n properties:\n peeringId: ${exampleAwsNetworkmanagerTransitGatewayPeering.id}\n transitGatewayRouteTableArn: ${exampleAwsEc2TransitGatewayRouteTable.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_transit_gateway_route_table_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/transitGatewayRouteTableAttachment:TransitGatewayRouteTableAttachment example attachment-0f8fa60d2238d1bd8\n```\n", "properties": { "arn": { "type": "string", "description": "Attachment Amazon Resource Name (ARN).\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of the core network.\n" }, "edgeLocation": { "type": "string", "description": "The edge location for the peer.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "peeringId": { "type": "string", "description": "The ID of the peer for the attachment.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayRouteTableArn": { "type": "string", "description": "The ARN of the transit gateway route table for the attachment.\n" } }, "required": [ "arn", "attachmentPolicyRuleNumber", "attachmentType", "coreNetworkArn", "coreNetworkId", "edgeLocation", "ownerAccountId", "peeringId", "resourceArn", "segmentName", "state", "tagsAll", "transitGatewayRouteTableArn" ], "inputProperties": { "peeringId": { "type": "string", "description": "The ID of the peer for the attachment.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "transitGatewayRouteTableArn": { "type": "string", "description": "The ARN of the transit gateway route table for the attachment.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "peeringId", "transitGatewayRouteTableArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering TransitGatewayRouteTableAttachment resources.\n", "properties": { "arn": { "type": "string", "description": "Attachment Amazon Resource Name (ARN).\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of the core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of the core network.\n" }, "edgeLocation": { "type": "string", "description": "The edge location for the peer.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "peeringId": { "type": "string", "description": "The ID of the peer for the attachment.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "transitGatewayRouteTableArn": { "type": "string", "description": "The ARN of the transit gateway route table for the attachment.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmanager/vpcAttachment:VpcAttachment": { "description": "Resource for managing an AWS Network Manager VPC Attachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: [exampleAwsSubnet.arn],\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[example_aws_subnet[\"arn\"]],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = new[]\n {\n exampleAwsSubnet.Arn,\n },\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\n\t\t\tSubnetArns: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Arn,\n\t\t\t},\n\t\t\tCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\n\t\t\tVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder()\n .subnetArns(exampleAwsSubnet.arn())\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:VpcAttachment\n properties:\n subnetArns:\n - ${exampleAwsSubnet.arn}\n coreNetworkId: ${exampleAwsccNetworkmanagerCoreNetwork.id}\n vpcArn: ${exampleAwsVpc.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_vpc_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/vpcAttachment:VpcAttachment example attachment-0f8fa60d2238d1bd8\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPC attachment.\n" }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "options": { "$ref": "#/types/aws:networkmanager/VpcAttachmentOptions:VpcAttachmentOptions", "description": "Options for the VPC attachment.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The subnet ARN of the VPC attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcArn": { "type": "string", "description": "The ARN of the VPC.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "attachmentPolicyRuleNumber", "attachmentType", "coreNetworkArn", "coreNetworkId", "edgeLocation", "ownerAccountId", "resourceArn", "segmentName", "state", "subnetArns", "tagsAll", "vpcArn" ], "inputProperties": { "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPC attachment.\n", "willReplaceOnChanges": true }, "options": { "$ref": "#/types/aws:networkmanager/VpcAttachmentOptions:VpcAttachmentOptions", "description": "Options for the VPC attachment.\n" }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The subnet ARN of the VPC attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcArn": { "type": "string", "description": "The ARN of the VPC.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "coreNetworkId", "subnetArns", "vpcArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAttachment resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "attachmentPolicyRuleNumber": { "type": "integer", "description": "The policy rule number associated with the attachment.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment.\n" }, "coreNetworkArn": { "type": "string", "description": "The ARN of a core network.\n" }, "coreNetworkId": { "type": "string", "description": "The ID of a core network for the VPC attachment.\n", "willReplaceOnChanges": true }, "edgeLocation": { "type": "string", "description": "The Region where the edge is located.\n" }, "options": { "$ref": "#/types/aws:networkmanager/VpcAttachmentOptions:VpcAttachmentOptions", "description": "Options for the VPC attachment.\n" }, "ownerAccountId": { "type": "string", "description": "The ID of the attachment account owner.\n" }, "resourceArn": { "type": "string", "description": "The attachment resource ARN.\n" }, "segmentName": { "type": "string", "description": "The name of the segment attachment.\n" }, "state": { "type": "string", "description": "The state of the attachment.\n" }, "subnetArns": { "type": "array", "items": { "type": "string" }, "description": "The subnet ARN of the VPC attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcArn": { "type": "string", "description": "The ARN of the VPC.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:networkmonitor/monitor:Monitor": { "description": "Resource for managing an AWS Network Monitor Monitor.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmonitor.Monitor(\"example\", {\n aggregationPeriod: 30,\n monitorName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmonitor.Monitor(\"example\",\n aggregation_period=30,\n monitor_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkMonitor.Monitor(\"example\", new()\n {\n AggregationPeriod = 30,\n MonitorName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmonitor\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmonitor.NewMonitor(ctx, \"example\", \u0026networkmonitor.MonitorArgs{\n\t\t\tAggregationPeriod: pulumi.Int(30),\n\t\t\tMonitorName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmonitor.Monitor;\nimport com.pulumi.aws.networkmonitor.MonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Monitor(\"example\", MonitorArgs.builder()\n .aggregationPeriod(30)\n .monitorName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmonitor:Monitor\n properties:\n aggregationPeriod: 30\n monitorName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmonitor_monitor` using the monitor name. For example:\n\n```sh\n$ pulumi import aws:networkmonitor/monitor:Monitor example monitor-7786087912324693644\n```\n", "properties": { "aggregationPeriod": { "type": "integer", "description": "The time, in seconds, that metrics are aggregated and sent to Amazon CloudWatch. Valid values are either 30 or 60.\n" }, "arn": { "type": "string", "description": "The ARN of the monitor.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "monitorName", "tagsAll" ], "inputProperties": { "aggregationPeriod": { "type": "integer", "description": "The time, in seconds, that metrics are aggregated and sent to Amazon CloudWatch. Valid values are either 30 or 60.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "monitorName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Monitor resources.\n", "properties": { "aggregationPeriod": { "type": "integer", "description": "The time, in seconds, that metrics are aggregated and sent to Amazon CloudWatch. Valid values are either 30 or 60.\n" }, "arn": { "type": "string", "description": "The ARN of the monitor.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:networkmonitor/probe:Probe": { "description": "Resource for managing an AWS Network Monitor Probe.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmonitor.Monitor(\"example\", {\n aggregationPeriod: 30,\n monitorName: \"example\",\n});\nconst exampleProbe = new aws.networkmonitor.Probe(\"example\", {\n monitorName: example.monitorName,\n destination: \"127.0.0.1\",\n destinationPort: 80,\n protocol: \"TCP\",\n sourceArn: exampleAwsSubnet.arn,\n packetSize: 200,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmonitor.Monitor(\"example\",\n aggregation_period=30,\n monitor_name=\"example\")\nexample_probe = aws.networkmonitor.Probe(\"example\",\n monitor_name=example.monitor_name,\n destination=\"127.0.0.1\",\n destination_port=80,\n protocol=\"TCP\",\n source_arn=example_aws_subnet[\"arn\"],\n packet_size=200)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkMonitor.Monitor(\"example\", new()\n {\n AggregationPeriod = 30,\n MonitorName = \"example\",\n });\n\n var exampleProbe = new Aws.NetworkMonitor.Probe(\"example\", new()\n {\n MonitorName = example.MonitorName,\n Destination = \"127.0.0.1\",\n DestinationPort = 80,\n Protocol = \"TCP\",\n SourceArn = exampleAwsSubnet.Arn,\n PacketSize = 200,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmonitor\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmonitor.NewMonitor(ctx, \"example\", \u0026networkmonitor.MonitorArgs{\n\t\t\tAggregationPeriod: pulumi.Int(30),\n\t\t\tMonitorName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmonitor.NewProbe(ctx, \"example\", \u0026networkmonitor.ProbeArgs{\n\t\t\tMonitorName: example.MonitorName,\n\t\t\tDestination: pulumi.String(\"127.0.0.1\"),\n\t\t\tDestinationPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tSourceArn: pulumi.Any(exampleAwsSubnet.Arn),\n\t\t\tPacketSize: pulumi.Int(200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmonitor.Monitor;\nimport com.pulumi.aws.networkmonitor.MonitorArgs;\nimport com.pulumi.aws.networkmonitor.Probe;\nimport com.pulumi.aws.networkmonitor.ProbeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Monitor(\"example\", MonitorArgs.builder()\n .aggregationPeriod(30)\n .monitorName(\"example\")\n .build());\n\n var exampleProbe = new Probe(\"exampleProbe\", ProbeArgs.builder()\n .monitorName(example.monitorName())\n .destination(\"127.0.0.1\")\n .destinationPort(80)\n .protocol(\"TCP\")\n .sourceArn(exampleAwsSubnet.arn())\n .packetSize(200)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmonitor:Monitor\n properties:\n aggregationPeriod: 30\n monitorName: example\n exampleProbe:\n type: aws:networkmonitor:Probe\n name: example\n properties:\n monitorName: ${example.monitorName}\n destination: 127.0.0.1\n destinationPort: 80\n protocol: TCP\n sourceArn: ${exampleAwsSubnet.arn}\n packetSize: 200\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmonitor_probe` using the monitor name and probe id. For example:\n\n```sh\n$ pulumi import aws:networkmonitor/probe:Probe example monitor-7786087912324693644,probe-3qm8p693i4fi1h8lqylzkbp42e\n```\n", "properties": { "addressFamily": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "destination": { "type": "string", "description": "The destination IP address. This must be either IPV4 or IPV6.\n" }, "destinationPort": { "type": "integer", "description": "The port associated with the destination. This is required only if the protocol is TCP and must be a number between 1 and 65536.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n" }, "packetSize": { "type": "integer", "description": "The size of the packets sent between the source and destination. This must be a number between 56 and 8500.\n\nThe following arguments are optional:\n" }, "probeId": { "type": "string" }, "protocol": { "type": "string", "description": "The protocol used for the network traffic between the source and destination. This must be either TCP or ICMP.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" } }, "required": [ "addressFamily", "arn", "destination", "monitorName", "packetSize", "probeId", "protocol", "sourceArn", "tagsAll", "vpcId" ], "inputProperties": { "destination": { "type": "string", "description": "The destination IP address. This must be either IPV4 or IPV6.\n" }, "destinationPort": { "type": "integer", "description": "The port associated with the destination. This is required only if the protocol is TCP and must be a number between 1 and 65536.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n" }, "packetSize": { "type": "integer", "description": "The size of the packets sent between the source and destination. This must be a number between 56 and 8500.\n\nThe following arguments are optional:\n" }, "protocol": { "type": "string", "description": "The protocol used for the network traffic between the source and destination. This must be either TCP or ICMP.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "destination", "monitorName", "protocol", "sourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Probe resources.\n", "properties": { "addressFamily": { "type": "string" }, "arn": { "type": "string", "description": "The ARN of the attachment.\n" }, "destination": { "type": "string", "description": "The destination IP address. This must be either IPV4 or IPV6.\n" }, "destinationPort": { "type": "integer", "description": "The port associated with the destination. This is required only if the protocol is TCP and must be a number between 1 and 65536.\n" }, "monitorName": { "type": "string", "description": "The name of the monitor.\n" }, "packetSize": { "type": "integer", "description": "The size of the packets sent between the source and destination. This must be a number between 56 and 8500.\n\nThe following arguments are optional:\n" }, "probeId": { "type": "string" }, "protocol": { "type": "string", "description": "The protocol used for the network traffic between the source and destination. This must be either TCP or ICMP.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the subnet.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the monitor. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string" } }, "type": "object" } }, "aws:oam/link:Link": { "description": "Resource for managing an AWS CloudWatch Observability Access Manager Link.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Link(\"example\", {\n labelTemplate: \"$AccountName\",\n resourceTypes: [\"AWS::CloudWatch::Metric\"],\n sinkIdentifier: test.id,\n tags: {\n Env: \"prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.Link(\"example\",\n label_template=\"$AccountName\",\n resource_types=[\"AWS::CloudWatch::Metric\"],\n sink_identifier=test[\"id\"],\n tags={\n \"Env\": \"prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Link(\"example\", new()\n {\n LabelTemplate = \"$AccountName\",\n ResourceTypes = new[]\n {\n \"AWS::CloudWatch::Metric\",\n },\n SinkIdentifier = test.Id,\n Tags = \n {\n { \"Env\", \"prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.NewLink(ctx, \"example\", \u0026oam.LinkArgs{\n\t\t\tLabelTemplate: pulumi.String(\"$AccountName\"),\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"AWS::CloudWatch::Metric\"),\n\t\t\t},\n\t\t\tSinkIdentifier: pulumi.Any(test.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Link;\nimport com.pulumi.aws.oam.LinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Link(\"example\", LinkArgs.builder()\n .labelTemplate(\"$AccountName\")\n .resourceTypes(\"AWS::CloudWatch::Metric\")\n .sinkIdentifier(test.id())\n .tags(Map.of(\"Env\", \"prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Link\n properties:\n labelTemplate: $AccountName\n resourceTypes:\n - AWS::CloudWatch::Metric\n sinkIdentifier: ${test.id}\n tags:\n Env: prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log Group Filtering\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Link(\"example\", {\n labelTemplate: \"$AccountName\",\n linkConfiguration: {\n logGroupConfiguration: {\n filter: \"LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\",\n },\n },\n resourceTypes: [\"AWS::Logs::LogGroup\"],\n sinkIdentifier: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.Link(\"example\",\n label_template=\"$AccountName\",\n link_configuration={\n \"log_group_configuration\": {\n \"filter\": \"LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\",\n },\n },\n resource_types=[\"AWS::Logs::LogGroup\"],\n sink_identifier=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Link(\"example\", new()\n {\n LabelTemplate = \"$AccountName\",\n LinkConfiguration = new Aws.Oam.Inputs.LinkLinkConfigurationArgs\n {\n LogGroupConfiguration = new Aws.Oam.Inputs.LinkLinkConfigurationLogGroupConfigurationArgs\n {\n Filter = \"LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\",\n },\n },\n ResourceTypes = new[]\n {\n \"AWS::Logs::LogGroup\",\n },\n SinkIdentifier = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.NewLink(ctx, \"example\", \u0026oam.LinkArgs{\n\t\t\tLabelTemplate: pulumi.String(\"$AccountName\"),\n\t\t\tLinkConfiguration: \u0026oam.LinkLinkConfigurationArgs{\n\t\t\t\tLogGroupConfiguration: \u0026oam.LinkLinkConfigurationLogGroupConfigurationArgs{\n\t\t\t\t\tFilter: pulumi.String(\"LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"AWS::Logs::LogGroup\"),\n\t\t\t},\n\t\t\tSinkIdentifier: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Link;\nimport com.pulumi.aws.oam.LinkArgs;\nimport com.pulumi.aws.oam.inputs.LinkLinkConfigurationArgs;\nimport com.pulumi.aws.oam.inputs.LinkLinkConfigurationLogGroupConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Link(\"example\", LinkArgs.builder()\n .labelTemplate(\"$AccountName\")\n .linkConfiguration(LinkLinkConfigurationArgs.builder()\n .logGroupConfiguration(LinkLinkConfigurationLogGroupConfigurationArgs.builder()\n .filter(\"LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\")\n .build())\n .build())\n .resourceTypes(\"AWS::Logs::LogGroup\")\n .sinkIdentifier(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Link\n properties:\n labelTemplate: $AccountName\n linkConfiguration:\n logGroupConfiguration:\n filter: LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'\n resourceTypes:\n - AWS::Logs::LogGroup\n sinkIdentifier: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Metric Filtering\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Link(\"example\", {\n labelTemplate: \"$AccountName\",\n linkConfiguration: {\n metricConfiguration: {\n filter: \"Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\",\n },\n },\n resourceTypes: [\"AWS::CloudWatch::Metric\"],\n sinkIdentifier: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.Link(\"example\",\n label_template=\"$AccountName\",\n link_configuration={\n \"metric_configuration\": {\n \"filter\": \"Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\",\n },\n },\n resource_types=[\"AWS::CloudWatch::Metric\"],\n sink_identifier=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Link(\"example\", new()\n {\n LabelTemplate = \"$AccountName\",\n LinkConfiguration = new Aws.Oam.Inputs.LinkLinkConfigurationArgs\n {\n MetricConfiguration = new Aws.Oam.Inputs.LinkLinkConfigurationMetricConfigurationArgs\n {\n Filter = \"Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\",\n },\n },\n ResourceTypes = new[]\n {\n \"AWS::CloudWatch::Metric\",\n },\n SinkIdentifier = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.NewLink(ctx, \"example\", \u0026oam.LinkArgs{\n\t\t\tLabelTemplate: pulumi.String(\"$AccountName\"),\n\t\t\tLinkConfiguration: \u0026oam.LinkLinkConfigurationArgs{\n\t\t\t\tMetricConfiguration: \u0026oam.LinkLinkConfigurationMetricConfigurationArgs{\n\t\t\t\t\tFilter: pulumi.String(\"Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"AWS::CloudWatch::Metric\"),\n\t\t\t},\n\t\t\tSinkIdentifier: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Link;\nimport com.pulumi.aws.oam.LinkArgs;\nimport com.pulumi.aws.oam.inputs.LinkLinkConfigurationArgs;\nimport com.pulumi.aws.oam.inputs.LinkLinkConfigurationMetricConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Link(\"example\", LinkArgs.builder()\n .labelTemplate(\"$AccountName\")\n .linkConfiguration(LinkLinkConfigurationArgs.builder()\n .metricConfiguration(LinkLinkConfigurationMetricConfigurationArgs.builder()\n .filter(\"Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\")\n .build())\n .build())\n .resourceTypes(\"AWS::CloudWatch::Metric\")\n .sinkIdentifier(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Link\n properties:\n labelTemplate: $AccountName\n linkConfiguration:\n metricConfiguration:\n filter: Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')\n resourceTypes:\n - AWS::CloudWatch::Metric\n sinkIdentifier: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Observability Access Manager Link using the `arn`. For example:\n\n```sh\n$ pulumi import aws:oam/link:Link example arn:aws:oam:us-west-2:123456789012:link/link-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the link.\n" }, "label": { "type": "string", "description": "Label that is assigned to this link.\n" }, "labelTemplate": { "type": "string", "description": "Human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n" }, "linkConfiguration": { "$ref": "#/types/aws:oam/LinkLinkConfiguration:LinkLinkConfiguration", "description": "Configuration for creating filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account. See `link_configuration` Block for details.\n" }, "linkId": { "type": "string", "description": "ID string that AWS generated as part of the link ARN.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Types of data that the source account shares with the monitoring account.\n" }, "sinkArn": { "type": "string", "description": "ARN of the sink that is used for this link.\n" }, "sinkIdentifier": { "type": "string", "description": "Identifier of the sink to use to create this link.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "label", "labelTemplate", "linkId", "resourceTypes", "sinkArn", "sinkIdentifier", "tagsAll" ], "inputProperties": { "labelTemplate": { "type": "string", "description": "Human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n", "willReplaceOnChanges": true }, "linkConfiguration": { "$ref": "#/types/aws:oam/LinkLinkConfiguration:LinkLinkConfiguration", "description": "Configuration for creating filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account. See `link_configuration` Block for details.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Types of data that the source account shares with the monitoring account.\n" }, "sinkIdentifier": { "type": "string", "description": "Identifier of the sink to use to create this link.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "labelTemplate", "resourceTypes", "sinkIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Link resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the link.\n" }, "label": { "type": "string", "description": "Label that is assigned to this link.\n" }, "labelTemplate": { "type": "string", "description": "Human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n", "willReplaceOnChanges": true }, "linkConfiguration": { "$ref": "#/types/aws:oam/LinkLinkConfiguration:LinkLinkConfiguration", "description": "Configuration for creating filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account. See `link_configuration` Block for details.\n" }, "linkId": { "type": "string", "description": "ID string that AWS generated as part of the link ARN.\n" }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Types of data that the source account shares with the monitoring account.\n" }, "sinkArn": { "type": "string", "description": "ARN of the sink that is used for this link.\n" }, "sinkIdentifier": { "type": "string", "description": "Identifier of the sink to use to create this link.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:oam/sink:Sink": { "description": "Resource for managing an AWS CloudWatch Observability Access Manager Sink.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Sink(\"example\", {\n name: \"ExampleSink\",\n tags: {\n Env: \"prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.Sink(\"example\",\n name=\"ExampleSink\",\n tags={\n \"Env\": \"prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Sink(\"example\", new()\n {\n Name = \"ExampleSink\",\n Tags = \n {\n { \"Env\", \"prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.NewSink(ctx, \"example\", \u0026oam.SinkArgs{\n\t\t\tName: pulumi.String(\"ExampleSink\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Sink;\nimport com.pulumi.aws.oam.SinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Sink(\"example\", SinkArgs.builder()\n .name(\"ExampleSink\")\n .tags(Map.of(\"Env\", \"prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Sink\n properties:\n name: ExampleSink\n tags:\n Env: prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Observability Access Manager Sink using the `arn`. For example:\n\n```sh\n$ pulumi import aws:oam/sink:Sink example arn:aws:oam:us-west-2:123456789012:sink/sink-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Sink.\n" }, "name": { "type": "string", "description": "Name for the sink.\n\nThe following arguments are optional:\n" }, "sinkId": { "type": "string", "description": "ID string that AWS generated as part of the sink ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "sinkId", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name for the sink.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Sink resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Sink.\n" }, "name": { "type": "string", "description": "Name for the sink.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "sinkId": { "type": "string", "description": "ID string that AWS generated as part of the sink ARN.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:oam/sinkPolicy:SinkPolicy": { "description": "Resource for managing an AWS CloudWatch Observability Access Manager Sink Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Sink(\"example\", {name: \"ExampleSink\"});\nconst exampleSinkPolicy = new aws.oam.SinkPolicy(\"example\", {\n sinkIdentifier: example.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n Effect: \"Allow\",\n Resource: \"*\",\n Principal: {\n AWS: [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n Condition: {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.oam.Sink(\"example\", name=\"ExampleSink\")\nexample_sink_policy = aws.oam.SinkPolicy(\"example\",\n sink_identifier=example.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n \"Condition\": {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Sink(\"example\", new()\n {\n Name = \"ExampleSink\",\n });\n\n var exampleSinkPolicy = new Aws.Oam.SinkPolicy(\"example\", new()\n {\n SinkIdentifier = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"1111111111111\",\n \"222222222222\",\n },\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ForAllValues:StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"oam:ResourceTypes\"] = new[]\n {\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := oam.NewSink(ctx, \"example\", \u0026oam.SinkArgs{\n\t\t\tName: pulumi.String(\"ExampleSink\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"oam:CreateLink\",\n\t\t\t\t\t\t\"oam:UpdateLink\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"1111111111111\",\n\t\t\t\t\t\t\t\"222222222222\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"ForAllValues:StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"oam:ResourceTypes\": []string{\n\t\t\t\t\t\t\t\t\"AWS::CloudWatch::Metric\",\n\t\t\t\t\t\t\t\t\"AWS::Logs::LogGroup\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = oam.NewSinkPolicy(ctx, \"example\", \u0026oam.SinkPolicyArgs{\n\t\t\tSinkIdentifier: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Sink;\nimport com.pulumi.aws.oam.SinkArgs;\nimport com.pulumi.aws.oam.SinkPolicy;\nimport com.pulumi.aws.oam.SinkPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Sink(\"example\", SinkArgs.builder()\n .name(\"ExampleSink\")\n .build());\n\n var exampleSinkPolicy = new SinkPolicy(\"exampleSinkPolicy\", SinkPolicyArgs.builder()\n .sinkIdentifier(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"oam:CreateLink\", \n \"oam:UpdateLink\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\n \"1111111111111\", \n \"222222222222\"\n ))\n )),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"ForAllValues:StringEquals\", jsonObject(\n jsonProperty(\"oam:ResourceTypes\", jsonArray(\n \"AWS::CloudWatch::Metric\", \n \"AWS::Logs::LogGroup\"\n ))\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Sink\n properties:\n name: ExampleSink\n exampleSinkPolicy:\n type: aws:oam:SinkPolicy\n name: example\n properties:\n sinkIdentifier: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - oam:CreateLink\n - oam:UpdateLink\n Effect: Allow\n Resource: '*'\n Principal:\n AWS:\n - '1111111111111'\n - '222222222222'\n Condition:\n ForAllValues:StringEquals:\n oam:ResourceTypes:\n - AWS::CloudWatch::Metric\n - AWS::Logs::LogGroup\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Observability Access Manager Sink Policy using the `sink_identifier`. For example:\n\n```sh\n$ pulumi import aws:oam/sinkPolicy:SinkPolicy example arn:aws:oam:us-west-2:123456789012:sink/sink-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Sink.\n" }, "policy": { "type": "string", "description": "JSON policy to use. If you are updating an existing policy, the entire existing policy is replaced by what you specify here.\n" }, "sinkId": { "type": "string", "description": "ID string that AWS generated as part of the sink ARN.\n" }, "sinkIdentifier": { "type": "string", "description": "ARN of the sink to attach this policy to.\n" } }, "required": [ "arn", "policy", "sinkId", "sinkIdentifier" ], "inputProperties": { "policy": { "type": "string", "description": "JSON policy to use. If you are updating an existing policy, the entire existing policy is replaced by what you specify here.\n" }, "sinkIdentifier": { "type": "string", "description": "ARN of the sink to attach this policy to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "sinkIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering SinkPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Sink.\n" }, "policy": { "type": "string", "description": "JSON policy to use. If you are updating an existing policy, the entire existing policy is replaced by what you specify here.\n" }, "sinkId": { "type": "string", "description": "ID string that AWS generated as part of the sink ARN.\n" }, "sinkIdentifier": { "type": "string", "description": "ARN of the sink to attach this policy to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opensearch/domain:Domain": { "description": "Manages an Amazon OpenSearch Domain.\n\n## Elasticsearch vs. OpenSearch\n\nAmazon OpenSearch Service is the successor to Amazon Elasticsearch Service and supports OpenSearch and legacy Elasticsearch OSS (up to 7.10, the final open source version of the software).\n\nOpenSearch Domain configurations are similar in many ways to Elasticsearch Domain configurations. However, there are important differences including these:\n\n* OpenSearch has `engine_version` while Elasticsearch has `elasticsearch_version`\n* Versions are specified differently - _e.g._, `Elasticsearch_7.10` with OpenSearch vs. `7.10` for Elasticsearch.\n* `instance_type` argument values end in `search` for OpenSearch vs. `elasticsearch` for Elasticsearch (_e.g._, `t2.micro.search` vs. `t2.micro.elasticsearch`).\n* The AWS-managed service-linked role for OpenSearch is called `AWSServiceRoleForAmazonOpenSearchService` instead of `AWSServiceRoleForAmazonElasticsearchService` for Elasticsearch.\n\nThere are also some potentially unexpected similarities in configurations:\n\n* ARNs for both are prefaced with `arn:aws:es:`.\n* Both OpenSearch and Elasticsearch use assume role policies that refer to the `Principal` `Service` as `es.amazonaws.com`.\n* IAM policy actions, such as those you will find in `access_policies`, are prefaced with `es:` for both.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n engineVersion: \"Elasticsearch_7.10\",\n clusterConfig: {\n instanceType: \"r4.large.search\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n engine_version=\"Elasticsearch_7.10\",\n cluster_config={\n \"instance_type\": \"r4.large.search\",\n },\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EngineVersion = \"Elasticsearch_7.10\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.search\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.10\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.search\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .engineVersion(\"Elasticsearch_7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.search\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: example\n engineVersion: Elasticsearch_7.10\n clusterConfig:\n instanceType: r4.large.search\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.opensearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"66.193.100.22/32\"],\n }],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"es:*\"],\n \"resources\": [f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n \"conditions\": [{\n \"test\": \"IpAddress\",\n \"variable\": \"aws:SourceIp\",\n \"values\": [\"66.193.100.22/32\"],\n }],\n}])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n access_policies=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"66.193.100.22/32\",\n },\n },\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"*\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"es:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"IpAddress\",\n\t\t\t\t\t\t\tVariable: \"aws:SourceIp\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"66.193.100.22/32\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"66.193.100.22/32\")\n .build())\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domainName(domain)\n .accessPolicies(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n accessPolicies: ${example.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 66.193.100.22/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"es.amazonaws.com\"],\n }],\n \"actions\": [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n \"resources\": [\"arn:aws:logs:*\"],\n}])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.opensearch.Domain(\"example\", log_publishing_options=[{\n \"cloudwatch_log_group_arn\": example_log_group.arn,\n \"log_type\": \"INDEX_SLOW_LOGS\",\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.OpenSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tLogPublishingOptions: opensearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026opensearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based OpenSearch\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst example = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst exampleGetSubnets = example.then(example =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [example.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleSecurityGroup = new aws.ec2.SecurityGroup(\"example\", {\n name: `${vpc}-opensearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: example.then(example =\u003e example.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [example.then(example =\u003e example.cidrBlock)],\n }],\n});\nconst exampleServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"example\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst exampleGetPolicyDocument = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n engineVersion: \"OpenSearch_1.0\",\n clusterConfig: {\n instanceType: \"m4.large.search\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[0]),\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [exampleSecurityGroup.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: exampleGetPolicyDocument.then(exampleGetPolicyDocument =\u003e exampleGetPolicyDocument.json),\n tags: {\n Domain: \"TestDomain\",\n },\n}, {\n dependsOn: [exampleServiceLinkedRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nexample = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nexample_get_subnets = aws.ec2.get_subnets(filters=[{\n \"name\": \"vpc-id\",\n \"values\": [example.id],\n }],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_security_group = aws.ec2.SecurityGroup(\"example\",\n name=f\"{vpc}-opensearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=example.id,\n ingress=[{\n \"from_port\": 443,\n \"to_port\": 443,\n \"protocol\": \"tcp\",\n \"cidr_blocks\": [example.cidr_block],\n }])\nexample_service_linked_role = aws.iam.ServiceLinkedRole(\"example\", aws_service_name=\"opensearchservice.amazonaws.com\")\nexample_get_policy_document = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"es:*\"],\n \"resources\": [f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n}])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n engine_version=\"OpenSearch_1.0\",\n cluster_config={\n \"instance_type\": \"m4.large.search\",\n \"zone_awareness_enabled\": True,\n },\n vpc_options={\n \"subnet_ids\": [\n example_get_subnets.ids[0],\n example_get_subnets.ids[1],\n ],\n \"security_group_ids\": [example_security_group.id],\n },\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=example_get_policy_document.json,\n tags={\n \"Domain\": \"TestDomain\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_service_linked_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var example = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var exampleGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = $\"{vpc}-opensearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = example.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var exampleServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"example\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var exampleGetPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n EngineVersion = \"OpenSearch_1.0\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.search\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n exampleSecurityGroup.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = exampleGetPolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleServiceLinkedRole,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nexample, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: pulumi.StringMap{\n\"Name\": vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nexampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-opensearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(example.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(example.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nexampleServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, \"example\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\nexampleGetPolicyDocument, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"*\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nActions: []string{\n\"es:*\",\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\nDomainName: pulumi.String(domain),\nEngineVersion: pulumi.String(\"OpenSearch_1.0\"),\nClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.search\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(exampleGetSubnets.Ids[0]),\npulumi.String(exampleGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nexampleSecurityGroup.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.String(exampleGetPolicyDocument.Json),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexampleServiceLinkedRole,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var example = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var exampleGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleSecurityGroup = new SecurityGroup(\"exampleSecurityGroup\", SecurityGroupArgs.builder()\n .name(String.format(\"%s-opensearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(example.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var exampleServiceLinkedRole = new ServiceLinkedRole(\"exampleServiceLinkedRole\", ServiceLinkedRoleArgs.builder()\n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n final var exampleGetPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domainName(domain)\n .engineVersion(\"OpenSearch_1.0\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.search\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(exampleSecurityGroup.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(exampleGetPolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleServiceLinkedRole)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n exampleSecurityGroup:\n type: aws:ec2:SecurityGroup\n name: example\n properties:\n name: ${vpc}-opensearch-${domain}\n description: Managed by Pulumi\n vpcId: ${example.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${example.cidrBlock}\n exampleServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: example\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n engineVersion: OpenSearch_1.0\n clusterConfig:\n instanceType: m4.large.search\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${exampleGetSubnets.ids[0]}\n - ${exampleGetSubnets.ids[1]}\n securityGroupIds:\n - ${exampleSecurityGroup.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: ${exampleGetPolicyDocument.json}\n tags:\n Domain: TestDomain\n options:\n dependson:\n - ${exampleServiceLinkedRole}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n exampleGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${example.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n exampleGetPolicyDocument:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling fine-grained access control on an existing domain\n\nThis example shows two configurations: one to create a domain without fine-grained access control and the second to modify the domain to enable fine-grained access control. For more information, see [Enabling fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html).\n\n### First apply\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: false,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config={\n \"instance_type\": \"r5.large.search\",\n },\n advanced_security_options={\n \"enabled\": False,\n \"anonymous_auth_enabled\": True,\n \"internal_user_database_enabled\": True,\n \"master_user_options\": {\n \"master_user_name\": \"example\",\n \"master_user_password\": \"Barbarbarbar1!\",\n },\n },\n encrypt_at_rest={\n \"enabled\": True,\n },\n domain_endpoint_options={\n \"enforce_https\": True,\n \"tls_security_policy\": \"Policy-Min-TLS-1-2-2019-07\",\n },\n node_to_node_encryption={\n \"enabled\": True,\n },\n ebs_options={\n \"ebs_enabled\": True,\n \"volume_size\": 10,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = false,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(false)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: false\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Second apply\n\nNotice that the only change is `advanced_security_options.0.enabled` is now set to `true`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: true,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config={\n \"instance_type\": \"r5.large.search\",\n },\n advanced_security_options={\n \"enabled\": True,\n \"anonymous_auth_enabled\": True,\n \"internal_user_database_enabled\": True,\n \"master_user_options\": {\n \"master_user_name\": \"example\",\n \"master_user_password\": \"Barbarbarbar1!\",\n },\n },\n encrypt_at_rest={\n \"enabled\": True,\n },\n domain_endpoint_options={\n \"enforce_https\": True,\n \"tls_security_policy\": \"Policy-Min-TLS-1-2-2019-07\",\n },\n node_to_node_encryption={\n \"enabled\": True,\n },\n ebs_options={\n \"ebs_enabled\": True,\n \"volume_size\": 10,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = true,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(true)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: true\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:opensearch/domain:Domain example domain_name\n```\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your OpenSearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:opensearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the domain.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:opensearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:opensearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:opensearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating dashboard with Cognito. Detailed below.\n" }, "dashboardEndpoint": { "type": "string", "description": "Domain-specific endpoint for Dashboard without https scheme.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:opensearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n" }, "ebsOptions": { "$ref": "#/types/aws:opensearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/opensearch-service/pricing/). Detailed below.\n" }, "encryptAtRest": { "$ref": "#/types/aws:opensearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html). Detailed below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "engineVersion": { "type": "string", "description": "Either `Elasticsearch_X.Y` or `OpenSearch_X.Y` to specify the engine version for the Amazon OpenSearch Service domain. For example, `OpenSearch_1.0` or `Elasticsearch_7.9`.\nSee [Creating and managing Amazon OpenSearch Service domains](http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains).\nDefaults to the lastest version of OpenSearch.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4` and `dualstack`.\n" }, "kibanaEndpoint": { "type": "string", "description": "(**Deprecated**) Domain-specific endpoint for kibana without https scheme. Use the `dashboard_endpoint` attribute instead.\n", "deprecationMessage": "use 'dashboard_endpoint' attribute instead" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:opensearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "offPeakWindowOptions": { "$ref": "#/types/aws:opensearch/DomainOffPeakWindowOptions:DomainOffPeakWindowOptions", "description": "Configuration to add Off Peak update options. ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)). Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:opensearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running OpenSearch 5.3 and later, Amazon OpenSearch takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions, OpenSearch takes daily automated snapshots.\n" }, "softwareUpdateOptions": { "$ref": "#/types/aws:opensearch/DomainSoftwareUpdateOptions:DomainSoftwareUpdateOptions", "description": "Software update options for the domain. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcOptions": { "$ref": "#/types/aws:opensearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)). Detailed below.\n" } }, "required": [ "accessPolicies", "advancedOptions", "advancedSecurityOptions", "arn", "autoTuneOptions", "clusterConfig", "dashboardEndpoint", "domainEndpointOptions", "domainId", "domainName", "ebsOptions", "encryptAtRest", "endpoint", "engineVersion", "ipAddressType", "kibanaEndpoint", "nodeToNodeEncryption", "offPeakWindowOptions", "softwareUpdateOptions", "tagsAll" ], "inputProperties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your OpenSearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:opensearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:opensearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:opensearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:opensearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating dashboard with Cognito. Detailed below.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:opensearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "ebsOptions": { "$ref": "#/types/aws:opensearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/opensearch-service/pricing/). Detailed below.\n" }, "encryptAtRest": { "$ref": "#/types/aws:opensearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html). Detailed below.\n" }, "engineVersion": { "type": "string", "description": "Either `Elasticsearch_X.Y` or `OpenSearch_X.Y` to specify the engine version for the Amazon OpenSearch Service domain. For example, `OpenSearch_1.0` or `Elasticsearch_7.9`.\nSee [Creating and managing Amazon OpenSearch Service domains](http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains).\nDefaults to the lastest version of OpenSearch.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4` and `dualstack`.\n" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:opensearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "offPeakWindowOptions": { "$ref": "#/types/aws:opensearch/DomainOffPeakWindowOptions:DomainOffPeakWindowOptions", "description": "Configuration to add Off Peak update options. ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)). Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:opensearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running OpenSearch 5.3 and later, Amazon OpenSearch takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions, OpenSearch takes daily automated snapshots.\n" }, "softwareUpdateOptions": { "$ref": "#/types/aws:opensearch/DomainSoftwareUpdateOptions:DomainSoftwareUpdateOptions", "description": "Software update options for the domain. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcOptions": { "$ref": "#/types/aws:opensearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)). Detailed below.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain.\n" }, "advancedOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your OpenSearch domain on every apply.\n" }, "advancedSecurityOptions": { "$ref": "#/types/aws:opensearch/DomainAdvancedSecurityOptions:DomainAdvancedSecurityOptions", "description": "Configuration block for [fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html). Detailed below.\n" }, "arn": { "type": "string", "description": "ARN of the domain.\n" }, "autoTuneOptions": { "$ref": "#/types/aws:opensearch/DomainAutoTuneOptions:DomainAutoTuneOptions", "description": "Configuration block for the Auto-Tune options of the domain. Detailed below.\n" }, "clusterConfig": { "$ref": "#/types/aws:opensearch/DomainClusterConfig:DomainClusterConfig", "description": "Configuration block for the cluster of the domain. Detailed below.\n" }, "cognitoOptions": { "$ref": "#/types/aws:opensearch/DomainCognitoOptions:DomainCognitoOptions", "description": "Configuration block for authenticating dashboard with Cognito. Detailed below.\n" }, "dashboardEndpoint": { "type": "string", "description": "Domain-specific endpoint for Dashboard without https scheme.\n" }, "domainEndpointOptions": { "$ref": "#/types/aws:opensearch/DomainDomainEndpointOptions:DomainDomainEndpointOptions", "description": "Configuration block for domain endpoint HTTP(S) related options. Detailed below.\n" }, "domainId": { "type": "string", "description": "Unique identifier for the domain.\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "ebsOptions": { "$ref": "#/types/aws:opensearch/DomainEbsOptions:DomainEbsOptions", "description": "Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/opensearch-service/pricing/). Detailed below.\n" }, "encryptAtRest": { "$ref": "#/types/aws:opensearch/DomainEncryptAtRest:DomainEncryptAtRest", "description": "Configuration block for encrypt at rest options. Only available for [certain instance types](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html). Detailed below.\n" }, "endpoint": { "type": "string", "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n" }, "engineVersion": { "type": "string", "description": "Either `Elasticsearch_X.Y` or `OpenSearch_X.Y` to specify the engine version for the Amazon OpenSearch Service domain. For example, `OpenSearch_1.0` or `Elasticsearch_7.9`.\nSee [Creating and managing Amazon OpenSearch Service domains](http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains).\nDefaults to the lastest version of OpenSearch.\n" }, "ipAddressType": { "type": "string", "description": "The IP address type for the endpoint. Valid values are `ipv4` and `dualstack`.\n" }, "kibanaEndpoint": { "type": "string", "description": "(**Deprecated**) Domain-specific endpoint for kibana without https scheme. Use the `dashboard_endpoint` attribute instead.\n", "deprecationMessage": "use 'dashboard_endpoint' attribute instead" }, "logPublishingOptions": { "type": "array", "items": { "$ref": "#/types/aws:opensearch/DomainLogPublishingOption:DomainLogPublishingOption" }, "description": "Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.\n" }, "nodeToNodeEncryption": { "$ref": "#/types/aws:opensearch/DomainNodeToNodeEncryption:DomainNodeToNodeEncryption", "description": "Configuration block for node-to-node encryption options. Detailed below.\n" }, "offPeakWindowOptions": { "$ref": "#/types/aws:opensearch/DomainOffPeakWindowOptions:DomainOffPeakWindowOptions", "description": "Configuration to add Off Peak update options. ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)). Detailed below.\n" }, "snapshotOptions": { "$ref": "#/types/aws:opensearch/DomainSnapshotOptions:DomainSnapshotOptions", "description": "Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running OpenSearch 5.3 and later, Amazon OpenSearch takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions, OpenSearch takes daily automated snapshots.\n" }, "softwareUpdateOptions": { "$ref": "#/types/aws:opensearch/DomainSoftwareUpdateOptions:DomainSoftwareUpdateOptions", "description": "Software update options for the domain. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcOptions": { "$ref": "#/types/aws:opensearch/DomainVpcOptions:DomainVpcOptions", "description": "Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)). Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opensearch/domainPolicy:DomainPolicy": { "description": "Allows setting policy to an OpenSearch domain while referencing domain attributes (e.g., ARN).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"tf-test\",\n engineVersion: \"OpenSearch_1.1\",\n});\nconst main = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [pulumi.interpolate`${example.arn}/*`],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"127.0.0.1/32\"],\n }],\n }],\n});\nconst mainDomainPolicy = new aws.opensearch.DomainPolicy(\"main\", {\n domainName: example.domainName,\n accessPolicies: main.apply(main =\u003e main.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"tf-test\",\n engine_version=\"OpenSearch_1.1\")\nmain = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"es:*\"],\n \"resources\": [example.arn.apply(lambda arn: f\"{arn}/*\")],\n \"conditions\": [{\n \"test\": \"IpAddress\",\n \"variable\": \"aws:SourceIp\",\n \"values\": [\"127.0.0.1/32\"],\n }],\n}])\nmain_domain_policy = aws.opensearch.DomainPolicy(\"main\",\n domain_name=example.domain_name,\n access_policies=main.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"tf-test\",\n EngineVersion = \"OpenSearch_1.1\",\n });\n\n var main = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"{example.Arn}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"127.0.0.1/32\",\n },\n },\n },\n },\n },\n });\n\n var mainDomainPolicy = new Aws.OpenSearch.DomainPolicy(\"main\", new()\n {\n DomainName = example.DomainName,\n AccessPolicies = main.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"tf-test\"),\n\t\t\tEngineVersion: pulumi.String(\"OpenSearch_1.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"es:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"IpAddress\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceIp\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"127.0.0.1/32\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = opensearch.NewDomainPolicy(ctx, \"main\", \u0026opensearch.DomainPolicyArgs{\n\t\t\tDomainName: example.DomainName,\n\t\t\tAccessPolicies: pulumi.String(main.ApplyT(func(main iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026main.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.DomainPolicy;\nimport com.pulumi.aws.opensearch.DomainPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"tf-test\")\n .engineVersion(\"OpenSearch_1.1\")\n .build());\n\n final var main = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(example.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"127.0.0.1/32\")\n .build())\n .build())\n .build());\n\n var mainDomainPolicy = new DomainPolicy(\"mainDomainPolicy\", DomainPolicyArgs.builder()\n .domainName(example.domainName())\n .accessPolicies(main.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(main -\u003e main.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: tf-test\n engineVersion: OpenSearch_1.1\n mainDomainPolicy:\n type: aws:opensearch:DomainPolicy\n name: main\n properties:\n domainName: ${example.domainName}\n accessPolicies: ${main.json}\nvariables:\n main:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - ${example.arn}/*\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 127.0.0.1/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "required": [ "accessPolicies", "domainName" ], "inputProperties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "requiredInputs": [ "accessPolicies", "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainPolicy resources.\n", "properties": { "accessPolicies": { "type": "string", "description": "IAM policy document specifying the access policies for the domain\n" }, "domainName": { "type": "string", "description": "Name of the domain.\n" } }, "type": "object" } }, "aws:opensearch/domainSamlOptions:DomainSamlOptions": { "description": "Manages SAML authentication options for an AWS OpenSearch Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n engineVersion: \"OpenSearch_1.1\",\n clusterConfig: {\n instanceType: \"r4.large.search\",\n },\n snapshotOptions: {\n automatedSnapshotStartHour: 23,\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\nconst exampleDomainSamlOptions = new aws.opensearch.DomainSamlOptions(\"example\", {\n domainName: example.domainName,\n samlOptions: {\n enabled: true,\n idp: {\n entityId: \"https://example.com\",\n metadataContent: std.file({\n input: \"./saml-metadata.xml\",\n }).then(invoke =\u003e invoke.result),\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n engine_version=\"OpenSearch_1.1\",\n cluster_config={\n \"instance_type\": \"r4.large.search\",\n },\n snapshot_options={\n \"automated_snapshot_start_hour\": 23,\n },\n tags={\n \"Domain\": \"TestDomain\",\n })\nexample_domain_saml_options = aws.opensearch.DomainSamlOptions(\"example\",\n domain_name=example.domain_name,\n saml_options={\n \"enabled\": True,\n \"idp\": {\n \"entity_id\": \"https://example.com\",\n \"metadata_content\": std.file(input=\"./saml-metadata.xml\").result,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EngineVersion = \"OpenSearch_1.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.search\",\n },\n SnapshotOptions = new Aws.OpenSearch.Inputs.DomainSnapshotOptionsArgs\n {\n AutomatedSnapshotStartHour = 23,\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n var exampleDomainSamlOptions = new Aws.OpenSearch.DomainSamlOptions(\"example\", new()\n {\n DomainName = example.DomainName,\n SamlOptions = new Aws.OpenSearch.Inputs.DomainSamlOptionsSamlOptionsArgs\n {\n Enabled = true,\n Idp = new Aws.OpenSearch.Inputs.DomainSamlOptionsSamlOptionsIdpArgs\n {\n EntityId = \"https://example.com\",\n MetadataContent = Std.File.Invoke(new()\n {\n Input = \"./saml-metadata.xml\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tEngineVersion: pulumi.String(\"OpenSearch_1.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.search\"),\n\t\t\t},\n\t\t\tSnapshotOptions: \u0026opensearch.DomainSnapshotOptionsArgs{\n\t\t\t\tAutomatedSnapshotStartHour: pulumi.Int(23),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./saml-metadata.xml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomainSamlOptions(ctx, \"example\", \u0026opensearch.DomainSamlOptionsArgs{\n\t\t\tDomainName: example.DomainName,\n\t\t\tSamlOptions: \u0026opensearch.DomainSamlOptionsSamlOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tIdp: \u0026opensearch.DomainSamlOptionsSamlOptionsIdpArgs{\n\t\t\t\t\tEntityId: pulumi.String(\"https://example.com\"),\n\t\t\t\t\tMetadataContent: pulumi.String(invokeFile.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainSnapshotOptionsArgs;\nimport com.pulumi.aws.opensearch.DomainSamlOptions;\nimport com.pulumi.aws.opensearch.DomainSamlOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainSamlOptionsSamlOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainSamlOptionsSamlOptionsIdpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder()\n .domainName(\"example\")\n .engineVersion(\"OpenSearch_1.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.search\")\n .build())\n .snapshotOptions(DomainSnapshotOptionsArgs.builder()\n .automatedSnapshotStartHour(23)\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n var exampleDomainSamlOptions = new DomainSamlOptions(\"exampleDomainSamlOptions\", DomainSamlOptionsArgs.builder()\n .domainName(example.domainName())\n .samlOptions(DomainSamlOptionsSamlOptionsArgs.builder()\n .enabled(true)\n .idp(DomainSamlOptionsSamlOptionsIdpArgs.builder()\n .entityId(\"https://example.com\")\n .metadataContent(StdFunctions.file(FileArgs.builder()\n .input(\"./saml-metadata.xml\")\n .build()).result())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: example\n engineVersion: OpenSearch_1.1\n clusterConfig:\n instanceType: r4.large.search\n snapshotOptions:\n automatedSnapshotStartHour: 23\n tags:\n Domain: TestDomain\n exampleDomainSamlOptions:\n type: aws:opensearch:DomainSamlOptions\n name: example\n properties:\n domainName: ${example.domainName}\n samlOptions:\n enabled: true\n idp:\n entityId: https://example.com\n metadataContent:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./saml-metadata.xml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:opensearch/domainSamlOptions:DomainSamlOptions example domain_name\n```\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n" }, "samlOptions": { "$ref": "#/types/aws:opensearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "SAML authentication options for an AWS OpenSearch Domain.\n" } }, "required": [ "domainName" ], "inputProperties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "samlOptions": { "$ref": "#/types/aws:opensearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "SAML authentication options for an AWS OpenSearch Domain.\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainSamlOptions resources.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "samlOptions": { "$ref": "#/types/aws:opensearch/DomainSamlOptionsSamlOptions:DomainSamlOptionsSamlOptions", "description": "SAML authentication options for an AWS OpenSearch Domain.\n" } }, "type": "object" } }, "aws:opensearch/inboundConnectionAccepter:InboundConnectionAccepter": { "description": "Manages an [AWS Opensearch Inbound Connection Accepter](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_AcceptInboundConnection.html). If connecting domains from different AWS accounts, ensure that the accepter is configured to use the AWS account where the _remote_ opensearch domain exists.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst foo = new aws.opensearch.OutboundConnection(\"foo\", {\n connectionAlias: \"outbound_connection\",\n localDomainInfo: {\n ownerId: current.then(current =\u003e current.accountId),\n region: currentGetRegion.then(currentGetRegion =\u003e currentGetRegion.name),\n domainName: localDomain.domainName,\n },\n remoteDomainInfo: {\n ownerId: current.then(current =\u003e current.accountId),\n region: currentGetRegion.then(currentGetRegion =\u003e currentGetRegion.name),\n domainName: remoteDomain.domainName,\n },\n});\nconst fooInboundConnectionAccepter = new aws.opensearch.InboundConnectionAccepter(\"foo\", {connectionId: foo.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\nfoo = aws.opensearch.OutboundConnection(\"foo\",\n connection_alias=\"outbound_connection\",\n local_domain_info={\n \"owner_id\": current.account_id,\n \"region\": current_get_region.name,\n \"domain_name\": local_domain[\"domainName\"],\n },\n remote_domain_info={\n \"owner_id\": current.account_id,\n \"region\": current_get_region.name,\n \"domain_name\": remote_domain[\"domainName\"],\n })\nfoo_inbound_connection_accepter = aws.opensearch.InboundConnectionAccepter(\"foo\", connection_id=foo.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var foo = new Aws.OpenSearch.OutboundConnection(\"foo\", new()\n {\n ConnectionAlias = \"outbound_connection\",\n LocalDomainInfo = new Aws.OpenSearch.Inputs.OutboundConnectionLocalDomainInfoArgs\n {\n OwnerId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Region = currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name),\n DomainName = localDomain.DomainName,\n },\n RemoteDomainInfo = new Aws.OpenSearch.Inputs.OutboundConnectionRemoteDomainInfoArgs\n {\n OwnerId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Region = currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name),\n DomainName = remoteDomain.DomainName,\n },\n });\n\n var fooInboundConnectionAccepter = new Aws.OpenSearch.InboundConnectionAccepter(\"foo\", new()\n {\n ConnectionId = foo.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := opensearch.NewOutboundConnection(ctx, \"foo\", \u0026opensearch.OutboundConnectionArgs{\n\t\t\tConnectionAlias: pulumi.String(\"outbound_connection\"),\n\t\t\tLocalDomainInfo: \u0026opensearch.OutboundConnectionLocalDomainInfoArgs{\n\t\t\t\tOwnerId: pulumi.String(current.AccountId),\n\t\t\t\tRegion: pulumi.String(currentGetRegion.Name),\n\t\t\t\tDomainName: pulumi.Any(localDomain.DomainName),\n\t\t\t},\n\t\t\tRemoteDomainInfo: \u0026opensearch.OutboundConnectionRemoteDomainInfoArgs{\n\t\t\t\tOwnerId: pulumi.String(current.AccountId),\n\t\t\t\tRegion: pulumi.String(currentGetRegion.Name),\n\t\t\t\tDomainName: pulumi.Any(remoteDomain.DomainName),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewInboundConnectionAccepter(ctx, \"foo\", \u0026opensearch.InboundConnectionAccepterArgs{\n\t\t\tConnectionId: foo.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.opensearch.OutboundConnection;\nimport com.pulumi.aws.opensearch.OutboundConnectionArgs;\nimport com.pulumi.aws.opensearch.inputs.OutboundConnectionLocalDomainInfoArgs;\nimport com.pulumi.aws.opensearch.inputs.OutboundConnectionRemoteDomainInfoArgs;\nimport com.pulumi.aws.opensearch.InboundConnectionAccepter;\nimport com.pulumi.aws.opensearch.InboundConnectionAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var foo = new OutboundConnection(\"foo\", OutboundConnectionArgs.builder()\n .connectionAlias(\"outbound_connection\")\n .localDomainInfo(OutboundConnectionLocalDomainInfoArgs.builder()\n .ownerId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .region(currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .domainName(localDomain.domainName())\n .build())\n .remoteDomainInfo(OutboundConnectionRemoteDomainInfoArgs.builder()\n .ownerId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .region(currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .domainName(remoteDomain.domainName())\n .build())\n .build());\n\n var fooInboundConnectionAccepter = new InboundConnectionAccepter(\"fooInboundConnectionAccepter\", InboundConnectionAccepterArgs.builder()\n .connectionId(foo.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:opensearch:OutboundConnection\n properties:\n connectionAlias: outbound_connection\n localDomainInfo:\n ownerId: ${current.accountId}\n region: ${currentGetRegion.name}\n domainName: ${localDomain.domainName}\n remoteDomainInfo:\n ownerId: ${current.accountId}\n region: ${currentGetRegion.name}\n domainName: ${remoteDomain.domainName}\n fooInboundConnectionAccepter:\n type: aws:opensearch:InboundConnectionAccepter\n name: foo\n properties:\n connectionId: ${foo.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Opensearch Inbound Connection Accepters using the Inbound Connection ID. For example:\n\n```sh\n$ pulumi import aws:opensearch/inboundConnectionAccepter:InboundConnectionAccepter foo connection-id\n```\n", "properties": { "connectionId": { "type": "string", "description": "Specifies the ID of the connection to accept.\n" }, "connectionStatus": { "type": "string", "description": "Status of the connection request.\n" } }, "required": [ "connectionId", "connectionStatus" ], "inputProperties": { "connectionId": { "type": "string", "description": "Specifies the ID of the connection to accept.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InboundConnectionAccepter resources.\n", "properties": { "connectionId": { "type": "string", "description": "Specifies the ID of the connection to accept.\n", "willReplaceOnChanges": true }, "connectionStatus": { "type": "string", "description": "Status of the connection request.\n" } }, "type": "object" } }, "aws:opensearch/outboundConnection:OutboundConnection": { "description": "Manages an AWS Opensearch Outbound Connection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst foo = new aws.opensearch.OutboundConnection(\"foo\", {\n connectionAlias: \"outbound_connection\",\n connectionMode: \"DIRECT\",\n localDomainInfo: {\n ownerId: current.then(current =\u003e current.accountId),\n region: currentGetRegion.then(currentGetRegion =\u003e currentGetRegion.name),\n domainName: localDomain.domainName,\n },\n remoteDomainInfo: {\n ownerId: current.then(current =\u003e current.accountId),\n region: currentGetRegion.then(currentGetRegion =\u003e currentGetRegion.name),\n domainName: remoteDomain.domainName,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\nfoo = aws.opensearch.OutboundConnection(\"foo\",\n connection_alias=\"outbound_connection\",\n connection_mode=\"DIRECT\",\n local_domain_info={\n \"owner_id\": current.account_id,\n \"region\": current_get_region.name,\n \"domain_name\": local_domain[\"domainName\"],\n },\n remote_domain_info={\n \"owner_id\": current.account_id,\n \"region\": current_get_region.name,\n \"domain_name\": remote_domain[\"domainName\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var foo = new Aws.OpenSearch.OutboundConnection(\"foo\", new()\n {\n ConnectionAlias = \"outbound_connection\",\n ConnectionMode = \"DIRECT\",\n LocalDomainInfo = new Aws.OpenSearch.Inputs.OutboundConnectionLocalDomainInfoArgs\n {\n OwnerId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Region = currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name),\n DomainName = localDomain.DomainName,\n },\n RemoteDomainInfo = new Aws.OpenSearch.Inputs.OutboundConnectionRemoteDomainInfoArgs\n {\n OwnerId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Region = currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name),\n DomainName = remoteDomain.DomainName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewOutboundConnection(ctx, \"foo\", \u0026opensearch.OutboundConnectionArgs{\n\t\t\tConnectionAlias: pulumi.String(\"outbound_connection\"),\n\t\t\tConnectionMode: pulumi.String(\"DIRECT\"),\n\t\t\tLocalDomainInfo: \u0026opensearch.OutboundConnectionLocalDomainInfoArgs{\n\t\t\t\tOwnerId: pulumi.String(current.AccountId),\n\t\t\t\tRegion: pulumi.String(currentGetRegion.Name),\n\t\t\t\tDomainName: pulumi.Any(localDomain.DomainName),\n\t\t\t},\n\t\t\tRemoteDomainInfo: \u0026opensearch.OutboundConnectionRemoteDomainInfoArgs{\n\t\t\t\tOwnerId: pulumi.String(current.AccountId),\n\t\t\t\tRegion: pulumi.String(currentGetRegion.Name),\n\t\t\t\tDomainName: pulumi.Any(remoteDomain.DomainName),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.opensearch.OutboundConnection;\nimport com.pulumi.aws.opensearch.OutboundConnectionArgs;\nimport com.pulumi.aws.opensearch.inputs.OutboundConnectionLocalDomainInfoArgs;\nimport com.pulumi.aws.opensearch.inputs.OutboundConnectionRemoteDomainInfoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var foo = new OutboundConnection(\"foo\", OutboundConnectionArgs.builder()\n .connectionAlias(\"outbound_connection\")\n .connectionMode(\"DIRECT\")\n .localDomainInfo(OutboundConnectionLocalDomainInfoArgs.builder()\n .ownerId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .region(currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .domainName(localDomain.domainName())\n .build())\n .remoteDomainInfo(OutboundConnectionRemoteDomainInfoArgs.builder()\n .ownerId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .region(currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .domainName(remoteDomain.domainName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:opensearch:OutboundConnection\n properties:\n connectionAlias: outbound_connection\n connectionMode: DIRECT\n localDomainInfo:\n ownerId: ${current.accountId}\n region: ${currentGetRegion.name}\n domainName: ${localDomain.domainName}\n remoteDomainInfo:\n ownerId: ${current.accountId}\n region: ${currentGetRegion.name}\n domainName: ${remoteDomain.domainName}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Opensearch Outbound Connections using the Outbound Connection ID. For example:\n\n```sh\n$ pulumi import aws:opensearch/outboundConnection:OutboundConnection foo connection-id\n```\n", "properties": { "acceptConnection": { "type": "boolean", "description": "Accepts the connection.\n" }, "connectionAlias": { "type": "string", "description": "Specifies the connection alias that will be used by the customer for this connection.\n" }, "connectionMode": { "type": "string", "description": "Specifies the connection mode. Accepted values are `DIRECT` or `VPC_ENDPOINT`.\n" }, "connectionProperties": { "$ref": "#/types/aws:opensearch/OutboundConnectionConnectionProperties:OutboundConnectionConnectionProperties", "description": "Configuration block for the outbound connection.\n" }, "connectionStatus": { "type": "string", "description": "Status of the connection request.\n" }, "localDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionLocalDomainInfo:OutboundConnectionLocalDomainInfo", "description": "Configuration block for the local Opensearch domain.\n" }, "remoteDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionRemoteDomainInfo:OutboundConnectionRemoteDomainInfo", "description": "Configuration block for the remote Opensearch domain.\n" } }, "required": [ "connectionAlias", "connectionProperties", "connectionStatus", "localDomainInfo", "remoteDomainInfo" ], "inputProperties": { "acceptConnection": { "type": "boolean", "description": "Accepts the connection.\n", "willReplaceOnChanges": true }, "connectionAlias": { "type": "string", "description": "Specifies the connection alias that will be used by the customer for this connection.\n", "willReplaceOnChanges": true }, "connectionMode": { "type": "string", "description": "Specifies the connection mode. Accepted values are `DIRECT` or `VPC_ENDPOINT`.\n", "willReplaceOnChanges": true }, "connectionProperties": { "$ref": "#/types/aws:opensearch/OutboundConnectionConnectionProperties:OutboundConnectionConnectionProperties", "description": "Configuration block for the outbound connection.\n" }, "localDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionLocalDomainInfo:OutboundConnectionLocalDomainInfo", "description": "Configuration block for the local Opensearch domain.\n", "willReplaceOnChanges": true }, "remoteDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionRemoteDomainInfo:OutboundConnectionRemoteDomainInfo", "description": "Configuration block for the remote Opensearch domain.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "connectionAlias", "localDomainInfo", "remoteDomainInfo" ], "stateInputs": { "description": "Input properties used for looking up and filtering OutboundConnection resources.\n", "properties": { "acceptConnection": { "type": "boolean", "description": "Accepts the connection.\n", "willReplaceOnChanges": true }, "connectionAlias": { "type": "string", "description": "Specifies the connection alias that will be used by the customer for this connection.\n", "willReplaceOnChanges": true }, "connectionMode": { "type": "string", "description": "Specifies the connection mode. Accepted values are `DIRECT` or `VPC_ENDPOINT`.\n", "willReplaceOnChanges": true }, "connectionProperties": { "$ref": "#/types/aws:opensearch/OutboundConnectionConnectionProperties:OutboundConnectionConnectionProperties", "description": "Configuration block for the outbound connection.\n" }, "connectionStatus": { "type": "string", "description": "Status of the connection request.\n" }, "localDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionLocalDomainInfo:OutboundConnectionLocalDomainInfo", "description": "Configuration block for the local Opensearch domain.\n", "willReplaceOnChanges": true }, "remoteDomainInfo": { "$ref": "#/types/aws:opensearch/OutboundConnectionRemoteDomainInfo:OutboundConnectionRemoteDomainInfo", "description": "Configuration block for the remote Opensearch domain.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opensearch/package:Package": { "description": "Manages an AWS Opensearch Package.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst myOpensearchPackages = new aws.s3.BucketV2(\"my_opensearch_packages\", {bucket: \"my-opensearch-packages\"});\nconst example = new aws.s3.BucketObjectv2(\"example\", {\n bucket: myOpensearchPackages.bucket,\n key: \"example.txt\",\n source: new pulumi.asset.FileAsset(\"./example.txt\"),\n etag: std.filemd5({\n input: \"./example.txt\",\n }).then(invoke =\u003e invoke.result),\n});\nconst examplePackage = new aws.opensearch.Package(\"example\", {\n packageName: \"example-txt\",\n packageSource: {\n s3BucketName: myOpensearchPackages.bucket,\n s3Key: example.key,\n },\n packageType: \"TXT-DICTIONARY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nmy_opensearch_packages = aws.s3.BucketV2(\"my_opensearch_packages\", bucket=\"my-opensearch-packages\")\nexample = aws.s3.BucketObjectv2(\"example\",\n bucket=my_opensearch_packages.bucket,\n key=\"example.txt\",\n source=pulumi.FileAsset(\"./example.txt\"),\n etag=std.filemd5(input=\"./example.txt\").result)\nexample_package = aws.opensearch.Package(\"example\",\n package_name=\"example-txt\",\n package_source={\n \"s3_bucket_name\": my_opensearch_packages.bucket,\n \"s3_key\": example.key,\n },\n package_type=\"TXT-DICTIONARY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myOpensearchPackages = new Aws.S3.BucketV2(\"my_opensearch_packages\", new()\n {\n Bucket = \"my-opensearch-packages\",\n });\n\n var example = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = myOpensearchPackages.Bucket,\n Key = \"example.txt\",\n Source = new FileAsset(\"./example.txt\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"./example.txt\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n var examplePackage = new Aws.OpenSearch.Package(\"example\", new()\n {\n PackageName = \"example-txt\",\n PackageSource = new Aws.OpenSearch.Inputs.PackagePackageSourceArgs\n {\n S3BucketName = myOpensearchPackages.Bucket,\n S3Key = example.Key,\n },\n PackageType = \"TXT-DICTIONARY\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyOpensearchPackages, err := s3.NewBucketV2(ctx, \"my_opensearch_packages\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-opensearch-packages\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"./example.txt\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: myOpensearchPackages.Bucket,\n\t\t\tKey: pulumi.String(\"example.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"./example.txt\"),\n\t\t\tEtag: pulumi.String(invokeFilemd5.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewPackage(ctx, \"example\", \u0026opensearch.PackageArgs{\n\t\t\tPackageName: pulumi.String(\"example-txt\"),\n\t\t\tPackageSource: \u0026opensearch.PackagePackageSourceArgs{\n\t\t\t\tS3BucketName: myOpensearchPackages.Bucket,\n\t\t\t\tS3Key: example.Key,\n\t\t\t},\n\t\t\tPackageType: pulumi.String(\"TXT-DICTIONARY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.opensearch.Package;\nimport com.pulumi.aws.opensearch.PackageArgs;\nimport com.pulumi.aws.opensearch.inputs.PackagePackageSourceArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myOpensearchPackages = new BucketV2(\"myOpensearchPackages\", BucketV2Args.builder()\n .bucket(\"my-opensearch-packages\")\n .build());\n\n var example = new BucketObjectv2(\"example\", BucketObjectv2Args.builder()\n .bucket(myOpensearchPackages.bucket())\n .key(\"example.txt\")\n .source(new FileAsset(\"./example.txt\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"./example.txt\")\n .build()).result())\n .build());\n\n var examplePackage = new Package(\"examplePackage\", PackageArgs.builder()\n .packageName(\"example-txt\")\n .packageSource(PackagePackageSourceArgs.builder()\n .s3BucketName(myOpensearchPackages.bucket())\n .s3Key(example.key())\n .build())\n .packageType(\"TXT-DICTIONARY\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myOpensearchPackages:\n type: aws:s3:BucketV2\n name: my_opensearch_packages\n properties:\n bucket: my-opensearch-packages\n example:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${myOpensearchPackages.bucket}\n key: example.txt\n source:\n fn::FileAsset: ./example.txt\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: ./example.txt\n Return: result\n examplePackage:\n type: aws:opensearch:Package\n name: example\n properties:\n packageName: example-txt\n packageSource:\n s3BucketName: ${myOpensearchPackages.bucket}\n s3Key: ${example.key}\n packageType: TXT-DICTIONARY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Opensearch Packages using the Package ID. For example:\n\n```sh\n$ pulumi import aws:opensearch/package:Package example package-id\n```\n", "properties": { "availablePackageVersion": { "type": "string", "description": "The current version of the package.\n" }, "packageDescription": { "type": "string", "description": "Description of the package.\n" }, "packageId": { "type": "string" }, "packageName": { "type": "string", "description": "Unique name for the package.\n" }, "packageSource": { "$ref": "#/types/aws:opensearch/PackagePackageSource:PackagePackageSource", "description": "Configuration block for the package source options.\n" }, "packageType": { "type": "string", "description": "The type of package.\n" } }, "required": [ "availablePackageVersion", "packageId", "packageName", "packageSource", "packageType" ], "inputProperties": { "packageDescription": { "type": "string", "description": "Description of the package.\n" }, "packageName": { "type": "string", "description": "Unique name for the package.\n", "willReplaceOnChanges": true }, "packageSource": { "$ref": "#/types/aws:opensearch/PackagePackageSource:PackagePackageSource", "description": "Configuration block for the package source options.\n", "willReplaceOnChanges": true }, "packageType": { "type": "string", "description": "The type of package.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "packageName", "packageSource", "packageType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Package resources.\n", "properties": { "availablePackageVersion": { "type": "string", "description": "The current version of the package.\n" }, "packageDescription": { "type": "string", "description": "Description of the package.\n" }, "packageId": { "type": "string" }, "packageName": { "type": "string", "description": "Unique name for the package.\n", "willReplaceOnChanges": true }, "packageSource": { "$ref": "#/types/aws:opensearch/PackagePackageSource:PackagePackageSource", "description": "Configuration block for the package source options.\n", "willReplaceOnChanges": true }, "packageType": { "type": "string", "description": "The type of package.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opensearch/packageAssociation:PackageAssociation": { "description": "Manages an AWS Opensearch Package Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDomain = new aws.opensearch.Domain(\"my_domain\", {\n domainName: \"my-opensearch-domain\",\n engineVersion: \"Elasticsearch_7.10\",\n clusterConfig: {\n instanceType: \"r4.large.search\",\n },\n});\nconst example = new aws.opensearch.Package(\"example\", {\n packageName: \"example-txt\",\n packageSource: {\n s3BucketName: myOpensearchPackages.bucket,\n s3Key: exampleAwsS3Object.key,\n },\n packageType: \"TXT-DICTIONARY\",\n});\nconst examplePackageAssociation = new aws.opensearch.PackageAssociation(\"example\", {\n packageId: example.id,\n domainName: myDomain.domainName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.opensearch.Domain(\"my_domain\",\n domain_name=\"my-opensearch-domain\",\n engine_version=\"Elasticsearch_7.10\",\n cluster_config={\n \"instance_type\": \"r4.large.search\",\n })\nexample = aws.opensearch.Package(\"example\",\n package_name=\"example-txt\",\n package_source={\n \"s3_bucket_name\": my_opensearch_packages[\"bucket\"],\n \"s3_key\": example_aws_s3_object[\"key\"],\n },\n package_type=\"TXT-DICTIONARY\")\nexample_package_association = aws.opensearch.PackageAssociation(\"example\",\n package_id=example.id,\n domain_name=my_domain.domain_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDomain = new Aws.OpenSearch.Domain(\"my_domain\", new()\n {\n DomainName = \"my-opensearch-domain\",\n EngineVersion = \"Elasticsearch_7.10\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.search\",\n },\n });\n\n var example = new Aws.OpenSearch.Package(\"example\", new()\n {\n PackageName = \"example-txt\",\n PackageSource = new Aws.OpenSearch.Inputs.PackagePackageSourceArgs\n {\n S3BucketName = myOpensearchPackages.Bucket,\n S3Key = exampleAwsS3Object.Key,\n },\n PackageType = \"TXT-DICTIONARY\",\n });\n\n var examplePackageAssociation = new Aws.OpenSearch.PackageAssociation(\"example\", new()\n {\n PackageId = example.Id,\n DomainName = myDomain.DomainName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDomain, err := opensearch.NewDomain(ctx, \"my_domain\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"my-opensearch-domain\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.10\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.search\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := opensearch.NewPackage(ctx, \"example\", \u0026opensearch.PackageArgs{\n\t\t\tPackageName: pulumi.String(\"example-txt\"),\n\t\t\tPackageSource: \u0026opensearch.PackagePackageSourceArgs{\n\t\t\t\tS3BucketName: pulumi.Any(myOpensearchPackages.Bucket),\n\t\t\t\tS3Key: pulumi.Any(exampleAwsS3Object.Key),\n\t\t\t},\n\t\t\tPackageType: pulumi.String(\"TXT-DICTIONARY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewPackageAssociation(ctx, \"example\", \u0026opensearch.PackageAssociationArgs{\n\t\t\tPackageId: example.ID(),\n\t\t\tDomainName: myDomain.DomainName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.Package;\nimport com.pulumi.aws.opensearch.PackageArgs;\nimport com.pulumi.aws.opensearch.inputs.PackagePackageSourceArgs;\nimport com.pulumi.aws.opensearch.PackageAssociation;\nimport com.pulumi.aws.opensearch.PackageAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDomain = new Domain(\"myDomain\", DomainArgs.builder()\n .domainName(\"my-opensearch-domain\")\n .engineVersion(\"Elasticsearch_7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.search\")\n .build())\n .build());\n\n var example = new Package(\"example\", PackageArgs.builder()\n .packageName(\"example-txt\")\n .packageSource(PackagePackageSourceArgs.builder()\n .s3BucketName(myOpensearchPackages.bucket())\n .s3Key(exampleAwsS3Object.key())\n .build())\n .packageType(\"TXT-DICTIONARY\")\n .build());\n\n var examplePackageAssociation = new PackageAssociation(\"examplePackageAssociation\", PackageAssociationArgs.builder()\n .packageId(example.id())\n .domainName(myDomain.domainName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDomain:\n type: aws:opensearch:Domain\n name: my_domain\n properties:\n domainName: my-opensearch-domain\n engineVersion: Elasticsearch_7.10\n clusterConfig:\n instanceType: r4.large.search\n example:\n type: aws:opensearch:Package\n properties:\n packageName: example-txt\n packageSource:\n s3BucketName: ${myOpensearchPackages.bucket}\n s3Key: ${exampleAwsS3Object.key}\n packageType: TXT-DICTIONARY\n examplePackageAssociation:\n type: aws:opensearch:PackageAssociation\n name: example\n properties:\n packageId: ${example.id}\n domainName: ${myDomain.domainName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain to associate the package with.\n" }, "packageId": { "type": "string", "description": "Internal ID of the package to associate with a domain.\n" }, "referencePath": { "type": "string" } }, "required": [ "domainName", "packageId", "referencePath" ], "inputProperties": { "domainName": { "type": "string", "description": "Name of the domain to associate the package with.\n", "willReplaceOnChanges": true }, "packageId": { "type": "string", "description": "Internal ID of the package to associate with a domain.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domainName", "packageId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PackageAssociation resources.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain to associate the package with.\n", "willReplaceOnChanges": true }, "packageId": { "type": "string", "description": "Internal ID of the package to associate with a domain.\n", "willReplaceOnChanges": true }, "referencePath": { "type": "string" } }, "type": "object" } }, "aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy": { "description": "Resource for managing an AWS OpenSearch Serverless Access Policy. See AWS documentation for [data access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html) and [supported data access policy permissions](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html#serverless-data-supported-permissions).\n\n## Example Usage\n\n### Grant all collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read and write permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\"aoss:*\"],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:*\"],\n },\n ],\n Principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read and write permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\"aoss:*\"],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:*\"],\n },\n ],\n \"Principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read and write permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read and write permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder()\n .name(\"example\")\n .type(\"data\")\n .description(\"read and write permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read and write permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:*\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:*\n Principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant read-only collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read-only permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:DescribeCollectionItems\"],\n },\n ],\n Principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read-only permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:DescribeCollectionItems\"],\n },\n ],\n \"Principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read-only permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:DescribeCollectionItems\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeIndex\",\n\t\t\t\t\t\t\t\"aoss:ReadDocument\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeCollectionItems\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read-only permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder()\n .name(\"example\")\n .type(\"data\")\n .description(\"read-only permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\n \"aoss:DescribeIndex\", \n \"aoss:ReadDocument\"\n ))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:DescribeCollectionItems\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read-only permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:DescribeIndex\n - aoss:ReadDocument\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:DescribeCollectionItems\n Principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant SAML identity permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"saml permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\"aoss:*\"],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:*\"],\n },\n ],\n Principal: [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"saml permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\"aoss:*\"],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:*\"],\n },\n ],\n \"Principal\": [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"saml permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []string{\n\t\t\t\t\t\"saml/123456789012/myprovider/user/Annie\",\n\t\t\t\t\t\"saml/123456789012/anotherprovider/group/Accounting\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"saml permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder()\n .name(\"example\")\n .type(\"data\")\n .description(\"saml permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(\n \"saml/123456789012/myprovider/user/Annie\", \n \"saml/123456789012/anotherprovider/group/Accounting\"\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: saml permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:*\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:*\n Principal:\n - saml/123456789012/myprovider/user/Annie\n - saml/123456789012/anotherprovider/group/Accounting\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Access Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy example example/data\n```\n", "properties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of access policy. Must be `data`.\n\nThe following arguments are optional:\n" } }, "required": [ "name", "policy", "policyVersion", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "type": { "type": "string", "description": "Type of access policy. Must be `data`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "policy", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessAccessPolicy resources.\n", "properties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of access policy. Must be `data`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:opensearch/serverlessCollection:ServerlessCollection": { "description": "Resource for managing an AWS OpenSearch Serverless Collection.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` cannot be created without having an applicable encryption security policy. Use the `depends_on` meta-argument to define this dependency.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` is not accessible without configuring an applicable network security policy. Data cannot be accessed without configuring an applicable data access policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\nconst exampleServerlessCollection = new aws.opensearch.ServerlessCollection(\"example\", {name: \"example\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\nexample_serverless_collection = aws.opensearch.ServerlessCollection(\"example\", name=\"example\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n var exampleServerlessCollection = new Aws.OpenSearch.ServerlessCollection(\"example\", new()\n {\n Name = \"example\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewServerlessCollection(ctx, \"example\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"encryption\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n var exampleServerlessCollection = new ServerlessCollection(\"exampleServerlessCollection\", ServerlessCollectionArgs.builder()\n .name(\"example\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example\n ResourceType: collection\n AWSOwnedKey: true\n exampleServerlessCollection:\n type: aws:opensearch:ServerlessCollection\n name: example\n properties:\n name: example\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Collection using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessCollection:ServerlessCollection example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the collection.\n" }, "collectionEndpoint": { "type": "string", "description": "Collection-specific endpoint used to submit index, search, and data upload requests to an OpenSearch Serverless collection.\n" }, "dashboardEndpoint": { "type": "string", "description": "Collection-specific endpoint used to access OpenSearch Dashboards.\n" }, "description": { "type": "string", "description": "Description of the collection.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN of the Amazon Web Services KMS key used to encrypt the collection.\n" }, "name": { "type": "string", "description": "Name of the collection.\n\nThe following arguments are optional:\n" }, "standbyReplicas": { "type": "string", "description": "Indicates whether standby replicas should be used for a collection. One of `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessCollectionTimeouts:ServerlessCollectionTimeouts" }, "type": { "type": "string", "description": "Type of collection. One of `SEARCH`, `TIMESERIES`, or `VECTORSEARCH`. Defaults to `TIMESERIES`.\n" } }, "required": [ "arn", "collectionEndpoint", "dashboardEndpoint", "kmsKeyArn", "name", "standbyReplicas", "tagsAll", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the collection.\n" }, "name": { "type": "string", "description": "Name of the collection.\n\nThe following arguments are optional:\n" }, "standbyReplicas": { "type": "string", "description": "Indicates whether standby replicas should be used for a collection. One of `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessCollectionTimeouts:ServerlessCollectionTimeouts" }, "type": { "type": "string", "description": "Type of collection. One of `SEARCH`, `TIMESERIES`, or `VECTORSEARCH`. Defaults to `TIMESERIES`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessCollection resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the collection.\n" }, "collectionEndpoint": { "type": "string", "description": "Collection-specific endpoint used to submit index, search, and data upload requests to an OpenSearch Serverless collection.\n" }, "dashboardEndpoint": { "type": "string", "description": "Collection-specific endpoint used to access OpenSearch Dashboards.\n" }, "description": { "type": "string", "description": "Description of the collection.\n" }, "kmsKeyArn": { "type": "string", "description": "The ARN of the Amazon Web Services KMS key used to encrypt the collection.\n" }, "name": { "type": "string", "description": "Name of the collection.\n\nThe following arguments are optional:\n" }, "standbyReplicas": { "type": "string", "description": "Indicates whether standby replicas should be used for a collection. One of `ENABLED` or `DISABLED`. Defaults to `ENABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessCollectionTimeouts:ServerlessCollectionTimeouts" }, "type": { "type": "string", "description": "Type of collection. One of `SEARCH`, `TIMESERIES`, or `VECTORSEARCH`. Defaults to `TIMESERIES`.\n" } }, "type": "object" } }, "aws:opensearch/serverlessLifecyclePolicy:ServerlessLifecyclePolicy": { "description": "Resource for managing an AWS OpenSearch Serverless Lifecycle Policy. See AWS documentation for [lifecycle policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-lifecycle.html).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessLifecyclePolicy(\"example\", {\n name: \"example\",\n type: \"retention\",\n policy: JSON.stringify({\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/autoparts-inventory/*\"],\n MinIndexRetention: \"81d\",\n },\n {\n ResourceType: \"index\",\n Resource: [\"index/sales/orders*\"],\n NoMinIndexRetention: true,\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessLifecyclePolicy(\"example\",\n name=\"example\",\n type=\"retention\",\n policy=json.dumps({\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/autoparts-inventory/*\"],\n \"MinIndexRetention\": \"81d\",\n },\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/sales/orders*\"],\n \"NoMinIndexRetention\": True,\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessLifecyclePolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"retention\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/autoparts-inventory/*\",\n },\n [\"MinIndexRetention\"] = \"81d\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/sales/orders*\",\n },\n [\"NoMinIndexRetention\"] = true,\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"index/autoparts-inventory/*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"MinIndexRetention\": \"81d\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"index/sales/orders*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"NoMinIndexRetention\": true,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessLifecyclePolicy(ctx, \"example\", \u0026opensearch.ServerlessLifecyclePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"retention\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessLifecyclePolicy;\nimport com.pulumi.aws.opensearch.ServerlessLifecyclePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessLifecyclePolicy(\"example\", ServerlessLifecyclePolicyArgs.builder()\n .name(\"example\")\n .type(\"retention\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/autoparts-inventory/*\")),\n jsonProperty(\"MinIndexRetention\", \"81d\")\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/sales/orders*\")),\n jsonProperty(\"NoMinIndexRetention\", true)\n )\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessLifecyclePolicy\n properties:\n name: example\n type: retention\n policy:\n fn::toJSON:\n Rules:\n - ResourceType: index\n Resource:\n - index/autoparts-inventory/*\n MinIndexRetention: 81d\n - ResourceType: index\n Resource:\n - index/sales/orders*\n NoMinIndexRetention: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch Serverless Lifecycle Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessLifecyclePolicy:ServerlessLifecyclePolicy example example/retention\n```\n", "properties": { "description": { "type": "string", "description": "Description of the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy.\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of lifecycle policy. Must be `retention`.\n\nThe following arguments are optional:\n" } }, "required": [ "name", "policy", "policyVersion", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy.\n" }, "type": { "type": "string", "description": "Type of lifecycle policy. Must be `retention`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "policy", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessLifecyclePolicy resources.\n", "properties": { "description": { "type": "string", "description": "Description of the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy.\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of lifecycle policy. Must be `retention`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:opensearch/serverlessSecurityConfig:ServerlessSecurityConfig": { "description": "Resource for managing an AWS OpenSearch Serverless Security Config.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Access Policy using the `name` argument prefixed with the string `saml/account_id/`. For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessSecurityConfig:ServerlessSecurityConfig example saml/123456789012/example\n```\n", "properties": { "configVersion": { "type": "string", "description": "Version of the configuration.\n" }, "description": { "type": "string", "description": "Description of the security configuration.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "samlOptions": { "$ref": "#/types/aws:opensearch/ServerlessSecurityConfigSamlOptions:ServerlessSecurityConfigSamlOptions", "description": "Configuration block for SAML options.\n" }, "type": { "type": "string", "description": "Type of configuration. Must be `saml`.\n\nThe following arguments are optional:\n" } }, "required": [ "configVersion", "name", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the security configuration.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "samlOptions": { "$ref": "#/types/aws:opensearch/ServerlessSecurityConfigSamlOptions:ServerlessSecurityConfigSamlOptions", "description": "Configuration block for SAML options.\n" }, "type": { "type": "string", "description": "Type of configuration. Must be `saml`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessSecurityConfig resources.\n", "properties": { "configVersion": { "type": "string", "description": "Version of the configuration.\n" }, "description": { "type": "string", "description": "Description of the security configuration.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "samlOptions": { "$ref": "#/types/aws:opensearch/ServerlessSecurityConfigSamlOptions:ServerlessSecurityConfigSamlOptions", "description": "Configuration block for SAML options.\n" }, "type": { "type": "string", "description": "Type of configuration. Must be `saml`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy": { "description": "Resource for managing an AWS OpenSearch Serverless Security Policy. See AWS documentation for [encryption policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-encryption.html#serverless-encryption-policies) and [network policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html#serverless-network-policies).\n\n## Example Usage\n\n### Encryption Security Policy\n\n### Applies to a single collection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for example-collection\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example-collection\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for example-collection\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example-collection\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for example-collection\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for example-collection\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for example-collection\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for example-collection\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example-collection\n ResourceType: collection\n AWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Applies to multiple collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for collections that begin with \\\"example\\\"\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example*\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for collections that begin with \\\"example\\\"\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example*\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for collections that begin with \\\"example\\\"\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example*\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for collections that begin with \\\"example\\\"\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for collections that begin with \\\"example\\\"\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example*\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for collections that begin with \"example\"\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example*\n ResourceType: collection\n AWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a customer managed key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy using customer KMS key\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/customer-managed-key-collection\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: false,\n KmsARN: \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy using customer KMS key\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/customer-managed-key-collection\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": False,\n \"KmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy using customer KMS key\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/customer-managed-key-collection\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = false,\n [\"KmsARN\"] = \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/customer-managed-key-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": false,\n\t\t\t\"KmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy using customer KMS key\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy using customer KMS key\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/customer-managed-key-collection\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", false),\n jsonProperty(\"KmsARN\", \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy using customer KMS key\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/customer-managed-key-collection\n ResourceType: collection\n AWSOwnedKey: false\n KmsARN: arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Security Policy\n\n### Allow public access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Public access\",\n policy: JSON.stringify([{\n Description: \"Public access to collection and Dashboards endpoint for example collection\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/example-collection\"],\n },\n ],\n AllowFromPublic: true,\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Public access\",\n policy=json.dumps([{\n \"Description\": \"Public access to collection and Dashboards endpoint for example collection\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/example-collection\"],\n },\n ],\n \"AllowFromPublic\": True,\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Public access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Public access to collection and Dashboards endpoint for example collection\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"AllowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Public access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Public access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"network\")\n .description(\"Public access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Description\", \"Public access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", true)\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Public access\n policy:\n fn::toJSON:\n - Description: Public access to collection and Dashboards endpoint for example collection\n Rules:\n - ResourceType: collection\n Resource:\n - collection/example-collection\n - ResourceType: dashboard\n Resource:\n - collection/example-collection\n AllowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allow VPC access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"VPC access\",\n policy: JSON.stringify([{\n Description: \"VPC access to collection and Dashboards endpoint for example collection\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/example-collection\"],\n },\n ],\n AllowFromPublic: false,\n SourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"VPC access\",\n policy=json.dumps([{\n \"Description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/example-collection\"],\n },\n ],\n \"AllowFromPublic\": False,\n \"SourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"VPC access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"VPC access to collection and Dashboards endpoint for example collection\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"AllowFromPublic\"] = false,\n [\"SourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": false,\n\t\t\t\t\"SourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"VPC access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"network\")\n .description(\"VPC access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Description\", \"VPC access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", false),\n jsonProperty(\"SourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: VPC access\n policy:\n fn::toJSON:\n - Description: VPC access to collection and Dashboards endpoint for example collection\n Rules:\n - ResourceType: collection\n Resource:\n - collection/example-collection\n - ResourceType: dashboard\n Resource:\n - collection/example-collection\n AllowFromPublic: false\n SourceVPCEs:\n - vpce-050f79086ee71ac05\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed access for different collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Mixed access for marketing and sales\",\n policy: JSON.stringify([\n {\n Description: \"Marketing access\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/marketing*\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/marketing*\"],\n },\n ],\n AllowFromPublic: false,\n SourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n },\n {\n Description: \"Sales access\",\n Rules: [{\n ResourceType: \"collection\",\n Resource: [\"collection/finance\"],\n }],\n AllowFromPublic: true,\n },\n ]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Mixed access for marketing and sales\",\n policy=json.dumps([\n {\n \"Description\": \"Marketing access\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/marketing*\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/marketing*\"],\n },\n ],\n \"AllowFromPublic\": False,\n \"SourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n },\n {\n \"Description\": \"Sales access\",\n \"Rules\": [{\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/finance\"],\n }],\n \"AllowFromPublic\": True,\n },\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Mixed access for marketing and sales\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Marketing access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n },\n [\"AllowFromPublic\"] = false,\n [\"SourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Sales access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/finance\",\n },\n },\n },\n [\"AllowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Marketing access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": false,\n\t\t\t\t\"SourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Sales access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/finance\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Mixed access for marketing and sales\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder()\n .name(\"example\")\n .type(\"network\")\n .description(\"Mixed access for marketing and sales\")\n .policy(serializeJson(\n jsonArray(\n jsonObject(\n jsonProperty(\"Description\", \"Marketing access\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", false),\n jsonProperty(\"SourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ), \n jsonObject(\n jsonProperty(\"Description\", \"Sales access\"),\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/finance\"))\n ))),\n jsonProperty(\"AllowFromPublic\", true)\n )\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Mixed access for marketing and sales\n policy:\n fn::toJSON:\n - Description: Marketing access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/marketing*\n - ResourceType: dashboard\n Resource:\n - collection/marketing*\n AllowFromPublic: false\n SourceVPCEs:\n - vpce-050f79086ee71ac05\n - Description: Sales access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/finance\n AllowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Security Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy example example/encryption\n```\n", "properties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of security policy. One of `encryption` or `network`.\n\nThe following arguments are optional:\n" } }, "required": [ "name", "policy", "policyVersion", "type" ], "inputProperties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "type": { "type": "string", "description": "Type of security policy. One of `encryption` or `network`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "policy", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessSecurityPolicy resources.\n", "properties": { "description": { "type": "string", "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON policy document to use as the content for the new policy\n" }, "policyVersion": { "type": "string", "description": "Version of the policy.\n" }, "type": { "type": "string", "description": "Type of security policy. One of `encryption` or `network`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:opensearch/serverlessVpcEndpoint:ServerlessVpcEndpoint": { "description": "Resource for managing an AWS OpenSearchServerless VPC Endpoint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessVpcEndpoint(\"example\", {\n name: \"myendpoint\",\n subnetIds: [exampleAwsSubnet.id],\n vpcId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessVpcEndpoint(\"example\",\n name=\"myendpoint\",\n subnet_ids=[example_aws_subnet[\"id\"]],\n vpc_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessVpcEndpoint(\"example\", new()\n {\n Name = \"myendpoint\",\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n VpcId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewServerlessVpcEndpoint(ctx, \"example\", \u0026opensearch.ServerlessVpcEndpointArgs{\n\t\t\tName: pulumi.String(\"myendpoint\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessVpcEndpoint;\nimport com.pulumi.aws.opensearch.ServerlessVpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessVpcEndpoint(\"example\", ServerlessVpcEndpointArgs.builder()\n .name(\"myendpoint\")\n .subnetIds(exampleAwsSubnet.id())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessVpcEndpoint\n properties:\n name: myendpoint\n subnetIds:\n - ${exampleAwsSubnet.id}\n vpcId: ${exampleAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Vpc Endpointa using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessVpcEndpoint:ServerlessVpcEndpoint example vpce-8012925589\n```\n", "properties": { "name": { "type": "string", "description": "Name of the interface endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint. Up to 5 security groups can be provided.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more subnet IDs from which you'll access OpenSearch Serverless. Up to 6 subnets can be provided.\n" }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessVpcEndpointTimeouts:ServerlessVpcEndpointTimeouts" }, "vpcId": { "type": "string", "description": "ID of the VPC from which you'll access OpenSearch Serverless.\n\nThe following arguments are optional:\n" } }, "required": [ "name", "securityGroupIds", "subnetIds", "vpcId" ], "inputProperties": { "name": { "type": "string", "description": "Name of the interface endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint. Up to 5 security groups can be provided.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more subnet IDs from which you'll access OpenSearch Serverless. Up to 6 subnets can be provided.\n" }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessVpcEndpointTimeouts:ServerlessVpcEndpointTimeouts" }, "vpcId": { "type": "string", "description": "ID of the VPC from which you'll access OpenSearch Serverless.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "subnetIds", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServerlessVpcEndpoint resources.\n", "properties": { "name": { "type": "string", "description": "Name of the interface endpoint.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint. Up to 5 security groups can be provided.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more subnet IDs from which you'll access OpenSearch Serverless. Up to 6 subnets can be provided.\n" }, "timeouts": { "$ref": "#/types/aws:opensearch/ServerlessVpcEndpointTimeouts:ServerlessVpcEndpointTimeouts" }, "vpcId": { "type": "string", "description": "ID of the VPC from which you'll access OpenSearch Serverless.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:opensearch/vpcEndpoint:VpcEndpoint": { "description": "Manages an [AWS Opensearch VPC Endpoint](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateVpcEndpoint.html). Creates an Amazon OpenSearch Service-managed VPC endpoint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.opensearch.VpcEndpoint(\"foo\", {\n domainArn: domain1.arn,\n vpcOptions: {\n securityGroupIds: [\n test.id,\n test2.id,\n ],\n subnetIds: [\n testAwsSubnet.id,\n test2AwsSubnet.id,\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.opensearch.VpcEndpoint(\"foo\",\n domain_arn=domain1[\"arn\"],\n vpc_options={\n \"security_group_ids\": [\n test[\"id\"],\n test2[\"id\"],\n ],\n \"subnet_ids\": [\n test_aws_subnet[\"id\"],\n test2_aws_subnet[\"id\"],\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.OpenSearch.VpcEndpoint(\"foo\", new()\n {\n DomainArn = domain1.Arn,\n VpcOptions = new Aws.OpenSearch.Inputs.VpcEndpointVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n test.Id,\n test2.Id,\n },\n SubnetIds = new[]\n {\n testAwsSubnet.Id,\n test2AwsSubnet.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewVpcEndpoint(ctx, \"foo\", \u0026opensearch.VpcEndpointArgs{\n\t\t\tDomainArn: pulumi.Any(domain1.Arn),\n\t\t\tVpcOptions: \u0026opensearch.VpcEndpointVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\ttest.Id,\n\t\t\t\t\ttest2.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\ttestAwsSubnet.Id,\n\t\t\t\t\ttest2AwsSubnet.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.VpcEndpoint;\nimport com.pulumi.aws.opensearch.VpcEndpointArgs;\nimport com.pulumi.aws.opensearch.inputs.VpcEndpointVpcOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new VpcEndpoint(\"foo\", VpcEndpointArgs.builder()\n .domainArn(domain1.arn())\n .vpcOptions(VpcEndpointVpcOptionsArgs.builder()\n .securityGroupIds( \n test.id(),\n test2.id())\n .subnetIds( \n testAwsSubnet.id(),\n test2AwsSubnet.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:opensearch:VpcEndpoint\n properties:\n domainArn: ${domain1.arn}\n vpcOptions:\n securityGroupIds:\n - ${test.id}\n - ${test2.id}\n subnetIds:\n - ${testAwsSubnet.id}\n - ${test2AwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch VPC endpoint connections using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearch/vpcEndpoint:VpcEndpoint example endpoint-id\n```\n", "properties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n" }, "endpoint": { "type": "string", "description": "The connection endpoint ID for connecting to the domain.\n" }, "vpcOptions": { "$ref": "#/types/aws:opensearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "required": [ "domainArn", "endpoint", "vpcOptions" ], "inputProperties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n", "willReplaceOnChanges": true }, "vpcOptions": { "$ref": "#/types/aws:opensearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "requiredInputs": [ "domainArn", "vpcOptions" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcEndpoint resources.\n", "properties": { "domainArn": { "type": "string", "description": "Specifies the Amazon Resource Name (ARN) of the domain to create the endpoint for\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The connection endpoint ID for connecting to the domain.\n" }, "vpcOptions": { "$ref": "#/types/aws:opensearch/VpcEndpointVpcOptions:VpcEndpointVpcOptions", "description": "Options to specify the subnets and security groups for the endpoint.\n" } }, "type": "object" } }, "aws:opensearchingest/pipeline:Pipeline": { "description": "Resource for managing an AWS OpenSearch Ingestion Pipeline.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"osis-pipelines.amazonaws.com\",\n },\n }],\n})});\nconst examplePipeline = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: pulumi.all([example.arn, current]).apply(([arn, current]) =\u003e `version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"osis-pipelines.amazonaws.com\",\n },\n }],\n}))\nexample_pipeline = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=example.arn.apply(lambda arn: f\"\"\"version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"{arn}\"\n region: \"{current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\"\"\"),\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"osis-pipelines.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var examplePipeline = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Output.Tuple(example.Arn, current).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n return @$\"version: \"\"2\"\"\nexample-pipeline:\n source:\n http:\n path: \"\"/example\"\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"\"{arn}\"\"\n region: \"\"{current.Apply(getRegionResult =\u003e getRegionResult.Name)}\"\"\n bucket: \"\"example\"\"\n threshold:\n event_collect_timeout: \"\"60s\"\"\n codec:\n ndjson:\n\";\n }),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"osis-pipelines.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%v\"\n region: \"%v\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`, arn, current.Name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"osis-pipelines.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var examplePipeline = new Pipeline(\"examplePipeline\", PipelineArgs.builder()\n .pipelineName(\"example\")\n .pipelineConfigurationBody(example.arn().applyValue(arn -\u003e \"\"\"\nversion: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%s\"\n region: \"%s\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\", arn,current.applyValue(getRegionResult -\u003e getRegionResult.name()))))\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: osis-pipelines.amazonaws.com\n examplePipeline:\n type: aws:opensearchingest:Pipeline\n name: example\n properties:\n pipelineName: example\n pipelineConfigurationBody: |\n version: \"2\"\n example-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${example.arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n maxUnits: 1\n minUnits: 1\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using file function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: std.file({\n input: \"example.yaml\",\n }).then(invoke =\u003e invoke.result),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=std.file(input=\"example.yaml\").result,\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Std.File.Invoke(new()\n {\n Input = \"example.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"example.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: pulumi.String(invokeFile.Result),\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder()\n .pipelineName(\"example\")\n .pipelineConfigurationBody(StdFunctions.file(FileArgs.builder()\n .input(\"example.yaml\")\n .build()).result())\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearchingest:Pipeline\n properties:\n pipelineName: example\n pipelineConfigurationBody:\n fn::invoke:\n Function: std:file\n Arguments:\n input: example.yaml\n Return: result\n maxUnits: 1\n minUnits: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch Ingestion Pipeline using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearchingest/pipeline:Pipeline example example\n```\n", "properties": { "bufferOptions": { "$ref": "#/types/aws:opensearchingest/PipelineBufferOptions:PipelineBufferOptions", "description": "Key-value pairs to configure persistent buffering for the pipeline. See `buffer_options` below.\n" }, "encryptionAtRestOptions": { "$ref": "#/types/aws:opensearchingest/PipelineEncryptionAtRestOptions:PipelineEncryptionAtRestOptions", "description": "Key-value pairs to configure encryption for data that is written to a persistent buffer. See `encryption_at_rest_options` below.\n" }, "ingestEndpointUrls": { "type": "array", "items": { "type": "string" }, "description": "The list of ingestion endpoints for the pipeline, which you can send data to.\n" }, "logPublishingOptions": { "$ref": "#/types/aws:opensearchingest/PipelineLogPublishingOptions:PipelineLogPublishingOptions", "description": "Key-value pairs to configure log publishing. See `log_publishing_options` below.\n" }, "maxUnits": { "type": "integer", "description": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "minUnits": { "type": "integer", "description": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "pipelineArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the pipeline.\n" }, "pipelineConfigurationBody": { "type": "string", "description": "The pipeline configuration in YAML format. This argument accepts the pipeline configuration as a string or within a .yaml file. If you provide the configuration as a string, each new line must be escaped with \\n.\n" }, "pipelineName": { "type": "string", "description": "The name of the OpenSearch Ingestion pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:opensearchingest/PipelineTimeouts:PipelineTimeouts" }, "vpcOptions": { "$ref": "#/types/aws:opensearchingest/PipelineVpcOptions:PipelineVpcOptions", "description": "Container for the values required to configure VPC access for the pipeline. If you don't specify these values, OpenSearch Ingestion creates the pipeline with a public endpoint. See `vpc_options` below.\n" } }, "required": [ "ingestEndpointUrls", "maxUnits", "minUnits", "pipelineArn", "pipelineConfigurationBody", "pipelineName", "tagsAll" ], "inputProperties": { "bufferOptions": { "$ref": "#/types/aws:opensearchingest/PipelineBufferOptions:PipelineBufferOptions", "description": "Key-value pairs to configure persistent buffering for the pipeline. See `buffer_options` below.\n" }, "encryptionAtRestOptions": { "$ref": "#/types/aws:opensearchingest/PipelineEncryptionAtRestOptions:PipelineEncryptionAtRestOptions", "description": "Key-value pairs to configure encryption for data that is written to a persistent buffer. See `encryption_at_rest_options` below.\n" }, "logPublishingOptions": { "$ref": "#/types/aws:opensearchingest/PipelineLogPublishingOptions:PipelineLogPublishingOptions", "description": "Key-value pairs to configure log publishing. See `log_publishing_options` below.\n" }, "maxUnits": { "type": "integer", "description": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "minUnits": { "type": "integer", "description": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "pipelineConfigurationBody": { "type": "string", "description": "The pipeline configuration in YAML format. This argument accepts the pipeline configuration as a string or within a .yaml file. If you provide the configuration as a string, each new line must be escaped with \\n.\n" }, "pipelineName": { "type": "string", "description": "The name of the OpenSearch Ingestion pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:opensearchingest/PipelineTimeouts:PipelineTimeouts" }, "vpcOptions": { "$ref": "#/types/aws:opensearchingest/PipelineVpcOptions:PipelineVpcOptions", "description": "Container for the values required to configure VPC access for the pipeline. If you don't specify these values, OpenSearch Ingestion creates the pipeline with a public endpoint. See `vpc_options` below.\n" } }, "requiredInputs": [ "maxUnits", "minUnits", "pipelineConfigurationBody", "pipelineName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "bufferOptions": { "$ref": "#/types/aws:opensearchingest/PipelineBufferOptions:PipelineBufferOptions", "description": "Key-value pairs to configure persistent buffering for the pipeline. See `buffer_options` below.\n" }, "encryptionAtRestOptions": { "$ref": "#/types/aws:opensearchingest/PipelineEncryptionAtRestOptions:PipelineEncryptionAtRestOptions", "description": "Key-value pairs to configure encryption for data that is written to a persistent buffer. See `encryption_at_rest_options` below.\n" }, "ingestEndpointUrls": { "type": "array", "items": { "type": "string" }, "description": "The list of ingestion endpoints for the pipeline, which you can send data to.\n" }, "logPublishingOptions": { "$ref": "#/types/aws:opensearchingest/PipelineLogPublishingOptions:PipelineLogPublishingOptions", "description": "Key-value pairs to configure log publishing. See `log_publishing_options` below.\n" }, "maxUnits": { "type": "integer", "description": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "minUnits": { "type": "integer", "description": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).\n" }, "pipelineArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the pipeline.\n" }, "pipelineConfigurationBody": { "type": "string", "description": "The pipeline configuration in YAML format. This argument accepts the pipeline configuration as a string or within a .yaml file. If you provide the configuration as a string, each new line must be escaped with \\n.\n" }, "pipelineName": { "type": "string", "description": "The name of the OpenSearch Ingestion pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pipeline. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:opensearchingest/PipelineTimeouts:PipelineTimeouts" }, "vpcOptions": { "$ref": "#/types/aws:opensearchingest/PipelineVpcOptions:PipelineVpcOptions", "description": "Container for the values required to configure VPC access for the pipeline. If you don't specify these values, OpenSearch Ingestion creates the pipeline with a public endpoint. See `vpc_options` below.\n" } }, "type": "object" } }, "aws:opsworks/application:Application": { "description": "Provides an OpsWorks application resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst foo_app = new aws.opsworks.Application(\"foo-app\", {\n name: \"foobar application\",\n shortName: \"foobar\",\n stackId: main.id,\n type: \"rails\",\n description: \"This is a Rails application\",\n domains: [\n \"example.com\",\n \"sub.example.com\",\n ],\n environments: [{\n key: \"key\",\n value: \"value\",\n secure: false,\n }],\n appSources: [{\n type: \"git\",\n revision: \"master\",\n url: \"https://github.com/example.git\",\n }],\n enableSsl: true,\n sslConfigurations: [{\n privateKey: std.file({\n input: \"./foobar.key\",\n }).then(invoke =\u003e invoke.result),\n certificate: std.file({\n input: \"./foobar.crt\",\n }).then(invoke =\u003e invoke.result),\n }],\n documentRoot: \"public\",\n autoBundleOnDeploy: \"true\",\n railsEnv: \"staging\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nfoo_app = aws.opsworks.Application(\"foo-app\",\n name=\"foobar application\",\n short_name=\"foobar\",\n stack_id=main[\"id\"],\n type=\"rails\",\n description=\"This is a Rails application\",\n domains=[\n \"example.com\",\n \"sub.example.com\",\n ],\n environments=[{\n \"key\": \"key\",\n \"value\": \"value\",\n \"secure\": False,\n }],\n app_sources=[{\n \"type\": \"git\",\n \"revision\": \"master\",\n \"url\": \"https://github.com/example.git\",\n }],\n enable_ssl=True,\n ssl_configurations=[{\n \"private_key\": std.file(input=\"./foobar.key\").result,\n \"certificate\": std.file(input=\"./foobar.crt\").result,\n }],\n document_root=\"public\",\n auto_bundle_on_deploy=\"true\",\n rails_env=\"staging\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo_app = new Aws.OpsWorks.Application(\"foo-app\", new()\n {\n Name = \"foobar application\",\n ShortName = \"foobar\",\n StackId = main.Id,\n Type = \"rails\",\n Description = \"This is a Rails application\",\n Domains = new[]\n {\n \"example.com\",\n \"sub.example.com\",\n },\n Environments = new[]\n {\n new Aws.OpsWorks.Inputs.ApplicationEnvironmentArgs\n {\n Key = \"key\",\n Value = \"value\",\n Secure = false,\n },\n },\n AppSources = new[]\n {\n new Aws.OpsWorks.Inputs.ApplicationAppSourceArgs\n {\n Type = \"git\",\n Revision = \"master\",\n Url = \"https://github.com/example.git\",\n },\n },\n EnableSsl = true,\n SslConfigurations = new[]\n {\n new Aws.OpsWorks.Inputs.ApplicationSslConfigurationArgs\n {\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"./foobar.key\",\n }).Apply(invoke =\u003e invoke.Result),\n Certificate = Std.File.Invoke(new()\n {\n Input = \"./foobar.crt\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n },\n DocumentRoot = \"public\",\n AutoBundleOnDeploy = \"true\",\n RailsEnv = \"staging\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./foobar.key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./foobar.crt\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opsworks.NewApplication(ctx, \"foo-app\", \u0026opsworks.ApplicationArgs{\n\t\t\tName: pulumi.String(\"foobar application\"),\n\t\t\tShortName: pulumi.String(\"foobar\"),\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t\tType: pulumi.String(\"rails\"),\n\t\t\tDescription: pulumi.String(\"This is a Rails application\"),\n\t\t\tDomains: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\tpulumi.String(\"sub.example.com\"),\n\t\t\t},\n\t\t\tEnvironments: opsworks.ApplicationEnvironmentArray{\n\t\t\t\t\u0026opsworks.ApplicationEnvironmentArgs{\n\t\t\t\t\tKey: pulumi.String(\"key\"),\n\t\t\t\t\tValue: pulumi.String(\"value\"),\n\t\t\t\t\tSecure: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAppSources: opsworks.ApplicationAppSourceArray{\n\t\t\t\t\u0026opsworks.ApplicationAppSourceArgs{\n\t\t\t\t\tType: pulumi.String(\"git\"),\n\t\t\t\t\tRevision: pulumi.String(\"master\"),\n\t\t\t\t\tUrl: pulumi.String(\"https://github.com/example.git\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnableSsl: pulumi.Bool(true),\n\t\t\tSslConfigurations: opsworks.ApplicationSslConfigurationArray{\n\t\t\t\t\u0026opsworks.ApplicationSslConfigurationArgs{\n\t\t\t\t\tPrivateKey: pulumi.String(invokeFile.Result),\n\t\t\t\t\tCertificate: pulumi.String(invokeFile1.Result),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDocumentRoot: pulumi.String(\"public\"),\n\t\t\tAutoBundleOnDeploy: pulumi.String(\"true\"),\n\t\t\tRailsEnv: pulumi.String(\"staging\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.Application;\nimport com.pulumi.aws.opsworks.ApplicationArgs;\nimport com.pulumi.aws.opsworks.inputs.ApplicationEnvironmentArgs;\nimport com.pulumi.aws.opsworks.inputs.ApplicationAppSourceArgs;\nimport com.pulumi.aws.opsworks.inputs.ApplicationSslConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo_app = new Application(\"foo-app\", ApplicationArgs.builder()\n .name(\"foobar application\")\n .shortName(\"foobar\")\n .stackId(main.id())\n .type(\"rails\")\n .description(\"This is a Rails application\")\n .domains( \n \"example.com\",\n \"sub.example.com\")\n .environments(ApplicationEnvironmentArgs.builder()\n .key(\"key\")\n .value(\"value\")\n .secure(false)\n .build())\n .appSources(ApplicationAppSourceArgs.builder()\n .type(\"git\")\n .revision(\"master\")\n .url(\"https://github.com/example.git\")\n .build())\n .enableSsl(true)\n .sslConfigurations(ApplicationSslConfigurationArgs.builder()\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"./foobar.key\")\n .build()).result())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"./foobar.crt\")\n .build()).result())\n .build())\n .documentRoot(\"public\")\n .autoBundleOnDeploy(true)\n .railsEnv(\"staging\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo-app:\n type: aws:opsworks:Application\n properties:\n name: foobar application\n shortName: foobar\n stackId: ${main.id}\n type: rails\n description: This is a Rails application\n domains:\n - example.com\n - sub.example.com\n environments:\n - key: key\n value: value\n secure: false\n appSources:\n - type: git\n revision: master\n url: https://github.com/example.git\n enableSsl: true\n sslConfigurations:\n - privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./foobar.key\n Return: result\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./foobar.crt\n Return: result\n documentRoot: public\n autoBundleOnDeploy: true\n railsEnv: staging\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Opsworks Application using the `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/application:Application test \u003cid\u003e\n```\n", "properties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n" }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "ID of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "required": [ "appSources", "name", "shortName", "stackId", "type" ], "inputProperties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n", "willReplaceOnChanges": true }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "ID of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "requiredInputs": [ "stackId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "appSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationAppSource:ApplicationAppSource" }, "description": "SCM configuration of the app as described below.\n" }, "autoBundleOnDeploy": { "type": "string", "description": "Run bundle install when deploying for application of type `rails`.\n" }, "awsFlowRubySettings": { "type": "string", "description": "Specify activity and workflow workers for your app using the aws-flow gem.\n" }, "dataSourceArn": { "type": "string", "description": "The data source's ARN.\n" }, "dataSourceDatabaseName": { "type": "string", "description": "The database name.\n" }, "dataSourceType": { "type": "string", "description": "The data source's type one of `AutoSelectOpsworksMysqlInstance`, `OpsworksMysqlInstance`, or `RdsDbInstance`.\n" }, "description": { "type": "string", "description": "A description of the app.\n" }, "documentRoot": { "type": "string", "description": "Subfolder for the document root for application of type `rails`.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A list of virtual host alias.\n" }, "enableSsl": { "type": "boolean", "description": "Whether to enable SSL for the app. This must be set in order to let `ssl_configuration.private_key`, `ssl_configuration.certificate` and `ssl_configuration.chain` take effect.\n" }, "environments": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationEnvironment:ApplicationEnvironment" }, "description": "Object to define environment variables. Object is described below.\n" }, "name": { "type": "string", "description": "A human-readable name for the application.\n" }, "railsEnv": { "type": "string", "description": "The name of the Rails environment for application of type `rails`.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the application. This can only be defined on resource creation and ignored on resource update.\n", "willReplaceOnChanges": true }, "sslConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/ApplicationSslConfiguration:ApplicationSslConfiguration" }, "description": "The SSL configuration of the app. Object is described below.\n" }, "stackId": { "type": "string", "description": "ID of the stack the application will belong to.\n" }, "type": { "type": "string", "description": "Opsworks application type. One of `aws-flow-ruby`, `java`, `rails`, `php`, `nodejs`, `static` or `other`.\n" } }, "type": "object" } }, "aws:opsworks/customLayer:CustomLayer": { "description": "Provides an OpsWorks custom layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst custlayer = new aws.opsworks.CustomLayer(\"custlayer\", {\n name: \"My Awesome Custom Layer\",\n shortName: \"awesome\",\n stackId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncustlayer = aws.opsworks.CustomLayer(\"custlayer\",\n name=\"My Awesome Custom Layer\",\n short_name=\"awesome\",\n stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var custlayer = new Aws.OpsWorks.CustomLayer(\"custlayer\", new()\n {\n Name = \"My Awesome Custom Layer\",\n ShortName = \"awesome\",\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewCustomLayer(ctx, \"custlayer\", \u0026opsworks.CustomLayerArgs{\n\t\t\tName: pulumi.String(\"My Awesome Custom Layer\"),\n\t\t\tShortName: pulumi.String(\"awesome\"),\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.CustomLayer;\nimport com.pulumi.aws.opsworks.CustomLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var custlayer = new CustomLayer(\"custlayer\", CustomLayerArgs.builder()\n .name(\"My Awesome Custom Layer\")\n .shortName(\"awesome\")\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n custlayer:\n type: aws:opsworks:CustomLayer\n properties:\n name: My Awesome Custom Layer\n shortName: awesome\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpsWorks Custom Layers using the `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/customLayer:CustomLayer bar 00000000-0000-0000-0000-000000000000\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/CustomLayerCloudwatchConfiguration:CustomLayerCloudwatchConfiguration", "description": "Will create an EBS volume and connect it to the layer's instances. See Cloudwatch Configuration.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "Will create an EBS volume and connect it to the layer's instances. See EBS Volume.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/CustomLayerLoadBasedAutoScaling:CustomLayerLoadBasedAutoScaling", "description": "Load-based auto scaling configuration. See Load Based AutoScaling\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "shortName", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/CustomLayerCloudwatchConfiguration:CustomLayerCloudwatchConfiguration", "description": "Will create an EBS volume and connect it to the layer's instances. See Cloudwatch Configuration.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "Will create an EBS volume and connect it to the layer's instances. See EBS Volume.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/CustomLayerLoadBasedAutoScaling:CustomLayerLoadBasedAutoScaling", "description": "Load-based auto scaling configuration. See Load Based AutoScaling\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "shortName", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/CustomLayerCloudwatchConfiguration:CustomLayerCloudwatchConfiguration", "description": "Will create an EBS volume and connect it to the layer's instances. See Cloudwatch Configuration.\n" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/CustomLayerEbsVolume:CustomLayerEbsVolume" }, "description": "Will create an EBS volume and connect it to the layer's instances. See EBS Volume.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/CustomLayerLoadBasedAutoScaling:CustomLayerLoadBasedAutoScaling", "description": "Load-based auto scaling configuration. See Load Based AutoScaling\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "shortName": { "type": "string", "description": "A short, machine-readable name for the layer, which will be used to identify it in the Chef node JSON.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/ecsClusterLayer:EcsClusterLayer": { "description": "Provides an OpsWorks ECS Cluster layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opsworks.EcsClusterLayer(\"example\", {\n stackId: exampleAwsOpsworksStack.id,\n ecsClusterArn: exampleAwsEcsCluster.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opsworks.EcsClusterLayer(\"example\",\n stack_id=example_aws_opsworks_stack[\"id\"],\n ecs_cluster_arn=example_aws_ecs_cluster[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpsWorks.EcsClusterLayer(\"example\", new()\n {\n StackId = exampleAwsOpsworksStack.Id,\n EcsClusterArn = exampleAwsEcsCluster.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewEcsClusterLayer(ctx, \"example\", \u0026opsworks.EcsClusterLayerArgs{\n\t\t\tStackId: pulumi.Any(exampleAwsOpsworksStack.Id),\n\t\t\tEcsClusterArn: pulumi.Any(exampleAwsEcsCluster.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.EcsClusterLayer;\nimport com.pulumi.aws.opsworks.EcsClusterLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EcsClusterLayer(\"example\", EcsClusterLayerArgs.builder()\n .stackId(exampleAwsOpsworksStack.id())\n .ecsClusterArn(exampleAwsEcsCluster.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opsworks:EcsClusterLayer\n properties:\n stackId: ${exampleAwsOpsworksStack.id}\n ecsClusterArn: ${exampleAwsEcsCluster.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/EcsClusterLayerCloudwatchConfiguration:EcsClusterLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/EcsClusterLayerEbsVolume:EcsClusterLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "ecsClusterArn": { "type": "string", "description": "The ECS Cluster ARN of the layer.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/EcsClusterLayerLoadBasedAutoScaling:EcsClusterLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "ecsClusterArn", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/EcsClusterLayerCloudwatchConfiguration:EcsClusterLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/EcsClusterLayerEbsVolume:EcsClusterLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "ecsClusterArn": { "type": "string", "description": "The ECS Cluster ARN of the layer.\n", "willReplaceOnChanges": true }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/EcsClusterLayerLoadBasedAutoScaling:EcsClusterLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "ecsClusterArn", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EcsClusterLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/EcsClusterLayerCloudwatchConfiguration:EcsClusterLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/EcsClusterLayerEbsVolume:EcsClusterLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "ecsClusterArn": { "type": "string", "description": "The ECS Cluster ARN of the layer.\n", "willReplaceOnChanges": true }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/EcsClusterLayerLoadBasedAutoScaling:EcsClusterLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/gangliaLayer:GangliaLayer": { "description": "Provides an OpsWorks Ganglia layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst monitor = new aws.opsworks.GangliaLayer(\"monitor\", {\n stackId: main.id,\n password: \"foobarbaz\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmonitor = aws.opsworks.GangliaLayer(\"monitor\",\n stack_id=main[\"id\"],\n password=\"foobarbaz\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var monitor = new Aws.OpsWorks.GangliaLayer(\"monitor\", new()\n {\n StackId = main.Id,\n Password = \"foobarbaz\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewGangliaLayer(ctx, \"monitor\", \u0026opsworks.GangliaLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.GangliaLayer;\nimport com.pulumi.aws.opsworks.GangliaLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var monitor = new GangliaLayer(\"monitor\", GangliaLayerArgs.builder()\n .stackId(main.id())\n .password(\"foobarbaz\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n monitor:\n type: aws:opsworks:GangliaLayer\n properties:\n stackId: ${main.id}\n password: foobarbaz\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/GangliaLayerCloudwatchConfiguration:GangliaLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/GangliaLayerLoadBasedAutoScaling:GangliaLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "password", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/GangliaLayerCloudwatchConfiguration:GangliaLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/GangliaLayerLoadBasedAutoScaling:GangliaLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "requiredInputs": [ "password", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GangliaLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/GangliaLayerCloudwatchConfiguration:GangliaLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/GangliaLayerEbsVolume:GangliaLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/GangliaLayerLoadBasedAutoScaling:GangliaLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "password": { "type": "string", "description": "The password to use for Ganglia.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL path to use for Ganglia. Defaults to \"/ganglia\".\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" }, "username": { "type": "string", "description": "The username to use for Ganglia. Defaults to \"opsworks\".\n" } }, "type": "object" } }, "aws:opsworks/haproxyLayer:HaproxyLayer": { "description": "Provides an OpsWorks haproxy layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.opsworks.HaproxyLayer(\"lb\", {\n stackId: main.id,\n statsPassword: \"foobarbaz\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.opsworks.HaproxyLayer(\"lb\",\n stack_id=main[\"id\"],\n stats_password=\"foobarbaz\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.OpsWorks.HaproxyLayer(\"lb\", new()\n {\n StackId = main.Id,\n StatsPassword = \"foobarbaz\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewHaproxyLayer(ctx, \"lb\", \u0026opsworks.HaproxyLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t\tStatsPassword: pulumi.String(\"foobarbaz\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.HaproxyLayer;\nimport com.pulumi.aws.opsworks.HaproxyLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new HaproxyLayer(\"lb\", HaproxyLayerArgs.builder()\n .stackId(main.id())\n .statsPassword(\"foobarbaz\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:opsworks:HaproxyLayer\n properties:\n stackId: ${main.id}\n statsPassword: foobarbaz\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/HaproxyLayerCloudwatchConfiguration:HaproxyLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/HaproxyLayerLoadBasedAutoScaling:HaproxyLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "statsPassword", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/HaproxyLayerCloudwatchConfiguration:HaproxyLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/HaproxyLayerLoadBasedAutoScaling:HaproxyLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId", "statsPassword" ], "stateInputs": { "description": "Input properties used for looking up and filtering HaproxyLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/HaproxyLayerCloudwatchConfiguration:HaproxyLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/HaproxyLayerEbsVolume:HaproxyLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "healthcheckMethod": { "type": "string", "description": "HTTP method to use for instance healthchecks. Defaults to \"OPTIONS\".\n" }, "healthcheckUrl": { "type": "string", "description": "URL path to use for instance healthchecks. Defaults to \"/\".\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/HaproxyLayerLoadBasedAutoScaling:HaproxyLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "statsEnabled": { "type": "boolean", "description": "Whether to enable HAProxy stats.\n" }, "statsPassword": { "type": "string", "description": "The password to use for HAProxy stats.\n" }, "statsUrl": { "type": "string", "description": "The HAProxy stats URL. Defaults to \"/haproxy?stats\".\n" }, "statsUser": { "type": "string", "description": "The username for HAProxy stats. Defaults to \"opsworks\".\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/instance:Instance": { "description": "Provides an OpsWorks instance resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst my_instance = new aws.opsworks.Instance(\"my-instance\", {\n stackId: main.id,\n layerIds: [my_layer.id],\n instanceType: \"t2.micro\",\n os: \"Amazon Linux 2015.09\",\n state: \"stopped\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_instance = aws.opsworks.Instance(\"my-instance\",\n stack_id=main[\"id\"],\n layer_ids=[my_layer[\"id\"]],\n instance_type=\"t2.micro\",\n os=\"Amazon Linux 2015.09\",\n state=\"stopped\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var my_instance = new Aws.OpsWorks.Instance(\"my-instance\", new()\n {\n StackId = main.Id,\n LayerIds = new[]\n {\n my_layer.Id,\n },\n InstanceType = \"t2.micro\",\n Os = \"Amazon Linux 2015.09\",\n State = \"stopped\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewInstance(ctx, \"my-instance\", \u0026opsworks.InstanceArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t\tLayerIds: pulumi.StringArray{\n\t\t\t\tmy_layer.Id,\n\t\t\t},\n\t\t\tInstanceType: pulumi.String(\"t2.micro\"),\n\t\t\tOs: pulumi.String(\"Amazon Linux 2015.09\"),\n\t\t\tState: pulumi.String(\"stopped\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.Instance;\nimport com.pulumi.aws.opsworks.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var my_instance = new Instance(\"my-instance\", InstanceArgs.builder()\n .stackId(main.id())\n .layerIds(my_layer.id())\n .instanceType(\"t2.micro\")\n .os(\"Amazon Linux 2015.09\")\n .state(\"stopped\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n my-instance:\n type: aws:opsworks:Instance\n properties:\n stackId: ${main.id}\n layerIds:\n - ${[\"my-layer\"].id}\n instanceType: t2.micro\n os: Amazon Linux 2015.09\n state: stopped\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Block devices\n\nEach of the `*_block_device` attributes controls a portion of the AWS\nInstance's \"Block Device Mapping\". It's a good idea to familiarize yourself with [AWS's Block Device\nMapping docs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html)\nto understand the implications of using these attributes.\n\n### `ebs_block_device`\n\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed on instance termination. Default is `true`.\n* `device_name` - (Required) Name of the device to mount.\n* `iops` - (Optional) Amount of provisioned [IOPS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). This must be set with a `volume_type` of `io1`.\n* `snapshot_id` - (Optional) Snapshot ID to mount.\n* `volume_size` - (Optional) Size of the volume in gigabytes.\n* `volume_type` - (Optional) Type of volume. Valid values are `standard`, `gp2`, or `io1`. Default is `standard`.\n\nModifying any `ebs_block_device` currently requires resource replacement.\n\n### `ephemeral_block_device`\n\n* `device_name` - Name of the block device to mount on the instance.\n* `virtual_name` - The [Instance Store Device Name](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`).\n\nEach AWS Instance type has a different set of Instance Store block devices\navailable for attachment. AWS [publishes a\nlist](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes)\nof which ephemeral devices are available on each type. The devices are always\nidentified by the `virtual_name` in the format `ephemeral{0..N}`.\n\n### `root_block_device`\n\n* `delete_on_termination` - (Optional) Whether the volume should be destroyed on instance termination. Default is `true`.\n* `iops` - (Optional) Amount of provisioned [IOPS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). This must be set with a `volume_type` of `io1`.\n* `volume_size` - (Optional) Size of the volume in gigabytes.\n* `volume_type` - (Optional) Type of volume. Valid values are `standard`, `gp2`, or `io1`. Default is `standard`.\n\nModifying any of the `root_block_device` settings requires resource\nreplacement.\n\n\u003e **NOTE:** Currently, changes to `*_block_device` configuration of _existing_\nresources cannot be automatically detected by this provider. After making updates\nto block device configuration, resource recreation can be manually triggered by\nusing the [`up` command with the --replace argument](https://www.pulumi.com/docs/reference/cli/pulumi_up/).\n\n## Import\n\nUsing `pulumi import`, import Opsworks Instances using the instance `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/instance:Instance my_instance 4d6d1710-ded9-42a1-b08e-b043ad7af1e2\n```\n", "properties": { "agentVersion": { "type": "string", "description": "OpsWorks agent to install. Default is `INHERIT`.\n" }, "amiId": { "type": "string", "description": "AMI to use for the instance. If an AMI is specified, `os` must be `Custom`.\n" }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Valid values are `x86_64` or `i386`. The default is `x86_64`.\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. Valid values are `load`, `timer`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\n" }, "createdAt": { "type": "string", "description": "Time that the instance was created.\n" }, "deleteEbs": { "type": "boolean", "description": "Whether to delete EBS volume on deletion. Default is `true`.\n" }, "deleteEip": { "type": "boolean", "description": "Whether to delete the Elastic IP on deletion.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Configuration block for additional EBS block devices to attach to the instance. See Block Devices below.\n" }, "ebsOptimized": { "type": "boolean", "description": "Whether the launched EC2 instance will be EBS-optimized.\n" }, "ec2InstanceId": { "type": "string", "description": "EC2 instance ID.\n" }, "ecsClusterArn": { "type": "string", "description": "ECS cluster's ARN for container instances.\n" }, "elasticIp": { "type": "string", "description": "Instance Elastic IP address.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Configuration block for ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below.\n" }, "hostname": { "type": "string", "description": "Instance's host name.\n" }, "infrastructureClass": { "type": "string", "description": "For registered instances, infrastructure class: ec2 or on-premises.\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Default is `true`.\n" }, "instanceProfileArn": { "type": "string", "description": "ARN of the instance's IAM profile.\n" }, "instanceType": { "type": "string", "description": "Type of instance to start.\n" }, "lastServiceErrorId": { "type": "string", "description": "ID of the last service error.\n" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "List of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n" }, "platform": { "type": "string", "description": "Instance's platform.\n" }, "privateDns": { "type": "string", "description": "Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.\n" }, "privateIp": { "type": "string", "description": "Private IP address assigned to the instance.\n" }, "publicDns": { "type": "string", "description": "Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.\n" }, "publicIp": { "type": "string", "description": "Public IP address assigned to the instance, if applicable.\n" }, "registeredBy": { "type": "string", "description": "For registered instances, who performed the registration.\n" }, "reportedAgentVersion": { "type": "string", "description": "Instance's reported AWS OpsWorks Stacks agent version.\n" }, "reportedOsFamily": { "type": "string", "description": "For registered instances, the reported operating system family.\n" }, "reportedOsName": { "type": "string", "description": "For registered instances, the reported operating system name.\n" }, "reportedOsVersion": { "type": "string", "description": "For registered instances, the reported operating system version.\n" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Configuration block for the root block device of the instance. See Block Devices below.\n" }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Valid values are `ebs` or `instance-store`.\n" }, "rootDeviceVolumeId": { "type": "string", "description": "Root device volume ID.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Associated security groups.\n" }, "sshHostDsaKeyFingerprint": { "type": "string", "description": "SSH key's Deep Security Agent (DSA) fingerprint.\n" }, "sshHostRsaKeyFingerprint": { "type": "string", "description": "SSH key's RSA fingerprint.\n" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "Identifier of the stack the instance will belong to.\n\nThe following arguments are optional:\n" }, "state": { "type": "string", "description": "Desired state of the instance. Valid values are `running` or `stopped`.\n" }, "status": { "type": "string", "description": "Instance status. Will be one of `booting`, `connection_lost`, `online`, `pending`, `rebooting`, `requested`, `running_setup`, `setup_failed`, `shutting_down`, `start_failed`, `stop_failed`, `stopped`, `stopping`, `terminated`, or `terminating`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to.\n" }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Valid values are `default`, `dedicated` or `host`.\n" }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances will use. Valid values are `paravirtual` or `hvm`.\n" } }, "required": [ "amiId", "availabilityZone", "createdAt", "ebsBlockDevices", "ec2InstanceId", "ecsClusterArn", "elasticIp", "ephemeralBlockDevices", "hostname", "infrastructureClass", "instanceProfileArn", "lastServiceErrorId", "layerIds", "os", "platform", "privateDns", "privateIp", "publicDns", "publicIp", "registeredBy", "reportedAgentVersion", "reportedOsFamily", "reportedOsName", "reportedOsVersion", "rootBlockDevices", "rootDeviceType", "rootDeviceVolumeId", "securityGroupIds", "sshHostDsaKeyFingerprint", "sshHostRsaKeyFingerprint", "sshKeyName", "stackId", "status", "subnetId", "tenancy", "virtualizationType" ], "inputProperties": { "agentVersion": { "type": "string", "description": "OpsWorks agent to install. Default is `INHERIT`.\n" }, "amiId": { "type": "string", "description": "AMI to use for the instance. If an AMI is specified, `os` must be `Custom`.\n", "willReplaceOnChanges": true }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Valid values are `x86_64` or `i386`. The default is `x86_64`.\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. Valid values are `load`, `timer`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "Time that the instance was created.\n" }, "deleteEbs": { "type": "boolean", "description": "Whether to delete EBS volume on deletion. Default is `true`.\n" }, "deleteEip": { "type": "boolean", "description": "Whether to delete the Elastic IP on deletion.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Configuration block for additional EBS block devices to attach to the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Whether the launched EC2 instance will be EBS-optimized.\n", "willReplaceOnChanges": true }, "ecsClusterArn": { "type": "string", "description": "ECS cluster's ARN for container instances.\n" }, "elasticIp": { "type": "string", "description": "Instance Elastic IP address.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Configuration block for ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "hostname": { "type": "string", "description": "Instance's host name.\n", "willReplaceOnChanges": true }, "infrastructureClass": { "type": "string", "description": "For registered instances, infrastructure class: ec2 or on-premises.\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Default is `true`.\n" }, "instanceProfileArn": { "type": "string", "description": "ARN of the instance's IAM profile.\n" }, "instanceType": { "type": "string", "description": "Type of instance to start.\n" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "List of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n", "willReplaceOnChanges": true }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Configuration block for the root block device of the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Valid values are `ebs` or `instance-store`.\n", "willReplaceOnChanges": true }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Associated security groups.\n" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "Identifier of the stack the instance will belong to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "Desired state of the instance. Valid values are `running` or `stopped`.\n" }, "status": { "type": "string", "description": "Instance status. Will be one of `booting`, `connection_lost`, `online`, `pending`, `rebooting`, `requested`, `running_setup`, `setup_failed`, `shutting_down`, `start_failed`, `stop_failed`, `stopped`, `stopping`, `terminated`, or `terminating`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to.\n", "willReplaceOnChanges": true }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Valid values are `default`, `dedicated` or `host`.\n", "willReplaceOnChanges": true }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances will use. Valid values are `paravirtual` or `hvm`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "layerIds", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "agentVersion": { "type": "string", "description": "OpsWorks agent to install. Default is `INHERIT`.\n" }, "amiId": { "type": "string", "description": "AMI to use for the instance. If an AMI is specified, `os` must be `Custom`.\n", "willReplaceOnChanges": true }, "architecture": { "type": "string", "description": "Machine architecture for created instances. Valid values are `x86_64` or `i386`. The default is `x86_64`.\n" }, "autoScalingType": { "type": "string", "description": "Creates load-based or time-based instances. Valid values are `load`, `timer`.\n" }, "availabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\n", "willReplaceOnChanges": true }, "createdAt": { "type": "string", "description": "Time that the instance was created.\n" }, "deleteEbs": { "type": "boolean", "description": "Whether to delete EBS volume on deletion. Default is `true`.\n" }, "deleteEip": { "type": "boolean", "description": "Whether to delete the Elastic IP on deletion.\n" }, "ebsBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEbsBlockDevice:InstanceEbsBlockDevice" }, "description": "Configuration block for additional EBS block devices to attach to the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "ebsOptimized": { "type": "boolean", "description": "Whether the launched EC2 instance will be EBS-optimized.\n", "willReplaceOnChanges": true }, "ec2InstanceId": { "type": "string", "description": "EC2 instance ID.\n" }, "ecsClusterArn": { "type": "string", "description": "ECS cluster's ARN for container instances.\n" }, "elasticIp": { "type": "string", "description": "Instance Elastic IP address.\n" }, "ephemeralBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceEphemeralBlockDevice:InstanceEphemeralBlockDevice" }, "description": "Configuration block for ephemeral (also known as \"Instance Store\") volumes on the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "hostname": { "type": "string", "description": "Instance's host name.\n", "willReplaceOnChanges": true }, "infrastructureClass": { "type": "string", "description": "For registered instances, infrastructure class: ec2 or on-premises.\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Controls where to install OS and package updates when the instance boots. Default is `true`.\n" }, "instanceProfileArn": { "type": "string", "description": "ARN of the instance's IAM profile.\n" }, "instanceType": { "type": "string", "description": "Type of instance to start.\n" }, "lastServiceErrorId": { "type": "string", "description": "ID of the last service error.\n" }, "layerIds": { "type": "array", "items": { "type": "string" }, "description": "List of the layers the instance will belong to.\n" }, "os": { "type": "string", "description": "Name of operating system that will be installed.\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "Instance's platform.\n" }, "privateDns": { "type": "string", "description": "Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.\n" }, "privateIp": { "type": "string", "description": "Private IP address assigned to the instance.\n" }, "publicDns": { "type": "string", "description": "Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.\n" }, "publicIp": { "type": "string", "description": "Public IP address assigned to the instance, if applicable.\n" }, "registeredBy": { "type": "string", "description": "For registered instances, who performed the registration.\n" }, "reportedAgentVersion": { "type": "string", "description": "Instance's reported AWS OpsWorks Stacks agent version.\n" }, "reportedOsFamily": { "type": "string", "description": "For registered instances, the reported operating system family.\n" }, "reportedOsName": { "type": "string", "description": "For registered instances, the reported operating system name.\n" }, "reportedOsVersion": { "type": "string", "description": "For registered instances, the reported operating system version.\n" }, "rootBlockDevices": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/InstanceRootBlockDevice:InstanceRootBlockDevice" }, "description": "Configuration block for the root block device of the instance. See Block Devices below.\n", "willReplaceOnChanges": true }, "rootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default. Valid values are `ebs` or `instance-store`.\n", "willReplaceOnChanges": true }, "rootDeviceVolumeId": { "type": "string", "description": "Root device volume ID.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Associated security groups.\n" }, "sshHostDsaKeyFingerprint": { "type": "string", "description": "SSH key's Deep Security Agent (DSA) fingerprint.\n" }, "sshHostRsaKeyFingerprint": { "type": "string", "description": "SSH key's RSA fingerprint.\n" }, "sshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "stackId": { "type": "string", "description": "Identifier of the stack the instance will belong to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "Desired state of the instance. Valid values are `running` or `stopped`.\n" }, "status": { "type": "string", "description": "Instance status. Will be one of `booting`, `connection_lost`, `online`, `pending`, `rebooting`, `requested`, `running_setup`, `setup_failed`, `shutting_down`, `start_failed`, `stop_failed`, `stopped`, `stopping`, `terminated`, or `terminating`.\n" }, "subnetId": { "type": "string", "description": "Subnet ID to attach to.\n", "willReplaceOnChanges": true }, "tenancy": { "type": "string", "description": "Instance tenancy to use. Valid values are `default`, `dedicated` or `host`.\n", "willReplaceOnChanges": true }, "virtualizationType": { "type": "string", "description": "Keyword to choose what virtualization mode created instances will use. Valid values are `paravirtual` or `hvm`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opsworks/javaAppLayer:JavaAppLayer": { "description": "Provides an OpsWorks Java application layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.JavaAppLayer(\"app\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.JavaAppLayer(\"app\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.OpsWorks.JavaAppLayer(\"app\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewJavaAppLayer(ctx, \"app\", \u0026opsworks.JavaAppLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.JavaAppLayer;\nimport com.pulumi.aws.opsworks.JavaAppLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new JavaAppLayer(\"app\", JavaAppLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:opsworks:JavaAppLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/JavaAppLayerCloudwatchConfiguration:JavaAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/JavaAppLayerLoadBasedAutoScaling:JavaAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/JavaAppLayerCloudwatchConfiguration:JavaAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/JavaAppLayerLoadBasedAutoScaling:JavaAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering JavaAppLayer resources.\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the application container to use. Defaults to \"tomcat\".\n" }, "appServerVersion": { "type": "string", "description": "Version of the selected application container to use. Defaults to \"7\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/JavaAppLayerCloudwatchConfiguration:JavaAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/JavaAppLayerEbsVolume:JavaAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "jvmOptions": { "type": "string", "description": "Options to set for the JVM.\n" }, "jvmType": { "type": "string", "description": "Keyword for the type of JVM to use. Defaults to `openjdk`.\n" }, "jvmVersion": { "type": "string", "description": "Version of JVM to use. Defaults to \"7\".\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/JavaAppLayerLoadBasedAutoScaling:JavaAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/memcachedLayer:MemcachedLayer": { "description": "Provides an OpsWorks memcached layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cache = new aws.opsworks.MemcachedLayer(\"cache\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncache = aws.opsworks.MemcachedLayer(\"cache\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cache = new Aws.OpsWorks.MemcachedLayer(\"cache\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewMemcachedLayer(ctx, \"cache\", \u0026opsworks.MemcachedLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.MemcachedLayer;\nimport com.pulumi.aws.opsworks.MemcachedLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cache = new MemcachedLayer(\"cache\", MemcachedLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cache:\n type: aws:opsworks:MemcachedLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MemcachedLayerCloudwatchConfiguration:MemcachedLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MemcachedLayerLoadBasedAutoScaling:MemcachedLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MemcachedLayerCloudwatchConfiguration:MemcachedLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MemcachedLayerLoadBasedAutoScaling:MemcachedLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MemcachedLayer resources.\n", "properties": { "allocatedMemory": { "type": "integer", "description": "Amount of memory to allocate for the cache on each instance, in megabytes. Defaults to 512MB.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MemcachedLayerCloudwatchConfiguration:MemcachedLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MemcachedLayerEbsVolume:MemcachedLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MemcachedLayerLoadBasedAutoScaling:MemcachedLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/mysqlLayer:MysqlLayer": { "description": "Provides an OpsWorks MySQL layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst db = new aws.opsworks.MysqlLayer(\"db\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndb = aws.opsworks.MysqlLayer(\"db\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Aws.OpsWorks.MysqlLayer(\"db\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewMysqlLayer(ctx, \"db\", \u0026opsworks.MysqlLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.MysqlLayer;\nimport com.pulumi.aws.opsworks.MysqlLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new MysqlLayer(\"db\", MysqlLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: aws:opsworks:MysqlLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MysqlLayerCloudwatchConfiguration:MysqlLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MysqlLayerLoadBasedAutoScaling:MysqlLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MysqlLayerCloudwatchConfiguration:MysqlLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MysqlLayerLoadBasedAutoScaling:MysqlLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MysqlLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/MysqlLayerCloudwatchConfiguration:MysqlLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/MysqlLayerEbsVolume:MysqlLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/MysqlLayerLoadBasedAutoScaling:MysqlLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "rootPassword": { "type": "string", "description": "Root password to use for MySQL.\n" }, "rootPasswordOnAllInstances": { "type": "boolean", "description": "Whether to set the root user password to all instances in the stack so they can access the instances in this layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/nodejsAppLayer:NodejsAppLayer": { "description": "Provides an OpsWorks NodeJS application layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.NodejsAppLayer(\"app\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.NodejsAppLayer(\"app\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.OpsWorks.NodejsAppLayer(\"app\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewNodejsAppLayer(ctx, \"app\", \u0026opsworks.NodejsAppLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.NodejsAppLayer;\nimport com.pulumi.aws.opsworks.NodejsAppLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new NodejsAppLayer(\"app\", NodejsAppLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:opsworks:NodejsAppLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/NodejsAppLayerCloudwatchConfiguration:NodejsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/NodejsAppLayerLoadBasedAutoScaling:NodejsAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/NodejsAppLayerCloudwatchConfiguration:NodejsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/NodejsAppLayerLoadBasedAutoScaling:NodejsAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering NodejsAppLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/NodejsAppLayerCloudwatchConfiguration:NodejsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/NodejsAppLayerEbsVolume:NodejsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/NodejsAppLayerLoadBasedAutoScaling:NodejsAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "nodejsVersion": { "type": "string", "description": "The version of NodeJS to use. Defaults to \"0.10.38\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/permission:Permission": { "description": "Provides an OpsWorks permission resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myStackPermission = new aws.opsworks.Permission(\"my_stack_permission\", {\n allowSsh: true,\n allowSudo: true,\n level: \"iam_only\",\n userArn: user.arn,\n stackId: stack.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_stack_permission = aws.opsworks.Permission(\"my_stack_permission\",\n allow_ssh=True,\n allow_sudo=True,\n level=\"iam_only\",\n user_arn=user[\"arn\"],\n stack_id=stack[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myStackPermission = new Aws.OpsWorks.Permission(\"my_stack_permission\", new()\n {\n AllowSsh = true,\n AllowSudo = true,\n Level = \"iam_only\",\n UserArn = user.Arn,\n StackId = stack.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewPermission(ctx, \"my_stack_permission\", \u0026opsworks.PermissionArgs{\n\t\t\tAllowSsh: pulumi.Bool(true),\n\t\t\tAllowSudo: pulumi.Bool(true),\n\t\t\tLevel: pulumi.String(\"iam_only\"),\n\t\t\tUserArn: pulumi.Any(user.Arn),\n\t\t\tStackId: pulumi.Any(stack.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.Permission;\nimport com.pulumi.aws.opsworks.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myStackPermission = new Permission(\"myStackPermission\", PermissionArgs.builder()\n .allowSsh(true)\n .allowSudo(true)\n .level(\"iam_only\")\n .userArn(user.arn())\n .stackId(stack.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myStackPermission:\n type: aws:opsworks:Permission\n name: my_stack_permission\n properties:\n allowSsh: true\n allowSudo: true\n level: iam_only\n userArn: ${user.arn}\n stackId: ${stack.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n" } }, "required": [ "allowSsh", "allowSudo", "level", "stackId", "userArn" ], "inputProperties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n", "willReplaceOnChanges": true }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "stackId", "userArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Permission resources.\n", "properties": { "allowSsh": { "type": "boolean", "description": "Whether the user is allowed to use SSH to communicate with the instance\n" }, "allowSudo": { "type": "boolean", "description": "Whether the user is allowed to use sudo to elevate privileges\n" }, "level": { "type": "string", "description": "The users permission level. Mus be one of `deny`, `show`, `deploy`, `manage`, `iam_only`\n" }, "stackId": { "type": "string", "description": "The stack to set the permissions for\n", "willReplaceOnChanges": true }, "userArn": { "type": "string", "description": "The user's IAM ARN to set permissions for\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opsworks/phpAppLayer:PhpAppLayer": { "description": "Provides an OpsWorks PHP application layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.PhpAppLayer(\"app\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.PhpAppLayer(\"app\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.OpsWorks.PhpAppLayer(\"app\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewPhpAppLayer(ctx, \"app\", \u0026opsworks.PhpAppLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.PhpAppLayer;\nimport com.pulumi.aws.opsworks.PhpAppLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new PhpAppLayer(\"app\", PhpAppLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:opsworks:PhpAppLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpsWorks PHP Application Layers using the `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/phpAppLayer:PhpAppLayer bar 00000000-0000-0000-0000-000000000000\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/PhpAppLayerCloudwatchConfiguration:PhpAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/PhpAppLayerLoadBasedAutoScaling:PhpAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/PhpAppLayerCloudwatchConfiguration:PhpAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/PhpAppLayerLoadBasedAutoScaling:PhpAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PhpAppLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/PhpAppLayerCloudwatchConfiguration:PhpAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/PhpAppLayerEbsVolume:PhpAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/PhpAppLayerLoadBasedAutoScaling:PhpAppLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/railsAppLayer:RailsAppLayer": { "description": "Provides an OpsWorks Ruby on Rails application layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.opsworks.RailsAppLayer(\"app\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.opsworks.RailsAppLayer(\"app\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.OpsWorks.RailsAppLayer(\"app\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewRailsAppLayer(ctx, \"app\", \u0026opsworks.RailsAppLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.RailsAppLayer;\nimport com.pulumi.aws.opsworks.RailsAppLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new RailsAppLayer(\"app\", RailsAppLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:opsworks:RailsAppLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/RailsAppLayerCloudwatchConfiguration:RailsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/RailsAppLayerLoadBasedAutoScaling:RailsAppLayerLoadBasedAutoScaling" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/RailsAppLayerCloudwatchConfiguration:RailsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/RailsAppLayerLoadBasedAutoScaling:RailsAppLayerLoadBasedAutoScaling" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RailsAppLayer resources.\n", "properties": { "appServer": { "type": "string", "description": "Keyword for the app server to use. Defaults to \"apache_passenger\".\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "bundlerVersion": { "type": "string", "description": "When OpsWorks is managing Bundler, which version to use. Defaults to \"1.5.3\".\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/RailsAppLayerCloudwatchConfiguration:RailsAppLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the layer.\n" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/RailsAppLayerEbsVolume:RailsAppLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/RailsAppLayerLoadBasedAutoScaling:RailsAppLayerLoadBasedAutoScaling" }, "manageBundler": { "type": "boolean", "description": "Whether OpsWorks should manage bundler. On by default.\n" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "passengerVersion": { "type": "string", "description": "The version of Passenger to use. Defaults to \"4.0.46\".\n" }, "rubyVersion": { "type": "string", "description": "The version of Ruby to use. Defaults to \"2.0.0\".\n" }, "rubygemsVersion": { "type": "string", "description": "The version of RubyGems to use. Defaults to \"2.2.2\".\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/rdsDbInstance:RdsDbInstance": { "description": "Provides an OpsWorks RDS DB Instance resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myInstance = new aws.opsworks.RdsDbInstance(\"my_instance\", {\n stackId: myStack.id,\n rdsDbInstanceArn: myInstanceAwsDbInstance.arn,\n dbUser: \"someUser\",\n dbPassword: \"somePass\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_instance = aws.opsworks.RdsDbInstance(\"my_instance\",\n stack_id=my_stack[\"id\"],\n rds_db_instance_arn=my_instance_aws_db_instance[\"arn\"],\n db_user=\"someUser\",\n db_password=\"somePass\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myInstance = new Aws.OpsWorks.RdsDbInstance(\"my_instance\", new()\n {\n StackId = myStack.Id,\n RdsDbInstanceArn = myInstanceAwsDbInstance.Arn,\n DbUser = \"someUser\",\n DbPassword = \"somePass\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewRdsDbInstance(ctx, \"my_instance\", \u0026opsworks.RdsDbInstanceArgs{\n\t\t\tStackId: pulumi.Any(myStack.Id),\n\t\t\tRdsDbInstanceArn: pulumi.Any(myInstanceAwsDbInstance.Arn),\n\t\t\tDbUser: pulumi.String(\"someUser\"),\n\t\t\tDbPassword: pulumi.String(\"somePass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.RdsDbInstance;\nimport com.pulumi.aws.opsworks.RdsDbInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myInstance = new RdsDbInstance(\"myInstance\", RdsDbInstanceArgs.builder()\n .stackId(myStack.id())\n .rdsDbInstanceArn(myInstanceAwsDbInstance.arn())\n .dbUser(\"someUser\")\n .dbPassword(\"somePass\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myInstance:\n type: aws:opsworks:RdsDbInstance\n name: my_instance\n properties:\n stackId: ${myStack.id}\n rdsDbInstanceArn: ${myInstanceAwsDbInstance.arn}\n dbUser: someUser\n dbPassword: somePass\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "dbPassword": { "type": "string", "description": "A db password\n", "secret": true }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n" }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n" } }, "required": [ "dbPassword", "dbUser", "rdsDbInstanceArn", "stackId" ], "inputProperties": { "dbPassword": { "type": "string", "description": "A db password\n", "secret": true }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n", "willReplaceOnChanges": true }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbPassword", "dbUser", "rdsDbInstanceArn", "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RdsDbInstance resources.\n", "properties": { "dbPassword": { "type": "string", "description": "A db password\n", "secret": true }, "dbUser": { "type": "string", "description": "A db username\n" }, "rdsDbInstanceArn": { "type": "string", "description": "The db instance to register for this stack. Changing this will force a new resource.\n", "willReplaceOnChanges": true }, "stackId": { "type": "string", "description": "The stack to register a db instance for. Changing this will force a new resource.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opsworks/stack:Stack": { "description": "Provides an OpsWorks stack resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.opsworks.Stack(\"main\", {\n name: \"awesome-stack\",\n region: \"us-west-1\",\n serviceRoleArn: opsworksAwsIamRole.arn,\n defaultInstanceProfileArn: opsworks.arn,\n tags: {\n Name: \"foobar-stack\",\n },\n customJson: `{\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.opsworks.Stack(\"main\",\n name=\"awesome-stack\",\n region=\"us-west-1\",\n service_role_arn=opsworks_aws_iam_role[\"arn\"],\n default_instance_profile_arn=opsworks[\"arn\"],\n tags={\n \"Name\": \"foobar-stack\",\n },\n custom_json=\"\"\"{\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.OpsWorks.Stack(\"main\", new()\n {\n Name = \"awesome-stack\",\n Region = \"us-west-1\",\n ServiceRoleArn = opsworksAwsIamRole.Arn,\n DefaultInstanceProfileArn = opsworks.Arn,\n Tags = \n {\n { \"Name\", \"foobar-stack\" },\n },\n CustomJson = @\"{\n \"\"foobar\"\": {\n \"\"version\"\": \"\"1.0.0\"\"\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewStack(ctx, \"main\", \u0026opsworks.StackArgs{\n\t\t\tName: pulumi.String(\"awesome-stack\"),\n\t\t\tRegion: pulumi.String(\"us-west-1\"),\n\t\t\tServiceRoleArn: pulumi.Any(opsworksAwsIamRole.Arn),\n\t\t\tDefaultInstanceProfileArn: pulumi.Any(opsworks.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foobar-stack\"),\n\t\t\t},\n\t\t\tCustomJson: pulumi.String(\"{\\n \\\"foobar\\\": {\\n \\\"version\\\": \\\"1.0.0\\\"\\n }\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.Stack;\nimport com.pulumi.aws.opsworks.StackArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Stack(\"main\", StackArgs.builder()\n .name(\"awesome-stack\")\n .region(\"us-west-1\")\n .serviceRoleArn(opsworksAwsIamRole.arn())\n .defaultInstanceProfileArn(opsworks.arn())\n .tags(Map.of(\"Name\", \"foobar-stack\"))\n .customJson(\"\"\"\n{\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:opsworks:Stack\n properties:\n name: awesome-stack\n region: us-west-1\n serviceRoleArn: ${opsworksAwsIamRole.arn}\n defaultInstanceProfileArn: ${opsworks.arn}\n tags:\n Name: foobar-stack\n customJson: |\n {\n \"foobar\": {\n \"version\": \"1.0.0\"\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpsWorks stacks using the `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/stack:Stack bar 00000000-0000-0000-0000-000000000000\n```\n", "properties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "arn": { "type": "string" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as described below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\nCannot be set when `vpc_id` is set.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances will have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "ID of the subnet in which instances will be created by default.\nRequired if `vpc_id` is set to a VPC other than the default VPC, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames within this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n" }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n" }, "stackEndpoint": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\nIf configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are enabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks security groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that this stack belongs to.\nDefaults to the region's default VPC.\n" } }, "required": [ "agentVersion", "arn", "customCookbooksSources", "defaultAvailabilityZone", "defaultInstanceProfileArn", "defaultSubnetId", "name", "region", "serviceRoleArn", "stackEndpoint", "tagsAll", "vpcId" ], "inputProperties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as described below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\nCannot be set when `vpc_id` is set.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances will have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "ID of the subnet in which instances will be created by default.\nRequired if `vpc_id` is set to a VPC other than the default VPC, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames within this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n", "willReplaceOnChanges": true }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\nIf configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are enabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks security groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that this stack belongs to.\nDefaults to the region's default VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "defaultInstanceProfileArn", "region", "serviceRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stack resources.\n", "properties": { "agentVersion": { "type": "string", "description": "If set to `\"LATEST\"`, OpsWorks will automatically install the latest version.\n" }, "arn": { "type": "string" }, "berkshelfVersion": { "type": "string", "description": "If `manage_berkshelf` is enabled, the version of Berkshelf to use.\n" }, "color": { "type": "string", "description": "Color to paint next to the stack's resources in the OpsWorks console.\n" }, "configurationManagerName": { "type": "string", "description": "Name of the configuration manager to use. Defaults to \"Chef\".\n" }, "configurationManagerVersion": { "type": "string", "description": "Version of the configuration manager to use. Defaults to \"11.4\".\n" }, "customCookbooksSources": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StackCustomCookbooksSource:StackCustomCookbooksSource" }, "description": "When `use_custom_cookbooks` is set, provide this sub-object as described below.\n" }, "customJson": { "type": "string", "description": "Custom JSON attributes to apply to the entire stack.\n" }, "defaultAvailabilityZone": { "type": "string", "description": "Name of the availability zone where instances will be created by default.\nCannot be set when `vpc_id` is set.\n" }, "defaultInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM Instance Profile that created instances will have by default.\n" }, "defaultOs": { "type": "string", "description": "Name of OS that will be installed on instances by default.\n" }, "defaultRootDeviceType": { "type": "string", "description": "Name of the type of root device instances will have by default.\n" }, "defaultSshKeyName": { "type": "string", "description": "Name of the SSH keypair that instances will have by default.\n" }, "defaultSubnetId": { "type": "string", "description": "ID of the subnet in which instances will be created by default.\nRequired if `vpc_id` is set to a VPC other than the default VPC, and forbidden if it isn't.\n" }, "hostnameTheme": { "type": "string", "description": "Keyword representing the naming scheme that will be used for instance hostnames within this stack.\n" }, "manageBerkshelf": { "type": "boolean", "description": "Boolean value controlling whether Opsworks will run Berkshelf for this stack.\n" }, "name": { "type": "string", "description": "The name of the stack.\n" }, "region": { "type": "string", "description": "The name of the region where the stack will exist.\n", "willReplaceOnChanges": true }, "serviceRoleArn": { "type": "string", "description": "The ARN of an IAM role that the OpsWorks service will act as.\n", "willReplaceOnChanges": true }, "stackEndpoint": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\nIf configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useCustomCookbooks": { "type": "boolean", "description": "Boolean value controlling whether the custom cookbook settings are enabled.\n" }, "useOpsworksSecurityGroups": { "type": "boolean", "description": "Boolean value controlling whether the standard OpsWorks security groups apply to created instances.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that this stack belongs to.\nDefaults to the region's default VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:opsworks/staticWebLayer:StaticWebLayer": { "description": "Provides an OpsWorks static web server layer resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst web = new aws.opsworks.StaticWebLayer(\"web\", {stackId: main.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nweb = aws.opsworks.StaticWebLayer(\"web\", stack_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var web = new Aws.OpsWorks.StaticWebLayer(\"web\", new()\n {\n StackId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewStaticWebLayer(ctx, \"web\", \u0026opsworks.StaticWebLayerArgs{\n\t\t\tStackId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.StaticWebLayer;\nimport com.pulumi.aws.opsworks.StaticWebLayerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var web = new StaticWebLayer(\"web\", StaticWebLayerArgs.builder()\n .stackId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n web:\n type: aws:opsworks:StaticWebLayer\n properties:\n stackId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpsWorks static web server Layers using the `id`. For example:\n\n```sh\n$ pulumi import aws:opsworks/staticWebLayer:StaticWebLayer bar 00000000-0000-0000-0000-000000000000\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/StaticWebLayerCloudwatchConfiguration:StaticWebLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/StaticWebLayerLoadBasedAutoScaling:StaticWebLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n" }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "required": [ "arn", "ebsVolumes", "loadBasedAutoScaling", "name", "stackId", "tagsAll" ], "inputProperties": { "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/StaticWebLayerCloudwatchConfiguration:StaticWebLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/StaticWebLayerLoadBasedAutoScaling:StaticWebLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "requiredInputs": [ "stackId" ], "stateInputs": { "description": "Input properties used for looking up and filtering StaticWebLayer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name(ARN) of the layer.\n" }, "autoAssignElasticIps": { "type": "boolean", "description": "Whether to automatically assign an elastic IP address to the layer's instances.\n" }, "autoAssignPublicIps": { "type": "boolean", "description": "For stacks belonging to a VPC, whether to automatically assign a public IP address to each of the layer's instances.\n" }, "autoHealing": { "type": "boolean", "description": "Whether to enable auto-healing for the layer.\n" }, "cloudwatchConfiguration": { "$ref": "#/types/aws:opsworks/StaticWebLayerCloudwatchConfiguration:StaticWebLayerCloudwatchConfiguration" }, "customConfigureRecipes": { "type": "array", "items": { "type": "string" } }, "customDeployRecipes": { "type": "array", "items": { "type": "string" } }, "customInstanceProfileArn": { "type": "string", "description": "The ARN of an IAM profile that will be used for the layer's instances.\n" }, "customJson": { "type": "string" }, "customSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "Ids for a set of security groups to apply to the layer's instances.\n" }, "customSetupRecipes": { "type": "array", "items": { "type": "string" } }, "customShutdownRecipes": { "type": "array", "items": { "type": "string" } }, "customUndeployRecipes": { "type": "array", "items": { "type": "string" } }, "drainElbOnShutdown": { "type": "boolean", "description": "Whether to enable Elastic Load Balancing connection draining.\n" }, "ebsVolumes": { "type": "array", "items": { "$ref": "#/types/aws:opsworks/StaticWebLayerEbsVolume:StaticWebLayerEbsVolume" }, "description": "`ebs_volume` blocks, as described below, will each create an EBS volume and connect it to the layer's instances.\n" }, "elasticLoadBalancer": { "type": "string", "description": "Name of an Elastic Load Balancer to attach to this layer\n" }, "installUpdatesOnBoot": { "type": "boolean", "description": "Whether to install OS and package updates on each instance when it boots.\n" }, "instanceShutdownTimeout": { "type": "integer", "description": "The time, in seconds, that OpsWorks will wait for Chef to complete after triggering the Shutdown event.\n" }, "loadBasedAutoScaling": { "$ref": "#/types/aws:opsworks/StaticWebLayerLoadBasedAutoScaling:StaticWebLayerLoadBasedAutoScaling" }, "name": { "type": "string", "description": "A human-readable name for the layer.\n" }, "stackId": { "type": "string", "description": "ID of the stack the layer will belong to.\n", "willReplaceOnChanges": true }, "systemPackages": { "type": "array", "items": { "type": "string" }, "description": "Names of a set of system packages to install on the layer's instances.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following extra optional arguments, all lists of Chef recipe names, allow\ncustom Chef recipes to be applied to layer instances at the five different\nlifecycle events, if custom cookbooks are enabled on the layer's stack:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "useEbsOptimizedInstances": { "type": "boolean", "description": "Whether to use EBS-optimized instances.\n" } }, "type": "object" } }, "aws:opsworks/userProfile:UserProfile": { "description": "Provides an OpsWorks User Profile resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myProfile = new aws.opsworks.UserProfile(\"my_profile\", {\n userArn: user.arn,\n sshUsername: \"my_user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_profile = aws.opsworks.UserProfile(\"my_profile\",\n user_arn=user[\"arn\"],\n ssh_username=\"my_user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myProfile = new Aws.OpsWorks.UserProfile(\"my_profile\", new()\n {\n UserArn = user.Arn,\n SshUsername = \"my_user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opsworks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opsworks.NewUserProfile(ctx, \"my_profile\", \u0026opsworks.UserProfileArgs{\n\t\t\tUserArn: pulumi.Any(user.Arn),\n\t\t\tSshUsername: pulumi.String(\"my_user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opsworks.UserProfile;\nimport com.pulumi.aws.opsworks.UserProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myProfile = new UserProfile(\"myProfile\", UserProfileArgs.builder()\n .userArn(user.arn())\n .sshUsername(\"my_user\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myProfile:\n type: aws:opsworks:UserProfile\n name: my_profile\n properties:\n userArn: ${user.arn}\n sshUsername: my_user\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n" } }, "required": [ "sshUsername", "userArn" ], "inputProperties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "sshUsername", "userArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserProfile resources.\n", "properties": { "allowSelfManagement": { "type": "boolean", "description": "Whether users can specify their own SSH public key through the My Settings page\n" }, "sshPublicKey": { "type": "string", "description": "The users public key\n" }, "sshUsername": { "type": "string", "description": "The ssh username, with witch this user wants to log in\n" }, "userArn": { "type": "string", "description": "The user's IAM ARN\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:organizations/account:Account": { "description": "Provides a resource to create a member account in the current organization.\n\n\u003e **Note:** Account management must be done from the organization's root account.\n\n\u003e **Note:** By default, deleting this resource will only remove an AWS account from an organization. You must set the `close_on_deletion` flag to true to close the account. It is worth noting that quotas are enforced when using the `close_on_deletion` argument, which can produce a [CLOSE_ACCOUNT_QUOTA_EXCEEDED](https://docs.aws.amazon.com/organizations/latest/APIReference/API_CloseAccount.html) error, and require you to close the account manually.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.organizations.Account(\"account\", {\n name: \"my_new_account\",\n email: \"john@doe.org\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.organizations.Account(\"account\",\n name=\"my_new_account\",\n email=\"john@doe.org\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = new Aws.Organizations.Account(\"account\", new()\n {\n Name = \"my_new_account\",\n Email = \"john@doe.org\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewAccount(ctx, \"account\", \u0026organizations.AccountArgs{\n\t\t\tName: pulumi.String(\"my_new_account\"),\n\t\t\tEmail: pulumi.String(\"john@doe.org\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Account;\nimport com.pulumi.aws.organizations.AccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var account = new Account(\"account\", AccountArgs.builder()\n .name(\"my_new_account\")\n .email(\"john@doe.org\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: aws:organizations:Account\n properties:\n name: my_new_account\n email: john@doe.org\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the AWS member account using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:organizations/account:Account my_account 111111111111\n```\nTo import accounts that have set iam_user_access_to_billing, use the following:\n\n```sh\n$ pulumi import aws:organizations/account:Account my_account 111111111111_ALLOW\n```\nCertain resource arguments, like `role_name`, do not have an Organizations API method for reading the information after account creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "The ARN for this account.\n" }, "closeOnDeletion": { "type": "boolean", "description": "If true, a deletion event will close the account. Otherwise, it will only remove from the organization. This is not supported for GovCloud accounts.\n" }, "createGovcloud": { "type": "boolean", "description": "Whether to also create a GovCloud account. The GovCloud account is tied to the main (commercial) account this resource creates. If `true`, the GovCloud account ID is available in the `govcloud_id` attribute. The only way to manage the GovCloud account with the provider is to subsequently import the account using this resource.\n" }, "email": { "type": "string", "description": "Email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n" }, "govcloudId": { "type": "string", "description": "ID for a GovCloud account created with the account.\n" }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users and roles to access account billing information if they have the required permissions. If set to `DENY`, then only the root user (and no roles) of the new account can access account billing information. If this is unset, the AWS API will default this to `ALLOW`. If the resource is created and this option is changed, it will try to recreate the account.\n" }, "joinedMethod": { "type": "string" }, "joinedTimestamp": { "type": "string" }, "name": { "type": "string", "description": "Friendly name for the member account.\n\nThe following arguments are optional:\n" }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the root account, allowing users in the root account to assume the role, as permitted by the root account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so the provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless `ignoreChanges` is used.\n" }, "status": { "type": "string", "description": "The status of the account in the organization.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "email", "govcloudId", "joinedMethod", "joinedTimestamp", "name", "parentId", "status", "tagsAll" ], "inputProperties": { "closeOnDeletion": { "type": "boolean", "description": "If true, a deletion event will close the account. Otherwise, it will only remove from the organization. This is not supported for GovCloud accounts.\n" }, "createGovcloud": { "type": "boolean", "description": "Whether to also create a GovCloud account. The GovCloud account is tied to the main (commercial) account this resource creates. If `true`, the GovCloud account ID is available in the `govcloud_id` attribute. The only way to manage the GovCloud account with the provider is to subsequently import the account using this resource.\n" }, "email": { "type": "string", "description": "Email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n", "willReplaceOnChanges": true }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users and roles to access account billing information if they have the required permissions. If set to `DENY`, then only the root user (and no roles) of the new account can access account billing information. If this is unset, the AWS API will default this to `ALLOW`. If the resource is created and this option is changed, it will try to recreate the account.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Friendly name for the member account.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the root account, allowing users in the root account to assume the role, as permitted by the root account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so the provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless `ignoreChanges` is used.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN for this account.\n" }, "closeOnDeletion": { "type": "boolean", "description": "If true, a deletion event will close the account. Otherwise, it will only remove from the organization. This is not supported for GovCloud accounts.\n" }, "createGovcloud": { "type": "boolean", "description": "Whether to also create a GovCloud account. The GovCloud account is tied to the main (commercial) account this resource creates. If `true`, the GovCloud account ID is available in the `govcloud_id` attribute. The only way to manage the GovCloud account with the provider is to subsequently import the account using this resource.\n" }, "email": { "type": "string", "description": "Email address of the owner to assign to the new member account. This email address must not already be associated with another AWS account.\n", "willReplaceOnChanges": true }, "govcloudId": { "type": "string", "description": "ID for a GovCloud account created with the account.\n" }, "iamUserAccessToBilling": { "type": "string", "description": "If set to `ALLOW`, the new account enables IAM users and roles to access account billing information if they have the required permissions. If set to `DENY`, then only the root user (and no roles) of the new account can access account billing information. If this is unset, the AWS API will default this to `ALLOW`. If the resource is created and this option is changed, it will try to recreate the account.\n", "willReplaceOnChanges": true }, "joinedMethod": { "type": "string" }, "joinedTimestamp": { "type": "string" }, "name": { "type": "string", "description": "Friendly name for the member account.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "parentId": { "type": "string", "description": "Parent Organizational Unit ID or Root ID for the account. Defaults to the Organization default Root ID. A configuration must be present for this argument to perform drift detection.\n" }, "roleName": { "type": "string", "description": "The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the root account, allowing users in the root account to assume the role, as permitted by the root account administrator. The role has administrator permissions in the new member account. The Organizations API provides no method for reading this information after account creation, so the provider cannot perform drift detection on its value and will always show a difference for a configured value after import unless `ignoreChanges` is used.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the account in the organization.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:organizations/delegatedAdministrator:DelegatedAdministrator": { "description": "Provides a resource to manage an [AWS Organizations Delegated Administrator](https://docs.aws.amazon.com/organizations/latest/APIReference/API_RegisterDelegatedAdministrator.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.DelegatedAdministrator(\"example\", {\n accountId: \"123456789012\",\n servicePrincipal: \"principal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.DelegatedAdministrator(\"example\",\n account_id=\"123456789012\",\n service_principal=\"principal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.DelegatedAdministrator(\"example\", new()\n {\n AccountId = \"123456789012\",\n ServicePrincipal = \"principal\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewDelegatedAdministrator(ctx, \"example\", \u0026organizations.DelegatedAdministratorArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tServicePrincipal: pulumi.String(\"principal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.DelegatedAdministrator;\nimport com.pulumi.aws.organizations.DelegatedAdministratorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DelegatedAdministrator(\"example\", DelegatedAdministratorArgs.builder()\n .accountId(\"123456789012\")\n .servicePrincipal(\"principal\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:DelegatedAdministrator\n properties:\n accountId: '123456789012'\n servicePrincipal: principal\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_organizations_delegated_administrator` using the account ID and its service principal. For example:\n\n```sh\n$ pulumi import aws:organizations/delegatedAdministrator:DelegatedAdministrator example 123456789012/config.amazonaws.com\n```\n", "properties": { "accountId": { "type": "string", "description": "The account ID number of the member account in the organization to register as a delegated administrator.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the delegated administrator's account.\n" }, "delegationEnabledDate": { "type": "string", "description": "The date when the account was made a delegated administrator.\n" }, "email": { "type": "string", "description": "The email address that is associated with the delegated administrator's AWS account.\n" }, "joinedMethod": { "type": "string", "description": "The method by which the delegated administrator's account joined the organization.\n" }, "joinedTimestamp": { "type": "string", "description": "The date when the delegated administrator's account became a part of the organization.\n" }, "name": { "type": "string", "description": "The friendly name of the delegated administrator's account.\n" }, "servicePrincipal": { "type": "string", "description": "The service principal of the AWS service for which you want to make the member account a delegated administrator.\n" }, "status": { "type": "string", "description": "The status of the delegated administrator's account in the organization.\n" } }, "required": [ "accountId", "arn", "delegationEnabledDate", "email", "joinedMethod", "joinedTimestamp", "name", "servicePrincipal", "status" ], "inputProperties": { "accountId": { "type": "string", "description": "The account ID number of the member account in the organization to register as a delegated administrator.\n", "willReplaceOnChanges": true }, "servicePrincipal": { "type": "string", "description": "The service principal of the AWS service for which you want to make the member account a delegated administrator.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId", "servicePrincipal" ], "stateInputs": { "description": "Input properties used for looking up and filtering DelegatedAdministrator resources.\n", "properties": { "accountId": { "type": "string", "description": "The account ID number of the member account in the organization to register as a delegated administrator.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the delegated administrator's account.\n" }, "delegationEnabledDate": { "type": "string", "description": "The date when the account was made a delegated administrator.\n" }, "email": { "type": "string", "description": "The email address that is associated with the delegated administrator's AWS account.\n" }, "joinedMethod": { "type": "string", "description": "The method by which the delegated administrator's account joined the organization.\n" }, "joinedTimestamp": { "type": "string", "description": "The date when the delegated administrator's account became a part of the organization.\n" }, "name": { "type": "string", "description": "The friendly name of the delegated administrator's account.\n" }, "servicePrincipal": { "type": "string", "description": "The service principal of the AWS service for which you want to make the member account a delegated administrator.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the delegated administrator's account in the organization.\n" } }, "type": "object" } }, "aws:organizations/organization:Organization": { "description": "Provides a resource to create an organization.\n\n!\u003e **WARNING:** When migrating from a `feature_set` of `CONSOLIDATED_BILLING` to `ALL`, the Organization account owner will received an email stating the following: \"You started the process to enable all features for your AWS organization. As part of that process, all member accounts that joined your organization by invitation must approve the change. You don’t need approval from member accounts that you directly created from within your AWS organization.\" After all member accounts have accepted the invitation, the Organization account owner must then finalize the changes via the [AWS Console](https://console.aws.amazon.com/organizations/home#/organization/settings/migration-progress). Until these steps are performed, the provider will perpetually show a difference, and the `DescribeOrganization` API will continue to show the `FeatureSet` as `CONSOLIDATED_BILLING`. See the [AWS Organizations documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) for more information.\n\n!\u003e **WARNING:** [Warning from the AWS Docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html): \"We recommend that you enable integration between AWS Organizations and the specified AWS service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization's accounts depends on that service. For more information, see the documentation for the other AWS service.\"\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = new aws.organizations.Organization(\"org\", {\n awsServiceAccessPrincipals: [\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n ],\n featureSet: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.Organization(\"org\",\n aws_service_access_principals=[\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n ],\n feature_set=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = new Aws.Organizations.Organization(\"org\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"org\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\tpulumi.String(\"config.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var org = new Organization(\"org\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals( \n \"cloudtrail.amazonaws.com\",\n \"config.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n org:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - cloudtrail.amazonaws.com\n - config.amazonaws.com\n featureSet: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the AWS organization using the `id`. For example:\n\n```sh\n$ pulumi import aws:organizations/organization:Organization my_org o-1234567\n```\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationAccount:OrganizationAccount" }, "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the root\n" }, "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" }, "masterAccountArn": { "type": "string", "description": "ARN of the master account\n" }, "masterAccountEmail": { "type": "string", "description": "Email address of the master account\n" }, "masterAccountId": { "type": "string", "description": "Identifier of the master account\n" }, "masterAccountName": { "type": "string", "description": "Name of the master account\n" }, "nonMasterAccounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount" }, "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n" }, "roots": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRoot:OrganizationRoot" }, "description": "List of organization roots. All elements have these attributes:\n" } }, "required": [ "accounts", "arn", "masterAccountArn", "masterAccountEmail", "masterAccountId", "masterAccountName", "nonMasterAccounts", "roots" ], "inputProperties": { "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Organization resources.\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationAccount:OrganizationAccount" }, "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the root\n" }, "awsServiceAccessPrincipals": { "type": "array", "items": { "type": "string" }, "description": "List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).\n" }, "enabledPolicyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" }, "featureSet": { "type": "string", "description": "Specify \"ALL\" (default) or \"CONSOLIDATED_BILLING\".\n" }, "masterAccountArn": { "type": "string", "description": "ARN of the master account\n" }, "masterAccountEmail": { "type": "string", "description": "Email address of the master account\n" }, "masterAccountId": { "type": "string", "description": "Identifier of the master account\n" }, "masterAccountName": { "type": "string", "description": "Name of the master account\n" }, "nonMasterAccounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationNonMasterAccount:OrganizationNonMasterAccount" }, "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n" }, "roots": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationRoot:OrganizationRoot" }, "description": "List of organization roots. All elements have these attributes:\n" } }, "type": "object" } }, "aws:organizations/organizationalUnit:OrganizationalUnit": { "description": "Provides a resource to create an organizational unit.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.OrganizationalUnit(\"example\", {\n name: \"example\",\n parentId: exampleAwsOrganizationsOrganization.roots[0].id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.OrganizationalUnit(\"example\",\n name=\"example\",\n parent_id=example_aws_organizations_organization[\"roots\"][0][\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.OrganizationalUnit(\"example\", new()\n {\n Name = \"example\",\n ParentId = exampleAwsOrganizationsOrganization.Roots[0].Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganizationalUnit(ctx, \"example\", \u0026organizations.OrganizationalUnitArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParentId: pulumi.Any(exampleAwsOrganizationsOrganization.Roots[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationalUnit;\nimport com.pulumi.aws.organizations.OrganizationalUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationalUnit(\"example\", OrganizationalUnitArgs.builder()\n .name(\"example\")\n .parentId(exampleAwsOrganizationsOrganization.roots()[0].id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:OrganizationalUnit\n properties:\n name: example\n parentId: ${exampleAwsOrganizationsOrganization.roots[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Organizations Organizational Units using the `id`. For example:\n\n```sh\n$ pulumi import aws:organizations/organizationalUnit:OrganizationalUnit example ou-1234567\n```\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount" }, "description": "List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accounts", "arn", "name", "parentId", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "parentId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationalUnit resources.\n", "properties": { "accounts": { "type": "array", "items": { "$ref": "#/types/aws:organizations/OrganizationalUnitAccount:OrganizationalUnitAccount" }, "description": "List of child accounts for this Organizational Unit. Does not return account information for child Organizational Units. All elements have these attributes:\n" }, "arn": { "type": "string", "description": "ARN of the organizational unit\n" }, "name": { "type": "string", "description": "The name for the organizational unit\n" }, "parentId": { "type": "string", "description": "ID of the parent organizational unit, which may be the root\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:organizations/policy:Policy": { "description": "Provides a resource to manage an [AWS Organizations policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"*\"],\n resources: [\"*\"],\n }],\n});\nconst examplePolicy = new aws.organizations.Policy(\"example\", {\n name: \"example\",\n content: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"*\"],\n \"resources\": [\"*\"],\n}])\nexample_policy = aws.organizations.Policy(\"example\",\n name=\"example\",\n content=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Organizations.Policy(\"example\", new()\n {\n Name = \"example\",\n Content = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.NewPolicy(ctx, \"example\", \u0026organizations.PolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tContent: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.organizations.Policy;\nimport com.pulumi.aws.organizations.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"*\")\n .resources(\"*\")\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"example\")\n .content(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePolicy:\n type: aws:organizations:Policy\n name: example\n properties:\n name: example\n content: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - '*'\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_organizations_policy` using the policy ID. For example:\n\n```sh\n$ pulumi import aws:organizations/policy:Policy example p-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the policy.\n" }, "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** delete the policy and instead just remove the resource from state. This can be useful in situations where the policies (and the associated attachment) must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of policy to create. Valid values are `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY` (SCP), and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n" } }, "required": [ "arn", "content", "name", "tagsAll" ], "inputProperties": { "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** delete the policy and instead just remove the resource from state. This can be useful in situations where the policies (and the associated attachment) must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of policy to create. Valid values are `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY` (SCP), and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "content" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the policy.\n" }, "content": { "type": "string", "description": "The policy content to add to the new policy. For example, if you create a [service control policy (SCP)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html), this string must be JSON text that specifies the permissions that admins in attached accounts can delegate to their users, groups, and roles. For more information about the SCP syntax, see the [Service Control Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) and for more information on the Tag Policy syntax, see the [Tag Policy Syntax documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html).\n" }, "description": { "type": "string", "description": "A description to assign to the policy.\n" }, "name": { "type": "string", "description": "The friendly name to assign to the policy.\n" }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** delete the policy and instead just remove the resource from state. This can be useful in situations where the policies (and the associated attachment) must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of policy to create. Valid values are `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `SERVICE_CONTROL_POLICY` (SCP), and `TAG_POLICY`. Defaults to `SERVICE_CONTROL_POLICY`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:organizations/policyAttachment:PolicyAttachment": { "description": "Provides a resource to attach an AWS Organizations policy to an organization account, root, or unit.\n\n## Example Usage\n\n### Organization Account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.organizations.PolicyAttachment(\"account\", {\n policyId: example.id,\n targetId: \"123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.organizations.PolicyAttachment(\"account\",\n policy_id=example[\"id\"],\n target_id=\"123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = new Aws.Organizations.PolicyAttachment(\"account\", new()\n {\n PolicyId = example.Id,\n TargetId = \"123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewPolicyAttachment(ctx, \"account\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.Any(example.Id),\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.PolicyAttachment;\nimport com.pulumi.aws.organizations.PolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var account = new PolicyAttachment(\"account\", PolicyAttachmentArgs.builder()\n .policyId(example.id())\n .targetId(\"123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: aws:organizations:PolicyAttachment\n properties:\n policyId: ${example.id}\n targetId: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Root\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst root = new aws.organizations.PolicyAttachment(\"root\", {\n policyId: example.id,\n targetId: exampleAwsOrganizationsOrganization.roots[0].id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroot = aws.organizations.PolicyAttachment(\"root\",\n policy_id=example[\"id\"],\n target_id=example_aws_organizations_organization[\"roots\"][0][\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Aws.Organizations.PolicyAttachment(\"root\", new()\n {\n PolicyId = example.Id,\n TargetId = exampleAwsOrganizationsOrganization.Roots[0].Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewPolicyAttachment(ctx, \"root\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.Any(example.Id),\n\t\t\tTargetId: pulumi.Any(exampleAwsOrganizationsOrganization.Roots[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.PolicyAttachment;\nimport com.pulumi.aws.organizations.PolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new PolicyAttachment(\"root\", PolicyAttachmentArgs.builder()\n .policyId(example.id())\n .targetId(exampleAwsOrganizationsOrganization.roots()[0].id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: aws:organizations:PolicyAttachment\n properties:\n policyId: ${example.id}\n targetId: ${exampleAwsOrganizationsOrganization.roots[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Unit\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst unit = new aws.organizations.PolicyAttachment(\"unit\", {\n policyId: example.id,\n targetId: exampleAwsOrganizationsOrganizationalUnit.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nunit = aws.organizations.PolicyAttachment(\"unit\",\n policy_id=example[\"id\"],\n target_id=example_aws_organizations_organizational_unit[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var unit = new Aws.Organizations.PolicyAttachment(\"unit\", new()\n {\n PolicyId = example.Id,\n TargetId = exampleAwsOrganizationsOrganizationalUnit.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewPolicyAttachment(ctx, \"unit\", \u0026organizations.PolicyAttachmentArgs{\n\t\t\tPolicyId: pulumi.Any(example.Id),\n\t\t\tTargetId: pulumi.Any(exampleAwsOrganizationsOrganizationalUnit.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.PolicyAttachment;\nimport com.pulumi.aws.organizations.PolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var unit = new PolicyAttachment(\"unit\", PolicyAttachmentArgs.builder()\n .policyId(example.id())\n .targetId(exampleAwsOrganizationsOrganizationalUnit.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n unit:\n type: aws:organizations:PolicyAttachment\n properties:\n policyId: ${example.id}\n targetId: ${exampleAwsOrganizationsOrganizationalUnit.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_organizations_policy_attachment` using the target ID and policy ID. For example:\n\nWith an account target:\n\n```sh\n$ pulumi import aws:organizations/policyAttachment:PolicyAttachment account 123456789012:p-12345678\n```\n", "properties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n" }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** detach the policy and instead just remove the resource from state. This can be useful in situations where the attachment must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n" } }, "required": [ "policyId", "targetId" ], "inputProperties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** detach the policy and instead just remove the resource from state. This can be useful in situations where the attachment must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyId", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyAttachment resources.\n", "properties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want to attach to the target.\n", "willReplaceOnChanges": true }, "skipDestroy": { "type": "boolean", "description": "If set to `true`, destroy will **not** detach the policy and instead just remove the resource from state. This can be useful in situations where the attachment must be preserved to meet the AWS minimum requirement of 1 attached policy.\n" }, "targetId": { "type": "string", "description": "The unique identifier (ID) of the root, organizational unit, or account number that you want to attach the policy to.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:organizations/resourcePolicy:ResourcePolicy": { "description": "Provides a resource to manage a resource-based delegation policy that can be used to delegate policy management for AWS Organizations to specified member accounts to perform policy actions that are by default available only to the management account. See the [_AWS Organizations User Guide_](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_delegate_policies.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.ResourcePolicy(\"example\", {content: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DelegatingNecessaryDescribeListActions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\"\n },\n \"Action\": [\n \"organizations:DescribeOrganization\",\n \"organizations:DescribeOrganizationalUnit\",\n \"organizations:DescribeAccount\",\n \"organizations:DescribePolicy\",\n \"organizations:DescribeEffectivePolicy\",\n \"organizations:ListRoots\",\n \"organizations:ListOrganizationalUnitsForParent\",\n \"organizations:ListParents\",\n \"organizations:ListChildren\",\n \"organizations:ListAccounts\",\n \"organizations:ListAccountsForParent\",\n \"organizations:ListPolicies\",\n \"organizations:ListPoliciesForTarget\",\n \"organizations:ListTargetsForPolicy\",\n \"organizations:ListTagsForResource\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.ResourcePolicy(\"example\", content=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DelegatingNecessaryDescribeListActions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\"\n },\n \"Action\": [\n \"organizations:DescribeOrganization\",\n \"organizations:DescribeOrganizationalUnit\",\n \"organizations:DescribeAccount\",\n \"organizations:DescribePolicy\",\n \"organizations:DescribeEffectivePolicy\",\n \"organizations:ListRoots\",\n \"organizations:ListOrganizationalUnitsForParent\",\n \"organizations:ListParents\",\n \"organizations:ListChildren\",\n \"organizations:ListAccounts\",\n \"organizations:ListAccountsForParent\",\n \"organizations:ListPolicies\",\n \"organizations:ListPoliciesForTarget\",\n \"organizations:ListTargetsForPolicy\",\n \"organizations:ListTagsForResource\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.ResourcePolicy(\"example\", new()\n {\n Content = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Sid\"\": \"\"DelegatingNecessaryDescribeListActions\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {\n \"\"AWS\"\": \"\"arn:aws:iam::123456789012:root\"\"\n },\n \"\"Action\"\": [\n \"\"organizations:DescribeOrganization\"\",\n \"\"organizations:DescribeOrganizationalUnit\"\",\n \"\"organizations:DescribeAccount\"\",\n \"\"organizations:DescribePolicy\"\",\n \"\"organizations:DescribeEffectivePolicy\"\",\n \"\"organizations:ListRoots\"\",\n \"\"organizations:ListOrganizationalUnitsForParent\"\",\n \"\"organizations:ListParents\"\",\n \"\"organizations:ListChildren\"\",\n \"\"organizations:ListAccounts\"\",\n \"\"organizations:ListAccountsForParent\"\",\n \"\"organizations:ListPolicies\"\",\n \"\"organizations:ListPoliciesForTarget\"\",\n \"\"organizations:ListTargetsForPolicy\"\",\n \"\"organizations:ListTagsForResource\"\"\n ],\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewResourcePolicy(ctx, \"example\", \u0026organizations.ResourcePolicyArgs{\n\t\t\tContent: pulumi.String(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DelegatingNecessaryDescribeListActions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\"\n },\n \"Action\": [\n \"organizations:DescribeOrganization\",\n \"organizations:DescribeOrganizationalUnit\",\n \"organizations:DescribeAccount\",\n \"organizations:DescribePolicy\",\n \"organizations:DescribeEffectivePolicy\",\n \"organizations:ListRoots\",\n \"organizations:ListOrganizationalUnitsForParent\",\n \"organizations:ListParents\",\n \"organizations:ListChildren\",\n \"organizations:ListAccounts\",\n \"organizations:ListAccountsForParent\",\n \"organizations:ListPolicies\",\n \"organizations:ListPoliciesForTarget\",\n \"organizations:ListTargetsForPolicy\",\n \"organizations:ListTagsForResource\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.ResourcePolicy;\nimport com.pulumi.aws.organizations.ResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .content(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DelegatingNecessaryDescribeListActions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\"\n },\n \"Action\": [\n \"organizations:DescribeOrganization\",\n \"organizations:DescribeOrganizationalUnit\",\n \"organizations:DescribeAccount\",\n \"organizations:DescribePolicy\",\n \"organizations:DescribeEffectivePolicy\",\n \"organizations:ListRoots\",\n \"organizations:ListOrganizationalUnitsForParent\",\n \"organizations:ListParents\",\n \"organizations:ListChildren\",\n \"organizations:ListAccounts\",\n \"organizations:ListAccountsForParent\",\n \"organizations:ListPolicies\",\n \"organizations:ListPoliciesForTarget\",\n \"organizations:ListTargetsForPolicy\",\n \"organizations:ListTagsForResource\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:ResourcePolicy\n properties:\n content: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DelegatingNecessaryDescribeListActions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\"\n },\n \"Action\": [\n \"organizations:DescribeOrganization\",\n \"organizations:DescribeOrganizationalUnit\",\n \"organizations:DescribeAccount\",\n \"organizations:DescribePolicy\",\n \"organizations:DescribeEffectivePolicy\",\n \"organizations:ListRoots\",\n \"organizations:ListOrganizationalUnitsForParent\",\n \"organizations:ListParents\",\n \"organizations:ListChildren\",\n \"organizations:ListAccounts\",\n \"organizations:ListAccountsForParent\",\n \"organizations:ListPolicies\",\n \"organizations:ListPoliciesForTarget\",\n \"organizations:ListTargetsForPolicy\",\n \"organizations:ListTagsForResource\"\n ],\n \"Resource\": \"*\"\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_organizations_resource_policy` using the resource policy ID. For example:\n\n```sh\n$ pulumi import aws:organizations/resourcePolicy:ResourcePolicy example rp-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource policy.\n" }, "content": { "type": "string", "description": "Content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. See the [_AWS Organizations User Guide_](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_delegate_examples.html) for examples.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "content", "tagsAll" ], "inputProperties": { "content": { "type": "string", "description": "Content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. See the [_AWS Organizations User Guide_](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_delegate_examples.html) for examples.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "content" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource policy.\n" }, "content": { "type": "string", "description": "Content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. See the [_AWS Organizations User Guide_](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_delegate_examples.html) for examples.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:paymentcryptography/key:Key": { "description": "Resource for managing an AWS Payment Cryptography Control Plane Key.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.paymentcryptography.Key;\nimport com.pulumi.aws.paymentcryptography.KeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Key(\"test\", KeyArgs.builder()\n .exportable(true)\n .keyAttributes(KeyKeyAttributesArgs.builder()\n .keyAlgorithm(\"TDES_3KEY\")\n .keyClass(\"SYMMETRIC_KEY\")\n .keyUsage(\"TR31_P0_PIN_ENCRYPTION_KEY\")\n .keyModesOfUse(KeyKeyAttributesKeyModesOfUseArgs.builder()\n .decrypt(true)\n .encrypt(true)\n .wrap(true)\n .unwrap(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:paymentcryptography:Key\n properties:\n exportable: true\n keyAttributes:\n - keyAlgorithm: TDES_3KEY\n keyClass: SYMMETRIC_KEY\n keyUsage: TR31_P0_PIN_ENCRYPTION_KEY\n keyModesOfUse:\n - decrypt: true\n encrypt: true\n wrap: true\n unwrap: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Payment Cryptography Control Plane Key using the `arn:aws:payment-cryptography:us-east-1:123456789012:key/qtbojf64yshyvyzf`. For example:\n\n```sh\n$ pulumi import aws:paymentcryptography/key:Key example arn:aws:payment-cryptography:us-east-1:123456789012:key/qtbojf64yshyvyzf\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the key.\n" }, "deletionWindowInDays": { "type": "integer" }, "enabled": { "type": "boolean", "description": "Whether to enable the key.\n" }, "exportable": { "type": "boolean", "description": "Whether the key is exportable from the service.\n" }, "keyAttributes": { "$ref": "#/types/aws:paymentcryptography/KeyKeyAttributes:KeyKeyAttributes", "description": "Role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.\n\nThe following arguments are optional:\n" }, "keyCheckValue": { "type": "string", "description": "Key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.\n" }, "keyCheckValueAlgorithm": { "type": "string", "description": "Algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).\n" }, "keyOrigin": { "type": "string", "description": "Source of the key material.\n" }, "keyState": { "type": "string", "description": "State of key that is being created or deleted.\n", "language": { "csharp": { "name": "State" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:paymentcryptography/KeyTimeouts:KeyTimeouts" } }, "required": [ "arn", "deletionWindowInDays", "enabled", "exportable", "keyCheckValue", "keyCheckValueAlgorithm", "keyOrigin", "keyState", "tagsAll" ], "inputProperties": { "deletionWindowInDays": { "type": "integer" }, "enabled": { "type": "boolean", "description": "Whether to enable the key.\n" }, "exportable": { "type": "boolean", "description": "Whether the key is exportable from the service.\n" }, "keyAttributes": { "$ref": "#/types/aws:paymentcryptography/KeyKeyAttributes:KeyKeyAttributes", "description": "Role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.\n\nThe following arguments are optional:\n" }, "keyCheckValueAlgorithm": { "type": "string", "description": "Algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:paymentcryptography/KeyTimeouts:KeyTimeouts" } }, "requiredInputs": [ "exportable" ], "stateInputs": { "description": "Input properties used for looking up and filtering Key resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the key.\n" }, "deletionWindowInDays": { "type": "integer" }, "enabled": { "type": "boolean", "description": "Whether to enable the key.\n" }, "exportable": { "type": "boolean", "description": "Whether the key is exportable from the service.\n" }, "keyAttributes": { "$ref": "#/types/aws:paymentcryptography/KeyKeyAttributes:KeyKeyAttributes", "description": "Role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.\n\nThe following arguments are optional:\n" }, "keyCheckValue": { "type": "string", "description": "Key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.\n" }, "keyCheckValueAlgorithm": { "type": "string", "description": "Algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).\n" }, "keyOrigin": { "type": "string", "description": "Source of the key material.\n" }, "keyState": { "type": "string", "description": "State of key that is being created or deleted.\n", "language": { "csharp": { "name": "State" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:paymentcryptography/KeyTimeouts:KeyTimeouts" } }, "type": "object" } }, "aws:paymentcryptography/keyAlias:KeyAlias": { "description": "Resource for managing an AWS Payment Cryptography Control Plane Key Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.paymentcryptography.Key;\nimport com.pulumi.aws.paymentcryptography.KeyArgs;\nimport com.pulumi.aws.paymentcryptography.KeyAlias;\nimport com.pulumi.aws.paymentcryptography.KeyAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Key(\"test\", KeyArgs.builder()\n .exportable(true)\n .keyAttributes(KeyKeyAttributesArgs.builder()\n .keyAlgorithm(\"TDES_3KEY\")\n .keyClass(\"SYMMETRIC_KEY\")\n .keyUsage(\"TR31_P0_PIN_ENCRYPTION_KEY\")\n .keyModesOfUse(KeyKeyAttributesKeyModesOfUseArgs.builder()\n .decrypt(true)\n .encrypt(true)\n .wrap(true)\n .unwrap(true)\n .build())\n .build())\n .build());\n\n var testKeyAlias = new KeyAlias(\"testKeyAlias\", KeyAliasArgs.builder()\n .aliasName(\"alias/test-alias\")\n .keyArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:paymentcryptography:Key\n properties:\n exportable: true\n keyAttributes:\n - keyAlgorithm: TDES_3KEY\n keyClass: SYMMETRIC_KEY\n keyUsage: TR31_P0_PIN_ENCRYPTION_KEY\n keyModesOfUse:\n - decrypt: true\n encrypt: true\n wrap: true\n unwrap: true\n testKeyAlias:\n type: aws:paymentcryptography:KeyAlias\n name: test\n properties:\n aliasName: alias/test-alias\n keyArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Payment Cryptography Control Plane Key Alias using the `alias/4681482429376900170`. For example:\n\n```sh\n$ pulumi import aws:paymentcryptography/keyAlias:KeyAlias example alias/4681482429376900170\n```\n", "properties": { "aliasName": { "type": "string", "description": "Name of the Key Alias.\n\nThe following arguments are optional:\n" }, "keyArn": { "type": "string", "description": "ARN of the key.\n" } }, "required": [ "aliasName" ], "inputProperties": { "aliasName": { "type": "string", "description": "Name of the Key Alias.\n\nThe following arguments are optional:\n" }, "keyArn": { "type": "string", "description": "ARN of the key.\n" } }, "requiredInputs": [ "aliasName" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeyAlias resources.\n", "properties": { "aliasName": { "type": "string", "description": "Name of the Key Alias.\n\nThe following arguments are optional:\n" }, "keyArn": { "type": "string", "description": "ARN of the key.\n" } }, "type": "object" } }, "aws:pinpoint/admChannel:AdmChannel": { "description": "Provides a Pinpoint ADM (Amazon Device Messaging) Channel resource.\n\n\u003e **Note:** All arguments including the Client ID and Client Secret will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst channel = new aws.pinpoint.AdmChannel(\"channel\", {\n applicationId: app.applicationId,\n clientId: \"\",\n clientSecret: \"\",\n enabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nchannel = aws.pinpoint.AdmChannel(\"channel\",\n application_id=app.application_id,\n client_id=\"\",\n client_secret=\"\",\n enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var channel = new Aws.Pinpoint.AdmChannel(\"channel\", new()\n {\n ApplicationId = app.ApplicationId,\n ClientId = \"\",\n ClientSecret = \"\",\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewAdmChannel(ctx, \"channel\", \u0026pinpoint.AdmChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tClientId: pulumi.String(\"\"),\n\t\t\tClientSecret: pulumi.String(\"\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.AdmChannel;\nimport com.pulumi.aws.pinpoint.AdmChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var channel = new AdmChannel(\"channel\", AdmChannelArgs.builder()\n .applicationId(app.applicationId())\n .clientId(\"\")\n .clientSecret(\"\")\n .enabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:pinpoint:App\n channel:\n type: aws:pinpoint:AdmChannel\n properties:\n applicationId: ${app.applicationId}\n clientId:\n clientSecret:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint ADM Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/admChannel:AdmChannel channel application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "required": [ "applicationId", "clientId", "clientSecret" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "requiredInputs": [ "applicationId", "clientId", "clientSecret" ], "stateInputs": { "description": "Input properties used for looking up and filtering AdmChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "clientId": { "type": "string", "description": "Client ID (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "clientSecret": { "type": "string", "description": "Client Secret (part of OAuth Credentials) obtained via Amazon Developer Account.\n", "secret": true }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" } }, "type": "object" } }, "aws:pinpoint/apnsChannel:ApnsChannel": { "description": "Provides a Pinpoint APNs Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst apns = new aws.pinpoint.ApnsChannel(\"apns\", {\n applicationId: app.applicationId,\n certificate: std.file({\n input: \"./certificate.pem\",\n }).then(invoke =\u003e invoke.result),\n privateKey: std.file({\n input: \"./private_key.key\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\napp = aws.pinpoint.App(\"app\")\napns = aws.pinpoint.ApnsChannel(\"apns\",\n application_id=app.application_id,\n certificate=std.file(input=\"./certificate.pem\").result,\n private_key=std.file(input=\"./private_key.key\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var apns = new Aws.Pinpoint.ApnsChannel(\"apns\", new()\n {\n ApplicationId = app.ApplicationId,\n Certificate = Std.File.Invoke(new()\n {\n Input = \"./certificate.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"./private_key.key\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./certificate.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./private_key.key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewApnsChannel(ctx, \"apns\", \u0026pinpoint.ApnsChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tCertificate: pulumi.String(invokeFile.Result),\n\t\t\tPrivateKey: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.ApnsChannel;\nimport com.pulumi.aws.pinpoint.ApnsChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var apns = new ApnsChannel(\"apns\", ApnsChannelArgs.builder()\n .applicationId(app.applicationId())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"./certificate.pem\")\n .build()).result())\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"./private_key.key\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apns:\n type: aws:pinpoint:ApnsChannel\n properties:\n applicationId: ${app.applicationId}\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./certificate.pem\n Return: result\n privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./private_key.key\n Return: result\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint APNs Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/apnsChannel:ApnsChannel apns application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "type": "object" } }, "aws:pinpoint/apnsSandboxChannel:ApnsSandboxChannel": { "description": "Provides a Pinpoint APNs Sandbox Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst apnsSandbox = new aws.pinpoint.ApnsSandboxChannel(\"apns_sandbox\", {\n applicationId: app.applicationId,\n certificate: std.file({\n input: \"./certificate.pem\",\n }).then(invoke =\u003e invoke.result),\n privateKey: std.file({\n input: \"./private_key.key\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\napp = aws.pinpoint.App(\"app\")\napns_sandbox = aws.pinpoint.ApnsSandboxChannel(\"apns_sandbox\",\n application_id=app.application_id,\n certificate=std.file(input=\"./certificate.pem\").result,\n private_key=std.file(input=\"./private_key.key\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var apnsSandbox = new Aws.Pinpoint.ApnsSandboxChannel(\"apns_sandbox\", new()\n {\n ApplicationId = app.ApplicationId,\n Certificate = Std.File.Invoke(new()\n {\n Input = \"./certificate.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"./private_key.key\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./certificate.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./private_key.key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewApnsSandboxChannel(ctx, \"apns_sandbox\", \u0026pinpoint.ApnsSandboxChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tCertificate: pulumi.String(invokeFile.Result),\n\t\t\tPrivateKey: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.ApnsSandboxChannel;\nimport com.pulumi.aws.pinpoint.ApnsSandboxChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var apnsSandbox = new ApnsSandboxChannel(\"apnsSandbox\", ApnsSandboxChannelArgs.builder()\n .applicationId(app.applicationId())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"./certificate.pem\")\n .build()).result())\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"./private_key.key\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apnsSandbox:\n type: aws:pinpoint:ApnsSandboxChannel\n name: apns_sandbox\n properties:\n applicationId: ${app.applicationId}\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./certificate.pem\n Return: result\n privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./private_key.key\n Return: result\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint APNs Sandbox Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/apnsSandboxChannel:ApnsSandboxChannel apns_sandbox application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsSandboxChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs Sandbox.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "type": "object" } }, "aws:pinpoint/apnsVoipChannel:ApnsVoipChannel": { "description": "Provides a Pinpoint APNs VoIP Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst apnsVoip = new aws.pinpoint.ApnsVoipChannel(\"apns_voip\", {\n applicationId: app.applicationId,\n certificate: std.file({\n input: \"./certificate.pem\",\n }).then(invoke =\u003e invoke.result),\n privateKey: std.file({\n input: \"./private_key.key\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\napp = aws.pinpoint.App(\"app\")\napns_voip = aws.pinpoint.ApnsVoipChannel(\"apns_voip\",\n application_id=app.application_id,\n certificate=std.file(input=\"./certificate.pem\").result,\n private_key=std.file(input=\"./private_key.key\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var apnsVoip = new Aws.Pinpoint.ApnsVoipChannel(\"apns_voip\", new()\n {\n ApplicationId = app.ApplicationId,\n Certificate = Std.File.Invoke(new()\n {\n Input = \"./certificate.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"./private_key.key\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./certificate.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./private_key.key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewApnsVoipChannel(ctx, \"apns_voip\", \u0026pinpoint.ApnsVoipChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tCertificate: pulumi.String(invokeFile.Result),\n\t\t\tPrivateKey: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.ApnsVoipChannel;\nimport com.pulumi.aws.pinpoint.ApnsVoipChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var apnsVoip = new ApnsVoipChannel(\"apnsVoip\", ApnsVoipChannelArgs.builder()\n .applicationId(app.applicationId())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"./certificate.pem\")\n .build()).result())\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"./private_key.key\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apnsVoip:\n type: aws:pinpoint:ApnsVoipChannel\n name: apns_voip\n properties:\n applicationId: ${app.applicationId}\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./certificate.pem\n Return: result\n privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./private_key.key\n Return: result\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint APNs VoIP Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/apnsVoipChannel:ApnsVoipChannel apns_voip application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsVoipChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "type": "object" } }, "aws:pinpoint/apnsVoipSandboxChannel:ApnsVoipSandboxChannel": { "description": "Provides a Pinpoint APNs VoIP Sandbox Channel resource.\n\n\u003e **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst apnsVoipSandbox = new aws.pinpoint.ApnsVoipSandboxChannel(\"apns_voip_sandbox\", {\n applicationId: app.applicationId,\n certificate: std.file({\n input: \"./certificate.pem\",\n }).then(invoke =\u003e invoke.result),\n privateKey: std.file({\n input: \"./private_key.key\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\napp = aws.pinpoint.App(\"app\")\napns_voip_sandbox = aws.pinpoint.ApnsVoipSandboxChannel(\"apns_voip_sandbox\",\n application_id=app.application_id,\n certificate=std.file(input=\"./certificate.pem\").result,\n private_key=std.file(input=\"./private_key.key\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var apnsVoipSandbox = new Aws.Pinpoint.ApnsVoipSandboxChannel(\"apns_voip_sandbox\", new()\n {\n ApplicationId = app.ApplicationId,\n Certificate = Std.File.Invoke(new()\n {\n Input = \"./certificate.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n PrivateKey = Std.File.Invoke(new()\n {\n Input = \"./private_key.key\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./certificate.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile1, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"./private_key.key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewApnsVoipSandboxChannel(ctx, \"apns_voip_sandbox\", \u0026pinpoint.ApnsVoipSandboxChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tCertificate: pulumi.String(invokeFile.Result),\n\t\t\tPrivateKey: pulumi.String(invokeFile1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.ApnsVoipSandboxChannel;\nimport com.pulumi.aws.pinpoint.ApnsVoipSandboxChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var apnsVoipSandbox = new ApnsVoipSandboxChannel(\"apnsVoipSandbox\", ApnsVoipSandboxChannelArgs.builder()\n .applicationId(app.applicationId())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"./certificate.pem\")\n .build()).result())\n .privateKey(StdFunctions.file(FileArgs.builder()\n .input(\"./private_key.key\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apnsVoipSandbox:\n type: aws:pinpoint:ApnsVoipSandboxChannel\n name: apns_voip_sandbox\n properties:\n applicationId: ${app.applicationId}\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./certificate.pem\n Return: result\n privateKey:\n fn::invoke:\n Function: std:file\n Arguments:\n input: ./private_key.key\n Return: result\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint APNs VoIP Sandbox Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/apnsVoipSandboxChannel:ApnsVoipSandboxChannel apns_voip_sandbox application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "required": [ "applicationId" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApnsVoipSandboxChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "bundleId": { "type": "string", "description": "The ID assigned to your iOS app. To find this value, choose Certificates, IDs \u0026 Profiles, choose App IDs in the Identifiers section, and choose your app.\n", "secret": true }, "certificate": { "type": "string", "description": "The pem encoded TLS Certificate from Apple.\n", "secret": true }, "defaultAuthenticationMethod": { "type": "string", "description": "The default authentication method used for APNs.\n__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.\nYou can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.\nIf your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.\n\nOne of the following sets of credentials is also required.\n\nIf you choose to use __Certificate credentials__ you will have to provide:\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "privateKey": { "type": "string", "description": "The Certificate Private Key file (ie. `.key` file).\n\nIf you choose to use __Key credentials__ you will have to provide:\n", "secret": true }, "teamId": { "type": "string", "description": "The ID assigned to your Apple developer account team. This value is provided on the Membership page.\n", "secret": true }, "tokenKey": { "type": "string", "description": "The `.p8` file that you download from your Apple developer account when you create an authentication key.\n", "secret": true }, "tokenKeyId": { "type": "string", "description": "The ID assigned to your signing key. To find this value, choose Certificates, IDs \u0026 Profiles, and choose your key in the Keys section.\n", "secret": true } }, "type": "object" } }, "aws:pinpoint/app:App": { "description": "Provides a Pinpoint App resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pinpoint.App(\"example\", {\n name: \"test-app\",\n limits: {\n maximumDuration: 600,\n },\n quietTime: {\n start: \"00:00\",\n end: \"06:00\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pinpoint.App(\"example\",\n name=\"test-app\",\n limits={\n \"maximum_duration\": 600,\n },\n quiet_time={\n \"start\": \"00:00\",\n \"end\": \"06:00\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pinpoint.App(\"example\", new()\n {\n Name = \"test-app\",\n Limits = new Aws.Pinpoint.Inputs.AppLimitsArgs\n {\n MaximumDuration = 600,\n },\n QuietTime = new Aws.Pinpoint.Inputs.AppQuietTimeArgs\n {\n Start = \"00:00\",\n End = \"06:00\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pinpoint.NewApp(ctx, \"example\", \u0026pinpoint.AppArgs{\n\t\t\tName: pulumi.String(\"test-app\"),\n\t\t\tLimits: \u0026pinpoint.AppLimitsArgs{\n\t\t\t\tMaximumDuration: pulumi.Int(600),\n\t\t\t},\n\t\t\tQuietTime: \u0026pinpoint.AppQuietTimeArgs{\n\t\t\t\tStart: pulumi.String(\"00:00\"),\n\t\t\t\tEnd: pulumi.String(\"06:00\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.AppArgs;\nimport com.pulumi.aws.pinpoint.inputs.AppLimitsArgs;\nimport com.pulumi.aws.pinpoint.inputs.AppQuietTimeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .name(\"test-app\")\n .limits(AppLimitsArgs.builder()\n .maximumDuration(600)\n .build())\n .quietTime(AppQuietTimeArgs.builder()\n .start(\"00:00\")\n .end(\"06:00\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pinpoint:App\n properties:\n name: test-app\n limits:\n maximumDuration: 600\n quietTime:\n start: 00:00\n end: 06:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint App using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/app:App name application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The Application ID of the Pinpoint App.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the PinPoint Application\n" }, "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "Specifies settings for invoking an AWS Lambda function that customizes a segment for a campaign\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by Pulumi\n" }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n" }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationId", "arn", "name", "namePrefix", "tagsAll" ], "inputProperties": { "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "Specifies settings for invoking an AWS Lambda function that customizes a segment for a campaign\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by Pulumi\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n", "willReplaceOnChanges": true }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering App resources.\n", "properties": { "applicationId": { "type": "string", "description": "The Application ID of the Pinpoint App.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the PinPoint Application\n" }, "campaignHook": { "$ref": "#/types/aws:pinpoint/AppCampaignHook:AppCampaignHook", "description": "Specifies settings for invoking an AWS Lambda function that customizes a segment for a campaign\n" }, "limits": { "$ref": "#/types/aws:pinpoint/AppLimits:AppLimits", "description": "The default campaign limits for the app. These limits apply to each campaign for the app, unless the campaign overrides the default with limits of its own\n" }, "name": { "type": "string", "description": "The application name. By default generated by Pulumi\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the Pinpoint application. Conflicts with `name`\n", "willReplaceOnChanges": true }, "quietTime": { "$ref": "#/types/aws:pinpoint/AppQuietTime:AppQuietTime", "description": "The default quiet time for the app. Each campaign for this app sends no messages during this time unless the campaign overrides the default with a quiet time of its own\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:pinpoint/baiduChannel:BaiduChannel": { "description": "Provides a Pinpoint Baidu Channel resource.\n\n\u003e **Note:** All arguments including the Api Key and Secret Key will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst channel = new aws.pinpoint.BaiduChannel(\"channel\", {\n applicationId: app.applicationId,\n apiKey: \"\",\n secretKey: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nchannel = aws.pinpoint.BaiduChannel(\"channel\",\n application_id=app.application_id,\n api_key=\"\",\n secret_key=\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var channel = new Aws.Pinpoint.BaiduChannel(\"channel\", new()\n {\n ApplicationId = app.ApplicationId,\n ApiKey = \"\",\n SecretKey = \"\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewBaiduChannel(ctx, \"channel\", \u0026pinpoint.BaiduChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tApiKey: pulumi.String(\"\"),\n\t\t\tSecretKey: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.BaiduChannel;\nimport com.pulumi.aws.pinpoint.BaiduChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var channel = new BaiduChannel(\"channel\", BaiduChannelArgs.builder()\n .applicationId(app.applicationId())\n .apiKey(\"\")\n .secretKey(\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: aws:pinpoint:App\n channel:\n type: aws:pinpoint:BaiduChannel\n properties:\n applicationId: ${app.applicationId}\n apiKey:\n secretKey:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint Baidu Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/baiduChannel:BaiduChannel channel application-id\n```\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n", "secret": true } }, "required": [ "apiKey", "applicationId", "secretKey" ], "inputProperties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n", "secret": true } }, "requiredInputs": [ "apiKey", "applicationId", "secretKey" ], "stateInputs": { "description": "Input properties used for looking up and filtering BaiduChannel resources.\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Baidu.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Specifies whether to enable the channel. Defaults to `true`.\n" }, "secretKey": { "type": "string", "description": "Platform credential Secret key from Baidu.\n", "secret": true } }, "type": "object" } }, "aws:pinpoint/emailChannel:EmailChannel": { "description": "Provides a Pinpoint Email Channel resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"pinpoint.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst role = new aws.iam.Role(\"role\", {assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json)});\nconst email = new aws.pinpoint.EmailChannel(\"email\", {\n applicationId: app.applicationId,\n fromAddress: \"user@example.com\",\n roleArn: role.arn,\n});\nconst identity = new aws.ses.DomainIdentity(\"identity\", {domain: \"example.com\"});\nconst rolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\",\n ],\n resources: [\"*\"],\n }],\n});\nconst rolePolicyRolePolicy = new aws.iam.RolePolicy(\"role_policy\", {\n name: \"role_policy\",\n role: role.id,\n policy: rolePolicy.then(rolePolicy =\u003e rolePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"pinpoint.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nrole = aws.iam.Role(\"role\", assume_role_policy=assume_role.json)\nemail = aws.pinpoint.EmailChannel(\"email\",\n application_id=app.application_id,\n from_address=\"user@example.com\",\n role_arn=role.arn)\nidentity = aws.ses.DomainIdentity(\"identity\", domain=\"example.com\")\nrole_policy = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\",\n ],\n \"resources\": [\"*\"],\n}])\nrole_policy_role_policy = aws.iam.RolePolicy(\"role_policy\",\n name=\"role_policy\",\n role=role.id,\n policy=role_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"pinpoint.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var role = new Aws.Iam.Role(\"role\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var email = new Aws.Pinpoint.EmailChannel(\"email\", new()\n {\n ApplicationId = app.ApplicationId,\n FromAddress = \"user@example.com\",\n RoleArn = role.Arn,\n });\n\n var identity = new Aws.Ses.DomainIdentity(\"identity\", new()\n {\n Domain = \"example.com\",\n });\n\n var rolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var rolePolicyRolePolicy = new Aws.Iam.RolePolicy(\"role_policy\", new()\n {\n Name = \"role_policy\",\n Role = role.Id,\n Policy = rolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"pinpoint.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := iam.NewRole(ctx, \"role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewEmailChannel(ctx, \"email\", \u0026pinpoint.EmailChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tFromAddress: pulumi.String(\"user@example.com\"),\n\t\t\tRoleArn: role.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewDomainIdentity(ctx, \"identity\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"mobileanalytics:PutEvents\",\n\t\t\t\t\t\t\"mobileanalytics:PutItems\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"role_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"role_policy\"),\n\t\t\tRole: role.ID(),\n\t\t\tPolicy: pulumi.String(rolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.pinpoint.EmailChannel;\nimport com.pulumi.aws.pinpoint.EmailChannelArgs;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"pinpoint.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var role = new Role(\"role\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var email = new EmailChannel(\"email\", EmailChannelArgs.builder()\n .applicationId(app.applicationId())\n .fromAddress(\"user@example.com\")\n .roleArn(role.arn())\n .build());\n\n var identity = new DomainIdentity(\"identity\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n final var rolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"mobileanalytics:PutEvents\",\n \"mobileanalytics:PutItems\")\n .resources(\"*\")\n .build())\n .build());\n\n var rolePolicyRolePolicy = new RolePolicy(\"rolePolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"role_policy\")\n .role(role.id())\n .policy(rolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n email:\n type: aws:pinpoint:EmailChannel\n properties:\n applicationId: ${app.applicationId}\n fromAddress: user@example.com\n roleArn: ${role.arn}\n app:\n type: aws:pinpoint:App\n identity:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${assumeRole.json}\n rolePolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: role_policy\n properties:\n name: role_policy\n role: ${role.id}\n policy: ${rolePolicy.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - pinpoint.amazonaws.com\n actions:\n - sts:AssumeRole\n rolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - mobileanalytics:PutEvents\n - mobileanalytics:PutItems\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint Email Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/emailChannel:EmailChannel email application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "configurationSet": { "type": "string", "description": "The ARN of the Amazon SES configuration set that you want to apply to messages that you send through the channel.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from. You can use email only (`user@example.com`) or friendly address (`User \u003cuser@example.com\u003e`). This field comply with [RFC 5322](https://www.ietf.org/rfc/rfc5322.txt).\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "messagesPerSecond": { "type": "integer", "description": "Messages per second that can be sent.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "required": [ "applicationId", "fromAddress", "identity", "messagesPerSecond" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "configurationSet": { "type": "string", "description": "The ARN of the Amazon SES configuration set that you want to apply to messages that you send through the channel.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from. You can use email only (`user@example.com`) or friendly address (`User \u003cuser@example.com\u003e`). This field comply with [RFC 5322](https://www.ietf.org/rfc/rfc5322.txt).\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "requiredInputs": [ "applicationId", "fromAddress", "identity" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "configurationSet": { "type": "string", "description": "The ARN of the Amazon SES configuration set that you want to apply to messages that you send through the channel.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" }, "fromAddress": { "type": "string", "description": "The email address used to send emails from. You can use email only (`user@example.com`) or friendly address (`User \u003cuser@example.com\u003e`). This field comply with [RFC 5322](https://www.ietf.org/rfc/rfc5322.txt).\n" }, "identity": { "type": "string", "description": "The ARN of an identity verified with SES.\n" }, "messagesPerSecond": { "type": "integer", "description": "Messages per second that can be sent.\n" }, "roleArn": { "type": "string", "description": "The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service.\n" } }, "type": "object" } }, "aws:pinpoint/eventStream:EventStream": { "description": "Provides a Pinpoint Event Stream resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst testStream = new aws.kinesis.Stream(\"test_stream\", {\n name: \"pinpoint-kinesis-test\",\n shardCount: 1,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"pinpoint.us-east-1.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst testRole = new aws.iam.Role(\"test_role\", {assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json)});\nconst stream = new aws.pinpoint.EventStream(\"stream\", {\n applicationId: app.applicationId,\n destinationStreamArn: testStream.arn,\n roleArn: testRole.arn,\n});\nconst testRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\",\n ],\n resources: [\"arn:aws:kinesis:us-east-1:*:*/*\"],\n }],\n});\nconst testRolePolicyRolePolicy = new aws.iam.RolePolicy(\"test_role_policy\", {\n name: \"test_policy\",\n role: testRole.id,\n policy: testRolePolicy.then(testRolePolicy =\u003e testRolePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\ntest_stream = aws.kinesis.Stream(\"test_stream\",\n name=\"pinpoint-kinesis-test\",\n shard_count=1)\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"pinpoint.us-east-1.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ntest_role = aws.iam.Role(\"test_role\", assume_role_policy=assume_role.json)\nstream = aws.pinpoint.EventStream(\"stream\",\n application_id=app.application_id,\n destination_stream_arn=test_stream.arn,\n role_arn=test_role.arn)\ntest_role_policy = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\",\n ],\n \"resources\": [\"arn:aws:kinesis:us-east-1:*:*/*\"],\n}])\ntest_role_policy_role_policy = aws.iam.RolePolicy(\"test_role_policy\",\n name=\"test_policy\",\n role=test_role.id,\n policy=test_role_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var testStream = new Aws.Kinesis.Stream(\"test_stream\", new()\n {\n Name = \"pinpoint-kinesis-test\",\n ShardCount = 1,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"pinpoint.us-east-1.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var stream = new Aws.Pinpoint.EventStream(\"stream\", new()\n {\n ApplicationId = app.ApplicationId,\n DestinationStreamArn = testStream.Arn,\n RoleArn = testRole.Arn,\n });\n\n var testRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\",\n },\n Resources = new[]\n {\n \"arn:aws:kinesis:us-east-1:*:*/*\",\n },\n },\n },\n });\n\n var testRolePolicyRolePolicy = new Aws.Iam.RolePolicy(\"test_role_policy\", new()\n {\n Name = \"test_policy\",\n Role = testRole.Id,\n Policy = testRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStream, err := kinesis.NewStream(ctx, \"test_stream\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"pinpoint-kinesis-test\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"pinpoint.us-east-1.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewEventStream(ctx, \"stream\", \u0026pinpoint.EventStreamArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tDestinationStreamArn: testStream.Arn,\n\t\t\tRoleArn: testRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kinesis:PutRecords\",\n\t\t\t\t\t\t\"kinesis:DescribeStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:kinesis:us-east-1:*:*/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_role_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(testRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.pinpoint.EventStream;\nimport com.pulumi.aws.pinpoint.EventStreamArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var testStream = new Stream(\"testStream\", StreamArgs.builder()\n .name(\"pinpoint-kinesis-test\")\n .shardCount(1)\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"pinpoint.us-east-1.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var stream = new EventStream(\"stream\", EventStreamArgs.builder()\n .applicationId(app.applicationId())\n .destinationStreamArn(testStream.arn())\n .roleArn(testRole.arn())\n .build());\n\n final var testRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"kinesis:PutRecords\",\n \"kinesis:DescribeStream\")\n .resources(\"arn:aws:kinesis:us-east-1:*:*/*\")\n .build())\n .build());\n\n var testRolePolicyRolePolicy = new RolePolicy(\"testRolePolicyRolePolicy\", RolePolicyArgs.builder()\n .name(\"test_policy\")\n .role(testRole.id())\n .policy(testRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n stream:\n type: aws:pinpoint:EventStream\n properties:\n applicationId: ${app.applicationId}\n destinationStreamArn: ${testStream.arn}\n roleArn: ${testRole.arn}\n app:\n type: aws:pinpoint:App\n testStream:\n type: aws:kinesis:Stream\n name: test_stream\n properties:\n name: pinpoint-kinesis-test\n shardCount: 1\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n assumeRolePolicy: ${assumeRole.json}\n testRolePolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: test_role_policy\n properties:\n name: test_policy\n role: ${testRole.id}\n policy: ${testRolePolicy.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - pinpoint.us-east-1.amazonaws.com\n actions:\n - sts:AssumeRole\n testRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - kinesis:PutRecords\n - kinesis:DescribeStream\n resources:\n - arn:aws:kinesis:us-east-1:*:*/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint Event Stream using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/eventStream:EventStream stream application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n" }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "required": [ "applicationId", "destinationStreamArn", "roleArn" ], "inputProperties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "requiredInputs": [ "applicationId", "destinationStreamArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventStream resources.\n", "properties": { "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "destinationStreamArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Kinesis stream or Firehose delivery stream to which you want to publish events.\n" }, "roleArn": { "type": "string", "description": "The IAM role that authorizes Amazon Pinpoint to publish events to the stream in your account.\n" } }, "type": "object" } }, "aws:pinpoint/gcmChannel:GcmChannel": { "description": "Provides a Pinpoint GCM Channel resource.\n\n\u003e **Note:** Api Key argument will be stored in the raw state as plain-text.\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst gcm = new aws.pinpoint.GcmChannel(\"gcm\", {\n applicationId: app.applicationId,\n apiKey: \"api_key\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\ngcm = aws.pinpoint.GcmChannel(\"gcm\",\n application_id=app.application_id,\n api_key=\"api_key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var gcm = new Aws.Pinpoint.GcmChannel(\"gcm\", new()\n {\n ApplicationId = app.ApplicationId,\n ApiKey = \"api_key\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewGcmChannel(ctx, \"gcm\", \u0026pinpoint.GcmChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t\tApiKey: pulumi.String(\"api_key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.GcmChannel;\nimport com.pulumi.aws.pinpoint.GcmChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var gcm = new GcmChannel(\"gcm\", GcmChannelArgs.builder()\n .applicationId(app.applicationId())\n .apiKey(\"api_key\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcm:\n type: aws:pinpoint:GcmChannel\n properties:\n applicationId: ${app.applicationId}\n apiKey: api_key\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Pinpoint GCM Channel using the `application-id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/gcmChannel:GcmChannel gcm application-id\n```\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "required": [ "apiKey", "applicationId" ], "inputProperties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "requiredInputs": [ "apiKey", "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering GcmChannel resources.\n", "properties": { "apiKey": { "type": "string", "description": "Platform credential API key from Google.\n", "secret": true }, "applicationId": { "type": "string", "description": "The application ID.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. Defaults to `true`.\n" } }, "type": "object" } }, "aws:pinpoint/smsChannel:SmsChannel": { "description": "Use the `aws.pinpoint.SmsChannel` resource to manage Pinpoint SMS Channels.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst app = new aws.pinpoint.App(\"app\", {});\nconst sms = new aws.pinpoint.SmsChannel(\"sms\", {applicationId: app.applicationId});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napp = aws.pinpoint.App(\"app\")\nsms = aws.pinpoint.SmsChannel(\"sms\", application_id=app.application_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Aws.Pinpoint.App(\"app\");\n\n var sms = new Aws.Pinpoint.SmsChannel(\"sms\", new()\n {\n ApplicationId = app.ApplicationId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pinpoint\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := pinpoint.NewApp(ctx, \"app\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pinpoint.NewSmsChannel(ctx, \"sms\", \u0026pinpoint.SmsChannelArgs{\n\t\t\tApplicationId: app.ApplicationId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pinpoint.App;\nimport com.pulumi.aws.pinpoint.SmsChannel;\nimport com.pulumi.aws.pinpoint.SmsChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new App(\"app\");\n\n var sms = new SmsChannel(\"sms\", SmsChannelArgs.builder()\n .applicationId(app.applicationId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sms:\n type: aws:pinpoint:SmsChannel\n properties:\n applicationId: ${app.applicationId}\n app:\n type: aws:pinpoint:App\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the Pinpoint SMS Channel using the `application_id`. For example:\n\n```sh\n$ pulumi import aws:pinpoint/smsChannel:SmsChannel sms application-id\n```\n", "properties": { "applicationId": { "type": "string", "description": "ID of the application.\n" }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. By default, it is set to `true`.\n" }, "promotionalMessagesPerSecond": { "type": "integer", "description": "Maximum number of promotional messages that can be sent per second.\n" }, "senderId": { "type": "string", "description": "Identifier of the sender for your messages.\n" }, "shortCode": { "type": "string", "description": "Short Code registered with the phone provider.\n" }, "transactionalMessagesPerSecond": { "type": "integer", "description": "Maximum number of transactional messages per second that can be sent.\n" } }, "required": [ "applicationId", "promotionalMessagesPerSecond", "transactionalMessagesPerSecond" ], "inputProperties": { "applicationId": { "type": "string", "description": "ID of the application.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. By default, it is set to `true`.\n" }, "senderId": { "type": "string", "description": "Identifier of the sender for your messages.\n" }, "shortCode": { "type": "string", "description": "Short Code registered with the phone provider.\n" } }, "requiredInputs": [ "applicationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SmsChannel resources.\n", "properties": { "applicationId": { "type": "string", "description": "ID of the application.\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "Whether the channel is enabled or disabled. By default, it is set to `true`.\n" }, "promotionalMessagesPerSecond": { "type": "integer", "description": "Maximum number of promotional messages that can be sent per second.\n" }, "senderId": { "type": "string", "description": "Identifier of the sender for your messages.\n" }, "shortCode": { "type": "string", "description": "Short Code registered with the phone provider.\n" }, "transactionalMessagesPerSecond": { "type": "integer", "description": "Maximum number of transactional messages per second that can be sent.\n" } }, "type": "object" } }, "aws:pipes/pipe:Pipe": { "description": "Resource for managing an AWS EventBridge Pipes Pipe.\n\nYou can find out more about EventBridge Pipes in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\nEventBridge Pipes are very configurable, and may require IAM permissions to work correctly. More information on the configuration options and IAM permissions can be found in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.getCallerIdentity({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: {\n Effect: \"Allow\",\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"pipes.amazonaws.com\",\n },\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": main.then(main =\u003e main.accountId),\n },\n },\n },\n})});\nconst sourceQueue = new aws.sqs.Queue(\"source\", {});\nconst source = new aws.iam.RolePolicy(\"source\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n Resource: [sourceQueue.arn],\n }],\n }),\n});\nconst targetQueue = new aws.sqs.Queue(\"target\", {});\nconst target = new aws.iam.RolePolicy(\"target\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\"],\n Resource: [targetQueue.arn],\n }],\n }),\n});\nconst examplePipe = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: example.arn,\n source: sourceQueue.arn,\n target: targetQueue.arn,\n}, {\n dependsOn: [\n source,\n target,\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmain = aws.get_caller_identity()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pipes.amazonaws.com\",\n },\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": main.account_id,\n },\n },\n },\n}))\nsource_queue = aws.sqs.Queue(\"source\")\nsource = aws.iam.RolePolicy(\"source\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n \"Resource\": [source_queue.arn],\n }],\n }))\ntarget_queue = aws.sqs.Queue(\"target\")\ntarget = aws.iam.RolePolicy(\"target\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": [\"sqs:SendMessage\"],\n \"Resource\": [target_queue.arn],\n }],\n }))\nexample_pipe = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example.arn,\n source=source_queue.arn,\n target=target_queue.arn,\n opts = pulumi.ResourceOptions(depends_on=[\n source,\n target,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"pipes.amazonaws.com\",\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = main.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n }),\n });\n\n var sourceQueue = new Aws.Sqs.Queue(\"source\");\n\n var source = new Aws.Iam.RolePolicy(\"source\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n },\n [\"Resource\"] = new[]\n {\n sourceQueue.Arn,\n },\n },\n },\n })),\n });\n\n var targetQueue = new Aws.Sqs.Queue(\"target\");\n\n var target = new Aws.Iam.RolePolicy(\"target\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"Resource\"] = new[]\n {\n targetQueue.Arn,\n },\n },\n },\n })),\n });\n\n var examplePipe = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = example.Arn,\n Source = sourceQueue.Arn,\n Target = targetQueue.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n source,\n target,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": map[string]interface{}{\n\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\"Service\": \"pipes.amazonaws.com\",\n\t\t\t\t},\n\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\"aws:SourceAccount\": main.AccountId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsourceQueue, err := sqs.NewQueue(ctx, \"source\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsource, err := iam.NewRolePolicy(ctx, \"source\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: sourceQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:DeleteMessage\",\n\t\t\t\t\t\t\t\t\"sqs:GetQueueAttributes\",\n\t\t\t\t\t\t\t\t\"sqs:ReceiveMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttargetQueue, err := sqs.NewQueue(ctx, \"target\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttarget, err := iam.NewRolePolicy(ctx, \"target\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: targetQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson2 := string(tmpJSON2)\n\t\t\t\treturn pulumi.String(json2), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tSource: sourceQueue.Arn,\n\t\t\tTarget: targetQueue.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsource,\n\t\t\ttarget,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = AwsFunctions.getCallerIdentity();\n\n var example = new Role(\"example\", RoleArgs.builder()\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"pipes.amazonaws.com\")\n )),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", main.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n ))\n ))\n ))\n )))\n .build());\n\n var sourceQueue = new Queue(\"sourceQueue\");\n\n var source = new RolePolicy(\"source\", RolePolicyArgs.builder()\n .role(example.id())\n .policy(sourceQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"sqs:DeleteMessage\", \n \"sqs:GetQueueAttributes\", \n \"sqs:ReceiveMessage\"\n )),\n jsonProperty(\"Resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var targetQueue = new Queue(\"targetQueue\");\n\n var target = new RolePolicy(\"target\", RolePolicyArgs.builder()\n .role(example.id())\n .policy(targetQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"Resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var examplePipe = new Pipe(\"examplePipe\", PipeArgs.builder()\n .name(\"example-pipe\")\n .roleArn(example.arn())\n .source(sourceQueue.arn())\n .target(targetQueue.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n source,\n target)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n Effect: Allow\n Action: sts:AssumeRole\n Principal:\n Service: pipes.amazonaws.com\n Condition:\n StringEquals:\n aws:SourceAccount: ${main.accountId}\n source:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - sqs:DeleteMessage\n - sqs:GetQueueAttributes\n - sqs:ReceiveMessage\n Resource:\n - ${sourceQueue.arn}\n sourceQueue:\n type: aws:sqs:Queue\n name: source\n target:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - sqs:SendMessage\n Resource:\n - ${targetQueue.arn}\n targetQueue:\n type: aws:sqs:Queue\n name: target\n examplePipe:\n type: aws:pipes:Pipe\n name: example\n properties:\n name: example-pipe\n roleArn: ${example.arn}\n source: ${sourceQueue.arn}\n target: ${targetQueue.arn}\n options:\n dependson:\n - ${source}\n - ${target}\nvariables:\n main:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enrichment Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n enrichment: exampleAwsCloudwatchEventApiDestination.arn,\n enrichmentParameters: {\n httpParameters: {\n pathParameterValues: \"example-path-param\",\n headerParameters: {\n \"example-header\": \"example-value\",\n \"second-example-header\": \"second-example-value\",\n },\n queryStringParameters: {\n \"example-query-string\": \"example-value\",\n \"second-example-query-string\": \"second-example-value\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n enrichment=example_aws_cloudwatch_event_api_destination[\"arn\"],\n enrichment_parameters={\n \"http_parameters\": {\n \"path_parameter_values\": \"example-path-param\",\n \"header_parameters\": {\n \"example_header\": \"example-value\",\n \"second_example_header\": \"second-example-value\",\n },\n \"query_string_parameters\": {\n \"example_query_string\": \"example-value\",\n \"second_example_query_string\": \"second-example-value\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n Enrichment = exampleAwsCloudwatchEventApiDestination.Arn,\n EnrichmentParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersArgs\n {\n HttpParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersHttpParametersArgs\n {\n PathParameterValues = \"example-path-param\",\n HeaderParameters = \n {\n { \"example-header\", \"example-value\" },\n { \"second-example-header\", \"second-example-value\" },\n },\n QueryStringParameters = \n {\n { \"example-query-string\", \"example-value\" },\n { \"second-example-query-string\", \"second-example-value\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tEnrichment: pulumi.Any(exampleAwsCloudwatchEventApiDestination.Arn),\n\t\t\tEnrichmentParameters: \u0026pipes.PipeEnrichmentParametersArgs{\n\t\t\t\tHttpParameters: \u0026pipes.PipeEnrichmentParametersHttpParametersArgs{\n\t\t\t\t\tPathParameterValues: pulumi.String(\"example-path-param\"),\n\t\t\t\t\tHeaderParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-header\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-header\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t\tQueryStringParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-query-string\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-query-string\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersHttpParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder()\n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .enrichment(exampleAwsCloudwatchEventApiDestination.arn())\n .enrichmentParameters(PipeEnrichmentParametersArgs.builder()\n .httpParameters(PipeEnrichmentParametersHttpParametersArgs.builder()\n .pathParameterValues(\"example-path-param\")\n .headerParameters(Map.ofEntries(\n Map.entry(\"example-header\", \"example-value\"),\n Map.entry(\"second-example-header\", \"second-example-value\")\n ))\n .queryStringParameters(Map.ofEntries(\n Map.entry(\"example-query-string\", \"example-value\"),\n Map.entry(\"second-example-query-string\", \"second-example-value\")\n ))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n enrichment: ${exampleAwsCloudwatchEventApiDestination.arn}\n enrichmentParameters:\n httpParameters:\n pathParameterValues: example-path-param\n headerParameters:\n example-header: example-value\n second-example-header: second-example-value\n queryStringParameters:\n example-query-string: example-value\n second-example-query-string: second-example-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n sourceParameters: {\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n source: [\"event-source\"],\n }),\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n source_parameters={\n \"filter_criteria\": {\n \"filters\": [{\n \"pattern\": json.dumps({\n \"source\": [\"event-source\"],\n }),\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n SourceParameters = new Aws.Pipes.Inputs.PipeSourceParametersArgs\n {\n FilterCriteria = new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"event-source\",\n },\n }),\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"event-source\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tSourceParameters: \u0026pipes.PipeSourceParametersArgs{\n\t\t\t\tFilterCriteria: \u0026pipes.PipeSourceParametersFilterCriteriaArgs{\n\t\t\t\t\tFilters: pipes.PipeSourceParametersFilterCriteriaFilterArray{\n\t\t\t\t\t\t\u0026pipes.PipeSourceParametersFilterCriteriaFilterArgs{\n\t\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder()\n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .filterCriteria(PipeSourceParametersFilterCriteriaArgs.builder()\n .filters(PipeSourceParametersFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"event-source\"))\n )))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n source:\n - event-source\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS Source and Target Configuration Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersSqsQueueParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeTargetParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder()\n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .sqsQueueParameters(PipeSourceParametersSqsQueueParametersArgs.builder()\n .batchSize(1)\n .maximumBatchingWindowInSeconds(2)\n .build())\n .build())\n .targetParameters(PipeTargetParametersArgs.builder()\n .sqsQueue(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n sqsQueueParameters:\n batchSize: 1\n maximumBatchingWindowInSeconds: 2\n targetParameters:\n sqsQueue:\n - messageDeduplicationId: example-dedupe\n messageGroupId: example-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipes using the `name`. For example:\n\n```sh\n$ pulumi import aws:pipes/pipe:Pipe example my-pipe\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of this pipe.\n" }, "description": { "type": "string", "description": "A description of the pipe. At most 512 characters.\n" }, "desiredState": { "type": "string", "description": "The state the pipe should be in. One of: `RUNNING`, `STOPPED`.\n" }, "enrichment": { "type": "string", "description": "Enrichment resource of the pipe (typically an ARN). Read more about enrichment in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-enrichment).\n" }, "enrichmentParameters": { "$ref": "#/types/aws:pipes/PipeEnrichmentParameters:PipeEnrichmentParameters", "description": "Parameters to configure enrichment for your pipe. Detailed below.\n" }, "logConfiguration": { "$ref": "#/types/aws:pipes/PipeLogConfiguration:PipeLogConfiguration", "description": "Logging configuration settings for the pipe. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "roleArn": { "type": "string", "description": "ARN of the role that allows the pipe to send data to the target.\n" }, "source": { "type": "string", "description": "Source resource of the pipe. This field typically requires an ARN (Amazon Resource Name). However, when using a self-managed Kafka cluster, you should use a different format. Instead of an ARN, use 'smk://' followed by the bootstrap server's address.\n" }, "sourceParameters": { "$ref": "#/types/aws:pipes/PipeSourceParameters:PipeSourceParameters", "description": "Parameters to configure a source for the pipe. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "target": { "type": "string", "description": "Target resource of the pipe (typically an ARN).\n\nThe following arguments are optional:\n" }, "targetParameters": { "$ref": "#/types/aws:pipes/PipeTargetParameters:PipeTargetParameters", "description": "Parameters to configure a target for your pipe. Detailed below.\n" } }, "required": [ "arn", "name", "namePrefix", "roleArn", "source", "sourceParameters", "tagsAll", "target" ], "inputProperties": { "description": { "type": "string", "description": "A description of the pipe. At most 512 characters.\n" }, "desiredState": { "type": "string", "description": "The state the pipe should be in. One of: `RUNNING`, `STOPPED`.\n" }, "enrichment": { "type": "string", "description": "Enrichment resource of the pipe (typically an ARN). Read more about enrichment in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-enrichment).\n" }, "enrichmentParameters": { "$ref": "#/types/aws:pipes/PipeEnrichmentParameters:PipeEnrichmentParameters", "description": "Parameters to configure enrichment for your pipe. Detailed below.\n" }, "logConfiguration": { "$ref": "#/types/aws:pipes/PipeLogConfiguration:PipeLogConfiguration", "description": "Logging configuration settings for the pipe. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN of the role that allows the pipe to send data to the target.\n" }, "source": { "type": "string", "description": "Source resource of the pipe. This field typically requires an ARN (Amazon Resource Name). However, when using a self-managed Kafka cluster, you should use a different format. Instead of an ARN, use 'smk://' followed by the bootstrap server's address.\n", "willReplaceOnChanges": true }, "sourceParameters": { "$ref": "#/types/aws:pipes/PipeSourceParameters:PipeSourceParameters", "description": "Parameters to configure a source for the pipe. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "target": { "type": "string", "description": "Target resource of the pipe (typically an ARN).\n\nThe following arguments are optional:\n" }, "targetParameters": { "$ref": "#/types/aws:pipes/PipeTargetParameters:PipeTargetParameters", "description": "Parameters to configure a target for your pipe. Detailed below.\n" } }, "requiredInputs": [ "roleArn", "source", "target" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipe resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of this pipe.\n" }, "description": { "type": "string", "description": "A description of the pipe. At most 512 characters.\n" }, "desiredState": { "type": "string", "description": "The state the pipe should be in. One of: `RUNNING`, `STOPPED`.\n" }, "enrichment": { "type": "string", "description": "Enrichment resource of the pipe (typically an ARN). Read more about enrichment in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-enrichment).\n" }, "enrichmentParameters": { "$ref": "#/types/aws:pipes/PipeEnrichmentParameters:PipeEnrichmentParameters", "description": "Parameters to configure enrichment for your pipe. Detailed below.\n" }, "logConfiguration": { "$ref": "#/types/aws:pipes/PipeLogConfiguration:PipeLogConfiguration", "description": "Logging configuration settings for the pipe. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the pipe. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "ARN of the role that allows the pipe to send data to the target.\n" }, "source": { "type": "string", "description": "Source resource of the pipe. This field typically requires an ARN (Amazon Resource Name). However, when using a self-managed Kafka cluster, you should use a different format. Instead of an ARN, use 'smk://' followed by the bootstrap server's address.\n", "willReplaceOnChanges": true }, "sourceParameters": { "$ref": "#/types/aws:pipes/PipeSourceParameters:PipeSourceParameters", "description": "Parameters to configure a source for the pipe. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "target": { "type": "string", "description": "Target resource of the pipe (typically an ARN).\n\nThe following arguments are optional:\n" }, "targetParameters": { "$ref": "#/types/aws:pipes/PipeTargetParameters:PipeTargetParameters", "description": "Parameters to configure a target for your pipe. Detailed below.\n" } }, "type": "object" } }, "aws:qldb/ledger:Ledger": { "description": "Provides an AWS Quantum Ledger Database (QLDB) resource\n\n\u003e **NOTE:** Deletion protection is enabled by default. To successfully delete this resource via this provider, `deletion_protection = false` must be applied before attempting deletion.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample_ledger = new aws.qldb.Ledger(\"sample-ledger\", {\n name: \"sample-ledger\",\n permissionsMode: \"STANDARD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample_ledger = aws.qldb.Ledger(\"sample-ledger\",\n name=\"sample-ledger\",\n permissions_mode=\"STANDARD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample_ledger = new Aws.Qldb.Ledger(\"sample-ledger\", new()\n {\n Name = \"sample-ledger\",\n PermissionsMode = \"STANDARD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/qldb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := qldb.NewLedger(ctx, \"sample-ledger\", \u0026qldb.LedgerArgs{\n\t\t\tName: pulumi.String(\"sample-ledger\"),\n\t\t\tPermissionsMode: pulumi.String(\"STANDARD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.qldb.Ledger;\nimport com.pulumi.aws.qldb.LedgerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample_ledger = new Ledger(\"sample-ledger\", LedgerArgs.builder()\n .name(\"sample-ledger\")\n .permissionsMode(\"STANDARD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample-ledger:\n type: aws:qldb:Ledger\n properties:\n name: sample-ledger\n permissionsMode: STANDARD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QLDB Ledgers using the `name`. For example:\n\n```sh\n$ pulumi import aws:qldb/ledger:Ledger sample-ledger sample-ledger\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Ledger\n" }, "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via the provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "kmsKey": { "type": "string", "description": "The key in AWS Key Management Service (AWS KMS) to use for encryption of data at rest in the ledger. For more information, see the [AWS documentation](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html). Valid values are `\"AWS_OWNED_KMS_KEY\"` to use an AWS KMS key that is owned and managed by AWS on your behalf, or the ARN of a valid symmetric customer managed KMS key.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. By default generated by the provider.\n" }, "permissionsMode": { "type": "string", "description": "The permissions mode for the QLDB ledger instance. Specify either `ALLOW_ALL` or `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "kmsKey", "name", "permissionsMode", "tagsAll" ], "inputProperties": { "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via the provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "kmsKey": { "type": "string", "description": "The key in AWS Key Management Service (AWS KMS) to use for encryption of data at rest in the ledger. For more information, see the [AWS documentation](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html). Valid values are `\"AWS_OWNED_KMS_KEY\"` to use an AWS KMS key that is owned and managed by AWS on your behalf, or the ARN of a valid symmetric customer managed KMS key.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. By default generated by the provider.\n", "willReplaceOnChanges": true }, "permissionsMode": { "type": "string", "description": "The permissions mode for the QLDB ledger instance. Specify either `ALLOW_ALL` or `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "permissionsMode" ], "stateInputs": { "description": "Input properties used for looking up and filtering Ledger resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Ledger\n" }, "deletionProtection": { "type": "boolean", "description": "The deletion protection for the QLDB Ledger instance. By default it is `true`. To delete this resource via the provider, this value must be configured to `false` and applied first before attempting deletion.\n" }, "kmsKey": { "type": "string", "description": "The key in AWS Key Management Service (AWS KMS) to use for encryption of data at rest in the ledger. For more information, see the [AWS documentation](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html). Valid values are `\"AWS_OWNED_KMS_KEY\"` to use an AWS KMS key that is owned and managed by AWS on your behalf, or the ARN of a valid symmetric customer managed KMS key.\n" }, "name": { "type": "string", "description": "The friendly name for the QLDB Ledger instance. By default generated by the provider.\n", "willReplaceOnChanges": true }, "permissionsMode": { "type": "string", "description": "The permissions mode for the QLDB ledger instance. Specify either `ALLOW_ALL` or `STANDARD`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:qldb/stream:Stream": { "description": "Provides an AWS Quantum Ledger Database (QLDB) Stream resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.qldb.Stream(\"example\", {\n ledgerName: \"existing-ledger-name\",\n streamName: \"sample-ledger-stream\",\n roleArn: \"sample-role-arn\",\n inclusiveStartTime: \"2021-01-01T00:00:00Z\",\n kinesisConfiguration: {\n aggregationEnabled: false,\n streamArn: \"arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\",\n },\n tags: {\n example: \"tag\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.qldb.Stream(\"example\",\n ledger_name=\"existing-ledger-name\",\n stream_name=\"sample-ledger-stream\",\n role_arn=\"sample-role-arn\",\n inclusive_start_time=\"2021-01-01T00:00:00Z\",\n kinesis_configuration={\n \"aggregation_enabled\": False,\n \"stream_arn\": \"arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\",\n },\n tags={\n \"example\": \"tag\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Qldb.Stream(\"example\", new()\n {\n LedgerName = \"existing-ledger-name\",\n StreamName = \"sample-ledger-stream\",\n RoleArn = \"sample-role-arn\",\n InclusiveStartTime = \"2021-01-01T00:00:00Z\",\n KinesisConfiguration = new Aws.Qldb.Inputs.StreamKinesisConfigurationArgs\n {\n AggregationEnabled = false,\n StreamArn = \"arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\",\n },\n Tags = \n {\n { \"example\", \"tag\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/qldb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := qldb.NewStream(ctx, \"example\", \u0026qldb.StreamArgs{\n\t\t\tLedgerName: pulumi.String(\"existing-ledger-name\"),\n\t\t\tStreamName: pulumi.String(\"sample-ledger-stream\"),\n\t\t\tRoleArn: pulumi.String(\"sample-role-arn\"),\n\t\t\tInclusiveStartTime: pulumi.String(\"2021-01-01T00:00:00Z\"),\n\t\t\tKinesisConfiguration: \u0026qldb.StreamKinesisConfigurationArgs{\n\t\t\t\tAggregationEnabled: pulumi.Bool(false),\n\t\t\t\tStreamArn: pulumi.String(\"arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"example\": pulumi.String(\"tag\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.qldb.Stream;\nimport com.pulumi.aws.qldb.StreamArgs;\nimport com.pulumi.aws.qldb.inputs.StreamKinesisConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Stream(\"example\", StreamArgs.builder()\n .ledgerName(\"existing-ledger-name\")\n .streamName(\"sample-ledger-stream\")\n .roleArn(\"sample-role-arn\")\n .inclusiveStartTime(\"2021-01-01T00:00:00Z\")\n .kinesisConfiguration(StreamKinesisConfigurationArgs.builder()\n .aggregationEnabled(false)\n .streamArn(\"arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\")\n .build())\n .tags(Map.of(\"example\", \"tag\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:qldb:Stream\n properties:\n ledgerName: existing-ledger-name\n streamName: sample-ledger-stream\n roleArn: sample-role-arn\n inclusiveStartTime: 2021-01-01T00:00:00Z\n kinesisConfiguration:\n aggregationEnabled: false\n streamArn: arn:aws:kinesis:us-east-1:xxxxxxxxxxxx:stream/example-kinesis-stream\n tags:\n example: tag\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Stream.\n" }, "exclusiveEndTime": { "type": "string", "description": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it. It must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`.\n" }, "inclusiveStartTime": { "type": "string", "description": "The inclusive start date and time from which to start streaming journal data. This parameter must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`. This cannot be in the future and must be before `exclusive_end_time`. If you provide a value that is before the ledger's `CreationDateTime`, QLDB effectively defaults it to the ledger's `CreationDateTime`.\n" }, "kinesisConfiguration": { "$ref": "#/types/aws:qldb/StreamKinesisConfiguration:StreamKinesisConfiguration", "description": "The configuration settings of the Kinesis Data Streams destination for your stream request. Documented below.\n" }, "ledgerName": { "type": "string", "description": "The name of the QLDB ledger.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n" }, "streamName": { "type": "string", "description": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream. Your stream name must be unique among other active streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in the [Amazon QLDB Developer Guide](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "inclusiveStartTime", "kinesisConfiguration", "ledgerName", "roleArn", "streamName", "tagsAll" ], "inputProperties": { "exclusiveEndTime": { "type": "string", "description": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it. It must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`.\n", "willReplaceOnChanges": true }, "inclusiveStartTime": { "type": "string", "description": "The inclusive start date and time from which to start streaming journal data. This parameter must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`. This cannot be in the future and must be before `exclusive_end_time`. If you provide a value that is before the ledger's `CreationDateTime`, QLDB effectively defaults it to the ledger's `CreationDateTime`.\n", "willReplaceOnChanges": true }, "kinesisConfiguration": { "$ref": "#/types/aws:qldb/StreamKinesisConfiguration:StreamKinesisConfiguration", "description": "The configuration settings of the Kinesis Data Streams destination for your stream request. Documented below.\n", "willReplaceOnChanges": true }, "ledgerName": { "type": "string", "description": "The name of the QLDB ledger.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n", "willReplaceOnChanges": true }, "streamName": { "type": "string", "description": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream. Your stream name must be unique among other active streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in the [Amazon QLDB Developer Guide](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "inclusiveStartTime", "kinesisConfiguration", "ledgerName", "roleArn", "streamName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Stream resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the QLDB Stream.\n" }, "exclusiveEndTime": { "type": "string", "description": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it. It must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`.\n", "willReplaceOnChanges": true }, "inclusiveStartTime": { "type": "string", "description": "The inclusive start date and time from which to start streaming journal data. This parameter must be in ISO 8601 date and time format and in Universal Coordinated Time (UTC). For example: `\"2019-06-13T21:36:34Z\"`. This cannot be in the future and must be before `exclusive_end_time`. If you provide a value that is before the ledger's `CreationDateTime`, QLDB effectively defaults it to the ledger's `CreationDateTime`.\n", "willReplaceOnChanges": true }, "kinesisConfiguration": { "$ref": "#/types/aws:qldb/StreamKinesisConfiguration:StreamKinesisConfiguration", "description": "The configuration settings of the Kinesis Data Streams destination for your stream request. Documented below.\n", "willReplaceOnChanges": true }, "ledgerName": { "type": "string", "description": "The name of the QLDB ledger.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n", "willReplaceOnChanges": true }, "streamName": { "type": "string", "description": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream. Your stream name must be unique among other active streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in the [Amazon QLDB Developer Guide](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:quicksight/accountSubscription:AccountSubscription": { "description": "Resource for managing an AWS QuickSight Account Subscription.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst subscription = new aws.quicksight.AccountSubscription(\"subscription\", {\n accountName: \"quicksight-pulumi\",\n authenticationMethod: \"IAM_AND_QUICKSIGHT\",\n edition: \"ENTERPRISE\",\n notificationEmail: \"notification@email.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsubscription = aws.quicksight.AccountSubscription(\"subscription\",\n account_name=\"quicksight-pulumi\",\n authentication_method=\"IAM_AND_QUICKSIGHT\",\n edition=\"ENTERPRISE\",\n notification_email=\"notification@email.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var subscription = new Aws.Quicksight.AccountSubscription(\"subscription\", new()\n {\n AccountName = \"quicksight-pulumi\",\n AuthenticationMethod = \"IAM_AND_QUICKSIGHT\",\n Edition = \"ENTERPRISE\",\n NotificationEmail = \"notification@email.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewAccountSubscription(ctx, \"subscription\", \u0026quicksight.AccountSubscriptionArgs{\n\t\t\tAccountName: pulumi.String(\"quicksight-pulumi\"),\n\t\t\tAuthenticationMethod: pulumi.String(\"IAM_AND_QUICKSIGHT\"),\n\t\t\tEdition: pulumi.String(\"ENTERPRISE\"),\n\t\t\tNotificationEmail: pulumi.String(\"notification@email.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.AccountSubscription;\nimport com.pulumi.aws.quicksight.AccountSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var subscription = new AccountSubscription(\"subscription\", AccountSubscriptionArgs.builder()\n .accountName(\"quicksight-pulumi\")\n .authenticationMethod(\"IAM_AND_QUICKSIGHT\")\n .edition(\"ENTERPRISE\")\n .notificationEmail(\"notification@email.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n subscription:\n type: aws:quicksight:AccountSubscription\n properties:\n accountName: quicksight-pulumi\n authenticationMethod: IAM_AND_QUICKSIGHT\n edition: ENTERPRISE\n notificationEmail: notification@email.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "accountName": { "type": "string", "description": "Name of your Amazon QuickSight account. This name is unique over all of AWS, and it appears only when users sign in.\n" }, "accountSubscriptionStatus": { "type": "string", "description": "Status of the Amazon QuickSight account's subscription.\n" }, "activeDirectoryName": { "type": "string", "description": "Name of your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n" }, "adminGroups": { "type": "array", "items": { "type": "string" }, "description": "Admin group associated with your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n" }, "authenticationMethod": { "type": "string", "description": "Method that you want to use to authenticate your Amazon QuickSight account. Currently, the valid values for this parameter are `IAM_AND_QUICKSIGHT`, `IAM_ONLY`, `IAM_IDENTITY_CENTER`, and `ACTIVE_DIRECTORY`.\n" }, "authorGroups": { "type": "array", "items": { "type": "string" }, "description": "Author group associated with your Active Directory.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID hosting the QuickSight account. Default to provider account.\n" }, "contactNumber": { "type": "string", "description": "A 10-digit phone number for the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n" }, "directoryId": { "type": "string", "description": "Active Directory ID that is associated with your Amazon QuickSight account.\n" }, "edition": { "type": "string", "description": "Edition of Amazon QuickSight that you want your account to have. Currently, you can choose from `STANDARD`, `ENTERPRISE` or `ENTERPRISE_AND_Q`.\n" }, "emailAddress": { "type": "string", "description": "Email address of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n" }, "firstName": { "type": "string", "description": "First name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n" }, "iamIdentityCenterInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM Identity Center instance.\n" }, "lastName": { "type": "string", "description": "Last name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n" }, "notificationEmail": { "type": "string", "description": "Email address that you want Amazon QuickSight to send notifications to regarding your Amazon QuickSight account or Amazon QuickSight subscription.\n\nThe following arguments are optional:\n" }, "readerGroups": { "type": "array", "items": { "type": "string" }, "description": "Reader group associated with your Active Direcrtory.\n" }, "realm": { "type": "string", "description": "Realm of the Active Directory that is associated with your Amazon QuickSight account.\n" } }, "required": [ "accountName", "accountSubscriptionStatus", "authenticationMethod", "awsAccountId", "edition", "notificationEmail" ], "inputProperties": { "accountName": { "type": "string", "description": "Name of your Amazon QuickSight account. This name is unique over all of AWS, and it appears only when users sign in.\n", "willReplaceOnChanges": true }, "activeDirectoryName": { "type": "string", "description": "Name of your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "adminGroups": { "type": "array", "items": { "type": "string" }, "description": "Admin group associated with your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "authenticationMethod": { "type": "string", "description": "Method that you want to use to authenticate your Amazon QuickSight account. Currently, the valid values for this parameter are `IAM_AND_QUICKSIGHT`, `IAM_ONLY`, `IAM_IDENTITY_CENTER`, and `ACTIVE_DIRECTORY`.\n", "willReplaceOnChanges": true }, "authorGroups": { "type": "array", "items": { "type": "string" }, "description": "Author group associated with your Active Directory.\n", "willReplaceOnChanges": true }, "awsAccountId": { "type": "string", "description": "AWS account ID hosting the QuickSight account. Default to provider account.\n", "willReplaceOnChanges": true }, "contactNumber": { "type": "string", "description": "A 10-digit phone number for the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "directoryId": { "type": "string", "description": "Active Directory ID that is associated with your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "edition": { "type": "string", "description": "Edition of Amazon QuickSight that you want your account to have. Currently, you can choose from `STANDARD`, `ENTERPRISE` or `ENTERPRISE_AND_Q`.\n", "willReplaceOnChanges": true }, "emailAddress": { "type": "string", "description": "Email address of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "firstName": { "type": "string", "description": "First name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "iamIdentityCenterInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM Identity Center instance.\n", "willReplaceOnChanges": true }, "lastName": { "type": "string", "description": "Last name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "notificationEmail": { "type": "string", "description": "Email address that you want Amazon QuickSight to send notifications to regarding your Amazon QuickSight account or Amazon QuickSight subscription.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "readerGroups": { "type": "array", "items": { "type": "string" }, "description": "Reader group associated with your Active Direcrtory.\n", "willReplaceOnChanges": true }, "realm": { "type": "string", "description": "Realm of the Active Directory that is associated with your Amazon QuickSight account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountName", "authenticationMethod", "edition", "notificationEmail" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountSubscription resources.\n", "properties": { "accountName": { "type": "string", "description": "Name of your Amazon QuickSight account. This name is unique over all of AWS, and it appears only when users sign in.\n", "willReplaceOnChanges": true }, "accountSubscriptionStatus": { "type": "string", "description": "Status of the Amazon QuickSight account's subscription.\n" }, "activeDirectoryName": { "type": "string", "description": "Name of your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "adminGroups": { "type": "array", "items": { "type": "string" }, "description": "Admin group associated with your Active Directory. This field is required if `ACTIVE_DIRECTORY` is the selected authentication method of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "authenticationMethod": { "type": "string", "description": "Method that you want to use to authenticate your Amazon QuickSight account. Currently, the valid values for this parameter are `IAM_AND_QUICKSIGHT`, `IAM_ONLY`, `IAM_IDENTITY_CENTER`, and `ACTIVE_DIRECTORY`.\n", "willReplaceOnChanges": true }, "authorGroups": { "type": "array", "items": { "type": "string" }, "description": "Author group associated with your Active Directory.\n", "willReplaceOnChanges": true }, "awsAccountId": { "type": "string", "description": "AWS account ID hosting the QuickSight account. Default to provider account.\n", "willReplaceOnChanges": true }, "contactNumber": { "type": "string", "description": "A 10-digit phone number for the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "directoryId": { "type": "string", "description": "Active Directory ID that is associated with your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "edition": { "type": "string", "description": "Edition of Amazon QuickSight that you want your account to have. Currently, you can choose from `STANDARD`, `ENTERPRISE` or `ENTERPRISE_AND_Q`.\n", "willReplaceOnChanges": true }, "emailAddress": { "type": "string", "description": "Email address of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "firstName": { "type": "string", "description": "First name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "iamIdentityCenterInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM Identity Center instance.\n", "willReplaceOnChanges": true }, "lastName": { "type": "string", "description": "Last name of the author of the Amazon QuickSight account to use for future communications. This field is required if `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "notificationEmail": { "type": "string", "description": "Email address that you want Amazon QuickSight to send notifications to regarding your Amazon QuickSight account or Amazon QuickSight subscription.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "readerGroups": { "type": "array", "items": { "type": "string" }, "description": "Reader group associated with your Active Direcrtory.\n", "willReplaceOnChanges": true }, "realm": { "type": "string", "description": "Realm of the Active Directory that is associated with your Amazon QuickSight account.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:quicksight/analysis:Analysis": { "description": "Resource for managing a QuickSight Analysis.\n\n## Example Usage\n\n### From Source Template\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Analysis(\"example\", {\n analysisId: \"example-id\",\n name: \"example-name\",\n sourceEntity: {\n sourceTemplate: {\n arn: source.arn,\n dataSetReferences: [{\n dataSetArn: dataset.arn,\n dataSetPlaceholder: \"1\",\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Analysis(\"example\",\n analysis_id=\"example-id\",\n name=\"example-name\",\n source_entity={\n \"source_template\": {\n \"arn\": source[\"arn\"],\n \"data_set_references\": [{\n \"data_set_arn\": dataset[\"arn\"],\n \"data_set_placeholder\": \"1\",\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Analysis(\"example\", new()\n {\n AnalysisId = \"example-id\",\n Name = \"example-name\",\n SourceEntity = new Aws.Quicksight.Inputs.AnalysisSourceEntityArgs\n {\n SourceTemplate = new Aws.Quicksight.Inputs.AnalysisSourceEntitySourceTemplateArgs\n {\n Arn = source.Arn,\n DataSetReferences = new[]\n {\n new Aws.Quicksight.Inputs.AnalysisSourceEntitySourceTemplateDataSetReferenceArgs\n {\n DataSetArn = dataset.Arn,\n DataSetPlaceholder = \"1\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewAnalysis(ctx, \"example\", \u0026quicksight.AnalysisArgs{\n\t\t\tAnalysisId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tSourceEntity: \u0026quicksight.AnalysisSourceEntityArgs{\n\t\t\t\tSourceTemplate: \u0026quicksight.AnalysisSourceEntitySourceTemplateArgs{\n\t\t\t\t\tArn: pulumi.Any(source.Arn),\n\t\t\t\t\tDataSetReferences: quicksight.AnalysisSourceEntitySourceTemplateDataSetReferenceArray{\n\t\t\t\t\t\t\u0026quicksight.AnalysisSourceEntitySourceTemplateDataSetReferenceArgs{\n\t\t\t\t\t\t\tDataSetArn: pulumi.Any(dataset.Arn),\n\t\t\t\t\t\t\tDataSetPlaceholder: pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Analysis;\nimport com.pulumi.aws.quicksight.AnalysisArgs;\nimport com.pulumi.aws.quicksight.inputs.AnalysisSourceEntityArgs;\nimport com.pulumi.aws.quicksight.inputs.AnalysisSourceEntitySourceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Analysis(\"example\", AnalysisArgs.builder()\n .analysisId(\"example-id\")\n .name(\"example-name\")\n .sourceEntity(AnalysisSourceEntityArgs.builder()\n .sourceTemplate(AnalysisSourceEntitySourceTemplateArgs.builder()\n .arn(source.arn())\n .dataSetReferences(AnalysisSourceEntitySourceTemplateDataSetReferenceArgs.builder()\n .dataSetArn(dataset.arn())\n .dataSetPlaceholder(\"1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Analysis\n properties:\n analysisId: example-id\n name: example-name\n sourceEntity:\n sourceTemplate:\n arn: ${source.arn}\n dataSetReferences:\n - dataSetArn: ${dataset.arn}\n dataSetPlaceholder: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Definition\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:quicksight:Analysis\n properties:\n analysisId: example-id\n name: example-name\n definition:\n dataSetIdentifiersDeclarations:\n - dataSetArn: ${dataset.arn}\n identifier: '1'\n sheets:\n - title: Example\n sheetId: Example1\n visuals:\n - lineChartVisual:\n visualId: LineChart\n title:\n formatText:\n plainText: Line Chart Example\n chartConfiguration:\n fieldWells:\n lineChartAggregatedFieldWells:\n categories:\n - categoricalDimensionField:\n fieldId: '1'\n column:\n dataSetIdentifier: '1'\n columnName: Column1\n values:\n - categoricalMeasureField:\n fieldId: '2'\n column:\n dataSetIdentifier: '1'\n columnName: Column1\n aggregationFunction: COUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Analysis using the AWS account ID and analysis ID separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/analysis:Analysis example 123456789012,example-id\n```\n", "properties": { "analysisId": { "type": "string", "description": "Identifier for the analysis.\n" }, "arn": { "type": "string", "description": "ARN of the analysis.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "createdTime": { "type": "string", "description": "The time that the analysis was created.\n" }, "lastPublishedTime": { "type": "string" }, "lastUpdatedTime": { "type": "string", "description": "The time that the analysis was last updated.\n" }, "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "parameters": { "$ref": "#/types/aws:quicksight/AnalysisParameters:AnalysisParameters", "description": "The parameters for the creation of the analysis, which you want to use to override the default settings. An analysis can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisPermission:AnalysisPermission" }, "description": "A set of resource permissions on the analysis. Maximum of 64 items. See permissions.\n" }, "recoveryWindowInDays": { "type": "integer", "description": "A value that specifies the number of days that Amazon QuickSight waits before it deletes the analysis. Use `0` to force deletion without recovery. Minimum value of `7`. Maximum value of `30`. Default to `30`.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/AnalysisSourceEntity:AnalysisSourceEntity", "description": "The entity that you are using as a source when you create the analysis (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "status": { "type": "string", "description": "The analysis creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this analysis. The theme ARN must exist in the same AWS account where you create the analysis.\n" } }, "required": [ "analysisId", "arn", "awsAccountId", "createdTime", "lastPublishedTime", "lastUpdatedTime", "name", "parameters", "status", "tagsAll" ], "inputProperties": { "analysisId": { "type": "string", "description": "Identifier for the analysis.\n", "willReplaceOnChanges": true }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "parameters": { "$ref": "#/types/aws:quicksight/AnalysisParameters:AnalysisParameters", "description": "The parameters for the creation of the analysis, which you want to use to override the default settings. An analysis can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisPermission:AnalysisPermission" }, "description": "A set of resource permissions on the analysis. Maximum of 64 items. See permissions.\n" }, "recoveryWindowInDays": { "type": "integer", "description": "A value that specifies the number of days that Amazon QuickSight waits before it deletes the analysis. Use `0` to force deletion without recovery. Minimum value of `7`. Maximum value of `30`. Default to `30`.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/AnalysisSourceEntity:AnalysisSourceEntity", "description": "The entity that you are using as a source when you create the analysis (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this analysis. The theme ARN must exist in the same AWS account where you create the analysis.\n" } }, "requiredInputs": [ "analysisId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Analysis resources.\n", "properties": { "analysisId": { "type": "string", "description": "Identifier for the analysis.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "ARN of the analysis.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "createdTime": { "type": "string", "description": "The time that the analysis was created.\n" }, "lastPublishedTime": { "type": "string" }, "lastUpdatedTime": { "type": "string", "description": "The time that the analysis was last updated.\n" }, "name": { "type": "string", "description": "Display name for the analysis.\n\nThe following arguments are optional:\n" }, "parameters": { "$ref": "#/types/aws:quicksight/AnalysisParameters:AnalysisParameters", "description": "The parameters for the creation of the analysis, which you want to use to override the default settings. An analysis can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/AnalysisPermission:AnalysisPermission" }, "description": "A set of resource permissions on the analysis. Maximum of 64 items. See permissions.\n" }, "recoveryWindowInDays": { "type": "integer", "description": "A value that specifies the number of days that Amazon QuickSight waits before it deletes the analysis. Use `0` to force deletion without recovery. Minimum value of `7`. Maximum value of `30`. Default to `30`.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/AnalysisSourceEntity:AnalysisSourceEntity", "description": "The entity that you are using as a source when you create the analysis (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "status": { "type": "string", "description": "The analysis creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this analysis. The theme ARN must exist in the same AWS account where you create the analysis.\n" } }, "type": "object" } }, "aws:quicksight/dashboard:Dashboard": { "description": "Resource for managing a QuickSight Dashboard.\n\n## Example Usage\n\n### From Source Template\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Dashboard(\"example\", {\n dashboardId: \"example-id\",\n name: \"example-name\",\n versionDescription: \"version\",\n sourceEntity: {\n sourceTemplate: {\n arn: source.arn,\n dataSetReferences: [{\n dataSetArn: dataset.arn,\n dataSetPlaceholder: \"1\",\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Dashboard(\"example\",\n dashboard_id=\"example-id\",\n name=\"example-name\",\n version_description=\"version\",\n source_entity={\n \"source_template\": {\n \"arn\": source[\"arn\"],\n \"data_set_references\": [{\n \"data_set_arn\": dataset[\"arn\"],\n \"data_set_placeholder\": \"1\",\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Dashboard(\"example\", new()\n {\n DashboardId = \"example-id\",\n Name = \"example-name\",\n VersionDescription = \"version\",\n SourceEntity = new Aws.Quicksight.Inputs.DashboardSourceEntityArgs\n {\n SourceTemplate = new Aws.Quicksight.Inputs.DashboardSourceEntitySourceTemplateArgs\n {\n Arn = source.Arn,\n DataSetReferences = new[]\n {\n new Aws.Quicksight.Inputs.DashboardSourceEntitySourceTemplateDataSetReferenceArgs\n {\n DataSetArn = dataset.Arn,\n DataSetPlaceholder = \"1\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDashboard(ctx, \"example\", \u0026quicksight.DashboardArgs{\n\t\t\tDashboardId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tVersionDescription: pulumi.String(\"version\"),\n\t\t\tSourceEntity: \u0026quicksight.DashboardSourceEntityArgs{\n\t\t\t\tSourceTemplate: \u0026quicksight.DashboardSourceEntitySourceTemplateArgs{\n\t\t\t\t\tArn: pulumi.Any(source.Arn),\n\t\t\t\t\tDataSetReferences: quicksight.DashboardSourceEntitySourceTemplateDataSetReferenceArray{\n\t\t\t\t\t\t\u0026quicksight.DashboardSourceEntitySourceTemplateDataSetReferenceArgs{\n\t\t\t\t\t\t\tDataSetArn: pulumi.Any(dataset.Arn),\n\t\t\t\t\t\t\tDataSetPlaceholder: pulumi.String(\"1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Dashboard;\nimport com.pulumi.aws.quicksight.DashboardArgs;\nimport com.pulumi.aws.quicksight.inputs.DashboardSourceEntityArgs;\nimport com.pulumi.aws.quicksight.inputs.DashboardSourceEntitySourceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Dashboard(\"example\", DashboardArgs.builder()\n .dashboardId(\"example-id\")\n .name(\"example-name\")\n .versionDescription(\"version\")\n .sourceEntity(DashboardSourceEntityArgs.builder()\n .sourceTemplate(DashboardSourceEntitySourceTemplateArgs.builder()\n .arn(source.arn())\n .dataSetReferences(DashboardSourceEntitySourceTemplateDataSetReferenceArgs.builder()\n .dataSetArn(dataset.arn())\n .dataSetPlaceholder(\"1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Dashboard\n properties:\n dashboardId: example-id\n name: example-name\n versionDescription: version\n sourceEntity:\n sourceTemplate:\n arn: ${source.arn}\n dataSetReferences:\n - dataSetArn: ${dataset.arn}\n dataSetPlaceholder: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Definition\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:quicksight:Dashboard\n properties:\n dashboardId: example-id\n name: example-name\n versionDescription: version\n definition:\n dataSetIdentifiersDeclarations:\n - dataSetArn: ${dataset.arn}\n identifier: '1'\n sheets:\n - title: Example\n sheetId: Example1\n visuals:\n - lineChartVisual:\n visualId: LineChart\n title:\n formatText:\n plainText: Line Chart Example\n chartConfiguration:\n fieldWells:\n lineChartAggregatedFieldWells:\n categories:\n - categoricalDimensionField:\n fieldId: '1'\n column:\n dataSetIdentifier: '1'\n columnName: Column1\n values:\n - categoricalMeasureField:\n fieldId: '2'\n column:\n dataSetIdentifier: '1'\n columnName: Column1\n aggregationFunction: COUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Dashboard using the AWS account ID and dashboard ID separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/dashboard:Dashboard example 123456789012,example-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the dashboard.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "createdTime": { "type": "string", "description": "The time that the dashboard was created.\n" }, "dashboardId": { "type": "string", "description": "Identifier for the dashboard.\n" }, "dashboardPublishOptions": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptions:DashboardDashboardPublishOptions", "description": "Options for publishing the dashboard. See dashboard_publish_options.\n" }, "lastPublishedTime": { "type": "string" }, "lastUpdatedTime": { "type": "string", "description": "The time that the dashboard was last updated.\n" }, "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DashboardParameters:DashboardParameters", "description": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardPermission:DashboardPermission" }, "description": "A set of resource permissions on the dashboard. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/DashboardSourceEntity:DashboardSourceEntity", "description": "The entity that you are using as a source when you create the dashboard (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "sourceEntityArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a template that was used to create this dashboard.\n" }, "status": { "type": "string", "description": "The dashboard creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. The theme ARN must exist in the same AWS account where you create the dashboard.\n" }, "versionDescription": { "type": "string", "description": "A description of the current dashboard version being created/updated.\n\nThe following arguments are optional:\n" }, "versionNumber": { "type": "integer", "description": "The version number of the dashboard version.\n" } }, "required": [ "arn", "awsAccountId", "createdTime", "dashboardId", "dashboardPublishOptions", "lastPublishedTime", "lastUpdatedTime", "name", "parameters", "sourceEntityArn", "status", "tagsAll", "versionDescription", "versionNumber" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "dashboardId": { "type": "string", "description": "Identifier for the dashboard.\n", "willReplaceOnChanges": true }, "dashboardPublishOptions": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptions:DashboardDashboardPublishOptions", "description": "Options for publishing the dashboard. See dashboard_publish_options.\n" }, "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DashboardParameters:DashboardParameters", "description": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardPermission:DashboardPermission" }, "description": "A set of resource permissions on the dashboard. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/DashboardSourceEntity:DashboardSourceEntity", "description": "The entity that you are using as a source when you create the dashboard (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. The theme ARN must exist in the same AWS account where you create the dashboard.\n" }, "versionDescription": { "type": "string", "description": "A description of the current dashboard version being created/updated.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "dashboardId", "versionDescription" ], "stateInputs": { "description": "Input properties used for looking up and filtering Dashboard resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the dashboard.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "createdTime": { "type": "string", "description": "The time that the dashboard was created.\n" }, "dashboardId": { "type": "string", "description": "Identifier for the dashboard.\n", "willReplaceOnChanges": true }, "dashboardPublishOptions": { "$ref": "#/types/aws:quicksight/DashboardDashboardPublishOptions:DashboardDashboardPublishOptions", "description": "Options for publishing the dashboard. See dashboard_publish_options.\n" }, "lastPublishedTime": { "type": "string" }, "lastUpdatedTime": { "type": "string", "description": "The time that the dashboard was last updated.\n" }, "name": { "type": "string", "description": "Display name for the dashboard.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DashboardParameters:DashboardParameters", "description": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values. See parameters.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DashboardPermission:DashboardPermission" }, "description": "A set of resource permissions on the dashboard. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/DashboardSourceEntity:DashboardSourceEntity", "description": "The entity that you are using as a source when you create the dashboard (template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "sourceEntityArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a template that was used to create this dashboard.\n" }, "status": { "type": "string", "description": "The dashboard creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. The theme ARN must exist in the same AWS account where you create the dashboard.\n" }, "versionDescription": { "type": "string", "description": "A description of the current dashboard version being created/updated.\n\nThe following arguments are optional:\n" }, "versionNumber": { "type": "integer", "description": "The version number of the dashboard version.\n" } }, "type": "object" } }, "aws:quicksight/dataSet:DataSet": { "description": "Resource for managing a QuickSight Data Set.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.DataSet(\"example\", {\n dataSetId: \"example-id\",\n name: \"example-name\",\n importMode: \"SPICE\",\n physicalTableMaps: [{\n physicalTableMapId: \"example-id\",\n s3Source: {\n dataSourceArn: exampleAwsQuicksightDataSource.arn,\n inputColumns: [{\n name: \"Column1\",\n type: \"STRING\",\n }],\n uploadSettings: {\n format: \"JSON\",\n },\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.DataSet(\"example\",\n data_set_id=\"example-id\",\n name=\"example-name\",\n import_mode=\"SPICE\",\n physical_table_maps=[{\n \"physical_table_map_id\": \"example-id\",\n \"s3_source\": {\n \"data_source_arn\": example_aws_quicksight_data_source[\"arn\"],\n \"input_columns\": [{\n \"name\": \"Column1\",\n \"type\": \"STRING\",\n }],\n \"upload_settings\": {\n \"format\": \"JSON\",\n },\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.DataSet(\"example\", new()\n {\n DataSetId = \"example-id\",\n Name = \"example-name\",\n ImportMode = \"SPICE\",\n PhysicalTableMaps = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapArgs\n {\n PhysicalTableMapId = \"example-id\",\n S3Source = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceArgs\n {\n DataSourceArn = exampleAwsQuicksightDataSource.Arn,\n InputColumns = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceInputColumnArgs\n {\n Name = \"Column1\",\n Type = \"STRING\",\n },\n },\n UploadSettings = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs\n {\n Format = \"JSON\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSet(ctx, \"example\", \u0026quicksight.DataSetArgs{\n\t\t\tDataSetId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tImportMode: pulumi.String(\"SPICE\"),\n\t\t\tPhysicalTableMaps: quicksight.DataSetPhysicalTableMapArray{\n\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapArgs{\n\t\t\t\t\tPhysicalTableMapId: pulumi.String(\"example-id\"),\n\t\t\t\t\tS3Source: \u0026quicksight.DataSetPhysicalTableMapS3SourceArgs{\n\t\t\t\t\t\tDataSourceArn: pulumi.Any(exampleAwsQuicksightDataSource.Arn),\n\t\t\t\t\t\tInputColumns: quicksight.DataSetPhysicalTableMapS3SourceInputColumnArray{\n\t\t\t\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapS3SourceInputColumnArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"STRING\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUploadSettings: \u0026quicksight.DataSetPhysicalTableMapS3SourceUploadSettingsArgs{\n\t\t\t\t\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSet;\nimport com.pulumi.aws.quicksight.DataSetArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .dataSetId(\"example-id\")\n .name(\"example-name\")\n .importMode(\"SPICE\")\n .physicalTableMaps(DataSetPhysicalTableMapArgs.builder()\n .physicalTableMapId(\"example-id\")\n .s3Source(DataSetPhysicalTableMapS3SourceArgs.builder()\n .dataSourceArn(exampleAwsQuicksightDataSource.arn())\n .inputColumns(DataSetPhysicalTableMapS3SourceInputColumnArgs.builder()\n .name(\"Column1\")\n .type(\"STRING\")\n .build())\n .uploadSettings(DataSetPhysicalTableMapS3SourceUploadSettingsArgs.builder()\n .format(\"JSON\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:DataSet\n properties:\n dataSetId: example-id\n name: example-name\n importMode: SPICE\n physicalTableMaps:\n - physicalTableMapId: example-id\n s3Source:\n dataSourceArn: ${exampleAwsQuicksightDataSource.arn}\n inputColumns:\n - name: Column1\n type: STRING\n uploadSettings:\n format: JSON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Column Level Permission Rules\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.DataSet(\"example\", {\n dataSetId: \"example-id\",\n name: \"example-name\",\n importMode: \"SPICE\",\n physicalTableMaps: [{\n physicalTableMapId: \"example-id\",\n s3Source: {\n dataSourceArn: exampleAwsQuicksightDataSource.arn,\n inputColumns: [{\n name: \"Column1\",\n type: \"STRING\",\n }],\n uploadSettings: {\n format: \"JSON\",\n },\n },\n }],\n columnLevelPermissionRules: [{\n columnNames: [\"Column1\"],\n principals: [exampleAwsQuicksightUser.arn],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.DataSet(\"example\",\n data_set_id=\"example-id\",\n name=\"example-name\",\n import_mode=\"SPICE\",\n physical_table_maps=[{\n \"physical_table_map_id\": \"example-id\",\n \"s3_source\": {\n \"data_source_arn\": example_aws_quicksight_data_source[\"arn\"],\n \"input_columns\": [{\n \"name\": \"Column1\",\n \"type\": \"STRING\",\n }],\n \"upload_settings\": {\n \"format\": \"JSON\",\n },\n },\n }],\n column_level_permission_rules=[{\n \"column_names\": [\"Column1\"],\n \"principals\": [example_aws_quicksight_user[\"arn\"]],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.DataSet(\"example\", new()\n {\n DataSetId = \"example-id\",\n Name = \"example-name\",\n ImportMode = \"SPICE\",\n PhysicalTableMaps = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapArgs\n {\n PhysicalTableMapId = \"example-id\",\n S3Source = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceArgs\n {\n DataSourceArn = exampleAwsQuicksightDataSource.Arn,\n InputColumns = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceInputColumnArgs\n {\n Name = \"Column1\",\n Type = \"STRING\",\n },\n },\n UploadSettings = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs\n {\n Format = \"JSON\",\n },\n },\n },\n },\n ColumnLevelPermissionRules = new[]\n {\n new Aws.Quicksight.Inputs.DataSetColumnLevelPermissionRuleArgs\n {\n ColumnNames = new[]\n {\n \"Column1\",\n },\n Principals = new[]\n {\n exampleAwsQuicksightUser.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSet(ctx, \"example\", \u0026quicksight.DataSetArgs{\n\t\t\tDataSetId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tImportMode: pulumi.String(\"SPICE\"),\n\t\t\tPhysicalTableMaps: quicksight.DataSetPhysicalTableMapArray{\n\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapArgs{\n\t\t\t\t\tPhysicalTableMapId: pulumi.String(\"example-id\"),\n\t\t\t\t\tS3Source: \u0026quicksight.DataSetPhysicalTableMapS3SourceArgs{\n\t\t\t\t\t\tDataSourceArn: pulumi.Any(exampleAwsQuicksightDataSource.Arn),\n\t\t\t\t\t\tInputColumns: quicksight.DataSetPhysicalTableMapS3SourceInputColumnArray{\n\t\t\t\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapS3SourceInputColumnArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"STRING\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUploadSettings: \u0026quicksight.DataSetPhysicalTableMapS3SourceUploadSettingsArgs{\n\t\t\t\t\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tColumnLevelPermissionRules: quicksight.DataSetColumnLevelPermissionRuleArray{\n\t\t\t\t\u0026quicksight.DataSetColumnLevelPermissionRuleArgs{\n\t\t\t\t\tColumnNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Column1\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsQuicksightUser.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSet;\nimport com.pulumi.aws.quicksight.DataSetArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetColumnLevelPermissionRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .dataSetId(\"example-id\")\n .name(\"example-name\")\n .importMode(\"SPICE\")\n .physicalTableMaps(DataSetPhysicalTableMapArgs.builder()\n .physicalTableMapId(\"example-id\")\n .s3Source(DataSetPhysicalTableMapS3SourceArgs.builder()\n .dataSourceArn(exampleAwsQuicksightDataSource.arn())\n .inputColumns(DataSetPhysicalTableMapS3SourceInputColumnArgs.builder()\n .name(\"Column1\")\n .type(\"STRING\")\n .build())\n .uploadSettings(DataSetPhysicalTableMapS3SourceUploadSettingsArgs.builder()\n .format(\"JSON\")\n .build())\n .build())\n .build())\n .columnLevelPermissionRules(DataSetColumnLevelPermissionRuleArgs.builder()\n .columnNames(\"Column1\")\n .principals(exampleAwsQuicksightUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:DataSet\n properties:\n dataSetId: example-id\n name: example-name\n importMode: SPICE\n physicalTableMaps:\n - physicalTableMapId: example-id\n s3Source:\n dataSourceArn: ${exampleAwsQuicksightDataSource.arn}\n inputColumns:\n - name: Column1\n type: STRING\n uploadSettings:\n format: JSON\n columnLevelPermissionRules:\n - columnNames:\n - Column1\n principals:\n - ${exampleAwsQuicksightUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Field Folders\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.DataSet(\"example\", {\n dataSetId: \"example-id\",\n name: \"example-name\",\n importMode: \"SPICE\",\n physicalTableMaps: [{\n physicalTableMapId: \"example-id\",\n s3Source: {\n dataSourceArn: exampleAwsQuicksightDataSource.arn,\n inputColumns: [{\n name: \"Column1\",\n type: \"STRING\",\n }],\n uploadSettings: {\n format: \"JSON\",\n },\n },\n }],\n fieldFolders: [{\n fieldFoldersId: \"example-id\",\n columns: [\"Column1\"],\n description: \"example description\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.DataSet(\"example\",\n data_set_id=\"example-id\",\n name=\"example-name\",\n import_mode=\"SPICE\",\n physical_table_maps=[{\n \"physical_table_map_id\": \"example-id\",\n \"s3_source\": {\n \"data_source_arn\": example_aws_quicksight_data_source[\"arn\"],\n \"input_columns\": [{\n \"name\": \"Column1\",\n \"type\": \"STRING\",\n }],\n \"upload_settings\": {\n \"format\": \"JSON\",\n },\n },\n }],\n field_folders=[{\n \"field_folders_id\": \"example-id\",\n \"columns\": [\"Column1\"],\n \"description\": \"example description\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.DataSet(\"example\", new()\n {\n DataSetId = \"example-id\",\n Name = \"example-name\",\n ImportMode = \"SPICE\",\n PhysicalTableMaps = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapArgs\n {\n PhysicalTableMapId = \"example-id\",\n S3Source = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceArgs\n {\n DataSourceArn = exampleAwsQuicksightDataSource.Arn,\n InputColumns = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceInputColumnArgs\n {\n Name = \"Column1\",\n Type = \"STRING\",\n },\n },\n UploadSettings = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs\n {\n Format = \"JSON\",\n },\n },\n },\n },\n FieldFolders = new[]\n {\n new Aws.Quicksight.Inputs.DataSetFieldFolderArgs\n {\n FieldFoldersId = \"example-id\",\n Columns = new[]\n {\n \"Column1\",\n },\n Description = \"example description\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSet(ctx, \"example\", \u0026quicksight.DataSetArgs{\n\t\t\tDataSetId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tImportMode: pulumi.String(\"SPICE\"),\n\t\t\tPhysicalTableMaps: quicksight.DataSetPhysicalTableMapArray{\n\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapArgs{\n\t\t\t\t\tPhysicalTableMapId: pulumi.String(\"example-id\"),\n\t\t\t\t\tS3Source: \u0026quicksight.DataSetPhysicalTableMapS3SourceArgs{\n\t\t\t\t\t\tDataSourceArn: pulumi.Any(exampleAwsQuicksightDataSource.Arn),\n\t\t\t\t\t\tInputColumns: quicksight.DataSetPhysicalTableMapS3SourceInputColumnArray{\n\t\t\t\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapS3SourceInputColumnArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"STRING\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUploadSettings: \u0026quicksight.DataSetPhysicalTableMapS3SourceUploadSettingsArgs{\n\t\t\t\t\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tFieldFolders: quicksight.DataSetFieldFolderArray{\n\t\t\t\t\u0026quicksight.DataSetFieldFolderArgs{\n\t\t\t\t\tFieldFoldersId: pulumi.String(\"example-id\"),\n\t\t\t\t\tColumns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Column1\"),\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSet;\nimport com.pulumi.aws.quicksight.DataSetArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetFieldFolderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .dataSetId(\"example-id\")\n .name(\"example-name\")\n .importMode(\"SPICE\")\n .physicalTableMaps(DataSetPhysicalTableMapArgs.builder()\n .physicalTableMapId(\"example-id\")\n .s3Source(DataSetPhysicalTableMapS3SourceArgs.builder()\n .dataSourceArn(exampleAwsQuicksightDataSource.arn())\n .inputColumns(DataSetPhysicalTableMapS3SourceInputColumnArgs.builder()\n .name(\"Column1\")\n .type(\"STRING\")\n .build())\n .uploadSettings(DataSetPhysicalTableMapS3SourceUploadSettingsArgs.builder()\n .format(\"JSON\")\n .build())\n .build())\n .build())\n .fieldFolders(DataSetFieldFolderArgs.builder()\n .fieldFoldersId(\"example-id\")\n .columns(\"Column1\")\n .description(\"example description\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:DataSet\n properties:\n dataSetId: example-id\n name: example-name\n importMode: SPICE\n physicalTableMaps:\n - physicalTableMapId: example-id\n s3Source:\n dataSourceArn: ${exampleAwsQuicksightDataSource.arn}\n inputColumns:\n - name: Column1\n type: STRING\n uploadSettings:\n format: JSON\n fieldFolders:\n - fieldFoldersId: example-id\n columns:\n - Column1\n description: example description\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.DataSet(\"example\", {\n dataSetId: \"example-id\",\n name: \"example-name\",\n importMode: \"SPICE\",\n physicalTableMaps: [{\n physicalTableMapId: \"example-id\",\n s3Source: {\n dataSourceArn: exampleAwsQuicksightDataSource.arn,\n inputColumns: [{\n name: \"Column1\",\n type: \"STRING\",\n }],\n uploadSettings: {\n format: \"JSON\",\n },\n },\n }],\n permissions: [{\n actions: [\n \"quicksight:DescribeDataSet\",\n \"quicksight:DescribeDataSetPermissions\",\n \"quicksight:PassDataSet\",\n \"quicksight:DescribeIngestion\",\n \"quicksight:ListIngestions\",\n ],\n principal: exampleAwsQuicksightUser.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.DataSet(\"example\",\n data_set_id=\"example-id\",\n name=\"example-name\",\n import_mode=\"SPICE\",\n physical_table_maps=[{\n \"physical_table_map_id\": \"example-id\",\n \"s3_source\": {\n \"data_source_arn\": example_aws_quicksight_data_source[\"arn\"],\n \"input_columns\": [{\n \"name\": \"Column1\",\n \"type\": \"STRING\",\n }],\n \"upload_settings\": {\n \"format\": \"JSON\",\n },\n },\n }],\n permissions=[{\n \"actions\": [\n \"quicksight:DescribeDataSet\",\n \"quicksight:DescribeDataSetPermissions\",\n \"quicksight:PassDataSet\",\n \"quicksight:DescribeIngestion\",\n \"quicksight:ListIngestions\",\n ],\n \"principal\": example_aws_quicksight_user[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.DataSet(\"example\", new()\n {\n DataSetId = \"example-id\",\n Name = \"example-name\",\n ImportMode = \"SPICE\",\n PhysicalTableMaps = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapArgs\n {\n PhysicalTableMapId = \"example-id\",\n S3Source = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceArgs\n {\n DataSourceArn = exampleAwsQuicksightDataSource.Arn,\n InputColumns = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceInputColumnArgs\n {\n Name = \"Column1\",\n Type = \"STRING\",\n },\n },\n UploadSettings = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs\n {\n Format = \"JSON\",\n },\n },\n },\n },\n Permissions = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPermissionArgs\n {\n Actions = new[]\n {\n \"quicksight:DescribeDataSet\",\n \"quicksight:DescribeDataSetPermissions\",\n \"quicksight:PassDataSet\",\n \"quicksight:DescribeIngestion\",\n \"quicksight:ListIngestions\",\n },\n Principal = exampleAwsQuicksightUser.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSet(ctx, \"example\", \u0026quicksight.DataSetArgs{\n\t\t\tDataSetId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tImportMode: pulumi.String(\"SPICE\"),\n\t\t\tPhysicalTableMaps: quicksight.DataSetPhysicalTableMapArray{\n\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapArgs{\n\t\t\t\t\tPhysicalTableMapId: pulumi.String(\"example-id\"),\n\t\t\t\t\tS3Source: \u0026quicksight.DataSetPhysicalTableMapS3SourceArgs{\n\t\t\t\t\t\tDataSourceArn: pulumi.Any(exampleAwsQuicksightDataSource.Arn),\n\t\t\t\t\t\tInputColumns: quicksight.DataSetPhysicalTableMapS3SourceInputColumnArray{\n\t\t\t\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapS3SourceInputColumnArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"STRING\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUploadSettings: \u0026quicksight.DataSetPhysicalTableMapS3SourceUploadSettingsArgs{\n\t\t\t\t\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermissions: quicksight.DataSetPermissionArray{\n\t\t\t\t\u0026quicksight.DataSetPermissionArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"quicksight:DescribeDataSet\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DescribeDataSetPermissions\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:PassDataSet\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DescribeIngestion\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:ListIngestions\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(exampleAwsQuicksightUser.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSet;\nimport com.pulumi.aws.quicksight.DataSetArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .dataSetId(\"example-id\")\n .name(\"example-name\")\n .importMode(\"SPICE\")\n .physicalTableMaps(DataSetPhysicalTableMapArgs.builder()\n .physicalTableMapId(\"example-id\")\n .s3Source(DataSetPhysicalTableMapS3SourceArgs.builder()\n .dataSourceArn(exampleAwsQuicksightDataSource.arn())\n .inputColumns(DataSetPhysicalTableMapS3SourceInputColumnArgs.builder()\n .name(\"Column1\")\n .type(\"STRING\")\n .build())\n .uploadSettings(DataSetPhysicalTableMapS3SourceUploadSettingsArgs.builder()\n .format(\"JSON\")\n .build())\n .build())\n .build())\n .permissions(DataSetPermissionArgs.builder()\n .actions( \n \"quicksight:DescribeDataSet\",\n \"quicksight:DescribeDataSetPermissions\",\n \"quicksight:PassDataSet\",\n \"quicksight:DescribeIngestion\",\n \"quicksight:ListIngestions\")\n .principal(exampleAwsQuicksightUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:DataSet\n properties:\n dataSetId: example-id\n name: example-name\n importMode: SPICE\n physicalTableMaps:\n - physicalTableMapId: example-id\n s3Source:\n dataSourceArn: ${exampleAwsQuicksightDataSource.arn}\n inputColumns:\n - name: Column1\n type: STRING\n uploadSettings:\n format: JSON\n permissions:\n - actions:\n - quicksight:DescribeDataSet\n - quicksight:DescribeDataSetPermissions\n - quicksight:PassDataSet\n - quicksight:DescribeIngestion\n - quicksight:ListIngestions\n principal: ${exampleAwsQuicksightUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Row Level Permission Tag Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.DataSet(\"example\", {\n dataSetId: \"example-id\",\n name: \"example-name\",\n importMode: \"SPICE\",\n physicalTableMaps: [{\n physicalTableMapId: \"example-id\",\n s3Source: {\n dataSourceArn: exampleAwsQuicksightDataSource.arn,\n inputColumns: [{\n name: \"Column1\",\n type: \"STRING\",\n }],\n uploadSettings: {\n format: \"JSON\",\n },\n },\n }],\n rowLevelPermissionTagConfiguration: {\n status: \"ENABLED\",\n tagRules: [{\n columnName: \"Column1\",\n tagKey: \"tagkey\",\n matchAllValue: \"*\",\n tagMultiValueDelimiter: \",\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.DataSet(\"example\",\n data_set_id=\"example-id\",\n name=\"example-name\",\n import_mode=\"SPICE\",\n physical_table_maps=[{\n \"physical_table_map_id\": \"example-id\",\n \"s3_source\": {\n \"data_source_arn\": example_aws_quicksight_data_source[\"arn\"],\n \"input_columns\": [{\n \"name\": \"Column1\",\n \"type\": \"STRING\",\n }],\n \"upload_settings\": {\n \"format\": \"JSON\",\n },\n },\n }],\n row_level_permission_tag_configuration={\n \"status\": \"ENABLED\",\n \"tag_rules\": [{\n \"column_name\": \"Column1\",\n \"tag_key\": \"tagkey\",\n \"match_all_value\": \"*\",\n \"tag_multi_value_delimiter\": \",\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.DataSet(\"example\", new()\n {\n DataSetId = \"example-id\",\n Name = \"example-name\",\n ImportMode = \"SPICE\",\n PhysicalTableMaps = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapArgs\n {\n PhysicalTableMapId = \"example-id\",\n S3Source = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceArgs\n {\n DataSourceArn = exampleAwsQuicksightDataSource.Arn,\n InputColumns = new[]\n {\n new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceInputColumnArgs\n {\n Name = \"Column1\",\n Type = \"STRING\",\n },\n },\n UploadSettings = new Aws.Quicksight.Inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs\n {\n Format = \"JSON\",\n },\n },\n },\n },\n RowLevelPermissionTagConfiguration = new Aws.Quicksight.Inputs.DataSetRowLevelPermissionTagConfigurationArgs\n {\n Status = \"ENABLED\",\n TagRules = new[]\n {\n new Aws.Quicksight.Inputs.DataSetRowLevelPermissionTagConfigurationTagRuleArgs\n {\n ColumnName = \"Column1\",\n TagKey = \"tagkey\",\n MatchAllValue = \"*\",\n TagMultiValueDelimiter = \",\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSet(ctx, \"example\", \u0026quicksight.DataSetArgs{\n\t\t\tDataSetId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tImportMode: pulumi.String(\"SPICE\"),\n\t\t\tPhysicalTableMaps: quicksight.DataSetPhysicalTableMapArray{\n\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapArgs{\n\t\t\t\t\tPhysicalTableMapId: pulumi.String(\"example-id\"),\n\t\t\t\t\tS3Source: \u0026quicksight.DataSetPhysicalTableMapS3SourceArgs{\n\t\t\t\t\t\tDataSourceArn: pulumi.Any(exampleAwsQuicksightDataSource.Arn),\n\t\t\t\t\t\tInputColumns: quicksight.DataSetPhysicalTableMapS3SourceInputColumnArray{\n\t\t\t\t\t\t\t\u0026quicksight.DataSetPhysicalTableMapS3SourceInputColumnArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\t\t\tType: pulumi.String(\"STRING\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUploadSettings: \u0026quicksight.DataSetPhysicalTableMapS3SourceUploadSettingsArgs{\n\t\t\t\t\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tRowLevelPermissionTagConfiguration: \u0026quicksight.DataSetRowLevelPermissionTagConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"ENABLED\"),\n\t\t\t\tTagRules: quicksight.DataSetRowLevelPermissionTagConfigurationTagRuleArray{\n\t\t\t\t\t\u0026quicksight.DataSetRowLevelPermissionTagConfigurationTagRuleArgs{\n\t\t\t\t\t\tColumnName: pulumi.String(\"Column1\"),\n\t\t\t\t\t\tTagKey: pulumi.String(\"tagkey\"),\n\t\t\t\t\t\tMatchAllValue: pulumi.String(\"*\"),\n\t\t\t\t\t\tTagMultiValueDelimiter: pulumi.String(\",\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSet;\nimport com.pulumi.aws.quicksight.DataSetArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetPhysicalTableMapS3SourceUploadSettingsArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSetRowLevelPermissionTagConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSet(\"example\", DataSetArgs.builder()\n .dataSetId(\"example-id\")\n .name(\"example-name\")\n .importMode(\"SPICE\")\n .physicalTableMaps(DataSetPhysicalTableMapArgs.builder()\n .physicalTableMapId(\"example-id\")\n .s3Source(DataSetPhysicalTableMapS3SourceArgs.builder()\n .dataSourceArn(exampleAwsQuicksightDataSource.arn())\n .inputColumns(DataSetPhysicalTableMapS3SourceInputColumnArgs.builder()\n .name(\"Column1\")\n .type(\"STRING\")\n .build())\n .uploadSettings(DataSetPhysicalTableMapS3SourceUploadSettingsArgs.builder()\n .format(\"JSON\")\n .build())\n .build())\n .build())\n .rowLevelPermissionTagConfiguration(DataSetRowLevelPermissionTagConfigurationArgs.builder()\n .status(\"ENABLED\")\n .tagRules(DataSetRowLevelPermissionTagConfigurationTagRuleArgs.builder()\n .columnName(\"Column1\")\n .tagKey(\"tagkey\")\n .matchAllValue(\"*\")\n .tagMultiValueDelimiter(\",\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:DataSet\n properties:\n dataSetId: example-id\n name: example-name\n importMode: SPICE\n physicalTableMaps:\n - physicalTableMapId: example-id\n s3Source:\n dataSourceArn: ${exampleAwsQuicksightDataSource.arn}\n inputColumns:\n - name: Column1\n type: STRING\n uploadSettings:\n format: JSON\n rowLevelPermissionTagConfiguration:\n status: ENABLED\n tagRules:\n - columnName: Column1\n tagKey: tagkey\n matchAllValue: '*'\n tagMultiValueDelimiter: ','\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Data Set using the AWS account ID and data set ID separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/dataSet:DataSet example 123456789012,example-id\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data set.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "columnGroups": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnGroup:DataSetColumnGroup" }, "description": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported. See column_groups.\n" }, "columnLevelPermissionRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnLevelPermissionRule:DataSetColumnLevelPermissionRule" }, "description": "A set of 1 or more definitions of a [ColumnLevelPermissionRule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ColumnLevelPermissionRule.html). See column_level_permission_rules.\n" }, "dataSetId": { "type": "string", "description": "Identifier for the data set.\n" }, "dataSetUsageConfiguration": { "$ref": "#/types/aws:quicksight/DataSetDataSetUsageConfiguration:DataSetDataSetUsageConfiguration", "description": "The usage configuration to apply to child datasets that reference this dataset as a source. See data_set_usage_configuration.\n" }, "fieldFolders": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetFieldFolder:DataSetFieldFolder" }, "description": "The folder that contains fields and nested subfolders for your dataset. See field_folders.\n" }, "importMode": { "type": "string", "description": "Indicates whether you want to import the data into SPICE. Valid values are `SPICE` and `DIRECT_QUERY`.\n" }, "logicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMap:DataSetLogicalTableMap" }, "description": "Configures the combination and transformation of the data from the physical tables. Maximum of 1 entry. See logical_table_map.\n" }, "name": { "type": "string", "description": "Display name for the dataset.\n" }, "outputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetOutputColumn:DataSetOutputColumn" } }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPermission:DataSetPermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See permissions.\n" }, "physicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMap:DataSetPhysicalTableMap" }, "description": "Declares the physical tables that are available in the underlying data sources. See physical_table_map.\n\nThe following arguments are optional:\n" }, "refreshProperties": { "$ref": "#/types/aws:quicksight/DataSetRefreshProperties:DataSetRefreshProperties", "description": "The refresh properties for the data set. **NOTE**: Only valid when `import_mode` is set to `SPICE`. See refresh_properties.\n" }, "rowLevelPermissionDataSet": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionDataSet:DataSetRowLevelPermissionDataSet", "description": "The row-level security configuration for the data that you want to create. See row_level_permission_data_set.\n" }, "rowLevelPermissionTagConfiguration": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionTagConfiguration:DataSetRowLevelPermissionTagConfiguration", "description": "The configuration of tags on a dataset to set row-level security. Row-level security tags are currently supported for anonymous embedding only. See row_level_permission_tag_configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "awsAccountId", "dataSetId", "dataSetUsageConfiguration", "importMode", "logicalTableMaps", "name", "outputColumns", "tagsAll" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "columnGroups": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnGroup:DataSetColumnGroup" }, "description": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported. See column_groups.\n" }, "columnLevelPermissionRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnLevelPermissionRule:DataSetColumnLevelPermissionRule" }, "description": "A set of 1 or more definitions of a [ColumnLevelPermissionRule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ColumnLevelPermissionRule.html). See column_level_permission_rules.\n" }, "dataSetId": { "type": "string", "description": "Identifier for the data set.\n", "willReplaceOnChanges": true }, "dataSetUsageConfiguration": { "$ref": "#/types/aws:quicksight/DataSetDataSetUsageConfiguration:DataSetDataSetUsageConfiguration", "description": "The usage configuration to apply to child datasets that reference this dataset as a source. See data_set_usage_configuration.\n" }, "fieldFolders": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetFieldFolder:DataSetFieldFolder" }, "description": "The folder that contains fields and nested subfolders for your dataset. See field_folders.\n" }, "importMode": { "type": "string", "description": "Indicates whether you want to import the data into SPICE. Valid values are `SPICE` and `DIRECT_QUERY`.\n" }, "logicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMap:DataSetLogicalTableMap" }, "description": "Configures the combination and transformation of the data from the physical tables. Maximum of 1 entry. See logical_table_map.\n" }, "name": { "type": "string", "description": "Display name for the dataset.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPermission:DataSetPermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See permissions.\n" }, "physicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMap:DataSetPhysicalTableMap" }, "description": "Declares the physical tables that are available in the underlying data sources. See physical_table_map.\n\nThe following arguments are optional:\n" }, "refreshProperties": { "$ref": "#/types/aws:quicksight/DataSetRefreshProperties:DataSetRefreshProperties", "description": "The refresh properties for the data set. **NOTE**: Only valid when `import_mode` is set to `SPICE`. See refresh_properties.\n" }, "rowLevelPermissionDataSet": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionDataSet:DataSetRowLevelPermissionDataSet", "description": "The row-level security configuration for the data that you want to create. See row_level_permission_data_set.\n" }, "rowLevelPermissionTagConfiguration": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionTagConfiguration:DataSetRowLevelPermissionTagConfiguration", "description": "The configuration of tags on a dataset to set row-level security. Row-level security tags are currently supported for anonymous embedding only. See row_level_permission_tag_configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dataSetId", "importMode" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data set.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "columnGroups": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnGroup:DataSetColumnGroup" }, "description": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported. See column_groups.\n" }, "columnLevelPermissionRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetColumnLevelPermissionRule:DataSetColumnLevelPermissionRule" }, "description": "A set of 1 or more definitions of a [ColumnLevelPermissionRule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ColumnLevelPermissionRule.html). See column_level_permission_rules.\n" }, "dataSetId": { "type": "string", "description": "Identifier for the data set.\n", "willReplaceOnChanges": true }, "dataSetUsageConfiguration": { "$ref": "#/types/aws:quicksight/DataSetDataSetUsageConfiguration:DataSetDataSetUsageConfiguration", "description": "The usage configuration to apply to child datasets that reference this dataset as a source. See data_set_usage_configuration.\n" }, "fieldFolders": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetFieldFolder:DataSetFieldFolder" }, "description": "The folder that contains fields and nested subfolders for your dataset. See field_folders.\n" }, "importMode": { "type": "string", "description": "Indicates whether you want to import the data into SPICE. Valid values are `SPICE` and `DIRECT_QUERY`.\n" }, "logicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetLogicalTableMap:DataSetLogicalTableMap" }, "description": "Configures the combination and transformation of the data from the physical tables. Maximum of 1 entry. See logical_table_map.\n" }, "name": { "type": "string", "description": "Display name for the dataset.\n" }, "outputColumns": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetOutputColumn:DataSetOutputColumn" } }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPermission:DataSetPermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See permissions.\n" }, "physicalTableMaps": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSetPhysicalTableMap:DataSetPhysicalTableMap" }, "description": "Declares the physical tables that are available in the underlying data sources. See physical_table_map.\n\nThe following arguments are optional:\n" }, "refreshProperties": { "$ref": "#/types/aws:quicksight/DataSetRefreshProperties:DataSetRefreshProperties", "description": "The refresh properties for the data set. **NOTE**: Only valid when `import_mode` is set to `SPICE`. See refresh_properties.\n" }, "rowLevelPermissionDataSet": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionDataSet:DataSetRowLevelPermissionDataSet", "description": "The row-level security configuration for the data that you want to create. See row_level_permission_data_set.\n" }, "rowLevelPermissionTagConfiguration": { "$ref": "#/types/aws:quicksight/DataSetRowLevelPermissionTagConfiguration:DataSetRowLevelPermissionTagConfiguration", "description": "The configuration of tags on a dataset to set row-level security. Row-level security tags are currently supported for anonymous embedding only. See row_level_permission_tag_configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:quicksight/dataSource:DataSource": { "description": "Resource for managing QuickSight Data Source\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.quicksight.DataSource(\"default\", {\n dataSourceId: \"example-id\",\n name: \"My Cool Data in S3\",\n parameters: {\n s3: {\n manifestFileLocation: {\n bucket: \"my-bucket\",\n key: \"path/to/manifest.json\",\n },\n },\n },\n type: \"S3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.quicksight.DataSource(\"default\",\n data_source_id=\"example-id\",\n name=\"My Cool Data in S3\",\n parameters={\n \"s3\": {\n \"manifest_file_location\": {\n \"bucket\": \"my-bucket\",\n \"key\": \"path/to/manifest.json\",\n },\n },\n },\n type=\"S3\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Quicksight.DataSource(\"default\", new()\n {\n DataSourceId = \"example-id\",\n Name = \"My Cool Data in S3\",\n Parameters = new Aws.Quicksight.Inputs.DataSourceParametersArgs\n {\n S3 = new Aws.Quicksight.Inputs.DataSourceParametersS3Args\n {\n ManifestFileLocation = new Aws.Quicksight.Inputs.DataSourceParametersS3ManifestFileLocationArgs\n {\n Bucket = \"my-bucket\",\n Key = \"path/to/manifest.json\",\n },\n },\n },\n Type = \"S3\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewDataSource(ctx, \"default\", \u0026quicksight.DataSourceArgs{\n\t\t\tDataSourceId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"My Cool Data in S3\"),\n\t\t\tParameters: \u0026quicksight.DataSourceParametersArgs{\n\t\t\t\tS3: \u0026quicksight.DataSourceParametersS3Args{\n\t\t\t\t\tManifestFileLocation: \u0026quicksight.DataSourceParametersS3ManifestFileLocationArgs{\n\t\t\t\t\t\tBucket: pulumi.String(\"my-bucket\"),\n\t\t\t\t\t\tKey: pulumi.String(\"path/to/manifest.json\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.DataSource;\nimport com.pulumi.aws.quicksight.DataSourceArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSourceParametersArgs;\nimport com.pulumi.aws.quicksight.inputs.DataSourceParametersS3Args;\nimport com.pulumi.aws.quicksight.inputs.DataSourceParametersS3ManifestFileLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new DataSource(\"default\", DataSourceArgs.builder()\n .dataSourceId(\"example-id\")\n .name(\"My Cool Data in S3\")\n .parameters(DataSourceParametersArgs.builder()\n .s3(DataSourceParametersS3Args.builder()\n .manifestFileLocation(DataSourceParametersS3ManifestFileLocationArgs.builder()\n .bucket(\"my-bucket\")\n .key(\"path/to/manifest.json\")\n .build())\n .build())\n .build())\n .type(\"S3\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:quicksight:DataSource\n properties:\n dataSourceId: example-id\n name: My Cool Data in S3\n parameters:\n s3:\n manifestFileLocation:\n bucket: my-bucket\n key: path/to/manifest.json\n type: S3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight data source using the AWS account ID, and data source ID separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:quicksight/dataSource:DataSource example 123456789123/my-data-source-id\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data source\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the data source is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "credentials": { "$ref": "#/types/aws:quicksight/DataSourceCredentials:DataSourceCredentials", "description": "The credentials Amazon QuickSight uses to connect to your underlying source. Currently, only credentials based on user name and password are supported. See Credentials below for more details.\n" }, "dataSourceId": { "type": "string", "description": "An identifier for the data source.\n" }, "name": { "type": "string", "description": "A name for the data source, maximum of 128 characters.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DataSourceParameters:DataSourceParameters", "description": "The parameters used to connect to this data source (exactly one).\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSourcePermission:DataSourcePermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See Permission below for more details.\n" }, "sslProperties": { "$ref": "#/types/aws:quicksight/DataSourceSslProperties:DataSourceSslProperties", "description": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source. See SSL Properties below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the data source. See the [AWS Documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSource.html#QS-CreateDataSource-request-Type) for the complete list of valid values.\n\nThe following arguments are optional:\n" }, "vpcConnectionProperties": { "$ref": "#/types/aws:quicksight/DataSourceVpcConnectionProperties:DataSourceVpcConnectionProperties", "description": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source. See VPC Connection Properties below for more details.\n" } }, "required": [ "arn", "awsAccountId", "dataSourceId", "name", "parameters", "tagsAll", "type" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the data source is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "credentials": { "$ref": "#/types/aws:quicksight/DataSourceCredentials:DataSourceCredentials", "description": "The credentials Amazon QuickSight uses to connect to your underlying source. Currently, only credentials based on user name and password are supported. See Credentials below for more details.\n" }, "dataSourceId": { "type": "string", "description": "An identifier for the data source.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the data source, maximum of 128 characters.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DataSourceParameters:DataSourceParameters", "description": "The parameters used to connect to this data source (exactly one).\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSourcePermission:DataSourcePermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See Permission below for more details.\n" }, "sslProperties": { "$ref": "#/types/aws:quicksight/DataSourceSslProperties:DataSourceSslProperties", "description": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source. See SSL Properties below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of the data source. See the [AWS Documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSource.html#QS-CreateDataSource-request-Type) for the complete list of valid values.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "vpcConnectionProperties": { "$ref": "#/types/aws:quicksight/DataSourceVpcConnectionProperties:DataSourceVpcConnectionProperties", "description": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source. See VPC Connection Properties below for more details.\n" } }, "requiredInputs": [ "dataSourceId", "parameters", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataSource resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the data source\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the data source is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "credentials": { "$ref": "#/types/aws:quicksight/DataSourceCredentials:DataSourceCredentials", "description": "The credentials Amazon QuickSight uses to connect to your underlying source. Currently, only credentials based on user name and password are supported. See Credentials below for more details.\n" }, "dataSourceId": { "type": "string", "description": "An identifier for the data source.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name for the data source, maximum of 128 characters.\n" }, "parameters": { "$ref": "#/types/aws:quicksight/DataSourceParameters:DataSourceParameters", "description": "The parameters used to connect to this data source (exactly one).\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/DataSourcePermission:DataSourcePermission" }, "description": "A set of resource permissions on the data source. Maximum of 64 items. See Permission below for more details.\n" }, "sslProperties": { "$ref": "#/types/aws:quicksight/DataSourceSslProperties:DataSourceSslProperties", "description": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source. See SSL Properties below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the data source. See the [AWS Documentation](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSource.html#QS-CreateDataSource-request-Type) for the complete list of valid values.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "vpcConnectionProperties": { "$ref": "#/types/aws:quicksight/DataSourceVpcConnectionProperties:DataSourceVpcConnectionProperties", "description": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source. See VPC Connection Properties below for more details.\n" } }, "type": "object" } }, "aws:quicksight/folder:Folder": { "description": "Resource for managing a QuickSight Folder.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Folder(\"example\", {\n folderId: \"example-id\",\n name: \"example-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Folder(\"example\",\n folder_id=\"example-id\",\n name=\"example-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Folder(\"example\", new()\n {\n FolderId = \"example-id\",\n Name = \"example-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewFolder(ctx, \"example\", \u0026quicksight.FolderArgs{\n\t\t\tFolderId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Folder;\nimport com.pulumi.aws.quicksight.FolderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Folder(\"example\", FolderArgs.builder()\n .folderId(\"example-id\")\n .name(\"example-name\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Folder\n properties:\n folderId: example-id\n name: example-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Folder(\"example\", {\n folderId: \"example-id\",\n name: \"example-name\",\n permissions: [{\n actions: [\n \"quicksight:CreateFolder\",\n \"quicksight:DescribeFolder\",\n \"quicksight:UpdateFolder\",\n \"quicksight:DeleteFolder\",\n \"quicksight:CreateFolderMembership\",\n \"quicksight:DeleteFolderMembership\",\n \"quicksight:DescribeFolderPermissions\",\n \"quicksight:UpdateFolderPermissions\",\n ],\n principal: exampleAwsQuicksightUser.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Folder(\"example\",\n folder_id=\"example-id\",\n name=\"example-name\",\n permissions=[{\n \"actions\": [\n \"quicksight:CreateFolder\",\n \"quicksight:DescribeFolder\",\n \"quicksight:UpdateFolder\",\n \"quicksight:DeleteFolder\",\n \"quicksight:CreateFolderMembership\",\n \"quicksight:DeleteFolderMembership\",\n \"quicksight:DescribeFolderPermissions\",\n \"quicksight:UpdateFolderPermissions\",\n ],\n \"principal\": example_aws_quicksight_user[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Folder(\"example\", new()\n {\n FolderId = \"example-id\",\n Name = \"example-name\",\n Permissions = new[]\n {\n new Aws.Quicksight.Inputs.FolderPermissionArgs\n {\n Actions = new[]\n {\n \"quicksight:CreateFolder\",\n \"quicksight:DescribeFolder\",\n \"quicksight:UpdateFolder\",\n \"quicksight:DeleteFolder\",\n \"quicksight:CreateFolderMembership\",\n \"quicksight:DeleteFolderMembership\",\n \"quicksight:DescribeFolderPermissions\",\n \"quicksight:UpdateFolderPermissions\",\n },\n Principal = exampleAwsQuicksightUser.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewFolder(ctx, \"example\", \u0026quicksight.FolderArgs{\n\t\t\tFolderId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tPermissions: quicksight.FolderPermissionArray{\n\t\t\t\t\u0026quicksight.FolderPermissionArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"quicksight:CreateFolder\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DescribeFolder\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:UpdateFolder\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DeleteFolder\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:CreateFolderMembership\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DeleteFolderMembership\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:DescribeFolderPermissions\"),\n\t\t\t\t\t\tpulumi.String(\"quicksight:UpdateFolderPermissions\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipal: pulumi.Any(exampleAwsQuicksightUser.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Folder;\nimport com.pulumi.aws.quicksight.FolderArgs;\nimport com.pulumi.aws.quicksight.inputs.FolderPermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Folder(\"example\", FolderArgs.builder()\n .folderId(\"example-id\")\n .name(\"example-name\")\n .permissions(FolderPermissionArgs.builder()\n .actions( \n \"quicksight:CreateFolder\",\n \"quicksight:DescribeFolder\",\n \"quicksight:UpdateFolder\",\n \"quicksight:DeleteFolder\",\n \"quicksight:CreateFolderMembership\",\n \"quicksight:DeleteFolderMembership\",\n \"quicksight:DescribeFolderPermissions\",\n \"quicksight:UpdateFolderPermissions\")\n .principal(exampleAwsQuicksightUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Folder\n properties:\n folderId: example-id\n name: example-name\n permissions:\n - actions:\n - quicksight:CreateFolder\n - quicksight:DescribeFolder\n - quicksight:UpdateFolder\n - quicksight:DeleteFolder\n - quicksight:CreateFolderMembership\n - quicksight:DeleteFolderMembership\n - quicksight:DescribeFolderPermissions\n - quicksight:UpdateFolderPermissions\n principal: ${exampleAwsQuicksightUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Parent Folder\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst parent = new aws.quicksight.Folder(\"parent\", {\n folderId: \"parent-id\",\n name: \"parent-name\",\n});\nconst example = new aws.quicksight.Folder(\"example\", {\n folderId: \"example-id\",\n name: \"example-name\",\n parentFolderArn: parent.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nparent = aws.quicksight.Folder(\"parent\",\n folder_id=\"parent-id\",\n name=\"parent-name\")\nexample = aws.quicksight.Folder(\"example\",\n folder_id=\"example-id\",\n name=\"example-name\",\n parent_folder_arn=parent.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parent = new Aws.Quicksight.Folder(\"parent\", new()\n {\n FolderId = \"parent-id\",\n Name = \"parent-name\",\n });\n\n var example = new Aws.Quicksight.Folder(\"example\", new()\n {\n FolderId = \"example-id\",\n Name = \"example-name\",\n ParentFolderArn = parent.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tparent, err := quicksight.NewFolder(ctx, \"parent\", \u0026quicksight.FolderArgs{\n\t\t\tFolderId: pulumi.String(\"parent-id\"),\n\t\t\tName: pulumi.String(\"parent-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = quicksight.NewFolder(ctx, \"example\", \u0026quicksight.FolderArgs{\n\t\t\tFolderId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tParentFolderArn: parent.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Folder;\nimport com.pulumi.aws.quicksight.FolderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parent = new Folder(\"parent\", FolderArgs.builder()\n .folderId(\"parent-id\")\n .name(\"parent-name\")\n .build());\n\n var example = new Folder(\"example\", FolderArgs.builder()\n .folderId(\"example-id\")\n .name(\"example-name\")\n .parentFolderArn(parent.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parent:\n type: aws:quicksight:Folder\n properties:\n folderId: parent-id\n name: parent-name\n example:\n type: aws:quicksight:Folder\n properties:\n folderId: example-id\n name: example-name\n parentFolderArn: ${parent.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight folder using the AWS account ID and folder ID name separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/folder:Folder example 123456789012,example-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the folder.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "createdTime": { "type": "string", "description": "The time that the folder was created.\n" }, "folderId": { "type": "string", "description": "Identifier for the folder.\n" }, "folderPaths": { "type": "array", "items": { "type": "string" }, "description": "An array of ancestor ARN strings for the folder. Empty for root-level folders.\n" }, "folderType": { "type": "string", "description": "The type of folder. By default, it is `SHARED`. Valid values are: `SHARED`.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the folder was last updated.\n" }, "name": { "type": "string", "description": "Display name for the folder.\n\nThe following arguments are optional:\n" }, "parentFolderArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the parent folder. If not set, creates a root-level folder.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/FolderPermission:FolderPermission" }, "description": "A set of resource permissions on the folder. Maximum of 64 items. See permissions.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "awsAccountId", "createdTime", "folderId", "folderPaths", "lastUpdatedTime", "name", "tagsAll" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "folderId": { "type": "string", "description": "Identifier for the folder.\n", "willReplaceOnChanges": true }, "folderType": { "type": "string", "description": "The type of folder. By default, it is `SHARED`. Valid values are: `SHARED`.\n" }, "name": { "type": "string", "description": "Display name for the folder.\n\nThe following arguments are optional:\n" }, "parentFolderArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the parent folder. If not set, creates a root-level folder.\n", "willReplaceOnChanges": true }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/FolderPermission:FolderPermission" }, "description": "A set of resource permissions on the folder. Maximum of 64 items. See permissions.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "folderId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Folder resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the folder.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "createdTime": { "type": "string", "description": "The time that the folder was created.\n" }, "folderId": { "type": "string", "description": "Identifier for the folder.\n", "willReplaceOnChanges": true }, "folderPaths": { "type": "array", "items": { "type": "string" }, "description": "An array of ancestor ARN strings for the folder. Empty for root-level folders.\n" }, "folderType": { "type": "string", "description": "The type of folder. By default, it is `SHARED`. Valid values are: `SHARED`.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the folder was last updated.\n" }, "name": { "type": "string", "description": "Display name for the folder.\n\nThe following arguments are optional:\n" }, "parentFolderArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the parent folder. If not set, creates a root-level folder.\n", "willReplaceOnChanges": true }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/FolderPermission:FolderPermission" }, "description": "A set of resource permissions on the folder. Maximum of 64 items. See permissions.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:quicksight/folderMembership:FolderMembership": { "description": "Resource for managing an AWS QuickSight Folder Membership.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.FolderMembership(\"example\", {\n folderId: exampleAwsQuicksightFolder.folderId,\n memberType: \"DATASET\",\n memberId: exampleAwsQuicksightDataSet.dataSetId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.FolderMembership(\"example\",\n folder_id=example_aws_quicksight_folder[\"folderId\"],\n member_type=\"DATASET\",\n member_id=example_aws_quicksight_data_set[\"dataSetId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.FolderMembership(\"example\", new()\n {\n FolderId = exampleAwsQuicksightFolder.FolderId,\n MemberType = \"DATASET\",\n MemberId = exampleAwsQuicksightDataSet.DataSetId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewFolderMembership(ctx, \"example\", \u0026quicksight.FolderMembershipArgs{\n\t\t\tFolderId: pulumi.Any(exampleAwsQuicksightFolder.FolderId),\n\t\t\tMemberType: pulumi.String(\"DATASET\"),\n\t\t\tMemberId: pulumi.Any(exampleAwsQuicksightDataSet.DataSetId),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.FolderMembership;\nimport com.pulumi.aws.quicksight.FolderMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FolderMembership(\"example\", FolderMembershipArgs.builder()\n .folderId(exampleAwsQuicksightFolder.folderId())\n .memberType(\"DATASET\")\n .memberId(exampleAwsQuicksightDataSet.dataSetId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:FolderMembership\n properties:\n folderId: ${exampleAwsQuicksightFolder.folderId}\n memberType: DATASET\n memberId: ${exampleAwsQuicksightDataSet.dataSetId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Folder Membership using the AWS account ID, folder ID, member type, and member ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/folderMembership:FolderMembership example 123456789012,example-folder,DATASET,example-dataset\n```\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "folderId": { "type": "string", "description": "Identifier for the folder.\n" }, "memberId": { "type": "string", "description": "ID of the asset (the dashboard, analysis, or dataset).\n" }, "memberType": { "type": "string", "description": "Type of the member. Valid values are `ANALYSIS`, `DASHBOARD`, and `DATASET`.\n\nThe following arguments are optional:\n" } }, "required": [ "awsAccountId", "folderId", "memberId", "memberType" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "folderId": { "type": "string", "description": "Identifier for the folder.\n" }, "memberId": { "type": "string", "description": "ID of the asset (the dashboard, analysis, or dataset).\n" }, "memberType": { "type": "string", "description": "Type of the member. Valid values are `ANALYSIS`, `DASHBOARD`, and `DATASET`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "folderId", "memberId", "memberType" ], "stateInputs": { "description": "Input properties used for looking up and filtering FolderMembership resources.\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "folderId": { "type": "string", "description": "Identifier for the folder.\n" }, "memberId": { "type": "string", "description": "ID of the asset (the dashboard, analysis, or dataset).\n" }, "memberType": { "type": "string", "description": "Type of the member. Valid values are `ANALYSIS`, `DASHBOARD`, and `DATASET`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:quicksight/group:Group": { "description": "Resource for managing QuickSight Group\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Group(\"example\", {groupName: \"tf-example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Group(\"example\", group_name=\"tf-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Group(\"example\", new()\n {\n GroupName = \"tf-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewGroup(ctx, \"example\", \u0026quicksight.GroupArgs{\n\t\t\tGroupName: pulumi.String(\"tf-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Group;\nimport com.pulumi.aws.quicksight.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .groupName(\"tf-example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Group\n properties:\n groupName: tf-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Group using the aws account id, namespace and group name separated by `/`. For example:\n\n```sh\n$ pulumi import aws:quicksight/group:Group example 123456789123/default/tf-example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of group\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n" }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n" } }, "required": [ "arn", "awsAccountId", "groupName" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of group\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the group.\n" }, "groupName": { "type": "string", "description": "A name for the group.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace. Currently, you should set this to `default`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:quicksight/groupMembership:GroupMembership": { "description": "Resource for managing QuickSight Group Membership\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.GroupMembership(\"example\", {\n groupName: \"all-access-users\",\n memberName: \"john_smith\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.GroupMembership(\"example\",\n group_name=\"all-access-users\",\n member_name=\"john_smith\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.GroupMembership(\"example\", new()\n {\n GroupName = \"all-access-users\",\n MemberName = \"john_smith\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewGroupMembership(ctx, \"example\", \u0026quicksight.GroupMembershipArgs{\n\t\t\tGroupName: pulumi.String(\"all-access-users\"),\n\t\t\tMemberName: pulumi.String(\"john_smith\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.GroupMembership;\nimport com.pulumi.aws.quicksight.GroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GroupMembership(\"example\", GroupMembershipArgs.builder()\n .groupName(\"all-access-users\")\n .memberName(\"john_smith\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:GroupMembership\n properties:\n groupName: all-access-users\n memberName: john_smith\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Group membership using the AWS account ID, namespace, group name and member name separated by `/`. For example:\n\n```sh\n$ pulumi import aws:quicksight/groupMembership:GroupMembership example 123456789123/default/all-access-users/john_smith\n```\n", "properties": { "arn": { "type": "string" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "groupName": { "type": "string", "description": "The name of the group in which the member will be added.\n" }, "memberName": { "type": "string", "description": "The name of the member to add to the group.\n" }, "namespace": { "type": "string", "description": "The namespace that you want the user to be a part of. Defaults to `default`.\n" } }, "required": [ "arn", "awsAccountId", "groupName", "memberName" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "groupName": { "type": "string", "description": "The name of the group in which the member will be added.\n", "willReplaceOnChanges": true }, "memberName": { "type": "string", "description": "The name of the member to add to the group.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace that you want the user to be a part of. Defaults to `default`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupName", "memberName" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupMembership resources.\n", "properties": { "arn": { "type": "string" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the group is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "groupName": { "type": "string", "description": "The name of the group in which the member will be added.\n", "willReplaceOnChanges": true }, "memberName": { "type": "string", "description": "The name of the member to add to the group.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace that you want the user to be a part of. Defaults to `default`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:quicksight/iamPolicyAssignment:IamPolicyAssignment": { "description": "Resource for managing an AWS QuickSight IAM Policy Assignment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.IamPolicyAssignment(\"example\", {\n assignmentName: \"example\",\n assignmentStatus: \"ENABLED\",\n policyArn: exampleAwsIamPolicy.arn,\n identities: {\n users: [exampleAwsQuicksightUser.userName],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.IamPolicyAssignment(\"example\",\n assignment_name=\"example\",\n assignment_status=\"ENABLED\",\n policy_arn=example_aws_iam_policy[\"arn\"],\n identities={\n \"users\": [example_aws_quicksight_user[\"userName\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.IamPolicyAssignment(\"example\", new()\n {\n AssignmentName = \"example\",\n AssignmentStatus = \"ENABLED\",\n PolicyArn = exampleAwsIamPolicy.Arn,\n Identities = new Aws.Quicksight.Inputs.IamPolicyAssignmentIdentitiesArgs\n {\n Users = new[]\n {\n exampleAwsQuicksightUser.UserName,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewIamPolicyAssignment(ctx, \"example\", \u0026quicksight.IamPolicyAssignmentArgs{\n\t\t\tAssignmentName: pulumi.String(\"example\"),\n\t\t\tAssignmentStatus: pulumi.String(\"ENABLED\"),\n\t\t\tPolicyArn: pulumi.Any(exampleAwsIamPolicy.Arn),\n\t\t\tIdentities: \u0026quicksight.IamPolicyAssignmentIdentitiesArgs{\n\t\t\t\tUsers: pulumi.StringArray{\n\t\t\t\t\texampleAwsQuicksightUser.UserName,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.IamPolicyAssignment;\nimport com.pulumi.aws.quicksight.IamPolicyAssignmentArgs;\nimport com.pulumi.aws.quicksight.inputs.IamPolicyAssignmentIdentitiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IamPolicyAssignment(\"example\", IamPolicyAssignmentArgs.builder()\n .assignmentName(\"example\")\n .assignmentStatus(\"ENABLED\")\n .policyArn(exampleAwsIamPolicy.arn())\n .identities(IamPolicyAssignmentIdentitiesArgs.builder()\n .users(exampleAwsQuicksightUser.userName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:IamPolicyAssignment\n properties:\n assignmentName: example\n assignmentStatus: ENABLED\n policyArn: ${exampleAwsIamPolicy.arn}\n identities:\n users:\n - ${exampleAwsQuicksightUser.userName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight IAM Policy Assignment using the AWS account ID, namespace, and assignment name separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/iamPolicyAssignment:IamPolicyAssignment example 123456789012,default,example\n```\n", "properties": { "assignmentId": { "type": "string", "description": "Assignment ID.\n" }, "assignmentName": { "type": "string", "description": "Name of the assignment.\n" }, "assignmentStatus": { "type": "string", "description": "Status of the assignment. Valid values are `ENABLED`, `DISABLED`, and `DRAFT`.\n\nThe following arguments are optional:\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "identities": { "$ref": "#/types/aws:quicksight/IamPolicyAssignmentIdentities:IamPolicyAssignmentIdentities", "description": "Amazon QuickSight users, groups, or both to assign the policy to. See `identities` block.\n" }, "namespace": { "type": "string", "description": "Namespace that contains the assignment. Defaults to `default`.\n" }, "policyArn": { "type": "string", "description": "ARN of the IAM policy to apply to the Amazon QuickSight users and groups specified in this assignment.\n" } }, "required": [ "assignmentId", "assignmentName", "assignmentStatus", "awsAccountId", "namespace" ], "inputProperties": { "assignmentName": { "type": "string", "description": "Name of the assignment.\n" }, "assignmentStatus": { "type": "string", "description": "Status of the assignment. Valid values are `ENABLED`, `DISABLED`, and `DRAFT`.\n\nThe following arguments are optional:\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "identities": { "$ref": "#/types/aws:quicksight/IamPolicyAssignmentIdentities:IamPolicyAssignmentIdentities", "description": "Amazon QuickSight users, groups, or both to assign the policy to. See `identities` block.\n" }, "namespace": { "type": "string", "description": "Namespace that contains the assignment. Defaults to `default`.\n" }, "policyArn": { "type": "string", "description": "ARN of the IAM policy to apply to the Amazon QuickSight users and groups specified in this assignment.\n" } }, "requiredInputs": [ "assignmentName", "assignmentStatus" ], "stateInputs": { "description": "Input properties used for looking up and filtering IamPolicyAssignment resources.\n", "properties": { "assignmentId": { "type": "string", "description": "Assignment ID.\n" }, "assignmentName": { "type": "string", "description": "Name of the assignment.\n" }, "assignmentStatus": { "type": "string", "description": "Status of the assignment. Valid values are `ENABLED`, `DISABLED`, and `DRAFT`.\n\nThe following arguments are optional:\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "identities": { "$ref": "#/types/aws:quicksight/IamPolicyAssignmentIdentities:IamPolicyAssignmentIdentities", "description": "Amazon QuickSight users, groups, or both to assign the policy to. See `identities` block.\n" }, "namespace": { "type": "string", "description": "Namespace that contains the assignment. Defaults to `default`.\n" }, "policyArn": { "type": "string", "description": "ARN of the IAM policy to apply to the Amazon QuickSight users and groups specified in this assignment.\n" } }, "type": "object" } }, "aws:quicksight/ingestion:Ingestion": { "description": "Resource for managing an AWS QuickSight Ingestion.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Ingestion(\"example\", {\n dataSetId: exampleAwsQuicksightDataSet.dataSetId,\n ingestionId: \"example-id\",\n ingestionType: \"FULL_REFRESH\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Ingestion(\"example\",\n data_set_id=example_aws_quicksight_data_set[\"dataSetId\"],\n ingestion_id=\"example-id\",\n ingestion_type=\"FULL_REFRESH\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Ingestion(\"example\", new()\n {\n DataSetId = exampleAwsQuicksightDataSet.DataSetId,\n IngestionId = \"example-id\",\n IngestionType = \"FULL_REFRESH\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewIngestion(ctx, \"example\", \u0026quicksight.IngestionArgs{\n\t\t\tDataSetId: pulumi.Any(exampleAwsQuicksightDataSet.DataSetId),\n\t\t\tIngestionId: pulumi.String(\"example-id\"),\n\t\t\tIngestionType: pulumi.String(\"FULL_REFRESH\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Ingestion;\nimport com.pulumi.aws.quicksight.IngestionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Ingestion(\"example\", IngestionArgs.builder()\n .dataSetId(exampleAwsQuicksightDataSet.dataSetId())\n .ingestionId(\"example-id\")\n .ingestionType(\"FULL_REFRESH\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Ingestion\n properties:\n dataSetId: ${exampleAwsQuicksightDataSet.dataSetId}\n ingestionId: example-id\n ingestionType: FULL_REFRESH\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Ingestion using the AWS account ID, data set ID, and ingestion ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/ingestion:Ingestion example 123456789012,example-dataset-id,example-ingestion-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Ingestion.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "ID of the dataset used in the ingestion.\n" }, "ingestionId": { "type": "string", "description": "ID for the ingestion.\n" }, "ingestionStatus": { "type": "string", "description": "Ingestion status.\n" }, "ingestionType": { "type": "string", "description": "Type of ingestion to be created. Valid values are `INCREMENTAL_REFRESH` and `FULL_REFRESH`.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "awsAccountId", "dataSetId", "ingestionId", "ingestionStatus", "ingestionType" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "ID of the dataset used in the ingestion.\n" }, "ingestionId": { "type": "string", "description": "ID for the ingestion.\n" }, "ingestionType": { "type": "string", "description": "Type of ingestion to be created. Valid values are `INCREMENTAL_REFRESH` and `FULL_REFRESH`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "dataSetId", "ingestionId", "ingestionType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Ingestion resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Ingestion.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "ID of the dataset used in the ingestion.\n" }, "ingestionId": { "type": "string", "description": "ID for the ingestion.\n" }, "ingestionStatus": { "type": "string", "description": "Ingestion status.\n" }, "ingestionType": { "type": "string", "description": "Type of ingestion to be created. Valid values are `INCREMENTAL_REFRESH` and `FULL_REFRESH`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:quicksight/namespace:Namespace": { "description": "Resource for managing an AWS QuickSight Namespace.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Namespace(\"example\", {namespace: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Namespace(\"example\", namespace=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Namespace(\"example\", new()\n {\n NameSpace = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewNamespace(ctx, \"example\", \u0026quicksight.NamespaceArgs{\n\t\t\tNamespace: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Namespace;\nimport com.pulumi.aws.quicksight.NamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Namespace(\"example\", NamespaceArgs.builder()\n .namespace(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Namespace\n properties:\n namespace: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Namespace using the AWS account ID and namespace separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/namespace:Namespace example 123456789012,example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Namespace.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "capacityRegion": { "type": "string", "description": "Namespace AWS Region.\n" }, "creationStatus": { "type": "string", "description": "Creation status of the namespace.\n" }, "identityStore": { "type": "string", "description": "User identity directory type. Defaults to `QUICKSIGHT`, the only current valid value.\n" }, "namespace": { "type": "string", "description": "Name of the namespace.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "NameSpace" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:quicksight/NamespaceTimeouts:NamespaceTimeouts" } }, "required": [ "arn", "awsAccountId", "capacityRegion", "creationStatus", "identityStore", "namespace", "tagsAll" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "identityStore": { "type": "string", "description": "User identity directory type. Defaults to `QUICKSIGHT`, the only current valid value.\n" }, "namespace": { "type": "string", "description": "Name of the namespace.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "NameSpace" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:quicksight/NamespaceTimeouts:NamespaceTimeouts" } }, "requiredInputs": [ "namespace" ], "stateInputs": { "description": "Input properties used for looking up and filtering Namespace resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Namespace.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "capacityRegion": { "type": "string", "description": "Namespace AWS Region.\n" }, "creationStatus": { "type": "string", "description": "Creation status of the namespace.\n" }, "identityStore": { "type": "string", "description": "User identity directory type. Defaults to `QUICKSIGHT`, the only current valid value.\n" }, "namespace": { "type": "string", "description": "Name of the namespace.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "NameSpace" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:quicksight/NamespaceTimeouts:NamespaceTimeouts" } }, "type": "object" } }, "aws:quicksight/refreshSchedule:RefreshSchedule": { "description": "Resource for managing a QuickSight Refresh Schedule.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.RefreshSchedule(\"example\", {\n dataSetId: \"dataset-id\",\n scheduleId: \"schedule-id\",\n schedule: {\n refreshType: \"FULL_REFRESH\",\n scheduleFrequency: {\n interval: \"HOURLY\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.RefreshSchedule(\"example\",\n data_set_id=\"dataset-id\",\n schedule_id=\"schedule-id\",\n schedule={\n \"refresh_type\": \"FULL_REFRESH\",\n \"schedule_frequency\": {\n \"interval\": \"HOURLY\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.RefreshSchedule(\"example\", new()\n {\n DataSetId = \"dataset-id\",\n ScheduleId = \"schedule-id\",\n Schedule = new Aws.Quicksight.Inputs.RefreshScheduleScheduleArgs\n {\n RefreshType = \"FULL_REFRESH\",\n ScheduleFrequency = new Aws.Quicksight.Inputs.RefreshScheduleScheduleScheduleFrequencyArgs\n {\n Interval = \"HOURLY\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewRefreshSchedule(ctx, \"example\", \u0026quicksight.RefreshScheduleArgs{\n\t\t\tDataSetId: pulumi.String(\"dataset-id\"),\n\t\t\tScheduleId: pulumi.String(\"schedule-id\"),\n\t\t\tSchedule: \u0026quicksight.RefreshScheduleScheduleArgs{\n\t\t\t\tRefreshType: pulumi.String(\"FULL_REFRESH\"),\n\t\t\t\tScheduleFrequency: \u0026quicksight.RefreshScheduleScheduleScheduleFrequencyArgs{\n\t\t\t\t\tInterval: pulumi.String(\"HOURLY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.RefreshSchedule;\nimport com.pulumi.aws.quicksight.RefreshScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleScheduleFrequencyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RefreshSchedule(\"example\", RefreshScheduleArgs.builder()\n .dataSetId(\"dataset-id\")\n .scheduleId(\"schedule-id\")\n .schedule(RefreshScheduleScheduleArgs.builder()\n .refreshType(\"FULL_REFRESH\")\n .scheduleFrequency(RefreshScheduleScheduleScheduleFrequencyArgs.builder()\n .interval(\"HOURLY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:RefreshSchedule\n properties:\n dataSetId: dataset-id\n scheduleId: schedule-id\n schedule:\n refreshType: FULL_REFRESH\n scheduleFrequency:\n interval: HOURLY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Weekly Refresh\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.RefreshSchedule(\"example\", {\n dataSetId: \"dataset-id\",\n scheduleId: \"schedule-id\",\n schedule: {\n refreshType: \"INCREMENTAL_REFRESH\",\n scheduleFrequency: {\n interval: \"WEEKLY\",\n timeOfTheDay: \"01:00\",\n timezone: \"Europe/London\",\n refreshOnDay: {\n dayOfWeek: \"MONDAY\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.RefreshSchedule(\"example\",\n data_set_id=\"dataset-id\",\n schedule_id=\"schedule-id\",\n schedule={\n \"refresh_type\": \"INCREMENTAL_REFRESH\",\n \"schedule_frequency\": {\n \"interval\": \"WEEKLY\",\n \"time_of_the_day\": \"01:00\",\n \"timezone\": \"Europe/London\",\n \"refresh_on_day\": {\n \"day_of_week\": \"MONDAY\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.RefreshSchedule(\"example\", new()\n {\n DataSetId = \"dataset-id\",\n ScheduleId = \"schedule-id\",\n Schedule = new Aws.Quicksight.Inputs.RefreshScheduleScheduleArgs\n {\n RefreshType = \"INCREMENTAL_REFRESH\",\n ScheduleFrequency = new Aws.Quicksight.Inputs.RefreshScheduleScheduleScheduleFrequencyArgs\n {\n Interval = \"WEEKLY\",\n TimeOfTheDay = \"01:00\",\n Timezone = \"Europe/London\",\n RefreshOnDay = new Aws.Quicksight.Inputs.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs\n {\n DayOfWeek = \"MONDAY\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewRefreshSchedule(ctx, \"example\", \u0026quicksight.RefreshScheduleArgs{\n\t\t\tDataSetId: pulumi.String(\"dataset-id\"),\n\t\t\tScheduleId: pulumi.String(\"schedule-id\"),\n\t\t\tSchedule: \u0026quicksight.RefreshScheduleScheduleArgs{\n\t\t\t\tRefreshType: pulumi.String(\"INCREMENTAL_REFRESH\"),\n\t\t\t\tScheduleFrequency: \u0026quicksight.RefreshScheduleScheduleScheduleFrequencyArgs{\n\t\t\t\t\tInterval: pulumi.String(\"WEEKLY\"),\n\t\t\t\t\tTimeOfTheDay: pulumi.String(\"01:00\"),\n\t\t\t\t\tTimezone: pulumi.String(\"Europe/London\"),\n\t\t\t\t\tRefreshOnDay: \u0026quicksight.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"MONDAY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.RefreshSchedule;\nimport com.pulumi.aws.quicksight.RefreshScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleScheduleFrequencyArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RefreshSchedule(\"example\", RefreshScheduleArgs.builder()\n .dataSetId(\"dataset-id\")\n .scheduleId(\"schedule-id\")\n .schedule(RefreshScheduleScheduleArgs.builder()\n .refreshType(\"INCREMENTAL_REFRESH\")\n .scheduleFrequency(RefreshScheduleScheduleScheduleFrequencyArgs.builder()\n .interval(\"WEEKLY\")\n .timeOfTheDay(\"01:00\")\n .timezone(\"Europe/London\")\n .refreshOnDay(RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs.builder()\n .dayOfWeek(\"MONDAY\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:RefreshSchedule\n properties:\n dataSetId: dataset-id\n scheduleId: schedule-id\n schedule:\n refreshType: INCREMENTAL_REFRESH\n scheduleFrequency:\n interval: WEEKLY\n timeOfTheDay: 01:00\n timezone: Europe/London\n refreshOnDay:\n dayOfWeek: MONDAY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Monthly Refresh\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.RefreshSchedule(\"example\", {\n dataSetId: \"dataset-id\",\n scheduleId: \"schedule-id\",\n schedule: {\n refreshType: \"INCREMENTAL_REFRESH\",\n scheduleFrequency: {\n interval: \"MONTHLY\",\n timeOfTheDay: \"01:00\",\n timezone: \"Europe/London\",\n refreshOnDay: {\n dayOfMonth: \"1\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.RefreshSchedule(\"example\",\n data_set_id=\"dataset-id\",\n schedule_id=\"schedule-id\",\n schedule={\n \"refresh_type\": \"INCREMENTAL_REFRESH\",\n \"schedule_frequency\": {\n \"interval\": \"MONTHLY\",\n \"time_of_the_day\": \"01:00\",\n \"timezone\": \"Europe/London\",\n \"refresh_on_day\": {\n \"day_of_month\": \"1\",\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.RefreshSchedule(\"example\", new()\n {\n DataSetId = \"dataset-id\",\n ScheduleId = \"schedule-id\",\n Schedule = new Aws.Quicksight.Inputs.RefreshScheduleScheduleArgs\n {\n RefreshType = \"INCREMENTAL_REFRESH\",\n ScheduleFrequency = new Aws.Quicksight.Inputs.RefreshScheduleScheduleScheduleFrequencyArgs\n {\n Interval = \"MONTHLY\",\n TimeOfTheDay = \"01:00\",\n Timezone = \"Europe/London\",\n RefreshOnDay = new Aws.Quicksight.Inputs.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs\n {\n DayOfMonth = \"1\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewRefreshSchedule(ctx, \"example\", \u0026quicksight.RefreshScheduleArgs{\n\t\t\tDataSetId: pulumi.String(\"dataset-id\"),\n\t\t\tScheduleId: pulumi.String(\"schedule-id\"),\n\t\t\tSchedule: \u0026quicksight.RefreshScheduleScheduleArgs{\n\t\t\t\tRefreshType: pulumi.String(\"INCREMENTAL_REFRESH\"),\n\t\t\t\tScheduleFrequency: \u0026quicksight.RefreshScheduleScheduleScheduleFrequencyArgs{\n\t\t\t\t\tInterval: pulumi.String(\"MONTHLY\"),\n\t\t\t\t\tTimeOfTheDay: pulumi.String(\"01:00\"),\n\t\t\t\t\tTimezone: pulumi.String(\"Europe/London\"),\n\t\t\t\t\tRefreshOnDay: \u0026quicksight.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.String(\"1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.RefreshSchedule;\nimport com.pulumi.aws.quicksight.RefreshScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleScheduleFrequencyArgs;\nimport com.pulumi.aws.quicksight.inputs.RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RefreshSchedule(\"example\", RefreshScheduleArgs.builder()\n .dataSetId(\"dataset-id\")\n .scheduleId(\"schedule-id\")\n .schedule(RefreshScheduleScheduleArgs.builder()\n .refreshType(\"INCREMENTAL_REFRESH\")\n .scheduleFrequency(RefreshScheduleScheduleScheduleFrequencyArgs.builder()\n .interval(\"MONTHLY\")\n .timeOfTheDay(\"01:00\")\n .timezone(\"Europe/London\")\n .refreshOnDay(RefreshScheduleScheduleScheduleFrequencyRefreshOnDayArgs.builder()\n .dayOfMonth(\"1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:RefreshSchedule\n properties:\n dataSetId: dataset-id\n scheduleId: schedule-id\n schedule:\n refreshType: INCREMENTAL_REFRESH\n scheduleFrequency:\n interval: MONTHLY\n timeOfTheDay: 01:00\n timezone: Europe/London\n refreshOnDay:\n dayOfMonth: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Refresh Schedule using the AWS account ID, data set ID and schedule ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/refreshSchedule:RefreshSchedule example 123456789012,dataset-id,schedule-id\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the refresh schedule.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "The ID of the dataset.\n" }, "schedule": { "$ref": "#/types/aws:quicksight/RefreshScheduleSchedule:RefreshScheduleSchedule", "description": "The [refresh schedule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RefreshSchedule.html). See schedule\n\nThe following arguments are optional:\n" }, "scheduleId": { "type": "string", "description": "The ID of the refresh schedule.\n" } }, "required": [ "arn", "awsAccountId", "dataSetId", "scheduleId" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "The ID of the dataset.\n" }, "schedule": { "$ref": "#/types/aws:quicksight/RefreshScheduleSchedule:RefreshScheduleSchedule", "description": "The [refresh schedule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RefreshSchedule.html). See schedule\n\nThe following arguments are optional:\n" }, "scheduleId": { "type": "string", "description": "The ID of the refresh schedule.\n" } }, "requiredInputs": [ "dataSetId", "scheduleId" ], "stateInputs": { "description": "Input properties used for looking up and filtering RefreshSchedule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the refresh schedule.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dataSetId": { "type": "string", "description": "The ID of the dataset.\n" }, "schedule": { "$ref": "#/types/aws:quicksight/RefreshScheduleSchedule:RefreshScheduleSchedule", "description": "The [refresh schedule](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RefreshSchedule.html). See schedule\n\nThe following arguments are optional:\n" }, "scheduleId": { "type": "string", "description": "The ID of the refresh schedule.\n" } }, "type": "object" } }, "aws:quicksight/template:Template": { "description": "Resource for managing a QuickSight Template.\n\n## Example Usage\n\n### From Source Template\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Template(\"example\", {\n templateId: \"example-id\",\n name: \"example-name\",\n versionDescription: \"version\",\n sourceEntity: {\n sourceTemplate: {\n arn: source.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Template(\"example\",\n template_id=\"example-id\",\n name=\"example-name\",\n version_description=\"version\",\n source_entity={\n \"source_template\": {\n \"arn\": source[\"arn\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Template(\"example\", new()\n {\n TemplateId = \"example-id\",\n Name = \"example-name\",\n VersionDescription = \"version\",\n SourceEntity = new Aws.Quicksight.Inputs.TemplateSourceEntityArgs\n {\n SourceTemplate = new Aws.Quicksight.Inputs.TemplateSourceEntitySourceTemplateArgs\n {\n Arn = source.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewTemplate(ctx, \"example\", \u0026quicksight.TemplateArgs{\n\t\t\tTemplateId: pulumi.String(\"example-id\"),\n\t\t\tName: pulumi.String(\"example-name\"),\n\t\t\tVersionDescription: pulumi.String(\"version\"),\n\t\t\tSourceEntity: \u0026quicksight.TemplateSourceEntityArgs{\n\t\t\t\tSourceTemplate: \u0026quicksight.TemplateSourceEntitySourceTemplateArgs{\n\t\t\t\t\tArn: pulumi.Any(source.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Template;\nimport com.pulumi.aws.quicksight.TemplateArgs;\nimport com.pulumi.aws.quicksight.inputs.TemplateSourceEntityArgs;\nimport com.pulumi.aws.quicksight.inputs.TemplateSourceEntitySourceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Template(\"example\", TemplateArgs.builder()\n .templateId(\"example-id\")\n .name(\"example-name\")\n .versionDescription(\"version\")\n .sourceEntity(TemplateSourceEntityArgs.builder()\n .sourceTemplate(TemplateSourceEntitySourceTemplateArgs.builder()\n .arn(source.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Template\n properties:\n templateId: example-id\n name: example-name\n versionDescription: version\n sourceEntity:\n sourceTemplate:\n arn: ${source.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Definition\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:quicksight:Template\n properties:\n templateId: example-id\n name: example-name\n versionDescription: version\n definition:\n dataSetConfigurations:\n - dataSetSchema:\n columnSchemaLists:\n - name: Column1\n dataType: STRING\n - name: Column2\n dataType: INTEGER\n placeholder: '1'\n sheets:\n - title: Test\n sheetId: Test1\n visuals:\n - barChartVisual:\n visualId: BarChart\n chartConfiguration:\n fieldWells:\n barChartAggregatedFieldWells:\n categories:\n - categoricalDimensionField:\n fieldId: '1'\n column:\n columnName: Column1\n dataSetIdentifier: '1'\n values:\n - numericalMeasureField:\n fieldId: '2'\n column:\n columnName: Column2\n dataSetIdentifier: '1'\n aggregationFunction:\n simpleNumericalAggregation: SUM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Template using the AWS account ID and template ID separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/template:Template example 123456789012,example-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the template.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "createdTime": { "type": "string", "description": "The time that the template was created.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the template was last updated.\n" }, "name": { "type": "string", "description": "Display name for the template.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/TemplatePermission:TemplatePermission" }, "description": "A set of resource permissions on the template. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/TemplateSourceEntity:TemplateSourceEntity", "description": "The entity that you are using as a source when you create the template (analysis or template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "sourceEntityArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an analysis or template that was used to create this template.\n" }, "status": { "type": "string", "description": "The template creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateId": { "type": "string", "description": "Identifier for the template.\n" }, "versionDescription": { "type": "string", "description": "A description of the current template version being created/updated.\n\nThe following arguments are optional:\n" }, "versionNumber": { "type": "integer", "description": "The version number of the template version.\n" } }, "required": [ "arn", "awsAccountId", "createdTime", "lastUpdatedTime", "name", "sourceEntityArn", "status", "tagsAll", "templateId", "versionDescription", "versionNumber" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Display name for the template.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/TemplatePermission:TemplatePermission" }, "description": "A set of resource permissions on the template. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/TemplateSourceEntity:TemplateSourceEntity", "description": "The entity that you are using as a source when you create the template (analysis or template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "templateId": { "type": "string", "description": "Identifier for the template.\n", "willReplaceOnChanges": true }, "versionDescription": { "type": "string", "description": "A description of the current template version being created/updated.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "templateId", "versionDescription" ], "stateInputs": { "description": "Input properties used for looking up and filtering Template resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the template.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "createdTime": { "type": "string", "description": "The time that the template was created.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the template was last updated.\n" }, "name": { "type": "string", "description": "Display name for the template.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/TemplatePermission:TemplatePermission" }, "description": "A set of resource permissions on the template. Maximum of 64 items. See permissions.\n" }, "sourceEntity": { "$ref": "#/types/aws:quicksight/TemplateSourceEntity:TemplateSourceEntity", "description": "The entity that you are using as a source when you create the template (analysis or template). Only one of `definition` or `source_entity` should be configured. See source_entity.\n" }, "sourceEntityArn": { "type": "string", "description": "Amazon Resource Name (ARN) of an analysis or template that was used to create this template.\n" }, "status": { "type": "string", "description": "The template creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "templateId": { "type": "string", "description": "Identifier for the template.\n", "willReplaceOnChanges": true }, "versionDescription": { "type": "string", "description": "A description of the current template version being created/updated.\n\nThe following arguments are optional:\n" }, "versionNumber": { "type": "integer", "description": "The version number of the template version.\n" } }, "type": "object" } }, "aws:quicksight/templateAlias:TemplateAlias": { "description": "Resource for managing an AWS QuickSight Template Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.TemplateAlias(\"example\", {\n aliasName: \"example-alias\",\n templateId: test.templateId,\n templateVersionNumber: test.versionNumber,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.TemplateAlias(\"example\",\n alias_name=\"example-alias\",\n template_id=test[\"templateId\"],\n template_version_number=test[\"versionNumber\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.TemplateAlias(\"example\", new()\n {\n AliasName = \"example-alias\",\n TemplateId = test.TemplateId,\n TemplateVersionNumber = test.VersionNumber,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewTemplateAlias(ctx, \"example\", \u0026quicksight.TemplateAliasArgs{\n\t\t\tAliasName: pulumi.String(\"example-alias\"),\n\t\t\tTemplateId: pulumi.Any(test.TemplateId),\n\t\t\tTemplateVersionNumber: pulumi.Any(test.VersionNumber),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.TemplateAlias;\nimport com.pulumi.aws.quicksight.TemplateAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TemplateAlias(\"example\", TemplateAliasArgs.builder()\n .aliasName(\"example-alias\")\n .templateId(test.templateId())\n .templateVersionNumber(test.versionNumber())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:TemplateAlias\n properties:\n aliasName: example-alias\n templateId: ${test.templateId}\n templateVersionNumber: ${test.versionNumber}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight Template Alias using the AWS account ID, template ID, and alias name separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/templateAlias:TemplateAlias example 123456789012,example-id,example-alias\n```\n", "properties": { "aliasName": { "type": "string", "description": "Display name of the template alias.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the template alias.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "templateId": { "type": "string", "description": "ID of the template.\n" }, "templateVersionNumber": { "type": "integer", "description": "Version number of the template.\n\nThe following arguments are optional:\n" } }, "required": [ "aliasName", "arn", "awsAccountId", "templateId", "templateVersionNumber" ], "inputProperties": { "aliasName": { "type": "string", "description": "Display name of the template alias.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "templateId": { "type": "string", "description": "ID of the template.\n" }, "templateVersionNumber": { "type": "integer", "description": "Version number of the template.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "aliasName", "templateId", "templateVersionNumber" ], "stateInputs": { "description": "Input properties used for looking up and filtering TemplateAlias resources.\n", "properties": { "aliasName": { "type": "string", "description": "Display name of the template alias.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the template alias.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "templateId": { "type": "string", "description": "ID of the template.\n" }, "templateVersionNumber": { "type": "integer", "description": "Version number of the template.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:quicksight/theme:Theme": { "description": "Resource for managing a QuickSight Theme.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.Theme(\"example\", {\n themeId: \"example\",\n name: \"example\",\n baseThemeId: \"MIDNIGHT\",\n configuration: {\n dataColorPalette: {\n colors: [\n \"#FFFFFF\",\n \"#111111\",\n \"#222222\",\n \"#333333\",\n \"#444444\",\n \"#555555\",\n \"#666666\",\n \"#777777\",\n \"#888888\",\n \"#999999\",\n ],\n emptyFillColor: \"#FFFFFF\",\n minMaxGradients: [\n \"#FFFFFF\",\n \"#111111\",\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.Theme(\"example\",\n theme_id=\"example\",\n name=\"example\",\n base_theme_id=\"MIDNIGHT\",\n configuration={\n \"data_color_palette\": {\n \"colors\": [\n \"#FFFFFF\",\n \"#111111\",\n \"#222222\",\n \"#333333\",\n \"#444444\",\n \"#555555\",\n \"#666666\",\n \"#777777\",\n \"#888888\",\n \"#999999\",\n ],\n \"empty_fill_color\": \"#FFFFFF\",\n \"min_max_gradients\": [\n \"#FFFFFF\",\n \"#111111\",\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.Theme(\"example\", new()\n {\n ThemeId = \"example\",\n Name = \"example\",\n BaseThemeId = \"MIDNIGHT\",\n Configuration = new Aws.Quicksight.Inputs.ThemeConfigurationArgs\n {\n DataColorPalette = new Aws.Quicksight.Inputs.ThemeConfigurationDataColorPaletteArgs\n {\n Colors = new[]\n {\n \"#FFFFFF\",\n \"#111111\",\n \"#222222\",\n \"#333333\",\n \"#444444\",\n \"#555555\",\n \"#666666\",\n \"#777777\",\n \"#888888\",\n \"#999999\",\n },\n EmptyFillColor = \"#FFFFFF\",\n MinMaxGradients = new[]\n {\n \"#FFFFFF\",\n \"#111111\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewTheme(ctx, \"example\", \u0026quicksight.ThemeArgs{\n\t\t\tThemeId: pulumi.String(\"example\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tBaseThemeId: pulumi.String(\"MIDNIGHT\"),\n\t\t\tConfiguration: \u0026quicksight.ThemeConfigurationArgs{\n\t\t\t\tDataColorPalette: \u0026quicksight.ThemeConfigurationDataColorPaletteArgs{\n\t\t\t\t\tColors: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"#FFFFFF\"),\n\t\t\t\t\t\tpulumi.String(\"#111111\"),\n\t\t\t\t\t\tpulumi.String(\"#222222\"),\n\t\t\t\t\t\tpulumi.String(\"#333333\"),\n\t\t\t\t\t\tpulumi.String(\"#444444\"),\n\t\t\t\t\t\tpulumi.String(\"#555555\"),\n\t\t\t\t\t\tpulumi.String(\"#666666\"),\n\t\t\t\t\t\tpulumi.String(\"#777777\"),\n\t\t\t\t\t\tpulumi.String(\"#888888\"),\n\t\t\t\t\t\tpulumi.String(\"#999999\"),\n\t\t\t\t\t},\n\t\t\t\t\tEmptyFillColor: pulumi.String(\"#FFFFFF\"),\n\t\t\t\t\tMinMaxGradients: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"#FFFFFF\"),\n\t\t\t\t\t\tpulumi.String(\"#111111\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.Theme;\nimport com.pulumi.aws.quicksight.ThemeArgs;\nimport com.pulumi.aws.quicksight.inputs.ThemeConfigurationArgs;\nimport com.pulumi.aws.quicksight.inputs.ThemeConfigurationDataColorPaletteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Theme(\"example\", ThemeArgs.builder()\n .themeId(\"example\")\n .name(\"example\")\n .baseThemeId(\"MIDNIGHT\")\n .configuration(ThemeConfigurationArgs.builder()\n .dataColorPalette(ThemeConfigurationDataColorPaletteArgs.builder()\n .colors( \n \"#FFFFFF\",\n \"#111111\",\n \"#222222\",\n \"#333333\",\n \"#444444\",\n \"#555555\",\n \"#666666\",\n \"#777777\",\n \"#888888\",\n \"#999999\")\n .emptyFillColor(\"#FFFFFF\")\n .minMaxGradients( \n \"#FFFFFF\",\n \"#111111\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:Theme\n properties:\n themeId: example\n name: example\n baseThemeId: MIDNIGHT\n configuration:\n dataColorPalette:\n colors:\n - '#FFFFFF'\n - '#111111'\n - '#222222'\n - '#333333'\n - '#444444'\n - '#555555'\n - '#666666'\n - '#777777'\n - '#888888'\n - '#999999'\n emptyFillColor: '#FFFFFF'\n minMaxGradients:\n - '#FFFFFF'\n - '#111111'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a QuickSight Theme using the AWS account ID and theme ID separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/theme:Theme example 123456789012,example-id\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the theme.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "baseThemeId": { "type": "string", "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use ListThemes or choose Themes from within an analysis.\n" }, "configuration": { "$ref": "#/types/aws:quicksight/ThemeConfiguration:ThemeConfiguration", "description": "The theme configuration, which contains the theme display properties. See configuration.\n\nThe following arguments are optional:\n" }, "createdTime": { "type": "string", "description": "The time that the theme was created.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the theme was last updated.\n" }, "name": { "type": "string", "description": "Display name of the theme.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/ThemePermission:ThemePermission" }, "description": "A set of resource permissions on the theme. Maximum of 64 items. See permissions.\n" }, "status": { "type": "string", "description": "The theme creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeId": { "type": "string", "description": "Identifier of the theme.\n" }, "versionDescription": { "type": "string", "description": "A description of the current theme version being created/updated.\n" }, "versionNumber": { "type": "integer", "description": "The version number of the theme version.\n" } }, "required": [ "arn", "awsAccountId", "baseThemeId", "createdTime", "lastUpdatedTime", "name", "status", "tagsAll", "themeId", "versionNumber" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "baseThemeId": { "type": "string", "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use ListThemes or choose Themes from within an analysis.\n" }, "configuration": { "$ref": "#/types/aws:quicksight/ThemeConfiguration:ThemeConfiguration", "description": "The theme configuration, which contains the theme display properties. See configuration.\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Display name of the theme.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/ThemePermission:ThemePermission" }, "description": "A set of resource permissions on the theme. Maximum of 64 items. See permissions.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "themeId": { "type": "string", "description": "Identifier of the theme.\n", "willReplaceOnChanges": true }, "versionDescription": { "type": "string", "description": "A description of the current theme version being created/updated.\n" } }, "requiredInputs": [ "baseThemeId", "themeId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Theme resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the theme.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n", "willReplaceOnChanges": true }, "baseThemeId": { "type": "string", "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use ListThemes or choose Themes from within an analysis.\n" }, "configuration": { "$ref": "#/types/aws:quicksight/ThemeConfiguration:ThemeConfiguration", "description": "The theme configuration, which contains the theme display properties. See configuration.\n\nThe following arguments are optional:\n" }, "createdTime": { "type": "string", "description": "The time that the theme was created.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the theme was last updated.\n" }, "name": { "type": "string", "description": "Display name of the theme.\n" }, "permissions": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/ThemePermission:ThemePermission" }, "description": "A set of resource permissions on the theme. Maximum of 64 items. See permissions.\n" }, "status": { "type": "string", "description": "The theme creation status.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "themeId": { "type": "string", "description": "Identifier of the theme.\n", "willReplaceOnChanges": true }, "versionDescription": { "type": "string", "description": "A description of the current theme version being created/updated.\n" }, "versionNumber": { "type": "integer", "description": "The version number of the theme version.\n" } }, "type": "object" } }, "aws:quicksight/user:User": { "description": "Resource for managing QuickSight User\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.quicksight.User(\"example\", {\n sessionName: \"an-author\",\n email: \"author@example.com\",\n namespace: \"foo\",\n identityType: \"IAM\",\n iamArn: \"arn:aws:iam::123456789012:user/Example\",\n userRole: \"AUTHOR\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.User(\"example\",\n session_name=\"an-author\",\n email=\"author@example.com\",\n namespace=\"foo\",\n identity_type=\"IAM\",\n iam_arn=\"arn:aws:iam::123456789012:user/Example\",\n user_role=\"AUTHOR\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Quicksight.User(\"example\", new()\n {\n SessionName = \"an-author\",\n Email = \"author@example.com\",\n Namespace = \"foo\",\n IdentityType = \"IAM\",\n IamArn = \"arn:aws:iam::123456789012:user/Example\",\n UserRole = \"AUTHOR\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.NewUser(ctx, \"example\", \u0026quicksight.UserArgs{\n\t\t\tSessionName: pulumi.String(\"an-author\"),\n\t\t\tEmail: pulumi.String(\"author@example.com\"),\n\t\t\tNamespace: pulumi.String(\"foo\"),\n\t\t\tIdentityType: pulumi.String(\"IAM\"),\n\t\t\tIamArn: pulumi.String(\"arn:aws:iam::123456789012:user/Example\"),\n\t\t\tUserRole: pulumi.String(\"AUTHOR\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.User;\nimport com.pulumi.aws.quicksight.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new User(\"example\", UserArgs.builder()\n .sessionName(\"an-author\")\n .email(\"author@example.com\")\n .namespace(\"foo\")\n .identityType(\"IAM\")\n .iamArn(\"arn:aws:iam::123456789012:user/Example\")\n .userRole(\"AUTHOR\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:quicksight:User\n properties:\n sessionName: an-author\n email: author@example.com\n namespace: foo\n identityType: IAM\n iamArn: arn:aws:iam::123456789012:user/Example\n userRole: AUTHOR\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the user\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n" }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n" }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n" }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`. If `IAM` is specified, the `iam_arn` must also be specified.\n" }, "namespace": { "type": "string", "description": "The Amazon Quicksight namespace to create the user in. Defaults to `default`.\n" }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards. Only valid for registering users using an assumed IAM role. Additionally, if registering multiple users using the same IAM role, each user needs to have a unique session name.\n" }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering. Only valid for registering a user with `identity_type` set to `QUICKSIGHT`.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n" } }, "required": [ "arn", "awsAccountId", "email", "identityType", "userRole" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n", "willReplaceOnChanges": true }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n", "willReplaceOnChanges": true }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`. If `IAM` is specified, the `iam_arn` must also be specified.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The Amazon Quicksight namespace to create the user in. Defaults to `default`.\n", "willReplaceOnChanges": true }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards. Only valid for registering users using an assumed IAM role. Additionally, if registering multiple users using the same IAM role, each user needs to have a unique session name.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering. Only valid for registering a user with `identity_type` set to `QUICKSIGHT`.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "email", "identityType", "userRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the user\n" }, "awsAccountId": { "type": "string", "description": "The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The email address of the user that you want to register.\n", "willReplaceOnChanges": true }, "iamArn": { "type": "string", "description": "The ARN of the IAM user or role that you are registering with Amazon QuickSight.\n", "willReplaceOnChanges": true }, "identityType": { "type": "string", "description": "Amazon QuickSight supports several ways of managing the identity of users. This parameter accepts either `IAM` or `QUICKSIGHT`. If `IAM` is specified, the `iam_arn` must also be specified.\n", "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The Amazon Quicksight namespace to create the user in. Defaults to `default`.\n", "willReplaceOnChanges": true }, "sessionName": { "type": "string", "description": "The name of the IAM session to use when assuming roles that can embed QuickSight dashboards. Only valid for registering users using an assumed IAM role. Additionally, if registering multiple users using the same IAM role, each user needs to have a unique session name.\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The Amazon QuickSight user name that you want to create for the user you are registering. Only valid for registering a user with `identity_type` set to `QUICKSIGHT`.\n" }, "userRole": { "type": "string", "description": "The Amazon QuickSight role of the user. The user role can be one of the following: `READER`, `AUTHOR`, or `ADMIN`\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:quicksight/vpcConnection:VpcConnection": { "description": "Resource for managing an AWS QuickSight VPC Connection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpcConnectionRole = new aws.iam.Role(\"vpc_connection_role\", {\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inlinePolicies: [{\n name: \"QuickSightVPCConnectionRolePolicy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n Resource: [\"*\"],\n }],\n }),\n }],\n});\nconst example = new aws.quicksight.VpcConnection(\"example\", {\n vpcConnectionId: \"example-connection-id\",\n name: \"Example Connection\",\n roleArn: vpcConnectionRole.arn,\n securityGroupIds: [\"sg-00000000000000000\"],\n subnetIds: [\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nvpc_connection_role = aws.iam.Role(\"vpc_connection_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inline_policies=[{\n \"name\": \"QuickSightVPCConnectionRolePolicy\",\n \"policy\": json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n \"resource\": [\"*\"],\n }],\n }),\n }])\nexample = aws.quicksight.VpcConnection(\"example\",\n vpc_connection_id=\"example-connection-id\",\n name=\"Example Connection\",\n role_arn=vpc_connection_role.arn,\n security_group_ids=[\"sg-00000000000000000\"],\n subnet_ids=[\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpcConnectionRole = new Aws.Iam.Role(\"vpc_connection_role\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"quicksight.amazonaws.com\",\n },\n },\n },\n }),\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"QuickSightVPCConnectionRolePolicy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n },\n [\"Resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n },\n },\n });\n\n var example = new Aws.Quicksight.VpcConnection(\"example\", new()\n {\n VpcConnectionId = \"example-connection-id\",\n Name = \"Example Connection\",\n RoleArn = vpcConnectionRole.Arn,\n SecurityGroupIds = new[]\n {\n \"sg-00000000000000000\",\n },\n SubnetIds = new[]\n {\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"quicksight.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:CreateNetworkInterface\",\n\t\t\t\t\t\t\"ec2:ModifyNetworkInterfaceAttribute\",\n\t\t\t\t\t\t\"ec2:DeleteNetworkInterface\",\n\t\t\t\t\t\t\"ec2:DescribeSubnets\",\n\t\t\t\t\t\t\"ec2:DescribeSecurityGroups\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tvpcConnectionRole, err := iam.NewRole(ctx, \"vpc_connection_role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"QuickSightVPCConnectionRolePolicy\"),\n\t\t\t\t\tPolicy: pulumi.String(json1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = quicksight.NewVpcConnection(ctx, \"example\", \u0026quicksight.VpcConnectionArgs{\n\t\t\tVpcConnectionId: pulumi.String(\"example-connection-id\"),\n\t\t\tName: pulumi.String(\"Example Connection\"),\n\t\t\tRoleArn: vpcConnectionRole.Arn,\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-00000000000000000\"),\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-00000000000000000\"),\n\t\t\t\tpulumi.String(\"subnet-00000000000000001\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.quicksight.VpcConnection;\nimport com.pulumi.aws.quicksight.VpcConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpcConnectionRole = new Role(\"vpcConnectionRole\", RoleArgs.builder()\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"quicksight.amazonaws.com\")\n ))\n )))\n )))\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"QuickSightVPCConnectionRolePolicy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"ec2:CreateNetworkInterface\", \n \"ec2:ModifyNetworkInterfaceAttribute\", \n \"ec2:DeleteNetworkInterface\", \n \"ec2:DescribeSubnets\", \n \"ec2:DescribeSecurityGroups\"\n )),\n jsonProperty(\"Resource\", jsonArray(\"*\"))\n )))\n )))\n .build())\n .build());\n\n var example = new VpcConnection(\"example\", VpcConnectionArgs.builder()\n .vpcConnectionId(\"example-connection-id\")\n .name(\"Example Connection\")\n .roleArn(vpcConnectionRole.arn())\n .securityGroupIds(\"sg-00000000000000000\")\n .subnetIds( \n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpcConnectionRole:\n type: aws:iam:Role\n name: vpc_connection_role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: sts:AssumeRole\n Principal:\n Service: quicksight.amazonaws.com\n inlinePolicies:\n - name: QuickSightVPCConnectionRolePolicy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - ec2:CreateNetworkInterface\n - ec2:ModifyNetworkInterfaceAttribute\n - ec2:DeleteNetworkInterface\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n Resource:\n - '*'\n example:\n type: aws:quicksight:VpcConnection\n properties:\n vpcConnectionId: example-connection-id\n name: Example Connection\n roleArn: ${vpcConnectionRole.arn}\n securityGroupIds:\n - sg-00000000000000000\n subnetIds:\n - subnet-00000000000000000\n - subnet-00000000000000001\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight VPC connection using the AWS account ID and VPC connection ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/vpcConnection:VpcConnection example 123456789012,example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the VPC connection.\n" }, "availabilityStatus": { "type": "string", "description": "The availability status of the VPC connection. Valid values are `AVAILABLE`, `UNAVAILABLE` or `PARTIALLY_AVAILABLE`.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dnsResolvers": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of DNS resolver endpoints for the VPC connection.\n" }, "name": { "type": "string", "description": "The display name for the VPC connection.\n" }, "roleArn": { "type": "string", "description": "The IAM role to associate with the VPC connection.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs for the VPC connection.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs for the VPC connection.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:quicksight/VpcConnectionTimeouts:VpcConnectionTimeouts" }, "vpcConnectionId": { "type": "string", "description": "The ID of the VPC connection.\n" } }, "required": [ "arn", "availabilityStatus", "awsAccountId", "name", "roleArn", "securityGroupIds", "subnetIds", "tagsAll", "vpcConnectionId" ], "inputProperties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dnsResolvers": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of DNS resolver endpoints for the VPC connection.\n" }, "name": { "type": "string", "description": "The display name for the VPC connection.\n" }, "roleArn": { "type": "string", "description": "The IAM role to associate with the VPC connection.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs for the VPC connection.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs for the VPC connection.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:quicksight/VpcConnectionTimeouts:VpcConnectionTimeouts" }, "vpcConnectionId": { "type": "string", "description": "The ID of the VPC connection.\n" } }, "requiredInputs": [ "roleArn", "securityGroupIds", "subnetIds", "vpcConnectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcConnection resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the VPC connection.\n" }, "availabilityStatus": { "type": "string", "description": "The availability status of the VPC connection. Valid values are `AVAILABLE`, `UNAVAILABLE` or `PARTIALLY_AVAILABLE`.\n" }, "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "dnsResolvers": { "type": "array", "items": { "type": "string" }, "description": "A list of IP addresses of DNS resolver endpoints for the VPC connection.\n" }, "name": { "type": "string", "description": "The display name for the VPC connection.\n" }, "roleArn": { "type": "string", "description": "The IAM role to associate with the VPC connection.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of security group IDs for the VPC connection.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of subnet IDs for the VPC connection.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:quicksight/VpcConnectionTimeouts:VpcConnectionTimeouts" }, "vpcConnectionId": { "type": "string", "description": "The ID of the VPC connection.\n" } }, "type": "object" } }, "aws:ram/principalAssociation:PrincipalAssociation": { "description": "Provides a Resource Access Manager (RAM) principal association. Depending if [RAM Sharing with AWS Organizations is enabled](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-orgs), the RAM behavior with different principal types changes.\n\nWhen RAM Sharing with AWS Organizations is enabled:\n\n- For AWS Account ID, Organization, and Organizational Unit principals within the same AWS Organization, no resource share invitation is sent and resources become available automatically after creating the association.\n- For AWS Account ID principals outside the AWS Organization, a resource share invitation is sent and must be accepted before resources become available. See the `aws.ram.ResourceShareAccepter` resource to accept these invitations.\n\nWhen RAM Sharing with AWS Organizations is not enabled:\n\n- Organization and Organizational Unit principals cannot be used.\n- For AWS Account ID principals, a resource share invitation is sent and must be accepted before resources become available. See the `aws.ram.ResourceShareAccepter` resource to accept these invitations.\n\n## Example Usage\n\n### AWS Account ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.ResourceShare(\"example\", {allowExternalPrincipals: true});\nconst examplePrincipalAssociation = new aws.ram.PrincipalAssociation(\"example\", {\n principal: \"111111111111\",\n resourceShareArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.ResourceShare(\"example\", allow_external_principals=True)\nexample_principal_association = aws.ram.PrincipalAssociation(\"example\",\n principal=\"111111111111\",\n resource_share_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ram.ResourceShare(\"example\", new()\n {\n AllowExternalPrincipals = true,\n });\n\n var examplePrincipalAssociation = new Aws.Ram.PrincipalAssociation(\"example\", new()\n {\n Principal = \"111111111111\",\n ResourceShareArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ram.NewResourceShare(ctx, \"example\", \u0026ram.ResourceShareArgs{\n\t\t\tAllowExternalPrincipals: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ram.NewPrincipalAssociation(ctx, \"example\", \u0026ram.PrincipalAssociationArgs{\n\t\t\tPrincipal: pulumi.String(\"111111111111\"),\n\t\t\tResourceShareArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.ResourceShare;\nimport com.pulumi.aws.ram.ResourceShareArgs;\nimport com.pulumi.aws.ram.PrincipalAssociation;\nimport com.pulumi.aws.ram.PrincipalAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceShare(\"example\", ResourceShareArgs.builder()\n .allowExternalPrincipals(true)\n .build());\n\n var examplePrincipalAssociation = new PrincipalAssociation(\"examplePrincipalAssociation\", PrincipalAssociationArgs.builder()\n .principal(\"111111111111\")\n .resourceShareArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ram:ResourceShare\n properties:\n allowExternalPrincipals: true\n examplePrincipalAssociation:\n type: aws:ram:PrincipalAssociation\n name: example\n properties:\n principal: '111111111111'\n resourceShareArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Organization\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.PrincipalAssociation(\"example\", {\n principal: exampleAwsOrganizationsOrganization.arn,\n resourceShareArn: exampleAwsRamResourceShare.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.PrincipalAssociation(\"example\",\n principal=example_aws_organizations_organization[\"arn\"],\n resource_share_arn=example_aws_ram_resource_share[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ram.PrincipalAssociation(\"example\", new()\n {\n Principal = exampleAwsOrganizationsOrganization.Arn,\n ResourceShareArn = exampleAwsRamResourceShare.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.NewPrincipalAssociation(ctx, \"example\", \u0026ram.PrincipalAssociationArgs{\n\t\t\tPrincipal: pulumi.Any(exampleAwsOrganizationsOrganization.Arn),\n\t\t\tResourceShareArn: pulumi.Any(exampleAwsRamResourceShare.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.PrincipalAssociation;\nimport com.pulumi.aws.ram.PrincipalAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PrincipalAssociation(\"example\", PrincipalAssociationArgs.builder()\n .principal(exampleAwsOrganizationsOrganization.arn())\n .resourceShareArn(exampleAwsRamResourceShare.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ram:PrincipalAssociation\n properties:\n principal: ${exampleAwsOrganizationsOrganization.arn}\n resourceShareArn: ${exampleAwsRamResourceShare.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RAM Principal Associations using their Resource Share ARN and the `principal` separated by a comma. For example:\n\n```sh\n$ pulumi import aws:ram/principalAssociation:PrincipalAssociation example arn:aws:ram:eu-west-1:123456789012:resource-share/73da1ab9-b94a-4ba3-8eb4-45917f7f4b12,123456789012\n```\n", "properties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" } }, "required": [ "principal", "resourceShareArn" ], "inputProperties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n", "willReplaceOnChanges": true }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "principal", "resourceShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrincipalAssociation resources.\n", "properties": { "principal": { "type": "string", "description": "The principal to associate with the resource share. Possible values are an AWS account ID, an AWS Organizations Organization ARN, or an AWS Organizations Organization Unit ARN.\n", "willReplaceOnChanges": true }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ram/resourceAssociation:ResourceAssociation": { "description": "Manages a Resource Access Manager (RAM) Resource Association.\n\n\u003e *NOTE:* Certain AWS resources (e.g., EC2 Subnets) can only be shared in an AWS account that is a member of an AWS Organizations organization with organization-wide Resource Access Manager functionality enabled. See the [Resource Access Manager User Guide](https://docs.aws.amazon.com/ram/latest/userguide/what-is.html) and AWS service specific documentation for additional information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.ResourceAssociation(\"example\", {\n resourceArn: exampleAwsSubnet.arn,\n resourceShareArn: exampleAwsRamResourceShare.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.ResourceAssociation(\"example\",\n resource_arn=example_aws_subnet[\"arn\"],\n resource_share_arn=example_aws_ram_resource_share[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ram.ResourceAssociation(\"example\", new()\n {\n ResourceArn = exampleAwsSubnet.Arn,\n ResourceShareArn = exampleAwsRamResourceShare.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.NewResourceAssociation(ctx, \"example\", \u0026ram.ResourceAssociationArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsSubnet.Arn),\n\t\t\tResourceShareArn: pulumi.Any(exampleAwsRamResourceShare.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.ResourceAssociation;\nimport com.pulumi.aws.ram.ResourceAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceAssociation(\"example\", ResourceAssociationArgs.builder()\n .resourceArn(exampleAwsSubnet.arn())\n .resourceShareArn(exampleAwsRamResourceShare.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ram:ResourceAssociation\n properties:\n resourceArn: ${exampleAwsSubnet.arn}\n resourceShareArn: ${exampleAwsRamResourceShare.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RAM Resource Associations using their Resource Share ARN and Resource ARN separated by a comma. For example:\n\n```sh\n$ pulumi import aws:ram/resourceAssociation:ResourceAssociation example arn:aws:ram:eu-west-1:123456789012:resource-share/73da1ab9-b94a-4ba3-8eb4-45917f7f4b12,arn:aws:ec2:eu-west-1:123456789012:subnet/subnet-12345678\n```\n", "properties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n" }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n" } }, "required": [ "resourceArn", "resourceShareArn" ], "inputProperties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n", "willReplaceOnChanges": true }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceArn", "resourceShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the resource to associate with the RAM Resource Share.\n", "willReplaceOnChanges": true }, "resourceShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the RAM Resource Share.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ram/resourceShare:ResourceShare": { "description": "Manages a Resource Access Manager (RAM) Resource Share. To associate principals with the share, see the `aws.ram.PrincipalAssociation` resource. To associate resources with the share, see the `aws.ram.ResourceAssociation` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.ResourceShare(\"example\", {\n name: \"example\",\n allowExternalPrincipals: true,\n tags: {\n Environment: \"Production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.ResourceShare(\"example\",\n name=\"example\",\n allow_external_principals=True,\n tags={\n \"Environment\": \"Production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ram.ResourceShare(\"example\", new()\n {\n Name = \"example\",\n AllowExternalPrincipals = true,\n Tags = \n {\n { \"Environment\", \"Production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.NewResourceShare(ctx, \"example\", \u0026ram.ResourceShareArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAllowExternalPrincipals: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.ResourceShare;\nimport com.pulumi.aws.ram.ResourceShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceShare(\"example\", ResourceShareArgs.builder()\n .name(\"example\")\n .allowExternalPrincipals(true)\n .tags(Map.of(\"Environment\", \"Production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ram:ResourceShare\n properties:\n name: example\n allowExternalPrincipals: true\n tags:\n Environment: Production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import resource shares using the `arn` of the resource share. For example:\n\n```sh\n$ pulumi import aws:ram/resourceShare:ResourceShare example arn:aws:ram:eu-west-1:123456789012:resource-share/73da1ab9-b94a-4ba3-8eb4-45917f7f4b12\n```\n", "properties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "permissionArns": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Amazon Resource Names (ARNs) of the RAM permission to associate with the resource share. If you do not specify an ARN for the permission, RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "permissionArns", "tagsAll" ], "inputProperties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "permissionArns": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Amazon Resource Names (ARNs) of the RAM permission to associate with the resource share. If you do not specify an ARN for the permission, RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResourceShare resources.\n", "properties": { "allowExternalPrincipals": { "type": "boolean", "description": "Indicates whether principals outside your organization can be associated with a resource share.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource share.\n" }, "name": { "type": "string", "description": "The name of the resource share.\n" }, "permissionArns": { "type": "array", "items": { "type": "string" }, "description": "Specifies the Amazon Resource Names (ARNs) of the RAM permission to associate with the resource share. If you do not specify an ARN for the permission, RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource share. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ram/resourceShareAccepter:ResourceShareAccepter": { "description": "Manage accepting a Resource Access Manager (RAM) Resource Share invitation. From a _receiver_ AWS account, accept an invitation to share resources that were shared by a _sender_ AWS account. To create a resource share in the _sender_, see the `aws.ram.ResourceShare` resource.\n\n\u003e **Note:** If both AWS accounts are in the same Organization and [RAM Sharing with AWS Organizations is enabled](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-orgs), this resource is not necessary as RAM Resource Share invitations are not used.\n\n## Example Usage\n\nThis configuration provides an example of using multiple AWS providers to configure two different AWS accounts. In the _sender_ account, the configuration creates a `aws.ram.ResourceShare` and uses a data source in the _receiver_ account to create a `aws.ram.PrincipalAssociation` resource with the _receiver's_ account ID. In the _receiver_ account, the configuration accepts the invitation to share resources with the `aws.ram.ResourceShareAccepter`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst senderShare = new aws.ram.ResourceShare(\"sender_share\", {\n name: \"tf-test-resource-share\",\n allowExternalPrincipals: true,\n tags: {\n Name: \"tf-test-resource-share\",\n },\n});\nconst receiver = aws.getCallerIdentity({});\nconst senderInvite = new aws.ram.PrincipalAssociation(\"sender_invite\", {\n principal: receiver.then(receiver =\u003e receiver.accountId),\n resourceShareArn: senderShare.arn,\n});\nconst receiverAccept = new aws.ram.ResourceShareAccepter(\"receiver_accept\", {shareArn: senderInvite.resourceShareArn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsender_share = aws.ram.ResourceShare(\"sender_share\",\n name=\"tf-test-resource-share\",\n allow_external_principals=True,\n tags={\n \"Name\": \"tf-test-resource-share\",\n })\nreceiver = aws.get_caller_identity()\nsender_invite = aws.ram.PrincipalAssociation(\"sender_invite\",\n principal=receiver.account_id,\n resource_share_arn=sender_share.arn)\nreceiver_accept = aws.ram.ResourceShareAccepter(\"receiver_accept\", share_arn=sender_invite.resource_share_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var senderShare = new Aws.Ram.ResourceShare(\"sender_share\", new()\n {\n Name = \"tf-test-resource-share\",\n AllowExternalPrincipals = true,\n Tags = \n {\n { \"Name\", \"tf-test-resource-share\" },\n },\n });\n\n var receiver = Aws.GetCallerIdentity.Invoke();\n\n var senderInvite = new Aws.Ram.PrincipalAssociation(\"sender_invite\", new()\n {\n Principal = receiver.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n ResourceShareArn = senderShare.Arn,\n });\n\n var receiverAccept = new Aws.Ram.ResourceShareAccepter(\"receiver_accept\", new()\n {\n ShareArn = senderInvite.ResourceShareArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsenderShare, err := ram.NewResourceShare(ctx, \"sender_share\", \u0026ram.ResourceShareArgs{\n\t\t\tName: pulumi.String(\"tf-test-resource-share\"),\n\t\t\tAllowExternalPrincipals: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test-resource-share\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treceiver, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsenderInvite, err := ram.NewPrincipalAssociation(ctx, \"sender_invite\", \u0026ram.PrincipalAssociationArgs{\n\t\t\tPrincipal: pulumi.String(receiver.AccountId),\n\t\t\tResourceShareArn: senderShare.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ram.NewResourceShareAccepter(ctx, \"receiver_accept\", \u0026ram.ResourceShareAccepterArgs{\n\t\t\tShareArn: senderInvite.ResourceShareArn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.ResourceShare;\nimport com.pulumi.aws.ram.ResourceShareArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ram.PrincipalAssociation;\nimport com.pulumi.aws.ram.PrincipalAssociationArgs;\nimport com.pulumi.aws.ram.ResourceShareAccepter;\nimport com.pulumi.aws.ram.ResourceShareAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var senderShare = new ResourceShare(\"senderShare\", ResourceShareArgs.builder()\n .name(\"tf-test-resource-share\")\n .allowExternalPrincipals(true)\n .tags(Map.of(\"Name\", \"tf-test-resource-share\"))\n .build());\n\n final var receiver = AwsFunctions.getCallerIdentity();\n\n var senderInvite = new PrincipalAssociation(\"senderInvite\", PrincipalAssociationArgs.builder()\n .principal(receiver.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .resourceShareArn(senderShare.arn())\n .build());\n\n var receiverAccept = new ResourceShareAccepter(\"receiverAccept\", ResourceShareAccepterArgs.builder()\n .shareArn(senderInvite.resourceShareArn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n senderShare:\n type: aws:ram:ResourceShare\n name: sender_share\n properties:\n name: tf-test-resource-share\n allowExternalPrincipals: true\n tags:\n Name: tf-test-resource-share\n senderInvite:\n type: aws:ram:PrincipalAssociation\n name: sender_invite\n properties:\n principal: ${receiver.accountId}\n resourceShareArn: ${senderShare.arn}\n receiverAccept:\n type: aws:ram:ResourceShareAccepter\n name: receiver_accept\n properties:\n shareArn: ${senderInvite.resourceShareArn}\nvariables:\n receiver:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import resource share accepters using the resource share ARN. For example:\n\n```sh\n$ pulumi import aws:ram/resourceShareAccepter:ResourceShareAccepter example arn:aws:ram:us-east-1:123456789012:resource-share/c4b56393-e8d9-89d9-6dc9-883752de4767\n```\n", "properties": { "invitationArn": { "type": "string", "description": "The ARN of the resource share invitation.\n" }, "receiverAccountId": { "type": "string", "description": "The account ID of the receiver account which accepts the invitation.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of the resource ARNs shared via the resource share.\n" }, "senderAccountId": { "type": "string", "description": "The account ID of the sender account which submits the invitation.\n" }, "shareArn": { "type": "string", "description": "The ARN of the resource share.\n" }, "shareId": { "type": "string", "description": "The ID of the resource share as displayed in the console.\n" }, "shareName": { "type": "string", "description": "The name of the resource share.\n" }, "status": { "type": "string", "description": "The status of the resource share (ACTIVE, PENDING, FAILED, DELETING, DELETED).\n" } }, "required": [ "invitationArn", "receiverAccountId", "resources", "senderAccountId", "shareArn", "shareId", "shareName", "status" ], "inputProperties": { "shareArn": { "type": "string", "description": "The ARN of the resource share.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "shareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceShareAccepter resources.\n", "properties": { "invitationArn": { "type": "string", "description": "The ARN of the resource share invitation.\n" }, "receiverAccountId": { "type": "string", "description": "The account ID of the receiver account which accepts the invitation.\n" }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of the resource ARNs shared via the resource share.\n" }, "senderAccountId": { "type": "string", "description": "The account ID of the sender account which submits the invitation.\n" }, "shareArn": { "type": "string", "description": "The ARN of the resource share.\n", "willReplaceOnChanges": true }, "shareId": { "type": "string", "description": "The ID of the resource share as displayed in the console.\n" }, "shareName": { "type": "string", "description": "The name of the resource share.\n" }, "status": { "type": "string", "description": "The status of the resource share (ACTIVE, PENDING, FAILED, DELETING, DELETED).\n" } }, "type": "object" } }, "aws:ram/sharingWithOrganization:SharingWithOrganization": { "description": "Manages Resource Access Manager (RAM) Resource Sharing with AWS Organizations. If you enable sharing with your organization, you can share resources without using invitations. Refer to the [AWS RAM user guide](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-orgs) for more details.\n\n\u003e **NOTE:** Use this resource to manage resource sharing within your organization, **not** the `aws.organizations.Organization` resource with `ram.amazonaws.com` configured in `aws_service_access_principals`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ram.SharingWithOrganization(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.SharingWithOrganization(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ram.SharingWithOrganization(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.NewSharingWithOrganization(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.SharingWithOrganization;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SharingWithOrganization(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ram:SharingWithOrganization\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the resource using the current AWS account ID. For example:\n\n```sh\n$ pulumi import aws:ram/sharingWithOrganization:SharingWithOrganization example 123456789012\n```\n", "stateInputs": { "description": "Input properties used for looking up and filtering SharingWithOrganization resources.\n", "type": "object" } }, "aws:rbin/rule:Rule": { "description": "Resource for managing an AWS RBin Rule.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rbin.Rule(\"example\", {\n description: \"example_rule\",\n resourceType: \"EBS_SNAPSHOT\",\n resourceTags: [{\n resourceTagKey: \"tag_key\",\n resourceTagValue: \"tag_value\",\n }],\n retentionPeriod: {\n retentionPeriodValue: 10,\n retentionPeriodUnit: \"DAYS\",\n },\n tags: {\n test_tag_key: \"test_tag_value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rbin.Rule(\"example\",\n description=\"example_rule\",\n resource_type=\"EBS_SNAPSHOT\",\n resource_tags=[{\n \"resource_tag_key\": \"tag_key\",\n \"resource_tag_value\": \"tag_value\",\n }],\n retention_period={\n \"retention_period_value\": 10,\n \"retention_period_unit\": \"DAYS\",\n },\n tags={\n \"test_tag_key\": \"test_tag_value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rbin.Rule(\"example\", new()\n {\n Description = \"example_rule\",\n ResourceType = \"EBS_SNAPSHOT\",\n ResourceTags = new[]\n {\n new Aws.Rbin.Inputs.RuleResourceTagArgs\n {\n ResourceTagKey = \"tag_key\",\n ResourceTagValue = \"tag_value\",\n },\n },\n RetentionPeriod = new Aws.Rbin.Inputs.RuleRetentionPeriodArgs\n {\n RetentionPeriodValue = 10,\n RetentionPeriodUnit = \"DAYS\",\n },\n Tags = \n {\n { \"test_tag_key\", \"test_tag_value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rbin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rbin.NewRule(ctx, \"example\", \u0026rbin.RuleArgs{\n\t\t\tDescription: pulumi.String(\"example_rule\"),\n\t\t\tResourceType: pulumi.String(\"EBS_SNAPSHOT\"),\n\t\t\tResourceTags: rbin.RuleResourceTagArray{\n\t\t\t\t\u0026rbin.RuleResourceTagArgs{\n\t\t\t\t\tResourceTagKey: pulumi.String(\"tag_key\"),\n\t\t\t\t\tResourceTagValue: pulumi.String(\"tag_value\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRetentionPeriod: \u0026rbin.RuleRetentionPeriodArgs{\n\t\t\t\tRetentionPeriodValue: pulumi.Int(10),\n\t\t\t\tRetentionPeriodUnit: pulumi.String(\"DAYS\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"test_tag_key\": pulumi.String(\"test_tag_value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rbin.Rule;\nimport com.pulumi.aws.rbin.RuleArgs;\nimport com.pulumi.aws.rbin.inputs.RuleResourceTagArgs;\nimport com.pulumi.aws.rbin.inputs.RuleRetentionPeriodArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .description(\"example_rule\")\n .resourceType(\"EBS_SNAPSHOT\")\n .resourceTags(RuleResourceTagArgs.builder()\n .resourceTagKey(\"tag_key\")\n .resourceTagValue(\"tag_value\")\n .build())\n .retentionPeriod(RuleRetentionPeriodArgs.builder()\n .retentionPeriodValue(10)\n .retentionPeriodUnit(\"DAYS\")\n .build())\n .tags(Map.of(\"test_tag_key\", \"test_tag_value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rbin:Rule\n properties:\n description: example_rule\n resourceType: EBS_SNAPSHOT\n resourceTags:\n - resourceTagKey: tag_key\n resourceTagValue: tag_value\n retentionPeriod:\n retentionPeriodValue: 10\n retentionPeriodUnit: DAYS\n tags:\n test_tag_key: test_tag_value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RBin Rule using the `id`. For example:\n\n```sh\n$ pulumi import aws:rbin/rule:Rule example examplerule\n```\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The retention rule description.\n" }, "lockConfiguration": { "$ref": "#/types/aws:rbin/RuleLockConfiguration:RuleLockConfiguration", "description": "Information about the retention rule lock configuration. See `lock_configuration` below.\n" }, "lockEndTime": { "type": "string", "description": "(Timestamp) The date and time at which the unlock delay is set to expire. Only returned for retention rules that have been unlocked and that are still within the unlock delay period.\n" }, "lockState": { "type": "string", "description": "(Optional) The lock state of the retention rules to list. Only retention rules with the specified lock state are returned. Valid values are `locked`, `pending_unlock`, `unlocked`.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:rbin/RuleResourceTag:RuleResourceTag" }, "description": "Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. See `resource_tags` below.\n" }, "resourceType": { "type": "string", "description": "The resource type to be retained by the retention rule. Valid values are `EBS_SNAPSHOT` and `EC2_IMAGE`.\n" }, "retentionPeriod": { "$ref": "#/types/aws:rbin/RuleRetentionPeriod:RuleRetentionPeriod", "description": "Information about the retention period for which the retention rule is to retain resources. See `retention_period` below.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "(String) The state of the retention rule. Only retention rules that are in the `available` state retain resources. Valid values include `pending` and `available`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "lockEndTime", "lockState", "resourceTags", "resourceType", "retentionPeriod", "status", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The retention rule description.\n" }, "lockConfiguration": { "$ref": "#/types/aws:rbin/RuleLockConfiguration:RuleLockConfiguration", "description": "Information about the retention rule lock configuration. See `lock_configuration` below.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:rbin/RuleResourceTag:RuleResourceTag" }, "description": "Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. See `resource_tags` below.\n" }, "resourceType": { "type": "string", "description": "The resource type to be retained by the retention rule. Valid values are `EBS_SNAPSHOT` and `EC2_IMAGE`.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "$ref": "#/types/aws:rbin/RuleRetentionPeriod:RuleRetentionPeriod", "description": "Information about the retention period for which the retention rule is to retain resources. See `retention_period` below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "resourceType", "retentionPeriod" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string" }, "description": { "type": "string", "description": "The retention rule description.\n" }, "lockConfiguration": { "$ref": "#/types/aws:rbin/RuleLockConfiguration:RuleLockConfiguration", "description": "Information about the retention rule lock configuration. See `lock_configuration` below.\n" }, "lockEndTime": { "type": "string", "description": "(Timestamp) The date and time at which the unlock delay is set to expire. Only returned for retention rules that have been unlocked and that are still within the unlock delay period.\n" }, "lockState": { "type": "string", "description": "(Optional) The lock state of the retention rules to list. Only retention rules with the specified lock state are returned. Valid values are `locked`, `pending_unlock`, `unlocked`.\n" }, "resourceTags": { "type": "array", "items": { "$ref": "#/types/aws:rbin/RuleResourceTag:RuleResourceTag" }, "description": "Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. See `resource_tags` below.\n" }, "resourceType": { "type": "string", "description": "The resource type to be retained by the retention rule. Valid values are `EBS_SNAPSHOT` and `EC2_IMAGE`.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "$ref": "#/types/aws:rbin/RuleRetentionPeriod:RuleRetentionPeriod", "description": "Information about the retention period for which the retention rule is to retain resources. See `retention_period` below.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "(String) The state of the retention rule. Only retention rules that are in the `available` state retain resources. Valid values include `pending` and `available`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/certificate:Certificate": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Certificate(\"example\", {certificateIdentifier: \"rds-ca-rsa4096-g1\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Certificate(\"example\", certificate_identifier=\"rds-ca-rsa4096-g1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Certificate(\"example\", new()\n {\n CertificateIdentifier = \"rds-ca-rsa4096-g1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCertificate(ctx, \"example\", \u0026rds.CertificateArgs{\n\t\t\tCertificateIdentifier: pulumi.String(\"rds-ca-rsa4096-g1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Certificate;\nimport com.pulumi.aws.rds.CertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .certificateIdentifier(\"rds-ca-rsa4096-g1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Certificate\n properties:\n certificateIdentifier: rds-ca-rsa4096-g1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import the default EBS encryption state. For example:\n\n```sh\n$ pulumi import aws:rds/certificate:Certificate example default\n```\n", "properties": { "certificateIdentifier": { "type": "string", "description": "Certificate identifier. For example, `rds-ca-rsa4096-g1`. Refer to [AWS RDS (Relational Database) Certificate Identifier](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html#UsingWithRDS.SSL.CertificateIdentifier) for more information.\n" } }, "required": [ "certificateIdentifier" ], "inputProperties": { "certificateIdentifier": { "type": "string", "description": "Certificate identifier. For example, `rds-ca-rsa4096-g1`. Refer to [AWS RDS (Relational Database) Certificate Identifier](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html#UsingWithRDS.SSL.CertificateIdentifier) for more information.\n" } }, "requiredInputs": [ "certificateIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "certificateIdentifier": { "type": "string", "description": "Certificate identifier. For example, `rds-ca-rsa4096-g1`. Refer to [AWS RDS (Relational Database) Certificate Identifier](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html#UsingWithRDS.SSL.CertificateIdentifier) for more information.\n" } }, "type": "object" } }, "aws:rds/cluster:Cluster": { "description": "Manages a [RDS Aurora Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Aurora.html) or a [RDS Multi-AZ DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html). To manage cluster instances that inherit configuration from the cluster (when not running the cluster in `serverless` engine mode), see the `aws.rds.ClusterInstance` resource. To manage non-Aurora DB instances (e.g., MySQL, PostgreSQL, SQL Server, etc.), see the `aws.rds.Instance` resource.\n\nFor information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.\n\nChanges to an RDS Cluster can occur when you manually change a parameter, such as `port`, and are reflected in the next maintenance window. Because of this, this provider may report a difference in its planning phase because a modification has not yet taken place. You can use the `apply_immediately` flag to instruct the service to apply the change immediately (see documentation below).\n\n\u003e **Note:** Multi-AZ DB clusters are supported only for the MySQL and PostgreSQL DB engines.\n\n\u003e **Note:** `ca_certificate_identifier` is only supported for Multi-AZ DB clusters.\n\n\u003e **Note:** using `apply_immediately` can result in a brief downtime as the server reboots. See the AWS Docs on [RDS Maintenance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html) for more information.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\n\u003e **NOTE on RDS Clusters and RDS Cluster Role Associations:** Pulumi provides both a standalone RDS Cluster Role Association - (an association between an RDS Cluster and a single IAM Role) and an RDS Cluster resource with `iam_roles` attributes. Use one resource or the other to associate IAM Roles and RDS Clusters. Not doing so will cause a conflict of associations and will result in the association being overwritten.\n\n## Example Usage\n\n### Aurora MySQL 2.x (MySQL 5.7)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n engine: aws.rds.EngineType.AuroraMysql,\n engineVersion: \"5.7.mysql_aurora.2.03.2\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"must_be_eight_characters\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n engine=aws.rds.EngineType.AURORA_MYSQL,\n engine_version=\"5.7.mysql_aurora.2.03.2\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"must_be_eight_characters\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n Engine = Aws.Rds.EngineType.AuroraMysql,\n EngineVersion = \"5.7.mysql_aurora.2.03.2\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"must_be_eight_characters\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraMysql),\n\t\t\tEngineVersion: pulumi.String(\"5.7.mysql_aurora.2.03.2\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"must_be_eight_characters\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .engine(\"aurora-mysql\")\n .engineVersion(\"5.7.mysql_aurora.2.03.2\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"must_be_eight_characters\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n engine: aurora-mysql\n engineVersion: 5.7.mysql_aurora.2.03.2\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: must_be_eight_characters\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Aurora MySQL 1.x (MySQL 5.6)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"must_be_eight_characters\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"must_be_eight_characters\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"must_be_eight_characters\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"must_be_eight_characters\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"must_be_eight_characters\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: must_be_eight_characters\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Aurora with PostgreSQL engine\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst postgresql = new aws.rds.Cluster(\"postgresql\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n engine: aws.rds.EngineType.AuroraPostgresql,\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"must_be_eight_characters\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npostgresql = aws.rds.Cluster(\"postgresql\",\n cluster_identifier=\"aurora-cluster-demo\",\n engine=aws.rds.EngineType.AURORA_POSTGRESQL,\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"must_be_eight_characters\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var postgresql = new Aws.Rds.Cluster(\"postgresql\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n Engine = Aws.Rds.EngineType.AuroraPostgresql,\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"must_be_eight_characters\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"postgresql\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraPostgresql),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"must_be_eight_characters\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var postgresql = new Cluster(\"postgresql\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .engine(\"aurora-postgresql\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"must_be_eight_characters\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n postgresql:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n engine: aurora-postgresql\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: must_be_eight_characters\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Multi-AZ Cluster\n\n\u003e More information about RDS Multi-AZ Clusters can be found in the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html).\n\nTo create a Multi-AZ RDS cluster, you must additionally specify the `engine`, `storage_type`, `allocated_storage`, `iops` and `db_cluster_instance_class` attributes.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {\n clusterIdentifier: \"example\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n engine: \"mysql\",\n dbClusterInstanceClass: \"db.r6gd.xlarge\",\n storageType: \"io1\",\n allocatedStorage: 100,\n iops: 1000,\n masterUsername: \"test\",\n masterPassword: \"mustbeeightcharaters\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\",\n cluster_identifier=\"example\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n engine=\"mysql\",\n db_cluster_instance_class=\"db.r6gd.xlarge\",\n storage_type=\"io1\",\n allocated_storage=100,\n iops=1000,\n master_username=\"test\",\n master_password=\"mustbeeightcharaters\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n Engine = \"mysql\",\n DbClusterInstanceClass = \"db.r6gd.xlarge\",\n StorageType = \"io1\",\n AllocatedStorage = 100,\n Iops = 1000,\n MasterUsername = \"test\",\n MasterPassword = \"mustbeeightcharaters\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"example\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tDbClusterInstanceClass: pulumi.String(\"db.r6gd.xlarge\"),\n\t\t\tStorageType: pulumi.String(\"io1\"),\n\t\t\tAllocatedStorage: pulumi.Int(100),\n\t\t\tIops: pulumi.Int(1000),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightcharaters\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterIdentifier(\"example\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .engine(\"mysql\")\n .dbClusterInstanceClass(\"db.r6gd.xlarge\")\n .storageType(\"io1\")\n .allocatedStorage(100)\n .iops(1000)\n .masterUsername(\"test\")\n .masterPassword(\"mustbeeightcharaters\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: example\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n engine: mysql\n dbClusterInstanceClass: db.r6gd.xlarge\n storageType: io1\n allocatedStorage: 100\n iops: 1000\n masterUsername: test\n masterPassword: mustbeeightcharaters\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Serverless v2 Cluster\n\n\u003e More information about RDS Serverless v2 Clusters can be found in the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html).\n\n\u003e **Note:** Unlike Serverless v1, in Serverless v2 the `storage_encrypted` value is set to `false` by default.\nThis is because Serverless v1 uses the `serverless` `engine_mode`, but Serverless v2 uses the `provisioned` `engine_mode`.\n\nTo create a Serverless v2 RDS cluster, you must additionally specify the `engine_mode` and `serverlessv2_scaling_configuration` attributes. An `aws.rds.ClusterInstance` resource must also be added to the cluster with the `instance_class` attribute specified.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {\n clusterIdentifier: \"example\",\n engine: aws.rds.EngineType.AuroraPostgresql,\n engineMode: aws.rds.EngineMode.Provisioned,\n engineVersion: \"13.6\",\n databaseName: \"test\",\n masterUsername: \"test\",\n masterPassword: \"must_be_eight_characters\",\n storageEncrypted: true,\n serverlessv2ScalingConfiguration: {\n maxCapacity: 1,\n minCapacity: 0.5,\n },\n});\nconst exampleClusterInstance = new aws.rds.ClusterInstance(\"example\", {\n clusterIdentifier: example.id,\n instanceClass: \"db.serverless\",\n engine: example.engine,\n engineVersion: example.engineVersion,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\",\n cluster_identifier=\"example\",\n engine=aws.rds.EngineType.AURORA_POSTGRESQL,\n engine_mode=aws.rds.EngineMode.PROVISIONED,\n engine_version=\"13.6\",\n database_name=\"test\",\n master_username=\"test\",\n master_password=\"must_be_eight_characters\",\n storage_encrypted=True,\n serverlessv2_scaling_configuration={\n \"max_capacity\": 1,\n \"min_capacity\": 0.5,\n })\nexample_cluster_instance = aws.rds.ClusterInstance(\"example\",\n cluster_identifier=example.id,\n instance_class=\"db.serverless\",\n engine=example.engine,\n engine_version=example.engine_version)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example\",\n Engine = Aws.Rds.EngineType.AuroraPostgresql,\n EngineMode = Aws.Rds.EngineMode.Provisioned,\n EngineVersion = \"13.6\",\n DatabaseName = \"test\",\n MasterUsername = \"test\",\n MasterPassword = \"must_be_eight_characters\",\n StorageEncrypted = true,\n Serverlessv2ScalingConfiguration = new Aws.Rds.Inputs.ClusterServerlessv2ScalingConfigurationArgs\n {\n MaxCapacity = 1,\n MinCapacity = 0.5,\n },\n });\n\n var exampleClusterInstance = new Aws.Rds.ClusterInstance(\"example\", new()\n {\n ClusterIdentifier = example.Id,\n InstanceClass = \"db.serverless\",\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewCluster(ctx, \"example\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraPostgresql),\n\t\t\tEngineMode: pulumi.String(rds.EngineModeProvisioned),\n\t\t\tEngineVersion: pulumi.String(\"13.6\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tMasterPassword: pulumi.String(\"must_be_eight_characters\"),\n\t\t\tStorageEncrypted: pulumi.Bool(true),\n\t\t\tServerlessv2ScalingConfiguration: \u0026rds.ClusterServerlessv2ScalingConfigurationArgs{\n\t\t\t\tMaxCapacity: pulumi.Float64(1),\n\t\t\t\tMinCapacity: pulumi.Float64(0.5),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"example\", \u0026rds.ClusterInstanceArgs{\n\t\t\tClusterIdentifier: example.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.serverless\"),\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.inputs.ClusterServerlessv2ScalingConfigurationArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterIdentifier(\"example\")\n .engine(\"aurora-postgresql\")\n .engineMode(\"provisioned\")\n .engineVersion(\"13.6\")\n .databaseName(\"test\")\n .masterUsername(\"test\")\n .masterPassword(\"must_be_eight_characters\")\n .storageEncrypted(true)\n .serverlessv2ScalingConfiguration(ClusterServerlessv2ScalingConfigurationArgs.builder()\n .maxCapacity(1)\n .minCapacity(0.5)\n .build())\n .build());\n\n var exampleClusterInstance = new ClusterInstance(\"exampleClusterInstance\", ClusterInstanceArgs.builder()\n .clusterIdentifier(example.id())\n .instanceClass(\"db.serverless\")\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: example\n engine: aurora-postgresql\n engineMode: provisioned\n engineVersion: '13.6'\n databaseName: test\n masterUsername: test\n masterPassword: must_be_eight_characters\n storageEncrypted: true\n serverlessv2ScalingConfiguration:\n maxCapacity: 1\n minCapacity: 0.5\n exampleClusterInstance:\n type: aws:rds:ClusterInstance\n name: example\n properties:\n clusterIdentifier: ${example.id}\n instanceClass: db.serverless\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS/Aurora Managed Master Passwords via Secrets Manager, default KMS Key\n\n\u003e More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).\n\nYou can specify the `manage_master_user_password` attribute to enable managing the master password with Secrets Manager. You can also update an existing cluster to use Secrets Manager by specify the `manage_master_user_password` attribute and removing the `master_password` attribute (removal is required).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.rds.Cluster(\"test\", {\n clusterIdentifier: \"example\",\n databaseName: \"test\",\n manageMasterUserPassword: true,\n masterUsername: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.Cluster(\"test\",\n cluster_identifier=\"example\",\n database_name=\"test\",\n manage_master_user_password=True,\n master_username=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Rds.Cluster(\"test\", new()\n {\n ClusterIdentifier = \"example\",\n DatabaseName = \"test\",\n ManageMasterUserPassword = true,\n MasterUsername = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"test\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tManageMasterUserPassword: pulumi.Bool(true),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Cluster(\"test\", ClusterArgs.builder()\n .clusterIdentifier(\"example\")\n .databaseName(\"test\")\n .manageMasterUserPassword(true)\n .masterUsername(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: example\n databaseName: test\n manageMasterUserPassword: true\n masterUsername: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS/Aurora Managed Master Passwords via Secrets Manager, specific KMS Key\n\n\u003e More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).\n\nYou can specify the `master_user_secret_kms_key_id` attribute to specify a specific KMS Key.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"Example KMS Key\"});\nconst test = new aws.rds.Cluster(\"test\", {\n clusterIdentifier: \"example\",\n databaseName: \"test\",\n manageMasterUserPassword: true,\n masterUsername: \"test\",\n masterUserSecretKmsKeyId: example.keyId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"Example KMS Key\")\ntest = aws.rds.Cluster(\"test\",\n cluster_identifier=\"example\",\n database_name=\"test\",\n manage_master_user_password=True,\n master_username=\"test\",\n master_user_secret_kms_key_id=example.key_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n });\n\n var test = new Aws.Rds.Cluster(\"test\", new()\n {\n ClusterIdentifier = \"example\",\n DatabaseName = \"test\",\n ManageMasterUserPassword = true,\n MasterUsername = \"test\",\n MasterUserSecretKmsKeyId = example.KeyId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewCluster(ctx, \"test\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tManageMasterUserPassword: pulumi.Bool(true),\n\t\t\tMasterUsername: pulumi.String(\"test\"),\n\t\t\tMasterUserSecretKmsKeyId: example.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Example KMS Key\")\n .build());\n\n var test = new Cluster(\"test\", ClusterArgs.builder()\n .clusterIdentifier(\"example\")\n .databaseName(\"test\")\n .manageMasterUserPassword(true)\n .masterUsername(\"test\")\n .masterUserSecretKmsKeyId(example.keyId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n test:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: example\n databaseName: test\n manageMasterUserPassword: true\n masterUsername: test\n masterUserSecretKmsKeyId: ${example.keyId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Cluster Restored From Snapshot\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.rds.getClusterSnapshot({\n dbClusterIdentifier: \"example-original-cluster\",\n mostRecent: true,\n});\nconst exampleCluster = new aws.rds.Cluster(\"example\", {\n engine: aws.rds.EngineType.Aurora,\n engineVersion: \"5.6.mysql_aurora.1.22.4\",\n clusterIdentifier: \"example\",\n snapshotIdentifier: example.then(example =\u003e example.id),\n});\nconst exampleGlobalCluster = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: exampleCluster.arn,\n forceDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_cluster_snapshot(db_cluster_identifier=\"example-original-cluster\",\n most_recent=True)\nexample_cluster = aws.rds.Cluster(\"example\",\n engine=aws.rds.EngineType.AURORA,\n engine_version=\"5.6.mysql_aurora.1.22.4\",\n cluster_identifier=\"example\",\n snapshot_identifier=example.id)\nexample_global_cluster = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example_cluster.arn,\n force_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetClusterSnapshot.Invoke(new()\n {\n DbClusterIdentifier = \"example-original-cluster\",\n MostRecent = true,\n });\n\n var exampleCluster = new Aws.Rds.Cluster(\"example\", new()\n {\n Engine = Aws.Rds.EngineType.Aurora,\n EngineVersion = \"5.6.mysql_aurora.1.22.4\",\n ClusterIdentifier = \"example\",\n SnapshotIdentifier = example.Apply(getClusterSnapshotResult =\u003e getClusterSnapshotResult.Id),\n });\n\n var exampleGlobalCluster = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = exampleCluster.Arn,\n ForceDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.LookupClusterSnapshot(ctx, \u0026rds.LookupClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.StringRef(\"example-original-cluster\"),\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCluster, err := rds.NewCluster(ctx, \"example\", \u0026rds.ClusterArgs{\n\t\t\tEngine: pulumi.String(rds.EngineTypeAurora),\n\t\t\tEngineVersion: pulumi.String(\"5.6.mysql_aurora.1.22.4\"),\n\t\t\tClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSnapshotIdentifier: pulumi.String(example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: exampleCluster.Arn,\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetClusterSnapshotArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getClusterSnapshot(GetClusterSnapshotArgs.builder()\n .dbClusterIdentifier(\"example-original-cluster\")\n .mostRecent(true)\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder()\n .engine(\"aurora\")\n .engineVersion(\"5.6.mysql_aurora.1.22.4\")\n .clusterIdentifier(\"example\")\n .snapshotIdentifier(example.applyValue(getClusterSnapshotResult -\u003e getClusterSnapshotResult.id()))\n .build());\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(exampleCluster.arn())\n .forceDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCluster:\n type: aws:rds:Cluster\n name: example\n properties:\n engine: aurora\n engineVersion: 5.6.mysql_aurora.1.22.4\n clusterIdentifier: example\n snapshotIdentifier: ${example.id}\n exampleGlobalCluster:\n type: aws:rds:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${exampleCluster.arn}\n forceDestroy: true\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getClusterSnapshot\n Arguments:\n dbClusterIdentifier: example-original-cluster\n mostRecent: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Clusters using the `cluster_identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/cluster:Cluster aurora_cluster aurora-prod-cluster\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created.\nRDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next pulumi up.\nWe recommend specifying 3 AZs or using the `lifecycle` configuration block `ignore_changes` argument if necessary.\nA maximum of 3 AZs can be configured.\n" }, "backtrackWindow": { "type": "integer", "description": "Target backtrack window, in seconds. Only available for `aurora` and `aurora-mysql` engines currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "Days to retain backups for. Default `1`\n" }, "caCertificateIdentifier": { "type": "string", "description": "The CA certificate identifier to use for the DB cluster's server certificate.\n" }, "caCertificateValidTill": { "type": "string", "description": "Expiration date of the DB instance’s server certificate\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n" }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "RDS Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n" }, "dbClusterInstanceClass": { "type": "string", "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6g.xlarge`. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide.\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbInstanceParameterGroupName": { "type": "string", "description": "Instance parameter group to associate with all instances of the DB cluster. The `db_instance_parameter_group_name` parameter is only valid in combination with the `allow_major_version_upgrade` parameter.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB cluster.\n**NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n" }, "dbSystemId": { "type": "string", "description": "For use with RDS Custom.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB cluster should have deletion protection enabled.\nThe database can't be deleted when this value is set to `true`.\nThe default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the cluster in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enableGlobalWriteForwarding": { "type": "boolean", "description": "Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws.rds.GlobalCluster`'s primary cluster. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html) for more information.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid for some combinations of `engine_mode`, `engine` and `engine_version` and only available in some regions. See the [Region and version availability](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html#data-api.regions) section of the documentation. This option also does not work with any of these options specified: `snapshot_identifier`, `replication_source_identifier`, `s3_import`.\n" }, "enableLocalWriteForwarding": { "type": "boolean", "description": "Whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html) for more information. **NOTE:** Local write forwarding requires Aurora MySQL version 3.04 or higher.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "endpoint": { "type": "string", "description": "DNS address of the RDS instance\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. Valid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`. (Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n" }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting is valid for cluster types Aurora DB clusters and Multi-AZ DB clusters. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineMode": { "type": "string", "description": "Database engine mode. Valid values: `global` (only valid for Aurora MySQL 1.21 and earlier), `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) for limitations when using `serverless`.\n" }, "engineVersion": { "type": "string", "description": "Database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value, or by running `aws rds describe-db-engine-versions`. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. The value can contain a partial version where supported by the API. The actual engine version used is returned in the attribute `engine_version_actual`, , see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "Running version of the database.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "iops": { "type": "integer", "description": "Amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid Iops values, see [Amazon RDS Provisioned IOPS storage to improve performance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. (This setting is required to create a Multi-AZ DB cluster). Must be a multiple between .5 and 50 of the storage amount for the DB cluster.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n" }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `master_password` is provided.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "masterUserSecretKmsKeyId": { "type": "string", "description": "Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "masterUserSecrets": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterMasterUserSecret:ClusterMasterUserSecret" }, "description": "Block that specifies the master user secret. Only available when `manage_master_user_password` is set to true. Documented below.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n" }, "networkType": { "type": "string", "description": "Network type of the cluster. Valid values: `IPV4`, `DUAL`.\n" }, "port": { "type": "integer", "description": "Port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "Read-only endpoint for the Aurora cluster, automatically\nload-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. If DB Cluster is part of a Global Cluster, use the `lifecycle` configuration block `ignore_changes` argument to prevent this provider from showing differences for this argument instead of configuring this value.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "Nested attribute for [point in time restore](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-pitr.html). More details below.\n" }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "serverlessv2ScalingConfiguration": { "$ref": "#/types/aws:rds/ClusterServerlessv2ScalingConfiguration:ClusterServerlessv2ScalingConfiguration", "description": "Nested attribute with scaling properties for ServerlessV2. Only valid when `engine_mode` is set to `provisioned`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Conflicts with `global_cluster_identifier`. Clusters cannot be restored from snapshot **and** joined to an existing global cluster in a single operation. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-getting-started.html#aurora-global-database.use-snapshot) or the Global Cluster Restored From Snapshot example for instructions on building a global cluster starting with a snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`. When restoring an unencrypted `snapshot_identifier`, the `kms_key_id` argument must be provided to encrypt the restored cluster. The provider will only perform drift detection if a configuration value is provided.\n" }, "storageType": { "type": "string", "description": "(Forces new for Multi-AZ DB clusters) Specifies the storage type to be associated with the DB cluster. For Aurora DB clusters, `storage_type` modifications can be done in-place. For Multi-AZ DB Clusters, the `iops` argument must also be set. Valid values are: `\"\"`, `aurora-iopt1` (Aurora DB Clusters); `io1`, `io2` (Multi-AZ DB Clusters). Default: `\"\"` (Aurora DB Clusters); `io1` (Multi-AZ DB Clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "required": [ "allocatedStorage", "applyImmediately", "arn", "availabilityZones", "backupRetentionPeriod", "caCertificateIdentifier", "caCertificateValidTill", "clusterIdentifier", "clusterIdentifierPrefix", "clusterMembers", "clusterResourceId", "databaseName", "dbClusterParameterGroupName", "dbSubnetGroupName", "dbSystemId", "endpoint", "engine", "engineLifecycleSupport", "engineVersion", "engineVersionActual", "hostedZoneId", "iamRoles", "kmsKeyId", "masterUserSecrets", "masterUserSecretKmsKeyId", "masterUsername", "networkType", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "storageEncrypted", "storageType", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created.\nRDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next pulumi up.\nWe recommend specifying 3 AZs or using the `lifecycle` configuration block `ignore_changes` argument if necessary.\nA maximum of 3 AZs can be configured.\n", "willReplaceOnChanges": true }, "backtrackWindow": { "type": "integer", "description": "Target backtrack window, in seconds. Only available for `aurora` and `aurora-mysql` engines currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "Days to retain backups for. Default `1`\n" }, "caCertificateIdentifier": { "type": "string", "description": "The CA certificate identifier to use for the DB cluster's server certificate.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n", "willReplaceOnChanges": true }, "dbClusterInstanceClass": { "type": "string", "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6g.xlarge`. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide.\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbInstanceParameterGroupName": { "type": "string", "description": "Instance parameter group to associate with all instances of the DB cluster. The `db_instance_parameter_group_name` parameter is only valid in combination with the `allow_major_version_upgrade` parameter.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB cluster.\n**NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n", "willReplaceOnChanges": true }, "dbSystemId": { "type": "string", "description": "For use with RDS Custom.\n", "willReplaceOnChanges": true }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB cluster should have deletion protection enabled.\nThe database can't be deleted when this value is set to `true`.\nThe default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the cluster in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enableGlobalWriteForwarding": { "type": "boolean", "description": "Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws.rds.GlobalCluster`'s primary cluster. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html) for more information.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid for some combinations of `engine_mode`, `engine` and `engine_version` and only available in some regions. See the [Region and version availability](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html#data-api.regions) section of the documentation. This option also does not work with any of these options specified: `snapshot_identifier`, `replication_source_identifier`, `s3_import`.\n" }, "enableLocalWriteForwarding": { "type": "boolean", "description": "Whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html) for more information. **NOTE:** Local write forwarding requires Aurora MySQL version 3.04 or higher.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "engine": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/EngineType:EngineType" } ], "description": "Name of the database engine to be used for this DB cluster. Valid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`. (Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting is valid for cluster types Aurora DB clusters and Multi-AZ DB clusters. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineMode": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/EngineMode:EngineMode" } ], "description": "Database engine mode. Valid values: `global` (only valid for Aurora MySQL 1.21 and earlier), `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) for limitations when using `serverless`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value, or by running `aws rds describe-db-engine-versions`. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. The value can contain a partial version where supported by the API. The actual engine version used is returned in the attribute `engine_version_actual`, , see Attribute Reference below.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "iops": { "type": "integer", "description": "Amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid Iops values, see [Amazon RDS Provisioned IOPS storage to improve performance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. (This setting is required to create a Multi-AZ DB cluster). Must be a multiple between .5 and 50 of the storage amount for the DB cluster.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `master_password` is provided.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "masterUserSecretKmsKeyId": { "type": "string", "description": "Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n", "willReplaceOnChanges": true }, "networkType": { "type": "string", "description": "Network type of the cluster. Valid values: `IPV4`, `DUAL`.\n" }, "port": { "type": "integer", "description": "Port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. If DB Cluster is part of a Global Cluster, use the `lifecycle` configuration block `ignore_changes` argument to prevent this provider from showing differences for this argument instead of configuring this value.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "Nested attribute for [point in time restore](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-pitr.html). More details below.\n", "willReplaceOnChanges": true }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "serverlessv2ScalingConfiguration": { "$ref": "#/types/aws:rds/ClusterServerlessv2ScalingConfiguration:ClusterServerlessv2ScalingConfiguration", "description": "Nested attribute with scaling properties for ServerlessV2. Only valid when `engine_mode` is set to `provisioned`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Conflicts with `global_cluster_identifier`. Clusters cannot be restored from snapshot **and** joined to an existing global cluster in a single operation. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-getting-started.html#aurora-global-database.use-snapshot) or the Global Cluster Restored From Snapshot example for instructions on building a global cluster starting with a snapshot.\n", "willReplaceOnChanges": true }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`. When restoring an unencrypted `snapshot_identifier`, the `kms_key_id` argument must be provided to encrypt the restored cluster. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "(Forces new for Multi-AZ DB clusters) Specifies the storage type to be associated with the DB cluster. For Aurora DB clusters, `storage_type` modifications can be done in-place. For Multi-AZ DB Clusters, the `iops` argument must also be set. Valid values are: `\"\"`, `aurora-iopt1` (Aurora DB Clusters); `io1`, `io2` (Multi-AZ DB Clusters). Default: `\"\"` (Aurora DB Clusters); `io1` (Multi-AZ DB Clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "requiredInputs": [ "engine" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created.\nRDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next pulumi up.\nWe recommend specifying 3 AZs or using the `lifecycle` configuration block `ignore_changes` argument if necessary.\nA maximum of 3 AZs can be configured.\n", "willReplaceOnChanges": true }, "backtrackWindow": { "type": "integer", "description": "Target backtrack window, in seconds. Only available for `aurora` and `aurora-mysql` engines currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)\n" }, "backupRetentionPeriod": { "type": "integer", "description": "Days to retain backups for. Default `1`\n" }, "caCertificateIdentifier": { "type": "string", "description": "The CA certificate identifier to use for the DB cluster's server certificate.\n" }, "caCertificateValidTill": { "type": "string", "description": "Expiration date of the DB instance’s server certificate\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "clusterIdentifierPrefix": { "type": "string", "description": "Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`.\n", "willReplaceOnChanges": true }, "clusterMembers": { "type": "array", "items": { "type": "string" }, "description": "List of RDS Instances that are a part of this cluster\n" }, "clusterResourceId": { "type": "string", "description": "RDS Cluster Resource ID\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Cluster `tags` to snapshots. Default is `false`.\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)\n", "willReplaceOnChanges": true }, "dbClusterInstanceClass": { "type": "string", "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6g.xlarge`. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide.\n" }, "dbClusterParameterGroupName": { "type": "string", "description": "A cluster parameter group to associate with the cluster.\n" }, "dbInstanceParameterGroupName": { "type": "string", "description": "Instance parameter group to associate with all instances of the DB cluster. The `db_instance_parameter_group_name` parameter is only valid in combination with the `allow_major_version_upgrade` parameter.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB cluster.\n**NOTE:** This must match the `db_subnet_group_name` specified on every `aws.rds.ClusterInstance` in the cluster.\n", "willReplaceOnChanges": true }, "dbSystemId": { "type": "string", "description": "For use with RDS Custom.\n", "willReplaceOnChanges": true }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB cluster should have deletion protection enabled.\nThe database can't be deleted when this value is set to `true`.\nThe default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the cluster in.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service.\n" }, "enableGlobalWriteForwarding": { "type": "boolean", "description": "Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws.rds.GlobalCluster`'s primary cluster. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html) for more information.\n" }, "enableHttpEndpoint": { "type": "boolean", "description": "Enable HTTP endpoint (data API). Only valid for some combinations of `engine_mode`, `engine` and `engine_version` and only available in some regions. See the [Region and version availability](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html#data-api.regions) section of the documentation. This option also does not work with any of these options specified: `snapshot_identifier`, `replication_source_identifier`, `s3_import`.\n" }, "enableLocalWriteForwarding": { "type": "boolean", "description": "Whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html) for more information. **NOTE:** Local write forwarding requires Aurora MySQL version 3.04 or higher.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL).\n" }, "endpoint": { "type": "string", "description": "DNS address of the RDS instance\n" }, "engine": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/EngineType:EngineType" } ], "description": "Name of the database engine to be used for this DB cluster. Valid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`. (Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting is valid for cluster types Aurora DB clusters and Multi-AZ DB clusters. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineMode": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/EngineMode:EngineMode" } ], "description": "Database engine mode. Valid values: `global` (only valid for Aurora MySQL 1.21 and earlier), `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) for limitations when using `serverless`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value, or by running `aws rds describe-db-engine-versions`. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. The value can contain a partial version where supported by the API. The actual engine version used is returned in the attribute `engine_version_actual`, , see Attribute Reference below.\n" }, "engineVersionActual": { "type": "string", "description": "Running version of the database.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "Name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier specified on `aws.rds.GlobalCluster`.\n" }, "hostedZoneId": { "type": "string", "description": "Route53 Hosted Zone ID of the endpoint\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "List of ARNs for the IAM roles to associate to the RDS Cluster.\n" }, "iops": { "type": "integer", "description": "Amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid Iops values, see [Amazon RDS Provisioned IOPS storage to improve performance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. (This setting is required to create a Multi-AZ DB cluster). Must be a multiple between .5 and 50 of the storage amount for the DB cluster.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true.\n", "willReplaceOnChanges": true }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `master_password` is provided.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "masterUserSecretKmsKeyId": { "type": "string", "description": "Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "masterUserSecrets": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterMasterUserSecret:ClusterMasterUserSecret" }, "description": "Block that specifies the master user secret. Only available when `manage_master_user_password` is set to true. Documented below.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.\n", "willReplaceOnChanges": true }, "networkType": { "type": "string", "description": "Network type of the cluster. Valid values: `IPV4`, `DUAL`.\n" }, "port": { "type": "integer", "description": "Port on which the DB accepts connections\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30\n" }, "readerEndpoint": { "type": "string", "description": "Read-only endpoint for the Aurora cluster, automatically\nload-balanced across replicas\n" }, "replicationSourceIdentifier": { "type": "string", "description": "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. If DB Cluster is part of a Global Cluster, use the `lifecycle` configuration block `ignore_changes` argument to prevent this provider from showing differences for this argument instead of configuring this value.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/ClusterRestoreToPointInTime:ClusterRestoreToPointInTime", "description": "Nested attribute for [point in time restore](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-pitr.html). More details below.\n", "willReplaceOnChanges": true }, "s3Import": { "$ref": "#/types/aws:rds/ClusterS3Import:ClusterS3Import" }, "scalingConfiguration": { "$ref": "#/types/aws:rds/ClusterScalingConfiguration:ClusterScalingConfiguration", "description": "Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below.\n" }, "serverlessv2ScalingConfiguration": { "$ref": "#/types/aws:rds/ClusterServerlessv2ScalingConfiguration:ClusterServerlessv2ScalingConfiguration", "description": "Nested attribute with scaling properties for ServerlessV2. Only valid when `engine_mode` is set to `provisioned`. More details below.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Conflicts with `global_cluster_identifier`. Clusters cannot be restored from snapshot **and** joined to an existing global cluster in a single operation. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-getting-started.html#aurora-global-database.use-snapshot) or the Global Cluster Restored From Snapshot example for instructions on building a global cluster starting with a snapshot.\n", "willReplaceOnChanges": true }, "sourceRegion": { "type": "string", "description": "The source region for an encrypted replica DB cluster.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`. When restoring an unencrypted `snapshot_identifier`, the `kms_key_id` argument must be provided to encrypt the restored cluster. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true }, "storageType": { "type": "string", "description": "(Forces new for Multi-AZ DB clusters) Specifies the storage type to be associated with the DB cluster. For Aurora DB clusters, `storage_type` modifications can be done in-place. For Multi-AZ DB Clusters, the `iops` argument must also be set. Valid values are: `\"\"`, `aurora-iopt1` (Aurora DB Clusters); `io1`, `io2` (Multi-AZ DB Clusters). Default: `\"\"` (Aurora DB Clusters); `io1` (Multi-AZ DB Clusters).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to associate with the Cluster\n" } }, "type": "object" } }, "aws:rds/clusterActivityStream:ClusterActivityStream": { "description": "Manages RDS Aurora Cluster Database Activity Streams.\n\nDatabase Activity Streams have some limits and requirements, refer to the [Monitoring Amazon Aurora using Database Activity Streams](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.html) documentation for detailed limitations and requirements.\n\n\u003e **Note:** This resource always calls the RDS [`StartActivityStream`][2] API with the `ApplyImmediately` parameter set to `true`. This is because the provider needs the activity stream to be started in order for it to get the associated attributes.\n\n\u003e **Note:** This resource depends on having at least one `aws.rds.ClusterInstance` created. To avoid race conditions when all resources are being created together, add an explicit resource reference using the resource `depends_on` meta-argument.\n\n\u003e **Note:** This resource is available in all regions except the following: `cn-north-1`, `cn-northwest-1`, `us-gov-east-1`, `us-gov-west-1`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"mustbeeightcharaters\",\n engine: aws.rds.EngineType.AuroraPostgresql,\n engineVersion: \"13.4\",\n});\nconst defaultClusterInstance = new aws.rds.ClusterInstance(\"default\", {\n identifier: \"aurora-instance-demo\",\n clusterIdentifier: _default.clusterIdentifier,\n engine: _default.engine,\n instanceClass: aws.rds.InstanceType.R6G_Large,\n});\nconst defaultKey = new aws.kms.Key(\"default\", {description: \"AWS KMS Key to encrypt Database Activity Stream\"});\nconst defaultClusterActivityStream = new aws.rds.ClusterActivityStream(\"default\", {\n resourceArn: _default.arn,\n mode: \"async\",\n kmsKeyId: defaultKey.keyId,\n}, {\n dependsOn: [defaultClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"mustbeeightcharaters\",\n engine=aws.rds.EngineType.AURORA_POSTGRESQL,\n engine_version=\"13.4\")\ndefault_cluster_instance = aws.rds.ClusterInstance(\"default\",\n identifier=\"aurora-instance-demo\",\n cluster_identifier=default.cluster_identifier,\n engine=default.engine,\n instance_class=aws.rds.InstanceType.R6_G_LARGE)\ndefault_key = aws.kms.Key(\"default\", description=\"AWS KMS Key to encrypt Database Activity Stream\")\ndefault_cluster_activity_stream = aws.rds.ClusterActivityStream(\"default\",\n resource_arn=default.arn,\n mode=\"async\",\n kms_key_id=default_key.key_id,\n opts = pulumi.ResourceOptions(depends_on=[default_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"mustbeeightcharaters\",\n Engine = Aws.Rds.EngineType.AuroraPostgresql,\n EngineVersion = \"13.4\",\n });\n\n var defaultClusterInstance = new Aws.Rds.ClusterInstance(\"default\", new()\n {\n Identifier = \"aurora-instance-demo\",\n ClusterIdentifier = @default.ClusterIdentifier,\n Engine = @default.Engine,\n InstanceClass = Aws.Rds.InstanceType.R6G_Large,\n });\n\n var defaultKey = new Aws.Kms.Key(\"default\", new()\n {\n Description = \"AWS KMS Key to encrypt Database Activity Stream\",\n });\n\n var defaultClusterActivityStream = new Aws.Rds.ClusterActivityStream(\"default\", new()\n {\n ResourceArn = @default.Arn,\n Mode = \"async\",\n KmsKeyId = defaultKey.KeyId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n defaultClusterInstance,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightcharaters\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraPostgresql),\n\t\t\tEngineVersion: pulumi.String(\"13.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultClusterInstance, err := rds.NewClusterInstance(ctx, \"default\", \u0026rds.ClusterInstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"aurora-instance-demo\"),\n\t\t\tClusterIdentifier: _default.ClusterIdentifier,\n\t\t\tEngine: _default.Engine,\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R6G_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultKey, err := kms.NewKey(ctx, \"default\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"AWS KMS Key to encrypt Database Activity Stream\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterActivityStream(ctx, \"default\", \u0026rds.ClusterActivityStreamArgs{\n\t\t\tResourceArn: _default.Arn,\n\t\t\tMode: pulumi.String(\"async\"),\n\t\t\tKmsKeyId: defaultKey.KeyId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdefaultClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.ClusterActivityStream;\nimport com.pulumi.aws.rds.ClusterActivityStreamArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"mustbeeightcharaters\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"13.4\")\n .build());\n\n var defaultClusterInstance = new ClusterInstance(\"defaultClusterInstance\", ClusterInstanceArgs.builder()\n .identifier(\"aurora-instance-demo\")\n .clusterIdentifier(default_.clusterIdentifier())\n .engine(default_.engine())\n .instanceClass(\"db.r6g.large\")\n .build());\n\n var defaultKey = new Key(\"defaultKey\", KeyArgs.builder()\n .description(\"AWS KMS Key to encrypt Database Activity Stream\")\n .build());\n\n var defaultClusterActivityStream = new ClusterActivityStream(\"defaultClusterActivityStream\", ClusterActivityStreamArgs.builder()\n .resourceArn(default_.arn())\n .mode(\"async\")\n .kmsKeyId(defaultKey.keyId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(defaultClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: mustbeeightcharaters\n engine: aurora-postgresql\n engineVersion: '13.4'\n defaultClusterInstance:\n type: aws:rds:ClusterInstance\n name: default\n properties:\n identifier: aurora-instance-demo\n clusterIdentifier: ${default.clusterIdentifier}\n engine: ${default.engine}\n instanceClass: db.r6g.large\n defaultKey:\n type: aws:kms:Key\n name: default\n properties:\n description: AWS KMS Key to encrypt Database Activity Stream\n defaultClusterActivityStream:\n type: aws:rds:ClusterActivityStream\n name: default\n properties:\n resourceArn: ${default.arn}\n mode: async\n kmsKeyId: ${defaultKey.keyId}\n options:\n dependson:\n - ${defaultClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Aurora Cluster Database Activity Streams using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterActivityStream:ClusterActivityStream default arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster-demo\n```\n", "properties": { "engineNativeAuditFieldsIncluded": { "type": "boolean", "description": "Specifies whether the database activity stream includes engine-native audit fields. This option only applies to an Oracle DB instance. By default, no engine-native audit fields are included. Defaults `false`.\n" }, "kinesisStreamName": { "type": "string", "description": "The name of the Amazon Kinesis data stream to be used for the database activity stream.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encrypting messages in the database activity stream. The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n" }, "mode": { "type": "string", "description": "Specifies the mode of the database activity stream. Database events such as a change or access generate an activity stream event. The database session can handle these events either synchronously or asynchronously. One of: `sync`, `async`.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DB cluster.\n" } }, "required": [ "kinesisStreamName", "kmsKeyId", "mode", "resourceArn" ], "inputProperties": { "engineNativeAuditFieldsIncluded": { "type": "boolean", "description": "Specifies whether the database activity stream includes engine-native audit fields. This option only applies to an Oracle DB instance. By default, no engine-native audit fields are included. Defaults `false`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encrypting messages in the database activity stream. The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n", "willReplaceOnChanges": true }, "mode": { "type": "string", "description": "Specifies the mode of the database activity stream. Database events such as a change or access generate an activity stream event. The database session can handle these events either synchronously or asynchronously. One of: `sync`, `async`.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DB cluster.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "kmsKeyId", "mode", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterActivityStream resources.\n", "properties": { "engineNativeAuditFieldsIncluded": { "type": "boolean", "description": "Specifies whether the database activity stream includes engine-native audit fields. This option only applies to an Oracle DB instance. By default, no engine-native audit fields are included. Defaults `false`.\n", "willReplaceOnChanges": true }, "kinesisStreamName": { "type": "string", "description": "The name of the Amazon Kinesis data stream to be used for the database activity stream.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encrypting messages in the database activity stream. The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n", "willReplaceOnChanges": true }, "mode": { "type": "string", "description": "Specifies the mode of the database activity stream. Database events such as a change or access generate an activity stream event. The database session can handle these events either synchronously or asynchronously. One of: `sync`, `async`.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the DB cluster.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/clusterEndpoint:ClusterEndpoint": { "description": "Manages an RDS Aurora Cluster Custom Endpoint.\nYou can refer to the [User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html#Aurora.Endpoints.Cluster).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"bar\",\n backupRetentionPeriod: 5,\n preferredBackupWindow: \"07:00-09:00\",\n});\nconst test1 = new aws.rds.ClusterInstance(\"test1\", {\n applyImmediately: true,\n clusterIdentifier: _default.id,\n identifier: \"test1\",\n instanceClass: aws.rds.InstanceType.T2_Small,\n engine: _default.engine,\n engineVersion: _default.engineVersion,\n});\nconst test2 = new aws.rds.ClusterInstance(\"test2\", {\n applyImmediately: true,\n clusterIdentifier: _default.id,\n identifier: \"test2\",\n instanceClass: aws.rds.InstanceType.T2_Small,\n engine: _default.engine,\n engineVersion: _default.engineVersion,\n});\nconst test3 = new aws.rds.ClusterInstance(\"test3\", {\n applyImmediately: true,\n clusterIdentifier: _default.id,\n identifier: \"test3\",\n instanceClass: aws.rds.InstanceType.T2_Small,\n engine: _default.engine,\n engineVersion: _default.engineVersion,\n});\nconst eligible = new aws.rds.ClusterEndpoint(\"eligible\", {\n clusterIdentifier: _default.id,\n clusterEndpointIdentifier: \"reader\",\n customEndpointType: \"READER\",\n excludedMembers: [\n test1.id,\n test2.id,\n ],\n});\nconst static = new aws.rds.ClusterEndpoint(\"static\", {\n clusterIdentifier: _default.id,\n clusterEndpointIdentifier: \"static\",\n customEndpointType: \"READER\",\n staticMembers: [\n test1.id,\n test3.id,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"bar\",\n backup_retention_period=5,\n preferred_backup_window=\"07:00-09:00\")\ntest1 = aws.rds.ClusterInstance(\"test1\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test1\",\n instance_class=aws.rds.InstanceType.T2_SMALL,\n engine=default.engine,\n engine_version=default.engine_version)\ntest2 = aws.rds.ClusterInstance(\"test2\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test2\",\n instance_class=aws.rds.InstanceType.T2_SMALL,\n engine=default.engine,\n engine_version=default.engine_version)\ntest3 = aws.rds.ClusterInstance(\"test3\",\n apply_immediately=True,\n cluster_identifier=default.id,\n identifier=\"test3\",\n instance_class=aws.rds.InstanceType.T2_SMALL,\n engine=default.engine,\n engine_version=default.engine_version)\neligible = aws.rds.ClusterEndpoint(\"eligible\",\n cluster_identifier=default.id,\n cluster_endpoint_identifier=\"reader\",\n custom_endpoint_type=\"READER\",\n excluded_members=[\n test1.id,\n test2.id,\n ])\nstatic = aws.rds.ClusterEndpoint(\"static\",\n cluster_identifier=default.id,\n cluster_endpoint_identifier=\"static\",\n custom_endpoint_type=\"READER\",\n static_members=[\n test1.id,\n test3.id,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"bar\",\n BackupRetentionPeriod = 5,\n PreferredBackupWindow = \"07:00-09:00\",\n });\n\n var test1 = new Aws.Rds.ClusterInstance(\"test1\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test1\",\n InstanceClass = Aws.Rds.InstanceType.T2_Small,\n Engine = @default.Engine,\n EngineVersion = @default.EngineVersion,\n });\n\n var test2 = new Aws.Rds.ClusterInstance(\"test2\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test2\",\n InstanceClass = Aws.Rds.InstanceType.T2_Small,\n Engine = @default.Engine,\n EngineVersion = @default.EngineVersion,\n });\n\n var test3 = new Aws.Rds.ClusterInstance(\"test3\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = @default.Id,\n Identifier = \"test3\",\n InstanceClass = Aws.Rds.InstanceType.T2_Small,\n Engine = @default.Engine,\n EngineVersion = @default.EngineVersion,\n });\n\n var eligible = new Aws.Rds.ClusterEndpoint(\"eligible\", new()\n {\n ClusterIdentifier = @default.Id,\n ClusterEndpointIdentifier = \"reader\",\n CustomEndpointType = \"READER\",\n ExcludedMembers = new[]\n {\n test1.Id,\n test2.Id,\n },\n });\n\n var @static = new Aws.Rds.ClusterEndpoint(\"static\", new()\n {\n ClusterIdentifier = @default.Id,\n ClusterEndpointIdentifier = \"static\",\n CustomEndpointType = \"READER\",\n StaticMembers = new[]\n {\n test1.Id,\n test3.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"bar\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(5),\n\t\t\tPreferredBackupWindow: pulumi.String(\"07:00-09:00\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest1, err := rds.NewClusterInstance(ctx, \"test1\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tIdentifier: pulumi.String(\"test1\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Small),\n\t\t\tEngine: _default.Engine,\n\t\t\tEngineVersion: _default.EngineVersion,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest2, err := rds.NewClusterInstance(ctx, \"test2\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tIdentifier: pulumi.String(\"test2\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Small),\n\t\t\tEngine: _default.Engine,\n\t\t\tEngineVersion: _default.EngineVersion,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest3, err := rds.NewClusterInstance(ctx, \"test3\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tIdentifier: pulumi.String(\"test3\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Small),\n\t\t\tEngine: _default.Engine,\n\t\t\tEngineVersion: _default.EngineVersion,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterEndpoint(ctx, \"eligible\", \u0026rds.ClusterEndpointArgs{\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tClusterEndpointIdentifier: pulumi.String(\"reader\"),\n\t\t\tCustomEndpointType: pulumi.String(\"READER\"),\n\t\t\tExcludedMembers: pulumi.StringArray{\n\t\t\t\ttest1.ID(),\n\t\t\t\ttest2.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterEndpoint(ctx, \"static\", \u0026rds.ClusterEndpointArgs{\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tClusterEndpointIdentifier: pulumi.String(\"static\"),\n\t\t\tCustomEndpointType: pulumi.String(\"READER\"),\n\t\t\tStaticMembers: pulumi.StringArray{\n\t\t\t\ttest1.ID(),\n\t\t\t\ttest3.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.aws.rds.ClusterEndpoint;\nimport com.pulumi.aws.rds.ClusterEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"bar\")\n .backupRetentionPeriod(5)\n .preferredBackupWindow(\"07:00-09:00\")\n .build());\n\n var test1 = new ClusterInstance(\"test1\", ClusterInstanceArgs.builder()\n .applyImmediately(true)\n .clusterIdentifier(default_.id())\n .identifier(\"test1\")\n .instanceClass(\"db.t2.small\")\n .engine(default_.engine())\n .engineVersion(default_.engineVersion())\n .build());\n\n var test2 = new ClusterInstance(\"test2\", ClusterInstanceArgs.builder()\n .applyImmediately(true)\n .clusterIdentifier(default_.id())\n .identifier(\"test2\")\n .instanceClass(\"db.t2.small\")\n .engine(default_.engine())\n .engineVersion(default_.engineVersion())\n .build());\n\n var test3 = new ClusterInstance(\"test3\", ClusterInstanceArgs.builder()\n .applyImmediately(true)\n .clusterIdentifier(default_.id())\n .identifier(\"test3\")\n .instanceClass(\"db.t2.small\")\n .engine(default_.engine())\n .engineVersion(default_.engineVersion())\n .build());\n\n var eligible = new ClusterEndpoint(\"eligible\", ClusterEndpointArgs.builder()\n .clusterIdentifier(default_.id())\n .clusterEndpointIdentifier(\"reader\")\n .customEndpointType(\"READER\")\n .excludedMembers( \n test1.id(),\n test2.id())\n .build());\n\n var static_ = new ClusterEndpoint(\"static\", ClusterEndpointArgs.builder()\n .clusterIdentifier(default_.id())\n .clusterEndpointIdentifier(\"static\")\n .customEndpointType(\"READER\")\n .staticMembers( \n test1.id(),\n test3.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: bar\n backupRetentionPeriod: 5\n preferredBackupWindow: 07:00-09:00\n test1:\n type: aws:rds:ClusterInstance\n properties:\n applyImmediately: true\n clusterIdentifier: ${default.id}\n identifier: test1\n instanceClass: db.t2.small\n engine: ${default.engine}\n engineVersion: ${default.engineVersion}\n test2:\n type: aws:rds:ClusterInstance\n properties:\n applyImmediately: true\n clusterIdentifier: ${default.id}\n identifier: test2\n instanceClass: db.t2.small\n engine: ${default.engine}\n engineVersion: ${default.engineVersion}\n test3:\n type: aws:rds:ClusterInstance\n properties:\n applyImmediately: true\n clusterIdentifier: ${default.id}\n identifier: test3\n instanceClass: db.t2.small\n engine: ${default.engine}\n engineVersion: ${default.engineVersion}\n eligible:\n type: aws:rds:ClusterEndpoint\n properties:\n clusterIdentifier: ${default.id}\n clusterEndpointIdentifier: reader\n customEndpointType: READER\n excludedMembers:\n - ${test1.id}\n - ${test2.id}\n static:\n type: aws:rds:ClusterEndpoint\n properties:\n clusterIdentifier: ${default.id}\n clusterEndpointIdentifier: static\n customEndpointType: READER\n staticMembers:\n - ${test1.id}\n - ${test3.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Clusters Endpoint using the `cluster_endpoint_identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterEndpoint:ClusterEndpoint custom_reader aurora-prod-cluster-custom-reader\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "endpoint": { "type": "string", "description": "A custom endpoint for the Aurora cluster\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterEndpointIdentifier", "clusterIdentifier", "customEndpointType", "endpoint", "tagsAll" ], "inputProperties": { "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n", "willReplaceOnChanges": true }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterEndpointIdentifier", "clusterIdentifier", "customEndpointType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "clusterEndpointIdentifier": { "type": "string", "description": "The identifier to use for the new endpoint. This parameter is stored as a lowercase string.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n", "willReplaceOnChanges": true }, "customEndpointType": { "type": "string", "description": "The type of the endpoint. One of: READER , ANY .\n" }, "endpoint": { "type": "string", "description": "A custom endpoint for the Aurora cluster\n" }, "excludedMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty. Conflicts with `static_members`.\n" }, "staticMembers": { "type": "array", "items": { "type": "string" }, "description": "List of DB instance identifiers that are part of the custom endpoint group. Conflicts with `excluded_members`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/clusterInstance:ClusterInstance": { "description": "Provides an RDS Cluster Instance Resource. A Cluster Instance Resource defines\nattributes that are specific to a single instance in a RDS Cluster,\nspecifically running Amazon Aurora.\n\nUnlike other RDS resources that support replication, with Amazon Aurora you do\nnot designate a primary and subsequent replicas. Instead, you simply add RDS\nInstances and Aurora manages the replication. You can use the [count][5]\nmeta-parameter to make multiple instances and join them all to the same RDS\nCluster, or you may specify different Cluster Instance resources with various\n`instance_class` sizes.\n\nFor more information on Amazon Aurora, see [Aurora on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html) in the Amazon RDS User Guide.\n\n\u003e **NOTE:** Deletion Protection from the RDS service can only be enabled at the cluster level, not for individual cluster instances. You can still add the [`protect` CustomResourceOption](https://www.pulumi.com/docs/intro/concepts/programming-model/#protect) to this resource configuration if you desire protection from accidental deletion.\n\n\u003e **NOTE:** `aurora` is no longer a valid `engine` because of [Amazon Aurora's MySQL-Compatible Edition version 1 end of life](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.MySQL56.EOL.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"barbut8chars\",\n});\nconst clusterInstances: aws.rds.ClusterInstance[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n clusterInstances.push(new aws.rds.ClusterInstance(`cluster_instances-${range.value}`, {\n identifier: `aurora-cluster-demo-${range.value}`,\n clusterIdentifier: _default.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n engine: _default.engine,\n engineVersion: _default.engineVersion,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"barbut8chars\")\ncluster_instances = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n cluster_instances.append(aws.rds.ClusterInstance(f\"cluster_instances-{range['value']}\",\n identifier=f\"aurora-cluster-demo-{range['value']}\",\n cluster_identifier=default.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n engine=default.engine,\n engine_version=default.engine_version))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"barbut8chars\",\n });\n\n var clusterInstances = new List\u003cAws.Rds.ClusterInstance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n clusterInstances.Add(new Aws.Rds.ClusterInstance($\"cluster_instances-{range.Value}\", new()\n {\n Identifier = $\"aurora-cluster-demo-{range.Value}\",\n ClusterIdentifier = @default.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n Engine = @default.Engine,\n EngineVersion = @default.EngineVersion,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"barbut8chars\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar clusterInstances []*rds.ClusterInstance\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := rds.NewClusterInstance(ctx, fmt.Sprintf(\"cluster_instances-%v\", key0), \u0026rds.ClusterInstanceArgs{\n\t\t\t\tIdentifier: pulumi.String(fmt.Sprintf(\"aurora-cluster-demo-%v\", val0)),\n\t\t\t\tClusterIdentifier: _default.ID(),\n\t\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\t\tEngine: _default.Engine,\n\t\t\t\tEngineVersion: _default.EngineVersion,\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\tclusterInstances = append(clusterInstances, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"barbut8chars\")\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new ClusterInstance(\"clusterInstances-\" + i, ClusterInstanceArgs.builder()\n .identifier(String.format(\"aurora-cluster-demo-%s\", range.value()))\n .clusterIdentifier(default_.id())\n .instanceClass(\"db.r4.large\")\n .engine(default_.engine())\n .engineVersion(default_.engineVersion())\n .build());\n\n \n}\n }\n}\n```\n```yaml\nresources:\n clusterInstances:\n type: aws:rds:ClusterInstance\n name: cluster_instances\n properties:\n identifier: aurora-cluster-demo-${range.value}\n clusterIdentifier: ${default.id}\n instanceClass: db.r4.large\n engine: ${default.engine}\n engineVersion: ${default.engineVersion}\n options: {}\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: barbut8chars\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Cluster Instances using the `identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterInstance:ClusterInstance prod_instance_1 aurora-cluster-instance-1\n```\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n" }, "caCertIdentifier": { "type": "string", "description": "Identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the `aws.rds.Cluster` in which to launch this instance.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "Instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n" }, "dbParameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n" }, "dbiResourceId": { "type": "string", "description": "Region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "Name of the database engine to be used for the RDS cluster instance.\nValid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`.(Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n" }, "engineVersion": { "type": "string", "description": "Database engine version. Please note that to upgrade the `engine_version` of the instance, it must be done on the `aws.rds.Cluster` `engine_version`. Trying to upgrade in `aws_cluster_instance` will not update the `engine_version`.\n" }, "engineVersionActual": { "type": "string", "description": "Database engine version\n" }, "identifier": { "type": "string", "description": "Identifier for the RDS instance, if omitted, Pulumi will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "Instance class to use. For details on CPU and memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details. For Aurora Serverless v2 use `db.serverless`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key if one is set to the cluster.\n" }, "monitoringInterval": { "type": "integer", "description": "Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html) what IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "networkType": { "type": "string", "description": "Network type of the DB instance.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "Database port\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\". **NOTE:** If `preferred_backup_window` is set at the cluster level, this argument **must** be omitted.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more details on controlling this property.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "required": [ "applyImmediately", "arn", "availabilityZone", "caCertIdentifier", "clusterIdentifier", "dbParameterGroupName", "dbSubnetGroupName", "dbiResourceId", "endpoint", "engine", "engineVersion", "engineVersionActual", "identifier", "identifierPrefix", "instanceClass", "kmsKeyId", "monitoringRoleArn", "networkType", "performanceInsightsEnabled", "performanceInsightsKmsKeyId", "performanceInsightsRetentionPeriod", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "publiclyAccessible", "storageEncrypted", "tagsAll", "writer" ], "inputProperties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default is`false`.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n", "willReplaceOnChanges": true }, "caCertIdentifier": { "type": "string", "description": "Identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the `aws.rds.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "Instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n", "willReplaceOnChanges": true }, "dbParameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "Name of the database engine to be used for the RDS cluster instance.\nValid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`.(Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Database engine version. Please note that to upgrade the `engine_version` of the instance, it must be done on the `aws.rds.Cluster` `engine_version`. Trying to upgrade in `aws_cluster_instance` will not update the `engine_version`.\n" }, "identifier": { "type": "string", "description": "Identifier for the RDS instance, if omitted, Pulumi will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/InstanceType:InstanceType" } ], "description": "Instance class to use. For details on CPU and memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details. For Aurora Serverless v2 use `db.serverless`.\n" }, "monitoringInterval": { "type": "integer", "description": "Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html) what IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\". **NOTE:** If `preferred_backup_window` is set at the cluster level, this argument **must** be omitted.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more details on controlling this property.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterIdentifier", "engine", "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterInstance resources.\n", "properties": { "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default is`false`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster instance\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`.\n" }, "availabilityZone": { "type": "string", "description": "EC2 Availability Zone that the DB instance is created in. See [docs](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) about the details.\n", "willReplaceOnChanges": true }, "caCertIdentifier": { "type": "string", "description": "Identifier of the CA certificate for the DB instance.\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the `aws.rds.Cluster` in which to launch this instance.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "Instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n", "willReplaceOnChanges": true }, "dbParameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate with this instance.\n" }, "dbSubnetGroupName": { "type": "string", "description": "DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` of the attached `aws.rds.Cluster`.\n", "willReplaceOnChanges": true }, "dbiResourceId": { "type": "string", "description": "Region-unique, immutable identifier for the DB instance.\n" }, "endpoint": { "type": "string", "description": "DNS address for this instance. May not be writable\n" }, "engine": { "type": "string", "$ref": "#/types/aws:rds/engineType:EngineType", "description": "Name of the database engine to be used for the RDS cluster instance.\nValid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`.(Note that `mysql` and `postgres` are Multi-AZ RDS clusters).\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "Database engine version. Please note that to upgrade the `engine_version` of the instance, it must be done on the `aws.rds.Cluster` `engine_version`. Trying to upgrade in `aws_cluster_instance` will not update the `engine_version`.\n" }, "engineVersionActual": { "type": "string", "description": "Database engine version\n" }, "identifier": { "type": "string", "description": "Identifier for the RDS instance, if omitted, Pulumi will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/InstanceType:InstanceType" } ], "description": "Instance class to use. For details on CPU and memory, see [Scaling Aurora DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.html). Aurora uses `db.*` instance classes/types. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) for currently available instance classes and complete details. For Aurora Serverless v2 use `db.serverless`.\n" }, "kmsKeyId": { "type": "string", "description": "ARN for the KMS encryption key if one is set to the cluster.\n" }, "monitoringInterval": { "type": "integer", "description": "Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html) what IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "networkType": { "type": "string", "description": "Network type of the DB instance.\n" }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights is enabled or not.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "Database port\n" }, "preferredBackupWindow": { "type": "string", "description": "Daily time range during which automated backups are created if automated backups are enabled. Eg: \"04:00-09:00\". **NOTE:** If `preferred_backup_window` is set at the cluster level, this argument **must** be omitted.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "Window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\".\n" }, "promotionTier": { "type": "integer", "description": "Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoted to writer.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly accessible. Default `false`. See the documentation on [Creating DB Instances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) for more details on controlling this property.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the instance. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "writer": { "type": "boolean", "description": "Boolean indicating if this instance is writable. `False` indicates this instance is a read replica.\n" } }, "type": "object" } }, "aws:rds/clusterParameterGroup:ClusterParameterGroup": { "description": "Provides an RDS DB cluster parameter group resource. Documentation of the available parameters for various Aurora engines can be found at:\n\n* [Aurora MySQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Reference.html)\n* [Aurora PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraPostgreSQL.Reference.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.ClusterParameterGroup(\"default\", {\n name: \"rds-cluster-pg\",\n family: \"aurora5.6\",\n description: \"RDS default cluster parameter group\",\n parameters: [\n {\n name: \"character_set_server\",\n value: \"utf8\",\n },\n {\n name: \"character_set_client\",\n value: \"utf8\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.ClusterParameterGroup(\"default\",\n name=\"rds-cluster-pg\",\n family=\"aurora5.6\",\n description=\"RDS default cluster parameter group\",\n parameters=[\n {\n \"name\": \"character_set_server\",\n \"value\": \"utf8\",\n },\n {\n \"name\": \"character_set_client\",\n \"value\": \"utf8\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.ClusterParameterGroup(\"default\", new()\n {\n Name = \"rds-cluster-pg\",\n Family = \"aurora5.6\",\n Description = \"RDS default cluster parameter group\",\n Parameters = new[]\n {\n new Aws.Rds.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"character_set_server\",\n Value = \"utf8\",\n },\n new Aws.Rds.Inputs.ClusterParameterGroupParameterArgs\n {\n Name = \"character_set_client\",\n Value = \"utf8\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewClusterParameterGroup(ctx, \"default\", \u0026rds.ClusterParameterGroupArgs{\n\t\t\tName: pulumi.String(\"rds-cluster-pg\"),\n\t\t\tFamily: pulumi.String(\"aurora5.6\"),\n\t\t\tDescription: pulumi.String(\"RDS default cluster parameter group\"),\n\t\t\tParameters: rds.ClusterParameterGroupParameterArray{\n\t\t\t\t\u0026rds.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_server\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t\t\u0026rds.ClusterParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_client\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ClusterParameterGroup;\nimport com.pulumi.aws.rds.ClusterParameterGroupArgs;\nimport com.pulumi.aws.rds.inputs.ClusterParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new ClusterParameterGroup(\"default\", ClusterParameterGroupArgs.builder()\n .name(\"rds-cluster-pg\")\n .family(\"aurora5.6\")\n .description(\"RDS default cluster parameter group\")\n .parameters( \n ClusterParameterGroupParameterArgs.builder()\n .name(\"character_set_server\")\n .value(\"utf8\")\n .build(),\n ClusterParameterGroupParameterArgs.builder()\n .name(\"character_set_client\")\n .value(\"utf8\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:ClusterParameterGroup\n properties:\n name: rds-cluster-pg\n family: aurora5.6\n description: RDS default cluster parameter group\n parameters:\n - name: character_set_server\n value: utf8\n - name: character_set_client\n value: utf8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Cluster Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterParameterGroup:ClusterParameterGroup cluster_pg production-pg-1\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DB parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db cluster parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB cluster parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DB cluster parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DB parameter.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ClusterParameterGroupParameter:ClusterParameterGroupParameter" }, "description": "A list of DB parameters to apply. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-cluster-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/clusterRoleAssociation:ClusterRoleAssociation": { "description": "Manages a RDS DB Cluster association with an IAM Role. Example use cases:\n\n* [Creating an IAM Role to Allow Amazon Aurora to Access AWS Services](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.Authorizing.IAM.CreateRole.html)\n* [Importing Amazon S3 Data into an RDS PostgreSQL DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PostgreSQL.S3Import.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ClusterRoleAssociation(\"example\", {\n dbClusterIdentifier: exampleAwsRdsCluster.id,\n featureName: \"S3_INTEGRATION\",\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ClusterRoleAssociation(\"example\",\n db_cluster_identifier=example_aws_rds_cluster[\"id\"],\n feature_name=\"S3_INTEGRATION\",\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ClusterRoleAssociation(\"example\", new()\n {\n DbClusterIdentifier = exampleAwsRdsCluster.Id,\n FeatureName = \"S3_INTEGRATION\",\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewClusterRoleAssociation(ctx, \"example\", \u0026rds.ClusterRoleAssociationArgs{\n\t\t\tDbClusterIdentifier: pulumi.Any(exampleAwsRdsCluster.Id),\n\t\t\tFeatureName: pulumi.String(\"S3_INTEGRATION\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ClusterRoleAssociation;\nimport com.pulumi.aws.rds.ClusterRoleAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterRoleAssociation(\"example\", ClusterRoleAssociationArgs.builder()\n .dbClusterIdentifier(exampleAwsRdsCluster.id())\n .featureName(\"S3_INTEGRATION\")\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ClusterRoleAssociation\n properties:\n dbClusterIdentifier: ${exampleAwsRdsCluster.id}\n featureName: S3_INTEGRATION\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rds_cluster_role_association` using the DB Cluster Identifier and IAM Role ARN separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:rds/clusterRoleAssociation:ClusterRoleAssociation example my-db-cluster,arn:aws:iam::123456789012:role/my-role\n```\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "DB Cluster Identifier to associate with the IAM Role.\n" }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Cluster.\n" } }, "required": [ "dbClusterIdentifier", "featureName", "roleArn" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "DB Cluster Identifier to associate with the IAM Role.\n", "willReplaceOnChanges": true }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Cluster.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbClusterIdentifier", "featureName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterRoleAssociation resources.\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "DB Cluster Identifier to associate with the IAM Role.\n", "willReplaceOnChanges": true }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Cluster.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/clusterSnapshot:ClusterSnapshot": { "description": "Manages an RDS database cluster snapshot for Aurora clusters. For managing RDS database instance snapshots, see the `aws.rds.Snapshot` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ClusterSnapshot(\"example\", {\n dbClusterIdentifier: exampleAwsRdsCluster.id,\n dbClusterSnapshotIdentifier: \"resourcetestsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ClusterSnapshot(\"example\",\n db_cluster_identifier=example_aws_rds_cluster[\"id\"],\n db_cluster_snapshot_identifier=\"resourcetestsnapshot1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ClusterSnapshot(\"example\", new()\n {\n DbClusterIdentifier = exampleAwsRdsCluster.Id,\n DbClusterSnapshotIdentifier = \"resourcetestsnapshot1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewClusterSnapshot(ctx, \"example\", \u0026rds.ClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.Any(exampleAwsRdsCluster.Id),\n\t\t\tDbClusterSnapshotIdentifier: pulumi.String(\"resourcetestsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ClusterSnapshot;\nimport com.pulumi.aws.rds.ClusterSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterSnapshot(\"example\", ClusterSnapshotArgs.builder()\n .dbClusterIdentifier(exampleAwsRdsCluster.id())\n .dbClusterSnapshotIdentifier(\"resourcetestsnapshot1234\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ClusterSnapshot\n properties:\n dbClusterIdentifier: ${exampleAwsRdsCluster.id}\n dbClusterSnapshotIdentifier: resourcetestsnapshot1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_db_cluster_snapshot` using the cluster snapshot identifier. For example:\n\n```sh\n$ pulumi import aws:rds/clusterSnapshot:ClusterSnapshot example my-cluster-snapshot\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n" }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "engine": { "type": "string", "description": "Name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Whether the DB cluster snapshot is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZones", "dbClusterIdentifier", "dbClusterSnapshotArn", "dbClusterSnapshotIdentifier", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotType", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "tagsAll", "vpcId" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dbClusterIdentifier", "dbClusterSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Allocated storage size in gigabytes (GB).\n" }, "availabilityZones": { "type": "array", "items": { "type": "string" }, "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n" }, "dbClusterIdentifier": { "type": "string", "description": "The DB Cluster Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbClusterSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB Cluster Snapshot.\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "engine": { "type": "string", "description": "Name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Version of the database engine for this DB cluster snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB cluster.\n" }, "port": { "type": "integer", "description": "Port that the DB cluster was listening on at the time of the snapshot.\n" }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "type": "string", "description": "The status of this DB Cluster Snapshot.\n" }, "storageEncrypted": { "type": "boolean", "description": "Whether the DB cluster snapshot is encrypted.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the DB cluster. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The VPC ID associated with the DB cluster snapshot.\n" } }, "type": "object" } }, "aws:rds/customDbEngineVersion:CustomDbEngineVersion": { "description": "Provides an custom engine version (CEV) resource for Amazon RDS Custom. For additional information, see [Working with CEVs for RDS Custom for Oracle](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html) and [Working with CEVs for RDS Custom for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev-sqlserver.html) in the the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html).\n\n## Example Usage\n\n### RDS Custom for Oracle Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"KMS symmetric key for RDS Custom for Oracle\"});\nconst exampleCustomDbEngineVersion = new aws.rds.CustomDbEngineVersion(\"example\", {\n databaseInstallationFilesS3BucketName: \"DOC-EXAMPLE-BUCKET\",\n databaseInstallationFilesS3Prefix: \"1915_GI/\",\n engine: \"custom-oracle-ee-cdb\",\n engineVersion: \"19.cdb_cev1\",\n kmsKeyId: example.arn,\n manifest: ` {\n\\x09\"databaseInstallationFileNames\":[\"V982063-01.zip\"]\n }\n`,\n tags: {\n Name: \"example\",\n Key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"KMS symmetric key for RDS Custom for Oracle\")\nexample_custom_db_engine_version = aws.rds.CustomDbEngineVersion(\"example\",\n database_installation_files_s3_bucket_name=\"DOC-EXAMPLE-BUCKET\",\n database_installation_files_s3_prefix=\"1915_GI/\",\n engine=\"custom-oracle-ee-cdb\",\n engine_version=\"19.cdb_cev1\",\n kms_key_id=example.arn,\n manifest=\"\"\" {\n\\x09\"databaseInstallationFileNames\":[\"V982063-01.zip\"]\n }\n\"\"\",\n tags={\n \"Name\": \"example\",\n \"Key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"KMS symmetric key for RDS Custom for Oracle\",\n });\n\n var exampleCustomDbEngineVersion = new Aws.Rds.CustomDbEngineVersion(\"example\", new()\n {\n DatabaseInstallationFilesS3BucketName = \"DOC-EXAMPLE-BUCKET\",\n DatabaseInstallationFilesS3Prefix = \"1915_GI/\",\n Engine = \"custom-oracle-ee-cdb\",\n EngineVersion = \"19.cdb_cev1\",\n KmsKeyId = example.Arn,\n Manifest = @\" {\n\t\"\"databaseInstallationFileNames\"\":[\"\"V982063-01.zip\"\"]\n }\n\",\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS symmetric key for RDS Custom for Oracle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewCustomDbEngineVersion(ctx, \"example\", \u0026rds.CustomDbEngineVersionArgs{\n\t\t\tDatabaseInstallationFilesS3BucketName: pulumi.String(\"DOC-EXAMPLE-BUCKET\"),\n\t\t\tDatabaseInstallationFilesS3Prefix: pulumi.String(\"1915_GI/\"),\n\t\t\tEngine: pulumi.String(\"custom-oracle-ee-cdb\"),\n\t\t\tEngineVersion: pulumi.String(\"19.cdb_cev1\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t\tManifest: pulumi.String(\" {\\n\t\\\"databaseInstallationFileNames\\\":[\\\"V982063-01.zip\\\"]\\n }\\n\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t\t\"Key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.CustomDbEngineVersion;\nimport com.pulumi.aws.rds.CustomDbEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"KMS symmetric key for RDS Custom for Oracle\")\n .build());\n\n var exampleCustomDbEngineVersion = new CustomDbEngineVersion(\"exampleCustomDbEngineVersion\", CustomDbEngineVersionArgs.builder()\n .databaseInstallationFilesS3BucketName(\"DOC-EXAMPLE-BUCKET\")\n .databaseInstallationFilesS3Prefix(\"1915_GI/\")\n .engine(\"custom-oracle-ee-cdb\")\n .engineVersion(\"19.cdb_cev1\")\n .kmsKeyId(example.arn())\n .manifest(\"\"\"\n {\n\t\"databaseInstallationFileNames\":[\"V982063-01.zip\"]\n }\n \"\"\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Key\", \"value\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: KMS symmetric key for RDS Custom for Oracle\n exampleCustomDbEngineVersion:\n type: aws:rds:CustomDbEngineVersion\n name: example\n properties:\n databaseInstallationFilesS3BucketName: DOC-EXAMPLE-BUCKET\n databaseInstallationFilesS3Prefix: 1915_GI/\n engine: custom-oracle-ee-cdb\n engineVersion: 19.cdb_cev1\n kmsKeyId: ${example.arn}\n manifest: |2\n {\n \t\"databaseInstallationFileNames\":[\"V982063-01.zip\"]\n }\n tags:\n Name: example\n Key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Custom for Oracle External Manifest Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"KMS symmetric key for RDS Custom for Oracle\"});\nconst exampleCustomDbEngineVersion = new aws.rds.CustomDbEngineVersion(\"example\", {\n databaseInstallationFilesS3BucketName: \"DOC-EXAMPLE-BUCKET\",\n databaseInstallationFilesS3Prefix: \"1915_GI/\",\n engine: \"custom-oracle-ee-cdb\",\n engineVersion: \"19.cdb_cev1\",\n kmsKeyId: example.arn,\n filename: \"manifest_1915_GI.json\",\n manifestHash: std.filebase64sha256({\n input: json,\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"example\",\n Key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.kms.Key(\"example\", description=\"KMS symmetric key for RDS Custom for Oracle\")\nexample_custom_db_engine_version = aws.rds.CustomDbEngineVersion(\"example\",\n database_installation_files_s3_bucket_name=\"DOC-EXAMPLE-BUCKET\",\n database_installation_files_s3_prefix=\"1915_GI/\",\n engine=\"custom-oracle-ee-cdb\",\n engine_version=\"19.cdb_cev1\",\n kms_key_id=example.arn,\n filename=\"manifest_1915_GI.json\",\n manifest_hash=std.filebase64sha256(input=json).result,\n tags={\n \"Name\": \"example\",\n \"Key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"KMS symmetric key for RDS Custom for Oracle\",\n });\n\n var exampleCustomDbEngineVersion = new Aws.Rds.CustomDbEngineVersion(\"example\", new()\n {\n DatabaseInstallationFilesS3BucketName = \"DOC-EXAMPLE-BUCKET\",\n DatabaseInstallationFilesS3Prefix = \"1915_GI/\",\n Engine = \"custom-oracle-ee-cdb\",\n EngineVersion = \"19.cdb_cev1\",\n KmsKeyId = example.Arn,\n Filename = \"manifest_1915_GI.json\",\n ManifestHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = json,\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS symmetric key for RDS Custom for Oracle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: json,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewCustomDbEngineVersion(ctx, \"example\", \u0026rds.CustomDbEngineVersionArgs{\n\t\t\tDatabaseInstallationFilesS3BucketName: pulumi.String(\"DOC-EXAMPLE-BUCKET\"),\n\t\t\tDatabaseInstallationFilesS3Prefix: pulumi.String(\"1915_GI/\"),\n\t\t\tEngine: pulumi.String(\"custom-oracle-ee-cdb\"),\n\t\t\tEngineVersion: pulumi.String(\"19.cdb_cev1\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t\tFilename: pulumi.String(\"manifest_1915_GI.json\"),\n\t\t\tManifestHash: pulumi.String(invokeFilebase64sha256.Result),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t\t\"Key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.CustomDbEngineVersion;\nimport com.pulumi.aws.rds.CustomDbEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"KMS symmetric key for RDS Custom for Oracle\")\n .build());\n\n var exampleCustomDbEngineVersion = new CustomDbEngineVersion(\"exampleCustomDbEngineVersion\", CustomDbEngineVersionArgs.builder()\n .databaseInstallationFilesS3BucketName(\"DOC-EXAMPLE-BUCKET\")\n .databaseInstallationFilesS3Prefix(\"1915_GI/\")\n .engine(\"custom-oracle-ee-cdb\")\n .engineVersion(\"19.cdb_cev1\")\n .kmsKeyId(example.arn())\n .filename(\"manifest_1915_GI.json\")\n .manifestHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(json)\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Key\", \"value\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: KMS symmetric key for RDS Custom for Oracle\n exampleCustomDbEngineVersion:\n type: aws:rds:CustomDbEngineVersion\n name: example\n properties:\n databaseInstallationFilesS3BucketName: DOC-EXAMPLE-BUCKET\n databaseInstallationFilesS3Prefix: 1915_GI/\n engine: custom-oracle-ee-cdb\n engineVersion: 19.cdb_cev1\n kmsKeyId: ${example.arn}\n filename: manifest_1915_GI.json\n manifestHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: ${json}\n Return: result\n tags:\n Name: example\n Key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Custom for SQL Server Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// CEV creation requires an AMI owned by the operator\nconst test = new aws.rds.CustomDbEngineVersion(\"test\", {\n engine: \"custom-sqlserver-se\",\n engineVersion: \"15.00.4249.2.cev-1\",\n sourceImageId: \"ami-0aa12345678a12ab1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# CEV creation requires an AMI owned by the operator\ntest = aws.rds.CustomDbEngineVersion(\"test\",\n engine=\"custom-sqlserver-se\",\n engine_version=\"15.00.4249.2.cev-1\",\n source_image_id=\"ami-0aa12345678a12ab1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // CEV creation requires an AMI owned by the operator\n var test = new Aws.Rds.CustomDbEngineVersion(\"test\", new()\n {\n Engine = \"custom-sqlserver-se\",\n EngineVersion = \"15.00.4249.2.cev-1\",\n SourceImageId = \"ami-0aa12345678a12ab1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// CEV creation requires an AMI owned by the operator\n\t\t_, err := rds.NewCustomDbEngineVersion(ctx, \"test\", \u0026rds.CustomDbEngineVersionArgs{\n\t\t\tEngine: pulumi.String(\"custom-sqlserver-se\"),\n\t\t\tEngineVersion: pulumi.String(\"15.00.4249.2.cev-1\"),\n\t\t\tSourceImageId: pulumi.String(\"ami-0aa12345678a12ab1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.CustomDbEngineVersion;\nimport com.pulumi.aws.rds.CustomDbEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // CEV creation requires an AMI owned by the operator\n var test = new CustomDbEngineVersion(\"test\", CustomDbEngineVersionArgs.builder()\n .engine(\"custom-sqlserver-se\")\n .engineVersion(\"15.00.4249.2.cev-1\")\n .sourceImageId(\"ami-0aa12345678a12ab1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # CEV creation requires an AMI owned by the operator\n test:\n type: aws:rds:CustomDbEngineVersion\n properties:\n engine: custom-sqlserver-se\n engineVersion: 15.00.4249.2.cev-1\n sourceImageId: ami-0aa12345678a12ab1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Custom for SQL Server Usage with AMI from another region\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.AmiCopy(\"example\", {\n name: \"sqlserver-se-2019-15.00.4249.2\",\n description: \"A copy of ami-xxxxxxxx\",\n sourceAmiId: \"ami-xxxxxxxx\",\n sourceAmiRegion: \"us-east-1\",\n});\n// CEV creation requires an AMI owned by the operator\nconst test = new aws.rds.CustomDbEngineVersion(\"test\", {\n engine: \"custom-sqlserver-se\",\n engineVersion: \"15.00.4249.2.cev-1\",\n sourceImageId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.AmiCopy(\"example\",\n name=\"sqlserver-se-2019-15.00.4249.2\",\n description=\"A copy of ami-xxxxxxxx\",\n source_ami_id=\"ami-xxxxxxxx\",\n source_ami_region=\"us-east-1\")\n# CEV creation requires an AMI owned by the operator\ntest = aws.rds.CustomDbEngineVersion(\"test\",\n engine=\"custom-sqlserver-se\",\n engine_version=\"15.00.4249.2.cev-1\",\n source_image_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.AmiCopy(\"example\", new()\n {\n Name = \"sqlserver-se-2019-15.00.4249.2\",\n Description = \"A copy of ami-xxxxxxxx\",\n SourceAmiId = \"ami-xxxxxxxx\",\n SourceAmiRegion = \"us-east-1\",\n });\n\n // CEV creation requires an AMI owned by the operator\n var test = new Aws.Rds.CustomDbEngineVersion(\"test\", new()\n {\n Engine = \"custom-sqlserver-se\",\n EngineVersion = \"15.00.4249.2.cev-1\",\n SourceImageId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewAmiCopy(ctx, \"example\", \u0026ec2.AmiCopyArgs{\n\t\t\tName: pulumi.String(\"sqlserver-se-2019-15.00.4249.2\"),\n\t\t\tDescription: pulumi.String(\"A copy of ami-xxxxxxxx\"),\n\t\t\tSourceAmiId: pulumi.String(\"ami-xxxxxxxx\"),\n\t\t\tSourceAmiRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// CEV creation requires an AMI owned by the operator\n\t\t_, err = rds.NewCustomDbEngineVersion(ctx, \"test\", \u0026rds.CustomDbEngineVersionArgs{\n\t\t\tEngine: pulumi.String(\"custom-sqlserver-se\"),\n\t\t\tEngineVersion: pulumi.String(\"15.00.4249.2.cev-1\"),\n\t\t\tSourceImageId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.AmiCopy;\nimport com.pulumi.aws.ec2.AmiCopyArgs;\nimport com.pulumi.aws.rds.CustomDbEngineVersion;\nimport com.pulumi.aws.rds.CustomDbEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AmiCopy(\"example\", AmiCopyArgs.builder()\n .name(\"sqlserver-se-2019-15.00.4249.2\")\n .description(\"A copy of ami-xxxxxxxx\")\n .sourceAmiId(\"ami-xxxxxxxx\")\n .sourceAmiRegion(\"us-east-1\")\n .build());\n\n // CEV creation requires an AMI owned by the operator\n var test = new CustomDbEngineVersion(\"test\", CustomDbEngineVersionArgs.builder()\n .engine(\"custom-sqlserver-se\")\n .engineVersion(\"15.00.4249.2.cev-1\")\n .sourceImageId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:AmiCopy\n properties:\n name: sqlserver-se-2019-15.00.4249.2\n description: A copy of ami-xxxxxxxx\n sourceAmiId: ami-xxxxxxxx\n sourceAmiRegion: us-east-1\n # CEV creation requires an AMI owned by the operator\n test:\n type: aws:rds:CustomDbEngineVersion\n properties:\n engine: custom-sqlserver-se\n engineVersion: 15.00.4249.2.cev-1\n sourceImageId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import custom engine versions for Amazon RDS custom using the `engine` and `engine_version` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:rds/customDbEngineVersion:CustomDbEngineVersion example custom-oracle-ee-cdb:19.cdb_cev1\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the custom engine version.\n" }, "createTime": { "type": "string", "description": "The date and time that the CEV was created.\n" }, "databaseInstallationFilesS3BucketName": { "type": "string", "description": "The name of the Amazon S3 bucket that contains the database installation files.\n" }, "databaseInstallationFilesS3Prefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket that contains the database installation files.\n" }, "dbParameterGroupFamily": { "type": "string", "description": "The name of the DB parameter group family for the CEV.\n" }, "description": { "type": "string", "description": "The description of the CEV.\n" }, "engine": { "type": "string", "description": "The name of the database engine. Valid values are `custom-oracle*`, `custom-sqlserver*`.\n" }, "engineVersion": { "type": "string", "description": "The version of the database engine.\n" }, "filename": { "type": "string", "description": "The name of the manifest file within the local filesystem. Conflicts with `manifest`.\n" }, "imageId": { "type": "string", "description": "The ID of the AMI that was created with the CEV.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the AWS KMS key that is used to encrypt the database installation files. Required for RDS Custom for Oracle.\n" }, "majorEngineVersion": { "type": "string", "description": "The major version of the database engine.\n" }, "manifest": { "type": "string", "description": "The manifest file, in JSON format, that contains the list of database installation files. Conflicts with `filename`.\n" }, "manifestComputed": { "type": "string", "description": "The returned manifest file, in JSON format, service generated and often different from input `manifest`.\n" }, "manifestHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the manifest source specified with `filename`. The usual way to set this is filebase64sha256(\"manifest.json\") where \"manifest.json\" is the local filename of the manifest source.\n" }, "sourceImageId": { "type": "string", "description": "The ID of the AMI to create the CEV from. Required for RDS Custom for SQL Server. For RDS Custom for Oracle, you can specify an AMI ID that was used in a different Oracle CEV.\n" }, "status": { "type": "string", "description": "The status of the CEV. Valid values are `available`, `inactive`, `inactive-except-restore`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createTime", "dbParameterGroupFamily", "engine", "engineVersion", "imageId", "kmsKeyId", "majorEngineVersion", "manifestComputed", "status", "tagsAll" ], "inputProperties": { "databaseInstallationFilesS3BucketName": { "type": "string", "description": "The name of the Amazon S3 bucket that contains the database installation files.\n", "willReplaceOnChanges": true }, "databaseInstallationFilesS3Prefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket that contains the database installation files.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "The description of the CEV.\n" }, "engine": { "type": "string", "description": "The name of the database engine. Valid values are `custom-oracle*`, `custom-sqlserver*`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The version of the database engine.\n", "willReplaceOnChanges": true }, "filename": { "type": "string", "description": "The name of the manifest file within the local filesystem. Conflicts with `manifest`.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN of the AWS KMS key that is used to encrypt the database installation files. Required for RDS Custom for Oracle.\n", "willReplaceOnChanges": true }, "manifest": { "type": "string", "description": "The manifest file, in JSON format, that contains the list of database installation files. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "manifestHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the manifest source specified with `filename`. The usual way to set this is filebase64sha256(\"manifest.json\") where \"manifest.json\" is the local filename of the manifest source.\n" }, "sourceImageId": { "type": "string", "description": "The ID of the AMI to create the CEV from. Required for RDS Custom for SQL Server. For RDS Custom for Oracle, you can specify an AMI ID that was used in a different Oracle CEV.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the CEV. Valid values are `available`, `inactive`, `inactive-except-restore`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "engine", "engineVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomDbEngineVersion resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the custom engine version.\n" }, "createTime": { "type": "string", "description": "The date and time that the CEV was created.\n" }, "databaseInstallationFilesS3BucketName": { "type": "string", "description": "The name of the Amazon S3 bucket that contains the database installation files.\n", "willReplaceOnChanges": true }, "databaseInstallationFilesS3Prefix": { "type": "string", "description": "The prefix for the Amazon S3 bucket that contains the database installation files.\n", "willReplaceOnChanges": true }, "dbParameterGroupFamily": { "type": "string", "description": "The name of the DB parameter group family for the CEV.\n" }, "description": { "type": "string", "description": "The description of the CEV.\n" }, "engine": { "type": "string", "description": "The name of the database engine. Valid values are `custom-oracle*`, `custom-sqlserver*`.\n", "willReplaceOnChanges": true }, "engineVersion": { "type": "string", "description": "The version of the database engine.\n", "willReplaceOnChanges": true }, "filename": { "type": "string", "description": "The name of the manifest file within the local filesystem. Conflicts with `manifest`.\n", "willReplaceOnChanges": true }, "imageId": { "type": "string", "description": "The ID of the AMI that was created with the CEV.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the AWS KMS key that is used to encrypt the database installation files. Required for RDS Custom for Oracle.\n", "willReplaceOnChanges": true }, "majorEngineVersion": { "type": "string", "description": "The major version of the database engine.\n" }, "manifest": { "type": "string", "description": "The manifest file, in JSON format, that contains the list of database installation files. Conflicts with `filename`.\n", "willReplaceOnChanges": true }, "manifestComputed": { "type": "string", "description": "The returned manifest file, in JSON format, service generated and often different from input `manifest`.\n" }, "manifestHash": { "type": "string", "description": "Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the manifest source specified with `filename`. The usual way to set this is filebase64sha256(\"manifest.json\") where \"manifest.json\" is the local filename of the manifest source.\n" }, "sourceImageId": { "type": "string", "description": "The ID of the AMI to create the CEV from. Required for RDS Custom for SQL Server. For RDS Custom for Oracle, you can specify an AMI ID that was used in a different Oracle CEV.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the CEV. Valid values are `available`, `inactive`, `inactive-except-restore`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/eventSubscription:EventSubscription": { "description": "Provides a DB event subscription resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n engine: \"mysql\",\n engineVersion: \"5.6.17\",\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"mydb\",\n username: \"foo\",\n password: \"bar\",\n dbSubnetGroupName: \"my_database_subnet_group\",\n parameterGroupName: \"default.mysql5.6\",\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {name: \"rds-events\"});\nconst defaultEventSubscription = new aws.rds.EventSubscription(\"default\", {\n name: \"rds-event-sub\",\n snsTopic: defaultTopic.arn,\n sourceType: \"db-instance\",\n sourceIds: [_default.identifier],\n eventCategories: [\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n engine=\"mysql\",\n engine_version=\"5.6.17\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"mydb\",\n username=\"foo\",\n password=\"bar\",\n db_subnet_group_name=\"my_database_subnet_group\",\n parameter_group_name=\"default.mysql5.6\")\ndefault_topic = aws.sns.Topic(\"default\", name=\"rds-events\")\ndefault_event_subscription = aws.rds.EventSubscription(\"default\",\n name=\"rds-event-sub\",\n sns_topic=default_topic.arn,\n source_type=\"db-instance\",\n source_ids=[default.identifier],\n event_categories=[\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n Engine = \"mysql\",\n EngineVersion = \"5.6.17\",\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"mydb\",\n Username = \"foo\",\n Password = \"bar\",\n DbSubnetGroupName = \"my_database_subnet_group\",\n ParameterGroupName = \"default.mysql5.6\",\n });\n\n var defaultTopic = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"rds-events\",\n });\n\n var defaultEventSubscription = new Aws.Rds.EventSubscription(\"default\", new()\n {\n Name = \"rds-event-sub\",\n SnsTopic = defaultTopic.Arn,\n SourceType = \"db-instance\",\n SourceIds = new[]\n {\n @default.Identifier,\n },\n EventCategories = new[]\n {\n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.17\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"bar\"),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_database_subnet_group\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"rds-events\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewEventSubscription(ctx, \"default\", \u0026rds.EventSubscriptionArgs{\n\t\t\tName: pulumi.String(\"rds-event-sub\"),\n\t\t\tSnsTopic: defaultTopic.Arn,\n\t\t\tSourceType: pulumi.String(\"db-instance\"),\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\t_default.Identifier,\n\t\t\t},\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"availability\"),\n\t\t\t\tpulumi.String(\"deletion\"),\n\t\t\t\tpulumi.String(\"failover\"),\n\t\t\t\tpulumi.String(\"failure\"),\n\t\t\t\tpulumi.String(\"low storage\"),\n\t\t\t\tpulumi.String(\"maintenance\"),\n\t\t\t\tpulumi.String(\"notification\"),\n\t\t\t\tpulumi.String(\"read replica\"),\n\t\t\t\tpulumi.String(\"recovery\"),\n\t\t\t\tpulumi.String(\"restoration\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.rds.EventSubscription;\nimport com.pulumi.aws.rds.EventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .engine(\"mysql\")\n .engineVersion(\"5.6.17\")\n .instanceClass(\"db.t2.micro\")\n .dbName(\"mydb\")\n .username(\"foo\")\n .password(\"bar\")\n .dbSubnetGroupName(\"my_database_subnet_group\")\n .parameterGroupName(\"default.mysql5.6\")\n .build());\n\n var defaultTopic = new Topic(\"defaultTopic\", TopicArgs.builder()\n .name(\"rds-events\")\n .build());\n\n var defaultEventSubscription = new EventSubscription(\"defaultEventSubscription\", EventSubscriptionArgs.builder()\n .name(\"rds-event-sub\")\n .snsTopic(defaultTopic.arn())\n .sourceType(\"db-instance\")\n .sourceIds(default_.identifier())\n .eventCategories( \n \"availability\",\n \"deletion\",\n \"failover\",\n \"failure\",\n \"low storage\",\n \"maintenance\",\n \"notification\",\n \"read replica\",\n \"recovery\",\n \"restoration\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n engine: mysql\n engineVersion: 5.6.17\n instanceClass: db.t2.micro\n dbName: mydb\n username: foo\n password: bar\n dbSubnetGroupName: my_database_subnet_group\n parameterGroupName: default.mysql5.6\n defaultTopic:\n type: aws:sns:Topic\n name: default\n properties:\n name: rds-events\n defaultEventSubscription:\n type: aws:rds:EventSubscription\n name: default\n properties:\n name: rds-event-sub\n snsTopic: ${defaultTopic.arn}\n sourceType: db-instance\n sourceIds:\n - ${default.identifier}\n eventCategories:\n - availability\n - deletion\n - failover\n - failure\n - low storage\n - maintenance\n - notification\n - read replica\n - recovery\n - restoration\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB Event Subscriptions using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/eventSubscription:EventSubscription default rds-event-sub\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the RDS event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the RDS event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n" }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n" }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster`, `db-cluster-snapshot`, or `db-proxy`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "customerAwsId", "name", "namePrefix", "snsTopic", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster`, `db-cluster-snapshot`, or `db-proxy`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "snsTopic" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name of the RDS event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the RDS event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to true.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html or run `aws rds describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the DB event subscription. By default generated by this provider.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "The name of the DB event subscription. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "snsTopic": { "type": "string", "description": "The SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a source_type must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `db-instance`, `db-security-group`, `db-parameter-group`, `db-snapshot`, `db-cluster`, `db-cluster-snapshot`, or `db-proxy`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/exportTask:ExportTask": { "description": "Resource for managing an AWS RDS (Relational Database) Export Task.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleAwsDbSnapshot.dbSnapshotArn,\n s3BucketName: exampleAwsS3Bucket.id,\n iamRoleArn: exampleAwsIamRole.arn,\n kmsKeyId: exampleAwsKmsKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_aws_db_snapshot[\"dbSnapshotArn\"],\n s3_bucket_name=example_aws_s3_bucket[\"id\"],\n iam_role_arn=example_aws_iam_role[\"arn\"],\n kms_key_id=example_aws_kms_key[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleAwsDbSnapshot.DbSnapshotArn,\n S3BucketName = exampleAwsS3Bucket.Id,\n IamRoleArn = exampleAwsIamRole.Arn,\n KmsKeyId = exampleAwsKmsKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: pulumi.Any(exampleAwsDbSnapshot.DbSnapshotArn),\n\t\t\tS3BucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ExportTask(\"example\", ExportTaskArgs.builder()\n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleAwsDbSnapshot.dbSnapshotArn())\n .s3BucketName(exampleAwsS3Bucket.id())\n .iamRoleArn(exampleAwsIamRole.arn())\n .kmsKeyId(exampleAwsKmsKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ExportTask\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleAwsDbSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleAwsS3Bucket.id}\n iamRoleArn: ${exampleAwsIamRole.arn}\n kmsKeyId: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n acl: \"private\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"export.rds.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n actions: [\"s3:ListAllMyBuckets\"],\n resources: [\"*\"],\n },\n {\n actions: [\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n resources: [exampleBucketV2.arn],\n },\n {\n actions: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n resources: [pulumi.interpolate`${exampleBucketV2.arn}/*`],\n },\n ],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"example\",\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: examplePolicy.arn,\n});\nconst exampleKey = new aws.kms.Key(\"example\", {deletionWindowInDays: 10});\nconst exampleInstance = new aws.rds.Instance(\"example\", {\n identifier: \"example\",\n allocatedStorage: 10,\n dbName: \"test\",\n engine: \"mysql\",\n engineVersion: \"5.7\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n username: \"foo\",\n password: \"foobarbaz\",\n parameterGroupName: \"default.mysql5.7\",\n skipFinalSnapshot: true,\n});\nconst exampleSnapshot = new aws.rds.Snapshot(\"example\", {\n dbInstanceIdentifier: exampleInstance.identifier,\n dbSnapshotIdentifier: \"example\",\n});\nconst exampleExportTask = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleSnapshot.dbSnapshotArn,\n s3BucketName: exampleBucketV2.id,\n iamRoleArn: exampleRole.arn,\n kmsKeyId: exampleKey.arn,\n exportOnlies: [\"database\"],\n s3Prefix: \"my_prefix/example\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n acl=\"private\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"export.rds.amazonaws.com\",\n },\n }],\n }))\nexample = aws.iam.get_policy_document_output(statements=[\n {\n \"actions\": [\"s3:ListAllMyBuckets\"],\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n \"resources\": [example_bucket_v2.arn],\n },\n {\n \"actions\": [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n \"resources\": [example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\")],\n },\n])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"example\",\n policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=example_policy.arn)\nexample_key = aws.kms.Key(\"example\", deletion_window_in_days=10)\nexample_instance = aws.rds.Instance(\"example\",\n identifier=\"example\",\n allocated_storage=10,\n db_name=\"test\",\n engine=\"mysql\",\n engine_version=\"5.7\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n username=\"foo\",\n password=\"foobarbaz\",\n parameter_group_name=\"default.mysql5.7\",\n skip_final_snapshot=True)\nexample_snapshot = aws.rds.Snapshot(\"example\",\n db_instance_identifier=example_instance.identifier,\n db_snapshot_identifier=\"example\")\nexample_export_task = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_snapshot.db_snapshot_arn,\n s3_bucket_name=example_bucket_v2.id,\n iam_role_arn=example_role.arn,\n kms_key_id=example_key.arn,\n export_onlies=[\"database\"],\n s3_prefix=\"my_prefix/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Acl = \"private\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"export.rds.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:ListAllMyBuckets\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = examplePolicy.Arn,\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n DeletionWindowInDays = 10,\n });\n\n var exampleInstance = new Aws.Rds.Instance(\"example\", new()\n {\n Identifier = \"example\",\n AllocatedStorage = 10,\n DbName = \"test\",\n Engine = \"mysql\",\n EngineVersion = \"5.7\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n Username = \"foo\",\n Password = \"foobarbaz\",\n ParameterGroupName = \"default.mysql5.7\",\n SkipFinalSnapshot = true,\n });\n\n var exampleSnapshot = new Aws.Rds.Snapshot(\"example\", new()\n {\n DbInstanceIdentifier = exampleInstance.Identifier,\n DbSnapshotIdentifier = \"example\",\n });\n\n var exampleExportTask = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleSnapshot.DbSnapshotArn,\n S3BucketName = exampleBucketV2.Id,\n IamRoleArn = exampleRole.Arn,\n KmsKeyId = exampleKey.Arn,\n ExportOnlies = new[]\n {\n \"database\",\n },\n S3Prefix = \"my_prefix/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"export.rds.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ListAllMyBuckets\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:DeleteObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: examplePolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleInstance, err := rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"example\"),\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"test\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.7\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := rds.NewSnapshot(ctx, \"example\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: exampleInstance.Identifier,\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: exampleSnapshot.DbSnapshotArn,\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t\tKmsKeyId: exampleKey.Arn,\n\t\t\tExportOnlies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"database\"),\n\t\t\t},\n\t\t\tS3Prefix: pulumi.String(\"my_prefix/example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.Snapshot;\nimport com.pulumi.aws.rds.SnapshotArgs;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"export.rds.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:ListAllMyBuckets\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketLocation\",\n \"s3:ListBucket\")\n .resources(exampleBucketV2.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"example\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(exampleRole.name())\n .policyArn(examplePolicy.arn())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .deletionWindowInDays(10)\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .identifier(\"example\")\n .allocatedStorage(10)\n .dbName(\"test\")\n .engine(\"mysql\")\n .engineVersion(\"5.7\")\n .instanceClass(\"db.t3.micro\")\n .username(\"foo\")\n .password(\"foobarbaz\")\n .parameterGroupName(\"default.mysql5.7\")\n .skipFinalSnapshot(true)\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder()\n .dbInstanceIdentifier(exampleInstance.identifier())\n .dbSnapshotIdentifier(\"example\")\n .build());\n\n var exampleExportTask = new ExportTask(\"exampleExportTask\", ExportTaskArgs.builder()\n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleSnapshot.dbSnapshotArn())\n .s3BucketName(exampleBucketV2.id())\n .iamRoleArn(exampleRole.arn())\n .kmsKeyId(exampleKey.arn())\n .exportOnlies(\"database\")\n .s3Prefix(\"my_prefix/example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: export.rds.amazonaws.com\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: example\n policy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: ${examplePolicy.arn}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n deletionWindowInDays: 10\n exampleInstance:\n type: aws:rds:Instance\n name: example\n properties:\n identifier: example\n allocatedStorage: 10\n dbName: test\n engine: mysql\n engineVersion: '5.7'\n instanceClass: db.t3.micro\n username: foo\n password: foobarbaz\n parameterGroupName: default.mysql5.7\n skipFinalSnapshot: true\n exampleSnapshot:\n type: aws:rds:Snapshot\n name: example\n properties:\n dbInstanceIdentifier: ${exampleInstance.identifier}\n dbSnapshotIdentifier: example\n exampleExportTask:\n type: aws:rds:ExportTask\n name: example\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleBucketV2.id}\n iamRoleArn: ${exampleRole.arn}\n kmsKeyId: ${exampleKey.arn}\n exportOnlies:\n - database\n s3Prefix: my_prefix/example\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:ListAllMyBuckets\n resources:\n - '*'\n - actions:\n - s3:GetBucketLocation\n - s3:ListBucket\n resources:\n - ${exampleBucketV2.arn}\n - actions:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n resources:\n - ${exampleBucketV2.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a RDS (Relational Database) Export Task using the `export_task_identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/exportTask:ExportTask example example\n```\n", "properties": { "exportOnlies": { "type": "array", "items": { "type": "string" }, "description": "Data to be exported from the snapshot. If this parameter is not provided, all the snapshot data is exported. Valid values are documented in the [AWS StartExportTask API documentation](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartExportTask.html#API_StartExportTask_RequestParameters).\n" }, "exportTaskIdentifier": { "type": "string", "description": "Unique identifier for the snapshot export task.\n" }, "failureCause": { "type": "string", "description": "Reason the export failed, if it failed.\n" }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to use for writing to the Amazon S3 bucket.\n" }, "kmsKeyId": { "type": "string", "description": "ID of the Amazon Web Services KMS key to use to encrypt the snapshot.\n" }, "percentProgress": { "type": "integer", "description": "Progress of the snapshot export task as a percentage.\n" }, "s3BucketName": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to.\n" }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n" }, "snapshotTime": { "type": "string", "description": "Time that the snapshot was created.\n" }, "sourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the snapshot to export.\n\nThe following arguments are optional:\n" }, "sourceType": { "type": "string", "description": "Type of source for the export.\n" }, "status": { "type": "string", "description": "Status of the export task.\n" }, "taskEndTime": { "type": "string", "description": "Time that the snapshot export task completed.\n" }, "taskStartTime": { "type": "string", "description": "Time that the snapshot export task started.\n" }, "timeouts": { "$ref": "#/types/aws:rds/ExportTaskTimeouts:ExportTaskTimeouts" }, "warningMessage": { "type": "string", "description": "Warning about the snapshot export task, if any.\n" } }, "required": [ "exportTaskIdentifier", "failureCause", "iamRoleArn", "kmsKeyId", "percentProgress", "s3BucketName", "s3Prefix", "snapshotTime", "sourceArn", "sourceType", "status", "taskEndTime", "taskStartTime", "warningMessage" ], "inputProperties": { "exportOnlies": { "type": "array", "items": { "type": "string" }, "description": "Data to be exported from the snapshot. If this parameter is not provided, all the snapshot data is exported. Valid values are documented in the [AWS StartExportTask API documentation](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartExportTask.html#API_StartExportTask_RequestParameters).\n" }, "exportTaskIdentifier": { "type": "string", "description": "Unique identifier for the snapshot export task.\n" }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to use for writing to the Amazon S3 bucket.\n" }, "kmsKeyId": { "type": "string", "description": "ID of the Amazon Web Services KMS key to use to encrypt the snapshot.\n" }, "s3BucketName": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to.\n" }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n" }, "sourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the snapshot to export.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:rds/ExportTaskTimeouts:ExportTaskTimeouts" } }, "requiredInputs": [ "exportTaskIdentifier", "iamRoleArn", "kmsKeyId", "s3BucketName", "sourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ExportTask resources.\n", "properties": { "exportOnlies": { "type": "array", "items": { "type": "string" }, "description": "Data to be exported from the snapshot. If this parameter is not provided, all the snapshot data is exported. Valid values are documented in the [AWS StartExportTask API documentation](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartExportTask.html#API_StartExportTask_RequestParameters).\n" }, "exportTaskIdentifier": { "type": "string", "description": "Unique identifier for the snapshot export task.\n" }, "failureCause": { "type": "string", "description": "Reason the export failed, if it failed.\n" }, "iamRoleArn": { "type": "string", "description": "ARN of the IAM role to use for writing to the Amazon S3 bucket.\n" }, "kmsKeyId": { "type": "string", "description": "ID of the Amazon Web Services KMS key to use to encrypt the snapshot.\n" }, "percentProgress": { "type": "integer", "description": "Progress of the snapshot export task as a percentage.\n" }, "s3BucketName": { "type": "string", "description": "Name of the Amazon S3 bucket to export the snapshot to.\n" }, "s3Prefix": { "type": "string", "description": "Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.\n" }, "snapshotTime": { "type": "string", "description": "Time that the snapshot was created.\n" }, "sourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the snapshot to export.\n\nThe following arguments are optional:\n" }, "sourceType": { "type": "string", "description": "Type of source for the export.\n" }, "status": { "type": "string", "description": "Status of the export task.\n" }, "taskEndTime": { "type": "string", "description": "Time that the snapshot export task completed.\n" }, "taskStartTime": { "type": "string", "description": "Time that the snapshot export task started.\n" }, "timeouts": { "$ref": "#/types/aws:rds/ExportTaskTimeouts:ExportTaskTimeouts" }, "warningMessage": { "type": "string", "description": "Warning about the snapshot export task, if any.\n" } }, "type": "object" } }, "aws:rds/globalCluster:GlobalCluster": { "description": "Manages an RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.\n\nMore information about Aurora global databases can be found in the [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database-creating).\n\n## Example Usage\n\n### New MySQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora\",\n engineVersion: \"5.6.mysql_aurora.1.22.2\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora\",\n engine_version=\"5.6.mysql_aurora.1.22.2\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\",\n opts = pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora\",\n EngineVersion = \"5.6.mysql_aurora.1.22.2\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance,\n },\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.mysql_aurora.1.22.2\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora\")\n .engineVersion(\"5.6.mysql_aurora.1.22.2\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora\n engineVersion: 5.6.mysql_aurora.1.22.2\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New PostgreSQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora-postgresql\",\n engineVersion: \"11.9\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n skipFinalSnapshot: true,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora-postgresql\",\n engine_version=\"11.9\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n skip_final_snapshot=True,\n db_subnet_group_name=\"default\",\n opts = pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora-postgresql\",\n EngineVersion = \"11.9\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n SkipFinalSnapshot = true,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance,\n },\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora-postgresql\"),\n\t\t\tEngineVersion: pulumi.String(\"11.9\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"11.9\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .skipFinalSnapshot(true)\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder()\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora-postgresql\n engineVersion: '11.9'\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n skipFinalSnapshot: true\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.rds.GlobalCluster(\"example\", {\n forceDestroy: true,\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\")\nexample_global_cluster = aws.rds.GlobalCluster(\"example\",\n force_destroy=True,\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n ForceDestroy = true,\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder()\n .forceDestroy(true)\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Cluster\n exampleGlobalCluster:\n type: aws:rds:GlobalCluster\n name: example\n properties:\n forceDestroy: true\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Upgrading Engine Versions\n\nWhen you upgrade the version of an `aws.rds.GlobalCluster`, the provider will attempt to in-place upgrade the engine versions of all associated clusters. Since the `aws.rds.Cluster` resource is being updated through the `aws.rds.GlobalCluster`, you are likely to get an error (`Provider produced inconsistent final plan`). To avoid this, use the `lifecycle` `ignore_changes` meta argument as shown below on the `aws.rds.Cluster`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"kyivkharkiv\",\n engine: \"aurora-mysql\",\n engineVersion: \"5.7.mysql_aurora.2.07.5\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n allowMajorVersionUpgrade: true,\n applyImmediately: true,\n clusterIdentifier: \"odessadnipro\",\n databaseName: \"totoro\",\n engine: example.engine,\n engineVersion: example.engineVersion,\n globalClusterIdentifier: example.id,\n masterPassword: \"satsukimae\",\n masterUsername: \"maesatsuki\",\n skipFinalSnapshot: true,\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n applyImmediately: true,\n clusterIdentifier: primary.id,\n engine: primary.engine,\n engineVersion: primary.engineVersion,\n identifier: \"donetsklviv\",\n instanceClass: aws.rds.InstanceType.R4_Large,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"kyivkharkiv\",\n engine=\"aurora-mysql\",\n engine_version=\"5.7.mysql_aurora.2.07.5\")\nprimary = aws.rds.Cluster(\"primary\",\n allow_major_version_upgrade=True,\n apply_immediately=True,\n cluster_identifier=\"odessadnipro\",\n database_name=\"totoro\",\n engine=example.engine,\n engine_version=example.engine_version,\n global_cluster_identifier=example.id,\n master_password=\"satsukimae\",\n master_username=\"maesatsuki\",\n skip_final_snapshot=True)\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n apply_immediately=True,\n cluster_identifier=primary.id,\n engine=primary.engine,\n engine_version=primary.engine_version,\n identifier=\"donetsklviv\",\n instance_class=aws.rds.InstanceType.R4_LARGE)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"kyivkharkiv\",\n Engine = \"aurora-mysql\",\n EngineVersion = \"5.7.mysql_aurora.2.07.5\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n AllowMajorVersionUpgrade = true,\n ApplyImmediately = true,\n ClusterIdentifier = \"odessadnipro\",\n DatabaseName = \"totoro\",\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n GlobalClusterIdentifier = example.Id,\n MasterPassword = \"satsukimae\",\n MasterUsername = \"maesatsuki\",\n SkipFinalSnapshot = true,\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = primary.Id,\n Engine = primary.Engine,\n EngineVersion = primary.EngineVersion,\n Identifier = \"donetsklviv\",\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"kyivkharkiv\"),\n\t\t\tEngine: pulumi.String(\"aurora-mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7.mysql_aurora.2.07.5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tAllowMajorVersionUpgrade: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: pulumi.String(\"odessadnipro\"),\n\t\t\tDatabaseName: pulumi.String(\"totoro\"),\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tMasterPassword: pulumi.String(\"satsukimae\"),\n\t\t\tMasterUsername: pulumi.String(\"maesatsuki\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tEngine: primary.Engine,\n\t\t\tEngineVersion: primary.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"donetsklviv\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder()\n .globalClusterIdentifier(\"kyivkharkiv\")\n .engine(\"aurora-mysql\")\n .engineVersion(\"5.7.mysql_aurora.2.07.5\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder()\n .allowMajorVersionUpgrade(true)\n .applyImmediately(true)\n .clusterIdentifier(\"odessadnipro\")\n .databaseName(\"totoro\")\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .globalClusterIdentifier(example.id())\n .masterPassword(\"satsukimae\")\n .masterUsername(\"maesatsuki\")\n .skipFinalSnapshot(true)\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder()\n .applyImmediately(true)\n .clusterIdentifier(primary.id())\n .engine(primary.engine())\n .engineVersion(primary.engineVersion())\n .identifier(\"donetsklviv\")\n .instanceClass(\"db.r4.large\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: kyivkharkiv\n engine: aurora-mysql\n engineVersion: 5.7.mysql_aurora.2.07.5\n primary:\n type: aws:rds:Cluster\n properties:\n allowMajorVersionUpgrade: true\n applyImmediately: true\n clusterIdentifier: odessadnipro\n databaseName: totoro\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n globalClusterIdentifier: ${example.id}\n masterPassword: satsukimae\n masterUsername: maesatsuki\n skipFinalSnapshot: true\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n applyImmediately: true\n clusterIdentifier: ${primary.id}\n engine: ${primary.engine}\n engineVersion: ${primary.engineVersion}\n identifier: donetsklviv\n instanceClass: db.r4.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rds_global_cluster` using the RDS Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:rds/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `force_destroy`, only exist within this provider. If the argument is set in the the provider configuration on an imported resource, This provider will show a difference on the first plan after import to update the state value. This change is safe to apply immediately so the state matches the desired configuration.\n\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "RDS Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n" }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`. Conflicts with `source_db_cluster_identifier`.\n" }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to Aurora PostgreSQL-based global databases. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database. The `engine`, `engine_version`, and `instance_class` (on the `aws.rds.ClusterInstance`) must together support global databases. See [Using Amazon Aurora global databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) for more information. By upgrading the engine version, the provider will upgrade cluster members. **NOTE:** To avoid an `inconsistent final plan` error while upgrading, use the `lifecycle` `ignore_changes` for `engine_version` meta argument on the associated `aws.rds.Cluster` resource as shown above in Upgrading Engine Versions example.\n" }, "engineVersionActual": { "type": "string" }, "forceDestroy": { "type": "boolean", "description": "Enable to remove DB Cluster members from Global Cluster on destroy. Required with `source_db_cluster_identifier`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier.\n" }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:rds/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n" } }, "required": [ "arn", "engine", "engineLifecycleSupport", "engineVersion", "engineVersionActual", "globalClusterIdentifier", "globalClusterMembers", "globalClusterResourceId", "sourceDbClusterIdentifier", "storageEncrypted" ], "inputProperties": { "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to Aurora PostgreSQL-based global databases. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database. The `engine`, `engine_version`, and `instance_class` (on the `aws.rds.ClusterInstance`) must together support global databases. See [Using Amazon Aurora global databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) for more information. By upgrading the engine version, the provider will upgrade cluster members. **NOTE:** To avoid an `inconsistent final plan` error while upgrading, use the `lifecycle` `ignore_changes` for `engine_version` meta argument on the associated `aws.rds.Cluster` resource as shown above in Upgrading Engine Versions example.\n" }, "forceDestroy": { "type": "boolean", "description": "Enable to remove DB Cluster members from Global Cluster on destroy. Required with `source_db_cluster_identifier`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier.\n", "willReplaceOnChanges": true }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "globalClusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering GlobalCluster resources.\n", "properties": { "arn": { "type": "string", "description": "RDS Global Cluster Amazon Resource Name (ARN)\n" }, "databaseName": { "type": "string", "description": "Name for an automatically created database on cluster creation.\n", "willReplaceOnChanges": true }, "deletionProtection": { "type": "boolean", "description": "If the Global Cluster should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "engine": { "type": "string", "description": "Name of the database engine to be used for this DB cluster. The provider will only perform drift detection if a configuration value is provided. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql`. Defaults to `aurora`. Conflicts with `source_db_cluster_identifier`.\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to Aurora PostgreSQL-based global databases. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "Engine version of the Aurora global database. The `engine`, `engine_version`, and `instance_class` (on the `aws.rds.ClusterInstance`) must together support global databases. See [Using Amazon Aurora global databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) for more information. By upgrading the engine version, the provider will upgrade cluster members. **NOTE:** To avoid an `inconsistent final plan` error while upgrading, use the `lifecycle` `ignore_changes` for `engine_version` meta argument on the associated `aws.rds.Cluster` resource as shown above in Upgrading Engine Versions example.\n" }, "engineVersionActual": { "type": "string" }, "forceDestroy": { "type": "boolean", "description": "Enable to remove DB Cluster members from Global Cluster on destroy. Required with `source_db_cluster_identifier`.\n" }, "globalClusterIdentifier": { "type": "string", "description": "Global cluster identifier.\n", "willReplaceOnChanges": true }, "globalClusterMembers": { "type": "array", "items": { "$ref": "#/types/aws:rds/GlobalClusterGlobalClusterMember:GlobalClusterGlobalClusterMember" }, "description": "Set of objects containing Global Cluster members.\n" }, "globalClusterResourceId": { "type": "string", "description": "AWS Region-unique, immutable identifier for the global database cluster. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB cluster is accessed\n" }, "sourceDbClusterIdentifier": { "type": "string", "description": "Amazon Resource Name (ARN) to use as the primary DB Cluster of the Global Cluster on creation. The provider cannot perform drift detection of this value.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB cluster is encrypted. The default is `false` unless `source_db_cluster_identifier` is specified and encrypted. The provider will only perform drift detection if a configuration value is provided.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/instance:Instance": { "description": "Provides an RDS instance resource. A DB instance is an isolated database\nenvironment in the cloud. A DB instance can contain multiple user-created\ndatabases.\n\nChanges to a DB instance can occur when you manually change a parameter, such as\n`allocated_storage`, and are reflected in the next maintenance window. Because\nof this, this provider may report a difference in its planning phase because a\nmodification has not yet taken place. You can use the `apply_immediately` flag\nto instruct the service to apply the change immediately (see documentation\nbelow).\n\nWhen upgrading the major version of an engine, `allow_major_version_upgrade` must be set to `true`.\n\n\u003e **Note:** using `apply_immediately` can result in a brief downtime as the server reboots.\nSee the AWS Docs on [RDS Instance Maintenance][instance-maintenance] for more information.\n\n\u003e **Note:** All arguments including the username and password will be stored in the raw state as plain-text.\nRead more about sensitive data instate.\n\n\n\n## RDS Instance Class Types\n\nAmazon RDS supports instance classes for the following use cases: General-purpose, Memory-optimized, Burstable Performance, and Optimized-reads.\nFor more information please read the AWS RDS documentation about [DB Instance Class Types](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)\n\n## Low-Downtime Updates\n\nBy default, RDS applies updates to DB Instances in-place, which can lead to service interruptions.\nLow-downtime updates minimize service interruptions by performing the updates with an [RDS Blue/Green deployment][blue-green] and switching over the instances when complete.\n\nLow-downtime updates are only available for DB Instances using MySQL, MariaDB and PostgreSQL,\nas other engines are not supported by RDS Blue/Green deployments.\nThey cannot be used with DB Instances with replicas.\n\nBackups must be enabled to use low-downtime updates.\n\nEnable low-downtime updates by setting `blue_green_update.enabled` to `true`.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n dbName: \"mydb\",\n engine: \"mysql\",\n engineVersion: \"8.0\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n username: \"foo\",\n password: \"foobarbaz\",\n parameterGroupName: \"default.mysql8.0\",\n skipFinalSnapshot: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n db_name=\"mydb\",\n engine=\"mysql\",\n engine_version=\"8.0\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n username=\"foo\",\n password=\"foobarbaz\",\n parameter_group_name=\"default.mysql8.0\",\n skip_final_snapshot=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n DbName = \"mydb\",\n Engine = \"mysql\",\n EngineVersion = \"8.0\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n Username = \"foo\",\n Password = \"foobarbaz\",\n ParameterGroupName = \"default.mysql8.0\",\n SkipFinalSnapshot = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"8.0\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql8.0\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .dbName(\"mydb\")\n .engine(\"mysql\")\n .engineVersion(\"8.0\")\n .instanceClass(\"db.t3.micro\")\n .username(\"foo\")\n .password(\"foobarbaz\")\n .parameterGroupName(\"default.mysql8.0\")\n .skipFinalSnapshot(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n dbName: mydb\n engine: mysql\n engineVersion: '8.0'\n instanceClass: db.t3.micro\n username: foo\n password: foobarbaz\n parameterGroupName: default.mysql8.0\n skipFinalSnapshot: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Custom for Oracle Usage with Replica\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Lookup the available instance classes for the custom engine for the region being operated in\nconst custom-oracle = aws.rds.getOrderableDbInstance({\n engine: \"custom-oracle-ee\",\n engineVersion: \"19.c.ee.002\",\n licenseModel: \"bring-your-own-license\",\n storageType: \"gp3\",\n preferredInstanceClasses: [\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n ],\n});\n// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\nconst byId = aws.kms.getKey({\n keyId: \"example-ef278353ceba4a5a97de6784565b9f78\",\n});\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 50,\n autoMinorVersionUpgrade: false,\n customIamInstanceProfile: \"AWSRDSCustomInstanceProfile\",\n backupRetentionPeriod: 7,\n dbSubnetGroupName: dbSubnetGroupName,\n engine: custom_oracle.then(custom_oracle =\u003e custom_oracle.engine),\n engineVersion: custom_oracle.then(custom_oracle =\u003e custom_oracle.engineVersion),\n identifier: \"ee-instance-demo\",\n instanceClass: custom_oracle.then(custom_oracle =\u003e custom_oracle.instanceClass).apply((x) =\u003e aws.rds.InstanceType[x]),\n kmsKeyId: byId.then(byId =\u003e byId.arn),\n licenseModel: custom_oracle.then(custom_oracle =\u003e custom_oracle.licenseModel),\n multiAz: false,\n password: \"avoid-plaintext-passwords\",\n username: \"test\",\n storageEncrypted: true,\n});\nconst test_replica = new aws.rds.Instance(\"test-replica\", {\n replicateSourceDb: _default.identifier,\n replicaMode: \"mounted\",\n autoMinorVersionUpgrade: false,\n customIamInstanceProfile: \"AWSRDSCustomInstanceProfile\",\n backupRetentionPeriod: 7,\n identifier: \"ee-instance-replica\",\n instanceClass: custom_oracle.then(custom_oracle =\u003e custom_oracle.instanceClass).apply((x) =\u003e aws.rds.InstanceType[x]),\n kmsKeyId: byId.then(byId =\u003e byId.arn),\n multiAz: false,\n skipFinalSnapshot: true,\n storageEncrypted: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Lookup the available instance classes for the custom engine for the region being operated in\ncustom_oracle = aws.rds.get_orderable_db_instance(engine=\"custom-oracle-ee\",\n engine_version=\"19.c.ee.002\",\n license_model=\"bring-your-own-license\",\n storage_type=\"gp3\",\n preferred_instance_classes=[\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n ])\n# The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\nby_id = aws.kms.get_key(key_id=\"example-ef278353ceba4a5a97de6784565b9f78\")\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=50,\n auto_minor_version_upgrade=False,\n custom_iam_instance_profile=\"AWSRDSCustomInstanceProfile\",\n backup_retention_period=7,\n db_subnet_group_name=db_subnet_group_name,\n engine=custom_oracle.engine,\n engine_version=custom_oracle.engine_version,\n identifier=\"ee-instance-demo\",\n instance_class=custom_oracle.instance_class.apply(lambda x: aws.rds.InstanceType(x)),\n kms_key_id=by_id.arn,\n license_model=custom_oracle.license_model,\n multi_az=False,\n password=\"avoid-plaintext-passwords\",\n username=\"test\",\n storage_encrypted=True)\ntest_replica = aws.rds.Instance(\"test-replica\",\n replicate_source_db=default.identifier,\n replica_mode=\"mounted\",\n auto_minor_version_upgrade=False,\n custom_iam_instance_profile=\"AWSRDSCustomInstanceProfile\",\n backup_retention_period=7,\n identifier=\"ee-instance-replica\",\n instance_class=custom_oracle.instance_class.apply(lambda x: aws.rds.InstanceType(x)),\n kms_key_id=by_id.arn,\n multi_az=False,\n skip_final_snapshot=True,\n storage_encrypted=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Lookup the available instance classes for the custom engine for the region being operated in\n var custom_oracle = Aws.Rds.GetOrderableDbInstance.Invoke(new()\n {\n Engine = \"custom-oracle-ee\",\n EngineVersion = \"19.c.ee.002\",\n LicenseModel = \"bring-your-own-license\",\n StorageType = \"gp3\",\n PreferredInstanceClasses = new[]\n {\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n },\n });\n\n // The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\n var byId = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"example-ef278353ceba4a5a97de6784565b9f78\",\n });\n\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 50,\n AutoMinorVersionUpgrade = false,\n CustomIamInstanceProfile = \"AWSRDSCustomInstanceProfile\",\n BackupRetentionPeriod = 7,\n DbSubnetGroupName = dbSubnetGroupName,\n Engine = custom_oracle.Apply(custom_oracle =\u003e custom_oracle.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.Engine)),\n EngineVersion = custom_oracle.Apply(custom_oracle =\u003e custom_oracle.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.EngineVersion)),\n Identifier = \"ee-instance-demo\",\n InstanceClass = custom_oracle.Apply(custom_oracle =\u003e custom_oracle.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse\u003cAws.Rds.InstanceType\u003e),\n KmsKeyId = byId.Apply(getKeyResult =\u003e getKeyResult.Arn),\n LicenseModel = custom_oracle.Apply(custom_oracle =\u003e custom_oracle.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.LicenseModel)),\n MultiAz = false,\n Password = \"avoid-plaintext-passwords\",\n Username = \"test\",\n StorageEncrypted = true,\n });\n\n var test_replica = new Aws.Rds.Instance(\"test-replica\", new()\n {\n ReplicateSourceDb = @default.Identifier,\n ReplicaMode = \"mounted\",\n AutoMinorVersionUpgrade = false,\n CustomIamInstanceProfile = \"AWSRDSCustomInstanceProfile\",\n BackupRetentionPeriod = 7,\n Identifier = \"ee-instance-replica\",\n InstanceClass = custom_oracle.Apply(custom_oracle =\u003e custom_oracle.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse\u003cAws.Rds.InstanceType\u003e),\n KmsKeyId = byId.Apply(getKeyResult =\u003e getKeyResult.Arn),\n MultiAz = false,\n SkipFinalSnapshot = true,\n StorageEncrypted = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Lookup the available instance classes for the custom engine for the region being operated in\n\t\tcustom_oracle, err := rds.GetOrderableDbInstance(ctx, \u0026rds.GetOrderableDbInstanceArgs{\n\t\t\tEngine: \"custom-oracle-ee\",\n\t\t\tEngineVersion: pulumi.StringRef(\"19.c.ee.002\"),\n\t\t\tLicenseModel: pulumi.StringRef(\"bring-your-own-license\"),\n\t\t\tStorageType: pulumi.StringRef(\"gp3\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.r5.xlarge\",\n\t\t\t\t\"db.r5.2xlarge\",\n\t\t\t\t\"db.r5.4xlarge\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\n\t\tbyId, err := kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"example-ef278353ceba4a5a97de6784565b9f78\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(50),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(false),\n\t\t\tCustomIamInstanceProfile: pulumi.String(\"AWSRDSCustomInstanceProfile\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(7),\n\t\t\tDbSubnetGroupName: pulumi.Any(dbSubnetGroupName),\n\t\t\tEngine: pulumi.String(custom_oracle.Engine),\n\t\t\tEngineVersion: pulumi.String(custom_oracle.EngineVersion),\n\t\t\tIdentifier: pulumi.String(\"ee-instance-demo\"),\n\t\t\tInstanceClass: custom_oracle.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),\n\t\t\tKmsKeyId: pulumi.String(byId.Arn),\n\t\t\tLicenseModel: pulumi.String(custom_oracle.LicenseModel),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tUsername: pulumi.String(\"test\"),\n\t\t\tStorageEncrypted: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewInstance(ctx, \"test-replica\", \u0026rds.InstanceArgs{\n\t\t\tReplicateSourceDb: _default.Identifier,\n\t\t\tReplicaMode: pulumi.String(\"mounted\"),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(false),\n\t\t\tCustomIamInstanceProfile: pulumi.String(\"AWSRDSCustomInstanceProfile\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(7),\n\t\t\tIdentifier: pulumi.String(\"ee-instance-replica\"),\n\t\t\tInstanceClass: custom_oracle.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),\n\t\t\tKmsKeyId: pulumi.String(byId.Arn),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tStorageEncrypted: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetKeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Lookup the available instance classes for the custom engine for the region being operated in\n final var custom-oracle = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(\"custom-oracle-ee\")\n .engineVersion(\"19.c.ee.002\")\n .licenseModel(\"bring-your-own-license\")\n .storageType(\"gp3\")\n .preferredInstanceClasses( \n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\")\n .build());\n\n // The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\n final var byId = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"example-ef278353ceba4a5a97de6784565b9f78\")\n .build());\n\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(50)\n .autoMinorVersionUpgrade(false)\n .customIamInstanceProfile(\"AWSRDSCustomInstanceProfile\")\n .backupRetentionPeriod(7)\n .dbSubnetGroupName(dbSubnetGroupName)\n .engine(custom_oracle.engine())\n .engineVersion(custom_oracle.engineVersion())\n .identifier(\"ee-instance-demo\")\n .instanceClass(custom_oracle.instanceClass())\n .kmsKeyId(byId.applyValue(getKeyResult -\u003e getKeyResult.arn()))\n .licenseModel(custom_oracle.licenseModel())\n .multiAz(false)\n .password(\"avoid-plaintext-passwords\")\n .username(\"test\")\n .storageEncrypted(true)\n .build());\n\n var test_replica = new Instance(\"test-replica\", InstanceArgs.builder()\n .replicateSourceDb(default_.identifier())\n .replicaMode(\"mounted\")\n .autoMinorVersionUpgrade(false)\n .customIamInstanceProfile(\"AWSRDSCustomInstanceProfile\")\n .backupRetentionPeriod(7)\n .identifier(\"ee-instance-replica\")\n .instanceClass(custom_oracle.instanceClass())\n .kmsKeyId(byId.applyValue(getKeyResult -\u003e getKeyResult.arn()))\n .multiAz(false)\n .skipFinalSnapshot(true)\n .storageEncrypted(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 50\n autoMinorVersionUpgrade: false # Custom for Oracle does not support minor version upgrades\n customIamInstanceProfile: AWSRDSCustomInstanceProfile\n backupRetentionPeriod: 7\n dbSubnetGroupName: ${dbSubnetGroupName}\n engine: ${[\"custom-oracle\"].engine}\n engineVersion: ${[\"custom-oracle\"].engineVersion}\n identifier: ee-instance-demo\n instanceClass: ${[\"custom-oracle\"].instanceClass}\n kmsKeyId: ${byId.arn}\n licenseModel: ${[\"custom-oracle\"].licenseModel}\n multiAz: false # Custom for Oracle does not support multi-az\n password: avoid-plaintext-passwords\n username: test\n storageEncrypted: true\n test-replica:\n type: aws:rds:Instance\n properties:\n replicateSourceDb: ${default.identifier}\n replicaMode: mounted\n autoMinorVersionUpgrade: false\n customIamInstanceProfile: AWSRDSCustomInstanceProfile\n backupRetentionPeriod: 7\n identifier: ee-instance-replica\n instanceClass: ${[\"custom-oracle\"].instanceClass}\n kmsKeyId: ${byId.arn}\n multiAz: false # Custom for Oracle does not support multi-az\n skipFinalSnapshot: true\n storageEncrypted: true\nvariables:\n # Lookup the available instance classes for the custom engine for the region being operated in\n custom-oracle:\n fn::invoke:\n Function: aws:rds:getOrderableDbInstance\n Arguments:\n engine: custom-oracle-ee\n engineVersion: 19.c.ee.002\n licenseModel: bring-your-own-license\n storageType: gp3\n preferredInstanceClasses:\n - db.r5.xlarge\n - db.r5.2xlarge\n - db.r5.4xlarge\n # The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.\n byId:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: example-ef278353ceba4a5a97de6784565b9f78\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Custom for SQL Server\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Lookup the available instance classes for the custom engine for the region being operated in\nconst custom-sqlserver = aws.rds.getOrderableDbInstance({\n engine: \"custom-sqlserver-se\",\n engineVersion: \"15.00.4249.2.v1\",\n storageType: \"gp3\",\n preferredInstanceClasses: [\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n ],\n});\n// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\nconst byId = aws.kms.getKey({\n keyId: \"example-ef278353ceba4a5a97de6784565b9f78\",\n});\nconst example = new aws.rds.Instance(\"example\", {\n allocatedStorage: 500,\n autoMinorVersionUpgrade: false,\n customIamInstanceProfile: \"AWSRDSCustomSQLServerInstanceProfile\",\n backupRetentionPeriod: 7,\n dbSubnetGroupName: dbSubnetGroupName,\n engine: custom_sqlserver.then(custom_sqlserver =\u003e custom_sqlserver.engine),\n engineVersion: custom_sqlserver.then(custom_sqlserver =\u003e custom_sqlserver.engineVersion),\n identifier: \"sql-instance-demo\",\n instanceClass: custom_sqlserver.then(custom_sqlserver =\u003e custom_sqlserver.instanceClass).apply((x) =\u003e aws.rds.InstanceType[x]),\n kmsKeyId: byId.then(byId =\u003e byId.arn),\n multiAz: false,\n password: \"avoid-plaintext-passwords\",\n storageEncrypted: true,\n username: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Lookup the available instance classes for the custom engine for the region being operated in\ncustom_sqlserver = aws.rds.get_orderable_db_instance(engine=\"custom-sqlserver-se\",\n engine_version=\"15.00.4249.2.v1\",\n storage_type=\"gp3\",\n preferred_instance_classes=[\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n ])\n# The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\nby_id = aws.kms.get_key(key_id=\"example-ef278353ceba4a5a97de6784565b9f78\")\nexample = aws.rds.Instance(\"example\",\n allocated_storage=500,\n auto_minor_version_upgrade=False,\n custom_iam_instance_profile=\"AWSRDSCustomSQLServerInstanceProfile\",\n backup_retention_period=7,\n db_subnet_group_name=db_subnet_group_name,\n engine=custom_sqlserver.engine,\n engine_version=custom_sqlserver.engine_version,\n identifier=\"sql-instance-demo\",\n instance_class=custom_sqlserver.instance_class.apply(lambda x: aws.rds.InstanceType(x)),\n kms_key_id=by_id.arn,\n multi_az=False,\n password=\"avoid-plaintext-passwords\",\n storage_encrypted=True,\n username=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Lookup the available instance classes for the custom engine for the region being operated in\n var custom_sqlserver = Aws.Rds.GetOrderableDbInstance.Invoke(new()\n {\n Engine = \"custom-sqlserver-se\",\n EngineVersion = \"15.00.4249.2.v1\",\n StorageType = \"gp3\",\n PreferredInstanceClasses = new[]\n {\n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\",\n },\n });\n\n // The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\n var byId = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"example-ef278353ceba4a5a97de6784565b9f78\",\n });\n\n var example = new Aws.Rds.Instance(\"example\", new()\n {\n AllocatedStorage = 500,\n AutoMinorVersionUpgrade = false,\n CustomIamInstanceProfile = \"AWSRDSCustomSQLServerInstanceProfile\",\n BackupRetentionPeriod = 7,\n DbSubnetGroupName = dbSubnetGroupName,\n Engine = custom_sqlserver.Apply(custom_sqlserver =\u003e custom_sqlserver.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.Engine)),\n EngineVersion = custom_sqlserver.Apply(custom_sqlserver =\u003e custom_sqlserver.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.EngineVersion)),\n Identifier = \"sql-instance-demo\",\n InstanceClass = custom_sqlserver.Apply(custom_sqlserver =\u003e custom_sqlserver.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse\u003cAws.Rds.InstanceType\u003e),\n KmsKeyId = byId.Apply(getKeyResult =\u003e getKeyResult.Arn),\n MultiAz = false,\n Password = \"avoid-plaintext-passwords\",\n StorageEncrypted = true,\n Username = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Lookup the available instance classes for the custom engine for the region being operated in\n\t\tcustom_sqlserver, err := rds.GetOrderableDbInstance(ctx, \u0026rds.GetOrderableDbInstanceArgs{\n\t\t\tEngine: \"custom-sqlserver-se\",\n\t\t\tEngineVersion: pulumi.StringRef(\"15.00.4249.2.v1\"),\n\t\t\tStorageType: pulumi.StringRef(\"gp3\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.r5.xlarge\",\n\t\t\t\t\"db.r5.2xlarge\",\n\t\t\t\t\"db.r5.4xlarge\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\n\t\tbyId, err := kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"example-ef278353ceba4a5a97de6784565b9f78\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(500),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(false),\n\t\t\tCustomIamInstanceProfile: pulumi.String(\"AWSRDSCustomSQLServerInstanceProfile\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(7),\n\t\t\tDbSubnetGroupName: pulumi.Any(dbSubnetGroupName),\n\t\t\tEngine: pulumi.String(custom_sqlserver.Engine),\n\t\t\tEngineVersion: pulumi.String(custom_sqlserver.EngineVersion),\n\t\t\tIdentifier: pulumi.String(\"sql-instance-demo\"),\n\t\t\tInstanceClass: custom_sqlserver.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),\n\t\t\tKmsKeyId: pulumi.String(byId.Arn),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tStorageEncrypted: pulumi.Bool(true),\n\t\t\tUsername: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetKeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Lookup the available instance classes for the custom engine for the region being operated in\n final var custom-sqlserver = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(\"custom-sqlserver-se\")\n .engineVersion(\"15.00.4249.2.v1\")\n .storageType(\"gp3\")\n .preferredInstanceClasses( \n \"db.r5.xlarge\",\n \"db.r5.2xlarge\",\n \"db.r5.4xlarge\")\n .build());\n\n // The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\n final var byId = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"example-ef278353ceba4a5a97de6784565b9f78\")\n .build());\n\n var example = new Instance(\"example\", InstanceArgs.builder()\n .allocatedStorage(500)\n .autoMinorVersionUpgrade(false)\n .customIamInstanceProfile(\"AWSRDSCustomSQLServerInstanceProfile\")\n .backupRetentionPeriod(7)\n .dbSubnetGroupName(dbSubnetGroupName)\n .engine(custom_sqlserver.engine())\n .engineVersion(custom_sqlserver.engineVersion())\n .identifier(\"sql-instance-demo\")\n .instanceClass(custom_sqlserver.instanceClass())\n .kmsKeyId(byId.applyValue(getKeyResult -\u003e getKeyResult.arn()))\n .multiAz(false)\n .password(\"avoid-plaintext-passwords\")\n .storageEncrypted(true)\n .username(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 500\n autoMinorVersionUpgrade: false # Custom for SQL Server does not support minor version upgrades\n customIamInstanceProfile: AWSRDSCustomSQLServerInstanceProfile\n backupRetentionPeriod: 7\n dbSubnetGroupName: ${dbSubnetGroupName}\n engine: ${[\"custom-sqlserver\"].engine}\n engineVersion: ${[\"custom-sqlserver\"].engineVersion}\n identifier: sql-instance-demo\n instanceClass: ${[\"custom-sqlserver\"].instanceClass}\n kmsKeyId: ${byId.arn}\n multiAz: false # Custom for SQL Server does support multi-az\n password: avoid-plaintext-passwords\n storageEncrypted: true\n username: test\nvariables:\n # Lookup the available instance classes for the custom engine for the region being operated in\n custom-sqlserver:\n fn::invoke:\n Function: aws:rds:getOrderableDbInstance\n Arguments:\n engine: custom-sqlserver-se\n engineVersion: 15.00.4249.2.v1\n storageType: gp3\n preferredInstanceClasses:\n - db.r5.xlarge\n - db.r5.2xlarge\n - db.r5.4xlarge\n # The RDS instance resource requires an ARN. Look up the ARN of the KMS key.\n byId:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: example-ef278353ceba4a5a97de6784565b9f78\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### RDS Db2 Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\nconst default = aws.rds.getEngineVersion({\n engine: \"db2-se\",\n});\n// Lookup the available instance classes for the engine in the region being operated in\nconst example = Promise.all([_default, _default]).then(([_default, _default1]) =\u003e aws.rds.getOrderableDbInstance({\n engine: _default.engine,\n engineVersion: _default1.version,\n licenseModel: \"bring-your-own-license\",\n storageType: \"gp3\",\n preferredInstanceClasses: [\n \"db.t3.small\",\n \"db.r6i.large\",\n \"db.m6i.large\",\n ],\n}));\n// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\nconst exampleParameterGroup = new aws.rds.ParameterGroup(\"example\", {\n name: \"db-db2-params\",\n family: _default.then(_default =\u003e _default.parameterGroupFamily),\n parameters: [\n {\n applyMethod: \"immediate\",\n name: \"rds.ibm_customer_id\",\n value: \"0\",\n },\n {\n applyMethod: \"immediate\",\n name: \"rds.ibm_site_id\",\n value: \"0\",\n },\n ],\n});\n// Create the RDS Db2 instance, use the data sources defined to set attributes\nconst exampleInstance = new aws.rds.Instance(\"example\", {\n allocatedStorage: 100,\n backupRetentionPeriod: 7,\n dbName: \"test\",\n engine: example.then(example =\u003e example.engine),\n engineVersion: example.then(example =\u003e example.engineVersion),\n identifier: \"db2-instance-demo\",\n instanceClass: example.then(example =\u003e example.instanceClass).apply((x) =\u003e aws.rds.InstanceType[x]),\n parameterGroupName: exampleParameterGroup.name,\n password: \"avoid-plaintext-passwords\",\n username: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\ndefault = aws.rds.get_engine_version(engine=\"db2-se\")\n# Lookup the available instance classes for the engine in the region being operated in\nexample = aws.rds.get_orderable_db_instance(engine=default.engine,\n engine_version=default.version,\n license_model=\"bring-your-own-license\",\n storage_type=\"gp3\",\n preferred_instance_classes=[\n \"db.t3.small\",\n \"db.r6i.large\",\n \"db.m6i.large\",\n ])\n# The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\nexample_parameter_group = aws.rds.ParameterGroup(\"example\",\n name=\"db-db2-params\",\n family=default.parameter_group_family,\n parameters=[\n {\n \"apply_method\": \"immediate\",\n \"name\": \"rds.ibm_customer_id\",\n \"value\": \"0\",\n },\n {\n \"apply_method\": \"immediate\",\n \"name\": \"rds.ibm_site_id\",\n \"value\": \"0\",\n },\n ])\n# Create the RDS Db2 instance, use the data sources defined to set attributes\nexample_instance = aws.rds.Instance(\"example\",\n allocated_storage=100,\n backup_retention_period=7,\n db_name=\"test\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"db2-instance-demo\",\n instance_class=example.instance_class.apply(lambda x: aws.rds.InstanceType(x)),\n parameter_group_name=example_parameter_group.name,\n password=\"avoid-plaintext-passwords\",\n username=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\n var @default = Aws.Rds.GetEngineVersion.Invoke(new()\n {\n Engine = \"db2-se\",\n });\n\n // Lookup the available instance classes for the engine in the region being operated in\n var example = Aws.Rds.GetOrderableDbInstance.Invoke(new()\n {\n Engine = @default.Apply(getEngineVersionResult =\u003e getEngineVersionResult.Engine),\n EngineVersion = @default.Apply(getEngineVersionResult =\u003e getEngineVersionResult.Version),\n LicenseModel = \"bring-your-own-license\",\n StorageType = \"gp3\",\n PreferredInstanceClasses = new[]\n {\n \"db.t3.small\",\n \"db.r6i.large\",\n \"db.m6i.large\",\n },\n });\n\n // The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\n var exampleParameterGroup = new Aws.Rds.ParameterGroup(\"example\", new()\n {\n Name = \"db-db2-params\",\n Family = @default.Apply(@default =\u003e @default.Apply(getEngineVersionResult =\u003e getEngineVersionResult.ParameterGroupFamily)),\n Parameters = new[]\n {\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n ApplyMethod = \"immediate\",\n Name = \"rds.ibm_customer_id\",\n Value = \"0\",\n },\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n ApplyMethod = \"immediate\",\n Name = \"rds.ibm_site_id\",\n Value = \"0\",\n },\n },\n });\n\n // Create the RDS Db2 instance, use the data sources defined to set attributes\n var exampleInstance = new Aws.Rds.Instance(\"example\", new()\n {\n AllocatedStorage = 100,\n BackupRetentionPeriod = 7,\n DbName = \"test\",\n Engine = example.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.Engine),\n EngineVersion = example.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.EngineVersion),\n Identifier = \"db2-instance-demo\",\n InstanceClass = example.Apply(getOrderableDbInstanceResult =\u003e getOrderableDbInstanceResult.InstanceClass).Apply(System.Enum.Parse\u003cAws.Rds.InstanceType\u003e),\n ParameterGroupName = exampleParameterGroup.Name,\n Password = \"avoid-plaintext-passwords\",\n Username = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\n\t\t_default, err := rds.GetEngineVersion(ctx, \u0026rds.GetEngineVersionArgs{\n\t\t\tEngine: \"db2-se\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Lookup the available instance classes for the engine in the region being operated in\n\t\texample, err := rds.GetOrderableDbInstance(ctx, \u0026rds.GetOrderableDbInstanceArgs{\n\t\t\tEngine: _default.Engine,\n\t\t\tEngineVersion: pulumi.StringRef(_default.Version),\n\t\t\tLicenseModel: pulumi.StringRef(\"bring-your-own-license\"),\n\t\t\tStorageType: pulumi.StringRef(\"gp3\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.t3.small\",\n\t\t\t\t\"db.r6i.large\",\n\t\t\t\t\"db.m6i.large\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\n\t\texampleParameterGroup, err := rds.NewParameterGroup(ctx, \"example\", \u0026rds.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"db-db2-params\"),\n\t\t\tFamily: pulumi.String(_default.ParameterGroupFamily),\n\t\t\tParameters: rds.ParameterGroupParameterArray{\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tApplyMethod: pulumi.String(\"immediate\"),\n\t\t\t\t\tName: pulumi.String(\"rds.ibm_customer_id\"),\n\t\t\t\t\tValue: pulumi.String(\"0\"),\n\t\t\t\t},\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tApplyMethod: pulumi.String(\"immediate\"),\n\t\t\t\t\tName: pulumi.String(\"rds.ibm_site_id\"),\n\t\t\t\t\tValue: pulumi.String(\"0\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create the RDS Db2 instance, use the data sources defined to set attributes\n\t\t_, err = rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(100),\n\t\t\tBackupRetentionPeriod: pulumi.Int(7),\n\t\t\tDbName: pulumi.String(\"test\"),\n\t\t\tEngine: pulumi.String(example.Engine),\n\t\t\tEngineVersion: pulumi.String(example.EngineVersion),\n\t\t\tIdentifier: pulumi.String(\"db2-instance-demo\"),\n\t\t\tInstanceClass: example.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),\n\t\t\tParameterGroupName: exampleParameterGroup.Name,\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tUsername: pulumi.String(\"test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetEngineVersionArgs;\nimport com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;\nimport com.pulumi.aws.rds.ParameterGroup;\nimport com.pulumi.aws.rds.ParameterGroupArgs;\nimport com.pulumi.aws.rds.inputs.ParameterGroupParameterArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\n final var default = RdsFunctions.getEngineVersion(GetEngineVersionArgs.builder()\n .engine(\"db2-se\")\n .build());\n\n // Lookup the available instance classes for the engine in the region being operated in\n final var example = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(default_.engine())\n .engineVersion(default_.version())\n .licenseModel(\"bring-your-own-license\")\n .storageType(\"gp3\")\n .preferredInstanceClasses( \n \"db.t3.small\",\n \"db.r6i.large\",\n \"db.m6i.large\")\n .build());\n\n // The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\n var exampleParameterGroup = new ParameterGroup(\"exampleParameterGroup\", ParameterGroupArgs.builder()\n .name(\"db-db2-params\")\n .family(default_.parameterGroupFamily())\n .parameters( \n ParameterGroupParameterArgs.builder()\n .applyMethod(\"immediate\")\n .name(\"rds.ibm_customer_id\")\n .value(0)\n .build(),\n ParameterGroupParameterArgs.builder()\n .applyMethod(\"immediate\")\n .name(\"rds.ibm_site_id\")\n .value(0)\n .build())\n .build());\n\n // Create the RDS Db2 instance, use the data sources defined to set attributes\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .allocatedStorage(100)\n .backupRetentionPeriod(7)\n .dbName(\"test\")\n .engine(example.applyValue(getOrderableDbInstanceResult -\u003e getOrderableDbInstanceResult.engine()))\n .engineVersion(example.applyValue(getOrderableDbInstanceResult -\u003e getOrderableDbInstanceResult.engineVersion()))\n .identifier(\"db2-instance-demo\")\n .instanceClass(example.applyValue(getOrderableDbInstanceResult -\u003e getOrderableDbInstanceResult.instanceClass()))\n .parameterGroupName(exampleParameterGroup.name())\n .password(\"avoid-plaintext-passwords\")\n .username(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.\n exampleParameterGroup:\n type: aws:rds:ParameterGroup\n name: example\n properties:\n name: db-db2-params\n family: ${default.parameterGroupFamily}\n parameters:\n - applyMethod: immediate\n name: rds.ibm_customer_id\n value: 0\n - applyMethod: immediate\n name: rds.ibm_site_id\n value: 0\n # Create the RDS Db2 instance, use the data sources defined to set attributes\n exampleInstance:\n type: aws:rds:Instance\n name: example\n properties:\n allocatedStorage: 100\n backupRetentionPeriod: 7\n dbName: test\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: db2-instance-demo\n instanceClass: ${example.instanceClass}\n parameterGroupName: ${exampleParameterGroup.name}\n password: avoid-plaintext-passwords\n username: test\nvariables:\n # Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.\n default:\n fn::invoke:\n Function: aws:rds:getEngineVersion\n Arguments:\n engine: db2-se\n # Lookup the available instance classes for the engine in the region being operated in\n example:\n fn::invoke:\n Function: aws:rds:getOrderableDbInstance\n Arguments:\n engine: ${default.engine}\n engineVersion: ${default.version}\n licenseModel: bring-your-own-license\n storageType: gp3\n preferredInstanceClasses:\n - db.t3.small\n - db.r6i.large\n - db.m6i.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Storage Autoscaling\n\nTo enable Storage Autoscaling with instances that support the feature, define the `max_allocated_storage` argument higher than the `allocated_storage` argument. This provider will automatically hide differences with the `allocated_storage` argument value if autoscaling occurs.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Instance(\"example\", {\n allocatedStorage: 50,\n maxAllocatedStorage: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Instance(\"example\",\n allocated_storage=50,\n max_allocated_storage=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Instance(\"example\", new()\n {\n AllocatedStorage = 50,\n MaxAllocatedStorage = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(50),\n\t\t\tMaxAllocatedStorage: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Instance(\"example\", InstanceArgs.builder()\n .allocatedStorage(50)\n .maxAllocatedStorage(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 50\n maxAllocatedStorage: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Master Passwords via Secrets Manager, default KMS Key\n\n\u003e More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).\n\nYou can specify the `manage_master_user_password` attribute to enable managing the master password with Secrets Manager. You can also update an existing cluster to use Secrets Manager by specify the `manage_master_user_password` attribute and removing the `password` attribute (removal is required).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n dbName: \"mydb\",\n engine: \"mysql\",\n engineVersion: \"8.0\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n manageMasterUserPassword: true,\n username: \"foo\",\n parameterGroupName: \"default.mysql8.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n db_name=\"mydb\",\n engine=\"mysql\",\n engine_version=\"8.0\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n manage_master_user_password=True,\n username=\"foo\",\n parameter_group_name=\"default.mysql8.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n DbName = \"mydb\",\n Engine = \"mysql\",\n EngineVersion = \"8.0\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n ManageMasterUserPassword = true,\n Username = \"foo\",\n ParameterGroupName = \"default.mysql8.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"8.0\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tManageMasterUserPassword: pulumi.Bool(true),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql8.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .dbName(\"mydb\")\n .engine(\"mysql\")\n .engineVersion(\"8.0\")\n .instanceClass(\"db.t3.micro\")\n .manageMasterUserPassword(true)\n .username(\"foo\")\n .parameterGroupName(\"default.mysql8.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n dbName: mydb\n engine: mysql\n engineVersion: '8.0'\n instanceClass: db.t3.micro\n manageMasterUserPassword: true\n username: foo\n parameterGroupName: default.mysql8.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Master Passwords via Secrets Manager, specific KMS Key\n\n\u003e More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).\n\nYou can specify the `master_user_secret_kms_key_id` attribute to specify a specific KMS Key.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"Example KMS Key\"});\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n dbName: \"mydb\",\n engine: \"mysql\",\n engineVersion: \"8.0\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n manageMasterUserPassword: true,\n masterUserSecretKmsKeyId: example.keyId,\n username: \"foo\",\n parameterGroupName: \"default.mysql8.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"Example KMS Key\")\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n db_name=\"mydb\",\n engine=\"mysql\",\n engine_version=\"8.0\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n manage_master_user_password=True,\n master_user_secret_kms_key_id=example.key_id,\n username=\"foo\",\n parameter_group_name=\"default.mysql8.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n });\n\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n DbName = \"mydb\",\n Engine = \"mysql\",\n EngineVersion = \"8.0\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n ManageMasterUserPassword = true,\n MasterUserSecretKmsKeyId = example.KeyId,\n Username = \"foo\",\n ParameterGroupName = \"default.mysql8.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"8.0\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tManageMasterUserPassword: pulumi.Bool(true),\n\t\t\tMasterUserSecretKmsKeyId: example.KeyId,\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql8.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder()\n .description(\"Example KMS Key\")\n .build());\n\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .dbName(\"mydb\")\n .engine(\"mysql\")\n .engineVersion(\"8.0\")\n .instanceClass(\"db.t3.micro\")\n .manageMasterUserPassword(true)\n .masterUserSecretKmsKeyId(example.keyId())\n .username(\"foo\")\n .parameterGroupName(\"default.mysql8.0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n dbName: mydb\n engine: mysql\n engineVersion: '8.0'\n instanceClass: db.t3.micro\n manageMasterUserPassword: true\n masterUserSecretKmsKeyId: ${example.keyId}\n username: foo\n parameterGroupName: default.mysql8.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB Instances using the `identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/instance:Instance default mydb-rds-instance\n```\n", "properties": { "address": { "type": "string", "description": "Specifies the DNS address of the DB instance.\n" }, "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If `replicate_source_db` is set, the value is ignored during the creation of the instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "The ARN of the RDS instance.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n" }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for.\nMust be between `0` and `35`.\nDefault is `0`.\nMust be greater than `0` if the database is used as a source for a [Read Replica][instance-replication],\nuses low-downtime updates,\nor will use [RDS Blue/Green deployments][blue-green].\n" }, "backupTarget": { "type": "string", "description": "Specifies where automated backups and manual snapshots are stored. Possible values are `region` (default) and `outposts`. See [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) for more information.\n" }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which automated backups are created if they are enabled.\nExample: \"09:46-10:16\". Must not overlap with `maintenance_window`.\n" }, "blueGreenUpdate": { "$ref": "#/types/aws:rds/InstanceBlueGreenUpdate:InstanceBlueGreenUpdate", "description": "Enables low-downtime updates using [RDS Blue/Green deployments][blue-green].\nSee `blue_green_update` below.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation).\nThis can't be changed.\nSee [Oracle Character Sets Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) or\n[Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\nCannot be set with `replicate_source_db`, `restore_to_point_in_time`, `s3_import`, or `snapshot_identifier`.\n" }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n" }, "customerOwnedIpEnabled": { "type": "boolean", "description": "Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See [CoIP for RDS on Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html#rds-on-outposts.coip) for more information.\n\n\u003e **NOTE:** Removing the `replicate_source_db` attribute from an existing RDS\nReplicate database managed by the provider will promote the database to a fully\nstandalone database.\n" }, "dbName": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.\n" }, "dbSubnetGroupName": { "type": "string", "description": "Name of DB subnet group. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica constraints.\n" }, "dedicatedLogVolume": { "type": "boolean", "description": "Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.dlv) for more details.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainAuthSecretArn": { "type": "string", "description": "The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainFqdn": { "type": "string", "description": "The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainOu": { "type": "string", "description": "The self managed Active Directory organizational unit for your DB instance to join. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.\n" }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade` is enabled, you can provide a prefix of the version such as `8.0` (for `8.0.36`). The actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. For supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.\n" }, "engineVersionActual": { "type": "string", "description": "The running version of the database.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.\n" }, "hostedZoneId": { "type": "string", "description": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if `restore_to_point_in_time` is specified.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\". Can only be set when `storage_type` is `\"io1\"` or `\"gp3\"`.\nCannot be specified for gp3 storage if the `allocated_storage` value is below a per-`engine` threshold.\nSee the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n" }, "latestRestorableTime": { "type": "string", "description": "The latest time, in UTC [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), to which a database can be restored with point-in-time restore.\n" }, "licenseModel": { "type": "string", "description": "License model information for this DB instance. Valid values for this field are as follows:\n* RDS for MariaDB: `general-public-license`\n* RDS for Microsoft SQL Server: `license-included`\n* RDS for MySQL: `general-public-license`\n* RDS for Oracle: `bring-your-own-license | license-included`\n* RDS for PostgreSQL: `postgresql-license`\n" }, "listenerEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:rds/InstanceListenerEndpoint:InstanceListenerEndpoint" }, "description": "Specifies the listener connection endpoint for SQL Server Always On. See endpoint below.\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `password` is provided.\n" }, "masterUserSecretKmsKeyId": { "type": "string", "description": "The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "masterUserSecrets": { "type": "array", "items": { "$ref": "#/types/aws:rds/InstanceMasterUserSecret:InstanceMasterUserSecret" }, "description": "A block that specifies the master user secret. Only available when `manage_master_user_password` is set to true. Documented below.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "deprecationMessage": "This property has been deprecated. Please use 'dbName' instead." }, "ncharCharacterSetName": { "type": "string", "description": "The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html).\n" }, "networkType": { "type": "string", "description": "The network type of the DB instance. Valid values: `IPV4`, `DUAL`.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate.\n" }, "password": { "type": "string", "description": "(Required unless `manage_master_user_password` is set to true or unless a `snapshot_identifier` or `replicate_source_db`\nis provided or `manage_master_user_password` is set.) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file. Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicaMode": { "type": "string", "description": "Specifies whether the replica is in either `mounted` or `open-read-only` mode. This attribute\nis only supported by Oracle instances. Oracle replicas operate in `open-read-only` mode unless otherwise specified. See [Working with Oracle Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) for more information.\n" }, "replicas": { "type": "array", "items": { "type": "string" } }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][instance-replication] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "resourceId": { "type": "string", "description": "The RDS Resource ID of this instance.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/InstanceRestoreToPointInTime:InstanceRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n" }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n" }, "status": { "type": "string", "description": "The RDS instance status.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n" }, "storageThroughput": { "type": "integer", "description": "The storage throughput value for the DB instance. Can only be set when `storage_type` is `\"gp3\"`. Cannot be specified if the `allocated_storage` value is below a per-`engine` threshold. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "storageType": { "type": "string", "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), \"gp3\" (general purpose SSD that needs `iops` independently)\nor \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is specified,\n\"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n" }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user. Cannot be specified for a replica.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "required": [ "address", "allocatedStorage", "arn", "availabilityZone", "backupRetentionPeriod", "backupTarget", "backupWindow", "caCertIdentifier", "characterSetName", "dbName", "dbSubnetGroupName", "domainFqdn", "endpoint", "engine", "engineLifecycleSupport", "engineVersion", "engineVersionActual", "hostedZoneId", "identifier", "identifierPrefix", "instanceClass", "iops", "kmsKeyId", "latestRestorableTime", "licenseModel", "listenerEndpoints", "maintenanceWindow", "masterUserSecrets", "masterUserSecretKmsKeyId", "monitoringRoleArn", "multiAz", "ncharCharacterSetName", "networkType", "optionGroupName", "parameterGroupName", "performanceInsightsKmsKeyId", "performanceInsightsRetentionPeriod", "port", "replicaMode", "replicas", "resourceId", "snapshotIdentifier", "status", "storageThroughput", "storageType", "tagsAll", "timezone", "username", "vpcSecurityGroupIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If `replicate_source_db` is set, the value is ignored during the creation of the instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for.\nMust be between `0` and `35`.\nDefault is `0`.\nMust be greater than `0` if the database is used as a source for a [Read Replica][instance-replication],\nuses low-downtime updates,\nor will use [RDS Blue/Green deployments][blue-green].\n" }, "backupTarget": { "type": "string", "description": "Specifies where automated backups and manual snapshots are stored. Possible values are `region` (default) and `outposts`. See [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) for more information.\n", "willReplaceOnChanges": true }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which automated backups are created if they are enabled.\nExample: \"09:46-10:16\". Must not overlap with `maintenance_window`.\n" }, "blueGreenUpdate": { "$ref": "#/types/aws:rds/InstanceBlueGreenUpdate:InstanceBlueGreenUpdate", "description": "Enables low-downtime updates using [RDS Blue/Green deployments][blue-green].\nSee `blue_green_update` below.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation).\nThis can't be changed.\nSee [Oracle Character Sets Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) or\n[Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\nCannot be set with `replicate_source_db`, `restore_to_point_in_time`, `s3_import`, or `snapshot_identifier`.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n", "willReplaceOnChanges": true }, "customerOwnedIpEnabled": { "type": "boolean", "description": "Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See [CoIP for RDS on Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html#rds-on-outposts.coip) for more information.\n\n\u003e **NOTE:** Removing the `replicate_source_db` attribute from an existing RDS\nReplicate database managed by the provider will promote the database to a fully\nstandalone database.\n" }, "dbName": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.\n", "willReplaceOnChanges": true }, "dbSubnetGroupName": { "type": "string", "description": "Name of DB subnet group. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica constraints.\n" }, "dedicatedLogVolume": { "type": "boolean", "description": "Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.dlv) for more details.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainAuthSecretArn": { "type": "string", "description": "The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainFqdn": { "type": "string", "description": "The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainOu": { "type": "string", "description": "The self managed Active Directory organizational unit for your DB instance to join. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\n" }, "engine": { "type": "string", "description": "The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade` is enabled, you can provide a prefix of the version such as `8.0` (for `8.0.36`). The actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. For supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if `restore_to_point_in_time` is specified.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/InstanceType:InstanceType" } ], "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\". Can only be set when `storage_type` is `\"io1\"` or `\"gp3\"`.\nCannot be specified for gp3 storage if the `allocated_storage` value is below a per-`engine` threshold.\nSee the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n", "willReplaceOnChanges": true }, "licenseModel": { "type": "string", "description": "License model information for this DB instance. Valid values for this field are as follows:\n* RDS for MariaDB: `general-public-license`\n* RDS for Microsoft SQL Server: `license-included`\n* RDS for MySQL: `general-public-license`\n* RDS for Oracle: `bring-your-own-license | license-included`\n* RDS for PostgreSQL: `postgresql-license`\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `password` is provided.\n" }, "masterUserSecretKmsKeyId": { "type": "string", "description": "The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "deprecationMessage": "This property has been deprecated. Please use 'dbName' instead.", "willReplaceOnChanges": true }, "ncharCharacterSetName": { "type": "string", "description": "The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html).\n", "willReplaceOnChanges": true }, "networkType": { "type": "string", "description": "The network type of the DB instance. Valid values: `IPV4`, `DUAL`.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate.\n" }, "password": { "type": "string", "description": "(Required unless `manage_master_user_password` is set to true or unless a `snapshot_identifier` or `replicate_source_db`\nis provided or `manage_master_user_password` is set.) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file. Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicaMode": { "type": "string", "description": "Specifies whether the replica is in either `mounted` or `open-read-only` mode. This attribute\nis only supported by Oracle instances. Oracle replicas operate in `open-read-only` mode unless otherwise specified. See [Working with Oracle Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) for more information.\n" }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][instance-replication] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/InstanceRestoreToPointInTime:InstanceRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n", "willReplaceOnChanges": true }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n", "willReplaceOnChanges": true }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n", "willReplaceOnChanges": true }, "storageThroughput": { "type": "integer", "description": "The storage throughput value for the DB instance. Can only be set when `storage_type` is `\"gp3\"`. Cannot be specified if the `allocated_storage` value is below a per-`engine` threshold. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "storageType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/StorageType:StorageType" } ], "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), \"gp3\" (general purpose SSD that needs `iops` independently)\nor \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is specified,\n\"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user. Cannot be specified for a replica.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "requiredInputs": [ "instanceClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "address": { "type": "string", "description": "Specifies the DNS address of the DB instance.\n" }, "allocatedStorage": { "type": "integer", "description": "The allocated storage in gibibytes. If `max_allocated_storage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If `replicate_source_db` is set, the value is ignored during the creation of the instance.\n" }, "allowMajorVersionUpgrade": { "type": "boolean", "description": "Indicates that major version\nupgrades are allowed. Changing this parameter does not result in an outage and\nthe change is asynchronously applied as soon as possible.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any database modifications\nare applied immediately, or during the next maintenance window. Default is\n`false`. See [Amazon RDS Documentation for more\ninformation.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)\n" }, "arn": { "type": "string", "description": "The ARN of the RDS instance.\n" }, "autoMinorVersionUpgrade": { "type": "boolean", "description": "Indicates that minor engine upgrades\nwill be applied automatically to the DB instance during the maintenance window.\nDefaults to true.\n" }, "availabilityZone": { "type": "string", "description": "The AZ for the RDS instance.\n", "willReplaceOnChanges": true }, "backupRetentionPeriod": { "type": "integer", "description": "The days to retain backups for.\nMust be between `0` and `35`.\nDefault is `0`.\nMust be greater than `0` if the database is used as a source for a [Read Replica][instance-replication],\nuses low-downtime updates,\nor will use [RDS Blue/Green deployments][blue-green].\n" }, "backupTarget": { "type": "string", "description": "Specifies where automated backups and manual snapshots are stored. Possible values are `region` (default) and `outposts`. See [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) for more information.\n", "willReplaceOnChanges": true }, "backupWindow": { "type": "string", "description": "The daily time range (in UTC) during which automated backups are created if they are enabled.\nExample: \"09:46-10:16\". Must not overlap with `maintenance_window`.\n" }, "blueGreenUpdate": { "$ref": "#/types/aws:rds/InstanceBlueGreenUpdate:InstanceBlueGreenUpdate", "description": "Enables low-downtime updates using [RDS Blue/Green deployments][blue-green].\nSee `blue_green_update` below.\n" }, "caCertIdentifier": { "type": "string", "description": "The identifier of the CA certificate for the DB instance.\n" }, "characterSetName": { "type": "string", "description": "The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation).\nThis can't be changed.\nSee [Oracle Character Sets Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) or\n[Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.\nCannot be set with `replicate_source_db`, `restore_to_point_in_time`, `s3_import`, or `snapshot_identifier`.\n", "willReplaceOnChanges": true }, "copyTagsToSnapshot": { "type": "boolean", "description": "Copy all Instance `tags` to snapshots. Default is `false`.\n" }, "customIamInstanceProfile": { "type": "string", "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n", "willReplaceOnChanges": true }, "customerOwnedIpEnabled": { "type": "boolean", "description": "Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See [CoIP for RDS on Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html#rds-on-outposts.coip) for more information.\n\n\u003e **NOTE:** Removing the `replicate_source_db` attribute from an existing RDS\nReplicate database managed by the provider will promote the database to a fully\nstandalone database.\n" }, "dbName": { "type": "string", "description": "The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.\n", "willReplaceOnChanges": true }, "dbSubnetGroupName": { "type": "string", "description": "Name of DB subnet group. DB instance will\nbe created in the VPC associated with the DB subnet group. If unspecified, will\nbe created in the `default` VPC, or in EC2 Classic, if available. When working\nwith read replicas, it should be specified only if the source database\nspecifies an instance in another AWS Region. See [DBSubnetGroupName in API\naction CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html)\nfor additional read replica constraints.\n" }, "dedicatedLogVolume": { "type": "boolean", "description": "Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.dlv) for more details.\n" }, "deleteAutomatedBackups": { "type": "boolean", "description": "Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.\n" }, "deletionProtection": { "type": "boolean", "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.\n" }, "domain": { "type": "string", "description": "The ID of the Directory Service Active Directory domain to create the instance in. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainAuthSecretArn": { "type": "string", "description": "The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainDnsIps": { "type": "array", "items": { "type": "string" }, "description": "The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainFqdn": { "type": "string", "description": "The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "domainIamRoleName": { "type": "string", "description": "The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with `domain_fqdn`, `domain_ou`, `domain_auth_secret_arn` and a `domain_dns_ips`.\n" }, "domainOu": { "type": "string", "description": "The self managed Active Directory organizational unit for your DB instance to join. Conflicts with `domain` and `domain_iam_role_name`.\n" }, "enabledCloudwatchLogsExports": { "type": "array", "items": { "type": "string" }, "description": "Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).\n" }, "endpoint": { "type": "string", "description": "The connection endpoint in `address:port` format.\n" }, "engine": { "type": "string", "description": "The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.\n", "willReplaceOnChanges": true }, "engineLifecycleSupport": { "type": "string", "description": "The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html\n" }, "engineVersion": { "type": "string", "description": "The engine version to use. If `auto_minor_version_upgrade` is enabled, you can provide a prefix of the version such as `8.0` (for `8.0.36`). The actual engine version used is returned in the attribute `engine_version_actual`, see Attribute Reference below. For supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.\n" }, "engineVersionActual": { "type": "string", "description": "The running version of the database.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The name of your final DB snapshot\nwhen this DB instance is deleted. Must be provided if `skip_final_snapshot` is\nset to `false`. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.\n" }, "hostedZoneId": { "type": "string", "description": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.\n" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean", "description": "Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database\naccounts is enabled.\n" }, "identifier": { "type": "string", "description": "The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if `restore_to_point_in_time` is specified.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "instanceClass": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/InstanceType:InstanceType" } ], "description": "The instance type of the RDS instance.\n" }, "iops": { "type": "integer", "description": "The amount of provisioned IOPS. Setting this implies a\nstorage_type of \"io1\". Can only be set when `storage_type` is `\"io1\"` or `\"gp3\"`.\nCannot be specified for gp3 storage if the `allocated_storage` value is below a per-`engine` threshold.\nSee the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. If creating an\nencrypted replica, set this to the destination KMS ARN.\n", "willReplaceOnChanges": true }, "latestRestorableTime": { "type": "string", "description": "The latest time, in UTC [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), to which a database can be restored with point-in-time restore.\n" }, "licenseModel": { "type": "string", "description": "License model information for this DB instance. Valid values for this field are as follows:\n* RDS for MariaDB: `general-public-license`\n* RDS for Microsoft SQL Server: `license-included`\n* RDS for MySQL: `general-public-license`\n* RDS for Oracle: `bring-your-own-license | license-included`\n* RDS for PostgreSQL: `postgresql-license`\n" }, "listenerEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:rds/InstanceListenerEndpoint:InstanceListenerEndpoint" }, "description": "Specifies the listener connection endpoint for SQL Server Always On. See endpoint below.\n" }, "maintenanceWindow": { "type": "string", "description": "The window to perform maintenance in.\nSyntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\". See [RDS\nMaintenance Window\ndocs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)\nfor more information.\n" }, "manageMasterUserPassword": { "type": "boolean", "description": "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `password` is provided.\n" }, "masterUserSecretKmsKeyId": { "type": "string", "description": "The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.\n" }, "masterUserSecrets": { "type": "array", "items": { "$ref": "#/types/aws:rds/InstanceMasterUserSecret:InstanceMasterUserSecret" }, "description": "A block that specifies the master user secret. Only available when `manage_master_user_password` is set to true. Documented below.\n" }, "maxAllocatedStorage": { "type": "integer", "description": "When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to `allocated_storage`. Must be greater than or equal to `allocated_storage` or `0` to disable Storage Autoscaling.\n" }, "monitoringInterval": { "type": "integer", "description": "The interval, in seconds, between points\nwhen Enhanced Monitoring metrics are collected for the DB instance. To disable\ncollecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid\nValues: 0, 1, 5, 10, 15, 30, 60.\n" }, "monitoringRoleArn": { "type": "string", "description": "The ARN for the IAM role that permits RDS\nto send enhanced monitoring metrics to CloudWatch Logs. You can find more\ninformation on the [AWS\nDocumentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)\nwhat IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the RDS instance is multi-AZ\n" }, "name": { "type": "string", "deprecationMessage": "This property has been deprecated. Please use 'dbName' instead.", "willReplaceOnChanges": true }, "ncharCharacterSetName": { "type": "string", "description": "The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. See [Oracle Character Sets\nSupported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html).\n", "willReplaceOnChanges": true }, "networkType": { "type": "string", "description": "The network type of the DB instance. Valid values: `IPV4`, `DUAL`.\n" }, "optionGroupName": { "type": "string", "description": "Name of the DB option group to associate.\n" }, "parameterGroupName": { "type": "string", "description": "Name of the DB parameter group to associate.\n" }, "password": { "type": "string", "description": "(Required unless `manage_master_user_password` is set to true or unless a `snapshot_identifier` or `replicate_source_db`\nis provided or `manage_master_user_password` is set.) Password for the master DB user. Note that this may show up in\nlogs, and it will be stored in the state file. Cannot be set if `manage_master_user_password` is set to `true`.\n", "secret": true }, "performanceInsightsEnabled": { "type": "boolean", "description": "Specifies whether Performance Insights are enabled. Defaults to false.\n" }, "performanceInsightsKmsKeyId": { "type": "string", "description": "The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true. Once KMS key is set, it can never be changed.\n" }, "performanceInsightsRetentionPeriod": { "type": "integer", "description": "Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performance_insights_retention_period`, `performance_insights_enabled` needs to be set to true. Defaults to '7'.\n" }, "port": { "type": "integer", "description": "The port on which the DB accepts connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "Bool to control if instance is publicly\naccessible. Default is `false`.\n" }, "replicaMode": { "type": "string", "description": "Specifies whether the replica is in either `mounted` or `open-read-only` mode. This attribute\nis only supported by Oracle instances. Oracle replicas operate in `open-read-only` mode unless otherwise specified. See [Working with Oracle Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) for more information.\n" }, "replicas": { "type": "array", "items": { "type": "string" } }, "replicateSourceDb": { "type": "string", "description": "Specifies that this resource is a Replicate\ndatabase, and to use this value as the source database. This correlates to the\n`identifier` of another Amazon RDS Database to replicate (if replicating within\na single region) or ARN of the Amazon RDS Database to replicate (if replicating\ncross-region). Note that if you are\ncreating a cross-region replica of an encrypted database you will also need to\nspecify a `kms_key_id`. See [DB Instance Replication][instance-replication] and [Working with\nPostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html)\nfor more information on using Replication.\n" }, "resourceId": { "type": "string", "description": "The RDS Resource ID of this instance.\n" }, "restoreToPointInTime": { "$ref": "#/types/aws:rds/InstanceRestoreToPointInTime:InstanceRestoreToPointInTime", "description": "A configuration block for restoring a DB instance to an arbitrary point in time. Requires the `identifier` argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.\n", "willReplaceOnChanges": true }, "s3Import": { "$ref": "#/types/aws:rds/InstanceS3Import:InstanceS3Import", "description": "Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final DB snapshot is\ncreated before the DB instance is deleted. If true is specified, no DBSnapshot\nis created. If false is specified, a DB snapshot is created before the DB\ninstance is deleted, using the value from `final_snapshot_identifier`. Default\nis `false`.\n" }, "snapshotIdentifier": { "type": "string", "description": "Specifies whether or not to create this\ndatabase from a snapshot. This correlates to the snapshot ID you'd find in the\nRDS console, e.g: rds:production-2015-06-26-06-05.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The RDS instance status.\n" }, "storageEncrypted": { "type": "boolean", "description": "Specifies whether the DB instance is\nencrypted. Note that if you are creating a cross-region read replica this field\nis ignored and you should instead declare `kms_key_id` with a valid ARN. The\ndefault is `false` if not specified.\n", "willReplaceOnChanges": true }, "storageThroughput": { "type": "integer", "description": "The storage throughput value for the DB instance. Can only be set when `storage_type` is `\"gp3\"`. Cannot be specified if the `allocated_storage` value is below a per-`engine` threshold. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n" }, "storageType": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:rds/StorageType:StorageType" } ], "description": "One of \"standard\" (magnetic), \"gp2\" (general\npurpose SSD), \"gp3\" (general purpose SSD that needs `iops` independently)\nor \"io1\" (provisioned IOPS SSD). The default is \"io1\" if `iops` is specified,\n\"gp2\" if not.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timezone": { "type": "string", "description": "Time zone of the DB instance. `timezone` is currently\nonly supported by Microsoft SQL Server. The `timezone` can only be set on\ncreation. See [MSSQL User\nGuide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)\nfor more information.\n", "willReplaceOnChanges": true }, "username": { "type": "string", "description": "(Required unless a `snapshot_identifier` or `replicate_source_db`\nis provided) Username for the master DB user. Cannot be specified for a replica.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of VPC security groups to\nassociate.\n" } }, "type": "object" } }, "aws:rds/instanceAutomatedBackupsReplication:InstanceAutomatedBackupsReplication": { "description": "Manage cross-region replication of automated backups to a different AWS Region. Documentation for cross-region automated backup replication can be found at:\n\n* [Replicating automated backups to another AWS Region](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReplicateBackups.html)\n\n\u003e **Note:** This resource has to be created in the destination region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.InstanceAutomatedBackupsReplication(\"default\", {\n sourceDbInstanceArn: \"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n retentionPeriod: 14,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.InstanceAutomatedBackupsReplication(\"default\",\n source_db_instance_arn=\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n retention_period=14)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.InstanceAutomatedBackupsReplication(\"default\", new()\n {\n SourceDbInstanceArn = \"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n RetentionPeriod = 14,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstanceAutomatedBackupsReplication(ctx, \"default\", \u0026rds.InstanceAutomatedBackupsReplicationArgs{\n\t\t\tSourceDbInstanceArn: pulumi.String(\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\"),\n\t\t\tRetentionPeriod: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplication;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new InstanceAutomatedBackupsReplication(\"default\", InstanceAutomatedBackupsReplicationArgs.builder()\n .sourceDbInstanceArn(\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\")\n .retentionPeriod(14)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:InstanceAutomatedBackupsReplication\n properties:\n sourceDbInstanceArn: arn:aws:rds:us-west-2:123456789012:db:mydatabase\n retentionPeriod: 14\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Encrypting the automated backup with KMS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.InstanceAutomatedBackupsReplication(\"default\", {\n sourceDbInstanceArn: \"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n kmsKeyId: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.InstanceAutomatedBackupsReplication(\"default\",\n source_db_instance_arn=\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n kms_key_id=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.InstanceAutomatedBackupsReplication(\"default\", new()\n {\n SourceDbInstanceArn = \"arn:aws:rds:us-west-2:123456789012:db:mydatabase\",\n KmsKeyId = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstanceAutomatedBackupsReplication(ctx, \"default\", \u0026rds.InstanceAutomatedBackupsReplicationArgs{\n\t\t\tSourceDbInstanceArn: pulumi.String(\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\"),\n\t\t\tKmsKeyId: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplication;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new InstanceAutomatedBackupsReplication(\"default\", InstanceAutomatedBackupsReplicationArgs.builder()\n .sourceDbInstanceArn(\"arn:aws:rds:us-west-2:123456789012:db:mydatabase\")\n .kmsKeyId(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:InstanceAutomatedBackupsReplication\n properties:\n sourceDbInstanceArn: arn:aws:rds:us-west-2:123456789012:db:mydatabase\n kmsKeyId: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example including a RDS DB instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n identifier: \"mydb\",\n engine: \"postgres\",\n engineVersion: \"13.4\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n dbName: \"mydb\",\n username: \"masterusername\",\n password: \"mustbeeightcharacters\",\n backupRetentionPeriod: 7,\n storageEncrypted: true,\n skipFinalSnapshot: true,\n});\nconst defaultKey = new aws.kms.Key(\"default\", {description: \"Encryption key for automated backups\"});\nconst defaultInstanceAutomatedBackupsReplication = new aws.rds.InstanceAutomatedBackupsReplication(\"default\", {\n sourceDbInstanceArn: _default.arn,\n kmsKeyId: defaultKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n identifier=\"mydb\",\n engine=\"postgres\",\n engine_version=\"13.4\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n db_name=\"mydb\",\n username=\"masterusername\",\n password=\"mustbeeightcharacters\",\n backup_retention_period=7,\n storage_encrypted=True,\n skip_final_snapshot=True)\ndefault_key = aws.kms.Key(\"default\", description=\"Encryption key for automated backups\")\ndefault_instance_automated_backups_replication = aws.rds.InstanceAutomatedBackupsReplication(\"default\",\n source_db_instance_arn=default.arn,\n kms_key_id=default_key.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n Identifier = \"mydb\",\n Engine = \"postgres\",\n EngineVersion = \"13.4\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n DbName = \"mydb\",\n Username = \"masterusername\",\n Password = \"mustbeeightcharacters\",\n BackupRetentionPeriod = 7,\n StorageEncrypted = true,\n SkipFinalSnapshot = true,\n });\n\n var defaultKey = new Aws.Kms.Key(\"default\", new()\n {\n Description = \"Encryption key for automated backups\",\n });\n\n var defaultInstanceAutomatedBackupsReplication = new Aws.Rds.InstanceAutomatedBackupsReplication(\"default\", new()\n {\n SourceDbInstanceArn = @default.Arn,\n KmsKeyId = defaultKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tIdentifier: pulumi.String(\"mydb\"),\n\t\t\tEngine: pulumi.String(\"postgres\"),\n\t\t\tEngineVersion: pulumi.String(\"13.4\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tUsername: pulumi.String(\"masterusername\"),\n\t\t\tPassword: pulumi.String(\"mustbeeightcharacters\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(7),\n\t\t\tStorageEncrypted: pulumi.Bool(true),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultKey, err := kms.NewKey(ctx, \"default\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Encryption key for automated backups\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewInstanceAutomatedBackupsReplication(ctx, \"default\", \u0026rds.InstanceAutomatedBackupsReplicationArgs{\n\t\t\tSourceDbInstanceArn: _default.Arn,\n\t\t\tKmsKeyId: defaultKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplication;\nimport com.pulumi.aws.rds.InstanceAutomatedBackupsReplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .identifier(\"mydb\")\n .engine(\"postgres\")\n .engineVersion(\"13.4\")\n .instanceClass(\"db.t3.micro\")\n .dbName(\"mydb\")\n .username(\"masterusername\")\n .password(\"mustbeeightcharacters\")\n .backupRetentionPeriod(7)\n .storageEncrypted(true)\n .skipFinalSnapshot(true)\n .build());\n\n var defaultKey = new Key(\"defaultKey\", KeyArgs.builder()\n .description(\"Encryption key for automated backups\")\n .build());\n\n var defaultInstanceAutomatedBackupsReplication = new InstanceAutomatedBackupsReplication(\"defaultInstanceAutomatedBackupsReplication\", InstanceAutomatedBackupsReplicationArgs.builder()\n .sourceDbInstanceArn(default_.arn())\n .kmsKeyId(defaultKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n identifier: mydb\n engine: postgres\n engineVersion: '13.4'\n instanceClass: db.t3.micro\n dbName: mydb\n username: masterusername\n password: mustbeeightcharacters\n backupRetentionPeriod: 7\n storageEncrypted: true\n skipFinalSnapshot: true\n defaultKey:\n type: aws:kms:Key\n name: default\n properties:\n description: Encryption key for automated backups\n defaultInstanceAutomatedBackupsReplication:\n type: aws:rds:InstanceAutomatedBackupsReplication\n name: default\n properties:\n sourceDbInstanceArn: ${default.arn}\n kmsKeyId: ${defaultKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS instance automated backups replication using the `arn`. For example:\n\n```sh\n$ pulumi import aws:rds/instanceAutomatedBackupsReplication:InstanceAutomatedBackupsReplication default arn:aws:rds:us-east-1:123456789012:auto-backup:ab-faaa2mgdj1vmp4xflr7yhsrmtbtob7ltrzzz2my\n```\n", "properties": { "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region, for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.\n" }, "preSignedUrl": { "type": "string", "description": "A URL that contains a [Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) signed request for the [`StartDBInstanceAutomatedBackupsReplication`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstanceAutomatedBackupsReplication.html) action to be called in the AWS Region of the source DB instance.\n" }, "retentionPeriod": { "type": "integer", "description": "The retention period for the replicated automated backups, defaults to `7`.\n" }, "sourceDbInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the source DB instance for the replicated automated backups, for example, `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.\n" } }, "required": [ "kmsKeyId", "sourceDbInstanceArn" ], "inputProperties": { "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region, for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.\n", "willReplaceOnChanges": true }, "preSignedUrl": { "type": "string", "description": "A URL that contains a [Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) signed request for the [`StartDBInstanceAutomatedBackupsReplication`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstanceAutomatedBackupsReplication.html) action to be called in the AWS Region of the source DB instance.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "type": "integer", "description": "The retention period for the replicated automated backups, defaults to `7`.\n", "willReplaceOnChanges": true }, "sourceDbInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the source DB instance for the replicated automated backups, for example, `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "sourceDbInstanceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceAutomatedBackupsReplication resources.\n", "properties": { "kmsKeyId": { "type": "string", "description": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region, for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.\n", "willReplaceOnChanges": true }, "preSignedUrl": { "type": "string", "description": "A URL that contains a [Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) signed request for the [`StartDBInstanceAutomatedBackupsReplication`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstanceAutomatedBackupsReplication.html) action to be called in the AWS Region of the source DB instance.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "type": "integer", "description": "The retention period for the replicated automated backups, defaults to `7`.\n", "willReplaceOnChanges": true }, "sourceDbInstanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the source DB instance for the replicated automated backups, for example, `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/optionGroup:OptionGroup": { "description": "Provides an RDS DB option group resource. Documentation of the available options for various RDS engines can be found at:\n\n* [MariaDB Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MariaDB.Options.html)\n* [Microsoft SQL Server Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.Options.html)\n* [MySQL Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MySQL.Options.html)\n* [Oracle Options](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.OptionGroup(\"example\", {\n name: \"option-group-test\",\n optionGroupDescription: \"Option Group\",\n engineName: \"sqlserver-ee\",\n majorEngineVersion: \"11.00\",\n options: [\n {\n optionName: \"Timezone\",\n optionSettings: [{\n name: \"TIME_ZONE\",\n value: \"UTC\",\n }],\n },\n {\n optionName: \"SQLSERVER_BACKUP_RESTORE\",\n optionSettings: [{\n name: \"IAM_ROLE_ARN\",\n value: exampleAwsIamRole.arn,\n }],\n },\n {\n optionName: \"TDE\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.OptionGroup(\"example\",\n name=\"option-group-test\",\n option_group_description=\"Option Group\",\n engine_name=\"sqlserver-ee\",\n major_engine_version=\"11.00\",\n options=[\n {\n \"option_name\": \"Timezone\",\n \"option_settings\": [{\n \"name\": \"TIME_ZONE\",\n \"value\": \"UTC\",\n }],\n },\n {\n \"option_name\": \"SQLSERVER_BACKUP_RESTORE\",\n \"option_settings\": [{\n \"name\": \"IAM_ROLE_ARN\",\n \"value\": example_aws_iam_role[\"arn\"],\n }],\n },\n {\n \"option_name\": \"TDE\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.OptionGroup(\"example\", new()\n {\n Name = \"option-group-test\",\n OptionGroupDescription = \"Option Group\",\n EngineName = \"sqlserver-ee\",\n MajorEngineVersion = \"11.00\",\n Options = new[]\n {\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"Timezone\",\n OptionSettings = new[]\n {\n new Aws.Rds.Inputs.OptionGroupOptionOptionSettingArgs\n {\n Name = \"TIME_ZONE\",\n Value = \"UTC\",\n },\n },\n },\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"SQLSERVER_BACKUP_RESTORE\",\n OptionSettings = new[]\n {\n new Aws.Rds.Inputs.OptionGroupOptionOptionSettingArgs\n {\n Name = \"IAM_ROLE_ARN\",\n Value = exampleAwsIamRole.Arn,\n },\n },\n },\n new Aws.Rds.Inputs.OptionGroupOptionArgs\n {\n OptionName = \"TDE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewOptionGroup(ctx, \"example\", \u0026rds.OptionGroupArgs{\n\t\t\tName: pulumi.String(\"option-group-test\"),\n\t\t\tOptionGroupDescription: pulumi.String(\"Option Group\"),\n\t\t\tEngineName: pulumi.String(\"sqlserver-ee\"),\n\t\t\tMajorEngineVersion: pulumi.String(\"11.00\"),\n\t\t\tOptions: rds.OptionGroupOptionArray{\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"Timezone\"),\n\t\t\t\t\tOptionSettings: rds.OptionGroupOptionOptionSettingArray{\n\t\t\t\t\t\t\u0026rds.OptionGroupOptionOptionSettingArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"TIME_ZONE\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"UTC\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"SQLSERVER_BACKUP_RESTORE\"),\n\t\t\t\t\tOptionSettings: rds.OptionGroupOptionOptionSettingArray{\n\t\t\t\t\t\t\u0026rds.OptionGroupOptionOptionSettingArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"IAM_ROLE_ARN\"),\n\t\t\t\t\t\t\tValue: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026rds.OptionGroupOptionArgs{\n\t\t\t\t\tOptionName: pulumi.String(\"TDE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.OptionGroup;\nimport com.pulumi.aws.rds.OptionGroupArgs;\nimport com.pulumi.aws.rds.inputs.OptionGroupOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OptionGroup(\"example\", OptionGroupArgs.builder()\n .name(\"option-group-test\")\n .optionGroupDescription(\"Option Group\")\n .engineName(\"sqlserver-ee\")\n .majorEngineVersion(\"11.00\")\n .options( \n OptionGroupOptionArgs.builder()\n .optionName(\"Timezone\")\n .optionSettings(OptionGroupOptionOptionSettingArgs.builder()\n .name(\"TIME_ZONE\")\n .value(\"UTC\")\n .build())\n .build(),\n OptionGroupOptionArgs.builder()\n .optionName(\"SQLSERVER_BACKUP_RESTORE\")\n .optionSettings(OptionGroupOptionOptionSettingArgs.builder()\n .name(\"IAM_ROLE_ARN\")\n .value(exampleAwsIamRole.arn())\n .build())\n .build(),\n OptionGroupOptionArgs.builder()\n .optionName(\"TDE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:OptionGroup\n properties:\n name: option-group-test\n optionGroupDescription: Option Group\n engineName: sqlserver-ee\n majorEngineVersion: '11.00'\n options:\n - optionName: Timezone\n optionSettings:\n - name: TIME_ZONE\n value: UTC\n - optionName: SQLSERVER_BACKUP_RESTORE\n optionSettings:\n - name: IAM_ROLE_ARN\n value: ${exampleAwsIamRole.arn}\n - optionName: TDE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** Any modifications to the `aws.rds.OptionGroup` are set to happen immediately as we default to applying immediately.\n\n\u003e **WARNING:** You can perform a destroy on a `aws.rds.OptionGroup`, as long as it is not associated with any Amazon RDS resource. An option group can be associated with a DB instance, a manual DB snapshot, or an automated DB snapshot.\n\nIf you try to delete an option group that is associated with an Amazon RDS resource, an error similar to the following is returned:\n\n\u003e An error occurred (InvalidOptionGroupStateFault) when calling the DeleteOptionGroup operation: The option group 'optionGroupName' cannot be deleted because it is in use.\n\nMore information about this can be found [here](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithOptionGroups.html#USER_WorkingWithOptionGroups.Delete).\n\n## Import\n\nUsing `pulumi import`, import DB option groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/optionGroup:OptionGroup example mysql-option-group\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the DB option group.\n" }, "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n" }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n" }, "name": { "type": "string", "description": "Name of the option group. If omitted, the provider will assign a random, unique name. Must be lowercase, to match as it is stored in AWS.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n" }, "optionGroupDescription": { "type": "string", "description": "Description of the option group.\n", "default": "Managed by Pulumi" }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "The options to apply. See `option` Block below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "engineName", "majorEngineVersion", "name", "namePrefix", "optionGroupDescription", "tagsAll" ], "inputProperties": { "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n", "willReplaceOnChanges": true }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the option group. If omitted, the provider will assign a random, unique name. Must be lowercase, to match as it is stored in AWS.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n", "willReplaceOnChanges": true }, "optionGroupDescription": { "type": "string", "description": "Description of the option group.\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "The options to apply. See `option` Block below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "engineName", "majorEngineVersion" ], "stateInputs": { "description": "Input properties used for looking up and filtering OptionGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the DB option group.\n" }, "engineName": { "type": "string", "description": "Specifies the name of the engine that this option group should be associated with.\n", "willReplaceOnChanges": true }, "majorEngineVersion": { "type": "string", "description": "Specifies the major version of the engine that this option group should be associated with.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the option group. If omitted, the provider will assign a random, unique name. Must be lowercase, to match as it is stored in AWS.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Must be lowercase, to match as it is stored in AWS.\n", "willReplaceOnChanges": true }, "optionGroupDescription": { "type": "string", "description": "Description of the option group.\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "options": { "type": "array", "items": { "$ref": "#/types/aws:rds/OptionGroupOption:OptionGroupOption" }, "description": "The options to apply. See `option` Block below for more details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/parameterGroup:ParameterGroup": { "description": "Provides an RDS DB parameter group resource. Documentation of the available parameters for various RDS engines can be found at:\n\n* [Aurora MySQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Reference.html)\n* [Aurora PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraPostgreSQL.Reference.html)\n* [MariaDB Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MariaDB.Parameters.html)\n* [Oracle Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ModifyInstance.Oracle.html#USER_ModifyInstance.Oracle.sqlnet)\n* [PostgreSQL Parameters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.html#Appendix.PostgreSQL.CommonDBATasks.Parameters)\n\n\u003e **Hands-on:** For an example of the `aws.rds.ParameterGroup` in use, follow the Manage AWS RDS Instances tutorial on HashiCorp Learn.\n\n\u003e **NOTE**: to make diffs less confusing, the AWS provider will ignore changes for a `parameter` whose `value` remains\nunchanged but whose `apply_method` is changing (e.g., from `immediate` to `pending-reboot`, or `pending-reboot` to\n`immediate`). This matches the cloud: if only the apply method of a parameter is changing, the AWS API will not register\nthis change. To change the `apply_method` of a parameter, its value must also change.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.ParameterGroup(\"default\", {\n name: \"rds-pg\",\n family: \"mysql5.6\",\n parameters: [\n {\n name: \"character_set_server\",\n value: \"utf8\",\n },\n {\n name: \"character_set_client\",\n value: \"utf8\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.ParameterGroup(\"default\",\n name=\"rds-pg\",\n family=\"mysql5.6\",\n parameters=[\n {\n \"name\": \"character_set_server\",\n \"value\": \"utf8\",\n },\n {\n \"name\": \"character_set_client\",\n \"value\": \"utf8\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.ParameterGroup(\"default\", new()\n {\n Name = \"rds-pg\",\n Family = \"mysql5.6\",\n Parameters = new[]\n {\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n Name = \"character_set_server\",\n Value = \"utf8\",\n },\n new Aws.Rds.Inputs.ParameterGroupParameterArgs\n {\n Name = \"character_set_client\",\n Value = \"utf8\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewParameterGroup(ctx, \"default\", \u0026rds.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"rds-pg\"),\n\t\t\tFamily: pulumi.String(\"mysql5.6\"),\n\t\t\tParameters: rds.ParameterGroupParameterArray{\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_server\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t\t\u0026rds.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"character_set_client\"),\n\t\t\t\t\tValue: pulumi.String(\"utf8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ParameterGroup;\nimport com.pulumi.aws.rds.ParameterGroupArgs;\nimport com.pulumi.aws.rds.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new ParameterGroup(\"default\", ParameterGroupArgs.builder()\n .name(\"rds-pg\")\n .family(\"mysql5.6\")\n .parameters( \n ParameterGroupParameterArgs.builder()\n .name(\"character_set_server\")\n .value(\"utf8\")\n .build(),\n ParameterGroupParameterArgs.builder()\n .name(\"character_set_client\")\n .value(\"utf8\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:ParameterGroup\n properties:\n name: rds-pg\n family: mysql5.6\n parameters:\n - name: character_set_server\n value: utf8\n - name: character_set_client\n value: utf8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB Parameter groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/parameterGroup:ParameterGroup rds_pg rds-pg\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the DB parameter group.\n" }, "name": { "type": "string", "description": "The name of the DB parameter group. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The DB parameters to apply. See `parameter` Block below for more details. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "family", "name", "namePrefix", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DB parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DB parameter group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The DB parameters to apply. See `parameter` Block below for more details. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db parameter group.\n" }, "description": { "type": "string", "description": "The description of the DB parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the DB parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the DB parameter group. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:rds/ParameterGroupParameter:ParameterGroupParameter" }, "description": "The DB parameters to apply. See `parameter` Block below for more details. Note that parameters may differ from a family to an other. Full list of all parameters can be discovered via [`aws rds describe-db-parameters`](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) after initial creation of the group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rds/proxy:Proxy": { "description": "Provides an RDS DB proxy resource. For additional information, see the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Proxy(\"example\", {\n name: \"example\",\n debugLogging: false,\n engineFamily: \"MYSQL\",\n idleClientTimeout: 1800,\n requireTls: true,\n roleArn: exampleAwsIamRole.arn,\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n vpcSubnetIds: [exampleAwsSubnet.id],\n auths: [{\n authScheme: \"SECRETS\",\n description: \"example\",\n iamAuth: \"DISABLED\",\n secretArn: exampleAwsSecretsmanagerSecret.arn,\n }],\n tags: {\n Name: \"example\",\n Key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Proxy(\"example\",\n name=\"example\",\n debug_logging=False,\n engine_family=\"MYSQL\",\n idle_client_timeout=1800,\n require_tls=True,\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n vpc_subnet_ids=[example_aws_subnet[\"id\"]],\n auths=[{\n \"auth_scheme\": \"SECRETS\",\n \"description\": \"example\",\n \"iam_auth\": \"DISABLED\",\n \"secret_arn\": example_aws_secretsmanager_secret[\"arn\"],\n }],\n tags={\n \"Name\": \"example\",\n \"Key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Proxy(\"example\", new()\n {\n Name = \"example\",\n DebugLogging = false,\n EngineFamily = \"MYSQL\",\n IdleClientTimeout = 1800,\n RequireTls = true,\n RoleArn = exampleAwsIamRole.Arn,\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n VpcSubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n Auths = new[]\n {\n new Aws.Rds.Inputs.ProxyAuthArgs\n {\n AuthScheme = \"SECRETS\",\n Description = \"example\",\n IamAuth = \"DISABLED\",\n SecretArn = exampleAwsSecretsmanagerSecret.Arn,\n },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewProxy(ctx, \"example\", \u0026rds.ProxyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDebugLogging: pulumi.Bool(false),\n\t\t\tEngineFamily: pulumi.String(\"MYSQL\"),\n\t\t\tIdleClientTimeout: pulumi.Int(1800),\n\t\t\tRequireTls: pulumi.Bool(true),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tAuths: rds.ProxyAuthArray{\n\t\t\t\t\u0026rds.ProxyAuthArgs{\n\t\t\t\t\tAuthScheme: pulumi.String(\"SECRETS\"),\n\t\t\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\t\t\tIamAuth: pulumi.String(\"DISABLED\"),\n\t\t\t\t\tSecretArn: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t\t\"Key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Proxy;\nimport com.pulumi.aws.rds.ProxyArgs;\nimport com.pulumi.aws.rds.inputs.ProxyAuthArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Proxy(\"example\", ProxyArgs.builder()\n .name(\"example\")\n .debugLogging(false)\n .engineFamily(\"MYSQL\")\n .idleClientTimeout(1800)\n .requireTls(true)\n .roleArn(exampleAwsIamRole.arn())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .vpcSubnetIds(exampleAwsSubnet.id())\n .auths(ProxyAuthArgs.builder()\n .authScheme(\"SECRETS\")\n .description(\"example\")\n .iamAuth(\"DISABLED\")\n .secretArn(exampleAwsSecretsmanagerSecret.arn())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Key\", \"value\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Proxy\n properties:\n name: example\n debugLogging: false\n engineFamily: MYSQL\n idleClientTimeout: 1800\n requireTls: true\n roleArn: ${exampleAwsIamRole.arn}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n vpcSubnetIds:\n - ${exampleAwsSubnet.id}\n auths:\n - authScheme: SECRETS\n description: example\n iamAuth: DISABLED\n secretArn: ${exampleAwsSecretsmanagerSecret.arn}\n tags:\n Name: example\n Key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB proxies using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/proxy:Proxy example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the proxy.\n" }, "auths": { "type": "array", "items": { "$ref": "#/types/aws:rds/ProxyAuth:ProxyAuth" }, "description": "Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.\n" }, "debugLogging": { "type": "boolean", "description": "Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.\n" }, "endpoint": { "type": "string", "description": "The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.\n" }, "engineFamily": { "type": "string", "description": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL`. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL`. For RDS for Microsoft SQL Server, specify `SQLSERVER`. Valid values are `MYSQL`, `POSTGRESQL`, and `SQLSERVER`.\n" }, "idleClientTimeout": { "type": "integer", "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.\n" }, "name": { "type": "string", "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n" }, "requireTls": { "type": "boolean", "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n" } }, "required": [ "arn", "auths", "endpoint", "engineFamily", "idleClientTimeout", "name", "roleArn", "tagsAll", "vpcSecurityGroupIds", "vpcSubnetIds" ], "inputProperties": { "auths": { "type": "array", "items": { "$ref": "#/types/aws:rds/ProxyAuth:ProxyAuth" }, "description": "Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.\n" }, "debugLogging": { "type": "boolean", "description": "Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.\n" }, "engineFamily": { "type": "string", "description": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL`. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL`. For RDS for Microsoft SQL Server, specify `SQLSERVER`. Valid values are `MYSQL`, `POSTGRESQL`, and `SQLSERVER`.\n", "willReplaceOnChanges": true }, "idleClientTimeout": { "type": "integer", "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.\n" }, "name": { "type": "string", "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n" }, "requireTls": { "type": "boolean", "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "auths", "engineFamily", "roleArn", "vpcSubnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering Proxy resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the proxy.\n" }, "auths": { "type": "array", "items": { "$ref": "#/types/aws:rds/ProxyAuth:ProxyAuth" }, "description": "Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.\n" }, "debugLogging": { "type": "boolean", "description": "Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.\n" }, "endpoint": { "type": "string", "description": "The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.\n" }, "engineFamily": { "type": "string", "description": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL`. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL`. For RDS for Microsoft SQL Server, specify `SQLSERVER`. Valid values are `MYSQL`, `POSTGRESQL`, and `SQLSERVER`.\n", "willReplaceOnChanges": true }, "idleClientTimeout": { "type": "integer", "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.\n" }, "name": { "type": "string", "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n" }, "requireTls": { "type": "boolean", "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/proxyDefaultTargetGroup:ProxyDefaultTargetGroup": { "description": "Provides a resource to manage an RDS DB proxy default target group resource.\n\nThe `aws.rds.ProxyDefaultTargetGroup` behaves differently from normal resources, in that the provider does not _create_ or _destroy_ this resource, since it implicitly exists as part of an RDS DB Proxy. On the provider resource creation it is automatically imported and on resource destruction, the provider performs no actions in RDS.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Proxy(\"example\", {\n name: \"example\",\n debugLogging: false,\n engineFamily: \"MYSQL\",\n idleClientTimeout: 1800,\n requireTls: true,\n roleArn: exampleAwsIamRole.arn,\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n vpcSubnetIds: [exampleAwsSubnet.id],\n auths: [{\n authScheme: \"SECRETS\",\n description: \"example\",\n iamAuth: \"DISABLED\",\n secretArn: exampleAwsSecretsmanagerSecret.arn,\n }],\n tags: {\n Name: \"example\",\n Key: \"value\",\n },\n});\nconst exampleProxyDefaultTargetGroup = new aws.rds.ProxyDefaultTargetGroup(\"example\", {\n dbProxyName: example.name,\n connectionPoolConfig: {\n connectionBorrowTimeout: 120,\n initQuery: \"SET x=1, y=2\",\n maxConnectionsPercent: 100,\n maxIdleConnectionsPercent: 50,\n sessionPinningFilters: [\"EXCLUDE_VARIABLE_SETS\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Proxy(\"example\",\n name=\"example\",\n debug_logging=False,\n engine_family=\"MYSQL\",\n idle_client_timeout=1800,\n require_tls=True,\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n vpc_subnet_ids=[example_aws_subnet[\"id\"]],\n auths=[{\n \"auth_scheme\": \"SECRETS\",\n \"description\": \"example\",\n \"iam_auth\": \"DISABLED\",\n \"secret_arn\": example_aws_secretsmanager_secret[\"arn\"],\n }],\n tags={\n \"Name\": \"example\",\n \"Key\": \"value\",\n })\nexample_proxy_default_target_group = aws.rds.ProxyDefaultTargetGroup(\"example\",\n db_proxy_name=example.name,\n connection_pool_config={\n \"connection_borrow_timeout\": 120,\n \"init_query\": \"SET x=1, y=2\",\n \"max_connections_percent\": 100,\n \"max_idle_connections_percent\": 50,\n \"session_pinning_filters\": [\"EXCLUDE_VARIABLE_SETS\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Proxy(\"example\", new()\n {\n Name = \"example\",\n DebugLogging = false,\n EngineFamily = \"MYSQL\",\n IdleClientTimeout = 1800,\n RequireTls = true,\n RoleArn = exampleAwsIamRole.Arn,\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n VpcSubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n Auths = new[]\n {\n new Aws.Rds.Inputs.ProxyAuthArgs\n {\n AuthScheme = \"SECRETS\",\n Description = \"example\",\n IamAuth = \"DISABLED\",\n SecretArn = exampleAwsSecretsmanagerSecret.Arn,\n },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Key\", \"value\" },\n },\n });\n\n var exampleProxyDefaultTargetGroup = new Aws.Rds.ProxyDefaultTargetGroup(\"example\", new()\n {\n DbProxyName = example.Name,\n ConnectionPoolConfig = new Aws.Rds.Inputs.ProxyDefaultTargetGroupConnectionPoolConfigArgs\n {\n ConnectionBorrowTimeout = 120,\n InitQuery = \"SET x=1, y=2\",\n MaxConnectionsPercent = 100,\n MaxIdleConnectionsPercent = 50,\n SessionPinningFilters = new[]\n {\n \"EXCLUDE_VARIABLE_SETS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewProxy(ctx, \"example\", \u0026rds.ProxyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDebugLogging: pulumi.Bool(false),\n\t\t\tEngineFamily: pulumi.String(\"MYSQL\"),\n\t\t\tIdleClientTimeout: pulumi.Int(1800),\n\t\t\tRequireTls: pulumi.Bool(true),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tAuths: rds.ProxyAuthArray{\n\t\t\t\t\u0026rds.ProxyAuthArgs{\n\t\t\t\t\tAuthScheme: pulumi.String(\"SECRETS\"),\n\t\t\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\t\t\tIamAuth: pulumi.String(\"DISABLED\"),\n\t\t\t\t\tSecretArn: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t\t\"Key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewProxyDefaultTargetGroup(ctx, \"example\", \u0026rds.ProxyDefaultTargetGroupArgs{\n\t\t\tDbProxyName: example.Name,\n\t\t\tConnectionPoolConfig: \u0026rds.ProxyDefaultTargetGroupConnectionPoolConfigArgs{\n\t\t\t\tConnectionBorrowTimeout: pulumi.Int(120),\n\t\t\t\tInitQuery: pulumi.String(\"SET x=1, y=2\"),\n\t\t\t\tMaxConnectionsPercent: pulumi.Int(100),\n\t\t\t\tMaxIdleConnectionsPercent: pulumi.Int(50),\n\t\t\t\tSessionPinningFilters: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"EXCLUDE_VARIABLE_SETS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Proxy;\nimport com.pulumi.aws.rds.ProxyArgs;\nimport com.pulumi.aws.rds.inputs.ProxyAuthArgs;\nimport com.pulumi.aws.rds.ProxyDefaultTargetGroup;\nimport com.pulumi.aws.rds.ProxyDefaultTargetGroupArgs;\nimport com.pulumi.aws.rds.inputs.ProxyDefaultTargetGroupConnectionPoolConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Proxy(\"example\", ProxyArgs.builder()\n .name(\"example\")\n .debugLogging(false)\n .engineFamily(\"MYSQL\")\n .idleClientTimeout(1800)\n .requireTls(true)\n .roleArn(exampleAwsIamRole.arn())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .vpcSubnetIds(exampleAwsSubnet.id())\n .auths(ProxyAuthArgs.builder()\n .authScheme(\"SECRETS\")\n .description(\"example\")\n .iamAuth(\"DISABLED\")\n .secretArn(exampleAwsSecretsmanagerSecret.arn())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Key\", \"value\")\n ))\n .build());\n\n var exampleProxyDefaultTargetGroup = new ProxyDefaultTargetGroup(\"exampleProxyDefaultTargetGroup\", ProxyDefaultTargetGroupArgs.builder()\n .dbProxyName(example.name())\n .connectionPoolConfig(ProxyDefaultTargetGroupConnectionPoolConfigArgs.builder()\n .connectionBorrowTimeout(120)\n .initQuery(\"SET x=1, y=2\")\n .maxConnectionsPercent(100)\n .maxIdleConnectionsPercent(50)\n .sessionPinningFilters(\"EXCLUDE_VARIABLE_SETS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Proxy\n properties:\n name: example\n debugLogging: false\n engineFamily: MYSQL\n idleClientTimeout: 1800\n requireTls: true\n roleArn: ${exampleAwsIamRole.arn}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n vpcSubnetIds:\n - ${exampleAwsSubnet.id}\n auths:\n - authScheme: SECRETS\n description: example\n iamAuth: DISABLED\n secretArn: ${exampleAwsSecretsmanagerSecret.arn}\n tags:\n Name: example\n Key: value\n exampleProxyDefaultTargetGroup:\n type: aws:rds:ProxyDefaultTargetGroup\n name: example\n properties:\n dbProxyName: ${example.name}\n connectionPoolConfig:\n connectionBorrowTimeout: 120\n initQuery: SET x=1, y=2\n maxConnectionsPercent: 100\n maxIdleConnectionsPercent: 50\n sessionPinningFilters:\n - EXCLUDE_VARIABLE_SETS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB proxy default target groups using the `db_proxy_name`. For example:\n\n```sh\n$ pulumi import aws:rds/proxyDefaultTargetGroup:ProxyDefaultTargetGroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) representing the target group.\n" }, "connectionPoolConfig": { "$ref": "#/types/aws:rds/ProxyDefaultTargetGroupConnectionPoolConfig:ProxyDefaultTargetGroupConnectionPoolConfig", "description": "The settings that determine the size and behavior of the connection pool for the target group.\n" }, "dbProxyName": { "type": "string", "description": "Name of the RDS DB Proxy.\n" }, "name": { "type": "string", "description": "The name of the default target group.\n" } }, "required": [ "arn", "connectionPoolConfig", "dbProxyName", "name" ], "inputProperties": { "connectionPoolConfig": { "$ref": "#/types/aws:rds/ProxyDefaultTargetGroupConnectionPoolConfig:ProxyDefaultTargetGroupConnectionPoolConfig", "description": "The settings that determine the size and behavior of the connection pool for the target group.\n" }, "dbProxyName": { "type": "string", "description": "Name of the RDS DB Proxy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbProxyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProxyDefaultTargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) representing the target group.\n" }, "connectionPoolConfig": { "$ref": "#/types/aws:rds/ProxyDefaultTargetGroupConnectionPoolConfig:ProxyDefaultTargetGroupConnectionPoolConfig", "description": "The settings that determine the size and behavior of the connection pool for the target group.\n" }, "dbProxyName": { "type": "string", "description": "Name of the RDS DB Proxy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the default target group.\n" } }, "type": "object" } }, "aws:rds/proxyEndpoint:ProxyEndpoint": { "description": "Provides an RDS DB proxy endpoint resource. For additional information, see the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy-endpoints.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ProxyEndpoint(\"example\", {\n dbProxyName: test.name,\n dbProxyEndpointName: \"example\",\n vpcSubnetIds: testAwsSubnet.map(__item =\u003e __item.id),\n targetRole: \"READ_ONLY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ProxyEndpoint(\"example\",\n db_proxy_name=test[\"name\"],\n db_proxy_endpoint_name=\"example\",\n vpc_subnet_ids=[__item[\"id\"] for __item in test_aws_subnet],\n target_role=\"READ_ONLY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ProxyEndpoint(\"example\", new()\n {\n DbProxyName = test.Name,\n DbProxyEndpointName = \"example\",\n VpcSubnetIds = testAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n TargetRole = \"READ_ONLY\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range testAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := rds.NewProxyEndpoint(ctx, \"example\", \u0026rds.ProxyEndpointArgs{\nDbProxyName: pulumi.Any(test.Name),\nDbProxyEndpointName: pulumi.String(\"example\"),\nVpcSubnetIds: toPulumiArray(splat0),\nTargetRole: pulumi.String(\"READ_ONLY\"),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ProxyEndpoint;\nimport com.pulumi.aws.rds.ProxyEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProxyEndpoint(\"example\", ProxyEndpointArgs.builder()\n .dbProxyName(test.name())\n .dbProxyEndpointName(\"example\")\n .vpcSubnetIds(testAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .targetRole(\"READ_ONLY\")\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB proxy endpoints using the `DB-PROXY-NAME/DB-PROXY-ENDPOINT-NAME`. For example:\n\n```sh\n$ pulumi import aws:rds/proxyEndpoint:ProxyEndpoint example example/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the proxy endpoint.\n" }, "dbProxyEndpointName": { "type": "string", "description": "The identifier for the proxy endpoint. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n" }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy associated with the DB proxy endpoint that you create.\n" }, "endpoint": { "type": "string", "description": "The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.\n" }, "isDefault": { "type": "boolean", "description": "Indicates whether this endpoint is the default endpoint for the associated DB proxy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "targetRole": { "type": "string", "description": "Indicates whether the DB proxy endpoint can be used for read/write or read-only operations. The default is `READ_WRITE`. Valid values are `READ_WRITE` and `READ_ONLY`.\n" }, "vpcId": { "type": "string", "description": "The VPC ID of the DB proxy endpoint.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n" } }, "required": [ "arn", "dbProxyEndpointName", "dbProxyName", "endpoint", "isDefault", "tagsAll", "vpcId", "vpcSecurityGroupIds", "vpcSubnetIds" ], "inputProperties": { "dbProxyEndpointName": { "type": "string", "description": "The identifier for the proxy endpoint. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy associated with the DB proxy endpoint that you create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "targetRole": { "type": "string", "description": "Indicates whether the DB proxy endpoint can be used for read/write or read-only operations. The default is `READ_WRITE`. Valid values are `READ_WRITE` and `READ_ONLY`.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbProxyEndpointName", "dbProxyName", "vpcSubnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProxyEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the proxy endpoint.\n" }, "dbProxyEndpointName": { "type": "string", "description": "The identifier for the proxy endpoint. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n", "willReplaceOnChanges": true }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy associated with the DB proxy endpoint that you create.\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.\n" }, "isDefault": { "type": "boolean", "description": "Indicates whether this endpoint is the default endpoint for the associated DB proxy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "targetRole": { "type": "string", "description": "Indicates whether the DB proxy endpoint can be used for read/write or read-only operations. The default is `READ_WRITE`. Valid values are `READ_WRITE` and `READ_ONLY`.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The VPC ID of the DB proxy endpoint.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC security group IDs to associate with the new proxy.\n" }, "vpcSubnetIds": { "type": "array", "items": { "type": "string" }, "description": "One or more VPC subnet IDs to associate with the new proxy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/proxyTarget:ProxyTarget": { "description": "Provides an RDS DB proxy target resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Proxy(\"example\", {\n name: \"example\",\n debugLogging: false,\n engineFamily: \"MYSQL\",\n idleClientTimeout: 1800,\n requireTls: true,\n roleArn: exampleAwsIamRole.arn,\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n vpcSubnetIds: [exampleAwsSubnet.id],\n auths: [{\n authScheme: \"SECRETS\",\n description: \"example\",\n iamAuth: \"DISABLED\",\n secretArn: exampleAwsSecretsmanagerSecret.arn,\n }],\n tags: {\n Name: \"example\",\n Key: \"value\",\n },\n});\nconst exampleProxyDefaultTargetGroup = new aws.rds.ProxyDefaultTargetGroup(\"example\", {\n dbProxyName: example.name,\n connectionPoolConfig: {\n connectionBorrowTimeout: 120,\n initQuery: \"SET x=1, y=2\",\n maxConnectionsPercent: 100,\n maxIdleConnectionsPercent: 50,\n sessionPinningFilters: [\"EXCLUDE_VARIABLE_SETS\"],\n },\n});\nconst exampleProxyTarget = new aws.rds.ProxyTarget(\"example\", {\n dbInstanceIdentifier: exampleAwsDbInstance.identifier,\n dbProxyName: example.name,\n targetGroupName: exampleProxyDefaultTargetGroup.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Proxy(\"example\",\n name=\"example\",\n debug_logging=False,\n engine_family=\"MYSQL\",\n idle_client_timeout=1800,\n require_tls=True,\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n vpc_subnet_ids=[example_aws_subnet[\"id\"]],\n auths=[{\n \"auth_scheme\": \"SECRETS\",\n \"description\": \"example\",\n \"iam_auth\": \"DISABLED\",\n \"secret_arn\": example_aws_secretsmanager_secret[\"arn\"],\n }],\n tags={\n \"Name\": \"example\",\n \"Key\": \"value\",\n })\nexample_proxy_default_target_group = aws.rds.ProxyDefaultTargetGroup(\"example\",\n db_proxy_name=example.name,\n connection_pool_config={\n \"connection_borrow_timeout\": 120,\n \"init_query\": \"SET x=1, y=2\",\n \"max_connections_percent\": 100,\n \"max_idle_connections_percent\": 50,\n \"session_pinning_filters\": [\"EXCLUDE_VARIABLE_SETS\"],\n })\nexample_proxy_target = aws.rds.ProxyTarget(\"example\",\n db_instance_identifier=example_aws_db_instance[\"identifier\"],\n db_proxy_name=example.name,\n target_group_name=example_proxy_default_target_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Proxy(\"example\", new()\n {\n Name = \"example\",\n DebugLogging = false,\n EngineFamily = \"MYSQL\",\n IdleClientTimeout = 1800,\n RequireTls = true,\n RoleArn = exampleAwsIamRole.Arn,\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n VpcSubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n Auths = new[]\n {\n new Aws.Rds.Inputs.ProxyAuthArgs\n {\n AuthScheme = \"SECRETS\",\n Description = \"example\",\n IamAuth = \"DISABLED\",\n SecretArn = exampleAwsSecretsmanagerSecret.Arn,\n },\n },\n Tags = \n {\n { \"Name\", \"example\" },\n { \"Key\", \"value\" },\n },\n });\n\n var exampleProxyDefaultTargetGroup = new Aws.Rds.ProxyDefaultTargetGroup(\"example\", new()\n {\n DbProxyName = example.Name,\n ConnectionPoolConfig = new Aws.Rds.Inputs.ProxyDefaultTargetGroupConnectionPoolConfigArgs\n {\n ConnectionBorrowTimeout = 120,\n InitQuery = \"SET x=1, y=2\",\n MaxConnectionsPercent = 100,\n MaxIdleConnectionsPercent = 50,\n SessionPinningFilters = new[]\n {\n \"EXCLUDE_VARIABLE_SETS\",\n },\n },\n });\n\n var exampleProxyTarget = new Aws.Rds.ProxyTarget(\"example\", new()\n {\n DbInstanceIdentifier = exampleAwsDbInstance.Identifier,\n DbProxyName = example.Name,\n TargetGroupName = exampleProxyDefaultTargetGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewProxy(ctx, \"example\", \u0026rds.ProxyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDebugLogging: pulumi.Bool(false),\n\t\t\tEngineFamily: pulumi.String(\"MYSQL\"),\n\t\t\tIdleClientTimeout: pulumi.Int(1800),\n\t\t\tRequireTls: pulumi.Bool(true),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tAuths: rds.ProxyAuthArray{\n\t\t\t\t\u0026rds.ProxyAuthArgs{\n\t\t\t\t\tAuthScheme: pulumi.String(\"SECRETS\"),\n\t\t\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\t\t\tIamAuth: pulumi.String(\"DISABLED\"),\n\t\t\t\t\tSecretArn: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t\t\"Key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProxyDefaultTargetGroup, err := rds.NewProxyDefaultTargetGroup(ctx, \"example\", \u0026rds.ProxyDefaultTargetGroupArgs{\n\t\t\tDbProxyName: example.Name,\n\t\t\tConnectionPoolConfig: \u0026rds.ProxyDefaultTargetGroupConnectionPoolConfigArgs{\n\t\t\t\tConnectionBorrowTimeout: pulumi.Int(120),\n\t\t\t\tInitQuery: pulumi.String(\"SET x=1, y=2\"),\n\t\t\t\tMaxConnectionsPercent: pulumi.Int(100),\n\t\t\t\tMaxIdleConnectionsPercent: pulumi.Int(50),\n\t\t\t\tSessionPinningFilters: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"EXCLUDE_VARIABLE_SETS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewProxyTarget(ctx, \"example\", \u0026rds.ProxyTargetArgs{\n\t\t\tDbInstanceIdentifier: pulumi.Any(exampleAwsDbInstance.Identifier),\n\t\t\tDbProxyName: example.Name,\n\t\t\tTargetGroupName: exampleProxyDefaultTargetGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Proxy;\nimport com.pulumi.aws.rds.ProxyArgs;\nimport com.pulumi.aws.rds.inputs.ProxyAuthArgs;\nimport com.pulumi.aws.rds.ProxyDefaultTargetGroup;\nimport com.pulumi.aws.rds.ProxyDefaultTargetGroupArgs;\nimport com.pulumi.aws.rds.inputs.ProxyDefaultTargetGroupConnectionPoolConfigArgs;\nimport com.pulumi.aws.rds.ProxyTarget;\nimport com.pulumi.aws.rds.ProxyTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Proxy(\"example\", ProxyArgs.builder()\n .name(\"example\")\n .debugLogging(false)\n .engineFamily(\"MYSQL\")\n .idleClientTimeout(1800)\n .requireTls(true)\n .roleArn(exampleAwsIamRole.arn())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .vpcSubnetIds(exampleAwsSubnet.id())\n .auths(ProxyAuthArgs.builder()\n .authScheme(\"SECRETS\")\n .description(\"example\")\n .iamAuth(\"DISABLED\")\n .secretArn(exampleAwsSecretsmanagerSecret.arn())\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example\"),\n Map.entry(\"Key\", \"value\")\n ))\n .build());\n\n var exampleProxyDefaultTargetGroup = new ProxyDefaultTargetGroup(\"exampleProxyDefaultTargetGroup\", ProxyDefaultTargetGroupArgs.builder()\n .dbProxyName(example.name())\n .connectionPoolConfig(ProxyDefaultTargetGroupConnectionPoolConfigArgs.builder()\n .connectionBorrowTimeout(120)\n .initQuery(\"SET x=1, y=2\")\n .maxConnectionsPercent(100)\n .maxIdleConnectionsPercent(50)\n .sessionPinningFilters(\"EXCLUDE_VARIABLE_SETS\")\n .build())\n .build());\n\n var exampleProxyTarget = new ProxyTarget(\"exampleProxyTarget\", ProxyTargetArgs.builder()\n .dbInstanceIdentifier(exampleAwsDbInstance.identifier())\n .dbProxyName(example.name())\n .targetGroupName(exampleProxyDefaultTargetGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Proxy\n properties:\n name: example\n debugLogging: false\n engineFamily: MYSQL\n idleClientTimeout: 1800\n requireTls: true\n roleArn: ${exampleAwsIamRole.arn}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n vpcSubnetIds:\n - ${exampleAwsSubnet.id}\n auths:\n - authScheme: SECRETS\n description: example\n iamAuth: DISABLED\n secretArn: ${exampleAwsSecretsmanagerSecret.arn}\n tags:\n Name: example\n Key: value\n exampleProxyDefaultTargetGroup:\n type: aws:rds:ProxyDefaultTargetGroup\n name: example\n properties:\n dbProxyName: ${example.name}\n connectionPoolConfig:\n connectionBorrowTimeout: 120\n initQuery: SET x=1, y=2\n maxConnectionsPercent: 100\n maxIdleConnectionsPercent: 50\n sessionPinningFilters:\n - EXCLUDE_VARIABLE_SETS\n exampleProxyTarget:\n type: aws:rds:ProxyTarget\n name: example\n properties:\n dbInstanceIdentifier: ${exampleAwsDbInstance.identifier}\n dbProxyName: ${example.name}\n targetGroupName: ${exampleProxyDefaultTargetGroup.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nProvisioned Clusters:\n\n__Using `pulumi import` to import__ RDS DB Proxy Targets using the `db_proxy_name`, `target_group_name`, target type (such as `RDS_INSTANCE` or `TRACKED_CLUSTER`), and resource identifier separated by forward slashes (`/`). For example:\n\nInstances:\n\n```sh\n$ pulumi import aws:rds/proxyTarget:ProxyTarget example example-proxy/default/RDS_INSTANCE/example-instance\n```\nProvisioned Clusters:\n\n```sh\n$ pulumi import aws:rds/proxyTarget:ProxyTarget example example-proxy/default/TRACKED_CLUSTER/example-cluster\n```\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "DB cluster identifier.\n\n**NOTE:** Either `db_instance_identifier` or `db_cluster_identifier` should be specified and both should not be specified together\n" }, "dbInstanceIdentifier": { "type": "string", "description": "DB instance identifier.\n" }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy.\n" }, "endpoint": { "type": "string", "description": "Hostname for the target RDS DB Instance. Only returned for `RDS_INSTANCE` type.\n" }, "port": { "type": "integer", "description": "Port for the target RDS DB Instance or Aurora DB Cluster.\n" }, "rdsResourceId": { "type": "string", "description": "Identifier representing the DB Instance or DB Cluster target.\n" }, "targetArn": { "type": "string", "description": "Amazon Resource Name (ARN) for the DB instance or DB cluster. Currently not returned by the RDS API.\n" }, "targetGroupName": { "type": "string", "description": "The name of the target group.\n" }, "trackedClusterId": { "type": "string", "description": "DB Cluster identifier for the DB Instance target. Not returned unless manually importing an `RDS_INSTANCE` target that is part of a DB Cluster.\n" }, "type": { "type": "string", "description": "Type of targetE.g., `RDS_INSTANCE` or `TRACKED_CLUSTER`\n" } }, "required": [ "dbProxyName", "endpoint", "port", "rdsResourceId", "targetArn", "targetGroupName", "trackedClusterId", "type" ], "inputProperties": { "dbClusterIdentifier": { "type": "string", "description": "DB cluster identifier.\n\n**NOTE:** Either `db_instance_identifier` or `db_cluster_identifier` should be specified and both should not be specified together\n", "willReplaceOnChanges": true }, "dbInstanceIdentifier": { "type": "string", "description": "DB instance identifier.\n", "willReplaceOnChanges": true }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy.\n", "willReplaceOnChanges": true }, "targetGroupName": { "type": "string", "description": "The name of the target group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbProxyName", "targetGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProxyTarget resources.\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "DB cluster identifier.\n\n**NOTE:** Either `db_instance_identifier` or `db_cluster_identifier` should be specified and both should not be specified together\n", "willReplaceOnChanges": true }, "dbInstanceIdentifier": { "type": "string", "description": "DB instance identifier.\n", "willReplaceOnChanges": true }, "dbProxyName": { "type": "string", "description": "The name of the DB proxy.\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "Hostname for the target RDS DB Instance. Only returned for `RDS_INSTANCE` type.\n" }, "port": { "type": "integer", "description": "Port for the target RDS DB Instance or Aurora DB Cluster.\n" }, "rdsResourceId": { "type": "string", "description": "Identifier representing the DB Instance or DB Cluster target.\n" }, "targetArn": { "type": "string", "description": "Amazon Resource Name (ARN) for the DB instance or DB cluster. Currently not returned by the RDS API.\n" }, "targetGroupName": { "type": "string", "description": "The name of the target group.\n", "willReplaceOnChanges": true }, "trackedClusterId": { "type": "string", "description": "DB Cluster identifier for the DB Instance target. Not returned unless manually importing an `RDS_INSTANCE` target that is part of a DB Cluster.\n" }, "type": { "type": "string", "description": "Type of targetE.g., `RDS_INSTANCE` or `TRACKED_CLUSTER`\n" } }, "type": "object" } }, "aws:rds/reservedInstance:ReservedInstance": { "description": "Manages an RDS DB Reserved Instance.\n\n\u003e **NOTE:** Once created, a reservation is valid for the `duration` of the provided `offering_id` and cannot be deleted. Performing a `destroy` will only remove the resource from state. For more information see [RDS Reserved Instances Documentation](https://aws.amazon.com/rds/reserved-instances/) and [PurchaseReservedDBInstancesOffering](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PurchaseReservedDBInstancesOffering.html).\n\n\u003e **NOTE:** Due to the expense of testing this resource, we provide it as best effort. If you find it useful, and have the ability to help test or notice issues, consider reaching out to us on GitHub.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getReservedInstanceOffering({\n dbInstanceClass: \"db.t2.micro\",\n duration: 31536000,\n multiAz: false,\n offeringType: \"All Upfront\",\n productDescription: \"mysql\",\n});\nconst example = new aws.rds.ReservedInstance(\"example\", {\n offeringId: test.then(test =\u003e test.offeringId),\n reservationId: \"optionalCustomReservationID\",\n instanceCount: 3,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_reserved_instance_offering(db_instance_class=\"db.t2.micro\",\n duration=31536000,\n multi_az=False,\n offering_type=\"All Upfront\",\n product_description=\"mysql\")\nexample = aws.rds.ReservedInstance(\"example\",\n offering_id=test.offering_id,\n reservation_id=\"optionalCustomReservationID\",\n instance_count=3)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetReservedInstanceOffering.Invoke(new()\n {\n DbInstanceClass = \"db.t2.micro\",\n Duration = 31536000,\n MultiAz = false,\n OfferingType = \"All Upfront\",\n ProductDescription = \"mysql\",\n });\n\n var example = new Aws.Rds.ReservedInstance(\"example\", new()\n {\n OfferingId = test.Apply(getReservedInstanceOfferingResult =\u003e getReservedInstanceOfferingResult.OfferingId),\n ReservationId = \"optionalCustomReservationID\",\n InstanceCount = 3,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := rds.GetReservedInstanceOffering(ctx, \u0026rds.GetReservedInstanceOfferingArgs{\n\t\t\tDbInstanceClass: \"db.t2.micro\",\n\t\t\tDuration: 31536000,\n\t\t\tMultiAz: false,\n\t\t\tOfferingType: \"All Upfront\",\n\t\t\tProductDescription: \"mysql\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewReservedInstance(ctx, \"example\", \u0026rds.ReservedInstanceArgs{\n\t\t\tOfferingId: pulumi.String(test.OfferingId),\n\t\t\tReservationId: pulumi.String(\"optionalCustomReservationID\"),\n\t\t\tInstanceCount: pulumi.Int(3),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetReservedInstanceOfferingArgs;\nimport com.pulumi.aws.rds.ReservedInstance;\nimport com.pulumi.aws.rds.ReservedInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getReservedInstanceOffering(GetReservedInstanceOfferingArgs.builder()\n .dbInstanceClass(\"db.t2.micro\")\n .duration(31536000)\n .multiAz(false)\n .offeringType(\"All Upfront\")\n .productDescription(\"mysql\")\n .build());\n\n var example = new ReservedInstance(\"example\", ReservedInstanceArgs.builder()\n .offeringId(test.applyValue(getReservedInstanceOfferingResult -\u003e getReservedInstanceOfferingResult.offeringId()))\n .reservationId(\"optionalCustomReservationID\")\n .instanceCount(3)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ReservedInstance\n properties:\n offeringId: ${test.offeringId}\n reservationId: optionalCustomReservationID\n instanceCount: 3\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getReservedInstanceOffering\n Arguments:\n dbInstanceClass: db.t2.micro\n duration: 3.1536e+07\n multiAz: false\n offeringType: All Upfront\n productDescription: mysql\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS DB Instance Reservations using the `instance_id`. For example:\n\n```sh\n$ pulumi import aws:rds/reservedInstance:ReservedInstance reservation_instance CustomReservationID\n```\n", "properties": { "arn": { "type": "string", "description": "ARN for the reserved DB instance.\n" }, "currencyCode": { "type": "string", "description": "Currency code for the reserved DB instance.\n" }, "dbInstanceClass": { "type": "string", "description": "DB instance class for the reserved DB instance.\n" }, "duration": { "type": "integer", "description": "Duration of the reservation in seconds.\n" }, "fixedPrice": { "type": "number", "description": "Fixed price charged for this reserved DB instance.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances to reserve. Default value is `1`.\n" }, "leaseId": { "type": "string", "description": "Unique identifier for the lease associated with the reserved DB instance. Amazon Web Services Support might request the lease ID for an issue related to a reserved DB instance.\n" }, "multiAz": { "type": "boolean", "description": "Whether the reservation applies to Multi-AZ deployments.\n" }, "offeringId": { "type": "string", "description": "ID of the Reserved DB instance offering to purchase. To determine an `offering_id`, see the `aws.rds.getReservedInstanceOffering` data source.\n\nThe following arguments are optional:\n" }, "offeringType": { "type": "string", "description": "Offering type of this reserved DB instance.\n" }, "productDescription": { "type": "string", "description": "Description of the reserved DB instance.\n" }, "recurringCharges": { "type": "array", "items": { "$ref": "#/types/aws:rds/ReservedInstanceRecurringCharge:ReservedInstanceRecurringCharge" }, "description": "Recurring price charged to run this reserved DB instance.\n" }, "reservationId": { "type": "string", "description": "Customer-specified identifier to track this reservation.\n" }, "startTime": { "type": "string", "description": "Time the reservation started.\n" }, "state": { "type": "string", "description": "State of the reserved DB instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the DB reservation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "usagePrice": { "type": "number", "description": "Hourly price charged for this reserved DB instance.\n" } }, "required": [ "arn", "currencyCode", "dbInstanceClass", "duration", "fixedPrice", "leaseId", "multiAz", "offeringId", "offeringType", "productDescription", "recurringCharges", "startTime", "state", "tagsAll", "usagePrice" ], "inputProperties": { "instanceCount": { "type": "integer", "description": "Number of instances to reserve. Default value is `1`.\n", "willReplaceOnChanges": true }, "offeringId": { "type": "string", "description": "ID of the Reserved DB instance offering to purchase. To determine an `offering_id`, see the `aws.rds.getReservedInstanceOffering` data source.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "reservationId": { "type": "string", "description": "Customer-specified identifier to track this reservation.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the DB reservation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "offeringId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReservedInstance resources.\n", "properties": { "arn": { "type": "string", "description": "ARN for the reserved DB instance.\n" }, "currencyCode": { "type": "string", "description": "Currency code for the reserved DB instance.\n" }, "dbInstanceClass": { "type": "string", "description": "DB instance class for the reserved DB instance.\n" }, "duration": { "type": "integer", "description": "Duration of the reservation in seconds.\n" }, "fixedPrice": { "type": "number", "description": "Fixed price charged for this reserved DB instance.\n" }, "instanceCount": { "type": "integer", "description": "Number of instances to reserve. Default value is `1`.\n", "willReplaceOnChanges": true }, "leaseId": { "type": "string", "description": "Unique identifier for the lease associated with the reserved DB instance. Amazon Web Services Support might request the lease ID for an issue related to a reserved DB instance.\n" }, "multiAz": { "type": "boolean", "description": "Whether the reservation applies to Multi-AZ deployments.\n" }, "offeringId": { "type": "string", "description": "ID of the Reserved DB instance offering to purchase. To determine an `offering_id`, see the `aws.rds.getReservedInstanceOffering` data source.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "offeringType": { "type": "string", "description": "Offering type of this reserved DB instance.\n" }, "productDescription": { "type": "string", "description": "Description of the reserved DB instance.\n" }, "recurringCharges": { "type": "array", "items": { "$ref": "#/types/aws:rds/ReservedInstanceRecurringCharge:ReservedInstanceRecurringCharge" }, "description": "Recurring price charged to run this reserved DB instance.\n" }, "reservationId": { "type": "string", "description": "Customer-specified identifier to track this reservation.\n", "willReplaceOnChanges": true }, "startTime": { "type": "string", "description": "Time the reservation started.\n" }, "state": { "type": "string", "description": "State of the reserved DB instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the DB reservation. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "usagePrice": { "type": "number", "description": "Hourly price charged for this reserved DB instance.\n" } }, "type": "object" } }, "aws:rds/roleAssociation:RoleAssociation": { "description": "Manages an RDS DB Instance association with an IAM Role. Example use cases:\n\n* [Amazon RDS Oracle integration with Amazon S3](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html)\n* [Importing Amazon S3 Data into an RDS PostgreSQL DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PostgreSQL.S3Import.html)\n\n\u003e To manage the RDS DB Instance IAM Role for [Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html), see the `aws.rds.Instance` resource `monitoring_role_arn` argument instead.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.RoleAssociation(\"example\", {\n dbInstanceIdentifier: exampleAwsDbInstance.identifier,\n featureName: \"S3_INTEGRATION\",\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.RoleAssociation(\"example\",\n db_instance_identifier=example_aws_db_instance[\"identifier\"],\n feature_name=\"S3_INTEGRATION\",\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.RoleAssociation(\"example\", new()\n {\n DbInstanceIdentifier = exampleAwsDbInstance.Identifier,\n FeatureName = \"S3_INTEGRATION\",\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewRoleAssociation(ctx, \"example\", \u0026rds.RoleAssociationArgs{\n\t\t\tDbInstanceIdentifier: pulumi.Any(exampleAwsDbInstance.Identifier),\n\t\t\tFeatureName: pulumi.String(\"S3_INTEGRATION\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RoleAssociation;\nimport com.pulumi.aws.rds.RoleAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RoleAssociation(\"example\", RoleAssociationArgs.builder()\n .dbInstanceIdentifier(exampleAwsDbInstance.identifier())\n .featureName(\"S3_INTEGRATION\")\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:RoleAssociation\n properties:\n dbInstanceIdentifier: ${exampleAwsDbInstance.identifier}\n featureName: S3_INTEGRATION\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_db_instance_role_association` using the DB Instance Identifier and IAM Role ARN separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:rds/roleAssociation:RoleAssociation example my-db-instance,arn:aws:iam::123456789012:role/my-role\n```\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n" }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n" }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n" } }, "required": [ "dbInstanceIdentifier", "featureName", "roleArn" ], "inputProperties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n", "willReplaceOnChanges": true }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "dbInstanceIdentifier", "featureName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoleAssociation resources.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "DB Instance Identifier to associate with the IAM Role.\n", "willReplaceOnChanges": true }, "featureName": { "type": "string", "description": "Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM Role to associate with the DB Instance.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rds/snapshot:Snapshot": { "description": "Manages an RDS database instance snapshot. For managing RDS database cluster snapshots, see the `aws.rds.ClusterSnapshot` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.rds.Instance(\"bar\", {\n allocatedStorage: 10,\n engine: \"mysql\",\n engineVersion: \"5.6.21\",\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"baz\",\n password: \"barbarbarbar\",\n username: \"foo\",\n maintenanceWindow: \"Fri:09:00-Fri:09:30\",\n backupRetentionPeriod: 0,\n parameterGroupName: \"default.mysql5.6\",\n});\nconst test = new aws.rds.Snapshot(\"test\", {\n dbInstanceIdentifier: bar.identifier,\n dbSnapshotIdentifier: \"testsnapshot1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.rds.Instance(\"bar\",\n allocated_storage=10,\n engine=\"mysql\",\n engine_version=\"5.6.21\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"baz\",\n password=\"barbarbarbar\",\n username=\"foo\",\n maintenance_window=\"Fri:09:00-Fri:09:30\",\n backup_retention_period=0,\n parameter_group_name=\"default.mysql5.6\")\ntest = aws.rds.Snapshot(\"test\",\n db_instance_identifier=bar.identifier,\n db_snapshot_identifier=\"testsnapshot1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Rds.Instance(\"bar\", new()\n {\n AllocatedStorage = 10,\n Engine = \"mysql\",\n EngineVersion = \"5.6.21\",\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"baz\",\n Password = \"barbarbarbar\",\n Username = \"foo\",\n MaintenanceWindow = \"Fri:09:00-Fri:09:30\",\n BackupRetentionPeriod = 0,\n ParameterGroupName = \"default.mysql5.6\",\n });\n\n var test = new Aws.Rds.Snapshot(\"test\", new()\n {\n DbInstanceIdentifier = bar.Identifier,\n DbSnapshotIdentifier = \"testsnapshot1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbar, err := rds.NewInstance(ctx, \"bar\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.21\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"baz\"),\n\t\t\tPassword: pulumi.String(\"barbarbarbar\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tMaintenanceWindow: pulumi.String(\"Fri:09:00-Fri:09:30\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(0),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewSnapshot(ctx, \"test\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: bar.Identifier,\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"testsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.Snapshot;\nimport com.pulumi.aws.rds.SnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Instance(\"bar\", InstanceArgs.builder()\n .allocatedStorage(10)\n .engine(\"mysql\")\n .engineVersion(\"5.6.21\")\n .instanceClass(\"db.t2.micro\")\n .dbName(\"baz\")\n .password(\"barbarbarbar\")\n .username(\"foo\")\n .maintenanceWindow(\"Fri:09:00-Fri:09:30\")\n .backupRetentionPeriod(0)\n .parameterGroupName(\"default.mysql5.6\")\n .build());\n\n var test = new Snapshot(\"test\", SnapshotArgs.builder()\n .dbInstanceIdentifier(bar.identifier())\n .dbSnapshotIdentifier(\"testsnapshot1234\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n engine: mysql\n engineVersion: 5.6.21\n instanceClass: db.t2.micro\n dbName: baz\n password: barbarbarbar\n username: foo\n maintenanceWindow: Fri:09:00-Fri:09:30\n backupRetentionPeriod: 0\n parameterGroupName: default.mysql5.6\n test:\n type: aws:rds:Snapshot\n properties:\n dbInstanceIdentifier: ${bar.identifier}\n dbSnapshotIdentifier: testsnapshot1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_db_snapshot` using the snapshot identifier. For example:\n\n```sh\n$ pulumi import aws:rds/snapshot:Snapshot example my-snapshot\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n" }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "Provides the option group name for the DB snapshot.\n" }, "port": { "type": "integer" }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "The DB snapshot Arn that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "status": { "type": "string", "description": "Specifies the status of this DB snapshot.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Provides the VPC ID associated with the DB snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZone", "dbInstanceIdentifier", "dbSnapshotArn", "dbSnapshotIdentifier", "encrypted", "engine", "engineVersion", "iops", "kmsKeyId", "licenseModel", "optionGroupName", "port", "snapshotType", "sourceDbSnapshotIdentifier", "sourceRegion", "status", "storageType", "tagsAll", "vpcId" ], "inputProperties": { "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dbInstanceIdentifier", "dbSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "dbInstanceIdentifier": { "type": "string", "description": "The DB Instance Identifier from which to take the snapshot.\n", "willReplaceOnChanges": true }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "Provides the option group name for the DB snapshot.\n" }, "port": { "type": "integer" }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "The DB snapshot Arn that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "status": { "type": "string", "description": "Specifies the status of this DB snapshot.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Provides the VPC ID associated with the DB snapshot.\n" } }, "type": "object" } }, "aws:rds/snapshotCopy:SnapshotCopy": { "description": "Manages an RDS database instance snapshot copy. For managing RDS database cluster snapshots, see the `aws.rds.ClusterSnapshot` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Instance(\"example\", {\n allocatedStorage: 10,\n engine: \"mysql\",\n engineVersion: \"5.6.21\",\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"baz\",\n password: \"barbarbarbar\",\n username: \"foo\",\n maintenanceWindow: \"Fri:09:00-Fri:09:30\",\n backupRetentionPeriod: 0,\n parameterGroupName: \"default.mysql5.6\",\n});\nconst exampleSnapshot = new aws.rds.Snapshot(\"example\", {\n dbInstanceIdentifier: example.identifier,\n dbSnapshotIdentifier: \"testsnapshot1234\",\n});\nconst exampleSnapshotCopy = new aws.rds.SnapshotCopy(\"example\", {\n sourceDbSnapshotIdentifier: exampleSnapshot.dbSnapshotArn,\n targetDbSnapshotIdentifier: \"testsnapshot1234-copy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Instance(\"example\",\n allocated_storage=10,\n engine=\"mysql\",\n engine_version=\"5.6.21\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"baz\",\n password=\"barbarbarbar\",\n username=\"foo\",\n maintenance_window=\"Fri:09:00-Fri:09:30\",\n backup_retention_period=0,\n parameter_group_name=\"default.mysql5.6\")\nexample_snapshot = aws.rds.Snapshot(\"example\",\n db_instance_identifier=example.identifier,\n db_snapshot_identifier=\"testsnapshot1234\")\nexample_snapshot_copy = aws.rds.SnapshotCopy(\"example\",\n source_db_snapshot_identifier=example_snapshot.db_snapshot_arn,\n target_db_snapshot_identifier=\"testsnapshot1234-copy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Instance(\"example\", new()\n {\n AllocatedStorage = 10,\n Engine = \"mysql\",\n EngineVersion = \"5.6.21\",\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"baz\",\n Password = \"barbarbarbar\",\n Username = \"foo\",\n MaintenanceWindow = \"Fri:09:00-Fri:09:30\",\n BackupRetentionPeriod = 0,\n ParameterGroupName = \"default.mysql5.6\",\n });\n\n var exampleSnapshot = new Aws.Rds.Snapshot(\"example\", new()\n {\n DbInstanceIdentifier = example.Identifier,\n DbSnapshotIdentifier = \"testsnapshot1234\",\n });\n\n var exampleSnapshotCopy = new Aws.Rds.SnapshotCopy(\"example\", new()\n {\n SourceDbSnapshotIdentifier = exampleSnapshot.DbSnapshotArn,\n TargetDbSnapshotIdentifier = \"testsnapshot1234-copy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.21\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"baz\"),\n\t\t\tPassword: pulumi.String(\"barbarbarbar\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tMaintenanceWindow: pulumi.String(\"Fri:09:00-Fri:09:30\"),\n\t\t\tBackupRetentionPeriod: pulumi.Int(0),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := rds.NewSnapshot(ctx, \"example\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: example.Identifier,\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"testsnapshot1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewSnapshotCopy(ctx, \"example\", \u0026rds.SnapshotCopyArgs{\n\t\t\tSourceDbSnapshotIdentifier: exampleSnapshot.DbSnapshotArn,\n\t\t\tTargetDbSnapshotIdentifier: pulumi.String(\"testsnapshot1234-copy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.Snapshot;\nimport com.pulumi.aws.rds.SnapshotArgs;\nimport com.pulumi.aws.rds.SnapshotCopy;\nimport com.pulumi.aws.rds.SnapshotCopyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Instance(\"example\", InstanceArgs.builder()\n .allocatedStorage(10)\n .engine(\"mysql\")\n .engineVersion(\"5.6.21\")\n .instanceClass(\"db.t2.micro\")\n .dbName(\"baz\")\n .password(\"barbarbarbar\")\n .username(\"foo\")\n .maintenanceWindow(\"Fri:09:00-Fri:09:30\")\n .backupRetentionPeriod(0)\n .parameterGroupName(\"default.mysql5.6\")\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder()\n .dbInstanceIdentifier(example.identifier())\n .dbSnapshotIdentifier(\"testsnapshot1234\")\n .build());\n\n var exampleSnapshotCopy = new SnapshotCopy(\"exampleSnapshotCopy\", SnapshotCopyArgs.builder()\n .sourceDbSnapshotIdentifier(exampleSnapshot.dbSnapshotArn())\n .targetDbSnapshotIdentifier(\"testsnapshot1234-copy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n engine: mysql\n engineVersion: 5.6.21\n instanceClass: db.t2.micro\n dbName: baz\n password: barbarbarbar\n username: foo\n maintenanceWindow: Fri:09:00-Fri:09:30\n backupRetentionPeriod: 0\n parameterGroupName: default.mysql5.6\n exampleSnapshot:\n type: aws:rds:Snapshot\n name: example\n properties:\n dbInstanceIdentifier: ${example.identifier}\n dbSnapshotIdentifier: testsnapshot1234\n exampleSnapshotCopy:\n type: aws:rds:SnapshotCopy\n name: example\n properties:\n sourceDbSnapshotIdentifier: ${exampleSnapshot.dbSnapshotArn}\n targetDbSnapshotIdentifier: testsnapshot1234-copy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_db_snapshot_copy` using the snapshot identifier. For example:\n\n```sh\n$ pulumi import aws:rds/snapshotCopy:SnapshotCopy example my-snapshot\n```\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "copyTags": { "type": "boolean", "description": "Whether to copy existing tags. Defaults to `false`.\n" }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "destinationRegion": { "type": "string", "description": "The Destination region to place snapshot copy.\n" }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ID.\n" }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "The name of an option group to associate with the copy of the snapshot.\n" }, "port": { "type": "integer" }, "presignedUrl": { "type": "string", "description": "he URL that contains a Signature Version 4 signed request.\n" }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "(Optional) List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "Snapshot identifier of the source snapshot.\n" }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCustomAvailabilityZone": { "type": "string", "description": "The external custom Availability Zone.\n" }, "targetDbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n" }, "vpcId": { "type": "string", "description": "Provides the VPC ID associated with the DB snapshot.\n" } }, "required": [ "allocatedStorage", "availabilityZone", "dbSnapshotArn", "encrypted", "engine", "engineVersion", "iops", "licenseModel", "optionGroupName", "port", "snapshotType", "sourceDbSnapshotIdentifier", "sourceRegion", "storageType", "tagsAll", "targetDbSnapshotIdentifier", "vpcId" ], "inputProperties": { "copyTags": { "type": "boolean", "description": "Whether to copy existing tags. Defaults to `false`.\n", "willReplaceOnChanges": true }, "destinationRegion": { "type": "string", "description": "The Destination region to place snapshot copy.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "KMS key ID.\n", "willReplaceOnChanges": true }, "optionGroupName": { "type": "string", "description": "The name of an option group to associate with the copy of the snapshot.\n", "willReplaceOnChanges": true }, "presignedUrl": { "type": "string", "description": "he URL that contains a Signature Version 4 signed request.\n", "willReplaceOnChanges": true }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "(Optional) List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "Snapshot identifier of the source snapshot.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetCustomAvailabilityZone": { "type": "string", "description": "The external custom Availability Zone.\n", "willReplaceOnChanges": true }, "targetDbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "sourceDbSnapshotIdentifier", "targetDbSnapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopy resources.\n", "properties": { "allocatedStorage": { "type": "integer", "description": "Specifies the allocated storage size in gigabytes (GB).\n" }, "availabilityZone": { "type": "string", "description": "Specifies the name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n" }, "copyTags": { "type": "boolean", "description": "Whether to copy existing tags. Defaults to `false`.\n", "willReplaceOnChanges": true }, "dbSnapshotArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the DB snapshot.\n" }, "destinationRegion": { "type": "string", "description": "The Destination region to place snapshot copy.\n", "willReplaceOnChanges": true }, "encrypted": { "type": "boolean", "description": "Specifies whether the DB snapshot is encrypted.\n" }, "engine": { "type": "string", "description": "Specifies the name of the database engine.\n" }, "engineVersion": { "type": "string", "description": "Specifies the version of the database engine.\n" }, "iops": { "type": "integer", "description": "Specifies the Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "KMS key ID.\n", "willReplaceOnChanges": true }, "licenseModel": { "type": "string", "description": "License model information for the restored DB instance.\n" }, "optionGroupName": { "type": "string", "description": "The name of an option group to associate with the copy of the snapshot.\n", "willReplaceOnChanges": true }, "port": { "type": "integer" }, "presignedUrl": { "type": "string", "description": "he URL that contains a Signature Version 4 signed request.\n", "willReplaceOnChanges": true }, "sharedAccounts": { "type": "array", "items": { "type": "string" }, "description": "(Optional) List of AWS Account ids to share snapshot with, use `all` to make snaphot public.\n" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "type": "string", "description": "Snapshot identifier of the source snapshot.\n", "willReplaceOnChanges": true }, "sourceRegion": { "type": "string", "description": "The region that the DB snapshot was created in or copied from.\n" }, "storageType": { "type": "string", "description": "Specifies the storage type associated with DB snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetCustomAvailabilityZone": { "type": "string", "description": "The external custom Availability Zone.\n", "willReplaceOnChanges": true }, "targetDbSnapshotIdentifier": { "type": "string", "description": "The Identifier for the snapshot.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "Provides the VPC ID associated with the DB snapshot.\n" } }, "type": "object" } }, "aws:rds/subnetGroup:SubnetGroup": { "description": "Provides an RDS DB subnet group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.SubnetGroup(\"default\", {\n name: \"main\",\n subnetIds: [\n frontend.id,\n backend.id,\n ],\n tags: {\n Name: \"My DB subnet group\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.SubnetGroup(\"default\",\n name=\"main\",\n subnet_ids=[\n frontend[\"id\"],\n backend[\"id\"],\n ],\n tags={\n \"Name\": \"My DB subnet group\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.SubnetGroup(\"default\", new()\n {\n Name = \"main\",\n SubnetIds = new[]\n {\n frontend.Id,\n backend.Id,\n },\n Tags = \n {\n { \"Name\", \"My DB subnet group\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewSubnetGroup(ctx, \"default\", \u0026rds.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"main\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfrontend.Id,\n\t\t\t\tbackend.Id,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My DB subnet group\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.SubnetGroup;\nimport com.pulumi.aws.rds.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SubnetGroup(\"default\", SubnetGroupArgs.builder()\n .name(\"main\")\n .subnetIds( \n frontend.id(),\n backend.id())\n .tags(Map.of(\"Name\", \"My DB subnet group\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:SubnetGroup\n properties:\n name: main\n subnetIds:\n - ${frontend.id}\n - ${backend.id}\n tags:\n Name: My DB subnet group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DB Subnet groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:rds/subnetGroup:SubnetGroup default production-subnet-group\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db subnet group.\n" }, "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "supportedNetworkTypes": { "type": "array", "items": { "type": "string" }, "description": "The network type of the db subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Provides the VPC ID of the DB subnet group.\n" } }, "required": [ "arn", "description", "name", "namePrefix", "subnetIds", "supportedNetworkTypes", "tagsAll", "vpcId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the db subnet group.\n" }, "description": { "type": "string", "description": "The description of the DB subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the DB subnet group. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "A list of VPC subnet IDs.\n" }, "supportedNetworkTypes": { "type": "array", "items": { "type": "string" }, "description": "The network type of the db subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "Provides the VPC ID of the DB subnet group.\n" } }, "type": "object" } }, "aws:redshift/authenticationProfile:AuthenticationProfile": { "description": "Creates a Redshift authentication profile\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.AuthenticationProfile(\"example\", {\n authenticationProfileName: \"example\",\n authenticationProfileContent: JSON.stringify({\n AllowDBUserOverride: \"1\",\n Client_ID: \"ExampleClientID\",\n App_ID: \"example\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.AuthenticationProfile(\"example\",\n authentication_profile_name=\"example\",\n authentication_profile_content=json.dumps({\n \"AllowDBUserOverride\": \"1\",\n \"Client_ID\": \"ExampleClientID\",\n \"App_ID\": \"example\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.AuthenticationProfile(\"example\", new()\n {\n AuthenticationProfileName = \"example\",\n AuthenticationProfileContent = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"AllowDBUserOverride\"] = \"1\",\n [\"Client_ID\"] = \"ExampleClientID\",\n [\"App_ID\"] = \"example\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"AllowDBUserOverride\": \"1\",\n\t\t\t\"Client_ID\": \"ExampleClientID\",\n\t\t\t\"App_ID\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewAuthenticationProfile(ctx, \"example\", \u0026redshift.AuthenticationProfileArgs{\n\t\t\tAuthenticationProfileName: pulumi.String(\"example\"),\n\t\t\tAuthenticationProfileContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.AuthenticationProfile;\nimport com.pulumi.aws.redshift.AuthenticationProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthenticationProfile(\"example\", AuthenticationProfileArgs.builder()\n .authenticationProfileName(\"example\")\n .authenticationProfileContent(serializeJson(\n jsonObject(\n jsonProperty(\"AllowDBUserOverride\", \"1\"),\n jsonProperty(\"Client_ID\", \"ExampleClientID\"),\n jsonProperty(\"App_ID\", \"example\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:AuthenticationProfile\n properties:\n authenticationProfileName: example\n authenticationProfileContent:\n fn::toJSON:\n AllowDBUserOverride: '1'\n Client_ID: ExampleClientID\n App_ID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Authentication by `authentication_profile_name`. For example:\n\n```sh\n$ pulumi import aws:redshift/authenticationProfile:AuthenticationProfile test example\n```\n", "properties": { "authenticationProfileContent": { "type": "string", "description": "The content of the authentication profile in JSON format. The maximum length of the JSON string is determined by a quota for your account.\n" }, "authenticationProfileName": { "type": "string", "description": "The name of the authentication profile.\n" } }, "required": [ "authenticationProfileContent", "authenticationProfileName" ], "inputProperties": { "authenticationProfileContent": { "type": "string", "description": "The content of the authentication profile in JSON format. The maximum length of the JSON string is determined by a quota for your account.\n" }, "authenticationProfileName": { "type": "string", "description": "The name of the authentication profile.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authenticationProfileContent", "authenticationProfileName" ], "stateInputs": { "description": "Input properties used for looking up and filtering AuthenticationProfile resources.\n", "properties": { "authenticationProfileContent": { "type": "string", "description": "The content of the authentication profile in JSON format. The maximum length of the JSON string is determined by a quota for your account.\n" }, "authenticationProfileName": { "type": "string", "description": "The name of the authentication profile.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshift/cluster:Cluster": { "description": "Provides a Redshift Cluster Resource.\n\n\n\u003e **NOTE:** A Redshift cluster's default IAM role can be managed both by this resource's `default_iam_role_arn` argument and the `aws.redshift.ClusterIamRoles` resource's `default_iam_role_arn` argument. Do not configure different values for both arguments. Doing so will cause a conflict of default IAM roles.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.Cluster(\"example\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"mydb\",\n masterUsername: \"exampleuser\",\n masterPassword: \"Mustbe8characters\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.Cluster(\"example\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"mydb\",\n master_username=\"exampleuser\",\n master_password=\"Mustbe8characters\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"mydb\",\n MasterUsername = \"exampleuser\",\n MasterPassword = \"Mustbe8characters\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewCluster(ctx, \"example\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"exampleuser\"),\n\t\t\tMasterPassword: pulumi.String(\"Mustbe8characters\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"mydb\")\n .masterUsername(\"exampleuser\")\n .masterPassword(\"Mustbe8characters\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:Cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: mydb\n masterUsername: exampleuser\n masterPassword: Mustbe8characters\n nodeType: dc1.large\n clusterType: single-node\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Managed Credentials\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.Cluster(\"example\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"mydb\",\n masterUsername: \"exampleuser\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n manageMasterPassword: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.Cluster(\"example\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"mydb\",\n master_username=\"exampleuser\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\",\n manage_master_password=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"mydb\",\n MasterUsername = \"exampleuser\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n ManageMasterPassword = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewCluster(ctx, \"example\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"exampleuser\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t\tManageMasterPassword: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"mydb\")\n .masterUsername(\"exampleuser\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .manageMasterPassword(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:Cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: mydb\n masterUsername: exampleuser\n nodeType: dc1.large\n clusterType: single-node\n manageMasterPassword: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Clusters using the `cluster_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/cluster:Cluster myprodcluster tf-redshift-cluster-12345\n```\n", "properties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is `true`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "aquaConfigurationStatus": { "type": "string", "description": "The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored.\nNo longer supported by the AWS API.\nAlways returns `auto`.\n", "deprecationMessage": "This parameter is no longer supported by the AWS API. It will be removed in the next major version of the provider." }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency. Can only be changed if `availability_zone_relocation_enabled` is `true`.\n" }, "availabilityZoneRelocationEnabled": { "type": "boolean", "description": "If true, the cluster can be relocated to another availabity zone, either automatically by AWS or when requested. Default is `false`. Available for use on clusters from the RA3 instance family.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case string.\n" }, "clusterNamespaceArn": { "type": "string", "description": "The namespace Amazon Resource Name (ARN) of the cluster\n" }, "clusterNodes": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ClusterClusterNode:ClusterClusterNode" }, "description": "The nodes in the cluster. Cluster node blocks are documented below\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n" }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the cluster\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n", "deprecationMessage": "Use the aws.redshift.Logging resource instead. This argument will be removed in a future major version." }, "maintenanceTrackName": { "type": "string", "description": "The name of the maintenance track for the restored cluster. When you take a snapshot, the snapshot inherits the MaintenanceTrack value from the cluster. The snapshot might be on a different track than the cluster that was the source for the snapshot. For example, suppose that you take a snapshot of a cluster that is on the current track and then change the cluster to be on the trailing track. In this case, the snapshot and the source cluster are on different tracks. Default value is `current`.\n" }, "manageMasterPassword": { "type": "boolean", "description": "Whether to use AWS SecretsManager to manage the cluster admin credentials.\nConflicts with `master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. Valid values are between `-1` and `3653`. Default value is `-1`.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nConflicts with `manage_master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\nNote that this may show up in logs, and it will be stored in the state file.\nPassword must contain at least 8 characters and contain at least one uppercase letter, one lowercase letter, and one number.\n", "secret": true }, "masterPasswordSecretArn": { "type": "string", "description": "ARN of the cluster admin credentials secret\n" }, "masterPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the cluster admin credentials secret.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n" }, "multiAz": { "type": "boolean", "description": "Specifies if the Redshift cluster is multi-AZ.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections. Valid values are between `1115` and `65535`.\nThe cluster is accessible only via the JDBC and ODBC connection strings.\nPart of the connection string requires the port on which the cluster will listen for incoming connections.\nDefault port is `5439`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotArn": { "type": "string", "description": "The ARN of the snapshot from which to create the new cluster. Conflicts with `snapshot_identifier`.\n" }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n" }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n", "deprecationMessage": "Use the aws.redshift.SnapshotCopy resource instead. This argument will be removed in a future major version." }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster. Conflicts with `snapshot_arn`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "required": [ "aquaConfigurationStatus", "arn", "availabilityZone", "clusterIdentifier", "clusterNamespaceArn", "clusterNodes", "clusterParameterGroupName", "clusterPublicKey", "clusterRevisionNumber", "clusterSubnetGroupName", "clusterType", "databaseName", "defaultIamRoleArn", "dnsName", "endpoint", "enhancedVpcRouting", "iamRoles", "kmsKeyId", "logging", "masterPasswordSecretArn", "masterPasswordSecretKmsKeyId", "nodeType", "preferredMaintenanceWindow", "snapshotCopy", "tagsAll", "vpcSecurityGroupIds" ], "inputProperties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is `true`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "aquaConfigurationStatus": { "type": "string", "description": "The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored.\nNo longer supported by the AWS API.\nAlways returns `auto`.\n", "deprecationMessage": "This parameter is no longer supported by the AWS API. It will be removed in the next major version of the provider." }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency. Can only be changed if `availability_zone_relocation_enabled` is `true`.\n" }, "availabilityZoneRelocationEnabled": { "type": "boolean", "description": "If true, the cluster can be relocated to another availabity zone, either automatically by AWS or when requested. Default is `false`. Available for use on clusters from the RA3 instance family.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case string.\n", "willReplaceOnChanges": true }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n", "willReplaceOnChanges": true }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n", "deprecationMessage": "Use the aws.redshift.Logging resource instead. This argument will be removed in a future major version." }, "maintenanceTrackName": { "type": "string", "description": "The name of the maintenance track for the restored cluster. When you take a snapshot, the snapshot inherits the MaintenanceTrack value from the cluster. The snapshot might be on a different track than the cluster that was the source for the snapshot. For example, suppose that you take a snapshot of a cluster that is on the current track and then change the cluster to be on the trailing track. In this case, the snapshot and the source cluster are on different tracks. Default value is `current`.\n" }, "manageMasterPassword": { "type": "boolean", "description": "Whether to use AWS SecretsManager to manage the cluster admin credentials.\nConflicts with `master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. Valid values are between `-1` and `3653`. Default value is `-1`.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nConflicts with `manage_master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\nNote that this may show up in logs, and it will be stored in the state file.\nPassword must contain at least 8 characters and contain at least one uppercase letter, one lowercase letter, and one number.\n", "secret": true }, "masterPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the cluster admin credentials secret.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n", "willReplaceOnChanges": true }, "multiAz": { "type": "boolean", "description": "Specifies if the Redshift cluster is multi-AZ.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections. Valid values are between `1115` and `65535`.\nThe cluster is accessible only via the JDBC and ODBC connection strings.\nPart of the connection string requires the port on which the cluster will listen for incoming connections.\nDefault port is `5439`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotArn": { "type": "string", "description": "The ARN of the snapshot from which to create the new cluster. Conflicts with `snapshot_identifier`.\n", "willReplaceOnChanges": true }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n", "willReplaceOnChanges": true }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n", "deprecationMessage": "Use the aws.redshift.SnapshotCopy resource instead. This argument will be removed in a future major version." }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster. Conflicts with `snapshot_arn`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "requiredInputs": [ "clusterIdentifier", "nodeType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "allowVersionUpgrade": { "type": "boolean", "description": "If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is `true`.\n" }, "applyImmediately": { "type": "boolean", "description": "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`.\n" }, "aquaConfigurationStatus": { "type": "string", "description": "The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored.\nNo longer supported by the AWS API.\nAlways returns `auto`.\n", "deprecationMessage": "This parameter is no longer supported by the AWS API. It will be removed in the next major version of the provider." }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of cluster\n" }, "automatedSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with create-cluster-snapshot. Default is 1.\n" }, "availabilityZone": { "type": "string", "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency. Can only be changed if `availability_zone_relocation_enabled` is `true`.\n" }, "availabilityZoneRelocationEnabled": { "type": "boolean", "description": "If true, the cluster can be relocated to another availabity zone, either automatically by AWS or when requested. Default is `false`. Available for use on clusters from the RA3 instance family.\n" }, "clusterIdentifier": { "type": "string", "description": "The Cluster Identifier. Must be a lower case string.\n", "willReplaceOnChanges": true }, "clusterNamespaceArn": { "type": "string", "description": "The namespace Amazon Resource Name (ARN) of the cluster\n" }, "clusterNodes": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ClusterClusterNode:ClusterClusterNode" }, "description": "The nodes in the cluster. Cluster node blocks are documented below\n" }, "clusterParameterGroupName": { "type": "string", "description": "The name of the parameter group to be associated with this cluster.\n" }, "clusterPublicKey": { "type": "string", "description": "The public key for the cluster\n" }, "clusterRevisionNumber": { "type": "string", "description": "The specific revision number of the database in the cluster\n" }, "clusterSubnetGroupName": { "type": "string", "description": "The name of a cluster subnet group to be associated with this cluster. If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).\n", "willReplaceOnChanges": true }, "clusterType": { "type": "string", "description": "The cluster type to use. Either `single-node` or `multi-node`.\n" }, "clusterVersion": { "type": "string", "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\nThe version selected runs on all the nodes in the cluster.\n" }, "databaseName": { "type": "string", "description": "The name of the first database to be created when the cluster is created.\nIf you do not provide a name, Amazon Redshift will create a default database called `dev`.\n" }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "dnsName": { "type": "string", "description": "The DNS name of the cluster\n" }, "elasticIp": { "type": "string", "description": "The Elastic IP (EIP) address for the cluster.\n" }, "encrypted": { "type": "boolean", "description": "If true , the data in the cluster is encrypted at rest.\n" }, "endpoint": { "type": "string", "description": "The connection endpoint\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "If true , enhanced VPC routing is enabled.\n" }, "finalSnapshotIdentifier": { "type": "string", "description": "The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be false.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN for the KMS encryption key. When specifying `kms_key_id`, `encrypted` needs to be set to true.\n" }, "logging": { "$ref": "#/types/aws:redshift/ClusterLogging:ClusterLogging", "description": "Logging, documented below.\n", "deprecationMessage": "Use the aws.redshift.Logging resource instead. This argument will be removed in a future major version." }, "maintenanceTrackName": { "type": "string", "description": "The name of the maintenance track for the restored cluster. When you take a snapshot, the snapshot inherits the MaintenanceTrack value from the cluster. The snapshot might be on a different track than the cluster that was the source for the snapshot. For example, suppose that you take a snapshot of a cluster that is on the current track and then change the cluster to be on the trailing track. In this case, the snapshot and the source cluster are on different tracks. Default value is `current`.\n" }, "manageMasterPassword": { "type": "boolean", "description": "Whether to use AWS SecretsManager to manage the cluster admin credentials.\nConflicts with `master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. Valid values are between `-1` and `3653`. Default value is `-1`.\n" }, "masterPassword": { "type": "string", "description": "Password for the master DB user.\nConflicts with `manage_master_password`.\nOne of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided.\nNote that this may show up in logs, and it will be stored in the state file.\nPassword must contain at least 8 characters and contain at least one uppercase letter, one lowercase letter, and one number.\n", "secret": true }, "masterPasswordSecretArn": { "type": "string", "description": "ARN of the cluster admin credentials secret\n" }, "masterPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the cluster admin credentials secret.\n" }, "masterUsername": { "type": "string", "description": "Username for the master DB user.\n", "willReplaceOnChanges": true }, "multiAz": { "type": "boolean", "description": "Specifies if the Redshift cluster is multi-AZ.\n" }, "nodeType": { "type": "string", "description": "The node type to be provisioned for the cluster.\n" }, "numberOfNodes": { "type": "integer", "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1.\n" }, "ownerAccount": { "type": "string", "description": "The AWS customer account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections. Valid values are between `1115` and `65535`.\nThe cluster is accessible only via the JDBC and ODBC connection strings.\nPart of the connection string requires the port on which the cluster will listen for incoming connections.\nDefault port is `5439`.\n" }, "preferredMaintenanceWindow": { "type": "string", "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\nFormat: ddd:hh24:mi-ddd:hh24:mi\n" }, "publiclyAccessible": { "type": "boolean", "description": "If true, the cluster can be accessed from a public network. Default is `true`.\n" }, "skipFinalSnapshot": { "type": "boolean", "description": "Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is false.\n" }, "snapshotArn": { "type": "string", "description": "The ARN of the snapshot from which to create the new cluster. Conflicts with `snapshot_identifier`.\n", "willReplaceOnChanges": true }, "snapshotClusterIdentifier": { "type": "string", "description": "The name of the cluster the source snapshot was created from.\n", "willReplaceOnChanges": true }, "snapshotCopy": { "$ref": "#/types/aws:redshift/ClusterSnapshotCopy:ClusterSnapshotCopy", "description": "Configuration of automatic copy of snapshots from one region to another. Documented below.\n", "deprecationMessage": "Use the aws.redshift.SnapshotCopy resource instead. This argument will be removed in a future major version." }, "snapshotIdentifier": { "type": "string", "description": "The name of the snapshot from which to create the new cluster. Conflicts with `snapshot_arn`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n" } }, "type": "object" } }, "aws:redshift/clusterIamRoles:ClusterIamRoles": { "description": "Provides a Redshift Cluster IAM Roles resource.\n\n\u003e **NOTE:** A Redshift cluster's default IAM role can be managed both by this resource's `default_iam_role_arn` argument and the `aws.redshift.Cluster` resource's `default_iam_role_arn` argument. Do not configure different values for both arguments. Doing so will cause a conflict of default IAM roles.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.ClusterIamRoles(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.clusterIdentifier,\n iamRoleArns: [exampleAwsIamRole.arn],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.ClusterIamRoles(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"clusterIdentifier\"],\n iam_role_arns=[example_aws_iam_role[\"arn\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.ClusterIamRoles(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.ClusterIdentifier,\n IamRoleArns = new[]\n {\n exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewClusterIamRoles(ctx, \"example\", \u0026redshift.ClusterIamRolesArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.ClusterIdentifier),\n\t\t\tIamRoleArns: pulumi.StringArray{\n\t\t\t\texampleAwsIamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ClusterIamRoles;\nimport com.pulumi.aws.redshift.ClusterIamRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterIamRoles(\"example\", ClusterIamRolesArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.clusterIdentifier())\n .iamRoleArns(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ClusterIamRoles\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.clusterIdentifier}\n iamRoleArns:\n - ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Cluster IAM Roless using the `cluster_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/clusterIamRoles:ClusterIamRoles examplegroup1 example\n```\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The name of the Redshift Cluster IAM Roles.\n" }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "iamRoleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" } }, "required": [ "clusterIdentifier", "defaultIamRoleArn", "iamRoleArns" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The name of the Redshift Cluster IAM Roles.\n", "willReplaceOnChanges": true }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "iamRoleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" } }, "requiredInputs": [ "clusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterIamRoles resources.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The name of the Redshift Cluster IAM Roles.\n", "willReplaceOnChanges": true }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created.\n" }, "iamRoleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM Role ARNs to associate with the cluster. A Maximum of 10 can be associated to the cluster at any time.\n" } }, "type": "object" } }, "aws:redshift/clusterSnapshot:ClusterSnapshot": { "description": "Creates a Redshift cluster snapshot\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:redshift:ClusterSnapshot\n properties:\n clusterSnapshotName: example\n clusterSnapshotContent:\n fn::toJSON:\n AllowDBUserOverride: '1'\n Client_ID: ExampleClientID\n App_ID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Cluster Snapshots using `snapshot_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/clusterSnapshot:ClusterSnapshot test example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the snapshot.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier for which you want a snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The Key Management Service (KMS) key ID of the encryption key that was used to encrypt data in the cluster from which the snapshot was taken.\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that a manual snapshot is retained. If the value is `-1`, the manual snapshot is retained indefinitely. Valid values are -1 and between `1` and `3653`.\n" }, "ownerAccount": { "type": "string", "description": "For manual snapshots, the Amazon Web Services account used to create or copy the snapshot. For automatic snapshots, the owner of the cluster. The owner can perform all snapshot actions, such as sharing a manual snapshot.\n" }, "snapshotIdentifier": { "type": "string", "description": "A unique identifier for the snapshot that you are requesting. This identifier must be unique for all snapshots within the Amazon Web Services account.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "clusterIdentifier", "kmsKeyId", "ownerAccount", "snapshotIdentifier", "tagsAll" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier for which you want a snapshot.\n", "willReplaceOnChanges": true }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that a manual snapshot is retained. If the value is `-1`, the manual snapshot is retained indefinitely. Valid values are -1 and between `1` and `3653`.\n" }, "snapshotIdentifier": { "type": "string", "description": "A unique identifier for the snapshot that you are requesting. This identifier must be unique for all snapshots within the Amazon Web Services account.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "clusterIdentifier", "snapshotIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ClusterSnapshot resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the snapshot.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier for which you want a snapshot.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The Key Management Service (KMS) key ID of the encryption key that was used to encrypt data in the cluster from which the snapshot was taken.\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "The number of days that a manual snapshot is retained. If the value is `-1`, the manual snapshot is retained indefinitely. Valid values are -1 and between `1` and `3653`.\n" }, "ownerAccount": { "type": "string", "description": "For manual snapshots, the Amazon Web Services account used to create or copy the snapshot. For automatic snapshots, the owner of the cluster. The owner can perform all snapshot actions, such as sharing a manual snapshot.\n" }, "snapshotIdentifier": { "type": "string", "description": "A unique identifier for the snapshot that you are requesting. This identifier must be unique for all snapshots within the Amazon Web Services account.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/dataShareAuthorization:DataShareAuthorization": { "description": "Resource for managing an AWS Redshift Data Share Authorization.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.DataShareAuthorization(\"example\", {\n consumerIdentifier: \"012345678901\",\n dataShareArn: \"arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.DataShareAuthorization(\"example\",\n consumer_identifier=\"012345678901\",\n data_share_arn=\"arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.DataShareAuthorization(\"example\", new()\n {\n ConsumerIdentifier = \"012345678901\",\n DataShareArn = \"arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewDataShareAuthorization(ctx, \"example\", \u0026redshift.DataShareAuthorizationArgs{\n\t\t\tConsumerIdentifier: pulumi.String(\"012345678901\"),\n\t\t\tDataShareArn: pulumi.String(\"arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.DataShareAuthorization;\nimport com.pulumi.aws.redshift.DataShareAuthorizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataShareAuthorization(\"example\", DataShareAuthorizationArgs.builder()\n .consumerIdentifier(\"012345678901\")\n .dataShareArn(\"arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:DataShareAuthorization\n properties:\n consumerIdentifier: '012345678901'\n dataShareArn: arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Data Share Authorization using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/dataShareAuthorization:DataShareAuthorization example arn:aws:redshift:us-west-2:012345678901:datashare:3072dae5-022b-4d45-9cd3-01f010aae4b2/example_share,012345678901\n```\n", "properties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "consumerIdentifier": { "type": "string", "description": "Identifier of the data consumer that is authorized to access the datashare. This identifier is an AWS account ID or a keyword, such as `ADX`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that producers are to authorize sharing for.\n\nThe following arguments are optional:\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer.\n" } }, "required": [ "consumerIdentifier", "dataShareArn", "managedBy", "producerArn" ], "inputProperties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "consumerIdentifier": { "type": "string", "description": "Identifier of the data consumer that is authorized to access the datashare. This identifier is an AWS account ID or a keyword, such as `ADX`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that producers are to authorize sharing for.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "consumerIdentifier", "dataShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataShareAuthorization resources.\n", "properties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "consumerIdentifier": { "type": "string", "description": "Identifier of the data consumer that is authorized to access the datashare. This identifier is an AWS account ID or a keyword, such as `ADX`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that producers are to authorize sharing for.\n\nThe following arguments are optional:\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer.\n" } }, "type": "object" } }, "aws:redshift/dataShareConsumerAssociation:DataShareConsumerAssociation": { "description": "Resource for managing an AWS Redshift Data Share Consumer Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.DataShareConsumerAssociation(\"example\", {\n dataShareArn: \"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n associateEntireAccount: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.DataShareConsumerAssociation(\"example\",\n data_share_arn=\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n associate_entire_account=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.DataShareConsumerAssociation(\"example\", new()\n {\n DataShareArn = \"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n AssociateEntireAccount = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewDataShareConsumerAssociation(ctx, \"example\", \u0026redshift.DataShareConsumerAssociationArgs{\n\t\t\tDataShareArn: pulumi.String(\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\"),\n\t\t\tAssociateEntireAccount: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.DataShareConsumerAssociation;\nimport com.pulumi.aws.redshift.DataShareConsumerAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataShareConsumerAssociation(\"example\", DataShareConsumerAssociationArgs.builder()\n .dataShareArn(\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\")\n .associateEntireAccount(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:DataShareConsumerAssociation\n properties:\n dataShareArn: arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\n associateEntireAccount: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Consumer Region\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.DataShareConsumerAssociation(\"example\", {\n dataShareArn: \"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n consumerRegion: \"us-west-2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.DataShareConsumerAssociation(\"example\",\n data_share_arn=\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n consumer_region=\"us-west-2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.DataShareConsumerAssociation(\"example\", new()\n {\n DataShareArn = \"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\",\n ConsumerRegion = \"us-west-2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewDataShareConsumerAssociation(ctx, \"example\", \u0026redshift.DataShareConsumerAssociationArgs{\n\t\t\tDataShareArn: pulumi.String(\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\"),\n\t\t\tConsumerRegion: pulumi.String(\"us-west-2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.DataShareConsumerAssociation;\nimport com.pulumi.aws.redshift.DataShareConsumerAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataShareConsumerAssociation(\"example\", DataShareConsumerAssociationArgs.builder()\n .dataShareArn(\"arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\")\n .consumerRegion(\"us-west-2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:DataShareConsumerAssociation\n properties:\n dataShareArn: arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example\n consumerRegion: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Data Share Consumer Association using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/dataShareConsumerAssociation:DataShareConsumerAssociation example arn:aws:redshift:us-west-2:012345678901:datashare:b3bfde75-73fd-408b-9086-d6fccfd6d588/example,,,us-west-2\n```\n", "properties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "associateEntireAccount": { "type": "boolean", "description": "Whether the datashare is associated with the entire account. Conflicts with `consumer_arn` and `consumer_region`.\n" }, "consumerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the consumer that is associated with the datashare. Conflicts with `associate_entire_account` and `consumer_region`.\n" }, "consumerRegion": { "type": "string", "description": "From a datashare consumer account, associates a datashare with all existing and future namespaces in the specified AWS Region. Conflicts with `associate_entire_account` and `consumer_arn`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that the consumer is to use with the account or the namespace.\n\nThe following arguments are optional:\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer.\n" } }, "required": [ "dataShareArn", "managedBy", "producerArn" ], "inputProperties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "associateEntireAccount": { "type": "boolean", "description": "Whether the datashare is associated with the entire account. Conflicts with `consumer_arn` and `consumer_region`.\n" }, "consumerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the consumer that is associated with the datashare. Conflicts with `associate_entire_account` and `consumer_region`.\n" }, "consumerRegion": { "type": "string", "description": "From a datashare consumer account, associates a datashare with all existing and future namespaces in the specified AWS Region. Conflicts with `associate_entire_account` and `consumer_arn`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that the consumer is to use with the account or the namespace.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "dataShareArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataShareConsumerAssociation resources.\n", "properties": { "allowWrites": { "type": "boolean", "description": "Whether to allow write operations for a datashare.\n" }, "associateEntireAccount": { "type": "boolean", "description": "Whether the datashare is associated with the entire account. Conflicts with `consumer_arn` and `consumer_region`.\n" }, "consumerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the consumer that is associated with the datashare. Conflicts with `associate_entire_account` and `consumer_region`.\n" }, "consumerRegion": { "type": "string", "description": "From a datashare consumer account, associates a datashare with all existing and future namespaces in the specified AWS Region. Conflicts with `associate_entire_account` and `consumer_arn`.\n" }, "dataShareArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the datashare that the consumer is to use with the account or the namespace.\n\nThe following arguments are optional:\n" }, "managedBy": { "type": "string", "description": "Identifier of a datashare to show its managing entity.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer.\n" } }, "type": "object" } }, "aws:redshift/endpointAccess:EndpointAccess": { "description": "Creates a new Amazon Redshift endpoint access.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.EndpointAccess(\"example\", {\n endpointName: \"example\",\n subnetGroupName: exampleAwsRedshiftSubnetGroup.id,\n clusterIdentifier: exampleAwsRedshiftCluster.clusterIdentifier,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.EndpointAccess(\"example\",\n endpoint_name=\"example\",\n subnet_group_name=example_aws_redshift_subnet_group[\"id\"],\n cluster_identifier=example_aws_redshift_cluster[\"clusterIdentifier\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.EndpointAccess(\"example\", new()\n {\n EndpointName = \"example\",\n SubnetGroupName = exampleAwsRedshiftSubnetGroup.Id,\n ClusterIdentifier = exampleAwsRedshiftCluster.ClusterIdentifier,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewEndpointAccess(ctx, \"example\", \u0026redshift.EndpointAccessArgs{\n\t\t\tEndpointName: pulumi.String(\"example\"),\n\t\t\tSubnetGroupName: pulumi.Any(exampleAwsRedshiftSubnetGroup.Id),\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.ClusterIdentifier),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.EndpointAccess;\nimport com.pulumi.aws.redshift.EndpointAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointAccess(\"example\", EndpointAccessArgs.builder()\n .endpointName(\"example\")\n .subnetGroupName(exampleAwsRedshiftSubnetGroup.id())\n .clusterIdentifier(exampleAwsRedshiftCluster.clusterIdentifier())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:EndpointAccess\n properties:\n endpointName: example\n subnetGroupName: ${exampleAwsRedshiftSubnetGroup.id}\n clusterIdentifier: ${exampleAwsRedshiftCluster.clusterIdentifier}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift endpoint access using the `name`. For example:\n\n```sh\n$ pulumi import aws:redshift/endpointAccess:EndpointAccess example example\n```\n", "properties": { "address": { "type": "string", "description": "The DNS address of the endpoint.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to access.\n" }, "endpointName": { "type": "string", "description": "The Redshift-managed VPC endpoint name.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "resourceOwner": { "type": "string", "description": "The Amazon Web Services account ID of the owner of the cluster. This is only required if the cluster is in another Amazon Web Services account.\n" }, "subnetGroupName": { "type": "string", "description": "The subnet group from which Amazon Redshift chooses the subnet to deploy the endpoint.\n" }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshift/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint" }, "description": "The connection endpoint for connecting to an Amazon Redshift cluster through the proxy. See details below.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.\n" } }, "required": [ "address", "clusterIdentifier", "endpointName", "port", "resourceOwner", "subnetGroupName", "vpcEndpoints", "vpcSecurityGroupIds" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to access.\n", "willReplaceOnChanges": true }, "endpointName": { "type": "string", "description": "The Redshift-managed VPC endpoint name.\n", "willReplaceOnChanges": true }, "resourceOwner": { "type": "string", "description": "The Amazon Web Services account ID of the owner of the cluster. This is only required if the cluster is in another Amazon Web Services account.\n", "willReplaceOnChanges": true }, "subnetGroupName": { "type": "string", "description": "The subnet group from which Amazon Redshift chooses the subnet to deploy the endpoint.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.\n" } }, "requiredInputs": [ "clusterIdentifier", "endpointName", "subnetGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointAccess resources.\n", "properties": { "address": { "type": "string", "description": "The DNS address of the endpoint.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to access.\n", "willReplaceOnChanges": true }, "endpointName": { "type": "string", "description": "The Redshift-managed VPC endpoint name.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "resourceOwner": { "type": "string", "description": "The Amazon Web Services account ID of the owner of the cluster. This is only required if the cluster is in another Amazon Web Services account.\n", "willReplaceOnChanges": true }, "subnetGroupName": { "type": "string", "description": "The subnet group from which Amazon Redshift chooses the subnet to deploy the endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshift/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint" }, "description": "The connection endpoint for connecting to an Amazon Redshift cluster through the proxy. See details below.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.\n" } }, "type": "object" } }, "aws:redshift/endpointAuthorization:EndpointAuthorization": { "description": "Creates a new Amazon Redshift endpoint authorization.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.EndpointAuthorization(\"example\", {\n account: \"01234567910\",\n clusterIdentifier: exampleAwsRedshiftCluster.clusterIdentifier,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.EndpointAuthorization(\"example\",\n account=\"01234567910\",\n cluster_identifier=example_aws_redshift_cluster[\"clusterIdentifier\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.EndpointAuthorization(\"example\", new()\n {\n Account = \"01234567910\",\n ClusterIdentifier = exampleAwsRedshiftCluster.ClusterIdentifier,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewEndpointAuthorization(ctx, \"example\", \u0026redshift.EndpointAuthorizationArgs{\n\t\t\tAccount: pulumi.String(\"01234567910\"),\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.ClusterIdentifier),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.EndpointAuthorization;\nimport com.pulumi.aws.redshift.EndpointAuthorizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointAuthorization(\"example\", EndpointAuthorizationArgs.builder()\n .account(\"01234567910\")\n .clusterIdentifier(exampleAwsRedshiftCluster.clusterIdentifier())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:EndpointAuthorization\n properties:\n account: '01234567910'\n clusterIdentifier: ${exampleAwsRedshiftCluster.clusterIdentifier}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift endpoint authorization using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/endpointAuthorization:EndpointAuthorization example 01234567910:cluster-example-id\n```\n", "properties": { "account": { "type": "string", "description": "The Amazon Web Services account ID to grant access to.\n" }, "allowedAllVpcs": { "type": "boolean", "description": "Indicates whether all VPCs in the grantee account are allowed access to the cluster.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to grant access to.\n" }, "endpointCount": { "type": "integer", "description": "The number of Redshift-managed VPC endpoints created for the authorization.\n" }, "forceDelete": { "type": "boolean", "description": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted. Default value is `false`.\n" }, "grantee": { "type": "string", "description": "The Amazon Web Services account ID of the grantee of the cluster.\n" }, "grantor": { "type": "string", "description": "The Amazon Web Services account ID of the cluster owner.\n" }, "vpcIds": { "type": "array", "items": { "type": "string" }, "description": "The virtual private cloud (VPC) identifiers to grant access to. If none are specified all VPCs in shared account are allowed.\n" } }, "required": [ "account", "allowedAllVpcs", "clusterIdentifier", "endpointCount", "grantee", "grantor" ], "inputProperties": { "account": { "type": "string", "description": "The Amazon Web Services account ID to grant access to.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to grant access to.\n", "willReplaceOnChanges": true }, "forceDelete": { "type": "boolean", "description": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted. Default value is `false`.\n" }, "vpcIds": { "type": "array", "items": { "type": "string" }, "description": "The virtual private cloud (VPC) identifiers to grant access to. If none are specified all VPCs in shared account are allowed.\n" } }, "requiredInputs": [ "account", "clusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointAuthorization resources.\n", "properties": { "account": { "type": "string", "description": "The Amazon Web Services account ID to grant access to.\n", "willReplaceOnChanges": true }, "allowedAllVpcs": { "type": "boolean", "description": "Indicates whether all VPCs in the grantee account are allowed access to the cluster.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster to grant access to.\n", "willReplaceOnChanges": true }, "endpointCount": { "type": "integer", "description": "The number of Redshift-managed VPC endpoints created for the authorization.\n" }, "forceDelete": { "type": "boolean", "description": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted. Default value is `false`.\n" }, "grantee": { "type": "string", "description": "The Amazon Web Services account ID of the grantee of the cluster.\n" }, "grantor": { "type": "string", "description": "The Amazon Web Services account ID of the cluster owner.\n" }, "vpcIds": { "type": "array", "items": { "type": "string" }, "description": "The virtual private cloud (VPC) identifiers to grant access to. If none are specified all VPCs in shared account are allowed.\n" } }, "type": "object" } }, "aws:redshift/eventSubscription:EventSubscription": { "description": "Provides a Redshift event subscription resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.redshift.Cluster(\"default\", {\n clusterIdentifier: \"default\",\n databaseName: \"default\",\n});\nconst defaultTopic = new aws.sns.Topic(\"default\", {name: \"redshift-events\"});\nconst defaultEventSubscription = new aws.redshift.EventSubscription(\"default\", {\n name: \"redshift-event-sub\",\n snsTopicArn: defaultTopic.arn,\n sourceType: \"cluster\",\n sourceIds: [_default.id],\n severity: \"INFO\",\n eventCategories: [\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n ],\n tags: {\n Name: \"default\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.Cluster(\"default\",\n cluster_identifier=\"default\",\n database_name=\"default\")\ndefault_topic = aws.sns.Topic(\"default\", name=\"redshift-events\")\ndefault_event_subscription = aws.redshift.EventSubscription(\"default\",\n name=\"redshift-event-sub\",\n sns_topic_arn=default_topic.arn,\n source_type=\"cluster\",\n source_ids=[default.id],\n severity=\"INFO\",\n event_categories=[\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n ],\n tags={\n \"Name\": \"default\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.RedShift.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"default\",\n DatabaseName = \"default\",\n });\n\n var defaultTopic = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"redshift-events\",\n });\n\n var defaultEventSubscription = new Aws.RedShift.EventSubscription(\"default\", new()\n {\n Name = \"redshift-event-sub\",\n SnsTopicArn = defaultTopic.Arn,\n SourceType = \"cluster\",\n SourceIds = new[]\n {\n @default.Id,\n },\n Severity = \"INFO\",\n EventCategories = new[]\n {\n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\",\n },\n Tags = \n {\n { \"Name\", \"default\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewCluster(ctx, \"default\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"default\"),\n\t\t\tDatabaseName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultTopic, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"redshift-events\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewEventSubscription(ctx, \"default\", \u0026redshift.EventSubscriptionArgs{\n\t\t\tName: pulumi.String(\"redshift-event-sub\"),\n\t\t\tSnsTopicArn: defaultTopic.Arn,\n\t\t\tSourceType: pulumi.String(\"cluster\"),\n\t\t\tSourceIds: pulumi.StringArray{\n\t\t\t\t_default.ID(),\n\t\t\t},\n\t\t\tSeverity: pulumi.String(\"INFO\"),\n\t\t\tEventCategories: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"configuration\"),\n\t\t\t\tpulumi.String(\"management\"),\n\t\t\t\tpulumi.String(\"monitoring\"),\n\t\t\t\tpulumi.String(\"security\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"default\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.redshift.EventSubscription;\nimport com.pulumi.aws.redshift.EventSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"default\")\n .databaseName(\"default\")\n .build());\n\n var defaultTopic = new Topic(\"defaultTopic\", TopicArgs.builder()\n .name(\"redshift-events\")\n .build());\n\n var defaultEventSubscription = new EventSubscription(\"defaultEventSubscription\", EventSubscriptionArgs.builder()\n .name(\"redshift-event-sub\")\n .snsTopicArn(defaultTopic.arn())\n .sourceType(\"cluster\")\n .sourceIds(default_.id())\n .severity(\"INFO\")\n .eventCategories( \n \"configuration\",\n \"management\",\n \"monitoring\",\n \"security\")\n .tags(Map.of(\"Name\", \"default\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:redshift:Cluster\n properties:\n clusterIdentifier: default\n databaseName: default\n defaultTopic:\n type: aws:sns:Topic\n name: default\n properties:\n name: redshift-events\n defaultEventSubscription:\n type: aws:redshift:EventSubscription\n name: default\n properties:\n name: redshift-event-sub\n snsTopicArn: ${defaultTopic.arn}\n sourceType: cluster\n sourceIds:\n - ${default.id}\n severity: INFO\n eventCategories:\n - configuration\n - management\n - monitoring\n - security\n tags:\n Name: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Event Subscriptions using the `name`. For example:\n\n```sh\n$ pulumi import aws:redshift/eventSubscription:EventSubscription default redshift-event-sub\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the Redshift event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to `true`.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n" }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`. Default value of `INFO`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, `cluster-snapshot`, or `scheduled-action`. If not set, all sources will be subscribed to.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "customerAwsId", "name", "snsTopicArn", "status", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to `true`.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n", "willReplaceOnChanges": true }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`. Default value of `INFO`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, `cluster-snapshot`, or `scheduled-action`. If not set, all sources will be subscribed to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "snsTopicArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift event notification subscription\n" }, "customerAwsId": { "type": "string", "description": "The AWS customer account associated with the Redshift event notification subscription\n" }, "enabled": { "type": "boolean", "description": "A boolean flag to enable/disable the subscription. Defaults to `true`.\n" }, "eventCategories": { "type": "array", "items": { "type": "string" }, "description": "A list of event categories for a SourceType that you want to subscribe to. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-event-notifications.html or run `aws redshift describe-event-categories`.\n" }, "name": { "type": "string", "description": "The name of the Redshift event subscription.\n", "willReplaceOnChanges": true }, "severity": { "type": "string", "description": "The event severity to be published by the notification subscription. Valid options are `INFO` or `ERROR`. Default value of `INFO`.\n" }, "snsTopicArn": { "type": "string", "description": "The ARN of the SNS topic to send events to.\n" }, "sourceIds": { "type": "array", "items": { "type": "string" }, "description": "A list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. If specified, a `source_type` must also be specified.\n" }, "sourceType": { "type": "string", "description": "The type of source that will be generating the events. Valid options are `cluster`, `cluster-parameter-group`, `cluster-security-group`, `cluster-snapshot`, or `scheduled-action`. If not set, all sources will be subscribed to.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/hsmClientCertificate:HsmClientCertificate": { "description": "Creates an HSM client certificate that an Amazon Redshift cluster will use to connect to the client's HSM in order to store and retrieve the keys used to encrypt the cluster databases.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.HsmClientCertificate(\"example\", {hsmClientCertificateIdentifier: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.HsmClientCertificate(\"example\", hsm_client_certificate_identifier=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.HsmClientCertificate(\"example\", new()\n {\n HsmClientCertificateIdentifier = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewHsmClientCertificate(ctx, \"example\", \u0026redshift.HsmClientCertificateArgs{\n\t\t\tHsmClientCertificateIdentifier: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.HsmClientCertificate;\nimport com.pulumi.aws.redshift.HsmClientCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HsmClientCertificate(\"example\", HsmClientCertificateArgs.builder()\n .hsmClientCertificateIdentifier(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:HsmClientCertificate\n properties:\n hsmClientCertificateIdentifier: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift HSM Client Certificates using `hsm_client_certificate_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/hsmClientCertificate:HsmClientCertificate test example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Hsm Client Certificate.\n" }, "hsmClientCertificateIdentifier": { "type": "string", "description": "The identifier of the HSM client certificate.\n" }, "hsmClientCertificatePublicKey": { "type": "string", "description": "The public key that the Amazon Redshift cluster will use to connect to the HSM. You must register the public key in the HSM.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "hsmClientCertificateIdentifier", "hsmClientCertificatePublicKey", "tagsAll" ], "inputProperties": { "hsmClientCertificateIdentifier": { "type": "string", "description": "The identifier of the HSM client certificate.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "hsmClientCertificateIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering HsmClientCertificate resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Hsm Client Certificate.\n" }, "hsmClientCertificateIdentifier": { "type": "string", "description": "The identifier of the HSM client certificate.\n", "willReplaceOnChanges": true }, "hsmClientCertificatePublicKey": { "type": "string", "description": "The public key that the Amazon Redshift cluster will use to connect to the HSM. You must register the public key in the HSM.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/hsmConfiguration:HsmConfiguration": { "description": "Creates an HSM configuration that contains the information required by an Amazon Redshift cluster to store and use database encryption keys in a Hardware Security Module (HSM).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.HsmConfiguration(\"example\", {\n description: \"example\",\n hsmConfigurationIdentifier: \"example\",\n hsmIpAddress: \"10.0.0.1\",\n hsmPartitionName: \"aws\",\n hsmPartitionPassword: \"example\",\n hsmServerPublicCertificate: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.HsmConfiguration(\"example\",\n description=\"example\",\n hsm_configuration_identifier=\"example\",\n hsm_ip_address=\"10.0.0.1\",\n hsm_partition_name=\"aws\",\n hsm_partition_password=\"example\",\n hsm_server_public_certificate=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.HsmConfiguration(\"example\", new()\n {\n Description = \"example\",\n HsmConfigurationIdentifier = \"example\",\n HsmIpAddress = \"10.0.0.1\",\n HsmPartitionName = \"aws\",\n HsmPartitionPassword = \"example\",\n HsmServerPublicCertificate = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewHsmConfiguration(ctx, \"example\", \u0026redshift.HsmConfigurationArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tHsmConfigurationIdentifier: pulumi.String(\"example\"),\n\t\t\tHsmIpAddress: pulumi.String(\"10.0.0.1\"),\n\t\t\tHsmPartitionName: pulumi.String(\"aws\"),\n\t\t\tHsmPartitionPassword: pulumi.String(\"example\"),\n\t\t\tHsmServerPublicCertificate: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.HsmConfiguration;\nimport com.pulumi.aws.redshift.HsmConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HsmConfiguration(\"example\", HsmConfigurationArgs.builder()\n .description(\"example\")\n .hsmConfigurationIdentifier(\"example\")\n .hsmIpAddress(\"10.0.0.1\")\n .hsmPartitionName(\"aws\")\n .hsmPartitionPassword(\"example\")\n .hsmServerPublicCertificate(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:HsmConfiguration\n properties:\n description: example\n hsmConfigurationIdentifier: example\n hsmIpAddress: 10.0.0.1\n hsmPartitionName: aws\n hsmPartitionPassword: example\n hsmServerPublicCertificate: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift HSM Client Certificates using `hsm_configuration_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/hsmConfiguration:HsmConfiguration example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Hsm Client Certificate.\n" }, "description": { "type": "string", "description": "A text description of the HSM configuration to be created.\n" }, "hsmConfigurationIdentifier": { "type": "string", "description": "The identifier to be assigned to the new Amazon Redshift HSM configuration.\n" }, "hsmIpAddress": { "type": "string", "description": "The IP address that the Amazon Redshift cluster must use to access the HSM.\n" }, "hsmPartitionName": { "type": "string", "description": "The name of the partition in the HSM where the Amazon Redshift clusters will store their database encryption keys.\n" }, "hsmPartitionPassword": { "type": "string", "description": "The password required to access the HSM partition.\n", "secret": true }, "hsmServerPublicCertificate": { "type": "string", "description": "The HSMs public certificate file. When using Cloud HSM, the file name is server.pem.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "hsmConfigurationIdentifier", "hsmIpAddress", "hsmPartitionName", "hsmPartitionPassword", "hsmServerPublicCertificate", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A text description of the HSM configuration to be created.\n", "willReplaceOnChanges": true }, "hsmConfigurationIdentifier": { "type": "string", "description": "The identifier to be assigned to the new Amazon Redshift HSM configuration.\n", "willReplaceOnChanges": true }, "hsmIpAddress": { "type": "string", "description": "The IP address that the Amazon Redshift cluster must use to access the HSM.\n", "willReplaceOnChanges": true }, "hsmPartitionName": { "type": "string", "description": "The name of the partition in the HSM where the Amazon Redshift clusters will store their database encryption keys.\n", "willReplaceOnChanges": true }, "hsmPartitionPassword": { "type": "string", "description": "The password required to access the HSM partition.\n", "secret": true, "willReplaceOnChanges": true }, "hsmServerPublicCertificate": { "type": "string", "description": "The HSMs public certificate file. When using Cloud HSM, the file name is server.pem.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "description", "hsmConfigurationIdentifier", "hsmIpAddress", "hsmPartitionName", "hsmPartitionPassword", "hsmServerPublicCertificate" ], "stateInputs": { "description": "Input properties used for looking up and filtering HsmConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Hsm Client Certificate.\n" }, "description": { "type": "string", "description": "A text description of the HSM configuration to be created.\n", "willReplaceOnChanges": true }, "hsmConfigurationIdentifier": { "type": "string", "description": "The identifier to be assigned to the new Amazon Redshift HSM configuration.\n", "willReplaceOnChanges": true }, "hsmIpAddress": { "type": "string", "description": "The IP address that the Amazon Redshift cluster must use to access the HSM.\n", "willReplaceOnChanges": true }, "hsmPartitionName": { "type": "string", "description": "The name of the partition in the HSM where the Amazon Redshift clusters will store their database encryption keys.\n", "willReplaceOnChanges": true }, "hsmPartitionPassword": { "type": "string", "description": "The password required to access the HSM partition.\n", "secret": true, "willReplaceOnChanges": true }, "hsmServerPublicCertificate": { "type": "string", "description": "The HSMs public certificate file. When using Cloud HSM, the file name is server.pem.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/logging:Logging": { "description": "Resource for managing an AWS Redshift Logging configuration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.Logging(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.id,\n logDestinationType: \"cloudwatch\",\n logExports: [\n \"connectionlog\",\n \"userlog\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.Logging(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"id\"],\n log_destination_type=\"cloudwatch\",\n log_exports=[\n \"connectionlog\",\n \"userlog\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.Logging(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.Id,\n LogDestinationType = \"cloudwatch\",\n LogExports = new[]\n {\n \"connectionlog\",\n \"userlog\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewLogging(ctx, \"example\", \u0026redshift.LoggingArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.Id),\n\t\t\tLogDestinationType: pulumi.String(\"cloudwatch\"),\n\t\t\tLogExports: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"connectionlog\"),\n\t\t\t\tpulumi.String(\"userlog\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Logging;\nimport com.pulumi.aws.redshift.LoggingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Logging(\"example\", LoggingArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.id())\n .logDestinationType(\"cloudwatch\")\n .logExports( \n \"connectionlog\",\n \"userlog\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:Logging\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.id}\n logDestinationType: cloudwatch\n logExports:\n - connectionlog\n - userlog\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Destination Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.Logging(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.id,\n logDestinationType: \"s3\",\n bucketName: exampleAwsS3Bucket.id,\n s3KeyPrefix: \"example-prefix/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.Logging(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"id\"],\n log_destination_type=\"s3\",\n bucket_name=example_aws_s3_bucket[\"id\"],\n s3_key_prefix=\"example-prefix/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.Logging(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.Id,\n LogDestinationType = \"s3\",\n BucketName = exampleAwsS3Bucket.Id,\n S3KeyPrefix = \"example-prefix/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewLogging(ctx, \"example\", \u0026redshift.LoggingArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.Id),\n\t\t\tLogDestinationType: pulumi.String(\"s3\"),\n\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tS3KeyPrefix: pulumi.String(\"example-prefix/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Logging;\nimport com.pulumi.aws.redshift.LoggingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Logging(\"example\", LoggingArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.id())\n .logDestinationType(\"s3\")\n .bucketName(exampleAwsS3Bucket.id())\n .s3KeyPrefix(\"example-prefix/\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:Logging\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.id}\n logDestinationType: s3\n bucketName: ${exampleAwsS3Bucket.id}\n s3KeyPrefix: example-prefix/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Logging using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/logging:Logging example cluster-id-12345678\n```\n", "properties": { "bucketName": { "type": "string", "description": "Name of an existing S3 bucket where the log files are to be stored. Required when `log_destination_type` is `s3`. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions. For more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n\nThe following arguments are optional:\n" }, "logDestinationType": { "type": "string", "description": "Log destination type. Valid values are `s3` and `cloudwatch`.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "Collection of exported log types. Required when `log_destination_type` is `cloudwatch`. Valid values are `connectionlog`, `useractivitylog`, and `userlog`.\n" }, "s3KeyPrefix": { "type": "string", "description": "Prefix applied to the log file names.\n" } }, "required": [ "clusterIdentifier" ], "inputProperties": { "bucketName": { "type": "string", "description": "Name of an existing S3 bucket where the log files are to be stored. Required when `log_destination_type` is `s3`. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions. For more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n\nThe following arguments are optional:\n" }, "logDestinationType": { "type": "string", "description": "Log destination type. Valid values are `s3` and `cloudwatch`.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "Collection of exported log types. Required when `log_destination_type` is `cloudwatch`. Valid values are `connectionlog`, `useractivitylog`, and `userlog`.\n" }, "s3KeyPrefix": { "type": "string", "description": "Prefix applied to the log file names.\n" } }, "requiredInputs": [ "clusterIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering Logging resources.\n", "properties": { "bucketName": { "type": "string", "description": "Name of an existing S3 bucket where the log files are to be stored. Required when `log_destination_type` is `s3`. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions. For more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\n" }, "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n\nThe following arguments are optional:\n" }, "logDestinationType": { "type": "string", "description": "Log destination type. Valid values are `s3` and `cloudwatch`.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "Collection of exported log types. Required when `log_destination_type` is `cloudwatch`. Valid values are `connectionlog`, `useractivitylog`, and `userlog`.\n" }, "s3KeyPrefix": { "type": "string", "description": "Prefix applied to the log file names.\n" } }, "type": "object" } }, "aws:redshift/parameterGroup:ParameterGroup": { "description": "Provides a Redshift Cluster parameter group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.redshift.ParameterGroup(\"bar\", {\n name: \"parameter-group-test\",\n family: \"redshift-1.0\",\n parameters: [\n {\n name: \"require_ssl\",\n value: \"true\",\n },\n {\n name: \"query_group\",\n value: \"example\",\n },\n {\n name: \"enable_user_activity_logging\",\n value: \"true\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.redshift.ParameterGroup(\"bar\",\n name=\"parameter-group-test\",\n family=\"redshift-1.0\",\n parameters=[\n {\n \"name\": \"require_ssl\",\n \"value\": \"true\",\n },\n {\n \"name\": \"query_group\",\n \"value\": \"example\",\n },\n {\n \"name\": \"enable_user_activity_logging\",\n \"value\": \"true\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.RedShift.ParameterGroup(\"bar\", new()\n {\n Name = \"parameter-group-test\",\n Family = \"redshift-1.0\",\n Parameters = new[]\n {\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"require_ssl\",\n Value = \"true\",\n },\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"query_group\",\n Value = \"example\",\n },\n new Aws.RedShift.Inputs.ParameterGroupParameterArgs\n {\n Name = \"enable_user_activity_logging\",\n Value = \"true\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewParameterGroup(ctx, \"bar\", \u0026redshift.ParameterGroupArgs{\n\t\t\tName: pulumi.String(\"parameter-group-test\"),\n\t\t\tFamily: pulumi.String(\"redshift-1.0\"),\n\t\t\tParameters: redshift.ParameterGroupParameterArray{\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"require_ssl\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"query_group\"),\n\t\t\t\t\tValue: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t\t\u0026redshift.ParameterGroupParameterArgs{\n\t\t\t\t\tName: pulumi.String(\"enable_user_activity_logging\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ParameterGroup;\nimport com.pulumi.aws.redshift.ParameterGroupArgs;\nimport com.pulumi.aws.redshift.inputs.ParameterGroupParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new ParameterGroup(\"bar\", ParameterGroupArgs.builder()\n .name(\"parameter-group-test\")\n .family(\"redshift-1.0\")\n .parameters( \n ParameterGroupParameterArgs.builder()\n .name(\"require_ssl\")\n .value(\"true\")\n .build(),\n ParameterGroupParameterArgs.builder()\n .name(\"query_group\")\n .value(\"example\")\n .build(),\n ParameterGroupParameterArgs.builder()\n .name(\"enable_user_activity_logging\")\n .value(\"true\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:redshift:ParameterGroup\n properties:\n name: parameter-group-test\n family: redshift-1.0\n parameters:\n - name: require_ssl\n value: 'true'\n - name: query_group\n value: example\n - name: enable_user_activity_logging\n value: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Parameter Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:redshift/parameterGroup:ParameterGroup paramgroup1 parameter-group-test-pulumi\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of parameter group\n" }, "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n" }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nYou can read more about the parameters that Redshift supports in the [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "family", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nYou can read more about the parameters that Redshift supports in the [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n" } }, "requiredInputs": [ "family" ], "stateInputs": { "description": "Input properties used for looking up and filtering ParameterGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of parameter group\n" }, "description": { "type": "string", "description": "The description of the Redshift parameter group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi", "willReplaceOnChanges": true }, "family": { "type": "string", "description": "The family of the Redshift parameter group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Redshift parameter.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshift/ParameterGroupParameter:ParameterGroupParameter" }, "description": "A list of Redshift parameters to apply.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nYou can read more about the parameters that Redshift supports in the [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/partner:Partner": { "description": "Creates a new Amazon Redshift Partner Integration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.Partner(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.id,\n accountId: \"1234567910\",\n databaseName: exampleAwsRedshiftCluster.databaseName,\n partnerName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.Partner(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"id\"],\n account_id=\"1234567910\",\n database_name=example_aws_redshift_cluster[\"databaseName\"],\n partner_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.Partner(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.Id,\n AccountId = \"1234567910\",\n DatabaseName = exampleAwsRedshiftCluster.DatabaseName,\n PartnerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewPartner(ctx, \"example\", \u0026redshift.PartnerArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.Id),\n\t\t\tAccountId: pulumi.String(\"1234567910\"),\n\t\t\tDatabaseName: pulumi.Any(exampleAwsRedshiftCluster.DatabaseName),\n\t\t\tPartnerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Partner;\nimport com.pulumi.aws.redshift.PartnerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Partner(\"example\", PartnerArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.id())\n .accountId(1234567910)\n .databaseName(exampleAwsRedshiftCluster.databaseName())\n .partnerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:Partner\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.id}\n accountId: 1.23456791e+09\n databaseName: ${exampleAwsRedshiftCluster.databaseName}\n partnerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift usage limits using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/partner:Partner example 01234567910:cluster-example-id:example:example\n```\n", "properties": { "accountId": { "type": "string", "description": "The Amazon Web Services account ID that owns the cluster.\n" }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster that receives data from the partner.\n" }, "databaseName": { "type": "string", "description": "The name of the database that receives data from the partner.\n" }, "partnerName": { "type": "string", "description": "The name of the partner that is authorized to send data.\n" }, "status": { "type": "string", "description": "(Optional) The partner integration status.\n" }, "statusMessage": { "type": "string", "description": "(Optional) The status message provided by the partner.\n" } }, "required": [ "accountId", "clusterIdentifier", "databaseName", "partnerName", "status", "statusMessage" ], "inputProperties": { "accountId": { "type": "string", "description": "The Amazon Web Services account ID that owns the cluster.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster that receives data from the partner.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "The name of the database that receives data from the partner.\n", "willReplaceOnChanges": true }, "partnerName": { "type": "string", "description": "The name of the partner that is authorized to send data.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId", "clusterIdentifier", "databaseName", "partnerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Partner resources.\n", "properties": { "accountId": { "type": "string", "description": "The Amazon Web Services account ID that owns the cluster.\n", "willReplaceOnChanges": true }, "clusterIdentifier": { "type": "string", "description": "The cluster identifier of the cluster that receives data from the partner.\n", "willReplaceOnChanges": true }, "databaseName": { "type": "string", "description": "The name of the database that receives data from the partner.\n", "willReplaceOnChanges": true }, "partnerName": { "type": "string", "description": "The name of the partner that is authorized to send data.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "(Optional) The partner integration status.\n" }, "statusMessage": { "type": "string", "description": "(Optional) The status message provided by the partner.\n" } }, "type": "object" } }, "aws:redshift/resourcePolicy:ResourcePolicy": { "description": "Creates a new Amazon Redshift Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftCluster.clusterNamespaceArn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n AWS: \"arn:aws:iam::12345678901:root\",\n },\n Action: \"redshift:CreateInboundIntegration\",\n Resource: exampleAwsRedshiftCluster.clusterNamespaceArn,\n Sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::12345678901:root\",\n },\n \"Action\": \"redshift:CreateInboundIntegration\",\n \"Resource\": example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n \"Sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::12345678901:root\",\n },\n [\"Action\"] = \"redshift:CreateInboundIntegration\",\n [\"Resource\"] = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::12345678901:root\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"redshift:CreateInboundIntegration\",\n\t\t\t\t\t\"Resource\": exampleAwsRedshiftCluster.ClusterNamespaceArn,\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewResourcePolicy(ctx, \"example\", \u0026redshift.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftCluster.ClusterNamespaceArn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ResourcePolicy;\nimport com.pulumi.aws.redshift.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsRedshiftCluster.clusterNamespaceArn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::12345678901:root\")\n )),\n jsonProperty(\"Action\", \"redshift:CreateInboundIntegration\"),\n jsonProperty(\"Resource\", exampleAwsRedshiftCluster.clusterNamespaceArn()),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n AWS: arn:aws:iam::12345678901:root\n Action: redshift:CreateInboundIntegration\n Resource: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n Sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshift/resourcePolicy:ResourcePolicy example example\n```\n", "properties": { "policy": { "type": "string", "description": "The content of the resource policy being updated.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "The content of the resource policy being updated.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The content of the resource policy being updated.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshift/scheduledAction:ScheduledAction": { "description": "## Example Usage\n\n### Pause Cluster Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"scheduler.redshift.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"redshift_scheduled_action\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"redshift:PauseCluster\",\n \"redshift:ResumeCluster\",\n \"redshift:ResizeCluster\",\n ],\n resources: [\"*\"],\n }],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"redshift_scheduled_action\",\n policy: example.then(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: examplePolicy.arn,\n role: exampleRole.name,\n});\nconst exampleScheduledAction = new aws.redshift.ScheduledAction(\"example\", {\n name: \"tf-redshift-scheduled-action\",\n schedule: \"cron(00 23 * * ? *)\",\n iamRole: exampleRole.arn,\n targetAction: {\n pauseCluster: {\n clusterIdentifier: \"tf-redshift001\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"scheduler.redshift.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"redshift_scheduled_action\",\n assume_role_policy=assume_role.json)\nexample = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"redshift:PauseCluster\",\n \"redshift:ResumeCluster\",\n \"redshift:ResizeCluster\",\n ],\n \"resources\": [\"*\"],\n}])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"redshift_scheduled_action\",\n policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=example_policy.arn,\n role=example_role.name)\nexample_scheduled_action = aws.redshift.ScheduledAction(\"example\",\n name=\"tf-redshift-scheduled-action\",\n schedule=\"cron(00 23 * * ? *)\",\n iam_role=example_role.arn,\n target_action={\n \"pause_cluster\": {\n \"cluster_identifier\": \"tf-redshift001\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"scheduler.redshift.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"redshift_scheduled_action\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"redshift:PauseCluster\",\n \"redshift:ResumeCluster\",\n \"redshift:ResizeCluster\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"redshift_scheduled_action\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = examplePolicy.Arn,\n Role = exampleRole.Name,\n });\n\n var exampleScheduledAction = new Aws.RedShift.ScheduledAction(\"example\", new()\n {\n Name = \"tf-redshift-scheduled-action\",\n Schedule = \"cron(00 23 * * ? *)\",\n IamRole = exampleRole.Arn,\n TargetAction = new Aws.RedShift.Inputs.ScheduledActionTargetActionArgs\n {\n PauseCluster = new Aws.RedShift.Inputs.ScheduledActionTargetActionPauseClusterArgs\n {\n ClusterIdentifier = \"tf-redshift001\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"scheduler.redshift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"redshift_scheduled_action\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"redshift:PauseCluster\",\n\t\t\t\t\t\t\"redshift:ResumeCluster\",\n\t\t\t\t\t\t\"redshift:ResizeCluster\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"redshift_scheduled_action\"),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: examplePolicy.Arn,\n\t\t\tRole: exampleRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewScheduledAction(ctx, \"example\", \u0026redshift.ScheduledActionArgs{\n\t\t\tName: pulumi.String(\"tf-redshift-scheduled-action\"),\n\t\t\tSchedule: pulumi.String(\"cron(00 23 * * ? *)\"),\n\t\t\tIamRole: exampleRole.Arn,\n\t\t\tTargetAction: \u0026redshift.ScheduledActionTargetActionArgs{\n\t\t\t\tPauseCluster: \u0026redshift.ScheduledActionTargetActionPauseClusterArgs{\n\t\t\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift001\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.redshift.ScheduledAction;\nimport com.pulumi.aws.redshift.ScheduledActionArgs;\nimport com.pulumi.aws.redshift.inputs.ScheduledActionTargetActionArgs;\nimport com.pulumi.aws.redshift.inputs.ScheduledActionTargetActionPauseClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"scheduler.redshift.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"redshift_scheduled_action\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"redshift:PauseCluster\",\n \"redshift:ResumeCluster\",\n \"redshift:ResizeCluster\")\n .resources(\"*\")\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"redshift_scheduled_action\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .policyArn(examplePolicy.arn())\n .role(exampleRole.name())\n .build());\n\n var exampleScheduledAction = new ScheduledAction(\"exampleScheduledAction\", ScheduledActionArgs.builder()\n .name(\"tf-redshift-scheduled-action\")\n .schedule(\"cron(00 23 * * ? *)\")\n .iamRole(exampleRole.arn())\n .targetAction(ScheduledActionTargetActionArgs.builder()\n .pauseCluster(ScheduledActionTargetActionPauseClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift001\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: redshift_scheduled_action\n assumeRolePolicy: ${assumeRole.json}\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: redshift_scheduled_action\n policy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: ${examplePolicy.arn}\n role: ${exampleRole.name}\n exampleScheduledAction:\n type: aws:redshift:ScheduledAction\n name: example\n properties:\n name: tf-redshift-scheduled-action\n schedule: cron(00 23 * * ? *)\n iamRole: ${exampleRole.arn}\n targetAction:\n pauseCluster:\n clusterIdentifier: tf-redshift001\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - scheduler.redshift.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - redshift:PauseCluster\n - redshift:ResumeCluster\n - redshift:ResizeCluster\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Resize Cluster Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.ScheduledAction(\"example\", {\n name: \"tf-redshift-scheduled-action\",\n schedule: \"cron(00 23 * * ? *)\",\n iamRole: exampleAwsIamRole.arn,\n targetAction: {\n resizeCluster: {\n clusterIdentifier: \"tf-redshift001\",\n clusterType: \"multi-node\",\n nodeType: \"dc1.large\",\n numberOfNodes: 2,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.ScheduledAction(\"example\",\n name=\"tf-redshift-scheduled-action\",\n schedule=\"cron(00 23 * * ? *)\",\n iam_role=example_aws_iam_role[\"arn\"],\n target_action={\n \"resize_cluster\": {\n \"cluster_identifier\": \"tf-redshift001\",\n \"cluster_type\": \"multi-node\",\n \"node_type\": \"dc1.large\",\n \"number_of_nodes\": 2,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.ScheduledAction(\"example\", new()\n {\n Name = \"tf-redshift-scheduled-action\",\n Schedule = \"cron(00 23 * * ? *)\",\n IamRole = exampleAwsIamRole.Arn,\n TargetAction = new Aws.RedShift.Inputs.ScheduledActionTargetActionArgs\n {\n ResizeCluster = new Aws.RedShift.Inputs.ScheduledActionTargetActionResizeClusterArgs\n {\n ClusterIdentifier = \"tf-redshift001\",\n ClusterType = \"multi-node\",\n NodeType = \"dc1.large\",\n NumberOfNodes = 2,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewScheduledAction(ctx, \"example\", \u0026redshift.ScheduledActionArgs{\n\t\t\tName: pulumi.String(\"tf-redshift-scheduled-action\"),\n\t\t\tSchedule: pulumi.String(\"cron(00 23 * * ? *)\"),\n\t\t\tIamRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTargetAction: \u0026redshift.ScheduledActionTargetActionArgs{\n\t\t\t\tResizeCluster: \u0026redshift.ScheduledActionTargetActionResizeClusterArgs{\n\t\t\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift001\"),\n\t\t\t\t\tClusterType: pulumi.String(\"multi-node\"),\n\t\t\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\t\t\tNumberOfNodes: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ScheduledAction;\nimport com.pulumi.aws.redshift.ScheduledActionArgs;\nimport com.pulumi.aws.redshift.inputs.ScheduledActionTargetActionArgs;\nimport com.pulumi.aws.redshift.inputs.ScheduledActionTargetActionResizeClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ScheduledAction(\"example\", ScheduledActionArgs.builder()\n .name(\"tf-redshift-scheduled-action\")\n .schedule(\"cron(00 23 * * ? *)\")\n .iamRole(exampleAwsIamRole.arn())\n .targetAction(ScheduledActionTargetActionArgs.builder()\n .resizeCluster(ScheduledActionTargetActionResizeClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift001\")\n .clusterType(\"multi-node\")\n .nodeType(\"dc1.large\")\n .numberOfNodes(2)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ScheduledAction\n properties:\n name: tf-redshift-scheduled-action\n schedule: cron(00 23 * * ? *)\n iamRole: ${exampleAwsIamRole.arn}\n targetAction:\n resizeCluster:\n clusterIdentifier: tf-redshift001\n clusterType: multi-node\n nodeType: dc1.large\n numberOfNodes: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Scheduled Action using the `name`. For example:\n\n```sh\n$ pulumi import aws:redshift/scheduledAction:ScheduledAction example tf-redshift-scheduled-action\n```\n", "properties": { "description": { "type": "string", "description": "The description of the scheduled action.\n" }, "enable": { "type": "boolean", "description": "Whether to enable the scheduled action. Default is `true` .\n" }, "endTime": { "type": "string", "description": "The end time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "iamRole": { "type": "string", "description": "The IAM role to assume to run the scheduled action.\n" }, "name": { "type": "string", "description": "The scheduled action name.\n" }, "schedule": { "type": "string", "description": "The schedule of action. The schedule is defined format of \"at expression\" or \"cron expression\", for example `at(2016-03-04T17:27:00)` or `cron(0 10 ? * MON *)`. See [Scheduled Action](https://docs.aws.amazon.com/redshift/latest/APIReference/API_ScheduledAction.html) for more information.\n" }, "startTime": { "type": "string", "description": "The start time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "targetAction": { "$ref": "#/types/aws:redshift/ScheduledActionTargetAction:ScheduledActionTargetAction", "description": "Target action. Documented below.\n" } }, "required": [ "iamRole", "name", "schedule", "targetAction" ], "inputProperties": { "description": { "type": "string", "description": "The description of the scheduled action.\n" }, "enable": { "type": "boolean", "description": "Whether to enable the scheduled action. Default is `true` .\n" }, "endTime": { "type": "string", "description": "The end time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "iamRole": { "type": "string", "description": "The IAM role to assume to run the scheduled action.\n" }, "name": { "type": "string", "description": "The scheduled action name.\n", "willReplaceOnChanges": true }, "schedule": { "type": "string", "description": "The schedule of action. The schedule is defined format of \"at expression\" or \"cron expression\", for example `at(2016-03-04T17:27:00)` or `cron(0 10 ? * MON *)`. See [Scheduled Action](https://docs.aws.amazon.com/redshift/latest/APIReference/API_ScheduledAction.html) for more information.\n" }, "startTime": { "type": "string", "description": "The start time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "targetAction": { "$ref": "#/types/aws:redshift/ScheduledActionTargetAction:ScheduledActionTargetAction", "description": "Target action. Documented below.\n" } }, "requiredInputs": [ "iamRole", "schedule", "targetAction" ], "stateInputs": { "description": "Input properties used for looking up and filtering ScheduledAction resources.\n", "properties": { "description": { "type": "string", "description": "The description of the scheduled action.\n" }, "enable": { "type": "boolean", "description": "Whether to enable the scheduled action. Default is `true` .\n" }, "endTime": { "type": "string", "description": "The end time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "iamRole": { "type": "string", "description": "The IAM role to assume to run the scheduled action.\n" }, "name": { "type": "string", "description": "The scheduled action name.\n", "willReplaceOnChanges": true }, "schedule": { "type": "string", "description": "The schedule of action. The schedule is defined format of \"at expression\" or \"cron expression\", for example `at(2016-03-04T17:27:00)` or `cron(0 10 ? * MON *)`. See [Scheduled Action](https://docs.aws.amazon.com/redshift/latest/APIReference/API_ScheduledAction.html) for more information.\n" }, "startTime": { "type": "string", "description": "The start time in UTC when the schedule is active, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ).\n" }, "targetAction": { "$ref": "#/types/aws:redshift/ScheduledActionTargetAction:ScheduledActionTargetAction", "description": "Target action. Documented below.\n" } }, "type": "object" } }, "aws:redshift/snapshotCopy:SnapshotCopy": { "description": "Resource for managing an AWS Redshift Snapshot Copy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.SnapshotCopy(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.id,\n destinationRegion: \"us-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.SnapshotCopy(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"id\"],\n destination_region=\"us-east-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.SnapshotCopy(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.Id,\n DestinationRegion = \"us-east-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewSnapshotCopy(ctx, \"example\", \u0026redshift.SnapshotCopyArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.Id),\n\t\t\tDestinationRegion: pulumi.String(\"us-east-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.SnapshotCopy;\nimport com.pulumi.aws.redshift.SnapshotCopyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SnapshotCopy(\"example\", SnapshotCopyArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.id())\n .destinationRegion(\"us-east-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:SnapshotCopy\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.id}\n destinationRegion: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Snapshot Copy using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/snapshotCopy:SnapshotCopy example cluster-id-12345678\n```\n", "properties": { "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n" }, "destinationRegion": { "type": "string", "description": "AWS Region to copy snapshots to.\n\nThe following arguments are optional:\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "Number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is `-1`, the manual snapshot is retained indefinitely.\n" }, "retentionPeriod": { "type": "integer", "description": "Number of days to retain automated snapshots in the destination region after they are copied from the source region.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "Name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region.\n" } }, "required": [ "clusterIdentifier", "destinationRegion", "manualSnapshotRetentionPeriod", "retentionPeriod" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n" }, "destinationRegion": { "type": "string", "description": "AWS Region to copy snapshots to.\n\nThe following arguments are optional:\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "Number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is `-1`, the manual snapshot is retained indefinitely.\n" }, "retentionPeriod": { "type": "integer", "description": "Number of days to retain automated snapshots in the destination region after they are copied from the source region.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "Name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region.\n" } }, "requiredInputs": [ "clusterIdentifier", "destinationRegion" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopy resources.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "Identifier of the source cluster.\n" }, "destinationRegion": { "type": "string", "description": "AWS Region to copy snapshots to.\n\nThe following arguments are optional:\n" }, "manualSnapshotRetentionPeriod": { "type": "integer", "description": "Number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is `-1`, the manual snapshot is retained indefinitely.\n" }, "retentionPeriod": { "type": "integer", "description": "Number of days to retain automated snapshots in the destination region after they are copied from the source region.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "Name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region.\n" } }, "type": "object" } }, "aws:redshift/snapshotCopyGrant:SnapshotCopyGrant": { "description": "Creates a snapshot copy grant that allows AWS Redshift to encrypt copied snapshots with a customer master key from AWS KMS in a destination region.\n\nNote that the grant must exist in the destination region, and not in the region of the cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.redshift.SnapshotCopyGrant(\"test\", {snapshotCopyGrantName: \"my-grant\"});\nconst testCluster = new aws.redshift.Cluster(\"test\", {snapshotCopy: {\n destinationRegion: \"us-east-2\",\n grantName: test.snapshotCopyGrantName,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.redshift.SnapshotCopyGrant(\"test\", snapshot_copy_grant_name=\"my-grant\")\ntest_cluster = aws.redshift.Cluster(\"test\", snapshot_copy={\n \"destination_region\": \"us-east-2\",\n \"grant_name\": test.snapshot_copy_grant_name,\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.RedShift.SnapshotCopyGrant(\"test\", new()\n {\n SnapshotCopyGrantName = \"my-grant\",\n });\n\n var testCluster = new Aws.RedShift.Cluster(\"test\", new()\n {\n SnapshotCopy = new Aws.RedShift.Inputs.ClusterSnapshotCopyArgs\n {\n DestinationRegion = \"us-east-2\",\n GrantName = test.SnapshotCopyGrantName,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := redshift.NewSnapshotCopyGrant(ctx, \"test\", \u0026redshift.SnapshotCopyGrantArgs{\n\t\t\tSnapshotCopyGrantName: pulumi.String(\"my-grant\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewCluster(ctx, \"test\", \u0026redshift.ClusterArgs{\n\t\t\tSnapshotCopy: \u0026redshift.ClusterSnapshotCopyArgs{\n\t\t\t\tDestinationRegion: pulumi.String(\"us-east-2\"),\n\t\t\t\tGrantName: test.SnapshotCopyGrantName,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.SnapshotCopyGrant;\nimport com.pulumi.aws.redshift.SnapshotCopyGrantArgs;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.redshift.inputs.ClusterSnapshotCopyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SnapshotCopyGrant(\"test\", SnapshotCopyGrantArgs.builder()\n .snapshotCopyGrantName(\"my-grant\")\n .build());\n\n var testCluster = new Cluster(\"testCluster\", ClusterArgs.builder()\n .snapshotCopy(ClusterSnapshotCopyArgs.builder()\n .destinationRegion(\"us-east-2\")\n .grantName(test.snapshotCopyGrantName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:redshift:SnapshotCopyGrant\n properties:\n snapshotCopyGrantName: my-grant\n testCluster:\n type: aws:redshift:Cluster\n name: test\n properties:\n snapshotCopy:\n destinationRegion: us-east-2\n grantName: ${test.snapshotCopyGrantName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Snapshot Copy Grants by name. For example:\n\n```sh\n$ pulumi import aws:redshift/snapshotCopyGrant:SnapshotCopyGrant test my-grant\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of snapshot copy grant\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n" }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "kmsKeyId", "snapshotCopyGrantName", "tagsAll" ], "inputProperties": { "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n", "willReplaceOnChanges": true }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "snapshotCopyGrantName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotCopyGrant resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of snapshot copy grant\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN. If not specified, the default key is used.\n", "willReplaceOnChanges": true }, "snapshotCopyGrantName": { "type": "string", "description": "A friendly name for identifying the grant.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/snapshotSchedule:SnapshotSchedule": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.redshift.SnapshotSchedule(\"default\", {\n identifier: \"tf-redshift-snapshot-schedule\",\n definitions: [\"rate(12 hours)\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.SnapshotSchedule(\"default\",\n identifier=\"tf-redshift-snapshot-schedule\",\n definitions=[\"rate(12 hours)\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.RedShift.SnapshotSchedule(\"default\", new()\n {\n Identifier = \"tf-redshift-snapshot-schedule\",\n Definitions = new[]\n {\n \"rate(12 hours)\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewSnapshotSchedule(ctx, \"default\", \u0026redshift.SnapshotScheduleArgs{\n\t\t\tIdentifier: pulumi.String(\"tf-redshift-snapshot-schedule\"),\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"rate(12 hours)\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.SnapshotSchedule;\nimport com.pulumi.aws.redshift.SnapshotScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SnapshotSchedule(\"default\", SnapshotScheduleArgs.builder()\n .identifier(\"tf-redshift-snapshot-schedule\")\n .definitions(\"rate(12 hours)\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:redshift:SnapshotSchedule\n properties:\n identifier: tf-redshift-snapshot-schedule\n definitions:\n - rate(12 hours)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Snapshot Schedule using the `identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/snapshotSchedule:SnapshotSchedule default tf-redshift-snapshot-schedule\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Snapshot Schedule.\n" }, "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n" }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "definitions", "identifier", "identifierPrefix", "tagsAll" ], "inputProperties": { "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "definitions" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotSchedule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Snapshot Schedule.\n" }, "definitions": { "type": "array", "items": { "type": "string" }, "description": "The definition of the snapshot schedule. The definition is made up of schedule expressions, for example `cron(30 12 *)` or `rate(12 hours)`.\n" }, "description": { "type": "string", "description": "The description of the snapshot schedule.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all associated clusters with this snapshot schedule on deletion. Must be enabled and applied before attempting deletion.\n" }, "identifier": { "type": "string", "description": "The snapshot schedule identifier. If omitted, this provider will assign a random, unique identifier.\n", "willReplaceOnChanges": true }, "identifierPrefix": { "type": "string", "description": "Creates a unique\nidentifier beginning with the specified prefix. Conflicts with `identifier`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/snapshotScheduleAssociation:SnapshotScheduleAssociation": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.redshift.Cluster(\"default\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"Mustbe8characters\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst defaultSnapshotSchedule = new aws.redshift.SnapshotSchedule(\"default\", {\n identifier: \"tf-redshift-snapshot-schedule\",\n definitions: [\"rate(12 hours)\"],\n});\nconst defaultSnapshotScheduleAssociation = new aws.redshift.SnapshotScheduleAssociation(\"default\", {\n clusterIdentifier: _default.id,\n scheduleIdentifier: defaultSnapshotSchedule.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.redshift.Cluster(\"default\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"Mustbe8characters\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\ndefault_snapshot_schedule = aws.redshift.SnapshotSchedule(\"default\",\n identifier=\"tf-redshift-snapshot-schedule\",\n definitions=[\"rate(12 hours)\"])\ndefault_snapshot_schedule_association = aws.redshift.SnapshotScheduleAssociation(\"default\",\n cluster_identifier=default.id,\n schedule_identifier=default_snapshot_schedule.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.RedShift.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"Mustbe8characters\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var defaultSnapshotSchedule = new Aws.RedShift.SnapshotSchedule(\"default\", new()\n {\n Identifier = \"tf-redshift-snapshot-schedule\",\n Definitions = new[]\n {\n \"rate(12 hours)\",\n },\n });\n\n var defaultSnapshotScheduleAssociation = new Aws.RedShift.SnapshotScheduleAssociation(\"default\", new()\n {\n ClusterIdentifier = @default.Id,\n ScheduleIdentifier = defaultSnapshotSchedule.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewCluster(ctx, \"default\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"Mustbe8characters\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSnapshotSchedule, err := redshift.NewSnapshotSchedule(ctx, \"default\", \u0026redshift.SnapshotScheduleArgs{\n\t\t\tIdentifier: pulumi.String(\"tf-redshift-snapshot-schedule\"),\n\t\t\tDefinitions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"rate(12 hours)\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewSnapshotScheduleAssociation(ctx, \"default\", \u0026redshift.SnapshotScheduleAssociationArgs{\n\t\t\tClusterIdentifier: _default.ID(),\n\t\t\tScheduleIdentifier: defaultSnapshotSchedule.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.redshift.SnapshotSchedule;\nimport com.pulumi.aws.redshift.SnapshotScheduleArgs;\nimport com.pulumi.aws.redshift.SnapshotScheduleAssociation;\nimport com.pulumi.aws.redshift.SnapshotScheduleAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder()\n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"Mustbe8characters\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var defaultSnapshotSchedule = new SnapshotSchedule(\"defaultSnapshotSchedule\", SnapshotScheduleArgs.builder()\n .identifier(\"tf-redshift-snapshot-schedule\")\n .definitions(\"rate(12 hours)\")\n .build());\n\n var defaultSnapshotScheduleAssociation = new SnapshotScheduleAssociation(\"defaultSnapshotScheduleAssociation\", SnapshotScheduleAssociationArgs.builder()\n .clusterIdentifier(default_.id())\n .scheduleIdentifier(defaultSnapshotSchedule.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:redshift:Cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: mydb\n masterUsername: foo\n masterPassword: Mustbe8characters\n nodeType: dc1.large\n clusterType: single-node\n defaultSnapshotSchedule:\n type: aws:redshift:SnapshotSchedule\n name: default\n properties:\n identifier: tf-redshift-snapshot-schedule\n definitions:\n - rate(12 hours)\n defaultSnapshotScheduleAssociation:\n type: aws:redshift:SnapshotScheduleAssociation\n name: default\n properties:\n clusterIdentifier: ${default.id}\n scheduleIdentifier: ${defaultSnapshotSchedule.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Snapshot Schedule Association using the `\u003ccluster-identifier\u003e/\u003cschedule-identifier\u003e`. For example:\n\n```sh\n$ pulumi import aws:redshift/snapshotScheduleAssociation:SnapshotScheduleAssociation default tf-redshift-cluster/tf-redshift-snapshot-schedule\n```\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n" }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n" } }, "required": [ "clusterIdentifier", "scheduleIdentifier" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n", "willReplaceOnChanges": true }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clusterIdentifier", "scheduleIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering SnapshotScheduleAssociation resources.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier.\n", "willReplaceOnChanges": true }, "scheduleIdentifier": { "type": "string", "description": "The snapshot schedule identifier.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshift/subnetGroup:SubnetGroup": { "description": "Creates a new Amazon Redshift subnet group. You must provide a list of one or more subnets in your existing Amazon Virtual Private Cloud (Amazon VPC) when creating Amazon Redshift subnet group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.1.0.0/16\"});\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n cidrBlock: \"10.1.1.0/24\",\n availabilityZone: \"us-west-2a\",\n vpcId: foo.id,\n tags: {\n Name: \"tf-dbsubnet-test-1\",\n },\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n cidrBlock: \"10.1.2.0/24\",\n availabilityZone: \"us-west-2b\",\n vpcId: foo.id,\n tags: {\n Name: \"tf-dbsubnet-test-2\",\n },\n});\nconst fooSubnetGroup = new aws.redshift.SubnetGroup(\"foo\", {\n name: \"foo\",\n subnetIds: [\n fooSubnet.id,\n bar.id,\n ],\n tags: {\n environment: \"Production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.1.0.0/16\")\nfoo_subnet = aws.ec2.Subnet(\"foo\",\n cidr_block=\"10.1.1.0/24\",\n availability_zone=\"us-west-2a\",\n vpc_id=foo.id,\n tags={\n \"Name\": \"tf-dbsubnet-test-1\",\n })\nbar = aws.ec2.Subnet(\"bar\",\n cidr_block=\"10.1.2.0/24\",\n availability_zone=\"us-west-2b\",\n vpc_id=foo.id,\n tags={\n \"Name\": \"tf-dbsubnet-test-2\",\n })\nfoo_subnet_group = aws.redshift.SubnetGroup(\"foo\",\n name=\"foo\",\n subnet_ids=[\n foo_subnet.id,\n bar.id,\n ],\n tags={\n \"environment\": \"Production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var fooSubnet = new Aws.Ec2.Subnet(\"foo\", new()\n {\n CidrBlock = \"10.1.1.0/24\",\n AvailabilityZone = \"us-west-2a\",\n VpcId = foo.Id,\n Tags = \n {\n { \"Name\", \"tf-dbsubnet-test-1\" },\n },\n });\n\n var bar = new Aws.Ec2.Subnet(\"bar\", new()\n {\n CidrBlock = \"10.1.2.0/24\",\n AvailabilityZone = \"us-west-2b\",\n VpcId = foo.Id,\n Tags = \n {\n { \"Name\", \"tf-dbsubnet-test-2\" },\n },\n });\n\n var fooSubnetGroup = new Aws.RedShift.SubnetGroup(\"foo\", new()\n {\n Name = \"foo\",\n SubnetIds = new[]\n {\n fooSubnet.Id,\n bar.Id,\n },\n Tags = \n {\n { \"environment\", \"Production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tVpcId: foo.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-dbsubnet-test-1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.2.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2b\"),\n\t\t\tVpcId: foo.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-dbsubnet-test-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshift.NewSubnetGroup(ctx, \"foo\", \u0026redshift.SubnetGroupArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t\tbar.ID(),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.redshift.SubnetGroup;\nimport com.pulumi.aws.redshift.SubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Vpc(\"foo\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var fooSubnet = new Subnet(\"fooSubnet\", SubnetArgs.builder()\n .cidrBlock(\"10.1.1.0/24\")\n .availabilityZone(\"us-west-2a\")\n .vpcId(foo.id())\n .tags(Map.of(\"Name\", \"tf-dbsubnet-test-1\"))\n .build());\n\n var bar = new Subnet(\"bar\", SubnetArgs.builder()\n .cidrBlock(\"10.1.2.0/24\")\n .availabilityZone(\"us-west-2b\")\n .vpcId(foo.id())\n .tags(Map.of(\"Name\", \"tf-dbsubnet-test-2\"))\n .build());\n\n var fooSubnetGroup = new SubnetGroup(\"fooSubnetGroup\", SubnetGroupArgs.builder()\n .name(\"foo\")\n .subnetIds( \n fooSubnet.id(),\n bar.id())\n .tags(Map.of(\"environment\", \"Production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.1.0.0/16\n fooSubnet:\n type: aws:ec2:Subnet\n name: foo\n properties:\n cidrBlock: 10.1.1.0/24\n availabilityZone: us-west-2a\n vpcId: ${foo.id}\n tags:\n Name: tf-dbsubnet-test-1\n bar:\n type: aws:ec2:Subnet\n properties:\n cidrBlock: 10.1.2.0/24\n availabilityZone: us-west-2b\n vpcId: ${foo.id}\n tags:\n Name: tf-dbsubnet-test-2\n fooSubnetGroup:\n type: aws:redshift:SubnetGroup\n name: foo\n properties:\n name: foo\n subnetIds:\n - ${fooSubnet.id}\n - ${bar.id}\n tags:\n environment: Production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift subnet groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:redshift/subnetGroup:SubnetGroup testgroup1 test-cluster-subnet-group\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Subnet group name\n" }, "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "name", "subnetIds", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "subnetIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubnetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Subnet group name\n" }, "description": { "type": "string", "description": "The description of the Redshift Subnet group. Defaults to \"Managed by Pulumi\".\n", "default": "Managed by Pulumi" }, "name": { "type": "string", "description": "The name of the Redshift Subnet group.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshift/usageLimit:UsageLimit": { "description": "Creates a new Amazon Redshift Usage Limit.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.UsageLimit(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.id,\n featureType: \"concurrency-scaling\",\n limitType: \"time\",\n amount: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.UsageLimit(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"id\"],\n feature_type=\"concurrency-scaling\",\n limit_type=\"time\",\n amount=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.UsageLimit(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.Id,\n FeatureType = \"concurrency-scaling\",\n LimitType = \"time\",\n Amount = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.NewUsageLimit(ctx, \"example\", \u0026redshift.UsageLimitArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.Id),\n\t\t\tFeatureType: pulumi.String(\"concurrency-scaling\"),\n\t\t\tLimitType: pulumi.String(\"time\"),\n\t\t\tAmount: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.UsageLimit;\nimport com.pulumi.aws.redshift.UsageLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UsageLimit(\"example\", UsageLimitArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.id())\n .featureType(\"concurrency-scaling\")\n .limitType(\"time\")\n .amount(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:UsageLimit\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.id}\n featureType: concurrency-scaling\n limitType: time\n amount: 60\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift usage limits using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshift/usageLimit:UsageLimit example example-id\n```\n", "properties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in minutes. If data-based, this amount is in terabytes (TB). The value must be a positive number.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Usage Limit.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift takes when the limit is reached. The default is `log`. Valid values are `log`, `emit-metric`, and `disable`.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the cluster that you want to limit usage.\n" }, "featureType": { "type": "string", "description": "The Amazon Redshift feature that you want to limit. Valid values are `spectrum`, `concurrency-scaling`, and `cross-region-datasharing`.\n" }, "limitType": { "type": "string", "description": "The type of limit. Depending on the feature type, this can be based on a time duration or data size. If FeatureType is `spectrum`, then LimitType must be `data-scanned`. If FeatureType is `concurrency-scaling`, then LimitType must be `time`. If FeatureType is `cross-region-datasharing`, then LimitType must be `data-scanned`. Valid values are `data-scanned`, and `time`.\n" }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. The default is `monthly`. Valid values are `daily`, `weekly`, and `monthly`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "amount", "arn", "clusterIdentifier", "featureType", "limitType", "tagsAll" ], "inputProperties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in minutes. If data-based, this amount is in terabytes (TB). The value must be a positive number.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift takes when the limit is reached. The default is `log`. Valid values are `log`, `emit-metric`, and `disable`.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the cluster that you want to limit usage.\n", "willReplaceOnChanges": true }, "featureType": { "type": "string", "description": "The Amazon Redshift feature that you want to limit. Valid values are `spectrum`, `concurrency-scaling`, and `cross-region-datasharing`.\n", "willReplaceOnChanges": true }, "limitType": { "type": "string", "description": "The type of limit. Depending on the feature type, this can be based on a time duration or data size. If FeatureType is `spectrum`, then LimitType must be `data-scanned`. If FeatureType is `concurrency-scaling`, then LimitType must be `time`. If FeatureType is `cross-region-datasharing`, then LimitType must be `data-scanned`. Valid values are `data-scanned`, and `time`.\n", "willReplaceOnChanges": true }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. The default is `monthly`. Valid values are `daily`, `weekly`, and `monthly`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "amount", "clusterIdentifier", "featureType", "limitType" ], "stateInputs": { "description": "Input properties used for looking up and filtering UsageLimit resources.\n", "properties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in minutes. If data-based, this amount is in terabytes (TB). The value must be a positive number.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Usage Limit.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift takes when the limit is reached. The default is `log`. Valid values are `log`, `emit-metric`, and `disable`.\n" }, "clusterIdentifier": { "type": "string", "description": "The identifier of the cluster that you want to limit usage.\n", "willReplaceOnChanges": true }, "featureType": { "type": "string", "description": "The Amazon Redshift feature that you want to limit. Valid values are `spectrum`, `concurrency-scaling`, and `cross-region-datasharing`.\n", "willReplaceOnChanges": true }, "limitType": { "type": "string", "description": "The type of limit. Depending on the feature type, this can be based on a time duration or data size. If FeatureType is `spectrum`, then LimitType must be `data-scanned`. If FeatureType is `concurrency-scaling`, then LimitType must be `time`. If FeatureType is `cross-region-datasharing`, then LimitType must be `data-scanned`. Valid values are `data-scanned`, and `time`.\n", "willReplaceOnChanges": true }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. The default is `monthly`. Valid values are `daily`, `weekly`, and `monthly`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshiftdata/statement:Statement": { "description": "Executes a Redshift Data Statement.\n\n## Example Usage\n\n### cluster_identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftdata.Statement(\"example\", {\n clusterIdentifier: exampleAwsRedshiftCluster.clusterIdentifier,\n database: exampleAwsRedshiftCluster.databaseName,\n dbUser: exampleAwsRedshiftCluster.masterUsername,\n sql: \"CREATE GROUP group_name;\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftdata.Statement(\"example\",\n cluster_identifier=example_aws_redshift_cluster[\"clusterIdentifier\"],\n database=example_aws_redshift_cluster[\"databaseName\"],\n db_user=example_aws_redshift_cluster[\"masterUsername\"],\n sql=\"CREATE GROUP group_name;\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftData.Statement(\"example\", new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.ClusterIdentifier,\n Database = exampleAwsRedshiftCluster.DatabaseName,\n DbUser = exampleAwsRedshiftCluster.MasterUsername,\n Sql = \"CREATE GROUP group_name;\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftdata\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftdata.NewStatement(ctx, \"example\", \u0026redshiftdata.StatementArgs{\n\t\t\tClusterIdentifier: pulumi.Any(exampleAwsRedshiftCluster.ClusterIdentifier),\n\t\t\tDatabase: pulumi.Any(exampleAwsRedshiftCluster.DatabaseName),\n\t\t\tDbUser: pulumi.Any(exampleAwsRedshiftCluster.MasterUsername),\n\t\t\tSql: pulumi.String(\"CREATE GROUP group_name;\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftdata.Statement;\nimport com.pulumi.aws.redshiftdata.StatementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Statement(\"example\", StatementArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.clusterIdentifier())\n .database(exampleAwsRedshiftCluster.databaseName())\n .dbUser(exampleAwsRedshiftCluster.masterUsername())\n .sql(\"CREATE GROUP group_name;\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftdata:Statement\n properties:\n clusterIdentifier: ${exampleAwsRedshiftCluster.clusterIdentifier}\n database: ${exampleAwsRedshiftCluster.databaseName}\n dbUser: ${exampleAwsRedshiftCluster.masterUsername}\n sql: CREATE GROUP group_name;\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### workgroup_name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftdata.Statement(\"example\", {\n workgroupName: exampleAwsRedshiftserverlessWorkgroup.workgroupName,\n database: \"dev\",\n sql: \"CREATE GROUP group_name;\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftdata.Statement(\"example\",\n workgroup_name=example_aws_redshiftserverless_workgroup[\"workgroupName\"],\n database=\"dev\",\n sql=\"CREATE GROUP group_name;\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftData.Statement(\"example\", new()\n {\n WorkgroupName = exampleAwsRedshiftserverlessWorkgroup.WorkgroupName,\n Database = \"dev\",\n Sql = \"CREATE GROUP group_name;\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftdata\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftdata.NewStatement(ctx, \"example\", \u0026redshiftdata.StatementArgs{\n\t\t\tWorkgroupName: pulumi.Any(exampleAwsRedshiftserverlessWorkgroup.WorkgroupName),\n\t\t\tDatabase: pulumi.String(\"dev\"),\n\t\t\tSql: pulumi.String(\"CREATE GROUP group_name;\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftdata.Statement;\nimport com.pulumi.aws.redshiftdata.StatementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Statement(\"example\", StatementArgs.builder()\n .workgroupName(exampleAwsRedshiftserverlessWorkgroup.workgroupName())\n .database(\"dev\")\n .sql(\"CREATE GROUP group_name;\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftdata:Statement\n properties:\n workgroupName: ${exampleAwsRedshiftserverlessWorkgroup.workgroupName}\n database: dev\n sql: CREATE GROUP group_name;\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Data Statements using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshiftdata/statement:Statement example example\n```\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier. This parameter is required when connecting to a cluster and authenticating using either Secrets Manager or temporary credentials.\n" }, "database": { "type": "string", "description": "The name of the database.\n" }, "dbUser": { "type": "string", "description": "The database user name.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftdata/StatementParameter:StatementParameter" } }, "secretArn": { "type": "string", "description": "The name or ARN of the secret that enables access to the database.\n" }, "sql": { "type": "string", "description": "The SQL statement text to run.\n\nThe following arguments are optional:\n" }, "statementName": { "type": "string", "description": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.\n" }, "withEvent": { "type": "boolean", "description": "A value that indicates whether to send an event to the Amazon EventBridge event bus after the SQL statement runs.\n" }, "workgroupName": { "type": "string", "description": "The serverless workgroup name. This parameter is required when connecting to a serverless workgroup and authenticating using either Secrets Manager or temporary credentials.\n" } }, "required": [ "database", "sql" ], "inputProperties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier. This parameter is required when connecting to a cluster and authenticating using either Secrets Manager or temporary credentials.\n", "willReplaceOnChanges": true }, "database": { "type": "string", "description": "The name of the database.\n", "willReplaceOnChanges": true }, "dbUser": { "type": "string", "description": "The database user name.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftdata/StatementParameter:StatementParameter" }, "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The name or ARN of the secret that enables access to the database.\n", "willReplaceOnChanges": true }, "sql": { "type": "string", "description": "The SQL statement text to run.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "statementName": { "type": "string", "description": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.\n", "willReplaceOnChanges": true }, "withEvent": { "type": "boolean", "description": "A value that indicates whether to send an event to the Amazon EventBridge event bus after the SQL statement runs.\n", "willReplaceOnChanges": true }, "workgroupName": { "type": "string", "description": "The serverless workgroup name. This parameter is required when connecting to a serverless workgroup and authenticating using either Secrets Manager or temporary credentials.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "database", "sql" ], "stateInputs": { "description": "Input properties used for looking up and filtering Statement resources.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "The cluster identifier. This parameter is required when connecting to a cluster and authenticating using either Secrets Manager or temporary credentials.\n", "willReplaceOnChanges": true }, "database": { "type": "string", "description": "The name of the database.\n", "willReplaceOnChanges": true }, "dbUser": { "type": "string", "description": "The database user name.\n", "willReplaceOnChanges": true }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftdata/StatementParameter:StatementParameter" }, "willReplaceOnChanges": true }, "secretArn": { "type": "string", "description": "The name or ARN of the secret that enables access to the database.\n", "willReplaceOnChanges": true }, "sql": { "type": "string", "description": "The SQL statement text to run.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "statementName": { "type": "string", "description": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.\n", "willReplaceOnChanges": true }, "withEvent": { "type": "boolean", "description": "A value that indicates whether to send an event to the Amazon EventBridge event bus after the SQL statement runs.\n", "willReplaceOnChanges": true }, "workgroupName": { "type": "string", "description": "The serverless workgroup name. This parameter is required when connecting to a serverless workgroup and authenticating using either Secrets Manager or temporary credentials.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshiftserverless/customDomainAssociation:CustomDomainAssociation": { "description": "Resource for managing an AWS Redshift Serverless Custom Domain Association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acm.Certificate(\"example\", {domainName: \"example.com\"});\nconst exampleNamespace = new aws.redshiftserverless.Namespace(\"example\", {namespaceName: \"example-namespace\"});\nconst exampleWorkgroup = new aws.redshiftserverless.Workgroup(\"example\", {\n workgroupName: \"example-workgroup\",\n namespaceName: exampleNamespace.namespaceName,\n});\nconst exampleCustomDomainAssociation = new aws.redshiftserverless.CustomDomainAssociation(\"example\", {\n workgroupName: exampleWorkgroup.workgroupName,\n customDomainName: \"example.com\",\n customDomainCertificateArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acm.Certificate(\"example\", domain_name=\"example.com\")\nexample_namespace = aws.redshiftserverless.Namespace(\"example\", namespace_name=\"example-namespace\")\nexample_workgroup = aws.redshiftserverless.Workgroup(\"example\",\n workgroup_name=\"example-workgroup\",\n namespace_name=example_namespace.namespace_name)\nexample_custom_domain_association = aws.redshiftserverless.CustomDomainAssociation(\"example\",\n workgroup_name=example_workgroup.workgroup_name,\n custom_domain_name=\"example.com\",\n custom_domain_certificate_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acm.Certificate(\"example\", new()\n {\n DomainName = \"example.com\",\n });\n\n var exampleNamespace = new Aws.RedshiftServerless.Namespace(\"example\", new()\n {\n NamespaceName = \"example-namespace\",\n });\n\n var exampleWorkgroup = new Aws.RedshiftServerless.Workgroup(\"example\", new()\n {\n WorkgroupName = \"example-workgroup\",\n NamespaceName = exampleNamespace.NamespaceName,\n });\n\n var exampleCustomDomainAssociation = new Aws.RedshiftServerless.CustomDomainAssociation(\"example\", new()\n {\n WorkgroupName = exampleWorkgroup.WorkgroupName,\n CustomDomainName = \"example.com\",\n CustomDomainCertificateArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acm.NewCertificate(ctx, \"example\", \u0026acm.CertificateArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleNamespace, err := redshiftserverless.NewNamespace(ctx, \"example\", \u0026redshiftserverless.NamespaceArgs{\n\t\t\tNamespaceName: pulumi.String(\"example-namespace\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkgroup, err := redshiftserverless.NewWorkgroup(ctx, \"example\", \u0026redshiftserverless.WorkgroupArgs{\n\t\t\tWorkgroupName: pulumi.String(\"example-workgroup\"),\n\t\t\tNamespaceName: exampleNamespace.NamespaceName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshiftserverless.NewCustomDomainAssociation(ctx, \"example\", \u0026redshiftserverless.CustomDomainAssociationArgs{\n\t\t\tWorkgroupName: exampleWorkgroup.WorkgroupName,\n\t\t\tCustomDomainName: pulumi.String(\"example.com\"),\n\t\t\tCustomDomainCertificateArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.Certificate;\nimport com.pulumi.aws.acm.CertificateArgs;\nimport com.pulumi.aws.redshiftserverless.Namespace;\nimport com.pulumi.aws.redshiftserverless.NamespaceArgs;\nimport com.pulumi.aws.redshiftserverless.Workgroup;\nimport com.pulumi.aws.redshiftserverless.WorkgroupArgs;\nimport com.pulumi.aws.redshiftserverless.CustomDomainAssociation;\nimport com.pulumi.aws.redshiftserverless.CustomDomainAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Certificate(\"example\", CertificateArgs.builder()\n .domainName(\"example.com\")\n .build());\n\n var exampleNamespace = new Namespace(\"exampleNamespace\", NamespaceArgs.builder()\n .namespaceName(\"example-namespace\")\n .build());\n\n var exampleWorkgroup = new Workgroup(\"exampleWorkgroup\", WorkgroupArgs.builder()\n .workgroupName(\"example-workgroup\")\n .namespaceName(exampleNamespace.namespaceName())\n .build());\n\n var exampleCustomDomainAssociation = new CustomDomainAssociation(\"exampleCustomDomainAssociation\", CustomDomainAssociationArgs.builder()\n .workgroupName(exampleWorkgroup.workgroupName())\n .customDomainName(\"example.com\")\n .customDomainCertificateArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acm:Certificate\n properties:\n domainName: example.com\n exampleNamespace:\n type: aws:redshiftserverless:Namespace\n name: example\n properties:\n namespaceName: example-namespace\n exampleWorkgroup:\n type: aws:redshiftserverless:Workgroup\n name: example\n properties:\n workgroupName: example-workgroup\n namespaceName: ${exampleNamespace.namespaceName}\n exampleCustomDomainAssociation:\n type: aws:redshiftserverless:CustomDomainAssociation\n name: example\n properties:\n workgroupName: ${exampleWorkgroup.workgroupName}\n customDomainName: example.com\n customDomainCertificateArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Custom Domain Association using the `workgroup_name` and `custom_domain_name`, separated by the coma. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/customDomainAssociation:CustomDomainAssociation example example-workgroup,example.com\n```\n", "properties": { "customDomainCertificateArn": { "type": "string", "description": "ARN of the certificate for the custom domain association.\n" }, "customDomainCertificateExpiryTime": { "type": "string", "description": "Expiration time for the certificate.\n" }, "customDomainName": { "type": "string", "description": "Custom domain to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "Name of the workgroup.\n" } }, "required": [ "customDomainCertificateArn", "customDomainCertificateExpiryTime", "customDomainName", "workgroupName" ], "inputProperties": { "customDomainCertificateArn": { "type": "string", "description": "ARN of the certificate for the custom domain association.\n" }, "customDomainName": { "type": "string", "description": "Custom domain to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "Name of the workgroup.\n" } }, "requiredInputs": [ "customDomainCertificateArn", "customDomainName", "workgroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomDomainAssociation resources.\n", "properties": { "customDomainCertificateArn": { "type": "string", "description": "ARN of the certificate for the custom domain association.\n" }, "customDomainCertificateExpiryTime": { "type": "string", "description": "Expiration time for the certificate.\n" }, "customDomainName": { "type": "string", "description": "Custom domain to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "Name of the workgroup.\n" } }, "type": "object" } }, "aws:redshiftserverless/endpointAccess:EndpointAccess": { "description": "Creates a new Amazon Redshift Serverless Endpoint Access.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.EndpointAccess(\"example\", {\n endpointName: \"example\",\n workgroupName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.EndpointAccess(\"example\",\n endpoint_name=\"example\",\n workgroup_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.EndpointAccess(\"example\", new()\n {\n EndpointName = \"example\",\n WorkgroupName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.NewEndpointAccess(ctx, \"example\", \u0026redshiftserverless.EndpointAccessArgs{\n\t\t\tEndpointName: pulumi.String(\"example\"),\n\t\t\tWorkgroupName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.EndpointAccess;\nimport com.pulumi.aws.redshiftserverless.EndpointAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointAccess(\"example\", EndpointAccessArgs.builder()\n .endpointName(\"example\")\n .workgroupName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:EndpointAccess\n properties:\n endpointName: example\n workgroupName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Endpoint Access using the `endpoint_name`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/endpointAccess:EndpointAccess example example\n```\n", "properties": { "address": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Endpoint Access.\n" }, "endpointName": { "type": "string", "description": "The name of the endpoint.\n" }, "ownerAccount": { "type": "string", "description": "The owner Amazon Web Services account for the Amazon Redshift Serverless workgroup.\n" }, "port": { "type": "integer", "description": "The port that Amazon Redshift Serverless listens on.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the endpoint.\n" }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint" }, "description": "The VPC endpoint or the Redshift Serverless workgroup. See `VPC Endpoint` below.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n" } }, "required": [ "address", "arn", "endpointName", "port", "subnetIds", "vpcEndpoints", "vpcSecurityGroupIds", "workgroupName" ], "inputProperties": { "endpointName": { "type": "string", "description": "The name of the endpoint.\n", "willReplaceOnChanges": true }, "ownerAccount": { "type": "string", "description": "The owner Amazon Web Services account for the Amazon Redshift Serverless workgroup.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the endpoint.\n", "willReplaceOnChanges": true }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "endpointName", "subnetIds", "workgroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointAccess resources.\n", "properties": { "address": { "type": "string", "description": "The DNS address of the VPC endpoint.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Endpoint Access.\n" }, "endpointName": { "type": "string", "description": "The name of the endpoint.\n", "willReplaceOnChanges": true }, "ownerAccount": { "type": "string", "description": "The owner Amazon Web Services account for the Amazon Redshift Serverless workgroup.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port that Amazon Redshift Serverless listens on.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the endpoint.\n", "willReplaceOnChanges": true }, "vpcEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/EndpointAccessVpcEndpoint:EndpointAccessVpcEndpoint" }, "description": "The VPC endpoint or the Redshift Serverless workgroup. See `VPC Endpoint` below.\n" }, "vpcSecurityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshiftserverless/namespace:Namespace": { "description": "Creates a new Amazon Redshift Serverless Namespace.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.Namespace(\"example\", {namespaceName: \"concurrency-scaling\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.Namespace(\"example\", namespace_name=\"concurrency-scaling\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.Namespace(\"example\", new()\n {\n NamespaceName = \"concurrency-scaling\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.NewNamespace(ctx, \"example\", \u0026redshiftserverless.NamespaceArgs{\n\t\t\tNamespaceName: pulumi.String(\"concurrency-scaling\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.Namespace;\nimport com.pulumi.aws.redshiftserverless.NamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Namespace(\"example\", NamespaceArgs.builder()\n .namespaceName(\"concurrency-scaling\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:Namespace\n properties:\n namespaceName: concurrency-scaling\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Namespaces using the `namespace_name`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/namespace:Namespace example example\n```\n", "properties": { "adminPasswordSecretArn": { "type": "string" }, "adminPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the namespace's admin credentials secret.\n" }, "adminUserPassword": { "type": "string", "description": "The password of the administrator for the first database created in the namespace.\nConflicts with `manage_admin_password`.\n", "secret": true }, "adminUsername": { "type": "string", "description": "The username of the administrator for the first database created in the namespace.\n", "secret": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Namespace.\n" }, "dbName": { "type": "string", "description": "The name of the first database created in the namespace.\n" }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace. When specifying `default_iam_role_arn`, it also must be part of `iam_roles`.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles to associate with the namespace.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the Amazon Web Services Key Management Service key used to encrypt your data.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "The types of logs the namespace can export. Available export types are `userlog`, `connectionlog`, and `useractivitylog`.\n" }, "manageAdminPassword": { "type": "boolean", "description": "Whether to use AWS SecretManager to manage namespace's admin credentials.\nConflicts with `admin_user_password`.\n" }, "namespaceId": { "type": "string", "description": "The Redshift Namespace ID.\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "adminPasswordSecretArn", "adminPasswordSecretKmsKeyId", "adminUsername", "arn", "dbName", "iamRoles", "kmsKeyId", "namespaceId", "namespaceName", "tagsAll" ], "inputProperties": { "adminPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the namespace's admin credentials secret.\n" }, "adminUserPassword": { "type": "string", "description": "The password of the administrator for the first database created in the namespace.\nConflicts with `manage_admin_password`.\n", "secret": true }, "adminUsername": { "type": "string", "description": "The username of the administrator for the first database created in the namespace.\n", "secret": true }, "dbName": { "type": "string", "description": "The name of the first database created in the namespace.\n", "willReplaceOnChanges": true }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace. When specifying `default_iam_role_arn`, it also must be part of `iam_roles`.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles to associate with the namespace.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the Amazon Web Services Key Management Service key used to encrypt your data.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "The types of logs the namespace can export. Available export types are `userlog`, `connectionlog`, and `useractivitylog`.\n" }, "manageAdminPassword": { "type": "boolean", "description": "Whether to use AWS SecretManager to manage namespace's admin credentials.\nConflicts with `admin_user_password`.\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "namespaceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Namespace resources.\n", "properties": { "adminPasswordSecretArn": { "type": "string" }, "adminPasswordSecretKmsKeyId": { "type": "string", "description": "ID of the KMS key used to encrypt the namespace's admin credentials secret.\n" }, "adminUserPassword": { "type": "string", "description": "The password of the administrator for the first database created in the namespace.\nConflicts with `manage_admin_password`.\n", "secret": true }, "adminUsername": { "type": "string", "description": "The username of the administrator for the first database created in the namespace.\n", "secret": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Namespace.\n" }, "dbName": { "type": "string", "description": "The name of the first database created in the namespace.\n", "willReplaceOnChanges": true }, "defaultIamRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace. When specifying `default_iam_role_arn`, it also must be part of `iam_roles`.\n" }, "iamRoles": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles to associate with the namespace.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN of the Amazon Web Services Key Management Service key used to encrypt your data.\n" }, "logExports": { "type": "array", "items": { "type": "string" }, "description": "The types of logs the namespace can export. Available export types are `userlog`, `connectionlog`, and `useractivitylog`.\n" }, "manageAdminPassword": { "type": "boolean", "description": "Whether to use AWS SecretManager to manage namespace's admin credentials.\nConflicts with `admin_user_password`.\n" }, "namespaceId": { "type": "string", "description": "The Redshift Namespace ID.\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:redshiftserverless/resourcePolicy:ResourcePolicy": { "description": "Creates a new Amazon Redshift Serverless Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftserverlessSnapshot.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n AWS: [\"12345678901\"],\n },\n Action: [\"redshift-serverless:RestoreFromSnapshot\"],\n Sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshiftserverless_snapshot[\"arn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": [\"12345678901\"],\n },\n \"Action\": [\"redshift-serverless:RestoreFromSnapshot\"],\n \"Sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftserverlessSnapshot.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"12345678901\",\n },\n },\n [\"Action\"] = new[]\n {\n \"redshift-serverless:RestoreFromSnapshot\",\n },\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"12345678901\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"redshift-serverless:RestoreFromSnapshot\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshiftserverless.NewResourcePolicy(ctx, \"example\", \u0026redshiftserverless.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftserverlessSnapshot.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicy;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder()\n .resourceArn(exampleAwsRedshiftserverlessSnapshot.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\"12345678901\"))\n )),\n jsonProperty(\"Action\", jsonArray(\"redshift-serverless:RestoreFromSnapshot\")),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftserverlessSnapshot.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n AWS:\n - '12345678901'\n Action:\n - redshift-serverless:RestoreFromSnapshot\n Sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/resourcePolicy:ResourcePolicy example example\n```\n", "properties": { "policy": { "type": "string", "description": "The policy to create or update. For example, the following policy grants a user authorization to restore a snapshot.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "The policy to create or update. For example, the following policy grants a user authorization to restore a snapshot.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The policy to create or update. For example, the following policy grants a user authorization to restore a snapshot.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the account to create or update a resource policy for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshiftserverless/snapshot:Snapshot": { "description": "Creates a new Amazon Redshift Serverless Snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.Snapshot(\"example\", {\n namespaceName: exampleAwsRedshiftserverlessWorkgroup.namespaceName,\n snapshotName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.Snapshot(\"example\",\n namespace_name=example_aws_redshiftserverless_workgroup[\"namespaceName\"],\n snapshot_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.Snapshot(\"example\", new()\n {\n NamespaceName = exampleAwsRedshiftserverlessWorkgroup.NamespaceName,\n SnapshotName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.NewSnapshot(ctx, \"example\", \u0026redshiftserverless.SnapshotArgs{\n\t\t\tNamespaceName: pulumi.Any(exampleAwsRedshiftserverlessWorkgroup.NamespaceName),\n\t\t\tSnapshotName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.Snapshot;\nimport com.pulumi.aws.redshiftserverless.SnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Snapshot(\"example\", SnapshotArgs.builder()\n .namespaceName(exampleAwsRedshiftserverlessWorkgroup.namespaceName())\n .snapshotName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:Snapshot\n properties:\n namespaceName: ${exampleAwsRedshiftserverlessWorkgroup.namespaceName}\n snapshotName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Snapshots using the `snapshot_name`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/snapshot:Snapshot example example\n```\n", "properties": { "accountsWithProvisionedRestoreAccesses": { "type": "array", "items": { "type": "string" }, "description": "All of the Amazon Web Services accounts that have access to restore a snapshot to a provisioned cluster.\n" }, "accountsWithRestoreAccesses": { "type": "array", "items": { "type": "string" }, "description": "All of the Amazon Web Services accounts that have access to restore a snapshot to a namespace.\n" }, "adminUsername": { "type": "string", "description": "The username of the database within a snapshot.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier of the KMS key used to encrypt the snapshot.\n" }, "namespaceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.\n" }, "namespaceName": { "type": "string", "description": "The namespace to create a snapshot for.\n" }, "ownerAccount": { "type": "string", "description": "The owner Amazon Web Services; account of the snapshot.\n" }, "retentionPeriod": { "type": "integer", "description": "How long to retain the created snapshot. Default value is `-1`.\n" }, "snapshotName": { "type": "string", "description": "The name of the snapshot.\n" } }, "required": [ "accountsWithProvisionedRestoreAccesses", "accountsWithRestoreAccesses", "adminUsername", "arn", "kmsKeyId", "namespaceArn", "namespaceName", "ownerAccount", "snapshotName" ], "inputProperties": { "namespaceName": { "type": "string", "description": "The namespace to create a snapshot for.\n", "willReplaceOnChanges": true }, "retentionPeriod": { "type": "integer", "description": "How long to retain the created snapshot. Default value is `-1`.\n" }, "snapshotName": { "type": "string", "description": "The name of the snapshot.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "namespaceName", "snapshotName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Snapshot resources.\n", "properties": { "accountsWithProvisionedRestoreAccesses": { "type": "array", "items": { "type": "string" }, "description": "All of the Amazon Web Services accounts that have access to restore a snapshot to a provisioned cluster.\n" }, "accountsWithRestoreAccesses": { "type": "array", "items": { "type": "string" }, "description": "All of the Amazon Web Services accounts that have access to restore a snapshot to a namespace.\n" }, "adminUsername": { "type": "string", "description": "The username of the database within a snapshot.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the snapshot.\n" }, "kmsKeyId": { "type": "string", "description": "The unique identifier of the KMS key used to encrypt the snapshot.\n" }, "namespaceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.\n" }, "namespaceName": { "type": "string", "description": "The namespace to create a snapshot for.\n", "willReplaceOnChanges": true }, "ownerAccount": { "type": "string", "description": "The owner Amazon Web Services; account of the snapshot.\n" }, "retentionPeriod": { "type": "integer", "description": "How long to retain the created snapshot. Default value is `-1`.\n" }, "snapshotName": { "type": "string", "description": "The name of the snapshot.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:redshiftserverless/usageLimit:UsageLimit": { "description": "Creates a new Amazon Redshift Serverless Usage Limit.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.Workgroup(\"example\", {\n namespaceName: exampleAwsRedshiftserverlessNamespace.namespaceName,\n workgroupName: \"example\",\n});\nconst exampleUsageLimit = new aws.redshiftserverless.UsageLimit(\"example\", {\n resourceArn: example.arn,\n usageType: \"serverless-compute\",\n amount: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.Workgroup(\"example\",\n namespace_name=example_aws_redshiftserverless_namespace[\"namespaceName\"],\n workgroup_name=\"example\")\nexample_usage_limit = aws.redshiftserverless.UsageLimit(\"example\",\n resource_arn=example.arn,\n usage_type=\"serverless-compute\",\n amount=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.Workgroup(\"example\", new()\n {\n NamespaceName = exampleAwsRedshiftserverlessNamespace.NamespaceName,\n WorkgroupName = \"example\",\n });\n\n var exampleUsageLimit = new Aws.RedshiftServerless.UsageLimit(\"example\", new()\n {\n ResourceArn = example.Arn,\n UsageType = \"serverless-compute\",\n Amount = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := redshiftserverless.NewWorkgroup(ctx, \"example\", \u0026redshiftserverless.WorkgroupArgs{\n\t\t\tNamespaceName: pulumi.Any(exampleAwsRedshiftserverlessNamespace.NamespaceName),\n\t\t\tWorkgroupName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redshiftserverless.NewUsageLimit(ctx, \"example\", \u0026redshiftserverless.UsageLimitArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tUsageType: pulumi.String(\"serverless-compute\"),\n\t\t\tAmount: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.Workgroup;\nimport com.pulumi.aws.redshiftserverless.WorkgroupArgs;\nimport com.pulumi.aws.redshiftserverless.UsageLimit;\nimport com.pulumi.aws.redshiftserverless.UsageLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workgroup(\"example\", WorkgroupArgs.builder()\n .namespaceName(exampleAwsRedshiftserverlessNamespace.namespaceName())\n .workgroupName(\"example\")\n .build());\n\n var exampleUsageLimit = new UsageLimit(\"exampleUsageLimit\", UsageLimitArgs.builder()\n .resourceArn(example.arn())\n .usageType(\"serverless-compute\")\n .amount(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:Workgroup\n properties:\n namespaceName: ${exampleAwsRedshiftserverlessNamespace.namespaceName}\n workgroupName: example\n exampleUsageLimit:\n type: aws:redshiftserverless:UsageLimit\n name: example\n properties:\n resourceArn: ${example.arn}\n usageType: serverless-compute\n amount: 60\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Usage Limits using the `id`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/usageLimit:UsageLimit example example-id\n```\n", "properties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in Redshift Processing Units (RPU) consumed per hour. If data-based, this amount is in terabytes (TB) of data transferred between Regions in cross-account sharing. The value must be a positive number.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Usage Limit.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift Serverless takes when the limit is reached. Valid values are `log`, `emit-metric`, and `deactivate`. The default is `log`.\n" }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. Valid values are `daily`, `weekly`, and `monthly`. The default is `monthly`.\n" }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Redshift Serverless resource to create the usage limit for.\n" }, "usageType": { "type": "string", "description": "The type of Amazon Redshift Serverless usage to create a usage limit for. Valid values are `serverless-compute` or `cross-region-datasharing`.\n" } }, "required": [ "amount", "arn", "resourceArn", "usageType" ], "inputProperties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in Redshift Processing Units (RPU) consumed per hour. If data-based, this amount is in terabytes (TB) of data transferred between Regions in cross-account sharing. The value must be a positive number.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift Serverless takes when the limit is reached. Valid values are `log`, `emit-metric`, and `deactivate`. The default is `log`.\n" }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. Valid values are `daily`, `weekly`, and `monthly`. The default is `monthly`.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Redshift Serverless resource to create the usage limit for.\n", "willReplaceOnChanges": true }, "usageType": { "type": "string", "description": "The type of Amazon Redshift Serverless usage to create a usage limit for. Valid values are `serverless-compute` or `cross-region-datasharing`.\n" } }, "requiredInputs": [ "amount", "resourceArn", "usageType" ], "stateInputs": { "description": "Input properties used for looking up and filtering UsageLimit resources.\n", "properties": { "amount": { "type": "integer", "description": "The limit amount. If time-based, this amount is in Redshift Processing Units (RPU) consumed per hour. If data-based, this amount is in terabytes (TB) of data transferred between Regions in cross-account sharing. The value must be a positive number.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Usage Limit.\n" }, "breachAction": { "type": "string", "description": "The action that Amazon Redshift Serverless takes when the limit is reached. Valid values are `log`, `emit-metric`, and `deactivate`. The default is `log`.\n" }, "period": { "type": "string", "description": "The time period that the amount applies to. A weekly period begins on Sunday. Valid values are `daily`, `weekly`, and `monthly`. The default is `monthly`.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon Redshift Serverless resource to create the usage limit for.\n", "willReplaceOnChanges": true }, "usageType": { "type": "string", "description": "The type of Amazon Redshift Serverless usage to create a usage limit for. Valid values are `serverless-compute` or `cross-region-datasharing`.\n" } }, "type": "object" } }, "aws:redshiftserverless/workgroup:Workgroup": { "description": "Creates a new Amazon Redshift Serverless Workgroup.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.Workgroup(\"example\", {\n namespaceName: \"concurrency-scaling\",\n workgroupName: \"concurrency-scaling\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.Workgroup(\"example\",\n namespace_name=\"concurrency-scaling\",\n workgroup_name=\"concurrency-scaling\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.Workgroup(\"example\", new()\n {\n NamespaceName = \"concurrency-scaling\",\n WorkgroupName = \"concurrency-scaling\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.NewWorkgroup(ctx, \"example\", \u0026redshiftserverless.WorkgroupArgs{\n\t\t\tNamespaceName: pulumi.String(\"concurrency-scaling\"),\n\t\t\tWorkgroupName: pulumi.String(\"concurrency-scaling\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.Workgroup;\nimport com.pulumi.aws.redshiftserverless.WorkgroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workgroup(\"example\", WorkgroupArgs.builder()\n .namespaceName(\"concurrency-scaling\")\n .workgroupName(\"concurrency-scaling\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:Workgroup\n properties:\n namespaceName: concurrency-scaling\n workgroupName: concurrency-scaling\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Workgroups using the `workgroup_name`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/workgroup:Workgroup example example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Workgroup.\n" }, "baseCapacity": { "type": "integer", "description": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).\n" }, "configParameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupConfigParameter:WorkgroupConfigParameter" }, "description": "An array of parameters to set for more control over a serverless database. See `Config Parameter` below.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupEndpoint:WorkgroupEndpoint" }, "description": "The endpoint that is created from the workgroup. See `Endpoint` below.\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC instead of over the internet.\n" }, "maxCapacity": { "type": "integer", "description": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries, specified in Redshift Processing Units (RPUs).\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n" }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "A value that specifies whether the workgroup can be accessed from a public network.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the workgroup. When set, must contain at least three subnets spanning three Availability Zones. A minimum number of IP addresses is required and scales with the Base Capacity. For more information, see the following [AWS document](https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-known-issues.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workgroupId": { "type": "string", "description": "The Redshift Workgroup ID.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "baseCapacity", "configParameters", "endpoints", "namespaceName", "port", "securityGroupIds", "subnetIds", "tagsAll", "workgroupId", "workgroupName" ], "inputProperties": { "baseCapacity": { "type": "integer", "description": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).\n" }, "configParameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupConfigParameter:WorkgroupConfigParameter" }, "description": "An array of parameters to set for more control over a serverless database. See `Config Parameter` below.\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC instead of over the internet.\n" }, "maxCapacity": { "type": "integer", "description": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries, specified in Redshift Processing Units (RPUs).\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "A value that specifies whether the workgroup can be accessed from a public network.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the workgroup. When set, must contain at least three subnets spanning three Availability Zones. A minimum number of IP addresses is required and scales with the Base Capacity. For more information, see the following [AWS document](https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-known-issues.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "namespaceName", "workgroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workgroup resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Redshift Serverless Workgroup.\n" }, "baseCapacity": { "type": "integer", "description": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).\n" }, "configParameters": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupConfigParameter:WorkgroupConfigParameter" }, "description": "An array of parameters to set for more control over a serverless database. See `Config Parameter` below.\n" }, "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:redshiftserverless/WorkgroupEndpoint:WorkgroupEndpoint" }, "description": "The endpoint that is created from the workgroup. See `Endpoint` below.\n" }, "enhancedVpcRouting": { "type": "boolean", "description": "The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC instead of over the internet.\n" }, "maxCapacity": { "type": "integer", "description": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries, specified in Redshift Processing Units (RPUs).\n" }, "namespaceName": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port number on which the cluster accepts incoming connections.\n" }, "publiclyAccessible": { "type": "boolean", "description": "A value that specifies whether the workgroup can be accessed from a public network.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "An array of security group IDs to associate with the workgroup.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "An array of VPC subnet IDs to associate with the workgroup. When set, must contain at least three subnets spanning three Availability Zones. A minimum number of IP addresses is required and scales with the Base Capacity. For more information, see the following [AWS document](https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-known-issues.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workgroupId": { "type": "string", "description": "The Redshift Workgroup ID.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:rekognition/collection:Collection": { "description": "Resource for managing an AWS Rekognition Collection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rekognition.Collection(\"example\", {\n collectionId: \"my-collection\",\n tags: {\n example: \"1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rekognition.Collection(\"example\",\n collection_id=\"my-collection\",\n tags={\n \"example\": \"1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rekognition.Collection(\"example\", new()\n {\n CollectionId = \"my-collection\",\n Tags = \n {\n { \"example\", \"1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rekognition\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rekognition.NewCollection(ctx, \"example\", \u0026rekognition.CollectionArgs{\n\t\t\tCollectionId: pulumi.String(\"my-collection\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"example\": pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rekognition.Collection;\nimport com.pulumi.aws.rekognition.CollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Collection(\"example\", CollectionArgs.builder()\n .collectionId(\"my-collection\")\n .tags(Map.of(\"example\", 1))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rekognition:Collection\n properties:\n collectionId: my-collection\n tags:\n example: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Rekognition Collection using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:rekognition/collection:Collection example collection-id-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Collection.\n" }, "collectionId": { "type": "string", "description": "The name of the collection\n\nThe following arguments are optional:\n" }, "faceModelVersion": { "type": "string", "description": "The Face Model Version that the collection was initialized with\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:rekognition/CollectionTimeouts:CollectionTimeouts" } }, "required": [ "arn", "collectionId", "faceModelVersion", "tagsAll" ], "inputProperties": { "collectionId": { "type": "string", "description": "The name of the collection\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:rekognition/CollectionTimeouts:CollectionTimeouts" } }, "requiredInputs": [ "collectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Collection resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Collection.\n" }, "collectionId": { "type": "string", "description": "The name of the collection\n\nThe following arguments are optional:\n" }, "faceModelVersion": { "type": "string", "description": "The Face Model Version that the collection was initialized with\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:rekognition/CollectionTimeouts:CollectionTimeouts" } }, "type": "object" } }, "aws:rekognition/project:Project": { "description": "Resource for managing an AWS Rekognition Project.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rekognition.Project(\"example\", {\n name: \"example-project\",\n autoUpdate: \"ENABLED\",\n feature: \"CONTENT_MODERATION\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rekognition.Project(\"example\",\n name=\"example-project\",\n auto_update=\"ENABLED\",\n feature=\"CONTENT_MODERATION\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rekognition.Project(\"example\", new()\n {\n Name = \"example-project\",\n AutoUpdate = \"ENABLED\",\n Feature = \"CONTENT_MODERATION\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rekognition\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rekognition.NewProject(ctx, \"example\", \u0026rekognition.ProjectArgs{\n\t\t\tName: pulumi.String(\"example-project\"),\n\t\t\tAutoUpdate: pulumi.String(\"ENABLED\"),\n\t\t\tFeature: pulumi.String(\"CONTENT_MODERATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rekognition.Project;\nimport com.pulumi.aws.rekognition.ProjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .name(\"example-project\")\n .autoUpdate(\"ENABLED\")\n .feature(\"CONTENT_MODERATION\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rekognition:Project\n properties:\n name: example-project\n autoUpdate: ENABLED\n feature: CONTENT_MODERATION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Rekognition Project using the `name`. For example:\n\n```sh\n$ pulumi import aws:rekognition/project:Project example project-id-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Project.\n" }, "autoUpdate": { "type": "string", "description": "Specify if automatic retraining should occur. Valid values are `ENABLED` or `DISABLED`. Defaults to `DISABLED`\n" }, "feature": { "type": "string", "description": "Specify the feature being customized. Valid values are `CONTENT_MODERATION` or `CUSTOM_LABELS`. Defaults to `CUSTOM_LABELS`\n" }, "name": { "type": "string", "description": "Desired name of the project\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:rekognition/ProjectTimeouts:ProjectTimeouts" } }, "required": [ "arn", "autoUpdate", "name" ], "inputProperties": { "autoUpdate": { "type": "string", "description": "Specify if automatic retraining should occur. Valid values are `ENABLED` or `DISABLED`. Defaults to `DISABLED`\n" }, "feature": { "type": "string", "description": "Specify the feature being customized. Valid values are `CONTENT_MODERATION` or `CUSTOM_LABELS`. Defaults to `CUSTOM_LABELS`\n" }, "name": { "type": "string", "description": "Desired name of the project\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:rekognition/ProjectTimeouts:ProjectTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Project.\n" }, "autoUpdate": { "type": "string", "description": "Specify if automatic retraining should occur. Valid values are `ENABLED` or `DISABLED`. Defaults to `DISABLED`\n" }, "feature": { "type": "string", "description": "Specify the feature being customized. Valid values are `CONTENT_MODERATION` or `CUSTOM_LABELS`. Defaults to `CUSTOM_LABELS`\n" }, "name": { "type": "string", "description": "Desired name of the project\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:rekognition/ProjectTimeouts:ProjectTimeouts" } }, "type": "object" } }, "aws:rekognition/streamProcessor:StreamProcessor": { "description": "Resource for managing an AWS Rekognition Stream Processor.\n\n\u003e This resource must be configured specifically for your use case, and not all options are compatible with one another. See [Stream Processor API documentation](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor.html#rekognition-CreateStreamProcessor-request-Input) for configuration information.\n\n\u003e Stream Processors configured for Face Recognition cannot have _any_ properties updated after the fact, and it will result in an AWS API error.\n\n## Example Usage\n\n### Label Detection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example-bucket\"});\nconst exampleTopic = new aws.sns.Topic(\"example\", {name: \"example-topic\"});\nconst exampleVideoStream = new aws.kinesis.VideoStream(\"example\", {\n name: \"example-kinesis-input\",\n dataRetentionInHours: 1,\n deviceName: \"kinesis-video-device-name\",\n mediaType: \"video/h264\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n inlinePolicies: [{\n name: \"Rekognition-Access\",\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: [\"s3:PutObject\"],\n Effect: \"Allow\",\n Resource: [pulumi.interpolate`${example.arn}/*`],\n },\n {\n Action: [\"sns:Publish\"],\n Effect: \"Allow\",\n Resource: [exampleTopic.arn],\n },\n {\n Action: [\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n ],\n Effect: \"Allow\",\n Resource: [exampleVideoStream.arn],\n },\n ],\n }),\n }],\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"rekognition.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleStreamProcessor = new aws.rekognition.StreamProcessor(\"example\", {\n roleArn: exampleRole.arn,\n name: \"example-processor\",\n dataSharingPreference: {\n optIn: false,\n },\n output: {\n s3Destination: {\n bucket: example.bucket,\n },\n },\n settings: {\n connectedHome: {\n labels: [\n \"PERSON\",\n \"PET\",\n ],\n },\n },\n input: {\n kinesisVideoStream: {\n arn: exampleVideoStream.arn,\n },\n },\n notificationChannel: {\n snsTopicArn: exampleTopic.arn,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example-bucket\")\nexample_topic = aws.sns.Topic(\"example\", name=\"example-topic\")\nexample_video_stream = aws.kinesis.VideoStream(\"example\",\n name=\"example-kinesis-input\",\n data_retention_in_hours=1,\n device_name=\"kinesis-video-device-name\",\n media_type=\"video/h264\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n inline_policies=[{\n \"name\": \"Rekognition-Access\",\n \"policy\": pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [\n {\n \"action\": [\"s3:PutObject\"],\n \"effect\": \"Allow\",\n \"resource\": [example.arn.apply(lambda arn: f\"{arn}/*\")],\n },\n {\n \"Action\": [\"sns:Publish\"],\n \"Effect\": \"Allow\",\n \"Resource\": [example_topic.arn],\n },\n {\n \"Action\": [\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [example_video_stream.arn],\n },\n ],\n }),\n }],\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"rekognition.amazonaws.com\",\n },\n }],\n }))\nexample_stream_processor = aws.rekognition.StreamProcessor(\"example\",\n role_arn=example_role.arn,\n name=\"example-processor\",\n data_sharing_preference={\n \"opt_in\": False,\n },\n output={\n \"s3_destination\": {\n \"bucket\": example.bucket,\n },\n },\n settings={\n \"connected_home\": {\n \"labels\": [\n \"PERSON\",\n \"PET\",\n ],\n },\n },\n input={\n \"kinesis_video_stream\": {\n \"arn\": example_video_stream.arn,\n },\n },\n notification_channel={\n \"sns_topic_arn\": example_topic.arn,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-bucket\",\n });\n\n var exampleTopic = new Aws.Sns.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleVideoStream = new Aws.Kinesis.VideoStream(\"example\", new()\n {\n Name = \"example-kinesis-input\",\n DataRetentionInHours = 1,\n DeviceName = \"kinesis-video-device-name\",\n MediaType = \"video/h264\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"Rekognition-Access\",\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"s3:PutObject\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n example.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"sns:Publish\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n exampleTopic.Arn,\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n exampleVideoStream.Arn,\n },\n },\n },\n })),\n },\n },\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"rekognition.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleStreamProcessor = new Aws.Rekognition.StreamProcessor(\"example\", new()\n {\n RoleArn = exampleRole.Arn,\n Name = \"example-processor\",\n DataSharingPreference = new Aws.Rekognition.Inputs.StreamProcessorDataSharingPreferenceArgs\n {\n OptIn = false,\n },\n Output = new Aws.Rekognition.Inputs.StreamProcessorOutputArgs\n {\n S3Destination = new Aws.Rekognition.Inputs.StreamProcessorOutputS3DestinationArgs\n {\n Bucket = example.Bucket,\n },\n },\n Settings = new Aws.Rekognition.Inputs.StreamProcessorSettingsArgs\n {\n ConnectedHome = new Aws.Rekognition.Inputs.StreamProcessorSettingsConnectedHomeArgs\n {\n Labels = new[]\n {\n \"PERSON\",\n \"PET\",\n },\n },\n },\n Input = new Aws.Rekognition.Inputs.StreamProcessorInputArgs\n {\n KinesisVideoStream = new Aws.Rekognition.Inputs.StreamProcessorInputKinesisVideoStreamArgs\n {\n Arn = exampleVideoStream.Arn,\n },\n },\n NotificationChannel = new Aws.Rekognition.Inputs.StreamProcessorNotificationChannelArgs\n {\n SnsTopicArn = exampleTopic.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rekognition\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := sns.NewTopic(ctx, \"example\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVideoStream, err := kinesis.NewVideoStream(ctx, \"example\", \u0026kinesis.VideoStreamArgs{\n\t\t\tName: pulumi.String(\"example-kinesis-input\"),\n\t\t\tDataRetentionInHours: pulumi.Int(1),\n\t\t\tDeviceName: pulumi.String(\"kinesis-video-device-name\"),\n\t\t\tMediaType: pulumi.String(\"video/h264\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"rekognition.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"Rekognition-Access\"),\n\t\t\t\t\tPolicy: pulumi.All(example.Arn, exampleTopic.Arn, exampleVideoStream.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\t\texampleArn := _args[0].(string)\n\t\t\t\t\t\texampleTopicArn := _args[1].(string)\n\t\t\t\t\t\texampleVideoStreamArn := _args[2].(string)\n\t\t\t\t\t\tvar _zero string\n\t\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\t\t\"Statement\": []interface{}{\n\t\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleArn),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\t\t\"sns:Publish\",\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\t\t\texampleTopicArn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\t\t\"kinesis:Get*\",\n\t\t\t\t\t\t\t\t\t\t\"kinesis:DescribeStreamSummary\",\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\t\t\texampleVideoStreamArn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t})\n\t\t\t\t\t\tif err != nil {\n\t\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t\t}\n\t\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\t\treturn json1, nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rekognition.NewStreamProcessor(ctx, \"example\", \u0026rekognition.StreamProcessorArgs{\n\t\t\tRoleArn: exampleRole.Arn,\n\t\t\tName: pulumi.String(\"example-processor\"),\n\t\t\tDataSharingPreference: \u0026rekognition.StreamProcessorDataSharingPreferenceArgs{\n\t\t\t\tOptIn: pulumi.Bool(false),\n\t\t\t},\n\t\t\tOutput: \u0026rekognition.StreamProcessorOutputTypeArgs{\n\t\t\t\tS3Destination: \u0026rekognition.StreamProcessorOutputS3DestinationArgs{\n\t\t\t\t\tBucket: example.Bucket,\n\t\t\t\t},\n\t\t\t},\n\t\t\tSettings: \u0026rekognition.StreamProcessorSettingsArgs{\n\t\t\t\tConnectedHome: \u0026rekognition.StreamProcessorSettingsConnectedHomeArgs{\n\t\t\t\t\tLabels: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"PERSON\"),\n\t\t\t\t\t\tpulumi.String(\"PET\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tInput: \u0026rekognition.StreamProcessorInputTypeArgs{\n\t\t\t\tKinesisVideoStream: \u0026rekognition.StreamProcessorInputKinesisVideoStreamArgs{\n\t\t\t\t\tArn: exampleVideoStream.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tNotificationChannel: \u0026rekognition.StreamProcessorNotificationChannelArgs{\n\t\t\t\tSnsTopicArn: exampleTopic.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.kinesis.VideoStream;\nimport com.pulumi.aws.kinesis.VideoStreamArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.rekognition.StreamProcessor;\nimport com.pulumi.aws.rekognition.StreamProcessorArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorDataSharingPreferenceArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorOutputArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorOutputS3DestinationArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorSettingsArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorSettingsConnectedHomeArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorInputArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorInputKinesisVideoStreamArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorNotificationChannelArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-bucket\")\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleVideoStream = new VideoStream(\"exampleVideoStream\", VideoStreamArgs.builder()\n .name(\"example-kinesis-input\")\n .dataRetentionInHours(1)\n .deviceName(\"kinesis-video-device-name\")\n .mediaType(\"video/h264\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example-role\")\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"Rekognition-Access\")\n .policy(Output.tuple(example.arn(), exampleTopic.arn(), exampleVideoStream.arn()).applyValue(values -\u003e {\n var exampleArn = values.t1;\n var exampleTopicArn = values.t2;\n var exampleVideoStreamArn = values.t3;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\"s3:PutObject\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(String.format(\"%s/*\", exampleArn)))\n ), \n jsonObject(\n jsonProperty(\"Action\", jsonArray(\"sns:Publish\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(exampleTopicArn))\n ), \n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kinesis:Get*\", \n \"kinesis:DescribeStreamSummary\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(exampleVideoStreamArn))\n )\n ))\n ));\n }))\n .build())\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"rekognition.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleStreamProcessor = new StreamProcessor(\"exampleStreamProcessor\", StreamProcessorArgs.builder()\n .roleArn(exampleRole.arn())\n .name(\"example-processor\")\n .dataSharingPreference(StreamProcessorDataSharingPreferenceArgs.builder()\n .optIn(false)\n .build())\n .output(StreamProcessorOutputArgs.builder()\n .s3Destination(StreamProcessorOutputS3DestinationArgs.builder()\n .bucket(example.bucket())\n .build())\n .build())\n .settings(StreamProcessorSettingsArgs.builder()\n .connectedHome(StreamProcessorSettingsConnectedHomeArgs.builder()\n .labels( \n \"PERSON\",\n \"PET\")\n .build())\n .build())\n .input(StreamProcessorInputArgs.builder()\n .kinesisVideoStream(StreamProcessorInputKinesisVideoStreamArgs.builder()\n .arn(exampleVideoStream.arn())\n .build())\n .build())\n .notificationChannel(StreamProcessorNotificationChannelArgs.builder()\n .snsTopicArn(exampleTopic.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-bucket\n exampleTopic:\n type: aws:sns:Topic\n name: example\n properties:\n name: example-topic\n exampleVideoStream:\n type: aws:kinesis:VideoStream\n name: example\n properties:\n name: example-kinesis-input\n dataRetentionInHours: 1\n deviceName: kinesis-video-device-name\n mediaType: video/h264\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n inlinePolicies:\n - name: Rekognition-Access\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - s3:PutObject\n Effect: Allow\n Resource:\n - ${example.arn}/*\n - Action:\n - sns:Publish\n Effect: Allow\n Resource:\n - ${exampleTopic.arn}\n - Action:\n - kinesis:Get*\n - kinesis:DescribeStreamSummary\n Effect: Allow\n Resource:\n - ${exampleVideoStream.arn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: rekognition.amazonaws.com\n exampleStreamProcessor:\n type: aws:rekognition:StreamProcessor\n name: example\n properties:\n roleArn: ${exampleRole.arn}\n name: example-processor\n dataSharingPreference:\n optIn: false\n output:\n s3Destination:\n bucket: ${example.bucket}\n settings:\n connectedHome:\n labels:\n - PERSON\n - PET\n input:\n kinesisVideoStream:\n arn: ${exampleVideoStream.arn}\n notificationChannel:\n snsTopicArn: ${exampleTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Face Detection Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kinesis.VideoStream(\"example\", {\n name: \"example-kinesis-input\",\n dataRetentionInHours: 1,\n deviceName: \"kinesis-video-device-name\",\n mediaType: \"video/h264\",\n});\nconst exampleStream = new aws.kinesis.Stream(\"example\", {\n name: \"pulumi-kinesis-example\",\n shardCount: 1,\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n inlinePolicies: [{\n name: \"Rekognition-Access\",\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: [\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n ],\n Effect: \"Allow\",\n Resource: [example.arn],\n },\n {\n Action: [\"kinesis:PutRecord\"],\n Effect: \"Allow\",\n Resource: [exampleStream.arn],\n },\n ],\n }),\n }],\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"rekognition.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleCollection = new aws.rekognition.Collection(\"example\", {collectionId: \"example-collection\"});\nconst exampleStreamProcessor = new aws.rekognition.StreamProcessor(\"example\", {\n roleArn: exampleRole.arn,\n name: \"example-processor\",\n dataSharingPreference: {\n optIn: false,\n },\n regionsOfInterests: [{\n polygons: [\n {\n x: 0.5,\n y: 0.5,\n },\n {\n x: 0.5,\n y: 0.5,\n },\n {\n x: 0.5,\n y: 0.5,\n },\n ],\n }],\n input: {\n kinesisVideoStream: {\n arn: example.arn,\n },\n },\n output: {\n kinesisDataStream: {\n arn: exampleStream.arn,\n },\n },\n settings: {\n faceSearch: {\n collectionId: exampleCollection.id,\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kinesis.VideoStream(\"example\",\n name=\"example-kinesis-input\",\n data_retention_in_hours=1,\n device_name=\"kinesis-video-device-name\",\n media_type=\"video/h264\")\nexample_stream = aws.kinesis.Stream(\"example\",\n name=\"pulumi-kinesis-example\",\n shard_count=1)\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n inline_policies=[{\n \"name\": \"Rekognition-Access\",\n \"policy\": pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [\n {\n \"action\": [\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n ],\n \"effect\": \"Allow\",\n \"resource\": [example.arn],\n },\n {\n \"Action\": [\"kinesis:PutRecord\"],\n \"Effect\": \"Allow\",\n \"Resource\": [example_stream.arn],\n },\n ],\n }),\n }],\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"rekognition.amazonaws.com\",\n },\n }],\n }))\nexample_collection = aws.rekognition.Collection(\"example\", collection_id=\"example-collection\")\nexample_stream_processor = aws.rekognition.StreamProcessor(\"example\",\n role_arn=example_role.arn,\n name=\"example-processor\",\n data_sharing_preference={\n \"opt_in\": False,\n },\n regions_of_interests=[{\n \"polygons\": [\n {\n \"x\": 0.5,\n \"y\": 0.5,\n },\n {\n \"x\": 0.5,\n \"y\": 0.5,\n },\n {\n \"x\": 0.5,\n \"y\": 0.5,\n },\n ],\n }],\n input={\n \"kinesis_video_stream\": {\n \"arn\": example.arn,\n },\n },\n output={\n \"kinesis_data_stream\": {\n \"arn\": example_stream.arn,\n },\n },\n settings={\n \"face_search\": {\n \"collection_id\": example_collection.id,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kinesis.VideoStream(\"example\", new()\n {\n Name = \"example-kinesis-input\",\n DataRetentionInHours = 1,\n DeviceName = \"kinesis-video-device-name\",\n MediaType = \"video/h264\",\n });\n\n var exampleStream = new Aws.Kinesis.Stream(\"example\", new()\n {\n Name = \"pulumi-kinesis-example\",\n ShardCount = 1,\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"Rekognition-Access\",\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kinesis:Get*\",\n \"kinesis:DescribeStreamSummary\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n example.Arn,\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kinesis:PutRecord\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n exampleStream.Arn,\n },\n },\n },\n })),\n },\n },\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"rekognition.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleCollection = new Aws.Rekognition.Collection(\"example\", new()\n {\n CollectionId = \"example-collection\",\n });\n\n var exampleStreamProcessor = new Aws.Rekognition.StreamProcessor(\"example\", new()\n {\n RoleArn = exampleRole.Arn,\n Name = \"example-processor\",\n DataSharingPreference = new Aws.Rekognition.Inputs.StreamProcessorDataSharingPreferenceArgs\n {\n OptIn = false,\n },\n RegionsOfInterests = new[]\n {\n new Aws.Rekognition.Inputs.StreamProcessorRegionsOfInterestArgs\n {\n Polygons = new[]\n {\n new Aws.Rekognition.Inputs.StreamProcessorRegionsOfInterestPolygonArgs\n {\n X = 0.5,\n Y = 0.5,\n },\n new Aws.Rekognition.Inputs.StreamProcessorRegionsOfInterestPolygonArgs\n {\n X = 0.5,\n Y = 0.5,\n },\n new Aws.Rekognition.Inputs.StreamProcessorRegionsOfInterestPolygonArgs\n {\n X = 0.5,\n Y = 0.5,\n },\n },\n },\n },\n Input = new Aws.Rekognition.Inputs.StreamProcessorInputArgs\n {\n KinesisVideoStream = new Aws.Rekognition.Inputs.StreamProcessorInputKinesisVideoStreamArgs\n {\n Arn = example.Arn,\n },\n },\n Output = new Aws.Rekognition.Inputs.StreamProcessorOutputArgs\n {\n KinesisDataStream = new Aws.Rekognition.Inputs.StreamProcessorOutputKinesisDataStreamArgs\n {\n Arn = exampleStream.Arn,\n },\n },\n Settings = new Aws.Rekognition.Inputs.StreamProcessorSettingsArgs\n {\n FaceSearch = new Aws.Rekognition.Inputs.StreamProcessorSettingsFaceSearchArgs\n {\n CollectionId = exampleCollection.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rekognition\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kinesis.NewVideoStream(ctx, \"example\", \u0026kinesis.VideoStreamArgs{\n\t\t\tName: pulumi.String(\"example-kinesis-input\"),\n\t\t\tDataRetentionInHours: pulumi.Int(1),\n\t\t\tDeviceName: pulumi.String(\"kinesis-video-device-name\"),\n\t\t\tMediaType: pulumi.String(\"video/h264\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStream, err := kinesis.NewStream(ctx, \"example\", \u0026kinesis.StreamArgs{\n\t\t\tName: pulumi.String(\"pulumi-kinesis-example\"),\n\t\t\tShardCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"rekognition.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"Rekognition-Access\"),\n\t\t\t\t\tPolicy: pulumi.All(example.Arn, exampleStream.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\t\texampleArn := _args[0].(string)\n\t\t\t\t\t\texampleStreamArn := _args[1].(string)\n\t\t\t\t\t\tvar _zero string\n\t\t\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\t\t\"Statement\": []interface{}{\n\t\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\t\t\"kinesis:Get*\",\n\t\t\t\t\t\t\t\t\t\t\"kinesis:DescribeStreamSummary\",\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\t\t\texampleArn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\t\t\"kinesis:PutRecord\",\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\t\t\texampleStreamArn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t})\n\t\t\t\t\t\tif err != nil {\n\t\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t\t}\n\t\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\t\treturn json1, nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCollection, err := rekognition.NewCollection(ctx, \"example\", \u0026rekognition.CollectionArgs{\n\t\t\tCollectionId: pulumi.String(\"example-collection\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rekognition.NewStreamProcessor(ctx, \"example\", \u0026rekognition.StreamProcessorArgs{\n\t\t\tRoleArn: exampleRole.Arn,\n\t\t\tName: pulumi.String(\"example-processor\"),\n\t\t\tDataSharingPreference: \u0026rekognition.StreamProcessorDataSharingPreferenceArgs{\n\t\t\t\tOptIn: pulumi.Bool(false),\n\t\t\t},\n\t\t\tRegionsOfInterests: rekognition.StreamProcessorRegionsOfInterestArray{\n\t\t\t\t\u0026rekognition.StreamProcessorRegionsOfInterestArgs{\n\t\t\t\t\tPolygons: rekognition.StreamProcessorRegionsOfInterestPolygonArray{\n\t\t\t\t\t\t\u0026rekognition.StreamProcessorRegionsOfInterestPolygonArgs{\n\t\t\t\t\t\t\tX: pulumi.Float64(0.5),\n\t\t\t\t\t\t\tY: pulumi.Float64(0.5),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026rekognition.StreamProcessorRegionsOfInterestPolygonArgs{\n\t\t\t\t\t\t\tX: pulumi.Float64(0.5),\n\t\t\t\t\t\t\tY: pulumi.Float64(0.5),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026rekognition.StreamProcessorRegionsOfInterestPolygonArgs{\n\t\t\t\t\t\t\tX: pulumi.Float64(0.5),\n\t\t\t\t\t\t\tY: pulumi.Float64(0.5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tInput: \u0026rekognition.StreamProcessorInputTypeArgs{\n\t\t\t\tKinesisVideoStream: \u0026rekognition.StreamProcessorInputKinesisVideoStreamArgs{\n\t\t\t\t\tArn: example.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tOutput: \u0026rekognition.StreamProcessorOutputTypeArgs{\n\t\t\t\tKinesisDataStream: \u0026rekognition.StreamProcessorOutputKinesisDataStreamArgs{\n\t\t\t\t\tArn: exampleStream.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tSettings: \u0026rekognition.StreamProcessorSettingsArgs{\n\t\t\t\tFaceSearch: \u0026rekognition.StreamProcessorSettingsFaceSearchArgs{\n\t\t\t\t\tCollectionId: exampleCollection.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.VideoStream;\nimport com.pulumi.aws.kinesis.VideoStreamArgs;\nimport com.pulumi.aws.kinesis.Stream;\nimport com.pulumi.aws.kinesis.StreamArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.rekognition.Collection;\nimport com.pulumi.aws.rekognition.CollectionArgs;\nimport com.pulumi.aws.rekognition.StreamProcessor;\nimport com.pulumi.aws.rekognition.StreamProcessorArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorDataSharingPreferenceArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorRegionsOfInterestArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorInputArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorInputKinesisVideoStreamArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorOutputArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorOutputKinesisDataStreamArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorSettingsArgs;\nimport com.pulumi.aws.rekognition.inputs.StreamProcessorSettingsFaceSearchArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VideoStream(\"example\", VideoStreamArgs.builder()\n .name(\"example-kinesis-input\")\n .dataRetentionInHours(1)\n .deviceName(\"kinesis-video-device-name\")\n .mediaType(\"video/h264\")\n .build());\n\n var exampleStream = new Stream(\"exampleStream\", StreamArgs.builder()\n .name(\"pulumi-kinesis-example\")\n .shardCount(1)\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example-role\")\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"Rekognition-Access\")\n .policy(Output.tuple(example.arn(), exampleStream.arn()).applyValue(values -\u003e {\n var exampleArn = values.t1;\n var exampleStreamArn = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kinesis:Get*\", \n \"kinesis:DescribeStreamSummary\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(exampleArn))\n ), \n jsonObject(\n jsonProperty(\"Action\", jsonArray(\"kinesis:PutRecord\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(exampleStreamArn))\n )\n ))\n ));\n }))\n .build())\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"rekognition.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleCollection = new Collection(\"exampleCollection\", CollectionArgs.builder()\n .collectionId(\"example-collection\")\n .build());\n\n var exampleStreamProcessor = new StreamProcessor(\"exampleStreamProcessor\", StreamProcessorArgs.builder()\n .roleArn(exampleRole.arn())\n .name(\"example-processor\")\n .dataSharingPreference(StreamProcessorDataSharingPreferenceArgs.builder()\n .optIn(false)\n .build())\n .regionsOfInterests(StreamProcessorRegionsOfInterestArgs.builder()\n .polygons( \n StreamProcessorRegionsOfInterestPolygonArgs.builder()\n .x(0.5)\n .y(0.5)\n .build(),\n StreamProcessorRegionsOfInterestPolygonArgs.builder()\n .x(0.5)\n .y(0.5)\n .build(),\n StreamProcessorRegionsOfInterestPolygonArgs.builder()\n .x(0.5)\n .y(0.5)\n .build())\n .build())\n .input(StreamProcessorInputArgs.builder()\n .kinesisVideoStream(StreamProcessorInputKinesisVideoStreamArgs.builder()\n .arn(example.arn())\n .build())\n .build())\n .output(StreamProcessorOutputArgs.builder()\n .kinesisDataStream(StreamProcessorOutputKinesisDataStreamArgs.builder()\n .arn(exampleStream.arn())\n .build())\n .build())\n .settings(StreamProcessorSettingsArgs.builder()\n .faceSearch(StreamProcessorSettingsFaceSearchArgs.builder()\n .collectionId(exampleCollection.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kinesis:VideoStream\n properties:\n name: example-kinesis-input\n dataRetentionInHours: 1\n deviceName: kinesis-video-device-name\n mediaType: video/h264\n exampleStream:\n type: aws:kinesis:Stream\n name: example\n properties:\n name: pulumi-kinesis-example\n shardCount: 1\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n inlinePolicies:\n - name: Rekognition-Access\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - kinesis:Get*\n - kinesis:DescribeStreamSummary\n Effect: Allow\n Resource:\n - ${example.arn}\n - Action:\n - kinesis:PutRecord\n Effect: Allow\n Resource:\n - ${exampleStream.arn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: rekognition.amazonaws.com\n exampleCollection:\n type: aws:rekognition:Collection\n name: example\n properties:\n collectionId: example-collection\n exampleStreamProcessor:\n type: aws:rekognition:StreamProcessor\n name: example\n properties:\n roleArn: ${exampleRole.arn}\n name: example-processor\n dataSharingPreference:\n optIn: false\n regionsOfInterests:\n - polygons:\n - x: 0.5\n y: 0.5\n - x: 0.5\n y: 0.5\n - x: 0.5\n y: 0.5\n input:\n kinesisVideoStream:\n arn: ${example.arn}\n output:\n kinesisDataStream:\n arn: ${exampleStream.arn}\n settings:\n faceSearch:\n collectionId: ${exampleCollection.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Rekognition Stream Processor using the `name`. For example:\n\n```sh\n$ pulumi import aws:rekognition/streamProcessor:StreamProcessor example my-stream\n```\n", "properties": { "dataSharingPreference": { "$ref": "#/types/aws:rekognition/StreamProcessorDataSharingPreference:StreamProcessorDataSharingPreference", "description": "See `data_sharing_preference`.\n" }, "input": { "$ref": "#/types/aws:rekognition/StreamProcessorInput:StreamProcessorInput", "description": "Input video stream. See `input`.\n" }, "kmsKeyId": { "type": "string", "description": "Optional parameter for label detection stream processors.\n" }, "name": { "type": "string", "description": "The name of the Stream Processor.\n" }, "notificationChannel": { "$ref": "#/types/aws:rekognition/StreamProcessorNotificationChannel:StreamProcessorNotificationChannel", "description": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the completion status. See `notification_channel`.\n" }, "output": { "$ref": "#/types/aws:rekognition/StreamProcessorOutput:StreamProcessorOutput", "description": "Kinesis data stream stream or Amazon S3 bucket location to which Amazon Rekognition Video puts the analysis results. See `output`.\n" }, "regionsOfInterests": { "type": "array", "items": { "$ref": "#/types/aws:rekognition/StreamProcessorRegionsOfInterest:StreamProcessorRegionsOfInterest" }, "description": "Specifies locations in the frames where Amazon Rekognition checks for objects or people. See `regions_of_interest`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Number (ARN) of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions for a Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a label detection stream processor. This is required for both face search and label detection stream processors.\n" }, "settings": { "$ref": "#/types/aws:rekognition/StreamProcessorSettings:StreamProcessorSettings", "description": "Input parameters used in a streaming video analyzed by a stream processor. See `settings`.\n\nThe following arguments are optional:\n" }, "streamProcessorArn": { "type": "string", "description": "ARN of the Stream Processor.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:rekognition/StreamProcessorTimeouts:StreamProcessorTimeouts" } }, "required": [ "name", "roleArn", "streamProcessorArn", "tagsAll" ], "inputProperties": { "dataSharingPreference": { "$ref": "#/types/aws:rekognition/StreamProcessorDataSharingPreference:StreamProcessorDataSharingPreference", "description": "See `data_sharing_preference`.\n" }, "input": { "$ref": "#/types/aws:rekognition/StreamProcessorInput:StreamProcessorInput", "description": "Input video stream. See `input`.\n" }, "kmsKeyId": { "type": "string", "description": "Optional parameter for label detection stream processors.\n" }, "name": { "type": "string", "description": "The name of the Stream Processor.\n" }, "notificationChannel": { "$ref": "#/types/aws:rekognition/StreamProcessorNotificationChannel:StreamProcessorNotificationChannel", "description": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the completion status. See `notification_channel`.\n" }, "output": { "$ref": "#/types/aws:rekognition/StreamProcessorOutput:StreamProcessorOutput", "description": "Kinesis data stream stream or Amazon S3 bucket location to which Amazon Rekognition Video puts the analysis results. See `output`.\n" }, "regionsOfInterests": { "type": "array", "items": { "$ref": "#/types/aws:rekognition/StreamProcessorRegionsOfInterest:StreamProcessorRegionsOfInterest" }, "description": "Specifies locations in the frames where Amazon Rekognition checks for objects or people. See `regions_of_interest`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Number (ARN) of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions for a Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a label detection stream processor. This is required for both face search and label detection stream processors.\n" }, "settings": { "$ref": "#/types/aws:rekognition/StreamProcessorSettings:StreamProcessorSettings", "description": "Input parameters used in a streaming video analyzed by a stream processor. See `settings`.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:rekognition/StreamProcessorTimeouts:StreamProcessorTimeouts" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StreamProcessor resources.\n", "properties": { "dataSharingPreference": { "$ref": "#/types/aws:rekognition/StreamProcessorDataSharingPreference:StreamProcessorDataSharingPreference", "description": "See `data_sharing_preference`.\n" }, "input": { "$ref": "#/types/aws:rekognition/StreamProcessorInput:StreamProcessorInput", "description": "Input video stream. See `input`.\n" }, "kmsKeyId": { "type": "string", "description": "Optional parameter for label detection stream processors.\n" }, "name": { "type": "string", "description": "The name of the Stream Processor.\n" }, "notificationChannel": { "$ref": "#/types/aws:rekognition/StreamProcessorNotificationChannel:StreamProcessorNotificationChannel", "description": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the completion status. See `notification_channel`.\n" }, "output": { "$ref": "#/types/aws:rekognition/StreamProcessorOutput:StreamProcessorOutput", "description": "Kinesis data stream stream or Amazon S3 bucket location to which Amazon Rekognition Video puts the analysis results. See `output`.\n" }, "regionsOfInterests": { "type": "array", "items": { "$ref": "#/types/aws:rekognition/StreamProcessorRegionsOfInterest:StreamProcessorRegionsOfInterest" }, "description": "Specifies locations in the frames where Amazon Rekognition checks for objects or people. See `regions_of_interest`.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Number (ARN) of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions for a Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a label detection stream processor. This is required for both face search and label detection stream processors.\n" }, "settings": { "$ref": "#/types/aws:rekognition/StreamProcessorSettings:StreamProcessorSettings", "description": "Input parameters used in a streaming video analyzed by a stream processor. See `settings`.\n\nThe following arguments are optional:\n" }, "streamProcessorArn": { "type": "string", "description": "ARN of the Stream Processor.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:rekognition/StreamProcessorTimeouts:StreamProcessorTimeouts" } }, "type": "object" } }, "aws:resourceexplorer/index:Index": { "description": "Provides a resource to manage a Resource Explorer index in the current AWS Region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.resourceexplorer.Index(\"example\", {type: \"LOCAL\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.resourceexplorer.Index(\"example\", type=\"LOCAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ResourceExplorer.Index(\"example\", new()\n {\n Type = \"LOCAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourceexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourceexplorer.NewIndex(ctx, \"example\", \u0026resourceexplorer.IndexArgs{\n\t\t\tType: pulumi.String(\"LOCAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourceexplorer.Index;\nimport com.pulumi.aws.resourceexplorer.IndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .type(\"LOCAL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:resourceexplorer:Index\n properties:\n type: LOCAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Resource Explorer indexes using the `arn`. For example:\n\n```sh\n$ pulumi import aws:resourceexplorer/index:Index example arn:aws:resource-explorer-2:us-east-1:123456789012:index/6047ac4e-207e-4487-9bcf-cb53bb0ff5cc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Resource Explorer index.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:resourceexplorer/IndexTimeouts:IndexTimeouts" }, "type": { "type": "string", "description": "The type of the index. Valid values: `AGGREGATOR`, `LOCAL`. To understand the difference between `LOCAL` and `AGGREGATOR`, see the [_AWS Resource Explorer User Guide_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html).\n" } }, "required": [ "arn", "tagsAll", "type" ], "inputProperties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:resourceexplorer/IndexTimeouts:IndexTimeouts" }, "type": { "type": "string", "description": "The type of the index. Valid values: `AGGREGATOR`, `LOCAL`. To understand the difference between `LOCAL` and `AGGREGATOR`, see the [_AWS Resource Explorer User Guide_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html).\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Index resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Resource Explorer index.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:resourceexplorer/IndexTimeouts:IndexTimeouts" }, "type": { "type": "string", "description": "The type of the index. Valid values: `AGGREGATOR`, `LOCAL`. To understand the difference between `LOCAL` and `AGGREGATOR`, see the [_AWS Resource Explorer User Guide_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html).\n" } }, "type": "object" } }, "aws:resourceexplorer/view:View": { "description": "Provides a resource to manage a Resource Explorer view.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.resourceexplorer.Index(\"example\", {type: \"LOCAL\"});\nconst exampleView = new aws.resourceexplorer.View(\"example\", {\n name: \"exampleview\",\n filters: {\n filterString: \"resourcetype:ec2:instance\",\n },\n includedProperties: [{\n name: \"tags\",\n }],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.resourceexplorer.Index(\"example\", type=\"LOCAL\")\nexample_view = aws.resourceexplorer.View(\"example\",\n name=\"exampleview\",\n filters={\n \"filter_string\": \"resourcetype:ec2:instance\",\n },\n included_properties=[{\n \"name\": \"tags\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ResourceExplorer.Index(\"example\", new()\n {\n Type = \"LOCAL\",\n });\n\n var exampleView = new Aws.ResourceExplorer.View(\"example\", new()\n {\n Name = \"exampleview\",\n Filters = new Aws.ResourceExplorer.Inputs.ViewFiltersArgs\n {\n FilterString = \"resourcetype:ec2:instance\",\n },\n IncludedProperties = new[]\n {\n new Aws.ResourceExplorer.Inputs.ViewIncludedPropertyArgs\n {\n Name = \"tags\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourceexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := resourceexplorer.NewIndex(ctx, \"example\", \u0026resourceexplorer.IndexArgs{\n\t\t\tType: pulumi.String(\"LOCAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = resourceexplorer.NewView(ctx, \"example\", \u0026resourceexplorer.ViewArgs{\n\t\t\tName: pulumi.String(\"exampleview\"),\n\t\t\tFilters: \u0026resourceexplorer.ViewFiltersArgs{\n\t\t\t\tFilterString: pulumi.String(\"resourcetype:ec2:instance\"),\n\t\t\t},\n\t\t\tIncludedProperties: resourceexplorer.ViewIncludedPropertyArray{\n\t\t\t\t\u0026resourceexplorer.ViewIncludedPropertyArgs{\n\t\t\t\t\tName: pulumi.String(\"tags\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourceexplorer.Index;\nimport com.pulumi.aws.resourceexplorer.IndexArgs;\nimport com.pulumi.aws.resourceexplorer.View;\nimport com.pulumi.aws.resourceexplorer.ViewArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewFiltersArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewIncludedPropertyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder()\n .type(\"LOCAL\")\n .build());\n\n var exampleView = new View(\"exampleView\", ViewArgs.builder()\n .name(\"exampleview\")\n .filters(ViewFiltersArgs.builder()\n .filterString(\"resourcetype:ec2:instance\")\n .build())\n .includedProperties(ViewIncludedPropertyArgs.builder()\n .name(\"tags\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:resourceexplorer:Index\n properties:\n type: LOCAL\n exampleView:\n type: aws:resourceexplorer:View\n name: example\n properties:\n name: exampleview\n filters:\n filterString: resourcetype:ec2:instance\n includedProperties:\n - name: tags\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Resource Explorer views using the `arn`. For example:\n\n```sh\n$ pulumi import aws:resourceexplorer/view:View example arn:aws:resource-explorer-2:us-west-2:123456789012:view/exampleview/e0914f6c-6c27-4b47-b5d4-6b28381a2421\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Resource Explorer view.\n" }, "defaultView": { "type": "boolean", "description": "Specifies whether the view is the [_default view_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-views-about.html#manage-views-about-default) for the AWS Region. Default: `false`.\n" }, "filters": { "$ref": "#/types/aws:resourceexplorer/ViewFilters:ViewFilters", "description": "Specifies which resources are included in the results of queries made using this view. See Filters below for more details.\n" }, "includedProperties": { "type": "array", "items": { "$ref": "#/types/aws:resourceexplorer/ViewIncludedProperty:ViewIncludedProperty" }, "description": "Optional fields to be included in search results from this view. See Included Properties below for more details.\n" }, "name": { "type": "string", "description": "The name of the view. The name must be no more than 64 characters long, and can include letters, digits, and the dash (-) character. The name must be unique within its AWS Region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultView", "name", "tagsAll" ], "inputProperties": { "defaultView": { "type": "boolean", "description": "Specifies whether the view is the [_default view_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-views-about.html#manage-views-about-default) for the AWS Region. Default: `false`.\n" }, "filters": { "$ref": "#/types/aws:resourceexplorer/ViewFilters:ViewFilters", "description": "Specifies which resources are included in the results of queries made using this view. See Filters below for more details.\n" }, "includedProperties": { "type": "array", "items": { "$ref": "#/types/aws:resourceexplorer/ViewIncludedProperty:ViewIncludedProperty" }, "description": "Optional fields to be included in search results from this view. See Included Properties below for more details.\n" }, "name": { "type": "string", "description": "The name of the view. The name must be no more than 64 characters long, and can include letters, digits, and the dash (-) character. The name must be unique within its AWS Region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering View resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Resource Explorer view.\n" }, "defaultView": { "type": "boolean", "description": "Specifies whether the view is the [_default view_](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-views-about.html#manage-views-about-default) for the AWS Region. Default: `false`.\n" }, "filters": { "$ref": "#/types/aws:resourceexplorer/ViewFilters:ViewFilters", "description": "Specifies which resources are included in the results of queries made using this view. See Filters below for more details.\n" }, "includedProperties": { "type": "array", "items": { "$ref": "#/types/aws:resourceexplorer/ViewIncludedProperty:ViewIncludedProperty" }, "description": "Optional fields to be included in search results from this view. See Included Properties below for more details.\n" }, "name": { "type": "string", "description": "The name of the view. The name must be no more than 64 characters long, and can include letters, digits, and the dash (-) character. The name must be unique within its AWS Region.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:resourcegroups/group:Group": { "description": "Provides a Resource Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.resourcegroups.Group(\"test\", {\n name: \"test-group\",\n resourceQuery: {\n query: `{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.resourcegroups.Group(\"test\",\n name=\"test-group\",\n resource_query={\n \"query\": \"\"\"{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n\"\"\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.ResourceGroups.Group(\"test\", new()\n {\n Name = \"test-group\",\n ResourceQuery = new Aws.ResourceGroups.Inputs.GroupResourceQueryArgs\n {\n Query = @\"{\n \"\"ResourceTypeFilters\"\": [\n \"\"AWS::EC2::Instance\"\"\n ],\n \"\"TagFilters\"\": [\n {\n \"\"Key\"\": \"\"Stage\"\",\n \"\"Values\"\": [\"\"Test\"\"]\n }\n ]\n}\n\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourcegroups.NewGroup(ctx, \"test\", \u0026resourcegroups.GroupArgs{\n\t\t\tName: pulumi.String(\"test-group\"),\n\t\t\tResourceQuery: \u0026resourcegroups.GroupResourceQueryArgs{\n\t\t\t\tQuery: pulumi.String(`{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n`),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroups.Group;\nimport com.pulumi.aws.resourcegroups.GroupArgs;\nimport com.pulumi.aws.resourcegroups.inputs.GroupResourceQueryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Group(\"test\", GroupArgs.builder()\n .name(\"test-group\")\n .resourceQuery(GroupResourceQueryArgs.builder()\n .query(\"\"\"\n{\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n}\n \"\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:resourcegroups:Group\n properties:\n name: test-group\n resourceQuery:\n query: |\n {\n \"ResourceTypeFilters\": [\n \"AWS::EC2::Instance\"\n ],\n \"TagFilters\": [\n {\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"]\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import resource groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:resourcegroups/group:Group foo resource-group-name\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this resource group.\n" }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroups/GroupConfiguration:GroupConfiguration" }, "description": "A configuration associates the resource group with an AWS service and specifies how the service can interact with the resources in the group. See below for details.\n" }, "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n" }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "configurations": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroups/GroupConfiguration:GroupConfiguration" }, "description": "A configuration associates the resource group with an AWS service and specifies how the service can interact with the resources in the group. See below for details.\n" }, "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n", "willReplaceOnChanges": true }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN assigned by AWS for this resource group.\n" }, "configurations": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroups/GroupConfiguration:GroupConfiguration" }, "description": "A configuration associates the resource group with an AWS service and specifies how the service can interact with the resources in the group. See below for details.\n" }, "description": { "type": "string", "description": "A description of the resource group.\n" }, "name": { "type": "string", "description": "The resource group's name. A resource group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`.\n", "willReplaceOnChanges": true }, "resourceQuery": { "$ref": "#/types/aws:resourcegroups/GroupResourceQuery:GroupResourceQuery", "description": "A `resource_query` block. Resource queries are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:resourcegroups/resource:Resource": { "description": "Resource for managing an AWS Resource Groups Resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.DedicatedHost(\"example\", {\n instanceFamily: \"t3\",\n availabilityZone: \"us-east-1a\",\n hostRecovery: \"off\",\n autoPlacement: \"on\",\n});\nconst exampleGroup = new aws.resourcegroups.Group(\"example\", {name: \"example\"});\nconst exampleResource = new aws.resourcegroups.Resource(\"example\", {\n groupArn: exampleGroup.arn,\n resourceArn: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.DedicatedHost(\"example\",\n instance_family=\"t3\",\n availability_zone=\"us-east-1a\",\n host_recovery=\"off\",\n auto_placement=\"on\")\nexample_group = aws.resourcegroups.Group(\"example\", name=\"example\")\nexample_resource = aws.resourcegroups.Resource(\"example\",\n group_arn=example_group.arn,\n resource_arn=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.DedicatedHost(\"example\", new()\n {\n InstanceFamily = \"t3\",\n AvailabilityZone = \"us-east-1a\",\n HostRecovery = \"off\",\n AutoPlacement = \"on\",\n });\n\n var exampleGroup = new Aws.ResourceGroups.Group(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleResource = new Aws.ResourceGroups.Resource(\"example\", new()\n {\n GroupArn = exampleGroup.Arn,\n ResourceArn = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewDedicatedHost(ctx, \"example\", \u0026ec2.DedicatedHostArgs{\n\t\t\tInstanceFamily: pulumi.String(\"t3\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tHostRecovery: pulumi.String(\"off\"),\n\t\t\tAutoPlacement: pulumi.String(\"on\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := resourcegroups.NewGroup(ctx, \"example\", \u0026resourcegroups.GroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = resourcegroups.NewResource(ctx, \"example\", \u0026resourcegroups.ResourceArgs{\n\t\t\tGroupArn: exampleGroup.Arn,\n\t\t\tResourceArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DedicatedHost;\nimport com.pulumi.aws.ec2.DedicatedHostArgs;\nimport com.pulumi.aws.resourcegroups.Group;\nimport com.pulumi.aws.resourcegroups.GroupArgs;\nimport com.pulumi.aws.resourcegroups.Resource;\nimport com.pulumi.aws.resourcegroups.ResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DedicatedHost(\"example\", DedicatedHostArgs.builder()\n .instanceFamily(\"t3\")\n .availabilityZone(\"us-east-1a\")\n .hostRecovery(\"off\")\n .autoPlacement(\"on\")\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleResource = new Resource(\"exampleResource\", ResourceArgs.builder()\n .groupArn(exampleGroup.arn())\n .resourceArn(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:DedicatedHost\n properties:\n instanceFamily: t3\n availabilityZone: us-east-1a\n hostRecovery: off\n autoPlacement: on\n exampleGroup:\n type: aws:resourcegroups:Group\n name: example\n properties:\n name: example\n exampleResource:\n type: aws:resourcegroups:Resource\n name: example\n properties:\n groupArn: ${exampleGroup.arn}\n resourceArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupArn": { "type": "string", "description": "The name or the ARN of the resource group to add resources to.\n\nThe following arguments are optional:\n" }, "resourceArn": { "type": "string", "description": "The ARN of the resource to be added to the group.\n" }, "resourceType": { "type": "string", "description": "The resource type of a resource, such as `AWS::EC2::Instance`.\n" } }, "required": [ "groupArn", "resourceArn", "resourceType" ], "inputProperties": { "groupArn": { "type": "string", "description": "The name or the ARN of the resource group to add resources to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The ARN of the resource to be added to the group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "groupArn", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Resource resources.\n", "properties": { "groupArn": { "type": "string", "description": "The name or the ARN of the resource group to add resources to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The ARN of the resource to be added to the group.\n", "willReplaceOnChanges": true }, "resourceType": { "type": "string", "description": "The resource type of a resource, such as `AWS::EC2::Instance`.\n" } }, "type": "object" } }, "aws:rolesanywhere/profile:Profile": { "description": "Resource for managing a Roles Anywhere Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: \"test\",\n path: \"/\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n Principal: {\n Service: \"rolesanywhere.amazonaws.com\",\n },\n Effect: \"Allow\",\n Sid: \"\",\n }],\n }),\n});\nconst testProfile = new aws.rolesanywhere.Profile(\"test\", {\n name: \"example\",\n roleArns: [test.arn],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=\"test\",\n path=\"/\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n \"Principal\": {\n \"Service\": \"rolesanywhere.amazonaws.com\",\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n }],\n }))\ntest_profile = aws.rolesanywhere.Profile(\"test\",\n name=\"example\",\n role_arns=[test.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"test\",\n Path = \"/\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n },\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"rolesanywhere.amazonaws.com\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n var testProfile = new Aws.RolesAnywhere.Profile(\"test\", new()\n {\n Name = \"example\",\n RoleArns = new[]\n {\n test.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t\t\"sts:SetSourceIdentity\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"rolesanywhere.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewProfile(ctx, \"test\", \u0026rolesanywhere.ProfileArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.rolesanywhere.Profile;\nimport com.pulumi.aws.rolesanywhere.ProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder()\n .name(\"test\")\n .path(\"/\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"sts:AssumeRole\", \n \"sts:TagSession\", \n \"sts:SetSourceIdentity\"\n )),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"rolesanywhere.amazonaws.com\")\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n var testProfile = new Profile(\"testProfile\", ProfileArgs.builder()\n .name(\"example\")\n .roleArns(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: test\n path: /\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - sts:AssumeRole\n - sts:TagSession\n - sts:SetSourceIdentity\n Principal:\n Service: rolesanywhere.amazonaws.com\n Effect: Allow\n Sid:\n testProfile:\n type: aws:rolesanywhere:Profile\n name: test\n properties:\n name: example\n roleArns:\n - ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_profile` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/profile:Profile example db138a85-8925-4f9f-a409-08231233cacf\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Profile\n" }, "durationSeconds": { "type": "integer", "description": "The number of seconds the vended session credentials are valid for. Defaults to 3600.\n" }, "enabled": { "type": "boolean", "description": "Whether or not the Profile is enabled.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" }, "description": "A list of managed policy ARNs that apply to the vended session credentials.\n" }, "name": { "type": "string", "description": "The name of the Profile.\n" }, "requireInstanceProperties": { "type": "boolean", "description": "Specifies whether instance properties are required in [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html) requests with this profile.\n" }, "roleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles that this profile can assume\n" }, "sessionPolicy": { "type": "string", "description": "A session policy that applies to the trust boundary of the vended session credentials.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "durationSeconds", "name", "roleArns", "tagsAll" ], "inputProperties": { "durationSeconds": { "type": "integer", "description": "The number of seconds the vended session credentials are valid for. Defaults to 3600.\n" }, "enabled": { "type": "boolean", "description": "Whether or not the Profile is enabled.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" }, "description": "A list of managed policy ARNs that apply to the vended session credentials.\n" }, "name": { "type": "string", "description": "The name of the Profile.\n" }, "requireInstanceProperties": { "type": "boolean", "description": "Specifies whether instance properties are required in [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html) requests with this profile.\n" }, "roleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles that this profile can assume\n" }, "sessionPolicy": { "type": "string", "description": "A session policy that applies to the trust boundary of the vended session credentials.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "roleArns" ], "stateInputs": { "description": "Input properties used for looking up and filtering Profile resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Profile\n" }, "durationSeconds": { "type": "integer", "description": "The number of seconds the vended session credentials are valid for. Defaults to 3600.\n" }, "enabled": { "type": "boolean", "description": "Whether or not the Profile is enabled.\n" }, "managedPolicyArns": { "type": "array", "items": { "type": "string" }, "description": "A list of managed policy ARNs that apply to the vended session credentials.\n" }, "name": { "type": "string", "description": "The name of the Profile.\n" }, "requireInstanceProperties": { "type": "boolean", "description": "Specifies whether instance properties are required in [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html) requests with this profile.\n" }, "roleArns": { "type": "array", "items": { "type": "string" }, "description": "A list of IAM roles that this profile can assume\n" }, "sessionPolicy": { "type": "string", "description": "A session policy that applies to the trust boundary of the vended session credentials.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rolesanywhere/trustAnchor:TrustAnchor": { "description": "Resource for managing a Roles Anywhere Trust Anchor.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n permanentDeletionTimeInDays: 7,\n type: \"ROOT\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\nconst current = aws.getPartition({});\nconst test = new aws.acmpca.Certificate(\"test\", {\n certificateAuthorityArn: example.arn,\n certificateSigningRequest: example.certificateSigningRequest,\n signingAlgorithm: \"SHA512WITHRSA\",\n templateArn: current.then(current =\u003e `arn:${current.partition}:acm-pca:::template/RootCACertificate/V1`),\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\nconst exampleCertificateAuthorityCertificate = new aws.acmpca.CertificateAuthorityCertificate(\"example\", {\n certificateAuthorityArn: example.arn,\n certificate: exampleAwsAcmpcaCertificate.certificate,\n certificateChain: exampleAwsAcmpcaCertificate.certificateChain,\n});\nconst testTrustAnchor = new aws.rolesanywhere.TrustAnchor(\"test\", {\n name: \"example\",\n source: {\n sourceData: {\n acmPcaArn: example.arn,\n },\n sourceType: \"AWS_ACM_PCA\",\n },\n}, {\n dependsOn: [exampleCertificateAuthorityCertificate],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n permanent_deletion_time_in_days=7,\n type=\"ROOT\",\n certificate_authority_configuration={\n \"key_algorithm\": \"RSA_4096\",\n \"signing_algorithm\": \"SHA512WITHRSA\",\n \"subject\": {\n \"common_name\": \"example.com\",\n },\n })\ncurrent = aws.get_partition()\ntest = aws.acmpca.Certificate(\"test\",\n certificate_authority_arn=example.arn,\n certificate_signing_request=example.certificate_signing_request,\n signing_algorithm=\"SHA512WITHRSA\",\n template_arn=f\"arn:{current.partition}:acm-pca:::template/RootCACertificate/V1\",\n validity={\n \"type\": \"YEARS\",\n \"value\": \"1\",\n })\nexample_certificate_authority_certificate = aws.acmpca.CertificateAuthorityCertificate(\"example\",\n certificate_authority_arn=example.arn,\n certificate=example_aws_acmpca_certificate[\"certificate\"],\n certificate_chain=example_aws_acmpca_certificate[\"certificateChain\"])\ntest_trust_anchor = aws.rolesanywhere.TrustAnchor(\"test\",\n name=\"example\",\n source={\n \"source_data\": {\n \"acm_pca_arn\": example.arn,\n },\n \"source_type\": \"AWS_ACM_PCA\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_certificate_authority_certificate]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n PermanentDeletionTimeInDays = 7,\n Type = \"ROOT\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var test = new Aws.Acmpca.Certificate(\"test\", new()\n {\n CertificateAuthorityArn = example.Arn,\n CertificateSigningRequest = example.CertificateSigningRequest,\n SigningAlgorithm = \"SHA512WITHRSA\",\n TemplateArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:acm-pca:::template/RootCACertificate/V1\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n var exampleCertificateAuthorityCertificate = new Aws.Acmpca.CertificateAuthorityCertificate(\"example\", new()\n {\n CertificateAuthorityArn = example.Arn,\n Certificate = exampleAwsAcmpcaCertificate.Certificate,\n CertificateChain = exampleAwsAcmpcaCertificate.CertificateChain,\n });\n\n var testTrustAnchor = new Aws.RolesAnywhere.TrustAnchor(\"test\", new()\n {\n Name = \"example\",\n Source = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceArgs\n {\n SourceData = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceSourceDataArgs\n {\n AcmPcaArn = example.Arn,\n },\n SourceType = \"AWS_ACM_PCA\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleCertificateAuthorityCertificate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t\tType: pulumi.String(\"ROOT\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificate(ctx, \"test\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificateSigningRequest: example.CertificateSigningRequest,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\tTemplateArn: pulumi.String(fmt.Sprintf(\"arn:%v:acm-pca:::template/RootCACertificate/V1\", current.Partition)),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCertificateAuthorityCertificate, err := acmpca.NewCertificateAuthorityCertificate(ctx, \"example\", \u0026acmpca.CertificateAuthorityCertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificate: pulumi.Any(exampleAwsAcmpcaCertificate.Certificate),\n\t\t\tCertificateChain: pulumi.Any(exampleAwsAcmpcaCertificate.CertificateChain),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewTrustAnchor(ctx, \"test\", \u0026rolesanywhere.TrustAnchorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026rolesanywhere.TrustAnchorSourceArgs{\n\t\t\t\tSourceData: \u0026rolesanywhere.TrustAnchorSourceSourceDataArgs{\n\t\t\t\t\tAcmPcaArn: example.Arn,\n\t\t\t\t},\n\t\t\t\tSourceType: pulumi.String(\"AWS_ACM_PCA\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleCertificateAuthorityCertificate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificate;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;\nimport com.pulumi.aws.rolesanywhere.TrustAnchor;\nimport com.pulumi.aws.rolesanywhere.TrustAnchorArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceSourceDataArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder()\n .permanentDeletionTimeInDays(7)\n .type(\"ROOT\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n var test = new Certificate(\"test\", CertificateArgs.builder()\n .certificateAuthorityArn(example.arn())\n .certificateSigningRequest(example.certificateSigningRequest())\n .signingAlgorithm(\"SHA512WITHRSA\")\n .templateArn(String.format(\"arn:%s:acm-pca:::template/RootCACertificate/V1\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n var exampleCertificateAuthorityCertificate = new CertificateAuthorityCertificate(\"exampleCertificateAuthorityCertificate\", CertificateAuthorityCertificateArgs.builder()\n .certificateAuthorityArn(example.arn())\n .certificate(exampleAwsAcmpcaCertificate.certificate())\n .certificateChain(exampleAwsAcmpcaCertificate.certificateChain())\n .build());\n\n var testTrustAnchor = new TrustAnchor(\"testTrustAnchor\", TrustAnchorArgs.builder()\n .name(\"example\")\n .source(TrustAnchorSourceArgs.builder()\n .sourceData(TrustAnchorSourceSourceDataArgs.builder()\n .acmPcaArn(example.arn())\n .build())\n .sourceType(\"AWS_ACM_PCA\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleCertificateAuthorityCertificate)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n permanentDeletionTimeInDays: 7\n type: ROOT\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n test:\n type: aws:acmpca:Certificate\n properties:\n certificateAuthorityArn: ${example.arn}\n certificateSigningRequest: ${example.certificateSigningRequest}\n signingAlgorithm: SHA512WITHRSA\n templateArn: arn:${current.partition}:acm-pca:::template/RootCACertificate/V1\n validity:\n type: YEARS\n value: 1\n exampleCertificateAuthorityCertificate:\n type: aws:acmpca:CertificateAuthorityCertificate\n name: example\n properties:\n certificateAuthorityArn: ${example.arn}\n certificate: ${exampleAwsAcmpcaCertificate.certificate}\n certificateChain: ${exampleAwsAcmpcaCertificate.certificateChain}\n testTrustAnchor:\n type: aws:rolesanywhere:TrustAnchor\n name: test\n properties:\n name: example\n source:\n sourceData:\n acmPcaArn: ${example.arn}\n sourceType: AWS_ACM_PCA\n options:\n dependson:\n - ${exampleCertificateAuthorityCertificate}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_trust_anchor` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/trustAnchor:TrustAnchor example 92b2fbbb-984d-41a3-a765-e3cbdb69ebb1\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Trust Anchor\n" }, "enabled": { "type": "boolean", "description": "Whether or not the Trust Anchor should be enabled.\n" }, "name": { "type": "string", "description": "The name of the Trust Anchor.\n" }, "source": { "$ref": "#/types/aws:rolesanywhere/TrustAnchorSource:TrustAnchorSource", "description": "The source of trust, documented below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "enabled", "name", "source", "tagsAll" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether or not the Trust Anchor should be enabled.\n" }, "name": { "type": "string", "description": "The name of the Trust Anchor.\n" }, "source": { "$ref": "#/types/aws:rolesanywhere/TrustAnchorSource:TrustAnchorSource", "description": "The source of trust, documented below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrustAnchor resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Trust Anchor\n" }, "enabled": { "type": "boolean", "description": "Whether or not the Trust Anchor should be enabled.\n" }, "name": { "type": "string", "description": "The name of the Trust Anchor.\n" }, "source": { "$ref": "#/types/aws:rolesanywhere/TrustAnchorSource:TrustAnchorSource", "description": "The source of trust, documented below\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53/cidrCollection:CidrCollection": { "description": "Provides a Route53 CIDR collection resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.CidrCollection(\"example\", {name: \"collection-1\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.CidrCollection(\"example\", name=\"collection-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.CidrCollection(\"example\", new()\n {\n Name = \"collection-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewCidrCollection(ctx, \"example\", \u0026route53.CidrCollectionArgs{\n\t\t\tName: pulumi.String(\"collection-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.CidrCollection;\nimport com.pulumi.aws.route53.CidrCollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CidrCollection(\"example\", CidrCollectionArgs.builder()\n .name(\"collection-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:CidrCollection\n properties:\n name: collection-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CIDR collections using their ID. For example:\n\n```sh\n$ pulumi import aws:route53/cidrCollection:CidrCollection example 9ac32814-3e67-0932-6048-8d779cc6f511\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CIDR collection.\n" }, "name": { "type": "string", "description": "Unique name for the CIDR collection.\n" }, "version": { "type": "integer", "description": "The lastest version of the CIDR collection.\n" } }, "required": [ "arn", "name", "version" ], "inputProperties": { "name": { "type": "string", "description": "Unique name for the CIDR collection.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering CidrCollection resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CIDR collection.\n" }, "name": { "type": "string", "description": "Unique name for the CIDR collection.\n" }, "version": { "type": "integer", "description": "The lastest version of the CIDR collection.\n" } }, "type": "object" } }, "aws:route53/cidrLocation:CidrLocation": { "description": "Provides a Route53 CIDR location resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.CidrCollection(\"example\", {name: \"collection-1\"});\nconst exampleCidrLocation = new aws.route53.CidrLocation(\"example\", {\n cidrCollectionId: example.id,\n name: \"office\",\n cidrBlocks: [\n \"200.5.3.0/24\",\n \"200.6.3.0/24\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.CidrCollection(\"example\", name=\"collection-1\")\nexample_cidr_location = aws.route53.CidrLocation(\"example\",\n cidr_collection_id=example.id,\n name=\"office\",\n cidr_blocks=[\n \"200.5.3.0/24\",\n \"200.6.3.0/24\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.CidrCollection(\"example\", new()\n {\n Name = \"collection-1\",\n });\n\n var exampleCidrLocation = new Aws.Route53.CidrLocation(\"example\", new()\n {\n CidrCollectionId = example.Id,\n Name = \"office\",\n CidrBlocks = new[]\n {\n \"200.5.3.0/24\",\n \"200.6.3.0/24\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := route53.NewCidrCollection(ctx, \"example\", \u0026route53.CidrCollectionArgs{\n\t\t\tName: pulumi.String(\"collection-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewCidrLocation(ctx, \"example\", \u0026route53.CidrLocationArgs{\n\t\t\tCidrCollectionId: example.ID(),\n\t\t\tName: pulumi.String(\"office\"),\n\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"200.5.3.0/24\"),\n\t\t\t\tpulumi.String(\"200.6.3.0/24\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.CidrCollection;\nimport com.pulumi.aws.route53.CidrCollectionArgs;\nimport com.pulumi.aws.route53.CidrLocation;\nimport com.pulumi.aws.route53.CidrLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CidrCollection(\"example\", CidrCollectionArgs.builder()\n .name(\"collection-1\")\n .build());\n\n var exampleCidrLocation = new CidrLocation(\"exampleCidrLocation\", CidrLocationArgs.builder()\n .cidrCollectionId(example.id())\n .name(\"office\")\n .cidrBlocks( \n \"200.5.3.0/24\",\n \"200.6.3.0/24\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:CidrCollection\n properties:\n name: collection-1\n exampleCidrLocation:\n type: aws:route53:CidrLocation\n name: example\n properties:\n cidrCollectionId: ${example.id}\n name: office\n cidrBlocks:\n - 200.5.3.0/24\n - 200.6.3.0/24\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CIDR locations using their the CIDR collection ID and location name. For example:\n\n```sh\n$ pulumi import aws:route53/cidrLocation:CidrLocation example 9ac32814-3e67-0932-6048-8d779cc6f511,office\n```\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "CIDR blocks for the location.\n" }, "cidrCollectionId": { "type": "string", "description": "The ID of the CIDR collection to update.\n" }, "name": { "type": "string", "description": "Name for the CIDR location.\n" } }, "required": [ "cidrBlocks", "cidrCollectionId", "name" ], "inputProperties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "CIDR blocks for the location.\n" }, "cidrCollectionId": { "type": "string", "description": "The ID of the CIDR collection to update.\n" }, "name": { "type": "string", "description": "Name for the CIDR location.\n" } }, "requiredInputs": [ "cidrBlocks", "cidrCollectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering CidrLocation resources.\n", "properties": { "cidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "CIDR blocks for the location.\n" }, "cidrCollectionId": { "type": "string", "description": "The ID of the CIDR collection to update.\n" }, "name": { "type": "string", "description": "Name for the CIDR location.\n" } }, "type": "object" } }, "aws:route53/delegationSet:DelegationSet": { "description": "Provides a [Route53 Delegation Set](https://docs.aws.amazon.com/Route53/latest/APIReference/API-actions-by-function.html#actions-by-function-reusable-delegation-sets) resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.route53.DelegationSet(\"main\", {referenceName: \"DynDNS\"});\nconst primary = new aws.route53.Zone(\"primary\", {\n name: \"mydomain.com\",\n delegationSetId: main.id,\n});\nconst secondary = new aws.route53.Zone(\"secondary\", {\n name: \"coolcompany.io\",\n delegationSetId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.route53.DelegationSet(\"main\", reference_name=\"DynDNS\")\nprimary = aws.route53.Zone(\"primary\",\n name=\"mydomain.com\",\n delegation_set_id=main.id)\nsecondary = aws.route53.Zone(\"secondary\",\n name=\"coolcompany.io\",\n delegation_set_id=main.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Route53.DelegationSet(\"main\", new()\n {\n ReferenceName = \"DynDNS\",\n });\n\n var primary = new Aws.Route53.Zone(\"primary\", new()\n {\n Name = \"mydomain.com\",\n DelegationSetId = main.Id,\n });\n\n var secondary = new Aws.Route53.Zone(\"secondary\", new()\n {\n Name = \"coolcompany.io\",\n DelegationSetId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := route53.NewDelegationSet(ctx, \"main\", \u0026route53.DelegationSetArgs{\n\t\t\tReferenceName: pulumi.String(\"DynDNS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"primary\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"mydomain.com\"),\n\t\t\tDelegationSetId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"secondary\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"coolcompany.io\"),\n\t\t\tDelegationSetId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.DelegationSet;\nimport com.pulumi.aws.route53.DelegationSetArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new DelegationSet(\"main\", DelegationSetArgs.builder()\n .referenceName(\"DynDNS\")\n .build());\n\n var primary = new Zone(\"primary\", ZoneArgs.builder()\n .name(\"mydomain.com\")\n .delegationSetId(main.id())\n .build());\n\n var secondary = new Zone(\"secondary\", ZoneArgs.builder()\n .name(\"coolcompany.io\")\n .delegationSetId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:route53:DelegationSet\n properties:\n referenceName: DynDNS\n primary:\n type: aws:route53:Zone\n properties:\n name: mydomain.com\n delegationSetId: ${main.id}\n secondary:\n type: aws:route53:Zone\n properties:\n name: coolcompany.io\n delegationSetId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Delegation Sets using the delegation set `id`. For example:\n\n```sh\n$ pulumi import aws:route53/delegationSet:DelegationSet set1 N1PA6795SAMPLE\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Delegation Set.\n" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of authoritative name servers for the hosted zone\n(effectively a list of NS records).\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n" } }, "required": [ "arn", "nameServers" ], "inputProperties": { "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering DelegationSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Delegation Set.\n" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of authoritative name servers for the hosted zone\n(effectively a list of NS records).\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single delegation set amongst others)\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/healthCheck:HealthCheck": { "description": "Provides a Route53 health check.\n\n## Example Usage\n\n### Connectivity and HTTP Status Code Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.HealthCheck(\"example\", {\n fqdn: \"example.com\",\n port: 80,\n type: \"HTTP\",\n resourcePath: \"/\",\n failureThreshold: 5,\n requestInterval: 30,\n tags: {\n Name: \"tf-test-health-check\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.HealthCheck(\"example\",\n fqdn=\"example.com\",\n port=80,\n type=\"HTTP\",\n resource_path=\"/\",\n failure_threshold=5,\n request_interval=30,\n tags={\n \"Name\": \"tf-test-health-check\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.HealthCheck(\"example\", new()\n {\n Fqdn = \"example.com\",\n Port = 80,\n Type = \"HTTP\",\n ResourcePath = \"/\",\n FailureThreshold = 5,\n RequestInterval = 30,\n Tags = \n {\n { \"Name\", \"tf-test-health-check\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewHealthCheck(ctx, \"example\", \u0026route53.HealthCheckArgs{\n\t\t\tFqdn: pulumi.String(\"example.com\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tResourcePath: pulumi.String(\"/\"),\n\t\t\tFailureThreshold: pulumi.Int(5),\n\t\t\tRequestInterval: pulumi.Int(30),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test-health-check\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.HealthCheck;\nimport com.pulumi.aws.route53.HealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HealthCheck(\"example\", HealthCheckArgs.builder()\n .fqdn(\"example.com\")\n .port(80)\n .type(\"HTTP\")\n .resourcePath(\"/\")\n .failureThreshold(\"5\")\n .requestInterval(\"30\")\n .tags(Map.of(\"Name\", \"tf-test-health-check\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:HealthCheck\n properties:\n fqdn: example.com\n port: 80\n type: HTTP\n resourcePath: /\n failureThreshold: '5'\n requestInterval: '30'\n tags:\n Name: tf-test-health-check\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Connectivity and String Matching Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.HealthCheck(\"example\", {\n failureThreshold: 5,\n fqdn: \"example.com\",\n port: 443,\n requestInterval: 30,\n resourcePath: \"/\",\n searchString: \"example\",\n type: \"HTTPS_STR_MATCH\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.HealthCheck(\"example\",\n failure_threshold=5,\n fqdn=\"example.com\",\n port=443,\n request_interval=30,\n resource_path=\"/\",\n search_string=\"example\",\n type=\"HTTPS_STR_MATCH\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.HealthCheck(\"example\", new()\n {\n FailureThreshold = 5,\n Fqdn = \"example.com\",\n Port = 443,\n RequestInterval = 30,\n ResourcePath = \"/\",\n SearchString = \"example\",\n Type = \"HTTPS_STR_MATCH\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewHealthCheck(ctx, \"example\", \u0026route53.HealthCheckArgs{\n\t\t\tFailureThreshold: pulumi.Int(5),\n\t\t\tFqdn: pulumi.String(\"example.com\"),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tRequestInterval: pulumi.Int(30),\n\t\t\tResourcePath: pulumi.String(\"/\"),\n\t\t\tSearchString: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"HTTPS_STR_MATCH\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.HealthCheck;\nimport com.pulumi.aws.route53.HealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HealthCheck(\"example\", HealthCheckArgs.builder()\n .failureThreshold(\"5\")\n .fqdn(\"example.com\")\n .port(443)\n .requestInterval(\"30\")\n .resourcePath(\"/\")\n .searchString(\"example\")\n .type(\"HTTPS_STR_MATCH\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:HealthCheck\n properties:\n failureThreshold: '5'\n fqdn: example.com\n port: 443\n requestInterval: '30'\n resourcePath: /\n searchString: example\n type: HTTPS_STR_MATCH\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Aggregate Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst parent = new aws.route53.HealthCheck(\"parent\", {\n type: \"CALCULATED\",\n childHealthThreshold: 1,\n childHealthchecks: [child.id],\n tags: {\n Name: \"tf-test-calculated-health-check\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nparent = aws.route53.HealthCheck(\"parent\",\n type=\"CALCULATED\",\n child_health_threshold=1,\n child_healthchecks=[child[\"id\"]],\n tags={\n \"Name\": \"tf-test-calculated-health-check\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parent = new Aws.Route53.HealthCheck(\"parent\", new()\n {\n Type = \"CALCULATED\",\n ChildHealthThreshold = 1,\n ChildHealthchecks = new[]\n {\n child.Id,\n },\n Tags = \n {\n { \"Name\", \"tf-test-calculated-health-check\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewHealthCheck(ctx, \"parent\", \u0026route53.HealthCheckArgs{\n\t\t\tType: pulumi.String(\"CALCULATED\"),\n\t\t\tChildHealthThreshold: pulumi.Int(1),\n\t\t\tChildHealthchecks: pulumi.StringArray{\n\t\t\t\tchild.Id,\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-test-calculated-health-check\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.HealthCheck;\nimport com.pulumi.aws.route53.HealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parent = new HealthCheck(\"parent\", HealthCheckArgs.builder()\n .type(\"CALCULATED\")\n .childHealthThreshold(1)\n .childHealthchecks(child.id())\n .tags(Map.of(\"Name\", \"tf-test-calculated-health-check\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parent:\n type: aws:route53:HealthCheck\n properties:\n type: CALCULATED\n childHealthThreshold: 1\n childHealthchecks:\n - ${child.id}\n tags:\n Name: tf-test-calculated-health-check\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudWatch Alarm Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foobar = new aws.cloudwatch.MetricAlarm(\"foobar\", {\n name: \"test-foobar5\",\n comparisonOperator: \"GreaterThanOrEqualToThreshold\",\n evaluationPeriods: 2,\n metricName: \"CPUUtilization\",\n namespace: \"AWS/EC2\",\n period: 120,\n statistic: \"Average\",\n threshold: 80,\n alarmDescription: \"This metric monitors ec2 cpu utilization\",\n});\nconst foo = new aws.route53.HealthCheck(\"foo\", {\n type: \"CLOUDWATCH_METRIC\",\n cloudwatchAlarmName: foobar.name,\n cloudwatchAlarmRegion: \"us-west-2\",\n insufficientDataHealthStatus: \"Healthy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoobar = aws.cloudwatch.MetricAlarm(\"foobar\",\n name=\"test-foobar5\",\n comparison_operator=\"GreaterThanOrEqualToThreshold\",\n evaluation_periods=2,\n metric_name=\"CPUUtilization\",\n namespace=\"AWS/EC2\",\n period=120,\n statistic=\"Average\",\n threshold=80,\n alarm_description=\"This metric monitors ec2 cpu utilization\")\nfoo = aws.route53.HealthCheck(\"foo\",\n type=\"CLOUDWATCH_METRIC\",\n cloudwatch_alarm_name=foobar.name,\n cloudwatch_alarm_region=\"us-west-2\",\n insufficient_data_health_status=\"Healthy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Aws.CloudWatch.MetricAlarm(\"foobar\", new()\n {\n Name = \"test-foobar5\",\n ComparisonOperator = \"GreaterThanOrEqualToThreshold\",\n EvaluationPeriods = 2,\n MetricName = \"CPUUtilization\",\n Namespace = \"AWS/EC2\",\n Period = 120,\n Statistic = \"Average\",\n Threshold = 80,\n AlarmDescription = \"This metric monitors ec2 cpu utilization\",\n });\n\n var foo = new Aws.Route53.HealthCheck(\"foo\", new()\n {\n Type = \"CLOUDWATCH_METRIC\",\n CloudwatchAlarmName = foobar.Name,\n CloudwatchAlarmRegion = \"us-west-2\",\n InsufficientDataHealthStatus = \"Healthy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobar, err := cloudwatch.NewMetricAlarm(ctx, \"foobar\", \u0026cloudwatch.MetricAlarmArgs{\n\t\t\tName: pulumi.String(\"test-foobar5\"),\n\t\t\tComparisonOperator: pulumi.String(\"GreaterThanOrEqualToThreshold\"),\n\t\t\tEvaluationPeriods: pulumi.Int(2),\n\t\t\tMetricName: pulumi.String(\"CPUUtilization\"),\n\t\t\tNamespace: pulumi.String(\"AWS/EC2\"),\n\t\t\tPeriod: pulumi.Int(120),\n\t\t\tStatistic: pulumi.String(\"Average\"),\n\t\t\tThreshold: pulumi.Float64(80),\n\t\t\tAlarmDescription: pulumi.String(\"This metric monitors ec2 cpu utilization\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHealthCheck(ctx, \"foo\", \u0026route53.HealthCheckArgs{\n\t\t\tType: pulumi.String(\"CLOUDWATCH_METRIC\"),\n\t\t\tCloudwatchAlarmName: foobar.Name,\n\t\t\tCloudwatchAlarmRegion: pulumi.String(\"us-west-2\"),\n\t\t\tInsufficientDataHealthStatus: pulumi.String(\"Healthy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.MetricAlarm;\nimport com.pulumi.aws.cloudwatch.MetricAlarmArgs;\nimport com.pulumi.aws.route53.HealthCheck;\nimport com.pulumi.aws.route53.HealthCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new MetricAlarm(\"foobar\", MetricAlarmArgs.builder()\n .name(\"test-foobar5\")\n .comparisonOperator(\"GreaterThanOrEqualToThreshold\")\n .evaluationPeriods(\"2\")\n .metricName(\"CPUUtilization\")\n .namespace(\"AWS/EC2\")\n .period(\"120\")\n .statistic(\"Average\")\n .threshold(\"80\")\n .alarmDescription(\"This metric monitors ec2 cpu utilization\")\n .build());\n\n var foo = new HealthCheck(\"foo\", HealthCheckArgs.builder()\n .type(\"CLOUDWATCH_METRIC\")\n .cloudwatchAlarmName(foobar.name())\n .cloudwatchAlarmRegion(\"us-west-2\")\n .insufficientDataHealthStatus(\"Healthy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: aws:cloudwatch:MetricAlarm\n properties:\n name: test-foobar5\n comparisonOperator: GreaterThanOrEqualToThreshold\n evaluationPeriods: '2'\n metricName: CPUUtilization\n namespace: AWS/EC2\n period: '120'\n statistic: Average\n threshold: '80'\n alarmDescription: This metric monitors ec2 cpu utilization\n foo:\n type: aws:route53:HealthCheck\n properties:\n type: CLOUDWATCH_METRIC\n cloudwatchAlarmName: ${foobar.name}\n cloudwatchAlarmRegion: us-west-2\n insufficientDataHealthStatus: Healthy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Health Checks using the health check `id`. For example:\n\n```sh\n$ pulumi import aws:route53/healthCheck:HealthCheck http_check abcdef11-2222-3333-4444-555555fedcba\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Health Check.\n" }, "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "disabled": { "type": "boolean", "description": "A boolean value that stops Route 53 from performing health checks. When set to true, Route 53 will do the following depending on the type of health check:\n* For health checks that check the health of endpoints, Route5 53 stops submitting requests to your application, server, or other resource.\n* For calculated health checks, Route 53 stops aggregating the status of the referenced health checks.\n* For health checks that monitor CloudWatch alarms, Route 53 stops monitoring the corresponding CloudWatch metrics.\n\n\u003e **Note:** After you disable a health check, Route 53 considers the status of the health check to always be healthy. If you configured DNS failover, Route 53 continues to route traffic to the corresponding resources. If you want to stop routing traffic to a resource, change the value of `invert_healthcheck`.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked. If a value is set for `ip_address`, the value set for `fqdn` will be passed in the `Host` header.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n" }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n" }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "routingControlArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control. This is used when health check type is `RECOVERY_CONTROL`\n" }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED`, `CLOUDWATCH_METRIC` and `RECOVERY_CONTROL`.\n" } }, "required": [ "arn", "enableSni", "failureThreshold", "tagsAll", "type" ], "inputProperties": { "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "disabled": { "type": "boolean", "description": "A boolean value that stops Route 53 from performing health checks. When set to true, Route 53 will do the following depending on the type of health check:\n* For health checks that check the health of endpoints, Route5 53 stops submitting requests to your application, server, or other resource.\n* For calculated health checks, Route 53 stops aggregating the status of the referenced health checks.\n* For health checks that monitor CloudWatch alarms, Route 53 stops monitoring the corresponding CloudWatch metrics.\n\n\u003e **Note:** After you disable a health check, Route 53 considers the status of the health check to always be healthy. If you configured DNS failover, Route 53 continues to route traffic to the corresponding resources. If you want to stop routing traffic to a resource, change the value of `invert_healthcheck`.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked. If a value is set for `ip_address`, the value set for `fqdn` will be passed in the `Host` header.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n", "willReplaceOnChanges": true }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n", "willReplaceOnChanges": true }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "routingControlArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control. This is used when health check type is `RECOVERY_CONTROL`\n", "willReplaceOnChanges": true }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED`, `CLOUDWATCH_METRIC` and `RECOVERY_CONTROL`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering HealthCheck resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Health Check.\n" }, "childHealthThreshold": { "type": "integer", "description": "The minimum number of child health checks that must be healthy for Route 53 to consider the parent health check to be healthy. Valid values are integers between 0 and 256, inclusive\n" }, "childHealthchecks": { "type": "array", "items": { "type": "string" }, "description": "For a specified parent health check, a list of HealthCheckId values for the associated child health checks.\n" }, "cloudwatchAlarmName": { "type": "string", "description": "The name of the CloudWatch alarm.\n" }, "cloudwatchAlarmRegion": { "type": "string", "description": "The CloudWatchRegion that the CloudWatch alarm was created in.\n" }, "disabled": { "type": "boolean", "description": "A boolean value that stops Route 53 from performing health checks. When set to true, Route 53 will do the following depending on the type of health check:\n* For health checks that check the health of endpoints, Route5 53 stops submitting requests to your application, server, or other resource.\n* For calculated health checks, Route 53 stops aggregating the status of the referenced health checks.\n* For health checks that monitor CloudWatch alarms, Route 53 stops monitoring the corresponding CloudWatch metrics.\n\n\u003e **Note:** After you disable a health check, Route 53 considers the status of the health check to always be healthy. If you configured DNS failover, Route 53 continues to route traffic to the corresponding resources. If you want to stop routing traffic to a resource, change the value of `invert_healthcheck`.\n" }, "enableSni": { "type": "boolean", "description": "A boolean value that indicates whether Route53 should send the `fqdn` to the endpoint when performing the health check. This defaults to AWS' defaults: when the `type` is \"HTTPS\" `enable_sni` defaults to `true`, when `type` is anything else `enable_sni` defaults to `false`.\n" }, "failureThreshold": { "type": "integer", "description": "The number of consecutive health checks that an endpoint must pass or fail.\n" }, "fqdn": { "type": "string", "description": "The fully qualified domain name of the endpoint to be checked. If a value is set for `ip_address`, the value set for `fqdn` will be passed in the `Host` header.\n" }, "insufficientDataHealthStatus": { "type": "string", "description": "The status of the health check when CloudWatch has insufficient data about the state of associated alarm. Valid values are `Healthy` , `Unhealthy` and `LastKnownStatus`.\n" }, "invertHealthcheck": { "type": "boolean", "description": "A boolean value that indicates whether the status of health check should be inverted. For example, if a health check is healthy but Inverted is True , then Route 53 considers the health check to be unhealthy.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the endpoint to be checked.\n" }, "measureLatency": { "type": "boolean", "description": "A Boolean value that indicates whether you want Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint and to display CloudWatch latency graphs in the Route 53 console.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "The port of the endpoint to be checked.\n" }, "referenceName": { "type": "string", "description": "This is a reference name used in Caller Reference\n(helpful for identifying single health_check set amongst others)\n", "willReplaceOnChanges": true }, "regions": { "type": "array", "items": { "type": "string" }, "description": "A list of AWS regions that you want Amazon Route 53 health checkers to check the specified endpoint from.\n" }, "requestInterval": { "type": "integer", "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.\n", "willReplaceOnChanges": true }, "resourcePath": { "type": "string", "description": "The path that you want Amazon Route 53 to request when performing health checks.\n" }, "routingControlArn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control. This is used when health check type is `RECOVERY_CONTROL`\n", "willReplaceOnChanges": true }, "searchString": { "type": "string", "description": "String searched in the first 5120 bytes of the response body for check to be considered healthy. Only valid with `HTTP_STR_MATCH` and `HTTPS_STR_MATCH`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the health check. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The protocol to use when performing health checks. Valid values are `HTTP`, `HTTPS`, `HTTP_STR_MATCH`, `HTTPS_STR_MATCH`, `TCP`, `CALCULATED`, `CLOUDWATCH_METRIC` and `RECOVERY_CONTROL`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/hostedZoneDnsSec:HostedZoneDnsSec": { "description": "Manages Route 53 Hosted Zone Domain Name System Security Extensions (DNSSEC). For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n!\u003e **WARNING:** If you disable DNSSEC signing for your hosted zone before the DNS changes have propagated, your domain could become unavailable on the internet. When you remove the DS records, you must wait until the longest TTL for the DS records that you remove has expired before you complete the step to disable DNSSEC signing. Please refer to the [Route 53 Developer Guide - Disable DNSSEC](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-disable.html) for a detailed breakdown on the steps required to disable DNSSEC safely for a hosted zone.\n\n\u003e **Note:** Route53 hosted zones are global resources, and as such any `aws.kms.Key` that you use as part of a signing key needs to be located in the `us-east-1` region. In the example below, the main AWS provider declaration is for `us-east-1`, however if you are provisioning your AWS resources in a different region, you will need to specify a provider alias and use that attached to the `aws.kms.Key` resource as described in the provider alias documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Resource: \"*\",\n Sid: \"Allow Route 53 DNSSEC Service\",\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: exampleZone.id,\n keyManagementServiceArn: example.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=example_zone.id,\n key_management_service_arn=example.arn,\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts = pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = exampleZone.Id,\n KeyManagementServiceArn = example.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t\t\"kms:Verify\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleZone, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: exampleZone.ID(),\n\t\t\tKeyManagementServiceArn: example.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\", \n \"kms:Verify\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\")\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder()\n .hostedZoneId(exampleZone.id())\n .keyManagementServiceArn(example.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder()\n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n - kms:Verify\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Resource: '*'\n Sid: Allow Route 53 DNSSEC Service\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${exampleZone.id}\n keyManagementServiceArn: ${example.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_hosted_zone_dnssec` resources using the Route 53 Hosted Zone identifier. For example:\n\n```sh\n$ pulumi import aws:route53/hostedZoneDnsSec:HostedZoneDnsSec example Z1D633PJN98FT9\n```\n", "properties": { "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n\nThe following arguments are optional:\n" }, "signingStatus": { "type": "string", "description": "Hosted Zone signing status. Valid values: `SIGNING`, `NOT_SIGNING`. Defaults to `SIGNING`.\n" } }, "required": [ "hostedZoneId" ], "inputProperties": { "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "signingStatus": { "type": "string", "description": "Hosted Zone signing status. Valid values: `SIGNING`, `NOT_SIGNING`. Defaults to `SIGNING`.\n" } }, "requiredInputs": [ "hostedZoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering HostedZoneDnsSec resources.\n", "properties": { "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "signingStatus": { "type": "string", "description": "Hosted Zone signing status. Valid values: `SIGNING`, `NOT_SIGNING`. Defaults to `SIGNING`.\n" } }, "type": "object" } }, "aws:route53/keySigningKey:KeySigningKey": { "description": "Manages a Route 53 Key Signing Key. To manage Domain Name System Security Extensions (DNSSEC) for a Hosted Zone, see the `aws.route53.HostedZoneDnsSec` resource. For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service\",\n Resource: \"*\",\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n ArnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n Action: \"kms:CreateGrant\",\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n Resource: \"*\",\n Condition: {\n Bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"Action\": \"kms:CreateGrant\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts = pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"ArnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:CreateGrant\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"ArnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"Bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"ArnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:CreateGrant\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"Bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder()\n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder()\n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service\n Resource: '*'\n Condition:\n StringEquals:\n aws:SourceAccount: ${current.accountId}\n ArnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - Action: kms:CreateGrant\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service to CreateGrant\n Resource: '*'\n Condition:\n Bool:\n kms:GrantIsForAWSResource: 'true'\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_key_signing_key` resources using the Route 53 Hosted Zone identifier and KMS Key identifier, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53/keySigningKey:KeySigningKey example Z1D633PJN98FT9,example\n```\n", "properties": { "digestAlgorithmMnemonic": { "type": "string", "description": "A string used to represent the delegation signer digest algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.3](https://tools.ietf.org/html/rfc8624#section-3.3).\n" }, "digestAlgorithmType": { "type": "integer", "description": "An integer used to represent the delegation signer digest algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.3](https://tools.ietf.org/html/rfc8624#section-3.3).\n" }, "digestValue": { "type": "string", "description": "A cryptographic digest of a DNSKEY resource record (RR). DNSKEY records are used to publish the public key that resolvers can use to verify DNSSEC signatures that are used to secure certain kinds of information provided by the DNS system.\n" }, "dnskeyRecord": { "type": "string", "description": "A string that represents a DNSKEY record.\n" }, "dsRecord": { "type": "string", "description": "A string that represents a delegation signer (DS) record.\n" }, "flag": { "type": "integer", "description": "An integer that specifies how the key is used. For key-signing key (KSK), this value is always 257.\n" }, "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n" }, "keyManagementServiceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key. This must be unique for each key-signing key (KSK) in a single hosted zone. This key must be in the `us-east-1` Region and meet certain requirements, which are described in the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-cmk-requirements.html) and [Route 53 API Reference](https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateKeySigningKey.html).\n" }, "keyTag": { "type": "integer", "description": "An integer used to identify the DNSSEC record for the domain name. The process used to calculate the value is described in [RFC-4034 Appendix B](https://tools.ietf.org/rfc/rfc4034.txt).\n" }, "name": { "type": "string", "description": "Name of the key-signing key (KSK). Must be unique for each key-singing key in the same hosted zone.\n\nThe following arguments are optional:\n" }, "publicKey": { "type": "string", "description": "The public key, represented as a Base64 encoding, as required by [RFC-4034 Page 5](https://tools.ietf.org/rfc/rfc4034.txt).\n" }, "signingAlgorithmMnemonic": { "type": "string", "description": "A string used to represent the signing algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.1](https://tools.ietf.org/html/rfc8624#section-3.1).\n" }, "signingAlgorithmType": { "type": "integer", "description": "An integer used to represent the signing algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.1](https://tools.ietf.org/html/rfc8624#section-3.1).\n" }, "status": { "type": "string", "description": "Status of the key-signing key (KSK). Valid values: `ACTIVE`, `INACTIVE`. Defaults to `ACTIVE`.\n" } }, "required": [ "digestAlgorithmMnemonic", "digestAlgorithmType", "digestValue", "dnskeyRecord", "dsRecord", "flag", "hostedZoneId", "keyManagementServiceArn", "keyTag", "name", "publicKey", "signingAlgorithmMnemonic", "signingAlgorithmType" ], "inputProperties": { "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n", "willReplaceOnChanges": true }, "keyManagementServiceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key. This must be unique for each key-signing key (KSK) in a single hosted zone. This key must be in the `us-east-1` Region and meet certain requirements, which are described in the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-cmk-requirements.html) and [Route 53 API Reference](https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateKeySigningKey.html).\n" }, "name": { "type": "string", "description": "Name of the key-signing key (KSK). Must be unique for each key-singing key in the same hosted zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the key-signing key (KSK). Valid values: `ACTIVE`, `INACTIVE`. Defaults to `ACTIVE`.\n" } }, "requiredInputs": [ "hostedZoneId", "keyManagementServiceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering KeySigningKey resources.\n", "properties": { "digestAlgorithmMnemonic": { "type": "string", "description": "A string used to represent the delegation signer digest algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.3](https://tools.ietf.org/html/rfc8624#section-3.3).\n" }, "digestAlgorithmType": { "type": "integer", "description": "An integer used to represent the delegation signer digest algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.3](https://tools.ietf.org/html/rfc8624#section-3.3).\n" }, "digestValue": { "type": "string", "description": "A cryptographic digest of a DNSKEY resource record (RR). DNSKEY records are used to publish the public key that resolvers can use to verify DNSSEC signatures that are used to secure certain kinds of information provided by the DNS system.\n" }, "dnskeyRecord": { "type": "string", "description": "A string that represents a DNSKEY record.\n" }, "dsRecord": { "type": "string", "description": "A string that represents a delegation signer (DS) record.\n" }, "flag": { "type": "integer", "description": "An integer that specifies how the key is used. For key-signing key (KSK), this value is always 257.\n" }, "hostedZoneId": { "type": "string", "description": "Identifier of the Route 53 Hosted Zone.\n", "willReplaceOnChanges": true }, "keyManagementServiceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Key Management Service (KMS) Key. This must be unique for each key-signing key (KSK) in a single hosted zone. This key must be in the `us-east-1` Region and meet certain requirements, which are described in the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-cmk-requirements.html) and [Route 53 API Reference](https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateKeySigningKey.html).\n" }, "keyTag": { "type": "integer", "description": "An integer used to identify the DNSSEC record for the domain name. The process used to calculate the value is described in [RFC-4034 Appendix B](https://tools.ietf.org/rfc/rfc4034.txt).\n" }, "name": { "type": "string", "description": "Name of the key-signing key (KSK). Must be unique for each key-singing key in the same hosted zone.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "publicKey": { "type": "string", "description": "The public key, represented as a Base64 encoding, as required by [RFC-4034 Page 5](https://tools.ietf.org/rfc/rfc4034.txt).\n" }, "signingAlgorithmMnemonic": { "type": "string", "description": "A string used to represent the signing algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.1](https://tools.ietf.org/html/rfc8624#section-3.1).\n" }, "signingAlgorithmType": { "type": "integer", "description": "An integer used to represent the signing algorithm. This value must follow the guidelines provided by [RFC-8624 Section 3.1](https://tools.ietf.org/html/rfc8624#section-3.1).\n" }, "status": { "type": "string", "description": "Status of the key-signing key (KSK). Valid values: `ACTIVE`, `INACTIVE`. Defaults to `ACTIVE`.\n" } }, "type": "object" } }, "aws:route53/queryLog:QueryLog": { "description": "Provides a Route53 query logging configuration resource.\n\n\u003e **NOTE:** There are restrictions on the configuration of query logging. Notably,\nthe CloudWatch log group must be in the `us-east-1` region,\na permissive CloudWatch log resource policy must be in place, and\nthe Route53 hosted zone must be public.\nSee [Configuring Logging for DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html?console_help=true#query-logs-configuring) for additional details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example Route53 zone with query logging\nconst exampleCom = new aws.route53.Zone(\"example_com\", {name: \"example.com\"});\nconst awsRoute53ExampleCom = new aws.cloudwatch.LogGroup(\"aws_route53_example_com\", {\n name: pulumi.interpolate`/aws/route53/${exampleCom.name}`,\n retentionInDays: 30,\n});\n// Example CloudWatch log resource policy to allow Route53 to write logs\n// to any log group under /aws/route53/*\nconst route53-query-logging-policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policy.then(route53_query_logging_policy =\u003e route53_query_logging_policy.json),\n policyName: \"route53-query-logging-policy\",\n});\nconst exampleComQueryLog = new aws.route53.QueryLog(\"example_com\", {\n cloudwatchLogGroupArn: awsRoute53ExampleCom.arn,\n zoneId: exampleCom.zoneId,\n}, {\n dependsOn: [route53_query_logging_policyLogResourcePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example Route53 zone with query logging\nexample_com = aws.route53.Zone(\"example_com\", name=\"example.com\")\naws_route53_example_com = aws.cloudwatch.LogGroup(\"aws_route53_example_com\",\n name=example_com.name.apply(lambda name: f\"/aws/route53/{name}\"),\n retention_in_days=30)\n# Example CloudWatch log resource policy to allow Route53 to write logs\n# to any log group under /aws/route53/*\nroute53_query_logging_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n \"resources\": [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n \"principals\": [{\n \"identifiers\": [\"route53.amazonaws.com\"],\n \"type\": \"Service\",\n }],\n}])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\",\n policy_document=route53_query_logging_policy.json,\n policy_name=\"route53-query-logging-policy\")\nexample_com_query_log = aws.route53.QueryLog(\"example_com\",\n cloudwatch_log_group_arn=aws_route53_example_com.arn,\n zone_id=example_com.zone_id,\n opts = pulumi.ResourceOptions(depends_on=[route53_query_logging_policy_log_resource_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Example Route53 zone with query logging\n var exampleCom = new Aws.Route53.Zone(\"example_com\", new()\n {\n Name = \"example.com\",\n });\n\n var awsRoute53ExampleCom = new Aws.CloudWatch.LogGroup(\"aws_route53_example_com\", new()\n {\n Name = exampleCom.Name.Apply(name =\u003e $\"/aws/route53/{name}\"),\n RetentionInDays = 30,\n });\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n var route53_query_logging_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policy\", new()\n {\n PolicyDocument = route53_query_logging_policy.Apply(route53_query_logging_policy =\u003e route53_query_logging_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"route53-query-logging-policy\",\n });\n\n var exampleComQueryLog = new Aws.Route53.QueryLog(\"example_com\", new()\n {\n CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn,\n ZoneId = exampleCom.ZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n route53_query_logging_policyLogResourcePolicy,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Example Route53 zone with query logging\n\t\texampleCom, err := route53.NewZone(ctx, \"example_com\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsRoute53ExampleCom, err := cloudwatch.NewLogGroup(ctx, \"aws_route53_example_com\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: exampleCom.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"/aws/route53/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(30),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example CloudWatch log resource policy to allow Route53 to write logs\n\t\t// to any log group under /aws/route53/*\n\t\troute53_query_logging_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"route53.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"route53-query-logging-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(route53_query_logging_policy.Json),\n\t\t\tPolicyName: pulumi.String(\"route53-query-logging-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewQueryLog(ctx, \"example_com\", \u0026route53.QueryLogArgs{\n\t\t\tCloudwatchLogGroupArn: awsRoute53ExampleCom.Arn,\n\t\t\tZoneId: exampleCom.ZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\troute53_query_logging_policyLogResourcePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.route53.QueryLog;\nimport com.pulumi.aws.route53.QueryLogArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Example Route53 zone with query logging\n var exampleCom = new Zone(\"exampleCom\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var awsRoute53ExampleCom = new LogGroup(\"awsRoute53ExampleCom\", LogGroupArgs.builder()\n .name(exampleCom.name().applyValue(name -\u003e String.format(\"/aws/route53/%s\", name)))\n .retentionInDays(30)\n .build());\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n final var route53-query-logging-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:log-group:/aws/route53/*\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"route53.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var route53_query_logging_policyLogResourcePolicy = new LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", LogResourcePolicyArgs.builder()\n .policyDocument(route53_query_logging_policy.json())\n .policyName(\"route53-query-logging-policy\")\n .build());\n\n var exampleComQueryLog = new QueryLog(\"exampleComQueryLog\", QueryLogArgs.builder()\n .cloudwatchLogGroupArn(awsRoute53ExampleCom.arn())\n .zoneId(exampleCom.zoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(route53_query_logging_policyLogResourcePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsRoute53ExampleCom:\n type: aws:cloudwatch:LogGroup\n name: aws_route53_example_com\n properties:\n name: /aws/route53/${exampleCom.name}\n retentionInDays: 30\n route53-query-logging-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: route53-query-logging-policy\n properties:\n policyDocument: ${[\"route53-query-logging-policy\"].json}\n policyName: route53-query-logging-policy\n # Example Route53 zone with query logging\n exampleCom:\n type: aws:route53:Zone\n name: example_com\n properties:\n name: example.com\n exampleComQueryLog:\n type: aws:route53:QueryLog\n name: example_com\n properties:\n cloudwatchLogGroupArn: ${awsRoute53ExampleCom.arn}\n zoneId: ${exampleCom.zoneId}\n options:\n dependson:\n - ${[\"route53-query-logging-policyLogResourcePolicy\"]}\nvariables:\n # Example CloudWatch log resource policy to allow Route53 to write logs\n # to any log group under /aws/route53/*\n route53-query-logging-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:log-group:/aws/route53/*\n principals:\n - identifiers:\n - route53.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 query logging configurations using their ID. For example:\n\n```sh\n$ pulumi import aws:route53/queryLog:QueryLog example_com xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Query Logging Config.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n" }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n" } }, "required": [ "arn", "cloudwatchLogGroupArn", "zoneId" ], "inputProperties": { "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cloudwatchLogGroupArn", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering QueryLog resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Query Logging Config.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "CloudWatch log group ARN to send query logs.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "Route53 hosted zone ID to enable query logs.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/record:Record": { "description": "Provides a Route53 record resource.\n\n## Example Usage\n\n### Simple routing policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"www.example.com\",\n type: aws.route53.RecordType.A,\n ttl: 300,\n records: [lb.publicIp],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"www.example.com\",\n type=aws.route53.RecordType.A,\n ttl=300,\n records=[lb[\"publicIp\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"www.example.com\",\n Type = Aws.Route53.RecordType.A,\n Ttl = 300,\n Records = new[]\n {\n lb.PublicIp,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tlb.PublicIp,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"www.example.com\")\n .type(\"A\")\n .ttl(300)\n .records(lb.publicIp())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: www.example.com\n type: A\n ttl: 300\n records:\n - ${lb.publicIp}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Weighted routing policy\n\nOther routing policies are configured similarly. See [Amazon Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) for details.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst www_dev = new aws.route53.Record(\"www-dev\", {\n zoneId: primary.zoneId,\n name: \"www\",\n type: aws.route53.RecordType.CNAME,\n ttl: 5,\n weightedRoutingPolicies: [{\n weight: 10,\n }],\n setIdentifier: \"dev\",\n records: [\"dev.example.com\"],\n});\nconst www_live = new aws.route53.Record(\"www-live\", {\n zoneId: primary.zoneId,\n name: \"www\",\n type: aws.route53.RecordType.CNAME,\n ttl: 5,\n weightedRoutingPolicies: [{\n weight: 90,\n }],\n setIdentifier: \"live\",\n records: [\"live.example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwww_dev = aws.route53.Record(\"www-dev\",\n zone_id=primary[\"zoneId\"],\n name=\"www\",\n type=aws.route53.RecordType.CNAME,\n ttl=5,\n weighted_routing_policies=[{\n \"weight\": 10,\n }],\n set_identifier=\"dev\",\n records=[\"dev.example.com\"])\nwww_live = aws.route53.Record(\"www-live\",\n zone_id=primary[\"zoneId\"],\n name=\"www\",\n type=aws.route53.RecordType.CNAME,\n ttl=5,\n weighted_routing_policies=[{\n \"weight\": 90,\n }],\n set_identifier=\"live\",\n records=[\"live.example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var www_dev = new Aws.Route53.Record(\"www-dev\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"www\",\n Type = Aws.Route53.RecordType.CNAME,\n Ttl = 5,\n WeightedRoutingPolicies = new[]\n {\n new Aws.Route53.Inputs.RecordWeightedRoutingPolicyArgs\n {\n Weight = 10,\n },\n },\n SetIdentifier = \"dev\",\n Records = new[]\n {\n \"dev.example.com\",\n },\n });\n\n var www_live = new Aws.Route53.Record(\"www-live\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"www\",\n Type = Aws.Route53.RecordType.CNAME,\n Ttl = 5,\n WeightedRoutingPolicies = new[]\n {\n new Aws.Route53.Inputs.RecordWeightedRoutingPolicyArgs\n {\n Weight = 90,\n },\n },\n SetIdentifier = \"live\",\n Records = new[]\n {\n \"live.example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewRecord(ctx, \"www-dev\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"www\"),\n\t\t\tType: pulumi.String(route53.RecordTypeCNAME),\n\t\t\tTtl: pulumi.Int(5),\n\t\t\tWeightedRoutingPolicies: route53.RecordWeightedRoutingPolicyArray{\n\t\t\t\t\u0026route53.RecordWeightedRoutingPolicyArgs{\n\t\t\t\t\tWeight: pulumi.Int(10),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSetIdentifier: pulumi.String(\"dev\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www-live\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"www\"),\n\t\t\tType: pulumi.String(route53.RecordTypeCNAME),\n\t\t\tTtl: pulumi.Int(5),\n\t\t\tWeightedRoutingPolicies: route53.RecordWeightedRoutingPolicyArray{\n\t\t\t\t\u0026route53.RecordWeightedRoutingPolicyArgs{\n\t\t\t\t\tWeight: pulumi.Int(90),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSetIdentifier: pulumi.String(\"live\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"live.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordWeightedRoutingPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var www_dev = new Record(\"www-dev\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"www\")\n .type(\"CNAME\")\n .ttl(5)\n .weightedRoutingPolicies(RecordWeightedRoutingPolicyArgs.builder()\n .weight(10)\n .build())\n .setIdentifier(\"dev\")\n .records(\"dev.example.com\")\n .build());\n\n var www_live = new Record(\"www-live\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"www\")\n .type(\"CNAME\")\n .ttl(5)\n .weightedRoutingPolicies(RecordWeightedRoutingPolicyArgs.builder()\n .weight(90)\n .build())\n .setIdentifier(\"live\")\n .records(\"live.example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www-dev:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: www\n type: CNAME\n ttl: 5\n weightedRoutingPolicies:\n - weight: 10\n setIdentifier: dev\n records:\n - dev.example.com\n www-live:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: www\n type: CNAME\n ttl: 5\n weightedRoutingPolicies:\n - weight: 90\n setIdentifier: live\n records:\n - live.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Geoproximity routing policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"www.example.com\",\n type: aws.route53.RecordType.CNAME,\n ttl: 300,\n geoproximityRoutingPolicy: {\n coordinates: [{\n latitude: \"49.22\",\n longitude: \"-74.01\",\n }],\n },\n setIdentifier: \"dev\",\n records: [\"dev.example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"www.example.com\",\n type=aws.route53.RecordType.CNAME,\n ttl=300,\n geoproximity_routing_policy={\n \"coordinates\": [{\n \"latitude\": \"49.22\",\n \"longitude\": \"-74.01\",\n }],\n },\n set_identifier=\"dev\",\n records=[\"dev.example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"www.example.com\",\n Type = Aws.Route53.RecordType.CNAME,\n Ttl = 300,\n GeoproximityRoutingPolicy = new Aws.Route53.Inputs.RecordGeoproximityRoutingPolicyArgs\n {\n Coordinates = new[]\n {\n new Aws.Route53.Inputs.RecordGeoproximityRoutingPolicyCoordinateArgs\n {\n Latitude = \"49.22\",\n Longitude = \"-74.01\",\n },\n },\n },\n SetIdentifier = \"dev\",\n Records = new[]\n {\n \"dev.example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"www.example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeCNAME),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tGeoproximityRoutingPolicy: \u0026route53.RecordGeoproximityRoutingPolicyArgs{\n\t\t\t\tCoordinates: route53.RecordGeoproximityRoutingPolicyCoordinateArray{\n\t\t\t\t\t\u0026route53.RecordGeoproximityRoutingPolicyCoordinateArgs{\n\t\t\t\t\t\tLatitude: pulumi.String(\"49.22\"),\n\t\t\t\t\t\tLongitude: pulumi.String(\"-74.01\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSetIdentifier: pulumi.String(\"dev\"),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordGeoproximityRoutingPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"www.example.com\")\n .type(\"CNAME\")\n .ttl(300)\n .geoproximityRoutingPolicy(RecordGeoproximityRoutingPolicyArgs.builder()\n .coordinates(RecordGeoproximityRoutingPolicyCoordinateArgs.builder()\n .latitude(\"49.22\")\n .longitude(\"-74.01\")\n .build())\n .build())\n .setIdentifier(\"dev\")\n .records(\"dev.example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: www.example.com\n type: CNAME\n ttl: 300\n geoproximityRoutingPolicy:\n coordinates:\n - latitude: '49.22'\n longitude: '-74.01'\n setIdentifier: dev\n records:\n - dev.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Alias record\n\nSee [related part of Amazon Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-choosing-alias-non-alias.html)\nto understand differences between alias and non-alias records.\n\nTTL for all alias records is [60 seconds](https://aws.amazon.com/route53/faqs/#dns_failover_do_i_need_to_adjust),\nyou cannot change this, therefore `ttl` has to be omitted in alias records.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.elb.LoadBalancer(\"main\", {\n name: \"foobar-elb\",\n availabilityZones: [\"us-east-1c\"],\n listeners: [{\n instancePort: 80,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"example.com\",\n type: aws.route53.RecordType.A,\n aliases: [{\n name: main.dnsName,\n zoneId: main.zoneId,\n evaluateTargetHealth: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.LoadBalancer(\"main\",\n name=\"foobar-elb\",\n availability_zones=[\"us-east-1c\"],\n listeners=[{\n \"instance_port\": 80,\n \"instance_protocol\": \"http\",\n \"lb_port\": 80,\n \"lb_protocol\": \"http\",\n }])\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"example.com\",\n type=aws.route53.RecordType.A,\n aliases=[{\n \"name\": main.dns_name,\n \"zone_id\": main.zone_id,\n \"evaluate_target_health\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Elb.LoadBalancer(\"main\", new()\n {\n Name = \"foobar-elb\",\n AvailabilityZones = new[]\n {\n \"us-east-1c\",\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 80,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"example.com\",\n Type = Aws.Route53.RecordType.A,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = main.DnsName,\n ZoneId = main.ZoneId,\n EvaluateTargetHealth = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.NewLoadBalancer(ctx, \"main\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"foobar-elb\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-east-1c\"),\n\t\t\t},\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(80),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"http\"),\n\t\t\t\t\tLbPort: pulumi.Int(80),\n\t\t\t\t\tLbProtocol: pulumi.String(\"http\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: main.DnsName,\n\t\t\t\t\tZoneId: main.ZoneId,\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new LoadBalancer(\"main\", LoadBalancerArgs.builder()\n .name(\"foobar-elb\")\n .availabilityZones(\"us-east-1c\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(80)\n .instanceProtocol(\"http\")\n .lbPort(80)\n .lbProtocol(\"http\")\n .build())\n .build());\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"example.com\")\n .type(\"A\")\n .aliases(RecordAliasArgs.builder()\n .name(main.dnsName())\n .zoneId(main.zoneId())\n .evaluateTargetHealth(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:elb:LoadBalancer\n properties:\n name: foobar-elb\n availabilityZones:\n - us-east-1c\n listeners:\n - instancePort: 80\n instanceProtocol: http\n lbPort: 80\n lbProtocol: http\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: example.com\n type: A\n aliases:\n - name: ${main.dnsName}\n zoneId: ${main.zoneId}\n evaluateTargetHealth: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### NS and SOA Record Management\n\nWhen creating Route 53 zones, the `NS` and `SOA` records for the zone are automatically created. Enabling the `allow_overwrite` argument will allow managing these records in a single deployment without the requirement for `import`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.Zone(\"example\", {name: \"test.example.com\"});\nconst exampleRecord = new aws.route53.Record(\"example\", {\n allowOverwrite: true,\n name: \"test.example.com\",\n ttl: 172800,\n type: aws.route53.RecordType.NS,\n zoneId: example.zoneId,\n records: [\n example.nameServers[0],\n example.nameServers[1],\n example.nameServers[2],\n example.nameServers[3],\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.Zone(\"example\", name=\"test.example.com\")\nexample_record = aws.route53.Record(\"example\",\n allow_overwrite=True,\n name=\"test.example.com\",\n ttl=172800,\n type=aws.route53.RecordType.NS,\n zone_id=example.zone_id,\n records=[\n example.name_servers[0],\n example.name_servers[1],\n example.name_servers[2],\n example.name_servers[3],\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"test.example.com\",\n });\n\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n AllowOverwrite = true,\n Name = \"test.example.com\",\n Ttl = 172800,\n Type = Aws.Route53.RecordType.NS,\n ZoneId = example.ZoneId,\n Records = new[]\n {\n example.NameServers.Apply(nameServers =\u003e nameServers[0]),\n example.NameServers.Apply(nameServers =\u003e nameServers[1]),\n example.NameServers.Apply(nameServers =\u003e nameServers[2]),\n example.NameServers.Apply(nameServers =\u003e nameServers[3]),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"test.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tAllowOverwrite: pulumi.Bool(true),\n\t\t\tName: pulumi.String(\"test.example.com\"),\n\t\t\tTtl: pulumi.Int(172800),\n\t\t\tType: pulumi.String(route53.RecordTypeNS),\n\t\t\tZoneId: example.ZoneId,\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[0], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texample.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[1], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texample.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[2], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\texample.NameServers.ApplyT(func(nameServers []string) (string, error) {\n\t\t\t\t\treturn nameServers[3], nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Zone(\"example\", ZoneArgs.builder()\n .name(\"test.example.com\")\n .build());\n\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .allowOverwrite(true)\n .name(\"test.example.com\")\n .ttl(172800)\n .type(\"NS\")\n .zoneId(example.zoneId())\n .records( \n example.nameServers().applyValue(nameServers -\u003e nameServers[0]),\n example.nameServers().applyValue(nameServers -\u003e nameServers[1]),\n example.nameServers().applyValue(nameServers -\u003e nameServers[2]),\n example.nameServers().applyValue(nameServers -\u003e nameServers[3]))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:Zone\n properties:\n name: test.example.com\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n allowOverwrite: true\n name: test.example.com\n ttl: 172800\n type: NS\n zoneId: ${example.zoneId}\n records:\n - ${example.nameServers[0]}\n - ${example.nameServers[1]}\n - ${example.nameServers[2]}\n - ${example.nameServers[3]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the record also contains a set identifier, append it:\n\nIf the record name is the empty string, it can be omitted:\n\n__Using `pulumi import` to import__ Route53 Records using the ID of the record, record name, record type, and set identifier. For example:\n\nUsing the ID of the record, which is the zone identifier, record name, and record type, separated by underscores (`_`):\n\n```sh\n$ pulumi import aws:route53/record:Record myrecord Z4KAPRWWNC7JR_dev.example.com_NS\n```\nIf the record also contains a set identifier, append it:\n\n```sh\n$ pulumi import aws:route53/record:Record myrecord Z4KAPRWWNC7JR_dev.example.com_NS_dev\n```\n", "properties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nDocumented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n\nExactly one of `records` or `alias` must be specified: this determines whether it's an alias record.\n" }, "cidrRoutingPolicy": { "$ref": "#/types/aws:route53/RecordCidrRoutingPolicy:RecordCidrRoutingPolicy", "description": "A block indicating a routing policy based on the IP network ranges of requestors. Conflicts with any other routing policy. Documented below.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "fqdn": { "type": "string", "description": "[FQDN](https://en.wikipedia.org/wiki/Fully_qualified_domain_name) built using the zone domain and `name`.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "geoproximityRoutingPolicy": { "$ref": "#/types/aws:route53/RecordGeoproximityRoutingPolicy:RecordGeoproximityRoutingPolicy", "description": "A block indicating a routing policy based on the geoproximity of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "The name of the record.\n" }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the provider configuration string (e.g., `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `cidr_routing_policy`, `failover_routing_policy`, `geolocation_routing_policy`,`geoproximity_routing_policy`, `latency_routing_policy`, `multivalue_answer_routing_policy`, or `weighted_routing_policy`.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "description": "The record type. Valid values are `A`, `AAAA`, `CAA`, `CNAME`, `DS`, `MX`, `NAPTR`, `NS`, `PTR`, `SOA`, `SPF`, `SRV` and `TXT`.\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "The ID of the hosted zone to contain this record.\n" } }, "required": [ "allowOverwrite", "fqdn", "name", "type", "zoneId" ], "inputProperties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nDocumented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n\nExactly one of `records` or `alias` must be specified: this determines whether it's an alias record.\n" }, "cidrRoutingPolicy": { "$ref": "#/types/aws:route53/RecordCidrRoutingPolicy:RecordCidrRoutingPolicy", "description": "A block indicating a routing policy based on the IP network ranges of requestors. Conflicts with any other routing policy. Documented below.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "geoproximityRoutingPolicy": { "$ref": "#/types/aws:route53/RecordGeoproximityRoutingPolicy:RecordGeoproximityRoutingPolicy", "description": "A block indicating a routing policy based on the geoproximity of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "The name of the record.\n", "willReplaceOnChanges": true }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the provider configuration string (e.g., `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `cidr_routing_policy`, `failover_routing_policy`, `geolocation_routing_policy`,`geoproximity_routing_policy`, `latency_routing_policy`, `multivalue_answer_routing_policy`, or `weighted_routing_policy`.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:route53/RecordType:RecordType" } ], "description": "The record type. Valid values are `A`, `AAAA`, `CAA`, `CNAME`, `DS`, `MX`, `NAPTR`, `NS`, `PTR`, `SOA`, `SPF`, `SRV` and `TXT`.\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "The ID of the hosted zone to contain this record.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "name", "type", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Record resources.\n", "properties": { "aliases": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordAlias:RecordAlias" }, "description": "An alias block. Conflicts with `ttl` \u0026 `records`.\nDocumented below.\n" }, "allowOverwrite": { "type": "boolean", "description": "Allow creation of this record to overwrite an existing record, if any. This does not affect the ability to update the record using this provider and does not prevent other resources within this provider or manual Route 53 changes outside this provider from overwriting this record. `false` by default. This configuration is not recommended for most environments.\n\nExactly one of `records` or `alias` must be specified: this determines whether it's an alias record.\n" }, "cidrRoutingPolicy": { "$ref": "#/types/aws:route53/RecordCidrRoutingPolicy:RecordCidrRoutingPolicy", "description": "A block indicating a routing policy based on the IP network ranges of requestors. Conflicts with any other routing policy. Documented below.\n" }, "failoverRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordFailoverRoutingPolicy:RecordFailoverRoutingPolicy" }, "description": "A block indicating the routing behavior when associated health check fails. Conflicts with any other routing policy. Documented below.\n" }, "fqdn": { "type": "string", "description": "[FQDN](https://en.wikipedia.org/wiki/Fully_qualified_domain_name) built using the zone domain and `name`.\n" }, "geolocationRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordGeolocationRoutingPolicy:RecordGeolocationRoutingPolicy" }, "description": "A block indicating a routing policy based on the geolocation of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "geoproximityRoutingPolicy": { "$ref": "#/types/aws:route53/RecordGeoproximityRoutingPolicy:RecordGeoproximityRoutingPolicy", "description": "A block indicating a routing policy based on the geoproximity of the requestor. Conflicts with any other routing policy. Documented below.\n" }, "healthCheckId": { "type": "string", "description": "The health check the record should be associated with.\n" }, "latencyRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordLatencyRoutingPolicy:RecordLatencyRoutingPolicy" }, "description": "A block indicating a routing policy based on the latency between the requestor and an AWS region. Conflicts with any other routing policy. Documented below.\n" }, "multivalueAnswerRoutingPolicy": { "type": "boolean", "description": "Set to `true` to indicate a multivalue answer routing policy. Conflicts with any other routing policy.\n" }, "name": { "type": "string", "description": "The name of the record.\n", "willReplaceOnChanges": true }, "records": { "type": "array", "items": { "type": "string" }, "description": "A string list of records. To specify a single record value longer than 255 characters such as a TXT record for DKIM, add `\\\"\\\"` inside the provider configuration string (e.g., `\"first255characters\\\"\\\"morecharacters\"`).\n" }, "setIdentifier": { "type": "string", "description": "Unique identifier to differentiate records with routing policies from one another. Required if using `cidr_routing_policy`, `failover_routing_policy`, `geolocation_routing_policy`,`geoproximity_routing_policy`, `latency_routing_policy`, `multivalue_answer_routing_policy`, or `weighted_routing_policy`.\n" }, "ttl": { "type": "integer", "description": "The TTL of the record.\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:route53/RecordType:RecordType" } ], "description": "The record type. Valid values are `A`, `AAAA`, `CAA`, `CNAME`, `DS`, `MX`, `NAPTR`, `NS`, `PTR`, `SOA`, `SPF`, `SRV` and `TXT`.\n" }, "weightedRoutingPolicies": { "type": "array", "items": { "$ref": "#/types/aws:route53/RecordWeightedRoutingPolicy:RecordWeightedRoutingPolicy" }, "description": "A block indicating a weighted routing policy. Conflicts with any other routing policy. Documented below.\n" }, "zoneId": { "type": "string", "description": "The ID of the hosted zone to contain this record.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/resolverConfig:ResolverConfig": { "description": "Provides a Route 53 Resolver config resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst exampleResolverConfig = new aws.route53.ResolverConfig(\"example\", {\n resourceId: example.id,\n autodefinedReverseFlag: \"DISABLE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\nexample_resolver_config = aws.route53.ResolverConfig(\"example\",\n resource_id=example.id,\n autodefined_reverse_flag=\"DISABLE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var exampleResolverConfig = new Aws.Route53.ResolverConfig(\"example\", new()\n {\n ResourceId = example.Id,\n AutodefinedReverseFlag = \"DISABLE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewResolverConfig(ctx, \"example\", \u0026route53.ResolverConfigArgs{\n\t\t\tResourceId: example.ID(),\n\t\t\tAutodefinedReverseFlag: pulumi.String(\"DISABLE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.route53.ResolverConfig;\nimport com.pulumi.aws.route53.ResolverConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var exampleResolverConfig = new ResolverConfig(\"exampleResolverConfig\", ResolverConfigArgs.builder()\n .resourceId(example.id())\n .autodefinedReverseFlag(\"DISABLE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n exampleResolverConfig:\n type: aws:route53:ResolverConfig\n name: example\n properties:\n resourceId: ${example.id}\n autodefinedReverseFlag: DISABLE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver configs using the Route 53 Resolver config ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverConfig:ResolverConfig example rslvr-rc-715aa20c73a23da7\n```\n", "properties": { "autodefinedReverseFlag": { "type": "string", "description": "Indicates whether or not the Resolver will create autodefined rules for reverse DNS lookups. Valid values: `ENABLE`, `DISABLE`.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the VPC that this resolver configuration applies to.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n" } }, "required": [ "autodefinedReverseFlag", "ownerId", "resourceId" ], "inputProperties": { "autodefinedReverseFlag": { "type": "string", "description": "Indicates whether or not the Resolver will create autodefined rules for reverse DNS lookups. Valid values: `ENABLE`, `DISABLE`.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "autodefinedReverseFlag", "resourceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverConfig resources.\n", "properties": { "autodefinedReverseFlag": { "type": "string", "description": "Indicates whether or not the Resolver will create autodefined rules for reverse DNS lookups. Valid values: `ENABLE`, `DISABLE`.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the VPC that this resolver configuration applies to.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/resolverDnsSecConfig:ResolverDnsSecConfig": { "description": "Provides a Route 53 Resolver DNSSEC config resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst exampleResolverDnsSecConfig = new aws.route53.ResolverDnsSecConfig(\"example\", {resourceId: example.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\nexample_resolver_dns_sec_config = aws.route53.ResolverDnsSecConfig(\"example\", resource_id=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var exampleResolverDnsSecConfig = new Aws.Route53.ResolverDnsSecConfig(\"example\", new()\n {\n ResourceId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewResolverDnsSecConfig(ctx, \"example\", \u0026route53.ResolverDnsSecConfigArgs{\n\t\t\tResourceId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.route53.ResolverDnsSecConfig;\nimport com.pulumi.aws.route53.ResolverDnsSecConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var exampleResolverDnsSecConfig = new ResolverDnsSecConfig(\"exampleResolverDnsSecConfig\", ResolverDnsSecConfigArgs.builder()\n .resourceId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n exampleResolverDnsSecConfig:\n type: aws:route53:ResolverDnsSecConfig\n name: example\n properties:\n resourceId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNSSEC configs using the Route 53 Resolver DNSSEC config ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverDnsSecConfig:ResolverDnsSecConfig example rdsc-be1866ecc1683e95\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN for a configuration for DNSSEC validation.\n" }, "ownerId": { "type": "string", "description": "The owner account ID of the virtual private cloud (VPC) for a configuration for DNSSEC validation.\n" }, "resourceId": { "type": "string", "description": "The ID of the virtual private cloud (VPC) that you're updating the DNSSEC validation status for.\n" }, "validationStatus": { "type": "string", "description": "The validation status for a DNSSEC configuration. The status can be one of the following: `ENABLING`, `ENABLED`, `DISABLING` and `DISABLED`.\n" } }, "required": [ "arn", "ownerId", "resourceId", "validationStatus" ], "inputProperties": { "resourceId": { "type": "string", "description": "The ID of the virtual private cloud (VPC) that you're updating the DNSSEC validation status for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverDnsSecConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN for a configuration for DNSSEC validation.\n" }, "ownerId": { "type": "string", "description": "The owner account ID of the virtual private cloud (VPC) for a configuration for DNSSEC validation.\n" }, "resourceId": { "type": "string", "description": "The ID of the virtual private cloud (VPC) that you're updating the DNSSEC validation status for.\n", "willReplaceOnChanges": true }, "validationStatus": { "type": "string", "description": "The validation status for a DNSSEC configuration. The status can be one of the following: `ENABLING`, `ENABLED`, `DISABLING` and `DISABLED`.\n" } }, "type": "object" } }, "aws:route53/resolverEndpoint:ResolverEndpoint": { "description": "Provides a Route 53 Resolver endpoint resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.route53.ResolverEndpoint(\"foo\", {\n name: \"foo\",\n direction: \"INBOUND\",\n securityGroupIds: [\n sg1.id,\n sg2.id,\n ],\n ipAddresses: [\n {\n subnetId: sn1.id,\n },\n {\n subnetId: sn2.id,\n ip: \"10.0.64.4\",\n },\n ],\n protocols: [\n \"Do53\",\n \"DoH\",\n ],\n tags: {\n Environment: \"Prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.route53.ResolverEndpoint(\"foo\",\n name=\"foo\",\n direction=\"INBOUND\",\n security_group_ids=[\n sg1[\"id\"],\n sg2[\"id\"],\n ],\n ip_addresses=[\n {\n \"subnet_id\": sn1[\"id\"],\n },\n {\n \"subnet_id\": sn2[\"id\"],\n \"ip\": \"10.0.64.4\",\n },\n ],\n protocols=[\n \"Do53\",\n \"DoH\",\n ],\n tags={\n \"Environment\": \"Prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Route53.ResolverEndpoint(\"foo\", new()\n {\n Name = \"foo\",\n Direction = \"INBOUND\",\n SecurityGroupIds = new[]\n {\n sg1.Id,\n sg2.Id,\n },\n IpAddresses = new[]\n {\n new Aws.Route53.Inputs.ResolverEndpointIpAddressArgs\n {\n SubnetId = sn1.Id,\n },\n new Aws.Route53.Inputs.ResolverEndpointIpAddressArgs\n {\n SubnetId = sn2.Id,\n Ip = \"10.0.64.4\",\n },\n },\n Protocols = new[]\n {\n \"Do53\",\n \"DoH\",\n },\n Tags = \n {\n { \"Environment\", \"Prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverEndpoint(ctx, \"foo\", \u0026route53.ResolverEndpointArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tDirection: pulumi.String(\"INBOUND\"),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tsg1.Id,\n\t\t\t\tsg2.Id,\n\t\t\t},\n\t\t\tIpAddresses: route53.ResolverEndpointIpAddressArray{\n\t\t\t\t\u0026route53.ResolverEndpointIpAddressArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(sn1.Id),\n\t\t\t\t},\n\t\t\t\t\u0026route53.ResolverEndpointIpAddressArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(sn2.Id),\n\t\t\t\t\tIp: pulumi.String(\"10.0.64.4\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tProtocols: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Do53\"),\n\t\t\t\tpulumi.String(\"DoH\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverEndpoint;\nimport com.pulumi.aws.route53.ResolverEndpointArgs;\nimport com.pulumi.aws.route53.inputs.ResolverEndpointIpAddressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new ResolverEndpoint(\"foo\", ResolverEndpointArgs.builder()\n .name(\"foo\")\n .direction(\"INBOUND\")\n .securityGroupIds( \n sg1.id(),\n sg2.id())\n .ipAddresses( \n ResolverEndpointIpAddressArgs.builder()\n .subnetId(sn1.id())\n .build(),\n ResolverEndpointIpAddressArgs.builder()\n .subnetId(sn2.id())\n .ip(\"10.0.64.4\")\n .build())\n .protocols( \n \"Do53\",\n \"DoH\")\n .tags(Map.of(\"Environment\", \"Prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:route53:ResolverEndpoint\n properties:\n name: foo\n direction: INBOUND\n securityGroupIds:\n - ${sg1.id}\n - ${sg2.id}\n ipAddresses:\n - subnetId: ${sn1.id}\n - subnetId: ${sn2.id}\n ip: 10.0.64.4\n protocols:\n - Do53\n - DoH\n tags:\n Environment: Prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver endpoints using the Route 53 Resolver endpoint ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverEndpoint:ResolverEndpoint foo rslvr-in-abcdef01234567890\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Route 53 Resolver endpoint.\n" }, "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n" }, "hostVpcId": { "type": "string", "description": "The ID of the VPC that you want to create the resolver endpoint in.\n" }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The protocols you want to use for the Route 53 Resolver endpoint. Valid values: `DoH`, `Do53`, `DoH-FIPS`.\n" }, "resolverEndpointType": { "type": "string", "description": "The Route 53 Resolver endpoint IP address type. Valid values: `IPV4`, `IPV6`, `DUALSTACK`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "direction", "hostVpcId", "ipAddresses", "name", "protocols", "resolverEndpointType", "securityGroupIds", "tagsAll" ], "inputProperties": { "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n", "willReplaceOnChanges": true }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The protocols you want to use for the Route 53 Resolver endpoint. Valid values: `DoH`, `Do53`, `DoH-FIPS`.\n" }, "resolverEndpointType": { "type": "string", "description": "The Route 53 Resolver endpoint IP address type. Valid values: `IPV4`, `IPV6`, `DUALSTACK`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "direction", "ipAddresses", "securityGroupIds" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverEndpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Route 53 Resolver endpoint.\n" }, "direction": { "type": "string", "description": "The direction of DNS queries to or from the Route 53 Resolver endpoint.\nValid values are `INBOUND` (resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC)\nor `OUTBOUND` (resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC).\n", "willReplaceOnChanges": true }, "hostVpcId": { "type": "string", "description": "The ID of the VPC that you want to create the resolver endpoint in.\n" }, "ipAddresses": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverEndpointIpAddress:ResolverEndpointIpAddress" }, "description": "The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs\nto your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound endpoints). Described below.\n" }, "name": { "type": "string", "description": "The friendly name of the Route 53 Resolver endpoint.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The protocols you want to use for the Route 53 Resolver endpoint. Valid values: `DoH`, `Do53`, `DoH-FIPS`.\n" }, "resolverEndpointType": { "type": "string", "description": "The Route 53 Resolver endpoint IP address type. Valid values: `IPV4`, `IPV6`, `DUALSTACK`.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The ID of one or more security groups that you want to use to control access to this VPC.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53/resolverFirewallConfig:ResolverFirewallConfig": { "description": "Provides a Route 53 Resolver DNS Firewall config resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst exampleResolverFirewallConfig = new aws.route53.ResolverFirewallConfig(\"example\", {\n resourceId: example.id,\n firewallFailOpen: \"ENABLED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\nexample_resolver_firewall_config = aws.route53.ResolverFirewallConfig(\"example\",\n resource_id=example.id,\n firewall_fail_open=\"ENABLED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var exampleResolverFirewallConfig = new Aws.Route53.ResolverFirewallConfig(\"example\", new()\n {\n ResourceId = example.Id,\n FirewallFailOpen = \"ENABLED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewResolverFirewallConfig(ctx, \"example\", \u0026route53.ResolverFirewallConfigArgs{\n\t\t\tResourceId: example.ID(),\n\t\t\tFirewallFailOpen: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.route53.ResolverFirewallConfig;\nimport com.pulumi.aws.route53.ResolverFirewallConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var exampleResolverFirewallConfig = new ResolverFirewallConfig(\"exampleResolverFirewallConfig\", ResolverFirewallConfigArgs.builder()\n .resourceId(example.id())\n .firewallFailOpen(\"ENABLED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n exampleResolverFirewallConfig:\n type: aws:route53:ResolverFirewallConfig\n name: example\n properties:\n resourceId: ${example.id}\n firewallFailOpen: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNS Firewall configs using the Route 53 Resolver DNS Firewall config ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverFirewallConfig:ResolverFirewallConfig example rdsc-be1866ecc1683e95\n```\n", "properties": { "firewallFailOpen": { "type": "string", "description": "Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall blocks queries that it is unable to evaluate properly. If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. Valid values: `ENABLED`, `DISABLED`.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the VPC that this firewall configuration applies to.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n" } }, "required": [ "firewallFailOpen", "ownerId", "resourceId" ], "inputProperties": { "firewallFailOpen": { "type": "string", "description": "Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall blocks queries that it is unable to evaluate properly. If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. Valid values: `ENABLED`, `DISABLED`.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverFirewallConfig resources.\n", "properties": { "firewallFailOpen": { "type": "string", "description": "Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall blocks queries that it is unable to evaluate properly. If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. Valid values: `ENABLED`, `DISABLED`.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the owner of the VPC that this firewall configuration applies to.\n" }, "resourceId": { "type": "string", "description": "The ID of the VPC that the configuration is for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/resolverFirewallDomainList:ResolverFirewallDomainList": { "description": "Provides a Route 53 Resolver DNS Firewall domain list resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverFirewallDomainList(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverFirewallDomainList(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverFirewallDomainList(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverFirewallDomainList(ctx, \"example\", \u0026route53.ResolverFirewallDomainListArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverFirewallDomainList;\nimport com.pulumi.aws.route53.ResolverFirewallDomainListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverFirewallDomainList(\"example\", ResolverFirewallDomainListArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverFirewallDomainList\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNS Firewall domain lists using the Route 53 Resolver DNS Firewall domain list ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverFirewallDomainList:ResolverFirewallDomainList example rslvr-fdl-0123456789abcdef\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the domain list.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A array of domains for the firewall domain list.\n" }, "name": { "type": "string", "description": "A name that lets you identify the domain list, to manage and use it.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. f configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "domains": { "type": "array", "items": { "type": "string" }, "description": "A array of domains for the firewall domain list.\n" }, "name": { "type": "string", "description": "A name that lets you identify the domain list, to manage and use it.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. f configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResolverFirewallDomainList resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the domain list.\n" }, "domains": { "type": "array", "items": { "type": "string" }, "description": "A array of domains for the firewall domain list.\n" }, "name": { "type": "string", "description": "A name that lets you identify the domain list, to manage and use it.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. f configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53/resolverFirewallRule:ResolverFirewallRule": { "description": "Provides a Route 53 Resolver DNS Firewall rule resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverFirewallDomainList(\"example\", {\n name: \"example\",\n domains: [\"example.com\"],\n tags: {},\n});\nconst exampleResolverFirewallRuleGroup = new aws.route53.ResolverFirewallRuleGroup(\"example\", {\n name: \"example\",\n tags: {},\n});\nconst exampleResolverFirewallRule = new aws.route53.ResolverFirewallRule(\"example\", {\n name: \"example\",\n action: \"BLOCK\",\n blockOverrideDnsType: \"CNAME\",\n blockOverrideDomain: \"example.com\",\n blockOverrideTtl: 1,\n blockResponse: \"OVERRIDE\",\n firewallDomainListId: example.id,\n firewallRuleGroupId: exampleResolverFirewallRuleGroup.id,\n priority: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverFirewallDomainList(\"example\",\n name=\"example\",\n domains=[\"example.com\"],\n tags={})\nexample_resolver_firewall_rule_group = aws.route53.ResolverFirewallRuleGroup(\"example\",\n name=\"example\",\n tags={})\nexample_resolver_firewall_rule = aws.route53.ResolverFirewallRule(\"example\",\n name=\"example\",\n action=\"BLOCK\",\n block_override_dns_type=\"CNAME\",\n block_override_domain=\"example.com\",\n block_override_ttl=1,\n block_response=\"OVERRIDE\",\n firewall_domain_list_id=example.id,\n firewall_rule_group_id=example_resolver_firewall_rule_group.id,\n priority=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverFirewallDomainList(\"example\", new()\n {\n Name = \"example\",\n Domains = new[]\n {\n \"example.com\",\n },\n Tags = null,\n });\n\n var exampleResolverFirewallRuleGroup = new Aws.Route53.ResolverFirewallRuleGroup(\"example\", new()\n {\n Name = \"example\",\n Tags = null,\n });\n\n var exampleResolverFirewallRule = new Aws.Route53.ResolverFirewallRule(\"example\", new()\n {\n Name = \"example\",\n Action = \"BLOCK\",\n BlockOverrideDnsType = \"CNAME\",\n BlockOverrideDomain = \"example.com\",\n BlockOverrideTtl = 1,\n BlockResponse = \"OVERRIDE\",\n FirewallDomainListId = example.Id,\n FirewallRuleGroupId = exampleResolverFirewallRuleGroup.Id,\n Priority = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := route53.NewResolverFirewallDomainList(ctx, \"example\", \u0026route53.ResolverFirewallDomainListArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDomains: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t},\n\t\t\tTags: nil,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleResolverFirewallRuleGroup, err := route53.NewResolverFirewallRuleGroup(ctx, \"example\", \u0026route53.ResolverFirewallRuleGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTags: nil,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewResolverFirewallRule(ctx, \"example\", \u0026route53.ResolverFirewallRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAction: pulumi.String(\"BLOCK\"),\n\t\t\tBlockOverrideDnsType: pulumi.String(\"CNAME\"),\n\t\t\tBlockOverrideDomain: pulumi.String(\"example.com\"),\n\t\t\tBlockOverrideTtl: pulumi.Int(1),\n\t\t\tBlockResponse: pulumi.String(\"OVERRIDE\"),\n\t\t\tFirewallDomainListId: example.ID(),\n\t\t\tFirewallRuleGroupId: exampleResolverFirewallRuleGroup.ID(),\n\t\t\tPriority: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverFirewallDomainList;\nimport com.pulumi.aws.route53.ResolverFirewallDomainListArgs;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroup;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroupArgs;\nimport com.pulumi.aws.route53.ResolverFirewallRule;\nimport com.pulumi.aws.route53.ResolverFirewallRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverFirewallDomainList(\"example\", ResolverFirewallDomainListArgs.builder()\n .name(\"example\")\n .domains(\"example.com\")\n .tags()\n .build());\n\n var exampleResolverFirewallRuleGroup = new ResolverFirewallRuleGroup(\"exampleResolverFirewallRuleGroup\", ResolverFirewallRuleGroupArgs.builder()\n .name(\"example\")\n .tags()\n .build());\n\n var exampleResolverFirewallRule = new ResolverFirewallRule(\"exampleResolverFirewallRule\", ResolverFirewallRuleArgs.builder()\n .name(\"example\")\n .action(\"BLOCK\")\n .blockOverrideDnsType(\"CNAME\")\n .blockOverrideDomain(\"example.com\")\n .blockOverrideTtl(1)\n .blockResponse(\"OVERRIDE\")\n .firewallDomainListId(example.id())\n .firewallRuleGroupId(exampleResolverFirewallRuleGroup.id())\n .priority(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverFirewallDomainList\n properties:\n name: example\n domains:\n - example.com\n tags: {}\n exampleResolverFirewallRuleGroup:\n type: aws:route53:ResolverFirewallRuleGroup\n name: example\n properties:\n name: example\n tags: {}\n exampleResolverFirewallRule:\n type: aws:route53:ResolverFirewallRule\n name: example\n properties:\n name: example\n action: BLOCK\n blockOverrideDnsType: CNAME\n blockOverrideDomain: example.com\n blockOverrideTtl: 1\n blockResponse: OVERRIDE\n firewallDomainListId: ${example.id}\n firewallRuleGroupId: ${exampleResolverFirewallRuleGroup.id}\n priority: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNS Firewall rules using the Route 53 Resolver DNS Firewall rule group ID and domain list ID separated by ':'. For example:\n\n```sh\n$ pulumi import aws:route53/resolverFirewallRule:ResolverFirewallRule example rslvr-frg-0123456789abcdef:rslvr-fdl-0123456789abcdef\n```\n", "properties": { "action": { "type": "string", "description": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list. Valid values: `ALLOW`, `BLOCK`, `ALERT`.\n" }, "blockOverrideDnsType": { "type": "string", "description": "The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Value values: `CNAME`.\n" }, "blockOverrideDomain": { "type": "string", "description": "The custom DNS record to send back in response to the query.\n" }, "blockOverrideTtl": { "type": "integer", "description": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Minimum value of 0. Maximum value of 604800.\n" }, "blockResponse": { "type": "string", "description": "The way that you want DNS Firewall to block the request. Valid values: `NODATA`, `NXDOMAIN`, `OVERRIDE`.\n" }, "firewallDomainListId": { "type": "string", "description": "The ID of the domain list that you want to use in the rule.\n" }, "firewallDomainRedirectionAction": { "type": "string", "description": "Evaluate DNS redirection in the DNS redirection chain, such as CNAME, DNAME, ot ALIAS. Valid values are `INSPECT_REDIRECTION_DOMAIN` and `TRUST_REDIRECTION_DOMAIN`. Default value is `INSPECT_REDIRECTION_DOMAIN`.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group where you want to create the rule.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.\n" }, "qType": { "type": "string", "description": "The query type you want the rule to evaluate. Additional details can be found [here](https://en.wikipedia.org/wiki/List_of_DNS_record_types)\n" } }, "required": [ "action", "firewallDomainListId", "firewallRuleGroupId", "name", "priority" ], "inputProperties": { "action": { "type": "string", "description": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list. Valid values: `ALLOW`, `BLOCK`, `ALERT`.\n" }, "blockOverrideDnsType": { "type": "string", "description": "The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Value values: `CNAME`.\n" }, "blockOverrideDomain": { "type": "string", "description": "The custom DNS record to send back in response to the query.\n" }, "blockOverrideTtl": { "type": "integer", "description": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Minimum value of 0. Maximum value of 604800.\n" }, "blockResponse": { "type": "string", "description": "The way that you want DNS Firewall to block the request. Valid values: `NODATA`, `NXDOMAIN`, `OVERRIDE`.\n" }, "firewallDomainListId": { "type": "string", "description": "The ID of the domain list that you want to use in the rule.\n", "willReplaceOnChanges": true }, "firewallDomainRedirectionAction": { "type": "string", "description": "Evaluate DNS redirection in the DNS redirection chain, such as CNAME, DNAME, ot ALIAS. Valid values are `INSPECT_REDIRECTION_DOMAIN` and `TRUST_REDIRECTION_DOMAIN`. Default value is `INSPECT_REDIRECTION_DOMAIN`.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group where you want to create the rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name that lets you identify the rule, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.\n" }, "qType": { "type": "string", "description": "The query type you want the rule to evaluate. Additional details can be found [here](https://en.wikipedia.org/wiki/List_of_DNS_record_types)\n" } }, "requiredInputs": [ "action", "firewallDomainListId", "firewallRuleGroupId", "priority" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverFirewallRule resources.\n", "properties": { "action": { "type": "string", "description": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list. Valid values: `ALLOW`, `BLOCK`, `ALERT`.\n" }, "blockOverrideDnsType": { "type": "string", "description": "The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Value values: `CNAME`.\n" }, "blockOverrideDomain": { "type": "string", "description": "The custom DNS record to send back in response to the query.\n" }, "blockOverrideTtl": { "type": "integer", "description": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Minimum value of 0. Maximum value of 604800.\n" }, "blockResponse": { "type": "string", "description": "The way that you want DNS Firewall to block the request. Valid values: `NODATA`, `NXDOMAIN`, `OVERRIDE`.\n" }, "firewallDomainListId": { "type": "string", "description": "The ID of the domain list that you want to use in the rule.\n", "willReplaceOnChanges": true }, "firewallDomainRedirectionAction": { "type": "string", "description": "Evaluate DNS redirection in the DNS redirection chain, such as CNAME, DNAME, ot ALIAS. Valid values are `INSPECT_REDIRECTION_DOMAIN` and `TRUST_REDIRECTION_DOMAIN`. Default value is `INSPECT_REDIRECTION_DOMAIN`.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group where you want to create the rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A name that lets you identify the rule, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.\n" }, "qType": { "type": "string", "description": "The query type you want the rule to evaluate. Additional details can be found [here](https://en.wikipedia.org/wiki/List_of_DNS_record_types)\n" } }, "type": "object" } }, "aws:route53/resolverFirewallRuleGroup:ResolverFirewallRuleGroup": { "description": "Provides a Route 53 Resolver DNS Firewall rule group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverFirewallRuleGroup(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverFirewallRuleGroup(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverFirewallRuleGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverFirewallRuleGroup(ctx, \"example\", \u0026route53.ResolverFirewallRuleGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroup;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverFirewallRuleGroup(\"example\", ResolverFirewallRuleGroupArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverFirewallRuleGroup\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNS Firewall rule groups using the Route 53 Resolver DNS Firewall rule group ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverFirewallRuleGroup:ResolverFirewallRuleGroup example rslvr-frg-0123456789abcdef\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the rule group.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule group, to manage and use it.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID for the account that created the rule group. When a rule group is shared with your account, this is the account that has shared the rule group with you.\n" }, "shareStatus": { "type": "string", "description": "Whether the rule group is shared with other AWS accounts, or was shared with the current account by another AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM). Valid values: `NOT_SHARED`, `SHARED_BY_ME`, `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "ownerId", "shareStatus", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "A name that lets you identify the rule group, to manage and use it.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ResolverFirewallRuleGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the rule group.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule group, to manage and use it.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The AWS account ID for the account that created the rule group. When a rule group is shared with your account, this is the account that has shared the rule group with you.\n" }, "shareStatus": { "type": "string", "description": "Whether the rule group is shared with other AWS accounts, or was shared with the current account by another AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM). Valid values: `NOT_SHARED`, `SHARED_BY_ME`, `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53/resolverFirewallRuleGroupAssociation:ResolverFirewallRuleGroupAssociation": { "description": "Provides a Route 53 Resolver DNS Firewall rule group association resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverFirewallRuleGroup(\"example\", {name: \"example\"});\nconst exampleResolverFirewallRuleGroupAssociation = new aws.route53.ResolverFirewallRuleGroupAssociation(\"example\", {\n name: \"example\",\n firewallRuleGroupId: example.id,\n priority: 100,\n vpcId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverFirewallRuleGroup(\"example\", name=\"example\")\nexample_resolver_firewall_rule_group_association = aws.route53.ResolverFirewallRuleGroupAssociation(\"example\",\n name=\"example\",\n firewall_rule_group_id=example.id,\n priority=100,\n vpc_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverFirewallRuleGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleResolverFirewallRuleGroupAssociation = new Aws.Route53.ResolverFirewallRuleGroupAssociation(\"example\", new()\n {\n Name = \"example\",\n FirewallRuleGroupId = example.Id,\n Priority = 100,\n VpcId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := route53.NewResolverFirewallRuleGroup(ctx, \"example\", \u0026route53.ResolverFirewallRuleGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewResolverFirewallRuleGroupAssociation(ctx, \"example\", \u0026route53.ResolverFirewallRuleGroupAssociationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tFirewallRuleGroupId: example.ID(),\n\t\t\tPriority: pulumi.Int(100),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroup;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroupArgs;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroupAssociation;\nimport com.pulumi.aws.route53.ResolverFirewallRuleGroupAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverFirewallRuleGroup(\"example\", ResolverFirewallRuleGroupArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleResolverFirewallRuleGroupAssociation = new ResolverFirewallRuleGroupAssociation(\"exampleResolverFirewallRuleGroupAssociation\", ResolverFirewallRuleGroupAssociationArgs.builder()\n .name(\"example\")\n .firewallRuleGroupId(example.id())\n .priority(100)\n .vpcId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverFirewallRuleGroup\n properties:\n name: example\n exampleResolverFirewallRuleGroupAssociation:\n type: aws:route53:ResolverFirewallRuleGroupAssociation\n name: example\n properties:\n name: example\n firewallRuleGroupId: ${example.id}\n priority: 100\n vpcId: ${exampleAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver DNS Firewall rule group associations using the Route 53 Resolver DNS Firewall rule group association ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverFirewallRuleGroupAssociation:ResolverFirewallRuleGroupAssociation example rslvr-frgassoc-0123456789abcdef\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the firewall rule group association.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group.\n" }, "mutationProtection": { "type": "string", "description": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. Valid values: `ENABLED`, `DISABLED`.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule group association, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall filters VPC traffic starting from the rule group with the lowest numeric priority setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC that you want to associate with the rule group.\n" } }, "required": [ "arn", "firewallRuleGroupId", "mutationProtection", "name", "priority", "tagsAll", "vpcId" ], "inputProperties": { "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group.\n", "willReplaceOnChanges": true }, "mutationProtection": { "type": "string", "description": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. Valid values: `ENABLED`, `DISABLED`.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule group association, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall filters VPC traffic starting from the rule group with the lowest numeric priority setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC that you want to associate with the rule group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "firewallRuleGroupId", "priority", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverFirewallRuleGroupAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the firewall rule group association.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group.\n", "willReplaceOnChanges": true }, "mutationProtection": { "type": "string", "description": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. Valid values: `ENABLED`, `DISABLED`.\n" }, "name": { "type": "string", "description": "A name that lets you identify the rule group association, to manage and use it.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall filters VPC traffic starting from the rule group with the lowest numeric priority setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcId": { "type": "string", "description": "The unique identifier of the VPC that you want to associate with the rule group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/resolverQueryLogConfig:ResolverQueryLogConfig": { "description": "Provides a Route 53 Resolver query logging configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverQueryLogConfig(\"example\", {\n name: \"example\",\n destinationArn: exampleAwsS3Bucket.arn,\n tags: {\n Environment: \"Prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverQueryLogConfig(\"example\",\n name=\"example\",\n destination_arn=example_aws_s3_bucket[\"arn\"],\n tags={\n \"Environment\": \"Prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverQueryLogConfig(\"example\", new()\n {\n Name = \"example\",\n DestinationArn = exampleAwsS3Bucket.Arn,\n Tags = \n {\n { \"Environment\", \"Prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverQueryLogConfig(ctx, \"example\", \u0026route53.ResolverQueryLogConfigArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDestinationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverQueryLogConfig;\nimport com.pulumi.aws.route53.ResolverQueryLogConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverQueryLogConfig(\"example\", ResolverQueryLogConfigArgs.builder()\n .name(\"example\")\n .destinationArn(exampleAwsS3Bucket.arn())\n .tags(Map.of(\"Environment\", \"Prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverQueryLogConfig\n properties:\n name: example\n destinationArn: ${exampleAwsS3Bucket.arn}\n tags:\n Environment: Prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver query logging configurations using the Route 53 Resolver query logging configuration ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverQueryLogConfig:ResolverQueryLogConfig example rqlc-92edc3b1838248bf\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the Route 53 Resolver query logging configuration.\n" }, "destinationArn": { "type": "string", "description": "The ARN of the resource that you want Route 53 Resolver to send query logs.\nYou can send query logs to an S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.\n" }, "name": { "type": "string", "description": "The name of the Route 53 Resolver query logging configuration.\n" }, "ownerId": { "type": "string", "description": "The AWS account ID of the account that created the query logging configuration.\n" }, "shareStatus": { "type": "string", "description": "An indication of whether the query logging configuration is shared with other AWS accounts, or was shared with the current account by another AWS account.\nSharing is configured through AWS Resource Access Manager (AWS RAM).\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "destinationArn", "name", "ownerId", "shareStatus", "tagsAll" ], "inputProperties": { "destinationArn": { "type": "string", "description": "The ARN of the resource that you want Route 53 Resolver to send query logs.\nYou can send query logs to an S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Route 53 Resolver query logging configuration.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "destinationArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverQueryLogConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the Route 53 Resolver query logging configuration.\n" }, "destinationArn": { "type": "string", "description": "The ARN of the resource that you want Route 53 Resolver to send query logs.\nYou can send query logs to an S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Route 53 Resolver query logging configuration.\n", "willReplaceOnChanges": true }, "ownerId": { "type": "string", "description": "The AWS account ID of the account that created the query logging configuration.\n" }, "shareStatus": { "type": "string", "description": "An indication of whether the query logging configuration is shared with other AWS accounts, or was shared with the current account by another AWS account.\nSharing is configured through AWS Resource Access Manager (AWS RAM).\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53/resolverQueryLogConfigAssociation:ResolverQueryLogConfigAssociation": { "description": "Provides a Route 53 Resolver query logging configuration association resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverQueryLogConfigAssociation(\"example\", {\n resolverQueryLogConfigId: exampleAwsRoute53ResolverQueryLogConfig.id,\n resourceId: exampleAwsVpc.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverQueryLogConfigAssociation(\"example\",\n resolver_query_log_config_id=example_aws_route53_resolver_query_log_config[\"id\"],\n resource_id=example_aws_vpc[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverQueryLogConfigAssociation(\"example\", new()\n {\n ResolverQueryLogConfigId = exampleAwsRoute53ResolverQueryLogConfig.Id,\n ResourceId = exampleAwsVpc.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverQueryLogConfigAssociation(ctx, \"example\", \u0026route53.ResolverQueryLogConfigAssociationArgs{\n\t\t\tResolverQueryLogConfigId: pulumi.Any(exampleAwsRoute53ResolverQueryLogConfig.Id),\n\t\t\tResourceId: pulumi.Any(exampleAwsVpc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverQueryLogConfigAssociation;\nimport com.pulumi.aws.route53.ResolverQueryLogConfigAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverQueryLogConfigAssociation(\"example\", ResolverQueryLogConfigAssociationArgs.builder()\n .resolverQueryLogConfigId(exampleAwsRoute53ResolverQueryLogConfig.id())\n .resourceId(exampleAwsVpc.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverQueryLogConfigAssociation\n properties:\n resolverQueryLogConfigId: ${exampleAwsRoute53ResolverQueryLogConfig.id}\n resourceId: ${exampleAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 Resolver query logging configuration associations using the Route 53 Resolver query logging configuration association ID. For example:\n\n```sh\n$ pulumi import aws:route53/resolverQueryLogConfigAssociation:ResolverQueryLogConfigAssociation example rqlca-b320624fef3c4d70\n```\n", "properties": { "resolverQueryLogConfigId": { "type": "string", "description": "The ID of the Route 53 Resolver query logging configuration that you want to associate a VPC with.\n" }, "resourceId": { "type": "string", "description": "The ID of a VPC that you want this query logging configuration to log queries for.\n" } }, "required": [ "resolverQueryLogConfigId", "resourceId" ], "inputProperties": { "resolverQueryLogConfigId": { "type": "string", "description": "The ID of the Route 53 Resolver query logging configuration that you want to associate a VPC with.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The ID of a VPC that you want this query logging configuration to log queries for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resolverQueryLogConfigId", "resourceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverQueryLogConfigAssociation resources.\n", "properties": { "resolverQueryLogConfigId": { "type": "string", "description": "The ID of the Route 53 Resolver query logging configuration that you want to associate a VPC with.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "The ID of a VPC that you want this query logging configuration to log queries for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/resolverRule:ResolverRule": { "description": "Provides a Route53 Resolver rule.\n\n## Example Usage\n\n### System rule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sys = new aws.route53.ResolverRule(\"sys\", {\n domainName: \"subdomain.example.com\",\n ruleType: \"SYSTEM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsys = aws.route53.ResolverRule(\"sys\",\n domain_name=\"subdomain.example.com\",\n rule_type=\"SYSTEM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sys = new Aws.Route53.ResolverRule(\"sys\", new()\n {\n DomainName = \"subdomain.example.com\",\n RuleType = \"SYSTEM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverRule(ctx, \"sys\", \u0026route53.ResolverRuleArgs{\n\t\t\tDomainName: pulumi.String(\"subdomain.example.com\"),\n\t\t\tRuleType: pulumi.String(\"SYSTEM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverRule;\nimport com.pulumi.aws.route53.ResolverRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sys = new ResolverRule(\"sys\", ResolverRuleArgs.builder()\n .domainName(\"subdomain.example.com\")\n .ruleType(\"SYSTEM\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sys:\n type: aws:route53:ResolverRule\n properties:\n domainName: subdomain.example.com\n ruleType: SYSTEM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Forward rule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fwd = new aws.route53.ResolverRule(\"fwd\", {\n domainName: \"example.com\",\n name: \"example\",\n ruleType: \"FORWARD\",\n resolverEndpointId: foo.id,\n targetIps: [{\n ip: \"123.45.67.89\",\n }],\n tags: {\n Environment: \"Prod\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfwd = aws.route53.ResolverRule(\"fwd\",\n domain_name=\"example.com\",\n name=\"example\",\n rule_type=\"FORWARD\",\n resolver_endpoint_id=foo[\"id\"],\n target_ips=[{\n \"ip\": \"123.45.67.89\",\n }],\n tags={\n \"Environment\": \"Prod\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fwd = new Aws.Route53.ResolverRule(\"fwd\", new()\n {\n DomainName = \"example.com\",\n Name = \"example\",\n RuleType = \"FORWARD\",\n ResolverEndpointId = foo.Id,\n TargetIps = new[]\n {\n new Aws.Route53.Inputs.ResolverRuleTargetIpArgs\n {\n Ip = \"123.45.67.89\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Prod\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverRule(ctx, \"fwd\", \u0026route53.ResolverRuleArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleType: pulumi.String(\"FORWARD\"),\n\t\t\tResolverEndpointId: pulumi.Any(foo.Id),\n\t\t\tTargetIps: route53.ResolverRuleTargetIpArray{\n\t\t\t\t\u0026route53.ResolverRuleTargetIpArgs{\n\t\t\t\t\tIp: pulumi.String(\"123.45.67.89\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverRule;\nimport com.pulumi.aws.route53.ResolverRuleArgs;\nimport com.pulumi.aws.route53.inputs.ResolverRuleTargetIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fwd = new ResolverRule(\"fwd\", ResolverRuleArgs.builder()\n .domainName(\"example.com\")\n .name(\"example\")\n .ruleType(\"FORWARD\")\n .resolverEndpointId(foo.id())\n .targetIps(ResolverRuleTargetIpArgs.builder()\n .ip(\"123.45.67.89\")\n .build())\n .tags(Map.of(\"Environment\", \"Prod\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fwd:\n type: aws:route53:ResolverRule\n properties:\n domainName: example.com\n name: example\n ruleType: FORWARD\n resolverEndpointId: ${foo.id}\n targetIps:\n - ip: 123.45.67.89\n tags:\n Environment: Prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Resolver rules using the `id`. For example:\n\n```sh\n$ pulumi import aws:route53/resolverRule:ResolverRule sys rslvr-rr-0123456789abcdef0\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the resolver rule.\n" }, "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n" }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "ownerId": { "type": "string", "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "shareStatus": { "type": "string", "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "required": [ "arn", "domainName", "name", "ownerId", "ruleType", "shareStatus", "tagsAll" ], "inputProperties": { "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "requiredInputs": [ "domainName", "ruleType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN (Amazon Resource Name) for the resolver rule.\n" }, "domainName": { "type": "string", "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified using `target_ip`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.\n" }, "ownerId": { "type": "string", "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using `target_ip`.\nThis argument should only be specified for `FORWARD` type rules.\n" }, "ruleType": { "type": "string", "description": "The rule type. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n", "willReplaceOnChanges": true }, "shareStatus": { "type": "string", "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetIps": { "type": "array", "items": { "$ref": "#/types/aws:route53/ResolverRuleTargetIp:ResolverRuleTargetIp" }, "description": "Configuration block(s) indicating the IPs that you want Resolver to forward DNS queries to (documented below).\nThis argument should only be specified for `FORWARD` type rules.\n" } }, "type": "object" } }, "aws:route53/resolverRuleAssociation:ResolverRuleAssociation": { "description": "Provides a Route53 Resolver rule association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.ResolverRuleAssociation(\"example\", {\n resolverRuleId: sys.id,\n vpcId: foo.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.ResolverRuleAssociation(\"example\",\n resolver_rule_id=sys[\"id\"],\n vpc_id=foo[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.ResolverRuleAssociation(\"example\", new()\n {\n ResolverRuleId = sys.Id,\n VpcId = foo.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewResolverRuleAssociation(ctx, \"example\", \u0026route53.ResolverRuleAssociationArgs{\n\t\t\tResolverRuleId: pulumi.Any(sys.Id),\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.ResolverRuleAssociation;\nimport com.pulumi.aws.route53.ResolverRuleAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResolverRuleAssociation(\"example\", ResolverRuleAssociationArgs.builder()\n .resolverRuleId(sys.id())\n .vpcId(foo.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:ResolverRuleAssociation\n properties:\n resolverRuleId: ${sys.id}\n vpcId: ${foo.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Resolver rule associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:route53/resolverRuleAssociation:ResolverRuleAssociation example rslvr-rrassoc-97242eaf88example\n```\n", "properties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n" }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n" }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n" } }, "required": [ "name", "resolverRuleId", "vpcId" ], "inputProperties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n", "willReplaceOnChanges": true }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resolverRuleId", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResolverRuleAssociation resources.\n", "properties": { "name": { "type": "string", "description": "A name for the association that you're creating between a resolver rule and a VPC.\n", "willReplaceOnChanges": true }, "resolverRuleId": { "type": "string", "description": "The ID of the resolver rule that you want to associate with the VPC.\n", "willReplaceOnChanges": true }, "vpcId": { "type": "string", "description": "The ID of the VPC that you want to associate the resolver rule with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/trafficPolicy:TrafficPolicy": { "description": "Manages a Route53 Traffic Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53.TrafficPolicy(\"example\", {\n name: \"example\",\n comment: \"example comment\",\n document: `{\n \"AWSPolicyFormatVersion\": \"2015-10-01\",\n \"RecordType\": \"A\",\n \"Endpoints\": {\n \"endpoint-start-NkPh\": {\n \"Type\": \"value\",\n \"Value\": \"10.0.0.2\"\n }\n },\n \"StartEndpoint\": \"endpoint-start-NkPh\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.TrafficPolicy(\"example\",\n name=\"example\",\n comment=\"example comment\",\n document=\"\"\"{\n \"AWSPolicyFormatVersion\": \"2015-10-01\",\n \"RecordType\": \"A\",\n \"Endpoints\": {\n \"endpoint-start-NkPh\": {\n \"Type\": \"value\",\n \"Value\": \"10.0.0.2\"\n }\n },\n \"StartEndpoint\": \"endpoint-start-NkPh\"\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53.TrafficPolicy(\"example\", new()\n {\n Name = \"example\",\n Comment = \"example comment\",\n Document = @\"{\n \"\"AWSPolicyFormatVersion\"\": \"\"2015-10-01\"\",\n \"\"RecordType\"\": \"\"A\"\",\n \"\"Endpoints\"\": {\n \"\"endpoint-start-NkPh\"\": {\n \"\"Type\"\": \"\"value\"\",\n \"\"Value\"\": \"\"10.0.0.2\"\"\n }\n },\n \"\"StartEndpoint\"\": \"\"endpoint-start-NkPh\"\"\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewTrafficPolicy(ctx, \"example\", \u0026route53.TrafficPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tComment: pulumi.String(\"example comment\"),\n\t\t\tDocument: pulumi.String(`{\n \"AWSPolicyFormatVersion\": \"2015-10-01\",\n \"RecordType\": \"A\",\n \"Endpoints\": {\n \"endpoint-start-NkPh\": {\n \"Type\": \"value\",\n \"Value\": \"10.0.0.2\"\n }\n },\n \"StartEndpoint\": \"endpoint-start-NkPh\"\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.TrafficPolicy;\nimport com.pulumi.aws.route53.TrafficPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TrafficPolicy(\"example\", TrafficPolicyArgs.builder()\n .name(\"example\")\n .comment(\"example comment\")\n .document(\"\"\"\n{\n \"AWSPolicyFormatVersion\": \"2015-10-01\",\n \"RecordType\": \"A\",\n \"Endpoints\": {\n \"endpoint-start-NkPh\": {\n \"Type\": \"value\",\n \"Value\": \"10.0.0.2\"\n }\n },\n \"StartEndpoint\": \"endpoint-start-NkPh\"\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:TrafficPolicy\n properties:\n name: example\n comment: example comment\n document: |\n {\n \"AWSPolicyFormatVersion\": \"2015-10-01\",\n \"RecordType\": \"A\",\n \"Endpoints\": {\n \"endpoint-start-NkPh\": {\n \"Type\": \"value\",\n \"Value\": \"10.0.0.2\"\n }\n },\n \"StartEndpoint\": \"endpoint-start-NkPh\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Traffic Policy using the `id` and `version`. For example:\n\n```sh\n$ pulumi import aws:route53/trafficPolicy:TrafficPolicy example 01a52019-d16f-422a-ae72-c306d2b6df7e/1\n```\n", "properties": { "comment": { "type": "string", "description": "Comment for the traffic policy.\n" }, "document": { "type": "string", "description": "Policy document. This is a JSON formatted string. For more information about building Route53 traffic policy documents, see the [AWS Route53 Traffic Policy document format](https://docs.aws.amazon.com/Route53/latest/APIReference/api-policies-traffic-policy-document-format.html)\n\nThe following arguments are optional:\n" }, "name": { "type": "string", "description": "Name of the traffic policy.\n" }, "type": { "type": "string", "description": "DNS type of the resource record sets that Amazon Route 53 creates when you use a traffic policy to create a traffic policy instance.\n" }, "version": { "type": "integer", "description": "Version number of the traffic policy. This value is automatically incremented by AWS after each update of this resource.\n" } }, "required": [ "document", "name", "type", "version" ], "inputProperties": { "comment": { "type": "string", "description": "Comment for the traffic policy.\n" }, "document": { "type": "string", "description": "Policy document. This is a JSON formatted string. For more information about building Route53 traffic policy documents, see the [AWS Route53 Traffic Policy document format](https://docs.aws.amazon.com/Route53/latest/APIReference/api-policies-traffic-policy-document-format.html)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the traffic policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "document" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficPolicy resources.\n", "properties": { "comment": { "type": "string", "description": "Comment for the traffic policy.\n" }, "document": { "type": "string", "description": "Policy document. This is a JSON formatted string. For more information about building Route53 traffic policy documents, see the [AWS Route53 Traffic Policy document format](https://docs.aws.amazon.com/Route53/latest/APIReference/api-policies-traffic-policy-document-format.html)\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the traffic policy.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "DNS type of the resource record sets that Amazon Route 53 creates when you use a traffic policy to create a traffic policy instance.\n" }, "version": { "type": "integer", "description": "Version number of the traffic policy. This value is automatically incremented by AWS after each update of this resource.\n" } }, "type": "object" } }, "aws:route53/trafficPolicyInstance:TrafficPolicyInstance": { "description": "Provides a Route53 traffic policy instance resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.route53.TrafficPolicyInstance(\"test\", {\n name: \"test.example.com\",\n trafficPolicyId: \"b3gb108f-ea6f-45a5-baab-9d112d8b4037\",\n trafficPolicyVersion: 1,\n hostedZoneId: \"Z033120931TAQO548OGJC\",\n ttl: 360,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.route53.TrafficPolicyInstance(\"test\",\n name=\"test.example.com\",\n traffic_policy_id=\"b3gb108f-ea6f-45a5-baab-9d112d8b4037\",\n traffic_policy_version=1,\n hosted_zone_id=\"Z033120931TAQO548OGJC\",\n ttl=360)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Route53.TrafficPolicyInstance(\"test\", new()\n {\n Name = \"test.example.com\",\n TrafficPolicyId = \"b3gb108f-ea6f-45a5-baab-9d112d8b4037\",\n TrafficPolicyVersion = 1,\n HostedZoneId = \"Z033120931TAQO548OGJC\",\n Ttl = 360,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewTrafficPolicyInstance(ctx, \"test\", \u0026route53.TrafficPolicyInstanceArgs{\n\t\t\tName: pulumi.String(\"test.example.com\"),\n\t\t\tTrafficPolicyId: pulumi.String(\"b3gb108f-ea6f-45a5-baab-9d112d8b4037\"),\n\t\t\tTrafficPolicyVersion: pulumi.Int(1),\n\t\t\tHostedZoneId: pulumi.String(\"Z033120931TAQO548OGJC\"),\n\t\t\tTtl: pulumi.Int(360),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.TrafficPolicyInstance;\nimport com.pulumi.aws.route53.TrafficPolicyInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TrafficPolicyInstance(\"test\", TrafficPolicyInstanceArgs.builder()\n .name(\"test.example.com\")\n .trafficPolicyId(\"b3gb108f-ea6f-45a5-baab-9d112d8b4037\")\n .trafficPolicyVersion(1)\n .hostedZoneId(\"Z033120931TAQO548OGJC\")\n .ttl(360)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:route53:TrafficPolicyInstance\n properties:\n name: test.example.com\n trafficPolicyId: b3gb108f-ea6f-45a5-baab-9d112d8b4037\n trafficPolicyVersion: 1\n hostedZoneId: Z033120931TAQO548OGJC\n ttl: 360\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 traffic policy instance using its id. For example:\n\n```sh\n$ pulumi import aws:route53/trafficPolicyInstance:TrafficPolicyInstance test df579d9a-6396-410e-ac22-e7ad60cf9e7e\n```\n", "properties": { "hostedZoneId": { "type": "string", "description": "ID of the hosted zone that you want Amazon Route 53 to create resource record sets in by using the configuration in a traffic policy.\n" }, "name": { "type": "string", "description": "Domain name for which Amazon Route 53 responds to DNS queries by using the resource record sets that Route 53 creates for this traffic policy instance.\n" }, "trafficPolicyId": { "type": "string", "description": "ID of the traffic policy that you want to use to create resource record sets in the specified hosted zone.\n" }, "trafficPolicyVersion": { "type": "integer", "description": "Version of the traffic policy\n" }, "ttl": { "type": "integer", "description": "TTL that you want Amazon Route 53 to assign to all the resource record sets that it creates in the specified hosted zone.\n" } }, "required": [ "hostedZoneId", "name", "trafficPolicyId", "trafficPolicyVersion", "ttl" ], "inputProperties": { "hostedZoneId": { "type": "string", "description": "ID of the hosted zone that you want Amazon Route 53 to create resource record sets in by using the configuration in a traffic policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Domain name for which Amazon Route 53 responds to DNS queries by using the resource record sets that Route 53 creates for this traffic policy instance.\n", "willReplaceOnChanges": true }, "trafficPolicyId": { "type": "string", "description": "ID of the traffic policy that you want to use to create resource record sets in the specified hosted zone.\n" }, "trafficPolicyVersion": { "type": "integer", "description": "Version of the traffic policy\n" }, "ttl": { "type": "integer", "description": "TTL that you want Amazon Route 53 to assign to all the resource record sets that it creates in the specified hosted zone.\n" } }, "requiredInputs": [ "hostedZoneId", "trafficPolicyId", "trafficPolicyVersion", "ttl" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrafficPolicyInstance resources.\n", "properties": { "hostedZoneId": { "type": "string", "description": "ID of the hosted zone that you want Amazon Route 53 to create resource record sets in by using the configuration in a traffic policy.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Domain name for which Amazon Route 53 responds to DNS queries by using the resource record sets that Route 53 creates for this traffic policy instance.\n", "willReplaceOnChanges": true }, "trafficPolicyId": { "type": "string", "description": "ID of the traffic policy that you want to use to create resource record sets in the specified hosted zone.\n" }, "trafficPolicyVersion": { "type": "integer", "description": "Version of the traffic policy\n" }, "ttl": { "type": "integer", "description": "TTL that you want Amazon Route 53 to assign to all the resource record sets that it creates in the specified hosted zone.\n" } }, "type": "object" } }, "aws:route53/vpcAssociationAuthorization:VpcAssociationAuthorization": { "description": "Authorizes a VPC in a different account to be associated with a local Route53 Hosted Zone.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.6.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {\n name: \"example.com\",\n vpcs: [{\n vpcId: example.id,\n }],\n});\nconst alternate = new aws.ec2.Vpc(\"alternate\", {\n cidrBlock: \"10.7.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n});\nconst exampleVpcAssociationAuthorization = new aws.route53.VpcAssociationAuthorization(\"example\", {\n vpcId: alternate.id,\n zoneId: exampleZone.id,\n});\nconst exampleZoneAssociation = new aws.route53.ZoneAssociation(\"example\", {\n vpcId: exampleVpcAssociationAuthorization.vpcId,\n zoneId: exampleVpcAssociationAuthorization.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.6.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\nexample_zone = aws.route53.Zone(\"example\",\n name=\"example.com\",\n vpcs=[{\n \"vpc_id\": example.id,\n }])\nalternate = aws.ec2.Vpc(\"alternate\",\n cidr_block=\"10.7.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\nexample_vpc_association_authorization = aws.route53.VpcAssociationAuthorization(\"example\",\n vpc_id=alternate.id,\n zone_id=example_zone.id)\nexample_zone_association = aws.route53.ZoneAssociation(\"example\",\n vpc_id=example_vpc_association_authorization.vpc_id,\n zone_id=example_vpc_association_authorization.zone_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.6.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n Vpcs = new[]\n {\n new Aws.Route53.Inputs.ZoneVpcArgs\n {\n VpcId = example.Id,\n },\n },\n });\n\n var alternate = new Aws.Ec2.Vpc(\"alternate\", new()\n {\n CidrBlock = \"10.7.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n\n var exampleVpcAssociationAuthorization = new Aws.Route53.VpcAssociationAuthorization(\"example\", new()\n {\n VpcId = alternate.Id,\n ZoneId = exampleZone.Id,\n });\n\n var exampleZoneAssociation = new Aws.Route53.ZoneAssociation(\"example\", new()\n {\n VpcId = exampleVpcAssociationAuthorization.VpcId,\n ZoneId = exampleVpcAssociationAuthorization.ZoneId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.6.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleZone, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tVpcs: route53.ZoneVpcArray{\n\t\t\t\t\u0026route53.ZoneVpcArgs{\n\t\t\t\t\tVpcId: example.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\talternate, err := ec2.NewVpc(ctx, \"alternate\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.7.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcAssociationAuthorization, err := route53.NewVpcAssociationAuthorization(ctx, \"example\", \u0026route53.VpcAssociationAuthorizationArgs{\n\t\t\tVpcId: alternate.ID(),\n\t\t\tZoneId: exampleZone.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZoneAssociation(ctx, \"example\", \u0026route53.ZoneAssociationArgs{\n\t\t\tVpcId: exampleVpcAssociationAuthorization.VpcId,\n\t\t\tZoneId: exampleVpcAssociationAuthorization.ZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.inputs.ZoneVpcArgs;\nimport com.pulumi.aws.route53.VpcAssociationAuthorization;\nimport com.pulumi.aws.route53.VpcAssociationAuthorizationArgs;\nimport com.pulumi.aws.route53.ZoneAssociation;\nimport com.pulumi.aws.route53.ZoneAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.6.0.0/16\")\n .enableDnsHostnames(true)\n .enableDnsSupport(true)\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder()\n .name(\"example.com\")\n .vpcs(ZoneVpcArgs.builder()\n .vpcId(example.id())\n .build())\n .build());\n\n var alternate = new Vpc(\"alternate\", VpcArgs.builder()\n .cidrBlock(\"10.7.0.0/16\")\n .enableDnsHostnames(true)\n .enableDnsSupport(true)\n .build());\n\n var exampleVpcAssociationAuthorization = new VpcAssociationAuthorization(\"exampleVpcAssociationAuthorization\", VpcAssociationAuthorizationArgs.builder()\n .vpcId(alternate.id())\n .zoneId(exampleZone.id())\n .build());\n\n var exampleZoneAssociation = new ZoneAssociation(\"exampleZoneAssociation\", ZoneAssociationArgs.builder()\n .vpcId(exampleVpcAssociationAuthorization.vpcId())\n .zoneId(exampleVpcAssociationAuthorization.zoneId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.6.0.0/16\n enableDnsHostnames: true\n enableDnsSupport: true\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n vpcs:\n - vpcId: ${example.id}\n alternate:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.7.0.0/16\n enableDnsHostnames: true\n enableDnsSupport: true\n exampleVpcAssociationAuthorization:\n type: aws:route53:VpcAssociationAuthorization\n name: example\n properties:\n vpcId: ${alternate.id}\n zoneId: ${exampleZone.id}\n exampleZoneAssociation:\n type: aws:route53:ZoneAssociation\n name: example\n properties:\n vpcId: ${exampleVpcAssociationAuthorization.vpcId}\n zoneId: ${exampleVpcAssociationAuthorization.zoneId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route 53 VPC Association Authorizations using the Hosted Zone ID and VPC ID, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:route53/vpcAssociationAuthorization:VpcAssociationAuthorization example Z123456ABCDEFG:vpc-12345678\n```\n", "properties": { "vpcId": { "type": "string", "description": "The VPC to authorize for association with the private hosted zone.\n" }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n" }, "zoneId": { "type": "string", "description": "The ID of the private hosted zone that you want to authorize associating a VPC with.\n" } }, "required": [ "vpcId", "vpcRegion", "zoneId" ], "inputProperties": { "vpcId": { "type": "string", "description": "The VPC to authorize for association with the private hosted zone.\n", "willReplaceOnChanges": true }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "The ID of the private hosted zone that you want to authorize associating a VPC with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering VpcAssociationAuthorization resources.\n", "properties": { "vpcId": { "type": "string", "description": "The VPC to authorize for association with the private hosted zone.\n", "willReplaceOnChanges": true }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "The ID of the private hosted zone that you want to authorize associating a VPC with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53/zone:Zone": { "description": "Manages a Route53 Hosted Zone. For managing Domain Name System Security Extensions (DNSSEC), see the `aws.route53.KeySigningKey` and `aws.route53.HostedZoneDnsSec` resources.\n\n## Example Usage\n\n### Public Zone\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.route53.Zone(\"primary\", {name: \"example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.route53.Zone(\"primary\", name=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Route53.Zone(\"primary\", new()\n {\n Name = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewZone(ctx, \"primary\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Zone(\"primary\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:route53:Zone\n properties:\n name: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public Subdomain Zone\n\nFor use in subdomains, note that you need to create a\n`aws.route53.Record` of type `NS` as well as the subdomain\nzone.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.route53.Zone(\"main\", {name: \"example.com\"});\nconst dev = new aws.route53.Zone(\"dev\", {\n name: \"dev.example.com\",\n tags: {\n Environment: \"dev\",\n },\n});\nconst dev_ns = new aws.route53.Record(\"dev-ns\", {\n zoneId: main.zoneId,\n name: \"dev.example.com\",\n type: aws.route53.RecordType.NS,\n ttl: 30,\n records: dev.nameServers,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.route53.Zone(\"main\", name=\"example.com\")\ndev = aws.route53.Zone(\"dev\",\n name=\"dev.example.com\",\n tags={\n \"Environment\": \"dev\",\n })\ndev_ns = aws.route53.Record(\"dev-ns\",\n zone_id=main.zone_id,\n name=\"dev.example.com\",\n type=aws.route53.RecordType.NS,\n ttl=30,\n records=dev.name_servers)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Route53.Zone(\"main\", new()\n {\n Name = \"example.com\",\n });\n\n var dev = new Aws.Route53.Zone(\"dev\", new()\n {\n Name = \"dev.example.com\",\n Tags = \n {\n { \"Environment\", \"dev\" },\n },\n });\n\n var dev_ns = new Aws.Route53.Record(\"dev-ns\", new()\n {\n ZoneId = main.ZoneId,\n Name = \"dev.example.com\",\n Type = Aws.Route53.RecordType.NS,\n Ttl = 30,\n Records = dev.NameServers,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := route53.NewZone(ctx, \"main\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdev, err := route53.NewZone(ctx, \"dev\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"dev.example.com\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"dev-ns\", \u0026route53.RecordArgs{\n\t\t\tZoneId: main.ZoneId,\n\t\t\tName: pulumi.String(\"dev.example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeNS),\n\t\t\tTtl: pulumi.Int(30),\n\t\t\tRecords: dev.NameServers,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Zone(\"main\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var dev = new Zone(\"dev\", ZoneArgs.builder()\n .name(\"dev.example.com\")\n .tags(Map.of(\"Environment\", \"dev\"))\n .build());\n\n var dev_ns = new Record(\"dev-ns\", RecordArgs.builder()\n .zoneId(main.zoneId())\n .name(\"dev.example.com\")\n .type(\"NS\")\n .ttl(\"30\")\n .records(dev.nameServers())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:route53:Zone\n properties:\n name: example.com\n dev:\n type: aws:route53:Zone\n properties:\n name: dev.example.com\n tags:\n Environment: dev\n dev-ns:\n type: aws:route53:Record\n properties:\n zoneId: ${main.zoneId}\n name: dev.example.com\n type: NS\n ttl: '30'\n records: ${dev.nameServers}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private Zone\n\n\u003e **NOTE:** This provider provides both exclusive VPC associations defined in-line in this resource via `vpc` configuration blocks and a separate `Zone VPC Association resource. At this time, you cannot use in-line VPC associations in conjunction with any `aws.route53.ZoneAssociation` resources with the same zone ID otherwise it will cause a perpetual difference in plan output. You can optionally use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to manage additional associations via the `aws.route53.ZoneAssociation` resource.\n\n\u003e **NOTE:** Private zones require at least one VPC association at all times.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _private = new aws.route53.Zone(\"private\", {\n name: \"example.com\",\n vpcs: [{\n vpcId: example.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprivate = aws.route53.Zone(\"private\",\n name=\"example.com\",\n vpcs=[{\n \"vpc_id\": example[\"id\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @private = new Aws.Route53.Zone(\"private\", new()\n {\n Name = \"example.com\",\n Vpcs = new[]\n {\n new Aws.Route53.Inputs.ZoneVpcArgs\n {\n VpcId = example.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.NewZone(ctx, \"private\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tVpcs: route53.ZoneVpcArray{\n\t\t\t\t\u0026route53.ZoneVpcArgs{\n\t\t\t\t\tVpcId: pulumi.Any(example.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.inputs.ZoneVpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var private_ = new Zone(\"private\", ZoneArgs.builder()\n .name(\"example.com\")\n .vpcs(ZoneVpcArgs.builder()\n .vpcId(example.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n private:\n type: aws:route53:Zone\n properties:\n name: example.com\n vpcs:\n - vpcId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Zones using the zone `id`. For example:\n\n```sh\n$ pulumi import aws:route53/zone:Zone myzone Z1D633PJN98FT9\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Hosted Zone.\n" }, "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n" }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers in associated (or default) delegation set.\nFind more about delegation sets in [AWS docs](https://docs.aws.amazon.com/Route53/latest/APIReference/actions-on-reusable-delegation-sets.html).\n" }, "primaryNameServer": { "type": "string", "description": "The Route 53 name server that created the SOA record.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" }, "zoneId": { "type": "string", "description": "The Hosted Zone ID. This can be referenced by zone records.\n" } }, "required": [ "arn", "comment", "name", "nameServers", "primaryNameServer", "tagsAll", "zoneId" ], "inputProperties": { "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Zone resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Hosted Zone.\n" }, "comment": { "type": "string", "description": "A comment for the hosted zone. Defaults to 'Managed by Pulumi'.\n", "default": "Managed by Pulumi" }, "delegationSetId": { "type": "string", "description": "The ID of the reusable delegation set whose NS records you want to assign to the hosted zone. Conflicts with `vpc` as delegation sets can only be used for public zones.\n", "willReplaceOnChanges": true }, "forceDestroy": { "type": "boolean", "description": "Whether to destroy all records (possibly managed outside of this provider) in the zone when destroying the zone.\n" }, "name": { "type": "string", "description": "This is the name of the hosted zone.\n", "willReplaceOnChanges": true }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers in associated (or default) delegation set.\nFind more about delegation sets in [AWS docs](https://docs.aws.amazon.com/Route53/latest/APIReference/actions-on-reusable-delegation-sets.html).\n" }, "primaryNameServer": { "type": "string", "description": "The Route 53 name server that created the SOA record.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the zone. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcs": { "type": "array", "items": { "$ref": "#/types/aws:route53/ZoneVpc:ZoneVpc" }, "description": "Configuration block(s) specifying VPC(s) to associate with a private hosted zone. Conflicts with the `delegation_set_id` argument in this resource and any `aws.route53.ZoneAssociation` resource specifying the same zone ID. Detailed below.\n" }, "zoneId": { "type": "string", "description": "The Hosted Zone ID. This can be referenced by zone records.\n" } }, "type": "object" } }, "aws:route53/zoneAssociation:ZoneAssociation": { "description": "Manages a Route53 Hosted Zone VPC association. VPC associations can only be made on private zones. See the `aws.route53.VpcAssociationAuthorization` resource for setting up cross-account associations.\n\n\u003e **NOTE:** Unless explicit association ordering is required (e.g., a separate cross-account association authorization), usage of this resource is not recommended. Use the `vpc` configuration blocks available within the `aws.route53.Zone` resource instead.\n\n\u003e **NOTE:** This provider provides both this standalone Zone VPC Association resource and exclusive VPC associations defined in-line in the `aws.route53.Zone` resource via `vpc` configuration blocks. At this time, you cannot use those in-line VPC associations in conjunction with this resource and the same zone ID otherwise it will cause a perpetual difference in plan output. You can optionally use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) in the `aws.route53.Zone` resource to manage additional associations via this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.ec2.Vpc(\"primary\", {\n cidrBlock: \"10.6.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n});\nconst secondary = new aws.ec2.Vpc(\"secondary\", {\n cidrBlock: \"10.7.0.0/16\",\n enableDnsHostnames: true,\n enableDnsSupport: true,\n});\nconst example = new aws.route53.Zone(\"example\", {\n name: \"example.com\",\n vpcs: [{\n vpcId: primary.id,\n }],\n});\nconst secondaryZoneAssociation = new aws.route53.ZoneAssociation(\"secondary\", {\n zoneId: example.zoneId,\n vpcId: secondary.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.ec2.Vpc(\"primary\",\n cidr_block=\"10.6.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\nsecondary = aws.ec2.Vpc(\"secondary\",\n cidr_block=\"10.7.0.0/16\",\n enable_dns_hostnames=True,\n enable_dns_support=True)\nexample = aws.route53.Zone(\"example\",\n name=\"example.com\",\n vpcs=[{\n \"vpc_id\": primary.id,\n }])\nsecondary_zone_association = aws.route53.ZoneAssociation(\"secondary\",\n zone_id=example.zone_id,\n vpc_id=secondary.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Ec2.Vpc(\"primary\", new()\n {\n CidrBlock = \"10.6.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n\n var secondary = new Aws.Ec2.Vpc(\"secondary\", new()\n {\n CidrBlock = \"10.7.0.0/16\",\n EnableDnsHostnames = true,\n EnableDnsSupport = true,\n });\n\n var example = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n Vpcs = new[]\n {\n new Aws.Route53.Inputs.ZoneVpcArgs\n {\n VpcId = primary.Id,\n },\n },\n });\n\n var secondaryZoneAssociation = new Aws.Route53.ZoneAssociation(\"secondary\", new()\n {\n ZoneId = example.ZoneId,\n VpcId = secondary.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := ec2.NewVpc(ctx, \"primary\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.6.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := ec2.NewVpc(ctx, \"secondary\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.7.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tVpcs: route53.ZoneVpcArray{\n\t\t\t\t\u0026route53.ZoneVpcArgs{\n\t\t\t\t\tVpcId: primary.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZoneAssociation(ctx, \"secondary\", \u0026route53.ZoneAssociationArgs{\n\t\t\tZoneId: example.ZoneId,\n\t\t\tVpcId: secondary.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.inputs.ZoneVpcArgs;\nimport com.pulumi.aws.route53.ZoneAssociation;\nimport com.pulumi.aws.route53.ZoneAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Vpc(\"primary\", VpcArgs.builder()\n .cidrBlock(\"10.6.0.0/16\")\n .enableDnsHostnames(true)\n .enableDnsSupport(true)\n .build());\n\n var secondary = new Vpc(\"secondary\", VpcArgs.builder()\n .cidrBlock(\"10.7.0.0/16\")\n .enableDnsHostnames(true)\n .enableDnsSupport(true)\n .build());\n\n var example = new Zone(\"example\", ZoneArgs.builder()\n .name(\"example.com\")\n .vpcs(ZoneVpcArgs.builder()\n .vpcId(primary.id())\n .build())\n .build());\n\n var secondaryZoneAssociation = new ZoneAssociation(\"secondaryZoneAssociation\", ZoneAssociationArgs.builder()\n .zoneId(example.zoneId())\n .vpcId(secondary.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.6.0.0/16\n enableDnsHostnames: true\n enableDnsSupport: true\n secondary:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.7.0.0/16\n enableDnsHostnames: true\n enableDnsSupport: true\n example:\n type: aws:route53:Zone\n properties:\n name: example.com\n vpcs:\n - vpcId: ${primary.id}\n secondaryZoneAssociation:\n type: aws:route53:ZoneAssociation\n name: secondary\n properties:\n zoneId: ${example.zoneId}\n vpcId: ${secondary.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nThe VPC is _not_ in the same region where you have configured the AWS Provider:\n\n__Using `pulumi import` to import__ Route 53 Hosted Zone Associations using the Hosted Zone ID and VPC ID, separated by a colon (`:`). For example:\n\nThe VPC is in the same region where you have configured the AWS Provider:\n\n```sh\n$ pulumi import aws:route53/zoneAssociation:ZoneAssociation example Z123456ABCDEFG:vpc-12345678\n```\nThe VPC is _not_ in the same region where you have configured the AWS Provider:\n\n```sh\n$ pulumi import aws:route53/zoneAssociation:ZoneAssociation example Z123456ABCDEFG:vpc-12345678:us-east-2\n```\n", "properties": { "owningAccount": { "type": "string", "description": "The account ID of the account that created the hosted zone.\n" }, "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n" }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n" }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n" } }, "required": [ "owningAccount", "vpcId", "vpcRegion", "zoneId" ], "inputProperties": { "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n", "willReplaceOnChanges": true }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpcId", "zoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ZoneAssociation resources.\n", "properties": { "owningAccount": { "type": "string", "description": "The account ID of the account that created the hosted zone.\n" }, "vpcId": { "type": "string", "description": "The VPC to associate with the private hosted zone.\n", "willReplaceOnChanges": true }, "vpcRegion": { "type": "string", "description": "The VPC's region. Defaults to the region of the AWS provider.\n", "willReplaceOnChanges": true }, "zoneId": { "type": "string", "description": "The private hosted zone to associate.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:route53domains/delegationSignerRecord:DelegationSignerRecord": { "description": "Provides a resource to manage a [delegation signer record](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html#dns-configuring-dnssec-enable-signing-step-1) in the parent DNS zone for domains registered with Route53.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service\",\n Resource: \"*\",\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n ArnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n Action: \"kms:CreateGrant\",\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n Resource: \"*\",\n Condition: {\n Bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\nconst exampleDelegationSignerRecord = new aws.route53domains.DelegationSignerRecord(\"example\", {\n domainName: \"example.com\",\n signingAttributes: {\n algorithm: exampleKeySigningKey.signingAlgorithmType,\n flags: exampleKeySigningKey.flag,\n publicKey: exampleKeySigningKey.publicKey,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"Action\": \"kms:CreateGrant\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts = pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\nexample_delegation_signer_record = aws.route53domains.DelegationSignerRecord(\"example\",\n domain_name=\"example.com\",\n signing_attributes={\n \"algorithm\": example_key_signing_key.signing_algorithm_type,\n \"flags\": example_key_signing_key.flag,\n \"public_key\": example_key_signing_key.public_key,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"ArnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:CreateGrant\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey,\n },\n });\n\n var exampleDelegationSignerRecord = new Aws.Route53Domains.DelegationSignerRecord(\"example\", new()\n {\n DomainName = \"example.com\",\n SigningAttributes = new Aws.Route53Domains.Inputs.DelegationSignerRecordSigningAttributesArgs\n {\n Algorithm = exampleKeySigningKey.SigningAlgorithmType,\n Flags = exampleKeySigningKey.Flag,\n PublicKey = exampleKeySigningKey.PublicKey,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53domains\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"ArnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"Bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53domains.NewDelegationSignerRecord(ctx, \"example\", \u0026route53domains.DelegationSignerRecordArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tSigningAttributes: \u0026route53domains.DelegationSignerRecordSigningAttributesArgs{\n\t\t\t\tAlgorithm: exampleKeySigningKey.SigningAlgorithmType,\n\t\t\t\tFlags: exampleKeySigningKey.Flag,\n\t\t\t\tPublicKey: exampleKeySigningKey.PublicKey,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport com.pulumi.aws.route53domains.DelegationSignerRecord;\nimport com.pulumi.aws.route53domains.DelegationSignerRecordArgs;\nimport com.pulumi.aws.route53domains.inputs.DelegationSignerRecordSigningAttributesArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder()\n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"ArnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:CreateGrant\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"Bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder()\n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder()\n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder()\n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n var exampleDelegationSignerRecord = new DelegationSignerRecord(\"exampleDelegationSignerRecord\", DelegationSignerRecordArgs.builder()\n .domainName(\"example.com\")\n .signingAttributes(DelegationSignerRecordSigningAttributesArgs.builder()\n .algorithm(exampleKeySigningKey.signingAlgorithmType())\n .flags(exampleKeySigningKey.flag())\n .publicKey(exampleKeySigningKey.publicKey())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service\n Resource: '*'\n Condition:\n StringEquals:\n aws:SourceAccount: ${current.accountId}\n ArnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - Action: kms:CreateGrant\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service to CreateGrant\n Resource: '*'\n Condition:\n Bool:\n kms:GrantIsForAWSResource: 'true'\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\n exampleDelegationSignerRecord:\n type: aws:route53domains:DelegationSignerRecord\n name: example\n properties:\n domainName: example.com\n signingAttributes:\n algorithm: ${exampleKeySigningKey.signingAlgorithmType}\n flags: ${exampleKeySigningKey.flag}\n publicKey: ${exampleKeySigningKey.publicKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import delegation signer records using the domain name and DNSSEC key ID, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53domains/delegationSignerRecord:DelegationSignerRecord example example.com,40DE3534F5324DBDAC598ACEDB5B1E26A5368732D9C791D1347E4FBDDF6FC343\n```\n", "properties": { "dnssecKeyId": { "type": "string", "description": "An ID assigned to the created DS record.\n" }, "domainName": { "type": "string", "description": "The name of the domain that will have its parent DNS zone updated with the Delegation Signer record.\n" }, "signingAttributes": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordSigningAttributes:DelegationSignerRecordSigningAttributes", "description": "The information about a key, including the algorithm, public key-value, and flags.\n" }, "timeouts": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordTimeouts:DelegationSignerRecordTimeouts" } }, "required": [ "dnssecKeyId", "domainName" ], "inputProperties": { "domainName": { "type": "string", "description": "The name of the domain that will have its parent DNS zone updated with the Delegation Signer record.\n" }, "signingAttributes": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordSigningAttributes:DelegationSignerRecordSigningAttributes", "description": "The information about a key, including the algorithm, public key-value, and flags.\n" }, "timeouts": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordTimeouts:DelegationSignerRecordTimeouts" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DelegationSignerRecord resources.\n", "properties": { "dnssecKeyId": { "type": "string", "description": "An ID assigned to the created DS record.\n" }, "domainName": { "type": "string", "description": "The name of the domain that will have its parent DNS zone updated with the Delegation Signer record.\n" }, "signingAttributes": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordSigningAttributes:DelegationSignerRecordSigningAttributes", "description": "The information about a key, including the algorithm, public key-value, and flags.\n" }, "timeouts": { "$ref": "#/types/aws:route53domains/DelegationSignerRecordTimeouts:DelegationSignerRecordTimeouts" } }, "type": "object" } }, "aws:route53domains/registeredDomain:RegisteredDomain": { "description": "Provides a resource to manage a domain that has been [registered](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/registrar-tld-list.html) and associated with the current AWS account.\n\n**This is an advanced resource** and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.\n\nThe `aws.route53domains.RegisteredDomain` resource behaves differently from normal resources in that if a domain has been registered, the provider does not _register_ this domain, but instead \"adopts\" it into management. A destroy does not delete the domain but does remove the resource from state.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53domains.RegisteredDomain(\"example\", {\n domainName: \"example.com\",\n nameServers: [\n {\n name: \"ns-195.awsdns-24.com\",\n },\n {\n name: \"ns-874.awsdns-45.net\",\n },\n ],\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53domains.RegisteredDomain(\"example\",\n domain_name=\"example.com\",\n name_servers=[\n {\n \"name\": \"ns-195.awsdns-24.com\",\n },\n {\n \"name\": \"ns-874.awsdns-45.net\",\n },\n ],\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53Domains.RegisteredDomain(\"example\", new()\n {\n DomainName = \"example.com\",\n NameServers = new[]\n {\n new Aws.Route53Domains.Inputs.RegisteredDomainNameServerArgs\n {\n Name = \"ns-195.awsdns-24.com\",\n },\n new Aws.Route53Domains.Inputs.RegisteredDomainNameServerArgs\n {\n Name = \"ns-874.awsdns-45.net\",\n },\n },\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53domains\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53domains.NewRegisteredDomain(ctx, \"example\", \u0026route53domains.RegisteredDomainArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tNameServers: route53domains.RegisteredDomainNameServerArray{\n\t\t\t\t\u0026route53domains.RegisteredDomainNameServerArgs{\n\t\t\t\t\tName: pulumi.String(\"ns-195.awsdns-24.com\"),\n\t\t\t\t},\n\t\t\t\t\u0026route53domains.RegisteredDomainNameServerArgs{\n\t\t\t\t\tName: pulumi.String(\"ns-874.awsdns-45.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53domains.RegisteredDomain;\nimport com.pulumi.aws.route53domains.RegisteredDomainArgs;\nimport com.pulumi.aws.route53domains.inputs.RegisteredDomainNameServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RegisteredDomain(\"example\", RegisteredDomainArgs.builder()\n .domainName(\"example.com\")\n .nameServers( \n RegisteredDomainNameServerArgs.builder()\n .name(\"ns-195.awsdns-24.com\")\n .build(),\n RegisteredDomainNameServerArgs.builder()\n .name(\"ns-874.awsdns-45.net\")\n .build())\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53domains:RegisteredDomain\n properties:\n domainName: example.com\n nameServers:\n - name: ns-195.awsdns-24.com\n - name: ns-874.awsdns-45.net\n tags:\n Environment: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import domains using the domain name. For example:\n\n```sh\n$ pulumi import aws:route53domains/registeredDomain:RegisteredDomain example example.com\n```\n", "properties": { "abuseContactEmail": { "type": "string", "description": "Email address to contact to report incorrect contact information for a domain, to report that the domain is being used to send spam, to report that someone is cybersquatting on a domain name, or report some other type of abuse.\n" }, "abuseContactPhone": { "type": "string", "description": "Phone number for reporting abuse.\n" }, "adminContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainAdminContact:RegisteredDomainAdminContact", "description": "Details about the domain administrative contact. See Contact Blocks for more details.\n" }, "adminPrivacy": { "type": "boolean", "description": "Whether domain administrative contact information is concealed from WHOIS queries. Default: `true`.\n" }, "autoRenew": { "type": "boolean", "description": "Whether the domain registration is set to renew automatically. Default: `true`.\n" }, "billingContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainBillingContact:RegisteredDomainBillingContact", "description": "Details about the domain billing contact. See Contact Blocks for more details.\n" }, "billingPrivacy": { "type": "boolean", "description": "Whether domain billing contact information is concealed from WHOIS queries. Default: `true`.\n" }, "creationDate": { "type": "string", "description": "The date when the domain was created as found in the response to a WHOIS query.\n" }, "domainName": { "type": "string", "description": "The name of the registered domain.\n" }, "expirationDate": { "type": "string", "description": "The date when the registration for the domain is set to expire.\n" }, "nameServers": { "type": "array", "items": { "$ref": "#/types/aws:route53domains/RegisteredDomainNameServer:RegisteredDomainNameServer" }, "description": "The list of nameservers for the domain. See `name_server` Blocks for more details.\n" }, "registrantContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainRegistrantContact:RegisteredDomainRegistrantContact", "description": "Details about the domain registrant. See Contact Blocks for more details.\n" }, "registrantPrivacy": { "type": "boolean", "description": "Whether domain registrant contact information is concealed from WHOIS queries. Default: `true`.\n" }, "registrarName": { "type": "string", "description": "Name of the registrar of the domain as identified in the registry.\n" }, "registrarUrl": { "type": "string", "description": "Web address of the registrar.\n" }, "reseller": { "type": "string", "description": "Reseller of the domain.\n" }, "statusLists": { "type": "array", "items": { "type": "string" }, "description": "List of [domain name status codes](https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "techContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainTechContact:RegisteredDomainTechContact", "description": "Details about the domain technical contact. See Contact Blocks for more details.\n" }, "techPrivacy": { "type": "boolean", "description": "Whether domain technical contact information is concealed from WHOIS queries. Default: `true`.\n" }, "transferLock": { "type": "boolean", "description": "Whether the domain is locked for transfer. Default: `true`.\n" }, "updatedDate": { "type": "string", "description": "The last updated date of the domain as found in the response to a WHOIS query.\n" }, "whoisServer": { "type": "string", "description": "The fully qualified name of the WHOIS server that can answer the WHOIS query for the domain.\n" } }, "required": [ "abuseContactEmail", "abuseContactPhone", "adminContact", "billingContact", "creationDate", "domainName", "expirationDate", "nameServers", "registrantContact", "registrarName", "registrarUrl", "reseller", "statusLists", "tagsAll", "techContact", "updatedDate", "whoisServer" ], "inputProperties": { "adminContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainAdminContact:RegisteredDomainAdminContact", "description": "Details about the domain administrative contact. See Contact Blocks for more details.\n" }, "adminPrivacy": { "type": "boolean", "description": "Whether domain administrative contact information is concealed from WHOIS queries. Default: `true`.\n" }, "autoRenew": { "type": "boolean", "description": "Whether the domain registration is set to renew automatically. Default: `true`.\n" }, "billingContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainBillingContact:RegisteredDomainBillingContact", "description": "Details about the domain billing contact. See Contact Blocks for more details.\n" }, "billingPrivacy": { "type": "boolean", "description": "Whether domain billing contact information is concealed from WHOIS queries. Default: `true`.\n" }, "domainName": { "type": "string", "description": "The name of the registered domain.\n" }, "nameServers": { "type": "array", "items": { "$ref": "#/types/aws:route53domains/RegisteredDomainNameServer:RegisteredDomainNameServer" }, "description": "The list of nameservers for the domain. See `name_server` Blocks for more details.\n" }, "registrantContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainRegistrantContact:RegisteredDomainRegistrantContact", "description": "Details about the domain registrant. See Contact Blocks for more details.\n" }, "registrantPrivacy": { "type": "boolean", "description": "Whether domain registrant contact information is concealed from WHOIS queries. Default: `true`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "techContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainTechContact:RegisteredDomainTechContact", "description": "Details about the domain technical contact. See Contact Blocks for more details.\n" }, "techPrivacy": { "type": "boolean", "description": "Whether domain technical contact information is concealed from WHOIS queries. Default: `true`.\n" }, "transferLock": { "type": "boolean", "description": "Whether the domain is locked for transfer. Default: `true`.\n" } }, "requiredInputs": [ "domainName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegisteredDomain resources.\n", "properties": { "abuseContactEmail": { "type": "string", "description": "Email address to contact to report incorrect contact information for a domain, to report that the domain is being used to send spam, to report that someone is cybersquatting on a domain name, or report some other type of abuse.\n" }, "abuseContactPhone": { "type": "string", "description": "Phone number for reporting abuse.\n" }, "adminContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainAdminContact:RegisteredDomainAdminContact", "description": "Details about the domain administrative contact. See Contact Blocks for more details.\n" }, "adminPrivacy": { "type": "boolean", "description": "Whether domain administrative contact information is concealed from WHOIS queries. Default: `true`.\n" }, "autoRenew": { "type": "boolean", "description": "Whether the domain registration is set to renew automatically. Default: `true`.\n" }, "billingContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainBillingContact:RegisteredDomainBillingContact", "description": "Details about the domain billing contact. See Contact Blocks for more details.\n" }, "billingPrivacy": { "type": "boolean", "description": "Whether domain billing contact information is concealed from WHOIS queries. Default: `true`.\n" }, "creationDate": { "type": "string", "description": "The date when the domain was created as found in the response to a WHOIS query.\n" }, "domainName": { "type": "string", "description": "The name of the registered domain.\n" }, "expirationDate": { "type": "string", "description": "The date when the registration for the domain is set to expire.\n" }, "nameServers": { "type": "array", "items": { "$ref": "#/types/aws:route53domains/RegisteredDomainNameServer:RegisteredDomainNameServer" }, "description": "The list of nameservers for the domain. See `name_server` Blocks for more details.\n" }, "registrantContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainRegistrantContact:RegisteredDomainRegistrantContact", "description": "Details about the domain registrant. See Contact Blocks for more details.\n" }, "registrantPrivacy": { "type": "boolean", "description": "Whether domain registrant contact information is concealed from WHOIS queries. Default: `true`.\n" }, "registrarName": { "type": "string", "description": "Name of the registrar of the domain as identified in the registry.\n" }, "registrarUrl": { "type": "string", "description": "Web address of the registrar.\n" }, "reseller": { "type": "string", "description": "Reseller of the domain.\n" }, "statusLists": { "type": "array", "items": { "type": "string" }, "description": "List of [domain name status codes](https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "techContact": { "$ref": "#/types/aws:route53domains/RegisteredDomainTechContact:RegisteredDomainTechContact", "description": "Details about the domain technical contact. See Contact Blocks for more details.\n" }, "techPrivacy": { "type": "boolean", "description": "Whether domain technical contact information is concealed from WHOIS queries. Default: `true`.\n" }, "transferLock": { "type": "boolean", "description": "Whether the domain is locked for transfer. Default: `true`.\n" }, "updatedDate": { "type": "string", "description": "The last updated date of the domain as found in the response to a WHOIS query.\n" }, "whoisServer": { "type": "string", "description": "The fully qualified name of the WHOIS server that can answer the WHOIS query for the domain.\n" } }, "type": "object" } }, "aws:route53recoverycontrol/cluster:Cluster": { "description": "Provides an AWS Route 53 Recovery Control Config Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.Cluster(\"example\", {name: \"georgefitzgerald\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.Cluster(\"example\", name=\"georgefitzgerald\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.Cluster(\"example\", new()\n {\n Name = \"georgefitzgerald\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewCluster(ctx, \"example\", \u0026route53recoverycontrol.ClusterArgs{\n\t\t\tName: pulumi.String(\"georgefitzgerald\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.Cluster;\nimport com.pulumi.aws.route53recoverycontrol.ClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder()\n .name(\"georgefitzgerald\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:Cluster\n properties:\n name: georgefitzgerald\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Control Config cluster using the cluster ARN. For example:\n\n```sh\n$ pulumi import aws:route53recoverycontrol/cluster:Cluster mycluster arn:aws:route53-recovery-control::313517334327:cluster/f9ae13be-a11e-4ec7-8522-94a70468e6ea\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the cluster\n" }, "clusterEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:route53recoverycontrol/ClusterClusterEndpoint:ClusterClusterEndpoint" }, "description": "List of 5 endpoints in 5 regions that can be used to talk to the cluster. See below.\n" }, "name": { "type": "string", "description": "Unique name describing the cluster.\n" }, "status": { "type": "string", "description": "Status of cluster. `PENDING` when it is being created, `PENDING_DELETION` when it is being deleted and `DEPLOYED` otherwise.\n" } }, "required": [ "arn", "clusterEndpoints", "name", "status" ], "inputProperties": { "name": { "type": "string", "description": "Unique name describing the cluster.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Cluster resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the cluster\n" }, "clusterEndpoints": { "type": "array", "items": { "$ref": "#/types/aws:route53recoverycontrol/ClusterClusterEndpoint:ClusterClusterEndpoint" }, "description": "List of 5 endpoints in 5 regions that can be used to talk to the cluster. See below.\n" }, "name": { "type": "string", "description": "Unique name describing the cluster.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of cluster. `PENDING` when it is being created, `PENDING_DELETION` when it is being deleted and `DEPLOYED` otherwise.\n" } }, "type": "object" } }, "aws:route53recoverycontrol/controlPanel:ControlPanel": { "description": "Provides an AWS Route 53 Recovery Control Config Control Panel.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.ControlPanel(\"example\", {\n name: \"balmorhea\",\n clusterArn: \"arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.ControlPanel(\"example\",\n name=\"balmorhea\",\n cluster_arn=\"arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.ControlPanel(\"example\", new()\n {\n Name = \"balmorhea\",\n ClusterArn = \"arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewControlPanel(ctx, \"example\", \u0026route53recoverycontrol.ControlPanelArgs{\n\t\t\tName: pulumi.String(\"balmorhea\"),\n\t\t\tClusterArn: pulumi.String(\"arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.ControlPanel;\nimport com.pulumi.aws.route53recoverycontrol.ControlPanelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ControlPanel(\"example\", ControlPanelArgs.builder()\n .name(\"balmorhea\")\n .clusterArn(\"arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:ControlPanel\n properties:\n name: balmorhea\n clusterArn: arn:aws:route53-recovery-control::123456789012:cluster/8d47920e-d789-437d-803a-2dcc4b204393\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Control Config Control Panel using the control panel arn. For example:\n\n```sh\n$ pulumi import aws:route53recoverycontrol/controlPanel:ControlPanel mypanel arn:aws:route53-recovery-control::313517334327:controlpanel/1bfba17df8684f5dab0467b71424f7e8\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the control panel.\n" }, "clusterArn": { "type": "string", "description": "ARN of the cluster in which this control panel will reside.\n" }, "defaultControlPanel": { "type": "boolean", "description": "Whether a control panel is default.\n" }, "name": { "type": "string", "description": "Name describing the control panel.\n" }, "routingControlCount": { "type": "integer", "description": "Number routing controls in a control panel.\n" }, "status": { "type": "string", "description": "Status of control panel: `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" } }, "required": [ "arn", "clusterArn", "defaultControlPanel", "name", "routingControlCount", "status" ], "inputProperties": { "clusterArn": { "type": "string", "description": "ARN of the cluster in which this control panel will reside.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name describing the control panel.\n" } }, "requiredInputs": [ "clusterArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ControlPanel resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the control panel.\n" }, "clusterArn": { "type": "string", "description": "ARN of the cluster in which this control panel will reside.\n", "willReplaceOnChanges": true }, "defaultControlPanel": { "type": "boolean", "description": "Whether a control panel is default.\n" }, "name": { "type": "string", "description": "Name describing the control panel.\n" }, "routingControlCount": { "type": "integer", "description": "Number routing controls in a control panel.\n" }, "status": { "type": "string", "description": "Status of control panel: `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" } }, "type": "object" } }, "aws:route53recoverycontrol/routingControl:RoutingControl": { "description": "Provides an AWS Route 53 Recovery Control Config Routing Control.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.RoutingControl(\"example\", {\n name: \"tinlicker\",\n clusterArn: \"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.RoutingControl(\"example\",\n name=\"tinlicker\",\n cluster_arn=\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.RoutingControl(\"example\", new()\n {\n Name = \"tinlicker\",\n ClusterArn = \"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewRoutingControl(ctx, \"example\", \u0026route53recoverycontrol.RoutingControlArgs{\n\t\t\tName: pulumi.String(\"tinlicker\"),\n\t\t\tClusterArn: pulumi.String(\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.RoutingControl;\nimport com.pulumi.aws.route53recoverycontrol.RoutingControlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RoutingControl(\"example\", RoutingControlArgs.builder()\n .name(\"tinlicker\")\n .clusterArn(\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:RoutingControl\n properties:\n name: tinlicker\n clusterArn: arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.RoutingControl(\"example\", {\n name: \"thomasoliver\",\n clusterArn: \"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n controlPanelArn: \"arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.RoutingControl(\"example\",\n name=\"thomasoliver\",\n cluster_arn=\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n control_panel_arn=\"arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.RoutingControl(\"example\", new()\n {\n Name = \"thomasoliver\",\n ClusterArn = \"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\",\n ControlPanelArn = \"arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewRoutingControl(ctx, \"example\", \u0026route53recoverycontrol.RoutingControlArgs{\n\t\t\tName: pulumi.String(\"thomasoliver\"),\n\t\t\tClusterArn: pulumi.String(\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\"),\n\t\t\tControlPanelArn: pulumi.String(\"arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.RoutingControl;\nimport com.pulumi.aws.route53recoverycontrol.RoutingControlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RoutingControl(\"example\", RoutingControlArgs.builder()\n .name(\"thomasoliver\")\n .clusterArn(\"arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\")\n .controlPanelArn(\"arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:RoutingControl\n properties:\n name: thomasoliver\n clusterArn: arn:aws:route53-recovery-control::881188118811:cluster/8d47920e-d789-437d-803a-2dcc4b204393\n controlPanelArn: arn:aws:route53-recovery-control::428113431245:controlpanel/abd5fbfc052d4844a082dbf400f61da8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Control Config Routing Control using the routing control arn. For example:\n\n```sh\n$ pulumi import aws:route53recoverycontrol/routingControl:RoutingControl mycontrol arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8/routingcontrol/d5d90e587870494b\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the routing control.\n" }, "clusterArn": { "type": "string", "description": "ARN of the cluster in which this routing control will reside.\n" }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this routing control will reside.\n" }, "name": { "type": "string", "description": "The name describing the routing control.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of routing control. `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" } }, "required": [ "arn", "clusterArn", "controlPanelArn", "name", "status" ], "inputProperties": { "clusterArn": { "type": "string", "description": "ARN of the cluster in which this routing control will reside.\n", "willReplaceOnChanges": true }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this routing control will reside.\n" }, "name": { "type": "string", "description": "The name describing the routing control.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "clusterArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering RoutingControl resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the routing control.\n" }, "clusterArn": { "type": "string", "description": "ARN of the cluster in which this routing control will reside.\n", "willReplaceOnChanges": true }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this routing control will reside.\n" }, "name": { "type": "string", "description": "The name describing the routing control.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of routing control. `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" } }, "type": "object" } }, "aws:route53recoverycontrol/safetyRule:SafetyRule": { "description": "Provides an AWS Route 53 Recovery Control Config Safety Rule\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.SafetyRule(\"example\", {\n assertedControls: [exampleAwsRoute53recoverycontrolconfigRoutingControl.arn],\n controlPanelArn: \"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n name: \"daisyguttridge\",\n waitPeriodMs: 5000,\n ruleConfig: {\n inverted: false,\n threshold: 1,\n type: \"ATLEAST\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.SafetyRule(\"example\",\n asserted_controls=[example_aws_route53recoverycontrolconfig_routing_control[\"arn\"]],\n control_panel_arn=\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n name=\"daisyguttridge\",\n wait_period_ms=5000,\n rule_config={\n \"inverted\": False,\n \"threshold\": 1,\n \"type\": \"ATLEAST\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.SafetyRule(\"example\", new()\n {\n AssertedControls = new[]\n {\n exampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n },\n ControlPanelArn = \"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n Name = \"daisyguttridge\",\n WaitPeriodMs = 5000,\n RuleConfig = new Aws.Route53RecoveryControl.Inputs.SafetyRuleRuleConfigArgs\n {\n Inverted = false,\n Threshold = 1,\n Type = \"ATLEAST\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewSafetyRule(ctx, \"example\", \u0026route53recoverycontrol.SafetyRuleArgs{\n\t\t\tAssertedControls: pulumi.StringArray{\n\t\t\t\texampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n\t\t\t},\n\t\t\tControlPanelArn: pulumi.String(\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\"),\n\t\t\tName: pulumi.String(\"daisyguttridge\"),\n\t\t\tWaitPeriodMs: pulumi.Int(5000),\n\t\t\tRuleConfig: \u0026route53recoverycontrol.SafetyRuleRuleConfigArgs{\n\t\t\t\tInverted: pulumi.Bool(false),\n\t\t\t\tThreshold: pulumi.Int(1),\n\t\t\t\tType: pulumi.String(\"ATLEAST\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.SafetyRule;\nimport com.pulumi.aws.route53recoverycontrol.SafetyRuleArgs;\nimport com.pulumi.aws.route53recoverycontrol.inputs.SafetyRuleRuleConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SafetyRule(\"example\", SafetyRuleArgs.builder()\n .assertedControls(exampleAwsRoute53recoverycontrolconfigRoutingControl.arn())\n .controlPanelArn(\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\")\n .name(\"daisyguttridge\")\n .waitPeriodMs(5000)\n .ruleConfig(SafetyRuleRuleConfigArgs.builder()\n .inverted(false)\n .threshold(1)\n .type(\"ATLEAST\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:SafetyRule\n properties:\n assertedControls:\n - ${exampleAwsRoute53recoverycontrolconfigRoutingControl.arn}\n controlPanelArn: arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\n name: daisyguttridge\n waitPeriodMs: 5000\n ruleConfig:\n inverted: false\n threshold: 1\n type: ATLEAST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoverycontrol.SafetyRule(\"example\", {\n name: \"i_o\",\n controlPanelArn: \"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n waitPeriodMs: 5000,\n gatingControls: [exampleAwsRoute53recoverycontrolconfigRoutingControl.arn],\n targetControls: [exampleAwsRoute53recoverycontrolconfigRoutingControl.arn],\n ruleConfig: {\n inverted: false,\n threshold: 1,\n type: \"ATLEAST\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoverycontrol.SafetyRule(\"example\",\n name=\"i_o\",\n control_panel_arn=\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n wait_period_ms=5000,\n gating_controls=[example_aws_route53recoverycontrolconfig_routing_control[\"arn\"]],\n target_controls=[example_aws_route53recoverycontrolconfig_routing_control[\"arn\"]],\n rule_config={\n \"inverted\": False,\n \"threshold\": 1,\n \"type\": \"ATLEAST\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryControl.SafetyRule(\"example\", new()\n {\n Name = \"i_o\",\n ControlPanelArn = \"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\",\n WaitPeriodMs = 5000,\n GatingControls = new[]\n {\n exampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n },\n TargetControls = new[]\n {\n exampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n },\n RuleConfig = new Aws.Route53RecoveryControl.Inputs.SafetyRuleRuleConfigArgs\n {\n Inverted = false,\n Threshold = 1,\n Type = \"ATLEAST\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoverycontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoverycontrol.NewSafetyRule(ctx, \"example\", \u0026route53recoverycontrol.SafetyRuleArgs{\n\t\t\tName: pulumi.String(\"i_o\"),\n\t\t\tControlPanelArn: pulumi.String(\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\"),\n\t\t\tWaitPeriodMs: pulumi.Int(5000),\n\t\t\tGatingControls: pulumi.StringArray{\n\t\t\t\texampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n\t\t\t},\n\t\t\tTargetControls: pulumi.StringArray{\n\t\t\t\texampleAwsRoute53recoverycontrolconfigRoutingControl.Arn,\n\t\t\t},\n\t\t\tRuleConfig: \u0026route53recoverycontrol.SafetyRuleRuleConfigArgs{\n\t\t\t\tInverted: pulumi.Bool(false),\n\t\t\t\tThreshold: pulumi.Int(1),\n\t\t\t\tType: pulumi.String(\"ATLEAST\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoverycontrol.SafetyRule;\nimport com.pulumi.aws.route53recoverycontrol.SafetyRuleArgs;\nimport com.pulumi.aws.route53recoverycontrol.inputs.SafetyRuleRuleConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SafetyRule(\"example\", SafetyRuleArgs.builder()\n .name(\"i_o\")\n .controlPanelArn(\"arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\")\n .waitPeriodMs(5000)\n .gatingControls(exampleAwsRoute53recoverycontrolconfigRoutingControl.arn())\n .targetControls(exampleAwsRoute53recoverycontrolconfigRoutingControl.arn())\n .ruleConfig(SafetyRuleRuleConfigArgs.builder()\n .inverted(false)\n .threshold(1)\n .type(\"ATLEAST\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoverycontrol:SafetyRule\n properties:\n name: i_o\n controlPanelArn: arn:aws:route53-recovery-control::313517334327:controlpanel/abd5fbfc052d4844a082dbf400f61da8\n waitPeriodMs: 5000\n gatingControls:\n - ${exampleAwsRoute53recoverycontrolconfigRoutingControl.arn}\n targetControls:\n - ${exampleAwsRoute53recoverycontrolconfigRoutingControl.arn}\n ruleConfig:\n inverted: false\n threshold: 1\n type: ATLEAST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Control Config Safety Rule using the safety rule ARN. For example:\n\n```sh\n$ pulumi import aws:route53recoverycontrol/safetyRule:SafetyRule myrule arn:aws:route53-recovery-control::313517334327:controlpanel/1bfba17df8684f5dab0467b71424f7e8/safetyrule/3bacc77003364c0f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the safety rule.\n" }, "assertedControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed.\n" }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this safety rule will reside.\n" }, "gatingControls": { "type": "array", "items": { "type": "string" }, "description": "Gating controls for the new gating rule. That is, routing controls that are evaluated by the rule configuration that you specify.\n" }, "name": { "type": "string", "description": "Name describing the safety rule.\n" }, "ruleConfig": { "$ref": "#/types/aws:route53recoverycontrol/SafetyRuleRuleConfig:SafetyRuleRuleConfig", "description": "Configuration block for safety rule criteria. See below.\n" }, "status": { "type": "string", "description": "Status of the safety rule. `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" }, "targetControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that can only be set or unset if the specified `rule_config` evaluates to true for the specified `gating_controls`.\n" }, "waitPeriodMs": { "type": "integer", "description": "Evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "controlPanelArn", "name", "ruleConfig", "status", "waitPeriodMs" ], "inputProperties": { "assertedControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed.\n", "willReplaceOnChanges": true }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this safety rule will reside.\n", "willReplaceOnChanges": true }, "gatingControls": { "type": "array", "items": { "type": "string" }, "description": "Gating controls for the new gating rule. That is, routing controls that are evaluated by the rule configuration that you specify.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name describing the safety rule.\n" }, "ruleConfig": { "$ref": "#/types/aws:route53recoverycontrol/SafetyRuleRuleConfig:SafetyRuleRuleConfig", "description": "Configuration block for safety rule criteria. See below.\n", "willReplaceOnChanges": true }, "targetControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that can only be set or unset if the specified `rule_config` evaluates to true for the specified `gating_controls`.\n", "willReplaceOnChanges": true }, "waitPeriodMs": { "type": "integer", "description": "Evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "controlPanelArn", "ruleConfig", "waitPeriodMs" ], "stateInputs": { "description": "Input properties used for looking up and filtering SafetyRule resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the safety rule.\n" }, "assertedControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed.\n", "willReplaceOnChanges": true }, "controlPanelArn": { "type": "string", "description": "ARN of the control panel in which this safety rule will reside.\n", "willReplaceOnChanges": true }, "gatingControls": { "type": "array", "items": { "type": "string" }, "description": "Gating controls for the new gating rule. That is, routing controls that are evaluated by the rule configuration that you specify.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name describing the safety rule.\n" }, "ruleConfig": { "$ref": "#/types/aws:route53recoverycontrol/SafetyRuleRuleConfig:SafetyRuleRuleConfig", "description": "Configuration block for safety rule criteria. See below.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the safety rule. `PENDING` when it is being created/updated, `PENDING_DELETION` when it is being deleted, and `DEPLOYED` otherwise.\n" }, "targetControls": { "type": "array", "items": { "type": "string" }, "description": "Routing controls that can only be set or unset if the specified `rule_config` evaluates to true for the specified `gating_controls`.\n", "willReplaceOnChanges": true }, "waitPeriodMs": { "type": "integer", "description": "Evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:route53recoveryreadiness/cell:Cell": { "description": "Provides an AWS Route 53 Recovery Readiness Cell.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoveryreadiness.Cell(\"example\", {cellName: \"us-west-2-failover-cell\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoveryreadiness.Cell(\"example\", cell_name=\"us-west-2-failover-cell\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryReadiness.Cell(\"example\", new()\n {\n CellName = \"us-west-2-failover-cell\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoveryreadiness\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoveryreadiness.NewCell(ctx, \"example\", \u0026route53recoveryreadiness.CellArgs{\n\t\t\tCellName: pulumi.String(\"us-west-2-failover-cell\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoveryreadiness.Cell;\nimport com.pulumi.aws.route53recoveryreadiness.CellArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cell(\"example\", CellArgs.builder()\n .cellName(\"us-west-2-failover-cell\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoveryreadiness:Cell\n properties:\n cellName: us-west-2-failover-cell\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Readiness cells using the cell name. For example:\n\n```sh\n$ pulumi import aws:route53recoveryreadiness/cell:Cell us-west-2-failover-cell us-west-2-failover-cell\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the cell\n" }, "cellName": { "type": "string", "description": "Unique name describing the cell.\n\nThe following arguments are optional:\n" }, "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this cell.\n" }, "parentReadinessScopes": { "type": "array", "items": { "type": "string" }, "description": "List of readiness scopes (recovery groups or cells) that contain this cell.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "cellName", "parentReadinessScopes", "tagsAll" ], "inputProperties": { "cellName": { "type": "string", "description": "Unique name describing the cell.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this cell.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "cellName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cell resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the cell\n" }, "cellName": { "type": "string", "description": "Unique name describing the cell.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this cell.\n" }, "parentReadinessScopes": { "type": "array", "items": { "type": "string" }, "description": "List of readiness scopes (recovery groups or cells) that contain this cell.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53recoveryreadiness/readinessCheck:ReadinessCheck": { "description": "Provides an AWS Route 53 Recovery Readiness Readiness Check.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoveryreadiness.ReadinessCheck(\"example\", {\n readinessCheckName: my_cw_alarm_check,\n resourceSetName: my_cw_alarm_set,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoveryreadiness.ReadinessCheck(\"example\",\n readiness_check_name=my_cw_alarm_check,\n resource_set_name=my_cw_alarm_set)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryReadiness.ReadinessCheck(\"example\", new()\n {\n ReadinessCheckName = my_cw_alarm_check,\n ResourceSetName = my_cw_alarm_set,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoveryreadiness\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoveryreadiness.NewReadinessCheck(ctx, \"example\", \u0026route53recoveryreadiness.ReadinessCheckArgs{\n\t\t\tReadinessCheckName: pulumi.Any(my_cw_alarm_check),\n\t\t\tResourceSetName: pulumi.Any(my_cw_alarm_set),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoveryreadiness.ReadinessCheck;\nimport com.pulumi.aws.route53recoveryreadiness.ReadinessCheckArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReadinessCheck(\"example\", ReadinessCheckArgs.builder()\n .readinessCheckName(my_cw_alarm_check)\n .resourceSetName(my_cw_alarm_set)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoveryreadiness:ReadinessCheck\n properties:\n readinessCheckName: ${[\"my-cw-alarm-check\"]}\n resourceSetName: ${[\"my-cw-alarm-set\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Readiness readiness checks using the readiness check name. For example:\n\n```sh\n$ pulumi import aws:route53recoveryreadiness/readinessCheck:ReadinessCheck my-cw-alarm-check example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the readiness_check\n" }, "readinessCheckName": { "type": "string", "description": "Unique name describing the readiness check.\n" }, "resourceSetName": { "type": "string", "description": "Name describing the resource set that will be monitored for readiness.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "readinessCheckName", "resourceSetName", "tagsAll" ], "inputProperties": { "readinessCheckName": { "type": "string", "description": "Unique name describing the readiness check.\n", "willReplaceOnChanges": true }, "resourceSetName": { "type": "string", "description": "Name describing the resource set that will be monitored for readiness.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "readinessCheckName", "resourceSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReadinessCheck resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the readiness_check\n" }, "readinessCheckName": { "type": "string", "description": "Unique name describing the readiness check.\n", "willReplaceOnChanges": true }, "resourceSetName": { "type": "string", "description": "Name describing the resource set that will be monitored for readiness.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53recoveryreadiness/recoveryGroup:RecoveryGroup": { "description": "Provides an AWS Route 53 Recovery Readiness Recovery Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoveryreadiness.RecoveryGroup(\"example\", {recoveryGroupName: \"my-high-availability-app\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoveryreadiness.RecoveryGroup(\"example\", recovery_group_name=\"my-high-availability-app\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryReadiness.RecoveryGroup(\"example\", new()\n {\n RecoveryGroupName = \"my-high-availability-app\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoveryreadiness\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoveryreadiness.NewRecoveryGroup(ctx, \"example\", \u0026route53recoveryreadiness.RecoveryGroupArgs{\n\t\t\tRecoveryGroupName: pulumi.String(\"my-high-availability-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoveryreadiness.RecoveryGroup;\nimport com.pulumi.aws.route53recoveryreadiness.RecoveryGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RecoveryGroup(\"example\", RecoveryGroupArgs.builder()\n .recoveryGroupName(\"my-high-availability-app\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoveryreadiness:RecoveryGroup\n properties:\n recoveryGroupName: my-high-availability-app\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Readiness recovery groups using the recovery group name. For example:\n\n```sh\n$ pulumi import aws:route53recoveryreadiness/recoveryGroup:RecoveryGroup my-high-availability-app my-high-availability-app\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the recovery group\n" }, "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this recovery group\n" }, "recoveryGroupName": { "type": "string", "description": "A unique name describing the recovery group.\n\nThe following argument are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "recoveryGroupName", "tagsAll" ], "inputProperties": { "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this recovery group\n" }, "recoveryGroupName": { "type": "string", "description": "A unique name describing the recovery group.\n\nThe following argument are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "recoveryGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RecoveryGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the recovery group\n" }, "cells": { "type": "array", "items": { "type": "string" }, "description": "List of cell arns to add as nested fault domains within this recovery group\n" }, "recoveryGroupName": { "type": "string", "description": "A unique name describing the recovery group.\n\nThe following argument are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:route53recoveryreadiness/resourceSet:ResourceSet": { "description": "Provides an AWS Route 53 Recovery Readiness Resource Set.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.route53recoveryreadiness.ResourceSet(\"example\", {\n resourceSetName: my_cw_alarm_set,\n resourceSetType: \"AWS::CloudWatch::Alarm\",\n resources: [{\n resourceArn: exampleAwsCloudwatchMetricAlarm.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53recoveryreadiness.ResourceSet(\"example\",\n resource_set_name=my_cw_alarm_set,\n resource_set_type=\"AWS::CloudWatch::Alarm\",\n resources=[{\n \"resource_arn\": example_aws_cloudwatch_metric_alarm[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Route53RecoveryReadiness.ResourceSet(\"example\", new()\n {\n ResourceSetName = my_cw_alarm_set,\n ResourceSetType = \"AWS::CloudWatch::Alarm\",\n Resources = new[]\n {\n new Aws.Route53RecoveryReadiness.Inputs.ResourceSetResourceArgs\n {\n ResourceArn = exampleAwsCloudwatchMetricAlarm.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53recoveryreadiness\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53recoveryreadiness.NewResourceSet(ctx, \"example\", \u0026route53recoveryreadiness.ResourceSetArgs{\n\t\t\tResourceSetName: pulumi.Any(my_cw_alarm_set),\n\t\t\tResourceSetType: pulumi.String(\"AWS::CloudWatch::Alarm\"),\n\t\t\tResources: route53recoveryreadiness.ResourceSetResourceArray{\n\t\t\t\t\u0026route53recoveryreadiness.ResourceSetResourceArgs{\n\t\t\t\t\tResourceArn: pulumi.Any(exampleAwsCloudwatchMetricAlarm.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53recoveryreadiness.ResourceSet;\nimport com.pulumi.aws.route53recoveryreadiness.ResourceSetArgs;\nimport com.pulumi.aws.route53recoveryreadiness.inputs.ResourceSetResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceSet(\"example\", ResourceSetArgs.builder()\n .resourceSetName(my_cw_alarm_set)\n .resourceSetType(\"AWS::CloudWatch::Alarm\")\n .resources(ResourceSetResourceArgs.builder()\n .resourceArn(exampleAwsCloudwatchMetricAlarm.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53recoveryreadiness:ResourceSet\n properties:\n resourceSetName: ${[\"my-cw-alarm-set\"]}\n resourceSetType: AWS::CloudWatch::Alarm\n resources:\n - resourceArn: ${exampleAwsCloudwatchMetricAlarm.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 Recovery Readiness resource set name using the resource set name. For example:\n\n```sh\n$ pulumi import aws:route53recoveryreadiness/resourceSet:ResourceSet my-cw-alarm-set example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the resource set\n* `resources.#.component_id` - Unique identified for DNS Target Resources, use for readiness checks.\n" }, "resourceSetName": { "type": "string", "description": "Unique name describing the resource set.\n" }, "resourceSetType": { "type": "string", "description": "Type of the resources in the resource set.\n" }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResource:ResourceSetResource" }, "description": "List of resources to add to this resource set. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "resourceSetName", "resourceSetType", "resources", "tagsAll" ], "inputProperties": { "resourceSetName": { "type": "string", "description": "Unique name describing the resource set.\n", "willReplaceOnChanges": true }, "resourceSetType": { "type": "string", "description": "Type of the resources in the resource set.\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResource:ResourceSetResource" }, "description": "List of resources to add to this resource set. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "resourceSetName", "resourceSetType", "resources" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceSet resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the resource set\n* `resources.#.component_id` - Unique identified for DNS Target Resources, use for readiness checks.\n" }, "resourceSetName": { "type": "string", "description": "Unique name describing the resource set.\n", "willReplaceOnChanges": true }, "resourceSetType": { "type": "string", "description": "Type of the resources in the resource set.\n", "willReplaceOnChanges": true }, "resources": { "type": "array", "items": { "$ref": "#/types/aws:route53recoveryreadiness/ResourceSetResource:ResourceSetResource" }, "description": "List of resources to add to this resource set. See below.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rum/appMonitor:AppMonitor": { "description": "Provides a CloudWatch RUM App Monitor resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rum.AppMonitor(\"example\", {\n name: \"example\",\n domain: \"localhost\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rum.AppMonitor(\"example\",\n name=\"example\",\n domain=\"localhost\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rum.AppMonitor(\"example\", new()\n {\n Name = \"example\",\n Domain = \"localhost\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rum\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rum.NewAppMonitor(ctx, \"example\", \u0026rum.AppMonitorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDomain: pulumi.String(\"localhost\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rum.AppMonitor;\nimport com.pulumi.aws.rum.AppMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppMonitor(\"example\", AppMonitorArgs.builder()\n .name(\"example\")\n .domain(\"localhost\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rum:AppMonitor\n properties:\n name: example\n domain: localhost\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudwatch RUM App Monitor using the `name`. For example:\n\n```sh\n$ pulumi import aws:rum/appMonitor:AppMonitor example example\n```\n", "properties": { "appMonitorConfiguration": { "$ref": "#/types/aws:rum/AppMonitorAppMonitorConfiguration:AppMonitorAppMonitorConfiguration", "description": "configuration data for the app monitor. See app_monitor_configuration below.\n" }, "appMonitorId": { "type": "string", "description": "The unique ID of the app monitor. Useful for JS templates.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the app monitor.\n" }, "customEvents": { "$ref": "#/types/aws:rum/AppMonitorCustomEvents:AppMonitorCustomEvents", "description": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED`. See custom_events below.\n" }, "cwLogEnabled": { "type": "boolean", "description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. Default value is `false`.\n" }, "cwLogGroup": { "type": "string", "description": "The name of the log group where the copies are stored.\n" }, "domain": { "type": "string", "description": "The top-level internet domain name for which your application has administrative authority.\n" }, "name": { "type": "string", "description": "The name of the log stream.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "appMonitorConfiguration", "appMonitorId", "arn", "customEvents", "cwLogGroup", "domain", "name", "tagsAll" ], "inputProperties": { "appMonitorConfiguration": { "$ref": "#/types/aws:rum/AppMonitorAppMonitorConfiguration:AppMonitorAppMonitorConfiguration", "description": "configuration data for the app monitor. See app_monitor_configuration below.\n" }, "customEvents": { "$ref": "#/types/aws:rum/AppMonitorCustomEvents:AppMonitorCustomEvents", "description": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED`. See custom_events below.\n" }, "cwLogEnabled": { "type": "boolean", "description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. Default value is `false`.\n" }, "domain": { "type": "string", "description": "The top-level internet domain name for which your application has administrative authority.\n" }, "name": { "type": "string", "description": "The name of the log stream.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppMonitor resources.\n", "properties": { "appMonitorConfiguration": { "$ref": "#/types/aws:rum/AppMonitorAppMonitorConfiguration:AppMonitorAppMonitorConfiguration", "description": "configuration data for the app monitor. See app_monitor_configuration below.\n" }, "appMonitorId": { "type": "string", "description": "The unique ID of the app monitor. Useful for JS templates.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) specifying the app monitor.\n" }, "customEvents": { "$ref": "#/types/aws:rum/AppMonitorCustomEvents:AppMonitorCustomEvents", "description": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED`. See custom_events below.\n" }, "cwLogEnabled": { "type": "boolean", "description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. Default value is `false`.\n" }, "cwLogGroup": { "type": "string", "description": "The name of the log group where the copies are stored.\n" }, "domain": { "type": "string", "description": "The top-level internet domain name for which your application has administrative authority.\n" }, "name": { "type": "string", "description": "The name of the log stream.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:rum/metricsDestination:MetricsDestination": { "description": "Provides a CloudWatch RUM Metrics Destination resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rum.MetricsDestination(\"example\", {\n appMonitorName: exampleAwsRumAppMonitor.name,\n destination: \"CloudWatch\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rum.MetricsDestination(\"example\",\n app_monitor_name=example_aws_rum_app_monitor[\"name\"],\n destination=\"CloudWatch\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rum.MetricsDestination(\"example\", new()\n {\n AppMonitorName = exampleAwsRumAppMonitor.Name,\n Destination = \"CloudWatch\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rum\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rum.NewMetricsDestination(ctx, \"example\", \u0026rum.MetricsDestinationArgs{\n\t\t\tAppMonitorName: pulumi.Any(exampleAwsRumAppMonitor.Name),\n\t\t\tDestination: pulumi.String(\"CloudWatch\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rum.MetricsDestination;\nimport com.pulumi.aws.rum.MetricsDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MetricsDestination(\"example\", MetricsDestinationArgs.builder()\n .appMonitorName(exampleAwsRumAppMonitor.name())\n .destination(\"CloudWatch\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rum:MetricsDestination\n properties:\n appMonitorName: ${exampleAwsRumAppMonitor.name}\n destination: CloudWatch\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudwatch RUM Metrics Destination using the `id`. For example:\n\n```sh\n$ pulumi import aws:rum/metricsDestination:MetricsDestination example example\n```\n", "properties": { "appMonitorName": { "type": "string", "description": "The name of the CloudWatch RUM app monitor that will send the metrics.\n" }, "destination": { "type": "string", "description": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently`. If you specify `Evidently`, you must also specify the ARN of the CloudWatchEvidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.\n" }, "destinationArn": { "type": "string", "description": "Use this parameter only if Destination is Evidently. This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.\n" }, "iamRoleArn": { "type": "string", "description": "This parameter is required if Destination is Evidently. If Destination is CloudWatch, do not use this parameter.\n" } }, "required": [ "appMonitorName", "destination" ], "inputProperties": { "appMonitorName": { "type": "string", "description": "The name of the CloudWatch RUM app monitor that will send the metrics.\n" }, "destination": { "type": "string", "description": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently`. If you specify `Evidently`, you must also specify the ARN of the CloudWatchEvidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.\n" }, "destinationArn": { "type": "string", "description": "Use this parameter only if Destination is Evidently. This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.\n" }, "iamRoleArn": { "type": "string", "description": "This parameter is required if Destination is Evidently. If Destination is CloudWatch, do not use this parameter.\n" } }, "requiredInputs": [ "appMonitorName", "destination" ], "stateInputs": { "description": "Input properties used for looking up and filtering MetricsDestination resources.\n", "properties": { "appMonitorName": { "type": "string", "description": "The name of the CloudWatch RUM app monitor that will send the metrics.\n" }, "destination": { "type": "string", "description": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently`. If you specify `Evidently`, you must also specify the ARN of the CloudWatchEvidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.\n" }, "destinationArn": { "type": "string", "description": "Use this parameter only if Destination is Evidently. This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.\n" }, "iamRoleArn": { "type": "string", "description": "This parameter is required if Destination is Evidently. If Destination is CloudWatch, do not use this parameter.\n" } }, "type": "object" } }, "aws:s3/accessPoint:AccessPoint": { "description": "Provides a resource to manage an S3 Access Point.\n\n\u003e **NOTE on Access Points and Access Point Policies:** This provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy.\n\n\u003e Advanced usage: To use a custom API endpoint for this resource, use the `s3control` endpoint provider configuration), not the `s3` endpoint provider configuration.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### AWS Partition General Purpose Bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder()\n .bucket(example.id())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 on Outposts Bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.Bucket(\"example\", {bucket: \"example\"});\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.arn,\n name: \"example\",\n vpcConfiguration: {\n vpcId: exampleVpc.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.Bucket(\"example\", bucket=\"example\")\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.arn,\n name=\"example\",\n vpc_configuration={\n \"vpc_id\": example_vpc.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.Bucket(\"example\", new()\n {\n BucketName = \"example\",\n });\n\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Arn,\n Name = \"example\",\n VpcConfiguration = new Aws.S3.Inputs.AccessPointVpcConfigurationArgs\n {\n VpcId = exampleVpc.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewBucket(ctx, \"example\", \u0026s3control.BucketArgs{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVpcConfiguration: \u0026s3.AccessPointVpcConfigurationArgs{\n\t\t\t\tVpcId: exampleVpc.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.Bucket;\nimport com.pulumi.aws.s3control.BucketArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3.inputs.AccessPointVpcConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .bucket(\"example\")\n .build());\n\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder()\n .bucket(example.arn())\n .name(\"example\")\n .vpcConfiguration(AccessPointVpcConfigurationArgs.builder()\n .vpcId(exampleVpc.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:Bucket\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.arn}\n name: example\n vpcConfiguration:\n vpcId: ${exampleVpc.id}\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using the ARN for Access Points associated with an S3 on Outposts Bucket:\n\n__Using `pulumi import` to import.__ For example:\n\nImport using the `account_id` and `name` separated by a colon (`:`) for Access Points associated with an AWS Partition S3 Bucket:\n\n```sh\n$ pulumi import aws:s3/accessPoint:AccessPoint example 123456789012:example\n```\nImport using the ARN for Access Points associated with an S3 on Outposts Bucket:\n\n```sh\n$ pulumi import aws:s3/accessPoint:AccessPoint example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-1234567890123456/accesspoint/example\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the AWS provider.\n" }, "alias": { "type": "string", "description": "Alias of the S3 Access Point.\n" }, "arn": { "type": "string", "description": "ARN of the S3 Access Point.\n" }, "bucket": { "type": "string", "description": "Name of an AWS Partition S3 General Purpose Bucket or the ARN of S3 on Outposts Bucket that you want to associate this access point with.\n" }, "bucketAccountId": { "type": "string", "description": "AWS account ID associated with the S3 bucket associated with this access point.\n" }, "domainName": { "type": "string", "description": "DNS domain name of the S3 Access Point in the format _`name`_-_`account_id`_.s3-accesspoint._region_.amazonaws.com.\nNote: S3 access points only support secure access by HTTPS. HTTP isn't supported.\n" }, "endpoints": { "type": "object", "additionalProperties": { "type": "string" }, "description": "VPC endpoints for the S3 Access Point.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "Name you want to assign to this access point. See the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html?icmpid=docs_amazons3_console#access-points-names) for naming conditions.\n\nThe following arguments are optional:\n" }, "networkOrigin": { "type": "string", "description": "Indicates whether this access point allows access from the public Internet. Values are `VPC` (the access point doesn't allow access from the public Internet) and `Internet` (the access point allows access from the public Internet, subject to the access point and bucket access policies).\n" }, "policy": { "type": "string", "description": "Valid JSON document that specifies the policy that you want to apply to this access point. Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.s3control.AccessPointPolicy`. To remove the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n" }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Required for S3 on Outposts. Detailed below.\n" } }, "required": [ "accountId", "alias", "arn", "bucket", "bucketAccountId", "domainName", "endpoints", "hasPublicAccessPolicy", "name", "networkOrigin", "policy" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "bucket": { "type": "string", "description": "Name of an AWS Partition S3 General Purpose Bucket or the ARN of S3 on Outposts Bucket that you want to associate this access point with.\n", "willReplaceOnChanges": true }, "bucketAccountId": { "type": "string", "description": "AWS account ID associated with the S3 bucket associated with this access point.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name you want to assign to this access point. See the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html?icmpid=docs_amazons3_console#access-points-names) for naming conditions.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Valid JSON document that specifies the policy that you want to apply to this access point. Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.s3control.AccessPointPolicy`. To remove the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n", "willReplaceOnChanges": true }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Required for S3 on Outposts. Detailed below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPoint resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID for the owner of the bucket for which you want to create an access point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "alias": { "type": "string", "description": "Alias of the S3 Access Point.\n" }, "arn": { "type": "string", "description": "ARN of the S3 Access Point.\n" }, "bucket": { "type": "string", "description": "Name of an AWS Partition S3 General Purpose Bucket or the ARN of S3 on Outposts Bucket that you want to associate this access point with.\n", "willReplaceOnChanges": true }, "bucketAccountId": { "type": "string", "description": "AWS account ID associated with the S3 bucket associated with this access point.\n", "willReplaceOnChanges": true }, "domainName": { "type": "string", "description": "DNS domain name of the S3 Access Point in the format _`name`_-_`account_id`_.s3-accesspoint._region_.amazonaws.com.\nNote: S3 access points only support secure access by HTTPS. HTTP isn't supported.\n" }, "endpoints": { "type": "object", "additionalProperties": { "type": "string" }, "description": "VPC endpoints for the S3 Access Point.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "Name you want to assign to this access point. See the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-access-points.html?icmpid=docs_amazons3_console#access-points-names) for naming conditions.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "networkOrigin": { "type": "string", "description": "Indicates whether this access point allows access from the public Internet. Values are `VPC` (the access point doesn't allow access from the public Internet) and `Internet` (the access point allows access from the public Internet, subject to the access point and bucket access policies).\n" }, "policy": { "type": "string", "description": "Valid JSON document that specifies the policy that you want to apply to this access point. Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.s3control.AccessPointPolicy`. To remove the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "publicAccessBlockConfiguration": { "$ref": "#/types/aws:s3/AccessPointPublicAccessBlockConfiguration:AccessPointPublicAccessBlockConfiguration", "description": "Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Detailed below.\n", "willReplaceOnChanges": true }, "vpcConfiguration": { "$ref": "#/types/aws:s3/AccessPointVpcConfiguration:AccessPointVpcConfiguration", "description": "Configuration block to restrict access to this access point to requests from the specified Virtual Private Cloud (VPC). Required for S3 on Outposts. Detailed below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock": { "description": "Manages S3 account-level Public Access Block configuration. For more information about these settings, see the [AWS S3 Block Public Access documentation](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).\n\n\u003e **NOTE:** Each AWS account may only have one S3 Public Access Block configuration. Multiple configurations of the resource against the same AWS account will cause a perpetual difference.\n\n\u003e Advanced usage: To use a custom API endpoint for this resource, use the `s3control` endpoint provider configuration, not the `s3` endpoint provider configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.AccountPublicAccessBlock(\"example\", {\n blockPublicAcls: true,\n blockPublicPolicy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.AccountPublicAccessBlock(\"example\",\n block_public_acls=True,\n block_public_policy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.AccountPublicAccessBlock(\"example\", new()\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewAccountPublicAccessBlock(ctx, \"example\", \u0026s3.AccountPublicAccessBlockArgs{\n\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\tBlockPublicPolicy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.AccountPublicAccessBlock;\nimport com.pulumi.aws.s3.AccountPublicAccessBlockArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccountPublicAccessBlock(\"example\", AccountPublicAccessBlockArgs.builder()\n .blockPublicAcls(true)\n .blockPublicPolicy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:AccountPublicAccessBlock\n properties:\n blockPublicAcls: true\n blockPublicPolicy: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_s3_account_public_access_block` using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n" }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls fail if the request includes a public ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "required": [ "accountId" ], "inputProperties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n", "willReplaceOnChanges": true }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls fail if the request includes a public ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccountPublicAccessBlock resources.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the this provider AWS provider.\n", "willReplaceOnChanges": true }, "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls fail if the request includes a public ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore all public ACLs on buckets in this account and any objects that they contain.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `false`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access buckets with public policies.\n" } }, "type": "object" } }, "aws:s3/analyticsConfiguration:AnalyticsConfiguration": { "description": "Provides a S3 bucket [analytics configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) resource.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add analytics configuration for entire S3 bucket and export results to a second S3 bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst analytics = new aws.s3.BucketV2(\"analytics\", {bucket: \"analytics destination\"});\nconst example_entire_bucket = new aws.s3.AnalyticsConfiguration(\"example-entire-bucket\", {\n bucket: example.id,\n name: \"EntireBucket\",\n storageClassAnalysis: {\n dataExport: {\n destination: {\n s3BucketDestination: {\n bucketArn: analytics.arn,\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nanalytics = aws.s3.BucketV2(\"analytics\", bucket=\"analytics destination\")\nexample_entire_bucket = aws.s3.AnalyticsConfiguration(\"example-entire-bucket\",\n bucket=example.id,\n name=\"EntireBucket\",\n storage_class_analysis={\n \"data_export\": {\n \"destination\": {\n \"s3_bucket_destination\": {\n \"bucket_arn\": analytics.arn,\n },\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var analytics = new Aws.S3.BucketV2(\"analytics\", new()\n {\n Bucket = \"analytics destination\",\n });\n\n var example_entire_bucket = new Aws.S3.AnalyticsConfiguration(\"example-entire-bucket\", new()\n {\n Bucket = example.Id,\n Name = \"EntireBucket\",\n StorageClassAnalysis = new Aws.S3.Inputs.AnalyticsConfigurationStorageClassAnalysisArgs\n {\n DataExport = new Aws.S3.Inputs.AnalyticsConfigurationStorageClassAnalysisDataExportArgs\n {\n Destination = new Aws.S3.Inputs.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationArgs\n {\n S3BucketDestination = new Aws.S3.Inputs.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestinationArgs\n {\n BucketArn = analytics.Arn,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tanalytics, err := s3.NewBucketV2(ctx, \"analytics\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"analytics destination\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAnalyticsConfiguration(ctx, \"example-entire-bucket\", \u0026s3.AnalyticsConfigurationArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"EntireBucket\"),\n\t\t\tStorageClassAnalysis: \u0026s3.AnalyticsConfigurationStorageClassAnalysisArgs{\n\t\t\t\tDataExport: \u0026s3.AnalyticsConfigurationStorageClassAnalysisDataExportArgs{\n\t\t\t\t\tDestination: \u0026s3.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationArgs{\n\t\t\t\t\t\tS3BucketDestination: \u0026s3.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestinationArgs{\n\t\t\t\t\t\t\tBucketArn: analytics.Arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AnalyticsConfiguration;\nimport com.pulumi.aws.s3.AnalyticsConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.AnalyticsConfigurationStorageClassAnalysisArgs;\nimport com.pulumi.aws.s3.inputs.AnalyticsConfigurationStorageClassAnalysisDataExportArgs;\nimport com.pulumi.aws.s3.inputs.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationArgs;\nimport com.pulumi.aws.s3.inputs.AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var analytics = new BucketV2(\"analytics\", BucketV2Args.builder()\n .bucket(\"analytics destination\")\n .build());\n\n var example_entire_bucket = new AnalyticsConfiguration(\"example-entire-bucket\", AnalyticsConfigurationArgs.builder()\n .bucket(example.id())\n .name(\"EntireBucket\")\n .storageClassAnalysis(AnalyticsConfigurationStorageClassAnalysisArgs.builder()\n .dataExport(AnalyticsConfigurationStorageClassAnalysisDataExportArgs.builder()\n .destination(AnalyticsConfigurationStorageClassAnalysisDataExportDestinationArgs.builder()\n .s3BucketDestination(AnalyticsConfigurationStorageClassAnalysisDataExportDestinationS3BucketDestinationArgs.builder()\n .bucketArn(analytics.arn())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-entire-bucket:\n type: aws:s3:AnalyticsConfiguration\n properties:\n bucket: ${example.id}\n name: EntireBucket\n storageClassAnalysis:\n dataExport:\n destination:\n s3BucketDestination:\n bucketArn: ${analytics.arn}\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n analytics:\n type: aws:s3:BucketV2\n properties:\n bucket: analytics destination\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add analytics configuration with S3 object filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_filtered = new aws.s3.AnalyticsConfiguration(\"example-filtered\", {\n bucket: example.id,\n name: \"ImportantBlueDocuments\",\n filter: {\n prefix: \"documents/\",\n tags: {\n priority: \"high\",\n \"class\": \"blue\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_filtered = aws.s3.AnalyticsConfiguration(\"example-filtered\",\n bucket=example.id,\n name=\"ImportantBlueDocuments\",\n filter={\n \"prefix\": \"documents/\",\n \"tags\": {\n \"priority\": \"high\",\n \"class_\": \"blue\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_filtered = new Aws.S3.AnalyticsConfiguration(\"example-filtered\", new()\n {\n Bucket = example.Id,\n Name = \"ImportantBlueDocuments\",\n Filter = new Aws.S3.Inputs.AnalyticsConfigurationFilterArgs\n {\n Prefix = \"documents/\",\n Tags = \n {\n { \"priority\", \"high\" },\n { \"class\", \"blue\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAnalyticsConfiguration(ctx, \"example-filtered\", \u0026s3.AnalyticsConfigurationArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"ImportantBlueDocuments\"),\n\t\t\tFilter: \u0026s3.AnalyticsConfigurationFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AnalyticsConfiguration;\nimport com.pulumi.aws.s3.AnalyticsConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.AnalyticsConfigurationFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_filtered = new AnalyticsConfiguration(\"example-filtered\", AnalyticsConfigurationArgs.builder()\n .bucket(example.id())\n .name(\"ImportantBlueDocuments\")\n .filter(AnalyticsConfigurationFilterArgs.builder()\n .prefix(\"documents/\")\n .tags(Map.ofEntries(\n Map.entry(\"priority\", \"high\"),\n Map.entry(\"class\", \"blue\")\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-filtered:\n type: aws:s3:AnalyticsConfiguration\n properties:\n bucket: ${example.id}\n name: ImportantBlueDocuments\n filter:\n prefix: documents/\n tags:\n priority: high\n class: blue\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket analytics configurations using `bucket:analytics`. For example:\n\n```sh\n$ pulumi import aws:s3/analyticsConfiguration:AnalyticsConfiguration my-bucket-entire-bucket my-bucket:EntireBucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket this analytics configuration is associated with.\n" }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n" }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "required": [ "bucket", "name" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket this analytics configuration is associated with.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n", "willReplaceOnChanges": true }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering AnalyticsConfiguration resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket this analytics configuration is associated with.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/AnalyticsConfigurationFilter:AnalyticsConfigurationFilter", "description": "Object filtering that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the analytics configuration for the bucket.\n", "willReplaceOnChanges": true }, "storageClassAnalysis": { "$ref": "#/types/aws:s3/AnalyticsConfigurationStorageClassAnalysis:AnalyticsConfigurationStorageClassAnalysis", "description": "Configuration for the analytics data export (documented below).\n" } }, "type": "object" } }, "aws:s3/bucket:Bucket": { "description": "Provides a S3 bucket resource.\n\n\u003e This resource provides functionality for managing S3 general purpose buckets in an AWS Partition. To manage Amazon S3 Express directory buckets, use the `aws_directory_bucket` resource. To manage [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html), use the `aws.s3control.Bucket` resource.\n\n\u003e Object Lock can be enabled by using the `object_lock_enable` attribute or by using the `aws.s3.BucketObjectLockConfigurationV2` resource. Please note, that by using the resource, Object Lock can be enabled/disabled without destroying and recreating the bucket.\n\n## Example Usage\n\n### Private Bucket With Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"my-tf-test-bucket\",\n tags: {\n Name: \"My bucket\",\n Environment: \"Dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"my-tf-test-bucket\",\n tags={\n \"Name\": \"My bucket\",\n \"Environment\": \"Dev\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-test-bucket\",\n Tags = \n {\n { \"Name\", \"My bucket\" },\n { \"Environment\", \"Dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-test-bucket\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My bucket\"),\n\t\t\t\t\"Environment\": pulumi.String(\"Dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-test-bucket\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"My bucket\"),\n Map.entry(\"Environment\", \"Dev\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-test-bucket\n tags:\n Name: My bucket\n Environment: Dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucket:Bucket bucket bucket-name\n```\n", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n" }, "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "arn": { "type": "string", "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n", "language": { "csharp": { "name": "BucketName" } } }, "bucketDomainName": { "type": "string", "description": "Bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n" }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name. Please refer to the [S3 endpoints reference](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) for format. Note: AWS CloudFront allows specifying an S3 region-specific endpoint when creating an S3 origin. This will prevent redirect issues from CloudFront to the S3 Origin URL. For more information, see the [Virtual Hosted-Style Requests for Other Regions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#deprecated-global-endpoint) section in the AWS S3 User Guide.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "hostedZoneId": { "type": "string", "description": "[Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n" }, "policy": { "type": "string", "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n" }, "region": { "type": "string", "description": "AWS region this bucket resides in.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteDomain": { "type": "string", "description": "(**Deprecated**) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteEndpoint": { "type": "string", "description": "(**Deprecated**) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" } }, "required": [ "accelerationStatus", "arn", "bucket", "bucketDomainName", "bucketRegionalDomainName", "hostedZoneId", "region", "requestPayer", "serverSideEncryptionConfiguration", "tagsAll", "versioning", "websiteDomain", "websiteEndpoint" ], "inputProperties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n" }, "acl": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/CannedAcl:CannedAcl" } ], "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "arn": { "type": "string", "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n", "language": { "csharp": { "name": "BucketName" } }, "willReplaceOnChanges": true }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n", "willReplaceOnChanges": true }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "hostedZoneId": { "type": "string", "description": "[Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteDomain": { "type": "string", "description": "(**Deprecated**) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteEndpoint": { "type": "string", "description": "(**Deprecated**) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Bucket resources.\n", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n" }, "acl": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/CannedAcl:CannedAcl" } ], "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "arn": { "type": "string", "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n", "language": { "csharp": { "name": "BucketName" } }, "willReplaceOnChanges": true }, "bucketDomainName": { "type": "string", "description": "Bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n", "willReplaceOnChanges": true }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name. Please refer to the [S3 endpoints reference](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) for format. Note: AWS CloudFront allows specifying an S3 region-specific endpoint when creating an S3 origin. This will prevent redirect issues from CloudFront to the S3 Origin URL. For more information, see the [Virtual Hosted-Style Requests for Other Regions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#deprecated-global-endpoint) section in the AWS S3 User Guide.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsRule:BucketCorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketGrant:BucketGrant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n" }, "hostedZoneId": { "type": "string", "description": "[Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLogging:BucketLogging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n" }, "region": { "type": "string", "description": "AWS region this bucket resides in.\n" }, "replicationConfiguration": { "$ref": "#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration", "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n" }, "serverSideEncryptionConfiguration": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration", "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versioning": { "$ref": "#/types/aws:s3/BucketVersioning:BucketVersioning", "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n" }, "website": { "$ref": "#/types/aws:s3/BucketWebsite:BucketWebsite", "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteDomain": { "type": "string", "description": "(**Deprecated**) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" }, "websiteEndpoint": { "type": "string", "description": "(**Deprecated**) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n" } }, "type": "object" } }, "aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2": { "description": "Provides an S3 bucket accelerate configuration resource. See the [Requirements for using Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration.html#transfer-acceleration-requirements) for more details.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mybucket = new aws.s3.BucketV2(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketAccelerateConfigurationV2(\"example\", {\n bucket: mybucket.id,\n status: \"Enabled\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmybucket = aws.s3.BucketV2(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketAccelerateConfigurationV2(\"example\",\n bucket=mybucket.id,\n status=\"Enabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mybucket = new Aws.S3.BucketV2(\"mybucket\", new()\n {\n Bucket = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketAccelerateConfigurationV2(\"example\", new()\n {\n Bucket = mybucket.Id,\n Status = \"Enabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmybucket, err := s3.NewBucketV2(ctx, \"mybucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAccelerateConfigurationV2(ctx, \"example\", \u0026s3.BucketAccelerateConfigurationV2Args{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAccelerateConfigurationV2;\nimport com.pulumi.aws.s3.BucketAccelerateConfigurationV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mybucket = new BucketV2(\"mybucket\", BucketV2Args.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketAccelerateConfigurationV2(\"example\", BucketAccelerateConfigurationV2Args.builder()\n .bucket(mybucket.id())\n .status(\"Enabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mybucket:\n type: aws:s3:BucketV2\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketAccelerateConfigurationV2\n properties:\n bucket: ${mybucket.id}\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import.__ For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "status": { "type": "string", "description": "Transfer acceleration state of the bucket. Valid values: `Enabled`, `Suspended`.\n" } }, "required": [ "bucket", "status" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Transfer acceleration state of the bucket. Valid values: `Enabled`, `Suspended`.\n" } }, "requiredInputs": [ "bucket", "status" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketAccelerateConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Transfer acceleration state of the bucket. Valid values: `Enabled`, `Suspended`.\n" } }, "type": "object" } }, "aws:s3/bucketAclV2:BucketAclV2": { "description": "Provides an S3 bucket ACL resource.\n\n\u003e **Note:** destroy does not delete the S3 Bucket ACL but does remove the resource from state.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With `private` ACL\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n}, {\n dependsOn: [exampleBucketOwnershipControls],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule={\n \"object_ownership\": \"BucketOwnerPreferred\",\n })\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\",\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder()\n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"private\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketOwnershipControls)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `public-read` ACL\n\n\u003e This example explicitly disables the default S3 bucket security settings. This\nshould be done with caution, as all bucket objects become publicly exposed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(\"example\", {\n bucket: example.id,\n blockPublicAcls: false,\n blockPublicPolicy: false,\n ignorePublicAcls: false,\n restrictPublicBuckets: false,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"public-read\",\n}, {\n dependsOn: [\n exampleBucketOwnershipControls,\n exampleBucketPublicAccessBlock,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule={\n \"object_ownership\": \"BucketOwnerPreferred\",\n })\nexample_bucket_public_access_block = aws.s3.BucketPublicAccessBlock(\"example\",\n bucket=example.id,\n block_public_acls=False,\n block_public_policy=False,\n ignore_public_acls=False,\n restrict_public_buckets=False)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"public-read\",\n opts = pulumi.ResourceOptions(depends_on=[\n example_bucket_ownership_controls,\n example_bucket_public_access_block,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketPublicAccessBlock = new Aws.S3.BucketPublicAccessBlock(\"example\", new()\n {\n Bucket = example.Id,\n BlockPublicAcls = false,\n BlockPublicPolicy = false,\n IgnorePublicAcls = false,\n RestrictPublicBuckets = false,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"public-read\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls,\n exampleBucketPublicAccessBlock,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketPublicAccessBlock, err := s3.NewBucketPublicAccessBlock(ctx, \"example\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tBlockPublicAcls: pulumi.Bool(false),\n\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\tIgnorePublicAcls: pulumi.Bool(false),\n\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t\texampleBucketPublicAccessBlock,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketPublicAccessBlock;\nimport com.pulumi.aws.s3.BucketPublicAccessBlockArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder()\n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketPublicAccessBlock = new BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\", BucketPublicAccessBlockArgs.builder()\n .bucket(example.id())\n .blockPublicAcls(false)\n .blockPublicPolicy(false)\n .ignorePublicAcls(false)\n .restrictPublicBuckets(false)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"public-read\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleBucketOwnershipControls,\n exampleBucketPublicAccessBlock)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketPublicAccessBlock:\n type: aws:s3:BucketPublicAccessBlock\n name: example\n properties:\n bucket: ${example.id}\n blockPublicAcls: false\n blockPublicPolicy: false\n ignorePublicAcls: false\n restrictPublicBuckets: false\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: public-read\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\n - ${exampleBucketPublicAccessBlock}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Grants\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.s3.getCanonicalUserId({});\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n accessControlPolicy: {\n grants: [\n {\n grantee: {\n id: current.then(current =\u003e current.id),\n type: \"CanonicalUser\",\n },\n permission: \"READ\",\n },\n {\n grantee: {\n type: \"Group\",\n uri: \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n permission: \"READ_ACP\",\n },\n ],\n owner: {\n id: current.then(current =\u003e current.id),\n },\n },\n}, {\n dependsOn: [exampleBucketOwnershipControls],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.s3.get_canonical_user_id()\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule={\n \"object_ownership\": \"BucketOwnerPreferred\",\n })\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n access_control_policy={\n \"grants\": [\n {\n \"grantee\": {\n \"id\": current.id,\n \"type\": \"CanonicalUser\",\n },\n \"permission\": \"READ\",\n },\n {\n \"grantee\": {\n \"type\": \"Group\",\n \"uri\": \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n \"permission\": \"READ_ACP\",\n },\n ],\n \"owner\": {\n \"id\": current.id,\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.S3.GetCanonicalUserId.Invoke();\n\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs\n {\n Grants = new[]\n {\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n Type = \"CanonicalUser\",\n },\n Permission = \"READ\",\n },\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Type = \"Group\",\n Uri = \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n Permission = \"READ_ACP\",\n },\n },\n Owner = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyOwnerArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := s3.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAccessControlPolicy: \u0026s3.BucketAclV2AccessControlPolicyArgs{\n\t\t\t\tGrants: s3.BucketAclV2AccessControlPolicyGrantArray{\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t\t\t\tType: pulumi.String(\"CanonicalUser\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Group\"),\n\t\t\t\t\t\t\tUri: pulumi.String(\"http://acs.amazonaws.com/groups/s3/LogDelivery\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ_ACP\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tOwner: \u0026s3.BucketAclV2AccessControlPolicyOwnerArgs{\n\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = S3Functions.getCanonicalUserId();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder()\n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()\n .grants( \n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .type(\"CanonicalUser\")\n .build())\n .permission(\"READ\")\n .build(),\n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .type(\"Group\")\n .uri(\"http://acs.amazonaws.com/groups/s3/LogDelivery\")\n .build())\n .permission(\"READ_ACP\")\n .build())\n .owner(BucketAclV2AccessControlPolicyOwnerArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketOwnershipControls)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n accessControlPolicy:\n grants:\n - grantee:\n id: ${current.id}\n type: CanonicalUser\n permission: READ\n - grantee:\n type: Group\n uri: http://acs.amazonaws.com/groups/s3/LogDelivery\n permission: READ_ACP\n owner:\n id: ${current.id}\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\nvariables:\n current:\n fn::invoke:\n Function: aws:s3:getCanonicalUserId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n__Using `pulumi import` to import__ using `bucket`, `expected_bucket_owner`, and/or `acl`, depending on your situation. For example:\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __not configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,private\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012,private\n```\n", "properties": { "accessControlPolicy": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicy:BucketAclV2AccessControlPolicy", "description": "Configuration block that sets the ACL permissions for an object per grantee. See below.\n" }, "acl": { "type": "string", "description": "Canned ACL to apply to the bucket.\n" }, "bucket": { "type": "string", "description": "Bucket to which to apply the ACL.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" } }, "required": [ "accessControlPolicy", "bucket" ], "inputProperties": { "accessControlPolicy": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicy:BucketAclV2AccessControlPolicy", "description": "Configuration block that sets the ACL permissions for an object per grantee. See below.\n" }, "acl": { "type": "string", "description": "Canned ACL to apply to the bucket.\n" }, "bucket": { "type": "string", "description": "Bucket to which to apply the ACL.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketAclV2 resources.\n", "properties": { "accessControlPolicy": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicy:BucketAclV2AccessControlPolicy", "description": "Configuration block that sets the ACL permissions for an object per grantee. See below.\n" }, "acl": { "type": "string", "description": "Canned ACL to apply to the bucket.\n" }, "bucket": { "type": "string", "description": "Bucket to which to apply the ACL.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2": { "description": "Provides an S3 bucket CORS configuration resource. For more information about CORS, go to [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html) in the Amazon S3 User Guide.\n\n\u003e **NOTE:** S3 Buckets only support a single CORS configuration. Declaring multiple `aws.s3.BucketCorsConfigurationV2` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"mybucket\"});\nconst exampleBucketCorsConfigurationV2 = new aws.s3.BucketCorsConfigurationV2(\"example\", {\n bucket: example.id,\n corsRules: [\n {\n allowedHeaders: [\"*\"],\n allowedMethods: [\n \"PUT\",\n \"POST\",\n ],\n allowedOrigins: [\"https://s3-website-test.domain.example\"],\n exposeHeaders: [\"ETag\"],\n maxAgeSeconds: 3000,\n },\n {\n allowedMethods: [\"GET\"],\n allowedOrigins: [\"*\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"mybucket\")\nexample_bucket_cors_configuration_v2 = aws.s3.BucketCorsConfigurationV2(\"example\",\n bucket=example.id,\n cors_rules=[\n {\n \"allowed_headers\": [\"*\"],\n \"allowed_methods\": [\n \"PUT\",\n \"POST\",\n ],\n \"allowed_origins\": [\"https://s3-website-test.domain.example\"],\n \"expose_headers\": [\"ETag\"],\n \"max_age_seconds\": 3000,\n },\n {\n \"allowed_methods\": [\"GET\"],\n \"allowed_origins\": [\"*\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"mybucket\",\n });\n\n var exampleBucketCorsConfigurationV2 = new Aws.S3.BucketCorsConfigurationV2(\"example\", new()\n {\n Bucket = example.Id,\n CorsRules = new[]\n {\n new Aws.S3.Inputs.BucketCorsConfigurationV2CorsRuleArgs\n {\n AllowedHeaders = new[]\n {\n \"*\",\n },\n AllowedMethods = new[]\n {\n \"PUT\",\n \"POST\",\n },\n AllowedOrigins = new[]\n {\n \"https://s3-website-test.domain.example\",\n },\n ExposeHeaders = new[]\n {\n \"ETag\",\n },\n MaxAgeSeconds = 3000,\n },\n new Aws.S3.Inputs.BucketCorsConfigurationV2CorsRuleArgs\n {\n AllowedMethods = new[]\n {\n \"GET\",\n },\n AllowedOrigins = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketCorsConfigurationV2(ctx, \"example\", \u0026s3.BucketCorsConfigurationV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tCorsRules: s3.BucketCorsConfigurationV2CorsRuleArray{\n\t\t\t\t\u0026s3.BucketCorsConfigurationV2CorsRuleArgs{\n\t\t\t\t\tAllowedHeaders: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"PUT\"),\n\t\t\t\t\t\tpulumi.String(\"POST\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedOrigins: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"https://s3-website-test.domain.example\"),\n\t\t\t\t\t},\n\t\t\t\t\tExposeHeaders: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ETag\"),\n\t\t\t\t\t},\n\t\t\t\t\tMaxAgeSeconds: pulumi.Int(3000),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketCorsConfigurationV2CorsRuleArgs{\n\t\t\t\t\tAllowedMethods: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GET\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedOrigins: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketCorsConfigurationV2;\nimport com.pulumi.aws.s3.BucketCorsConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketCorsConfigurationV2CorsRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"mybucket\")\n .build());\n\n var exampleBucketCorsConfigurationV2 = new BucketCorsConfigurationV2(\"exampleBucketCorsConfigurationV2\", BucketCorsConfigurationV2Args.builder()\n .bucket(example.id())\n .corsRules( \n BucketCorsConfigurationV2CorsRuleArgs.builder()\n .allowedHeaders(\"*\")\n .allowedMethods( \n \"PUT\",\n \"POST\")\n .allowedOrigins(\"https://s3-website-test.domain.example\")\n .exposeHeaders(\"ETag\")\n .maxAgeSeconds(3000)\n .build(),\n BucketCorsConfigurationV2CorsRuleArgs.builder()\n .allowedMethods(\"GET\")\n .allowedOrigins(\"*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: mybucket\n exampleBucketCorsConfigurationV2:\n type: aws:s3:BucketCorsConfigurationV2\n name: example\n properties:\n bucket: ${example.id}\n corsRules:\n - allowedHeaders:\n - '*'\n allowedMethods:\n - PUT\n - POST\n allowedOrigins:\n - https://s3-website-test.domain.example\n exposeHeaders:\n - ETag\n maxAgeSeconds: 3000\n - allowedMethods:\n - GET\n allowedOrigins:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket CORS configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsConfigurationV2CorsRule:BucketCorsConfigurationV2CorsRule" }, "description": "Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" } }, "required": [ "bucket", "corsRules" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsConfigurationV2CorsRule:BucketCorsConfigurationV2CorsRule" }, "description": "Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucket", "corsRules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketCorsConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketCorsConfigurationV2CorsRule:BucketCorsConfigurationV2CorsRule" }, "description": "Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:s3/bucketIntelligentTieringConfiguration:BucketIntelligentTieringConfiguration": { "description": "Provides an [S3 Intelligent-Tiering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering.html) configuration resource.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add intelligent tiering configuration for entire S3 bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_entire_bucket = new aws.s3.BucketIntelligentTieringConfiguration(\"example-entire-bucket\", {\n bucket: example.id,\n name: \"EntireBucket\",\n tierings: [\n {\n accessTier: \"DEEP_ARCHIVE_ACCESS\",\n days: 180,\n },\n {\n accessTier: \"ARCHIVE_ACCESS\",\n days: 125,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_entire_bucket = aws.s3.BucketIntelligentTieringConfiguration(\"example-entire-bucket\",\n bucket=example.id,\n name=\"EntireBucket\",\n tierings=[\n {\n \"access_tier\": \"DEEP_ARCHIVE_ACCESS\",\n \"days\": 180,\n },\n {\n \"access_tier\": \"ARCHIVE_ACCESS\",\n \"days\": 125,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_entire_bucket = new Aws.S3.BucketIntelligentTieringConfiguration(\"example-entire-bucket\", new()\n {\n Bucket = example.Id,\n Name = \"EntireBucket\",\n Tierings = new[]\n {\n new Aws.S3.Inputs.BucketIntelligentTieringConfigurationTieringArgs\n {\n AccessTier = \"DEEP_ARCHIVE_ACCESS\",\n Days = 180,\n },\n new Aws.S3.Inputs.BucketIntelligentTieringConfigurationTieringArgs\n {\n AccessTier = \"ARCHIVE_ACCESS\",\n Days = 125,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketIntelligentTieringConfiguration(ctx, \"example-entire-bucket\", \u0026s3.BucketIntelligentTieringConfigurationArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"EntireBucket\"),\n\t\t\tTierings: s3.BucketIntelligentTieringConfigurationTieringArray{\n\t\t\t\t\u0026s3.BucketIntelligentTieringConfigurationTieringArgs{\n\t\t\t\t\tAccessTier: pulumi.String(\"DEEP_ARCHIVE_ACCESS\"),\n\t\t\t\t\tDays: pulumi.Int(180),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketIntelligentTieringConfigurationTieringArgs{\n\t\t\t\t\tAccessTier: pulumi.String(\"ARCHIVE_ACCESS\"),\n\t\t\t\t\tDays: pulumi.Int(125),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketIntelligentTieringConfiguration;\nimport com.pulumi.aws.s3.BucketIntelligentTieringConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketIntelligentTieringConfigurationTieringArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_entire_bucket = new BucketIntelligentTieringConfiguration(\"example-entire-bucket\", BucketIntelligentTieringConfigurationArgs.builder()\n .bucket(example.id())\n .name(\"EntireBucket\")\n .tierings( \n BucketIntelligentTieringConfigurationTieringArgs.builder()\n .accessTier(\"DEEP_ARCHIVE_ACCESS\")\n .days(180)\n .build(),\n BucketIntelligentTieringConfigurationTieringArgs.builder()\n .accessTier(\"ARCHIVE_ACCESS\")\n .days(125)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-entire-bucket:\n type: aws:s3:BucketIntelligentTieringConfiguration\n properties:\n bucket: ${example.id}\n name: EntireBucket\n tierings:\n - accessTier: DEEP_ARCHIVE_ACCESS\n days: 180\n - accessTier: ARCHIVE_ACCESS\n days: 125\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add intelligent tiering configuration with S3 object filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_filtered = new aws.s3.BucketIntelligentTieringConfiguration(\"example-filtered\", {\n bucket: example.id,\n name: \"ImportantBlueDocuments\",\n status: \"Disabled\",\n filter: {\n prefix: \"documents/\",\n tags: {\n priority: \"high\",\n \"class\": \"blue\",\n },\n },\n tierings: [{\n accessTier: \"ARCHIVE_ACCESS\",\n days: 125,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_filtered = aws.s3.BucketIntelligentTieringConfiguration(\"example-filtered\",\n bucket=example.id,\n name=\"ImportantBlueDocuments\",\n status=\"Disabled\",\n filter={\n \"prefix\": \"documents/\",\n \"tags\": {\n \"priority\": \"high\",\n \"class_\": \"blue\",\n },\n },\n tierings=[{\n \"access_tier\": \"ARCHIVE_ACCESS\",\n \"days\": 125,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_filtered = new Aws.S3.BucketIntelligentTieringConfiguration(\"example-filtered\", new()\n {\n Bucket = example.Id,\n Name = \"ImportantBlueDocuments\",\n Status = \"Disabled\",\n Filter = new Aws.S3.Inputs.BucketIntelligentTieringConfigurationFilterArgs\n {\n Prefix = \"documents/\",\n Tags = \n {\n { \"priority\", \"high\" },\n { \"class\", \"blue\" },\n },\n },\n Tierings = new[]\n {\n new Aws.S3.Inputs.BucketIntelligentTieringConfigurationTieringArgs\n {\n AccessTier = \"ARCHIVE_ACCESS\",\n Days = 125,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketIntelligentTieringConfiguration(ctx, \"example-filtered\", \u0026s3.BucketIntelligentTieringConfigurationArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"ImportantBlueDocuments\"),\n\t\t\tStatus: pulumi.String(\"Disabled\"),\n\t\t\tFilter: \u0026s3.BucketIntelligentTieringConfigurationFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTierings: s3.BucketIntelligentTieringConfigurationTieringArray{\n\t\t\t\t\u0026s3.BucketIntelligentTieringConfigurationTieringArgs{\n\t\t\t\t\tAccessTier: pulumi.String(\"ARCHIVE_ACCESS\"),\n\t\t\t\t\tDays: pulumi.Int(125),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketIntelligentTieringConfiguration;\nimport com.pulumi.aws.s3.BucketIntelligentTieringConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketIntelligentTieringConfigurationFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketIntelligentTieringConfigurationTieringArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_filtered = new BucketIntelligentTieringConfiguration(\"example-filtered\", BucketIntelligentTieringConfigurationArgs.builder()\n .bucket(example.id())\n .name(\"ImportantBlueDocuments\")\n .status(\"Disabled\")\n .filter(BucketIntelligentTieringConfigurationFilterArgs.builder()\n .prefix(\"documents/\")\n .tags(Map.ofEntries(\n Map.entry(\"priority\", \"high\"),\n Map.entry(\"class\", \"blue\")\n ))\n .build())\n .tierings(BucketIntelligentTieringConfigurationTieringArgs.builder()\n .accessTier(\"ARCHIVE_ACCESS\")\n .days(125)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-filtered:\n type: aws:s3:BucketIntelligentTieringConfiguration\n properties:\n bucket: ${example.id}\n name: ImportantBlueDocuments\n status: Disabled\n filter:\n prefix: documents/\n tags:\n priority: high\n class: blue\n tierings:\n - accessTier: ARCHIVE_ACCESS\n days: 125\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket intelligent tiering configurations using `bucket:name`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketIntelligentTieringConfiguration:BucketIntelligentTieringConfiguration my-bucket-entire-bucket my-bucket:EntireBucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket this intelligent tiering configuration is associated with.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationFilter:BucketIntelligentTieringConfigurationFilter", "description": "Bucket filter. The configuration only includes objects that meet the filter's criteria (documented below).\n" }, "name": { "type": "string", "description": "Unique name used to identify the S3 Intelligent-Tiering configuration for the bucket.\n" }, "status": { "type": "string", "description": "Specifies the status of the configuration. Valid values: `Enabled`, `Disabled`.\n" }, "tierings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationTiering:BucketIntelligentTieringConfigurationTiering" }, "description": "S3 Intelligent-Tiering storage class tiers of the configuration (documented below).\n" } }, "required": [ "bucket", "name", "tierings" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket this intelligent tiering configuration is associated with.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationFilter:BucketIntelligentTieringConfigurationFilter", "description": "Bucket filter. The configuration only includes objects that meet the filter's criteria (documented below).\n" }, "name": { "type": "string", "description": "Unique name used to identify the S3 Intelligent-Tiering configuration for the bucket.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Specifies the status of the configuration. Valid values: `Enabled`, `Disabled`.\n" }, "tierings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationTiering:BucketIntelligentTieringConfigurationTiering" }, "description": "S3 Intelligent-Tiering storage class tiers of the configuration (documented below).\n" } }, "requiredInputs": [ "bucket", "tierings" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketIntelligentTieringConfiguration resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket this intelligent tiering configuration is associated with.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationFilter:BucketIntelligentTieringConfigurationFilter", "description": "Bucket filter. The configuration only includes objects that meet the filter's criteria (documented below).\n" }, "name": { "type": "string", "description": "Unique name used to identify the S3 Intelligent-Tiering configuration for the bucket.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Specifies the status of the configuration. Valid values: `Enabled`, `Disabled`.\n" }, "tierings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketIntelligentTieringConfigurationTiering:BucketIntelligentTieringConfigurationTiering" }, "description": "S3 Intelligent-Tiering storage class tiers of the configuration (documented below).\n" } }, "type": "object" } }, "aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2": { "description": "Provides an independent configuration resource for S3 bucket [lifecycle configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html).\n\nAn S3 Lifecycle configuration consists of one or more Lifecycle rules. Each rule consists of the following:\n\n* Rule metadata (`id` and `status`)\n* Filter identifying objects to which the rule applies\n* One or more transition or expiration actions\n\nFor more information see the Amazon S3 User Guide on [`Lifecycle Configuration Elements`](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html).\n\n\u003e **NOTE:** S3 Buckets only support a single lifecycle configuration. Declaring multiple `aws.s3.BucketLifecycleConfigurationV2` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e **NOTE:** Lifecycle configurations may take some time to fully propagate to all AWS S3 systems.\nRunning Pulumi operations shortly after creating a lifecycle configuration may result in changes that affect configuration idempotence.\nSee the Amazon S3 User Guide on [setting lifecycle configuration on a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With neither a filter nor prefix specified\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`\"\"`).\n\nThis configuration is intended to replicate the default behavior of the `lifecycle_rule`\nparameter in the AWS Provider `aws.s3.BucketV2` resource prior to `v4.0`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying an empty filter\n\nThe Lifecycle rule applies to all objects in the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {},\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {},\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = null,\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: nil,\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter()\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter: {}\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter using key prefixes\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`logs/`).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"prefix\": \"logs/\",\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you want to apply a Lifecycle action to a subset of objects based on different key name prefixes, specify separate rules.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n },\n {\n id: \"rule-2\",\n filter: {\n prefix: \"tmp/\",\n },\n status: \"Enabled\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[\n {\n \"id\": \"rule-1\",\n \"filter\": {\n \"prefix\": \"logs/\",\n },\n \"status\": \"Enabled\",\n },\n {\n \"id\": \"rule-2\",\n \"filter\": {\n \"prefix\": \"tmp/\",\n },\n \"status\": \"Enabled\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-2\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-2\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-2\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n - id: rule-2\n filter:\n prefix: tmp/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on an object tag\n\nThe Lifecycle rule specifies a filter based on a tag key and value. The rule then applies only to a subset of objects with the specific tag.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n tag: {\n key: \"Name\",\n value: \"Staging\",\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"tag\": {\n \"key\": \"Name\",\n \"value\": \"Staging\",\n },\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Tag = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs\n {\n Key = \"Name\",\n Value = \"Staging\",\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tTag: \u0026s3.BucketLifecycleConfigurationV2RuleFilterTagArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Staging\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .tag(BucketLifecycleConfigurationV2RuleFilterTagArgs.builder()\n .key(\"Name\")\n .value(\"Staging\")\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n tag:\n key: Name\n value: Staging\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on multiple tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with two tags (with the specific tag keys and values). Notice `tags` is wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"and_\": {\n \"tags\": {\n \"key1\": \"Value1\",\n \"key2\": \"Value2\",\n },\n },\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on both prefix and one or more tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with the specified prefix and two tags (with the specific tag keys and values). Notice both `prefix` and `tags` are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"and_\": {\n \"prefix\": \"logs/\",\n \"tags\": {\n \"key1\": \"Value1\",\n \"key2\": \"Value2\",\n },\n },\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size\n\nObject size values are in bytes. Maximum filter size is 5TB. Some storage classes have minimum object size limitations, for more information, see [Comparing the Amazon S3 storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html#sc-compare).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n objectSizeGreaterThan: \"500\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"object_size_greater_than\": \"500\",\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n ObjectSizeGreaterThan = \"500\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.String(\"500\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .objectSizeGreaterThan(500)\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n objectSizeGreaterThan: 500\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size range and prefix\n\nThe `object_size_greater_than` must be less than the `object_size_less_than`. Notice both the object size range and prefix are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n objectSizeGreaterThan: 500,\n objectSizeLessThan: 64000,\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[{\n \"id\": \"rule-1\",\n \"filter\": {\n \"and_\": {\n \"prefix\": \"logs/\",\n \"object_size_greater_than\": 500,\n \"object_size_less_than\": 64000,\n },\n },\n \"status\": \"Enabled\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n ObjectSizeGreaterThan = 500,\n ObjectSizeLessThan = 64000,\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.Int(500),\n\t\t\t\t\t\t\tObjectSizeLessThan: pulumi.Int(64000),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .objectSizeGreaterThan(500)\n .objectSizeLessThan(64000)\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n objectSizeGreaterThan: 500\n objectSizeLessThan: 64000\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating a Lifecycle Configuration for a bucket with versioning\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"my-bucket\"});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"log\",\n expiration: {\n days: 90,\n },\n filter: {\n and: {\n prefix: \"log/\",\n tags: {\n rule: \"log\",\n autoclean: \"true\",\n },\n },\n },\n status: \"Enabled\",\n transitions: [\n {\n days: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n days: 60,\n storageClass: \"GLACIER\",\n },\n ],\n },\n {\n id: \"tmp\",\n filter: {\n prefix: \"tmp/\",\n },\n expiration: {\n date: \"2023-01-13T00:00:00Z\",\n },\n status: \"Enabled\",\n },\n ],\n});\nconst versioningBucket = new aws.s3.BucketV2(\"versioning_bucket\", {bucket: \"my-versioning-bucket\"});\nconst versioningBucketAcl = new aws.s3.BucketAclV2(\"versioning_bucket_acl\", {\n bucket: versioningBucket.id,\n acl: \"private\",\n});\nconst versioning = new aws.s3.BucketVersioningV2(\"versioning\", {\n bucket: versioningBucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst versioning_bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", {\n bucket: versioningBucket.id,\n rules: [{\n id: \"config\",\n filter: {\n prefix: \"config/\",\n },\n noncurrentVersionExpiration: {\n noncurrentDays: 90,\n },\n noncurrentVersionTransitions: [\n {\n noncurrentDays: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n noncurrentDays: 60,\n storageClass: \"GLACIER\",\n },\n ],\n status: \"Enabled\",\n }],\n}, {\n dependsOn: [versioning],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"my-bucket\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nbucket_config = aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\",\n bucket=bucket.id,\n rules=[\n {\n \"id\": \"log\",\n \"expiration\": {\n \"days\": 90,\n },\n \"filter\": {\n \"and_\": {\n \"prefix\": \"log/\",\n \"tags\": {\n \"rule\": \"log\",\n \"autoclean\": \"true\",\n },\n },\n },\n \"status\": \"Enabled\",\n \"transitions\": [\n {\n \"days\": 30,\n \"storage_class\": \"STANDARD_IA\",\n },\n {\n \"days\": 60,\n \"storage_class\": \"GLACIER\",\n },\n ],\n },\n {\n \"id\": \"tmp\",\n \"filter\": {\n \"prefix\": \"tmp/\",\n },\n \"expiration\": {\n \"date\": \"2023-01-13T00:00:00Z\",\n },\n \"status\": \"Enabled\",\n },\n ])\nversioning_bucket = aws.s3.BucketV2(\"versioning_bucket\", bucket=\"my-versioning-bucket\")\nversioning_bucket_acl = aws.s3.BucketAclV2(\"versioning_bucket_acl\",\n bucket=versioning_bucket.id,\n acl=\"private\")\nversioning = aws.s3.BucketVersioningV2(\"versioning\",\n bucket=versioning_bucket.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nversioning_bucket_config = aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\",\n bucket=versioning_bucket.id,\n rules=[{\n \"id\": \"config\",\n \"filter\": {\n \"prefix\": \"config/\",\n },\n \"noncurrent_version_expiration\": {\n \"noncurrent_days\": 90,\n },\n \"noncurrent_version_transitions\": [\n {\n \"noncurrent_days\": 30,\n \"storage_class\": \"STANDARD_IA\",\n },\n {\n \"noncurrent_days\": 60,\n \"storage_class\": \"GLACIER\",\n },\n ],\n \"status\": \"Enabled\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[versioning]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"my-bucket\",\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"bucket-config\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"log\",\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Days = 90,\n },\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"log/\",\n Tags = \n {\n { \"rule\", \"log\" },\n { \"autoclean\", \"true\" },\n },\n },\n },\n Status = \"Enabled\",\n Transitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 60,\n StorageClass = \"GLACIER\",\n },\n },\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"tmp\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Date = \"2023-01-13T00:00:00Z\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n var versioningBucket = new Aws.S3.BucketV2(\"versioning_bucket\", new()\n {\n Bucket = \"my-versioning-bucket\",\n });\n\n var versioningBucketAcl = new Aws.S3.BucketAclV2(\"versioning_bucket_acl\", new()\n {\n Bucket = versioningBucket.Id,\n Acl = \"private\",\n });\n\n var versioning = new Aws.S3.BucketVersioningV2(\"versioning\", new()\n {\n Bucket = versioningBucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var versioning_bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", new()\n {\n Bucket = versioningBucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"config\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"config/\",\n },\n NoncurrentVersionExpiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs\n {\n NoncurrentDays = 90,\n },\n NoncurrentVersionTransitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 60,\n StorageClass = \"GLACIER\",\n },\n },\n Status = \"Enabled\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n versioning,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"log\"),\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"log/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"rule\": pulumi.String(\"log\"),\n\t\t\t\t\t\t\t\t\"autoclean\": pulumi.String(\"true\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tTransitions: s3.BucketLifecycleConfigurationV2RuleTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"tmp\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDate: pulumi.String(\"2023-01-13T00:00:00Z\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tversioningBucket, err := s3.NewBucketV2(ctx, \"versioning_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-versioning-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"versioning_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tversioning, err := s3.NewBucketVersioningV2(ctx, \"versioning\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"versioning-bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"config\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"config/\"),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs{\n\t\t\t\t\t\tNoncurrentDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionTransitions: s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tversioning,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleExpirationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"my-bucket\")\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder()\n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n var bucket_config = new BucketLifecycleConfigurationV2(\"bucket-config\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"log\")\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .days(90)\n .build())\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"log/\")\n .tags(Map.ofEntries(\n Map.entry(\"rule\", \"log\"),\n Map.entry(\"autoclean\", \"true\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .transitions( \n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(60)\n .storageClass(\"GLACIER\")\n .build())\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"tmp\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .date(\"2023-01-13T00:00:00Z\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioningBucket = new BucketV2(\"versioningBucket\", BucketV2Args.builder()\n .bucket(\"my-versioning-bucket\")\n .build());\n\n var versioningBucketAcl = new BucketAclV2(\"versioningBucketAcl\", BucketAclV2Args.builder()\n .bucket(versioningBucket.id())\n .acl(\"private\")\n .build());\n\n var versioning = new BucketVersioningV2(\"versioning\", BucketVersioningV2Args.builder()\n .bucket(versioningBucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioning_bucket_config = new BucketLifecycleConfigurationV2(\"versioning-bucket-config\", BucketLifecycleConfigurationV2Args.builder()\n .bucket(versioningBucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"config\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"config/\")\n .build())\n .noncurrentVersionExpiration(BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs.builder()\n .noncurrentDays(90)\n .build())\n .noncurrentVersionTransitions( \n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(60)\n .storageClass(\"GLACIER\")\n .build())\n .status(\"Enabled\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(versioning)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: my-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: log\n expiration:\n days: 90\n filter:\n and:\n prefix: log/\n tags:\n rule: log\n autoclean: 'true'\n status: Enabled\n transitions:\n - days: 30\n storageClass: STANDARD_IA\n - days: 60\n storageClass: GLACIER\n - id: tmp\n filter:\n prefix: tmp/\n expiration:\n date: 2023-01-13T00:00:00Z\n status: Enabled\n versioningBucket:\n type: aws:s3:BucketV2\n name: versioning_bucket\n properties:\n bucket: my-versioning-bucket\n versioningBucketAcl:\n type: aws:s3:BucketAclV2\n name: versioning_bucket_acl\n properties:\n bucket: ${versioningBucket.id}\n acl: private\n versioning:\n type: aws:s3:BucketVersioningV2\n properties:\n bucket: ${versioningBucket.id}\n versioningConfiguration:\n status: Enabled\n versioning-bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${versioningBucket.id}\n rules:\n - id: config\n filter:\n prefix: config/\n noncurrentVersionExpiration:\n noncurrentDays: 90\n noncurrentVersionTransitions:\n - noncurrentDays: 30\n storageClass: STANDARD_IA\n - noncurrentDays: 60\n storageClass: GLACIER\n status: Enabled\n options:\n dependson:\n - ${versioning}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket lifecycle configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2Rule:BucketLifecycleConfigurationV2Rule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" } }, "required": [ "bucket", "rules" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2Rule:BucketLifecycleConfigurationV2Rule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" } }, "requiredInputs": [ "bucket", "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketLifecycleConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLifecycleConfigurationV2Rule:BucketLifecycleConfigurationV2Rule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" } }, "type": "object" } }, "aws:s3/bucketLoggingV2:BucketLoggingV2": { "description": "Provides an S3 bucket (server access) logging resource. For more information, see [Logging requests using server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html)\nin the AWS S3 User Guide.\n\n\u003e **Note:** Amazon S3 supports server access logging, AWS CloudTrail, or a combination of both. Refer to the [Logging options for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/logging-with-S3.html)\nto decide which method meets your requirements.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n});\nconst logBucket = new aws.s3.BucketV2(\"log_bucket\", {bucket: \"my-tf-log-bucket\"});\nconst logBucketAcl = new aws.s3.BucketAclV2(\"log_bucket_acl\", {\n bucket: logBucket.id,\n acl: \"log-delivery-write\",\n});\nconst exampleBucketLoggingV2 = new aws.s3.BucketLoggingV2(\"example\", {\n bucket: example.id,\n targetBucket: logBucket.id,\n targetPrefix: \"log/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\")\nlog_bucket = aws.s3.BucketV2(\"log_bucket\", bucket=\"my-tf-log-bucket\")\nlog_bucket_acl = aws.s3.BucketAclV2(\"log_bucket_acl\",\n bucket=log_bucket.id,\n acl=\"log-delivery-write\")\nexample_bucket_logging_v2 = aws.s3.BucketLoggingV2(\"example\",\n bucket=example.id,\n target_bucket=log_bucket.id,\n target_prefix=\"log/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n });\n\n var logBucket = new Aws.S3.BucketV2(\"log_bucket\", new()\n {\n Bucket = \"my-tf-log-bucket\",\n });\n\n var logBucketAcl = new Aws.S3.BucketAclV2(\"log_bucket_acl\", new()\n {\n Bucket = logBucket.Id,\n Acl = \"log-delivery-write\",\n });\n\n var exampleBucketLoggingV2 = new Aws.S3.BucketLoggingV2(\"example\", new()\n {\n Bucket = example.Id,\n TargetBucket = logBucket.Id,\n TargetPrefix = \"log/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogBucket, err := s3.NewBucketV2(ctx, \"log_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-log-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"log_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: logBucket.ID(),\n\t\t\tAcl: pulumi.String(\"log-delivery-write\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLoggingV2(ctx, \"example\", \u0026s3.BucketLoggingV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tTargetBucket: logBucket.ID(),\n\t\t\tTargetPrefix: pulumi.String(\"log/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketLoggingV2;\nimport com.pulumi.aws.s3.BucketLoggingV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"private\")\n .build());\n\n var logBucket = new BucketV2(\"logBucket\", BucketV2Args.builder()\n .bucket(\"my-tf-log-bucket\")\n .build());\n\n var logBucketAcl = new BucketAclV2(\"logBucketAcl\", BucketAclV2Args.builder()\n .bucket(logBucket.id())\n .acl(\"log-delivery-write\")\n .build());\n\n var exampleBucketLoggingV2 = new BucketLoggingV2(\"exampleBucketLoggingV2\", BucketLoggingV2Args.builder()\n .bucket(example.id())\n .targetBucket(logBucket.id())\n .targetPrefix(\"log/\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n logBucket:\n type: aws:s3:BucketV2\n name: log_bucket\n properties:\n bucket: my-tf-log-bucket\n logBucketAcl:\n type: aws:s3:BucketAclV2\n name: log_bucket_acl\n properties:\n bucket: ${logBucket.id}\n acl: log-delivery-write\n exampleBucketLoggingV2:\n type: aws:s3:BucketLoggingV2\n name: example\n properties:\n bucket: ${example.id}\n targetBucket: ${logBucket.id}\n targetPrefix: log/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket logging using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketLoggingV2:BucketLoggingV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketLoggingV2:BucketLoggingV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "targetBucket": { "type": "string", "description": "Name of the bucket where you want Amazon S3 to store server access logs.\n" }, "targetGrants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetGrant:BucketLoggingV2TargetGrant" }, "description": "Set of configuration blocks with information for granting permissions. See below.\n" }, "targetObjectKeyFormat": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetObjectKeyFormat:BucketLoggingV2TargetObjectKeyFormat", "description": "Amazon S3 key format for log objects. See below.\n" }, "targetPrefix": { "type": "string", "description": "Prefix for all log object keys.\n" } }, "required": [ "bucket", "targetBucket", "targetPrefix" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "targetBucket": { "type": "string", "description": "Name of the bucket where you want Amazon S3 to store server access logs.\n" }, "targetGrants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetGrant:BucketLoggingV2TargetGrant" }, "description": "Set of configuration blocks with information for granting permissions. See below.\n" }, "targetObjectKeyFormat": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetObjectKeyFormat:BucketLoggingV2TargetObjectKeyFormat", "description": "Amazon S3 key format for log objects. See below.\n" }, "targetPrefix": { "type": "string", "description": "Prefix for all log object keys.\n" } }, "requiredInputs": [ "bucket", "targetBucket", "targetPrefix" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketLoggingV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "targetBucket": { "type": "string", "description": "Name of the bucket where you want Amazon S3 to store server access logs.\n" }, "targetGrants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetGrant:BucketLoggingV2TargetGrant" }, "description": "Set of configuration blocks with information for granting permissions. See below.\n" }, "targetObjectKeyFormat": { "$ref": "#/types/aws:s3/BucketLoggingV2TargetObjectKeyFormat:BucketLoggingV2TargetObjectKeyFormat", "description": "Amazon S3 key format for log objects. See below.\n" }, "targetPrefix": { "type": "string", "description": "Prefix for all log object keys.\n" } }, "type": "object" } }, "aws:s3/bucketMetric:BucketMetric": { "description": "Provides a S3 bucket [metrics configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html) resource.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add metrics configuration for entire S3 bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_entire_bucket = new aws.s3.BucketMetric(\"example-entire-bucket\", {\n bucket: example.id,\n name: \"EntireBucket\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_entire_bucket = aws.s3.BucketMetric(\"example-entire-bucket\",\n bucket=example.id,\n name=\"EntireBucket\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_entire_bucket = new Aws.S3.BucketMetric(\"example-entire-bucket\", new()\n {\n Bucket = example.Id,\n Name = \"EntireBucket\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketMetric(ctx, \"example-entire-bucket\", \u0026s3.BucketMetricArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"EntireBucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketMetric;\nimport com.pulumi.aws.s3.BucketMetricArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_entire_bucket = new BucketMetric(\"example-entire-bucket\", BucketMetricArgs.builder()\n .bucket(example.id())\n .name(\"EntireBucket\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n example-entire-bucket:\n type: aws:s3:BucketMetric\n properties:\n bucket: ${example.id}\n name: EntireBucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add metrics configuration with S3 object filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_filtered = new aws.s3.BucketMetric(\"example-filtered\", {\n bucket: example.id,\n name: \"ImportantBlueDocuments\",\n filter: {\n prefix: \"documents/\",\n tags: {\n priority: \"high\",\n \"class\": \"blue\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_filtered = aws.s3.BucketMetric(\"example-filtered\",\n bucket=example.id,\n name=\"ImportantBlueDocuments\",\n filter={\n \"prefix\": \"documents/\",\n \"tags\": {\n \"priority\": \"high\",\n \"class_\": \"blue\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_filtered = new Aws.S3.BucketMetric(\"example-filtered\", new()\n {\n Bucket = example.Id,\n Name = \"ImportantBlueDocuments\",\n Filter = new Aws.S3.Inputs.BucketMetricFilterArgs\n {\n Prefix = \"documents/\",\n Tags = \n {\n { \"priority\", \"high\" },\n { \"class\", \"blue\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketMetric(ctx, \"example-filtered\", \u0026s3.BucketMetricArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"ImportantBlueDocuments\"),\n\t\t\tFilter: \u0026s3.BucketMetricFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketMetric;\nimport com.pulumi.aws.s3.BucketMetricArgs;\nimport com.pulumi.aws.s3.inputs.BucketMetricFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_filtered = new BucketMetric(\"example-filtered\", BucketMetricArgs.builder()\n .bucket(example.id())\n .name(\"ImportantBlueDocuments\")\n .filter(BucketMetricFilterArgs.builder()\n .prefix(\"documents/\")\n .tags(Map.ofEntries(\n Map.entry(\"priority\", \"high\"),\n Map.entry(\"class\", \"blue\")\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n example-filtered:\n type: aws:s3:BucketMetric\n properties:\n bucket: ${example.id}\n name: ImportantBlueDocuments\n filter:\n prefix: documents/\n tags:\n priority: high\n class: blue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add metrics configuration with S3 object filter for S3 Access Point\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst example_access_point = new aws.s3.AccessPoint(\"example-access-point\", {\n bucket: example.id,\n name: \"example-access-point\",\n});\nconst example_filtered = new aws.s3.BucketMetric(\"example-filtered\", {\n bucket: example.id,\n name: \"ImportantBlueDocuments\",\n filter: {\n accessPoint: example_access_point.arn,\n tags: {\n priority: \"high\",\n \"class\": \"blue\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example-access-point\",\n bucket=example.id,\n name=\"example-access-point\")\nexample_filtered = aws.s3.BucketMetric(\"example-filtered\",\n bucket=example.id,\n name=\"ImportantBlueDocuments\",\n filter={\n \"access_point\": example_access_point.arn,\n \"tags\": {\n \"priority\": \"high\",\n \"class_\": \"blue\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var example_access_point = new Aws.S3.AccessPoint(\"example-access-point\", new()\n {\n Bucket = example.Id,\n Name = \"example-access-point\",\n });\n\n var example_filtered = new Aws.S3.BucketMetric(\"example-filtered\", new()\n {\n Bucket = example.Id,\n Name = \"ImportantBlueDocuments\",\n Filter = new Aws.S3.Inputs.BucketMetricFilterArgs\n {\n AccessPoint = example_access_point.Arn,\n Tags = \n {\n { \"priority\", \"high\" },\n { \"class\", \"blue\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewAccessPoint(ctx, \"example-access-point\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example-access-point\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketMetric(ctx, \"example-filtered\", \u0026s3.BucketMetricArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"ImportantBlueDocuments\"),\n\t\t\tFilter: \u0026s3.BucketMetricFilterArgs{\n\t\t\t\tAccessPoint: example_access_point.Arn,\n\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\"priority\": pulumi.String(\"high\"),\n\t\t\t\t\t\"class\": pulumi.String(\"blue\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3.BucketMetric;\nimport com.pulumi.aws.s3.BucketMetricArgs;\nimport com.pulumi.aws.s3.inputs.BucketMetricFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var example_access_point = new AccessPoint(\"example-access-point\", AccessPointArgs.builder()\n .bucket(example.id())\n .name(\"example-access-point\")\n .build());\n\n var example_filtered = new BucketMetric(\"example-filtered\", BucketMetricArgs.builder()\n .bucket(example.id())\n .name(\"ImportantBlueDocuments\")\n .filter(BucketMetricFilterArgs.builder()\n .accessPoint(example_access_point.arn())\n .tags(Map.ofEntries(\n Map.entry(\"priority\", \"high\"),\n Map.entry(\"class\", \"blue\")\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n example-access-point:\n type: aws:s3:AccessPoint\n properties:\n bucket: ${example.id}\n name: example-access-point\n example-filtered:\n type: aws:s3:BucketMetric\n properties:\n bucket: ${example.id}\n name: ImportantBlueDocuments\n filter:\n accessPoint: ${[\"example-access-point\"].arn}\n tags:\n priority: high\n class: blue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket metric configurations using `bucket:metric`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketMetric:BucketMetric my-bucket-entire-bucket my-bucket:EntireBucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to put metric configuration.\n" }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket. Must be less than or equal to 64 characters in length.\n" } }, "required": [ "bucket", "name" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket to put metric configuration.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketMetric resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to put metric configuration.\n", "willReplaceOnChanges": true }, "filter": { "$ref": "#/types/aws:s3/BucketMetricFilter:BucketMetricFilter", "description": "[Object filtering](http://docs.aws.amazon.com/AmazonS3/latest/dev/metrics-configurations.html#metrics-configurations-filter) that accepts a prefix, tags, or a logical AND of prefix and tags (documented below).\n" }, "name": { "type": "string", "description": "Unique identifier of the metrics configuration for the bucket. Must be less than or equal to 64 characters in length.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:s3/bucketNotification:BucketNotification": { "description": "Manages a S3 Bucket Notification Configuration. For additional information, see the [Configuring S3 Event Notifications section in the Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).\n\n\u003e **NOTE:** S3 Buckets only support a single notification configuration. Declaring multiple `aws.s3.BucketNotification` resources to the same S3 Bucket will cause a perpetual difference in configuration. See the example \"Trigger multiple Lambda functions\" for an option.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add notification configuration to SNS Topic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst topic = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"SNS:Publish\"],\n resources: [\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n conditions: [{\n test: \"ArnLike\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst topicTopic = new aws.sns.Topic(\"topic\", {\n name: \"s3-event-notification-topic\",\n policy: topic.apply(topic =\u003e topic.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n topics: [{\n topicArn: topicTopic.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\ntopic = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"s3.amazonaws.com\"],\n }],\n \"actions\": [\"SNS:Publish\"],\n \"resources\": [\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n \"conditions\": [{\n \"test\": \"ArnLike\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [bucket.arn],\n }],\n}])\ntopic_topic = aws.sns.Topic(\"topic\",\n name=\"s3-event-notification-topic\",\n policy=topic.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n topics=[{\n \"topic_arn\": topic_topic.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_suffix\": \".log\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var topic = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Resources = new[]\n {\n \"arn:aws:sns:*:*:s3-event-notification-topic\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnLike\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var topicTopic = new Aws.Sns.Topic(\"topic\", new()\n {\n Name = \"s3-event-notification-topic\",\n Policy = topic.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Topics = new[]\n {\n new Aws.S3.Inputs.BucketNotificationTopicArgs\n {\n TopicArn = topicTopic.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"s3.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SNS:Publish\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sns:*:*:s3-event-notification-topic\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnLike\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\ttopicTopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-topic\"),\n\t\t\tPolicy: pulumi.String(topic.ApplyT(func(topic iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026topic.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tTopics: s3.BucketNotificationTopicArray{\n\t\t\t\t\u0026s3.BucketNotificationTopicArgs{\n\t\t\t\t\tTopicArn: topicTopic.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n final var topic = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"SNS:Publish\")\n .resources(\"arn:aws:sns:*:*:s3-event-notification-topic\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnLike\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var topicTopic = new Topic(\"topicTopic\", TopicArgs.builder()\n .name(\"s3-event-notification-topic\")\n .policy(topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(topic -\u003e topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .topics(BucketNotificationTopicArgs.builder()\n .topicArn(topicTopic.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n topicTopic:\n type: aws:sns:Topic\n name: topic\n properties:\n name: s3-event-notification-topic\n policy: ${topic.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n topics:\n - topicArn: ${topicTopic.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n topic:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - SNS:Publish\n resources:\n - arn:aws:sns:*:*:s3-event-notification-topic\n conditions:\n - test: ArnLike\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [{\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"sqs:SendMessage\"],\n \"resources\": [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n \"conditions\": [{\n \"test\": \"ArnEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [bucket.arn],\n }],\n}])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[{\n \"queue_arn\": queue_queue.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_suffix\": \".log\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: pulumi.String(queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder()\n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .queues(BucketNotificationQueueArgs.builder()\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to Lambda Function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"your-function.zip\"),\n name: \"example_lambda_name\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket = new aws.lambda.Permission(\"allow_bucket\", {\n statementId: \"AllowExecutionFromS3Bucket\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [{\n lambdaFunctionArn: func.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n }],\n}, {\n dependsOn: [allowBucket],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"your-function.zip\"),\n name=\"example_lambda_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket = aws.lambda_.Permission(\"allow_bucket\",\n statement_id=\"AllowExecutionFromS3Bucket\",\n action=\"lambda:InvokeFunction\",\n function=func.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[{\n \"lambda_function_arn\": func.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_prefix\": \"AWSLogs/\",\n \"filter_suffix\": \".log\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[allow_bucket]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"your-function.zip\"),\n Name = \"example_lambda_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket = new Aws.Lambda.Permission(\"allow_bucket\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n allowBucket,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket, err := lambda.NewPermission(ctx, \"allow_bucket\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: _func.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tallowBucket,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder()\n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder()\n .code(new FileArchive(\"your-function.zip\"))\n .name(\"example_lambda_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket = new Permission(\"allowBucket\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromS3Bucket\")\n .action(\"lambda:InvokeFunction\")\n .function(func.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .lambdaFunctions(BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(allowBucket)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket:\n type: aws:lambda:Permission\n name: allow_bucket\n properties:\n statementId: AllowExecutionFromS3Bucket\n action: lambda:InvokeFunction\n function: ${func.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function.zip\n name: example_lambda_name\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\n options:\n dependson:\n - ${allowBucket}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Trigger multiple Lambda functions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func1 = new aws.lambda.Function(\"func1\", {\n code: new pulumi.asset.FileArchive(\"your-function1.zip\"),\n name: \"example_lambda_name1\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket1 = new aws.lambda.Permission(\"allow_bucket1\", {\n statementId: \"AllowExecutionFromS3Bucket1\",\n action: \"lambda:InvokeFunction\",\n \"function\": func1.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst func2 = new aws.lambda.Function(\"func2\", {\n code: new pulumi.asset.FileArchive(\"your-function2.zip\"),\n name: \"example_lambda_name2\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n});\nconst allowBucket2 = new aws.lambda.Permission(\"allow_bucket2\", {\n statementId: \"AllowExecutionFromS3Bucket2\",\n action: \"lambda:InvokeFunction\",\n \"function\": func2.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [\n {\n lambdaFunctionArn: func1.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n },\n {\n lambdaFunctionArn: func2.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"OtherLogs/\",\n filterSuffix: \".log\",\n },\n ],\n}, {\n dependsOn: [\n allowBucket1,\n allowBucket2,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"lambda.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc1 = aws.lambda_.Function(\"func1\",\n code=pulumi.FileArchive(\"your-function1.zip\"),\n name=\"example_lambda_name1\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket1 = aws.lambda_.Permission(\"allow_bucket1\",\n statement_id=\"AllowExecutionFromS3Bucket1\",\n action=\"lambda:InvokeFunction\",\n function=func1.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nfunc2 = aws.lambda_.Function(\"func2\",\n code=pulumi.FileArchive(\"your-function2.zip\"),\n name=\"example_lambda_name2\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\")\nallow_bucket2 = aws.lambda_.Permission(\"allow_bucket2\",\n statement_id=\"AllowExecutionFromS3Bucket2\",\n action=\"lambda:InvokeFunction\",\n function=func2.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[\n {\n \"lambda_function_arn\": func1.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_prefix\": \"AWSLogs/\",\n \"filter_suffix\": \".log\",\n },\n {\n \"lambda_function_arn\": func2.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_prefix\": \"OtherLogs/\",\n \"filter_suffix\": \".log\",\n },\n ],\n opts = pulumi.ResourceOptions(depends_on=[\n allow_bucket1,\n allow_bucket2,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func1 = new Aws.Lambda.Function(\"func1\", new()\n {\n Code = new FileArchive(\"your-function1.zip\"),\n Name = \"example_lambda_name1\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket1 = new Aws.Lambda.Permission(\"allow_bucket1\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket1\",\n Action = \"lambda:InvokeFunction\",\n Function = func1.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var func2 = new Aws.Lambda.Function(\"func2\", new()\n {\n Code = new FileArchive(\"your-function2.zip\"),\n Name = \"example_lambda_name2\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n });\n\n var allowBucket2 = new Aws.Lambda.Permission(\"allow_bucket2\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket2\",\n Action = \"lambda:InvokeFunction\",\n Function = func2.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func1.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func2.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"OtherLogs/\",\n FilterSuffix = \".log\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n allowBucket1,\n allowBucket2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc1, err := lambda.NewFunction(ctx, \"func1\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function1.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name1\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket1, err := lambda.NewPermission(ctx, \"allow_bucket1\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket1\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func1.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc2, err := lambda.NewFunction(ctx, \"func2\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function2.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name2\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket2, err := lambda.NewPermission(ctx, \"allow_bucket2\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket2\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func2.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func1.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func2.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"OtherLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tallowBucket1,\n\t\t\tallowBucket2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder()\n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func1 = new Function(\"func1\", FunctionArgs.builder()\n .code(new FileArchive(\"your-function1.zip\"))\n .name(\"example_lambda_name1\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket1 = new Permission(\"allowBucket1\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromS3Bucket1\")\n .action(\"lambda:InvokeFunction\")\n .function(func1.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var func2 = new Function(\"func2\", FunctionArgs.builder()\n .code(new FileArchive(\"your-function2.zip\"))\n .name(\"example_lambda_name2\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .build());\n\n var allowBucket2 = new Permission(\"allowBucket2\", PermissionArgs.builder()\n .statementId(\"AllowExecutionFromS3Bucket2\")\n .action(\"lambda:InvokeFunction\")\n .function(func2.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .lambdaFunctions( \n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func1.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build(),\n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func2.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"OtherLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n allowBucket1,\n allowBucket2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket1:\n type: aws:lambda:Permission\n name: allow_bucket1\n properties:\n statementId: AllowExecutionFromS3Bucket1\n action: lambda:InvokeFunction\n function: ${func1.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func1:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function1.zip\n name: example_lambda_name1\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n allowBucket2:\n type: aws:lambda:Permission\n name: allow_bucket2\n properties:\n statementId: AllowExecutionFromS3Bucket2\n action: lambda:InvokeFunction\n function: ${func2.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func2:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function2.zip\n name: example_lambda_name2\n role: ${iamForLambda.arn}\n handler: exports.example\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func1.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\n - lambdaFunctionArn: ${func2.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: OtherLogs/\n filterSuffix: .log\n options:\n dependson:\n - ${allowBucket1}\n - ${allowBucket2}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add multiple notification configurations to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [\n {\n id: \"image-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"images/\",\n },\n {\n id: \"video-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"videos/\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"sqs:SendMessage\"],\n \"resources\": [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n \"conditions\": [{\n \"test\": \"ArnEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [bucket.arn],\n }],\n}])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[\n {\n \"id\": \"image-upload-event\",\n \"queue_arn\": queue_queue.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_prefix\": \"images/\",\n },\n {\n \"id\": \"video-upload-event\",\n \"queue_arn\": queue_queue.arn,\n \"events\": [\"s3:ObjectCreated:*\"],\n \"filter_prefix\": \"videos/\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"image-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"images/\",\n },\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"video-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"videos/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: pulumi.String(queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"image-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"images/\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"video-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"videos/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder()\n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .queues( \n BucketNotificationQueueArgs.builder()\n .id(\"image-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"images/\")\n .build(),\n BucketNotificationQueueArgs.builder()\n .id(\"video-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"videos/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - id: image-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: images/\n - id: video-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: videos/\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFor JSON syntax, use an array instead of defining the `queue` key twice.\n\n```json\n{\n\t\"bucket\": \"${aws_s3_bucket.bucket.id}\",\n\t\"queue\": [\n\t\t{\n\t\t\t\"id\": \"image-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"images/\"\n\t\t},\n\t\t{\n\t\t\t\"id\": \"video-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"videos/\"\n\t\t}\n\t]\n}\n```\n\n### Emit events to EventBridge\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n eventbridge: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n eventbridge=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Eventbridge = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tEventbridge: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"your-bucket-name\")\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder()\n .bucket(bucket.id())\n .eventbridge(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n eventbridge: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket notification using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketNotification:BucketNotification bucket_notification bucket-name\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket for notification configuration.\n\nThe following arguments are optional:\n" }, "eventbridge": { "type": "boolean", "description": "Whether to enable Amazon EventBridge notifications. Defaults to `false`.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function. See below.\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "Notification configuration to SQS Queue. See below.\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "Notification configuration to SNS Topic. See below.\n" } }, "required": [ "bucket" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket for notification configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "eventbridge": { "type": "boolean", "description": "Whether to enable Amazon EventBridge notifications. Defaults to `false`.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function. See below.\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "Notification configuration to SQS Queue. See below.\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "Notification configuration to SNS Topic. See below.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketNotification resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket for notification configuration.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "eventbridge": { "type": "boolean", "description": "Whether to enable Amazon EventBridge notifications. Defaults to `false`.\n" }, "lambdaFunctions": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationLambdaFunction:BucketNotificationLambdaFunction" }, "description": "Used to configure notifications to a Lambda Function. See below.\n" }, "queues": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationQueue:BucketNotificationQueue" }, "description": "Notification configuration to SQS Queue. See below.\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketNotificationTopic:BucketNotificationTopic" }, "description": "Notification configuration to SNS Topic. See below.\n" } }, "type": "object" } }, "aws:s3/bucketObject:BucketObject": { "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObject(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObject(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObject(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"object\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: pulumi.String(invokeFilemd5.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObject\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder()\n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n}, {\n dependsOn: [exampleBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True,\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketVersioningV2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n options:\n dependson:\n - ${exampleBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example s3://some-bucket-name/some/key.txt\n```\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Defaults to `private`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n" }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"` (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations.\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Unique version ID value for the object, if bucket versioning is enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n" } }, "required": [ "arn", "bucket", "bucketKeyEnabled", "contentType", "etag", "key", "kmsKeyId", "serverSideEncryption", "storageClass", "tagsAll", "versionId" ], "inputProperties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Defaults to `private`.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"` (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations.\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketObject resources.\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Defaults to `private`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"` (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations.\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Unique version ID value for the object, if bucket versioning is enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n" } }, "type": "object" } }, "aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2": { "description": "Provides an S3 bucket Object Lock configuration resource. For more information about Object Locking, go to [Using S3 Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) in the Amazon S3 User Guide.\n\n\u003e This resource can be used enable Object Lock for **new** and **existing** buckets.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Object Lock configuration for new or existing buckets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"mybucket\"});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: example.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst exampleBucketObjectLockConfigurationV2 = new aws.s3.BucketObjectLockConfigurationV2(\"example\", {\n bucket: example.id,\n rule: {\n defaultRetention: {\n mode: \"COMPLIANCE\",\n days: 5,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"mybucket\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=example.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nexample_bucket_object_lock_configuration_v2 = aws.s3.BucketObjectLockConfigurationV2(\"example\",\n bucket=example.id,\n rule={\n \"default_retention\": {\n \"mode\": \"COMPLIANCE\",\n \"days\": 5,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"mybucket\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = example.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var exampleBucketObjectLockConfigurationV2 = new Aws.S3.BucketObjectLockConfigurationV2(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleArgs\n {\n DefaultRetention = new Aws.S3.Inputs.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs\n {\n Mode = \"COMPLIANCE\",\n Days = 5,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectLockConfigurationV2(ctx, \"example\", \u0026s3.BucketObjectLockConfigurationV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketObjectLockConfigurationV2RuleArgs{\n\t\t\t\tDefaultRetention: \u0026s3.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs{\n\t\t\t\t\tMode: pulumi.String(\"COMPLIANCE\"),\n\t\t\t\t\tDays: pulumi.Int(5),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObjectLockConfigurationV2;\nimport com.pulumi.aws.s3.BucketObjectLockConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketObjectLockConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketObjectLockConfigurationV2RuleDefaultRetentionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"mybucket\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(example.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var exampleBucketObjectLockConfigurationV2 = new BucketObjectLockConfigurationV2(\"exampleBucketObjectLockConfigurationV2\", BucketObjectLockConfigurationV2Args.builder()\n .bucket(example.id())\n .rule(BucketObjectLockConfigurationV2RuleArgs.builder()\n .defaultRetention(BucketObjectLockConfigurationV2RuleDefaultRetentionArgs.builder()\n .mode(\"COMPLIANCE\")\n .days(5)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: mybucket\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${example.id}\n versioningConfiguration:\n status: Enabled\n exampleBucketObjectLockConfigurationV2:\n type: aws:s3:BucketObjectLockConfigurationV2\n name: example\n properties:\n bucket: ${example.id}\n rule:\n defaultRetention:\n mode: COMPLIANCE\n days: 5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nimport {\n to = aws_s3_bucket_object_lock_configuration.example\n id = \"bucket-name,123456789012\"\n}\n\n__Using `pulumi import` to import__ S3 bucket Object Lock configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Defaults to `Enabled`. Valid values: `Enabled`.\n" }, "rule": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationV2Rule:BucketObjectLockConfigurationV2Rule", "description": "Configuration block for specifying the Object Lock rule for the specified object. See below.\n" }, "token": { "type": "string", "description": "This argument is deprecated and no longer needed to enable Object Lock.\nTo enable Object Lock for an existing bucket, you must first enable versioning on the bucket and then enable Object Lock. For more details on versioning, see the `aws.s3.BucketVersioningV2` resource.\n", "secret": true } }, "required": [ "bucket" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Defaults to `Enabled`. Valid values: `Enabled`.\n", "willReplaceOnChanges": true }, "rule": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationV2Rule:BucketObjectLockConfigurationV2Rule", "description": "Configuration block for specifying the Object Lock rule for the specified object. See below.\n" }, "token": { "type": "string", "description": "This argument is deprecated and no longer needed to enable Object Lock.\nTo enable Object Lock for an existing bucket, you must first enable versioning on the bucket and then enable Object Lock. For more details on versioning, see the `aws.s3.BucketVersioningV2` resource.\n", "secret": true } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketObjectLockConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "objectLockEnabled": { "type": "string", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Defaults to `Enabled`. Valid values: `Enabled`.\n", "willReplaceOnChanges": true }, "rule": { "$ref": "#/types/aws:s3/BucketObjectLockConfigurationV2Rule:BucketObjectLockConfigurationV2Rule", "description": "Configuration block for specifying the Object Lock rule for the specified object. See below.\n" }, "token": { "type": "string", "description": "This argument is deprecated and no longer needed to enable Object Lock.\nTo enable Object Lock for an existing bucket, you must first enable versioning on the bucket and then enable Object Lock. For more details on versioning, see the `aws.s3.BucketVersioningV2` resource.\n", "secret": true } }, "type": "object" } }, "aws:s3/bucketObjectv2:BucketObjectv2": { "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: pulumi.String(invokeFilemd5.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder()\n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder()\n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n}, {\n dependsOn: [exampleBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True,\n opts = pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketVersioningV2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder()\n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n options:\n dependson:\n - ${exampleBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Provider `default_tags`\n\nS3 objects support a [maximum of 10 tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html).\nIf the resource's own `tags` and the provider-level `default_tags` would together lead to more than 10 tags on an S3 object, use the `override_provider` configuration block to suppress any provider-level `default_tags`.\n\n\u003e S3 objects stored in Amazon S3 Express directory buckets do not support tags, so any provider-level `default_tags` must be suppressed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n tags: {\n Env: \"test\",\n },\n overrideProvider: {\n defaultTags: {\n tags: {},\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n tags={\n \"Env\": \"test\",\n },\n override_provider={\n \"default_tags\": {\n \"tags\": {},\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n Tags = \n {\n { \"Env\", \"test\" },\n },\n OverrideProvider = new Aws.S3.Inputs.BucketObjectv2OverrideProviderArgs\n {\n DefaultTags = new Aws.S3.Inputs.BucketObjectv2OverrideProviderDefaultTagsArgs\n {\n Tags = null,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tOverrideProvider: \u0026s3.BucketObjectv2OverrideProviderArgs{\n\t\t\t\tDefaultTags: \u0026s3.BucketObjectv2OverrideProviderDefaultTagsArgs{\n\t\t\t\t\tTags: nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderArgs;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderDefaultTagsArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder()\n .bucket(\"examplebuckettftest\")\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder()\n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .tags(Map.of(\"Env\", \"test\"))\n .overrideProvider(BucketObjectv2OverrideProviderArgs.builder()\n .defaultTags(BucketObjectv2OverrideProviderDefaultTagsArgs.builder()\n .tags()\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n tags:\n Env: test\n overrideProvider:\n defaultTags:\n tags: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example s3://some-bucket-name/some/key.txt\n```\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n" }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "checksumCrc32": { "type": "string", "description": "The base64-encoded, 32-bit CRC32 checksum of the object.\n" }, "checksumCrc32c": { "type": "string", "description": "The base64-encoded, 32-bit CRC32C checksum of the object.\n" }, "checksumSha1": { "type": "string", "description": "The base64-encoded, 160-bit SHA-1 digest of the object.\n" }, "checksumSha256": { "type": "string", "description": "The base64-encoded, 256-bit SHA-256 digest of the object.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`, also if an object is larger than 16 MB, the AWS Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag will not be an MD5 digest (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n" }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "overrideProvider": { "$ref": "#/types/aws:s3/BucketObjectv2OverrideProvider:BucketObjectv2OverrideProvider", "description": "Override provider-level configuration options. See Override Provider below for more details.\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations. (The value is only stored in state and not saved by AWS.)\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Unique version ID value for the object, if bucket versioning is enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n\n\u003e **Note:** The provider ignores all leading `/`s in the object's `key` and treats multiple `/`s in the rest of the object's `key` as a single `/`, so values of `/index.html` and `index.html` correspond to the same S3 object as do `first//second///third//` and `first/second/third/`.\n" } }, "required": [ "acl", "arn", "bucket", "bucketKeyEnabled", "checksumCrc32", "checksumCrc32c", "checksumSha1", "checksumSha256", "contentType", "etag", "key", "kmsKeyId", "serverSideEncryption", "storageClass", "tagsAll", "versionId" ], "inputProperties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`, also if an object is larger than 16 MB, the AWS Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag will not be an MD5 digest (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "overrideProvider": { "$ref": "#/types/aws:s3/BucketObjectv2OverrideProvider:BucketObjectv2OverrideProvider", "description": "Override provider-level configuration options. See Override Provider below for more details.\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations. (The value is only stored in state and not saved by AWS.)\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n\n\u003e **Note:** The provider ignores all leading `/`s in the object's `key` and treats multiple `/`s in the rest of the object's `key` as a single `/`, so values of `/index.html` and `index.html` correspond to the same S3 object as do `first//second///third//` and `first/second/third/`.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketObjectv2 resources.\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, `bucket-owner-read`, and `bucket-owner-full-control`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:s3/bucket:Bucket" } ], "description": "Name of the bucket to put the file in. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" }, "cacheControl": { "type": "string", "description": "Caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "checksumCrc32": { "type": "string", "description": "The base64-encoded, 32-bit CRC32 checksum of the object.\n" }, "checksumCrc32c": { "type": "string", "description": "The base64-encoded, 32-bit CRC32C checksum of the object.\n" }, "checksumSha1": { "type": "string", "description": "The base64-encoded, 160-bit SHA-1 digest of the object.\n" }, "checksumSha256": { "type": "string", "description": "The base64-encoded, 256-bit SHA-256 digest of the object.\n" }, "content": { "type": "string", "description": "Literal string value to use as the object content, which will be uploaded as UTF-8-encoded text.\n" }, "contentBase64": { "type": "string", "description": "Base64-encoded data that will be decoded and uploaded as raw bytes for the object content. This allows safely uploading non-UTF8 binary data, but is recommended only for small content such as the result of the `gzipbase64` function with small text strings. For larger objects, use `source` to stream the content from a disk file.\n" }, "contentDisposition": { "type": "string", "description": "Presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Content encodings that have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., application/octet-stream. All Valid MIME Types are valid for this input.\n" }, "etag": { "type": "string", "description": "Triggers updates when the value changes. This attribute is not compatible with KMS encryption, `kms_key_id` or `server_side_encryption = \"aws:kms\"`, also if an object is larger than 16 MB, the AWS Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag will not be an MD5 digest (see `source_hash` instead).\n" }, "forceDestroy": { "type": "boolean", "description": "Whether to allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "ARN of the KMS Key to use for object encryption. If the S3 Bucket has server-side encryption enabled, that value will automatically be used. If referencing the `aws.kms.Key` resource, use the `arn` attribute. If referencing the `aws.kms.Alias` data source or resource, use the `target_key_arn` attribute. The provider will only perform drift detection if a configuration value is provided.\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "[Legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "overrideProvider": { "$ref": "#/types/aws:s3/BucketObjectv2OverrideProvider:BucketObjectv2OverrideProvider", "description": "Override provider-level configuration options. See Override Provider below for more details.\n" }, "serverSideEncryption": { "type": "string", "description": "Server-side encryption of the object in S3. Valid values are \"`AES256`\" and \"`aws:kms`\".\n" }, "source": { "$ref": "pulumi.json#/Asset", "description": "Path to a file that will be read and uploaded as raw bytes for the object content.\n" }, "sourceHash": { "type": "string", "description": "Triggers updates like `etag` but useful to address `etag` encryption limitations. (The value is only stored in state and not saved by AWS.)\n" }, "storageClass": { "type": "string", "description": "[Storage Class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html#AmazonS3-PutObject-request-header-StorageClass) for the object. Defaults to \"`STANDARD`\".\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Unique version ID value for the object, if bucket versioning is enabled.\n" }, "websiteRedirect": { "type": "string", "description": "Target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n\nIf no content is provided through `source`, `content` or `content_base64`, then the object will be empty.\n\n\u003e **Note:** The provider ignores all leading `/`s in the object's `key` and treats multiple `/`s in the rest of the object's `key` as a single `/`, so values of `/index.html` and `index.html` correspond to the same S3 object as do `first//second///third//` and `first/second/third/`.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:s3/BucketObject:BucketObject" } ] }, "aws:s3/bucketOwnershipControls:BucketOwnershipControls": { "description": "Provides a resource to manage S3 Bucket Ownership Controls. For more information, see the [S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule={\n \"object_ownership\": \"BucketOwnerPreferred\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder()\n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Bucket Ownership Controls using S3 Bucket name. For example:\n\n```sh\n$ pulumi import aws:s3/bucketOwnershipControls:BucketOwnershipControls example my-bucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket that you want to associate this access point with.\n" }, "rule": { "$ref": "#/types/aws:s3/BucketOwnershipControlsRule:BucketOwnershipControlsRule", "description": "Configuration block(s) with Ownership Controls rules. Detailed below.\n" } }, "required": [ "bucket", "rule" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket that you want to associate this access point with.\n", "willReplaceOnChanges": true }, "rule": { "$ref": "#/types/aws:s3/BucketOwnershipControlsRule:BucketOwnershipControlsRule", "description": "Configuration block(s) with Ownership Controls rules. Detailed below.\n" } }, "requiredInputs": [ "bucket", "rule" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketOwnershipControls resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket that you want to associate this access point with.\n", "willReplaceOnChanges": true }, "rule": { "$ref": "#/types/aws:s3/BucketOwnershipControlsRule:BucketOwnershipControlsRule", "description": "Configuration block(s) with Ownership Controls rules. Detailed below.\n" } }, "type": "object" } }, "aws:s3/bucketPolicy:BucketPolicy": { "description": "Attaches a policy to an S3 bucket resource.\n\n\u003e Policies can be attached to both S3 general purpose buckets and S3 directory buckets.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-test-bucket\"});\nconst allowAccessFromAnotherAccount = aws.iam.getPolicyDocumentOutput({\n statements: [{\n principals: [{\n type: \"AWS\",\n identifiers: [\"123456789012\"],\n }],\n actions: [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n resources: [\n example.arn,\n pulumi.interpolate`${example.arn}/*`,\n ],\n }],\n});\nconst allowAccessFromAnotherAccountBucketPolicy = new aws.s3.BucketPolicy(\"allow_access_from_another_account\", {\n bucket: example.id,\n policy: allowAccessFromAnotherAccount.apply(allowAccessFromAnotherAccount =\u003e allowAccessFromAnotherAccount.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-test-bucket\")\nallow_access_from_another_account = aws.iam.get_policy_document_output(statements=[{\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"123456789012\"],\n }],\n \"actions\": [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n \"resources\": [\n example.arn,\n example.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n}])\nallow_access_from_another_account_bucket_policy = aws.s3.BucketPolicy(\"allow_access_from_another_account\",\n bucket=example.id,\n policy=allow_access_from_another_account.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-test-bucket\",\n });\n\n var allowAccessFromAnotherAccount = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"123456789012\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetObject\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n example.Arn,\n $\"{example.Arn}/*\",\n },\n },\n },\n });\n\n var allowAccessFromAnotherAccountBucketPolicy = new Aws.S3.BucketPolicy(\"allow_access_from_another_account\", new()\n {\n Bucket = example.Id,\n Policy = allowAccessFromAnotherAccount.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowAccessFromAnotherAccount := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn,\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = s3.NewBucketPolicy(ctx, \"allow_access_from_another_account\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tPolicy: pulumi.String(allowAccessFromAnotherAccount.ApplyT(func(allowAccessFromAnotherAccount iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026allowAccessFromAnotherAccount.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-test-bucket\")\n .build());\n\n final var allowAccessFromAnotherAccount = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"123456789012\")\n .build())\n .actions( \n \"s3:GetObject\",\n \"s3:ListBucket\")\n .resources( \n example.arn(),\n example.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var allowAccessFromAnotherAccountBucketPolicy = new BucketPolicy(\"allowAccessFromAnotherAccountBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(example.id())\n .policy(allowAccessFromAnotherAccount.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(allowAccessFromAnotherAccount -\u003e allowAccessFromAnotherAccount.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-test-bucket\n allowAccessFromAnotherAccountBucketPolicy:\n type: aws:s3:BucketPolicy\n name: allow_access_from_another_account\n properties:\n bucket: ${example.id}\n policy: ${allowAccessFromAnotherAccount.json}\nvariables:\n allowAccessFromAnotherAccount:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - principals:\n - type: AWS\n identifiers:\n - '123456789012'\n actions:\n - s3:GetObject\n - s3:ListBucket\n resources:\n - ${example.arn}\n - ${example.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket policies using the bucket name. For example:\n\n```sh\n$ pulumi import aws:s3/bucketPolicy:BucketPolicy allow_access_from_another_account my-tf-test-bucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to which to apply the policy.\n" }, "policy": { "type": "string", "description": "Text of the policy. Although this is a bucket policy rather than an IAM policy, the `aws.iam.getPolicyDocument` data source may be used, so long as it specifies a principal. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide. Note: Bucket policies are limited to 20 KB in size.\n" } }, "required": [ "bucket", "policy" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket to which to apply the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Text of the policy. Although this is a bucket policy rather than an IAM policy, the `aws.iam.getPolicyDocument` data source may be used, so long as it specifies a principal. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide. Note: Bucket policies are limited to 20 KB in size.\n" } }, "requiredInputs": [ "bucket", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketPolicy resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to which to apply the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "Text of the policy. Although this is a bucket policy rather than an IAM policy, the `aws.iam.getPolicyDocument` data source may be used, so long as it specifies a principal. For more information about building AWS IAM policy documents, see the AWS IAM Policy Document Guide. Note: Bucket policies are limited to 20 KB in size.\n" } }, "type": "object" } }, "aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock": { "description": "Manages S3 bucket-level Public Access Block configuration. For more information about these settings, see the [AWS S3 Block Public Access documentation](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(\"example\", {\n bucket: example.id,\n blockPublicAcls: true,\n blockPublicPolicy: true,\n ignorePublicAcls: true,\n restrictPublicBuckets: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_public_access_block = aws.s3.BucketPublicAccessBlock(\"example\",\n bucket=example.id,\n block_public_acls=True,\n block_public_policy=True,\n ignore_public_acls=True,\n restrict_public_buckets=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketPublicAccessBlock = new Aws.S3.BucketPublicAccessBlock(\"example\", new()\n {\n Bucket = example.Id,\n BlockPublicAcls = true,\n BlockPublicPolicy = true,\n IgnorePublicAcls = true,\n RestrictPublicBuckets = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPublicAccessBlock(ctx, \"example\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\tBlockPublicPolicy: pulumi.Bool(true),\n\t\t\tIgnorePublicAcls: pulumi.Bool(true),\n\t\t\tRestrictPublicBuckets: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPublicAccessBlock;\nimport com.pulumi.aws.s3.BucketPublicAccessBlockArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketPublicAccessBlock = new BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\", BucketPublicAccessBlockArgs.builder()\n .bucket(example.id())\n .blockPublicAcls(true)\n .blockPublicPolicy(true)\n .ignorePublicAcls(true)\n .restrictPublicBuckets(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleBucketPublicAccessBlock:\n type: aws:s3:BucketPublicAccessBlock\n name: example\n properties:\n bucket: ${example.id}\n blockPublicAcls: true\n blockPublicPolicy: true\n ignorePublicAcls: true\n restrictPublicBuckets: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_s3_bucket_public_access_block` using the bucket name. For example:\n\n```sh\n$ pulumi import aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock example my-bucket\n```\n", "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n" }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "required": [ "bucket" ], "inputProperties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n", "willReplaceOnChanges": true }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketPublicAccessBlock resources.\n", "properties": { "blockPublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should block public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:\n* PUT Bucket acl and PUT Object acl calls will fail if the specified ACL allows public access.\n* PUT Object calls will fail if the request includes an object ACL.\n" }, "blockPublicPolicy": { "type": "boolean", "description": "Whether Amazon S3 should block public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the existing bucket policy. When set to `true` causes Amazon S3 to:\n* Reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n" }, "bucket": { "type": "string", "description": "S3 Bucket to which this Public Access Block configuration should be applied.\n", "willReplaceOnChanges": true }, "ignorePublicAcls": { "type": "boolean", "description": "Whether Amazon S3 should ignore public ACLs for this bucket. Defaults to `false`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:\n* Ignore public ACLs on this bucket and any objects that it contains.\n" }, "restrictPublicBuckets": { "type": "boolean", "description": "Whether Amazon S3 should restrict public bucket policies for this bucket. Defaults to `false`. Enabling this setting does not affect the previously stored bucket policy, except that public and cross-account access within the public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:\n* Only the bucket owner and AWS Services can access this buckets if it has a public policy.\n" } }, "type": "object" } }, "aws:s3/bucketReplicationConfig:BucketReplicationConfig": { "description": "Provides an independent configuration resource for S3 bucket [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html).\n\n\u003e **NOTE:** S3 Buckets only support a single replication configuration. Declaring multiple `aws.s3.BucketReplicationConfig` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Using replication configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst replicationRole = new aws.iam.Role(\"replication\", {\n name: \"tf-iam-role-replication-12345\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst destination = new aws.s3.BucketV2(\"destination\", {bucket: \"tf-test-bucket-destination-12345\"});\nconst source = new aws.s3.BucketV2(\"source\", {bucket: \"tf-test-bucket-source-12345\"});\nconst replication = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n resources: [source.arn],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n resources: [pulumi.interpolate`${source.arn}/*`],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n resources: [pulumi.interpolate`${destination.arn}/*`],\n },\n ],\n});\nconst replicationPolicy = new aws.iam.Policy(\"replication\", {\n name: \"tf-iam-role-policy-replication-12345\",\n policy: replication.apply(replication =\u003e replication.json),\n});\nconst replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"replication\", {\n role: replicationRole.name,\n policyArn: replicationPolicy.arn,\n});\nconst destinationBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"destination\", {\n bucket: destination.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst sourceBucketAcl = new aws.s3.BucketAclV2(\"source_bucket_acl\", {\n bucket: source.id,\n acl: \"private\",\n});\nconst sourceBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"source\", {\n bucket: source.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst replicationBucketReplicationConfig = new aws.s3.BucketReplicationConfig(\"replication\", {\n role: replicationRole.arn,\n bucket: source.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: destination.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [sourceBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"s3.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nreplication_role = aws.iam.Role(\"replication\",\n name=\"tf-iam-role-replication-12345\",\n assume_role_policy=assume_role.json)\ndestination = aws.s3.BucketV2(\"destination\", bucket=\"tf-test-bucket-destination-12345\")\nsource = aws.s3.BucketV2(\"source\", bucket=\"tf-test-bucket-source-12345\")\nreplication = aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n \"resources\": [source.arn],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n \"resources\": [source.arn.apply(lambda arn: f\"{arn}/*\")],\n },\n {\n \"effect\": \"Allow\",\n \"actions\": [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n \"resources\": [destination.arn.apply(lambda arn: f\"{arn}/*\")],\n },\n])\nreplication_policy = aws.iam.Policy(\"replication\",\n name=\"tf-iam-role-policy-replication-12345\",\n policy=replication.json)\nreplication_role_policy_attachment = aws.iam.RolePolicyAttachment(\"replication\",\n role=replication_role.name,\n policy_arn=replication_policy.arn)\ndestination_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"destination\",\n bucket=destination.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nsource_bucket_acl = aws.s3.BucketAclV2(\"source_bucket_acl\",\n bucket=source.id,\n acl=\"private\")\nsource_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"source\",\n bucket=source.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nreplication_bucket_replication_config = aws.s3.BucketReplicationConfig(\"replication\",\n role=replication_role.arn,\n bucket=source.id,\n rules=[{\n \"id\": \"foobar\",\n \"filter\": {\n \"prefix\": \"foo\",\n },\n \"status\": \"Enabled\",\n \"destination\": {\n \"bucket\": destination.arn,\n \"storage_class\": \"STANDARD\",\n },\n }],\n opts = pulumi.ResourceOptions(depends_on=[source_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var replicationRole = new Aws.Iam.Role(\"replication\", new()\n {\n Name = \"tf-iam-role-replication-12345\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var destination = new Aws.S3.BucketV2(\"destination\", new()\n {\n Bucket = \"tf-test-bucket-destination-12345\",\n });\n\n var source = new Aws.S3.BucketV2(\"source\", new()\n {\n Bucket = \"tf-test-bucket-source-12345\",\n });\n\n var replication = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n source.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n },\n Resources = new[]\n {\n $\"{source.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n },\n Resources = new[]\n {\n $\"{destination.Arn}/*\",\n },\n },\n },\n });\n\n var replicationPolicy = new Aws.Iam.Policy(\"replication\", new()\n {\n Name = \"tf-iam-role-policy-replication-12345\",\n PolicyDocument = replication.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"replication\", new()\n {\n Role = replicationRole.Name,\n PolicyArn = replicationPolicy.Arn,\n });\n\n var destinationBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"destination\", new()\n {\n Bucket = destination.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var sourceBucketAcl = new Aws.S3.BucketAclV2(\"source_bucket_acl\", new()\n {\n Bucket = source.Id,\n Acl = \"private\",\n });\n\n var sourceBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"source\", new()\n {\n Bucket = source.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var replicationBucketReplicationConfig = new Aws.S3.BucketReplicationConfig(\"replication\", new()\n {\n Role = replicationRole.Arn,\n Bucket = source.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = destination.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n sourceBucketVersioningV2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"s3.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplicationRole, err := iam.NewRole(ctx, \"replication\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-replication-12345\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdestination, err := s3.NewBucketV2(ctx, \"destination\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-destination-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsource, err := s3.NewBucketV2(ctx, \"source\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-source-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplication := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetReplicationConfiguration\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionForReplication\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionTagging\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateDelete\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateTags\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tdestination.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\treplicationPolicy, err := iam.NewPolicy(ctx, \"replication\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-policy-replication-12345\"),\n\t\t\tPolicy: pulumi.String(replication.ApplyT(func(replication iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026replication.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"replication\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: replicationRole.Name,\n\t\t\tPolicyArn: replicationPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"destination\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: destination.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"source_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsourceBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"source\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"replication\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: replicationRole.Arn,\n\t\t\tBucket: source.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: destination.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsourceBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var replicationRole = new Role(\"replicationRole\", RoleArgs.builder()\n .name(\"tf-iam-role-replication-12345\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var destination = new BucketV2(\"destination\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket-destination-12345\")\n .build());\n\n var source = new BucketV2(\"source\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket-source-12345\")\n .build());\n\n final var replication = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\")\n .resources(source.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\")\n .resources(source.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\")\n .resources(destination.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var replicationPolicy = new Policy(\"replicationPolicy\", PolicyArgs.builder()\n .name(\"tf-iam-role-policy-replication-12345\")\n .policy(replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(replication -\u003e replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var replicationRolePolicyAttachment = new RolePolicyAttachment(\"replicationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(replicationRole.name())\n .policyArn(replicationPolicy.arn())\n .build());\n\n var destinationBucketVersioningV2 = new BucketVersioningV2(\"destinationBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(destination.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var sourceBucketAcl = new BucketAclV2(\"sourceBucketAcl\", BucketAclV2Args.builder()\n .bucket(source.id())\n .acl(\"private\")\n .build());\n\n var sourceBucketVersioningV2 = new BucketVersioningV2(\"sourceBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(source.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var replicationBucketReplicationConfig = new BucketReplicationConfig(\"replicationBucketReplicationConfig\", BucketReplicationConfigArgs.builder()\n .role(replicationRole.arn())\n .bucket(source.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(destination.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(sourceBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationRole:\n type: aws:iam:Role\n name: replication\n properties:\n name: tf-iam-role-replication-12345\n assumeRolePolicy: ${assumeRole.json}\n replicationPolicy:\n type: aws:iam:Policy\n name: replication\n properties:\n name: tf-iam-role-policy-replication-12345\n policy: ${replication.json}\n replicationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: replication\n properties:\n role: ${replicationRole.name}\n policyArn: ${replicationPolicy.arn}\n destination:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-destination-12345\n destinationBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: destination\n properties:\n bucket: ${destination.id}\n versioningConfiguration:\n status: Enabled\n source:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-source-12345\n sourceBucketAcl:\n type: aws:s3:BucketAclV2\n name: source_bucket_acl\n properties:\n bucket: ${source.id}\n acl: private\n sourceBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: source\n properties:\n bucket: ${source.id}\n versioningConfiguration:\n status: Enabled\n replicationBucketReplicationConfig:\n type: aws:s3:BucketReplicationConfig\n name: replication\n properties:\n role: ${replicationRole.arn}\n bucket: ${source.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${destination.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${sourceBucketVersioningV2}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - sts:AssumeRole\n replication:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:GetReplicationConfiguration\n - s3:ListBucket\n resources:\n - ${source.arn}\n - effect: Allow\n actions:\n - s3:GetObjectVersionForReplication\n - s3:GetObjectVersionAcl\n - s3:GetObjectVersionTagging\n resources:\n - ${source.arn}/*\n - effect: Allow\n actions:\n - s3:ReplicateObject\n - s3:ReplicateDelete\n - s3:ReplicateTags\n resources:\n - ${destination.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Bi-Directional Replication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ... other configuration ...\nconst east = new aws.s3.BucketV2(\"east\", {bucket: \"tf-test-bucket-east-12345\"});\nconst eastBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"east\", {\n bucket: east.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst west = new aws.s3.BucketV2(\"west\", {bucket: \"tf-test-bucket-west-12345\"});\nconst westBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"west\", {\n bucket: west.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst eastToWest = new aws.s3.BucketReplicationConfig(\"east_to_west\", {\n role: eastReplication.arn,\n bucket: east.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: west.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [eastBucketVersioningV2],\n});\nconst westToEast = new aws.s3.BucketReplicationConfig(\"west_to_east\", {\n role: westReplication.arn,\n bucket: west.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: east.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [westBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ... other configuration ...\neast = aws.s3.BucketV2(\"east\", bucket=\"tf-test-bucket-east-12345\")\neast_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"east\",\n bucket=east.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nwest = aws.s3.BucketV2(\"west\", bucket=\"tf-test-bucket-west-12345\")\nwest_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"west\",\n bucket=west.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\neast_to_west = aws.s3.BucketReplicationConfig(\"east_to_west\",\n role=east_replication[\"arn\"],\n bucket=east.id,\n rules=[{\n \"id\": \"foobar\",\n \"filter\": {\n \"prefix\": \"foo\",\n },\n \"status\": \"Enabled\",\n \"destination\": {\n \"bucket\": west.arn,\n \"storage_class\": \"STANDARD\",\n },\n }],\n opts = pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2]))\nwest_to_east = aws.s3.BucketReplicationConfig(\"west_to_east\",\n role=west_replication[\"arn\"],\n bucket=west.id,\n rules=[{\n \"id\": \"foobar\",\n \"filter\": {\n \"prefix\": \"foo\",\n },\n \"status\": \"Enabled\",\n \"destination\": {\n \"bucket\": east.arn,\n \"storage_class\": \"STANDARD\",\n },\n }],\n opts = pulumi.ResourceOptions(depends_on=[west_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ... other configuration ...\n var east = new Aws.S3.BucketV2(\"east\", new()\n {\n Bucket = \"tf-test-bucket-east-12345\",\n });\n\n var eastBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"east\", new()\n {\n Bucket = east.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var west = new Aws.S3.BucketV2(\"west\", new()\n {\n Bucket = \"tf-test-bucket-west-12345\",\n });\n\n var westBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"west\", new()\n {\n Bucket = west.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var eastToWest = new Aws.S3.BucketReplicationConfig(\"east_to_west\", new()\n {\n Role = eastReplication.Arn,\n Bucket = east.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = west.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n eastBucketVersioningV2,\n },\n });\n\n var westToEast = new Aws.S3.BucketReplicationConfig(\"west_to_east\", new()\n {\n Role = westReplication.Arn,\n Bucket = west.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = east.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n westBucketVersioningV2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ... other configuration ...\n\t\teast, err := s3.NewBucketV2(ctx, \"east\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-east-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teastBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"east\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: east.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twest, err := s3.NewBucketV2(ctx, \"west\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-west-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twestBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"west\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: west.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"east_to_west\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(eastReplication.Arn),\n\t\t\tBucket: east.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: west.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\teastBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"west_to_east\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(westReplication.Arn),\n\t\t\tBucket: west.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: east.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twestBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ... other configuration ...\n var east = new BucketV2(\"east\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket-east-12345\")\n .build());\n\n var eastBucketVersioningV2 = new BucketVersioningV2(\"eastBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(east.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var west = new BucketV2(\"west\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket-west-12345\")\n .build());\n\n var westBucketVersioningV2 = new BucketVersioningV2(\"westBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(west.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var eastToWest = new BucketReplicationConfig(\"eastToWest\", BucketReplicationConfigArgs.builder()\n .role(eastReplication.arn())\n .bucket(east.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(west.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(eastBucketVersioningV2)\n .build());\n\n var westToEast = new BucketReplicationConfig(\"westToEast\", BucketReplicationConfigArgs.builder()\n .role(westReplication.arn())\n .bucket(west.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(east.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(westBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ... other configuration ...\n east:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-east-12345\n eastBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: east\n properties:\n bucket: ${east.id}\n versioningConfiguration:\n status: Enabled\n west:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-west-12345\n westBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: west\n properties:\n bucket: ${west.id}\n versioningConfiguration:\n status: Enabled\n eastToWest:\n type: aws:s3:BucketReplicationConfig\n name: east_to_west\n properties:\n role: ${eastReplication.arn}\n bucket: ${east.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${west.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${eastBucketVersioningV2}\n westToEast:\n type: aws:s3:BucketReplicationConfig\n name: west_to_east\n properties:\n role: ${westReplication.arn}\n bucket: ${west.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${east.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${westBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket replication configuration using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-name\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n" }, "role": { "type": "string", "description": "ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketReplicationConfigRule:BucketReplicationConfigRule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" }, "token": { "type": "string", "description": "Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's \"Object Lock token\".\nFor more details, see [Using S3 Object Lock with replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication).\n", "secret": true } }, "required": [ "bucket", "role", "rules" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n", "willReplaceOnChanges": true }, "role": { "type": "string", "description": "ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketReplicationConfigRule:BucketReplicationConfigRule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" }, "token": { "type": "string", "description": "Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's \"Object Lock token\".\nFor more details, see [Using S3 Object Lock with replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication).\n", "secret": true } }, "requiredInputs": [ "bucket", "role", "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketReplicationConfig resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the source S3 bucket you want Amazon S3 to monitor.\n", "willReplaceOnChanges": true }, "role": { "type": "string", "description": "ARN of the IAM role for Amazon S3 to assume when replicating the objects.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketReplicationConfigRule:BucketReplicationConfigRule" }, "description": "List of configuration blocks describing the rules managing the replication. See below.\n" }, "token": { "type": "string", "description": "Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's \"Object Lock token\".\nFor more details, see [Using S3 Object Lock with replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-replication).\n", "secret": true } }, "type": "object" } }, "aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2": { "description": "Provides an S3 bucket request payment configuration resource. For more information, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html).\n\n\u003e **NOTE:** Destroying an `aws.s3.BucketRequestPaymentConfigurationV2` resource resets the bucket's `payer` to the S3 default: the bucket owner.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketRequestPaymentConfigurationV2(\"example\", {\n bucket: exampleAwsS3Bucket.id,\n payer: \"Requester\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketRequestPaymentConfigurationV2(\"example\",\n bucket=example_aws_s3_bucket[\"id\"],\n payer=\"Requester\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketRequestPaymentConfigurationV2(\"example\", new()\n {\n Bucket = exampleAwsS3Bucket.Id,\n Payer = \"Requester\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketRequestPaymentConfigurationV2(ctx, \"example\", \u0026s3.BucketRequestPaymentConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tPayer: pulumi.String(\"Requester\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketRequestPaymentConfigurationV2;\nimport com.pulumi.aws.s3.BucketRequestPaymentConfigurationV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketRequestPaymentConfigurationV2(\"example\", BucketRequestPaymentConfigurationV2Args.builder()\n .bucket(exampleAwsS3Bucket.id())\n .payer(\"Requester\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketRequestPaymentConfigurationV2\n properties:\n bucket: ${exampleAwsS3Bucket.id}\n payer: Requester\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket request payment configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "payer": { "type": "string", "description": "Specifies who pays for the download and request fees. Valid values: `BucketOwner`, `Requester`.\n" } }, "required": [ "bucket", "payer" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "payer": { "type": "string", "description": "Specifies who pays for the download and request fees. Valid values: `BucketOwner`, `Requester`.\n" } }, "requiredInputs": [ "bucket", "payer" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketRequestPaymentConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "payer": { "type": "string", "description": "Specifies who pays for the download and request fees. Valid values: `BucketOwner`, `Requester`.\n" } }, "type": "object" } }, "aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2": { "description": "Provides a S3 bucket server-side encryption configuration resource.\n\n\u003e **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfigurationV2` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.BucketV2(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfigurationV2(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.BucketV2(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfigurationV2(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.BucketV2(\"mybucket\", new()\n {\n Bucket = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfigurationV2(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationV2RuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucketV2(ctx, \"mybucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfigurationV2(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationV2Args{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationV2RuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new BucketV2(\"mybucket\", BucketV2Args.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfigurationV2(\"example\", BucketServerSideEncryptionConfigurationV2Args.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationV2RuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:BucketV2\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfigurationV2\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "ID (name) of the bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationV2Rule:BucketServerSideEncryptionConfigurationV2Rule" }, "description": "Set of server-side encryption configuration rules. See below. Currently, only a single rule is supported.\n" } }, "required": [ "bucket", "rules" ], "inputProperties": { "bucket": { "type": "string", "description": "ID (name) of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationV2Rule:BucketServerSideEncryptionConfigurationV2Rule" }, "description": "Set of server-side encryption configuration rules. See below. Currently, only a single rule is supported.\n" } }, "requiredInputs": [ "bucket", "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketServerSideEncryptionConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "ID (name) of the bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationV2Rule:BucketServerSideEncryptionConfigurationV2Rule" }, "description": "Set of server-side encryption configuration rules. See below. Currently, only a single rule is supported.\n" } }, "type": "object" } }, "aws:s3/bucketV2:BucketV2": { "description": "Provides a S3 bucket resource.\n\n\u003e This resource provides functionality for managing S3 general purpose buckets in an AWS Partition. To manage Amazon S3 Express directory buckets, use the `aws_directory_bucket` resource. To manage [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html), use the `aws.s3control.Bucket` resource.\n\n\u003e Object Lock can be enabled by using the `object_lock_enable` attribute or by using the `aws.s3.BucketObjectLockConfigurationV2` resource. Please note, that by using the resource, Object Lock can be enabled/disabled without destroying and recreating the bucket.\n\n## Example Usage\n\n### Private Bucket With Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"my-tf-test-bucket\",\n tags: {\n Name: \"My bucket\",\n Environment: \"Dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"my-tf-test-bucket\",\n tags={\n \"Name\": \"My bucket\",\n \"Environment\": \"Dev\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-test-bucket\",\n Tags = \n {\n { \"Name\", \"My bucket\" },\n { \"Environment\", \"Dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-test-bucket\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"My bucket\"),\n\t\t\t\t\"Environment\": pulumi.String(\"Dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"my-tf-test-bucket\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"My bucket\"),\n Map.entry(\"Environment\", \"Dev\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-test-bucket\n tags:\n Name: My bucket\n Environment: Dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketV2:BucketV2 bucket bucket-name\n```\n", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAccelerateConfigurationV2 resource instead" }, "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "arn": { "type": "string", "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n" }, "bucketDomainName": { "type": "string", "description": "Bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n" }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name. Please refer to the [S3 endpoints reference](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) for format. Note: AWS CloudFront allows specifying an S3 region-specific endpoint when creating an S3 origin. This will prevent redirect issues from CloudFront to the S3 Origin URL. For more information, see the [Virtual Hosted-Style Requests for Other Regions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#deprecated-global-endpoint) section in the AWS S3 User Guide.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2CorsRule:BucketV2CorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketCorsConfigurationV2 resource instead" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Grant:BucketV2Grant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "hostedZoneId": { "type": "string", "description": "[Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRule:BucketV2LifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLifecycleConfigurationV2 resource instead" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Logging:BucketV2Logging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLoggingV2 resource instead" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketV2ObjectLockConfiguration:BucketV2ObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n", "deprecationMessage": "Use the top-level parameter object_lock_enabled and the aws.s3.BucketObjectLockConfigurationV2 resource instead" }, "objectLockEnabled": { "type": "boolean", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid values are `true` or `false`. This argument is not supported in all regions or partitions.\n" }, "policy": { "type": "string", "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n", "deprecationMessage": "Use the aws.s3.BucketPolicy resource instead" }, "region": { "type": "string", "description": "AWS region this bucket resides in.\n" }, "replicationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfiguration:BucketV2ReplicationConfiguration" }, "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n", "deprecationMessage": "Use the aws.s3.BucketReplicationConfig resource instead" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketRequestPaymentConfigurationV2 resource instead" }, "serverSideEncryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ServerSideEncryptionConfiguration:BucketV2ServerSideEncryptionConfiguration" }, "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketServerSideEncryptionConfigurationV2 resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Versioning:BucketV2Versioning" }, "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketVersioningV2 resource instead" }, "websiteDomain": { "type": "string", "description": "(**Deprecated**) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource" }, "websiteEndpoint": { "type": "string", "description": "(**Deprecated**) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource" }, "websites": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Website:BucketV2Website" }, "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource instead" } }, "required": [ "accelerationStatus", "acl", "arn", "bucket", "bucketDomainName", "bucketPrefix", "bucketRegionalDomainName", "corsRules", "grants", "hostedZoneId", "lifecycleRules", "loggings", "objectLockConfiguration", "objectLockEnabled", "policy", "region", "replicationConfigurations", "requestPayer", "serverSideEncryptionConfigurations", "tagsAll", "versionings", "websites", "websiteDomain", "websiteEndpoint" ], "inputProperties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAccelerateConfigurationV2 resource instead" }, "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n", "willReplaceOnChanges": true }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n", "willReplaceOnChanges": true }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2CorsRule:BucketV2CorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketCorsConfigurationV2 resource instead" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Grant:BucketV2Grant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRule:BucketV2LifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLifecycleConfigurationV2 resource instead" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Logging:BucketV2Logging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLoggingV2 resource instead" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketV2ObjectLockConfiguration:BucketV2ObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n", "deprecationMessage": "Use the top-level parameter object_lock_enabled and the aws.s3.BucketObjectLockConfigurationV2 resource instead" }, "objectLockEnabled": { "type": "boolean", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid values are `true` or `false`. This argument is not supported in all regions or partitions.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n", "deprecationMessage": "Use the aws.s3.BucketPolicy resource instead" }, "replicationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfiguration:BucketV2ReplicationConfiguration" }, "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n", "deprecationMessage": "Use the aws.s3.BucketReplicationConfig resource instead" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketRequestPaymentConfigurationV2 resource instead" }, "serverSideEncryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ServerSideEncryptionConfiguration:BucketV2ServerSideEncryptionConfiguration" }, "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketServerSideEncryptionConfigurationV2 resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "versionings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Versioning:BucketV2Versioning" }, "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketVersioningV2 resource instead" }, "websites": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Website:BucketV2Website" }, "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource instead" } }, "stateInputs": { "description": "Input properties used for looking up and filtering BucketV2 resources.\n", "properties": { "accelerationStatus": { "type": "string", "description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`. Cannot be used in `cn-north-1` or `us-gov-west-1`. This provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketAccelerateConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAccelerateConfigurationV2 resource instead" }, "acl": { "type": "string", "description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "arn": { "type": "string", "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. If omitted, the provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). The name must not be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.DirectoryBucket` resource to manage S3 Express buckets.\n", "willReplaceOnChanges": true }, "bucketDomainName": { "type": "string", "description": "Bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n" }, "bucketPrefix": { "type": "string", "description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n", "willReplaceOnChanges": true }, "bucketRegionalDomainName": { "type": "string", "description": "The bucket region-specific domain name. The bucket domain name including the region name. Please refer to the [S3 endpoints reference](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) for format. Note: AWS CloudFront allows specifying an S3 region-specific endpoint when creating an S3 origin. This will prevent redirect issues from CloudFront to the S3 Origin URL. For more information, see the [Virtual Hosted-Style Requests for Other Regions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#deprecated-global-endpoint) section in the AWS S3 User Guide.\n" }, "corsRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2CorsRule:BucketV2CorsRule" }, "description": "Rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). See CORS rule below for details. This provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketCorsConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketCorsConfigurationV2 resource instead" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Grant:BucketV2Grant" }, "description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl). See Grant below for details. Conflicts with `acl`. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketAclV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketAclV2 resource instead" }, "hostedZoneId": { "type": "string", "description": "[Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n" }, "lifecycleRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2LifecycleRule:BucketV2LifecycleRule" }, "description": "Configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). See Lifecycle Rule below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLifecycleConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLifecycleConfigurationV2 resource instead" }, "loggings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Logging:BucketV2Logging" }, "description": "Configuration of [S3 bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) parameters. See Logging below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketLoggingV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketLoggingV2 resource instead" }, "objectLockConfiguration": { "$ref": "#/types/aws:s3/BucketV2ObjectLockConfiguration:BucketV2ObjectLockConfiguration", "description": "Configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). See Object Lock Configuration below for details.\nThe provider wil only perform drift detection if a configuration value is provided.\nUse the `object_lock_enabled` parameter and the resource `aws.s3.BucketObjectLockConfigurationV2` instead.\n", "deprecationMessage": "Use the top-level parameter object_lock_enabled and the aws.s3.BucketObjectLockConfigurationV2 resource instead" }, "objectLockEnabled": { "type": "boolean", "description": "Indicates whether this bucket has an Object Lock configuration enabled. Valid values are `true` or `false`. This argument is not supported in all regions or partitions.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing. In this case, please make sure you use the verbose/specific version of the policy. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketPolicy` instead.\n", "deprecationMessage": "Use the aws.s3.BucketPolicy resource instead" }, "region": { "type": "string", "description": "AWS region this bucket resides in.\n" }, "replicationConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ReplicationConfiguration:BucketV2ReplicationConfiguration" }, "description": "Configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html). See Replication Configuration below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketReplicationConfig` instead.\n", "deprecationMessage": "Use the aws.s3.BucketReplicationConfig resource instead" }, "requestPayer": { "type": "string", "description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur the costs of any data transfer.\nSee [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) developer guide for more information.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketRequestPaymentConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketRequestPaymentConfigurationV2 resource instead" }, "serverSideEncryptionConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2ServerSideEncryptionConfiguration:BucketV2ServerSideEncryptionConfiguration" }, "description": "Configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). See Server Side Encryption Configuration below for details.\nThe provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketServerSideEncryptionConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketServerSideEncryptionConfigurationV2 resource instead" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\nThe following arguments are deprecated, and will be removed in a future major version:\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionings": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Versioning:BucketV2Versioning" }, "description": "Configuration of the [S3 bucket versioning state](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). See Versioning below for details. The provider will only perform drift detection if a configuration value is provided. Use the resource `aws.s3.BucketVersioningV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketVersioningV2 resource instead" }, "websiteDomain": { "type": "string", "description": "(**Deprecated**) Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource" }, "websiteEndpoint": { "type": "string", "description": "(**Deprecated**) Website endpoint, if the bucket is configured with a website. If not, this will be an empty string. Use the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource" }, "websites": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketV2Website:BucketV2Website" }, "description": "Configuration of the [S3 bucket website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). See Website below for details. The provider will only perform drift detection if a configuration value is provided.\nUse the resource `aws.s3.BucketWebsiteConfigurationV2` instead.\n", "deprecationMessage": "Use the aws.s3.BucketWebsiteConfigurationV2 resource instead" } }, "type": "object" }, "aliases": [ { "type": "aws:s3/bucket:Bucket" } ] }, "aws:s3/bucketVersioningV2:BucketVersioningV2": { "description": "Provides a resource for controlling versioning on an S3 bucket.\nDeleting this resource will either suspend versioning on the associated S3 bucket or\nsimply remove the resource from state if the associated S3 bucket is unversioned.\n\nFor more information, see [How S3 versioning works](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html).\n\n\u003e **NOTE:** If you are enabling versioning on the bucket for the first time, AWS recommends that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With Versioning Enabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example-bucket\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n});\nconst versioningExample = new aws.s3.BucketVersioningV2(\"versioning_example\", {\n bucket: example.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example-bucket\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\")\nversioning_example = aws.s3.BucketVersioningV2(\"versioning_example\",\n bucket=example.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-bucket\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n });\n\n var versioningExample = new Aws.S3.BucketVersioningV2(\"versioning_example\", new()\n {\n Bucket = example.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"versioning_example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-bucket\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"private\")\n .build());\n\n var versioningExample = new BucketVersioningV2(\"versioningExample\", BucketVersioningV2Args.builder()\n .bucket(example.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-bucket\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n versioningExample:\n type: aws:s3:BucketVersioningV2\n name: versioning_example\n properties:\n bucket: ${example.id}\n versioningConfiguration:\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Versioning Disabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example-bucket\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n});\nconst versioningExample = new aws.s3.BucketVersioningV2(\"versioning_example\", {\n bucket: example.id,\n versioningConfiguration: {\n status: \"Disabled\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example-bucket\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\")\nversioning_example = aws.s3.BucketVersioningV2(\"versioning_example\",\n bucket=example.id,\n versioning_configuration={\n \"status\": \"Disabled\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-bucket\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n });\n\n var versioningExample = new Aws.S3.BucketVersioningV2(\"versioning_example\", new()\n {\n Bucket = example.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Disabled\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"versioning_example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Disabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-bucket\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(example.id())\n .acl(\"private\")\n .build());\n\n var versioningExample = new BucketVersioningV2(\"versioningExample\", BucketVersioningV2Args.builder()\n .bucket(example.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Disabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-bucket\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n versioningExample:\n type: aws:s3:BucketVersioningV2\n name: versioning_example\n properties:\n bucket: ${example.id}\n versioningConfiguration:\n status: Disabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Object Dependency On Versioning\n\nWhen you create an object whose `version_id` you need and an `aws.s3.BucketVersioningV2` resource in the same configuration, you are more likely to have success by ensuring the `s3_object` depends either implicitly (see below) or explicitly (i.e., using `depends_on = [aws_s3_bucket_versioning.example]`) on the `aws.s3.BucketVersioningV2` resource.\n\n\u003e **NOTE:** For critical and/or production S3 objects, do not create a bucket, enable versioning, and create an object in the bucket within the same configuration. Doing so will not allow the AWS-recommended 15 minutes between enabling versioning and writing to the bucket.\n\nThis example shows the `aws_s3_object.example` depending implicitly on the versioning resource through the reference to `aws_s3_bucket_versioning.example.bucket` to define `bucket`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"yotto\"});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: example.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketVersioningV2.id,\n key: \"droeloe\",\n source: new pulumi.asset.FileAsset(\"example.txt\"),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"yotto\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=example.id,\n versioning_configuration={\n \"status\": \"Enabled\",\n })\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_versioning_v2.id,\n key=\"droeloe\",\n source=pulumi.FileAsset(\"example.txt\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"yotto\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = example.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketVersioningV2.Id,\n Key = \"droeloe\",\n Source = new FileAsset(\"example.txt\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"yotto\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketVersioningV2.ID(),\n\t\t\tKey: pulumi.String(\"droeloe\"),\n\t\t\tSource: pulumi.NewFileAsset(\"example.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"yotto\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder()\n .bucket(example.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder()\n .bucket(exampleBucketVersioningV2.id())\n .key(\"droeloe\")\n .source(new FileAsset(\"example.txt\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: yotto\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${example.id}\n versioningConfiguration:\n status: Enabled\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketVersioningV2.id}\n key: droeloe\n source:\n fn::FileAsset: example.txt\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket versioning using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketVersioningV2:BucketVersioningV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketVersioningV2:BucketVersioningV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "mfa": { "type": "string", "description": "Concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.\n" }, "versioningConfiguration": { "$ref": "#/types/aws:s3/BucketVersioningV2VersioningConfiguration:BucketVersioningV2VersioningConfiguration", "description": "Configuration block for the versioning parameters. See below.\n" } }, "required": [ "bucket", "versioningConfiguration" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the S3 bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "mfa": { "type": "string", "description": "Concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.\n" }, "versioningConfiguration": { "$ref": "#/types/aws:s3/BucketVersioningV2VersioningConfiguration:BucketVersioningV2VersioningConfiguration", "description": "Configuration block for the versioning parameters. See below.\n" } }, "requiredInputs": [ "bucket", "versioningConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketVersioningV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the S3 bucket.\n", "willReplaceOnChanges": true }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "mfa": { "type": "string", "description": "Concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.\n" }, "versioningConfiguration": { "$ref": "#/types/aws:s3/BucketVersioningV2VersioningConfiguration:BucketVersioningV2VersioningConfiguration", "description": "Configuration block for the versioning parameters. See below.\n" } }, "type": "object" } }, "aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2": { "description": "Provides an S3 bucket website configuration resource. For more information, see [Hosting Websites on S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With `routing_rule` configured\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketWebsiteConfigurationV2(\"example\", {\n bucket: exampleAwsS3Bucket.id,\n indexDocument: {\n suffix: \"index.html\",\n },\n errorDocument: {\n key: \"error.html\",\n },\n routingRules: [{\n condition: {\n keyPrefixEquals: \"docs/\",\n },\n redirect: {\n replaceKeyPrefixWith: \"documents/\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketWebsiteConfigurationV2(\"example\",\n bucket=example_aws_s3_bucket[\"id\"],\n index_document={\n \"suffix\": \"index.html\",\n },\n error_document={\n \"key\": \"error.html\",\n },\n routing_rules=[{\n \"condition\": {\n \"key_prefix_equals\": \"docs/\",\n },\n \"redirect\": {\n \"replace_key_prefix_with\": \"documents/\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketWebsiteConfigurationV2(\"example\", new()\n {\n Bucket = exampleAwsS3Bucket.Id,\n IndexDocument = new Aws.S3.Inputs.BucketWebsiteConfigurationV2IndexDocumentArgs\n {\n Suffix = \"index.html\",\n },\n ErrorDocument = new Aws.S3.Inputs.BucketWebsiteConfigurationV2ErrorDocumentArgs\n {\n Key = \"error.html\",\n },\n RoutingRules = new[]\n {\n new Aws.S3.Inputs.BucketWebsiteConfigurationV2RoutingRuleArgs\n {\n Condition = new Aws.S3.Inputs.BucketWebsiteConfigurationV2RoutingRuleConditionArgs\n {\n KeyPrefixEquals = \"docs/\",\n },\n Redirect = new Aws.S3.Inputs.BucketWebsiteConfigurationV2RoutingRuleRedirectArgs\n {\n ReplaceKeyPrefixWith = \"documents/\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketWebsiteConfigurationV2(ctx, \"example\", \u0026s3.BucketWebsiteConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tIndexDocument: \u0026s3.BucketWebsiteConfigurationV2IndexDocumentArgs{\n\t\t\t\tSuffix: pulumi.String(\"index.html\"),\n\t\t\t},\n\t\t\tErrorDocument: \u0026s3.BucketWebsiteConfigurationV2ErrorDocumentArgs{\n\t\t\t\tKey: pulumi.String(\"error.html\"),\n\t\t\t},\n\t\t\tRoutingRules: s3.BucketWebsiteConfigurationV2RoutingRuleArray{\n\t\t\t\t\u0026s3.BucketWebsiteConfigurationV2RoutingRuleArgs{\n\t\t\t\t\tCondition: \u0026s3.BucketWebsiteConfigurationV2RoutingRuleConditionArgs{\n\t\t\t\t\t\tKeyPrefixEquals: pulumi.String(\"docs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tRedirect: \u0026s3.BucketWebsiteConfigurationV2RoutingRuleRedirectArgs{\n\t\t\t\t\t\tReplaceKeyPrefixWith: pulumi.String(\"documents/\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketWebsiteConfigurationV2;\nimport com.pulumi.aws.s3.BucketWebsiteConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2IndexDocumentArgs;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2ErrorDocumentArgs;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2RoutingRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2RoutingRuleConditionArgs;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2RoutingRuleRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketWebsiteConfigurationV2(\"example\", BucketWebsiteConfigurationV2Args.builder()\n .bucket(exampleAwsS3Bucket.id())\n .indexDocument(BucketWebsiteConfigurationV2IndexDocumentArgs.builder()\n .suffix(\"index.html\")\n .build())\n .errorDocument(BucketWebsiteConfigurationV2ErrorDocumentArgs.builder()\n .key(\"error.html\")\n .build())\n .routingRules(BucketWebsiteConfigurationV2RoutingRuleArgs.builder()\n .condition(BucketWebsiteConfigurationV2RoutingRuleConditionArgs.builder()\n .keyPrefixEquals(\"docs/\")\n .build())\n .redirect(BucketWebsiteConfigurationV2RoutingRuleRedirectArgs.builder()\n .replaceKeyPrefixWith(\"documents/\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketWebsiteConfigurationV2\n properties:\n bucket: ${exampleAwsS3Bucket.id}\n indexDocument:\n suffix: index.html\n errorDocument:\n key: error.html\n routingRules:\n - condition:\n keyPrefixEquals: docs/\n redirect:\n replaceKeyPrefixWith: documents/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `routing_rules` configured\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketWebsiteConfigurationV2(\"example\", {\n bucket: exampleAwsS3Bucket.id,\n indexDocument: {\n suffix: \"index.html\",\n },\n errorDocument: {\n key: \"error.html\",\n },\n routingRuleDetails: `[{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"\"\n }\n}]\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketWebsiteConfigurationV2(\"example\",\n bucket=example_aws_s3_bucket[\"id\"],\n index_document={\n \"suffix\": \"index.html\",\n },\n error_document={\n \"key\": \"error.html\",\n },\n routing_rule_details=\"\"\"[{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"\"\n }\n}]\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketWebsiteConfigurationV2(\"example\", new()\n {\n Bucket = exampleAwsS3Bucket.Id,\n IndexDocument = new Aws.S3.Inputs.BucketWebsiteConfigurationV2IndexDocumentArgs\n {\n Suffix = \"index.html\",\n },\n ErrorDocument = new Aws.S3.Inputs.BucketWebsiteConfigurationV2ErrorDocumentArgs\n {\n Key = \"error.html\",\n },\n RoutingRuleDetails = @\"[{\n \"\"Condition\"\": {\n \"\"KeyPrefixEquals\"\": \"\"docs/\"\"\n },\n \"\"Redirect\"\": {\n \"\"ReplaceKeyPrefixWith\"\": \"\"\"\"\n }\n}]\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketWebsiteConfigurationV2(ctx, \"example\", \u0026s3.BucketWebsiteConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tIndexDocument: \u0026s3.BucketWebsiteConfigurationV2IndexDocumentArgs{\n\t\t\t\tSuffix: pulumi.String(\"index.html\"),\n\t\t\t},\n\t\t\tErrorDocument: \u0026s3.BucketWebsiteConfigurationV2ErrorDocumentArgs{\n\t\t\t\tKey: pulumi.String(\"error.html\"),\n\t\t\t},\n\t\t\tRoutingRuleDetails: pulumi.String(`[{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"\"\n }\n}]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketWebsiteConfigurationV2;\nimport com.pulumi.aws.s3.BucketWebsiteConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2IndexDocumentArgs;\nimport com.pulumi.aws.s3.inputs.BucketWebsiteConfigurationV2ErrorDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketWebsiteConfigurationV2(\"example\", BucketWebsiteConfigurationV2Args.builder()\n .bucket(exampleAwsS3Bucket.id())\n .indexDocument(BucketWebsiteConfigurationV2IndexDocumentArgs.builder()\n .suffix(\"index.html\")\n .build())\n .errorDocument(BucketWebsiteConfigurationV2ErrorDocumentArgs.builder()\n .key(\"error.html\")\n .build())\n .routingRuleDetails(\"\"\"\n[{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"\"\n }\n}]\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketWebsiteConfigurationV2\n properties:\n bucket: ${exampleAwsS3Bucket.id}\n indexDocument:\n suffix: index.html\n errorDocument:\n key: error.html\n routingRuleDetails: |\n [{\n \"Condition\": {\n \"KeyPrefixEquals\": \"docs/\"\n },\n \"Redirect\": {\n \"ReplaceKeyPrefixWith\": \"\"\n }\n }]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket website configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n" }, "errorDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2ErrorDocument:BucketWebsiteConfigurationV2ErrorDocument", "description": "Name of the error document for the website. See below.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n" }, "indexDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2IndexDocument:BucketWebsiteConfigurationV2IndexDocument", "description": "Name of the index document for the website. See below.\n" }, "redirectAllRequestsTo": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RedirectAllRequestsTo:BucketWebsiteConfigurationV2RedirectAllRequestsTo", "description": "Redirect behavior for every request to this bucket's website endpoint. See below. Conflicts with `error_document`, `index_document`, and `routing_rule`.\n" }, "routingRuleDetails": { "type": "string", "description": "JSON array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied. Use this parameter when your routing rules contain empty String values (`\"\"`) as seen in the example above.\n" }, "routingRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RoutingRule:BucketWebsiteConfigurationV2RoutingRule" }, "description": "List of rules that define when a redirect is applied and the redirect behavior. See below.\n" }, "websiteDomain": { "type": "string", "description": "Domain of the website endpoint. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "Website endpoint.\n" } }, "required": [ "bucket", "routingRules", "routingRuleDetails", "websiteDomain", "websiteEndpoint" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "errorDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2ErrorDocument:BucketWebsiteConfigurationV2ErrorDocument", "description": "Name of the error document for the website. See below.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "indexDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2IndexDocument:BucketWebsiteConfigurationV2IndexDocument", "description": "Name of the index document for the website. See below.\n" }, "redirectAllRequestsTo": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RedirectAllRequestsTo:BucketWebsiteConfigurationV2RedirectAllRequestsTo", "description": "Redirect behavior for every request to this bucket's website endpoint. See below. Conflicts with `error_document`, `index_document`, and `routing_rule`.\n" }, "routingRuleDetails": { "type": "string", "description": "JSON array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied. Use this parameter when your routing rules contain empty String values (`\"\"`) as seen in the example above.\n" }, "routingRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RoutingRule:BucketWebsiteConfigurationV2RoutingRule" }, "description": "List of rules that define when a redirect is applied and the redirect behavior. See below.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketWebsiteConfigurationV2 resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "willReplaceOnChanges": true }, "errorDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2ErrorDocument:BucketWebsiteConfigurationV2ErrorDocument", "description": "Name of the error document for the website. See below.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account ID of the expected bucket owner.\n", "willReplaceOnChanges": true }, "indexDocument": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2IndexDocument:BucketWebsiteConfigurationV2IndexDocument", "description": "Name of the index document for the website. See below.\n" }, "redirectAllRequestsTo": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RedirectAllRequestsTo:BucketWebsiteConfigurationV2RedirectAllRequestsTo", "description": "Redirect behavior for every request to this bucket's website endpoint. See below. Conflicts with `error_document`, `index_document`, and `routing_rule`.\n" }, "routingRuleDetails": { "type": "string", "description": "JSON array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)\ndescribing redirect behavior and when redirects are applied. Use this parameter when your routing rules contain empty String values (`\"\"`) as seen in the example above.\n" }, "routingRules": { "type": "array", "items": { "$ref": "#/types/aws:s3/BucketWebsiteConfigurationV2RoutingRule:BucketWebsiteConfigurationV2RoutingRule" }, "description": "List of rules that define when a redirect is applied and the redirect behavior. See below.\n" }, "websiteDomain": { "type": "string", "description": "Domain of the website endpoint. This is used to create Route 53 alias records.\n" }, "websiteEndpoint": { "type": "string", "description": "Website endpoint.\n" } }, "type": "object" } }, "aws:s3/directoryBucket:DirectoryBucket": { "description": "Provides an Amazon S3 Express directory bucket resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.DirectoryBucket(\"example\", {\n bucket: \"example--usw2-az1--x-s3\",\n location: {\n name: \"usw2-az1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.DirectoryBucket(\"example\",\n bucket=\"example--usw2-az1--x-s3\",\n location={\n \"name\": \"usw2-az1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.DirectoryBucket(\"example\", new()\n {\n Bucket = \"example--usw2-az1--x-s3\",\n Location = new Aws.S3.Inputs.DirectoryBucketLocationArgs\n {\n Name = \"usw2-az1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewDirectoryBucket(ctx, \"example\", \u0026s3.DirectoryBucketArgs{\n\t\t\tBucket: pulumi.String(\"example--usw2-az1--x-s3\"),\n\t\t\tLocation: \u0026s3.DirectoryBucketLocationArgs{\n\t\t\t\tName: pulumi.String(\"usw2-az1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.DirectoryBucket;\nimport com.pulumi.aws.s3.DirectoryBucketArgs;\nimport com.pulumi.aws.s3.inputs.DirectoryBucketLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DirectoryBucket(\"example\", DirectoryBucketArgs.builder()\n .bucket(\"example--usw2-az1--x-s3\")\n .location(DirectoryBucketLocationArgs.builder()\n .name(\"usw2-az1\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:DirectoryBucket\n properties:\n bucket: example--usw2-az1--x-s3\n location:\n name: usw2-az1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket using `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/directoryBucket:DirectoryBucket example example--usw2-az1--x-s3\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the bucket.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. The name must be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.BucketV2` resource to manage general purpose buckets.\n" }, "dataRedundancy": { "type": "string", "description": "Data redundancy. Valid values: `SingleAvailabilityZone`.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "location": { "$ref": "#/types/aws:s3/DirectoryBucketLocation:DirectoryBucketLocation", "description": "Bucket location. See Location below for more details.\n" }, "type": { "type": "string", "description": "Bucket type. Valid values: `Directory`.\n" } }, "required": [ "arn", "bucket", "dataRedundancy", "forceDestroy", "type" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket. The name must be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.BucketV2` resource to manage general purpose buckets.\n" }, "dataRedundancy": { "type": "string", "description": "Data redundancy. Valid values: `SingleAvailabilityZone`.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "location": { "$ref": "#/types/aws:s3/DirectoryBucketLocation:DirectoryBucketLocation", "description": "Bucket location. See Location below for more details.\n" }, "type": { "type": "string", "description": "Bucket type. Valid values: `Directory`.\n" } }, "requiredInputs": [ "bucket" ], "stateInputs": { "description": "Input properties used for looking up and filtering DirectoryBucket resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the bucket.\n" }, "bucket": { "type": "string", "description": "Name of the bucket. The name must be in the format `[bucket_name]--[azid]--x-s3`. Use the `aws.s3.BucketV2` resource to manage general purpose buckets.\n" }, "dataRedundancy": { "type": "string", "description": "Data redundancy. Valid values: `SingleAvailabilityZone`.\n" }, "forceDestroy": { "type": "boolean", "description": "Boolean that indicates all objects should be deleted from the bucket *when the bucket is destroyed* so that the bucket can be destroyed without error. These objects are *not* recoverable. This only deletes objects when the bucket is destroyed, *not* when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the bucket or destroying the bucket, this flag will not work. Additionally when importing a bucket, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.\n" }, "location": { "$ref": "#/types/aws:s3/DirectoryBucketLocation:DirectoryBucketLocation", "description": "Bucket location. See Location below for more details.\n" }, "type": { "type": "string", "description": "Bucket type. Valid values: `Directory`.\n" } }, "type": "object" } }, "aws:s3/inventory:Inventory": { "description": "Provides a S3 bucket [inventory configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) resource.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add inventory configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.s3.BucketV2(\"test\", {bucket: \"my-tf-test-bucket\"});\nconst inventory = new aws.s3.BucketV2(\"inventory\", {bucket: \"my-tf-inventory-bucket\"});\nconst testInventory = new aws.s3.Inventory(\"test\", {\n bucket: test.id,\n name: \"EntireBucketDaily\",\n includedObjectVersions: \"All\",\n schedule: {\n frequency: \"Daily\",\n },\n destination: {\n bucket: {\n format: \"ORC\",\n bucketArn: inventory.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.s3.BucketV2(\"test\", bucket=\"my-tf-test-bucket\")\ninventory = aws.s3.BucketV2(\"inventory\", bucket=\"my-tf-inventory-bucket\")\ntest_inventory = aws.s3.Inventory(\"test\",\n bucket=test.id,\n name=\"EntireBucketDaily\",\n included_object_versions=\"All\",\n schedule={\n \"frequency\": \"Daily\",\n },\n destination={\n \"bucket\": {\n \"format\": \"ORC\",\n \"bucket_arn\": inventory.arn,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.S3.BucketV2(\"test\", new()\n {\n Bucket = \"my-tf-test-bucket\",\n });\n\n var inventory = new Aws.S3.BucketV2(\"inventory\", new()\n {\n Bucket = \"my-tf-inventory-bucket\",\n });\n\n var testInventory = new Aws.S3.Inventory(\"test\", new()\n {\n Bucket = test.Id,\n Name = \"EntireBucketDaily\",\n IncludedObjectVersions = \"All\",\n Schedule = new Aws.S3.Inputs.InventoryScheduleArgs\n {\n Frequency = \"Daily\",\n },\n Destination = new Aws.S3.Inputs.InventoryDestinationArgs\n {\n Bucket = new Aws.S3.Inputs.InventoryDestinationBucketArgs\n {\n Format = \"ORC\",\n BucketArn = inventory.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := s3.NewBucketV2(ctx, \"test\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinventory, err := s3.NewBucketV2(ctx, \"inventory\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-inventory-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewInventory(ctx, \"test\", \u0026s3.InventoryArgs{\n\t\t\tBucket: test.ID(),\n\t\t\tName: pulumi.String(\"EntireBucketDaily\"),\n\t\t\tIncludedObjectVersions: pulumi.String(\"All\"),\n\t\t\tSchedule: \u0026s3.InventoryScheduleArgs{\n\t\t\t\tFrequency: pulumi.String(\"Daily\"),\n\t\t\t},\n\t\t\tDestination: \u0026s3.InventoryDestinationArgs{\n\t\t\t\tBucket: \u0026s3.InventoryDestinationBucketArgs{\n\t\t\t\t\tFormat: pulumi.String(\"ORC\"),\n\t\t\t\t\tBucketArn: inventory.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.Inventory;\nimport com.pulumi.aws.s3.InventoryArgs;\nimport com.pulumi.aws.s3.inputs.InventoryScheduleArgs;\nimport com.pulumi.aws.s3.inputs.InventoryDestinationArgs;\nimport com.pulumi.aws.s3.inputs.InventoryDestinationBucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new BucketV2(\"test\", BucketV2Args.builder()\n .bucket(\"my-tf-test-bucket\")\n .build());\n\n var inventory = new BucketV2(\"inventory\", BucketV2Args.builder()\n .bucket(\"my-tf-inventory-bucket\")\n .build());\n\n var testInventory = new Inventory(\"testInventory\", InventoryArgs.builder()\n .bucket(test.id())\n .name(\"EntireBucketDaily\")\n .includedObjectVersions(\"All\")\n .schedule(InventoryScheduleArgs.builder()\n .frequency(\"Daily\")\n .build())\n .destination(InventoryDestinationArgs.builder()\n .bucket(InventoryDestinationBucketArgs.builder()\n .format(\"ORC\")\n .bucketArn(inventory.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-test-bucket\n inventory:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-inventory-bucket\n testInventory:\n type: aws:s3:Inventory\n name: test\n properties:\n bucket: ${test.id}\n name: EntireBucketDaily\n includedObjectVersions: All\n schedule:\n frequency: Daily\n destination:\n bucket:\n format: ORC\n bucketArn: ${inventory.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add inventory configuration with S3 object prefix\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.s3.BucketV2(\"test\", {bucket: \"my-tf-test-bucket\"});\nconst inventory = new aws.s3.BucketV2(\"inventory\", {bucket: \"my-tf-inventory-bucket\"});\nconst test_prefix = new aws.s3.Inventory(\"test-prefix\", {\n bucket: test.id,\n name: \"DocumentsWeekly\",\n includedObjectVersions: \"All\",\n schedule: {\n frequency: \"Daily\",\n },\n filter: {\n prefix: \"documents/\",\n },\n destination: {\n bucket: {\n format: \"ORC\",\n bucketArn: inventory.arn,\n prefix: \"inventory\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.s3.BucketV2(\"test\", bucket=\"my-tf-test-bucket\")\ninventory = aws.s3.BucketV2(\"inventory\", bucket=\"my-tf-inventory-bucket\")\ntest_prefix = aws.s3.Inventory(\"test-prefix\",\n bucket=test.id,\n name=\"DocumentsWeekly\",\n included_object_versions=\"All\",\n schedule={\n \"frequency\": \"Daily\",\n },\n filter={\n \"prefix\": \"documents/\",\n },\n destination={\n \"bucket\": {\n \"format\": \"ORC\",\n \"bucket_arn\": inventory.arn,\n \"prefix\": \"inventory\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.S3.BucketV2(\"test\", new()\n {\n Bucket = \"my-tf-test-bucket\",\n });\n\n var inventory = new Aws.S3.BucketV2(\"inventory\", new()\n {\n Bucket = \"my-tf-inventory-bucket\",\n });\n\n var test_prefix = new Aws.S3.Inventory(\"test-prefix\", new()\n {\n Bucket = test.Id,\n Name = \"DocumentsWeekly\",\n IncludedObjectVersions = \"All\",\n Schedule = new Aws.S3.Inputs.InventoryScheduleArgs\n {\n Frequency = \"Daily\",\n },\n Filter = new Aws.S3.Inputs.InventoryFilterArgs\n {\n Prefix = \"documents/\",\n },\n Destination = new Aws.S3.Inputs.InventoryDestinationArgs\n {\n Bucket = new Aws.S3.Inputs.InventoryDestinationBucketArgs\n {\n Format = \"ORC\",\n BucketArn = inventory.Arn,\n Prefix = \"inventory\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := s3.NewBucketV2(ctx, \"test\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinventory, err := s3.NewBucketV2(ctx, \"inventory\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-inventory-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewInventory(ctx, \"test-prefix\", \u0026s3.InventoryArgs{\n\t\t\tBucket: test.ID(),\n\t\t\tName: pulumi.String(\"DocumentsWeekly\"),\n\t\t\tIncludedObjectVersions: pulumi.String(\"All\"),\n\t\t\tSchedule: \u0026s3.InventoryScheduleArgs{\n\t\t\t\tFrequency: pulumi.String(\"Daily\"),\n\t\t\t},\n\t\t\tFilter: \u0026s3.InventoryFilterArgs{\n\t\t\t\tPrefix: pulumi.String(\"documents/\"),\n\t\t\t},\n\t\t\tDestination: \u0026s3.InventoryDestinationArgs{\n\t\t\t\tBucket: \u0026s3.InventoryDestinationBucketArgs{\n\t\t\t\t\tFormat: pulumi.String(\"ORC\"),\n\t\t\t\t\tBucketArn: inventory.Arn,\n\t\t\t\t\tPrefix: pulumi.String(\"inventory\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.Inventory;\nimport com.pulumi.aws.s3.InventoryArgs;\nimport com.pulumi.aws.s3.inputs.InventoryScheduleArgs;\nimport com.pulumi.aws.s3.inputs.InventoryFilterArgs;\nimport com.pulumi.aws.s3.inputs.InventoryDestinationArgs;\nimport com.pulumi.aws.s3.inputs.InventoryDestinationBucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new BucketV2(\"test\", BucketV2Args.builder()\n .bucket(\"my-tf-test-bucket\")\n .build());\n\n var inventory = new BucketV2(\"inventory\", BucketV2Args.builder()\n .bucket(\"my-tf-inventory-bucket\")\n .build());\n\n var test_prefix = new Inventory(\"test-prefix\", InventoryArgs.builder()\n .bucket(test.id())\n .name(\"DocumentsWeekly\")\n .includedObjectVersions(\"All\")\n .schedule(InventoryScheduleArgs.builder()\n .frequency(\"Daily\")\n .build())\n .filter(InventoryFilterArgs.builder()\n .prefix(\"documents/\")\n .build())\n .destination(InventoryDestinationArgs.builder()\n .bucket(InventoryDestinationBucketArgs.builder()\n .format(\"ORC\")\n .bucketArn(inventory.arn())\n .prefix(\"inventory\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-test-bucket\n inventory:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-inventory-bucket\n test-prefix:\n type: aws:s3:Inventory\n properties:\n bucket: ${test.id}\n name: DocumentsWeekly\n includedObjectVersions: All\n schedule:\n frequency: Daily\n filter:\n prefix: documents/\n destination:\n bucket:\n format: ORC\n bucketArn: ${inventory.arn}\n prefix: inventory\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket inventory configurations using `bucket:inventory`. For example:\n\n```sh\n$ pulumi import aws:s3/inventory:Inventory my-bucket-entire-bucket my-bucket:EntireBucket\n```\n", "properties": { "bucket": { "type": "string", "description": "Name of the source bucket that inventory lists the objects for.\n" }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n" }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results. Please refer to the S3 [documentation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_InventoryConfiguration.html#AmazonS3-Type-InventoryConfiguration-OptionalFields) for more details.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "required": [ "bucket", "destination", "includedObjectVersions", "name", "schedule" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the source bucket that inventory lists the objects for.\n", "willReplaceOnChanges": true }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n", "willReplaceOnChanges": true }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results. Please refer to the S3 [documentation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_InventoryConfiguration.html#AmazonS3-Type-InventoryConfiguration-OptionalFields) for more details.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "requiredInputs": [ "bucket", "destination", "includedObjectVersions", "schedule" ], "stateInputs": { "description": "Input properties used for looking up and filtering Inventory resources.\n", "properties": { "bucket": { "type": "string", "description": "Name of the source bucket that inventory lists the objects for.\n", "willReplaceOnChanges": true }, "destination": { "$ref": "#/types/aws:s3/InventoryDestination:InventoryDestination", "description": "Contains information about where to publish the inventory results (documented below).\n" }, "enabled": { "type": "boolean", "description": "Specifies whether the inventory is enabled or disabled.\n" }, "filter": { "$ref": "#/types/aws:s3/InventoryFilter:InventoryFilter", "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria (documented below).\n" }, "includedObjectVersions": { "type": "string", "description": "Object versions to include in the inventory list. Valid values: `All`, `Current`.\n" }, "name": { "type": "string", "description": "Unique identifier of the inventory configuration for the bucket.\n", "willReplaceOnChanges": true }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "List of optional fields that are included in the inventory results. Please refer to the S3 [documentation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_InventoryConfiguration.html#AmazonS3-Type-InventoryConfiguration-OptionalFields) for more details.\n" }, "schedule": { "$ref": "#/types/aws:s3/InventorySchedule:InventorySchedule", "description": "Specifies the schedule for generating inventory results (documented below).\n" } }, "type": "object" } }, "aws:s3/objectCopy:ObjectCopy": { "description": "Provides a resource for copying an S3 object.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.s3.ObjectCopy(\"test\", {\n bucket: \"destination_bucket\",\n key: \"destination_key\",\n source: \"source_bucket/source_key\",\n grants: [{\n uri: \"http://acs.amazonaws.com/groups/global/AllUsers\",\n type: \"Group\",\n permissions: [\"READ\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.s3.ObjectCopy(\"test\",\n bucket=\"destination_bucket\",\n key=\"destination_key\",\n source=\"source_bucket/source_key\",\n grants=[{\n \"uri\": \"http://acs.amazonaws.com/groups/global/AllUsers\",\n \"type\": \"Group\",\n \"permissions\": [\"READ\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.S3.ObjectCopy(\"test\", new()\n {\n Bucket = \"destination_bucket\",\n Key = \"destination_key\",\n Source = \"source_bucket/source_key\",\n Grants = new[]\n {\n new Aws.S3.Inputs.ObjectCopyGrantArgs\n {\n Uri = \"http://acs.amazonaws.com/groups/global/AllUsers\",\n Type = \"Group\",\n Permissions = new[]\n {\n \"READ\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewObjectCopy(ctx, \"test\", \u0026s3.ObjectCopyArgs{\n\t\t\tBucket: pulumi.String(\"destination_bucket\"),\n\t\t\tKey: pulumi.String(\"destination_key\"),\n\t\t\tSource: pulumi.String(\"source_bucket/source_key\"),\n\t\t\tGrants: s3.ObjectCopyGrantArray{\n\t\t\t\t\u0026s3.ObjectCopyGrantArgs{\n\t\t\t\t\tUri: pulumi.String(\"http://acs.amazonaws.com/groups/global/AllUsers\"),\n\t\t\t\t\tType: pulumi.String(\"Group\"),\n\t\t\t\t\tPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"READ\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.ObjectCopy;\nimport com.pulumi.aws.s3.ObjectCopyArgs;\nimport com.pulumi.aws.s3.inputs.ObjectCopyGrantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ObjectCopy(\"test\", ObjectCopyArgs.builder()\n .bucket(\"destination_bucket\")\n .key(\"destination_key\")\n .source(\"source_bucket/source_key\")\n .grants(ObjectCopyGrantArgs.builder()\n .uri(\"http://acs.amazonaws.com/groups/global/AllUsers\")\n .type(\"Group\")\n .permissions(\"READ\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:s3:ObjectCopy\n properties:\n bucket: destination_bucket\n key: destination_key\n source: source_bucket/source_key\n grants:\n - uri: http://acs.amazonaws.com/groups/global/AllUsers\n type: Group\n permissions:\n - READ\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "description": "Name of the bucket to put the file in.\n" }, "bucketKeyEnabled": { "type": "boolean" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "checksumCrc32": { "type": "string", "description": "The base64-encoded, 32-bit CRC32 checksum of the object.\n" }, "checksumCrc32c": { "type": "string", "description": "The base64-encoded, 32-bit CRC32C checksum of the object.\n" }, "checksumSha1": { "type": "string", "description": "The base64-encoded, 160-bit SHA-1 digest of the object.\n" }, "checksumSha256": { "type": "string", "description": "The base64-encoded, 256-bit SHA-256 digest of the object.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.\n" }, "copyIfMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) matches the specified tag.\n" }, "copyIfModifiedSince": { "type": "string", "description": "Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "copyIfNoneMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) is different than the specified ETag.\n" }, "copyIfUnmodifiedSince": { "type": "string", "description": "Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "customerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use to when encrypting the object (for example, AES256).\n" }, "customerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.\n", "secret": true }, "customerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "etag": { "type": "string", "description": "ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on [Common Response Headers](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html).\n" }, "expectedBucketOwner": { "type": "string", "description": "Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expectedSourceBucketOwner": { "type": "string", "description": "Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expiration": { "type": "string", "description": "If the object expiration is configured, this attribute will be set.\n" }, "expires": { "type": "string", "description": "Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/ObjectCopyGrant:ObjectCopyGrant" }, "description": "Configuration block for header grants. Documented below. Conflicts with `acl`.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n" }, "kmsEncryptionContext": { "type": "string", "description": "Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.\n", "secret": true }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kms_key_id = aws_kms_key.foo.arn`\n", "secret": true }, "lastModified": { "type": "string", "description": "Returns the date that the object was last modified, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "metadataDirective": { "type": "string", "description": "Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "requestCharged": { "type": "boolean", "description": "If present, indicates that the requester was successfully charged for the request.\n" }, "requestPayer": { "type": "string", "description": "Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.\n" }, "source": { "type": "string", "description": "Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:\u003cRegion\u003e:\u003caccount-id\u003e:accesspoint/\u003caccess-point-name\u003e/object/\u003ckey\u003e`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.\n\nThe following arguments are optional:\n" }, "sourceCustomerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use when decrypting the source object (for example, AES256).\n" }, "sourceCustomerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.\n", "secret": true }, "sourceCustomerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "sourceVersionId": { "type": "string", "description": "Version of the copied object in the source bucket.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.\n" }, "taggingDirective": { "type": "string", "description": "Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Version ID of the newly created copy.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "required": [ "acl", "arn", "bucket", "bucketKeyEnabled", "cacheControl", "checksumCrc32", "checksumCrc32c", "checksumSha1", "checksumSha256", "contentDisposition", "contentEncoding", "contentLanguage", "contentType", "customerAlgorithm", "customerKeyMd5", "etag", "expiration", "key", "kmsEncryptionContext", "kmsKeyId", "lastModified", "metadata", "objectLockLegalHoldStatus", "objectLockMode", "objectLockRetainUntilDate", "requestCharged", "serverSideEncryption", "source", "sourceVersionId", "storageClass", "tagsAll", "versionId", "websiteRedirect" ], "inputProperties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.\n" }, "bucket": { "type": "string", "description": "Name of the bucket to put the file in.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.\n" }, "copyIfMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) matches the specified tag.\n" }, "copyIfModifiedSince": { "type": "string", "description": "Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "copyIfNoneMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) is different than the specified ETag.\n" }, "copyIfUnmodifiedSince": { "type": "string", "description": "Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "customerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use to when encrypting the object (for example, AES256).\n" }, "customerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.\n", "secret": true }, "customerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "expectedBucketOwner": { "type": "string", "description": "Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expectedSourceBucketOwner": { "type": "string", "description": "Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expires": { "type": "string", "description": "Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/ObjectCopyGrant:ObjectCopyGrant" }, "description": "Configuration block for header grants. Documented below. Conflicts with `acl`.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n", "willReplaceOnChanges": true }, "kmsEncryptionContext": { "type": "string", "description": "Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.\n", "secret": true }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kms_key_id = aws_kms_key.foo.arn`\n", "secret": true }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "metadataDirective": { "type": "string", "description": "Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "requestPayer": { "type": "string", "description": "Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.\n" }, "source": { "type": "string", "description": "Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:\u003cRegion\u003e:\u003caccount-id\u003e:accesspoint/\u003caccess-point-name\u003e/object/\u003ckey\u003e`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "sourceCustomerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use when decrypting the source object (for example, AES256).\n" }, "sourceCustomerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.\n", "secret": true }, "sourceCustomerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.\n" }, "taggingDirective": { "type": "string", "description": "Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "requiredInputs": [ "bucket", "key", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering ObjectCopy resources.\n", "properties": { "acl": { "type": "string", "description": "[Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Conflicts with `grant`.\n" }, "arn": { "type": "string", "description": "ARN of the object.\n" }, "bucket": { "type": "string", "description": "Name of the bucket to put the file in.\n", "willReplaceOnChanges": true }, "bucketKeyEnabled": { "type": "boolean" }, "cacheControl": { "type": "string", "description": "Specifies caching behavior along the request/reply chain Read [w3c cache_control](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) for further details.\n" }, "checksumAlgorithm": { "type": "string", "description": "Indicates the algorithm used to create the checksum for the object. If a value is specified and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `CRC32`, `CRC32C`, `SHA1`, `SHA256`.\n" }, "checksumCrc32": { "type": "string", "description": "The base64-encoded, 32-bit CRC32 checksum of the object.\n" }, "checksumCrc32c": { "type": "string", "description": "The base64-encoded, 32-bit CRC32C checksum of the object.\n" }, "checksumSha1": { "type": "string", "description": "The base64-encoded, 160-bit SHA-1 digest of the object.\n" }, "checksumSha256": { "type": "string", "description": "The base64-encoded, 256-bit SHA-256 digest of the object.\n" }, "contentDisposition": { "type": "string", "description": "Specifies presentational information for the object. Read [w3c content_disposition](http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1) for further information.\n" }, "contentEncoding": { "type": "string", "description": "Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. Read [w3c content encoding](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11) for further information.\n" }, "contentLanguage": { "type": "string", "description": "Language the content is in e.g., en-US or en-GB.\n" }, "contentType": { "type": "string", "description": "Standard MIME type describing the format of the object data, e.g., `application/octet-stream`. All Valid MIME Types are valid for this input.\n" }, "copyIfMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) matches the specified tag.\n" }, "copyIfModifiedSince": { "type": "string", "description": "Copies the object if it has been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "copyIfNoneMatch": { "type": "string", "description": "Copies the object if its entity tag (ETag) is different than the specified ETag.\n" }, "copyIfUnmodifiedSince": { "type": "string", "description": "Copies the object if it hasn't been modified since the specified time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "customerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use to when encrypting the object (for example, AES256).\n" }, "customerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.\n", "secret": true }, "customerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "etag": { "type": "string", "description": "ETag generated for the object (an MD5 sum of the object content). For plaintext objects or objects encrypted with an AWS-managed key, the hash is an MD5 digest of the object data. For objects encrypted with a KMS key or objects created by either the Multipart Upload or Part Copy operation, the hash is not an MD5 digest, regardless of the method of encryption. More information on possible values can be found on [Common Response Headers](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html).\n" }, "expectedBucketOwner": { "type": "string", "description": "Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expectedSourceBucketOwner": { "type": "string", "description": "Account id of the expected source bucket owner. If the source bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.\n" }, "expiration": { "type": "string", "description": "If the object expiration is configured, this attribute will be set.\n" }, "expires": { "type": "string", "description": "Date and time at which the object is no longer cacheable, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "forceDestroy": { "type": "boolean", "description": "Allow the object to be deleted by removing any legal hold on any object version. Default is `false`. This value should be set to `true` only if the bucket has S3 object lock enabled.\n" }, "grants": { "type": "array", "items": { "$ref": "#/types/aws:s3/ObjectCopyGrant:ObjectCopyGrant" }, "description": "Configuration block for header grants. Documented below. Conflicts with `acl`.\n" }, "key": { "type": "string", "description": "Name of the object once it is in the bucket.\n", "willReplaceOnChanges": true }, "kmsEncryptionContext": { "type": "string", "description": "Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.\n", "secret": true }, "kmsKeyId": { "type": "string", "description": "Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified **ARN** of the KMS Key. If using `aws.kms.Key`, use the exported `arn` attribute: `kms_key_id = aws_kms_key.foo.arn`\n", "secret": true }, "lastModified": { "type": "string", "description": "Returns the date that the object was last modified, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of keys/values to provision metadata (will be automatically prefixed by `x-amz-meta-`, note that only lowercase label are currently supported by the AWS Go API).\n" }, "metadataDirective": { "type": "string", "description": "Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "objectLockLegalHoldStatus": { "type": "string", "description": "The [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds) status that you want to apply to the specified object. Valid values are `ON` and `OFF`.\n" }, "objectLockMode": { "type": "string", "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) that you want to apply to this object. Valid values are `GOVERNANCE` and `COMPLIANCE`.\n" }, "objectLockRetainUntilDate": { "type": "string", "description": "Date and time, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), when this object's object lock will [expire](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-periods).\n" }, "requestCharged": { "type": "boolean", "description": "If present, indicates that the requester was successfully charged for the request.\n" }, "requestPayer": { "type": "string", "description": "Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) in the Amazon S3 Developer Guide. If included, the only valid value is `requester`.\n" }, "serverSideEncryption": { "type": "string", "description": "Specifies server-side encryption of the object in S3. Valid values are `AES256` and `aws:kms`.\n" }, "source": { "type": "string", "description": "Specifies the source object for the copy operation. You specify the value in one of two formats. For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (`/`). For example, `testbucket/test1.json`. For objects accessed through access points, specify the ARN of the object as accessed through the access point, in the format `arn:aws:s3:\u003cRegion\u003e:\u003caccount-id\u003e:accesspoint/\u003caccess-point-name\u003e/object/\u003ckey\u003e`. For example, `arn:aws:s3:us-west-2:9999912999:accesspoint/my-access-point/object/testbucket/test1.json`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "sourceCustomerAlgorithm": { "type": "string", "description": "Specifies the algorithm to use when decrypting the source object (for example, AES256).\n" }, "sourceCustomerKey": { "type": "string", "description": "Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.\n", "secret": true }, "sourceCustomerKeyMd5": { "type": "string", "description": "Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.\n" }, "sourceVersionId": { "type": "string", "description": "Version of the copied object in the source bucket.\n" }, "storageClass": { "type": "string", "description": "Specifies the desired [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html#AmazonS3-CopyObject-request-header-StorageClass) for the object. Defaults to `STANDARD`.\n" }, "taggingDirective": { "type": "string", "description": "Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request. Valid values are `COPY` and `REPLACE`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "versionId": { "type": "string", "description": "Version ID of the newly created copy.\n" }, "websiteRedirect": { "type": "string", "description": "Specifies a target URL for [website redirect](http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).\n" } }, "type": "object" } }, "aws:s3control/accessGrant:AccessGrant": { "description": "Provides a resource to manage an S3 Access Grant.\nEach access grant has its own ID and gives an IAM user or role or a directory user, or group (the grantee) access to a registered location. You determine the level of access, such as `READ` or `READWRITE`.\nBefore you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: `s3://${exampleAwsS3Bucket.bucket}/prefixA*`,\n}, {\n dependsOn: [example],\n});\nconst exampleAccessGrant = new aws.s3control.AccessGrant(\"example\", {\n accessGrantsLocationId: exampleAccessGrantsLocation.accessGrantsLocationId,\n permission: \"READ\",\n accessGrantsLocationConfiguration: {\n s3SubPrefix: \"prefixB*\",\n },\n grantee: {\n granteeType: \"IAM\",\n granteeIdentifier: exampleAwsIamUser.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=f\"s3://{example_aws_s3_bucket['bucket']}/prefixA*\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\nexample_access_grant = aws.s3control.AccessGrant(\"example\",\n access_grants_location_id=example_access_grants_location.access_grants_location_id,\n permission=\"READ\",\n access_grants_location_configuration={\n \"s3_sub_prefix\": \"prefixB*\",\n },\n grantee={\n \"grantee_type\": \"IAM\",\n \"grantee_identifier\": example_aws_iam_user[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = $\"s3://{exampleAwsS3Bucket.Bucket}/prefixA*\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleAccessGrant = new Aws.S3Control.AccessGrant(\"example\", new()\n {\n AccessGrantsLocationId = exampleAccessGrantsLocation.AccessGrantsLocationId,\n Permission = \"READ\",\n AccessGrantsLocationConfiguration = new Aws.S3Control.Inputs.AccessGrantAccessGrantsLocationConfigurationArgs\n {\n S3SubPrefix = \"prefixB*\",\n },\n Grantee = new Aws.S3Control.Inputs.AccessGrantGranteeArgs\n {\n GranteeType = \"IAM\",\n GranteeIdentifier = exampleAwsIamUser.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessGrantsLocation, err := s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(fmt.Sprintf(\"s3://%v/prefixA*\", exampleAwsS3Bucket.Bucket)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrant(ctx, \"example\", \u0026s3control.AccessGrantArgs{\n\t\t\tAccessGrantsLocationId: exampleAccessGrantsLocation.AccessGrantsLocationId,\n\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\tAccessGrantsLocationConfiguration: \u0026s3control.AccessGrantAccessGrantsLocationConfigurationArgs{\n\t\t\t\tS3SubPrefix: pulumi.String(\"prefixB*\"),\n\t\t\t},\n\t\t\tGrantee: \u0026s3control.AccessGrantGranteeArgs{\n\t\t\t\tGranteeType: pulumi.String(\"IAM\"),\n\t\t\t\tGranteeIdentifier: pulumi.Any(exampleAwsIamUser.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport com.pulumi.aws.s3control.AccessGrant;\nimport com.pulumi.aws.s3control.AccessGrantArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantAccessGrantsLocationConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantGranteeArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(String.format(\"s3://%s/prefixA*\", exampleAwsS3Bucket.bucket()))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleAccessGrant = new AccessGrant(\"exampleAccessGrant\", AccessGrantArgs.builder()\n .accessGrantsLocationId(exampleAccessGrantsLocation.accessGrantsLocationId())\n .permission(\"READ\")\n .accessGrantsLocationConfiguration(AccessGrantAccessGrantsLocationConfigurationArgs.builder()\n .s3SubPrefix(\"prefixB*\")\n .build())\n .grantee(AccessGrantGranteeArgs.builder()\n .granteeType(\"IAM\")\n .granteeIdentifier(exampleAwsIamUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://${exampleAwsS3Bucket.bucket}/prefixA*\n options:\n dependson:\n - ${example}\n exampleAccessGrant:\n type: aws:s3control:AccessGrant\n name: example\n properties:\n accessGrantsLocationId: ${exampleAccessGrantsLocation.accessGrantsLocationId}\n permission: READ\n accessGrantsLocationConfiguration:\n s3SubPrefix: prefixB*\n grantee:\n granteeType: IAM\n granteeIdentifier: ${exampleAwsIamUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants using the `account_id` and `access_grant_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrant:AccessGrant example 123456789012,04549c5e-2f3c-4a07-824d-2cafe720aa22\n```\n", "properties": { "accessGrantArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grant.\n" }, "accessGrantId": { "type": "string", "description": "Unique ID of the S3 Access Grant.\n" }, "accessGrantsLocationConfiguration": { "$ref": "#/types/aws:s3control/AccessGrantAccessGrantsLocationConfiguration:AccessGrantAccessGrantsLocationConfiguration", "description": "See Location Configuration below for more details.\n" }, "accessGrantsLocationId": { "type": "string", "description": "The ID of the S3 Access Grants location to with the access grant is giving access.\n" }, "accountId": { "type": "string" }, "grantScope": { "type": "string", "description": "The access grant's scope.\n" }, "grantee": { "$ref": "#/types/aws:s3control/AccessGrantGrantee:AccessGrantGrantee", "description": "See Grantee below for more details.\n" }, "permission": { "type": "string", "description": "The access grant's level of access. Valid values: `READ`, `WRITE`, `READWRITE`.\n" }, "s3PrefixType": { "type": "string", "description": "If you are creating an access grant that grants access to only one object, set this to `Object`. Valid values: `Object`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accessGrantArn", "accessGrantId", "accessGrantsLocationId", "accountId", "grantScope", "permission", "tagsAll" ], "inputProperties": { "accessGrantsLocationConfiguration": { "$ref": "#/types/aws:s3control/AccessGrantAccessGrantsLocationConfiguration:AccessGrantAccessGrantsLocationConfiguration", "description": "See Location Configuration below for more details.\n" }, "accessGrantsLocationId": { "type": "string", "description": "The ID of the S3 Access Grants location to with the access grant is giving access.\n" }, "accountId": { "type": "string" }, "grantee": { "$ref": "#/types/aws:s3control/AccessGrantGrantee:AccessGrantGrantee", "description": "See Grantee below for more details.\n" }, "permission": { "type": "string", "description": "The access grant's level of access. Valid values: `READ`, `WRITE`, `READWRITE`.\n" }, "s3PrefixType": { "type": "string", "description": "If you are creating an access grant that grants access to only one object, set this to `Object`. Valid values: `Object`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "accessGrantsLocationId", "permission" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessGrant resources.\n", "properties": { "accessGrantArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grant.\n" }, "accessGrantId": { "type": "string", "description": "Unique ID of the S3 Access Grant.\n" }, "accessGrantsLocationConfiguration": { "$ref": "#/types/aws:s3control/AccessGrantAccessGrantsLocationConfiguration:AccessGrantAccessGrantsLocationConfiguration", "description": "See Location Configuration below for more details.\n" }, "accessGrantsLocationId": { "type": "string", "description": "The ID of the S3 Access Grants location to with the access grant is giving access.\n" }, "accountId": { "type": "string" }, "grantScope": { "type": "string", "description": "The access grant's scope.\n" }, "grantee": { "$ref": "#/types/aws:s3control/AccessGrantGrantee:AccessGrantGrantee", "description": "See Grantee below for more details.\n" }, "permission": { "type": "string", "description": "The access grant's level of access. Valid values: `READ`, `WRITE`, `READWRITE`.\n" }, "s3PrefixType": { "type": "string", "description": "If you are creating an access grant that grants access to only one object, set this to `Object`. Valid values: `Object`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:s3control/accessGrantsInstance:AccessGrantsInstance": { "description": "Provides a resource to manage an S3 Access Grants instance, which serves as a logical grouping for access grants.\nYou can have one S3 Access Grants instance per Region in your account.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS IAM Identity Center\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {identityCenterArn: \"arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\", identity_center_arn=\"arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\", new()\n {\n IdentityCenterArn = \"arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewAccessGrantsInstance(ctx, \"example\", \u0026s3control.AccessGrantsInstanceArgs{\n\t\t\tIdentityCenterArn: pulumi.String(\"arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\", AccessGrantsInstanceArgs.builder()\n .identityCenterArn(\"arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n properties:\n identityCenterArn: arn:aws:sso:::instance/ssoins-890759e9c7bfdc1d\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants instances using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrantsInstance:AccessGrantsInstance example 123456789012\n```\n", "properties": { "accessGrantsInstanceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grants instance.\n" }, "accessGrantsInstanceId": { "type": "string", "description": "Unique ID of the S3 Access Grants instance.\n" }, "accountId": { "type": "string" }, "identityCenterApplicationArn": { "type": "string", "description": "The ARN of the AWS IAM Identity Center instance application; a subresource of the original Identity Center instance.\n" }, "identityCenterArn": { "type": "string", "description": "The ARN of the AWS IAM Identity Center instance associated with the S3 Access Grants instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accessGrantsInstanceArn", "accessGrantsInstanceId", "accountId", "identityCenterApplicationArn", "tagsAll" ], "inputProperties": { "accountId": { "type": "string" }, "identityCenterArn": { "type": "string", "description": "The ARN of the AWS IAM Identity Center instance associated with the S3 Access Grants instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AccessGrantsInstance resources.\n", "properties": { "accessGrantsInstanceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grants instance.\n" }, "accessGrantsInstanceId": { "type": "string", "description": "Unique ID of the S3 Access Grants instance.\n" }, "accountId": { "type": "string" }, "identityCenterApplicationArn": { "type": "string", "description": "The ARN of the AWS IAM Identity Center instance application; a subresource of the original Identity Center instance.\n" }, "identityCenterArn": { "type": "string", "description": "The ARN of the AWS IAM Identity Center instance associated with the S3 Access Grants instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:s3control/accessGrantsInstanceResourcePolicy:AccessGrantsInstanceResourcePolicy": { "description": "Provides a resource to manage an S3 Access Grants instance resource policy.\nUse a resource policy to manage cross-account access to your S3 Access Grants instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsInstanceResourcePolicy = new aws.s3control.AccessGrantsInstanceResourcePolicy(\"example\", {policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Id\": \"S3AccessGrantsPolicy\",\n \"Statement\": [{\n \"Sid\": \"AllowAccessToS3AccessGrants\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"s3:ListAccessGrants\",\n \"s3:ListAccessGrantsLocations\",\n \"s3:GetDataAccess\"\n ],\n \"Resource\": \"${example.accessGrantsInstanceArn}\"\n }]\n}\n`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_instance_resource_policy = aws.s3control.AccessGrantsInstanceResourcePolicy(\"example\", policy=example.access_grants_instance_arn.apply(lambda access_grants_instance_arn: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Id\": \"S3AccessGrantsPolicy\",\n \"Statement\": [{{\n \"Sid\": \"AllowAccessToS3AccessGrants\",\n \"Effect\": \"Allow\",\n \"Principal\": {{\n \"AWS\": \"123456789456\"\n }},\n \"Action\": [\n \"s3:ListAccessGrants\",\n \"s3:ListAccessGrantsLocations\",\n \"s3:GetDataAccess\"\n ],\n \"Resource\": \"{access_grants_instance_arn}\"\n }}]\n}}\n\"\"\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsInstanceResourcePolicy = new Aws.S3Control.AccessGrantsInstanceResourcePolicy(\"example\", new()\n {\n Policy = example.AccessGrantsInstanceArn.Apply(accessGrantsInstanceArn =\u003e @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Id\"\": \"\"S3AccessGrantsPolicy\"\",\n \"\"Statement\"\": [{{\n \"\"Sid\"\": \"\"AllowAccessToS3AccessGrants\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Principal\"\": {{\n \"\"AWS\"\": \"\"123456789456\"\"\n }},\n \"\"Action\"\": [\n \"\"s3:ListAccessGrants\"\",\n \"\"s3:ListAccessGrantsLocations\"\",\n \"\"s3:GetDataAccess\"\"\n ],\n \"\"Resource\"\": \"\"{accessGrantsInstanceArn}\"\"\n }}]\n}}\n\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrantsInstanceResourcePolicy(ctx, \"example\", \u0026s3control.AccessGrantsInstanceResourcePolicyArgs{\n\t\t\tPolicy: example.AccessGrantsInstanceArn.ApplyT(func(accessGrantsInstanceArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Id\": \"S3AccessGrantsPolicy\",\n \"Statement\": [{\n \"Sid\": \"AllowAccessToS3AccessGrants\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"s3:ListAccessGrants\",\n \"s3:ListAccessGrantsLocations\",\n \"s3:GetDataAccess\"\n ],\n \"Resource\": \"%v\"\n }]\n}\n`, accessGrantsInstanceArn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsInstanceResourcePolicy;\nimport com.pulumi.aws.s3control.AccessGrantsInstanceResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsInstanceResourcePolicy = new AccessGrantsInstanceResourcePolicy(\"exampleAccessGrantsInstanceResourcePolicy\", AccessGrantsInstanceResourcePolicyArgs.builder()\n .policy(example.accessGrantsInstanceArn().applyValue(accessGrantsInstanceArn -\u003e \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Id\": \"S3AccessGrantsPolicy\",\n \"Statement\": [{\n \"Sid\": \"AllowAccessToS3AccessGrants\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"s3:ListAccessGrants\",\n \"s3:ListAccessGrantsLocations\",\n \"s3:GetDataAccess\"\n ],\n \"Resource\": \"%s\"\n }]\n}\n\", accessGrantsInstanceArn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsInstanceResourcePolicy:\n type: aws:s3control:AccessGrantsInstanceResourcePolicy\n name: example\n properties:\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Id\": \"S3AccessGrantsPolicy\",\n \"Statement\": [{\n \"Sid\": \"AllowAccessToS3AccessGrants\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"123456789456\"\n },\n \"Action\": [\n \"s3:ListAccessGrants\",\n \"s3:ListAccessGrantsLocations\",\n \"s3:GetDataAccess\"\n ],\n \"Resource\": \"${example.accessGrantsInstanceArn}\"\n }]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants instance resource policies using the `account_id`. For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrantsInstanceResourcePolicy:AccessGrantsInstanceResourcePolicy example 123456789012\n```\n", "properties": { "accountId": { "type": "string" }, "policy": { "type": "string", "description": "The policy document.\n" } }, "required": [ "accountId", "policy" ], "inputProperties": { "accountId": { "type": "string" }, "policy": { "type": "string", "description": "The policy document.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessGrantsInstanceResourcePolicy resources.\n", "properties": { "accountId": { "type": "string" }, "policy": { "type": "string", "description": "The policy document.\n" } }, "type": "object" } }, "aws:s3control/accessGrantsLocation:AccessGrantsLocation": { "description": "Provides a resource to manage an S3 Access Grants location.\nA location is an S3 resource (bucket or prefix) in a permission grant that the grantee can access.\nThe S3 data must be in the same Region as your S3 Access Grants instance.\nWhen you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: \"s3://\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=\"s3://\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = \"s3://\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(\"s3://\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder()\n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(\"s3://\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants locations using the `account_id` and `access_grants_location_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrantsLocation:AccessGrantsLocation example 123456789012,default\n```\n", "properties": { "accessGrantsLocationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grants location.\n" }, "accessGrantsLocationId": { "type": "string", "description": "Unique ID of the S3 Access Grants location.\n" }, "accountId": { "type": "string" }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that S3 Access Grants should use when fulfilling runtime access\nrequests to the location.\n" }, "locationScope": { "type": "string", "description": "The default S3 URI `s3://` or the URI to a custom location, a specific bucket or prefix.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accessGrantsLocationArn", "accessGrantsLocationId", "accountId", "iamRoleArn", "locationScope", "tagsAll" ], "inputProperties": { "accountId": { "type": "string" }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that S3 Access Grants should use when fulfilling runtime access\nrequests to the location.\n" }, "locationScope": { "type": "string", "description": "The default S3 URI `s3://` or the URI to a custom location, a specific bucket or prefix.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "iamRoleArn", "locationScope" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessGrantsLocation resources.\n", "properties": { "accessGrantsLocationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Access Grants location.\n" }, "accessGrantsLocationId": { "type": "string", "description": "Unique ID of the S3 Access Grants location.\n" }, "accountId": { "type": "string" }, "iamRoleArn": { "type": "string", "description": "The ARN of the IAM role that S3 Access Grants should use when fulfilling runtime access\nrequests to the location.\n" }, "locationScope": { "type": "string", "description": "The default S3 URI `s3://` or the URI to a custom location, a specific bucket or prefix.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:s3control/accessPointPolicy:AccessPointPolicy": { "description": "Provides a resource to manage an S3 Access Point resource policy.\n\n\u003e **NOTE on Access Points and Access Point Policies:** The provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n publicAccessBlockConfiguration: {\n blockPublicAcls: true,\n blockPublicPolicy: false,\n ignorePublicAcls: true,\n restrictPublicBuckets: false,\n },\n});\nconst exampleAccessPointPolicy = new aws.s3control.AccessPointPolicy(\"example\", {\n accessPointArn: exampleAccessPoint.arn,\n policy: pulumi.jsonStringify({\n Version: \"2008-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"s3:GetObjectTagging\",\n Principal: {\n AWS: \"*\",\n },\n Resource: pulumi.interpolate`${exampleAccessPoint.arn}/object/*`,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\",\n public_access_block_configuration={\n \"block_public_acls\": True,\n \"block_public_policy\": False,\n \"ignore_public_acls\": True,\n \"restrict_public_buckets\": False,\n })\nexample_access_point_policy = aws.s3control.AccessPointPolicy(\"example\",\n access_point_arn=example_access_point.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2008-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObjectTagging\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": example_access_point.arn.apply(lambda arn: f\"{arn}/object/*\"),\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n PublicAccessBlockConfiguration = new Aws.S3.Inputs.AccessPointPublicAccessBlockConfigurationArgs\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = false,\n IgnorePublicAcls = true,\n RestrictPublicBuckets = false,\n },\n });\n\n var exampleAccessPointPolicy = new Aws.S3Control.AccessPointPolicy(\"example\", new()\n {\n AccessPointArn = exampleAccessPoint.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2008-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"s3:GetObjectTagging\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = exampleAccessPoint.Arn.Apply(arn =\u003e $\"{arn}/object/*\"),\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPublicAccessBlockConfiguration: \u0026s3.AccessPointPublicAccessBlockConfigurationArgs{\n\t\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\t\tIgnorePublicAcls: pulumi.Bool(true),\n\t\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessPointPolicy(ctx, \"example\", \u0026s3control.AccessPointPolicyArgs{\n\t\t\tAccessPointArn: exampleAccessPoint.Arn,\n\t\t\tPolicy: exampleAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2008-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": \"s3:GetObjectTagging\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": fmt.Sprintf(\"%v/object/*\", arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3.inputs.AccessPointPublicAccessBlockConfigurationArgs;\nimport com.pulumi.aws.s3control.AccessPointPolicy;\nimport com.pulumi.aws.s3control.AccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder()\n .bucket(example.id())\n .name(\"example\")\n .publicAccessBlockConfiguration(AccessPointPublicAccessBlockConfigurationArgs.builder()\n .blockPublicAcls(true)\n .blockPublicPolicy(false)\n .ignorePublicAcls(true)\n .restrictPublicBuckets(false)\n .build())\n .build());\n\n var exampleAccessPointPolicy = new AccessPointPolicy(\"exampleAccessPointPolicy\", AccessPointPolicyArgs.builder()\n .accessPointArn(exampleAccessPoint.arn())\n .policy(exampleAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2008-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"s3:GetObjectTagging\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", String.format(\"%s/object/*\", arn))\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n publicAccessBlockConfiguration:\n blockPublicAcls: true\n blockPublicPolicy: false\n ignorePublicAcls: true\n restrictPublicBuckets: false\n exampleAccessPointPolicy:\n type: aws:s3control:AccessPointPolicy\n name: example\n properties:\n accessPointArn: ${exampleAccessPoint.arn}\n policy:\n fn::toJSON:\n Version: 2008-10-17\n Statement:\n - Effect: Allow\n Action: s3:GetObjectTagging\n Principal:\n AWS: '*'\n Resource: ${exampleAccessPoint.arn}/object/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Point policies using the `access_point_arn`. For example:\n\n```sh\n$ pulumi import aws:s3control/accessPointPolicy:AccessPointPolicy example arn:aws:s3:us-west-2:123456789012:accesspoint/example\n```\n", "properties": { "accessPointArn": { "type": "string", "description": "The ARN of the access point that you want to associate with the specified policy.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "policy": { "type": "string", "description": "The policy that you want to apply to the specified access point.\n" } }, "required": [ "accessPointArn", "hasPublicAccessPolicy", "policy" ], "inputProperties": { "accessPointArn": { "type": "string", "description": "The ARN of the access point that you want to associate with the specified policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The policy that you want to apply to the specified access point.\n" } }, "requiredInputs": [ "accessPointArn", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessPointPolicy resources.\n", "properties": { "accessPointArn": { "type": "string", "description": "The ARN of the access point that you want to associate with the specified policy.\n", "willReplaceOnChanges": true }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "policy": { "type": "string", "description": "The policy that you want to apply to the specified access point.\n" } }, "type": "object" } }, "aws:s3control/bucket:Bucket": { "description": "Provides a resource to manage an S3 Control Bucket.\n\n\u003e This functionality is for managing [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html). To manage S3 Buckets in an AWS Partition, see the `aws.s3.BucketV2` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.Bucket(\"example\", {\n bucket: \"example\",\n outpostId: exampleAwsOutpostsOutpost.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.Bucket(\"example\",\n bucket=\"example\",\n outpost_id=example_aws_outposts_outpost[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.Bucket(\"example\", new()\n {\n BucketName = \"example\",\n OutpostId = exampleAwsOutpostsOutpost.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewBucket(ctx, \"example\", \u0026s3control.BucketArgs{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tOutpostId: pulumi.Any(exampleAwsOutpostsOutpost.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.Bucket;\nimport com.pulumi.aws.s3control.BucketArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .bucket(\"example\")\n .outpostId(exampleAwsOutpostsOutpost.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:Bucket\n properties:\n bucket: example\n outpostId: ${exampleAwsOutpostsOutpost.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Control Buckets using Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:s3control/bucket:Bucket example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/bucket/example\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n" }, "bucket": { "type": "string", "description": "Name of the bucket.\n", "language": { "csharp": { "name": "BucketName" } } }, "creationDate": { "type": "string", "description": "UTC creation date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this bucket.\n" }, "publicAccessBlockEnabled": { "type": "boolean", "description": "Boolean whether Public Access Block is enabled.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "bucket", "creationDate", "outpostId", "publicAccessBlockEnabled", "tagsAll" ], "inputProperties": { "bucket": { "type": "string", "description": "Name of the bucket.\n", "language": { "csharp": { "name": "BucketName" } }, "willReplaceOnChanges": true }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this bucket.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "bucket", "outpostId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Bucket resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n" }, "bucket": { "type": "string", "description": "Name of the bucket.\n", "language": { "csharp": { "name": "BucketName" } }, "willReplaceOnChanges": true }, "creationDate": { "type": "string", "description": "UTC creation date in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this bucket.\n", "willReplaceOnChanges": true }, "publicAccessBlockEnabled": { "type": "boolean", "description": "Boolean whether Public Access Block is enabled.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:s3control/bucketLifecycleConfiguration:BucketLifecycleConfiguration": { "description": "Provides a resource to manage an S3 Control Bucket Lifecycle Configuration.\n\n\u003e **NOTE:** Each S3 Control Bucket can only have one Lifecycle Configuration. Using multiple of this resource against the same S3 Control Bucket will result in perpetual differences each provider run.\n\n\u003e This functionality is for managing [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html). To manage S3 Bucket Lifecycle Configurations in an AWS Partition, see the `aws.s3.BucketV2` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.BucketLifecycleConfiguration(\"example\", {\n bucket: exampleAwsS3controlBucket.arn,\n rules: [\n {\n expiration: {\n days: 365,\n },\n filter: {\n prefix: \"logs/\",\n },\n id: \"logs\",\n },\n {\n expiration: {\n days: 7,\n },\n filter: {\n prefix: \"temp/\",\n },\n id: \"temp\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.BucketLifecycleConfiguration(\"example\",\n bucket=example_aws_s3control_bucket[\"arn\"],\n rules=[\n {\n \"expiration\": {\n \"days\": 365,\n },\n \"filter\": {\n \"prefix\": \"logs/\",\n },\n \"id\": \"logs\",\n },\n {\n \"expiration\": {\n \"days\": 7,\n },\n \"filter\": {\n \"prefix\": \"temp/\",\n },\n \"id\": \"temp\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.BucketLifecycleConfiguration(\"example\", new()\n {\n Bucket = exampleAwsS3controlBucket.Arn,\n Rules = new[]\n {\n new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleArgs\n {\n Expiration = new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleExpirationArgs\n {\n Days = 365,\n },\n Filter = new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Id = \"logs\",\n },\n new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleArgs\n {\n Expiration = new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleExpirationArgs\n {\n Days = 7,\n },\n Filter = new Aws.S3Control.Inputs.BucketLifecycleConfigurationRuleFilterArgs\n {\n Prefix = \"temp/\",\n },\n Id = \"temp\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewBucketLifecycleConfiguration(ctx, \"example\", \u0026s3control.BucketLifecycleConfigurationArgs{\n\t\t\tBucket: pulumi.Any(exampleAwsS3controlBucket.Arn),\n\t\t\tRules: s3control.BucketLifecycleConfigurationRuleArray{\n\t\t\t\t\u0026s3control.BucketLifecycleConfigurationRuleArgs{\n\t\t\t\t\tExpiration: \u0026s3control.BucketLifecycleConfigurationRuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(365),\n\t\t\t\t\t},\n\t\t\t\t\tFilter: \u0026s3control.BucketLifecycleConfigurationRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tId: pulumi.String(\"logs\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3control.BucketLifecycleConfigurationRuleArgs{\n\t\t\t\t\tExpiration: \u0026s3control.BucketLifecycleConfigurationRuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(7),\n\t\t\t\t\t},\n\t\t\t\t\tFilter: \u0026s3control.BucketLifecycleConfigurationRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"temp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tId: pulumi.String(\"temp\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.BucketLifecycleConfiguration;\nimport com.pulumi.aws.s3control.BucketLifecycleConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.BucketLifecycleConfigurationRuleArgs;\nimport com.pulumi.aws.s3control.inputs.BucketLifecycleConfigurationRuleExpirationArgs;\nimport com.pulumi.aws.s3control.inputs.BucketLifecycleConfigurationRuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfiguration(\"example\", BucketLifecycleConfigurationArgs.builder()\n .bucket(exampleAwsS3controlBucket.arn())\n .rules( \n BucketLifecycleConfigurationRuleArgs.builder()\n .expiration(BucketLifecycleConfigurationRuleExpirationArgs.builder()\n .days(365)\n .build())\n .filter(BucketLifecycleConfigurationRuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .id(\"logs\")\n .build(),\n BucketLifecycleConfigurationRuleArgs.builder()\n .expiration(BucketLifecycleConfigurationRuleExpirationArgs.builder()\n .days(7)\n .build())\n .filter(BucketLifecycleConfigurationRuleFilterArgs.builder()\n .prefix(\"temp/\")\n .build())\n .id(\"temp\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:BucketLifecycleConfiguration\n properties:\n bucket: ${exampleAwsS3controlBucket.arn}\n rules:\n - expiration:\n days: 365\n filter:\n prefix: logs/\n id: logs\n - expiration:\n days: 7\n filter:\n prefix: temp/\n id: temp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Control Bucket Lifecycle Configurations using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:s3control/bucketLifecycleConfiguration:BucketLifecycleConfiguration example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/bucket/example\n```\n", "properties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRule:BucketLifecycleConfigurationRule" }, "description": "Configuration block(s) containing lifecycle rules for the bucket.\n" } }, "required": [ "bucket", "rules" ], "inputProperties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRule:BucketLifecycleConfigurationRule" }, "description": "Configuration block(s) containing lifecycle rules for the bucket.\n" } }, "requiredInputs": [ "bucket", "rules" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketLifecycleConfiguration resources.\n", "properties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:s3control/BucketLifecycleConfigurationRule:BucketLifecycleConfigurationRule" }, "description": "Configuration block(s) containing lifecycle rules for the bucket.\n" } }, "type": "object" } }, "aws:s3control/bucketPolicy:BucketPolicy": { "description": "Provides a resource to manage an S3 Control Bucket Policy.\n\n\u003e This functionality is for managing [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html). To manage S3 Bucket Policies in an AWS Partition, see the `aws.s3.BucketPolicy` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.BucketPolicy(\"example\", {\n bucket: exampleAwsS3controlBucket.arn,\n policy: JSON.stringify({\n Id: \"testBucketPolicy\",\n Statement: [{\n Action: \"s3-outposts:PutBucketLifecycleConfiguration\",\n Effect: \"Deny\",\n Principal: {\n AWS: \"*\",\n },\n Resource: exampleAwsS3controlBucket.arn,\n Sid: \"statement1\",\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3control.BucketPolicy(\"example\",\n bucket=example_aws_s3control_bucket[\"arn\"],\n policy=json.dumps({\n \"Id\": \"testBucketPolicy\",\n \"Statement\": [{\n \"Action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n \"Effect\": \"Deny\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": example_aws_s3control_bucket[\"arn\"],\n \"Sid\": \"statement1\",\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.BucketPolicy(\"example\", new()\n {\n Bucket = exampleAwsS3controlBucket.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Id\"] = \"testBucketPolicy\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3-outposts:PutBucketLifecycleConfiguration\",\n [\"Effect\"] = \"Deny\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = exampleAwsS3controlBucket.Arn,\n [\"Sid\"] = \"statement1\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Id\": \"testBucketPolicy\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n\t\t\t\t\t\"Effect\": \"Deny\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": exampleAwsS3controlBucket.Arn,\n\t\t\t\t\t\"Sid\": \"statement1\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = s3control.NewBucketPolicy(ctx, \"example\", \u0026s3control.BucketPolicyArgs{\n\t\t\tBucket: pulumi.Any(exampleAwsS3controlBucket.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.BucketPolicy;\nimport com.pulumi.aws.s3control.BucketPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketPolicy(\"example\", BucketPolicyArgs.builder()\n .bucket(exampleAwsS3controlBucket.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Id\", \"testBucketPolicy\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3-outposts:PutBucketLifecycleConfiguration\"),\n jsonProperty(\"Effect\", \"Deny\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", exampleAwsS3controlBucket.arn()),\n jsonProperty(\"Sid\", \"statement1\")\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:BucketPolicy\n properties:\n bucket: ${exampleAwsS3controlBucket.arn}\n policy:\n fn::toJSON:\n Id: testBucketPolicy\n Statement:\n - Action: s3-outposts:PutBucketLifecycleConfiguration\n Effect: Deny\n Principal:\n AWS: '*'\n Resource: ${exampleAwsS3controlBucket.arn}\n Sid: statement1\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Control Bucket Policies using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:s3control/bucketPolicy:BucketPolicy example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/bucket/example\n```\n", "properties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n" }, "policy": { "type": "string", "description": "JSON string of the resource policy.\n" } }, "required": [ "bucket", "policy" ], "inputProperties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "JSON string of the resource policy.\n" } }, "requiredInputs": [ "bucket", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering BucketPolicy resources.\n", "properties": { "bucket": { "type": "string", "description": "Amazon Resource Name (ARN) of the bucket.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "JSON string of the resource policy.\n" } }, "type": "object" } }, "aws:s3control/multiRegionAccessPoint:MultiRegionAccessPoint": { "description": "Provides a resource to manage an S3 Multi-Region Access Point associated with specified buckets.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Multiple AWS Buckets in Different Regions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooBucket = new aws.s3.BucketV2(\"foo_bucket\", {bucket: \"example-bucket-foo\"});\nconst barBucket = new aws.s3.BucketV2(\"bar_bucket\", {bucket: \"example-bucket-bar\"});\nconst example = new aws.s3control.MultiRegionAccessPoint(\"example\", {details: {\n name: \"example\",\n regions: [\n {\n bucket: fooBucket.id,\n },\n {\n bucket: barBucket.id,\n },\n ],\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_bucket = aws.s3.BucketV2(\"foo_bucket\", bucket=\"example-bucket-foo\")\nbar_bucket = aws.s3.BucketV2(\"bar_bucket\", bucket=\"example-bucket-bar\")\nexample = aws.s3control.MultiRegionAccessPoint(\"example\", details={\n \"name\": \"example\",\n \"regions\": [\n {\n \"bucket\": foo_bucket.id,\n },\n {\n \"bucket\": bar_bucket.id,\n },\n ],\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fooBucket = new Aws.S3.BucketV2(\"foo_bucket\", new()\n {\n Bucket = \"example-bucket-foo\",\n });\n\n var barBucket = new Aws.S3.BucketV2(\"bar_bucket\", new()\n {\n Bucket = \"example-bucket-bar\",\n });\n\n var example = new Aws.S3Control.MultiRegionAccessPoint(\"example\", new()\n {\n Details = new Aws.S3Control.Inputs.MultiRegionAccessPointDetailsArgs\n {\n Name = \"example\",\n Regions = new[]\n {\n new Aws.S3Control.Inputs.MultiRegionAccessPointDetailsRegionArgs\n {\n Bucket = fooBucket.Id,\n },\n new Aws.S3Control.Inputs.MultiRegionAccessPointDetailsRegionArgs\n {\n Bucket = barBucket.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooBucket, err := s3.NewBucketV2(ctx, \"foo_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket-foo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbarBucket, err := s3.NewBucketV2(ctx, \"bar_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket-bar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewMultiRegionAccessPoint(ctx, \"example\", \u0026s3control.MultiRegionAccessPointArgs{\n\t\t\tDetails: \u0026s3control.MultiRegionAccessPointDetailsArgs{\n\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\tRegions: s3control.MultiRegionAccessPointDetailsRegionArray{\n\t\t\t\t\t\u0026s3control.MultiRegionAccessPointDetailsRegionArgs{\n\t\t\t\t\t\tBucket: fooBucket.ID(),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026s3control.MultiRegionAccessPointDetailsRegionArgs{\n\t\t\t\t\t\tBucket: barBucket.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3control.MultiRegionAccessPoint;\nimport com.pulumi.aws.s3control.MultiRegionAccessPointArgs;\nimport com.pulumi.aws.s3control.inputs.MultiRegionAccessPointDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooBucket = new BucketV2(\"fooBucket\", BucketV2Args.builder()\n .bucket(\"example-bucket-foo\")\n .build());\n\n var barBucket = new BucketV2(\"barBucket\", BucketV2Args.builder()\n .bucket(\"example-bucket-bar\")\n .build());\n\n var example = new MultiRegionAccessPoint(\"example\", MultiRegionAccessPointArgs.builder()\n .details(MultiRegionAccessPointDetailsArgs.builder()\n .name(\"example\")\n .regions( \n MultiRegionAccessPointDetailsRegionArgs.builder()\n .bucket(fooBucket.id())\n .build(),\n MultiRegionAccessPointDetailsRegionArgs.builder()\n .bucket(barBucket.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooBucket:\n type: aws:s3:BucketV2\n name: foo_bucket\n properties:\n bucket: example-bucket-foo\n barBucket:\n type: aws:s3:BucketV2\n name: bar_bucket\n properties:\n bucket: example-bucket-bar\n example:\n type: aws:s3control:MultiRegionAccessPoint\n properties:\n details:\n name: example\n regions:\n - bucket: ${fooBucket.id}\n - bucket: ${barBucket.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Multi-Region Access Points using the `account_id` and `name` of the Multi-Region Access Point separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/multiRegionAccessPoint:MultiRegionAccessPoint example 123456789012:example\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the buckets for which you want to create a Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n" }, "alias": { "type": "string", "description": "The alias for the Multi-Region Access Point.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Multi-Region Access Point.\n" }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointDetails:MultiRegionAccessPointDetails", "description": "A configuration block containing details about the Multi-Region Access Point. See Details Configuration Block below for more details\n" }, "domainName": { "type": "string", "description": "The DNS domain name of the S3 Multi-Region Access Point in the format _`alias`_.accesspoint.s3-global.amazonaws.com. For more information, see the documentation on [Multi-Region Access Point Requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRequests.html).\n" }, "status": { "type": "string", "description": "The current status of the Multi-Region Access Point. One of: `READY`, `INCONSISTENT_ACROSS_REGIONS`, `CREATING`, `PARTIALLY_CREATED`, `PARTIALLY_DELETED`, `DELETING`.\n" } }, "required": [ "accountId", "alias", "arn", "details", "domainName", "status" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the buckets for which you want to create a Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointDetails:MultiRegionAccessPointDetails", "description": "A configuration block containing details about the Multi-Region Access Point. See Details Configuration Block below for more details\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "details" ], "stateInputs": { "description": "Input properties used for looking up and filtering MultiRegionAccessPoint resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the buckets for which you want to create a Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "alias": { "type": "string", "description": "The alias for the Multi-Region Access Point.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Multi-Region Access Point.\n" }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointDetails:MultiRegionAccessPointDetails", "description": "A configuration block containing details about the Multi-Region Access Point. See Details Configuration Block below for more details\n", "willReplaceOnChanges": true }, "domainName": { "type": "string", "description": "The DNS domain name of the S3 Multi-Region Access Point in the format _`alias`_.accesspoint.s3-global.amazonaws.com. For more information, see the documentation on [Multi-Region Access Point Requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRequests.html).\n" }, "status": { "type": "string", "description": "The current status of the Multi-Region Access Point. One of: `READY`, `INCONSISTENT_ACROSS_REGIONS`, `CREATING`, `PARTIALLY_CREATED`, `PARTIALLY_DELETED`, `DELETING`.\n" } }, "type": "object" } }, "aws:s3control/multiRegionAccessPointPolicy:MultiRegionAccessPointPolicy": { "description": "Provides a resource to manage an S3 Multi-Region Access Point access control policy.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import Multi-Region Access Point Policies using the `account_id` and `name` of the Multi-Region Access Point separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/multiRegionAccessPointPolicy:MultiRegionAccessPointPolicy example 123456789012:example\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n" }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointPolicyDetails:MultiRegionAccessPointPolicyDetails", "description": "A configuration block containing details about the policy for the Multi-Region Access Point. See Details Configuration Block below for more details\n" }, "established": { "type": "string", "description": "The last established policy for the Multi-Region Access Point.\n" }, "proposed": { "type": "string", "description": "The proposed policy for the Multi-Region Access Point.\n" } }, "required": [ "accountId", "details", "established", "proposed" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointPolicyDetails:MultiRegionAccessPointPolicyDetails", "description": "A configuration block containing details about the policy for the Multi-Region Access Point. See Details Configuration Block below for more details\n" } }, "requiredInputs": [ "details" ], "stateInputs": { "description": "Input properties used for looking up and filtering MultiRegionAccessPointPolicy resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "details": { "$ref": "#/types/aws:s3control/MultiRegionAccessPointPolicyDetails:MultiRegionAccessPointPolicyDetails", "description": "A configuration block containing details about the policy for the Multi-Region Access Point. See Details Configuration Block below for more details\n" }, "established": { "type": "string", "description": "The last established policy for the Multi-Region Access Point.\n" }, "proposed": { "type": "string", "description": "The proposed policy for the Multi-Region Access Point.\n" } }, "type": "object" } }, "aws:s3control/objectLambdaAccessPoint:ObjectLambdaAccessPoint": { "description": "Provides a resource to manage an S3 Object Lambda Access Point.\nAn Object Lambda access point is associated with exactly one standard access point and thus one Amazon S3 bucket.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n});\nconst exampleObjectLambdaAccessPoint = new aws.s3control.ObjectLambdaAccessPoint(\"example\", {\n name: \"example\",\n configuration: {\n supportingAccessPoint: exampleAccessPoint.arn,\n transformationConfigurations: [{\n actions: [\"GetObject\"],\n contentTransformation: {\n awsLambda: {\n functionArn: exampleAwsLambdaFunction.arn,\n },\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\")\nexample_object_lambda_access_point = aws.s3control.ObjectLambdaAccessPoint(\"example\",\n name=\"example\",\n configuration={\n \"supporting_access_point\": example_access_point.arn,\n \"transformation_configurations\": [{\n \"actions\": [\"GetObject\"],\n \"content_transformation\": {\n \"aws_lambda\": {\n \"function_arn\": example_aws_lambda_function[\"arn\"],\n },\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n });\n\n var exampleObjectLambdaAccessPoint = new Aws.S3Control.ObjectLambdaAccessPoint(\"example\", new()\n {\n Name = \"example\",\n Configuration = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationArgs\n {\n SupportingAccessPoint = exampleAccessPoint.Arn,\n TransformationConfigurations = new[]\n {\n new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs\n {\n Actions = new[]\n {\n \"GetObject\",\n },\n ContentTransformation = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs\n {\n AwsLambda = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs\n {\n FunctionArn = exampleAwsLambdaFunction.Arn,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewObjectLambdaAccessPoint(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026s3control.ObjectLambdaAccessPointConfigurationArgs{\n\t\t\t\tSupportingAccessPoint: exampleAccessPoint.Arn,\n\t\t\t\tTransformationConfigurations: s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArray{\n\t\t\t\t\t\u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs{\n\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"GetObject\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tContentTransformation: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs{\n\t\t\t\t\t\t\tAwsLambda: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs{\n\t\t\t\t\t\t\t\tFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPoint;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointArgs;\nimport com.pulumi.aws.s3control.inputs.ObjectLambdaAccessPointConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder()\n .bucket(example.id())\n .name(\"example\")\n .build());\n\n var exampleObjectLambdaAccessPoint = new ObjectLambdaAccessPoint(\"exampleObjectLambdaAccessPoint\", ObjectLambdaAccessPointArgs.builder()\n .name(\"example\")\n .configuration(ObjectLambdaAccessPointConfigurationArgs.builder()\n .supportingAccessPoint(exampleAccessPoint.arn())\n .transformationConfigurations(ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs.builder()\n .actions(\"GetObject\")\n .contentTransformation(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs.builder()\n .awsLambda(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs.builder()\n .functionArn(exampleAwsLambdaFunction.arn())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n exampleObjectLambdaAccessPoint:\n type: aws:s3control:ObjectLambdaAccessPoint\n name: example\n properties:\n name: example\n configuration:\n supportingAccessPoint: ${exampleAccessPoint.arn}\n transformationConfigurations:\n - actions:\n - GetObject\n contentTransformation:\n awsLambda:\n functionArn: ${exampleAwsLambdaFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Object Lambda Access Points using the `account_id` and `name`, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/objectLambdaAccessPoint:ObjectLambdaAccessPoint example 123456789012:example\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n" }, "alias": { "type": "string", "description": "Alias for the S3 Object Lambda Access Point.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Object Lambda Access Point.\n" }, "configuration": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfiguration:ObjectLambdaAccessPointConfiguration", "description": "A configuration block containing details about the Object Lambda Access Point. See Configuration below for more details.\n" }, "name": { "type": "string", "description": "The name for this Object Lambda Access Point.\n" } }, "required": [ "accountId", "alias", "arn", "configuration", "name" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "configuration": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfiguration:ObjectLambdaAccessPointConfiguration", "description": "A configuration block containing details about the Object Lambda Access Point. See Configuration below for more details.\n" }, "name": { "type": "string", "description": "The name for this Object Lambda Access Point.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "configuration" ], "stateInputs": { "description": "Input properties used for looking up and filtering ObjectLambdaAccessPoint resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the owner of the bucket for which you want to create an Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "alias": { "type": "string", "description": "Alias for the S3 Object Lambda Access Point.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Object Lambda Access Point.\n" }, "configuration": { "$ref": "#/types/aws:s3control/ObjectLambdaAccessPointConfiguration:ObjectLambdaAccessPointConfiguration", "description": "A configuration block containing details about the Object Lambda Access Point. See Configuration below for more details.\n" }, "name": { "type": "string", "description": "The name for this Object Lambda Access Point.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy": { "description": "Provides a resource to manage an S3 Object Lambda Access Point resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n});\nconst exampleObjectLambdaAccessPoint = new aws.s3control.ObjectLambdaAccessPoint(\"example\", {\n name: \"example\",\n configuration: {\n supportingAccessPoint: exampleAccessPoint.arn,\n transformationConfigurations: [{\n actions: [\"GetObject\"],\n contentTransformation: {\n awsLambda: {\n functionArn: exampleAwsLambdaFunction.arn,\n },\n },\n }],\n },\n});\nconst exampleObjectLambdaAccessPointPolicy = new aws.s3control.ObjectLambdaAccessPointPolicy(\"example\", {\n name: exampleObjectLambdaAccessPoint.name,\n policy: pulumi.jsonStringify({\n Version: \"2008-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"s3-object-lambda:GetObject\",\n Principal: {\n AWS: current.accountId,\n },\n Resource: exampleObjectLambdaAccessPoint.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\")\nexample_object_lambda_access_point = aws.s3control.ObjectLambdaAccessPoint(\"example\",\n name=\"example\",\n configuration={\n \"supporting_access_point\": example_access_point.arn,\n \"transformation_configurations\": [{\n \"actions\": [\"GetObject\"],\n \"content_transformation\": {\n \"aws_lambda\": {\n \"function_arn\": example_aws_lambda_function[\"arn\"],\n },\n },\n }],\n })\nexample_object_lambda_access_point_policy = aws.s3control.ObjectLambdaAccessPointPolicy(\"example\",\n name=example_object_lambda_access_point.name,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2008-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"s3-object-lambda:GetObject\",\n \"Principal\": {\n \"AWS\": current[\"accountId\"],\n },\n \"Resource\": example_object_lambda_access_point.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n });\n\n var exampleObjectLambdaAccessPoint = new Aws.S3Control.ObjectLambdaAccessPoint(\"example\", new()\n {\n Name = \"example\",\n Configuration = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationArgs\n {\n SupportingAccessPoint = exampleAccessPoint.Arn,\n TransformationConfigurations = new[]\n {\n new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs\n {\n Actions = new[]\n {\n \"GetObject\",\n },\n ContentTransformation = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs\n {\n AwsLambda = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs\n {\n FunctionArn = exampleAwsLambdaFunction.Arn,\n },\n },\n },\n },\n },\n });\n\n var exampleObjectLambdaAccessPointPolicy = new Aws.S3Control.ObjectLambdaAccessPointPolicy(\"example\", new()\n {\n Name = exampleObjectLambdaAccessPoint.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2008-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"s3-object-lambda:GetObject\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.AccountId,\n },\n [\"Resource\"] = exampleObjectLambdaAccessPoint.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleObjectLambdaAccessPoint, err := s3control.NewObjectLambdaAccessPoint(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026s3control.ObjectLambdaAccessPointConfigurationArgs{\n\t\t\t\tSupportingAccessPoint: exampleAccessPoint.Arn,\n\t\t\t\tTransformationConfigurations: s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArray{\n\t\t\t\t\t\u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs{\n\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"GetObject\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tContentTransformation: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs{\n\t\t\t\t\t\t\tAwsLambda: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs{\n\t\t\t\t\t\t\t\tFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewObjectLambdaAccessPointPolicy(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointPolicyArgs{\n\t\t\tName: exampleObjectLambdaAccessPoint.Name,\n\t\t\tPolicy: exampleObjectLambdaAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2008-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": \"s3-object-lambda:GetObject\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPoint;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointArgs;\nimport com.pulumi.aws.s3control.inputs.ObjectLambdaAccessPointConfigurationArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicy;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder()\n .bucket(example.id())\n .name(\"example\")\n .build());\n\n var exampleObjectLambdaAccessPoint = new ObjectLambdaAccessPoint(\"exampleObjectLambdaAccessPoint\", ObjectLambdaAccessPointArgs.builder()\n .name(\"example\")\n .configuration(ObjectLambdaAccessPointConfigurationArgs.builder()\n .supportingAccessPoint(exampleAccessPoint.arn())\n .transformationConfigurations(ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs.builder()\n .actions(\"GetObject\")\n .contentTransformation(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs.builder()\n .awsLambda(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs.builder()\n .functionArn(exampleAwsLambdaFunction.arn())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var exampleObjectLambdaAccessPointPolicy = new ObjectLambdaAccessPointPolicy(\"exampleObjectLambdaAccessPointPolicy\", ObjectLambdaAccessPointPolicyArgs.builder()\n .name(exampleObjectLambdaAccessPoint.name())\n .policy(exampleObjectLambdaAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2008-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"s3-object-lambda:GetObject\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", current.accountId())\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n exampleObjectLambdaAccessPoint:\n type: aws:s3control:ObjectLambdaAccessPoint\n name: example\n properties:\n name: example\n configuration:\n supportingAccessPoint: ${exampleAccessPoint.arn}\n transformationConfigurations:\n - actions:\n - GetObject\n contentTransformation:\n awsLambda:\n functionArn: ${exampleAwsLambdaFunction.arn}\n exampleObjectLambdaAccessPointPolicy:\n type: aws:s3control:ObjectLambdaAccessPointPolicy\n name: example\n properties:\n name: ${exampleObjectLambdaAccessPoint.name}\n policy:\n fn::toJSON:\n Version: 2008-10-17\n Statement:\n - Effect: Allow\n Action: s3-object-lambda:GetObject\n Principal:\n AWS: ${current.accountId}\n Resource: ${exampleObjectLambdaAccessPoint.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Object Lambda Access Point policies using the `account_id` and `name`, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy example 123456789012:example\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the account that owns the Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n" }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "The name of the Object Lambda Access Point.\n" }, "policy": { "type": "string", "description": "The Object Lambda Access Point resource policy document.\n" } }, "required": [ "accountId", "hasPublicAccessPolicy", "name", "policy" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the account that owns the Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Object Lambda Access Point.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The Object Lambda Access Point resource policy document.\n" } }, "requiredInputs": [ "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ObjectLambdaAccessPointPolicy resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the account that owns the Object Lambda Access Point. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "hasPublicAccessPolicy": { "type": "boolean", "description": "Indicates whether this access point currently has a policy that allows public access.\n" }, "name": { "type": "string", "description": "The name of the Object Lambda Access Point.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The Object Lambda Access Point resource policy document.\n" } }, "type": "object" } }, "aws:s3control/storageLensConfiguration:StorageLensConfiguration": { "description": "Provides a resource to manage an S3 Storage Lens configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.s3control.StorageLensConfiguration(\"example\", {\n configId: \"example-1\",\n storageLensConfiguration: {\n enabled: true,\n accountLevel: {\n activityMetrics: {\n enabled: true,\n },\n bucketLevel: {\n activityMetrics: {\n enabled: true,\n },\n },\n },\n dataExport: {\n cloudWatchMetrics: {\n enabled: true,\n },\n s3BucketDestination: {\n accountId: current.then(current =\u003e current.accountId),\n arn: target.arn,\n format: \"CSV\",\n outputSchemaVersion: \"V_1\",\n encryption: {\n sseS3s: [{}],\n },\n },\n },\n exclude: {\n buckets: [\n b1.arn,\n b2.arn,\n ],\n regions: [\"us-east-2\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.s3control.StorageLensConfiguration(\"example\",\n config_id=\"example-1\",\n storage_lens_configuration={\n \"enabled\": True,\n \"account_level\": {\n \"activity_metrics\": {\n \"enabled\": True,\n },\n \"bucket_level\": {\n \"activity_metrics\": {\n \"enabled\": True,\n },\n },\n },\n \"data_export\": {\n \"cloud_watch_metrics\": {\n \"enabled\": True,\n },\n \"s3_bucket_destination\": {\n \"account_id\": current.account_id,\n \"arn\": target[\"arn\"],\n \"format\": \"CSV\",\n \"output_schema_version\": \"V_1\",\n \"encryption\": {\n \"sse_s3s\": [{}],\n },\n },\n },\n \"exclude\": {\n \"buckets\": [\n b1[\"arn\"],\n b2[\"arn\"],\n ],\n \"regions\": [\"us-east-2\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.S3Control.StorageLensConfiguration(\"example\", new()\n {\n ConfigId = \"example-1\",\n StorageLensConfigurationDetail = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationArgs\n {\n Enabled = true,\n AccountLevel = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelArgs\n {\n ActivityMetrics = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetricsArgs\n {\n Enabled = true,\n },\n BucketLevel = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelArgs\n {\n ActivityMetrics = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetricsArgs\n {\n Enabled = true,\n },\n },\n },\n DataExport = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationDataExportArgs\n {\n CloudWatchMetrics = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetricsArgs\n {\n Enabled = true,\n },\n S3BucketDestination = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationArgs\n {\n AccountId = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Arn = target.Arn,\n Format = \"CSV\",\n OutputSchemaVersion = \"V_1\",\n Encryption = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionArgs\n {\n SseS3s = new[]\n {\n null,\n },\n },\n },\n },\n Exclude = new Aws.S3Control.Inputs.StorageLensConfigurationStorageLensConfigurationExcludeArgs\n {\n Buckets = new[]\n {\n b1.Arn,\n b2.Arn,\n },\n Regions = new[]\n {\n \"us-east-2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewStorageLensConfiguration(ctx, \"example\", \u0026s3control.StorageLensConfigurationArgs{\n\t\t\tConfigId: pulumi.String(\"example-1\"),\n\t\t\tStorageLensConfiguration: \u0026s3control.StorageLensConfigurationStorageLensConfigurationArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tAccountLevel: \u0026s3control.StorageLensConfigurationStorageLensConfigurationAccountLevelArgs{\n\t\t\t\t\tActivityMetrics: \u0026s3control.StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetricsArgs{\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tBucketLevel: \u0026s3control.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelArgs{\n\t\t\t\t\t\tActivityMetrics: \u0026s3control.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetricsArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDataExport: \u0026s3control.StorageLensConfigurationStorageLensConfigurationDataExportArgs{\n\t\t\t\t\tCloudWatchMetrics: \u0026s3control.StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetricsArgs{\n\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tS3BucketDestination: \u0026s3control.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationArgs{\n\t\t\t\t\t\tAccountId: pulumi.String(current.AccountId),\n\t\t\t\t\t\tArn: pulumi.Any(target.Arn),\n\t\t\t\t\t\tFormat: pulumi.String(\"CSV\"),\n\t\t\t\t\t\tOutputSchemaVersion: pulumi.String(\"V_1\"),\n\t\t\t\t\t\tEncryption: \u0026s3control.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionArgs{\n\t\t\t\t\t\t\tSseS3s: s3control.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionSseS3Array{\n\t\t\t\t\t\t\t\tnil,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tExclude: \u0026s3control.StorageLensConfigurationStorageLensConfigurationExcludeArgs{\n\t\t\t\t\tBuckets: pulumi.StringArray{\n\t\t\t\t\t\tb1.Arn,\n\t\t\t\t\t\tb2.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"us-east-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.s3control.StorageLensConfiguration;\nimport com.pulumi.aws.s3control.StorageLensConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetricsArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetricsArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationDataExportArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetricsArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionArgs;\nimport com.pulumi.aws.s3control.inputs.StorageLensConfigurationStorageLensConfigurationExcludeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new StorageLensConfiguration(\"example\", StorageLensConfigurationArgs.builder()\n .configId(\"example-1\")\n .storageLensConfiguration(StorageLensConfigurationStorageLensConfigurationArgs.builder()\n .enabled(true)\n .accountLevel(StorageLensConfigurationStorageLensConfigurationAccountLevelArgs.builder()\n .activityMetrics(StorageLensConfigurationStorageLensConfigurationAccountLevelActivityMetricsArgs.builder()\n .enabled(true)\n .build())\n .bucketLevel(StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelArgs.builder()\n .activityMetrics(StorageLensConfigurationStorageLensConfigurationAccountLevelBucketLevelActivityMetricsArgs.builder()\n .enabled(true)\n .build())\n .build())\n .build())\n .dataExport(StorageLensConfigurationStorageLensConfigurationDataExportArgs.builder()\n .cloudWatchMetrics(StorageLensConfigurationStorageLensConfigurationDataExportCloudWatchMetricsArgs.builder()\n .enabled(true)\n .build())\n .s3BucketDestination(StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationArgs.builder()\n .accountId(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .arn(target.arn())\n .format(\"CSV\")\n .outputSchemaVersion(\"V_1\")\n .encryption(StorageLensConfigurationStorageLensConfigurationDataExportS3BucketDestinationEncryptionArgs.builder()\n .sseS3s()\n .build())\n .build())\n .build())\n .exclude(StorageLensConfigurationStorageLensConfigurationExcludeArgs.builder()\n .buckets( \n b1.arn(),\n b2.arn())\n .regions(\"us-east-2\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:StorageLensConfiguration\n properties:\n configId: example-1\n storageLensConfiguration:\n enabled: true\n accountLevel:\n activityMetrics:\n enabled: true\n bucketLevel:\n activityMetrics:\n enabled: true\n dataExport:\n cloudWatchMetrics:\n enabled: true\n s3BucketDestination:\n accountId: ${current.accountId}\n arn: ${target.arn}\n format: CSV\n outputSchemaVersion: V_1\n encryption:\n sseS3s:\n - {}\n exclude:\n buckets:\n - ${b1.arn}\n - ${b2.arn}\n regions:\n - us-east-2\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Storage Lens configurations using the `account_id` and `config_id`, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/storageLensConfiguration:StorageLensConfiguration example 123456789012:example-1\n```\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the S3 Storage Lens configuration. Defaults to automatically determined account ID of the AWS provider.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Storage Lens configuration.\n" }, "configId": { "type": "string", "description": "The ID of the S3 Storage Lens configuration.\n" }, "storageLensConfiguration": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfiguration:StorageLensConfigurationStorageLensConfiguration", "description": "The S3 Storage Lens configuration. See Storage Lens Configuration below for more details.\n", "language": { "csharp": { "name": "StorageLensConfigurationDetail" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accountId", "arn", "configId", "storageLensConfiguration", "tagsAll" ], "inputProperties": { "accountId": { "type": "string", "description": "The AWS account ID for the S3 Storage Lens configuration. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "configId": { "type": "string", "description": "The ID of the S3 Storage Lens configuration.\n", "willReplaceOnChanges": true }, "storageLensConfiguration": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfiguration:StorageLensConfigurationStorageLensConfiguration", "description": "The S3 Storage Lens configuration. See Storage Lens Configuration below for more details.\n", "language": { "csharp": { "name": "StorageLensConfigurationDetail" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "configId", "storageLensConfiguration" ], "stateInputs": { "description": "Input properties used for looking up and filtering StorageLensConfiguration resources.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID for the S3 Storage Lens configuration. Defaults to automatically determined account ID of the AWS provider.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the S3 Storage Lens configuration.\n" }, "configId": { "type": "string", "description": "The ID of the S3 Storage Lens configuration.\n", "willReplaceOnChanges": true }, "storageLensConfiguration": { "$ref": "#/types/aws:s3control/StorageLensConfigurationStorageLensConfiguration:StorageLensConfigurationStorageLensConfiguration", "description": "The S3 Storage Lens configuration. See Storage Lens Configuration below for more details.\n", "language": { "csharp": { "name": "StorageLensConfigurationDetail" } } }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:s3outposts/endpoint:Endpoint": { "description": "Provides a resource to manage an S3 Outposts Endpoint.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3outposts.Endpoint(\"example\", {\n outpostId: exampleAwsOutpostsOutpost.id,\n securityGroupId: exampleAwsSecurityGroup.id,\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3outposts.Endpoint(\"example\",\n outpost_id=example_aws_outposts_outpost[\"id\"],\n security_group_id=example_aws_security_group[\"id\"],\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Outposts.Endpoint(\"example\", new()\n {\n OutpostId = exampleAwsOutpostsOutpost.Id,\n SecurityGroupId = exampleAwsSecurityGroup.Id,\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3outposts.NewEndpoint(ctx, \"example\", \u0026s3outposts.EndpointArgs{\n\t\t\tOutpostId: pulumi.Any(exampleAwsOutpostsOutpost.Id),\n\t\t\tSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3outposts.Endpoint;\nimport com.pulumi.aws.s3outposts.EndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Endpoint(\"example\", EndpointArgs.builder()\n .outpostId(exampleAwsOutpostsOutpost.id())\n .securityGroupId(exampleAwsSecurityGroup.id())\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3outposts:Endpoint\n properties:\n outpostId: ${exampleAwsOutpostsOutpost.id}\n securityGroupId: ${exampleAwsSecurityGroup.id}\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Outposts Endpoints using Amazon Resource Name (ARN), EC2 Security Group identifier, and EC2 Subnet identifier, separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:s3outposts/endpoint:Endpoint example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/endpoint/0123456789abcdef,sg-12345678,subnet-12345678\n```\n", "properties": { "accessType": { "type": "string", "description": "Type of access for the network connectivity. Valid values are `Private` or `CustomerOwnedIp`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the endpoint.\n" }, "cidrBlock": { "type": "string", "description": "VPC CIDR block of the endpoint.\n" }, "creationTime": { "type": "string", "description": "UTC creation time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a Customer Owned IP Pool. For more on customer owned IP addresses see the [User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/local-rack.html#local-gateway-subnet).\n" }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:s3outposts/EndpointNetworkInterface:EndpointNetworkInterface" }, "description": "Set of nested attributes for associated Elastic Network Interfaces (ENIs).\n" }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this endpoint.\n" }, "securityGroupId": { "type": "string", "description": "Identifier of the EC2 Security Group.\n" }, "subnetId": { "type": "string", "description": "Identifier of the EC2 Subnet.\n" } }, "required": [ "accessType", "arn", "cidrBlock", "creationTime", "networkInterfaces", "outpostId", "securityGroupId", "subnetId" ], "inputProperties": { "accessType": { "type": "string", "description": "Type of access for the network connectivity. Valid values are `Private` or `CustomerOwnedIp`.\n", "willReplaceOnChanges": true }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a Customer Owned IP Pool. For more on customer owned IP addresses see the [User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/local-rack.html#local-gateway-subnet).\n", "willReplaceOnChanges": true }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this endpoint.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "Identifier of the EC2 Security Group.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "Identifier of the EC2 Subnet.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "outpostId", "securityGroupId", "subnetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "accessType": { "type": "string", "description": "Type of access for the network connectivity. Valid values are `Private` or `CustomerOwnedIp`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the endpoint.\n" }, "cidrBlock": { "type": "string", "description": "VPC CIDR block of the endpoint.\n" }, "creationTime": { "type": "string", "description": "UTC creation time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "customerOwnedIpv4Pool": { "type": "string", "description": "The ID of a Customer Owned IP Pool. For more on customer owned IP addresses see the [User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/local-rack.html#local-gateway-subnet).\n", "willReplaceOnChanges": true }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:s3outposts/EndpointNetworkInterface:EndpointNetworkInterface" }, "description": "Set of nested attributes for associated Elastic Network Interfaces (ENIs).\n" }, "outpostId": { "type": "string", "description": "Identifier of the Outpost to contain this endpoint.\n", "willReplaceOnChanges": true }, "securityGroupId": { "type": "string", "description": "Identifier of the EC2 Security Group.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "Identifier of the EC2 Subnet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/app:App": { "description": "Provides a SageMaker App resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.App(\"example\", {\n domainId: exampleAwsSagemakerDomain.id,\n userProfileName: exampleAwsSagemakerUserProfile.userProfileName,\n appName: \"example\",\n appType: \"JupyterServer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.App(\"example\",\n domain_id=example_aws_sagemaker_domain[\"id\"],\n user_profile_name=example_aws_sagemaker_user_profile[\"userProfileName\"],\n app_name=\"example\",\n app_type=\"JupyterServer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.App(\"example\", new()\n {\n DomainId = exampleAwsSagemakerDomain.Id,\n UserProfileName = exampleAwsSagemakerUserProfile.UserProfileName,\n AppName = \"example\",\n AppType = \"JupyterServer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewApp(ctx, \"example\", \u0026sagemaker.AppArgs{\n\t\t\tDomainId: pulumi.Any(exampleAwsSagemakerDomain.Id),\n\t\t\tUserProfileName: pulumi.Any(exampleAwsSagemakerUserProfile.UserProfileName),\n\t\t\tAppName: pulumi.String(\"example\"),\n\t\t\tAppType: pulumi.String(\"JupyterServer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.App;\nimport com.pulumi.aws.sagemaker.AppArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new App(\"example\", AppArgs.builder()\n .domainId(exampleAwsSagemakerDomain.id())\n .userProfileName(exampleAwsSagemakerUserProfile.userProfileName())\n .appName(\"example\")\n .appType(\"JupyterServer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:App\n properties:\n domainId: ${exampleAwsSagemakerDomain.id}\n userProfileName: ${exampleAwsSagemakerUserProfile.userProfileName}\n appName: example\n appType: JupyterServer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Apps using the `id`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/app:App example arn:aws:sagemaker:us-west-2:012345678912:app/domain-id/user-profile-name/app-type/app-name\n```\n", "properties": { "appName": { "type": "string", "description": "The name of the app.\n" }, "appType": { "type": "string", "description": "The type of app. Valid values are `JupyterServer`, `KernelGateway`, `RStudioServerPro`, `RSessionGateway` and `TensorBoard`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app.\n" }, "domainId": { "type": "string", "description": "The domain ID.\n" }, "resourceSpec": { "$ref": "#/types/aws:sagemaker/AppResourceSpec:AppResourceSpec", "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.See Resource Spec below.\n" }, "spaceName": { "type": "string", "description": "The name of the space. At least one of `user_profile_name` or `space_name` required.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userProfileName": { "type": "string", "description": "The user profile name. At least one of `user_profile_name` or `space_name` required.\n" } }, "required": [ "appName", "appType", "arn", "domainId", "resourceSpec", "tagsAll" ], "inputProperties": { "appName": { "type": "string", "description": "The name of the app.\n", "willReplaceOnChanges": true }, "appType": { "type": "string", "description": "The type of app. Valid values are `JupyterServer`, `KernelGateway`, `RStudioServerPro`, `RSessionGateway` and `TensorBoard`.\n", "willReplaceOnChanges": true }, "domainId": { "type": "string", "description": "The domain ID.\n", "willReplaceOnChanges": true }, "resourceSpec": { "$ref": "#/types/aws:sagemaker/AppResourceSpec:AppResourceSpec", "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.See Resource Spec below.\n", "willReplaceOnChanges": true }, "spaceName": { "type": "string", "description": "The name of the space. At least one of `user_profile_name` or `space_name` required.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userProfileName": { "type": "string", "description": "The user profile name. At least one of `user_profile_name` or `space_name` required.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "appName", "appType", "domainId" ], "stateInputs": { "description": "Input properties used for looking up and filtering App resources.\n", "properties": { "appName": { "type": "string", "description": "The name of the app.\n", "willReplaceOnChanges": true }, "appType": { "type": "string", "description": "The type of app. Valid values are `JupyterServer`, `KernelGateway`, `RStudioServerPro`, `RSessionGateway` and `TensorBoard`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the app.\n" }, "domainId": { "type": "string", "description": "The domain ID.\n", "willReplaceOnChanges": true }, "resourceSpec": { "$ref": "#/types/aws:sagemaker/AppResourceSpec:AppResourceSpec", "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.See Resource Spec below.\n", "willReplaceOnChanges": true }, "spaceName": { "type": "string", "description": "The name of the space. At least one of `user_profile_name` or `space_name` required.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userProfileName": { "type": "string", "description": "The user profile name. At least one of `user_profile_name` or `space_name` required.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/appImageConfig:AppImageConfig": { "description": "Provides a SageMaker App Image Config resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.AppImageConfig;\nimport com.pulumi.aws.sagemaker.AppImageConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.AppImageConfigKernelGatewayImageConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AppImageConfig(\"test\", AppImageConfigArgs.builder()\n .appImageConfigName(\"example\")\n .kernelGatewayImageConfig(AppImageConfigKernelGatewayImageConfigArgs.builder()\n .kernelSpecs(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sagemaker:AppImageConfig\n properties:\n appImageConfigName: example\n kernelGatewayImageConfig:\n kernelSpecs:\n - name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Default File System Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.AppImageConfig;\nimport com.pulumi.aws.sagemaker.AppImageConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.AppImageConfigKernelGatewayImageConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.AppImageConfigKernelGatewayImageConfigFileSystemConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AppImageConfig(\"test\", AppImageConfigArgs.builder()\n .appImageConfigName(\"example\")\n .kernelGatewayImageConfig(AppImageConfigKernelGatewayImageConfigArgs.builder()\n .kernelSpecs(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .fileSystemConfig()\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sagemaker:AppImageConfig\n properties:\n appImageConfigName: example\n kernelGatewayImageConfig:\n kernelSpecs:\n - name: example\n fileSystemConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker App Image Configs using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/appImageConfig:AppImageConfig example example\n```\n", "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this App Image Config.\n" }, "codeEditorAppImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigCodeEditorAppImageConfig:AppImageConfigCodeEditorAppImageConfig", "description": "The CodeEditorAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in Code Editor. See Code Editor App Image Config details below.\n" }, "jupyterLabImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigJupyterLabImageConfig:AppImageConfigJupyterLabImageConfig", "description": "The JupyterLabAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in JupyterLab. See Jupyter Lab Image Config details below.\n" }, "kernelGatewayImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigKernelGatewayImageConfig:AppImageConfigKernelGatewayImageConfig", "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. See Kernel Gateway Image Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "appImageConfigName", "arn", "tagsAll" ], "inputProperties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n", "willReplaceOnChanges": true }, "codeEditorAppImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigCodeEditorAppImageConfig:AppImageConfigCodeEditorAppImageConfig", "description": "The CodeEditorAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in Code Editor. See Code Editor App Image Config details below.\n" }, "jupyterLabImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigJupyterLabImageConfig:AppImageConfigJupyterLabImageConfig", "description": "The JupyterLabAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in JupyterLab. See Jupyter Lab Image Config details below.\n" }, "kernelGatewayImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigKernelGatewayImageConfig:AppImageConfigKernelGatewayImageConfig", "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. See Kernel Gateway Image Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "appImageConfigName" ], "stateInputs": { "description": "Input properties used for looking up and filtering AppImageConfig resources.\n", "properties": { "appImageConfigName": { "type": "string", "description": "The name of the App Image Config.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this App Image Config.\n" }, "codeEditorAppImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigCodeEditorAppImageConfig:AppImageConfigCodeEditorAppImageConfig", "description": "The CodeEditorAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in Code Editor. See Code Editor App Image Config details below.\n" }, "jupyterLabImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigJupyterLabImageConfig:AppImageConfigJupyterLabImageConfig", "description": "The JupyterLabAppImageConfig. You can only specify one image kernel in the AppImageConfig API. This kernel is shown to users before the image starts. After the image runs, all kernels are visible in JupyterLab. See Jupyter Lab Image Config details below.\n" }, "kernelGatewayImageConfig": { "$ref": "#/types/aws:sagemaker/AppImageConfigKernelGatewayImageConfig:AppImageConfigKernelGatewayImageConfig", "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. See Kernel Gateway Image Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/codeRepository:CodeRepository": { "description": "Provides a SageMaker Code Repository resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config={\n \"repository_url\": \"https://github.com/github/docs.git\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepository(\"example\", CodeRepositoryArgs.builder()\n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:CodeRepository\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with Secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n username: \"example\",\n password: \"example\",\n }),\n});\nconst exampleCodeRepository = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n secretArn: example.arn,\n },\n}, {\n dependsOn: [exampleSecretVersion],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"username\": \"example\",\n \"password\": \"example\",\n }))\nexample_code_repository = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config={\n \"repository_url\": \"https://github.com/github/docs.git\",\n \"secret_arn\": example.arn,\n },\n opts = pulumi.ResourceOptions(depends_on=[example_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"example\",\n [\"password\"] = \"example\",\n }),\n });\n\n var exampleCodeRepository = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n SecretArn = example.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"example\",\n\t\t\t\"password\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t\tSecretArn: example.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"example\"),\n jsonProperty(\"password\", \"example\")\n )))\n .build());\n\n var exampleCodeRepository = new CodeRepository(\"exampleCodeRepository\", CodeRepositoryArgs.builder()\n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .secretArn(example.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n username: example\n password: example\n exampleCodeRepository:\n type: aws:sagemaker:CodeRepository\n name: example\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n secretArn: ${example.arn}\n options:\n dependson:\n - ${exampleSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Code Repositories using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/codeRepository:CodeRepository test_code_repository my-code-repo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Code Repository.\n" }, "codeRepositoryName": { "type": "string", "description": "The name of the Code Repository (must be unique).\n" }, "gitConfig": { "$ref": "#/types/aws:sagemaker/CodeRepositoryGitConfig:CodeRepositoryGitConfig", "description": "Specifies details about the repository. see Git Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "codeRepositoryName", "gitConfig", "tagsAll" ], "inputProperties": { "codeRepositoryName": { "type": "string", "description": "The name of the Code Repository (must be unique).\n", "willReplaceOnChanges": true }, "gitConfig": { "$ref": "#/types/aws:sagemaker/CodeRepositoryGitConfig:CodeRepositoryGitConfig", "description": "Specifies details about the repository. see Git Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "codeRepositoryName", "gitConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering CodeRepository resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Code Repository.\n" }, "codeRepositoryName": { "type": "string", "description": "The name of the Code Repository (must be unique).\n", "willReplaceOnChanges": true }, "gitConfig": { "$ref": "#/types/aws:sagemaker/CodeRepositoryGitConfig:CodeRepositoryGitConfig", "description": "Specifies details about the repository. see Git Config details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/dataQualityJobDefinition:DataQualityJobDefinition": { "description": "Provides a SageMaker data quality job definition resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.sagemaker.DataQualityJobDefinition(\"test\", {\n name: \"my-data-quality-job-definition\",\n dataQualityAppSpecification: {\n imageUri: monitor.registryPath,\n },\n dataQualityJobInput: {\n endpointInput: {\n endpointName: myEndpoint.name,\n },\n },\n dataQualityJobOutputConfig: {\n monitoringOutputs: {\n s3Output: {\n s3Uri: `https://${myBucket.bucketRegionalDomainName}/output`,\n },\n },\n },\n jobResources: {\n clusterConfig: {\n instanceCount: 1,\n instanceType: \"ml.t3.medium\",\n volumeSizeInGb: 20,\n },\n },\n roleArn: myRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sagemaker.DataQualityJobDefinition(\"test\",\n name=\"my-data-quality-job-definition\",\n data_quality_app_specification={\n \"image_uri\": monitor[\"registryPath\"],\n },\n data_quality_job_input={\n \"endpoint_input\": {\n \"endpoint_name\": my_endpoint[\"name\"],\n },\n },\n data_quality_job_output_config={\n \"monitoring_outputs\": {\n \"s3_output\": {\n \"s3_uri\": f\"https://{my_bucket['bucketRegionalDomainName']}/output\",\n },\n },\n },\n job_resources={\n \"cluster_config\": {\n \"instance_count\": 1,\n \"instance_type\": \"ml.t3.medium\",\n \"volume_size_in_gb\": 20,\n },\n },\n role_arn=my_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Sagemaker.DataQualityJobDefinition(\"test\", new()\n {\n Name = \"my-data-quality-job-definition\",\n DataQualityAppSpecification = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityAppSpecificationArgs\n {\n ImageUri = monitor.RegistryPath,\n },\n DataQualityJobInput = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityJobInputArgs\n {\n EndpointInput = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityJobInputEndpointInputArgs\n {\n EndpointName = myEndpoint.Name,\n },\n },\n DataQualityJobOutputConfig = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityJobOutputConfigArgs\n {\n MonitoringOutputs = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsArgs\n {\n S3Output = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3OutputArgs\n {\n S3Uri = $\"https://{myBucket.BucketRegionalDomainName}/output\",\n },\n },\n },\n JobResources = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionJobResourcesArgs\n {\n ClusterConfig = new Aws.Sagemaker.Inputs.DataQualityJobDefinitionJobResourcesClusterConfigArgs\n {\n InstanceCount = 1,\n InstanceType = \"ml.t3.medium\",\n VolumeSizeInGb = 20,\n },\n },\n RoleArn = myRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewDataQualityJobDefinition(ctx, \"test\", \u0026sagemaker.DataQualityJobDefinitionArgs{\n\t\t\tName: pulumi.String(\"my-data-quality-job-definition\"),\n\t\t\tDataQualityAppSpecification: \u0026sagemaker.DataQualityJobDefinitionDataQualityAppSpecificationArgs{\n\t\t\t\tImageUri: pulumi.Any(monitor.RegistryPath),\n\t\t\t},\n\t\t\tDataQualityJobInput: \u0026sagemaker.DataQualityJobDefinitionDataQualityJobInputArgs{\n\t\t\t\tEndpointInput: \u0026sagemaker.DataQualityJobDefinitionDataQualityJobInputEndpointInputArgs{\n\t\t\t\t\tEndpointName: pulumi.Any(myEndpoint.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDataQualityJobOutputConfig: \u0026sagemaker.DataQualityJobDefinitionDataQualityJobOutputConfigArgs{\n\t\t\t\tMonitoringOutputs: \u0026sagemaker.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsArgs{\n\t\t\t\t\tS3Output: sagemaker.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3OutputArgs{\n\t\t\t\t\t\tS3Uri: pulumi.String(fmt.Sprintf(\"https://%v/output\", myBucket.BucketRegionalDomainName)),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tJobResources: \u0026sagemaker.DataQualityJobDefinitionJobResourcesArgs{\n\t\t\t\tClusterConfig: \u0026sagemaker.DataQualityJobDefinitionJobResourcesClusterConfigArgs{\n\t\t\t\t\tInstanceCount: pulumi.Int(1),\n\t\t\t\t\tInstanceType: pulumi.String(\"ml.t3.medium\"),\n\t\t\t\t\tVolumeSizeInGb: pulumi.Int(20),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRoleArn: pulumi.Any(myRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.DataQualityJobDefinition;\nimport com.pulumi.aws.sagemaker.DataQualityJobDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityAppSpecificationArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityJobInputArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityJobInputEndpointInputArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityJobOutputConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3OutputArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionJobResourcesArgs;\nimport com.pulumi.aws.sagemaker.inputs.DataQualityJobDefinitionJobResourcesClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new DataQualityJobDefinition(\"test\", DataQualityJobDefinitionArgs.builder()\n .name(\"my-data-quality-job-definition\")\n .dataQualityAppSpecification(DataQualityJobDefinitionDataQualityAppSpecificationArgs.builder()\n .imageUri(monitor.registryPath())\n .build())\n .dataQualityJobInput(DataQualityJobDefinitionDataQualityJobInputArgs.builder()\n .endpointInput(DataQualityJobDefinitionDataQualityJobInputEndpointInputArgs.builder()\n .endpointName(myEndpoint.name())\n .build())\n .build())\n .dataQualityJobOutputConfig(DataQualityJobDefinitionDataQualityJobOutputConfigArgs.builder()\n .monitoringOutputs(DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsArgs.builder()\n .s3Output(DataQualityJobDefinitionDataQualityJobOutputConfigMonitoringOutputsS3OutputArgs.builder()\n .s3Uri(String.format(\"https://%s/output\", myBucket.bucketRegionalDomainName()))\n .build())\n .build())\n .build())\n .jobResources(DataQualityJobDefinitionJobResourcesArgs.builder()\n .clusterConfig(DataQualityJobDefinitionJobResourcesClusterConfigArgs.builder()\n .instanceCount(1)\n .instanceType(\"ml.t3.medium\")\n .volumeSizeInGb(20)\n .build())\n .build())\n .roleArn(myRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sagemaker:DataQualityJobDefinition\n properties:\n name: my-data-quality-job-definition\n dataQualityAppSpecification:\n imageUri: ${monitor.registryPath}\n dataQualityJobInput:\n endpointInput:\n endpointName: ${myEndpoint.name}\n dataQualityJobOutputConfig:\n monitoringOutputs:\n s3Output:\n s3Uri: https://${myBucket.bucketRegionalDomainName}/output\n jobResources:\n clusterConfig:\n instanceCount: 1\n instanceType: ml.t3.medium\n volumeSizeInGb: 20\n roleArn: ${myRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import data quality job definitions using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/dataQualityJobDefinition:DataQualityJobDefinition test_data_quality_job_definition data-quality-job-definition-foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this data quality job definition.\n" }, "dataQualityAppSpecification": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityAppSpecification:DataQualityJobDefinitionDataQualityAppSpecification", "description": "Specifies the container that runs the monitoring job. Fields are documented below.\n" }, "dataQualityBaselineConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfig:DataQualityJobDefinitionDataQualityBaselineConfig", "description": "Configures the constraints and baselines for the monitoring job. Fields are documented below.\n" }, "dataQualityJobInput": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInput:DataQualityJobDefinitionDataQualityJobInput", "description": "A list of inputs for the monitoring job. Fields are documented below.\n" }, "dataQualityJobOutputConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfig:DataQualityJobDefinitionDataQualityJobOutputConfig", "description": "The output configuration for monitoring jobs. Fields are documented below.\n" }, "jobResources": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionJobResources:DataQualityJobDefinitionJobResources", "description": "Identifies the resources to deploy for a monitoring job. Fields are documented below.\n" }, "name": { "type": "string", "description": "The name of the data quality job definition. If omitted, the provider will assign a random, unique name.\n" }, "networkConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionNetworkConfig:DataQualityJobDefinitionNetworkConfig", "description": "Specifies networking configuration for the monitoring job. Fields are documented below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.\n" }, "stoppingCondition": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionStoppingCondition:DataQualityJobDefinitionStoppingCondition", "description": "A time limit for how long the monitoring job is allowed to run before stopping. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "dataQualityAppSpecification", "dataQualityJobInput", "dataQualityJobOutputConfig", "jobResources", "name", "roleArn", "stoppingCondition", "tagsAll" ], "inputProperties": { "dataQualityAppSpecification": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityAppSpecification:DataQualityJobDefinitionDataQualityAppSpecification", "description": "Specifies the container that runs the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityBaselineConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfig:DataQualityJobDefinitionDataQualityBaselineConfig", "description": "Configures the constraints and baselines for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityJobInput": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInput:DataQualityJobDefinitionDataQualityJobInput", "description": "A list of inputs for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityJobOutputConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfig:DataQualityJobDefinitionDataQualityJobOutputConfig", "description": "The output configuration for monitoring jobs. Fields are documented below.\n", "willReplaceOnChanges": true }, "jobResources": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionJobResources:DataQualityJobDefinitionJobResources", "description": "Identifies the resources to deploy for a monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the data quality job definition. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "networkConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionNetworkConfig:DataQualityJobDefinitionNetworkConfig", "description": "Specifies networking configuration for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.\n" }, "stoppingCondition": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionStoppingCondition:DataQualityJobDefinitionStoppingCondition", "description": "A time limit for how long the monitoring job is allowed to run before stopping. Fields are documented below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "dataQualityAppSpecification", "dataQualityJobInput", "dataQualityJobOutputConfig", "jobResources", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataQualityJobDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this data quality job definition.\n" }, "dataQualityAppSpecification": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityAppSpecification:DataQualityJobDefinitionDataQualityAppSpecification", "description": "Specifies the container that runs the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityBaselineConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityBaselineConfig:DataQualityJobDefinitionDataQualityBaselineConfig", "description": "Configures the constraints and baselines for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityJobInput": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobInput:DataQualityJobDefinitionDataQualityJobInput", "description": "A list of inputs for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "dataQualityJobOutputConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionDataQualityJobOutputConfig:DataQualityJobDefinitionDataQualityJobOutputConfig", "description": "The output configuration for monitoring jobs. Fields are documented below.\n", "willReplaceOnChanges": true }, "jobResources": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionJobResources:DataQualityJobDefinitionJobResources", "description": "Identifies the resources to deploy for a monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the data quality job definition. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "networkConfig": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionNetworkConfig:DataQualityJobDefinitionNetworkConfig", "description": "Specifies networking configuration for the monitoring job. Fields are documented below.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.\n" }, "stoppingCondition": { "$ref": "#/types/aws:sagemaker/DataQualityJobDefinitionStoppingCondition:DataQualityJobDefinitionStoppingCondition", "description": "A time limit for how long the monitoring job is allowed to run before stopping. Fields are documented below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/device:Device": { "description": "Provides a SageMaker Device resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Device(\"example\", {\n deviceFleetName: exampleAwsSagemakerDeviceFleet.deviceFleetName,\n device: {\n deviceName: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Device(\"example\",\n device_fleet_name=example_aws_sagemaker_device_fleet[\"deviceFleetName\"],\n device={\n \"device_name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Device(\"example\", new()\n {\n DeviceFleetName = exampleAwsSagemakerDeviceFleet.DeviceFleetName,\n DeviceDetails = new Aws.Sagemaker.Inputs.DeviceDeviceArgs\n {\n DeviceName = \"example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewDevice(ctx, \"example\", \u0026sagemaker.DeviceArgs{\n\t\t\tDeviceFleetName: pulumi.Any(exampleAwsSagemakerDeviceFleet.DeviceFleetName),\n\t\t\tDevice: \u0026sagemaker.DeviceDeviceArgs{\n\t\t\t\tDeviceName: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Device;\nimport com.pulumi.aws.sagemaker.DeviceArgs;\nimport com.pulumi.aws.sagemaker.inputs.DeviceDeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Device(\"example\", DeviceArgs.builder()\n .deviceFleetName(exampleAwsSagemakerDeviceFleet.deviceFleetName())\n .device(DeviceDeviceArgs.builder()\n .deviceName(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Device\n properties:\n deviceFleetName: ${exampleAwsSagemakerDeviceFleet.deviceFleetName}\n device:\n deviceName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Devices using the `device-fleet-name/device-name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/device:Device example my-fleet/my-device\n```\n", "properties": { "agentVersion": { "type": "string" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Device.\n" }, "device": { "$ref": "#/types/aws:sagemaker/DeviceDevice:DeviceDevice", "description": "The device to register with SageMaker Edge Manager. See Device details below.\n", "language": { "csharp": { "name": "DeviceDetails" } } }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet.\n" } }, "required": [ "agentVersion", "arn", "device", "deviceFleetName" ], "inputProperties": { "device": { "$ref": "#/types/aws:sagemaker/DeviceDevice:DeviceDevice", "description": "The device to register with SageMaker Edge Manager. See Device details below.\n", "language": { "csharp": { "name": "DeviceDetails" } } }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "device", "deviceFleetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Device resources.\n", "properties": { "agentVersion": { "type": "string" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Device.\n" }, "device": { "$ref": "#/types/aws:sagemaker/DeviceDevice:DeviceDevice", "description": "The device to register with SageMaker Edge Manager. See Device details below.\n", "language": { "csharp": { "name": "DeviceDetails" } } }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/deviceFleet:DeviceFleet": { "description": "Provides a SageMaker Device Fleet resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.DeviceFleet(\"example\", {\n deviceFleetName: \"example\",\n roleArn: test.arn,\n outputConfig: {\n s3OutputLocation: `s3://${exampleAwsS3Bucket.bucket}/prefix/`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.DeviceFleet(\"example\",\n device_fleet_name=\"example\",\n role_arn=test[\"arn\"],\n output_config={\n \"s3_output_location\": f\"s3://{example_aws_s3_bucket['bucket']}/prefix/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.DeviceFleet(\"example\", new()\n {\n DeviceFleetName = \"example\",\n RoleArn = test.Arn,\n OutputConfig = new Aws.Sagemaker.Inputs.DeviceFleetOutputConfigArgs\n {\n S3OutputLocation = $\"s3://{exampleAwsS3Bucket.Bucket}/prefix/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewDeviceFleet(ctx, \"example\", \u0026sagemaker.DeviceFleetArgs{\n\t\t\tDeviceFleetName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(test.Arn),\n\t\t\tOutputConfig: \u0026sagemaker.DeviceFleetOutputConfigArgs{\n\t\t\t\tS3OutputLocation: pulumi.String(fmt.Sprintf(\"s3://%v/prefix/\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.DeviceFleet;\nimport com.pulumi.aws.sagemaker.DeviceFleetArgs;\nimport com.pulumi.aws.sagemaker.inputs.DeviceFleetOutputConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DeviceFleet(\"example\", DeviceFleetArgs.builder()\n .deviceFleetName(\"example\")\n .roleArn(test.arn())\n .outputConfig(DeviceFleetOutputConfigArgs.builder()\n .s3OutputLocation(String.format(\"s3://%s/prefix/\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:DeviceFleet\n properties:\n deviceFleetName: example\n roleArn: ${test.arn}\n outputConfig:\n s3OutputLocation: s3://${exampleAwsS3Bucket.bucket}/prefix/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Device Fleets using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/deviceFleet:DeviceFleet example my-fleet\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Device Fleet.\n" }, "description": { "type": "string", "description": "A description of the fleet.\n" }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet (must be unique).\n" }, "enableIotRoleAlias": { "type": "boolean", "description": "Whether to create an AWS IoT Role Alias during device fleet creation. The name of the role alias generated will match this pattern: \"SageMakerEdge-{DeviceFleetName}\".\n" }, "iotRoleAlias": { "type": "string" }, "outputConfig": { "$ref": "#/types/aws:sagemaker/DeviceFleetOutputConfig:DeviceFleetOutputConfig", "description": "Specifies details about the repository. see Output Config details below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "deviceFleetName", "iotRoleAlias", "outputConfig", "roleArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A description of the fleet.\n" }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet (must be unique).\n", "willReplaceOnChanges": true }, "enableIotRoleAlias": { "type": "boolean", "description": "Whether to create an AWS IoT Role Alias during device fleet creation. The name of the role alias generated will match this pattern: \"SageMakerEdge-{DeviceFleetName}\".\n" }, "outputConfig": { "$ref": "#/types/aws:sagemaker/DeviceFleetOutputConfig:DeviceFleetOutputConfig", "description": "Specifies details about the repository. see Output Config details below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "deviceFleetName", "outputConfig", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DeviceFleet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Device Fleet.\n" }, "description": { "type": "string", "description": "A description of the fleet.\n" }, "deviceFleetName": { "type": "string", "description": "The name of the Device Fleet (must be unique).\n", "willReplaceOnChanges": true }, "enableIotRoleAlias": { "type": "boolean", "description": "Whether to create an AWS IoT Role Alias during device fleet creation. The name of the role alias generated will match this pattern: \"SageMakerEdge-{DeviceFleetName}\".\n" }, "iotRoleAlias": { "type": "string" }, "outputConfig": { "$ref": "#/types/aws:sagemaker/DeviceFleetOutputConfig:DeviceFleetOutputConfig", "description": "Specifies details about the repository. see Output Config details below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/domain:Domain": { "description": "Provides a SageMaker Domain resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"sagemaker.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n path: \"/\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.sagemaker.Domain(\"example\", {\n domainName: \"example\",\n authMode: \"IAM\",\n vpcId: exampleAwsVpc.id,\n subnetIds: [exampleAwsSubnet.id],\n defaultUserSettings: {\n executionRole: exampleRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"sagemaker.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n path=\"/\",\n assume_role_policy=example.json)\nexample_domain = aws.sagemaker.Domain(\"example\",\n domain_name=\"example\",\n auth_mode=\"IAM\",\n vpc_id=example_aws_vpc[\"id\"],\n subnet_ids=[example_aws_subnet[\"id\"]],\n default_user_settings={\n \"execution_role\": example_role.arn,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"sagemaker.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n Path = \"/\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.Sagemaker.Domain(\"example\", new()\n {\n DomainName = \"example\",\n AuthMode = \"IAM\",\n VpcId = exampleAwsVpc.Id,\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n DefaultUserSettings = new Aws.Sagemaker.Inputs.DomainDefaultUserSettingsArgs\n {\n ExecutionRole = exampleRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"sagemaker.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewDomain(ctx, \"example\", \u0026sagemaker.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tAuthMode: pulumi.String(\"IAM\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleAwsSubnet.Id,\n\t\t\t},\n\t\t\tDefaultUserSettings: \u0026sagemaker.DomainDefaultUserSettingsArgs{\n\t\t\t\tExecutionRole: exampleRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sagemaker.Domain;\nimport com.pulumi.aws.sagemaker.DomainArgs;\nimport com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"sagemaker.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .path(\"/\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domainName(\"example\")\n .authMode(\"IAM\")\n .vpcId(exampleAwsVpc.id())\n .subnetIds(exampleAwsSubnet.id())\n .defaultUserSettings(DomainDefaultUserSettingsArgs.builder()\n .executionRole(exampleRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDomain:\n type: aws:sagemaker:Domain\n name: example\n properties:\n domainName: example\n authMode: IAM\n vpcId: ${exampleAwsVpc.id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n defaultUserSettings:\n executionRole: ${exampleRole.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n path: /\n assumeRolePolicy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - sagemaker.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Custom Images\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Image;\nimport com.pulumi.aws.sagemaker.ImageArgs;\nimport com.pulumi.aws.sagemaker.AppImageConfig;\nimport com.pulumi.aws.sagemaker.AppImageConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.AppImageConfigKernelGatewayImageConfigArgs;\nimport com.pulumi.aws.sagemaker.ImageVersion;\nimport com.pulumi.aws.sagemaker.ImageVersionArgs;\nimport com.pulumi.aws.sagemaker.Domain;\nimport com.pulumi.aws.sagemaker.DomainArgs;\nimport com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsArgs;\nimport com.pulumi.aws.sagemaker.inputs.DomainDefaultUserSettingsKernelGatewayAppSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Image(\"example\", ImageArgs.builder()\n .imageName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n var exampleAppImageConfig = new AppImageConfig(\"exampleAppImageConfig\", AppImageConfigArgs.builder()\n .appImageConfigName(\"example\")\n .kernelGatewayImageConfig(AppImageConfigKernelGatewayImageConfigArgs.builder()\n .kernelSpecs(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n var exampleImageVersion = new ImageVersion(\"exampleImageVersion\", ImageVersionArgs.builder()\n .imageName(example.id())\n .baseImage(\"base-image\")\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .domainName(\"example\")\n .authMode(\"IAM\")\n .vpcId(exampleAwsVpc.id())\n .subnetIds(exampleAwsSubnet.id())\n .defaultUserSettings(DomainDefaultUserSettingsArgs.builder()\n .executionRole(exampleAwsIamRole.arn())\n .kernelGatewayAppSettings(DomainDefaultUserSettingsKernelGatewayAppSettingsArgs.builder()\n .customImages(DomainDefaultUserSettingsKernelGatewayAppSettingsCustomImageArgs.builder()\n .appImageConfigName(exampleAppImageConfig.appImageConfigName())\n .imageName(exampleImageVersion.imageName())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Image\n properties:\n imageName: example\n roleArn: ${exampleAwsIamRole.arn}\n exampleAppImageConfig:\n type: aws:sagemaker:AppImageConfig\n name: example\n properties:\n appImageConfigName: example\n kernelGatewayImageConfig:\n kernelSpecs:\n - name: example\n exampleImageVersion:\n type: aws:sagemaker:ImageVersion\n name: example\n properties:\n imageName: ${example.id}\n baseImage: base-image\n exampleDomain:\n type: aws:sagemaker:Domain\n name: example\n properties:\n domainName: example\n authMode: IAM\n vpcId: ${exampleAwsVpc.id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n defaultUserSettings:\n executionRole: ${exampleAwsIamRole.arn}\n kernelGatewayAppSettings:\n customImages:\n - appImageConfigName: ${exampleAppImageConfig.appImageConfigName}\n imageName: ${exampleImageVersion.imageName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Domains using the `id`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/domain:Domain test_domain d-8jgsjtilstu8\n```\n", "properties": { "appNetworkAccessType": { "type": "string", "description": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly`. Valid values are `PublicInternetOnly` and `VpcOnly`.\n" }, "appSecurityGroupManagement": { "type": "string", "description": "The entity that creates and manages the required security groups for inter-app communication in `VPCOnly` mode. Valid values are `Service` and `Customer`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Domain.\n" }, "authMode": { "type": "string", "description": "The mode of authentication that members use to access the domain. Valid values are `IAM` and `SSO`.\n" }, "defaultSpaceSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettings:DomainDefaultSpaceSettings", "description": "The default space settings. See `default_space_settings` Block below.\n" }, "defaultUserSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettings:DomainDefaultUserSettings", "description": "The default user settings. See `default_user_settings` Block below.\n" }, "domainName": { "type": "string", "description": "The domain name.\n" }, "domainSettings": { "$ref": "#/types/aws:sagemaker/DomainDomainSettings:DomainDomainSettings", "description": "The domain settings. See `domain_settings` Block below.\n" }, "homeEfsFileSystemId": { "type": "string", "description": "The ID of the Amazon Elastic File System (EFS) managed by this Domain.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS KMS customer managed CMK used to encrypt the EFS volume attached to the domain.\n" }, "retentionPolicy": { "$ref": "#/types/aws:sagemaker/DomainRetentionPolicy:DomainRetentionPolicy", "description": "The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained. See `retention_policy` Block below.\n" }, "securityGroupIdForDomainBoundary": { "type": "string", "description": "The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app.\n" }, "singleSignOnApplicationArn": { "type": "string", "description": "The ARN of the application managed by SageMaker in IAM Identity Center. This value is only returned for domains created after September 19, 2023.\n" }, "singleSignOnManagedApplicationInstanceId": { "type": "string", "description": "The SSO managed application instance ID.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC subnets that Studio uses for communication.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The domain's URL.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "authMode", "defaultUserSettings", "domainName", "homeEfsFileSystemId", "securityGroupIdForDomainBoundary", "singleSignOnApplicationArn", "singleSignOnManagedApplicationInstanceId", "subnetIds", "tagsAll", "url", "vpcId" ], "inputProperties": { "appNetworkAccessType": { "type": "string", "description": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly`. Valid values are `PublicInternetOnly` and `VpcOnly`.\n", "willReplaceOnChanges": true }, "appSecurityGroupManagement": { "type": "string", "description": "The entity that creates and manages the required security groups for inter-app communication in `VPCOnly` mode. Valid values are `Service` and `Customer`.\n", "willReplaceOnChanges": true }, "authMode": { "type": "string", "description": "The mode of authentication that members use to access the domain. Valid values are `IAM` and `SSO`.\n", "willReplaceOnChanges": true }, "defaultSpaceSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettings:DomainDefaultSpaceSettings", "description": "The default space settings. See `default_space_settings` Block below.\n" }, "defaultUserSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettings:DomainDefaultUserSettings", "description": "The default user settings. See `default_user_settings` Block below.\n" }, "domainName": { "type": "string", "description": "The domain name.\n", "willReplaceOnChanges": true }, "domainSettings": { "$ref": "#/types/aws:sagemaker/DomainDomainSettings:DomainDomainSettings", "description": "The domain settings. See `domain_settings` Block below.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS KMS customer managed CMK used to encrypt the EFS volume attached to the domain.\n", "willReplaceOnChanges": true }, "retentionPolicy": { "$ref": "#/types/aws:sagemaker/DomainRetentionPolicy:DomainRetentionPolicy", "description": "The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained. See `retention_policy` Block below.\n", "willReplaceOnChanges": true }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC subnets that Studio uses for communication.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "authMode", "defaultUserSettings", "domainName", "subnetIds", "vpcId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "appNetworkAccessType": { "type": "string", "description": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly`. Valid values are `PublicInternetOnly` and `VpcOnly`.\n", "willReplaceOnChanges": true }, "appSecurityGroupManagement": { "type": "string", "description": "The entity that creates and manages the required security groups for inter-app communication in `VPCOnly` mode. Valid values are `Service` and `Customer`.\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Domain.\n" }, "authMode": { "type": "string", "description": "The mode of authentication that members use to access the domain. Valid values are `IAM` and `SSO`.\n", "willReplaceOnChanges": true }, "defaultSpaceSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultSpaceSettings:DomainDefaultSpaceSettings", "description": "The default space settings. See `default_space_settings` Block below.\n" }, "defaultUserSettings": { "$ref": "#/types/aws:sagemaker/DomainDefaultUserSettings:DomainDefaultUserSettings", "description": "The default user settings. See `default_user_settings` Block below.\n" }, "domainName": { "type": "string", "description": "The domain name.\n", "willReplaceOnChanges": true }, "domainSettings": { "$ref": "#/types/aws:sagemaker/DomainDomainSettings:DomainDomainSettings", "description": "The domain settings. See `domain_settings` Block below.\n" }, "homeEfsFileSystemId": { "type": "string", "description": "The ID of the Amazon Elastic File System (EFS) managed by this Domain.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS KMS customer managed CMK used to encrypt the EFS volume attached to the domain.\n", "willReplaceOnChanges": true }, "retentionPolicy": { "$ref": "#/types/aws:sagemaker/DomainRetentionPolicy:DomainRetentionPolicy", "description": "The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained. See `retention_policy` Block below.\n", "willReplaceOnChanges": true }, "securityGroupIdForDomainBoundary": { "type": "string", "description": "The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app.\n" }, "singleSignOnApplicationArn": { "type": "string", "description": "The ARN of the application managed by SageMaker in IAM Identity Center. This value is only returned for domains created after September 19, 2023.\n" }, "singleSignOnManagedApplicationInstanceId": { "type": "string", "description": "The SSO managed application instance ID.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The VPC subnets that Studio uses for communication.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The domain's URL.\n" }, "vpcId": { "type": "string", "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/endpoint:Endpoint": { "description": "Provides a SageMaker Endpoint resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst e = new aws.sagemaker.Endpoint(\"e\", {\n name: \"my-endpoint\",\n endpointConfigName: ec.name,\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ne = aws.sagemaker.Endpoint(\"e\",\n name=\"my-endpoint\",\n endpoint_config_name=ec[\"name\"],\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var e = new Aws.Sagemaker.Endpoint(\"e\", new()\n {\n Name = \"my-endpoint\",\n EndpointConfigName = ec.Name,\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewEndpoint(ctx, \"e\", \u0026sagemaker.EndpointArgs{\n\t\t\tName: pulumi.String(\"my-endpoint\"),\n\t\t\tEndpointConfigName: pulumi.Any(ec.Name),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Endpoint;\nimport com.pulumi.aws.sagemaker.EndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var e = new Endpoint(\"e\", EndpointArgs.builder()\n .name(\"my-endpoint\")\n .endpointConfigName(ec.name())\n .tags(Map.of(\"Name\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n e:\n type: aws:sagemaker:Endpoint\n properties:\n name: my-endpoint\n endpointConfigName: ${ec.name}\n tags:\n Name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoints using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/endpoint:Endpoint test_endpoint my-endpoint\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint.\n" }, "deploymentConfig": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfig:EndpointDeploymentConfig", "description": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations. See Deployment Config.\n" }, "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, the provider will assign a random, unique name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "endpointConfigName", "name", "tagsAll" ], "inputProperties": { "deploymentConfig": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfig:EndpointDeploymentConfig", "description": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations. See Deployment Config.\n" }, "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "endpointConfigName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint.\n" }, "deploymentConfig": { "$ref": "#/types/aws:sagemaker/EndpointDeploymentConfig:EndpointDeploymentConfig", "description": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations. See Deployment Config.\n" }, "endpointConfigName": { "type": "string", "description": "The name of the endpoint configuration to use.\n" }, "name": { "type": "string", "description": "The name of the endpoint. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/endpointConfiguration:EndpointConfiguration": { "description": "Provides a SageMaker endpoint configuration resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec = new aws.sagemaker.EndpointConfiguration(\"ec\", {\n name: \"my-endpoint-config\",\n productionVariants: [{\n variantName: \"variant-1\",\n modelName: m.name,\n initialInstanceCount: 1,\n instanceType: \"ml.t2.medium\",\n }],\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec = aws.sagemaker.EndpointConfiguration(\"ec\",\n name=\"my-endpoint-config\",\n production_variants=[{\n \"variant_name\": \"variant-1\",\n \"model_name\": m[\"name\"],\n \"initial_instance_count\": 1,\n \"instance_type\": \"ml.t2.medium\",\n }],\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec = new Aws.Sagemaker.EndpointConfiguration(\"ec\", new()\n {\n Name = \"my-endpoint-config\",\n ProductionVariants = new[]\n {\n new Aws.Sagemaker.Inputs.EndpointConfigurationProductionVariantArgs\n {\n VariantName = \"variant-1\",\n ModelName = m.Name,\n InitialInstanceCount = 1,\n InstanceType = \"ml.t2.medium\",\n },\n },\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewEndpointConfiguration(ctx, \"ec\", \u0026sagemaker.EndpointConfigurationArgs{\n\t\t\tName: pulumi.String(\"my-endpoint-config\"),\n\t\t\tProductionVariants: sagemaker.EndpointConfigurationProductionVariantArray{\n\t\t\t\t\u0026sagemaker.EndpointConfigurationProductionVariantArgs{\n\t\t\t\t\tVariantName: pulumi.String(\"variant-1\"),\n\t\t\t\t\tModelName: pulumi.Any(m.Name),\n\t\t\t\t\tInitialInstanceCount: pulumi.Int(1),\n\t\t\t\t\tInstanceType: pulumi.String(\"ml.t2.medium\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.EndpointConfiguration;\nimport com.pulumi.aws.sagemaker.EndpointConfigurationArgs;\nimport com.pulumi.aws.sagemaker.inputs.EndpointConfigurationProductionVariantArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec = new EndpointConfiguration(\"ec\", EndpointConfigurationArgs.builder()\n .name(\"my-endpoint-config\")\n .productionVariants(EndpointConfigurationProductionVariantArgs.builder()\n .variantName(\"variant-1\")\n .modelName(m.name())\n .initialInstanceCount(1)\n .instanceType(\"ml.t2.medium\")\n .build())\n .tags(Map.of(\"Name\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec:\n type: aws:sagemaker:EndpointConfiguration\n properties:\n name: my-endpoint-config\n productionVariants:\n - variantName: variant-1\n modelName: ${m.name}\n initialInstanceCount: 1\n instanceType: ml.t2.medium\n tags:\n Name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoint configurations using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/endpointConfiguration:EndpointConfiguration test_endpoint_config endpoint-config-foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration.\n" }, "asyncInferenceConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfig:EndpointConfigurationAsyncInferenceConfig", "description": "Specifies configuration for how an endpoint performs asynchronous inference.\n" }, "dataCaptureConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationDataCaptureConfig:EndpointConfigurationDataCaptureConfig", "description": "Specifies the parameters to capture input/output of SageMaker models endpoints. Fields are documented below.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n" }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique endpoint configuration name beginning with the specified prefix. Conflicts with `name`.\n" }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "An list of ProductionVariant objects, one for each model that you want to host at this endpoint. Fields are documented below.\n" }, "shadowProductionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariant:EndpointConfigurationShadowProductionVariant" }, "description": "Array of ProductionVariant objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants. If you use this field, you can only specify one variant for ProductionVariants and one variant for ShadowProductionVariants. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "namePrefix", "productionVariants", "tagsAll" ], "inputProperties": { "asyncInferenceConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfig:EndpointConfigurationAsyncInferenceConfig", "description": "Specifies configuration for how an endpoint performs asynchronous inference.\n", "willReplaceOnChanges": true }, "dataCaptureConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationDataCaptureConfig:EndpointConfigurationDataCaptureConfig", "description": "Specifies the parameters to capture input/output of SageMaker models endpoints. Fields are documented below.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique endpoint configuration name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "An list of ProductionVariant objects, one for each model that you want to host at this endpoint. Fields are documented below.\n" }, "shadowProductionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariant:EndpointConfigurationShadowProductionVariant" }, "description": "Array of ProductionVariant objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants. If you use this field, you can only specify one variant for ProductionVariants and one variant for ShadowProductionVariants. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "productionVariants" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this endpoint configuration.\n" }, "asyncInferenceConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationAsyncInferenceConfig:EndpointConfigurationAsyncInferenceConfig", "description": "Specifies configuration for how an endpoint performs asynchronous inference.\n", "willReplaceOnChanges": true }, "dataCaptureConfig": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationDataCaptureConfig:EndpointConfigurationDataCaptureConfig", "description": "Specifies the parameters to capture input/output of SageMaker models endpoints. Fields are documented below.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the endpoint configuration. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique endpoint configuration name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "productionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationProductionVariant:EndpointConfigurationProductionVariant" }, "description": "An list of ProductionVariant objects, one for each model that you want to host at this endpoint. Fields are documented below.\n" }, "shadowProductionVariants": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/EndpointConfigurationShadowProductionVariant:EndpointConfigurationShadowProductionVariant" }, "description": "Array of ProductionVariant objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on ProductionVariants. If you use this field, you can only specify one variant for ProductionVariants and one variant for ShadowProductionVariants. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/featureGroup:FeatureGroup": { "description": "Provides a SageMaker Feature Group resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.FeatureGroup(\"example\", {\n featureGroupName: \"example\",\n recordIdentifierFeatureName: \"example\",\n eventTimeFeatureName: \"example\",\n roleArn: test.arn,\n featureDefinitions: [{\n featureName: \"example\",\n featureType: \"String\",\n }],\n onlineStoreConfig: {\n enableOnlineStore: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.FeatureGroup(\"example\",\n feature_group_name=\"example\",\n record_identifier_feature_name=\"example\",\n event_time_feature_name=\"example\",\n role_arn=test[\"arn\"],\n feature_definitions=[{\n \"feature_name\": \"example\",\n \"feature_type\": \"String\",\n }],\n online_store_config={\n \"enable_online_store\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.FeatureGroup(\"example\", new()\n {\n FeatureGroupName = \"example\",\n RecordIdentifierFeatureName = \"example\",\n EventTimeFeatureName = \"example\",\n RoleArn = test.Arn,\n FeatureDefinitions = new[]\n {\n new Aws.Sagemaker.Inputs.FeatureGroupFeatureDefinitionArgs\n {\n FeatureName = \"example\",\n FeatureType = \"String\",\n },\n },\n OnlineStoreConfig = new Aws.Sagemaker.Inputs.FeatureGroupOnlineStoreConfigArgs\n {\n EnableOnlineStore = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewFeatureGroup(ctx, \"example\", \u0026sagemaker.FeatureGroupArgs{\n\t\t\tFeatureGroupName: pulumi.String(\"example\"),\n\t\t\tRecordIdentifierFeatureName: pulumi.String(\"example\"),\n\t\t\tEventTimeFeatureName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(test.Arn),\n\t\t\tFeatureDefinitions: sagemaker.FeatureGroupFeatureDefinitionArray{\n\t\t\t\t\u0026sagemaker.FeatureGroupFeatureDefinitionArgs{\n\t\t\t\t\tFeatureName: pulumi.String(\"example\"),\n\t\t\t\t\tFeatureType: pulumi.String(\"String\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOnlineStoreConfig: \u0026sagemaker.FeatureGroupOnlineStoreConfigArgs{\n\t\t\t\tEnableOnlineStore: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.FeatureGroup;\nimport com.pulumi.aws.sagemaker.FeatureGroupArgs;\nimport com.pulumi.aws.sagemaker.inputs.FeatureGroupFeatureDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.FeatureGroupOnlineStoreConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FeatureGroup(\"example\", FeatureGroupArgs.builder()\n .featureGroupName(\"example\")\n .recordIdentifierFeatureName(\"example\")\n .eventTimeFeatureName(\"example\")\n .roleArn(test.arn())\n .featureDefinitions(FeatureGroupFeatureDefinitionArgs.builder()\n .featureName(\"example\")\n .featureType(\"String\")\n .build())\n .onlineStoreConfig(FeatureGroupOnlineStoreConfigArgs.builder()\n .enableOnlineStore(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:FeatureGroup\n properties:\n featureGroupName: example\n recordIdentifierFeatureName: example\n eventTimeFeatureName: example\n roleArn: ${test.arn}\n featureDefinitions:\n - featureName: example\n featureType: String\n onlineStoreConfig:\n enableOnlineStore: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Feature Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/featureGroup:FeatureGroup test_feature_group feature_group-foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this feature_group.\n" }, "description": { "type": "string", "description": "A free-form description of a Feature Group.\n" }, "eventTimeFeatureName": { "type": "string", "description": "The name of the feature that stores the EventTime of a Record in a Feature Group.\n" }, "featureDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/FeatureGroupFeatureDefinition:FeatureGroupFeatureDefinition" }, "description": "A list of Feature names and types. See Feature Definition Below.\n" }, "featureGroupName": { "type": "string", "description": "The name of the Feature Group. The name must be unique within an AWS Region in an AWS account.\n" }, "offlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOfflineStoreConfig:FeatureGroupOfflineStoreConfig", "description": "The Offline Feature Store Configuration. See Offline Store Config Below.\n" }, "onlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOnlineStoreConfig:FeatureGroupOnlineStoreConfig", "description": "The Online Feature Store Configuration. See Online Store Config Below.\n" }, "recordIdentifierFeatureName": { "type": "string", "description": "The name of the Feature whose value uniquely identifies a Record defined in the Feature Store. Only the latest record per identifier value will be stored in the Online Store.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the Offline Store if an `offline_store_config` is provided.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "eventTimeFeatureName", "featureDefinitions", "featureGroupName", "recordIdentifierFeatureName", "roleArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A free-form description of a Feature Group.\n", "willReplaceOnChanges": true }, "eventTimeFeatureName": { "type": "string", "description": "The name of the feature that stores the EventTime of a Record in a Feature Group.\n", "willReplaceOnChanges": true }, "featureDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/FeatureGroupFeatureDefinition:FeatureGroupFeatureDefinition" }, "description": "A list of Feature names and types. See Feature Definition Below.\n", "willReplaceOnChanges": true }, "featureGroupName": { "type": "string", "description": "The name of the Feature Group. The name must be unique within an AWS Region in an AWS account.\n", "willReplaceOnChanges": true }, "offlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOfflineStoreConfig:FeatureGroupOfflineStoreConfig", "description": "The Offline Feature Store Configuration. See Offline Store Config Below.\n", "willReplaceOnChanges": true }, "onlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOnlineStoreConfig:FeatureGroupOnlineStoreConfig", "description": "The Online Feature Store Configuration. See Online Store Config Below.\n", "willReplaceOnChanges": true }, "recordIdentifierFeatureName": { "type": "string", "description": "The name of the Feature whose value uniquely identifies a Record defined in the Feature Store. Only the latest record per identifier value will be stored in the Online Store.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the Offline Store if an `offline_store_config` is provided.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "eventTimeFeatureName", "featureDefinitions", "featureGroupName", "recordIdentifierFeatureName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering FeatureGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this feature_group.\n" }, "description": { "type": "string", "description": "A free-form description of a Feature Group.\n", "willReplaceOnChanges": true }, "eventTimeFeatureName": { "type": "string", "description": "The name of the feature that stores the EventTime of a Record in a Feature Group.\n", "willReplaceOnChanges": true }, "featureDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/FeatureGroupFeatureDefinition:FeatureGroupFeatureDefinition" }, "description": "A list of Feature names and types. See Feature Definition Below.\n", "willReplaceOnChanges": true }, "featureGroupName": { "type": "string", "description": "The name of the Feature Group. The name must be unique within an AWS Region in an AWS account.\n", "willReplaceOnChanges": true }, "offlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOfflineStoreConfig:FeatureGroupOfflineStoreConfig", "description": "The Offline Feature Store Configuration. See Offline Store Config Below.\n", "willReplaceOnChanges": true }, "onlineStoreConfig": { "$ref": "#/types/aws:sagemaker/FeatureGroupOnlineStoreConfig:FeatureGroupOnlineStoreConfig", "description": "The Online Feature Store Configuration. See Online Store Config Below.\n", "willReplaceOnChanges": true }, "recordIdentifierFeatureName": { "type": "string", "description": "The name of the Feature whose value uniquely identifies a Record defined in the Feature Store. Only the latest record per identifier value will be stored in the Online Store.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the Offline Store if an `offline_store_config` is provided.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/flowDefinition:FlowDefinition": { "description": "Provides a SageMaker Flow Definition resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.FlowDefinition(\"example\", {\n flowDefinitionName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n humanLoopConfig: {\n humanTaskUiArn: exampleAwsSagemakerHumanTaskUi.arn,\n taskAvailabilityLifetimeInSeconds: 1,\n taskCount: 1,\n taskDescription: \"example\",\n taskTitle: \"example\",\n workteamArn: exampleAwsSagemakerWorkteam.arn,\n },\n outputConfig: {\n s3OutputPath: `s3://${exampleAwsS3Bucket.bucket}/`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.FlowDefinition(\"example\",\n flow_definition_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n human_loop_config={\n \"human_task_ui_arn\": example_aws_sagemaker_human_task_ui[\"arn\"],\n \"task_availability_lifetime_in_seconds\": 1,\n \"task_count\": 1,\n \"task_description\": \"example\",\n \"task_title\": \"example\",\n \"workteam_arn\": example_aws_sagemaker_workteam[\"arn\"],\n },\n output_config={\n \"s3_output_path\": f\"s3://{example_aws_s3_bucket['bucket']}/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.FlowDefinition(\"example\", new()\n {\n FlowDefinitionName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n HumanLoopConfig = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopConfigArgs\n {\n HumanTaskUiArn = exampleAwsSagemakerHumanTaskUi.Arn,\n TaskAvailabilityLifetimeInSeconds = 1,\n TaskCount = 1,\n TaskDescription = \"example\",\n TaskTitle = \"example\",\n WorkteamArn = exampleAwsSagemakerWorkteam.Arn,\n },\n OutputConfig = new Aws.Sagemaker.Inputs.FlowDefinitionOutputConfigArgs\n {\n S3OutputPath = $\"s3://{exampleAwsS3Bucket.Bucket}/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewFlowDefinition(ctx, \"example\", \u0026sagemaker.FlowDefinitionArgs{\n\t\t\tFlowDefinitionName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHumanLoopConfig: \u0026sagemaker.FlowDefinitionHumanLoopConfigArgs{\n\t\t\t\tHumanTaskUiArn: pulumi.Any(exampleAwsSagemakerHumanTaskUi.Arn),\n\t\t\t\tTaskAvailabilityLifetimeInSeconds: pulumi.Int(1),\n\t\t\t\tTaskCount: pulumi.Int(1),\n\t\t\t\tTaskDescription: pulumi.String(\"example\"),\n\t\t\t\tTaskTitle: pulumi.String(\"example\"),\n\t\t\t\tWorkteamArn: pulumi.Any(exampleAwsSagemakerWorkteam.Arn),\n\t\t\t},\n\t\t\tOutputConfig: \u0026sagemaker.FlowDefinitionOutputConfigArgs{\n\t\t\t\tS3OutputPath: pulumi.String(fmt.Sprintf(\"s3://%v/\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.FlowDefinition;\nimport com.pulumi.aws.sagemaker.FlowDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionOutputConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FlowDefinition(\"example\", FlowDefinitionArgs.builder()\n .flowDefinitionName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .humanLoopConfig(FlowDefinitionHumanLoopConfigArgs.builder()\n .humanTaskUiArn(exampleAwsSagemakerHumanTaskUi.arn())\n .taskAvailabilityLifetimeInSeconds(1)\n .taskCount(1)\n .taskDescription(\"example\")\n .taskTitle(\"example\")\n .workteamArn(exampleAwsSagemakerWorkteam.arn())\n .build())\n .outputConfig(FlowDefinitionOutputConfigArgs.builder()\n .s3OutputPath(String.format(\"s3://%s/\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:FlowDefinition\n properties:\n flowDefinitionName: example\n roleArn: ${exampleAwsIamRole.arn}\n humanLoopConfig:\n humanTaskUiArn: ${exampleAwsSagemakerHumanTaskUi.arn}\n taskAvailabilityLifetimeInSeconds: 1\n taskCount: 1\n taskDescription: example\n taskTitle: example\n workteamArn: ${exampleAwsSagemakerWorkteam.arn}\n outputConfig:\n s3OutputPath: s3://${exampleAwsS3Bucket.bucket}/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public Workteam Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.FlowDefinition(\"example\", {\n flowDefinitionName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n humanLoopConfig: {\n humanTaskUiArn: exampleAwsSagemakerHumanTaskUi.arn,\n taskAvailabilityLifetimeInSeconds: 1,\n taskCount: 1,\n taskDescription: \"example\",\n taskTitle: \"example\",\n workteamArn: `arn:aws:sagemaker:${current.name}:394669845002:workteam/public-crowd/default`,\n publicWorkforceTaskPrice: {\n amountInUsd: {\n cents: 1,\n tenthFractionsOfACent: 2,\n },\n },\n },\n outputConfig: {\n s3OutputPath: `s3://${exampleAwsS3Bucket.bucket}/`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.FlowDefinition(\"example\",\n flow_definition_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n human_loop_config={\n \"human_task_ui_arn\": example_aws_sagemaker_human_task_ui[\"arn\"],\n \"task_availability_lifetime_in_seconds\": 1,\n \"task_count\": 1,\n \"task_description\": \"example\",\n \"task_title\": \"example\",\n \"workteam_arn\": f\"arn:aws:sagemaker:{current['name']}:394669845002:workteam/public-crowd/default\",\n \"public_workforce_task_price\": {\n \"amount_in_usd\": {\n \"cents\": 1,\n \"tenth_fractions_of_a_cent\": 2,\n },\n },\n },\n output_config={\n \"s3_output_path\": f\"s3://{example_aws_s3_bucket['bucket']}/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.FlowDefinition(\"example\", new()\n {\n FlowDefinitionName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n HumanLoopConfig = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopConfigArgs\n {\n HumanTaskUiArn = exampleAwsSagemakerHumanTaskUi.Arn,\n TaskAvailabilityLifetimeInSeconds = 1,\n TaskCount = 1,\n TaskDescription = \"example\",\n TaskTitle = \"example\",\n WorkteamArn = $\"arn:aws:sagemaker:{current.Name}:394669845002:workteam/public-crowd/default\",\n PublicWorkforceTaskPrice = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceArgs\n {\n AmountInUsd = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsdArgs\n {\n Cents = 1,\n TenthFractionsOfACent = 2,\n },\n },\n },\n OutputConfig = new Aws.Sagemaker.Inputs.FlowDefinitionOutputConfigArgs\n {\n S3OutputPath = $\"s3://{exampleAwsS3Bucket.Bucket}/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewFlowDefinition(ctx, \"example\", \u0026sagemaker.FlowDefinitionArgs{\n\t\t\tFlowDefinitionName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHumanLoopConfig: \u0026sagemaker.FlowDefinitionHumanLoopConfigArgs{\n\t\t\t\tHumanTaskUiArn: pulumi.Any(exampleAwsSagemakerHumanTaskUi.Arn),\n\t\t\t\tTaskAvailabilityLifetimeInSeconds: pulumi.Int(1),\n\t\t\t\tTaskCount: pulumi.Int(1),\n\t\t\t\tTaskDescription: pulumi.String(\"example\"),\n\t\t\t\tTaskTitle: pulumi.String(\"example\"),\n\t\t\t\tWorkteamArn: pulumi.String(fmt.Sprintf(\"arn:aws:sagemaker:%v:394669845002:workteam/public-crowd/default\", current.Name)),\n\t\t\t\tPublicWorkforceTaskPrice: \u0026sagemaker.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceArgs{\n\t\t\t\t\tAmountInUsd: \u0026sagemaker.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsdArgs{\n\t\t\t\t\t\tCents: pulumi.Int(1),\n\t\t\t\t\t\tTenthFractionsOfACent: pulumi.Int(2),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOutputConfig: \u0026sagemaker.FlowDefinitionOutputConfigArgs{\n\t\t\t\tS3OutputPath: pulumi.String(fmt.Sprintf(\"s3://%v/\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.FlowDefinition;\nimport com.pulumi.aws.sagemaker.FlowDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsdArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionOutputConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FlowDefinition(\"example\", FlowDefinitionArgs.builder()\n .flowDefinitionName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .humanLoopConfig(FlowDefinitionHumanLoopConfigArgs.builder()\n .humanTaskUiArn(exampleAwsSagemakerHumanTaskUi.arn())\n .taskAvailabilityLifetimeInSeconds(1)\n .taskCount(1)\n .taskDescription(\"example\")\n .taskTitle(\"example\")\n .workteamArn(String.format(\"arn:aws:sagemaker:%s:394669845002:workteam/public-crowd/default\", current.name()))\n .publicWorkforceTaskPrice(FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceArgs.builder()\n .amountInUsd(FlowDefinitionHumanLoopConfigPublicWorkforceTaskPriceAmountInUsdArgs.builder()\n .cents(1)\n .tenthFractionsOfACent(2)\n .build())\n .build())\n .build())\n .outputConfig(FlowDefinitionOutputConfigArgs.builder()\n .s3OutputPath(String.format(\"s3://%s/\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:FlowDefinition\n properties:\n flowDefinitionName: example\n roleArn: ${exampleAwsIamRole.arn}\n humanLoopConfig:\n humanTaskUiArn: ${exampleAwsSagemakerHumanTaskUi.arn}\n taskAvailabilityLifetimeInSeconds: 1\n taskCount: 1\n taskDescription: example\n taskTitle: example\n workteamArn: arn:aws:sagemaker:${current.name}:394669845002:workteam/public-crowd/default\n publicWorkforceTaskPrice:\n amountInUsd:\n cents: 1\n tenthFractionsOfACent: 2\n outputConfig:\n s3OutputPath: s3://${exampleAwsS3Bucket.bucket}/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Human Loop Activation Config Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.FlowDefinition(\"example\", {\n flowDefinitionName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n humanLoopConfig: {\n humanTaskUiArn: exampleAwsSagemakerHumanTaskUi.arn,\n taskAvailabilityLifetimeInSeconds: 1,\n taskCount: 1,\n taskDescription: \"example\",\n taskTitle: \"example\",\n workteamArn: exampleAwsSagemakerWorkteam.arn,\n },\n humanLoopRequestSource: {\n awsManagedHumanLoopRequestSource: \"AWS/Textract/AnalyzeDocument/Forms/V1\",\n },\n humanLoopActivationConfig: {\n humanLoopActivationConditionsConfig: {\n humanLoopActivationConditions: ` {\n\\x09\\x09\\x09\"Conditions\": [\n\\x09\\x09\\x09 {\n\\x09\\x09\\x09\\x09\"ConditionType\": \"Sampling\",\n\\x09\\x09\\x09\\x09\"ConditionParameters\": {\n\\x09\\x09\\x09\\x09 \"RandomSamplingPercentage\": 5\n\\x09\\x09\\x09\\x09}\n\\x09\\x09\\x09 }\n\\x09\\x09\\x09]\n\\x09\\x09}\n`,\n },\n },\n outputConfig: {\n s3OutputPath: `s3://${exampleAwsS3Bucket.bucket}/`,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.FlowDefinition(\"example\",\n flow_definition_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n human_loop_config={\n \"human_task_ui_arn\": example_aws_sagemaker_human_task_ui[\"arn\"],\n \"task_availability_lifetime_in_seconds\": 1,\n \"task_count\": 1,\n \"task_description\": \"example\",\n \"task_title\": \"example\",\n \"workteam_arn\": example_aws_sagemaker_workteam[\"arn\"],\n },\n human_loop_request_source={\n \"aws_managed_human_loop_request_source\": \"AWS/Textract/AnalyzeDocument/Forms/V1\",\n },\n human_loop_activation_config={\n \"human_loop_activation_conditions_config\": {\n \"human_loop_activation_conditions\": \"\"\" {\n\\x09\\x09\\x09\"Conditions\": [\n\\x09\\x09\\x09 {\n\\x09\\x09\\x09\\x09\"ConditionType\": \"Sampling\",\n\\x09\\x09\\x09\\x09\"ConditionParameters\": {\n\\x09\\x09\\x09\\x09 \"RandomSamplingPercentage\": 5\n\\x09\\x09\\x09\\x09}\n\\x09\\x09\\x09 }\n\\x09\\x09\\x09]\n\\x09\\x09}\n\"\"\",\n },\n },\n output_config={\n \"s3_output_path\": f\"s3://{example_aws_s3_bucket['bucket']}/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.FlowDefinition(\"example\", new()\n {\n FlowDefinitionName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n HumanLoopConfig = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopConfigArgs\n {\n HumanTaskUiArn = exampleAwsSagemakerHumanTaskUi.Arn,\n TaskAvailabilityLifetimeInSeconds = 1,\n TaskCount = 1,\n TaskDescription = \"example\",\n TaskTitle = \"example\",\n WorkteamArn = exampleAwsSagemakerWorkteam.Arn,\n },\n HumanLoopRequestSource = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopRequestSourceArgs\n {\n AwsManagedHumanLoopRequestSource = \"AWS/Textract/AnalyzeDocument/Forms/V1\",\n },\n HumanLoopActivationConfig = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopActivationConfigArgs\n {\n HumanLoopActivationConditionsConfig = new Aws.Sagemaker.Inputs.FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfigArgs\n {\n HumanLoopActivationConditions = @\" {\n\t\t\t\"\"Conditions\"\": [\n\t\t\t {\n\t\t\t\t\"\"ConditionType\"\": \"\"Sampling\"\",\n\t\t\t\t\"\"ConditionParameters\"\": {\n\t\t\t\t \"\"RandomSamplingPercentage\"\": 5\n\t\t\t\t}\n\t\t\t }\n\t\t\t]\n\t\t}\n\",\n },\n },\n OutputConfig = new Aws.Sagemaker.Inputs.FlowDefinitionOutputConfigArgs\n {\n S3OutputPath = $\"s3://{exampleAwsS3Bucket.Bucket}/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewFlowDefinition(ctx, \"example\", \u0026sagemaker.FlowDefinitionArgs{\n\t\t\tFlowDefinitionName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHumanLoopConfig: \u0026sagemaker.FlowDefinitionHumanLoopConfigArgs{\n\t\t\t\tHumanTaskUiArn: pulumi.Any(exampleAwsSagemakerHumanTaskUi.Arn),\n\t\t\t\tTaskAvailabilityLifetimeInSeconds: pulumi.Int(1),\n\t\t\t\tTaskCount: pulumi.Int(1),\n\t\t\t\tTaskDescription: pulumi.String(\"example\"),\n\t\t\t\tTaskTitle: pulumi.String(\"example\"),\n\t\t\t\tWorkteamArn: pulumi.Any(exampleAwsSagemakerWorkteam.Arn),\n\t\t\t},\n\t\t\tHumanLoopRequestSource: \u0026sagemaker.FlowDefinitionHumanLoopRequestSourceArgs{\n\t\t\t\tAwsManagedHumanLoopRequestSource: pulumi.String(\"AWS/Textract/AnalyzeDocument/Forms/V1\"),\n\t\t\t},\n\t\t\tHumanLoopActivationConfig: \u0026sagemaker.FlowDefinitionHumanLoopActivationConfigArgs{\n\t\t\t\tHumanLoopActivationConditionsConfig: \u0026sagemaker.FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfigArgs{\n\t\t\t\t\tHumanLoopActivationConditions: pulumi.String(` {\n\t\t\t\"Conditions\": [\n\t\t\t {\n\t\t\t\t\"ConditionType\": \"Sampling\",\n\t\t\t\t\"ConditionParameters\": {\n\t\t\t\t \"RandomSamplingPercentage\": 5\n\t\t\t\t}\n\t\t\t }\n\t\t\t]\n\t\t}\n`),\n\t\t\t\t},\n\t\t\t},\n\t\t\tOutputConfig: \u0026sagemaker.FlowDefinitionOutputConfigArgs{\n\t\t\t\tS3OutputPath: pulumi.String(fmt.Sprintf(\"s3://%v/\", exampleAwsS3Bucket.Bucket)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.FlowDefinition;\nimport com.pulumi.aws.sagemaker.FlowDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopRequestSourceArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopActivationConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfigArgs;\nimport com.pulumi.aws.sagemaker.inputs.FlowDefinitionOutputConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FlowDefinition(\"example\", FlowDefinitionArgs.builder()\n .flowDefinitionName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .humanLoopConfig(FlowDefinitionHumanLoopConfigArgs.builder()\n .humanTaskUiArn(exampleAwsSagemakerHumanTaskUi.arn())\n .taskAvailabilityLifetimeInSeconds(1)\n .taskCount(1)\n .taskDescription(\"example\")\n .taskTitle(\"example\")\n .workteamArn(exampleAwsSagemakerWorkteam.arn())\n .build())\n .humanLoopRequestSource(FlowDefinitionHumanLoopRequestSourceArgs.builder()\n .awsManagedHumanLoopRequestSource(\"AWS/Textract/AnalyzeDocument/Forms/V1\")\n .build())\n .humanLoopActivationConfig(FlowDefinitionHumanLoopActivationConfigArgs.builder()\n .humanLoopActivationConditionsConfig(FlowDefinitionHumanLoopActivationConfigHumanLoopActivationConditionsConfigArgs.builder()\n .humanLoopActivationConditions(\"\"\"\n {\n\t\t\t\"Conditions\": [\n\t\t\t {\n\t\t\t\t\"ConditionType\": \"Sampling\",\n\t\t\t\t\"ConditionParameters\": {\n\t\t\t\t \"RandomSamplingPercentage\": 5\n\t\t\t\t}\n\t\t\t }\n\t\t\t]\n\t\t}\n \"\"\")\n .build())\n .build())\n .outputConfig(FlowDefinitionOutputConfigArgs.builder()\n .s3OutputPath(String.format(\"s3://%s/\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:FlowDefinition\n properties:\n flowDefinitionName: example\n roleArn: ${exampleAwsIamRole.arn}\n humanLoopConfig:\n humanTaskUiArn: ${exampleAwsSagemakerHumanTaskUi.arn}\n taskAvailabilityLifetimeInSeconds: 1\n taskCount: 1\n taskDescription: example\n taskTitle: example\n workteamArn: ${exampleAwsSagemakerWorkteam.arn}\n humanLoopRequestSource:\n awsManagedHumanLoopRequestSource: AWS/Textract/AnalyzeDocument/Forms/V1\n humanLoopActivationConfig:\n humanLoopActivationConditionsConfig:\n humanLoopActivationConditions: |2\n {\n \t\t\t\"Conditions\": [\n \t\t\t {\n \t\t\t\t\"ConditionType\": \"Sampling\",\n \t\t\t\t\"ConditionParameters\": {\n \t\t\t\t \"RandomSamplingPercentage\": 5\n \t\t\t\t}\n \t\t\t }\n \t\t\t]\n \t\t}\n outputConfig:\n s3OutputPath: s3://${exampleAwsS3Bucket.bucket}/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Flow Definitions using the `flow_definition_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/flowDefinition:FlowDefinition example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Flow Definition.\n" }, "flowDefinitionName": { "type": "string", "description": "The name of your flow definition.\n" }, "humanLoopActivationConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopActivationConfig:FlowDefinitionHumanLoopActivationConfig", "description": "An object containing information about the events that trigger a human workflow. See Human Loop Activation Config details below.\n" }, "humanLoopConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopConfig:FlowDefinitionHumanLoopConfig", "description": "An object containing information about the tasks the human reviewers will perform. See Human Loop Config details below.\n" }, "humanLoopRequestSource": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopRequestSource:FlowDefinitionHumanLoopRequestSource", "description": "Container for configuring the source of human task requests. Use to specify if Amazon Rekognition or Amazon Textract is used as an integration source. See Human Loop Request Source details below.\n" }, "outputConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionOutputConfig:FlowDefinitionOutputConfig", "description": "An object containing information about where the human review results will be uploaded. See Output Config details below.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role needed to call other services on your behalf.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "flowDefinitionName", "humanLoopConfig", "outputConfig", "roleArn", "tagsAll" ], "inputProperties": { "flowDefinitionName": { "type": "string", "description": "The name of your flow definition.\n", "willReplaceOnChanges": true }, "humanLoopActivationConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopActivationConfig:FlowDefinitionHumanLoopActivationConfig", "description": "An object containing information about the events that trigger a human workflow. See Human Loop Activation Config details below.\n", "willReplaceOnChanges": true }, "humanLoopConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopConfig:FlowDefinitionHumanLoopConfig", "description": "An object containing information about the tasks the human reviewers will perform. See Human Loop Config details below.\n", "willReplaceOnChanges": true }, "humanLoopRequestSource": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopRequestSource:FlowDefinitionHumanLoopRequestSource", "description": "Container for configuring the source of human task requests. Use to specify if Amazon Rekognition or Amazon Textract is used as an integration source. See Human Loop Request Source details below.\n", "willReplaceOnChanges": true }, "outputConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionOutputConfig:FlowDefinitionOutputConfig", "description": "An object containing information about where the human review results will be uploaded. See Output Config details below.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role needed to call other services on your behalf.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "flowDefinitionName", "humanLoopConfig", "outputConfig", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering FlowDefinition resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Flow Definition.\n" }, "flowDefinitionName": { "type": "string", "description": "The name of your flow definition.\n", "willReplaceOnChanges": true }, "humanLoopActivationConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopActivationConfig:FlowDefinitionHumanLoopActivationConfig", "description": "An object containing information about the events that trigger a human workflow. See Human Loop Activation Config details below.\n", "willReplaceOnChanges": true }, "humanLoopConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopConfig:FlowDefinitionHumanLoopConfig", "description": "An object containing information about the tasks the human reviewers will perform. See Human Loop Config details below.\n", "willReplaceOnChanges": true }, "humanLoopRequestSource": { "$ref": "#/types/aws:sagemaker/FlowDefinitionHumanLoopRequestSource:FlowDefinitionHumanLoopRequestSource", "description": "Container for configuring the source of human task requests. Use to specify if Amazon Rekognition or Amazon Textract is used as an integration source. See Human Loop Request Source details below.\n", "willReplaceOnChanges": true }, "outputConfig": { "$ref": "#/types/aws:sagemaker/FlowDefinitionOutputConfig:FlowDefinitionOutputConfig", "description": "An object containing information about where the human review results will be uploaded. See Output Config details below.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role needed to call other services on your behalf.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/humanTaskUI:HumanTaskUI": { "description": "Provides a SageMaker Human Task UI resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.sagemaker.HumanTaskUI(\"example\", {\n humanTaskUiName: \"example\",\n uiTemplate: {\n content: std.file({\n input: \"sagemaker-human-task-ui-template.html\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.sagemaker.HumanTaskUI(\"example\",\n human_task_ui_name=\"example\",\n ui_template={\n \"content\": std.file(input=\"sagemaker-human-task-ui-template.html\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.HumanTaskUI(\"example\", new()\n {\n HumanTaskUiName = \"example\",\n UiTemplate = new Aws.Sagemaker.Inputs.HumanTaskUIUiTemplateArgs\n {\n Content = Std.File.Invoke(new()\n {\n Input = \"sagemaker-human-task-ui-template.html\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"sagemaker-human-task-ui-template.html\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewHumanTaskUI(ctx, \"example\", \u0026sagemaker.HumanTaskUIArgs{\n\t\t\tHumanTaskUiName: pulumi.String(\"example\"),\n\t\t\tUiTemplate: \u0026sagemaker.HumanTaskUIUiTemplateArgs{\n\t\t\t\tContent: pulumi.String(invokeFile.Result),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.HumanTaskUI;\nimport com.pulumi.aws.sagemaker.HumanTaskUIArgs;\nimport com.pulumi.aws.sagemaker.inputs.HumanTaskUIUiTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HumanTaskUI(\"example\", HumanTaskUIArgs.builder()\n .humanTaskUiName(\"example\")\n .uiTemplate(HumanTaskUIUiTemplateArgs.builder()\n .content(StdFunctions.file(FileArgs.builder()\n .input(\"sagemaker-human-task-ui-template.html\")\n .build()).result())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:HumanTaskUI\n properties:\n humanTaskUiName: example\n uiTemplate:\n content:\n fn::invoke:\n Function: std:file\n Arguments:\n input: sagemaker-human-task-ui-template.html\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Human Task UIs using the `human_task_ui_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/humanTaskUI:HumanTaskUI example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Human Task UI.\n" }, "humanTaskUiName": { "type": "string", "description": "The name of the Human Task UI.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uiTemplate": { "$ref": "#/types/aws:sagemaker/HumanTaskUIUiTemplate:HumanTaskUIUiTemplate", "description": "The Liquid template for the worker user interface. See UI Template below.\n" } }, "required": [ "arn", "humanTaskUiName", "tagsAll", "uiTemplate" ], "inputProperties": { "humanTaskUiName": { "type": "string", "description": "The name of the Human Task UI.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "uiTemplate": { "$ref": "#/types/aws:sagemaker/HumanTaskUIUiTemplate:HumanTaskUIUiTemplate", "description": "The Liquid template for the worker user interface. See UI Template below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "humanTaskUiName", "uiTemplate" ], "stateInputs": { "description": "Input properties used for looking up and filtering HumanTaskUI resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Human Task UI.\n" }, "humanTaskUiName": { "type": "string", "description": "The name of the Human Task UI.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "uiTemplate": { "$ref": "#/types/aws:sagemaker/HumanTaskUIUiTemplate:HumanTaskUIUiTemplate", "description": "The Liquid template for the worker user interface. See UI Template below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/image:Image": { "description": "Provides a SageMaker Image resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Image(\"example\", {\n imageName: \"example\",\n roleArn: test.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Image(\"example\",\n image_name=\"example\",\n role_arn=test[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Image(\"example\", new()\n {\n ImageName = \"example\",\n RoleArn = test.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewImage(ctx, \"example\", \u0026sagemaker.ImageArgs{\n\t\t\tImageName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(test.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Image;\nimport com.pulumi.aws.sagemaker.ImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Image(\"example\", ImageArgs.builder()\n .imageName(\"example\")\n .roleArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Image\n properties:\n imageName: example\n roleArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Code Images using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/image:Image test_image my-code-repo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Image.\n" }, "description": { "type": "string", "description": "The description of the image.\n" }, "displayName": { "type": "string", "description": "The display name of the image. When the image is added to a domain (must be unique to the domain).\n" }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "imageName", "roleArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the image.\n" }, "displayName": { "type": "string", "description": "The display name of the image. When the image is added to a domain (must be unique to the domain).\n" }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "imageName", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Image resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Image.\n" }, "description": { "type": "string", "description": "The description of the image.\n" }, "displayName": { "type": "string", "description": "The display name of the image. When the image is added to a domain (must be unique to the domain).\n" }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/imageVersion:ImageVersion": { "description": "Provides a SageMaker Image Version resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.sagemaker.ImageVersion(\"test\", {\n imageName: testAwsSagemakerImage.id,\n baseImage: \"012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sagemaker.ImageVersion(\"test\",\n image_name=test_aws_sagemaker_image[\"id\"],\n base_image=\"012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Sagemaker.ImageVersion(\"test\", new()\n {\n ImageName = testAwsSagemakerImage.Id,\n BaseImage = \"012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewImageVersion(ctx, \"test\", \u0026sagemaker.ImageVersionArgs{\n\t\t\tImageName: pulumi.Any(testAwsSagemakerImage.Id),\n\t\t\tBaseImage: pulumi.String(\"012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.ImageVersion;\nimport com.pulumi.aws.sagemaker.ImageVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ImageVersion(\"test\", ImageVersionArgs.builder()\n .imageName(testAwsSagemakerImage.id())\n .baseImage(\"012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sagemaker:ImageVersion\n properties:\n imageName: ${testAwsSagemakerImage.id}\n baseImage: 012345678912.dkr.ecr.us-west-2.amazonaws.com/image:latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Image Versions using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/imageVersion:ImageVersion test_image my-code-repo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Image Version.\n" }, "baseImage": { "type": "string", "description": "The registry path of the container image on which this image version is based.\n" }, "containerImage": { "type": "string", "description": "The registry path of the container image that contains this image version.\n" }, "imageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the image the version is based on.\n" }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n" }, "version": { "type": "integer" } }, "required": [ "arn", "baseImage", "containerImage", "imageArn", "imageName", "version" ], "inputProperties": { "baseImage": { "type": "string", "description": "The registry path of the container image on which this image version is based.\n", "willReplaceOnChanges": true }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "baseImage", "imageName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ImageVersion resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Image Version.\n" }, "baseImage": { "type": "string", "description": "The registry path of the container image on which this image version is based.\n", "willReplaceOnChanges": true }, "containerImage": { "type": "string", "description": "The registry path of the container image that contains this image version.\n" }, "imageArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the image the version is based on.\n" }, "imageName": { "type": "string", "description": "The name of the image. Must be unique to your account.\n", "willReplaceOnChanges": true }, "version": { "type": "integer" } }, "type": "object" } }, "aws:sagemaker/model:Model": { "description": "Provides a SageMaker model resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"sagemaker.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json)});\nconst test = aws.sagemaker.getPrebuiltEcrImage({\n repositoryName: \"kmeans\",\n});\nconst example = new aws.sagemaker.Model(\"example\", {\n name: \"my-model\",\n executionRoleArn: exampleRole.arn,\n primaryContainer: {\n image: test.then(test =\u003e test.registryPath),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"sagemaker.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\", assume_role_policy=assume_role.json)\ntest = aws.sagemaker.get_prebuilt_ecr_image(repository_name=\"kmeans\")\nexample = aws.sagemaker.Model(\"example\",\n name=\"my-model\",\n execution_role_arn=example_role.arn,\n primary_container={\n \"image\": test.registry_path,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"sagemaker.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = Aws.Sagemaker.GetPrebuiltEcrImage.Invoke(new()\n {\n RepositoryName = \"kmeans\",\n });\n\n var example = new Aws.Sagemaker.Model(\"example\", new()\n {\n Name = \"my-model\",\n ExecutionRoleArn = exampleRole.Arn,\n PrimaryContainer = new Aws.Sagemaker.Inputs.ModelPrimaryContainerArgs\n {\n Image = test.Apply(getPrebuiltEcrImageResult =\u003e getPrebuiltEcrImageResult.RegistryPath),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"sagemaker.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := sagemaker.GetPrebuiltEcrImage(ctx, \u0026sagemaker.GetPrebuiltEcrImageArgs{\n\t\t\tRepositoryName: \"kmeans\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewModel(ctx, \"example\", \u0026sagemaker.ModelArgs{\n\t\t\tName: pulumi.String(\"my-model\"),\n\t\t\tExecutionRoleArn: exampleRole.Arn,\n\t\t\tPrimaryContainer: \u0026sagemaker.ModelPrimaryContainerArgs{\n\t\t\t\tImage: pulumi.String(test.RegistryPath),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sagemaker.SagemakerFunctions;\nimport com.pulumi.aws.sagemaker.inputs.GetPrebuiltEcrImageArgs;\nimport com.pulumi.aws.sagemaker.Model;\nimport com.pulumi.aws.sagemaker.ModelArgs;\nimport com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"sagemaker.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var test = SagemakerFunctions.getPrebuiltEcrImage(GetPrebuiltEcrImageArgs.builder()\n .repositoryName(\"kmeans\")\n .build());\n\n var example = new Model(\"example\", ModelArgs.builder()\n .name(\"my-model\")\n .executionRoleArn(exampleRole.arn())\n .primaryContainer(ModelPrimaryContainerArgs.builder()\n .image(test.applyValue(getPrebuiltEcrImageResult -\u003e getPrebuiltEcrImageResult.registryPath()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Model\n properties:\n name: my-model\n executionRoleArn: ${exampleRole.arn}\n primaryContainer:\n image: ${test.registryPath}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - sagemaker.amazonaws.com\n test:\n fn::invoke:\n Function: aws:sagemaker:getPrebuiltEcrImage\n Arguments:\n repositoryName: kmeans\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Inference Execution Config\n\n* `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`.\n\n## Import\n\nUsing `pulumi import`, import models using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/model:Model test_model model-foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n" }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n" }, "inferenceExecutionConfig": { "$ref": "#/types/aws:sagemaker/ModelInferenceExecutionConfig:ModelInferenceExecutionConfig", "description": "Specifies details of how containers in a multi-container endpoint are called. see Inference Execution Config.\n" }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n" } }, "required": [ "arn", "executionRoleArn", "inferenceExecutionConfig", "name", "tagsAll" ], "inputProperties": { "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n", "willReplaceOnChanges": true }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n", "willReplaceOnChanges": true }, "inferenceExecutionConfig": { "$ref": "#/types/aws:sagemaker/ModelInferenceExecutionConfig:ModelInferenceExecutionConfig", "description": "Specifies details of how containers in a multi-container endpoint are called. see Inference Execution Config.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "executionRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Model resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/ModelContainer:ModelContainer" }, "description": "Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.\n" }, "enableNetworkIsolation": { "type": "boolean", "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.\n", "willReplaceOnChanges": true }, "executionRoleArn": { "type": "string", "description": "A role that SageMaker can assume to access model artifacts and docker images for deployment.\n", "willReplaceOnChanges": true }, "inferenceExecutionConfig": { "$ref": "#/types/aws:sagemaker/ModelInferenceExecutionConfig:ModelInferenceExecutionConfig", "description": "Specifies details of how containers in a multi-container endpoint are called. see Inference Execution Config.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcConfig": { "$ref": "#/types/aws:sagemaker/ModelVpcConfig:ModelVpcConfig", "description": "Specifies the VPC that you want your model to connect to. VpcConfig is used in hosting services and in batch transform.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sagemaker/modelPackageGroup:ModelPackageGroup": { "description": "Provides a SageMaker Model Package Group resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.ModelPackageGroup(\"example\", {modelPackageGroupName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.ModelPackageGroup(\"example\", model_package_group_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.ModelPackageGroup(\"example\", new()\n {\n ModelPackageGroupName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewModelPackageGroup(ctx, \"example\", \u0026sagemaker.ModelPackageGroupArgs{\n\t\t\tModelPackageGroupName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.ModelPackageGroup;\nimport com.pulumi.aws.sagemaker.ModelPackageGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ModelPackageGroup(\"example\", ModelPackageGroupArgs.builder()\n .modelPackageGroupName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:ModelPackageGroup\n properties:\n modelPackageGroupName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Model Package Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/modelPackageGroup:ModelPackageGroup test_model_package_group my-code-repo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Model Package Group.\n" }, "modelPackageGroupDescription": { "type": "string", "description": "A description for the model group.\n" }, "modelPackageGroupName": { "type": "string", "description": "The name of the model group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "modelPackageGroupName", "tagsAll" ], "inputProperties": { "modelPackageGroupDescription": { "type": "string", "description": "A description for the model group.\n", "willReplaceOnChanges": true }, "modelPackageGroupName": { "type": "string", "description": "The name of the model group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "modelPackageGroupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ModelPackageGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Model Package Group.\n" }, "modelPackageGroupDescription": { "type": "string", "description": "A description for the model group.\n", "willReplaceOnChanges": true }, "modelPackageGroupName": { "type": "string", "description": "The name of the model group.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/modelPackageGroupPolicy:ModelPackageGroupPolicy": { "description": "Provides a SageMaker Model Package Group Policy resource.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import SageMaker Model Package Groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/modelPackageGroupPolicy:ModelPackageGroupPolicy example example\n```\n", "properties": { "modelPackageGroupName": { "type": "string", "description": "The name of the model package group.\n" }, "resourcePolicy": { "type": "string" } }, "required": [ "modelPackageGroupName", "resourcePolicy" ], "inputProperties": { "modelPackageGroupName": { "type": "string", "description": "The name of the model package group.\n", "willReplaceOnChanges": true }, "resourcePolicy": { "type": "string" } }, "requiredInputs": [ "modelPackageGroupName", "resourcePolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ModelPackageGroupPolicy resources.\n", "properties": { "modelPackageGroupName": { "type": "string", "description": "The name of the model package group.\n", "willReplaceOnChanges": true }, "resourcePolicy": { "type": "string" } }, "type": "object" } }, "aws:sagemaker/monitoringSchedule:MonitoringSchedule": { "description": "Provides a SageMaker monitoring schedule resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.sagemaker.MonitoringSchedule(\"test\", {\n name: \"my-monitoring-schedule\",\n monitoringScheduleConfig: {\n monitoringJobDefinitionName: testAwsSagemakerDataQualityJobDefinition.name,\n monitoringType: \"DataQuality\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sagemaker.MonitoringSchedule(\"test\",\n name=\"my-monitoring-schedule\",\n monitoring_schedule_config={\n \"monitoring_job_definition_name\": test_aws_sagemaker_data_quality_job_definition[\"name\"],\n \"monitoring_type\": \"DataQuality\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Sagemaker.MonitoringSchedule(\"test\", new()\n {\n Name = \"my-monitoring-schedule\",\n MonitoringScheduleConfig = new Aws.Sagemaker.Inputs.MonitoringScheduleMonitoringScheduleConfigArgs\n {\n MonitoringJobDefinitionName = testAwsSagemakerDataQualityJobDefinition.Name,\n MonitoringType = \"DataQuality\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewMonitoringSchedule(ctx, \"test\", \u0026sagemaker.MonitoringScheduleArgs{\n\t\t\tName: pulumi.String(\"my-monitoring-schedule\"),\n\t\t\tMonitoringScheduleConfig: \u0026sagemaker.MonitoringScheduleMonitoringScheduleConfigArgs{\n\t\t\t\tMonitoringJobDefinitionName: pulumi.Any(testAwsSagemakerDataQualityJobDefinition.Name),\n\t\t\t\tMonitoringType: pulumi.String(\"DataQuality\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.MonitoringSchedule;\nimport com.pulumi.aws.sagemaker.MonitoringScheduleArgs;\nimport com.pulumi.aws.sagemaker.inputs.MonitoringScheduleMonitoringScheduleConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new MonitoringSchedule(\"test\", MonitoringScheduleArgs.builder()\n .name(\"my-monitoring-schedule\")\n .monitoringScheduleConfig(MonitoringScheduleMonitoringScheduleConfigArgs.builder()\n .monitoringJobDefinitionName(testAwsSagemakerDataQualityJobDefinition.name())\n .monitoringType(\"DataQuality\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sagemaker:MonitoringSchedule\n properties:\n name: my-monitoring-schedule\n monitoringScheduleConfig:\n monitoringJobDefinitionName: ${testAwsSagemakerDataQualityJobDefinition.name}\n monitoringType: DataQuality\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import monitoring schedules using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/monitoringSchedule:MonitoringSchedule test_monitoring_schedule monitoring-schedule-foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this monitoring schedule.\n" }, "monitoringScheduleConfig": { "$ref": "#/types/aws:sagemaker/MonitoringScheduleMonitoringScheduleConfig:MonitoringScheduleMonitoringScheduleConfig", "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job. Fields are documented below.\n" }, "name": { "type": "string", "description": "The name of the monitoring schedule. The name must be unique within an AWS Region within an AWS account. If omitted, the provider will assign a random, unique name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "monitoringScheduleConfig", "name", "tagsAll" ], "inputProperties": { "monitoringScheduleConfig": { "$ref": "#/types/aws:sagemaker/MonitoringScheduleMonitoringScheduleConfig:MonitoringScheduleMonitoringScheduleConfig", "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job. Fields are documented below.\n" }, "name": { "type": "string", "description": "The name of the monitoring schedule. The name must be unique within an AWS Region within an AWS account. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "monitoringScheduleConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering MonitoringSchedule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this monitoring schedule.\n" }, "monitoringScheduleConfig": { "$ref": "#/types/aws:sagemaker/MonitoringScheduleMonitoringScheduleConfig:MonitoringScheduleMonitoringScheduleConfig", "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job. Fields are documented below.\n" }, "name": { "type": "string", "description": "The name of the monitoring schedule. The name must be unique within an AWS Region within an AWS account. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/notebookInstance:NotebookInstance": { "description": "Provides a SageMaker Notebook Instance resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ni = new aws.sagemaker.NotebookInstance(\"ni\", {\n name: \"my-notebook-instance\",\n roleArn: role.arn,\n instanceType: \"ml.t2.medium\",\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nni = aws.sagemaker.NotebookInstance(\"ni\",\n name=\"my-notebook-instance\",\n role_arn=role[\"arn\"],\n instance_type=\"ml.t2.medium\",\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ni = new Aws.Sagemaker.NotebookInstance(\"ni\", new()\n {\n Name = \"my-notebook-instance\",\n RoleArn = role.Arn,\n InstanceType = \"ml.t2.medium\",\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewNotebookInstance(ctx, \"ni\", \u0026sagemaker.NotebookInstanceArgs{\n\t\t\tName: pulumi.String(\"my-notebook-instance\"),\n\t\t\tRoleArn: pulumi.Any(role.Arn),\n\t\t\tInstanceType: pulumi.String(\"ml.t2.medium\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.NotebookInstance;\nimport com.pulumi.aws.sagemaker.NotebookInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ni = new NotebookInstance(\"ni\", NotebookInstanceArgs.builder()\n .name(\"my-notebook-instance\")\n .roleArn(role.arn())\n .instanceType(\"ml.t2.medium\")\n .tags(Map.of(\"Name\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ni:\n type: aws:sagemaker:NotebookInstance\n properties:\n name: my-notebook-instance\n roleArn: ${role.arn}\n instanceType: ml.t2.medium\n tags:\n Name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Code repository usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"my-notebook-instance-code-repo\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n },\n});\nconst ni = new aws.sagemaker.NotebookInstance(\"ni\", {\n name: \"my-notebook-instance\",\n roleArn: role.arn,\n instanceType: \"ml.t2.medium\",\n defaultCodeRepository: example.codeRepositoryName,\n tags: {\n Name: \"foo\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"my-notebook-instance-code-repo\",\n git_config={\n \"repository_url\": \"https://github.com/github/docs.git\",\n })\nni = aws.sagemaker.NotebookInstance(\"ni\",\n name=\"my-notebook-instance\",\n role_arn=role[\"arn\"],\n instance_type=\"ml.t2.medium\",\n default_code_repository=example.code_repository_name,\n tags={\n \"Name\": \"foo\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"my-notebook-instance-code-repo\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n },\n });\n\n var ni = new Aws.Sagemaker.NotebookInstance(\"ni\", new()\n {\n Name = \"my-notebook-instance\",\n RoleArn = role.Arn,\n InstanceType = \"ml.t2.medium\",\n DefaultCodeRepository = example.CodeRepositoryName,\n Tags = \n {\n { \"Name\", \"foo\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"my-notebook-instance-code-repo\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewNotebookInstance(ctx, \"ni\", \u0026sagemaker.NotebookInstanceArgs{\n\t\t\tName: pulumi.String(\"my-notebook-instance\"),\n\t\t\tRoleArn: pulumi.Any(role.Arn),\n\t\t\tInstanceType: pulumi.String(\"ml.t2.medium\"),\n\t\t\tDefaultCodeRepository: example.CodeRepositoryName,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport com.pulumi.aws.sagemaker.NotebookInstance;\nimport com.pulumi.aws.sagemaker.NotebookInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepository(\"example\", CodeRepositoryArgs.builder()\n .codeRepositoryName(\"my-notebook-instance-code-repo\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .build())\n .build());\n\n var ni = new NotebookInstance(\"ni\", NotebookInstanceArgs.builder()\n .name(\"my-notebook-instance\")\n .roleArn(role.arn())\n .instanceType(\"ml.t2.medium\")\n .defaultCodeRepository(example.codeRepositoryName())\n .tags(Map.of(\"Name\", \"foo\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:CodeRepository\n properties:\n codeRepositoryName: my-notebook-instance-code-repo\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n ni:\n type: aws:sagemaker:NotebookInstance\n properties:\n name: my-notebook-instance\n roleArn: ${role.arn}\n instanceType: ml.t2.medium\n defaultCodeRepository: ${example.codeRepositoryName}\n tags:\n Name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Notebook Instances using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/notebookInstance:NotebookInstance test_notebook_instance my-notebook-instance\n```\n", "properties": { "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of Elastic Inference (EI) instance types to associate with this notebook instance. See [Elastic Inference Accelerator](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) for more details. Valid values: `ml.eia1.medium`, `ml.eia1.large`, `ml.eia1.xlarge`, `ml.eia2.medium`, `ml.eia2.large`, `ml.eia2.xlarge`.\n" }, "additionalCodeRepositories": { "type": "array", "items": { "type": "string" }, "description": "An array of up to three Git repositories to associate with the notebook instance.\nThese can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this notebook instance.\n" }, "defaultCodeRepository": { "type": "string", "description": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository.\n" }, "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n" }, "instanceMetadataServiceConfiguration": { "$ref": "#/types/aws:sagemaker/NotebookInstanceInstanceMetadataServiceConfiguration:NotebookInstanceInstanceMetadataServiceConfiguration", "description": "Information on the IMDS configuration of the notebook instance. Conflicts with `instance_metadata_service_configuration`. see details below.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n" }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that Amazon SageMaker created at the time of creating the instance. Only available when setting `subnet_id`.\n" }, "platformIdentifier": { "type": "string", "description": "The platform identifier of the notebook instance runtime environment. This value can be either `notebook-al1-v1`, `notebook-al2-v1`, or `notebook-al2-v2`, depending on which version of Amazon Linux you require.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "rootAccess": { "type": "string", "description": "Whether root access is `Enabled` or `Disabled` for users of the notebook instance. The default value is `Enabled`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n" }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL that you use to connect to the Jupyter notebook that is running in your notebook instance.\n" }, "volumeSize": { "type": "integer", "description": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n" } }, "required": [ "arn", "instanceType", "name", "networkInterfaceId", "platformIdentifier", "roleArn", "securityGroups", "tagsAll", "url" ], "inputProperties": { "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of Elastic Inference (EI) instance types to associate with this notebook instance. See [Elastic Inference Accelerator](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) for more details. Valid values: `ml.eia1.medium`, `ml.eia1.large`, `ml.eia1.xlarge`, `ml.eia2.medium`, `ml.eia2.large`, `ml.eia2.xlarge`.\n" }, "additionalCodeRepositories": { "type": "array", "items": { "type": "string" }, "description": "An array of up to three Git repositories to associate with the notebook instance.\nThese can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance.\n" }, "defaultCodeRepository": { "type": "string", "description": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository.\n" }, "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n", "willReplaceOnChanges": true }, "instanceMetadataServiceConfiguration": { "$ref": "#/types/aws:sagemaker/NotebookInstanceInstanceMetadataServiceConfiguration:NotebookInstanceInstanceMetadataServiceConfiguration", "description": "Information on the IMDS configuration of the notebook instance. Conflicts with `instance_metadata_service_configuration`. see details below.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n", "willReplaceOnChanges": true }, "platformIdentifier": { "type": "string", "description": "The platform identifier of the notebook instance runtime environment. This value can be either `notebook-al1-v1`, `notebook-al2-v1`, or `notebook-al2-v2`, depending on which version of Amazon Linux you require.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "rootAccess": { "type": "string", "description": "Whether root access is `Enabled` or `Disabled` for users of the notebook instance. The default value is `Enabled`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "volumeSize": { "type": "integer", "description": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n" } }, "requiredInputs": [ "instanceType", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering NotebookInstance resources.\n", "properties": { "acceleratorTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of Elastic Inference (EI) instance types to associate with this notebook instance. See [Elastic Inference Accelerator](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) for more details. Valid values: `ml.eia1.medium`, `ml.eia1.large`, `ml.eia1.xlarge`, `ml.eia2.medium`, `ml.eia2.large`, `ml.eia2.xlarge`.\n" }, "additionalCodeRepositories": { "type": "array", "items": { "type": "string" }, "description": "An array of up to three Git repositories to associate with the notebook instance.\nThese can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this notebook instance.\n" }, "defaultCodeRepository": { "type": "string", "description": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository.\n" }, "directInternetAccess": { "type": "string", "description": "Set to `Disabled` to disable internet access to notebook. Requires `security_groups` and `subnet_id` to be set. Supported values: `Enabled` (Default) or `Disabled`. If set to `Disabled`, the notebook instance will be able to access resources only in your VPC, and will not be able to connect to Amazon SageMaker training and endpoint services unless your configure a NAT Gateway in your VPC.\n", "willReplaceOnChanges": true }, "instanceMetadataServiceConfiguration": { "$ref": "#/types/aws:sagemaker/NotebookInstanceInstanceMetadataServiceConfiguration:NotebookInstanceInstanceMetadataServiceConfiguration", "description": "Information on the IMDS configuration of the notebook instance. Conflicts with `instance_metadata_service_configuration`. see details below.\n" }, "instanceType": { "type": "string", "description": "The name of ML compute instance type.\n" }, "kmsKeyId": { "type": "string", "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.\n", "willReplaceOnChanges": true }, "lifecycleConfigName": { "type": "string", "description": "The name of a lifecycle configuration to associate with the notebook instance.\n" }, "name": { "type": "string", "description": "The name of the notebook instance (must be unique).\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The network interface ID that Amazon SageMaker created at the time of creating the instance. Only available when setting `subnet_id`.\n" }, "platformIdentifier": { "type": "string", "description": "The platform identifier of the notebook instance runtime environment. This value can be either `notebook-al1-v1`, `notebook-al2-v1`, or `notebook-al2-v2`, depending on which version of Amazon Linux you require.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the notebook instance which allows SageMaker to call other services on your behalf.\n" }, "rootAccess": { "type": "string", "description": "Whether root access is `Enabled` or `Disabled` for users of the notebook instance. The default value is `Enabled`.\n" }, "securityGroups": { "type": "array", "items": { "type": "string" }, "description": "The associated security groups.\n", "willReplaceOnChanges": true }, "subnetId": { "type": "string", "description": "The VPC subnet ID.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL that you use to connect to the Jupyter notebook that is running in your notebook instance.\n" }, "volumeSize": { "type": "integer", "description": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n" } }, "type": "object" } }, "aws:sagemaker/notebookInstanceLifecycleConfiguration:NotebookInstanceLifecycleConfiguration": { "description": "Provides a lifecycle configuration for SageMaker Notebook Instances.\n\n## Example Usage\n\nUsage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst lc = new aws.sagemaker.NotebookInstanceLifecycleConfiguration(\"lc\", {\n name: \"foo\",\n onCreate: std.base64encode({\n input: \"echo foo\",\n }).then(invoke =\u003e invoke.result),\n onStart: std.base64encode({\n input: \"echo bar\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nlc = aws.sagemaker.NotebookInstanceLifecycleConfiguration(\"lc\",\n name=\"foo\",\n on_create=std.base64encode(input=\"echo foo\").result,\n on_start=std.base64encode(input=\"echo bar\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lc = new Aws.Sagemaker.NotebookInstanceLifecycleConfiguration(\"lc\", new()\n {\n Name = \"foo\",\n OnCreate = Std.Base64encode.Invoke(new()\n {\n Input = \"echo foo\",\n }).Apply(invoke =\u003e invoke.Result),\n OnStart = Std.Base64encode.Invoke(new()\n {\n Input = \"echo bar\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"echo foo\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode1, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"echo bar\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewNotebookInstanceLifecycleConfiguration(ctx, \"lc\", \u0026sagemaker.NotebookInstanceLifecycleConfigurationArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tOnCreate: pulumi.String(invokeBase64encode.Result),\n\t\t\tOnStart: pulumi.String(invokeBase64encode1.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.NotebookInstanceLifecycleConfiguration;\nimport com.pulumi.aws.sagemaker.NotebookInstanceLifecycleConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lc = new NotebookInstanceLifecycleConfiguration(\"lc\", NotebookInstanceLifecycleConfigurationArgs.builder()\n .name(\"foo\")\n .onCreate(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"echo foo\")\n .build()).result())\n .onStart(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"echo bar\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lc:\n type: aws:sagemaker:NotebookInstanceLifecycleConfiguration\n properties:\n name: foo\n onCreate:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: echo foo\n Return: result\n onStart:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: echo bar\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import models using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/notebookInstanceLifecycleConfiguration:NotebookInstanceLifecycleConfiguration lc foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration.\n" }, "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n" }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering NotebookInstanceLifecycleConfiguration resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this lifecycle configuration.\n" }, "name": { "type": "string", "description": "The name of the lifecycle configuration (must be unique). If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "onCreate": { "type": "string", "description": "A shell script (base64-encoded) that runs only once when the SageMaker Notebook Instance is created.\n" }, "onStart": { "type": "string", "description": "A shell script (base64-encoded) that runs every time the SageMaker Notebook Instance is started including the time it's created.\n" } }, "type": "object" } }, "aws:sagemaker/pipeline:Pipeline": { "description": "Provides a SageMaker Pipeline resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineDisplayName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n pipelineDefinition: JSON.stringify({\n Version: \"2020-12-01\",\n Steps: [{\n Name: \"Test\",\n Type: \"Fail\",\n Arguments: {\n ErrorMessage: \"test\",\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_display_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n pipeline_definition=json.dumps({\n \"Version\": \"2020-12-01\",\n \"Steps\": [{\n \"Name\": \"Test\",\n \"Type\": \"Fail\",\n \"Arguments\": {\n \"ErrorMessage\": \"test\",\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineDisplayName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n PipelineDefinition = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2020-12-01\",\n [\"Steps\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"Test\",\n [\"Type\"] = \"Fail\",\n [\"Arguments\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ErrorMessage\"] = \"test\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2020-12-01\",\n\t\t\t\"Steps\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Name\": \"Test\",\n\t\t\t\t\t\"Type\": \"Fail\",\n\t\t\t\t\t\"Arguments\": map[string]interface{}{\n\t\t\t\t\t\t\"ErrorMessage\": \"test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sagemaker.NewPipeline(ctx, \"example\", \u0026sagemaker.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineDisplayName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tPipelineDefinition: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Pipeline;\nimport com.pulumi.aws.sagemaker.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder()\n .pipelineName(\"example\")\n .pipelineDisplayName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .pipelineDefinition(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2020-12-01\"),\n jsonProperty(\"Steps\", jsonArray(jsonObject(\n jsonProperty(\"Name\", \"Test\"),\n jsonProperty(\"Type\", \"Fail\"),\n jsonProperty(\"Arguments\", jsonObject(\n jsonProperty(\"ErrorMessage\", \"test\")\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Pipeline\n properties:\n pipelineName: example\n pipelineDisplayName: example\n roleArn: ${exampleAwsIamRole.arn}\n pipelineDefinition:\n fn::toJSON:\n Version: 2020-12-01\n Steps:\n - Name: Test\n Type: Fail\n Arguments:\n ErrorMessage: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipelines using the `pipeline_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/pipeline:Pipeline test_pipeline pipeline\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Pipeline.\n" }, "parallelismConfiguration": { "$ref": "#/types/aws:sagemaker/PipelineParallelismConfiguration:PipelineParallelismConfiguration", "description": "This is the configuration that controls the parallelism of the pipeline. If specified, it applies to all runs of this pipeline by default. see Parallelism Configuration details below.\n" }, "pipelineDefinition": { "type": "string", "description": "The [JSON pipeline definition](https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.\n" }, "pipelineDefinitionS3Location": { "$ref": "#/types/aws:sagemaker/PipelinePipelineDefinitionS3Location:PipelinePipelineDefinitionS3Location", "description": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker will retrieve the pipeline definition from this location. see Pipeline Definition S3 Location details below.\n" }, "pipelineDescription": { "type": "string", "description": "A description of the pipeline.\n" }, "pipelineDisplayName": { "type": "string", "description": "The display name of the pipeline.\n" }, "pipelineName": { "type": "string", "description": "The name of the pipeline.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role the pipeline will execute as.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "pipelineDisplayName", "pipelineName", "tagsAll" ], "inputProperties": { "parallelismConfiguration": { "$ref": "#/types/aws:sagemaker/PipelineParallelismConfiguration:PipelineParallelismConfiguration", "description": "This is the configuration that controls the parallelism of the pipeline. If specified, it applies to all runs of this pipeline by default. see Parallelism Configuration details below.\n" }, "pipelineDefinition": { "type": "string", "description": "The [JSON pipeline definition](https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.\n" }, "pipelineDefinitionS3Location": { "$ref": "#/types/aws:sagemaker/PipelinePipelineDefinitionS3Location:PipelinePipelineDefinitionS3Location", "description": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker will retrieve the pipeline definition from this location. see Pipeline Definition S3 Location details below.\n" }, "pipelineDescription": { "type": "string", "description": "A description of the pipeline.\n" }, "pipelineDisplayName": { "type": "string", "description": "The display name of the pipeline.\n" }, "pipelineName": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the IAM role the pipeline will execute as.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "pipelineDisplayName", "pipelineName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Pipeline resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Pipeline.\n" }, "parallelismConfiguration": { "$ref": "#/types/aws:sagemaker/PipelineParallelismConfiguration:PipelineParallelismConfiguration", "description": "This is the configuration that controls the parallelism of the pipeline. If specified, it applies to all runs of this pipeline by default. see Parallelism Configuration details below.\n" }, "pipelineDefinition": { "type": "string", "description": "The [JSON pipeline definition](https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.\n" }, "pipelineDefinitionS3Location": { "$ref": "#/types/aws:sagemaker/PipelinePipelineDefinitionS3Location:PipelinePipelineDefinitionS3Location", "description": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker will retrieve the pipeline definition from this location. see Pipeline Definition S3 Location details below.\n" }, "pipelineDescription": { "type": "string", "description": "A description of the pipeline.\n" }, "pipelineDisplayName": { "type": "string", "description": "The display name of the pipeline.\n" }, "pipelineName": { "type": "string", "description": "The name of the pipeline.\n", "willReplaceOnChanges": true }, "roleArn": { "type": "string", "description": "The ARN of the IAM role the pipeline will execute as.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/project:Project": { "description": "Provides a SageMaker Project resource.\n\n \u003e Note: If you are trying to use SageMaker projects with SageMaker studio you will need to add a tag with the key `sagemaker:studio-visibility` with value `true`. For more on requirements to use projects and permission needed see [AWS Docs](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-projects-templates-custom.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Project(\"example\", {\n projectName: \"example\",\n serviceCatalogProvisioningDetails: {\n productId: exampleAwsServicecatalogProduct.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Project(\"example\",\n project_name=\"example\",\n service_catalog_provisioning_details={\n \"product_id\": example_aws_servicecatalog_product[\"id\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Project(\"example\", new()\n {\n ProjectName = \"example\",\n ServiceCatalogProvisioningDetails = new Aws.Sagemaker.Inputs.ProjectServiceCatalogProvisioningDetailsArgs\n {\n ProductId = exampleAwsServicecatalogProduct.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewProject(ctx, \"example\", \u0026sagemaker.ProjectArgs{\n\t\t\tProjectName: pulumi.String(\"example\"),\n\t\t\tServiceCatalogProvisioningDetails: \u0026sagemaker.ProjectServiceCatalogProvisioningDetailsArgs{\n\t\t\t\tProductId: pulumi.Any(exampleAwsServicecatalogProduct.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Project;\nimport com.pulumi.aws.sagemaker.ProjectArgs;\nimport com.pulumi.aws.sagemaker.inputs.ProjectServiceCatalogProvisioningDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Project(\"example\", ProjectArgs.builder()\n .projectName(\"example\")\n .serviceCatalogProvisioningDetails(ProjectServiceCatalogProvisioningDetailsArgs.builder()\n .productId(exampleAwsServicecatalogProduct.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Project\n properties:\n projectName: example\n serviceCatalogProvisioningDetails:\n productId: ${exampleAwsServicecatalogProduct.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Projects using the `project_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/project:Project example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Project.\n" }, "projectDescription": { "type": "string", "description": "A description for the project.\n" }, "projectId": { "type": "string", "description": "The ID of the project.\n" }, "projectName": { "type": "string", "description": "The name of the Project.\n" }, "serviceCatalogProvisioningDetails": { "$ref": "#/types/aws:sagemaker/ProjectServiceCatalogProvisioningDetails:ProjectServiceCatalogProvisioningDetails", "description": "The product ID and provisioning artifact ID to provision a service catalog. See Service Catalog Provisioning Details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "projectId", "projectName", "serviceCatalogProvisioningDetails", "tagsAll" ], "inputProperties": { "projectDescription": { "type": "string", "description": "A description for the project.\n" }, "projectName": { "type": "string", "description": "The name of the Project.\n", "willReplaceOnChanges": true }, "serviceCatalogProvisioningDetails": { "$ref": "#/types/aws:sagemaker/ProjectServiceCatalogProvisioningDetails:ProjectServiceCatalogProvisioningDetails", "description": "The product ID and provisioning artifact ID to provision a service catalog. See Service Catalog Provisioning Details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "projectName", "serviceCatalogProvisioningDetails" ], "stateInputs": { "description": "Input properties used for looking up and filtering Project resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Project.\n" }, "projectDescription": { "type": "string", "description": "A description for the project.\n" }, "projectId": { "type": "string", "description": "The ID of the project.\n" }, "projectName": { "type": "string", "description": "The name of the Project.\n", "willReplaceOnChanges": true }, "serviceCatalogProvisioningDetails": { "$ref": "#/types/aws:sagemaker/ProjectServiceCatalogProvisioningDetails:ProjectServiceCatalogProvisioningDetails", "description": "The product ID and provisioning artifact ID to provision a service catalog. See Service Catalog Provisioning Details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/servicecatalogPortfolioStatus:ServicecatalogPortfolioStatus": { "description": "Manages status of Service Catalog in SageMaker. Service Catalog is used to create SageMaker projects.\n\n## Example Usage\n\nUsage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.ServicecatalogPortfolioStatus(\"example\", {status: \"Enabled\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.ServicecatalogPortfolioStatus(\"example\", status=\"Enabled\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.ServicecatalogPortfolioStatus(\"example\", new()\n {\n Status = \"Enabled\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewServicecatalogPortfolioStatus(ctx, \"example\", \u0026sagemaker.ServicecatalogPortfolioStatusArgs{\n\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.ServicecatalogPortfolioStatus;\nimport com.pulumi.aws.sagemaker.ServicecatalogPortfolioStatusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServicecatalogPortfolioStatus(\"example\", ServicecatalogPortfolioStatusArgs.builder()\n .status(\"Enabled\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:ServicecatalogPortfolioStatus\n properties:\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import models using the `id`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/servicecatalogPortfolioStatus:ServicecatalogPortfolioStatus example us-east-1\n```\n", "properties": { "status": { "type": "string", "description": "Whether Service Catalog is enabled or disabled in SageMaker. Valid values are `Enabled` and `Disabled`.\n" } }, "required": [ "status" ], "inputProperties": { "status": { "type": "string", "description": "Whether Service Catalog is enabled or disabled in SageMaker. Valid values are `Enabled` and `Disabled`.\n" } }, "requiredInputs": [ "status" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServicecatalogPortfolioStatus resources.\n", "properties": { "status": { "type": "string", "description": "Whether Service Catalog is enabled or disabled in SageMaker. Valid values are `Enabled` and `Disabled`.\n" } }, "type": "object" } }, "aws:sagemaker/space:Space": { "description": "Provides a SageMaker Space resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Space(\"example\", {\n domainId: test.id,\n spaceName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Space(\"example\",\n domain_id=test[\"id\"],\n space_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Space(\"example\", new()\n {\n DomainId = test.Id,\n SpaceName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewSpace(ctx, \"example\", \u0026sagemaker.SpaceArgs{\n\t\t\tDomainId: pulumi.Any(test.Id),\n\t\t\tSpaceName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Space;\nimport com.pulumi.aws.sagemaker.SpaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Space(\"example\", SpaceArgs.builder()\n .domainId(test.id())\n .spaceName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Space\n properties:\n domainId: ${test.id}\n spaceName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Spaces using the `id`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/space:Space test_space arn:aws:sagemaker:us-west-2:123456789012:space/domain-id/space-name\n```\n", "properties": { "arn": { "type": "string", "description": "The space's Amazon Resource Name (ARN).\n" }, "domainId": { "type": "string", "description": "The ID of the associated Domain.\n" }, "homeEfsFileSystemUid": { "type": "string", "description": "The ID of the space's profile in the Amazon Elastic File System volume.\n" }, "ownershipSettings": { "$ref": "#/types/aws:sagemaker/SpaceOwnershipSettings:SpaceOwnershipSettings", "description": "A collection of ownership settings. Required if `space_sharing_settings` is set. See `ownership_settings` Block below.\n" }, "spaceDisplayName": { "type": "string", "description": "The name of the space that appears in the SageMaker Studio UI.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" }, "spaceSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettings:SpaceSpaceSettings", "description": "A collection of space settings. See `space_settings` Block below.\n" }, "spaceSharingSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSharingSettings:SpaceSpaceSharingSettings", "description": "A collection of space sharing settings. Required if `ownership_settings` is set. See `space_sharing_settings` Block below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "Returns the URL of the space. If the space is created with Amazon Web Services IAM Identity Center (Successor to Amazon Web Services Single Sign-On) authentication, users can navigate to the URL after appending the respective redirect parameter for the application type to be federated through Amazon Web Services IAM Identity Center.\n" } }, "required": [ "arn", "domainId", "homeEfsFileSystemUid", "spaceName", "tagsAll", "url" ], "inputProperties": { "domainId": { "type": "string", "description": "The ID of the associated Domain.\n", "willReplaceOnChanges": true }, "ownershipSettings": { "$ref": "#/types/aws:sagemaker/SpaceOwnershipSettings:SpaceOwnershipSettings", "description": "A collection of ownership settings. Required if `space_sharing_settings` is set. See `ownership_settings` Block below.\n" }, "spaceDisplayName": { "type": "string", "description": "The name of the space that appears in the SageMaker Studio UI.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n", "willReplaceOnChanges": true }, "spaceSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettings:SpaceSpaceSettings", "description": "A collection of space settings. See `space_settings` Block below.\n" }, "spaceSharingSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSharingSettings:SpaceSpaceSharingSettings", "description": "A collection of space sharing settings. Required if `ownership_settings` is set. See `space_sharing_settings` Block below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "domainId", "spaceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Space resources.\n", "properties": { "arn": { "type": "string", "description": "The space's Amazon Resource Name (ARN).\n" }, "domainId": { "type": "string", "description": "The ID of the associated Domain.\n", "willReplaceOnChanges": true }, "homeEfsFileSystemUid": { "type": "string", "description": "The ID of the space's profile in the Amazon Elastic File System volume.\n" }, "ownershipSettings": { "$ref": "#/types/aws:sagemaker/SpaceOwnershipSettings:SpaceOwnershipSettings", "description": "A collection of ownership settings. Required if `space_sharing_settings` is set. See `ownership_settings` Block below.\n" }, "spaceDisplayName": { "type": "string", "description": "The name of the space that appears in the SageMaker Studio UI.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n", "willReplaceOnChanges": true }, "spaceSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSettings:SpaceSpaceSettings", "description": "A collection of space settings. See `space_settings` Block below.\n" }, "spaceSharingSettings": { "$ref": "#/types/aws:sagemaker/SpaceSpaceSharingSettings:SpaceSpaceSharingSettings", "description": "A collection of space sharing settings. Required if `ownership_settings` is set. See `space_sharing_settings` Block below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "Returns the URL of the space. If the space is created with Amazon Web Services IAM Identity Center (Successor to Amazon Web Services Single Sign-On) authentication, users can navigate to the URL after appending the respective redirect parameter for the application type to be federated through Amazon Web Services IAM Identity Center.\n" } }, "type": "object" } }, "aws:sagemaker/studioLifecycleConfig:StudioLifecycleConfig": { "description": "Provides a SageMaker Studio Lifecycle Config resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.sagemaker.StudioLifecycleConfig(\"example\", {\n studioLifecycleConfigName: \"example\",\n studioLifecycleConfigAppType: \"JupyterServer\",\n studioLifecycleConfigContent: std.base64encode({\n input: \"echo Hello\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.sagemaker.StudioLifecycleConfig(\"example\",\n studio_lifecycle_config_name=\"example\",\n studio_lifecycle_config_app_type=\"JupyterServer\",\n studio_lifecycle_config_content=std.base64encode(input=\"echo Hello\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.StudioLifecycleConfig(\"example\", new()\n {\n StudioLifecycleConfigName = \"example\",\n StudioLifecycleConfigAppType = \"JupyterServer\",\n StudioLifecycleConfigContent = Std.Base64encode.Invoke(new()\n {\n Input = \"echo Hello\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"echo Hello\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewStudioLifecycleConfig(ctx, \"example\", \u0026sagemaker.StudioLifecycleConfigArgs{\n\t\t\tStudioLifecycleConfigName: pulumi.String(\"example\"),\n\t\t\tStudioLifecycleConfigAppType: pulumi.String(\"JupyterServer\"),\n\t\t\tStudioLifecycleConfigContent: pulumi.String(invokeBase64encode.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.StudioLifecycleConfig;\nimport com.pulumi.aws.sagemaker.StudioLifecycleConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StudioLifecycleConfig(\"example\", StudioLifecycleConfigArgs.builder()\n .studioLifecycleConfigName(\"example\")\n .studioLifecycleConfigAppType(\"JupyterServer\")\n .studioLifecycleConfigContent(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"echo Hello\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:StudioLifecycleConfig\n properties:\n studioLifecycleConfigName: example\n studioLifecycleConfigAppType: JupyterServer\n studioLifecycleConfigContent:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: echo Hello\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Studio Lifecycle Configs using the `studio_lifecycle_config_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/studioLifecycleConfig:StudioLifecycleConfig example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Studio Lifecycle Config.\n" }, "studioLifecycleConfigAppType": { "type": "string", "description": "The App type that the Lifecycle Configuration is attached to. Valid values are `JupyterServer`, `JupyterLab`, `CodeEditor` and `KernelGateway`.\n" }, "studioLifecycleConfigContent": { "type": "string", "description": "The content of your Studio Lifecycle Configuration script. This content must be base64 encoded.\n" }, "studioLifecycleConfigName": { "type": "string", "description": "The name of the Studio Lifecycle Configuration to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "studioLifecycleConfigAppType", "studioLifecycleConfigContent", "studioLifecycleConfigName", "tagsAll" ], "inputProperties": { "studioLifecycleConfigAppType": { "type": "string", "description": "The App type that the Lifecycle Configuration is attached to. Valid values are `JupyterServer`, `JupyterLab`, `CodeEditor` and `KernelGateway`.\n", "willReplaceOnChanges": true }, "studioLifecycleConfigContent": { "type": "string", "description": "The content of your Studio Lifecycle Configuration script. This content must be base64 encoded.\n", "willReplaceOnChanges": true }, "studioLifecycleConfigName": { "type": "string", "description": "The name of the Studio Lifecycle Configuration to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "studioLifecycleConfigAppType", "studioLifecycleConfigContent", "studioLifecycleConfigName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StudioLifecycleConfig resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Studio Lifecycle Config.\n" }, "studioLifecycleConfigAppType": { "type": "string", "description": "The App type that the Lifecycle Configuration is attached to. Valid values are `JupyterServer`, `JupyterLab`, `CodeEditor` and `KernelGateway`.\n", "willReplaceOnChanges": true }, "studioLifecycleConfigContent": { "type": "string", "description": "The content of your Studio Lifecycle Configuration script. This content must be base64 encoded.\n", "willReplaceOnChanges": true }, "studioLifecycleConfigName": { "type": "string", "description": "The name of the Studio Lifecycle Configuration to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sagemaker/userProfile:UserProfile": { "description": "Provides a SageMaker User Profile resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.UserProfile(\"example\", {\n domainId: test.id,\n userProfileName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.UserProfile(\"example\",\n domain_id=test[\"id\"],\n user_profile_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.UserProfile(\"example\", new()\n {\n DomainId = test.Id,\n UserProfileName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewUserProfile(ctx, \"example\", \u0026sagemaker.UserProfileArgs{\n\t\t\tDomainId: pulumi.Any(test.Id),\n\t\t\tUserProfileName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.UserProfile;\nimport com.pulumi.aws.sagemaker.UserProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new UserProfile(\"example\", UserProfileArgs.builder()\n .domainId(test.id())\n .userProfileName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:UserProfile\n properties:\n domainId: ${test.id}\n userProfileName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker User Profiles using the `arn`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/userProfile:UserProfile test_user_profile arn:aws:sagemaker:us-west-2:123456789012:user-profile/domain-id/profile-name\n```\n", "properties": { "arn": { "type": "string", "description": "The user profile Amazon Resource Name (ARN).\n" }, "domainId": { "type": "string", "description": "The ID of the associated Domain.\n" }, "homeEfsFileSystemUid": { "type": "string", "description": "The ID of the user's profile in the Amazon Elastic File System (EFS) volume.\n" }, "singleSignOnUserIdentifier": { "type": "string", "description": "A specifier for the type of value specified in `single_sign_on_user_value`. Currently, the only supported value is `UserName`. If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified.\n" }, "singleSignOnUserValue": { "type": "string", "description": "The username of the associated AWS Single Sign-On User for this User Profile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userProfileName": { "type": "string", "description": "The name for the User Profile.\n" }, "userSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettings:UserProfileUserSettings", "description": "The user settings. See User Settings below.\n" } }, "required": [ "arn", "domainId", "homeEfsFileSystemUid", "tagsAll", "userProfileName" ], "inputProperties": { "domainId": { "type": "string", "description": "The ID of the associated Domain.\n", "willReplaceOnChanges": true }, "singleSignOnUserIdentifier": { "type": "string", "description": "A specifier for the type of value specified in `single_sign_on_user_value`. Currently, the only supported value is `UserName`. If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified.\n", "willReplaceOnChanges": true }, "singleSignOnUserValue": { "type": "string", "description": "The username of the associated AWS Single Sign-On User for this User Profile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userProfileName": { "type": "string", "description": "The name for the User Profile.\n", "willReplaceOnChanges": true }, "userSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettings:UserProfileUserSettings", "description": "The user settings. See User Settings below.\n" } }, "requiredInputs": [ "domainId", "userProfileName" ], "stateInputs": { "description": "Input properties used for looking up and filtering UserProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The user profile Amazon Resource Name (ARN).\n" }, "domainId": { "type": "string", "description": "The ID of the associated Domain.\n", "willReplaceOnChanges": true }, "homeEfsFileSystemUid": { "type": "string", "description": "The ID of the user's profile in the Amazon Elastic File System (EFS) volume.\n" }, "singleSignOnUserIdentifier": { "type": "string", "description": "A specifier for the type of value specified in `single_sign_on_user_value`. Currently, the only supported value is `UserName`. If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified.\n", "willReplaceOnChanges": true }, "singleSignOnUserValue": { "type": "string", "description": "The username of the associated AWS Single Sign-On User for this User Profile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userProfileName": { "type": "string", "description": "The name for the User Profile.\n", "willReplaceOnChanges": true }, "userSettings": { "$ref": "#/types/aws:sagemaker/UserProfileUserSettings:UserProfileUserSettings", "description": "The user settings. See User Settings below.\n" } }, "type": "object" } }, "aws:sagemaker/workforce:Workforce": { "description": "Provides a SageMaker Workforce resource.\n\n## Example Usage\n\n### Cognito Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleUserPoolClient = new aws.cognito.UserPoolClient(\"example\", {\n name: \"example\",\n generateSecret: true,\n userPoolId: exampleUserPool.id,\n});\nconst exampleUserPoolDomain = new aws.cognito.UserPoolDomain(\"example\", {\n domain: \"example\",\n userPoolId: exampleUserPool.id,\n});\nconst example = new aws.sagemaker.Workforce(\"example\", {\n workforceName: \"example\",\n cognitoConfig: {\n clientId: exampleUserPoolClient.id,\n userPool: exampleUserPoolDomain.userPoolId,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_user_pool_client = aws.cognito.UserPoolClient(\"example\",\n name=\"example\",\n generate_secret=True,\n user_pool_id=example_user_pool.id)\nexample_user_pool_domain = aws.cognito.UserPoolDomain(\"example\",\n domain=\"example\",\n user_pool_id=example_user_pool.id)\nexample = aws.sagemaker.Workforce(\"example\",\n workforce_name=\"example\",\n cognito_config={\n \"client_id\": example_user_pool_client.id,\n \"user_pool\": example_user_pool_domain.user_pool_id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleUserPoolClient = new Aws.Cognito.UserPoolClient(\"example\", new()\n {\n Name = \"example\",\n GenerateSecret = true,\n UserPoolId = exampleUserPool.Id,\n });\n\n var exampleUserPoolDomain = new Aws.Cognito.UserPoolDomain(\"example\", new()\n {\n Domain = \"example\",\n UserPoolId = exampleUserPool.Id,\n });\n\n var example = new Aws.Sagemaker.Workforce(\"example\", new()\n {\n WorkforceName = \"example\",\n CognitoConfig = new Aws.Sagemaker.Inputs.WorkforceCognitoConfigArgs\n {\n ClientId = exampleUserPoolClient.Id,\n UserPool = exampleUserPoolDomain.UserPoolId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolClient, err := cognito.NewUserPoolClient(ctx, \"example\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tGenerateSecret: pulumi.Bool(true),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolDomain, err := cognito.NewUserPoolDomain(ctx, \"example\", \u0026cognito.UserPoolDomainArgs{\n\t\t\tDomain: pulumi.String(\"example\"),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewWorkforce(ctx, \"example\", \u0026sagemaker.WorkforceArgs{\n\t\t\tWorkforceName: pulumi.String(\"example\"),\n\t\t\tCognitoConfig: \u0026sagemaker.WorkforceCognitoConfigArgs{\n\t\t\t\tClientId: exampleUserPoolClient.ID(),\n\t\t\t\tUserPool: exampleUserPoolDomain.UserPoolId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.cognito.UserPoolDomainArgs;\nimport com.pulumi.aws.sagemaker.Workforce;\nimport com.pulumi.aws.sagemaker.WorkforceArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkforceCognitoConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleUserPoolClient = new UserPoolClient(\"exampleUserPoolClient\", UserPoolClientArgs.builder()\n .name(\"example\")\n .generateSecret(true)\n .userPoolId(exampleUserPool.id())\n .build());\n\n var exampleUserPoolDomain = new UserPoolDomain(\"exampleUserPoolDomain\", UserPoolDomainArgs.builder()\n .domain(\"example\")\n .userPoolId(exampleUserPool.id())\n .build());\n\n var example = new Workforce(\"example\", WorkforceArgs.builder()\n .workforceName(\"example\")\n .cognitoConfig(WorkforceCognitoConfigArgs.builder()\n .clientId(exampleUserPoolClient.id())\n .userPool(exampleUserPoolDomain.userPoolId())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Workforce\n properties:\n workforceName: example\n cognitoConfig:\n clientId: ${exampleUserPoolClient.id}\n userPool: ${exampleUserPoolDomain.userPoolId}\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example\n exampleUserPoolClient:\n type: aws:cognito:UserPoolClient\n name: example\n properties:\n name: example\n generateSecret: true\n userPoolId: ${exampleUserPool.id}\n exampleUserPoolDomain:\n type: aws:cognito:UserPoolDomain\n name: example\n properties:\n domain: example\n userPoolId: ${exampleUserPool.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Oidc Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Workforce(\"example\", {\n workforceName: \"example\",\n oidcConfig: {\n authorizationEndpoint: \"https://example.com\",\n clientId: \"example\",\n clientSecret: \"example\",\n issuer: \"https://example.com\",\n jwksUri: \"https://example.com\",\n logoutEndpoint: \"https://example.com\",\n tokenEndpoint: \"https://example.com\",\n userInfoEndpoint: \"https://example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Workforce(\"example\",\n workforce_name=\"example\",\n oidc_config={\n \"authorization_endpoint\": \"https://example.com\",\n \"client_id\": \"example\",\n \"client_secret\": \"example\",\n \"issuer\": \"https://example.com\",\n \"jwks_uri\": \"https://example.com\",\n \"logout_endpoint\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com\",\n \"user_info_endpoint\": \"https://example.com\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Workforce(\"example\", new()\n {\n WorkforceName = \"example\",\n OidcConfig = new Aws.Sagemaker.Inputs.WorkforceOidcConfigArgs\n {\n AuthorizationEndpoint = \"https://example.com\",\n ClientId = \"example\",\n ClientSecret = \"example\",\n Issuer = \"https://example.com\",\n JwksUri = \"https://example.com\",\n LogoutEndpoint = \"https://example.com\",\n TokenEndpoint = \"https://example.com\",\n UserInfoEndpoint = \"https://example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewWorkforce(ctx, \"example\", \u0026sagemaker.WorkforceArgs{\n\t\t\tWorkforceName: pulumi.String(\"example\"),\n\t\t\tOidcConfig: \u0026sagemaker.WorkforceOidcConfigArgs{\n\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com\"),\n\t\t\t\tClientId: pulumi.String(\"example\"),\n\t\t\t\tClientSecret: pulumi.String(\"example\"),\n\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\tJwksUri: pulumi.String(\"https://example.com\"),\n\t\t\t\tLogoutEndpoint: pulumi.String(\"https://example.com\"),\n\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com\"),\n\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Workforce;\nimport com.pulumi.aws.sagemaker.WorkforceArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkforceOidcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workforce(\"example\", WorkforceArgs.builder()\n .workforceName(\"example\")\n .oidcConfig(WorkforceOidcConfigArgs.builder()\n .authorizationEndpoint(\"https://example.com\")\n .clientId(\"example\")\n .clientSecret(\"example\")\n .issuer(\"https://example.com\")\n .jwksUri(\"https://example.com\")\n .logoutEndpoint(\"https://example.com\")\n .tokenEndpoint(\"https://example.com\")\n .userInfoEndpoint(\"https://example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Workforce\n properties:\n workforceName: example\n oidcConfig:\n authorizationEndpoint: https://example.com\n clientId: example\n clientSecret: example\n issuer: https://example.com\n jwksUri: https://example.com\n logoutEndpoint: https://example.com\n tokenEndpoint: https://example.com\n userInfoEndpoint: https://example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Workforces using the `workforce_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/workforce:Workforce example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Workforce.\n" }, "cognitoConfig": { "$ref": "#/types/aws:sagemaker/WorkforceCognitoConfig:WorkforceCognitoConfig", "description": "Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with `oidc_config`. see Cognito Config details below.\n" }, "oidcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceOidcConfig:WorkforceOidcConfig", "description": "Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with `cognito_config`. see OIDC Config details below.\n" }, "sourceIpConfig": { "$ref": "#/types/aws:sagemaker/WorkforceSourceIpConfig:WorkforceSourceIpConfig", "description": "A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. see Source Ip Config details below.\n" }, "subdomain": { "type": "string", "description": "The subdomain for your OIDC Identity Provider.\n" }, "workforceName": { "type": "string", "description": "The name of the Workforce (must be unique).\n" }, "workforceVpcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceWorkforceVpcConfig:WorkforceWorkforceVpcConfig", "description": "configure a workforce using VPC. see Workforce VPC Config details below.\n" } }, "required": [ "arn", "sourceIpConfig", "subdomain", "workforceName" ], "inputProperties": { "cognitoConfig": { "$ref": "#/types/aws:sagemaker/WorkforceCognitoConfig:WorkforceCognitoConfig", "description": "Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with `oidc_config`. see Cognito Config details below.\n", "willReplaceOnChanges": true }, "oidcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceOidcConfig:WorkforceOidcConfig", "description": "Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with `cognito_config`. see OIDC Config details below.\n" }, "sourceIpConfig": { "$ref": "#/types/aws:sagemaker/WorkforceSourceIpConfig:WorkforceSourceIpConfig", "description": "A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. see Source Ip Config details below.\n" }, "workforceName": { "type": "string", "description": "The name of the Workforce (must be unique).\n", "willReplaceOnChanges": true }, "workforceVpcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceWorkforceVpcConfig:WorkforceWorkforceVpcConfig", "description": "configure a workforce using VPC. see Workforce VPC Config details below.\n" } }, "requiredInputs": [ "workforceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workforce resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Workforce.\n" }, "cognitoConfig": { "$ref": "#/types/aws:sagemaker/WorkforceCognitoConfig:WorkforceCognitoConfig", "description": "Use this parameter to configure an Amazon Cognito private workforce. A single Cognito workforce is created using and corresponds to a single Amazon Cognito user pool. Conflicts with `oidc_config`. see Cognito Config details below.\n", "willReplaceOnChanges": true }, "oidcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceOidcConfig:WorkforceOidcConfig", "description": "Use this parameter to configure a private workforce using your own OIDC Identity Provider. Conflicts with `cognito_config`. see OIDC Config details below.\n" }, "sourceIpConfig": { "$ref": "#/types/aws:sagemaker/WorkforceSourceIpConfig:WorkforceSourceIpConfig", "description": "A list of IP address ranges Used to create an allow list of IP addresses for a private workforce. By default, a workforce isn't restricted to specific IP addresses. see Source Ip Config details below.\n" }, "subdomain": { "type": "string", "description": "The subdomain for your OIDC Identity Provider.\n" }, "workforceName": { "type": "string", "description": "The name of the Workforce (must be unique).\n", "willReplaceOnChanges": true }, "workforceVpcConfig": { "$ref": "#/types/aws:sagemaker/WorkforceWorkforceVpcConfig:WorkforceWorkforceVpcConfig", "description": "configure a workforce using VPC. see Workforce VPC Config details below.\n" } }, "type": "object" } }, "aws:sagemaker/workteam:Workteam": { "description": "Provides a SageMaker Workteam resource.\n\n## Example Usage\n\n### Cognito Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Workteam(\"example\", {\n workteamName: \"example\",\n workforceName: exampleAwsSagemakerWorkforce.id,\n description: \"example\",\n memberDefinitions: [{\n cognitoMemberDefinition: {\n clientId: exampleAwsCognitoUserPoolClient.id,\n userPool: exampleAwsCognitoUserPoolDomain.userPoolId,\n userGroup: exampleAwsCognitoUserGroup.id,\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Workteam(\"example\",\n workteam_name=\"example\",\n workforce_name=example_aws_sagemaker_workforce[\"id\"],\n description=\"example\",\n member_definitions=[{\n \"cognito_member_definition\": {\n \"client_id\": example_aws_cognito_user_pool_client[\"id\"],\n \"user_pool\": example_aws_cognito_user_pool_domain[\"userPoolId\"],\n \"user_group\": example_aws_cognito_user_group[\"id\"],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Workteam(\"example\", new()\n {\n WorkteamName = \"example\",\n WorkforceName = exampleAwsSagemakerWorkforce.Id,\n Description = \"example\",\n MemberDefinitions = new[]\n {\n new Aws.Sagemaker.Inputs.WorkteamMemberDefinitionArgs\n {\n CognitoMemberDefinition = new Aws.Sagemaker.Inputs.WorkteamMemberDefinitionCognitoMemberDefinitionArgs\n {\n ClientId = exampleAwsCognitoUserPoolClient.Id,\n UserPool = exampleAwsCognitoUserPoolDomain.UserPoolId,\n UserGroup = exampleAwsCognitoUserGroup.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewWorkteam(ctx, \"example\", \u0026sagemaker.WorkteamArgs{\n\t\t\tWorkteamName: pulumi.String(\"example\"),\n\t\t\tWorkforceName: pulumi.Any(exampleAwsSagemakerWorkforce.Id),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tMemberDefinitions: sagemaker.WorkteamMemberDefinitionArray{\n\t\t\t\t\u0026sagemaker.WorkteamMemberDefinitionArgs{\n\t\t\t\t\tCognitoMemberDefinition: \u0026sagemaker.WorkteamMemberDefinitionCognitoMemberDefinitionArgs{\n\t\t\t\t\t\tClientId: pulumi.Any(exampleAwsCognitoUserPoolClient.Id),\n\t\t\t\t\t\tUserPool: pulumi.Any(exampleAwsCognitoUserPoolDomain.UserPoolId),\n\t\t\t\t\t\tUserGroup: pulumi.Any(exampleAwsCognitoUserGroup.Id),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Workteam;\nimport com.pulumi.aws.sagemaker.WorkteamArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkteamMemberDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkteamMemberDefinitionCognitoMemberDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workteam(\"example\", WorkteamArgs.builder()\n .workteamName(\"example\")\n .workforceName(exampleAwsSagemakerWorkforce.id())\n .description(\"example\")\n .memberDefinitions(WorkteamMemberDefinitionArgs.builder()\n .cognitoMemberDefinition(WorkteamMemberDefinitionCognitoMemberDefinitionArgs.builder()\n .clientId(exampleAwsCognitoUserPoolClient.id())\n .userPool(exampleAwsCognitoUserPoolDomain.userPoolId())\n .userGroup(exampleAwsCognitoUserGroup.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Workteam\n properties:\n workteamName: example\n workforceName: ${exampleAwsSagemakerWorkforce.id}\n description: example\n memberDefinitions:\n - cognitoMemberDefinition:\n clientId: ${exampleAwsCognitoUserPoolClient.id}\n userPool: ${exampleAwsCognitoUserPoolDomain.userPoolId}\n userGroup: ${exampleAwsCognitoUserGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Oidc Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Workteam(\"example\", {\n workteamName: \"example\",\n workforceName: exampleAwsSagemakerWorkforce.id,\n description: \"example\",\n memberDefinitions: [{\n oidcMemberDefinition: {\n groups: [\"example\"],\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Workteam(\"example\",\n workteam_name=\"example\",\n workforce_name=example_aws_sagemaker_workforce[\"id\"],\n description=\"example\",\n member_definitions=[{\n \"oidc_member_definition\": {\n \"groups\": [\"example\"],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Workteam(\"example\", new()\n {\n WorkteamName = \"example\",\n WorkforceName = exampleAwsSagemakerWorkforce.Id,\n Description = \"example\",\n MemberDefinitions = new[]\n {\n new Aws.Sagemaker.Inputs.WorkteamMemberDefinitionArgs\n {\n OidcMemberDefinition = new Aws.Sagemaker.Inputs.WorkteamMemberDefinitionOidcMemberDefinitionArgs\n {\n Groups = new[]\n {\n \"example\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewWorkteam(ctx, \"example\", \u0026sagemaker.WorkteamArgs{\n\t\t\tWorkteamName: pulumi.String(\"example\"),\n\t\t\tWorkforceName: pulumi.Any(exampleAwsSagemakerWorkforce.Id),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tMemberDefinitions: sagemaker.WorkteamMemberDefinitionArray{\n\t\t\t\t\u0026sagemaker.WorkteamMemberDefinitionArgs{\n\t\t\t\t\tOidcMemberDefinition: \u0026sagemaker.WorkteamMemberDefinitionOidcMemberDefinitionArgs{\n\t\t\t\t\t\tGroups: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Workteam;\nimport com.pulumi.aws.sagemaker.WorkteamArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkteamMemberDefinitionArgs;\nimport com.pulumi.aws.sagemaker.inputs.WorkteamMemberDefinitionOidcMemberDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workteam(\"example\", WorkteamArgs.builder()\n .workteamName(\"example\")\n .workforceName(exampleAwsSagemakerWorkforce.id())\n .description(\"example\")\n .memberDefinitions(WorkteamMemberDefinitionArgs.builder()\n .oidcMemberDefinition(WorkteamMemberDefinitionOidcMemberDefinitionArgs.builder()\n .groups(\"example\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Workteam\n properties:\n workteamName: example\n workforceName: ${exampleAwsSagemakerWorkforce.id}\n description: example\n memberDefinitions:\n - oidcMemberDefinition:\n groups:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Workteams using the `workteam_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/workteam:Workteam example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Workteam.\n" }, "description": { "type": "string", "description": "A description of the work team.\n" }, "memberDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/WorkteamMemberDefinition:WorkteamMemberDefinition" }, "description": "A list of Member Definitions that contains objects that identify the workers that make up the work team. Workforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `cognito_member_definition`. For workforces created using your own OIDC identity provider (IdP) use `oidc_member_definition`. Do not provide input for both of these parameters in a single request. see Member Definition details below.\n" }, "notificationConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamNotificationConfiguration:WorkteamNotificationConfiguration", "description": "Configures notification of workers regarding available or expiring work items. see Notification Configuration details below.\n" }, "subdomain": { "type": "string", "description": "The subdomain for your OIDC Identity Provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workerAccessConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamWorkerAccessConfiguration:WorkteamWorkerAccessConfiguration", "description": "Use this optional parameter to constrain access to an Amazon S3 resource based on the IP address using supported IAM global condition keys. The Amazon S3 resource is accessed in the worker portal using a Amazon S3 presigned URL. see Worker Access Configuration details below.\n" }, "workforceName": { "type": "string", "description": "The name of the Workteam (must be unique).\n" }, "workteamName": { "type": "string", "description": "The name of the workforce.\n" } }, "required": [ "arn", "description", "memberDefinitions", "subdomain", "tagsAll", "workerAccessConfiguration", "workforceName", "workteamName" ], "inputProperties": { "description": { "type": "string", "description": "A description of the work team.\n" }, "memberDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/WorkteamMemberDefinition:WorkteamMemberDefinition" }, "description": "A list of Member Definitions that contains objects that identify the workers that make up the work team. Workforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `cognito_member_definition`. For workforces created using your own OIDC identity provider (IdP) use `oidc_member_definition`. Do not provide input for both of these parameters in a single request. see Member Definition details below.\n" }, "notificationConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamNotificationConfiguration:WorkteamNotificationConfiguration", "description": "Configures notification of workers regarding available or expiring work items. see Notification Configuration details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workerAccessConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamWorkerAccessConfiguration:WorkteamWorkerAccessConfiguration", "description": "Use this optional parameter to constrain access to an Amazon S3 resource based on the IP address using supported IAM global condition keys. The Amazon S3 resource is accessed in the worker portal using a Amazon S3 presigned URL. see Worker Access Configuration details below.\n" }, "workforceName": { "type": "string", "description": "The name of the Workteam (must be unique).\n", "willReplaceOnChanges": true }, "workteamName": { "type": "string", "description": "The name of the workforce.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "description", "memberDefinitions", "workforceName", "workteamName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workteam resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) assigned by AWS to this Workteam.\n" }, "description": { "type": "string", "description": "A description of the work team.\n" }, "memberDefinitions": { "type": "array", "items": { "$ref": "#/types/aws:sagemaker/WorkteamMemberDefinition:WorkteamMemberDefinition" }, "description": "A list of Member Definitions that contains objects that identify the workers that make up the work team. Workforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `cognito_member_definition`. For workforces created using your own OIDC identity provider (IdP) use `oidc_member_definition`. Do not provide input for both of these parameters in a single request. see Member Definition details below.\n" }, "notificationConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamNotificationConfiguration:WorkteamNotificationConfiguration", "description": "Configures notification of workers regarding available or expiring work items. see Notification Configuration details below.\n" }, "subdomain": { "type": "string", "description": "The subdomain for your OIDC Identity Provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workerAccessConfiguration": { "$ref": "#/types/aws:sagemaker/WorkteamWorkerAccessConfiguration:WorkteamWorkerAccessConfiguration", "description": "Use this optional parameter to constrain access to an Amazon S3 resource based on the IP address using supported IAM global condition keys. The Amazon S3 resource is accessed in the worker portal using a Amazon S3 presigned URL. see Worker Access Configuration details below.\n" }, "workforceName": { "type": "string", "description": "The name of the Workteam (must be unique).\n", "willReplaceOnChanges": true }, "workteamName": { "type": "string", "description": "The name of the workforce.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:scheduler/schedule:Schedule": { "description": "Provides an EventBridge Scheduler Schedule resource.\n\nYou can find out more about EventBridge Scheduler in the [User Guide](https://docs.aws.amazon.com/scheduler/latest/UserGuide/what-is-scheduler.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n groupName: \"default\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: exampleAwsSqsQueue.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n group_name=\"default\",\n flexible_time_window={\n \"mode\": \"OFF\",\n },\n schedule_expression=\"rate(1 hours)\",\n target={\n \"arn\": example_aws_sqs_queue[\"arn\"],\n \"role_arn\": example_aws_iam_role[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n GroupName = \"default\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = exampleAwsSqsQueue.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tGroupName: pulumi.String(\"default\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.Any(exampleAwsSqsQueue.Arn),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schedule(\"example\", ScheduleArgs.builder()\n .name(\"my-schedule\")\n .groupName(\"default\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(exampleAwsSqsQueue.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:scheduler:Schedule\n properties:\n name: my-schedule\n groupName: default\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: ${exampleAwsSqsQueue.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Universal Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {});\nconst exampleSchedule = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n roleArn: exampleAwsIamRole.arn,\n input: pulumi.jsonStringify({\n MessageBody: \"Greetings, programs!\",\n QueueUrl: example.url,\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\")\nexample_schedule = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n flexible_time_window={\n \"mode\": \"OFF\",\n },\n schedule_expression=\"rate(1 hours)\",\n target={\n \"arn\": \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n \"role_arn\": example_aws_iam_role[\"arn\"],\n \"input\": pulumi.Output.json_dumps({\n \"message_body\": \"Greetings, programs!\",\n \"queue_url\": example.url,\n }),\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\");\n\n var exampleSchedule = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n RoleArn = exampleAwsIamRole.Arn,\n Input = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"MessageBody\"] = \"Greetings, programs!\",\n [\"QueueUrl\"] = example.Url,\n })),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sqs.NewQueue(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.String(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\"),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\tInput: example.Url.ApplyT(func(url string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"MessageBody\": \"Greetings, programs!\",\n\t\t\t\t\t\t\"QueueUrl\": url,\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\");\n\n var exampleSchedule = new Schedule(\"exampleSchedule\", ScheduleArgs.builder()\n .name(\"my-schedule\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\")\n .roleArn(exampleAwsIamRole.arn())\n .input(example.url().applyValue(url -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"MessageBody\", \"Greetings, programs!\"),\n jsonProperty(\"QueueUrl\", url)\n ))))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n exampleSchedule:\n type: aws:scheduler:Schedule\n name: example\n properties:\n name: my-schedule\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: arn:aws:scheduler:::aws-sdk:sqs:sendMessage\n roleArn: ${exampleAwsIamRole.arn}\n input:\n fn::toJSON:\n MessageBody: Greetings, programs!\n QueueUrl: ${example.url}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import schedules using the combination `group_name/name`. For example:\n\n```sh\n$ pulumi import aws:scheduler/schedule:Schedule example my-schedule-group/my-schedule\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the schedule.\n" }, "description": { "type": "string", "description": "Brief description of the schedule.\n" }, "endDate": { "type": "string", "description": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the end date you specify. EventBridge Scheduler ignores the end date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "flexibleTimeWindow": { "$ref": "#/types/aws:scheduler/ScheduleFlexibleTimeWindow:ScheduleFlexibleTimeWindow", "description": "Configures a time window during which EventBridge Scheduler invokes the schedule. Detailed below.\n" }, "groupName": { "type": "string", "description": "Name of the schedule group to associate with this schedule. When omitted, the `default` schedule group is used.\n" }, "kmsKeyArn": { "type": "string", "description": "ARN for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.\n" }, "name": { "type": "string", "description": "Name of the schedule. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "scheduleExpression": { "type": "string", "description": "Defines when the schedule runs. Read more in [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html).\n" }, "scheduleExpressionTimezone": { "type": "string", "description": "Timezone in which the scheduling expression is evaluated. Defaults to `UTC`. Example: `Australia/Sydney`.\n" }, "startDate": { "type": "string", "description": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the start date you specify. EventBridge Scheduler ignores the start date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "state": { "type": "string", "description": "Specifies whether the schedule is enabled or disabled. One of: `ENABLED` (default), `DISABLED`.\n" }, "target": { "$ref": "#/types/aws:scheduler/ScheduleTarget:ScheduleTarget", "description": "Configures the target of the schedule. Detailed below.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "flexibleTimeWindow", "groupName", "name", "namePrefix", "scheduleExpression", "target" ], "inputProperties": { "description": { "type": "string", "description": "Brief description of the schedule.\n" }, "endDate": { "type": "string", "description": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the end date you specify. EventBridge Scheduler ignores the end date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "flexibleTimeWindow": { "$ref": "#/types/aws:scheduler/ScheduleFlexibleTimeWindow:ScheduleFlexibleTimeWindow", "description": "Configures a time window during which EventBridge Scheduler invokes the schedule. Detailed below.\n" }, "groupName": { "type": "string", "description": "Name of the schedule group to associate with this schedule. When omitted, the `default` schedule group is used.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.\n" }, "name": { "type": "string", "description": "Name of the schedule. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "scheduleExpression": { "type": "string", "description": "Defines when the schedule runs. Read more in [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html).\n" }, "scheduleExpressionTimezone": { "type": "string", "description": "Timezone in which the scheduling expression is evaluated. Defaults to `UTC`. Example: `Australia/Sydney`.\n" }, "startDate": { "type": "string", "description": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the start date you specify. EventBridge Scheduler ignores the start date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "state": { "type": "string", "description": "Specifies whether the schedule is enabled or disabled. One of: `ENABLED` (default), `DISABLED`.\n" }, "target": { "$ref": "#/types/aws:scheduler/ScheduleTarget:ScheduleTarget", "description": "Configures the target of the schedule. Detailed below.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "flexibleTimeWindow", "scheduleExpression", "target" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schedule resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the schedule.\n" }, "description": { "type": "string", "description": "Brief description of the schedule.\n" }, "endDate": { "type": "string", "description": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the end date you specify. EventBridge Scheduler ignores the end date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "flexibleTimeWindow": { "$ref": "#/types/aws:scheduler/ScheduleFlexibleTimeWindow:ScheduleFlexibleTimeWindow", "description": "Configures a time window during which EventBridge Scheduler invokes the schedule. Detailed below.\n" }, "groupName": { "type": "string", "description": "Name of the schedule group to associate with this schedule. When omitted, the `default` schedule group is used.\n", "willReplaceOnChanges": true }, "kmsKeyArn": { "type": "string", "description": "ARN for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.\n" }, "name": { "type": "string", "description": "Name of the schedule. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "scheduleExpression": { "type": "string", "description": "Defines when the schedule runs. Read more in [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html).\n" }, "scheduleExpressionTimezone": { "type": "string", "description": "Timezone in which the scheduling expression is evaluated. Defaults to `UTC`. Example: `Australia/Sydney`.\n" }, "startDate": { "type": "string", "description": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the start date you specify. EventBridge Scheduler ignores the start date for one-time schedules. Example: `2030-01-01T01:00:00Z`.\n" }, "state": { "type": "string", "description": "Specifies whether the schedule is enabled or disabled. One of: `ENABLED` (default), `DISABLED`.\n" }, "target": { "$ref": "#/types/aws:scheduler/ScheduleTarget:ScheduleTarget", "description": "Configures the target of the schedule. Detailed below.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:scheduler/scheduleGroup:ScheduleGroup": { "description": "Provides an EventBridge Scheduler Schedule Group resource.\n\nYou can find out more about EventBridge Scheduler in the [User Guide](https://docs.aws.amazon.com/scheduler/latest/UserGuide/what-is-scheduler.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.scheduler.ScheduleGroup(\"example\", {name: \"my-schedule-group\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.scheduler.ScheduleGroup(\"example\", name=\"my-schedule-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Scheduler.ScheduleGroup(\"example\", new()\n {\n Name = \"my-schedule-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := scheduler.NewScheduleGroup(ctx, \"example\", \u0026scheduler.ScheduleGroupArgs{\n\t\t\tName: pulumi.String(\"my-schedule-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.scheduler.ScheduleGroup;\nimport com.pulumi.aws.scheduler.ScheduleGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ScheduleGroup(\"example\", ScheduleGroupArgs.builder()\n .name(\"my-schedule-group\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:scheduler:ScheduleGroup\n properties:\n name: my-schedule-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import schedule groups using the `name`. For example:\n\n```sh\n$ pulumi import aws:scheduler/scheduleGroup:ScheduleGroup example my-schedule-group\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the schedule group.\n" }, "creationDate": { "type": "string", "description": "Time at which the schedule group was created.\n" }, "lastModificationDate": { "type": "string", "description": "Time at which the schedule group was last modified.\n" }, "name": { "type": "string", "description": "Name of the schedule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "state": { "type": "string", "description": "State of the schedule group. Can be `ACTIVE` or `DELETING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "creationDate", "lastModificationDate", "name", "namePrefix", "state", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the schedule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ScheduleGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the schedule group.\n" }, "creationDate": { "type": "string", "description": "Time at which the schedule group was created.\n" }, "lastModificationDate": { "type": "string", "description": "Time at which the schedule group was last modified.\n" }, "name": { "type": "string", "description": "Name of the schedule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "State of the schedule group. Can be `ACTIVE` or `DELETING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:schemas/discoverer:Discoverer": { "description": "Provides an EventBridge Schema Discoverer resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst messenger = new aws.cloudwatch.EventBus(\"messenger\", {name: \"chat-messages\"});\nconst test = new aws.schemas.Discoverer(\"test\", {\n sourceArn: messenger.arn,\n description: \"Auto discover event schemas\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmessenger = aws.cloudwatch.EventBus(\"messenger\", name=\"chat-messages\")\ntest = aws.schemas.Discoverer(\"test\",\n source_arn=messenger.arn,\n description=\"Auto discover event schemas\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var messenger = new Aws.CloudWatch.EventBus(\"messenger\", new()\n {\n Name = \"chat-messages\",\n });\n\n var test = new Aws.Schemas.Discoverer(\"test\", new()\n {\n SourceArn = messenger.Arn,\n Description = \"Auto discover event schemas\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/schemas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmessenger, err := cloudwatch.NewEventBus(ctx, \"messenger\", \u0026cloudwatch.EventBusArgs{\n\t\t\tName: pulumi.String(\"chat-messages\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = schemas.NewDiscoverer(ctx, \"test\", \u0026schemas.DiscovererArgs{\n\t\t\tSourceArn: messenger.Arn,\n\t\t\tDescription: pulumi.String(\"Auto discover event schemas\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.EventBus;\nimport com.pulumi.aws.cloudwatch.EventBusArgs;\nimport com.pulumi.aws.schemas.Discoverer;\nimport com.pulumi.aws.schemas.DiscovererArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var messenger = new EventBus(\"messenger\", EventBusArgs.builder()\n .name(\"chat-messages\")\n .build());\n\n var test = new Discoverer(\"test\", DiscovererArgs.builder()\n .sourceArn(messenger.arn())\n .description(\"Auto discover event schemas\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n messenger:\n type: aws:cloudwatch:EventBus\n properties:\n name: chat-messages\n test:\n type: aws:schemas:Discoverer\n properties:\n sourceArn: ${messenger.arn}\n description: Auto discover event schemas\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge discoverers using the `id`. For example:\n\n```sh\n$ pulumi import aws:schemas/discoverer:Discoverer test 123\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the event bus to discover event schemas on.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "sourceArn", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the event bus to discover event schemas on.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "sourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Discoverer resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "sourceArn": { "type": "string", "description": "The ARN of the event bus to discover event schemas on.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:schemas/registry:Registry": { "description": "Provides an EventBridge Custom Schema Registry resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.schemas.Registry(\"test\", {\n name: \"my_own_registry\",\n description: \"A custom schema registry\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.schemas.Registry(\"test\",\n name=\"my_own_registry\",\n description=\"A custom schema registry\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Schemas.Registry(\"test\", new()\n {\n Name = \"my_own_registry\",\n Description = \"A custom schema registry\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/schemas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := schemas.NewRegistry(ctx, \"test\", \u0026schemas.RegistryArgs{\n\t\t\tName: pulumi.String(\"my_own_registry\"),\n\t\t\tDescription: pulumi.String(\"A custom schema registry\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.schemas.Registry;\nimport com.pulumi.aws.schemas.RegistryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Registry(\"test\", RegistryArgs.builder()\n .name(\"my_own_registry\")\n .description(\"A custom schema registry\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:schemas:Registry\n properties:\n name: my_own_registry\n description: A custom schema registry\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge schema registries using the `name`. For example:\n\n```sh\n$ pulumi import aws:schemas/registry:Registry test my_own_registry\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "name": { "type": "string", "description": "The name of the custom event schema registry. Maximum of 64 characters consisting of lower case letters, upper case letters, 0-9, ., -, _.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "name": { "type": "string", "description": "The name of the custom event schema registry. Maximum of 64 characters consisting of lower case letters, upper case letters, 0-9, ., -, _.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Registry resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "description": { "type": "string", "description": "The description of the discoverer. Maximum of 256 characters.\n" }, "name": { "type": "string", "description": "The name of the custom event schema registry. Maximum of 64 characters consisting of lower case letters, upper case letters, 0-9, ., -, _.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:schemas/registryPolicy:RegistryPolicy": { "description": "Resource for managing an AWS EventBridge Schemas Registry Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"example\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"109876543210\"],\n }],\n actions: [\"schemas:*\"],\n resources: [\n \"arn:aws:schemas:us-east-1:012345678901:registry/example\",\n \"arn:aws:schemas:us-east-1:012345678901:schema/example*\",\n ],\n }],\n});\nconst exampleRegistryPolicy = new aws.schemas.RegistryPolicy(\"example\", {\n registryName: \"example\",\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"example\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"109876543210\"],\n }],\n \"actions\": [\"schemas:*\"],\n \"resources\": [\n \"arn:aws:schemas:us-east-1:012345678901:registry/example\",\n \"arn:aws:schemas:us-east-1:012345678901:schema/example*\",\n ],\n}])\nexample_registry_policy = aws.schemas.RegistryPolicy(\"example\",\n registry_name=\"example\",\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"example\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"109876543210\",\n },\n },\n },\n Actions = new[]\n {\n \"schemas:*\",\n },\n Resources = new[]\n {\n \"arn:aws:schemas:us-east-1:012345678901:registry/example\",\n \"arn:aws:schemas:us-east-1:012345678901:schema/example*\",\n },\n },\n },\n });\n\n var exampleRegistryPolicy = new Aws.Schemas.RegistryPolicy(\"example\", new()\n {\n RegistryName = \"example\",\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/schemas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"example\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"109876543210\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"schemas:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:schemas:us-east-1:012345678901:registry/example\",\n\t\t\t\t\t\t\"arn:aws:schemas:us-east-1:012345678901:schema/example*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = schemas.NewRegistryPolicy(ctx, \"example\", \u0026schemas.RegistryPolicyArgs{\n\t\t\tRegistryName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.schemas.RegistryPolicy;\nimport com.pulumi.aws.schemas.RegistryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"example\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"109876543210\")\n .build())\n .actions(\"schemas:*\")\n .resources( \n \"arn:aws:schemas:us-east-1:012345678901:registry/example\",\n \"arn:aws:schemas:us-east-1:012345678901:schema/example*\")\n .build())\n .build());\n\n var exampleRegistryPolicy = new RegistryPolicy(\"exampleRegistryPolicy\", RegistryPolicyArgs.builder()\n .registryName(\"example\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRegistryPolicy:\n type: aws:schemas:RegistryPolicy\n name: example\n properties:\n registryName: example\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: example\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '109876543210'\n actions:\n - schemas:*\n resources:\n - arn:aws:schemas:us-east-1:012345678901:registry/example\n - arn:aws:schemas:us-east-1:012345678901:schema/example*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge Schema Registry Policy using the `registry_name`. For example:\n\n```sh\n$ pulumi import aws:schemas/registryPolicy:RegistryPolicy example example\n```\n", "properties": { "policy": { "type": "string", "description": "Resource Policy for EventBridge Schema Registry\n" }, "registryName": { "type": "string", "description": "Name of EventBridge Schema Registry\n" } }, "required": [ "policy", "registryName" ], "inputProperties": { "policy": { "type": "string", "description": "Resource Policy for EventBridge Schema Registry\n" }, "registryName": { "type": "string", "description": "Name of EventBridge Schema Registry\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "registryName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegistryPolicy resources.\n", "properties": { "policy": { "type": "string", "description": "Resource Policy for EventBridge Schema Registry\n" }, "registryName": { "type": "string", "description": "Name of EventBridge Schema Registry\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:schemas/schema:Schema": { "description": "Provides an EventBridge Schema resource.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.schemas.Registry(\"test\", {name: \"my_own_registry\"});\nconst testSchema = new aws.schemas.Schema(\"test\", {\n name: \"my_schema\",\n registryName: test.name,\n type: \"OpenApi3\",\n description: \"The schema definition for my event\",\n content: JSON.stringify({\n openapi: \"3.0.0\",\n info: {\n version: \"1.0.0\",\n title: \"Event\",\n },\n paths: {},\n components: {\n schemas: {\n Event: {\n type: \"object\",\n properties: {\n name: {\n type: \"string\",\n },\n },\n },\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.schemas.Registry(\"test\", name=\"my_own_registry\")\ntest_schema = aws.schemas.Schema(\"test\",\n name=\"my_schema\",\n registry_name=test.name,\n type=\"OpenApi3\",\n description=\"The schema definition for my event\",\n content=json.dumps({\n \"openapi\": \"3.0.0\",\n \"info\": {\n \"version\": \"1.0.0\",\n \"title\": \"Event\",\n },\n \"paths\": {},\n \"components\": {\n \"schemas\": {\n \"Event\": {\n \"type\": \"object\",\n \"properties\": {\n \"name\": {\n \"type\": \"string\",\n },\n },\n },\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Schemas.Registry(\"test\", new()\n {\n Name = \"my_own_registry\",\n });\n\n var testSchema = new Aws.Schemas.Schema(\"test\", new()\n {\n Name = \"my_schema\",\n RegistryName = test.Name,\n Type = \"OpenApi3\",\n Description = \"The schema definition for my event\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"openapi\"] = \"3.0.0\",\n [\"info\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"1.0.0\",\n [\"title\"] = \"Event\",\n },\n [\"paths\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"components\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"schemas\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Event\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"object\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/schemas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := schemas.NewRegistry(ctx, \"test\", \u0026schemas.RegistryArgs{\n\t\t\tName: pulumi.String(\"my_own_registry\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"openapi\": \"3.0.0\",\n\t\t\t\"info\": map[string]interface{}{\n\t\t\t\t\"version\": \"1.0.0\",\n\t\t\t\t\"title\": \"Event\",\n\t\t\t},\n\t\t\t\"paths\": nil,\n\t\t\t\"components\": map[string]interface{}{\n\t\t\t\t\"schemas\": map[string]interface{}{\n\t\t\t\t\t\"Event\": map[string]interface{}{\n\t\t\t\t\t\t\"type\": \"object\",\n\t\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\"name\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = schemas.NewSchema(ctx, \"test\", \u0026schemas.SchemaArgs{\n\t\t\tName: pulumi.String(\"my_schema\"),\n\t\t\tRegistryName: test.Name,\n\t\t\tType: pulumi.String(\"OpenApi3\"),\n\t\t\tDescription: pulumi.String(\"The schema definition for my event\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.schemas.Registry;\nimport com.pulumi.aws.schemas.RegistryArgs;\nimport com.pulumi.aws.schemas.Schema;\nimport com.pulumi.aws.schemas.SchemaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Registry(\"test\", RegistryArgs.builder()\n .name(\"my_own_registry\")\n .build());\n\n var testSchema = new Schema(\"testSchema\", SchemaArgs.builder()\n .name(\"my_schema\")\n .registryName(test.name())\n .type(\"OpenApi3\")\n .description(\"The schema definition for my event\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"openapi\", \"3.0.0\"),\n jsonProperty(\"info\", jsonObject(\n jsonProperty(\"version\", \"1.0.0\"),\n jsonProperty(\"title\", \"Event\")\n )),\n jsonProperty(\"paths\", jsonObject(\n\n )),\n jsonProperty(\"components\", jsonObject(\n jsonProperty(\"schemas\", jsonObject(\n jsonProperty(\"Event\", jsonObject(\n jsonProperty(\"type\", \"object\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"name\", jsonObject(\n jsonProperty(\"type\", \"string\")\n ))\n ))\n ))\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:schemas:Registry\n properties:\n name: my_own_registry\n testSchema:\n type: aws:schemas:Schema\n name: test\n properties:\n name: my_schema\n registryName: ${test.name}\n type: OpenApi3\n description: The schema definition for my event\n content:\n fn::toJSON:\n openapi: 3.0.0\n info:\n version: 1.0.0\n title: Event\n paths: {}\n components:\n schemas:\n Event:\n type: object\n properties:\n name:\n type: string\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EventBridge schema using the `name` and `registry_name`. For example:\n\n```sh\n$ pulumi import aws:schemas/schema:Schema test name/registry\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "content": { "type": "string", "description": "The schema specification. Must be a valid Open API 3.0 spec.\n" }, "description": { "type": "string", "description": "The description of the schema. Maximum of 256 characters.\n" }, "lastModified": { "type": "string", "description": "The last modified date of the schema.\n" }, "name": { "type": "string", "description": "The name of the schema. Maximum of 385 characters consisting of lower case letters, upper case letters, ., -, _, @.\n" }, "registryName": { "type": "string", "description": "The name of the registry in which this schema belongs.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the schema. Valid values: `OpenApi3` or `JSONSchemaDraft4`.\n" }, "version": { "type": "string", "description": "The version of the schema.\n" }, "versionCreatedDate": { "type": "string", "description": "The created date of the version of the schema.\n" } }, "required": [ "arn", "content", "lastModified", "name", "registryName", "tagsAll", "type", "version", "versionCreatedDate" ], "inputProperties": { "content": { "type": "string", "description": "The schema specification. Must be a valid Open API 3.0 spec.\n" }, "description": { "type": "string", "description": "The description of the schema. Maximum of 256 characters.\n" }, "name": { "type": "string", "description": "The name of the schema. Maximum of 385 characters consisting of lower case letters, upper case letters, ., -, _, @.\n", "willReplaceOnChanges": true }, "registryName": { "type": "string", "description": "The name of the registry in which this schema belongs.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of the schema. Valid values: `OpenApi3` or `JSONSchemaDraft4`.\n" } }, "requiredInputs": [ "content", "registryName", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schema resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the discoverer.\n" }, "content": { "type": "string", "description": "The schema specification. Must be a valid Open API 3.0 spec.\n" }, "description": { "type": "string", "description": "The description of the schema. Maximum of 256 characters.\n" }, "lastModified": { "type": "string", "description": "The last modified date of the schema.\n" }, "name": { "type": "string", "description": "The name of the schema. Maximum of 385 characters consisting of lower case letters, upper case letters, ., -, _, @.\n", "willReplaceOnChanges": true }, "registryName": { "type": "string", "description": "The name of the registry in which this schema belongs.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of the schema. Valid values: `OpenApi3` or `JSONSchemaDraft4`.\n" }, "version": { "type": "string", "description": "The version of the schema.\n" }, "versionCreatedDate": { "type": "string", "description": "The created date of the version of the schema.\n" } }, "type": "object" } }, "aws:secretsmanager/secret:Secret": { "description": "Provides a resource to manage AWS Secrets Manager secret metadata. To manage secret rotation, see the `aws.secretsmanager.SecretRotation` resource. To manage a secret value, see the `aws.secretsmanager.SecretVersion` resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_secretsmanager_secret` using the secret Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:secretsmanager/secret:Secret example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the secret.\n" }, "description": { "type": "string", "description": "Description of the secret.\n" }, "forceOverwriteReplicaSecret": { "type": "boolean", "description": "Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.\n" }, "kmsKeyId": { "type": "string", "description": "ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/SecretReplica:SecretReplica" }, "description": "Configuration block to support secret replication. See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "namePrefix", "policy", "replicas", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the secret.\n" }, "forceOverwriteReplicaSecret": { "type": "boolean", "description": "Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.\n" }, "kmsKeyId": { "type": "string", "description": "ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/SecretReplica:SecretReplica" }, "description": "Configuration block to support secret replication. See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Secret resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the secret.\n" }, "description": { "type": "string", "description": "Description of the secret.\n" }, "forceOverwriteReplicaSecret": { "type": "boolean", "description": "Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.\n" }, "kmsKeyId": { "type": "string", "description": "ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.\n" }, "name": { "type": "string", "description": "Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = \"\"`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `\"{}\"` (an empty JSON document).\n" }, "recoveryWindowInDays": { "type": "integer", "description": "Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.\n" }, "replicas": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/SecretReplica:SecretReplica" }, "description": "Configuration block to support secret replication. See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:secretsmanager/secretPolicy:SecretPolicy": { "description": "Provides a resource to manage AWS Secrets Manager secret policy.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleSecret = new aws.secretsmanager.Secret(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"EnableAnotherAWSAccountToReadTheSecret\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"arn:aws:iam::123456789012:root\"],\n }],\n actions: [\"secretsmanager:GetSecretValue\"],\n resources: [\"*\"],\n }],\n});\nconst exampleSecretPolicy = new aws.secretsmanager.SecretPolicy(\"example\", {\n secretArn: exampleSecret.arn,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_secret = aws.secretsmanager.Secret(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"EnableAnotherAWSAccountToReadTheSecret\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"arn:aws:iam::123456789012:root\"],\n }],\n \"actions\": [\"secretsmanager:GetSecretValue\"],\n \"resources\": [\"*\"],\n}])\nexample_secret_policy = aws.secretsmanager.SecretPolicy(\"example\",\n secret_arn=example_secret.arn,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleSecret = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"EnableAnotherAWSAccountToReadTheSecret\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n Actions = new[]\n {\n \"secretsmanager:GetSecretValue\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var exampleSecretPolicy = new Aws.SecretsManager.SecretPolicy(\"example\", new()\n {\n SecretArn = exampleSecret.Arn,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleSecret, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"EnableAnotherAWSAccountToReadTheSecret\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"secretsmanager:GetSecretValue\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretsmanager.NewSecretPolicy(ctx, \"example\", \u0026secretsmanager.SecretPolicyArgs{\n\t\t\tSecretArn: exampleSecret.Arn,\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.secretsmanager.SecretPolicy;\nimport com.pulumi.aws.secretsmanager.SecretPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder()\n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"EnableAnotherAWSAccountToReadTheSecret\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"arn:aws:iam::123456789012:root\")\n .build())\n .actions(\"secretsmanager:GetSecretValue\")\n .resources(\"*\")\n .build())\n .build());\n\n var exampleSecretPolicy = new SecretPolicy(\"exampleSecretPolicy\", SecretPolicyArgs.builder()\n .secretArn(exampleSecret.arn())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleSecret:\n type: aws:secretsmanager:Secret\n name: example\n properties:\n name: example\n exampleSecretPolicy:\n type: aws:secretsmanager:SecretPolicy\n name: example\n properties:\n secretArn: ${exampleSecret.arn}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: EnableAnotherAWSAccountToReadTheSecret\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::123456789012:root\n actions:\n - secretsmanager:GetSecretValue\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_secretsmanager_secret_policy` using the secret Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:secretsmanager/secretPolicy:SecretPolicy example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\n```\n", "properties": { "blockPublicPolicy": { "type": "boolean", "description": "Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.\n" }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Unlike `aws.secretsmanager.Secret`, where `policy` can be set to `\"{}\"` to delete the policy, `\"{}\"` is not a valid policy since `policy` is required.\n" }, "secretArn": { "type": "string", "description": "Secret ARN.\n\nThe following arguments are optional:\n" } }, "required": [ "policy", "secretArn" ], "inputProperties": { "blockPublicPolicy": { "type": "boolean", "description": "Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.\n" }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Unlike `aws.secretsmanager.Secret`, where `policy` can be set to `\"{}\"` to delete the policy, `\"{}\"` is not a valid policy since `policy` is required.\n" }, "secretArn": { "type": "string", "description": "Secret ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "secretArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecretPolicy resources.\n", "properties": { "blockPublicPolicy": { "type": "boolean", "description": "Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.\n" }, "policy": { "type": "string", "description": "Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Unlike `aws.secretsmanager.Secret`, where `policy` can be set to `\"{}\"` to delete the policy, `\"{}\"` is not a valid policy since `policy` is required.\n" }, "secretArn": { "type": "string", "description": "Secret ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:secretsmanager/secretRotation:SecretRotation": { "description": "Provides a resource to manage AWS Secrets Manager secret rotation. To manage a secret, see the `aws.secretsmanager.Secret` resource. To manage a secret value, see the `aws.secretsmanager.SecretVersion` resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.SecretRotation(\"example\", {\n secretId: exampleAwsSecretsmanagerSecret.id,\n rotationLambdaArn: exampleAwsLambdaFunction.arn,\n rotationRules: {\n automaticallyAfterDays: 30,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.SecretRotation(\"example\",\n secret_id=example_aws_secretsmanager_secret[\"id\"],\n rotation_lambda_arn=example_aws_lambda_function[\"arn\"],\n rotation_rules={\n \"automatically_after_days\": 30,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.SecretRotation(\"example\", new()\n {\n SecretId = exampleAwsSecretsmanagerSecret.Id,\n RotationLambdaArn = exampleAwsLambdaFunction.Arn,\n RotationRules = new Aws.SecretsManager.Inputs.SecretRotationRotationRulesArgs\n {\n AutomaticallyAfterDays = 30,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.NewSecretRotation(ctx, \"example\", \u0026secretsmanager.SecretRotationArgs{\n\t\t\tSecretId: pulumi.Any(exampleAwsSecretsmanagerSecret.Id),\n\t\t\tRotationLambdaArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tRotationRules: \u0026secretsmanager.SecretRotationRotationRulesArgs{\n\t\t\t\tAutomaticallyAfterDays: pulumi.Int(30),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretRotation;\nimport com.pulumi.aws.secretsmanager.SecretRotationArgs;\nimport com.pulumi.aws.secretsmanager.inputs.SecretRotationRotationRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecretRotation(\"example\", SecretRotationArgs.builder()\n .secretId(exampleAwsSecretsmanagerSecret.id())\n .rotationLambdaArn(exampleAwsLambdaFunction.arn())\n .rotationRules(SecretRotationRotationRulesArgs.builder()\n .automaticallyAfterDays(30)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:SecretRotation\n properties:\n secretId: ${exampleAwsSecretsmanagerSecret.id}\n rotationLambdaArn: ${exampleAwsLambdaFunction.arn}\n rotationRules:\n automaticallyAfterDays: 30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Rotation Configuration\n\nTo enable automatic secret rotation, the Secrets Manager service requires usage of a Lambda function. The [Rotate Secrets section in the Secrets Manager User Guide](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) provides additional information about deploying a prebuilt Lambda functions for supported credential rotation (e.g., RDS) or deploying a custom Lambda function.\n\n\u003e **NOTE:** Configuring rotation causes the secret to rotate once as soon as you enable rotation. Before you do this, you must ensure that all of your applications that use the credentials stored in the secret are updated to retrieve the secret from AWS Secrets Manager. The old credentials might no longer be usable after the initial rotation and any applications that you fail to update will break as soon as the old credentials are no longer valid.\n\n\u003e **NOTE:** If you cancel a rotation that is in progress (by removing the `rotation` configuration), it can leave the VersionStage labels in an unexpected state. Depending on what step of the rotation was in progress, you might need to remove the staging label AWSPENDING from the partially created version, specified by the SecretVersionId response value. You should also evaluate the partially rotated new version to see if it should be deleted, which you can do by removing all staging labels from the new version's VersionStage field.\n\n## Import\n\nUsing `pulumi import`, import `aws_secretsmanager_secret_rotation` using the secret Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:secretsmanager/secretRotation:SecretRotation example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\n```\n", "properties": { "rotateImmediately": { "type": "boolean", "description": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in `rotation_rules`. For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it. Defaults to `true`.\n" }, "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Must be supplied if the secret is not managed by AWS.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" } }, "required": [ "rotationEnabled", "rotationRules", "secretId" ], "inputProperties": { "rotateImmediately": { "type": "boolean", "description": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in `rotation_rules`. For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it. Defaults to `true`.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Must be supplied if the secret is not managed by AWS.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "rotationRules", "secretId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecretRotation resources.\n", "properties": { "rotateImmediately": { "type": "boolean", "description": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in `rotation_rules`. For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it. Defaults to `true`.\n" }, "rotationEnabled": { "type": "boolean", "description": "Specifies whether automatic rotation is enabled for this secret.\n" }, "rotationLambdaArn": { "type": "string", "description": "Specifies the ARN of the Lambda function that can rotate the secret. Must be supplied if the secret is not managed by AWS.\n" }, "rotationRules": { "$ref": "#/types/aws:secretsmanager/SecretRotationRotationRules:SecretRotationRotationRules", "description": "A structure that defines the rotation configuration for this secret. Defined below.\n" }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:secretsmanager/secretVersion:SecretVersion": { "description": "Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the `aws.secretsmanager.Secret` resource.\n\n\u003e **NOTE:** If the `AWSCURRENT` staging label is present on this version during resource deletion, that label cannot be removed and will be skipped to prevent errors when fully deleting the secret. That label will leave this secret version active even after the resource is deleted from this provider unless the secret itself is deleted. Move the `AWSCURRENT` staging label before or after deleting this resource from this provider to fully trigger version deprecation if necessary.\n\n## Example Usage\n\n### Simple String Value\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: exampleAwsSecretsmanagerSecret.id,\n secretString: \"example-string-to-protect\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example_aws_secretsmanager_secret[\"id\"],\n secret_string=\"example-string-to-protect\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = exampleAwsSecretsmanagerSecret.Id,\n SecretString = \"example-string-to-protect\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: pulumi.Any(exampleAwsSecretsmanagerSecret.Id),\n\t\t\tSecretString: pulumi.String(\"example-string-to-protect\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecretVersion(\"example\", SecretVersionArgs.builder()\n .secretId(exampleAwsSecretsmanagerSecret.id())\n .secretString(\"example-string-to-protect\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:SecretVersion\n properties:\n secretId: ${exampleAwsSecretsmanagerSecret.id}\n secretString: example-string-to-protect\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Key-Value Pairs\n\nSecrets Manager also accepts key-value pairs in JSON.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst example = config.getObject\u003cRecord\u003cstring, string\u003e\u003e(\"example\") || {\n key1: \"value1\",\n key2: \"value2\",\n};\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: exampleAwsSecretsmanagerSecret.id,\n secretString: JSON.stringify(example),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nexample = config.get_object(\"example\")\nif example is None:\n example = {\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n }\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example_aws_secretsmanager_secret[\"id\"],\n secret_string=json.dumps(example))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var example = config.GetObject\u003cDictionary\u003cstring, string\u003e\u003e(\"example\") ?? \n {\n { \"key1\", \"value1\" },\n { \"key2\", \"value2\" },\n };\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = exampleAwsSecretsmanagerSecret.Id,\n SecretString = JsonSerializer.Serialize(example),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\texample := map[string]interface{}{\n\t\t\t\"key1\": \"value1\",\n\t\t\t\"key2\": \"value2\",\n\t\t}\n\t\tif param := cfg.GetObject(\"example\"); param != nil {\n\t\t\texample = param\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(example)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: pulumi.Any(exampleAwsSecretsmanagerSecret.Id),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var example = config.get(\"example\").orElse(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder()\n .secretId(exampleAwsSecretsmanagerSecret.id())\n .secretString(serializeJson(\n example))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n # The map here can come from other supported configurations\n # like locals, resource attribute, map() built-in, etc.\n example:\n type: map(string)\n default:\n key1: value1\n key2: value2\nresources:\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${exampleAwsSecretsmanagerSecret.id}\n secretString:\n fn::toJSON: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\nReading key-value pairs from JSON back into a native map\n\n## Import\n\nUsing `pulumi import`, import `aws_secretsmanager_secret_version` using the secret ID and version ID. For example:\n\n```sh\n$ pulumi import aws:secretsmanager/secretVersion:SecretVersion example 'arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456|xxxxx-xxxxxxx-xxxxxxx-xxxxx'\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the secret.\n" }, "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if `secret_string` is not set. Needs to be encoded to base64.\n", "secret": true }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n" }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if `secret_binary` is not set.\n", "secret": true }, "versionId": { "type": "string", "description": "The unique identifier of the version of the secret.\n" }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n\n\u003e **NOTE:** If `version_stages` is configured, you must include the `AWSCURRENT` staging label if this secret version is the only version or if the label is currently present on this secret version, otherwise this provider will show a perpetual difference.\n" } }, "required": [ "arn", "secretId", "versionId", "versionStages" ], "inputProperties": { "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if `secret_string` is not set. Needs to be encoded to base64.\n", "secret": true, "willReplaceOnChanges": true }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n", "willReplaceOnChanges": true }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if `secret_binary` is not set.\n", "secret": true, "willReplaceOnChanges": true }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n\n\u003e **NOTE:** If `version_stages` is configured, you must include the `AWSCURRENT` staging label if this secret version is the only version or if the label is currently present on this secret version, otherwise this provider will show a perpetual difference.\n" } }, "requiredInputs": [ "secretId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecretVersion resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the secret.\n" }, "secretBinary": { "type": "string", "description": "Specifies binary data that you want to encrypt and store in this version of the secret. This is required if `secret_string` is not set. Needs to be encoded to base64.\n", "secret": true, "willReplaceOnChanges": true }, "secretId": { "type": "string", "description": "Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.\n", "willReplaceOnChanges": true }, "secretString": { "type": "string", "description": "Specifies text data that you want to encrypt and store in this version of the secret. This is required if `secret_binary` is not set.\n", "secret": true, "willReplaceOnChanges": true }, "versionId": { "type": "string", "description": "The unique identifier of the version of the secret.\n" }, "versionStages": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.\n\n\u003e **NOTE:** If `version_stages` is configured, you must include the `AWSCURRENT` staging label if this secret version is the only version or if the label is currently present on this secret version, otherwise this provider will show a perpetual difference.\n" } }, "type": "object" } }, "aws:securityhub/account:Account": { "description": "Enables Security Hub for this AWS account.\n\n\u003e **NOTE:** Destroying this resource will disable Security Hub for this AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/account:Account example 123456789012\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the SecurityHub Hub created in the account.\n" }, "autoEnableControls": { "type": "boolean", "description": "Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.\n" }, "controlFindingGenerator": { "type": "string", "description": "Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to `SECURITY_CONTROL`, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to `STANDARD_CONTROL`, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. For accounts that are part of an organization, this value can only be updated in the administrator account.\n" }, "enableDefaultStandards": { "type": "boolean", "description": "Whether to enable the security standards that Security Hub has designated as automatically enabled including: ` AWS Foundational Security Best Practices v1.0.0` and `CIS AWS Foundations Benchmark v1.2.0`. Defaults to `true`.\n" } }, "required": [ "arn", "controlFindingGenerator" ], "inputProperties": { "autoEnableControls": { "type": "boolean", "description": "Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.\n" }, "controlFindingGenerator": { "type": "string", "description": "Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to `SECURITY_CONTROL`, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to `STANDARD_CONTROL`, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. For accounts that are part of an organization, this value can only be updated in the administrator account.\n" }, "enableDefaultStandards": { "type": "boolean", "description": "Whether to enable the security standards that Security Hub has designated as automatically enabled including: ` AWS Foundational Security Best Practices v1.0.0` and `CIS AWS Foundations Benchmark v1.2.0`. Defaults to `true`.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Account resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the SecurityHub Hub created in the account.\n" }, "autoEnableControls": { "type": "boolean", "description": "Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.\n" }, "controlFindingGenerator": { "type": "string", "description": "Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to `SECURITY_CONTROL`, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to `STANDARD_CONTROL`, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. For accounts that are part of an organization, this value can only be updated in the administrator account.\n" }, "enableDefaultStandards": { "type": "boolean", "description": "Whether to enable the security standards that Security Hub has designated as automatically enabled including: ` AWS Foundational Security Best Practices v1.0.0` and `CIS AWS Foundations Benchmark v1.2.0`. Defaults to `true`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securityhub/actionTarget:ActionTarget": { "description": "Creates Security Hub custom action.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleActionTarget = new aws.securityhub.ActionTarget(\"example\", {\n name: \"Send notification to chat\",\n identifier: \"SendToChat\",\n description: \"This is custom action sends selected findings to chat\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_action_target = aws.securityhub.ActionTarget(\"example\",\n name=\"Send notification to chat\",\n identifier=\"SendToChat\",\n description=\"This is custom action sends selected findings to chat\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleActionTarget = new Aws.SecurityHub.ActionTarget(\"example\", new()\n {\n Name = \"Send notification to chat\",\n Identifier = \"SendToChat\",\n Description = \"This is custom action sends selected findings to chat\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewActionTarget(ctx, \"example\", \u0026securityhub.ActionTargetArgs{\n\t\t\tName: pulumi.String(\"Send notification to chat\"),\n\t\t\tIdentifier: pulumi.String(\"SendToChat\"),\n\t\t\tDescription: pulumi.String(\"This is custom action sends selected findings to chat\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.ActionTarget;\nimport com.pulumi.aws.securityhub.ActionTargetArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleActionTarget = new ActionTarget(\"exampleActionTarget\", ActionTargetArgs.builder()\n .name(\"Send notification to chat\")\n .identifier(\"SendToChat\")\n .description(\"This is custom action sends selected findings to chat\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleActionTarget:\n type: aws:securityhub:ActionTarget\n name: example\n properties:\n name: Send notification to chat\n identifier: SendToChat\n description: This is custom action sends selected findings to chat\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub custom action using the action target ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/actionTarget:ActionTarget example arn:aws:securityhub:eu-west-1:312940875350:action/custom/a\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Security Hub custom action target.\n" }, "description": { "type": "string", "description": "The name of the custom action target.\n" }, "identifier": { "type": "string", "description": "The ID for the custom action target.\n" }, "name": { "type": "string", "description": "The description for the custom action target.\n" } }, "required": [ "arn", "description", "identifier", "name" ], "inputProperties": { "description": { "type": "string", "description": "The name of the custom action target.\n" }, "identifier": { "type": "string", "description": "The ID for the custom action target.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The description for the custom action target.\n" } }, "requiredInputs": [ "description", "identifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ActionTarget resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Security Hub custom action target.\n" }, "description": { "type": "string", "description": "The name of the custom action target.\n" }, "identifier": { "type": "string", "description": "The ID for the custom action target.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The description for the custom action target.\n" } }, "type": "object" } }, "aws:securityhub/automationRule:AutomationRule": { "description": "Resource for managing an AWS Security Hub Automation Rule.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.AutomationRule(\"example\", {\n description: \"Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\",\n ruleName: \"Elevate severity of findings that relate to important resources\",\n ruleOrder: 1,\n actions: [{\n findingFieldsUpdate: {\n severity: {\n label: \"CRITICAL\",\n product: 0,\n },\n note: {\n text: \"This is a critical resource. Please review ASAP.\",\n updatedBy: \"sechub-automation\",\n },\n types: [\"Software and Configuration Checks/Industry and Regulatory Standards\"],\n userDefinedFields: {\n key: \"value\",\n },\n },\n type: \"FINDING_FIELDS_UPDATE\",\n }],\n criteria: {\n resourceIds: [{\n comparison: \"EQUALS\",\n value: \"arn:aws:s3:::examplebucket/*\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.AutomationRule(\"example\",\n description=\"Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\",\n rule_name=\"Elevate severity of findings that relate to important resources\",\n rule_order=1,\n actions=[{\n \"finding_fields_update\": {\n \"severity\": {\n \"label\": \"CRITICAL\",\n \"product\": 0,\n },\n \"note\": {\n \"text\": \"This is a critical resource. Please review ASAP.\",\n \"updated_by\": \"sechub-automation\",\n },\n \"types\": [\"Software and Configuration Checks/Industry and Regulatory Standards\"],\n \"user_defined_fields\": {\n \"key\": \"value\",\n },\n },\n \"type\": \"FINDING_FIELDS_UPDATE\",\n }],\n criteria={\n \"resource_ids\": [{\n \"comparison\": \"EQUALS\",\n \"value\": \"arn:aws:s3:::examplebucket/*\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.AutomationRule(\"example\", new()\n {\n Description = \"Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\",\n RuleName = \"Elevate severity of findings that relate to important resources\",\n RuleOrder = 1,\n Actions = new[]\n {\n new Aws.SecurityHub.Inputs.AutomationRuleActionArgs\n {\n FindingFieldsUpdate = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateArgs\n {\n Severity = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateSeverityArgs\n {\n Label = \"CRITICAL\",\n Product = 0,\n },\n Note = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateNoteArgs\n {\n Text = \"This is a critical resource. Please review ASAP.\",\n UpdatedBy = \"sechub-automation\",\n },\n Types = new[]\n {\n \"Software and Configuration Checks/Industry and Regulatory Standards\",\n },\n UserDefinedFields = \n {\n { \"key\", \"value\" },\n },\n },\n Type = \"FINDING_FIELDS_UPDATE\",\n },\n },\n Criteria = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaArgs\n {\n ResourceIds = new[]\n {\n new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"arn:aws:s3:::examplebucket/*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAutomationRule(ctx, \"example\", \u0026securityhub.AutomationRuleArgs{\n\t\t\tDescription: pulumi.String(\"Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\"),\n\t\t\tRuleName: pulumi.String(\"Elevate severity of findings that relate to important resources\"),\n\t\t\tRuleOrder: pulumi.Int(1),\n\t\t\tActions: securityhub.AutomationRuleActionArray{\n\t\t\t\t\u0026securityhub.AutomationRuleActionArgs{\n\t\t\t\t\tFindingFieldsUpdate: \u0026securityhub.AutomationRuleActionFindingFieldsUpdateArgs{\n\t\t\t\t\t\tSeverity: \u0026securityhub.AutomationRuleActionFindingFieldsUpdateSeverityArgs{\n\t\t\t\t\t\t\tLabel: pulumi.String(\"CRITICAL\"),\n\t\t\t\t\t\t\tProduct: pulumi.Float64(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNote: \u0026securityhub.AutomationRuleActionFindingFieldsUpdateNoteArgs{\n\t\t\t\t\t\t\tText: pulumi.String(\"This is a critical resource. Please review ASAP.\"),\n\t\t\t\t\t\t\tUpdatedBy: pulumi.String(\"sechub-automation\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Software and Configuration Checks/Industry and Regulatory Standards\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tUserDefinedFields: pulumi.StringMap{\n\t\t\t\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"FINDING_FIELDS_UPDATE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tCriteria: \u0026securityhub.AutomationRuleCriteriaArgs{\n\t\t\t\tResourceIds: securityhub.AutomationRuleCriteriaResourceIdArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleCriteriaResourceIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:s3:::examplebucket/*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.AutomationRule;\nimport com.pulumi.aws.securityhub.AutomationRuleArgs;\nimport com.pulumi.aws.securityhub.inputs.AutomationRuleActionArgs;\nimport com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateArgs;\nimport com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateSeverityArgs;\nimport com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateNoteArgs;\nimport com.pulumi.aws.securityhub.inputs.AutomationRuleCriteriaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AutomationRule(\"example\", AutomationRuleArgs.builder()\n .description(\"Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\")\n .ruleName(\"Elevate severity of findings that relate to important resources\")\n .ruleOrder(1)\n .actions(AutomationRuleActionArgs.builder()\n .findingFieldsUpdate(AutomationRuleActionFindingFieldsUpdateArgs.builder()\n .severity(AutomationRuleActionFindingFieldsUpdateSeverityArgs.builder()\n .label(\"CRITICAL\")\n .product(\"0.0\")\n .build())\n .note(AutomationRuleActionFindingFieldsUpdateNoteArgs.builder()\n .text(\"This is a critical resource. Please review ASAP.\")\n .updatedBy(\"sechub-automation\")\n .build())\n .types(\"Software and Configuration Checks/Industry and Regulatory Standards\")\n .userDefinedFields(Map.of(\"key\", \"value\"))\n .build())\n .type(\"FINDING_FIELDS_UPDATE\")\n .build())\n .criteria(AutomationRuleCriteriaArgs.builder()\n .resourceIds(AutomationRuleCriteriaResourceIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"arn:aws:s3:::examplebucket/*\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:AutomationRule\n properties:\n description: Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk\n ruleName: Elevate severity of findings that relate to important resources\n ruleOrder: 1\n actions:\n - findingFieldsUpdate:\n severity:\n label: CRITICAL\n product: '0.0'\n note:\n text: This is a critical resource. Please review ASAP.\n updatedBy: sechub-automation\n types:\n - Software and Configuration Checks/Industry and Regulatory Standards\n userDefinedFields:\n key: value\n type: FINDING_FIELDS_UPDATE\n criteria:\n resourceIds:\n - comparison: EQUALS\n value: arn:aws:s3:::examplebucket/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub automation rule using their ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/automationRule:AutomationRule example arn:aws:securityhub:us-west-2:123456789012:automation-rule/473eddde-f5c4-4ae5-85c7-e922f271fffc\n```\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleAction:AutomationRuleAction" }, "description": "A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in `Criteria`. Documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the Security Hub automation rule.\n" }, "criteria": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteria:AutomationRuleCriteria", "description": "A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "isTerminal": { "type": "boolean", "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to `false`.\n" }, "ruleName": { "type": "string", "description": "The name of the rule.\n" }, "ruleOrder": { "type": "integer", "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.\n" }, "ruleStatus": { "type": "string", "description": "Whether the rule is active after it is created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "description", "isTerminal", "ruleName", "ruleOrder", "ruleStatus", "tagsAll" ], "inputProperties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleAction:AutomationRuleAction" }, "description": "A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in `Criteria`. Documented below.\n" }, "criteria": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteria:AutomationRuleCriteria", "description": "A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "isTerminal": { "type": "boolean", "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to `false`.\n" }, "ruleName": { "type": "string", "description": "The name of the rule.\n" }, "ruleOrder": { "type": "integer", "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.\n" }, "ruleStatus": { "type": "string", "description": "Whether the rule is active after it is created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "description", "ruleName", "ruleOrder" ], "stateInputs": { "description": "Input properties used for looking up and filtering AutomationRule resources.\n", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/aws:securityhub/AutomationRuleAction:AutomationRuleAction" }, "description": "A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in `Criteria`. Documented below.\n" }, "arn": { "type": "string", "description": "The ARN of the Security Hub automation rule.\n" }, "criteria": { "$ref": "#/types/aws:securityhub/AutomationRuleCriteria:AutomationRuleCriteria", "description": "A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.\n" }, "description": { "type": "string", "description": "The description of the rule.\n" }, "isTerminal": { "type": "boolean", "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to `false`.\n" }, "ruleName": { "type": "string", "description": "The name of the rule.\n" }, "ruleOrder": { "type": "integer", "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.\n" }, "ruleStatus": { "type": "string", "description": "Whether the rule is active after it is created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:securityhub/configurationPolicy:ConfigurationPolicy": { "description": "Manages Security Hub configuration policy\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured of type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n### Default standards enabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [example],\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n}, {\n dependsOn: [exampleOrganizationConfiguration],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration={\n \"configuration_type\": \"CENTRAL\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy={\n \"service_enabled\": True,\n \"enabled_standard_arns\": [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n \"security_controls_configuration\": {\n \"disabled_control_identifiers\": [],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_organization_configuration]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleOrganizationConfiguration,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleOrganizationConfiguration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder()\n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder()\n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleOrganizationConfiguration)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${example}\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n options:\n dependson:\n - ${exampleOrganizationConfiguration}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Disabled Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Disabled\",\n description: \"This is an example of disabled configuration policy\",\n configurationPolicy: {\n serviceEnabled: false,\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Disabled\",\n description=\"This is an example of disabled configuration policy\",\n configuration_policy={\n \"service_enabled\": False,\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Disabled\",\n Description = \"This is an example of disabled configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = false,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Disabled\"),\n\t\t\tDescription: pulumi.String(\"This is an example of disabled configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder()\n .name(\"Disabled\")\n .description(\"This is an example of disabled configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(false)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Disabled\n description: This is an example of disabled configuration policy\n configurationPolicy:\n serviceEnabled: false\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Control Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Custom Controls\",\n description: \"This is an example of configuration policy with custom control settings\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n enabledControlIdentifiers: [\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n securityControlCustomParameters: [\n {\n securityControlId: \"APIGateway.1\",\n parameters: [{\n name: \"loggingLevel\",\n valueType: \"CUSTOM\",\n \"enum\": {\n value: \"INFO\",\n },\n }],\n },\n {\n securityControlId: \"IAM.7\",\n parameters: [\n {\n name: \"RequireLowercaseCharacters\",\n valueType: \"CUSTOM\",\n bool: {\n value: false,\n },\n },\n {\n name: \"MaxPasswordAge\",\n valueType: \"CUSTOM\",\n int: {\n value: 60,\n },\n },\n ],\n },\n ],\n },\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Custom Controls\",\n description=\"This is an example of configuration policy with custom control settings\",\n configuration_policy={\n \"service_enabled\": True,\n \"enabled_standard_arns\": [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n \"security_controls_configuration\": {\n \"enabled_control_identifiers\": [\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n \"security_control_custom_parameters\": [\n {\n \"security_control_id\": \"APIGateway.1\",\n \"parameters\": [{\n \"name\": \"loggingLevel\",\n \"value_type\": \"CUSTOM\",\n \"enum\": {\n \"value\": \"INFO\",\n },\n }],\n },\n {\n \"security_control_id\": \"IAM.7\",\n \"parameters\": [\n {\n \"name\": \"RequireLowercaseCharacters\",\n \"value_type\": \"CUSTOM\",\n \"bool\": {\n \"value\": False,\n },\n },\n {\n \"name\": \"MaxPasswordAge\",\n \"value_type\": \"CUSTOM\",\n \"int\": {\n \"value\": 60,\n },\n },\n ],\n },\n ],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Custom Controls\",\n Description = \"This is an example of configuration policy with custom control settings\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n EnabledControlIdentifiers = new[]\n {\n \"APIGateway.1\",\n \"IAM.7\",\n },\n SecurityControlCustomParameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"APIGateway.1\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"loggingLevel\",\n ValueType = \"CUSTOM\",\n Enum = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs\n {\n Value = \"INFO\",\n },\n },\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"IAM.7\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"RequireLowercaseCharacters\",\n ValueType = \"CUSTOM\",\n Bool = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs\n {\n Value = false,\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"MaxPasswordAge\",\n ValueType = \"CUSTOM\",\n Int = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs\n {\n Value = 60,\n },\n },\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Custom Controls\"),\n\t\t\tDescription: pulumi.String(\"This is an example of configuration policy with custom control settings\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tEnabledControlIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\tpulumi.String(\"IAM.7\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityControlCustomParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArray{\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"loggingLevel\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tEnum: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"INFO\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"IAM.7\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"RequireLowercaseCharacters\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tBool: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"MaxPasswordAge\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tInt: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Int(60),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder()\n .name(\"Custom Controls\")\n .description(\"This is an example of configuration policy with custom control settings\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .enabledControlIdentifiers( \n \"APIGateway.1\",\n \"IAM.7\")\n .securityControlCustomParameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"APIGateway.1\")\n .parameters(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"loggingLevel\")\n .valueType(\"CUSTOM\")\n .enum_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs.builder()\n .value(\"INFO\")\n .build())\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"IAM.7\")\n .parameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"RequireLowercaseCharacters\")\n .valueType(\"CUSTOM\")\n .bool(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs.builder()\n .value(false)\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"MaxPasswordAge\")\n .valueType(\"CUSTOM\")\n .int_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs.builder()\n .value(60)\n .build())\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Custom Controls\n description: This is an example of configuration policy with custom control settings\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n enabledControlIdentifiers:\n - APIGateway.1\n - IAM.7\n securityControlCustomParameters:\n - securityControlId: APIGateway.1\n parameters:\n - name: loggingLevel\n valueType: CUSTOM\n enum:\n value: INFO\n - securityControlId: IAM.7\n parameters:\n - name: RequireLowercaseCharacters\n valueType: CUSTOM\n bool:\n value: false\n - name: MaxPasswordAge\n valueType: CUSTOM\n int:\n value: 60\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the universally unique identifier (UUID) of the policy. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicy:ConfigurationPolicy example \"00000000-1111-2222-3333-444444444444\"\n```\n", "properties": { "arn": { "type": "string" }, "configurationPolicy": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicy:ConfigurationPolicyConfigurationPolicy", "description": "Defines how Security Hub is configured. See below.\n", "language": { "csharp": { "name": "ConfigurationPolicyDetails" } } }, "description": { "type": "string", "description": "The description of the configuration policy.\n" }, "name": { "type": "string", "description": "The name of the configuration policy.\n" } }, "required": [ "arn", "configurationPolicy", "name" ], "inputProperties": { "configurationPolicy": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicy:ConfigurationPolicyConfigurationPolicy", "description": "Defines how Security Hub is configured. See below.\n", "language": { "csharp": { "name": "ConfigurationPolicyDetails" } } }, "description": { "type": "string", "description": "The description of the configuration policy.\n" }, "name": { "type": "string", "description": "The name of the configuration policy.\n" } }, "requiredInputs": [ "configurationPolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationPolicy resources.\n", "properties": { "arn": { "type": "string" }, "configurationPolicy": { "$ref": "#/types/aws:securityhub/ConfigurationPolicyConfigurationPolicy:ConfigurationPolicyConfigurationPolicy", "description": "Defines how Security Hub is configured. See below.\n", "language": { "csharp": { "name": "ConfigurationPolicyDetails" } } }, "description": { "type": "string", "description": "The description of the configuration policy.\n" }, "name": { "type": "string", "description": "The name of the configuration policy.\n" } }, "type": "object" } }, "aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation": { "description": "Manages Security Hub configuration policy associations.\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured with type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [example],\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n}, {\n dependsOn: [exampleOrganizationConfiguration],\n});\nconst accountExample = new aws.securityhub.ConfigurationPolicyAssociation(\"account_example\", {\n targetId: \"123456789012\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst rootExample = new aws.securityhub.ConfigurationPolicyAssociation(\"root_example\", {\n targetId: \"r-abcd\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst ouExample = new aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\", {\n targetId: \"ou-abcd-12345678\",\n policyId: exampleConfigurationPolicy.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration={\n \"configuration_type\": \"CENTRAL\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy={\n \"service_enabled\": True,\n \"enabled_standard_arns\": [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n \"security_controls_configuration\": {\n \"disabled_control_identifiers\": [],\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_organization_configuration]))\naccount_example = aws.securityhub.ConfigurationPolicyAssociation(\"account_example\",\n target_id=\"123456789012\",\n policy_id=example_configuration_policy.id)\nroot_example = aws.securityhub.ConfigurationPolicyAssociation(\"root_example\",\n target_id=\"r-abcd\",\n policy_id=example_configuration_policy.id)\nou_example = aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\",\n target_id=\"ou-abcd-12345678\",\n policy_id=example_configuration_policy.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleOrganizationConfiguration,\n },\n });\n\n var accountExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"account_example\", new()\n {\n TargetId = \"123456789012\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var rootExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"root_example\", new()\n {\n TargetId = \"r-abcd\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var ouExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"ou_example\", new()\n {\n TargetId = \"ou-abcd-12345678\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleConfigurationPolicy, err := securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleOrganizationConfiguration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"account_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"root_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"r-abcd\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"ou_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"ou-abcd-12345678\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociation;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder()\n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder()\n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleOrganizationConfiguration)\n .build());\n\n var accountExample = new ConfigurationPolicyAssociation(\"accountExample\", ConfigurationPolicyAssociationArgs.builder()\n .targetId(\"123456789012\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var rootExample = new ConfigurationPolicyAssociation(\"rootExample\", ConfigurationPolicyAssociationArgs.builder()\n .targetId(\"r-abcd\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var ouExample = new ConfigurationPolicyAssociation(\"ouExample\", ConfigurationPolicyAssociationArgs.builder()\n .targetId(\"ou-abcd-12345678\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${example}\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n options:\n dependson:\n - ${exampleOrganizationConfiguration}\n accountExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: account_example\n properties:\n targetId: '123456789012'\n policyId: ${exampleConfigurationPolicy.id}\n rootExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: root_example\n properties:\n targetId: r-abcd\n policyId: ${exampleConfigurationPolicy.id}\n ouExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: ou_example\n properties:\n targetId: ou-abcd-12345678\n policyId: ${exampleConfigurationPolicy.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the target id. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation example_account_association 123456789012\n```\n", "properties": { "policyId": { "type": "string", "description": "The universally unique identifier (UUID) of the configuration policy.\n" }, "targetId": { "type": "string", "description": "The identifier of the target account, organizational unit, or the root to associate with the specified configuration.\n" } }, "required": [ "policyId", "targetId" ], "inputProperties": { "policyId": { "type": "string", "description": "The universally unique identifier (UUID) of the configuration policy.\n" }, "targetId": { "type": "string", "description": "The identifier of the target account, organizational unit, or the root to associate with the specified configuration.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyId", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationPolicyAssociation resources.\n", "properties": { "policyId": { "type": "string", "description": "The universally unique identifier (UUID) of the configuration policy.\n" }, "targetId": { "type": "string", "description": "The identifier of the target account, organizational unit, or the root to associate with the specified configuration.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securityhub/findingAggregator:FindingAggregator": { "description": "Manages a Security Hub finding aggregator. Security Hub needs to be enabled in a region in order for the aggregator to pull through findings.\n\n## Example Usage\n\n### All Regions Usage\n\nThe following example will enable the aggregator for every region.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder()\n .linkingMode(\"ALL_REGIONS\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### All Regions Except Specified Regions Usage\n\nThe following example will enable the aggregator for every region except those specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS_EXCEPT_SPECIFIED\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder()\n .linkingMode(\"ALL_REGIONS_EXCEPT_SPECIFIED\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS_EXCEPT_SPECIFIED\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specified Regions Usage\n\nThe following example will enable the aggregator for every region specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"SPECIFIED_REGIONS\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"SPECIFIED_REGIONS\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"SPECIFIED_REGIONS\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"SPECIFIED_REGIONS\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder()\n .linkingMode(\"SPECIFIED_REGIONS\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: SPECIFIED_REGIONS\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub finding aggregator using the `arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/findingAggregator:FindingAggregator example arn:aws:securityhub:eu-west-1:123456789098:finding-aggregator/abcd1234-abcd-1234-1234-abcdef123456\n```\n", "properties": { "linkingMode": { "type": "string", "description": "Indicates whether to aggregate findings from all of the available Regions or from a specified list. The options are `ALL_REGIONS`, `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`. When `ALL_REGIONS` or `ALL_REGIONS_EXCEPT_SPECIFIED` are used, Security Hub will automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n" }, "specifiedRegions": { "type": "array", "items": { "type": "string" }, "description": "List of regions to include or exclude (required if `linking_mode` is set to `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`)\n" } }, "required": [ "linkingMode" ], "inputProperties": { "linkingMode": { "type": "string", "description": "Indicates whether to aggregate findings from all of the available Regions or from a specified list. The options are `ALL_REGIONS`, `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`. When `ALL_REGIONS` or `ALL_REGIONS_EXCEPT_SPECIFIED` are used, Security Hub will automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n" }, "specifiedRegions": { "type": "array", "items": { "type": "string" }, "description": "List of regions to include or exclude (required if `linking_mode` is set to `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`)\n" } }, "requiredInputs": [ "linkingMode" ], "stateInputs": { "description": "Input properties used for looking up and filtering FindingAggregator resources.\n", "properties": { "linkingMode": { "type": "string", "description": "Indicates whether to aggregate findings from all of the available Regions or from a specified list. The options are `ALL_REGIONS`, `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`. When `ALL_REGIONS` or `ALL_REGIONS_EXCEPT_SPECIFIED` are used, Security Hub will automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n" }, "specifiedRegions": { "type": "array", "items": { "type": "string" }, "description": "List of regions to include or exclude (required if `linking_mode` is set to `ALL_REGIONS_EXCEPT_SPECIFIED` or `SPECIFIED_REGIONS`)\n" } }, "type": "object" } }, "aws:securityhub/insight:Insight": { "description": "Provides a Security Hub custom insight resource. See the [Managing custom insights section](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-custom-insights.html) of the AWS User Guide for more information.\n\n## Example Usage\n\n### Filter by AWS account ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n awsAccountIds: [\n {\n comparison: \"EQUALS\",\n value: \"1234567890\",\n },\n {\n comparison: \"EQUALS\",\n value: \"09876543210\",\n },\n ],\n },\n groupByAttribute: \"AwsAccountId\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters={\n \"aws_account_ids\": [\n {\n \"comparison\": \"EQUALS\",\n \"value\": \"1234567890\",\n },\n {\n \"comparison\": \"EQUALS\",\n \"value\": \"09876543210\",\n },\n ],\n },\n group_by_attribute=\"AwsAccountId\",\n name=\"example-insight\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n AwsAccountIds = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"1234567890\",\n },\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"09876543210\",\n },\n },\n },\n GroupByAttribute = \"AwsAccountId\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tAwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"1234567890\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"09876543210\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"AwsAccountId\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder()\n .filters(InsightFiltersArgs.builder()\n .awsAccountIds( \n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"1234567890\")\n .build(),\n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"09876543210\")\n .build())\n .build())\n .groupByAttribute(\"AwsAccountId\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n awsAccountIds:\n - comparison: EQUALS\n value: '1234567890'\n - comparison: EQUALS\n value: '09876543210'\n groupByAttribute: AwsAccountId\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by date range\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n createdAts: [{\n dateRange: {\n unit: \"DAYS\",\n value: 5,\n },\n }],\n },\n groupByAttribute: \"CreatedAt\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters={\n \"created_ats\": [{\n \"date_range\": {\n \"unit\": \"DAYS\",\n \"value\": 5,\n },\n }],\n },\n group_by_attribute=\"CreatedAt\",\n name=\"example-insight\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n CreatedAts = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs\n {\n DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs\n {\n Unit = \"DAYS\",\n Value = 5,\n },\n },\n },\n },\n GroupByAttribute = \"CreatedAt\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tCreatedAts: securityhub.InsightFiltersCreatedAtArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersCreatedAtArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.InsightFiltersCreatedAtDateRangeArgs{\n\t\t\t\t\t\t\tUnit: pulumi.String(\"DAYS\"),\n\t\t\t\t\t\t\tValue: pulumi.Int(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"CreatedAt\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder()\n .filters(InsightFiltersArgs.builder()\n .createdAts(InsightFiltersCreatedAtArgs.builder()\n .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()\n .unit(\"DAYS\")\n .value(5)\n .build())\n .build())\n .build())\n .groupByAttribute(\"CreatedAt\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n createdAts:\n - dateRange:\n unit: DAYS\n value: 5\n groupByAttribute: CreatedAt\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by destination IPv4 address\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n networkDestinationIpv4s: [{\n cidr: \"10.0.0.0/16\",\n }],\n },\n groupByAttribute: \"NetworkDestinationIpV4\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters={\n \"network_destination_ipv4s\": [{\n \"cidr\": \"10.0.0.0/16\",\n }],\n },\n group_by_attribute=\"NetworkDestinationIpV4\",\n name=\"example-insight\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n NetworkDestinationIpv4s = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args\n {\n Cidr = \"10.0.0.0/16\",\n },\n },\n },\n GroupByAttribute = \"NetworkDestinationIpV4\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tNetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{\n\t\t\t\t\t\u0026securityhub.InsightFiltersNetworkDestinationIpv4Args{\n\t\t\t\t\t\tCidr: pulumi.String(\"10.0.0.0/16\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"NetworkDestinationIpV4\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder()\n .filters(InsightFiltersArgs.builder()\n .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()\n .cidr(\"10.0.0.0/16\")\n .build())\n .build())\n .groupByAttribute(\"NetworkDestinationIpV4\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n networkDestinationIpv4s:\n - cidr: 10.0.0.0/16\n groupByAttribute: NetworkDestinationIpV4\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by finding's confidence\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n confidences: [{\n gte: \"80\",\n }],\n },\n groupByAttribute: \"Confidence\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters={\n \"confidences\": [{\n \"gte\": \"80\",\n }],\n },\n group_by_attribute=\"Confidence\",\n name=\"example-insight\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n Confidences = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs\n {\n Gte = \"80\",\n },\n },\n },\n GroupByAttribute = \"Confidence\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tConfidences: securityhub.InsightFiltersConfidenceArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersConfidenceArgs{\n\t\t\t\t\t\tGte: pulumi.String(\"80\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"Confidence\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder()\n .filters(InsightFiltersArgs.builder()\n .confidences(InsightFiltersConfidenceArgs.builder()\n .gte(\"80\")\n .build())\n .build())\n .groupByAttribute(\"Confidence\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n confidences:\n - gte: '80'\n groupByAttribute: Confidence\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by resource tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n resourceTags: [{\n comparison: \"EQUALS\",\n key: \"Environment\",\n value: \"Production\",\n }],\n },\n groupByAttribute: \"ResourceTags\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters={\n \"resource_tags\": [{\n \"comparison\": \"EQUALS\",\n \"key\": \"Environment\",\n \"value\": \"Production\",\n }],\n },\n group_by_attribute=\"ResourceTags\",\n name=\"example-insight\",\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n ResourceTags = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs\n {\n Comparison = \"EQUALS\",\n Key = \"Environment\",\n Value = \"Production\",\n },\n },\n },\n GroupByAttribute = \"ResourceTags\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tResourceTags: securityhub.InsightFiltersResourceTagArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersResourceTagArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tKey: pulumi.String(\"Environment\"),\n\t\t\t\t\t\tValue: pulumi.String(\"Production\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"ResourceTags\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder()\n .filters(InsightFiltersArgs.builder()\n .resourceTags(InsightFiltersResourceTagArgs.builder()\n .comparison(\"EQUALS\")\n .key(\"Environment\")\n .value(\"Production\")\n .build())\n .build())\n .groupByAttribute(\"ResourceTags\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n resourceTags:\n - comparison: EQUALS\n key: Environment\n value: Production\n groupByAttribute: ResourceTags\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub insights using the ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/insight:Insight example arn:aws:securityhub:us-west-2:1234567890:insight/1234567890/custom/91299ed7-abd0-4e44-a858-d0b15e37141a\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the insight.\n" }, "filters": { "$ref": "#/types/aws:securityhub/InsightFilters:InsightFilters", "description": "A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.\n" }, "groupByAttribute": { "type": "string", "description": "The attribute used to group the findings for the insight e.g., if an insight is grouped by `ResourceId`, then the insight produces a list of resource identifiers.\n" }, "name": { "type": "string", "description": "The name of the custom insight.\n" } }, "required": [ "arn", "filters", "groupByAttribute", "name" ], "inputProperties": { "filters": { "$ref": "#/types/aws:securityhub/InsightFilters:InsightFilters", "description": "A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.\n" }, "groupByAttribute": { "type": "string", "description": "The attribute used to group the findings for the insight e.g., if an insight is grouped by `ResourceId`, then the insight produces a list of resource identifiers.\n" }, "name": { "type": "string", "description": "The name of the custom insight.\n" } }, "requiredInputs": [ "filters", "groupByAttribute" ], "stateInputs": { "description": "Input properties used for looking up and filtering Insight resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the insight.\n" }, "filters": { "$ref": "#/types/aws:securityhub/InsightFilters:InsightFilters", "description": "A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.\n" }, "groupByAttribute": { "type": "string", "description": "The attribute used to group the findings for the insight e.g., if an insight is grouped by `ResourceId`, then the insight produces a list of resource identifiers.\n" }, "name": { "type": "string", "description": "The name of the custom insight.\n" } }, "type": "object" } }, "aws:securityhub/inviteAccepter:InviteAccepter": { "description": "\u003e **Note:** AWS accounts can only be associated with a single Security Hub master account. Destroying this resource will disassociate the member account from the master account.\n\nAccepts a Security Hub invitation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n});\nconst invitee = new aws.securityhub.Account(\"invitee\", {});\nconst inviteeInviteAccepter = new aws.securityhub.InviteAccepter(\"invitee\", {masterId: exampleMember.masterId}, {\n dependsOn: [invitee],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True)\ninvitee = aws.securityhub.Account(\"invitee\")\ninvitee_invite_accepter = aws.securityhub.InviteAccepter(\"invitee\", master_id=example_member.master_id,\nopts = pulumi.ResourceOptions(depends_on=[invitee]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n });\n\n var invitee = new Aws.SecurityHub.Account(\"invitee\");\n\n var inviteeInviteAccepter = new Aws.SecurityHub.InviteAccepter(\"invitee\", new()\n {\n MasterId = exampleMember.MasterId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invitee,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleMember, err := securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvitee, err := securityhub.NewAccount(ctx, \"invitee\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInviteAccepter(ctx, \"invitee\", \u0026securityhub.InviteAccepterArgs{\n\t\t\tMasterId: exampleMember.MasterId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvitee,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport com.pulumi.aws.securityhub.InviteAccepter;\nimport com.pulumi.aws.securityhub.InviteAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder()\n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build());\n\n var invitee = new Account(\"invitee\");\n\n var inviteeInviteAccepter = new InviteAccepter(\"inviteeInviteAccepter\", InviteAccepterArgs.builder()\n .masterId(exampleMember.masterId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(invitee)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n invitee:\n type: aws:securityhub:Account\n inviteeInviteAccepter:\n type: aws:securityhub:InviteAccepter\n name: invitee\n properties:\n masterId: ${exampleMember.masterId}\n options:\n dependson:\n - ${invitee}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub invite acceptance using the account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/inviteAccepter:InviteAccepter example 123456789012\n```\n", "properties": { "invitationId": { "type": "string", "description": "The ID of the invitation.\n" }, "masterId": { "type": "string", "description": "The account ID of the master Security Hub account whose invitation you're accepting.\n" } }, "required": [ "invitationId", "masterId" ], "inputProperties": { "masterId": { "type": "string", "description": "The account ID of the master Security Hub account whose invitation you're accepting.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "masterId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InviteAccepter resources.\n", "properties": { "invitationId": { "type": "string", "description": "The ID of the invitation.\n" }, "masterId": { "type": "string", "description": "The account ID of the master Security Hub account whose invitation you're accepting.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securityhub/member:Member": { "description": "Provides a Security Hub member resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True,\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder()\n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub members using their account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/member:Member example 123456789012\n```\n", "properties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n" }, "email": { "type": "string", "description": "The email of the member AWS account.\n" }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n" }, "masterId": { "type": "string", "description": "The ID of the master Security Hub AWS account.\n" }, "memberStatus": { "type": "string", "description": "The status of the member account relationship.\n" } }, "required": [ "accountId", "masterId", "memberStatus" ], "inputProperties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The email of the member AWS account.\n", "willReplaceOnChanges": true }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Member resources.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the member AWS account.\n", "willReplaceOnChanges": true }, "email": { "type": "string", "description": "The email of the member AWS account.\n", "willReplaceOnChanges": true }, "invite": { "type": "boolean", "description": "Boolean whether to invite the account to Security Hub as a member. Defaults to `false`.\n", "willReplaceOnChanges": true }, "masterId": { "type": "string", "description": "The ID of the master Security Hub AWS account.\n" }, "memberStatus": { "type": "string", "description": "The status of the member account relationship.\n" } }, "type": "object" } }, "aws:securityhub/organizationAdminAccount:OrganizationAdminAccount": { "description": "Manages a Security Hub administrator account for an organization. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Security Hub can be found in the [Security Hub User Guide](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleAccount = new aws.securityhub.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n// Auto enable security hub in organization member accounts\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_account = aws.securityhub.Account(\"example\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n# Auto enable security hub in organization member accounts\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleAccount = new Aws.SecurityHub.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Auto enable security hub in organization member accounts\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder()\n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleAccount:\n type: aws:securityhub:Account\n name: example\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n # Auto enable security hub in organization member accounts\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub Organization Admin Accounts using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "adminAccountId": { "type": "string", "description": "The AWS account identifier of the account to designate as the Security Hub administrator account.\n" } }, "required": [ "adminAccountId" ], "inputProperties": { "adminAccountId": { "type": "string", "description": "The AWS account identifier of the account to designate as the Security Hub administrator account.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "adminAccountId" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationAdminAccount resources.\n", "properties": { "adminAccountId": { "type": "string", "description": "The AWS account identifier of the account to designate as the Security Hub administrator account.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securityhub/organizationConfiguration:OrganizationConfiguration": { "description": "Manages the Security Hub Organization Configuration.\n\n\u003e **NOTE:** This resource requires an `aws.securityhub.OrganizationAdminAccount` to be configured (not necessarily with Pulumi). More information about managing Security Hub in an organization can be found in the [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) documentation.\n\n\u003e **NOTE:** In order to set the `configuration_type` to `CENTRAL`, the delegated admin must be a member account of the organization and not the management account. Central configuration also requires an `aws.securityhub.FindingAggregator` to be configured.\n\n\u003e **NOTE:** This is an advanced AWS resource. Pulumi will automatically assume management of the Security Hub Organization Configuration without import and perform no actions on removal from the Pulumi program.\n\n\u003e **NOTE:** Deleting this resource resets security hub to a local organization configuration with auto enable false.\n\n## Example Usage\n\n### Local Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder()\n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder()\n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Central Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [exampleAwsOrganizationsOrganization],\n});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"}, {\n dependsOn: [example],\n});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [exampleFindingAggregator],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts = pulumi.ResourceOptions(depends_on=[example_aws_organizations_organization]))\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration={\n \"configuration_type\": \"CENTRAL\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_finding_aggregator]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsOrganizationsOrganization,\n },\n });\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleFindingAggregator,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsOrganizationsOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFindingAggregator, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleFindingAggregator,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationAdminAccount(\"example\", OrganizationAdminAccountArgs.builder()\n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsOrganizationsOrganization)\n .build());\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder()\n .linkingMode(\"ALL_REGIONS\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder()\n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleFindingAggregator)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:OrganizationAdminAccount\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${exampleAwsOrganizationsOrganization}\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n options:\n dependson:\n - ${example}\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${exampleFindingAggregator}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationConfiguration:OrganizationConfiguration example 123456789012\n```\n", "properties": { "autoEnable": { "type": "boolean", "description": "Whether to automatically enable Security Hub for new accounts in the organization.\n" }, "autoEnableStandards": { "type": "string", "description": "Whether to automatically enable Security Hub default standards for new member accounts in the organization. By default, this parameter is equal to `DEFAULT`, and new member accounts are automatically enabled with default Security Hub standards. To opt out of enabling default standards for new member accounts, set this parameter equal to `NONE`.\n" }, "organizationConfiguration": { "$ref": "#/types/aws:securityhub/OrganizationConfigurationOrganizationConfiguration:OrganizationConfigurationOrganizationConfiguration", "description": "Provides information about the way an organization is configured in Security Hub.\n", "language": { "csharp": { "name": "OrganizationConfigurationDetails" } } } }, "required": [ "autoEnable", "autoEnableStandards", "organizationConfiguration" ], "inputProperties": { "autoEnable": { "type": "boolean", "description": "Whether to automatically enable Security Hub for new accounts in the organization.\n" }, "autoEnableStandards": { "type": "string", "description": "Whether to automatically enable Security Hub default standards for new member accounts in the organization. By default, this parameter is equal to `DEFAULT`, and new member accounts are automatically enabled with default Security Hub standards. To opt out of enabling default standards for new member accounts, set this parameter equal to `NONE`.\n" }, "organizationConfiguration": { "$ref": "#/types/aws:securityhub/OrganizationConfigurationOrganizationConfiguration:OrganizationConfigurationOrganizationConfiguration", "description": "Provides information about the way an organization is configured in Security Hub.\n", "language": { "csharp": { "name": "OrganizationConfigurationDetails" } } } }, "requiredInputs": [ "autoEnable" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationConfiguration resources.\n", "properties": { "autoEnable": { "type": "boolean", "description": "Whether to automatically enable Security Hub for new accounts in the organization.\n" }, "autoEnableStandards": { "type": "string", "description": "Whether to automatically enable Security Hub default standards for new member accounts in the organization. By default, this parameter is equal to `DEFAULT`, and new member accounts are automatically enabled with default Security Hub standards. To opt out of enabling default standards for new member accounts, set this parameter equal to `NONE`.\n" }, "organizationConfiguration": { "$ref": "#/types/aws:securityhub/OrganizationConfigurationOrganizationConfiguration:OrganizationConfigurationOrganizationConfiguration", "description": "Provides information about the way an organization is configured in Security Hub.\n", "language": { "csharp": { "name": "OrganizationConfigurationDetails" } } } }, "type": "object" } }, "aws:securityhub/productSubscription:ProductSubscription": { "description": "Subscribes to a Security Hub product.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst exampleProductSubscription = new aws.securityhub.ProductSubscription(\"example\", {productArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement`)}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\nexample_product_subscription = aws.securityhub.ProductSubscription(\"example\", product_arn=f\"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var exampleProductSubscription = new Aws.SecurityHub.ProductSubscription(\"example\", new()\n {\n ProductArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:733251395267:product/alertlogic/althreatmanagement\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewProductSubscription(ctx, \"example\", \u0026securityhub.ProductSubscriptionArgs{\n\t\t\tProductArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v:733251395267:product/alertlogic/althreatmanagement\", current.Name)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.ProductSubscription;\nimport com.pulumi.aws.securityhub.ProductSubscriptionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var exampleProductSubscription = new ProductSubscription(\"exampleProductSubscription\", ProductSubscriptionArgs.builder()\n .productArn(String.format(\"arn:aws:securityhub:%s:733251395267:product/alertlogic/althreatmanagement\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleProductSubscription:\n type: aws:securityhub:ProductSubscription\n name: example\n properties:\n productArn: arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement\n options:\n dependson:\n - ${example}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub product subscriptions using `product_arn,arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/productSubscription:ProductSubscription example arn:aws:securityhub:eu-west-1:733251395267:product/alertlogic/althreatmanagement,arn:aws:securityhub:eu-west-1:123456789012:product-subscription/alertlogic/althreatmanagement\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.\n" }, "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n\nAmazon maintains a list of [Product integrations in AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) that changes over time. Any of the products on the linked [Available AWS service integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html) or [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) can be configured using `aws.securityhub.ProductSubscription`.\n\nAvailable products can also be listed by running the AWS CLI command `aws securityhub describe-products`.\n\nA subset of currently available products (remember to replace `${var.region}` as appropriate) includes:\n\n* `arn:aws:securityhub:${var.region}::product/aws/guardduty`\n* `arn:aws:securityhub:${var.region}::product/aws/inspector`\n* `arn:aws:securityhub:${var.region}::product/aws/macie`\n* `arn:aws:securityhub:${var.region}::product/alertlogic/althreatmanagement`\n* `arn:aws:securityhub:${var.region}::product/armordefense/armoranywhere`\n* `arn:aws:securityhub:${var.region}::product/barracuda/cloudsecurityguardian`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/cloudguard-iaas`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/dome9-arc`\n* `arn:aws:securityhub:${var.region}::product/crowdstrike/crowdstrike-falcon`\n* `arn:aws:securityhub:${var.region}::product/cyberark/cyberark-pta`\n* `arn:aws:securityhub:${var.region}::product/f5networks/f5-advanced-waf`\n* `arn:aws:securityhub:${var.region}::product/fortinet/fortigate`\n* `arn:aws:securityhub:${var.region}::product/guardicore/aws-infection-monkey`\n* `arn:aws:securityhub:${var.region}::product/guardicore/guardicore`\n* `arn:aws:securityhub:${var.region}::product/ibm/qradar-siem`\n* `arn:aws:securityhub:${var.region}::product/imperva/imperva-attack-analytics`\n* `arn:aws:securityhub:${var.region}::product/mcafee-skyhigh/mcafee-mvision-cloud-aws`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/redlock`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/vm-series`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-pc`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-vm`\n* `arn:aws:securityhub:${var.region}::product/rapid7/insightvm`\n* `arn:aws:securityhub:${var.region}::product/sophos/sophos-server-protection`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-enterprise`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-phantom`\n* `arn:aws:securityhub:${var.region}::product/sumologicinc/sumologic-mda`\n* `arn:aws:securityhub:${var.region}::product/symantec-corp/symantec-cwp`\n* `arn:aws:securityhub:${var.region}::product/tenable/tenable-io`\n* `arn:aws:securityhub:${var.region}::product/trend-micro/deep-security`\n* `arn:aws:securityhub:${var.region}::product/turbot/turbot`\n* `arn:aws:securityhub:${var.region}::product/twistlock/twistlock-enterprise`\n" } }, "required": [ "arn", "productArn" ], "inputProperties": { "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n\nAmazon maintains a list of [Product integrations in AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) that changes over time. Any of the products on the linked [Available AWS service integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html) or [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) can be configured using `aws.securityhub.ProductSubscription`.\n\nAvailable products can also be listed by running the AWS CLI command `aws securityhub describe-products`.\n\nA subset of currently available products (remember to replace `${var.region}` as appropriate) includes:\n\n* `arn:aws:securityhub:${var.region}::product/aws/guardduty`\n* `arn:aws:securityhub:${var.region}::product/aws/inspector`\n* `arn:aws:securityhub:${var.region}::product/aws/macie`\n* `arn:aws:securityhub:${var.region}::product/alertlogic/althreatmanagement`\n* `arn:aws:securityhub:${var.region}::product/armordefense/armoranywhere`\n* `arn:aws:securityhub:${var.region}::product/barracuda/cloudsecurityguardian`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/cloudguard-iaas`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/dome9-arc`\n* `arn:aws:securityhub:${var.region}::product/crowdstrike/crowdstrike-falcon`\n* `arn:aws:securityhub:${var.region}::product/cyberark/cyberark-pta`\n* `arn:aws:securityhub:${var.region}::product/f5networks/f5-advanced-waf`\n* `arn:aws:securityhub:${var.region}::product/fortinet/fortigate`\n* `arn:aws:securityhub:${var.region}::product/guardicore/aws-infection-monkey`\n* `arn:aws:securityhub:${var.region}::product/guardicore/guardicore`\n* `arn:aws:securityhub:${var.region}::product/ibm/qradar-siem`\n* `arn:aws:securityhub:${var.region}::product/imperva/imperva-attack-analytics`\n* `arn:aws:securityhub:${var.region}::product/mcafee-skyhigh/mcafee-mvision-cloud-aws`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/redlock`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/vm-series`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-pc`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-vm`\n* `arn:aws:securityhub:${var.region}::product/rapid7/insightvm`\n* `arn:aws:securityhub:${var.region}::product/sophos/sophos-server-protection`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-enterprise`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-phantom`\n* `arn:aws:securityhub:${var.region}::product/sumologicinc/sumologic-mda`\n* `arn:aws:securityhub:${var.region}::product/symantec-corp/symantec-cwp`\n* `arn:aws:securityhub:${var.region}::product/tenable/tenable-io`\n* `arn:aws:securityhub:${var.region}::product/trend-micro/deep-security`\n* `arn:aws:securityhub:${var.region}::product/turbot/turbot`\n* `arn:aws:securityhub:${var.region}::product/twistlock/twistlock-enterprise`\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "productArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProductSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.\n" }, "productArn": { "type": "string", "description": "The ARN of the product that generates findings that you want to import into Security Hub - see below.\n\nAmazon maintains a list of [Product integrations in AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) that changes over time. Any of the products on the linked [Available AWS service integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html) or [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) can be configured using `aws.securityhub.ProductSubscription`.\n\nAvailable products can also be listed by running the AWS CLI command `aws securityhub describe-products`.\n\nA subset of currently available products (remember to replace `${var.region}` as appropriate) includes:\n\n* `arn:aws:securityhub:${var.region}::product/aws/guardduty`\n* `arn:aws:securityhub:${var.region}::product/aws/inspector`\n* `arn:aws:securityhub:${var.region}::product/aws/macie`\n* `arn:aws:securityhub:${var.region}::product/alertlogic/althreatmanagement`\n* `arn:aws:securityhub:${var.region}::product/armordefense/armoranywhere`\n* `arn:aws:securityhub:${var.region}::product/barracuda/cloudsecurityguardian`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/cloudguard-iaas`\n* `arn:aws:securityhub:${var.region}::product/checkpoint/dome9-arc`\n* `arn:aws:securityhub:${var.region}::product/crowdstrike/crowdstrike-falcon`\n* `arn:aws:securityhub:${var.region}::product/cyberark/cyberark-pta`\n* `arn:aws:securityhub:${var.region}::product/f5networks/f5-advanced-waf`\n* `arn:aws:securityhub:${var.region}::product/fortinet/fortigate`\n* `arn:aws:securityhub:${var.region}::product/guardicore/aws-infection-monkey`\n* `arn:aws:securityhub:${var.region}::product/guardicore/guardicore`\n* `arn:aws:securityhub:${var.region}::product/ibm/qradar-siem`\n* `arn:aws:securityhub:${var.region}::product/imperva/imperva-attack-analytics`\n* `arn:aws:securityhub:${var.region}::product/mcafee-skyhigh/mcafee-mvision-cloud-aws`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/redlock`\n* `arn:aws:securityhub:${var.region}::product/paloaltonetworks/vm-series`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-pc`\n* `arn:aws:securityhub:${var.region}::product/qualys/qualys-vm`\n* `arn:aws:securityhub:${var.region}::product/rapid7/insightvm`\n* `arn:aws:securityhub:${var.region}::product/sophos/sophos-server-protection`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-enterprise`\n* `arn:aws:securityhub:${var.region}::product/splunk/splunk-phantom`\n* `arn:aws:securityhub:${var.region}::product/sumologicinc/sumologic-mda`\n* `arn:aws:securityhub:${var.region}::product/symantec-corp/symantec-cwp`\n* `arn:aws:securityhub:${var.region}::product/tenable/tenable-io`\n* `arn:aws:securityhub:${var.region}::product/trend-micro/deep-security`\n* `arn:aws:securityhub:${var.region}::product/turbot/turbot`\n* `arn:aws:securityhub:${var.region}::product/twistlock/twistlock-enterprise`\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securityhub/standardsControl:StandardsControl": { "description": "Disable/enable Security Hub standards control in the current region.\n\nThe `aws.securityhub.StandardsControl` behaves differently from normal resources, in that\nPulumi does not _create_ this resource, but instead \"adopts\" it\ninto management. When you _delete_ this resource configuration, Pulumi \"abandons\" resource as is and just removes it from the state.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst cisAwsFoundationsBenchmark = new aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"}, {\n dependsOn: [example],\n});\nconst ensureIamPasswordPolicyPreventsPasswordReuse = new aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", {\n standardsControlArn: \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n controlStatus: \"DISABLED\",\n disabledReason: \"We handle password policies within Okta\",\n}, {\n dependsOn: [cisAwsFoundationsBenchmark],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\nensure_iam_password_policy_prevents_password_reuse = aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\",\n standards_control_arn=\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n control_status=\"DISABLED\",\n disabled_reason=\"We handle password policies within Okta\",\n opts = pulumi.ResourceOptions(depends_on=[cis_aws_foundations_benchmark]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new Aws.SecurityHub.StandardsSubscription(\"cis_aws_foundations_benchmark\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new Aws.SecurityHub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", new()\n {\n StandardsControlArn = \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n ControlStatus = \"DISABLED\",\n DisabledReason = \"We handle password policies within Okta\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n cisAwsFoundationsBenchmark,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcisAwsFoundationsBenchmark, err := securityhub.NewStandardsSubscription(ctx, \"cis_aws_foundations_benchmark\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsControl(ctx, \"ensure_iam_password_policy_prevents_password_reuse\", \u0026securityhub.StandardsControlArgs{\n\t\t\tStandardsControlArn: pulumi.String(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\"),\n\t\t\tControlStatus: pulumi.String(\"DISABLED\"),\n\t\t\tDisabledReason: pulumi.String(\"We handle password policies within Okta\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tcisAwsFoundationsBenchmark,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport com.pulumi.aws.securityhub.StandardsControl;\nimport com.pulumi.aws.securityhub.StandardsControlArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new StandardsSubscription(\"cisAwsFoundationsBenchmark\", StandardsSubscriptionArgs.builder()\n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new StandardsControl(\"ensureIamPasswordPolicyPreventsPasswordReuse\", StandardsControlArgs.builder()\n .standardsControlArn(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\")\n .controlStatus(\"DISABLED\")\n .disabledReason(\"We handle password policies within Okta\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(cisAwsFoundationsBenchmark)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cisAwsFoundationsBenchmark:\n type: aws:securityhub:StandardsSubscription\n name: cis_aws_foundations_benchmark\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n options:\n dependson:\n - ${example}\n ensureIamPasswordPolicyPreventsPasswordReuse:\n type: aws:securityhub:StandardsControl\n name: ensure_iam_password_policy_prevents_password_reuse\n properties:\n standardsControlArn: arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\n controlStatus: DISABLED\n disabledReason: We handle password policies within Okta\n options:\n dependson:\n - ${cisAwsFoundationsBenchmark}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "controlId": { "type": "string", "description": "The identifier of the security standard control.\n" }, "controlStatus": { "type": "string", "description": "The control status could be `ENABLED` or `DISABLED`. You have to specify `disabled_reason` argument for `DISABLED` control status.\n" }, "controlStatusUpdatedAt": { "type": "string", "description": "The date and time that the status of the security standard control was most recently updated.\n" }, "description": { "type": "string", "description": "The standard control longer description. Provides information about what the control is checking for.\n" }, "disabledReason": { "type": "string", "description": "A description of the reason why you are disabling a security standard control. If you specify this attribute, `control_status` will be set to `DISABLED` automatically.\n" }, "relatedRequirements": { "type": "array", "items": { "type": "string" }, "description": "The list of requirements that are related to this control.\n" }, "remediationUrl": { "type": "string", "description": "A link to remediation information for the control in the Security Hub user documentation.\n" }, "severityRating": { "type": "string", "description": "The severity of findings generated from this security standard control.\n" }, "standardsControlArn": { "type": "string", "description": "The standards control ARN. See the AWS documentation for how to list existing controls using [`get-enabled-standards`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/get-enabled-standards.html) and [`describe-standards-controls`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/describe-standards-controls.html).\n" }, "title": { "type": "string", "description": "The standard control title.\n" } }, "required": [ "controlId", "controlStatus", "controlStatusUpdatedAt", "description", "disabledReason", "relatedRequirements", "remediationUrl", "severityRating", "standardsControlArn", "title" ], "inputProperties": { "controlStatus": { "type": "string", "description": "The control status could be `ENABLED` or `DISABLED`. You have to specify `disabled_reason` argument for `DISABLED` control status.\n" }, "disabledReason": { "type": "string", "description": "A description of the reason why you are disabling a security standard control. If you specify this attribute, `control_status` will be set to `DISABLED` automatically.\n" }, "standardsControlArn": { "type": "string", "description": "The standards control ARN. See the AWS documentation for how to list existing controls using [`get-enabled-standards`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/get-enabled-standards.html) and [`describe-standards-controls`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/describe-standards-controls.html).\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "controlStatus", "standardsControlArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StandardsControl resources.\n", "properties": { "controlId": { "type": "string", "description": "The identifier of the security standard control.\n" }, "controlStatus": { "type": "string", "description": "The control status could be `ENABLED` or `DISABLED`. You have to specify `disabled_reason` argument for `DISABLED` control status.\n" }, "controlStatusUpdatedAt": { "type": "string", "description": "The date and time that the status of the security standard control was most recently updated.\n" }, "description": { "type": "string", "description": "The standard control longer description. Provides information about what the control is checking for.\n" }, "disabledReason": { "type": "string", "description": "A description of the reason why you are disabling a security standard control. If you specify this attribute, `control_status` will be set to `DISABLED` automatically.\n" }, "relatedRequirements": { "type": "array", "items": { "type": "string" }, "description": "The list of requirements that are related to this control.\n" }, "remediationUrl": { "type": "string", "description": "A link to remediation information for the control in the Security Hub user documentation.\n" }, "severityRating": { "type": "string", "description": "The severity of findings generated from this security standard control.\n" }, "standardsControlArn": { "type": "string", "description": "The standards control ARN. See the AWS documentation for how to list existing controls using [`get-enabled-standards`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/get-enabled-standards.html) and [`describe-standards-controls`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/describe-standards-controls.html).\n", "willReplaceOnChanges": true }, "title": { "type": "string", "description": "The standard control title.\n" } }, "type": "object" } }, "aws:securityhub/standardsSubscription:StandardsSubscription": { "description": "Subscribes to a Security Hub standard.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst cis = new aws.securityhub.StandardsSubscription(\"cis\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"}, {\n dependsOn: [example],\n});\nconst pci321 = new aws.securityhub.StandardsSubscription(\"pci_321\", {standardsArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1`)}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\ncis = aws.securityhub.StandardsSubscription(\"cis\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\npci321 = aws.securityhub.StandardsSubscription(\"pci_321\", standards_arn=f\"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1\",\nopts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var cis = new Aws.SecurityHub.StandardsSubscription(\"cis\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n var pci321 = new Aws.SecurityHub.StandardsSubscription(\"pci_321\", new()\n {\n StandardsArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}::standards/pci-dss/v/3.2.1\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"cis\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"pci_321\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v::standards/pci-dss/v/3.2.1\", current.Name)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var cis = new StandardsSubscription(\"cis\", StandardsSubscriptionArgs.builder()\n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var pci321 = new StandardsSubscription(\"pci321\", StandardsSubscriptionArgs.builder()\n .standardsArn(String.format(\"arn:aws:securityhub:%s::standards/pci-dss/v/3.2.1\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cis:\n type: aws:securityhub:StandardsSubscription\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n options:\n dependson:\n - ${example}\n pci321:\n type: aws:securityhub:StandardsSubscription\n name: pci_321\n properties:\n standardsArn: arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1\n options:\n dependson:\n - ${example}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub standards subscriptions using the standards subscription ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription cis arn:aws:securityhub:eu-west-1:123456789012:subscription/cis-aws-foundations-benchmark/v/1.2.0\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription pci_321 arn:aws:securityhub:eu-west-1:123456789012:subscription/pci-dss/v/3.2.1\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription nist_800_53_rev_5 arn:aws:securityhub:eu-west-1:123456789012:subscription/nist-800-53/v/5.0.0\n```\n", "properties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n\nCurrently available standards (remember to replace `${var.partition}` and `${var.region}` as appropriate):\n\n| Name | ARN |\n|------------------------------------------|--------------------------------------------------------------------------------------------------------------|\n| AWS Foundational Security Best Practices | `arn:${var.partition}:securityhub:${var.region}::standards/aws-foundational-security-best-practices/v/1.0.0` |\n| AWS Resource Tagging Standard | `arn:${var.partition}:securityhub:${var.region}::standards/aws-resource-tagging-standard/v/1.0.0` |\n| CIS AWS Foundations Benchmark v1.2.0 | `arn:${var.partition}:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0` |\n| CIS AWS Foundations Benchmark v1.4.0 | `arn:${var.partition}:securityhub:${var.region}::standards/cis-aws-foundations-benchmark/v/1.4.0` |\n| NIST SP 800-53 Rev. 5 | `arn:${var.partition}:securityhub:${var.region}::standards/nist-800-53/v/5.0.0` |\n| PCI DSS | `arn:${var.partition}:securityhub:${var.region}::standards/pci-dss/v/3.2.1` |\n" } }, "required": [ "standardsArn" ], "inputProperties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n\nCurrently available standards (remember to replace `${var.partition}` and `${var.region}` as appropriate):\n\n| Name | ARN |\n|------------------------------------------|--------------------------------------------------------------------------------------------------------------|\n| AWS Foundational Security Best Practices | `arn:${var.partition}:securityhub:${var.region}::standards/aws-foundational-security-best-practices/v/1.0.0` |\n| AWS Resource Tagging Standard | `arn:${var.partition}:securityhub:${var.region}::standards/aws-resource-tagging-standard/v/1.0.0` |\n| CIS AWS Foundations Benchmark v1.2.0 | `arn:${var.partition}:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0` |\n| CIS AWS Foundations Benchmark v1.4.0 | `arn:${var.partition}:securityhub:${var.region}::standards/cis-aws-foundations-benchmark/v/1.4.0` |\n| NIST SP 800-53 Rev. 5 | `arn:${var.partition}:securityhub:${var.region}::standards/nist-800-53/v/5.0.0` |\n| PCI DSS | `arn:${var.partition}:securityhub:${var.region}::standards/pci-dss/v/3.2.1` |\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "standardsArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StandardsSubscription resources.\n", "properties": { "standardsArn": { "type": "string", "description": "The ARN of a standard - see below.\n\nCurrently available standards (remember to replace `${var.partition}` and `${var.region}` as appropriate):\n\n| Name | ARN |\n|------------------------------------------|--------------------------------------------------------------------------------------------------------------|\n| AWS Foundational Security Best Practices | `arn:${var.partition}:securityhub:${var.region}::standards/aws-foundational-security-best-practices/v/1.0.0` |\n| AWS Resource Tagging Standard | `arn:${var.partition}:securityhub:${var.region}::standards/aws-resource-tagging-standard/v/1.0.0` |\n| CIS AWS Foundations Benchmark v1.2.0 | `arn:${var.partition}:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0` |\n| CIS AWS Foundations Benchmark v1.4.0 | `arn:${var.partition}:securityhub:${var.region}::standards/cis-aws-foundations-benchmark/v/1.4.0` |\n| NIST SP 800-53 Rev. 5 | `arn:${var.partition}:securityhub:${var.region}::standards/nist-800-53/v/5.0.0` |\n| PCI DSS | `arn:${var.partition}:securityhub:${var.region}::standards/pci-dss/v/3.2.1` |\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:securitylake/awsLogSource:AwsLogSource": { "description": "Resource for managing an Amazon Security Lake AWS Log Source.\n\n\u003e **NOTE:** A single `aws.securitylake.AwsLogSource` should be used to configure a log source across all regions and accounts.\n\n\u003e **NOTE:** The underlying `aws.securitylake.DataLake` must be configured before creating the `aws.securitylake.AwsLogSource`. Use a `depends_on` statement.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.AwsLogSource(\"example\", {source: {\n accounts: [\"123456789012\"],\n regions: [\"eu-west-1\"],\n sourceName: \"ROUTE53\",\n}}, {\n dependsOn: [exampleAwsSecuritylakeDataLake],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.AwsLogSource(\"example\", source={\n \"accounts\": [\"123456789012\"],\n \"regions\": [\"eu-west-1\"],\n \"source_name\": \"ROUTE53\",\n},\nopts = pulumi.ResourceOptions(depends_on=[example_aws_securitylake_data_lake]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.AwsLogSource(\"example\", new()\n {\n Source = new Aws.SecurityLake.Inputs.AwsLogSourceSourceArgs\n {\n Accounts = new[]\n {\n \"123456789012\",\n },\n Regions = new[]\n {\n \"eu-west-1\",\n },\n SourceName = \"ROUTE53\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecuritylakeDataLake,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewAwsLogSource(ctx, \"example\", \u0026securitylake.AwsLogSourceArgs{\n\t\t\tSource: \u0026securitylake.AwsLogSourceSourceArgs{\n\t\t\t\tAccounts: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\t},\n\t\t\t\tSourceName: pulumi.String(\"ROUTE53\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecuritylakeDataLake,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.AwsLogSource;\nimport com.pulumi.aws.securitylake.AwsLogSourceArgs;\nimport com.pulumi.aws.securitylake.inputs.AwsLogSourceSourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AwsLogSource(\"example\", AwsLogSourceArgs.builder()\n .source(AwsLogSourceSourceArgs.builder()\n .accounts(\"123456789012\")\n .regions(\"eu-west-1\")\n .sourceName(\"ROUTE53\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecuritylakeDataLake)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:AwsLogSource\n properties:\n source:\n accounts:\n - '123456789012'\n regions:\n - eu-west-1\n sourceName: ROUTE53\n options:\n dependson:\n - ${exampleAwsSecuritylakeDataLake}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS log sources using the source name. For example:\n\n```sh\n$ pulumi import aws:securitylake/awsLogSource:AwsLogSource example ROUTE53\n```\n", "properties": { "source": { "$ref": "#/types/aws:securitylake/AwsLogSourceSource:AwsLogSourceSource", "description": "Specify the natively-supported AWS service to add as a source in Security Lake.\n" } }, "inputProperties": { "source": { "$ref": "#/types/aws:securitylake/AwsLogSourceSource:AwsLogSourceSource", "description": "Specify the natively-supported AWS service to add as a source in Security Lake.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AwsLogSource resources.\n", "properties": { "source": { "$ref": "#/types/aws:securitylake/AwsLogSourceSource:AwsLogSourceSource", "description": "Specify the natively-supported AWS service to add as a source in Security Lake.\n" } }, "type": "object" } }, "aws:securitylake/customLogSource:CustomLogSource": { "description": "Resource for managing an AWS Security Lake Custom Log Source.\n\n\u003e **NOTE:** The underlying `aws.securitylake.DataLake` must be configured before creating the `aws.securitylake.CustomLogSource`. Use a `depends_on` statement.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.CustomLogSource(\"example\", {\n sourceName: \"example-name\",\n sourceVersion: \"1.0\",\n eventClasses: [\"FILE_ACTIVITY\"],\n configuration: {\n crawlerConfiguration: {\n roleArn: customLog.arn,\n },\n providerIdentity: {\n externalId: \"example-id\",\n principal: \"123456789012\",\n },\n },\n}, {\n dependsOn: [exampleAwsSecuritylakeDataLake],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.CustomLogSource(\"example\",\n source_name=\"example-name\",\n source_version=\"1.0\",\n event_classes=[\"FILE_ACTIVITY\"],\n configuration={\n \"crawler_configuration\": {\n \"role_arn\": custom_log[\"arn\"],\n },\n \"provider_identity\": {\n \"external_id\": \"example-id\",\n \"principal\": \"123456789012\",\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_securitylake_data_lake]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.CustomLogSource(\"example\", new()\n {\n SourceName = \"example-name\",\n SourceVersion = \"1.0\",\n EventClasses = new[]\n {\n \"FILE_ACTIVITY\",\n },\n Configuration = new Aws.SecurityLake.Inputs.CustomLogSourceConfigurationArgs\n {\n CrawlerConfiguration = new Aws.SecurityLake.Inputs.CustomLogSourceConfigurationCrawlerConfigurationArgs\n {\n RoleArn = customLog.Arn,\n },\n ProviderIdentity = new Aws.SecurityLake.Inputs.CustomLogSourceConfigurationProviderIdentityArgs\n {\n ExternalId = \"example-id\",\n Principal = \"123456789012\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecuritylakeDataLake,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewCustomLogSource(ctx, \"example\", \u0026securitylake.CustomLogSourceArgs{\n\t\t\tSourceName: pulumi.String(\"example-name\"),\n\t\t\tSourceVersion: pulumi.String(\"1.0\"),\n\t\t\tEventClasses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"FILE_ACTIVITY\"),\n\t\t\t},\n\t\t\tConfiguration: \u0026securitylake.CustomLogSourceConfigurationArgs{\n\t\t\t\tCrawlerConfiguration: \u0026securitylake.CustomLogSourceConfigurationCrawlerConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(customLog.Arn),\n\t\t\t\t},\n\t\t\t\tProviderIdentity: \u0026securitylake.CustomLogSourceConfigurationProviderIdentityArgs{\n\t\t\t\t\tExternalId: pulumi.String(\"example-id\"),\n\t\t\t\t\tPrincipal: pulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecuritylakeDataLake,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.CustomLogSource;\nimport com.pulumi.aws.securitylake.CustomLogSourceArgs;\nimport com.pulumi.aws.securitylake.inputs.CustomLogSourceConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.CustomLogSourceConfigurationCrawlerConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.CustomLogSourceConfigurationProviderIdentityArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CustomLogSource(\"example\", CustomLogSourceArgs.builder()\n .sourceName(\"example-name\")\n .sourceVersion(\"1.0\")\n .eventClasses(\"FILE_ACTIVITY\")\n .configuration(CustomLogSourceConfigurationArgs.builder()\n .crawlerConfiguration(CustomLogSourceConfigurationCrawlerConfigurationArgs.builder()\n .roleArn(customLog.arn())\n .build())\n .providerIdentity(CustomLogSourceConfigurationProviderIdentityArgs.builder()\n .externalId(\"example-id\")\n .principal(\"123456789012\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecuritylakeDataLake)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:CustomLogSource\n properties:\n sourceName: example-name\n sourceVersion: '1.0'\n eventClasses:\n - FILE_ACTIVITY\n configuration:\n crawlerConfiguration:\n roleArn: ${customLog.arn}\n providerIdentity:\n externalId: example-id\n principal: '123456789012'\n options:\n dependson:\n - ${exampleAwsSecuritylakeDataLake}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Custom log sources using the source name. For example:\n\n```sh\n$ pulumi import aws:securitylake/customLogSource:CustomLogSource example example-name\n```\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/CustomLogSourceAttribute:CustomLogSourceAttribute" }, "description": "The attributes of a third-party custom source.\n" }, "configuration": { "$ref": "#/types/aws:securitylake/CustomLogSourceConfiguration:CustomLogSourceConfiguration", "description": "The configuration for the third-party custom source.\n" }, "eventClasses": { "type": "array", "items": { "type": "string" }, "description": "The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.\n" }, "providerDetails": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/CustomLogSourceProviderDetail:CustomLogSourceProviderDetail" }, "description": "The details of the log provider for a third-party custom source.\n" }, "sourceName": { "type": "string", "description": "Specify the name for a third-party custom source.\nThis must be a Regionally unique value.\nHas a maximum length of 20.\n" }, "sourceVersion": { "type": "string", "description": "Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.\n" } }, "required": [ "attributes", "providerDetails", "sourceName", "sourceVersion" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:securitylake/CustomLogSourceConfiguration:CustomLogSourceConfiguration", "description": "The configuration for the third-party custom source.\n" }, "eventClasses": { "type": "array", "items": { "type": "string" }, "description": "The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.\n" }, "sourceName": { "type": "string", "description": "Specify the name for a third-party custom source.\nThis must be a Regionally unique value.\nHas a maximum length of 20.\n" }, "sourceVersion": { "type": "string", "description": "Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.\n" } }, "requiredInputs": [ "sourceName" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomLogSource resources.\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/CustomLogSourceAttribute:CustomLogSourceAttribute" }, "description": "The attributes of a third-party custom source.\n" }, "configuration": { "$ref": "#/types/aws:securitylake/CustomLogSourceConfiguration:CustomLogSourceConfiguration", "description": "The configuration for the third-party custom source.\n" }, "eventClasses": { "type": "array", "items": { "type": "string" }, "description": "The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of data that the custom source will send to Security Lake.\n" }, "providerDetails": { "type": "array", "items": { "$ref": "#/types/aws:securitylake/CustomLogSourceProviderDetail:CustomLogSourceProviderDetail" }, "description": "The details of the log provider for a third-party custom source.\n" }, "sourceName": { "type": "string", "description": "Specify the name for a third-party custom source.\nThis must be a Regionally unique value.\nHas a maximum length of 20.\n" }, "sourceVersion": { "type": "string", "description": "Specify the source version for the third-party custom source, to limit log collection to a specific version of custom data source.\n" } }, "type": "object" } }, "aws:securitylake/dataLake:DataLake": { "description": "Resource for managing an AWS Security Lake Data Lake.\n\n\u003e **NOTE:** The underlying `aws.securitylake.DataLake` must be configured before creating other Security Lake resources. Use a `depends_on` statement.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.DataLake(\"example\", {\n metaStoreManagerRoleArn: metaStoreManager.arn,\n configuration: {\n region: \"eu-west-1\",\n encryptionConfigurations: [{\n kmsKeyId: \"S3_MANAGED_KEY\",\n }],\n lifecycleConfiguration: {\n transitions: [\n {\n days: 31,\n storageClass: \"STANDARD_IA\",\n },\n {\n days: 80,\n storageClass: \"ONEZONE_IA\",\n },\n ],\n expiration: {\n days: 300,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.DataLake(\"example\",\n meta_store_manager_role_arn=meta_store_manager[\"arn\"],\n configuration={\n \"region\": \"eu-west-1\",\n \"encryption_configurations\": [{\n \"kms_key_id\": \"S3_MANAGED_KEY\",\n }],\n \"lifecycle_configuration\": {\n \"transitions\": [\n {\n \"days\": 31,\n \"storage_class\": \"STANDARD_IA\",\n },\n {\n \"days\": 80,\n \"storage_class\": \"ONEZONE_IA\",\n },\n ],\n \"expiration\": {\n \"days\": 300,\n },\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.DataLake(\"example\", new()\n {\n MetaStoreManagerRoleArn = metaStoreManager.Arn,\n Configuration = new Aws.SecurityLake.Inputs.DataLakeConfigurationArgs\n {\n Region = \"eu-west-1\",\n EncryptionConfigurations = new[]\n {\n new Aws.SecurityLake.Inputs.DataLakeConfigurationEncryptionConfigurationArgs\n {\n KmsKeyId = \"S3_MANAGED_KEY\",\n },\n },\n LifecycleConfiguration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationArgs\n {\n Transitions = new[]\n {\n new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationTransitionArgs\n {\n Days = 31,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationTransitionArgs\n {\n Days = 80,\n StorageClass = \"ONEZONE_IA\",\n },\n },\n Expiration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationExpirationArgs\n {\n Days = 300,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewDataLake(ctx, \"example\", \u0026securitylake.DataLakeArgs{\n\t\t\tMetaStoreManagerRoleArn: pulumi.Any(metaStoreManager.Arn),\n\t\t\tConfiguration: \u0026securitylake.DataLakeConfigurationArgs{\n\t\t\t\tRegion: pulumi.String(\"eu-west-1\"),\n\t\t\t\tEncryptionConfigurations: securitylake.DataLakeConfigurationEncryptionConfigurationArray{\n\t\t\t\t\t\u0026securitylake.DataLakeConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tKmsKeyId: pulumi.String(\"S3_MANAGED_KEY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLifecycleConfiguration: \u0026securitylake.DataLakeConfigurationLifecycleConfigurationArgs{\n\t\t\t\t\tTransitions: securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArray{\n\t\t\t\t\t\t\u0026securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(31),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(80),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"ONEZONE_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tExpiration: \u0026securitylake.DataLakeConfigurationLifecycleConfigurationExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(300),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.DataLake;\nimport com.pulumi.aws.securitylake.DataLakeArgs;\nimport com.pulumi.aws.securitylake.inputs.DataLakeConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.DataLakeConfigurationLifecycleConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.DataLakeConfigurationLifecycleConfigurationExpirationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataLake(\"example\", DataLakeArgs.builder()\n .metaStoreManagerRoleArn(metaStoreManager.arn())\n .configuration(DataLakeConfigurationArgs.builder()\n .region(\"eu-west-1\")\n .encryptionConfigurations(DataLakeConfigurationEncryptionConfigurationArgs.builder()\n .kmsKeyId(\"S3_MANAGED_KEY\")\n .build())\n .lifecycleConfiguration(DataLakeConfigurationLifecycleConfigurationArgs.builder()\n .transitions( \n DataLakeConfigurationLifecycleConfigurationTransitionArgs.builder()\n .days(31)\n .storageClass(\"STANDARD_IA\")\n .build(),\n DataLakeConfigurationLifecycleConfigurationTransitionArgs.builder()\n .days(80)\n .storageClass(\"ONEZONE_IA\")\n .build())\n .expiration(DataLakeConfigurationLifecycleConfigurationExpirationArgs.builder()\n .days(300)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:DataLake\n properties:\n metaStoreManagerRoleArn: ${metaStoreManager.arn}\n configuration:\n region: eu-west-1\n encryptionConfigurations:\n - kmsKeyId: S3_MANAGED_KEY\n lifecycleConfiguration:\n transitions:\n - days: 31\n storageClass: STANDARD_IA\n - days: 80\n storageClass: ONEZONE_IA\n expiration:\n days: 300\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.DataLake(\"example\", {\n metaStoreManagerRoleArn: metaStoreManager.arn,\n configuration: {\n region: \"eu-west-1\",\n encryptionConfigurations: [{\n kmsKeyId: \"S3_MANAGED_KEY\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.DataLake(\"example\",\n meta_store_manager_role_arn=meta_store_manager[\"arn\"],\n configuration={\n \"region\": \"eu-west-1\",\n \"encryption_configurations\": [{\n \"kms_key_id\": \"S3_MANAGED_KEY\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.DataLake(\"example\", new()\n {\n MetaStoreManagerRoleArn = metaStoreManager.Arn,\n Configuration = new Aws.SecurityLake.Inputs.DataLakeConfigurationArgs\n {\n Region = \"eu-west-1\",\n EncryptionConfigurations = new[]\n {\n new Aws.SecurityLake.Inputs.DataLakeConfigurationEncryptionConfigurationArgs\n {\n KmsKeyId = \"S3_MANAGED_KEY\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewDataLake(ctx, \"example\", \u0026securitylake.DataLakeArgs{\n\t\t\tMetaStoreManagerRoleArn: pulumi.Any(metaStoreManager.Arn),\n\t\t\tConfiguration: \u0026securitylake.DataLakeConfigurationArgs{\n\t\t\t\tRegion: pulumi.String(\"eu-west-1\"),\n\t\t\t\tEncryptionConfigurations: securitylake.DataLakeConfigurationEncryptionConfigurationArray{\n\t\t\t\t\t\u0026securitylake.DataLakeConfigurationEncryptionConfigurationArgs{\n\t\t\t\t\t\tKmsKeyId: pulumi.String(\"S3_MANAGED_KEY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.DataLake;\nimport com.pulumi.aws.securitylake.DataLakeArgs;\nimport com.pulumi.aws.securitylake.inputs.DataLakeConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataLake(\"example\", DataLakeArgs.builder()\n .metaStoreManagerRoleArn(metaStoreManager.arn())\n .configuration(DataLakeConfigurationArgs.builder()\n .region(\"eu-west-1\")\n .encryptionConfigurations(DataLakeConfigurationEncryptionConfigurationArgs.builder()\n .kmsKeyId(\"S3_MANAGED_KEY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:DataLake\n properties:\n metaStoreManagerRoleArn: ${metaStoreManager.arn}\n configuration:\n region: eu-west-1\n encryptionConfigurations:\n - kmsKeyId: S3_MANAGED_KEY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub standards subscriptions using the standards subscription ARN. For example:\n\n```sh\n$ pulumi import aws:securitylake/dataLake:DataLake example arn:aws:securitylake:eu-west-1:123456789012:data-lake/default\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Data Lake.\n" }, "configuration": { "$ref": "#/types/aws:securitylake/DataLakeConfiguration:DataLakeConfiguration", "description": "Specify the Region or Regions that will contribute data to the rollup region.\n" }, "metaStoreManagerRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN for the Amazon Security Lake Amazon S3 bucket.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:securitylake/DataLakeTimeouts:DataLakeTimeouts" } }, "required": [ "arn", "metaStoreManagerRoleArn", "s3BucketArn", "tagsAll" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:securitylake/DataLakeConfiguration:DataLakeConfiguration", "description": "Specify the Region or Regions that will contribute data to the rollup region.\n" }, "metaStoreManagerRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:securitylake/DataLakeTimeouts:DataLakeTimeouts" } }, "requiredInputs": [ "metaStoreManagerRoleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataLake resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Data Lake.\n" }, "configuration": { "$ref": "#/types/aws:securitylake/DataLakeConfiguration:DataLakeConfiguration", "description": "Specify the Region or Regions that will contribute data to the rollup region.\n" }, "metaStoreManagerRoleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN for the Amazon Security Lake Amazon S3 bucket.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:securitylake/DataLakeTimeouts:DataLakeTimeouts" } }, "type": "object" } }, "aws:securitylake/subscriber:Subscriber": { "description": "Resource for managing an AWS Security Lake Subscriber.\n\n\u003e **NOTE:** The underlying `aws.securitylake.DataLake` must be configured before creating the `aws.securitylake.Subscriber`. Use a `depends_on` statement.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.Subscriber(\"example\", {\n subscriberName: \"example-name\",\n accessType: \"S3\",\n source: {\n awsLogSourceResource: {\n sourceName: \"ROUTE53\",\n sourceVersion: \"1.0\",\n },\n },\n subscriberIdentity: {\n externalId: \"example\",\n principal: \"1234567890\",\n },\n}, {\n dependsOn: [exampleAwsSecuritylakeDataLake],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.Subscriber(\"example\",\n subscriber_name=\"example-name\",\n access_type=\"S3\",\n source={\n \"aws_log_source_resource\": {\n \"source_name\": \"ROUTE53\",\n \"source_version\": \"1.0\",\n },\n },\n subscriber_identity={\n \"external_id\": \"example\",\n \"principal\": \"1234567890\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_securitylake_data_lake]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.Subscriber(\"example\", new()\n {\n SubscriberName = \"example-name\",\n AccessType = \"S3\",\n Source = new Aws.SecurityLake.Inputs.SubscriberSourceArgs\n {\n AwsLogSourceResource = new Aws.SecurityLake.Inputs.SubscriberSourceAwsLogSourceResourceArgs\n {\n SourceName = \"ROUTE53\",\n SourceVersion = \"1.0\",\n },\n },\n SubscriberIdentity = new Aws.SecurityLake.Inputs.SubscriberSubscriberIdentityArgs\n {\n ExternalId = \"example\",\n Principal = \"1234567890\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecuritylakeDataLake,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewSubscriber(ctx, \"example\", \u0026securitylake.SubscriberArgs{\n\t\t\tSubscriberName: pulumi.String(\"example-name\"),\n\t\t\tAccessType: pulumi.String(\"S3\"),\n\t\t\tSource: \u0026securitylake.SubscriberSourceArgs{\n\t\t\t\tAwsLogSourceResource: \u0026securitylake.SubscriberSourceAwsLogSourceResourceArgs{\n\t\t\t\t\tSourceName: pulumi.String(\"ROUTE53\"),\n\t\t\t\t\tSourceVersion: pulumi.String(\"1.0\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSubscriberIdentity: \u0026securitylake.SubscriberSubscriberIdentityArgs{\n\t\t\t\tExternalId: pulumi.String(\"example\"),\n\t\t\t\tPrincipal: pulumi.String(\"1234567890\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecuritylakeDataLake,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.Subscriber;\nimport com.pulumi.aws.securitylake.SubscriberArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberSourceArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberSourceAwsLogSourceResourceArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberSubscriberIdentityArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Subscriber(\"example\", SubscriberArgs.builder()\n .subscriberName(\"example-name\")\n .accessType(\"S3\")\n .source(SubscriberSourceArgs.builder()\n .awsLogSourceResource(SubscriberSourceAwsLogSourceResourceArgs.builder()\n .sourceName(\"ROUTE53\")\n .sourceVersion(\"1.0\")\n .build())\n .build())\n .subscriberIdentity(SubscriberSubscriberIdentityArgs.builder()\n .externalId(\"example\")\n .principal(\"1234567890\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecuritylakeDataLake)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:Subscriber\n properties:\n subscriberName: example-name\n accessType: S3\n source:\n awsLogSourceResource:\n sourceName: ROUTE53\n sourceVersion: '1.0'\n subscriberIdentity:\n externalId: example\n principal: '1234567890'\n options:\n dependson:\n - ${exampleAwsSecuritylakeDataLake}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Lake subscriber using the subscriber ID. For example:\n\n```sh\n$ pulumi import aws:securitylake/subscriber:Subscriber example 9f3bfe79-d543-474d-a93c-f3846805d208\n```\n", "properties": { "accessType": { "type": "string", "description": "The Amazon S3 or Lake Formation access type.\n" }, "arn": { "type": "string", "description": "ARN of the Data Lake.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before accepting the RAM resource share invitation, you can view details related to the RAM resource share.\n" }, "resourceShareName": { "type": "string", "description": "The name of the resource share.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the entity putting logs into your custom source partition.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN for the Amazon Security Lake Amazon S3 bucket.\n" }, "source": { "$ref": "#/types/aws:securitylake/SubscriberSource:SubscriberSource", "description": "The supported AWS services from which logs and events are collected. Security Lake supports log and event collection for natively supported AWS services. See `source` Blocks below.\n" }, "subscriberDescription": { "type": "string", "description": "The description for your subscriber account in Security Lake.\n" }, "subscriberEndpoint": { "type": "string", "description": "The subscriber endpoint to which exception messages are posted.\n" }, "subscriberIdentity": { "$ref": "#/types/aws:securitylake/SubscriberSubscriberIdentity:SubscriberSubscriberIdentity", "description": "The AWS identity used to access your data. See `subscriber_identity` Block below.\n" }, "subscriberName": { "type": "string", "description": "The name of your Security Lake subscriber account.\n" }, "subscriberStatus": { "type": "string", "description": "The subscriber status of the Amazon Security Lake subscriber account.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:securitylake/SubscriberTimeouts:SubscriberTimeouts" } }, "required": [ "accessType", "arn", "resourceShareArn", "resourceShareName", "roleArn", "s3BucketArn", "subscriberEndpoint", "subscriberStatus", "tagsAll" ], "inputProperties": { "accessType": { "type": "string", "description": "The Amazon S3 or Lake Formation access type.\n" }, "source": { "$ref": "#/types/aws:securitylake/SubscriberSource:SubscriberSource", "description": "The supported AWS services from which logs and events are collected. Security Lake supports log and event collection for natively supported AWS services. See `source` Blocks below.\n" }, "subscriberDescription": { "type": "string", "description": "The description for your subscriber account in Security Lake.\n" }, "subscriberIdentity": { "$ref": "#/types/aws:securitylake/SubscriberSubscriberIdentity:SubscriberSubscriberIdentity", "description": "The AWS identity used to access your data. See `subscriber_identity` Block below.\n" }, "subscriberName": { "type": "string", "description": "The name of your Security Lake subscriber account.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:securitylake/SubscriberTimeouts:SubscriberTimeouts" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Subscriber resources.\n", "properties": { "accessType": { "type": "string", "description": "The Amazon S3 or Lake Formation access type.\n" }, "arn": { "type": "string", "description": "ARN of the Data Lake.\n" }, "resourceShareArn": { "type": "string", "description": "The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before accepting the RAM resource share invitation, you can view details related to the RAM resource share.\n" }, "resourceShareName": { "type": "string", "description": "The name of the resource share.\n" }, "roleArn": { "type": "string", "description": "The ARN of the IAM role to be used by the entity putting logs into your custom source partition.\n" }, "s3BucketArn": { "type": "string", "description": "The ARN for the Amazon Security Lake Amazon S3 bucket.\n" }, "source": { "$ref": "#/types/aws:securitylake/SubscriberSource:SubscriberSource", "description": "The supported AWS services from which logs and events are collected. Security Lake supports log and event collection for natively supported AWS services. See `source` Blocks below.\n" }, "subscriberDescription": { "type": "string", "description": "The description for your subscriber account in Security Lake.\n" }, "subscriberEndpoint": { "type": "string", "description": "The subscriber endpoint to which exception messages are posted.\n" }, "subscriberIdentity": { "$ref": "#/types/aws:securitylake/SubscriberSubscriberIdentity:SubscriberSubscriberIdentity", "description": "The AWS identity used to access your data. See `subscriber_identity` Block below.\n" }, "subscriberName": { "type": "string", "description": "The name of your Security Lake subscriber account.\n" }, "subscriberStatus": { "type": "string", "description": "The subscriber status of the Amazon Security Lake subscriber account.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:securitylake/SubscriberTimeouts:SubscriberTimeouts" } }, "type": "object" } }, "aws:securitylake/subscriberNotification:SubscriberNotification": { "description": "Resource for managing an AWS Security Lake Subscriber Notification.\n\n## Example Usage\n\n### SQS Notification\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.SubscriberNotification(\"example\", {\n subscriberId: exampleAwsSecuritylakeSubscriber.id,\n configuration: {\n sqsNotificationConfiguration: {},\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.SubscriberNotification(\"example\",\n subscriber_id=example_aws_securitylake_subscriber[\"id\"],\n configuration={\n \"sqs_notification_configuration\": {},\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.SubscriberNotification(\"example\", new()\n {\n SubscriberId = exampleAwsSecuritylakeSubscriber.Id,\n Configuration = new Aws.SecurityLake.Inputs.SubscriberNotificationConfigurationArgs\n {\n SqsNotificationConfiguration = null,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewSubscriberNotification(ctx, \"example\", \u0026securitylake.SubscriberNotificationArgs{\n\t\t\tSubscriberId: pulumi.Any(exampleAwsSecuritylakeSubscriber.Id),\n\t\t\tConfiguration: \u0026securitylake.SubscriberNotificationConfigurationArgs{\n\t\t\t\tSqsNotificationConfiguration: nil,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.SubscriberNotification;\nimport com.pulumi.aws.securitylake.SubscriberNotificationArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberNotificationConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberNotificationConfigurationSqsNotificationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SubscriberNotification(\"example\", SubscriberNotificationArgs.builder()\n .subscriberId(exampleAwsSecuritylakeSubscriber.id())\n .configuration(SubscriberNotificationConfigurationArgs.builder()\n .sqsNotificationConfiguration()\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:SubscriberNotification\n properties:\n subscriberId: ${exampleAwsSecuritylakeSubscriber.id}\n configuration:\n sqsNotificationConfiguration: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTPS Notification\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securitylake.SubscriberNotification(\"example\", {\n subscriberId: exampleAwsSecuritylakeSubscriber.id,\n configuration: {\n httpsNotificationConfiguration: {\n endpoint: test.apiEndpoint,\n targetRoleArn: eventBridge.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securitylake.SubscriberNotification(\"example\",\n subscriber_id=example_aws_securitylake_subscriber[\"id\"],\n configuration={\n \"https_notification_configuration\": {\n \"endpoint\": test[\"apiEndpoint\"],\n \"target_role_arn\": event_bridge[\"arn\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityLake.SubscriberNotification(\"example\", new()\n {\n SubscriberId = exampleAwsSecuritylakeSubscriber.Id,\n Configuration = new Aws.SecurityLake.Inputs.SubscriberNotificationConfigurationArgs\n {\n HttpsNotificationConfiguration = new Aws.SecurityLake.Inputs.SubscriberNotificationConfigurationHttpsNotificationConfigurationArgs\n {\n Endpoint = test.ApiEndpoint,\n TargetRoleArn = eventBridge.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securitylake.NewSubscriberNotification(ctx, \"example\", \u0026securitylake.SubscriberNotificationArgs{\n\t\t\tSubscriberId: pulumi.Any(exampleAwsSecuritylakeSubscriber.Id),\n\t\t\tConfiguration: \u0026securitylake.SubscriberNotificationConfigurationArgs{\n\t\t\t\tHttpsNotificationConfiguration: \u0026securitylake.SubscriberNotificationConfigurationHttpsNotificationConfigurationArgs{\n\t\t\t\t\tEndpoint: pulumi.Any(test.ApiEndpoint),\n\t\t\t\t\tTargetRoleArn: pulumi.Any(eventBridge.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securitylake.SubscriberNotification;\nimport com.pulumi.aws.securitylake.SubscriberNotificationArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberNotificationConfigurationArgs;\nimport com.pulumi.aws.securitylake.inputs.SubscriberNotificationConfigurationHttpsNotificationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SubscriberNotification(\"example\", SubscriberNotificationArgs.builder()\n .subscriberId(exampleAwsSecuritylakeSubscriber.id())\n .configuration(SubscriberNotificationConfigurationArgs.builder()\n .httpsNotificationConfiguration(SubscriberNotificationConfigurationHttpsNotificationConfigurationArgs.builder()\n .endpoint(test.apiEndpoint())\n .targetRoleArn(eventBridge.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securitylake:SubscriberNotification\n properties:\n subscriberId: ${exampleAwsSecuritylakeSubscriber.id}\n configuration:\n httpsNotificationConfiguration:\n endpoint: ${test.apiEndpoint}\n targetRoleArn: ${eventBridge.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "configuration": { "$ref": "#/types/aws:securitylake/SubscriberNotificationConfiguration:SubscriberNotificationConfiguration", "description": "Specify the configuration using which you want to create the subscriber notification..\n" }, "endpointId": { "type": "string", "description": "(**Deprecated**) The subscriber endpoint to which exception messages are posted.\n", "deprecationMessage": "Use subscriber_endpoint instead" }, "subscriberEndpoint": { "type": "string", "description": "The subscriber endpoint to which exception messages are posted.\n" }, "subscriberId": { "type": "string", "description": "The subscriber ID for the notification subscription.\n" } }, "required": [ "endpointId", "subscriberEndpoint", "subscriberId" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:securitylake/SubscriberNotificationConfiguration:SubscriberNotificationConfiguration", "description": "Specify the configuration using which you want to create the subscriber notification..\n" }, "subscriberId": { "type": "string", "description": "The subscriber ID for the notification subscription.\n" } }, "requiredInputs": [ "subscriberId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SubscriberNotification resources.\n", "properties": { "configuration": { "$ref": "#/types/aws:securitylake/SubscriberNotificationConfiguration:SubscriberNotificationConfiguration", "description": "Specify the configuration using which you want to create the subscriber notification..\n" }, "endpointId": { "type": "string", "description": "(**Deprecated**) The subscriber endpoint to which exception messages are posted.\n", "deprecationMessage": "Use subscriber_endpoint instead" }, "subscriberEndpoint": { "type": "string", "description": "The subscriber endpoint to which exception messages are posted.\n" }, "subscriberId": { "type": "string", "description": "The subscriber ID for the notification subscription.\n" } }, "type": "object" } }, "aws:serverlessrepository/cloudFormationStack:CloudFormationStack": { "description": "Deploys an Application CloudFormation Stack from the Serverless Application Repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst postgres_rotator = new aws.serverlessrepository.CloudFormationStack(\"postgres-rotator\", {\n name: \"postgres-rotator\",\n applicationId: \"arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\",\n capabilities: [\n \"CAPABILITY_IAM\",\n \"CAPABILITY_RESOURCE_POLICY\",\n ],\n parameters: {\n functionName: \"func-postgres-rotator\",\n endpoint: Promise.all([currentGetRegion, current]).then(([currentGetRegion, current]) =\u003e `secretsmanager.${currentGetRegion.name}.${current.dnsSuffix}`),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\ncurrent_get_region = aws.get_region()\npostgres_rotator = aws.serverlessrepository.CloudFormationStack(\"postgres-rotator\",\n name=\"postgres-rotator\",\n application_id=\"arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\",\n capabilities=[\n \"CAPABILITY_IAM\",\n \"CAPABILITY_RESOURCE_POLICY\",\n ],\n parameters={\n \"functionName\": \"func-postgres-rotator\",\n \"endpoint\": f\"secretsmanager.{current_get_region.name}.{current.dns_suffix}\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var postgres_rotator = new Aws.ServerlessRepository.CloudFormationStack(\"postgres-rotator\", new()\n {\n Name = \"postgres-rotator\",\n ApplicationId = \"arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\",\n Capabilities = new[]\n {\n \"CAPABILITY_IAM\",\n \"CAPABILITY_RESOURCE_POLICY\",\n },\n Parameters = \n {\n { \"functionName\", \"func-postgres-rotator\" },\n { \"endpoint\", Output.Tuple(currentGetRegion, current).Apply(values =\u003e\n {\n var currentGetRegion = values.Item1;\n var current = values.Item2;\n return $\"secretsmanager.{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}.{current.Apply(getPartitionResult =\u003e getPartitionResult.DnsSuffix)}\";\n }) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/serverlessrepository\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = serverlessrepository.NewCloudFormationStack(ctx, \"postgres-rotator\", \u0026serverlessrepository.CloudFormationStackArgs{\n\t\t\tName: pulumi.String(\"postgres-rotator\"),\n\t\t\tApplicationId: pulumi.String(\"arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\"),\n\t\t\tCapabilities: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CAPABILITY_IAM\"),\n\t\t\t\tpulumi.String(\"CAPABILITY_RESOURCE_POLICY\"),\n\t\t\t},\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"functionName\": pulumi.String(\"func-postgres-rotator\"),\n\t\t\t\t\"endpoint\": pulumi.String(fmt.Sprintf(\"secretsmanager.%v.%v\", currentGetRegion.Name, current.DnsSuffix)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.serverlessrepository.CloudFormationStack;\nimport com.pulumi.aws.serverlessrepository.CloudFormationStackArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var postgres_rotator = new CloudFormationStack(\"postgres-rotator\", CloudFormationStackArgs.builder()\n .name(\"postgres-rotator\")\n .applicationId(\"arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\")\n .capabilities( \n \"CAPABILITY_IAM\",\n \"CAPABILITY_RESOURCE_POLICY\")\n .parameters(Map.ofEntries(\n Map.entry(\"functionName\", \"func-postgres-rotator\"),\n Map.entry(\"endpoint\", String.format(\"secretsmanager.%s.%s\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getPartitionResult -\u003e getPartitionResult.dnsSuffix())))\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n postgres-rotator:\n type: aws:serverlessrepository:CloudFormationStack\n properties:\n name: postgres-rotator\n applicationId: arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser\n capabilities:\n - CAPABILITY_IAM\n - CAPABILITY_RESOURCE_POLICY\n parameters:\n functionName: func-postgres-rotator\n endpoint: secretsmanager.${currentGetRegion.name}.${current.dnsSuffix}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Serverless Application Repository Stack using the CloudFormation Stack name (with or without the `serverlessrepo-` prefix) or the CloudFormation Stack ID. For example:\n\n```sh\n$ pulumi import aws:serverlessrepository/cloudFormationStack:CloudFormationStack example serverlessrepo-postgres-rotator\n```\n", "properties": { "applicationId": { "type": "string", "description": "The ARN of the application from the Serverless Application Repository.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values are `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_RESOURCE_POLICY`, or `CAPABILITY_AUTO_EXPAND`\n" }, "name": { "type": "string", "description": "The name of the stack to create. The resource deployed in AWS will be prefixed with `serverlessrepo-`\n" }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "semanticVersion": { "type": "string", "description": "The version of the application to deploy. If not supplied, deploys the latest version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationId", "capabilities", "name", "outputs", "parameters", "semanticVersion", "tagsAll" ], "inputProperties": { "applicationId": { "type": "string", "description": "The ARN of the application from the Serverless Application Repository.\n", "willReplaceOnChanges": true }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values are `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_RESOURCE_POLICY`, or `CAPABILITY_AUTO_EXPAND`\n" }, "name": { "type": "string", "description": "The name of the stack to create. The resource deployed in AWS will be prefixed with `serverlessrepo-`\n", "willReplaceOnChanges": true }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "semanticVersion": { "type": "string", "description": "The version of the application to deploy. If not supplied, deploys the latest version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "applicationId", "capabilities" ], "stateInputs": { "description": "Input properties used for looking up and filtering CloudFormationStack resources.\n", "properties": { "applicationId": { "type": "string", "description": "The ARN of the application from the Serverless Application Repository.\n", "willReplaceOnChanges": true }, "capabilities": { "type": "array", "items": { "type": "string" }, "description": "A list of capabilities. Valid values are `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_RESOURCE_POLICY`, or `CAPABILITY_AUTO_EXPAND`\n" }, "name": { "type": "string", "description": "The name of the stack to create. The resource deployed in AWS will be prefixed with `serverlessrepo-`\n", "willReplaceOnChanges": true }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of outputs from the stack.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Parameter structures that specify input parameters for the stack.\n" }, "semanticVersion": { "type": "string", "description": "The version of the application to deploy. If not supplied, deploys the latest version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags to associate with this stack. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:servicecatalog/appregistryApplication:AppregistryApplication": { "description": "Resource for managing an AWS Service Catalog AppRegistry Application.\n\n\u003e An AWS Service Catalog AppRegistry Application is displayed in the AWS Console under \"MyApplications\".\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.AppregistryApplication(\"example\", {name: \"example-app\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.AppregistryApplication(\"example\", name=\"example-app\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.AppregistryApplication(\"example\", new()\n {\n Name = \"example-app\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewAppregistryApplication(ctx, \"example\", \u0026servicecatalog.AppregistryApplicationArgs{\n\t\t\tName: pulumi.String(\"example-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.AppregistryApplication;\nimport com.pulumi.aws.servicecatalog.AppregistryApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppregistryApplication(\"example\", AppregistryApplicationArgs.builder()\n .name(\"example-app\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:AppregistryApplication\n properties:\n name: example-app\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Connecting Resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.AppregistryApplication(\"example\", {name: \"example-app\"});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {\n bucket: \"example-bucket\",\n tags: example.applicationTag,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.AppregistryApplication(\"example\", name=\"example-app\")\nbucket = aws.s3.BucketV2(\"bucket\",\n bucket=\"example-bucket\",\n tags=example.application_tag)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.AppregistryApplication(\"example\", new()\n {\n Name = \"example-app\",\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"example-bucket\",\n Tags = example.ApplicationTag,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := servicecatalog.NewAppregistryApplication(ctx, \"example\", \u0026servicecatalog.AppregistryApplicationArgs{\n\t\t\tName: pulumi.String(\"example-app\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-bucket\"),\n\t\t\tTags: example.ApplicationTag,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.AppregistryApplication;\nimport com.pulumi.aws.servicecatalog.AppregistryApplicationArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AppregistryApplication(\"example\", AppregistryApplicationArgs.builder()\n .name(\"example-app\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"example-bucket\")\n .tags(example.applicationTag())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:AppregistryApplication\n properties:\n name: example-app\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: example-bucket\n tags: ${example.applicationTag}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Service Catalog AppRegistry Application using the `id`. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/appregistryApplication:AppregistryApplication example application-id-12345678\n```\n", "properties": { "applicationTag": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map with a single tag key-value pair used to associate resources with the application. This attribute can be passed directly into the `tags` argument of another resource, or merged into a map of existing tags.\n" }, "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the application.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "name": { "type": "string", "description": "Name of the application. The name must be unique within an AWS region.\n\nThe following arguments are optional:\n" } }, "required": [ "applicationTag", "arn", "name" ], "inputProperties": { "description": { "type": "string", "description": "Description of the application.\n" }, "name": { "type": "string", "description": "Name of the application. The name must be unique within an AWS region.\n\nThe following arguments are optional:\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering AppregistryApplication resources.\n", "properties": { "applicationTag": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map with a single tag key-value pair used to associate resources with the application. This attribute can be passed directly into the `tags` argument of another resource, or merged into a map of existing tags.\n" }, "arn": { "type": "string", "description": "ARN (Amazon Resource Name) of the application.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "name": { "type": "string", "description": "Name of the application. The name must be unique within an AWS region.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:servicecatalog/budgetResourceAssociation:BudgetResourceAssociation": { "description": "Manages a Service Catalog Budget Resource Association.\n\n\u003e **Tip:** A \"resource\" is either a Service Catalog portfolio or product.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.BudgetResourceAssociation(\"example\", {\n budgetName: \"budget-pjtvyakdlyo3m\",\n resourceId: \"prod-dnigbtea24ste\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.BudgetResourceAssociation(\"example\",\n budget_name=\"budget-pjtvyakdlyo3m\",\n resource_id=\"prod-dnigbtea24ste\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.BudgetResourceAssociation(\"example\", new()\n {\n BudgetName = \"budget-pjtvyakdlyo3m\",\n ResourceId = \"prod-dnigbtea24ste\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewBudgetResourceAssociation(ctx, \"example\", \u0026servicecatalog.BudgetResourceAssociationArgs{\n\t\t\tBudgetName: pulumi.String(\"budget-pjtvyakdlyo3m\"),\n\t\t\tResourceId: pulumi.String(\"prod-dnigbtea24ste\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.BudgetResourceAssociation;\nimport com.pulumi.aws.servicecatalog.BudgetResourceAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BudgetResourceAssociation(\"example\", BudgetResourceAssociationArgs.builder()\n .budgetName(\"budget-pjtvyakdlyo3m\")\n .resourceId(\"prod-dnigbtea24ste\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:BudgetResourceAssociation\n properties:\n budgetName: budget-pjtvyakdlyo3m\n resourceId: prod-dnigbtea24ste\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_budget_resource_association` using the budget name and resource ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/budgetResourceAssociation:BudgetResourceAssociation example budget-pjtvyakdlyo3m:prod-dnigbtea24ste\n```\n", "properties": { "budgetName": { "type": "string", "description": "Budget name.\n" }, "resourceId": { "type": "string", "description": "Resource identifier.\n" } }, "required": [ "budgetName", "resourceId" ], "inputProperties": { "budgetName": { "type": "string", "description": "Budget name.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "Resource identifier.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "budgetName", "resourceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering BudgetResourceAssociation resources.\n", "properties": { "budgetName": { "type": "string", "description": "Budget name.\n", "willReplaceOnChanges": true }, "resourceId": { "type": "string", "description": "Resource identifier.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/constraint:Constraint": { "description": "Manages a Service Catalog Constraint.\n\n\u003e **NOTE:** This resource does not associate a Service Catalog product and portfolio. However, the product and portfolio must be associated (see the `aws.servicecatalog.ProductPortfolioAssociation` resource) prior to creating a constraint or you will receive an error.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.Constraint(\"example\", {\n description: \"Back off, man. I'm a scientist.\",\n portfolioId: exampleAwsServicecatalogPortfolio.id,\n productId: exampleAwsServicecatalogProduct.id,\n type: \"LAUNCH\",\n parameters: JSON.stringify({\n RoleArn: \"arn:aws:iam::123456789012:role/LaunchRole\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.Constraint(\"example\",\n description=\"Back off, man. I'm a scientist.\",\n portfolio_id=example_aws_servicecatalog_portfolio[\"id\"],\n product_id=example_aws_servicecatalog_product[\"id\"],\n type=\"LAUNCH\",\n parameters=json.dumps({\n \"RoleArn\": \"arn:aws:iam::123456789012:role/LaunchRole\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.Constraint(\"example\", new()\n {\n Description = \"Back off, man. I'm a scientist.\",\n PortfolioId = exampleAwsServicecatalogPortfolio.Id,\n ProductId = exampleAwsServicecatalogProduct.Id,\n Type = \"LAUNCH\",\n Parameters = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"RoleArn\"] = \"arn:aws:iam::123456789012:role/LaunchRole\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"RoleArn\": \"arn:aws:iam::123456789012:role/LaunchRole\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = servicecatalog.NewConstraint(ctx, \"example\", \u0026servicecatalog.ConstraintArgs{\n\t\t\tDescription: pulumi.String(\"Back off, man. I'm a scientist.\"),\n\t\t\tPortfolioId: pulumi.Any(exampleAwsServicecatalogPortfolio.Id),\n\t\t\tProductId: pulumi.Any(exampleAwsServicecatalogProduct.Id),\n\t\t\tType: pulumi.String(\"LAUNCH\"),\n\t\t\tParameters: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.Constraint;\nimport com.pulumi.aws.servicecatalog.ConstraintArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Constraint(\"example\", ConstraintArgs.builder()\n .description(\"Back off, man. I'm a scientist.\")\n .portfolioId(exampleAwsServicecatalogPortfolio.id())\n .productId(exampleAwsServicecatalogProduct.id())\n .type(\"LAUNCH\")\n .parameters(serializeJson(\n jsonObject(\n jsonProperty(\"RoleArn\", \"arn:aws:iam::123456789012:role/LaunchRole\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:Constraint\n properties:\n description: Back off, man. I'm a scientist.\n portfolioId: ${exampleAwsServicecatalogPortfolio.id}\n productId: ${exampleAwsServicecatalogProduct.id}\n type: LAUNCH\n parameters:\n fn::toJSON:\n RoleArn: arn:aws:iam::123456789012:role/LaunchRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_constraint` using the constraint ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/constraint:Constraint example cons-nmdkb6cgxfcrs\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "description": { "type": "string", "description": "Description of the constraint.\n" }, "owner": { "type": "string", "description": "Owner of the constraint.\n" }, "parameters": { "type": "string", "description": "Constraint parameters in JSON format. The syntax depends on the constraint type. See details below.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n" }, "productId": { "type": "string", "description": "Product identifier.\n" }, "status": { "type": "string" }, "type": { "type": "string", "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `RESOURCE_UPDATE`, `STACKSET`, and `TEMPLATE`.\n\nThe following arguments are optional:\n" } }, "required": [ "description", "owner", "parameters", "portfolioId", "productId", "status", "type" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "description": { "type": "string", "description": "Description of the constraint.\n" }, "parameters": { "type": "string", "description": "Constraint parameters in JSON format. The syntax depends on the constraint type. See details below.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "productId": { "type": "string", "description": "Product identifier.\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `RESOURCE_UPDATE`, `STACKSET`, and `TEMPLATE`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "parameters", "portfolioId", "productId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Constraint resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "description": { "type": "string", "description": "Description of the constraint.\n" }, "owner": { "type": "string", "description": "Owner of the constraint.\n" }, "parameters": { "type": "string", "description": "Constraint parameters in JSON format. The syntax depends on the constraint type. See details below.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "productId": { "type": "string", "description": "Product identifier.\n", "willReplaceOnChanges": true }, "status": { "type": "string" }, "type": { "type": "string", "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `RESOURCE_UPDATE`, `STACKSET`, and `TEMPLATE`.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/organizationsAccess:OrganizationsAccess": { "description": "Manages Service Catalog AWS Organizations Access, a portfolio sharing feature through AWS Organizations. This allows Service Catalog to receive updates on your organization in order to sync your shares with the current structure. This resource will prompt AWS to set `organizations:EnableAWSServiceAccess` on your behalf so that your shares can be in sync with any changes in your AWS Organizations structure.\n\n\u003e **NOTE:** This resource can only be used by the management account in the organization. In other words, a delegated administrator is not authorized to use the resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.OrganizationsAccess(\"example\", {enabled: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.OrganizationsAccess(\"example\", enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.OrganizationsAccess(\"example\", new()\n {\n Enabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewOrganizationsAccess(ctx, \"example\", \u0026servicecatalog.OrganizationsAccessArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.OrganizationsAccess;\nimport com.pulumi.aws.servicecatalog.OrganizationsAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationsAccess(\"example\", OrganizationsAccessArgs.builder()\n .enabled(\"true\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:OrganizationsAccess\n properties:\n enabled: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable AWS Organizations access.\n" } }, "required": [ "enabled" ], "inputProperties": { "enabled": { "type": "boolean", "description": "Whether to enable AWS Organizations access.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "enabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering OrganizationsAccess resources.\n", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable AWS Organizations access.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/portfolio:Portfolio": { "description": "Provides a resource to create a Service Catalog Portfolio.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst portfolio = new aws.servicecatalog.Portfolio(\"portfolio\", {\n name: \"My App Portfolio\",\n description: \"List of my organizations apps\",\n providerName: \"Brett\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nportfolio = aws.servicecatalog.Portfolio(\"portfolio\",\n name=\"My App Portfolio\",\n description=\"List of my organizations apps\",\n provider_name=\"Brett\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var portfolio = new Aws.ServiceCatalog.Portfolio(\"portfolio\", new()\n {\n Name = \"My App Portfolio\",\n Description = \"List of my organizations apps\",\n ProviderName = \"Brett\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewPortfolio(ctx, \"portfolio\", \u0026servicecatalog.PortfolioArgs{\n\t\t\tName: pulumi.String(\"My App Portfolio\"),\n\t\t\tDescription: pulumi.String(\"List of my organizations apps\"),\n\t\t\tProviderName: pulumi.String(\"Brett\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.Portfolio;\nimport com.pulumi.aws.servicecatalog.PortfolioArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var portfolio = new Portfolio(\"portfolio\", PortfolioArgs.builder()\n .name(\"My App Portfolio\")\n .description(\"List of my organizations apps\")\n .providerName(\"Brett\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n portfolio:\n type: aws:servicecatalog:Portfolio\n properties:\n name: My App Portfolio\n description: List of my organizations apps\n providerName: Brett\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Catalog Portfolios using the Service Catalog Portfolio `id`. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/portfolio:Portfolio testfolio port-12344321\n```\n", "properties": { "arn": { "type": "string" }, "createdTime": { "type": "string" }, "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdTime", "description", "name", "providerName", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "providerName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Portfolio resources.\n", "properties": { "arn": { "type": "string" }, "createdTime": { "type": "string" }, "description": { "type": "string", "description": "Description of the portfolio\n" }, "name": { "type": "string", "description": "The name of the portfolio.\n" }, "providerName": { "type": "string", "description": "Name of the person or organization who owns the portfolio.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the connection. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:servicecatalog/portfolioShare:PortfolioShare": { "description": "Manages a Service Catalog Portfolio Share. Shares the specified portfolio with the specified account or organization node. You can share portfolios to an organization, an organizational unit, or a specific account.\n\nIf the portfolio share with the specified account or organization node already exists, using this resource to re-create the share will have no effect and will not return an error. You can then use this resource to update the share.\n\n\u003e **NOTE:** Shares to an organization node can only be created by the management account of an organization or by a delegated administrator. If a delegated admin is de-registered, they can no longer create portfolio shares.\n\n\u003e **NOTE:** AWSOrganizationsAccess must be enabled in order to create a portfolio share to an organization node.\n\n\u003e **NOTE:** You can't share a shared resource, including portfolios that contain a shared product.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.PortfolioShare(\"example\", {\n principalId: \"012128675309\",\n portfolioId: exampleAwsServicecatalogPortfolio.id,\n type: \"ACCOUNT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.PortfolioShare(\"example\",\n principal_id=\"012128675309\",\n portfolio_id=example_aws_servicecatalog_portfolio[\"id\"],\n type=\"ACCOUNT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.PortfolioShare(\"example\", new()\n {\n PrincipalId = \"012128675309\",\n PortfolioId = exampleAwsServicecatalogPortfolio.Id,\n Type = \"ACCOUNT\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewPortfolioShare(ctx, \"example\", \u0026servicecatalog.PortfolioShareArgs{\n\t\t\tPrincipalId: pulumi.String(\"012128675309\"),\n\t\t\tPortfolioId: pulumi.Any(exampleAwsServicecatalogPortfolio.Id),\n\t\t\tType: pulumi.String(\"ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.PortfolioShare;\nimport com.pulumi.aws.servicecatalog.PortfolioShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PortfolioShare(\"example\", PortfolioShareArgs.builder()\n .principalId(\"012128675309\")\n .portfolioId(exampleAwsServicecatalogPortfolio.id())\n .type(\"ACCOUNT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:PortfolioShare\n properties:\n principalId: '012128675309'\n portfolioId: ${exampleAwsServicecatalogPortfolio.id}\n type: ACCOUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_portfolio_share` using the portfolio share ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/portfolioShare:PortfolioShare example port-12344321:ACCOUNT:123456789012\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "accepted": { "type": "boolean", "description": "Whether the shared portfolio is imported by the recipient account. If the recipient is organizational, the share is automatically imported, and the field is always set to true.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n" }, "principalId": { "type": "string", "description": "Identifier of the principal with whom you will share the portfolio. Valid values AWS account IDs and ARNs of AWS Organizations and organizational units.\n" }, "sharePrincipals": { "type": "boolean", "description": "Enables or disables Principal sharing when creating the portfolio share. If this flag is not provided, principal sharing is disabled.\n" }, "shareTagOptions": { "type": "boolean", "description": "Whether to enable sharing of `aws.servicecatalog.TagOption` resources when creating the portfolio share.\n" }, "type": { "type": "string", "description": "Type of portfolio share. Valid values are `ACCOUNT` (an external account), `ORGANIZATION` (a share to every account in an organization), `ORGANIZATIONAL_UNIT`, `ORGANIZATION_MEMBER_ACCOUNT` (a share to an account in an organization).\n\nThe following arguments are optional:\n" }, "waitForAcceptance": { "type": "boolean", "description": "Whether to wait (up to the timeout) for the share to be accepted. Organizational shares are automatically accepted.\n" } }, "required": [ "accepted", "portfolioId", "principalId", "type" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "principalId": { "type": "string", "description": "Identifier of the principal with whom you will share the portfolio. Valid values AWS account IDs and ARNs of AWS Organizations and organizational units.\n", "willReplaceOnChanges": true }, "sharePrincipals": { "type": "boolean", "description": "Enables or disables Principal sharing when creating the portfolio share. If this flag is not provided, principal sharing is disabled.\n" }, "shareTagOptions": { "type": "boolean", "description": "Whether to enable sharing of `aws.servicecatalog.TagOption` resources when creating the portfolio share.\n" }, "type": { "type": "string", "description": "Type of portfolio share. Valid values are `ACCOUNT` (an external account), `ORGANIZATION` (a share to every account in an organization), `ORGANIZATIONAL_UNIT`, `ORGANIZATION_MEMBER_ACCOUNT` (a share to an account in an organization).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "waitForAcceptance": { "type": "boolean", "description": "Whether to wait (up to the timeout) for the share to be accepted. Organizational shares are automatically accepted.\n" } }, "requiredInputs": [ "portfolioId", "principalId", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering PortfolioShare resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "accepted": { "type": "boolean", "description": "Whether the shared portfolio is imported by the recipient account. If the recipient is organizational, the share is automatically imported, and the field is always set to true.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "principalId": { "type": "string", "description": "Identifier of the principal with whom you will share the portfolio. Valid values AWS account IDs and ARNs of AWS Organizations and organizational units.\n", "willReplaceOnChanges": true }, "sharePrincipals": { "type": "boolean", "description": "Enables or disables Principal sharing when creating the portfolio share. If this flag is not provided, principal sharing is disabled.\n" }, "shareTagOptions": { "type": "boolean", "description": "Whether to enable sharing of `aws.servicecatalog.TagOption` resources when creating the portfolio share.\n" }, "type": { "type": "string", "description": "Type of portfolio share. Valid values are `ACCOUNT` (an external account), `ORGANIZATION` (a share to every account in an organization), `ORGANIZATIONAL_UNIT`, `ORGANIZATION_MEMBER_ACCOUNT` (a share to an account in an organization).\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "waitForAcceptance": { "type": "boolean", "description": "Whether to wait (up to the timeout) for the share to be accepted. Organizational shares are automatically accepted.\n" } }, "type": "object" } }, "aws:servicecatalog/principalPortfolioAssociation:PrincipalPortfolioAssociation": { "description": "Manages a Service Catalog Principal Portfolio Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.PrincipalPortfolioAssociation(\"example\", {\n portfolioId: \"port-68656c6c6f\",\n principalArn: \"arn:aws:iam::123456789012:user/Eleanor\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.PrincipalPortfolioAssociation(\"example\",\n portfolio_id=\"port-68656c6c6f\",\n principal_arn=\"arn:aws:iam::123456789012:user/Eleanor\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.PrincipalPortfolioAssociation(\"example\", new()\n {\n PortfolioId = \"port-68656c6c6f\",\n PrincipalArn = \"arn:aws:iam::123456789012:user/Eleanor\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewPrincipalPortfolioAssociation(ctx, \"example\", \u0026servicecatalog.PrincipalPortfolioAssociationArgs{\n\t\t\tPortfolioId: pulumi.String(\"port-68656c6c6f\"),\n\t\t\tPrincipalArn: pulumi.String(\"arn:aws:iam::123456789012:user/Eleanor\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.PrincipalPortfolioAssociation;\nimport com.pulumi.aws.servicecatalog.PrincipalPortfolioAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PrincipalPortfolioAssociation(\"example\", PrincipalPortfolioAssociationArgs.builder()\n .portfolioId(\"port-68656c6c6f\")\n .principalArn(\"arn:aws:iam::123456789012:user/Eleanor\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:PrincipalPortfolioAssociation\n properties:\n portfolioId: port-68656c6c6f\n principalArn: arn:aws:iam::123456789012:user/Eleanor\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_principal_portfolio_association` using `accept_language`, `principal_arn`, `portfolio_id`, and `principal_type` separated by a comma. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/principalPortfolioAssociation:PrincipalPortfolioAssociation example en,arn:aws:iam::123456789012:user/Eleanor,port-68656c6c6f,IAM\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n" }, "principalArn": { "type": "string", "description": "Principal ARN.\n\nThe following arguments are optional:\n" }, "principalType": { "type": "string", "description": "Principal type. Setting this argument empty (e.g., `principal_type = \"\"`) will result in an error. Valid values are `IAM` and `IAM_PATTERN`. Default is `IAM`.\n" } }, "required": [ "portfolioId", "principalArn" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n", "willReplaceOnChanges": true }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "principalArn": { "type": "string", "description": "Principal ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "principalType": { "type": "string", "description": "Principal type. Setting this argument empty (e.g., `principal_type = \"\"`) will result in an error. Valid values are `IAM` and `IAM_PATTERN`. Default is `IAM`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "portfolioId", "principalArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrincipalPortfolioAssociation resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n", "willReplaceOnChanges": true }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "principalArn": { "type": "string", "description": "Principal ARN.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "principalType": { "type": "string", "description": "Principal type. Setting this argument empty (e.g., `principal_type = \"\"`) will result in an error. Valid values are `IAM` and `IAM_PATTERN`. Default is `IAM`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/product:Product": { "description": "Manages a Service Catalog Product.\n\n\u003e **NOTE:** The user or role that uses this resources must have the `cloudformation:GetTemplate` IAM policy permission. This policy permission is required when using the `template_physical_id` argument.\n\n\u003e A \"provisioning artifact\" is also referred to as a \"version.\" A \"distributor\" is also referred to as a \"vendor.\"\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.Product(\"example\", {\n name: \"example\",\n owner: \"example-owner\",\n type: \"CLOUD_FORMATION_TEMPLATE\",\n provisioningArtifactParameters: {\n templateUrl: \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\",\n },\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.Product(\"example\",\n name=\"example\",\n owner=\"example-owner\",\n type=\"CLOUD_FORMATION_TEMPLATE\",\n provisioning_artifact_parameters={\n \"template_url\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\",\n },\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.Product(\"example\", new()\n {\n Name = \"example\",\n Owner = \"example-owner\",\n Type = \"CLOUD_FORMATION_TEMPLATE\",\n ProvisioningArtifactParameters = new Aws.ServiceCatalog.Inputs.ProductProvisioningArtifactParametersArgs\n {\n TemplateUrl = \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\",\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewProduct(ctx, \"example\", \u0026servicecatalog.ProductArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tOwner: pulumi.String(\"example-owner\"),\n\t\t\tType: pulumi.String(\"CLOUD_FORMATION_TEMPLATE\"),\n\t\t\tProvisioningArtifactParameters: \u0026servicecatalog.ProductProvisioningArtifactParametersArgs{\n\t\t\t\tTemplateUrl: pulumi.String(\"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.Product;\nimport com.pulumi.aws.servicecatalog.ProductArgs;\nimport com.pulumi.aws.servicecatalog.inputs.ProductProvisioningArtifactParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Product(\"example\", ProductArgs.builder()\n .name(\"example\")\n .owner(\"example-owner\")\n .type(\"CLOUD_FORMATION_TEMPLATE\")\n .provisioningArtifactParameters(ProductProvisioningArtifactParametersArgs.builder()\n .templateUrl(\"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\")\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:Product\n properties:\n name: example\n owner: example-owner\n type: CLOUD_FORMATION_TEMPLATE\n provisioningArtifactParameters:\n templateUrl: https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/temp1.json\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_product` using the product ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/product:Product example prod-dnigbtea24ste\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "arn": { "type": "string", "description": "ARN of the product.\n" }, "createdTime": { "type": "string", "description": "Time when the product was created.\n" }, "description": { "type": "string", "description": "Description of the product.\n" }, "distributor": { "type": "string", "description": "Distributor (i.e., vendor) of the product.\n" }, "hasDefaultPath": { "type": "boolean", "description": "Whether the product has a default path. If the product does not have a default path, call `ListLaunchPaths` to disambiguate between paths. Otherwise, `ListLaunchPaths` is not required, and the output of ProductViewSummary can be used directly with `DescribeProvisioningParameters`.\n" }, "name": { "type": "string", "description": "Name of the product.\n" }, "owner": { "type": "string", "description": "Owner of the product.\n" }, "provisioningArtifactParameters": { "$ref": "#/types/aws:servicecatalog/ProductProvisioningArtifactParameters:ProductProvisioningArtifactParameters", "description": "Configuration block for provisioning artifact (i.e., version) parameters. See `provisioning_artifact_parameters` Block for details.\n" }, "status": { "type": "string", "description": "Status of the product.\n" }, "supportDescription": { "type": "string", "description": "Support information about the product.\n" }, "supportEmail": { "type": "string", "description": "Contact email for product support.\n" }, "supportUrl": { "type": "string", "description": "Contact URL for product support.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of product. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProduct.html#API_CreateProduct_RequestSyntax) for valid list of values.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "createdTime", "description", "distributor", "hasDefaultPath", "name", "owner", "provisioningArtifactParameters", "status", "supportDescription", "supportEmail", "supportUrl", "tagsAll", "type" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "description": { "type": "string", "description": "Description of the product.\n" }, "distributor": { "type": "string", "description": "Distributor (i.e., vendor) of the product.\n" }, "name": { "type": "string", "description": "Name of the product.\n" }, "owner": { "type": "string", "description": "Owner of the product.\n" }, "provisioningArtifactParameters": { "$ref": "#/types/aws:servicecatalog/ProductProvisioningArtifactParameters:ProductProvisioningArtifactParameters", "description": "Configuration block for provisioning artifact (i.e., version) parameters. See `provisioning_artifact_parameters` Block for details.\n", "willReplaceOnChanges": true }, "supportDescription": { "type": "string", "description": "Support information about the product.\n" }, "supportEmail": { "type": "string", "description": "Contact email for product support.\n" }, "supportUrl": { "type": "string", "description": "Contact URL for product support.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "Type of product. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProduct.html#API_CreateProduct_RequestSyntax) for valid list of values.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "owner", "provisioningArtifactParameters", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Product resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "arn": { "type": "string", "description": "ARN of the product.\n" }, "createdTime": { "type": "string", "description": "Time when the product was created.\n" }, "description": { "type": "string", "description": "Description of the product.\n" }, "distributor": { "type": "string", "description": "Distributor (i.e., vendor) of the product.\n" }, "hasDefaultPath": { "type": "boolean", "description": "Whether the product has a default path. If the product does not have a default path, call `ListLaunchPaths` to disambiguate between paths. Otherwise, `ListLaunchPaths` is not required, and the output of ProductViewSummary can be used directly with `DescribeProvisioningParameters`.\n" }, "name": { "type": "string", "description": "Name of the product.\n" }, "owner": { "type": "string", "description": "Owner of the product.\n" }, "provisioningArtifactParameters": { "$ref": "#/types/aws:servicecatalog/ProductProvisioningArtifactParameters:ProductProvisioningArtifactParameters", "description": "Configuration block for provisioning artifact (i.e., version) parameters. See `provisioning_artifact_parameters` Block for details.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the product.\n" }, "supportDescription": { "type": "string", "description": "Support information about the product.\n" }, "supportEmail": { "type": "string", "description": "Contact email for product support.\n" }, "supportUrl": { "type": "string", "description": "Contact URL for product support.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of product. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProduct.html#API_CreateProduct_RequestSyntax) for valid list of values.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:servicecatalog/productPortfolioAssociation:ProductPortfolioAssociation": { "description": "Manages a Service Catalog Product Portfolio Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.ProductPortfolioAssociation(\"example\", {\n portfolioId: \"port-68656c6c6f\",\n productId: \"prod-dnigbtea24ste\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.ProductPortfolioAssociation(\"example\",\n portfolio_id=\"port-68656c6c6f\",\n product_id=\"prod-dnigbtea24ste\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.ProductPortfolioAssociation(\"example\", new()\n {\n PortfolioId = \"port-68656c6c6f\",\n ProductId = \"prod-dnigbtea24ste\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewProductPortfolioAssociation(ctx, \"example\", \u0026servicecatalog.ProductPortfolioAssociationArgs{\n\t\t\tPortfolioId: pulumi.String(\"port-68656c6c6f\"),\n\t\t\tProductId: pulumi.String(\"prod-dnigbtea24ste\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ProductPortfolioAssociation;\nimport com.pulumi.aws.servicecatalog.ProductPortfolioAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProductPortfolioAssociation(\"example\", ProductPortfolioAssociationArgs.builder()\n .portfolioId(\"port-68656c6c6f\")\n .productId(\"prod-dnigbtea24ste\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:ProductPortfolioAssociation\n properties:\n portfolioId: port-68656c6c6f\n productId: prod-dnigbtea24ste\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_product_portfolio_association` using the accept language, portfolio ID, and product ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/productPortfolioAssociation:ProductPortfolioAssociation example en:port-68656c6c6f:prod-dnigbtea24ste\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n" }, "productId": { "type": "string", "description": "Product identifier.\n\nThe following arguments are optional:\n" }, "sourcePortfolioId": { "type": "string", "description": "Identifier of the source portfolio.\n" } }, "required": [ "portfolioId", "productId" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n", "willReplaceOnChanges": true }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "productId": { "type": "string", "description": "Product identifier.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "sourcePortfolioId": { "type": "string", "description": "Identifier of the source portfolio.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "portfolioId", "productId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProductPortfolioAssociation resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n", "willReplaceOnChanges": true }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n", "willReplaceOnChanges": true }, "productId": { "type": "string", "description": "Product identifier.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "sourcePortfolioId": { "type": "string", "description": "Identifier of the source portfolio.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/provisionedProduct:ProvisionedProduct": { "description": "This resource provisions and manages a Service Catalog provisioned product.\n\nA provisioned product is a resourced instance of a product. For example, provisioning a product based on a CloudFormation template launches a CloudFormation stack and its underlying resources.\n\nLike this resource, the `aws_servicecatalog_record` data source also provides information about a provisioned product. Although a Service Catalog record provides some overlapping information with this resource, a record is tied to a provisioned product event, such as provisioning, termination, and updating.\n\n\u003e **Tip:** If you include conflicted keys as tags, AWS will report an error, \"Parameter validation failed: Missing required parameter in Tags[N]:Value\".\n\n\u003e **Tip:** A \"provisioning artifact\" is also referred to as a \"version.\" A \"distributor\" is also referred to as a \"vendor.\"\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.ProvisionedProduct(\"example\", {\n name: \"example\",\n productName: \"Example product\",\n provisioningArtifactName: \"Example version\",\n provisioningParameters: [{\n key: \"foo\",\n value: \"bar\",\n }],\n tags: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.ProvisionedProduct(\"example\",\n name=\"example\",\n product_name=\"Example product\",\n provisioning_artifact_name=\"Example version\",\n provisioning_parameters=[{\n \"key\": \"foo\",\n \"value\": \"bar\",\n }],\n tags={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.ProvisionedProduct(\"example\", new()\n {\n Name = \"example\",\n ProductName = \"Example product\",\n ProvisioningArtifactName = \"Example version\",\n ProvisioningParameters = new[]\n {\n new Aws.ServiceCatalog.Inputs.ProvisionedProductProvisioningParameterArgs\n {\n Key = \"foo\",\n Value = \"bar\",\n },\n },\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewProvisionedProduct(ctx, \"example\", \u0026servicecatalog.ProvisionedProductArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProductName: pulumi.String(\"Example product\"),\n\t\t\tProvisioningArtifactName: pulumi.String(\"Example version\"),\n\t\t\tProvisioningParameters: servicecatalog.ProvisionedProductProvisioningParameterArray{\n\t\t\t\t\u0026servicecatalog.ProvisionedProductProvisioningParameterArgs{\n\t\t\t\t\tKey: pulumi.String(\"foo\"),\n\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ProvisionedProduct;\nimport com.pulumi.aws.servicecatalog.ProvisionedProductArgs;\nimport com.pulumi.aws.servicecatalog.inputs.ProvisionedProductProvisioningParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProvisionedProduct(\"example\", ProvisionedProductArgs.builder()\n .name(\"example\")\n .productName(\"Example product\")\n .provisioningArtifactName(\"Example version\")\n .provisioningParameters(ProvisionedProductProvisioningParameterArgs.builder()\n .key(\"foo\")\n .value(\"bar\")\n .build())\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:ProvisionedProduct\n properties:\n name: example\n productName: Example product\n provisioningArtifactName: Example version\n provisioningParameters:\n - key: foo\n value: bar\n tags:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_provisioned_product` using the provisioned product ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/provisionedProduct:ProvisionedProduct example pp-dnigbtea24ste\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "arn": { "type": "string", "description": "ARN of the provisioned product.\n" }, "cloudwatchDashboardNames": { "type": "array", "items": { "type": "string" }, "description": "Set of CloudWatch dashboards that were created when provisioning the product.\n" }, "createdTime": { "type": "string", "description": "Time when the provisioned product was created.\n" }, "ignoreErrors": { "type": "boolean", "description": "_Only applies to deleting._ If set to `true`, AWS Service Catalog stops managing the specified provisioned product even if it cannot delete the underlying resources. The default value is `false`.\n" }, "lastProvisioningRecordId": { "type": "string", "description": "Record identifier of the last request performed on this provisioned product of the following types: `ProvisionedProduct`, `UpdateProvisionedProduct`, `ExecuteProvisionedProductPlan`, `TerminateProvisionedProduct`.\n" }, "lastRecordId": { "type": "string", "description": "Record identifier of the last request performed on this provisioned product.\n" }, "lastSuccessfulProvisioningRecordId": { "type": "string", "description": "Record identifier of the last successful request performed on this provisioned product of the following types: `ProvisionedProduct`, `UpdateProvisionedProduct`, `ExecuteProvisionedProductPlan`, `TerminateProvisionedProduct`.\n" }, "launchRoleArn": { "type": "string", "description": "ARN of the launch role associated with the provisioned product.\n" }, "name": { "type": "string", "description": "User-friendly name of the provisioned product.\n\nThe following arguments are optional:\n" }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "Passed to CloudFormation. The SNS topic ARNs to which to publish stack-related events.\n" }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductOutput:ProvisionedProductOutput" }, "description": "The set of outputs for the product created.\n" }, "pathId": { "type": "string", "description": "Path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use `aws.servicecatalog.getLaunchPaths`. When required, you must provide `path_id` or `path_name`, but not both.\n" }, "pathName": { "type": "string", "description": "Name of the path. You must provide `path_id` or `path_name`, but not both.\n" }, "productId": { "type": "string", "description": "Product identifier. For example, `prod-abcdzk7xy33qa`. You must provide `product_id` or `product_name`, but not both.\n" }, "productName": { "type": "string", "description": "Name of the product. You must provide `product_id` or `product_name`, but not both.\n" }, "provisioningArtifactId": { "type": "string", "description": "Identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne`. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningArtifactName": { "type": "string", "description": "Name of the provisioning artifact. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningParameters": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductProvisioningParameter:ProvisionedProductProvisioningParameter" }, "description": "Configuration block with parameters specified by the administrator that are required for provisioning the product. See `provisioning_parameters` Block for details.\n" }, "retainPhysicalResources": { "type": "boolean", "description": "_Only applies to deleting._ Whether to delete the Service Catalog provisioned product but leave the CloudFormation stack, stack set, or the underlying resources of the deleted provisioned product. The default value is `false`.\n" }, "stackSetProvisioningPreferences": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductStackSetProvisioningPreferences:ProvisionedProductStackSetProvisioningPreferences", "description": "Configuration block with information about the provisioning preferences for a stack set. See `stack_set_provisioning_preferences` Block for details.\n" }, "status": { "type": "string", "description": "Current status of the provisioned product. See meanings below.\n" }, "statusMessage": { "type": "string", "description": "Current status message of the provisioned product.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the provisioned product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of provisioned product. Valid values are `CFN_STACK` and `CFN_STACKSET`.\n" } }, "required": [ "arn", "cloudwatchDashboardNames", "createdTime", "lastProvisioningRecordId", "lastRecordId", "lastSuccessfulProvisioningRecordId", "launchRoleArn", "name", "outputs", "pathId", "productId", "provisioningArtifactId", "status", "statusMessage", "tagsAll", "type" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "ignoreErrors": { "type": "boolean", "description": "_Only applies to deleting._ If set to `true`, AWS Service Catalog stops managing the specified provisioned product even if it cannot delete the underlying resources. The default value is `false`.\n" }, "name": { "type": "string", "description": "User-friendly name of the provisioned product.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "Passed to CloudFormation. The SNS topic ARNs to which to publish stack-related events.\n", "willReplaceOnChanges": true }, "pathId": { "type": "string", "description": "Path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use `aws.servicecatalog.getLaunchPaths`. When required, you must provide `path_id` or `path_name`, but not both.\n" }, "pathName": { "type": "string", "description": "Name of the path. You must provide `path_id` or `path_name`, but not both.\n" }, "productId": { "type": "string", "description": "Product identifier. For example, `prod-abcdzk7xy33qa`. You must provide `product_id` or `product_name`, but not both.\n" }, "productName": { "type": "string", "description": "Name of the product. You must provide `product_id` or `product_name`, but not both.\n" }, "provisioningArtifactId": { "type": "string", "description": "Identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne`. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningArtifactName": { "type": "string", "description": "Name of the provisioning artifact. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningParameters": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductProvisioningParameter:ProvisionedProductProvisioningParameter" }, "description": "Configuration block with parameters specified by the administrator that are required for provisioning the product. See `provisioning_parameters` Block for details.\n" }, "retainPhysicalResources": { "type": "boolean", "description": "_Only applies to deleting._ Whether to delete the Service Catalog provisioned product but leave the CloudFormation stack, stack set, or the underlying resources of the deleted provisioned product. The default value is `false`.\n" }, "stackSetProvisioningPreferences": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductStackSetProvisioningPreferences:ProvisionedProductStackSetProvisioningPreferences", "description": "Configuration block with information about the provisioning preferences for a stack set. See `stack_set_provisioning_preferences` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the provisioned product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ProvisionedProduct resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "arn": { "type": "string", "description": "ARN of the provisioned product.\n" }, "cloudwatchDashboardNames": { "type": "array", "items": { "type": "string" }, "description": "Set of CloudWatch dashboards that were created when provisioning the product.\n" }, "createdTime": { "type": "string", "description": "Time when the provisioned product was created.\n" }, "ignoreErrors": { "type": "boolean", "description": "_Only applies to deleting._ If set to `true`, AWS Service Catalog stops managing the specified provisioned product even if it cannot delete the underlying resources. The default value is `false`.\n" }, "lastProvisioningRecordId": { "type": "string", "description": "Record identifier of the last request performed on this provisioned product of the following types: `ProvisionedProduct`, `UpdateProvisionedProduct`, `ExecuteProvisionedProductPlan`, `TerminateProvisionedProduct`.\n" }, "lastRecordId": { "type": "string", "description": "Record identifier of the last request performed on this provisioned product.\n" }, "lastSuccessfulProvisioningRecordId": { "type": "string", "description": "Record identifier of the last successful request performed on this provisioned product of the following types: `ProvisionedProduct`, `UpdateProvisionedProduct`, `ExecuteProvisionedProductPlan`, `TerminateProvisionedProduct`.\n" }, "launchRoleArn": { "type": "string", "description": "ARN of the launch role associated with the provisioned product.\n" }, "name": { "type": "string", "description": "User-friendly name of the provisioned product.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "notificationArns": { "type": "array", "items": { "type": "string" }, "description": "Passed to CloudFormation. The SNS topic ARNs to which to publish stack-related events.\n", "willReplaceOnChanges": true }, "outputs": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductOutput:ProvisionedProductOutput" }, "description": "The set of outputs for the product created.\n" }, "pathId": { "type": "string", "description": "Path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use `aws.servicecatalog.getLaunchPaths`. When required, you must provide `path_id` or `path_name`, but not both.\n" }, "pathName": { "type": "string", "description": "Name of the path. You must provide `path_id` or `path_name`, but not both.\n" }, "productId": { "type": "string", "description": "Product identifier. For example, `prod-abcdzk7xy33qa`. You must provide `product_id` or `product_name`, but not both.\n" }, "productName": { "type": "string", "description": "Name of the product. You must provide `product_id` or `product_name`, but not both.\n" }, "provisioningArtifactId": { "type": "string", "description": "Identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne`. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningArtifactName": { "type": "string", "description": "Name of the provisioning artifact. You must provide the `provisioning_artifact_id` or `provisioning_artifact_name`, but not both.\n" }, "provisioningParameters": { "type": "array", "items": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductProvisioningParameter:ProvisionedProductProvisioningParameter" }, "description": "Configuration block with parameters specified by the administrator that are required for provisioning the product. See `provisioning_parameters` Block for details.\n" }, "retainPhysicalResources": { "type": "boolean", "description": "_Only applies to deleting._ Whether to delete the Service Catalog provisioned product but leave the CloudFormation stack, stack set, or the underlying resources of the deleted provisioned product. The default value is `false`.\n" }, "stackSetProvisioningPreferences": { "$ref": "#/types/aws:servicecatalog/ProvisionedProductStackSetProvisioningPreferences:ProvisionedProductStackSetProvisioningPreferences", "description": "Configuration block with information about the provisioning preferences for a stack set. See `stack_set_provisioning_preferences` Block for details.\n" }, "status": { "type": "string", "description": "Current status of the provisioned product. See meanings below.\n" }, "statusMessage": { "type": "string", "description": "Current status message of the provisioned product.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to apply to the provisioned product. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "Type of provisioned product. Valid values are `CFN_STACK` and `CFN_STACKSET`.\n" } }, "type": "object" } }, "aws:servicecatalog/provisioningArtifact:ProvisioningArtifact": { "description": "Manages a Service Catalog Provisioning Artifact for a specified product.\n\n\u003e A \"provisioning artifact\" is also referred to as a \"version.\"\n\n\u003e **NOTE:** You cannot create a provisioning artifact for a product that was shared with you.\n\n\u003e **NOTE:** The user or role that use this resource must have the `cloudformation:GetTemplate` IAM policy permission. This policy permission is required when using the `template_physical_id` argument.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.ProvisioningArtifact(\"example\", {\n name: \"example\",\n productId: exampleAwsServicecatalogProduct.id,\n type: \"CLOUD_FORMATION_TEMPLATE\",\n templateUrl: `https://${exampleAwsS3Bucket.bucketRegionalDomainName}/${exampleAwsS3Object.key}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.ProvisioningArtifact(\"example\",\n name=\"example\",\n product_id=example_aws_servicecatalog_product[\"id\"],\n type=\"CLOUD_FORMATION_TEMPLATE\",\n template_url=f\"https://{example_aws_s3_bucket['bucketRegionalDomainName']}/{example_aws_s3_object['key']}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.ProvisioningArtifact(\"example\", new()\n {\n Name = \"example\",\n ProductId = exampleAwsServicecatalogProduct.Id,\n Type = \"CLOUD_FORMATION_TEMPLATE\",\n TemplateUrl = $\"https://{exampleAwsS3Bucket.BucketRegionalDomainName}/{exampleAwsS3Object.Key}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewProvisioningArtifact(ctx, \"example\", \u0026servicecatalog.ProvisioningArtifactArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProductId: pulumi.Any(exampleAwsServicecatalogProduct.Id),\n\t\t\tType: pulumi.String(\"CLOUD_FORMATION_TEMPLATE\"),\n\t\t\tTemplateUrl: pulumi.String(fmt.Sprintf(\"https://%v/%v\", exampleAwsS3Bucket.BucketRegionalDomainName, exampleAwsS3Object.Key)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ProvisioningArtifact;\nimport com.pulumi.aws.servicecatalog.ProvisioningArtifactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProvisioningArtifact(\"example\", ProvisioningArtifactArgs.builder()\n .name(\"example\")\n .productId(exampleAwsServicecatalogProduct.id())\n .type(\"CLOUD_FORMATION_TEMPLATE\")\n .templateUrl(String.format(\"https://%s/%s\", exampleAwsS3Bucket.bucketRegionalDomainName(),exampleAwsS3Object.key()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:ProvisioningArtifact\n properties:\n name: example\n productId: ${exampleAwsServicecatalogProduct.id}\n type: CLOUD_FORMATION_TEMPLATE\n templateUrl: https://${exampleAwsS3Bucket.bucketRegionalDomainName}/${exampleAwsS3Object.key}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_provisioning_artifact` using the provisioning artifact ID and product ID separated by a colon. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/provisioningArtifact:ProvisioningArtifact example pa-ij2b6lusy6dec:prod-el3an0rma3\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). The default value is `en`.\n" }, "active": { "type": "boolean", "description": "Whether the product version is active. Inactive provisioning artifacts are invisible to end users. End users cannot launch or update a provisioned product from an inactive provisioning artifact. Default is `true`.\n" }, "createdTime": { "type": "string", "description": "Time when the provisioning artifact was created.\n" }, "description": { "type": "string", "description": "Description of the provisioning artifact (i.e., version), including how it differs from the previous provisioning artifact.\n" }, "disableTemplateValidation": { "type": "boolean", "description": "Whether AWS Service Catalog stops validating the specified provisioning artifact template even if it is invalid.\n" }, "guidance": { "type": "string", "description": "Information set by the administrator to provide guidance to end users about which provisioning artifacts to use. Valid values are `DEFAULT` and `DEPRECATED`. The default is `DEFAULT`. Users are able to make updates to a provisioned product of a deprecated version but cannot launch new provisioned products using a deprecated version.\n" }, "name": { "type": "string", "description": "Name of the provisioning artifact (for example, `v1`, `v2beta`). No spaces are allowed.\n" }, "productId": { "type": "string", "description": "Identifier of the product.\n" }, "provisioningArtifactId": { "type": "string", "description": "Provisioning artifact identifier.\n" }, "templatePhysicalId": { "type": "string", "description": "Template source as the physical ID of the resource that contains the template. Currently only supports CloudFormation stack ARN. Specify the physical ID as `arn:[partition]:cloudformation:[region]:[account ID]:stack/[stack name]/[resource ID]`.\n" }, "templateUrl": { "type": "string", "description": "Template source as URL of the CloudFormation template in Amazon S3.\n\nThe following arguments are optional:\n" }, "type": { "type": "string", "description": "Type of provisioning artifact. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisioningArtifactProperties.html) for valid list of values.\n" } }, "required": [ "createdTime", "description", "name", "productId", "provisioningArtifactId" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). The default value is `en`.\n" }, "active": { "type": "boolean", "description": "Whether the product version is active. Inactive provisioning artifacts are invisible to end users. End users cannot launch or update a provisioned product from an inactive provisioning artifact. Default is `true`.\n" }, "description": { "type": "string", "description": "Description of the provisioning artifact (i.e., version), including how it differs from the previous provisioning artifact.\n" }, "disableTemplateValidation": { "type": "boolean", "description": "Whether AWS Service Catalog stops validating the specified provisioning artifact template even if it is invalid.\n", "willReplaceOnChanges": true }, "guidance": { "type": "string", "description": "Information set by the administrator to provide guidance to end users about which provisioning artifacts to use. Valid values are `DEFAULT` and `DEPRECATED`. The default is `DEFAULT`. Users are able to make updates to a provisioned product of a deprecated version but cannot launch new provisioned products using a deprecated version.\n" }, "name": { "type": "string", "description": "Name of the provisioning artifact (for example, `v1`, `v2beta`). No spaces are allowed.\n" }, "productId": { "type": "string", "description": "Identifier of the product.\n" }, "templatePhysicalId": { "type": "string", "description": "Template source as the physical ID of the resource that contains the template. Currently only supports CloudFormation stack ARN. Specify the physical ID as `arn:[partition]:cloudformation:[region]:[account ID]:stack/[stack name]/[resource ID]`.\n", "willReplaceOnChanges": true }, "templateUrl": { "type": "string", "description": "Template source as URL of the CloudFormation template in Amazon S3.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of provisioning artifact. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisioningArtifactProperties.html) for valid list of values.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "productId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProvisioningArtifact resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). The default value is `en`.\n" }, "active": { "type": "boolean", "description": "Whether the product version is active. Inactive provisioning artifacts are invisible to end users. End users cannot launch or update a provisioned product from an inactive provisioning artifact. Default is `true`.\n" }, "createdTime": { "type": "string", "description": "Time when the provisioning artifact was created.\n" }, "description": { "type": "string", "description": "Description of the provisioning artifact (i.e., version), including how it differs from the previous provisioning artifact.\n" }, "disableTemplateValidation": { "type": "boolean", "description": "Whether AWS Service Catalog stops validating the specified provisioning artifact template even if it is invalid.\n", "willReplaceOnChanges": true }, "guidance": { "type": "string", "description": "Information set by the administrator to provide guidance to end users about which provisioning artifacts to use. Valid values are `DEFAULT` and `DEPRECATED`. The default is `DEFAULT`. Users are able to make updates to a provisioned product of a deprecated version but cannot launch new provisioned products using a deprecated version.\n" }, "name": { "type": "string", "description": "Name of the provisioning artifact (for example, `v1`, `v2beta`). No spaces are allowed.\n" }, "productId": { "type": "string", "description": "Identifier of the product.\n" }, "provisioningArtifactId": { "type": "string", "description": "Provisioning artifact identifier.\n" }, "templatePhysicalId": { "type": "string", "description": "Template source as the physical ID of the resource that contains the template. Currently only supports CloudFormation stack ARN. Specify the physical ID as `arn:[partition]:cloudformation:[region]:[account ID]:stack/[stack name]/[resource ID]`.\n", "willReplaceOnChanges": true }, "templateUrl": { "type": "string", "description": "Template source as URL of the CloudFormation template in Amazon S3.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "type": { "type": "string", "description": "Type of provisioning artifact. See [AWS Docs](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisioningArtifactProperties.html) for valid list of values.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicecatalog/serviceAction:ServiceAction": { "description": "Manages a Service Catalog self-service action.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.ServiceAction(\"example\", {\n description: \"Motor generator unit\",\n name: \"MGU\",\n definition: {\n name: \"AWS-RestartEC2Instance\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.ServiceAction(\"example\",\n description=\"Motor generator unit\",\n name=\"MGU\",\n definition={\n \"name\": \"AWS-RestartEC2Instance\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.ServiceAction(\"example\", new()\n {\n Description = \"Motor generator unit\",\n Name = \"MGU\",\n Definition = new Aws.ServiceCatalog.Inputs.ServiceActionDefinitionArgs\n {\n Name = \"AWS-RestartEC2Instance\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewServiceAction(ctx, \"example\", \u0026servicecatalog.ServiceActionArgs{\n\t\t\tDescription: pulumi.String(\"Motor generator unit\"),\n\t\t\tName: pulumi.String(\"MGU\"),\n\t\t\tDefinition: \u0026servicecatalog.ServiceActionDefinitionArgs{\n\t\t\t\tName: pulumi.String(\"AWS-RestartEC2Instance\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServiceAction;\nimport com.pulumi.aws.servicecatalog.ServiceActionArgs;\nimport com.pulumi.aws.servicecatalog.inputs.ServiceActionDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceAction(\"example\", ServiceActionArgs.builder()\n .description(\"Motor generator unit\")\n .name(\"MGU\")\n .definition(ServiceActionDefinitionArgs.builder()\n .name(\"AWS-RestartEC2Instance\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:ServiceAction\n properties:\n description: Motor generator unit\n name: MGU\n definition:\n name: AWS-RestartEC2Instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_service_action` using the service action ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/serviceAction:ServiceAction example act-f1w12eperfslh\n```\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values are `en` (English), `jp` (Japanese), and `zh` (Chinese). Default is `en`.\n" }, "definition": { "$ref": "#/types/aws:servicecatalog/ServiceActionDefinition:ServiceActionDefinition", "description": "Self-service action definition configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Self-service action description.\n" }, "name": { "type": "string", "description": "Self-service action name.\n\nThe following arguments are optional:\n" } }, "required": [ "definition", "description", "name" ], "inputProperties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values are `en` (English), `jp` (Japanese), and `zh` (Chinese). Default is `en`.\n" }, "definition": { "$ref": "#/types/aws:servicecatalog/ServiceActionDefinition:ServiceActionDefinition", "description": "Self-service action definition configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Self-service action description.\n" }, "name": { "type": "string", "description": "Self-service action name.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "definition" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceAction resources.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values are `en` (English), `jp` (Japanese), and `zh` (Chinese). Default is `en`.\n" }, "definition": { "$ref": "#/types/aws:servicecatalog/ServiceActionDefinition:ServiceActionDefinition", "description": "Self-service action definition configuration block. Detailed below.\n" }, "description": { "type": "string", "description": "Self-service action description.\n" }, "name": { "type": "string", "description": "Self-service action name.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:servicecatalog/tagOption:TagOption": { "description": "Manages a Service Catalog Tag Option.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.TagOption(\"example\", {\n key: \"nyckel\",\n value: \"värde\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.TagOption(\"example\",\n key=\"nyckel\",\n value=\"värde\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.TagOption(\"example\", new()\n {\n Key = \"nyckel\",\n Value = \"värde\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewTagOption(ctx, \"example\", \u0026servicecatalog.TagOptionArgs{\n\t\t\tKey: pulumi.String(\"nyckel\"),\n\t\t\tValue: pulumi.String(\"värde\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.TagOption;\nimport com.pulumi.aws.servicecatalog.TagOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TagOption(\"example\", TagOptionArgs.builder()\n .key(\"nyckel\")\n .value(\"värde\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:TagOption\n properties:\n key: nyckel\n value: värde\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_tag_option` using the tag option ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/tagOption:TagOption example tag-pjtvagohlyo3m\n```\n", "properties": { "active": { "type": "boolean", "description": "Whether tag option is active. Default is `true`.\n" }, "key": { "type": "string", "description": "Tag option key.\n" }, "owner": { "type": "string" }, "value": { "type": "string", "description": "Tag option value.\n\nThe following arguments are optional:\n" } }, "required": [ "key", "owner", "value" ], "inputProperties": { "active": { "type": "boolean", "description": "Whether tag option is active. Default is `true`.\n" }, "key": { "type": "string", "description": "Tag option key.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag option value.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "key", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering TagOption resources.\n", "properties": { "active": { "type": "boolean", "description": "Whether tag option is active. Default is `true`.\n" }, "key": { "type": "string", "description": "Tag option key.\n", "willReplaceOnChanges": true }, "owner": { "type": "string" }, "value": { "type": "string", "description": "Tag option value.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:servicecatalog/tagOptionResourceAssociation:TagOptionResourceAssociation": { "description": "Manages a Service Catalog Tag Option Resource Association.\n\n\u003e **Tip:** A \"resource\" is either a Service Catalog portfolio or product.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicecatalog.TagOptionResourceAssociation(\"example\", {\n resourceId: \"prod-dnigbtea24ste\",\n tagOptionId: \"tag-pjtvyakdlyo3m\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.TagOptionResourceAssociation(\"example\",\n resource_id=\"prod-dnigbtea24ste\",\n tag_option_id=\"tag-pjtvyakdlyo3m\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceCatalog.TagOptionResourceAssociation(\"example\", new()\n {\n ResourceId = \"prod-dnigbtea24ste\",\n TagOptionId = \"tag-pjtvyakdlyo3m\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.NewTagOptionResourceAssociation(ctx, \"example\", \u0026servicecatalog.TagOptionResourceAssociationArgs{\n\t\t\tResourceId: pulumi.String(\"prod-dnigbtea24ste\"),\n\t\t\tTagOptionId: pulumi.String(\"tag-pjtvyakdlyo3m\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.TagOptionResourceAssociation;\nimport com.pulumi.aws.servicecatalog.TagOptionResourceAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TagOptionResourceAssociation(\"example\", TagOptionResourceAssociationArgs.builder()\n .resourceId(\"prod-dnigbtea24ste\")\n .tagOptionId(\"tag-pjtvyakdlyo3m\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicecatalog:TagOptionResourceAssociation\n properties:\n resourceId: prod-dnigbtea24ste\n tagOptionId: tag-pjtvyakdlyo3m\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicecatalog_tag_option_resource_association` using the tag option ID and resource ID. For example:\n\n```sh\n$ pulumi import aws:servicecatalog/tagOptionResourceAssociation:TagOptionResourceAssociation example tag-pjtvyakdlyo3m:prod-dnigbtea24ste\n```\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource.\n" }, "resourceCreatedTime": { "type": "string", "description": "Creation time of the resource.\n" }, "resourceDescription": { "type": "string", "description": "Description of the resource.\n" }, "resourceId": { "type": "string", "description": "Resource identifier.\n" }, "resourceName": { "type": "string", "description": "Description of the resource.\n" }, "tagOptionId": { "type": "string", "description": "Tag Option identifier.\n" } }, "required": [ "resourceArn", "resourceCreatedTime", "resourceDescription", "resourceId", "resourceName", "tagOptionId" ], "inputProperties": { "resourceId": { "type": "string", "description": "Resource identifier.\n", "willReplaceOnChanges": true }, "tagOptionId": { "type": "string", "description": "Tag Option identifier.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceId", "tagOptionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering TagOptionResourceAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource.\n" }, "resourceCreatedTime": { "type": "string", "description": "Creation time of the resource.\n" }, "resourceDescription": { "type": "string", "description": "Description of the resource.\n" }, "resourceId": { "type": "string", "description": "Resource identifier.\n", "willReplaceOnChanges": true }, "resourceName": { "type": "string", "description": "Description of the resource.\n" }, "tagOptionId": { "type": "string", "description": "Tag Option identifier.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicediscovery/httpNamespace:HttpNamespace": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.HttpNamespace(\"example\", {\n name: \"development\",\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.HttpNamespace(\"example\",\n name=\"development\",\n description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceDiscovery.HttpNamespace(\"example\", new()\n {\n Name = \"development\",\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicediscovery.NewHttpNamespace(ctx, \"example\", \u0026servicediscovery.HttpNamespaceArgs{\n\t\t\tName: pulumi.String(\"development\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.HttpNamespace;\nimport com.pulumi.aws.servicediscovery.HttpNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HttpNamespace(\"example\", HttpNamespaceArgs.builder()\n .name(\"development\")\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicediscovery:HttpNamespace\n properties:\n name: development\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Discovery HTTP Namespace using the namespace ID. For example:\n\n```sh\n$ pulumi import aws:servicediscovery/httpNamespace:HttpNamespace example ns-1234567890\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "httpName": { "type": "string", "description": "The name of an HTTP namespace.\n" }, "name": { "type": "string", "description": "The name of the http namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "httpName", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the http namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering HttpNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n", "willReplaceOnChanges": true }, "httpName": { "type": "string", "description": "The name of an HTTP namespace.\n" }, "name": { "type": "string", "description": "The name of the http namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:servicediscovery/instance:Instance": { "description": "Provides a Service Discovery Instance resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst examplePrivateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(\"example\", {\n name: \"example.domain.local\",\n description: \"example\",\n vpc: example.id,\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n name: \"example\",\n dnsConfig: {\n namespaceId: examplePrivateDnsNamespace.id,\n dnsRecords: [{\n ttl: 10,\n type: \"A\",\n }],\n routingPolicy: \"MULTIVALUE\",\n },\n healthCheckCustomConfig: {\n failureThreshold: 1,\n },\n});\nconst exampleInstance = new aws.servicediscovery.Instance(\"example\", {\n instanceId: \"example-instance-id\",\n serviceId: exampleService.id,\n attributes: {\n AWS_INSTANCE_IPV4: \"172.18.0.1\",\n custom_attribute: \"custom\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\nexample_private_dns_namespace = aws.servicediscovery.PrivateDnsNamespace(\"example\",\n name=\"example.domain.local\",\n description=\"example\",\n vpc=example.id)\nexample_service = aws.servicediscovery.Service(\"example\",\n name=\"example\",\n dns_config={\n \"namespace_id\": example_private_dns_namespace.id,\n \"dns_records\": [{\n \"ttl\": 10,\n \"type\": \"A\",\n }],\n \"routing_policy\": \"MULTIVALUE\",\n },\n health_check_custom_config={\n \"failure_threshold\": 1,\n })\nexample_instance = aws.servicediscovery.Instance(\"example\",\n instance_id=\"example-instance-id\",\n service_id=example_service.id,\n attributes={\n \"AWS_INSTANCE_IPV4\": \"172.18.0.1\",\n \"custom_attribute\": \"custom\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var examplePrivateDnsNamespace = new Aws.ServiceDiscovery.PrivateDnsNamespace(\"example\", new()\n {\n Name = \"example.domain.local\",\n Description = \"example\",\n Vpc = example.Id,\n });\n\n var exampleService = new Aws.ServiceDiscovery.Service(\"example\", new()\n {\n Name = \"example\",\n DnsConfig = new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigArgs\n {\n NamespaceId = examplePrivateDnsNamespace.Id,\n DnsRecords = new[]\n {\n new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigDnsRecordArgs\n {\n Ttl = 10,\n Type = \"A\",\n },\n },\n RoutingPolicy = \"MULTIVALUE\",\n },\n HealthCheckCustomConfig = new Aws.ServiceDiscovery.Inputs.ServiceHealthCheckCustomConfigArgs\n {\n FailureThreshold = 1,\n },\n });\n\n var exampleInstance = new Aws.ServiceDiscovery.Instance(\"example\", new()\n {\n InstanceId = \"example-instance-id\",\n ServiceId = exampleService.Id,\n Attributes = \n {\n { \"AWS_INSTANCE_IPV4\", \"172.18.0.1\" },\n { \"custom_attribute\", \"custom\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePrivateDnsNamespace, err := servicediscovery.NewPrivateDnsNamespace(ctx, \"example\", \u0026servicediscovery.PrivateDnsNamespaceArgs{\n\t\t\tName: pulumi.String(\"example.domain.local\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpc: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleService, err := servicediscovery.NewService(ctx, \"example\", \u0026servicediscovery.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDnsConfig: \u0026servicediscovery.ServiceDnsConfigArgs{\n\t\t\t\tNamespaceId: examplePrivateDnsNamespace.ID(),\n\t\t\t\tDnsRecords: servicediscovery.ServiceDnsConfigDnsRecordArray{\n\t\t\t\t\t\u0026servicediscovery.ServiceDnsConfigDnsRecordArgs{\n\t\t\t\t\t\tTtl: pulumi.Int(10),\n\t\t\t\t\t\tType: pulumi.String(\"A\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRoutingPolicy: pulumi.String(\"MULTIVALUE\"),\n\t\t\t},\n\t\t\tHealthCheckCustomConfig: \u0026servicediscovery.ServiceHealthCheckCustomConfigArgs{\n\t\t\t\tFailureThreshold: pulumi.Int(1),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewInstance(ctx, \"example\", \u0026servicediscovery.InstanceArgs{\n\t\t\tInstanceId: pulumi.String(\"example-instance-id\"),\n\t\t\tServiceId: exampleService.ID(),\n\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\"AWS_INSTANCE_IPV4\": pulumi.String(\"172.18.0.1\"),\n\t\t\t\t\"custom_attribute\": pulumi.String(\"custom\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespace;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespaceArgs;\nimport com.pulumi.aws.servicediscovery.Service;\nimport com.pulumi.aws.servicediscovery.ServiceArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceDnsConfigArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceHealthCheckCustomConfigArgs;\nimport com.pulumi.aws.servicediscovery.Instance;\nimport com.pulumi.aws.servicediscovery.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var examplePrivateDnsNamespace = new PrivateDnsNamespace(\"examplePrivateDnsNamespace\", PrivateDnsNamespaceArgs.builder()\n .name(\"example.domain.local\")\n .description(\"example\")\n .vpc(example.id())\n .build());\n\n var exampleService = new Service(\"exampleService\", ServiceArgs.builder()\n .name(\"example\")\n .dnsConfig(ServiceDnsConfigArgs.builder()\n .namespaceId(examplePrivateDnsNamespace.id())\n .dnsRecords(ServiceDnsConfigDnsRecordArgs.builder()\n .ttl(10)\n .type(\"A\")\n .build())\n .routingPolicy(\"MULTIVALUE\")\n .build())\n .healthCheckCustomConfig(ServiceHealthCheckCustomConfigArgs.builder()\n .failureThreshold(1)\n .build())\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .instanceId(\"example-instance-id\")\n .serviceId(exampleService.id())\n .attributes(Map.ofEntries(\n Map.entry(\"AWS_INSTANCE_IPV4\", \"172.18.0.1\"),\n Map.entry(\"custom_attribute\", \"custom\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n examplePrivateDnsNamespace:\n type: aws:servicediscovery:PrivateDnsNamespace\n name: example\n properties:\n name: example.domain.local\n description: example\n vpc: ${example.id}\n exampleService:\n type: aws:servicediscovery:Service\n name: example\n properties:\n name: example\n dnsConfig:\n namespaceId: ${examplePrivateDnsNamespace.id}\n dnsRecords:\n - ttl: 10\n type: A\n routingPolicy: MULTIVALUE\n healthCheckCustomConfig:\n failureThreshold: 1\n exampleInstance:\n type: aws:servicediscovery:Instance\n name: example\n properties:\n instanceId: example-instance-id\n serviceId: ${exampleService.id}\n attributes:\n AWS_INSTANCE_IPV4: 172.18.0.1\n custom_attribute: custom\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.HttpNamespace(\"example\", {\n name: \"example.domain.test\",\n description: \"example\",\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n name: \"example\",\n namespaceId: example.id,\n});\nconst exampleInstance = new aws.servicediscovery.Instance(\"example\", {\n instanceId: \"example-instance-id\",\n serviceId: exampleService.id,\n attributes: {\n AWS_EC2_INSTANCE_ID: \"i-0abdg374kd892cj6dl\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.HttpNamespace(\"example\",\n name=\"example.domain.test\",\n description=\"example\")\nexample_service = aws.servicediscovery.Service(\"example\",\n name=\"example\",\n namespace_id=example.id)\nexample_instance = aws.servicediscovery.Instance(\"example\",\n instance_id=\"example-instance-id\",\n service_id=example_service.id,\n attributes={\n \"AWS_EC2_INSTANCE_ID\": \"i-0abdg374kd892cj6dl\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceDiscovery.HttpNamespace(\"example\", new()\n {\n Name = \"example.domain.test\",\n Description = \"example\",\n });\n\n var exampleService = new Aws.ServiceDiscovery.Service(\"example\", new()\n {\n Name = \"example\",\n NamespaceId = example.Id,\n });\n\n var exampleInstance = new Aws.ServiceDiscovery.Instance(\"example\", new()\n {\n InstanceId = \"example-instance-id\",\n ServiceId = exampleService.Id,\n Attributes = \n {\n { \"AWS_EC2_INSTANCE_ID\", \"i-0abdg374kd892cj6dl\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := servicediscovery.NewHttpNamespace(ctx, \"example\", \u0026servicediscovery.HttpNamespaceArgs{\n\t\t\tName: pulumi.String(\"example.domain.test\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleService, err := servicediscovery.NewService(ctx, \"example\", \u0026servicediscovery.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tNamespaceId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewInstance(ctx, \"example\", \u0026servicediscovery.InstanceArgs{\n\t\t\tInstanceId: pulumi.String(\"example-instance-id\"),\n\t\t\tServiceId: exampleService.ID(),\n\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\"AWS_EC2_INSTANCE_ID\": pulumi.String(\"i-0abdg374kd892cj6dl\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.HttpNamespace;\nimport com.pulumi.aws.servicediscovery.HttpNamespaceArgs;\nimport com.pulumi.aws.servicediscovery.Service;\nimport com.pulumi.aws.servicediscovery.ServiceArgs;\nimport com.pulumi.aws.servicediscovery.Instance;\nimport com.pulumi.aws.servicediscovery.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new HttpNamespace(\"example\", HttpNamespaceArgs.builder()\n .name(\"example.domain.test\")\n .description(\"example\")\n .build());\n\n var exampleService = new Service(\"exampleService\", ServiceArgs.builder()\n .name(\"example\")\n .namespaceId(example.id())\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder()\n .instanceId(\"example-instance-id\")\n .serviceId(exampleService.id())\n .attributes(Map.of(\"AWS_EC2_INSTANCE_ID\", \"i-0abdg374kd892cj6dl\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicediscovery:HttpNamespace\n properties:\n name: example.domain.test\n description: example\n exampleService:\n type: aws:servicediscovery:Service\n name: example\n properties:\n name: example\n namespaceId: ${example.id}\n exampleInstance:\n type: aws:servicediscovery:Instance\n name: example\n properties:\n instanceId: example-instance-id\n serviceId: ${exampleService.id}\n attributes:\n AWS_EC2_INSTANCE_ID: i-0abdg374kd892cj6dl\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Discovery Instance using the service ID and instance ID. For example:\n\n```sh\n$ pulumi import aws:servicediscovery/instance:Instance example 0123456789/i-0123\n```\n", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map contains the attributes of the instance. Check the [doc](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#API_RegisterInstance_RequestSyntax) for the supported attributes and syntax.\n" }, "instanceId": { "type": "string", "description": "The ID of the service instance.\n" }, "serviceId": { "type": "string", "description": "The ID of the service that you want to use to create the instance.\n" } }, "required": [ "attributes", "instanceId", "serviceId" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map contains the attributes of the instance. Check the [doc](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#API_RegisterInstance_RequestSyntax) for the supported attributes and syntax.\n" }, "instanceId": { "type": "string", "description": "The ID of the service instance.\n", "willReplaceOnChanges": true }, "serviceId": { "type": "string", "description": "The ID of the service that you want to use to create the instance.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "attributes", "instanceId", "serviceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map contains the attributes of the instance. Check the [doc](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#API_RegisterInstance_RequestSyntax) for the supported attributes and syntax.\n" }, "instanceId": { "type": "string", "description": "The ID of the service instance.\n", "willReplaceOnChanges": true }, "serviceId": { "type": "string", "description": "The ID of the service that you want to use to create the instance.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicediscovery/privateDnsNamespace:PrivateDnsNamespace": { "description": "Provides a Service Discovery Private DNS Namespace resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst examplePrivateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(\"example\", {\n name: \"hoge.example.local\",\n description: \"example\",\n vpc: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_private_dns_namespace = aws.servicediscovery.PrivateDnsNamespace(\"example\",\n name=\"hoge.example.local\",\n description=\"example\",\n vpc=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var examplePrivateDnsNamespace = new Aws.ServiceDiscovery.PrivateDnsNamespace(\"example\", new()\n {\n Name = \"hoge.example.local\",\n Description = \"example\",\n Vpc = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewPrivateDnsNamespace(ctx, \"example\", \u0026servicediscovery.PrivateDnsNamespaceArgs{\n\t\t\tName: pulumi.String(\"hoge.example.local\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpc: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespace;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var examplePrivateDnsNamespace = new PrivateDnsNamespace(\"examplePrivateDnsNamespace\", PrivateDnsNamespaceArgs.builder()\n .name(\"hoge.example.local\")\n .description(\"example\")\n .vpc(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n examplePrivateDnsNamespace:\n type: aws:servicediscovery:PrivateDnsNamespace\n name: example\n properties:\n name: hoge.example.local\n description: example\n vpc: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Discovery Private DNS Namespace using the namespace ID and VPC ID. For example:\n\n```sh\n$ pulumi import aws:servicediscovery/privateDnsNamespace:PrivateDnsNamespace example 0123456789:vpc-123345\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n" } }, "required": [ "arn", "hostedZone", "name", "tagsAll", "vpc" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "vpc" ], "stateInputs": { "description": "Input properties used for looking up and filtering PrivateDnsNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpc": { "type": "string", "description": "The ID of VPC that you want to associate the namespace with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicediscovery/publicDnsNamespace:PublicDnsNamespace": { "description": "Provides a Service Discovery Public DNS Namespace resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.PublicDnsNamespace(\"example\", {\n name: \"hoge.example.com\",\n description: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.PublicDnsNamespace(\"example\",\n name=\"hoge.example.com\",\n description=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceDiscovery.PublicDnsNamespace(\"example\", new()\n {\n Name = \"hoge.example.com\",\n Description = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicediscovery.NewPublicDnsNamespace(ctx, \"example\", \u0026servicediscovery.PublicDnsNamespaceArgs{\n\t\t\tName: pulumi.String(\"hoge.example.com\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.PublicDnsNamespace;\nimport com.pulumi.aws.servicediscovery.PublicDnsNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PublicDnsNamespace(\"example\", PublicDnsNamespaceArgs.builder()\n .name(\"hoge.example.com\")\n .description(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicediscovery:PublicDnsNamespace\n properties:\n name: hoge.example.com\n description: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Discovery Public DNS Namespace using the namespace ID. For example:\n\n```sh\n$ pulumi import aws:servicediscovery/publicDnsNamespace:PublicDnsNamespace example 0123456789\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "hostedZone", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering PublicDnsNamespace resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that Amazon Route 53 assigns to the namespace when you create it.\n" }, "description": { "type": "string", "description": "The description that you specify for the namespace when you create it.\n" }, "hostedZone": { "type": "string", "description": "The ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n" }, "name": { "type": "string", "description": "The name of the namespace.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the namespace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:servicediscovery/service:Service": { "description": "Provides a Service Discovery Service resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsSupport: true,\n enableDnsHostnames: true,\n});\nconst examplePrivateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(\"example\", {\n name: \"example.mydomain.local\",\n description: \"example\",\n vpc: example.id,\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n name: \"example\",\n dnsConfig: {\n namespaceId: examplePrivateDnsNamespace.id,\n dnsRecords: [{\n ttl: 10,\n type: \"A\",\n }],\n routingPolicy: \"MULTIVALUE\",\n },\n healthCheckCustomConfig: {\n failureThreshold: 1,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_support=True,\n enable_dns_hostnames=True)\nexample_private_dns_namespace = aws.servicediscovery.PrivateDnsNamespace(\"example\",\n name=\"example.mydomain.local\",\n description=\"example\",\n vpc=example.id)\nexample_service = aws.servicediscovery.Service(\"example\",\n name=\"example\",\n dns_config={\n \"namespace_id\": example_private_dns_namespace.id,\n \"dns_records\": [{\n \"ttl\": 10,\n \"type\": \"A\",\n }],\n \"routing_policy\": \"MULTIVALUE\",\n },\n health_check_custom_config={\n \"failure_threshold\": 1,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsSupport = true,\n EnableDnsHostnames = true,\n });\n\n var examplePrivateDnsNamespace = new Aws.ServiceDiscovery.PrivateDnsNamespace(\"example\", new()\n {\n Name = \"example.mydomain.local\",\n Description = \"example\",\n Vpc = example.Id,\n });\n\n var exampleService = new Aws.ServiceDiscovery.Service(\"example\", new()\n {\n Name = \"example\",\n DnsConfig = new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigArgs\n {\n NamespaceId = examplePrivateDnsNamespace.Id,\n DnsRecords = new[]\n {\n new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigDnsRecordArgs\n {\n Ttl = 10,\n Type = \"A\",\n },\n },\n RoutingPolicy = \"MULTIVALUE\",\n },\n HealthCheckCustomConfig = new Aws.ServiceDiscovery.Inputs.ServiceHealthCheckCustomConfigArgs\n {\n FailureThreshold = 1,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsSupport: pulumi.Bool(true),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePrivateDnsNamespace, err := servicediscovery.NewPrivateDnsNamespace(ctx, \"example\", \u0026servicediscovery.PrivateDnsNamespaceArgs{\n\t\t\tName: pulumi.String(\"example.mydomain.local\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpc: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewService(ctx, \"example\", \u0026servicediscovery.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDnsConfig: \u0026servicediscovery.ServiceDnsConfigArgs{\n\t\t\t\tNamespaceId: examplePrivateDnsNamespace.ID(),\n\t\t\t\tDnsRecords: servicediscovery.ServiceDnsConfigDnsRecordArray{\n\t\t\t\t\t\u0026servicediscovery.ServiceDnsConfigDnsRecordArgs{\n\t\t\t\t\t\tTtl: pulumi.Int(10),\n\t\t\t\t\t\tType: pulumi.String(\"A\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRoutingPolicy: pulumi.String(\"MULTIVALUE\"),\n\t\t\t},\n\t\t\tHealthCheckCustomConfig: \u0026servicediscovery.ServiceHealthCheckCustomConfigArgs{\n\t\t\t\tFailureThreshold: pulumi.Int(1),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespace;\nimport com.pulumi.aws.servicediscovery.PrivateDnsNamespaceArgs;\nimport com.pulumi.aws.servicediscovery.Service;\nimport com.pulumi.aws.servicediscovery.ServiceArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceDnsConfigArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceHealthCheckCustomConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsSupport(true)\n .enableDnsHostnames(true)\n .build());\n\n var examplePrivateDnsNamespace = new PrivateDnsNamespace(\"examplePrivateDnsNamespace\", PrivateDnsNamespaceArgs.builder()\n .name(\"example.mydomain.local\")\n .description(\"example\")\n .vpc(example.id())\n .build());\n\n var exampleService = new Service(\"exampleService\", ServiceArgs.builder()\n .name(\"example\")\n .dnsConfig(ServiceDnsConfigArgs.builder()\n .namespaceId(examplePrivateDnsNamespace.id())\n .dnsRecords(ServiceDnsConfigDnsRecordArgs.builder()\n .ttl(10)\n .type(\"A\")\n .build())\n .routingPolicy(\"MULTIVALUE\")\n .build())\n .healthCheckCustomConfig(ServiceHealthCheckCustomConfigArgs.builder()\n .failureThreshold(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsSupport: true\n enableDnsHostnames: true\n examplePrivateDnsNamespace:\n type: aws:servicediscovery:PrivateDnsNamespace\n name: example\n properties:\n name: example.mydomain.local\n description: example\n vpc: ${example.id}\n exampleService:\n type: aws:servicediscovery:Service\n name: example\n properties:\n name: example\n dnsConfig:\n namespaceId: ${examplePrivateDnsNamespace.id}\n dnsRecords:\n - ttl: 10\n type: A\n routingPolicy: MULTIVALUE\n healthCheckCustomConfig:\n failureThreshold: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicediscovery.PublicDnsNamespace(\"example\", {\n name: \"example.mydomain.com\",\n description: \"example\",\n});\nconst exampleService = new aws.servicediscovery.Service(\"example\", {\n name: \"example\",\n dnsConfig: {\n namespaceId: example.id,\n dnsRecords: [{\n ttl: 10,\n type: \"A\",\n }],\n },\n healthCheckConfig: {\n failureThreshold: 10,\n resourcePath: \"path\",\n type: \"HTTP\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.PublicDnsNamespace(\"example\",\n name=\"example.mydomain.com\",\n description=\"example\")\nexample_service = aws.servicediscovery.Service(\"example\",\n name=\"example\",\n dns_config={\n \"namespace_id\": example.id,\n \"dns_records\": [{\n \"ttl\": 10,\n \"type\": \"A\",\n }],\n },\n health_check_config={\n \"failure_threshold\": 10,\n \"resource_path\": \"path\",\n \"type\": \"HTTP\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceDiscovery.PublicDnsNamespace(\"example\", new()\n {\n Name = \"example.mydomain.com\",\n Description = \"example\",\n });\n\n var exampleService = new Aws.ServiceDiscovery.Service(\"example\", new()\n {\n Name = \"example\",\n DnsConfig = new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigArgs\n {\n NamespaceId = example.Id,\n DnsRecords = new[]\n {\n new Aws.ServiceDiscovery.Inputs.ServiceDnsConfigDnsRecordArgs\n {\n Ttl = 10,\n Type = \"A\",\n },\n },\n },\n HealthCheckConfig = new Aws.ServiceDiscovery.Inputs.ServiceHealthCheckConfigArgs\n {\n FailureThreshold = 10,\n ResourcePath = \"path\",\n Type = \"HTTP\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := servicediscovery.NewPublicDnsNamespace(ctx, \"example\", \u0026servicediscovery.PublicDnsNamespaceArgs{\n\t\t\tName: pulumi.String(\"example.mydomain.com\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicediscovery.NewService(ctx, \"example\", \u0026servicediscovery.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDnsConfig: \u0026servicediscovery.ServiceDnsConfigArgs{\n\t\t\t\tNamespaceId: example.ID(),\n\t\t\t\tDnsRecords: servicediscovery.ServiceDnsConfigDnsRecordArray{\n\t\t\t\t\t\u0026servicediscovery.ServiceDnsConfigDnsRecordArgs{\n\t\t\t\t\t\tTtl: pulumi.Int(10),\n\t\t\t\t\t\tType: pulumi.String(\"A\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tHealthCheckConfig: \u0026servicediscovery.ServiceHealthCheckConfigArgs{\n\t\t\t\tFailureThreshold: pulumi.Int(10),\n\t\t\t\tResourcePath: pulumi.String(\"path\"),\n\t\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.PublicDnsNamespace;\nimport com.pulumi.aws.servicediscovery.PublicDnsNamespaceArgs;\nimport com.pulumi.aws.servicediscovery.Service;\nimport com.pulumi.aws.servicediscovery.ServiceArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceDnsConfigArgs;\nimport com.pulumi.aws.servicediscovery.inputs.ServiceHealthCheckConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PublicDnsNamespace(\"example\", PublicDnsNamespaceArgs.builder()\n .name(\"example.mydomain.com\")\n .description(\"example\")\n .build());\n\n var exampleService = new Service(\"exampleService\", ServiceArgs.builder()\n .name(\"example\")\n .dnsConfig(ServiceDnsConfigArgs.builder()\n .namespaceId(example.id())\n .dnsRecords(ServiceDnsConfigDnsRecordArgs.builder()\n .ttl(10)\n .type(\"A\")\n .build())\n .build())\n .healthCheckConfig(ServiceHealthCheckConfigArgs.builder()\n .failureThreshold(10)\n .resourcePath(\"path\")\n .type(\"HTTP\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicediscovery:PublicDnsNamespace\n properties:\n name: example.mydomain.com\n description: example\n exampleService:\n type: aws:servicediscovery:Service\n name: example\n properties:\n name: example\n dnsConfig:\n namespaceId: ${example.id}\n dnsRecords:\n - ttl: 10\n type: A\n healthCheckConfig:\n failureThreshold: 10\n resourcePath: path\n type: HTTP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Discovery Service using the service ID. For example:\n\n```sh\n$ pulumi import aws:servicediscovery/service:Service example 0123456789\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the service.\n" }, "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance. See `dns_config` Block for details.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all instances should be deleted from the service so that the service can be destroyed without error. These instances are not recoverable. Defaults to `false`.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces. See `health_check_config` Block for details.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks. See `health_check_custom_config` Block for details.\n" }, "name": { "type": "string", "description": "The name of the service.\n" }, "namespaceId": { "type": "string", "description": "The ID of the namespace that you want to use to create the service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP`.\n" } }, "required": [ "arn", "name", "namespaceId", "tagsAll", "type" ], "inputProperties": { "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance. See `dns_config` Block for details.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all instances should be deleted from the service so that the service can be destroyed without error. These instances are not recoverable. Defaults to `false`.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces. See `health_check_config` Block for details.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks. See `health_check_custom_config` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the service.\n", "willReplaceOnChanges": true }, "namespaceId": { "type": "string", "description": "The ID of the namespace that you want to use to create the service.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP`.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the service.\n" }, "description": { "type": "string", "description": "The description of the service.\n" }, "dnsConfig": { "$ref": "#/types/aws:servicediscovery/ServiceDnsConfig:ServiceDnsConfig", "description": "A complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance. See `dns_config` Block for details.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all instances should be deleted from the service so that the service can be destroyed without error. These instances are not recoverable. Defaults to `false`.\n" }, "healthCheckConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckConfig:ServiceHealthCheckConfig", "description": "A complex type that contains settings for an optional health check. Only for Public DNS namespaces. See `health_check_config` Block for details.\n" }, "healthCheckCustomConfig": { "$ref": "#/types/aws:servicediscovery/ServiceHealthCheckCustomConfig:ServiceHealthCheckCustomConfig", "description": "A complex type that contains settings for ECS managed health checks. See `health_check_custom_config` Block for details.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the service.\n", "willReplaceOnChanges": true }, "namespaceId": { "type": "string", "description": "The ID of the namespace that you want to use to create the service.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:servicequotas/serviceQuota:ServiceQuota": { "description": "Manages an individual Service Quota.\n\n\u003e **NOTE:** Global quotas apply to all AWS regions, but can only be accessed in `us-east-1` in the Commercial partition or `us-gov-west-1` in the GovCloud partition. In other regions, the AWS API will return the error `The request failed because the specified service does not exist.`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicequotas.ServiceQuota(\"example\", {\n quotaCode: \"L-F678F1CE\",\n serviceCode: \"vpc\",\n value: 75,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.ServiceQuota(\"example\",\n quota_code=\"L-F678F1CE\",\n service_code=\"vpc\",\n value=75)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceQuotas.ServiceQuota(\"example\", new()\n {\n QuotaCode = \"L-F678F1CE\",\n ServiceCode = \"vpc\",\n Value = 75,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.NewServiceQuota(ctx, \"example\", \u0026servicequotas.ServiceQuotaArgs{\n\t\t\tQuotaCode: pulumi.String(\"L-F678F1CE\"),\n\t\t\tServiceCode: pulumi.String(\"vpc\"),\n\t\t\tValue: pulumi.Float64(75),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.ServiceQuota;\nimport com.pulumi.aws.servicequotas.ServiceQuotaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceQuota(\"example\", ServiceQuotaArgs.builder()\n .quotaCode(\"L-F678F1CE\")\n .serviceCode(\"vpc\")\n .value(75)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicequotas:ServiceQuota\n properties:\n quotaCode: L-F678F1CE\n serviceCode: vpc\n value: 75\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_servicequotas_service_quota` using the service code and quota code, separated by a front slash (`/`). For example:\n\n~\u003e __NOTE:__ This resource does not require explicit import and will assume management of an existing service quota on Pulumi resource creation.\n\n```sh\n$ pulumi import aws:servicequotas/serviceQuota:ServiceQuota example vpc/L-F678F1CE\n```\n", "properties": { "adjustable": { "type": "boolean", "description": "Whether the service quota can be increased.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service quota.\n" }, "defaultValue": { "type": "number", "description": "Default value of the service quota.\n" }, "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n" }, "quotaName": { "type": "string", "description": "Name of the quota.\n" }, "requestId": { "type": "string" }, "requestStatus": { "type": "string" }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "usageMetrics": { "type": "array", "items": { "$ref": "#/types/aws:servicequotas/ServiceQuotaUsageMetric:ServiceQuotaUsageMetric" }, "description": "Information about the measurement.\n" }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "required": [ "adjustable", "arn", "defaultValue", "quotaCode", "quotaName", "requestId", "requestStatus", "serviceCode", "serviceName", "usageMetrics", "value" ], "inputProperties": { "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n", "willReplaceOnChanges": true }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n", "willReplaceOnChanges": true }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "requiredInputs": [ "quotaCode", "serviceCode", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceQuota resources.\n", "properties": { "adjustable": { "type": "boolean", "description": "Whether the service quota can be increased.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service quota.\n" }, "defaultValue": { "type": "number", "description": "Default value of the service quota.\n" }, "quotaCode": { "type": "string", "description": "Code of the service quota to track. For example: `L-F678F1CE`. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html).\n", "willReplaceOnChanges": true }, "quotaName": { "type": "string", "description": "Name of the quota.\n" }, "requestId": { "type": "string" }, "requestStatus": { "type": "string" }, "serviceCode": { "type": "string", "description": "Code of the service to track. For example: `vpc`. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n", "willReplaceOnChanges": true }, "serviceName": { "type": "string", "description": "Name of the service.\n" }, "usageMetrics": { "type": "array", "items": { "$ref": "#/types/aws:servicequotas/ServiceQuotaUsageMetric:ServiceQuotaUsageMetric" }, "description": "Information about the measurement.\n" }, "value": { "type": "number", "description": "Float specifying the desired value for the service quota. If the desired value is higher than the current value, a quota increase request is submitted. When a known request is submitted and pending, the value reflects the desired value of the pending request.\n" } }, "type": "object" } }, "aws:servicequotas/template:Template": { "description": "Resource for managing an AWS Service Quotas Template.\n\n\u003e Only the management account of an organization can alter Service Quota templates, and this must be done from the `us-east-1` region.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicequotas.Template(\"example\", {\n region: \"us-east-1\",\n quotaCode: \"L-2ACBD22F\",\n serviceCode: \"lambda\",\n value: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.Template(\"example\",\n region=\"us-east-1\",\n quota_code=\"L-2ACBD22F\",\n service_code=\"lambda\",\n value=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceQuotas.Template(\"example\", new()\n {\n Region = \"us-east-1\",\n QuotaCode = \"L-2ACBD22F\",\n ServiceCode = \"lambda\",\n Value = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.NewTemplate(ctx, \"example\", \u0026servicequotas.TemplateArgs{\n\t\t\tRegion: pulumi.String(\"us-east-1\"),\n\t\t\tQuotaCode: pulumi.String(\"L-2ACBD22F\"),\n\t\t\tServiceCode: pulumi.String(\"lambda\"),\n\t\t\tValue: pulumi.Float64(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.Template;\nimport com.pulumi.aws.servicequotas.TemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Template(\"example\", TemplateArgs.builder()\n .region(\"us-east-1\")\n .quotaCode(\"L-2ACBD22F\")\n .serviceCode(\"lambda\")\n .value(\"80\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicequotas:Template\n properties:\n region: us-east-1\n quotaCode: L-2ACBD22F\n serviceCode: lambda\n value: '80'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Quotas Template using the `id`. For example:\n\n```sh\n$ pulumi import aws:servicequotas/template:Template example us-east-1,L-2ACBD22F,lambda\n```\n", "properties": { "globalQuota": { "type": "boolean", "description": "Indicates whether the quota is global.\n" }, "quotaCode": { "type": "string", "description": "Quota identifier. To find the quota code for a specific quota, use the aws.servicequotas.ServiceQuota data source.\n" }, "quotaName": { "type": "string", "description": "Quota name.\n" }, "region": { "type": "string", "description": "AWS Region to which the template applies.\n" }, "serviceCode": { "type": "string", "description": "Service identifier. To find the service code value for an AWS service, use the aws.servicequotas.getService data source.\n" }, "serviceName": { "type": "string", "description": "Service name.\n" }, "unit": { "type": "string", "description": "Unit of measurement.\n" }, "value": { "type": "number", "description": "The new, increased value for the quota.\n" } }, "required": [ "globalQuota", "quotaCode", "quotaName", "region", "serviceCode", "serviceName", "unit", "value" ], "inputProperties": { "quotaCode": { "type": "string", "description": "Quota identifier. To find the quota code for a specific quota, use the aws.servicequotas.ServiceQuota data source.\n" }, "region": { "type": "string", "description": "AWS Region to which the template applies.\n" }, "serviceCode": { "type": "string", "description": "Service identifier. To find the service code value for an AWS service, use the aws.servicequotas.getService data source.\n" }, "value": { "type": "number", "description": "The new, increased value for the quota.\n" } }, "requiredInputs": [ "quotaCode", "region", "serviceCode", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Template resources.\n", "properties": { "globalQuota": { "type": "boolean", "description": "Indicates whether the quota is global.\n" }, "quotaCode": { "type": "string", "description": "Quota identifier. To find the quota code for a specific quota, use the aws.servicequotas.ServiceQuota data source.\n" }, "quotaName": { "type": "string", "description": "Quota name.\n" }, "region": { "type": "string", "description": "AWS Region to which the template applies.\n" }, "serviceCode": { "type": "string", "description": "Service identifier. To find the service code value for an AWS service, use the aws.servicequotas.getService data source.\n" }, "serviceName": { "type": "string", "description": "Service name.\n" }, "unit": { "type": "string", "description": "Unit of measurement.\n" }, "value": { "type": "number", "description": "The new, increased value for the quota.\n" } }, "type": "object" } }, "aws:servicequotas/templateAssociation:TemplateAssociation": { "description": "Resource for managing an AWS Service Quotas Template Association.\n\n\u003e Only the management account of an organization can associate Service Quota templates, and this must be done from the `us-east-1` region.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.servicequotas.TemplateAssociation(\"example\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.TemplateAssociation(\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ServiceQuotas.TemplateAssociation(\"example\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.NewTemplateAssociation(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.TemplateAssociation;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TemplateAssociation(\"example\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:servicequotas:TemplateAssociation\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Service Quotas Template Association using the `id`. For example:\n\n```sh\n$ pulumi import aws:servicequotas/templateAssociation:TemplateAssociation example 012345678901\n```\n", "properties": { "skipDestroy": { "type": "boolean" }, "status": { "type": "string", "description": "Association status. Creating this resource will result in an `ASSOCIATED` status, and quota increase requests in the template are automatically applied to new AWS accounts in the organization.\n" } }, "required": [ "status" ], "inputProperties": { "skipDestroy": { "type": "boolean" } }, "stateInputs": { "description": "Input properties used for looking up and filtering TemplateAssociation resources.\n", "properties": { "skipDestroy": { "type": "boolean" }, "status": { "type": "string", "description": "Association status. Creating this resource will result in an `ASSOCIATED` status, and quota increase requests in the template are automatically applied to new AWS accounts in the organization.\n" } }, "type": "object" } }, "aws:ses/activeReceiptRuleSet:ActiveReceiptRuleSet": { "description": "Provides a resource to designate the active SES receipt rule set\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ses.ActiveReceiptRuleSet(\"main\", {ruleSetName: \"primary-rules\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ses.ActiveReceiptRuleSet(\"main\", rule_set_name=\"primary-rules\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ses.ActiveReceiptRuleSet(\"main\", new()\n {\n RuleSetName = \"primary-rules\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewActiveReceiptRuleSet(ctx, \"main\", \u0026ses.ActiveReceiptRuleSetArgs{\n\t\t\tRuleSetName: pulumi.String(\"primary-rules\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ActiveReceiptRuleSet;\nimport com.pulumi.aws.ses.ActiveReceiptRuleSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new ActiveReceiptRuleSet(\"main\", ActiveReceiptRuleSetArgs.builder()\n .ruleSetName(\"primary-rules\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ses:ActiveReceiptRuleSet\n properties:\n ruleSetName: primary-rules\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import active SES receipt rule sets using the rule set name. For example:\n\n```sh\n$ pulumi import aws:ses/activeReceiptRuleSet:ActiveReceiptRuleSet my_rule_set my_rule_set_name\n```\n", "properties": { "arn": { "type": "string", "description": "The SES receipt rule set ARN.\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "required": [ "arn", "ruleSetName" ], "inputProperties": { "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ActiveReceiptRuleSet resources.\n", "properties": { "arn": { "type": "string", "description": "The SES receipt rule set ARN.\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" } }, "type": "object" } }, "aws:ses/configurationSet:ConfigurationSet": { "description": "Provides an SES configuration set resource.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.ConfigurationSet(\"test\", {name: \"some-configuration-set-test\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.ConfigurationSet(\"test\", name=\"some-configuration-set-test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ses.ConfigurationSet(\"test\", new()\n {\n Name = \"some-configuration-set-test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewConfigurationSet(ctx, \"test\", \u0026ses.ConfigurationSetArgs{\n\t\t\tName: pulumi.String(\"some-configuration-set-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ConfigurationSet;\nimport com.pulumi.aws.ses.ConfigurationSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ConfigurationSet(\"test\", ConfigurationSetArgs.builder()\n .name(\"some-configuration-set-test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ses:ConfigurationSet\n properties:\n name: some-configuration-set-test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Require TLS Connections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.ConfigurationSet(\"test\", {\n name: \"some-configuration-set-test\",\n deliveryOptions: {\n tlsPolicy: \"Require\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.ConfigurationSet(\"test\",\n name=\"some-configuration-set-test\",\n delivery_options={\n \"tls_policy\": \"Require\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ses.ConfigurationSet(\"test\", new()\n {\n Name = \"some-configuration-set-test\",\n DeliveryOptions = new Aws.Ses.Inputs.ConfigurationSetDeliveryOptionsArgs\n {\n TlsPolicy = \"Require\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewConfigurationSet(ctx, \"test\", \u0026ses.ConfigurationSetArgs{\n\t\t\tName: pulumi.String(\"some-configuration-set-test\"),\n\t\t\tDeliveryOptions: \u0026ses.ConfigurationSetDeliveryOptionsArgs{\n\t\t\t\tTlsPolicy: pulumi.String(\"Require\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ConfigurationSet;\nimport com.pulumi.aws.ses.ConfigurationSetArgs;\nimport com.pulumi.aws.ses.inputs.ConfigurationSetDeliveryOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ConfigurationSet(\"test\", ConfigurationSetArgs.builder()\n .name(\"some-configuration-set-test\")\n .deliveryOptions(ConfigurationSetDeliveryOptionsArgs.builder()\n .tlsPolicy(\"Require\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ses:ConfigurationSet\n properties:\n name: some-configuration-set-test\n deliveryOptions:\n tlsPolicy: Require\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Tracking Options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.ConfigurationSet(\"test\", {\n name: \"some-configuration-set-test\",\n trackingOptions: {\n customRedirectDomain: \"sub.example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.ConfigurationSet(\"test\",\n name=\"some-configuration-set-test\",\n tracking_options={\n \"custom_redirect_domain\": \"sub.example.com\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ses.ConfigurationSet(\"test\", new()\n {\n Name = \"some-configuration-set-test\",\n TrackingOptions = new Aws.Ses.Inputs.ConfigurationSetTrackingOptionsArgs\n {\n CustomRedirectDomain = \"sub.example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewConfigurationSet(ctx, \"test\", \u0026ses.ConfigurationSetArgs{\n\t\t\tName: pulumi.String(\"some-configuration-set-test\"),\n\t\t\tTrackingOptions: \u0026ses.ConfigurationSetTrackingOptionsArgs{\n\t\t\t\tCustomRedirectDomain: pulumi.String(\"sub.example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ConfigurationSet;\nimport com.pulumi.aws.ses.ConfigurationSetArgs;\nimport com.pulumi.aws.ses.inputs.ConfigurationSetTrackingOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ConfigurationSet(\"test\", ConfigurationSetArgs.builder()\n .name(\"some-configuration-set-test\")\n .trackingOptions(ConfigurationSetTrackingOptionsArgs.builder()\n .customRedirectDomain(\"sub.example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ses:ConfigurationSet\n properties:\n name: some-configuration-set-test\n trackingOptions:\n customRedirectDomain: sub.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES Configuration Sets using their `name`. For example:\n\n```sh\n$ pulumi import aws:ses/configurationSet:ConfigurationSet test some-configuration-set-test\n```\n", "properties": { "arn": { "type": "string", "description": "SES configuration set ARN.\n" }, "deliveryOptions": { "$ref": "#/types/aws:ses/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "Whether messages that use the configuration set are required to use TLS. See below.\n" }, "lastFreshStart": { "type": "string", "description": "Date and time at which the reputation metrics for the configuration set were last reset. Resetting these metrics is known as a fresh start.\n" }, "name": { "type": "string", "description": "Name of the configuration set.\n\nThe following argument is optional:\n" }, "reputationMetricsEnabled": { "type": "boolean", "description": "Whether or not Amazon SES publishes reputation metrics for the configuration set, such as bounce and complaint rates, to Amazon CloudWatch. The default value is `false`.\n" }, "sendingEnabled": { "type": "boolean", "description": "Whether email sending is enabled or disabled for the configuration set. The default value is `true`.\n" }, "trackingOptions": { "$ref": "#/types/aws:ses/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "Domain that is used to redirect email recipients to an Amazon SES-operated domain. See below. **NOTE:** This functionality is best effort.\n" } }, "required": [ "arn", "lastFreshStart", "name" ], "inputProperties": { "deliveryOptions": { "$ref": "#/types/aws:ses/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "Whether messages that use the configuration set are required to use TLS. See below.\n" }, "name": { "type": "string", "description": "Name of the configuration set.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true }, "reputationMetricsEnabled": { "type": "boolean", "description": "Whether or not Amazon SES publishes reputation metrics for the configuration set, such as bounce and complaint rates, to Amazon CloudWatch. The default value is `false`.\n" }, "sendingEnabled": { "type": "boolean", "description": "Whether email sending is enabled or disabled for the configuration set. The default value is `true`.\n" }, "trackingOptions": { "$ref": "#/types/aws:ses/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "Domain that is used to redirect email recipients to an Amazon SES-operated domain. See below. **NOTE:** This functionality is best effort.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationSet resources.\n", "properties": { "arn": { "type": "string", "description": "SES configuration set ARN.\n" }, "deliveryOptions": { "$ref": "#/types/aws:ses/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "Whether messages that use the configuration set are required to use TLS. See below.\n" }, "lastFreshStart": { "type": "string", "description": "Date and time at which the reputation metrics for the configuration set were last reset. Resetting these metrics is known as a fresh start.\n" }, "name": { "type": "string", "description": "Name of the configuration set.\n\nThe following argument is optional:\n", "willReplaceOnChanges": true }, "reputationMetricsEnabled": { "type": "boolean", "description": "Whether or not Amazon SES publishes reputation metrics for the configuration set, such as bounce and complaint rates, to Amazon CloudWatch. The default value is `false`.\n" }, "sendingEnabled": { "type": "boolean", "description": "Whether email sending is enabled or disabled for the configuration set. The default value is `true`.\n" }, "trackingOptions": { "$ref": "#/types/aws:ses/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "Domain that is used to redirect email recipients to an Amazon SES-operated domain. See below. **NOTE:** This functionality is best effort.\n" } }, "type": "object" }, "aliases": [ { "type": "aws:ses/confgurationSet:ConfgurationSet" } ] }, "aws:ses/domainDkim:DomainDkim": { "description": "Provides an SES domain DKIM generation resource.\n\nDomain ownership needs to be confirmed first using ses_domain_identity Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst exampleDomainDkim = new aws.ses.DomainDkim(\"example\", {domain: example.domain});\nconst exampleAmazonsesDkimRecord: aws.route53.Record[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n exampleAmazonsesDkimRecord.push(new aws.route53.Record(`example_amazonses_dkim_record-${range.value}`, {\n zoneId: \"ABCDEFGHIJ123\",\n name: exampleDomainDkim.dkimTokens.apply(dkimTokens =\u003e `${dkimTokens[range.value]}._domainkey`),\n type: aws.route53.RecordType.CNAME,\n ttl: 600,\n records: [exampleDomainDkim.dkimTokens.apply(dkimTokens =\u003e `${dkimTokens[range.value]}.dkim.amazonses.com`)],\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_domain_dkim = aws.ses.DomainDkim(\"example\", domain=example.domain)\nexample_amazonses_dkim_record = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example_amazonses_dkim_record.append(aws.route53.Record(f\"example_amazonses_dkim_record-{range['value']}\",\n zone_id=\"ABCDEFGHIJ123\",\n name=example_domain_dkim.dkim_tokens.apply(lambda dkim_tokens: f\"{dkim_tokens[range['value']]}._domainkey\"),\n type=aws.route53.RecordType.CNAME,\n ttl=600,\n records=[example_domain_dkim.dkim_tokens.apply(lambda dkim_tokens: f\"{dkim_tokens[range['value']]}.dkim.amazonses.com\")]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var exampleDomainDkim = new Aws.Ses.DomainDkim(\"example\", new()\n {\n Domain = example.Domain,\n });\n\n var exampleAmazonsesDkimRecord = new List\u003cAws.Route53.Record\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n exampleAmazonsesDkimRecord.Add(new Aws.Route53.Record($\"example_amazonses_dkim_record-{range.Value}\", new()\n {\n ZoneId = \"ABCDEFGHIJ123\",\n Name = exampleDomainDkim.DkimTokens.Apply(dkimTokens =\u003e $\"{dkimTokens[range.Value]}._domainkey\"),\n Type = Aws.Route53.RecordType.CNAME,\n Ttl = 600,\n Records = new[]\n {\n exampleDomainDkim.DkimTokens.Apply(dkimTokens =\u003e $\"{dkimTokens[range.Value]}.dkim.amazonses.com\"),\n },\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomainDkim, err := ses.NewDomainDkim(ctx, \"example\", \u0026ses.DomainDkimArgs{\n\t\t\tDomain: example.Domain,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar exampleAmazonsesDkimRecord []*route53.Record\n\t\tfor index := 0; index \u003c 3; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := route53.NewRecord(ctx, fmt.Sprintf(\"example_amazonses_dkim_record-%v\", key0), \u0026route53.RecordArgs{\n\t\t\t\tZoneId: pulumi.String(\"ABCDEFGHIJ123\"),\n\t\t\t\tName: exampleDomainDkim.DkimTokens.ApplyT(func(dkimTokens []string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"%v._domainkey\", dkimTokens[val0]), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tType: pulumi.String(route53.RecordTypeCNAME),\n\t\t\t\tTtl: pulumi.Int(600),\n\t\t\t\tRecords: pulumi.StringArray{\n\t\t\t\t\texampleDomainDkim.DkimTokens.ApplyT(func(dkimTokens []string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"%v.dkim.amazonses.com\", dkimTokens[val0]), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\texampleAmazonsesDkimRecord = append(exampleAmazonsesDkimRecord, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.ses.DomainDkim;\nimport com.pulumi.aws.ses.DomainDkimArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n var exampleDomainDkim = new DomainDkim(\"exampleDomainDkim\", DomainDkimArgs.builder()\n .domain(example.domain())\n .build());\n\n for (var i = 0; i \u003c 3; i++) {\n new Record(\"exampleAmazonsesDkimRecord-\" + i, RecordArgs.builder()\n .zoneId(\"ABCDEFGHIJ123\")\n .name(exampleDomainDkim.dkimTokens().applyValue(dkimTokens -\u003e String.format(\"%s._domainkey\", dkimTokens[range.value()])))\n .type(\"CNAME\")\n .ttl(\"600\")\n .records(exampleDomainDkim.dkimTokens().applyValue(dkimTokens -\u003e String.format(\"%s.dkim.amazonses.com\", dkimTokens[range.value()])))\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DKIM tokens using the `domain` attribute. For example:\n\n```sh\n$ pulumi import aws:ses/domainDkim:DomainDkim example example.com\n```\n", "properties": { "dkimTokens": { "type": "array", "items": { "type": "string" }, "description": "DKIM tokens generated by SES.\nThese tokens should be used to create CNAME records used to verify SES Easy DKIM.\nSee below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider.\nFind out more about verifying domains in Amazon SES\nin the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim-dns-records.html).\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n" } }, "required": [ "dkimTokens", "domain" ], "inputProperties": { "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainDkim resources.\n", "properties": { "dkimTokens": { "type": "array", "items": { "type": "string" }, "description": "DKIM tokens generated by SES.\nThese tokens should be used to create CNAME records used to verify SES Easy DKIM.\nSee below for an example of how this might be achieved\nwhen the domain is hosted in Route 53 and managed by this provider.\nFind out more about verifying domains in Amazon SES\nin the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim-dns-records.html).\n" }, "domain": { "type": "string", "description": "Verified domain name to generate DKIM tokens for.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/domainIdentity:DomainIdentity": { "description": "Provides an SES domain identity resource\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Route53 Record\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n zoneId: \"ABCDEFGHIJ123\",\n name: \"_amazonses.example.com\",\n type: aws.route53.RecordType.TXT,\n ttl: 600,\n records: [example.verificationToken],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"example_amazonses_verification_record\",\n zone_id=\"ABCDEFGHIJ123\",\n name=\"_amazonses.example.com\",\n type=aws.route53.RecordType.TXT,\n ttl=600,\n records=[example.verification_token])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"example_amazonses_verification_record\", new()\n {\n ZoneId = \"ABCDEFGHIJ123\",\n Name = \"_amazonses.example.com\",\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 600,\n Records = new[]\n {\n example.VerificationToken,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example_amazonses_verification_record\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.String(\"ABCDEFGHIJ123\"),\n\t\t\tName: pulumi.String(\"_amazonses.example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n var exampleAmazonsesVerificationRecord = new Record(\"exampleAmazonsesVerificationRecord\", RecordArgs.builder()\n .zoneId(\"ABCDEFGHIJ123\")\n .name(\"_amazonses.example.com\")\n .type(\"TXT\")\n .ttl(\"600\")\n .records(example.verificationToken())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n exampleAmazonsesVerificationRecord:\n type: aws:route53:Record\n name: example_amazonses_verification_record\n properties:\n zoneId: ABCDEFGHIJ123\n name: _amazonses.example.com\n type: TXT\n ttl: '600'\n records:\n - ${example.verificationToken}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES domain identities using the domain name. For example:\n\n```sh\n$ pulumi import aws:ses/domainIdentity:DomainIdentity example example.com\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name to assign to SES\n" }, "verificationToken": { "type": "string", "description": "A code which when added to the domain as a TXT record will signal to SES that the owner of the domain has authorized SES to act on their behalf. The domain identity will be in state \"verification pending\" until this is done. See the With Route53 Record example for how this might be achieved when the domain is hosted in Route 53 and managed by this provider. Find out more about verifying domains in Amazon SES in the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-domains.html).\n" } }, "required": [ "arn", "domain", "verificationToken" ], "inputProperties": { "domain": { "type": "string", "description": "The domain name to assign to SES\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainIdentity resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name to assign to SES\n", "willReplaceOnChanges": true }, "verificationToken": { "type": "string", "description": "A code which when added to the domain as a TXT record will signal to SES that the owner of the domain has authorized SES to act on their behalf. The domain identity will be in state \"verification pending\" until this is done. See the With Route53 Record example for how this might be achieved when the domain is hosted in Route 53 and managed by this provider. Find out more about verifying domains in Amazon SES in the [AWS SES docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-domains.html).\n" } }, "type": "object" } }, "aws:ses/domainIdentityVerification:DomainIdentityVerification": { "description": "Represents a successful verification of an SES domain identity.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.ses.DomainIdentity` to request an SES domain identity,\ndeploy the required DNS verification records, and wait for verification to complete.\n\n\u003e **WARNING:** This resource implements a part of the verification workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n zoneId: exampleAwsRoute53Zone.zoneId,\n name: pulumi.interpolate`_amazonses.${example.id}`,\n type: aws.route53.RecordType.TXT,\n ttl: 600,\n records: [example.verificationToken],\n});\nconst exampleVerification = new aws.ses.DomainIdentityVerification(\"example_verification\", {domain: example.id}, {\n dependsOn: [exampleAmazonsesVerificationRecord],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"example_amazonses_verification_record\",\n zone_id=example_aws_route53_zone[\"zoneId\"],\n name=example.id.apply(lambda id: f\"_amazonses.{id}\"),\n type=aws.route53.RecordType.TXT,\n ttl=600,\n records=[example.verification_token])\nexample_verification = aws.ses.DomainIdentityVerification(\"example_verification\", domain=example.id,\nopts = pulumi.ResourceOptions(depends_on=[example_amazonses_verification_record]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"example_amazonses_verification_record\", new()\n {\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n Name = example.Id.Apply(id =\u003e $\"_amazonses.{id}\"),\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 600,\n Records = new[]\n {\n example.VerificationToken,\n },\n });\n\n var exampleVerification = new Aws.Ses.DomainIdentityVerification(\"example_verification\", new()\n {\n Domain = example.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAmazonsesVerificationRecord,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAmazonsesVerificationRecord, err := route53.NewRecord(ctx, \"example_amazonses_verification_record\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId),\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"_amazonses.%v\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewDomainIdentityVerification(ctx, \"example_verification\", \u0026ses.DomainIdentityVerificationArgs{\n\t\t\tDomain: example.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAmazonsesVerificationRecord,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.ses.DomainIdentityVerification;\nimport com.pulumi.aws.ses.DomainIdentityVerificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n var exampleAmazonsesVerificationRecord = new Record(\"exampleAmazonsesVerificationRecord\", RecordArgs.builder()\n .zoneId(exampleAwsRoute53Zone.zoneId())\n .name(example.id().applyValue(id -\u003e String.format(\"_amazonses.%s\", id)))\n .type(\"TXT\")\n .ttl(\"600\")\n .records(example.verificationToken())\n .build());\n\n var exampleVerification = new DomainIdentityVerification(\"exampleVerification\", DomainIdentityVerificationArgs.builder()\n .domain(example.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAmazonsesVerificationRecord)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n exampleAmazonsesVerificationRecord:\n type: aws:route53:Record\n name: example_amazonses_verification_record\n properties:\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n name: _amazonses.${example.id}\n type: TXT\n ttl: '600'\n records:\n - ${example.verificationToken}\n exampleVerification:\n type: aws:ses:DomainIdentityVerification\n name: example_verification\n properties:\n domain: ${example.id}\n options:\n dependson:\n - ${exampleAmazonsesVerificationRecord}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n" } }, "required": [ "arn", "domain" ], "inputProperties": { "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "domain" ], "stateInputs": { "description": "Input properties used for looking up and filtering DomainIdentityVerification resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the domain identity.\n" }, "domain": { "type": "string", "description": "The domain name of the SES domain identity to verify.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/emailIdentity:EmailIdentity": { "description": "Provides an SES email identity resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.EmailIdentity(\"example\", {email: \"email@example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.EmailIdentity(\"example\", email=\"email@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.EmailIdentity(\"example\", new()\n {\n Email = \"email@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewEmailIdentity(ctx, \"example\", \u0026ses.EmailIdentityArgs{\n\t\t\tEmail: pulumi.String(\"email@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.EmailIdentity;\nimport com.pulumi.aws.ses.EmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .email(\"email@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:EmailIdentity\n properties:\n email: email@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES email identities using the email address. For example:\n\n```sh\n$ pulumi import aws:ses/emailIdentity:EmailIdentity example email@example.com\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the email identity.\n" }, "email": { "type": "string", "description": "The email address to assign to SES.\n" } }, "required": [ "arn", "email" ], "inputProperties": { "email": { "type": "string", "description": "The email address to assign to SES.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "email" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentity resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the email identity.\n" }, "email": { "type": "string", "description": "The email address to assign to SES.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/eventDestination:EventDestination": { "description": "Provides an SES event destination\n\n## Example Usage\n\n### CloudWatch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cloudwatch = new aws.ses.EventDestination(\"cloudwatch\", {\n name: \"event-destination-cloudwatch\",\n configurationSetName: example.name,\n enabled: true,\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n cloudwatchDestinations: [{\n defaultValue: \"default\",\n dimensionName: \"dimension\",\n valueSource: \"emailHeader\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncloudwatch = aws.ses.EventDestination(\"cloudwatch\",\n name=\"event-destination-cloudwatch\",\n configuration_set_name=example[\"name\"],\n enabled=True,\n matching_types=[\n \"bounce\",\n \"send\",\n ],\n cloudwatch_destinations=[{\n \"default_value\": \"default\",\n \"dimension_name\": \"dimension\",\n \"value_source\": \"emailHeader\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cloudwatch = new Aws.Ses.EventDestination(\"cloudwatch\", new()\n {\n Name = \"event-destination-cloudwatch\",\n ConfigurationSetName = example.Name,\n Enabled = true,\n MatchingTypes = new[]\n {\n \"bounce\",\n \"send\",\n },\n CloudwatchDestinations = new[]\n {\n new Aws.Ses.Inputs.EventDestinationCloudwatchDestinationArgs\n {\n DefaultValue = \"default\",\n DimensionName = \"dimension\",\n ValueSource = \"emailHeader\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewEventDestination(ctx, \"cloudwatch\", \u0026ses.EventDestinationArgs{\n\t\t\tName: pulumi.String(\"event-destination-cloudwatch\"),\n\t\t\tConfigurationSetName: pulumi.Any(example.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t\tCloudwatchDestinations: ses.EventDestinationCloudwatchDestinationArray{\n\t\t\t\t\u0026ses.EventDestinationCloudwatchDestinationArgs{\n\t\t\t\t\tDefaultValue: pulumi.String(\"default\"),\n\t\t\t\t\tDimensionName: pulumi.String(\"dimension\"),\n\t\t\t\t\tValueSource: pulumi.String(\"emailHeader\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.EventDestination;\nimport com.pulumi.aws.ses.EventDestinationArgs;\nimport com.pulumi.aws.ses.inputs.EventDestinationCloudwatchDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cloudwatch = new EventDestination(\"cloudwatch\", EventDestinationArgs.builder()\n .name(\"event-destination-cloudwatch\")\n .configurationSetName(example.name())\n .enabled(true)\n .matchingTypes( \n \"bounce\",\n \"send\")\n .cloudwatchDestinations(EventDestinationCloudwatchDestinationArgs.builder()\n .defaultValue(\"default\")\n .dimensionName(\"dimension\")\n .valueSource(\"emailHeader\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cloudwatch:\n type: aws:ses:EventDestination\n properties:\n name: event-destination-cloudwatch\n configurationSetName: ${example.name}\n enabled: true\n matchingTypes:\n - bounce\n - send\n cloudwatchDestinations:\n - defaultValue: default\n dimensionName: dimension\n valueSource: emailHeader\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kinesis Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst kinesis = new aws.ses.EventDestination(\"kinesis\", {\n name: \"event-destination-kinesis\",\n configurationSetName: exampleAwsSesConfigurationSet.name,\n enabled: true,\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n kinesisDestination: {\n streamArn: exampleAwsKinesisFirehoseDeliveryStream.arn,\n roleArn: example.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkinesis = aws.ses.EventDestination(\"kinesis\",\n name=\"event-destination-kinesis\",\n configuration_set_name=example_aws_ses_configuration_set[\"name\"],\n enabled=True,\n matching_types=[\n \"bounce\",\n \"send\",\n ],\n kinesis_destination={\n \"stream_arn\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n \"role_arn\": example[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kinesis = new Aws.Ses.EventDestination(\"kinesis\", new()\n {\n Name = \"event-destination-kinesis\",\n ConfigurationSetName = exampleAwsSesConfigurationSet.Name,\n Enabled = true,\n MatchingTypes = new[]\n {\n \"bounce\",\n \"send\",\n },\n KinesisDestination = new Aws.Ses.Inputs.EventDestinationKinesisDestinationArgs\n {\n StreamArn = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n RoleArn = example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewEventDestination(ctx, \"kinesis\", \u0026ses.EventDestinationArgs{\n\t\t\tName: pulumi.String(\"event-destination-kinesis\"),\n\t\t\tConfigurationSetName: pulumi.Any(exampleAwsSesConfigurationSet.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t\tKinesisDestination: \u0026ses.EventDestinationKinesisDestinationArgs{\n\t\t\t\tStreamArn: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\tRoleArn: pulumi.Any(example.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.EventDestination;\nimport com.pulumi.aws.ses.EventDestinationArgs;\nimport com.pulumi.aws.ses.inputs.EventDestinationKinesisDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kinesis = new EventDestination(\"kinesis\", EventDestinationArgs.builder()\n .name(\"event-destination-kinesis\")\n .configurationSetName(exampleAwsSesConfigurationSet.name())\n .enabled(true)\n .matchingTypes( \n \"bounce\",\n \"send\")\n .kinesisDestination(EventDestinationKinesisDestinationArgs.builder()\n .streamArn(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .roleArn(example.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kinesis:\n type: aws:ses:EventDestination\n properties:\n name: event-destination-kinesis\n configurationSetName: ${exampleAwsSesConfigurationSet.name}\n enabled: true\n matchingTypes:\n - bounce\n - send\n kinesisDestination:\n streamArn: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n roleArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sns = new aws.ses.EventDestination(\"sns\", {\n name: \"event-destination-sns\",\n configurationSetName: exampleAwsSesConfigurationSet.name,\n enabled: true,\n matchingTypes: [\n \"bounce\",\n \"send\",\n ],\n snsDestination: {\n topicArn: example.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsns = aws.ses.EventDestination(\"sns\",\n name=\"event-destination-sns\",\n configuration_set_name=example_aws_ses_configuration_set[\"name\"],\n enabled=True,\n matching_types=[\n \"bounce\",\n \"send\",\n ],\n sns_destination={\n \"topic_arn\": example[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sns = new Aws.Ses.EventDestination(\"sns\", new()\n {\n Name = \"event-destination-sns\",\n ConfigurationSetName = exampleAwsSesConfigurationSet.Name,\n Enabled = true,\n MatchingTypes = new[]\n {\n \"bounce\",\n \"send\",\n },\n SnsDestination = new Aws.Ses.Inputs.EventDestinationSnsDestinationArgs\n {\n TopicArn = example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewEventDestination(ctx, \"sns\", \u0026ses.EventDestinationArgs{\n\t\t\tName: pulumi.String(\"event-destination-sns\"),\n\t\t\tConfigurationSetName: pulumi.Any(exampleAwsSesConfigurationSet.Name),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMatchingTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"bounce\"),\n\t\t\t\tpulumi.String(\"send\"),\n\t\t\t},\n\t\t\tSnsDestination: \u0026ses.EventDestinationSnsDestinationArgs{\n\t\t\t\tTopicArn: pulumi.Any(example.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.EventDestination;\nimport com.pulumi.aws.ses.EventDestinationArgs;\nimport com.pulumi.aws.ses.inputs.EventDestinationSnsDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sns = new EventDestination(\"sns\", EventDestinationArgs.builder()\n .name(\"event-destination-sns\")\n .configurationSetName(exampleAwsSesConfigurationSet.name())\n .enabled(true)\n .matchingTypes( \n \"bounce\",\n \"send\")\n .snsDestination(EventDestinationSnsDestinationArgs.builder()\n .topicArn(example.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sns:\n type: aws:ses:EventDestination\n properties:\n name: event-destination-sns\n configurationSetName: ${exampleAwsSesConfigurationSet.name}\n enabled: true\n matchingTypes:\n - bounce\n - send\n snsDestination:\n topicArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES event destinations using `configuration_set_name` together with the event destination's `name`. For example:\n\n```sh\n$ pulumi import aws:ses/eventDestination:EventDestination sns some-configuration-set-test/event-destination-sns\n```\n", "properties": { "arn": { "type": "string", "description": "The SES event destination ARN.\n" }, "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n" }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n" }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n" }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n" }, "name": { "type": "string", "description": "The name of the event destination\n" }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n\n\u003e **NOTE:** You can specify `\"cloudwatch_destination\"` or `\"kinesis_destination\"` but not both\n" } }, "required": [ "arn", "configurationSetName", "matchingTypes", "name" ], "inputProperties": { "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n", "willReplaceOnChanges": true }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n", "willReplaceOnChanges": true }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n", "willReplaceOnChanges": true }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the event destination\n", "willReplaceOnChanges": true }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n\n\u003e **NOTE:** You can specify `\"cloudwatch_destination\"` or `\"kinesis_destination\"` but not both\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "configurationSetName", "matchingTypes" ], "stateInputs": { "description": "Input properties used for looking up and filtering EventDestination resources.\n", "properties": { "arn": { "type": "string", "description": "The SES event destination ARN.\n" }, "cloudwatchDestinations": { "type": "array", "items": { "$ref": "#/types/aws:ses/EventDestinationCloudwatchDestination:EventDestinationCloudwatchDestination" }, "description": "CloudWatch destination for the events\n", "willReplaceOnChanges": true }, "configurationSetName": { "type": "string", "description": "The name of the configuration set\n", "willReplaceOnChanges": true }, "enabled": { "type": "boolean", "description": "If true, the event destination will be enabled\n", "willReplaceOnChanges": true }, "kinesisDestination": { "$ref": "#/types/aws:ses/EventDestinationKinesisDestination:EventDestinationKinesisDestination", "description": "Send the events to a kinesis firehose destination\n", "willReplaceOnChanges": true }, "matchingTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of matching types. May be any of `\"send\"`, `\"reject\"`, `\"bounce\"`, `\"complaint\"`, `\"delivery\"`, `\"open\"`, `\"click\"`, or `\"renderingFailure\"`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the event destination\n", "willReplaceOnChanges": true }, "snsDestination": { "$ref": "#/types/aws:ses/EventDestinationSnsDestination:EventDestinationSnsDestination", "description": "Send the events to an SNS Topic destination\n\n\u003e **NOTE:** You can specify `\"cloudwatch_destination\"` or `\"kinesis_destination\"` but not both\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/identityNotificationTopic:IdentityNotificationTopic": { "description": "Resource for managing SES Identity Notification Topics\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.ses.IdentityNotificationTopic(\"test\", {\n topicArn: exampleAwsSnsTopic.arn,\n notificationType: \"Bounce\",\n identity: example.domain,\n includeOriginalHeaders: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ses.IdentityNotificationTopic(\"test\",\n topic_arn=example_aws_sns_topic[\"arn\"],\n notification_type=\"Bounce\",\n identity=example[\"domain\"],\n include_original_headers=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Ses.IdentityNotificationTopic(\"test\", new()\n {\n TopicArn = exampleAwsSnsTopic.Arn,\n NotificationType = \"Bounce\",\n Identity = example.Domain,\n IncludeOriginalHeaders = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewIdentityNotificationTopic(ctx, \"test\", \u0026ses.IdentityNotificationTopicArgs{\n\t\t\tTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\tNotificationType: pulumi.String(\"Bounce\"),\n\t\t\tIdentity: pulumi.Any(example.Domain),\n\t\t\tIncludeOriginalHeaders: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.IdentityNotificationTopic;\nimport com.pulumi.aws.ses.IdentityNotificationTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new IdentityNotificationTopic(\"test\", IdentityNotificationTopicArgs.builder()\n .topicArn(exampleAwsSnsTopic.arn())\n .notificationType(\"Bounce\")\n .identity(example.domain())\n .includeOriginalHeaders(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ses:IdentityNotificationTopic\n properties:\n topicArn: ${exampleAwsSnsTopic.arn}\n notificationType: Bounce\n identity: ${example.domain}\n includeOriginalHeaders: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Identity Notification Topics using the ID of the record. The ID is made up as `IDENTITY|TYPE` where `IDENTITY` is the SES Identity and `TYPE` is the Notification Type. For example:\n\n```sh\n$ pulumi import aws:ses/identityNotificationTopic:IdentityNotificationTopic test 'example.com|Bounce'\n```\n", "properties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n" }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. `false` by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: `Bounce`, `Complaint` or `Delivery`.\n" }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to `\"\"` (an empty string) to disable publishing.\n" } }, "required": [ "identity", "notificationType" ], "inputProperties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n", "willReplaceOnChanges": true }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. `false` by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: `Bounce`, `Complaint` or `Delivery`.\n", "willReplaceOnChanges": true }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to `\"\"` (an empty string) to disable publishing.\n" } }, "requiredInputs": [ "identity", "notificationType" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityNotificationTopic resources.\n", "properties": { "identity": { "type": "string", "description": "The identity for which the Amazon SNS topic will be set. You can specify an identity by using its name or by using its Amazon Resource Name (ARN).\n", "willReplaceOnChanges": true }, "includeOriginalHeaders": { "type": "boolean", "description": "Whether SES should include original email headers in SNS notifications of this type. `false` by default.\n" }, "notificationType": { "type": "string", "description": "The type of notifications that will be published to the specified Amazon SNS topic. Valid Values: `Bounce`, `Complaint` or `Delivery`.\n", "willReplaceOnChanges": true }, "topicArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic. Can be set to `\"\"` (an empty string) to disable publishing.\n" } }, "type": "object" } }, "aws:ses/identityPolicy:IdentityPolicy": { "description": "Manages a SES Identity Policy. More information about SES Sending Authorization Policies can be found in the [SES Developer Guide](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/sending-authorization-policies.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomainIdentity = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n ],\n resources: [exampleDomainIdentity.arn],\n principals: [{\n identifiers: [\"*\"],\n type: \"AWS\",\n }],\n }],\n});\nconst exampleIdentityPolicy = new aws.ses.IdentityPolicy(\"example\", {\n identity: exampleDomainIdentity.arn,\n name: \"example\",\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain_identity = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n ],\n \"resources\": [example_domain_identity.arn],\n \"principals\": [{\n \"identifiers\": [\"*\"],\n \"type\": \"AWS\",\n }],\n}])\nexample_identity_policy = aws.ses.IdentityPolicy(\"example\",\n identity=example_domain_identity.arn,\n name=\"example\",\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomainIdentity = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"SES:SendEmail\",\n \"SES:SendRawEmail\",\n },\n Resources = new[]\n {\n exampleDomainIdentity.Arn,\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"*\",\n },\n Type = \"AWS\",\n },\n },\n },\n },\n });\n\n var exampleIdentityPolicy = new Aws.Ses.IdentityPolicy(\"example\", new()\n {\n Identity = exampleDomainIdentity.Arn,\n Name = \"example\",\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomainIdentity, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SES:SendEmail\"),\n\t\t\t\t\t\tpulumi.String(\"SES:SendRawEmail\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleDomainIdentity.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = ses.NewIdentityPolicy(ctx, \"example\", \u0026ses.IdentityPolicyArgs{\n\t\t\tIdentity: exampleDomainIdentity.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ses.IdentityPolicy;\nimport com.pulumi.aws.ses.IdentityPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleDomainIdentity = new DomainIdentity(\"exampleDomainIdentity\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"SES:SendEmail\",\n \"SES:SendRawEmail\")\n .resources(exampleDomainIdentity.arn())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"*\")\n .type(\"AWS\")\n .build())\n .build())\n .build());\n\n var exampleIdentityPolicy = new IdentityPolicy(\"exampleIdentityPolicy\", IdentityPolicyArgs.builder()\n .identity(exampleDomainIdentity.arn())\n .name(\"example\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDomainIdentity:\n type: aws:ses:DomainIdentity\n name: example\n properties:\n domain: example.com\n exampleIdentityPolicy:\n type: aws:ses:IdentityPolicy\n name: example\n properties:\n identity: ${exampleDomainIdentity.arn}\n name: example\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - SES:SendEmail\n - SES:SendRawEmail\n resources:\n - ${exampleDomainIdentity.arn}\n principals:\n - identifiers:\n - '*'\n type: AWS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES Identity Policies using the identity and policy name, separated by a pipe character (`|`). For example:\n\n```sh\n$ pulumi import aws:ses/identityPolicy:IdentityPolicy example 'example.com|example'\n```\n", "properties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n" }, "name": { "type": "string", "description": "Name of the policy.\n" }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "required": [ "identity", "name", "policy" ], "inputProperties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "requiredInputs": [ "identity", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentityPolicy resources.\n", "properties": { "identity": { "type": "string", "description": "Name or Amazon Resource Name (ARN) of the SES Identity.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the policy.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "JSON string of the policy.\n" } }, "type": "object" } }, "aws:ses/mailFrom:MailFrom": { "description": "Provides an SES domain MAIL FROM resource.\n\n\u003e **NOTE:** For the MAIL FROM domain to be fully usable, this resource should be paired with the aws.ses.DomainIdentity resource. To validate the MAIL FROM domain, a DNS MX record is required. To pass SPF checks, a DNS TXT record may also be required. See the [Amazon SES MAIL FROM documentation](https://docs.aws.amazon.com/ses/latest/dg/mail-from.html) for more information.\n\n## Example Usage\n\n### Domain Identity MAIL FROM\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example SES Domain Identity\nconst exampleDomainIdentity = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst example = new aws.ses.MailFrom(\"example\", {\n domain: exampleDomainIdentity.domain,\n mailFromDomain: pulumi.interpolate`bounce.${exampleDomainIdentity.domain}`,\n});\n// Example Route53 MX record\nconst exampleSesDomainMailFromMx = new aws.route53.Record(\"example_ses_domain_mail_from_mx\", {\n zoneId: exampleAwsRoute53Zone.id,\n name: example.mailFromDomain,\n type: aws.route53.RecordType.MX,\n ttl: 600,\n records: [\"10 feedback-smtp.us-east-1.amazonses.com\"],\n});\n// Example Route53 TXT record for SPF\nconst exampleSesDomainMailFromTxt = new aws.route53.Record(\"example_ses_domain_mail_from_txt\", {\n zoneId: exampleAwsRoute53Zone.id,\n name: example.mailFromDomain,\n type: aws.route53.RecordType.TXT,\n ttl: 600,\n records: [\"v=spf1 include:amazonses.com ~all\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example SES Domain Identity\nexample_domain_identity = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample = aws.ses.MailFrom(\"example\",\n domain=example_domain_identity.domain,\n mail_from_domain=example_domain_identity.domain.apply(lambda domain: f\"bounce.{domain}\"))\n# Example Route53 MX record\nexample_ses_domain_mail_from_mx = aws.route53.Record(\"example_ses_domain_mail_from_mx\",\n zone_id=example_aws_route53_zone[\"id\"],\n name=example.mail_from_domain,\n type=aws.route53.RecordType.MX,\n ttl=600,\n records=[\"10 feedback-smtp.us-east-1.amazonses.com\"])\n# Example Route53 TXT record for SPF\nexample_ses_domain_mail_from_txt = aws.route53.Record(\"example_ses_domain_mail_from_txt\",\n zone_id=example_aws_route53_zone[\"id\"],\n name=example.mail_from_domain,\n type=aws.route53.RecordType.TXT,\n ttl=600,\n records=[\"v=spf1 include:amazonses.com ~all\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Example SES Domain Identity\n var exampleDomainIdentity = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var example = new Aws.Ses.MailFrom(\"example\", new()\n {\n Domain = exampleDomainIdentity.Domain,\n MailFromDomain = exampleDomainIdentity.Domain.Apply(domain =\u003e $\"bounce.{domain}\"),\n });\n\n // Example Route53 MX record\n var exampleSesDomainMailFromMx = new Aws.Route53.Record(\"example_ses_domain_mail_from_mx\", new()\n {\n ZoneId = exampleAwsRoute53Zone.Id,\n Name = example.MailFromDomain,\n Type = Aws.Route53.RecordType.MX,\n Ttl = 600,\n Records = new[]\n {\n \"10 feedback-smtp.us-east-1.amazonses.com\",\n },\n });\n\n // Example Route53 TXT record for SPF\n var exampleSesDomainMailFromTxt = new Aws.Route53.Record(\"example_ses_domain_mail_from_txt\", new()\n {\n ZoneId = exampleAwsRoute53Zone.Id,\n Name = example.MailFromDomain,\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 600,\n Records = new[]\n {\n \"v=spf1 include:amazonses.com ~all\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Example SES Domain Identity\n\t\texampleDomainIdentity, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ses.NewMailFrom(ctx, \"example\", \u0026ses.MailFromArgs{\n\t\t\tDomain: exampleDomainIdentity.Domain,\n\t\t\tMailFromDomain: exampleDomainIdentity.Domain.ApplyT(func(domain string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"bounce.%v\", domain), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example Route53 MX record\n\t\t_, err = route53.NewRecord(ctx, \"example_ses_domain_mail_from_mx\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.Id),\n\t\t\tName: example.MailFromDomain,\n\t\t\tType: pulumi.String(route53.RecordTypeMX),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10 feedback-smtp.us-east-1.amazonses.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example Route53 TXT record for SPF\n\t\t_, err = route53.NewRecord(ctx, \"example_ses_domain_mail_from_txt\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.Id),\n\t\t\tName: example.MailFromDomain,\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"v=spf1 include:amazonses.com ~all\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.ses.MailFrom;\nimport com.pulumi.aws.ses.MailFromArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Example SES Domain Identity\n var exampleDomainIdentity = new DomainIdentity(\"exampleDomainIdentity\", DomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n var example = new MailFrom(\"example\", MailFromArgs.builder()\n .domain(exampleDomainIdentity.domain())\n .mailFromDomain(exampleDomainIdentity.domain().applyValue(domain -\u003e String.format(\"bounce.%s\", domain)))\n .build());\n\n // Example Route53 MX record\n var exampleSesDomainMailFromMx = new Record(\"exampleSesDomainMailFromMx\", RecordArgs.builder()\n .zoneId(exampleAwsRoute53Zone.id())\n .name(example.mailFromDomain())\n .type(\"MX\")\n .ttl(\"600\")\n .records(\"10 feedback-smtp.us-east-1.amazonses.com\")\n .build());\n\n // Example Route53 TXT record for SPF\n var exampleSesDomainMailFromTxt = new Record(\"exampleSesDomainMailFromTxt\", RecordArgs.builder()\n .zoneId(exampleAwsRoute53Zone.id())\n .name(example.mailFromDomain())\n .type(\"TXT\")\n .ttl(\"600\")\n .records(\"v=spf1 include:amazonses.com ~all\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:MailFrom\n properties:\n domain: ${exampleDomainIdentity.domain}\n mailFromDomain: bounce.${exampleDomainIdentity.domain}\n # Example SES Domain Identity\n exampleDomainIdentity:\n type: aws:ses:DomainIdentity\n name: example\n properties:\n domain: example.com\n # Example Route53 MX record\n exampleSesDomainMailFromMx:\n type: aws:route53:Record\n name: example_ses_domain_mail_from_mx\n properties:\n zoneId: ${exampleAwsRoute53Zone.id}\n name: ${example.mailFromDomain}\n type: MX\n ttl: '600'\n records: # Change to the region in which `aws_ses_domain_identity.example` is created\n - 10 feedback-smtp.us-east-1.amazonses.com\n # Example Route53 TXT record for SPF\n exampleSesDomainMailFromTxt:\n type: aws:route53:Record\n name: example_ses_domain_mail_from_txt\n properties:\n zoneId: ${exampleAwsRoute53Zone.id}\n name: ${example.mailFromDomain}\n type: TXT\n ttl: '600'\n records:\n - v=spf1 include:amazonses.com ~all\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Email Identity MAIL FROM\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example SES Email Identity\nconst example = new aws.ses.EmailIdentity(\"example\", {email: \"user@example.com\"});\nconst exampleMailFrom = new aws.ses.MailFrom(\"example\", {\n domain: example.email,\n mailFromDomain: \"mail.example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example SES Email Identity\nexample = aws.ses.EmailIdentity(\"example\", email=\"user@example.com\")\nexample_mail_from = aws.ses.MailFrom(\"example\",\n domain=example.email,\n mail_from_domain=\"mail.example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Example SES Email Identity\n var example = new Aws.Ses.EmailIdentity(\"example\", new()\n {\n Email = \"user@example.com\",\n });\n\n var exampleMailFrom = new Aws.Ses.MailFrom(\"example\", new()\n {\n Domain = example.Email,\n MailFromDomain = \"mail.example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Example SES Email Identity\n\t\texample, err := ses.NewEmailIdentity(ctx, \"example\", \u0026ses.EmailIdentityArgs{\n\t\t\tEmail: pulumi.String(\"user@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewMailFrom(ctx, \"example\", \u0026ses.MailFromArgs{\n\t\t\tDomain: example.Email,\n\t\t\tMailFromDomain: pulumi.String(\"mail.example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.EmailIdentity;\nimport com.pulumi.aws.ses.EmailIdentityArgs;\nimport com.pulumi.aws.ses.MailFrom;\nimport com.pulumi.aws.ses.MailFromArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Example SES Email Identity\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .email(\"user@example.com\")\n .build());\n\n var exampleMailFrom = new MailFrom(\"exampleMailFrom\", MailFromArgs.builder()\n .domain(example.email())\n .mailFromDomain(\"mail.example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Example SES Email Identity\n example:\n type: aws:ses:EmailIdentity\n properties:\n email: user@example.com\n exampleMailFrom:\n type: aws:ses:MailFrom\n name: example\n properties:\n domain: ${example.email}\n mailFromDomain: mail.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MAIL FROM domain using the `domain` attribute. For example:\n\n```sh\n$ pulumi import aws:ses/mailFrom:MailFrom example example.com\n```\n", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name or email identity to generate DKIM tokens for.\n" }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n\nThe following arguments are optional:\n" } }, "required": [ "domain", "mailFromDomain" ], "inputProperties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name or email identity to generate DKIM tokens for.\n", "willReplaceOnChanges": true }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "domain", "mailFromDomain" ], "stateInputs": { "description": "Input properties used for looking up and filtering MailFrom resources.\n", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action that you want Amazon SES to take if it cannot successfully read the required MX record when you send an email. Defaults to `UseDefaultValue`. See the [SES API documentation](https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html) for more information.\n" }, "domain": { "type": "string", "description": "Verified domain name or email identity to generate DKIM tokens for.\n", "willReplaceOnChanges": true }, "mailFromDomain": { "type": "string", "description": "Subdomain (of above domain) which is to be used as MAIL FROM address (Required for DMARC validation)\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:ses/receiptFilter:ReceiptFilter": { "description": "Provides an SES receipt filter resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filter = new aws.ses.ReceiptFilter(\"filter\", {\n name: \"block-spammer\",\n cidr: \"10.10.10.10\",\n policy: \"Block\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfilter = aws.ses.ReceiptFilter(\"filter\",\n name=\"block-spammer\",\n cidr=\"10.10.10.10\",\n policy=\"Block\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filter = new Aws.Ses.ReceiptFilter(\"filter\", new()\n {\n Name = \"block-spammer\",\n Cidr = \"10.10.10.10\",\n Policy = \"Block\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewReceiptFilter(ctx, \"filter\", \u0026ses.ReceiptFilterArgs{\n\t\t\tName: pulumi.String(\"block-spammer\"),\n\t\t\tCidr: pulumi.String(\"10.10.10.10\"),\n\t\t\tPolicy: pulumi.String(\"Block\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ReceiptFilter;\nimport com.pulumi.aws.ses.ReceiptFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var filter = new ReceiptFilter(\"filter\", ReceiptFilterArgs.builder()\n .name(\"block-spammer\")\n .cidr(\"10.10.10.10\")\n .policy(\"Block\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n filter:\n type: aws:ses:ReceiptFilter\n properties:\n name: block-spammer\n cidr: 10.10.10.10\n policy: Block\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES Receipt Filter using their `name`. For example:\n\n```sh\n$ pulumi import aws:ses/receiptFilter:ReceiptFilter test some-filter\n```\n", "properties": { "arn": { "type": "string", "description": "The SES receipt filter ARN.\n" }, "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n" }, "name": { "type": "string", "description": "The name of the filter\n" }, "policy": { "type": "string", "description": "Block or Allow\n" } }, "required": [ "arn", "cidr", "name", "policy" ], "inputProperties": { "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the filter\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Block or Allow\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "cidr", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptFilter resources.\n", "properties": { "arn": { "type": "string", "description": "The SES receipt filter ARN.\n" }, "cidr": { "type": "string", "description": "The IP address or address range to filter, in CIDR notation\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the filter\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "Block or Allow\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/receiptRule:ReceiptRule": { "description": "Provides an SES receipt rule resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Add a header to the email and store it in S3\nconst store = new aws.ses.ReceiptRule(\"store\", {\n name: \"store\",\n ruleSetName: \"default-rule-set\",\n recipients: [\"karen@example.com\"],\n enabled: true,\n scanEnabled: true,\n addHeaderActions: [{\n headerName: \"Custom-Header\",\n headerValue: \"Added by SES\",\n position: 1,\n }],\n s3Actions: [{\n bucketName: \"emails\",\n position: 2,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Add a header to the email and store it in S3\nstore = aws.ses.ReceiptRule(\"store\",\n name=\"store\",\n rule_set_name=\"default-rule-set\",\n recipients=[\"karen@example.com\"],\n enabled=True,\n scan_enabled=True,\n add_header_actions=[{\n \"header_name\": \"Custom-Header\",\n \"header_value\": \"Added by SES\",\n \"position\": 1,\n }],\n s3_actions=[{\n \"bucket_name\": \"emails\",\n \"position\": 2,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Add a header to the email and store it in S3\n var store = new Aws.Ses.ReceiptRule(\"store\", new()\n {\n Name = \"store\",\n RuleSetName = \"default-rule-set\",\n Recipients = new[]\n {\n \"karen@example.com\",\n },\n Enabled = true,\n ScanEnabled = true,\n AddHeaderActions = new[]\n {\n new Aws.Ses.Inputs.ReceiptRuleAddHeaderActionArgs\n {\n HeaderName = \"Custom-Header\",\n HeaderValue = \"Added by SES\",\n Position = 1,\n },\n },\n S3Actions = new[]\n {\n new Aws.Ses.Inputs.ReceiptRuleS3ActionArgs\n {\n BucketName = \"emails\",\n Position = 2,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Add a header to the email and store it in S3\n\t\t_, err := ses.NewReceiptRule(ctx, \"store\", \u0026ses.ReceiptRuleArgs{\n\t\t\tName: pulumi.String(\"store\"),\n\t\t\tRuleSetName: pulumi.String(\"default-rule-set\"),\n\t\t\tRecipients: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"karen@example.com\"),\n\t\t\t},\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tScanEnabled: pulumi.Bool(true),\n\t\t\tAddHeaderActions: ses.ReceiptRuleAddHeaderActionArray{\n\t\t\t\t\u0026ses.ReceiptRuleAddHeaderActionArgs{\n\t\t\t\t\tHeaderName: pulumi.String(\"Custom-Header\"),\n\t\t\t\t\tHeaderValue: pulumi.String(\"Added by SES\"),\n\t\t\t\t\tPosition: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t\tS3Actions: ses.ReceiptRuleS3ActionArray{\n\t\t\t\t\u0026ses.ReceiptRuleS3ActionArgs{\n\t\t\t\t\tBucketName: pulumi.String(\"emails\"),\n\t\t\t\t\tPosition: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ReceiptRule;\nimport com.pulumi.aws.ses.ReceiptRuleArgs;\nimport com.pulumi.aws.ses.inputs.ReceiptRuleAddHeaderActionArgs;\nimport com.pulumi.aws.ses.inputs.ReceiptRuleS3ActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Add a header to the email and store it in S3\n var store = new ReceiptRule(\"store\", ReceiptRuleArgs.builder()\n .name(\"store\")\n .ruleSetName(\"default-rule-set\")\n .recipients(\"karen@example.com\")\n .enabled(true)\n .scanEnabled(true)\n .addHeaderActions(ReceiptRuleAddHeaderActionArgs.builder()\n .headerName(\"Custom-Header\")\n .headerValue(\"Added by SES\")\n .position(1)\n .build())\n .s3Actions(ReceiptRuleS3ActionArgs.builder()\n .bucketName(\"emails\")\n .position(2)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Add a header to the email and store it in S3\n store:\n type: aws:ses:ReceiptRule\n properties:\n name: store\n ruleSetName: default-rule-set\n recipients:\n - karen@example.com\n enabled: true\n scanEnabled: true\n addHeaderActions:\n - headerName: Custom-Header\n headerValue: Added by SES\n position: 1\n s3Actions:\n - bucketName: emails\n position: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES receipt rules using the ruleset name and rule name separated by `:`. For example:\n\n```sh\n$ pulumi import aws:ses/receiptRule:ReceiptRule my_rule my_rule_set:my_rule\n```\n", "properties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "arn": { "type": "string", "description": "The SES receipt rule ARN.\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n" }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n" }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "`Require` or `Optional`\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "required": [ "arn", "name", "ruleSetName", "tlsPolicy" ], "inputProperties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n", "willReplaceOnChanges": true }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "`Require` or `Optional`\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptRule resources.\n", "properties": { "addHeaderActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleAddHeaderAction:ReceiptRuleAddHeaderAction" }, "description": "A list of Add Header Action blocks. Documented below.\n" }, "after": { "type": "string", "description": "The name of the rule to place this rule after\n" }, "arn": { "type": "string", "description": "The SES receipt rule ARN.\n" }, "bounceActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleBounceAction:ReceiptRuleBounceAction" }, "description": "A list of Bounce Action blocks. Documented below.\n" }, "enabled": { "type": "boolean", "description": "If true, the rule will be enabled\n" }, "lambdaActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleLambdaAction:ReceiptRuleLambdaAction" }, "description": "A list of Lambda Action blocks. Documented below.\n" }, "name": { "type": "string", "description": "The name of the rule\n", "willReplaceOnChanges": true }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "A list of email addresses\n" }, "ruleSetName": { "type": "string", "description": "The name of the rule set\n", "willReplaceOnChanges": true }, "s3Actions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleS3Action:ReceiptRuleS3Action" }, "description": "A list of S3 Action blocks. Documented below.\n" }, "scanEnabled": { "type": "boolean", "description": "If true, incoming emails will be scanned for spam and viruses\n" }, "snsActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleSnsAction:ReceiptRuleSnsAction" }, "description": "A list of SNS Action blocks. Documented below.\n" }, "stopActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleStopAction:ReceiptRuleStopAction" }, "description": "A list of Stop Action blocks. Documented below.\n" }, "tlsPolicy": { "type": "string", "description": "`Require` or `Optional`\n" }, "workmailActions": { "type": "array", "items": { "$ref": "#/types/aws:ses/ReceiptRuleWorkmailAction:ReceiptRuleWorkmailAction" }, "description": "A list of WorkMail Action blocks. Documented below.\n" } }, "type": "object" } }, "aws:ses/receiptRuleSet:ReceiptRuleSet": { "description": "Provides an SES receipt rule set resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ses.ReceiptRuleSet(\"main\", {ruleSetName: \"primary-rules\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ses.ReceiptRuleSet(\"main\", rule_set_name=\"primary-rules\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ses.ReceiptRuleSet(\"main\", new()\n {\n RuleSetName = \"primary-rules\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewReceiptRuleSet(ctx, \"main\", \u0026ses.ReceiptRuleSetArgs{\n\t\t\tRuleSetName: pulumi.String(\"primary-rules\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.ReceiptRuleSet;\nimport com.pulumi.aws.ses.ReceiptRuleSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new ReceiptRuleSet(\"main\", ReceiptRuleSetArgs.builder()\n .ruleSetName(\"primary-rules\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ses:ReceiptRuleSet\n properties:\n ruleSetName: primary-rules\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES receipt rule sets using the rule set name. For example:\n\n```sh\n$ pulumi import aws:ses/receiptRuleSet:ReceiptRuleSet my_rule_set my_rule_set_name\n```\n", "properties": { "arn": { "type": "string", "description": "SES receipt rule set ARN.\n" }, "ruleSetName": { "type": "string", "description": "Name of the rule set.\n" } }, "required": [ "arn", "ruleSetName" ], "inputProperties": { "ruleSetName": { "type": "string", "description": "Name of the rule set.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "ruleSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReceiptRuleSet resources.\n", "properties": { "arn": { "type": "string", "description": "SES receipt rule set ARN.\n" }, "ruleSetName": { "type": "string", "description": "Name of the rule set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ses/template:Template": { "description": "Provides a resource to create a SES template.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myTemplate = new aws.ses.Template(\"MyTemplate\", {\n name: \"MyTemplate\",\n subject: \"Greetings, {{name}}!\",\n html: \"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n text: `Hello {{name}},\\x0d\nYour favorite animal is {{favoriteanimal}}.`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_template = aws.ses.Template(\"MyTemplate\",\n name=\"MyTemplate\",\n subject=\"Greetings, {{name}}!\",\n html=\"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n text=\"\"\"Hello {{name}},\\x0d\nYour favorite animal is {{favoriteanimal}}.\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myTemplate = new Aws.Ses.Template(\"MyTemplate\", new()\n {\n Name = \"MyTemplate\",\n Subject = \"Greetings, {{name}}!\",\n Html = \"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\",\n Text = @\"Hello {{name}},\r\nYour favorite animal is {{favoriteanimal}}.\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.NewTemplate(ctx, \"MyTemplate\", \u0026ses.TemplateArgs{\n\t\t\tName: pulumi.String(\"MyTemplate\"),\n\t\t\tSubject: pulumi.String(\"Greetings, {{name}}!\"),\n\t\t\tHtml: pulumi.String(\"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\"),\n\t\t\tText: pulumi.String(\"Hello {{name}},\r\\nYour favorite animal is {{favoriteanimal}}.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.Template;\nimport com.pulumi.aws.ses.TemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myTemplate = new Template(\"myTemplate\", TemplateArgs.builder()\n .name(\"MyTemplate\")\n .subject(\"Greetings, {{name}}!\")\n .html(\"\u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\")\n .text(\"\"\"\nHello {{name}},\r\nYour favorite animal is {{favoriteanimal}}. \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myTemplate:\n type: aws:ses:Template\n name: MyTemplate\n properties:\n name: MyTemplate\n subject: Greetings, {{name}}!\n html: \u003ch1\u003eHello {{name}},\u003c/h1\u003e\u003cp\u003eYour favorite animal is {{favoriteanimal}}.\u003c/p\u003e\n text: \"Hello {{name}},\\r\\nYour favorite animal is {{favoriteanimal}}.\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SES templates using the template name. For example:\n\n```sh\n$ pulumi import aws:ses/template:Template MyTemplate MyTemplate\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SES template\n" }, "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n" }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n", "willReplaceOnChanges": true }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Template resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SES template\n" }, "html": { "type": "string", "description": "The HTML body of the email. Must be less than 500KB in size, including both the text and HTML parts.\n" }, "name": { "type": "string", "description": "The name of the template. Cannot exceed 64 characters. You will refer to this name when you send email.\n", "willReplaceOnChanges": true }, "subject": { "type": "string", "description": "The subject line of the email.\n" }, "text": { "type": "string", "description": "The email body that will be visible to recipients whose email clients do not display HTML. Must be less than 500KB in size, including both the text and HTML parts.\n" } }, "type": "object" } }, "aws:sesv2/accountVdmAttributes:AccountVdmAttributes": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Account VDM Attributes.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.AccountVdmAttributes(\"example\", {\n vdmEnabled: \"ENABLED\",\n dashboardAttributes: {\n engagementMetrics: \"ENABLED\",\n },\n guardianAttributes: {\n optimizedSharedDelivery: \"ENABLED\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.AccountVdmAttributes(\"example\",\n vdm_enabled=\"ENABLED\",\n dashboard_attributes={\n \"engagement_metrics\": \"ENABLED\",\n },\n guardian_attributes={\n \"optimized_shared_delivery\": \"ENABLED\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.AccountVdmAttributes(\"example\", new()\n {\n VdmEnabled = \"ENABLED\",\n DashboardAttributes = new Aws.SesV2.Inputs.AccountVdmAttributesDashboardAttributesArgs\n {\n EngagementMetrics = \"ENABLED\",\n },\n GuardianAttributes = new Aws.SesV2.Inputs.AccountVdmAttributesGuardianAttributesArgs\n {\n OptimizedSharedDelivery = \"ENABLED\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewAccountVdmAttributes(ctx, \"example\", \u0026sesv2.AccountVdmAttributesArgs{\n\t\t\tVdmEnabled: pulumi.String(\"ENABLED\"),\n\t\t\tDashboardAttributes: \u0026sesv2.AccountVdmAttributesDashboardAttributesArgs{\n\t\t\t\tEngagementMetrics: pulumi.String(\"ENABLED\"),\n\t\t\t},\n\t\t\tGuardianAttributes: \u0026sesv2.AccountVdmAttributesGuardianAttributesArgs{\n\t\t\t\tOptimizedSharedDelivery: pulumi.String(\"ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.AccountVdmAttributes;\nimport com.pulumi.aws.sesv2.AccountVdmAttributesArgs;\nimport com.pulumi.aws.sesv2.inputs.AccountVdmAttributesDashboardAttributesArgs;\nimport com.pulumi.aws.sesv2.inputs.AccountVdmAttributesGuardianAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccountVdmAttributes(\"example\", AccountVdmAttributesArgs.builder()\n .vdmEnabled(\"ENABLED\")\n .dashboardAttributes(AccountVdmAttributesDashboardAttributesArgs.builder()\n .engagementMetrics(\"ENABLED\")\n .build())\n .guardianAttributes(AccountVdmAttributesGuardianAttributesArgs.builder()\n .optimizedSharedDelivery(\"ENABLED\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:AccountVdmAttributes\n properties:\n vdmEnabled: ENABLED\n dashboardAttributes:\n engagementMetrics: ENABLED\n guardianAttributes:\n optimizedSharedDelivery: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Account VDM Attributes using the word `ses-account-vdm-attributes`. For example:\n\n```sh\n$ pulumi import aws:sesv2/accountVdmAttributes:AccountVdmAttributes example ses-account-vdm-attributes\n```\n", "properties": { "dashboardAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesDashboardAttributes:AccountVdmAttributesDashboardAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.\n" }, "guardianAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesGuardianAttributes:AccountVdmAttributesGuardianAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian.\n" }, "vdmEnabled": { "type": "string", "description": "Specifies the status of your VDM configuration. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "required": [ "dashboardAttributes", "guardianAttributes", "vdmEnabled" ], "inputProperties": { "dashboardAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesDashboardAttributes:AccountVdmAttributesDashboardAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.\n" }, "guardianAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesGuardianAttributes:AccountVdmAttributesGuardianAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian.\n" }, "vdmEnabled": { "type": "string", "description": "Specifies the status of your VDM configuration. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "vdmEnabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountVdmAttributes resources.\n", "properties": { "dashboardAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesDashboardAttributes:AccountVdmAttributesDashboardAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.\n" }, "guardianAttributes": { "$ref": "#/types/aws:sesv2/AccountVdmAttributesGuardianAttributes:AccountVdmAttributesGuardianAttributes", "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian.\n" }, "vdmEnabled": { "type": "string", "description": "Specifies the status of your VDM configuration. Valid values: `ENABLED`, `DISABLED`.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:sesv2/configurationSet:ConfigurationSet": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Configuration Set.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {\n configurationSetName: \"example\",\n deliveryOptions: {\n tlsPolicy: \"REQUIRE\",\n },\n reputationOptions: {\n reputationMetricsEnabled: false,\n },\n sendingOptions: {\n sendingEnabled: true,\n },\n suppressionOptions: {\n suppressedReasons: [\n \"BOUNCE\",\n \"COMPLAINT\",\n ],\n },\n trackingOptions: {\n customRedirectDomain: \"example.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\",\n configuration_set_name=\"example\",\n delivery_options={\n \"tls_policy\": \"REQUIRE\",\n },\n reputation_options={\n \"reputation_metrics_enabled\": False,\n },\n sending_options={\n \"sending_enabled\": True,\n },\n suppression_options={\n \"suppressed_reasons\": [\n \"BOUNCE\",\n \"COMPLAINT\",\n ],\n },\n tracking_options={\n \"custom_redirect_domain\": \"example.com\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n DeliveryOptions = new Aws.SesV2.Inputs.ConfigurationSetDeliveryOptionsArgs\n {\n TlsPolicy = \"REQUIRE\",\n },\n ReputationOptions = new Aws.SesV2.Inputs.ConfigurationSetReputationOptionsArgs\n {\n ReputationMetricsEnabled = false,\n },\n SendingOptions = new Aws.SesV2.Inputs.ConfigurationSetSendingOptionsArgs\n {\n SendingEnabled = true,\n },\n SuppressionOptions = new Aws.SesV2.Inputs.ConfigurationSetSuppressionOptionsArgs\n {\n SuppressedReasons = new[]\n {\n \"BOUNCE\",\n \"COMPLAINT\",\n },\n },\n TrackingOptions = new Aws.SesV2.Inputs.ConfigurationSetTrackingOptionsArgs\n {\n CustomRedirectDomain = \"example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t\tDeliveryOptions: \u0026sesv2.ConfigurationSetDeliveryOptionsArgs{\n\t\t\t\tTlsPolicy: pulumi.String(\"REQUIRE\"),\n\t\t\t},\n\t\t\tReputationOptions: \u0026sesv2.ConfigurationSetReputationOptionsArgs{\n\t\t\t\tReputationMetricsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tSendingOptions: \u0026sesv2.ConfigurationSetSendingOptionsArgs{\n\t\t\t\tSendingEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tSuppressionOptions: \u0026sesv2.ConfigurationSetSuppressionOptionsArgs{\n\t\t\t\tSuppressedReasons: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"BOUNCE\"),\n\t\t\t\t\tpulumi.String(\"COMPLAINT\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTrackingOptions: \u0026sesv2.ConfigurationSetTrackingOptionsArgs{\n\t\t\t\tCustomRedirectDomain: pulumi.String(\"example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetDeliveryOptionsArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetReputationOptionsArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetSendingOptionsArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetSuppressionOptionsArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetTrackingOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .deliveryOptions(ConfigurationSetDeliveryOptionsArgs.builder()\n .tlsPolicy(\"REQUIRE\")\n .build())\n .reputationOptions(ConfigurationSetReputationOptionsArgs.builder()\n .reputationMetricsEnabled(false)\n .build())\n .sendingOptions(ConfigurationSetSendingOptionsArgs.builder()\n .sendingEnabled(true)\n .build())\n .suppressionOptions(ConfigurationSetSuppressionOptionsArgs.builder()\n .suppressedReasons( \n \"BOUNCE\",\n \"COMPLAINT\")\n .build())\n .trackingOptions(ConfigurationSetTrackingOptionsArgs.builder()\n .customRedirectDomain(\"example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n deliveryOptions:\n tlsPolicy: REQUIRE\n reputationOptions:\n reputationMetricsEnabled: false\n sendingOptions:\n sendingEnabled: true\n suppressionOptions:\n suppressedReasons:\n - BOUNCE\n - COMPLAINT\n trackingOptions:\n customRedirectDomain: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Configuration Set using the `configuration_set_name`. For example:\n\n```sh\n$ pulumi import aws:sesv2/configurationSet:ConfigurationSet example example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Configuration Set.\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n" }, "deliveryOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set. See `delivery_options` Block for details.\n" }, "reputationOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetReputationOptions:ConfigurationSetReputationOptions", "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set. See `reputation_options` Block for details.\n" }, "sendingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSendingOptions:ConfigurationSetSendingOptions", "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set. See `sending_options` Block for details.\n" }, "suppressionOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSuppressionOptions:ConfigurationSetSuppressionOptions", "description": "An object that contains information about the suppression list preferences for your account. See `suppression_options` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "trackingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "An object that defines the open and click tracking options for emails that you send using the configuration set. See `tracking_options` Block for details.\n" }, "vdmOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetVdmOptions:ConfigurationSetVdmOptions", "description": "An object that defines the VDM settings that apply to emails that you send using the configuration set. See `vdm_options` Block for details.\n" } }, "required": [ "arn", "configurationSetName", "reputationOptions", "sendingOptions", "tagsAll" ], "inputProperties": { "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n", "willReplaceOnChanges": true }, "deliveryOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set. See `delivery_options` Block for details.\n" }, "reputationOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetReputationOptions:ConfigurationSetReputationOptions", "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set. See `reputation_options` Block for details.\n" }, "sendingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSendingOptions:ConfigurationSetSendingOptions", "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set. See `sending_options` Block for details.\n" }, "suppressionOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSuppressionOptions:ConfigurationSetSuppressionOptions", "description": "An object that contains information about the suppression list preferences for your account. See `suppression_options` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trackingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "An object that defines the open and click tracking options for emails that you send using the configuration set. See `tracking_options` Block for details.\n" }, "vdmOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetVdmOptions:ConfigurationSetVdmOptions", "description": "An object that defines the VDM settings that apply to emails that you send using the configuration set. See `vdm_options` Block for details.\n" } }, "requiredInputs": [ "configurationSetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationSet resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Configuration Set.\n" }, "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n", "willReplaceOnChanges": true }, "deliveryOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetDeliveryOptions:ConfigurationSetDeliveryOptions", "description": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set. See `delivery_options` Block for details.\n" }, "reputationOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetReputationOptions:ConfigurationSetReputationOptions", "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set. See `reputation_options` Block for details.\n" }, "sendingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSendingOptions:ConfigurationSetSendingOptions", "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set. See `sending_options` Block for details.\n" }, "suppressionOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetSuppressionOptions:ConfigurationSetSuppressionOptions", "description": "An object that contains information about the suppression list preferences for your account. See `suppression_options` Block for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "trackingOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetTrackingOptions:ConfigurationSetTrackingOptions", "description": "An object that defines the open and click tracking options for emails that you send using the configuration set. See `tracking_options` Block for details.\n" }, "vdmOptions": { "$ref": "#/types/aws:sesv2/ConfigurationSetVdmOptions:ConfigurationSetVdmOptions", "description": "An object that defines the VDM settings that apply to emails that you send using the configuration set. See `vdm_options` Block for details.\n" } }, "type": "object" } }, "aws:sesv2/configurationSetEventDestination:ConfigurationSetEventDestination": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Configuration Set Event Destination.\n\n## Example Usage\n\n### CloudWatch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {configurationSetName: \"example\"});\nconst exampleConfigurationSetEventDestination = new aws.sesv2.ConfigurationSetEventDestination(\"example\", {\n configurationSetName: example.configurationSetName,\n eventDestinationName: \"example\",\n eventDestination: {\n cloudWatchDestination: {\n dimensionConfigurations: [{\n defaultDimensionValue: \"example\",\n dimensionName: \"example\",\n dimensionValueSource: \"MESSAGE_TAG\",\n }],\n },\n enabled: true,\n matchingEventTypes: [\"SEND\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\", configuration_set_name=\"example\")\nexample_configuration_set_event_destination = aws.sesv2.ConfigurationSetEventDestination(\"example\",\n configuration_set_name=example.configuration_set_name,\n event_destination_name=\"example\",\n event_destination={\n \"cloud_watch_destination\": {\n \"dimension_configurations\": [{\n \"default_dimension_value\": \"example\",\n \"dimension_name\": \"example\",\n \"dimension_value_source\": \"MESSAGE_TAG\",\n }],\n },\n \"enabled\": True,\n \"matching_event_types\": [\"SEND\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n });\n\n var exampleConfigurationSetEventDestination = new Aws.SesV2.ConfigurationSetEventDestination(\"example\", new()\n {\n ConfigurationSetName = example.ConfigurationSetName,\n EventDestinationName = \"example\",\n EventDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationArgs\n {\n CloudWatchDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationArgs\n {\n DimensionConfigurations = new[]\n {\n new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfigurationArgs\n {\n DefaultDimensionValue = \"example\",\n DimensionName = \"example\",\n DimensionValueSource = \"MESSAGE_TAG\",\n },\n },\n },\n Enabled = true,\n MatchingEventTypes = new[]\n {\n \"SEND\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewConfigurationSetEventDestination(ctx, \"example\", \u0026sesv2.ConfigurationSetEventDestinationArgs{\n\t\t\tConfigurationSetName: example.ConfigurationSetName,\n\t\t\tEventDestinationName: pulumi.String(\"example\"),\n\t\t\tEventDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationArgs{\n\t\t\t\tCloudWatchDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationArgs{\n\t\t\t\t\tDimensionConfigurations: sesv2.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfigurationArray{\n\t\t\t\t\t\t\u0026sesv2.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfigurationArgs{\n\t\t\t\t\t\t\tDefaultDimensionValue: pulumi.String(\"example\"),\n\t\t\t\t\t\t\tDimensionName: pulumi.String(\"example\"),\n\t\t\t\t\t\t\tDimensionValueSource: pulumi.String(\"MESSAGE_TAG\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tMatchingEventTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"SEND\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestination;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n var exampleConfigurationSetEventDestination = new ConfigurationSetEventDestination(\"exampleConfigurationSetEventDestination\", ConfigurationSetEventDestinationArgs.builder()\n .configurationSetName(example.configurationSetName())\n .eventDestinationName(\"example\")\n .eventDestination(ConfigurationSetEventDestinationEventDestinationArgs.builder()\n .cloudWatchDestination(ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationArgs.builder()\n .dimensionConfigurations(ConfigurationSetEventDestinationEventDestinationCloudWatchDestinationDimensionConfigurationArgs.builder()\n .defaultDimensionValue(\"example\")\n .dimensionName(\"example\")\n .dimensionValueSource(\"MESSAGE_TAG\")\n .build())\n .build())\n .enabled(true)\n .matchingEventTypes(\"SEND\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n exampleConfigurationSetEventDestination:\n type: aws:sesv2:ConfigurationSetEventDestination\n name: example\n properties:\n configurationSetName: ${example.configurationSetName}\n eventDestinationName: example\n eventDestination:\n cloudWatchDestination:\n dimensionConfigurations:\n - defaultDimensionValue: example\n dimensionName: example\n dimensionValueSource: MESSAGE_TAG\n enabled: true\n matchingEventTypes:\n - SEND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EventBridge Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst default = aws.cloudwatch.getEventBus({\n name: \"default\",\n});\nconst example = new aws.sesv2.ConfigurationSetEventDestination(\"example\", {\n configurationSetName: exampleAwsSesv2ConfigurationSet.configurationSetName,\n eventDestinationName: \"example\",\n eventDestination: {\n eventBridgeDestination: {\n eventBusArn: _default.then(_default =\u003e _default.arn),\n },\n enabled: true,\n matchingEventTypes: [\"SEND\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.cloudwatch.get_event_bus(name=\"default\")\nexample = aws.sesv2.ConfigurationSetEventDestination(\"example\",\n configuration_set_name=example_aws_sesv2_configuration_set[\"configurationSetName\"],\n event_destination_name=\"example\",\n event_destination={\n \"event_bridge_destination\": {\n \"event_bus_arn\": default.arn,\n },\n \"enabled\": True,\n \"matching_event_types\": [\"SEND\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.CloudWatch.GetEventBus.Invoke(new()\n {\n Name = \"default\",\n });\n\n var example = new Aws.SesV2.ConfigurationSetEventDestination(\"example\", new()\n {\n ConfigurationSetName = exampleAwsSesv2ConfigurationSet.ConfigurationSetName,\n EventDestinationName = \"example\",\n EventDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationArgs\n {\n EventBridgeDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationEventBridgeDestinationArgs\n {\n EventBusArn = @default.Apply(@default =\u003e @default.Apply(getEventBusResult =\u003e getEventBusResult.Arn)),\n },\n Enabled = true,\n MatchingEventTypes = new[]\n {\n \"SEND\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_default, err := cloudwatch.LookupEventBus(ctx, \u0026cloudwatch.LookupEventBusArgs{\n\t\t\tName: \"default\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewConfigurationSetEventDestination(ctx, \"example\", \u0026sesv2.ConfigurationSetEventDestinationArgs{\n\t\t\tConfigurationSetName: pulumi.Any(exampleAwsSesv2ConfigurationSet.ConfigurationSetName),\n\t\t\tEventDestinationName: pulumi.String(\"example\"),\n\t\t\tEventDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationArgs{\n\t\t\t\tEventBridgeDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationEventBridgeDestinationArgs{\n\t\t\t\t\tEventBusArn: pulumi.String(_default.Arn),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tMatchingEventTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"SEND\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetEventBusArgs;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestination;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationEventBridgeDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = CloudwatchFunctions.getEventBus(GetEventBusArgs.builder()\n .name(\"default\")\n .build());\n\n var example = new ConfigurationSetEventDestination(\"example\", ConfigurationSetEventDestinationArgs.builder()\n .configurationSetName(exampleAwsSesv2ConfigurationSet.configurationSetName())\n .eventDestinationName(\"example\")\n .eventDestination(ConfigurationSetEventDestinationEventDestinationArgs.builder()\n .eventBridgeDestination(ConfigurationSetEventDestinationEventDestinationEventBridgeDestinationArgs.builder()\n .eventBusArn(default_.arn())\n .build())\n .enabled(true)\n .matchingEventTypes(\"SEND\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSetEventDestination\n properties:\n configurationSetName: ${exampleAwsSesv2ConfigurationSet.configurationSetName}\n eventDestinationName: example\n eventDestination:\n eventBridgeDestination:\n eventBusArn: ${default.arn}\n enabled: true\n matchingEventTypes:\n - SEND\nvariables:\n default:\n fn::invoke:\n Function: aws:cloudwatch:getEventBus\n Arguments:\n name: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kinesis Firehose Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {configurationSetName: \"example\"});\nconst exampleConfigurationSetEventDestination = new aws.sesv2.ConfigurationSetEventDestination(\"example\", {\n configurationSetName: example.configurationSetName,\n eventDestinationName: \"example\",\n eventDestination: {\n kinesisFirehoseDestination: {\n deliveryStreamArn: exampleAwsKinesisFirehoseDeliveryStream.arn,\n iamRoleArn: exampleAwsIamRole.arn,\n },\n enabled: true,\n matchingEventTypes: [\"SEND\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\", configuration_set_name=\"example\")\nexample_configuration_set_event_destination = aws.sesv2.ConfigurationSetEventDestination(\"example\",\n configuration_set_name=example.configuration_set_name,\n event_destination_name=\"example\",\n event_destination={\n \"kinesis_firehose_destination\": {\n \"delivery_stream_arn\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n \"iam_role_arn\": example_aws_iam_role[\"arn\"],\n },\n \"enabled\": True,\n \"matching_event_types\": [\"SEND\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n });\n\n var exampleConfigurationSetEventDestination = new Aws.SesV2.ConfigurationSetEventDestination(\"example\", new()\n {\n ConfigurationSetName = example.ConfigurationSetName,\n EventDestinationName = \"example\",\n EventDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationArgs\n {\n KinesisFirehoseDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestinationArgs\n {\n DeliveryStreamArn = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n IamRoleArn = exampleAwsIamRole.Arn,\n },\n Enabled = true,\n MatchingEventTypes = new[]\n {\n \"SEND\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewConfigurationSetEventDestination(ctx, \"example\", \u0026sesv2.ConfigurationSetEventDestinationArgs{\n\t\t\tConfigurationSetName: example.ConfigurationSetName,\n\t\t\tEventDestinationName: pulumi.String(\"example\"),\n\t\t\tEventDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationArgs{\n\t\t\t\tKinesisFirehoseDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestinationArgs{\n\t\t\t\t\tDeliveryStreamArn: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tMatchingEventTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"SEND\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestination;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n var exampleConfigurationSetEventDestination = new ConfigurationSetEventDestination(\"exampleConfigurationSetEventDestination\", ConfigurationSetEventDestinationArgs.builder()\n .configurationSetName(example.configurationSetName())\n .eventDestinationName(\"example\")\n .eventDestination(ConfigurationSetEventDestinationEventDestinationArgs.builder()\n .kinesisFirehoseDestination(ConfigurationSetEventDestinationEventDestinationKinesisFirehoseDestinationArgs.builder()\n .deliveryStreamArn(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .iamRoleArn(exampleAwsIamRole.arn())\n .build())\n .enabled(true)\n .matchingEventTypes(\"SEND\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n exampleConfigurationSetEventDestination:\n type: aws:sesv2:ConfigurationSetEventDestination\n name: example\n properties:\n configurationSetName: ${example.configurationSetName}\n eventDestinationName: example\n eventDestination:\n kinesisFirehoseDestination:\n deliveryStreamArn: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n iamRoleArn: ${exampleAwsIamRole.arn}\n enabled: true\n matchingEventTypes:\n - SEND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Pinpoint Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {configurationSetName: \"example\"});\nconst exampleConfigurationSetEventDestination = new aws.sesv2.ConfigurationSetEventDestination(\"example\", {\n configurationSetName: example.configurationSetName,\n eventDestinationName: \"example\",\n eventDestination: {\n pinpointDestination: {\n applicationArn: exampleAwsPinpointApp.arn,\n },\n enabled: true,\n matchingEventTypes: [\"SEND\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\", configuration_set_name=\"example\")\nexample_configuration_set_event_destination = aws.sesv2.ConfigurationSetEventDestination(\"example\",\n configuration_set_name=example.configuration_set_name,\n event_destination_name=\"example\",\n event_destination={\n \"pinpoint_destination\": {\n \"application_arn\": example_aws_pinpoint_app[\"arn\"],\n },\n \"enabled\": True,\n \"matching_event_types\": [\"SEND\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n });\n\n var exampleConfigurationSetEventDestination = new Aws.SesV2.ConfigurationSetEventDestination(\"example\", new()\n {\n ConfigurationSetName = example.ConfigurationSetName,\n EventDestinationName = \"example\",\n EventDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationArgs\n {\n PinpointDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationPinpointDestinationArgs\n {\n ApplicationArn = exampleAwsPinpointApp.Arn,\n },\n Enabled = true,\n MatchingEventTypes = new[]\n {\n \"SEND\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewConfigurationSetEventDestination(ctx, \"example\", \u0026sesv2.ConfigurationSetEventDestinationArgs{\n\t\t\tConfigurationSetName: example.ConfigurationSetName,\n\t\t\tEventDestinationName: pulumi.String(\"example\"),\n\t\t\tEventDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationArgs{\n\t\t\t\tPinpointDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationPinpointDestinationArgs{\n\t\t\t\t\tApplicationArn: pulumi.Any(exampleAwsPinpointApp.Arn),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tMatchingEventTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"SEND\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestination;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationPinpointDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n var exampleConfigurationSetEventDestination = new ConfigurationSetEventDestination(\"exampleConfigurationSetEventDestination\", ConfigurationSetEventDestinationArgs.builder()\n .configurationSetName(example.configurationSetName())\n .eventDestinationName(\"example\")\n .eventDestination(ConfigurationSetEventDestinationEventDestinationArgs.builder()\n .pinpointDestination(ConfigurationSetEventDestinationEventDestinationPinpointDestinationArgs.builder()\n .applicationArn(exampleAwsPinpointApp.arn())\n .build())\n .enabled(true)\n .matchingEventTypes(\"SEND\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n exampleConfigurationSetEventDestination:\n type: aws:sesv2:ConfigurationSetEventDestination\n name: example\n properties:\n configurationSetName: ${example.configurationSetName}\n eventDestinationName: example\n eventDestination:\n pinpointDestination:\n applicationArn: ${exampleAwsPinpointApp.arn}\n enabled: true\n matchingEventTypes:\n - SEND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {configurationSetName: \"example\"});\nconst exampleConfigurationSetEventDestination = new aws.sesv2.ConfigurationSetEventDestination(\"example\", {\n configurationSetName: example.configurationSetName,\n eventDestinationName: \"example\",\n eventDestination: {\n snsDestination: {\n topicArn: exampleAwsSnsTopic.arn,\n },\n enabled: true,\n matchingEventTypes: [\"SEND\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\", configuration_set_name=\"example\")\nexample_configuration_set_event_destination = aws.sesv2.ConfigurationSetEventDestination(\"example\",\n configuration_set_name=example.configuration_set_name,\n event_destination_name=\"example\",\n event_destination={\n \"sns_destination\": {\n \"topic_arn\": example_aws_sns_topic[\"arn\"],\n },\n \"enabled\": True,\n \"matching_event_types\": [\"SEND\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n });\n\n var exampleConfigurationSetEventDestination = new Aws.SesV2.ConfigurationSetEventDestination(\"example\", new()\n {\n ConfigurationSetName = example.ConfigurationSetName,\n EventDestinationName = \"example\",\n EventDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationArgs\n {\n SnsDestination = new Aws.SesV2.Inputs.ConfigurationSetEventDestinationEventDestinationSnsDestinationArgs\n {\n TopicArn = exampleAwsSnsTopic.Arn,\n },\n Enabled = true,\n MatchingEventTypes = new[]\n {\n \"SEND\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewConfigurationSetEventDestination(ctx, \"example\", \u0026sesv2.ConfigurationSetEventDestinationArgs{\n\t\t\tConfigurationSetName: example.ConfigurationSetName,\n\t\t\tEventDestinationName: pulumi.String(\"example\"),\n\t\t\tEventDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationArgs{\n\t\t\t\tSnsDestination: \u0026sesv2.ConfigurationSetEventDestinationEventDestinationSnsDestinationArgs{\n\t\t\t\t\tTopicArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t\t},\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tMatchingEventTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"SEND\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestination;\nimport com.pulumi.aws.sesv2.ConfigurationSetEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationArgs;\nimport com.pulumi.aws.sesv2.inputs.ConfigurationSetEventDestinationEventDestinationSnsDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n var exampleConfigurationSetEventDestination = new ConfigurationSetEventDestination(\"exampleConfigurationSetEventDestination\", ConfigurationSetEventDestinationArgs.builder()\n .configurationSetName(example.configurationSetName())\n .eventDestinationName(\"example\")\n .eventDestination(ConfigurationSetEventDestinationEventDestinationArgs.builder()\n .snsDestination(ConfigurationSetEventDestinationEventDestinationSnsDestinationArgs.builder()\n .topicArn(exampleAwsSnsTopic.arn())\n .build())\n .enabled(true)\n .matchingEventTypes(\"SEND\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n exampleConfigurationSetEventDestination:\n type: aws:sesv2:ConfigurationSetEventDestination\n name: example\n properties:\n configurationSetName: ${example.configurationSetName}\n eventDestinationName: example\n eventDestination:\n snsDestination:\n topicArn: ${exampleAwsSnsTopic.arn}\n enabled: true\n matchingEventTypes:\n - SEND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Configuration Set Event Destination using the `id` (`configuration_set_name|event_destination_name`). For example:\n\n```sh\n$ pulumi import aws:sesv2/configurationSetEventDestination:ConfigurationSetEventDestination example example_configuration_set|example_event_destination\n```\n", "properties": { "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n" }, "eventDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestination:ConfigurationSetEventDestinationEventDestination", "description": "A name that identifies the event destination within the configuration set.\n" }, "eventDestinationName": { "type": "string", "description": "An object that defines the event destination. See `event_destination` Block for details.\n" } }, "required": [ "configurationSetName", "eventDestination", "eventDestinationName" ], "inputProperties": { "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n", "willReplaceOnChanges": true }, "eventDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestination:ConfigurationSetEventDestinationEventDestination", "description": "A name that identifies the event destination within the configuration set.\n" }, "eventDestinationName": { "type": "string", "description": "An object that defines the event destination. See `event_destination` Block for details.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "configurationSetName", "eventDestination", "eventDestinationName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConfigurationSetEventDestination resources.\n", "properties": { "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n", "willReplaceOnChanges": true }, "eventDestination": { "$ref": "#/types/aws:sesv2/ConfigurationSetEventDestinationEventDestination:ConfigurationSetEventDestinationEventDestination", "description": "A name that identifies the event destination within the configuration set.\n" }, "eventDestinationName": { "type": "string", "description": "An object that defines the event destination. See `event_destination` Block for details.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sesv2/contactList:ContactList": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Contact List.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ContactList(\"example\", {contactListName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ContactList(\"example\", contact_list_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ContactList(\"example\", new()\n {\n ContactListName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewContactList(ctx, \"example\", \u0026sesv2.ContactListArgs{\n\t\t\tContactListName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ContactList;\nimport com.pulumi.aws.sesv2.ContactListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactList(\"example\", ContactListArgs.builder()\n .contactListName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ContactList\n properties:\n contactListName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Extended Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ContactList(\"example\", {\n contactListName: \"example\",\n description: \"description\",\n topics: [{\n defaultSubscriptionStatus: \"OPT_IN\",\n description: \"topic description\",\n displayName: \"Example Topic\",\n topicName: \"example-topic\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ContactList(\"example\",\n contact_list_name=\"example\",\n description=\"description\",\n topics=[{\n \"default_subscription_status\": \"OPT_IN\",\n \"description\": \"topic description\",\n \"display_name\": \"Example Topic\",\n \"topic_name\": \"example-topic\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ContactList(\"example\", new()\n {\n ContactListName = \"example\",\n Description = \"description\",\n Topics = new[]\n {\n new Aws.SesV2.Inputs.ContactListTopicArgs\n {\n DefaultSubscriptionStatus = \"OPT_IN\",\n Description = \"topic description\",\n DisplayName = \"Example Topic\",\n TopicName = \"example-topic\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewContactList(ctx, \"example\", \u0026sesv2.ContactListArgs{\n\t\t\tContactListName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"description\"),\n\t\t\tTopics: sesv2.ContactListTopicArray{\n\t\t\t\t\u0026sesv2.ContactListTopicArgs{\n\t\t\t\t\tDefaultSubscriptionStatus: pulumi.String(\"OPT_IN\"),\n\t\t\t\t\tDescription: pulumi.String(\"topic description\"),\n\t\t\t\t\tDisplayName: pulumi.String(\"Example Topic\"),\n\t\t\t\t\tTopicName: pulumi.String(\"example-topic\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ContactList;\nimport com.pulumi.aws.sesv2.ContactListArgs;\nimport com.pulumi.aws.sesv2.inputs.ContactListTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactList(\"example\", ContactListArgs.builder()\n .contactListName(\"example\")\n .description(\"description\")\n .topics(ContactListTopicArgs.builder()\n .defaultSubscriptionStatus(\"OPT_IN\")\n .description(\"topic description\")\n .displayName(\"Example Topic\")\n .topicName(\"example-topic\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ContactList\n properties:\n contactListName: example\n description: description\n topics:\n - defaultSubscriptionStatus: OPT_IN\n description: topic description\n displayName: Example Topic\n topicName: example-topic\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Contact List using the `id`. For example:\n\n```sh\n$ pulumi import aws:sesv2/contactList:ContactList example example\n```\n", "properties": { "arn": { "type": "string" }, "contactListName": { "type": "string", "description": "Name of the contact list.\n\nThe following arguments are optional:\n" }, "createdTimestamp": { "type": "string", "description": "Timestamp noting when the contact list was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "Description of what the contact list is about.\n" }, "lastUpdatedTimestamp": { "type": "string", "description": "Timestamp noting the last time the contact list was updated in ISO 8601 format.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the contact list. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/ContactListTopic:ContactListTopic" }, "description": "Configuration block(s) with topic for the contact list. Detailed below.\n" } }, "required": [ "arn", "contactListName", "createdTimestamp", "lastUpdatedTimestamp", "tagsAll" ], "inputProperties": { "contactListName": { "type": "string", "description": "Name of the contact list.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of what the contact list is about.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the contact list. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/ContactListTopic:ContactListTopic" }, "description": "Configuration block(s) with topic for the contact list. Detailed below.\n" } }, "requiredInputs": [ "contactListName" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContactList resources.\n", "properties": { "arn": { "type": "string" }, "contactListName": { "type": "string", "description": "Name of the contact list.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "createdTimestamp": { "type": "string", "description": "Timestamp noting when the contact list was created in ISO 8601 format.\n" }, "description": { "type": "string", "description": "Description of what the contact list is about.\n" }, "lastUpdatedTimestamp": { "type": "string", "description": "Timestamp noting the last time the contact list was updated in ISO 8601 format.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the contact list. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "topics": { "type": "array", "items": { "$ref": "#/types/aws:sesv2/ContactListTopic:ContactListTopic" }, "description": "Configuration block(s) with topic for the contact list. Detailed below.\n" } }, "type": "object" } }, "aws:sesv2/dedicatedIpAssignment:DedicatedIpAssignment": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Dedicated IP Assignment.\n\nThis resource is used with \"Standard\" dedicated IP addresses. This includes addresses [requested and relinquished manually](https://docs.aws.amazon.com/ses/latest/dg/dedicated-ip-case.html) via an AWS support case, or [Bring Your Own IP](https://docs.aws.amazon.com/ses/latest/dg/dedicated-ip-byo.html) addresses. Once no longer assigned, this resource returns the IP to the [`ses-default-dedicated-pool`](https://docs.aws.amazon.com/ses/latest/dg/managing-ip-pools.html), managed by AWS.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.DedicatedIpAssignment(\"example\", {\n ip: \"0.0.0.0\",\n destinationPoolName: \"my-pool\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.DedicatedIpAssignment(\"example\",\n ip=\"0.0.0.0\",\n destination_pool_name=\"my-pool\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.DedicatedIpAssignment(\"example\", new()\n {\n Ip = \"0.0.0.0\",\n DestinationPoolName = \"my-pool\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewDedicatedIpAssignment(ctx, \"example\", \u0026sesv2.DedicatedIpAssignmentArgs{\n\t\t\tIp: pulumi.String(\"0.0.0.0\"),\n\t\t\tDestinationPoolName: pulumi.String(\"my-pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.DedicatedIpAssignment;\nimport com.pulumi.aws.sesv2.DedicatedIpAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DedicatedIpAssignment(\"example\", DedicatedIpAssignmentArgs.builder()\n .ip(\"0.0.0.0\")\n .destinationPoolName(\"my-pool\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:DedicatedIpAssignment\n properties:\n ip: 0.0.0.0\n destinationPoolName: my-pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Dedicated IP Assignment using the `id`, which is a comma-separated string made up of `ip` and `destination_pool_name`. For example:\n\n```sh\n$ pulumi import aws:sesv2/dedicatedIpAssignment:DedicatedIpAssignment example \"0.0.0.0,my-pool\"\n```\n", "properties": { "destinationPoolName": { "type": "string", "description": "Dedicated IP address.\n" }, "ip": { "type": "string", "description": "Dedicated IP address.\n" } }, "required": [ "destinationPoolName", "ip" ], "inputProperties": { "destinationPoolName": { "type": "string", "description": "Dedicated IP address.\n", "willReplaceOnChanges": true }, "ip": { "type": "string", "description": "Dedicated IP address.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destinationPoolName", "ip" ], "stateInputs": { "description": "Input properties used for looking up and filtering DedicatedIpAssignment resources.\n", "properties": { "destinationPoolName": { "type": "string", "description": "Dedicated IP address.\n", "willReplaceOnChanges": true }, "ip": { "type": "string", "description": "Dedicated IP address.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sesv2/dedicatedIpPool:DedicatedIpPool": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Dedicated IP Pool.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.DedicatedIpPool(\"example\", {poolName: \"my-pool\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.DedicatedIpPool(\"example\", pool_name=\"my-pool\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.DedicatedIpPool(\"example\", new()\n {\n PoolName = \"my-pool\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewDedicatedIpPool(ctx, \"example\", \u0026sesv2.DedicatedIpPoolArgs{\n\t\t\tPoolName: pulumi.String(\"my-pool\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.DedicatedIpPool;\nimport com.pulumi.aws.sesv2.DedicatedIpPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DedicatedIpPool(\"example\", DedicatedIpPoolArgs.builder()\n .poolName(\"my-pool\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:DedicatedIpPool\n properties:\n poolName: my-pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Pool\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.DedicatedIpPool(\"example\", {\n poolName: \"my-managed-pool\",\n scalingMode: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.DedicatedIpPool(\"example\",\n pool_name=\"my-managed-pool\",\n scaling_mode=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.DedicatedIpPool(\"example\", new()\n {\n PoolName = \"my-managed-pool\",\n ScalingMode = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewDedicatedIpPool(ctx, \"example\", \u0026sesv2.DedicatedIpPoolArgs{\n\t\t\tPoolName: pulumi.String(\"my-managed-pool\"),\n\t\t\tScalingMode: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.DedicatedIpPool;\nimport com.pulumi.aws.sesv2.DedicatedIpPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DedicatedIpPool(\"example\", DedicatedIpPoolArgs.builder()\n .poolName(\"my-managed-pool\")\n .scalingMode(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:DedicatedIpPool\n properties:\n poolName: my-managed-pool\n scalingMode: MANAGED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Dedicated IP Pool using the `pool_name`. For example:\n\n```sh\n$ pulumi import aws:sesv2/dedicatedIpPool:DedicatedIpPool example my-pool\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Dedicated IP Pool.\n" }, "poolName": { "type": "string", "description": "Name of the dedicated IP pool.\n\nThe following arguments are optional:\n" }, "scalingMode": { "type": "string", "description": "IP pool scaling mode. Valid values: `STANDARD`, `MANAGED`. If omitted, the AWS API will default to a standard pool.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "poolName", "scalingMode", "tagsAll" ], "inputProperties": { "poolName": { "type": "string", "description": "Name of the dedicated IP pool.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "scalingMode": { "type": "string", "description": "IP pool scaling mode. Valid values: `STANDARD`, `MANAGED`. If omitted, the AWS API will default to a standard pool.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "poolName" ], "stateInputs": { "description": "Input properties used for looking up and filtering DedicatedIpPool resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Dedicated IP Pool.\n" }, "poolName": { "type": "string", "description": "Name of the dedicated IP pool.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "scalingMode": { "type": "string", "description": "IP pool scaling mode. Valid values: `STANDARD`, `MANAGED`. If omitted, the AWS API will default to a standard pool.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the pool. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sesv2/emailIdentity:EmailIdentity": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Email Identity.\n\n## Example Usage\n\n### Basic Usage\n\n### Email Address Identity\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {emailIdentity: \"testing@example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\", email_identity=\"testing@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"testing@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"testing@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"testing@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: testing@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Domain Identity\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {emailIdentity: \"example.com\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\", email_identity=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration Set\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.ConfigurationSet(\"example\", {configurationSetName: \"example\"});\nconst exampleEmailIdentity = new aws.sesv2.EmailIdentity(\"example\", {\n emailIdentity: \"example.com\",\n configurationSetName: example.configurationSetName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.ConfigurationSet(\"example\", configuration_set_name=\"example\")\nexample_email_identity = aws.sesv2.EmailIdentity(\"example\",\n email_identity=\"example.com\",\n configuration_set_name=example.configuration_set_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.ConfigurationSet(\"example\", new()\n {\n ConfigurationSetName = \"example\",\n });\n\n var exampleEmailIdentity = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"example.com\",\n ConfigurationSetName = example.ConfigurationSetName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewConfigurationSet(ctx, \"example\", \u0026sesv2.ConfigurationSetArgs{\n\t\t\tConfigurationSetName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"example.com\"),\n\t\t\tConfigurationSetName: example.ConfigurationSetName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.ConfigurationSet;\nimport com.pulumi.aws.sesv2.ConfigurationSetArgs;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConfigurationSet(\"example\", ConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n var exampleEmailIdentity = new EmailIdentity(\"exampleEmailIdentity\", EmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .configurationSetName(example.configurationSetName())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:ConfigurationSet\n properties:\n configurationSetName: example\n exampleEmailIdentity:\n type: aws:sesv2:EmailIdentity\n name: example\n properties:\n emailIdentity: example.com\n configurationSetName: ${example.configurationSetName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### DKIM Signing Attributes (BYODKIM)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {\n emailIdentity: \"example.com\",\n dkimSigningAttributes: {\n domainSigningPrivateKey: \"MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\",\n domainSigningSelector: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\",\n email_identity=\"example.com\",\n dkim_signing_attributes={\n \"domain_signing_private_key\": \"MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\",\n \"domain_signing_selector\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"example.com\",\n DkimSigningAttributes = new Aws.SesV2.Inputs.EmailIdentityDkimSigningAttributesArgs\n {\n DomainSigningPrivateKey = \"MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\",\n DomainSigningSelector = \"example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"example.com\"),\n\t\t\tDkimSigningAttributes: \u0026sesv2.EmailIdentityDkimSigningAttributesArgs{\n\t\t\t\tDomainSigningPrivateKey: pulumi.String(\"MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\"),\n\t\t\t\tDomainSigningSelector: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport com.pulumi.aws.sesv2.inputs.EmailIdentityDkimSigningAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .dkimSigningAttributes(EmailIdentityDkimSigningAttributesArgs.builder()\n .domainSigningPrivateKey(\"MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\")\n .domainSigningSelector(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: example.com\n dkimSigningAttributes:\n domainSigningPrivateKey: MIIJKAIBAAKCAgEA2Se7p8zvnI4yh+Gh9j2rG5e2aRXjg03Y8saiupLnadPH9xvM...\n domainSigningSelector: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Email Identity using the `email_identity`. For example:\n\n```sh\n$ pulumi import aws:sesv2/emailIdentity:EmailIdentity example example.com\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Email Identity.\n" }, "configurationSetName": { "type": "string", "description": "The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence.\n" }, "dkimSigningAttributes": { "$ref": "#/types/aws:sesv2/EmailIdentityDkimSigningAttributes:EmailIdentityDkimSigningAttributes", "description": "The configuration of the DKIM authentication settings for an email domain identity.\n" }, "emailIdentity": { "type": "string", "description": "The email address or domain to verify.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "EmailIdentityDetails" } } }, "identityType": { "type": "string", "description": "The email identity type. Valid values: `EMAIL_ADDRESS`, `DOMAIN`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "verifiedForSendingStatus": { "type": "boolean", "description": "Specifies whether or not the identity is verified.\n" } }, "required": [ "arn", "dkimSigningAttributes", "emailIdentity", "identityType", "tagsAll", "verifiedForSendingStatus" ], "inputProperties": { "configurationSetName": { "type": "string", "description": "The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence.\n" }, "dkimSigningAttributes": { "$ref": "#/types/aws:sesv2/EmailIdentityDkimSigningAttributes:EmailIdentityDkimSigningAttributes", "description": "The configuration of the DKIM authentication settings for an email domain identity.\n" }, "emailIdentity": { "type": "string", "description": "The email address or domain to verify.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "EmailIdentityDetails" } }, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "emailIdentity" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentity resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Email Identity.\n" }, "configurationSetName": { "type": "string", "description": "The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence.\n" }, "dkimSigningAttributes": { "$ref": "#/types/aws:sesv2/EmailIdentityDkimSigningAttributes:EmailIdentityDkimSigningAttributes", "description": "The configuration of the DKIM authentication settings for an email domain identity.\n" }, "emailIdentity": { "type": "string", "description": "The email address or domain to verify.\n\nThe following arguments are optional:\n", "language": { "csharp": { "name": "EmailIdentityDetails" } }, "willReplaceOnChanges": true }, "identityType": { "type": "string", "description": "The email identity type. Valid values: `EMAIL_ADDRESS`, `DOMAIN`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "verifiedForSendingStatus": { "type": "boolean", "description": "Specifies whether or not the identity is verified.\n" } }, "type": "object" } }, "aws:sesv2/emailIdentityFeedbackAttributes:EmailIdentityFeedbackAttributes": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Email Identity Feedback Attributes.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {emailIdentity: \"example.com\"});\nconst exampleEmailIdentityFeedbackAttributes = new aws.sesv2.EmailIdentityFeedbackAttributes(\"example\", {\n emailIdentity: example.emailIdentity,\n emailForwardingEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\", email_identity=\"example.com\")\nexample_email_identity_feedback_attributes = aws.sesv2.EmailIdentityFeedbackAttributes(\"example\",\n email_identity=example.email_identity,\n email_forwarding_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"example.com\",\n });\n\n var exampleEmailIdentityFeedbackAttributes = new Aws.SesV2.EmailIdentityFeedbackAttributes(\"example\", new()\n {\n EmailIdentity = example.EmailIdentityDetails,\n EmailForwardingEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewEmailIdentityFeedbackAttributes(ctx, \"example\", \u0026sesv2.EmailIdentityFeedbackAttributesArgs{\n\t\t\tEmailIdentity: example.EmailIdentity,\n\t\t\tEmailForwardingEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport com.pulumi.aws.sesv2.EmailIdentityFeedbackAttributes;\nimport com.pulumi.aws.sesv2.EmailIdentityFeedbackAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .build());\n\n var exampleEmailIdentityFeedbackAttributes = new EmailIdentityFeedbackAttributes(\"exampleEmailIdentityFeedbackAttributes\", EmailIdentityFeedbackAttributesArgs.builder()\n .emailIdentity(example.emailIdentity())\n .emailForwardingEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: example.com\n exampleEmailIdentityFeedbackAttributes:\n type: aws:sesv2:EmailIdentityFeedbackAttributes\n name: example\n properties:\n emailIdentity: ${example.emailIdentity}\n emailForwardingEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Email Identity Feedback Attributes using the `email_identity`. For example:\n\n```sh\n$ pulumi import aws:sesv2/emailIdentityFeedbackAttributes:EmailIdentityFeedbackAttributes example example.com\n```\n", "properties": { "emailForwardingEnabled": { "type": "boolean", "description": "Sets the feedback forwarding configuration for the identity.\n" }, "emailIdentity": { "type": "string", "description": "The email identity.\n" } }, "required": [ "emailIdentity" ], "inputProperties": { "emailForwardingEnabled": { "type": "boolean", "description": "Sets the feedback forwarding configuration for the identity.\n" }, "emailIdentity": { "type": "string", "description": "The email identity.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "emailIdentity" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentityFeedbackAttributes resources.\n", "properties": { "emailForwardingEnabled": { "type": "boolean", "description": "Sets the feedback forwarding configuration for the identity.\n" }, "emailIdentity": { "type": "string", "description": "The email identity.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sesv2/emailIdentityMailFromAttributes:EmailIdentityMailFromAttributes": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Email Identity Mail From Attributes.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {emailIdentity: \"example.com\"});\nconst exampleEmailIdentityMailFromAttributes = new aws.sesv2.EmailIdentityMailFromAttributes(\"example\", {\n emailIdentity: example.emailIdentity,\n behaviorOnMxFailure: \"REJECT_MESSAGE\",\n mailFromDomain: pulumi.interpolate`subdomain.${example.emailIdentity}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\", email_identity=\"example.com\")\nexample_email_identity_mail_from_attributes = aws.sesv2.EmailIdentityMailFromAttributes(\"example\",\n email_identity=example.email_identity,\n behavior_on_mx_failure=\"REJECT_MESSAGE\",\n mail_from_domain=example.email_identity.apply(lambda email_identity: f\"subdomain.{email_identity}\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"example.com\",\n });\n\n var exampleEmailIdentityMailFromAttributes = new Aws.SesV2.EmailIdentityMailFromAttributes(\"example\", new()\n {\n EmailIdentity = example.EmailIdentityDetails,\n BehaviorOnMxFailure = \"REJECT_MESSAGE\",\n MailFromDomain = example.EmailIdentityDetails.Apply(emailIdentity =\u003e $\"subdomain.{emailIdentity}\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewEmailIdentityMailFromAttributes(ctx, \"example\", \u0026sesv2.EmailIdentityMailFromAttributesArgs{\n\t\t\tEmailIdentity: example.EmailIdentity,\n\t\t\tBehaviorOnMxFailure: pulumi.String(\"REJECT_MESSAGE\"),\n\t\t\tMailFromDomain: example.EmailIdentity.ApplyT(func(emailIdentity string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"subdomain.%v\", emailIdentity), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport com.pulumi.aws.sesv2.EmailIdentityMailFromAttributes;\nimport com.pulumi.aws.sesv2.EmailIdentityMailFromAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .build());\n\n var exampleEmailIdentityMailFromAttributes = new EmailIdentityMailFromAttributes(\"exampleEmailIdentityMailFromAttributes\", EmailIdentityMailFromAttributesArgs.builder()\n .emailIdentity(example.emailIdentity())\n .behaviorOnMxFailure(\"REJECT_MESSAGE\")\n .mailFromDomain(example.emailIdentity().applyValue(emailIdentity -\u003e String.format(\"subdomain.%s\", emailIdentity)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: example.com\n exampleEmailIdentityMailFromAttributes:\n type: aws:sesv2:EmailIdentityMailFromAttributes\n name: example\n properties:\n emailIdentity: ${example.emailIdentity}\n behaviorOnMxFailure: REJECT_MESSAGE\n mailFromDomain: subdomain.${example.emailIdentity}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Email Identity Mail From Attributes using the `email_identity`. For example:\n\n```sh\n$ pulumi import aws:sesv2/emailIdentityMailFromAttributes:EmailIdentityMailFromAttributes example example.com\n```\n", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action to take if the required MX record isn't found when you send an email. Valid values: `USE_DEFAULT_VALUE`, `REJECT_MESSAGE`.\n" }, "emailIdentity": { "type": "string", "description": "The verified email identity.\n" }, "mailFromDomain": { "type": "string", "description": "The custom MAIL FROM domain that you want the verified identity to use. Required if `behavior_on_mx_failure` is `REJECT_MESSAGE`.\n" } }, "required": [ "emailIdentity" ], "inputProperties": { "behaviorOnMxFailure": { "type": "string", "description": "The action to take if the required MX record isn't found when you send an email. Valid values: `USE_DEFAULT_VALUE`, `REJECT_MESSAGE`.\n" }, "emailIdentity": { "type": "string", "description": "The verified email identity.\n", "willReplaceOnChanges": true }, "mailFromDomain": { "type": "string", "description": "The custom MAIL FROM domain that you want the verified identity to use. Required if `behavior_on_mx_failure` is `REJECT_MESSAGE`.\n" } }, "requiredInputs": [ "emailIdentity" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentityMailFromAttributes resources.\n", "properties": { "behaviorOnMxFailure": { "type": "string", "description": "The action to take if the required MX record isn't found when you send an email. Valid values: `USE_DEFAULT_VALUE`, `REJECT_MESSAGE`.\n" }, "emailIdentity": { "type": "string", "description": "The verified email identity.\n", "willReplaceOnChanges": true }, "mailFromDomain": { "type": "string", "description": "The custom MAIL FROM domain that you want the verified identity to use. Required if `behavior_on_mx_failure` is `REJECT_MESSAGE`.\n" } }, "type": "object" } }, "aws:sesv2/emailIdentityPolicy:EmailIdentityPolicy": { "description": "Resource for managing an AWS SESv2 (Simple Email V2) Email Identity Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sesv2.EmailIdentity(\"example\", {emailIdentity: \"testing@example.com\"});\nconst exampleEmailIdentityPolicy = new aws.sesv2.EmailIdentityPolicy(\"example\", {\n emailIdentity: example.emailIdentity,\n policyName: \"example\",\n policy: pulumi.interpolate`{\n \"Id\":\"ExampleAuthorizationPolicy\",\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\":\"AuthorizeIAMUser\",\n \"Effect\":\"Allow\",\n \"Resource\":\"${example.arn}\",\n \"Principal\":{\n \"AWS\":[\n \"arn:aws:iam::123456789012:user/John\",\n \"arn:aws:iam::123456789012:user/Jane\"\n ]\n },\n \"Action\":[\n \"ses:DeleteEmailIdentity\",\n \"ses:PutEmailIdentityDkimSigningAttributes\"\n ]\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.EmailIdentity(\"example\", email_identity=\"testing@example.com\")\nexample_email_identity_policy = aws.sesv2.EmailIdentityPolicy(\"example\",\n email_identity=example.email_identity,\n policy_name=\"example\",\n policy=example.arn.apply(lambda arn: f\"\"\"{{\n \"Id\":\"ExampleAuthorizationPolicy\",\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {{\n \"Sid\":\"AuthorizeIAMUser\",\n \"Effect\":\"Allow\",\n \"Resource\":\"{arn}\",\n \"Principal\":{{\n \"AWS\":[\n \"arn:aws:iam::123456789012:user/John\",\n \"arn:aws:iam::123456789012:user/Jane\"\n ]\n }},\n \"Action\":[\n \"ses:DeleteEmailIdentity\",\n \"ses:PutEmailIdentityDkimSigningAttributes\"\n ]\n }}\n ]\n}}\n\"\"\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SesV2.EmailIdentity(\"example\", new()\n {\n EmailIdentityDetails = \"testing@example.com\",\n });\n\n var exampleEmailIdentityPolicy = new Aws.SesV2.EmailIdentityPolicy(\"example\", new()\n {\n EmailIdentity = example.EmailIdentityDetails,\n PolicyName = \"example\",\n Policy = example.Arn.Apply(arn =\u003e @$\"{{\n \"\"Id\"\":\"\"ExampleAuthorizationPolicy\"\",\n \"\"Version\"\":\"\"2012-10-17\"\",\n \"\"Statement\"\":[\n {{\n \"\"Sid\"\":\"\"AuthorizeIAMUser\"\",\n \"\"Effect\"\":\"\"Allow\"\",\n \"\"Resource\"\":\"\"{arn}\"\",\n \"\"Principal\"\":{{\n \"\"AWS\"\":[\n \"\"arn:aws:iam::123456789012:user/John\"\",\n \"\"arn:aws:iam::123456789012:user/Jane\"\"\n ]\n }},\n \"\"Action\"\":[\n \"\"ses:DeleteEmailIdentity\"\",\n \"\"ses:PutEmailIdentityDkimSigningAttributes\"\"\n ]\n }}\n ]\n}}\n\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.NewEmailIdentity(ctx, \"example\", \u0026sesv2.EmailIdentityArgs{\n\t\t\tEmailIdentity: pulumi.String(\"testing@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.NewEmailIdentityPolicy(ctx, \"example\", \u0026sesv2.EmailIdentityPolicyArgs{\n\t\t\tEmailIdentity: example.EmailIdentity,\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`{\n \"Id\":\"ExampleAuthorizationPolicy\",\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\":\"AuthorizeIAMUser\",\n \"Effect\":\"Allow\",\n \"Resource\":\"%v\",\n \"Principal\":{\n \"AWS\":[\n \"arn:aws:iam::123456789012:user/John\",\n \"arn:aws:iam::123456789012:user/Jane\"\n ]\n },\n \"Action\":[\n \"ses:DeleteEmailIdentity\",\n \"ses:PutEmailIdentityDkimSigningAttributes\"\n ]\n }\n ]\n}\n`, arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.EmailIdentity;\nimport com.pulumi.aws.sesv2.EmailIdentityArgs;\nimport com.pulumi.aws.sesv2.EmailIdentityPolicy;\nimport com.pulumi.aws.sesv2.EmailIdentityPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EmailIdentity(\"example\", EmailIdentityArgs.builder()\n .emailIdentity(\"testing@example.com\")\n .build());\n\n var exampleEmailIdentityPolicy = new EmailIdentityPolicy(\"exampleEmailIdentityPolicy\", EmailIdentityPolicyArgs.builder()\n .emailIdentity(example.emailIdentity())\n .policyName(\"example\")\n .policy(example.arn().applyValue(arn -\u003e \"\"\"\n{\n \"Id\":\"ExampleAuthorizationPolicy\",\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\":\"AuthorizeIAMUser\",\n \"Effect\":\"Allow\",\n \"Resource\":\"%s\",\n \"Principal\":{\n \"AWS\":[\n \"arn:aws:iam::123456789012:user/John\",\n \"arn:aws:iam::123456789012:user/Jane\"\n ]\n },\n \"Action\":[\n \"ses:DeleteEmailIdentity\",\n \"ses:PutEmailIdentityDkimSigningAttributes\"\n ]\n }\n ]\n}\n\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sesv2:EmailIdentity\n properties:\n emailIdentity: testing@example.com\n exampleEmailIdentityPolicy:\n type: aws:sesv2:EmailIdentityPolicy\n name: example\n properties:\n emailIdentity: ${example.emailIdentity}\n policyName: example\n policy: |\n {\n \"Id\":\"ExampleAuthorizationPolicy\",\n \"Version\":\"2012-10-17\",\n \"Statement\":[\n {\n \"Sid\":\"AuthorizeIAMUser\",\n \"Effect\":\"Allow\",\n \"Resource\":\"${example.arn}\",\n \"Principal\":{\n \"AWS\":[\n \"arn:aws:iam::123456789012:user/John\",\n \"arn:aws:iam::123456789012:user/Jane\"\n ]\n },\n \"Action\":[\n \"ses:DeleteEmailIdentity\",\n \"ses:PutEmailIdentityDkimSigningAttributes\"\n ]\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SESv2 (Simple Email V2) Email Identity Policy using the `example_id_arg`. For example:\n\n```sh\n$ pulumi import aws:sesv2/emailIdentityPolicy:EmailIdentityPolicy example example_email_identity|example_policy_name\n```\n", "properties": { "emailIdentity": { "type": "string", "description": "The email identity.\n" }, "policy": { "type": "string", "description": "The text of the policy in JSON format.\n" }, "policyName": { "type": "string", "description": "The name of the policy.\n" } }, "required": [ "emailIdentity", "policy", "policyName" ], "inputProperties": { "emailIdentity": { "type": "string", "description": "The email identity.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The text of the policy in JSON format.\n" }, "policyName": { "type": "string", "description": "The name of the policy.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "emailIdentity", "policy", "policyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering EmailIdentityPolicy resources.\n", "properties": { "emailIdentity": { "type": "string", "description": "The email identity.\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The text of the policy in JSON format.\n" }, "policyName": { "type": "string", "description": "The name of the policy.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sfn/activity:Activity": { "description": "Provides a Step Function Activity resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnActivity = new aws.sfn.Activity(\"sfn_activity\", {name: \"my-activity\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_activity = aws.sfn.Activity(\"sfn_activity\", name=\"my-activity\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sfnActivity = new Aws.Sfn.Activity(\"sfn_activity\", new()\n {\n Name = \"my-activity\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.NewActivity(ctx, \"sfn_activity\", \u0026sfn.ActivityArgs{\n\t\t\tName: pulumi.String(\"my-activity\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.Activity;\nimport com.pulumi.aws.sfn.ActivityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sfnActivity = new Activity(\"sfnActivity\", ActivityArgs.builder()\n .name(\"my-activity\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sfnActivity:\n type: aws:sfn:Activity\n name: sfn_activity\n properties:\n name: my-activity\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import activities using the `arn`. For example:\n\n```sh\n$ pulumi import aws:sfn/activity:Activity foo arn:aws:states:eu-west-1:123456789098:activity:bar\n```\n", "properties": { "creationDate": { "type": "string", "description": "The date the activity was created.\n" }, "name": { "type": "string", "description": "The name of the activity to create.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "creationDate", "name", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "The name of the activity to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Activity resources.\n", "properties": { "creationDate": { "type": "string", "description": "The date the activity was created.\n" }, "name": { "type": "string", "description": "The name of the activity to create.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:sfn/alias:Alias": { "description": "Provides a Step Function State Machine Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnAlias = new aws.sfn.Alias(\"sfn_alias\", {\n name: \"my_sfn_alias\",\n routingConfigurations: [{\n stateMachineVersionArn: sfnTest.stateMachineVersionArn,\n weight: 100,\n }],\n});\nconst mySfnAlias = new aws.sfn.Alias(\"my_sfn_alias\", {\n name: \"my_sfn_alias\",\n routingConfigurations: [\n {\n stateMachineVersionArn: \"arn:aws:states:us-east-1:12345:stateMachine:demo:3\",\n weight: 50,\n },\n {\n stateMachineVersionArn: \"arn:aws:states:us-east-1:12345:stateMachine:demo:2\",\n weight: 50,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_alias = aws.sfn.Alias(\"sfn_alias\",\n name=\"my_sfn_alias\",\n routing_configurations=[{\n \"state_machine_version_arn\": sfn_test[\"stateMachineVersionArn\"],\n \"weight\": 100,\n }])\nmy_sfn_alias = aws.sfn.Alias(\"my_sfn_alias\",\n name=\"my_sfn_alias\",\n routing_configurations=[\n {\n \"state_machine_version_arn\": \"arn:aws:states:us-east-1:12345:stateMachine:demo:3\",\n \"weight\": 50,\n },\n {\n \"state_machine_version_arn\": \"arn:aws:states:us-east-1:12345:stateMachine:demo:2\",\n \"weight\": 50,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sfnAlias = new Aws.Sfn.Alias(\"sfn_alias\", new()\n {\n Name = \"my_sfn_alias\",\n RoutingConfigurations = new[]\n {\n new Aws.Sfn.Inputs.AliasRoutingConfigurationArgs\n {\n StateMachineVersionArn = sfnTest.StateMachineVersionArn,\n Weight = 100,\n },\n },\n });\n\n var mySfnAlias = new Aws.Sfn.Alias(\"my_sfn_alias\", new()\n {\n Name = \"my_sfn_alias\",\n RoutingConfigurations = new[]\n {\n new Aws.Sfn.Inputs.AliasRoutingConfigurationArgs\n {\n StateMachineVersionArn = \"arn:aws:states:us-east-1:12345:stateMachine:demo:3\",\n Weight = 50,\n },\n new Aws.Sfn.Inputs.AliasRoutingConfigurationArgs\n {\n StateMachineVersionArn = \"arn:aws:states:us-east-1:12345:stateMachine:demo:2\",\n Weight = 50,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.NewAlias(ctx, \"sfn_alias\", \u0026sfn.AliasArgs{\n\t\t\tName: pulumi.String(\"my_sfn_alias\"),\n\t\t\tRoutingConfigurations: sfn.AliasRoutingConfigurationArray{\n\t\t\t\t\u0026sfn.AliasRoutingConfigurationArgs{\n\t\t\t\t\tStateMachineVersionArn: pulumi.Any(sfnTest.StateMachineVersionArn),\n\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sfn.NewAlias(ctx, \"my_sfn_alias\", \u0026sfn.AliasArgs{\n\t\t\tName: pulumi.String(\"my_sfn_alias\"),\n\t\t\tRoutingConfigurations: sfn.AliasRoutingConfigurationArray{\n\t\t\t\t\u0026sfn.AliasRoutingConfigurationArgs{\n\t\t\t\t\tStateMachineVersionArn: pulumi.String(\"arn:aws:states:us-east-1:12345:stateMachine:demo:3\"),\n\t\t\t\t\tWeight: pulumi.Int(50),\n\t\t\t\t},\n\t\t\t\t\u0026sfn.AliasRoutingConfigurationArgs{\n\t\t\t\t\tStateMachineVersionArn: pulumi.String(\"arn:aws:states:us-east-1:12345:stateMachine:demo:2\"),\n\t\t\t\t\tWeight: pulumi.Int(50),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.Alias;\nimport com.pulumi.aws.sfn.AliasArgs;\nimport com.pulumi.aws.sfn.inputs.AliasRoutingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sfnAlias = new Alias(\"sfnAlias\", AliasArgs.builder()\n .name(\"my_sfn_alias\")\n .routingConfigurations(AliasRoutingConfigurationArgs.builder()\n .stateMachineVersionArn(sfnTest.stateMachineVersionArn())\n .weight(100)\n .build())\n .build());\n\n var mySfnAlias = new Alias(\"mySfnAlias\", AliasArgs.builder()\n .name(\"my_sfn_alias\")\n .routingConfigurations( \n AliasRoutingConfigurationArgs.builder()\n .stateMachineVersionArn(\"arn:aws:states:us-east-1:12345:stateMachine:demo:3\")\n .weight(50)\n .build(),\n AliasRoutingConfigurationArgs.builder()\n .stateMachineVersionArn(\"arn:aws:states:us-east-1:12345:stateMachine:demo:2\")\n .weight(50)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sfnAlias:\n type: aws:sfn:Alias\n name: sfn_alias\n properties:\n name: my_sfn_alias\n routingConfigurations:\n - stateMachineVersionArn: ${sfnTest.stateMachineVersionArn}\n weight: 100\n mySfnAlias:\n type: aws:sfn:Alias\n name: my_sfn_alias\n properties:\n name: my_sfn_alias\n routingConfigurations:\n - stateMachineVersionArn: arn:aws:states:us-east-1:12345:stateMachine:demo:3\n weight: 50\n - stateMachineVersionArn: arn:aws:states:us-east-1:12345:stateMachine:demo:2\n weight: 50\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SFN (Step Functions) Alias using the `arn`. For example:\n\n```sh\n$ pulumi import aws:sfn/alias:Alias foo arn:aws:states:us-east-1:123456789098:stateMachine:myStateMachine:foo\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your state machine alias.\n" }, "creationDate": { "type": "string", "description": "The date the state machine alias was created.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name for the alias you are creating.\n" }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:sfn/AliasRoutingConfiguration:AliasRoutingConfiguration" }, "description": "The StateMachine alias' route configuration settings. Fields documented below\n" } }, "required": [ "arn", "creationDate", "name", "routingConfigurations" ], "inputProperties": { "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name for the alias you are creating.\n", "willReplaceOnChanges": true }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:sfn/AliasRoutingConfiguration:AliasRoutingConfiguration" }, "description": "The StateMachine alias' route configuration settings. Fields documented below\n" } }, "requiredInputs": [ "routingConfigurations" ], "stateInputs": { "description": "Input properties used for looking up and filtering Alias resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) identifying your state machine alias.\n" }, "creationDate": { "type": "string", "description": "The date the state machine alias was created.\n" }, "description": { "type": "string", "description": "Description of the alias.\n" }, "name": { "type": "string", "description": "Name for the alias you are creating.\n", "willReplaceOnChanges": true }, "routingConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:sfn/AliasRoutingConfiguration:AliasRoutingConfiguration" }, "description": "The StateMachine alias' route configuration settings. Fields documented below\n" } }, "type": "object" } }, "aws:sfn/stateMachine:StateMachine": { "description": "Provides a Step Function State Machine resource\n\n## Example Usage\n\n### Basic (Standard Workflow)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst sfnStateMachine = new aws.sfn.StateMachine(\"sfn_state_machine\", {\n name: \"my-state-machine\",\n roleArn: iamForSfn.arn,\n definition: `{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nsfn_state_machine = aws.sfn.StateMachine(\"sfn_state_machine\",\n name=\"my-state-machine\",\n role_arn=iam_for_sfn[\"arn\"],\n definition=f\"\"\"{{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {{\n \"HelloWorld\": {{\n \"Type\": \"Task\",\n \"Resource\": \"{lambda_[\"arn\"]}\",\n \"End\": true\n }}\n }}\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...\n var sfnStateMachine = new Aws.Sfn.StateMachine(\"sfn_state_machine\", new()\n {\n Name = \"my-state-machine\",\n RoleArn = iamForSfn.Arn,\n Definition = @$\"{{\n \"\"Comment\"\": \"\"A Hello World example of the Amazon States Language using an AWS Lambda Function\"\",\n \"\"StartAt\"\": \"\"HelloWorld\"\",\n \"\"States\"\": {{\n \"\"HelloWorld\"\": {{\n \"\"Type\"\": \"\"Task\"\",\n \"\"Resource\"\": \"\"{lambda.Arn}\"\",\n \"\"End\"\": true\n }}\n }}\n}}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...\n\t\t_, err := sfn.NewStateMachine(ctx, \"sfn_state_machine\", \u0026sfn.StateMachineArgs{\n\t\t\tName: pulumi.String(\"my-state-machine\"),\n\t\t\tRoleArn: pulumi.Any(iamForSfn.Arn),\n\t\t\tDefinition: pulumi.String(fmt.Sprintf(`{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%v\",\n \"End\": true\n }\n }\n}\n`, lambda.Arn)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.StateMachine;\nimport com.pulumi.aws.sfn.StateMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...\n var sfnStateMachine = new StateMachine(\"sfnStateMachine\", StateMachineArgs.builder()\n .name(\"my-state-machine\")\n .roleArn(iamForSfn.arn())\n .definition(\"\"\"\n{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%s\",\n \"End\": true\n }\n }\n}\n\", lambda.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ...\n sfnStateMachine:\n type: aws:sfn:StateMachine\n name: sfn_state_machine\n properties:\n name: my-state-machine\n roleArn: ${iamForSfn.arn}\n definition: |\n {\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic (Express Workflow)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst sfnStateMachine = new aws.sfn.StateMachine(\"sfn_state_machine\", {\n name: \"my-state-machine\",\n roleArn: iamForSfn.arn,\n type: \"EXPRESS\",\n definition: `{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nsfn_state_machine = aws.sfn.StateMachine(\"sfn_state_machine\",\n name=\"my-state-machine\",\n role_arn=iam_for_sfn[\"arn\"],\n type=\"EXPRESS\",\n definition=f\"\"\"{{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {{\n \"HelloWorld\": {{\n \"Type\": \"Task\",\n \"Resource\": \"{lambda_[\"arn\"]}\",\n \"End\": true\n }}\n }}\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...\n var sfnStateMachine = new Aws.Sfn.StateMachine(\"sfn_state_machine\", new()\n {\n Name = \"my-state-machine\",\n RoleArn = iamForSfn.Arn,\n Type = \"EXPRESS\",\n Definition = @$\"{{\n \"\"Comment\"\": \"\"A Hello World example of the Amazon States Language using an AWS Lambda Function\"\",\n \"\"StartAt\"\": \"\"HelloWorld\"\",\n \"\"States\"\": {{\n \"\"HelloWorld\"\": {{\n \"\"Type\"\": \"\"Task\"\",\n \"\"Resource\"\": \"\"{lambda.Arn}\"\",\n \"\"End\"\": true\n }}\n }}\n}}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...\n\t\t_, err := sfn.NewStateMachine(ctx, \"sfn_state_machine\", \u0026sfn.StateMachineArgs{\n\t\t\tName: pulumi.String(\"my-state-machine\"),\n\t\t\tRoleArn: pulumi.Any(iamForSfn.Arn),\n\t\t\tType: pulumi.String(\"EXPRESS\"),\n\t\t\tDefinition: pulumi.String(fmt.Sprintf(`{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%v\",\n \"End\": true\n }\n }\n}\n`, lambda.Arn)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.StateMachine;\nimport com.pulumi.aws.sfn.StateMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...\n var sfnStateMachine = new StateMachine(\"sfnStateMachine\", StateMachineArgs.builder()\n .name(\"my-state-machine\")\n .roleArn(iamForSfn.arn())\n .type(\"EXPRESS\")\n .definition(\"\"\"\n{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%s\",\n \"End\": true\n }\n }\n}\n\", lambda.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ...\n sfnStateMachine:\n type: aws:sfn:StateMachine\n name: sfn_state_machine\n properties:\n name: my-state-machine\n roleArn: ${iamForSfn.arn}\n type: EXPRESS\n definition: |\n {\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Publish (Publish SFN version)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst sfnStateMachine = new aws.sfn.StateMachine(\"sfn_state_machine\", {\n name: \"my-state-machine\",\n roleArn: iamForSfn.arn,\n publish: true,\n type: \"EXPRESS\",\n definition: `{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nsfn_state_machine = aws.sfn.StateMachine(\"sfn_state_machine\",\n name=\"my-state-machine\",\n role_arn=iam_for_sfn[\"arn\"],\n publish=True,\n type=\"EXPRESS\",\n definition=f\"\"\"{{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {{\n \"HelloWorld\": {{\n \"Type\": \"Task\",\n \"Resource\": \"{lambda_[\"arn\"]}\",\n \"End\": true\n }}\n }}\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...\n var sfnStateMachine = new Aws.Sfn.StateMachine(\"sfn_state_machine\", new()\n {\n Name = \"my-state-machine\",\n RoleArn = iamForSfn.Arn,\n Publish = true,\n Type = \"EXPRESS\",\n Definition = @$\"{{\n \"\"Comment\"\": \"\"A Hello World example of the Amazon States Language using an AWS Lambda Function\"\",\n \"\"StartAt\"\": \"\"HelloWorld\"\",\n \"\"States\"\": {{\n \"\"HelloWorld\"\": {{\n \"\"Type\"\": \"\"Task\"\",\n \"\"Resource\"\": \"\"{lambda.Arn}\"\",\n \"\"End\"\": true\n }}\n }}\n}}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...\n\t\t_, err := sfn.NewStateMachine(ctx, \"sfn_state_machine\", \u0026sfn.StateMachineArgs{\n\t\t\tName: pulumi.String(\"my-state-machine\"),\n\t\t\tRoleArn: pulumi.Any(iamForSfn.Arn),\n\t\t\tPublish: pulumi.Bool(true),\n\t\t\tType: pulumi.String(\"EXPRESS\"),\n\t\t\tDefinition: pulumi.String(fmt.Sprintf(`{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%v\",\n \"End\": true\n }\n }\n}\n`, lambda.Arn)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.StateMachine;\nimport com.pulumi.aws.sfn.StateMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...\n var sfnStateMachine = new StateMachine(\"sfnStateMachine\", StateMachineArgs.builder()\n .name(\"my-state-machine\")\n .roleArn(iamForSfn.arn())\n .publish(true)\n .type(\"EXPRESS\")\n .definition(\"\"\"\n{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%s\",\n \"End\": true\n }\n }\n}\n\", lambda.arn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ...\n sfnStateMachine:\n type: aws:sfn:StateMachine\n name: sfn_state_machine\n properties:\n name: my-state-machine\n roleArn: ${iamForSfn.arn}\n publish: true\n type: EXPRESS\n definition: |\n {\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003e *NOTE:* See the [AWS Step Functions Developer Guide](https://docs.aws.amazon.com/step-functions/latest/dg/welcome.html) for more information about enabling Step Function logging.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ...\nconst sfnStateMachine = new aws.sfn.StateMachine(\"sfn_state_machine\", {\n name: \"my-state-machine\",\n roleArn: iamForSfn.arn,\n definition: `{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n}\n`,\n loggingConfiguration: {\n logDestination: `${logGroupForSfn.arn}:*`,\n includeExecutionData: true,\n level: \"ERROR\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ...\nsfn_state_machine = aws.sfn.StateMachine(\"sfn_state_machine\",\n name=\"my-state-machine\",\n role_arn=iam_for_sfn[\"arn\"],\n definition=f\"\"\"{{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {{\n \"HelloWorld\": {{\n \"Type\": \"Task\",\n \"Resource\": \"{lambda_[\"arn\"]}\",\n \"End\": true\n }}\n }}\n}}\n\"\"\",\n logging_configuration={\n \"log_destination\": f\"{log_group_for_sfn['arn']}:*\",\n \"include_execution_data\": True,\n \"level\": \"ERROR\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ...\n var sfnStateMachine = new Aws.Sfn.StateMachine(\"sfn_state_machine\", new()\n {\n Name = \"my-state-machine\",\n RoleArn = iamForSfn.Arn,\n Definition = @$\"{{\n \"\"Comment\"\": \"\"A Hello World example of the Amazon States Language using an AWS Lambda Function\"\",\n \"\"StartAt\"\": \"\"HelloWorld\"\",\n \"\"States\"\": {{\n \"\"HelloWorld\"\": {{\n \"\"Type\"\": \"\"Task\"\",\n \"\"Resource\"\": \"\"{lambda.Arn}\"\",\n \"\"End\"\": true\n }}\n }}\n}}\n\",\n LoggingConfiguration = new Aws.Sfn.Inputs.StateMachineLoggingConfigurationArgs\n {\n LogDestination = $\"{logGroupForSfn.Arn}:*\",\n IncludeExecutionData = true,\n Level = \"ERROR\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ...\n\t\t_, err := sfn.NewStateMachine(ctx, \"sfn_state_machine\", \u0026sfn.StateMachineArgs{\n\t\t\tName: pulumi.String(\"my-state-machine\"),\n\t\t\tRoleArn: pulumi.Any(iamForSfn.Arn),\n\t\t\tDefinition: pulumi.String(fmt.Sprintf(`{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%v\",\n \"End\": true\n }\n }\n}\n`, lambda.Arn)),\n\t\t\tLoggingConfiguration: \u0026sfn.StateMachineLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.String(fmt.Sprintf(\"%v:*\", logGroupForSfn.Arn)),\n\t\t\t\tIncludeExecutionData: pulumi.Bool(true),\n\t\t\t\tLevel: pulumi.String(\"ERROR\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.StateMachine;\nimport com.pulumi.aws.sfn.StateMachineArgs;\nimport com.pulumi.aws.sfn.inputs.StateMachineLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ...\n var sfnStateMachine = new StateMachine(\"sfnStateMachine\", StateMachineArgs.builder()\n .name(\"my-state-machine\")\n .roleArn(iamForSfn.arn())\n .definition(\"\"\"\n{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"%s\",\n \"End\": true\n }\n }\n}\n\", lambda.arn()))\n .loggingConfiguration(StateMachineLoggingConfigurationArgs.builder()\n .logDestination(String.format(\"%s:*\", logGroupForSfn.arn()))\n .includeExecutionData(true)\n .level(\"ERROR\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ...\n sfnStateMachine:\n type: aws:sfn:StateMachine\n name: sfn_state_machine\n properties:\n name: my-state-machine\n roleArn: ${iamForSfn.arn}\n definition: |\n {\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambda.arn}\",\n \"End\": true\n }\n }\n }\n loggingConfiguration:\n logDestination: ${logGroupForSfn.arn}:*\n includeExecutionData: true\n level: ERROR\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import State Machines using the `arn`. For example:\n\n```sh\n$ pulumi import aws:sfn/stateMachine:StateMachine foo arn:aws:states:eu-west-1:123456789098:stateMachine:bar\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the state machine.\n" }, "creationDate": { "type": "string", "description": "The date the state machine was created.\n" }, "definition": { "type": "string", "description": "The [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) definition of the state machine.\n" }, "description": { "type": "string" }, "loggingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineLoggingConfiguration:StateMachineLoggingConfiguration", "description": "Defines what execution history events are logged and where they are logged. The `logging_configuration` parameter is only valid when `type` is set to `EXPRESS`. Defaults to `OFF`. For more information see [Logging Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html) and [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.\n" }, "name": { "type": "string", "description": "The name of the state machine. The name should only contain `0`-`9`, `A`-`Z`, `a`-`z`, `-` and `_`. If omitted, the provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "publish": { "type": "boolean", "description": "Set to true to publish a version of the state machine during creation. Default: false.\n" }, "revisionId": { "type": "string" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "stateMachineVersionArn": { "type": "string", "description": "The ARN of the state machine version.\n" }, "status": { "type": "string", "description": "The current status of the state machine. Either `ACTIVE` or `DELETING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tracingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineTracingConfiguration:StateMachineTracingConfiguration", "description": "Selects whether AWS X-Ray tracing is enabled.\n" }, "type": { "type": "string", "description": "Determines whether a Standard or Express state machine is created. The default is `STANDARD`. You cannot update the type of a state machine once it has been created. Valid values: `STANDARD`, `EXPRESS`.\n" }, "versionDescription": { "type": "string" } }, "required": [ "arn", "creationDate", "definition", "description", "loggingConfiguration", "name", "namePrefix", "revisionId", "roleArn", "stateMachineVersionArn", "status", "tagsAll", "tracingConfiguration", "versionDescription" ], "inputProperties": { "definition": { "type": "string", "description": "The [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) definition of the state machine.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineLoggingConfiguration:StateMachineLoggingConfiguration", "description": "Defines what execution history events are logged and where they are logged. The `logging_configuration` parameter is only valid when `type` is set to `EXPRESS`. Defaults to `OFF`. For more information see [Logging Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html) and [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.\n" }, "name": { "type": "string", "description": "The name of the state machine. The name should only contain `0`-`9`, `A`-`Z`, `a`-`z`, `-` and `_`. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Set to true to publish a version of the state machine during creation. Default: false.\n" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tracingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineTracingConfiguration:StateMachineTracingConfiguration", "description": "Selects whether AWS X-Ray tracing is enabled.\n" }, "type": { "type": "string", "description": "Determines whether a Standard or Express state machine is created. The default is `STANDARD`. You cannot update the type of a state machine once it has been created. Valid values: `STANDARD`, `EXPRESS`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "definition", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering StateMachine resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the state machine.\n" }, "creationDate": { "type": "string", "description": "The date the state machine was created.\n" }, "definition": { "type": "string", "description": "The [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) definition of the state machine.\n" }, "description": { "type": "string" }, "loggingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineLoggingConfiguration:StateMachineLoggingConfiguration", "description": "Defines what execution history events are logged and where they are logged. The `logging_configuration` parameter is only valid when `type` is set to `EXPRESS`. Defaults to `OFF`. For more information see [Logging Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html) and [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.\n" }, "name": { "type": "string", "description": "The name of the state machine. The name should only contain `0`-`9`, `A`-`Z`, `a`-`z`, `-` and `_`. If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "publish": { "type": "boolean", "description": "Set to true to publish a version of the state machine during creation. Default: false.\n" }, "revisionId": { "type": "string" }, "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.\n" }, "stateMachineVersionArn": { "type": "string", "description": "The ARN of the state machine version.\n" }, "status": { "type": "string", "description": "The current status of the state machine. Either `ACTIVE` or `DELETING`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tracingConfiguration": { "$ref": "#/types/aws:sfn/StateMachineTracingConfiguration:StateMachineTracingConfiguration", "description": "Selects whether AWS X-Ray tracing is enabled.\n" }, "type": { "type": "string", "description": "Determines whether a Standard or Express state machine is created. The default is `STANDARD`. You cannot update the type of a state machine once it has been created. Valid values: `STANDARD`, `EXPRESS`.\n", "willReplaceOnChanges": true }, "versionDescription": { "type": "string" } }, "type": "object" } }, "aws:shield/applicationLayerAutomaticResponse:ApplicationLayerAutomaticResponse": { "description": "Resource for managing an AWS Shield Application Layer Automatic Response for automatic DDoS mitigation.\n\n## Example Usage\n\n", "properties": { "action": { "type": "string", "description": "One of `COUNT` or `BLOCK`\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource to protect (Cloudfront Distributions and ALBs only at this time).\n" }, "timeouts": { "$ref": "#/types/aws:shield/ApplicationLayerAutomaticResponseTimeouts:ApplicationLayerAutomaticResponseTimeouts" } }, "required": [ "action", "resourceArn" ], "inputProperties": { "action": { "type": "string", "description": "One of `COUNT` or `BLOCK`\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource to protect (Cloudfront Distributions and ALBs only at this time).\n" }, "timeouts": { "$ref": "#/types/aws:shield/ApplicationLayerAutomaticResponseTimeouts:ApplicationLayerAutomaticResponseTimeouts" } }, "requiredInputs": [ "action", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationLayerAutomaticResponse resources.\n", "properties": { "action": { "type": "string", "description": "One of `COUNT` or `BLOCK`\n" }, "resourceArn": { "type": "string", "description": "ARN of the resource to protect (Cloudfront Distributions and ALBs only at this time).\n" }, "timeouts": { "$ref": "#/types/aws:shield/ApplicationLayerAutomaticResponseTimeouts:ApplicationLayerAutomaticResponseTimeouts" } }, "type": "object" } }, "aws:shield/drtAccessLogBucketAssociation:DrtAccessLogBucketAssociation": { "description": "Resource for managing an AWS Shield DRT Access Log Bucket Association.\nUp to 10 log buckets can be associated for DRT Access sharing with the Shield Response Team (SRT).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.shield.DrtAccessRoleArnAssociation(\"test\", {roleArn: `arn:aws:iam:${current.name}:${currentAwsCallerIdentity.accountId}:${shieldDrtAccessRoleName}`});\nconst testDrtAccessLogBucketAssociation = new aws.shield.DrtAccessLogBucketAssociation(\"test\", {\n logBucket: shieldDrtAccessLogBucket,\n roleArnAssociationId: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.shield.DrtAccessRoleArnAssociation(\"test\", role_arn=f\"arn:aws:iam:{current['name']}:{current_aws_caller_identity['accountId']}:{shield_drt_access_role_name}\")\ntest_drt_access_log_bucket_association = aws.shield.DrtAccessLogBucketAssociation(\"test\",\n log_bucket=shield_drt_access_log_bucket,\n role_arn_association_id=test.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Shield.DrtAccessRoleArnAssociation(\"test\", new()\n {\n RoleArn = $\"arn:aws:iam:{current.Name}:{currentAwsCallerIdentity.AccountId}:{shieldDrtAccessRoleName}\",\n });\n\n var testDrtAccessLogBucketAssociation = new Aws.Shield.DrtAccessLogBucketAssociation(\"test\", new()\n {\n LogBucket = shieldDrtAccessLogBucket,\n RoleArnAssociationId = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := shield.NewDrtAccessRoleArnAssociation(ctx, \"test\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: pulumi.String(fmt.Sprintf(\"arn:aws:iam:%v:%v:%v\", current.Name, currentAwsCallerIdentity.AccountId, shieldDrtAccessRoleName)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessLogBucketAssociation(ctx, \"test\", \u0026shield.DrtAccessLogBucketAssociationArgs{\n\t\t\tLogBucket: pulumi.Any(shieldDrtAccessLogBucket),\n\t\t\tRoleArnAssociationId: test.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport com.pulumi.aws.shield.DrtAccessLogBucketAssociation;\nimport com.pulumi.aws.shield.DrtAccessLogBucketAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new DrtAccessRoleArnAssociation(\"test\", DrtAccessRoleArnAssociationArgs.builder()\n .roleArn(String.format(\"arn:aws:iam:%s:%s:%s\", current.name(),currentAwsCallerIdentity.accountId(),shieldDrtAccessRoleName))\n .build());\n\n var testDrtAccessLogBucketAssociation = new DrtAccessLogBucketAssociation(\"testDrtAccessLogBucketAssociation\", DrtAccessLogBucketAssociationArgs.builder()\n .logBucket(shieldDrtAccessLogBucket)\n .roleArnAssociationId(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:shield:DrtAccessRoleArnAssociation\n properties:\n roleArn: arn:aws:iam:${current.name}:${currentAwsCallerIdentity.accountId}:${shieldDrtAccessRoleName}\n testDrtAccessLogBucketAssociation:\n type: aws:shield:DrtAccessLogBucketAssociation\n name: test\n properties:\n logBucket: ${shieldDrtAccessLogBucket}\n roleArnAssociationId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield DRT access log bucket associations using the `log_bucket`. For example:\n\n```sh\n$ pulumi import aws:shield/drtAccessLogBucketAssociation:DrtAccessLogBucketAssociation example example-bucket\n```\n", "properties": { "logBucket": { "type": "string", "description": "The Amazon S3 bucket that contains the logs that you want to share.\n" }, "roleArnAssociationId": { "type": "string", "description": "The ID of the Role Arn association used for allowing Shield DRT Access.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessLogBucketAssociationTimeouts:DrtAccessLogBucketAssociationTimeouts" } }, "required": [ "logBucket", "roleArnAssociationId" ], "inputProperties": { "logBucket": { "type": "string", "description": "The Amazon S3 bucket that contains the logs that you want to share.\n" }, "roleArnAssociationId": { "type": "string", "description": "The ID of the Role Arn association used for allowing Shield DRT Access.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessLogBucketAssociationTimeouts:DrtAccessLogBucketAssociationTimeouts" } }, "requiredInputs": [ "logBucket", "roleArnAssociationId" ], "stateInputs": { "description": "Input properties used for looking up and filtering DrtAccessLogBucketAssociation resources.\n", "properties": { "logBucket": { "type": "string", "description": "The Amazon S3 bucket that contains the logs that you want to share.\n" }, "roleArnAssociationId": { "type": "string", "description": "The ID of the Role Arn association used for allowing Shield DRT Access.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessLogBucketAssociationTimeouts:DrtAccessLogBucketAssociationTimeouts" } }, "type": "object" } }, "aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation": { "description": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.\nFor more information see [Configure AWS SRT Support](https://docs.aws.amazon.com/waf/latest/developerguide/authorize-srt.html)\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst testRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"test\", {\n role: test.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst testDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"test\", {roleArn: test.arn});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\ntest_role_policy_attachment = aws.iam.RolePolicyAttachment(\"test\",\n role=test.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\ntest_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"test\", role_arn=test.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var testRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"test\", new()\n {\n Role = test.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var testDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"test\", new()\n {\n RoleArn = test.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: test.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"test\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder()\n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var testRolePolicyAttachment = new RolePolicyAttachment(\"testRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(test.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var testDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"testDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder()\n .roleArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n testRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: test\n properties:\n role: ${test.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n testDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: test\n properties:\n roleArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield DRT access role ARN association using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation example 123456789012\n```\n", "properties": { "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessRoleArnAssociationTimeouts:DrtAccessRoleArnAssociationTimeouts" } }, "required": [ "roleArn" ], "inputProperties": { "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessRoleArnAssociationTimeouts:DrtAccessRoleArnAssociationTimeouts" } }, "requiredInputs": [ "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering DrtAccessRoleArnAssociation resources.\n", "properties": { "roleArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.\n" }, "timeouts": { "$ref": "#/types/aws:shield/DrtAccessRoleArnAssociationTimeouts:DrtAccessRoleArnAssociationTimeouts" } }, "type": "object" } }, "aws:shield/proactiveEngagement:ProactiveEngagement": { "description": "Resource for managing a AWS Shield Proactive Engagement.\nProactive engagement authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: example.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst exampleDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"example\", {roleArn: example.arn});\nconst test = new aws.shield.ProtectionGroup(\"test\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\nconst testProactiveEngagement = new aws.shield.ProactiveEngagement(\"test\", {\n enabled: true,\n emergencyContacts: [\n {\n contactNotes: \"Notes\",\n emailAddress: \"test@company.com\",\n phoneNumber: \"+12358132134\",\n },\n {\n contactNotes: \"Notes 2\",\n emailAddress: \"test2@company.com\",\n phoneNumber: \"+12358132134\",\n },\n ],\n}, {\n dependsOn: [testAwsShieldDrtAccessRoleArnAssociation],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\nexample_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"example\", role_arn=example.arn)\ntest = aws.shield.ProtectionGroup(\"test\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\ntest_proactive_engagement = aws.shield.ProactiveEngagement(\"test\",\n enabled=True,\n emergency_contacts=[\n {\n \"contact_notes\": \"Notes\",\n \"email_address\": \"test@company.com\",\n \"phone_number\": \"+12358132134\",\n },\n {\n \"contact_notes\": \"Notes 2\",\n \"email_address\": \"test2@company.com\",\n \"phone_number\": \"+12358132134\",\n },\n ],\n opts = pulumi.ResourceOptions(depends_on=[test_aws_shield_drt_access_role_arn_association]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = example.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var exampleDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"example\", new()\n {\n RoleArn = example.Arn,\n });\n\n var test = new Aws.Shield.ProtectionGroup(\"test\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n var testProactiveEngagement = new Aws.Shield.ProactiveEngagement(\"test\", new()\n {\n Enabled = true,\n EmergencyContacts = new[]\n {\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes\",\n EmailAddress = \"test@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes 2\",\n EmailAddress = \"test2@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsShieldDrtAccessRoleArnAssociation,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: example.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"example\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"test\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProactiveEngagement(ctx, \"test\", \u0026shield.ProactiveEngagementArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tEmergencyContacts: shield.ProactiveEngagementEmergencyContactArray{\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes 2\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test2@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsShieldDrtAccessRoleArnAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport com.pulumi.aws.shield.ProactiveEngagement;\nimport com.pulumi.aws.shield.ProactiveEngagementArgs;\nimport com.pulumi.aws.shield.inputs.ProactiveEngagementEmergencyContactArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder()\n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder()\n .role(example.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var exampleDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"exampleDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder()\n .roleArn(example.arn())\n .build());\n\n var test = new ProtectionGroup(\"test\", ProtectionGroupArgs.builder()\n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n var testProactiveEngagement = new ProactiveEngagement(\"testProactiveEngagement\", ProactiveEngagementArgs.builder()\n .enabled(true)\n .emergencyContacts( \n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes\")\n .emailAddress(\"test@company.com\")\n .phoneNumber(\"+12358132134\")\n .build(),\n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes 2\")\n .emailAddress(\"test2@company.com\")\n .phoneNumber(\"+12358132134\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsShieldDrtAccessRoleArnAssociation)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${example.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n exampleDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: example\n properties:\n roleArn: ${example.arn}\n test:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n testProactiveEngagement:\n type: aws:shield:ProactiveEngagement\n name: test\n properties:\n enabled: true\n emergencyContacts:\n - contactNotes: Notes\n emailAddress: test@company.com\n phoneNumber: '+12358132134'\n - contactNotes: Notes 2\n emailAddress: test2@company.com\n phoneNumber: '+12358132134'\n options:\n dependson:\n - ${testAwsShieldDrtAccessRoleArnAssociation}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield proactive engagement using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/proactiveEngagement:ProactiveEngagement example 123456789012\n```\n", "properties": { "emergencyContacts": { "type": "array", "items": { "$ref": "#/types/aws:shield/ProactiveEngagementEmergencyContact:ProactiveEngagementEmergencyContact" }, "description": "One or more emergency contacts. You must provide at least one phone number in the emergency contact list. See `emergency_contacts`.\n" }, "enabled": { "type": "boolean", "description": "Boolean value indicating if Proactive Engagement should be enabled or not.\n" } }, "required": [ "enabled" ], "inputProperties": { "emergencyContacts": { "type": "array", "items": { "$ref": "#/types/aws:shield/ProactiveEngagementEmergencyContact:ProactiveEngagementEmergencyContact" }, "description": "One or more emergency contacts. You must provide at least one phone number in the emergency contact list. See `emergency_contacts`.\n" }, "enabled": { "type": "boolean", "description": "Boolean value indicating if Proactive Engagement should be enabled or not.\n" } }, "requiredInputs": [ "enabled" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProactiveEngagement resources.\n", "properties": { "emergencyContacts": { "type": "array", "items": { "$ref": "#/types/aws:shield/ProactiveEngagementEmergencyContact:ProactiveEngagementEmergencyContact" }, "description": "One or more emergency contacts. You must provide at least one phone number in the emergency contact list. See `emergency_contacts`.\n" }, "enabled": { "type": "boolean", "description": "Boolean value indicating if Proactive Engagement should be enabled or not.\n" } }, "type": "object" } }, "aws:shield/protection:Protection": { "description": "Enables AWS Shield Advanced for a specific AWS resource.\nThe resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.\n\n## Example Usage\n\n### Create protection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({});\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst exampleProtection = new aws.shield.Protection(\"example\", {\n name: \"example\",\n resourceArn: pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),\n tags: {\n Environment: \"Dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones()\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\nexample_protection = aws.shield.Protection(\"example\",\n name=\"example\",\n resource_arn=example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\"),\n tags={\n \"Environment\": \"Dev\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke();\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var exampleProtection = new Aws.Shield.Protection(\"example\", new()\n {\n Name = \"example\",\n ResourceArn = Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n Tags = \n {\n { \"Environment\", \"Dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAvailabilityZones(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtection(ctx, \"example\", \u0026shield.ProtectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceArn: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.shield.Protection;\nimport com.pulumi.aws.shield.ProtectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones();\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Eip(\"example\", EipArgs.builder()\n .domain(\"vpc\")\n .build());\n\n var exampleProtection = new Protection(\"exampleProtection\", ProtectionArgs.builder()\n .name(\"example\")\n .resourceArn(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .tags(Map.of(\"Environment\", \"Dev\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n exampleProtection:\n type: aws:shield:Protection\n name: example\n properties:\n name: example\n resourceArn: arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n tags:\n Environment: Dev\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments: {}\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield protection resources using specifying their ID. For example:\n\n```sh\n$ pulumi import aws:shield/protection:Protection example ff9592dc-22f3-4e88-afa1-7b29fde9669a\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Protection.\n" }, "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n" }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "name", "resourceArn", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Protection resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Protection.\n" }, "name": { "type": "string", "description": "A friendly name for the Protection you are creating.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the resource to be protected.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:shield/protectionGroup:ProtectionGroup": { "description": "Creates a grouping of protected resources so they can be handled as a collective.\nThis resource grouping improves the accuracy of detection and reduces false positives. For more information see\n[Managing AWS Shield Advanced protection groups](https://docs.aws.amazon.com/waf/latest/developerguide/manage-protection-group.html)\n\n## Example Usage\n\n### Create protection group for all resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder()\n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for arbitrary number of resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst exampleProtection = new aws.shield.Protection(\"example\", {\n name: \"example\",\n resourceArn: pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),\n});\nconst exampleProtectionGroup = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MEAN\",\n pattern: \"ARBITRARY\",\n members: [pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`)],\n}, {\n dependsOn: [exampleProtection],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\nexample_protection = aws.shield.Protection(\"example\",\n name=\"example\",\n resource_arn=example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\"))\nexample_protection_group = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MEAN\",\n pattern=\"ARBITRARY\",\n members=[example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\")],\n opts = pulumi.ResourceOptions(depends_on=[example_protection]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var exampleProtection = new Aws.Shield.Protection(\"example\", new()\n {\n Name = \"example\",\n ResourceArn = Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n });\n\n var exampleProtectionGroup = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MEAN\",\n Pattern = \"ARBITRARY\",\n Members = new[]\n {\n Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleProtection,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProtection, err := shield.NewProtection(ctx, \"example\", \u0026shield.ProtectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceArn: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MEAN\"),\n\t\t\tPattern: pulumi.String(\"ARBITRARY\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\texample.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleProtection,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.shield.Protection;\nimport com.pulumi.aws.shield.ProtectionArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Eip(\"example\", EipArgs.builder()\n .domain(\"vpc\")\n .build());\n\n var exampleProtection = new Protection(\"exampleProtection\", ProtectionArgs.builder()\n .name(\"example\")\n .resourceArn(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build());\n\n var exampleProtectionGroup = new ProtectionGroup(\"exampleProtectionGroup\", ProtectionGroupArgs.builder()\n .protectionGroupId(\"example\")\n .aggregation(\"MEAN\")\n .pattern(\"ARBITRARY\")\n .members(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleProtection)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n exampleProtection:\n type: aws:shield:Protection\n name: example\n properties:\n name: example\n resourceArn: arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n exampleProtectionGroup:\n type: aws:shield:ProtectionGroup\n name: example\n properties:\n protectionGroupId: example\n aggregation: MEAN\n pattern: ARBITRARY\n members:\n - arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n options:\n dependson:\n - ${exampleProtection}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for a type of resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"SUM\",\n pattern: \"BY_RESOURCE_TYPE\",\n resourceType: \"ELASTIC_IP_ALLOCATION\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"SUM\",\n pattern=\"BY_RESOURCE_TYPE\",\n resource_type=\"ELASTIC_IP_ALLOCATION\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"SUM\",\n Pattern = \"BY_RESOURCE_TYPE\",\n ResourceType = \"ELASTIC_IP_ALLOCATION\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"SUM\"),\n\t\t\tPattern: pulumi.String(\"BY_RESOURCE_TYPE\"),\n\t\t\tResourceType: pulumi.String(\"ELASTIC_IP_ALLOCATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder()\n .protectionGroupId(\"example\")\n .aggregation(\"SUM\")\n .pattern(\"BY_RESOURCE_TYPE\")\n .resourceType(\"ELASTIC_IP_ALLOCATION\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: SUM\n pattern: BY_RESOURCE_TYPE\n resourceType: ELASTIC_IP_ALLOCATION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield protection group resources using their protection group id. For example:\n\n```sh\n$ pulumi import aws:shield/protectionGroup:ProtectionGroup example example\n```\n", "properties": { "aggregation": { "type": "string", "description": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.\n" }, "pattern": { "type": "string", "description": "The criteria to use to choose the protected resources for inclusion in the group.\n" }, "protectionGroupArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the protection group.\n" }, "protectionGroupId": { "type": "string", "description": "The name of the protection group.\n" }, "resourceType": { "type": "string", "description": "The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "aggregation", "pattern", "protectionGroupArn", "protectionGroupId", "tagsAll" ], "inputProperties": { "aggregation": { "type": "string", "description": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.\n" }, "pattern": { "type": "string", "description": "The criteria to use to choose the protected resources for inclusion in the group.\n" }, "protectionGroupId": { "type": "string", "description": "The name of the protection group.\n", "willReplaceOnChanges": true }, "resourceType": { "type": "string", "description": "The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "aggregation", "pattern", "protectionGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProtectionGroup resources.\n", "properties": { "aggregation": { "type": "string", "description": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n" }, "members": { "type": "array", "items": { "type": "string" }, "description": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.\n" }, "pattern": { "type": "string", "description": "The criteria to use to choose the protected resources for inclusion in the group.\n" }, "protectionGroupArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the protection group.\n" }, "protectionGroupId": { "type": "string", "description": "The name of the protection group.\n", "willReplaceOnChanges": true }, "resourceType": { "type": "string", "description": "The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:shield/protectionHealthCheckAssociation:ProtectionHealthCheckAssociation": { "description": "Creates an association between a Route53 Health Check and a Shield Advanced protected resource.\nThis association uses the health of your applications to improve responsiveness and accuracy in attack detection and mitigation.\n\nBlog post: [AWS Shield Advanced now supports Health Based Detection](https://aws.amazon.com/about-aws/whats-new/2020/02/aws-shield-advanced-now-supports-health-based-detection/)\n\n## Example Usage\n\n### Create an association between a protected EIP and a Route53 Health Check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.ec2.Eip(\"example\", {\n domain: \"vpc\",\n tags: {\n Name: \"example\",\n },\n});\nconst exampleProtection = new aws.shield.Protection(\"example\", {\n name: \"example-protection\",\n resourceArn: pulumi.all([currentGetPartition, current, currentGetCallerIdentity, example.id]).apply(([currentGetPartition, current, currentGetCallerIdentity, id]) =\u003e `arn:${currentGetPartition.partition}:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),\n});\nconst exampleHealthCheck = new aws.route53.HealthCheck(\"example\", {\n ipAddress: example.publicIp,\n port: 80,\n type: \"HTTP\",\n resourcePath: \"/ready\",\n failureThreshold: 3,\n requestInterval: 30,\n tags: {\n Name: \"tf-example-health-check\",\n },\n});\nconst exampleProtectionHealthCheckAssociation = new aws.shield.ProtectionHealthCheckAssociation(\"example\", {\n healthCheckArn: exampleHealthCheck.arn,\n shieldProtectionId: exampleProtection.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.ec2.Eip(\"example\",\n domain=\"vpc\",\n tags={\n \"Name\": \"example\",\n })\nexample_protection = aws.shield.Protection(\"example\",\n name=\"example-protection\",\n resource_arn=example.id.apply(lambda id: f\"arn:{current_get_partition.partition}:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\"))\nexample_health_check = aws.route53.HealthCheck(\"example\",\n ip_address=example.public_ip,\n port=80,\n type=\"HTTP\",\n resource_path=\"/ready\",\n failure_threshold=3,\n request_interval=30,\n tags={\n \"Name\": \"tf-example-health-check\",\n })\nexample_protection_health_check_association = aws.shield.ProtectionHealthCheckAssociation(\"example\",\n health_check_arn=example_health_check.arn,\n shield_protection_id=example_protection.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n var exampleProtection = new Aws.Shield.Protection(\"example\", new()\n {\n Name = \"example-protection\",\n ResourceArn = Output.Tuple(currentGetPartition, current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n var currentGetCallerIdentity = values.Item3;\n var id = values.Item4;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n });\n\n var exampleHealthCheck = new Aws.Route53.HealthCheck(\"example\", new()\n {\n IpAddress = example.PublicIp,\n Port = 80,\n Type = \"HTTP\",\n ResourcePath = \"/ready\",\n FailureThreshold = 3,\n RequestInterval = 30,\n Tags = \n {\n { \"Name\", \"tf-example-health-check\" },\n },\n });\n\n var exampleProtectionHealthCheckAssociation = new Aws.Shield.ProtectionHealthCheckAssociation(\"example\", new()\n {\n HealthCheckArn = exampleHealthCheck.Arn,\n ShieldProtectionId = exampleProtection.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProtection, err := shield.NewProtection(ctx, \"example\", \u0026shield.ProtectionArgs{\n\t\t\tName: pulumi.String(\"example-protection\"),\n\t\t\tResourceArn: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"arn:%v:ec2:%v:%v:eip-allocation/%v\", currentGetPartition.Partition, current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleHealthCheck, err := route53.NewHealthCheck(ctx, \"example\", \u0026route53.HealthCheckArgs{\n\t\t\tIpAddress: example.PublicIp,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tType: pulumi.String(\"HTTP\"),\n\t\t\tResourcePath: pulumi.String(\"/ready\"),\n\t\t\tFailureThreshold: pulumi.Int(3),\n\t\t\tRequestInterval: pulumi.Int(30),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"tf-example-health-check\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionHealthCheckAssociation(ctx, \"example\", \u0026shield.ProtectionHealthCheckAssociationArgs{\n\t\t\tHealthCheckArn: exampleHealthCheck.Arn,\n\t\t\tShieldProtectionId: exampleProtection.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.shield.Protection;\nimport com.pulumi.aws.shield.ProtectionArgs;\nimport com.pulumi.aws.route53.HealthCheck;\nimport com.pulumi.aws.route53.HealthCheckArgs;\nimport com.pulumi.aws.shield.ProtectionHealthCheckAssociation;\nimport com.pulumi.aws.shield.ProtectionHealthCheckAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new Eip(\"example\", EipArgs.builder()\n .domain(\"vpc\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n var exampleProtection = new Protection(\"exampleProtection\", ProtectionArgs.builder()\n .name(\"example-protection\")\n .resourceArn(example.id().applyValue(id -\u003e String.format(\"arn:%s:ec2:%s:%s:eip-allocation/%s\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build());\n\n var exampleHealthCheck = new HealthCheck(\"exampleHealthCheck\", HealthCheckArgs.builder()\n .ipAddress(example.publicIp())\n .port(80)\n .type(\"HTTP\")\n .resourcePath(\"/ready\")\n .failureThreshold(\"3\")\n .requestInterval(\"30\")\n .tags(Map.of(\"Name\", \"tf-example-health-check\"))\n .build());\n\n var exampleProtectionHealthCheckAssociation = new ProtectionHealthCheckAssociation(\"exampleProtectionHealthCheckAssociation\", ProtectionHealthCheckAssociationArgs.builder()\n .healthCheckArn(exampleHealthCheck.arn())\n .shieldProtectionId(exampleProtection.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n tags:\n Name: example\n exampleProtection:\n type: aws:shield:Protection\n name: example\n properties:\n name: example-protection\n resourceArn: arn:${currentGetPartition.partition}:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n exampleHealthCheck:\n type: aws:route53:HealthCheck\n name: example\n properties:\n ipAddress: ${example.publicIp}\n port: 80\n type: HTTP\n resourcePath: /ready\n failureThreshold: '3'\n requestInterval: '30'\n tags:\n Name: tf-example-health-check\n exampleProtectionHealthCheckAssociation:\n type: aws:shield:ProtectionHealthCheckAssociation\n name: example\n properties:\n healthCheckArn: ${exampleHealthCheck.arn}\n shieldProtectionId: ${exampleProtection.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield protection health check association resources using the `shield_protection_id` and `health_check_arn`. For example:\n\n```sh\n$ pulumi import aws:shield/protectionHealthCheckAssociation:ProtectionHealthCheckAssociation example ff9592dc-22f3-4e88-afa1-7b29fde9669a+arn:aws:route53:::healthcheck/3742b175-edb9-46bc-9359-f53e3b794b1b\n```\n", "properties": { "healthCheckArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the Route53 Health Check resource which will be associated to the protected resource.\n" }, "shieldProtectionId": { "type": "string", "description": "The ID of the protected resource.\n" } }, "required": [ "healthCheckArn", "shieldProtectionId" ], "inputProperties": { "healthCheckArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the Route53 Health Check resource which will be associated to the protected resource.\n", "willReplaceOnChanges": true }, "shieldProtectionId": { "type": "string", "description": "The ID of the protected resource.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "healthCheckArn", "shieldProtectionId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ProtectionHealthCheckAssociation resources.\n", "properties": { "healthCheckArn": { "type": "string", "description": "The ARN (Amazon Resource Name) of the Route53 Health Check resource which will be associated to the protected resource.\n", "willReplaceOnChanges": true }, "shieldProtectionId": { "type": "string", "description": "The ID of the protected resource.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:shield/subscription:Subscription": { "description": "Resource for managing an AWS Shield Subscription.\n\n\u003e This resource creates a subscription to AWS Shield Advanced, which requires a 1 year subscription commitment with a monthly fee. Refer to the [AWS Shield Pricing](https://aws.amazon.com/shield/pricing/) page for more details.\n\n\u003e Destruction of this resource will set `auto_renew` to `DISABLED`. Automatic renewal can only be disabled during the last 30 days of a subscription. To unsubscribe outside of this window, you must contact AWS Support. Set `skip_destroy` to `true` to skip modifying the `auto_renew` argument during destruction.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.Subscription(\"example\", {autoRenew: \"ENABLED\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.Subscription(\"example\", auto_renew=\"ENABLED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.Subscription(\"example\", new()\n {\n AutoRenew = \"ENABLED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewSubscription(ctx, \"example\", \u0026shield.SubscriptionArgs{\n\t\t\tAutoRenew: pulumi.String(\"ENABLED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.Subscription;\nimport com.pulumi.aws.shield.SubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Subscription(\"example\", SubscriptionArgs.builder()\n .autoRenew(\"ENABLED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:Subscription\n properties:\n autoRenew: ENABLED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield Subscription using the `id`. For example:\n\n```sh\n$ pulumi import aws:shield/subscription:Subscription example 012345678901\n```\n", "properties": { "autoRenew": { "type": "string", "description": "Toggle for automated renewal of the subscription. Valid values are `ENABLED` or `DISABLED`. Default is `ENABLED`.\n" }, "skipDestroy": { "type": "boolean", "description": "Skip attempting to disable automated renewal upon destruction. If set to `true`, the `auto_renew` value will be left as-is and the resource will simply be removed from state.\n" } }, "required": [ "autoRenew" ], "inputProperties": { "autoRenew": { "type": "string", "description": "Toggle for automated renewal of the subscription. Valid values are `ENABLED` or `DISABLED`. Default is `ENABLED`.\n" }, "skipDestroy": { "type": "boolean", "description": "Skip attempting to disable automated renewal upon destruction. If set to `true`, the `auto_renew` value will be left as-is and the resource will simply be removed from state.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Subscription resources.\n", "properties": { "autoRenew": { "type": "string", "description": "Toggle for automated renewal of the subscription. Valid values are `ENABLED` or `DISABLED`. Default is `ENABLED`.\n" }, "skipDestroy": { "type": "boolean", "description": "Skip attempting to disable automated renewal upon destruction. If set to `true`, the `auto_renew` value will be left as-is and the resource will simply be removed from state.\n" } }, "type": "object" } }, "aws:signer/signingJob:SigningJob": { "description": "Creates a Signer Signing Job.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testSp = new aws.signer.SigningProfile(\"test_sp\", {platformId: \"AWSLambda-SHA384-ECDSA\"});\nconst buildSigningJob = new aws.signer.SigningJob(\"build_signing_job\", {\n profileName: testSp.name,\n source: {\n s3: {\n bucket: \"s3-bucket-name\",\n key: \"object-to-be-signed.zip\",\n version: \"jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\",\n },\n },\n destination: {\n s3: {\n bucket: \"s3-bucket-name\",\n prefix: \"signed/\",\n },\n },\n ignoreSigningJobFailure: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_sp = aws.signer.SigningProfile(\"test_sp\", platform_id=\"AWSLambda-SHA384-ECDSA\")\nbuild_signing_job = aws.signer.SigningJob(\"build_signing_job\",\n profile_name=test_sp.name,\n source={\n \"s3\": {\n \"bucket\": \"s3-bucket-name\",\n \"key\": \"object-to-be-signed.zip\",\n \"version\": \"jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\",\n },\n },\n destination={\n \"s3\": {\n \"bucket\": \"s3-bucket-name\",\n \"prefix\": \"signed/\",\n },\n },\n ignore_signing_job_failure=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testSp = new Aws.Signer.SigningProfile(\"test_sp\", new()\n {\n PlatformId = \"AWSLambda-SHA384-ECDSA\",\n });\n\n var buildSigningJob = new Aws.Signer.SigningJob(\"build_signing_job\", new()\n {\n ProfileName = testSp.Name,\n Source = new Aws.Signer.Inputs.SigningJobSourceArgs\n {\n S3 = new Aws.Signer.Inputs.SigningJobSourceS3Args\n {\n Bucket = \"s3-bucket-name\",\n Key = \"object-to-be-signed.zip\",\n Version = \"jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\",\n },\n },\n Destination = new Aws.Signer.Inputs.SigningJobDestinationArgs\n {\n S3 = new Aws.Signer.Inputs.SigningJobDestinationS3Args\n {\n Bucket = \"s3-bucket-name\",\n Prefix = \"signed/\",\n },\n },\n IgnoreSigningJobFailure = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/signer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestSp, err := signer.NewSigningProfile(ctx, \"test_sp\", \u0026signer.SigningProfileArgs{\n\t\t\tPlatformId: pulumi.String(\"AWSLambda-SHA384-ECDSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = signer.NewSigningJob(ctx, \"build_signing_job\", \u0026signer.SigningJobArgs{\n\t\t\tProfileName: testSp.Name,\n\t\t\tSource: \u0026signer.SigningJobSourceArgs{\n\t\t\t\tS3: \u0026signer.SigningJobSourceS3Args{\n\t\t\t\t\tBucket: pulumi.String(\"s3-bucket-name\"),\n\t\t\t\t\tKey: pulumi.String(\"object-to-be-signed.zip\"),\n\t\t\t\t\tVersion: pulumi.String(\"jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tDestination: \u0026signer.SigningJobDestinationArgs{\n\t\t\t\tS3: \u0026signer.SigningJobDestinationS3Args{\n\t\t\t\t\tBucket: pulumi.String(\"s3-bucket-name\"),\n\t\t\t\t\tPrefix: pulumi.String(\"signed/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIgnoreSigningJobFailure: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.signer.SigningProfile;\nimport com.pulumi.aws.signer.SigningProfileArgs;\nimport com.pulumi.aws.signer.SigningJob;\nimport com.pulumi.aws.signer.SigningJobArgs;\nimport com.pulumi.aws.signer.inputs.SigningJobSourceArgs;\nimport com.pulumi.aws.signer.inputs.SigningJobSourceS3Args;\nimport com.pulumi.aws.signer.inputs.SigningJobDestinationArgs;\nimport com.pulumi.aws.signer.inputs.SigningJobDestinationS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testSp = new SigningProfile(\"testSp\", SigningProfileArgs.builder()\n .platformId(\"AWSLambda-SHA384-ECDSA\")\n .build());\n\n var buildSigningJob = new SigningJob(\"buildSigningJob\", SigningJobArgs.builder()\n .profileName(testSp.name())\n .source(SigningJobSourceArgs.builder()\n .s3(SigningJobSourceS3Args.builder()\n .bucket(\"s3-bucket-name\")\n .key(\"object-to-be-signed.zip\")\n .version(\"jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\")\n .build())\n .build())\n .destination(SigningJobDestinationArgs.builder()\n .s3(SigningJobDestinationS3Args.builder()\n .bucket(\"s3-bucket-name\")\n .prefix(\"signed/\")\n .build())\n .build())\n .ignoreSigningJobFailure(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testSp:\n type: aws:signer:SigningProfile\n name: test_sp\n properties:\n platformId: AWSLambda-SHA384-ECDSA\n buildSigningJob:\n type: aws:signer:SigningJob\n name: build_signing_job\n properties:\n profileName: ${testSp.name}\n source:\n s3:\n bucket: s3-bucket-name\n key: object-to-be-signed.zip\n version: jADjFYYYEXAMPLETszPjOmCMFDzd9dN1\n destination:\n s3:\n bucket: s3-bucket-name\n prefix: signed/\n ignoreSigningJobFailure: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Signer signing jobs using the `job_id`. For example:\n\n```sh\n$ pulumi import aws:signer/signingJob:SigningJob test_signer_signing_job 9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\n```\n", "properties": { "completedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was completed.\n" }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was created.\n" }, "destination": { "$ref": "#/types/aws:signer/SigningJobDestination:SigningJobDestination", "description": "The S3 bucket in which to save your signed object. See Destination below for details.\n" }, "ignoreSigningJobFailure": { "type": "boolean", "description": "Set this argument to `true` to ignore signing job failures and retrieve failed status and reason. Default `false`.\n" }, "jobId": { "type": "string", "description": "The ID of the signing job on output.\n" }, "jobInvoker": { "type": "string", "description": "The IAM entity that initiated the signing job.\n" }, "jobOwner": { "type": "string", "description": "The AWS account ID of the job owner.\n" }, "platformDisplayName": { "type": "string", "description": "A human-readable name for the signing platform associated with the signing job.\n" }, "platformId": { "type": "string", "description": "The platform to which your signed code image will be distributed.\n" }, "profileName": { "type": "string", "description": "The name of the profile to initiate the signing operation.\n" }, "profileVersion": { "type": "string", "description": "The version of the signing profile used to initiate the signing job.\n" }, "requestedBy": { "type": "string", "description": "The IAM principal that requested the signing job.\n" }, "revocationRecords": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningJobRevocationRecord:SigningJobRevocationRecord" }, "description": "A revocation record if the signature generated by the signing job has been revoked. Contains a timestamp and the ID of the IAM entity that revoked the signature.\n" }, "signatureExpiresAt": { "type": "string", "description": "The time when the signature of a signing job expires.\n" }, "signedObjects": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningJobSignedObject:SigningJobSignedObject" }, "description": "Name of the S3 bucket where the signed code image is saved by code signing.\n" }, "source": { "$ref": "#/types/aws:signer/SigningJobSource:SigningJobSource", "description": "The S3 bucket that contains the object to sign. See Source below for details.\n" }, "status": { "type": "string", "description": "Status of the signing job.\n" }, "statusReason": { "type": "string", "description": "String value that contains the status reason.\n" } }, "required": [ "completedAt", "createdAt", "destination", "jobId", "jobInvoker", "jobOwner", "platformDisplayName", "platformId", "profileName", "profileVersion", "requestedBy", "revocationRecords", "signatureExpiresAt", "signedObjects", "source", "status", "statusReason" ], "inputProperties": { "destination": { "$ref": "#/types/aws:signer/SigningJobDestination:SigningJobDestination", "description": "The S3 bucket in which to save your signed object. See Destination below for details.\n", "willReplaceOnChanges": true }, "ignoreSigningJobFailure": { "type": "boolean", "description": "Set this argument to `true` to ignore signing job failures and retrieve failed status and reason. Default `false`.\n", "willReplaceOnChanges": true }, "profileName": { "type": "string", "description": "The name of the profile to initiate the signing operation.\n", "willReplaceOnChanges": true }, "source": { "$ref": "#/types/aws:signer/SigningJobSource:SigningJobSource", "description": "The S3 bucket that contains the object to sign. See Source below for details.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "destination", "profileName", "source" ], "stateInputs": { "description": "Input properties used for looking up and filtering SigningJob resources.\n", "properties": { "completedAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was completed.\n" }, "createdAt": { "type": "string", "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was created.\n" }, "destination": { "$ref": "#/types/aws:signer/SigningJobDestination:SigningJobDestination", "description": "The S3 bucket in which to save your signed object. See Destination below for details.\n", "willReplaceOnChanges": true }, "ignoreSigningJobFailure": { "type": "boolean", "description": "Set this argument to `true` to ignore signing job failures and retrieve failed status and reason. Default `false`.\n", "willReplaceOnChanges": true }, "jobId": { "type": "string", "description": "The ID of the signing job on output.\n" }, "jobInvoker": { "type": "string", "description": "The IAM entity that initiated the signing job.\n" }, "jobOwner": { "type": "string", "description": "The AWS account ID of the job owner.\n" }, "platformDisplayName": { "type": "string", "description": "A human-readable name for the signing platform associated with the signing job.\n" }, "platformId": { "type": "string", "description": "The platform to which your signed code image will be distributed.\n" }, "profileName": { "type": "string", "description": "The name of the profile to initiate the signing operation.\n", "willReplaceOnChanges": true }, "profileVersion": { "type": "string", "description": "The version of the signing profile used to initiate the signing job.\n" }, "requestedBy": { "type": "string", "description": "The IAM principal that requested the signing job.\n" }, "revocationRecords": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningJobRevocationRecord:SigningJobRevocationRecord" }, "description": "A revocation record if the signature generated by the signing job has been revoked. Contains a timestamp and the ID of the IAM entity that revoked the signature.\n" }, "signatureExpiresAt": { "type": "string", "description": "The time when the signature of a signing job expires.\n" }, "signedObjects": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningJobSignedObject:SigningJobSignedObject" }, "description": "Name of the S3 bucket where the signed code image is saved by code signing.\n" }, "source": { "$ref": "#/types/aws:signer/SigningJobSource:SigningJobSource", "description": "The S3 bucket that contains the object to sign. See Source below for details.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the signing job.\n" }, "statusReason": { "type": "string", "description": "String value that contains the status reason.\n" } }, "type": "object" } }, "aws:signer/signingProfile:SigningProfile": { "description": "Creates a Signer Signing Profile. A signing profile contains information about the code signing configuration parameters that can be used by a given code signing user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testSp = new aws.signer.SigningProfile(\"test_sp\", {platformId: \"AWSLambda-SHA384-ECDSA\"});\nconst prodSp = new aws.signer.SigningProfile(\"prod_sp\", {\n platformId: \"AWSLambda-SHA384-ECDSA\",\n namePrefix: \"prod_sp_\",\n signatureValidityPeriod: {\n value: 5,\n type: \"YEARS\",\n },\n tags: {\n tag1: \"value1\",\n tag2: \"value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_sp = aws.signer.SigningProfile(\"test_sp\", platform_id=\"AWSLambda-SHA384-ECDSA\")\nprod_sp = aws.signer.SigningProfile(\"prod_sp\",\n platform_id=\"AWSLambda-SHA384-ECDSA\",\n name_prefix=\"prod_sp_\",\n signature_validity_period={\n \"value\": 5,\n \"type\": \"YEARS\",\n },\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testSp = new Aws.Signer.SigningProfile(\"test_sp\", new()\n {\n PlatformId = \"AWSLambda-SHA384-ECDSA\",\n });\n\n var prodSp = new Aws.Signer.SigningProfile(\"prod_sp\", new()\n {\n PlatformId = \"AWSLambda-SHA384-ECDSA\",\n NamePrefix = \"prod_sp_\",\n SignatureValidityPeriod = new Aws.Signer.Inputs.SigningProfileSignatureValidityPeriodArgs\n {\n Value = 5,\n Type = \"YEARS\",\n },\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/signer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := signer.NewSigningProfile(ctx, \"test_sp\", \u0026signer.SigningProfileArgs{\n\t\t\tPlatformId: pulumi.String(\"AWSLambda-SHA384-ECDSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = signer.NewSigningProfile(ctx, \"prod_sp\", \u0026signer.SigningProfileArgs{\n\t\t\tPlatformId: pulumi.String(\"AWSLambda-SHA384-ECDSA\"),\n\t\t\tNamePrefix: pulumi.String(\"prod_sp_\"),\n\t\t\tSignatureValidityPeriod: \u0026signer.SigningProfileSignatureValidityPeriodArgs{\n\t\t\t\tValue: pulumi.Int(5),\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.signer.SigningProfile;\nimport com.pulumi.aws.signer.SigningProfileArgs;\nimport com.pulumi.aws.signer.inputs.SigningProfileSignatureValidityPeriodArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testSp = new SigningProfile(\"testSp\", SigningProfileArgs.builder()\n .platformId(\"AWSLambda-SHA384-ECDSA\")\n .build());\n\n var prodSp = new SigningProfile(\"prodSp\", SigningProfileArgs.builder()\n .platformId(\"AWSLambda-SHA384-ECDSA\")\n .namePrefix(\"prod_sp_\")\n .signatureValidityPeriod(SigningProfileSignatureValidityPeriodArgs.builder()\n .value(5)\n .type(\"YEARS\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testSp:\n type: aws:signer:SigningProfile\n name: test_sp\n properties:\n platformId: AWSLambda-SHA384-ECDSA\n prodSp:\n type: aws:signer:SigningProfile\n name: prod_sp\n properties:\n platformId: AWSLambda-SHA384-ECDSA\n namePrefix: prod_sp_\n signatureValidityPeriod:\n value: 5\n type: YEARS\n tags:\n tag1: value1\n tag2: value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Signer signing profiles using the `name`. For example:\n\n```sh\n$ pulumi import aws:signer/signingProfile:SigningProfile test_signer_signing_profile test_sp_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the signing profile.\n" }, "name": { "type": "string" }, "namePrefix": { "type": "string" }, "platformDisplayName": { "type": "string", "description": "A human-readable name for the signing platform associated with the signing profile.\n" }, "platformId": { "type": "string", "description": "The ID of the platform that is used by the target signing profile.\n" }, "revocationRecords": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningProfileRevocationRecord:SigningProfileRevocationRecord" }, "description": "Revocation information for a signing profile. See `revocation_record` Block below for details.\n" }, "signatureValidityPeriod": { "$ref": "#/types/aws:signer/SigningProfileSignatureValidityPeriod:SigningProfileSignatureValidityPeriod", "description": "The validity period for a signing job. See `signature_validity_period` Block below for details.\n" }, "signingMaterial": { "$ref": "#/types/aws:signer/SigningProfileSigningMaterial:SigningProfileSigningMaterial", "description": "The AWS Certificate Manager certificate that will be used to sign code with the new signing profile. See `signing_material` Block below for details.\n" }, "status": { "type": "string", "description": "The status of the target signing profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags associated with the signing profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The current version of the signing profile.\n" }, "versionArn": { "type": "string", "description": "The signing profile ARN, including the profile version.\n" } }, "required": [ "arn", "name", "namePrefix", "platformDisplayName", "platformId", "revocationRecords", "signatureValidityPeriod", "signingMaterial", "status", "tagsAll", "version", "versionArn" ], "inputProperties": { "name": { "type": "string", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "platformId": { "type": "string", "description": "The ID of the platform that is used by the target signing profile.\n", "willReplaceOnChanges": true }, "signatureValidityPeriod": { "$ref": "#/types/aws:signer/SigningProfileSignatureValidityPeriod:SigningProfileSignatureValidityPeriod", "description": "The validity period for a signing job. See `signature_validity_period` Block below for details.\n", "willReplaceOnChanges": true }, "signingMaterial": { "$ref": "#/types/aws:signer/SigningProfileSigningMaterial:SigningProfileSigningMaterial", "description": "The AWS Certificate Manager certificate that will be used to sign code with the new signing profile. See `signing_material` Block below for details.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags associated with the signing profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "platformId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SigningProfile resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) for the signing profile.\n" }, "name": { "type": "string", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "platformDisplayName": { "type": "string", "description": "A human-readable name for the signing platform associated with the signing profile.\n" }, "platformId": { "type": "string", "description": "The ID of the platform that is used by the target signing profile.\n", "willReplaceOnChanges": true }, "revocationRecords": { "type": "array", "items": { "$ref": "#/types/aws:signer/SigningProfileRevocationRecord:SigningProfileRevocationRecord" }, "description": "Revocation information for a signing profile. See `revocation_record` Block below for details.\n" }, "signatureValidityPeriod": { "$ref": "#/types/aws:signer/SigningProfileSignatureValidityPeriod:SigningProfileSignatureValidityPeriod", "description": "The validity period for a signing job. See `signature_validity_period` Block below for details.\n", "willReplaceOnChanges": true }, "signingMaterial": { "$ref": "#/types/aws:signer/SigningProfileSigningMaterial:SigningProfileSigningMaterial", "description": "The AWS Certificate Manager certificate that will be used to sign code with the new signing profile. See `signing_material` Block below for details.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The status of the target signing profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of tags associated with the signing profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "version": { "type": "string", "description": "The current version of the signing profile.\n" }, "versionArn": { "type": "string", "description": "The signing profile ARN, including the profile version.\n" } }, "type": "object" } }, "aws:signer/signingProfilePermission:SigningProfilePermission": { "description": "Creates a Signer Signing Profile Permission. That is, a cross-account permission for a signing profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst prodSp = new aws.signer.SigningProfile(\"prod_sp\", {\n platformId: \"AWSLambda-SHA384-ECDSA\",\n namePrefix: \"prod_sp_\",\n signatureValidityPeriod: {\n value: 5,\n type: \"YEARS\",\n },\n tags: {\n tag1: \"value1\",\n tag2: \"value2\",\n },\n});\nconst spPermission1 = new aws.signer.SigningProfilePermission(\"sp_permission_1\", {\n profileName: prodSp.name,\n action: \"signer:StartSigningJob\",\n principal: awsAccount,\n});\nconst spPermission2 = new aws.signer.SigningProfilePermission(\"sp_permission_2\", {\n profileName: prodSp.name,\n action: \"signer:GetSigningProfile\",\n principal: awsTeamRoleArn,\n statementId: \"ProdAccountStartSigningJob_StatementId\",\n});\nconst spPermission3 = new aws.signer.SigningProfilePermission(\"sp_permission_3\", {\n profileName: prodSp.name,\n action: \"signer:RevokeSignature\",\n principal: \"123456789012\",\n profileVersion: prodSp.version,\n statementIdPrefix: \"version-permission-\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprod_sp = aws.signer.SigningProfile(\"prod_sp\",\n platform_id=\"AWSLambda-SHA384-ECDSA\",\n name_prefix=\"prod_sp_\",\n signature_validity_period={\n \"value\": 5,\n \"type\": \"YEARS\",\n },\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value2\",\n })\nsp_permission1 = aws.signer.SigningProfilePermission(\"sp_permission_1\",\n profile_name=prod_sp.name,\n action=\"signer:StartSigningJob\",\n principal=aws_account)\nsp_permission2 = aws.signer.SigningProfilePermission(\"sp_permission_2\",\n profile_name=prod_sp.name,\n action=\"signer:GetSigningProfile\",\n principal=aws_team_role_arn,\n statement_id=\"ProdAccountStartSigningJob_StatementId\")\nsp_permission3 = aws.signer.SigningProfilePermission(\"sp_permission_3\",\n profile_name=prod_sp.name,\n action=\"signer:RevokeSignature\",\n principal=\"123456789012\",\n profile_version=prod_sp.version,\n statement_id_prefix=\"version-permission-\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var prodSp = new Aws.Signer.SigningProfile(\"prod_sp\", new()\n {\n PlatformId = \"AWSLambda-SHA384-ECDSA\",\n NamePrefix = \"prod_sp_\",\n SignatureValidityPeriod = new Aws.Signer.Inputs.SigningProfileSignatureValidityPeriodArgs\n {\n Value = 5,\n Type = \"YEARS\",\n },\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value2\" },\n },\n });\n\n var spPermission1 = new Aws.Signer.SigningProfilePermission(\"sp_permission_1\", new()\n {\n ProfileName = prodSp.Name,\n Action = \"signer:StartSigningJob\",\n Principal = awsAccount,\n });\n\n var spPermission2 = new Aws.Signer.SigningProfilePermission(\"sp_permission_2\", new()\n {\n ProfileName = prodSp.Name,\n Action = \"signer:GetSigningProfile\",\n Principal = awsTeamRoleArn,\n StatementId = \"ProdAccountStartSigningJob_StatementId\",\n });\n\n var spPermission3 = new Aws.Signer.SigningProfilePermission(\"sp_permission_3\", new()\n {\n ProfileName = prodSp.Name,\n Action = \"signer:RevokeSignature\",\n Principal = \"123456789012\",\n ProfileVersion = prodSp.Version,\n StatementIdPrefix = \"version-permission-\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/signer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprodSp, err := signer.NewSigningProfile(ctx, \"prod_sp\", \u0026signer.SigningProfileArgs{\n\t\t\tPlatformId: pulumi.String(\"AWSLambda-SHA384-ECDSA\"),\n\t\t\tNamePrefix: pulumi.String(\"prod_sp_\"),\n\t\t\tSignatureValidityPeriod: \u0026signer.SigningProfileSignatureValidityPeriodArgs{\n\t\t\t\tValue: pulumi.Int(5),\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = signer.NewSigningProfilePermission(ctx, \"sp_permission_1\", \u0026signer.SigningProfilePermissionArgs{\n\t\t\tProfileName: prodSp.Name,\n\t\t\tAction: pulumi.String(\"signer:StartSigningJob\"),\n\t\t\tPrincipal: pulumi.Any(awsAccount),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = signer.NewSigningProfilePermission(ctx, \"sp_permission_2\", \u0026signer.SigningProfilePermissionArgs{\n\t\t\tProfileName: prodSp.Name,\n\t\t\tAction: pulumi.String(\"signer:GetSigningProfile\"),\n\t\t\tPrincipal: pulumi.Any(awsTeamRoleArn),\n\t\t\tStatementId: pulumi.String(\"ProdAccountStartSigningJob_StatementId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = signer.NewSigningProfilePermission(ctx, \"sp_permission_3\", \u0026signer.SigningProfilePermissionArgs{\n\t\t\tProfileName: prodSp.Name,\n\t\t\tAction: pulumi.String(\"signer:RevokeSignature\"),\n\t\t\tPrincipal: pulumi.String(\"123456789012\"),\n\t\t\tProfileVersion: prodSp.Version,\n\t\t\tStatementIdPrefix: pulumi.String(\"version-permission-\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.signer.SigningProfile;\nimport com.pulumi.aws.signer.SigningProfileArgs;\nimport com.pulumi.aws.signer.inputs.SigningProfileSignatureValidityPeriodArgs;\nimport com.pulumi.aws.signer.SigningProfilePermission;\nimport com.pulumi.aws.signer.SigningProfilePermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var prodSp = new SigningProfile(\"prodSp\", SigningProfileArgs.builder()\n .platformId(\"AWSLambda-SHA384-ECDSA\")\n .namePrefix(\"prod_sp_\")\n .signatureValidityPeriod(SigningProfileSignatureValidityPeriodArgs.builder()\n .value(5)\n .type(\"YEARS\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value2\")\n ))\n .build());\n\n var spPermission1 = new SigningProfilePermission(\"spPermission1\", SigningProfilePermissionArgs.builder()\n .profileName(prodSp.name())\n .action(\"signer:StartSigningJob\")\n .principal(awsAccount)\n .build());\n\n var spPermission2 = new SigningProfilePermission(\"spPermission2\", SigningProfilePermissionArgs.builder()\n .profileName(prodSp.name())\n .action(\"signer:GetSigningProfile\")\n .principal(awsTeamRoleArn)\n .statementId(\"ProdAccountStartSigningJob_StatementId\")\n .build());\n\n var spPermission3 = new SigningProfilePermission(\"spPermission3\", SigningProfilePermissionArgs.builder()\n .profileName(prodSp.name())\n .action(\"signer:RevokeSignature\")\n .principal(\"123456789012\")\n .profileVersion(prodSp.version())\n .statementIdPrefix(\"version-permission-\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n prodSp:\n type: aws:signer:SigningProfile\n name: prod_sp\n properties:\n platformId: AWSLambda-SHA384-ECDSA\n namePrefix: prod_sp_\n signatureValidityPeriod:\n value: 5\n type: YEARS\n tags:\n tag1: value1\n tag2: value2\n spPermission1:\n type: aws:signer:SigningProfilePermission\n name: sp_permission_1\n properties:\n profileName: ${prodSp.name}\n action: signer:StartSigningJob\n principal: ${awsAccount}\n spPermission2:\n type: aws:signer:SigningProfilePermission\n name: sp_permission_2\n properties:\n profileName: ${prodSp.name}\n action: signer:GetSigningProfile\n principal: ${awsTeamRoleArn}\n statementId: ProdAccountStartSigningJob_StatementId\n spPermission3:\n type: aws:signer:SigningProfilePermission\n name: sp_permission_3\n properties:\n profileName: ${prodSp.name}\n action: signer:RevokeSignature\n principal: '123456789012'\n profileVersion: ${prodSp.version}\n statementIdPrefix: version-permission-\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Signer signing profile permission statements using profile_name/statement_id. For example:\n\n```sh\n$ pulumi import aws:signer/signingProfilePermission:SigningProfilePermission test_signer_signing_profile_permission prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK/ProdAccountStartSigningJobStatementId\n```\n", "properties": { "action": { "type": "string", "description": "An AWS Signer action permitted as part of cross-account permissions. Valid values: `signer:StartSigningJob`, `signer:GetSigningProfile`, `signer:RevokeSignature`, or `signer:SignPayload`.\n" }, "principal": { "type": "string", "description": "The AWS principal to be granted a cross-account permission.\n" }, "profileName": { "type": "string", "description": "Name of the signing profile to add the cross-account permissions.\n" }, "profileVersion": { "type": "string", "description": "The signing profile version that a permission applies to.\n" }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n" }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n" } }, "required": [ "action", "principal", "profileName", "profileVersion", "statementId", "statementIdPrefix" ], "inputProperties": { "action": { "type": "string", "description": "An AWS Signer action permitted as part of cross-account permissions. Valid values: `signer:StartSigningJob`, `signer:GetSigningProfile`, `signer:RevokeSignature`, or `signer:SignPayload`.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The AWS principal to be granted a cross-account permission.\n", "willReplaceOnChanges": true }, "profileName": { "type": "string", "description": "Name of the signing profile to add the cross-account permissions.\n", "willReplaceOnChanges": true }, "profileVersion": { "type": "string", "description": "The signing profile version that a permission applies to.\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n", "willReplaceOnChanges": true }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "action", "principal", "profileName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SigningProfilePermission resources.\n", "properties": { "action": { "type": "string", "description": "An AWS Signer action permitted as part of cross-account permissions. Valid values: `signer:StartSigningJob`, `signer:GetSigningProfile`, `signer:RevokeSignature`, or `signer:SignPayload`.\n", "willReplaceOnChanges": true }, "principal": { "type": "string", "description": "The AWS principal to be granted a cross-account permission.\n", "willReplaceOnChanges": true }, "profileName": { "type": "string", "description": "Name of the signing profile to add the cross-account permissions.\n", "willReplaceOnChanges": true }, "profileVersion": { "type": "string", "description": "The signing profile version that a permission applies to.\n", "willReplaceOnChanges": true }, "statementId": { "type": "string", "description": "A unique statement identifier. By default generated by the provider.\n", "willReplaceOnChanges": true }, "statementIdPrefix": { "type": "string", "description": "A statement identifier prefix. The provider will generate a unique suffix. Conflicts with `statement_id`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:simpledb/domain:Domain": { "description": "Provides a SimpleDB domain resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst users = new aws.simpledb.Domain(\"users\", {name: \"users\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nusers = aws.simpledb.Domain(\"users\", name=\"users\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = new Aws.SimpleDB.Domain(\"users\", new()\n {\n Name = \"users\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/simpledb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := simpledb.NewDomain(ctx, \"users\", \u0026simpledb.DomainArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.simpledb.Domain;\nimport com.pulumi.aws.simpledb.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var users = new Domain(\"users\", DomainArgs.builder()\n .name(\"users\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n users:\n type: aws:simpledb:Domain\n properties:\n name: users\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SimpleDB Domains using the `name`. For example:\n\n```sh\n$ pulumi import aws:simpledb/domain:Domain users users\n```\n", "properties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "name": { "type": "string", "description": "The name of the SimpleDB domain\n" } }, "type": "object" } }, "aws:sns/dataProtectionPolicy:DataProtectionPolicy": { "description": "Provides an SNS data protection topic policy resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sns.Topic(\"example\", {name: \"example\"});\nconst exampleDataProtectionPolicy = new aws.sns.DataProtectionPolicy(\"example\", {\n arn: example.arn,\n policy: JSON.stringify({\n Description: \"Example data protection policy\",\n Name: \"__example_data_protection_policy\",\n Statement: [{\n DataDirection: \"Inbound\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Deny: {},\n },\n Principal: [\"*\"],\n Sid: \"__deny_statement_11ba9d96\",\n }],\n Version: \"2021-06-01\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sns.Topic(\"example\", name=\"example\")\nexample_data_protection_policy = aws.sns.DataProtectionPolicy(\"example\",\n arn=example.arn,\n policy=json.dumps({\n \"Description\": \"Example data protection policy\",\n \"Name\": \"__example_data_protection_policy\",\n \"Statement\": [{\n \"DataDirection\": \"Inbound\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Deny\": {},\n },\n \"Principal\": [\"*\"],\n \"Sid\": \"__deny_statement_11ba9d96\",\n }],\n \"Version\": \"2021-06-01\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sns.Topic(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleDataProtectionPolicy = new Aws.Sns.DataProtectionPolicy(\"example\", new()\n {\n Arn = example.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Example data protection policy\",\n [\"Name\"] = \"__example_data_protection_policy\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"DataDirection\"] = \"Inbound\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Deny\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n [\"Principal\"] = new[]\n {\n \"*\",\n },\n [\"Sid\"] = \"__deny_statement_11ba9d96\",\n },\n },\n [\"Version\"] = \"2021-06-01\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sns.NewTopic(ctx, \"example\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Description\": \"Example data protection policy\",\n\t\t\t\"Name\": \"__example_data_protection_policy\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"DataDirection\": \"Inbound\",\n\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\"Deny\": nil,\n\t\t\t\t\t},\n\t\t\t\t\t\"Principal\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"__deny_statement_11ba9d96\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2021-06-01\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sns.NewDataProtectionPolicy(ctx, \"example\", \u0026sns.DataProtectionPolicyArgs{\n\t\t\tArn: example.Arn,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.sns.DataProtectionPolicy;\nimport com.pulumi.aws.sns.DataProtectionPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleDataProtectionPolicy = new DataProtectionPolicy(\"exampleDataProtectionPolicy\", DataProtectionPolicyArgs.builder()\n .arn(example.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Description\", \"Example data protection policy\"),\n jsonProperty(\"Name\", \"__example_data_protection_policy\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"DataDirection\", \"Inbound\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Deny\", jsonObject(\n\n ))\n )),\n jsonProperty(\"Principal\", jsonArray(\"*\")),\n jsonProperty(\"Sid\", \"__deny_statement_11ba9d96\")\n ))),\n jsonProperty(\"Version\", \"2021-06-01\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sns:Topic\n properties:\n name: example\n exampleDataProtectionPolicy:\n type: aws:sns:DataProtectionPolicy\n name: example\n properties:\n arn: ${example.arn}\n policy:\n fn::toJSON:\n Description: Example data protection policy\n Name: __example_data_protection_policy\n Statement:\n - DataDirection: Inbound\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Deny: {}\n Principal:\n - '*'\n Sid: __deny_statement_11ba9d96\n Version: 2021-06-01\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SNS Data Protection Topic Policy using the topic ARN. For example:\n\n```sh\n$ pulumi import aws:sns/dataProtectionPolicy:DataProtectionPolicy example arn:aws:sns:us-west-2:0123456789012:example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\n" } }, "required": [ "arn", "policy" ], "inputProperties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\n" } }, "requiredInputs": [ "arn", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering DataProtectionPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON. For more information about building AWS IAM policy documents with this provider, see the AWS IAM Policy Document Guide.\n" } }, "type": "object" } }, "aws:sns/platformApplication:PlatformApplication": { "description": "Provides an SNS platform application resource\n\n## Example Usage\n\n### Apple Push Notification Service (APNS) using certificate-based authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst apnsApplication = new aws.sns.PlatformApplication(\"apns_application\", {\n name: \"apns_application\",\n platform: \"APNS\",\n platformCredential: \"\u003cAPNS PRIVATE KEY\u003e\",\n platformPrincipal: \"\u003cAPNS CERTIFICATE\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napns_application = aws.sns.PlatformApplication(\"apns_application\",\n name=\"apns_application\",\n platform=\"APNS\",\n platform_credential=\"\u003cAPNS PRIVATE KEY\u003e\",\n platform_principal=\"\u003cAPNS CERTIFICATE\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var apnsApplication = new Aws.Sns.PlatformApplication(\"apns_application\", new()\n {\n Name = \"apns_application\",\n Platform = \"APNS\",\n PlatformCredential = \"\u003cAPNS PRIVATE KEY\u003e\",\n PlatformPrincipal = \"\u003cAPNS CERTIFICATE\u003e\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewPlatformApplication(ctx, \"apns_application\", \u0026sns.PlatformApplicationArgs{\n\t\t\tName: pulumi.String(\"apns_application\"),\n\t\t\tPlatform: pulumi.String(\"APNS\"),\n\t\t\tPlatformCredential: pulumi.String(\"\u003cAPNS PRIVATE KEY\u003e\"),\n\t\t\tPlatformPrincipal: pulumi.String(\"\u003cAPNS CERTIFICATE\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.PlatformApplication;\nimport com.pulumi.aws.sns.PlatformApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var apnsApplication = new PlatformApplication(\"apnsApplication\", PlatformApplicationArgs.builder()\n .name(\"apns_application\")\n .platform(\"APNS\")\n .platformCredential(\"\u003cAPNS PRIVATE KEY\u003e\")\n .platformPrincipal(\"\u003cAPNS CERTIFICATE\u003e\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apnsApplication:\n type: aws:sns:PlatformApplication\n name: apns_application\n properties:\n name: apns_application\n platform: APNS\n platformCredential: \u003cAPNS PRIVATE KEY\u003e\n platformPrincipal: \u003cAPNS CERTIFICATE\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Apple Push Notification Service (APNS) using token-based authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst apnsApplication = new aws.sns.PlatformApplication(\"apns_application\", {\n name: \"apns_application\",\n platform: \"APNS\",\n platformCredential: \"\u003cAPNS SIGNING KEY\u003e\",\n platformPrincipal: \"\u003cAPNS SIGNING KEY ID\u003e\",\n applePlatformTeamId: \"\u003cAPPLE TEAM ID\u003e\",\n applePlatformBundleId: \"\u003cAPPLE BUNDLE ID\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\napns_application = aws.sns.PlatformApplication(\"apns_application\",\n name=\"apns_application\",\n platform=\"APNS\",\n platform_credential=\"\u003cAPNS SIGNING KEY\u003e\",\n platform_principal=\"\u003cAPNS SIGNING KEY ID\u003e\",\n apple_platform_team_id=\"\u003cAPPLE TEAM ID\u003e\",\n apple_platform_bundle_id=\"\u003cAPPLE BUNDLE ID\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var apnsApplication = new Aws.Sns.PlatformApplication(\"apns_application\", new()\n {\n Name = \"apns_application\",\n Platform = \"APNS\",\n PlatformCredential = \"\u003cAPNS SIGNING KEY\u003e\",\n PlatformPrincipal = \"\u003cAPNS SIGNING KEY ID\u003e\",\n ApplePlatformTeamId = \"\u003cAPPLE TEAM ID\u003e\",\n ApplePlatformBundleId = \"\u003cAPPLE BUNDLE ID\u003e\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewPlatformApplication(ctx, \"apns_application\", \u0026sns.PlatformApplicationArgs{\n\t\t\tName: pulumi.String(\"apns_application\"),\n\t\t\tPlatform: pulumi.String(\"APNS\"),\n\t\t\tPlatformCredential: pulumi.String(\"\u003cAPNS SIGNING KEY\u003e\"),\n\t\t\tPlatformPrincipal: pulumi.String(\"\u003cAPNS SIGNING KEY ID\u003e\"),\n\t\t\tApplePlatformTeamId: pulumi.String(\"\u003cAPPLE TEAM ID\u003e\"),\n\t\t\tApplePlatformBundleId: pulumi.String(\"\u003cAPPLE BUNDLE ID\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.PlatformApplication;\nimport com.pulumi.aws.sns.PlatformApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var apnsApplication = new PlatformApplication(\"apnsApplication\", PlatformApplicationArgs.builder()\n .name(\"apns_application\")\n .platform(\"APNS\")\n .platformCredential(\"\u003cAPNS SIGNING KEY\u003e\")\n .platformPrincipal(\"\u003cAPNS SIGNING KEY ID\u003e\")\n .applePlatformTeamId(\"\u003cAPPLE TEAM ID\u003e\")\n .applePlatformBundleId(\"\u003cAPPLE BUNDLE ID\u003e\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apnsApplication:\n type: aws:sns:PlatformApplication\n name: apns_application\n properties:\n name: apns_application\n platform: APNS\n platformCredential: \u003cAPNS SIGNING KEY\u003e\n platformPrincipal: \u003cAPNS SIGNING KEY ID\u003e\n applePlatformTeamId: \u003cAPPLE TEAM ID\u003e\n applePlatformBundleId: \u003cAPPLE BUNDLE ID\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Google Cloud Messaging (GCM)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gcmApplication = new aws.sns.PlatformApplication(\"gcm_application\", {\n name: \"gcm_application\",\n platform: \"GCM\",\n platformCredential: \"\u003cGCM API KEY\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngcm_application = aws.sns.PlatformApplication(\"gcm_application\",\n name=\"gcm_application\",\n platform=\"GCM\",\n platform_credential=\"\u003cGCM API KEY\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcmApplication = new Aws.Sns.PlatformApplication(\"gcm_application\", new()\n {\n Name = \"gcm_application\",\n Platform = \"GCM\",\n PlatformCredential = \"\u003cGCM API KEY\u003e\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewPlatformApplication(ctx, \"gcm_application\", \u0026sns.PlatformApplicationArgs{\n\t\t\tName: pulumi.String(\"gcm_application\"),\n\t\t\tPlatform: pulumi.String(\"GCM\"),\n\t\t\tPlatformCredential: pulumi.String(\"\u003cGCM API KEY\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.PlatformApplication;\nimport com.pulumi.aws.sns.PlatformApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcmApplication = new PlatformApplication(\"gcmApplication\", PlatformApplicationArgs.builder()\n .name(\"gcm_application\")\n .platform(\"GCM\")\n .platformCredential(\"\u003cGCM API KEY\u003e\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcmApplication:\n type: aws:sns:PlatformApplication\n name: gcm_application\n properties:\n name: gcm_application\n platform: GCM\n platformCredential: \u003cGCM API KEY\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SNS platform applications using the ARN. For example:\n\n```sh\n$ pulumi import aws:sns/platformApplication:PlatformApplication gcm_application arn:aws:sns:us-west-2:0123456789012:app/GCM/gcm_application\n```\n", "properties": { "applePlatformBundleId": { "type": "string", "description": "The bundle identifier that's assigned to your iOS app. May only include alphanumeric characters, hyphens (-), and periods (.).\n" }, "applePlatformTeamId": { "type": "string", "description": "The identifier that's assigned to your Apple developer account team. Must be 10 alphanumeric characters.\n" }, "arn": { "type": "string", "description": "The ARN of the SNS platform application\n" }, "eventDeliveryFailureTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive failure feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n" }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n" }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive success feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The sample rate percentage (0-100) of successfully delivered messages.\n\nThe following attributes are needed only when using APNS token credentials:\n" } }, "required": [ "arn", "name", "platform", "platformCredential" ], "inputProperties": { "applePlatformBundleId": { "type": "string", "description": "The bundle identifier that's assigned to your iOS app. May only include alphanumeric characters, hyphens (-), and periods (.).\n" }, "applePlatformTeamId": { "type": "string", "description": "The identifier that's assigned to your Apple developer account team. Must be 10 alphanumeric characters.\n" }, "eventDeliveryFailureTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive failure feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n", "willReplaceOnChanges": true }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive success feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The sample rate percentage (0-100) of successfully delivered messages.\n\nThe following attributes are needed only when using APNS token credentials:\n" } }, "requiredInputs": [ "platform", "platformCredential" ], "stateInputs": { "description": "Input properties used for looking up and filtering PlatformApplication resources.\n", "properties": { "applePlatformBundleId": { "type": "string", "description": "The bundle identifier that's assigned to your iOS app. May only include alphanumeric characters, hyphens (-), and periods (.).\n" }, "applePlatformTeamId": { "type": "string", "description": "The identifier that's assigned to your Apple developer account team. Must be 10 alphanumeric characters.\n" }, "arn": { "type": "string", "description": "The ARN of the SNS platform application\n" }, "eventDeliveryFailureTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a delivery to any of the platform endpoints associated with your platform application encounters a permanent failure.\n" }, "eventEndpointCreatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when a new platform endpoint is added to your platform application.\n" }, "eventEndpointDeletedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is deleted from your platform application.\n" }, "eventEndpointUpdatedTopicArn": { "type": "string", "description": "The ARN of the SNS Topic triggered when an existing platform endpoint is changed from your platform application.\n" }, "failureFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive failure feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "name": { "type": "string", "description": "The friendly name for the SNS platform application\n", "willReplaceOnChanges": true }, "platform": { "type": "string", "description": "The platform that the app is registered with. See [Platform](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for supported platforms.\n", "willReplaceOnChanges": true }, "platformCredential": { "type": "string", "description": "Application Platform credential. See [Credential](http://docs.aws.amazon.com/sns/latest/dg/mobile-push-send-register.html) for type of credential required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "platformPrincipal": { "type": "string", "description": "Application Platform principal. See [Principal](http://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html) for type of principal required for platform. The value of this attribute when stored into the state is only a hash of the real value, so therefore it is not practical to use this as an attribute for other resources.\n", "secret": true }, "successFeedbackRoleArn": { "type": "string", "description": "The IAM role ARN permitted to receive success feedback for this application and give SNS write access to use CloudWatch logs on your behalf.\n" }, "successFeedbackSampleRate": { "type": "string", "description": "The sample rate percentage (0-100) of successfully delivered messages.\n\nThe following attributes are needed only when using APNS token credentials:\n" } }, "type": "object" } }, "aws:sns/smsPreferences:SmsPreferences": { "description": "Provides a way to set SNS SMS preferences.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst updateSmsPrefs = new aws.sns.SmsPreferences(\"update_sms_prefs\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nupdate_sms_prefs = aws.sns.SmsPreferences(\"update_sms_prefs\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var updateSmsPrefs = new Aws.Sns.SmsPreferences(\"update_sms_prefs\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewSmsPreferences(ctx, \"update_sms_prefs\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.SmsPreferences;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var updateSmsPrefs = new SmsPreferences(\"updateSmsPrefs\");\n\n }\n}\n```\n```yaml\nresources:\n updateSmsPrefs:\n type: aws:sns:SmsPreferences\n name: update_sms_prefs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import the SMS preferences.\n\n", "properties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "integer", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "required": [ "monthlySpendLimit" ], "inputProperties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "integer", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SmsPreferences resources.\n", "properties": { "defaultSenderId": { "type": "string", "description": "A string, such as your business brand, that is displayed as the sender on the receiving device.\n" }, "defaultSmsType": { "type": "string", "description": "The type of SMS message that you will send by default. Possible values are: Promotional, Transactional\n" }, "deliveryStatusIamRoleArn": { "type": "string", "description": "The ARN of the IAM role that allows Amazon SNS to write logs about SMS deliveries in CloudWatch Logs.\n" }, "deliveryStatusSuccessSamplingRate": { "type": "string", "description": "The percentage of successful SMS deliveries for which Amazon SNS will write logs in CloudWatch Logs. The value must be between 0 and 100.\n" }, "monthlySpendLimit": { "type": "integer", "description": "The maximum amount in USD that you are willing to spend each month to send SMS messages.\n" }, "usageReportS3Bucket": { "type": "string", "description": "The name of the Amazon S3 bucket to receive daily SMS usage reports from Amazon SNS.\n" } }, "type": "object" } }, "aws:sns/topic:Topic": { "description": "Provides an SNS topic resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {name: \"user-updates-topic\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"user_updates\", name=\"user-updates-topic\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdates = new Aws.Sns.Topic(\"user_updates\", new()\n {\n Name = \"user-updates-topic\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"user_updates\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"user-updates-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdates = new Topic(\"userUpdates\", TopicArgs.builder()\n .name(\"user-updates-topic\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdates:\n type: aws:sns:Topic\n name: user_updates\n properties:\n name: user-updates-topic\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example with Delivery Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {\n name: \"user-updates-topic\",\n deliveryPolicy: `{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"user_updates\",\n name=\"user-updates-topic\",\n delivery_policy=\"\"\"{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdates = new Aws.Sns.Topic(\"user_updates\", new()\n {\n Name = \"user-updates-topic\",\n DeliveryPolicy = @\"{\n \"\"http\"\": {\n \"\"defaultHealthyRetryPolicy\"\": {\n \"\"minDelayTarget\"\": 20,\n \"\"maxDelayTarget\"\": 20,\n \"\"numRetries\"\": 3,\n \"\"numMaxDelayRetries\"\": 0,\n \"\"numNoDelayRetries\"\": 0,\n \"\"numMinDelayRetries\"\": 0,\n \"\"backoffFunction\"\": \"\"linear\"\"\n },\n \"\"disableSubscriptionOverrides\"\": false,\n \"\"defaultThrottlePolicy\"\": {\n \"\"maxReceivesPerSecond\"\": 1\n }\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"user_updates\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"user-updates-topic\"),\n\t\t\tDeliveryPolicy: pulumi.String(`{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdates = new Topic(\"userUpdates\", TopicArgs.builder()\n .name(\"user-updates-topic\")\n .deliveryPolicy(\"\"\"\n{\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdates:\n type: aws:sns:Topic\n name: user_updates\n properties:\n name: user-updates-topic\n deliveryPolicy: |\n {\n \"http\": {\n \"defaultHealthyRetryPolicy\": {\n \"minDelayTarget\": 20,\n \"maxDelayTarget\": 20,\n \"numRetries\": 3,\n \"numMaxDelayRetries\": 0,\n \"numNoDelayRetries\": 0,\n \"numMinDelayRetries\": 0,\n \"backoffFunction\": \"linear\"\n },\n \"disableSubscriptionOverrides\": false,\n \"defaultThrottlePolicy\": {\n \"maxReceivesPerSecond\": 1\n }\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example with Server-side encryption (SSE)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {\n name: \"user-updates-topic\",\n kmsMasterKeyId: \"alias/aws/sns\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"user_updates\",\n name=\"user-updates-topic\",\n kms_master_key_id=\"alias/aws/sns\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdates = new Aws.Sns.Topic(\"user_updates\", new()\n {\n Name = \"user-updates-topic\",\n KmsMasterKeyId = \"alias/aws/sns\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"user_updates\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"user-updates-topic\"),\n\t\t\tKmsMasterKeyId: pulumi.String(\"alias/aws/sns\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdates = new Topic(\"userUpdates\", TopicArgs.builder()\n .name(\"user-updates-topic\")\n .kmsMasterKeyId(\"alias/aws/sns\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdates:\n type: aws:sns:Topic\n name: user_updates\n properties:\n name: user-updates-topic\n kmsMasterKeyId: alias/aws/sns\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Example with First-In-First-Out (FIFO)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {\n name: \"user-updates-topic.fifo\",\n fifoTopic: true,\n contentBasedDeduplication: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"user_updates\",\n name=\"user-updates-topic.fifo\",\n fifo_topic=True,\n content_based_deduplication=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdates = new Aws.Sns.Topic(\"user_updates\", new()\n {\n Name = \"user-updates-topic.fifo\",\n FifoTopic = true,\n ContentBasedDeduplication = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"user_updates\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"user-updates-topic.fifo\"),\n\t\t\tFifoTopic: pulumi.Bool(true),\n\t\t\tContentBasedDeduplication: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdates = new Topic(\"userUpdates\", TopicArgs.builder()\n .name(\"user-updates-topic.fifo\")\n .fifoTopic(true)\n .contentBasedDeduplication(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdates:\n type: aws:sns:Topic\n name: user_updates\n properties:\n name: user-updates-topic.fifo\n fifoTopic: true\n contentBasedDeduplication: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Message Delivery Status Arguments\n\nThe `\u003cendpoint\u003e_success_feedback_role_arn` and `\u003cendpoint\u003e_failure_feedback_role_arn` arguments are used to give Amazon SNS write access to use CloudWatch Logs on your behalf. The `\u003cendpoint\u003e_success_feedback_sample_rate` argument is for specifying the sample rate percentage (0-100) of successfully delivered messages. After you configure the `\u003cendpoint\u003e_failure_feedback_role_arn` argument, then all failed message deliveries generate CloudWatch Logs.\n\n## Import\n\nUsing `pulumi import`, import SNS Topics using the topic `arn`. For example:\n\n```sh\n$ pulumi import aws:sns/topic:Topic user_updates arn:aws:sns:us-west-2:0123456789012:my-topic\n```\n", "properties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "archivePolicy": { "type": "string", "description": "The message archive policy for FIFO topics. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html).\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the SNS topic, as a more obvious property (clone of id)\n" }, "beginningArchiveTime": { "type": "string", "description": "The oldest timestamp at which a FIFO topic subscriber can start a replay.\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO topics. For more information, see the [related documentation](https://docs.aws.amazon.com/sns/latest/dg/fifo-message-dedup.html)\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html).\n" }, "displayName": { "type": "string", "description": "The display name for the topic\n" }, "fifoTopic": { "type": "boolean", "description": "Boolean indicating whether or not to create a FIFO (first-in-first-out) topic. FIFO topics can't deliver messages to customer managed endpoints, such as email addresses, mobile apps, SMS, or HTTP(S) endpoints. These endpoint types aren't guaranteed to preserve strict message ordering. Default is `false`.\n" }, "firehoseFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "firehoseSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "firehoseSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The name of the topic. Topic names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. For a FIFO (first-in-first-out) topic, the name must end with the `.fifo` suffix. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n" }, "owner": { "type": "string", "description": "The AWS Account ID of the SNS topic owner\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "signatureVersion": { "type": "integer", "description": "If `SignatureVersion` should be [1 (SHA1) or 2 (SHA256)](https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html). The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tracingConfig": { "type": "string", "description": "Tracing mode of an Amazon SNS topic. Valid values: `\"PassThrough\"`, `\"Active\"`.\n" } }, "required": [ "arn", "beginningArchiveTime", "name", "namePrefix", "owner", "policy", "signatureVersion", "tagsAll", "tracingConfig" ], "inputProperties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "archivePolicy": { "type": "string", "description": "The message archive policy for FIFO topics. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html).\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO topics. For more information, see the [related documentation](https://docs.aws.amazon.com/sns/latest/dg/fifo-message-dedup.html)\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html).\n" }, "displayName": { "type": "string", "description": "The display name for the topic\n" }, "fifoTopic": { "type": "boolean", "description": "Boolean indicating whether or not to create a FIFO (first-in-first-out) topic. FIFO topics can't deliver messages to customer managed endpoints, such as email addresses, mobile apps, SMS, or HTTP(S) endpoints. These endpoint types aren't guaranteed to preserve strict message ordering. Default is `false`.\n", "willReplaceOnChanges": true }, "firehoseFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "firehoseSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "firehoseSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The name of the topic. Topic names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. For a FIFO (first-in-first-out) topic, the name must end with the `.fifo` suffix. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "signatureVersion": { "type": "integer", "description": "If `SignatureVersion` should be [1 (SHA1) or 2 (SHA256)](https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html). The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tracingConfig": { "type": "string", "description": "Tracing mode of an Amazon SNS topic. Valid values: `\"PassThrough\"`, `\"Active\"`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Topic resources.\n", "properties": { "applicationFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "applicationSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "applicationSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "archivePolicy": { "type": "string", "description": "The message archive policy for FIFO topics. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html).\n" }, "arn": { "type": "string", "$ref": "#/types/aws:index/aRN:ARN", "description": "The ARN of the SNS topic, as a more obvious property (clone of id)\n" }, "beginningArchiveTime": { "type": "string", "description": "The oldest timestamp at which a FIFO topic subscriber can start a replay.\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO topics. For more information, see the [related documentation](https://docs.aws.amazon.com/sns/latest/dg/fifo-message-dedup.html)\n" }, "deliveryPolicy": { "type": "string", "description": "The SNS delivery policy. More details in the [AWS documentation](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html).\n" }, "displayName": { "type": "string", "description": "The display name for the topic\n" }, "fifoTopic": { "type": "boolean", "description": "Boolean indicating whether or not to create a FIFO (first-in-first-out) topic. FIFO topics can't deliver messages to customer managed endpoints, such as email addresses, mobile apps, SMS, or HTTP(S) endpoints. These endpoint types aren't guaranteed to preserve strict message ordering. Default is `false`.\n", "willReplaceOnChanges": true }, "firehoseFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "firehoseSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "firehoseSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "httpFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "httpSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "httpSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key Terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms)\n" }, "lambdaFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "lambdaSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "lambdaSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "name": { "type": "string", "description": "The name of the topic. Topic names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. For a FIFO (first-in-first-out) topic, the name must end with the `.fifo` suffix. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "The AWS Account ID of the SNS topic owner\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" }, "signatureVersion": { "type": "integer", "description": "If `SignatureVersion` should be [1 (SHA1) or 2 (SHA256)](https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html). The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS.\n" }, "sqsFailureFeedbackRoleArn": { "type": "string", "description": "IAM role for failure feedback\n" }, "sqsSuccessFeedbackRoleArn": { "type": "string", "description": "The IAM role permitted to receive success feedback for this topic\n" }, "sqsSuccessFeedbackSampleRate": { "type": "integer", "description": "Percentage of success to sample\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tracingConfig": { "type": "string", "description": "Tracing mode of an Amazon SNS topic. Valid values: `\"PassThrough\"`, `\"Active\"`.\n" } }, "type": "object" } }, "aws:sns/topicPolicy:TopicPolicy": { "description": "Provides an SNS topic policy resource\n\n\u003e **NOTE:** If a Principal is specified as just an AWS account ID rather than an ARN, AWS silently converts it to the ARN for the root user, causing future deployments to differ. To avoid this problem, just specify the full ARN, e.g. `arn:aws:iam::123456789012:root`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.sns.Topic(\"test\", {name: \"my-topic-with-policy\"});\nconst snsTopicPolicy = test.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n policyId: \"__default_policy_ID\",\n statements: [{\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"AWS:SourceOwner\",\n values: [account_id],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [arn],\n sid: \"__default_statement_ID\",\n }],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: test.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sns.Topic(\"test\", name=\"my-topic-with-policy\")\nsns_topic_policy = test.arn.apply(lambda arn: aws.iam.get_policy_document_output(policy_id=\"__default_policy_ID\",\n statements=[{\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"AWS:SourceOwner\",\n \"values\": [account_id],\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"resources\": [arn],\n \"sid\": \"__default_statement_ID\",\n }]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=test.arn,\n policy=sns_topic_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Sns.Topic(\"test\", new()\n {\n Name = \"my-topic-with-policy\",\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"AWS:SourceOwner\",\n Values = new[]\n {\n account_id,\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n test.Arn,\n },\n Sid = \"__default_statement_ID\",\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = test.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ntest, err := sns.NewTopic(ctx, \"test\", \u0026sns.TopicArgs{\nName: pulumi.String(\"my-topic-with-policy\"),\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := test.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nPolicyId: \"__default_policy_ID\",\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:SetTopicAttributes\",\n\"SNS:RemovePermission\",\n\"SNS:Receive\",\n\"SNS:Publish\",\n\"SNS:ListSubscriptionsByTopic\",\n\"SNS:GetTopicAttributes\",\n\"SNS:DeleteTopic\",\n\"SNS:AddPermission\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"AWS:SourceOwner\",\nValues: interface{}{\naccount_id,\n},\n},\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: interface{}{\narn,\n},\nSid: \"__default_statement_ID\",\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: test.Arn,\nPolicy: pulumi.String(snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Topic(\"test\", TopicArgs.builder()\n .name(\"my-topic-with-policy\")\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"AWS:SourceOwner\")\n .values(account_id)\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(test.arn())\n .sid(\"__default_statement_ID\")\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder()\n .arn(test.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:sns:Topic\n properties:\n name: my-topic-with-policy\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${test.arn}\n policy: ${snsTopicPolicy.json}\nvariables:\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - actions:\n - SNS:Subscribe\n - SNS:SetTopicAttributes\n - SNS:RemovePermission\n - SNS:Receive\n - SNS:Publish\n - SNS:ListSubscriptionsByTopic\n - SNS:GetTopicAttributes\n - SNS:DeleteTopic\n - SNS:AddPermission\n conditions:\n - test: StringEquals\n variable: AWS:SourceOwner\n values:\n - ${[\"account-id\"]}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - ${test.arn}\n sid: __default_statement_ID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SNS Topic Policy using the topic ARN. For example:\n\n```sh\n$ pulumi import aws:sns/topicPolicy:TopicPolicy user_updates arn:aws:sns:us-west-2:0123456789012:my-topic\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n" }, "owner": { "type": "string", "description": "The AWS Account ID of the SNS topic owner\n" }, "policy": { "type": "string", "description": "The fully-formed AWS policy as JSON.\n" } }, "required": [ "arn", "owner", "policy" ], "inputProperties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The fully-formed AWS policy as JSON.\n" } }, "requiredInputs": [ "arn", "policy" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicPolicy resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SNS topic\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "The AWS Account ID of the SNS topic owner\n" }, "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The fully-formed AWS policy as JSON.\n" } }, "type": "object" } }, "aws:sns/topicSubscription:TopicSubscription": { "description": "Provides a resource for subscribing to SNS topics. Requires that an SNS topic exist for the subscription to attach to. This resource allows you to automatically place messages sent to SNS topics in SQS queues, send them as HTTP(S) POST requests to a given endpoint, send SMS messages, or notify devices / applications. The most likely use case for provider users will probably be SQS queues.\n\n\u003e **NOTE:** If the SNS topic and SQS queue are in different AWS regions, the `aws.sns.TopicSubscription` must use an AWS provider that is in the same region as the SNS topic. If the `aws.sns.TopicSubscription` uses a provider with a different region than the SNS topic, this provider will fail to create the subscription.\n\n\u003e **NOTE:** Setup of cross-account subscriptions from SNS topics to SQS queues requires the provider to have access to BOTH accounts.\n\n\u003e **NOTE:** If an SNS topic and SQS queue are in different AWS accounts but the same region, the `aws.sns.TopicSubscription` must use the AWS provider for the account with the SQS queue. If `aws.sns.TopicSubscription` uses a Provider with a different account than the SQS queue, this provider creates the subscription but does not keep state and tries to re-create the subscription at every `apply`.\n\n\u003e **NOTE:** If an SNS topic and SQS queue are in different AWS accounts and different AWS regions, the subscription needs to be initiated from the account with the SQS queue but in the region of the SNS topic.\n\n\u003e **NOTE:** You cannot unsubscribe to a subscription that is pending confirmation. If you use `email`, `email-json`, or `http`/`https` (without auto-confirmation enabled), until the subscription is confirmed (e.g., outside of this provider), AWS does not allow this provider to delete / unsubscribe the subscription. If you `destroy` an unconfirmed subscription, this provider will remove the subscription from its state but the subscription will still exist in AWS. However, if you delete an SNS topic, SNS [deletes all the subscriptions](https://docs.aws.amazon.com/sns/latest/dg/sns-delete-subscription-topic.html) associated with the topic. Also, you can import a subscription after confirmation and then have the capability to delete it.\n\n## Example Usage\n\nYou can directly supply a topic and ARN by hand in the `topic_arn` property along with the queue ARN:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdatesSqsTarget = new aws.sns.TopicSubscription(\"user_updates_sqs_target\", {\n topic: \"arn:aws:sns:us-west-2:432981146916:user-updates-topic\",\n protocol: \"sqs\",\n endpoint: \"arn:aws:sqs:us-west-2:432981146916:queue-too\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates_sqs_target = aws.sns.TopicSubscription(\"user_updates_sqs_target\",\n topic=\"arn:aws:sns:us-west-2:432981146916:user-updates-topic\",\n protocol=\"sqs\",\n endpoint=\"arn:aws:sqs:us-west-2:432981146916:queue-too\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdatesSqsTarget = new Aws.Sns.TopicSubscription(\"user_updates_sqs_target\", new()\n {\n Topic = \"arn:aws:sns:us-west-2:432981146916:user-updates-topic\",\n Protocol = \"sqs\",\n Endpoint = \"arn:aws:sqs:us-west-2:432981146916:queue-too\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopicSubscription(ctx, \"user_updates_sqs_target\", \u0026sns.TopicSubscriptionArgs{\n\t\t\tTopic: pulumi.Any(\"arn:aws:sns:us-west-2:432981146916:user-updates-topic\"),\n\t\t\tProtocol: pulumi.String(\"sqs\"),\n\t\t\tEndpoint: pulumi.String(\"arn:aws:sqs:us-west-2:432981146916:queue-too\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdatesSqsTarget = new TopicSubscription(\"userUpdatesSqsTarget\", TopicSubscriptionArgs.builder()\n .topic(\"arn:aws:sns:us-west-2:432981146916:user-updates-topic\")\n .protocol(\"sqs\")\n .endpoint(\"arn:aws:sqs:us-west-2:432981146916:queue-too\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdatesSqsTarget:\n type: aws:sns:TopicSubscription\n name: user_updates_sqs_target\n properties:\n topic: arn:aws:sns:us-west-2:432981146916:user-updates-topic\n protocol: sqs\n endpoint: arn:aws:sqs:us-west-2:432981146916:queue-too\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAlternatively you can use the ARN properties of a managed SNS topic and SQS queue:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst userUpdates = new aws.sns.Topic(\"user_updates\", {name: \"user-updates-topic\"});\nconst userUpdatesQueue = new aws.sqs.Queue(\"user_updates_queue\", {name: \"user-updates-queue\"});\nconst userUpdatesSqsTarget = new aws.sns.TopicSubscription(\"user_updates_sqs_target\", {\n topic: userUpdates.arn,\n protocol: \"sqs\",\n endpoint: userUpdatesQueue.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nuser_updates = aws.sns.Topic(\"user_updates\", name=\"user-updates-topic\")\nuser_updates_queue = aws.sqs.Queue(\"user_updates_queue\", name=\"user-updates-queue\")\nuser_updates_sqs_target = aws.sns.TopicSubscription(\"user_updates_sqs_target\",\n topic=user_updates.arn,\n protocol=\"sqs\",\n endpoint=user_updates_queue.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userUpdates = new Aws.Sns.Topic(\"user_updates\", new()\n {\n Name = \"user-updates-topic\",\n });\n\n var userUpdatesQueue = new Aws.Sqs.Queue(\"user_updates_queue\", new()\n {\n Name = \"user-updates-queue\",\n });\n\n var userUpdatesSqsTarget = new Aws.Sns.TopicSubscription(\"user_updates_sqs_target\", new()\n {\n Topic = userUpdates.Arn,\n Protocol = \"sqs\",\n Endpoint = userUpdatesQueue.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserUpdates, err := sns.NewTopic(ctx, \"user_updates\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"user-updates-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuserUpdatesQueue, err := sqs.NewQueue(ctx, \"user_updates_queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"user-updates-queue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicSubscription(ctx, \"user_updates_sqs_target\", \u0026sns.TopicSubscriptionArgs{\n\t\t\tTopic: userUpdates.Arn,\n\t\t\tProtocol: pulumi.String(\"sqs\"),\n\t\t\tEndpoint: userUpdatesQueue.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userUpdates = new Topic(\"userUpdates\", TopicArgs.builder()\n .name(\"user-updates-topic\")\n .build());\n\n var userUpdatesQueue = new Queue(\"userUpdatesQueue\", QueueArgs.builder()\n .name(\"user-updates-queue\")\n .build());\n\n var userUpdatesSqsTarget = new TopicSubscription(\"userUpdatesSqsTarget\", TopicSubscriptionArgs.builder()\n .topic(userUpdates.arn())\n .protocol(\"sqs\")\n .endpoint(userUpdatesQueue.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userUpdates:\n type: aws:sns:Topic\n name: user_updates\n properties:\n name: user-updates-topic\n userUpdatesQueue:\n type: aws:sqs:Queue\n name: user_updates_queue\n properties:\n name: user-updates-queue\n userUpdatesSqsTarget:\n type: aws:sns:TopicSubscription\n name: user_updates_sqs_target\n properties:\n topic: ${userUpdates.arn}\n protocol: sqs\n endpoint: ${userUpdatesQueue.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nYou can subscribe SNS topics to SQS queues in different Amazon accounts and regions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst sns = config.getObject(\"sns\") || {\n \"account-id\": \"111111111111\",\n displayName: \"example\",\n name: \"example-sns-topic\",\n region: \"us-west-1\",\n \"role-name\": \"service/service\",\n};\nconst sqs = config.getObject(\"sqs\") || {\n \"account-id\": \"222222222222\",\n name: \"example-sqs-queue\",\n region: \"us-east-1\",\n \"role-name\": \"service/service\",\n};\nconst sns-topic-policy = aws.iam.getPolicyDocument({\n policyId: \"__default_policy_ID\",\n statements: [\n {\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"AWS:SourceOwner\",\n values: [sns[\"account-id\"]],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [`arn:aws:sns:${sns.region}:${sns[\"account-id\"]}:${sns.name}`],\n sid: \"__default_statement_ID\",\n },\n {\n actions: [\n \"SNS:Subscribe\",\n \"SNS:Receive\",\n ],\n conditions: [{\n test: \"StringLike\",\n variable: \"SNS:Endpoint\",\n values: [`arn:aws:sqs:${sqs.region}:${sqs[\"account-id\"]}:${sqs.name}`],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [`arn:aws:sns:${sns.region}:${sns[\"account-id\"]}:${sns.name}`],\n sid: \"__console_sub_0\",\n },\n ],\n});\nconst sqs-queue-policy = aws.iam.getPolicyDocument({\n policyId: `arn:aws:sqs:${sqs.region}:${sqs[\"account-id\"]}:${sqs.name}/SQSDefaultPolicy`,\n statements: [{\n sid: \"example-sns-topic\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n actions: [\"SQS:SendMessage\"],\n resources: [`arn:aws:sqs:${sqs.region}:${sqs[\"account-id\"]}:${sqs.name}`],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [`arn:aws:sns:${sns.region}:${sns[\"account-id\"]}:${sns.name}`],\n }],\n }],\n});\nconst sns_topic = new aws.sns.Topic(\"sns-topic\", {\n name: sns.name,\n displayName: sns.display_name,\n policy: sns_topic_policy.then(sns_topic_policy =\u003e sns_topic_policy.json),\n});\nconst sqs_queue = new aws.sqs.Queue(\"sqs-queue\", {\n name: sqs.name,\n policy: sqs_queue_policy.then(sqs_queue_policy =\u003e sqs_queue_policy.json),\n});\nconst sns_topicTopicSubscription = new aws.sns.TopicSubscription(\"sns-topic\", {\n topic: sns_topic.arn,\n protocol: \"sqs\",\n endpoint: sqs_queue.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsns = config.get_object(\"sns\")\nif sns is None:\n sns = {\n \"account-id\": \"111111111111\",\n \"displayName\": \"example\",\n \"name\": \"example-sns-topic\",\n \"region\": \"us-west-1\",\n \"role-name\": \"service/service\",\n }\nsqs = config.get_object(\"sqs\")\nif sqs is None:\n sqs = {\n \"account-id\": \"222222222222\",\n \"name\": \"example-sqs-queue\",\n \"region\": \"us-east-1\",\n \"role-name\": \"service/service\",\n }\nsns_topic_policy = aws.iam.get_policy_document(policy_id=\"__default_policy_ID\",\n statements=[\n {\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"AWS:SourceOwner\",\n \"values\": [sns[\"account-id\"]],\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"resources\": [f\"arn:aws:sns:{sns['region']}:{sns['account-id']}:{sns['name']}\"],\n \"sid\": \"__default_statement_ID\",\n },\n {\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:Receive\",\n ],\n \"conditions\": [{\n \"test\": \"StringLike\",\n \"variable\": \"SNS:Endpoint\",\n \"values\": [f\"arn:aws:sqs:{sqs['region']}:{sqs['account-id']}:{sqs['name']}\"],\n }],\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"resources\": [f\"arn:aws:sns:{sns['region']}:{sns['account-id']}:{sns['name']}\"],\n \"sid\": \"__console_sub_0\",\n },\n ])\nsqs_queue_policy = aws.iam.get_policy_document(policy_id=f\"arn:aws:sqs:{sqs['region']}:{sqs['account-id']}:{sqs['name']}/SQSDefaultPolicy\",\n statements=[{\n \"sid\": \"example-sns-topic\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"SQS:SendMessage\"],\n \"resources\": [f\"arn:aws:sqs:{sqs['region']}:{sqs['account-id']}:{sqs['name']}\"],\n \"conditions\": [{\n \"test\": \"ArnEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [f\"arn:aws:sns:{sns['region']}:{sns['account-id']}:{sns['name']}\"],\n }],\n }])\nsns_topic = aws.sns.Topic(\"sns-topic\",\n name=sns[\"name\"],\n display_name=sns[\"display_name\"],\n policy=sns_topic_policy.json)\nsqs_queue = aws.sqs.Queue(\"sqs-queue\",\n name=sqs[\"name\"],\n policy=sqs_queue_policy.json)\nsns_topic_topic_subscription = aws.sns.TopicSubscription(\"sns-topic\",\n topic=sns_topic.arn,\n protocol=\"sqs\",\n endpoint=sqs_queue.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var sns = config.GetObject\u003cdynamic\u003e(\"sns\") ?? \n {\n { \"account-id\", \"111111111111\" },\n { \"displayName\", \"example\" },\n { \"name\", \"example-sns-topic\" },\n { \"region\", \"us-west-1\" },\n { \"role-name\", \"service/service\" },\n };\n var sqs = config.GetObject\u003cdynamic\u003e(\"sqs\") ?? \n {\n { \"account-id\", \"222222222222\" },\n { \"name\", \"example-sqs-queue\" },\n { \"region\", \"us-east-1\" },\n { \"role-name\", \"service/service\" },\n };\n var sns_topic_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"AWS:SourceOwner\",\n Values = new[]\n {\n sns.Account_id,\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n $\"arn:aws:sns:{sns.Region}:{sns.Account_id}:{sns.Name}\",\n },\n Sid = \"__default_statement_ID\",\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:Receive\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringLike\",\n Variable = \"SNS:Endpoint\",\n Values = new[]\n {\n $\"arn:aws:sqs:{sqs.Region}:{sqs.Account_id}:{sqs.Name}\",\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n $\"arn:aws:sns:{sns.Region}:{sns.Account_id}:{sns.Name}\",\n },\n Sid = \"__console_sub_0\",\n },\n },\n });\n\n var sqs_queue_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = $\"arn:aws:sqs:{sqs.Region}:{sqs.Account_id}:{sqs.Name}/SQSDefaultPolicy\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"example-sns-topic\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"SQS:SendMessage\",\n },\n Resources = new[]\n {\n $\"arn:aws:sqs:{sqs.Region}:{sqs.Account_id}:{sqs.Name}\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:aws:sns:{sns.Region}:{sns.Account_id}:{sns.Name}\",\n },\n },\n },\n },\n },\n });\n\n var sns_topic = new Aws.Sns.Topic(\"sns-topic\", new()\n {\n Name = sns.Name,\n DisplayName = sns.Display_name,\n Policy = sns_topic_policy.Apply(sns_topic_policy =\u003e sns_topic_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n var sqs_queue = new Aws.Sqs.Queue(\"sqs-queue\", new()\n {\n Name = sqs.Name,\n Policy = sqs_queue_policy.Apply(sqs_queue_policy =\u003e sqs_queue_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n var sns_topicTopicSubscription = new Aws.Sns.TopicSubscription(\"sns-topic\", new()\n {\n Topic = sns_topic.Arn,\n Protocol = \"sqs\",\n Endpoint = sqs_queue.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nsns := map[string]interface{}{\n\"account-id\": \"111111111111\",\n\"displayName\": \"example\",\n\"name\": \"example-sns-topic\",\n\"region\": \"us-west-1\",\n\"role-name\": \"service/service\",\n};\nif param := cfg.GetObject(\"sns\"); param != nil {\nsns = param\n}\nsqs := map[string]interface{}{\n\"account-id\": \"222222222222\",\n\"name\": \"example-sqs-queue\",\n\"region\": \"us-east-1\",\n\"role-name\": \"service/service\",\n};\nif param := cfg.GetObject(\"sqs\"); param != nil {\nsqs = param\n}\nsns_topic_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nPolicyId: pulumi.StringRef(\"__default_policy_ID\"),\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:SetTopicAttributes\",\n\"SNS:RemovePermission\",\n\"SNS:Publish\",\n\"SNS:ListSubscriptionsByTopic\",\n\"SNS:GetTopicAttributes\",\n\"SNS:DeleteTopic\",\n\"SNS:AddPermission\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"AWS:SourceOwner\",\nValues: interface{}{\nsns.AccountId,\n},\n},\n},\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:sns:%v:%v:%v\", sns.Region, sns.AccountId, sns.Name),\n},\nSid: pulumi.StringRef(\"__default_statement_ID\"),\n},\n{\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:Receive\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringLike\",\nVariable: \"SNS:Endpoint\",\nValues: []string{\nfmt.Sprintf(\"arn:aws:sqs:%v:%v:%v\", sqs.Region, sqs.AccountId, sqs.Name),\n},\n},\n},\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:sns:%v:%v:%v\", sns.Region, sns.AccountId, sns.Name),\n},\nSid: pulumi.StringRef(\"__console_sub_0\"),\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nsqs_queue_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nPolicyId: pulumi.StringRef(fmt.Sprintf(\"arn:aws:sqs:%v:%v:%v/SQSDefaultPolicy\", sqs.Region, sqs.AccountId, sqs.Name)),\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"example-sns-topic\"),\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nActions: []string{\n\"SQS:SendMessage\",\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:sqs:%v:%v:%v\", sqs.Region, sqs.AccountId, sqs.Name),\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"ArnEquals\",\nVariable: \"aws:SourceArn\",\nValues: []string{\nfmt.Sprintf(\"arn:aws:sns:%v:%v:%v\", sns.Region, sns.AccountId, sns.Name),\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = sns.NewTopic(ctx, \"sns-topic\", \u0026sns.TopicArgs{\nName: pulumi.Any(sns.Name),\nDisplayName: pulumi.Any(sns.Display_name),\nPolicy: pulumi.String(sns_topic_policy.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = sqs.NewQueue(ctx, \"sqs-queue\", \u0026sqs.QueueArgs{\nName: pulumi.Any(sqs.Name),\nPolicy: pulumi.String(sqs_queue_policy.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = sns.NewTopicSubscription(ctx, \"sns-topic\", \u0026sns.TopicSubscriptionArgs{\nTopic: sns_topic.Arn,\nProtocol: pulumi.String(\"sqs\"),\nEndpoint: sqs_queue.Arn,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var sns = config.get(\"sns\").orElse(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n final var sqs = config.get(\"sqs\").orElse(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n final var sns-topic-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"AWS:SourceOwner\")\n .values(sns.account-id())\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(String.format(\"arn:aws:sns:%s:%s:%s\", sns.region(),sns.account-id(),sns.name()))\n .sid(\"__default_statement_ID\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"SNS:Subscribe\",\n \"SNS:Receive\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringLike\")\n .variable(\"SNS:Endpoint\")\n .values(String.format(\"arn:aws:sqs:%s:%s:%s\", sqs.region(),sqs.account-id(),sqs.name()))\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(String.format(\"arn:aws:sns:%s:%s:%s\", sns.region(),sns.account-id(),sns.name()))\n .sid(\"__console_sub_0\")\n .build())\n .build());\n\n final var sqs-queue-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(String.format(\"arn:aws:sqs:%s:%s:%s/SQSDefaultPolicy\", sqs.region(),sqs.account-id(),sqs.name()))\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"example-sns-topic\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .actions(\"SQS:SendMessage\")\n .resources(String.format(\"arn:aws:sqs:%s:%s:%s\", sqs.region(),sqs.account-id(),sqs.name()))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:aws:sns:%s:%s:%s\", sns.region(),sns.account-id(),sns.name()))\n .build())\n .build())\n .build());\n\n var sns_topic = new Topic(\"sns-topic\", TopicArgs.builder()\n .name(sns.name())\n .displayName(sns.display_name())\n .policy(sns_topic_policy.json())\n .build());\n\n var sqs_queue = new Queue(\"sqs-queue\", QueueArgs.builder()\n .name(sqs.name())\n .policy(sqs_queue_policy.json())\n .build());\n\n var sns_topicTopicSubscription = new TopicSubscription(\"sns-topicTopicSubscription\", TopicSubscriptionArgs.builder()\n .topic(sns_topic.arn())\n .protocol(\"sqs\")\n .endpoint(sqs_queue.arn())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n sns:\n type: dynamic\n default:\n account-id: '111111111111'\n displayName: example\n name: example-sns-topic\n region: us-west-1\n role-name: service/service\n sqs:\n type: dynamic\n default:\n account-id: '222222222222'\n name: example-sqs-queue\n region: us-east-1\n role-name: service/service\nresources:\n sns-topic:\n type: aws:sns:Topic\n properties:\n name: ${sns.name}\n displayName: ${sns.display_name}\n policy: ${[\"sns-topic-policy\"].json}\n sqs-queue:\n type: aws:sqs:Queue\n properties:\n name: ${sqs.name}\n policy: ${[\"sqs-queue-policy\"].json}\n sns-topicTopicSubscription:\n type: aws:sns:TopicSubscription\n name: sns-topic\n properties:\n topic: ${[\"sns-topic\"].arn}\n protocol: sqs\n endpoint: ${[\"sqs-queue\"].arn}\nvariables:\n sns-topic-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - actions:\n - SNS:Subscribe\n - SNS:SetTopicAttributes\n - SNS:RemovePermission\n - SNS:Publish\n - SNS:ListSubscriptionsByTopic\n - SNS:GetTopicAttributes\n - SNS:DeleteTopic\n - SNS:AddPermission\n conditions:\n - test: StringEquals\n variable: AWS:SourceOwner\n values:\n - ${sns\"account-id\"[%!s(MISSING)]}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - arn:aws:sns:${sns.region}:${sns\"account-id\"[%!s(MISSING)]}:${sns.name}\n sid: __default_statement_ID\n - actions:\n - SNS:Subscribe\n - SNS:Receive\n conditions:\n - test: StringLike\n variable: SNS:Endpoint\n values:\n - arn:aws:sqs:${sqs.region}:${sqs\"account-id\"[%!s(MISSING)]}:${sqs.name}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - arn:aws:sns:${sns.region}:${sns\"account-id\"[%!s(MISSING)]}:${sns.name}\n sid: __console_sub_0\n sqs-queue-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: arn:aws:sqs:${sqs.region}:${sqs\"account-id\"[%!s(MISSING)]}:${sqs.name}/SQSDefaultPolicy\n statements:\n - sid: example-sns-topic\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n actions:\n - SQS:SendMessage\n resources:\n - arn:aws:sqs:${sqs.region}:${sqs\"account-id\"[%!s(MISSING)]}:${sqs.name}\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - arn:aws:sns:${sns.region}:${sns\"account-id\"[%!s(MISSING)]}:${sns.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SNS Topic Subscriptions using the subscription `arn`. For example:\n\n```sh\n$ pulumi import aws:sns/topicSubscription:TopicSubscription user_updates_sqs_target arn:aws:sns:us-west-2:0123456789012:my-topic:8a21d249-4329-4871-acc6-7be709c6ea7f\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the subscription.\n" }, "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retrying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols. Default is `1`.\n" }, "confirmationWasAuthenticated": { "type": "boolean", "description": "Whether the subscription confirmation request was authenticated.\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "Endpoint to send data to. The contents vary with the protocol. See details below.\n" }, "endpointAutoConfirms": { "type": "boolean", "description": "Whether the endpoint is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) (e.g., PagerDuty). Default is `false`.\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "filterPolicyScope": { "type": "string", "description": "Whether the `filter_policy` applies to `MessageAttributes` (default) or `MessageBody`.\n" }, "ownerId": { "type": "string", "description": "AWS account ID of the subscription's owner.\n" }, "pendingConfirmation": { "type": "boolean", "description": "Whether the subscription has not been confirmed.\n" }, "protocol": { "type": "string", "description": "Protocol to use. Valid values are: `sqs`, `sms`, `lambda`, `firehose`, and `application`. Protocols `email`, `email-json`, `http` and `https` are also valid but partially supported. See details below.\n" }, "rawMessageDelivery": { "type": "boolean", "description": "Whether to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property). Default is `false`.\n" }, "redrivePolicy": { "type": "string", "description": "JSON String with the redrive policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-dead-letter-queues.html#how-messages-moved-into-dead-letter-queue) for more details.\n" }, "replayPolicy": { "type": "string", "description": "JSON String with the archived message replay policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-subscriber.html) for more details.\n" }, "subscriptionRoleArn": { "type": "string", "description": "ARN of the IAM role to publish to Kinesis Data Firehose delivery stream. Refer to [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html).\n" }, "topic": { "type": "string", "description": "ARN of the SNS topic to subscribe to.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "confirmationWasAuthenticated", "endpoint", "filterPolicyScope", "ownerId", "pendingConfirmation", "protocol", "topic" ], "inputProperties": { "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retrying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols. Default is `1`.\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "Endpoint to send data to. The contents vary with the protocol. See details below.\n", "willReplaceOnChanges": true }, "endpointAutoConfirms": { "type": "boolean", "description": "Whether the endpoint is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) (e.g., PagerDuty). Default is `false`.\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "filterPolicyScope": { "type": "string", "description": "Whether the `filter_policy` applies to `MessageAttributes` (default) or `MessageBody`.\n" }, "protocol": { "type": "string", "description": "Protocol to use. Valid values are: `sqs`, `sms`, `lambda`, `firehose`, and `application`. Protocols `email`, `email-json`, `http` and `https` are also valid but partially supported. See details below.\n", "willReplaceOnChanges": true }, "rawMessageDelivery": { "type": "boolean", "description": "Whether to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property). Default is `false`.\n" }, "redrivePolicy": { "type": "string", "description": "JSON String with the redrive policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-dead-letter-queues.html#how-messages-moved-into-dead-letter-queue) for more details.\n" }, "replayPolicy": { "type": "string", "description": "JSON String with the archived message replay policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-subscriber.html) for more details.\n" }, "subscriptionRoleArn": { "type": "string", "description": "ARN of the IAM role to publish to Kinesis Data Firehose delivery stream. Refer to [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html).\n" }, "topic": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ], "description": "ARN of the SNS topic to subscribe to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "endpoint", "protocol", "topic" ], "stateInputs": { "description": "Input properties used for looking up and filtering TopicSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the subscription.\n" }, "confirmationTimeoutInMinutes": { "type": "integer", "description": "Integer indicating number of minutes to wait in retrying mode for fetching subscription arn before marking it as failure. Only applicable for http and https protocols. Default is `1`.\n" }, "confirmationWasAuthenticated": { "type": "boolean", "description": "Whether the subscription confirmation request was authenticated.\n" }, "deliveryPolicy": { "type": "string", "description": "JSON String with the delivery policy (retries, backoff, etc.) that will be used in the subscription - this only applies to HTTP/S subscriptions. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/DeliveryPolicies.html) for more details.\n" }, "endpoint": { "type": "string", "description": "Endpoint to send data to. The contents vary with the protocol. See details below.\n", "willReplaceOnChanges": true }, "endpointAutoConfirms": { "type": "boolean", "description": "Whether the endpoint is capable of [auto confirming subscription](http://docs.aws.amazon.com/sns/latest/dg/SendMessageToHttp.html#SendMessageToHttp.prepare) (e.g., PagerDuty). Default is `false`.\n" }, "filterPolicy": { "type": "string", "description": "JSON String with the filter policy that will be used in the subscription to filter messages seen by the target resource. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-filtering.html) for more details.\n" }, "filterPolicyScope": { "type": "string", "description": "Whether the `filter_policy` applies to `MessageAttributes` (default) or `MessageBody`.\n" }, "ownerId": { "type": "string", "description": "AWS account ID of the subscription's owner.\n" }, "pendingConfirmation": { "type": "boolean", "description": "Whether the subscription has not been confirmed.\n" }, "protocol": { "type": "string", "description": "Protocol to use. Valid values are: `sqs`, `sms`, `lambda`, `firehose`, and `application`. Protocols `email`, `email-json`, `http` and `https` are also valid but partially supported. See details below.\n", "willReplaceOnChanges": true }, "rawMessageDelivery": { "type": "boolean", "description": "Whether to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property). Default is `false`.\n" }, "redrivePolicy": { "type": "string", "description": "JSON String with the redrive policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-dead-letter-queues.html#how-messages-moved-into-dead-letter-queue) for more details.\n" }, "replayPolicy": { "type": "string", "description": "JSON String with the archived message replay policy that will be used in the subscription. Refer to the [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-subscriber.html) for more details.\n" }, "subscriptionRoleArn": { "type": "string", "description": "ARN of the IAM role to publish to Kinesis Data Firehose delivery stream. Refer to [SNS docs](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html).\n" }, "topic": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:sns/topic:Topic" } ], "description": "ARN of the SNS topic to subscribe to.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sqs/queue:Queue": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"example-queue\",\n delaySeconds: 90,\n maxMessageSize: 2048,\n messageRetentionSeconds: 86400,\n receiveWaitTimeSeconds: 10,\n redrivePolicy: JSON.stringify({\n deadLetterTargetArn: queueDeadletter.arn,\n maxReceiveCount: 4,\n }),\n tags: {\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"example-queue\",\n delay_seconds=90,\n max_message_size=2048,\n message_retention_seconds=86400,\n receive_wait_time_seconds=10,\n redrive_policy=json.dumps({\n \"deadLetterTargetArn\": queue_deadletter[\"arn\"],\n \"maxReceiveCount\": 4,\n }),\n tags={\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"example-queue\",\n DelaySeconds = 90,\n MaxMessageSize = 2048,\n MessageRetentionSeconds = 86400,\n ReceiveWaitTimeSeconds = 10,\n RedrivePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"deadLetterTargetArn\"] = queueDeadletter.Arn,\n [\"maxReceiveCount\"] = 4,\n }),\n Tags = \n {\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"deadLetterTargetArn\": queueDeadletter.Arn,\n\t\t\t\"maxReceiveCount\": 4,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example-queue\"),\n\t\t\tDelaySeconds: pulumi.Int(90),\n\t\t\tMaxMessageSize: pulumi.Int(2048),\n\t\t\tMessageRetentionSeconds: pulumi.Int(86400),\n\t\t\tReceiveWaitTimeSeconds: pulumi.Int(10),\n\t\t\tRedrivePolicy: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"example-queue\")\n .delaySeconds(90)\n .maxMessageSize(2048)\n .messageRetentionSeconds(86400)\n .receiveWaitTimeSeconds(10)\n .redrivePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"deadLetterTargetArn\", queueDeadletter.arn()),\n jsonProperty(\"maxReceiveCount\", 4)\n )))\n .tags(Map.of(\"Environment\", \"production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: example-queue\n delaySeconds: 90\n maxMessageSize: 2048\n messageRetentionSeconds: 86400\n receiveWaitTimeSeconds: 10\n redrivePolicy:\n fn::toJSON:\n deadLetterTargetArn: ${queueDeadletter.arn}\n maxReceiveCount: 4\n tags:\n Environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## FIFO queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"example-queue.fifo\",\n fifoQueue: true,\n contentBasedDeduplication: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"example-queue.fifo\",\n fifo_queue=True,\n content_based_deduplication=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"example-queue.fifo\",\n FifoQueue = true,\n ContentBasedDeduplication = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example-queue.fifo\"),\n\t\t\tFifoQueue: pulumi.Bool(true),\n\t\t\tContentBasedDeduplication: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"example-queue.fifo\")\n .fifoQueue(true)\n .contentBasedDeduplication(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: example-queue.fifo\n fifoQueue: true\n contentBasedDeduplication: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## High-throughput FIFO queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"pulumi-example-queue.fifo\",\n fifoQueue: true,\n deduplicationScope: \"messageGroup\",\n fifoThroughputLimit: \"perMessageGroupId\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"pulumi-example-queue.fifo\",\n fifo_queue=True,\n deduplication_scope=\"messageGroup\",\n fifo_throughput_limit=\"perMessageGroupId\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"pulumi-example-queue.fifo\",\n FifoQueue = true,\n DeduplicationScope = \"messageGroup\",\n FifoThroughputLimit = \"perMessageGroupId\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-queue.fifo\"),\n\t\t\tFifoQueue: pulumi.Bool(true),\n\t\t\tDeduplicationScope: pulumi.String(\"messageGroup\"),\n\t\t\tFifoThroughputLimit: pulumi.String(\"perMessageGroupId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"pulumi-example-queue.fifo\")\n .fifoQueue(true)\n .deduplicationScope(\"messageGroup\")\n .fifoThroughputLimit(\"perMessageGroupId\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: pulumi-example-queue.fifo\n fifoQueue: true\n deduplicationScope: messageGroup\n fifoThroughputLimit: perMessageGroupId\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Dead-letter queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"pulumi-example-queue\",\n redrivePolicy: JSON.stringify({\n deadLetterTargetArn: queueDeadletter.arn,\n maxReceiveCount: 4,\n }),\n});\nconst exampleQueueDeadletter = new aws.sqs.Queue(\"example_queue_deadletter\", {name: \"pulumi-example-deadletter-queue\"});\nconst exampleQueueRedriveAllowPolicy = new aws.sqs.RedriveAllowPolicy(\"example_queue_redrive_allow_policy\", {\n queueUrl: exampleQueueDeadletter.id,\n redriveAllowPolicy: JSON.stringify({\n redrivePermission: \"byQueue\",\n sourceQueueArns: [exampleQueue.arn],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"pulumi-example-queue\",\n redrive_policy=json.dumps({\n \"deadLetterTargetArn\": queue_deadletter[\"arn\"],\n \"maxReceiveCount\": 4,\n }))\nexample_queue_deadletter = aws.sqs.Queue(\"example_queue_deadletter\", name=\"pulumi-example-deadletter-queue\")\nexample_queue_redrive_allow_policy = aws.sqs.RedriveAllowPolicy(\"example_queue_redrive_allow_policy\",\n queue_url=example_queue_deadletter.id,\n redrive_allow_policy=json.dumps({\n \"redrivePermission\": \"byQueue\",\n \"sourceQueueArns\": [example_queue[\"arn\"]],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"pulumi-example-queue\",\n RedrivePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"deadLetterTargetArn\"] = queueDeadletter.Arn,\n [\"maxReceiveCount\"] = 4,\n }),\n });\n\n var exampleQueueDeadletter = new Aws.Sqs.Queue(\"example_queue_deadletter\", new()\n {\n Name = \"pulumi-example-deadletter-queue\",\n });\n\n var exampleQueueRedriveAllowPolicy = new Aws.Sqs.RedriveAllowPolicy(\"example_queue_redrive_allow_policy\", new()\n {\n QueueUrl = exampleQueueDeadletter.Id,\n RedriveAllowPolicyName = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"redrivePermission\"] = \"byQueue\",\n [\"sourceQueueArns\"] = new[]\n {\n exampleQueue.Arn,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"deadLetterTargetArn\": queueDeadletter.Arn,\n\t\t\t\"maxReceiveCount\": 4,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-queue\"),\n\t\t\tRedrivePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleQueueDeadletter, err := sqs.NewQueue(ctx, \"example_queue_deadletter\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-deadletter-queue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"redrivePermission\": \"byQueue\",\n\t\t\t\"sourceQueueArns\": []interface{}{\n\t\t\t\texampleQueue.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = sqs.NewRedriveAllowPolicy(ctx, \"example_queue_redrive_allow_policy\", \u0026sqs.RedriveAllowPolicyArgs{\n\t\t\tQueueUrl: exampleQueueDeadletter.ID(),\n\t\t\tRedriveAllowPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.sqs.RedriveAllowPolicy;\nimport com.pulumi.aws.sqs.RedriveAllowPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"pulumi-example-queue\")\n .redrivePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"deadLetterTargetArn\", queueDeadletter.arn()),\n jsonProperty(\"maxReceiveCount\", 4)\n )))\n .build());\n\n var exampleQueueDeadletter = new Queue(\"exampleQueueDeadletter\", QueueArgs.builder()\n .name(\"pulumi-example-deadletter-queue\")\n .build());\n\n var exampleQueueRedriveAllowPolicy = new RedriveAllowPolicy(\"exampleQueueRedriveAllowPolicy\", RedriveAllowPolicyArgs.builder()\n .queueUrl(exampleQueueDeadletter.id())\n .redriveAllowPolicy(serializeJson(\n jsonObject(\n jsonProperty(\"redrivePermission\", \"byQueue\"),\n jsonProperty(\"sourceQueueArns\", jsonArray(exampleQueue.arn()))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: pulumi-example-queue\n redrivePolicy:\n fn::toJSON:\n deadLetterTargetArn: ${queueDeadletter.arn}\n maxReceiveCount: 4\n exampleQueueDeadletter:\n type: aws:sqs:Queue\n name: example_queue_deadletter\n properties:\n name: pulumi-example-deadletter-queue\n exampleQueueRedriveAllowPolicy:\n type: aws:sqs:RedriveAllowPolicy\n name: example_queue_redrive_allow_policy\n properties:\n queueUrl: ${exampleQueueDeadletter.id}\n redriveAllowPolicy:\n fn::toJSON:\n redrivePermission: byQueue\n sourceQueueArns:\n - ${exampleQueue.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Server-side encryption (SSE)\n\nUsing [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html):\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"pulumi-example-queue\",\n sqsManagedSseEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"pulumi-example-queue\",\n sqs_managed_sse_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"pulumi-example-queue\",\n SqsManagedSseEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"pulumi-example-queue\"),\n\t\t\tSqsManagedSseEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"pulumi-example-queue\")\n .sqsManagedSseEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: pulumi-example-queue\n sqsManagedSseEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nUsing [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html):\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst queue = new aws.sqs.Queue(\"queue\", {\n name: \"example-queue\",\n kmsMasterKeyId: \"alias/aws/sqs\",\n kmsDataKeyReusePeriodSeconds: 300,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nqueue = aws.sqs.Queue(\"queue\",\n name=\"example-queue\",\n kms_master_key_id=\"alias/aws/sqs\",\n kms_data_key_reuse_period_seconds=300)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var queue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"example-queue\",\n KmsMasterKeyId = \"alias/aws/sqs\",\n KmsDataKeyReusePeriodSeconds = 300,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example-queue\"),\n\t\t\tKmsMasterKeyId: pulumi.String(\"alias/aws/sqs\"),\n\t\t\tKmsDataKeyReusePeriodSeconds: pulumi.Int(300),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var queue = new Queue(\"queue\", QueueArgs.builder()\n .name(\"example-queue\")\n .kmsMasterKeyId(\"alias/aws/sqs\")\n .kmsDataKeyReusePeriodSeconds(300)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queue:\n type: aws:sqs:Queue\n properties:\n name: example-queue\n kmsMasterKeyId: alias/aws/sqs\n kmsDataKeyReusePeriodSeconds: 300\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SQS Queues using the queue `url`. For example:\n\n```sh\n$ pulumi import aws:sqs/queue:Queue public_queue https://queue.amazonaws.com/80398EXAMPLE/MyQueue\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SQS queue\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "deduplicationScope": { "type": "string", "description": "Specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` (default).\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n" }, "fifoThroughputLimit": { "type": "string", "description": "Specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` (default) and `perMessageGroupId`.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "The name of the queue. Queue names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 80 characters long. For a FIFO (first-in-first-out) queue, the name must end with the `.fifo` suffix. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n" }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redriveAllowPolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue redrive permission, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html).\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "sqsManagedSseEnabled": { "type": "boolean", "description": "Boolean to enable server-side encryption (SSE) of message content with SQS-owned encryption keys. See [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html). The provider will only perform drift detection of its value when present in a configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue. If configured with a provider `default_tags` configuration block) present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "Same as `id`: The URL for the created Amazon SQS queue.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "required": [ "arn", "deduplicationScope", "fifoThroughputLimit", "kmsDataKeyReusePeriodSeconds", "name", "namePrefix", "policy", "redriveAllowPolicy", "redrivePolicy", "sqsManagedSseEnabled", "tagsAll", "url" ], "inputProperties": { "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "deduplicationScope": { "type": "string", "description": "Specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` (default).\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n", "willReplaceOnChanges": true }, "fifoThroughputLimit": { "type": "string", "description": "Specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` (default) and `perMessageGroupId`.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "The name of the queue. Queue names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 80 characters long. For a FIFO (first-in-first-out) queue, the name must end with the `.fifo` suffix. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redriveAllowPolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue redrive permission, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html).\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "sqsManagedSseEnabled": { "type": "boolean", "description": "Boolean to enable server-side encryption (SSE) of message content with SQS-owned encryption keys. See [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html). The provider will only perform drift detection of its value when present in a configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue. If configured with a provider `default_tags` configuration block) present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Queue resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the SQS queue\n" }, "contentBasedDeduplication": { "type": "boolean", "description": "Enables content-based deduplication for FIFO queues. For more information, see the [related documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)\n" }, "deduplicationScope": { "type": "string", "description": "Specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` (default).\n" }, "delaySeconds": { "type": "integer", "description": "The time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). The default for this attribute is 0 seconds.\n" }, "fifoQueue": { "type": "boolean", "description": "Boolean designating a FIFO queue. If not set, it defaults to `false` making it standard.\n", "willReplaceOnChanges": true }, "fifoThroughputLimit": { "type": "string", "description": "Specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` (default) and `perMessageGroupId`.\n" }, "kmsDataKeyReusePeriodSeconds": { "type": "integer", "description": "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes).\n" }, "kmsMasterKeyId": { "type": "string", "description": "The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK. For more information, see [Key Terms](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).\n" }, "maxMessageSize": { "type": "integer", "description": "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB).\n" }, "messageRetentionSeconds": { "type": "integer", "description": "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days). The default for this attribute is 345600 (4 days).\n" }, "name": { "type": "string", "description": "The name of the queue. Queue names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 80 characters long. For a FIFO (first-in-first-out) queue, the name must end with the `.fifo` suffix. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`\n", "willReplaceOnChanges": true }, "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "receiveWaitTimeSeconds": { "type": "integer", "description": "The time for which a ReceiveMessage call will wait for a message to arrive (long polling) before returning. An integer from 0 to 20 (seconds). The default for this attribute is 0, meaning that the call will return immediately.\n" }, "redriveAllowPolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue redrive permission, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html).\n" }, "redrivePolicy": { "type": "string", "description": "The JSON policy to set up the Dead Letter Queue, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/SQSDeadLetterQueue.html). **Note:** when specifying `maxReceiveCount`, you must specify it as an integer (`5`), and not a string (`\"5\"`).\n" }, "sqsManagedSseEnabled": { "type": "boolean", "description": "Boolean to enable server-side encryption (SSE) of message content with SQS-owned encryption keys. See [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html). The provider will only perform drift detection of its value when present in a configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the queue. If configured with a provider `default_tags` configuration block) present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "Same as `id`: The URL for the created Amazon SQS queue.\n" }, "visibilityTimeoutSeconds": { "type": "integer", "description": "The visibility timeout for the queue. An integer from 0 to 43200 (12 hours). The default for this attribute is 30. For more information about visibility timeout, see [AWS docs](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AboutVT.html).\n" } }, "type": "object" } }, "aws:sqs/queuePolicy:QueuePolicy": { "description": "Allows you to set a policy of an SQS Queue\nwhile referencing ARN of the queue within the policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst q = new aws.sqs.Queue(\"q\", {name: \"examplequeue\"});\nconst test = q.arn.apply(arn =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"First\",\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [arn],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [example.arn],\n }],\n }],\n}));\nconst testQueuePolicy = new aws.sqs.QueuePolicy(\"test\", {\n queueUrl: q.id,\n policy: test.apply(test =\u003e test.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nq = aws.sqs.Queue(\"q\", name=\"examplequeue\")\ntest = q.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"sid\": \"First\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"*\",\n \"identifiers\": [\"*\"],\n }],\n \"actions\": [\"sqs:SendMessage\"],\n \"resources\": [arn],\n \"conditions\": [{\n \"test\": \"ArnEquals\",\n \"variable\": \"aws:SourceArn\",\n \"values\": [example[\"arn\"]],\n }],\n}]))\ntest_queue_policy = aws.sqs.QueuePolicy(\"test\",\n queue_url=q.id,\n policy=test.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var q = new Aws.Sqs.Queue(\"q\", new()\n {\n Name = \"examplequeue\",\n });\n\n var test = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"First\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n q.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n example.Arn,\n },\n },\n },\n },\n },\n });\n\n var testQueuePolicy = new Aws.Sqs.QueuePolicy(\"test\", new()\n {\n QueueUrl = q.Id,\n Policy = test.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nq, err := sqs.NewQueue(ctx, \"q\", \u0026sqs.QueueArgs{\nName: pulumi.String(\"examplequeue\"),\n})\nif err != nil {\nreturn err\n}\ntest := q.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"First\",\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"*\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nActions: []string{\n\"sqs:SendMessage\",\n},\nResources: []string{\narn,\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"ArnEquals\",\nVariable: \"aws:SourceArn\",\nValues: interface{}{\nexample.Arn,\n},\n},\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sqs.NewQueuePolicy(ctx, \"test\", \u0026sqs.QueuePolicyArgs{\nQueueUrl: q.ID(),\nPolicy: pulumi.String(test.ApplyT(func(test iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026test.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.QueuePolicy;\nimport com.pulumi.aws.sqs.QueuePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var q = new Queue(\"q\", QueueArgs.builder()\n .name(\"examplequeue\")\n .build());\n\n final var test = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"First\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(q.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(example.arn())\n .build())\n .build())\n .build());\n\n var testQueuePolicy = new QueuePolicy(\"testQueuePolicy\", QueuePolicyArgs.builder()\n .queueUrl(q.id())\n .policy(test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(test -\u003e test.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n q:\n type: aws:sqs:Queue\n properties:\n name: examplequeue\n testQueuePolicy:\n type: aws:sqs:QueuePolicy\n name: test\n properties:\n queueUrl: ${q.id}\n policy: ${test.json}\nvariables:\n test:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: First\n effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - ${q.arn}\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SQS Queue Policies using the queue URL. For example:\n\n```sh\n$ pulumi import aws:sqs/queuePolicy:QueuePolicy test https://queue.amazonaws.com/0123456789012/myqueue\n```\n", "properties": { "policy": { "type": "string", "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" } }, "required": [ "policy", "queueUrl" ], "inputProperties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "queueUrl" ], "stateInputs": { "description": "Input properties used for looking up and filtering QueuePolicy resources.\n", "properties": { "policy": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:iam/documents:PolicyDocument" } ], "description": "The JSON policy for the SQS queue.\n" }, "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:sqs/redriveAllowPolicy:RedriveAllowPolicy": { "description": "Provides a SQS Queue Redrive Allow Policy resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {name: \"examplequeue\"});\nconst src = new aws.sqs.Queue(\"src\", {\n name: \"srcqueue\",\n redrivePolicy: pulumi.jsonStringify({\n deadLetterTargetArn: example.arn,\n maxReceiveCount: 4,\n }),\n});\nconst exampleRedriveAllowPolicy = new aws.sqs.RedriveAllowPolicy(\"example\", {\n queueUrl: example.id,\n redriveAllowPolicy: pulumi.jsonStringify({\n redrivePermission: \"byQueue\",\n sourceQueueArns: [src.arn],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\", name=\"examplequeue\")\nsrc = aws.sqs.Queue(\"src\",\n name=\"srcqueue\",\n redrive_policy=pulumi.Output.json_dumps({\n \"deadLetterTargetArn\": example.arn,\n \"maxReceiveCount\": 4,\n }))\nexample_redrive_allow_policy = aws.sqs.RedriveAllowPolicy(\"example\",\n queue_url=example.id,\n redrive_allow_policy=pulumi.Output.json_dumps({\n \"redrivePermission\": \"byQueue\",\n \"sourceQueueArns\": [src.arn],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\", new()\n {\n Name = \"examplequeue\",\n });\n\n var src = new Aws.Sqs.Queue(\"src\", new()\n {\n Name = \"srcqueue\",\n RedrivePolicy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"deadLetterTargetArn\"] = example.Arn,\n [\"maxReceiveCount\"] = 4,\n })),\n });\n\n var exampleRedriveAllowPolicy = new Aws.Sqs.RedriveAllowPolicy(\"example\", new()\n {\n QueueUrl = example.Id,\n RedriveAllowPolicyName = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"redrivePermission\"] = \"byQueue\",\n [\"sourceQueueArns\"] = new[]\n {\n src.Arn,\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sqs.NewQueue(ctx, \"example\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"examplequeue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsrc, err := sqs.NewQueue(ctx, \"src\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"srcqueue\"),\n\t\t\tRedrivePolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"deadLetterTargetArn\": arn,\n\t\t\t\t\t\"maxReceiveCount\": 4,\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sqs.NewRedriveAllowPolicy(ctx, \"example\", \u0026sqs.RedriveAllowPolicyArgs{\n\t\t\tQueueUrl: example.ID(),\n\t\t\tRedriveAllowPolicy: src.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"redrivePermission\": \"byQueue\",\n\t\t\t\t\t\"sourceQueueArns\": []string{\n\t\t\t\t\t\tarn,\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.sqs.RedriveAllowPolicy;\nimport com.pulumi.aws.sqs.RedriveAllowPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\", QueueArgs.builder()\n .name(\"examplequeue\")\n .build());\n\n var src = new Queue(\"src\", QueueArgs.builder()\n .name(\"srcqueue\")\n .redrivePolicy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"deadLetterTargetArn\", arn),\n jsonProperty(\"maxReceiveCount\", 4)\n ))))\n .build());\n\n var exampleRedriveAllowPolicy = new RedriveAllowPolicy(\"exampleRedriveAllowPolicy\", RedriveAllowPolicyArgs.builder()\n .queueUrl(example.id())\n .redriveAllowPolicy(src.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"redrivePermission\", \"byQueue\"),\n jsonProperty(\"sourceQueueArns\", jsonArray(arn))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n src:\n type: aws:sqs:Queue\n properties:\n name: srcqueue\n redrivePolicy:\n fn::toJSON:\n deadLetterTargetArn: ${example.arn}\n maxReceiveCount: 4\n example:\n type: aws:sqs:Queue\n properties:\n name: examplequeue\n exampleRedriveAllowPolicy:\n type: aws:sqs:RedriveAllowPolicy\n name: example\n properties:\n queueUrl: ${example.id}\n redriveAllowPolicy:\n fn::toJSON:\n redrivePermission: byQueue\n sourceQueueArns:\n - ${src.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SQS Queue Redrive Allow Policies using the queue URL. For example:\n\n```sh\n$ pulumi import aws:sqs/redriveAllowPolicy:RedriveAllowPolicy test https://queue.amazonaws.com/0123456789012/myqueue\n```\n", "properties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" }, "redriveAllowPolicy": { "type": "string", "description": "The JSON redrive allow policy for the SQS queue. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedriveAllowPolicyName" } } } }, "required": [ "queueUrl", "redriveAllowPolicy" ], "inputProperties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true }, "redriveAllowPolicy": { "type": "string", "description": "The JSON redrive allow policy for the SQS queue. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedriveAllowPolicyName" } } } }, "requiredInputs": [ "queueUrl", "redriveAllowPolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering RedriveAllowPolicy resources.\n", "properties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true }, "redriveAllowPolicy": { "type": "string", "description": "The JSON redrive allow policy for the SQS queue. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedriveAllowPolicyName" } } } }, "type": "object" } }, "aws:sqs/redrivePolicy:RedrivePolicy": { "description": "Allows you to set a redrive policy of an SQS Queue\nwhile referencing ARN of the dead letter queue inside the redrive policy.\n\nThis is useful when you want to set a dedicated\ndead letter queue for a standard or FIFO queue, but need\nthe dead letter queue to exist before setting the redrive policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst q = new aws.sqs.Queue(\"q\", {name: \"examplequeue\"});\nconst ddl = new aws.sqs.Queue(\"ddl\", {\n name: \"examplequeue-ddl\",\n redriveAllowPolicy: pulumi.jsonStringify({\n redrivePermission: \"byQueue\",\n sourceQueueArns: [q.arn],\n }),\n});\nconst qRedrivePolicy = new aws.sqs.RedrivePolicy(\"q\", {\n queueUrl: q.id,\n redrivePolicy: pulumi.jsonStringify({\n deadLetterTargetArn: ddl.arn,\n maxReceiveCount: 4,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nq = aws.sqs.Queue(\"q\", name=\"examplequeue\")\nddl = aws.sqs.Queue(\"ddl\",\n name=\"examplequeue-ddl\",\n redrive_allow_policy=pulumi.Output.json_dumps({\n \"redrivePermission\": \"byQueue\",\n \"sourceQueueArns\": [q.arn],\n }))\nq_redrive_policy = aws.sqs.RedrivePolicy(\"q\",\n queue_url=q.id,\n redrive_policy=pulumi.Output.json_dumps({\n \"deadLetterTargetArn\": ddl.arn,\n \"maxReceiveCount\": 4,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var q = new Aws.Sqs.Queue(\"q\", new()\n {\n Name = \"examplequeue\",\n });\n\n var ddl = new Aws.Sqs.Queue(\"ddl\", new()\n {\n Name = \"examplequeue-ddl\",\n RedriveAllowPolicy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"redrivePermission\"] = \"byQueue\",\n [\"sourceQueueArns\"] = new[]\n {\n q.Arn,\n },\n })),\n });\n\n var qRedrivePolicy = new Aws.Sqs.RedrivePolicy(\"q\", new()\n {\n QueueUrl = q.Id,\n RedrivePolicyName = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"deadLetterTargetArn\"] = ddl.Arn,\n [\"maxReceiveCount\"] = 4,\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tq, err := sqs.NewQueue(ctx, \"q\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"examplequeue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tddl, err := sqs.NewQueue(ctx, \"ddl\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"examplequeue-ddl\"),\n\t\t\tRedriveAllowPolicy: q.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"redrivePermission\": \"byQueue\",\n\t\t\t\t\t\"sourceQueueArns\": []string{\n\t\t\t\t\t\tarn,\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sqs.NewRedrivePolicy(ctx, \"q\", \u0026sqs.RedrivePolicyArgs{\n\t\t\tQueueUrl: q.ID(),\n\t\t\tRedrivePolicy: ddl.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"deadLetterTargetArn\": arn,\n\t\t\t\t\t\"maxReceiveCount\": 4,\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.sqs.RedrivePolicy;\nimport com.pulumi.aws.sqs.RedrivePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var q = new Queue(\"q\", QueueArgs.builder()\n .name(\"examplequeue\")\n .build());\n\n var ddl = new Queue(\"ddl\", QueueArgs.builder()\n .name(\"examplequeue-ddl\")\n .redriveAllowPolicy(q.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"redrivePermission\", \"byQueue\"),\n jsonProperty(\"sourceQueueArns\", jsonArray(arn))\n ))))\n .build());\n\n var qRedrivePolicy = new RedrivePolicy(\"qRedrivePolicy\", RedrivePolicyArgs.builder()\n .queueUrl(q.id())\n .redrivePolicy(ddl.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"deadLetterTargetArn\", arn),\n jsonProperty(\"maxReceiveCount\", 4)\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n q:\n type: aws:sqs:Queue\n properties:\n name: examplequeue\n ddl:\n type: aws:sqs:Queue\n properties:\n name: examplequeue-ddl\n redriveAllowPolicy:\n fn::toJSON:\n redrivePermission: byQueue\n sourceQueueArns:\n - ${q.arn}\n qRedrivePolicy:\n type: aws:sqs:RedrivePolicy\n name: q\n properties:\n queueUrl: ${q.id}\n redrivePolicy:\n fn::toJSON:\n deadLetterTargetArn: ${ddl.arn}\n maxReceiveCount: 4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SQS Queue Redrive Policies using the queue URL. For example:\n\n```sh\n$ pulumi import aws:sqs/redrivePolicy:RedrivePolicy test https://queue.amazonaws.com/0123456789012/myqueue\n```\n", "properties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n" }, "redrivePolicy": { "type": "string", "description": "The JSON redrive policy for the SQS queue. Accepts two key/val pairs: `deadLetterTargetArn` and `maxReceiveCount`. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedrivePolicyName" } } } }, "required": [ "queueUrl", "redrivePolicy" ], "inputProperties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true }, "redrivePolicy": { "type": "string", "description": "The JSON redrive policy for the SQS queue. Accepts two key/val pairs: `deadLetterTargetArn` and `maxReceiveCount`. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedrivePolicyName" } } } }, "requiredInputs": [ "queueUrl", "redrivePolicy" ], "stateInputs": { "description": "Input properties used for looking up and filtering RedrivePolicy resources.\n", "properties": { "queueUrl": { "type": "string", "description": "The URL of the SQS Queue to which to attach the policy\n", "willReplaceOnChanges": true }, "redrivePolicy": { "type": "string", "description": "The JSON redrive policy for the SQS queue. Accepts two key/val pairs: `deadLetterTargetArn` and `maxReceiveCount`. Learn more in the [Amazon SQS dead-letter queues documentation](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html).\n", "language": { "csharp": { "name": "RedrivePolicyName" } } } }, "type": "object" } }, "aws:ssm/activation:Activation": { "description": "Registers an on-premises server or virtual machine with Amazon EC2 so that it can be managed using Run Command.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ssm.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testAttach = new aws.iam.RolePolicyAttachment(\"test_attach\", {\n role: testRole.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n});\nconst foo = new aws.ssm.Activation(\"foo\", {\n name: \"test_ssm_activation\",\n description: \"Test\",\n iamRole: testRole.id,\n registrationLimit: 5,\n}, {\n dependsOn: [testAttach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ssm.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=assume_role.json)\ntest_attach = aws.iam.RolePolicyAttachment(\"test_attach\",\n role=test_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\nfoo = aws.ssm.Activation(\"foo\",\n name=\"test_ssm_activation\",\n description=\"Test\",\n iam_role=test_role.id,\n registration_limit=5,\n opts = pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ssm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testAttach = new Aws.Iam.RolePolicyAttachment(\"test_attach\", new()\n {\n Role = testRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n });\n\n var foo = new Aws.Ssm.Activation(\"foo\", new()\n {\n Name = \"test_ssm_activation\",\n Description = \"Test\",\n IamRole = testRole.Id,\n RegistrationLimit = 5,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAttach,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ssm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAttach, err := iam.NewRolePolicyAttachment(ctx, \"test_attach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: testRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewActivation(ctx, \"foo\", \u0026ssm.ActivationArgs{\n\t\t\tName: pulumi.String(\"test_ssm_activation\"),\n\t\t\tDescription: pulumi.String(\"Test\"),\n\t\t\tIamRole: testRole.ID(),\n\t\t\tRegistrationLimit: pulumi.Int(5),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAttach,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.ssm.Activation;\nimport com.pulumi.aws.ssm.ActivationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ssm.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder()\n .name(\"test_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testAttach = new RolePolicyAttachment(\"testAttach\", RolePolicyAttachmentArgs.builder()\n .role(testRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\n .build());\n\n var foo = new Activation(\"foo\", ActivationArgs.builder()\n .name(\"test_ssm_activation\")\n .description(\"Test\")\n .iamRole(testRole.id())\n .registrationLimit(\"5\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAttach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy: ${assumeRole.json}\n testAttach:\n type: aws:iam:RolePolicyAttachment\n name: test_attach\n properties:\n role: ${testRole.name}\n policyArn: arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\n foo:\n type: aws:ssm:Activation\n properties:\n name: test_ssm_activation\n description: Test\n iamRole: ${testRole.id}\n registrationLimit: '5'\n options:\n dependson:\n - ${testAttach}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ssm.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS SSM Activation using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssm/activation:Activation example e488f2f6-e686-4afb-8a04-ef6dfEXAMPLE\n```\n-\u003e __Note:__ The `activation_code` attribute cannot be imported.\n\n", "properties": { "activationCode": { "type": "string", "description": "The code the system generates when it processes the activation.\n" }, "description": { "type": "string", "description": "The description of the resource that you want to register.\n" }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n" }, "expired": { "type": "boolean", "description": "If the current activation has expired.\n" }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n" }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n" }, "registrationCount": { "type": "integer", "description": "The number of managed instances that are currently registered using this activation.\n" }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "activationCode", "expirationDate", "expired", "iamRole", "name", "registrationCount", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the resource that you want to register.\n", "willReplaceOnChanges": true }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n", "willReplaceOnChanges": true }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n", "willReplaceOnChanges": true }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "iamRole" ], "stateInputs": { "description": "Input properties used for looking up and filtering Activation resources.\n", "properties": { "activationCode": { "type": "string", "description": "The code the system generates when it processes the activation.\n" }, "description": { "type": "string", "description": "The description of the resource that you want to register.\n", "willReplaceOnChanges": true }, "expirationDate": { "type": "string", "description": "UTC timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) by which this activation request should expire. The default value is 24 hours from resource creation time. This provider will only perform drift detection of its value when present in a configuration.\n", "willReplaceOnChanges": true }, "expired": { "type": "boolean", "description": "If the current activation has expired.\n" }, "iamRole": { "type": "string", "description": "The IAM Role to attach to the managed instance.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The default name of the registered managed instance.\n", "willReplaceOnChanges": true }, "registrationCount": { "type": "integer", "description": "The number of managed instances that are currently registered using this activation.\n" }, "registrationLimit": { "type": "integer", "description": "The maximum number of managed instances you want to register. The default value is 1 instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "willReplaceOnChanges": true }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead.", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssm/association:Association": { "description": "Associates an SSM Document to an instance or EC2 tag.\n\n## Example Usage\n\n### Create an association for a specific instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.Association(\"example\", {\n name: exampleAwsSsmDocument.name,\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.Association(\"example\",\n name=example_aws_ssm_document[\"name\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.Association(\"example\", new()\n {\n Name = exampleAwsSsmDocument.Name,\n Targets = new[]\n {\n new Aws.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewAssociation(ctx, \"example\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.Any(exampleAwsSsmDocument.Name),\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Association;\nimport com.pulumi.aws.ssm.AssociationArgs;\nimport com.pulumi.aws.ssm.inputs.AssociationTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Association(\"example\", AssociationArgs.builder()\n .name(exampleAwsSsmDocument.name())\n .targets(AssociationTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:Association\n properties:\n name: ${exampleAwsSsmDocument.name}\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create an association for all managed instances in an AWS account\n\nTo target all managed instances in an AWS account, set the `key` as `\"InstanceIds\"` with `values` set as `[\"*\"]`. This example also illustrates how to use an Amazon owned SSM document named `AmazonCloudWatch-ManageAgent`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.Association(\"example\", {\n name: \"AmazonCloudWatch-ManageAgent\",\n targets: [{\n key: \"InstanceIds\",\n values: [\"*\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.Association(\"example\",\n name=\"AmazonCloudWatch-ManageAgent\",\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [\"*\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.Association(\"example\", new()\n {\n Name = \"AmazonCloudWatch-ManageAgent\",\n Targets = new[]\n {\n new Aws.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewAssociation(ctx, \"example\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.String(\"AmazonCloudWatch-ManageAgent\"),\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Association;\nimport com.pulumi.aws.ssm.AssociationArgs;\nimport com.pulumi.aws.ssm.inputs.AssociationTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Association(\"example\", AssociationArgs.builder()\n .name(\"AmazonCloudWatch-ManageAgent\")\n .targets(AssociationTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(\"*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:Association\n properties:\n name: AmazonCloudWatch-ManageAgent\n targets:\n - key: InstanceIds\n values:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create an association for a specific tag\n\nThis example shows how to target all managed instances that are assigned a tag key of `Environment` and value of `Development`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.Association(\"example\", {\n name: \"AmazonCloudWatch-ManageAgent\",\n targets: [{\n key: \"tag:Environment\",\n values: [\"Development\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.Association(\"example\",\n name=\"AmazonCloudWatch-ManageAgent\",\n targets=[{\n \"key\": \"tag:Environment\",\n \"values\": [\"Development\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.Association(\"example\", new()\n {\n Name = \"AmazonCloudWatch-ManageAgent\",\n Targets = new[]\n {\n new Aws.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"tag:Environment\",\n Values = new[]\n {\n \"Development\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewAssociation(ctx, \"example\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.String(\"AmazonCloudWatch-ManageAgent\"),\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Environment\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Development\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Association;\nimport com.pulumi.aws.ssm.AssociationArgs;\nimport com.pulumi.aws.ssm.inputs.AssociationTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Association(\"example\", AssociationArgs.builder()\n .name(\"AmazonCloudWatch-ManageAgent\")\n .targets(AssociationTargetArgs.builder()\n .key(\"tag:Environment\")\n .values(\"Development\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:Association\n properties:\n name: AmazonCloudWatch-ManageAgent\n targets:\n - key: tag:Environment\n values:\n - Development\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create an association with a specific schedule\n\nThis example shows how to schedule an association in various ways.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.Association(\"example\", {\n name: exampleAwsSsmDocument.name,\n scheduleExpression: \"cron(0 2 ? * SUN *)\",\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.Association(\"example\",\n name=example_aws_ssm_document[\"name\"],\n schedule_expression=\"cron(0 2 ? * SUN *)\",\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.Association(\"example\", new()\n {\n Name = exampleAwsSsmDocument.Name,\n ScheduleExpression = \"cron(0 2 ? * SUN *)\",\n Targets = new[]\n {\n new Aws.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewAssociation(ctx, \"example\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.Any(exampleAwsSsmDocument.Name),\n\t\t\tScheduleExpression: pulumi.String(\"cron(0 2 ? * SUN *)\"),\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Association;\nimport com.pulumi.aws.ssm.AssociationArgs;\nimport com.pulumi.aws.ssm.inputs.AssociationTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Association(\"example\", AssociationArgs.builder()\n .name(exampleAwsSsmDocument.name())\n .scheduleExpression(\"cron(0 2 ? * SUN *)\")\n .targets(AssociationTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:Association\n properties:\n name: ${exampleAwsSsmDocument.name}\n scheduleExpression: cron(0 2 ? * SUN *)\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM associations using the `association_id`. For example:\n\n```sh\n$ pulumi import aws:ssm/association:Association test-association 10abcdef-0abc-1234-5678-90abcdef123456\n```\n", "properties": { "applyOnlyAtCronInterval": { "type": "boolean", "description": "By default, when you create a new or update associations, the system runs it immediately and then according to the schedule you specified. Enable this option if you do not want an association to run immediately after you create or update it. This parameter is not supported for rate expressions. Default: `false`.\n" }, "arn": { "type": "string", "description": "The ARN of the SSM association\n" }, "associationId": { "type": "string", "description": "The ID of the SSM association.\n" }, "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls. This should be set to the SSM document `parameter` that will define how your automation will branch out.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above. Use the `targets` attribute instead.\n", "deprecationMessage": "use 'targets' argument instead. https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html#systemsmanager-CreateAssociation-request-InstanceId" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%. If you specify a threshold of 3, the stop command is sent when the fourth error is returned. If you specify a threshold of 10% for 50 associations, the stop command is sent when the sixth error is returned.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n" }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html) that specifies when the association runs.\n" }, "syncCompliance": { "type": "string", "description": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" }, "waitForSuccessTimeoutSeconds": { "type": "integer", "description": "The number of seconds to wait for the association status to be `Success`. If `Success` status is not reached within the given time, create opration will fail.\n\nOutput Location (`output_location`) is an S3 bucket where you want to store the results of this association:\n" } }, "required": [ "arn", "associationId", "documentVersion", "name", "parameters", "tagsAll", "targets" ], "inputProperties": { "applyOnlyAtCronInterval": { "type": "boolean", "description": "By default, when you create a new or update associations, the system runs it immediately and then according to the schedule you specified. Enable this option if you do not want an association to run immediately after you create or update it. This parameter is not supported for rate expressions. Default: `false`.\n" }, "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls. This should be set to the SSM document `parameter` that will define how your automation will branch out.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above. Use the `targets` attribute instead.\n", "deprecationMessage": "use 'targets' argument instead. https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html#systemsmanager-CreateAssociation-request-InstanceId", "willReplaceOnChanges": true }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%. If you specify a threshold of 3, the stop command is sent when the fourth error is returned. If you specify a threshold of 10% for 50 associations, the stop command is sent when the sixth error is returned.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n", "willReplaceOnChanges": true }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html) that specifies when the association runs.\n" }, "syncCompliance": { "type": "string", "description": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" }, "waitForSuccessTimeoutSeconds": { "type": "integer", "description": "The number of seconds to wait for the association status to be `Success`. If `Success` status is not reached within the given time, create opration will fail.\n\nOutput Location (`output_location`) is an S3 bucket where you want to store the results of this association:\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Association resources.\n", "properties": { "applyOnlyAtCronInterval": { "type": "boolean", "description": "By default, when you create a new or update associations, the system runs it immediately and then according to the schedule you specified. Enable this option if you do not want an association to run immediately after you create or update it. This parameter is not supported for rate expressions. Default: `false`.\n" }, "arn": { "type": "string", "description": "The ARN of the SSM association\n" }, "associationId": { "type": "string", "description": "The ID of the SSM association.\n" }, "associationName": { "type": "string", "description": "The descriptive name for the association.\n" }, "automationTargetParameterName": { "type": "string", "description": "Specify the target for the association. This target is required for associations that use an `Automation` document and target resources by using rate controls. This should be set to the SSM document `parameter` that will define how your automation will branch out.\n" }, "complianceSeverity": { "type": "string", "description": "The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`\n" }, "documentVersion": { "type": "string", "description": "The document version you want to associate with the target(s). Can be a specific version or the default version.\n" }, "instanceId": { "type": "string", "description": "The instance ID to apply an SSM document to. Use `targets` with key `InstanceIds` for document schema versions 2.0 and above. Use the `targets` attribute instead.\n", "deprecationMessage": "use 'targets' argument instead. https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html#systemsmanager-CreateAssociation-request-InstanceId", "willReplaceOnChanges": true }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%.\n" }, "maxErrors": { "type": "string", "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify a number, for example 10, or a percentage of the target set, for example 10%. If you specify a threshold of 3, the stop command is sent when the fourth error is returned. If you specify a threshold of 10% for 50 associations, the stop command is sent when the sixth error is returned.\n" }, "name": { "type": "string", "description": "The name of the SSM document to apply.\n", "willReplaceOnChanges": true }, "outputLocation": { "$ref": "#/types/aws:ssm/AssociationOutputLocation:AssociationOutputLocation", "description": "An output location block. Output Location is documented below.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A block of arbitrary string parameters to pass to the SSM document.\n" }, "scheduleExpression": { "type": "string", "description": "A [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html) that specifies when the association runs.\n" }, "syncCompliance": { "type": "string", "description": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/AssociationTarget:AssociationTarget" }, "description": "A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.\n" }, "waitForSuccessTimeoutSeconds": { "type": "integer", "description": "The number of seconds to wait for the association status to be `Success`. If `Success` status is not reached within the given time, create opration will fail.\n\nOutput Location (`output_location`) is an S3 bucket where you want to store the results of this association:\n" } }, "type": "object" } }, "aws:ssm/contactsRotation:ContactsRotation": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n dailySettings: [{\n hourOfDay: 9,\n minuteOfHour: 0,\n }],\n },\n timeZoneId: \"Australia/Sydney\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence={\n \"number_of_on_calls\": 1,\n \"recurrence_multiplier\": 1,\n \"daily_settings\": [{\n \"hour_of_day\": 9,\n \"minute_of_hour\": 0,\n }],\n },\n time_zone_id=\"Australia/Sydney\",\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n DailySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceDailySettingArgs\n {\n HourOfDay = 9,\n MinuteOfHour = 0,\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tDailySettings: ssm.ContactsRotationRecurrenceDailySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceDailySettingArgs{\n\t\t\t\t\t\tHourOfDay: pulumi.Int(9),\n\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder()\n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .dailySettings(ContactsRotationRecurrenceDailySettingArgs.builder()\n .hourOfDay(9)\n .minuteOfHour(0)\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n dailySettings:\n - hourOfDay: 9\n minuteOfHour: 0\n timeZoneId: Australia/Sydney\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Weekly Settings and Shift Coverages Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n weeklySettings: [\n {\n dayOfWeek: \"WED\",\n handOffTime: {\n hourOfDay: 4,\n minuteOfHour: 25,\n },\n },\n {\n dayOfWeek: \"FRI\",\n handOffTime: {\n hourOfDay: 15,\n minuteOfHour: 57,\n },\n },\n ],\n shiftCoverages: [{\n mapBlockKey: \"MON\",\n coverageTimes: [{\n start: {\n hourOfDay: 1,\n minuteOfHour: 0,\n },\n end: {\n hourOfDay: 23,\n minuteOfHour: 0,\n },\n }],\n }],\n },\n startTime: \"2023-07-20T02:21:49+00:00\",\n timeZoneId: \"Australia/Sydney\",\n tags: {\n key1: \"tag1\",\n key2: \"tag2\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence={\n \"number_of_on_calls\": 1,\n \"recurrence_multiplier\": 1,\n \"weekly_settings\": [\n {\n \"day_of_week\": \"WED\",\n \"hand_off_time\": {\n \"hour_of_day\": 4,\n \"minute_of_hour\": 25,\n },\n },\n {\n \"day_of_week\": \"FRI\",\n \"hand_off_time\": {\n \"hour_of_day\": 15,\n \"minute_of_hour\": 57,\n },\n },\n ],\n \"shift_coverages\": [{\n \"map_block_key\": \"MON\",\n \"coverage_times\": [{\n \"start\": {\n \"hour_of_day\": 1,\n \"minute_of_hour\": 0,\n },\n \"end\": {\n \"hour_of_day\": 23,\n \"minute_of_hour\": 0,\n },\n }],\n }],\n },\n start_time=\"2023-07-20T02:21:49+00:00\",\n time_zone_id=\"Australia/Sydney\",\n tags={\n \"key1\": \"tag1\",\n \"key2\": \"tag2\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n WeeklySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"WED\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 4,\n MinuteOfHour = 25,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"FRI\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 15,\n MinuteOfHour = 57,\n },\n },\n },\n ShiftCoverages = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageArgs\n {\n MapBlockKey = \"MON\",\n CoverageTimes = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs\n {\n Start = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs\n {\n HourOfDay = 1,\n MinuteOfHour = 0,\n },\n End = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs\n {\n HourOfDay = 23,\n MinuteOfHour = 0,\n },\n },\n },\n },\n },\n },\n StartTime = \"2023-07-20T02:21:49+00:00\",\n TimeZoneId = \"Australia/Sydney\",\n Tags = \n {\n { \"key1\", \"tag1\" },\n { \"key2\", \"tag2\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tWeeklySettings: ssm.ContactsRotationRecurrenceWeeklySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"WED\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(4),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(25),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"FRI\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(15),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(57),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tShiftCoverages: ssm.ContactsRotationRecurrenceShiftCoverageArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageArgs{\n\t\t\t\t\t\tMapBlockKey: pulumi.String(\"MON\"),\n\t\t\t\t\t\tCoverageTimes: ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArray{\n\t\t\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs{\n\t\t\t\t\t\t\t\tStart: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(1),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tEnd: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(23),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tStartTime: pulumi.String(\"2023-07-20T02:21:49+00:00\"),\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"tag1\"),\n\t\t\t\t\"key2\": pulumi.String(\"tag2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder()\n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .weeklySettings( \n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"WED\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(4)\n .minuteOfHour(25)\n .build())\n .build(),\n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"FRI\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(15)\n .minuteOfHour(57)\n .build())\n .build())\n .shiftCoverages(ContactsRotationRecurrenceShiftCoverageArgs.builder()\n .mapBlockKey(\"MON\")\n .coverageTimes(ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs.builder()\n .start(ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs.builder()\n .hourOfDay(1)\n .minuteOfHour(0)\n .build())\n .end(ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs.builder()\n .hourOfDay(23)\n .minuteOfHour(0)\n .build())\n .build())\n .build())\n .build())\n .startTime(\"2023-07-20T02:21:49+00:00\")\n .timeZoneId(\"Australia/Sydney\")\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"tag1\"),\n Map.entry(\"key2\", \"tag2\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n weeklySettings:\n - dayOfWeek: WED\n handOffTime:\n hourOfDay: 4\n minuteOfHour: 25\n - dayOfWeek: FRI\n handOffTime:\n hourOfDay: 15\n minuteOfHour: 57\n shiftCoverages:\n - mapBlockKey: MON\n coverageTimes:\n - start:\n hourOfDay: 1\n minuteOfHour: 0\n end:\n hourOfDay: 23\n minuteOfHour: 0\n startTime: 2023-07-20T02:21:49+00:00\n timeZoneId: Australia/Sydney\n tags:\n key1: tag1\n key2: tag2\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Monthly Settings Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n monthlySettings: [\n {\n dayOfMonth: 20,\n handOffTime: {\n hourOfDay: 8,\n minuteOfHour: 0,\n },\n },\n {\n dayOfMonth: 13,\n handOffTime: {\n hourOfDay: 12,\n minuteOfHour: 34,\n },\n },\n ],\n },\n timeZoneId: \"Australia/Sydney\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence={\n \"number_of_on_calls\": 1,\n \"recurrence_multiplier\": 1,\n \"monthly_settings\": [\n {\n \"day_of_month\": 20,\n \"hand_off_time\": {\n \"hour_of_day\": 8,\n \"minute_of_hour\": 0,\n },\n },\n {\n \"day_of_month\": 13,\n \"hand_off_time\": {\n \"hour_of_day\": 12,\n \"minute_of_hour\": 34,\n },\n },\n ],\n },\n time_zone_id=\"Australia/Sydney\",\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n MonthlySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 20,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 8,\n MinuteOfHour = 0,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 13,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 12,\n MinuteOfHour = 34,\n },\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tMonthlySettings: ssm.ContactsRotationRecurrenceMonthlySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(20),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(8),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(13),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(12),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(34),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder()\n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .monthlySettings( \n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(20)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(8)\n .minuteOfHour(0)\n .build())\n .build(),\n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(13)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(12)\n .minuteOfHour(34)\n .build())\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n monthlySettings:\n - dayOfMonth: 20\n handOffTime:\n hourOfDay: 8\n minuteOfHour: 0\n - dayOfMonth: 13\n handOffTime:\n hourOfDay: 12\n minuteOfHour: 34\n timeZoneId: Australia/Sydney\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeGuru Profiler Profiling Group using the `arn`. For example:\n\n```sh\n$ pulumi import aws:ssm/contactsRotation:ContactsRotation example arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rotation.\n" }, "contactIds": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of the contacts to add to the rotation. The order in which you list the contacts is their shift order in the rotation schedule.\n" }, "name": { "type": "string", "description": "The name for the rotation.\n" }, "recurrence": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrence:ContactsRotationRecurrence", "description": "Information about when an on-call rotation is in effect and how long the rotation period lasts. Exactly one of either `daily_settings`, `monthly_settings`, or `weekly_settings` must be populated. See Recurrence for more details.\n\nThe following arguments are optional:\n" }, "startTime": { "type": "string", "description": "The date and time, in RFC 3339 format, that the rotation goes into effect.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeZoneId": { "type": "string", "description": "The time zone to base the rotation’s activity on in Internet Assigned Numbers Authority (IANA) format.\n" } }, "required": [ "arn", "contactIds", "name", "tagsAll", "timeZoneId" ], "inputProperties": { "contactIds": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of the contacts to add to the rotation. The order in which you list the contacts is their shift order in the rotation schedule.\n" }, "name": { "type": "string", "description": "The name for the rotation.\n" }, "recurrence": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrence:ContactsRotationRecurrence", "description": "Information about when an on-call rotation is in effect and how long the rotation period lasts. Exactly one of either `daily_settings`, `monthly_settings`, or `weekly_settings` must be populated. See Recurrence for more details.\n\nThe following arguments are optional:\n" }, "startTime": { "type": "string", "description": "The date and time, in RFC 3339 format, that the rotation goes into effect.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeZoneId": { "type": "string", "description": "The time zone to base the rotation’s activity on in Internet Assigned Numbers Authority (IANA) format.\n" } }, "requiredInputs": [ "contactIds", "timeZoneId" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContactsRotation resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rotation.\n" }, "contactIds": { "type": "array", "items": { "type": "string" }, "description": "Amazon Resource Names (ARNs) of the contacts to add to the rotation. The order in which you list the contacts is their shift order in the rotation schedule.\n" }, "name": { "type": "string", "description": "The name for the rotation.\n" }, "recurrence": { "$ref": "#/types/aws:ssm/ContactsRotationRecurrence:ContactsRotationRecurrence", "description": "Information about when an on-call rotation is in effect and how long the rotation period lasts. Exactly one of either `daily_settings`, `monthly_settings`, or `weekly_settings` must be populated. See Recurrence for more details.\n\nThe following arguments are optional:\n" }, "startTime": { "type": "string", "description": "The date and time, in RFC 3339 format, that the rotation goes into effect.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeZoneId": { "type": "string", "description": "The time zone to base the rotation’s activity on in Internet Assigned Numbers Authority (IANA) format.\n" } }, "type": "object" } }, "aws:ssm/defaultPatchBaseline:DefaultPatchBaseline": { "description": "Resource for registering an AWS Systems Manager Default Patch Baseline.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplePatchBaseline = new aws.ssm.PatchBaseline(\"example\", {\n name: \"example\",\n approvedPatches: [\"KB123456\"],\n});\nconst example = new aws.ssm.DefaultPatchBaseline(\"example\", {\n baselineId: examplePatchBaseline.id,\n operatingSystem: examplePatchBaseline.operatingSystem,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_patch_baseline = aws.ssm.PatchBaseline(\"example\",\n name=\"example\",\n approved_patches=[\"KB123456\"])\nexample = aws.ssm.DefaultPatchBaseline(\"example\",\n baseline_id=example_patch_baseline.id,\n operating_system=example_patch_baseline.operating_system)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplePatchBaseline = new Aws.Ssm.PatchBaseline(\"example\", new()\n {\n Name = \"example\",\n ApprovedPatches = new[]\n {\n \"KB123456\",\n },\n });\n\n var example = new Aws.Ssm.DefaultPatchBaseline(\"example\", new()\n {\n BaselineId = examplePatchBaseline.Id,\n OperatingSystem = examplePatchBaseline.OperatingSystem,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplePatchBaseline, err := ssm.NewPatchBaseline(ctx, \"example\", \u0026ssm.PatchBaselineArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewDefaultPatchBaseline(ctx, \"example\", \u0026ssm.DefaultPatchBaselineArgs{\n\t\t\tBaselineId: examplePatchBaseline.ID(),\n\t\t\tOperatingSystem: examplePatchBaseline.OperatingSystem,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport com.pulumi.aws.ssm.DefaultPatchBaseline;\nimport com.pulumi.aws.ssm.DefaultPatchBaselineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplePatchBaseline = new PatchBaseline(\"examplePatchBaseline\", PatchBaselineArgs.builder()\n .name(\"example\")\n .approvedPatches(\"KB123456\")\n .build());\n\n var example = new DefaultPatchBaseline(\"example\", DefaultPatchBaselineArgs.builder()\n .baselineId(examplePatchBaseline.id())\n .operatingSystem(examplePatchBaseline.operatingSystem())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:DefaultPatchBaseline\n properties:\n baselineId: ${examplePatchBaseline.id}\n operatingSystem: ${examplePatchBaseline.operatingSystem}\n examplePatchBaseline:\n type: aws:ssm:PatchBaseline\n name: example\n properties:\n name: example\n approvedPatches:\n - KB123456\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing the patch baseline ARN:\n\nUsing the operating system value:\n\n__Using `pulumi import` to import__ the Systems Manager Default Patch Baseline using the patch baseline ID, patch baseline ARN, or the operating system value. For example:\n\nUsing the patch baseline ID:\n\n```sh\n$ pulumi import aws:ssm/defaultPatchBaseline:DefaultPatchBaseline example pb-1234567890abcdef1\n```\nUsing the patch baseline ARN:\n\n```sh\n$ pulumi import aws:ssm/defaultPatchBaseline:DefaultPatchBaseline example arn:aws:ssm:us-west-2:123456789012:patchbaseline/pb-1234567890abcdef1\n```\nUsing the operating system value:\n\n```sh\n$ pulumi import aws:ssm/defaultPatchBaseline:DefaultPatchBaseline example CENTOS\n```\n", "properties": { "baselineId": { "type": "string", "description": "ID of the patch baseline.\nCan be an ID or an ARN.\nWhen specifying an AWS-provided patch baseline, must be the ARN.\n" }, "operatingSystem": { "type": "string", "description": "The operating system the patch baseline applies to.\nValid values are\n`AMAZON_LINUX`,\n`AMAZON_LINUX_2`,\n`AMAZON_LINUX_2022`,\n`CENTOS`,\n`DEBIAN`,\n`MACOS`,\n`ORACLE_LINUX`,\n`RASPBIAN`,\n`REDHAT_ENTERPRISE_LINUX`,\n`ROCKY_LINUX`,\n`SUSE`,\n`UBUNTU`, and\n`WINDOWS`.\n" } }, "required": [ "baselineId", "operatingSystem" ], "inputProperties": { "baselineId": { "type": "string", "description": "ID of the patch baseline.\nCan be an ID or an ARN.\nWhen specifying an AWS-provided patch baseline, must be the ARN.\n", "willReplaceOnChanges": true }, "operatingSystem": { "type": "string", "description": "The operating system the patch baseline applies to.\nValid values are\n`AMAZON_LINUX`,\n`AMAZON_LINUX_2`,\n`AMAZON_LINUX_2022`,\n`CENTOS`,\n`DEBIAN`,\n`MACOS`,\n`ORACLE_LINUX`,\n`RASPBIAN`,\n`REDHAT_ENTERPRISE_LINUX`,\n`ROCKY_LINUX`,\n`SUSE`,\n`UBUNTU`, and\n`WINDOWS`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "baselineId", "operatingSystem" ], "stateInputs": { "description": "Input properties used for looking up and filtering DefaultPatchBaseline resources.\n", "properties": { "baselineId": { "type": "string", "description": "ID of the patch baseline.\nCan be an ID or an ARN.\nWhen specifying an AWS-provided patch baseline, must be the ARN.\n", "willReplaceOnChanges": true }, "operatingSystem": { "type": "string", "description": "The operating system the patch baseline applies to.\nValid values are\n`AMAZON_LINUX`,\n`AMAZON_LINUX_2`,\n`AMAZON_LINUX_2022`,\n`CENTOS`,\n`DEBIAN`,\n`MACOS`,\n`ORACLE_LINUX`,\n`RASPBIAN`,\n`REDHAT_ENTERPRISE_LINUX`,\n`ROCKY_LINUX`,\n`SUSE`,\n`UBUNTU`, and\n`WINDOWS`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssm/document:Document": { "description": "Provides an SSM Document resource\n\n\u003e **NOTE on updating SSM documents:** Only documents with a schema version of 2.0\nor greater can update their content once created, see [SSM Schema Features](http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html#document-schemas-features). To update a document with an older schema version you must recreate the resource. Not all document types support a schema version of 2.0 or greater. Refer to [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) for information about which schema versions are supported for the respective `document_type`.\n\n## Example Usage\n\n### Create an ssm document in JSON format\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ssm.Document(\"foo\", {\n name: \"test_document\",\n documentType: \"Command\",\n content: ` {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.Document(\"foo\",\n name=\"test_document\",\n document_type=\"Command\",\n content=\"\"\" {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ssm.Document(\"foo\", new()\n {\n Name = \"test_document\",\n DocumentType = \"Command\",\n Content = @\" {\n \"\"schemaVersion\"\": \"\"1.2\"\",\n \"\"description\"\": \"\"Check ip configuration of a Linux instance.\"\",\n \"\"parameters\"\": {\n\n },\n \"\"runtimeConfig\"\": {\n \"\"aws:runShellScript\"\": {\n \"\"properties\"\": [\n {\n \"\"id\"\": \"\"0.aws:runShellScript\"\",\n \"\"runCommand\"\": [\"\"ifconfig\"\"]\n }\n ]\n }\n }\n }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewDocument(ctx, \"foo\", \u0026ssm.DocumentArgs{\n\t\t\tName: pulumi.String(\"test_document\"),\n\t\t\tDocumentType: pulumi.String(\"Command\"),\n\t\t\tContent: pulumi.String(` {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Document;\nimport com.pulumi.aws.ssm.DocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Document(\"foo\", DocumentArgs.builder()\n .name(\"test_document\")\n .documentType(\"Command\")\n .content(\"\"\"\n {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ssm:Document\n properties:\n name: test_document\n documentType: Command\n content: |2\n {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create an ssm document in YAML format\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ssm.Document(\"foo\", {\n name: \"test_document\",\n documentFormat: \"YAML\",\n documentType: \"Command\",\n content: `schemaVersion: '1.2'\ndescription: Check ip configuration of a Linux instance.\nparameters: {}\nruntimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.Document(\"foo\",\n name=\"test_document\",\n document_format=\"YAML\",\n document_type=\"Command\",\n content=\"\"\"schemaVersion: '1.2'\ndescription: Check ip configuration of a Linux instance.\nparameters: {}\nruntimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ssm.Document(\"foo\", new()\n {\n Name = \"test_document\",\n DocumentFormat = \"YAML\",\n DocumentType = \"Command\",\n Content = @\"schemaVersion: '1.2'\ndescription: Check ip configuration of a Linux instance.\nparameters: {}\nruntimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewDocument(ctx, \"foo\", \u0026ssm.DocumentArgs{\n\t\t\tName: pulumi.String(\"test_document\"),\n\t\t\tDocumentFormat: pulumi.String(\"YAML\"),\n\t\t\tDocumentType: pulumi.String(\"Command\"),\n\t\t\tContent: pulumi.String(`schemaVersion: '1.2'\ndescription: Check ip configuration of a Linux instance.\nparameters: {}\nruntimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Document;\nimport com.pulumi.aws.ssm.DocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Document(\"foo\", DocumentArgs.builder()\n .name(\"test_document\")\n .documentFormat(\"YAML\")\n .documentType(\"Command\")\n .content(\"\"\"\nschemaVersion: '1.2'\ndescription: Check ip configuration of a Linux instance.\nparameters: {}\nruntimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ssm:Document\n properties:\n name: test_document\n documentFormat: YAML\n documentType: Command\n content: |\n schemaVersion: '1.2'\n description: Check ip configuration of a Linux instance.\n parameters: {}\n runtimeConfig:\n 'aws:runShellScript':\n properties:\n - id: '0.aws:runShellScript'\n runCommand:\n - ifconfig\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Documents using the name. For example:\n\n```sh\n$ pulumi import aws:ssm/document:Document example example\n```\nThe `attachments_source` argument does not have an SSM API method for reading the attachment information detail after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the document.\n" }, "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. See `attachments_source` block below for details.\n" }, "content": { "type": "string", "description": "The content for the SSM document in JSON or YAML format. The content of the document must not exceed 64KB. This quota also includes the content specified for input parameters at runtime. We recommend storing the contents for your new document in an external JSON or YAML file and referencing the file in a command.\n" }, "createdDate": { "type": "string", "description": "The date the document was created.\n" }, "defaultVersion": { "type": "string", "description": "The default version of the document.\n" }, "description": { "type": "string", "description": "A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid values: `JSON`, `TEXT`, `YAML`.\n" }, "documentType": { "type": "string", "description": "The type of the document. For a list of valid values, see the [API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateDocument.html#systemsmanager-CreateDocument-request-DocumentType).\n" }, "documentVersion": { "type": "string", "description": "The document version.\n" }, "hash": { "type": "string", "description": "The Sha256 or Sha1 hash created by the system when the document was created.\n" }, "hashType": { "type": "string", "description": "The hash type of the document. Valid values: `Sha256`, `Sha1`.\n" }, "latestVersion": { "type": "string", "description": "The latest version of the document.\n" }, "name": { "type": "string", "description": "The name of the document.\n" }, "owner": { "type": "string", "description": "The Amazon Web Services user that created the document.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentParameter:DocumentParameter" }, "description": "One or more configuration blocks describing the parameters for the document. See `parameter` block below for details.\n" }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional permissions to attach to the document. See Permissions below for details.\n" }, "platformTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of operating system (OS) platforms compatible with this SSM document. Valid values: `Windows`, `Linux`, `MacOS`.\n" }, "schemaVersion": { "type": "string", "description": "The schema version of the document.\n" }, "status": { "type": "string", "description": "The status of the SSM document. Valid values: `Creating`, `Active`, `Updating`, `Deleting`, `Failed`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, `/AWS::EC2::Instance`. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).\n" }, "versionName": { "type": "string", "description": "The version of the artifact associated with the document. For example, `12.6`. This value is unique across all versions of a document, and can't be changed.\n" } }, "required": [ "arn", "content", "createdDate", "defaultVersion", "description", "documentType", "documentVersion", "hash", "hashType", "latestVersion", "name", "owner", "parameters", "platformTypes", "schemaVersion", "status", "tagsAll" ], "inputProperties": { "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. See `attachments_source` block below for details.\n" }, "content": { "type": "string", "description": "The content for the SSM document in JSON or YAML format. The content of the document must not exceed 64KB. This quota also includes the content specified for input parameters at runtime. We recommend storing the contents for your new document in an external JSON or YAML file and referencing the file in a command.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid values: `JSON`, `TEXT`, `YAML`.\n" }, "documentType": { "type": "string", "description": "The type of the document. For a list of valid values, see the [API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateDocument.html#systemsmanager-CreateDocument-request-DocumentType).\n" }, "name": { "type": "string", "description": "The name of the document.\n", "willReplaceOnChanges": true }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional permissions to attach to the document. See Permissions below for details.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, `/AWS::EC2::Instance`. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).\n" }, "versionName": { "type": "string", "description": "The version of the artifact associated with the document. For example, `12.6`. This value is unique across all versions of a document, and can't be changed.\n" } }, "requiredInputs": [ "content", "documentType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Document resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the document.\n" }, "attachmentsSources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentAttachmentsSource:DocumentAttachmentsSource" }, "description": "One or more configuration blocks describing attachments sources to a version of a document. See `attachments_source` block below for details.\n" }, "content": { "type": "string", "description": "The content for the SSM document in JSON or YAML format. The content of the document must not exceed 64KB. This quota also includes the content specified for input parameters at runtime. We recommend storing the contents for your new document in an external JSON or YAML file and referencing the file in a command.\n" }, "createdDate": { "type": "string", "description": "The date the document was created.\n" }, "defaultVersion": { "type": "string", "description": "The default version of the document.\n" }, "description": { "type": "string", "description": "A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.\n" }, "documentFormat": { "type": "string", "description": "The format of the document. Valid values: `JSON`, `TEXT`, `YAML`.\n" }, "documentType": { "type": "string", "description": "The type of the document. For a list of valid values, see the [API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateDocument.html#systemsmanager-CreateDocument-request-DocumentType).\n" }, "documentVersion": { "type": "string", "description": "The document version.\n" }, "hash": { "type": "string", "description": "The Sha256 or Sha1 hash created by the system when the document was created.\n" }, "hashType": { "type": "string", "description": "The hash type of the document. Valid values: `Sha256`, `Sha1`.\n" }, "latestVersion": { "type": "string", "description": "The latest version of the document.\n" }, "name": { "type": "string", "description": "The name of the document.\n", "willReplaceOnChanges": true }, "owner": { "type": "string", "description": "The Amazon Web Services user that created the document.\n" }, "parameters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/DocumentParameter:DocumentParameter" }, "description": "One or more configuration blocks describing the parameters for the document. See `parameter` block below for details.\n" }, "permissions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional permissions to attach to the document. See Permissions below for details.\n" }, "platformTypes": { "type": "array", "items": { "type": "string" }, "description": "The list of operating system (OS) platforms compatible with this SSM document. Valid values: `Windows`, `Linux`, `MacOS`.\n" }, "schemaVersion": { "type": "string", "description": "The schema version of the document.\n" }, "status": { "type": "string", "description": "The status of the SSM document. Valid values: `Creating`, `Active`, `Updating`, `Deleting`, `Failed`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the object. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetType": { "type": "string", "description": "The target type which defines the kinds of resources the document can run on. For example, `/AWS::EC2::Instance`. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).\n" }, "versionName": { "type": "string", "description": "The version of the artifact associated with the document. For example, `12.6`. This value is unique across all versions of a document, and can't be changed.\n" } }, "type": "object" } }, "aws:ssm/maintenanceWindow:MaintenanceWindow": { "description": "Provides an SSM Maintenance Window resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.MaintenanceWindow(\"production\", {\n name: \"maintenance-window-application\",\n schedule: \"cron(0 16 ? * TUE *)\",\n duration: 3,\n cutoff: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.MaintenanceWindow(\"production\",\n name=\"maintenance-window-application\",\n schedule=\"cron(0 16 ? * TUE *)\",\n duration=3,\n cutoff=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var production = new Aws.Ssm.MaintenanceWindow(\"production\", new()\n {\n Name = \"maintenance-window-application\",\n Schedule = \"cron(0 16 ? * TUE *)\",\n Duration = 3,\n Cutoff = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewMaintenanceWindow(ctx, \"production\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tName: pulumi.String(\"maintenance-window-application\"),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tCutoff: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindow;\nimport com.pulumi.aws.ssm.MaintenanceWindowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var production = new MaintenanceWindow(\"production\", MaintenanceWindowArgs.builder()\n .name(\"maintenance-window-application\")\n .schedule(\"cron(0 16 ? * TUE *)\")\n .duration(3)\n .cutoff(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n production:\n type: aws:ssm:MaintenanceWindow\n properties:\n name: maintenance-window-application\n schedule: cron(0 16 ? * TUE *)\n duration: 3\n cutoff: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Maintenance Windows using the maintenance window `id`. For example:\n\n```sh\n$ pulumi import aws:ssm/maintenanceWindow:MaintenanceWindow imported-window mw-0123456789\n```\n", "properties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html).\n" }, "scheduleOffset": { "type": "integer", "description": "The number of days to wait after the date and time specified by a CRON expression before running the maintenance window.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "cutoff", "duration", "name", "schedule", "tagsAll" ], "inputProperties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html).\n" }, "scheduleOffset": { "type": "integer", "description": "The number of days to wait after the date and time specified by a CRON expression before running the maintenance window.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "cutoff", "duration", "schedule" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindow resources.\n", "properties": { "allowUnassociatedTargets": { "type": "boolean", "description": "Whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.\n" }, "cutoff": { "type": "integer", "description": "The number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.\n" }, "description": { "type": "string", "description": "A description for the maintenance window.\n" }, "duration": { "type": "integer", "description": "The duration of the Maintenance Window in hours.\n" }, "enabled": { "type": "boolean", "description": "Whether the maintenance window is enabled. Default: `true`.\n" }, "endDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to no longer run the maintenance window.\n" }, "name": { "type": "string", "description": "The name of the maintenance window.\n" }, "schedule": { "type": "string", "description": "The schedule of the Maintenance Window in the form of a [cron or rate expression](https://docs.aws.amazon.com/systems-manager/latest/userguide/reference-cron-and-rate-expressions.html).\n" }, "scheduleOffset": { "type": "integer", "description": "The number of days to wait after the date and time specified by a CRON expression before running the maintenance window.\n" }, "scheduleTimezone": { "type": "string", "description": "Timezone for schedule in [Internet Assigned Numbers Authority (IANA) Time Zone Database format](https://www.iana.org/time-zones). For example: `America/Los_Angeles`, `etc/UTC`, or `Asia/Seoul`.\n" }, "startDate": { "type": "string", "description": "Timestamp in [ISO-8601 extended format](https://www.iso.org/iso-8601-date-and-time-format.html) when to begin the maintenance window.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssm/maintenanceWindowTarget:MaintenanceWindowTarget": { "description": "Provides an SSM Maintenance Window Target resource\n\n## Example Usage\n\n### Instance Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst window = new aws.ssm.MaintenanceWindow(\"window\", {\n name: \"maintenance-window-webapp\",\n schedule: \"cron(0 16 ? * TUE *)\",\n duration: 3,\n cutoff: 1,\n});\nconst target1 = new aws.ssm.MaintenanceWindowTarget(\"target1\", {\n windowId: window.id,\n name: \"maintenance-window-target\",\n description: \"This is a maintenance window target\",\n resourceType: \"INSTANCE\",\n targets: [{\n key: \"tag:Name\",\n values: [\"acceptance_test\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindow = aws.ssm.MaintenanceWindow(\"window\",\n name=\"maintenance-window-webapp\",\n schedule=\"cron(0 16 ? * TUE *)\",\n duration=3,\n cutoff=1)\ntarget1 = aws.ssm.MaintenanceWindowTarget(\"target1\",\n window_id=window.id,\n name=\"maintenance-window-target\",\n description=\"This is a maintenance window target\",\n resource_type=\"INSTANCE\",\n targets=[{\n \"key\": \"tag:Name\",\n \"values\": [\"acceptance_test\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var window = new Aws.Ssm.MaintenanceWindow(\"window\", new()\n {\n Name = \"maintenance-window-webapp\",\n Schedule = \"cron(0 16 ? * TUE *)\",\n Duration = 3,\n Cutoff = 1,\n });\n\n var target1 = new Aws.Ssm.MaintenanceWindowTarget(\"target1\", new()\n {\n WindowId = window.Id,\n Name = \"maintenance-window-target\",\n Description = \"This is a maintenance window target\",\n ResourceType = \"INSTANCE\",\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTargetTargetArgs\n {\n Key = \"tag:Name\",\n Values = new[]\n {\n \"acceptance_test\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twindow, err := ssm.NewMaintenanceWindow(ctx, \"window\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tName: pulumi.String(\"maintenance-window-webapp\"),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tCutoff: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewMaintenanceWindowTarget(ctx, \"target1\", \u0026ssm.MaintenanceWindowTargetArgs{\n\t\t\tWindowId: window.ID(),\n\t\t\tName: pulumi.String(\"maintenance-window-target\"),\n\t\t\tDescription: pulumi.String(\"This is a maintenance window target\"),\n\t\t\tResourceType: pulumi.String(\"INSTANCE\"),\n\t\t\tTargets: ssm.MaintenanceWindowTargetTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTargetTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"tag:Name\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"acceptance_test\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindow;\nimport com.pulumi.aws.ssm.MaintenanceWindowArgs;\nimport com.pulumi.aws.ssm.MaintenanceWindowTarget;\nimport com.pulumi.aws.ssm.MaintenanceWindowTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTargetTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var window = new MaintenanceWindow(\"window\", MaintenanceWindowArgs.builder()\n .name(\"maintenance-window-webapp\")\n .schedule(\"cron(0 16 ? * TUE *)\")\n .duration(3)\n .cutoff(1)\n .build());\n\n var target1 = new MaintenanceWindowTarget(\"target1\", MaintenanceWindowTargetArgs.builder()\n .windowId(window.id())\n .name(\"maintenance-window-target\")\n .description(\"This is a maintenance window target\")\n .resourceType(\"INSTANCE\")\n .targets(MaintenanceWindowTargetTargetArgs.builder()\n .key(\"tag:Name\")\n .values(\"acceptance_test\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n window:\n type: aws:ssm:MaintenanceWindow\n properties:\n name: maintenance-window-webapp\n schedule: cron(0 16 ? * TUE *)\n duration: 3\n cutoff: 1\n target1:\n type: aws:ssm:MaintenanceWindowTarget\n properties:\n windowId: ${window.id}\n name: maintenance-window-target\n description: This is a maintenance window target\n resourceType: INSTANCE\n targets:\n - key: tag:Name\n values:\n - acceptance_test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Resource Group Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst window = new aws.ssm.MaintenanceWindow(\"window\", {\n name: \"maintenance-window-webapp\",\n schedule: \"cron(0 16 ? * TUE *)\",\n duration: 3,\n cutoff: 1,\n});\nconst target1 = new aws.ssm.MaintenanceWindowTarget(\"target1\", {\n windowId: window.id,\n name: \"maintenance-window-target\",\n description: \"This is a maintenance window target\",\n resourceType: \"RESOURCE_GROUP\",\n targets: [{\n key: \"resource-groups:ResourceTypeFilters\",\n values: [\"AWS::EC2::Instance\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindow = aws.ssm.MaintenanceWindow(\"window\",\n name=\"maintenance-window-webapp\",\n schedule=\"cron(0 16 ? * TUE *)\",\n duration=3,\n cutoff=1)\ntarget1 = aws.ssm.MaintenanceWindowTarget(\"target1\",\n window_id=window.id,\n name=\"maintenance-window-target\",\n description=\"This is a maintenance window target\",\n resource_type=\"RESOURCE_GROUP\",\n targets=[{\n \"key\": \"resource-groups:ResourceTypeFilters\",\n \"values\": [\"AWS::EC2::Instance\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var window = new Aws.Ssm.MaintenanceWindow(\"window\", new()\n {\n Name = \"maintenance-window-webapp\",\n Schedule = \"cron(0 16 ? * TUE *)\",\n Duration = 3,\n Cutoff = 1,\n });\n\n var target1 = new Aws.Ssm.MaintenanceWindowTarget(\"target1\", new()\n {\n WindowId = window.Id,\n Name = \"maintenance-window-target\",\n Description = \"This is a maintenance window target\",\n ResourceType = \"RESOURCE_GROUP\",\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTargetTargetArgs\n {\n Key = \"resource-groups:ResourceTypeFilters\",\n Values = new[]\n {\n \"AWS::EC2::Instance\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\twindow, err := ssm.NewMaintenanceWindow(ctx, \"window\", \u0026ssm.MaintenanceWindowArgs{\n\t\t\tName: pulumi.String(\"maintenance-window-webapp\"),\n\t\t\tSchedule: pulumi.String(\"cron(0 16 ? * TUE *)\"),\n\t\t\tDuration: pulumi.Int(3),\n\t\t\tCutoff: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewMaintenanceWindowTarget(ctx, \"target1\", \u0026ssm.MaintenanceWindowTargetArgs{\n\t\t\tWindowId: window.ID(),\n\t\t\tName: pulumi.String(\"maintenance-window-target\"),\n\t\t\tDescription: pulumi.String(\"This is a maintenance window target\"),\n\t\t\tResourceType: pulumi.String(\"RESOURCE_GROUP\"),\n\t\t\tTargets: ssm.MaintenanceWindowTargetTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTargetTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"resource-groups:ResourceTypeFilters\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AWS::EC2::Instance\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindow;\nimport com.pulumi.aws.ssm.MaintenanceWindowArgs;\nimport com.pulumi.aws.ssm.MaintenanceWindowTarget;\nimport com.pulumi.aws.ssm.MaintenanceWindowTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTargetTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var window = new MaintenanceWindow(\"window\", MaintenanceWindowArgs.builder()\n .name(\"maintenance-window-webapp\")\n .schedule(\"cron(0 16 ? * TUE *)\")\n .duration(3)\n .cutoff(1)\n .build());\n\n var target1 = new MaintenanceWindowTarget(\"target1\", MaintenanceWindowTargetArgs.builder()\n .windowId(window.id())\n .name(\"maintenance-window-target\")\n .description(\"This is a maintenance window target\")\n .resourceType(\"RESOURCE_GROUP\")\n .targets(MaintenanceWindowTargetTargetArgs.builder()\n .key(\"resource-groups:ResourceTypeFilters\")\n .values(\"AWS::EC2::Instance\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n window:\n type: aws:ssm:MaintenanceWindow\n properties:\n name: maintenance-window-webapp\n schedule: cron(0 16 ? * TUE *)\n duration: 3\n cutoff: 1\n target1:\n type: aws:ssm:MaintenanceWindowTarget\n properties:\n windowId: ${window.id}\n name: maintenance-window-target\n description: This is a maintenance window target\n resourceType: RESOURCE_GROUP\n targets:\n - key: resource-groups:ResourceTypeFilters\n values:\n - AWS::EC2::Instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Maintenance Window targets using `WINDOW_ID/WINDOW_TARGET_ID`. For example:\n\n```sh\n$ pulumi import aws:ssm/maintenanceWindowTarget:MaintenanceWindowTarget example mw-0c50858d01EXAMPLE/23639a0b-ddbc-4bca-9e72-78d96EXAMPLE\n```\n", "properties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n" }, "name": { "type": "string", "description": "The name of the maintenance window target.\n" }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n" } }, "required": [ "name", "resourceType", "targets", "windowId" ], "inputProperties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the maintenance window target.\n", "willReplaceOnChanges": true }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n", "willReplaceOnChanges": true }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceType", "targets", "windowId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindowTarget resources.\n", "properties": { "description": { "type": "string", "description": "The description of the maintenance window target.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the maintenance window target.\n", "willReplaceOnChanges": true }, "ownerInformation": { "type": "string", "description": "User-provided value that will be included in any CloudWatch events raised while running tasks for these targets in this Maintenance Window.\n" }, "resourceType": { "type": "string", "description": "The type of target being registered with the Maintenance Window. Possible values are `INSTANCE` and `RESOURCE_GROUP`.\n", "willReplaceOnChanges": true }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTargetTarget:MaintenanceWindowTargetTarget" }, "description": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs. You can specify targets using instance IDs, resource group names, or tags that have been applied to instances. For more information about these examples formats see\n(https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html)\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the target with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssm/maintenanceWindowTask:MaintenanceWindowTask": { "description": "Provides an SSM Maintenance Window Task resource\n\n## Example Usage\n\n### Automation Tasks\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n taskArn: \"AWS-RestartEC2Instance\",\n taskType: \"AUTOMATION\",\n windowId: exampleAwsSsmMaintenanceWindow.id,\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n taskInvocationParameters: {\n automationParameters: {\n documentVersion: \"$LATEST\",\n parameters: [{\n name: \"InstanceId\",\n values: [exampleAwsInstance.id],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=\"2\",\n max_errors=\"1\",\n priority=1,\n task_arn=\"AWS-RestartEC2Instance\",\n task_type=\"AUTOMATION\",\n window_id=example_aws_ssm_maintenance_window[\"id\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }],\n task_invocation_parameters={\n \"automation_parameters\": {\n \"document_version\": \"$LATEST\",\n \"parameters\": [{\n \"name\": \"InstanceId\",\n \"values\": [example_aws_instance[\"id\"]],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new()\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n TaskArn = \"AWS-RestartEC2Instance\",\n TaskType = \"AUTOMATION\",\n WindowId = exampleAwsSsmMaintenanceWindow.Id,\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n AutomationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs\n {\n DocumentVersion = \"$LATEST\",\n Parameters = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameterArgs\n {\n Name = \"InstanceId\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tTaskArn: pulumi.String(\"AWS-RestartEC2Instance\"),\n\t\t\tTaskType: pulumi.String(\"AUTOMATION\"),\n\t\t\tWindowId: pulumi.Any(exampleAwsSsmMaintenanceWindow.Id),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tAutomationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs{\n\t\t\t\t\tDocumentVersion: pulumi.String(\"$LATEST\"),\n\t\t\t\t\tParameters: ssm.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameterArray{\n\t\t\t\t\t\t\u0026ssm.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"InstanceId\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindowTask;\nimport com.pulumi.aws.ssm.MaintenanceWindowTaskArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MaintenanceWindowTask(\"example\", MaintenanceWindowTaskArgs.builder()\n .maxConcurrency(2)\n .maxErrors(1)\n .priority(1)\n .taskArn(\"AWS-RestartEC2Instance\")\n .taskType(\"AUTOMATION\")\n .windowId(exampleAwsSsmMaintenanceWindow.id())\n .targets(MaintenanceWindowTaskTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .taskInvocationParameters(MaintenanceWindowTaskTaskInvocationParametersArgs.builder()\n .automationParameters(MaintenanceWindowTaskTaskInvocationParametersAutomationParametersArgs.builder()\n .documentVersion(\"$LATEST\")\n .parameters(MaintenanceWindowTaskTaskInvocationParametersAutomationParametersParameterArgs.builder()\n .name(\"InstanceId\")\n .values(exampleAwsInstance.id())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:MaintenanceWindowTask\n properties:\n maxConcurrency: 2\n maxErrors: 1\n priority: 1\n taskArn: AWS-RestartEC2Instance\n taskType: AUTOMATION\n windowId: ${exampleAwsSsmMaintenanceWindow.id}\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n taskInvocationParameters:\n automationParameters:\n documentVersion: $LATEST\n parameters:\n - name: InstanceId\n values:\n - ${exampleAwsInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Tasks\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n taskArn: exampleAwsLambdaFunction.arn,\n taskType: \"LAMBDA\",\n windowId: exampleAwsSsmMaintenanceWindow.id,\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n taskInvocationParameters: {\n lambdaParameters: {\n clientContext: std.base64encode({\n input: \"{\\\"key1\\\":\\\"value1\\\"}\",\n }).then(invoke =\u003e invoke.result),\n payload: \"{\\\"key1\\\":\\\"value1\\\"}\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=\"2\",\n max_errors=\"1\",\n priority=1,\n task_arn=example_aws_lambda_function[\"arn\"],\n task_type=\"LAMBDA\",\n window_id=example_aws_ssm_maintenance_window[\"id\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }],\n task_invocation_parameters={\n \"lambda_parameters\": {\n \"client_context\": std.base64encode(input=\"{\\\"key1\\\":\\\"value1\\\"}\").result,\n \"payload\": \"{\\\"key1\\\":\\\"value1\\\"}\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new()\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n TaskArn = exampleAwsLambdaFunction.Arn,\n TaskType = \"LAMBDA\",\n WindowId = exampleAwsSsmMaintenanceWindow.Id,\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n LambdaParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersLambdaParametersArgs\n {\n ClientContext = Std.Base64encode.Invoke(new()\n {\n Input = \"{\\\"key1\\\":\\\"value1\\\"}\",\n }).Apply(invoke =\u003e invoke.Result),\n Payload = \"{\\\"key1\\\":\\\"value1\\\"}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"{\\\"key1\\\":\\\"value1\\\"}\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tTaskArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTaskType: pulumi.String(\"LAMBDA\"),\n\t\t\tWindowId: pulumi.Any(exampleAwsSsmMaintenanceWindow.Id),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tLambdaParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersLambdaParametersArgs{\n\t\t\t\t\tClientContext: pulumi.String(invokeBase64encode.Result),\n\t\t\t\t\tPayload: pulumi.String(\"{\\\"key1\\\":\\\"value1\\\"}\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindowTask;\nimport com.pulumi.aws.ssm.MaintenanceWindowTaskArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersLambdaParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MaintenanceWindowTask(\"example\", MaintenanceWindowTaskArgs.builder()\n .maxConcurrency(2)\n .maxErrors(1)\n .priority(1)\n .taskArn(exampleAwsLambdaFunction.arn())\n .taskType(\"LAMBDA\")\n .windowId(exampleAwsSsmMaintenanceWindow.id())\n .targets(MaintenanceWindowTaskTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .taskInvocationParameters(MaintenanceWindowTaskTaskInvocationParametersArgs.builder()\n .lambdaParameters(MaintenanceWindowTaskTaskInvocationParametersLambdaParametersArgs.builder()\n .clientContext(StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"{\\\"key1\\\":\\\"value1\\\"}\")\n .build()).result())\n .payload(\"{\\\"key1\\\":\\\"value1\\\"}\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:MaintenanceWindowTask\n properties:\n maxConcurrency: 2\n maxErrors: 1\n priority: 1\n taskArn: ${exampleAwsLambdaFunction.arn}\n taskType: LAMBDA\n windowId: ${exampleAwsSsmMaintenanceWindow.id}\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n taskInvocationParameters:\n lambdaParameters:\n clientContext:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: '{\"key1\":\"value1\"}'\n Return: result\n payload: '{\"key1\":\"value1\"}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Run Command Tasks\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n taskArn: \"AWS-RunShellScript\",\n taskType: \"RUN_COMMAND\",\n windowId: exampleAwsSsmMaintenanceWindow.id,\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n taskInvocationParameters: {\n runCommandParameters: {\n outputS3Bucket: exampleAwsS3Bucket.id,\n outputS3KeyPrefix: \"output\",\n serviceRoleArn: exampleAwsIamRole.arn,\n timeoutSeconds: 600,\n notificationConfig: {\n notificationArn: exampleAwsSnsTopic.arn,\n notificationEvents: [\"All\"],\n notificationType: \"Command\",\n },\n parameters: [{\n name: \"commands\",\n values: [\"date\"],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=\"2\",\n max_errors=\"1\",\n priority=1,\n task_arn=\"AWS-RunShellScript\",\n task_type=\"RUN_COMMAND\",\n window_id=example_aws_ssm_maintenance_window[\"id\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }],\n task_invocation_parameters={\n \"run_command_parameters\": {\n \"output_s3_bucket\": example_aws_s3_bucket[\"id\"],\n \"output_s3_key_prefix\": \"output\",\n \"service_role_arn\": example_aws_iam_role[\"arn\"],\n \"timeout_seconds\": 600,\n \"notification_config\": {\n \"notification_arn\": example_aws_sns_topic[\"arn\"],\n \"notification_events\": [\"All\"],\n \"notification_type\": \"Command\",\n },\n \"parameters\": [{\n \"name\": \"commands\",\n \"values\": [\"date\"],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new()\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n TaskArn = \"AWS-RunShellScript\",\n TaskType = \"RUN_COMMAND\",\n WindowId = exampleAwsSsmMaintenanceWindow.Id,\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n RunCommandParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs\n {\n OutputS3Bucket = exampleAwsS3Bucket.Id,\n OutputS3KeyPrefix = \"output\",\n ServiceRoleArn = exampleAwsIamRole.Arn,\n TimeoutSeconds = 600,\n NotificationConfig = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs\n {\n NotificationArn = exampleAwsSnsTopic.Arn,\n NotificationEvents = new[]\n {\n \"All\",\n },\n NotificationType = \"Command\",\n },\n Parameters = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameterArgs\n {\n Name = \"commands\",\n Values = new[]\n {\n \"date\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tTaskArn: pulumi.String(\"AWS-RunShellScript\"),\n\t\t\tTaskType: pulumi.String(\"RUN_COMMAND\"),\n\t\t\tWindowId: pulumi.Any(exampleAwsSsmMaintenanceWindow.Id),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tRunCommandParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs{\n\t\t\t\t\tOutputS3Bucket: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tOutputS3KeyPrefix: pulumi.String(\"output\"),\n\t\t\t\t\tServiceRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\t\tTimeoutSeconds: pulumi.Int(600),\n\t\t\t\t\tNotificationConfig: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs{\n\t\t\t\t\t\tNotificationArn: pulumi.Any(exampleAwsSnsTopic.Arn),\n\t\t\t\t\t\tNotificationEvents: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"All\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNotificationType: pulumi.String(\"Command\"),\n\t\t\t\t\t},\n\t\t\t\t\tParameters: ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameterArray{\n\t\t\t\t\t\t\u0026ssm.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameterArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"commands\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"date\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindowTask;\nimport com.pulumi.aws.ssm.MaintenanceWindowTaskArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MaintenanceWindowTask(\"example\", MaintenanceWindowTaskArgs.builder()\n .maxConcurrency(2)\n .maxErrors(1)\n .priority(1)\n .taskArn(\"AWS-RunShellScript\")\n .taskType(\"RUN_COMMAND\")\n .windowId(exampleAwsSsmMaintenanceWindow.id())\n .targets(MaintenanceWindowTaskTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .taskInvocationParameters(MaintenanceWindowTaskTaskInvocationParametersArgs.builder()\n .runCommandParameters(MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersArgs.builder()\n .outputS3Bucket(exampleAwsS3Bucket.id())\n .outputS3KeyPrefix(\"output\")\n .serviceRoleArn(exampleAwsIamRole.arn())\n .timeoutSeconds(600)\n .notificationConfig(MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersNotificationConfigArgs.builder()\n .notificationArn(exampleAwsSnsTopic.arn())\n .notificationEvents(\"All\")\n .notificationType(\"Command\")\n .build())\n .parameters(MaintenanceWindowTaskTaskInvocationParametersRunCommandParametersParameterArgs.builder()\n .name(\"commands\")\n .values(\"date\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:MaintenanceWindowTask\n properties:\n maxConcurrency: 2\n maxErrors: 1\n priority: 1\n taskArn: AWS-RunShellScript\n taskType: RUN_COMMAND\n windowId: ${exampleAwsSsmMaintenanceWindow.id}\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n taskInvocationParameters:\n runCommandParameters:\n outputS3Bucket: ${exampleAwsS3Bucket.id}\n outputS3KeyPrefix: output\n serviceRoleArn: ${exampleAwsIamRole.arn}\n timeoutSeconds: 600\n notificationConfig:\n notificationArn: ${exampleAwsSnsTopic.arn}\n notificationEvents:\n - All\n notificationType: Command\n parameters:\n - name: commands\n values:\n - date\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Step Function Tasks\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.MaintenanceWindowTask(\"example\", {\n maxConcurrency: \"2\",\n maxErrors: \"1\",\n priority: 1,\n taskArn: exampleAwsSfnActivity.id,\n taskType: \"STEP_FUNCTIONS\",\n windowId: exampleAwsSsmMaintenanceWindow.id,\n targets: [{\n key: \"InstanceIds\",\n values: [exampleAwsInstance.id],\n }],\n taskInvocationParameters: {\n stepFunctionsParameters: {\n input: \"{\\\"key1\\\":\\\"value1\\\"}\",\n name: \"example\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.MaintenanceWindowTask(\"example\",\n max_concurrency=\"2\",\n max_errors=\"1\",\n priority=1,\n task_arn=example_aws_sfn_activity[\"id\"],\n task_type=\"STEP_FUNCTIONS\",\n window_id=example_aws_ssm_maintenance_window[\"id\"],\n targets=[{\n \"key\": \"InstanceIds\",\n \"values\": [example_aws_instance[\"id\"]],\n }],\n task_invocation_parameters={\n \"step_functions_parameters\": {\n \"input\": \"{\\\"key1\\\":\\\"value1\\\"}\",\n \"name\": \"example\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.MaintenanceWindowTask(\"example\", new()\n {\n MaxConcurrency = \"2\",\n MaxErrors = \"1\",\n Priority = 1,\n TaskArn = exampleAwsSfnActivity.Id,\n TaskType = \"STEP_FUNCTIONS\",\n WindowId = exampleAwsSsmMaintenanceWindow.Id,\n Targets = new[]\n {\n new Aws.Ssm.Inputs.MaintenanceWindowTaskTargetArgs\n {\n Key = \"InstanceIds\",\n Values = new[]\n {\n exampleAwsInstance.Id,\n },\n },\n },\n TaskInvocationParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersArgs\n {\n StepFunctionsParameters = new Aws.Ssm.Inputs.MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs\n {\n Input = \"{\\\"key1\\\":\\\"value1\\\"}\",\n Name = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewMaintenanceWindowTask(ctx, \"example\", \u0026ssm.MaintenanceWindowTaskArgs{\n\t\t\tMaxConcurrency: pulumi.String(\"2\"),\n\t\t\tMaxErrors: pulumi.String(\"1\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tTaskArn: pulumi.Any(exampleAwsSfnActivity.Id),\n\t\t\tTaskType: pulumi.String(\"STEP_FUNCTIONS\"),\n\t\t\tWindowId: pulumi.Any(exampleAwsSsmMaintenanceWindow.Id),\n\t\t\tTargets: ssm.MaintenanceWindowTaskTargetArray{\n\t\t\t\t\u0026ssm.MaintenanceWindowTaskTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"InstanceIds\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsInstance.Id,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTaskInvocationParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersArgs{\n\t\t\t\tStepFunctionsParameters: \u0026ssm.MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs{\n\t\t\t\t\tInput: pulumi.String(\"{\\\"key1\\\":\\\"value1\\\"}\"),\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.MaintenanceWindowTask;\nimport com.pulumi.aws.ssm.MaintenanceWindowTaskArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTargetArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersArgs;\nimport com.pulumi.aws.ssm.inputs.MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MaintenanceWindowTask(\"example\", MaintenanceWindowTaskArgs.builder()\n .maxConcurrency(2)\n .maxErrors(1)\n .priority(1)\n .taskArn(exampleAwsSfnActivity.id())\n .taskType(\"STEP_FUNCTIONS\")\n .windowId(exampleAwsSsmMaintenanceWindow.id())\n .targets(MaintenanceWindowTaskTargetArgs.builder()\n .key(\"InstanceIds\")\n .values(exampleAwsInstance.id())\n .build())\n .taskInvocationParameters(MaintenanceWindowTaskTaskInvocationParametersArgs.builder()\n .stepFunctionsParameters(MaintenanceWindowTaskTaskInvocationParametersStepFunctionsParametersArgs.builder()\n .input(\"{\\\"key1\\\":\\\"value1\\\"}\")\n .name(\"example\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:MaintenanceWindowTask\n properties:\n maxConcurrency: 2\n maxErrors: 1\n priority: 1\n taskArn: ${exampleAwsSfnActivity.id}\n taskType: STEP_FUNCTIONS\n windowId: ${exampleAwsSsmMaintenanceWindow.id}\n targets:\n - key: InstanceIds\n values:\n - ${exampleAwsInstance.id}\n taskInvocationParameters:\n stepFunctionsParameters:\n input: '{\"key1\":\"value1\"}'\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Maintenance Window Task using the `window_id` and `window_task_id` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:ssm/maintenanceWindowTask:MaintenanceWindowTask task \u003cwindow_id\u003e/\u003cwindow_task_id\u003e\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the maintenance window task.\n" }, "cutoffBehavior": { "type": "string", "description": "Indicates whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached. Valid values are `CONTINUE_TASK` and `CANCEL_TASK`.\n" }, "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task. If a role is not provided, Systems Manager uses your account's service-linked role. If no service-linked role for Systems Manager exists in your account, it is created for you.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "Configuration block with parameters for task execution.\n" }, "taskType": { "type": "string", "description": "The type of task being registered. Valid values: `AUTOMATION`, `LAMBDA`, `RUN_COMMAND` or `STEP_FUNCTIONS`.\n" }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n" }, "windowTaskId": { "type": "string", "description": "The ID of the maintenance window task.\n" } }, "required": [ "arn", "maxConcurrency", "maxErrors", "name", "serviceRoleArn", "taskArn", "taskType", "windowId", "windowTaskId" ], "inputProperties": { "cutoffBehavior": { "type": "string", "description": "Indicates whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached. Valid values are `CONTINUE_TASK` and `CANCEL_TASK`.\n" }, "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task. If a role is not provided, Systems Manager uses your account's service-linked role. If no service-linked role for Systems Manager exists in your account, it is created for you.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "Configuration block with parameters for task execution.\n" }, "taskType": { "type": "string", "description": "The type of task being registered. Valid values: `AUTOMATION`, `LAMBDA`, `RUN_COMMAND` or `STEP_FUNCTIONS`.\n", "willReplaceOnChanges": true }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "taskArn", "taskType", "windowId" ], "stateInputs": { "description": "Input properties used for looking up and filtering MaintenanceWindowTask resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the maintenance window task.\n" }, "cutoffBehavior": { "type": "string", "description": "Indicates whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached. Valid values are `CONTINUE_TASK` and `CANCEL_TASK`.\n" }, "description": { "type": "string", "description": "The description of the maintenance window task.\n" }, "maxConcurrency": { "type": "string", "description": "The maximum number of targets this task can be run for in parallel.\n" }, "maxErrors": { "type": "string", "description": "The maximum number of errors allowed before this task stops being scheduled.\n" }, "name": { "type": "string", "description": "The name of the maintenance window task.\n" }, "priority": { "type": "integer", "description": "The priority of the task in the Maintenance Window, the lower the number the higher the priority. Tasks in a Maintenance Window are scheduled in priority order with tasks that have the same priority scheduled in parallel.\n" }, "serviceRoleArn": { "type": "string", "description": "The role that should be assumed when executing the task. If a role is not provided, Systems Manager uses your account's service-linked role. If no service-linked role for Systems Manager exists in your account, it is created for you.\n" }, "targets": { "type": "array", "items": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTarget:MaintenanceWindowTaskTarget" }, "description": "The targets (either instances or window target ids). Instances are specified using Key=InstanceIds,Values=instanceid1,instanceid2. Window target ids are specified using Key=WindowTargetIds,Values=window target id1, window target id2.\n" }, "taskArn": { "type": "string", "description": "The ARN of the task to execute.\n" }, "taskInvocationParameters": { "$ref": "#/types/aws:ssm/MaintenanceWindowTaskTaskInvocationParameters:MaintenanceWindowTaskTaskInvocationParameters", "description": "Configuration block with parameters for task execution.\n" }, "taskType": { "type": "string", "description": "The type of task being registered. Valid values: `AUTOMATION`, `LAMBDA`, `RUN_COMMAND` or `STEP_FUNCTIONS`.\n", "willReplaceOnChanges": true }, "windowId": { "type": "string", "description": "The Id of the maintenance window to register the task with.\n", "willReplaceOnChanges": true }, "windowTaskId": { "type": "string", "description": "The ID of the maintenance window task.\n" } }, "type": "object" } }, "aws:ssm/parameter:Parameter": { "description": "Provides an SSM Parameter resource.\n\n\u003e **Note:** `overwrite` also makes it possible to overwrite an existing SSM Parameter that's not created by the provider before. This argument has been deprecated and will be removed in v6.0.0 of the provider. For more information on how this affects the behavior of this resource, see this issue comment.\n\n## Example Usage\n\n### Basic example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ssm.Parameter(\"foo\", {\n name: \"foo\",\n type: aws.ssm.ParameterType.String,\n value: \"bar\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.Parameter(\"foo\",\n name=\"foo\",\n type=aws.ssm.ParameterType.STRING,\n value=\"bar\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ssm.Parameter(\"foo\", new()\n {\n Name = \"foo\",\n Type = Aws.Ssm.ParameterType.String,\n Value = \"bar\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewParameter(ctx, \"foo\", \u0026ssm.ParameterArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tType: pulumi.String(ssm.ParameterTypeString),\n\t\t\tValue: pulumi.String(\"bar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.Parameter;\nimport com.pulumi.aws.ssm.ParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Parameter(\"foo\", ParameterArgs.builder()\n .name(\"foo\")\n .type(\"String\")\n .value(\"bar\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ssm:Parameter\n properties:\n name: foo\n type: String\n value: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypted string using default SSM KMS key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Instance(\"default\", {\n allocatedStorage: 10,\n storageType: aws.rds.StorageType.GP2,\n engine: \"mysql\",\n engineVersion: \"5.7.16\",\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"mydb\",\n username: \"foo\",\n password: databaseMasterPassword,\n dbSubnetGroupName: \"my_database_subnet_group\",\n parameterGroupName: \"default.mysql5.7\",\n});\nconst secret = new aws.ssm.Parameter(\"secret\", {\n name: \"/production/database/password/master\",\n description: \"The parameter description\",\n type: aws.ssm.ParameterType.SecureString,\n value: databaseMasterPassword,\n tags: {\n environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Instance(\"default\",\n allocated_storage=10,\n storage_type=aws.rds.StorageType.GP2,\n engine=\"mysql\",\n engine_version=\"5.7.16\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"mydb\",\n username=\"foo\",\n password=database_master_password,\n db_subnet_group_name=\"my_database_subnet_group\",\n parameter_group_name=\"default.mysql5.7\")\nsecret = aws.ssm.Parameter(\"secret\",\n name=\"/production/database/password/master\",\n description=\"The parameter description\",\n type=aws.ssm.ParameterType.SECURE_STRING,\n value=database_master_password,\n tags={\n \"environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Instance(\"default\", new()\n {\n AllocatedStorage = 10,\n StorageType = Aws.Rds.StorageType.GP2,\n Engine = \"mysql\",\n EngineVersion = \"5.7.16\",\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"mydb\",\n Username = \"foo\",\n Password = databaseMasterPassword,\n DbSubnetGroupName = \"my_database_subnet_group\",\n ParameterGroupName = \"default.mysql5.7\",\n });\n\n var secret = new Aws.Ssm.Parameter(\"secret\", new()\n {\n Name = \"/production/database/password/master\",\n Description = \"The parameter description\",\n Type = Aws.Ssm.ParameterType.SecureString,\n Value = databaseMasterPassword,\n Tags = \n {\n { \"environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewInstance(ctx, \"default\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tStorageType: pulumi.String(rds.StorageTypeGP2),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7.16\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.Any(databaseMasterPassword),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_database_subnet_group\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.7\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewParameter(ctx, \"secret\", \u0026ssm.ParameterArgs{\n\t\t\tName: pulumi.String(\"/production/database/password/master\"),\n\t\t\tDescription: pulumi.String(\"The parameter description\"),\n\t\t\tType: pulumi.String(ssm.ParameterTypeSecureString),\n\t\t\tValue: pulumi.Any(databaseMasterPassword),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.ssm.Parameter;\nimport com.pulumi.aws.ssm.ParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Instance(\"default\", InstanceArgs.builder()\n .allocatedStorage(10)\n .storageType(\"gp2\")\n .engine(\"mysql\")\n .engineVersion(\"5.7.16\")\n .instanceClass(\"db.t2.micro\")\n .dbName(\"mydb\")\n .username(\"foo\")\n .password(databaseMasterPassword)\n .dbSubnetGroupName(\"my_database_subnet_group\")\n .parameterGroupName(\"default.mysql5.7\")\n .build());\n\n var secret = new Parameter(\"secret\", ParameterArgs.builder()\n .name(\"/production/database/password/master\")\n .description(\"The parameter description\")\n .type(\"SecureString\")\n .value(databaseMasterPassword)\n .tags(Map.of(\"environment\", \"production\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n storageType: gp2\n engine: mysql\n engineVersion: 5.7.16\n instanceClass: db.t2.micro\n dbName: mydb\n username: foo\n password: ${databaseMasterPassword}\n dbSubnetGroupName: my_database_subnet_group\n parameterGroupName: default.mysql5.7\n secret:\n type: aws:ssm:Parameter\n properties:\n name: /production/database/password/master\n description: The parameter description\n type: SecureString\n value: ${databaseMasterPassword}\n tags:\n environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Parameters using the parameter store `name`. For example:\n\n```sh\n$ pulumi import aws:ssm/parameter:Parameter my_param /my_path/my_paramname\n```\n", "properties": { "allowedPattern": { "type": "string", "description": "Regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "ARN of the parameter.\n" }, "dataType": { "type": "string", "description": "Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).\n" }, "description": { "type": "string", "description": "Description of the parameter.\n" }, "insecureValue": { "type": "string", "description": "Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.\n" }, "keyId": { "type": "string", "description": "KMS key ID or ARN for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n" }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, defaults to `false` if the resource has not been created by Pulumi to avoid overwrite of existing resource, and will default to `true` otherwise (Pulumi lifecycle rules should then be used to manage the update behavior).\n", "deprecationMessage": "this attribute has been deprecated" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tier": { "type": "string", "description": "Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "description": "Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n\nThe following arguments are optional:\n" }, "value": { "type": "string", "description": "Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type`.\n\n\u003e **NOTE:** `aws:ssm:integration` data_type parameters must be of the type `SecureString` and the name must start with the prefix `/d9d01087-4a3f-49e0-b0b4-d568d7826553/ssm/integrations/webhook/`. See [here](https://docs.aws.amazon.com/systems-manager/latest/userguide/creating-integrations.html) for information on the usage of `aws:ssm:integration` parameters.\n", "secret": true }, "version": { "type": "integer", "description": "Version of the parameter.\n" } }, "required": [ "arn", "dataType", "insecureValue", "keyId", "name", "tagsAll", "type", "value", "version" ], "inputProperties": { "allowedPattern": { "type": "string", "description": "Regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "ARN of the parameter.\n" }, "dataType": { "type": "string", "description": "Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the parameter.\n" }, "insecureValue": { "type": "string", "description": "Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.\n" }, "keyId": { "type": "string", "description": "KMS key ID or ARN for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n", "willReplaceOnChanges": true }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, defaults to `false` if the resource has not been created by Pulumi to avoid overwrite of existing resource, and will default to `true` otherwise (Pulumi lifecycle rules should then be used to manage the update behavior).\n", "deprecationMessage": "this attribute has been deprecated" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tier": { "type": "string", "description": "Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ssm/ParameterType:ParameterType" } ], "description": "Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n\nThe following arguments are optional:\n" }, "value": { "type": "string", "description": "Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type`.\n\n\u003e **NOTE:** `aws:ssm:integration` data_type parameters must be of the type `SecureString` and the name must start with the prefix `/d9d01087-4a3f-49e0-b0b4-d568d7826553/ssm/integrations/webhook/`. See [here](https://docs.aws.amazon.com/systems-manager/latest/userguide/creating-integrations.html) for information on the usage of `aws:ssm:integration` parameters.\n", "secret": true } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Parameter resources.\n", "properties": { "allowedPattern": { "type": "string", "description": "Regular expression used to validate the parameter value.\n" }, "arn": { "type": "string", "description": "ARN of the parameter.\n" }, "dataType": { "type": "string", "description": "Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "Description of the parameter.\n" }, "insecureValue": { "type": "string", "description": "Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.\n" }, "keyId": { "type": "string", "description": "KMS key ID or ARN for encrypting a SecureString.\n" }, "name": { "type": "string", "description": "Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).\n", "willReplaceOnChanges": true }, "overwrite": { "type": "boolean", "description": "Overwrite an existing parameter. If not specified, defaults to `false` if the resource has not been created by Pulumi to avoid overwrite of existing resource, and will default to `true` otherwise (Pulumi lifecycle rules should then be used to manage the update behavior).\n", "deprecationMessage": "this attribute has been deprecated" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the object. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tier": { "type": "string", "description": "Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).\n" }, "type": { "type": "string", "oneOf": [ { "type": "string" }, { "type": "string", "$ref": "#/types/aws:ssm/ParameterType:ParameterType" } ], "description": "Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.\n\nThe following arguments are optional:\n" }, "value": { "type": "string", "description": "Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type`.\n\n\u003e **NOTE:** `aws:ssm:integration` data_type parameters must be of the type `SecureString` and the name must start with the prefix `/d9d01087-4a3f-49e0-b0b4-d568d7826553/ssm/integrations/webhook/`. See [here](https://docs.aws.amazon.com/systems-manager/latest/userguide/creating-integrations.html) for information on the usage of `aws:ssm:integration` parameters.\n", "secret": true }, "version": { "type": "integer", "description": "Version of the parameter.\n" } }, "type": "object" } }, "aws:ssm/patchBaseline:PatchBaseline": { "description": "Provides an SSM Patch Baseline resource.\n\n\u003e **NOTE on Patch Baselines:** The `approved_patches` and `approval_rule` are\nboth marked as optional fields, but the Patch Baseline requires that at least one\nof them is specified.\n\n## Example Usage\n\n### Basic Usage\n\nUsing `approved_patches` only.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n name: \"patch-baseline\",\n approvedPatches: [\"KB123456\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\",\n name=\"patch-baseline\",\n approved_patches=[\"KB123456\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var production = new Aws.Ssm.PatchBaseline(\"production\", new()\n {\n Name = \"patch-baseline\",\n ApprovedPatches = new[]\n {\n \"KB123456\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tName: pulumi.String(\"patch-baseline\"),\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var production = new PatchBaseline(\"production\", PatchBaselineArgs.builder()\n .name(\"patch-baseline\")\n .approvedPatches(\"KB123456\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n production:\n type: aws:ssm:PatchBaseline\n properties:\n name: patch-baseline\n approvedPatches:\n - KB123456\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Advanced Usage, specifying patch filters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n name: \"patch-baseline\",\n description: \"Patch Baseline Description\",\n approvedPatches: [\n \"KB123456\",\n \"KB456789\",\n ],\n rejectedPatches: [\"KB987654\"],\n globalFilters: [\n {\n key: \"PRODUCT\",\n values: [\"WindowsServer2008\"],\n },\n {\n key: \"CLASSIFICATION\",\n values: [\"ServicePacks\"],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\"Low\"],\n },\n ],\n approvalRules: [\n {\n approveAfterDays: 7,\n complianceLevel: \"HIGH\",\n patchFilters: [\n {\n key: \"PRODUCT\",\n values: [\"WindowsServer2016\"],\n },\n {\n key: \"CLASSIFICATION\",\n values: [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n ],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\n \"Critical\",\n \"Important\",\n \"Moderate\",\n ],\n },\n ],\n },\n {\n approveAfterDays: 7,\n patchFilters: [{\n key: \"PRODUCT\",\n values: [\"WindowsServer2012\"],\n }],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\",\n name=\"patch-baseline\",\n description=\"Patch Baseline Description\",\n approved_patches=[\n \"KB123456\",\n \"KB456789\",\n ],\n rejected_patches=[\"KB987654\"],\n global_filters=[\n {\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2008\"],\n },\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\"ServicePacks\"],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\"Low\"],\n },\n ],\n approval_rules=[\n {\n \"approve_after_days\": 7,\n \"compliance_level\": \"HIGH\",\n \"patch_filters\": [\n {\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2016\"],\n },\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n ],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\n \"Critical\",\n \"Important\",\n \"Moderate\",\n ],\n },\n ],\n },\n {\n \"approve_after_days\": 7,\n \"patch_filters\": [{\n \"key\": \"PRODUCT\",\n \"values\": [\"WindowsServer2012\"],\n }],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var production = new Aws.Ssm.PatchBaseline(\"production\", new()\n {\n Name = \"patch-baseline\",\n Description = \"Patch Baseline Description\",\n ApprovedPatches = new[]\n {\n \"KB123456\",\n \"KB456789\",\n },\n RejectedPatches = new[]\n {\n \"KB987654\",\n },\n GlobalFilters = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"PRODUCT\",\n Values = new[]\n {\n \"WindowsServer2008\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"CLASSIFICATION\",\n Values = new[]\n {\n \"ServicePacks\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineGlobalFilterArgs\n {\n Key = \"MSRC_SEVERITY\",\n Values = new[]\n {\n \"Low\",\n },\n },\n },\n ApprovalRules = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n ComplianceLevel = \"HIGH\",\n PatchFilters = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"PRODUCT\",\n Values = new[]\n {\n \"WindowsServer2016\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"CLASSIFICATION\",\n Values = new[]\n {\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"MSRC_SEVERITY\",\n Values = new[]\n {\n \"Critical\",\n \"Important\",\n \"Moderate\",\n },\n },\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilters = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"PRODUCT\",\n Values = new[]\n {\n \"WindowsServer2012\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tName: pulumi.String(\"patch-baseline\"),\n\t\t\tDescription: pulumi.String(\"Patch Baseline Description\"),\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t\tpulumi.String(\"KB456789\"),\n\t\t\t},\n\t\t\tRejectedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB987654\"),\n\t\t\t},\n\t\t\tGlobalFilters: ssm.PatchBaselineGlobalFilterArray{\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"PRODUCT\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"WindowsServer2008\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ServicePacks\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineGlobalFilterArgs{\n\t\t\t\t\tKey: pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Low\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tApprovalRules: ssm.PatchBaselineApprovalRuleArray{\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tComplianceLevel: pulumi.String(\"HIGH\"),\n\t\t\t\t\tPatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"WindowsServer2016\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"CriticalUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"SecurityUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Updates\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Critical\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Important\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Moderate\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"WindowsServer2012\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport com.pulumi.aws.ssm.inputs.PatchBaselineGlobalFilterArgs;\nimport com.pulumi.aws.ssm.inputs.PatchBaselineApprovalRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var production = new PatchBaseline(\"production\", PatchBaselineArgs.builder()\n .name(\"patch-baseline\")\n .description(\"Patch Baseline Description\")\n .approvedPatches( \n \"KB123456\",\n \"KB456789\")\n .rejectedPatches(\"KB987654\")\n .globalFilters( \n PatchBaselineGlobalFilterArgs.builder()\n .key(\"PRODUCT\")\n .values(\"WindowsServer2008\")\n .build(),\n PatchBaselineGlobalFilterArgs.builder()\n .key(\"CLASSIFICATION\")\n .values(\"ServicePacks\")\n .build(),\n PatchBaselineGlobalFilterArgs.builder()\n .key(\"MSRC_SEVERITY\")\n .values(\"Low\")\n .build())\n .approvalRules( \n PatchBaselineApprovalRuleArgs.builder()\n .approveAfterDays(7)\n .complianceLevel(\"HIGH\")\n .patchFilters( \n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"PRODUCT\")\n .values(\"WindowsServer2016\")\n .build(),\n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"CLASSIFICATION\")\n .values( \n \"CriticalUpdates\",\n \"SecurityUpdates\",\n \"Updates\")\n .build(),\n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"MSRC_SEVERITY\")\n .values( \n \"Critical\",\n \"Important\",\n \"Moderate\")\n .build())\n .build(),\n PatchBaselineApprovalRuleArgs.builder()\n .approveAfterDays(7)\n .patchFilters(PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"PRODUCT\")\n .values(\"WindowsServer2012\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n production:\n type: aws:ssm:PatchBaseline\n properties:\n name: patch-baseline\n description: Patch Baseline Description\n approvedPatches:\n - KB123456\n - KB456789\n rejectedPatches:\n - KB987654\n globalFilters:\n - key: PRODUCT\n values:\n - WindowsServer2008\n - key: CLASSIFICATION\n values:\n - ServicePacks\n - key: MSRC_SEVERITY\n values:\n - Low\n approvalRules:\n - approveAfterDays: 7\n complianceLevel: HIGH\n patchFilters:\n - key: PRODUCT\n values:\n - WindowsServer2016\n - key: CLASSIFICATION\n values:\n - CriticalUpdates\n - SecurityUpdates\n - Updates\n - key: MSRC_SEVERITY\n values:\n - Critical\n - Important\n - Moderate\n - approveAfterDays: 7\n patchFilters:\n - key: PRODUCT\n values:\n - WindowsServer2012\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Advanced usage, specifying Microsoft application and Windows patch rules\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst windowsOsApps = new aws.ssm.PatchBaseline(\"windows_os_apps\", {\n name: \"WindowsOSAndMicrosoftApps\",\n description: \"Patch both Windows and Microsoft apps\",\n operatingSystem: \"WINDOWS\",\n approvalRules: [\n {\n approveAfterDays: 7,\n patchFilters: [\n {\n key: \"CLASSIFICATION\",\n values: [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n ],\n },\n {\n key: \"MSRC_SEVERITY\",\n values: [\n \"Critical\",\n \"Important\",\n ],\n },\n ],\n },\n {\n approveAfterDays: 7,\n patchFilters: [\n {\n key: \"PATCH_SET\",\n values: [\"APPLICATION\"],\n },\n {\n key: \"PRODUCT\",\n values: [\n \"Office 2013\",\n \"Office 2016\",\n ],\n },\n ],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nwindows_os_apps = aws.ssm.PatchBaseline(\"windows_os_apps\",\n name=\"WindowsOSAndMicrosoftApps\",\n description=\"Patch both Windows and Microsoft apps\",\n operating_system=\"WINDOWS\",\n approval_rules=[\n {\n \"approve_after_days\": 7,\n \"patch_filters\": [\n {\n \"key\": \"CLASSIFICATION\",\n \"values\": [\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n ],\n },\n {\n \"key\": \"MSRC_SEVERITY\",\n \"values\": [\n \"Critical\",\n \"Important\",\n ],\n },\n ],\n },\n {\n \"approve_after_days\": 7,\n \"patch_filters\": [\n {\n \"key\": \"PATCH_SET\",\n \"values\": [\"APPLICATION\"],\n },\n {\n \"key\": \"PRODUCT\",\n \"values\": [\n \"Office 2013\",\n \"Office 2016\",\n ],\n },\n ],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var windowsOsApps = new Aws.Ssm.PatchBaseline(\"windows_os_apps\", new()\n {\n Name = \"WindowsOSAndMicrosoftApps\",\n Description = \"Patch both Windows and Microsoft apps\",\n OperatingSystem = \"WINDOWS\",\n ApprovalRules = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilters = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"CLASSIFICATION\",\n Values = new[]\n {\n \"CriticalUpdates\",\n \"SecurityUpdates\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"MSRC_SEVERITY\",\n Values = new[]\n {\n \"Critical\",\n \"Important\",\n },\n },\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRuleArgs\n {\n ApproveAfterDays = 7,\n PatchFilters = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"PATCH_SET\",\n Values = new[]\n {\n \"APPLICATION\",\n },\n },\n new Aws.Ssm.Inputs.PatchBaselineApprovalRulePatchFilterArgs\n {\n Key = \"PRODUCT\",\n Values = new[]\n {\n \"Office 2013\",\n \"Office 2016\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewPatchBaseline(ctx, \"windows_os_apps\", \u0026ssm.PatchBaselineArgs{\n\t\t\tName: pulumi.String(\"WindowsOSAndMicrosoftApps\"),\n\t\t\tDescription: pulumi.String(\"Patch both Windows and Microsoft apps\"),\n\t\t\tOperatingSystem: pulumi.String(\"WINDOWS\"),\n\t\t\tApprovalRules: ssm.PatchBaselineApprovalRuleArray{\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"CLASSIFICATION\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"CriticalUpdates\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"SecurityUpdates\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"MSRC_SEVERITY\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Critical\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Important\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssm.PatchBaselineApprovalRuleArgs{\n\t\t\t\t\tApproveAfterDays: pulumi.Int(7),\n\t\t\t\t\tPatchFilters: ssm.PatchBaselineApprovalRulePatchFilterArray{\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"PATCH_SET\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"APPLICATION\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssm.PatchBaselineApprovalRulePatchFilterArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"PRODUCT\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Office 2013\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Office 2016\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport com.pulumi.aws.ssm.inputs.PatchBaselineApprovalRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var windowsOsApps = new PatchBaseline(\"windowsOsApps\", PatchBaselineArgs.builder()\n .name(\"WindowsOSAndMicrosoftApps\")\n .description(\"Patch both Windows and Microsoft apps\")\n .operatingSystem(\"WINDOWS\")\n .approvalRules( \n PatchBaselineApprovalRuleArgs.builder()\n .approveAfterDays(7)\n .patchFilters( \n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"CLASSIFICATION\")\n .values( \n \"CriticalUpdates\",\n \"SecurityUpdates\")\n .build(),\n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"MSRC_SEVERITY\")\n .values( \n \"Critical\",\n \"Important\")\n .build())\n .build(),\n PatchBaselineApprovalRuleArgs.builder()\n .approveAfterDays(7)\n .patchFilters( \n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"PATCH_SET\")\n .values(\"APPLICATION\")\n .build(),\n PatchBaselineApprovalRulePatchFilterArgs.builder()\n .key(\"PRODUCT\")\n .values( \n \"Office 2013\",\n \"Office 2016\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n windowsOsApps:\n type: aws:ssm:PatchBaseline\n name: windows_os_apps\n properties:\n name: WindowsOSAndMicrosoftApps\n description: Patch both Windows and Microsoft apps\n operatingSystem: WINDOWS\n approvalRules:\n - approveAfterDays: 7\n patchFilters:\n - key: CLASSIFICATION\n values:\n - CriticalUpdates\n - SecurityUpdates\n - key: MSRC_SEVERITY\n values:\n - Critical\n - Important\n - approveAfterDays: 7\n patchFilters:\n - key: PATCH_SET\n values:\n - APPLICATION\n - key: PRODUCT\n values:\n - Office 2013\n - Office 2016\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Advanced usage, specifying alternate patch source repository\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst al201709 = new aws.ssm.PatchBaseline(\"al_2017_09\", {\n approvalRules: [{}],\n name: \"Amazon-Linux-2017.09\",\n description: \"My patch repository for Amazon Linux 2017.09\",\n operatingSystem: \"AMAZON_LINUX\",\n sources: [{\n name: \"My-AL2017.09\",\n products: [\"AmazonLinux2017.09\"],\n configuration: `[amzn-main]\nname=amzn-main-Base\nmirrorlist=http://repo./awsregion./awsdomain//releasever/main/mirror.list\nmirrorlist_expire=300\nmetadata_expire=300\npriority=10\nfailovermethod=priority\nfastestmirror_enabled=0\ngpgcheck=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\nenabled=1\nretries=3\ntimeout=5\nreport_instanceid=yes\n`,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nal201709 = aws.ssm.PatchBaseline(\"al_2017_09\",\n approval_rules=[{}],\n name=\"Amazon-Linux-2017.09\",\n description=\"My patch repository for Amazon Linux 2017.09\",\n operating_system=\"AMAZON_LINUX\",\n sources=[{\n \"name\": \"My-AL2017.09\",\n \"products\": [\"AmazonLinux2017.09\"],\n \"configuration\": \"\"\"[amzn-main]\nname=amzn-main-Base\nmirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list\nmirrorlist_expire=300\nmetadata_expire=300\npriority=10\nfailovermethod=priority\nfastestmirror_enabled=0\ngpgcheck=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\nenabled=1\nretries=3\ntimeout=5\nreport_instanceid=yes\n\"\"\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var al201709 = new Aws.Ssm.PatchBaseline(\"al_2017_09\", new()\n {\n ApprovalRules = new[]\n {\n null,\n },\n Name = \"Amazon-Linux-2017.09\",\n Description = \"My patch repository for Amazon Linux 2017.09\",\n OperatingSystem = \"AMAZON_LINUX\",\n Sources = new[]\n {\n new Aws.Ssm.Inputs.PatchBaselineSourceArgs\n {\n Name = \"My-AL2017.09\",\n Products = new[]\n {\n \"AmazonLinux2017.09\",\n },\n Configuration = @\"[amzn-main]\nname=amzn-main-Base\nmirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list\nmirrorlist_expire=300\nmetadata_expire=300\npriority=10\nfailovermethod=priority\nfastestmirror_enabled=0\ngpgcheck=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\nenabled=1\nretries=3\ntimeout=5\nreport_instanceid=yes\n\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewPatchBaseline(ctx, \"al_2017_09\", \u0026ssm.PatchBaselineArgs{\n\t\t\tApprovalRules: ssm.PatchBaselineApprovalRuleArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tName: pulumi.String(\"Amazon-Linux-2017.09\"),\n\t\t\tDescription: pulumi.String(\"My patch repository for Amazon Linux 2017.09\"),\n\t\t\tOperatingSystem: pulumi.String(\"AMAZON_LINUX\"),\n\t\t\tSources: ssm.PatchBaselineSourceArray{\n\t\t\t\t\u0026ssm.PatchBaselineSourceArgs{\n\t\t\t\t\tName: pulumi.String(\"My-AL2017.09\"),\n\t\t\t\t\tProducts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"AmazonLinux2017.09\"),\n\t\t\t\t\t},\n\t\t\t\t\tConfiguration: pulumi.String(`[amzn-main]\nname=amzn-main-Base\nmirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list\nmirrorlist_expire=300\nmetadata_expire=300\npriority=10\nfailovermethod=priority\nfastestmirror_enabled=0\ngpgcheck=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\nenabled=1\nretries=3\ntimeout=5\nreport_instanceid=yes\n`),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport com.pulumi.aws.ssm.inputs.PatchBaselineApprovalRuleArgs;\nimport com.pulumi.aws.ssm.inputs.PatchBaselineSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var al201709 = new PatchBaseline(\"al201709\", PatchBaselineArgs.builder()\n .approvalRules()\n .name(\"Amazon-Linux-2017.09\")\n .description(\"My patch repository for Amazon Linux 2017.09\")\n .operatingSystem(\"AMAZON_LINUX\")\n .sources(PatchBaselineSourceArgs.builder()\n .name(\"My-AL2017.09\")\n .products(\"AmazonLinux2017.09\")\n .configuration(\"\"\"\n[amzn-main]\nname=amzn-main-Base\nmirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list\nmirrorlist_expire=300\nmetadata_expire=300\npriority=10\nfailovermethod=priority\nfastestmirror_enabled=0\ngpgcheck=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\nenabled=1\nretries=3\ntimeout=5\nreport_instanceid=yes\n \"\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n al201709:\n type: aws:ssm:PatchBaseline\n name: al_2017_09\n properties:\n approvalRules:\n - {}\n name: Amazon-Linux-2017.09\n description: My patch repository for Amazon Linux 2017.09\n operatingSystem: AMAZON_LINUX\n sources:\n - name: My-AL2017.09\n products:\n - AmazonLinux2017.09\n configuration: |\n [amzn-main]\n name=amzn-main-Base\n mirrorlist=http://repo./$awsregion./$awsdomain//$releasever/main/mirror.list\n mirrorlist_expire=300\n metadata_expire=300\n priority=10\n failovermethod=priority\n fastestmirror_enabled=0\n gpgcheck=1\n gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-ga\n enabled=1\n retries=3\n timeout=5\n report_instanceid=yes\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Patch Baselines using their baseline ID. For example:\n\n```sh\n$ pulumi import aws:ssm/patchBaseline:PatchBaseline example pb-12345678\n```\n", "properties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approval_rule` below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of explicitly approved patches for the baseline. Cannot be specified with `approval_rule`.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "approvedPatchesEnableNonSecurity": { "type": "boolean", "description": "Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only.\n" }, "arn": { "type": "string", "description": "ARN of the baseline.\n" }, "description": { "type": "string", "description": "Description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`.\n" }, "json": { "type": "string", "description": "JSON definition of the baseline.\n" }, "name": { "type": "string", "description": "Name of the patch baseline.\n\nThe following arguments are optional:\n" }, "operatingSystem": { "type": "string", "description": "Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`.\n" }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of rejected patches.\n" }, "rejectedPatchesAction": { "type": "string", "description": "Action for Patch Manager to take on patches included in the `rejected_patches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineSource:PatchBaselineSource" }, "description": "Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "json", "name", "rejectedPatchesAction", "tagsAll" ], "inputProperties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approval_rule` below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of explicitly approved patches for the baseline. Cannot be specified with `approval_rule`.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "approvedPatchesEnableNonSecurity": { "type": "boolean", "description": "Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only.\n" }, "description": { "type": "string", "description": "Description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`.\n" }, "name": { "type": "string", "description": "Name of the patch baseline.\n\nThe following arguments are optional:\n" }, "operatingSystem": { "type": "string", "description": "Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`.\n", "willReplaceOnChanges": true }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of rejected patches.\n" }, "rejectedPatchesAction": { "type": "string", "description": "Action for Patch Manager to take on patches included in the `rejected_patches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineSource:PatchBaselineSource" }, "description": "Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering PatchBaseline resources.\n", "properties": { "approvalRules": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineApprovalRule:PatchBaselineApprovalRule" }, "description": "Set of rules used to include patches in the baseline. Up to 10 approval rules can be specified. See `approval_rule` below.\n" }, "approvedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of explicitly approved patches for the baseline. Cannot be specified with `approval_rule`.\n" }, "approvedPatchesComplianceLevel": { "type": "string", "description": "Compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. Valid values are `CRITICAL`, `HIGH`, `MEDIUM`, `LOW`, `INFORMATIONAL`, `UNSPECIFIED`. The default value is `UNSPECIFIED`.\n" }, "approvedPatchesEnableNonSecurity": { "type": "boolean", "description": "Whether the list of approved patches includes non-security updates that should be applied to the instances. Applies to Linux instances only.\n" }, "arn": { "type": "string", "description": "ARN of the baseline.\n" }, "description": { "type": "string", "description": "Description of the patch baseline.\n" }, "globalFilters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineGlobalFilter:PatchBaselineGlobalFilter" }, "description": "Set of global filters used to exclude patches from the baseline. Up to 4 global filters can be specified using Key/Value pairs. Valid Keys are `PRODUCT`, `CLASSIFICATION`, `MSRC_SEVERITY`, and `PATCH_ID`.\n" }, "json": { "type": "string", "description": "JSON definition of the baseline.\n" }, "name": { "type": "string", "description": "Name of the patch baseline.\n\nThe following arguments are optional:\n" }, "operatingSystem": { "type": "string", "description": "Operating system the patch baseline applies to. Valid values are `ALMA_LINUX`, `AMAZON_LINUX`, `AMAZON_LINUX_2`, `AMAZON_LINUX_2022`, `AMAZON_LINUX_2023`, `CENTOS`, `DEBIAN`, `MACOS`, `ORACLE_LINUX`, `RASPBIAN`, `REDHAT_ENTERPRISE_LINUX`, `ROCKY_LINUX`, `SUSE`, `UBUNTU`, and `WINDOWS`. The default value is `WINDOWS`.\n", "willReplaceOnChanges": true }, "rejectedPatches": { "type": "array", "items": { "type": "string" }, "description": "List of rejected patches.\n" }, "rejectedPatchesAction": { "type": "string", "description": "Action for Patch Manager to take on patches included in the `rejected_patches` list. Valid values are `ALLOW_AS_DEPENDENCY` and `BLOCK`.\n" }, "sources": { "type": "array", "items": { "$ref": "#/types/aws:ssm/PatchBaselineSource:PatchBaselineSource" }, "description": "Configuration block with alternate sources for patches. Applies to Linux instances only. See `source` below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssm/patchGroup:PatchGroup": { "description": "Provides an SSM Patch Group resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = new aws.ssm.PatchBaseline(\"production\", {\n name: \"patch-baseline\",\n approvedPatches: [\"KB123456\"],\n});\nconst patchgroup = new aws.ssm.PatchGroup(\"patchgroup\", {\n baselineId: production.id,\n patchGroup: \"patch-group-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.ssm.PatchBaseline(\"production\",\n name=\"patch-baseline\",\n approved_patches=[\"KB123456\"])\npatchgroup = aws.ssm.PatchGroup(\"patchgroup\",\n baseline_id=production.id,\n patch_group=\"patch-group-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var production = new Aws.Ssm.PatchBaseline(\"production\", new()\n {\n Name = \"patch-baseline\",\n ApprovedPatches = new[]\n {\n \"KB123456\",\n },\n });\n\n var patchgroup = new Aws.Ssm.PatchGroup(\"patchgroup\", new()\n {\n BaselineId = production.Id,\n PatchGroupName = \"patch-group-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproduction, err := ssm.NewPatchBaseline(ctx, \"production\", \u0026ssm.PatchBaselineArgs{\n\t\t\tName: pulumi.String(\"patch-baseline\"),\n\t\t\tApprovedPatches: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"KB123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewPatchGroup(ctx, \"patchgroup\", \u0026ssm.PatchGroupArgs{\n\t\t\tBaselineId: production.ID(),\n\t\t\tPatchGroup: pulumi.String(\"patch-group-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.PatchBaseline;\nimport com.pulumi.aws.ssm.PatchBaselineArgs;\nimport com.pulumi.aws.ssm.PatchGroup;\nimport com.pulumi.aws.ssm.PatchGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var production = new PatchBaseline(\"production\", PatchBaselineArgs.builder()\n .name(\"patch-baseline\")\n .approvedPatches(\"KB123456\")\n .build());\n\n var patchgroup = new PatchGroup(\"patchgroup\", PatchGroupArgs.builder()\n .baselineId(production.id())\n .patchGroup(\"patch-group-name\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n production:\n type: aws:ssm:PatchBaseline\n properties:\n name: patch-baseline\n approvedPatches:\n - KB123456\n patchgroup:\n type: aws:ssm:PatchGroup\n properties:\n baselineId: ${production.id}\n patchGroup: patch-group-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n" }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } } } }, "required": [ "baselineId", "patchGroup" ], "inputProperties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n", "willReplaceOnChanges": true }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } }, "willReplaceOnChanges": true } }, "requiredInputs": [ "baselineId", "patchGroup" ], "stateInputs": { "description": "Input properties used for looking up and filtering PatchGroup resources.\n", "properties": { "baselineId": { "type": "string", "description": "The ID of the patch baseline to register the patch group with.\n", "willReplaceOnChanges": true }, "patchGroup": { "type": "string", "description": "The name of the patch group that should be registered with the patch baseline.\n", "language": { "csharp": { "name": "PatchGroupName" } }, "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssm/resourceDataSync:ResourceDataSync": { "description": "Provides a SSM resource data sync.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst hogeBucketV2 = new aws.s3.BucketV2(\"hoge\", {bucket: \"tf-test-bucket-1234\"});\nconst hoge = aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"SSMBucketPermissionsCheck\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ssm.amazonaws.com\"],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: [\"arn:aws:s3:::tf-test-bucket-1234\"],\n },\n {\n sid: \"SSMBucketDelivery\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ssm.amazonaws.com\"],\n }],\n actions: [\"s3:PutObject\"],\n resources: [\"arn:aws:s3:::tf-test-bucket-1234/*\"],\n conditions: [{\n test: \"StringEquals\",\n variable: \"s3:x-amz-acl\",\n values: [\"bucket-owner-full-control\"],\n }],\n },\n ],\n});\nconst hogeBucketPolicy = new aws.s3.BucketPolicy(\"hoge\", {\n bucket: hogeBucketV2.id,\n policy: hoge.then(hoge =\u003e hoge.json),\n});\nconst foo = new aws.ssm.ResourceDataSync(\"foo\", {\n name: \"foo\",\n s3Destination: {\n bucketName: hogeBucketV2.bucket,\n region: hogeBucketV2.region,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nhoge_bucket_v2 = aws.s3.BucketV2(\"hoge\", bucket=\"tf-test-bucket-1234\")\nhoge = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"SSMBucketPermissionsCheck\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ssm.amazonaws.com\"],\n }],\n \"actions\": [\"s3:GetBucketAcl\"],\n \"resources\": [\"arn:aws:s3:::tf-test-bucket-1234\"],\n },\n {\n \"sid\": \"SSMBucketDelivery\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"ssm.amazonaws.com\"],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [\"arn:aws:s3:::tf-test-bucket-1234/*\"],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"s3:x-amz-acl\",\n \"values\": [\"bucket-owner-full-control\"],\n }],\n },\n])\nhoge_bucket_policy = aws.s3.BucketPolicy(\"hoge\",\n bucket=hoge_bucket_v2.id,\n policy=hoge.json)\nfoo = aws.ssm.ResourceDataSync(\"foo\",\n name=\"foo\",\n s3_destination={\n \"bucket_name\": hoge_bucket_v2.bucket,\n \"region\": hoge_bucket_v2.region,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var hogeBucketV2 = new Aws.S3.BucketV2(\"hoge\", new()\n {\n Bucket = \"tf-test-bucket-1234\",\n });\n\n var hoge = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SSMBucketPermissionsCheck\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ssm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::tf-test-bucket-1234\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SSMBucketDelivery\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ssm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::tf-test-bucket-1234/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"s3:x-amz-acl\",\n Values = new[]\n {\n \"bucket-owner-full-control\",\n },\n },\n },\n },\n },\n });\n\n var hogeBucketPolicy = new Aws.S3.BucketPolicy(\"hoge\", new()\n {\n Bucket = hogeBucketV2.Id,\n Policy = hoge.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Ssm.ResourceDataSync(\"foo\", new()\n {\n Name = \"foo\",\n S3Destination = new Aws.Ssm.Inputs.ResourceDataSyncS3DestinationArgs\n {\n BucketName = hogeBucketV2.Bucket,\n Region = hogeBucketV2.Region,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\thogeBucketV2, err := s3.NewBucketV2(ctx, \"hoge\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-1234\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\thoge, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"SSMBucketPermissionsCheck\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ssm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:GetBucketAcl\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::tf-test-bucket-1234\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"SSMBucketDelivery\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ssm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::tf-test-bucket-1234/*\",\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"StringEquals\",\n\t\t\t\t\t\t\tVariable: \"s3:x-amz-acl\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"bucket-owner-full-control\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"hoge\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: hogeBucketV2.ID(),\n\t\t\tPolicy: pulumi.String(hoge.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewResourceDataSync(ctx, \"foo\", \u0026ssm.ResourceDataSyncArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tS3Destination: \u0026ssm.ResourceDataSyncS3DestinationArgs{\n\t\t\t\tBucketName: hogeBucketV2.Bucket,\n\t\t\t\tRegion: hogeBucketV2.Region,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.ssm.ResourceDataSync;\nimport com.pulumi.aws.ssm.ResourceDataSyncArgs;\nimport com.pulumi.aws.ssm.inputs.ResourceDataSyncS3DestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var hogeBucketV2 = new BucketV2(\"hogeBucketV2\", BucketV2Args.builder()\n .bucket(\"tf-test-bucket-1234\")\n .build());\n\n final var hoge = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"SSMBucketPermissionsCheck\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ssm.amazonaws.com\")\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(\"arn:aws:s3:::tf-test-bucket-1234\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"SSMBucketDelivery\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ssm.amazonaws.com\")\n .build())\n .actions(\"s3:PutObject\")\n .resources(\"arn:aws:s3:::tf-test-bucket-1234/*\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"s3:x-amz-acl\")\n .values(\"bucket-owner-full-control\")\n .build())\n .build())\n .build());\n\n var hogeBucketPolicy = new BucketPolicy(\"hogeBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(hogeBucketV2.id())\n .policy(hoge.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new ResourceDataSync(\"foo\", ResourceDataSyncArgs.builder()\n .name(\"foo\")\n .s3Destination(ResourceDataSyncS3DestinationArgs.builder()\n .bucketName(hogeBucketV2.bucket())\n .region(hogeBucketV2.region())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n hogeBucketV2:\n type: aws:s3:BucketV2\n name: hoge\n properties:\n bucket: tf-test-bucket-1234\n hogeBucketPolicy:\n type: aws:s3:BucketPolicy\n name: hoge\n properties:\n bucket: ${hogeBucketV2.id}\n policy: ${hoge.json}\n foo:\n type: aws:ssm:ResourceDataSync\n properties:\n name: foo\n s3Destination:\n bucketName: ${hogeBucketV2.bucket}\n region: ${hogeBucketV2.region}\nvariables:\n hoge:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: SSMBucketPermissionsCheck\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - ssm.amazonaws.com\n actions:\n - s3:GetBucketAcl\n resources:\n - arn:aws:s3:::tf-test-bucket-1234\n - sid: SSMBucketDelivery\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - ssm.amazonaws.com\n actions:\n - s3:PutObject\n resources:\n - arn:aws:s3:::tf-test-bucket-1234/*\n conditions:\n - test: StringEquals\n variable: s3:x-amz-acl\n values:\n - bucket-owner-full-control\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM resource data sync using the `name`. For example:\n\n```sh\n$ pulumi import aws:ssm/resourceDataSync:ResourceDataSync example example-name\n```\n", "properties": { "name": { "type": "string", "description": "Name for the configuration.\n" }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n" } }, "required": [ "name", "s3Destination" ], "inputProperties": { "name": { "type": "string", "description": "Name for the configuration.\n", "willReplaceOnChanges": true }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "s3Destination" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourceDataSync resources.\n", "properties": { "name": { "type": "string", "description": "Name for the configuration.\n", "willReplaceOnChanges": true }, "s3Destination": { "$ref": "#/types/aws:ssm/ResourceDataSyncS3Destination:ResourceDataSyncS3Destination", "description": "Amazon S3 configuration details for the sync.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssm/serviceSetting:ServiceSetting": { "description": "This setting defines how a user interacts with or uses a service or a feature of a service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testSetting = new aws.ssm.ServiceSetting(\"test_setting\", {\n settingId: \"arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\",\n settingValue: \"true\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_setting = aws.ssm.ServiceSetting(\"test_setting\",\n setting_id=\"arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\",\n setting_value=\"true\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testSetting = new Aws.Ssm.ServiceSetting(\"test_setting\", new()\n {\n SettingId = \"arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\",\n SettingValue = \"true\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewServiceSetting(ctx, \"test_setting\", \u0026ssm.ServiceSettingArgs{\n\t\t\tSettingId: pulumi.String(\"arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\"),\n\t\t\tSettingValue: pulumi.String(\"true\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ServiceSetting;\nimport com.pulumi.aws.ssm.ServiceSettingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testSetting = new ServiceSetting(\"testSetting\", ServiceSettingArgs.builder()\n .settingId(\"arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\")\n .settingValue(\"true\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testSetting:\n type: aws:ssm:ServiceSetting\n name: test_setting\n properties:\n settingId: arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\n settingValue: 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS SSM Service Setting using the `setting_id`. For example:\n\n```sh\n$ pulumi import aws:ssm/serviceSetting:ServiceSetting example arn:aws:ssm:us-east-1:123456789012:servicesetting/ssm/parameter-store/high-throughput-enabled\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the service setting.\n" }, "settingId": { "type": "string", "description": "ID of the service setting.\n" }, "settingValue": { "type": "string", "description": "Value of the service setting.\n" }, "status": { "type": "string", "description": "Status of the service setting. Value can be `Default`, `Customized` or `PendingUpdate`.\n" } }, "required": [ "arn", "settingId", "settingValue", "status" ], "inputProperties": { "settingId": { "type": "string", "description": "ID of the service setting.\n" }, "settingValue": { "type": "string", "description": "Value of the service setting.\n" } }, "requiredInputs": [ "settingId", "settingValue" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceSetting resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the service setting.\n" }, "settingId": { "type": "string", "description": "ID of the service setting.\n" }, "settingValue": { "type": "string", "description": "Value of the service setting.\n" }, "status": { "type": "string", "description": "Status of the service setting. Value can be `Default`, `Customized` or `PendingUpdate`.\n" } }, "type": "object" } }, "aws:ssmcontacts/contact:Contact": { "description": "Resource for managing an AWS SSM Contact.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n type=\"PERSONAL\",\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder()\n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n type: PERSONAL\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n displayName: \"displayName\",\n type: \"ESCALATION\",\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n display_name=\"displayName\",\n type=\"ESCALATION\",\n tags={\n \"key\": \"value\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n DisplayName = \"displayName\",\n Type = \"ESCALATION\",\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tDisplayName: pulumi.String(\"displayName\"),\n\t\t\tType: pulumi.String(\"ESCALATION\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder()\n .alias(\"alias\")\n .displayName(\"displayName\")\n .type(\"ESCALATION\")\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n displayName: displayName\n type: ESCALATION\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Contact using the `ARN`. For example:\n\n```sh\n$ pulumi import aws:ssmcontacts/contact:Contact example {ARNValue}\n```\n", "properties": { "alias": { "type": "string", "description": "A unique and identifiable alias for the contact or escalation plan. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), and hyphens (`-`).\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" }, "displayName": { "type": "string", "description": "Full friendly name of the contact or escalation plan. If set, must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of contact engaged. A single contact is type PERSONAL and an escalation\nplan is type ESCALATION.\n\nThe following arguments are optional:\n" } }, "required": [ "alias", "arn", "tagsAll", "type" ], "inputProperties": { "alias": { "type": "string", "description": "A unique and identifiable alias for the contact or escalation plan. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), and hyphens (`-`).\n", "willReplaceOnChanges": true }, "displayName": { "type": "string", "description": "Full friendly name of the contact or escalation plan. If set, must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n" }, "type": { "type": "string", "description": "The type of contact engaged. A single contact is type PERSONAL and an escalation\nplan is type ESCALATION.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "alias", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering Contact resources.\n", "properties": { "alias": { "type": "string", "description": "A unique and identifiable alias for the contact or escalation plan. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), and hyphens (`-`).\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" }, "displayName": { "type": "string", "description": "Full friendly name of the contact or escalation plan. If set, must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of contact engaged. A single contact is type PERSONAL and an escalation\nplan is type ESCALATION.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssmcontacts/contactChannel:ContactChannel": { "description": "Resource for managing an AWS SSM Contacts Contact Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.ContactChannel(\"example\", {\n contactId: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n deliveryAddress: {\n simpleAddress: \"email@example.com\",\n },\n name: \"Example contact channel\",\n type: \"EMAIL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.ContactChannel(\"example\",\n contact_id=\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n delivery_address={\n \"simple_address\": \"email@example.com\",\n },\n name=\"Example contact channel\",\n type=\"EMAIL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.ContactChannel(\"example\", new()\n {\n ContactId = \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n DeliveryAddress = new Aws.SsmContacts.Inputs.ContactChannelDeliveryAddressArgs\n {\n SimpleAddress = \"email@example.com\",\n },\n Name = \"Example contact channel\",\n Type = \"EMAIL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContactChannel(ctx, \"example\", \u0026ssmcontacts.ContactChannelArgs{\n\t\t\tContactId: pulumi.String(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\"),\n\t\t\tDeliveryAddress: \u0026ssmcontacts.ContactChannelDeliveryAddressArgs{\n\t\t\t\tSimpleAddress: pulumi.String(\"email@example.com\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"Example contact channel\"),\n\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.ContactChannel;\nimport com.pulumi.aws.ssmcontacts.ContactChannelArgs;\nimport com.pulumi.aws.ssmcontacts.inputs.ContactChannelDeliveryAddressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactChannel(\"example\", ContactChannelArgs.builder()\n .contactId(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n .deliveryAddress(ContactChannelDeliveryAddressArgs.builder()\n .simpleAddress(\"email@example.com\")\n .build())\n .name(\"Example contact channel\")\n .type(\"EMAIL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:ContactChannel\n properties:\n contactId: arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\n deliveryAddress:\n simpleAddress: email@example.com\n name: Example contact channel\n type: EMAIL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with SSM Contact\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleContact = new aws.ssmcontacts.Contact(\"example_contact\", {\n alias: \"example_contact\",\n type: \"PERSONAL\",\n});\nconst example = new aws.ssmcontacts.ContactChannel(\"example\", {\n contactId: exampleContact.arn,\n deliveryAddress: {\n simpleAddress: \"email@example.com\",\n },\n name: \"Example contact channel\",\n type: \"EMAIL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_contact = aws.ssmcontacts.Contact(\"example_contact\",\n alias=\"example_contact\",\n type=\"PERSONAL\")\nexample = aws.ssmcontacts.ContactChannel(\"example\",\n contact_id=example_contact.arn,\n delivery_address={\n \"simple_address\": \"email@example.com\",\n },\n name=\"Example contact channel\",\n type=\"EMAIL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleContact = new Aws.SsmContacts.Contact(\"example_contact\", new()\n {\n Alias = \"example_contact\",\n Type = \"PERSONAL\",\n });\n\n var example = new Aws.SsmContacts.ContactChannel(\"example\", new()\n {\n ContactId = exampleContact.Arn,\n DeliveryAddress = new Aws.SsmContacts.Inputs.ContactChannelDeliveryAddressArgs\n {\n SimpleAddress = \"email@example.com\",\n },\n Name = \"Example contact channel\",\n Type = \"EMAIL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleContact, err := ssmcontacts.NewContact(ctx, \"example_contact\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"example_contact\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssmcontacts.NewContactChannel(ctx, \"example\", \u0026ssmcontacts.ContactChannelArgs{\n\t\t\tContactId: exampleContact.Arn,\n\t\t\tDeliveryAddress: \u0026ssmcontacts.ContactChannelDeliveryAddressArgs{\n\t\t\t\tSimpleAddress: pulumi.String(\"email@example.com\"),\n\t\t\t},\n\t\t\tName: pulumi.String(\"Example contact channel\"),\n\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.aws.ssmcontacts.ContactChannel;\nimport com.pulumi.aws.ssmcontacts.ContactChannelArgs;\nimport com.pulumi.aws.ssmcontacts.inputs.ContactChannelDeliveryAddressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleContact = new Contact(\"exampleContact\", ContactArgs.builder()\n .alias(\"example_contact\")\n .type(\"PERSONAL\")\n .build());\n\n var example = new ContactChannel(\"example\", ContactChannelArgs.builder()\n .contactId(exampleContact.arn())\n .deliveryAddress(ContactChannelDeliveryAddressArgs.builder()\n .simpleAddress(\"email@example.com\")\n .build())\n .name(\"Example contact channel\")\n .type(\"EMAIL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleContact:\n type: aws:ssmcontacts:Contact\n name: example_contact\n properties:\n alias: example_contact\n type: PERSONAL\n example:\n type: aws:ssmcontacts:ContactChannel\n properties:\n contactId: ${exampleContact.arn}\n deliveryAddress:\n simpleAddress: email@example.com\n name: Example contact channel\n type: EMAIL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Contact Channel using the `ARN`. For example:\n\n```sh\n$ pulumi import aws:ssmcontacts/contactChannel:ContactChannel example arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\n```\n", "properties": { "activationStatus": { "type": "string", "description": "Whether the contact channel is activated. The contact channel must be activated to use it to engage the contact. One of `ACTIVATED` or `NOT_ACTIVATED`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the contact channel.\n" }, "contactId": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS SSM Contact that the contact channel belongs to.\n" }, "deliveryAddress": { "$ref": "#/types/aws:ssmcontacts/ContactChannelDeliveryAddress:ContactChannelDeliveryAddress", "description": "Block that contains contact engagement details. See details below.\n" }, "name": { "type": "string", "description": "Name of the contact channel. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "type": { "type": "string", "description": "Type of the contact channel. One of `SMS`, `VOICE` or `EMAIL`.\n" } }, "required": [ "activationStatus", "arn", "contactId", "deliveryAddress", "name", "type" ], "inputProperties": { "contactId": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS SSM Contact that the contact channel belongs to.\n", "willReplaceOnChanges": true }, "deliveryAddress": { "$ref": "#/types/aws:ssmcontacts/ContactChannelDeliveryAddress:ContactChannelDeliveryAddress", "description": "Block that contains contact engagement details. See details below.\n" }, "name": { "type": "string", "description": "Name of the contact channel. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "type": { "type": "string", "description": "Type of the contact channel. One of `SMS`, `VOICE` or `EMAIL`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "contactId", "deliveryAddress", "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering ContactChannel resources.\n", "properties": { "activationStatus": { "type": "string", "description": "Whether the contact channel is activated. The contact channel must be activated to use it to engage the contact. One of `ACTIVATED` or `NOT_ACTIVATED`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the contact channel.\n" }, "contactId": { "type": "string", "description": "Amazon Resource Name (ARN) of the AWS SSM Contact that the contact channel belongs to.\n", "willReplaceOnChanges": true }, "deliveryAddress": { "$ref": "#/types/aws:ssmcontacts/ContactChannelDeliveryAddress:ContactChannelDeliveryAddress", "description": "Block that contains contact engagement details. See details below.\n" }, "name": { "type": "string", "description": "Name of the contact channel. Must be between 1 and 255 characters, and may contain alphanumerics, underscores (`_`), hyphens (`-`), periods (`.`), and spaces.\n" }, "type": { "type": "string", "description": "Type of the contact channel. One of `SMS`, `VOICE` or `EMAIL`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssmcontacts/plan:Plan": { "description": "Resource for managing an AWS SSM Contact Plan.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Plan(\"example\", {\n contactId: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n stages: [{\n durationInMinutes: 1,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Plan(\"example\",\n contact_id=\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n stages=[{\n \"duration_in_minutes\": 1,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Plan(\"example\", new()\n {\n ContactId = \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n Stages = new[]\n {\n new Aws.SsmContacts.Inputs.PlanStageArgs\n {\n DurationInMinutes = 1,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewPlan(ctx, \"example\", \u0026ssmcontacts.PlanArgs{\n\t\t\tContactId: pulumi.String(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\"),\n\t\t\tStages: ssmcontacts.PlanStageArray{\n\t\t\t\t\u0026ssmcontacts.PlanStageArgs{\n\t\t\t\t\tDurationInMinutes: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Plan;\nimport com.pulumi.aws.ssmcontacts.PlanArgs;\nimport com.pulumi.aws.ssmcontacts.inputs.PlanStageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Plan(\"example\", PlanArgs.builder()\n .contactId(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n .stages(PlanStageArgs.builder()\n .durationInMinutes(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Plan\n properties:\n contactId: arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\n stages:\n - durationInMinutes: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with SSM Contact\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst contact = new aws.ssmcontacts.Contact(\"contact\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n});\nconst plan = new aws.ssmcontacts.Plan(\"plan\", {\n contactId: contact.arn,\n stages: [{\n durationInMinutes: 1,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncontact = aws.ssmcontacts.Contact(\"contact\",\n alias=\"alias\",\n type=\"PERSONAL\")\nplan = aws.ssmcontacts.Plan(\"plan\",\n contact_id=contact.arn,\n stages=[{\n \"duration_in_minutes\": 1,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var contact = new Aws.SsmContacts.Contact(\"contact\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n });\n\n var plan = new Aws.SsmContacts.Plan(\"plan\", new()\n {\n ContactId = contact.Arn,\n Stages = new[]\n {\n new Aws.SsmContacts.Inputs.PlanStageArgs\n {\n DurationInMinutes = 1,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcontact, err := ssmcontacts.NewContact(ctx, \"contact\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssmcontacts.NewPlan(ctx, \"plan\", \u0026ssmcontacts.PlanArgs{\n\t\t\tContactId: contact.Arn,\n\t\t\tStages: ssmcontacts.PlanStageArray{\n\t\t\t\t\u0026ssmcontacts.PlanStageArgs{\n\t\t\t\t\tDurationInMinutes: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.aws.ssmcontacts.Plan;\nimport com.pulumi.aws.ssmcontacts.PlanArgs;\nimport com.pulumi.aws.ssmcontacts.inputs.PlanStageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var contact = new Contact(\"contact\", ContactArgs.builder()\n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build());\n\n var plan = new Plan(\"plan\", PlanArgs.builder()\n .contactId(contact.arn())\n .stages(PlanStageArgs.builder()\n .durationInMinutes(1)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n contact:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n type: PERSONAL\n plan:\n type: aws:ssmcontacts:Plan\n properties:\n contactId: ${contact.arn}\n stages:\n - durationInMinutes: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst escalationPlan = new aws.ssmcontacts.Contact(\"escalation_plan\", {\n alias: \"escalation-plan-alias\",\n type: \"ESCALATION\",\n});\nconst contactOne = new aws.ssmcontacts.Contact(\"contact_one\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n});\nconst contactTwo = new aws.ssmcontacts.Contact(\"contact_two\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n});\nconst test = new aws.ssmcontacts.Plan(\"test\", {\n contactId: escalationPlan.arn,\n stages: [{\n durationInMinutes: 0,\n targets: [\n {\n contactTargetInfo: {\n isEssential: false,\n contactId: contactOne.arn,\n },\n },\n {\n contactTargetInfo: {\n isEssential: true,\n contactId: contactTwo.arn,\n },\n },\n {\n channelTargetInfo: {\n retryIntervalInMinutes: 2,\n contactChannelId: channel.arn,\n },\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nescalation_plan = aws.ssmcontacts.Contact(\"escalation_plan\",\n alias=\"escalation-plan-alias\",\n type=\"ESCALATION\")\ncontact_one = aws.ssmcontacts.Contact(\"contact_one\",\n alias=\"alias\",\n type=\"PERSONAL\")\ncontact_two = aws.ssmcontacts.Contact(\"contact_two\",\n alias=\"alias\",\n type=\"PERSONAL\")\ntest = aws.ssmcontacts.Plan(\"test\",\n contact_id=escalation_plan.arn,\n stages=[{\n \"duration_in_minutes\": 0,\n \"targets\": [\n {\n \"contact_target_info\": {\n \"is_essential\": False,\n \"contact_id\": contact_one.arn,\n },\n },\n {\n \"contact_target_info\": {\n \"is_essential\": True,\n \"contact_id\": contact_two.arn,\n },\n },\n {\n \"channel_target_info\": {\n \"retry_interval_in_minutes\": 2,\n \"contact_channel_id\": channel[\"arn\"],\n },\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var escalationPlan = new Aws.SsmContacts.Contact(\"escalation_plan\", new()\n {\n Alias = \"escalation-plan-alias\",\n Type = \"ESCALATION\",\n });\n\n var contactOne = new Aws.SsmContacts.Contact(\"contact_one\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n });\n\n var contactTwo = new Aws.SsmContacts.Contact(\"contact_two\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n });\n\n var test = new Aws.SsmContacts.Plan(\"test\", new()\n {\n ContactId = escalationPlan.Arn,\n Stages = new[]\n {\n new Aws.SsmContacts.Inputs.PlanStageArgs\n {\n DurationInMinutes = 0,\n Targets = new[]\n {\n new Aws.SsmContacts.Inputs.PlanStageTargetArgs\n {\n ContactTargetInfo = new Aws.SsmContacts.Inputs.PlanStageTargetContactTargetInfoArgs\n {\n IsEssential = false,\n ContactId = contactOne.Arn,\n },\n },\n new Aws.SsmContacts.Inputs.PlanStageTargetArgs\n {\n ContactTargetInfo = new Aws.SsmContacts.Inputs.PlanStageTargetContactTargetInfoArgs\n {\n IsEssential = true,\n ContactId = contactTwo.Arn,\n },\n },\n new Aws.SsmContacts.Inputs.PlanStageTargetArgs\n {\n ChannelTargetInfo = new Aws.SsmContacts.Inputs.PlanStageTargetChannelTargetInfoArgs\n {\n RetryIntervalInMinutes = 2,\n ContactChannelId = channel.Arn,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tescalationPlan, err := ssmcontacts.NewContact(ctx, \"escalation_plan\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"escalation-plan-alias\"),\n\t\t\tType: pulumi.String(\"ESCALATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcontactOne, err := ssmcontacts.NewContact(ctx, \"contact_one\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcontactTwo, err := ssmcontacts.NewContact(ctx, \"contact_two\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssmcontacts.NewPlan(ctx, \"test\", \u0026ssmcontacts.PlanArgs{\n\t\t\tContactId: escalationPlan.Arn,\n\t\t\tStages: ssmcontacts.PlanStageArray{\n\t\t\t\t\u0026ssmcontacts.PlanStageArgs{\n\t\t\t\t\tDurationInMinutes: pulumi.Int(0),\n\t\t\t\t\tTargets: ssmcontacts.PlanStageTargetArray{\n\t\t\t\t\t\t\u0026ssmcontacts.PlanStageTargetArgs{\n\t\t\t\t\t\t\tContactTargetInfo: \u0026ssmcontacts.PlanStageTargetContactTargetInfoArgs{\n\t\t\t\t\t\t\t\tIsEssential: pulumi.Bool(false),\n\t\t\t\t\t\t\t\tContactId: contactOne.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssmcontacts.PlanStageTargetArgs{\n\t\t\t\t\t\t\tContactTargetInfo: \u0026ssmcontacts.PlanStageTargetContactTargetInfoArgs{\n\t\t\t\t\t\t\t\tIsEssential: pulumi.Bool(true),\n\t\t\t\t\t\t\t\tContactId: contactTwo.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026ssmcontacts.PlanStageTargetArgs{\n\t\t\t\t\t\t\tChannelTargetInfo: \u0026ssmcontacts.PlanStageTargetChannelTargetInfoArgs{\n\t\t\t\t\t\t\t\tRetryIntervalInMinutes: pulumi.Int(2),\n\t\t\t\t\t\t\t\tContactChannelId: pulumi.Any(channel.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.aws.ssmcontacts.Plan;\nimport com.pulumi.aws.ssmcontacts.PlanArgs;\nimport com.pulumi.aws.ssmcontacts.inputs.PlanStageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var escalationPlan = new Contact(\"escalationPlan\", ContactArgs.builder()\n .alias(\"escalation-plan-alias\")\n .type(\"ESCALATION\")\n .build());\n\n var contactOne = new Contact(\"contactOne\", ContactArgs.builder()\n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build());\n\n var contactTwo = new Contact(\"contactTwo\", ContactArgs.builder()\n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build());\n\n var test = new Plan(\"test\", PlanArgs.builder()\n .contactId(escalationPlan.arn())\n .stages(PlanStageArgs.builder()\n .durationInMinutes(0)\n .targets( \n PlanStageTargetArgs.builder()\n .contactTargetInfo(PlanStageTargetContactTargetInfoArgs.builder()\n .isEssential(false)\n .contactId(contactOne.arn())\n .build())\n .build(),\n PlanStageTargetArgs.builder()\n .contactTargetInfo(PlanStageTargetContactTargetInfoArgs.builder()\n .isEssential(true)\n .contactId(contactTwo.arn())\n .build())\n .build(),\n PlanStageTargetArgs.builder()\n .channelTargetInfo(PlanStageTargetChannelTargetInfoArgs.builder()\n .retryIntervalInMinutes(2)\n .contactChannelId(channel.arn())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n escalationPlan:\n type: aws:ssmcontacts:Contact\n name: escalation_plan\n properties:\n alias: escalation-plan-alias\n type: ESCALATION\n contactOne:\n type: aws:ssmcontacts:Contact\n name: contact_one\n properties:\n alias: alias\n type: PERSONAL\n contactTwo:\n type: aws:ssmcontacts:Contact\n name: contact_two\n properties:\n alias: alias\n type: PERSONAL\n test:\n type: aws:ssmcontacts:Plan\n properties:\n contactId: ${escalationPlan.arn}\n stages:\n - durationInMinutes: 0\n targets:\n - contactTargetInfo:\n isEssential: false\n contactId: ${contactOne.arn}\n - contactTargetInfo:\n isEssential: true\n contactId: ${contactTwo.arn}\n - channelTargetInfo:\n retryIntervalInMinutes: 2\n contactChannelId: ${channel.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Contact Plan using the Contact ARN. For example:\n\n```sh\n$ pulumi import aws:ssmcontacts/plan:Plan example {ARNValue}\n```\n", "properties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/PlanStage:PlanStage" }, "description": "One or more configuration blocks for specifying a list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods. See Stage below for more details.\n" } }, "required": [ "contactId", "stages" ], "inputProperties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n", "willReplaceOnChanges": true }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/PlanStage:PlanStage" }, "description": "One or more configuration blocks for specifying a list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods. See Stage below for more details.\n" } }, "requiredInputs": [ "contactId", "stages" ], "stateInputs": { "description": "Input properties used for looking up and filtering Plan resources.\n", "properties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n", "willReplaceOnChanges": true }, "stages": { "type": "array", "items": { "$ref": "#/types/aws:ssmcontacts/PlanStage:PlanStage" }, "description": "One or more configuration blocks for specifying a list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods. See Stage below for more details.\n" } }, "type": "object" } }, "aws:ssmincidents/replicationSet:ReplicationSet": { "description": "Provides a resource for managing a replication set in AWS Systems Manager Incident Manager.\n\n\u003e **NOTE:** Deleting a replication set also deletes all Incident Manager related data including response plans, incident records, contacts and escalation plans.\n\n## Example Usage\n\n### Basic Usage\n\nCreate a replication set.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicationSetName = new aws.ssmincidents.ReplicationSet(\"replicationSetName\", {\n regions: [{\n name: \"us-west-2\",\n }],\n tags: {\n exampleTag: \"exampleValue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplication_set_name = aws.ssmincidents.ReplicationSet(\"replicationSetName\",\n regions=[{\n \"name\": \"us-west-2\",\n }],\n tags={\n \"exampleTag\": \"exampleValue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replicationSetName = new Aws.SsmIncidents.ReplicationSet(\"replicationSetName\", new()\n {\n Regions = new[]\n {\n new Aws.SsmIncidents.Inputs.ReplicationSetRegionArgs\n {\n Name = \"us-west-2\",\n },\n },\n Tags = \n {\n { \"exampleTag\", \"exampleValue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewReplicationSet(ctx, \"replicationSetName\", \u0026ssmincidents.ReplicationSetArgs{\n\t\t\tRegions: ssmincidents.ReplicationSetRegionArray{\n\t\t\t\t\u0026ssmincidents.ReplicationSetRegionArgs{\n\t\t\t\t\tName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"exampleTag\": pulumi.String(\"exampleValue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ReplicationSet;\nimport com.pulumi.aws.ssmincidents.ReplicationSetArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ReplicationSetRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replicationSetName = new ReplicationSet(\"replicationSetName\", ReplicationSetArgs.builder()\n .regions(ReplicationSetRegionArgs.builder()\n .name(\"us-west-2\")\n .build())\n .tags(Map.of(\"exampleTag\", \"exampleValue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationSetName:\n type: aws:ssmincidents:ReplicationSet\n properties:\n regions:\n - name: us-west-2\n tags:\n exampleTag: exampleValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAdd a Region to a replication set. (You can add only one Region at a time.)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicationSetName = new aws.ssmincidents.ReplicationSet(\"replicationSetName\", {regions: [\n {\n name: \"us-west-2\",\n },\n {\n name: \"ap-southeast-2\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplication_set_name = aws.ssmincidents.ReplicationSet(\"replicationSetName\", regions=[\n {\n \"name\": \"us-west-2\",\n },\n {\n \"name\": \"ap-southeast-2\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replicationSetName = new Aws.SsmIncidents.ReplicationSet(\"replicationSetName\", new()\n {\n Regions = new[]\n {\n new Aws.SsmIncidents.Inputs.ReplicationSetRegionArgs\n {\n Name = \"us-west-2\",\n },\n new Aws.SsmIncidents.Inputs.ReplicationSetRegionArgs\n {\n Name = \"ap-southeast-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewReplicationSet(ctx, \"replicationSetName\", \u0026ssmincidents.ReplicationSetArgs{\n\t\t\tRegions: ssmincidents.ReplicationSetRegionArray{\n\t\t\t\t\u0026ssmincidents.ReplicationSetRegionArgs{\n\t\t\t\t\tName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t\t\u0026ssmincidents.ReplicationSetRegionArgs{\n\t\t\t\t\tName: pulumi.String(\"ap-southeast-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ReplicationSet;\nimport com.pulumi.aws.ssmincidents.ReplicationSetArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ReplicationSetRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replicationSetName = new ReplicationSet(\"replicationSetName\", ReplicationSetArgs.builder()\n .regions( \n ReplicationSetRegionArgs.builder()\n .name(\"us-west-2\")\n .build(),\n ReplicationSetRegionArgs.builder()\n .name(\"ap-southeast-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationSetName:\n type: aws:ssmincidents:ReplicationSet\n properties:\n regions:\n - name: us-west-2\n - name: ap-southeast-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nDelete a Region from a replication set. (You can delete only one Region at a time.)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst replicationSetName = new aws.ssmincidents.ReplicationSet(\"replicationSetName\", {regions: [{\n name: \"us-west-2\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreplication_set_name = aws.ssmincidents.ReplicationSet(\"replicationSetName\", regions=[{\n \"name\": \"us-west-2\",\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var replicationSetName = new Aws.SsmIncidents.ReplicationSet(\"replicationSetName\", new()\n {\n Regions = new[]\n {\n new Aws.SsmIncidents.Inputs.ReplicationSetRegionArgs\n {\n Name = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewReplicationSet(ctx, \"replicationSetName\", \u0026ssmincidents.ReplicationSetArgs{\n\t\t\tRegions: ssmincidents.ReplicationSetRegionArray{\n\t\t\t\t\u0026ssmincidents.ReplicationSetRegionArgs{\n\t\t\t\t\tName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ReplicationSet;\nimport com.pulumi.aws.ssmincidents.ReplicationSetArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ReplicationSetRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var replicationSetName = new ReplicationSet(\"replicationSetName\", ReplicationSetArgs.builder()\n .regions(ReplicationSetRegionArgs.builder()\n .name(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationSetName:\n type: aws:ssmincidents:ReplicationSet\n properties:\n regions:\n - name: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Basic Usage with an AWS Customer Managed Key\n\nCreate a replication set with an AWS Key Management Service (AWS KMS) customer manager key:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleKey = new aws.kms.Key(\"example_key\", {});\nconst replicationSetName = new aws.ssmincidents.ReplicationSet(\"replicationSetName\", {\n regions: [{\n name: \"us-west-2\",\n kmsKeyArn: exampleKey.arn,\n }],\n tags: {\n exampleTag: \"exampleValue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_key = aws.kms.Key(\"example_key\")\nreplication_set_name = aws.ssmincidents.ReplicationSet(\"replicationSetName\",\n regions=[{\n \"name\": \"us-west-2\",\n \"kms_key_arn\": example_key.arn,\n }],\n tags={\n \"exampleTag\": \"exampleValue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleKey = new Aws.Kms.Key(\"example_key\");\n\n var replicationSetName = new Aws.SsmIncidents.ReplicationSet(\"replicationSetName\", new()\n {\n Regions = new[]\n {\n new Aws.SsmIncidents.Inputs.ReplicationSetRegionArgs\n {\n Name = \"us-west-2\",\n KmsKeyArn = exampleKey.Arn,\n },\n },\n Tags = \n {\n { \"exampleTag\", \"exampleValue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleKey, err := kms.NewKey(ctx, \"example_key\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssmincidents.NewReplicationSet(ctx, \"replicationSetName\", \u0026ssmincidents.ReplicationSetArgs{\n\t\t\tRegions: ssmincidents.ReplicationSetRegionArray{\n\t\t\t\t\u0026ssmincidents.ReplicationSetRegionArgs{\n\t\t\t\t\tName: pulumi.String(\"us-west-2\"),\n\t\t\t\t\tKmsKeyArn: exampleKey.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"exampleTag\": pulumi.String(\"exampleValue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.ssmincidents.ReplicationSet;\nimport com.pulumi.aws.ssmincidents.ReplicationSetArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ReplicationSetRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleKey = new Key(\"exampleKey\");\n\n var replicationSetName = new ReplicationSet(\"replicationSetName\", ReplicationSetArgs.builder()\n .regions(ReplicationSetRegionArgs.builder()\n .name(\"us-west-2\")\n .kmsKeyArn(exampleKey.arn())\n .build())\n .tags(Map.of(\"exampleTag\", \"exampleValue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleKey:\n type: aws:kms:Key\n name: example_key\n replicationSetName:\n type: aws:ssmincidents:ReplicationSet\n properties:\n regions:\n - name: us-west-2\n kmsKeyArn: ${exampleKey.arn}\n tags:\n exampleTag: exampleValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Incident Manager replication. For example:\n\n```sh\n$ pulumi import aws:ssmincidents/replicationSet:ReplicationSet replicationSetName import\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the replication set.\n" }, "createdBy": { "type": "string", "description": "The ARN of the user who created the replication set.\n" }, "deletionProtected": { "type": "boolean", "description": "If `true`, the last region in a replication set cannot be deleted.\n" }, "lastModifiedBy": { "type": "string", "description": "A timestamp showing when the replication set was last modified.\n" }, "regions": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ReplicationSetRegion:ReplicationSetRegion" } }, "status": { "type": "string", "description": "The current status of the Region.\n* Valid Values: `ACTIVE` | `CREATING` | `UPDATING` | `DELETING` | `FAILED`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdBy", "deletionProtected", "lastModifiedBy", "regions", "status", "tagsAll" ], "inputProperties": { "regions": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ReplicationSetRegion:ReplicationSetRegion" } }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "regions" ], "stateInputs": { "description": "Input properties used for looking up and filtering ReplicationSet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the replication set.\n" }, "createdBy": { "type": "string", "description": "The ARN of the user who created the replication set.\n" }, "deletionProtected": { "type": "boolean", "description": "If `true`, the last region in a replication set cannot be deleted.\n" }, "lastModifiedBy": { "type": "string", "description": "A timestamp showing when the replication set was last modified.\n" }, "regions": { "type": "array", "items": { "$ref": "#/types/aws:ssmincidents/ReplicationSetRegion:ReplicationSetRegion" } }, "status": { "type": "string", "description": "The current status of the Region.\n* Valid Values: `ACTIVE` | `CREATING` | `UPDATING` | `DELETING` | `FAILED`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssmincidents/responsePlan:ResponsePlan": { "description": "Provides a resource to manage response plans in AWS Systems Manager Incident Manager.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n },\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template={\n \"title\": \"title\",\n \"impact\": 3,\n },\n tags={\n \"key\": \"value\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder()\n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n dedupeString: \"dedupe\",\n incidentTags: {\n key: \"value\",\n },\n notificationTargets: [\n {\n snsTopicArn: example1.arn,\n },\n {\n snsTopicArn: example2.arn,\n },\n ],\n summary: \"summary\",\n },\n displayName: \"display name\",\n chatChannels: [topic.arn],\n engagements: [\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action: {\n ssmAutomations: [{\n documentName: document1.name,\n roleArn: role1.arn,\n documentVersion: \"version1\",\n targetAccount: \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n parameters: [\n {\n name: \"key\",\n values: [\n \"value1\",\n \"value2\",\n ],\n },\n {\n name: \"foo\",\n values: [\"bar\"],\n },\n ],\n dynamicParameters: {\n someKey: \"INVOLVED_RESOURCES\",\n anotherKey: \"INCIDENT_RECORD_ARN\",\n },\n }],\n },\n integration: {\n pagerduties: [{\n name: \"pagerdutyIntergration\",\n serviceId: \"example\",\n secretId: \"example\",\n }],\n },\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template={\n \"title\": \"title\",\n \"impact\": 3,\n \"dedupe_string\": \"dedupe\",\n \"incident_tags\": {\n \"key\": \"value\",\n },\n \"notification_targets\": [\n {\n \"sns_topic_arn\": example1[\"arn\"],\n },\n {\n \"sns_topic_arn\": example2[\"arn\"],\n },\n ],\n \"summary\": \"summary\",\n },\n display_name=\"display name\",\n chat_channels=[topic[\"arn\"]],\n engagements=[\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action={\n \"ssm_automations\": [{\n \"document_name\": document1[\"name\"],\n \"role_arn\": role1[\"arn\"],\n \"document_version\": \"version1\",\n \"target_account\": \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n \"parameters\": [\n {\n \"name\": \"key\",\n \"values\": [\n \"value1\",\n \"value2\",\n ],\n },\n {\n \"name\": \"foo\",\n \"values\": [\"bar\"],\n },\n ],\n \"dynamic_parameters\": {\n \"some_key\": \"INVOLVED_RESOURCES\",\n \"another_key\": \"INCIDENT_RECORD_ARN\",\n },\n }],\n },\n integration={\n \"pagerduties\": [{\n \"name\": \"pagerdutyIntergration\",\n \"service_id\": \"example\",\n \"secret_id\": \"example\",\n }],\n },\n tags={\n \"key\": \"value\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n DedupeString = \"dedupe\",\n IncidentTags = \n {\n { \"key\", \"value\" },\n },\n NotificationTargets = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example1.Arn,\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example2.Arn,\n },\n },\n Summary = \"summary\",\n },\n DisplayName = \"display name\",\n ChatChannels = new[]\n {\n topic.Arn,\n },\n Engagements = new[]\n {\n \"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\",\n },\n Action = new Aws.SsmIncidents.Inputs.ResponsePlanActionArgs\n {\n SsmAutomations = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationArgs\n {\n DocumentName = document1.Name,\n RoleArn = role1.Arn,\n DocumentVersion = \"version1\",\n TargetAccount = \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n Parameters = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"key\",\n Values = new[]\n {\n \"value1\",\n \"value2\",\n },\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"foo\",\n Values = new[]\n {\n \"bar\",\n },\n },\n },\n DynamicParameters = \n {\n { \"someKey\", \"INVOLVED_RESOURCES\" },\n { \"anotherKey\", \"INCIDENT_RECORD_ARN\" },\n },\n },\n },\n },\n Integration = new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationArgs\n {\n Pagerduties = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationPagerdutyArgs\n {\n Name = \"pagerdutyIntergration\",\n ServiceId = \"example\",\n SecretId = \"example\",\n },\n },\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t\tDedupeString: pulumi.String(\"dedupe\"),\n\t\t\t\tIncidentTags: pulumi.StringMap{\n\t\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t\t},\n\t\t\t\tNotificationTargets: ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example1.Arn),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example2.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSummary: pulumi.String(\"summary\"),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"display name\"),\n\t\t\tChatChannels: pulumi.StringArray{\n\t\t\t\ttopic.Arn,\n\t\t\t},\n\t\t\tEngagements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"),\n\t\t\t},\n\t\t\tAction: \u0026ssmincidents.ResponsePlanActionArgs{\n\t\t\t\tSsmAutomations: ssmincidents.ResponsePlanActionSsmAutomationArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationArgs{\n\t\t\t\t\t\tDocumentName: pulumi.Any(document1.Name),\n\t\t\t\t\t\tRoleArn: pulumi.Any(role1.Arn),\n\t\t\t\t\t\tDocumentVersion: pulumi.String(\"version1\"),\n\t\t\t\t\t\tTargetAccount: pulumi.String(\"RESPONSE_PLAN_OWNER_ACCOUNT\"),\n\t\t\t\t\t\tParameters: ssmincidents.ResponsePlanActionSsmAutomationParameterArray{\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"key\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value2\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"foo\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"bar\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDynamicParameters: pulumi.StringMap{\n\t\t\t\t\t\t\t\"someKey\": pulumi.String(\"INVOLVED_RESOURCES\"),\n\t\t\t\t\t\t\t\"anotherKey\": pulumi.String(\"INCIDENT_RECORD_ARN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tIntegration: \u0026ssmincidents.ResponsePlanIntegrationArgs{\n\t\t\t\tPagerduties: ssmincidents.ResponsePlanIntegrationPagerdutyArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIntegrationPagerdutyArgs{\n\t\t\t\t\t\tName: pulumi.String(\"pagerdutyIntergration\"),\n\t\t\t\t\t\tServiceId: pulumi.String(\"example\"),\n\t\t\t\t\t\tSecretId: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanActionArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIntegrationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder()\n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .dedupeString(\"dedupe\")\n .incidentTags(Map.of(\"key\", \"value\"))\n .notificationTargets( \n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example1.arn())\n .build(),\n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example2.arn())\n .build())\n .summary(\"summary\")\n .build())\n .displayName(\"display name\")\n .chatChannels(topic.arn())\n .engagements(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\")\n .action(ResponsePlanActionArgs.builder()\n .ssmAutomations(ResponsePlanActionSsmAutomationArgs.builder()\n .documentName(document1.name())\n .roleArn(role1.arn())\n .documentVersion(\"version1\")\n .targetAccount(\"RESPONSE_PLAN_OWNER_ACCOUNT\")\n .parameters( \n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"key\")\n .values( \n \"value1\",\n \"value2\")\n .build(),\n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"foo\")\n .values(\"bar\")\n .build())\n .dynamicParameters(Map.ofEntries(\n Map.entry(\"someKey\", \"INVOLVED_RESOURCES\"),\n Map.entry(\"anotherKey\", \"INCIDENT_RECORD_ARN\")\n ))\n .build())\n .build())\n .integration(ResponsePlanIntegrationArgs.builder()\n .pagerduties(ResponsePlanIntegrationPagerdutyArgs.builder()\n .name(\"pagerdutyIntergration\")\n .serviceId(\"example\")\n .secretId(\"example\")\n .build())\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n dedupeString: dedupe\n incidentTags:\n key: value\n notificationTargets:\n - snsTopicArn: ${example1.arn}\n - snsTopicArn: ${example2.arn}\n summary: summary\n displayName: display name\n chatChannels:\n - ${topic.arn}\n engagements:\n - arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\n action:\n ssmAutomations:\n - documentName: ${document1.name}\n roleArn: ${role1.arn}\n documentVersion: version1\n targetAccount: RESPONSE_PLAN_OWNER_ACCOUNT\n parameters:\n - name: key\n values:\n - value1\n - value2\n - name: foo\n values:\n - bar\n dynamicParameters:\n someKey: INVOLVED_RESOURCES\n anotherKey: INCIDENT_RECORD_ARN\n integration:\n pagerduties:\n - name: pagerdutyIntergration\n serviceId: example\n secretId: example\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Incident Manager response plan using the response plan ARN. You can find the response plan ARN in the AWS Management Console. For example:\n\n```sh\n$ pulumi import aws:ssmincidents/responsePlan:ResponsePlan responsePlanName ARNValue\n```\n", "properties": { "action": { "$ref": "#/types/aws:ssmincidents/ResponsePlanAction:ResponsePlanAction" }, "arn": { "type": "string", "description": "The ARN of the response plan.\n" }, "chatChannels": { "type": "array", "items": { "type": "string" } }, "displayName": { "type": "string" }, "engagements": { "type": "array", "items": { "type": "string" } }, "incidentTemplate": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIncidentTemplate:ResponsePlanIncidentTemplate" }, "integration": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIntegration:ResponsePlanIntegration" }, "name": { "type": "string", "description": "The name of the response plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "incidentTemplate", "name", "tagsAll" ], "inputProperties": { "action": { "$ref": "#/types/aws:ssmincidents/ResponsePlanAction:ResponsePlanAction" }, "chatChannels": { "type": "array", "items": { "type": "string" } }, "displayName": { "type": "string" }, "engagements": { "type": "array", "items": { "type": "string" } }, "incidentTemplate": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIncidentTemplate:ResponsePlanIncidentTemplate" }, "integration": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIntegration:ResponsePlanIntegration" }, "name": { "type": "string", "description": "The name of the response plan.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "incidentTemplate" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResponsePlan resources.\n", "properties": { "action": { "$ref": "#/types/aws:ssmincidents/ResponsePlanAction:ResponsePlanAction" }, "arn": { "type": "string", "description": "The ARN of the response plan.\n" }, "chatChannels": { "type": "array", "items": { "type": "string" } }, "displayName": { "type": "string" }, "engagements": { "type": "array", "items": { "type": "string" } }, "incidentTemplate": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIncidentTemplate:ResponsePlanIncidentTemplate" }, "integration": { "$ref": "#/types/aws:ssmincidents/ResponsePlanIntegration:ResponsePlanIntegration" }, "name": { "type": "string", "description": "The name of the response plan.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssoadmin/accountAssignment:AccountAssignment": { "description": "Provides a Single Sign-On (SSO) Account Assignment resource\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleGetPermissionSet = example.then(example =\u003e aws.ssoadmin.getPermissionSet({\n instanceArn: example.arns?.[0],\n name: \"AWSReadOnlyAccess\",\n}));\nconst exampleGetGroup = example.then(example =\u003e aws.identitystore.getGroup({\n identityStoreId: example.identityStoreIds?.[0],\n alternateIdentifier: {\n uniqueAttribute: {\n attributePath: \"DisplayName\",\n attributeValue: \"ExampleGroup\",\n },\n },\n}));\nconst exampleAccountAssignment = new aws.ssoadmin.AccountAssignment(\"example\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n permissionSetArn: exampleGetPermissionSet.then(exampleGetPermissionSet =\u003e exampleGetPermissionSet.arn),\n principalId: exampleGetGroup.then(exampleGetGroup =\u003e exampleGetGroup.groupId),\n principalType: \"GROUP\",\n targetId: \"123456789012\",\n targetType: \"AWS_ACCOUNT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_get_permission_set = aws.ssoadmin.get_permission_set(instance_arn=example.arns[0],\n name=\"AWSReadOnlyAccess\")\nexample_get_group = aws.identitystore.get_group(identity_store_id=example.identity_store_ids[0],\n alternate_identifier={\n \"unique_attribute\": {\n \"attribute_path\": \"DisplayName\",\n \"attribute_value\": \"ExampleGroup\",\n },\n })\nexample_account_assignment = aws.ssoadmin.AccountAssignment(\"example\",\n instance_arn=example.arns[0],\n permission_set_arn=example_get_permission_set.arn,\n principal_id=example_get_group.group_id,\n principal_type=\"GROUP\",\n target_id=\"123456789012\",\n target_type=\"AWS_ACCOUNT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleGetPermissionSet = Aws.SsoAdmin.GetPermissionSet.Invoke(new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n Name = \"AWSReadOnlyAccess\",\n });\n\n var exampleGetGroup = Aws.IdentityStore.GetGroup.Invoke(new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n AlternateIdentifier = new Aws.IdentityStore.Inputs.GetGroupAlternateIdentifierInputArgs\n {\n UniqueAttribute = new Aws.IdentityStore.Inputs.GetGroupAlternateIdentifierUniqueAttributeInputArgs\n {\n AttributePath = \"DisplayName\",\n AttributeValue = \"ExampleGroup\",\n },\n },\n });\n\n var exampleAccountAssignment = new Aws.SsoAdmin.AccountAssignment(\"example\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n PermissionSetArn = exampleGetPermissionSet.Apply(getPermissionSetResult =\u003e getPermissionSetResult.Arn),\n PrincipalId = exampleGetGroup.Apply(getGroupResult =\u003e getGroupResult.GroupId),\n PrincipalType = \"GROUP\",\n TargetId = \"123456789012\",\n TargetType = \"AWS_ACCOUNT\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetPermissionSet, err := ssoadmin.LookupPermissionSet(ctx, \u0026ssoadmin.LookupPermissionSetArgs{\n\t\t\tInstanceArn: example.Arns[0],\n\t\t\tName: pulumi.StringRef(\"AWSReadOnlyAccess\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetGroup, err := identitystore.LookupGroup(ctx, \u0026identitystore.LookupGroupArgs{\n\t\t\tIdentityStoreId: example.IdentityStoreIds[0],\n\t\t\tAlternateIdentifier: identitystore.GetGroupAlternateIdentifier{\n\t\t\t\tUniqueAttribute: identitystore.GetGroupAlternateIdentifierUniqueAttribute{\n\t\t\t\t\tAttributePath: \"DisplayName\",\n\t\t\t\t\tAttributeValue: \"ExampleGroup\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewAccountAssignment(ctx, \"example\", \u0026ssoadmin.AccountAssignmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tPermissionSetArn: pulumi.String(exampleGetPermissionSet.Arn),\n\t\t\tPrincipalId: pulumi.String(exampleGetGroup.GroupId),\n\t\t\tPrincipalType: pulumi.String(\"GROUP\"),\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tTargetType: pulumi.String(\"AWS_ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetPermissionSetArgs;\nimport com.pulumi.aws.identitystore.IdentitystoreFunctions;\nimport com.pulumi.aws.identitystore.inputs.GetGroupArgs;\nimport com.pulumi.aws.identitystore.inputs.GetGroupAlternateIdentifierArgs;\nimport com.pulumi.aws.identitystore.inputs.GetGroupAlternateIdentifierUniqueAttributeArgs;\nimport com.pulumi.aws.ssoadmin.AccountAssignment;\nimport com.pulumi.aws.ssoadmin.AccountAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n final var exampleGetPermissionSet = SsoadminFunctions.getPermissionSet(GetPermissionSetArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .name(\"AWSReadOnlyAccess\")\n .build());\n\n final var exampleGetGroup = IdentitystoreFunctions.getGroup(GetGroupArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .alternateIdentifier(GetGroupAlternateIdentifierArgs.builder()\n .uniqueAttribute(GetGroupAlternateIdentifierUniqueAttributeArgs.builder()\n .attributePath(\"DisplayName\")\n .attributeValue(\"ExampleGroup\")\n .build())\n .build())\n .build());\n\n var exampleAccountAssignment = new AccountAssignment(\"exampleAccountAssignment\", AccountAssignmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .permissionSetArn(exampleGetPermissionSet.applyValue(getPermissionSetResult -\u003e getPermissionSetResult.arn()))\n .principalId(exampleGetGroup.applyValue(getGroupResult -\u003e getGroupResult.groupId()))\n .principalType(\"GROUP\")\n .targetId(\"123456789012\")\n .targetType(\"AWS_ACCOUNT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAccountAssignment:\n type: aws:ssoadmin:AccountAssignment\n name: example\n properties:\n instanceArn: ${example.arns[0]}\n permissionSetArn: ${exampleGetPermissionSet.arn}\n principalId: ${exampleGetGroup.groupId}\n principalType: GROUP\n targetId: '123456789012'\n targetType: AWS_ACCOUNT\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetPermissionSet:\n fn::invoke:\n Function: aws:ssoadmin:getPermissionSet\n Arguments:\n instanceArn: ${example.arns[0]}\n name: AWSReadOnlyAccess\n exampleGetGroup:\n fn::invoke:\n Function: aws:identitystore:getGroup\n Arguments:\n identityStoreId: ${example.identityStoreIds[0]}\n alternateIdentifier:\n uniqueAttribute:\n attributePath: DisplayName\n attributeValue: ExampleGroup\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Managed Policy Attachment\n\n\u003e Because destruction of a managed policy attachment resource also re-provisions the associated permission set to all accounts, explicitly indicating the dependency with the account assignment resource via the `depends_on` meta argument is necessary to ensure proper deletion order when these resources are used together.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst exampleGroup = new aws.identitystore.Group(\"example\", {\n identityStoreId: example.then(example =\u003e example.identityStoreIds?.[0]),\n displayName: \"Admin\",\n description: \"Admin Group\",\n});\nconst accountAssignment = new aws.ssoadmin.AccountAssignment(\"account_assignment\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n permissionSetArn: examplePermissionSet.arn,\n principalId: exampleGroup.groupId,\n principalType: \"GROUP\",\n targetId: \"123456789012\",\n targetType: \"AWS_ACCOUNT\",\n});\nconst exampleManagedPolicyAttachment = new aws.ssoadmin.ManagedPolicyAttachment(\"example\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n managedPolicyArn: \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permissionSetArn: examplePermissionSet.arn,\n}, {\n dependsOn: [exampleAwsSsoadminAccountAssignment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_group = aws.identitystore.Group(\"example\",\n identity_store_id=example.identity_store_ids[0],\n display_name=\"Admin\",\n description=\"Admin Group\")\naccount_assignment = aws.ssoadmin.AccountAssignment(\"account_assignment\",\n instance_arn=example.arns[0],\n permission_set_arn=example_permission_set.arn,\n principal_id=example_group.group_id,\n principal_type=\"GROUP\",\n target_id=\"123456789012\",\n target_type=\"AWS_ACCOUNT\")\nexample_managed_policy_attachment = aws.ssoadmin.ManagedPolicyAttachment(\"example\",\n instance_arn=example.arns[0],\n managed_policy_arn=\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permission_set_arn=example_permission_set.arn,\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssoadmin_account_assignment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var exampleGroup = new Aws.IdentityStore.Group(\"example\", new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n DisplayName = \"Admin\",\n Description = \"Admin Group\",\n });\n\n var accountAssignment = new Aws.SsoAdmin.AccountAssignment(\"account_assignment\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n PermissionSetArn = examplePermissionSet.Arn,\n PrincipalId = exampleGroup.GroupId,\n PrincipalType = \"GROUP\",\n TargetId = \"123456789012\",\n TargetType = \"AWS_ACCOUNT\",\n });\n\n var exampleManagedPolicyAttachment = new Aws.SsoAdmin.ManagedPolicyAttachment(\"example\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n ManagedPolicyArn = \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n PermissionSetArn = examplePermissionSet.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsoadminAccountAssignment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := identitystore.NewGroup(ctx, \"example\", \u0026identitystore.GroupArgs{\n\t\t\tIdentityStoreId: pulumi.String(example.IdentityStoreIds[0]),\n\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\tDescription: pulumi.String(\"Admin Group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewAccountAssignment(ctx, \"account_assignment\", \u0026ssoadmin.AccountAssignmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t\tPrincipalId: exampleGroup.GroupId,\n\t\t\tPrincipalType: pulumi.String(\"GROUP\"),\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tTargetType: pulumi.String(\"AWS_ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewManagedPolicyAttachment(ctx, \"example\", \u0026ssoadmin.ManagedPolicyAttachmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tManagedPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\"),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsoadminAccountAssignment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.identitystore.Group;\nimport com.pulumi.aws.identitystore.GroupArgs;\nimport com.pulumi.aws.ssoadmin.AccountAssignment;\nimport com.pulumi.aws.ssoadmin.AccountAssignmentArgs;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachment;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .displayName(\"Admin\")\n .description(\"Admin Group\")\n .build());\n\n var accountAssignment = new AccountAssignment(\"accountAssignment\", AccountAssignmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .permissionSetArn(examplePermissionSet.arn())\n .principalId(exampleGroup.groupId())\n .principalType(\"GROUP\")\n .targetId(\"123456789012\")\n .targetType(\"AWS_ACCOUNT\")\n .build());\n\n var exampleManagedPolicyAttachment = new ManagedPolicyAttachment(\"exampleManagedPolicyAttachment\", ManagedPolicyAttachmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .managedPolicyArn(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\")\n .permissionSetArn(examplePermissionSet.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsoadminAccountAssignment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n exampleGroup:\n type: aws:identitystore:Group\n name: example\n properties:\n identityStoreId: ${example.identityStoreIds[0]}\n displayName: Admin\n description: Admin Group\n accountAssignment:\n type: aws:ssoadmin:AccountAssignment\n name: account_assignment\n properties:\n instanceArn: ${example.arns[0]}\n permissionSetArn: ${examplePermissionSet.arn}\n principalId: ${exampleGroup.groupId}\n principalType: GROUP\n targetId: '123456789012'\n targetType: AWS_ACCOUNT\n exampleManagedPolicyAttachment:\n type: aws:ssoadmin:ManagedPolicyAttachment\n name: example\n properties:\n instanceArn: ${example.arns[0]}\n managedPolicyArn: arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\n permissionSetArn: ${examplePermissionSet.arn}\n options:\n dependson:\n - ${exampleAwsSsoadminAccountAssignment}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Account Assignments using the `principal_id`, `principal_type`, `target_id`, `target_type`, `permission_set_arn`, `instance_arn` separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/accountAssignment:AccountAssignment example f81d4fae-7dec-11d0-a765-00a0c91e6bf6,GROUP,1234567890,AWS_ACCOUNT,arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef,arn:aws:sso:::instance/ssoins-0123456789abcdef\n```\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set that the admin wants to grant the principal access to.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, `f81d4fae-7dec-11d0-a765-00a0c91e6bf6`).\n" }, "principalType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `USER`, `GROUP`.\n" }, "targetId": { "type": "string", "description": "An AWS account identifier, typically a 10-12 digit string.\n" }, "targetType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.\n" } }, "required": [ "instanceArn", "permissionSetArn", "principalId", "principalType", "targetId" ], "inputProperties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set that the admin wants to grant the principal access to.\n", "willReplaceOnChanges": true }, "principalId": { "type": "string", "description": "An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, `f81d4fae-7dec-11d0-a765-00a0c91e6bf6`).\n", "willReplaceOnChanges": true }, "principalType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `USER`, `GROUP`.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "An AWS account identifier, typically a 10-12 digit string.\n", "willReplaceOnChanges": true }, "targetType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceArn", "permissionSetArn", "principalId", "principalType", "targetId" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountAssignment resources.\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set that the admin wants to grant the principal access to.\n", "willReplaceOnChanges": true }, "principalId": { "type": "string", "description": "An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, `f81d4fae-7dec-11d0-a765-00a0c91e6bf6`).\n", "willReplaceOnChanges": true }, "principalType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `USER`, `GROUP`.\n", "willReplaceOnChanges": true }, "targetId": { "type": "string", "description": "An AWS account identifier, typically a 10-12 digit string.\n", "willReplaceOnChanges": true }, "targetType": { "type": "string", "description": "The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssoadmin/application:Application": { "description": "Resource for managing an AWS SSO Admin Application.\n\n\u003e The `CreateApplication` API only supports custom OAuth 2.0 applications.\nCreation of 3rd party SAML or OAuth 2.0 applications require setup to be done through the associated app service or AWS console.\nSee this issue for additional context.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleApplication = new aws.ssoadmin.Application(\"example\", {\n name: \"example\",\n applicationProviderArn: \"arn:aws:sso::aws:applicationProvider/custom\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_application = aws.ssoadmin.Application(\"example\",\n name=\"example\",\n application_provider_arn=\"arn:aws:sso::aws:applicationProvider/custom\",\n instance_arn=example.arns[0])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleApplication = new Aws.SsoAdmin.Application(\"example\", new()\n {\n Name = \"example\",\n ApplicationProviderArn = \"arn:aws:sso::aws:applicationProvider/custom\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewApplication(ctx, \"example\", \u0026ssoadmin.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tApplicationProviderArn: pulumi.String(\"arn:aws:sso::aws:applicationProvider/custom\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.Application;\nimport com.pulumi.aws.ssoadmin.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example\")\n .applicationProviderArn(\"arn:aws:sso::aws:applicationProvider/custom\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: aws:ssoadmin:Application\n name: example\n properties:\n name: example\n applicationProviderArn: arn:aws:sso::aws:applicationProvider/custom\n instanceArn: ${example.arns[0]}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Portal Options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleApplication = new aws.ssoadmin.Application(\"example\", {\n name: \"example\",\n applicationProviderArn: \"arn:aws:sso::aws:applicationProvider/custom\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n portalOptions: {\n visibility: \"ENABLED\",\n signInOptions: {\n applicationUrl: \"http://example.com\",\n origin: \"APPLICATION\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_application = aws.ssoadmin.Application(\"example\",\n name=\"example\",\n application_provider_arn=\"arn:aws:sso::aws:applicationProvider/custom\",\n instance_arn=example.arns[0],\n portal_options={\n \"visibility\": \"ENABLED\",\n \"sign_in_options\": {\n \"application_url\": \"http://example.com\",\n \"origin\": \"APPLICATION\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleApplication = new Aws.SsoAdmin.Application(\"example\", new()\n {\n Name = \"example\",\n ApplicationProviderArn = \"arn:aws:sso::aws:applicationProvider/custom\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n PortalOptions = new Aws.SsoAdmin.Inputs.ApplicationPortalOptionsArgs\n {\n Visibility = \"ENABLED\",\n SignInOptions = new Aws.SsoAdmin.Inputs.ApplicationPortalOptionsSignInOptionsArgs\n {\n ApplicationUrl = \"http://example.com\",\n Origin = \"APPLICATION\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewApplication(ctx, \"example\", \u0026ssoadmin.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tApplicationProviderArn: pulumi.String(\"arn:aws:sso::aws:applicationProvider/custom\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tPortalOptions: \u0026ssoadmin.ApplicationPortalOptionsArgs{\n\t\t\t\tVisibility: pulumi.String(\"ENABLED\"),\n\t\t\t\tSignInOptions: \u0026ssoadmin.ApplicationPortalOptionsSignInOptionsArgs{\n\t\t\t\t\tApplicationUrl: pulumi.String(\"http://example.com\"),\n\t\t\t\t\tOrigin: pulumi.String(\"APPLICATION\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.Application;\nimport com.pulumi.aws.ssoadmin.ApplicationArgs;\nimport com.pulumi.aws.ssoadmin.inputs.ApplicationPortalOptionsArgs;\nimport com.pulumi.aws.ssoadmin.inputs.ApplicationPortalOptionsSignInOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example\")\n .applicationProviderArn(\"arn:aws:sso::aws:applicationProvider/custom\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .portalOptions(ApplicationPortalOptionsArgs.builder()\n .visibility(\"ENABLED\")\n .signInOptions(ApplicationPortalOptionsSignInOptionsArgs.builder()\n .applicationUrl(\"http://example.com\")\n .origin(\"APPLICATION\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: aws:ssoadmin:Application\n name: example\n properties:\n name: example\n applicationProviderArn: arn:aws:sso::aws:applicationProvider/custom\n instanceArn: ${example.arns[0]}\n portalOptions:\n visibility: ENABLED\n signInOptions:\n applicationUrl: http://example.com\n origin: APPLICATION\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Application using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/application:Application example arn:aws:sso::012345678901:application/id-12345678\n```\n", "properties": { "applicationAccount": { "type": "string", "description": "AWS account ID.\n" }, "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "applicationProviderArn": { "type": "string", "description": "ARN of the application provider.\n" }, "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the application.\n\nThe following arguments are optional:\n" }, "portalOptions": { "$ref": "#/types/aws:ssoadmin/ApplicationPortalOptions:ApplicationPortalOptions", "description": "Options for the portal associated with an application. See `portal_options` below.\n" }, "status": { "type": "string", "description": "Status of the application. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "applicationAccount", "applicationArn", "applicationProviderArn", "instanceArn", "name", "status", "tagsAll" ], "inputProperties": { "applicationProviderArn": { "type": "string", "description": "ARN of the application provider.\n" }, "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the application.\n\nThe following arguments are optional:\n" }, "portalOptions": { "$ref": "#/types/aws:ssoadmin/ApplicationPortalOptions:ApplicationPortalOptions", "description": "Options for the portal associated with an application. See `portal_options` below.\n" }, "status": { "type": "string", "description": "Status of the application. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "applicationProviderArn", "instanceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Application resources.\n", "properties": { "applicationAccount": { "type": "string", "description": "AWS account ID.\n" }, "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "applicationProviderArn": { "type": "string", "description": "ARN of the application provider.\n" }, "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "description": { "type": "string", "description": "Description of the application.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the application.\n\nThe following arguments are optional:\n" }, "portalOptions": { "$ref": "#/types/aws:ssoadmin/ApplicationPortalOptions:ApplicationPortalOptions", "description": "Options for the portal associated with an application. See `portal_options` below.\n" }, "status": { "type": "string", "description": "Status of the application. Valid values are `ENABLED` and `DISABLED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssoadmin/applicationAccessScope:ApplicationAccessScope": { "description": "Resource for managing an AWS SSO Admin Application Access Scope.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleApplication = new aws.ssoadmin.Application(\"example\", {\n name: \"example\",\n applicationProviderArn: \"arn:aws:sso::aws:applicationProvider/custom\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst exampleApplicationAccessScope = new aws.ssoadmin.ApplicationAccessScope(\"example\", {\n applicationArn: exampleApplication.applicationArn,\n authorizedTargets: [\"arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\"],\n scope: \"sso:account:access\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_application = aws.ssoadmin.Application(\"example\",\n name=\"example\",\n application_provider_arn=\"arn:aws:sso::aws:applicationProvider/custom\",\n instance_arn=example.arns[0])\nexample_application_access_scope = aws.ssoadmin.ApplicationAccessScope(\"example\",\n application_arn=example_application.application_arn,\n authorized_targets=[\"arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\"],\n scope=\"sso:account:access\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleApplication = new Aws.SsoAdmin.Application(\"example\", new()\n {\n Name = \"example\",\n ApplicationProviderArn = \"arn:aws:sso::aws:applicationProvider/custom\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var exampleApplicationAccessScope = new Aws.SsoAdmin.ApplicationAccessScope(\"example\", new()\n {\n ApplicationArn = exampleApplication.ApplicationArn,\n AuthorizedTargets = new[]\n {\n \"arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\",\n },\n Scope = \"sso:account:access\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleApplication, err := ssoadmin.NewApplication(ctx, \"example\", \u0026ssoadmin.ApplicationArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tApplicationProviderArn: pulumi.String(\"arn:aws:sso::aws:applicationProvider/custom\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewApplicationAccessScope(ctx, \"example\", \u0026ssoadmin.ApplicationAccessScopeArgs{\n\t\t\tApplicationArn: exampleApplication.ApplicationArn,\n\t\t\tAuthorizedTargets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\"),\n\t\t\t},\n\t\t\tScope: pulumi.String(\"sso:account:access\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.Application;\nimport com.pulumi.aws.ssoadmin.ApplicationArgs;\nimport com.pulumi.aws.ssoadmin.ApplicationAccessScope;\nimport com.pulumi.aws.ssoadmin.ApplicationAccessScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleApplication = new Application(\"exampleApplication\", ApplicationArgs.builder()\n .name(\"example\")\n .applicationProviderArn(\"arn:aws:sso::aws:applicationProvider/custom\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var exampleApplicationAccessScope = new ApplicationAccessScope(\"exampleApplicationAccessScope\", ApplicationAccessScopeArgs.builder()\n .applicationArn(exampleApplication.applicationArn())\n .authorizedTargets(\"arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\")\n .scope(\"sso:account:access\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleApplication:\n type: aws:ssoadmin:Application\n name: example\n properties:\n name: example\n applicationProviderArn: arn:aws:sso::aws:applicationProvider/custom\n instanceArn: ${example.arns[0]}\n exampleApplicationAccessScope:\n type: aws:ssoadmin:ApplicationAccessScope\n name: example\n properties:\n applicationArn: ${exampleApplication.applicationArn}\n authorizedTargets:\n - arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901\n scope: sso:account:access\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Application Access Scope using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/applicationAccessScope:ApplicationAccessScope example arn:aws:sso::012345678901:application/ssoins-012345678901/apl-012345678901,sso:account:access\n```\n", "properties": { "applicationArn": { "type": "string", "description": "Specifies the ARN of the application with the access scope with the targets to add or update.\n" }, "authorizedTargets": { "type": "array", "items": { "type": "string" }, "description": "Specifies an array list of ARNs that represent the authorized targets for this access scope.\n" }, "scope": { "type": "string", "description": "Specifies the name of the access scope to be associated with the specified targets.\n\nThe following arguments are optional:\n" } }, "required": [ "applicationArn", "scope" ], "inputProperties": { "applicationArn": { "type": "string", "description": "Specifies the ARN of the application with the access scope with the targets to add or update.\n" }, "authorizedTargets": { "type": "array", "items": { "type": "string" }, "description": "Specifies an array list of ARNs that represent the authorized targets for this access scope.\n" }, "scope": { "type": "string", "description": "Specifies the name of the access scope to be associated with the specified targets.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "applicationArn", "scope" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationAccessScope resources.\n", "properties": { "applicationArn": { "type": "string", "description": "Specifies the ARN of the application with the access scope with the targets to add or update.\n" }, "authorizedTargets": { "type": "array", "items": { "type": "string" }, "description": "Specifies an array list of ARNs that represent the authorized targets for this access scope.\n" }, "scope": { "type": "string", "description": "Specifies the name of the access scope to be associated with the specified targets.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:ssoadmin/applicationAssignment:ApplicationAssignment": { "description": "Resource for managing an AWS SSO Admin Application Assignment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssoadmin.ApplicationAssignment(\"example\", {\n applicationArn: exampleAwsSsoadminApplication.applicationArn,\n principalId: exampleAwsIdentitystoreUser.userId,\n principalType: \"USER\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.ApplicationAssignment(\"example\",\n application_arn=example_aws_ssoadmin_application[\"applicationArn\"],\n principal_id=example_aws_identitystore_user[\"userId\"],\n principal_type=\"USER\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsoAdmin.ApplicationAssignment(\"example\", new()\n {\n ApplicationArn = exampleAwsSsoadminApplication.ApplicationArn,\n PrincipalId = exampleAwsIdentitystoreUser.UserId,\n PrincipalType = \"USER\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.NewApplicationAssignment(ctx, \"example\", \u0026ssoadmin.ApplicationAssignmentArgs{\n\t\t\tApplicationArn: pulumi.Any(exampleAwsSsoadminApplication.ApplicationArn),\n\t\t\tPrincipalId: pulumi.Any(exampleAwsIdentitystoreUser.UserId),\n\t\t\tPrincipalType: pulumi.String(\"USER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignment;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationAssignment(\"example\", ApplicationAssignmentArgs.builder()\n .applicationArn(exampleAwsSsoadminApplication.applicationArn())\n .principalId(exampleAwsIdentitystoreUser.userId())\n .principalType(\"USER\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssoadmin:ApplicationAssignment\n properties:\n applicationArn: ${exampleAwsSsoadminApplication.applicationArn}\n principalId: ${exampleAwsIdentitystoreUser.userId}\n principalType: USER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Group Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssoadmin.ApplicationAssignment(\"example\", {\n applicationArn: exampleAwsSsoadminApplication.applicationArn,\n principalId: exampleAwsIdentitystoreGroup.groupId,\n principalType: \"GROUP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.ApplicationAssignment(\"example\",\n application_arn=example_aws_ssoadmin_application[\"applicationArn\"],\n principal_id=example_aws_identitystore_group[\"groupId\"],\n principal_type=\"GROUP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsoAdmin.ApplicationAssignment(\"example\", new()\n {\n ApplicationArn = exampleAwsSsoadminApplication.ApplicationArn,\n PrincipalId = exampleAwsIdentitystoreGroup.GroupId,\n PrincipalType = \"GROUP\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.NewApplicationAssignment(ctx, \"example\", \u0026ssoadmin.ApplicationAssignmentArgs{\n\t\t\tApplicationArn: pulumi.Any(exampleAwsSsoadminApplication.ApplicationArn),\n\t\t\tPrincipalId: pulumi.Any(exampleAwsIdentitystoreGroup.GroupId),\n\t\t\tPrincipalType: pulumi.String(\"GROUP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignment;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationAssignment(\"example\", ApplicationAssignmentArgs.builder()\n .applicationArn(exampleAwsSsoadminApplication.applicationArn())\n .principalId(exampleAwsIdentitystoreGroup.groupId())\n .principalType(\"GROUP\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssoadmin:ApplicationAssignment\n properties:\n applicationArn: ${exampleAwsSsoadminApplication.applicationArn}\n principalId: ${exampleAwsIdentitystoreGroup.groupId}\n principalType: GROUP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Application Assignment using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/applicationAssignment:ApplicationAssignment example arn:aws:sso::012345678901:application/id-12345678,abcd1234,USER\n```\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "required": [ "applicationArn", "principalId", "principalType" ], "inputProperties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "requiredInputs": [ "applicationArn", "principalId", "principalType" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationAssignment resources.\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "type": "object" } }, "aws:ssoadmin/applicationAssignmentConfiguration:ApplicationAssignmentConfiguration": { "description": "Resource for managing an AWS SSO Admin Application Assignment Configuration.\n\nBy default, applications will require users to have an explicit assignment in order to access an application.\nThis resource can be used to adjust this default behavior if necessary.\n\n\u003e Deleting this resource will return the assignment configuration for the application to the default AWS behavior (ie. `assignment_required = true`).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssoadmin.ApplicationAssignmentConfiguration(\"example\", {\n applicationArn: exampleAwsSsoadminApplication.applicationArn,\n assignmentRequired: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.ApplicationAssignmentConfiguration(\"example\",\n application_arn=example_aws_ssoadmin_application[\"applicationArn\"],\n assignment_required=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsoAdmin.ApplicationAssignmentConfiguration(\"example\", new()\n {\n ApplicationArn = exampleAwsSsoadminApplication.ApplicationArn,\n AssignmentRequired = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.NewApplicationAssignmentConfiguration(ctx, \"example\", \u0026ssoadmin.ApplicationAssignmentConfigurationArgs{\n\t\t\tApplicationArn: pulumi.Any(exampleAwsSsoadminApplication.ApplicationArn),\n\t\t\tAssignmentRequired: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignmentConfiguration;\nimport com.pulumi.aws.ssoadmin.ApplicationAssignmentConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApplicationAssignmentConfiguration(\"example\", ApplicationAssignmentConfigurationArgs.builder()\n .applicationArn(exampleAwsSsoadminApplication.applicationArn())\n .assignmentRequired(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssoadmin:ApplicationAssignmentConfiguration\n properties:\n applicationArn: ${exampleAwsSsoadminApplication.applicationArn}\n assignmentRequired: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Application Assignment Configuration using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/applicationAssignmentConfiguration:ApplicationAssignmentConfiguration example arn:aws:sso::012345678901:application/id-12345678\n```\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "assignmentRequired": { "type": "boolean", "description": "Indicates whether users must have an explicit assignment to access the application. If `false`, all users have access to the application.\n" } }, "required": [ "applicationArn", "assignmentRequired" ], "inputProperties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "assignmentRequired": { "type": "boolean", "description": "Indicates whether users must have an explicit assignment to access the application. If `false`, all users have access to the application.\n" } }, "requiredInputs": [ "applicationArn", "assignmentRequired" ], "stateInputs": { "description": "Input properties used for looking up and filtering ApplicationAssignmentConfiguration resources.\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "assignmentRequired": { "type": "boolean", "description": "Indicates whether users must have an explicit assignment to access the application. If `false`, all users have access to the application.\n" } }, "type": "object" } }, "aws:ssoadmin/customerManagedPolicyAttachment:CustomerManagedPolicyAttachment": { "description": "Provides a customer managed policy attachment for a Single Sign-On (SSO) Permission Set resource\n\n\u003e **NOTE:** Creating this resource will automatically [Provision the Permission Set](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html) to apply the corresponding updates to all assigned accounts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"TestPolicy\",\n description: \"My test policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst exampleCustomerManagedPolicyAttachment = new aws.ssoadmin.CustomerManagedPolicyAttachment(\"example\", {\n instanceArn: examplePermissionSet.instanceArn,\n permissionSetArn: examplePermissionSet.arn,\n customerManagedPolicyReference: {\n name: examplePolicy.name,\n path: \"/\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"TestPolicy\",\n description=\"My test policy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nexample_customer_managed_policy_attachment = aws.ssoadmin.CustomerManagedPolicyAttachment(\"example\",\n instance_arn=example_permission_set.instance_arn,\n permission_set_arn=example_permission_set.arn,\n customer_managed_policy_reference={\n \"name\": example_policy.name,\n \"path\": \"/\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"TestPolicy\",\n Description = \"My test policy\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var exampleCustomerManagedPolicyAttachment = new Aws.SsoAdmin.CustomerManagedPolicyAttachment(\"example\", new()\n {\n InstanceArn = examplePermissionSet.InstanceArn,\n PermissionSetArn = examplePermissionSet.Arn,\n CustomerManagedPolicyReference = new Aws.SsoAdmin.Inputs.CustomerManagedPolicyAttachmentCustomerManagedPolicyReferenceArgs\n {\n Name = examplePolicy.Name,\n Path = \"/\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"TestPolicy\"),\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewCustomerManagedPolicyAttachment(ctx, \"example\", \u0026ssoadmin.CustomerManagedPolicyAttachmentArgs{\n\t\t\tInstanceArn: examplePermissionSet.InstanceArn,\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t\tCustomerManagedPolicyReference: \u0026ssoadmin.CustomerManagedPolicyAttachmentCustomerManagedPolicyReferenceArgs{\n\t\t\t\tName: examplePolicy.Name,\n\t\t\t\tPath: pulumi.String(\"/\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.ssoadmin.CustomerManagedPolicyAttachment;\nimport com.pulumi.aws.ssoadmin.CustomerManagedPolicyAttachmentArgs;\nimport com.pulumi.aws.ssoadmin.inputs.CustomerManagedPolicyAttachmentCustomerManagedPolicyReferenceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"TestPolicy\")\n .description(\"My test policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var exampleCustomerManagedPolicyAttachment = new CustomerManagedPolicyAttachment(\"exampleCustomerManagedPolicyAttachment\", CustomerManagedPolicyAttachmentArgs.builder()\n .instanceArn(examplePermissionSet.instanceArn())\n .permissionSetArn(examplePermissionSet.arn())\n .customerManagedPolicyReference(CustomerManagedPolicyAttachmentCustomerManagedPolicyReferenceArgs.builder()\n .name(examplePolicy.name())\n .path(\"/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: TestPolicy\n description: My test policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n exampleCustomerManagedPolicyAttachment:\n type: aws:ssoadmin:CustomerManagedPolicyAttachment\n name: example\n properties:\n instanceArn: ${examplePermissionSet.instanceArn}\n permissionSetArn: ${examplePermissionSet.arn}\n customerManagedPolicyReference:\n name: ${examplePolicy.name}\n path: /\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Managed Policy Attachments using the `name`, `path`, `permission_set_arn`, and `instance_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/customerManagedPolicyAttachment:CustomerManagedPolicyAttachment example TestPolicy,/,arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72\n```\n", "properties": { "customerManagedPolicyReference": { "$ref": "#/types/aws:ssoadmin/CustomerManagedPolicyAttachmentCustomerManagedPolicyReference:CustomerManagedPolicyAttachmentCustomerManagedPolicyReference", "description": "Specifies the name and path of a customer managed policy. See below.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" } }, "required": [ "customerManagedPolicyReference", "instanceArn", "permissionSetArn" ], "inputProperties": { "customerManagedPolicyReference": { "$ref": "#/types/aws:ssoadmin/CustomerManagedPolicyAttachmentCustomerManagedPolicyReference:CustomerManagedPolicyAttachmentCustomerManagedPolicyReference", "description": "Specifies the name and path of a customer managed policy. See below.\n", "willReplaceOnChanges": true }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "customerManagedPolicyReference", "instanceArn", "permissionSetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering CustomerManagedPolicyAttachment resources.\n", "properties": { "customerManagedPolicyReference": { "$ref": "#/types/aws:ssoadmin/CustomerManagedPolicyAttachmentCustomerManagedPolicyReference:CustomerManagedPolicyAttachmentCustomerManagedPolicyReference", "description": "Specifies the name and path of a customer managed policy. See below.\n", "willReplaceOnChanges": true }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssoadmin/instanceAccessControlAttributes:InstanceAccessControlAttributes": { "description": "Provides a Single Sign-On (SSO) ABAC Resource: https://docs.aws.amazon.com/singlesignon/latest/userguide/abac.html\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleInstanceAccessControlAttributes = new aws.ssoadmin.InstanceAccessControlAttributes(\"example\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n attributes: [\n {\n key: \"name\",\n values: [{\n sources: [\"${path:name.givenName}\"],\n }],\n },\n {\n key: \"last\",\n values: [{\n sources: [\"${path:name.familyName}\"],\n }],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_instance_access_control_attributes = aws.ssoadmin.InstanceAccessControlAttributes(\"example\",\n instance_arn=example.arns[0],\n attributes=[\n {\n \"key\": \"name\",\n \"values\": [{\n \"sources\": [\"${path:name.givenName}\"],\n }],\n },\n {\n \"key\": \"last\",\n \"values\": [{\n \"sources\": [\"${path:name.familyName}\"],\n }],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleInstanceAccessControlAttributes = new Aws.SsoAdmin.InstanceAccessControlAttributes(\"example\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n Attributes = new[]\n {\n new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeArgs\n {\n Key = \"name\",\n Values = new[]\n {\n new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeValueArgs\n {\n Sources = new[]\n {\n \"${path:name.givenName}\",\n },\n },\n },\n },\n new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeArgs\n {\n Key = \"last\",\n Values = new[]\n {\n new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeValueArgs\n {\n Sources = new[]\n {\n \"${path:name.familyName}\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewInstanceAccessControlAttributes(ctx, \"example\", \u0026ssoadmin.InstanceAccessControlAttributesArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tAttributes: ssoadmin.InstanceAccessControlAttributesAttributeArray{\n\t\t\t\t\u0026ssoadmin.InstanceAccessControlAttributesAttributeArgs{\n\t\t\t\t\tKey: pulumi.String(\"name\"),\n\t\t\t\t\tValues: ssoadmin.InstanceAccessControlAttributesAttributeValueArray{\n\t\t\t\t\t\t\u0026ssoadmin.InstanceAccessControlAttributesAttributeValueArgs{\n\t\t\t\t\t\t\tSources: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"${path:name.givenName}\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026ssoadmin.InstanceAccessControlAttributesAttributeArgs{\n\t\t\t\t\tKey: pulumi.String(\"last\"),\n\t\t\t\t\tValues: ssoadmin.InstanceAccessControlAttributesAttributeValueArray{\n\t\t\t\t\t\t\u0026ssoadmin.InstanceAccessControlAttributesAttributeValueArgs{\n\t\t\t\t\t\t\tSources: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"${path:name.familyName}\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.InstanceAccessControlAttributes;\nimport com.pulumi.aws.ssoadmin.InstanceAccessControlAttributesArgs;\nimport com.pulumi.aws.ssoadmin.inputs.InstanceAccessControlAttributesAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleInstanceAccessControlAttributes = new InstanceAccessControlAttributes(\"exampleInstanceAccessControlAttributes\", InstanceAccessControlAttributesArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .attributes( \n InstanceAccessControlAttributesAttributeArgs.builder()\n .key(\"name\")\n .values(InstanceAccessControlAttributesAttributeValueArgs.builder()\n .sources(\"${path:name.givenName}\")\n .build())\n .build(),\n InstanceAccessControlAttributesAttributeArgs.builder()\n .key(\"last\")\n .values(InstanceAccessControlAttributesAttributeValueArgs.builder()\n .sources(\"${path:name.familyName}\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleInstanceAccessControlAttributes:\n type: aws:ssoadmin:InstanceAccessControlAttributes\n name: example\n properties:\n instanceArn: ${example.arns[0]}\n attributes:\n - key: name\n values:\n - sources:\n - ${path:name.givenName}\n - key: last\n values:\n - sources:\n - ${path:name.familyName}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Account Assignments using the `instance_arn`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/instanceAccessControlAttributes:InstanceAccessControlAttributes example arn:aws:sso:::instance/ssoins-0123456789abcdef\n```\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/InstanceAccessControlAttributesAttribute:InstanceAccessControlAttributesAttribute" }, "description": "See AccessControlAttribute for more details.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n" }, "status": { "type": "string" }, "statusReason": { "type": "string" } }, "required": [ "attributes", "instanceArn", "status", "statusReason" ], "inputProperties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/InstanceAccessControlAttributesAttribute:InstanceAccessControlAttributesAttribute" }, "description": "See AccessControlAttribute for more details.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "attributes", "instanceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceAccessControlAttributes resources.\n", "properties": { "attributes": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/InstanceAccessControlAttributesAttribute:InstanceAccessControlAttributesAttribute" }, "description": "See AccessControlAttribute for more details.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance.\n", "willReplaceOnChanges": true }, "status": { "type": "string" }, "statusReason": { "type": "string" } }, "type": "object" } }, "aws:ssoadmin/managedPolicyAttachment:ManagedPolicyAttachment": { "description": "Provides an IAM managed policy for a Single Sign-On (SSO) Permission Set resource\n\n\u003e **NOTE:** Creating this resource will automatically [Provision the Permission Set](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html) to apply the corresponding updates to all assigned accounts.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst exampleManagedPolicyAttachment = new aws.ssoadmin.ManagedPolicyAttachment(\"example\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n managedPolicyArn: \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permissionSetArn: examplePermissionSet.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_managed_policy_attachment = aws.ssoadmin.ManagedPolicyAttachment(\"example\",\n instance_arn=example.arns[0],\n managed_policy_arn=\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permission_set_arn=example_permission_set.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var exampleManagedPolicyAttachment = new Aws.SsoAdmin.ManagedPolicyAttachment(\"example\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n ManagedPolicyArn = \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n PermissionSetArn = examplePermissionSet.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewManagedPolicyAttachment(ctx, \"example\", \u0026ssoadmin.ManagedPolicyAttachmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tManagedPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\"),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachment;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var exampleManagedPolicyAttachment = new ManagedPolicyAttachment(\"exampleManagedPolicyAttachment\", ManagedPolicyAttachmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .managedPolicyArn(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\")\n .permissionSetArn(examplePermissionSet.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n exampleManagedPolicyAttachment:\n type: aws:ssoadmin:ManagedPolicyAttachment\n name: example\n properties:\n instanceArn: ${example.arns[0]}\n managedPolicyArn: arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\n permissionSetArn: ${examplePermissionSet.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Account Assignment\n\n\u003e Because destruction of a managed policy attachment resource also re-provisions the associated permission set to all accounts, explicitly indicating the dependency with the account assignment resource via the `depends_on` meta argument is necessary to ensure proper deletion order when these resources are used together.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst exampleGroup = new aws.identitystore.Group(\"example\", {\n identityStoreId: example.then(example =\u003e example.identityStoreIds?.[0]),\n displayName: \"Admin\",\n description: \"Admin Group\",\n});\nconst accountAssignment = new aws.ssoadmin.AccountAssignment(\"account_assignment\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n permissionSetArn: examplePermissionSet.arn,\n principalId: exampleGroup.groupId,\n principalType: \"GROUP\",\n targetId: \"123456789012\",\n targetType: \"AWS_ACCOUNT\",\n});\nconst exampleManagedPolicyAttachment = new aws.ssoadmin.ManagedPolicyAttachment(\"example\", {\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n managedPolicyArn: \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permissionSetArn: examplePermissionSet.arn,\n}, {\n dependsOn: [exampleAwsSsoadminAccountAssignment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_group = aws.identitystore.Group(\"example\",\n identity_store_id=example.identity_store_ids[0],\n display_name=\"Admin\",\n description=\"Admin Group\")\naccount_assignment = aws.ssoadmin.AccountAssignment(\"account_assignment\",\n instance_arn=example.arns[0],\n permission_set_arn=example_permission_set.arn,\n principal_id=example_group.group_id,\n principal_type=\"GROUP\",\n target_id=\"123456789012\",\n target_type=\"AWS_ACCOUNT\")\nexample_managed_policy_attachment = aws.ssoadmin.ManagedPolicyAttachment(\"example\",\n instance_arn=example.arns[0],\n managed_policy_arn=\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n permission_set_arn=example_permission_set.arn,\n opts = pulumi.ResourceOptions(depends_on=[example_aws_ssoadmin_account_assignment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var exampleGroup = new Aws.IdentityStore.Group(\"example\", new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n DisplayName = \"Admin\",\n Description = \"Admin Group\",\n });\n\n var accountAssignment = new Aws.SsoAdmin.AccountAssignment(\"account_assignment\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n PermissionSetArn = examplePermissionSet.Arn,\n PrincipalId = exampleGroup.GroupId,\n PrincipalType = \"GROUP\",\n TargetId = \"123456789012\",\n TargetType = \"AWS_ACCOUNT\",\n });\n\n var exampleManagedPolicyAttachment = new Aws.SsoAdmin.ManagedPolicyAttachment(\"example\", new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n ManagedPolicyArn = \"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\",\n PermissionSetArn = examplePermissionSet.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsoadminAccountAssignment,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGroup, err := identitystore.NewGroup(ctx, \"example\", \u0026identitystore.GroupArgs{\n\t\t\tIdentityStoreId: pulumi.String(example.IdentityStoreIds[0]),\n\t\t\tDisplayName: pulumi.String(\"Admin\"),\n\t\t\tDescription: pulumi.String(\"Admin Group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewAccountAssignment(ctx, \"account_assignment\", \u0026ssoadmin.AccountAssignmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t\tPrincipalId: exampleGroup.GroupId,\n\t\t\tPrincipalType: pulumi.String(\"GROUP\"),\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tTargetType: pulumi.String(\"AWS_ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewManagedPolicyAttachment(ctx, \"example\", \u0026ssoadmin.ManagedPolicyAttachmentArgs{\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tManagedPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\"),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsoadminAccountAssignment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.identitystore.Group;\nimport com.pulumi.aws.identitystore.GroupArgs;\nimport com.pulumi.aws.ssoadmin.AccountAssignment;\nimport com.pulumi.aws.ssoadmin.AccountAssignmentArgs;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachment;\nimport com.pulumi.aws.ssoadmin.ManagedPolicyAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .displayName(\"Admin\")\n .description(\"Admin Group\")\n .build());\n\n var accountAssignment = new AccountAssignment(\"accountAssignment\", AccountAssignmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .permissionSetArn(examplePermissionSet.arn())\n .principalId(exampleGroup.groupId())\n .principalType(\"GROUP\")\n .targetId(\"123456789012\")\n .targetType(\"AWS_ACCOUNT\")\n .build());\n\n var exampleManagedPolicyAttachment = new ManagedPolicyAttachment(\"exampleManagedPolicyAttachment\", ManagedPolicyAttachmentArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .managedPolicyArn(\"arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\")\n .permissionSetArn(examplePermissionSet.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsoadminAccountAssignment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n exampleGroup:\n type: aws:identitystore:Group\n name: example\n properties:\n identityStoreId: ${example.identityStoreIds[0]}\n displayName: Admin\n description: Admin Group\n accountAssignment:\n type: aws:ssoadmin:AccountAssignment\n name: account_assignment\n properties:\n instanceArn: ${example.arns[0]}\n permissionSetArn: ${examplePermissionSet.arn}\n principalId: ${exampleGroup.groupId}\n principalType: GROUP\n targetId: '123456789012'\n targetType: AWS_ACCOUNT\n exampleManagedPolicyAttachment:\n type: aws:ssoadmin:ManagedPolicyAttachment\n name: example\n properties:\n instanceArn: ${example.arns[0]}\n managedPolicyArn: arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup\n permissionSetArn: ${examplePermissionSet.arn}\n options:\n dependson:\n - ${exampleAwsSsoadminAccountAssignment}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Managed Policy Attachments using the `managed_policy_arn`, `permission_set_arn`, and `instance_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/managedPolicyAttachment:ManagedPolicyAttachment example arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup,arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72\n```\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n" }, "managedPolicyArn": { "type": "string", "description": "The IAM managed policy Amazon Resource Name (ARN) to be attached to the Permission Set.\n" }, "managedPolicyName": { "type": "string", "description": "The name of the IAM Managed Policy.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" } }, "required": [ "instanceArn", "managedPolicyArn", "managedPolicyName", "permissionSetArn" ], "inputProperties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "managedPolicyArn": { "type": "string", "description": "The IAM managed policy Amazon Resource Name (ARN) to be attached to the Permission Set.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceArn", "managedPolicyArn", "permissionSetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ManagedPolicyAttachment resources.\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "managedPolicyArn": { "type": "string", "description": "The IAM managed policy Amazon Resource Name (ARN) to be attached to the Permission Set.\n", "willReplaceOnChanges": true }, "managedPolicyName": { "type": "string", "description": "The name of the IAM Managed Policy.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssoadmin/permissionSet:PermissionSet": { "description": "Provides a Single Sign-On (SSO) Permission Set resource\n\n\u003e **NOTE:** Updating this resource will automatically [Provision the Permission Set](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html) to apply the corresponding updates to all assigned accounts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n description: \"An example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n relayState: \"https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\",\n sessionDuration: \"PT2H\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n description=\"An example\",\n instance_arn=example.arns[0],\n relay_state=\"https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\",\n session_duration=\"PT2H\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n Description = \"An example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n RelayState = \"https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\",\n SessionDuration = \"PT2H\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"An example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tRelayState: pulumi.String(\"https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\"),\n\t\t\tSessionDuration: pulumi.String(\"PT2H\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .description(\"An example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .relayState(\"https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\")\n .sessionDuration(\"PT2H\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n description: An example\n instanceArn: ${example.arns[0]}\n relayState: https://s3.console.aws.amazon.com/s3/home?region=us-east-1#\n sessionDuration: PT2H\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Permission Sets using the `arn` and `instance_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/permissionSet:PermissionSet example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" }, "createdDate": { "type": "string", "description": "The date the Permission Set was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "description": { "type": "string", "description": "The description of the Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n" }, "name": { "type": "string", "description": "The name of the Permission Set.\n" }, "relayState": { "type": "string", "description": "The relay state URL used to redirect users within the application during the federation authentication process.\n" }, "sessionDuration": { "type": "string", "description": "The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdDate", "instanceArn", "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Permission Set.\n", "willReplaceOnChanges": true }, "relayState": { "type": "string", "description": "The relay state URL used to redirect users within the application during the federation authentication process.\n" }, "sessionDuration": { "type": "string", "description": "The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "instanceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PermissionSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" }, "createdDate": { "type": "string", "description": "The date the Permission Set was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n" }, "description": { "type": "string", "description": "The description of the Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the Permission Set.\n", "willReplaceOnChanges": true }, "relayState": { "type": "string", "description": "The relay state URL used to redirect users within the application during the federation authentication process.\n" }, "sessionDuration": { "type": "string", "description": "The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:ssoadmin/permissionSetInlinePolicy:PermissionSetInlinePolicy": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst exampleGetPolicyDocument = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"1\",\n actions: [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n resources: [\"arn:aws:s3:::*\"],\n }],\n});\nconst examplePermissionSetInlinePolicy = new aws.ssoadmin.PermissionSetInlinePolicy(\"example\", {\n inlinePolicy: exampleGetPolicyDocument.then(exampleGetPolicyDocument =\u003e exampleGetPolicyDocument.json),\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n permissionSetArn: examplePermissionSet.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_get_policy_document = aws.iam.get_policy_document(statements=[{\n \"sid\": \"1\",\n \"actions\": [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n \"resources\": [\"arn:aws:s3:::*\"],\n}])\nexample_permission_set_inline_policy = aws.ssoadmin.PermissionSetInlinePolicy(\"example\",\n inline_policy=example_get_policy_document.json,\n instance_arn=example.arns[0],\n permission_set_arn=example_permission_set.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var exampleGetPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"1\",\n Actions = new[]\n {\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::*\",\n },\n },\n },\n });\n\n var examplePermissionSetInlinePolicy = new Aws.SsoAdmin.PermissionSetInlinePolicy(\"example\", new()\n {\n InlinePolicy = exampleGetPolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n PermissionSetArn = examplePermissionSet.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetPolicyDocument, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"1\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListAllMyBuckets\",\n\t\t\t\t\t\t\"s3:GetBucketLocation\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewPermissionSetInlinePolicy(ctx, \"example\", \u0026ssoadmin.PermissionSetInlinePolicyArgs{\n\t\t\tInlinePolicy: pulumi.String(exampleGetPolicyDocument.Json),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.ssoadmin.PermissionSetInlinePolicy;\nimport com.pulumi.aws.ssoadmin.PermissionSetInlinePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n final var exampleGetPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"1\")\n .actions( \n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\")\n .resources(\"arn:aws:s3:::*\")\n .build())\n .build());\n\n var examplePermissionSetInlinePolicy = new PermissionSetInlinePolicy(\"examplePermissionSetInlinePolicy\", PermissionSetInlinePolicyArgs.builder()\n .inlinePolicy(exampleGetPolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .permissionSetArn(examplePermissionSet.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n examplePermissionSetInlinePolicy:\n type: aws:ssoadmin:PermissionSetInlinePolicy\n name: example\n properties:\n inlinePolicy: ${exampleGetPolicyDocument.json}\n instanceArn: ${example.arns[0]}\n permissionSetArn: ${examplePermissionSet.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetPolicyDocument:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: '1'\n actions:\n - s3:ListAllMyBuckets\n - s3:GetBucketLocation\n resources:\n - arn:aws:s3:::*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Permission Set Inline Policies using the `permission_set_arn` and `instance_arn` separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/permissionSetInlinePolicy:PermissionSetInlinePolicy example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72\n```\n", "properties": { "inlinePolicy": { "type": "string", "description": "The IAM inline policy to attach to a Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" } }, "required": [ "inlinePolicy", "instanceArn", "permissionSetArn" ], "inputProperties": { "inlinePolicy": { "type": "string", "description": "The IAM inline policy to attach to a Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "inlinePolicy", "instanceArn", "permissionSetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering PermissionSetInlinePolicy resources.\n", "properties": { "inlinePolicy": { "type": "string", "description": "The IAM inline policy to attach to a Permission Set.\n" }, "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssoadmin/permissionsBoundaryAttachment:PermissionsBoundaryAttachment": { "description": "Attaches a permissions boundary policy to a Single Sign-On (SSO) Permission Set resource.\n\n\u003e **NOTE:** A permission set can have at most one permissions boundary attached; using more than one `aws.ssoadmin.PermissionsBoundaryAttachment` references the same permission set will show a permanent difference.\n\n## Example Usage\n\n### Attaching a customer-managed policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst examplePermissionSet = new aws.ssoadmin.PermissionSet(\"example\", {\n name: \"Example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"TestPolicy\",\n description: \"My test policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst examplePermissionsBoundaryAttachment = new aws.ssoadmin.PermissionsBoundaryAttachment(\"example\", {\n instanceArn: examplePermissionSet.instanceArn,\n permissionSetArn: examplePermissionSet.arn,\n permissionsBoundary: {\n customerManagedPolicyReference: {\n name: examplePolicy.name,\n path: \"/\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_permission_set = aws.ssoadmin.PermissionSet(\"example\",\n name=\"Example\",\n instance_arn=example.arns[0])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"TestPolicy\",\n description=\"My test policy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nexample_permissions_boundary_attachment = aws.ssoadmin.PermissionsBoundaryAttachment(\"example\",\n instance_arn=example_permission_set.instance_arn,\n permission_set_arn=example_permission_set.arn,\n permissions_boundary={\n \"customer_managed_policy_reference\": {\n \"name\": example_policy.name,\n \"path\": \"/\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var examplePermissionSet = new Aws.SsoAdmin.PermissionSet(\"example\", new()\n {\n Name = \"Example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"TestPolicy\",\n Description = \"My test policy\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var examplePermissionsBoundaryAttachment = new Aws.SsoAdmin.PermissionsBoundaryAttachment(\"example\", new()\n {\n InstanceArn = examplePermissionSet.InstanceArn,\n PermissionSetArn = examplePermissionSet.Arn,\n PermissionsBoundary = new Aws.SsoAdmin.Inputs.PermissionsBoundaryAttachmentPermissionsBoundaryArgs\n {\n CustomerManagedPolicyReference = new Aws.SsoAdmin.Inputs.PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReferenceArgs\n {\n Name = examplePolicy.Name,\n Path = \"/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermissionSet, err := ssoadmin.NewPermissionSet(ctx, \"example\", \u0026ssoadmin.PermissionSetArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"TestPolicy\"),\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewPermissionsBoundaryAttachment(ctx, \"example\", \u0026ssoadmin.PermissionsBoundaryAttachmentArgs{\n\t\t\tInstanceArn: examplePermissionSet.InstanceArn,\n\t\t\tPermissionSetArn: examplePermissionSet.Arn,\n\t\t\tPermissionsBoundary: \u0026ssoadmin.PermissionsBoundaryAttachmentPermissionsBoundaryArgs{\n\t\t\t\tCustomerManagedPolicyReference: \u0026ssoadmin.PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReferenceArgs{\n\t\t\t\t\tName: examplePolicy.Name,\n\t\t\t\t\tPath: pulumi.String(\"/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.PermissionSet;\nimport com.pulumi.aws.ssoadmin.PermissionSetArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachment;\nimport com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachmentArgs;\nimport com.pulumi.aws.ssoadmin.inputs.PermissionsBoundaryAttachmentPermissionsBoundaryArgs;\nimport com.pulumi.aws.ssoadmin.inputs.PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReferenceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var examplePermissionSet = new PermissionSet(\"examplePermissionSet\", PermissionSetArgs.builder()\n .name(\"Example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"TestPolicy\")\n .description(\"My test policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var examplePermissionsBoundaryAttachment = new PermissionsBoundaryAttachment(\"examplePermissionsBoundaryAttachment\", PermissionsBoundaryAttachmentArgs.builder()\n .instanceArn(examplePermissionSet.instanceArn())\n .permissionSetArn(examplePermissionSet.arn())\n .permissionsBoundary(PermissionsBoundaryAttachmentPermissionsBoundaryArgs.builder()\n .customerManagedPolicyReference(PermissionsBoundaryAttachmentPermissionsBoundaryCustomerManagedPolicyReferenceArgs.builder()\n .name(examplePolicy.name())\n .path(\"/\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePermissionSet:\n type: aws:ssoadmin:PermissionSet\n name: example\n properties:\n name: Example\n instanceArn: ${example.arns[0]}\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: TestPolicy\n description: My test policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n examplePermissionsBoundaryAttachment:\n type: aws:ssoadmin:PermissionsBoundaryAttachment\n name: example\n properties:\n instanceArn: ${examplePermissionSet.instanceArn}\n permissionSetArn: ${examplePermissionSet.arn}\n permissionsBoundary:\n customerManagedPolicyReference:\n name: ${examplePolicy.name}\n path: /\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Attaching an AWS-managed policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssoadmin.PermissionsBoundaryAttachment(\"example\", {\n instanceArn: exampleAwsSsoadminPermissionSet.instanceArn,\n permissionSetArn: exampleAwsSsoadminPermissionSet.arn,\n permissionsBoundary: {\n managedPolicyArn: \"arn:aws:iam::aws:policy/ReadOnlyAccess\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.PermissionsBoundaryAttachment(\"example\",\n instance_arn=example_aws_ssoadmin_permission_set[\"instanceArn\"],\n permission_set_arn=example_aws_ssoadmin_permission_set[\"arn\"],\n permissions_boundary={\n \"managed_policy_arn\": \"arn:aws:iam::aws:policy/ReadOnlyAccess\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsoAdmin.PermissionsBoundaryAttachment(\"example\", new()\n {\n InstanceArn = exampleAwsSsoadminPermissionSet.InstanceArn,\n PermissionSetArn = exampleAwsSsoadminPermissionSet.Arn,\n PermissionsBoundary = new Aws.SsoAdmin.Inputs.PermissionsBoundaryAttachmentPermissionsBoundaryArgs\n {\n ManagedPolicyArn = \"arn:aws:iam::aws:policy/ReadOnlyAccess\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.NewPermissionsBoundaryAttachment(ctx, \"example\", \u0026ssoadmin.PermissionsBoundaryAttachmentArgs{\n\t\t\tInstanceArn: pulumi.Any(exampleAwsSsoadminPermissionSet.InstanceArn),\n\t\t\tPermissionSetArn: pulumi.Any(exampleAwsSsoadminPermissionSet.Arn),\n\t\t\tPermissionsBoundary: \u0026ssoadmin.PermissionsBoundaryAttachmentPermissionsBoundaryArgs{\n\t\t\t\tManagedPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/ReadOnlyAccess\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachment;\nimport com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachmentArgs;\nimport com.pulumi.aws.ssoadmin.inputs.PermissionsBoundaryAttachmentPermissionsBoundaryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PermissionsBoundaryAttachment(\"example\", PermissionsBoundaryAttachmentArgs.builder()\n .instanceArn(exampleAwsSsoadminPermissionSet.instanceArn())\n .permissionSetArn(exampleAwsSsoadminPermissionSet.arn())\n .permissionsBoundary(PermissionsBoundaryAttachmentPermissionsBoundaryArgs.builder()\n .managedPolicyArn(\"arn:aws:iam::aws:policy/ReadOnlyAccess\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssoadmin:PermissionsBoundaryAttachment\n properties:\n instanceArn: ${exampleAwsSsoadminPermissionSet.instanceArn}\n permissionSetArn: ${exampleAwsSsoadminPermissionSet.arn}\n permissionsBoundary:\n managedPolicyArn: arn:aws:iam::aws:policy/ReadOnlyAccess\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Permissions Boundary Attachments using the `permission_set_arn` and `instance_arn`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:ssoadmin/permissionsBoundaryAttachment:PermissionsBoundaryAttachment example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72\n```\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n" }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n" }, "permissionsBoundary": { "$ref": "#/types/aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundary:PermissionsBoundaryAttachmentPermissionsBoundary", "description": "The permissions boundary policy. See below.\n" } }, "required": [ "instanceArn", "permissionSetArn", "permissionsBoundary" ], "inputProperties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true }, "permissionsBoundary": { "$ref": "#/types/aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundary:PermissionsBoundaryAttachmentPermissionsBoundary", "description": "The permissions boundary policy. See below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "instanceArn", "permissionSetArn", "permissionsBoundary" ], "stateInputs": { "description": "Input properties used for looking up and filtering PermissionsBoundaryAttachment resources.\n", "properties": { "instanceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.\n", "willReplaceOnChanges": true }, "permissionSetArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Permission Set.\n", "willReplaceOnChanges": true }, "permissionsBoundary": { "$ref": "#/types/aws:ssoadmin/PermissionsBoundaryAttachmentPermissionsBoundary:PermissionsBoundaryAttachmentPermissionsBoundary", "description": "The permissions boundary policy. See below.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:ssoadmin/trustedTokenIssuer:TrustedTokenIssuer": { "description": "Resource for managing an AWS SSO Admin Trusted Token Issuer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleTrustedTokenIssuer = new aws.ssoadmin.TrustedTokenIssuer(\"example\", {\n name: \"example\",\n instanceArn: example.then(example =\u003e example.arns?.[0]),\n trustedTokenIssuerType: \"OIDC_JWT\",\n trustedTokenIssuerConfiguration: {\n oidcJwtConfiguration: {\n claimAttributePath: \"email\",\n identityStoreAttributePath: \"emails.value\",\n issuerUrl: \"https://example.com\",\n jwksRetrievalOption: \"OPEN_ID_DISCOVERY\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_trusted_token_issuer = aws.ssoadmin.TrustedTokenIssuer(\"example\",\n name=\"example\",\n instance_arn=example.arns[0],\n trusted_token_issuer_type=\"OIDC_JWT\",\n trusted_token_issuer_configuration={\n \"oidc_jwt_configuration\": {\n \"claim_attribute_path\": \"email\",\n \"identity_store_attribute_path\": \"emails.value\",\n \"issuer_url\": \"https://example.com\",\n \"jwks_retrieval_option\": \"OPEN_ID_DISCOVERY\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleTrustedTokenIssuer = new Aws.SsoAdmin.TrustedTokenIssuer(\"example\", new()\n {\n Name = \"example\",\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n TrustedTokenIssuerType = \"OIDC_JWT\",\n TrustedTokenIssuerConfiguration = new Aws.SsoAdmin.Inputs.TrustedTokenIssuerTrustedTokenIssuerConfigurationArgs\n {\n OidcJwtConfiguration = new Aws.SsoAdmin.Inputs.TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfigurationArgs\n {\n ClaimAttributePath = \"email\",\n IdentityStoreAttributePath = \"emails.value\",\n IssuerUrl = \"https://example.com\",\n JwksRetrievalOption = \"OPEN_ID_DISCOVERY\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssoadmin.NewTrustedTokenIssuer(ctx, \"example\", \u0026ssoadmin.TrustedTokenIssuerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInstanceArn: pulumi.String(example.Arns[0]),\n\t\t\tTrustedTokenIssuerType: pulumi.String(\"OIDC_JWT\"),\n\t\t\tTrustedTokenIssuerConfiguration: \u0026ssoadmin.TrustedTokenIssuerTrustedTokenIssuerConfigurationArgs{\n\t\t\t\tOidcJwtConfiguration: \u0026ssoadmin.TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfigurationArgs{\n\t\t\t\t\tClaimAttributePath: pulumi.String(\"email\"),\n\t\t\t\t\tIdentityStoreAttributePath: pulumi.String(\"emails.value\"),\n\t\t\t\t\tIssuerUrl: pulumi.String(\"https://example.com\"),\n\t\t\t\t\tJwksRetrievalOption: pulumi.String(\"OPEN_ID_DISCOVERY\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.TrustedTokenIssuer;\nimport com.pulumi.aws.ssoadmin.TrustedTokenIssuerArgs;\nimport com.pulumi.aws.ssoadmin.inputs.TrustedTokenIssuerTrustedTokenIssuerConfigurationArgs;\nimport com.pulumi.aws.ssoadmin.inputs.TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n var exampleTrustedTokenIssuer = new TrustedTokenIssuer(\"exampleTrustedTokenIssuer\", TrustedTokenIssuerArgs.builder()\n .name(\"example\")\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .trustedTokenIssuerType(\"OIDC_JWT\")\n .trustedTokenIssuerConfiguration(TrustedTokenIssuerTrustedTokenIssuerConfigurationArgs.builder()\n .oidcJwtConfiguration(TrustedTokenIssuerTrustedTokenIssuerConfigurationOidcJwtConfigurationArgs.builder()\n .claimAttributePath(\"email\")\n .identityStoreAttributePath(\"emails.value\")\n .issuerUrl(\"https://example.com\")\n .jwksRetrievalOption(\"OPEN_ID_DISCOVERY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrustedTokenIssuer:\n type: aws:ssoadmin:TrustedTokenIssuer\n name: example\n properties:\n name: example\n instanceArn: ${example.arns[0]}\n trustedTokenIssuerType: OIDC_JWT\n trustedTokenIssuerConfiguration:\n oidcJwtConfiguration:\n claimAttributePath: email\n identityStoreAttributePath: emails.value\n issuerUrl: https://example.com\n jwksRetrievalOption: OPEN_ID_DISCOVERY\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSO Admin Trusted Token Issuer using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssoadmin/trustedTokenIssuer:TrustedTokenIssuer example arn:aws:sso::012345678901:trustedTokenIssuer/ssoins-lu1ye3gew4mbc7ju/tti-2657c556-9707-11ee-b9d1-0242ac120002\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the trusted token issuer.\n" }, "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the trusted token issuer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trustedTokenIssuerConfiguration": { "$ref": "#/types/aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfiguration", "description": "A block that specifies settings that apply to the trusted token issuer, these change depending on the type you specify in `trusted_token_issuer_type`. Documented below.\n" }, "trustedTokenIssuerType": { "type": "string", "description": "Specifies the type of the trusted token issuer. Valid values are `OIDC_JWT`\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "instanceArn", "name", "tagsAll", "trustedTokenIssuerType" ], "inputProperties": { "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the trusted token issuer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trustedTokenIssuerConfiguration": { "$ref": "#/types/aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfiguration", "description": "A block that specifies settings that apply to the trusted token issuer, these change depending on the type you specify in `trusted_token_issuer_type`. Documented below.\n" }, "trustedTokenIssuerType": { "type": "string", "description": "Specifies the type of the trusted token issuer. Valid values are `OIDC_JWT`\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "instanceArn", "trustedTokenIssuerType" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrustedTokenIssuer resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the trusted token issuer.\n" }, "clientToken": { "type": "string", "description": "A unique, case-sensitive ID that you provide to ensure the idempotency of the request. AWS generates a random value when not provided.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "name": { "type": "string", "description": "Name of the trusted token issuer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "trustedTokenIssuerConfiguration": { "$ref": "#/types/aws:ssoadmin/TrustedTokenIssuerTrustedTokenIssuerConfiguration:TrustedTokenIssuerTrustedTokenIssuerConfiguration", "description": "A block that specifies settings that apply to the trusted token issuer, these change depending on the type you specify in `trusted_token_issuer_type`. Documented below.\n" }, "trustedTokenIssuerType": { "type": "string", "description": "Specifies the type of the trusted token issuer. Valid values are `OIDC_JWT`\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:storagegateway/cache:Cache": { "description": "Manages an AWS Storage Gateway cache.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove a cache disk. Destroying this resource does not perform any Storage Gateway actions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Cache(\"example\", {\n diskId: exampleAwsStoragegatewayLocalDisk.id,\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Cache(\"example\",\n disk_id=example_aws_storagegateway_local_disk[\"id\"],\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Cache(\"example\", new()\n {\n DiskId = exampleAwsStoragegatewayLocalDisk.Id,\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewCache(ctx, \"example\", \u0026storagegateway.CacheArgs{\n\t\t\tDiskId: pulumi.Any(exampleAwsStoragegatewayLocalDisk.Id),\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Cache;\nimport com.pulumi.aws.storagegateway.CacheArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cache(\"example\", CacheArgs.builder()\n .diskId(exampleAwsStoragegatewayLocalDisk.id())\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Cache\n properties:\n diskId: ${exampleAwsStoragegatewayLocalDisk.id}\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_cache` using the gateway Amazon Resource Name (ARN) and local disk identifier separated with a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:storagegateway/cache:Cache example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678:pci-0000:03:00.0-scsi-0:0:0:0\n```\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "diskId", "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering Cache resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/cachesIscsiVolume:CachesIscsiVolume": { "description": "Manages an AWS Storage Gateway cached iSCSI volume.\n\n\u003e **NOTE:** The gateway must have cache added (e.g., via the `aws.storagegateway.Cache` resource) before creating volumes otherwise the Storage Gateway API will return an error.\n\n\u003e **NOTE:** The gateway must have an upload buffer added (e.g., via the `aws.storagegateway.UploadBuffer` resource) before the volume is operational to clients, however the Storage Gateway API will allow volume creation without error in that case and return volume status as `UPLOAD BUFFER NOT CONFIGURED`.\n\n## Example Usage\n\n\u003e **NOTE:** These examples are referencing the `aws.storagegateway.Cache` resource `gateway_arn` attribute to ensure this provider properly adds cache before creating the volume. If you are not using this method, you may need to declare an expicit dependency (e.g. via `depends_on = [aws_storagegateway_cache.example]`) to ensure proper ordering.\n\n### Create Empty Cached iSCSI Volume\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: exampleAwsStoragegatewayCache.gatewayArn,\n networkInterfaceId: exampleAwsInstance.privateIp,\n targetName: \"example\",\n volumeSizeInBytes: 5368709120,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=example_aws_storagegateway_cache[\"gatewayArn\"],\n network_interface_id=example_aws_instance[\"privateIp\"],\n target_name=\"example\",\n volume_size_in_bytes=5368709120)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayCache.GatewayArn,\n NetworkInterfaceId = exampleAwsInstance.PrivateIp,\n TargetName = \"example\",\n VolumeSizeInBytes = 5368709120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayCache.GatewayArn),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsInstance.PrivateIp),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: pulumi.Int(5368709120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolume;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CachesIscsiVolume(\"example\", CachesIscsiVolumeArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayCache.gatewayArn())\n .networkInterfaceId(exampleAwsInstance.privateIp())\n .targetName(\"example\")\n .volumeSizeInBytes(5368709120)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:CachesIscsiVolume\n properties:\n gatewayArn: ${exampleAwsStoragegatewayCache.gatewayArn}\n networkInterfaceId: ${exampleAwsInstance.privateIp}\n targetName: example\n volumeSizeInBytes: 5.36870912e+09 # 5 GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create Cached iSCSI Volume From Snapshot\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: exampleAwsStoragegatewayCache.gatewayArn,\n networkInterfaceId: exampleAwsInstance.privateIp,\n snapshotId: exampleAwsEbsSnapshot.id,\n targetName: \"example\",\n volumeSizeInBytes: exampleAwsEbsSnapshot.volumeSize * 1024 * 1024 * 1024,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=example_aws_storagegateway_cache[\"gatewayArn\"],\n network_interface_id=example_aws_instance[\"privateIp\"],\n snapshot_id=example_aws_ebs_snapshot[\"id\"],\n target_name=\"example\",\n volume_size_in_bytes=example_aws_ebs_snapshot[\"volumeSize\"] * 1024 * 1024 * 1024)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayCache.GatewayArn,\n NetworkInterfaceId = exampleAwsInstance.PrivateIp,\n SnapshotId = exampleAwsEbsSnapshot.Id,\n TargetName = \"example\",\n VolumeSizeInBytes = exampleAwsEbsSnapshot.VolumeSize * 1024 * 1024 * 1024,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayCache.GatewayArn),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsInstance.PrivateIp),\n\t\t\tSnapshotId: pulumi.Any(exampleAwsEbsSnapshot.Id),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: int(exampleAwsEbsSnapshot.VolumeSize * 1024 * 1024 * 1024),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolume;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CachesIscsiVolume(\"example\", CachesIscsiVolumeArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayCache.gatewayArn())\n .networkInterfaceId(exampleAwsInstance.privateIp())\n .snapshotId(exampleAwsEbsSnapshot.id())\n .targetName(\"example\")\n .volumeSizeInBytes(exampleAwsEbsSnapshot.volumeSize() * 1024 * 1024 * 1024)\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create Cached iSCSI Volume From Source Volume\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.CachesIscsiVolume(\"example\", {\n gatewayArn: exampleAwsStoragegatewayCache.gatewayArn,\n networkInterfaceId: exampleAwsInstance.privateIp,\n sourceVolumeArn: existing.arn,\n targetName: \"example\",\n volumeSizeInBytes: existing.volumeSizeInBytes,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.CachesIscsiVolume(\"example\",\n gateway_arn=example_aws_storagegateway_cache[\"gatewayArn\"],\n network_interface_id=example_aws_instance[\"privateIp\"],\n source_volume_arn=existing[\"arn\"],\n target_name=\"example\",\n volume_size_in_bytes=existing[\"volumeSizeInBytes\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.CachesIscsiVolume(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayCache.GatewayArn,\n NetworkInterfaceId = exampleAwsInstance.PrivateIp,\n SourceVolumeArn = existing.Arn,\n TargetName = \"example\",\n VolumeSizeInBytes = existing.VolumeSizeInBytes,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewCachesIscsiVolume(ctx, \"example\", \u0026storagegateway.CachesIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayCache.GatewayArn),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsInstance.PrivateIp),\n\t\t\tSourceVolumeArn: pulumi.Any(existing.Arn),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tVolumeSizeInBytes: pulumi.Any(existing.VolumeSizeInBytes),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolume;\nimport com.pulumi.aws.storagegateway.CachesIscsiVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CachesIscsiVolume(\"example\", CachesIscsiVolumeArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayCache.gatewayArn())\n .networkInterfaceId(exampleAwsInstance.privateIp())\n .sourceVolumeArn(existing.arn())\n .targetName(\"example\")\n .volumeSizeInBytes(existing.volumeSizeInBytes())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:CachesIscsiVolume\n properties:\n gatewayArn: ${exampleAwsStoragegatewayCache.gatewayArn}\n networkInterfaceId: ${exampleAwsInstance.privateIp}\n sourceVolumeArn: ${existing.arn}\n targetName: example\n volumeSizeInBytes: ${existing.volumeSizeInBytes}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_cached_iscsi_volume` using the volume Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/cachesIscsiVolume:CachesIscsiVolume example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Set to `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3.\n" }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. Is required when `kms_encrypted` is set.\n" }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n" }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volumeE.g., `snap-1122aabb`.\n" }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n" }, "volumeArn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g., `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n" } }, "required": [ "arn", "chapEnabled", "gatewayArn", "lunNumber", "networkInterfaceId", "networkInterfacePort", "tagsAll", "targetArn", "targetName", "volumeArn", "volumeId", "volumeSizeInBytes" ], "inputProperties": { "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "kmsEncrypted": { "type": "boolean", "description": "Set to `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3.\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. Is required when `kms_encrypted` is set.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volumeE.g., `snap-1122aabb`.\n", "willReplaceOnChanges": true }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n", "willReplaceOnChanges": true }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "gatewayArn", "networkInterfaceId", "targetName", "volumeSizeInBytes" ], "stateInputs": { "description": "Input properties used for looking up and filtering CachesIscsiVolume resources.\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "kmsEncrypted": { "type": "boolean", "description": "Set to `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3.\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. Is required when `kms_encrypted` is set.\n", "willReplaceOnChanges": true }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n", "willReplaceOnChanges": true }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new cached volumeE.g., `snap-1122aabb`.\n", "willReplaceOnChanges": true }, "sourceVolumeArn": { "type": "string", "description": "The ARN for an existing volume. Specifying this ARN makes the new volume into an exact copy of the specified existing volume's latest recovery point. The `volume_size_in_bytes` value for this new volume must be equal to or larger than the size of the existing volume, in bytes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n", "willReplaceOnChanges": true }, "volumeArn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g., `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the volume in bytes.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/fileSystemAssociation:FileSystemAssociation": { "description": "Associate an Amazon FSx file system with the FSx File Gateway. After the association process is complete, the file shares on the Amazon FSx file system are available for access through the gateway. This operation only supports the FSx File Gateway type.\n\n[FSx File Gateway requirements](https://docs.aws.amazon.com/filegateway/latest/filefsxw/Requirements.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.FileSystemAssociation(\"example\", {\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsFsxWindowsFileSystem.arn,\n username: \"Admin\",\n password: \"avoid-plaintext-passwords\",\n auditDestinationArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.FileSystemAssociation(\"example\",\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_fsx_windows_file_system[\"arn\"],\n username=\"Admin\",\n password=\"avoid-plaintext-passwords\",\n audit_destination_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.FileSystemAssociation(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsFsxWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = \"avoid-plaintext-passwords\",\n AuditDestinationArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewFileSystemAssociation(ctx, \"example\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsFsxWindowsFileSystem.Arn),\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tAuditDestinationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystemAssociation(\"example\", FileSystemAssociationArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsFsxWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(\"avoid-plaintext-passwords\")\n .auditDestinationArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsFsxWindowsFileSystem.arn}\n username: Admin\n password: avoid-plaintext-passwords\n auditDestinationArn: ${exampleAwsS3Bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Required Services Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsServiceStoragegatewayAmiFILES3Latest = aws.ssm.getParameter({\n name: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n});\nconst test = new aws.ec2.Instance(\"test\", {\n ami: awsServiceStoragegatewayAmiFILES3Latest.then(awsServiceStoragegatewayAmiFILES3Latest =\u003e awsServiceStoragegatewayAmiFILES3Latest.value),\n associatePublicIpAddress: true,\n instanceType: aws.ec2.InstanceType[available.instanceType],\n vpcSecurityGroupIds: [testAwsSecurityGroup.id],\n subnetId: testAwsSubnet[0].id,\n}, {\n dependsOn: [\n testAwsRoute,\n testAwsVpcDhcpOptionsAssociation,\n ],\n});\nconst testGateway = new aws.storagegateway.Gateway(\"test\", {\n gatewayIpAddress: test.publicIp,\n gatewayName: \"test-sgw\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_FSX_SMB\",\n smbActiveDirectorySettings: {\n domainName: testAwsDirectoryServiceDirectory.name,\n password: testAwsDirectoryServiceDirectory.password,\n username: \"Admin\",\n },\n});\nconst testWindowsFileSystem = new aws.fsx.WindowsFileSystem(\"test\", {\n activeDirectoryId: testAwsDirectoryServiceDirectory.id,\n securityGroupIds: [testAwsSecurityGroup.id],\n skipFinalBackup: true,\n storageCapacity: 32,\n subnetIds: [testAwsSubnet[0].id],\n throughputCapacity: 8,\n});\nconst fsx = new aws.storagegateway.FileSystemAssociation(\"fsx\", {\n gatewayArn: testGateway.arn,\n locationArn: testWindowsFileSystem.arn,\n username: \"Admin\",\n password: testAwsDirectoryServiceDirectory.password,\n cacheAttributes: {\n cacheStaleTimeoutInSeconds: 400,\n },\n auditDestinationArn: testAwsCloudwatchLogGroup.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_service_storagegateway_ami_files3_latest = aws.ssm.get_parameter(name=\"/aws/service/storagegateway/ami/FILE_S3/latest\")\ntest = aws.ec2.Instance(\"test\",\n ami=aws_service_storagegateway_ami_files3_latest.value,\n associate_public_ip_address=True,\n instance_type=aws.ec2.InstanceType(available[\"instanceType\"]),\n vpc_security_group_ids=[test_aws_security_group[\"id\"]],\n subnet_id=test_aws_subnet[0][\"id\"],\n opts = pulumi.ResourceOptions(depends_on=[\n test_aws_route,\n test_aws_vpc_dhcp_options_association,\n ]))\ntest_gateway = aws.storagegateway.Gateway(\"test\",\n gateway_ip_address=test.public_ip,\n gateway_name=\"test-sgw\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_FSX_SMB\",\n smb_active_directory_settings={\n \"domain_name\": test_aws_directory_service_directory[\"name\"],\n \"password\": test_aws_directory_service_directory[\"password\"],\n \"username\": \"Admin\",\n })\ntest_windows_file_system = aws.fsx.WindowsFileSystem(\"test\",\n active_directory_id=test_aws_directory_service_directory[\"id\"],\n security_group_ids=[test_aws_security_group[\"id\"]],\n skip_final_backup=True,\n storage_capacity=32,\n subnet_ids=[test_aws_subnet[0][\"id\"]],\n throughput_capacity=8)\nfsx = aws.storagegateway.FileSystemAssociation(\"fsx\",\n gateway_arn=test_gateway.arn,\n location_arn=test_windows_file_system.arn,\n username=\"Admin\",\n password=test_aws_directory_service_directory[\"password\"],\n cache_attributes={\n \"cache_stale_timeout_in_seconds\": 400,\n },\n audit_destination_arn=test_aws_cloudwatch_log_group[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsServiceStoragegatewayAmiFILES3Latest = Aws.Ssm.GetParameter.Invoke(new()\n {\n Name = \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n });\n\n var test = new Aws.Ec2.Instance(\"test\", new()\n {\n Ami = awsServiceStoragegatewayAmiFILES3Latest.Apply(getParameterResult =\u003e getParameterResult.Value),\n AssociatePublicIpAddress = true,\n InstanceType = System.Enum.Parse\u003cAws.Ec2.InstanceType\u003e(available.InstanceType),\n VpcSecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SubnetId = testAwsSubnet[0].Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsRoute,\n testAwsVpcDhcpOptionsAssociation,\n },\n });\n\n var testGateway = new Aws.StorageGateway.Gateway(\"test\", new()\n {\n GatewayIpAddress = test.PublicIp,\n GatewayName = \"test-sgw\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_FSX_SMB\",\n SmbActiveDirectorySettings = new Aws.StorageGateway.Inputs.GatewaySmbActiveDirectorySettingsArgs\n {\n DomainName = testAwsDirectoryServiceDirectory.Name,\n Password = testAwsDirectoryServiceDirectory.Password,\n Username = \"Admin\",\n },\n });\n\n var testWindowsFileSystem = new Aws.Fsx.WindowsFileSystem(\"test\", new()\n {\n ActiveDirectoryId = testAwsDirectoryServiceDirectory.Id,\n SecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SkipFinalBackup = true,\n StorageCapacity = 32,\n SubnetIds = new[]\n {\n testAwsSubnet[0].Id,\n },\n ThroughputCapacity = 8,\n });\n\n var fsx = new Aws.StorageGateway.FileSystemAssociation(\"fsx\", new()\n {\n GatewayArn = testGateway.Arn,\n LocationArn = testWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = testAwsDirectoryServiceDirectory.Password,\n CacheAttributes = new Aws.StorageGateway.Inputs.FileSystemAssociationCacheAttributesArgs\n {\n CacheStaleTimeoutInSeconds = 400,\n },\n AuditDestinationArn = testAwsCloudwatchLogGroup.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tawsServiceStoragegatewayAmiFILES3Latest, err := ssm.LookupParameter(ctx, \u0026ssm.LookupParameterArgs{\n\t\t\tName: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewInstance(ctx, \"test\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(awsServiceStoragegatewayAmiFILES3Latest.Value),\n\t\t\tAssociatePublicIpAddress: pulumi.Bool(true),\n\t\t\tInstanceType: ec2.InstanceType(available.InstanceType),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSubnetId: pulumi.Any(testAwsSubnet[0].Id),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsRoute,\n\t\t\ttestAwsVpcDhcpOptionsAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGateway, err := storagegateway.NewGateway(ctx, \"test\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: test.PublicIp,\n\t\t\tGatewayName: pulumi.String(\"test-sgw\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_FSX_SMB\"),\n\t\t\tSmbActiveDirectorySettings: \u0026storagegateway.GatewaySmbActiveDirectorySettingsArgs{\n\t\t\t\tDomainName: pulumi.Any(testAwsDirectoryServiceDirectory.Name),\n\t\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWindowsFileSystem, err := fsx.NewWindowsFileSystem(ctx, \"test\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.Any(testAwsDirectoryServiceDirectory.Id),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSkipFinalBackup: pulumi.Bool(true),\n\t\t\tStorageCapacity: pulumi.Int(32),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttestAwsSubnet[0].Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewFileSystemAssociation(ctx, \"fsx\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: testGateway.Arn,\n\t\t\tLocationArn: testWindowsFileSystem.Arn,\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\tCacheAttributes: \u0026storagegateway.FileSystemAssociationCacheAttributesArgs{\n\t\t\t\tCacheStaleTimeoutInSeconds: pulumi.Int(400),\n\t\t\t},\n\t\t\tAuditDestinationArn: pulumi.Any(testAwsCloudwatchLogGroup.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetParameterArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport com.pulumi.aws.storagegateway.inputs.GatewaySmbActiveDirectorySettingsArgs;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport com.pulumi.aws.storagegateway.inputs.FileSystemAssociationCacheAttributesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var awsServiceStoragegatewayAmiFILES3Latest = SsmFunctions.getParameter(GetParameterArgs.builder()\n .name(\"/aws/service/storagegateway/ami/FILE_S3/latest\")\n .build());\n\n var test = new Instance(\"test\", InstanceArgs.builder()\n .ami(awsServiceStoragegatewayAmiFILES3Latest.applyValue(getParameterResult -\u003e getParameterResult.value()))\n .associatePublicIpAddress(true)\n .instanceType(available.instanceType())\n .vpcSecurityGroupIds(testAwsSecurityGroup.id())\n .subnetId(testAwsSubnet[0].id())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n testAwsRoute,\n testAwsVpcDhcpOptionsAssociation)\n .build());\n\n var testGateway = new Gateway(\"testGateway\", GatewayArgs.builder()\n .gatewayIpAddress(test.publicIp())\n .gatewayName(\"test-sgw\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"FILE_FSX_SMB\")\n .smbActiveDirectorySettings(GatewaySmbActiveDirectorySettingsArgs.builder()\n .domainName(testAwsDirectoryServiceDirectory.name())\n .password(testAwsDirectoryServiceDirectory.password())\n .username(\"Admin\")\n .build())\n .build());\n\n var testWindowsFileSystem = new WindowsFileSystem(\"testWindowsFileSystem\", WindowsFileSystemArgs.builder()\n .activeDirectoryId(testAwsDirectoryServiceDirectory.id())\n .securityGroupIds(testAwsSecurityGroup.id())\n .skipFinalBackup(true)\n .storageCapacity(32)\n .subnetIds(testAwsSubnet[0].id())\n .throughputCapacity(8)\n .build());\n\n var fsx = new FileSystemAssociation(\"fsx\", FileSystemAssociationArgs.builder()\n .gatewayArn(testGateway.arn())\n .locationArn(testWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(testAwsDirectoryServiceDirectory.password())\n .cacheAttributes(FileSystemAssociationCacheAttributesArgs.builder()\n .cacheStaleTimeoutInSeconds(400)\n .build())\n .auditDestinationArn(testAwsCloudwatchLogGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Instance\n properties:\n ami: ${awsServiceStoragegatewayAmiFILES3Latest.value}\n associatePublicIpAddress: true\n instanceType: ${available.instanceType}\n vpcSecurityGroupIds:\n - ${testAwsSecurityGroup.id}\n subnetId: ${testAwsSubnet[0].id}\n options:\n dependson:\n - ${testAwsRoute}\n - ${testAwsVpcDhcpOptionsAssociation}\n testGateway:\n type: aws:storagegateway:Gateway\n name: test\n properties:\n gatewayIpAddress: ${test.publicIp}\n gatewayName: test-sgw\n gatewayTimezone: GMT\n gatewayType: FILE_FSX_SMB\n smbActiveDirectorySettings:\n domainName: ${testAwsDirectoryServiceDirectory.name}\n password: ${testAwsDirectoryServiceDirectory.password}\n username: Admin\n testWindowsFileSystem:\n type: aws:fsx:WindowsFileSystem\n name: test\n properties:\n activeDirectoryId: ${testAwsDirectoryServiceDirectory.id}\n securityGroupIds:\n - ${testAwsSecurityGroup.id}\n skipFinalBackup: true\n storageCapacity: 32\n subnetIds:\n - ${testAwsSubnet[0].id}\n throughputCapacity: 8\n fsx:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${testGateway.arn}\n locationArn: ${testWindowsFileSystem.arn}\n username: Admin\n password: ${testAwsDirectoryServiceDirectory.password}\n cacheAttributes:\n cacheStaleTimeoutInSeconds: 400\n auditDestinationArn: ${testAwsCloudwatchLogGroup.arn}\nvariables:\n awsServiceStoragegatewayAmiFILES3Latest:\n fn::invoke:\n Function: aws:ssm:getParameter\n Arguments:\n name: /aws/service/storagegateway/ami/FILE_S3/latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_file_system_association` using the FSx file system association Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/fileSystemAssociation:FileSystemAssociation example arn:aws:storagegateway:us-east-1:123456789012:fs-association/fsa-0DA347732FDB40125\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the newly created file system association.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for the audit logs.\n" }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/FileSystemAssociationCacheAttributes:FileSystemAssociationCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon FSx file system to associate with the FSx File Gateway.\n" }, "password": { "type": "string", "description": "The password of the user credential.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "username": { "type": "string", "description": "The user name of the user credential that has permission to access the root share of the Amazon FSx file system. The user account must belong to the Amazon FSx delegated admin user group.\n" } }, "required": [ "arn", "gatewayArn", "locationArn", "password", "tagsAll", "username" ], "inputProperties": { "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for the audit logs.\n" }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/FileSystemAssociationCacheAttributes:FileSystemAssociationCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon FSx file system to associate with the FSx File Gateway.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password of the user credential.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "username": { "type": "string", "description": "The user name of the user credential that has permission to access the root share of the Amazon FSx file system. The user account must belong to the Amazon FSx delegated admin user group.\n" } }, "requiredInputs": [ "gatewayArn", "locationArn", "password", "username" ], "stateInputs": { "description": "Input properties used for looking up and filtering FileSystemAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the newly created file system association.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for the audit logs.\n" }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/FileSystemAssociationCacheAttributes:FileSystemAssociationCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon FSx file system to associate with the FSx File Gateway.\n", "willReplaceOnChanges": true }, "password": { "type": "string", "description": "The password of the user credential.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "username": { "type": "string", "description": "The user name of the user credential that has permission to access the root share of the Amazon FSx file system. The user account must belong to the Amazon FSx delegated admin user group.\n" } }, "type": "object" } }, "aws:storagegateway/gateway:Gateway": { "description": "Manages an AWS Storage Gateway file, tape, or volume gateway in the provider region.\n\n\u003e **NOTE:** The Storage Gateway API requires the gateway to be connected to properly return information after activation. If you are receiving `The specified gateway is not connected` errors during resource creation (gateway activation), ensure your gateway instance meets the [Storage Gateway requirements](https://docs.aws.amazon.com/storagegateway/latest/userguide/Requirements.html).\n\n## Example Usage\n\n### Local Cache\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testVolumeAttachment = new aws.ec2.VolumeAttachment(\"test\", {\n deviceName: \"/dev/xvdb\",\n volumeId: testAwsEbsVolume.id,\n instanceId: testAwsInstance.id,\n});\nconst test = aws.storagegateway.getLocalDisk({\n diskNode: testAwsVolumeAttachment.deviceName,\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\nconst testCache = new aws.storagegateway.Cache(\"test\", {\n diskId: test.then(test =\u003e test.diskId),\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_volume_attachment = aws.ec2.VolumeAttachment(\"test\",\n device_name=\"/dev/xvdb\",\n volume_id=test_aws_ebs_volume[\"id\"],\n instance_id=test_aws_instance[\"id\"])\ntest = aws.storagegateway.get_local_disk(disk_node=test_aws_volume_attachment[\"deviceName\"],\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\ntest_cache = aws.storagegateway.Cache(\"test\",\n disk_id=test.disk_id,\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testVolumeAttachment = new Aws.Ec2.VolumeAttachment(\"test\", new()\n {\n DeviceName = \"/dev/xvdb\",\n VolumeId = testAwsEbsVolume.Id,\n InstanceId = testAwsInstance.Id,\n });\n\n var test = Aws.StorageGateway.GetLocalDisk.Invoke(new()\n {\n DiskNode = testAwsVolumeAttachment.DeviceName,\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n var testCache = new Aws.StorageGateway.Cache(\"test\", new()\n {\n DiskId = test.Apply(getLocalDiskResult =\u003e getLocalDiskResult.DiskId),\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVolumeAttachment(ctx, \"test\", \u0026ec2.VolumeAttachmentArgs{\n\t\t\tDeviceName: pulumi.String(\"/dev/xvdb\"),\n\t\t\tVolumeId: pulumi.Any(testAwsEbsVolume.Id),\n\t\t\tInstanceId: pulumi.Any(testAwsInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := storagegateway.GetLocalDisk(ctx, \u0026storagegateway.GetLocalDiskArgs{\n\t\t\tDiskNode: pulumi.StringRef(testAwsVolumeAttachment.DeviceName),\n\t\t\tGatewayArn: testAwsStoragegatewayGateway.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewCache(ctx, \"test\", \u0026storagegateway.CacheArgs{\n\t\t\tDiskId: pulumi.String(test.DiskId),\n\t\t\tGatewayArn: pulumi.Any(testAwsStoragegatewayGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VolumeAttachment;\nimport com.pulumi.aws.ec2.VolumeAttachmentArgs;\nimport com.pulumi.aws.storagegateway.StoragegatewayFunctions;\nimport com.pulumi.aws.storagegateway.inputs.GetLocalDiskArgs;\nimport com.pulumi.aws.storagegateway.Cache;\nimport com.pulumi.aws.storagegateway.CacheArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testVolumeAttachment = new VolumeAttachment(\"testVolumeAttachment\", VolumeAttachmentArgs.builder()\n .deviceName(\"/dev/xvdb\")\n .volumeId(testAwsEbsVolume.id())\n .instanceId(testAwsInstance.id())\n .build());\n\n final var test = StoragegatewayFunctions.getLocalDisk(GetLocalDiskArgs.builder()\n .diskNode(testAwsVolumeAttachment.deviceName())\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n var testCache = new Cache(\"testCache\", CacheArgs.builder()\n .diskId(test.applyValue(getLocalDiskResult -\u003e getLocalDiskResult.diskId()))\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testVolumeAttachment:\n type: aws:ec2:VolumeAttachment\n name: test\n properties:\n deviceName: /dev/xvdb\n volumeId: ${testAwsEbsVolume.id}\n instanceId: ${testAwsInstance.id}\n testCache:\n type: aws:storagegateway:Cache\n name: test\n properties:\n diskId: ${test.diskId}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\nvariables:\n test:\n fn::invoke:\n Function: aws:storagegateway:getLocalDisk\n Arguments:\n diskNode: ${testAwsVolumeAttachment.deviceName}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### FSx File Gateway\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_FSX_SMB\",\n smbActiveDirectorySettings: {\n domainName: \"corp.example.com\",\n password: \"avoid-plaintext-passwords\",\n username: \"Admin\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_FSX_SMB\",\n smb_active_directory_settings={\n \"domain_name\": \"corp.example.com\",\n \"password\": \"avoid-plaintext-passwords\",\n \"username\": \"Admin\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Gateway(\"example\", new()\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_FSX_SMB\",\n SmbActiveDirectorySettings = new Aws.StorageGateway.Inputs.GatewaySmbActiveDirectorySettingsArgs\n {\n DomainName = \"corp.example.com\",\n Password = \"avoid-plaintext-passwords\",\n Username = \"Admin\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_FSX_SMB\"),\n\t\t\tSmbActiveDirectorySettings: \u0026storagegateway.GatewaySmbActiveDirectorySettingsArgs{\n\t\t\t\tDomainName: pulumi.String(\"corp.example.com\"),\n\t\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport com.pulumi.aws.storagegateway.inputs.GatewaySmbActiveDirectorySettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .gatewayIpAddress(\"1.2.3.4\")\n .gatewayName(\"example\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"FILE_FSX_SMB\")\n .smbActiveDirectorySettings(GatewaySmbActiveDirectorySettingsArgs.builder()\n .domainName(\"corp.example.com\")\n .password(\"avoid-plaintext-passwords\")\n .username(\"Admin\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Gateway\n properties:\n gatewayIpAddress: 1.2.3.4\n gatewayName: example\n gatewayTimezone: GMT\n gatewayType: FILE_FSX_SMB\n smbActiveDirectorySettings:\n domainName: corp.example.com\n password: avoid-plaintext-passwords\n username: Admin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 File Gateway\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_S3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_S3\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Gateway(\"example\", new()\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_S3\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_S3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .gatewayIpAddress(\"1.2.3.4\")\n .gatewayName(\"example\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"FILE_S3\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Gateway\n properties:\n gatewayIpAddress: 1.2.3.4\n gatewayName: example\n gatewayTimezone: GMT\n gatewayType: FILE_S3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Tape Gateway\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"VTL\",\n mediumChangerType: \"AWS-Gateway-VTL\",\n tapeDriveType: \"IBM-ULT3580-TD5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"VTL\",\n medium_changer_type=\"AWS-Gateway-VTL\",\n tape_drive_type=\"IBM-ULT3580-TD5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Gateway(\"example\", new()\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"VTL\",\n MediumChangerType = \"AWS-Gateway-VTL\",\n TapeDriveType = \"IBM-ULT3580-TD5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"VTL\"),\n\t\t\tMediumChangerType: pulumi.String(\"AWS-Gateway-VTL\"),\n\t\t\tTapeDriveType: pulumi.String(\"IBM-ULT3580-TD5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .gatewayIpAddress(\"1.2.3.4\")\n .gatewayName(\"example\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"VTL\")\n .mediumChangerType(\"AWS-Gateway-VTL\")\n .tapeDriveType(\"IBM-ULT3580-TD5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Gateway\n properties:\n gatewayIpAddress: 1.2.3.4\n gatewayName: example\n gatewayTimezone: GMT\n gatewayType: VTL\n mediumChangerType: AWS-Gateway-VTL\n tapeDriveType: IBM-ULT3580-TD5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Volume Gateway (Cached)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"CACHED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"CACHED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Gateway(\"example\", new()\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"CACHED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"CACHED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .gatewayIpAddress(\"1.2.3.4\")\n .gatewayName(\"example\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"CACHED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Gateway\n properties:\n gatewayIpAddress: 1.2.3.4\n gatewayName: example\n gatewayTimezone: GMT\n gatewayType: CACHED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Volume Gateway (Stored)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.Gateway(\"example\", {\n gatewayIpAddress: \"1.2.3.4\",\n gatewayName: \"example\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"STORED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.Gateway(\"example\",\n gateway_ip_address=\"1.2.3.4\",\n gateway_name=\"example\",\n gateway_timezone=\"GMT\",\n gateway_type=\"STORED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.Gateway(\"example\", new()\n {\n GatewayIpAddress = \"1.2.3.4\",\n GatewayName = \"example\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"STORED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewGateway(ctx, \"example\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: pulumi.String(\"1.2.3.4\"),\n\t\t\tGatewayName: pulumi.String(\"example\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"STORED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Gateway(\"example\", GatewayArgs.builder()\n .gatewayIpAddress(\"1.2.3.4\")\n .gatewayName(\"example\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"STORED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:Gateway\n properties:\n gatewayIpAddress: 1.2.3.4\n gatewayName: example\n gatewayTimezone: GMT\n gatewayType: STORED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_gateway` using the gateway Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/gateway:Gateway example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678\n```\nCertain resource arguments, like `gateway_ip_address` do not have a Storage Gateway API method for reading the information after creation, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the gateway.\n" }, "averageDownloadRateLimitInBitsPerSec": { "type": "integer", "description": "The average download bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "averageUploadRateLimitInBitsPerSec": { "type": "integer", "description": "The average upload bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "ec2InstanceId": { "type": "string", "description": "The ID of the Amazon EC2 instance that was used to launch the gateway.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint for your gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n" }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayNetworkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:storagegateway/GatewayGatewayNetworkInterface:GatewayGatewayNetworkInterface" }, "description": "An array that contains descriptions of the gateway network interfaces. See Gateway Network Interface.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_FSX_SMB`, `FILE_S3`, `STORED`, `VTL`.\n" }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running this provider. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n" }, "hostEnvironment": { "type": "string", "description": "The type of hypervisor environment used by the host.\n" }, "maintenanceStartTime": { "$ref": "#/types/aws:storagegateway/GatewayMaintenanceStartTime:GatewayMaintenanceStartTime", "description": "The gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone. More details below.\n" }, "mediumChangerType": { "type": "string", "description": "Type of medium changer to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `STK-L700`, `AWS-Gateway-VTL`, `IBM-03584L32-0402`.\n" }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbFileShareVisibility": { "type": "boolean", "description": "Specifies whether the shares on this gateway appear when listing shares.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n", "secret": true }, "smbSecurityStrategy": { "type": "string", "description": "Specifies the type of security strategy. Valid values are: `ClientSpecified`, `MandatorySigning`, and `MandatoryEncryption`. See [Setting a Security Level for Your Gateway](https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#security-strategy) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n" } }, "required": [ "activationKey", "arn", "ec2InstanceId", "endpointType", "gatewayId", "gatewayIpAddress", "gatewayName", "gatewayNetworkInterfaces", "gatewayTimezone", "hostEnvironment", "maintenanceStartTime", "smbSecurityStrategy", "tagsAll" ], "inputProperties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n", "willReplaceOnChanges": true }, "averageDownloadRateLimitInBitsPerSec": { "type": "integer", "description": "The average download bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "averageUploadRateLimitInBitsPerSec": { "type": "integer", "description": "The average upload bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n", "willReplaceOnChanges": true }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_FSX_SMB`, `FILE_S3`, `STORED`, `VTL`.\n", "willReplaceOnChanges": true }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running this provider. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n", "willReplaceOnChanges": true }, "maintenanceStartTime": { "$ref": "#/types/aws:storagegateway/GatewayMaintenanceStartTime:GatewayMaintenanceStartTime", "description": "The gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone. More details below.\n" }, "mediumChangerType": { "type": "string", "description": "Type of medium changer to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `STK-L700`, `AWS-Gateway-VTL`, `IBM-03584L32-0402`.\n", "willReplaceOnChanges": true }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbFileShareVisibility": { "type": "boolean", "description": "Specifies whether the shares on this gateway appear when listing shares.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n", "secret": true }, "smbSecurityStrategy": { "type": "string", "description": "Specifies the type of security strategy. Valid values are: `ClientSpecified`, `MandatorySigning`, and `MandatoryEncryption`. See [Setting a Security Level for Your Gateway](https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#security-strategy) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "gatewayName", "gatewayTimezone" ], "stateInputs": { "description": "Input properties used for looking up and filtering Gateway resources.\n", "properties": { "activationKey": { "type": "string", "description": "Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n", "willReplaceOnChanges": true }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the gateway.\n" }, "averageDownloadRateLimitInBitsPerSec": { "type": "integer", "description": "The average download bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "averageUploadRateLimitInBitsPerSec": { "type": "integer", "description": "The average upload bandwidth rate limit in bits per second. This is supported for the `CACHED`, `STORED`, and `VTL` gateway types.\n" }, "cloudwatchLogGroupArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway.\n" }, "ec2InstanceId": { "type": "string", "description": "The ID of the Amazon EC2 instance that was used to launch the gateway.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint for your gateway.\n" }, "gatewayId": { "type": "string", "description": "Identifier of the gateway.\n" }, "gatewayIpAddress": { "type": "string", "description": "Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where this provider is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html).\n", "willReplaceOnChanges": true }, "gatewayName": { "type": "string", "description": "Name of the gateway.\n" }, "gatewayNetworkInterfaces": { "type": "array", "items": { "$ref": "#/types/aws:storagegateway/GatewayGatewayNetworkInterface:GatewayGatewayNetworkInterface" }, "description": "An array that contains descriptions of the gateway network interfaces. See Gateway Network Interface.\n" }, "gatewayTimezone": { "type": "string", "description": "Time zone for the gateway. The time zone is of the format \"GMT\", \"GMT-hr:mm\", or \"GMT+hr:mm\". For example, `GMT-4:00` indicates the time is 4 hours behind GMT. The time zone is used, for example, for scheduling snapshots and your gateway's maintenance schedule.\n" }, "gatewayType": { "type": "string", "description": "Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_FSX_SMB`, `FILE_S3`, `STORED`, `VTL`.\n", "willReplaceOnChanges": true }, "gatewayVpcEndpoint": { "type": "string", "description": "VPC endpoint address to be used when activating your gateway. This should be used when your instance is in a private subnet. Requires HTTP access from client computer running this provider. More info on what ports are required by your VPC Endpoint Security group in [Activating a Gateway in a Virtual Private Cloud](https://docs.aws.amazon.com/storagegateway/latest/userguide/gateway-private-link.html).\n", "willReplaceOnChanges": true }, "hostEnvironment": { "type": "string", "description": "The type of hypervisor environment used by the host.\n" }, "maintenanceStartTime": { "$ref": "#/types/aws:storagegateway/GatewayMaintenanceStartTime:GatewayMaintenanceStartTime", "description": "The gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone. More details below.\n" }, "mediumChangerType": { "type": "string", "description": "Type of medium changer to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `STK-L700`, `AWS-Gateway-VTL`, `IBM-03584L32-0402`.\n", "willReplaceOnChanges": true }, "smbActiveDirectorySettings": { "$ref": "#/types/aws:storagegateway/GatewaySmbActiveDirectorySettings:GatewaySmbActiveDirectorySettings", "description": "Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below.\n" }, "smbFileShareVisibility": { "type": "boolean", "description": "Specifies whether the shares on this gateway appear when listing shares.\n" }, "smbGuestPassword": { "type": "string", "description": "Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` and `FILE_FSX_SMB` gateway types. Must be set before creating `GuestAccess` authentication SMB file shares. This provider can only detect drift of the existence of a guest password, not its actual value from the gateway. This provider can however update the password with changing the argument.\n", "secret": true }, "smbSecurityStrategy": { "type": "string", "description": "Specifies the type of security strategy. Valid values are: `ClientSpecified`, `MandatorySigning`, and `MandatoryEncryption`. See [Setting a Security Level for Your Gateway](https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#security-strategy) for more information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tapeDriveType": { "type": "string", "description": "Type of tape drive to use for tape gateway. This provider cannot detect drift of this argument. Valid values: `IBM-ULT3580-TD5`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/nfsFileShare:NfsFileShare": { "description": "Manages an AWS Storage Gateway NFS File Share.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.NfsFileShare(\"example\", {\n clientLists: [\"0.0.0.0/0\"],\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsS3Bucket.arn,\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.NfsFileShare(\"example\",\n client_lists=[\"0.0.0.0/0\"],\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_s3_bucket[\"arn\"],\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.NfsFileShare(\"example\", new()\n {\n ClientLists = new[]\n {\n \"0.0.0.0/0\",\n },\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsS3Bucket.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewNfsFileShare(ctx, \"example\", \u0026storagegateway.NfsFileShareArgs{\n\t\t\tClientLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t},\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.NfsFileShare;\nimport com.pulumi.aws.storagegateway.NfsFileShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NfsFileShare(\"example\", NfsFileShareArgs.builder()\n .clientLists(\"0.0.0.0/0\")\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsS3Bucket.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:NfsFileShare\n properties:\n clientLists:\n - 0.0.0.0/0\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsS3Bucket.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_nfs_file_share` using the NFS File Share Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/nfsFileShare:NfsFileShare example arn:aws:storagegateway:us-east-1:123456789012:share/share-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the NFS File Share.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for audit logs.\n" }, "bucketRegion": { "type": "string", "description": "The region of the S3 bucket used by the file share. Required when specifying `vpc_endpoint_dns_name`.\n" }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/NfsFileShareCacheAttributes:NfsFileShareCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "fileshareId": { "type": "string", "description": "ID of the NFS File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below. see NFS File Share Defaults for more details.\n" }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 PrivateLink.\n" } }, "required": [ "arn", "clientLists", "fileShareName", "fileshareId", "gatewayArn", "locationArn", "path", "roleArn", "tagsAll" ], "inputProperties": { "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for audit logs.\n" }, "bucketRegion": { "type": "string", "description": "The region of the S3 bucket used by the file share. Required when specifying `vpc_endpoint_dns_name`.\n", "willReplaceOnChanges": true }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/NfsFileShareCacheAttributes:NfsFileShareCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n", "willReplaceOnChanges": true }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n", "willReplaceOnChanges": true }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below. see NFS File Share Defaults for more details.\n" }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n", "willReplaceOnChanges": true }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 PrivateLink.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "clientLists", "gatewayArn", "locationArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering NfsFileShare resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the NFS File Share.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the storage used for audit logs.\n" }, "bucketRegion": { "type": "string", "description": "The region of the S3 bucket used by the file share. Required when specifying `vpc_endpoint_dns_name`.\n", "willReplaceOnChanges": true }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/NfsFileShareCacheAttributes:NfsFileShareCacheAttributes", "description": "Refresh cache information. see Cache Attributes for more details.\n" }, "clientLists": { "type": "array", "items": { "type": "string" }, "description": "The list of clients that are allowed to access the file gateway. The list must contain either valid IP addresses or valid CIDR blocks. Set to `[\"0.0.0.0/0\"]` to not limit access. Minimum 1 item. Maximum 100 items.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "fileshareId": { "type": "string", "description": "ID of the NFS File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n", "willReplaceOnChanges": true }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n", "willReplaceOnChanges": true }, "nfsFileShareDefaults": { "$ref": "#/types/aws:storagegateway/NfsFileShareNfsFileShareDefaults:NfsFileShareNfsFileShareDefaults", "description": "Nested argument with file share default values. More information below. see NFS File Share Defaults for more details.\n" }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n", "willReplaceOnChanges": true }, "squash": { "type": "string", "description": "Maps a user to anonymous user. Defaults to `RootSquash`. Valid values: `RootSquash` (only root is mapped to anonymous user), `NoSquash` (no one is mapped to anonymous user), `AllSquash` (everyone is mapped to anonymous user)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 PrivateLink.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/smbFileShare:SmbFileShare": { "description": "Manages an AWS Storage Gateway SMB File Share.\n\n## Example Usage\n\n### Active Directory Authentication\n\n\u003e **NOTE:** The gateway must have already joined the Active Directory domain prior to SMB file share creationE.g., via \"SMB Settings\" in the AWS Storage Gateway console or `smb_active_directory_settings` in the `aws.storagegateway.Gateway` resource.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.SmbFileShare(\"example\", {\n authentication: \"ActiveDirectory\",\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsS3Bucket.arn,\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.SmbFileShare(\"example\",\n authentication=\"ActiveDirectory\",\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_s3_bucket[\"arn\"],\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.SmbFileShare(\"example\", new()\n {\n Authentication = \"ActiveDirectory\",\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsS3Bucket.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewSmbFileShare(ctx, \"example\", \u0026storagegateway.SmbFileShareArgs{\n\t\t\tAuthentication: pulumi.String(\"ActiveDirectory\"),\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.SmbFileShare;\nimport com.pulumi.aws.storagegateway.SmbFileShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SmbFileShare(\"example\", SmbFileShareArgs.builder()\n .authentication(\"ActiveDirectory\")\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsS3Bucket.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:SmbFileShare\n properties:\n authentication: ActiveDirectory\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsS3Bucket.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Guest Authentication\n\n\u003e **NOTE:** The gateway must have already had the SMB guest password set prior to SMB file share creationE.g., via \"SMB Settings\" in the AWS Storage Gateway console or `smb_guest_password` in the `aws.storagegateway.Gateway` resource.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.SmbFileShare(\"example\", {\n authentication: \"GuestAccess\",\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsS3Bucket.arn,\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.SmbFileShare(\"example\",\n authentication=\"GuestAccess\",\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_s3_bucket[\"arn\"],\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.SmbFileShare(\"example\", new()\n {\n Authentication = \"GuestAccess\",\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsS3Bucket.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewSmbFileShare(ctx, \"example\", \u0026storagegateway.SmbFileShareArgs{\n\t\t\tAuthentication: pulumi.String(\"GuestAccess\"),\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.SmbFileShare;\nimport com.pulumi.aws.storagegateway.SmbFileShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SmbFileShare(\"example\", SmbFileShareArgs.builder()\n .authentication(\"GuestAccess\")\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsS3Bucket.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:SmbFileShare\n properties:\n authentication: GuestAccess\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsS3Bucket.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_smb_file_share` using the SMB File Share Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/smbFileShare:SmbFileShare example arn:aws:storagegateway:us-east-1:123456789012:share/share-12345678\n```\n", "properties": { "accessBasedEnumeration": { "type": "boolean", "description": "The files and folders on this share will only be visible to users with read access. Default value is `false`.\n" }, "adminUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that have admin access to the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the SMB File Share.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch Log Group used for the audit logs.\n" }, "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n" }, "bucketRegion": { "type": "string", "description": "The region of the S3 buck used by the file share. Required when specifying a `vpc_endpoint_dns_name`.\n" }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/SmbFileShareCacheAttributes:SmbFileShareCacheAttributes", "description": "Refresh cache information. see `cache_attributes` Block for more details.\n\n**Note:** If you have previously included a `cache_attributes` block in your configuration, removing it will not reset the refresh cache value and the previous value will remain. You must explicitly set a new value to change it.\n" }, "caseSensitivity": { "type": "string", "description": "The case of an object name in an Amazon S3 bucket. For `ClientSpecified`, the client determines the case sensitivity. For `CaseSensitive`, the gateway determines the case sensitivity. The default value is `ClientSpecified`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "fileshareId": { "type": "string", "description": "ID of the SMB File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n" }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n" }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "oplocksEnabled": { "type": "boolean", "description": "Boolean to indicate Opportunistic lock (oplock) status. Defaults to `true`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n" }, "smbAclEnabled": { "type": "boolean", "description": "Set this value to `true` to enable ACL (access control list) on the SMB fileshare. Set it to `false` to map file and directory permissions to the POSIX permissions. This setting applies only to `ActiveDirectory` authentication type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. If you need to specify an Active directory group, add '@' before the name of the group. It will be set on Allowed group in AWS console. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 private link.\n" } }, "required": [ "arn", "fileShareName", "fileshareId", "gatewayArn", "locationArn", "oplocksEnabled", "path", "roleArn", "tagsAll" ], "inputProperties": { "accessBasedEnumeration": { "type": "boolean", "description": "The files and folders on this share will only be visible to users with read access. Default value is `false`.\n" }, "adminUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that have admin access to the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch Log Group used for the audit logs.\n" }, "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n", "willReplaceOnChanges": true }, "bucketRegion": { "type": "string", "description": "The region of the S3 buck used by the file share. Required when specifying a `vpc_endpoint_dns_name`.\n", "willReplaceOnChanges": true }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/SmbFileShareCacheAttributes:SmbFileShareCacheAttributes", "description": "Refresh cache information. see `cache_attributes` Block for more details.\n\n**Note:** If you have previously included a `cache_attributes` block in your configuration, removing it will not reset the refresh cache value and the previous value will remain. You must explicitly set a new value to change it.\n" }, "caseSensitivity": { "type": "string", "description": "The case of an object name in an Amazon S3 bucket. For `ClientSpecified`, the client determines the case sensitivity. For `CaseSensitive`, the gateway determines the case sensitivity. The default value is `ClientSpecified`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n", "willReplaceOnChanges": true }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n", "willReplaceOnChanges": true }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "oplocksEnabled": { "type": "boolean", "description": "Boolean to indicate Opportunistic lock (oplock) status. Defaults to `true`.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n", "willReplaceOnChanges": true }, "smbAclEnabled": { "type": "boolean", "description": "Set this value to `true` to enable ACL (access control list) on the SMB fileshare. Set it to `false` to map file and directory permissions to the POSIX permissions. This setting applies only to `ActiveDirectory` authentication type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. If you need to specify an Active directory group, add '@' before the name of the group. It will be set on Allowed group in AWS console. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 private link.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "gatewayArn", "locationArn", "roleArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering SmbFileShare resources.\n", "properties": { "accessBasedEnumeration": { "type": "boolean", "description": "The files and folders on this share will only be visible to users with read access. Default value is `false`.\n" }, "adminUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that have admin access to the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the SMB File Share.\n" }, "auditDestinationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the CloudWatch Log Group used for the audit logs.\n" }, "authentication": { "type": "string", "description": "The authentication method that users use to access the file share. Defaults to `ActiveDirectory`. Valid values: `ActiveDirectory`, `GuestAccess`.\n", "willReplaceOnChanges": true }, "bucketRegion": { "type": "string", "description": "The region of the S3 buck used by the file share. Required when specifying a `vpc_endpoint_dns_name`.\n", "willReplaceOnChanges": true }, "cacheAttributes": { "$ref": "#/types/aws:storagegateway/SmbFileShareCacheAttributes:SmbFileShareCacheAttributes", "description": "Refresh cache information. see `cache_attributes` Block for more details.\n\n**Note:** If you have previously included a `cache_attributes` block in your configuration, removing it will not reset the refresh cache value and the previous value will remain. You must explicitly set a new value to change it.\n" }, "caseSensitivity": { "type": "string", "description": "The case of an object name in an Amazon S3 bucket. For `ClientSpecified`, the client determines the case sensitivity. For `CaseSensitive`, the gateway determines the case sensitivity. The default value is `ClientSpecified`.\n" }, "defaultStorageClass": { "type": "string", "description": "The default [storage class](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-DefaultStorageClass) for objects put into an Amazon S3 bucket by the file gateway. Defaults to `S3_STANDARD`.\n" }, "fileShareName": { "type": "string", "description": "The name of the file share. Must be set if an S3 prefix name is set in `location_arn`.\n" }, "fileshareId": { "type": "string", "description": "ID of the SMB File Share.\n" }, "gatewayArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the file gateway.\n", "willReplaceOnChanges": true }, "guessMimeTypeEnabled": { "type": "boolean", "description": "Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults to `true`.\n" }, "invalidUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are not allowed to access the file share. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "kmsEncrypted": { "type": "boolean", "description": "Boolean value if `true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Defaults to `false`.\n" }, "kmsKeyArn": { "type": "string", "description": "Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is true.\n" }, "locationArn": { "type": "string", "description": "The ARN of the backed storage used for storing file data.\n", "willReplaceOnChanges": true }, "notificationPolicy": { "type": "string", "description": "The notification policy of the file share. For more information see the [AWS Documentation](https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html#StorageGateway-CreateNFSFileShare-request-NotificationPolicy). Default value is `{}`.\n" }, "objectAcl": { "type": "string", "description": "Access Control List permission for S3 objects. Defaults to `private`.\n" }, "oplocksEnabled": { "type": "boolean", "description": "Boolean to indicate Opportunistic lock (oplock) status. Defaults to `true`.\n" }, "path": { "type": "string", "description": "File share path used by the NFS client to identify the mount point.\n" }, "readOnly": { "type": "boolean", "description": "Boolean to indicate write status of file share. File share does not accept writes if `true`. Defaults to `false`.\n" }, "requesterPays": { "type": "boolean", "description": "Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value to `true` if you want the requester to pay instead of the bucket owner. Defaults to `false`.\n" }, "roleArn": { "type": "string", "description": "The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.\n", "willReplaceOnChanges": true }, "smbAclEnabled": { "type": "boolean", "description": "Set this value to `true` to enable ACL (access control list) on the SMB fileshare. Set it to `false` to map file and directory permissions to the POSIX permissions. This setting applies only to `ActiveDirectory` authentication type.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "validUserLists": { "type": "array", "items": { "type": "string" }, "description": "A list of users in the Active Directory that are allowed to access the file share. If you need to specify an Active directory group, add '@' before the name of the group. It will be set on Allowed group in AWS console. Only valid if `authentication` is set to `ActiveDirectory`.\n" }, "vpcEndpointDnsName": { "type": "string", "description": "The DNS name of the VPC endpoint for S3 private link.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/storedIscsiVolume:StoredIscsiVolume": { "description": "Manages an AWS Storage Gateway stored iSCSI volume.\n\n\u003e **NOTE:** The gateway must have a working storage added (e.g., via the `aws.storagegateway.WorkingStorage` resource) before the volume is operational to clients, however the Storage Gateway API will allow volume creation without error in that case and return volume status as `WORKING STORAGE NOT CONFIGURED`.\n\n## Example Usage\n\n### Create Empty Stored iSCSI Volume\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.StoredIscsiVolume(\"example\", {\n gatewayArn: exampleAwsStoragegatewayCache.gatewayArn,\n networkInterfaceId: exampleAwsInstance.privateIp,\n targetName: \"example\",\n preserveExistingData: false,\n diskId: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.StoredIscsiVolume(\"example\",\n gateway_arn=example_aws_storagegateway_cache[\"gatewayArn\"],\n network_interface_id=example_aws_instance[\"privateIp\"],\n target_name=\"example\",\n preserve_existing_data=False,\n disk_id=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.StoredIscsiVolume(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayCache.GatewayArn,\n NetworkInterfaceId = exampleAwsInstance.PrivateIp,\n TargetName = \"example\",\n PreserveExistingData = false,\n DiskId = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewStoredIscsiVolume(ctx, \"example\", \u0026storagegateway.StoredIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayCache.GatewayArn),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsInstance.PrivateIp),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tPreserveExistingData: pulumi.Bool(false),\n\t\t\tDiskId: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.StoredIscsiVolume;\nimport com.pulumi.aws.storagegateway.StoredIscsiVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StoredIscsiVolume(\"example\", StoredIscsiVolumeArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayCache.gatewayArn())\n .networkInterfaceId(exampleAwsInstance.privateIp())\n .targetName(\"example\")\n .preserveExistingData(false)\n .diskId(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:StoredIscsiVolume\n properties:\n gatewayArn: ${exampleAwsStoragegatewayCache.gatewayArn}\n networkInterfaceId: ${exampleAwsInstance.privateIp}\n targetName: example\n preserveExistingData: false\n diskId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create Stored iSCSI Volume From Snapshot\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.StoredIscsiVolume(\"example\", {\n gatewayArn: exampleAwsStoragegatewayCache.gatewayArn,\n networkInterfaceId: exampleAwsInstance.privateIp,\n snapshotId: exampleAwsEbsSnapshot.id,\n targetName: \"example\",\n preserveExistingData: false,\n diskId: test.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.StoredIscsiVolume(\"example\",\n gateway_arn=example_aws_storagegateway_cache[\"gatewayArn\"],\n network_interface_id=example_aws_instance[\"privateIp\"],\n snapshot_id=example_aws_ebs_snapshot[\"id\"],\n target_name=\"example\",\n preserve_existing_data=False,\n disk_id=test[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.StoredIscsiVolume(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayCache.GatewayArn,\n NetworkInterfaceId = exampleAwsInstance.PrivateIp,\n SnapshotId = exampleAwsEbsSnapshot.Id,\n TargetName = \"example\",\n PreserveExistingData = false,\n DiskId = test.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewStoredIscsiVolume(ctx, \"example\", \u0026storagegateway.StoredIscsiVolumeArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayCache.GatewayArn),\n\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsInstance.PrivateIp),\n\t\t\tSnapshotId: pulumi.Any(exampleAwsEbsSnapshot.Id),\n\t\t\tTargetName: pulumi.String(\"example\"),\n\t\t\tPreserveExistingData: pulumi.Bool(false),\n\t\t\tDiskId: pulumi.Any(test.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.StoredIscsiVolume;\nimport com.pulumi.aws.storagegateway.StoredIscsiVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new StoredIscsiVolume(\"example\", StoredIscsiVolumeArgs.builder()\n .gatewayArn(exampleAwsStoragegatewayCache.gatewayArn())\n .networkInterfaceId(exampleAwsInstance.privateIp())\n .snapshotId(exampleAwsEbsSnapshot.id())\n .targetName(\"example\")\n .preserveExistingData(false)\n .diskId(test.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:StoredIscsiVolume\n properties:\n gatewayArn: ${exampleAwsStoragegatewayCache.gatewayArn}\n networkInterfaceId: ${exampleAwsInstance.privateIp}\n snapshotId: ${exampleAwsEbsSnapshot.id}\n targetName: example\n preserveExistingData: false\n diskId: ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_stored_iscsi_volume` using the volume Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/storedIscsiVolume:StoredIscsiVolume example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "diskId": { "type": "string", "description": "The unique identifier for the gateway local disk that is configured as a stored volume.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" }, "kmsEncrypted": { "type": "boolean", "description": "`true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Optional.\n" }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is `true`.\n" }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n" }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "preserveExistingData": { "type": "boolean", "description": "Specify this field as `true` if you want to preserve the data on the local disk. Otherwise, specifying this field as false creates an empty volume.\n" }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new stored volumeE.g., `snap-1122aabb`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n" }, "volumeAttachmentStatus": { "type": "string", "description": "A value that indicates whether a storage volume is attached to, detached from, or is in the process of detaching from a gateway.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g., `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the data stored on the volume in bytes.\n" }, "volumeStatus": { "type": "string", "description": "indicates the state of the storage volume.\n" }, "volumeType": { "type": "string", "description": "indicates the type of the volume.\n" } }, "required": [ "arn", "chapEnabled", "diskId", "gatewayArn", "lunNumber", "networkInterfaceId", "networkInterfacePort", "preserveExistingData", "tagsAll", "targetArn", "targetName", "volumeAttachmentStatus", "volumeId", "volumeSizeInBytes", "volumeStatus", "volumeType" ], "inputProperties": { "diskId": { "type": "string", "description": "The unique identifier for the gateway local disk that is configured as a stored volume.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "kmsEncrypted": { "type": "boolean", "description": "`true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Optional.\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is `true`.\n", "willReplaceOnChanges": true }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n", "willReplaceOnChanges": true }, "preserveExistingData": { "type": "boolean", "description": "Specify this field as `true` if you want to preserve the data on the local disk. Otherwise, specifying this field as false creates an empty volume.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new stored volumeE.g., `snap-1122aabb`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "diskId", "gatewayArn", "networkInterfaceId", "preserveExistingData", "targetName" ], "stateInputs": { "description": "Input properties used for looking up and filtering StoredIscsiVolume resources.\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/volume/vol-12345678`.\n" }, "chapEnabled": { "type": "boolean", "description": "Whether mutual CHAP is enabled for the iSCSI target.\n" }, "diskId": { "type": "string", "description": "The unique identifier for the gateway local disk that is configured as a stored volume.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true }, "kmsEncrypted": { "type": "boolean", "description": "`true` to use Amazon S3 server side encryption with your own AWS KMS key, or `false` to use a key managed by Amazon S3. Optional.\n", "willReplaceOnChanges": true }, "kmsKey": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS KMS key used for Amazon S3 server side encryption. This value can only be set when `kms_encrypted` is `true`.\n", "willReplaceOnChanges": true }, "lunNumber": { "type": "integer", "description": "Logical disk number.\n" }, "networkInterfaceId": { "type": "string", "description": "The network interface of the gateway on which to expose the iSCSI target. Only IPv4 addresses are accepted.\n", "willReplaceOnChanges": true }, "networkInterfacePort": { "type": "integer", "description": "The port used to communicate with iSCSI targets.\n" }, "preserveExistingData": { "type": "boolean", "description": "Specify this field as `true` if you want to preserve the data on the local disk. Otherwise, specifying this field as false creates an empty volume.\n", "willReplaceOnChanges": true }, "snapshotId": { "type": "string", "description": "The snapshot ID of the snapshot to restore as the new stored volumeE.g., `snap-1122aabb`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "targetArn": { "type": "string", "description": "Target Amazon Resource Name (ARN), e.g., `arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678/target/iqn.1997-05.com.amazon:TargetName`.\n" }, "targetName": { "type": "string", "description": "The name of the iSCSI target used by initiators to connect to the target and as a suffix for the target ARN. The target name must be unique across all volumes of a gateway.\n", "willReplaceOnChanges": true }, "volumeAttachmentStatus": { "type": "string", "description": "A value that indicates whether a storage volume is attached to, detached from, or is in the process of detaching from a gateway.\n" }, "volumeId": { "type": "string", "description": "Volume ID, e.g., `vol-12345678`.\n" }, "volumeSizeInBytes": { "type": "integer", "description": "The size of the data stored on the volume in bytes.\n" }, "volumeStatus": { "type": "string", "description": "indicates the state of the storage volume.\n" }, "volumeType": { "type": "string", "description": "indicates the type of the volume.\n" } }, "type": "object" } }, "aws:storagegateway/tapePool:TapePool": { "description": "Manages an AWS Storage Gateway Tape Pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.TapePool(\"example\", {\n poolName: \"example\",\n storageClass: \"GLACIER\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.TapePool(\"example\",\n pool_name=\"example\",\n storage_class=\"GLACIER\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.TapePool(\"example\", new()\n {\n PoolName = \"example\",\n StorageClass = \"GLACIER\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewTapePool(ctx, \"example\", \u0026storagegateway.TapePoolArgs{\n\t\t\tPoolName: pulumi.String(\"example\"),\n\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.TapePool;\nimport com.pulumi.aws.storagegateway.TapePoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TapePool(\"example\", TapePoolArgs.builder()\n .poolName(\"example\")\n .storageClass(\"GLACIER\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:TapePool\n properties:\n poolName: example\n storageClass: GLACIER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_tape_pool` using the volume Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/tapePool:TapePool example arn:aws:storagegateway:us-east-1:123456789012:tapepool/pool-12345678\n```\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `aws_storagegateway_tape_pool.example arn:aws:storagegateway:us-east-1:123456789012:tapepool/pool-12345678`.\n" }, "poolName": { "type": "string", "description": "The name of the new custom tape pool.\n" }, "retentionLockTimeInDays": { "type": "integer", "description": "Tape retention lock time is set in days. Tape retention lock can be enabled for up to 100 years (36,500 days). Default value is 0.\n" }, "retentionLockType": { "type": "string", "description": "Tape retention lock can be configured in two modes. When configured in governance mode, AWS accounts with specific IAM permissions are authorized to remove the tape retention lock from archived virtual tapes. When configured in compliance mode, the tape retention lock cannot be removed by any user, including the root AWS account. Possible values are `COMPLIANCE`, `GOVERNANCE`, and `NONE`. Default value is `NONE`.\n" }, "storageClass": { "type": "string", "description": "The storage class that is associated with the new custom pool. When you use your backup application to eject the tape, the tape is archived directly into the storage class that corresponds to the pool. Possible values are `DEEP_ARCHIVE` or `GLACIER`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "poolName", "storageClass", "tagsAll" ], "inputProperties": { "poolName": { "type": "string", "description": "The name of the new custom tape pool.\n", "willReplaceOnChanges": true }, "retentionLockTimeInDays": { "type": "integer", "description": "Tape retention lock time is set in days. Tape retention lock can be enabled for up to 100 years (36,500 days). Default value is 0.\n", "willReplaceOnChanges": true }, "retentionLockType": { "type": "string", "description": "Tape retention lock can be configured in two modes. When configured in governance mode, AWS accounts with specific IAM permissions are authorized to remove the tape retention lock from archived virtual tapes. When configured in compliance mode, the tape retention lock cannot be removed by any user, including the root AWS account. Possible values are `COMPLIANCE`, `GOVERNANCE`, and `NONE`. Default value is `NONE`.\n", "willReplaceOnChanges": true }, "storageClass": { "type": "string", "description": "The storage class that is associated with the new custom pool. When you use your backup application to eject the tape, the tape is archived directly into the storage class that corresponds to the pool. Possible values are `DEEP_ARCHIVE` or `GLACIER`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "poolName", "storageClass" ], "stateInputs": { "description": "Input properties used for looking up and filtering TapePool resources.\n", "properties": { "arn": { "type": "string", "description": "Volume Amazon Resource Name (ARN), e.g., `aws_storagegateway_tape_pool.example arn:aws:storagegateway:us-east-1:123456789012:tapepool/pool-12345678`.\n" }, "poolName": { "type": "string", "description": "The name of the new custom tape pool.\n", "willReplaceOnChanges": true }, "retentionLockTimeInDays": { "type": "integer", "description": "Tape retention lock time is set in days. Tape retention lock can be enabled for up to 100 years (36,500 days). Default value is 0.\n", "willReplaceOnChanges": true }, "retentionLockType": { "type": "string", "description": "Tape retention lock can be configured in two modes. When configured in governance mode, AWS accounts with specific IAM permissions are authorized to remove the tape retention lock from archived virtual tapes. When configured in compliance mode, the tape retention lock cannot be removed by any user, including the root AWS account. Possible values are `COMPLIANCE`, `GOVERNANCE`, and `NONE`. Default value is `NONE`.\n", "willReplaceOnChanges": true }, "storageClass": { "type": "string", "description": "The storage class that is associated with the new custom pool. When you use your backup application to eject the tape, the tape is archived directly into the storage class that corresponds to the pool. Possible values are `DEEP_ARCHIVE` or `GLACIER`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:storagegateway/uploadBuffer:UploadBuffer": { "description": "Manages an AWS Storage Gateway upload buffer.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove an upload buffer disk. Destroying this resource does not perform any Storage Gateway actions.\n\n## Example Usage\n\n### Cached and VTL Gateway Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.storagegateway.getLocalDisk({\n diskNode: testAwsVolumeAttachment.deviceName,\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\nconst testUploadBuffer = new aws.storagegateway.UploadBuffer(\"test\", {\n diskPath: test.then(test =\u003e test.diskPath),\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.storagegateway.get_local_disk(disk_node=test_aws_volume_attachment[\"deviceName\"],\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\ntest_upload_buffer = aws.storagegateway.UploadBuffer(\"test\",\n disk_path=test.disk_path,\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.StorageGateway.GetLocalDisk.Invoke(new()\n {\n DiskNode = testAwsVolumeAttachment.DeviceName,\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n var testUploadBuffer = new Aws.StorageGateway.UploadBuffer(\"test\", new()\n {\n DiskPath = test.Apply(getLocalDiskResult =\u003e getLocalDiskResult.DiskPath),\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := storagegateway.GetLocalDisk(ctx, \u0026storagegateway.GetLocalDiskArgs{\n\t\t\tDiskNode: pulumi.StringRef(testAwsVolumeAttachment.DeviceName),\n\t\t\tGatewayArn: testAwsStoragegatewayGateway.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewUploadBuffer(ctx, \"test\", \u0026storagegateway.UploadBufferArgs{\n\t\t\tDiskPath: pulumi.String(test.DiskPath),\n\t\t\tGatewayArn: pulumi.Any(testAwsStoragegatewayGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.StoragegatewayFunctions;\nimport com.pulumi.aws.storagegateway.inputs.GetLocalDiskArgs;\nimport com.pulumi.aws.storagegateway.UploadBuffer;\nimport com.pulumi.aws.storagegateway.UploadBufferArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = StoragegatewayFunctions.getLocalDisk(GetLocalDiskArgs.builder()\n .diskNode(testAwsVolumeAttachment.deviceName())\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n var testUploadBuffer = new UploadBuffer(\"testUploadBuffer\", UploadBufferArgs.builder()\n .diskPath(test.applyValue(getLocalDiskResult -\u003e getLocalDiskResult.diskPath()))\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testUploadBuffer:\n type: aws:storagegateway:UploadBuffer\n name: test\n properties:\n diskPath: ${test.diskPath}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\nvariables:\n test:\n fn::invoke:\n Function: aws:storagegateway:getLocalDisk\n Arguments:\n diskNode: ${testAwsVolumeAttachment.deviceName}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Stored Gateway Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.storagegateway.getLocalDisk({\n diskNode: testAwsVolumeAttachment.deviceName,\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\nconst example = new aws.storagegateway.UploadBuffer(\"example\", {\n diskId: exampleAwsStoragegatewayLocalDisk.id,\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.storagegateway.get_local_disk(disk_node=test_aws_volume_attachment[\"deviceName\"],\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\nexample = aws.storagegateway.UploadBuffer(\"example\",\n disk_id=example_aws_storagegateway_local_disk[\"id\"],\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.StorageGateway.GetLocalDisk.Invoke(new()\n {\n DiskNode = testAwsVolumeAttachment.DeviceName,\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n var example = new Aws.StorageGateway.UploadBuffer(\"example\", new()\n {\n DiskId = exampleAwsStoragegatewayLocalDisk.Id,\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.GetLocalDisk(ctx, \u0026storagegateway.GetLocalDiskArgs{\n\t\t\tDiskNode: pulumi.StringRef(testAwsVolumeAttachment.DeviceName),\n\t\t\tGatewayArn: testAwsStoragegatewayGateway.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewUploadBuffer(ctx, \"example\", \u0026storagegateway.UploadBufferArgs{\n\t\t\tDiskId: pulumi.Any(exampleAwsStoragegatewayLocalDisk.Id),\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.StoragegatewayFunctions;\nimport com.pulumi.aws.storagegateway.inputs.GetLocalDiskArgs;\nimport com.pulumi.aws.storagegateway.UploadBuffer;\nimport com.pulumi.aws.storagegateway.UploadBufferArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = StoragegatewayFunctions.getLocalDisk(GetLocalDiskArgs.builder()\n .diskNode(testAwsVolumeAttachment.deviceName())\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n var example = new UploadBuffer(\"example\", UploadBufferArgs.builder()\n .diskId(exampleAwsStoragegatewayLocalDisk.id())\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:UploadBuffer\n properties:\n diskId: ${exampleAwsStoragegatewayLocalDisk.id}\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\nvariables:\n test:\n fn::invoke:\n Function: aws:storagegateway:getLocalDisk\n Arguments:\n diskNode: ${testAwsVolumeAttachment.deviceName}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_upload_buffer` using the gateway Amazon Resource Name (ARN) and local disk identifier separated with a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:storagegateway/uploadBuffer:UploadBuffer example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678:pci-0000:03:00.0-scsi-0:0:0:0\n```\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "diskPath": { "type": "string", "description": "Local disk path. For example, `/dev/nvme1n1`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "diskPath", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "diskPath": { "type": "string", "description": "Local disk path. For example, `/dev/nvme1n1`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering UploadBuffer resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "diskPath": { "type": "string", "description": "Local disk path. For example, `/dev/nvme1n1`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:storagegateway/workingStorage:WorkingStorage": { "description": "Manages an AWS Storage Gateway working storage.\n\n\u003e **NOTE:** The Storage Gateway API provides no method to remove a working storage disk. Destroying this resource does not perform any Storage Gateway actions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.WorkingStorage(\"example\", {\n diskId: exampleAwsStoragegatewayLocalDisk.id,\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.WorkingStorage(\"example\",\n disk_id=example_aws_storagegateway_local_disk[\"id\"],\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.WorkingStorage(\"example\", new()\n {\n DiskId = exampleAwsStoragegatewayLocalDisk.Id,\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewWorkingStorage(ctx, \"example\", \u0026storagegateway.WorkingStorageArgs{\n\t\t\tDiskId: pulumi.Any(exampleAwsStoragegatewayLocalDisk.Id),\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.WorkingStorage;\nimport com.pulumi.aws.storagegateway.WorkingStorageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WorkingStorage(\"example\", WorkingStorageArgs.builder()\n .diskId(exampleAwsStoragegatewayLocalDisk.id())\n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:WorkingStorage\n properties:\n diskId: ${exampleAwsStoragegatewayLocalDisk.id}\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_working_storage` using the gateway Amazon Resource Name (ARN) and local disk identifier separated with a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:storagegateway/workingStorage:WorkingStorage example arn:aws:storagegateway:us-east-1:123456789012:gateway/sgw-12345678:pci-0000:03:00.0-scsi-0:0:0:0\n```\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n" }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n" } }, "required": [ "diskId", "gatewayArn" ], "inputProperties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "diskId", "gatewayArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WorkingStorage resources.\n", "properties": { "diskId": { "type": "string", "description": "Local disk identifier. For example, `pci-0000:03:00.0-scsi-0:0:0:0`.\n", "willReplaceOnChanges": true }, "gatewayArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the gateway.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:swf/domain:Domain": { "description": "Provides an SWF Domain resource.\n\n## Example Usage\n\nTo register a basic SWF domain:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.swf.Domain(\"foo\", {\n name: \"foo\",\n description: \"SWF Domain\",\n workflowExecutionRetentionPeriodInDays: \"30\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.swf.Domain(\"foo\",\n name=\"foo\",\n description=\"SWF Domain\",\n workflow_execution_retention_period_in_days=\"30\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Swf.Domain(\"foo\", new()\n {\n Name = \"foo\",\n Description = \"SWF Domain\",\n WorkflowExecutionRetentionPeriodInDays = \"30\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/swf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := swf.NewDomain(ctx, \"foo\", \u0026swf.DomainArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tDescription: pulumi.String(\"SWF Domain\"),\n\t\t\tWorkflowExecutionRetentionPeriodInDays: pulumi.String(\"30\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.swf.Domain;\nimport com.pulumi.aws.swf.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new Domain(\"foo\", DomainArgs.builder()\n .name(\"foo\")\n .description(\"SWF Domain\")\n .workflowExecutionRetentionPeriodInDays(30)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:swf:Domain\n properties:\n name: foo\n description: SWF Domain\n workflowExecutionRetentionPeriodInDays: 30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SWF Domains using the `name`. For example:\n\n```sh\n$ pulumi import aws:swf/domain:Domain foo test-domain\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The domain description.\n" }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n" }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n" } }, "required": [ "arn", "name", "namePrefix", "tagsAll", "workflowExecutionRetentionPeriodInDays" ], "inputProperties": { "description": { "type": "string", "description": "The domain description.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "workflowExecutionRetentionPeriodInDays" ], "stateInputs": { "description": "Input properties used for looking up and filtering Domain resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "description": { "type": "string", "description": "The domain description.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the domain. If omitted, this provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workflowExecutionRetentionPeriodInDays": { "type": "string", "description": "Length of time that SWF will continue to retain information about the workflow execution after the workflow execution is complete, must be between 0 and 90 days.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:synthetics/canary:Canary": { "description": "Provides a Synthetics Canary resource.\n\n\u003e **NOTE:** When you create a canary, AWS creates supporting implicit resources. See the Amazon CloudWatch Synthetics documentation on [DeleteCanary](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html) for a full list. Neither AWS nor this provider deletes these implicit resources automatically when the canary is deleted. Before deleting a canary, ensure you have all the information about the canary that you need to delete the implicit resources using the AWS Console, or AWS CLI.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst some = new aws.synthetics.Canary(\"some\", {\n name: \"some-canary\",\n artifactS3Location: \"s3://some-bucket/\",\n executionRoleArn: \"some-role\",\n handler: \"exports.handler\",\n zipFile: \"test-fixtures/lambdatest.zip\",\n runtimeVersion: \"syn-1.0\",\n schedule: {\n expression: \"rate(0 minute)\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsome = aws.synthetics.Canary(\"some\",\n name=\"some-canary\",\n artifact_s3_location=\"s3://some-bucket/\",\n execution_role_arn=\"some-role\",\n handler=\"exports.handler\",\n zip_file=\"test-fixtures/lambdatest.zip\",\n runtime_version=\"syn-1.0\",\n schedule={\n \"expression\": \"rate(0 minute)\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var some = new Aws.Synthetics.Canary(\"some\", new()\n {\n Name = \"some-canary\",\n ArtifactS3Location = \"s3://some-bucket/\",\n ExecutionRoleArn = \"some-role\",\n Handler = \"exports.handler\",\n ZipFile = \"test-fixtures/lambdatest.zip\",\n RuntimeVersion = \"syn-1.0\",\n Schedule = new Aws.Synthetics.Inputs.CanaryScheduleArgs\n {\n Expression = \"rate(0 minute)\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/synthetics\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := synthetics.NewCanary(ctx, \"some\", \u0026synthetics.CanaryArgs{\n\t\t\tName: pulumi.String(\"some-canary\"),\n\t\t\tArtifactS3Location: pulumi.String(\"s3://some-bucket/\"),\n\t\t\tExecutionRoleArn: pulumi.String(\"some-role\"),\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tZipFile: pulumi.String(\"test-fixtures/lambdatest.zip\"),\n\t\t\tRuntimeVersion: pulumi.String(\"syn-1.0\"),\n\t\t\tSchedule: \u0026synthetics.CanaryScheduleArgs{\n\t\t\t\tExpression: pulumi.String(\"rate(0 minute)\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.synthetics.Canary;\nimport com.pulumi.aws.synthetics.CanaryArgs;\nimport com.pulumi.aws.synthetics.inputs.CanaryScheduleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var some = new Canary(\"some\", CanaryArgs.builder()\n .name(\"some-canary\")\n .artifactS3Location(\"s3://some-bucket/\")\n .executionRoleArn(\"some-role\")\n .handler(\"exports.handler\")\n .zipFile(\"test-fixtures/lambdatest.zip\")\n .runtimeVersion(\"syn-1.0\")\n .schedule(CanaryScheduleArgs.builder()\n .expression(\"rate(0 minute)\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n some:\n type: aws:synthetics:Canary\n properties:\n name: some-canary\n artifactS3Location: s3://some-bucket/\n executionRoleArn: some-role\n handler: exports.handler\n zipFile: test-fixtures/lambdatest.zip\n runtimeVersion: syn-1.0\n schedule:\n expression: rate(0 minute)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Synthetics Canaries using the `name`. For example:\n\n```sh\n$ pulumi import aws:synthetics/canary:Canary some some-canary\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Canary.\n" }, "artifactConfig": { "$ref": "#/types/aws:synthetics/CanaryArtifactConfig:CanaryArtifactConfig", "description": "configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. See Artifact Config.\n" }, "artifactS3Location": { "type": "string", "description": "Location in Amazon S3 where Synthetics stores artifacts from the test runs of this canary.\n" }, "deleteLambda": { "type": "boolean", "description": "Specifies whether to also delete the Lambda functions and layers used by this canary. The default is `false`.\n" }, "engineArn": { "type": "string", "description": "ARN of the Lambda function that is used as your canary's engine.\n" }, "executionRoleArn": { "type": "string", "description": "ARN of the IAM role to be used to run the canary. see [AWS Docs](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateCanary.html#API_CreateCanary_RequestSyntax) for permissions needs for IAM Role.\n" }, "failureRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "handler": { "type": "string", "description": "Entry point to use for the source code when running the canary. This value must end with the string `.handler` .\n" }, "name": { "type": "string", "description": "Name for this canary. Has a maximum length of 21 characters. Valid characters are lowercase alphanumeric, hyphen, or underscore.\n" }, "runConfig": { "$ref": "#/types/aws:synthetics/CanaryRunConfig:CanaryRunConfig", "description": "Configuration block for individual canary runs. Detailed below.\n" }, "runtimeVersion": { "type": "string", "description": "Runtime version to use for the canary. Versions change often so consult the [Amazon CloudWatch documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) for the latest valid versions. Values include `syn-python-selenium-1.0`, `syn-nodejs-puppeteer-3.0`, `syn-nodejs-2.2`, `syn-nodejs-2.1`, `syn-nodejs-2.0`, and `syn-1.0`.\n" }, "s3Bucket": { "type": "string", "description": "Full bucket name which is used if your canary script is located in S3. The bucket must already exist. **Conflicts with `zip_file`.**\n" }, "s3Key": { "type": "string", "description": "S3 key of your script. **Conflicts with `zip_file`.**\n" }, "s3Version": { "type": "string", "description": "S3 version ID of your script. **Conflicts with `zip_file`.**\n" }, "schedule": { "$ref": "#/types/aws:synthetics/CanarySchedule:CanarySchedule", "description": "Configuration block providing how often the canary is to run and when these test runs are to stop. Detailed below.\n\nThe following arguments are optional:\n" }, "sourceLocationArn": { "type": "string", "description": "ARN of the Lambda layer where Synthetics stores the canary script code.\n" }, "startCanary": { "type": "boolean", "description": "Whether to run or stop the canary.\n" }, "status": { "type": "string", "description": "Canary status.\n" }, "successRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timelines": { "type": "array", "items": { "$ref": "#/types/aws:synthetics/CanaryTimeline:CanaryTimeline" }, "description": "Structure that contains information about when the canary was created, modified, and most recently run. see Timeline.\n" }, "vpcConfig": { "$ref": "#/types/aws:synthetics/CanaryVpcConfig:CanaryVpcConfig", "description": "Configuration block. Detailed below.\n" }, "zipFile": { "type": "string", "description": "ZIP file that contains the script, if you input your canary script directly into the canary instead of referring to an S3 location. It can be up to 225KB. **Conflicts with `s3_bucket`, `s3_key`, and `s3_version`.**\n" } }, "required": [ "arn", "artifactS3Location", "engineArn", "executionRoleArn", "handler", "name", "runConfig", "runtimeVersion", "schedule", "sourceLocationArn", "status", "tagsAll", "timelines" ], "inputProperties": { "artifactConfig": { "$ref": "#/types/aws:synthetics/CanaryArtifactConfig:CanaryArtifactConfig", "description": "configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. See Artifact Config.\n" }, "artifactS3Location": { "type": "string", "description": "Location in Amazon S3 where Synthetics stores artifacts from the test runs of this canary.\n" }, "deleteLambda": { "type": "boolean", "description": "Specifies whether to also delete the Lambda functions and layers used by this canary. The default is `false`.\n" }, "executionRoleArn": { "type": "string", "description": "ARN of the IAM role to be used to run the canary. see [AWS Docs](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateCanary.html#API_CreateCanary_RequestSyntax) for permissions needs for IAM Role.\n" }, "failureRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "handler": { "type": "string", "description": "Entry point to use for the source code when running the canary. This value must end with the string `.handler` .\n" }, "name": { "type": "string", "description": "Name for this canary. Has a maximum length of 21 characters. Valid characters are lowercase alphanumeric, hyphen, or underscore.\n", "willReplaceOnChanges": true }, "runConfig": { "$ref": "#/types/aws:synthetics/CanaryRunConfig:CanaryRunConfig", "description": "Configuration block for individual canary runs. Detailed below.\n" }, "runtimeVersion": { "type": "string", "description": "Runtime version to use for the canary. Versions change often so consult the [Amazon CloudWatch documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) for the latest valid versions. Values include `syn-python-selenium-1.0`, `syn-nodejs-puppeteer-3.0`, `syn-nodejs-2.2`, `syn-nodejs-2.1`, `syn-nodejs-2.0`, and `syn-1.0`.\n" }, "s3Bucket": { "type": "string", "description": "Full bucket name which is used if your canary script is located in S3. The bucket must already exist. **Conflicts with `zip_file`.**\n" }, "s3Key": { "type": "string", "description": "S3 key of your script. **Conflicts with `zip_file`.**\n" }, "s3Version": { "type": "string", "description": "S3 version ID of your script. **Conflicts with `zip_file`.**\n" }, "schedule": { "$ref": "#/types/aws:synthetics/CanarySchedule:CanarySchedule", "description": "Configuration block providing how often the canary is to run and when these test runs are to stop. Detailed below.\n\nThe following arguments are optional:\n" }, "startCanary": { "type": "boolean", "description": "Whether to run or stop the canary.\n" }, "successRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcConfig": { "$ref": "#/types/aws:synthetics/CanaryVpcConfig:CanaryVpcConfig", "description": "Configuration block. Detailed below.\n" }, "zipFile": { "type": "string", "description": "ZIP file that contains the script, if you input your canary script directly into the canary instead of referring to an S3 location. It can be up to 225KB. **Conflicts with `s3_bucket`, `s3_key`, and `s3_version`.**\n" } }, "requiredInputs": [ "artifactS3Location", "executionRoleArn", "handler", "runtimeVersion", "schedule" ], "stateInputs": { "description": "Input properties used for looking up and filtering Canary resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Canary.\n" }, "artifactConfig": { "$ref": "#/types/aws:synthetics/CanaryArtifactConfig:CanaryArtifactConfig", "description": "configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. See Artifact Config.\n" }, "artifactS3Location": { "type": "string", "description": "Location in Amazon S3 where Synthetics stores artifacts from the test runs of this canary.\n" }, "deleteLambda": { "type": "boolean", "description": "Specifies whether to also delete the Lambda functions and layers used by this canary. The default is `false`.\n" }, "engineArn": { "type": "string", "description": "ARN of the Lambda function that is used as your canary's engine.\n" }, "executionRoleArn": { "type": "string", "description": "ARN of the IAM role to be used to run the canary. see [AWS Docs](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateCanary.html#API_CreateCanary_RequestSyntax) for permissions needs for IAM Role.\n" }, "failureRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "handler": { "type": "string", "description": "Entry point to use for the source code when running the canary. This value must end with the string `.handler` .\n" }, "name": { "type": "string", "description": "Name for this canary. Has a maximum length of 21 characters. Valid characters are lowercase alphanumeric, hyphen, or underscore.\n", "willReplaceOnChanges": true }, "runConfig": { "$ref": "#/types/aws:synthetics/CanaryRunConfig:CanaryRunConfig", "description": "Configuration block for individual canary runs. Detailed below.\n" }, "runtimeVersion": { "type": "string", "description": "Runtime version to use for the canary. Versions change often so consult the [Amazon CloudWatch documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) for the latest valid versions. Values include `syn-python-selenium-1.0`, `syn-nodejs-puppeteer-3.0`, `syn-nodejs-2.2`, `syn-nodejs-2.1`, `syn-nodejs-2.0`, and `syn-1.0`.\n" }, "s3Bucket": { "type": "string", "description": "Full bucket name which is used if your canary script is located in S3. The bucket must already exist. **Conflicts with `zip_file`.**\n" }, "s3Key": { "type": "string", "description": "S3 key of your script. **Conflicts with `zip_file`.**\n" }, "s3Version": { "type": "string", "description": "S3 version ID of your script. **Conflicts with `zip_file`.**\n" }, "schedule": { "$ref": "#/types/aws:synthetics/CanarySchedule:CanarySchedule", "description": "Configuration block providing how often the canary is to run and when these test runs are to stop. Detailed below.\n\nThe following arguments are optional:\n" }, "sourceLocationArn": { "type": "string", "description": "ARN of the Lambda layer where Synthetics stores the canary script code.\n" }, "startCanary": { "type": "boolean", "description": "Whether to run or stop the canary.\n" }, "status": { "type": "string", "description": "Canary status.\n" }, "successRetentionPeriod": { "type": "integer", "description": "Number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timelines": { "type": "array", "items": { "$ref": "#/types/aws:synthetics/CanaryTimeline:CanaryTimeline" }, "description": "Structure that contains information about when the canary was created, modified, and most recently run. see Timeline.\n" }, "vpcConfig": { "$ref": "#/types/aws:synthetics/CanaryVpcConfig:CanaryVpcConfig", "description": "Configuration block. Detailed below.\n" }, "zipFile": { "type": "string", "description": "ZIP file that contains the script, if you input your canary script directly into the canary instead of referring to an S3 location. It can be up to 225KB. **Conflicts with `s3_bucket`, `s3_key`, and `s3_version`.**\n" } }, "type": "object" } }, "aws:synthetics/group:Group": { "description": "Provides a Synthetics Group resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.synthetics.Group(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.synthetics.Group(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Synthetics.Group(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/synthetics\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := synthetics.NewGroup(ctx, \"example\", \u0026synthetics.GroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.synthetics.Group;\nimport com.pulumi.aws.synthetics.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:synthetics:Group\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Synthetics Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:synthetics/group:Group example example\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Group.\n" }, "groupId": { "type": "string", "description": "ID of the Group.\n" }, "name": { "type": "string", "description": "Name of the group.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "groupId", "name", "tagsAll" ], "inputProperties": { "name": { "type": "string", "description": "Name of the group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Group.\n" }, "groupId": { "type": "string", "description": "ID of the Group.\n" }, "name": { "type": "string", "description": "Name of the group.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:synthetics/groupAssociation:GroupAssociation": { "description": "Provides a Synthetics Group Association resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.synthetics.GroupAssociation(\"example\", {\n groupName: exampleAwsSyntheticsGroup.name,\n canaryArn: exampleAwsSyntheticsCanary.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.synthetics.GroupAssociation(\"example\",\n group_name=example_aws_synthetics_group[\"name\"],\n canary_arn=example_aws_synthetics_canary[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Synthetics.GroupAssociation(\"example\", new()\n {\n GroupName = exampleAwsSyntheticsGroup.Name,\n CanaryArn = exampleAwsSyntheticsCanary.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/synthetics\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := synthetics.NewGroupAssociation(ctx, \"example\", \u0026synthetics.GroupAssociationArgs{\n\t\t\tGroupName: pulumi.Any(exampleAwsSyntheticsGroup.Name),\n\t\t\tCanaryArn: pulumi.Any(exampleAwsSyntheticsCanary.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.synthetics.GroupAssociation;\nimport com.pulumi.aws.synthetics.GroupAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GroupAssociation(\"example\", GroupAssociationArgs.builder()\n .groupName(exampleAwsSyntheticsGroup.name())\n .canaryArn(exampleAwsSyntheticsCanary.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:synthetics:GroupAssociation\n properties:\n groupName: ${exampleAwsSyntheticsGroup.name}\n canaryArn: ${exampleAwsSyntheticsCanary.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Synthetics Group Association using the `canary_arn,group_name`. For example:\n\n```sh\n$ pulumi import aws:synthetics/groupAssociation:GroupAssociation example arn:aws:synthetics:us-west-2:123456789012:canary:tf-acc-test-abcd1234,examplename\n```\n", "properties": { "canaryArn": { "type": "string", "description": "ARN of the canary.\n" }, "groupArn": { "type": "string" }, "groupId": { "type": "string", "description": "ID of the Group.\n" }, "groupName": { "type": "string", "description": "Name of the group that the canary will be associated with.\n" } }, "required": [ "canaryArn", "groupArn", "groupId", "groupName" ], "inputProperties": { "canaryArn": { "type": "string", "description": "ARN of the canary.\n", "willReplaceOnChanges": true }, "groupName": { "type": "string", "description": "Name of the group that the canary will be associated with.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "canaryArn", "groupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering GroupAssociation resources.\n", "properties": { "canaryArn": { "type": "string", "description": "ARN of the canary.\n", "willReplaceOnChanges": true }, "groupArn": { "type": "string" }, "groupId": { "type": "string", "description": "ID of the Group.\n" }, "groupName": { "type": "string", "description": "Name of the group that the canary will be associated with.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:timestreamwrite/database:Database": { "description": "Provides a Timestream database resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreamwrite.Database(\"example\", {databaseName: \"database-example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreamwrite.Database(\"example\", database_name=\"database-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamWrite.Database(\"example\", new()\n {\n DatabaseName = \"database-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.NewDatabase(ctx, \"example\", \u0026timestreamwrite.DatabaseArgs{\n\t\t\tDatabaseName: pulumi.String(\"database-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.Database;\nimport com.pulumi.aws.timestreamwrite.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Database(\"example\", DatabaseArgs.builder()\n .databaseName(\"database-example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreamwrite:Database\n properties:\n databaseName: database-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Full usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreamwrite.Database(\"example\", {\n databaseName: \"database-example\",\n kmsKeyId: exampleAwsKmsKey.arn,\n tags: {\n Name: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreamwrite.Database(\"example\",\n database_name=\"database-example\",\n kms_key_id=example_aws_kms_key[\"arn\"],\n tags={\n \"Name\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamWrite.Database(\"example\", new()\n {\n DatabaseName = \"database-example\",\n KmsKeyId = exampleAwsKmsKey.Arn,\n Tags = \n {\n { \"Name\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.NewDatabase(ctx, \"example\", \u0026timestreamwrite.DatabaseArgs{\n\t\t\tDatabaseName: pulumi.String(\"database-example\"),\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.Database;\nimport com.pulumi.aws.timestreamwrite.DatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Database(\"example\", DatabaseArgs.builder()\n .databaseName(\"database-example\")\n .kmsKeyId(exampleAwsKmsKey.arn())\n .tags(Map.of(\"Name\", \"value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreamwrite:Database\n properties:\n databaseName: database-example\n kmsKeyId: ${exampleAwsKmsKey.arn}\n tags:\n Name: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Timestream databases using the `database_name`. For example:\n\n```sh\n$ pulumi import aws:timestreamwrite/database:Database example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that uniquely identifies this database.\n" }, "databaseName": { "type": "string", "description": "The name of the Timestream database. Minimum length of 3. Maximum length of 64.\n" }, "kmsKeyId": { "type": "string", "description": "The ARN (not Alias ARN) of the KMS key to be used to encrypt the data stored in the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account. Refer to [AWS managed KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) for more info.\n" }, "tableCount": { "type": "integer", "description": "The total number of tables found within the Timestream database.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "databaseName", "kmsKeyId", "tableCount", "tagsAll" ], "inputProperties": { "databaseName": { "type": "string", "description": "The name of the Timestream database. Minimum length of 3. Maximum length of 64.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN (not Alias ARN) of the KMS key to be used to encrypt the data stored in the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account. Refer to [AWS managed KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) for more info.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "databaseName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Database resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that uniquely identifies this database.\n" }, "databaseName": { "type": "string", "description": "The name of the Timestream database. Minimum length of 3. Maximum length of 64.\n", "willReplaceOnChanges": true }, "kmsKeyId": { "type": "string", "description": "The ARN (not Alias ARN) of the KMS key to be used to encrypt the data stored in the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account. Refer to [AWS managed KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) for more info.\n" }, "tableCount": { "type": "integer", "description": "The total number of tables found within the Timestream database.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:timestreamwrite/table:Table": { "description": "Provides a Timestream table resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreamwrite.Table(\"example\", {\n databaseName: exampleAwsTimestreamwriteDatabase.databaseName,\n tableName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreamwrite.Table(\"example\",\n database_name=example_aws_timestreamwrite_database[\"databaseName\"],\n table_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamWrite.Table(\"example\", new()\n {\n DatabaseName = exampleAwsTimestreamwriteDatabase.DatabaseName,\n TableName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.NewTable(ctx, \"example\", \u0026timestreamwrite.TableArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsTimestreamwriteDatabase.DatabaseName),\n\t\t\tTableName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.Table;\nimport com.pulumi.aws.timestreamwrite.TableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .databaseName(exampleAwsTimestreamwriteDatabase.databaseName())\n .tableName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreamwrite:Table\n properties:\n databaseName: ${exampleAwsTimestreamwriteDatabase.databaseName}\n tableName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Full usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreamwrite.Table(\"example\", {\n databaseName: exampleAwsTimestreamwriteDatabase.databaseName,\n tableName: \"example\",\n retentionProperties: {\n magneticStoreRetentionPeriodInDays: 30,\n memoryStoreRetentionPeriodInHours: 8,\n },\n tags: {\n Name: \"example-timestream-table\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreamwrite.Table(\"example\",\n database_name=example_aws_timestreamwrite_database[\"databaseName\"],\n table_name=\"example\",\n retention_properties={\n \"magnetic_store_retention_period_in_days\": 30,\n \"memory_store_retention_period_in_hours\": 8,\n },\n tags={\n \"Name\": \"example-timestream-table\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamWrite.Table(\"example\", new()\n {\n DatabaseName = exampleAwsTimestreamwriteDatabase.DatabaseName,\n TableName = \"example\",\n RetentionProperties = new Aws.TimestreamWrite.Inputs.TableRetentionPropertiesArgs\n {\n MagneticStoreRetentionPeriodInDays = 30,\n MemoryStoreRetentionPeriodInHours = 8,\n },\n Tags = \n {\n { \"Name\", \"example-timestream-table\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.NewTable(ctx, \"example\", \u0026timestreamwrite.TableArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsTimestreamwriteDatabase.DatabaseName),\n\t\t\tTableName: pulumi.String(\"example\"),\n\t\t\tRetentionProperties: \u0026timestreamwrite.TableRetentionPropertiesArgs{\n\t\t\t\tMagneticStoreRetentionPeriodInDays: pulumi.Int(30),\n\t\t\t\tMemoryStoreRetentionPeriodInHours: pulumi.Int(8),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-timestream-table\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.Table;\nimport com.pulumi.aws.timestreamwrite.TableArgs;\nimport com.pulumi.aws.timestreamwrite.inputs.TableRetentionPropertiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .databaseName(exampleAwsTimestreamwriteDatabase.databaseName())\n .tableName(\"example\")\n .retentionProperties(TableRetentionPropertiesArgs.builder()\n .magneticStoreRetentionPeriodInDays(30)\n .memoryStoreRetentionPeriodInHours(8)\n .build())\n .tags(Map.of(\"Name\", \"example-timestream-table\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreamwrite:Table\n properties:\n databaseName: ${exampleAwsTimestreamwriteDatabase.databaseName}\n tableName: example\n retentionProperties:\n magneticStoreRetentionPeriodInDays: 30\n memoryStoreRetentionPeriodInHours: 8\n tags:\n Name: example-timestream-table\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Customer-defined Partition Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreamwrite.Table(\"example\", {\n databaseName: exampleAwsTimestreamwriteDatabase.databaseName,\n tableName: \"example\",\n schema: {\n compositePartitionKey: {\n enforcementInRecord: \"REQUIRED\",\n name: \"attr1\",\n type: \"DIMENSION\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreamwrite.Table(\"example\",\n database_name=example_aws_timestreamwrite_database[\"databaseName\"],\n table_name=\"example\",\n schema={\n \"composite_partition_key\": {\n \"enforcement_in_record\": \"REQUIRED\",\n \"name\": \"attr1\",\n \"type\": \"DIMENSION\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamWrite.Table(\"example\", new()\n {\n DatabaseName = exampleAwsTimestreamwriteDatabase.DatabaseName,\n TableName = \"example\",\n Schema = new Aws.TimestreamWrite.Inputs.TableSchemaArgs\n {\n CompositePartitionKey = new Aws.TimestreamWrite.Inputs.TableSchemaCompositePartitionKeyArgs\n {\n EnforcementInRecord = \"REQUIRED\",\n Name = \"attr1\",\n Type = \"DIMENSION\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.NewTable(ctx, \"example\", \u0026timestreamwrite.TableArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsTimestreamwriteDatabase.DatabaseName),\n\t\t\tTableName: pulumi.String(\"example\"),\n\t\t\tSchema: \u0026timestreamwrite.TableSchemaArgs{\n\t\t\t\tCompositePartitionKey: \u0026timestreamwrite.TableSchemaCompositePartitionKeyArgs{\n\t\t\t\t\tEnforcementInRecord: pulumi.String(\"REQUIRED\"),\n\t\t\t\t\tName: pulumi.String(\"attr1\"),\n\t\t\t\t\tType: pulumi.String(\"DIMENSION\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.Table;\nimport com.pulumi.aws.timestreamwrite.TableArgs;\nimport com.pulumi.aws.timestreamwrite.inputs.TableSchemaArgs;\nimport com.pulumi.aws.timestreamwrite.inputs.TableSchemaCompositePartitionKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .databaseName(exampleAwsTimestreamwriteDatabase.databaseName())\n .tableName(\"example\")\n .schema(TableSchemaArgs.builder()\n .compositePartitionKey(TableSchemaCompositePartitionKeyArgs.builder()\n .enforcementInRecord(\"REQUIRED\")\n .name(\"attr1\")\n .type(\"DIMENSION\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreamwrite:Table\n properties:\n databaseName: ${exampleAwsTimestreamwriteDatabase.databaseName}\n tableName: example\n schema:\n compositePartitionKey:\n enforcementInRecord: REQUIRED\n name: attr1\n type: DIMENSION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Timestream tables using the `table_name` and `database_name` separate by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:timestreamwrite/table:Table example ExampleTable:ExampleDatabase\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN that uniquely identifies this table.\n" }, "databaseName": { "type": "string", "description": "The name of the Timestream database.\n" }, "magneticStoreWriteProperties": { "$ref": "#/types/aws:timestreamwrite/TableMagneticStoreWriteProperties:TableMagneticStoreWriteProperties", "description": "Contains properties to set on the table when enabling magnetic store writes. See Magnetic Store Write Properties below for more details.\n" }, "retentionProperties": { "$ref": "#/types/aws:timestreamwrite/TableRetentionProperties:TableRetentionProperties", "description": "The retention duration for the memory store and magnetic store. See Retention Properties below for more details. If not provided, `magnetic_store_retention_period_in_days` default to 73000 and `memory_store_retention_period_in_hours` defaults to 6.\n" }, "schema": { "$ref": "#/types/aws:timestreamwrite/TableSchema:TableSchema", "description": "The schema of the table. See Schema below for more details.\n" }, "tableName": { "type": "string", "description": "The name of the Timestream table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "databaseName", "magneticStoreWriteProperties", "retentionProperties", "schema", "tableName", "tagsAll" ], "inputProperties": { "databaseName": { "type": "string", "description": "The name of the Timestream database.\n", "willReplaceOnChanges": true }, "magneticStoreWriteProperties": { "$ref": "#/types/aws:timestreamwrite/TableMagneticStoreWriteProperties:TableMagneticStoreWriteProperties", "description": "Contains properties to set on the table when enabling magnetic store writes. See Magnetic Store Write Properties below for more details.\n" }, "retentionProperties": { "$ref": "#/types/aws:timestreamwrite/TableRetentionProperties:TableRetentionProperties", "description": "The retention duration for the memory store and magnetic store. See Retention Properties below for more details. If not provided, `magnetic_store_retention_period_in_days` default to 73000 and `memory_store_retention_period_in_hours` defaults to 6.\n" }, "schema": { "$ref": "#/types/aws:timestreamwrite/TableSchema:TableSchema", "description": "The schema of the table. See Schema below for more details.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the Timestream table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "databaseName", "tableName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Table resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN that uniquely identifies this table.\n" }, "databaseName": { "type": "string", "description": "The name of the Timestream database.\n", "willReplaceOnChanges": true }, "magneticStoreWriteProperties": { "$ref": "#/types/aws:timestreamwrite/TableMagneticStoreWriteProperties:TableMagneticStoreWriteProperties", "description": "Contains properties to set on the table when enabling magnetic store writes. See Magnetic Store Write Properties below for more details.\n" }, "retentionProperties": { "$ref": "#/types/aws:timestreamwrite/TableRetentionProperties:TableRetentionProperties", "description": "The retention duration for the memory store and magnetic store. See Retention Properties below for more details. If not provided, `magnetic_store_retention_period_in_days` default to 73000 and `memory_store_retention_period_in_hours` defaults to 6.\n" }, "schema": { "$ref": "#/types/aws:timestreamwrite/TableSchema:TableSchema", "description": "The schema of the table. See Schema below for more details.\n", "willReplaceOnChanges": true }, "tableName": { "type": "string", "description": "The name of the Timestream table.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to this resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:transcribe/languageModel:LanguageModel": { "description": "Resource for managing an AWS Transcribe LanguageModel.\n\n\u003e This resource can take a significant amount of time to provision. See Language Model [FAQ](https://aws.amazon.com/transcribe/faqs/) for more details.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"transcribe.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"example\",\n role: exampleRole.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n Effect: \"Allow\",\n Resource: [\"*\"],\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-transcribe\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: exampleBucketV2.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test1.txt\"),\n});\nconst exampleLanguageModel = new aws.transcribe.LanguageModel(\"example\", {\n modelName: \"example\",\n baseModelName: \"NarrowBand\",\n inputDataConfig: {\n dataAccessRoleArn: exampleRole.arn,\n s3Uri: pulumi.interpolate`s3://${exampleBucketV2.id}/transcribe/`,\n },\n languageCode: \"en-US\",\n tags: {\n ENVIRONMENT: \"development\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"transcribe.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=example.json)\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"example\",\n role=example_role.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\"*\"],\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example-transcribe\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example_bucket_v2.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test1.txt\"))\nexample_language_model = aws.transcribe.LanguageModel(\"example\",\n model_name=\"example\",\n base_model_name=\"NarrowBand\",\n input_data_config={\n \"data_access_role_arn\": example_role.arn,\n \"s3_uri\": example_bucket_v2.id.apply(lambda id: f\"s3://{id}/transcribe/\"),\n },\n language_code=\"en-US\",\n tags={\n \"ENVIRONMENT\": \"development\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transcribe.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"example\",\n Role = exampleRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:ListBucket\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-transcribe\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test1.txt\"),\n });\n\n var exampleLanguageModel = new Aws.Transcribe.LanguageModel(\"example\", new()\n {\n ModelName = \"example\",\n BaseModelName = \"NarrowBand\",\n InputDataConfig = new Aws.Transcribe.Inputs.LanguageModelInputDataConfigArgs\n {\n DataAccessRoleArn = exampleRole.Arn,\n S3Uri = exampleBucketV2.Id.Apply(id =\u003e $\"s3://{id}/transcribe/\"),\n },\n LanguageCode = \"en-US\",\n Tags = \n {\n { \"ENVIRONMENT\", \"development\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transcribe.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-transcribe\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test1.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewLanguageModel(ctx, \"example\", \u0026transcribe.LanguageModelArgs{\n\t\t\tModelName: pulumi.String(\"example\"),\n\t\t\tBaseModelName: pulumi.String(\"NarrowBand\"),\n\t\t\tInputDataConfig: \u0026transcribe.LanguageModelInputDataConfigArgs{\n\t\t\t\tDataAccessRoleArn: exampleRole.Arn,\n\t\t\t\tS3Uri: exampleBucketV2.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/transcribe/\", id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"development\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.LanguageModel;\nimport com.pulumi.aws.transcribe.LanguageModelArgs;\nimport com.pulumi.aws.transcribe.inputs.LanguageModelInputDataConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transcribe.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"example\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder()\n .name(\"example\")\n .role(exampleRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"s3:GetObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(\"*\"))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example-transcribe\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder()\n .bucket(exampleBucketV2.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test1.txt\"))\n .build());\n\n var exampleLanguageModel = new LanguageModel(\"exampleLanguageModel\", LanguageModelArgs.builder()\n .modelName(\"example\")\n .baseModelName(\"NarrowBand\")\n .inputDataConfig(LanguageModelInputDataConfigArgs.builder()\n .dataAccessRoleArn(exampleRole.arn())\n .s3Uri(exampleBucketV2.id().applyValue(id -\u003e String.format(\"s3://%s/transcribe/\", id)))\n .build())\n .languageCode(\"en-US\")\n .tags(Map.of(\"ENVIRONMENT\", \"development\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${example.json}\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: example\n role: ${exampleRole.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - s3:GetObject\n - s3:ListBucket\n Effect: Allow\n Resource:\n - '*'\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example-transcribe\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${exampleBucketV2.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test1.txt\n exampleLanguageModel:\n type: aws:transcribe:LanguageModel\n name: example\n properties:\n modelName: example\n baseModelName: NarrowBand\n inputDataConfig:\n dataAccessRoleArn: ${exampleRole.arn}\n s3Uri: s3://${exampleBucketV2.id}/transcribe/\n languageCode: en-US\n tags:\n ENVIRONMENT: development\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - transcribe.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe LanguageModel using the `model_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/languageModel:LanguageModel example example-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the LanguageModel.\n" }, "baseModelName": { "type": "string", "description": "Name of reference base model.\n" }, "inputDataConfig": { "$ref": "#/types/aws:transcribe/LanguageModelInputDataConfig:LanguageModelInputDataConfig", "description": "The input data config for the LanguageModel. See Input Data Config for more details.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your language model. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n" }, "modelName": { "type": "string", "description": "The model name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "baseModelName", "inputDataConfig", "languageCode", "modelName", "tagsAll" ], "inputProperties": { "baseModelName": { "type": "string", "description": "Name of reference base model.\n", "willReplaceOnChanges": true }, "inputDataConfig": { "$ref": "#/types/aws:transcribe/LanguageModelInputDataConfig:LanguageModelInputDataConfig", "description": "The input data config for the LanguageModel. See Input Data Config for more details.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The language code you selected for your language model. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n", "willReplaceOnChanges": true }, "modelName": { "type": "string", "description": "The model name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "baseModelName", "inputDataConfig", "languageCode", "modelName" ], "stateInputs": { "description": "Input properties used for looking up and filtering LanguageModel resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the LanguageModel.\n" }, "baseModelName": { "type": "string", "description": "Name of reference base model.\n", "willReplaceOnChanges": true }, "inputDataConfig": { "$ref": "#/types/aws:transcribe/LanguageModelInputDataConfig:LanguageModelInputDataConfig", "description": "The input data config for the LanguageModel. See Input Data Config for more details.\n", "willReplaceOnChanges": true }, "languageCode": { "type": "string", "description": "The language code you selected for your language model. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n", "willReplaceOnChanges": true }, "modelName": { "type": "string", "description": "The model name.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:transcribe/medicalVocabulary:MedicalVocabulary": { "description": "Resource for managing an AWS Transcribe MedicalVocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-medical-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleMedicalVocabulary = new aws.transcribe.MedicalVocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n}, {\n dependsOn: [object],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-medical-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_medical_vocabulary = aws.transcribe.MedicalVocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n },\n opts = pulumi.ResourceOptions(depends_on=[object]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-medical-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleMedicalVocabulary = new Aws.Transcribe.MedicalVocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @object,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-medical-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewMedicalVocabulary(ctx, \"example\", \u0026transcribe.MedicalVocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tobject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.MedicalVocabulary;\nimport com.pulumi.aws.transcribe.MedicalVocabularyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-medical-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder()\n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleMedicalVocabulary = new MedicalVocabulary(\"exampleMedicalVocabulary\", MedicalVocabularyArgs.builder()\n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(object)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-medical-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleMedicalVocabulary:\n type: aws:transcribe:MedicalVocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n options:\n dependson:\n - ${object}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe MedicalVocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/medicalVocabulary:MedicalVocabulary example example-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the MedicalVocabulary.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your medical vocabulary. US English (en-US) is the only language supported with Amazon Transcribe Medical.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the MedicalVocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom medical vocabulary.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Medical Vocabulary.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "downloadUri", "languageCode", "tagsAll", "vocabularyFileUri", "vocabularyName" ], "inputProperties": { "languageCode": { "type": "string", "description": "The language code you selected for your medical vocabulary. US English (en-US) is the only language supported with Amazon Transcribe Medical.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the MedicalVocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom medical vocabulary.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Medical Vocabulary.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "languageCode", "vocabularyFileUri", "vocabularyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering MedicalVocabulary resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the MedicalVocabulary.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your medical vocabulary. US English (en-US) is the only language supported with Amazon Transcribe Medical.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the MedicalVocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom medical vocabulary.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Medical Vocabulary.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transcribe/vocabulary:Vocabulary": { "description": "Resource for managing an AWS Transcribe Vocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleVocabulary = new aws.transcribe.Vocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n}, {\n dependsOn: [object],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_vocabulary = aws.transcribe.Vocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n },\n opts = pulumi.ResourceOptions(depends_on=[object]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleVocabulary = new Aws.Transcribe.Vocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @object,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewVocabulary(ctx, \"example\", \u0026transcribe.VocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tobject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.Vocabulary;\nimport com.pulumi.aws.transcribe.VocabularyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder()\n .bucket(\"example-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder()\n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleVocabulary = new Vocabulary(\"exampleVocabulary\", VocabularyArgs.builder()\n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(object)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleVocabulary:\n type: aws:transcribe:Vocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n options:\n dependson:\n - ${object}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe Vocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/vocabulary:Vocabulary example example-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Vocabulary.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary.\n" }, "phrases": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_file_uri`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Vocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom vocabulary. Conflicts wth `phrases`.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Vocabulary.\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "downloadUri", "languageCode", "tagsAll", "vocabularyFileUri", "vocabularyName" ], "inputProperties": { "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary.\n", "willReplaceOnChanges": true }, "phrases": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_file_uri`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Vocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom vocabulary. Conflicts wth `phrases`.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Vocabulary.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "languageCode", "vocabularyName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Vocabulary resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Vocabulary.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary.\n", "willReplaceOnChanges": true }, "phrases": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_file_uri`\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Vocabulary. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom vocabulary. Conflicts wth `phrases`.\n" }, "vocabularyName": { "type": "string", "description": "The name of the Vocabulary.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transcribe/vocabularyFilter:VocabularyFilter": { "description": "Resource for managing an AWS Transcribe VocabularyFilter.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transcribe.VocabularyFilter(\"example\", {\n vocabularyFilterName: \"example\",\n languageCode: \"en-US\",\n words: [\n \"cars\",\n \"bucket\",\n ],\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transcribe.VocabularyFilter(\"example\",\n vocabulary_filter_name=\"example\",\n language_code=\"en-US\",\n words=[\n \"cars\",\n \"bucket\",\n ],\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transcribe.VocabularyFilter(\"example\", new()\n {\n VocabularyFilterName = \"example\",\n LanguageCode = \"en-US\",\n Words = new[]\n {\n \"cars\",\n \"bucket\",\n },\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transcribe.NewVocabularyFilter(ctx, \"example\", \u0026transcribe.VocabularyFilterArgs{\n\t\t\tVocabularyFilterName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tWords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"cars\"),\n\t\t\t\tpulumi.String(\"bucket\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transcribe.VocabularyFilter;\nimport com.pulumi.aws.transcribe.VocabularyFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VocabularyFilter(\"example\", VocabularyFilterArgs.builder()\n .vocabularyFilterName(\"example\")\n .languageCode(\"en-US\")\n .words( \n \"cars\",\n \"bucket\")\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transcribe:VocabularyFilter\n properties:\n vocabularyFilterName: example\n languageCode: en-US\n words:\n - cars\n - bucket\n tags:\n tag1: value1\n tag2: value3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe VocabularyFilter using the `vocabulary_filter_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/vocabularyFilter:VocabularyFilter example example-name\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the VocabularyFilter.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary filter. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VocabularyFilter. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFilterFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom VocabularyFilter. Conflicts with `words` argument.\n" }, "vocabularyFilterName": { "type": "string", "description": "The name of the VocabularyFilter.\n\nThe following arguments are optional:\n" }, "words": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_filter_file_uri` argument.\n" } }, "required": [ "arn", "downloadUri", "languageCode", "tagsAll", "vocabularyFilterName" ], "inputProperties": { "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary filter. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VocabularyFilter. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vocabularyFilterFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom VocabularyFilter. Conflicts with `words` argument.\n" }, "vocabularyFilterName": { "type": "string", "description": "The name of the VocabularyFilter.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "words": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_filter_file_uri` argument.\n" } }, "requiredInputs": [ "languageCode", "vocabularyFilterName" ], "stateInputs": { "description": "Input properties used for looking up and filtering VocabularyFilter resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the VocabularyFilter.\n" }, "downloadUri": { "type": "string", "description": "Generated download URI.\n" }, "languageCode": { "type": "string", "description": "The language code you selected for your vocabulary filter. Refer to the [supported languages](https://docs.aws.amazon.com/transcribe/latest/dg/supported-languages.html) page for accepted codes.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the VocabularyFilter. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "vocabularyFilterFileUri": { "type": "string", "description": "The Amazon S3 location (URI) of the text file that contains your custom VocabularyFilter. Conflicts with `words` argument.\n" }, "vocabularyFilterName": { "type": "string", "description": "The name of the VocabularyFilter.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "words": { "type": "array", "items": { "type": "string" }, "description": "A list of terms to include in the vocabulary. Conflicts with `vocabulary_filter_file_uri` argument.\n" } }, "type": "object" } }, "aws:transfer/access:Access": { "description": "Provides a AWS Transfer Access resource.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n### Basic S3\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Access(\"example\", {\n externalId: \"S-1-1-12-1234567890-123456789-1234567890-1234\",\n serverId: exampleAwsTransferServer.id,\n role: exampleAwsIamRole.arn,\n homeDirectory: `/${exampleAwsS3Bucket.id}/`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Access(\"example\",\n external_id=\"S-1-1-12-1234567890-123456789-1234567890-1234\",\n server_id=example_aws_transfer_server[\"id\"],\n role=example_aws_iam_role[\"arn\"],\n home_directory=f\"/{example_aws_s3_bucket['id']}/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Access(\"example\", new()\n {\n ExternalId = \"S-1-1-12-1234567890-123456789-1234567890-1234\",\n ServerId = exampleAwsTransferServer.Id,\n Role = exampleAwsIamRole.Arn,\n HomeDirectory = $\"/{exampleAwsS3Bucket.Id}/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewAccess(ctx, \"example\", \u0026transfer.AccessArgs{\n\t\t\tExternalId: pulumi.String(\"S-1-1-12-1234567890-123456789-1234567890-1234\"),\n\t\t\tServerId: pulumi.Any(exampleAwsTransferServer.Id),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tHomeDirectory: pulumi.String(fmt.Sprintf(\"/%v/\", exampleAwsS3Bucket.Id)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Access;\nimport com.pulumi.aws.transfer.AccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Access(\"example\", AccessArgs.builder()\n .externalId(\"S-1-1-12-1234567890-123456789-1234567890-1234\")\n .serverId(exampleAwsTransferServer.id())\n .role(exampleAwsIamRole.arn())\n .homeDirectory(String.format(\"/%s/\", exampleAwsS3Bucket.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Access\n properties:\n externalId: S-1-1-12-1234567890-123456789-1234567890-1234\n serverId: ${exampleAwsTransferServer.id}\n role: ${exampleAwsIamRole.arn}\n homeDirectory: /${exampleAwsS3Bucket.id}/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic EFS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.transfer.Access(\"test\", {\n externalId: \"S-1-1-12-1234567890-123456789-1234567890-1234\",\n serverId: testAwsTransferServer.id,\n role: testAwsIamRole.arn,\n homeDirectory: `/${testAwsEfsFileSystem.id}/`,\n posixProfile: {\n gid: 1000,\n uid: 1000,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.transfer.Access(\"test\",\n external_id=\"S-1-1-12-1234567890-123456789-1234567890-1234\",\n server_id=test_aws_transfer_server[\"id\"],\n role=test_aws_iam_role[\"arn\"],\n home_directory=f\"/{test_aws_efs_file_system['id']}/\",\n posix_profile={\n \"gid\": 1000,\n \"uid\": 1000,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Transfer.Access(\"test\", new()\n {\n ExternalId = \"S-1-1-12-1234567890-123456789-1234567890-1234\",\n ServerId = testAwsTransferServer.Id,\n Role = testAwsIamRole.Arn,\n HomeDirectory = $\"/{testAwsEfsFileSystem.Id}/\",\n PosixProfile = new Aws.Transfer.Inputs.AccessPosixProfileArgs\n {\n Gid = 1000,\n Uid = 1000,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewAccess(ctx, \"test\", \u0026transfer.AccessArgs{\n\t\t\tExternalId: pulumi.String(\"S-1-1-12-1234567890-123456789-1234567890-1234\"),\n\t\t\tServerId: pulumi.Any(testAwsTransferServer.Id),\n\t\t\tRole: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tHomeDirectory: pulumi.String(fmt.Sprintf(\"/%v/\", testAwsEfsFileSystem.Id)),\n\t\t\tPosixProfile: \u0026transfer.AccessPosixProfileArgs{\n\t\t\t\tGid: pulumi.Int(1000),\n\t\t\t\tUid: pulumi.Int(1000),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Access;\nimport com.pulumi.aws.transfer.AccessArgs;\nimport com.pulumi.aws.transfer.inputs.AccessPosixProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Access(\"test\", AccessArgs.builder()\n .externalId(\"S-1-1-12-1234567890-123456789-1234567890-1234\")\n .serverId(testAwsTransferServer.id())\n .role(testAwsIamRole.arn())\n .homeDirectory(String.format(\"/%s/\", testAwsEfsFileSystem.id()))\n .posixProfile(AccessPosixProfileArgs.builder()\n .gid(1000)\n .uid(1000)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:transfer:Access\n properties:\n externalId: S-1-1-12-1234567890-123456789-1234567890-1234\n serverId: ${testAwsTransferServer.id}\n role: ${testAwsIamRole.arn}\n homeDirectory: /${testAwsEfsFileSystem.id}/\n posixProfile:\n gid: 1000\n uid: 1000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer Accesses using the `server_id` and `external_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/access:Access example s-12345678/S-1-1-12-1234567890-123456789-1234567890-1234\n```\n", "properties": { "externalId": { "type": "string", "description": "The SID of a group in the directory connected to the Transfer Server (e.g., `S-1-1-12-1234567890-123456789-1234567890-1234`)\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/AccessHomeDirectoryMapping:AccessHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/AccessPosixProfile:AccessPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n" } }, "required": [ "externalId", "serverId" ], "inputProperties": { "externalId": { "type": "string", "description": "The SID of a group in the directory connected to the Transfer Server (e.g., `S-1-1-12-1234567890-123456789-1234567890-1234`)\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/AccessHomeDirectoryMapping:AccessHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/AccessPosixProfile:AccessPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "externalId", "serverId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Access resources.\n", "properties": { "externalId": { "type": "string", "description": "The SID of a group in the directory connected to the Transfer Server (e.g., `S-1-1-12-1234567890-123456789-1234567890-1234`)\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/AccessHomeDirectoryMapping:AccessHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/AccessPosixProfile:AccessPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to controls your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transfer/agreement:Agreement": { "description": "Provides a AWS Transfer AS2 Agreement resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Agreement(\"example\", {\n accessRole: test.arn,\n baseDirectory: \"/DOC-EXAMPLE-BUCKET/home/mydirectory\",\n description: \"example\",\n localProfileId: local.profileId,\n partnerProfileId: partner.profileId,\n serverId: testAwsTransferServer.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Agreement(\"example\",\n access_role=test[\"arn\"],\n base_directory=\"/DOC-EXAMPLE-BUCKET/home/mydirectory\",\n description=\"example\",\n local_profile_id=local[\"profileId\"],\n partner_profile_id=partner[\"profileId\"],\n server_id=test_aws_transfer_server[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Agreement(\"example\", new()\n {\n AccessRole = test.Arn,\n BaseDirectory = \"/DOC-EXAMPLE-BUCKET/home/mydirectory\",\n Description = \"example\",\n LocalProfileId = local.ProfileId,\n PartnerProfileId = partner.ProfileId,\n ServerId = testAwsTransferServer.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewAgreement(ctx, \"example\", \u0026transfer.AgreementArgs{\n\t\t\tAccessRole: pulumi.Any(test.Arn),\n\t\t\tBaseDirectory: pulumi.String(\"/DOC-EXAMPLE-BUCKET/home/mydirectory\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tLocalProfileId: pulumi.Any(local.ProfileId),\n\t\t\tPartnerProfileId: pulumi.Any(partner.ProfileId),\n\t\t\tServerId: pulumi.Any(testAwsTransferServer.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Agreement;\nimport com.pulumi.aws.transfer.AgreementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Agreement(\"example\", AgreementArgs.builder()\n .accessRole(test.arn())\n .baseDirectory(\"/DOC-EXAMPLE-BUCKET/home/mydirectory\")\n .description(\"example\")\n .localProfileId(local.profileId())\n .partnerProfileId(partner.profileId())\n .serverId(testAwsTransferServer.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Agreement\n properties:\n accessRole: ${test.arn}\n baseDirectory: /DOC-EXAMPLE-BUCKET/home/mydirectory\n description: example\n localProfileId: ${local.profileId}\n partnerProfileId: ${partner.profileId}\n serverId: ${testAwsTransferServer.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer AS2 Agreement using the `server_id/agreement_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/agreement:Agreement example s-4221a88afd5f4362a/a-4221a88afd5f4362a\n```\n", "properties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "agreementId": { "type": "string", "description": "The unique identifier for the AS2 agreement.\n" }, "arn": { "type": "string", "description": "The ARN of the agreement.\n" }, "baseDirectory": { "type": "string", "description": "The landing directory for the files transferred by using the AS2 protocol.\n" }, "description": { "type": "string", "description": "The Optional description of the transdfer.\n" }, "localProfileId": { "type": "string", "description": "The unique identifier for the AS2 local profile.\n" }, "partnerProfileId": { "type": "string", "description": "The unique identifier for the AS2 partner profile.\n" }, "serverId": { "type": "string", "description": "The unique server identifier for the server instance. This is the specific server the agreement uses.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "accessRole", "agreementId", "arn", "baseDirectory", "localProfileId", "partnerProfileId", "serverId", "status", "tagsAll" ], "inputProperties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "baseDirectory": { "type": "string", "description": "The landing directory for the files transferred by using the AS2 protocol.\n" }, "description": { "type": "string", "description": "The Optional description of the transdfer.\n" }, "localProfileId": { "type": "string", "description": "The unique identifier for the AS2 local profile.\n" }, "partnerProfileId": { "type": "string", "description": "The unique identifier for the AS2 partner profile.\n" }, "serverId": { "type": "string", "description": "The unique server identifier for the server instance. This is the specific server the agreement uses.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "accessRole", "baseDirectory", "localProfileId", "partnerProfileId", "serverId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Agreement resources.\n", "properties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "agreementId": { "type": "string", "description": "The unique identifier for the AS2 agreement.\n" }, "arn": { "type": "string", "description": "The ARN of the agreement.\n" }, "baseDirectory": { "type": "string", "description": "The landing directory for the files transferred by using the AS2 protocol.\n" }, "description": { "type": "string", "description": "The Optional description of the transdfer.\n" }, "localProfileId": { "type": "string", "description": "The unique identifier for the AS2 local profile.\n" }, "partnerProfileId": { "type": "string", "description": "The unique identifier for the AS2 partner profile.\n" }, "serverId": { "type": "string", "description": "The unique server identifier for the server instance. This is the specific server the agreement uses.\n" }, "status": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:transfer/certificate:Certificate": { "description": "Provides a AWS Transfer AS2 Certificate resource.\n\n## Example Usage\n\n## Import\n\nUsing `pulumi import`, import Transfer AS2 Certificate using the `certificate_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/certificate:Certificate example c-4221a88afd5f4362a\n```\n", "properties": { "activeDate": { "type": "string", "description": "An date when the certificate becomes active\n" }, "arn": { "type": "string", "description": "The ARN of the certificate\n" }, "certificate": { "type": "string", "description": "The valid certificate file required for the transfer.\n", "language": { "csharp": { "name": "CertificateFile" } }, "secret": true }, "certificateChain": { "type": "string", "description": "The optional list of certificate that make up the chain for the certificate that is being imported.\n", "secret": true }, "certificateId": { "type": "string", "description": "The unique identifier for the AS2 certificate\n" }, "description": { "type": "string", "description": "A short description that helps identify the certificate.\n" }, "inactiveDate": { "type": "string", "description": "An date when the certificate becomes inactive\n" }, "privateKey": { "type": "string", "description": "The private key associated with the certificate being imported.\n", "secret": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "usage": { "type": "string", "description": "Specifies if a certificate is being used for signing or encryption. The valid values are SIGNING and ENCRYPTION.\n" } }, "required": [ "activeDate", "arn", "certificate", "certificateId", "inactiveDate", "tagsAll", "usage" ], "inputProperties": { "certificate": { "type": "string", "description": "The valid certificate file required for the transfer.\n", "language": { "csharp": { "name": "CertificateFile" } }, "secret": true, "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "The optional list of certificate that make up the chain for the certificate that is being imported.\n", "secret": true, "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A short description that helps identify the certificate.\n" }, "privateKey": { "type": "string", "description": "The private key associated with the certificate being imported.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "usage": { "type": "string", "description": "Specifies if a certificate is being used for signing or encryption. The valid values are SIGNING and ENCRYPTION.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificate", "usage" ], "stateInputs": { "description": "Input properties used for looking up and filtering Certificate resources.\n", "properties": { "activeDate": { "type": "string", "description": "An date when the certificate becomes active\n" }, "arn": { "type": "string", "description": "The ARN of the certificate\n" }, "certificate": { "type": "string", "description": "The valid certificate file required for the transfer.\n", "language": { "csharp": { "name": "CertificateFile" } }, "secret": true, "willReplaceOnChanges": true }, "certificateChain": { "type": "string", "description": "The optional list of certificate that make up the chain for the certificate that is being imported.\n", "secret": true, "willReplaceOnChanges": true }, "certificateId": { "type": "string", "description": "The unique identifier for the AS2 certificate\n" }, "description": { "type": "string", "description": "A short description that helps identify the certificate.\n" }, "inactiveDate": { "type": "string", "description": "An date when the certificate becomes inactive\n" }, "privateKey": { "type": "string", "description": "The private key associated with the certificate being imported.\n", "secret": true, "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "usage": { "type": "string", "description": "Specifies if a certificate is being used for signing or encryption. The valid values are SIGNING and ENCRYPTION.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transfer/connector:Connector": { "description": "Provides a AWS Transfer AS2 Connector resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Connector(\"example\", {\n accessRole: test.arn,\n as2Config: {\n compression: \"DISABLED\",\n encryptionAlgorithm: \"AWS128_CBC\",\n messageSubject: \"For Connector\",\n localProfileId: local.profileId,\n mdnResponse: \"NONE\",\n mdnSigningAlgorithm: \"NONE\",\n partnerProfileId: partner.profileId,\n signingAlgorithm: \"NONE\",\n },\n url: \"http://www.test.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Connector(\"example\",\n access_role=test[\"arn\"],\n as2_config={\n \"compression\": \"DISABLED\",\n \"encryption_algorithm\": \"AWS128_CBC\",\n \"message_subject\": \"For Connector\",\n \"local_profile_id\": local[\"profileId\"],\n \"mdn_response\": \"NONE\",\n \"mdn_signing_algorithm\": \"NONE\",\n \"partner_profile_id\": partner[\"profileId\"],\n \"signing_algorithm\": \"NONE\",\n },\n url=\"http://www.test.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Connector(\"example\", new()\n {\n AccessRole = test.Arn,\n As2Config = new Aws.Transfer.Inputs.ConnectorAs2ConfigArgs\n {\n Compression = \"DISABLED\",\n EncryptionAlgorithm = \"AWS128_CBC\",\n MessageSubject = \"For Connector\",\n LocalProfileId = local.ProfileId,\n MdnResponse = \"NONE\",\n MdnSigningAlgorithm = \"NONE\",\n PartnerProfileId = partner.ProfileId,\n SigningAlgorithm = \"NONE\",\n },\n Url = \"http://www.test.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewConnector(ctx, \"example\", \u0026transfer.ConnectorArgs{\n\t\t\tAccessRole: pulumi.Any(test.Arn),\n\t\t\tAs2Config: \u0026transfer.ConnectorAs2ConfigArgs{\n\t\t\t\tCompression: pulumi.String(\"DISABLED\"),\n\t\t\t\tEncryptionAlgorithm: pulumi.String(\"AWS128_CBC\"),\n\t\t\t\tMessageSubject: pulumi.String(\"For Connector\"),\n\t\t\t\tLocalProfileId: pulumi.Any(local.ProfileId),\n\t\t\t\tMdnResponse: pulumi.String(\"NONE\"),\n\t\t\t\tMdnSigningAlgorithm: pulumi.String(\"NONE\"),\n\t\t\t\tPartnerProfileId: pulumi.Any(partner.ProfileId),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"NONE\"),\n\t\t\t},\n\t\t\tUrl: pulumi.String(\"http://www.test.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Connector;\nimport com.pulumi.aws.transfer.ConnectorArgs;\nimport com.pulumi.aws.transfer.inputs.ConnectorAs2ConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connector(\"example\", ConnectorArgs.builder()\n .accessRole(test.arn())\n .as2Config(ConnectorAs2ConfigArgs.builder()\n .compression(\"DISABLED\")\n .encryptionAlgorithm(\"AWS128_CBC\")\n .messageSubject(\"For Connector\")\n .localProfileId(local.profileId())\n .mdnResponse(\"NONE\")\n .mdnSigningAlgorithm(\"NONE\")\n .partnerProfileId(partner.profileId())\n .signingAlgorithm(\"NONE\")\n .build())\n .url(\"http://www.test.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Connector\n properties:\n accessRole: ${test.arn}\n as2Config:\n compression: DISABLED\n encryptionAlgorithm: AWS128_CBC\n messageSubject: For Connector\n localProfileId: ${local.profileId}\n mdnResponse: NONE\n mdnSigningAlgorithm: NONE\n partnerProfileId: ${partner.profileId}\n signingAlgorithm: NONE\n url: http://www.test.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SFTP Connector\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Connector(\"example\", {\n accessRole: test.arn,\n sftpConfig: {\n trustedHostKeys: [\"ssh-rsa AAAAB3NYourKeysHere\"],\n userSecretId: exampleAwsSecretsmanagerSecret.id,\n },\n url: \"sftp://test.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Connector(\"example\",\n access_role=test[\"arn\"],\n sftp_config={\n \"trusted_host_keys\": [\"ssh-rsa AAAAB3NYourKeysHere\"],\n \"user_secret_id\": example_aws_secretsmanager_secret[\"id\"],\n },\n url=\"sftp://test.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Connector(\"example\", new()\n {\n AccessRole = test.Arn,\n SftpConfig = new Aws.Transfer.Inputs.ConnectorSftpConfigArgs\n {\n TrustedHostKeys = new[]\n {\n \"ssh-rsa AAAAB3NYourKeysHere\",\n },\n UserSecretId = exampleAwsSecretsmanagerSecret.Id,\n },\n Url = \"sftp://test.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewConnector(ctx, \"example\", \u0026transfer.ConnectorArgs{\n\t\t\tAccessRole: pulumi.Any(test.Arn),\n\t\t\tSftpConfig: \u0026transfer.ConnectorSftpConfigArgs{\n\t\t\t\tTrustedHostKeys: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"ssh-rsa AAAAB3NYourKeysHere\"),\n\t\t\t\t},\n\t\t\t\tUserSecretId: pulumi.Any(exampleAwsSecretsmanagerSecret.Id),\n\t\t\t},\n\t\t\tUrl: pulumi.String(\"sftp://test.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Connector;\nimport com.pulumi.aws.transfer.ConnectorArgs;\nimport com.pulumi.aws.transfer.inputs.ConnectorSftpConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Connector(\"example\", ConnectorArgs.builder()\n .accessRole(test.arn())\n .sftpConfig(ConnectorSftpConfigArgs.builder()\n .trustedHostKeys(\"ssh-rsa AAAAB3NYourKeysHere\")\n .userSecretId(exampleAwsSecretsmanagerSecret.id())\n .build())\n .url(\"sftp://test.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Connector\n properties:\n accessRole: ${test.arn}\n sftpConfig:\n trustedHostKeys:\n - ssh-rsa AAAAB3NYourKeysHere\n userSecretId: ${exampleAwsSecretsmanagerSecret.id}\n url: sftp://test.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer AS2 Connector using the `connector_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/connector:Connector example c-4221a88afd5f4362a\n```\n", "properties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "arn": { "type": "string", "description": "The ARN of the connector.\n" }, "as2Config": { "$ref": "#/types/aws:transfer/ConnectorAs2Config:ConnectorAs2Config", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "connectorId": { "type": "string", "description": "The unique identifier for the AS2 profile or SFTP Profile.\n" }, "loggingRole": { "type": "string", "description": "The IAM Role which is required for allowing the connector to turn on CloudWatch logging for Amazon S3 events.\n" }, "securityPolicyName": { "type": "string", "description": "Name of the security policy for the connector.\n" }, "sftpConfig": { "$ref": "#/types/aws:transfer/ConnectorSftpConfig:ConnectorSftpConfig", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL of the partners AS2 endpoint or SFTP endpoint.\n" } }, "required": [ "accessRole", "arn", "connectorId", "securityPolicyName", "tagsAll", "url" ], "inputProperties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "as2Config": { "$ref": "#/types/aws:transfer/ConnectorAs2Config:ConnectorAs2Config", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "loggingRole": { "type": "string", "description": "The IAM Role which is required for allowing the connector to turn on CloudWatch logging for Amazon S3 events.\n" }, "securityPolicyName": { "type": "string", "description": "Name of the security policy for the connector.\n" }, "sftpConfig": { "$ref": "#/types/aws:transfer/ConnectorSftpConfig:ConnectorSftpConfig", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "url": { "type": "string", "description": "The URL of the partners AS2 endpoint or SFTP endpoint.\n" } }, "requiredInputs": [ "accessRole", "url" ], "stateInputs": { "description": "Input properties used for looking up and filtering Connector resources.\n", "properties": { "accessRole": { "type": "string", "description": "The IAM Role which provides read and write access to the parent directory of the file location mentioned in the StartFileTransfer request.\n" }, "arn": { "type": "string", "description": "The ARN of the connector.\n" }, "as2Config": { "$ref": "#/types/aws:transfer/ConnectorAs2Config:ConnectorAs2Config", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "connectorId": { "type": "string", "description": "The unique identifier for the AS2 profile or SFTP Profile.\n" }, "loggingRole": { "type": "string", "description": "The IAM Role which is required for allowing the connector to turn on CloudWatch logging for Amazon S3 events.\n" }, "securityPolicyName": { "type": "string", "description": "Name of the security policy for the connector.\n" }, "sftpConfig": { "$ref": "#/types/aws:transfer/ConnectorSftpConfig:ConnectorSftpConfig", "description": "Either SFTP or AS2 is configured.The parameters to configure for the connector object. Fields documented below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "The URL of the partners AS2 endpoint or SFTP endpoint.\n" } }, "type": "object" } }, "aws:transfer/profile:Profile": { "description": "Provides a AWS Transfer AS2 Profile resource.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:transfer:Profile\n properties:\n as2Id: example\n certificateIds:\n - ${exampleAwsTransferCertificate.certificateId}\n usage: LOCAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer AS2 Profile using the `profile_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/profile:Profile example p-4221a88afd5f4362a\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the profile.\n" }, "as2Id": { "type": "string", "description": "The As2Id is the AS2 name as defined in the RFC 4130. For inbound ttransfers this is the AS2 From Header for the AS2 messages sent from the partner. For Outbound messages this is the AS2 To Header for the AS2 messages sent to the partner. his ID cannot include spaces.\n" }, "certificateIds": { "type": "array", "items": { "type": "string" }, "description": "The list of certificate Ids from the imported certificate operation.\n" }, "profileId": { "type": "string", "description": "The unique identifier for the AS2 profile.\n" }, "profileType": { "type": "string", "description": "The profile type should be LOCAL or PARTNER.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "as2Id", "profileId", "profileType", "tagsAll" ], "inputProperties": { "as2Id": { "type": "string", "description": "The As2Id is the AS2 name as defined in the RFC 4130. For inbound ttransfers this is the AS2 From Header for the AS2 messages sent from the partner. For Outbound messages this is the AS2 To Header for the AS2 messages sent to the partner. his ID cannot include spaces.\n", "willReplaceOnChanges": true }, "certificateIds": { "type": "array", "items": { "type": "string" }, "description": "The list of certificate Ids from the imported certificate operation.\n" }, "profileType": { "type": "string", "description": "The profile type should be LOCAL or PARTNER.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "as2Id", "profileType" ], "stateInputs": { "description": "Input properties used for looking up and filtering Profile resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the profile.\n" }, "as2Id": { "type": "string", "description": "The As2Id is the AS2 name as defined in the RFC 4130. For inbound ttransfers this is the AS2 From Header for the AS2 messages sent from the partner. For Outbound messages this is the AS2 To Header for the AS2 messages sent to the partner. his ID cannot include spaces.\n", "willReplaceOnChanges": true }, "certificateIds": { "type": "array", "items": { "type": "string" }, "description": "The list of certificate Ids from the imported certificate operation.\n" }, "profileId": { "type": "string", "description": "The unique identifier for the AS2 profile.\n" }, "profileType": { "type": "string", "description": "The profile type should be LOCAL or PARTNER.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:transfer/server:Server": { "description": "Provides a AWS Transfer Server resource.\n\n\u003e **NOTE on AWS IAM permissions:** If the `endpoint_type` is set to `VPC`, the `ec2:DescribeVpcEndpoints` and `ec2:ModifyVpcEndpoint` [actions](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html#amazonec2-actions-as-permissions) are used.\n\n\u003e **NOTE:** Use the `aws.transfer.Tag` resource to manage the system tags used for [custom hostnames](https://docs.aws.amazon.com/transfer/latest/userguide/requirements-dns.html#tag-custom-hostname-cdk).\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {tags: {\n Name: \"Example\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\", tags={\n \"Name\": \"Example\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n Tags = \n {\n { \"Name\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .tags(Map.of(\"Name\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n tags:\n Name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Security Policy Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {securityPolicyName: \"TransferSecurityPolicy-2020-06\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\", security_policy_name=\"TransferSecurityPolicy-2020-06\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n SecurityPolicyName = \"TransferSecurityPolicy-2020-06\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tSecurityPolicyName: pulumi.String(\"TransferSecurityPolicy-2020-06\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .securityPolicyName(\"TransferSecurityPolicy-2020-06\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n securityPolicyName: TransferSecurityPolicy-2020-06\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC Endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {\n endpointType: \"VPC\",\n endpointDetails: {\n addressAllocationIds: [exampleAwsEip.id],\n subnetIds: [exampleAwsSubnet.id],\n vpcId: exampleAwsVpc.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\",\n endpoint_type=\"VPC\",\n endpoint_details={\n \"address_allocation_ids\": [example_aws_eip[\"id\"]],\n \"subnet_ids\": [example_aws_subnet[\"id\"]],\n \"vpc_id\": example_aws_vpc[\"id\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n EndpointType = \"VPC\",\n EndpointDetails = new Aws.Transfer.Inputs.ServerEndpointDetailsArgs\n {\n AddressAllocationIds = new[]\n {\n exampleAwsEip.Id,\n },\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n VpcId = exampleAwsVpc.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tEndpointType: pulumi.String(\"VPC\"),\n\t\t\tEndpointDetails: \u0026transfer.ServerEndpointDetailsArgs{\n\t\t\t\tAddressAllocationIds: pulumi.StringArray{\n\t\t\t\t\texampleAwsEip.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .endpointType(\"VPC\")\n .endpointDetails(ServerEndpointDetailsArgs.builder()\n .addressAllocationIds(exampleAwsEip.id())\n .subnetIds(exampleAwsSubnet.id())\n .vpcId(exampleAwsVpc.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n endpointType: VPC\n endpointDetails:\n addressAllocationIds:\n - ${exampleAwsEip.id}\n subnetIds:\n - ${exampleAwsSubnet.id}\n vpcId: ${exampleAwsVpc.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Directory authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {\n identityProviderType: \"AWS_DIRECTORY_SERVICE\",\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\",\n identity_provider_type=\"AWS_DIRECTORY_SERVICE\",\n directory_id=example_aws_directory_service_directory[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n IdentityProviderType = \"AWS_DIRECTORY_SERVICE\",\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"AWS_DIRECTORY_SERVICE\"),\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .identityProviderType(\"AWS_DIRECTORY_SERVICE\")\n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n identityProviderType: AWS_DIRECTORY_SERVICE\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS Lambda authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {\n identityProviderType: \"AWS_LAMBDA\",\n \"function\": exampleAwsLambdaIdentityProvider.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\",\n identity_provider_type=\"AWS_LAMBDA\",\n function=example_aws_lambda_identity_provider[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n IdentityProviderType = \"AWS_LAMBDA\",\n Function = exampleAwsLambdaIdentityProvider.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"AWS_LAMBDA\"),\n\t\t\tFunction: pulumi.Any(exampleAwsLambdaIdentityProvider.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .identityProviderType(\"AWS_LAMBDA\")\n .function(exampleAwsLambdaIdentityProvider.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n identityProviderType: AWS_LAMBDA\n function: ${exampleAwsLambdaIdentityProvider.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Protocols\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {\n endpointType: \"VPC\",\n endpointDetails: {\n subnetIds: [exampleAwsSubnet.id],\n vpcId: exampleAwsVpc.id,\n },\n protocols: [\n \"FTP\",\n \"FTPS\",\n ],\n certificate: exampleAwsAcmCertificate.arn,\n identityProviderType: \"API_GATEWAY\",\n url: `${exampleAwsApiGatewayDeployment.invokeUrl}${exampleAwsApiGatewayResource.path}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\",\n endpoint_type=\"VPC\",\n endpoint_details={\n \"subnet_ids\": [example_aws_subnet[\"id\"]],\n \"vpc_id\": example_aws_vpc[\"id\"],\n },\n protocols=[\n \"FTP\",\n \"FTPS\",\n ],\n certificate=example_aws_acm_certificate[\"arn\"],\n identity_provider_type=\"API_GATEWAY\",\n url=f\"{example_aws_api_gateway_deployment['invokeUrl']}{example_aws_api_gateway_resource['path']}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n EndpointType = \"VPC\",\n EndpointDetails = new Aws.Transfer.Inputs.ServerEndpointDetailsArgs\n {\n SubnetIds = new[]\n {\n exampleAwsSubnet.Id,\n },\n VpcId = exampleAwsVpc.Id,\n },\n Protocols = new[]\n {\n \"FTP\",\n \"FTPS\",\n },\n Certificate = exampleAwsAcmCertificate.Arn,\n IdentityProviderType = \"API_GATEWAY\",\n Url = $\"{exampleAwsApiGatewayDeployment.InvokeUrl}{exampleAwsApiGatewayResource.Path}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tEndpointType: pulumi.String(\"VPC\"),\n\t\t\tEndpointDetails: \u0026transfer.ServerEndpointDetailsArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t\tProtocols: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"FTP\"),\n\t\t\t\tpulumi.String(\"FTPS\"),\n\t\t\t},\n\t\t\tCertificate: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\tIdentityProviderType: pulumi.String(\"API_GATEWAY\"),\n\t\t\tUrl: pulumi.String(fmt.Sprintf(\"%v%v\", exampleAwsApiGatewayDeployment.InvokeUrl, exampleAwsApiGatewayResource.Path)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport com.pulumi.aws.transfer.inputs.ServerEndpointDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .endpointType(\"VPC\")\n .endpointDetails(ServerEndpointDetailsArgs.builder()\n .subnetIds(exampleAwsSubnet.id())\n .vpcId(exampleAwsVpc.id())\n .build())\n .protocols( \n \"FTP\",\n \"FTPS\")\n .certificate(exampleAwsAcmCertificate.arn())\n .identityProviderType(\"API_GATEWAY\")\n .url(String.format(\"%s%s\", exampleAwsApiGatewayDeployment.invokeUrl(),exampleAwsApiGatewayResource.path()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n endpointType: VPC\n endpointDetails:\n subnetIds:\n - ${exampleAwsSubnet.id}\n vpcId: ${exampleAwsVpc.id}\n protocols:\n - FTP\n - FTPS\n certificate: ${exampleAwsAcmCertificate.arn}\n identityProviderType: API_GATEWAY\n url: ${exampleAwsApiGatewayDeployment.invokeUrl}${exampleAwsApiGatewayResource.path}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Structured Logging Destinations\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst transfer = new aws.cloudwatch.LogGroup(\"transfer\", {namePrefix: \"transfer_test_\"});\nconst transferAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"transfer.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForTransfer = new aws.iam.Role(\"iam_for_transfer\", {\n namePrefix: \"iam_for_transfer_\",\n assumeRolePolicy: transferAssumeRole.then(transferAssumeRole =\u003e transferAssumeRole.json),\n managedPolicyArns: [\"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\"],\n});\nconst transferServer = new aws.transfer.Server(\"transfer\", {\n endpointType: \"PUBLIC\",\n loggingRole: iamForTransfer.arn,\n protocols: [\"SFTP\"],\n structuredLogDestinations: [pulumi.interpolate`${transfer.arn}:*`],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntransfer = aws.cloudwatch.LogGroup(\"transfer\", name_prefix=\"transfer_test_\")\ntransfer_assume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"transfer.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\niam_for_transfer = aws.iam.Role(\"iam_for_transfer\",\n name_prefix=\"iam_for_transfer_\",\n assume_role_policy=transfer_assume_role.json,\n managed_policy_arns=[\"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\"])\ntransfer_server = aws.transfer.Server(\"transfer\",\n endpoint_type=\"PUBLIC\",\n logging_role=iam_for_transfer.arn,\n protocols=[\"SFTP\"],\n structured_log_destinations=[transfer.arn.apply(lambda arn: f\"{arn}:*\")])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transfer = new Aws.CloudWatch.LogGroup(\"transfer\", new()\n {\n NamePrefix = \"transfer_test_\",\n });\n\n var transferAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transfer.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForTransfer = new Aws.Iam.Role(\"iam_for_transfer\", new()\n {\n NamePrefix = \"iam_for_transfer_\",\n AssumeRolePolicy = transferAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n ManagedPolicyArns = new[]\n {\n \"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\",\n },\n });\n\n var transferServer = new Aws.Transfer.Server(\"transfer\", new()\n {\n EndpointType = \"PUBLIC\",\n LoggingRole = iamForTransfer.Arn,\n Protocols = new[]\n {\n \"SFTP\",\n },\n StructuredLogDestinations = new[]\n {\n transfer.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransfer, err := cloudwatch.NewLogGroup(ctx, \"transfer\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tNamePrefix: pulumi.String(\"transfer_test_\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttransferAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transfer.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForTransfer, err := iam.NewRole(ctx, \"iam_for_transfer\", \u0026iam.RoleArgs{\n\t\t\tNamePrefix: pulumi.String(\"iam_for_transfer_\"),\n\t\t\tAssumeRolePolicy: pulumi.String(transferAssumeRole.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewServer(ctx, \"transfer\", \u0026transfer.ServerArgs{\n\t\t\tEndpointType: pulumi.String(\"PUBLIC\"),\n\t\t\tLoggingRole: iamForTransfer.Arn,\n\t\t\tProtocols: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SFTP\"),\n\t\t\t},\n\t\t\tStructuredLogDestinations: pulumi.StringArray{\n\t\t\t\ttransfer.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transfer = new LogGroup(\"transfer\", LogGroupArgs.builder()\n .namePrefix(\"transfer_test_\")\n .build());\n\n final var transferAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transfer.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForTransfer = new Role(\"iamForTransfer\", RoleArgs.builder()\n .namePrefix(\"iam_for_transfer_\")\n .assumeRolePolicy(transferAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .managedPolicyArns(\"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\")\n .build());\n\n var transferServer = new Server(\"transferServer\", ServerArgs.builder()\n .endpointType(\"PUBLIC\")\n .loggingRole(iamForTransfer.arn())\n .protocols(\"SFTP\")\n .structuredLogDestinations(transfer.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transfer:\n type: aws:cloudwatch:LogGroup\n properties:\n namePrefix: transfer_test_\n iamForTransfer:\n type: aws:iam:Role\n name: iam_for_transfer\n properties:\n namePrefix: iam_for_transfer_\n assumeRolePolicy: ${transferAssumeRole.json}\n managedPolicyArns:\n - arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess\n transferServer:\n type: aws:transfer:Server\n name: transfer\n properties:\n endpointType: PUBLIC\n loggingRole: ${iamForTransfer.arn}\n protocols:\n - SFTP\n structuredLogDestinations:\n - ${transfer.arn}:*\nvariables:\n transferAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - transfer.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIn Terraform v1.5.0 and later, use an `import` Block to import Transfer Servers using the server `id`. For example:\n\nUsing `pulumi import`, import Transfer Servers using the server `id`. For example:\n\n```sh\n$ pulumi import aws:transfer/server:Server example s-12345678\n```\nCertain resource arguments, such as `host_key`, cannot be read via the API and imported into the provider. This provider will display a difference for these arguments the first run after import if declared in the provider configuration for an imported resource.\n\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer Server\n" }, "certificate": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. This is required when `protocols` is set to `FTPS`\n" }, "directoryId": { "type": "string", "description": "The directory service ID of the directory service you want to connect to with an `identity_provider_type` of `AWS_DIRECTORY_SERVICE`.\n" }, "domain": { "type": "string", "description": "The domain of the storage system that is used for file transfers. Valid values are: `S3` and `EFS`. The default value is `S3`.\n" }, "endpoint": { "type": "string", "description": "The endpoint of the Transfer Server (e.g., `s-12345678.server.transfer.REGION.amazonaws.com`)\n" }, "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. See `endpoint_details` Block below for details.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC` (or `VPC_ENDPOINT`), your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`. This option only applies to servers configured with a `SERVICE_MANAGED` `identity_provider_type`.\n" }, "function": { "type": "string", "description": "The ARN for a lambda function to use for the Identity provider.\n" }, "hostKey": { "type": "string", "description": "RSA, ECDSA, or ED25519 private key (e.g., as generated by the `ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key`, `ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key` or `ssh-keygen -t ed25519 -N \"\" -f my-new-server-key` commands).\n", "secret": true }, "hostKeyFingerprint": { "type": "string", "description": "This value contains the message-digest algorithm (MD5) hash of the server's host key. This value is equivalent to the output of the `ssh-keygen -l -E md5 -f my-new-server-key` command.\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using `AWS_DIRECTORY_SERVICE` will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the `AWS_LAMBDA` value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the `function` argument.\n" }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "postAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.\n", "secret": true }, "preAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed before the user authenticates.\n", "secret": true }, "protocolDetails": { "$ref": "#/types/aws:transfer/ServerProtocolDetails:ServerProtocolDetails", "description": "The protocol settings that are configured for your server. See `protocol_details` Block below for details.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. This defaults to `SFTP` . The available protocols are:\n* `AS2`: File transfer over Applicability Statement 2\n* `SFTP`: File transfer over SSH\n* `FTPS`: File transfer with TLS encryption\n* `FTP`: Unencrypted file transfer\n" }, "s3StorageOptions": { "$ref": "#/types/aws:transfer/ServerS3StorageOptions:ServerS3StorageOptions", "description": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default. See `s3_storage_options` Block below for details.\n" }, "securityPolicyName": { "type": "string", "description": "Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:\n* `TransferSecurityPolicy-2018-11`\n* `TransferSecurityPolicy-2020-06`\n* `TransferSecurityPolicy-2022-03`\n* `TransferSecurityPolicy-2023-05`\n* `TransferSecurityPolicy-2024-01`\n* `TransferSecurityPolicy-FIPS-2020-06`\n* `TransferSecurityPolicy-FIPS-2023-05`\n* `TransferSecurityPolicy-FIPS-2024-01`\n* `TransferSecurityPolicy-FIPS-2024-05`\n* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`\n* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`\n* `TransferSecurityPolicy-Restricted-2018-11`\n* `TransferSecurityPolicy-Restricted-2020-06`\n\nSee [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.\n" }, "sftpAuthenticationMethods": { "type": "string", "description": "For SFTP-enabled servers, and for custom identity providers only. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.\n" }, "structuredLogDestinations": { "type": "array", "items": { "type": "string" }, "description": "A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" }, "workflowDetails": { "$ref": "#/types/aws:transfer/ServerWorkflowDetails:ServerWorkflowDetails", "description": "Specifies the workflow details. See `workflow_details` Block below for details.\n" } }, "required": [ "arn", "endpoint", "hostKeyFingerprint", "protocolDetails", "protocols", "s3StorageOptions", "sftpAuthenticationMethods", "tagsAll" ], "inputProperties": { "certificate": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. This is required when `protocols` is set to `FTPS`\n" }, "directoryId": { "type": "string", "description": "The directory service ID of the directory service you want to connect to with an `identity_provider_type` of `AWS_DIRECTORY_SERVICE`.\n" }, "domain": { "type": "string", "description": "The domain of the storage system that is used for file transfers. Valid values are: `S3` and `EFS`. The default value is `S3`.\n", "willReplaceOnChanges": true }, "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. See `endpoint_details` Block below for details.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC` (or `VPC_ENDPOINT`), your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`. This option only applies to servers configured with a `SERVICE_MANAGED` `identity_provider_type`.\n" }, "function": { "type": "string", "description": "The ARN for a lambda function to use for the Identity provider.\n" }, "hostKey": { "type": "string", "description": "RSA, ECDSA, or ED25519 private key (e.g., as generated by the `ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key`, `ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key` or `ssh-keygen -t ed25519 -N \"\" -f my-new-server-key` commands).\n", "secret": true }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using `AWS_DIRECTORY_SERVICE` will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the `AWS_LAMBDA` value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the `function` argument.\n", "willReplaceOnChanges": true }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "postAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.\n", "secret": true }, "preAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed before the user authenticates.\n", "secret": true }, "protocolDetails": { "$ref": "#/types/aws:transfer/ServerProtocolDetails:ServerProtocolDetails", "description": "The protocol settings that are configured for your server. See `protocol_details` Block below for details.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. This defaults to `SFTP` . The available protocols are:\n* `AS2`: File transfer over Applicability Statement 2\n* `SFTP`: File transfer over SSH\n* `FTPS`: File transfer with TLS encryption\n* `FTP`: Unencrypted file transfer\n" }, "s3StorageOptions": { "$ref": "#/types/aws:transfer/ServerS3StorageOptions:ServerS3StorageOptions", "description": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default. See `s3_storage_options` Block below for details.\n" }, "securityPolicyName": { "type": "string", "description": "Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:\n* `TransferSecurityPolicy-2018-11`\n* `TransferSecurityPolicy-2020-06`\n* `TransferSecurityPolicy-2022-03`\n* `TransferSecurityPolicy-2023-05`\n* `TransferSecurityPolicy-2024-01`\n* `TransferSecurityPolicy-FIPS-2020-06`\n* `TransferSecurityPolicy-FIPS-2023-05`\n* `TransferSecurityPolicy-FIPS-2024-01`\n* `TransferSecurityPolicy-FIPS-2024-05`\n* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`\n* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`\n* `TransferSecurityPolicy-Restricted-2018-11`\n* `TransferSecurityPolicy-Restricted-2020-06`\n\nSee [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.\n" }, "sftpAuthenticationMethods": { "type": "string", "description": "For SFTP-enabled servers, and for custom identity providers only. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.\n" }, "structuredLogDestinations": { "type": "array", "items": { "type": "string" }, "description": "A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "url": { "type": "string", "description": "URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" }, "workflowDetails": { "$ref": "#/types/aws:transfer/ServerWorkflowDetails:ServerWorkflowDetails", "description": "Specifies the workflow details. See `workflow_details` Block below for details.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Server resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer Server\n" }, "certificate": { "type": "string", "description": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. This is required when `protocols` is set to `FTPS`\n" }, "directoryId": { "type": "string", "description": "The directory service ID of the directory service you want to connect to with an `identity_provider_type` of `AWS_DIRECTORY_SERVICE`.\n" }, "domain": { "type": "string", "description": "The domain of the storage system that is used for file transfers. Valid values are: `S3` and `EFS`. The default value is `S3`.\n", "willReplaceOnChanges": true }, "endpoint": { "type": "string", "description": "The endpoint of the Transfer Server (e.g., `s-12345678.server.transfer.REGION.amazonaws.com`)\n" }, "endpointDetails": { "$ref": "#/types/aws:transfer/ServerEndpointDetails:ServerEndpointDetails", "description": "The virtual private cloud (VPC) endpoint settings that you want to configure for your SFTP server. See `endpoint_details` Block below for details.\n" }, "endpointType": { "type": "string", "description": "The type of endpoint that you want your SFTP server connect to. If you connect to a `VPC` (or `VPC_ENDPOINT`), your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set `PUBLIC`. Defaults to `PUBLIC`.\n" }, "forceDestroy": { "type": "boolean", "description": "A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`. This option only applies to servers configured with a `SERVICE_MANAGED` `identity_provider_type`.\n" }, "function": { "type": "string", "description": "The ARN for a lambda function to use for the Identity provider.\n" }, "hostKey": { "type": "string", "description": "RSA, ECDSA, or ED25519 private key (e.g., as generated by the `ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key`, `ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key` or `ssh-keygen -t ed25519 -N \"\" -f my-new-server-key` commands).\n", "secret": true }, "hostKeyFingerprint": { "type": "string", "description": "This value contains the message-digest algorithm (MD5) hash of the server's host key. This value is equivalent to the output of the `ssh-keygen -l -E md5 -f my-new-server-key` command.\n" }, "identityProviderType": { "type": "string", "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using `AWS_DIRECTORY_SERVICE` will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the `AWS_LAMBDA` value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the `function` argument.\n", "willReplaceOnChanges": true }, "invocationRole": { "type": "string", "description": "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n" }, "loggingRole": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n" }, "postAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.\n", "secret": true }, "preAuthenticationLoginBanner": { "type": "string", "description": "Specify a string to display when users connect to a server. This string is displayed before the user authenticates.\n", "secret": true }, "protocolDetails": { "$ref": "#/types/aws:transfer/ServerProtocolDetails:ServerProtocolDetails", "description": "The protocol settings that are configured for your server. See `protocol_details` Block below for details.\n" }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. This defaults to `SFTP` . The available protocols are:\n* `AS2`: File transfer over Applicability Statement 2\n* `SFTP`: File transfer over SSH\n* `FTPS`: File transfer with TLS encryption\n* `FTP`: Unencrypted file transfer\n" }, "s3StorageOptions": { "$ref": "#/types/aws:transfer/ServerS3StorageOptions:ServerS3StorageOptions", "description": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default. See `s3_storage_options` Block below for details.\n" }, "securityPolicyName": { "type": "string", "description": "Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:\n* `TransferSecurityPolicy-2018-11`\n* `TransferSecurityPolicy-2020-06`\n* `TransferSecurityPolicy-2022-03`\n* `TransferSecurityPolicy-2023-05`\n* `TransferSecurityPolicy-2024-01`\n* `TransferSecurityPolicy-FIPS-2020-06`\n* `TransferSecurityPolicy-FIPS-2023-05`\n* `TransferSecurityPolicy-FIPS-2024-01`\n* `TransferSecurityPolicy-FIPS-2024-05`\n* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`\n* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`\n* `TransferSecurityPolicy-Restricted-2018-11`\n* `TransferSecurityPolicy-Restricted-2020-06`\n\nSee [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.\n" }, "sftpAuthenticationMethods": { "type": "string", "description": "For SFTP-enabled servers, and for custom identity providers only. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.\n" }, "structuredLogDestinations": { "type": "array", "items": { "type": "string" }, "description": "A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "url": { "type": "string", "description": "URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n" }, "workflowDetails": { "$ref": "#/types/aws:transfer/ServerWorkflowDetails:ServerWorkflowDetails", "description": "Specifies the workflow details. See `workflow_details` Block below for details.\n" } }, "type": "object" } }, "aws:transfer/sshKey:SshKey": { "description": "Provides a AWS Transfer User SSH Key resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\nconst examplePrivateKey = new tls.PrivateKey(\"example\", {\n algorithm: \"RSA\",\n rsaBits: 4096,\n});\nconst exampleServer = new aws.transfer.Server(\"example\", {\n identityProviderType: \"SERVICE_MANAGED\",\n tags: {\n NAME: \"tf-acc-test-transfer-server\",\n },\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"transfer.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"tf-test-transfer-user-iam-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleUser = new aws.transfer.User(\"example\", {\n serverId: exampleServer.id,\n userName: \"tftestuser\",\n role: exampleRole.arn,\n tags: {\n NAME: \"tftestuser\",\n },\n});\nconst exampleSshKey = new aws.transfer.SshKey(\"example\", {\n serverId: exampleServer.id,\n userName: exampleUser.userName,\n body: std.trimspaceOutput({\n input: examplePrivateKey.publicKeyOpenssh,\n }).apply(invoke =\u003e invoke.result),\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"AllowFullAccesstoS3\",\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"tf-test-transfer-user-iam-policy\",\n role: exampleRole.id,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\nimport pulumi_tls as tls\n\nexample_private_key = tls.PrivateKey(\"example\",\n algorithm=\"RSA\",\n rsa_bits=4096)\nexample_server = aws.transfer.Server(\"example\",\n identity_provider_type=\"SERVICE_MANAGED\",\n tags={\n \"NAME\": \"tf-acc-test-transfer-server\",\n })\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"transfer.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nexample_role = aws.iam.Role(\"example\",\n name=\"tf-test-transfer-user-iam-role\",\n assume_role_policy=assume_role.json)\nexample_user = aws.transfer.User(\"example\",\n server_id=example_server.id,\n user_name=\"tftestuser\",\n role=example_role.arn,\n tags={\n \"NAME\": \"tftestuser\",\n })\nexample_ssh_key = aws.transfer.SshKey(\"example\",\n server_id=example_server.id,\n user_name=example_user.user_name,\n body=std.trimspace_output(input=example_private_key.public_key_openssh).apply(lambda invoke: invoke.result))\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"AllowFullAccesstoS3\",\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n}])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"tf-test-transfer-user-iam-policy\",\n role=example_role.id,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplePrivateKey = new Tls.PrivateKey(\"example\", new()\n {\n Algorithm = \"RSA\",\n RsaBits = 4096,\n });\n\n var exampleServer = new Aws.Transfer.Server(\"example\", new()\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n Tags = \n {\n { \"NAME\", \"tf-acc-test-transfer-server\" },\n },\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transfer.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"tf-test-transfer-user-iam-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleUser = new Aws.Transfer.User(\"example\", new()\n {\n ServerId = exampleServer.Id,\n UserName = \"tftestuser\",\n Role = exampleRole.Arn,\n Tags = \n {\n { \"NAME\", \"tftestuser\" },\n },\n });\n\n var exampleSshKey = new Aws.Transfer.SshKey(\"example\", new()\n {\n ServerId = exampleServer.Id,\n UserName = exampleUser.UserName,\n Body = Std.Trimspace.Invoke(new()\n {\n Input = examplePrivateKey.PublicKeyOpenssh,\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AllowFullAccesstoS3\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"tf-test-transfer-user-iam-policy\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplePrivateKey, err := tls.NewPrivateKey(ctx, \"example\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t\tRsaBits: pulumi.Int(4096),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleServer, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"NAME\": pulumi.String(\"tf-acc-test-transfer-server\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transfer.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"tf-test-transfer-user-iam-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUser, err := transfer.NewUser(ctx, \"example\", \u0026transfer.UserArgs{\n\t\t\tServerId: exampleServer.ID(),\n\t\t\tUserName: pulumi.String(\"tftestuser\"),\n\t\t\tRole: exampleRole.Arn,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"NAME\": pulumi.String(\"tftestuser\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewSshKey(ctx, \"example\", \u0026transfer.SshKeyArgs{\n\t\t\tServerId: exampleServer.ID(),\n\t\t\tUserName: exampleUser.UserName,\n\t\t\tBody: pulumi.String(std.TrimspaceOutput(ctx, std.TrimspaceOutputArgs{\n\t\t\t\tInput: examplePrivateKey.PublicKeyOpenssh,\n\t\t\t}, nil).ApplyT(func(invoke std.TrimspaceResult) (*string, error) {\n\t\t\t\treturn invoke.Result, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"AllowFullAccesstoS3\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"tf-test-transfer-user-iam-policy\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.transfer.User;\nimport com.pulumi.aws.transfer.UserArgs;\nimport com.pulumi.aws.transfer.SshKey;\nimport com.pulumi.aws.transfer.SshKeyArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplePrivateKey = new PrivateKey(\"examplePrivateKey\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .rsaBits(4096)\n .build());\n\n var exampleServer = new Server(\"exampleServer\", ServerArgs.builder()\n .identityProviderType(\"SERVICE_MANAGED\")\n .tags(Map.of(\"NAME\", \"tf-acc-test-transfer-server\"))\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transfer.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .name(\"tf-test-transfer-user-iam-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleUser = new User(\"exampleUser\", UserArgs.builder()\n .serverId(exampleServer.id())\n .userName(\"tftestuser\")\n .role(exampleRole.arn())\n .tags(Map.of(\"NAME\", \"tftestuser\"))\n .build());\n\n var exampleSshKey = new SshKey(\"exampleSshKey\", SshKeyArgs.builder()\n .serverId(exampleServer.id())\n .userName(exampleUser.userName())\n .body(StdFunctions.trimspace().applyValue(invoke -\u003e invoke.result()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AllowFullAccesstoS3\")\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .name(\"tf-test-transfer-user-iam-policy\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePrivateKey:\n type: tls:PrivateKey\n name: example\n properties:\n algorithm: RSA\n rsaBits: 4096\n exampleSshKey:\n type: aws:transfer:SshKey\n name: example\n properties:\n serverId: ${exampleServer.id}\n userName: ${exampleUser.userName}\n body:\n fn::invoke:\n Function: std:trimspace\n Arguments:\n input: ${examplePrivateKey.publicKeyOpenssh}\n Return: result\n exampleServer:\n type: aws:transfer:Server\n name: example\n properties:\n identityProviderType: SERVICE_MANAGED\n tags:\n NAME: tf-acc-test-transfer-server\n exampleUser:\n type: aws:transfer:User\n name: example\n properties:\n serverId: ${exampleServer.id}\n userName: tftestuser\n role: ${exampleRole.arn}\n tags:\n NAME: tftestuser\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: tf-test-transfer-user-iam-role\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: tf-test-transfer-user-iam-policy\n role: ${exampleRole.id}\n policy: ${example.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - transfer.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AllowFullAccesstoS3\n effect: Allow\n actions:\n - s3:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer SSH Public Key using the `server_id` and `user_name` and `ssh_public_key_id` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:transfer/sshKey:SshKey bar s-12345678/test-username/key-12345\n```\n", "properties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n" }, "sshKeyId": { "type": "string" }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n" } }, "required": [ "body", "serverId", "sshKeyId", "userName" ], "inputProperties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n", "willReplaceOnChanges": true }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "body", "serverId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering SshKey resources.\n", "properties": { "body": { "type": "string", "description": "The public key portion of an SSH key pair.\n", "willReplaceOnChanges": true }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true }, "sshKeyId": { "type": "string" }, "userName": { "type": "string", "description": "The name of the user account that is assigned to one or more servers.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transfer/tag:Tag": { "description": "Manages an individual Transfer Family resource tag. This resource should only be used in cases where Transfer Family resources are created outside the provider (e.g., Servers without AWS Management Console) or the tag key has the `aws:` prefix.\n\n\u003e **NOTE:** This tagging resource should not be combined with the resource for managing the parent resource. For example, using `aws.transfer.Server` and `aws.transfer.Tag` to manage tags of the same server will cause a perpetual difference where the `aws.transfer.Server` resource will try to remove the tag being added by the `aws.transfer.Tag` resource.\n\n\u003e **NOTE:** This tagging resource does not use the provider `ignore_tags` configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Server(\"example\", {identityProviderType: \"SERVICE_MANAGED\"});\nconst zoneId = new aws.transfer.Tag(\"zone_id\", {\n resourceArn: example.arn,\n key: \"aws:transfer:route53HostedZoneId\",\n value: \"/hostedzone/MyHostedZoneId\",\n});\nconst hostname = new aws.transfer.Tag(\"hostname\", {\n resourceArn: example.arn,\n key: \"aws:transfer:customHostname\",\n value: \"example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Server(\"example\", identity_provider_type=\"SERVICE_MANAGED\")\nzone_id = aws.transfer.Tag(\"zone_id\",\n resource_arn=example.arn,\n key=\"aws:transfer:route53HostedZoneId\",\n value=\"/hostedzone/MyHostedZoneId\")\nhostname = aws.transfer.Tag(\"hostname\",\n resource_arn=example.arn,\n key=\"aws:transfer:customHostname\",\n value=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Server(\"example\", new()\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n });\n\n var zoneId = new Aws.Transfer.Tag(\"zone_id\", new()\n {\n ResourceArn = example.Arn,\n Key = \"aws:transfer:route53HostedZoneId\",\n Value = \"/hostedzone/MyHostedZoneId\",\n });\n\n var hostname = new Aws.Transfer.Tag(\"hostname\", new()\n {\n ResourceArn = example.Arn,\n Key = \"aws:transfer:customHostname\",\n Value = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := transfer.NewServer(ctx, \"example\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewTag(ctx, \"zone_id\", \u0026transfer.TagArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tKey: pulumi.String(\"aws:transfer:route53HostedZoneId\"),\n\t\t\tValue: pulumi.String(\"/hostedzone/MyHostedZoneId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewTag(ctx, \"hostname\", \u0026transfer.TagArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tKey: pulumi.String(\"aws:transfer:customHostname\"),\n\t\t\tValue: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport com.pulumi.aws.transfer.Tag;\nimport com.pulumi.aws.transfer.TagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Server(\"example\", ServerArgs.builder()\n .identityProviderType(\"SERVICE_MANAGED\")\n .build());\n\n var zoneId = new Tag(\"zoneId\", TagArgs.builder()\n .resourceArn(example.arn())\n .key(\"aws:transfer:route53HostedZoneId\")\n .value(\"/hostedzone/MyHostedZoneId\")\n .build());\n\n var hostname = new Tag(\"hostname\", TagArgs.builder()\n .resourceArn(example.arn())\n .key(\"aws:transfer:customHostname\")\n .value(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Server\n properties:\n identityProviderType: SERVICE_MANAGED\n zoneId:\n type: aws:transfer:Tag\n name: zone_id\n properties:\n resourceArn: ${example.arn}\n key: aws:transfer:route53HostedZoneId\n value: /hostedzone/MyHostedZoneId\n hostname:\n type: aws:transfer:Tag\n properties:\n resourceArn: ${example.arn}\n key: aws:transfer:customHostname\n value: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_transfer_tag` using the Transfer Family resource identifier and key, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:transfer/tag:Tag example arn:aws:transfer:us-east-1:123456789012:server/s-1234567890abcdef0,Name\n```\n", "properties": { "key": { "type": "string", "description": "Tag name.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Transfer Family resource to tag.\n" }, "value": { "type": "string", "description": "Tag value.\n" } }, "required": [ "key", "resourceArn", "value" ], "inputProperties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Transfer Family resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "requiredInputs": [ "key", "resourceArn", "value" ], "stateInputs": { "description": "Input properties used for looking up and filtering Tag resources.\n", "properties": { "key": { "type": "string", "description": "Tag name.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the Transfer Family resource to tag.\n", "willReplaceOnChanges": true }, "value": { "type": "string", "description": "Tag value.\n" } }, "type": "object" } }, "aws:transfer/user:User": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst fooServer = new aws.transfer.Server(\"foo\", {\n identityProviderType: \"SERVICE_MANAGED\",\n tags: {\n NAME: \"tf-acc-test-transfer-server\",\n },\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"transfer.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst fooRole = new aws.iam.Role(\"foo\", {\n name: \"tf-test-transfer-user-iam-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst foo = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"AllowFullAccesstoS3\",\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n }],\n});\nconst fooRolePolicy = new aws.iam.RolePolicy(\"foo\", {\n name: \"tf-test-transfer-user-iam-policy\",\n role: fooRole.id,\n policy: foo.then(foo =\u003e foo.json),\n});\nconst fooUser = new aws.transfer.User(\"foo\", {\n serverId: fooServer.id,\n userName: \"tftestuser\",\n role: fooRole.arn,\n homeDirectoryType: \"LOGICAL\",\n homeDirectoryMappings: [{\n entry: \"/test.pdf\",\n target: \"/bucket3/test-path/tftestuser.pdf\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo_server = aws.transfer.Server(\"foo\",\n identity_provider_type=\"SERVICE_MANAGED\",\n tags={\n \"NAME\": \"tf-acc-test-transfer-server\",\n })\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"transfer.amazonaws.com\"],\n }],\n \"actions\": [\"sts:AssumeRole\"],\n}])\nfoo_role = aws.iam.Role(\"foo\",\n name=\"tf-test-transfer-user-iam-role\",\n assume_role_policy=assume_role.json)\nfoo = aws.iam.get_policy_document(statements=[{\n \"sid\": \"AllowFullAccesstoS3\",\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n}])\nfoo_role_policy = aws.iam.RolePolicy(\"foo\",\n name=\"tf-test-transfer-user-iam-policy\",\n role=foo_role.id,\n policy=foo.json)\nfoo_user = aws.transfer.User(\"foo\",\n server_id=foo_server.id,\n user_name=\"tftestuser\",\n role=foo_role.arn,\n home_directory_type=\"LOGICAL\",\n home_directory_mappings=[{\n \"entry\": \"/test.pdf\",\n \"target\": \"/bucket3/test-path/tftestuser.pdf\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var fooServer = new Aws.Transfer.Server(\"foo\", new()\n {\n IdentityProviderType = \"SERVICE_MANAGED\",\n Tags = \n {\n { \"NAME\", \"tf-acc-test-transfer-server\" },\n },\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transfer.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var fooRole = new Aws.Iam.Role(\"foo\", new()\n {\n Name = \"tf-test-transfer-user-iam-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AllowFullAccesstoS3\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var fooRolePolicy = new Aws.Iam.RolePolicy(\"foo\", new()\n {\n Name = \"tf-test-transfer-user-iam-policy\",\n Role = fooRole.Id,\n Policy = foo.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooUser = new Aws.Transfer.User(\"foo\", new()\n {\n ServerId = fooServer.Id,\n UserName = \"tftestuser\",\n Role = fooRole.Arn,\n HomeDirectoryType = \"LOGICAL\",\n HomeDirectoryMappings = new[]\n {\n new Aws.Transfer.Inputs.UserHomeDirectoryMappingArgs\n {\n Entry = \"/test.pdf\",\n Target = \"/bucket3/test-path/tftestuser.pdf\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfooServer, err := transfer.NewServer(ctx, \"foo\", \u0026transfer.ServerArgs{\n\t\t\tIdentityProviderType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"NAME\": pulumi.String(\"tf-acc-test-transfer-server\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transfer.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRole, err := iam.NewRole(ctx, \"foo\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"tf-test-transfer-user-iam-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"AllowFullAccesstoS3\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"foo\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"tf-test-transfer-user-iam-policy\"),\n\t\t\tRole: fooRole.ID(),\n\t\t\tPolicy: pulumi.String(foo.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transfer.NewUser(ctx, \"foo\", \u0026transfer.UserArgs{\n\t\t\tServerId: fooServer.ID(),\n\t\t\tUserName: pulumi.String(\"tftestuser\"),\n\t\t\tRole: fooRole.Arn,\n\t\t\tHomeDirectoryType: pulumi.String(\"LOGICAL\"),\n\t\t\tHomeDirectoryMappings: transfer.UserHomeDirectoryMappingArray{\n\t\t\t\t\u0026transfer.UserHomeDirectoryMappingArgs{\n\t\t\t\t\tEntry: pulumi.String(\"/test.pdf\"),\n\t\t\t\t\tTarget: pulumi.String(\"/bucket3/test-path/tftestuser.pdf\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Server;\nimport com.pulumi.aws.transfer.ServerArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.transfer.User;\nimport com.pulumi.aws.transfer.UserArgs;\nimport com.pulumi.aws.transfer.inputs.UserHomeDirectoryMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var fooServer = new Server(\"fooServer\", ServerArgs.builder()\n .identityProviderType(\"SERVICE_MANAGED\")\n .tags(Map.of(\"NAME\", \"tf-acc-test-transfer-server\"))\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transfer.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var fooRole = new Role(\"fooRole\", RoleArgs.builder()\n .name(\"tf-test-transfer-user-iam-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var foo = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AllowFullAccesstoS3\")\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var fooRolePolicy = new RolePolicy(\"fooRolePolicy\", RolePolicyArgs.builder()\n .name(\"tf-test-transfer-user-iam-policy\")\n .role(fooRole.id())\n .policy(foo.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooUser = new User(\"fooUser\", UserArgs.builder()\n .serverId(fooServer.id())\n .userName(\"tftestuser\")\n .role(fooRole.arn())\n .homeDirectoryType(\"LOGICAL\")\n .homeDirectoryMappings(UserHomeDirectoryMappingArgs.builder()\n .entry(\"/test.pdf\")\n .target(\"/bucket3/test-path/tftestuser.pdf\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fooServer:\n type: aws:transfer:Server\n name: foo\n properties:\n identityProviderType: SERVICE_MANAGED\n tags:\n NAME: tf-acc-test-transfer-server\n fooRole:\n type: aws:iam:Role\n name: foo\n properties:\n name: tf-test-transfer-user-iam-role\n assumeRolePolicy: ${assumeRole.json}\n fooRolePolicy:\n type: aws:iam:RolePolicy\n name: foo\n properties:\n name: tf-test-transfer-user-iam-policy\n role: ${fooRole.id}\n policy: ${foo.json}\n fooUser:\n type: aws:transfer:User\n name: foo\n properties:\n serverId: ${fooServer.id}\n userName: tftestuser\n role: ${fooRole.arn}\n homeDirectoryType: LOGICAL\n homeDirectoryMappings:\n - entry: /test.pdf\n target: /bucket3/test-path/tftestuser.pdf\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - transfer.amazonaws.com\n actions:\n - sts:AssumeRole\n foo:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AllowFullAccesstoS3\n effect: Allow\n actions:\n - s3:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer Users using the `server_id` and `user_name` separated by `/`. For example:\n\n```sh\n$ pulumi import aws:transfer/user:User bar s-12345678/test-username\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer User\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/UserHomeDirectoryMapping:UserHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/UserPosixProfile:UserPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to control your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n" } }, "required": [ "arn", "role", "serverId", "tagsAll", "userName" ], "inputProperties": { "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/UserHomeDirectoryMapping:UserHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/UserPosixProfile:UserPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to control your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "role", "serverId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering User resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of Transfer User\n" }, "homeDirectory": { "type": "string", "description": "The landing directory (folder) for a user when they log in to the server using their SFTP client. It should begin with a `/`. The first item in the path is the name of the home bucket (accessible as `${Transfer:HomeBucket}` in the policy) and the rest is the home directory (accessible as `${Transfer:HomeDirectory}` in the policy). For example, `/example-bucket-1234/username` would set the home bucket to `example-bucket-1234` and the home directory to `username`.\n" }, "homeDirectoryMappings": { "type": "array", "items": { "$ref": "#/types/aws:transfer/UserHomeDirectoryMapping:UserHomeDirectoryMapping" }, "description": "Logical directory mappings that specify what S3 paths and keys should be visible to your user and how you want to make them visible. See Home Directory Mappings below.\n" }, "homeDirectoryType": { "type": "string", "description": "The type of landing directory (folder) you mapped for your users' home directory. Valid values are `PATH` and `LOGICAL`.\n" }, "policy": { "type": "string", "description": "An IAM JSON policy document that scopes down user access to portions of their Amazon S3 bucket. IAM variables you can use inside this policy include `${Transfer:UserName}`, `${Transfer:HomeDirectory}`, and `${Transfer:HomeBucket}`. These are evaluated on-the-fly when navigating the bucket.\n" }, "posixProfile": { "$ref": "#/types/aws:transfer/UserPosixProfile:UserPosixProfile", "description": "Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. See Posix Profile below.\n" }, "role": { "type": "string", "description": "Amazon Resource Name (ARN) of an IAM role that allows the service to control your user’s access to your Amazon S3 bucket.\n" }, "serverId": { "type": "string", "description": "The Server ID of the Transfer Server (e.g., `s-12345678`)\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The name used for log in to your SFTP server.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:transfer/workflow:Workflow": { "description": "Provides a AWS Transfer Workflow resource.\n\n## Example Usage\n\n### Basic single step example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Workflow(\"example\", {steps: [{\n deleteStepDetails: {\n name: \"example\",\n sourceFileLocation: \"${original.file}\",\n },\n type: \"DELETE\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Workflow(\"example\", steps=[{\n \"delete_step_details\": {\n \"name\": \"example\",\n \"source_file_location\": \"${original.file}\",\n },\n \"type\": \"DELETE\",\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Workflow(\"example\", new()\n {\n Steps = new[]\n {\n new Aws.Transfer.Inputs.WorkflowStepArgs\n {\n DeleteStepDetails = new Aws.Transfer.Inputs.WorkflowStepDeleteStepDetailsArgs\n {\n Name = \"example\",\n SourceFileLocation = \"${original.file}\",\n },\n Type = \"DELETE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewWorkflow(ctx, \"example\", \u0026transfer.WorkflowArgs{\n\t\t\tSteps: transfer.WorkflowStepArray{\n\t\t\t\t\u0026transfer.WorkflowStepArgs{\n\t\t\t\t\tDeleteStepDetails: \u0026transfer.WorkflowStepDeleteStepDetailsArgs{\n\t\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\t\tSourceFileLocation: pulumi.String(\"${original.file}\"),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"DELETE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Workflow;\nimport com.pulumi.aws.transfer.WorkflowArgs;\nimport com.pulumi.aws.transfer.inputs.WorkflowStepArgs;\nimport com.pulumi.aws.transfer.inputs.WorkflowStepDeleteStepDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workflow(\"example\", WorkflowArgs.builder()\n .steps(WorkflowStepArgs.builder()\n .deleteStepDetails(WorkflowStepDeleteStepDetailsArgs.builder()\n .name(\"example\")\n .sourceFileLocation(\"${original.file}\")\n .build())\n .type(\"DELETE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Workflow\n properties:\n steps:\n - deleteStepDetails:\n name: example\n sourceFileLocation: ${original.file}\n type: DELETE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multistep example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.transfer.Workflow(\"example\", {steps: [\n {\n customStepDetails: {\n name: \"example\",\n sourceFileLocation: \"${original.file}\",\n target: exampleAwsLambdaFunction.arn,\n timeoutSeconds: 60,\n },\n type: \"CUSTOM\",\n },\n {\n tagStepDetails: {\n name: \"example\",\n sourceFileLocation: \"${original.file}\",\n tags: [{\n key: \"Name\",\n value: \"Hello World\",\n }],\n },\n type: \"TAG\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.Workflow(\"example\", steps=[\n {\n \"custom_step_details\": {\n \"name\": \"example\",\n \"source_file_location\": \"${original.file}\",\n \"target\": example_aws_lambda_function[\"arn\"],\n \"timeout_seconds\": 60,\n },\n \"type\": \"CUSTOM\",\n },\n {\n \"tag_step_details\": {\n \"name\": \"example\",\n \"source_file_location\": \"${original.file}\",\n \"tags\": [{\n \"key\": \"Name\",\n \"value\": \"Hello World\",\n }],\n },\n \"type\": \"TAG\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Transfer.Workflow(\"example\", new()\n {\n Steps = new[]\n {\n new Aws.Transfer.Inputs.WorkflowStepArgs\n {\n CustomStepDetails = new Aws.Transfer.Inputs.WorkflowStepCustomStepDetailsArgs\n {\n Name = \"example\",\n SourceFileLocation = \"${original.file}\",\n Target = exampleAwsLambdaFunction.Arn,\n TimeoutSeconds = 60,\n },\n Type = \"CUSTOM\",\n },\n new Aws.Transfer.Inputs.WorkflowStepArgs\n {\n TagStepDetails = new Aws.Transfer.Inputs.WorkflowStepTagStepDetailsArgs\n {\n Name = \"example\",\n SourceFileLocation = \"${original.file}\",\n Tags = new[]\n {\n new Aws.Transfer.Inputs.WorkflowStepTagStepDetailsTagArgs\n {\n Key = \"Name\",\n Value = \"Hello World\",\n },\n },\n },\n Type = \"TAG\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.NewWorkflow(ctx, \"example\", \u0026transfer.WorkflowArgs{\n\t\t\tSteps: transfer.WorkflowStepArray{\n\t\t\t\t\u0026transfer.WorkflowStepArgs{\n\t\t\t\t\tCustomStepDetails: \u0026transfer.WorkflowStepCustomStepDetailsArgs{\n\t\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\t\tSourceFileLocation: pulumi.String(\"${original.file}\"),\n\t\t\t\t\t\tTarget: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t},\n\t\t\t\t\u0026transfer.WorkflowStepArgs{\n\t\t\t\t\tTagStepDetails: \u0026transfer.WorkflowStepTagStepDetailsArgs{\n\t\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\t\tSourceFileLocation: pulumi.String(\"${original.file}\"),\n\t\t\t\t\t\tTags: transfer.WorkflowStepTagStepDetailsTagArray{\n\t\t\t\t\t\t\t\u0026transfer.WorkflowStepTagStepDetailsTagArgs{\n\t\t\t\t\t\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"Hello World\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tType: pulumi.String(\"TAG\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.Workflow;\nimport com.pulumi.aws.transfer.WorkflowArgs;\nimport com.pulumi.aws.transfer.inputs.WorkflowStepArgs;\nimport com.pulumi.aws.transfer.inputs.WorkflowStepCustomStepDetailsArgs;\nimport com.pulumi.aws.transfer.inputs.WorkflowStepTagStepDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Workflow(\"example\", WorkflowArgs.builder()\n .steps( \n WorkflowStepArgs.builder()\n .customStepDetails(WorkflowStepCustomStepDetailsArgs.builder()\n .name(\"example\")\n .sourceFileLocation(\"${original.file}\")\n .target(exampleAwsLambdaFunction.arn())\n .timeoutSeconds(60)\n .build())\n .type(\"CUSTOM\")\n .build(),\n WorkflowStepArgs.builder()\n .tagStepDetails(WorkflowStepTagStepDetailsArgs.builder()\n .name(\"example\")\n .sourceFileLocation(\"${original.file}\")\n .tags(WorkflowStepTagStepDetailsTagArgs.builder()\n .key(\"Name\")\n .value(\"Hello World\")\n .build())\n .build())\n .type(\"TAG\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:transfer:Workflow\n properties:\n steps:\n - customStepDetails:\n name: example\n sourceFileLocation: ${original.file}\n target: ${exampleAwsLambdaFunction.arn}\n timeoutSeconds: 60\n type: CUSTOM\n - tagStepDetails:\n name: example\n sourceFileLocation: ${original.file}\n tags:\n - key: Name\n value: Hello World\n type: TAG\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer Workflows using the `worflow_id`. For example:\n\n```sh\n$ pulumi import aws:transfer/workflow:Workflow example example\n```\n", "properties": { "arn": { "type": "string", "description": "The Workflow ARN.\n" }, "description": { "type": "string", "description": "A textual description for the workflow.\n" }, "onExceptionSteps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStep:WorkflowOnExceptionStep" }, "description": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow. See Workflow Steps below.\n" }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowStep:WorkflowStep" }, "description": "Specifies the details for the steps that are in the specified workflow. See Workflow Steps below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "steps", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A textual description for the workflow.\n", "willReplaceOnChanges": true }, "onExceptionSteps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStep:WorkflowOnExceptionStep" }, "description": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow. See Workflow Steps below.\n", "willReplaceOnChanges": true }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowStep:WorkflowStep" }, "description": "Specifies the details for the steps that are in the specified workflow. See Workflow Steps below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "steps" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workflow resources.\n", "properties": { "arn": { "type": "string", "description": "The Workflow ARN.\n" }, "description": { "type": "string", "description": "A textual description for the workflow.\n", "willReplaceOnChanges": true }, "onExceptionSteps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowOnExceptionStep:WorkflowOnExceptionStep" }, "description": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow. See Workflow Steps below.\n", "willReplaceOnChanges": true }, "steps": { "type": "array", "items": { "$ref": "#/types/aws:transfer/WorkflowStep:WorkflowStep" }, "description": "Specifies the details for the steps that are in the specified workflow. See Workflow Steps below.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:verifiedaccess/endpoint:Endpoint": { "description": "Resource for managing an AWS EC2 (Elastic Compute Cloud) Verified Access Endpoint.\n\n## Example Usage\n\n### ALB Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Endpoint(\"example\", {\n applicationDomain: \"example.com\",\n attachmentType: \"vpc\",\n description: \"example\",\n domainCertificateArn: exampleAwsAcmCertificate.arn,\n endpointDomainPrefix: \"example\",\n endpointType: \"load-balancer\",\n loadBalancerOptions: {\n loadBalancerArn: exampleAwsLb.arn,\n port: 443,\n protocol: \"https\",\n subnetIds: .map(subnet =\u003e (subnet.id)),\n },\n securityGroupIds: [exampleAwsSecurityGroup.id],\n verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Endpoint(\"example\",\n application_domain=\"example.com\",\n attachment_type=\"vpc\",\n description=\"example\",\n domain_certificate_arn=example_aws_acm_certificate[\"arn\"],\n endpoint_domain_prefix=\"example\",\n endpoint_type=\"load-balancer\",\n load_balancer_options={\n \"load_balancer_arn\": example_aws_lb[\"arn\"],\n \"port\": 443,\n \"protocol\": \"https\",\n \"subnet_ids\": [subnet[\"id\"] for subnet in public],\n },\n security_group_ids=[example_aws_security_group[\"id\"]],\n verified_access_group_id=example_aws_verifiedaccess_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Endpoint(\"example\", new()\n {\n ApplicationDomain = \"example.com\",\n AttachmentType = \"vpc\",\n Description = \"example\",\n DomainCertificateArn = exampleAwsAcmCertificate.Arn,\n EndpointDomainPrefix = \"example\",\n EndpointType = \"load-balancer\",\n LoadBalancerOptions = new Aws.VerifiedAccess.Inputs.EndpointLoadBalancerOptionsArgs\n {\n LoadBalancerArn = exampleAwsLb.Arn,\n Port = 443,\n Protocol = \"https\",\n SubnetIds = .Select(subnet =\u003e \n {\n return subnet.Id;\n }).ToList(),\n },\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Interface Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Endpoint(\"example\", {\n applicationDomain: \"example.com\",\n attachmentType: \"vpc\",\n description: \"example\",\n domainCertificateArn: exampleAwsAcmCertificate.arn,\n endpointDomainPrefix: \"example\",\n endpointType: \"network-interface\",\n networkInterfaceOptions: {\n networkInterfaceId: exampleAwsNetworkInterface.id,\n port: 443,\n protocol: \"https\",\n },\n securityGroupIds: [exampleAwsSecurityGroup.id],\n verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Endpoint(\"example\",\n application_domain=\"example.com\",\n attachment_type=\"vpc\",\n description=\"example\",\n domain_certificate_arn=example_aws_acm_certificate[\"arn\"],\n endpoint_domain_prefix=\"example\",\n endpoint_type=\"network-interface\",\n network_interface_options={\n \"network_interface_id\": example_aws_network_interface[\"id\"],\n \"port\": 443,\n \"protocol\": \"https\",\n },\n security_group_ids=[example_aws_security_group[\"id\"]],\n verified_access_group_id=example_aws_verifiedaccess_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Endpoint(\"example\", new()\n {\n ApplicationDomain = \"example.com\",\n AttachmentType = \"vpc\",\n Description = \"example\",\n DomainCertificateArn = exampleAwsAcmCertificate.Arn,\n EndpointDomainPrefix = \"example\",\n EndpointType = \"network-interface\",\n NetworkInterfaceOptions = new Aws.VerifiedAccess.Inputs.EndpointNetworkInterfaceOptionsArgs\n {\n NetworkInterfaceId = exampleAwsNetworkInterface.Id,\n Port = 443,\n Protocol = \"https\",\n },\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewEndpoint(ctx, \"example\", \u0026verifiedaccess.EndpointArgs{\n\t\t\tApplicationDomain: pulumi.String(\"example.com\"),\n\t\t\tAttachmentType: pulumi.String(\"vpc\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDomainCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),\n\t\t\tEndpointDomainPrefix: pulumi.String(\"example\"),\n\t\t\tEndpointType: pulumi.String(\"network-interface\"),\n\t\t\tNetworkInterfaceOptions: \u0026verifiedaccess.EndpointNetworkInterfaceOptionsArgs{\n\t\t\t\tNetworkInterfaceId: pulumi.Any(exampleAwsNetworkInterface.Id),\n\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\tProtocol: pulumi.String(\"https\"),\n\t\t\t},\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tVerifiedAccessGroupId: pulumi.Any(exampleAwsVerifiedaccessGroup.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.Endpoint;\nimport com.pulumi.aws.verifiedaccess.EndpointArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.EndpointNetworkInterfaceOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Endpoint(\"example\", EndpointArgs.builder()\n .applicationDomain(\"example.com\")\n .attachmentType(\"vpc\")\n .description(\"example\")\n .domainCertificateArn(exampleAwsAcmCertificate.arn())\n .endpointDomainPrefix(\"example\")\n .endpointType(\"network-interface\")\n .networkInterfaceOptions(EndpointNetworkInterfaceOptionsArgs.builder()\n .networkInterfaceId(exampleAwsNetworkInterface.id())\n .port(443)\n .protocol(\"https\")\n .build())\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .verifiedAccessGroupId(exampleAwsVerifiedaccessGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:Endpoint\n properties:\n applicationDomain: example.com\n attachmentType: vpc\n description: example\n domainCertificateArn: ${exampleAwsAcmCertificate.arn}\n endpointDomainPrefix: example\n endpointType: network-interface\n networkInterfaceOptions:\n networkInterfaceId: ${exampleAwsNetworkInterface.id}\n port: 443\n protocol: https\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n verifiedAccessGroupId: ${exampleAwsVerifiedaccessGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Access Instances using the `id`. For example:\n\n```sh\n$ pulumi import aws:verifiedaccess/endpoint:Endpoint example vae-8012925589\n```\n", "properties": { "applicationDomain": { "type": "string", "description": "The DNS name for users to reach your application.\n" }, "attachmentType": { "type": "string", "description": "The type of attachment. Currently, only `vpc` is supported.\n" }, "description": { "type": "string", "description": "A description for the Verified Access endpoint.\n" }, "deviceValidationDomain": { "type": "string", "description": "Returned if endpoint has a device trust provider attached.\n" }, "domainCertificateArn": { "type": "string", "description": "The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.\n" }, "endpointDomain": { "type": "string", "description": "A DNS name that is generated for the endpoint.\n" }, "endpointDomainPrefix": { "type": "string", "description": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.\n" }, "endpointType": { "type": "string", "description": "The type of Verified Access endpoint to create. Currently `load-balancer` or `network-interface` are supported.\n" }, "loadBalancerOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointLoadBalancerOptions:EndpointLoadBalancerOptions", "description": "The load balancer details. This parameter is required if the endpoint type is `load-balancer`.\n" }, "networkInterfaceOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointNetworkInterfaceOptions:EndpointNetworkInterfaceOptions", "description": "The network interface details. This parameter is required if the endpoint type is `network-interface`.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of the the security groups IDs to associate with the Verified Access endpoint.\n" }, "sseSpecification": { "$ref": "#/types/aws:verifiedaccess/EndpointSseSpecification:EndpointSseSpecification", "description": "The options in use for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Verified Access Endpoint. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedAccessGroupId": { "type": "string", "description": "The ID of the Verified Access group to associate the endpoint with.\n\nThe following arguments are optional:\n" }, "verifiedAccessInstanceId": { "type": "string" } }, "required": [ "applicationDomain", "attachmentType", "deviceValidationDomain", "domainCertificateArn", "endpointDomain", "endpointDomainPrefix", "endpointType", "sseSpecification", "tagsAll", "verifiedAccessGroupId", "verifiedAccessInstanceId" ], "inputProperties": { "applicationDomain": { "type": "string", "description": "The DNS name for users to reach your application.\n", "willReplaceOnChanges": true }, "attachmentType": { "type": "string", "description": "The type of attachment. Currently, only `vpc` is supported.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the Verified Access endpoint.\n" }, "domainCertificateArn": { "type": "string", "description": "The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.\n", "willReplaceOnChanges": true }, "endpointDomainPrefix": { "type": "string", "description": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "The type of Verified Access endpoint to create. Currently `load-balancer` or `network-interface` are supported.\n", "willReplaceOnChanges": true }, "loadBalancerOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointLoadBalancerOptions:EndpointLoadBalancerOptions", "description": "The load balancer details. This parameter is required if the endpoint type is `load-balancer`.\n" }, "networkInterfaceOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointNetworkInterfaceOptions:EndpointNetworkInterfaceOptions", "description": "The network interface details. This parameter is required if the endpoint type is `network-interface`.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of the the security groups IDs to associate with the Verified Access endpoint.\n", "willReplaceOnChanges": true }, "sseSpecification": { "$ref": "#/types/aws:verifiedaccess/EndpointSseSpecification:EndpointSseSpecification", "description": "The options in use for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Verified Access Endpoint. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "verifiedAccessGroupId": { "type": "string", "description": "The ID of the Verified Access group to associate the endpoint with.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "applicationDomain", "attachmentType", "domainCertificateArn", "endpointDomainPrefix", "endpointType", "verifiedAccessGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Endpoint resources.\n", "properties": { "applicationDomain": { "type": "string", "description": "The DNS name for users to reach your application.\n", "willReplaceOnChanges": true }, "attachmentType": { "type": "string", "description": "The type of attachment. Currently, only `vpc` is supported.\n", "willReplaceOnChanges": true }, "description": { "type": "string", "description": "A description for the Verified Access endpoint.\n" }, "deviceValidationDomain": { "type": "string", "description": "Returned if endpoint has a device trust provider attached.\n" }, "domainCertificateArn": { "type": "string", "description": "The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.\n", "willReplaceOnChanges": true }, "endpointDomain": { "type": "string", "description": "A DNS name that is generated for the endpoint.\n" }, "endpointDomainPrefix": { "type": "string", "description": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.\n", "willReplaceOnChanges": true }, "endpointType": { "type": "string", "description": "The type of Verified Access endpoint to create. Currently `load-balancer` or `network-interface` are supported.\n", "willReplaceOnChanges": true }, "loadBalancerOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointLoadBalancerOptions:EndpointLoadBalancerOptions", "description": "The load balancer details. This parameter is required if the endpoint type is `load-balancer`.\n" }, "networkInterfaceOptions": { "$ref": "#/types/aws:verifiedaccess/EndpointNetworkInterfaceOptions:EndpointNetworkInterfaceOptions", "description": "The network interface details. This parameter is required if the endpoint type is `network-interface`.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "List of the the security groups IDs to associate with the Verified Access endpoint.\n", "willReplaceOnChanges": true }, "sseSpecification": { "$ref": "#/types/aws:verifiedaccess/EndpointSseSpecification:EndpointSseSpecification", "description": "The options in use for server side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Verified Access Endpoint. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedAccessGroupId": { "type": "string", "description": "The ID of the Verified Access group to associate the endpoint with.\n\nThe following arguments are optional:\n" }, "verifiedAccessInstanceId": { "type": "string" } }, "type": "object" } }, "aws:verifiedaccess/group:Group": { "description": "Resource for managing a Verified Access Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Group(\"example\", {verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Group(\"example\", verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Group(\"example\", new()\n {\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewGroup(ctx, \"example\", \u0026verifiedaccess.GroupArgs{\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.Group;\nimport com.pulumi.aws.verifiedaccess.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:Group\n properties:\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n testKey:\n type: aws:kms:Key\n name: test_key\n properties:\n description: KMS key for Verified Access Group test\n test:\n type: aws:verifiedaccess:Group\n properties:\n verifiedaccessInstanceId: ${testAwsVerifiedaccessInstanceTrustProviderAttachment.verifiedaccessInstanceId}\n serverSideEncryptionConfiguration:\n - kmsKeyArn: ${testKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "creationTime": { "type": "string", "description": "Timestamp when the access group was created.\n" }, "deletionTime": { "type": "string", "description": "Timestamp when the access group was deleted.\n" }, "description": { "type": "string", "description": "Description of the verified access group.\n" }, "lastUpdatedTime": { "type": "string", "description": "Timestamp when the access group was last updated.\n" }, "owner": { "type": "string", "description": "AWS account number owning this resource.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "sseConfiguration": { "$ref": "#/types/aws:verifiedaccess/GroupSseConfiguration:GroupSseConfiguration", "description": "Configuration block to use KMS keys for server-side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedaccessGroupArn": { "type": "string", "description": "ARN of this verified acess group.\n" }, "verifiedaccessGroupId": { "type": "string", "description": "ID of this verified access group.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The id of the verified access instance this group is associated with.\n\nThe following arguments are optional:\n" } }, "required": [ "creationTime", "deletionTime", "description", "lastUpdatedTime", "owner", "sseConfiguration", "tagsAll", "verifiedaccessGroupArn", "verifiedaccessGroupId", "verifiedaccessInstanceId" ], "inputProperties": { "description": { "type": "string", "description": "Description of the verified access group.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "sseConfiguration": { "$ref": "#/types/aws:verifiedaccess/GroupSseConfiguration:GroupSseConfiguration", "description": "Configuration block to use KMS keys for server-side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The id of the verified access instance this group is associated with.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "verifiedaccessInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "creationTime": { "type": "string", "description": "Timestamp when the access group was created.\n" }, "deletionTime": { "type": "string", "description": "Timestamp when the access group was deleted.\n" }, "description": { "type": "string", "description": "Description of the verified access group.\n" }, "lastUpdatedTime": { "type": "string", "description": "Timestamp when the access group was last updated.\n" }, "owner": { "type": "string", "description": "AWS account number owning this resource.\n" }, "policyDocument": { "type": "string", "description": "The policy document that is associated with this resource.\n" }, "sseConfiguration": { "$ref": "#/types/aws:verifiedaccess/GroupSseConfiguration:GroupSseConfiguration", "description": "Configuration block to use KMS keys for server-side encryption.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedaccessGroupArn": { "type": "string", "description": "ARN of this verified acess group.\n" }, "verifiedaccessGroupId": { "type": "string", "description": "ID of this verified access group.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The id of the verified access instance this group is associated with.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:verifiedaccess/instance:Instance": { "description": "Resource for managing a Verified Access Instance.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Instance(\"example\", {\n description: \"example\",\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Instance(\"example\",\n description=\"example\",\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Instance(\"example\", new()\n {\n Description = \"example\",\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstance(ctx, \"example\", \u0026verifiedaccess.InstanceArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.Instance;\nimport com.pulumi.aws.verifiedaccess.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Instance(\"example\", InstanceArgs.builder()\n .description(\"example\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:Instance\n properties:\n description: example\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `fips_enabled`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Instance(\"example\", {fipsEnabled: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Instance(\"example\", fips_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Instance(\"example\", new()\n {\n FipsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstance(ctx, \"example\", \u0026verifiedaccess.InstanceArgs{\n\t\t\tFipsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.Instance;\nimport com.pulumi.aws.verifiedaccess.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Instance(\"example\", InstanceArgs.builder()\n .fipsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:Instance\n properties:\n fipsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Access Instances using the `id`. For example:\n\n```sh\n$ pulumi import aws:verifiedaccess/instance:Instance example vai-1234567890abcdef0\n```\n", "properties": { "creationTime": { "type": "string", "description": "The time that the Verified Access Instance was created.\n" }, "description": { "type": "string", "description": "A description for the AWS Verified Access Instance.\n" }, "fipsEnabled": { "type": "boolean", "description": "Enable or disable support for Federal Information Processing Standards (FIPS) on the AWS Verified Access Instance.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the Verified Access Instance was last updated.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedAccessTrustProviders": { "type": "array", "items": { "$ref": "#/types/aws:verifiedaccess/InstanceVerifiedAccessTrustProvider:InstanceVerifiedAccessTrustProvider" }, "description": "One or more blocks of providing information about the AWS Verified Access Trust Providers. See verified_access_trust_providers below for details.One or more blocks\n" } }, "required": [ "creationTime", "lastUpdatedTime", "tagsAll", "verifiedAccessTrustProviders" ], "inputProperties": { "description": { "type": "string", "description": "A description for the AWS Verified Access Instance.\n" }, "fipsEnabled": { "type": "boolean", "description": "Enable or disable support for Federal Information Processing Standards (FIPS) on the AWS Verified Access Instance.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Instance resources.\n", "properties": { "creationTime": { "type": "string", "description": "The time that the Verified Access Instance was created.\n" }, "description": { "type": "string", "description": "A description for the AWS Verified Access Instance.\n" }, "fipsEnabled": { "type": "boolean", "description": "Enable or disable support for Federal Information Processing Standards (FIPS) on the AWS Verified Access Instance.\n", "willReplaceOnChanges": true }, "lastUpdatedTime": { "type": "string", "description": "The time that the Verified Access Instance was last updated.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "verifiedAccessTrustProviders": { "type": "array", "items": { "$ref": "#/types/aws:verifiedaccess/InstanceVerifiedAccessTrustProvider:InstanceVerifiedAccessTrustProvider" }, "description": "One or more blocks of providing information about the AWS Verified Access Trust Providers. See verified_access_trust_providers below for details.One or more blocks\n" } }, "type": "object" } }, "aws:verifiedaccess/instanceLoggingConfiguration:InstanceLoggingConfiguration": { "description": "Resource for managing a Verified Access Logging Configuration.\n\n## Example Usage\n\n### With CloudWatch Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n cloudwatchLogs: {\n enabled: true,\n logGroup: exampleAwsCloudwatchLogGroup.id,\n },\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"cloudwatch_logs\": {\n \"enabled\": True,\n \"log_group\": example_aws_cloudwatch_log_group[\"id\"],\n },\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n CloudwatchLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs\n {\n Enabled = true,\n LogGroup = exampleAwsCloudwatchLogGroup.Id,\n },\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tCloudwatchLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tLogGroup: pulumi.Any(exampleAwsCloudwatchLogGroup.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .cloudwatchLogs(InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs.builder()\n .enabled(true)\n .logGroup(exampleAwsCloudwatchLogGroup.id())\n .build())\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n cloudwatchLogs:\n enabled: true\n logGroup: ${exampleAwsCloudwatchLogGroup.id}\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Kinesis Data Firehose Logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n kinesisDataFirehose: {\n deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,\n enabled: true,\n },\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"kinesis_data_firehose\": {\n \"delivery_stream\": example_aws_kinesis_firehose_delivery_stream[\"name\"],\n \"enabled\": True,\n },\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n KinesisDataFirehose = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs\n {\n DeliveryStream = exampleAwsKinesisFirehoseDeliveryStream.Name,\n Enabled = true,\n },\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tKinesisDataFirehose: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs{\n\t\t\t\t\tDeliveryStream: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .kinesisDataFirehose(InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs.builder()\n .deliveryStream(exampleAwsKinesisFirehoseDeliveryStream.name())\n .enabled(true)\n .build())\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n kinesisDataFirehose:\n deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}\n enabled: true\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With S3 logging\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n s3: {\n bucketName: exampleAwsS3Bucket.id,\n enabled: true,\n prefix: \"example\",\n },\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"s3\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"enabled\": True,\n \"prefix\": \"example\",\n },\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n S3 = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsS3Args\n {\n BucketName = exampleAwsS3Bucket.Id,\n Enabled = true,\n Prefix = \"example\",\n },\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tS3: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsS3Args{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tPrefix: pulumi.String(\"example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .s3(InstanceLoggingConfigurationAccessLogsS3Args.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .enabled(true)\n .prefix(\"example\")\n .build())\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n s3:\n bucketName: ${exampleAwsS3Bucket.id}\n enabled: true\n prefix: example\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With all three logging options\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n cloudwatchLogs: {\n enabled: true,\n logGroup: exampleAwsCloudwatchLogGroup.id,\n },\n kinesisDataFirehose: {\n deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,\n enabled: true,\n },\n s3: {\n bucketName: exampleAwsS3Bucket.id,\n enabled: true,\n },\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"cloudwatch_logs\": {\n \"enabled\": True,\n \"log_group\": example_aws_cloudwatch_log_group[\"id\"],\n },\n \"kinesis_data_firehose\": {\n \"delivery_stream\": example_aws_kinesis_firehose_delivery_stream[\"name\"],\n \"enabled\": True,\n },\n \"s3\": {\n \"bucket_name\": example_aws_s3_bucket[\"id\"],\n \"enabled\": True,\n },\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n CloudwatchLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs\n {\n Enabled = true,\n LogGroup = exampleAwsCloudwatchLogGroup.Id,\n },\n KinesisDataFirehose = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs\n {\n DeliveryStream = exampleAwsKinesisFirehoseDeliveryStream.Name,\n Enabled = true,\n },\n S3 = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsS3Args\n {\n BucketName = exampleAwsS3Bucket.Id,\n Enabled = true,\n },\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tCloudwatchLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tLogGroup: pulumi.Any(exampleAwsCloudwatchLogGroup.Id),\n\t\t\t\t},\n\t\t\t\tKinesisDataFirehose: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs{\n\t\t\t\t\tDeliveryStream: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tS3: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsS3Args{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsS3Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .cloudwatchLogs(InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs.builder()\n .enabled(true)\n .logGroup(exampleAwsCloudwatchLogGroup.id())\n .build())\n .kinesisDataFirehose(InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs.builder()\n .deliveryStream(exampleAwsKinesisFirehoseDeliveryStream.name())\n .enabled(true)\n .build())\n .s3(InstanceLoggingConfigurationAccessLogsS3Args.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .enabled(true)\n .build())\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n cloudwatchLogs:\n enabled: true\n logGroup: ${exampleAwsCloudwatchLogGroup.id}\n kinesisDataFirehose:\n deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}\n enabled: true\n s3:\n bucketName: ${exampleAwsS3Bucket.id}\n enabled: true\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `include_trust_context`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n includeTrustContext: true,\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"include_trust_context\": True,\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n IncludeTrustContext = true,\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tIncludeTrustContext: pulumi.Bool(true),\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .includeTrustContext(true)\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n includeTrustContext: true\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `log_version`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.InstanceLoggingConfiguration(\"example\", {\n accessLogs: {\n logVersion: \"ocsf-1.0.0-rc.2\",\n },\n verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.InstanceLoggingConfiguration(\"example\",\n access_logs={\n \"log_version\": \"ocsf-1.0.0-rc.2\",\n },\n verifiedaccess_instance_id=example_aws_verifiedaccess_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration(\"example\", new()\n {\n AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs\n {\n LogVersion = \"ocsf-1.0.0-rc.2\",\n },\n VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, \"example\", \u0026verifiedaccess.InstanceLoggingConfigurationArgs{\n\t\t\tAccessLogs: \u0026verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{\n\t\t\t\tLogVersion: pulumi.String(\"ocsf-1.0.0-rc.2\"),\n\t\t\t},\n\t\t\tVerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;\nimport com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new InstanceLoggingConfiguration(\"example\", InstanceLoggingConfigurationArgs.builder()\n .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()\n .logVersion(\"ocsf-1.0.0-rc.2\")\n .build())\n .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:InstanceLoggingConfiguration\n properties:\n accessLogs:\n logVersion: ocsf-1.0.0-rc.2\n verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Access Logging Configuration using the Verified Access Instance `id`. For example:\n\n```sh\n$ pulumi import aws:verifiedaccess/instanceLoggingConfiguration:InstanceLoggingConfiguration example vai-1234567890abcdef0\n```\n", "properties": { "accessLogs": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogs:InstanceLoggingConfigurationAccessLogs", "description": "A block that specifies the configuration options for Verified Access instances. Detailed below.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance.\n" } }, "required": [ "accessLogs", "verifiedaccessInstanceId" ], "inputProperties": { "accessLogs": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogs:InstanceLoggingConfigurationAccessLogs", "description": "A block that specifies the configuration options for Verified Access instances. Detailed below.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "accessLogs", "verifiedaccessInstanceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceLoggingConfiguration resources.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:verifiedaccess/InstanceLoggingConfigurationAccessLogs:InstanceLoggingConfigurationAccessLogs", "description": "A block that specifies the configuration options for Verified Access instances. Detailed below.\n" }, "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:verifiedaccess/instanceTrustProviderAttachment:InstanceTrustProviderAttachment": { "description": "Resource for managing a Verified Access Instance Trust Provider Attachment.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.Instance(\"example\", {});\nconst exampleTrustProvider = new aws.verifiedaccess.TrustProvider(\"example\", {\n deviceTrustProviderType: \"jamf\",\n policyReferenceName: \"example\",\n trustProviderType: \"device\",\n deviceOptions: {\n tenantId: \"example\",\n },\n});\nconst exampleInstanceTrustProviderAttachment = new aws.verifiedaccess.InstanceTrustProviderAttachment(\"example\", {\n verifiedaccessInstanceId: example.id,\n verifiedaccessTrustProviderId: exampleTrustProvider.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.Instance(\"example\")\nexample_trust_provider = aws.verifiedaccess.TrustProvider(\"example\",\n device_trust_provider_type=\"jamf\",\n policy_reference_name=\"example\",\n trust_provider_type=\"device\",\n device_options={\n \"tenant_id\": \"example\",\n })\nexample_instance_trust_provider_attachment = aws.verifiedaccess.InstanceTrustProviderAttachment(\"example\",\n verifiedaccess_instance_id=example.id,\n verifiedaccess_trust_provider_id=example_trust_provider.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.Instance(\"example\");\n\n var exampleTrustProvider = new Aws.VerifiedAccess.TrustProvider(\"example\", new()\n {\n DeviceTrustProviderType = \"jamf\",\n PolicyReferenceName = \"example\",\n TrustProviderType = \"device\",\n DeviceOptions = new Aws.VerifiedAccess.Inputs.TrustProviderDeviceOptionsArgs\n {\n TenantId = \"example\",\n },\n });\n\n var exampleInstanceTrustProviderAttachment = new Aws.VerifiedAccess.InstanceTrustProviderAttachment(\"example\", new()\n {\n VerifiedaccessInstanceId = example.Id,\n VerifiedaccessTrustProviderId = exampleTrustProvider.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := verifiedaccess.NewInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTrustProvider, err := verifiedaccess.NewTrustProvider(ctx, \"example\", \u0026verifiedaccess.TrustProviderArgs{\n\t\t\tDeviceTrustProviderType: pulumi.String(\"jamf\"),\n\t\t\tPolicyReferenceName: pulumi.String(\"example\"),\n\t\t\tTrustProviderType: pulumi.String(\"device\"),\n\t\t\tDeviceOptions: \u0026verifiedaccess.TrustProviderDeviceOptionsArgs{\n\t\t\t\tTenantId: pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = verifiedaccess.NewInstanceTrustProviderAttachment(ctx, \"example\", \u0026verifiedaccess.InstanceTrustProviderAttachmentArgs{\n\t\t\tVerifiedaccessInstanceId: example.ID(),\n\t\t\tVerifiedaccessTrustProviderId: exampleTrustProvider.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.Instance;\nimport com.pulumi.aws.verifiedaccess.TrustProvider;\nimport com.pulumi.aws.verifiedaccess.TrustProviderArgs;\nimport com.pulumi.aws.verifiedaccess.inputs.TrustProviderDeviceOptionsArgs;\nimport com.pulumi.aws.verifiedaccess.InstanceTrustProviderAttachment;\nimport com.pulumi.aws.verifiedaccess.InstanceTrustProviderAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Instance(\"example\");\n\n var exampleTrustProvider = new TrustProvider(\"exampleTrustProvider\", TrustProviderArgs.builder()\n .deviceTrustProviderType(\"jamf\")\n .policyReferenceName(\"example\")\n .trustProviderType(\"device\")\n .deviceOptions(TrustProviderDeviceOptionsArgs.builder()\n .tenantId(\"example\")\n .build())\n .build());\n\n var exampleInstanceTrustProviderAttachment = new InstanceTrustProviderAttachment(\"exampleInstanceTrustProviderAttachment\", InstanceTrustProviderAttachmentArgs.builder()\n .verifiedaccessInstanceId(example.id())\n .verifiedaccessTrustProviderId(exampleTrustProvider.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:Instance\n exampleTrustProvider:\n type: aws:verifiedaccess:TrustProvider\n name: example\n properties:\n deviceTrustProviderType: jamf\n policyReferenceName: example\n trustProviderType: device\n deviceOptions:\n tenantId: example\n exampleInstanceTrustProviderAttachment:\n type: aws:verifiedaccess:InstanceTrustProviderAttachment\n name: example\n properties:\n verifiedaccessInstanceId: ${example.id}\n verifiedaccessTrustProviderId: ${exampleTrustProvider.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Access Instance Trust Provider Attachments using the `verifiedaccess_instance_id` and `verifiedaccess_trust_provider_id` separated by a forward slash (`/`). For example:\n\n```sh\n$ pulumi import aws:verifiedaccess/instanceTrustProviderAttachment:InstanceTrustProviderAttachment example vai-1234567890abcdef0/vatp-8012925589\n```\n", "properties": { "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance to attach the Trust Provider to.\n" }, "verifiedaccessTrustProviderId": { "type": "string", "description": "The ID of the Verified Access trust provider.\n" } }, "required": [ "verifiedaccessInstanceId", "verifiedaccessTrustProviderId" ], "inputProperties": { "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance to attach the Trust Provider to.\n", "willReplaceOnChanges": true }, "verifiedaccessTrustProviderId": { "type": "string", "description": "The ID of the Verified Access trust provider.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "verifiedaccessInstanceId", "verifiedaccessTrustProviderId" ], "stateInputs": { "description": "Input properties used for looking up and filtering InstanceTrustProviderAttachment resources.\n", "properties": { "verifiedaccessInstanceId": { "type": "string", "description": "The ID of the Verified Access instance to attach the Trust Provider to.\n", "willReplaceOnChanges": true }, "verifiedaccessTrustProviderId": { "type": "string", "description": "The ID of the Verified Access trust provider.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:verifiedaccess/trustProvider:TrustProvider": { "description": "Resource for managing a Verified Access Trust Provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedaccess.TrustProvider(\"example\", {\n policyReferenceName: \"example\",\n trustProviderType: \"user\",\n userTrustProviderType: \"iam-identity-center\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedaccess.TrustProvider(\"example\",\n policy_reference_name=\"example\",\n trust_provider_type=\"user\",\n user_trust_provider_type=\"iam-identity-center\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedAccess.TrustProvider(\"example\", new()\n {\n PolicyReferenceName = \"example\",\n TrustProviderType = \"user\",\n UserTrustProviderType = \"iam-identity-center\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedaccess.NewTrustProvider(ctx, \"example\", \u0026verifiedaccess.TrustProviderArgs{\n\t\t\tPolicyReferenceName: pulumi.String(\"example\"),\n\t\t\tTrustProviderType: pulumi.String(\"user\"),\n\t\t\tUserTrustProviderType: pulumi.String(\"iam-identity-center\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedaccess.TrustProvider;\nimport com.pulumi.aws.verifiedaccess.TrustProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TrustProvider(\"example\", TrustProviderArgs.builder()\n .policyReferenceName(\"example\")\n .trustProviderType(\"user\")\n .userTrustProviderType(\"iam-identity-center\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedaccess:TrustProvider\n properties:\n policyReferenceName: example\n trustProviderType: user\n userTrustProviderType: iam-identity-center\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transfer Workflows using the `id`. For example:\n\n```sh\n$ pulumi import aws:verifiedaccess/trustProvider:TrustProvider example vatp-8012925589\n```\n", "properties": { "description": { "type": "string", "description": "A description for the AWS Verified Access trust provider.\n" }, "deviceOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderDeviceOptions:TrustProviderDeviceOptions", "description": "A block of options for device identity based trust providers.\n" }, "deviceTrustProviderType": { "type": "string", "description": "The type of device-based trust provider.\n" }, "oidcOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderOidcOptions:TrustProviderOidcOptions", "description": "The OpenID Connect details for an oidc-type, user-identity based trust provider.\n" }, "policyReferenceName": { "type": "string", "description": "The identifier to be used when working with policy rules.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "trustProviderType": { "type": "string", "description": "The type of trust provider can be either user or device-based.\n\nThe following arguments are optional:\n" }, "userTrustProviderType": { "type": "string", "description": "The type of user-based trust provider.\n" } }, "required": [ "policyReferenceName", "tagsAll", "trustProviderType" ], "inputProperties": { "description": { "type": "string", "description": "A description for the AWS Verified Access trust provider.\n" }, "deviceOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderDeviceOptions:TrustProviderDeviceOptions", "description": "A block of options for device identity based trust providers.\n", "willReplaceOnChanges": true }, "deviceTrustProviderType": { "type": "string", "description": "The type of device-based trust provider.\n", "willReplaceOnChanges": true }, "oidcOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderOidcOptions:TrustProviderOidcOptions", "description": "The OpenID Connect details for an oidc-type, user-identity based trust provider.\n" }, "policyReferenceName": { "type": "string", "description": "The identifier to be used when working with policy rules.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "trustProviderType": { "type": "string", "description": "The type of trust provider can be either user or device-based.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userTrustProviderType": { "type": "string", "description": "The type of user-based trust provider.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policyReferenceName", "trustProviderType" ], "stateInputs": { "description": "Input properties used for looking up and filtering TrustProvider resources.\n", "properties": { "description": { "type": "string", "description": "A description for the AWS Verified Access trust provider.\n" }, "deviceOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderDeviceOptions:TrustProviderDeviceOptions", "description": "A block of options for device identity based trust providers.\n", "willReplaceOnChanges": true }, "deviceTrustProviderType": { "type": "string", "description": "The type of device-based trust provider.\n", "willReplaceOnChanges": true }, "oidcOptions": { "$ref": "#/types/aws:verifiedaccess/TrustProviderOidcOptions:TrustProviderOidcOptions", "description": "The OpenID Connect details for an oidc-type, user-identity based trust provider.\n" }, "policyReferenceName": { "type": "string", "description": "The identifier to be used when working with policy rules.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." }, "trustProviderType": { "type": "string", "description": "The type of trust provider can be either user or device-based.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "userTrustProviderType": { "type": "string", "description": "The type of user-based trust provider.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:verifiedpermissions/identitySource:IdentitySource": { "description": "Resource for managing an AWS Verified Permissions Identity Source.\n\n## Example Usage\n\n### Cognito User Pool Configuration Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedpermissions.PolicyStore(\"example\", {validationSettings: {\n mode: \"STRICT\",\n}});\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleUserPoolClient = new aws.cognito.UserPoolClient(\"example\", {\n name: \"example\",\n userPoolId: exampleUserPool.id,\n explicitAuthFlows: [\"ADMIN_NO_SRP_AUTH\"],\n});\nconst exampleIdentitySource = new aws.verifiedpermissions.IdentitySource(\"example\", {\n policyStoreId: example.id,\n configuration: {\n cognitoUserPoolConfiguration: {\n userPoolArn: exampleUserPool.arn,\n clientIds: [exampleUserPoolClient.id],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedpermissions.PolicyStore(\"example\", validation_settings={\n \"mode\": \"STRICT\",\n})\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_user_pool_client = aws.cognito.UserPoolClient(\"example\",\n name=\"example\",\n user_pool_id=example_user_pool.id,\n explicit_auth_flows=[\"ADMIN_NO_SRP_AUTH\"])\nexample_identity_source = aws.verifiedpermissions.IdentitySource(\"example\",\n policy_store_id=example.id,\n configuration={\n \"cognito_user_pool_configuration\": {\n \"user_pool_arn\": example_user_pool.arn,\n \"client_ids\": [example_user_pool_client.id],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedPermissions.PolicyStore(\"example\", new()\n {\n ValidationSettings = new Aws.VerifiedPermissions.Inputs.PolicyStoreValidationSettingsArgs\n {\n Mode = \"STRICT\",\n },\n });\n\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleUserPoolClient = new Aws.Cognito.UserPoolClient(\"example\", new()\n {\n Name = \"example\",\n UserPoolId = exampleUserPool.Id,\n ExplicitAuthFlows = new[]\n {\n \"ADMIN_NO_SRP_AUTH\",\n },\n });\n\n var exampleIdentitySource = new Aws.VerifiedPermissions.IdentitySource(\"example\", new()\n {\n PolicyStoreId = example.Id,\n Configuration = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationArgs\n {\n CognitoUserPoolConfiguration = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationCognitoUserPoolConfigurationArgs\n {\n UserPoolArn = exampleUserPool.Arn,\n ClientIds = new[]\n {\n exampleUserPoolClient.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := verifiedpermissions.NewPolicyStore(ctx, \"example\", \u0026verifiedpermissions.PolicyStoreArgs{\n\t\t\tValidationSettings: \u0026verifiedpermissions.PolicyStoreValidationSettingsArgs{\n\t\t\t\tMode: pulumi.String(\"STRICT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleUserPoolClient, err := cognito.NewUserPoolClient(ctx, \"example\", \u0026cognito.UserPoolClientArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t\tExplicitAuthFlows: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ADMIN_NO_SRP_AUTH\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = verifiedpermissions.NewIdentitySource(ctx, \"example\", \u0026verifiedpermissions.IdentitySourceArgs{\n\t\t\tPolicyStoreId: example.ID(),\n\t\t\tConfiguration: \u0026verifiedpermissions.IdentitySourceConfigurationArgs{\n\t\t\t\tCognitoUserPoolConfiguration: \u0026verifiedpermissions.IdentitySourceConfigurationCognitoUserPoolConfigurationArgs{\n\t\t\t\t\tUserPoolArn: exampleUserPool.Arn,\n\t\t\t\t\tClientIds: pulumi.StringArray{\n\t\t\t\t\t\texampleUserPoolClient.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.PolicyStore;\nimport com.pulumi.aws.verifiedpermissions.PolicyStoreArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.PolicyStoreValidationSettingsArgs;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolClientArgs;\nimport com.pulumi.aws.verifiedpermissions.IdentitySource;\nimport com.pulumi.aws.verifiedpermissions.IdentitySourceArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationCognitoUserPoolConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyStore(\"example\", PolicyStoreArgs.builder()\n .validationSettings(PolicyStoreValidationSettingsArgs.builder()\n .mode(\"STRICT\")\n .build())\n .build());\n\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleUserPoolClient = new UserPoolClient(\"exampleUserPoolClient\", UserPoolClientArgs.builder()\n .name(\"example\")\n .userPoolId(exampleUserPool.id())\n .explicitAuthFlows(\"ADMIN_NO_SRP_AUTH\")\n .build());\n\n var exampleIdentitySource = new IdentitySource(\"exampleIdentitySource\", IdentitySourceArgs.builder()\n .policyStoreId(example.id())\n .configuration(IdentitySourceConfigurationArgs.builder()\n .cognitoUserPoolConfiguration(IdentitySourceConfigurationCognitoUserPoolConfigurationArgs.builder()\n .userPoolArn(exampleUserPool.arn())\n .clientIds(exampleUserPoolClient.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedpermissions:PolicyStore\n properties:\n validationSettings:\n mode: STRICT\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example\n exampleUserPoolClient:\n type: aws:cognito:UserPoolClient\n name: example\n properties:\n name: example\n userPoolId: ${exampleUserPool.id}\n explicitAuthFlows:\n - ADMIN_NO_SRP_AUTH\n exampleIdentitySource:\n type: aws:verifiedpermissions:IdentitySource\n name: example\n properties:\n policyStoreId: ${example.id}\n configuration:\n cognitoUserPoolConfiguration:\n userPoolArn: ${exampleUserPool.arn}\n clientIds:\n - ${exampleUserPoolClient.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenID Connect Configuration Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedpermissions.PolicyStore(\"example\", {validationSettings: {\n mode: \"STRICT\",\n}});\nconst exampleIdentitySource = new aws.verifiedpermissions.IdentitySource(\"example\", {\n policyStoreId: example.id,\n configuration: {\n openIdConnectConfiguration: {\n issuer: \"https://auth.example.com\",\n tokenSelection: {\n accessTokenOnly: {\n audiences: [\"https://myapp.example.com\"],\n principalIdClaim: \"sub\",\n },\n },\n entityIdPrefix: \"MyOIDCProvider\",\n groupConfiguration: {\n groupClaim: \"groups\",\n groupEntityType: \"MyCorp::UserGroup\",\n },\n },\n },\n principalEntityType: \"MyCorp::User\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedpermissions.PolicyStore(\"example\", validation_settings={\n \"mode\": \"STRICT\",\n})\nexample_identity_source = aws.verifiedpermissions.IdentitySource(\"example\",\n policy_store_id=example.id,\n configuration={\n \"open_id_connect_configuration\": {\n \"issuer\": \"https://auth.example.com\",\n \"token_selection\": {\n \"access_token_only\": {\n \"audiences\": [\"https://myapp.example.com\"],\n \"principal_id_claim\": \"sub\",\n },\n },\n \"entity_id_prefix\": \"MyOIDCProvider\",\n \"group_configuration\": {\n \"group_claim\": \"groups\",\n \"group_entity_type\": \"MyCorp::UserGroup\",\n },\n },\n },\n principal_entity_type=\"MyCorp::User\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedPermissions.PolicyStore(\"example\", new()\n {\n ValidationSettings = new Aws.VerifiedPermissions.Inputs.PolicyStoreValidationSettingsArgs\n {\n Mode = \"STRICT\",\n },\n });\n\n var exampleIdentitySource = new Aws.VerifiedPermissions.IdentitySource(\"example\", new()\n {\n PolicyStoreId = example.Id,\n Configuration = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationArgs\n {\n OpenIdConnectConfiguration = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationOpenIdConnectConfigurationArgs\n {\n Issuer = \"https://auth.example.com\",\n TokenSelection = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionArgs\n {\n AccessTokenOnly = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnlyArgs\n {\n Audiences = new[]\n {\n \"https://myapp.example.com\",\n },\n PrincipalIdClaim = \"sub\",\n },\n },\n EntityIdPrefix = \"MyOIDCProvider\",\n GroupConfiguration = new Aws.VerifiedPermissions.Inputs.IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfigurationArgs\n {\n GroupClaim = \"groups\",\n GroupEntityType = \"MyCorp::UserGroup\",\n },\n },\n },\n PrincipalEntityType = \"MyCorp::User\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := verifiedpermissions.NewPolicyStore(ctx, \"example\", \u0026verifiedpermissions.PolicyStoreArgs{\n\t\t\tValidationSettings: \u0026verifiedpermissions.PolicyStoreValidationSettingsArgs{\n\t\t\t\tMode: pulumi.String(\"STRICT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = verifiedpermissions.NewIdentitySource(ctx, \"example\", \u0026verifiedpermissions.IdentitySourceArgs{\n\t\t\tPolicyStoreId: example.ID(),\n\t\t\tConfiguration: \u0026verifiedpermissions.IdentitySourceConfigurationArgs{\n\t\t\t\tOpenIdConnectConfiguration: \u0026verifiedpermissions.IdentitySourceConfigurationOpenIdConnectConfigurationArgs{\n\t\t\t\t\tIssuer: pulumi.String(\"https://auth.example.com\"),\n\t\t\t\t\tTokenSelection: \u0026verifiedpermissions.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionArgs{\n\t\t\t\t\t\tAccessTokenOnly: \u0026verifiedpermissions.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnlyArgs{\n\t\t\t\t\t\t\tAudiences: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"https://myapp.example.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tPrincipalIdClaim: pulumi.String(\"sub\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tEntityIdPrefix: pulumi.String(\"MyOIDCProvider\"),\n\t\t\t\t\tGroupConfiguration: \u0026verifiedpermissions.IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfigurationArgs{\n\t\t\t\t\t\tGroupClaim: pulumi.String(\"groups\"),\n\t\t\t\t\t\tGroupEntityType: pulumi.String(\"MyCorp::UserGroup\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPrincipalEntityType: pulumi.String(\"MyCorp::User\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.PolicyStore;\nimport com.pulumi.aws.verifiedpermissions.PolicyStoreArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.PolicyStoreValidationSettingsArgs;\nimport com.pulumi.aws.verifiedpermissions.IdentitySource;\nimport com.pulumi.aws.verifiedpermissions.IdentitySourceArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationOpenIdConnectConfigurationArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnlyArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyStore(\"example\", PolicyStoreArgs.builder()\n .validationSettings(PolicyStoreValidationSettingsArgs.builder()\n .mode(\"STRICT\")\n .build())\n .build());\n\n var exampleIdentitySource = new IdentitySource(\"exampleIdentitySource\", IdentitySourceArgs.builder()\n .policyStoreId(example.id())\n .configuration(IdentitySourceConfigurationArgs.builder()\n .openIdConnectConfiguration(IdentitySourceConfigurationOpenIdConnectConfigurationArgs.builder()\n .issuer(\"https://auth.example.com\")\n .tokenSelection(IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionArgs.builder()\n .accessTokenOnly(IdentitySourceConfigurationOpenIdConnectConfigurationTokenSelectionAccessTokenOnlyArgs.builder()\n .audiences(\"https://myapp.example.com\")\n .principalIdClaim(\"sub\")\n .build())\n .build())\n .entityIdPrefix(\"MyOIDCProvider\")\n .groupConfiguration(IdentitySourceConfigurationOpenIdConnectConfigurationGroupConfigurationArgs.builder()\n .groupClaim(\"groups\")\n .groupEntityType(\"MyCorp::UserGroup\")\n .build())\n .build())\n .build())\n .principalEntityType(\"MyCorp::User\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedpermissions:PolicyStore\n properties:\n validationSettings:\n mode: STRICT\n exampleIdentitySource:\n type: aws:verifiedpermissions:IdentitySource\n name: example\n properties:\n policyStoreId: ${example.id}\n configuration:\n openIdConnectConfiguration:\n issuer: https://auth.example.com\n tokenSelection:\n accessTokenOnly:\n audiences:\n - https://myapp.example.com\n principalIdClaim: sub\n entityIdPrefix: MyOIDCProvider\n groupConfiguration:\n groupClaim: groups\n groupEntityType: MyCorp::UserGroup\n principalEntityType: MyCorp::User\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Permissions Identity Source using the `policy_store_id:identity_source_id`. For example:\n\n```sh\n$ pulumi import aws:verifiedpermissions/identitySource:IdentitySource example policy-store-id-12345678:identity-source-id-12345678\n```\n", "properties": { "configuration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfiguration:IdentitySourceConfiguration", "description": "Specifies the details required to communicate with the identity provider (IdP) associated with this identity source. See Configuration below.\n" }, "policyStoreId": { "type": "string", "description": "Specifies the ID of the policy store in which you want to store this identity source.\n" }, "principalEntityType": { "type": "string", "description": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.\n" } }, "required": [ "policyStoreId", "principalEntityType" ], "inputProperties": { "configuration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfiguration:IdentitySourceConfiguration", "description": "Specifies the details required to communicate with the identity provider (IdP) associated with this identity source. See Configuration below.\n" }, "policyStoreId": { "type": "string", "description": "Specifies the ID of the policy store in which you want to store this identity source.\n" }, "principalEntityType": { "type": "string", "description": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.\n" } }, "requiredInputs": [ "policyStoreId" ], "stateInputs": { "description": "Input properties used for looking up and filtering IdentitySource resources.\n", "properties": { "configuration": { "$ref": "#/types/aws:verifiedpermissions/IdentitySourceConfiguration:IdentitySourceConfiguration", "description": "Specifies the details required to communicate with the identity provider (IdP) associated with this identity source. See Configuration below.\n" }, "policyStoreId": { "type": "string", "description": "Specifies the ID of the policy store in which you want to store this identity source.\n" }, "principalEntityType": { "type": "string", "description": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.\n" } }, "type": "object" } }, "aws:verifiedpermissions/policy:Policy": { "description": "Resource for managing an AWS Verified Permissions Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.verifiedpermissions.Policy(\"test\", {\n policyStoreId: testAwsVerifiedpermissionsPolicyStore.id,\n definition: {\n static: {\n statement: \"permit (principal, action == Action::\\\"view\\\", resource in Album:: \\\"test_album\\\");\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.verifiedpermissions.Policy(\"test\",\n policy_store_id=test_aws_verifiedpermissions_policy_store[\"id\"],\n definition={\n \"static\": {\n \"statement\": \"permit (principal, action == Action::\\\"view\\\", resource in Album:: \\\"test_album\\\");\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.VerifiedPermissions.Policy(\"test\", new()\n {\n PolicyStoreId = testAwsVerifiedpermissionsPolicyStore.Id,\n Definition = new Aws.VerifiedPermissions.Inputs.PolicyDefinitionArgs\n {\n Static = new Aws.VerifiedPermissions.Inputs.PolicyDefinitionStaticArgs\n {\n Statement = \"permit (principal, action == Action::\\\"view\\\", resource in Album:: \\\"test_album\\\");\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedpermissions.NewPolicy(ctx, \"test\", \u0026verifiedpermissions.PolicyArgs{\n\t\t\tPolicyStoreId: pulumi.Any(testAwsVerifiedpermissionsPolicyStore.Id),\n\t\t\tDefinition: \u0026verifiedpermissions.PolicyDefinitionArgs{\n\t\t\t\tStatic: \u0026verifiedpermissions.PolicyDefinitionStaticArgs{\n\t\t\t\t\tStatement: pulumi.String(\"permit (principal, action == Action::\\\"view\\\", resource in Album:: \\\"test_album\\\");\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.Policy;\nimport com.pulumi.aws.verifiedpermissions.PolicyArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.PolicyDefinitionArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.PolicyDefinitionStaticArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Policy(\"test\", PolicyArgs.builder()\n .policyStoreId(testAwsVerifiedpermissionsPolicyStore.id())\n .definition(PolicyDefinitionArgs.builder()\n .static_(PolicyDefinitionStaticArgs.builder()\n .statement(\"permit (principal, action == Action::\\\"view\\\", resource in Album:: \\\"test_album\\\");\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:verifiedpermissions:Policy\n properties:\n policyStoreId: ${testAwsVerifiedpermissionsPolicyStore.id}\n definition:\n static:\n statement: 'permit (principal, action == Action::\"view\", resource in Album:: \"test_album\");'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Permissions Policy using the `policy_id,policy_store_id`. For example:\n\n```sh\n$ pulumi import aws:verifiedpermissions/policy:Policy example policy-id-12345678,policy-store-id-12345678\n```\n", "properties": { "createdDate": { "type": "string", "description": "The date the policy was created.\n" }, "definition": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinition:PolicyDefinition", "description": "The definition of the policy. See Definition below.\n" }, "policyId": { "type": "string", "description": "The Policy ID of the policy.\n" }, "policyStoreId": { "type": "string", "description": "The Policy Store ID of the policy store.\n" } }, "required": [ "createdDate", "policyId", "policyStoreId" ], "inputProperties": { "definition": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinition:PolicyDefinition", "description": "The definition of the policy. See Definition below.\n" }, "policyStoreId": { "type": "string", "description": "The Policy Store ID of the policy store.\n" } }, "requiredInputs": [ "policyStoreId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Policy resources.\n", "properties": { "createdDate": { "type": "string", "description": "The date the policy was created.\n" }, "definition": { "$ref": "#/types/aws:verifiedpermissions/PolicyDefinition:PolicyDefinition", "description": "The definition of the policy. See Definition below.\n" }, "policyId": { "type": "string", "description": "The Policy ID of the policy.\n" }, "policyStoreId": { "type": "string", "description": "The Policy Store ID of the policy store.\n" } }, "type": "object" } }, "aws:verifiedpermissions/policyStore:PolicyStore": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedpermissions.PolicyStore(\"example\", {validationSettings: {\n mode: \"STRICT\",\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedpermissions.PolicyStore(\"example\", validation_settings={\n \"mode\": \"STRICT\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedPermissions.PolicyStore(\"example\", new()\n {\n ValidationSettings = new Aws.VerifiedPermissions.Inputs.PolicyStoreValidationSettingsArgs\n {\n Mode = \"STRICT\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedpermissions.NewPolicyStore(ctx, \"example\", \u0026verifiedpermissions.PolicyStoreArgs{\n\t\t\tValidationSettings: \u0026verifiedpermissions.PolicyStoreValidationSettingsArgs{\n\t\t\t\tMode: pulumi.String(\"STRICT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.PolicyStore;\nimport com.pulumi.aws.verifiedpermissions.PolicyStoreArgs;\nimport com.pulumi.aws.verifiedpermissions.inputs.PolicyStoreValidationSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyStore(\"example\", PolicyStoreArgs.builder()\n .validationSettings(PolicyStoreValidationSettingsArgs.builder()\n .mode(\"STRICT\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedpermissions:PolicyStore\n properties:\n validationSettings:\n mode: STRICT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Permissions Policy Store using the `policy_store_id`. For example:\n\nconsole\n\n % pulumi import aws_verifiedpermissions_policy_store.example DxQg2j8xvXJQ1tQCYNWj9T\n\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Policy Store.\n" }, "description": { "type": "string", "description": "A description of the Policy Store.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "validationSettings": { "$ref": "#/types/aws:verifiedpermissions/PolicyStoreValidationSettings:PolicyStoreValidationSettings", "description": "Validation settings for the policy store.\n" } }, "required": [ "arn", "policyStoreId" ], "inputProperties": { "description": { "type": "string", "description": "A description of the Policy Store.\n" }, "validationSettings": { "$ref": "#/types/aws:verifiedpermissions/PolicyStoreValidationSettings:PolicyStoreValidationSettings", "description": "Validation settings for the policy store.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering PolicyStore resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Policy Store.\n" }, "description": { "type": "string", "description": "A description of the Policy Store.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "validationSettings": { "$ref": "#/types/aws:verifiedpermissions/PolicyStoreValidationSettings:PolicyStoreValidationSettings", "description": "Validation settings for the policy store.\n" } }, "type": "object" } }, "aws:verifiedpermissions/policyTemplate:PolicyTemplate": { "description": "Resource for managing an AWS Verified Permissions Policy Template.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.verifiedpermissions.PolicyTemplate(\"example\", {\n policyStoreId: exampleAwsVerifiedpermissionsPolicyStore.id,\n statement: \"permit (principal in ?principal, action in PhotoFlash::Action::\\\"FullPhotoAccess\\\", resource == ?resource) unless { resource.IsPrivate };\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedpermissions.PolicyTemplate(\"example\",\n policy_store_id=example_aws_verifiedpermissions_policy_store[\"id\"],\n statement=\"permit (principal in ?principal, action in PhotoFlash::Action::\\\"FullPhotoAccess\\\", resource == ?resource) unless { resource.IsPrivate };\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VerifiedPermissions.PolicyTemplate(\"example\", new()\n {\n PolicyStoreId = exampleAwsVerifiedpermissionsPolicyStore.Id,\n Statement = \"permit (principal in ?principal, action in PhotoFlash::Action::\\\"FullPhotoAccess\\\", resource == ?resource) unless { resource.IsPrivate };\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedpermissions.NewPolicyTemplate(ctx, \"example\", \u0026verifiedpermissions.PolicyTemplateArgs{\n\t\t\tPolicyStoreId: pulumi.Any(exampleAwsVerifiedpermissionsPolicyStore.Id),\n\t\t\tStatement: pulumi.String(\"permit (principal in ?principal, action in PhotoFlash::Action::\\\"FullPhotoAccess\\\", resource == ?resource) unless { resource.IsPrivate };\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.PolicyTemplate;\nimport com.pulumi.aws.verifiedpermissions.PolicyTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PolicyTemplate(\"example\", PolicyTemplateArgs.builder()\n .policyStoreId(exampleAwsVerifiedpermissionsPolicyStore.id())\n .statement(\"permit (principal in ?principal, action in PhotoFlash::Action::\\\"FullPhotoAccess\\\", resource == ?resource) unless { resource.IsPrivate };\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedpermissions:PolicyTemplate\n properties:\n policyStoreId: ${exampleAwsVerifiedpermissionsPolicyStore.id}\n statement: permit (principal in ?principal, action in PhotoFlash::Action::\"FullPhotoAccess\", resource == ?resource) unless { resource.IsPrivate };\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Permissions Policy Store using the `policy_store_id:policy_template_id`. For example:\n\n```sh\n$ pulumi import aws:verifiedpermissions/policyTemplate:PolicyTemplate example policyStoreId:policyTemplateId\n```\n", "properties": { "createdDate": { "type": "string", "description": "The date the Policy Store was created.\n" }, "description": { "type": "string", "description": "Provides a description for the policy template.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "policyTemplateId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "statement": { "type": "string", "description": "Defines the content of the statement, written in Cedar policy language.\n\nThe following arguments are optional:\n" } }, "required": [ "createdDate", "policyStoreId", "policyTemplateId", "statement" ], "inputProperties": { "description": { "type": "string", "description": "Provides a description for the policy template.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "statement": { "type": "string", "description": "Defines the content of the statement, written in Cedar policy language.\n\nThe following arguments are optional:\n" } }, "requiredInputs": [ "policyStoreId", "statement" ], "stateInputs": { "description": "Input properties used for looking up and filtering PolicyTemplate resources.\n", "properties": { "createdDate": { "type": "string", "description": "The date the Policy Store was created.\n" }, "description": { "type": "string", "description": "Provides a description for the policy template.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "policyTemplateId": { "type": "string", "description": "The ID of the Policy Store.\n" }, "statement": { "type": "string", "description": "Defines the content of the statement, written in Cedar policy language.\n\nThe following arguments are optional:\n" } }, "type": "object" } }, "aws:verifiedpermissions/schema:Schema": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.Schema;\nimport com.pulumi.aws.verifiedpermissions.SchemaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schema(\"example\", SchemaArgs.builder()\n .policyStoreId(exampleAwsVerifiedpermissionsPolicyStore.policyStoreId())\n .definition(SchemaDefinitionArgs.builder()\n .value(serializeJson(\n jsonObject(\n jsonProperty(\"Namespace\", jsonObject(\n jsonProperty(\"entityTypes\", jsonObject(\n\n )),\n jsonProperty(\"actions\", jsonObject(\n\n ))\n ))\n )))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:verifiedpermissions:Schema\n properties:\n policyStoreId: ${exampleAwsVerifiedpermissionsPolicyStore.policyStoreId}\n definition:\n - value:\n fn::toJSON:\n Namespace:\n entityTypes: {}\n actions: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Verified Permissions Policy Store Schema using the `policy_store_id`. For example:\n\nconsole\n\n % pulumi import aws_verifiedpermissions_schema.example DxQg2j8xvXJQ1tQCYNWj9T\n\n", "properties": { "definition": { "$ref": "#/types/aws:verifiedpermissions/SchemaDefinition:SchemaDefinition", "description": "The definition of the schema.\n" }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Identifies the namespaces of the entities referenced by this schema.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" } }, "required": [ "namespaces", "policyStoreId" ], "inputProperties": { "definition": { "$ref": "#/types/aws:verifiedpermissions/SchemaDefinition:SchemaDefinition", "description": "The definition of the schema.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" } }, "requiredInputs": [ "policyStoreId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Schema resources.\n", "properties": { "definition": { "$ref": "#/types/aws:verifiedpermissions/SchemaDefinition:SchemaDefinition", "description": "The definition of the schema.\n" }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "(Optional) Identifies the namespaces of the entities referenced by this schema.\n" }, "policyStoreId": { "type": "string", "description": "The ID of the Policy Store.\n" } }, "type": "object" } }, "aws:vpc/endpointPrivateDns:EndpointPrivateDns": { "description": "Resource for enabling private DNS on an AWS VPC (Virtual Private Cloud) Endpoint.\n\n\u003e When using this resource, the `private_dns_enabled` argument should be omitted on the parent `aws.ec2.VpcEndpoint` resource.\nSetting the value both places can lead to unintended behavior and persistent differences.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpc.EndpointPrivateDns(\"example\", {\n vpcEndpointId: exampleAwsVpcEndpoint.id,\n privateDnsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpc.EndpointPrivateDns(\"example\",\n vpc_endpoint_id=example_aws_vpc_endpoint[\"id\"],\n private_dns_enabled=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Vpc.EndpointPrivateDns(\"example\", new()\n {\n VpcEndpointId = exampleAwsVpcEndpoint.Id,\n PrivateDnsEnabled = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpc.NewEndpointPrivateDns(ctx, \"example\", \u0026vpc.EndpointPrivateDnsArgs{\n\t\t\tVpcEndpointId: pulumi.Any(exampleAwsVpcEndpoint.Id),\n\t\t\tPrivateDnsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpc.EndpointPrivateDns;\nimport com.pulumi.aws.vpc.EndpointPrivateDnsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointPrivateDns(\"example\", EndpointPrivateDnsArgs.builder()\n .vpcEndpointId(exampleAwsVpcEndpoint.id())\n .privateDnsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpc:EndpointPrivateDns\n properties:\n vpcEndpointId: ${exampleAwsVpcEndpoint.id}\n privateDnsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a VPC (Virtual Private Cloud) Endpoint Private DNS using the `vpc_endpoint_id`. For example:\n\n```sh\n$ pulumi import aws:vpc/endpointPrivateDns:EndpointPrivateDns example vpce-abcd-1234\n```\n", "properties": { "privateDnsEnabled": { "type": "boolean", "description": "Indicates whether a private hosted zone is associated with the VPC. Only applicable for `Interface` endpoints.\n" }, "vpcEndpointId": { "type": "string", "description": "VPC endpoint identifier.\n" } }, "required": [ "privateDnsEnabled", "vpcEndpointId" ], "inputProperties": { "privateDnsEnabled": { "type": "boolean", "description": "Indicates whether a private hosted zone is associated with the VPC. Only applicable for `Interface` endpoints.\n" }, "vpcEndpointId": { "type": "string", "description": "VPC endpoint identifier.\n" } }, "requiredInputs": [ "privateDnsEnabled", "vpcEndpointId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointPrivateDns resources.\n", "properties": { "privateDnsEnabled": { "type": "boolean", "description": "Indicates whether a private hosted zone is associated with the VPC. Only applicable for `Interface` endpoints.\n" }, "vpcEndpointId": { "type": "string", "description": "VPC endpoint identifier.\n" } }, "type": "object" } }, "aws:vpc/endpointServicePrivateDnsVerification:EndpointServicePrivateDnsVerification": { "description": "Resource for managing an AWS VPC (Virtual Private Cloud) Endpoint Service Private DNS Verification.\nThis resource begins the verification process by calling the [`StartVpcEndpointServicePrivateDnsVerification`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartVpcEndpointServicePrivateDnsVerification.html) API.\nThe service provider should add a record to the DNS server _before_ creating this resource.\n\nFor additional details, refer to the AWS documentation on [managing VPC endpoint service DNS names](https://docs.aws.amazon.com/vpc/latest/privatelink/manage-dns-names.html).\n\n\u003e Destruction of this resource will not stop the verification process, only remove the resource from state.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpc.EndpointServicePrivateDnsVerification(\"example\", {serviceId: exampleAwsVpcEndpointService.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpc.EndpointServicePrivateDnsVerification(\"example\", service_id=example_aws_vpc_endpoint_service[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Vpc.EndpointServicePrivateDnsVerification(\"example\", new()\n {\n ServiceId = exampleAwsVpcEndpointService.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpc.NewEndpointServicePrivateDnsVerification(ctx, \"example\", \u0026vpc.EndpointServicePrivateDnsVerificationArgs{\n\t\t\tServiceId: pulumi.Any(exampleAwsVpcEndpointService.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpc.EndpointServicePrivateDnsVerification;\nimport com.pulumi.aws.vpc.EndpointServicePrivateDnsVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EndpointServicePrivateDnsVerification(\"example\", EndpointServicePrivateDnsVerificationArgs.builder()\n .serviceId(exampleAwsVpcEndpointService.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpc:EndpointServicePrivateDnsVerification\n properties:\n serviceId: ${exampleAwsVpcEndpointService.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import this resource.\n\n", "properties": { "serviceId": { "type": "string", "description": "ID of the endpoint service.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:vpc/EndpointServicePrivateDnsVerificationTimeouts:EndpointServicePrivateDnsVerificationTimeouts" }, "waitForVerification": { "type": "boolean", "description": "Whether to wait until the endpoint service returns a `Verified` status for the configured private DNS name.\n" } }, "required": [ "serviceId" ], "inputProperties": { "serviceId": { "type": "string", "description": "ID of the endpoint service.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:vpc/EndpointServicePrivateDnsVerificationTimeouts:EndpointServicePrivateDnsVerificationTimeouts" }, "waitForVerification": { "type": "boolean", "description": "Whether to wait until the endpoint service returns a `Verified` status for the configured private DNS name.\n" } }, "requiredInputs": [ "serviceId" ], "stateInputs": { "description": "Input properties used for looking up and filtering EndpointServicePrivateDnsVerification resources.\n", "properties": { "serviceId": { "type": "string", "description": "ID of the endpoint service.\n\nThe following arguments are optional:\n" }, "timeouts": { "$ref": "#/types/aws:vpc/EndpointServicePrivateDnsVerificationTimeouts:EndpointServicePrivateDnsVerificationTimeouts" }, "waitForVerification": { "type": "boolean", "description": "Whether to wait until the endpoint service returns a `Verified` status for the configured private DNS name.\n" } }, "type": "object" } }, "aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule": { "description": "Manages an outbound (egress) rule for a security group.\n\nWhen specifying an outbound rule for your security group in a VPC, the configuration must include a destination for the traffic.\n\n\u003e **NOTE:** Using `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources is the current best practice. Avoid using the `aws.ec2.SecurityGroupRule` resource and the `ingress` and `egress` arguments of the `aws.ec2.SecurityGroup` resource for configuring in-line rules, as they struggle with managing multiple CIDR blocks, and tags and descriptions due to the historical lack of unique IDs.\n\n!\u003e **WARNING:** You should not use the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources in conjunction with the `aws.ec2.SecurityGroup` resource with _in-line rules_ (using the `ingress` and `egress` arguments of `aws.ec2.SecurityGroup`) or the `aws.ec2.SecurityGroupRule` resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpc.SecurityGroupEgressRule(\"example\", {\n securityGroupId: exampleAwsSecurityGroup.id,\n cidrIpv4: \"10.0.0.0/8\",\n fromPort: 80,\n ipProtocol: \"tcp\",\n toPort: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpc.SecurityGroupEgressRule(\"example\",\n security_group_id=example_aws_security_group[\"id\"],\n cidr_ipv4=\"10.0.0.0/8\",\n from_port=80,\n ip_protocol=\"tcp\",\n to_port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Vpc.SecurityGroupEgressRule(\"example\", new()\n {\n SecurityGroupId = exampleAwsSecurityGroup.Id,\n CidrIpv4 = \"10.0.0.0/8\",\n FromPort = 80,\n IpProtocol = \"tcp\",\n ToPort = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpc.NewSecurityGroupEgressRule(ctx, \"example\", \u0026vpc.SecurityGroupEgressRuleArgs{\n\t\t\tSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),\n\t\t\tCidrIpv4: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tFromPort: pulumi.Int(80),\n\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\tToPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpc.SecurityGroupEgressRule;\nimport com.pulumi.aws.vpc.SecurityGroupEgressRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroupEgressRule(\"example\", SecurityGroupEgressRuleArgs.builder()\n .securityGroupId(exampleAwsSecurityGroup.id())\n .cidrIpv4(\"10.0.0.0/8\")\n .fromPort(80)\n .ipProtocol(\"tcp\")\n .toPort(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpc:SecurityGroupEgressRule\n properties:\n securityGroupId: ${exampleAwsSecurityGroup.id}\n cidrIpv4: 10.0.0.0/8\n fromPort: 80\n ipProtocol: tcp\n toPort: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import security group egress rules using the `security_group_rule_id`. For example:\n\n```sh\n$ pulumi import aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule example sgr-02108b27edd666983\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the security group rule.\n" }, "cidrIpv4": { "type": "string", "description": "The destination IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The destination IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the destination prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The destination security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "securityGroupRuleId": { "type": "string", "description": "The ID of the security group rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "required": [ "arn", "ipProtocol", "securityGroupId", "securityGroupRuleId", "tagsAll" ], "inputProperties": { "cidrIpv4": { "type": "string", "description": "The destination IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The destination IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the destination prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The destination security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "requiredInputs": [ "ipProtocol", "securityGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroupEgressRule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the security group rule.\n" }, "cidrIpv4": { "type": "string", "description": "The destination IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The destination IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the destination prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The destination security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "securityGroupRuleId": { "type": "string", "description": "The ID of the security group rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "type": "object" } }, "aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule": { "description": "Manages an inbound (ingress) rule for a security group.\n\nWhen specifying an inbound rule for your security group in a VPC, the configuration must include a source for the traffic.\n\n\u003e **NOTE:** Using `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources is the current best practice. Avoid using the `aws.ec2.SecurityGroupRule` resource and the `ingress` and `egress` arguments of the `aws.ec2.SecurityGroup` resource for configuring in-line rules, as they struggle with managing multiple CIDR blocks, and tags and descriptions due to the historical lack of unique IDs.\n\n!\u003e **WARNING:** You should not use the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources in conjunction with the `aws.ec2.SecurityGroup` resource with _in-line rules_ (using the `ingress` and `egress` arguments of `aws.ec2.SecurityGroup`) or the `aws.ec2.SecurityGroupRule` resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.SecurityGroup(\"example\", {\n name: \"example\",\n description: \"example\",\n vpcId: main.id,\n tags: {\n Name: \"example\",\n },\n});\nconst exampleSecurityGroupIngressRule = new aws.vpc.SecurityGroupIngressRule(\"example\", {\n securityGroupId: example.id,\n cidrIpv4: \"10.0.0.0/8\",\n fromPort: 80,\n ipProtocol: \"tcp\",\n toPort: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.SecurityGroup(\"example\",\n name=\"example\",\n description=\"example\",\n vpc_id=main[\"id\"],\n tags={\n \"Name\": \"example\",\n })\nexample_security_group_ingress_rule = aws.vpc.SecurityGroupIngressRule(\"example\",\n security_group_id=example.id,\n cidr_ipv4=\"10.0.0.0/8\",\n from_port=80,\n ip_protocol=\"tcp\",\n to_port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"example\",\n Description = \"example\",\n VpcId = main.Id,\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n var exampleSecurityGroupIngressRule = new Aws.Vpc.SecurityGroupIngressRule(\"example\", new()\n {\n SecurityGroupId = example.Id,\n CidrIpv4 = \"10.0.0.0/8\",\n FromPort = 80,\n IpProtocol = \"tcp\",\n ToPort = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpc.NewSecurityGroupIngressRule(ctx, \"example\", \u0026vpc.SecurityGroupIngressRuleArgs{\n\t\t\tSecurityGroupId: example.ID(),\n\t\t\tCidrIpv4: pulumi.String(\"10.0.0.0/8\"),\n\t\t\tFromPort: pulumi.Int(80),\n\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\tToPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.vpc.SecurityGroupIngressRule;\nimport com.pulumi.aws.vpc.SecurityGroupIngressRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SecurityGroup(\"example\", SecurityGroupArgs.builder()\n .name(\"example\")\n .description(\"example\")\n .vpcId(main.id())\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n var exampleSecurityGroupIngressRule = new SecurityGroupIngressRule(\"exampleSecurityGroupIngressRule\", SecurityGroupIngressRuleArgs.builder()\n .securityGroupId(example.id())\n .cidrIpv4(\"10.0.0.0/8\")\n .fromPort(80)\n .ipProtocol(\"tcp\")\n .toPort(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:SecurityGroup\n properties:\n name: example\n description: example\n vpcId: ${main.id}\n tags:\n Name: example\n exampleSecurityGroupIngressRule:\n type: aws:vpc:SecurityGroupIngressRule\n name: example\n properties:\n securityGroupId: ${example.id}\n cidrIpv4: 10.0.0.0/8\n fromPort: 80\n ipProtocol: tcp\n toPort: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import security group ingress rules using the `security_group_rule_id`. For example:\n\n```sh\n$ pulumi import aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule example sgr-02108b27edd666983\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the security group rule.\n" }, "cidrIpv4": { "type": "string", "description": "The source IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The source IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the source prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The source security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "securityGroupRuleId": { "type": "string", "description": "The ID of the security group rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "required": [ "arn", "ipProtocol", "securityGroupId", "securityGroupRuleId", "tagsAll" ], "inputProperties": { "cidrIpv4": { "type": "string", "description": "The source IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The source IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the source prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The source security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "requiredInputs": [ "ipProtocol", "securityGroupId" ], "stateInputs": { "description": "Input properties used for looking up and filtering SecurityGroupIngressRule resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the security group rule.\n" }, "cidrIpv4": { "type": "string", "description": "The source IPv4 CIDR range.\n" }, "cidrIpv6": { "type": "string", "description": "The source IPv6 CIDR range.\n" }, "description": { "type": "string", "description": "The security group rule description.\n" }, "fromPort": { "type": "integer", "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n" }, "ipProtocol": { "type": "string", "description": "The IP protocol name or number. Use `-1` to specify all protocols. Note that if `ip_protocol` is set to `-1`, it translates to all protocols, all port ranges, and `from_port` and `to_port` values should not be defined.\n" }, "prefixListId": { "type": "string", "description": "The ID of the source prefix list.\n" }, "referencedSecurityGroupId": { "type": "string", "description": "The source security group that is referenced in the rule.\n" }, "securityGroupId": { "type": "string", "description": "The ID of the security group.\n" }, "securityGroupRuleId": { "type": "string", "description": "The ID of the security group rule.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "toPort": { "type": "integer", "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n" } }, "type": "object" } }, "aws:vpclattice/accessLogSubscription:AccessLogSubscription": { "description": "Resource for managing an AWS VPC Lattice Service Network or Service Access log subscription.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.AccessLogSubscription(\"example\", {\n resourceIdentifier: exampleAwsVpclatticeServiceNetwork.id,\n destinationArn: bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.AccessLogSubscription(\"example\",\n resource_identifier=example_aws_vpclattice_service_network[\"id\"],\n destination_arn=bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.AccessLogSubscription(\"example\", new()\n {\n ResourceIdentifier = exampleAwsVpclatticeServiceNetwork.Id,\n DestinationArn = bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewAccessLogSubscription(ctx, \"example\", \u0026vpclattice.AccessLogSubscriptionArgs{\n\t\t\tResourceIdentifier: pulumi.Any(exampleAwsVpclatticeServiceNetwork.Id),\n\t\t\tDestinationArn: pulumi.Any(bucket.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.AccessLogSubscription;\nimport com.pulumi.aws.vpclattice.AccessLogSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessLogSubscription(\"example\", AccessLogSubscriptionArgs.builder()\n .resourceIdentifier(exampleAwsVpclatticeServiceNetwork.id())\n .destinationArn(bucket.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:AccessLogSubscription\n properties:\n resourceIdentifier: ${exampleAwsVpclatticeServiceNetwork.id}\n destinationArn: ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Access Log Subscription using the access log subscription ID. For example:\n\n```sh\n$ pulumi import aws:vpclattice/accessLogSubscription:AccessLogSubscription example rft-8012925589\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the access log subscription.\n" }, "destinationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the log destination.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service network or service.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network or service. You must use the ARN if the resources specified in the operation are in different accounts.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "destinationArn", "resourceArn", "resourceIdentifier", "tagsAll" ], "inputProperties": { "destinationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the log destination.\n", "willReplaceOnChanges": true }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network or service. You must use the ARN if the resources specified in the operation are in different accounts.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "requiredInputs": [ "destinationArn", "resourceIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccessLogSubscription resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the access log subscription.\n" }, "destinationArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the log destination.\n", "willReplaceOnChanges": true }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the service network or service.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network or service. You must use the ARN if the resources specified in the operation are in different accounts.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/authPolicy:AuthPolicy": { "description": "Resource for managing an AWS VPC Lattice Auth Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {\n name: \"example-vpclattice-service\",\n authType: \"AWS_IAM\",\n customDomainName: \"example.com\",\n});\nconst exampleAuthPolicy = new aws.vpclattice.AuthPolicy(\"example\", {\n resourceIdentifier: example.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"*\",\n Effect: \"Allow\",\n Principal: \"*\",\n Resource: \"*\",\n Condition: {\n StringNotEqualsIgnoreCase: {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\",\n name=\"example-vpclattice-service\",\n auth_type=\"AWS_IAM\",\n custom_domain_name=\"example.com\")\nexample_auth_policy = aws.vpclattice.AuthPolicy(\"example\",\n resource_identifier=example.arn,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"*\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEqualsIgnoreCase\": {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example-vpclattice-service\",\n AuthType = \"AWS_IAM\",\n CustomDomainName = \"example.com\",\n });\n\n var exampleAuthPolicy = new Aws.VpcLattice.AuthPolicy(\"example\", new()\n {\n ResourceIdentifier = example.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = \"*\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringNotEqualsIgnoreCase\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:PrincipalType\"] = \"anonymous\",\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service\"),\n\t\t\tAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t\tCustomDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": \"*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringNotEqualsIgnoreCase\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:PrincipalType\": \"anonymous\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = vpclattice.NewAuthPolicy(ctx, \"example\", \u0026vpclattice.AuthPolicyArgs{\n\t\t\tResourceIdentifier: example.Arn,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.AuthPolicy;\nimport com.pulumi.aws.vpclattice.AuthPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example-vpclattice-service\")\n .authType(\"AWS_IAM\")\n .customDomainName(\"example.com\")\n .build());\n\n var exampleAuthPolicy = new AuthPolicy(\"exampleAuthPolicy\", AuthPolicyArgs.builder()\n .resourceIdentifier(example.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", \"*\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringNotEqualsIgnoreCase\", jsonObject(\n jsonProperty(\"aws:PrincipalType\", \"anonymous\")\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example-vpclattice-service\n authType: AWS_IAM\n customDomainName: example.com\n exampleAuthPolicy:\n type: aws:vpclattice:AuthPolicy\n name: example\n properties:\n resourceIdentifier: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: '*'\n Effect: Allow\n Principal: '*'\n Resource: '*'\n Condition:\n StringNotEqualsIgnoreCase:\n aws:PrincipalType: anonymous\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Auth Policy using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/authPolicy:AuthPolicy example abcd-12345678\n```\n", "properties": { "policy": { "type": "string", "description": "The auth policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n" }, "state": { "type": "string", "description": "The state of the auth policy. The auth policy is only active when the auth type is set to `AWS_IAM`. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is `NONE`, then, any auth policy you provide will remain inactive.\n" } }, "required": [ "policy", "resourceIdentifier" ], "inputProperties": { "policy": { "type": "string", "description": "The auth policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n" }, "state": { "type": "string", "description": "The state of the auth policy. The auth policy is only active when the auth type is set to `AWS_IAM`. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is `NONE`, then, any auth policy you provide will remain inactive.\n" } }, "requiredInputs": [ "policy", "resourceIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering AuthPolicy resources.\n", "properties": { "policy": { "type": "string", "description": "The auth policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n" }, "state": { "type": "string", "description": "The state of the auth policy. The auth policy is only active when the auth type is set to `AWS_IAM`. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is `NONE`, then, any auth policy you provide will remain inactive.\n" } }, "type": "object" } }, "aws:vpclattice/listener:Listener": { "description": "Resource for managing an AWS VPC Lattice Listener.\n\n## Example Usage\n\n### Fixed response action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTPS\",\n serviceIdentifier: example.id,\n defaultAction: {\n fixedResponse: {\n statusCode: 404,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTPS\",\n service_identifier=example.id,\n default_action={\n \"fixed_response\": {\n \"status_code\": 404,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTPS\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.VpcLattice.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n StatusCode = 404,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tFixedResponse: \u0026vpclattice.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\tStatusCode: pulumi.Int(404),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTPS\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .statusCode(404)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTPS\n serviceIdentifier: ${example.id}\n defaultAction:\n fixedResponse:\n statusCode: 404\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Forward action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst exampleTargetGroup = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example-target-group-1\",\n type: \"INSTANCE\",\n config: {\n port: 80,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTP\",\n serviceIdentifier: example.id,\n defaultAction: {\n forwards: [{\n targetGroups: [{\n targetGroupIdentifier: exampleTargetGroup.id,\n }],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample_target_group = aws.vpclattice.TargetGroup(\"example\",\n name=\"example-target-group-1\",\n type=\"INSTANCE\",\n config={\n \"port\": 80,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTP\",\n service_identifier=example.id,\n default_action={\n \"forwards\": [{\n \"target_groups\": [{\n \"target_group_identifier\": example_target_group.id,\n }],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleTargetGroup = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example-target-group-1\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTP\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n Forwards = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = exampleTargetGroup.Id,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-1\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tForwards: vpclattice.ListenerDefaultActionForwardArray{\n\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: vpclattice.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: exampleTargetGroup.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example-target-group-1\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTP\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .forwards(ListenerDefaultActionForwardArgs.builder()\n .targetGroups(ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(exampleTargetGroup.id())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n exampleTargetGroup:\n type: aws:vpclattice:TargetGroup\n name: example\n properties:\n name: example-target-group-1\n type: INSTANCE\n config:\n port: 80\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTP\n serviceIdentifier: ${example.id}\n defaultAction:\n forwards:\n - targetGroups:\n - targetGroupIdentifier: ${exampleTargetGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Forward action with weighted target groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst example1 = new aws.vpclattice.TargetGroup(\"example1\", {\n name: \"example-target-group-1\",\n type: \"INSTANCE\",\n config: {\n port: 80,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst example2 = new aws.vpclattice.TargetGroup(\"example2\", {\n name: \"example-target-group-2\",\n type: \"INSTANCE\",\n config: {\n port: 8080,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTP\",\n serviceIdentifier: example.id,\n defaultAction: {\n forwards: [{\n targetGroups: [\n {\n targetGroupIdentifier: example1.id,\n weight: 80,\n },\n {\n targetGroupIdentifier: example2.id,\n weight: 20,\n },\n ],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample1 = aws.vpclattice.TargetGroup(\"example1\",\n name=\"example-target-group-1\",\n type=\"INSTANCE\",\n config={\n \"port\": 80,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample2 = aws.vpclattice.TargetGroup(\"example2\",\n name=\"example-target-group-2\",\n type=\"INSTANCE\",\n config={\n \"port\": 8080,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTP\",\n service_identifier=example.id,\n default_action={\n \"forwards\": [{\n \"target_groups\": [\n {\n \"target_group_identifier\": example1.id,\n \"weight\": 80,\n },\n {\n \"target_group_identifier\": example2.id,\n \"weight\": 20,\n },\n ],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example1 = new Aws.VpcLattice.TargetGroup(\"example1\", new()\n {\n Name = \"example-target-group-1\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var example2 = new Aws.VpcLattice.TargetGroup(\"example2\", new()\n {\n Name = \"example-target-group-2\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 8080,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTP\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n Forwards = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example1.Id,\n Weight = 80,\n },\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example2.Id,\n Weight = 20,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample1, err := vpclattice.NewTargetGroup(ctx, \"example1\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-1\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := vpclattice.NewTargetGroup(ctx, \"example2\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-2\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tForwards: vpclattice.ListenerDefaultActionForwardArray{\n\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: vpclattice.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: example1.ID(),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: example2.ID(),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var example1 = new TargetGroup(\"example1\", TargetGroupArgs.builder()\n .name(\"example-target-group-1\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var example2 = new TargetGroup(\"example2\", TargetGroupArgs.builder()\n .name(\"example-target-group-2\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(8080)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTP\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .forwards(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example1.id())\n .weight(80)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example2.id())\n .weight(20)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n example1:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example-target-group-1\n type: INSTANCE\n config:\n port: 80\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n example2:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example-target-group-2\n type: INSTANCE\n config:\n port: 8080\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTP\n serviceIdentifier: ${example.id}\n defaultAction:\n forwards:\n - targetGroups:\n - targetGroupIdentifier: ${example1.id}\n weight: 80\n - targetGroupIdentifier: ${example2.id}\n weight: 20\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Listener using the `listener_id` of the listener and the `id` of the VPC Lattice service combined with a `/` character. For example:\n\n```sh\n$ pulumi import aws:vpclattice/listener:Listener example svc-1a2b3c4d/listener-987654321\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the listener.\n" }, "createdAt": { "type": "string", "description": "Date and time that the listener was created, specified in ISO-8601 format.\n" }, "defaultAction": { "$ref": "#/types/aws:vpclattice/ListenerDefaultAction:ListenerDefaultAction", "description": "Default action block for the default listener rule. Default action blocks are defined below.\n" }, "lastUpdatedAt": { "type": "string" }, "listenerId": { "type": "string", "description": "Standalone ID of the listener, e.g. `listener-0a1b2c3d4e5f6g`.\n" }, "name": { "type": "string", "description": "Name of the listener. A listener name must be unique within a service. Valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n" }, "port": { "type": "integer", "description": "Listener port. You can specify a value from 1 to 65535. If `port` is not specified and `protocol` is HTTP, the value will default to 80. If `port` is not specified and `protocol` is HTTPS, the value will default to 443.\n" }, "protocol": { "type": "string", "description": "Protocol for the listener. Supported values are `HTTP`, `HTTPS` or `TLS_PASSTHROUGH`\n" }, "serviceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n" }, "serviceIdentifier": { "type": "string", "description": "ID of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n\u003e **NOTE:** You must specify one of the following arguments: `service_arn` or `service_identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdAt", "defaultAction", "lastUpdatedAt", "listenerId", "name", "port", "protocol", "serviceArn", "serviceIdentifier", "tagsAll" ], "inputProperties": { "defaultAction": { "$ref": "#/types/aws:vpclattice/ListenerDefaultAction:ListenerDefaultAction", "description": "Default action block for the default listener rule. Default action blocks are defined below.\n" }, "name": { "type": "string", "description": "Name of the listener. A listener name must be unique within a service. Valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Listener port. You can specify a value from 1 to 65535. If `port` is not specified and `protocol` is HTTP, the value will default to 80. If `port` is not specified and `protocol` is HTTPS, the value will default to 443.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "Protocol for the listener. Supported values are `HTTP`, `HTTPS` or `TLS_PASSTHROUGH`\n", "willReplaceOnChanges": true }, "serviceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n" }, "serviceIdentifier": { "type": "string", "description": "ID of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n\u003e **NOTE:** You must specify one of the following arguments: `service_arn` or `service_identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultAction", "protocol" ], "stateInputs": { "description": "Input properties used for looking up and filtering Listener resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the listener.\n" }, "createdAt": { "type": "string", "description": "Date and time that the listener was created, specified in ISO-8601 format.\n" }, "defaultAction": { "$ref": "#/types/aws:vpclattice/ListenerDefaultAction:ListenerDefaultAction", "description": "Default action block for the default listener rule. Default action blocks are defined below.\n" }, "lastUpdatedAt": { "type": "string" }, "listenerId": { "type": "string", "description": "Standalone ID of the listener, e.g. `listener-0a1b2c3d4e5f6g`.\n" }, "name": { "type": "string", "description": "Name of the listener. A listener name must be unique within a service. Valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "port": { "type": "integer", "description": "Listener port. You can specify a value from 1 to 65535. If `port` is not specified and `protocol` is HTTP, the value will default to 80. If `port` is not specified and `protocol` is HTTPS, the value will default to 443.\n", "willReplaceOnChanges": true }, "protocol": { "type": "string", "description": "Protocol for the listener. Supported values are `HTTP`, `HTTPS` or `TLS_PASSTHROUGH`\n", "willReplaceOnChanges": true }, "serviceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n" }, "serviceIdentifier": { "type": "string", "description": "ID of the VPC Lattice service. You must include either the `service_arn` or `service_identifier` arguments.\n\u003e **NOTE:** You must specify one of the following arguments: `service_arn` or `service_identifier`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/listenerRule:ListenerRule": { "description": "Resource for managing an AWS VPC Lattice Listener Rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.vpclattice.ListenerRule(\"test\", {\n name: \"example\",\n listenerIdentifier: exampleAwsVpclatticeListener.listenerId,\n serviceIdentifier: exampleAwsVpclatticeService.id,\n priority: 20,\n match: {\n httpMatch: {\n headerMatches: [{\n name: \"example-header\",\n caseSensitive: false,\n match: {\n exact: \"example-contains\",\n },\n }],\n pathMatch: {\n caseSensitive: true,\n match: {\n prefix: \"/example-path\",\n },\n },\n },\n },\n action: {\n forward: {\n targetGroups: [\n {\n targetGroupIdentifier: example.id,\n weight: 1,\n },\n {\n targetGroupIdentifier: example2.id,\n weight: 2,\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.vpclattice.ListenerRule(\"test\",\n name=\"example\",\n listener_identifier=example_aws_vpclattice_listener[\"listenerId\"],\n service_identifier=example_aws_vpclattice_service[\"id\"],\n priority=20,\n match={\n \"http_match\": {\n \"header_matches\": [{\n \"name\": \"example-header\",\n \"case_sensitive\": False,\n \"match\": {\n \"exact\": \"example-contains\",\n },\n }],\n \"path_match\": {\n \"case_sensitive\": True,\n \"match\": {\n \"prefix\": \"/example-path\",\n },\n },\n },\n },\n action={\n \"forward\": {\n \"target_groups\": [\n {\n \"target_group_identifier\": example[\"id\"],\n \"weight\": 1,\n },\n {\n \"target_group_identifier\": example2[\"id\"],\n \"weight\": 2,\n },\n ],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.VpcLattice.ListenerRule(\"test\", new()\n {\n Name = \"example\",\n ListenerIdentifier = exampleAwsVpclatticeListener.ListenerId,\n ServiceIdentifier = exampleAwsVpclatticeService.Id,\n Priority = 20,\n Match = new Aws.VpcLattice.Inputs.ListenerRuleMatchArgs\n {\n HttpMatch = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchArgs\n {\n HeaderMatches = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchHeaderMatchArgs\n {\n Name = \"example-header\",\n CaseSensitive = false,\n Match = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchHeaderMatchMatchArgs\n {\n Exact = \"example-contains\",\n },\n },\n },\n PathMatch = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchPathMatchArgs\n {\n CaseSensitive = true,\n Match = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchPathMatchMatchArgs\n {\n Prefix = \"/example-path\",\n },\n },\n },\n },\n Action = new Aws.VpcLattice.Inputs.ListenerRuleActionArgs\n {\n Forward = new Aws.VpcLattice.Inputs.ListenerRuleActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example.Id,\n Weight = 1,\n },\n new Aws.VpcLattice.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example2.Id,\n Weight = 2,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewListenerRule(ctx, \"test\", \u0026vpclattice.ListenerRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tListenerIdentifier: pulumi.Any(exampleAwsVpclatticeListener.ListenerId),\n\t\t\tServiceIdentifier: pulumi.Any(exampleAwsVpclatticeService.Id),\n\t\t\tPriority: pulumi.Int(20),\n\t\t\tMatch: \u0026vpclattice.ListenerRuleMatchArgs{\n\t\t\t\tHttpMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchArgs{\n\t\t\t\t\tHeaderMatches: vpclattice.ListenerRuleMatchHttpMatchHeaderMatchArray{\n\t\t\t\t\t\t\u0026vpclattice.ListenerRuleMatchHttpMatchHeaderMatchArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"example-header\"),\n\t\t\t\t\t\t\tCaseSensitive: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchHeaderMatchMatchArgs{\n\t\t\t\t\t\t\t\tExact: pulumi.String(\"example-contains\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPathMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchPathMatchArgs{\n\t\t\t\t\t\tCaseSensitive: pulumi.Bool(true),\n\t\t\t\t\t\tMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchPathMatchMatchArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"/example-path\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAction: \u0026vpclattice.ListenerRuleActionArgs{\n\t\t\t\tForward: \u0026vpclattice.ListenerRuleActionForwardArgs{\n\t\t\t\t\tTargetGroups: vpclattice.ListenerRuleActionForwardTargetGroupArray{\n\t\t\t\t\t\t\u0026vpclattice.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\tTargetGroupIdentifier: pulumi.Any(example.Id),\n\t\t\t\t\t\t\tWeight: pulumi.Int(1),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026vpclattice.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\tTargetGroupIdentifier: pulumi.Any(example2.Id),\n\t\t\t\t\t\t\tWeight: pulumi.Int(2),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ListenerRule;\nimport com.pulumi.aws.vpclattice.ListenerRuleArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchPathMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchPathMatchMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleActionForwardArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ListenerRule(\"test\", ListenerRuleArgs.builder()\n .name(\"example\")\n .listenerIdentifier(exampleAwsVpclatticeListener.listenerId())\n .serviceIdentifier(exampleAwsVpclatticeService.id())\n .priority(20)\n .match(ListenerRuleMatchArgs.builder()\n .httpMatch(ListenerRuleMatchHttpMatchArgs.builder()\n .headerMatches(ListenerRuleMatchHttpMatchHeaderMatchArgs.builder()\n .name(\"example-header\")\n .caseSensitive(false)\n .match(ListenerRuleMatchHttpMatchHeaderMatchMatchArgs.builder()\n .exact(\"example-contains\")\n .build())\n .build())\n .pathMatch(ListenerRuleMatchHttpMatchPathMatchArgs.builder()\n .caseSensitive(true)\n .match(ListenerRuleMatchHttpMatchPathMatchMatchArgs.builder()\n .prefix(\"/example-path\")\n .build())\n .build())\n .build())\n .build())\n .action(ListenerRuleActionArgs.builder()\n .forward(ListenerRuleActionForwardArgs.builder()\n .targetGroups( \n ListenerRuleActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example.id())\n .weight(1)\n .build(),\n ListenerRuleActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example2.id())\n .weight(2)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:vpclattice:ListenerRule\n properties:\n name: example\n listenerIdentifier: ${exampleAwsVpclatticeListener.listenerId}\n serviceIdentifier: ${exampleAwsVpclatticeService.id}\n priority: 20\n match:\n httpMatch:\n headerMatches:\n - name: example-header\n caseSensitive: false\n match:\n exact: example-contains\n pathMatch:\n caseSensitive: true\n match:\n prefix: /example-path\n action:\n forward:\n targetGroups:\n - targetGroupIdentifier: ${example.id}\n weight: 1\n - targetGroupIdentifier: ${example2.id}\n weight: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.vpclattice.ListenerRule(\"test\", {\n name: \"example\",\n listenerIdentifier: example.listenerId,\n serviceIdentifier: exampleAwsVpclatticeService.id,\n priority: 10,\n match: {\n httpMatch: {\n pathMatch: {\n caseSensitive: false,\n match: {\n exact: \"/example-path\",\n },\n },\n },\n },\n action: {\n fixedResponse: {\n statusCode: 404,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.vpclattice.ListenerRule(\"test\",\n name=\"example\",\n listener_identifier=example[\"listenerId\"],\n service_identifier=example_aws_vpclattice_service[\"id\"],\n priority=10,\n match={\n \"http_match\": {\n \"path_match\": {\n \"case_sensitive\": False,\n \"match\": {\n \"exact\": \"/example-path\",\n },\n },\n },\n },\n action={\n \"fixed_response\": {\n \"status_code\": 404,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.VpcLattice.ListenerRule(\"test\", new()\n {\n Name = \"example\",\n ListenerIdentifier = example.ListenerId,\n ServiceIdentifier = exampleAwsVpclatticeService.Id,\n Priority = 10,\n Match = new Aws.VpcLattice.Inputs.ListenerRuleMatchArgs\n {\n HttpMatch = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchArgs\n {\n PathMatch = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchPathMatchArgs\n {\n CaseSensitive = false,\n Match = new Aws.VpcLattice.Inputs.ListenerRuleMatchHttpMatchPathMatchMatchArgs\n {\n Exact = \"/example-path\",\n },\n },\n },\n },\n Action = new Aws.VpcLattice.Inputs.ListenerRuleActionArgs\n {\n FixedResponse = new Aws.VpcLattice.Inputs.ListenerRuleActionFixedResponseArgs\n {\n StatusCode = 404,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewListenerRule(ctx, \"test\", \u0026vpclattice.ListenerRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tListenerIdentifier: pulumi.Any(example.ListenerId),\n\t\t\tServiceIdentifier: pulumi.Any(exampleAwsVpclatticeService.Id),\n\t\t\tPriority: pulumi.Int(10),\n\t\t\tMatch: \u0026vpclattice.ListenerRuleMatchArgs{\n\t\t\t\tHttpMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchArgs{\n\t\t\t\t\tPathMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchPathMatchArgs{\n\t\t\t\t\t\tCaseSensitive: pulumi.Bool(false),\n\t\t\t\t\t\tMatch: \u0026vpclattice.ListenerRuleMatchHttpMatchPathMatchMatchArgs{\n\t\t\t\t\t\t\tExact: pulumi.String(\"/example-path\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAction: \u0026vpclattice.ListenerRuleActionArgs{\n\t\t\t\tFixedResponse: \u0026vpclattice.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\tStatusCode: pulumi.Int(404),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ListenerRule;\nimport com.pulumi.aws.vpclattice.ListenerRuleArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchPathMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleMatchHttpMatchPathMatchMatchArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerRuleActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ListenerRule(\"test\", ListenerRuleArgs.builder()\n .name(\"example\")\n .listenerIdentifier(example.listenerId())\n .serviceIdentifier(exampleAwsVpclatticeService.id())\n .priority(10)\n .match(ListenerRuleMatchArgs.builder()\n .httpMatch(ListenerRuleMatchHttpMatchArgs.builder()\n .pathMatch(ListenerRuleMatchHttpMatchPathMatchArgs.builder()\n .caseSensitive(false)\n .match(ListenerRuleMatchHttpMatchPathMatchMatchArgs.builder()\n .exact(\"/example-path\")\n .build())\n .build())\n .build())\n .build())\n .action(ListenerRuleActionArgs.builder()\n .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()\n .statusCode(404)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:vpclattice:ListenerRule\n properties:\n name: example\n listenerIdentifier: ${example.listenerId}\n serviceIdentifier: ${exampleAwsVpclatticeService.id}\n priority: 10\n match:\n httpMatch:\n pathMatch:\n caseSensitive: false\n match:\n exact: /example-path\n action:\n fixedResponse:\n statusCode: 404\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Listener Rule using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/listenerRule:ListenerRule example service123/listener456/rule789\n```\n", "properties": { "action": { "$ref": "#/types/aws:vpclattice/ListenerRuleAction:ListenerRuleAction", "description": "The action for the listener rule.\n" }, "arn": { "type": "string", "description": "The ARN for the listener rule.\n" }, "listenerIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the listener.\n" }, "match": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatch:ListenerRuleMatch", "description": "The rule match.\n" }, "name": { "type": "string", "description": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n" }, "priority": { "type": "integer", "description": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.\n\nThe following arguments are optional:\n" }, "ruleId": { "type": "string", "description": "Unique identifier for the listener rule.\n" }, "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "action", "arn", "listenerIdentifier", "match", "name", "priority", "ruleId", "serviceIdentifier", "tagsAll" ], "inputProperties": { "action": { "$ref": "#/types/aws:vpclattice/ListenerRuleAction:ListenerRuleAction", "description": "The action for the listener rule.\n" }, "listenerIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the listener.\n", "willReplaceOnChanges": true }, "match": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatch:ListenerRuleMatch", "description": "The rule match.\n" }, "name": { "type": "string", "description": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.\n\nThe following arguments are optional:\n" }, "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "action", "listenerIdentifier", "match", "priority", "serviceIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ListenerRule resources.\n", "properties": { "action": { "$ref": "#/types/aws:vpclattice/ListenerRuleAction:ListenerRuleAction", "description": "The action for the listener rule.\n" }, "arn": { "type": "string", "description": "The ARN for the listener rule.\n" }, "listenerIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the listener.\n", "willReplaceOnChanges": true }, "match": { "$ref": "#/types/aws:vpclattice/ListenerRuleMatch:ListenerRuleMatch", "description": "The rule match.\n" }, "name": { "type": "string", "description": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "priority": { "type": "integer", "description": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.\n\nThe following arguments are optional:\n" }, "ruleId": { "type": "string", "description": "Unique identifier for the listener rule.\n" }, "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/resourcePolicy:ResourcePolicy": { "description": "Resource for managing an AWS VPC Lattice Resource Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.vpclattice.ServiceNetwork(\"example\", {name: \"example-vpclattice-service-network\"});\nconst exampleResourcePolicy = new aws.vpclattice.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"test-pol-principals-6\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n Resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.vpclattice.ServiceNetwork(\"example\", name=\"example-vpclattice-service-network\")\nexample_resource_policy = aws.vpclattice.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"test-pol-principals-6\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n \"Resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.VpcLattice.ServiceNetwork(\"example\", new()\n {\n Name = \"example-vpclattice-service-network\",\n });\n\n var exampleResourcePolicy = new Aws.VpcLattice.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"test-pol-principals-6\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n },\n [\"Resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := vpclattice.NewServiceNetwork(ctx, \"example\", \u0026vpclattice.ServiceNetworkArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service-network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewResourcePolicy(ctx, \"example\", \u0026vpclattice.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"test-pol-principals-6\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:GetServiceNetwork\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.vpclattice.ServiceNetwork;\nimport com.pulumi.aws.vpclattice.ServiceNetworkArgs;\nimport com.pulumi.aws.vpclattice.ResourcePolicy;\nimport com.pulumi.aws.vpclattice.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ServiceNetwork(\"example\", ServiceNetworkArgs.builder()\n .name(\"example-vpclattice-service-network\")\n .build());\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder()\n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"test-pol-principals-6\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\", \n \"vpc-lattice:CreateServiceNetworkServiceAssociation\", \n \"vpc-lattice:GetServiceNetwork\"\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetwork\n properties:\n name: example-vpclattice-service-network\n exampleResourcePolicy:\n type: aws:vpclattice:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: test-pol-principals-6\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - vpc-lattice:CreateServiceNetworkVpcAssociation\n - vpc-lattice:CreateServiceNetworkServiceAssociation\n - vpc-lattice:GetServiceNetwork\n Resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Resource Policy using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/resourcePolicy:ResourcePolicy example rft-8012925589\n```\n", "properties": { "policy": { "type": "string", "description": "An IAM policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceArn": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n" } }, "required": [ "policy", "resourceArn" ], "inputProperties": { "policy": { "type": "string", "description": "An IAM policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceArn": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "policy", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering ResourcePolicy resources.\n", "properties": { "policy": { "type": "string", "description": "An IAM policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceArn": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:vpclattice/service:Service": { "description": "Resource for managing an AWS VPC Lattice Service.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {\n name: \"example\",\n authType: \"AWS_IAM\",\n customDomainName: \"example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\",\n name=\"example\",\n auth_type=\"AWS_IAM\",\n custom_domain_name=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n AuthType = \"AWS_IAM\",\n CustomDomainName = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t\tCustomDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .authType(\"AWS_IAM\")\n .customDomainName(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n authType: AWS_IAM\n customDomainName: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Service using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/service:Service example svc-06728e2357ea55f8a\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the service.\n" }, "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "certificateArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate.\n" }, "customDomainName": { "type": "string", "description": "Custom domain name of the service.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ServiceDnsEntry:ServiceDnsEntry" }, "description": "DNS name of the service.\n" }, "name": { "type": "string", "description": "Name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.Must be between 3 and 40 characters in length.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of the service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "authType", "dnsEntries", "name", "status", "tagsAll" ], "inputProperties": { "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "certificateArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate.\n" }, "customDomainName": { "type": "string", "description": "Custom domain name of the service.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.Must be between 3 and 40 characters in length.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Service resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the service.\n" }, "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "certificateArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the certificate.\n" }, "customDomainName": { "type": "string", "description": "Custom domain name of the service.\n", "willReplaceOnChanges": true }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ServiceDnsEntry:ServiceDnsEntry" }, "description": "DNS name of the service.\n" }, "name": { "type": "string", "description": "Name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.Must be between 3 and 40 characters in length.\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/serviceNetwork:ServiceNetwork": { "description": "Resource for managing an AWS VPC Lattice Service Network.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ServiceNetwork(\"example\", {\n name: \"example\",\n authType: \"AWS_IAM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ServiceNetwork(\"example\",\n name=\"example\",\n auth_type=\"AWS_IAM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ServiceNetwork(\"example\", new()\n {\n Name = \"example\",\n AuthType = \"AWS_IAM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewServiceNetwork(ctx, \"example\", \u0026vpclattice.ServiceNetworkArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ServiceNetwork;\nimport com.pulumi.aws.vpclattice.ServiceNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceNetwork(\"example\", ServiceNetworkArgs.builder()\n .name(\"example\")\n .authType(\"AWS_IAM\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetwork\n properties:\n name: example\n authType: AWS_IAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Service Network using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/serviceNetwork:ServiceNetwork example sn-0158f91c1e3358dba\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the Service Network.\n" }, "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "name": { "type": "string", "description": "Name of the service network\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "authType", "name", "tagsAll" ], "inputProperties": { "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "name": { "type": "string", "description": "Name of the service network\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering ServiceNetwork resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Service Network.\n" }, "authType": { "type": "string", "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n" }, "name": { "type": "string", "description": "Name of the service network\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/serviceNetworkServiceAssociation:ServiceNetworkServiceAssociation": { "description": "Resource for managing an AWS VPC Lattice Service Network Service Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ServiceNetworkServiceAssociation(\"example\", {\n serviceIdentifier: exampleAwsVpclatticeService.id,\n serviceNetworkIdentifier: exampleAwsVpclatticeServiceNetwork.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ServiceNetworkServiceAssociation(\"example\",\n service_identifier=example_aws_vpclattice_service[\"id\"],\n service_network_identifier=example_aws_vpclattice_service_network[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ServiceNetworkServiceAssociation(\"example\", new()\n {\n ServiceIdentifier = exampleAwsVpclatticeService.Id,\n ServiceNetworkIdentifier = exampleAwsVpclatticeServiceNetwork.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewServiceNetworkServiceAssociation(ctx, \"example\", \u0026vpclattice.ServiceNetworkServiceAssociationArgs{\n\t\t\tServiceIdentifier: pulumi.Any(exampleAwsVpclatticeService.Id),\n\t\t\tServiceNetworkIdentifier: pulumi.Any(exampleAwsVpclatticeServiceNetwork.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ServiceNetworkServiceAssociation;\nimport com.pulumi.aws.vpclattice.ServiceNetworkServiceAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceNetworkServiceAssociation(\"example\", ServiceNetworkServiceAssociationArgs.builder()\n .serviceIdentifier(exampleAwsVpclatticeService.id())\n .serviceNetworkIdentifier(exampleAwsVpclatticeServiceNetwork.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetworkServiceAssociation\n properties:\n serviceIdentifier: ${exampleAwsVpclatticeService.id}\n serviceNetworkIdentifier: ${exampleAwsVpclatticeServiceNetwork.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Service Network Service Association using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/serviceNetworkServiceAssociation:ServiceNetworkServiceAssociation example snsa-05e2474658a88f6ba\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Association.\n" }, "createdBy": { "type": "string", "description": "The account that created the association.\n" }, "customDomainName": { "type": "string", "description": "The custom domain name of the service.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ServiceNetworkServiceAssociationDnsEntry:ServiceNetworkServiceAssociationDnsEntry" }, "description": "The DNS name of the service.\n" }, "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n" }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "The operations status. Valid Values are CREATE_IN_PROGRESS | ACTIVE | DELETE_IN_PROGRESS | CREATE_FAILED | DELETE_FAILED\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "createdBy", "customDomainName", "dnsEntries", "serviceIdentifier", "serviceNetworkIdentifier", "status", "tagsAll" ], "inputProperties": { "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n", "willReplaceOnChanges": true }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "serviceIdentifier", "serviceNetworkIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceNetworkServiceAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Association.\n" }, "createdBy": { "type": "string", "description": "The account that created the association.\n" }, "customDomainName": { "type": "string", "description": "The custom domain name of the service.\n" }, "dnsEntries": { "type": "array", "items": { "$ref": "#/types/aws:vpclattice/ServiceNetworkServiceAssociationDnsEntry:ServiceNetworkServiceAssociationDnsEntry" }, "description": "The DNS name of the service.\n" }, "serviceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service.\n", "willReplaceOnChanges": true }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The operations status. Valid Values are CREATE_IN_PROGRESS | ACTIVE | DELETE_IN_PROGRESS | CREATE_FAILED | DELETE_FAILED\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:vpclattice/serviceNetworkVpcAssociation:ServiceNetworkVpcAssociation": { "description": "Resource for managing an AWS VPC Lattice Service Network VPC Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ServiceNetworkVpcAssociation(\"example\", {\n vpcIdentifier: exampleAwsVpc.id,\n serviceNetworkIdentifier: exampleAwsVpclatticeServiceNetwork.id,\n securityGroupIds: [exampleAwsSecurityGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ServiceNetworkVpcAssociation(\"example\",\n vpc_identifier=example_aws_vpc[\"id\"],\n service_network_identifier=example_aws_vpclattice_service_network[\"id\"],\n security_group_ids=[example_aws_security_group[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ServiceNetworkVpcAssociation(\"example\", new()\n {\n VpcIdentifier = exampleAwsVpc.Id,\n ServiceNetworkIdentifier = exampleAwsVpclatticeServiceNetwork.Id,\n SecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewServiceNetworkVpcAssociation(ctx, \"example\", \u0026vpclattice.ServiceNetworkVpcAssociationArgs{\n\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tServiceNetworkIdentifier: pulumi.Any(exampleAwsVpclatticeServiceNetwork.Id),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ServiceNetworkVpcAssociation;\nimport com.pulumi.aws.vpclattice.ServiceNetworkVpcAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServiceNetworkVpcAssociation(\"example\", ServiceNetworkVpcAssociationArgs.builder()\n .vpcIdentifier(exampleAwsVpc.id())\n .serviceNetworkIdentifier(exampleAwsVpclatticeServiceNetwork.id())\n .securityGroupIds(exampleAwsSecurityGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetworkVpcAssociation\n properties:\n vpcIdentifier: ${exampleAwsVpc.id}\n serviceNetworkIdentifier: ${exampleAwsVpclatticeServiceNetwork.id}\n securityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Service Network VPC Association using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/serviceNetworkVpcAssociation:ServiceNetworkVpcAssociation example snsa-05e2474658a88f6ba\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Association.\n" }, "createdBy": { "type": "string", "description": "The account that created the association.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the security groups.\n" }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "The operations status. Valid Values are CREATE_IN_PROGRESS | ACTIVE | DELETE_IN_PROGRESS | CREATE_FAILED | DELETE_FAILED\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcIdentifier": { "type": "string", "description": "The ID of the VPC.\n" } }, "required": [ "arn", "createdBy", "serviceNetworkIdentifier", "status", "tagsAll", "vpcIdentifier" ], "inputProperties": { "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the security groups.\n" }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "vpcIdentifier": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "serviceNetworkIdentifier", "vpcIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering ServiceNetworkVpcAssociation resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Association.\n" }, "createdBy": { "type": "string", "description": "The account that created the association.\n" }, "securityGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the security groups.\n" }, "serviceNetworkIdentifier": { "type": "string", "description": "The ID or Amazon Resource Identifier (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.\nThe following arguments are optional:\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "The operations status. Valid Values are CREATE_IN_PROGRESS | ACTIVE | DELETE_IN_PROGRESS | CREATE_FAILED | DELETE_FAILED\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "vpcIdentifier": { "type": "string", "description": "The ID of the VPC.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:vpclattice/targetGroup:TargetGroup": { "description": "Resource for managing an AWS VPC Lattice Target Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example\",\n type: \"INSTANCE\",\n config: {\n vpcIdentifier: exampleAwsVpc.id,\n port: 443,\n protocol: \"HTTPS\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.TargetGroup(\"example\",\n name=\"example\",\n type=\"INSTANCE\",\n config={\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n \"port\": 443,\n \"protocol\": \"HTTPS\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n VpcIdentifier = exampleAwsVpc.Id,\n Port = 443,\n Protocol = \"HTTPS\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TargetGroup(\"example\", TargetGroupArgs.builder()\n .name(\"example\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .vpcIdentifier(exampleAwsVpc.id())\n .port(443)\n .protocol(\"HTTPS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example\n type: INSTANCE\n config:\n vpcIdentifier: ${exampleAwsVpc.id}\n port: 443\n protocol: HTTPS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Basic usage with Health check\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example\",\n type: \"IP\",\n config: {\n vpcIdentifier: exampleAwsVpc.id,\n ipAddressType: \"IPV4\",\n port: 443,\n protocol: \"HTTPS\",\n protocolVersion: \"HTTP1\",\n healthCheck: {\n enabled: true,\n healthCheckIntervalSeconds: 20,\n healthCheckTimeoutSeconds: 10,\n healthyThresholdCount: 7,\n unhealthyThresholdCount: 3,\n matcher: {\n value: \"200-299\",\n },\n path: \"/instance\",\n port: 80,\n protocol: \"HTTP\",\n protocolVersion: \"HTTP1\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.TargetGroup(\"example\",\n name=\"example\",\n type=\"IP\",\n config={\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n \"ip_address_type\": \"IPV4\",\n \"port\": 443,\n \"protocol\": \"HTTPS\",\n \"protocol_version\": \"HTTP1\",\n \"health_check\": {\n \"enabled\": True,\n \"health_check_interval_seconds\": 20,\n \"health_check_timeout_seconds\": 10,\n \"healthy_threshold_count\": 7,\n \"unhealthy_threshold_count\": 3,\n \"matcher\": {\n \"value\": \"200-299\",\n },\n \"path\": \"/instance\",\n \"port\": 80,\n \"protocol\": \"HTTP\",\n \"protocol_version\": \"HTTP1\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"IP\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n VpcIdentifier = exampleAwsVpc.Id,\n IpAddressType = \"IPV4\",\n Port = 443,\n Protocol = \"HTTPS\",\n ProtocolVersion = \"HTTP1\",\n HealthCheck = new Aws.VpcLattice.Inputs.TargetGroupConfigHealthCheckArgs\n {\n Enabled = true,\n HealthCheckIntervalSeconds = 20,\n HealthCheckTimeoutSeconds = 10,\n HealthyThresholdCount = 7,\n UnhealthyThresholdCount = 3,\n Matcher = new Aws.VpcLattice.Inputs.TargetGroupConfigHealthCheckMatcherArgs\n {\n Value = \"200-299\",\n },\n Path = \"/instance\",\n Port = 80,\n Protocol = \"HTTP\",\n ProtocolVersion = \"HTTP1\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"IP\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\tProtocolVersion: pulumi.String(\"HTTP1\"),\n\t\t\t\tHealthCheck: \u0026vpclattice.TargetGroupConfigHealthCheckArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tHealthCheckIntervalSeconds: pulumi.Int(20),\n\t\t\t\t\tHealthCheckTimeoutSeconds: pulumi.Int(10),\n\t\t\t\t\tHealthyThresholdCount: pulumi.Int(7),\n\t\t\t\t\tUnhealthyThresholdCount: pulumi.Int(3),\n\t\t\t\t\tMatcher: \u0026vpclattice.TargetGroupConfigHealthCheckMatcherArgs{\n\t\t\t\t\t\tValue: pulumi.String(\"200-299\"),\n\t\t\t\t\t},\n\t\t\t\t\tPath: pulumi.String(\"/instance\"),\n\t\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\t\tProtocolVersion: pulumi.String(\"HTTP1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigHealthCheckArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigHealthCheckMatcherArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TargetGroup(\"example\", TargetGroupArgs.builder()\n .name(\"example\")\n .type(\"IP\")\n .config(TargetGroupConfigArgs.builder()\n .vpcIdentifier(exampleAwsVpc.id())\n .ipAddressType(\"IPV4\")\n .port(443)\n .protocol(\"HTTPS\")\n .protocolVersion(\"HTTP1\")\n .healthCheck(TargetGroupConfigHealthCheckArgs.builder()\n .enabled(true)\n .healthCheckIntervalSeconds(20)\n .healthCheckTimeoutSeconds(10)\n .healthyThresholdCount(7)\n .unhealthyThresholdCount(3)\n .matcher(TargetGroupConfigHealthCheckMatcherArgs.builder()\n .value(\"200-299\")\n .build())\n .path(\"/instance\")\n .port(80)\n .protocol(\"HTTP\")\n .protocolVersion(\"HTTP1\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example\n type: IP\n config:\n vpcIdentifier: ${exampleAwsVpc.id}\n ipAddressType: IPV4\n port: 443\n protocol: HTTPS\n protocolVersion: HTTP1\n healthCheck:\n enabled: true\n healthCheckIntervalSeconds: 20\n healthCheckTimeoutSeconds: 10\n healthyThresholdCount: 7\n unhealthyThresholdCount: 3\n matcher:\n value: 200-299\n path: /instance\n port: 80\n protocol: HTTP\n protocolVersion: HTTP1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ALB\n\nIf the type is ALB, `health_check` block is not supported.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example\",\n type: \"ALB\",\n config: {\n vpcIdentifier: exampleAwsVpc.id,\n port: 443,\n protocol: \"HTTPS\",\n protocolVersion: \"HTTP1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.TargetGroup(\"example\",\n name=\"example\",\n type=\"ALB\",\n config={\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n \"port\": 443,\n \"protocol\": \"HTTPS\",\n \"protocol_version\": \"HTTP1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"ALB\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n VpcIdentifier = exampleAwsVpc.Id,\n Port = 443,\n Protocol = \"HTTPS\",\n ProtocolVersion = \"HTTP1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"ALB\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\tProtocolVersion: pulumi.String(\"HTTP1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TargetGroup(\"example\", TargetGroupArgs.builder()\n .name(\"example\")\n .type(\"ALB\")\n .config(TargetGroupConfigArgs.builder()\n .vpcIdentifier(exampleAwsVpc.id())\n .port(443)\n .protocol(\"HTTPS\")\n .protocolVersion(\"HTTP1\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example\n type: ALB\n config:\n vpcIdentifier: ${exampleAwsVpc.id}\n port: 443\n protocol: HTTPS\n protocolVersion: HTTP1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda\n\nIf the type is Lambda, `config` block is not supported.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example\",\n type: \"LAMBDA\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.TargetGroup(\"example\",\n name=\"example\",\n type=\"LAMBDA\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"LAMBDA\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"LAMBDA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TargetGroup(\"example\", TargetGroupArgs.builder()\n .name(\"example\")\n .type(\"LAMBDA\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example\n type: LAMBDA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Target Group using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/targetGroup:TargetGroup example tg-0c11d4dc16ed96bdb\n```\n", "properties": { "arn": { "type": "string", "description": "ARN of the target group.\n" }, "config": { "$ref": "#/types/aws:vpclattice/TargetGroupConfig:TargetGroupConfig", "description": "The target group configuration.\n" }, "name": { "type": "string", "description": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n" }, "status": { "type": "string", "description": "Status of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of target group. Valid Values are `IP` | `LAMBDA` | `INSTANCE` | `ALB`\n\nThe following arguments are optional:\n" } }, "required": [ "arn", "name", "status", "tagsAll", "type" ], "inputProperties": { "config": { "$ref": "#/types/aws:vpclattice/TargetGroupConfig:TargetGroupConfig", "description": "The target group configuration.\n" }, "name": { "type": "string", "description": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "type": { "type": "string", "description": "The type of target group. Valid Values are `IP` | `LAMBDA` | `INSTANCE` | `ALB`\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroup resources.\n", "properties": { "arn": { "type": "string", "description": "ARN of the target group.\n" }, "config": { "$ref": "#/types/aws:vpclattice/TargetGroupConfig:TargetGroupConfig", "description": "The target group configuration.\n" }, "name": { "type": "string", "description": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n", "willReplaceOnChanges": true }, "status": { "type": "string", "description": "Status of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "type": { "type": "string", "description": "The type of target group. Valid Values are `IP` | `LAMBDA` | `INSTANCE` | `ALB`\n\nThe following arguments are optional:\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:vpclattice/targetGroupAttachment:TargetGroupAttachment": { "description": "Provides the ability to register a target with an AWS VPC Lattice Target Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.TargetGroupAttachment(\"example\", {\n targetGroupIdentifier: exampleAwsVpclatticeTargetGroup.id,\n target: {\n id: exampleAwsLb.arn,\n port: 80,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.TargetGroupAttachment(\"example\",\n target_group_identifier=example_aws_vpclattice_target_group[\"id\"],\n target={\n \"id\": example_aws_lb[\"arn\"],\n \"port\": 80,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.TargetGroupAttachment(\"example\", new()\n {\n TargetGroupIdentifier = exampleAwsVpclatticeTargetGroup.Id,\n Target = new Aws.VpcLattice.Inputs.TargetGroupAttachmentTargetArgs\n {\n Id = exampleAwsLb.Arn,\n Port = 80,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewTargetGroupAttachment(ctx, \"example\", \u0026vpclattice.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupIdentifier: pulumi.Any(exampleAwsVpclatticeTargetGroup.Id),\n\t\t\tTarget: \u0026vpclattice.TargetGroupAttachmentTargetArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLb.Arn),\n\t\t\t\tPort: pulumi.Int(80),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.TargetGroupAttachment;\nimport com.pulumi.aws.vpclattice.TargetGroupAttachmentArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupAttachmentTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TargetGroupAttachment(\"example\", TargetGroupAttachmentArgs.builder()\n .targetGroupIdentifier(exampleAwsVpclatticeTargetGroup.id())\n .target(TargetGroupAttachmentTargetArgs.builder()\n .id(exampleAwsLb.arn())\n .port(80)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:TargetGroupAttachment\n properties:\n targetGroupIdentifier: ${exampleAwsVpclatticeTargetGroup.id}\n target:\n id: ${exampleAwsLb.arn}\n port: 80\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "target": { "$ref": "#/types/aws:vpclattice/TargetGroupAttachmentTarget:TargetGroupAttachmentTarget", "description": "The target.\n" }, "targetGroupIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the target group.\n" } }, "required": [ "target", "targetGroupIdentifier" ], "inputProperties": { "target": { "$ref": "#/types/aws:vpclattice/TargetGroupAttachmentTarget:TargetGroupAttachmentTarget", "description": "The target.\n", "willReplaceOnChanges": true }, "targetGroupIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the target group.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "target", "targetGroupIdentifier" ], "stateInputs": { "description": "Input properties used for looking up and filtering TargetGroupAttachment resources.\n", "properties": { "target": { "$ref": "#/types/aws:vpclattice/TargetGroupAttachmentTarget:TargetGroupAttachmentTarget", "description": "The target.\n", "willReplaceOnChanges": true }, "targetGroupIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the target group.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:waf/byteMatchSet:ByteMatchSet": { "description": "Provides a WAF Byte Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byteSet = new aws.waf.ByteMatchSet(\"byte_set\", {\n name: \"my_waf_byte_match_set\",\n byteMatchTuples: [{\n textTransformation: \"NONE\",\n targetString: \"badrefer1\",\n positionalConstraint: \"CONTAINS\",\n fieldToMatch: {\n type: \"HEADER\",\n data: \"referer\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyte_set = aws.waf.ByteMatchSet(\"byte_set\",\n name=\"my_waf_byte_match_set\",\n byte_match_tuples=[{\n \"text_transformation\": \"NONE\",\n \"target_string\": \"badrefer1\",\n \"positional_constraint\": \"CONTAINS\",\n \"field_to_match\": {\n \"type\": \"HEADER\",\n \"data\": \"referer\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byteSet = new Aws.Waf.ByteMatchSet(\"byte_set\", new()\n {\n Name = \"my_waf_byte_match_set\",\n ByteMatchTuples = new[]\n {\n new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n TargetString = \"badrefer1\",\n PositionalConstraint = \"CONTAINS\",\n FieldToMatch = new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs\n {\n Type = \"HEADER\",\n Data = \"referer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewByteMatchSet(ctx, \"byte_set\", \u0026waf.ByteMatchSetArgs{\n\t\t\tName: pulumi.String(\"my_waf_byte_match_set\"),\n\t\t\tByteMatchTuples: waf.ByteMatchSetByteMatchTupleArray{\n\t\t\t\t\u0026waf.ByteMatchSetByteMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tTargetString: pulumi.String(\"badrefer1\"),\n\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\tFieldToMatch: \u0026waf.ByteMatchSetByteMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.ByteMatchSet;\nimport com.pulumi.aws.waf.ByteMatchSetArgs;\nimport com.pulumi.aws.waf.inputs.ByteMatchSetByteMatchTupleArgs;\nimport com.pulumi.aws.waf.inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var byteSet = new ByteMatchSet(\"byteSet\", ByteMatchSetArgs.builder()\n .name(\"my_waf_byte_match_set\")\n .byteMatchTuples(ByteMatchSetByteMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .targetString(\"badrefer1\")\n .positionalConstraint(\"CONTAINS\")\n .fieldToMatch(ByteMatchSetByteMatchTupleFieldToMatchArgs.builder()\n .type(\"HEADER\")\n .data(\"referer\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n byteSet:\n type: aws:waf:ByteMatchSet\n name: byte_set\n properties:\n name: my_waf_byte_match_set\n byteMatchTuples:\n - textTransformation: NONE\n targetString: badrefer1\n positionalConstraint: CONTAINS\n fieldToMatch:\n type: HEADER\n data: referer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Byte Match Set using the id. For example:\n\n```sh\n$ pulumi import aws:waf/byteMatchSet:ByteMatchSet byte_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n" } }, "required": [ "name" ], "inputProperties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering ByteMatchSet resources.\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Specifies the bytes (typically a string that corresponds\nwith ASCII characters) that you want to search for in web requests,\nthe location in requests that you want to search, and other settings.\n" }, "name": { "type": "string", "description": "The name or description of the Byte Match Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:waf/geoMatchSet:GeoMatchSet": { "description": "Provides a WAF Geo Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst geoMatchSet = new aws.waf.GeoMatchSet(\"geo_match_set\", {\n name: \"geo_match_set\",\n geoMatchConstraints: [\n {\n type: \"Country\",\n value: \"US\",\n },\n {\n type: \"Country\",\n value: \"CA\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngeo_match_set = aws.waf.GeoMatchSet(\"geo_match_set\",\n name=\"geo_match_set\",\n geo_match_constraints=[\n {\n \"type\": \"Country\",\n \"value\": \"US\",\n },\n {\n \"type\": \"Country\",\n \"value\": \"CA\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var geoMatchSet = new Aws.Waf.GeoMatchSet(\"geo_match_set\", new()\n {\n Name = \"geo_match_set\",\n GeoMatchConstraints = new[]\n {\n new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"US\",\n },\n new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"CA\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewGeoMatchSet(ctx, \"geo_match_set\", \u0026waf.GeoMatchSetArgs{\n\t\t\tName: pulumi.String(\"geo_match_set\"),\n\t\t\tGeoMatchConstraints: waf.GeoMatchSetGeoMatchConstraintArray{\n\t\t\t\t\u0026waf.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"CA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.GeoMatchSet;\nimport com.pulumi.aws.waf.GeoMatchSetArgs;\nimport com.pulumi.aws.waf.inputs.GeoMatchSetGeoMatchConstraintArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var geoMatchSet = new GeoMatchSet(\"geoMatchSet\", GeoMatchSetArgs.builder()\n .name(\"geo_match_set\")\n .geoMatchConstraints( \n GeoMatchSetGeoMatchConstraintArgs.builder()\n .type(\"Country\")\n .value(\"US\")\n .build(),\n GeoMatchSetGeoMatchConstraintArgs.builder()\n .type(\"Country\")\n .value(\"CA\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n geoMatchSet:\n type: aws:waf:GeoMatchSet\n name: geo_match_set\n properties:\n name: geo_match_set\n geoMatchConstraints:\n - type: Country\n value: US\n - type: Country\n value: CA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Geo Match Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/geoMatchSet:GeoMatchSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering GeoMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The GeoMatchConstraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the GeoMatchSet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:waf/ipSet:IpSet": { "description": "Provides a WAF IPSet Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [\n {\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n },\n {\n type: \"IPV4\",\n value: \"10.16.16.0/16\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[\n {\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n },\n {\n \"type\": \"IPV4\",\n \"value\": \"10.16.16.0/16\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"10.16.16.0/16\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"10.16.16.0/16\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors( \n IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build(),\n IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"10.16.16.0/16\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n - type: IPV4\n value: 10.16.16.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF IPSets using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/ipSet:IpSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:waf/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:waf/rateBasedRule:RateBasedRule": { "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.waf.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRateBasedRule(ctx, \"wafrule\", \u0026waf.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: waf.RateBasedRulePredicateArray{\n\t\t\t\t\u0026waf.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.RateBasedRule;\nimport com.pulumi.aws.waf.RateBasedRuleArgs;\nimport com.pulumi.aws.waf.inputs.RateBasedRulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Rated Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "rateKey", "rateLimit", "tagsAll" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName", "rateKey", "rateLimit" ], "stateInputs": { "description": "Input properties used for looking up and filtering RateBasedRule resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:waf/regexMatchSet:RegexMatchSet": { "description": "Provides a WAF Regex Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRegexPatternSet = new aws.waf.RegexPatternSet(\"example\", {\n name: \"example\",\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\nconst example = new aws.waf.RegexMatchSet(\"example\", {\n name: \"example\",\n regexMatchTuples: [{\n fieldToMatch: {\n data: \"User-Agent\",\n type: \"HEADER\",\n },\n regexPatternSetId: exampleRegexPatternSet.id,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_regex_pattern_set = aws.waf.RegexPatternSet(\"example\",\n name=\"example\",\n regex_pattern_strings=[\n \"one\",\n \"two\",\n ])\nexample = aws.waf.RegexMatchSet(\"example\",\n name=\"example\",\n regex_match_tuples=[{\n \"field_to_match\": {\n \"data\": \"User-Agent\",\n \"type\": \"HEADER\",\n },\n \"regex_pattern_set_id\": example_regex_pattern_set.id,\n \"text_transformation\": \"NONE\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRegexPatternSet = new Aws.Waf.RegexPatternSet(\"example\", new()\n {\n Name = \"example\",\n RegexPatternStrings = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n var example = new Aws.Waf.RegexMatchSet(\"example\", new()\n {\n Name = \"example\",\n RegexMatchTuples = new[]\n {\n new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleArgs\n {\n FieldToMatch = new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs\n {\n Data = \"User-Agent\",\n Type = \"HEADER\",\n },\n RegexPatternSetId = exampleRegexPatternSet.Id,\n TextTransformation = \"NONE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRegexPatternSet, err := waf.NewRegexPatternSet(ctx, \"example\", \u0026waf.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRegexMatchSet(ctx, \"example\", \u0026waf.RegexMatchSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRegexMatchTuples: waf.RegexMatchSetRegexMatchTupleArray{\n\t\t\t\t\u0026waf.RegexMatchSetRegexMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026waf.RegexMatchSetRegexMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"User-Agent\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tRegexPatternSetId: exampleRegexPatternSet.ID(),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.RegexPatternSet;\nimport com.pulumi.aws.waf.RegexPatternSetArgs;\nimport com.pulumi.aws.waf.RegexMatchSet;\nimport com.pulumi.aws.waf.RegexMatchSetArgs;\nimport com.pulumi.aws.waf.inputs.RegexMatchSetRegexMatchTupleArgs;\nimport com.pulumi.aws.waf.inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRegexPatternSet = new RegexPatternSet(\"exampleRegexPatternSet\", RegexPatternSetArgs.builder()\n .name(\"example\")\n .regexPatternStrings( \n \"one\",\n \"two\")\n .build());\n\n var example = new RegexMatchSet(\"example\", RegexMatchSetArgs.builder()\n .name(\"example\")\n .regexMatchTuples(RegexMatchSetRegexMatchTupleArgs.builder()\n .fieldToMatch(RegexMatchSetRegexMatchTupleFieldToMatchArgs.builder()\n .data(\"User-Agent\")\n .type(\"HEADER\")\n .build())\n .regexPatternSetId(exampleRegexPatternSet.id())\n .textTransformation(\"NONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:RegexMatchSet\n properties:\n name: example\n regexMatchTuples:\n - fieldToMatch:\n data: User-Agent\n type: HEADER\n regexPatternSetId: ${exampleRegexPatternSet.id}\n textTransformation: NONE\n exampleRegexPatternSet:\n type: aws:waf:RegexPatternSet\n name: example\n properties:\n name: example\n regexPatternStrings:\n - one\n - two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regex Match Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/regexMatchSet:RegexMatchSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n", "willReplaceOnChanges": true }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n", "willReplaceOnChanges": true }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "type": "object" } }, "aws:waf/regexPatternSet:RegexPatternSet": { "description": "Provides a WAF Regex Pattern Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.RegexPatternSet(\"example\", {\n name: \"my_waf_regex_pattern_set\",\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.RegexPatternSet(\"example\",\n name=\"my_waf_regex_pattern_set\",\n regex_pattern_strings=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Waf.RegexPatternSet(\"example\", new()\n {\n Name = \"my_waf_regex_pattern_set\",\n RegexPatternStrings = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewRegexPatternSet(ctx, \"example\", \u0026waf.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"my_waf_regex_pattern_set\"),\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.RegexPatternSet;\nimport com.pulumi.aws.waf.RegexPatternSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RegexPatternSet(\"example\", RegexPatternSetArgs.builder()\n .name(\"my_waf_regex_pattern_set\")\n .regexPatternStrings( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:RegexPatternSet\n properties:\n name: my_waf_regex_pattern_set\n regexPatternStrings:\n - one\n - two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS WAF Regex Pattern Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/regexPatternSet:RegexPatternSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n", "willReplaceOnChanges": true }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n", "willReplaceOnChanges": true }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "type": "object" } }, "aws:waf/rule:Rule": { "description": "Provides a WAF Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF rules using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rule:Rule example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "tagsAll" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:waf/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:waf/ruleGroup:RuleGroup": { "description": "Provides a WAF Rule Group Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.Rule(\"example\", {\n name: \"example\",\n metricName: \"example\",\n});\nconst exampleRuleGroup = new aws.waf.RuleGroup(\"example\", {\n name: \"example\",\n metricName: \"example\",\n activatedRules: [{\n action: {\n type: \"COUNT\",\n },\n priority: 50,\n ruleId: example.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.Rule(\"example\",\n name=\"example\",\n metric_name=\"example\")\nexample_rule_group = aws.waf.RuleGroup(\"example\",\n name=\"example\",\n metric_name=\"example\",\n activated_rules=[{\n \"action\": {\n \"type\": \"COUNT\",\n },\n \"priority\": 50,\n \"rule_id\": example.id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Waf.Rule(\"example\", new()\n {\n Name = \"example\",\n MetricName = \"example\",\n });\n\n var exampleRuleGroup = new Aws.Waf.RuleGroup(\"example\", new()\n {\n Name = \"example\",\n MetricName = \"example\",\n ActivatedRules = new[]\n {\n new Aws.Waf.Inputs.RuleGroupActivatedRuleArgs\n {\n Action = new Aws.Waf.Inputs.RuleGroupActivatedRuleActionArgs\n {\n Type = \"COUNT\",\n },\n Priority = 50,\n RuleId = example.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := waf.NewRule(ctx, \"example\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRuleGroup(ctx, \"example\", \u0026waf.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t\tActivatedRules: waf.RuleGroupActivatedRuleArray{\n\t\t\t\t\u0026waf.RuleGroupActivatedRuleArgs{\n\t\t\t\t\tAction: \u0026waf.RuleGroupActivatedRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"COUNT\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(50),\n\t\t\t\t\tRuleId: example.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.RuleGroup;\nimport com.pulumi.aws.waf.RuleGroupArgs;\nimport com.pulumi.aws.waf.inputs.RuleGroupActivatedRuleArgs;\nimport com.pulumi.aws.waf.inputs.RuleGroupActivatedRuleActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .name(\"example\")\n .metricName(\"example\")\n .build());\n\n var exampleRuleGroup = new RuleGroup(\"exampleRuleGroup\", RuleGroupArgs.builder()\n .name(\"example\")\n .metricName(\"example\")\n .activatedRules(RuleGroupActivatedRuleArgs.builder()\n .action(RuleGroupActivatedRuleActionArgs.builder()\n .type(\"COUNT\")\n .build())\n .priority(50)\n .ruleId(example.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:Rule\n properties:\n name: example\n metricName: example\n exampleRuleGroup:\n type: aws:waf:RuleGroup\n name: example\n properties:\n name: example\n metricName: example\n activatedRules:\n - action:\n type: COUNT\n priority: 50\n ruleId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Rule Group using the id. For example:\n\n```sh\n$ pulumi import aws:waf/ruleGroup:RuleGroup example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "Name of the rule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "tagsAll" ], "inputProperties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the rule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:waf/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "Name of the rule group. If omitted, the provider will assign a random, unique name. Conflicts with `name_prefix`.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:waf/sizeConstraintSet:SizeConstraintSet": { "description": "Use the `aws.waf.SizeConstraintSet` resource to manage WAF size constraint sets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sizeConstraintSet = new aws.waf.SizeConstraintSet(\"size_constraint_set\", {\n name: \"tfsize_constraints\",\n sizeConstraints: [{\n textTransformation: \"NONE\",\n comparisonOperator: \"EQ\",\n size: 4096,\n fieldToMatch: {\n type: \"BODY\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsize_constraint_set = aws.waf.SizeConstraintSet(\"size_constraint_set\",\n name=\"tfsize_constraints\",\n size_constraints=[{\n \"text_transformation\": \"NONE\",\n \"comparison_operator\": \"EQ\",\n \"size\": 4096,\n \"field_to_match\": {\n \"type\": \"BODY\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sizeConstraintSet = new Aws.Waf.SizeConstraintSet(\"size_constraint_set\", new()\n {\n Name = \"tfsize_constraints\",\n SizeConstraints = new[]\n {\n new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintArgs\n {\n TextTransformation = \"NONE\",\n ComparisonOperator = \"EQ\",\n Size = 4096,\n FieldToMatch = new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs\n {\n Type = \"BODY\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewSizeConstraintSet(ctx, \"size_constraint_set\", \u0026waf.SizeConstraintSetArgs{\n\t\t\tName: pulumi.String(\"tfsize_constraints\"),\n\t\t\tSizeConstraints: waf.SizeConstraintSetSizeConstraintArray{\n\t\t\t\t\u0026waf.SizeConstraintSetSizeConstraintArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tComparisonOperator: pulumi.String(\"EQ\"),\n\t\t\t\t\tSize: pulumi.Int(4096),\n\t\t\t\t\tFieldToMatch: \u0026waf.SizeConstraintSetSizeConstraintFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BODY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.SizeConstraintSet;\nimport com.pulumi.aws.waf.SizeConstraintSetArgs;\nimport com.pulumi.aws.waf.inputs.SizeConstraintSetSizeConstraintArgs;\nimport com.pulumi.aws.waf.inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sizeConstraintSet = new SizeConstraintSet(\"sizeConstraintSet\", SizeConstraintSetArgs.builder()\n .name(\"tfsize_constraints\")\n .sizeConstraints(SizeConstraintSetSizeConstraintArgs.builder()\n .textTransformation(\"NONE\")\n .comparisonOperator(\"EQ\")\n .size(\"4096\")\n .fieldToMatch(SizeConstraintSetSizeConstraintFieldToMatchArgs.builder()\n .type(\"BODY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sizeConstraintSet:\n type: aws:waf:SizeConstraintSet\n name: size_constraint_set\n properties:\n name: tfsize_constraints\n sizeConstraints:\n - textTransformation: NONE\n comparisonOperator: EQ\n size: '4096'\n fieldToMatch:\n type: BODY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS WAF Size Constraint Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/sizeConstraintSet:SizeConstraintSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN).\n" }, "name": { "type": "string", "description": "Name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Parts of web requests that you want to inspect the size of.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "Name or description of the Size Constraint Set.\n", "willReplaceOnChanges": true }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Parts of web requests that you want to inspect the size of.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SizeConstraintSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN).\n" }, "name": { "type": "string", "description": "Name or description of the Size Constraint Set.\n", "willReplaceOnChanges": true }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:waf/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Parts of web requests that you want to inspect the size of.\n" } }, "type": "object" } }, "aws:waf/sqlInjectionMatchSet:SqlInjectionMatchSet": { "description": "Provides a WAF SQL Injection Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sqlInjectionMatchSet = new aws.waf.SqlInjectionMatchSet(\"sql_injection_match_set\", {\n name: \"tf-sql_injection_match_set\",\n sqlInjectionMatchTuples: [{\n textTransformation: \"URL_DECODE\",\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsql_injection_match_set = aws.waf.SqlInjectionMatchSet(\"sql_injection_match_set\",\n name=\"tf-sql_injection_match_set\",\n sql_injection_match_tuples=[{\n \"text_transformation\": \"URL_DECODE\",\n \"field_to_match\": {\n \"type\": \"QUERY_STRING\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sqlInjectionMatchSet = new Aws.Waf.SqlInjectionMatchSet(\"sql_injection_match_set\", new()\n {\n Name = \"tf-sql_injection_match_set\",\n SqlInjectionMatchTuples = new[]\n {\n new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs\n {\n TextTransformation = \"URL_DECODE\",\n FieldToMatch = new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewSqlInjectionMatchSet(ctx, \"sql_injection_match_set\", \u0026waf.SqlInjectionMatchSetArgs{\n\t\t\tName: pulumi.String(\"tf-sql_injection_match_set\"),\n\t\t\tSqlInjectionMatchTuples: waf.SqlInjectionMatchSetSqlInjectionMatchTupleArray{\n\t\t\t\t\u0026waf.SqlInjectionMatchSetSqlInjectionMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t\tFieldToMatch: \u0026waf.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.SqlInjectionMatchSet;\nimport com.pulumi.aws.waf.SqlInjectionMatchSetArgs;\nimport com.pulumi.aws.waf.inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs;\nimport com.pulumi.aws.waf.inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sqlInjectionMatchSet = new SqlInjectionMatchSet(\"sqlInjectionMatchSet\", SqlInjectionMatchSetArgs.builder()\n .name(\"tf-sql_injection_match_set\")\n .sqlInjectionMatchTuples(SqlInjectionMatchSetSqlInjectionMatchTupleArgs.builder()\n .textTransformation(\"URL_DECODE\")\n .fieldToMatch(SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs.builder()\n .type(\"QUERY_STRING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sqlInjectionMatchSet:\n type: aws:waf:SqlInjectionMatchSet\n name: sql_injection_match_set\n properties:\n name: tf-sql_injection_match_set\n sqlInjectionMatchTuples:\n - textTransformation: URL_DECODE\n fieldToMatch:\n type: QUERY_STRING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS WAF SQL Injection Match Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/sqlInjectionMatchSet:SqlInjectionMatchSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n", "willReplaceOnChanges": true }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SqlInjectionMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the SQL Injection Match Set.\n", "willReplaceOnChanges": true }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "type": "object" } }, "aws:waf/webAcl:WebAcl": { "description": "Provides a WAF Web ACL Resource\n\n## Example Usage\n\nThis example blocks requests coming from `192.0.7.0/24` and allows everything else.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\nconst wafAcl = new aws.waf.WebAcl(\"waf_acl\", {\n name: \"tfWebACL\",\n metricName: \"tfWebACL\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n}, {\n dependsOn: [\n ipset,\n wafrule,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[ipset]))\nwaf_acl = aws.waf.WebAcl(\"waf_acl\",\n name=\"tfWebACL\",\n metric_name=\"tfWebACL\",\n default_action={\n \"type\": \"ALLOW\",\n },\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": wafrule.id,\n \"type\": \"REGULAR\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[\n ipset,\n wafrule,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset,\n },\n });\n\n var wafAcl = new Aws.Waf.WebAcl(\"waf_acl\", new()\n {\n Name = \"tfWebACL\",\n MetricName = \"tfWebACL\",\n DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Action = new Aws.Waf.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset,\n wafrule,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewWebAcl(ctx, \"waf_acl\", \u0026waf.WebAclArgs{\n\t\t\tName: pulumi.String(\"tfWebACL\"),\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tDefaultAction: \u0026waf.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: waf.WebAclRuleArray{\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026waf.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t\twafrule,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleActionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n var wafAcl = new WebAcl(\"wafAcl\", WebAclArgs.builder()\n .name(\"tfWebACL\")\n .metricName(\"tfWebACL\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .action(WebAclRuleActionArgs.builder()\n .type(\"BLOCK\")\n .build())\n .priority(1)\n .ruleId(wafrule.id())\n .type(\"REGULAR\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n ipset,\n wafrule)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n wafAcl:\n type: aws:waf:WebAcl\n name: waf_acl\n properties:\n name: tfWebACL\n metricName: tfWebACL\n defaultAction:\n type: ALLOW\n rules:\n - action:\n type: BLOCK\n priority: 1\n ruleId: ${wafrule.id}\n type: REGULAR\n options:\n dependson:\n - ${ipset}\n - ${wafrule}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-` and be located in `us-east-1` region. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.WebAcl(\"example\", {loggingConfiguration: {\n logDestination: exampleAwsKinesisFirehoseDeliveryStream.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.WebAcl(\"example\", logging_configuration={\n \"log_destination\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n \"redacted_fields\": {\n \"field_to_matches\": [\n {\n \"type\": \"URI\",\n },\n {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n ],\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Waf.WebAcl(\"example\", new()\n {\n LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatches = new[]\n {\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Type = \"URI\",\n },\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewWebAcl(ctx, \"example\", \u0026waf.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026waf.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\tRedactedFields: \u0026waf.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatches: waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArray{\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationRedactedFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAcl(\"example\", WebAclArgs.builder()\n .loggingConfiguration(WebAclLoggingConfigurationArgs.builder()\n .logDestination(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .redactedFields(WebAclLoggingConfigurationRedactedFieldsArgs.builder()\n .fieldToMatches( \n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .type(\"URI\")\n .build(),\n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .data(\"referer\")\n .type(\"HEADER\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:WebAcl\n properties:\n loggingConfiguration:\n logDestination: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n redactedFields:\n fieldToMatches:\n - type: URI\n - data: referer\n type: HEADER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Web ACL using the `id`. For example:\n\n```sh\n$ pulumi import aws:waf/webAcl:WebAcl main 0c8e583e-18f3-4c13-9e2a-67c4805d2f94\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultAction", "metricName", "name", "tagsAll" ], "inputProperties": { "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the web ACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultAction", "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAcl resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:waf/WebAclDefaultAction:WebAclDefaultAction", "description": "Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:waf/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the web ACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:waf/WebAclRule:WebAclRule" }, "description": "Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:waf/xssMatchSet:XssMatchSet": { "description": "Provides a WAF XSS Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xssMatchSet = new aws.waf.XssMatchSet(\"xss_match_set\", {\n name: \"xss_match_set\",\n xssMatchTuples: [\n {\n textTransformation: \"NONE\",\n fieldToMatch: {\n type: \"URI\",\n },\n },\n {\n textTransformation: \"NONE\",\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxss_match_set = aws.waf.XssMatchSet(\"xss_match_set\",\n name=\"xss_match_set\",\n xss_match_tuples=[\n {\n \"text_transformation\": \"NONE\",\n \"field_to_match\": {\n \"type\": \"URI\",\n },\n },\n {\n \"text_transformation\": \"NONE\",\n \"field_to_match\": {\n \"type\": \"QUERY_STRING\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var xssMatchSet = new Aws.Waf.XssMatchSet(\"xss_match_set\", new()\n {\n Name = \"xss_match_set\",\n XssMatchTuples = new[]\n {\n new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"URI\",\n },\n },\n new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewXssMatchSet(ctx, \"xss_match_set\", \u0026waf.XssMatchSetArgs{\n\t\t\tName: pulumi.String(\"xss_match_set\"),\n\t\t\tXssMatchTuples: waf.XssMatchSetXssMatchTupleArray{\n\t\t\t\t\u0026waf.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tFieldToMatch: \u0026waf.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026waf.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tFieldToMatch: \u0026waf.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.XssMatchSet;\nimport com.pulumi.aws.waf.XssMatchSetArgs;\nimport com.pulumi.aws.waf.inputs.XssMatchSetXssMatchTupleArgs;\nimport com.pulumi.aws.waf.inputs.XssMatchSetXssMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var xssMatchSet = new XssMatchSet(\"xssMatchSet\", XssMatchSetArgs.builder()\n .name(\"xss_match_set\")\n .xssMatchTuples( \n XssMatchSetXssMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .fieldToMatch(XssMatchSetXssMatchTupleFieldToMatchArgs.builder()\n .type(\"URI\")\n .build())\n .build(),\n XssMatchSetXssMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .fieldToMatch(XssMatchSetXssMatchTupleFieldToMatchArgs.builder()\n .type(\"QUERY_STRING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n xssMatchSet:\n type: aws:waf:XssMatchSet\n name: xss_match_set\n properties:\n name: xss_match_set\n xssMatchTuples:\n - textTransformation: NONE\n fieldToMatch:\n type: URI\n - textTransformation: NONE\n fieldToMatch:\n type: QUERY_STRING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF XSS Match Set using their ID. For example:\n\n```sh\n$ pulumi import aws:waf/xssMatchSet:XssMatchSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n", "willReplaceOnChanges": true }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering XssMatchSet resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN)\n" }, "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n", "willReplaceOnChanges": true }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:waf/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "type": "object" } }, "aws:wafregional/byteMatchSet:ByteMatchSet": { "description": "Provides a WAF Regional Byte Match Set Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byteSet = new aws.wafregional.ByteMatchSet(\"byte_set\", {\n name: \"my_waf_byte_match_set\",\n byteMatchTuples: [{\n textTransformation: \"NONE\",\n targetString: \"badrefer1\",\n positionalConstraint: \"CONTAINS\",\n fieldToMatch: {\n type: \"HEADER\",\n data: \"referer\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyte_set = aws.wafregional.ByteMatchSet(\"byte_set\",\n name=\"my_waf_byte_match_set\",\n byte_match_tuples=[{\n \"text_transformation\": \"NONE\",\n \"target_string\": \"badrefer1\",\n \"positional_constraint\": \"CONTAINS\",\n \"field_to_match\": {\n \"type\": \"HEADER\",\n \"data\": \"referer\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byteSet = new Aws.WafRegional.ByteMatchSet(\"byte_set\", new()\n {\n Name = \"my_waf_byte_match_set\",\n ByteMatchTuples = new[]\n {\n new Aws.WafRegional.Inputs.ByteMatchSetByteMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n TargetString = \"badrefer1\",\n PositionalConstraint = \"CONTAINS\",\n FieldToMatch = new Aws.WafRegional.Inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs\n {\n Type = \"HEADER\",\n Data = \"referer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewByteMatchSet(ctx, \"byte_set\", \u0026wafregional.ByteMatchSetArgs{\n\t\t\tName: pulumi.String(\"my_waf_byte_match_set\"),\n\t\t\tByteMatchTuples: wafregional.ByteMatchSetByteMatchTupleArray{\n\t\t\t\t\u0026wafregional.ByteMatchSetByteMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tTargetString: pulumi.String(\"badrefer1\"),\n\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.ByteMatchSetByteMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.ByteMatchSet;\nimport com.pulumi.aws.wafregional.ByteMatchSetArgs;\nimport com.pulumi.aws.wafregional.inputs.ByteMatchSetByteMatchTupleArgs;\nimport com.pulumi.aws.wafregional.inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var byteSet = new ByteMatchSet(\"byteSet\", ByteMatchSetArgs.builder()\n .name(\"my_waf_byte_match_set\")\n .byteMatchTuples(ByteMatchSetByteMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .targetString(\"badrefer1\")\n .positionalConstraint(\"CONTAINS\")\n .fieldToMatch(ByteMatchSetByteMatchTupleFieldToMatchArgs.builder()\n .type(\"HEADER\")\n .data(\"referer\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n byteSet:\n type: aws:wafregional:ByteMatchSet\n name: byte_set\n properties:\n name: my_waf_byte_match_set\n byteMatchTuples:\n - textTransformation: NONE\n targetString: badrefer1\n positionalConstraint: CONTAINS\n fieldToMatch:\n type: HEADER\n data: referer\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Byte Match Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/byteMatchSet:ByteMatchSet byte_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n" } }, "required": [ "name" ], "inputProperties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering ByteMatchSet resources.\n", "properties": { "byteMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/ByteMatchSetByteMatchTuple:ByteMatchSetByteMatchTuple" }, "description": "Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests. ByteMatchTuple documented below.\n" }, "name": { "type": "string", "description": "The name or description of the ByteMatchSet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:wafregional/geoMatchSet:GeoMatchSet": { "description": "Provides a WAF Regional Geo Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst geoMatchSet = new aws.wafregional.GeoMatchSet(\"geo_match_set\", {\n name: \"geo_match_set\",\n geoMatchConstraints: [\n {\n type: \"Country\",\n value: \"US\",\n },\n {\n type: \"Country\",\n value: \"CA\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngeo_match_set = aws.wafregional.GeoMatchSet(\"geo_match_set\",\n name=\"geo_match_set\",\n geo_match_constraints=[\n {\n \"type\": \"Country\",\n \"value\": \"US\",\n },\n {\n \"type\": \"Country\",\n \"value\": \"CA\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var geoMatchSet = new Aws.WafRegional.GeoMatchSet(\"geo_match_set\", new()\n {\n Name = \"geo_match_set\",\n GeoMatchConstraints = new[]\n {\n new Aws.WafRegional.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"US\",\n },\n new Aws.WafRegional.Inputs.GeoMatchSetGeoMatchConstraintArgs\n {\n Type = \"Country\",\n Value = \"CA\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewGeoMatchSet(ctx, \"geo_match_set\", \u0026wafregional.GeoMatchSetArgs{\n\t\t\tName: pulumi.String(\"geo_match_set\"),\n\t\t\tGeoMatchConstraints: wafregional.GeoMatchSetGeoMatchConstraintArray{\n\t\t\t\t\u0026wafregional.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.GeoMatchSetGeoMatchConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"Country\"),\n\t\t\t\t\tValue: pulumi.String(\"CA\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.GeoMatchSet;\nimport com.pulumi.aws.wafregional.GeoMatchSetArgs;\nimport com.pulumi.aws.wafregional.inputs.GeoMatchSetGeoMatchConstraintArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var geoMatchSet = new GeoMatchSet(\"geoMatchSet\", GeoMatchSetArgs.builder()\n .name(\"geo_match_set\")\n .geoMatchConstraints( \n GeoMatchSetGeoMatchConstraintArgs.builder()\n .type(\"Country\")\n .value(\"US\")\n .build(),\n GeoMatchSetGeoMatchConstraintArgs.builder()\n .type(\"Country\")\n .value(\"CA\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n geoMatchSet:\n type: aws:wafregional:GeoMatchSet\n name: geo_match_set\n properties:\n name: geo_match_set\n geoMatchConstraints:\n - type: Country\n value: US\n - type: Country\n value: CA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Geo Match Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/geoMatchSet:GeoMatchSet geo_match_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n" } }, "required": [ "name" ], "inputProperties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering GeoMatchSet resources.\n", "properties": { "geoMatchConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/GeoMatchSetGeoMatchConstraint:GeoMatchSetGeoMatchConstraint" }, "description": "The Geo Match Constraint objects which contain the country that you want AWS WAF to search for.\n" }, "name": { "type": "string", "description": "The name or description of the Geo Match Set.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:wafregional/ipSet:IpSet": { "description": "Provides a WAF Regional IPSet Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [\n {\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n },\n {\n type: \"IPV4\",\n value: \"10.16.16.0/16\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[\n {\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n },\n {\n \"type\": \"IPV4\",\n \"value\": \"10.16.16.0/16\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"10.16.16.0/16\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"10.16.16.0/16\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors( \n IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build(),\n IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"10.16.16.0/16\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n - type: IPV4\n value: 10.16.16.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional IPSets using their ID. For example:\n\n```sh\n$ pulumi import aws:wafregional/ipSet:IpSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n", "willReplaceOnChanges": true } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF IPSet.\n" }, "ipSetDescriptors": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/IpSetIpSetDescriptor:IpSetIpSetDescriptor" }, "description": "One or more pairs specifying the IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) from which web requests originate.\n" }, "name": { "type": "string", "description": "The name or description of the IPSet.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:wafregional/rateBasedRule:RateBasedRule": { "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.wafregional.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }],\n opts = pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.WafRegional.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRateBasedRule(ctx, \"wafrule\", \u0026wafregional.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: wafregional.RateBasedRulePredicateArray{\n\t\t\t\t\u0026wafregional.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.RateBasedRule;\nimport com.pulumi.aws.wafregional.RateBasedRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RateBasedRulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:wafregional:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Rate Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rate Based Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "rateKey", "rateLimit", "tagsAll" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName", "rateKey", "rateLimit" ], "stateInputs": { "description": "Input properties used for looking up and filtering RateBasedRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rate Based Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RateBasedRulePredicate:RateBasedRulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "rateKey": { "type": "string", "description": "Valid value is IP.\n" }, "rateLimit": { "type": "integer", "description": "The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. Minimum value is 100.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafregional/regexMatchSet:RegexMatchSet": { "description": "Provides a WAF Regional Regex Match Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRegexPatternSet = new aws.wafregional.RegexPatternSet(\"example\", {\n name: \"example\",\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\nconst example = new aws.wafregional.RegexMatchSet(\"example\", {\n name: \"example\",\n regexMatchTuples: [{\n fieldToMatch: {\n data: \"User-Agent\",\n type: \"HEADER\",\n },\n regexPatternSetId: exampleRegexPatternSet.id,\n textTransformation: \"NONE\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_regex_pattern_set = aws.wafregional.RegexPatternSet(\"example\",\n name=\"example\",\n regex_pattern_strings=[\n \"one\",\n \"two\",\n ])\nexample = aws.wafregional.RegexMatchSet(\"example\",\n name=\"example\",\n regex_match_tuples=[{\n \"field_to_match\": {\n \"data\": \"User-Agent\",\n \"type\": \"HEADER\",\n },\n \"regex_pattern_set_id\": example_regex_pattern_set.id,\n \"text_transformation\": \"NONE\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRegexPatternSet = new Aws.WafRegional.RegexPatternSet(\"example\", new()\n {\n Name = \"example\",\n RegexPatternStrings = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n var example = new Aws.WafRegional.RegexMatchSet(\"example\", new()\n {\n Name = \"example\",\n RegexMatchTuples = new[]\n {\n new Aws.WafRegional.Inputs.RegexMatchSetRegexMatchTupleArgs\n {\n FieldToMatch = new Aws.WafRegional.Inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs\n {\n Data = \"User-Agent\",\n Type = \"HEADER\",\n },\n RegexPatternSetId = exampleRegexPatternSet.Id,\n TextTransformation = \"NONE\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRegexPatternSet, err := wafregional.NewRegexPatternSet(ctx, \"example\", \u0026wafregional.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRegexMatchSet(ctx, \"example\", \u0026wafregional.RegexMatchSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRegexMatchTuples: wafregional.RegexMatchSetRegexMatchTupleArray{\n\t\t\t\t\u0026wafregional.RegexMatchSetRegexMatchTupleArgs{\n\t\t\t\t\tFieldToMatch: \u0026wafregional.RegexMatchSetRegexMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tData: pulumi.String(\"User-Agent\"),\n\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t},\n\t\t\t\t\tRegexPatternSetId: exampleRegexPatternSet.ID(),\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.RegexPatternSet;\nimport com.pulumi.aws.wafregional.RegexPatternSetArgs;\nimport com.pulumi.aws.wafregional.RegexMatchSet;\nimport com.pulumi.aws.wafregional.RegexMatchSetArgs;\nimport com.pulumi.aws.wafregional.inputs.RegexMatchSetRegexMatchTupleArgs;\nimport com.pulumi.aws.wafregional.inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRegexPatternSet = new RegexPatternSet(\"exampleRegexPatternSet\", RegexPatternSetArgs.builder()\n .name(\"example\")\n .regexPatternStrings( \n \"one\",\n \"two\")\n .build());\n\n var example = new RegexMatchSet(\"example\", RegexMatchSetArgs.builder()\n .name(\"example\")\n .regexMatchTuples(RegexMatchSetRegexMatchTupleArgs.builder()\n .fieldToMatch(RegexMatchSetRegexMatchTupleFieldToMatchArgs.builder()\n .data(\"User-Agent\")\n .type(\"HEADER\")\n .build())\n .regexPatternSetId(exampleRegexPatternSet.id())\n .textTransformation(\"NONE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafregional:RegexMatchSet\n properties:\n name: example\n regexMatchTuples:\n - fieldToMatch:\n data: User-Agent\n type: HEADER\n regexPatternSetId: ${exampleRegexPatternSet.id}\n textTransformation: NONE\n exampleRegexPatternSet:\n type: aws:wafregional:RegexPatternSet\n name: example\n properties:\n name: example\n regexPatternStrings:\n - one\n - two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Regex Match Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/regexMatchSet:RegexMatchSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n" }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n", "willReplaceOnChanges": true }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Match Set.\n", "willReplaceOnChanges": true }, "regexMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RegexMatchSetRegexMatchTuple:RegexMatchSetRegexMatchTuple" }, "description": "The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. See below.\n" } }, "type": "object" } }, "aws:wafregional/regexPatternSet:RegexPatternSet": { "description": "Provides a WAF Regional Regex Pattern Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.RegexPatternSet(\"example\", {\n name: \"example\",\n regexPatternStrings: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.RegexPatternSet(\"example\",\n name=\"example\",\n regex_pattern_strings=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafRegional.RegexPatternSet(\"example\", new()\n {\n Name = \"example\",\n RegexPatternStrings = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewRegexPatternSet(ctx, \"example\", \u0026wafregional.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRegexPatternStrings: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.RegexPatternSet;\nimport com.pulumi.aws.wafregional.RegexPatternSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RegexPatternSet(\"example\", RegexPatternSetArgs.builder()\n .name(\"example\")\n .regexPatternStrings( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafregional:RegexPatternSet\n properties:\n name: example\n regexPatternStrings:\n - one\n - two\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Regex Pattern Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/regexPatternSet:RegexPatternSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n" }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n", "willReplaceOnChanges": true }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the Regex Pattern Set.\n", "willReplaceOnChanges": true }, "regexPatternStrings": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`.\n" } }, "type": "object" } }, "aws:wafregional/rule:Rule": { "description": "Provides an WAF Regional Rule Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n type: \"IPMatch\",\n dataId: ipset.id,\n negated: false,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.wafregional.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"type\": \"IPMatch\",\n \"data_id\": ipset.id,\n \"negated\": False,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.WafRegional.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n Type = \"IPMatch\",\n DataId = ipset.Id,\n Negated = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRule(ctx, \"wafrule\", \u0026wafregional.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.Rule;\nimport com.pulumi.aws.wafregional.RuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RulePredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .type(\"IPMatch\")\n .dataId(ipset.id())\n .negated(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:wafregional:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - type: IPMatch\n dataId: ${ipset.id}\n negated: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Nested Fields\n\n### `predicate`\n\nSee the [WAF Documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_Predicate.html) for more information.\n\n#### Arguments\n\n* `type` - (Required) The type of predicate in a rule. Valid values: `ByteMatch`, `GeoMatch`, `IPMatch`, `RegexMatch`, `SizeConstraint`, `SqlInjectionMatch`, or `XssMatch`\n* `data_id` - (Required) The unique identifier of a predicate, such as the ID of a `ByteMatchSet` or `IPSet`.\n* `negated` - (Required) Whether to use the settings or the negated settings that you specified in the objects.\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Rule using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/rule:Rule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n" }, "name": { "type": "string", "description": "The name or description of the rule.\n" }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "tagsAll" ], "inputProperties": { "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Rule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this rule.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the rule.\n", "willReplaceOnChanges": true }, "predicates": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RulePredicate:RulePredicate" }, "description": "The objects to include in a rule (documented below).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafregional/ruleGroup:RuleGroup": { "description": "Provides a WAF Regional Rule Group Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.Rule(\"example\", {\n name: \"example\",\n metricName: \"example\",\n});\nconst exampleRuleGroup = new aws.wafregional.RuleGroup(\"example\", {\n name: \"example\",\n metricName: \"example\",\n activatedRules: [{\n action: {\n type: \"COUNT\",\n },\n priority: 50,\n ruleId: example.id,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.Rule(\"example\",\n name=\"example\",\n metric_name=\"example\")\nexample_rule_group = aws.wafregional.RuleGroup(\"example\",\n name=\"example\",\n metric_name=\"example\",\n activated_rules=[{\n \"action\": {\n \"type\": \"COUNT\",\n },\n \"priority\": 50,\n \"rule_id\": example.id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafRegional.Rule(\"example\", new()\n {\n Name = \"example\",\n MetricName = \"example\",\n });\n\n var exampleRuleGroup = new Aws.WafRegional.RuleGroup(\"example\", new()\n {\n Name = \"example\",\n MetricName = \"example\",\n ActivatedRules = new[]\n {\n new Aws.WafRegional.Inputs.RuleGroupActivatedRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.RuleGroupActivatedRuleActionArgs\n {\n Type = \"COUNT\",\n },\n Priority = 50,\n RuleId = example.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := wafregional.NewRule(ctx, \"example\", \u0026wafregional.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRuleGroup(ctx, \"example\", \u0026wafregional.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t\tActivatedRules: wafregional.RuleGroupActivatedRuleArray{\n\t\t\t\t\u0026wafregional.RuleGroupActivatedRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.RuleGroupActivatedRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"COUNT\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(50),\n\t\t\t\t\tRuleId: example.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.Rule;\nimport com.pulumi.aws.wafregional.RuleArgs;\nimport com.pulumi.aws.wafregional.RuleGroup;\nimport com.pulumi.aws.wafregional.RuleGroupArgs;\nimport com.pulumi.aws.wafregional.inputs.RuleGroupActivatedRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RuleGroupActivatedRuleActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .name(\"example\")\n .metricName(\"example\")\n .build());\n\n var exampleRuleGroup = new RuleGroup(\"exampleRuleGroup\", RuleGroupArgs.builder()\n .name(\"example\")\n .metricName(\"example\")\n .activatedRules(RuleGroupActivatedRuleArgs.builder()\n .action(RuleGroupActivatedRuleActionArgs.builder()\n .type(\"COUNT\")\n .build())\n .priority(50)\n .ruleId(example.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafregional:Rule\n properties:\n name: example\n metricName: example\n exampleRuleGroup:\n type: aws:wafregional:RuleGroup\n name: example\n properties:\n name: example\n metricName: example\n activatedRules:\n - action:\n type: COUNT\n priority: 50\n ruleId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Rule Group using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/ruleGroup:RuleGroup example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule Group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n" }, "name": { "type": "string", "description": "A friendly name of the rule group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "metricName", "name", "tagsAll" ], "inputProperties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name of the rule group\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "activatedRules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/RuleGroupActivatedRule:RuleGroupActivatedRule" }, "description": "A list of activated rules, see below\n" }, "arn": { "type": "string", "description": "The ARN of the WAF Regional Rule Group.\n" }, "metricName": { "type": "string", "description": "A friendly name for the metrics from the rule group\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name of the rule group\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafregional/sizeConstraintSet:SizeConstraintSet": { "description": "Provides a WAF Regional Size Constraint Set Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sizeConstraintSet = new aws.wafregional.SizeConstraintSet(\"size_constraint_set\", {\n name: \"tfsize_constraints\",\n sizeConstraints: [{\n textTransformation: \"NONE\",\n comparisonOperator: \"EQ\",\n size: 4096,\n fieldToMatch: {\n type: \"BODY\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsize_constraint_set = aws.wafregional.SizeConstraintSet(\"size_constraint_set\",\n name=\"tfsize_constraints\",\n size_constraints=[{\n \"text_transformation\": \"NONE\",\n \"comparison_operator\": \"EQ\",\n \"size\": 4096,\n \"field_to_match\": {\n \"type\": \"BODY\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sizeConstraintSet = new Aws.WafRegional.SizeConstraintSet(\"size_constraint_set\", new()\n {\n Name = \"tfsize_constraints\",\n SizeConstraints = new[]\n {\n new Aws.WafRegional.Inputs.SizeConstraintSetSizeConstraintArgs\n {\n TextTransformation = \"NONE\",\n ComparisonOperator = \"EQ\",\n Size = 4096,\n FieldToMatch = new Aws.WafRegional.Inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs\n {\n Type = \"BODY\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewSizeConstraintSet(ctx, \"size_constraint_set\", \u0026wafregional.SizeConstraintSetArgs{\n\t\t\tName: pulumi.String(\"tfsize_constraints\"),\n\t\t\tSizeConstraints: wafregional.SizeConstraintSetSizeConstraintArray{\n\t\t\t\t\u0026wafregional.SizeConstraintSetSizeConstraintArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tComparisonOperator: pulumi.String(\"EQ\"),\n\t\t\t\t\tSize: pulumi.Int(4096),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.SizeConstraintSetSizeConstraintFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BODY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.SizeConstraintSet;\nimport com.pulumi.aws.wafregional.SizeConstraintSetArgs;\nimport com.pulumi.aws.wafregional.inputs.SizeConstraintSetSizeConstraintArgs;\nimport com.pulumi.aws.wafregional.inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sizeConstraintSet = new SizeConstraintSet(\"sizeConstraintSet\", SizeConstraintSetArgs.builder()\n .name(\"tfsize_constraints\")\n .sizeConstraints(SizeConstraintSetSizeConstraintArgs.builder()\n .textTransformation(\"NONE\")\n .comparisonOperator(\"EQ\")\n .size(\"4096\")\n .fieldToMatch(SizeConstraintSetSizeConstraintFieldToMatchArgs.builder()\n .type(\"BODY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sizeConstraintSet:\n type: aws:wafregional:SizeConstraintSet\n name: size_constraint_set\n properties:\n name: tfsize_constraints\n sizeConstraints:\n - textTransformation: NONE\n comparisonOperator: EQ\n size: '4096'\n fieldToMatch:\n type: BODY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Size Constraint Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/sizeConstraintSet:SizeConstraintSet size_constraint_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n" }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "required": [ "arn", "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n", "willReplaceOnChanges": true }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SizeConstraintSet resources.\n", "properties": { "arn": { "type": "string" }, "name": { "type": "string", "description": "The name or description of the Size Constraint Set.\n", "willReplaceOnChanges": true }, "sizeConstraints": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SizeConstraintSetSizeConstraint:SizeConstraintSetSizeConstraint" }, "description": "Specifies the parts of web requests that you want to inspect the size of.\n" } }, "type": "object" } }, "aws:wafregional/sqlInjectionMatchSet:SqlInjectionMatchSet": { "description": "Provides a WAF Regional SQL Injection Match Set Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sqlInjectionMatchSet = new aws.wafregional.SqlInjectionMatchSet(\"sql_injection_match_set\", {\n name: \"tf-sql_injection_match_set\",\n sqlInjectionMatchTuples: [{\n textTransformation: \"URL_DECODE\",\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsql_injection_match_set = aws.wafregional.SqlInjectionMatchSet(\"sql_injection_match_set\",\n name=\"tf-sql_injection_match_set\",\n sql_injection_match_tuples=[{\n \"text_transformation\": \"URL_DECODE\",\n \"field_to_match\": {\n \"type\": \"QUERY_STRING\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sqlInjectionMatchSet = new Aws.WafRegional.SqlInjectionMatchSet(\"sql_injection_match_set\", new()\n {\n Name = \"tf-sql_injection_match_set\",\n SqlInjectionMatchTuples = new[]\n {\n new Aws.WafRegional.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs\n {\n TextTransformation = \"URL_DECODE\",\n FieldToMatch = new Aws.WafRegional.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewSqlInjectionMatchSet(ctx, \"sql_injection_match_set\", \u0026wafregional.SqlInjectionMatchSetArgs{\n\t\t\tName: pulumi.String(\"tf-sql_injection_match_set\"),\n\t\t\tSqlInjectionMatchTuples: wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleArray{\n\t\t\t\t\u0026wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.SqlInjectionMatchSet;\nimport com.pulumi.aws.wafregional.SqlInjectionMatchSetArgs;\nimport com.pulumi.aws.wafregional.inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs;\nimport com.pulumi.aws.wafregional.inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sqlInjectionMatchSet = new SqlInjectionMatchSet(\"sqlInjectionMatchSet\", SqlInjectionMatchSetArgs.builder()\n .name(\"tf-sql_injection_match_set\")\n .sqlInjectionMatchTuples(SqlInjectionMatchSetSqlInjectionMatchTupleArgs.builder()\n .textTransformation(\"URL_DECODE\")\n .fieldToMatch(SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs.builder()\n .type(\"QUERY_STRING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sqlInjectionMatchSet:\n type: aws:wafregional:SqlInjectionMatchSet\n name: sql_injection_match_set\n properties:\n name: tf-sql_injection_match_set\n sqlInjectionMatchTuples:\n - textTransformation: URL_DECODE\n fieldToMatch:\n type: QUERY_STRING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Sql Injection Match Set using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/sqlInjectionMatchSet:SqlInjectionMatchSet sql_injection_match_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n" }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n", "willReplaceOnChanges": true }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering SqlInjectionMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name or description of the SizeConstraintSet.\n", "willReplaceOnChanges": true }, "sqlInjectionMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/SqlInjectionMatchSetSqlInjectionMatchTuple:SqlInjectionMatchSetSqlInjectionMatchTuple" }, "description": "The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.\n" } }, "type": "object" } }, "aws:wafregional/webAcl:WebAcl": { "description": "Provides a WAF Regional Web ACL Resource for use with Application Load Balancer.\n\n## Example Usage\n\n### Regular Rule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst wafacl = new aws.wafregional.WebAcl(\"wafacl\", {\n name: \"tfWebACL\",\n metricName: \"tfWebACL\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nwafrule = aws.wafregional.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nwafacl = aws.wafregional.WebAcl(\"wafacl\",\n name=\"tfWebACL\",\n metric_name=\"tfWebACL\",\n default_action={\n \"type\": \"ALLOW\",\n },\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": wafrule.id,\n \"type\": \"REGULAR\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.WafRegional.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n var wafacl = new Aws.WafRegional.WebAcl(\"wafacl\", new()\n {\n Name = \"tfWebACL\",\n MetricName = \"tfWebACL\",\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := wafregional.NewRule(ctx, \"wafrule\", \u0026wafregional.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAcl(ctx, \"wafacl\", \u0026wafregional.WebAclArgs{\n\t\t\tName: pulumi.String(\"tfWebACL\"),\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.Rule;\nimport com.pulumi.aws.wafregional.RuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RulePredicateArgs;\nimport com.pulumi.aws.wafregional.WebAcl;\nimport com.pulumi.aws.wafregional.WebAclArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n var wafacl = new WebAcl(\"wafacl\", WebAclArgs.builder()\n .name(\"tfWebACL\")\n .metricName(\"tfWebACL\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .action(WebAclRuleActionArgs.builder()\n .type(\"BLOCK\")\n .build())\n .priority(1)\n .ruleId(wafrule.id())\n .type(\"REGULAR\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:wafregional:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n wafacl:\n type: aws:wafregional:WebAcl\n properties:\n name: tfWebACL\n metricName: tfWebACL\n defaultAction:\n type: ALLOW\n rules:\n - action:\n type: BLOCK\n priority: 1\n ruleId: ${wafrule.id}\n type: REGULAR\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Group Rule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.WebAcl(\"example\", {\n name: \"example\",\n metricName: \"example\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n priority: 1,\n ruleId: exampleAwsWafregionalRuleGroup.id,\n type: \"GROUP\",\n overrideAction: {\n type: \"NONE\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.WebAcl(\"example\",\n name=\"example\",\n metric_name=\"example\",\n default_action={\n \"type\": \"ALLOW\",\n },\n rules=[{\n \"priority\": 1,\n \"rule_id\": example_aws_wafregional_rule_group[\"id\"],\n \"type\": \"GROUP\",\n \"override_action\": {\n \"type\": \"NONE\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafRegional.WebAcl(\"example\", new()\n {\n Name = \"example\",\n MetricName = \"example\",\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Priority = 1,\n RuleId = exampleAwsWafregionalRuleGroup.Id,\n Type = \"GROUP\",\n OverrideAction = new Aws.WafRegional.Inputs.WebAclRuleOverrideActionArgs\n {\n Type = \"NONE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewWebAcl(ctx, \"example\", \u0026wafregional.WebAclArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tMetricName: pulumi.String(\"example\"),\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: pulumi.Any(exampleAwsWafregionalRuleGroup.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t\tOverrideAction: \u0026wafregional.WebAclRuleOverrideActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WebAcl;\nimport com.pulumi.aws.wafregional.WebAclArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleOverrideActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAcl(\"example\", WebAclArgs.builder()\n .name(\"example\")\n .metricName(\"example\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .priority(1)\n .ruleId(exampleAwsWafregionalRuleGroup.id())\n .type(\"GROUP\")\n .overrideAction(WebAclRuleOverrideActionArgs.builder()\n .type(\"NONE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafregional:WebAcl\n properties:\n name: example\n metricName: example\n defaultAction:\n type: ALLOW\n rules:\n - priority: 1\n ruleId: ${exampleAwsWafregionalRuleGroup.id}\n type: GROUP\n overrideAction:\n type: NONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-`. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafregional.WebAcl(\"example\", {loggingConfiguration: {\n logDestination: exampleAwsKinesisFirehoseDeliveryStream.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.WebAcl(\"example\", logging_configuration={\n \"log_destination\": example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n \"redacted_fields\": {\n \"field_to_matches\": [\n {\n \"type\": \"URI\",\n },\n {\n \"data\": \"referer\",\n \"type\": \"HEADER\",\n },\n ],\n },\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafRegional.WebAcl(\"example\", new()\n {\n LoggingConfiguration = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n RedactedFields = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatches = new[]\n {\n new Aws.WafRegional.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Type = \"URI\",\n },\n new Aws.WafRegional.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewWebAcl(ctx, \"example\", \u0026wafregional.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026wafregional.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\tRedactedFields: \u0026wafregional.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatches: wafregional.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArray{\n\t\t\t\t\t\t\u0026wafregional.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026wafregional.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WebAcl;\nimport com.pulumi.aws.wafregional.WebAclArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclLoggingConfigurationRedactedFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAcl(\"example\", WebAclArgs.builder()\n .loggingConfiguration(WebAclLoggingConfigurationArgs.builder()\n .logDestination(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .redactedFields(WebAclLoggingConfigurationRedactedFieldsArgs.builder()\n .fieldToMatches( \n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .type(\"URI\")\n .build(),\n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .data(\"referer\")\n .type(\"HEADER\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafregional:WebAcl\n properties:\n loggingConfiguration:\n logDestination: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n redactedFields:\n fieldToMatches:\n - type: URI\n - data: referer\n type: HEADER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Web ACL using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/webAcl:WebAcl wafacl a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the WAF Regional WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n" }, "name": { "type": "string", "description": "The name or description of the web ACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "defaultAction", "metricName", "name", "tagsAll" ], "inputProperties": { "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the web ACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "defaultAction", "metricName" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAcl resources.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the WAF Regional WebACL.\n" }, "defaultAction": { "$ref": "#/types/aws:wafregional/WebAclDefaultAction:WebAclDefaultAction", "description": "The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.\n" }, "loggingConfiguration": { "$ref": "#/types/aws:wafregional/WebAclLoggingConfiguration:WebAclLoggingConfiguration", "description": "Configuration block to enable WAF logging. Detailed below.\n" }, "metricName": { "type": "string", "description": "The name or description for the Amazon CloudWatch metric of this web ACL.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name or description of the web ACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/WebAclRule:WebAclRule" }, "description": "Set of configuration blocks containing rules for the web ACL. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafregional/webAclAssociation:WebAclAssociation": { "description": "Manages an association with WAF Regional Web ACL.\n\n\u003e **Note:** An Application Load Balancer can only be associated with one WAF Regional WebACL.\n\n## Example Usage\n\n### Application Load Balancer Association\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst foo = new aws.wafregional.Rule(\"foo\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst fooWebAcl = new aws.wafregional.WebAcl(\"foo\", {\n name: \"foo\",\n metricName: \"foo\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: foo.id,\n }],\n});\nconst fooVpc = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.1.0.0/16\"});\nconst available = aws.getAvailabilityZones({});\nconst fooSubnet = new aws.ec2.Subnet(\"foo\", {\n vpcId: fooVpc.id,\n cidrBlock: \"10.1.1.0/24\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n});\nconst bar = new aws.ec2.Subnet(\"bar\", {\n vpcId: fooVpc.id,\n cidrBlock: \"10.1.2.0/24\",\n availabilityZone: available.then(available =\u003e available.names?.[1]),\n});\nconst fooLoadBalancer = new aws.alb.LoadBalancer(\"foo\", {\n internal: true,\n subnets: [\n fooSubnet.id,\n bar.id,\n ],\n});\nconst fooWebAclAssociation = new aws.wafregional.WebAclAssociation(\"foo\", {\n resourceArn: fooLoadBalancer.arn,\n webAclId: fooWebAcl.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[{\n \"type\": \"IPV4\",\n \"value\": \"192.0.7.0/24\",\n }])\nfoo = aws.wafregional.Rule(\"foo\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[{\n \"data_id\": ipset.id,\n \"negated\": False,\n \"type\": \"IPMatch\",\n }])\nfoo_web_acl = aws.wafregional.WebAcl(\"foo\",\n name=\"foo\",\n metric_name=\"foo\",\n default_action={\n \"type\": \"ALLOW\",\n },\n rules=[{\n \"action\": {\n \"type\": \"BLOCK\",\n },\n \"priority\": 1,\n \"rule_id\": foo.id,\n }])\nfoo_vpc = aws.ec2.Vpc(\"foo\", cidr_block=\"10.1.0.0/16\")\navailable = aws.get_availability_zones()\nfoo_subnet = aws.ec2.Subnet(\"foo\",\n vpc_id=foo_vpc.id,\n cidr_block=\"10.1.1.0/24\",\n availability_zone=available.names[0])\nbar = aws.ec2.Subnet(\"bar\",\n vpc_id=foo_vpc.id,\n cidr_block=\"10.1.2.0/24\",\n availability_zone=available.names[1])\nfoo_load_balancer = aws.alb.LoadBalancer(\"foo\",\n internal=True,\n subnets=[\n foo_subnet.id,\n bar.id,\n ])\nfoo_web_acl_association = aws.wafregional.WebAclAssociation(\"foo\",\n resource_arn=foo_load_balancer.arn,\n web_acl_id=foo_web_acl.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var foo = new Aws.WafRegional.Rule(\"foo\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n var fooWebAcl = new Aws.WafRegional.WebAcl(\"foo\", new()\n {\n Name = \"foo\",\n MetricName = \"foo\",\n DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = foo.Id,\n },\n },\n });\n\n var fooVpc = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var available = Aws.GetAvailabilityZones.Invoke();\n\n var fooSubnet = new Aws.Ec2.Subnet(\"foo\", new()\n {\n VpcId = fooVpc.Id,\n CidrBlock = \"10.1.1.0/24\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n var bar = new Aws.Ec2.Subnet(\"bar\", new()\n {\n VpcId = fooVpc.Id,\n CidrBlock = \"10.1.2.0/24\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n });\n\n var fooLoadBalancer = new Aws.Alb.LoadBalancer(\"foo\", new()\n {\n Internal = true,\n Subnets = new[]\n {\n fooSubnet.Id,\n bar.Id,\n },\n });\n\n var fooWebAclAssociation = new Aws.WafRegional.WebAclAssociation(\"foo\", new()\n {\n ResourceArn = fooLoadBalancer.Arn,\n WebAclId = fooWebAcl.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/alb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := wafregional.NewRule(ctx, \"foo\", \u0026wafregional.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: wafregional.RulePredicateArray{\n\t\t\t\t\u0026wafregional.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooWebAcl, err := wafregional.NewWebAcl(ctx, \"foo\", \u0026wafregional.WebAclArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tMetricName: pulumi.String(\"foo\"),\n\t\t\tDefaultAction: \u0026wafregional.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026wafregional.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: foo.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooVpc, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooSubnet, err := ec2.NewSubnet(ctx, \"foo\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: fooVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbar, err := ec2.NewSubnet(ctx, \"bar\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: fooVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.2.0/24\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[1]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooLoadBalancer, err := alb.NewLoadBalancer(ctx, \"foo\", \u0026alb.LoadBalancerArgs{\n\t\t\tInternal: pulumi.Bool(true),\n\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\tfooSubnet.ID(),\n\t\t\t\tbar.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAclAssociation(ctx, \"foo\", \u0026wafregional.WebAclAssociationArgs{\n\t\t\tResourceArn: fooLoadBalancer.Arn,\n\t\t\tWebAclId: fooWebAcl.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.Rule;\nimport com.pulumi.aws.wafregional.RuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RulePredicateArgs;\nimport com.pulumi.aws.wafregional.WebAcl;\nimport com.pulumi.aws.wafregional.WebAclArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleActionArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.alb.LoadBalancer;\nimport com.pulumi.aws.alb.LoadBalancerArgs;\nimport com.pulumi.aws.wafregional.WebAclAssociation;\nimport com.pulumi.aws.wafregional.WebAclAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder()\n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var foo = new Rule(\"foo\", RuleArgs.builder()\n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n var fooWebAcl = new WebAcl(\"fooWebAcl\", WebAclArgs.builder()\n .name(\"foo\")\n .metricName(\"foo\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .action(WebAclRuleActionArgs.builder()\n .type(\"BLOCK\")\n .build())\n .priority(1)\n .ruleId(foo.id())\n .build())\n .build());\n\n var fooVpc = new Vpc(\"fooVpc\", VpcArgs.builder()\n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n final var available = AwsFunctions.getAvailabilityZones();\n\n var fooSubnet = new Subnet(\"fooSubnet\", SubnetArgs.builder()\n .vpcId(fooVpc.id())\n .cidrBlock(\"10.1.1.0/24\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n var bar = new Subnet(\"bar\", SubnetArgs.builder()\n .vpcId(fooVpc.id())\n .cidrBlock(\"10.1.2.0/24\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .build());\n\n var fooLoadBalancer = new LoadBalancer(\"fooLoadBalancer\", LoadBalancerArgs.builder()\n .internal(true)\n .subnets( \n fooSubnet.id(),\n bar.id())\n .build());\n\n var fooWebAclAssociation = new WebAclAssociation(\"fooWebAclAssociation\", WebAclAssociationArgs.builder()\n .resourceArn(fooLoadBalancer.arn())\n .webAclId(fooWebAcl.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n foo:\n type: aws:wafregional:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n fooWebAcl:\n type: aws:wafregional:WebAcl\n name: foo\n properties:\n name: foo\n metricName: foo\n defaultAction:\n type: ALLOW\n rules:\n - action:\n type: BLOCK\n priority: 1\n ruleId: ${foo.id}\n fooVpc:\n type: aws:ec2:Vpc\n name: foo\n properties:\n cidrBlock: 10.1.0.0/16\n fooSubnet:\n type: aws:ec2:Subnet\n name: foo\n properties:\n vpcId: ${fooVpc.id}\n cidrBlock: 10.1.1.0/24\n availabilityZone: ${available.names[0]}\n bar:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${fooVpc.id}\n cidrBlock: 10.1.2.0/24\n availabilityZone: ${available.names[1]}\n fooLoadBalancer:\n type: aws:alb:LoadBalancer\n name: foo\n properties:\n internal: true\n subnets:\n - ${fooSubnet.id}\n - ${bar.id}\n fooWebAclAssociation:\n type: aws:wafregional:WebAclAssociation\n name: foo\n properties:\n resourceArn: ${fooLoadBalancer.arn}\n webAclId: ${fooWebAcl.id}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Web ACL Association using their `web_acl_id:resource_arn`. For example:\n\n```sh\n$ pulumi import aws:wafregional/webAclAssociation:WebAclAssociation foo web_acl_id:resource_arn\n```\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n" }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n" } }, "required": [ "resourceArn", "webAclId" ], "inputProperties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n", "willReplaceOnChanges": true }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceArn", "webAclId" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAclAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "ARN of the resource to associate with. For example, an Application Load Balancer or API Gateway Stage.\n", "willReplaceOnChanges": true }, "webAclId": { "type": "string", "description": "The ID of the WAF Regional WebACL to create an association.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:wafregional/xssMatchSet:XssMatchSet": { "description": "Provides a WAF Regional XSS Match Set Resource for use with Application Load Balancer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst xssMatchSet = new aws.wafregional.XssMatchSet(\"xss_match_set\", {\n name: \"xss_match_set\",\n xssMatchTuples: [\n {\n textTransformation: \"NONE\",\n fieldToMatch: {\n type: \"URI\",\n },\n },\n {\n textTransformation: \"NONE\",\n fieldToMatch: {\n type: \"QUERY_STRING\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nxss_match_set = aws.wafregional.XssMatchSet(\"xss_match_set\",\n name=\"xss_match_set\",\n xss_match_tuples=[\n {\n \"text_transformation\": \"NONE\",\n \"field_to_match\": {\n \"type\": \"URI\",\n },\n },\n {\n \"text_transformation\": \"NONE\",\n \"field_to_match\": {\n \"type\": \"QUERY_STRING\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var xssMatchSet = new Aws.WafRegional.XssMatchSet(\"xss_match_set\", new()\n {\n Name = \"xss_match_set\",\n XssMatchTuples = new[]\n {\n new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n FieldToMatch = new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"URI\",\n },\n },\n new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleArgs\n {\n TextTransformation = \"NONE\",\n FieldToMatch = new Aws.WafRegional.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs\n {\n Type = \"QUERY_STRING\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.NewXssMatchSet(ctx, \"xss_match_set\", \u0026wafregional.XssMatchSetArgs{\n\t\t\tName: pulumi.String(\"xss_match_set\"),\n\t\t\tXssMatchTuples: wafregional.XssMatchSetXssMatchTupleArray{\n\t\t\t\t\u0026wafregional.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.XssMatchSetXssMatchTupleArgs{\n\t\t\t\t\tTextTransformation: pulumi.String(\"NONE\"),\n\t\t\t\t\tFieldToMatch: \u0026wafregional.XssMatchSetXssMatchTupleFieldToMatchArgs{\n\t\t\t\t\t\tType: pulumi.String(\"QUERY_STRING\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.XssMatchSet;\nimport com.pulumi.aws.wafregional.XssMatchSetArgs;\nimport com.pulumi.aws.wafregional.inputs.XssMatchSetXssMatchTupleArgs;\nimport com.pulumi.aws.wafregional.inputs.XssMatchSetXssMatchTupleFieldToMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var xssMatchSet = new XssMatchSet(\"xssMatchSet\", XssMatchSetArgs.builder()\n .name(\"xss_match_set\")\n .xssMatchTuples( \n XssMatchSetXssMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .fieldToMatch(XssMatchSetXssMatchTupleFieldToMatchArgs.builder()\n .type(\"URI\")\n .build())\n .build(),\n XssMatchSetXssMatchTupleArgs.builder()\n .textTransformation(\"NONE\")\n .fieldToMatch(XssMatchSetXssMatchTupleFieldToMatchArgs.builder()\n .type(\"QUERY_STRING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n xssMatchSet:\n type: aws:wafregional:XssMatchSet\n name: xss_match_set\n properties:\n name: xss_match_set\n xssMatchTuples:\n - textTransformation: NONE\n fieldToMatch:\n type: URI\n - textTransformation: NONE\n fieldToMatch:\n type: QUERY_STRING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS WAF Regional XSS Match using the `id`. For example:\n\n```sh\n$ pulumi import aws:wafregional/xssMatchSet:XssMatchSet example 12345abcde\n```\n", "properties": { "name": { "type": "string", "description": "The name of the set\n" }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "required": [ "name" ], "inputProperties": { "name": { "type": "string", "description": "The name of the set\n", "willReplaceOnChanges": true }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering XssMatchSet resources.\n", "properties": { "name": { "type": "string", "description": "The name of the set\n", "willReplaceOnChanges": true }, "xssMatchTuples": { "type": "array", "items": { "$ref": "#/types/aws:wafregional/XssMatchSetXssMatchTuple:XssMatchSetXssMatchTuple" }, "description": "The parts of web requests that you want to inspect for cross-site scripting attacks.\n" } }, "type": "object" } }, "aws:wafv2/ipSet:IpSet": { "description": "Provides a WAFv2 IP Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.IpSet(\"example\", {\n name: \"example\",\n description: \"Example IP set\",\n scope: \"REGIONAL\",\n ipAddressVersion: \"IPV4\",\n addresses: [\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n ],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.IpSet(\"example\",\n name=\"example\",\n description=\"Example IP set\",\n scope=\"REGIONAL\",\n ip_address_version=\"IPV4\",\n addresses=[\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n ],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.IpSet(\"example\", new()\n {\n Name = \"example\",\n Description = \"Example IP set\",\n Scope = \"REGIONAL\",\n IpAddressVersion = \"IPV4\",\n Addresses = new[]\n {\n \"1.2.3.4/32\",\n \"5.6.7.8/32\",\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewIpSet(ctx, \"example\", \u0026wafv2.IpSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"Example IP set\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tIpAddressVersion: pulumi.String(\"IPV4\"),\n\t\t\tAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.2.3.4/32\"),\n\t\t\t\tpulumi.String(\"5.6.7.8/32\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.IpSet;\nimport com.pulumi.aws.wafv2.IpSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new IpSet(\"example\", IpSetArgs.builder()\n .name(\"example\")\n .description(\"Example IP set\")\n .scope(\"REGIONAL\")\n .ipAddressVersion(\"IPV4\")\n .addresses( \n \"1.2.3.4/32\",\n \"5.6.7.8/32\")\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:IpSet\n properties:\n name: example\n description: Example IP set\n scope: REGIONAL\n ipAddressVersion: IPV4\n addresses:\n - 1.2.3.4/32\n - 5.6.7.8/32\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAFv2 IP Sets using `ID/name/scope`. For example:\n\n```sh\n$ pulumi import aws:wafv2/ipSet:IpSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL\n```\n", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges except for `/0`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP set.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the IP set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "ipAddressVersion", "lockToken", "name", "scope", "tagsAll" ], "inputProperties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges except for `/0`.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "A friendly name of the IP set.\n", "willReplaceOnChanges": true }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "ipAddressVersion", "scope" ], "stateInputs": { "description": "Input properties used for looking up and filtering IpSet resources.\n", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges except for `/0`.\n" }, "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the IP set.\n" }, "description": { "type": "string", "description": "A friendly description of the IP set.\n" }, "ipAddressVersion": { "type": "string", "description": "Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`.\n", "willReplaceOnChanges": true }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the IP set.\n", "willReplaceOnChanges": true }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia).\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafv2/regexPatternSet:RegexPatternSet": { "description": "Provides an AWS WAFv2 Regex Pattern Set Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RegexPatternSet(\"example\", {\n name: \"example\",\n description: \"Example regex pattern set\",\n scope: \"REGIONAL\",\n regularExpressions: [\n {\n regexString: \"one\",\n },\n {\n regexString: \"two\",\n },\n ],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RegexPatternSet(\"example\",\n name=\"example\",\n description=\"Example regex pattern set\",\n scope=\"REGIONAL\",\n regular_expressions=[\n {\n \"regex_string\": \"one\",\n },\n {\n \"regex_string\": \"two\",\n },\n ],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.RegexPatternSet(\"example\", new()\n {\n Name = \"example\",\n Description = \"Example regex pattern set\",\n Scope = \"REGIONAL\",\n RegularExpressions = new[]\n {\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"one\",\n },\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"two\",\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewRegexPatternSet(ctx, \"example\", \u0026wafv2.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"Example regex pattern set\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tRegularExpressions: wafv2.RegexPatternSetRegularExpressionArray{\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"one\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"two\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.RegexPatternSet;\nimport com.pulumi.aws.wafv2.RegexPatternSetArgs;\nimport com.pulumi.aws.wafv2.inputs.RegexPatternSetRegularExpressionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RegexPatternSet(\"example\", RegexPatternSetArgs.builder()\n .name(\"example\")\n .description(\"Example regex pattern set\")\n .scope(\"REGIONAL\")\n .regularExpressions( \n RegexPatternSetRegularExpressionArgs.builder()\n .regexString(\"one\")\n .build(),\n RegexPatternSetRegularExpressionArgs.builder()\n .regexString(\"two\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:RegexPatternSet\n properties:\n name: example\n description: Example regex pattern set\n scope: REGIONAL\n regularExpressions:\n - regexString: one\n - regexString: two\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAFv2 Regex Pattern Sets using `ID/name/scope`. For example:\n\n```sh\n$ pulumi import aws:wafv2/regexPatternSet:RegexPatternSet example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL\n```\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n" }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details. A maximum of 10 `regular_expression` blocks may be specified.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "lockToken", "name", "scope", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n", "willReplaceOnChanges": true }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details. A maximum of 10 `regular_expression` blocks may be specified.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "requiredInputs": [ "scope" ], "stateInputs": { "description": "Input properties used for looking up and filtering RegexPatternSet resources.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the cluster.\n" }, "description": { "type": "string", "description": "A friendly description of the regular expression pattern set.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the regular expression pattern set.\n", "willReplaceOnChanges": true }, "regularExpressions": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RegexPatternSetRegularExpression:RegexPatternSetRegularExpression" }, "description": "One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See Regular Expression below for details. A maximum of 10 `regular_expression` blocks may be specified.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:wafv2/ruleGroup:RuleGroup": { "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "capacity": { "type": "integer", "description": "The web ACL capacity units (WCUs) required for this rule group. See [here](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRuleGroup.html#API_CreateRuleGroup_RequestSyntax) for general information and [here](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statements-list.html) for capacity specific information.\n" }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupCustomResponseBody:RuleGroupCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See Custom Response Body below for details.\n" }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n" }, "namePrefix": { "type": "string" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRule:RuleGroupRule" }, "description": "The rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See Rules below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/RuleGroupVisibilityConfig:RuleGroupVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See Visibility Configuration below for details.\n" } }, "required": [ "arn", "capacity", "lockToken", "name", "namePrefix", "scope", "tagsAll", "visibilityConfig" ], "inputProperties": { "capacity": { "type": "integer", "description": "The web ACL capacity units (WCUs) required for this rule group. See [here](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRuleGroup.html#API_CreateRuleGroup_RequestSyntax) for general information and [here](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statements-list.html) for capacity specific information.\n", "willReplaceOnChanges": true }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupCustomResponseBody:RuleGroupCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See Custom Response Body below for details.\n" }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRule:RuleGroupRule" }, "description": "The rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See Rules below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/RuleGroupVisibilityConfig:RuleGroupVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See Visibility Configuration below for details.\n" } }, "requiredInputs": [ "capacity", "scope", "visibilityConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering RuleGroup resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the WAF rule group.\n" }, "capacity": { "type": "integer", "description": "The web ACL capacity units (WCUs) required for this rule group. See [here](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRuleGroup.html#API_CreateRuleGroup_RequestSyntax) for general information and [here](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statements-list.html) for capacity specific information.\n", "willReplaceOnChanges": true }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupCustomResponseBody:RuleGroupCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See Custom Response Body below for details.\n" }, "description": { "type": "string", "description": "A friendly description of the rule group.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "A friendly name of the rule group.\n", "willReplaceOnChanges": true }, "namePrefix": { "type": "string", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/RuleGroupRule:RuleGroupRule" }, "description": "The rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See Rules below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An array of key:value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/RuleGroupVisibilityConfig:RuleGroupVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See Visibility Configuration below for details.\n" } }, "type": "object" } }, "aws:wafv2/webAcl:WebAcl": { "properties": { "applicationIntegrationUrl": { "type": "string", "description": "The URL to use in SDK integrations with managed rule groups.\n" }, "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "associationConfig": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfig:WebAclAssociationConfig", "description": "Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.\n" }, "capacity": { "type": "integer", "description": "Web ACL capacity units (WCUs) currently being used by this web ACL.\n" }, "captchaConfig": { "$ref": "#/types/aws:wafv2/WebAclCaptchaConfig:WebAclCaptchaConfig", "description": "Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.\n" }, "challengeConfig": { "$ref": "#/types/aws:wafv2/WebAclChallengeConfig:WebAclChallengeConfig", "description": "Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.\n" }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclCustomResponseBody:WebAclCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.\n" }, "defaultAction": { "$ref": "#/types/aws:wafv2/WebAclDefaultAction:WebAclDefaultAction", "description": "Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.\n" }, "description": { "type": "string", "description": "Friendly description of the WebACL.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "Friendly name of the WebACL.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRule:WebAclRule" }, "description": "Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tokenDomains": { "type": "array", "items": { "type": "string" }, "description": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/WebAclVisibilityConfig:WebAclVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.\n" } }, "required": [ "applicationIntegrationUrl", "arn", "capacity", "defaultAction", "lockToken", "name", "scope", "tagsAll", "visibilityConfig" ], "inputProperties": { "associationConfig": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfig:WebAclAssociationConfig", "description": "Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.\n" }, "captchaConfig": { "$ref": "#/types/aws:wafv2/WebAclCaptchaConfig:WebAclCaptchaConfig", "description": "Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.\n" }, "challengeConfig": { "$ref": "#/types/aws:wafv2/WebAclChallengeConfig:WebAclChallengeConfig", "description": "Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.\n" }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclCustomResponseBody:WebAclCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.\n" }, "defaultAction": { "$ref": "#/types/aws:wafv2/WebAclDefaultAction:WebAclDefaultAction", "description": "Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.\n" }, "description": { "type": "string", "description": "Friendly description of the WebACL.\n" }, "name": { "type": "string", "description": "Friendly name of the WebACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRule:WebAclRule" }, "description": "Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tokenDomains": { "type": "array", "items": { "type": "string" }, "description": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/WebAclVisibilityConfig:WebAclVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.\n" } }, "requiredInputs": [ "defaultAction", "scope", "visibilityConfig" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAcl resources.\n", "properties": { "applicationIntegrationUrl": { "type": "string", "description": "The URL to use in SDK integrations with managed rule groups.\n" }, "arn": { "type": "string", "description": "The ARN of the WAF WebACL.\n" }, "associationConfig": { "$ref": "#/types/aws:wafv2/WebAclAssociationConfig:WebAclAssociationConfig", "description": "Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.\n" }, "capacity": { "type": "integer", "description": "Web ACL capacity units (WCUs) currently being used by this web ACL.\n" }, "captchaConfig": { "$ref": "#/types/aws:wafv2/WebAclCaptchaConfig:WebAclCaptchaConfig", "description": "Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.\n" }, "challengeConfig": { "$ref": "#/types/aws:wafv2/WebAclChallengeConfig:WebAclChallengeConfig", "description": "Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.\n" }, "customResponseBodies": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclCustomResponseBody:WebAclCustomResponseBody" }, "description": "Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.\n" }, "defaultAction": { "$ref": "#/types/aws:wafv2/WebAclDefaultAction:WebAclDefaultAction", "description": "Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.\n" }, "description": { "type": "string", "description": "Friendly description of the WebACL.\n" }, "lockToken": { "type": "string" }, "name": { "type": "string", "description": "Friendly name of the WebACL.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclRule:WebAclRule" }, "description": "Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "tokenDomains": { "type": "array", "items": { "type": "string" }, "description": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.\n" }, "visibilityConfig": { "$ref": "#/types/aws:wafv2/WebAclVisibilityConfig:WebAclVisibilityConfig", "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.\n" } }, "type": "object" } }, "aws:wafv2/webAclAssociation:WebAclAssociation": { "description": "Creates a WAFv2 Web ACL Association.\n\n\u003e **NOTE on associating a WAFv2 Web ACL with a Cloudfront distribution:** Do not use this resource to associate a WAFv2 Web ACL with a Cloudfront Distribution. The [AWS API call backing this resource](https://docs.aws.amazon.com/waf/latest/APIReference/API_AssociateWebACL.html) notes that you should use the `web_acl_id` property on the `cloudfront_distribution` instead.\n\n[1]: https://docs.aws.amazon.com/waf/latest/APIReference/API_AssociateWebACL.html\n\n\n## Import\n\nUsing `pulumi import`, import WAFv2 Web ACL Association using `WEB_ACL_ARN,RESOURCE_ARN`. For example:\n\n```sh\n$ pulumi import aws:wafv2/webAclAssociation:WebAclAssociation example arn:aws:wafv2:...7ce849ea,arn:aws:apigateway:...ages/name\n```\n", "properties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer, an Amazon API Gateway stage (REST only, HTTP is unsupported), an Amazon Cognito User Pool, an Amazon AppSync GraphQL API, an Amazon App Runner service, or an Amazon Verified Access instance.\n" }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n" } }, "required": [ "resourceArn", "webAclArn" ], "inputProperties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer, an Amazon API Gateway stage (REST only, HTTP is unsupported), an Amazon Cognito User Pool, an Amazon AppSync GraphQL API, an Amazon App Runner service, or an Amazon Verified Access instance.\n", "willReplaceOnChanges": true }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "resourceArn", "webAclArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAclAssociation resources.\n", "properties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL. This must be an ARN of an Application Load Balancer, an Amazon API Gateway stage (REST only, HTTP is unsupported), an Amazon Cognito User Pool, an Amazon AppSync GraphQL API, an Amazon App Runner service, or an Amazon Verified Access instance.\n", "willReplaceOnChanges": true }, "webAclArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration": { "description": "This resource creates a WAFv2 Web ACL Logging Configuration.\n\n!\u003e **WARNING:** When logging from a WAFv2 Web ACL to a CloudWatch Log Group, the WAFv2 service tries to create or update a generic Log Resource Policy named `AWSWAF-LOGS`. However, if there are a large number of Web ACLs or if the account frequently creates and deletes Web ACLs, this policy may exceed the maximum policy size. As a result, this resource type will fail to be created. More details about this issue can be found in this issue. To prevent this issue, you can manage a specific resource policy. Please refer to the example below for managing a CloudWatch Log Group with a managed CloudWatch Log Resource Policy.\n\n## Example Usage\n\n### With Redacted Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.WebAclLoggingConfiguration(\"example\", {\n logDestinationConfigs: [exampleAwsKinesisFirehoseDeliveryStream.arn],\n resourceArn: exampleAwsWafv2WebAcl.arn,\n redactedFields: [{\n singleHeader: {\n name: \"user-agent\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.WebAclLoggingConfiguration(\"example\",\n log_destination_configs=[example_aws_kinesis_firehose_delivery_stream[\"arn\"]],\n resource_arn=example_aws_wafv2_web_acl[\"arn\"],\n redacted_fields=[{\n \"single_header\": {\n \"name\": \"user-agent\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.WebAclLoggingConfiguration(\"example\", new()\n {\n LogDestinationConfigs = new[]\n {\n exampleAwsKinesisFirehoseDeliveryStream.Arn,\n },\n ResourceArn = exampleAwsWafv2WebAcl.Arn,\n RedactedFields = new[]\n {\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationRedactedFieldArgs\n {\n SingleHeader = new Aws.WafV2.Inputs.WebAclLoggingConfigurationRedactedFieldSingleHeaderArgs\n {\n Name = \"user-agent\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewWebAclLoggingConfiguration(ctx, \"example\", \u0026wafv2.WebAclLoggingConfigurationArgs{\n\t\t\tLogDestinationConfigs: pulumi.StringArray{\n\t\t\t\texampleAwsKinesisFirehoseDeliveryStream.Arn,\n\t\t\t},\n\t\t\tResourceArn: pulumi.Any(exampleAwsWafv2WebAcl.Arn),\n\t\t\tRedactedFields: wafv2.WebAclLoggingConfigurationRedactedFieldArray{\n\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationRedactedFieldArgs{\n\t\t\t\t\tSingleHeader: \u0026wafv2.WebAclLoggingConfigurationRedactedFieldSingleHeaderArgs{\n\t\t\t\t\t\tName: pulumi.String(\"user-agent\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.WebAclLoggingConfiguration;\nimport com.pulumi.aws.wafv2.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.wafv2.inputs.WebAclLoggingConfigurationRedactedFieldArgs;\nimport com.pulumi.aws.wafv2.inputs.WebAclLoggingConfigurationRedactedFieldSingleHeaderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAclLoggingConfiguration(\"example\", WebAclLoggingConfigurationArgs.builder()\n .logDestinationConfigs(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .resourceArn(exampleAwsWafv2WebAcl.arn())\n .redactedFields(WebAclLoggingConfigurationRedactedFieldArgs.builder()\n .singleHeader(WebAclLoggingConfigurationRedactedFieldSingleHeaderArgs.builder()\n .name(\"user-agent\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:WebAclLoggingConfiguration\n properties:\n logDestinationConfigs:\n - ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n resourceArn: ${exampleAwsWafv2WebAcl.arn}\n redactedFields:\n - singleHeader:\n name: user-agent\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Logging Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.WebAclLoggingConfiguration(\"example\", {\n logDestinationConfigs: [exampleAwsKinesisFirehoseDeliveryStream.arn],\n resourceArn: exampleAwsWafv2WebAcl.arn,\n loggingFilter: {\n defaultBehavior: \"KEEP\",\n filters: [\n {\n behavior: \"DROP\",\n conditions: [\n {\n actionCondition: {\n action: \"COUNT\",\n },\n },\n {\n labelNameCondition: {\n labelName: \"awswaf:111122223333:rulegroup:testRules:LabelNameZ\",\n },\n },\n ],\n requirement: \"MEETS_ALL\",\n },\n {\n behavior: \"KEEP\",\n conditions: [{\n actionCondition: {\n action: \"ALLOW\",\n },\n }],\n requirement: \"MEETS_ANY\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.WebAclLoggingConfiguration(\"example\",\n log_destination_configs=[example_aws_kinesis_firehose_delivery_stream[\"arn\"]],\n resource_arn=example_aws_wafv2_web_acl[\"arn\"],\n logging_filter={\n \"default_behavior\": \"KEEP\",\n \"filters\": [\n {\n \"behavior\": \"DROP\",\n \"conditions\": [\n {\n \"action_condition\": {\n \"action\": \"COUNT\",\n },\n },\n {\n \"label_name_condition\": {\n \"label_name\": \"awswaf:111122223333:rulegroup:testRules:LabelNameZ\",\n },\n },\n ],\n \"requirement\": \"MEETS_ALL\",\n },\n {\n \"behavior\": \"KEEP\",\n \"conditions\": [{\n \"action_condition\": {\n \"action\": \"ALLOW\",\n },\n }],\n \"requirement\": \"MEETS_ANY\",\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.WebAclLoggingConfiguration(\"example\", new()\n {\n LogDestinationConfigs = new[]\n {\n exampleAwsKinesisFirehoseDeliveryStream.Arn,\n },\n ResourceArn = exampleAwsWafv2WebAcl.Arn,\n LoggingFilter = new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterArgs\n {\n DefaultBehavior = \"KEEP\",\n Filters = new[]\n {\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterArgs\n {\n Behavior = \"DROP\",\n Conditions = new[]\n {\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs\n {\n ActionCondition = new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs\n {\n Action = \"COUNT\",\n },\n },\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs\n {\n LabelNameCondition = new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameConditionArgs\n {\n LabelName = \"awswaf:111122223333:rulegroup:testRules:LabelNameZ\",\n },\n },\n },\n Requirement = \"MEETS_ALL\",\n },\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterArgs\n {\n Behavior = \"KEEP\",\n Conditions = new[]\n {\n new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs\n {\n ActionCondition = new Aws.WafV2.Inputs.WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs\n {\n Action = \"ALLOW\",\n },\n },\n },\n Requirement = \"MEETS_ANY\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewWebAclLoggingConfiguration(ctx, \"example\", \u0026wafv2.WebAclLoggingConfigurationArgs{\n\t\t\tLogDestinationConfigs: pulumi.StringArray{\n\t\t\t\texampleAwsKinesisFirehoseDeliveryStream.Arn,\n\t\t\t},\n\t\t\tResourceArn: pulumi.Any(exampleAwsWafv2WebAcl.Arn),\n\t\t\tLoggingFilter: \u0026wafv2.WebAclLoggingConfigurationLoggingFilterArgs{\n\t\t\t\tDefaultBehavior: pulumi.String(\"KEEP\"),\n\t\t\t\tFilters: wafv2.WebAclLoggingConfigurationLoggingFilterFilterArray{\n\t\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterArgs{\n\t\t\t\t\t\tBehavior: pulumi.String(\"DROP\"),\n\t\t\t\t\t\tConditions: wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionArray{\n\t\t\t\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs{\n\t\t\t\t\t\t\t\tActionCondition: \u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs{\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"COUNT\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs{\n\t\t\t\t\t\t\t\tLabelNameCondition: \u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameConditionArgs{\n\t\t\t\t\t\t\t\t\tLabelName: pulumi.String(\"awswaf:111122223333:rulegroup:testRules:LabelNameZ\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRequirement: pulumi.String(\"MEETS_ALL\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterArgs{\n\t\t\t\t\t\tBehavior: pulumi.String(\"KEEP\"),\n\t\t\t\t\t\tConditions: wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionArray{\n\t\t\t\t\t\t\t\u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionArgs{\n\t\t\t\t\t\t\t\tActionCondition: \u0026wafv2.WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs{\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRequirement: pulumi.String(\"MEETS_ANY\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.WebAclLoggingConfiguration;\nimport com.pulumi.aws.wafv2.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.wafv2.inputs.WebAclLoggingConfigurationLoggingFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAclLoggingConfiguration(\"example\", WebAclLoggingConfigurationArgs.builder()\n .logDestinationConfigs(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .resourceArn(exampleAwsWafv2WebAcl.arn())\n .loggingFilter(WebAclLoggingConfigurationLoggingFilterArgs.builder()\n .defaultBehavior(\"KEEP\")\n .filters( \n WebAclLoggingConfigurationLoggingFilterFilterArgs.builder()\n .behavior(\"DROP\")\n .conditions( \n WebAclLoggingConfigurationLoggingFilterFilterConditionArgs.builder()\n .actionCondition(WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs.builder()\n .action(\"COUNT\")\n .build())\n .build(),\n WebAclLoggingConfigurationLoggingFilterFilterConditionArgs.builder()\n .labelNameCondition(WebAclLoggingConfigurationLoggingFilterFilterConditionLabelNameConditionArgs.builder()\n .labelName(\"awswaf:111122223333:rulegroup:testRules:LabelNameZ\")\n .build())\n .build())\n .requirement(\"MEETS_ALL\")\n .build(),\n WebAclLoggingConfigurationLoggingFilterFilterArgs.builder()\n .behavior(\"KEEP\")\n .conditions(WebAclLoggingConfigurationLoggingFilterFilterConditionArgs.builder()\n .actionCondition(WebAclLoggingConfigurationLoggingFilterFilterConditionActionConditionArgs.builder()\n .action(\"ALLOW\")\n .build())\n .build())\n .requirement(\"MEETS_ANY\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:WebAclLoggingConfiguration\n properties:\n logDestinationConfigs:\n - ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n resourceArn: ${exampleAwsWafv2WebAcl.arn}\n loggingFilter:\n defaultBehavior: KEEP\n filters:\n - behavior: DROP\n conditions:\n - actionCondition:\n action: COUNT\n - labelNameCondition:\n labelName: awswaf:111122223333:rulegroup:testRules:LabelNameZ\n requirement: MEETS_ALL\n - behavior: KEEP\n conditions:\n - actionCondition:\n action: ALLOW\n requirement: MEETS_ANY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAFv2 Web ACL Logging Configurations using the ARN of the WAFv2 Web ACL. For example:\n\n```sh\n$ pulumi import aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration example arn:aws:wafv2:us-west-2:123456789012:regional/webacl/test-logs/a1b2c3d4-5678-90ab-cdef\n```\n", "properties": { "logDestinationConfigs": { "type": "array", "items": { "type": "string" }, "description": "Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL. **Note:** data firehose, log group, or bucket name **must** be prefixed with `aws-waf-logs-`, e.g. `aws-waf-logs-example-firehose`, `aws-waf-logs-example-log-group`, or `aws-waf-logs-example-bucket`.\n" }, "loggingFilter": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilter:WebAclLoggingConfigurationLoggingFilter", "description": "Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.\n" }, "redactedFields": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedField:WebAclLoggingConfigurationRedactedField" }, "description": "Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redacted_fields` blocks are supported. See Redacted Fields below for more details.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the web ACL that you want to associate with `log_destination_configs`.\n" } }, "required": [ "logDestinationConfigs", "resourceArn" ], "inputProperties": { "logDestinationConfigs": { "type": "array", "items": { "type": "string" }, "description": "Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL. **Note:** data firehose, log group, or bucket name **must** be prefixed with `aws-waf-logs-`, e.g. `aws-waf-logs-example-firehose`, `aws-waf-logs-example-log-group`, or `aws-waf-logs-example-bucket`.\n", "willReplaceOnChanges": true }, "loggingFilter": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilter:WebAclLoggingConfigurationLoggingFilter", "description": "Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.\n" }, "redactedFields": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedField:WebAclLoggingConfigurationRedactedField" }, "description": "Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redacted_fields` blocks are supported. See Redacted Fields below for more details.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the web ACL that you want to associate with `log_destination_configs`.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "logDestinationConfigs", "resourceArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebAclLoggingConfiguration resources.\n", "properties": { "logDestinationConfigs": { "type": "array", "items": { "type": "string" }, "description": "Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL. **Note:** data firehose, log group, or bucket name **must** be prefixed with `aws-waf-logs-`, e.g. `aws-waf-logs-example-firehose`, `aws-waf-logs-example-log-group`, or `aws-waf-logs-example-bucket`.\n", "willReplaceOnChanges": true }, "loggingFilter": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationLoggingFilter:WebAclLoggingConfigurationLoggingFilter", "description": "Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.\n" }, "redactedFields": { "type": "array", "items": { "$ref": "#/types/aws:wafv2/WebAclLoggingConfigurationRedactedField:WebAclLoggingConfigurationRedactedField" }, "description": "Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redacted_fields` blocks are supported. See Redacted Fields below for more details.\n" }, "resourceArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the web ACL that you want to associate with `log_destination_configs`.\n", "willReplaceOnChanges": true } }, "type": "object" } }, "aws:worklink/fleet:Fleet": { "description": "## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.worklink.Fleet(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.worklink.Fleet(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WorkLink.Fleet(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/worklink\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := worklink.NewFleet(ctx, \"example\", \u0026worklink.FleetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.worklink.Fleet;\nimport com.pulumi.aws.worklink.FleetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:worklink:Fleet\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nNetwork Configuration Usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.worklink.Fleet(\"example\", {\n name: \"example\",\n network: {\n vpcId: testAwsVpc.id,\n subnetIds: [testAwsSubnet.map(__item =\u003e __item.id)],\n securityGroupIds: [test.id],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.worklink.Fleet(\"example\",\n name=\"example\",\n network={\n \"vpc_id\": test_aws_vpc[\"id\"],\n \"subnet_ids\": [[__item[\"id\"] for __item in test_aws_subnet]],\n \"security_group_ids\": [test[\"id\"]],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WorkLink.Fleet(\"example\", new()\n {\n Name = \"example\",\n Network = new Aws.WorkLink.Inputs.FleetNetworkArgs\n {\n VpcId = testAwsVpc.Id,\n SubnetIds = new[]\n {\n testAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n },\n SecurityGroupIds = new[]\n {\n test.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/worklink\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := worklink.NewFleet(ctx, \"example\", \u0026worklink.FleetArgs{\nName: pulumi.String(\"example\"),\nNetwork: \u0026worklink.FleetNetworkArgs{\nVpcId: pulumi.Any(testAwsVpc.Id),\nSubnetIds: pulumi.StringArray{\npulumi.String(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:4,25-44)),\n},\nSecurityGroupIds: pulumi.StringArray{\ntest.Id,\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.worklink.Fleet;\nimport com.pulumi.aws.worklink.FleetArgs;\nimport com.pulumi.aws.worklink.inputs.FleetNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .name(\"example\")\n .network(FleetNetworkArgs.builder()\n .vpcId(testAwsVpc.id())\n .subnetIds(testAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroupIds(test.id())\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIdentity Provider Configuration Usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.worklink.Fleet(\"test\", {\n name: \"tf-worklink-fleet\",\n identityProvider: {\n type: \"SAML\",\n samlMetadata: std.file({\n input: \"saml-metadata.xml\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.worklink.Fleet(\"test\",\n name=\"tf-worklink-fleet\",\n identity_provider={\n \"type\": \"SAML\",\n \"saml_metadata\": std.file(input=\"saml-metadata.xml\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.WorkLink.Fleet(\"test\", new()\n {\n Name = \"tf-worklink-fleet\",\n IdentityProvider = new Aws.WorkLink.Inputs.FleetIdentityProviderArgs\n {\n Type = \"SAML\",\n SamlMetadata = Std.File.Invoke(new()\n {\n Input = \"saml-metadata.xml\",\n }).Apply(invoke =\u003e invoke.Result),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/worklink\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"saml-metadata.xml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = worklink.NewFleet(ctx, \"test\", \u0026worklink.FleetArgs{\n\t\t\tName: pulumi.String(\"tf-worklink-fleet\"),\n\t\t\tIdentityProvider: \u0026worklink.FleetIdentityProviderArgs{\n\t\t\t\tType: pulumi.String(\"SAML\"),\n\t\t\t\tSamlMetadata: pulumi.String(invokeFile.Result),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.worklink.Fleet;\nimport com.pulumi.aws.worklink.FleetArgs;\nimport com.pulumi.aws.worklink.inputs.FleetIdentityProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Fleet(\"test\", FleetArgs.builder()\n .name(\"tf-worklink-fleet\")\n .identityProvider(FleetIdentityProviderArgs.builder()\n .type(\"SAML\")\n .samlMetadata(StdFunctions.file(FileArgs.builder()\n .input(\"saml-metadata.xml\")\n .build()).result())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:worklink:Fleet\n properties:\n name: tf-worklink-fleet\n identityProvider:\n type: SAML\n samlMetadata:\n fn::invoke:\n Function: std:file\n Arguments:\n input: saml-metadata.xml\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WorkLink using the ARN. For example:\n\n```sh\n$ pulumi import aws:worklink/fleet:Fleet test arn:aws:worklink::123456789012:fleet/example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created WorkLink Fleet.\n" }, "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events. Kinesis data stream name must begin with `\"AmazonWorkLink-\"`.\n" }, "companyCode": { "type": "string", "description": "The identifier used by users to sign in to the Amazon WorkLink app.\n" }, "createdTime": { "type": "string", "description": "The time that the fleet was created.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the fleet was last updated.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n" }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n\n**network** requires the following:\n\n\u003e **NOTE:** `network` is cannot removed without force recreating.\n" } }, "required": [ "arn", "companyCode", "createdTime", "lastUpdatedTime", "name" ], "inputProperties": { "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events. Kinesis data stream name must begin with `\"AmazonWorkLink-\"`.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n\n**network** requires the following:\n\n\u003e **NOTE:** `network` is cannot removed without force recreating.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering Fleet resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the created WorkLink Fleet.\n" }, "auditStreamArn": { "type": "string", "description": "The ARN of the Amazon Kinesis data stream that receives the audit events. Kinesis data stream name must begin with `\"AmazonWorkLink-\"`.\n" }, "companyCode": { "type": "string", "description": "The identifier used by users to sign in to the Amazon WorkLink app.\n" }, "createdTime": { "type": "string", "description": "The time that the fleet was created.\n" }, "deviceCaCertificate": { "type": "string", "description": "The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.\n" }, "displayName": { "type": "string", "description": "The name of the fleet.\n" }, "identityProvider": { "$ref": "#/types/aws:worklink/FleetIdentityProvider:FleetIdentityProvider", "description": "Provide this to allow manage the identity provider configuration for the fleet. Fields documented below.\n" }, "lastUpdatedTime": { "type": "string", "description": "The time that the fleet was last updated.\n" }, "name": { "type": "string", "description": "A region-unique name for the AMI.\n", "willReplaceOnChanges": true }, "network": { "$ref": "#/types/aws:worklink/FleetNetwork:FleetNetwork", "description": "Provide this to allow manage the company network configuration for the fleet. Fields documented below.\n" }, "optimizeForEndUserLocation": { "type": "boolean", "description": "The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region. Defaults to `true`.\n\n**network** requires the following:\n\n\u003e **NOTE:** `network` is cannot removed without force recreating.\n" } }, "type": "object" } }, "aws:worklink/websiteCertificateAuthorityAssociation:WebsiteCertificateAuthorityAssociation": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.worklink.Fleet(\"example\", {name: \"example\"});\nconst test = new aws.worklink.WebsiteCertificateAuthorityAssociation(\"test\", {\n fleetArn: testAwsWorklinkFleet.arn,\n certificate: std.file({\n input: \"certificate.pem\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.worklink.Fleet(\"example\", name=\"example\")\ntest = aws.worklink.WebsiteCertificateAuthorityAssociation(\"test\",\n fleet_arn=test_aws_worklink_fleet[\"arn\"],\n certificate=std.file(input=\"certificate.pem\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WorkLink.Fleet(\"example\", new()\n {\n Name = \"example\",\n });\n\n var test = new Aws.WorkLink.WebsiteCertificateAuthorityAssociation(\"test\", new()\n {\n FleetArn = testAwsWorklinkFleet.Arn,\n Certificate = Std.File.Invoke(new()\n {\n Input = \"certificate.pem\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/worklink\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := worklink.NewFleet(ctx, \"example\", \u0026worklink.FleetArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"certificate.pem\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = worklink.NewWebsiteCertificateAuthorityAssociation(ctx, \"test\", \u0026worklink.WebsiteCertificateAuthorityAssociationArgs{\n\t\t\tFleetArn: pulumi.Any(testAwsWorklinkFleet.Arn),\n\t\t\tCertificate: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.worklink.Fleet;\nimport com.pulumi.aws.worklink.FleetArgs;\nimport com.pulumi.aws.worklink.WebsiteCertificateAuthorityAssociation;\nimport com.pulumi.aws.worklink.WebsiteCertificateAuthorityAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Fleet(\"example\", FleetArgs.builder()\n .name(\"example\")\n .build());\n\n var test = new WebsiteCertificateAuthorityAssociation(\"test\", WebsiteCertificateAuthorityAssociationArgs.builder()\n .fleetArn(testAwsWorklinkFleet.arn())\n .certificate(StdFunctions.file(FileArgs.builder()\n .input(\"certificate.pem\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:worklink:Fleet\n properties:\n name: example\n test:\n type: aws:worklink:WebsiteCertificateAuthorityAssociation\n properties:\n fleetArn: ${testAwsWorklinkFleet.arn}\n certificate:\n fn::invoke:\n Function: std:file\n Arguments:\n input: certificate.pem\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WorkLink Website Certificate Authority using `FLEET-ARN,WEBSITE-CA-ID`. For example:\n\n```sh\n$ pulumi import aws:worklink/websiteCertificateAuthorityAssociation:WebsiteCertificateAuthorityAssociation example arn:aws:worklink::123456789012:fleet/example,abcdefghijk\n```\n", "properties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n" }, "displayName": { "type": "string", "description": "The certificate name to display.\n" }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n" }, "websiteCaId": { "type": "string", "description": "A unique identifier for the Certificate Authority.\n" } }, "required": [ "certificate", "fleetArn", "websiteCaId" ], "inputProperties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n", "willReplaceOnChanges": true }, "displayName": { "type": "string", "description": "The certificate name to display.\n", "willReplaceOnChanges": true }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "certificate", "fleetArn" ], "stateInputs": { "description": "Input properties used for looking up and filtering WebsiteCertificateAuthorityAssociation resources.\n", "properties": { "certificate": { "type": "string", "description": "The root certificate of the Certificate Authority.\n", "willReplaceOnChanges": true }, "displayName": { "type": "string", "description": "The certificate name to display.\n", "willReplaceOnChanges": true }, "fleetArn": { "type": "string", "description": "The ARN of the fleet.\n", "willReplaceOnChanges": true }, "websiteCaId": { "type": "string", "description": "A unique identifier for the Certificate Authority.\n" } }, "type": "object" } }, "aws:workspaces/connectionAlias:ConnectionAlias": { "description": "Resource for managing an AWS WorkSpaces Connection Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.workspaces.ConnectionAlias(\"example\", {connectionString: \"testdomain.test\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.ConnectionAlias(\"example\", connection_string=\"testdomain.test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Workspaces.ConnectionAlias(\"example\", new()\n {\n ConnectionString = \"testdomain.test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.NewConnectionAlias(ctx, \"example\", \u0026workspaces.ConnectionAliasArgs{\n\t\t\tConnectionString: pulumi.String(\"testdomain.test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.ConnectionAlias;\nimport com.pulumi.aws.workspaces.ConnectionAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConnectionAlias(\"example\", ConnectionAliasArgs.builder()\n .connectionString(\"testdomain.test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:ConnectionAlias\n properties:\n connectionString: testdomain.test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WorkSpaces Connection Alias using the connection alias ID. For example:\n\n```sh\n$ pulumi import aws:workspaces/connectionAlias:ConnectionAlias example rft-8012925589\n```\n", "properties": { "connectionString": { "type": "string", "description": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as www.example.com.\n" }, "ownerAccountId": { "type": "string", "description": "The identifier of the Amazon Web Services account that owns the connection alias.\n" }, "state": { "type": "string", "description": "The current state of the connection alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:workspaces/ConnectionAliasTimeouts:ConnectionAliasTimeouts" } }, "required": [ "connectionString", "ownerAccountId", "state", "tagsAll" ], "inputProperties": { "connectionString": { "type": "string", "description": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as www.example.com.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "timeouts": { "$ref": "#/types/aws:workspaces/ConnectionAliasTimeouts:ConnectionAliasTimeouts" } }, "requiredInputs": [ "connectionString" ], "stateInputs": { "description": "Input properties used for looking up and filtering ConnectionAlias resources.\n", "properties": { "connectionString": { "type": "string", "description": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as www.example.com.\n" }, "ownerAccountId": { "type": "string", "description": "The identifier of the Amazon Web Services account that owns the connection alias.\n" }, "state": { "type": "string", "description": "The current state of the connection alias.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces Connection Alias. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "timeouts": { "$ref": "#/types/aws:workspaces/ConnectionAliasTimeouts:ConnectionAliasTimeouts" } }, "type": "object" } }, "aws:workspaces/directory:Directory": { "description": "Provides a WorkSpaces directory in AWS WorkSpaces Service.\n\n\u003e **NOTE:** AWS WorkSpaces service requires [`workspaces_DefaultRole`](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-access-control.html#create-default-role) IAM role to operate normally.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleA = new aws.ec2.Subnet(\"example_a\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1a\",\n cidrBlock: \"10.0.0.0/24\",\n});\nconst exampleB = new aws.ec2.Subnet(\"example_b\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1b\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst exampleDirectory = new aws.directoryservice.Directory(\"example\", {\n name: \"corp.example.com\",\n password: \"#S1ncerely\",\n size: \"Small\",\n vpcSettings: {\n vpcId: exampleVpc.id,\n subnetIds: [\n exampleA.id,\n exampleB.id,\n ],\n },\n});\nconst workspaces = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"workspaces.amazonaws.com\"],\n }],\n }],\n});\nconst workspacesDefault = new aws.iam.Role(\"workspaces_default\", {\n name: \"workspaces_DefaultRole\",\n assumeRolePolicy: workspaces.then(workspaces =\u003e workspaces.json),\n});\nconst workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n});\nconst workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n});\nconst exampleC = new aws.ec2.Subnet(\"example_c\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1c\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst exampleD = new aws.ec2.Subnet(\"example_d\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1d\",\n cidrBlock: \"10.0.3.0/24\",\n});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleDirectory.id,\n subnetIds: [\n exampleC.id,\n exampleD.id,\n ],\n tags: {\n Example: \"true\",\n },\n selfServicePermissions: {\n changeComputeType: true,\n increaseVolumeSize: true,\n rebuildWorkspace: true,\n restartWorkspace: true,\n switchRunningMode: true,\n },\n workspaceAccessProperties: {\n deviceTypeAndroid: \"ALLOW\",\n deviceTypeChromeos: \"ALLOW\",\n deviceTypeIos: \"ALLOW\",\n deviceTypeLinux: \"DENY\",\n deviceTypeOsx: \"ALLOW\",\n deviceTypeWeb: \"DENY\",\n deviceTypeWindows: \"DENY\",\n deviceTypeZeroclient: \"DENY\",\n },\n workspaceCreationProperties: {\n customSecurityGroupId: exampleAwsSecurityGroup.id,\n defaultOu: \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n enableInternetAccess: true,\n enableMaintenanceMode: true,\n userEnabledAsLocalAdministrator: true,\n },\n}, {\n dependsOn: [\n workspacesDefaultServiceAccess,\n workspacesDefaultSelfServiceAccess,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_a = aws.ec2.Subnet(\"example_a\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1a\",\n cidr_block=\"10.0.0.0/24\")\nexample_b = aws.ec2.Subnet(\"example_b\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1b\",\n cidr_block=\"10.0.1.0/24\")\nexample_directory = aws.directoryservice.Directory(\"example\",\n name=\"corp.example.com\",\n password=\"#S1ncerely\",\n size=\"Small\",\n vpc_settings={\n \"vpc_id\": example_vpc.id,\n \"subnet_ids\": [\n example_a.id,\n example_b.id,\n ],\n })\nworkspaces = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"workspaces.amazonaws.com\"],\n }],\n}])\nworkspaces_default = aws.iam.Role(\"workspaces_default\",\n name=\"workspaces_DefaultRole\",\n assume_role_policy=workspaces.json)\nworkspaces_default_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\nworkspaces_default_self_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\nexample_c = aws.ec2.Subnet(\"example_c\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1c\",\n cidr_block=\"10.0.2.0/24\")\nexample_d = aws.ec2.Subnet(\"example_d\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1d\",\n cidr_block=\"10.0.3.0/24\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_directory.id,\n subnet_ids=[\n example_c.id,\n example_d.id,\n ],\n tags={\n \"Example\": \"true\",\n },\n self_service_permissions={\n \"change_compute_type\": True,\n \"increase_volume_size\": True,\n \"rebuild_workspace\": True,\n \"restart_workspace\": True,\n \"switch_running_mode\": True,\n },\n workspace_access_properties={\n \"device_type_android\": \"ALLOW\",\n \"device_type_chromeos\": \"ALLOW\",\n \"device_type_ios\": \"ALLOW\",\n \"device_type_linux\": \"DENY\",\n \"device_type_osx\": \"ALLOW\",\n \"device_type_web\": \"DENY\",\n \"device_type_windows\": \"DENY\",\n \"device_type_zeroclient\": \"DENY\",\n },\n workspace_creation_properties={\n \"custom_security_group_id\": example_aws_security_group[\"id\"],\n \"default_ou\": \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n \"enable_internet_access\": True,\n \"enable_maintenance_mode\": True,\n \"user_enabled_as_local_administrator\": True,\n },\n opts = pulumi.ResourceOptions(depends_on=[\n workspaces_default_service_access,\n workspaces_default_self_service_access,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleA = new Aws.Ec2.Subnet(\"example_a\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1a\",\n CidrBlock = \"10.0.0.0/24\",\n });\n\n var exampleB = new Aws.Ec2.Subnet(\"example_b\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1b\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var exampleDirectory = new Aws.DirectoryService.Directory(\"example\", new()\n {\n Name = \"corp.example.com\",\n Password = \"#S1ncerely\",\n Size = \"Small\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = exampleVpc.Id,\n SubnetIds = new[]\n {\n exampleA.Id,\n exampleB.Id,\n },\n },\n });\n\n var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"workspaces.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var workspacesDefault = new Aws.Iam.Role(\"workspaces_default\", new()\n {\n Name = \"workspaces_DefaultRole\",\n AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n });\n\n var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n });\n\n var exampleC = new Aws.Ec2.Subnet(\"example_c\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1c\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var exampleD = new Aws.Ec2.Subnet(\"example_d\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1d\",\n CidrBlock = \"10.0.3.0/24\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleDirectory.Id,\n SubnetIds = new[]\n {\n exampleC.Id,\n exampleD.Id,\n },\n Tags = \n {\n { \"Example\", \"true\" },\n },\n SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs\n {\n ChangeComputeType = true,\n IncreaseVolumeSize = true,\n RebuildWorkspace = true,\n RestartWorkspace = true,\n SwitchRunningMode = true,\n },\n WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs\n {\n DeviceTypeAndroid = \"ALLOW\",\n DeviceTypeChromeos = \"ALLOW\",\n DeviceTypeIos = \"ALLOW\",\n DeviceTypeLinux = \"DENY\",\n DeviceTypeOsx = \"ALLOW\",\n DeviceTypeWeb = \"DENY\",\n DeviceTypeWindows = \"DENY\",\n DeviceTypeZeroclient = \"DENY\",\n },\n WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs\n {\n CustomSecurityGroupId = exampleAwsSecurityGroup.Id,\n DefaultOu = \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n EnableInternetAccess = true,\n EnableMaintenanceMode = true,\n UserEnabledAsLocalAdministrator = true,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n workspacesDefaultServiceAccess,\n workspacesDefaultSelfServiceAccess,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleA, err := ec2.NewSubnet(ctx, \"example_a\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleB, err := ec2.NewSubnet(ctx, \"example_b\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectory, err := directoryservice.NewDirectory(ctx, \"example\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.example.com\"),\n\t\t\tPassword: pulumi.String(\"#S1ncerely\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tVpcId: exampleVpc.ID(),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texampleA.ID(),\n\t\t\t\t\texampleB.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspaces, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"workspaces.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefault, err := iam.NewRole(ctx, \"workspaces_default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"workspaces_DefaultRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(workspaces.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefaultServiceAccess, err := iam.NewRolePolicyAttachment(ctx, \"workspaces_default_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefaultSelfServiceAccess, err := iam.NewRolePolicyAttachment(ctx, \"workspaces_default_self_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleC, err := ec2.NewSubnet(ctx, \"example_c\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1c\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleD, err := ec2.NewSubnet(ctx, \"example_d\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1d\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.3.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: exampleDirectory.ID(),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleC.ID(),\n\t\t\t\texampleD.ID(),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Example\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t\tSelfServicePermissions: \u0026workspaces.DirectorySelfServicePermissionsArgs{\n\t\t\t\tChangeComputeType: pulumi.Bool(true),\n\t\t\t\tIncreaseVolumeSize: pulumi.Bool(true),\n\t\t\t\tRebuildWorkspace: pulumi.Bool(true),\n\t\t\t\tRestartWorkspace: pulumi.Bool(true),\n\t\t\t\tSwitchRunningMode: pulumi.Bool(true),\n\t\t\t},\n\t\t\tWorkspaceAccessProperties: \u0026workspaces.DirectoryWorkspaceAccessPropertiesArgs{\n\t\t\t\tDeviceTypeAndroid: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeChromeos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeIos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeLinux: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeOsx: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeWeb: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeWindows: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeZeroclient: pulumi.String(\"DENY\"),\n\t\t\t},\n\t\t\tWorkspaceCreationProperties: \u0026workspaces.DirectoryWorkspaceCreationPropertiesArgs{\n\t\t\t\tCustomSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),\n\t\t\t\tDefaultOu: pulumi.String(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\"),\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t\tEnableMaintenanceMode: pulumi.Bool(true),\n\t\t\t\tUserEnabledAsLocalAdministrator: pulumi.Bool(true),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tworkspacesDefaultServiceAccess,\n\t\t\tworkspacesDefaultSelfServiceAccess,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleA = new Subnet(\"exampleA\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1a\")\n .cidrBlock(\"10.0.0.0/24\")\n .build());\n\n var exampleB = new Subnet(\"exampleB\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1b\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var exampleDirectory = new Directory(\"exampleDirectory\", DirectoryArgs.builder()\n .name(\"corp.example.com\")\n .password(\"#S1ncerely\")\n .size(\"Small\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(exampleVpc.id())\n .subnetIds( \n exampleA.id(),\n exampleB.id())\n .build())\n .build());\n\n final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"workspaces.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var workspacesDefault = new Role(\"workspacesDefault\", RoleArgs.builder()\n .name(\"workspaces_DefaultRole\")\n .assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var workspacesDefaultServiceAccess = new RolePolicyAttachment(\"workspacesDefaultServiceAccess\", RolePolicyAttachmentArgs.builder()\n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\n .build());\n\n var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment(\"workspacesDefaultSelfServiceAccess\", RolePolicyAttachmentArgs.builder()\n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\n .build());\n\n var exampleC = new Subnet(\"exampleC\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1c\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var exampleD = new Subnet(\"exampleD\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1d\")\n .cidrBlock(\"10.0.3.0/24\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder()\n .directoryId(exampleDirectory.id())\n .subnetIds( \n exampleC.id(),\n exampleD.id())\n .tags(Map.of(\"Example\", true))\n .selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()\n .changeComputeType(true)\n .increaseVolumeSize(true)\n .rebuildWorkspace(true)\n .restartWorkspace(true)\n .switchRunningMode(true)\n .build())\n .workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()\n .deviceTypeAndroid(\"ALLOW\")\n .deviceTypeChromeos(\"ALLOW\")\n .deviceTypeIos(\"ALLOW\")\n .deviceTypeLinux(\"DENY\")\n .deviceTypeOsx(\"ALLOW\")\n .deviceTypeWeb(\"DENY\")\n .deviceTypeWindows(\"DENY\")\n .deviceTypeZeroclient(\"DENY\")\n .build())\n .workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()\n .customSecurityGroupId(exampleAwsSecurityGroup.id())\n .defaultOu(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\")\n .enableInternetAccess(true)\n .enableMaintenanceMode(true)\n .userEnabledAsLocalAdministrator(true)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n workspacesDefaultServiceAccess,\n workspacesDefaultSelfServiceAccess)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleDirectory.id}\n subnetIds:\n - ${exampleC.id}\n - ${exampleD.id}\n tags:\n Example: true\n selfServicePermissions:\n changeComputeType: true\n increaseVolumeSize: true\n rebuildWorkspace: true\n restartWorkspace: true\n switchRunningMode: true\n workspaceAccessProperties:\n deviceTypeAndroid: ALLOW\n deviceTypeChromeos: ALLOW\n deviceTypeIos: ALLOW\n deviceTypeLinux: DENY\n deviceTypeOsx: ALLOW\n deviceTypeWeb: DENY\n deviceTypeWindows: DENY\n deviceTypeZeroclient: DENY\n workspaceCreationProperties:\n customSecurityGroupId: ${exampleAwsSecurityGroup.id}\n defaultOu: OU=AWS,DC=Workgroup,DC=Example,DC=com\n enableInternetAccess: true\n enableMaintenanceMode: true\n userEnabledAsLocalAdministrator: true\n options:\n dependson:\n - ${workspacesDefaultServiceAccess}\n - ${workspacesDefaultSelfServiceAccess}\n exampleDirectory:\n type: aws:directoryservice:Directory\n name: example\n properties:\n name: corp.example.com\n password: '#S1ncerely'\n size: Small\n vpcSettings:\n vpcId: ${exampleVpc.id}\n subnetIds:\n - ${exampleA.id}\n - ${exampleB.id}\n workspacesDefault:\n type: aws:iam:Role\n name: workspaces_default\n properties:\n name: workspaces_DefaultRole\n assumeRolePolicy: ${workspaces.json}\n workspacesDefaultServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\n workspacesDefaultSelfServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_self_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleA:\n type: aws:ec2:Subnet\n name: example_a\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1a\n cidrBlock: 10.0.0.0/24\n exampleB:\n type: aws:ec2:Subnet\n name: example_b\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1b\n cidrBlock: 10.0.1.0/24\n exampleC:\n type: aws:ec2:Subnet\n name: example_c\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1c\n cidrBlock: 10.0.2.0/24\n exampleD:\n type: aws:ec2:Subnet\n name: example_d\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1d\n cidrBlock: 10.0.3.0/24\nvariables:\n workspaces:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - workspaces.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleIpGroup = new aws.workspaces.IpGroup(\"example\", {name: \"example\"});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n ipGroupIds: [exampleIpGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_ip_group = aws.workspaces.IpGroup(\"example\", name=\"example\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n ip_group_ids=[example_ip_group.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleIpGroup = new Aws.Workspaces.IpGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n IpGroupIds = new[]\n {\n exampleIpGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleIpGroup, err := workspaces.NewIpGroup(ctx, \"example\", \u0026workspaces.IpGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tIpGroupIds: pulumi.StringArray{\n\t\t\t\texampleIpGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.IpGroup;\nimport com.pulumi.aws.workspaces.IpGroupArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleIpGroup = new IpGroup(\"exampleIpGroup\", IpGroupArgs.builder()\n .name(\"example\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder()\n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .ipGroupIds(exampleIpGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n ipGroupIds:\n - ${exampleIpGroup.id}\n exampleIpGroup:\n type: aws:workspaces:IpGroup\n name: example\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Workspaces directory using the directory ID. For example:\n\n```sh\n$ pulumi import aws:workspaces/directory:Directory main d-4444444444\n```\n", "properties": { "alias": { "type": "string", "description": "The directory alias.\n" }, "customerUserName": { "type": "string", "description": "The user name for the service account.\n" }, "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n" }, "directoryName": { "type": "string", "description": "The name of the directory.\n" }, "directoryType": { "type": "string", "description": "The directory type.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the DNS servers for the directory.\n" }, "iamRoleId": { "type": "string", "description": "The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.\n" }, "ipGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the IP access control groups associated with the directory.\n" }, "registrationCode": { "type": "string", "description": "The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "Permissions to enable or disable self-service capabilities. Defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workspaceAccessProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceAccessProperties:DirectoryWorkspaceAccessProperties", "description": "Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.\n" }, "workspaceCreationProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceCreationProperties:DirectoryWorkspaceCreationProperties", "description": "Default properties that are used for creating WorkSpaces. Defined below.\n" }, "workspaceSecurityGroupId": { "type": "string", "description": "The identifier of the security group that is assigned to new WorkSpaces.\n" } }, "required": [ "alias", "customerUserName", "directoryId", "directoryName", "directoryType", "dnsIpAddresses", "iamRoleId", "ipGroupIds", "registrationCode", "selfServicePermissions", "subnetIds", "tagsAll", "workspaceAccessProperties", "workspaceCreationProperties", "workspaceSecurityGroupId" ], "inputProperties": { "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n", "willReplaceOnChanges": true }, "ipGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the IP access control groups associated with the directory.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "Permissions to enable or disable self-service capabilities. Defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "workspaceAccessProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceAccessProperties:DirectoryWorkspaceAccessProperties", "description": "Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.\n" }, "workspaceCreationProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceCreationProperties:DirectoryWorkspaceCreationProperties", "description": "Default properties that are used for creating WorkSpaces. Defined below.\n" } }, "requiredInputs": [ "directoryId" ], "stateInputs": { "description": "Input properties used for looking up and filtering Directory resources.\n", "properties": { "alias": { "type": "string", "description": "The directory alias.\n" }, "customerUserName": { "type": "string", "description": "The user name for the service account.\n" }, "directoryId": { "type": "string", "description": "The directory identifier for registration in WorkSpaces service.\n", "willReplaceOnChanges": true }, "directoryName": { "type": "string", "description": "The name of the directory.\n" }, "directoryType": { "type": "string", "description": "The directory type.\n" }, "dnsIpAddresses": { "type": "array", "items": { "type": "string" }, "description": "The IP addresses of the DNS servers for the directory.\n" }, "iamRoleId": { "type": "string", "description": "The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.\n" }, "ipGroupIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the IP access control groups associated with the directory.\n" }, "registrationCode": { "type": "string", "description": "The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.\n" }, "selfServicePermissions": { "$ref": "#/types/aws:workspaces/DirectorySelfServicePermissions:DirectorySelfServicePermissions", "description": "Permissions to enable or disable self-service capabilities. Defined below.\n" }, "subnetIds": { "type": "array", "items": { "type": "string" }, "description": "The identifiers of the subnets where the directory resides.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "workspaceAccessProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceAccessProperties:DirectoryWorkspaceAccessProperties", "description": "Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.\n" }, "workspaceCreationProperties": { "$ref": "#/types/aws:workspaces/DirectoryWorkspaceCreationProperties:DirectoryWorkspaceCreationProperties", "description": "Default properties that are used for creating WorkSpaces. Defined below.\n" }, "workspaceSecurityGroupId": { "type": "string", "description": "The identifier of the security group that is assigned to new WorkSpaces.\n" } }, "type": "object" } }, "aws:workspaces/ipGroup:IpGroup": { "description": "Provides an IP access control group in AWS WorkSpaces Service\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst contractors = new aws.workspaces.IpGroup(\"contractors\", {\n name: \"Contractors\",\n description: \"Contractors IP access control group\",\n rules: [\n {\n source: \"150.24.14.0/24\",\n description: \"NY\",\n },\n {\n source: \"125.191.14.85/32\",\n description: \"LA\",\n },\n {\n source: \"44.98.100.0/24\",\n description: \"STL\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncontractors = aws.workspaces.IpGroup(\"contractors\",\n name=\"Contractors\",\n description=\"Contractors IP access control group\",\n rules=[\n {\n \"source\": \"150.24.14.0/24\",\n \"description\": \"NY\",\n },\n {\n \"source\": \"125.191.14.85/32\",\n \"description\": \"LA\",\n },\n {\n \"source\": \"44.98.100.0/24\",\n \"description\": \"STL\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var contractors = new Aws.Workspaces.IpGroup(\"contractors\", new()\n {\n Name = \"Contractors\",\n Description = \"Contractors IP access control group\",\n Rules = new[]\n {\n new Aws.Workspaces.Inputs.IpGroupRuleArgs\n {\n Source = \"150.24.14.0/24\",\n Description = \"NY\",\n },\n new Aws.Workspaces.Inputs.IpGroupRuleArgs\n {\n Source = \"125.191.14.85/32\",\n Description = \"LA\",\n },\n new Aws.Workspaces.Inputs.IpGroupRuleArgs\n {\n Source = \"44.98.100.0/24\",\n Description = \"STL\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.NewIpGroup(ctx, \"contractors\", \u0026workspaces.IpGroupArgs{\n\t\t\tName: pulumi.String(\"Contractors\"),\n\t\t\tDescription: pulumi.String(\"Contractors IP access control group\"),\n\t\t\tRules: workspaces.IpGroupRuleArray{\n\t\t\t\t\u0026workspaces.IpGroupRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"150.24.14.0/24\"),\n\t\t\t\t\tDescription: pulumi.String(\"NY\"),\n\t\t\t\t},\n\t\t\t\t\u0026workspaces.IpGroupRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"125.191.14.85/32\"),\n\t\t\t\t\tDescription: pulumi.String(\"LA\"),\n\t\t\t\t},\n\t\t\t\t\u0026workspaces.IpGroupRuleArgs{\n\t\t\t\t\tSource: pulumi.String(\"44.98.100.0/24\"),\n\t\t\t\t\tDescription: pulumi.String(\"STL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.IpGroup;\nimport com.pulumi.aws.workspaces.IpGroupArgs;\nimport com.pulumi.aws.workspaces.inputs.IpGroupRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var contractors = new IpGroup(\"contractors\", IpGroupArgs.builder()\n .name(\"Contractors\")\n .description(\"Contractors IP access control group\")\n .rules( \n IpGroupRuleArgs.builder()\n .source(\"150.24.14.0/24\")\n .description(\"NY\")\n .build(),\n IpGroupRuleArgs.builder()\n .source(\"125.191.14.85/32\")\n .description(\"LA\")\n .build(),\n IpGroupRuleArgs.builder()\n .source(\"44.98.100.0/24\")\n .description(\"STL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n contractors:\n type: aws:workspaces:IpGroup\n properties:\n name: Contractors\n description: Contractors IP access control group\n rules:\n - source: 150.24.14.0/24\n description: NY\n - source: 125.191.14.85/32\n description: LA\n - source: 44.98.100.0/24\n description: STL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WorkSpaces IP groups using their GroupID. For example:\n\n```sh\n$ pulumi import aws:workspaces/ipGroup:IpGroup example wsipg-488lrtl3k\n```\n", "properties": { "description": { "type": "string", "description": "The description of the IP group.\n" }, "name": { "type": "string", "description": "The name of the IP group.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "name", "tagsAll" ], "inputProperties": { "description": { "type": "string", "description": "The description of the IP group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the IP group.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "stateInputs": { "description": "Input properties used for looking up and filtering IpGroup resources.\n", "properties": { "description": { "type": "string", "description": "The description of the IP group.\n", "willReplaceOnChanges": true }, "name": { "type": "string", "description": "The name of the IP group.\n", "willReplaceOnChanges": true }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:workspaces/IpGroupRule:IpGroupRule" }, "description": "One or more pairs specifying the IP group rule (in CIDR format) from which web requests originate.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:workspaces/workspace:Workspace": { "description": "Provides a workspace in [AWS Workspaces](https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html) Service\n\n\u003e **NOTE:** AWS WorkSpaces service requires [`workspaces_DefaultRole`](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-access-control.html#create-default-role) IAM role to operate normally.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst valueWindows10 = aws.workspaces.getBundle({\n bundleId: \"wsb-bh8rsxt14\",\n});\nconst workspaces = aws.kms.getKey({\n keyId: \"alias/aws/workspaces\",\n});\nconst example = new aws.workspaces.Workspace(\"example\", {\n directoryId: exampleAwsWorkspacesDirectory.id,\n bundleId: valueWindows10.then(valueWindows10 =\u003e valueWindows10.id),\n userName: \"john.doe\",\n rootVolumeEncryptionEnabled: true,\n userVolumeEncryptionEnabled: true,\n volumeEncryptionKey: workspaces.then(workspaces =\u003e workspaces.arn),\n workspaceProperties: {\n computeTypeName: \"VALUE\",\n userVolumeSizeGib: 10,\n rootVolumeSizeGib: 80,\n runningMode: \"AUTO_STOP\",\n runningModeAutoStopTimeoutInMinutes: 60,\n },\n tags: {\n Department: \"IT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nvalue_windows10 = aws.workspaces.get_bundle(bundle_id=\"wsb-bh8rsxt14\")\nworkspaces = aws.kms.get_key(key_id=\"alias/aws/workspaces\")\nexample = aws.workspaces.Workspace(\"example\",\n directory_id=example_aws_workspaces_directory[\"id\"],\n bundle_id=value_windows10.id,\n user_name=\"john.doe\",\n root_volume_encryption_enabled=True,\n user_volume_encryption_enabled=True,\n volume_encryption_key=workspaces.arn,\n workspace_properties={\n \"compute_type_name\": \"VALUE\",\n \"user_volume_size_gib\": 10,\n \"root_volume_size_gib\": 80,\n \"running_mode\": \"AUTO_STOP\",\n \"running_mode_auto_stop_timeout_in_minutes\": 60,\n },\n tags={\n \"Department\": \"IT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var valueWindows10 = Aws.Workspaces.GetBundle.Invoke(new()\n {\n BundleId = \"wsb-bh8rsxt14\",\n });\n\n var workspaces = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"alias/aws/workspaces\",\n });\n\n var example = new Aws.Workspaces.Workspace(\"example\", new()\n {\n DirectoryId = exampleAwsWorkspacesDirectory.Id,\n BundleId = valueWindows10.Apply(getBundleResult =\u003e getBundleResult.Id),\n UserName = \"john.doe\",\n RootVolumeEncryptionEnabled = true,\n UserVolumeEncryptionEnabled = true,\n VolumeEncryptionKey = workspaces.Apply(getKeyResult =\u003e getKeyResult.Arn),\n WorkspaceProperties = new Aws.Workspaces.Inputs.WorkspaceWorkspacePropertiesArgs\n {\n ComputeTypeName = \"VALUE\",\n UserVolumeSizeGib = 10,\n RootVolumeSizeGib = 80,\n RunningMode = \"AUTO_STOP\",\n RunningModeAutoStopTimeoutInMinutes = 60,\n },\n Tags = \n {\n { \"Department\", \"IT\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tvalueWindows10, err := workspaces.GetBundle(ctx, \u0026workspaces.GetBundleArgs{\n\t\t\tBundleId: pulumi.StringRef(\"wsb-bh8rsxt14\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspaces, err := kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"alias/aws/workspaces\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewWorkspace(ctx, \"example\", \u0026workspaces.WorkspaceArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsWorkspacesDirectory.Id),\n\t\t\tBundleId: pulumi.String(valueWindows10.Id),\n\t\t\tUserName: pulumi.String(\"john.doe\"),\n\t\t\tRootVolumeEncryptionEnabled: pulumi.Bool(true),\n\t\t\tUserVolumeEncryptionEnabled: pulumi.Bool(true),\n\t\t\tVolumeEncryptionKey: pulumi.String(workspaces.Arn),\n\t\t\tWorkspaceProperties: \u0026workspaces.WorkspaceWorkspacePropertiesArgs{\n\t\t\t\tComputeTypeName: pulumi.String(\"VALUE\"),\n\t\t\t\tUserVolumeSizeGib: pulumi.Int(10),\n\t\t\t\tRootVolumeSizeGib: pulumi.Int(80),\n\t\t\t\tRunningMode: pulumi.String(\"AUTO_STOP\"),\n\t\t\t\tRunningModeAutoStopTimeoutInMinutes: pulumi.Int(60),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Department\": pulumi.String(\"IT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetBundleArgs;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetKeyArgs;\nimport com.pulumi.aws.workspaces.Workspace;\nimport com.pulumi.aws.workspaces.WorkspaceArgs;\nimport com.pulumi.aws.workspaces.inputs.WorkspaceWorkspacePropertiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var valueWindows10 = WorkspacesFunctions.getBundle(GetBundleArgs.builder()\n .bundleId(\"wsb-bh8rsxt14\")\n .build());\n\n final var workspaces = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"alias/aws/workspaces\")\n .build());\n\n var example = new Workspace(\"example\", WorkspaceArgs.builder()\n .directoryId(exampleAwsWorkspacesDirectory.id())\n .bundleId(valueWindows10.applyValue(getBundleResult -\u003e getBundleResult.id()))\n .userName(\"john.doe\")\n .rootVolumeEncryptionEnabled(true)\n .userVolumeEncryptionEnabled(true)\n .volumeEncryptionKey(workspaces.applyValue(getKeyResult -\u003e getKeyResult.arn()))\n .workspaceProperties(WorkspaceWorkspacePropertiesArgs.builder()\n .computeTypeName(\"VALUE\")\n .userVolumeSizeGib(10)\n .rootVolumeSizeGib(80)\n .runningMode(\"AUTO_STOP\")\n .runningModeAutoStopTimeoutInMinutes(60)\n .build())\n .tags(Map.of(\"Department\", \"IT\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Workspace\n properties:\n directoryId: ${exampleAwsWorkspacesDirectory.id}\n bundleId: ${valueWindows10.id}\n userName: john.doe\n rootVolumeEncryptionEnabled: true\n userVolumeEncryptionEnabled: true\n volumeEncryptionKey: ${workspaces.arn}\n workspaceProperties:\n computeTypeName: VALUE\n userVolumeSizeGib: 10\n rootVolumeSizeGib: 80\n runningMode: AUTO_STOP\n runningModeAutoStopTimeoutInMinutes: 60\n tags:\n Department: IT\nvariables:\n valueWindows10:\n fn::invoke:\n Function: aws:workspaces:getBundle\n Arguments:\n bundleId: wsb-bh8rsxt14\n workspaces:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: alias/aws/workspaces\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Workspaces using their ID. For example:\n\n```sh\n$ pulumi import aws:workspaces/workspace:Workspace example ws-9z9zmbkhv\n```\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n" }, "computerName": { "type": "string", "description": "The name of the WorkSpace, as seen by the operating system.\n" }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n" }, "ipAddress": { "type": "string", "description": "The IP address of the WorkSpace.\n" }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n" }, "state": { "type": "string", "description": "The operational state of the WorkSpace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n" }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n" }, "volumeEncryptionKey": { "type": "string", "description": "The ARN of a symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n" }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "required": [ "bundleId", "computerName", "directoryId", "ipAddress", "state", "tagsAll", "userName", "workspaceProperties" ], "inputProperties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n", "willReplaceOnChanges": true }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n", "willReplaceOnChanges": true }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n", "willReplaceOnChanges": true }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n", "willReplaceOnChanges": true }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n", "willReplaceOnChanges": true }, "volumeEncryptionKey": { "type": "string", "description": "The ARN of a symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n", "willReplaceOnChanges": true }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "requiredInputs": [ "bundleId", "directoryId", "userName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Workspace resources.\n", "properties": { "bundleId": { "type": "string", "description": "The ID of the bundle for the WorkSpace.\n", "willReplaceOnChanges": true }, "computerName": { "type": "string", "description": "The name of the WorkSpace, as seen by the operating system.\n" }, "directoryId": { "type": "string", "description": "The ID of the directory for the WorkSpace.\n", "willReplaceOnChanges": true }, "ipAddress": { "type": "string", "description": "The IP address of the WorkSpace.\n" }, "rootVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the root volume is encrypted.\n", "willReplaceOnChanges": true }, "state": { "type": "string", "description": "The operational state of the WorkSpace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags for the WorkSpace. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "userName": { "type": "string", "description": "The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace.\n", "willReplaceOnChanges": true }, "userVolumeEncryptionEnabled": { "type": "boolean", "description": "Indicates whether the data stored on the user volume is encrypted.\n", "willReplaceOnChanges": true }, "volumeEncryptionKey": { "type": "string", "description": "The ARN of a symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs.\n", "willReplaceOnChanges": true }, "workspaceProperties": { "$ref": "#/types/aws:workspaces/WorkspaceWorkspaceProperties:WorkspaceWorkspaceProperties", "description": "The WorkSpace properties.\n" } }, "type": "object" } }, "aws:xray/encryptionConfig:EncryptionConfig": { "description": "Creates and manages an AWS XRay Encryption Config.\n\n\u003e **NOTE:** Removing this resource from the provider has no effect to the encryption configuration within X-Ray.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.xray.EncryptionConfig(\"example\", {type: \"NONE\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.xray.EncryptionConfig(\"example\", type=\"NONE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Xray.EncryptionConfig(\"example\", new()\n {\n Type = \"NONE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/xray\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := xray.NewEncryptionConfig(ctx, \"example\", \u0026xray.EncryptionConfigArgs{\n\t\t\tType: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.xray.EncryptionConfig;\nimport com.pulumi.aws.xray.EncryptionConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EncryptionConfig(\"example\", EncryptionConfigArgs.builder()\n .type(\"NONE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:xray:EncryptionConfig\n properties:\n type: NONE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### With KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"Enable IAM User Permissions\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current.accountId}:root`],\n }],\n actions: [\"kms:*\"],\n resources: [\"*\"],\n }],\n}));\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"Some Key\",\n deletionWindowInDays: 7,\n policy: example.then(example =\u003e example.json),\n});\nconst exampleEncryptionConfig = new aws.xray.EncryptionConfig(\"example\", {\n type: \"KMS\",\n keyId: exampleKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.get_policy_document(statements=[{\n \"sid\": \"Enable IAM User Permissions\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [f\"arn:aws:iam::{current.account_id}:root\"],\n }],\n \"actions\": [\"kms:*\"],\n \"resources\": [\"*\"],\n}])\nexample_key = aws.kms.Key(\"example\",\n description=\"Some Key\",\n deletion_window_in_days=7,\n policy=example.json)\nexample_encryption_config = aws.xray.EncryptionConfig(\"example\",\n type=\"KMS\",\n key_id=example_key.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Enable IAM User Permissions\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Some Key\",\n DeletionWindowInDays = 7,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleEncryptionConfig = new Aws.Xray.EncryptionConfig(\"example\", new()\n {\n Type = \"KMS\",\n KeyId = exampleKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/xray\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Enable IAM User Permissions\"),\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Some Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = xray.NewEncryptionConfig(ctx, \"example\", \u0026xray.EncryptionConfigArgs{\n\t\t\tType: pulumi.String(\"KMS\"),\n\t\t\tKeyId: exampleKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.xray.EncryptionConfig;\nimport com.pulumi.aws.xray.EncryptionConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"Enable IAM User Permissions\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .actions(\"kms:*\")\n .resources(\"*\")\n .build())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder()\n .description(\"Some Key\")\n .deletionWindowInDays(7)\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleEncryptionConfig = new EncryptionConfig(\"exampleEncryptionConfig\", EncryptionConfigArgs.builder()\n .type(\"KMS\")\n .keyId(exampleKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: Some Key\n deletionWindowInDays: 7\n policy: ${example.json}\n exampleEncryptionConfig:\n type: aws:xray:EncryptionConfig\n name: example\n properties:\n type: KMS\n keyId: ${exampleKey.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Enable IAM User Permissions\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n actions:\n - kms:*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import XRay Encryption Config using the region name. For example:\n\n```sh\n$ pulumi import aws:xray/encryptionConfig:EncryptionConfig example us-west-2\n```\n", "properties": { "keyId": { "type": "string", "description": "An AWS KMS customer master key (CMK) ARN.\n" }, "type": { "type": "string", "description": "The type of encryption. Set to `KMS` to use your own key for encryption. Set to `NONE` for default encryption.\n" } }, "required": [ "type" ], "inputProperties": { "keyId": { "type": "string", "description": "An AWS KMS customer master key (CMK) ARN.\n" }, "type": { "type": "string", "description": "The type of encryption. Set to `KMS` to use your own key for encryption. Set to `NONE` for default encryption.\n" } }, "requiredInputs": [ "type" ], "stateInputs": { "description": "Input properties used for looking up and filtering EncryptionConfig resources.\n", "properties": { "keyId": { "type": "string", "description": "An AWS KMS customer master key (CMK) ARN.\n" }, "type": { "type": "string", "description": "The type of encryption. Set to `KMS` to use your own key for encryption. Set to `NONE` for default encryption.\n" } }, "type": "object" } }, "aws:xray/group:Group": { "description": "Creates and manages an AWS XRay Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.xray.Group(\"example\", {\n groupName: \"example\",\n filterExpression: \"responsetime \u003e 5\",\n insightsConfiguration: {\n insightsEnabled: true,\n notificationsEnabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.xray.Group(\"example\",\n group_name=\"example\",\n filter_expression=\"responsetime \u003e 5\",\n insights_configuration={\n \"insights_enabled\": True,\n \"notifications_enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Xray.Group(\"example\", new()\n {\n GroupName = \"example\",\n FilterExpression = \"responsetime \u003e 5\",\n InsightsConfiguration = new Aws.Xray.Inputs.GroupInsightsConfigurationArgs\n {\n InsightsEnabled = true,\n NotificationsEnabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/xray\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := xray.NewGroup(ctx, \"example\", \u0026xray.GroupArgs{\n\t\t\tGroupName: pulumi.String(\"example\"),\n\t\t\tFilterExpression: pulumi.String(\"responsetime \u003e 5\"),\n\t\t\tInsightsConfiguration: \u0026xray.GroupInsightsConfigurationArgs{\n\t\t\t\tInsightsEnabled: pulumi.Bool(true),\n\t\t\t\tNotificationsEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.xray.Group;\nimport com.pulumi.aws.xray.GroupArgs;\nimport com.pulumi.aws.xray.inputs.GroupInsightsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Group(\"example\", GroupArgs.builder()\n .groupName(\"example\")\n .filterExpression(\"responsetime \u003e 5\")\n .insightsConfiguration(GroupInsightsConfigurationArgs.builder()\n .insightsEnabled(true)\n .notificationsEnabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:xray:Group\n properties:\n groupName: example\n filterExpression: responsetime \u003e 5\n insightsConfiguration:\n insightsEnabled: true\n notificationsEnabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import XRay Groups using the ARN. For example:\n\n```sh\n$ pulumi import aws:xray/group:Group example arn:aws:xray:us-west-2:1234567890:group/example-group/TNGX7SW5U6QY36T4ZMOUA3HVLBYCZTWDIOOXY3CJAXTHSS3YCWUA\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Group.\n" }, "filterExpression": { "type": "string", "description": "The filter expression defining criteria by which to group traces. more info can be found in official [docs](https://docs.aws.amazon.com/xray/latest/devguide/xray-console-filters.html).\n" }, "groupName": { "type": "string", "description": "The name of the group.\n" }, "insightsConfiguration": { "$ref": "#/types/aws:xray/GroupInsightsConfiguration:GroupInsightsConfiguration", "description": "Configuration options for enabling insights.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "required": [ "arn", "filterExpression", "groupName", "insightsConfiguration", "tagsAll" ], "inputProperties": { "filterExpression": { "type": "string", "description": "The filter expression defining criteria by which to group traces. more info can be found in official [docs](https://docs.aws.amazon.com/xray/latest/devguide/xray-console-filters.html).\n" }, "groupName": { "type": "string", "description": "The name of the group.\n", "willReplaceOnChanges": true }, "insightsConfiguration": { "$ref": "#/types/aws:xray/GroupInsightsConfiguration:GroupInsightsConfiguration", "description": "Configuration options for enabling insights.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" } }, "requiredInputs": [ "filterExpression", "groupName" ], "stateInputs": { "description": "Input properties used for looking up and filtering Group resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the Group.\n" }, "filterExpression": { "type": "string", "description": "The filter expression defining criteria by which to group traces. more info can be found in official [docs](https://docs.aws.amazon.com/xray/latest/devguide/xray-console-filters.html).\n" }, "groupName": { "type": "string", "description": "The name of the group.\n", "willReplaceOnChanges": true }, "insightsConfiguration": { "$ref": "#/types/aws:xray/GroupInsightsConfiguration:GroupInsightsConfiguration", "description": "Configuration options for enabling insights.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." } }, "type": "object" } }, "aws:xray/samplingRule:SamplingRule": { "description": "Creates and manages an AWS XRay Sampling Rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.xray.SamplingRule(\"example\", {\n ruleName: \"example\",\n priority: 9999,\n version: 1,\n reservoirSize: 1,\n fixedRate: 0.05,\n urlPath: \"*\",\n host: \"*\",\n httpMethod: \"*\",\n serviceType: \"*\",\n serviceName: \"*\",\n resourceArn: \"*\",\n attributes: {\n Hello: \"Tris\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.xray.SamplingRule(\"example\",\n rule_name=\"example\",\n priority=9999,\n version=1,\n reservoir_size=1,\n fixed_rate=0.05,\n url_path=\"*\",\n host=\"*\",\n http_method=\"*\",\n service_type=\"*\",\n service_name=\"*\",\n resource_arn=\"*\",\n attributes={\n \"Hello\": \"Tris\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Xray.SamplingRule(\"example\", new()\n {\n RuleName = \"example\",\n Priority = 9999,\n Version = 1,\n ReservoirSize = 1,\n FixedRate = 0.05,\n UrlPath = \"*\",\n Host = \"*\",\n HttpMethod = \"*\",\n ServiceType = \"*\",\n ServiceName = \"*\",\n ResourceArn = \"*\",\n Attributes = \n {\n { \"Hello\", \"Tris\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/xray\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := xray.NewSamplingRule(ctx, \"example\", \u0026xray.SamplingRuleArgs{\n\t\t\tRuleName: pulumi.String(\"example\"),\n\t\t\tPriority: pulumi.Int(9999),\n\t\t\tVersion: pulumi.Int(1),\n\t\t\tReservoirSize: pulumi.Int(1),\n\t\t\tFixedRate: pulumi.Float64(0.05),\n\t\t\tUrlPath: pulumi.String(\"*\"),\n\t\t\tHost: pulumi.String(\"*\"),\n\t\t\tHttpMethod: pulumi.String(\"*\"),\n\t\t\tServiceType: pulumi.String(\"*\"),\n\t\t\tServiceName: pulumi.String(\"*\"),\n\t\t\tResourceArn: pulumi.String(\"*\"),\n\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\"Hello\": pulumi.String(\"Tris\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.xray.SamplingRule;\nimport com.pulumi.aws.xray.SamplingRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new SamplingRule(\"example\", SamplingRuleArgs.builder()\n .ruleName(\"example\")\n .priority(9999)\n .version(1)\n .reservoirSize(1)\n .fixedRate(0.05)\n .urlPath(\"*\")\n .host(\"*\")\n .httpMethod(\"*\")\n .serviceType(\"*\")\n .serviceName(\"*\")\n .resourceArn(\"*\")\n .attributes(Map.of(\"Hello\", \"Tris\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:xray:SamplingRule\n properties:\n ruleName: example\n priority: 9999\n version: 1\n reservoirSize: 1\n fixedRate: 0.05\n urlPath: '*'\n host: '*'\n httpMethod: '*'\n serviceType: '*'\n serviceName: '*'\n resourceArn: '*'\n attributes:\n Hello: Tris\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import XRay Sampling Rules using the name. For example:\n\n```sh\n$ pulumi import aws:xray/samplingRule:SamplingRule example example\n```\n", "properties": { "arn": { "type": "string", "description": "The ARN of the sampling rule.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n" }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n" } }, "required": [ "arn", "fixedRate", "host", "httpMethod", "priority", "reservoirSize", "resourceArn", "serviceName", "serviceType", "tagsAll", "urlPath", "version" ], "inputProperties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n", "willReplaceOnChanges": true }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n", "willReplaceOnChanges": true } }, "requiredInputs": [ "fixedRate", "host", "httpMethod", "priority", "reservoirSize", "resourceArn", "serviceName", "serviceType", "urlPath", "version" ], "stateInputs": { "description": "Input properties used for looking up and filtering SamplingRule resources.\n", "properties": { "arn": { "type": "string", "description": "The ARN of the sampling rule.\n" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Matches attributes derived from the request.\n" }, "fixedRate": { "type": "number", "description": "The percentage of matching requests to instrument, after the reservoir is exhausted.\n" }, "host": { "type": "string", "description": "Matches the hostname from a request URL.\n" }, "httpMethod": { "type": "string", "description": "Matches the HTTP method of a request.\n" }, "priority": { "type": "integer", "description": "The priority of the sampling rule.\n" }, "reservoirSize": { "type": "integer", "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.\n" }, "resourceArn": { "type": "string", "description": "Matches the ARN of the AWS resource on which the service runs.\n" }, "ruleName": { "type": "string", "description": "The name of the sampling rule.\n", "willReplaceOnChanges": true }, "serviceName": { "type": "string", "description": "Matches the `name` that the service uses to identify itself in segments.\n" }, "serviceType": { "type": "string", "description": "Matches the `origin` that the service uses to identify its type in segments.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "Please use `tags` instead." }, "urlPath": { "type": "string", "description": "Matches the path from a request URL.\n" }, "version": { "type": "integer", "description": "The version of the sampling rule format (`1` )\n", "willReplaceOnChanges": true } }, "type": "object" } } }, "functions": { "aws:acm/getCertificate:getCertificate": { "description": "Use this data source to get the ARN of a certificate in AWS Certificate\nManager (ACM), you can reference\nit by domain without having to hard code the ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Find a certificate that is issued\nconst issued = aws.acm.getCertificate({\n domain: \"tf.example.com\",\n statuses: [\"ISSUED\"],\n});\n// Find a certificate issued by (not imported into) ACM\nconst amazonIssued = aws.acm.getCertificate({\n domain: \"tf.example.com\",\n types: [\"AMAZON_ISSUED\"],\n mostRecent: true,\n});\n// Find a RSA 4096 bit certificate\nconst rsa4096 = aws.acm.getCertificate({\n domain: \"tf.example.com\",\n keyTypes: [\"RSA_4096\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Find a certificate that is issued\nissued = aws.acm.get_certificate(domain=\"tf.example.com\",\n statuses=[\"ISSUED\"])\n# Find a certificate issued by (not imported into) ACM\namazon_issued = aws.acm.get_certificate(domain=\"tf.example.com\",\n types=[\"AMAZON_ISSUED\"],\n most_recent=True)\n# Find a RSA 4096 bit certificate\nrsa4096 = aws.acm.get_certificate(domain=\"tf.example.com\",\n key_types=[\"RSA_4096\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Find a certificate that is issued\n var issued = Aws.Acm.GetCertificate.Invoke(new()\n {\n Domain = \"tf.example.com\",\n Statuses = new[]\n {\n \"ISSUED\",\n },\n });\n\n // Find a certificate issued by (not imported into) ACM\n var amazonIssued = Aws.Acm.GetCertificate.Invoke(new()\n {\n Domain = \"tf.example.com\",\n Types = new[]\n {\n \"AMAZON_ISSUED\",\n },\n MostRecent = true,\n });\n\n // Find a RSA 4096 bit certificate\n var rsa4096 = Aws.Acm.GetCertificate.Invoke(new()\n {\n Domain = \"tf.example.com\",\n KeyTypes = new[]\n {\n \"RSA_4096\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Find a certificate that is issued\n\t\t_, err := acm.LookupCertificate(ctx, \u0026acm.LookupCertificateArgs{\n\t\t\tDomain: \"tf.example.com\",\n\t\t\tStatuses: []string{\n\t\t\t\t\"ISSUED\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Find a certificate issued by (not imported into) ACM\n\t\t_, err = acm.LookupCertificate(ctx, \u0026acm.LookupCertificateArgs{\n\t\t\tDomain: \"tf.example.com\",\n\t\t\tTypes: []string{\n\t\t\t\t\"AMAZON_ISSUED\",\n\t\t\t},\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Find a RSA 4096 bit certificate\n\t\t_, err = acm.LookupCertificate(ctx, \u0026acm.LookupCertificateArgs{\n\t\t\tDomain: \"tf.example.com\",\n\t\t\tKeyTypes: []string{\n\t\t\t\t\"RSA_4096\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acm.AcmFunctions;\nimport com.pulumi.aws.acm.inputs.GetCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Find a certificate that is issued\n final var issued = AcmFunctions.getCertificate(GetCertificateArgs.builder()\n .domain(\"tf.example.com\")\n .statuses(\"ISSUED\")\n .build());\n\n // Find a certificate issued by (not imported into) ACM\n final var amazonIssued = AcmFunctions.getCertificate(GetCertificateArgs.builder()\n .domain(\"tf.example.com\")\n .types(\"AMAZON_ISSUED\")\n .mostRecent(true)\n .build());\n\n // Find a RSA 4096 bit certificate\n final var rsa4096 = AcmFunctions.getCertificate(GetCertificateArgs.builder()\n .domain(\"tf.example.com\")\n .keyTypes(\"RSA_4096\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n # Find a certificate that is issued\n issued:\n fn::invoke:\n Function: aws:acm:getCertificate\n Arguments:\n domain: tf.example.com\n statuses:\n - ISSUED\n # Find a certificate issued by (not imported into) ACM\n amazonIssued:\n fn::invoke:\n Function: aws:acm:getCertificate\n Arguments:\n domain: tf.example.com\n types:\n - AMAZON_ISSUED\n mostRecent: true\n # Find a RSA 4096 bit certificate\n rsa4096:\n fn::invoke:\n Function: aws:acm:getCertificate\n Arguments:\n domain: tf.example.com\n keyTypes:\n - RSA_4096\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCertificate.\n", "properties": { "domain": { "type": "string", "description": "Domain of the certificate to look up. If no certificate is found with this name, an error will be returned.\n" }, "keyTypes": { "type": "array", "items": { "type": "string" }, "description": "List of key algorithms to filter certificates. By default, ACM does not return all certificate types when searching. See the [ACM API Reference](https://docs.aws.amazon.com/acm/latest/APIReference/API_CertificateDetail.html#ACM-Type-CertificateDetail-KeyAlgorithm) for supported key algorithms.\n" }, "mostRecent": { "type": "boolean", "description": "If set to true, it sorts the certificates matched by previous criteria by the NotBefore field, returning only the most recent one. If set to false, it returns an error if more than one certificate is found. Defaults to false.\n" }, "statuses": { "type": "array", "items": { "type": "string" }, "description": "List of statuses on which to filter the returned list. Valid values are `PENDING_VALIDATION`, `ISSUED`,\n`INACTIVE`, `EXPIRED`, `VALIDATION_TIMED_OUT`, `REVOKED` and `FAILED`. If no value is specified, only certificates in the `ISSUED` state\nare returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags for the resource.\n" }, "types": { "type": "array", "items": { "type": "string" }, "description": "List of types on which to filter the returned list. Valid values are `AMAZON_ISSUED`, `PRIVATE`, and `IMPORTED`.\n" } }, "type": "object", "required": [ "domain" ] }, "outputs": { "description": "A collection of values returned by getCertificate.\n", "properties": { "arn": { "description": "ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.\n", "type": "string" }, "certificate": { "description": "ACM-issued certificate.\n", "type": "string" }, "certificateChain": { "description": "Certificates forming the requested ACM-issued certificate's chain of trust. The chain consists of the certificate of the issuing CA and the intermediate certificates of any other subordinate CAs.\n", "type": "string" }, "domain": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyTypes": { "items": { "type": "string" }, "type": "array" }, "mostRecent": { "type": "boolean" }, "status": { "description": "Status of the found certificate.\n", "type": "string" }, "statuses": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Mapping of tags for the resource.\n", "type": "object" }, "types": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "certificate", "certificateChain", "domain", "status", "tags", "id" ], "type": "object" } }, "aws:acmpca/getCertificate:getCertificate": { "description": "Get information on a Certificate issued by a AWS Certificate Manager Private Certificate Authority.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.acmpca.getCertificate({\n arn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\",\n certificateAuthorityArn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.get_certificate(arn=\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\",\n certificate_authority_arn=\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Acmpca.GetCertificate.Invoke(new()\n {\n Arn = \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\",\n CertificateAuthorityArn = \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.LookupCertificate(ctx, \u0026acmpca.LookupCertificateArgs{\n\t\t\tArn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\",\n\t\t\tCertificateAuthorityArn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.AcmpcaFunctions;\nimport com.pulumi.aws.acmpca.inputs.GetCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AcmpcaFunctions.getCertificate(GetCertificateArgs.builder()\n .arn(\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\")\n .certificateAuthorityArn(\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:acmpca:getCertificate\n Arguments:\n arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/1234b4a0d73e2056789bdbe77d5b1a23\n certificateAuthorityArn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCertificate.\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate issued by the private certificate authority.\n" }, "certificateAuthorityArn": { "type": "string", "description": "ARN of the certificate authority.\n" } }, "type": "object", "required": [ "arn", "certificateAuthorityArn" ] }, "outputs": { "description": "A collection of values returned by getCertificate.\n", "properties": { "arn": { "type": "string" }, "certificate": { "description": "PEM-encoded certificate value.\n", "type": "string" }, "certificateAuthorityArn": { "type": "string" }, "certificateChain": { "description": "PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arn", "certificate", "certificateAuthorityArn", "certificateChain", "id" ], "type": "object" } }, "aws:acmpca/getCertificateAuthority:getCertificateAuthority": { "description": "Get information on a AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.acmpca.getCertificateAuthority({\n arn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.get_certificate_authority(arn=\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Acmpca.GetCertificateAuthority.Invoke(new()\n {\n Arn = \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.LookupCertificateAuthority(ctx, \u0026acmpca.LookupCertificateAuthorityArgs{\n\t\t\tArn: \"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.AcmpcaFunctions;\nimport com.pulumi.aws.acmpca.inputs.GetCertificateAuthorityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AcmpcaFunctions.getCertificateAuthority(GetCertificateAuthorityArgs.builder()\n .arn(\"arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:acmpca:getCertificateAuthority\n Arguments:\n arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCertificateAuthority.\n", "properties": { "arn": { "type": "string", "description": "ARN of the certificate authority.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the certificate authority.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getCertificateAuthority.\n", "properties": { "arn": { "type": "string" }, "certificate": { "description": "Base64-encoded certificate authority (CA) certificate. Only available after the certificate authority certificate has been imported.\n", "type": "string" }, "certificateChain": { "description": "Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. Only available after the certificate authority certificate has been imported.\n", "type": "string" }, "certificateSigningRequest": { "description": "The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyStorageSecurityStandard": { "type": "string" }, "notAfter": { "description": "Date and time after which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n", "type": "string" }, "notBefore": { "description": "Date and time before which the certificate authority is not valid. Only available after the certificate authority certificate has been imported.\n", "type": "string" }, "revocationConfigurations": { "description": "Nested attribute containing revocation configuration.\n", "items": { "$ref": "#/types/aws:acmpca/getCertificateAuthorityRevocationConfiguration:getCertificateAuthorityRevocationConfiguration" }, "type": "array" }, "serial": { "description": "Serial number of the certificate authority. Only available after the certificate authority certificate has been imported.\n", "type": "string" }, "status": { "description": "Status of the certificate authority.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of user-defined tags that are attached to the certificate authority.\n", "type": "object" }, "type": { "description": "Type of the certificate authority.\n", "type": "string" }, "usageMode": { "description": "Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.\n", "type": "string" } }, "required": [ "arn", "certificate", "certificateChain", "certificateSigningRequest", "keyStorageSecurityStandard", "notAfter", "notBefore", "revocationConfigurations", "serial", "status", "tags", "type", "usageMode", "id" ], "type": "object" } }, "aws:alb/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an input variable and needs to know the LB it is attached to, or other information specific to the listener in question.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\nconst listener = aws.lb.getListener({\n arn: listenerArn,\n});\n// get listener from load_balancer_arn and port\nconst selected = aws.lb.getLoadBalancer({\n name: \"default-public\",\n});\nconst selected443 = selected.then(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn,\n port: 443,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\n# get listener from load_balancer_arn and port\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var listenerArn = config.Require(\"listenerArn\");\n var listener = Aws.LB.GetListener.Invoke(new()\n {\n Arn = listenerArn,\n });\n\n // get listener from load_balancer_arn and port\n var selected = Aws.LB.GetLoadBalancer.Invoke(new()\n {\n Name = \"default-public\",\n });\n\n var selected443 = Aws.LB.GetListener.Invoke(new()\n {\n LoadBalancerArn = selected.Apply(getLoadBalancerResult =\u003e getLoadBalancerResult.Arn),\n Port = 443,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlistenerArn := cfg.Require(\"listenerArn\")\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: pulumi.StringRef(listenerArn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// get listener from load_balancer_arn and port\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: pulumi.StringRef(\"default-public\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.StringRef(selected.Arn),\n\t\t\tPort: pulumi.IntRef(443),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetListenerArgs;\nimport com.pulumi.aws.lb.inputs.GetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var listenerArn = config.get(\"listenerArn\");\n final var listener = LbFunctions.getListener(GetListenerArgs.builder()\n .arn(listenerArn)\n .build());\n\n // get listener from load_balancer_arn and port\n final var selected = LbFunctions.getLoadBalancer(GetLoadBalancerArgs.builder()\n .name(\"default-public\")\n .build());\n\n final var selected443 = LbFunctions.getListener(GetListenerArgs.builder()\n .loadBalancerArn(selected.applyValue(getLoadBalancerResult -\u003e getLoadBalancerResult.arn()))\n .port(443)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n # get listener from listener arn\n listenerArn:\n type: string\nvariables:\n listener:\n fn::invoke:\n Function: aws:lb:getListener\n Arguments:\n arn: ${listenerArn}\n # get listener from load_balancer_arn and port\n selected:\n fn::invoke:\n Function: aws:lb:getLoadBalancer\n Arguments:\n name: default-public\n selected443:\n fn::invoke:\n Function: aws:lb:getListener\n Arguments:\n loadBalancerArn: ${selected.arn}\n port: 443\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "ARN of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "Port of the listener. Required if `arn` is not set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "alpnPolicy": { "type": "string" }, "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "items": { "$ref": "#/types/aws:alb/getListenerDefaultAction:getListenerDefaultAction" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "loadBalancerArn": { "type": "string" }, "mutualAuthentications": { "items": { "$ref": "#/types/aws:alb/getListenerMutualAuthentication:getListenerMutualAuthentication" }, "type": "array" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "alpnPolicy", "arn", "certificateArn", "defaultActions", "loadBalancerArn", "mutualAuthentications", "port", "protocol", "sslPolicy", "tags", "id" ], "type": "object" } }, "aws:alb/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\nconst test = aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Aws.LB.GetLoadBalancer.Invoke(new()\n {\n Arn = lbArn,\n Name = lbName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbArn := \"\"\n\t\tif param := cfg.Get(\"lbArn\"); param != \"\" {\n\t\t\tlbArn = param\n\t\t}\n\t\tlbName := \"\"\n\t\tif param := cfg.Get(\"lbName\"); param != \"\" {\n\t\t\tlbName = param\n\t\t}\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: pulumi.StringRef(lbArn),\n\t\t\tName: pulumi.StringRef(lbName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbArn = config.get(\"lbArn\").orElse(\"\");\n final var lbName = config.get(\"lbName\").orElse(\"\");\n final var test = LbFunctions.getLoadBalancer(GetLoadBalancerArgs.builder()\n .arn(lbArn)\n .name(lbName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbArn:\n type: string\n default:\n lbName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:lb:getLoadBalancer\n Arguments:\n arn: ${lbArn}\n name: ${lbName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "Unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match a pair on the desired load balancer.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence. `tags` has lowest precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:alb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "clientKeepAlive": { "type": "integer" }, "connectionLogs": { "items": { "$ref": "#/types/aws:alb/getLoadBalancerConnectionLog:getLoadBalancerConnectionLog" }, "type": "array" }, "customerOwnedIpv4Pool": { "type": "string" }, "desyncMitigationMode": { "type": "string" }, "dnsName": { "type": "string" }, "dnsRecordClientRoutingPolicy": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableCrossZoneLoadBalancing": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "enableHttp2": { "type": "boolean" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean" }, "enableWafFailOpen": { "type": "boolean" }, "enableXffClientPort": { "type": "boolean" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "preserveHostHeader": { "type": "boolean" }, "securityGroups": { "items": { "type": "string" }, "type": "array" }, "subnetMappings": { "items": { "$ref": "#/types/aws:alb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" }, "type": "array" }, "subnets": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string" }, "zoneId": { "type": "string" } }, "required": [ "accessLogs", "arn", "arnSuffix", "clientKeepAlive", "connectionLogs", "customerOwnedIpv4Pool", "desyncMitigationMode", "dnsName", "dnsRecordClientRoutingPolicy", "dropInvalidHeaderFields", "enableCrossZoneLoadBalancing", "enableDeletionProtection", "enableHttp2", "enableTlsVersionAndCipherSuiteHeaders", "enableWafFailOpen", "enableXffClientPort", "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "preserveHostHeader", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "xffHeaderProcessingMode", "zoneId", "id" ], "type": "object" } }, "aws:alb/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\nconst test = aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Aws.LB.GetTargetGroup.Invoke(new()\n {\n Arn = lbTgArn,\n Name = lbTgName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbTgArn := \"\"\n\t\tif param := cfg.Get(\"lbTgArn\"); param != \"\" {\n\t\t\tlbTgArn = param\n\t\t}\n\t\tlbTgName := \"\"\n\t\tif param := cfg.Get(\"lbTgName\"); param != \"\" {\n\t\t\tlbTgName = param\n\t\t}\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: pulumi.StringRef(lbTgArn),\n\t\t\tName: pulumi.StringRef(lbTgName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetTargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbTgArn = config.get(\"lbTgArn\").orElse(\"\");\n final var lbTgName = config.get(\"lbTgName\").orElse(\"\");\n final var test = LbFunctions.getTargetGroup(GetTargetGroupArgs.builder()\n .arn(lbTgArn)\n .name(lbTgName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbTgArn:\n type: string\n default:\n lbTgName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:lb:getTargetGroup\n Arguments:\n arn: ${lbTgArn}\n name: ${lbTgName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the target group.\n" }, "loadBalancingAnomalyMitigation": { "type": "string" }, "name": { "type": "string", "description": "Unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match a pair on the desired target group.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence. `tags` has the lowest precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "connectionTermination": { "type": "boolean" }, "deregistrationDelay": { "type": "string" }, "healthCheck": { "$ref": "#/types/aws:alb/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancerArns": { "items": { "type": "string" }, "type": "array" }, "loadBalancingAlgorithmType": { "type": "string" }, "loadBalancingAnomalyMitigation": { "type": "string" }, "loadBalancingCrossZoneEnabled": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "preserveClientIp": { "type": "string" }, "protocol": { "type": "string" }, "protocolVersion": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:alb/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "required": [ "arn", "arnSuffix", "connectionTermination", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancerArns", "loadBalancingAlgorithmType", "loadBalancingAnomalyMitigation", "loadBalancingCrossZoneEnabled", "name", "port", "preserveClientIp", "protocol", "protocolVersion", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ], "type": "object" } }, "aws:amp/getWorkspace:getWorkspace": { "description": "Provides an Amazon Managed Prometheus workspace data source.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.amp.getWorkspace({\n workspaceId: \"ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amp.get_workspace(workspace_id=\"ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Amp.GetWorkspace.Invoke(new()\n {\n WorkspaceId = \"ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amp.LookupWorkspace(ctx, \u0026amp.LookupWorkspaceArgs{\n\t\t\tWorkspaceId: \"ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.AmpFunctions;\nimport com.pulumi.aws.amp.inputs.GetWorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AmpFunctions.getWorkspace(GetWorkspaceArgs.builder()\n .workspaceId(\"ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:amp:getWorkspace\n Arguments:\n workspaceId: ws-41det8a1-2c67-6a1a-9381-9b83d3d78ef7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkspace.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource.\n" }, "workspaceId": { "type": "string", "description": "Prometheus workspace ID.\n" } }, "type": "object", "required": [ "workspaceId" ] }, "outputs": { "description": "A collection of values returned by getWorkspace.\n", "properties": { "alias": { "description": "Prometheus workspace alias.\n", "type": "string" }, "arn": { "description": "ARN of the Prometheus workspace.\n", "type": "string" }, "createdDate": { "description": "Creation date of the Prometheus workspace.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyArn": { "description": "ARN of the KMS key used to encrypt data in the Prometheus workspace.\n", "type": "string" }, "prometheusEndpoint": { "description": "Endpoint of the Prometheus workspace.\n", "type": "string" }, "status": { "description": "Status of the Prometheus workspace.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource.\n", "type": "object" }, "workspaceId": { "type": "string" } }, "required": [ "alias", "arn", "createdDate", "kmsKeyArn", "prometheusEndpoint", "status", "tags", "workspaceId", "id" ], "type": "object" } }, "aws:amp/getWorkspaces:getWorkspaces": { "description": "Provides the aliases, ARNs, and workspace IDs of Amazon Prometheus workspaces.\n\n## Example Usage\n\nThe following example returns all of the workspaces in a region:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.amp.getWorkspaces({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amp.get_workspaces()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Amp.GetWorkspaces.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amp.GetWorkspaces(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.AmpFunctions;\nimport com.pulumi.aws.amp.inputs.GetWorkspacesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AmpFunctions.getWorkspaces();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:amp:getWorkspaces\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example filters the workspaces by alias. Only the workspaces with\naliases that begin with the value of `alias_prefix` will be returned:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.amp.getWorkspaces({\n aliasPrefix: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.amp.get_workspaces(alias_prefix=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Amp.GetWorkspaces.Invoke(new()\n {\n AliasPrefix = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/amp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := amp.GetWorkspaces(ctx, \u0026amp.GetWorkspacesArgs{\n\t\t\tAliasPrefix: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.amp.AmpFunctions;\nimport com.pulumi.aws.amp.inputs.GetWorkspacesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AmpFunctions.getWorkspaces(GetWorkspacesArgs.builder()\n .aliasPrefix(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:amp:getWorkspaces\n Arguments:\n aliasPrefix: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkspaces.\n", "properties": { "aliasPrefix": { "type": "string", "description": "Limits results to workspaces with aliases that begin with this value.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getWorkspaces.\n", "properties": { "aliasPrefix": { "type": "string" }, "aliases": { "description": "List of aliases of the matched Prometheus workspaces.\n", "items": { "type": "string" }, "type": "array" }, "arns": { "description": "List of ARNs of the matched Prometheus workspaces.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "workspaceIds": { "description": "List of workspace IDs of the matched Prometheus workspaces.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "aliases", "arns", "workspaceIds", "id" ], "type": "object" } }, "aws:apigateway/getAuthorizer:getAuthorizer": { "description": "Provides details about a specific API Gateway Authorizer.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigateway.getAuthorizer({\n restApiId: exampleAwsApiGatewayRestApi.id,\n authorizerId: exampleAwsApiGatewayAuthorizers.ids[0],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.get_authorizer(rest_api_id=example_aws_api_gateway_rest_api[\"id\"],\n authorizer_id=example_aws_api_gateway_authorizers[\"ids\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGateway.GetAuthorizer.Invoke(new()\n {\n RestApiId = exampleAwsApiGatewayRestApi.Id,\n AuthorizerId = exampleAwsApiGatewayAuthorizers.Ids[0],\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupAuthorizer(ctx, \u0026apigateway.LookupAuthorizerArgs{\n\t\t\tRestApiId: exampleAwsApiGatewayRestApi.Id,\n\t\t\tAuthorizerId: exampleAwsApiGatewayAuthorizers.Ids[0],\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetAuthorizerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ApigatewayFunctions.getAuthorizer(GetAuthorizerArgs.builder()\n .restApiId(exampleAwsApiGatewayRestApi.id())\n .authorizerId(exampleAwsApiGatewayAuthorizers.ids()[0])\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigateway:getAuthorizer\n Arguments:\n restApiId: ${exampleAwsApiGatewayRestApi.id}\n authorizerId: ${exampleAwsApiGatewayAuthorizers.ids[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAuthorizer.\n", "properties": { "authorizerId": { "type": "string", "description": "Authorizer identifier.\n" }, "restApiId": { "type": "string", "description": "ID of the associated REST API.\n" } }, "type": "object", "required": [ "authorizerId", "restApiId" ] }, "outputs": { "description": "A collection of values returned by getAuthorizer.\n", "properties": { "arn": { "description": "ARN of the API Gateway Authorizer.\n", "type": "string" }, "authorizerCredentials": { "description": "Credentials required for the authorizer.\n", "type": "string" }, "authorizerId": { "type": "string" }, "authorizerResultTtlInSeconds": { "description": "TTL of cached authorizer results in seconds.\n", "type": "integer" }, "authorizerUri": { "description": "Authorizer's Uniform Resource Identifier (URI).\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identitySource": { "description": "Source of the identity in an incoming request.\n", "type": "string" }, "identityValidationExpression": { "description": "Validation expression for the incoming identity.\n", "type": "string" }, "name": { "description": "Name of the authorizer.\n", "type": "string" }, "providerArns": { "description": "List of the Amazon Cognito user pool ARNs.\n", "items": { "type": "string" }, "type": "array" }, "restApiId": { "type": "string" }, "type": { "description": "Type of the authorizer.\n", "type": "string" } }, "required": [ "arn", "authorizerCredentials", "authorizerId", "authorizerResultTtlInSeconds", "authorizerUri", "identitySource", "identityValidationExpression", "name", "providerArns", "restApiId", "type", "id" ], "type": "object" } }, "aws:apigateway/getAuthorizers:getAuthorizers": { "description": "Provides details about multiple API Gateway Authorizers.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigateway.getAuthorizers({\n restApiId: exampleAwsApiGatewayRestApi.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.get_authorizers(rest_api_id=example_aws_api_gateway_rest_api[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGateway.GetAuthorizers.Invoke(new()\n {\n RestApiId = exampleAwsApiGatewayRestApi.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.GetAuthorizers(ctx, \u0026apigateway.GetAuthorizersArgs{\n\t\t\tRestApiId: exampleAwsApiGatewayRestApi.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetAuthorizersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ApigatewayFunctions.getAuthorizers(GetAuthorizersArgs.builder()\n .restApiId(exampleAwsApiGatewayRestApi.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigateway:getAuthorizers\n Arguments:\n restApiId: ${exampleAwsApiGatewayRestApi.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAuthorizers.\n", "properties": { "restApiId": { "type": "string", "description": "ID of the associated REST API.\n" } }, "type": "object", "required": [ "restApiId" ] }, "outputs": { "description": "A collection of values returned by getAuthorizers.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of Authorizer identifiers.\n", "items": { "type": "string" }, "type": "array" }, "restApiId": { "type": "string" } }, "required": [ "ids", "restApiId", "id" ], "type": "object" } }, "aws:apigateway/getDomainName:getDomainName": { "description": "Use this data source to get the custom domain name for use with AWS API Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigateway.getDomainName({\n domainName: \"api.example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.get_domain_name(domain_name=\"api.example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGateway.GetDomainName.Invoke(new()\n {\n DomainName = \"api.example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupDomainName(ctx, \u0026apigateway.LookupDomainNameArgs{\n\t\t\tDomainName: \"api.example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetDomainNameArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ApigatewayFunctions.getDomainName(GetDomainNameArgs.builder()\n .domainName(\"api.example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigateway:getDomainName\n Arguments:\n domainName: api.example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDomainName.\n", "properties": { "domainName": { "type": "string", "description": "Fully-qualified domain name to look up. If no domain name is found, an error will be returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the resource.\n" } }, "type": "object", "required": [ "domainName" ] }, "outputs": { "description": "A collection of values returned by getDomainName.\n", "properties": { "arn": { "description": "ARN of the found custom domain name.\n", "type": "string" }, "certificateArn": { "description": "ARN for an AWS-managed certificate that is used by edge-optimized endpoint for this domain name.\n", "type": "string" }, "certificateName": { "description": "Name of the certificate that is used by edge-optimized endpoint for this domain name.\n", "type": "string" }, "certificateUploadDate": { "description": "Upload date associated with the domain certificate.\n", "type": "string" }, "cloudfrontDomainName": { "description": "Hostname created by Cloudfront to represent the distribution that implements this domain name mapping.\n", "type": "string" }, "cloudfrontZoneId": { "description": "For convenience, the hosted zone ID (`Z2FDTNDATAQYW2`) that can be used to create a Route53 alias record for the distribution.\n", "type": "string" }, "domainName": { "type": "string" }, "endpointConfigurations": { "description": "List of objects with the endpoint configuration of this domain name.\n", "items": { "$ref": "#/types/aws:apigateway/getDomainNameEndpointConfiguration:getDomainNameEndpointConfiguration" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "regionalCertificateArn": { "description": "ARN for an AWS-managed certificate that is used for validating the regional domain name.\n", "type": "string" }, "regionalCertificateName": { "description": "User-friendly name of the certificate that is used by regional endpoint for this domain name.\n", "type": "string" }, "regionalDomainName": { "description": "Hostname for the custom domain's regional endpoint.\n", "type": "string" }, "regionalZoneId": { "description": "Hosted zone ID that can be used to create a Route53 alias record for the regional endpoint.\n", "type": "string" }, "securityPolicy": { "description": "Security policy for the domain name.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of tags for the resource.\n", "type": "object" } }, "required": [ "arn", "certificateArn", "certificateName", "certificateUploadDate", "cloudfrontDomainName", "cloudfrontZoneId", "domainName", "endpointConfigurations", "regionalCertificateArn", "regionalCertificateName", "regionalDomainName", "regionalZoneId", "securityPolicy", "tags", "id" ], "type": "object" } }, "aws:apigateway/getExport:getExport": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigateway.getExport({\n restApiId: exampleAwsApiGatewayStage.restApiId,\n stageName: exampleAwsApiGatewayStage.stageName,\n exportType: \"oas30\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.get_export(rest_api_id=example_aws_api_gateway_stage[\"restApiId\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n export_type=\"oas30\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGateway.GetExport.Invoke(new()\n {\n RestApiId = exampleAwsApiGatewayStage.RestApiId,\n StageName = exampleAwsApiGatewayStage.StageName,\n ExportType = \"oas30\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.GetExport(ctx, \u0026apigateway.GetExportArgs{\n\t\t\tRestApiId: exampleAwsApiGatewayStage.RestApiId,\n\t\t\tStageName: exampleAwsApiGatewayStage.StageName,\n\t\t\tExportType: \"oas30\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetExportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ApigatewayFunctions.getExport(GetExportArgs.builder()\n .restApiId(exampleAwsApiGatewayStage.restApiId())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .exportType(\"oas30\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigateway:getExport\n Arguments:\n restApiId: ${exampleAwsApiGatewayStage.restApiId}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n exportType: oas30\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getExport.\n", "properties": { "accepts": { "type": "string", "description": "Content-type of the export. Valid values are `application/json` and `application/yaml` are supported for `export_type` `ofoas30` and `swagger`.\n" }, "exportType": { "type": "string", "description": "Type of export. Acceptable values are `oas30` for OpenAPI 3.0.x and `swagger` for Swagger/OpenAPI 2.0.\n" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of query string parameters that specify properties of the export. the following parameters are supported: `extensions='integrations'` or `extensions='apigateway'` will export the API with x-amazon-apigateway-integration extensions. `extensions='authorizers'` will export the API with x-amazon-apigateway-authorizer extensions.\n" }, "restApiId": { "type": "string", "description": "Identifier of the associated REST API.\n" }, "stageName": { "type": "string", "description": "Name of the Stage that will be exported.\n" } }, "type": "object", "required": [ "exportType", "restApiId", "stageName" ] }, "outputs": { "description": "A collection of values returned by getExport.\n", "properties": { "accepts": { "type": "string" }, "body": { "description": "API Spec.\n", "type": "string" }, "contentDisposition": { "description": "Content-disposition header value in the HTTP response.\n", "type": "string" }, "contentType": { "description": "Content-type header value in the HTTP response.\n", "type": "string" }, "exportType": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parameters": { "additionalProperties": { "type": "string" }, "type": "object" }, "restApiId": { "type": "string" }, "stageName": { "type": "string" } }, "required": [ "body", "contentDisposition", "contentType", "exportType", "restApiId", "stageName", "id" ], "type": "object" } }, "aws:apigateway/getKey:getKey": { "description": "Use this data source to get the name and value of a pre-existing API Key, for\nexample to supply credentials for a dependency microservice.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myApiKey = aws.apigateway.getKey({\n id: \"ru3mpjgse6\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_api_key = aws.apigateway.get_key(id=\"ru3mpjgse6\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myApiKey = Aws.ApiGateway.GetKey.Invoke(new()\n {\n Id = \"ru3mpjgse6\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.GetKey(ctx, \u0026apigateway.GetKeyArgs{\n\t\t\tId: \"ru3mpjgse6\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myApiKey = ApigatewayFunctions.getKey(GetKeyArgs.builder()\n .id(\"ru3mpjgse6\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myApiKey:\n fn::invoke:\n Function: aws:apigateway:getKey\n Arguments:\n id: ru3mpjgse6\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getKey.\n", "properties": { "id": { "type": "string", "description": "ID of the API Key to look up.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getKey.\n", "properties": { "createdDate": { "description": "Date and time when the API Key was created.\n", "type": "string" }, "customerId": { "description": "Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.\n", "type": "string" }, "description": { "description": "Description of the API Key.\n", "type": "string" }, "enabled": { "description": "Whether the API Key is enabled.\n", "type": "boolean" }, "id": { "description": "Set to the ID of the API Key.\n", "type": "string" }, "lastUpdatedDate": { "description": "Date and time when the API Key was last updated.\n", "type": "string" }, "name": { "description": "Set to the name of the API Key.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "value": { "description": "Set to the value of the API Key.\n", "secret": true, "type": "string" } }, "required": [ "createdDate", "customerId", "description", "enabled", "id", "lastUpdatedDate", "name", "tags", "value" ], "type": "object" } }, "aws:apigateway/getResource:getResource": { "description": "Use this data source to get the id of a Resource in API Gateway.\nTo fetch the Resource, you must provide the REST API id as well as the full path. \n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myRestApi = aws.apigateway.getRestApi({\n name: \"my-rest-api\",\n});\nconst myResource = myRestApi.then(myRestApi =\u003e aws.apigateway.getResource({\n restApiId: myRestApi.id,\n path: \"/endpoint/path\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_rest_api = aws.apigateway.get_rest_api(name=\"my-rest-api\")\nmy_resource = aws.apigateway.get_resource(rest_api_id=my_rest_api.id,\n path=\"/endpoint/path\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myRestApi = Aws.ApiGateway.GetRestApi.Invoke(new()\n {\n Name = \"my-rest-api\",\n });\n\n var myResource = Aws.ApiGateway.GetResource.Invoke(new()\n {\n RestApiId = myRestApi.Apply(getRestApiResult =\u003e getRestApiResult.Id),\n Path = \"/endpoint/path\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyRestApi, err := apigateway.LookupRestApi(ctx, \u0026apigateway.LookupRestApiArgs{\n\t\t\tName: \"my-rest-api\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.LookupResource(ctx, \u0026apigateway.LookupResourceArgs{\n\t\t\tRestApiId: myRestApi.Id,\n\t\t\tPath: \"/endpoint/path\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetRestApiArgs;\nimport com.pulumi.aws.apigateway.inputs.GetResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myRestApi = ApigatewayFunctions.getRestApi(GetRestApiArgs.builder()\n .name(\"my-rest-api\")\n .build());\n\n final var myResource = ApigatewayFunctions.getResource(GetResourceArgs.builder()\n .restApiId(myRestApi.applyValue(getRestApiResult -\u003e getRestApiResult.id()))\n .path(\"/endpoint/path\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myRestApi:\n fn::invoke:\n Function: aws:apigateway:getRestApi\n Arguments:\n name: my-rest-api\n myResource:\n fn::invoke:\n Function: aws:apigateway:getResource\n Arguments:\n restApiId: ${myRestApi.id}\n path: /endpoint/path\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResource.\n", "properties": { "path": { "type": "string", "description": "Full path of the resource. If no path is found, an error will be returned.\n" }, "restApiId": { "type": "string", "description": "REST API id that owns the resource. If no REST API is found, an error will be returned.\n" } }, "type": "object", "required": [ "path", "restApiId" ] }, "outputs": { "description": "A collection of values returned by getResource.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parentId": { "description": "Set to the ID of the parent Resource.\n", "type": "string" }, "path": { "type": "string" }, "pathPart": { "description": "Set to the path relative to the parent Resource.\n", "type": "string" }, "restApiId": { "type": "string" } }, "required": [ "parentId", "path", "pathPart", "restApiId", "id" ], "type": "object" } }, "aws:apigateway/getRestApi:getRestApi": { "description": "Use this data source to get the id and root_resource_id of a REST API in\nAPI Gateway. To fetch the REST API you must provide a name to match against.\nAs there is no unique name constraint on REST APIs this data source will\nerror if there is more than one match.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myRestApi = aws.apigateway.getRestApi({\n name: \"my-rest-api\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_rest_api = aws.apigateway.get_rest_api(name=\"my-rest-api\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myRestApi = Aws.ApiGateway.GetRestApi.Invoke(new()\n {\n Name = \"my-rest-api\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupRestApi(ctx, \u0026apigateway.LookupRestApiArgs{\n\t\t\tName: \"my-rest-api\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetRestApiArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myRestApi = ApigatewayFunctions.getRestApi(GetRestApiArgs.builder()\n .name(\"my-rest-api\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myRestApi:\n fn::invoke:\n Function: aws:apigateway:getRestApi\n Arguments:\n name: my-rest-api\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRestApi.\n", "properties": { "name": { "type": "string", "description": "Name of the REST API to look up. If no REST API is found with this name, an error will be returned. If multiple REST APIs are found with this name, an error will be returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRestApi.\n", "properties": { "apiKeySource": { "description": "Source of the API key for requests.\n", "type": "string" }, "arn": { "description": "ARN of the REST API.\n", "type": "string" }, "binaryMediaTypes": { "description": "List of binary media types supported by the REST API.\n", "items": { "type": "string" }, "type": "array" }, "description": { "description": "Description of the REST API.\n", "type": "string" }, "endpointConfigurations": { "description": "The endpoint configuration of this RestApi showing the endpoint types of the API.\n", "items": { "$ref": "#/types/aws:apigateway/getRestApiEndpointConfiguration:getRestApiEndpointConfiguration" }, "type": "array" }, "executionArn": { "description": "Execution ARN part to be used in `lambda_permission`'s `source_arn` when allowing API Gateway to invoke a Lambda function, e.g., `arn:aws:execute-api:eu-west-2:123456789012:z4675bid1j`, which can be concatenated with allowed stage, method and resource path.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "minimumCompressionSize": { "description": "Minimum response size to compress for the REST API.\n", "type": "string" }, "name": { "type": "string" }, "policy": { "description": "JSON formatted policy document that controls access to the API Gateway.\n", "type": "string" }, "rootResourceId": { "description": "Set to the ID of the API Gateway Resource on the found REST API where the route matches '/'.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n", "type": "object" } }, "required": [ "apiKeySource", "arn", "binaryMediaTypes", "description", "endpointConfigurations", "executionArn", "minimumCompressionSize", "name", "policy", "rootResourceId", "tags", "id" ], "type": "object" } }, "aws:apigateway/getSdk:getSdk": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigateway.getSdk({\n restApiId: exampleAwsApiGatewayStage.restApiId,\n stageName: exampleAwsApiGatewayStage.stageName,\n sdkType: \"android\",\n parameters: {\n groupId: \"example\",\n artifactId: \"example\",\n artifactVersion: \"example\",\n invokerPackage: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigateway.get_sdk(rest_api_id=example_aws_api_gateway_stage[\"restApiId\"],\n stage_name=example_aws_api_gateway_stage[\"stageName\"],\n sdk_type=\"android\",\n parameters={\n \"groupId\": \"example\",\n \"artifactId\": \"example\",\n \"artifactVersion\": \"example\",\n \"invokerPackage\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGateway.GetSdk.Invoke(new()\n {\n RestApiId = exampleAwsApiGatewayStage.RestApiId,\n StageName = exampleAwsApiGatewayStage.StageName,\n SdkType = \"android\",\n Parameters = \n {\n { \"groupId\", \"example\" },\n { \"artifactId\", \"example\" },\n { \"artifactVersion\", \"example\" },\n { \"invokerPackage\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.GetSdk(ctx, \u0026apigateway.GetSdkArgs{\n\t\t\tRestApiId: exampleAwsApiGatewayStage.RestApiId,\n\t\t\tStageName: exampleAwsApiGatewayStage.StageName,\n\t\t\tSdkType: \"android\",\n\t\t\tParameters: map[string]interface{}{\n\t\t\t\t\"groupId\": \"example\",\n\t\t\t\t\"artifactId\": \"example\",\n\t\t\t\t\"artifactVersion\": \"example\",\n\t\t\t\t\"invokerPackage\": \"example\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetSdkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ApigatewayFunctions.getSdk(GetSdkArgs.builder()\n .restApiId(exampleAwsApiGatewayStage.restApiId())\n .stageName(exampleAwsApiGatewayStage.stageName())\n .sdkType(\"android\")\n .parameters(Map.ofEntries(\n Map.entry(\"groupId\", \"example\"),\n Map.entry(\"artifactId\", \"example\"),\n Map.entry(\"artifactVersion\", \"example\"),\n Map.entry(\"invokerPackage\", \"example\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigateway:getSdk\n Arguments:\n restApiId: ${exampleAwsApiGatewayStage.restApiId}\n stageName: ${exampleAwsApiGatewayStage.stageName}\n sdkType: android\n parameters:\n groupId: example\n artifactId: example\n artifactVersion: example\n invokerPackage: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSdk.\n", "properties": { "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of query string parameters `sdk_type` properties of the SDK. For SDK Type of `objectivec` or `swift`, a parameter named `classPrefix` is required. For SDK Type of `android`, parameters named `groupId`, `artifactId`, `artifactVersion`, and `invokerPackage` are required. For SDK Type of `java`, parameters named `serviceName` and `javaPackageName` are required.\n" }, "restApiId": { "type": "string", "description": "Identifier of the associated REST API.\n" }, "sdkType": { "type": "string", "description": "Language for the generated SDK. Currently `java`, `javascript`, `android`, `objectivec` (for iOS), `swift` (for iOS), and `ruby` are supported.\n" }, "stageName": { "type": "string", "description": "Name of the Stage that will be exported.\n" } }, "type": "object", "required": [ "restApiId", "sdkType", "stageName" ] }, "outputs": { "description": "A collection of values returned by getSdk.\n", "properties": { "body": { "description": "SDK as a string.\n", "type": "string" }, "contentDisposition": { "description": "Content-disposition header value in the HTTP response.\n", "type": "string" }, "contentType": { "description": "Content-type header value in the HTTP response.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parameters": { "additionalProperties": { "type": "string" }, "type": "object" }, "restApiId": { "type": "string" }, "sdkType": { "type": "string" }, "stageName": { "type": "string" } }, "required": [ "body", "contentDisposition", "contentType", "restApiId", "sdkType", "stageName", "id" ], "type": "object" } }, "aws:apigateway/getVpcLink:getVpcLink": { "description": "Use this data source to get the id of a VPC Link in\nAPI Gateway. To fetch the VPC Link you must provide a name to match against.\nAs there is no unique name constraint on API Gateway VPC Links this data source will\nerror if there is more than one match.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myApiGatewayVpcLink = aws.apigateway.getVpcLink({\n name: \"my-vpc-link\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_api_gateway_vpc_link = aws.apigateway.get_vpc_link(name=\"my-vpc-link\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myApiGatewayVpcLink = Aws.ApiGateway.GetVpcLink.Invoke(new()\n {\n Name = \"my-vpc-link\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigateway.LookupVpcLink(ctx, \u0026apigateway.LookupVpcLinkArgs{\n\t\t\tName: \"my-vpc-link\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetVpcLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myApiGatewayVpcLink = ApigatewayFunctions.getVpcLink(GetVpcLinkArgs.builder()\n .name(\"my-vpc-link\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myApiGatewayVpcLink:\n fn::invoke:\n Function: aws:apigateway:getVpcLink\n Arguments:\n name: my-vpc-link\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcLink.\n", "properties": { "name": { "type": "string", "description": "Name of the API Gateway VPC Link to look up. If no API Gateway VPC Link is found with this name, an error will be returned.\nIf multiple API Gateway VPC Links are found with this name, an error will be returned.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getVpcLink.\n", "properties": { "description": { "description": "Description of the VPC link.\n", "type": "string" }, "id": { "description": "Set to the ID of the found API Gateway VPC Link.\n", "type": "string" }, "name": { "type": "string" }, "status": { "description": "Status of the VPC link.\n", "type": "string" }, "statusMessage": { "description": "Status message of the VPC link.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n", "type": "object" }, "targetArns": { "description": "List of network load balancer arns in the VPC targeted by the VPC link. Currently AWS only supports 1 target.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "description", "id", "name", "status", "statusMessage", "tags", "targetArns" ], "type": "object" } }, "aws:apigatewayv2/getApi:getApi": { "description": "Provides details about a specific Amazon API Gateway Version 2 API.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigatewayv2.getApi({\n apiId: \"aabbccddee\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.get_api(api_id=\"aabbccddee\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGatewayV2.GetApi.Invoke(new()\n {\n ApiId = \"aabbccddee\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.LookupApi(ctx, \u0026apigatewayv2.LookupApiArgs{\n\t\t\tApiId: \"aabbccddee\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Apigatewayv2Functions;\nimport com.pulumi.aws.apigatewayv2.inputs.GetApiArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Apigatewayv2Functions.getApi(GetApiArgs.builder()\n .apiId(\"aabbccddee\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigatewayv2:getApi\n Arguments:\n apiId: aabbccddee\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApi.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags.\n" } }, "type": "object", "required": [ "apiId" ] }, "outputs": { "description": "A collection of values returned by getApi.\n", "properties": { "apiEndpoint": { "description": "URI of the API, of the form `https://{api-id}.execute-api.{region}.amazonaws.com` for HTTP APIs and `wss://{api-id}.execute-api.{region}.amazonaws.com` for WebSocket APIs.\n", "type": "string" }, "apiId": { "type": "string" }, "apiKeySelectionExpression": { "description": "An [API key selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions).\nApplicable for WebSocket APIs.\n", "type": "string" }, "arn": { "description": "ARN of the API.\n", "type": "string" }, "corsConfigurations": { "description": "Cross-origin resource sharing (CORS) [configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html).\nApplicable for HTTP APIs.\n", "items": { "$ref": "#/types/aws:apigatewayv2/getApiCorsConfiguration:getApiCorsConfiguration" }, "type": "array" }, "description": { "description": "Description of the API.\n", "type": "string" }, "disableExecuteApiEndpoint": { "description": "Whether clients can invoke the API by using the default `execute-api` endpoint.\n", "type": "boolean" }, "executionArn": { "description": "ARN prefix to be used in an `aws.lambda.Permission`'s `source_arn` attribute\nor in an `aws.iam.Policy` to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html).\nSee the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the API.\n", "type": "string" }, "protocolType": { "description": "API protocol.\n", "type": "string" }, "routeSelectionExpression": { "description": "The [route selection expression](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-route-selection-expressions) for the API.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of resource tags.\n", "type": "object" }, "version": { "description": "Version identifier for the API.\n", "type": "string" } }, "required": [ "apiEndpoint", "apiId", "apiKeySelectionExpression", "arn", "corsConfigurations", "description", "disableExecuteApiEndpoint", "executionArn", "name", "protocolType", "routeSelectionExpression", "tags", "version", "id" ], "type": "object" } }, "aws:apigatewayv2/getApis:getApis": { "description": "Provides details about multiple Amazon API Gateway Version 2 APIs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigatewayv2.getApis({\n protocolType: \"HTTP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.get_apis(protocol_type=\"HTTP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGatewayV2.GetApis.Invoke(new()\n {\n ProtocolType = \"HTTP\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.GetApis(ctx, \u0026apigatewayv2.GetApisArgs{\n\t\t\tProtocolType: pulumi.StringRef(\"HTTP\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Apigatewayv2Functions;\nimport com.pulumi.aws.apigatewayv2.inputs.GetApisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Apigatewayv2Functions.getApis(GetApisArgs.builder()\n .protocolType(\"HTTP\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigatewayv2:getApis\n Arguments:\n protocolType: HTTP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApis.\n", "properties": { "name": { "type": "string", "description": "API name.\n" }, "protocolType": { "type": "string", "description": "API protocol.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired APIs.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getApis.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of API identifiers.\n", "items": { "type": "string" }, "type": "array" }, "name": { "type": "string" }, "protocolType": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:apigatewayv2/getExport:getExport": { "description": "Exports a definition of an API in a particular output format and specification.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.apigatewayv2.getExport({\n apiId: testAwsApigatewayv2Route.apiId,\n specification: \"OAS30\",\n outputType: \"JSON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.apigatewayv2.get_export(api_id=test_aws_apigatewayv2_route[\"apiId\"],\n specification=\"OAS30\",\n output_type=\"JSON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ApiGatewayV2.GetExport.Invoke(new()\n {\n ApiId = testAwsApigatewayv2Route.ApiId,\n Specification = \"OAS30\",\n OutputType = \"JSON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.GetExport(ctx, \u0026apigatewayv2.GetExportArgs{\n\t\t\tApiId: testAwsApigatewayv2Route.ApiId,\n\t\t\tSpecification: \"OAS30\",\n\t\t\tOutputType: \"JSON\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Apigatewayv2Functions;\nimport com.pulumi.aws.apigatewayv2.inputs.GetExportArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Apigatewayv2Functions.getExport(GetExportArgs.builder()\n .apiId(testAwsApigatewayv2Route.apiId())\n .specification(\"OAS30\")\n .outputType(\"JSON\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:apigatewayv2:getExport\n Arguments:\n apiId: ${testAwsApigatewayv2Route.apiId}\n specification: OAS30\n outputType: JSON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getExport.\n", "properties": { "apiId": { "type": "string", "description": "API identifier.\n" }, "exportVersion": { "type": "string", "description": "Version of the API Gateway export algorithm. API Gateway uses the latest version by default. Currently, the only supported version is `1.0`.\n" }, "includeExtensions": { "type": "boolean", "description": "Whether to include API Gateway extensions in the exported API definition. API Gateway extensions are included by default.\n" }, "outputType": { "type": "string", "description": "Output type of the exported definition file. Valid values are `JSON` and `YAML`.\n" }, "specification": { "type": "string", "description": "Version of the API specification to use. `OAS30`, for OpenAPI 3.0, is the only supported value.\n" }, "stageName": { "type": "string", "description": "Name of the API stage to export. If you don't specify this property, a representation of the latest API configuration is exported.\n" } }, "type": "object", "required": [ "apiId", "outputType", "specification" ] }, "outputs": { "description": "A collection of values returned by getExport.\n", "properties": { "apiId": { "type": "string" }, "body": { "description": "ID of the API.\n", "type": "string" }, "exportVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includeExtensions": { "type": "boolean" }, "outputType": { "type": "string" }, "specification": { "type": "string" }, "stageName": { "type": "string" } }, "required": [ "apiId", "body", "outputType", "specification", "id" ], "type": "object" } }, "aws:apigatewayv2/getVpcLink:getVpcLink": { "description": "Data source for managing an AWS API Gateway V2 VPC Link.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.apigatewayv2.getVpcLink({\n vpcLinkId: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.apigatewayv2.get_vpc_link(vpc_link_id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ApiGatewayV2.GetVpcLink.Invoke(new()\n {\n VpcLinkId = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apigatewayv2.LookupVpcLink(ctx, \u0026apigatewayv2.LookupVpcLinkArgs{\n\t\t\tVpcLinkId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigatewayv2.Apigatewayv2Functions;\nimport com.pulumi.aws.apigatewayv2.inputs.GetVpcLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Apigatewayv2Functions.getVpcLink(GetVpcLinkArgs.builder()\n .vpcLinkId(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:apigatewayv2:getVpcLink\n Arguments:\n vpcLinkId: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcLink.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "VPC Link Tags.\n" }, "vpcLinkId": { "type": "string", "description": "VPC Link ID\n" } }, "type": "object", "required": [ "vpcLinkId" ] }, "outputs": { "description": "A collection of values returned by getVpcLink.\n", "properties": { "arn": { "description": "ARN of the VPC Link.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "VPC Link Name.\n", "type": "string" }, "securityGroupIds": { "description": "List of security groups associated with the VPC Link.\n", "items": { "type": "string" }, "type": "array" }, "subnetIds": { "description": "List of subnets attached to the VPC Link.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "VPC Link Tags.\n", "type": "object" }, "vpcLinkId": { "type": "string" } }, "required": [ "arn", "name", "securityGroupIds", "subnetIds", "tags", "vpcLinkId", "id" ], "type": "object" } }, "aws:appconfig/getConfigurationProfile:getConfigurationProfile": { "description": "Provides access to an AppConfig Configuration Profile.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appconfig.getConfigurationProfile({\n applicationId: \"b5d5gpj\",\n configurationProfileId: \"qrbb1c1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.get_configuration_profile(application_id=\"b5d5gpj\",\n configuration_profile_id=\"qrbb1c1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppConfig.GetConfigurationProfile.Invoke(new()\n {\n ApplicationId = \"b5d5gpj\",\n ConfigurationProfileId = \"qrbb1c1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.LookupConfigurationProfile(ctx, \u0026appconfig.LookupConfigurationProfileArgs{\n\t\t\tApplicationId: \"b5d5gpj\",\n\t\t\tConfigurationProfileId: \"qrbb1c1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.AppconfigFunctions;\nimport com.pulumi.aws.appconfig.inputs.GetConfigurationProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AppconfigFunctions.getConfigurationProfile(GetConfigurationProfileArgs.builder()\n .applicationId(\"b5d5gpj\")\n .configurationProfileId(\"qrbb1c1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:appconfig:getConfigurationProfile\n Arguments:\n applicationId: b5d5gpj\n configurationProfileId: qrbb1c1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConfigurationProfile.\n", "properties": { "applicationId": { "type": "string", "description": "ID of the AppConfig application to which this configuration profile belongs.\n" }, "configurationProfileId": { "type": "string", "description": "ID of the Configuration Profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "applicationId", "configurationProfileId" ] }, "outputs": { "description": "A collection of values returned by getConfigurationProfile.\n", "properties": { "applicationId": { "type": "string" }, "arn": { "description": "ARN of the Configuration Profile.\n", "type": "string" }, "configurationProfileId": { "type": "string" }, "description": { "description": "Description of the Configuration Profile.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyIdentifier": { "type": "string" }, "locationUri": { "description": "Location URI of the Configuration Profile.\n", "type": "string" }, "name": { "description": "Name of the Configuration Profile.\n", "type": "string" }, "retrievalRoleArn": { "description": "ARN of an IAM role with permission to access the configuration at the specified location_uri.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "type": { "description": "Type of validator. Valid values: JSON_SCHEMA and LAMBDA.\n", "type": "string" }, "validators": { "description": "Nested list of methods for validating the configuration.\n", "items": { "$ref": "#/types/aws:appconfig/getConfigurationProfileValidator:getConfigurationProfileValidator" }, "type": "array" } }, "required": [ "applicationId", "arn", "configurationProfileId", "description", "kmsKeyIdentifier", "locationUri", "name", "retrievalRoleArn", "tags", "type", "validators", "id" ], "type": "object" } }, "aws:appconfig/getConfigurationProfiles:getConfigurationProfiles": { "description": "Provides access to all Configuration Properties for an AppConfig Application. This will allow you to pass Configuration\nProfile IDs to another resource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appconfig.getConfigurationProfiles({\n applicationId: \"a1d3rpe\",\n});\nconst exampleGetConfigurationProfile = example.then(example =\u003e .reduce((__obj, [, ]) =\u003e ({ ...__obj, [__key]: aws.appconfig.getConfigurationProfile({\n configurationProfileId: __value,\n applicationId: exampleAwsAppconfigApplication.id,\n}) })));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.get_configuration_profiles(application_id=\"a1d3rpe\")\nexample_get_configuration_profile = {__key: aws.appconfig.get_configuration_profile(configuration_profile_id=__value,\n application_id=example_aws_appconfig_application[\"id\"]) for __key, __value in example.configuration_profile_ids}\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppConfig.GetConfigurationProfiles.Invoke(new()\n {\n ApplicationId = \"a1d3rpe\",\n });\n\n var exampleGetConfigurationProfile = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConfigurationProfiles.\n", "properties": { "applicationId": { "type": "string", "description": "ID of the AppConfig Application.\n" } }, "type": "object", "required": [ "applicationId" ] }, "outputs": { "description": "A collection of values returned by getConfigurationProfiles.\n", "properties": { "applicationId": { "type": "string" }, "configurationProfileIds": { "description": "Set of Configuration Profile IDs associated with the AppConfig Application.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "applicationId", "configurationProfileIds", "id" ], "type": "object" } }, "aws:appconfig/getEnvironment:getEnvironment": { "description": "Provides access to an AppConfig Environment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appconfig.getEnvironment({\n applicationId: \"b5d5gpj\",\n environmentId: \"qrbb1c1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.get_environment(application_id=\"b5d5gpj\",\n environment_id=\"qrbb1c1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppConfig.GetEnvironment.Invoke(new()\n {\n ApplicationId = \"b5d5gpj\",\n EnvironmentId = \"qrbb1c1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.LookupEnvironment(ctx, \u0026appconfig.LookupEnvironmentArgs{\n\t\t\tApplicationId: \"b5d5gpj\",\n\t\t\tEnvironmentId: \"qrbb1c1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.AppconfigFunctions;\nimport com.pulumi.aws.appconfig.inputs.GetEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AppconfigFunctions.getEnvironment(GetEnvironmentArgs.builder()\n .applicationId(\"b5d5gpj\")\n .environmentId(\"qrbb1c1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:appconfig:getEnvironment\n Arguments:\n applicationId: b5d5gpj\n environmentId: qrbb1c1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEnvironment.\n", "properties": { "applicationId": { "type": "string", "description": "ID of the AppConfig Application to which this Environment belongs.\n" }, "environmentId": { "type": "string", "description": "ID of the AppConfig Environment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "applicationId", "environmentId" ] }, "outputs": { "description": "A collection of values returned by getEnvironment.\n", "properties": { "applicationId": { "type": "string" }, "arn": { "description": "ARN of the environment.\n", "type": "string" }, "description": { "description": "Name of the environment.\n", "type": "string" }, "environmentId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "monitors": { "description": "Set of Amazon CloudWatch alarms to monitor during the deployment process.\n", "items": { "$ref": "#/types/aws:appconfig/getEnvironmentMonitor:getEnvironmentMonitor" }, "type": "array" }, "name": { "description": "Name of the environment.\n", "type": "string" }, "state": { "description": "State of the environment. Possible values are `READY_FOR_DEPLOYMENT`, `DEPLOYING`, `ROLLING_BACK`\nor `ROLLED_BACK`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" } }, "required": [ "applicationId", "arn", "description", "environmentId", "monitors", "name", "state", "tags", "id" ], "type": "object" } }, "aws:appconfig/getEnvironments:getEnvironments": { "description": "Provides access to all Environments for an AppConfig Application. This will allow you to pass Environment IDs to another\nresource.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appconfig.getEnvironments({\n applicationId: \"a1d3rpe\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appconfig.get_environments(application_id=\"a1d3rpe\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppConfig.GetEnvironments.Invoke(new()\n {\n ApplicationId = \"a1d3rpe\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appconfig\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appconfig.GetEnvironments(ctx, \u0026appconfig.GetEnvironmentsArgs{\n\t\t\tApplicationId: \"a1d3rpe\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appconfig.AppconfigFunctions;\nimport com.pulumi.aws.appconfig.inputs.GetEnvironmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AppconfigFunctions.getEnvironments(GetEnvironmentsArgs.builder()\n .applicationId(\"a1d3rpe\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:appconfig:getEnvironments\n Arguments:\n applicationId: a1d3rpe\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEnvironments.\n", "properties": { "applicationId": { "type": "string", "description": "ID of the AppConfig Application.\n" } }, "type": "object", "required": [ "applicationId" ] }, "outputs": { "description": "A collection of values returned by getEnvironments.\n", "properties": { "applicationId": { "type": "string" }, "environmentIds": { "description": "Set of Environment IDs associated with this AppConfig Application.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "applicationId", "environmentIds", "id" ], "type": "object" } }, "aws:appintegrations/getEventIntegration:getEventIntegration": { "description": "Use this data source to get information on an existing AppIntegrations Event Integration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appintegrations.getEventIntegration({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appintegrations.get_event_integration(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppIntegrations.GetEventIntegration.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appintegrations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appintegrations.GetEventIntegration(ctx, \u0026appintegrations.GetEventIntegrationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appintegrations.AppintegrationsFunctions;\nimport com.pulumi.aws.appintegrations.inputs.GetEventIntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AppintegrationsFunctions.getEventIntegration(GetEventIntegrationArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:appintegrations:getEventIntegration\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEventIntegration.\n", "properties": { "name": { "type": "string", "description": "The AppIntegrations Event Integration name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getEventIntegration.\n", "properties": { "arn": { "description": "The ARN of the AppIntegrations Event Integration.\n", "type": "string" }, "description": { "description": "The description of the Event Integration.\n", "type": "string" }, "eventFilters": { "description": "A block that defines the configuration information for the event filter. The Event Filter block is documented below.\n", "items": { "$ref": "#/types/aws:appintegrations/getEventIntegrationEventFilter:getEventIntegrationEventFilter" }, "type": "array" }, "eventbridgeBus": { "description": "The EventBridge bus.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create.\n", "type": "object" } }, "required": [ "arn", "description", "eventFilters", "eventbridgeBus", "name", "tags", "id" ], "type": "object" } }, "aws:appmesh/getGatewayRoute:getGatewayRoute": { "description": "The App Mesh Gateway Route data source allows details of an App Mesh Gateway Route to be retrieved by its name, mesh_name, virtual_gateway_name, and optionally the mesh_owner.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.appmesh.getGatewayRoute({\n name: \"test-route\",\n meshName: \"test-mesh\",\n virtualGatewayName: \"test-gateway\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appmesh.get_gateway_route(name=\"test-route\",\n mesh_name=\"test-mesh\",\n virtual_gateway_name=\"test-gateway\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.AppMesh.GetGatewayRoute.Invoke(new()\n {\n Name = \"test-route\",\n MeshName = \"test-mesh\",\n VirtualGatewayName = \"test-gateway\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupGatewayRoute(ctx, \u0026appmesh.LookupGatewayRouteArgs{\n\t\t\tName: \"test-route\",\n\t\t\tMeshName: \"test-mesh\",\n\t\t\tVirtualGatewayName: \"test-gateway\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetGatewayRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = AppmeshFunctions.getGatewayRoute(GetGatewayRouteArgs.builder()\n .name(\"test-route\")\n .meshName(\"test-mesh\")\n .virtualGatewayName(\"test-gateway\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:appmesh:getGatewayRoute\n Arguments:\n name: test-route\n meshName: test-mesh\n virtualGatewayName: test-gateway\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGatewayRoute.\n", "properties": { "meshName": { "type": "string", "description": "Name of the service mesh in which the virtual gateway exists.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name of the gateway route.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" }, "virtualGatewayName": { "type": "string", "description": "Name of the virtual gateway in which the route exists.\n" } }, "type": "object", "required": [ "meshName", "name", "virtualGatewayName" ] }, "outputs": { "description": "A collection of values returned by getGatewayRoute.\n", "properties": { "arn": { "description": "ARN of the gateway route.\n", "type": "string" }, "createdDate": { "description": "Creation date of the gateway route.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the gateway route.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Gateway route specification. See the `aws.appmesh.GatewayRoute` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getGatewayRouteSpec:getGatewayRouteSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" }, "virtualGatewayName": { "type": "string" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "virtualGatewayName", "id" ], "type": "object" } }, "aws:appmesh/getMesh:getMesh": { "description": "The App Mesh Mesh data source allows details of an App Mesh Mesh to be retrieved by its name and optionally the mesh_owner.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst simple = aws.appmesh.getMesh({\n name: \"simpleapp\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsimple = aws.appmesh.get_mesh(name=\"simpleapp\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var simple = Aws.AppMesh.GetMesh.Invoke(new()\n {\n Name = \"simpleapp\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupMesh(ctx, \u0026appmesh.LookupMeshArgs{\n\t\t\tName: \"simpleapp\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetMeshArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var simple = AppmeshFunctions.getMesh(GetMeshArgs.builder()\n .name(\"simpleapp\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n simple:\n fn::invoke:\n Function: aws:appmesh:getMesh\n Arguments:\n name: simpleapp\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst simple = current.then(current =\u003e aws.appmesh.getMesh({\n name: \"simpleapp\",\n meshOwner: current.accountId,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nsimple = aws.appmesh.get_mesh(name=\"simpleapp\",\n mesh_owner=current.account_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var simple = Aws.AppMesh.GetMesh.Invoke(new()\n {\n Name = \"simpleapp\",\n MeshOwner = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appmesh.LookupMesh(ctx, \u0026appmesh.LookupMeshArgs{\n\t\t\tName: \"simpleapp\",\n\t\t\tMeshOwner: pulumi.StringRef(current.AccountId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetMeshArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var simple = AppmeshFunctions.getMesh(GetMeshArgs.builder()\n .name(\"simpleapp\")\n .meshOwner(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n simple:\n fn::invoke:\n Function: aws:appmesh:getMesh\n Arguments:\n name: simpleapp\n meshOwner: ${current.accountId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMesh.\n", "properties": { "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name of the service mesh.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getMesh.\n", "properties": { "arn": { "description": "ARN of the service mesh.\n", "type": "string" }, "createdDate": { "description": "Creation date of the service mesh.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the service mesh.\n", "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Service mesh specification. See the `aws.appmesh.Mesh` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getMeshSpec:getMeshSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshOwner", "name", "resourceOwner", "specs", "tags", "id" ], "type": "object" } }, "aws:appmesh/getRoute:getRoute": { "description": "The App Mesh Route data source allows details of an App Mesh Route to be retrieved by its name, mesh_name, virtual_router_name, and optionally the mesh_owner.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = AppmeshFunctions.getVirtualService(GetVirtualServiceArgs.builder()\n .name(\"test-route\")\n .meshName(\"test-mesh\")\n .virtualRouterName(\"test-router\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualService\n Arguments:\n name: test-route\n meshName: test-mesh\n virtualRouterName: test-router\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRoute.\n", "properties": { "meshName": { "type": "string", "description": "Name of the service mesh in which the virtual router exists.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name of the route.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" }, "virtualRouterName": { "type": "string", "description": "Name of the virtual router in which the route exists.\n" } }, "type": "object", "required": [ "meshName", "name", "virtualRouterName" ] }, "outputs": { "description": "A collection of values returned by getRoute.\n", "properties": { "arn": { "description": "ARN of the route.\n", "type": "string" }, "createdDate": { "description": "Creation date of the route.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the route.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Route specification. See the `aws.appmesh.Route` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getRouteSpec:getRouteSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" }, "virtualRouterName": { "type": "string" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "virtualRouterName", "id" ], "type": "object" } }, "aws:appmesh/getVirtualGateway:getVirtualGateway": { "description": "Data source for managing an AWS App Mesh Virtual Gateway.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.appmesh.getVirtualGateway({\n meshName: \"mesh-gateway\",\n name: \"example-mesh\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.appmesh.get_virtual_gateway(mesh_name=\"mesh-gateway\",\n name=\"example-mesh\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.AppMesh.GetVirtualGateway.Invoke(new()\n {\n MeshName = \"mesh-gateway\",\n Name = \"example-mesh\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupVirtualGateway(ctx, \u0026appmesh.LookupVirtualGatewayArgs{\n\t\t\tMeshName: \"mesh-gateway\",\n\t\t\tName: \"example-mesh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AppmeshFunctions.getVirtualGateway(GetVirtualGatewayArgs.builder()\n .meshName(\"mesh-gateway\")\n .name(\"example-mesh\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:appmesh:getVirtualGateway\n Arguments:\n meshName: mesh-gateway\n name: example-mesh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var test = AppmeshFunctions.getVirtualGateway(GetVirtualGatewayArgs.builder()\n .name(\"example.mesh.local\")\n .meshName(\"example-mesh\")\n .meshOwner(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualGateway\n Arguments:\n name: example.mesh.local\n meshName: example-mesh\n meshOwner: ${current.accountId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVirtualGateway.\n", "properties": { "meshName": { "type": "string", "description": "Name of the service mesh in which the virtual gateway exists.\n" }, "name": { "type": "string", "description": "Name of the virtual gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" } }, "type": "object", "required": [ "meshName", "name" ] }, "outputs": { "description": "A collection of values returned by getVirtualGateway.\n", "properties": { "arn": { "description": "ARN of the virtual gateway.\n", "type": "string" }, "createdDate": { "description": "Creation date of the virtual gateway.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the virtual gateway.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Virtual gateway specification. See the `aws.appmesh.VirtualGateway` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getVirtualGatewaySpec:getVirtualGatewaySpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "id" ], "type": "object" } }, "aws:appmesh/getVirtualNode:getVirtualNode": { "description": "Data source for managing an AWS App Mesh Virtual Node.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.appmesh.getVirtualNode({\n name: \"serviceBv1\",\n meshName: \"example-mesh\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appmesh.get_virtual_node(name=\"serviceBv1\",\n mesh_name=\"example-mesh\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.AppMesh.GetVirtualNode.Invoke(new()\n {\n Name = \"serviceBv1\",\n MeshName = \"example-mesh\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupVirtualNode(ctx, \u0026appmesh.LookupVirtualNodeArgs{\n\t\t\tName: \"serviceBv1\",\n\t\t\tMeshName: \"example-mesh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualNodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = AppmeshFunctions.getVirtualNode(GetVirtualNodeArgs.builder()\n .name(\"serviceBv1\")\n .meshName(\"example-mesh\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualNode\n Arguments:\n name: serviceBv1\n meshName: example-mesh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVirtualNode.\n", "properties": { "meshName": { "type": "string", "description": "Name of the service mesh in which the virtual node exists.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name of the virtual node.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" } }, "type": "object", "required": [ "meshName", "name" ] }, "outputs": { "description": "A collection of values returned by getVirtualNode.\n", "properties": { "arn": { "description": "ARN of the virtual node.\n", "type": "string" }, "createdDate": { "description": "Creation date of the virtual node.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the virtual node.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Virtual node specification. See the `aws.appmesh.VirtualNode` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getVirtualNodeSpec:getVirtualNodeSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "id" ], "type": "object" } }, "aws:appmesh/getVirtualRouter:getVirtualRouter": { "description": "The App Mesh Virtual Router data source allows details of an App Mesh Virtual Service to be retrieved by its name and mesh_name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.appmesh.getVirtualRouter({\n name: \"example-router-name\",\n meshName: \"example-mesh-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appmesh.get_virtual_router(name=\"example-router-name\",\n mesh_name=\"example-mesh-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.AppMesh.GetVirtualRouter.Invoke(new()\n {\n Name = \"example-router-name\",\n MeshName = \"example-mesh-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupVirtualRouter(ctx, \u0026appmesh.LookupVirtualRouterArgs{\n\t\t\tName: \"example-router-name\",\n\t\t\tMeshName: \"example-mesh-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualRouterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = AppmeshFunctions.getVirtualRouter(GetVirtualRouterArgs.builder()\n .name(\"example-router-name\")\n .meshName(\"example-mesh-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualRouter\n Arguments:\n name: example-router-name\n meshName: example-mesh-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVirtualRouter.\n", "properties": { "meshName": { "type": "string", "description": "Name of the mesh in which the virtual router exists\n" }, "meshOwner": { "type": "string" }, "name": { "type": "string", "description": "Name of the virtual router.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" } }, "type": "object", "required": [ "meshName", "name" ] }, "outputs": { "description": "A collection of values returned by getVirtualRouter.\n", "properties": { "arn": { "description": "ARN of the virtual router.\n", "type": "string" }, "createdDate": { "description": "Creation date of the virtual router.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the virtual router.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Virtual routers specification. See the `aws.appmesh.VirtualRouter` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getVirtualRouterSpec:getVirtualRouterSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "id" ], "type": "object" } }, "aws:appmesh/getVirtualService:getVirtualService": { "description": "The App Mesh Virtual Service data source allows details of an App Mesh Virtual Service to be retrieved by its name, mesh_name, and optionally the mesh_owner.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.appmesh.getVirtualService({\n name: \"example.mesh.local\",\n meshName: \"example-mesh\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.appmesh.get_virtual_service(name=\"example.mesh.local\",\n mesh_name=\"example-mesh\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.AppMesh.GetVirtualService.Invoke(new()\n {\n Name = \"example.mesh.local\",\n MeshName = \"example-mesh\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := appmesh.LookupVirtualService(ctx, \u0026appmesh.LookupVirtualServiceArgs{\n\t\t\tName: \"example.mesh.local\",\n\t\t\tMeshName: \"example-mesh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = AppmeshFunctions.getVirtualService(GetVirtualServiceArgs.builder()\n .name(\"example.mesh.local\")\n .meshName(\"example-mesh\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualService\n Arguments:\n name: example.mesh.local\n meshName: example-mesh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst test = current.then(current =\u003e aws.appmesh.getVirtualService({\n name: \"example.mesh.local\",\n meshName: \"example-mesh\",\n meshOwner: current.accountId,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ntest = aws.appmesh.get_virtual_service(name=\"example.mesh.local\",\n mesh_name=\"example-mesh\",\n mesh_owner=current.account_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var test = Aws.AppMesh.GetVirtualService.Invoke(new()\n {\n Name = \"example.mesh.local\",\n MeshName = \"example-mesh\",\n MeshOwner = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appmesh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appmesh.LookupVirtualService(ctx, \u0026appmesh.LookupVirtualServiceArgs{\n\t\t\tName: \"example.mesh.local\",\n\t\t\tMeshName: \"example-mesh\",\n\t\t\tMeshOwner: pulumi.StringRef(current.AccountId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.appmesh.AppmeshFunctions;\nimport com.pulumi.aws.appmesh.inputs.GetVirtualServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var test = AppmeshFunctions.getVirtualService(GetVirtualServiceArgs.builder()\n .name(\"example.mesh.local\")\n .meshName(\"example-mesh\")\n .meshOwner(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n test:\n fn::invoke:\n Function: aws:appmesh:getVirtualService\n Arguments:\n name: example.mesh.local\n meshName: example-mesh\n meshOwner: ${current.accountId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVirtualService.\n", "properties": { "meshName": { "type": "string", "description": "Name of the service mesh in which the virtual service exists.\n" }, "meshOwner": { "type": "string", "description": "AWS account ID of the service mesh's owner.\n" }, "name": { "type": "string", "description": "Name of the virtual service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags.\n" } }, "type": "object", "required": [ "meshName", "name" ] }, "outputs": { "description": "A collection of values returned by getVirtualService.\n", "properties": { "arn": { "description": "ARN of the virtual service.\n", "type": "string" }, "createdDate": { "description": "Creation date of the virtual service.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last update date of the virtual service.\n", "type": "string" }, "meshName": { "type": "string" }, "meshOwner": { "type": "string" }, "name": { "type": "string" }, "resourceOwner": { "description": "Resource owner's AWS account ID.\n", "type": "string" }, "specs": { "description": "Virtual service specification. See the `aws.appmesh.VirtualService` resource for details.\n", "items": { "$ref": "#/types/aws:appmesh/getVirtualServiceSpec:getVirtualServiceSpec" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "lastUpdatedDate", "meshName", "meshOwner", "name", "resourceOwner", "specs", "tags", "id" ], "type": "object" } }, "aws:apprunner/getHostedZoneId:getHostedZoneId": { "description": "Use this data source to get the HostedZoneId of an AWS App Runner service deployed\nin a given region for the purpose of using it in an AWS Route53 Alias record.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.apprunner.getHostedZoneId({});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"example.com\",\n type: aws.route53.RecordType.A,\n aliases: [{\n name: mainAwsApprunnerCustomDomainAssociation.dnsTarget,\n zoneId: main.then(main =\u003e main.id),\n evaluateTargetHealth: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.apprunner.get_hosted_zone_id()\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"example.com\",\n type=aws.route53.RecordType.A,\n aliases=[{\n \"name\": main_aws_apprunner_custom_domain_association[\"dnsTarget\"],\n \"zone_id\": main.id,\n \"evaluate_target_health\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.AppRunner.GetHostedZoneId.Invoke();\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"example.com\",\n Type = Aws.Route53.RecordType.A,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = mainAwsApprunnerCustomDomainAssociation.DnsTarget,\n ZoneId = main.Apply(getHostedZoneIdResult =\u003e getHostedZoneIdResult.Id),\n EvaluateTargetHealth = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := apprunner.GetHostedZoneId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: pulumi.Any(mainAwsApprunnerCustomDomainAssociation.DnsTarget),\n\t\t\t\t\tZoneId: pulumi.String(main.Id),\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apprunner.ApprunnerFunctions;\nimport com.pulumi.aws.apprunner.inputs.GetHostedZoneIdArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = ApprunnerFunctions.getHostedZoneId();\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"example.com\")\n .type(\"A\")\n .aliases(RecordAliasArgs.builder()\n .name(mainAwsApprunnerCustomDomainAssociation.dnsTarget())\n .zoneId(main.applyValue(getHostedZoneIdResult -\u003e getHostedZoneIdResult.id()))\n .evaluateTargetHealth(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: example.com\n type: A\n aliases:\n - name: ${mainAwsApprunnerCustomDomainAssociation.dnsTarget}\n zoneId: ${main.id}\n evaluateTargetHealth: true\nvariables:\n main:\n fn::invoke:\n Function: aws:apprunner:getHostedZoneId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHostedZoneId.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS App Runner service HostedZoneId is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZoneId.\n", "properties": { "id": { "description": "ID of the AWS App Runner service HostedZoneId in the selected region.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "id", "region" ], "type": "object" } }, "aws:appstream/getImage:getImage": { "description": "Data source for managing an AWS AppStream 2.0 Image.\n", "inputs": { "description": "A collection of arguments for invoking getImage.\n", "properties": { "arn": { "type": "string", "description": "Arn of the image being searched for. Cannot be used with name_regex or name.\n" }, "mostRecent": { "type": "boolean", "description": "Boolean that if it is set to true and there are multiple images returned the most recent will be returned. If it is set to false and there are multiple images return the datasource will error.\n" }, "name": { "type": "string", "description": "Name of the image being searched for. Cannot be used with name_regex or arn.\n" }, "nameRegex": { "type": "string", "description": "Regular expression name of the image being searched for. Cannot be used with arn or name.\n" }, "type": { "type": "string", "description": "The type of image which must be (PUBLIC, PRIVATE, or SHARED).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getImage.\n", "properties": { "applications": { "items": { "$ref": "#/types/aws:appstream/getImageApplication:getImageApplication" }, "type": "array" }, "appstreamAgentVersion": { "description": "Version of the AppStream 2.0 agent to use for instances that are launched from this image. Has a maximum length of 100 characters.\n", "type": "string" }, "arn": { "description": "ARN of the image.\n", "type": "string" }, "baseImageArn": { "description": "ARN of the image from which the image was created.\n", "type": "string" }, "createdTime": { "description": "Time at which this image was created.\n", "type": "string" }, "description": { "description": "Description of image.\n", "type": "string" }, "displayName": { "description": "Image name to display.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageBuilderName": { "description": "The name of the image builder that was used to created the private image. If the image is sharedthen the value is null.\n", "type": "string" }, "imageBuilderSupported": { "description": "Boolean to indicate whether an image builder can be launched from this image.\n* `image error` - Resource error object that describes the error containing the following:\n", "type": "boolean" }, "imagePermissions": { "description": "List of strings describing the image permissions containing the following:\n", "items": { "$ref": "#/types/aws:appstream/getImageImagePermission:getImageImagePermission" }, "type": "array" }, "mostRecent": { "type": "boolean" }, "name": { "type": "string" }, "nameRegex": { "type": "string" }, "platform": { "description": "Operating system platform of the image. Values will be from: WINDOWS | WINDOWS_SERVER_2016 | WINDOWS_SERVER_2019 | WINDOWS_SERVER_2022 | AMAZON_LINUX2\n", "type": "string" }, "publicBaseImageReleasedDate": { "type": "string" }, "state": { "description": "Current state of image. Image starts in PENDING state which changes to AVAILABLE if creation passes and FAILED if it fails. Values will be from: PENDING | AVAILABLE | FAILED | COPYING | DELETING | CREATING | IMPORTING.\n", "type": "string" }, "stateChangeReasons": { "items": { "$ref": "#/types/aws:appstream/getImageStateChangeReason:getImageStateChangeReason" }, "type": "array" }, "type": { "type": "string" } }, "required": [ "applications", "appstreamAgentVersion", "arn", "baseImageArn", "createdTime", "description", "displayName", "imageBuilderName", "imageBuilderSupported", "imagePermissions", "name", "platform", "publicBaseImageReleasedDate", "state", "stateChangeReasons", "id" ], "type": "object" } }, "aws:athena/getNamedQuery:getNamedQuery": { "description": "Provides an Athena Named Query data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.athena.getNamedQuery({\n name: \"athenaQueryName\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.athena.get_named_query(name=\"athenaQueryName\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Athena.GetNamedQuery.Invoke(new()\n {\n Name = \"athenaQueryName\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/athena\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := athena.LookupNamedQuery(ctx, \u0026athena.LookupNamedQueryArgs{\n\t\t\tName: \"athenaQueryName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.athena.AthenaFunctions;\nimport com.pulumi.aws.athena.inputs.GetNamedQueryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AthenaFunctions.getNamedQuery(GetNamedQueryArgs.builder()\n .name(\"athenaQueryName\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:athena:getNamedQuery\n Arguments:\n name: athenaQueryName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNamedQuery.\n", "properties": { "name": { "type": "string", "description": "The plain language name for the query. Maximum length of 128.\n" }, "workgroup": { "type": "string", "description": "The workgroup to which the query belongs. Defaults to `primary`.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getNamedQuery.\n", "properties": { "database": { "description": "Database to which the query belongs.\n", "type": "string" }, "description": { "description": "Brief explanation of the query.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "querystring": { "type": "string" }, "workgroup": { "type": "string" } }, "required": [ "database", "description", "name", "querystring", "id" ], "type": "object" } }, "aws:auditmanager/getControl:getControl": { "description": "Data source for managing an AWS Audit Manager Control.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.auditmanager.getControl({\n name: \"1. Risk Management\",\n type: \"Standard\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.get_control(name=\"1. Risk Management\",\n type=\"Standard\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Auditmanager.GetControl.Invoke(new()\n {\n Name = \"1. Risk Management\",\n Type = \"Standard\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.LookupControl(ctx, \u0026auditmanager.LookupControlArgs{\n\t\t\tName: \"1. Risk Management\",\n\t\t\tType: \"Standard\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AuditmanagerFunctions;\nimport com.pulumi.aws.auditmanager.inputs.GetControlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AuditmanagerFunctions.getControl(GetControlArgs.builder()\n .name(\"1. Risk Management\")\n .type(\"Standard\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:auditmanager:getControl\n Arguments:\n name: 1. Risk Management\n type: Standard\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Framework Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.auditmanager.getControl({\n name: \"1. Risk Management\",\n type: \"Standard\",\n});\nconst example2 = aws.auditmanager.getControl({\n name: \"2. Personnel\",\n type: \"Standard\",\n});\nconst exampleFramework = new aws.auditmanager.Framework(\"example\", {\n name: \"example\",\n controlSets: [\n {\n name: \"example\",\n controls: [{\n id: example.then(example =\u003e example.id),\n }],\n },\n {\n name: \"example2\",\n controls: [{\n id: example2.then(example2 =\u003e example2.id),\n }],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.get_control(name=\"1. Risk Management\",\n type=\"Standard\")\nexample2 = aws.auditmanager.get_control(name=\"2. Personnel\",\n type=\"Standard\")\nexample_framework = aws.auditmanager.Framework(\"example\",\n name=\"example\",\n control_sets=[\n {\n \"name\": \"example\",\n \"controls\": [{\n \"id\": example.id,\n }],\n },\n {\n \"name\": \"example2\",\n \"controls\": [{\n \"id\": example2.id,\n }],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Auditmanager.GetControl.Invoke(new()\n {\n Name = \"1. Risk Management\",\n Type = \"Standard\",\n });\n\n var example2 = Aws.Auditmanager.GetControl.Invoke(new()\n {\n Name = \"2. Personnel\",\n Type = \"Standard\",\n });\n\n var exampleFramework = new Aws.Auditmanager.Framework(\"example\", new()\n {\n Name = \"example\",\n ControlSets = new[]\n {\n new Aws.Auditmanager.Inputs.FrameworkControlSetArgs\n {\n Name = \"example\",\n Controls = new[]\n {\n new Aws.Auditmanager.Inputs.FrameworkControlSetControlArgs\n {\n Id = example.Apply(getControlResult =\u003e getControlResult.Id),\n },\n },\n },\n new Aws.Auditmanager.Inputs.FrameworkControlSetArgs\n {\n Name = \"example2\",\n Controls = new[]\n {\n new Aws.Auditmanager.Inputs.FrameworkControlSetControlArgs\n {\n Id = example2.Apply(getControlResult =\u003e getControlResult.Id),\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := auditmanager.LookupControl(ctx, \u0026auditmanager.LookupControlArgs{\n\t\t\tName: \"1. Risk Management\",\n\t\t\tType: \"Standard\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := auditmanager.LookupControl(ctx, \u0026auditmanager.LookupControlArgs{\n\t\t\tName: \"2. Personnel\",\n\t\t\tType: \"Standard\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = auditmanager.NewFramework(ctx, \"example\", \u0026auditmanager.FrameworkArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tControlSets: auditmanager.FrameworkControlSetArray{\n\t\t\t\t\u0026auditmanager.FrameworkControlSetArgs{\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tControls: auditmanager.FrameworkControlSetControlArray{\n\t\t\t\t\t\t\u0026auditmanager.FrameworkControlSetControlArgs{\n\t\t\t\t\t\t\tId: pulumi.String(example.Id),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026auditmanager.FrameworkControlSetArgs{\n\t\t\t\t\tName: pulumi.String(\"example2\"),\n\t\t\t\t\tControls: auditmanager.FrameworkControlSetControlArray{\n\t\t\t\t\t\t\u0026auditmanager.FrameworkControlSetControlArgs{\n\t\t\t\t\t\t\tId: pulumi.String(example2.Id),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AuditmanagerFunctions;\nimport com.pulumi.aws.auditmanager.inputs.GetControlArgs;\nimport com.pulumi.aws.auditmanager.Framework;\nimport com.pulumi.aws.auditmanager.FrameworkArgs;\nimport com.pulumi.aws.auditmanager.inputs.FrameworkControlSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AuditmanagerFunctions.getControl(GetControlArgs.builder()\n .name(\"1. Risk Management\")\n .type(\"Standard\")\n .build());\n\n final var example2 = AuditmanagerFunctions.getControl(GetControlArgs.builder()\n .name(\"2. Personnel\")\n .type(\"Standard\")\n .build());\n\n var exampleFramework = new Framework(\"exampleFramework\", FrameworkArgs.builder()\n .name(\"example\")\n .controlSets( \n FrameworkControlSetArgs.builder()\n .name(\"example\")\n .controls(FrameworkControlSetControlArgs.builder()\n .id(example.applyValue(getControlResult -\u003e getControlResult.id()))\n .build())\n .build(),\n FrameworkControlSetArgs.builder()\n .name(\"example2\")\n .controls(FrameworkControlSetControlArgs.builder()\n .id(example2.applyValue(getControlResult -\u003e getControlResult.id()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleFramework:\n type: aws:auditmanager:Framework\n name: example\n properties:\n name: example\n controlSets:\n - name: example\n controls:\n - id: ${example.id}\n - name: example2\n controls:\n - id: ${example2.id}\nvariables:\n example:\n fn::invoke:\n Function: aws:auditmanager:getControl\n Arguments:\n name: 1. Risk Management\n type: Standard\n example2:\n fn::invoke:\n Function: aws:auditmanager:getControl\n Arguments:\n name: 2. Personnel\n type: Standard\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getControl.\n", "properties": { "controlMappingSources": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/getControlControlMappingSource:getControlControlMappingSource" } }, "name": { "type": "string", "description": "Name of the control.\n" }, "type": { "type": "string", "description": "Type of control. Valid values are `Custom` and `Standard`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "outputs": { "description": "A collection of values returned by getControl.\n", "properties": { "actionPlanInstructions": { "type": "string" }, "actionPlanTitle": { "type": "string" }, "arn": { "type": "string" }, "controlMappingSources": { "items": { "$ref": "#/types/aws:auditmanager/getControlControlMappingSource:getControlControlMappingSource" }, "type": "array" }, "description": { "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "testingInformation": { "type": "string" }, "type": { "type": "string" } }, "required": [ "actionPlanInstructions", "actionPlanTitle", "arn", "description", "id", "name", "tags", "testingInformation", "type" ], "type": "object" } }, "aws:auditmanager/getFramework:getFramework": { "description": "Data source for managing an AWS Audit Manager Framework.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.auditmanager.getFramework({\n name: \"Essential Eight\",\n frameworkType: \"Standard\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.auditmanager.get_framework(name=\"Essential Eight\",\n framework_type=\"Standard\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Auditmanager.GetFramework.Invoke(new()\n {\n Name = \"Essential Eight\",\n FrameworkType = \"Standard\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := auditmanager.LookupFramework(ctx, \u0026auditmanager.LookupFrameworkArgs{\n\t\t\tName: \"Essential Eight\",\n\t\t\tFrameworkType: \"Standard\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.auditmanager.AuditmanagerFunctions;\nimport com.pulumi.aws.auditmanager.inputs.GetFrameworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AuditmanagerFunctions.getFramework(GetFrameworkArgs.builder()\n .name(\"Essential Eight\")\n .frameworkType(\"Standard\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:auditmanager:getFramework\n Arguments:\n name: Essential Eight\n frameworkType: Standard\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFramework.\n", "properties": { "controlSets": { "type": "array", "items": { "$ref": "#/types/aws:auditmanager/getFrameworkControlSet:getFrameworkControlSet" } }, "frameworkType": { "type": "string" }, "name": { "type": "string", "description": "Name of the framework.\n" } }, "type": "object", "required": [ "frameworkType", "name" ] }, "outputs": { "description": "A collection of values returned by getFramework.\n", "properties": { "arn": { "type": "string" }, "complianceType": { "type": "string" }, "controlSets": { "items": { "$ref": "#/types/aws:auditmanager/getFrameworkControlSet:getFrameworkControlSet" }, "type": "array" }, "description": { "type": "string" }, "frameworkType": { "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "complianceType", "description", "frameworkType", "id", "name", "tags" ], "type": "object" } }, "aws:autoscaling/getAmiIds:getAmiIds": { "description": "The Autoscaling Groups data source allows access to the list of AWS\nASGs within a specific region. This will allow you to pass a list of AutoScaling Groups to other resources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst groups = aws.autoscaling.getAmiIds({\n filters: [\n {\n name: \"tag:Team\",\n values: [\"Pets\"],\n },\n {\n name: \"tag-key\",\n values: [\"Environment\"],\n },\n ],\n});\nconst slackNotifications = new aws.autoscaling.Notification(\"slack_notifications\", {\n groupNames: groups.then(groups =\u003e groups.names),\n notifications: [\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topicArn: \"TOPIC ARN\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngroups = aws.autoscaling.get_ami_ids(filters=[\n {\n \"name\": \"tag:Team\",\n \"values\": [\"Pets\"],\n },\n {\n \"name\": \"tag-key\",\n \"values\": [\"Environment\"],\n },\n])\nslack_notifications = aws.autoscaling.Notification(\"slack_notifications\",\n group_names=groups.names,\n notifications=[\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n ],\n topic_arn=\"TOPIC ARN\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var groups = Aws.AutoScaling.GetAmiIds.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.AutoScaling.Inputs.GetAmiIdsFilterInputArgs\n {\n Name = \"tag:Team\",\n Values = new[]\n {\n \"Pets\",\n },\n },\n new Aws.AutoScaling.Inputs.GetAmiIdsFilterInputArgs\n {\n Name = \"tag-key\",\n Values = new[]\n {\n \"Environment\",\n },\n },\n },\n });\n\n var slackNotifications = new Aws.AutoScaling.Notification(\"slack_notifications\", new()\n {\n GroupNames = groups.Apply(getAmiIdsResult =\u003e getAmiIdsResult.Names),\n Notifications = new[]\n {\n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\",\n },\n TopicArn = \"TOPIC ARN\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroups, err := autoscaling.GetAmiIds(ctx, \u0026autoscaling.GetAmiIdsArgs{\n\t\t\tFilters: []autoscaling.GetAmiIdsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Team\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Pets\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"tag-key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Environment\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = autoscaling.NewNotification(ctx, \"slack_notifications\", \u0026autoscaling.NotificationArgs{\n\t\t\tGroupNames: interface{}(groups.Names),\n\t\t\tNotifications: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\"),\n\t\t\t\tpulumi.String(\"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\"),\n\t\t\t},\n\t\t\tTopicArn: pulumi.String(\"TOPIC ARN\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.AutoscalingFunctions;\nimport com.pulumi.aws.autoscaling.inputs.GetAmiIdsArgs;\nimport com.pulumi.aws.autoscaling.Notification;\nimport com.pulumi.aws.autoscaling.NotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var groups = AutoscalingFunctions.getAmiIds(GetAmiIdsArgs.builder()\n .filters( \n GetAmiIdsFilterArgs.builder()\n .name(\"tag:Team\")\n .values(\"Pets\")\n .build(),\n GetAmiIdsFilterArgs.builder()\n .name(\"tag-key\")\n .values(\"Environment\")\n .build())\n .build());\n\n var slackNotifications = new Notification(\"slackNotifications\", NotificationArgs.builder()\n .groupNames(groups.applyValue(getAmiIdsResult -\u003e getAmiIdsResult.names()))\n .notifications( \n \"autoscaling:EC2_INSTANCE_LAUNCH\",\n \"autoscaling:EC2_INSTANCE_TERMINATE\",\n \"autoscaling:EC2_INSTANCE_LAUNCH_ERROR\",\n \"autoscaling:EC2_INSTANCE_TERMINATE_ERROR\")\n .topicArn(\"TOPIC ARN\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n slackNotifications:\n type: aws:autoscaling:Notification\n name: slack_notifications\n properties:\n groupNames: ${groups.names}\n notifications:\n - autoscaling:EC2_INSTANCE_LAUNCH\n - autoscaling:EC2_INSTANCE_TERMINATE\n - autoscaling:EC2_INSTANCE_LAUNCH_ERROR\n - autoscaling:EC2_INSTANCE_TERMINATE_ERROR\n topicArn: TOPIC ARN\nvariables:\n groups:\n fn::invoke:\n Function: aws:autoscaling:getAmiIds\n Arguments:\n filters:\n - name: tag:Team\n values:\n - Pets\n - name: tag-key\n values:\n - Environment\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAmiIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:autoscaling/getAmiIdsFilter:getAmiIdsFilter" }, "description": "Filter used to scope the list e.g., by tags. See [related docs](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_Filter.html).\n" }, "names": { "type": "array", "items": { "type": "string" }, "description": "List of autoscaling group names\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAmiIds.\n", "properties": { "arns": { "description": "List of the Autoscaling Groups Arns in the current region.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:autoscaling/getAmiIdsFilter:getAmiIdsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "List of the Autoscaling Groups in the current region.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:autoscaling/getGroup:getGroup": { "description": "Use this data source to get information on an existing autoscaling group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.autoscaling.getGroup({\n name: \"foo\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.autoscaling.get_group(name=\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.AutoScaling.GetGroup.Invoke(new()\n {\n Name = \"foo\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/autoscaling\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := autoscaling.LookupGroup(ctx, \u0026autoscaling.LookupGroupArgs{\n\t\t\tName: \"foo\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.autoscaling.AutoscalingFunctions;\nimport com.pulumi.aws.autoscaling.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = AutoscalingFunctions.getGroup(GetGroupArgs.builder()\n .name(\"foo\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:autoscaling:getGroup\n Arguments:\n name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "name": { "type": "string", "description": "Specify the exact name of the desired autoscaling group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "arn": { "description": "ARN of the Auto Scaling group.\n", "type": "string" }, "availabilityZones": { "description": "One or more Availability Zones for the group.\n", "items": { "type": "string" }, "type": "array" }, "defaultCooldown": { "type": "integer" }, "desiredCapacity": { "description": "Desired size of the group.\n", "type": "integer" }, "desiredCapacityType": { "description": "The unit of measurement for the value returned for `desired_capacity`.\n", "type": "string" }, "enabledMetrics": { "description": "List of metrics enabled for collection.\n", "items": { "type": "string" }, "type": "array" }, "healthCheckGracePeriod": { "description": "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service.\n", "type": "integer" }, "healthCheckType": { "description": "Service to use for the health checks. The valid values are EC2 and ELB.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceMaintenancePolicies": { "description": "Instance maintenance policy for the group.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupInstanceMaintenancePolicy:getGroupInstanceMaintenancePolicy" }, "type": "array" }, "launchConfiguration": { "description": "The name of the associated launch configuration.\n", "type": "string" }, "launchTemplates": { "description": "List of launch templates along with the overrides.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupLaunchTemplate:getGroupLaunchTemplate" }, "type": "array" }, "loadBalancers": { "description": "One or more load balancers associated with the group.\n", "items": { "type": "string" }, "type": "array" }, "maxInstanceLifetime": { "description": "Maximum amount of time, in seconds, that an instance can be in service.\n", "type": "integer" }, "maxSize": { "description": "Maximum size of the group.\n", "type": "integer" }, "minSize": { "description": "Minimum number of instances to maintain in the warm pool.\n", "type": "integer" }, "mixedInstancesPolicies": { "description": "List of mixed instances policy objects for the group.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupMixedInstancesPolicy:getGroupMixedInstancesPolicy" }, "type": "array" }, "name": { "description": "Name of the Auto Scaling Group.\n", "type": "string" }, "newInstancesProtectedFromScaleIn": { "type": "boolean" }, "placementGroup": { "description": "Name of the placement group into which to launch your instances, if any. For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the Amazon Elastic Compute Cloud User Guide.\n", "type": "string" }, "predictedCapacity": { "description": "Predicted capacity of the group.\n", "type": "integer" }, "serviceLinkedRoleArn": { "description": "ARN of the service-linked role that the Auto Scaling group uses to call other AWS services on your behalf.\n", "type": "string" }, "status": { "description": "Current state of the group when DeleteAutoScalingGroup is in progress.\n", "type": "string" }, "suspendedProcesses": { "description": "List of processes suspended processes for the Auto Scaling Group.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "description": "List of tags for the group.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupTag:getGroupTag" }, "type": "array" }, "targetGroupArns": { "description": "ARNs of the target groups for your load balancer.\n", "items": { "type": "string" }, "type": "array" }, "terminationPolicies": { "description": "The termination policies for the group.\n", "items": { "type": "string" }, "type": "array" }, "trafficSources": { "description": "Traffic sources.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupTrafficSource:getGroupTrafficSource" }, "type": "array" }, "vpcZoneIdentifier": { "description": "VPC ID for the group.\n", "type": "string" }, "warmPoolSize": { "description": "Current size of the warm pool.\n", "type": "integer" }, "warmPools": { "description": "List of warm pool configuration objects.\n", "items": { "$ref": "#/types/aws:autoscaling/getGroupWarmPool:getGroupWarmPool" }, "type": "array" } }, "required": [ "arn", "availabilityZones", "defaultCooldown", "desiredCapacity", "desiredCapacityType", "enabledMetrics", "healthCheckGracePeriod", "healthCheckType", "instanceMaintenancePolicies", "launchConfiguration", "launchTemplates", "loadBalancers", "maxInstanceLifetime", "maxSize", "minSize", "mixedInstancesPolicies", "name", "newInstancesProtectedFromScaleIn", "placementGroup", "predictedCapacity", "serviceLinkedRoleArn", "status", "suspendedProcesses", "tags", "targetGroupArns", "terminationPolicies", "trafficSources", "vpcZoneIdentifier", "warmPools", "warmPoolSize", "id" ], "type": "object" } }, "aws:backup/getFramework:getFramework": { "description": "Use this data source to get information on an existing backup framework.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.backup.getFramework({\n name: \"my_example_backup_framework_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_framework(name=\"my_example_backup_framework_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Backup.GetFramework.Invoke(new()\n {\n Name = \"my_example_backup_framework_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupFramework(ctx, \u0026backup.LookupFrameworkArgs{\n\t\t\tName: \"my_example_backup_framework_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.BackupFunctions;\nimport com.pulumi.aws.backup.inputs.GetFrameworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BackupFunctions.getFramework(GetFrameworkArgs.builder()\n .name(\"my_example_backup_framework_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:backup:getFramework\n Arguments:\n name: my_example_backup_framework_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFramework.\n", "properties": { "name": { "type": "string", "description": "Backup framework name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getFramework.\n", "properties": { "arn": { "description": "ARN of the backup framework.\n", "type": "string" }, "controls": { "description": "One or more control blocks that make up the framework. Each control in the list has a name, input parameters, and scope. Detailed below.\n", "items": { "$ref": "#/types/aws:backup/getFrameworkControl:getFrameworkControl" }, "type": "array" }, "creationTime": { "description": "Date and time that a framework is created, in Unix format and Coordinated Universal Time (UTC).\n", "type": "string" }, "deploymentStatus": { "description": "Deployment status of a framework. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED`| `FAILED`.\n", "type": "string" }, "description": { "description": "Description of the framework.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of a parameter, for example, BackupPlanFrequency.\n", "type": "string" }, "status": { "description": "Framework consists of one or more controls. Each control governs a resource, such as backup plans, backup selections, backup vaults, or recovery points. You can also turn AWS Config recording on or off for each resource. The statuses are: `ACTIVE`, `PARTIALLY_ACTIVE`, `INACTIVE`, `UNAVAILABLE`. For more information refer to the [AWS documentation for Framework Status](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeFramework.html#Backup-DescribeFramework-response-FrameworkStatus)\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided.\n", "type": "object" } }, "required": [ "arn", "controls", "creationTime", "deploymentStatus", "description", "name", "status", "tags", "id" ], "type": "object" } }, "aws:backup/getPlan:getPlan": { "description": "Use this data source to get information on an existing backup plan.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.backup.getPlan({\n planId: \"my_example_backup_plan_id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_plan(plan_id=\"my_example_backup_plan_id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Backup.GetPlan.Invoke(new()\n {\n PlanId = \"my_example_backup_plan_id\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupPlan(ctx, \u0026backup.LookupPlanArgs{\n\t\t\tPlanId: \"my_example_backup_plan_id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.BackupFunctions;\nimport com.pulumi.aws.backup.inputs.GetPlanArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BackupFunctions.getPlan(GetPlanArgs.builder()\n .planId(\"my_example_backup_plan_id\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:backup:getPlan\n Arguments:\n planId: my_example_backup_plan_id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPlan.\n", "properties": { "planId": { "type": "string", "description": "Backup plan ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n" } }, "type": "object", "required": [ "planId" ] }, "outputs": { "description": "A collection of values returned by getPlan.\n", "properties": { "arn": { "description": "ARN of the backup plan.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Display name of a backup plan.\n", "type": "string" }, "planId": { "type": "string" }, "rules": { "description": "Rules of a backup plan.\n", "items": { "$ref": "#/types/aws:backup/getPlanRule:getPlanRule" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the plans you create.\n", "type": "object" }, "version": { "description": "Unique, randomly generated, Unicode, UTF-8 encoded string that serves as the version ID of the backup plan.\n", "type": "string" } }, "required": [ "arn", "name", "planId", "rules", "tags", "version", "id" ], "type": "object" } }, "aws:backup/getReportPlan:getReportPlan": { "description": "Use this data source to get information on an existing backup report plan.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.backup.getReportPlan({\n name: \"my_example_backup_report_plan_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_report_plan(name=\"my_example_backup_report_plan_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Backup.GetReportPlan.Invoke(new()\n {\n Name = \"my_example_backup_report_plan_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupReportPlan(ctx, \u0026backup.LookupReportPlanArgs{\n\t\t\tName: \"my_example_backup_report_plan_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.BackupFunctions;\nimport com.pulumi.aws.backup.inputs.GetReportPlanArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BackupFunctions.getReportPlan(GetReportPlanArgs.builder()\n .name(\"my_example_backup_report_plan_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:backup:getReportPlan\n Arguments:\n name: my_example_backup_report_plan_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReportPlan.\n", "properties": { "name": { "type": "string", "description": "Backup report plan name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getReportPlan.\n", "properties": { "arn": { "description": "ARN of the backup report plan.\n", "type": "string" }, "creationTime": { "description": "Date and time that a report plan is created, in Unix format and Coordinated Universal Time (UTC).\n", "type": "string" }, "deploymentStatus": { "description": "Deployment status of a report plan. The statuses are: `CREATE_IN_PROGRESS` | `UPDATE_IN_PROGRESS` | `DELETE_IN_PROGRESS` | `COMPLETED`.\n", "type": "string" }, "description": { "description": "Description of the report plan.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "reportDeliveryChannels": { "description": "An object that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. Detailed below.\n", "items": { "$ref": "#/types/aws:backup/getReportPlanReportDeliveryChannel:getReportPlanReportDeliveryChannel" }, "type": "array" }, "reportSettings": { "description": "An object that identifies the report template for the report. Reports are built using a report template. Detailed below.\n", "items": { "$ref": "#/types/aws:backup/getReportPlanReportSetting:getReportPlanReportSetting" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the report plans you create.\n", "type": "object" } }, "required": [ "arn", "creationTime", "deploymentStatus", "description", "name", "reportDeliveryChannels", "reportSettings", "tags", "id" ], "type": "object" } }, "aws:backup/getSelection:getSelection": { "description": "Use this data source to get information on an existing backup selection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.backup.getSelection({\n planId: exampleAwsBackupPlan.id,\n selectionId: \"selection-id-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_selection(plan_id=example_aws_backup_plan[\"id\"],\n selection_id=\"selection-id-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Backup.GetSelection.Invoke(new()\n {\n PlanId = exampleAwsBackupPlan.Id,\n SelectionId = \"selection-id-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupSelection(ctx, \u0026backup.LookupSelectionArgs{\n\t\t\tPlanId: exampleAwsBackupPlan.Id,\n\t\t\tSelectionId: \"selection-id-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.BackupFunctions;\nimport com.pulumi.aws.backup.inputs.GetSelectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BackupFunctions.getSelection(GetSelectionArgs.builder()\n .planId(exampleAwsBackupPlan.id())\n .selectionId(\"selection-id-example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:backup:getSelection\n Arguments:\n planId: ${exampleAwsBackupPlan.id}\n selectionId: selection-id-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSelection.\n", "properties": { "planId": { "type": "string", "description": "Backup plan ID associated with the selection of resources.\n" }, "selectionId": { "type": "string", "description": "Backup selection ID.\n" } }, "type": "object", "required": [ "planId", "selectionId" ] }, "outputs": { "description": "A collection of values returned by getSelection.\n", "properties": { "iamRoleArn": { "description": "ARN of the IAM role that AWS Backup uses to authenticate when restoring and backing up the target resource. See the [AWS Backup Developer Guide](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#managed-policies) for additional information about using AWS managed policies or creating custom policies attached to the IAM role.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Display name of a resource selection document.\n", "type": "string" }, "planId": { "type": "string" }, "resources": { "description": "An array of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan..\n", "items": { "type": "string" }, "type": "array" }, "selectionId": { "type": "string" } }, "required": [ "iamRoleArn", "name", "planId", "resources", "selectionId", "id" ], "type": "object" } }, "aws:backup/getVault:getVault": { "description": "Use this data source to get information on an existing backup vault.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.backup.getVault({\n name: \"example_backup_vault\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.backup.get_vault(name=\"example_backup_vault\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Backup.GetVault.Invoke(new()\n {\n Name = \"example_backup_vault\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/backup\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := backup.LookupVault(ctx, \u0026backup.LookupVaultArgs{\n\t\t\tName: \"example_backup_vault\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.backup.BackupFunctions;\nimport com.pulumi.aws.backup.inputs.GetVaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = BackupFunctions.getVault(GetVaultArgs.builder()\n .name(\"example_backup_vault\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:backup:getVault\n Arguments:\n name: example_backup_vault\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVault.\n", "properties": { "name": { "type": "string", "description": "Name of the backup vault.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getVault.\n", "properties": { "arn": { "description": "ARN of the vault.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyArn": { "description": "Server-side encryption key that is used to protect your backups.\n", "type": "string" }, "name": { "type": "string" }, "recoveryPoints": { "description": "Number of recovery points that are stored in a backup vault.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that you can assign to help organize the resources that you create.\n", "type": "object" } }, "required": [ "arn", "kmsKeyArn", "name", "recoveryPoints", "tags", "id" ], "type": "object" } }, "aws:batch/getComputeEnvironment:getComputeEnvironment": { "description": "The Batch Compute Environment data source allows access to details of a specific\ncompute environment within AWS Batch.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst batch-mongo = aws.batch.getComputeEnvironment({\n computeEnvironmentName: \"batch-mongo-production\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbatch_mongo = aws.batch.get_compute_environment(compute_environment_name=\"batch-mongo-production\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var batch_mongo = Aws.Batch.GetComputeEnvironment.Invoke(new()\n {\n ComputeEnvironmentName = \"batch-mongo-production\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupComputeEnvironment(ctx, \u0026batch.LookupComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: \"batch-mongo-production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.BatchFunctions;\nimport com.pulumi.aws.batch.inputs.GetComputeEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var batch-mongo = BatchFunctions.getComputeEnvironment(GetComputeEnvironmentArgs.builder()\n .computeEnvironmentName(\"batch-mongo-production\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n batch-mongo:\n fn::invoke:\n Function: aws:batch:getComputeEnvironment\n Arguments:\n computeEnvironmentName: batch-mongo-production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getComputeEnvironment.\n", "properties": { "computeEnvironmentName": { "type": "string", "description": "Name of the Batch Compute Environment\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "computeEnvironmentName" ] }, "outputs": { "description": "A collection of values returned by getComputeEnvironment.\n", "properties": { "arn": { "description": "ARN of the compute environment.\n", "type": "string" }, "computeEnvironmentName": { "type": "string" }, "ecsClusterArn": { "description": "ARN of the underlying Amazon ECS cluster used by the compute environment.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "serviceRole": { "description": "ARN of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.\n", "type": "string" }, "state": { "description": "State of the compute environment (for example, `ENABLED` or `DISABLED`). If the state is `ENABLED`, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.\n", "type": "string" }, "status": { "description": "Current status of the compute environment (for example, `CREATING` or `VALID`).\n", "type": "string" }, "statusReason": { "description": "Short, human-readable string to provide additional details about the current status of the compute environment.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n", "type": "object" }, "type": { "description": "Type of the compute environment (for example, `MANAGED` or `UNMANAGED`).\n", "type": "string" }, "updatePolicies": { "description": "Specifies the infrastructure update policy for the compute environment.\n", "items": { "$ref": "#/types/aws:batch/getComputeEnvironmentUpdatePolicy:getComputeEnvironmentUpdatePolicy" }, "type": "array" } }, "required": [ "arn", "computeEnvironmentName", "ecsClusterArn", "serviceRole", "state", "status", "statusReason", "tags", "type", "updatePolicies", "id" ], "type": "object" } }, "aws:batch/getJobDefinition:getJobDefinition": { "description": "Data source for managing an AWS Batch Job Definition.\n\n## Example Usage\n\n### Lookup via Arn\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst arn = aws.batch.getJobDefinition({\n arn: \"arn:aws:batch:us-east-1:012345678910:job-definition/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\narn = aws.batch.get_job_definition(arn=\"arn:aws:batch:us-east-1:012345678910:job-definition/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var arn = Aws.Batch.GetJobDefinition.Invoke(new()\n {\n Arn = \"arn:aws:batch:us-east-1:012345678910:job-definition/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupJobDefinition(ctx, \u0026batch.LookupJobDefinitionArgs{\n\t\t\tArn: pulumi.StringRef(\"arn:aws:batch:us-east-1:012345678910:job-definition/example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.BatchFunctions;\nimport com.pulumi.aws.batch.inputs.GetJobDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var arn = BatchFunctions.getJobDefinition(GetJobDefinitionArgs.builder()\n .arn(\"arn:aws:batch:us-east-1:012345678910:job-definition/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n arn:\n fn::invoke:\n Function: aws:batch:getJobDefinition\n Arguments:\n arn: arn:aws:batch:us-east-1:012345678910:job-definition/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lookup via Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst name = aws.batch.getJobDefinition({\n name: \"example\",\n revision: 2,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nname = aws.batch.get_job_definition(name=\"example\",\n revision=2)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var name = Aws.Batch.GetJobDefinition.Invoke(new()\n {\n Name = \"example\",\n Revision = 2,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupJobDefinition(ctx, \u0026batch.LookupJobDefinitionArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t\tRevision: pulumi.IntRef(2),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.BatchFunctions;\nimport com.pulumi.aws.batch.inputs.GetJobDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var name = BatchFunctions.getJobDefinition(GetJobDefinitionArgs.builder()\n .name(\"example\")\n .revision(2)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n name:\n fn::invoke:\n Function: aws:batch:getJobDefinition\n Arguments:\n name: example\n revision: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getJobDefinition.\n", "properties": { "arn": { "type": "string", "description": "ARN of the Job Definition. Do not begin the description with \"An\", \"The\", \"Defines\", \"Indicates\", or \"Specifies,\" as these are verbose. In other words, \"Indicates the amount of storage,\" can be rewritten as \"Amount of storage,\" without losing any information.\n" }, "name": { "type": "string", "description": "The name of the job definition to register. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).\n" }, "revision": { "type": "integer", "description": "The revision of the job definition.\n" }, "status": { "type": "string", "description": "The status of the job definition.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getJobDefinition.\n", "properties": { "arn": { "type": "string" }, "arnPrefix": { "type": "string" }, "containerOrchestrationType": { "description": "The orchestration type of the compute environment.\n", "type": "string" }, "eksProperties": { "description": "An object with various properties that are specific to Amazon EKS based jobs. This must not be specified for Amazon ECS based job definitions.\n", "items": { "$ref": "#/types/aws:batch/getJobDefinitionEksProperty:getJobDefinitionEksProperty" }, "type": "array" }, "id": { "description": "The ARN\n", "type": "string" }, "name": { "description": "The name of the volume.\n", "type": "string" }, "nodeProperties": { "description": "An object with various properties specific to multi-node parallel jobs. If you specify node properties for a job, it becomes a multi-node parallel job. For more information, see Multi-node Parallel Jobs in the AWS Batch User Guide. If the job definition's type parameter is container, then you must specify either containerProperties or nodeProperties.\n", "items": { "$ref": "#/types/aws:batch/getJobDefinitionNodeProperty:getJobDefinitionNodeProperty" }, "type": "array" }, "retryStrategies": { "description": "The retry strategy to use for failed jobs that are submitted with this job definition. Any retry strategy that's specified during a SubmitJob operation overrides the retry strategy defined here. If a job is terminated due to a timeout, it isn't retried.\n", "items": { "$ref": "#/types/aws:batch/getJobDefinitionRetryStrategy:getJobDefinitionRetryStrategy" }, "type": "array" }, "revision": { "type": "integer" }, "schedulingPriority": { "description": "The scheduling priority for jobs that are submitted with this job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority.\n", "type": "integer" }, "status": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "timeouts": { "description": "The timeout configuration for jobs that are submitted with this job definition, after which AWS Batch terminates your jobs if they have not finished. If a job is terminated due to a timeout, it isn't retried. The minimum value for the timeout is 60 seconds.\n", "items": { "$ref": "#/types/aws:batch/getJobDefinitionTimeout:getJobDefinitionTimeout" }, "type": "array" }, "type": { "description": "The type of resource to assign to a container. The supported resources include `GPU`, `MEMORY`, and `VCPU`.\n", "type": "string" } }, "required": [ "arnPrefix", "containerOrchestrationType", "eksProperties", "id", "nodeProperties", "retryStrategies", "schedulingPriority", "tags", "timeouts", "type" ], "type": "object" } }, "aws:batch/getJobQueue:getJobQueue": { "description": "The Batch Job Queue data source allows access to details of a specific\njob queue within AWS Batch.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test-queue = aws.batch.getJobQueue({\n name: \"tf-test-batch-job-queue\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_queue = aws.batch.get_job_queue(name=\"tf-test-batch-job-queue\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test_queue = Aws.Batch.GetJobQueue.Invoke(new()\n {\n Name = \"tf-test-batch-job-queue\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupJobQueue(ctx, \u0026batch.LookupJobQueueArgs{\n\t\t\tName: \"tf-test-batch-job-queue\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.BatchFunctions;\nimport com.pulumi.aws.batch.inputs.GetJobQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test-queue = BatchFunctions.getJobQueue(GetJobQueueArgs.builder()\n .name(\"tf-test-batch-job-queue\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test-queue:\n fn::invoke:\n Function: aws:batch:getJobQueue\n Arguments:\n name: tf-test-batch-job-queue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getJobQueue.\n", "properties": { "name": { "type": "string", "description": "Name of the job queue.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getJobQueue.\n", "properties": { "arn": { "description": "ARN of the job queue.\n", "type": "string" }, "computeEnvironmentOrders": { "description": "The compute environments that are attached to the job queue and the order in\nwhich job placement is preferred. Compute environments are selected for job placement in ascending order.\n* `compute_environment_order.#.order` - The order of the compute environment.\n* `compute_environment_order.#.compute_environment` - The ARN of the compute environment.\n", "items": { "$ref": "#/types/aws:batch/getJobQueueComputeEnvironmentOrder:getJobQueueComputeEnvironmentOrder" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "priority": { "description": "Priority of the job queue. Job queues with a higher priority are evaluated first when\nassociated with the same compute environment.\n", "type": "integer" }, "schedulingPolicyArn": { "description": "The ARN of the fair share scheduling policy. If this attribute has a value, the job queue uses a fair share scheduling policy. If this attribute does not have a value, the job queue uses a first in, first out (FIFO) scheduling policy.\n", "type": "string" }, "state": { "description": "Describes the ability of the queue to accept new jobs (for example, `ENABLED` or `DISABLED`).\n", "type": "string" }, "status": { "description": "Current status of the job queue (for example, `CREATING` or `VALID`).\n", "type": "string" }, "statusReason": { "description": "Short, human-readable string to provide additional details about the current status\nof the job queue.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n", "type": "object" } }, "required": [ "arn", "computeEnvironmentOrders", "name", "priority", "schedulingPolicyArn", "state", "status", "statusReason", "tags", "id" ], "type": "object" } }, "aws:batch/getSchedulingPolicy:getSchedulingPolicy": { "description": "The Batch Scheduling Policy data source allows access to details of a specific Scheduling Policy within AWS Batch.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.batch.getSchedulingPolicy({\n arn: \"arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.batch.get_scheduling_policy(arn=\"arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Batch.GetSchedulingPolicy.Invoke(new()\n {\n Arn = \"arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.LookupSchedulingPolicy(ctx, \u0026batch.LookupSchedulingPolicyArgs{\n\t\t\tArn: \"arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.BatchFunctions;\nimport com.pulumi.aws.batch.inputs.GetSchedulingPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BatchFunctions.getSchedulingPolicy(GetSchedulingPolicyArgs.builder()\n .arn(\"arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:batch:getSchedulingPolicy\n Arguments:\n arn: arn:aws:batch:us-east-1:012345678910:scheduling-policy/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSchedulingPolicy.\n", "properties": { "arn": { "type": "string", "description": "ARN of the scheduling policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getSchedulingPolicy.\n", "properties": { "arn": { "type": "string" }, "fairSharePolicies": { "items": { "$ref": "#/types/aws:batch/getSchedulingPolicyFairSharePolicy:getSchedulingPolicyFairSharePolicy" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the scheduling policy.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n", "type": "object" } }, "required": [ "arn", "fairSharePolicies", "name", "tags", "id" ], "type": "object" } }, "aws:bedrock/getCustomModel:getCustomModel": { "description": "Returns properties of a specific Amazon Bedrock custom model.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.bedrock.getCustomModel({\n modelId: \"arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 \",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bedrock.get_custom_model(model_id=\"arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 \")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Bedrock.GetCustomModel.Invoke(new()\n {\n ModelId = \"arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 \",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.LookupCustomModel(ctx, \u0026bedrock.LookupCustomModelArgs{\n\t\t\tModelId: \"arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 \",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.BedrockFunctions;\nimport com.pulumi.aws.bedrock.inputs.GetCustomModelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BedrockFunctions.getCustomModel(GetCustomModelArgs.builder()\n .modelId(\"arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 \")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:bedrock:getCustomModel\n Arguments:\n modelId: 'arn:aws:bedrock:us-west-2:123456789012:custom-model/amazon.titan-text-express-v1:0:8k/ly16hhi765j4 '\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCustomModel.\n", "properties": { "modelId": { "type": "string", "description": "Name or ARN of the custom model.\n" } }, "type": "object", "required": [ "modelId" ] }, "outputs": { "description": "A collection of values returned by getCustomModel.\n", "properties": { "baseModelArn": { "description": "ARN of the base model.\n", "type": "string" }, "creationTime": { "description": "Creation time of the model.\n", "type": "string" }, "hyperparameters": { "additionalProperties": { "type": "string" }, "description": "Hyperparameter values associated with this model.\n", "type": "object" }, "id": { "type": "string" }, "jobArn": { "description": "Job ARN associated with this model.\n", "type": "string" }, "jobName": { "description": "Job name associated with this model.\n", "type": "string" }, "jobTags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the fine-tuning job.\n", "type": "object" }, "modelArn": { "description": "ARN associated with this model.\n", "type": "string" }, "modelId": { "type": "string" }, "modelKmsKeyArn": { "description": "The custom model is encrypted at rest using this key.\n", "type": "string" }, "modelName": { "description": "Model name associated with this model.\n", "type": "string" }, "modelTags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the model.\n", "type": "object" }, "outputDataConfigs": { "description": "Output data configuration associated with this custom model.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelOutputDataConfig:getCustomModelOutputDataConfig" }, "type": "array" }, "trainingDataConfigs": { "description": "Information about the training dataset.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelTrainingDataConfig:getCustomModelTrainingDataConfig" }, "type": "array" }, "trainingMetrics": { "description": "Metrics associated with the customization job.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelTrainingMetric:getCustomModelTrainingMetric" }, "type": "array" }, "validationDataConfigs": { "description": "Information about the validation dataset.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelValidationDataConfig:getCustomModelValidationDataConfig" }, "type": "array" }, "validationMetrics": { "description": "The loss metric for each validator that you provided.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelValidationMetric:getCustomModelValidationMetric" }, "type": "array" } }, "required": [ "baseModelArn", "creationTime", "hyperparameters", "id", "jobArn", "jobName", "jobTags", "modelArn", "modelId", "modelKmsKeyArn", "modelName", "modelTags", "outputDataConfigs", "trainingDataConfigs", "trainingMetrics", "validationDataConfigs", "validationMetrics" ], "type": "object" } }, "aws:bedrock/getCustomModels:getCustomModels": { "description": "Returns a list of Amazon Bedrock custom models.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.bedrock.getCustomModels({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bedrock.get_custom_models()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Bedrock.GetCustomModels.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.GetCustomModels(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.BedrockFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BedrockFunctions.getCustomModels();\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:bedrock:getCustomModels\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getCustomModels.\n", "properties": { "id": { "type": "string" }, "modelSummaries": { "description": "Model summaries.\n", "items": { "$ref": "#/types/aws:bedrock/getCustomModelsModelSummary:getCustomModelsModelSummary" }, "type": "array" } }, "required": [ "id", "modelSummaries" ], "type": "object" } }, "aws:bedrockfoundation/getModel:getModel": { "description": "Data source for managing an AWS Bedrock Foundation Model.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.bedrockfoundation.getModels({});\nconst testGetModel = test.then(test =\u003e aws.bedrockfoundation.getModel({\n modelId: test.modelSummaries?.[0]?.modelId,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bedrockfoundation.get_models()\ntest_get_model = aws.bedrockfoundation.get_model(model_id=test.model_summaries[0].model_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.BedrockFoundation.GetModels.Invoke();\n\n var testGetModel = Aws.BedrockFoundation.GetModel.Invoke(new()\n {\n ModelId = test.Apply(getModelsResult =\u003e getModelsResult.ModelSummaries[0]?.ModelId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrockfoundation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := bedrockfoundation.GetModels(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = bedrockfoundation.GetModel(ctx, \u0026bedrockfoundation.GetModelArgs{\n\t\t\tModelId: test.ModelSummaries[0].ModelId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrockfoundation.BedrockfoundationFunctions;\nimport com.pulumi.aws.bedrockfoundation.inputs.GetModelsArgs;\nimport com.pulumi.aws.bedrockfoundation.inputs.GetModelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BedrockfoundationFunctions.getModels();\n\n final var testGetModel = BedrockfoundationFunctions.getModel(GetModelArgs.builder()\n .modelId(test.applyValue(getModelsResult -\u003e getModelsResult.modelSummaries()[0].modelId()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:bedrockfoundation:getModels\n Arguments: {}\n testGetModel:\n fn::invoke:\n Function: aws:bedrockfoundation:getModel\n Arguments:\n modelId: ${test.modelSummaries[0].modelId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getModel.\n", "properties": { "modelId": { "type": "string", "description": "Model identifier.\n" } }, "type": "object", "required": [ "modelId" ] }, "outputs": { "description": "A collection of values returned by getModel.\n", "properties": { "customizationsSupporteds": { "description": "Customizations that the model supports.\n", "items": { "type": "string" }, "type": "array" }, "id": { "type": "string" }, "inferenceTypesSupporteds": { "description": "Inference types that the model supports.\n", "items": { "type": "string" }, "type": "array" }, "inputModalities": { "description": "Input modalities that the model supports.\n", "items": { "type": "string" }, "type": "array" }, "modelArn": { "description": "Model ARN.\n", "type": "string" }, "modelId": { "type": "string" }, "modelName": { "description": "Model name.\n", "type": "string" }, "outputModalities": { "description": "Output modalities that the model supports.\n", "items": { "type": "string" }, "type": "array" }, "providerName": { "description": "Model provider name.\n", "type": "string" }, "responseStreamingSupported": { "description": "Indicates whether the model supports streaming.\n", "type": "boolean" } }, "required": [ "customizationsSupporteds", "id", "inferenceTypesSupporteds", "inputModalities", "modelArn", "modelId", "modelName", "outputModalities", "providerName", "responseStreamingSupported" ], "type": "object" } }, "aws:bedrockfoundation/getModels:getModels": { "description": "Data source for managing AWS Bedrock Foundation Models.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.bedrockfoundation.getModels({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bedrockfoundation.get_models()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.BedrockFoundation.GetModels.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrockfoundation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrockfoundation.GetModels(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrockfoundation.BedrockfoundationFunctions;\nimport com.pulumi.aws.bedrockfoundation.inputs.GetModelsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BedrockfoundationFunctions.getModels();\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:bedrockfoundation:getModels\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by Inference Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.bedrockfoundation.getModels({\n byInferenceType: \"ON_DEMAND\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.bedrockfoundation.get_models(by_inference_type=\"ON_DEMAND\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.BedrockFoundation.GetModels.Invoke(new()\n {\n ByInferenceType = \"ON_DEMAND\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/bedrockfoundation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrockfoundation.GetModels(ctx, \u0026bedrockfoundation.GetModelsArgs{\n\t\t\tByInferenceType: pulumi.StringRef(\"ON_DEMAND\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrockfoundation.BedrockfoundationFunctions;\nimport com.pulumi.aws.bedrockfoundation.inputs.GetModelsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BedrockfoundationFunctions.getModels(GetModelsArgs.builder()\n .byInferenceType(\"ON_DEMAND\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:bedrockfoundation:getModels\n Arguments:\n byInferenceType: ON_DEMAND\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getModels.\n", "properties": { "byCustomizationType": { "type": "string", "description": "Customization type to filter on. Valid values are `FINE_TUNING`.\n" }, "byInferenceType": { "type": "string", "description": "Inference type to filter on. Valid values are `ON_DEMAND` and `PROVISIONED`.\n" }, "byOutputModality": { "type": "string", "description": "Output modality to filter on. Valid values are `TEXT`, `IMAGE`, and `EMBEDDING`.\n" }, "byProvider": { "type": "string", "description": "Model provider to filter on.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getModels.\n", "properties": { "byCustomizationType": { "type": "string" }, "byInferenceType": { "type": "string" }, "byOutputModality": { "type": "string" }, "byProvider": { "type": "string" }, "id": { "description": "AWS region.\n", "type": "string" }, "modelSummaries": { "description": "List of model summary objects. See `model_summaries`.\n", "items": { "$ref": "#/types/aws:bedrockfoundation/getModelsModelSummary:getModelsModelSummary" }, "type": "array" } }, "required": [ "id", "modelSummaries" ], "type": "object" } }, "aws:budgets/getBudget:getBudget": { "description": "Data source for managing an AWS Web Services Budgets Budget.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.budgets.getBudget({\n name: testAwsBudgetsBudget.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.budgets.get_budget(name=test_aws_budgets_budget[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Budgets.GetBudget.Invoke(new()\n {\n Name = testAwsBudgetsBudget.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.LookupBudget(ctx, \u0026budgets.LookupBudgetArgs{\n\t\t\tName: testAwsBudgetsBudget.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.BudgetsFunctions;\nimport com.pulumi.aws.budgets.inputs.GetBudgetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = BudgetsFunctions.getBudget(GetBudgetArgs.builder()\n .name(testAwsBudgetsBudget.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:budgets:getBudget\n Arguments:\n name: ${testAwsBudgetsBudget.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBudget.\n", "properties": { "accountId": { "type": "string", "description": "The ID of the target account for budget. Will use current user's account_id by default if omitted.\n" }, "name": { "type": "string", "description": "The name of a budget. Unique within accounts.\n\nThe following arguments are optional:\n" }, "namePrefix": { "type": "string", "description": "The prefix of the name of a budget. Unique within accounts.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getBudget.\n", "properties": { "accountId": { "type": "string" }, "arn": { "type": "string" }, "autoAdjustDatas": { "description": "Object containing [AutoAdjustData] which determines the budget amount for an auto-adjusting budget.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetAutoAdjustData:getBudgetAutoAdjustData" }, "type": "array" }, "budgetExceeded": { "description": "Boolean indicating whether this budget has been exceeded.\n", "type": "boolean" }, "budgetLimits": { "description": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget. Contains object Spend.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetBudgetLimit:getBudgetBudgetLimit" }, "type": "array" }, "budgetType": { "description": "Whether this budget tracks monetary cost or usage.\n", "type": "string" }, "calculatedSpends": { "description": "The spend objects that are associated with this budget. The actualSpend tracks how much you've used, cost, usage, RI units, or Savings Plans units and the forecastedSpend tracks how much that you're predicted to spend based on your historical usage profile.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetCalculatedSpend:getBudgetCalculatedSpend" }, "type": "array" }, "costFilters": { "description": "A list of CostFilter name/values pair to apply to budget.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetCostFilter:getBudgetCostFilter" }, "type": "array" }, "costTypes": { "description": "Object containing CostTypes The types of cost included in a budget, such as tax and subscriptions.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetCostType:getBudgetCostType" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "namePrefix": { "type": "string" }, "notifications": { "description": "Object containing Budget Notifications. Can be used multiple times to define more than one budget notification.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetNotification:getBudgetNotification" }, "type": "array" }, "plannedLimits": { "description": "Object containing Planned Budget Limits. Can be used multiple times to plan more than one budget limit. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation.\n", "items": { "$ref": "#/types/aws:budgets/getBudgetPlannedLimit:getBudgetPlannedLimit" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" }, "timePeriodEnd": { "description": "The end of the time period covered by the budget. There are no restrictions on the end date. Format: `2017-01-01_12:00`.\n", "type": "string" }, "timePeriodStart": { "description": "The start of the time period covered by the budget. If you don't specify a start date, AWS defaults to the start of your chosen time period. The start date must come before the end date. Format: `2017-01-01_12:00`.\n", "type": "string" }, "timeUnit": { "description": "The length of time until a budget resets the actual and forecasted spend. Valid values: `MONTHLY`, `QUARTERLY`, `ANNUALLY`, and `DAILY`.\n", "type": "string" } }, "required": [ "accountId", "arn", "autoAdjustDatas", "budgetExceeded", "budgetLimits", "budgetType", "calculatedSpends", "costFilters", "costTypes", "name", "notifications", "plannedLimits", "tags", "timePeriodEnd", "timePeriodStart", "timeUnit", "id" ], "type": "object" } }, "aws:chatbot/getSlackWorkspace:getSlackWorkspace": { "description": "Data source for managing an AWS Chatbot Slack Workspace.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.chatbot.getSlackWorkspace({\n slackTeamName: \"abc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.chatbot.get_slack_workspace(slack_team_name=\"abc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Chatbot.GetSlackWorkspace.Invoke(new()\n {\n SlackTeamName = \"abc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chatbot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chatbot.GetSlackWorkspace(ctx, \u0026chatbot.GetSlackWorkspaceArgs{\n\t\t\tSlackTeamName: \"abc\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chatbot.ChatbotFunctions;\nimport com.pulumi.aws.chatbot.inputs.GetSlackWorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ChatbotFunctions.getSlackWorkspace(GetSlackWorkspaceArgs.builder()\n .slackTeamName(\"abc\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:chatbot:getSlackWorkspace\n Arguments:\n slackTeamName: abc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSlackWorkspace.\n", "properties": { "slackTeamName": { "type": "string", "description": "Slack workspace name configured with AWS Chatbot.\n" } }, "type": "object", "required": [ "slackTeamName" ] }, "outputs": { "description": "A collection of values returned by getSlackWorkspace.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "slackTeamId": { "description": "ID of the Slack Workspace assigned by AWS Chatbot.\n", "type": "string" }, "slackTeamName": { "type": "string" } }, "required": [ "slackTeamId", "slackTeamName", "id" ], "type": "object" } }, "aws:cloudcontrol/getResource:getResource": { "description": "Provides details for a Cloud Control API Resource. The reading of these resources is proxied through Cloud Control API handlers to the backend service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudcontrol.getResource({\n identifier: \"example\",\n typeName: \"AWS::ECS::Cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudcontrol.get_resource(identifier=\"example\",\n type_name=\"AWS::ECS::Cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudControl.GetResource.Invoke(new()\n {\n Identifier = \"example\",\n TypeName = \"AWS::ECS::Cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudcontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudcontrol.LookupResource(ctx, \u0026cloudcontrol.LookupResourceArgs{\n\t\t\tIdentifier: \"example\",\n\t\t\tTypeName: \"AWS::ECS::Cluster\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudcontrol.CloudcontrolFunctions;\nimport com.pulumi.aws.cloudcontrol.inputs.GetResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudcontrolFunctions.getResource(GetResourceArgs.builder()\n .identifier(\"example\")\n .typeName(\"AWS::ECS::Cluster\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudcontrol:getResource\n Arguments:\n identifier: example\n typeName: AWS::ECS::Cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResource.\n", "properties": { "identifier": { "type": "string", "description": "Identifier of the CloudFormation resource type. For example, `vpc-12345678`.\n" }, "roleArn": { "type": "string", "description": "ARN of the IAM Role to assume for operations.\n" }, "typeName": { "type": "string", "description": "CloudFormation resource type name. For example, `AWS::EC2::VPC`.\n\nThe following arguments are optional:\n" }, "typeVersionId": { "type": "string", "description": "Identifier of the CloudFormation resource type version.\n" } }, "type": "object", "required": [ "identifier", "typeName" ] }, "outputs": { "description": "A collection of values returned by getResource.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identifier": { "type": "string" }, "properties": { "description": "JSON string matching the CloudFormation resource type schema with current configuration.\n", "type": "string" }, "roleArn": { "type": "string" }, "typeName": { "type": "string" }, "typeVersionId": { "type": "string" } }, "required": [ "identifier", "properties", "typeName", "id" ], "type": "object" } }, "aws:cloudformation/getCloudFormationType:getCloudFormationType": { "description": "Provides details about a CloudFormation Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudformation.getCloudFormationType({\n type: \"RESOURCE\",\n typeName: \"AWS::Athena::WorkGroup\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudformation.get_cloud_formation_type(type=\"RESOURCE\",\n type_name=\"AWS::Athena::WorkGroup\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFormation.GetCloudFormationType.Invoke(new()\n {\n Type = \"RESOURCE\",\n TypeName = \"AWS::Athena::WorkGroup\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudformation.LookupCloudFormationType(ctx, \u0026cloudformation.LookupCloudFormationTypeArgs{\n\t\t\tType: pulumi.StringRef(\"RESOURCE\"),\n\t\t\tTypeName: pulumi.StringRef(\"AWS::Athena::WorkGroup\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.CloudformationFunctions;\nimport com.pulumi.aws.cloudformation.inputs.GetCloudFormationTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudformationFunctions.getCloudFormationType(GetCloudFormationTypeArgs.builder()\n .type(\"RESOURCE\")\n .typeName(\"AWS::Athena::WorkGroup\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudformation:getCloudFormationType\n Arguments:\n type: RESOURCE\n typeName: AWS::Athena::WorkGroup\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCloudFormationType.\n", "properties": { "arn": { "type": "string", "description": "ARN of the CloudFormation Type. For example, `arn:aws:cloudformation:us-west-2::type/resource/AWS-EC2-VPC`.\n" }, "type": { "type": "string", "description": "CloudFormation Registry Type. For example, `RESOURCE`.\n" }, "typeName": { "type": "string", "description": "CloudFormation Type name. For example, `AWS::EC2::VPC`.\n" }, "versionId": { "type": "string", "description": "Identifier of the CloudFormation Type version.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCloudFormationType.\n", "properties": { "arn": { "type": "string" }, "defaultVersionId": { "description": "Identifier of the CloudFormation Type default version.\n", "type": "string" }, "deprecatedStatus": { "description": "Deprecation status of the CloudFormation Type.\n", "type": "string" }, "description": { "description": "Description of the CloudFormation Type.\n", "type": "string" }, "documentationUrl": { "description": "URL of the documentation for the CloudFormation Type.\n", "type": "string" }, "executionRoleArn": { "description": "ARN of the IAM Role used to register the CloudFormation Type.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "isDefaultVersion": { "description": "Whether the CloudFormation Type version is the default version.\n", "type": "boolean" }, "loggingConfigs": { "description": "List of objects containing logging configuration.\n", "items": { "$ref": "#/types/aws:cloudformation/getCloudFormationTypeLoggingConfig:getCloudFormationTypeLoggingConfig" }, "type": "array" }, "provisioningType": { "description": "Provisioning behavior of the CloudFormation Type.\n", "type": "string" }, "schema": { "description": "JSON document of the CloudFormation Type schema.\n", "type": "string" }, "sourceUrl": { "description": "URL of the source code for the CloudFormation Type.\n", "type": "string" }, "type": { "type": "string" }, "typeArn": { "type": "string" }, "typeName": { "type": "string" }, "versionId": { "type": "string" }, "visibility": { "description": "Scope of the CloudFormation Type.\n", "type": "string" } }, "required": [ "arn", "defaultVersionId", "deprecatedStatus", "description", "documentationUrl", "executionRoleArn", "isDefaultVersion", "loggingConfigs", "provisioningType", "schema", "sourceUrl", "type", "typeArn", "typeName", "visibility", "id" ], "type": "object" } }, "aws:cloudformation/getExport:getExport": { "description": "The CloudFormation Export data source allows access to stack\nexports specified in the [Output](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html) section of the Cloudformation Template using the optional Export Property.\n\n \u003e Note: If you are trying to use a value from a Cloudformation Stack in the same deployment please use normal interpolation or Cloudformation Outputs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst subnetId = aws.cloudformation.getExport({\n name: \"mySubnetIdExportName\",\n});\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-abb07bcb\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n subnetId: subnetId.then(subnetId =\u003e subnetId.value),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsubnet_id = aws.cloudformation.get_export(name=\"mySubnetIdExportName\")\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-abb07bcb\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n subnet_id=subnet_id.value)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var subnetId = Aws.CloudFormation.GetExport.Invoke(new()\n {\n Name = \"mySubnetIdExportName\",\n });\n\n var web = new Aws.Ec2.Instance(\"web\", new()\n {\n Ami = \"ami-abb07bcb\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n SubnetId = subnetId.Apply(getExportResult =\u003e getExportResult.Value),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsubnetId, err := cloudformation.GetExport(ctx, \u0026cloudformation.GetExportArgs{\n\t\t\tName: \"mySubnetIdExportName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-abb07bcb\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tSubnetId: pulumi.String(subnetId.Value),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.CloudformationFunctions;\nimport com.pulumi.aws.cloudformation.inputs.GetExportArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var subnetId = CloudformationFunctions.getExport(GetExportArgs.builder()\n .name(\"mySubnetIdExportName\")\n .build());\n\n var web = new Instance(\"web\", InstanceArgs.builder()\n .ami(\"ami-abb07bcb\")\n .instanceType(\"t2.micro\")\n .subnetId(subnetId.applyValue(getExportResult -\u003e getExportResult.value()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n web:\n type: aws:ec2:Instance\n properties:\n ami: ami-abb07bcb\n instanceType: t2.micro\n subnetId: ${subnetId.value}\nvariables:\n subnetId:\n fn::invoke:\n Function: aws:cloudformation:getExport\n Arguments:\n name: mySubnetIdExportName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getExport.\n", "properties": { "name": { "type": "string", "description": "Name of the export as it appears in the console or from [list-exports](http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html)\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getExport.\n", "properties": { "exportingStackId": { "description": "ARN of stack that contains the exported output name and value.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "value": { "description": "Value from Cloudformation export identified by the export name found from [list-exports](http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html)\n", "type": "string" } }, "required": [ "exportingStackId", "name", "value", "id" ], "type": "object" } }, "aws:cloudformation/getStack:getStack": { "description": "The CloudFormation Stack data source allows access to stack\noutputs and other useful data including the template body.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = aws.cloudformation.getStack({\n name: \"my-network-stack\",\n});\nconst web = new aws.ec2.Instance(\"web\", {\n ami: \"ami-abb07bcb\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n subnetId: network.then(network =\u003e network.outputs?.SubnetId),\n tags: {\n Name: \"HelloWorld\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.get_stack(name=\"my-network-stack\")\nweb = aws.ec2.Instance(\"web\",\n ami=\"ami-abb07bcb\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n subnet_id=network.outputs[\"SubnetId\"],\n tags={\n \"Name\": \"HelloWorld\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = Aws.CloudFormation.GetStack.Invoke(new()\n {\n Name = \"my-network-stack\",\n });\n\n var web = new Aws.Ec2.Instance(\"web\", new()\n {\n Ami = \"ami-abb07bcb\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n SubnetId = network.Apply(getStackResult =\u003e getStackResult.Outputs?.SubnetId),\n Tags = \n {\n { \"Name\", \"HelloWorld\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := cloudformation.LookupStack(ctx, \u0026cloudformation.LookupStackArgs{\n\t\t\tName: \"my-network-stack\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"web\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-abb07bcb\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tSubnetId: pulumi.String(network.Outputs.SubnetId),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"HelloWorld\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.CloudformationFunctions;\nimport com.pulumi.aws.cloudformation.inputs.GetStackArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var network = CloudformationFunctions.getStack(GetStackArgs.builder()\n .name(\"my-network-stack\")\n .build());\n\n var web = new Instance(\"web\", InstanceArgs.builder()\n .ami(\"ami-abb07bcb\")\n .instanceType(\"t2.micro\")\n .subnetId(network.applyValue(getStackResult -\u003e getStackResult.outputs().SubnetId()))\n .tags(Map.of(\"Name\", \"HelloWorld\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n web:\n type: aws:ec2:Instance\n properties:\n ami: ami-abb07bcb\n instanceType: t2.micro\n subnetId: ${network.outputs.SubnetId}\n tags:\n Name: HelloWorld\nvariables:\n network:\n fn::invoke:\n Function: aws:cloudformation:getStack\n Arguments:\n name: my-network-stack\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStack.\n", "properties": { "name": { "type": "string", "description": "Name of the stack\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags associated with this stack.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStack.\n", "properties": { "capabilities": { "description": "List of capabilities\n", "items": { "type": "string" }, "type": "array" }, "description": { "description": "Description of the stack\n", "type": "string" }, "disableRollback": { "description": "Whether the rollback of the stack is disabled when stack creation fails\n", "type": "boolean" }, "iamRoleArn": { "description": "ARN of the IAM role used to create the stack.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "notificationArns": { "description": "List of SNS topic ARNs to publish stack related events\n", "items": { "type": "string" }, "type": "array" }, "outputs": { "additionalProperties": { "type": "string" }, "description": "Map of outputs from the stack.\n", "type": "object" }, "parameters": { "additionalProperties": { "type": "string" }, "description": "Map of parameters that specify input parameters for the stack.\n", "type": "object" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags associated with this stack.\n", "type": "object" }, "templateBody": { "description": "Structure containing the template body.\n", "type": "string" }, "timeoutInMinutes": { "description": "Amount of time that can pass before the stack status becomes `CREATE_FAILED`\n", "type": "integer" } }, "required": [ "capabilities", "description", "disableRollback", "iamRoleArn", "name", "notificationArns", "outputs", "parameters", "tags", "templateBody", "timeoutInMinutes", "id" ], "type": "object" } }, "aws:cloudfront/getCachePolicy:getCachePolicy": { "description": "Use this data source to retrieve information about a CloudFront cache policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getCachePolicy({\n name: \"example-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_cache_policy(name=\"example-policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetCachePolicy.Invoke(new()\n {\n Name = \"example-policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupCachePolicy(ctx, \u0026cloudfront.LookupCachePolicyArgs{\n\t\t\tName: pulumi.StringRef(\"example-policy\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetCachePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getCachePolicy(GetCachePolicyArgs.builder()\n .name(\"example-policy\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getCachePolicy\n Arguments:\n name: example-policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS-Managed Policies\n\nAWS managed cache policy names are prefixed with `Managed-`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getCachePolicy({\n name: \"Managed-CachingOptimized\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_cache_policy(name=\"Managed-CachingOptimized\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetCachePolicy.Invoke(new()\n {\n Name = \"Managed-CachingOptimized\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupCachePolicy(ctx, \u0026cloudfront.LookupCachePolicyArgs{\n\t\t\tName: pulumi.StringRef(\"Managed-CachingOptimized\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetCachePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getCachePolicy(GetCachePolicyArgs.builder()\n .name(\"Managed-CachingOptimized\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getCachePolicy\n Arguments:\n name: Managed-CachingOptimized\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCachePolicy.\n", "properties": { "id": { "type": "string", "description": "Identifier for the cache policy.\n" }, "name": { "type": "string", "description": "Unique name to identify the cache policy.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCachePolicy.\n", "properties": { "comment": { "description": "Comment to describe the cache policy.\n", "type": "string" }, "defaultTtl": { "description": "Default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n", "type": "integer" }, "etag": { "description": "Current version of the cache policy.\n", "type": "string" }, "id": { "type": "string" }, "maxTtl": { "description": "Maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n", "type": "integer" }, "minTtl": { "description": "Minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated.\n", "type": "integer" }, "name": { "type": "string" }, "parametersInCacheKeyAndForwardedToOrigins": { "description": "The HTTP headers, cookies, and URL query strings to include in the cache key. See Parameters In Cache Key And Forwarded To Origin for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getCachePolicyParametersInCacheKeyAndForwardedToOrigin:getCachePolicyParametersInCacheKeyAndForwardedToOrigin" }, "type": "array" } }, "required": [ "comment", "defaultTtl", "etag", "maxTtl", "minTtl", "parametersInCacheKeyAndForwardedToOrigins" ], "type": "object" } }, "aws:cloudfront/getDistribution:getDistribution": { "description": "Use this data source to retrieve information about a CloudFront distribution.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.cloudfront.getDistribution({\n id: \"EDFDVBD632BHDS5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudfront.get_distribution(id=\"EDFDVBD632BHDS5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CloudFront.GetDistribution.Invoke(new()\n {\n Id = \"EDFDVBD632BHDS5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupDistribution(ctx, \u0026cloudfront.LookupDistributionArgs{\n\t\t\tId: \"EDFDVBD632BHDS5\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetDistributionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CloudfrontFunctions.getDistribution(GetDistributionArgs.builder()\n .id(\"EDFDVBD632BHDS5\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:cloudfront:getDistribution\n Arguments:\n id: EDFDVBD632BHDS5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDistribution.\n", "properties": { "id": { "type": "string", "description": "Identifier for the distribution. For example: `EDFDVBD632BHDS5`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getDistribution.\n", "properties": { "aliases": { "description": "List that contains information about CNAMEs (alternate domain names), if any, for this distribution.\n", "items": { "type": "string" }, "type": "array" }, "arn": { "description": "ARN (Amazon Resource Name) for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.\n", "type": "string" }, "domainName": { "description": "Domain name corresponding to the distribution. For\nexample: `d604721fxaaqy9.cloudfront.net`.\n", "type": "string" }, "enabled": { "type": "boolean" }, "etag": { "description": "Current version of the distribution's information. For example:\n`E2QWRUHAPOMQZL`.\n", "type": "string" }, "hostedZoneId": { "description": "CloudFront Route 53 zone ID that can be used to\nroute an [Alias Resource Record Set][7] to. This attribute is simply an\nalias for the zone ID `Z2FDTNDATAQYW2`.\n", "type": "string" }, "id": { "description": "Identifier for the distribution. For example: `EDFDVBD632BHDS5`.\n", "type": "string" }, "inProgressValidationBatches": { "description": "The number of invalidation batches\ncurrently in progress.\n", "type": "integer" }, "lastModifiedTime": { "description": "Date and time the distribution was last modified.\n", "type": "string" }, "status": { "description": "Current status of the distribution. `Deployed` if the\ndistribution's information is fully propagated throughout the Amazon\nCloudFront system.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "webAclId": { "description": "AWS WAF web ACL associated with this distribution.\n", "type": "string" } }, "required": [ "aliases", "arn", "domainName", "enabled", "etag", "hostedZoneId", "id", "inProgressValidationBatches", "lastModifiedTime", "status", "tags", "webAclId" ], "type": "object" } }, "aws:cloudfront/getFunction:getFunction": { "description": "Provides information about a CloudFront Function.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst functionName = config.require(\"functionName\");\nconst existing = aws.cloudfront.getFunction({\n name: functionName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfunction_name = config.require(\"functionName\")\nexisting = aws.cloudfront.get_function(name=function_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var functionName = config.Require(\"functionName\");\n var existing = Aws.CloudFront.GetFunction.Invoke(new()\n {\n Name = functionName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tfunctionName := cfg.Require(\"functionName\")\n\t\t_, err := cloudfront.LookupFunction(ctx, \u0026cloudfront.LookupFunctionArgs{\n\t\t\tName: functionName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetFunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var functionName = config.get(\"functionName\");\n final var existing = CloudfrontFunctions.getFunction(GetFunctionArgs.builder()\n .name(functionName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n functionName:\n type: string\nvariables:\n existing:\n fn::invoke:\n Function: aws:cloudfront:getFunction\n Arguments:\n name: ${functionName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFunction.\n", "properties": { "name": { "type": "string", "description": "Name of the CloudFront function.\n" }, "stage": { "type": "string", "description": "Function’s stage, either `DEVELOPMENT` or `LIVE`.\n" } }, "type": "object", "required": [ "name", "stage" ] }, "outputs": { "description": "A collection of values returned by getFunction.\n", "properties": { "arn": { "description": "ARN identifying your CloudFront Function.\n", "type": "string" }, "code": { "description": "Source code of the function\n", "type": "string" }, "comment": { "description": "Comment.\n", "type": "string" }, "etag": { "description": "ETag hash of the function\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyValueStoreAssociations": { "description": "List of `aws.cloudfront.KeyValueStore` ARNs associated to the function.\n", "items": { "type": "string" }, "type": "array" }, "lastModifiedTime": { "description": "When this resource was last modified.\n", "type": "string" }, "name": { "type": "string" }, "runtime": { "description": "Identifier of the function's runtime.\n", "type": "string" }, "stage": { "type": "string" }, "status": { "description": "Status of the function. Can be `UNPUBLISHED`, `UNASSOCIATED` or `ASSOCIATED`.\n", "type": "string" } }, "required": [ "arn", "code", "comment", "etag", "keyValueStoreAssociations", "lastModifiedTime", "name", "runtime", "stage", "status", "id" ], "type": "object" } }, "aws:cloudfront/getLogDeliveryCanonicalUserId:getLogDeliveryCanonicalUserId": { "description": "The CloudFront Log Delivery Canonical User ID data source allows access to the [canonical user ID](http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html) of the AWS `awslogsdelivery` account for CloudFront bucket logging.\nSee the [Amazon CloudFront Developer Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getLogDeliveryCanonicalUserId({});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n accessControlPolicy: {\n grants: [{\n grantee: {\n id: example.then(example =\u003e example.id),\n type: \"CanonicalUser\",\n },\n permission: \"FULL_CONTROL\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_log_delivery_canonical_user_id()\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n access_control_policy={\n \"grants\": [{\n \"grantee\": {\n \"id\": example.id,\n \"type\": \"CanonicalUser\",\n },\n \"permission\": \"FULL_CONTROL\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetLogDeliveryCanonicalUserId.Invoke();\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs\n {\n Grants = new[]\n {\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Id = example.Apply(getLogDeliveryCanonicalUserIdResult =\u003e getLogDeliveryCanonicalUserIdResult.Id),\n Type = \"CanonicalUser\",\n },\n Permission = \"FULL_CONTROL\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudfront.GetLogDeliveryCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tAccessControlPolicy: \u0026s3.BucketAclV2AccessControlPolicyArgs{\n\t\t\t\tGrants: s3.BucketAclV2AccessControlPolicyGrantArray{\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tId: pulumi.String(example.Id),\n\t\t\t\t\t\t\tType: pulumi.String(\"CanonicalUser\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"FULL_CONTROL\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetLogDeliveryCanonicalUserIdArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getLogDeliveryCanonicalUserId();\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"example\")\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder()\n .bucket(exampleBucketV2.id())\n .accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()\n .grants(BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .id(example.applyValue(getLogDeliveryCanonicalUserIdResult -\u003e getLogDeliveryCanonicalUserIdResult.id()))\n .type(\"CanonicalUser\")\n .build())\n .permission(\"FULL_CONTROL\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n accessControlPolicy:\n grants:\n - grantee:\n id: ${example.id}\n type: CanonicalUser\n permission: FULL_CONTROL\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getLogDeliveryCanonicalUserId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLogDeliveryCanonicalUserId.\n", "properties": { "region": { "type": "string", "description": "Region you'd like the zone for. By default, fetches the current region.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLogDeliveryCanonicalUserId.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:cloudfront/getOriginAccessControl:getOriginAccessControl": { "description": "Use this data source to retrieve information for an Amazon CloudFront origin access control config.\n\n## Example Usage\n\nThe below example retrieves a CloudFront origin access control config.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getOriginAccessIdentity({\n id: \"E2T5VTFBZJ3BJB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_origin_access_identity(id=\"E2T5VTFBZJ3BJB\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetOriginAccessIdentity.Invoke(new()\n {\n Id = \"E2T5VTFBZJ3BJB\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupOriginAccessIdentity(ctx, \u0026cloudfront.LookupOriginAccessIdentityArgs{\n\t\t\tId: \"E2T5VTFBZJ3BJB\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginAccessIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getOriginAccessIdentity(GetOriginAccessIdentityArgs.builder()\n .id(\"E2T5VTFBZJ3BJB\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getOriginAccessIdentity\n Arguments:\n id: E2T5VTFBZJ3BJB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOriginAccessControl.\n", "properties": { "id": { "type": "string", "description": "The identifier for the origin access control settings. For example: `E2T5VTFBZJ3BJB`.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getOriginAccessControl.\n", "properties": { "description": { "description": "A description of the origin access control.\n", "type": "string" }, "etag": { "description": "Current version of the origin access control's information. For example: `E2QWRUHAPOMQZL`.\n", "type": "string" }, "id": { "type": "string" }, "name": { "description": "A name to identify the origin access control.\n", "type": "string" }, "originAccessControlOriginType": { "description": "The type of origin that this origin access control is for.\n", "type": "string" }, "signingBehavior": { "description": "Specifies which requests CloudFront signs.\n", "type": "string" }, "signingProtocol": { "description": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests.\n", "type": "string" } }, "required": [ "description", "etag", "id", "name", "originAccessControlOriginType", "signingBehavior", "signingProtocol" ], "type": "object" } }, "aws:cloudfront/getOriginAccessIdentities:getOriginAccessIdentities": { "description": "Use this data source to get ARNs, ids and S3 canonical user IDs of Amazon CloudFront origin access identities.\n\n## Example Usage\n\n### All origin access identities in the account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getOriginAccessIdentities({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_origin_access_identities()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetOriginAccessIdentities.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.GetOriginAccessIdentities(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginAccessIdentitiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getOriginAccessIdentities();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getOriginAccessIdentities\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Origin access identities filtered by comment/name\n\nOrigin access identities whose comments are `example-comment1`, `example-comment2`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getOriginAccessIdentities({\n comments: [\n \"example-comment1\",\n \"example-comment2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_origin_access_identities(comments=[\n \"example-comment1\",\n \"example-comment2\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetOriginAccessIdentities.Invoke(new()\n {\n Comments = new[]\n {\n \"example-comment1\",\n \"example-comment2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.GetOriginAccessIdentities(ctx, \u0026cloudfront.GetOriginAccessIdentitiesArgs{\n\t\t\tComments: []string{\n\t\t\t\t\"example-comment1\",\n\t\t\t\t\"example-comment2\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginAccessIdentitiesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getOriginAccessIdentities(GetOriginAccessIdentitiesArgs.builder()\n .comments( \n \"example-comment1\",\n \"example-comment2\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getOriginAccessIdentities\n Arguments:\n comments:\n - example-comment1\n - example-comment2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOriginAccessIdentities.\n", "properties": { "comments": { "type": "array", "items": { "type": "string" }, "description": "Filter origin access identities by comment.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOriginAccessIdentities.\n", "properties": { "comments": { "items": { "type": "string" }, "type": "array" }, "iamArns": { "description": "Set of ARNs of the matched origin access identities.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of ids of the matched origin access identities.\n", "items": { "type": "string" }, "type": "array" }, "s3CanonicalUserIds": { "description": "Set of S3 canonical user IDs of the matched origin access identities.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "iamArns", "ids", "s3CanonicalUserIds", "id" ], "type": "object" } }, "aws:cloudfront/getOriginAccessIdentity:getOriginAccessIdentity": { "description": "Use this data source to retrieve information for an Amazon CloudFront origin access identity.\n\n## Example Usage\n\nThe following example below creates a CloudFront origin access identity.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getOriginAccessIdentity({\n id: \"E1ZAKK699EOLAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_origin_access_identity(id=\"E1ZAKK699EOLAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetOriginAccessIdentity.Invoke(new()\n {\n Id = \"E1ZAKK699EOLAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupOriginAccessIdentity(ctx, \u0026cloudfront.LookupOriginAccessIdentityArgs{\n\t\t\tId: \"E1ZAKK699EOLAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginAccessIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getOriginAccessIdentity(GetOriginAccessIdentityArgs.builder()\n .id(\"E1ZAKK699EOLAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getOriginAccessIdentity\n Arguments:\n id: E1ZAKK699EOLAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOriginAccessIdentity.\n", "properties": { "id": { "type": "string", "description": "The identifier for the origin access identity. For example: `E1ZAKK699EOLAL`.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getOriginAccessIdentity.\n", "properties": { "callerReference": { "description": "Internal value used by CloudFront to allow future\nupdates to the origin access identity.\n", "type": "string" }, "cloudfrontAccessIdentityPath": { "description": "A shortcut to the full path for the\norigin access identity to use in CloudFront, see below.\n", "type": "string" }, "comment": { "description": "An optional comment for the origin access identity.\n", "type": "string" }, "etag": { "description": "Current version of the origin access identity's information.\nFor example: `E2QWRUHAPOMQZL`.\n", "type": "string" }, "iamArn": { "description": "Pre-generated ARN for use in S3 bucket policies (see below).\nExample: `arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity\nE2QWRUHAPOMQZL`.\n", "type": "string" }, "id": { "type": "string" }, "s3CanonicalUserId": { "description": "The Amazon S3 canonical user ID for the origin\naccess identity, which you use when giving the origin access identity read\npermission to an object in Amazon S3.\n", "type": "string" } }, "required": [ "callerReference", "cloudfrontAccessIdentityPath", "comment", "etag", "iamArn", "id", "s3CanonicalUserId" ], "type": "object" } }, "aws:cloudfront/getOriginRequestPolicy:getOriginRequestPolicy": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getOriginRequestPolicy({\n name: \"example-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_origin_request_policy(name=\"example-policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetOriginRequestPolicy.Invoke(new()\n {\n Name = \"example-policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupOriginRequestPolicy(ctx, \u0026cloudfront.LookupOriginRequestPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"example-policy\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginRequestPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getOriginRequestPolicy(GetOriginRequestPolicyArgs.builder()\n .name(\"example-policy\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getOriginRequestPolicy\n Arguments:\n name: example-policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS-Managed Policies\n\nAWS managed origin request policy names are prefixed with `Managed-`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst uaReferer = aws.cloudfront.getOriginRequestPolicy({\n name: \"Managed-UserAgentRefererHeaders\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nua_referer = aws.cloudfront.get_origin_request_policy(name=\"Managed-UserAgentRefererHeaders\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var uaReferer = Aws.CloudFront.GetOriginRequestPolicy.Invoke(new()\n {\n Name = \"Managed-UserAgentRefererHeaders\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupOriginRequestPolicy(ctx, \u0026cloudfront.LookupOriginRequestPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"Managed-UserAgentRefererHeaders\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetOriginRequestPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var uaReferer = CloudfrontFunctions.getOriginRequestPolicy(GetOriginRequestPolicyArgs.builder()\n .name(\"Managed-UserAgentRefererHeaders\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n uaReferer:\n fn::invoke:\n Function: aws:cloudfront:getOriginRequestPolicy\n Arguments:\n name: Managed-UserAgentRefererHeaders\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOriginRequestPolicy.\n", "properties": { "id": { "type": "string", "description": "Identifier for the origin request policy.\n" }, "name": { "type": "string", "description": "Unique name to identify the origin request policy.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOriginRequestPolicy.\n", "properties": { "comment": { "description": "Comment to describe the origin request policy.\n", "type": "string" }, "cookiesConfigs": { "description": "Object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyCookiesConfig:getOriginRequestPolicyCookiesConfig" }, "type": "array" }, "etag": { "description": "Current version of the origin request policy.\n", "type": "string" }, "headersConfigs": { "description": "Object that determines whether any HTTP headers (and if so, which headers) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyHeadersConfig:getOriginRequestPolicyHeadersConfig" }, "type": "array" }, "id": { "type": "string" }, "name": { "type": "string" }, "queryStringsConfigs": { "description": "Object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the origin request key and automatically included in requests that CloudFront sends to the origin. See Query String Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getOriginRequestPolicyQueryStringsConfig:getOriginRequestPolicyQueryStringsConfig" }, "type": "array" } }, "required": [ "comment", "cookiesConfigs", "etag", "headersConfigs", "queryStringsConfigs" ], "type": "object" } }, "aws:cloudfront/getRealtimeLogConfig:getRealtimeLogConfig": { "description": "Provides a CloudFront real-time log configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getRealtimeLogConfig({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_realtime_log_config(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetRealtimeLogConfig.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupRealtimeLogConfig(ctx, \u0026cloudfront.LookupRealtimeLogConfigArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetRealtimeLogConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getRealtimeLogConfig(GetRealtimeLogConfigArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getRealtimeLogConfig\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRealtimeLogConfig.\n", "properties": { "name": { "type": "string", "description": "Unique name to identify this real-time log configuration.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRealtimeLogConfig.\n", "properties": { "arn": { "description": "ARN (Amazon Resource Name) of the CloudFront real-time log configuration.\n", "type": "string" }, "endpoints": { "description": "(Required) Amazon Kinesis data streams where real-time log data is sent.\n", "items": { "$ref": "#/types/aws:cloudfront/getRealtimeLogConfigEndpoint:getRealtimeLogConfigEndpoint" }, "type": "array" }, "fields": { "description": "(Required) Fields that are included in each real-time log record. See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) for supported values.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "samplingRate": { "description": "(Required) Sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. An integer between `1` and `100`, inclusive.\n", "type": "integer" } }, "required": [ "arn", "endpoints", "fields", "name", "samplingRate", "id" ], "type": "object" } }, "aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy": { "description": "Use this data source to retrieve information about a CloudFront cache policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getResponseHeadersPolicy({\n name: \"example-policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_response_headers_policy(name=\"example-policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()\n {\n Name = \"example-policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupResponseHeadersPolicy(ctx, \u0026cloudfront.LookupResponseHeadersPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"example-policy\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()\n .name(\"example-policy\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getResponseHeadersPolicy\n Arguments:\n name: example-policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS-Managed Policies\n\nAWS managed response header policy names are prefixed with `Managed-`:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudfront.getResponseHeadersPolicy({\n name: \"Managed-SimpleCORS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudfront.get_response_headers_policy(name=\"Managed-SimpleCORS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()\n {\n Name = \"Managed-SimpleCORS\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudfront.LookupResponseHeadersPolicy(ctx, \u0026cloudfront.LookupResponseHeadersPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"Managed-SimpleCORS\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudfront.CloudfrontFunctions;\nimport com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()\n .name(\"Managed-SimpleCORS\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudfront:getResponseHeadersPolicy\n Arguments:\n name: Managed-SimpleCORS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResponseHeadersPolicy.\n", "properties": { "id": { "type": "string", "description": "Identifier for the response headers policy.\n" }, "name": { "type": "string", "description": "Unique name to identify the response headers policy.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResponseHeadersPolicy.\n", "properties": { "comment": { "description": "Comment to describe the response headers policy. The comment cannot be longer than 128 characters.\n", "type": "string" }, "corsConfigs": { "description": "Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCorsConfig:getResponseHeadersPolicyCorsConfig" }, "type": "array" }, "customHeadersConfigs": { "description": "Object that contains an attribute `items` that contains a list of Custom Headers. See Custom Header for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyCustomHeadersConfig:getResponseHeadersPolicyCustomHeadersConfig" }, "type": "array" }, "etag": { "description": "Current version of the response headers policy.\n", "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "removeHeadersConfigs": { "description": "Object that contains an attribute `items` that contains a list of Remove Headers. See Remove Header for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyRemoveHeadersConfig:getResponseHeadersPolicyRemoveHeadersConfig" }, "type": "array" }, "securityHeadersConfigs": { "description": "A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicySecurityHeadersConfig:getResponseHeadersPolicySecurityHeadersConfig" }, "type": "array" }, "serverTimingHeadersConfigs": { "description": "(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.\n", "items": { "$ref": "#/types/aws:cloudfront/getResponseHeadersPolicyServerTimingHeadersConfig:getResponseHeadersPolicyServerTimingHeadersConfig" }, "type": "array" } }, "required": [ "comment", "corsConfigs", "customHeadersConfigs", "etag", "id", "name", "removeHeadersConfigs", "securityHeadersConfigs", "serverTimingHeadersConfigs" ], "type": "object" } }, "aws:cloudhsmv2/getCluster:getCluster": { "description": "Use this data source to get information about a CloudHSM v2 cluster\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cluster = aws.cloudhsmv2.getCluster({\n clusterId: \"cluster-testclusterid\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster = aws.cloudhsmv2.get_cluster(cluster_id=\"cluster-testclusterid\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cluster = Aws.CloudHsmV2.GetCluster.Invoke(new()\n {\n ClusterId = \"cluster-testclusterid\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudhsmv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudhsmv2.LookupCluster(ctx, \u0026cloudhsmv2.LookupClusterArgs{\n\t\t\tClusterId: \"cluster-testclusterid\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudhsmv2.Cloudhsmv2Functions;\nimport com.pulumi.aws.cloudhsmv2.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var cluster = Cloudhsmv2Functions.getCluster(GetClusterArgs.builder()\n .clusterId(\"cluster-testclusterid\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n cluster:\n fn::invoke:\n Function: aws:cloudhsmv2:getCluster\n Arguments:\n clusterId: cluster-testclusterid\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterId": { "type": "string", "description": "ID of Cloud HSM v2 cluster.\n" }, "clusterState": { "type": "string", "description": "State of the cluster to be found.\n" } }, "type": "object", "required": [ "clusterId" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "clusterCertificates": { "description": "The list of cluster certificates.\n", "items": { "$ref": "#/types/aws:cloudhsmv2/getClusterClusterCertificate:getClusterClusterCertificate" }, "type": "array" }, "clusterId": { "type": "string" }, "clusterState": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "securityGroupId": { "description": "ID of the security group associated with the CloudHSM cluster.\n", "type": "string" }, "subnetIds": { "description": "IDs of subnets in which cluster operates.\n", "items": { "type": "string" }, "type": "array" }, "vpcId": { "description": "ID of the VPC that the CloudHSM cluster resides in.\n", "type": "string" } }, "required": [ "clusterCertificates", "clusterId", "clusterState", "securityGroupId", "subnetIds", "vpcId", "id" ], "type": "object" } }, "aws:cloudtrail/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS CloudTrail Service Account](http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html)\nin a given region for the purpose of allowing CloudTrail to store trail data in S3.\n\n\u003e **Note:** AWS documentation [states that](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create-s3-bucket-policy-for-cloudtrail.html#troubleshooting-s3-bucket-policy) a [service principal name](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services) should be used instead of an AWS account ID in any relevant IAM policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.cloudtrail.getServiceAccount({});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {\n bucket: \"tf-cloudtrail-logging-test-bucket\",\n forceDestroy: true,\n});\nconst allowCloudtrailLogging = pulumi.all([main, bucket.arn, main, bucket.arn]).apply(([main, bucketArn, main1, bucketArn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"Put bucket policy needed for trails\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main.arn],\n }],\n actions: [\"s3:PutObject\"],\n resources: [`${bucketArn}/*`],\n },\n {\n sid: \"Get bucket policy needed for trails\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main1.arn],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: [bucketArn1],\n },\n ],\n}));\nconst allowCloudtrailLoggingBucketPolicy = new aws.s3.BucketPolicy(\"allow_cloudtrail_logging\", {\n bucket: bucket.id,\n policy: allowCloudtrailLogging.apply(allowCloudtrailLogging =\u003e allowCloudtrailLogging.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cloudtrail.get_service_account()\nbucket = aws.s3.BucketV2(\"bucket\",\n bucket=\"tf-cloudtrail-logging-test-bucket\",\n force_destroy=True)\nallow_cloudtrail_logging = pulumi.Output.all(bucket.arn, bucket.arn).apply(lambda bucketArn, bucketArn1: aws.iam.get_policy_document_output(statements=[\n {\n \"sid\": \"Put bucket policy needed for trails\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [f\"{bucket_arn}/*\"],\n },\n {\n \"sid\": \"Get bucket policy needed for trails\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:GetBucketAcl\"],\n \"resources\": [bucket_arn1],\n },\n]))\nallow_cloudtrail_logging_bucket_policy = aws.s3.BucketPolicy(\"allow_cloudtrail_logging\",\n bucket=bucket.id,\n policy=allow_cloudtrail_logging.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.CloudTrail.GetServiceAccount.Invoke();\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"tf-cloudtrail-logging-test-bucket\",\n ForceDestroy = true,\n });\n\n var allowCloudtrailLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Put bucket policy needed for trails\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getServiceAccountResult =\u003e getServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{bucket.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Get bucket policy needed for trails\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getServiceAccountResult =\u003e getServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = new[]\n {\n bucket.Arn,\n },\n },\n },\n });\n\n var allowCloudtrailLoggingBucketPolicy = new Aws.S3.BucketPolicy(\"allow_cloudtrail_logging\", new()\n {\n Bucket = bucket.Id,\n Policy = allowCloudtrailLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nmain, err := cloudtrail.GetServiceAccount(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\nBucket: pulumi.String(\"tf-cloudtrail-logging-test-bucket\"),\nForceDestroy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nallowCloudtrailLogging := pulumi.All(bucket.Arn,bucket.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\nbucketArn := _args[0].(string)\nbucketArn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"Put bucket policy needed for trails\",\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:PutObject\",\n},\nResources: []string{\nfmt.Sprintf(\"%v/*\", bucketArn),\n},\n},\n{\nSid: \"Get bucket policy needed for trails\",\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:GetBucketAcl\",\n},\nResources: []string{\nbucketArn1,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = s3.NewBucketPolicy(ctx, \"allow_cloudtrail_logging\", \u0026s3.BucketPolicyArgs{\nBucket: bucket.ID(),\nPolicy: pulumi.String(allowCloudtrailLogging.ApplyT(func(allowCloudtrailLogging iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026allowCloudtrailLogging.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.CloudtrailFunctions;\nimport com.pulumi.aws.cloudtrail.inputs.GetServiceAccountArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = CloudtrailFunctions.getServiceAccount();\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"tf-cloudtrail-logging-test-bucket\")\n .forceDestroy(true)\n .build());\n\n final var allowCloudtrailLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Put bucket policy needed for trails\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getServiceAccountResult -\u003e getServiceAccountResult.arn()))\n .build())\n .actions(\"s3:PutObject\")\n .resources(bucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Get bucket policy needed for trails\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getServiceAccountResult -\u003e getServiceAccountResult.arn()))\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(bucket.arn())\n .build())\n .build());\n\n var allowCloudtrailLoggingBucketPolicy = new BucketPolicy(\"allowCloudtrailLoggingBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(bucket.id())\n .policy(allowCloudtrailLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(allowCloudtrailLogging -\u003e allowCloudtrailLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-cloudtrail-logging-test-bucket\n forceDestroy: true\n allowCloudtrailLoggingBucketPolicy:\n type: aws:s3:BucketPolicy\n name: allow_cloudtrail_logging\n properties:\n bucket: ${bucket.id}\n policy: ${allowCloudtrailLogging.json}\nvariables:\n main:\n fn::invoke:\n Function: aws:cloudtrail:getServiceAccount\n Arguments: {}\n allowCloudtrailLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Put bucket policy needed for trails\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:PutObject\n resources:\n - ${bucket.arn}/*\n - sid: Get bucket policy needed for trails\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:GetBucketAcl\n resources:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS CloudTrail account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "description": "ARN of the AWS CloudTrail service account in the selected region.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "arn", "id" ], "type": "object" } }, "aws:cloudwatch/getEventBus:getEventBus": { "description": "This data source can be used to fetch information about a specific\nEventBridge event bus. Use this data source to compute the ARN of\nan event bus, given the name of the bus.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudwatch.getEventBus({\n name: \"example-bus-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.get_event_bus(name=\"example-bus-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudWatch.GetEventBus.Invoke(new()\n {\n Name = \"example-bus-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.LookupEventBus(ctx, \u0026cloudwatch.LookupEventBusArgs{\n\t\t\tName: \"example-bus-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetEventBusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudwatchFunctions.getEventBus(GetEventBusArgs.builder()\n .name(\"example-bus-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudwatch:getEventBus\n Arguments:\n name: example-bus-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEventBus.\n", "properties": { "name": { "type": "string", "description": "Friendly EventBridge event bus name.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getEventBus.\n", "properties": { "arn": { "description": "ARN.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyIdentifier": { "description": "The identifier of the AWS KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "kmsKeyIdentifier", "name", "id" ], "type": "object" } }, "aws:cloudwatch/getEventConnection:getEventConnection": { "description": "Use this data source to retrieve information about an EventBridge connection.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.cloudwatch.getEventConnection({\n name: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.cloudwatch.get_event_connection(name=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CloudWatch.GetEventConnection.Invoke(new()\n {\n Name = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.LookupEventConnection(ctx, \u0026cloudwatch.LookupEventConnectionArgs{\n\t\t\tName: \"test\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetEventConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CloudwatchFunctions.getEventConnection(GetEventConnectionArgs.builder()\n .name(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:cloudwatch:getEventConnection\n Arguments:\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEventConnection.\n", "properties": { "name": { "type": "string", "description": "Name of the connection.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getEventConnection.\n", "properties": { "arn": { "description": "ARN (Amazon Resource Name) for the connection.\n", "type": "string" }, "authorizationType": { "description": "Type of authorization to use to connect. One of `API_KEY`,`BASIC`,`OAUTH_CLIENT_CREDENTIALS`.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the connection.\n", "type": "string" }, "secretArn": { "description": "ARN (Amazon Resource Name) for the secret created from the authorization parameters specified for the connection.\n", "type": "string" } }, "required": [ "arn", "authorizationType", "name", "secretArn", "id" ], "type": "object" } }, "aws:cloudwatch/getEventSource:getEventSource": { "description": "Use this data source to get information about an EventBridge Partner Event Source. This data source will only return one partner event source. An error will be returned if multiple sources match the same name prefix.\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplepartner = aws.cloudwatch.getEventSource({\n namePrefix: \"aws.partner/examplepartner.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplepartner = aws.cloudwatch.get_event_source(name_prefix=\"aws.partner/examplepartner.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplepartner = Aws.CloudWatch.GetEventSource.Invoke(new()\n {\n NamePrefix = \"aws.partner/examplepartner.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.GetEventSource(ctx, \u0026cloudwatch.GetEventSourceArgs{\n\t\t\tNamePrefix: pulumi.StringRef(\"aws.partner/examplepartner.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetEventSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var examplepartner = CloudwatchFunctions.getEventSource(GetEventSourceArgs.builder()\n .namePrefix(\"aws.partner/examplepartner.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n examplepartner:\n fn::invoke:\n Function: aws:cloudwatch:getEventSource\n Arguments:\n namePrefix: aws.partner/examplepartner.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEventSource.\n", "properties": { "namePrefix": { "type": "string", "description": "Specifying this limits the results to only those partner event sources with names that start with the specified prefix\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEventSource.\n", "properties": { "arn": { "description": "ARN of the partner event source\n", "type": "string" }, "createdBy": { "description": "Name of the SaaS partner that created the event source\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the event source\n", "type": "string" }, "namePrefix": { "type": "string" }, "state": { "description": "State of the event source (`ACTIVE` or `PENDING`)\n", "type": "string" } }, "required": [ "arn", "createdBy", "name", "state", "id" ], "type": "object" } }, "aws:cloudwatch/getLogDataProtectionPolicyDocument:getLogDataProtectionPolicyDocument": { "description": "Generates a CloudWatch Log Group Data Protection Policy document in JSON format for use with the `aws.cloudwatch.LogDataProtectionPolicy` resource.\n\n\u003e For more information about data protection policies, see the [Help protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudwatch.getLogDataProtectionPolicyDocument({\n name: \"Example\",\n statements: [\n {\n sid: \"Audit\",\n dataIdentifiers: [\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n ],\n operation: {\n audit: {\n findingsDestination: {\n cloudwatchLogs: {\n logGroup: audit.name,\n },\n firehose: {\n deliveryStream: auditAwsKinesisFirehoseDeliveryStream.name,\n },\n s3: {\n bucket: auditAwsS3Bucket.bucket,\n },\n },\n },\n },\n },\n {\n sid: \"Deidentify\",\n dataIdentifiers: [\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n ],\n operation: {\n deidentify: {\n maskConfig: {},\n },\n },\n },\n ],\n});\nconst exampleLogDataProtectionPolicy = new aws.cloudwatch.LogDataProtectionPolicy(\"example\", {\n logGroupName: exampleAwsCloudwatchLogGroup.name,\n policyDocument: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.get_log_data_protection_policy_document(name=\"Example\",\n statements=[\n {\n \"sid\": \"Audit\",\n \"data_identifiers\": [\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n ],\n \"operation\": {\n \"audit\": {\n \"findings_destination\": {\n \"cloudwatch_logs\": {\n \"log_group\": audit[\"name\"],\n },\n \"firehose\": {\n \"delivery_stream\": audit_aws_kinesis_firehose_delivery_stream[\"name\"],\n },\n \"s3\": {\n \"bucket\": audit_aws_s3_bucket[\"bucket\"],\n },\n },\n },\n },\n },\n {\n \"sid\": \"Deidentify\",\n \"data_identifiers\": [\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n ],\n \"operation\": {\n \"deidentify\": {\n \"mask_config\": {},\n },\n },\n },\n ])\nexample_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy(\"example\",\n log_group_name=example_aws_cloudwatch_log_group[\"name\"],\n policy_document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudWatch.GetLogDataProtectionPolicyDocument.Invoke(new()\n {\n Name = \"Example\",\n Statements = new[]\n {\n new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementInputArgs\n {\n Sid = \"Audit\",\n DataIdentifiers = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n },\n Operation = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationInputArgs\n {\n Audit = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationAuditInputArgs\n {\n FindingsDestination = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationInputArgs\n {\n CloudwatchLogs = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogsInputArgs\n {\n LogGroup = audit.Name,\n },\n Firehose = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehoseInputArgs\n {\n DeliveryStream = auditAwsKinesisFirehoseDeliveryStream.Name,\n },\n S3 = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3InputArgs\n {\n Bucket = auditAwsS3Bucket.Bucket,\n },\n },\n },\n },\n },\n new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementInputArgs\n {\n Sid = \"Deidentify\",\n DataIdentifiers = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n },\n Operation = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationInputArgs\n {\n Deidentify = new Aws.CloudWatch.Inputs.GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyInputArgs\n {\n MaskConfig = null,\n },\n },\n },\n },\n });\n\n var exampleLogDataProtectionPolicy = new Aws.CloudWatch.LogDataProtectionPolicy(\"example\", new()\n {\n LogGroupName = exampleAwsCloudwatchLogGroup.Name,\n PolicyDocument = example.Apply(getLogDataProtectionPolicyDocumentResult =\u003e getLogDataProtectionPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.GetLogDataProtectionPolicyDocument(ctx, \u0026cloudwatch.GetLogDataProtectionPolicyDocumentArgs{\n\t\t\tName: \"Example\",\n\t\t\tStatements: []cloudwatch.GetLogDataProtectionPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Audit\"),\n\t\t\t\t\tDataIdentifiers: []string{\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n\t\t\t\t\t},\n\t\t\t\t\tOperation: {\n\t\t\t\t\t\tAudit: {\n\t\t\t\t\t\t\tFindingsDestination: {\n\t\t\t\t\t\t\t\tCloudwatchLogs: {\n\t\t\t\t\t\t\t\t\tLogGroup: audit.Name,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tFirehose: {\n\t\t\t\t\t\t\t\t\tDeliveryStream: auditAwsKinesisFirehoseDeliveryStream.Name,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tS3: {\n\t\t\t\t\t\t\t\t\tBucket: auditAwsS3Bucket.Bucket,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Deidentify\"),\n\t\t\t\t\tDataIdentifiers: []string{\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\",\n\t\t\t\t\t},\n\t\t\t\t\tOperation: {\n\t\t\t\t\t\tDeidentify: {\n\t\t\t\t\t\t\tMaskConfig: nil,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogDataProtectionPolicy(ctx, \"example\", \u0026cloudwatch.LogDataProtectionPolicyArgs{\n\t\t\tLogGroupName: pulumi.Any(exampleAwsCloudwatchLogGroup.Name),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetLogDataProtectionPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudwatchFunctions.getLogDataProtectionPolicyDocument(GetLogDataProtectionPolicyDocumentArgs.builder()\n .name(\"Example\")\n .statements( \n GetLogDataProtectionPolicyDocumentStatementArgs.builder()\n .sid(\"Audit\")\n .dataIdentifiers( \n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\")\n .operation(GetLogDataProtectionPolicyDocumentStatementOperationArgs.builder()\n .audit(GetLogDataProtectionPolicyDocumentStatementOperationAuditArgs.builder()\n .findingsDestination(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationArgs.builder()\n .cloudwatchLogs(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogsArgs.builder()\n .logGroup(audit.name())\n .build())\n .firehose(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehoseArgs.builder()\n .deliveryStream(auditAwsKinesisFirehoseDeliveryStream.name())\n .build())\n .s3(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3Args.builder()\n .bucket(auditAwsS3Bucket.bucket())\n .build())\n .build())\n .build())\n .build())\n .build(),\n GetLogDataProtectionPolicyDocumentStatementArgs.builder()\n .sid(\"Deidentify\")\n .dataIdentifiers( \n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n \"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\")\n .operation(GetLogDataProtectionPolicyDocumentStatementOperationArgs.builder()\n .deidentify(GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyArgs.builder()\n .maskConfig()\n .build())\n .build())\n .build())\n .build());\n\n var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy(\"exampleLogDataProtectionPolicy\", LogDataProtectionPolicyArgs.builder()\n .logGroupName(exampleAwsCloudwatchLogGroup.name())\n .policyDocument(example.applyValue(getLogDataProtectionPolicyDocumentResult -\u003e getLogDataProtectionPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogDataProtectionPolicy:\n type: aws:cloudwatch:LogDataProtectionPolicy\n name: example\n properties:\n logGroupName: ${exampleAwsCloudwatchLogGroup.name}\n policyDocument: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudwatch:getLogDataProtectionPolicyDocument\n Arguments:\n name: Example\n statements:\n - sid: Audit\n dataIdentifiers:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n - arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\n operation:\n audit:\n findingsDestination:\n cloudwatchLogs:\n logGroup: ${audit.name}\n firehose:\n deliveryStream: ${auditAwsKinesisFirehoseDeliveryStream.name}\n s3:\n bucket: ${auditAwsS3Bucket.bucket}\n - sid: Deidentify\n dataIdentifiers:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n - arn:aws:dataprotection::aws:data-identifier/DriversLicense-US\n operation:\n deidentify:\n maskConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLogDataProtectionPolicyDocument.\n", "properties": { "description": { "type": "string" }, "name": { "type": "string", "description": "The name of the data protection policy document.\n" }, "statements": { "type": "array", "items": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatement:getLogDataProtectionPolicyDocumentStatement" }, "description": "Configures the data protection policy.\n\n\u003e There must be exactly two statements: the first with an `audit` operation, and the second with a `deidentify` operation.\n\nThe following arguments are optional:\n" }, "version": { "type": "string" } }, "type": "object", "required": [ "name", "statements" ] }, "outputs": { "description": "A collection of values returned by getLogDataProtectionPolicyDocument.\n", "properties": { "description": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "Standard JSON policy document rendered based on the arguments above.\n", "type": "string" }, "name": { "type": "string" }, "statements": { "items": { "$ref": "#/types/aws:cloudwatch/getLogDataProtectionPolicyDocumentStatement:getLogDataProtectionPolicyDocumentStatement" }, "type": "array" }, "version": { "type": "string" } }, "required": [ "json", "name", "statements", "id" ], "type": "object" } }, "aws:cloudwatch/getLogGroup:getLogGroup": { "description": "Use this data source to get information about an AWS Cloudwatch Log Group\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudwatch.getLogGroup({\n name: \"MyImportantLogs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.get_log_group(name=\"MyImportantLogs\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudWatch.GetLogGroup.Invoke(new()\n {\n Name = \"MyImportantLogs\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.LookupLogGroup(ctx, \u0026cloudwatch.LookupLogGroupArgs{\n\t\t\tName: \"MyImportantLogs\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetLogGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudwatchFunctions.getLogGroup(GetLogGroupArgs.builder()\n .name(\"MyImportantLogs\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudwatch:getLogGroup\n Arguments:\n name: MyImportantLogs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLogGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the Cloudwatch log group\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLogGroup.\n", "properties": { "arn": { "description": "ARN of the Cloudwatch log group. Any `:*` suffix added by the API, denoting all CloudWatch Log Streams under the CloudWatch Log Group, is removed for greater compatibility with other AWS services that do not accept the suffix.\n", "type": "string" }, "creationTime": { "description": "Creation time of the log group, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "ARN of the KMS Key to use when encrypting log data.\n", "type": "string" }, "logGroupClass": { "description": "The log class of the log group.\n", "type": "string" }, "name": { "type": "string" }, "retentionInDays": { "description": "Number of days log events retained in the specified log group.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n", "type": "object" } }, "required": [ "arn", "creationTime", "kmsKeyId", "logGroupClass", "name", "retentionInDays", "tags", "id" ], "type": "object" } }, "aws:cloudwatch/getLogGroups:getLogGroups": { "description": "Use this data source to get a list of AWS Cloudwatch Log Groups\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cloudwatch.getLogGroups({\n logGroupNamePrefix: \"/MyImportantLogs\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.get_log_groups(log_group_name_prefix=\"/MyImportantLogs\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CloudWatch.GetLogGroups.Invoke(new()\n {\n LogGroupNamePrefix = \"/MyImportantLogs\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.GetLogGroups(ctx, \u0026cloudwatch.GetLogGroupsArgs{\n\t\t\tLogGroupNamePrefix: pulumi.StringRef(\"/MyImportantLogs\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.CloudwatchFunctions;\nimport com.pulumi.aws.cloudwatch.inputs.GetLogGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CloudwatchFunctions.getLogGroups(GetLogGroupsArgs.builder()\n .logGroupNamePrefix(\"/MyImportantLogs\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cloudwatch:getLogGroups\n Arguments:\n logGroupNamePrefix: /MyImportantLogs\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLogGroups.\n", "properties": { "logGroupNamePrefix": { "type": "string", "description": "Group prefix of the Cloudwatch log groups to list\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLogGroups.\n", "properties": { "arns": { "description": "Set of ARNs of the Cloudwatch log groups\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "logGroupNamePrefix": { "type": "string" }, "logGroupNames": { "description": "Set of names of the Cloudwatch log groups\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "logGroupNames", "id" ], "type": "object" } }, "aws:codeartifact/getAuthorizationToken:getAuthorizationToken": { "description": "The CodeArtifact Authorization Token data source generates a temporary authentication token for accessing repositories in a CodeArtifact domain.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.codeartifact.getAuthorizationToken({\n domain: testAwsCodeartifactDomain.domain,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codeartifact.get_authorization_token(domain=test_aws_codeartifact_domain[\"domain\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CodeArtifact.GetAuthorizationToken.Invoke(new()\n {\n Domain = testAwsCodeartifactDomain.Domain,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeartifact.GetAuthorizationToken(ctx, \u0026codeartifact.GetAuthorizationTokenArgs{\n\t\t\tDomain: testAwsCodeartifactDomain.Domain,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeartifact.CodeartifactFunctions;\nimport com.pulumi.aws.codeartifact.inputs.GetAuthorizationTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CodeartifactFunctions.getAuthorizationToken(GetAuthorizationTokenArgs.builder()\n .domain(testAwsCodeartifactDomain.domain())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:codeartifact:getAuthorizationToken\n Arguments:\n domain: ${testAwsCodeartifactDomain.domain}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAuthorizationToken.\n", "properties": { "domain": { "type": "string", "description": "Name of the domain that is in scope for the generated authorization token.\n" }, "domainOwner": { "type": "string", "description": "Account number of the AWS account that owns the domain.\n" }, "durationSeconds": { "type": "integer", "description": "Time, in seconds, that the generated authorization token is valid. Valid values are `0` and between `900` and `43200`.\n" } }, "type": "object", "required": [ "domain" ] }, "outputs": { "description": "A collection of values returned by getAuthorizationToken.\n", "properties": { "authorizationToken": { "description": "Temporary authorization token.\n", "type": "string" }, "domain": { "type": "string" }, "domainOwner": { "type": "string" }, "durationSeconds": { "type": "integer" }, "expiration": { "description": "Time in UTC RFC3339 format when the authorization token expires.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "authorizationToken", "domain", "domainOwner", "expiration", "id" ], "type": "object" } }, "aws:codeartifact/getRepositoryEndpoint:getRepositoryEndpoint": { "description": "The CodeArtifact Repository Endpoint data source returns the endpoint of a repository for a specific package format.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.codeartifact.getRepositoryEndpoint({\n domain: testAwsCodeartifactDomain.domain,\n repository: testAwsCodeartifactRepository.repository,\n format: \"npm\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codeartifact.get_repository_endpoint(domain=test_aws_codeartifact_domain[\"domain\"],\n repository=test_aws_codeartifact_repository[\"repository\"],\n format=\"npm\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CodeArtifact.GetRepositoryEndpoint.Invoke(new()\n {\n Domain = testAwsCodeartifactDomain.Domain,\n Repository = testAwsCodeartifactRepository.Repository,\n Format = \"npm\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeartifact\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeartifact.GetRepositoryEndpoint(ctx, \u0026codeartifact.GetRepositoryEndpointArgs{\n\t\t\tDomain: testAwsCodeartifactDomain.Domain,\n\t\t\tRepository: testAwsCodeartifactRepository.Repository,\n\t\t\tFormat: \"npm\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeartifact.CodeartifactFunctions;\nimport com.pulumi.aws.codeartifact.inputs.GetRepositoryEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CodeartifactFunctions.getRepositoryEndpoint(GetRepositoryEndpointArgs.builder()\n .domain(testAwsCodeartifactDomain.domain())\n .repository(testAwsCodeartifactRepository.repository())\n .format(\"npm\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:codeartifact:getRepositoryEndpoint\n Arguments:\n domain: ${testAwsCodeartifactDomain.domain}\n repository: ${testAwsCodeartifactRepository.repository}\n format: npm\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRepositoryEndpoint.\n", "properties": { "domain": { "type": "string", "description": "Name of the domain that contains the repository.\n" }, "domainOwner": { "type": "string", "description": "Account number of the AWS account that owns the domain.\n" }, "format": { "type": "string", "description": "Which endpoint of a repository to return. A repository has one endpoint for each package format: `npm`, `pypi`, `maven`, and `nuget`.\n" }, "repository": { "type": "string", "description": "Name of the repository.\n" } }, "type": "object", "required": [ "domain", "format", "repository" ] }, "outputs": { "description": "A collection of values returned by getRepositoryEndpoint.\n", "properties": { "domain": { "type": "string" }, "domainOwner": { "type": "string" }, "format": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "repository": { "type": "string" }, "repositoryEndpoint": { "description": "URL of the returned endpoint.\n", "type": "string" } }, "required": [ "domain", "domainOwner", "format", "repository", "repositoryEndpoint", "id" ], "type": "object" } }, "aws:codecatalyst/getDevEnvironment:getDevEnvironment": { "description": "Data source for managing an AWS CodeCatalyst Dev Environment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.codecatalyst.getDevEnvironment({\n spaceName: \"myspace\",\n projectName: \"myproject\",\n envId: exampleAwsCodecatalystDevEnvironment.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codecatalyst.get_dev_environment(space_name=\"myspace\",\n project_name=\"myproject\",\n env_id=example_aws_codecatalyst_dev_environment[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CodeCatalyst.GetDevEnvironment.Invoke(new()\n {\n SpaceName = \"myspace\",\n ProjectName = \"myproject\",\n EnvId = exampleAwsCodecatalystDevEnvironment.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecatalyst\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecatalyst.LookupDevEnvironment(ctx, \u0026codecatalyst.LookupDevEnvironmentArgs{\n\t\t\tSpaceName: \"myspace\",\n\t\t\tProjectName: \"myproject\",\n\t\t\tEnvId: exampleAwsCodecatalystDevEnvironment.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecatalyst.CodecatalystFunctions;\nimport com.pulumi.aws.codecatalyst.inputs.GetDevEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CodecatalystFunctions.getDevEnvironment(GetDevEnvironmentArgs.builder()\n .spaceName(\"myspace\")\n .projectName(\"myproject\")\n .envId(exampleAwsCodecatalystDevEnvironment.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:codecatalyst:getDevEnvironment\n Arguments:\n spaceName: myspace\n projectName: myproject\n envId: ${exampleAwsCodecatalystDevEnvironment.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDevEnvironment.\n", "properties": { "alias": { "type": "string", "description": "The user-specified alias for the Dev Environment.\n" }, "creatorId": { "type": "string", "description": "The system-generated unique ID of the user who created the Dev Environment.\n" }, "envId": { "type": "string", "description": "- (Required) The system-generated unique ID of the Dev Environment for which you want to view information. To retrieve a list of Dev Environment IDs, use [ListDevEnvironments](https://docs.aws.amazon.com/codecatalyst/latest/APIReference/API_ListDevEnvironments.html).\n" }, "projectName": { "type": "string", "description": "The name of the project in the space.\n" }, "repositories": { "type": "array", "items": { "$ref": "#/types/aws:codecatalyst/getDevEnvironmentRepository:getDevEnvironmentRepository" }, "description": "The source repository that contains the branch to clone into the Dev Environment.\n" }, "spaceName": { "type": "string", "description": "The name of the space.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "envId", "projectName", "spaceName" ] }, "outputs": { "description": "A collection of values returned by getDevEnvironment.\n", "properties": { "alias": { "description": "The user-specified alias for the Dev Environment.\n", "type": "string" }, "creatorId": { "description": "The system-generated unique ID of the user who created the Dev Environment.\n", "type": "string" }, "envId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ides": { "description": "Information about the integrated development environment (IDE) configured for a Dev Environment.\n", "items": { "$ref": "#/types/aws:codecatalyst/getDevEnvironmentIde:getDevEnvironmentIde" }, "type": "array" }, "inactivityTimeoutMinutes": { "description": "The amount of time the Dev Environment will run without any activity detected before stopping, in minutes. Only whole integers are allowed. Dev Environments consume compute minutes when running.\n", "type": "integer" }, "instanceType": { "description": "The Amazon EC2 instace type to use for the Dev Environment.\n", "type": "string" }, "lastUpdatedTime": { "description": "The time when the Dev Environment was last updated, in coordinated universal time (UTC) timestamp format as specified in [RFC 3339](https://www.rfc-editor.org/rfc/rfc3339#section-5.6).\n", "type": "string" }, "persistentStorages": { "description": "Information about the amount of storage allocated to the Dev Environment.\n", "items": { "$ref": "#/types/aws:codecatalyst/getDevEnvironmentPersistentStorage:getDevEnvironmentPersistentStorage" }, "type": "array" }, "projectName": { "type": "string" }, "repositories": { "description": "The source repository that contains the branch to clone into the Dev Environment.\n", "items": { "$ref": "#/types/aws:codecatalyst/getDevEnvironmentRepository:getDevEnvironmentRepository" }, "type": "array" }, "spaceName": { "type": "string" }, "status": { "description": "The current status of the Dev Environment. From: PENDING | RUNNING | STARTING | STOPPING | STOPPED | FAILED | DELETING | DELETED.\n", "type": "string" }, "statusReason": { "description": "The reason for the status.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "envId", "ides", "inactivityTimeoutMinutes", "instanceType", "lastUpdatedTime", "persistentStorages", "projectName", "spaceName", "status", "statusReason", "tags", "id" ], "type": "object" } }, "aws:codecommit/getApprovalRuleTemplate:getApprovalRuleTemplate": { "description": "Provides details about a specific CodeCommit Approval Rule Template.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.codecommit.getApprovalRuleTemplate({\n name: \"MyExampleApprovalRuleTemplate\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codecommit.get_approval_rule_template(name=\"MyExampleApprovalRuleTemplate\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CodeCommit.GetApprovalRuleTemplate.Invoke(new()\n {\n Name = \"MyExampleApprovalRuleTemplate\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecommit.LookupApprovalRuleTemplate(ctx, \u0026codecommit.LookupApprovalRuleTemplateArgs{\n\t\t\tName: \"MyExampleApprovalRuleTemplate\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.CodecommitFunctions;\nimport com.pulumi.aws.codecommit.inputs.GetApprovalRuleTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CodecommitFunctions.getApprovalRuleTemplate(GetApprovalRuleTemplateArgs.builder()\n .name(\"MyExampleApprovalRuleTemplate\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:codecommit:getApprovalRuleTemplate\n Arguments:\n name: MyExampleApprovalRuleTemplate\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApprovalRuleTemplate.\n", "properties": { "name": { "type": "string", "description": "Name for the approval rule template. This needs to be less than 100 characters.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getApprovalRuleTemplate.\n", "properties": { "approvalRuleTemplateId": { "description": "The ID of the approval rule template.\n", "type": "string" }, "content": { "description": "Content of the approval rule template.\n", "type": "string" }, "creationDate": { "description": "Date the approval rule template was created, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n", "type": "string" }, "description": { "description": "Description of the approval rule template.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastModifiedDate": { "description": "Date the approval rule template was most recently changed, in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n", "type": "string" }, "lastModifiedUser": { "description": "ARN of the user who made the most recent changes to the approval rule template.\n", "type": "string" }, "name": { "type": "string" }, "ruleContentSha256": { "description": "SHA-256 hash signature for the content of the approval rule template.\n", "type": "string" } }, "required": [ "approvalRuleTemplateId", "content", "creationDate", "description", "lastModifiedDate", "lastModifiedUser", "name", "ruleContentSha256", "id" ], "type": "object" } }, "aws:codecommit/getRepository:getRepository": { "description": "The CodeCommit Repository data source allows the ARN, Repository ID, Repository URL for HTTP and Repository URL for SSH to be retrieved for an CodeCommit repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.codecommit.getRepository({\n repositoryName: \"MyTestRepository\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.codecommit.get_repository(repository_name=\"MyTestRepository\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CodeCommit.GetRepository.Invoke(new()\n {\n RepositoryName = \"MyTestRepository\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codecommit.LookupRepository(ctx, \u0026codecommit.LookupRepositoryArgs{\n\t\t\tRepositoryName: \"MyTestRepository\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.CodecommitFunctions;\nimport com.pulumi.aws.codecommit.inputs.GetRepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CodecommitFunctions.getRepository(GetRepositoryArgs.builder()\n .repositoryName(\"MyTestRepository\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:codecommit:getRepository\n Arguments:\n repositoryName: MyTestRepository\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRepository.\n", "properties": { "repositoryName": { "type": "string", "description": "Name for the repository. This needs to be less than 100 characters.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "outputs": { "description": "A collection of values returned by getRepository.\n", "properties": { "arn": { "description": "ARN of the repository.\n", "type": "string" }, "cloneUrlHttp": { "description": "URL to use for cloning the repository over HTTPS.\n", "type": "string" }, "cloneUrlSsh": { "description": "URL to use for cloning the repository over SSH.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "The ID of the encryption key.\n", "type": "string" }, "repositoryId": { "description": "ID of the repository.\n", "type": "string" }, "repositoryName": { "type": "string" } }, "required": [ "arn", "cloneUrlHttp", "cloneUrlSsh", "kmsKeyId", "repositoryId", "repositoryName", "id" ], "type": "object" } }, "aws:codeguruprofiler/getProfilingGroup:getProfilingGroup": { "description": "Data source for managing an AWS CodeGuru Profiler Profiling Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.codeguruprofiler.getProfilingGroup({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codeguruprofiler.get_profiling_group(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CodeGuruProfiler.GetProfilingGroup.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codeguruprofiler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codeguruprofiler.LookupProfilingGroup(ctx, \u0026codeguruprofiler.LookupProfilingGroupArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codeguruprofiler.CodeguruprofilerFunctions;\nimport com.pulumi.aws.codeguruprofiler.inputs.GetProfilingGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CodeguruprofilerFunctions.getProfilingGroup(GetProfilingGroupArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:codeguruprofiler:getProfilingGroup\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProfilingGroup.\n", "properties": { "name": { "type": "string", "description": "The name of the profiling group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getProfilingGroup.\n", "properties": { "agentOrchestrationConfigs": { "description": "Profiling Group agent orchestration config\n", "items": { "$ref": "#/types/aws:codeguruprofiler/getProfilingGroupAgentOrchestrationConfig:getProfilingGroupAgentOrchestrationConfig" }, "type": "array" }, "arn": { "description": "ARN of the Profiling Group.\n", "type": "string" }, "computePlatform": { "description": "The compute platform of the profiling group.\n", "type": "string" }, "createdAt": { "description": "Timestamp when Profiling Group was created.\n", "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "profilingStatuses": { "description": "The status of the Profiling Group.\n", "items": { "$ref": "#/types/aws:codeguruprofiler/getProfilingGroupProfilingStatus:getProfilingGroupProfilingStatus" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Mapping of Key-Value tags for the resource.\n", "type": "object" }, "updatedAt": { "description": "Timestamp when Profiling Group was updated.\n", "type": "string" } }, "required": [ "agentOrchestrationConfigs", "arn", "computePlatform", "createdAt", "id", "name", "profilingStatuses", "tags", "updatedAt" ], "type": "object" } }, "aws:codestarconnections/getConnection:getConnection": { "description": "Provides details about CodeStar Connection.\n\n## Example Usage\n\n### By ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.codestarconnections.getConnection({\n arn: exampleAwsCodestarconnectionsConnection.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codestarconnections.get_connection(arn=example_aws_codestarconnections_connection[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CodeStarConnections.GetConnection.Invoke(new()\n {\n Arn = exampleAwsCodestarconnectionsConnection.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codestarconnections.LookupConnection(ctx, \u0026codestarconnections.LookupConnectionArgs{\n\t\t\tArn: pulumi.StringRef(exampleAwsCodestarconnectionsConnection.Arn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codestarconnections.CodestarconnectionsFunctions;\nimport com.pulumi.aws.codestarconnections.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CodestarconnectionsFunctions.getConnection(GetConnectionArgs.builder()\n .arn(exampleAwsCodestarconnectionsConnection.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:codestarconnections:getConnection\n Arguments:\n arn: ${exampleAwsCodestarconnectionsConnection.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.codestarconnections.getConnection({\n name: exampleAwsCodestarconnectionsConnection.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.codestarconnections.get_connection(name=example_aws_codestarconnections_connection[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CodeStarConnections.GetConnection.Invoke(new()\n {\n Name = exampleAwsCodestarconnectionsConnection.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codestarconnections\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := codestarconnections.LookupConnection(ctx, \u0026codestarconnections.LookupConnectionArgs{\n\t\t\tName: pulumi.StringRef(exampleAwsCodestarconnectionsConnection.Name),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codestarconnections.CodestarconnectionsFunctions;\nimport com.pulumi.aws.codestarconnections.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CodestarconnectionsFunctions.getConnection(GetConnectionArgs.builder()\n .name(exampleAwsCodestarconnectionsConnection.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:codestarconnections:getConnection\n Arguments:\n name: ${exampleAwsCodestarconnectionsConnection.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnection.\n", "properties": { "arn": { "type": "string", "description": "CodeStar Connection ARN.\n" }, "name": { "type": "string", "description": "CodeStar Connection name.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value resource tags to associate with the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getConnection.\n", "properties": { "arn": { "type": "string" }, "connectionStatus": { "description": "CodeStar Connection status. Possible values are `PENDING`, `AVAILABLE` and `ERROR`.\n", "type": "string" }, "hostArn": { "description": "ARN of the host associated with the connection.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the CodeStar Connection. The name is unique in the calling AWS account.\n", "type": "string" }, "providerType": { "description": "Name of the external provider where your third-party code repository is configured. Possible values are `Bitbucket`, `GitHub` and `GitLab`. For connections to GitHub Enterprise Server or GitLab Self-Managed instances, you must create an aws.codestarconnections.Host resource and use `host_arn` instead.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value resource tags to associate with the resource.\n", "type": "object" } }, "required": [ "arn", "connectionStatus", "hostArn", "name", "providerType", "tags", "id" ], "type": "object" } }, "aws:cognito/getIdentityPool:getIdentityPool": { "description": "Data source for managing an AWS Cognito Identity Pool.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cognito.getIdentityPool({\n identityPoolName: \"test pool\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.get_identity_pool(identity_pool_name=\"test pool\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Cognito.GetIdentityPool.Invoke(new()\n {\n IdentityPoolName = \"test pool\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.LookupIdentityPool(ctx, \u0026cognito.LookupIdentityPoolArgs{\n\t\t\tIdentityPoolName: \"test pool\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetIdentityPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CognitoFunctions.getIdentityPool(GetIdentityPoolArgs.builder()\n .identityPoolName(\"test pool\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cognito:getIdentityPool\n Arguments:\n identityPoolName: test pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIdentityPool.\n", "properties": { "identityPoolName": { "type": "string", "description": "The Cognito Identity Pool name.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assigned to the Identity Pool.\n" } }, "type": "object", "required": [ "identityPoolName" ] }, "outputs": { "description": "A collection of values returned by getIdentityPool.\n", "properties": { "allowClassicFlow": { "description": "Whether the classic / basic authentication flow is enabled.\n", "type": "boolean" }, "allowUnauthenticatedIdentities": { "description": "Whether the identity pool supports unauthenticated logins or not.\n", "type": "boolean" }, "arn": { "description": "ARN of the Pool.\n", "type": "string" }, "cognitoIdentityProviders": { "description": "An array of Amazon Cognito Identity user pools and their client IDs.\n", "items": { "$ref": "#/types/aws:cognito/getIdentityPoolCognitoIdentityProvider:getIdentityPoolCognitoIdentityProvider" }, "type": "array" }, "developerProviderName": { "description": "The \"domain\" by which Cognito will refer to your users.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityPoolName": { "type": "string" }, "openidConnectProviderArns": { "description": "Set of OpendID Connect provider ARNs.\n", "items": { "type": "string" }, "type": "array" }, "samlProviderArns": { "description": "An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.\n", "items": { "type": "string" }, "type": "array" }, "supportedLoginProviders": { "additionalProperties": { "type": "string" }, "description": "Key-Value pairs mapping provider names to provider app IDs.\n", "type": "object" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assigned to the Identity Pool.\n", "type": "object" } }, "required": [ "allowClassicFlow", "allowUnauthenticatedIdentities", "arn", "cognitoIdentityProviders", "developerProviderName", "identityPoolName", "openidConnectProviderArns", "samlProviderArns", "supportedLoginProviders", "tags", "id" ], "type": "object" } }, "aws:cognito/getUserGroup:getUserGroup": { "description": "Data source for managing an AWS Cognito IDP (Identity Provider) User Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cognito.getUserGroup({\n userPoolId: \"us-west-2_aaaaaaaaa\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.get_user_group(user_pool_id=\"us-west-2_aaaaaaaaa\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Cognito.GetUserGroup.Invoke(new()\n {\n UserPoolId = \"us-west-2_aaaaaaaaa\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.LookupUserGroup(ctx, \u0026cognito.LookupUserGroupArgs{\n\t\t\tUserPoolId: \"us-west-2_aaaaaaaaa\",\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CognitoFunctions.getUserGroup(GetUserGroupArgs.builder()\n .userPoolId(\"us-west-2_aaaaaaaaa\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cognito:getUserGroup\n Arguments:\n userPoolId: us-west-2_aaaaaaaaa\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the user group.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n" } }, "type": "object", "required": [ "name", "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserGroup.\n", "properties": { "description": { "description": "Description of the user group.\n", "type": "string" }, "id": { "description": "A comma-delimited string concatenating `name` and `user_pool_id`.\n", "type": "string" }, "name": { "type": "string" }, "precedence": { "description": "Precedence of the user group.\n", "type": "integer" }, "roleArn": { "description": "ARN of the IAM role to be associated with the user group.\n", "type": "string" }, "userPoolId": { "type": "string" } }, "required": [ "description", "id", "name", "precedence", "roleArn", "userPoolId" ], "type": "object" } }, "aws:cognito/getUserGroups:getUserGroups": { "description": "Data source for managing AWS Cognito IDP (Identity Provider) User Groups.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cognito.getUserGroups({\n userPoolId: \"us-west-2_aaaaaaaaa\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.get_user_groups(user_pool_id=\"us-west-2_aaaaaaaaa\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Cognito.GetUserGroups.Invoke(new()\n {\n UserPoolId = \"us-west-2_aaaaaaaaa\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.GetUserGroups(ctx, \u0026cognito.GetUserGroupsArgs{\n\t\t\tUserPoolId: \"us-west-2_aaaaaaaaa\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CognitoFunctions.getUserGroups(GetUserGroupsArgs.builder()\n .userPoolId(\"us-west-2_aaaaaaaaa\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cognito:getUserGroups\n Arguments:\n userPoolId: us-west-2_aaaaaaaaa\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserGroups.\n", "properties": { "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n" } }, "type": "object", "required": [ "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserGroups.\n", "properties": { "groups": { "description": "List of groups. See `groups` below.\n", "items": { "$ref": "#/types/aws:cognito/getUserGroupsGroup:getUserGroupsGroup" }, "type": "array" }, "id": { "description": "User pool identifier.\n", "type": "string" }, "userPoolId": { "type": "string" } }, "required": [ "groups", "id", "userPoolId" ], "type": "object" } }, "aws:cognito/getUserPool:getUserPool": { "description": "Data source for managing an AWS Cognito User Pool.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.cognito.getUserPool({\n userPoolId: \"us-west-2_aaaaaaaaa\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cognito.get_user_pool(user_pool_id=\"us-west-2_aaaaaaaaa\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Cognito.GetUserPool.Invoke(new()\n {\n UserPoolId = \"us-west-2_aaaaaaaaa\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.LookupUserPool(ctx, \u0026cognito.LookupUserPoolArgs{\n\t\t\tUserPoolId: \"us-west-2_aaaaaaaaa\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CognitoFunctions.getUserPool(GetUserPoolArgs.builder()\n .userPoolId(\"us-west-2_aaaaaaaaa\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:cognito:getUserPool\n Arguments:\n userPoolId: us-west-2_aaaaaaaaa\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserPool.\n", "properties": { "userPoolId": { "type": "string", "description": "The cognito pool ID\n" } }, "type": "object", "required": [ "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserPool.\n", "properties": { "accountRecoverySettings": { "items": { "$ref": "#/types/aws:cognito/getUserPoolAccountRecoverySetting:getUserPoolAccountRecoverySetting" }, "type": "array" }, "adminCreateUserConfigs": { "items": { "$ref": "#/types/aws:cognito/getUserPoolAdminCreateUserConfig:getUserPoolAdminCreateUserConfig" }, "type": "array" }, "arn": { "description": "ARN of the User Pool.\n* account_recovery_setting - The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.\n* admin_create_user_config - The configuration for AdminCreateUser requests.\n", "type": "string" }, "autoVerifiedAttributes": { "description": "The attributes that are auto-verified in a user pool.\n", "items": { "type": "string" }, "type": "array" }, "creationDate": { "description": "The date and time, in ISO 8601 format, when the item was created.\n", "type": "string" }, "customDomain": { "description": "A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An example of a custom domain name might be auth.example.com.\n", "type": "string" }, "deletionProtection": { "description": "When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.\n* device_configuration - The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.\n", "type": "string" }, "deviceConfigurations": { "items": { "$ref": "#/types/aws:cognito/getUserPoolDeviceConfiguration:getUserPoolDeviceConfiguration" }, "type": "array" }, "domain": { "description": "The domain prefix, if the user pool has a domain associated with it.\n* email_configuration - The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.\n", "type": "string" }, "emailConfigurations": { "items": { "$ref": "#/types/aws:cognito/getUserPoolEmailConfiguration:getUserPoolEmailConfiguration" }, "type": "array" }, "estimatedNumberOfUsers": { "description": "A number estimating the size of the user pool.\n* lambda_config - The AWS Lambda triggers associated with the user pool.\n", "type": "integer" }, "id": { "type": "string" }, "lambdaConfigs": { "items": { "$ref": "#/types/aws:cognito/getUserPoolLambdaConfig:getUserPoolLambdaConfig" }, "type": "array" }, "lastModifiedDate": { "description": "The date and time, in ISO 8601 format, when the item was modified.\n", "type": "string" }, "mfaConfiguration": { "description": "Can be one of the following values: `OFF` | `ON` | `OPTIONAL`\n", "type": "string" }, "name": { "description": "- Name of the attribute.\n", "type": "string" }, "schemaAttributes": { "items": { "$ref": "#/types/aws:cognito/getUserPoolSchemaAttribute:getUserPoolSchemaAttribute" }, "type": "array" }, "smsAuthenticationMessage": { "description": "The contents of the SMS authentication message.\n", "type": "string" }, "smsConfigurationFailure": { "description": "The reason why the SMS configuration can't send the messages to your users.\n", "type": "string" }, "smsVerificationMessage": { "description": "The contents of the SMS authentication message.\n", "type": "string" }, "userPoolId": { "type": "string" }, "userPoolTags": { "additionalProperties": { "type": "string" }, "description": "The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.\n", "type": "object" }, "usernameAttributes": { "description": "Specifies whether a user can use an email address or phone number as a username when they sign up.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "accountRecoverySettings", "adminCreateUserConfigs", "arn", "autoVerifiedAttributes", "creationDate", "customDomain", "deletionProtection", "deviceConfigurations", "domain", "emailConfigurations", "estimatedNumberOfUsers", "id", "lambdaConfigs", "lastModifiedDate", "mfaConfiguration", "name", "schemaAttributes", "smsAuthenticationMessage", "smsConfigurationFailure", "smsVerificationMessage", "userPoolId", "userPoolTags", "usernameAttributes" ], "type": "object" } }, "aws:cognito/getUserPoolClient:getUserPoolClient": { "description": "Provides a Cognito User Pool Client resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst client = aws.cognito.getUserPoolClient({\n clientId: \"38fjsnc484p94kpqsnet7mpld0\",\n userPoolId: \"us-west-2_aaaaaaaaa\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nclient = aws.cognito.get_user_pool_client(client_id=\"38fjsnc484p94kpqsnet7mpld0\",\n user_pool_id=\"us-west-2_aaaaaaaaa\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var client = Aws.Cognito.GetUserPoolClient.Invoke(new()\n {\n ClientId = \"38fjsnc484p94kpqsnet7mpld0\",\n UserPoolId = \"us-west-2_aaaaaaaaa\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.LookupUserPoolClient(ctx, \u0026cognito.LookupUserPoolClientArgs{\n\t\t\tClientId: \"38fjsnc484p94kpqsnet7mpld0\",\n\t\t\tUserPoolId: \"us-west-2_aaaaaaaaa\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var client = CognitoFunctions.getUserPoolClient(GetUserPoolClientArgs.builder()\n .clientId(\"38fjsnc484p94kpqsnet7mpld0\")\n .userPoolId(\"us-west-2_aaaaaaaaa\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n client:\n fn::invoke:\n Function: aws:cognito:getUserPoolClient\n Arguments:\n clientId: 38fjsnc484p94kpqsnet7mpld0\n userPoolId: us-west-2_aaaaaaaaa\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserPoolClient.\n", "properties": { "clientId": { "type": "string", "description": "Client Id of the user pool.\n" }, "userPoolId": { "type": "string", "description": "User pool the client belongs to.\n" } }, "type": "object", "required": [ "clientId", "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserPoolClient.\n", "properties": { "accessTokenValidity": { "description": "(Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in `token_validity_units`.\n", "type": "integer" }, "allowedOauthFlows": { "description": "(Optional) List of allowed OAuth flows (code, implicit, client_credentials).\n", "items": { "type": "string" }, "type": "array" }, "allowedOauthFlowsUserPoolClient": { "description": "(Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.\n", "type": "boolean" }, "allowedOauthScopes": { "description": "(Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).\n", "items": { "type": "string" }, "type": "array" }, "analyticsConfigurations": { "description": "(Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.\n", "items": { "$ref": "#/types/aws:cognito/getUserPoolClientAnalyticsConfiguration:getUserPoolClientAnalyticsConfiguration" }, "type": "array" }, "callbackUrls": { "description": "(Optional) List of allowed callback URLs for the identity providers.\n", "items": { "type": "string" }, "type": "array" }, "clientId": { "type": "string" }, "clientSecret": { "description": "Client secret of the user pool client.\n", "secret": true, "type": "string" }, "defaultRedirectUri": { "description": "(Optional) Default redirect URI. Must be in the list of callback URLs.\n", "type": "string" }, "enablePropagateAdditionalUserContextData": { "type": "boolean" }, "enableTokenRevocation": { "description": "(Optional) Enables or disables token revocation.\n", "type": "boolean" }, "explicitAuthFlows": { "description": "(Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).\n", "items": { "type": "string" }, "type": "array" }, "generateSecret": { "description": "(Optional) Should an application secret be generated.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idTokenValidity": { "description": "(Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in `token_validity_units`.\n", "type": "integer" }, "logoutUrls": { "description": "(Optional) List of allowed logout URLs for the identity providers.\n", "items": { "type": "string" }, "type": "array" }, "name": { "type": "string" }, "preventUserExistenceErrors": { "description": "(Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.\n", "type": "string" }, "readAttributes": { "description": "(Optional) List of user pool attributes the application client can read from.\n", "items": { "type": "string" }, "type": "array" }, "refreshTokenValidity": { "description": "(Optional) Time limit in days refresh tokens are valid for.\n", "type": "integer" }, "supportedIdentityProviders": { "description": "(Optional) List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).\n", "items": { "type": "string" }, "type": "array" }, "tokenValidityUnits": { "description": "(Optional) Configuration block for units in which the validity times are represented in. Detailed below.\n", "items": { "$ref": "#/types/aws:cognito/getUserPoolClientTokenValidityUnit:getUserPoolClientTokenValidityUnit" }, "type": "array" }, "userPoolId": { "type": "string" }, "writeAttributes": { "description": "(Optional) List of user pool attributes the application client can write to.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "accessTokenValidity", "allowedOauthFlows", "allowedOauthFlowsUserPoolClient", "allowedOauthScopes", "analyticsConfigurations", "callbackUrls", "clientId", "clientSecret", "defaultRedirectUri", "enablePropagateAdditionalUserContextData", "enableTokenRevocation", "explicitAuthFlows", "generateSecret", "idTokenValidity", "logoutUrls", "name", "preventUserExistenceErrors", "readAttributes", "refreshTokenValidity", "supportedIdentityProviders", "tokenValidityUnits", "userPoolId", "writeAttributes", "id" ], "type": "object" } }, "aws:cognito/getUserPoolClients:getUserPoolClients": { "description": "Use this data source to get a list of Cognito user pools clients for a Cognito IdP user pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.cognito.getUserPoolClients({\n userPoolId: mainAwsCognitoUserPool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.cognito.get_user_pool_clients(user_pool_id=main_aws_cognito_user_pool[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.Cognito.GetUserPoolClients.Invoke(new()\n {\n UserPoolId = mainAwsCognitoUserPool.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.GetUserPoolClients(ctx, \u0026cognito.GetUserPoolClientsArgs{\n\t\t\tUserPoolId: mainAwsCognitoUserPool.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolClientsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = CognitoFunctions.getUserPoolClients(GetUserPoolClientsArgs.builder()\n .userPoolId(mainAwsCognitoUserPool.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n main:\n fn::invoke:\n Function: aws:cognito:getUserPoolClients\n Arguments:\n userPoolId: ${mainAwsCognitoUserPool.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserPoolClients.\n", "properties": { "userPoolId": { "type": "string", "description": "Cognito user pool ID.\n" } }, "type": "object", "required": [ "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserPoolClients.\n", "properties": { "clientIds": { "description": "List of Cognito user pool client IDs.\n", "items": { "type": "string" }, "type": "array" }, "clientNames": { "description": "List of Cognito user pool client names.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "userPoolId": { "type": "string" } }, "required": [ "clientIds", "clientNames", "userPoolId", "id" ], "type": "object" } }, "aws:cognito/getUserPoolSigningCertificate:getUserPoolSigningCertificate": { "description": "Use this data source to get the signing certificate for a Cognito IdP user pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sc = aws.cognito.getUserPoolSigningCertificate({\n userPoolId: myPool.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsc = aws.cognito.get_user_pool_signing_certificate(user_pool_id=my_pool[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sc = Aws.Cognito.GetUserPoolSigningCertificate.Invoke(new()\n {\n UserPoolId = myPool.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cognito.GetUserPoolSigningCertificate(ctx, \u0026cognito.GetUserPoolSigningCertificateArgs{\n\t\t\tUserPoolId: myPool.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolSigningCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var sc = CognitoFunctions.getUserPoolSigningCertificate(GetUserPoolSigningCertificateArgs.builder()\n .userPoolId(myPool.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n sc:\n fn::invoke:\n Function: aws:cognito:getUserPoolSigningCertificate\n Arguments:\n userPoolId: ${myPool.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserPoolSigningCertificate.\n", "properties": { "userPoolId": { "type": "string", "description": "Cognito user pool ID.\n" } }, "type": "object", "required": [ "userPoolId" ] }, "outputs": { "description": "A collection of values returned by getUserPoolSigningCertificate.\n", "properties": { "certificate": { "description": "Certificate string\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "userPoolId": { "type": "string" } }, "required": [ "certificate", "userPoolId", "id" ], "type": "object" } }, "aws:cognito/getUserPools:getUserPools": { "description": "Use this data source to get a list of cognito user pools.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.apigateway.getRestApi({\n name: apiGatewayName,\n});\nconst selectedGetUserPools = aws.cognito.getUserPools({\n name: cognitoUserPoolName,\n});\nconst cognito = new aws.apigateway.Authorizer(\"cognito\", {\n name: \"cognito\",\n type: \"COGNITO_USER_POOLS\",\n restApi: selected.then(selected =\u003e selected.id),\n providerArns: selectedGetUserPools.then(selectedGetUserPools =\u003e selectedGetUserPools.arns),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.apigateway.get_rest_api(name=api_gateway_name)\nselected_get_user_pools = aws.cognito.get_user_pools(name=cognito_user_pool_name)\ncognito = aws.apigateway.Authorizer(\"cognito\",\n name=\"cognito\",\n type=\"COGNITO_USER_POOLS\",\n rest_api=selected.id,\n provider_arns=selected_get_user_pools.arns)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.ApiGateway.GetRestApi.Invoke(new()\n {\n Name = apiGatewayName,\n });\n\n var selectedGetUserPools = Aws.Cognito.GetUserPools.Invoke(new()\n {\n Name = cognitoUserPoolName,\n });\n\n var cognito = new Aws.ApiGateway.Authorizer(\"cognito\", new()\n {\n Name = \"cognito\",\n Type = \"COGNITO_USER_POOLS\",\n RestApi = selected.Apply(getRestApiResult =\u003e getRestApiResult.Id),\n ProviderArns = selectedGetUserPools.Apply(getUserPoolsResult =\u003e getUserPoolsResult.Arns),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := apigateway.LookupRestApi(ctx, \u0026apigateway.LookupRestApiArgs{\n\t\t\tName: apiGatewayName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tselectedGetUserPools, err := cognito.GetUserPools(ctx, \u0026cognito.GetUserPoolsArgs{\n\t\t\tName: cognitoUserPoolName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewAuthorizer(ctx, \"cognito\", \u0026apigateway.AuthorizerArgs{\n\t\t\tName: pulumi.String(\"cognito\"),\n\t\t\tType: pulumi.String(\"COGNITO_USER_POOLS\"),\n\t\t\tRestApi: pulumi.String(selected.Id),\n\t\t\tProviderArns: interface{}(selectedGetUserPools.Arns),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.ApigatewayFunctions;\nimport com.pulumi.aws.apigateway.inputs.GetRestApiArgs;\nimport com.pulumi.aws.cognito.CognitoFunctions;\nimport com.pulumi.aws.cognito.inputs.GetUserPoolsArgs;\nimport com.pulumi.aws.apigateway.Authorizer;\nimport com.pulumi.aws.apigateway.AuthorizerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = ApigatewayFunctions.getRestApi(GetRestApiArgs.builder()\n .name(apiGatewayName)\n .build());\n\n final var selectedGetUserPools = CognitoFunctions.getUserPools(GetUserPoolsArgs.builder()\n .name(cognitoUserPoolName)\n .build());\n\n var cognito = new Authorizer(\"cognito\", AuthorizerArgs.builder()\n .name(\"cognito\")\n .type(\"COGNITO_USER_POOLS\")\n .restApi(selected.applyValue(getRestApiResult -\u003e getRestApiResult.id()))\n .providerArns(selectedGetUserPools.applyValue(getUserPoolsResult -\u003e getUserPoolsResult.arns()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cognito:\n type: aws:apigateway:Authorizer\n properties:\n name: cognito\n type: COGNITO_USER_POOLS\n restApi: ${selected.id}\n providerArns: ${selectedGetUserPools.arns}\nvariables:\n selected:\n fn::invoke:\n Function: aws:apigateway:getRestApi\n Arguments:\n name: ${apiGatewayName}\n selectedGetUserPools:\n fn::invoke:\n Function: aws:cognito:getUserPools\n Arguments:\n name: ${cognitoUserPoolName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserPools.\n", "properties": { "name": { "type": "string", "description": "Name of the cognito user pools. Name is not a unique attribute for cognito user pool, so multiple pools might be returned with given name. If the pool name is expected to be unique, you can reference the pool id via ```tolist(data.aws_cognito_user_pools.selected.ids)[0]```\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getUserPools.\n", "properties": { "arns": { "description": "Set of cognito user pool Amazon Resource Names (ARNs).\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of cognito user pool ids.\n", "items": { "type": "string" }, "type": "array" }, "name": { "type": "string" } }, "required": [ "arns", "ids", "name", "id" ], "type": "object" } }, "aws:connect/getBotAssociation:getBotAssociation": { "description": "Provides details about a specific Lex (V1) Bot associated with an Amazon Connect instance.\n\n## Example Usage\n\n### By name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getBotAssociation({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n lexBot: {\n name: \"Test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_bot_association(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n lex_bot={\n \"name\": \"Test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetBotAssociation.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n LexBot = new Aws.Connect.Inputs.GetBotAssociationLexBotInputArgs\n {\n Name = \"Test\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupBotAssociation(ctx, \u0026connect.LookupBotAssociationArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tLexBot: connect.GetBotAssociationLexBot{\n\t\t\t\tName: \"Test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetBotAssociationArgs;\nimport com.pulumi.aws.connect.inputs.GetBotAssociationLexBotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getBotAssociation(GetBotAssociationArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .lexBot(GetBotAssociationLexBotArgs.builder()\n .name(\"Test\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getBotAssociation\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n lexBot:\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBotAssociation.\n", "properties": { "instanceId": { "type": "string", "description": "Identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n" }, "lexBot": { "$ref": "#/types/aws:connect/getBotAssociationLexBot:getBotAssociationLexBot", "description": "Configuration information of an Amazon Lex (V1) bot. Detailed below.\n" } }, "type": "object", "required": [ "instanceId", "lexBot" ] }, "outputs": { "description": "A collection of values returned by getBotAssociation.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "lexBot": { "$ref": "#/types/aws:connect/getBotAssociationLexBot:getBotAssociationLexBot" } }, "required": [ "instanceId", "lexBot", "id" ], "type": "object" } }, "aws:connect/getContactFlow:getContactFlow": { "description": "Provides details about a specific Amazon Connect Contact Flow.\n\n## Example Usage\n\nBy name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.connect.getContactFlow({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.get_contact_flow(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Connect.GetContactFlow.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupContactFlow(ctx, \u0026connect.LookupContactFlowArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Test\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetContactFlowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ConnectFunctions.getContactFlow(GetContactFlowArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:connect:getContactFlow\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy contact_flow_id\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.connect.getContactFlow({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n contactFlowId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.get_contact_flow(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n contact_flow_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Connect.GetContactFlow.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n ContactFlowId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupContactFlow(ctx, \u0026connect.LookupContactFlowArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tContactFlowId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetContactFlowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ConnectFunctions.getContactFlow(GetContactFlowArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .contactFlowId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:connect:getContactFlow\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n contactFlowId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContactFlow.\n", "properties": { "contactFlowId": { "type": "string", "description": "Returns information on a specific Contact Flow by contact flow id\n" }, "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Contact Flow by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags to assign to the Contact Flow.\n" }, "type": { "type": "string", "description": "Type of Contact Flow.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getContactFlow.\n", "properties": { "arn": { "description": "ARN of the Contact Flow.\n", "type": "string" }, "contactFlowId": { "type": "string" }, "content": { "description": "Logic of the Contact Flow.\n", "type": "string" }, "description": { "description": "Description of the Contact Flow.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags to assign to the Contact Flow.\n", "type": "object" }, "type": { "description": "Type of Contact Flow.\n", "type": "string" } }, "required": [ "arn", "contactFlowId", "content", "description", "instanceId", "name", "tags", "id" ], "type": "object" } }, "aws:connect/getContactFlowModule:getContactFlowModule": { "description": "Provides details about a specific Amazon Connect Contact Flow Module.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getContactFlowModule({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_contact_flow_module(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetContactFlowModule.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupContactFlowModule(ctx, \u0026connect.LookupContactFlowModuleArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetContactFlowModuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getContactFlowModule(GetContactFlowModuleArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getContactFlowModule\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `contact_flow_module_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getContactFlowModule({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n contactFlowModuleId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_contact_flow_module(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n contact_flow_module_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetContactFlowModule.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n ContactFlowModuleId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupContactFlowModule(ctx, \u0026connect.LookupContactFlowModuleArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tContactFlowModuleId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetContactFlowModuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getContactFlowModule(GetContactFlowModuleArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .contactFlowModuleId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getContactFlowModule\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n contactFlowModuleId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContactFlowModule.\n", "properties": { "contactFlowModuleId": { "type": "string", "description": "Returns information on a specific Contact Flow Module by contact flow module id\n" }, "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Contact Flow Module by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Contact Flow Module.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getContactFlowModule.\n", "properties": { "arn": { "description": "ARN of the Contact Flow Module.\n", "type": "string" }, "contactFlowModuleId": { "type": "string" }, "content": { "description": "Logic of the Contact Flow Module.\n", "type": "string" }, "description": { "description": "Description of the Contact Flow Module.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "name": { "type": "string" }, "state": { "description": "Type of Contact Flow Module Module. Values are either `ACTIVE` or `ARCHIVED`.\n", "type": "string" }, "status": { "description": "Status of the Contact Flow Module Module. Values are either `PUBLISHED` or `SAVED`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Contact Flow Module.\n", "type": "object" } }, "required": [ "arn", "contactFlowModuleId", "content", "description", "instanceId", "name", "state", "status", "tags", "id" ], "type": "object" } }, "aws:connect/getHoursOfOperation:getHoursOfOperation": { "description": "Provides details about a specific Amazon Connect Hours of Operation.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.connect.getHoursOfOperation({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.get_hours_of_operation(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Connect.GetHoursOfOperation.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupHoursOfOperation(ctx, \u0026connect.LookupHoursOfOperationArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Test\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetHoursOfOperationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ConnectFunctions.getHoursOfOperation(GetHoursOfOperationArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:connect:getHoursOfOperation\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `hours_of_operation_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.connect.getHoursOfOperation({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hoursOfOperationId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.get_hours_of_operation(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hours_of_operation_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Connect.GetHoursOfOperation.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n HoursOfOperationId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupHoursOfOperation(ctx, \u0026connect.LookupHoursOfOperationArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tHoursOfOperationId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetHoursOfOperationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ConnectFunctions.getHoursOfOperation(GetHoursOfOperationArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .hoursOfOperationId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:connect:getHoursOfOperation\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n hoursOfOperationId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHoursOfOperation.\n", "properties": { "hoursOfOperationId": { "type": "string", "description": "Returns information on a specific Hours of Operation by hours of operation id\n" }, "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Hours of Operation by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Hours of Operation.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getHoursOfOperation.\n", "properties": { "arn": { "description": "ARN of the Hours of Operation.\n", "type": "string" }, "configs": { "description": "Configuration information for the hours of operation: day, start time, and end time . Config blocks are documented below. Config blocks are documented below.\n", "items": { "$ref": "#/types/aws:connect/getHoursOfOperationConfig:getHoursOfOperationConfig" }, "type": "array" }, "description": { "description": "Description of the Hours of Operation.\n", "type": "string" }, "hoursOfOperationId": { "description": "The identifier for the hours of operation.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "description": "Identifier of the hosting Amazon Connect Instance.\n", "type": "string" }, "name": { "description": "Name of the Hours of Operation.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Hours of Operation.\n", "type": "object" }, "timeZone": { "description": "Time zone of the Hours of Operation.\n", "type": "string" } }, "required": [ "arn", "configs", "description", "hoursOfOperationId", "instanceId", "name", "tags", "timeZone", "id" ], "type": "object" } }, "aws:connect/getInstance:getInstance": { "description": "Provides details about a specific Amazon Connect Instance.\n\n## Example Usage\n\nBy instance_alias\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.connect.getInstance({\n instanceAlias: \"foo\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.connect.get_instance(instance_alias=\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Connect.GetInstance.Invoke(new()\n {\n InstanceAlias = \"foo\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupInstance(ctx, \u0026connect.LookupInstanceArgs{\n\t\t\tInstanceAlias: pulumi.StringRef(\"foo\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = ConnectFunctions.getInstance(GetInstanceArgs.builder()\n .instanceAlias(\"foo\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:connect:getInstance\n Arguments:\n instanceAlias: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy instance_id\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.connect.getInstance({\n instanceId: \"97afc98d-101a-ba98-ab97-ae114fc115ec\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.connect.get_instance(instance_id=\"97afc98d-101a-ba98-ab97-ae114fc115ec\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Connect.GetInstance.Invoke(new()\n {\n InstanceId = \"97afc98d-101a-ba98-ab97-ae114fc115ec\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupInstance(ctx, \u0026connect.LookupInstanceArgs{\n\t\t\tInstanceId: pulumi.StringRef(\"97afc98d-101a-ba98-ab97-ae114fc115ec\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = ConnectFunctions.getInstance(GetInstanceArgs.builder()\n .instanceId(\"97afc98d-101a-ba98-ab97-ae114fc115ec\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:connect:getInstance\n Arguments:\n instanceId: 97afc98d-101a-ba98-ab97-ae114fc115ec\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstance.\n", "properties": { "instanceAlias": { "type": "string", "description": "Returns information on a specific connect instance by alias\n" }, "instanceId": { "type": "string", "description": "Returns information on a specific connect instance by id\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstance.\n", "properties": { "arn": { "description": "ARN of the instance.\n", "type": "string" }, "autoResolveBestVoicesEnabled": { "type": "boolean" }, "contactFlowLogsEnabled": { "description": "Whether contact flow logs are enabled.\n", "type": "boolean" }, "contactLensEnabled": { "description": "Whether contact lens is enabled.\n", "type": "boolean" }, "createdTime": { "description": "When the instance was created.\n", "type": "string" }, "earlyMediaEnabled": { "description": "Whether early media for outbound calls is enabled .\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityManagementType": { "description": "Specifies The identity management type attached to the instance.\n", "type": "string" }, "inboundCallsEnabled": { "description": "Whether inbound calls are enabled.\n", "type": "boolean" }, "instanceAlias": { "type": "string" }, "instanceId": { "type": "string" }, "multiPartyConferenceEnabled": { "description": "Whether multi-party calls/conference is enabled.\n", "type": "boolean" }, "outboundCallsEnabled": { "description": "Whether outbound calls are enabled.\n", "type": "boolean" }, "serviceRole": { "description": "Service role of the instance.\n", "type": "string" }, "status": { "description": "State of the instance.\n", "type": "string" } }, "required": [ "arn", "autoResolveBestVoicesEnabled", "contactFlowLogsEnabled", "contactLensEnabled", "createdTime", "earlyMediaEnabled", "identityManagementType", "inboundCallsEnabled", "instanceAlias", "instanceId", "multiPartyConferenceEnabled", "outboundCallsEnabled", "serviceRole", "status", "id" ], "type": "object" } }, "aws:connect/getInstanceStorageConfig:getInstanceStorageConfig": { "description": "Provides details about a specific Amazon Connect Instance Storage Config.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getInstanceStorageConfig({\n associationId: \"1234567890123456789012345678901234567890123456789012345678901234\",\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n resourceType: \"CONTACT_TRACE_RECORDS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_instance_storage_config(association_id=\"1234567890123456789012345678901234567890123456789012345678901234\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n resource_type=\"CONTACT_TRACE_RECORDS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetInstanceStorageConfig.Invoke(new()\n {\n AssociationId = \"1234567890123456789012345678901234567890123456789012345678901234\",\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n ResourceType = \"CONTACT_TRACE_RECORDS\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupInstanceStorageConfig(ctx, \u0026connect.LookupInstanceStorageConfigArgs{\n\t\t\tAssociationId: \"1234567890123456789012345678901234567890123456789012345678901234\",\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tResourceType: \"CONTACT_TRACE_RECORDS\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetInstanceStorageConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getInstanceStorageConfig(GetInstanceStorageConfigArgs.builder()\n .associationId(\"1234567890123456789012345678901234567890123456789012345678901234\")\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .resourceType(\"CONTACT_TRACE_RECORDS\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getInstanceStorageConfig\n Arguments:\n associationId: 1234567890123456789012345678901234567890123456789012345678901234\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n resourceType: CONTACT_TRACE_RECORDS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceStorageConfig.\n", "properties": { "associationId": { "type": "string", "description": "The existing association identifier that uniquely identifies the resource type and storage config for the given instance ID.\n" }, "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "resourceType": { "type": "string", "description": "A valid resource type. Valid Values: `AGENT_EVENTS` | `ATTACHMENTS` | `CALL_RECORDINGS` | `CHAT_TRANSCRIPTS` | `CONTACT_EVALUATIONS` | `CONTACT_TRACE_RECORDS` | `MEDIA_STREAMS` | `REAL_TIME_CONTACT_ANALYSIS_SEGMENTS` | `SCHEDULED_REPORTS` | `SCREEN_RECORDINGS`.\n" } }, "type": "object", "required": [ "associationId", "instanceId", "resourceType" ] }, "outputs": { "description": "A collection of values returned by getInstanceStorageConfig.\n", "properties": { "associationId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "resourceType": { "type": "string" }, "storageConfigs": { "description": "Specifies the storage configuration options for the Connect Instance. Documented below.\n", "items": { "$ref": "#/types/aws:connect/getInstanceStorageConfigStorageConfig:getInstanceStorageConfigStorageConfig" }, "type": "array" } }, "required": [ "associationId", "instanceId", "resourceType", "storageConfigs", "id" ], "type": "object" } }, "aws:connect/getLambdaFunctionAssociation:getLambdaFunctionAssociation": { "description": "Provides details about a specific Connect Lambda Function Association.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getLambdaFunctionAssociation({\n functionArn: \"arn:aws:lambda:us-west-2:123456789123:function:abcdefg\",\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_lambda_function_association(function_arn=\"arn:aws:lambda:us-west-2:123456789123:function:abcdefg\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetLambdaFunctionAssociation.Invoke(new()\n {\n FunctionArn = \"arn:aws:lambda:us-west-2:123456789123:function:abcdefg\",\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupLambdaFunctionAssociation(ctx, \u0026connect.LookupLambdaFunctionAssociationArgs{\n\t\t\tFunctionArn: \"arn:aws:lambda:us-west-2:123456789123:function:abcdefg\",\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetLambdaFunctionAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getLambdaFunctionAssociation(GetLambdaFunctionAssociationArgs.builder()\n .functionArn(\"arn:aws:lambda:us-west-2:123456789123:function:abcdefg\")\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getLambdaFunctionAssociation\n Arguments:\n functionArn: arn:aws:lambda:us-west-2:123456789123:function:abcdefg\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLambdaFunctionAssociation.\n", "properties": { "functionArn": { "type": "string", "description": "ARN of the Lambda Function, omitting any version or alias qualifier.\n" }, "instanceId": { "type": "string", "description": "Identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.\n" } }, "type": "object", "required": [ "functionArn", "instanceId" ] }, "outputs": { "description": "A collection of values returned by getLambdaFunctionAssociation.\n", "properties": { "functionArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" } }, "required": [ "functionArn", "instanceId", "id" ], "type": "object" } }, "aws:connect/getPrompt:getPrompt": { "description": "Provides details about a specific Amazon Connect Prompt.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getPrompt({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Beep.wav\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_prompt(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Beep.wav\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetPrompt.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Beep.wav\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.GetPrompt(ctx, \u0026connect.GetPromptArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: \"Beep.wav\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetPromptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getPrompt(GetPromptArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Beep.wav\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getPrompt\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Beep.wav\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPrompt.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Prompt by name\n" } }, "type": "object", "required": [ "instanceId", "name" ] }, "outputs": { "description": "A collection of values returned by getPrompt.\n", "properties": { "arn": { "description": "ARN of the Prompt.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "name": { "type": "string" }, "promptId": { "description": "Identifier for the prompt.\n", "type": "string" } }, "required": [ "arn", "instanceId", "name", "promptId", "id" ], "type": "object" } }, "aws:connect/getQueue:getQueue": { "description": "Provides details about a specific Amazon Connect Queue.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getQueue({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_queue(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetQueue.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupQueue(ctx, \u0026connect.LookupQueueArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getQueue(GetQueueArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getQueue\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `queue_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getQueue({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n queueId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_queue(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n queue_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetQueue.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n QueueId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupQueue(ctx, \u0026connect.LookupQueueArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tQueueId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getQueue(GetQueueArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .queueId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getQueue\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n queueId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQueue.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Queue by name\n" }, "queueId": { "type": "string", "description": "Returns information on a specific Queue by Queue id\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Queue.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getQueue.\n", "properties": { "arn": { "description": "ARN of the Queue.\n", "type": "string" }, "description": { "description": "Description of the Queue.\n", "type": "string" }, "hoursOfOperationId": { "description": "Specifies the identifier of the Hours of Operation.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "maxContacts": { "description": "Maximum number of contacts that can be in the queue before it is considered full. Minimum value of 0.\n", "type": "integer" }, "name": { "type": "string" }, "outboundCallerConfigs": { "description": "A block that defines the outbound caller ID name, number, and outbound whisper flow. The Outbound Caller Config block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getQueueOutboundCallerConfig:getQueueOutboundCallerConfig" }, "type": "array" }, "queueId": { "description": "Identifier for the Queue.\n", "type": "string" }, "status": { "description": "Description of the Queue. Values are `ENABLED` or `DISABLED`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Queue.\n", "type": "object" } }, "required": [ "arn", "description", "hoursOfOperationId", "instanceId", "maxContacts", "name", "outboundCallerConfigs", "queueId", "status", "tags", "id" ], "type": "object" } }, "aws:connect/getQuickConnect:getQuickConnect": { "description": "Provides details about a specific Amazon Connect Quick Connect.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getQuickConnect({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_quick_connect(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetQuickConnect.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupQuickConnect(ctx, \u0026connect.LookupQuickConnectArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetQuickConnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getQuickConnect(GetQuickConnectArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getQuickConnect\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `quick_connect_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getQuickConnect({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n quickConnectId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_quick_connect(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n quick_connect_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetQuickConnect.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n QuickConnectId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupQuickConnect(ctx, \u0026connect.LookupQuickConnectArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tQuickConnectId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetQuickConnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getQuickConnect(GetQuickConnectArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .quickConnectId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getQuickConnect\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n quickConnectId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQuickConnect.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Quick Connect by name\n" }, "quickConnectId": { "type": "string", "description": "Returns information on a specific Quick Connect by Quick Connect id\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Quick Connect.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getQuickConnect.\n", "properties": { "arn": { "description": "ARN of the Quick Connect.\n", "type": "string" }, "description": { "description": "Description of the Quick Connect.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "name": { "type": "string" }, "quickConnectConfigs": { "description": "A block that defines the configuration information for the Quick Connect: `quick_connect_type` and one of `phone_config`, `queue_config`, `user_config` . The Quick Connect Config block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getQuickConnectQuickConnectConfig:getQuickConnectQuickConnectConfig" }, "type": "array" }, "quickConnectId": { "description": "Identifier for the Quick Connect.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Quick Connect.\n", "type": "object" } }, "required": [ "arn", "description", "instanceId", "name", "quickConnectConfigs", "quickConnectId", "tags", "id" ], "type": "object" } }, "aws:connect/getRoutingProfile:getRoutingProfile": { "description": "Provides details about a specific Amazon Connect Routing Profile.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getRoutingProfile({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_routing_profile(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetRoutingProfile.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupRoutingProfile(ctx, \u0026connect.LookupRoutingProfileArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetRoutingProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getRoutingProfile(GetRoutingProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getRoutingProfile\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `routing_profile_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getRoutingProfile({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n routingProfileId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_routing_profile(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n routing_profile_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetRoutingProfile.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n RoutingProfileId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupRoutingProfile(ctx, \u0026connect.LookupRoutingProfileArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tRoutingProfileId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetRoutingProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getRoutingProfile(GetRoutingProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .routingProfileId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getRoutingProfile\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n routingProfileId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRoutingProfile.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Routing Profile by name\n" }, "routingProfileId": { "type": "string", "description": "Returns information on a specific Routing Profile by Routing Profile id\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Routing Profile.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getRoutingProfile.\n", "properties": { "arn": { "description": "ARN of the Routing Profile.\n", "type": "string" }, "defaultOutboundQueueId": { "description": "Specifies the default outbound queue for the Routing Profile.\n", "type": "string" }, "description": { "description": "Description of the Routing Profile.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "mediaConcurrencies": { "description": "One or more `media_concurrencies` blocks that specify the channels that agents can handle in the Contact Control Panel (CCP) for this Routing Profile. The `media_concurrencies` block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getRoutingProfileMediaConcurrency:getRoutingProfileMediaConcurrency" }, "type": "array" }, "name": { "type": "string" }, "queueConfigs": { "description": "One or more `queue_configs` blocks that specify the inbound queues associated with the routing profile. If no queue is added, the agent only can make outbound calls. The `queue_configs` block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getRoutingProfileQueueConfig:getRoutingProfileQueueConfig" }, "type": "array" }, "routingProfileId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Routing Profile.\n", "type": "object" } }, "required": [ "arn", "defaultOutboundQueueId", "description", "instanceId", "mediaConcurrencies", "name", "queueConfigs", "routingProfileId", "tags", "id" ], "type": "object" } }, "aws:connect/getSecurityProfile:getSecurityProfile": { "description": "Provides details about a specific Amazon Connect Security Profile.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getSecurityProfile({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_security_profile(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetSecurityProfile.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupSecurityProfile(ctx, \u0026connect.LookupSecurityProfileArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetSecurityProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getSecurityProfile(GetSecurityProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getSecurityProfile\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `security_profile_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getSecurityProfile({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n securityProfileId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_security_profile(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n security_profile_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetSecurityProfile.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n SecurityProfileId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupSecurityProfile(ctx, \u0026connect.LookupSecurityProfileArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tSecurityProfileId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetSecurityProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getSecurityProfile(GetSecurityProfileArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .securityProfileId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getSecurityProfile\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n securityProfileId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecurityProfile.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Security Profile by name\n" }, "securityProfileId": { "type": "string", "description": "Returns information on a specific Security Profile by Security Profile id\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Security Profile.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getSecurityProfile.\n", "properties": { "arn": { "description": "ARN of the Security Profile.\n", "type": "string" }, "description": { "description": "Description of the Security Profile.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "name": { "type": "string" }, "organizationResourceId": { "description": "The organization resource identifier for the security profile.\n", "type": "string" }, "permissions": { "description": "List of permissions assigned to the security profile.\n", "items": { "type": "string" }, "type": "array" }, "securityProfileId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the Security Profile.\n", "type": "object" } }, "required": [ "arn", "description", "instanceId", "name", "organizationResourceId", "permissions", "securityProfileId", "tags", "id" ], "type": "object" } }, "aws:connect/getUser:getUser": { "description": "Provides details about a specific Amazon Connect User.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getUser({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_user(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetUser.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupUser(ctx, \u0026connect.LookupUserArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getUser(GetUserArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getUser\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `user_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getUser({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n userId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_user(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n user_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetUser.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n UserId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupUser(ctx, \u0026connect.LookupUserArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tUserId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getUser(GetUserArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .userId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getUser\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n userId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific User by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the User.\n" }, "userId": { "type": "string", "description": "Returns information on a specific User by User id\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "arn": { "description": "The Amazon Resource Name (ARN) of the User.\n", "type": "string" }, "directoryUserId": { "description": "The identifier of the user account in the directory used for identity management.\n", "type": "string" }, "hierarchyGroupId": { "description": "The identifier of the hierarchy group for the user.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityInfos": { "description": "A block that contains information about the identity of the user. Documented below.\n", "items": { "$ref": "#/types/aws:connect/getUserIdentityInfo:getUserIdentityInfo" }, "type": "array" }, "instanceId": { "description": "Specifies the identifier of the hosting Amazon Connect Instance.\n", "type": "string" }, "name": { "type": "string" }, "phoneConfigs": { "description": "A block that contains information about the phone settings for the user. Documented below.\n", "items": { "$ref": "#/types/aws:connect/getUserPhoneConfig:getUserPhoneConfig" }, "type": "array" }, "routingProfileId": { "description": "The identifier of the routing profile for the user.\n", "type": "string" }, "securityProfileIds": { "description": "A list of identifiers for the security profiles for the user.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the User.\n", "type": "object" }, "userId": { "type": "string" } }, "required": [ "arn", "directoryUserId", "hierarchyGroupId", "identityInfos", "instanceId", "name", "phoneConfigs", "routingProfileId", "securityProfileIds", "tags", "userId", "id" ], "type": "object" } }, "aws:connect/getUserHierarchyGroup:getUserHierarchyGroup": { "description": "Provides details about a specific Amazon Connect User Hierarchy Group.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getUserHierarchyGroup({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_user_hierarchy_group(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetUserHierarchyGroup.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupUserHierarchyGroup(ctx, \u0026connect.LookupUserHierarchyGroupArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetUserHierarchyGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getUserHierarchyGroup(GetUserHierarchyGroupArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getUserHierarchyGroup\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `hierarchy_group_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getUserHierarchyGroup({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchyGroupId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_user_hierarchy_group(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n hierarchy_group_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetUserHierarchyGroup.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n HierarchyGroupId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupUserHierarchyGroup(ctx, \u0026connect.LookupUserHierarchyGroupArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tHierarchyGroupId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetUserHierarchyGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getUserHierarchyGroup(GetUserHierarchyGroupArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .hierarchyGroupId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getUserHierarchyGroup\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n hierarchyGroupId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserHierarchyGroup.\n", "properties": { "hierarchyGroupId": { "type": "string", "description": "Returns information on a specific hierarchy group by hierarchy group id\n" }, "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific hierarchy group by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the hierarchy group.\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getUserHierarchyGroup.\n", "properties": { "arn": { "description": "ARN of the hierarchy group.\n", "type": "string" }, "hierarchyGroupId": { "type": "string" }, "hierarchyPaths": { "description": "Block that contains information about the levels in the hierarchy group. The `hierarchy_path` block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getUserHierarchyGroupHierarchyPath:getUserHierarchyGroupHierarchyPath" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "levelId": { "description": "Identifier of the level in the hierarchy group.\n", "type": "string" }, "name": { "description": "Name of the hierarchy group.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the hierarchy group.\n", "type": "object" } }, "required": [ "arn", "hierarchyGroupId", "hierarchyPaths", "instanceId", "levelId", "name", "tags", "id" ], "type": "object" } }, "aws:connect/getUserHierarchyStructure:getUserHierarchyStructure": { "description": "Provides details about a specific Amazon Connect User Hierarchy Structure\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.connect.getUserHierarchyStructure({\n instanceId: testAwsConnectInstance.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.connect.get_user_hierarchy_structure(instance_id=test_aws_connect_instance[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Connect.GetUserHierarchyStructure.Invoke(new()\n {\n InstanceId = testAwsConnectInstance.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupUserHierarchyStructure(ctx, \u0026connect.LookupUserHierarchyStructureArgs{\n\t\t\tInstanceId: testAwsConnectInstance.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetUserHierarchyStructureArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ConnectFunctions.getUserHierarchyStructure(GetUserHierarchyStructureArgs.builder()\n .instanceId(testAwsConnectInstance.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:connect:getUserHierarchyStructure\n Arguments:\n instanceId: ${testAwsConnectInstance.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserHierarchyStructure.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getUserHierarchyStructure.\n", "properties": { "hierarchyStructures": { "description": "Block that defines the hierarchy structure's levels. The `hierarchy_structure` block is documented below.\n", "items": { "$ref": "#/types/aws:connect/getUserHierarchyStructureHierarchyStructure:getUserHierarchyStructureHierarchyStructure" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" } }, "required": [ "hierarchyStructures", "instanceId", "id" ], "type": "object" } }, "aws:connect/getVocabulary:getVocabulary": { "description": "Provides details about a specific Amazon Connect Vocabulary.\n\n## Example Usage\n\nBy `name`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getVocabulary({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_vocabulary(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetVocabulary.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupVocabulary(ctx, \u0026connect.LookupVocabularyArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetVocabularyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getVocabulary(GetVocabularyArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getVocabulary\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBy `vocabulary_id`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.connect.getVocabulary({\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n vocabularyId: \"cccccccc-bbbb-cccc-dddd-111111111111\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.connect.get_vocabulary(instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n vocabulary_id=\"cccccccc-bbbb-cccc-dddd-111111111111\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Connect.GetVocabulary.Invoke(new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n VocabularyId = \"cccccccc-bbbb-cccc-dddd-111111111111\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := connect.LookupVocabulary(ctx, \u0026connect.LookupVocabularyArgs{\n\t\t\tInstanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n\t\t\tVocabularyId: pulumi.StringRef(\"cccccccc-bbbb-cccc-dddd-111111111111\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ConnectFunctions;\nimport com.pulumi.aws.connect.inputs.GetVocabularyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ConnectFunctions.getVocabulary(GetVocabularyArgs.builder()\n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .vocabularyId(\"cccccccc-bbbb-cccc-dddd-111111111111\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:connect:getVocabulary\n Arguments:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n vocabularyId: cccccccc-bbbb-cccc-dddd-111111111111\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVocabulary.\n", "properties": { "instanceId": { "type": "string", "description": "Reference to the hosting Amazon Connect Instance\n" }, "name": { "type": "string", "description": "Returns information on a specific Vocabulary by name\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Vocabulary.\n" }, "vocabularyId": { "type": "string", "description": "Returns information on a specific Vocabulary by Vocabulary id\n" } }, "type": "object", "required": [ "instanceId" ] }, "outputs": { "description": "A collection of values returned by getVocabulary.\n", "properties": { "arn": { "description": "The Amazon Resource Name (ARN) of the Vocabulary.\n", "type": "string" }, "content": { "description": "The content of the custom vocabulary in plain-text format with a table of values. Each row in the table represents a word or a phrase, described with Phrase, IPA, SoundsLike, and DisplayAs fields. Separate the fields with TAB characters. For more information, see [Create a custom vocabulary using a table](https://docs.aws.amazon.com/transcribe/latest/dg/custom-vocabulary.html#create-vocabulary-table).\n", "type": "string" }, "failureReason": { "description": "The reason why the custom vocabulary was not created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "languageCode": { "description": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see [What is Amazon Transcribe?](https://docs.aws.amazon.com/transcribe/latest/dg/transcribe-whatis.html). Valid Values are `ar-AE`, `de-CH`, `de-DE`, `en-AB`, `en-AU`, `en-GB`, `en-IE`, `en-IN`, `en-US`, `en-WL`, `es-ES`, `es-US`, `fr-CA`, `fr-FR`, `hi-IN`, `it-IT`, `ja-JP`, `ko-KR`, `pt-BR`, `pt-PT`, `zh-CN`.\n", "type": "string" }, "lastModifiedTime": { "description": "The timestamp when the custom vocabulary was last modified.\n", "type": "string" }, "name": { "type": "string" }, "state": { "description": "The current state of the custom vocabulary. Valid values are `CREATION_IN_PROGRESS`, `ACTIVE`, `CREATION_FAILED`, `DELETE_IN_PROGRESS`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the Vocabulary.\n", "type": "object" }, "vocabularyId": { "description": "The identifier of the custom vocabulary.\n", "type": "string" } }, "required": [ "arn", "content", "failureReason", "instanceId", "languageCode", "lastModifiedTime", "name", "state", "tags", "vocabularyId", "id" ], "type": "object" } }, "aws:controltower/getControls:getControls": { "description": "List of Control Tower controls applied to an OU.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst this = aws.organizations.getOrganization({});\nconst thisGetOrganizationalUnits = _this.then(_this =\u003e aws.organizations.getOrganizationalUnits({\n parentId: _this.roots?.[0]?.id,\n}));\nconst thisGetControls = thisGetOrganizationalUnits.then(thisGetOrganizationalUnits =\u003e aws.controltower.getControls({\n targetIdentifier: .filter(x =\u003e x.name == \"Security\").map(x =\u003e (x.arn))[0],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nthis = aws.organizations.get_organization()\nthis_get_organizational_units = aws.organizations.get_organizational_units(parent_id=this.roots[0].id)\nthis_get_controls = aws.controltower.get_controls(target_identifier=[x.arn for x in this_get_organizational_units.children if x.name == \"Security\"][0])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = Aws.Organizations.GetOrganization.Invoke();\n\n var thisGetOrganizationalUnits = Aws.Organizations.GetOrganizationalUnits.Invoke(new()\n {\n ParentId = @this.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n });\n\n var thisGetControls = Aws.ControlTower.GetControls.Invoke(new()\n {\n TargetIdentifier = [0],\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getControls.\n", "properties": { "targetIdentifier": { "type": "string", "description": "The ARN of the organizational unit.\n" } }, "type": "object", "required": [ "targetIdentifier" ] }, "outputs": { "description": "A collection of values returned by getControls.\n", "properties": { "enabledControls": { "description": "List of all the ARNs for the controls applied to the `target_identifier`.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "targetIdentifier": { "type": "string" } }, "required": [ "enabledControls", "targetIdentifier", "id" ], "type": "object" } }, "aws:costexplorer/getCostCategory:getCostCategory": { "description": "Provides details about a specific CostExplorer Cost Category.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.costexplorer.getCostCategory({\n costCategoryArn: \"costCategoryARN\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.costexplorer.get_cost_category(cost_category_arn=\"costCategoryARN\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.CostExplorer.GetCostCategory.Invoke(new()\n {\n CostCategoryArn = \"costCategoryARN\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.LookupCostCategory(ctx, \u0026costexplorer.LookupCostCategoryArgs{\n\t\t\tCostCategoryArn: \"costCategoryARN\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.CostexplorerFunctions;\nimport com.pulumi.aws.costexplorer.inputs.GetCostCategoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = CostexplorerFunctions.getCostCategory(GetCostCategoryArgs.builder()\n .costCategoryArn(\"costCategoryARN\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:costexplorer:getCostCategory\n Arguments:\n costCategoryArn: costCategoryARN\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCostCategory.\n", "properties": { "costCategoryArn": { "type": "string", "description": "Unique name for the Cost Category.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n" } }, "type": "object", "required": [ "costCategoryArn" ] }, "outputs": { "description": "A collection of values returned by getCostCategory.\n", "properties": { "costCategoryArn": { "type": "string" }, "defaultValue": { "description": "Default value for the cost category.\n", "type": "string" }, "effectiveEnd": { "description": "Effective end data of your Cost Category.\n", "type": "string" }, "effectiveStart": { "description": "Effective state data of your Cost Category.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "ruleVersion": { "description": "Rule schema version in this particular Cost Category.\n", "type": "string" }, "rules": { "description": "Configuration block for the `Expression` object used to categorize costs. See below.\n", "items": { "$ref": "#/types/aws:costexplorer/getCostCategoryRule:getCostCategoryRule" }, "type": "array" }, "splitChargeRules": { "description": "Configuration block for the split charge rules used to allocate your charges between your Cost Category values. See below.\n", "items": { "$ref": "#/types/aws:costexplorer/getCostCategorySplitChargeRule:getCostCategorySplitChargeRule" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Configuration block for the specific `Tag` to use for `Expression`. See below.\n", "type": "object" } }, "required": [ "costCategoryArn", "defaultValue", "effectiveEnd", "effectiveStart", "name", "rules", "ruleVersion", "splitChargeRules", "tags", "id" ], "type": "object" } }, "aws:costexplorer/getTags:getTags": { "description": "Provides the available cost allocation tag keys and tag values for a specified period.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.costexplorer.getTags({\n timePeriod: {\n start: \"2021-01-01\",\n end: \"2022-12-01\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.get_tags(time_period={\n \"start\": \"2021-01-01\",\n \"end\": \"2022-12-01\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.CostExplorer.GetTags.Invoke(new()\n {\n TimePeriod = new Aws.CostExplorer.Inputs.GetTagsTimePeriodInputArgs\n {\n Start = \"2021-01-01\",\n End = \"2022-12-01\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.GetTags(ctx, \u0026costexplorer.GetTagsArgs{\n\t\t\tTimePeriod: costexplorer.GetTagsTimePeriod{\n\t\t\t\tStart: \"2021-01-01\",\n\t\t\t\tEnd: \"2022-12-01\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.CostexplorerFunctions;\nimport com.pulumi.aws.costexplorer.inputs.GetTagsArgs;\nimport com.pulumi.aws.costexplorer.inputs.GetTagsTimePeriodArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = CostexplorerFunctions.getTags(GetTagsArgs.builder()\n .timePeriod(GetTagsTimePeriodArgs.builder()\n .start(\"2021-01-01\")\n .end(\"2022-12-01\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:costexplorer:getTags\n Arguments:\n timePeriod:\n start: 2021-01-01\n end: 2022-12-01\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTags.\n", "properties": { "filter": { "$ref": "#/types/aws:costexplorer/getTagsFilter:getTagsFilter", "description": "Configuration block for the `Expression` object used to categorize costs. See `filter` block below for details.\n" }, "searchString": { "type": "string", "description": "Value that you want to search for.\n" }, "sortBies": { "type": "array", "items": { "$ref": "#/types/aws:costexplorer/getTagsSortBy:getTagsSortBy" }, "description": "Configuration block for the value by which you want to sort the data. `sort_by` block below for details.\n" }, "tagKey": { "type": "string", "description": "Key of the tag that you want to return values for.\n" }, "timePeriod": { "$ref": "#/types/aws:costexplorer/getTagsTimePeriod:getTagsTimePeriod", "description": "Configuration block for the start and end dates for retrieving the dimension values. See `time_period` block below for details.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "timePeriod" ] }, "outputs": { "description": "A collection of values returned by getTags.\n", "properties": { "filter": { "$ref": "#/types/aws:costexplorer/getTagsFilter:getTagsFilter" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "searchString": { "type": "string" }, "sortBies": { "items": { "$ref": "#/types/aws:costexplorer/getTagsSortBy:getTagsSortBy" }, "type": "array" }, "tagKey": { "type": "string" }, "tags": { "description": "Tags that match your request.\n", "items": { "type": "string" }, "type": "array" }, "timePeriod": { "$ref": "#/types/aws:costexplorer/getTagsTimePeriod:getTagsTimePeriod" } }, "required": [ "tags", "timePeriod", "id" ], "type": "object" } }, "aws:cur/getReportDefinition:getReportDefinition": { "description": "Use this data source to get information on an AWS Cost and Usage Report Definition.\n\n\u003e *NOTE:* The AWS Cost and Usage Report service is only available in `us-east-1` currently.\n\n\u003e *NOTE:* If AWS Organizations is enabled, only the master account can use this resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst reportDefinition = aws.cur.getReportDefinition({\n reportName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nreport_definition = aws.cur.get_report_definition(report_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var reportDefinition = Aws.Cur.GetReportDefinition.Invoke(new()\n {\n ReportName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cur\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cur.LookupReportDefinition(ctx, \u0026cur.LookupReportDefinitionArgs{\n\t\t\tReportName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cur.CurFunctions;\nimport com.pulumi.aws.cur.inputs.GetReportDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var reportDefinition = CurFunctions.getReportDefinition(GetReportDefinitionArgs.builder()\n .reportName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n reportDefinition:\n fn::invoke:\n Function: aws:cur:getReportDefinition\n Arguments:\n reportName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReportDefinition.\n", "properties": { "reportName": { "type": "string", "description": "Name of the report definition to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the resource.\n" } }, "type": "object", "required": [ "reportName" ] }, "outputs": { "description": "A collection of values returned by getReportDefinition.\n", "properties": { "additionalArtifacts": { "description": "A list of additional artifacts.\n", "items": { "type": "string" }, "type": "array" }, "additionalSchemaElements": { "description": "A list of schema elements.\n", "items": { "type": "string" }, "type": "array" }, "compression": { "description": "Preferred format for report.\n", "type": "string" }, "format": { "description": "Preferred compression format for report.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "refreshClosedReports": { "description": "If true reports are updated after they have been finalized.\n", "type": "boolean" }, "reportName": { "type": "string" }, "reportVersioning": { "description": "Overwrite the previous version of each report or to deliver the report in addition to the previous versions.\n", "type": "string" }, "s3Bucket": { "description": "Name of customer S3 bucket.\n", "type": "string" }, "s3Prefix": { "description": "Preferred report path prefix.\n", "type": "string" }, "s3Region": { "description": "Region of customer S3 bucket.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the resource.\n", "type": "object" }, "timeUnit": { "description": "Frequency on which report data are measured and displayed.\n", "type": "string" } }, "required": [ "additionalArtifacts", "additionalSchemaElements", "compression", "format", "refreshClosedReports", "reportName", "reportVersioning", "s3Bucket", "s3Prefix", "s3Region", "tags", "timeUnit", "id" ], "type": "object" } }, "aws:datapipeline/getPipeline:getPipeline": { "description": "Provides details about a specific DataPipeline Pipeline.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.datapipeline.getPipeline({\n pipelineId: \"pipelineID\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datapipeline.get_pipeline(pipeline_id=\"pipelineID\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DataPipeline.GetPipeline.Invoke(new()\n {\n PipelineId = \"pipelineID\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datapipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datapipeline.LookupPipeline(ctx, \u0026datapipeline.LookupPipelineArgs{\n\t\t\tPipelineId: \"pipelineID\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datapipeline.DatapipelineFunctions;\nimport com.pulumi.aws.datapipeline.inputs.GetPipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DatapipelineFunctions.getPipeline(GetPipelineArgs.builder()\n .pipelineId(\"pipelineID\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:datapipeline:getPipeline\n Arguments:\n pipelineId: pipelineID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPipeline.\n", "properties": { "pipelineId": { "type": "string", "description": "ID of the pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "pipelineId" ] }, "outputs": { "description": "A collection of values returned by getPipeline.\n", "properties": { "description": { "description": "Description of Pipeline.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of Pipeline.\n", "type": "string" }, "pipelineId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "description", "name", "pipelineId", "tags", "id" ], "type": "object" } }, "aws:datapipeline/getPipelineDefinition:getPipelineDefinition": { "description": "Provides details about a specific DataPipeline Pipeline Definition.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.datapipeline.getPipelineDefinition({\n pipelineId: \"pipelineID\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.datapipeline.get_pipeline_definition(pipeline_id=\"pipelineID\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DataPipeline.GetPipelineDefinition.Invoke(new()\n {\n PipelineId = \"pipelineID\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datapipeline\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := datapipeline.LookupPipelineDefinition(ctx, \u0026datapipeline.LookupPipelineDefinitionArgs{\n\t\t\tPipelineId: \"pipelineID\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datapipeline.DatapipelineFunctions;\nimport com.pulumi.aws.datapipeline.inputs.GetPipelineDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DatapipelineFunctions.getPipelineDefinition(GetPipelineDefinitionArgs.builder()\n .pipelineId(\"pipelineID\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:datapipeline:getPipelineDefinition\n Arguments:\n pipelineId: pipelineID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPipelineDefinition.\n", "properties": { "parameterValues": { "type": "array", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionParameterValue:getPipelineDefinitionParameterValue" }, "description": "Parameter values used in the pipeline definition. See below\n", "willReplaceOnChanges": true }, "pipelineId": { "type": "string", "description": "ID of the pipeline.\n" } }, "type": "object", "required": [ "pipelineId" ] }, "outputs": { "description": "A collection of values returned by getPipelineDefinition.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parameterObjects": { "description": "Parameter objects used in the pipeline definition. See below\n", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionParameterObject:getPipelineDefinitionParameterObject" }, "type": "array" }, "parameterValues": { "description": "Parameter values used in the pipeline definition. See below\n", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionParameterValue:getPipelineDefinitionParameterValue" }, "type": "array" }, "pipelineId": { "type": "string" }, "pipelineObjects": { "description": "Objects defined in the pipeline. See below\n", "items": { "$ref": "#/types/aws:datapipeline/getPipelineDefinitionPipelineObject:getPipelineDefinitionPipelineObject" }, "type": "array" } }, "required": [ "parameterObjects", "pipelineId", "pipelineObjects", "id" ], "type": "object" } }, "aws:datazone/getEnvironmentBlueprint:getEnvironmentBlueprint": { "description": "Data source for managing an AWS DataZone Environment Blueprint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleDomain = new aws.datazone.Domain(\"example\", {\n name: \"example_domain\",\n domainExecutionRole: domainExecutionRole.arn,\n});\nconst example = aws.datazone.getEnvironmentBlueprintOutput({\n domainId: exampleDomain.id,\n name: \"DefaultDataLake\",\n managed: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_domain = aws.datazone.Domain(\"example\",\n name=\"example_domain\",\n domain_execution_role=domain_execution_role[\"arn\"])\nexample = aws.datazone.get_environment_blueprint_output(domain_id=example_domain.id,\n name=\"DefaultDataLake\",\n managed=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleDomain = new Aws.DataZone.Domain(\"example\", new()\n {\n Name = \"example_domain\",\n DomainExecutionRole = domainExecutionRole.Arn,\n });\n\n var example = Aws.DataZone.GetEnvironmentBlueprint.Invoke(new()\n {\n DomainId = exampleDomain.Id,\n Name = \"DefaultDataLake\",\n Managed = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/datazone\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleDomain, err := datazone.NewDomain(ctx, \"example\", \u0026datazone.DomainArgs{\n\t\t\tName: pulumi.String(\"example_domain\"),\n\t\t\tDomainExecutionRole: pulumi.Any(domainExecutionRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = datazone.GetEnvironmentBlueprintOutput(ctx, datazone.GetEnvironmentBlueprintOutputArgs{\n\t\t\tDomainId: exampleDomain.ID(),\n\t\t\tName: pulumi.String(\"DefaultDataLake\"),\n\t\t\tManaged: pulumi.Bool(true),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.datazone.Domain;\nimport com.pulumi.aws.datazone.DomainArgs;\nimport com.pulumi.aws.datazone.DatazoneFunctions;\nimport com.pulumi.aws.datazone.inputs.GetEnvironmentBlueprintArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder()\n .name(\"example_domain\")\n .domainExecutionRole(domainExecutionRole.arn())\n .build());\n\n final var example = DatazoneFunctions.getEnvironmentBlueprint(GetEnvironmentBlueprintArgs.builder()\n .domainId(exampleDomain.id())\n .name(\"DefaultDataLake\")\n .managed(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleDomain:\n type: aws:datazone:Domain\n name: example\n properties:\n name: example_domain\n domainExecutionRole: ${domainExecutionRole.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:datazone:getEnvironmentBlueprint\n Arguments:\n domainId: ${exampleDomain.id}\n name: DefaultDataLake\n managed: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEnvironmentBlueprint.\n", "properties": { "domainId": { "type": "string", "description": "ID of the domain.\n" }, "managed": { "type": "boolean", "description": "Whether the blueprint is managed by Amazon DataZone.\n" }, "name": { "type": "string", "description": "Name of the blueprint.\n" } }, "type": "object", "required": [ "domainId", "managed", "name" ] }, "outputs": { "description": "A collection of values returned by getEnvironmentBlueprint.\n", "properties": { "blueprintProvider": { "description": "Provider of the blueprint\n", "type": "string" }, "description": { "description": "Description of the blueprint\n", "type": "string" }, "domainId": { "type": "string" }, "id": { "description": "ID of the environment blueprint\n", "type": "string" }, "managed": { "type": "boolean" }, "name": { "type": "string" } }, "required": [ "blueprintProvider", "description", "domainId", "id", "managed", "name" ], "type": "object" } }, "aws:devopsguru/getNotificationChannel:getNotificationChannel": { "description": "Data source for managing an AWS DevOps Guru Notification Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.devopsguru.getNotificationChannel({\n id: \"channel-1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.get_notification_channel(id=\"channel-1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DevOpsGuru.GetNotificationChannel.Invoke(new()\n {\n Id = \"channel-1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.LookupNotificationChannel(ctx, \u0026devopsguru.LookupNotificationChannelArgs{\n\t\t\tId: \"channel-1234\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.DevopsguruFunctions;\nimport com.pulumi.aws.devopsguru.inputs.GetNotificationChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DevopsguruFunctions.getNotificationChannel(GetNotificationChannelArgs.builder()\n .id(\"channel-1234\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:devopsguru:getNotificationChannel\n Arguments:\n id: channel-1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNotificationChannel.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/getNotificationChannelFilter:getNotificationChannelFilter" }, "description": "Filter configurations for the Amazon SNS notification topic. See the `filters` attribute reference below.\n" }, "id": { "type": "string", "description": "Unique identifier for the notification channel.\n" }, "sns": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/getNotificationChannelSn:getNotificationChannelSn" }, "description": "SNS noficiation channel configurations. See the `sns` attribute reference below.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getNotificationChannel.\n", "properties": { "filters": { "description": "Filter configurations for the Amazon SNS notification topic. See the `filters` attribute reference below.\n", "items": { "$ref": "#/types/aws:devopsguru/getNotificationChannelFilter:getNotificationChannelFilter" }, "type": "array" }, "id": { "type": "string" }, "sns": { "description": "SNS noficiation channel configurations. See the `sns` attribute reference below.\n", "items": { "$ref": "#/types/aws:devopsguru/getNotificationChannelSn:getNotificationChannelSn" }, "type": "array" } }, "required": [ "id" ], "type": "object" } }, "aws:devopsguru/getResourceCollection:getResourceCollection": { "description": "Data source for managing an AWS DevOps Guru Resource Collection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.devopsguru.getResourceCollection({\n type: \"AWS_SERVICE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.devopsguru.get_resource_collection(type=\"AWS_SERVICE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DevOpsGuru.GetResourceCollection.Invoke(new()\n {\n Type = \"AWS_SERVICE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/devopsguru\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := devopsguru.LookupResourceCollection(ctx, \u0026devopsguru.LookupResourceCollectionArgs{\n\t\t\tType: \"AWS_SERVICE\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.devopsguru.DevopsguruFunctions;\nimport com.pulumi.aws.devopsguru.inputs.GetResourceCollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DevopsguruFunctions.getResourceCollection(GetResourceCollectionArgs.builder()\n .type(\"AWS_SERVICE\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:devopsguru:getResourceCollection\n Arguments:\n type: AWS_SERVICE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResourceCollection.\n", "properties": { "cloudformations": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/getResourceCollectionCloudformation:getResourceCollectionCloudformation" }, "description": "A collection of AWS CloudFormation stacks. See `cloudformation` below for additional details.\n" }, "tags": { "type": "array", "items": { "$ref": "#/types/aws:devopsguru/getResourceCollectionTag:getResourceCollectionTag" }, "description": "AWS tags used to filter the resources in the resource collection. See `tags` below for additional details.\n" }, "type": { "type": "string", "description": "Type of AWS resource collection to create. Valid values are `AWS_CLOUD_FORMATION`, `AWS_SERVICE`, and `AWS_TAGS`.\n" } }, "type": "object", "required": [ "type" ] }, "outputs": { "description": "A collection of values returned by getResourceCollection.\n", "properties": { "cloudformations": { "description": "A collection of AWS CloudFormation stacks. See `cloudformation` below for additional details.\n", "items": { "$ref": "#/types/aws:devopsguru/getResourceCollectionCloudformation:getResourceCollectionCloudformation" }, "type": "array" }, "id": { "description": "Type of AWS resource collection to create (same value as `type`).\n", "type": "string" }, "tags": { "description": "AWS tags used to filter the resources in the resource collection. See `tags` below for additional details.\n", "items": { "$ref": "#/types/aws:devopsguru/getResourceCollectionTag:getResourceCollectionTag" }, "type": "array" }, "type": { "type": "string" } }, "required": [ "id", "type" ], "type": "object" } }, "aws:directconnect/getConnection:getConnection": { "description": "Retrieve information about a Direct Connect Connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getConnection({\n name: \"tf-dx-connection\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_connection(name=\"tf-dx-connection\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetConnection.Invoke(new()\n {\n Name = \"tf-dx-connection\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.LookupConnection(ctx, \u0026directconnect.LookupConnectionArgs{\n\t\t\tName: \"tf-dx-connection\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getConnection(GetConnectionArgs.builder()\n .name(\"tf-dx-connection\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getConnection\n Arguments:\n name: tf-dx-connection\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnection.\n", "properties": { "name": { "type": "string", "description": "Name of the connection to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getConnection.\n", "properties": { "arn": { "description": "ARN of the connection.\n", "type": "string" }, "awsDevice": { "description": "Direct Connect endpoint on which the physical connection terminates.\n", "type": "string" }, "bandwidth": { "description": "Bandwidth of the connection.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "location": { "description": "AWS Direct Connect location where the connection is located.\n", "type": "string" }, "name": { "type": "string" }, "ownerAccountId": { "description": "ID of the AWS account that owns the connection.\n", "type": "string" }, "partnerName": { "description": "The name of the AWS Direct Connect service provider associated with the connection.\n", "type": "string" }, "providerName": { "description": "Name of the service provider associated with the connection.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "vlanId": { "description": "The VLAN ID.\n", "type": "integer" } }, "required": [ "arn", "awsDevice", "bandwidth", "location", "name", "ownerAccountId", "partnerName", "providerName", "tags", "vlanId", "id" ], "type": "object" } }, "aws:directconnect/getGateway:getGateway": { "description": "Retrieve information about a Direct Connect Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getGateway({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_gateway(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetGateway.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.LookupGateway(ctx, \u0026directconnect.LookupGatewayArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getGateway(GetGatewayArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getGateway\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGateway.\n", "properties": { "name": { "type": "string", "description": "Name of the gateway to retrieve.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getGateway.\n", "properties": { "amazonSideAsn": { "description": "ASN on the Amazon side of the connection.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "ownerAccountId": { "description": "AWS Account ID of the gateway.\n", "type": "string" } }, "required": [ "amazonSideAsn", "name", "ownerAccountId", "id" ], "type": "object" } }, "aws:directconnect/getLocation:getLocation": { "description": "Retrieve information about a specific AWS Direct Connect location in the current AWS Region.\nThese are the locations that can be specified when configuring `aws.directconnect.Connection` or `aws.directconnect.LinkAggregationGroup` resources.\n\n\u003e **Note:** This data source is different from the `aws.directconnect.getLocations` data source which retrieves information about all the AWS Direct Connect locations in the current AWS Region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getLocation({\n locationCode: \"CS32A-24FL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_location(location_code=\"CS32A-24FL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetLocation.Invoke(new()\n {\n LocationCode = \"CS32A-24FL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.GetLocation(ctx, \u0026directconnect.GetLocationArgs{\n\t\t\tLocationCode: \"CS32A-24FL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getLocation(GetLocationArgs.builder()\n .locationCode(\"CS32A-24FL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getLocation\n Arguments:\n locationCode: CS32A-24FL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocation.\n", "properties": { "locationCode": { "type": "string", "description": "Code for the location to retrieve.\n" } }, "type": "object", "required": [ "locationCode" ] }, "outputs": { "description": "A collection of values returned by getLocation.\n", "properties": { "availableMacsecPortSpeeds": { "description": "The available MAC Security (MACsec) port speeds for the location.\n", "items": { "type": "string" }, "type": "array" }, "availablePortSpeeds": { "description": "The available port speeds for the location.\n", "items": { "type": "string" }, "type": "array" }, "availableProviders": { "description": "Names of the service providers for the location.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "locationCode": { "type": "string" }, "locationName": { "description": "Name of the location. This includes the name of the colocation partner and the physical site of the building.\n", "type": "string" } }, "required": [ "availableMacsecPortSpeeds", "availablePortSpeeds", "availableProviders", "locationCode", "locationName", "id" ], "type": "object" } }, "aws:directconnect/getLocations:getLocations": { "description": "Retrieve information about the AWS Direct Connect locations in the current AWS Region.\nThese are the locations that can be specified when configuring `aws.directconnect.Connection` or `aws.directconnect.LinkAggregationGroup` resources.\n\n\u003e **Note:** This data source is different from the `aws.directconnect.getLocation` data source which retrieves information about a specific AWS Direct Connect location in the current AWS Region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.directconnect.getLocations({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.directconnect.get_locations()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.DirectConnect.GetLocations.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.GetLocations(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = DirectconnectFunctions.getLocations();\n\n }\n}\n```\n```yaml\nvariables:\n available:\n fn::invoke:\n Function: aws:directconnect:getLocations\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getLocations.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "locationCodes": { "description": "Code for the locations.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "locationCodes", "id" ], "type": "object" } }, "aws:directconnect/getRouterConfiguration:getRouterConfiguration": { "description": "Data source for retrieving Router Configuration instructions for a given AWS Direct Connect Virtual Interface and Router Type.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directconnect.getRouterConfiguration({\n virtualInterfaceId: \"dxvif-abcde123\",\n routerTypeIdentifier: \"CiscoSystemsInc-2900SeriesRouters-IOS124\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directconnect.get_router_configuration(virtual_interface_id=\"dxvif-abcde123\",\n router_type_identifier=\"CiscoSystemsInc-2900SeriesRouters-IOS124\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectConnect.GetRouterConfiguration.Invoke(new()\n {\n VirtualInterfaceId = \"dxvif-abcde123\",\n RouterTypeIdentifier = \"CiscoSystemsInc-2900SeriesRouters-IOS124\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directconnect.GetRouterConfiguration(ctx, \u0026directconnect.GetRouterConfigurationArgs{\n\t\t\tVirtualInterfaceId: \"dxvif-abcde123\",\n\t\t\tRouterTypeIdentifier: \"CiscoSystemsInc-2900SeriesRouters-IOS124\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directconnect.DirectconnectFunctions;\nimport com.pulumi.aws.directconnect.inputs.GetRouterConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectconnectFunctions.getRouterConfiguration(GetRouterConfigurationArgs.builder()\n .virtualInterfaceId(\"dxvif-abcde123\")\n .routerTypeIdentifier(\"CiscoSystemsInc-2900SeriesRouters-IOS124\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:directconnect:getRouterConfiguration\n Arguments:\n virtualInterfaceId: dxvif-abcde123\n routerTypeIdentifier: CiscoSystemsInc-2900SeriesRouters-IOS124\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouterConfiguration.\n", "properties": { "routerTypeIdentifier": { "type": "string", "description": "ID of the Router Type. For example: `CiscoSystemsInc-2900SeriesRouters-IOS124`\n\nThere is currently no AWS API to retrieve the full list of `router_type_identifier` values. Here is a list of known `RouterType` objects that can be used:\n\n```json\n{\n\"routerTypes\": [\n{\"platform\":\"2900 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-2900SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"3700 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-3700SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"7200 Series Routers\",\"routerTypeIdentifier\":\"CiscoSystemsInc-7200SeriesRouters-IOS124\",\"software\":\"IOS 12.4+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-router-cisco-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"Nexus 7000 Series Switches\",\"routerTypeIdentifier\":\"CiscoSystemsInc-Nexus7000SeriesSwitches-NXOS51\",\"software\":\"NX-OS 5.1+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-switch-cisco-nexus-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"Nexus 9K+ Series Switches\",\"routerTypeIdentifier\":\"CiscoSystemsInc-Nexus9KSeriesSwitches-NXOS93\",\"software\":\"NX-OS 9.3+\",\"vendor\":\"Cisco Systems, Inc.\",\"xsltTemplateName\":\"customer-switch-cisco-nexus-generic.xslt\",\"xsltTemplateNameForMacSec\":\"customer-switch-cisco-nexus-generic-macsec.xslt\"},\n{\"platform\":\"M/MX Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-MMXSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"customer-router-juniper-generic-macsec.xslt\"},\n{\"platform\":\"SRX Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-SRXSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"T Series Routers\",\"routerTypeIdentifier\":\"JuniperNetworksInc-TSeriesRouters-JunOS95\",\"software\":\"JunOS 9.5+\",\"vendor\":\"Juniper Networks, Inc.\",\"xsltTemplateName\":\"customer-router-juniper-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"},\n{\"platform\":\"PA-3000+ and 5000+ series\",\"routerTypeIdentifier\":\"PaloAltoNetworks-PA3000and5000series-PANOS803\",\"software\":\"PAN-OS 8.0.3+\",\"vendor\":\"Palo Alto Networks\",\"xsltTemplateName\":\"customer-router-palo-alto-generic.xslt\",\"xsltTemplateNameForMacSec\":\"\"}]\n}\n```\n" }, "virtualInterfaceId": { "type": "string", "description": "ID of the Direct Connect Virtual Interface\n" } }, "type": "object", "required": [ "routerTypeIdentifier", "virtualInterfaceId" ] }, "outputs": { "description": "A collection of values returned by getRouterConfiguration.\n", "properties": { "customerRouterConfig": { "description": "Instructions for configuring your router\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "routerTypeIdentifier": { "description": "Router type identifier\n", "type": "string" }, "routers": { "description": "Block of the router type details\n", "items": { "$ref": "#/types/aws:directconnect/getRouterConfigurationRouter:getRouterConfigurationRouter" }, "type": "array" }, "virtualInterfaceId": { "type": "string" }, "virtualInterfaceName": { "type": "string" } }, "required": [ "customerRouterConfig", "routers", "routerTypeIdentifier", "virtualInterfaceId", "virtualInterfaceName", "id" ], "type": "object" } }, "aws:directoryservice/getDirectory:getDirectory": { "description": "Get attributes of AWS Directory Service directory (SimpleAD, Managed AD, AD Connector). It's especially useful to refer AWS Managed AD or on-premise AD in AD Connector configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.directoryservice.getDirectory({\n directoryId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.directoryservice.get_directory(directory_id=main[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.DirectoryService.GetDirectory.Invoke(new()\n {\n DirectoryId = main.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := directoryservice.LookupDirectory(ctx, \u0026directoryservice.LookupDirectoryArgs{\n\t\t\tDirectoryId: main.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.directoryservice.DirectoryserviceFunctions;\nimport com.pulumi.aws.directoryservice.inputs.GetDirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DirectoryserviceFunctions.getDirectory(GetDirectoryArgs.builder()\n .directoryId(main.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:directoryservice:getDirectory\n Arguments:\n directoryId: ${main.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDirectory.\n", "properties": { "directoryId": { "type": "string", "description": "ID of the directory.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the directory/connector.\n" } }, "type": "object", "required": [ "directoryId" ] }, "outputs": { "description": "A collection of values returned by getDirectory.\n", "properties": { "accessUrl": { "description": "Access URL for the directory/connector, such as http://alias.awsapps.com.\n", "type": "string" }, "alias": { "description": "Alias for the directory/connector, such as `d-991708b282.awsapps.com`.\n", "type": "string" }, "connectSettings": { "items": { "$ref": "#/types/aws:directoryservice/getDirectoryConnectSetting:getDirectoryConnectSetting" }, "type": "array" }, "description": { "description": "Textual description for the directory/connector.\n", "type": "string" }, "directoryId": { "type": "string" }, "dnsIpAddresses": { "description": "List of IP addresses of the DNS servers for the directory/connector.\n", "items": { "type": "string" }, "type": "array" }, "edition": { "description": "(for `MicrosoftAD`) Microsoft AD edition (`Standard` or `Enterprise`).\n", "type": "string" }, "enableSso": { "description": "Directory/connector single-sign on status.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Fully qualified name for the directory/connector.\n", "type": "string" }, "radiusSettings": { "items": { "$ref": "#/types/aws:directoryservice/getDirectoryRadiusSetting:getDirectoryRadiusSetting" }, "type": "array" }, "securityGroupId": { "description": "ID of the security group created by the directory/connector.\n", "type": "string" }, "shortName": { "description": "Short name of the directory/connector, such as `CORP`.\n", "type": "string" }, "size": { "description": "(for `SimpleAD` and `ADConnector`) Size of the directory/connector (`Small` or `Large`).\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the directory/connector.\n", "type": "object" }, "type": { "description": "Directory type (`SimpleAD`, `ADConnector` or `MicrosoftAD`).\n", "type": "string" }, "vpcSettings": { "items": { "$ref": "#/types/aws:directoryservice/getDirectoryVpcSetting:getDirectoryVpcSetting" }, "type": "array" } }, "required": [ "accessUrl", "alias", "connectSettings", "description", "directoryId", "dnsIpAddresses", "edition", "enableSso", "name", "radiusSettings", "securityGroupId", "shortName", "size", "tags", "type", "vpcSettings", "id" ], "type": "object" } }, "aws:dms/getCertificate:getCertificate": { "description": "Data source for managing an AWS DMS (Database Migration) Certificate.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.dms.getCertificate({\n certificateId: test.certificateId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.get_certificate(certificate_id=test[\"certificateId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Dms.GetCertificate.Invoke(new()\n {\n CertificateId = test.CertificateId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.LookupCertificate(ctx, \u0026dms.LookupCertificateArgs{\n\t\t\tCertificateId: test.CertificateId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.DmsFunctions;\nimport com.pulumi.aws.dms.inputs.GetCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = DmsFunctions.getCertificate(GetCertificateArgs.builder()\n .certificateId(test.certificateId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:dms:getCertificate\n Arguments:\n certificateId: ${test.certificateId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCertificate.\n", "properties": { "certificateId": { "type": "string", "description": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "certificateId" ] }, "outputs": { "description": "A collection of values returned by getCertificate.\n", "properties": { "certificateArn": { "description": "The Amazon Resource Name (ARN) for the certificate.\n", "type": "string" }, "certificateCreationDate": { "description": "The date that the certificate was created.\n", "type": "string" }, "certificateId": { "type": "string" }, "certificateOwner": { "description": "The owner of the certificate.\n", "type": "string" }, "certificatePem": { "description": "The contents of a .pem file, which contains an X.509 certificate.\n", "secret": true, "type": "string" }, "certificateWallet": { "description": "The owner of the certificate.\n", "secret": true, "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyLength": { "description": "The key length of the cryptographic algorithm being used.\n", "type": "integer" }, "signingAlgorithm": { "description": "The algorithm for the certificate.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "validFromDate": { "description": "The beginning date that the certificate is valid.\n", "type": "string" }, "validToDate": { "description": "The final date that the certificate is valid.\n", "type": "string" } }, "required": [ "certificateArn", "certificateCreationDate", "certificateId", "certificateOwner", "certificatePem", "certificateWallet", "keyLength", "signingAlgorithm", "tags", "validFromDate", "validToDate", "id" ], "type": "object" } }, "aws:dms/getEndpoint:getEndpoint": { "description": "Data source for managing an AWS DMS (Database Migration) Endpoint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.dms.getEndpoint({\n endpointId: \"test_id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dms.get_endpoint(endpoint_id=\"test_id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Dms.GetEndpoint.Invoke(new()\n {\n EndpointId = \"test_id\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.LookupEndpoint(ctx, \u0026dms.LookupEndpointArgs{\n\t\t\tEndpointId: \"test_id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.DmsFunctions;\nimport com.pulumi.aws.dms.inputs.GetEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DmsFunctions.getEndpoint(GetEndpointArgs.builder()\n .endpointId(\"test_id\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:dms:getEndpoint\n Arguments:\n endpointId: test_id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEndpoint.\n", "properties": { "endpointId": { "type": "string", "description": "Database endpoint identifier. Identifiers must contain from 1 to 255 alphanumeric characters or hyphens, begin with a letter, contain only ASCII letters, digits, and hyphens, not end with a hyphen, and not contain two consecutive hyphens.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "endpointId" ] }, "outputs": { "description": "A collection of values returned by getEndpoint.\n", "properties": { "certificateArn": { "type": "string" }, "databaseName": { "type": "string" }, "elasticsearchSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointElasticsearchSetting:getEndpointElasticsearchSetting" }, "type": "array" }, "endpointArn": { "type": "string" }, "endpointId": { "type": "string" }, "endpointType": { "type": "string" }, "engineName": { "type": "string" }, "extraConnectionAttributes": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kafkaSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointKafkaSetting:getEndpointKafkaSetting" }, "type": "array" }, "kinesisSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointKinesisSetting:getEndpointKinesisSetting" }, "type": "array" }, "kmsKeyArn": { "type": "string" }, "mongodbSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointMongodbSetting:getEndpointMongodbSetting" }, "type": "array" }, "password": { "type": "string" }, "port": { "type": "integer" }, "postgresSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointPostgresSetting:getEndpointPostgresSetting" }, "type": "array" }, "redisSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointRedisSetting:getEndpointRedisSetting" }, "type": "array" }, "redshiftSettings": { "items": { "$ref": "#/types/aws:dms/getEndpointRedshiftSetting:getEndpointRedshiftSetting" }, "type": "array" }, "s3Settings": { "items": { "$ref": "#/types/aws:dms/getEndpointS3Setting:getEndpointS3Setting" }, "type": "array" }, "secretsManagerAccessRoleArn": { "type": "string" }, "secretsManagerArn": { "type": "string" }, "serverName": { "type": "string" }, "serviceAccessRole": { "type": "string" }, "sslMode": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "username": { "type": "string" } }, "required": [ "certificateArn", "databaseName", "elasticsearchSettings", "endpointArn", "endpointId", "endpointType", "engineName", "extraConnectionAttributes", "kafkaSettings", "kinesisSettings", "kmsKeyArn", "mongodbSettings", "password", "port", "postgresSettings", "redisSettings", "redshiftSettings", "s3Settings", "secretsManagerAccessRoleArn", "secretsManagerArn", "serverName", "serviceAccessRole", "sslMode", "tags", "username", "id" ], "type": "object" } }, "aws:dms/getReplicationInstance:getReplicationInstance": { "description": "Data source for managing an AWS DMS (Database Migration) Replication Instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.dms.getReplicationInstance({\n replicationInstanceId: testAwsDmsReplicationInstance.replicationInstanceId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dms.get_replication_instance(replication_instance_id=test_aws_dms_replication_instance[\"replicationInstanceId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Dms.GetReplicationInstance.Invoke(new()\n {\n ReplicationInstanceId = testAwsDmsReplicationInstance.ReplicationInstanceId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.LookupReplicationInstance(ctx, \u0026dms.LookupReplicationInstanceArgs{\n\t\t\tReplicationInstanceId: testAwsDmsReplicationInstance.ReplicationInstanceId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.DmsFunctions;\nimport com.pulumi.aws.dms.inputs.GetReplicationInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DmsFunctions.getReplicationInstance(GetReplicationInstanceArgs.builder()\n .replicationInstanceId(testAwsDmsReplicationInstance.replicationInstanceId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:dms:getReplicationInstance\n Arguments:\n replicationInstanceId: ${testAwsDmsReplicationInstance.replicationInstanceId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReplicationInstance.\n", "properties": { "replicationInstanceId": { "type": "string", "description": "The replication instance identifier.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "replicationInstanceId" ] }, "outputs": { "description": "A collection of values returned by getReplicationInstance.\n", "properties": { "allocatedStorage": { "description": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.\n", "type": "integer" }, "autoMinorVersionUpgrade": { "description": "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.\n", "type": "boolean" }, "availabilityZone": { "description": "The EC2 Availability Zone that the replication instance will be created in.\n", "type": "string" }, "engineVersion": { "description": "The engine version number of the replication instance.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyArn": { "description": "The Amazon Resource Name (ARN) for the KMS key used to encrypt the connection parameters.\n", "type": "string" }, "multiAz": { "description": "Specifies if the replication instance is a multi-az deployment.\n", "type": "boolean" }, "networkType": { "description": "The type of IP address protocol used by the replication instance.\n", "type": "string" }, "preferredMaintenanceWindow": { "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n", "type": "string" }, "publiclyAccessible": { "description": "Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.\n", "type": "boolean" }, "replicationInstanceArn": { "description": "The Amazon Resource Name (ARN) of the replication instance.\n", "type": "string" }, "replicationInstanceClass": { "description": "The compute and memory capacity of the replication instance as specified by the replication instance class. See [AWS DMS User Guide](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Types.html) for information on instance classes.\n", "type": "string" }, "replicationInstanceId": { "type": "string" }, "replicationInstancePrivateIps": { "description": "A list of the private IP addresses of the replication instance.\n", "items": { "type": "string" }, "type": "array" }, "replicationInstancePublicIps": { "description": "A list of the public IP addresses of the replication instance.\n", "items": { "type": "string" }, "type": "array" }, "replicationSubnetGroupId": { "description": "A subnet group to associate with the replication instance.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcSecurityGroupIds": { "description": "A set of VPC security group IDs that are used with the replication instance.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "allocatedStorage", "autoMinorVersionUpgrade", "availabilityZone", "engineVersion", "kmsKeyArn", "multiAz", "networkType", "preferredMaintenanceWindow", "publiclyAccessible", "replicationInstanceArn", "replicationInstanceClass", "replicationInstanceId", "replicationInstancePrivateIps", "replicationInstancePublicIps", "replicationSubnetGroupId", "tags", "vpcSecurityGroupIds", "id" ], "type": "object" } }, "aws:dms/getReplicationSubnetGroup:getReplicationSubnetGroup": { "description": "Data source for managing an AWS DMS (Database Migration) Replication Subnet Group.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.dms.getReplicationSubnetGroup({\n replicationSubnetGroupId: testAwsDmsReplicationSubnetGroup.replicationSubnetGroupId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dms.get_replication_subnet_group(replication_subnet_group_id=test_aws_dms_replication_subnet_group[\"replicationSubnetGroupId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Dms.GetReplicationSubnetGroup.Invoke(new()\n {\n ReplicationSubnetGroupId = testAwsDmsReplicationSubnetGroup.ReplicationSubnetGroupId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.LookupReplicationSubnetGroup(ctx, \u0026dms.LookupReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupId: testAwsDmsReplicationSubnetGroup.ReplicationSubnetGroupId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.DmsFunctions;\nimport com.pulumi.aws.dms.inputs.GetReplicationSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DmsFunctions.getReplicationSubnetGroup(GetReplicationSubnetGroupArgs.builder()\n .replicationSubnetGroupId(testAwsDmsReplicationSubnetGroup.replicationSubnetGroupId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:dms:getReplicationSubnetGroup\n Arguments:\n replicationSubnetGroupId: ${testAwsDmsReplicationSubnetGroup.replicationSubnetGroupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReplicationSubnetGroup.\n", "properties": { "replicationSubnetGroupId": { "type": "string", "description": "Name for the replication subnet group. This value is stored as a lowercase string. It must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens and cannot be `default`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "replicationSubnetGroupId" ] }, "outputs": { "description": "A collection of values returned by getReplicationSubnetGroup.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "replicationSubnetGroupArn": { "type": "string" }, "replicationSubnetGroupDescription": { "description": "Description for the subnet group.\n", "type": "string" }, "replicationSubnetGroupId": { "type": "string" }, "subnetGroupStatus": { "type": "string" }, "subnetIds": { "description": "List of at least 2 EC2 subnet IDs for the subnet group. The subnets must cover at least 2 availability zones.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "description": "The ID of the VPC the subnet group is in.\n", "type": "string" } }, "required": [ "replicationSubnetGroupArn", "replicationSubnetGroupDescription", "replicationSubnetGroupId", "subnetGroupStatus", "subnetIds", "tags", "vpcId", "id" ], "type": "object" } }, "aws:dms/getReplicationTask:getReplicationTask": { "description": "Data source for managing an AWS DMS (Database Migration) Replication Task.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.dms.getReplicationTask({\n replicationTaskId: testAwsDmsReplicationTask.replicationTaskId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dms.get_replication_task(replication_task_id=test_aws_dms_replication_task[\"replicationTaskId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Dms.GetReplicationTask.Invoke(new()\n {\n ReplicationTaskId = testAwsDmsReplicationTask.ReplicationTaskId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.LookupReplicationTask(ctx, \u0026dms.LookupReplicationTaskArgs{\n\t\t\tReplicationTaskId: testAwsDmsReplicationTask.ReplicationTaskId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.DmsFunctions;\nimport com.pulumi.aws.dms.inputs.GetReplicationTaskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DmsFunctions.getReplicationTask(GetReplicationTaskArgs.builder()\n .replicationTaskId(testAwsDmsReplicationTask.replicationTaskId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:dms:getReplicationTask\n Arguments:\n replicationTaskId: ${testAwsDmsReplicationTask.replicationTaskId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReplicationTask.\n", "properties": { "replicationTaskId": { "type": "string", "description": "The replication task identifier.\n\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen.\n- Cannot contain two consecutive hyphens.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "replicationTaskId" ] }, "outputs": { "description": "A collection of values returned by getReplicationTask.\n", "properties": { "cdcStartPosition": { "description": "(Conflicts with `cdc_start_time`) Indicates when you want a change data capture (CDC) operation to start. The value can be in date, checkpoint, or LSN/SCN format depending on the source engine. For more information, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native).\n", "type": "string" }, "cdcStartTime": { "description": "(Conflicts with `cdc_start_position`) The Unix timestamp integer for the start of the Change Data Capture (CDC) operation.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "migrationType": { "description": "The migration type. Can be one of `full-load | cdc | full-load-and-cdc`.\n", "type": "string" }, "replicationInstanceArn": { "description": "The Amazon Resource Name (ARN) of the replication instance.\n", "type": "string" }, "replicationTaskArn": { "description": "The Amazon Resource Name (ARN) for the replication task.\n", "type": "string" }, "replicationTaskId": { "type": "string" }, "replicationTaskSettings": { "description": "An escaped JSON string that contains the task settings. For a complete list of task settings, see [Task Settings for AWS Database Migration Service Tasks](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html).\n", "type": "string" }, "sourceEndpointArn": { "description": "The Amazon Resource Name (ARN) string that uniquely identifies the source endpoint.\n", "type": "string" }, "startReplicationTask": { "description": "Whether to run or stop the replication task.\n", "type": "boolean" }, "status": { "description": "Replication Task status.\n", "type": "string" }, "tableMappings": { "description": "An escaped JSON string that contains the table mappings. For information on table mapping see [Using Table Mapping with an AWS Database Migration Service Task to Select and Filter Data](http://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html)\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "targetEndpointArn": { "description": "The Amazon Resource Name (ARN) string that uniquely identifies the target endpoint.\n", "type": "string" } }, "required": [ "cdcStartPosition", "cdcStartTime", "migrationType", "replicationInstanceArn", "replicationTaskArn", "replicationTaskId", "replicationTaskSettings", "sourceEndpointArn", "startReplicationTask", "status", "tableMappings", "tags", "targetEndpointArn", "id" ], "type": "object" } }, "aws:docdb/getEngineVersion:getEngineVersion": { "description": "Information about a DocumentDB engine version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.docdb.getEngineVersion({\n version: \"3.6.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.docdb.get_engine_version(version=\"3.6.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.DocDB.GetEngineVersion.Invoke(new()\n {\n Version = \"3.6.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.GetEngineVersion(ctx, \u0026docdb.GetEngineVersionArgs{\n\t\t\tVersion: pulumi.StringRef(\"3.6.0\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.DocdbFunctions;\nimport com.pulumi.aws.docdb.inputs.GetEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DocdbFunctions.getEngineVersion(GetEngineVersionArgs.builder()\n .version(\"3.6.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:docdb:getEngineVersion\n Arguments:\n version: 3.6.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEngineVersion.\n", "properties": { "engine": { "type": "string", "description": "DB engine. (Default: `docdb`)\n" }, "parameterGroupFamily": { "type": "string", "description": "Name of a specific DB parameter group family. An example parameter group family is `docdb3.6`.\n" }, "preferredVersions": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred engine versions. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned. If both the `version` and `preferred_versions` arguments are not configured, the data source will return the default version for the engine.\n" }, "version": { "type": "string", "description": "Version of the DB engine. For example, `3.6.0`. If `version` and `preferred_versions` are not set, the data source will provide information for the AWS-defined default version. If both the `version` and `preferred_versions` arguments are not configured, the data source will return the default version for the engine.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEngineVersion.\n", "properties": { "engine": { "type": "string" }, "engineDescription": { "description": "Description of the database engine.\n", "type": "string" }, "exportableLogTypes": { "description": "Set of log types that the database engine has available for export to CloudWatch Logs.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parameterGroupFamily": { "type": "string" }, "preferredVersions": { "items": { "type": "string" }, "type": "array" }, "supportsLogExportsToCloudwatch": { "description": "Indicates whether the engine version supports exporting the log types specified by `exportable_log_types` to CloudWatch Logs.\n", "type": "boolean" }, "validUpgradeTargets": { "description": "A set of engine versions that this database engine version can be upgraded to.\n", "items": { "type": "string" }, "type": "array" }, "version": { "type": "string" }, "versionDescription": { "description": "Description of the database engine version.\n", "type": "string" } }, "required": [ "engineDescription", "exportableLogTypes", "parameterGroupFamily", "supportsLogExportsToCloudwatch", "validUpgradeTargets", "version", "versionDescription", "id" ], "type": "object" } }, "aws:docdb/getOrderableDbInstance:getOrderableDbInstance": { "description": "Information about DocumentDB orderable DB instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.docdb.getOrderableDbInstance({\n engine: \"docdb\",\n engineVersion: \"3.6.0\",\n licenseModel: \"na\",\n preferredInstanceClasses: [\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.docdb.get_orderable_db_instance(engine=\"docdb\",\n engine_version=\"3.6.0\",\n license_model=\"na\",\n preferred_instance_classes=[\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.DocDB.GetOrderableDbInstance.Invoke(new()\n {\n Engine = \"docdb\",\n EngineVersion = \"3.6.0\",\n LicenseModel = \"na\",\n PreferredInstanceClasses = new[]\n {\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := docdb.GetOrderableDbInstance(ctx, \u0026docdb.GetOrderableDbInstanceArgs{\n\t\t\tEngine: pulumi.StringRef(\"docdb\"),\n\t\t\tEngineVersion: pulumi.StringRef(\"3.6.0\"),\n\t\t\tLicenseModel: pulumi.StringRef(\"na\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.r5.large\",\n\t\t\t\t\"db.r4.large\",\n\t\t\t\t\"db.t3.medium\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.DocdbFunctions;\nimport com.pulumi.aws.docdb.inputs.GetOrderableDbInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DocdbFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(\"docdb\")\n .engineVersion(\"3.6.0\")\n .licenseModel(\"na\")\n .preferredInstanceClasses( \n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:docdb:getOrderableDbInstance\n Arguments:\n engine: docdb\n engineVersion: 3.6.0\n licenseModel: na\n preferredInstanceClasses:\n - db.r5.large\n - db.r4.large\n - db.t3.medium\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrderableDbInstance.\n", "properties": { "engine": { "type": "string", "description": "DB engine. Default: `docdb`\n" }, "engineVersion": { "type": "string", "description": "Version of the DB engine.\n" }, "instanceClass": { "type": "string", "description": "DB instance class. Examples of classes are `db.r5.12xlarge`, `db.r5.24xlarge`, `db.r5.2xlarge`, `db.r5.4xlarge`, `db.r5.large`, `db.r5.xlarge`, and `db.t3.medium`. (Conflicts with `preferred_instance_classes`.)\n" }, "licenseModel": { "type": "string", "description": "License model. Default: `na`\n" }, "preferredInstanceClasses": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred DocumentDB DB instance classes. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned. (Conflicts with `instance_class`.)\n" }, "vpc": { "type": "boolean", "description": "Enable to show only VPC.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOrderableDbInstance.\n", "properties": { "availabilityZones": { "description": "Availability zones where the instance is available.\n", "items": { "type": "string" }, "type": "array" }, "engine": { "type": "string" }, "engineVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceClass": { "type": "string" }, "licenseModel": { "type": "string" }, "preferredInstanceClasses": { "items": { "type": "string" }, "type": "array" }, "vpc": { "type": "boolean" } }, "required": [ "availabilityZones", "engineVersion", "instanceClass", "vpc", "id" ], "type": "object" } }, "aws:dynamodb/getTable:getTable": { "description": "Provides information about a DynamoDB table.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tableName = aws.dynamodb.getTable({\n name: \"tableName\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntable_name = aws.dynamodb.get_table(name=\"tableName\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tableName = Aws.DynamoDB.GetTable.Invoke(new()\n {\n Name = \"tableName\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.LookupTable(ctx, \u0026dynamodb.LookupTableArgs{\n\t\t\tName: \"tableName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.DynamodbFunctions;\nimport com.pulumi.aws.dynamodb.inputs.GetTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var tableName = DynamodbFunctions.getTable(GetTableArgs.builder()\n .name(\"tableName\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n tableName:\n fn::invoke:\n Function: aws:dynamodb:getTable\n Arguments:\n name: tableName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTable.\n", "properties": { "name": { "type": "string", "description": "Name of the DynamoDB table.\n" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getTable.\n", "properties": { "arn": { "type": "string" }, "attributes": { "items": { "$ref": "#/types/aws:dynamodb/getTableAttribute:getTableAttribute" }, "type": "array" }, "billingMode": { "type": "string" }, "deletionProtectionEnabled": { "type": "boolean" }, "globalSecondaryIndexes": { "items": { "$ref": "#/types/aws:dynamodb/getTableGlobalSecondaryIndex:getTableGlobalSecondaryIndex" }, "type": "array" }, "hashKey": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "localSecondaryIndexes": { "items": { "$ref": "#/types/aws:dynamodb/getTableLocalSecondaryIndex:getTableLocalSecondaryIndex" }, "type": "array" }, "name": { "type": "string" }, "pointInTimeRecovery": { "$ref": "#/types/aws:dynamodb/getTablePointInTimeRecovery:getTablePointInTimeRecovery" }, "rangeKey": { "type": "string" }, "readCapacity": { "type": "integer" }, "replicas": { "items": { "$ref": "#/types/aws:dynamodb/getTableReplica:getTableReplica" }, "type": "array" }, "serverSideEncryption": { "$ref": "#/types/aws:dynamodb/getTableServerSideEncryption:getTableServerSideEncryption" }, "streamArn": { "type": "string" }, "streamEnabled": { "type": "boolean" }, "streamLabel": { "type": "string" }, "streamViewType": { "type": "string" }, "tableClass": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "ttl": { "$ref": "#/types/aws:dynamodb/getTableTtl:getTableTtl" }, "writeCapacity": { "type": "integer" } }, "required": [ "arn", "attributes", "billingMode", "deletionProtectionEnabled", "globalSecondaryIndexes", "hashKey", "localSecondaryIndexes", "name", "pointInTimeRecovery", "rangeKey", "readCapacity", "replicas", "serverSideEncryption", "streamArn", "streamEnabled", "streamLabel", "streamViewType", "tableClass", "tags", "ttl", "writeCapacity", "id" ], "type": "object" } }, "aws:dynamodb/getTableItem:getTableItem": { "description": "Data source for retrieving a value from an AWS DynamoDB table.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.dynamodb.getTableItem({\n tableName: example.name,\n expressionAttributeNames: {\n \"#P\": \"Percentile\",\n },\n projectionExpression: \"#P\",\n key: `{\n\\x09\"hashKey\": {\"S\": \"example\"}\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.dynamodb.get_table_item(table_name=example[\"name\"],\n expression_attribute_names={\n \"#P\": \"Percentile\",\n },\n projection_expression=\"#P\",\n key=\"\"\"{\n\\x09\"hashKey\": {\"S\": \"example\"}\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.DynamoDB.GetTableItem.Invoke(new()\n {\n TableName = example.Name,\n ExpressionAttributeNames = \n {\n { \"#P\", \"Percentile\" },\n },\n ProjectionExpression = \"#P\",\n Key = @\"{\n\t\"\"hashKey\"\": {\"\"S\"\": \"\"example\"\"}\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.LookupTableItem(ctx, \u0026dynamodb.LookupTableItemArgs{\n\t\t\tTableName: example.Name,\n\t\t\tExpressionAttributeNames: map[string]interface{}{\n\t\t\t\t\"#P\": \"Percentile\",\n\t\t\t},\n\t\t\tProjectionExpression: pulumi.StringRef(\"#P\"),\n\t\t\tKey: \"{\\n\t\\\"hashKey\\\": {\\\"S\\\": \\\"example\\\"}\\n}\\n\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.DynamodbFunctions;\nimport com.pulumi.aws.dynamodb.inputs.GetTableItemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = DynamodbFunctions.getTableItem(GetTableItemArgs.builder()\n .tableName(example.name())\n .expressionAttributeNames(Map.of(\"#P\", \"Percentile\"))\n .projectionExpression(\"#P\")\n .key(\"\"\"\n{\n\t\"hashKey\": {\"S\": \"example\"}\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:dynamodb:getTableItem\n Arguments:\n tableName: ${example.name}\n expressionAttributeNames:\n '#P': Percentile\n projectionExpression: '#P'\n key: |\n {\n \t\"hashKey\": {\"S\": \"example\"}\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTableItem.\n", "properties": { "expressionAttributeNames": { "type": "object", "additionalProperties": { "type": "string" } }, "key": { "type": "string", "description": "A map of attribute names to AttributeValue objects, representing the primary key of the item to retrieve.\nFor the primary key, you must provide all of the attributes. For example, with a simple primary key, you only need to provide a value for the partition key. For a composite primary key, you must provide values for both the partition key and the sort key.\n\nThe following arguments are optional:\n" }, "projectionExpression": { "type": "string", "description": "A string that identifies one or more attributes to retrieve from the table. These attributes can include scalars, sets, or elements of a JSON document. The attributes in the expression must be separated by commas.\nIf no attribute names are specified, then all attributes are returned. If any of the requested attributes are not found, they do not appear in the result.\n" }, "tableName": { "type": "string", "description": "The name of the table containing the requested item.\n" } }, "type": "object", "required": [ "key", "tableName" ] }, "outputs": { "description": "A collection of values returned by getTableItem.\n", "properties": { "expressionAttributeNames": { "additionalProperties": { "type": "string" }, "type": "object" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "item": { "description": "JSON representation of a map of attribute names to [AttributeValue](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_AttributeValue.html) objects, as specified by ProjectionExpression.\n", "type": "string" }, "key": { "type": "string" }, "projectionExpression": { "type": "string" }, "tableName": { "type": "string" } }, "required": [ "item", "key", "tableName", "id" ], "type": "object" } }, "aws:ebs/getDefaultKmsKey:getDefaultKmsKey": { "description": "Use this data source to get the default EBS encryption KMS key in the current region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.ebs.getDefaultKmsKey({});\nconst example = new aws.ebs.Volume(\"example\", {\n availabilityZone: \"us-west-2a\",\n encrypted: true,\n kmsKeyId: current.then(current =\u003e current.keyArn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.ebs.get_default_kms_key()\nexample = aws.ebs.Volume(\"example\",\n availability_zone=\"us-west-2a\",\n encrypted=True,\n kms_key_id=current.key_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.Ebs.GetDefaultKmsKey.Invoke();\n\n var example = new Aws.Ebs.Volume(\"example\", new()\n {\n AvailabilityZone = \"us-west-2a\",\n Encrypted = true,\n KmsKeyId = current.Apply(getDefaultKmsKeyResult =\u003e getDefaultKmsKeyResult.KeyArn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := ebs.LookupDefaultKmsKey(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ebs.NewVolume(ctx, \"example\", \u0026ebs.VolumeArgs{\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tEncrypted: pulumi.Bool(true),\n\t\t\tKmsKeyId: pulumi.String(current.KeyArn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport com.pulumi.aws.ebs.Volume;\nimport com.pulumi.aws.ebs.VolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = EbsFunctions.getDefaultKmsKey();\n\n var example = new Volume(\"example\", VolumeArgs.builder()\n .availabilityZone(\"us-west-2a\")\n .encrypted(true)\n .kmsKeyId(current.applyValue(getDefaultKmsKeyResult -\u003e getDefaultKmsKeyResult.keyArn()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ebs:Volume\n properties:\n availabilityZone: us-west-2a\n encrypted: true\n kmsKeyId: ${current.keyArn}\nvariables:\n current:\n fn::invoke:\n Function: aws:ebs:getDefaultKmsKey\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getDefaultKmsKey.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyArn": { "description": "ARN of the default KMS key uses to encrypt an EBS volume in this region when no key is specified in an API call that creates the volume and encryption by default is enabled.\n", "type": "string" } }, "required": [ "keyArn", "id" ], "type": "object" } }, "aws:ebs/getEbsVolumes:getEbsVolumes": { "description": "`aws.ebs.getEbsVolumes` provides identifying information for EBS volumes matching given criteria.\n\nThis data source can be useful for getting a list of volume IDs with (for example) matching tags.\n\n## Example Usage\n\nThe following demonstrates obtaining a map of availability zone to EBS volume ID for volumes with a given tag value.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ebs.getEbsVolumes({\n tags: {\n VolumeSet: \"TestVolumeSet\",\n },\n});\nconst exampleGetVolume = example.then(example =\u003e .reduce((__obj, [, ]) =\u003e ({ ...__obj, [__key]: aws.ebs.getVolume({\n filters: [{\n name: \"volume-id\",\n values: [__value],\n }],\n}) })));\nexport const availabilityZoneToVolumeId = exampleGetVolume.apply(exampleGetVolume =\u003e Object.values(exampleGetVolume).reduce((__obj, s) =\u003e ({ ...__obj, [s.id]: s.availabilityZone })));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ebs.get_ebs_volumes(tags={\n \"VolumeSet\": \"TestVolumeSet\",\n})\nexample_get_volume = {__key: aws.ebs.get_volume(filters=[{\n \"name\": \"volume-id\",\n \"values\": [__value],\n}]) for __key, __value in example.ids}\npulumi.export(\"availabilityZoneToVolumeId\", {s.id: s.availability_zone for s in example_get_volume})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ebs.GetEbsVolumes.Invoke(new()\n {\n Tags = \n {\n { \"VolumeSet\", \"TestVolumeSet\" },\n },\n });\n\n var exampleGetVolume = ;\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"availabilityZoneToVolumeId\"] = exampleGetVolume.Apply(exampleGetVolume =\u003e (exampleGetVolume).Values.ToDictionary(item =\u003e {\n var s = item.Value;\n return s.Id;\n }, item =\u003e {\n var s = item.Value;\n return s.AvailabilityZone;\n })),\n };\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEbsVolumes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired volumes.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEbsVolumes.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ebs/getEbsVolumesFilter:getEbsVolumesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of all the EBS Volume IDs found. This data source will fail if\nno volumes match the provided criteria.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ebs/getEncryptionByDefault:getEncryptionByDefault": { "description": "Provides a way to check whether default EBS encryption is enabled for your AWS account in the current AWS region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.ebs.getEncryptionByDefault({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.ebs.get_encryption_by_default()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.Ebs.GetEncryptionByDefault.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.LookupEncryptionByDefault(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = EbsFunctions.getEncryptionByDefault();\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:ebs:getEncryptionByDefault\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getEncryptionByDefault.\n", "properties": { "enabled": { "description": "Whether or not default EBS encryption is enabled. Returns as `true` or `false`.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "enabled", "id" ], "type": "object" } }, "aws:ebs/getSnapshot:getSnapshot": { "description": "Use this data source to get information about an EBS Snapshot for use when provisioning EBS Volumes\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolume = aws.ebs.getSnapshot({\n mostRecent: true,\n owners: [\"self\"],\n filters: [\n {\n name: \"volume-size\",\n values: [\"40\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volume = aws.ebs.get_snapshot(most_recent=True,\n owners=[\"self\"],\n filters=[\n {\n \"name\": \"volume-size\",\n \"values\": [\"40\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ebsVolume = Aws.Ebs.GetSnapshot.Invoke(new()\n {\n MostRecent = true,\n Owners = new[]\n {\n \"self\",\n },\n Filters = new[]\n {\n new Aws.Ebs.Inputs.GetSnapshotFilterInputArgs\n {\n Name = \"volume-size\",\n Values = new[]\n {\n \"40\",\n },\n },\n new Aws.Ebs.Inputs.GetSnapshotFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"Example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.LookupSnapshot(ctx, \u0026ebs.LookupSnapshotArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t\tFilters: []ebs.GetSnapshotFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"volume-size\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"40\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport com.pulumi.aws.ebs.inputs.GetSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ebsVolume = EbsFunctions.getSnapshot(GetSnapshotArgs.builder()\n .mostRecent(true)\n .owners(\"self\")\n .filters( \n GetSnapshotFilterArgs.builder()\n .name(\"volume-size\")\n .values(\"40\")\n .build(),\n GetSnapshotFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"Example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ebsVolume:\n fn::invoke:\n Function: aws:ebs:getSnapshot\n Arguments:\n mostRecent: true\n owners:\n - self\n filters:\n - name: volume-size\n values:\n - '40'\n - name: tag:Name\n values:\n - Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSnapshot.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotFilter:getSnapshotFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-snapshots in the AWS CLI reference][1].\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most recent snapshot.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "Returns the snapshots owned by the specified owner id. Multiple owners can be specified.\n" }, "restorableByUserIds": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS accounts IDs that can create volumes from the snapshot.\n" }, "snapshotIds": { "type": "array", "items": { "type": "string" }, "description": "Returns information on a specific snapshot_id.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshot.\n", "properties": { "arn": { "description": "ARN of the EBS Snapshot.\n", "type": "string" }, "dataEncryptionKeyId": { "description": "The data encryption key identifier for the snapshot.\n", "type": "string" }, "description": { "description": "Description for the snapshot\n", "type": "string" }, "encrypted": { "description": "Whether the snapshot is encrypted.\n", "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:ebs/getSnapshotFilter:getSnapshotFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "ARN for the KMS encryption key.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "outpostArn": { "description": "ARN of the Outpost on which the snapshot is stored.\n", "type": "string" }, "ownerAlias": { "description": "Value from an Amazon-maintained list (`amazon`, `aws-marketplace`, `microsoft`) of snapshot owners.\n", "type": "string" }, "ownerId": { "description": "AWS account ID of the EBS snapshot owner.\n", "type": "string" }, "owners": { "items": { "type": "string" }, "type": "array" }, "restorableByUserIds": { "items": { "type": "string" }, "type": "array" }, "snapshotId": { "description": "Snapshot ID (e.g., snap-59fcb34e).\n", "type": "string" }, "snapshotIds": { "items": { "type": "string" }, "type": "array" }, "state": { "description": "Snapshot state.\n", "type": "string" }, "storageTier": { "description": "Storage tier in which the snapshot is stored.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "volumeId": { "description": "Volume ID (e.g., vol-59fcb34e).\n", "type": "string" }, "volumeSize": { "description": "Size of the drive in GiBs.\n", "type": "integer" } }, "required": [ "arn", "dataEncryptionKeyId", "description", "encrypted", "kmsKeyId", "outpostArn", "ownerAlias", "ownerId", "snapshotId", "state", "storageTier", "tags", "volumeId", "volumeSize", "id" ], "type": "object" } }, "aws:ebs/getSnapshotIds:getSnapshotIds": { "description": "Use this data source to get a list of EBS Snapshot IDs matching the specified\ncriteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolumes = aws.ebs.getSnapshotIds({\n owners: [\"self\"],\n filters: [\n {\n name: \"volume-size\",\n values: [\"40\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volumes = aws.ebs.get_snapshot_ids(owners=[\"self\"],\n filters=[\n {\n \"name\": \"volume-size\",\n \"values\": [\"40\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ebsVolumes = Aws.Ebs.GetSnapshotIds.Invoke(new()\n {\n Owners = new[]\n {\n \"self\",\n },\n Filters = new[]\n {\n new Aws.Ebs.Inputs.GetSnapshotIdsFilterInputArgs\n {\n Name = \"volume-size\",\n Values = new[]\n {\n \"40\",\n },\n },\n new Aws.Ebs.Inputs.GetSnapshotIdsFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"Example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.GetSnapshotIds(ctx, \u0026ebs.GetSnapshotIdsArgs{\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t\tFilters: []ebs.GetSnapshotIdsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"volume-size\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"40\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport com.pulumi.aws.ebs.inputs.GetSnapshotIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ebsVolumes = EbsFunctions.getSnapshotIds(GetSnapshotIdsArgs.builder()\n .owners(\"self\")\n .filters( \n GetSnapshotIdsFilterArgs.builder()\n .name(\"volume-size\")\n .values(\"40\")\n .build(),\n GetSnapshotIdsFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"Example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ebsVolumes:\n fn::invoke:\n Function: aws:ebs:getSnapshotIds\n Arguments:\n owners:\n - self\n filters:\n - name: volume-size\n values:\n - '40'\n - name: tag:Name\n values:\n - Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSnapshotIds.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-volumes in the AWS CLI reference][1].\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "Returns the snapshots owned by the specified owner id. Multiple owners can be specified.\n" }, "restorableByUserIds": { "type": "array", "items": { "type": "string" }, "description": "One or more AWS accounts IDs that can create volumes from the snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshotIds.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ebs/getSnapshotIdsFilter:getSnapshotIdsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of EBS snapshot IDs, sorted by creation time in descending order.\n", "items": { "type": "string" }, "type": "array" }, "owners": { "items": { "type": "string" }, "type": "array" }, "restorableByUserIds": { "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ebs/getVolume:getVolume": { "description": "Use this data source to get information about an EBS volume for use in other\nresources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ebsVolume = aws.ebs.getVolume({\n mostRecent: true,\n filters: [\n {\n name: \"volume-type\",\n values: [\"gp2\"],\n },\n {\n name: \"tag:Name\",\n values: [\"Example\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nebs_volume = aws.ebs.get_volume(most_recent=True,\n filters=[\n {\n \"name\": \"volume-type\",\n \"values\": [\"gp2\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"Example\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ebsVolume = Aws.Ebs.GetVolume.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Ebs.Inputs.GetVolumeFilterInputArgs\n {\n Name = \"volume-type\",\n Values = new[]\n {\n \"gp2\",\n },\n },\n new Aws.Ebs.Inputs.GetVolumeFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"Example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ebs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ebs.LookupVolume(ctx, \u0026ebs.LookupVolumeArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []ebs.GetVolumeFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"volume-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"gp2\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ebs.EbsFunctions;\nimport com.pulumi.aws.ebs.inputs.GetVolumeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ebsVolume = EbsFunctions.getVolume(GetVolumeArgs.builder()\n .mostRecent(true)\n .filters( \n GetVolumeFilterArgs.builder()\n .name(\"volume-type\")\n .values(\"gp2\")\n .build(),\n GetVolumeFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"Example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ebsVolume:\n fn::invoke:\n Function: aws:ebs:getVolume\n Arguments:\n mostRecent: true\n filters:\n - name: volume-type\n values:\n - gp2\n - name: tag:Name\n values:\n - Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVolume.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ebs/getVolumeFilter:getVolumeFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-volumes in the AWS CLI reference][1].\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent Volume.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVolume.\n", "properties": { "arn": { "description": "Volume ARN (e.g., arn:aws:ec2:us-east-1:0123456789012:volume/vol-59fcb34e).\n", "type": "string" }, "availabilityZone": { "description": "AZ where the EBS volume exists.\n", "type": "string" }, "encrypted": { "description": "Whether the disk is encrypted.\n", "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:ebs/getVolumeFilter:getVolumeFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "iops": { "description": "Amount of IOPS for the disk.\n", "type": "integer" }, "kmsKeyId": { "description": "ARN for the KMS encryption key.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "multiAttachEnabled": { "description": "(Optional) Specifies whether Amazon EBS Multi-Attach is enabled.\n", "type": "boolean" }, "outpostArn": { "description": "ARN of the Outpost.\n", "type": "string" }, "size": { "description": "Size of the drive in GiBs.\n", "type": "integer" }, "snapshotId": { "description": "Snapshot_id the EBS volume is based off.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "throughput": { "description": "Throughput that the volume supports, in MiB/s.\n", "type": "integer" }, "volumeId": { "description": "Volume ID (e.g., vol-59fcb34e).\n", "type": "string" }, "volumeType": { "description": "Type of EBS volume.\n", "type": "string" } }, "required": [ "arn", "availabilityZone", "encrypted", "iops", "kmsKeyId", "multiAttachEnabled", "outpostArn", "size", "snapshotId", "tags", "throughput", "volumeId", "volumeType", "id" ], "type": "object" } }, "aws:ec2/getAmi:getAmi": { "description": "Use this data source to get the ID of a registered AMI for use in other\nresources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getAmi({\n executableUsers: [\"self\"],\n mostRecent: true,\n nameRegex: \"^myami-\\\\d{3}\",\n owners: [\"self\"],\n filters: [\n {\n name: \"name\",\n values: [\"myami-*\"],\n },\n {\n name: \"root-device-type\",\n values: [\"ebs\"],\n },\n {\n name: \"virtualization-type\",\n values: [\"hvm\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_ami(executable_users=[\"self\"],\n most_recent=True,\n name_regex=\"^myami-\\\\d{3}\",\n owners=[\"self\"],\n filters=[\n {\n \"name\": \"name\",\n \"values\": [\"myami-*\"],\n },\n {\n \"name\": \"root-device-type\",\n \"values\": [\"ebs\"],\n },\n {\n \"name\": \"virtualization-type\",\n \"values\": [\"hvm\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetAmi.Invoke(new()\n {\n ExecutableUsers = new[]\n {\n \"self\",\n },\n MostRecent = true,\n NameRegex = \"^myami-\\\\d{3}\",\n Owners = new[]\n {\n \"self\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"myami-*\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"root-device-type\",\n Values = new[]\n {\n \"ebs\",\n },\n },\n new Aws.Ec2.Inputs.GetAmiFilterInputArgs\n {\n Name = \"virtualization-type\",\n Values = new[]\n {\n \"hvm\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupAmi(ctx, \u0026ec2.LookupAmiArgs{\n\t\t\tExecutableUsers: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tNameRegex: pulumi.StringRef(\"^myami-\\\\d{3}\"),\n\t\t\tOwners: []string{\n\t\t\t\t\"self\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"myami-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"root-device-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ebs\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"virtualization-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"hvm\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getAmi(GetAmiArgs.builder()\n .executableUsers(\"self\")\n .mostRecent(true)\n .nameRegex(\"^myami-\\\\d{3}\")\n .owners(\"self\")\n .filters( \n GetAmiFilterArgs.builder()\n .name(\"name\")\n .values(\"myami-*\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"root-device-type\")\n .values(\"ebs\")\n .build(),\n GetAmiFilterArgs.builder()\n .name(\"virtualization-type\")\n .values(\"hvm\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getAmi\n Arguments:\n executableUsers:\n - self\n mostRecent: true\n nameRegex: ^myami-\\d{3}\n owners:\n - self\n filters:\n - name: name\n values:\n - myami-*\n - name: root-device-type\n values:\n - ebs\n - name: virtualization-type\n values:\n - hvm\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAmi.\n", "properties": { "executableUsers": { "type": "array", "items": { "type": "string" }, "description": "Limit search to users with *explicit* launch permission on\nthe image. Valid items are the numeric account ID or `self`.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getAmiFilter:getAmiFilter" }, "description": "One or more name/value pairs to filter off of. There are\nseveral valid keys, for a full reference, check out\n[describe-images in the AWS CLI reference][1].\n" }, "includeDeprecated": { "type": "boolean", "description": "If true, all deprecated AMIs are included in the response. If false, no deprecated AMIs are included in the response. If no value is specified, the default value is false.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent AMI.\n" }, "nameRegex": { "type": "string", "description": "Regex string to apply to the AMI list returned\nby AWS. This allows more advanced filtering not supported from the AWS API. This\nfiltering is done locally on what AWS returns, and could have a performance\nimpact if the result is large. Combine this with other\noptions to narrow down the list AWS returns.\n\n\u003e **NOTE:** If more or less than a single match is returned by the search,\nthis call will fail. Ensure that your search is specific enough to return\na single AMI ID only, or use `most_recent` to choose the most recent one. If\nyou want to match multiple AMIs, use the `aws.ec2.getAmiIds` data source instead.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "List of AMI owners to limit search. Valid values: an AWS account ID, `self` (the current account), or an AWS owner alias (e.g., `amazon`, `aws-marketplace`, `microsoft`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the image.\n* `tags.#.key` - Key name of the tag.\n* `tags.#.value` - Value of the tag.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAmi.\n", "properties": { "architecture": { "description": "OS architecture of the AMI (ie: `i386` or `x86_64`).\n", "type": "string" }, "arn": { "description": "ARN of the AMI.\n", "type": "string" }, "blockDeviceMappings": { "description": "Set of objects with block device mappings of the AMI.\n", "items": { "$ref": "#/types/aws:ec2/getAmiBlockDeviceMapping:getAmiBlockDeviceMapping" }, "type": "array" }, "bootMode": { "description": "Boot mode of the image.\n", "type": "string" }, "creationDate": { "description": "Date and time the image was created.\n", "type": "string" }, "deprecationTime": { "description": "Date and time when the image will be deprecated.\n", "type": "string" }, "description": { "description": "Description of the AMI that was provided during image\ncreation.\n", "type": "string" }, "enaSupport": { "description": "Whether enhanced networking with ENA is enabled.\n", "type": "boolean" }, "executableUsers": { "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getAmiFilter:getAmiFilter" }, "type": "array" }, "hypervisor": { "description": "Hypervisor type of the image.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageId": { "description": "ID of the AMI. Should be the same as the resource `id`.\n", "type": "string" }, "imageLocation": { "description": "Location of the AMI.\n", "type": "string" }, "imageOwnerAlias": { "description": "AWS account alias (for example, `amazon`, `self`) or\nthe AWS account ID of the AMI owner.\n", "type": "string" }, "imageType": { "description": "Type of image.\n", "type": "string" }, "imdsSupport": { "description": "Instance Metadata Service (IMDS) support mode for the image. Set to `v2.0` if instances ran from this image enforce IMDSv2.\n", "type": "string" }, "includeDeprecated": { "type": "boolean" }, "kernelId": { "description": "Kernel associated with the image, if any. Only applicable\nfor machine images.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "name": { "description": "Name of the AMI that was provided during image creation.\n", "type": "string" }, "nameRegex": { "type": "string" }, "ownerId": { "description": "AWS account ID of the image owner.\n", "type": "string" }, "owners": { "items": { "type": "string" }, "type": "array" }, "platform": { "description": "Value is Windows for `Windows` AMIs; otherwise blank.\n", "type": "string" }, "platformDetails": { "description": "Platform details associated with the billing code of the AMI.\n", "type": "string" }, "productCodes": { "description": "Any product codes associated with the AMI.\n* `product_codes.#.product_code_id` - The product code.\n* `product_codes.#.product_code_type` - The type of product code.\n", "items": { "$ref": "#/types/aws:ec2/getAmiProductCode:getAmiProductCode" }, "type": "array" }, "public": { "description": "`true` if the image has public launch permissions.\n", "type": "boolean" }, "ramdiskId": { "description": "RAM disk associated with the image, if any. Only applicable\nfor machine images.\n", "type": "string" }, "rootDeviceName": { "description": "Device name of the root device.\n", "type": "string" }, "rootDeviceType": { "description": "Type of root device (ie: `ebs` or `instance-store`).\n", "type": "string" }, "rootSnapshotId": { "description": "Snapshot id associated with the root device, if any\n(only applies to `ebs` root devices).\n", "type": "string" }, "sriovNetSupport": { "description": "Whether enhanced networking is enabled.\n", "type": "string" }, "state": { "description": "Current state of the AMI. If the state is `available`, the image\nis successfully registered and can be used to launch an instance.\n", "type": "string" }, "stateReason": { "additionalProperties": { "type": "string" }, "description": "Describes a state change. Fields are `UNSET` if not available.\n", "type": "object" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the image.\n* `tags.#.key` - Key name of the tag.\n* `tags.#.value` - Value of the tag.\n", "type": "object" }, "tpmSupport": { "description": "If the image is configured for NitroTPM support, the value is `v2.0`.\n", "type": "string" }, "usageOperation": { "description": "Operation of the Amazon EC2 instance and the billing code that is associated with the AMI.\n", "type": "string" }, "virtualizationType": { "description": "Type of virtualization of the AMI (ie: `hvm` or\n`paravirtual`).\n", "type": "string" } }, "required": [ "architecture", "arn", "blockDeviceMappings", "bootMode", "creationDate", "deprecationTime", "description", "enaSupport", "hypervisor", "imageId", "imageLocation", "imageOwnerAlias", "imageType", "imdsSupport", "kernelId", "name", "ownerId", "platform", "platformDetails", "productCodes", "public", "ramdiskId", "rootDeviceName", "rootDeviceType", "rootSnapshotId", "sriovNetSupport", "state", "stateReason", "tags", "tpmSupport", "usageOperation", "virtualizationType", "id" ], "type": "object" } }, "aws:ec2/getAmiIds:getAmiIds": { "description": "Use this data source to get a list of AMI IDs matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = aws.ec2.getAmiIds({\n owners: [\"099720109477\"],\n filters: [{\n name: \"name\",\n values: [\"ubuntu/images/ubuntu-*-*-amd64-server-*\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_ami_ids(owners=[\"099720109477\"],\n filters=[{\n \"name\": \"name\",\n \"values\": [\"ubuntu/images/ubuntu-*-*-amd64-server-*\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ubuntu = Aws.Ec2.GetAmiIds.Invoke(new()\n {\n Owners = new[]\n {\n \"099720109477\",\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetAmiIdsFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"ubuntu/images/ubuntu-*-*-amd64-server-*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetAmiIds(ctx, \u0026ec2.GetAmiIdsArgs{\n\t\t\tOwners: []string{\n\t\t\t\t\"099720109477\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetAmiIdsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ubuntu/images/ubuntu-*-*-amd64-server-*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetAmiIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ubuntu = Ec2Functions.getAmiIds(GetAmiIdsArgs.builder()\n .owners(\"099720109477\")\n .filters(GetAmiIdsFilterArgs.builder()\n .name(\"name\")\n .values(\"ubuntu/images/ubuntu-*-*-amd64-server-*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ubuntu:\n fn::invoke:\n Function: aws:ec2:getAmiIds\n Arguments:\n owners:\n - '099720109477'\n filters:\n - name: name\n values:\n - ubuntu/images/ubuntu-*-*-amd64-server-*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAmiIds.\n", "properties": { "executableUsers": { "type": "array", "items": { "type": "string" }, "description": "Limit search to users with *explicit* launch\npermission on the image. Valid items are the numeric account ID or `self`.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getAmiIdsFilter:getAmiIdsFilter" }, "description": "One or more name/value pairs to filter off of. There\nare several valid keys, for a full reference, check out\n[describe-images in the AWS CLI reference][1].\n" }, "includeDeprecated": { "type": "boolean", "description": "If true, all deprecated AMIs are included in the response.\nIf false, no deprecated AMIs are included in the response. If no value is specified, the default value is `false`.\n" }, "nameRegex": { "type": "string", "description": "Regex string to apply to the AMI list returned\nby AWS. This allows more advanced filtering not supported from the AWS API.\nThis filtering is done locally on what AWS returns, and could have a performance\nimpact if the result is large. Combine this with other\noptions to narrow down the list AWS returns.\n" }, "owners": { "type": "array", "items": { "type": "string" }, "description": "List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, `self` (the current account), or an AWS owner alias (e.g., `amazon`, `aws-marketplace`, `microsoft`).\n" }, "sortAscending": { "type": "boolean", "description": "Used to sort AMIs by creation time.\nIf no value is specified, the default value is `false`.\n" } }, "type": "object", "required": [ "owners" ] }, "outputs": { "description": "A collection of values returned by getAmiIds.\n", "properties": { "executableUsers": { "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getAmiIdsFilter:getAmiIdsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "items": { "type": "string" }, "type": "array" }, "includeDeprecated": { "type": "boolean" }, "nameRegex": { "type": "string" }, "owners": { "items": { "type": "string" }, "type": "array" }, "sortAscending": { "type": "boolean" } }, "required": [ "ids", "owners", "id" ], "type": "object" } }, "aws:ec2/getCapacityBlockOffering:getCapacityBlockOffering": { "description": "Information about a single EC2 Capacity Block Offering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getCapacityBlockOffering({\n capacityDurationHours: 24,\n endDateRange: \"2024-05-30T15:04:05Z\",\n instanceCount: 1,\n instanceType: \"p4d.24xlarge\",\n startDateRange: \"2024-04-28T15:04:05Z\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_capacity_block_offering(capacity_duration_hours=24,\n end_date_range=\"2024-05-30T15:04:05Z\",\n instance_count=1,\n instance_type=\"p4d.24xlarge\",\n start_date_range=\"2024-04-28T15:04:05Z\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetCapacityBlockOffering.Invoke(new()\n {\n CapacityDurationHours = 24,\n EndDateRange = \"2024-05-30T15:04:05Z\",\n InstanceCount = 1,\n InstanceType = \"p4d.24xlarge\",\n StartDateRange = \"2024-04-28T15:04:05Z\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetCapacityBlockOffering(ctx, \u0026ec2.GetCapacityBlockOfferingArgs{\n\t\t\tCapacityDurationHours: 24,\n\t\t\tEndDateRange: pulumi.StringRef(\"2024-05-30T15:04:05Z\"),\n\t\t\tInstanceCount: 1,\n\t\t\tInstanceType: \"p4d.24xlarge\",\n\t\t\tStartDateRange: pulumi.StringRef(\"2024-04-28T15:04:05Z\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetCapacityBlockOfferingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getCapacityBlockOffering(GetCapacityBlockOfferingArgs.builder()\n .capacityDurationHours(24)\n .endDateRange(\"2024-05-30T15:04:05Z\")\n .instanceCount(1)\n .instanceType(\"p4d.24xlarge\")\n .startDateRange(\"2024-04-28T15:04:05Z\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getCapacityBlockOffering\n Arguments:\n capacityDurationHours: 24\n endDateRange: 2024-05-30T15:04:05Z\n instanceCount: 1\n instanceType: p4d.24xlarge\n startDateRange: 2024-04-28T15:04:05Z\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCapacityBlockOffering.\n", "properties": { "capacityDurationHours": { "type": "integer", "description": "The amount of time of the Capacity Block reservation in hours.\n" }, "endDateRange": { "type": "string", "description": "The date and time at which the Capacity Block Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" }, "instanceCount": { "type": "integer", "description": "The number of instances for which to reserve capacity.\n" }, "instanceType": { "type": "string", "description": "The instance type for which to reserve capacity.\n" }, "startDateRange": { "type": "string", "description": "The date and time at which the Capacity Block Reservation starts. Valid values: [RFC3339 time string](https://tools.ietf.org/html/rfc3339#section-5.8) (`YYYY-MM-DDTHH:MM:SSZ`)\n" } }, "type": "object", "required": [ "capacityDurationHours", "instanceCount", "instanceType" ] }, "outputs": { "description": "A collection of values returned by getCapacityBlockOffering.\n", "properties": { "availabilityZone": { "description": "The Availability Zone in which to create the Capacity Reservation.\n", "type": "string" }, "capacityBlockOfferingId": { "description": "The Capacity Block Reservation ID.\n", "type": "string" }, "capacityDurationHours": { "type": "integer" }, "currencyCode": { "description": "The currency of the payment for the Capacity Block.\n", "type": "string" }, "endDateRange": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceCount": { "type": "integer" }, "instanceType": { "type": "string" }, "startDateRange": { "type": "string" }, "tenancy": { "description": "Indicates the tenancy of the Capacity Reservation. Specify either `default` or `dedicated`.\n", "type": "string" }, "upfrontFee": { "description": "The total price to be paid up front.\n", "type": "string" } }, "required": [ "availabilityZone", "capacityBlockOfferingId", "capacityDurationHours", "currencyCode", "endDateRange", "instanceCount", "instanceType", "startDateRange", "tenancy", "upfrontFee", "id" ], "type": "object" } }, "aws:ec2/getCoipPool:getCoipPool": { "description": "Provides details about a specific EC2 Customer-Owned IP Pool.\n\nThis data source can prove useful when a module accepts a coip pool id as\nan input variable and needs to, for example, determine the CIDR block of that\nCOIP Pool.\n\n## Example Usage\n\nThe following example returns a specific coip pool ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetCoipPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var coipPoolId = config.get(\"coipPoolId\");\n final var selected = Ec2Functions.getCoipPool(GetCoipPoolArgs.builder()\n .id(coipPoolId)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n coipPoolId:\n type: dynamic\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getCoipPool\n Arguments:\n id: ${coipPoolId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCoipPool.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolFilter:getCoipPoolFilter" } }, "localGatewayRouteTableId": { "type": "string", "description": "Local Gateway Route Table Id assigned to desired COIP Pool\n" }, "poolId": { "type": "string", "description": "ID of the specific COIP Pool to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired COIP Pool.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCoipPool.\n", "properties": { "arn": { "description": "ARN of the COIP pool\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getCoipPoolFilter:getCoipPoolFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "localGatewayRouteTableId": { "type": "string" }, "poolCidrs": { "description": "Set of CIDR blocks in pool\n", "items": { "type": "string" }, "type": "array" }, "poolId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "localGatewayRouteTableId", "poolCidrs", "poolId", "tags", "id" ], "type": "object" } }, "aws:ec2/getCoipPools:getCoipPools": { "description": "Provides information for multiple EC2 Customer-Owned IP Pools, such as their identifiers.\n\n", "inputs": { "description": "A collection of arguments for invoking getCoipPools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired aws_ec2_coip_pools.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCoipPools.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getCoipPoolsFilter:getCoipPoolsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "poolIds": { "description": "Set of COIP Pool Identifiers\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "poolIds", "id" ], "type": "object" } }, "aws:ec2/getCustomerGateway:getCustomerGateway": { "description": "Get an existing AWS Customer Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.ec2.getCustomerGateway({\n filters: [{\n name: \"tag:Name\",\n values: [\"foo-prod\"],\n }],\n});\nconst main = new aws.ec2.VpnGateway(\"main\", {\n vpcId: mainAwsVpc.id,\n amazonSideAsn: \"7224\",\n});\nconst transit = new aws.ec2.VpnConnection(\"transit\", {\n vpnGatewayId: main.id,\n customerGatewayId: foo.then(foo =\u003e foo.id),\n type: foo.then(foo =\u003e foo.type),\n staticRoutesOnly: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_customer_gateway(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"foo-prod\"],\n}])\nmain = aws.ec2.VpnGateway(\"main\",\n vpc_id=main_aws_vpc[\"id\"],\n amazon_side_asn=\"7224\")\ntransit = aws.ec2.VpnConnection(\"transit\",\n vpn_gateway_id=main.id,\n customer_gateway_id=foo.id,\n type=foo.type,\n static_routes_only=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ec2.GetCustomerGateway.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetCustomerGatewayFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"foo-prod\",\n },\n },\n },\n });\n\n var main = new Aws.Ec2.VpnGateway(\"main\", new()\n {\n VpcId = mainAwsVpc.Id,\n AmazonSideAsn = \"7224\",\n });\n\n var transit = new Aws.Ec2.VpnConnection(\"transit\", new()\n {\n VpnGatewayId = main.Id,\n CustomerGatewayId = foo.Apply(getCustomerGatewayResult =\u003e getCustomerGatewayResult.Id),\n Type = foo.Apply(getCustomerGatewayResult =\u003e getCustomerGatewayResult.Type),\n StaticRoutesOnly = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.LookupCustomerGateway(ctx, \u0026ec2.LookupCustomerGatewayArgs{\n\t\t\tFilters: []ec2.GetCustomerGatewayFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"foo-prod\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := ec2.NewVpnGateway(ctx, \"main\", \u0026ec2.VpnGatewayArgs{\n\t\t\tVpcId: pulumi.Any(mainAwsVpc.Id),\n\t\t\tAmazonSideAsn: pulumi.String(\"7224\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"transit\", \u0026ec2.VpnConnectionArgs{\n\t\t\tVpnGatewayId: main.ID(),\n\t\t\tCustomerGatewayId: pulumi.String(foo.Id),\n\t\t\tType: pulumi.String(foo.Type),\n\t\t\tStaticRoutesOnly: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetCustomerGatewayArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.ec2.VpnGatewayArgs;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = Ec2Functions.getCustomerGateway(GetCustomerGatewayArgs.builder()\n .filters(GetCustomerGatewayFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"foo-prod\")\n .build())\n .build());\n\n var main = new VpnGateway(\"main\", VpnGatewayArgs.builder()\n .vpcId(mainAwsVpc.id())\n .amazonSideAsn(7224)\n .build());\n\n var transit = new VpnConnection(\"transit\", VpnConnectionArgs.builder()\n .vpnGatewayId(main.id())\n .customerGatewayId(foo.applyValue(getCustomerGatewayResult -\u003e getCustomerGatewayResult.id()))\n .type(foo.applyValue(getCustomerGatewayResult -\u003e getCustomerGatewayResult.type()))\n .staticRoutesOnly(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:VpnGateway\n properties:\n vpcId: ${mainAwsVpc.id}\n amazonSideAsn: 7224\n transit:\n type: aws:ec2:VpnConnection\n properties:\n vpnGatewayId: ${main.id}\n customerGatewayId: ${foo.id}\n type: ${foo.type}\n staticRoutesOnly: false\nvariables:\n foo:\n fn::invoke:\n Function: aws:ec2:getCustomerGateway\n Arguments:\n filters:\n - name: tag:Name\n values:\n - foo-prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCustomerGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter" }, "description": "One or more [name-value pairs][dcg-filters] to filter by.\n\n[dcg-filters]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html\n" }, "id": { "type": "string", "description": "ID of the gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCustomerGateway.\n", "properties": { "arn": { "description": "ARN of the customer gateway.\n", "type": "string" }, "bgpAsn": { "description": "Gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n", "type": "integer" }, "bgpAsnExtended": { "description": "Gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).\n", "type": "integer" }, "certificateArn": { "description": "ARN for the customer gateway certificate.\n", "type": "string" }, "deviceName": { "description": "Name for the customer gateway device.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getCustomerGatewayFilter:getCustomerGatewayFilter" }, "type": "array" }, "id": { "type": "string" }, "ipAddress": { "description": "IP address of the gateway's Internet-routable external interface.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the gateway.\n", "type": "object" }, "type": { "description": "Type of customer gateway. The only type AWS supports at this time is \"ipsec.1\".\n", "type": "string" } }, "required": [ "arn", "bgpAsn", "bgpAsnExtended", "certificateArn", "deviceName", "id", "ipAddress", "tags", "type" ], "type": "object" } }, "aws:ec2/getDedicatedHost:getDedicatedHost": { "description": "Use this data source to get information about an EC2 Dedicated Host.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testDedicatedHost = new aws.ec2.DedicatedHost(\"test\", {\n instanceType: \"c5.18xlarge\",\n availabilityZone: \"us-west-2a\",\n});\nconst test = aws.ec2.getDedicatedHostOutput({\n hostId: testDedicatedHost.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_dedicated_host = aws.ec2.DedicatedHost(\"test\",\n instance_type=\"c5.18xlarge\",\n availability_zone=\"us-west-2a\")\ntest = aws.ec2.get_dedicated_host_output(host_id=test_dedicated_host.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testDedicatedHost = new Aws.Ec2.DedicatedHost(\"test\", new()\n {\n InstanceType = \"c5.18xlarge\",\n AvailabilityZone = \"us-west-2a\",\n });\n\n var test = Aws.Ec2.GetDedicatedHost.Invoke(new()\n {\n HostId = testDedicatedHost.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestDedicatedHost, err := ec2.NewDedicatedHost(ctx, \"test\", \u0026ec2.DedicatedHostArgs{\n\t\t\tInstanceType: pulumi.String(\"c5.18xlarge\"),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = ec2.LookupDedicatedHostOutput(ctx, ec2.GetDedicatedHostOutputArgs{\n\t\t\tHostId: testDedicatedHost.ID(),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.DedicatedHost;\nimport com.pulumi.aws.ec2.DedicatedHostArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetDedicatedHostArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testDedicatedHost = new DedicatedHost(\"testDedicatedHost\", DedicatedHostArgs.builder()\n .instanceType(\"c5.18xlarge\")\n .availabilityZone(\"us-west-2a\")\n .build());\n\n final var test = Ec2Functions.getDedicatedHost(GetDedicatedHostArgs.builder()\n .hostId(testDedicatedHost.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testDedicatedHost:\n type: aws:ec2:DedicatedHost\n name: test\n properties:\n instanceType: c5.18xlarge\n availabilityZone: us-west-2a\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getDedicatedHost\n Arguments:\n hostId: ${testDedicatedHost.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getDedicatedHost({\n filters: [{\n name: \"instance-type\",\n values: [\"c5.18xlarge\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_dedicated_host(filters=[{\n \"name\": \"instance-type\",\n \"values\": [\"c5.18xlarge\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetDedicatedHost.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetDedicatedHostFilterInputArgs\n {\n Name = \"instance-type\",\n Values = new[]\n {\n \"c5.18xlarge\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupDedicatedHost(ctx, \u0026ec2.LookupDedicatedHostArgs{\n\t\t\tFilters: []ec2.GetDedicatedHostFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"c5.18xlarge\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetDedicatedHostArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getDedicatedHost(GetDedicatedHostArgs.builder()\n .filters(GetDedicatedHostFilterArgs.builder()\n .name(\"instance-type\")\n .values(\"c5.18xlarge\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getDedicatedHost\n Arguments:\n filters:\n - name: instance-type\n values:\n - c5.18xlarge\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDedicatedHost.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getDedicatedHostFilter:getDedicatedHostFilter" }, "description": "Configuration block. Detailed below.\n" }, "hostId": { "type": "string", "description": "ID of the Dedicated Host.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDedicatedHost.\n", "properties": { "arn": { "description": "ARN of the Dedicated Host.\n", "type": "string" }, "assetId": { "description": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.\n", "type": "string" }, "autoPlacement": { "description": "Whether auto-placement is on or off.\n", "type": "string" }, "availabilityZone": { "description": "Availability Zone of the Dedicated Host.\n", "type": "string" }, "cores": { "description": "Number of cores on the Dedicated Host.\n", "type": "integer" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getDedicatedHostFilter:getDedicatedHostFilter" }, "type": "array" }, "hostId": { "type": "string" }, "hostRecovery": { "description": "Whether host recovery is enabled or disabled for the Dedicated Host.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceFamily": { "description": "Instance family supported by the Dedicated Host. For example, \"m5\".\n", "type": "string" }, "instanceType": { "description": "Instance type supported by the Dedicated Host. For example, \"m5.large\". If the host supports multiple instance types, no instanceType is returned.\n", "type": "string" }, "outpostArn": { "description": "ARN of the AWS Outpost on which the Dedicated Host is allocated.\n", "type": "string" }, "ownerId": { "description": "ID of the AWS account that owns the Dedicated Host.\n", "type": "string" }, "sockets": { "description": "Number of sockets on the Dedicated Host.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "totalVcpus": { "description": "Total number of vCPUs on the Dedicated Host.\n", "type": "integer" } }, "required": [ "arn", "assetId", "autoPlacement", "availabilityZone", "cores", "hostId", "hostRecovery", "instanceFamily", "instanceType", "outpostArn", "ownerId", "sockets", "tags", "totalVcpus", "id" ], "type": "object" } }, "aws:ec2/getEips:getEips": { "description": "Provides a list of Elastic IPs in a region.\n\n## Example Usage\n\nThe following shows outputting all Elastic IPs with the a specific tag value.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getEips({\n tags: {\n Env: \"dev\",\n },\n});\nexport const allocationIds = example.then(example =\u003e example.allocationIds);\nexport const publicIps = example.then(example =\u003e example.publicIps);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_eips(tags={\n \"Env\": \"dev\",\n})\npulumi.export(\"allocationIds\", example.allocation_ids)\npulumi.export(\"publicIps\", example.public_ips)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetEips.Invoke(new()\n {\n Tags = \n {\n { \"Env\", \"dev\" },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"allocationIds\"] = example.Apply(getEipsResult =\u003e getEipsResult.AllocationIds),\n [\"publicIps\"] = example.Apply(getEipsResult =\u003e getEipsResult.PublicIps),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetEips(ctx, \u0026ec2.GetEipsArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"dev\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"allocationIds\", example.AllocationIds)\n\t\tctx.Export(\"publicIps\", example.PublicIps)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetEipsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getEips(GetEipsArgs.builder()\n .tags(Map.of(\"Env\", \"dev\"))\n .build());\n\n ctx.export(\"allocationIds\", example.applyValue(getEipsResult -\u003e getEipsResult.allocationIds()));\n ctx.export(\"publicIps\", example.applyValue(getEipsResult -\u003e getEipsResult.publicIps()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getEips\n Arguments:\n tags:\n Env: dev\noutputs:\n # VPC EIPs.\n allocationIds: ${example.allocationIds}\n # EC2-Classic EIPs.\n publicIps: ${example.publicIps}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEips.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getEipsFilter:getEipsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Elastic IPs.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEips.\n", "properties": { "allocationIds": { "description": "List of all the allocation IDs for address for use with EC2-VPC.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getEipsFilter:getEipsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "publicIps": { "description": "List of all the Elastic IP addresses.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "allocationIds", "publicIps", "id" ], "type": "object" } }, "aws:ec2/getElasticIp:getElasticIp": { "description": "`aws.ec2.Eip` provides details about a specific Elastic IP.\n\n## Example Usage\n\n### Search By Allocation ID (VPC only)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byAllocationId = aws.ec2.getElasticIp({\n id: \"eipalloc-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_allocation_id = aws.ec2.get_elastic_ip(id=\"eipalloc-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byAllocationId = Aws.Ec2.GetElasticIp.Invoke(new()\n {\n Id = \"eipalloc-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetElasticIp(ctx, \u0026ec2.GetElasticIpArgs{\n\t\t\tId: pulumi.StringRef(\"eipalloc-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetElasticIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byAllocationId = Ec2Functions.getElasticIp(GetElasticIpArgs.builder()\n .id(\"eipalloc-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byAllocationId:\n fn::invoke:\n Function: aws:ec2:getElasticIp\n Arguments:\n id: eipalloc-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Search By Filters (EC2-Classic or VPC)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byFilter = aws.ec2.getElasticIp({\n filters: [{\n name: \"tag:Name\",\n values: [\"exampleNameTagValue\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_filter = aws.ec2.get_elastic_ip(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"exampleNameTagValue\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byFilter = Aws.Ec2.GetElasticIp.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetElasticIpFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"exampleNameTagValue\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetElasticIp(ctx, \u0026ec2.GetElasticIpArgs{\n\t\t\tFilters: []ec2.GetElasticIpFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"exampleNameTagValue\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetElasticIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byFilter = Ec2Functions.getElasticIp(GetElasticIpArgs.builder()\n .filters(GetElasticIpFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"exampleNameTagValue\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byFilter:\n fn::invoke:\n Function: aws:ec2:getElasticIp\n Arguments:\n filters:\n - name: tag:Name\n values:\n - exampleNameTagValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Search By Public IP (EC2-Classic or VPC)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byPublicIp = aws.ec2.getElasticIp({\n publicIp: \"1.2.3.4\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_public_ip = aws.ec2.get_elastic_ip(public_ip=\"1.2.3.4\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byPublicIp = Aws.Ec2.GetElasticIp.Invoke(new()\n {\n PublicIp = \"1.2.3.4\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetElasticIp(ctx, \u0026ec2.GetElasticIpArgs{\n\t\t\tPublicIp: pulumi.StringRef(\"1.2.3.4\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetElasticIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byPublicIp = Ec2Functions.getElasticIp(GetElasticIpArgs.builder()\n .publicIp(\"1.2.3.4\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byPublicIp:\n fn::invoke:\n Function: aws:ec2:getElasticIp\n Arguments:\n publicIp: 1.2.3.4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Search By Tags (EC2-Classic or VPC)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byTags = aws.ec2.getElasticIp({\n tags: {\n Name: \"exampleNameTagValue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_tags = aws.ec2.get_elastic_ip(tags={\n \"Name\": \"exampleNameTagValue\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byTags = Aws.Ec2.GetElasticIp.Invoke(new()\n {\n Tags = \n {\n { \"Name\", \"exampleNameTagValue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetElasticIp(ctx, \u0026ec2.GetElasticIpArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"exampleNameTagValue\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetElasticIpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byTags = Ec2Functions.getElasticIp(GetElasticIpArgs.builder()\n .tags(Map.of(\"Name\", \"exampleNameTagValue\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byTags:\n fn::invoke:\n Function: aws:ec2:getElasticIp\n Arguments:\n tags:\n Name: exampleNameTagValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getElasticIp.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getElasticIpFilter:getElasticIpFilter" }, "description": "One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html).\n" }, "id": { "type": "string", "description": "Allocation ID of the specific VPC EIP to retrieve. If a classic EIP is required, do NOT set `id`, only set `public_ip`\n" }, "publicIp": { "type": "string", "description": "Public IP of the specific EIP to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Elastic IP\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getElasticIp.\n", "properties": { "arn": { "type": "string" }, "associationId": { "description": "ID representing the association of the address with an instance in a VPC.\n", "type": "string" }, "carrierIp": { "description": "Carrier IP address.\n", "type": "string" }, "customerOwnedIp": { "description": "Customer Owned IP.\n", "type": "string" }, "customerOwnedIpv4Pool": { "description": "The ID of a Customer Owned IP Pool. For more on customer owned IP addressed check out [Customer-owned IP addresses guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)\n", "type": "string" }, "domain": { "description": "Whether the address is for use in EC2-Classic (standard) or in a VPC (vpc).\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getElasticIpFilter:getElasticIpFilter" }, "type": "array" }, "id": { "description": "If VPC Elastic IP, the allocation identifier. If EC2-Classic Elastic IP, the public IP address.\n", "type": "string" }, "instanceId": { "description": "ID of the instance that the address is associated with (if any).\n", "type": "string" }, "networkInterfaceId": { "description": "The ID of the network interface.\n", "type": "string" }, "networkInterfaceOwnerId": { "description": "The ID of the AWS account that owns the network interface.\n", "type": "string" }, "privateDns": { "description": "Private DNS associated with the Elastic IP address.\n", "type": "string" }, "privateIp": { "description": "Private IP address associated with the Elastic IP address.\n", "type": "string" }, "ptrRecord": { "description": "The DNS pointer (PTR) record for the IP address.\n", "type": "string" }, "publicDns": { "description": "Public DNS associated with the Elastic IP address.\n", "type": "string" }, "publicIp": { "description": "Public IP address of Elastic IP.\n", "type": "string" }, "publicIpv4Pool": { "description": "ID of an address pool.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of tags associated with Elastic IP.\n", "type": "object" } }, "required": [ "arn", "associationId", "carrierIp", "customerOwnedIp", "customerOwnedIpv4Pool", "domain", "id", "instanceId", "networkInterfaceId", "networkInterfaceOwnerId", "privateDns", "privateIp", "ptrRecord", "publicDns", "publicIp", "publicIpv4Pool", "tags" ], "type": "object" } }, "aws:ec2/getInstance:getInstance": { "description": "Use this data source to get the ID of an Amazon EC2 Instance for use in other resources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.ec2.getInstance({\n instanceId: \"i-instanceid\",\n filters: [\n {\n name: \"image-id\",\n values: [\"ami-xxxxxxxx\"],\n },\n {\n name: \"tag:Name\",\n values: [\"instance-name-tag\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_instance(instance_id=\"i-instanceid\",\n filters=[\n {\n \"name\": \"image-id\",\n \"values\": [\"ami-xxxxxxxx\"],\n },\n {\n \"name\": \"tag:Name\",\n \"values\": [\"instance-name-tag\"],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ec2.GetInstance.Invoke(new()\n {\n InstanceId = \"i-instanceid\",\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceFilterInputArgs\n {\n Name = \"image-id\",\n Values = new[]\n {\n \"ami-xxxxxxxx\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"instance-name-tag\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupInstance(ctx, \u0026ec2.LookupInstanceArgs{\n\t\t\tInstanceId: pulumi.StringRef(\"i-instanceid\"),\n\t\t\tFilters: []ec2.GetInstanceFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"image-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ami-xxxxxxxx\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"instance-name-tag\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = Ec2Functions.getInstance(GetInstanceArgs.builder()\n .instanceId(\"i-instanceid\")\n .filters( \n GetInstanceFilterArgs.builder()\n .name(\"image-id\")\n .values(\"ami-xxxxxxxx\")\n .build(),\n GetInstanceFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"instance-name-tag\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ec2:getInstance\n Arguments:\n instanceId: i-instanceid\n filters:\n - name: image-id\n values:\n - ami-xxxxxxxx\n - name: tag:Name\n values:\n - instance-name-tag\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstance.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceFilter:getInstanceFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[describe-instances in the AWS CLI reference][1].\n" }, "getPasswordData": { "type": "boolean", "description": "If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `password_data` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n" }, "getUserData": { "type": "boolean", "description": "Retrieve Base64 encoded User Data contents into the `user_data_base64` attribute. A SHA-1 hash of the User Data contents will always be present in the `user_data` attribute. Defaults to `false`.\n\n\u003e **NOTE:** At least one of `filter`, `instance_tags`, or `instance_id` must be specified.\n\n\u003e **NOTE:** If anything other than a single match is returned by the search,\nthis call will fail. Ensure that your search is specific enough to return\na single Instance ID only.\n" }, "instanceId": { "type": "string", "description": "Specify the exact Instance ID with which to populate the data source.\n" }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must\nexactly match a pair on the desired Instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Instance.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstance.\n", "properties": { "ami": { "description": "ID of the AMI used to launch the instance.\n", "type": "string" }, "arn": { "description": "ARN of the instance.\n", "type": "string" }, "associatePublicIpAddress": { "description": "Whether or not the Instance is associated with a public IP address or not (Boolean).\n", "type": "boolean" }, "availabilityZone": { "description": "Availability zone of the Instance.\n", "type": "string" }, "creditSpecifications": { "description": "Credit specification of the Instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceCreditSpecification:getInstanceCreditSpecification" }, "type": "array" }, "disableApiStop": { "description": "Whether or not EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection) is enabled (Boolean).\n", "type": "boolean" }, "disableApiTermination": { "description": "Whether or not [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination) is enabled (Boolean).\n", "type": "boolean" }, "ebsBlockDevices": { "description": "EBS block device mappings of the Instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceEbsBlockDevice:getInstanceEbsBlockDevice" }, "type": "array" }, "ebsOptimized": { "description": "Whether the Instance is EBS optimized or not (Boolean).\n", "type": "boolean" }, "enclaveOptions": { "description": "Enclave options of the instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceEnclaveOption:getInstanceEnclaveOption" }, "type": "array" }, "ephemeralBlockDevices": { "description": "Ephemeral block device mappings of the Instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceEphemeralBlockDevice:getInstanceEphemeralBlockDevice" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getInstanceFilter:getInstanceFilter" }, "type": "array" }, "getPasswordData": { "type": "boolean" }, "getUserData": { "type": "boolean" }, "hostId": { "description": "ID of the dedicated host the instance will be assigned to.\n", "type": "string" }, "hostResourceGroupArn": { "description": "ARN of the host resource group the instance is associated with.\n", "type": "string" }, "iamInstanceProfile": { "description": "Name of the instance profile associated with the Instance.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "instanceState": { "description": "State of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.\n", "type": "string" }, "instanceTags": { "additionalProperties": { "type": "string" }, "type": "object" }, "instanceType": { "description": "Type of the Instance.\n", "type": "string" }, "ipv6Addresses": { "description": "IPv6 addresses associated to the Instance, if applicable. **NOTE**: Unlike the IPv4 address, this doesn't change if you attach an EIP to the instance.\n", "items": { "type": "string" }, "type": "array" }, "keyName": { "description": "Key name of the Instance.\n", "type": "string" }, "launchTime": { "description": "Time the instance was launched.\n", "type": "string" }, "maintenanceOptions": { "description": "Maintenance and recovery options for the instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceMaintenanceOption:getInstanceMaintenanceOption" }, "type": "array" }, "metadataOptions": { "description": "Metadata options of the Instance.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceMetadataOption:getInstanceMetadataOption" }, "type": "array" }, "monitoring": { "description": "Whether detailed monitoring is enabled or disabled for the Instance (Boolean).\n", "type": "boolean" }, "networkInterfaceId": { "description": "ID of the network interface that was created with the Instance.\n", "type": "string" }, "outpostArn": { "description": "ARN of the Outpost.\n", "type": "string" }, "passwordData": { "description": "Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.\n", "type": "string" }, "placementGroup": { "description": "Placement group of the Instance.\n", "type": "string" }, "placementPartitionNumber": { "description": "Number of the partition the instance is in.\n", "type": "integer" }, "privateDns": { "description": "Private DNS name assigned to the Instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.\n", "type": "string" }, "privateDnsNameOptions": { "description": "Options for the instance hostname.\n", "items": { "$ref": "#/types/aws:ec2/getInstancePrivateDnsNameOption:getInstancePrivateDnsNameOption" }, "type": "array" }, "privateIp": { "description": "Private IP address assigned to the Instance.\n", "type": "string" }, "publicDns": { "description": "Public DNS name assigned to the Instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.\n", "type": "string" }, "publicIp": { "description": "Public IP address assigned to the Instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.\n", "type": "string" }, "rootBlockDevices": { "description": "Root block device mappings of the Instance\n", "items": { "$ref": "#/types/aws:ec2/getInstanceRootBlockDevice:getInstanceRootBlockDevice" }, "type": "array" }, "secondaryPrivateIps": { "description": "Secondary private IPv4 addresses assigned to the instance's primary network interface (eth0) in a VPC.\n", "items": { "type": "string" }, "type": "array" }, "securityGroups": { "description": "Associated security groups.\n", "items": { "type": "string" }, "type": "array" }, "sourceDestCheck": { "description": "Whether the network interface performs source/destination checking (Boolean).\n", "type": "boolean" }, "subnetId": { "description": "VPC subnet ID.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the Instance.\n", "type": "object" }, "tenancy": { "description": "Tenancy of the instance: `dedicated`, `default`, `host`.\n", "type": "string" }, "userData": { "description": "SHA-1 hash of User Data supplied to the Instance.\n", "type": "string" }, "userDataBase64": { "description": "Base64 encoded contents of User Data supplied to the Instance. This attribute is only exported if `get_user_data` is true.\n", "type": "string" }, "vpcSecurityGroupIds": { "description": "Associated security groups in a non-default VPC.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ami", "arn", "associatePublicIpAddress", "availabilityZone", "creditSpecifications", "disableApiStop", "disableApiTermination", "ebsBlockDevices", "ebsOptimized", "enclaveOptions", "ephemeralBlockDevices", "hostId", "hostResourceGroupArn", "iamInstanceProfile", "instanceState", "instanceTags", "instanceType", "ipv6Addresses", "keyName", "launchTime", "maintenanceOptions", "metadataOptions", "monitoring", "networkInterfaceId", "outpostArn", "passwordData", "placementGroup", "placementPartitionNumber", "privateDns", "privateDnsNameOptions", "privateIp", "publicDns", "publicIp", "rootBlockDevices", "secondaryPrivateIps", "securityGroups", "sourceDestCheck", "subnetId", "tags", "tenancy", "userData", "userDataBase64", "vpcSecurityGroupIds", "id" ], "type": "object" } }, "aws:ec2/getInstanceType:getInstanceType": { "description": "Get characteristics for a single EC2 Instance Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getInstanceType({\n instanceType: \"t2.micro\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_instance_type(instance_type=\"t2.micro\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetInstanceType.Invoke(new()\n {\n InstanceType = \"t2.micro\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetInstanceType(ctx, \u0026ec2.GetInstanceTypeArgs{\n\t\t\tInstanceType: \"t2.micro\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getInstanceType(GetInstanceTypeArgs.builder()\n .instanceType(\"t2.micro\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getInstanceType\n Arguments:\n instanceType: t2.micro\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceType.\n", "properties": { "instanceType": { "type": "string", "description": "Instance\n" } }, "type": "object", "required": [ "instanceType" ] }, "outputs": { "description": "A collection of values returned by getInstanceType.\n", "properties": { "autoRecoverySupported": { "description": "`true` if auto recovery is supported.\n", "type": "boolean" }, "bareMetal": { "description": "`true` if it is a bare metal instance type.\n", "type": "boolean" }, "burstablePerformanceSupported": { "description": "`true` if the instance type is a burstable performance instance type.\n", "type": "boolean" }, "currentGeneration": { "description": "`true` if the instance type is a current generation.\n", "type": "boolean" }, "dedicatedHostsSupported": { "description": "`true` if Dedicated Hosts are supported on the instance type.\n", "type": "boolean" }, "defaultCores": { "description": "Default number of cores for the instance type.\n", "type": "integer" }, "defaultThreadsPerCore": { "description": "The default number of threads per core for the instance type.\n", "type": "integer" }, "defaultVcpus": { "description": "Default number of vCPUs for the instance type.\n", "type": "integer" }, "ebsEncryptionSupport": { "description": "Indicates whether Amazon EBS encryption is supported.\n", "type": "string" }, "ebsNvmeSupport": { "description": "Whether non-volatile memory express (NVMe) is supported.\n", "type": "string" }, "ebsOptimizedSupport": { "description": "Indicates that the instance type is Amazon EBS-optimized.\n", "type": "string" }, "ebsPerformanceBaselineBandwidth": { "description": "The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.\n", "type": "integer" }, "ebsPerformanceBaselineIops": { "description": "The baseline input/output storage operations per seconds for an EBS-optimized instance type.\n", "type": "integer" }, "ebsPerformanceBaselineThroughput": { "description": "The baseline throughput performance for an EBS-optimized instance type, in MBps.\n", "type": "number" }, "ebsPerformanceMaximumBandwidth": { "description": "The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.\n", "type": "integer" }, "ebsPerformanceMaximumIops": { "description": "The maximum input/output storage operations per second for an EBS-optimized instance type.\n", "type": "integer" }, "ebsPerformanceMaximumThroughput": { "description": "The maximum throughput performance for an EBS-optimized instance type, in MBps.\n", "type": "number" }, "efaSupported": { "description": "Whether Elastic Fabric Adapter (EFA) is supported.\n", "type": "boolean" }, "enaSupport": { "description": "Whether Elastic Network Adapter (ENA) is supported.\n", "type": "string" }, "encryptionInTransitSupported": { "description": "Indicates whether encryption in-transit between instances is supported.\n", "type": "boolean" }, "fpgas": { "description": "Describes the FPGA accelerator settings for the instance type.\n* `fpgas.#.count` - The count of FPGA accelerators for the instance type.\n* `fpgas.#.manufacturer` - The manufacturer of the FPGA accelerator.\n* `fpgas.#.memory_size` - The size (in MiB) for the memory available to the FPGA accelerator.\n* `fpgas.#.name` - The name of the FPGA accelerator.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeFpga:getInstanceTypeFpga" }, "type": "array" }, "freeTierEligible": { "description": "`true` if the instance type is eligible for the free tier.\n", "type": "boolean" }, "gpuses": { "description": "Describes the GPU accelerators for the instance type.\n* `gpus.#.count` - The number of GPUs for the instance type.\n* `gpus.#.manufacturer` - The manufacturer of the GPU accelerator.\n* `gpus.#.memory_size` - The size (in MiB) for the memory available to the GPU accelerator.\n* `gpus.#.name` - The name of the GPU accelerator.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeGpus:getInstanceTypeGpus" }, "type": "array" }, "hibernationSupported": { "description": "`true` if On-Demand hibernation is supported.\n", "type": "boolean" }, "hypervisor": { "description": "Hypervisor used for the instance type.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "inferenceAccelerators": { "description": "Describes the Inference accelerators for the instance type.\n* `inference_accelerators.#.count` - The number of Inference accelerators for the instance type.\n* `inference_accelerators.#.manufacturer` - The manufacturer of the Inference accelerator.\n* `inference_accelerators.#.name` - The name of the Inference accelerator.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeInferenceAccelerator:getInstanceTypeInferenceAccelerator" }, "type": "array" }, "instanceDisks": { "description": "Describes the disks for the instance type.\n* `instance_disks.#.count` - The number of disks with this configuration.\n* `instance_disks.#.size` - The size of the disk in GB.\n* `instance_disks.#.type` - The type of disk.\n", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeInstanceDisk:getInstanceTypeInstanceDisk" }, "type": "array" }, "instanceStorageSupported": { "description": "`true` if instance storage is supported.\n", "type": "boolean" }, "instanceType": { "type": "string" }, "ipv6Supported": { "description": "`true` if IPv6 is supported.\n", "type": "boolean" }, "maximumIpv4AddressesPerInterface": { "description": "The maximum number of IPv4 addresses per network interface.\n", "type": "integer" }, "maximumIpv6AddressesPerInterface": { "description": "The maximum number of IPv6 addresses per network interface.\n", "type": "integer" }, "maximumNetworkCards": { "description": "The maximum number of physical network cards that can be allocated to the instance.\n", "type": "integer" }, "maximumNetworkInterfaces": { "description": "The maximum number of network interfaces for the instance type.\n", "type": "integer" }, "memorySize": { "description": "Size of the instance memory, in MiB.\n", "type": "integer" }, "networkPerformance": { "description": "Describes the network performance.\n", "type": "string" }, "supportedArchitectures": { "description": "A list of architectures supported by the instance type.\n", "items": { "type": "string" }, "type": "array" }, "supportedPlacementStrategies": { "description": "A list of supported placement groups types.\n", "items": { "type": "string" }, "type": "array" }, "supportedRootDeviceTypes": { "description": "Indicates the supported root device types.\n", "items": { "type": "string" }, "type": "array" }, "supportedUsagesClasses": { "description": "Indicates whether the instance type is offered for spot or On-Demand.\n", "items": { "type": "string" }, "type": "array" }, "supportedVirtualizationTypes": { "description": "The supported virtualization types.\n", "items": { "type": "string" }, "type": "array" }, "sustainedClockSpeed": { "description": "The speed of the processor, in GHz.\n", "type": "number" }, "totalFpgaMemory": { "description": "Total memory of all FPGA accelerators for the instance type (in MiB).\n", "type": "integer" }, "totalGpuMemory": { "description": "Total size of the memory for the GPU accelerators for the instance type (in MiB).\n", "type": "integer" }, "totalInstanceStorage": { "description": "The total size of the instance disks, in GB.\n", "type": "integer" }, "validCores": { "description": "List of the valid number of cores that can be configured for the instance type.\n", "items": { "type": "integer" }, "type": "array" }, "validThreadsPerCores": { "description": "List of the valid number of threads per core that can be configured for the instance type.\n", "items": { "type": "integer" }, "type": "array" } }, "required": [ "autoRecoverySupported", "bareMetal", "burstablePerformanceSupported", "currentGeneration", "dedicatedHostsSupported", "defaultCores", "defaultThreadsPerCore", "defaultVcpus", "ebsEncryptionSupport", "ebsNvmeSupport", "ebsOptimizedSupport", "ebsPerformanceBaselineBandwidth", "ebsPerformanceBaselineIops", "ebsPerformanceBaselineThroughput", "ebsPerformanceMaximumBandwidth", "ebsPerformanceMaximumIops", "ebsPerformanceMaximumThroughput", "efaSupported", "enaSupport", "encryptionInTransitSupported", "fpgas", "freeTierEligible", "gpuses", "hibernationSupported", "hypervisor", "inferenceAccelerators", "instanceDisks", "instanceStorageSupported", "instanceType", "ipv6Supported", "maximumIpv4AddressesPerInterface", "maximumIpv6AddressesPerInterface", "maximumNetworkCards", "maximumNetworkInterfaces", "memorySize", "networkPerformance", "supportedArchitectures", "supportedPlacementStrategies", "supportedRootDeviceTypes", "supportedUsagesClasses", "supportedVirtualizationTypes", "sustainedClockSpeed", "totalFpgaMemory", "totalGpuMemory", "totalInstanceStorage", "validCores", "validThreadsPerCores", "id" ], "type": "object" } }, "aws:ec2/getInstanceTypeOffering:getInstanceTypeOffering": { "description": "Information about single EC2 Instance Type Offering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getInstanceTypeOffering({\n filters: [{\n name: \"instance-type\",\n values: [\n \"t2.micro\",\n \"t3.micro\",\n ],\n }],\n preferredInstanceTypes: [\n \"t3.micro\",\n \"t2.micro\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_instance_type_offering(filters=[{\n \"name\": \"instance-type\",\n \"values\": [\n \"t2.micro\",\n \"t3.micro\",\n ],\n }],\n preferred_instance_types=[\n \"t3.micro\",\n \"t2.micro\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetInstanceTypeOffering.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingFilterInputArgs\n {\n Name = \"instance-type\",\n Values = new[]\n {\n \"t2.micro\",\n \"t3.micro\",\n },\n },\n },\n PreferredInstanceTypes = new[]\n {\n \"t3.micro\",\n \"t2.micro\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetInstanceTypeOffering(ctx, \u0026ec2.GetInstanceTypeOfferingArgs{\n\t\t\tFilters: []ec2.GetInstanceTypeOfferingFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"t2.micro\",\n\t\t\t\t\t\t\"t3.micro\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPreferredInstanceTypes: []string{\n\t\t\t\t\"t3.micro\",\n\t\t\t\t\"t2.micro\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceTypeOfferingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getInstanceTypeOffering(GetInstanceTypeOfferingArgs.builder()\n .filters(GetInstanceTypeOfferingFilterArgs.builder()\n .name(\"instance-type\")\n .values( \n \"t2.micro\",\n \"t3.micro\")\n .build())\n .preferredInstanceTypes( \n \"t3.micro\",\n \"t2.micro\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getInstanceTypeOffering\n Arguments:\n filters:\n - name: instance-type\n values:\n - t2.micro\n - t3.micro\n preferredInstanceTypes:\n - t3.micro\n - t2.micro\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceTypeOffering.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html) for supported filters. Detailed below.\n" }, "locationType": { "type": "string", "description": "Location type. Defaults to `region`. Valid values: `availability-zone`, `availability-zone-id`, and `region`.\n" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred EC2 Instance Types. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypeOffering.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingFilter:getInstanceTypeOfferingFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceType": { "description": "EC2 Instance Type.\n", "type": "string" }, "locationType": { "type": "string" }, "preferredInstanceTypes": { "items": { "type": "string" }, "type": "array" } }, "required": [ "instanceType", "id" ], "type": "object" } }, "aws:ec2/getInstanceTypeOfferings:getInstanceTypeOfferings": { "description": "Information about EC2 Instance Type Offerings.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getInstanceTypeOfferings({\n filters: [\n {\n name: \"instance-type\",\n values: [\n \"t2.micro\",\n \"t3.micro\",\n ],\n },\n {\n name: \"location\",\n values: [\"usw2-az4\"],\n },\n ],\n locationType: \"availability-zone-id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_instance_type_offerings(filters=[\n {\n \"name\": \"instance-type\",\n \"values\": [\n \"t2.micro\",\n \"t3.micro\",\n ],\n },\n {\n \"name\": \"location\",\n \"values\": [\"usw2-az4\"],\n },\n ],\n location_type=\"availability-zone-id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetInstanceTypeOfferings.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingsFilterInputArgs\n {\n Name = \"instance-type\",\n Values = new[]\n {\n \"t2.micro\",\n \"t3.micro\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceTypeOfferingsFilterInputArgs\n {\n Name = \"location\",\n Values = new[]\n {\n \"usw2-az4\",\n },\n },\n },\n LocationType = \"availability-zone-id\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetInstanceTypeOfferings(ctx, \u0026ec2.GetInstanceTypeOfferingsArgs{\n\t\t\tFilters: []ec2.GetInstanceTypeOfferingsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"t2.micro\",\n\t\t\t\t\t\t\"t3.micro\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"location\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"usw2-az4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tLocationType: pulumi.StringRef(\"availability-zone-id\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceTypeOfferingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getInstanceTypeOfferings(GetInstanceTypeOfferingsArgs.builder()\n .filters( \n GetInstanceTypeOfferingsFilterArgs.builder()\n .name(\"instance-type\")\n .values( \n \"t2.micro\",\n \"t3.micro\")\n .build(),\n GetInstanceTypeOfferingsFilterArgs.builder()\n .name(\"location\")\n .values(\"usw2-az4\")\n .build())\n .locationType(\"availability-zone-id\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getInstanceTypeOfferings\n Arguments:\n filters:\n - name: instance-type\n values:\n - t2.micro\n - t3.micro\n - name: location\n values:\n - usw2-az4\n locationType: availability-zone-id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceTypeOfferings.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html) for supported filters. Detailed below.\n" }, "locationType": { "type": "string", "description": "Location type. Defaults to `region`. Valid values: `availability-zone`, `availability-zone-id`, and `region`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypeOfferings.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getInstanceTypeOfferingsFilter:getInstanceTypeOfferingsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceTypes": { "description": "List of EC2 Instance Types.\n", "items": { "type": "string" }, "type": "array" }, "locationType": { "type": "string" }, "locationTypes": { "description": "List of location types.\n", "items": { "type": "string" }, "type": "array" }, "locations": { "description": "List of locations.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "instanceTypes", "locationTypes", "locations", "id" ], "type": "object" } }, "aws:ec2/getInstanceTypes:getInstanceTypes": { "description": "Information about EC2 Instance Types.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getInstanceTypes({\n filters: [\n {\n name: \"auto-recovery-supported\",\n values: [\"true\"],\n },\n {\n name: \"network-info.encryption-in-transit-supported\",\n values: [\"true\"],\n },\n {\n name: \"instance-storage-supported\",\n values: [\"true\"],\n },\n {\n name: \"instance-type\",\n values: [\n \"g5.2xlarge\",\n \"g5.4xlarge\",\n ],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_instance_types(filters=[\n {\n \"name\": \"auto-recovery-supported\",\n \"values\": [\"true\"],\n },\n {\n \"name\": \"network-info.encryption-in-transit-supported\",\n \"values\": [\"true\"],\n },\n {\n \"name\": \"instance-storage-supported\",\n \"values\": [\"true\"],\n },\n {\n \"name\": \"instance-type\",\n \"values\": [\n \"g5.2xlarge\",\n \"g5.4xlarge\",\n ],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetInstanceTypes.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstanceTypesFilterInputArgs\n {\n Name = \"auto-recovery-supported\",\n Values = new[]\n {\n \"true\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceTypesFilterInputArgs\n {\n Name = \"network-info.encryption-in-transit-supported\",\n Values = new[]\n {\n \"true\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceTypesFilterInputArgs\n {\n Name = \"instance-storage-supported\",\n Values = new[]\n {\n \"true\",\n },\n },\n new Aws.Ec2.Inputs.GetInstanceTypesFilterInputArgs\n {\n Name = \"instance-type\",\n Values = new[]\n {\n \"g5.2xlarge\",\n \"g5.4xlarge\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetInstanceTypes(ctx, \u0026ec2.GetInstanceTypesArgs{\n\t\t\tFilters: []ec2.GetInstanceTypesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"auto-recovery-supported\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"network-info.encryption-in-transit-supported\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"instance-storage-supported\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"instance-type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"g5.2xlarge\",\n\t\t\t\t\t\t\"g5.4xlarge\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstanceTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getInstanceTypes(GetInstanceTypesArgs.builder()\n .filters( \n GetInstanceTypesFilterArgs.builder()\n .name(\"auto-recovery-supported\")\n .values(\"true\")\n .build(),\n GetInstanceTypesFilterArgs.builder()\n .name(\"network-info.encryption-in-transit-supported\")\n .values(\"true\")\n .build(),\n GetInstanceTypesFilterArgs.builder()\n .name(\"instance-storage-supported\")\n .values(\"true\")\n .build(),\n GetInstanceTypesFilterArgs.builder()\n .name(\"instance-type\")\n .values( \n \"g5.2xlarge\",\n \"g5.4xlarge\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getInstanceTypes\n Arguments:\n filters:\n - name: auto-recovery-supported\n values:\n - 'true'\n - name: network-info.encryption-in-transit-supported\n values:\n - 'true'\n - name: instance-storage-supported\n values:\n - 'true'\n - name: instance-type\n values:\n - g5.2xlarge\n - g5.4xlarge\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceTypes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstanceTypesFilter:getInstanceTypesFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html) for supported filters. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypes.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getInstanceTypesFilter:getInstanceTypesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceTypes": { "description": "List of EC2 Instance Types.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "instanceTypes", "id" ], "type": "object" } }, "aws:ec2/getInstances:getInstances": { "description": "Use this data source to get IDs or IPs of Amazon EC2 instances to be referenced elsewhere,\ne.g., to allow easier migration from another management solution\nor to make it easier for an operator to connect through bastion host(s).\n\n\n\n\n\n\u003e **Note:** It's strongly discouraged to use this data source for querying ephemeral\ninstances (e.g., managed via autoscaling group), as the output may change at any time\nand you'd need to re-run `apply` every time an instance comes up or dies.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const test = await aws.ec2.getInstances({\n instanceTags: {\n Role: \"HardWorker\",\n },\n filters: [{\n name: \"instance.group-id\",\n values: [\"sg-12345678\"],\n }],\n instanceStateNames: [\n \"running\",\n \"stopped\",\n ],\n });\n const testEip: aws.ec2.Eip[] = [];\n for (const range = {value: 0}; range.value \u003c test.ids.length; range.value++) {\n testEip.push(new aws.ec2.Eip(`test-${range.value}`, {instance: test.ids[range.value]}));\n }\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_instances(instance_tags={\n \"Role\": \"HardWorker\",\n },\n filters=[{\n \"name\": \"instance.group-id\",\n \"values\": [\"sg-12345678\"],\n }],\n instance_state_names=[\n \"running\",\n \"stopped\",\n ])\ntest_eip = []\nfor range in [{\"value\": i} for i in range(0, len(test.ids))]:\n test_eip.append(aws.ec2.Eip(f\"test-{range['value']}\", instance=test.ids[range[\"value\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Threading.Tasks;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(async() =\u003e \n{\n var test = await Aws.Ec2.GetInstances.InvokeAsync(new()\n {\n InstanceTags = \n {\n { \"Role\", \"HardWorker\" },\n },\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInstancesFilterInputArgs\n {\n Name = \"instance.group-id\",\n Values = new[]\n {\n \"sg-12345678\",\n },\n },\n },\n InstanceStateNames = new[]\n {\n \"running\",\n \"stopped\",\n },\n });\n\n var testEip = new List\u003cAws.Ec2.Eip\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c test.Ids.Length; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n testEip.Add(new Aws.Ec2.Eip($\"test-{range.Value}\", new()\n {\n Instance = test.Ids[range.Value],\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.GetInstances(ctx, \u0026ec2.GetInstancesArgs{\n\t\t\tInstanceTags: map[string]interface{}{\n\t\t\t\t\"Role\": \"HardWorker\",\n\t\t\t},\n\t\t\tFilters: []ec2.GetInstancesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"instance.group-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"sg-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tInstanceStateNames: []string{\n\t\t\t\t\"running\",\n\t\t\t\t\"stopped\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar testEip []*ec2.Eip\n\t\tfor index := 0; index \u003c int(len(test.Ids)); index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := ec2.NewEip(ctx, fmt.Sprintf(\"test-%v\", key0), \u0026ec2.EipArgs{\n\t\t\t\tInstance: pulumi.String(test.Ids[val0]),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\ttestEip = append(testEip, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInstancesArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getInstances(GetInstancesArgs.builder()\n .instanceTags(Map.of(\"Role\", \"HardWorker\"))\n .filters(GetInstancesFilterArgs.builder()\n .name(\"instance.group-id\")\n .values(\"sg-12345678\")\n .build())\n .instanceStateNames( \n \"running\",\n \"stopped\")\n .build());\n\n for (var i = 0; i \u003c test.applyValue(getInstancesResult -\u003e getInstancesResult.ids()).length(); i++) {\n new Eip(\"testEip-\" + i, EipArgs.builder()\n .instance(test.applyValue(getInstancesResult -\u003e getInstancesResult.ids())[range.value()])\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstances.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInstancesFilter:getInstancesFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[describe-instances in the AWS CLI reference][1].\n" }, "instanceStateNames": { "type": "array", "items": { "type": "string" }, "description": "List of instance states that should be applicable to the desired instances. The permitted values are: `pending, running, shutting-down, stopped, stopping, terminated`. The default value is `running`.\n" }, "instanceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must\nexactly match a pair on desired instances.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstances.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getInstancesFilter:getInstancesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of instances found through the filter\n", "items": { "type": "string" }, "type": "array" }, "instanceStateNames": { "items": { "type": "string" }, "type": "array" }, "instanceTags": { "additionalProperties": { "type": "string" }, "type": "object" }, "ipv6Addresses": { "description": "IPv6 addresses of instances found through the filter\n", "items": { "type": "string" }, "type": "array" }, "privateIps": { "description": "Private IP addresses of instances found through the filter\n", "items": { "type": "string" }, "type": "array" }, "publicIps": { "description": "Public IP addresses of instances found through the filter\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "instanceTags", "ipv6Addresses", "privateIps", "publicIps", "id" ], "type": "object" } }, "aws:ec2/getInternetGateway:getInternetGateway": { "description": "`aws.ec2.InternetGateway` provides details about a specific Internet Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpcId = config.requireObject(\"vpcId\");\nconst default = aws.ec2.getInternetGateway({\n filters: [{\n name: \"attachment.vpc-id\",\n values: [vpcId],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc_id = config.require_object(\"vpcId\")\ndefault = aws.ec2.get_internet_gateway(filters=[{\n \"name\": \"attachment.vpc-id\",\n \"values\": [vpc_id],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpcId = config.RequireObject\u003cdynamic\u003e(\"vpcId\");\n var @default = Aws.Ec2.GetInternetGateway.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetInternetGatewayFilterInputArgs\n {\n Name = \"attachment.vpc-id\",\n Values = new[]\n {\n vpcId,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpcId := cfg.RequireObject(\"vpcId\")\n_, err := ec2.LookupInternetGateway(ctx, \u0026ec2.LookupInternetGatewayArgs{\nFilters: []ec2.GetInternetGatewayFilter{\n{\nName: \"attachment.vpc-id\",\nValues: interface{}{\nvpcId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetInternetGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpcId = config.get(\"vpcId\");\n final var default = Ec2Functions.getInternetGateway(GetInternetGatewayArgs.builder()\n .filters(GetInternetGatewayFilterArgs.builder()\n .name(\"attachment.vpc-id\")\n .values(vpcId)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpcId:\n type: dynamic\nvariables:\n default:\n fn::invoke:\n Function: aws:ec2:getInternetGateway\n Arguments:\n filters:\n - name: attachment.vpc-id\n values:\n - ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInternetGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "internetGatewayId": { "type": "string", "description": "ID of the specific Internet Gateway to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired Internet Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInternetGateway.\n", "properties": { "arn": { "description": "ARN of the Internet Gateway.\n", "type": "string" }, "attachments": { "items": { "$ref": "#/types/aws:ec2/getInternetGatewayAttachment:getInternetGatewayAttachment" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getInternetGatewayFilter:getInternetGatewayFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "internetGatewayId": { "type": "string" }, "ownerId": { "description": "ID of the AWS account that owns the internet gateway.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "attachments", "internetGatewayId", "ownerId", "tags", "id" ], "type": "object" } }, "aws:ec2/getIpamPreviewNextCidr:getIpamPreviewNextCidr": { "description": "Previews a CIDR from an IPAM address pool. Only works for private IPv4.\n\n\u003e **NOTE:** This functionality is also encapsulated in a resource sharing the same name. The data source can be used when you need to use the cidr in a calculation of the same Root module, `count` for example. However, once a cidr range has been allocated that was previewed, the next refresh will find a **new** cidr and may force new resources downstream. Make sure to use `ignore_changes` if this is undesirable.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getIpamPreviewNextCidr({\n ipamPoolId: testAwsVpcIpamPool.id,\n netmaskLength: 28,\n});\nconst testVpcIpamPoolCidrAllocation = new aws.ec2.VpcIpamPoolCidrAllocation(\"test\", {\n ipamPoolId: testAwsVpcIpamPool.id,\n cidr: test.then(test =\u003e test.cidr),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_ipam_preview_next_cidr(ipam_pool_id=test_aws_vpc_ipam_pool[\"id\"],\n netmask_length=28)\ntest_vpc_ipam_pool_cidr_allocation = aws.ec2.VpcIpamPoolCidrAllocation(\"test\",\n ipam_pool_id=test_aws_vpc_ipam_pool[\"id\"],\n cidr=test.cidr)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetIpamPreviewNextCidr.Invoke(new()\n {\n IpamPoolId = testAwsVpcIpamPool.Id,\n NetmaskLength = 28,\n });\n\n var testVpcIpamPoolCidrAllocation = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"test\", new()\n {\n IpamPoolId = testAwsVpcIpamPool.Id,\n Cidr = test.Apply(getIpamPreviewNextCidrResult =\u003e getIpamPreviewNextCidrResult.Cidr),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.GetIpamPreviewNextCidr(ctx, \u0026ec2.GetIpamPreviewNextCidrArgs{\n\t\t\tIpamPoolId: testAwsVpcIpamPool.Id,\n\t\t\tNetmaskLength: pulumi.IntRef(28),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"test\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: pulumi.Any(testAwsVpcIpamPool.Id),\n\t\t\tCidr: pulumi.String(test.Cidr),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetIpamPreviewNextCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getIpamPreviewNextCidr(GetIpamPreviewNextCidrArgs.builder()\n .ipamPoolId(testAwsVpcIpamPool.id())\n .netmaskLength(28)\n .build());\n\n var testVpcIpamPoolCidrAllocation = new VpcIpamPoolCidrAllocation(\"testVpcIpamPoolCidrAllocation\", VpcIpamPoolCidrAllocationArgs.builder()\n .ipamPoolId(testAwsVpcIpamPool.id())\n .cidr(test.applyValue(getIpamPreviewNextCidrResult -\u003e getIpamPreviewNextCidrResult.cidr()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testVpcIpamPoolCidrAllocation:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n name: test\n properties:\n ipamPoolId: ${testAwsVpcIpamPool.id}\n cidr: ${test.cidr}\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getIpamPreviewNextCidr\n Arguments:\n ipamPoolId: ${testAwsVpcIpamPool.id}\n netmaskLength: 28\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIpamPreviewNextCidr.\n", "properties": { "disallowedCidrs": { "type": "array", "items": { "type": "string" }, "description": "Exclude a particular CIDR range from being returned by the pool.\n" }, "ipamPoolId": { "type": "string", "description": "ID of the pool to which you want to assign a CIDR.\n" }, "netmaskLength": { "type": "integer", "description": "Netmask length of the CIDR you would like to preview from the IPAM pool.\n" } }, "type": "object", "required": [ "ipamPoolId" ] }, "outputs": { "description": "A collection of values returned by getIpamPreviewNextCidr.\n", "properties": { "cidr": { "description": "Previewed CIDR from the pool.\n", "type": "string" }, "disallowedCidrs": { "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipamPoolId": { "type": "string" }, "netmaskLength": { "type": "integer" } }, "required": [ "cidr", "ipamPoolId", "id" ], "type": "object" } }, "aws:ec2/getKeyPair:getKeyPair": { "description": "Use this data source to get information about a specific EC2 Key Pair.\n\n## Example Usage\n\nThe following example shows how to get a EC2 Key Pair including the public key material from its name.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getKeyPair({\n keyName: \"test\",\n includePublicKey: true,\n filters: [{\n name: \"tag:Component\",\n values: [\"web\"],\n }],\n});\nexport const fingerprint = example.then(example =\u003e example.fingerprint);\nexport const name = example.then(example =\u003e example.keyName);\nexport const id = example.then(example =\u003e example.id);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_key_pair(key_name=\"test\",\n include_public_key=True,\n filters=[{\n \"name\": \"tag:Component\",\n \"values\": [\"web\"],\n }])\npulumi.export(\"fingerprint\", example.fingerprint)\npulumi.export(\"name\", example.key_name)\npulumi.export(\"id\", example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetKeyPair.Invoke(new()\n {\n KeyName = \"test\",\n IncludePublicKey = true,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetKeyPairFilterInputArgs\n {\n Name = \"tag:Component\",\n Values = new[]\n {\n \"web\",\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"fingerprint\"] = example.Apply(getKeyPairResult =\u003e getKeyPairResult.Fingerprint),\n [\"name\"] = example.Apply(getKeyPairResult =\u003e getKeyPairResult.KeyName),\n [\"id\"] = example.Apply(getKeyPairResult =\u003e getKeyPairResult.Id),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.LookupKeyPair(ctx, \u0026ec2.LookupKeyPairArgs{\n\t\t\tKeyName: pulumi.StringRef(\"test\"),\n\t\t\tIncludePublicKey: pulumi.BoolRef(true),\n\t\t\tFilters: []ec2.GetKeyPairFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Component\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"web\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"fingerprint\", example.Fingerprint)\n\t\tctx.Export(\"name\", example.KeyName)\n\t\tctx.Export(\"id\", example.Id)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetKeyPairArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getKeyPair(GetKeyPairArgs.builder()\n .keyName(\"test\")\n .includePublicKey(true)\n .filters(GetKeyPairFilterArgs.builder()\n .name(\"tag:Component\")\n .values(\"web\")\n .build())\n .build());\n\n ctx.export(\"fingerprint\", example.applyValue(getKeyPairResult -\u003e getKeyPairResult.fingerprint()));\n ctx.export(\"name\", example.applyValue(getKeyPairResult -\u003e getKeyPairResult.keyName()));\n ctx.export(\"id\", example.applyValue(getKeyPairResult -\u003e getKeyPairResult.id()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getKeyPair\n Arguments:\n keyName: test\n includePublicKey: true\n filters:\n - name: tag:Component\n values:\n - web\noutputs:\n fingerprint: ${example.fingerprint}\n name: ${example.keyName}\n id: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getKeyPair.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getKeyPairFilter:getKeyPairFilter" }, "description": "Custom filter block as described below.\n" }, "includePublicKey": { "type": "boolean", "description": "Whether to include the public key material in the response.\n" }, "keyName": { "type": "string", "description": "Key Pair name.\n" }, "keyPairId": { "type": "string", "description": "Key Pair ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the Key Pair.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getKeyPair.\n", "properties": { "arn": { "description": "ARN of the Key Pair.\n", "type": "string" }, "createTime": { "description": "Timestamp for when the key pair was created in ISO 8601 format.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getKeyPairFilter:getKeyPairFilter" }, "type": "array" }, "fingerprint": { "description": "SHA-1 digest of the DER encoded private key.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includePublicKey": { "type": "boolean" }, "keyName": { "type": "string" }, "keyPairId": { "type": "string" }, "keyType": { "description": "Type of key pair.\n", "type": "string" }, "publicKey": { "description": "Public key material.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the Key Pair.\n", "type": "object" } }, "required": [ "arn", "createTime", "fingerprint", "keyType", "publicKey", "tags", "id" ], "type": "object" } }, "aws:ec2/getLaunchConfiguration:getLaunchConfiguration": { "description": "Provides information about a Launch Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ubuntu = aws.ec2.getLaunchConfiguration({\n name: \"test-launch-config\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nubuntu = aws.ec2.get_launch_configuration(name=\"test-launch-config\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ubuntu = Aws.Ec2.GetLaunchConfiguration.Invoke(new()\n {\n Name = \"test-launch-config\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupLaunchConfiguration(ctx, \u0026ec2.LookupLaunchConfigurationArgs{\n\t\t\tName: \"test-launch-config\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLaunchConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ubuntu = Ec2Functions.getLaunchConfiguration(GetLaunchConfigurationArgs.builder()\n .name(\"test-launch-config\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ubuntu:\n fn::invoke:\n Function: aws:ec2:getLaunchConfiguration\n Arguments:\n name: test-launch-config\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLaunchConfiguration.\n", "properties": { "name": { "type": "string", "description": "Name of the launch configuration.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLaunchConfiguration.\n", "properties": { "arn": { "description": "Amazon Resource Name of the launch configuration.\n", "type": "string" }, "associatePublicIpAddress": { "description": "Whether a Public IP address is associated with the instance.\n", "type": "boolean" }, "ebsBlockDevices": { "description": "EBS Block Devices attached to the instance.\n", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationEbsBlockDevice:getLaunchConfigurationEbsBlockDevice" }, "type": "array" }, "ebsOptimized": { "description": "Whether the launched EC2 instance will be EBS-optimized.\n", "type": "boolean" }, "enableMonitoring": { "description": "Whether Detailed Monitoring is Enabled.\n", "type": "boolean" }, "ephemeralBlockDevices": { "description": "The Ephemeral volumes on the instance.\n", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationEphemeralBlockDevice:getLaunchConfigurationEphemeralBlockDevice" }, "type": "array" }, "iamInstanceProfile": { "description": "The IAM Instance Profile to associate with launched instances.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageId": { "description": "EC2 Image ID of the instance.\n", "type": "string" }, "instanceType": { "description": "Instance Type of the instance to launch.\n", "type": "string" }, "keyName": { "description": "Key Name that should be used for the instance.\n", "type": "string" }, "metadataOptions": { "description": "Metadata options for the instance.\n", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationMetadataOption:getLaunchConfigurationMetadataOption" }, "type": "array" }, "name": { "description": "Name of the launch configuration.\n", "type": "string" }, "placementTenancy": { "description": "Tenancy of the instance.\n", "type": "string" }, "rootBlockDevices": { "description": "Root Block Device of the instance.\n", "items": { "$ref": "#/types/aws:ec2/getLaunchConfigurationRootBlockDevice:getLaunchConfigurationRootBlockDevice" }, "type": "array" }, "securityGroups": { "description": "List of associated Security Group IDS.\n", "items": { "type": "string" }, "type": "array" }, "spotPrice": { "description": "Price to use for reserving Spot instances.\n", "type": "string" }, "userData": { "description": "User Data of the instance.\n", "type": "string" } }, "required": [ "arn", "associatePublicIpAddress", "ebsBlockDevices", "ebsOptimized", "enableMonitoring", "ephemeralBlockDevices", "iamInstanceProfile", "imageId", "instanceType", "keyName", "metadataOptions", "name", "placementTenancy", "rootBlockDevices", "securityGroups", "spotPrice", "userData", "id" ], "type": "object" } }, "aws:ec2/getLaunchTemplate:getLaunchTemplate": { "description": "Provides information about a Launch Template.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst default = aws.ec2.getLaunchTemplate({\n name: \"my-launch-template\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.get_launch_template(name=\"my-launch-template\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.Ec2.GetLaunchTemplate.Invoke(new()\n {\n Name = \"my-launch-template\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupLaunchTemplate(ctx, \u0026ec2.LookupLaunchTemplateArgs{\n\t\t\tName: pulumi.StringRef(\"my-launch-template\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLaunchTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = Ec2Functions.getLaunchTemplate(GetLaunchTemplateArgs.builder()\n .name(\"my-launch-template\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n default:\n fn::invoke:\n Function: aws:ec2:getLaunchTemplate\n Arguments:\n name: my-launch-template\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getLaunchTemplate({\n filters: [{\n name: \"launch-template-name\",\n values: [\"some-template\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_launch_template(filters=[{\n \"name\": \"launch-template-name\",\n \"values\": [\"some-template\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetLaunchTemplate.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetLaunchTemplateFilterInputArgs\n {\n Name = \"launch-template-name\",\n Values = new[]\n {\n \"some-template\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupLaunchTemplate(ctx, \u0026ec2.LookupLaunchTemplateArgs{\n\t\t\tFilters: []ec2.GetLaunchTemplateFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"launch-template-name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-template\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLaunchTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getLaunchTemplate(GetLaunchTemplateArgs.builder()\n .filters(GetLaunchTemplateFilterArgs.builder()\n .name(\"launch-template-name\")\n .values(\"some-template\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getLaunchTemplate\n Arguments:\n filters:\n - name: launch-template-name\n values:\n - some-template\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLaunchTemplate.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "id": { "type": "string", "description": "ID of the specific launch template to retrieve.\n" }, "name": { "type": "string", "description": "Name of the launch template.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Launch Template.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLaunchTemplate.\n", "properties": { "arn": { "type": "string" }, "blockDeviceMappings": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateBlockDeviceMapping:getLaunchTemplateBlockDeviceMapping" }, "type": "array" }, "capacityReservationSpecifications": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateCapacityReservationSpecification:getLaunchTemplateCapacityReservationSpecification" }, "type": "array" }, "cpuOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateCpuOption:getLaunchTemplateCpuOption" }, "type": "array" }, "creditSpecifications": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateCreditSpecification:getLaunchTemplateCreditSpecification" }, "type": "array" }, "defaultVersion": { "type": "integer" }, "description": { "type": "string" }, "disableApiStop": { "type": "boolean" }, "disableApiTermination": { "type": "boolean" }, "ebsOptimized": { "type": "string" }, "elasticGpuSpecifications": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateElasticGpuSpecification:getLaunchTemplateElasticGpuSpecification" }, "type": "array" }, "elasticInferenceAccelerators": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateElasticInferenceAccelerator:getLaunchTemplateElasticInferenceAccelerator" }, "type": "array" }, "enclaveOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateEnclaveOption:getLaunchTemplateEnclaveOption" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateFilter:getLaunchTemplateFilter" }, "type": "array" }, "hibernationOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateHibernationOption:getLaunchTemplateHibernationOption" }, "type": "array" }, "iamInstanceProfiles": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateIamInstanceProfile:getLaunchTemplateIamInstanceProfile" }, "type": "array" }, "id": { "description": "ID of the launch template.\n", "type": "string" }, "imageId": { "type": "string" }, "instanceInitiatedShutdownBehavior": { "type": "string" }, "instanceMarketOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceMarketOption:getLaunchTemplateInstanceMarketOption" }, "type": "array" }, "instanceRequirements": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateInstanceRequirement:getLaunchTemplateInstanceRequirement" }, "type": "array" }, "instanceType": { "type": "string" }, "kernelId": { "type": "string" }, "keyName": { "type": "string" }, "latestVersion": { "type": "integer" }, "licenseSpecifications": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateLicenseSpecification:getLaunchTemplateLicenseSpecification" }, "type": "array" }, "maintenanceOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateMaintenanceOption:getLaunchTemplateMaintenanceOption" }, "type": "array" }, "metadataOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateMetadataOption:getLaunchTemplateMetadataOption" }, "type": "array" }, "monitorings": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateMonitoring:getLaunchTemplateMonitoring" }, "type": "array" }, "name": { "type": "string" }, "networkInterfaces": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateNetworkInterface:getLaunchTemplateNetworkInterface" }, "type": "array" }, "placements": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplatePlacement:getLaunchTemplatePlacement" }, "type": "array" }, "privateDnsNameOptions": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplatePrivateDnsNameOption:getLaunchTemplatePrivateDnsNameOption" }, "type": "array" }, "ramDiskId": { "type": "string" }, "securityGroupNames": { "items": { "type": "string" }, "type": "array" }, "tagSpecifications": { "items": { "$ref": "#/types/aws:ec2/getLaunchTemplateTagSpecification:getLaunchTemplateTagSpecification" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "userData": { "type": "string" }, "vpcSecurityGroupIds": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "blockDeviceMappings", "capacityReservationSpecifications", "cpuOptions", "creditSpecifications", "defaultVersion", "description", "disableApiStop", "disableApiTermination", "ebsOptimized", "elasticGpuSpecifications", "elasticInferenceAccelerators", "enclaveOptions", "hibernationOptions", "iamInstanceProfiles", "id", "imageId", "instanceInitiatedShutdownBehavior", "instanceMarketOptions", "instanceRequirements", "instanceType", "kernelId", "keyName", "latestVersion", "licenseSpecifications", "maintenanceOptions", "metadataOptions", "monitorings", "name", "networkInterfaces", "placements", "privateDnsNameOptions", "ramDiskId", "securityGroupNames", "tagSpecifications", "tags", "userData", "vpcSecurityGroupIds" ], "type": "object" } }, "aws:ec2/getLocalGateway:getLocalGateway": { "description": "Provides details about an EC2 Local Gateway.\n\n## Example Usage\n\nThe following example shows how one might accept a local gateway id as a variable.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst localGatewayId = config.requireObject(\"localGatewayId\");\nconst selected = aws.ec2.getLocalGateway({\n id: localGatewayId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlocal_gateway_id = config.require_object(\"localGatewayId\")\nselected = aws.ec2.get_local_gateway(id=local_gateway_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var localGatewayId = config.RequireObject\u003cdynamic\u003e(\"localGatewayId\");\n var selected = Aws.Ec2.GetLocalGateway.Invoke(new()\n {\n Id = localGatewayId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlocalGatewayId := cfg.RequireObject(\"localGatewayId\")\n\t\t_, err := ec2.GetLocalGateway(ctx, \u0026ec2.GetLocalGatewayArgs{\n\t\t\tId: pulumi.StringRef(localGatewayId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var localGatewayId = config.get(\"localGatewayId\");\n final var selected = Ec2Functions.getLocalGateway(GetLocalGatewayArgs.builder()\n .id(localGatewayId)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n localGatewayId:\n type: dynamic\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getLocalGateway\n Arguments:\n id: ${localGatewayId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "Id of the specific Local Gateway to retrieve.\n" }, "state": { "type": "string", "description": "Current state of the desired Local Gateway.\nCan be either `\"pending\"` or `\"available\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired Local Gateway.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGateway.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayFilter:getLocalGatewayFilter" }, "type": "array" }, "id": { "type": "string" }, "outpostArn": { "description": "ARN of Outpost\n", "type": "string" }, "ownerId": { "description": "AWS account identifier that owns the Local Gateway.\n", "type": "string" }, "state": { "description": "State of the local gateway.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "id", "outpostArn", "ownerId", "state", "tags" ], "type": "object" } }, "aws:ec2/getLocalGatewayRouteTable:getLocalGatewayRouteTable": { "description": "Provides details about an EC2 Local Gateway Route Table.\n\nThis data source can prove useful when a module accepts a local gateway route table id as\nan input variable and needs to, for example, find the associated Outpost or Local Gateway.\n\n## Example Usage\n\nThe following example returns a specific local gateway route table ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst awsEc2LocalGatewayRouteTable = config.requireObject(\"awsEc2LocalGatewayRouteTable\");\nconst selected = aws.ec2.getLocalGatewayRouteTable({\n localGatewayRouteTableId: awsEc2LocalGatewayRouteTable,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\naws_ec2_local_gateway_route_table = config.require_object(\"awsEc2LocalGatewayRouteTable\")\nselected = aws.ec2.get_local_gateway_route_table(local_gateway_route_table_id=aws_ec2_local_gateway_route_table)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var awsEc2LocalGatewayRouteTable = config.RequireObject\u003cdynamic\u003e(\"awsEc2LocalGatewayRouteTable\");\n var selected = Aws.Ec2.GetLocalGatewayRouteTable.Invoke(new()\n {\n LocalGatewayRouteTableId = awsEc2LocalGatewayRouteTable,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tawsEc2LocalGatewayRouteTable := cfg.RequireObject(\"awsEc2LocalGatewayRouteTable\")\n\t\t_, err := ec2.GetLocalGatewayRouteTable(ctx, \u0026ec2.GetLocalGatewayRouteTableArgs{\n\t\t\tLocalGatewayRouteTableId: pulumi.StringRef(awsEc2LocalGatewayRouteTable),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayRouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var awsEc2LocalGatewayRouteTable = config.get(\"awsEc2LocalGatewayRouteTable\");\n final var selected = Ec2Functions.getLocalGatewayRouteTable(GetLocalGatewayRouteTableArgs.builder()\n .localGatewayRouteTableId(awsEc2LocalGatewayRouteTable)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n awsEc2LocalGatewayRouteTable:\n type: dynamic\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getLocalGatewayRouteTable\n Arguments:\n localGatewayRouteTableId: ${awsEc2LocalGatewayRouteTable}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter" } }, "localGatewayId": { "type": "string", "description": "ID of the specific local gateway route table to retrieve.\n" }, "localGatewayRouteTableId": { "type": "string", "description": "Local Gateway Route Table Id assigned to desired local gateway route table\n" }, "outpostArn": { "type": "string", "description": "ARN of the Outpost the local gateway route table is associated with.\n" }, "state": { "type": "string", "description": "State of the local gateway route table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired local gateway route table.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayRouteTable.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTableFilter:getLocalGatewayRouteTableFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "localGatewayId": { "type": "string" }, "localGatewayRouteTableId": { "type": "string" }, "outpostArn": { "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "localGatewayId", "localGatewayRouteTableId", "outpostArn", "state", "tags", "id" ], "type": "object" } }, "aws:ec2/getLocalGatewayRouteTables:getLocalGatewayRouteTables": { "description": "Provides information for multiple EC2 Local Gateway Route Tables, such as their identifiers.\n\n## Example Usage\n\nThe following shows outputting all Local Gateway Route Table Ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const foo = await aws.ec2.getLocalGatewayRouteTables({});\n return {\n foo: foo.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_local_gateway_route_tables()\npulumi.export(\"foo\", foo.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ec2.GetLocalGatewayRouteTables.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = foo.Apply(getLocalGatewayRouteTablesResult =\u003e getLocalGatewayRouteTablesResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.GetLocalGatewayRouteTables(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"foo\", foo.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayRouteTablesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = Ec2Functions.getLocalGatewayRouteTables();\n\n ctx.export(\"foo\", foo.applyValue(getLocalGatewayRouteTablesResult -\u003e getLocalGatewayRouteTablesResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ec2:getLocalGatewayRouteTables\n Arguments: {}\noutputs:\n foo: ${foo.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayRouteTables.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayRouteTablesFilter:getLocalGatewayRouteTablesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of Local Gateway Route Table identifiers\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getLocalGatewayVirtualInterface:getLocalGatewayVirtualInterface": { "description": "Provides details about an EC2 Local Gateway Virtual Interface. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = .reduce((__obj, [, ]) =\u003e ({ ...__obj, [__key]: aws.ec2.getLocalGatewayVirtualInterface({\n id: __value,\n}) }));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = {__key: aws.ec2.get_local_gateway_virtual_interface(id=__value) for __key, __value in example_aws_ec2_local_gateway_virtual_interface_group[\"localGatewayVirtualInterfaceIds\"]}\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = .ToDictionary(item =\u003e {\n var __key = item.Key;\n return __key;\n }, item =\u003e {\n var __value = item.Value;\n return Aws.Ec2.GetLocalGatewayVirtualInterface.Invoke(new()\n {\n Id = __value,\n });\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterface.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaces.html) for supported filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterface.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceFilter:getLocalGatewayVirtualInterfaceFilter" }, "type": "array" }, "id": { "type": "string" }, "localAddress": { "description": "Local address.\n", "type": "string" }, "localBgpAsn": { "description": "Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the EC2 Local Gateway.\n", "type": "integer" }, "localGatewayId": { "description": "Identifier of the EC2 Local Gateway.\n", "type": "string" }, "localGatewayVirtualInterfaceIds": { "items": { "type": "string" }, "type": "array" }, "peerAddress": { "description": "Peer address.\n", "type": "string" }, "peerBgpAsn": { "description": "Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the peer.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vlan": { "description": "Virtual Local Area Network.\n", "type": "integer" } }, "required": [ "id", "localAddress", "localBgpAsn", "localGatewayId", "localGatewayVirtualInterfaceIds", "peerAddress", "peerBgpAsn", "tags", "vlan" ], "type": "object" } }, "aws:ec2/getLocalGatewayVirtualInterfaceGroup:getLocalGatewayVirtualInterfaceGroup": { "description": "Provides details about an EC2 Local Gateway Virtual Interface Group. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getLocalGatewayVirtualInterfaceGroup({\n localGatewayId: exampleAwsEc2LocalGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_local_gateway_virtual_interface_group(local_gateway_id=example_aws_ec2_local_gateway[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetLocalGatewayVirtualInterfaceGroup.Invoke(new()\n {\n LocalGatewayId = exampleAwsEc2LocalGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetLocalGatewayVirtualInterfaceGroup(ctx, \u0026ec2.GetLocalGatewayVirtualInterfaceGroupArgs{\n\t\t\tLocalGatewayId: pulumi.StringRef(exampleAwsEc2LocalGateway.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayVirtualInterfaceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getLocalGatewayVirtualInterfaceGroup(GetLocalGatewayVirtualInterfaceGroupArgs.builder()\n .localGatewayId(exampleAwsEc2LocalGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getLocalGatewayVirtualInterfaceGroup\n Arguments:\n localGatewayId: ${exampleAwsEc2LocalGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterfaceGroup.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html) for supported filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of EC2 Local Gateway Virtual Interface Group.\n" }, "localGatewayId": { "type": "string", "description": "Identifier of EC2 Local Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterfaceGroup.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupFilter:getLocalGatewayVirtualInterfaceGroupFilter" }, "type": "array" }, "id": { "type": "string" }, "localGatewayId": { "type": "string" }, "localGatewayVirtualInterfaceIds": { "description": "Set of EC2 Local Gateway Virtual Interface identifiers.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "id", "localGatewayId", "localGatewayVirtualInterfaceIds", "tags" ], "type": "object" } }, "aws:ec2/getLocalGatewayVirtualInterfaceGroups:getLocalGatewayVirtualInterfaceGroups": { "description": "Provides details about multiple EC2 Local Gateway Virtual Interface Groups, such as identifiers. More information can be found in the [Outposts User Guide](https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#routing).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst all = aws.ec2.getLocalGatewayVirtualInterfaceGroups({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nall = aws.ec2.get_local_gateway_virtual_interface_groups()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = Aws.Ec2.GetLocalGatewayVirtualInterfaceGroups.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetLocalGatewayVirtualInterfaceGroups(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewayVirtualInterfaceGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = Ec2Functions.getLocalGatewayVirtualInterfaceGroups();\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n Function: aws:ec2:getLocalGatewayVirtualInterfaceGroups\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGatewayVirtualInterfaceGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html) for supported filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags, each pair of which must exactly match a pair on the desired local gateway route table.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGatewayVirtualInterfaceGroups.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewayVirtualInterfaceGroupsFilter:getLocalGatewayVirtualInterfaceGroupsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of EC2 Local Gateway Virtual Interface Group identifiers.\n", "items": { "type": "string" }, "type": "array" }, "localGatewayVirtualInterfaceIds": { "description": "Set of EC2 Local Gateway Virtual Interface identifiers.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "localGatewayVirtualInterfaceIds", "id" ], "type": "object" } }, "aws:ec2/getLocalGateways:getLocalGateways": { "description": "Provides information for multiple EC2 Local Gateways, such as their identifiers.\n\n## Example Usage\n\nThe following example retrieves Local Gateways with a resource tag of `service` set to `production`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const foo = await aws.ec2.getLocalGateways({\n tags: {\n service: \"production\",\n },\n });\n return {\n foo: foo.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_local_gateways(tags={\n \"service\": \"production\",\n})\npulumi.export(\"foo\", foo.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ec2.GetLocalGateways.Invoke(new()\n {\n Tags = \n {\n { \"service\", \"production\" },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = foo.Apply(getLocalGatewaysResult =\u003e getLocalGatewaysResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.GetLocalGateways(ctx, \u0026ec2.GetLocalGatewaysArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"service\": \"production\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"foo\", foo.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetLocalGatewaysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = Ec2Functions.getLocalGateways(GetLocalGatewaysArgs.builder()\n .tags(Map.of(\"service\", \"production\"))\n .build());\n\n ctx.export(\"foo\", foo.applyValue(getLocalGatewaysResult -\u003e getLocalGatewaysResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ec2:getLocalGateways\n Arguments:\n tags:\n service: production\noutputs:\n foo: ${foo.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalGateways.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired local_gateways.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLocalGateways.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getLocalGatewaysFilter:getLocalGatewaysFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of all the Local Gateway identifiers\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getManagedPrefixList:getManagedPrefixList": { "description": "`aws.ec2.ManagedPrefixList` provides details about a specific AWS prefix list or\ncustomer-managed prefix list in the current region.\n\n## Example Usage\n\n### Find the regional DynamoDB prefix list\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = current.then(current =\u003e aws.ec2.getManagedPrefixList({\n name: `com.amazonaws.${current.name}.dynamodb`,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.ec2.get_managed_prefix_list(name=f\"com.amazonaws.{current.name}.dynamodb\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = Aws.Ec2.GetManagedPrefixList.Invoke(new()\n {\n Name = $\"com.amazonaws.{current.Apply(getRegionResult =\u003e getRegionResult.Name)}.dynamodb\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.LookupManagedPrefixList(ctx, \u0026ec2.LookupManagedPrefixListArgs{\n\t\t\tName: pulumi.StringRef(fmt.Sprintf(\"com.amazonaws.%v.dynamodb\", current.Name)),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetManagedPrefixListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var example = Ec2Functions.getManagedPrefixList(GetManagedPrefixListArgs.builder()\n .name(String.format(\"com.amazonaws.%s.dynamodb\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:ec2:getManagedPrefixList\n Arguments:\n name: com.amazonaws.${current.name}.dynamodb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find a managed prefix list using filters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getManagedPrefixList({\n filters: [{\n name: \"prefix-list-name\",\n values: [\"my-prefix-list\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_managed_prefix_list(filters=[{\n \"name\": \"prefix-list-name\",\n \"values\": [\"my-prefix-list\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetManagedPrefixList.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetManagedPrefixListFilterInputArgs\n {\n Name = \"prefix-list-name\",\n Values = new[]\n {\n \"my-prefix-list\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupManagedPrefixList(ctx, \u0026ec2.LookupManagedPrefixListArgs{\n\t\t\tFilters: []ec2.GetManagedPrefixListFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"prefix-list-name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"my-prefix-list\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetManagedPrefixListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getManagedPrefixList(GetManagedPrefixListArgs.builder()\n .filters(GetManagedPrefixListFilterArgs.builder()\n .name(\"prefix-list-name\")\n .values(\"my-prefix-list\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getManagedPrefixList\n Arguments:\n filters:\n - name: prefix-list-name\n values:\n - my-prefix-list\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getManagedPrefixList.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getManagedPrefixListFilter:getManagedPrefixListFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "id": { "type": "string", "description": "ID of the prefix list to select.\n" }, "name": { "type": "string", "description": "Name of the prefix list to select.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getManagedPrefixList.\n", "properties": { "addressFamily": { "description": "Address family of the prefix list. Valid values are `IPv4` and `IPv6`.\n", "type": "string" }, "arn": { "description": "ARN of the selected prefix list.\n", "type": "string" }, "entries": { "description": "Set of entries in this prefix list. Each entry is an object with `cidr` and `description`.\n", "items": { "$ref": "#/types/aws:ec2/getManagedPrefixListEntry:getManagedPrefixListEntry" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getManagedPrefixListFilter:getManagedPrefixListFilter" }, "type": "array" }, "id": { "description": "ID of the selected prefix list.\n", "type": "string" }, "maxEntries": { "description": "When then prefix list is managed, the maximum number of entries it supports, or null otherwise.\n", "type": "integer" }, "name": { "description": "Name of the selected prefix list.\n", "type": "string" }, "ownerId": { "description": "Account ID of the owner of a customer-managed prefix list, or `AWS` otherwise.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" }, "version": { "type": "integer" } }, "required": [ "addressFamily", "arn", "entries", "id", "maxEntries", "name", "ownerId", "tags", "version" ], "type": "object" } }, "aws:ec2/getManagedPrefixLists:getManagedPrefixLists": { "description": "This resource can be useful for getting back a list of managed prefix list ids to be referenced elsewhere.\n\n## Example Usage\n\nThe following returns all managed prefix lists filtered by tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testEnv = aws.ec2.getManagedPrefixLists({\n tags: {\n Env: \"test\",\n },\n});\nconst testEnvGetManagedPrefixList = .map(__index =\u003e (aws.ec2.getManagedPrefixList({\n id: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_env = aws.ec2.get_managed_prefix_lists(tags={\n \"Env\": \"test\",\n})\ntest_env_get_managed_prefix_list = [aws.ec2.get_managed_prefix_list(id=test_env.ids[__index]) for __index in range(len(test_env.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testEnv = Aws.Ec2.GetManagedPrefixLists.Invoke(new()\n {\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n var testEnvGetManagedPrefixList = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getManagedPrefixLists.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getManagedPrefixListsFilter:getManagedPrefixListsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired .\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getManagedPrefixLists.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getManagedPrefixListsFilter:getManagedPrefixListsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the managed prefix list ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getNatGateway:getNatGateway": { "description": "Provides details about a specific VPC NAT Gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst default = aws.ec2.getNatGateway({\n subnetId: _public.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.get_nat_gateway(subnet_id=public[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.Ec2.GetNatGateway.Invoke(new()\n {\n SubnetId = @public.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupNatGateway(ctx, \u0026ec2.LookupNatGatewayArgs{\n\t\t\tSubnetId: pulumi.StringRef(public.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = Ec2Functions.getNatGateway(GetNatGatewayArgs.builder()\n .subnetId(public_.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n default:\n fn::invoke:\n Function: aws:ec2:getNatGateway\n Arguments:\n subnetId: ${public.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst default = aws.ec2.getNatGateway({\n subnetId: _public.id,\n tags: {\n Name: \"gw NAT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.get_nat_gateway(subnet_id=public[\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.Ec2.GetNatGateway.Invoke(new()\n {\n SubnetId = @public.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupNatGateway(ctx, \u0026ec2.LookupNatGatewayArgs{\n\t\t\tSubnetId: pulumi.StringRef(public.Id),\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"gw NAT\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = Ec2Functions.getNatGateway(GetNatGatewayArgs.builder()\n .subnetId(public_.id())\n .tags(Map.of(\"Name\", \"gw NAT\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n default:\n fn::invoke:\n Function: aws:ec2:getNatGateway\n Arguments:\n subnetId: ${public.id}\n tags:\n Name: gw NAT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNatGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNatGatewayFilter:getNatGatewayFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "id": { "type": "string", "description": "ID of the specific NAT Gateway to retrieve.\n" }, "state": { "type": "string", "description": "State of the NAT Gateway (pending | failed | available | deleting | deleted ).\n" }, "subnetId": { "type": "string", "description": "ID of subnet that the NAT Gateway resides in.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired NAT Gateway.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that the NAT Gateway resides in.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNatGateway.\n", "properties": { "allocationId": { "description": "ID of the EIP allocated to the selected NAT Gateway.\n", "type": "string" }, "associationId": { "description": "The association ID of the Elastic IP address that's associated with the NAT Gateway. Only available when `connectivity_type` is `public`.\n", "type": "string" }, "connectivityType": { "description": "Connectivity type of the NAT Gateway.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getNatGatewayFilter:getNatGatewayFilter" }, "type": "array" }, "id": { "type": "string" }, "networkInterfaceId": { "description": "The ID of the ENI allocated to the selected NAT Gateway.\n", "type": "string" }, "privateIp": { "description": "Private IP address of the selected NAT Gateway.\n", "type": "string" }, "publicIp": { "description": "Public IP (EIP) address of the selected NAT Gateway.\n", "type": "string" }, "secondaryAllocationIds": { "description": "Secondary allocation EIP IDs for the selected NAT Gateway.\n", "items": { "type": "string" }, "type": "array" }, "secondaryPrivateIpAddressCount": { "description": "The number of secondary private IPv4 addresses assigned to the selected NAT Gateway.\n", "type": "integer" }, "secondaryPrivateIpAddresses": { "description": "Secondary private IPv4 addresses assigned to the selected NAT Gateway.\n", "items": { "type": "string" }, "type": "array" }, "state": { "type": "string" }, "subnetId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "allocationId", "associationId", "connectivityType", "id", "networkInterfaceId", "privateIp", "publicIp", "secondaryAllocationIds", "secondaryPrivateIpAddressCount", "secondaryPrivateIpAddresses", "state", "subnetId", "tags", "vpcId" ], "type": "object" } }, "aws:ec2/getNatGateways:getNatGateways": { "description": "This resource can be useful for getting back a list of NAT gateway ids to be referenced elsewhere.\n\n## Example Usage\n\nThe following returns all NAT gateways in a specified VPC that are marked as available\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ngws = aws.ec2.getNatGateways({\n vpcId: vpcId,\n filters: [{\n name: \"state\",\n values: [\"available\"],\n }],\n});\nconst ngw = .map(__index =\u003e (aws.ec2.getNatGateway({\n id: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nngws = aws.ec2.get_nat_gateways(vpc_id=vpc_id,\n filters=[{\n \"name\": \"state\",\n \"values\": [\"available\"],\n }])\nngw = [aws.ec2.get_nat_gateway(id=ngws.ids[__index]) for __index in range(len(ngws.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ngws = Aws.Ec2.GetNatGateways.Invoke(new()\n {\n VpcId = vpcId,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetNatGatewaysFilterInputArgs\n {\n Name = \"state\",\n Values = new[]\n {\n \"available\",\n },\n },\n },\n });\n\n var ngw = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNatGateways.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNatGatewaysFilter:getNatGatewaysFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired NAT Gateways.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "vpcId": { "type": "string", "description": "VPC ID that you want to filter from.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNatGateways.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getNatGatewaysFilter:getNatGatewaysFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the NAT gateway ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getNetworkAcls:getNetworkAcls": { "description": "## Example Usage\n\nThe following shows outputting all network ACL ids in a vpc.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.ec2.getNetworkAcls({\n vpcId: vpcId,\n });\n return {\n example: example.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_acls(vpc_id=vpc_id)\npulumi.export(\"example\", example.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkAcls.Invoke(new()\n {\n VpcId = vpcId,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getNetworkAclsResult =\u003e getNetworkAclsResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetNetworkAcls(ctx, \u0026ec2.GetNetworkAclsArgs{\n\t\t\tVpcId: pulumi.StringRef(vpcId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", example.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkAclsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkAcls(GetNetworkAclsArgs.builder()\n .vpcId(vpcId)\n .build());\n\n ctx.export(\"example\", example.applyValue(getNetworkAclsResult -\u003e getNetworkAclsResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkAcls\n Arguments:\n vpcId: ${vpcId}\noutputs:\n example: ${example.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example retrieves a list of all network ACL ids in a VPC with a custom\ntag of `Tier` set to a value of \"Private\".\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getNetworkAcls({\n vpcId: vpcId,\n tags: {\n Tier: \"Private\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_acls(vpc_id=vpc_id,\n tags={\n \"Tier\": \"Private\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkAcls.Invoke(new()\n {\n VpcId = vpcId,\n Tags = \n {\n { \"Tier\", \"Private\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetNetworkAcls(ctx, \u0026ec2.GetNetworkAclsArgs{\n\t\t\tVpcId: pulumi.StringRef(vpcId),\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Tier\": \"Private\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkAclsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkAcls(GetNetworkAclsArgs.builder()\n .vpcId(vpcId)\n .tags(Map.of(\"Tier\", \"Private\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkAcls\n Arguments:\n vpcId: ${vpcId}\n tags:\n Tier: Private\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example retrieves a network ACL id in a VPC which associated\nwith specific subnet.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getNetworkAcls({\n vpcId: vpcId,\n filters: [{\n name: \"association.subnet-id\",\n values: [test.id],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_acls(vpc_id=vpc_id,\n filters=[{\n \"name\": \"association.subnet-id\",\n \"values\": [test[\"id\"]],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkAcls.Invoke(new()\n {\n VpcId = vpcId,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetNetworkAclsFilterInputArgs\n {\n Name = \"association.subnet-id\",\n Values = new[]\n {\n test.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := ec2.GetNetworkAcls(ctx, \u0026ec2.GetNetworkAclsArgs{\nVpcId: pulumi.StringRef(vpcId),\nFilters: []ec2.GetNetworkAclsFilter{\n{\nName: \"association.subnet-id\",\nValues: interface{}{\ntest.Id,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkAclsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkAcls(GetNetworkAclsArgs.builder()\n .vpcId(vpcId)\n .filters(GetNetworkAclsFilterArgs.builder()\n .name(\"association.subnet-id\")\n .values(test.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkAcls\n Arguments:\n vpcId: ${vpcId}\n filters:\n - name: association.subnet-id\n values:\n - ${test.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNetworkAcls.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired network ACLs.\n" }, "vpcId": { "type": "string", "description": "VPC ID that you want to filter from.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkAcls.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getNetworkAclsFilter:getNetworkAclsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the network ACL ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getNetworkInsightsAnalysis:getNetworkInsightsAnalysis": { "description": "`aws.ec2.NetworkInsightsAnalysis` provides details about a specific Network Insights Analysis.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getNetworkInsightsAnalysis({\n networkInsightsAnalysisId: exampleAwsEc2NetworkInsightsAnalysis.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_insights_analysis(network_insights_analysis_id=example_aws_ec2_network_insights_analysis[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkInsightsAnalysis.Invoke(new()\n {\n NetworkInsightsAnalysisId = exampleAwsEc2NetworkInsightsAnalysis.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupNetworkInsightsAnalysis(ctx, \u0026ec2.LookupNetworkInsightsAnalysisArgs{\n\t\t\tNetworkInsightsAnalysisId: pulumi.StringRef(exampleAwsEc2NetworkInsightsAnalysis.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInsightsAnalysisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkInsightsAnalysis(GetNetworkInsightsAnalysisArgs.builder()\n .networkInsightsAnalysisId(exampleAwsEc2NetworkInsightsAnalysis.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInsightsAnalysis\n Arguments:\n networkInsightsAnalysisId: ${exampleAwsEc2NetworkInsightsAnalysis.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNetworkInsightsAnalysis.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisFilter:getNetworkInsightsAnalysisFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "networkInsightsAnalysisId": { "type": "string", "description": "ID of the Network Insights Analysis to select.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInsightsAnalysis.\n", "properties": { "alternatePathHints": { "description": "Potential intermediate components of a feasible path.\n", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisAlternatePathHint:getNetworkInsightsAnalysisAlternatePathHint" }, "type": "array" }, "arn": { "description": "ARN of the selected Network Insights Analysis.\n", "type": "string" }, "explanations": { "description": "Explanation codes for an unreachable path.\n", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisExplanation:getNetworkInsightsAnalysisExplanation" }, "type": "array" }, "filterInArns": { "description": "ARNs of the AWS resources that the path must traverse.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisFilter:getNetworkInsightsAnalysisFilter" }, "type": "array" }, "forwardPathComponents": { "description": "The components in the path from source to destination.\n", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisForwardPathComponent:getNetworkInsightsAnalysisForwardPathComponent" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "networkInsightsAnalysisId": { "type": "string" }, "networkInsightsPathId": { "description": "The ID of the path.\n", "type": "string" }, "pathFound": { "description": "Set to `true` if the destination was reachable.\n", "type": "boolean" }, "returnPathComponents": { "description": "The components in the path from destination to source.\n", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsAnalysisReturnPathComponent:getNetworkInsightsAnalysisReturnPathComponent" }, "type": "array" }, "startDate": { "description": "Date/time the analysis was started.\n", "type": "string" }, "status": { "description": "Status of the analysis. `succeeded` means the analysis was completed, not that a path was found, for that see `path_found`.\n", "type": "string" }, "statusMessage": { "description": "Message to provide more context when the `status` is `failed`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "warningMessage": { "description": "Warning message.\n", "type": "string" } }, "required": [ "alternatePathHints", "arn", "explanations", "filterInArns", "forwardPathComponents", "networkInsightsAnalysisId", "networkInsightsPathId", "pathFound", "returnPathComponents", "startDate", "status", "statusMessage", "tags", "warningMessage", "id" ], "type": "object" } }, "aws:ec2/getNetworkInsightsPath:getNetworkInsightsPath": { "description": "`aws.ec2.NetworkInsightsPath` provides details about a specific Network Insights Path.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getNetworkInsightsPath({\n networkInsightsPathId: exampleAwsEc2NetworkInsightsPath.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_insights_path(network_insights_path_id=example_aws_ec2_network_insights_path[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkInsightsPath.Invoke(new()\n {\n NetworkInsightsPathId = exampleAwsEc2NetworkInsightsPath.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupNetworkInsightsPath(ctx, \u0026ec2.LookupNetworkInsightsPathArgs{\n\t\t\tNetworkInsightsPathId: pulumi.StringRef(exampleAwsEc2NetworkInsightsPath.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInsightsPathArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkInsightsPath(GetNetworkInsightsPathArgs.builder()\n .networkInsightsPathId(exampleAwsEc2NetworkInsightsPath.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInsightsPath\n Arguments:\n networkInsightsPathId: ${exampleAwsEc2NetworkInsightsPath.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNetworkInsightsPath.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsPathFilter:getNetworkInsightsPathFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "networkInsightsPathId": { "type": "string", "description": "ID of the Network Insights Path to select.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInsightsPath.\n", "properties": { "arn": { "description": "ARN of the selected Network Insights Path.\n", "type": "string" }, "destination": { "description": "AWS resource that is the destination of the path.\n", "type": "string" }, "destinationArn": { "description": "ARN of the destination.\n", "type": "string" }, "destinationIp": { "description": "IP address of the AWS resource that is the destination of the path.\n", "type": "string" }, "destinationPort": { "description": "Destination port.\n", "type": "integer" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getNetworkInsightsPathFilter:getNetworkInsightsPathFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "networkInsightsPathId": { "type": "string" }, "protocol": { "description": "Protocol.\n", "type": "string" }, "source": { "description": "AWS resource that is the source of the path.\n", "type": "string" }, "sourceArn": { "description": "ARN of the source.\n", "type": "string" }, "sourceIp": { "description": "IP address of the AWS resource that is the source of the path.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "arn", "destination", "destinationArn", "destinationIp", "destinationPort", "networkInsightsPathId", "protocol", "source", "sourceArn", "sourceIp", "tags", "id" ], "type": "object" } }, "aws:ec2/getNetworkInterface:getNetworkInterface": { "description": "Use this data source to get information about a Network Interface.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = aws.ec2.getNetworkInterface({\n id: \"eni-01234567\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ec2.get_network_interface(id=\"eni-01234567\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = Aws.Ec2.GetNetworkInterface.Invoke(new()\n {\n Id = \"eni-01234567\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupNetworkInterface(ctx, \u0026ec2.LookupNetworkInterfaceArgs{\n\t\t\tId: pulumi.StringRef(\"eni-01234567\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var bar = Ec2Functions.getNetworkInterface(GetNetworkInterfaceArgs.builder()\n .id(\"eni-01234567\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n bar:\n fn::invoke:\n Function: aws:ec2:getNetworkInterface\n Arguments:\n id: eni-01234567\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNetworkInterface.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter" }, "description": "One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-network-interfaces](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-network-interfaces.html) in the AWS CLI reference.\n" }, "id": { "type": "string", "description": "Identifier for the network interface.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the network interface.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInterface.\n", "properties": { "arn": { "description": "ARN of the network interface.\n", "type": "string" }, "associations": { "description": "Association information for an Elastic IP address (IPv4) associated with the network interface. See supported fields below.\n", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceAssociation:getNetworkInterfaceAssociation" }, "type": "array" }, "attachments": { "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceAttachment:getNetworkInterfaceAttachment" }, "type": "array" }, "availabilityZone": { "description": "Availability Zone.\n", "type": "string" }, "description": { "description": "Description of the network interface.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getNetworkInterfaceFilter:getNetworkInterfaceFilter" }, "type": "array" }, "id": { "type": "string" }, "interfaceType": { "description": "Type of interface.\n", "type": "string" }, "ipv6Addresses": { "description": "List of IPv6 addresses to assign to the ENI.\n", "items": { "type": "string" }, "type": "array" }, "macAddress": { "description": "MAC address.\n", "type": "string" }, "outpostArn": { "description": "ARN of the Outpost.\n", "type": "string" }, "ownerId": { "description": "AWS account ID of the owner of the network interface.\n", "type": "string" }, "privateDnsName": { "description": "Private DNS name.\n", "type": "string" }, "privateIp": { "description": "Private IPv4 address of the network interface within the subnet.\n", "type": "string" }, "privateIps": { "description": "Private IPv4 addresses associated with the network interface.\n", "items": { "type": "string" }, "type": "array" }, "requesterId": { "description": "ID of the entity that launched the instance on your behalf.\n", "type": "string" }, "securityGroups": { "description": "List of security groups for the network interface.\n", "items": { "type": "string" }, "type": "array" }, "subnetId": { "description": "ID of the subnet.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Any tags assigned to the network interface.\n", "type": "object" }, "vpcId": { "description": "ID of the VPC.\n", "type": "string" } }, "required": [ "arn", "associations", "attachments", "availabilityZone", "description", "id", "interfaceType", "ipv6Addresses", "macAddress", "outpostArn", "ownerId", "privateDnsName", "privateIp", "privateIps", "requesterId", "securityGroups", "subnetId", "tags", "vpcId" ], "type": "object" } }, "aws:ec2/getNetworkInterfaces:getNetworkInterfaces": { "description": "## Example Usage\n\nThe following shows outputting all network interface ids in a region.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.ec2.getNetworkInterfaces({});\n return {\n example: example.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_interfaces()\npulumi.export(\"example\", example.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkInterfaces.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getNetworkInterfacesResult =\u003e getNetworkInterfacesResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetNetworkInterfaces(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", example.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfacesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkInterfaces();\n\n ctx.export(\"example\", example.applyValue(getNetworkInterfacesResult -\u003e getNetworkInterfacesResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInterfaces\n Arguments: {}\noutputs:\n example: ${example.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example retrieves a list of all network interface ids with a custom tag of `Name` set to a value of `test`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getNetworkInterfaces({\n tags: {\n Name: \"test\",\n },\n});\nexport const example1 = example.then(example =\u003e example.ids);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_interfaces(tags={\n \"Name\": \"test\",\n})\npulumi.export(\"example1\", example.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkInterfaces.Invoke(new()\n {\n Tags = \n {\n { \"Name\", \"test\" },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example1\"] = example.Apply(getNetworkInterfacesResult =\u003e getNetworkInterfacesResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetNetworkInterfaces(ctx, \u0026ec2.GetNetworkInterfacesArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Name\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example1\", example.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfacesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkInterfaces(GetNetworkInterfacesArgs.builder()\n .tags(Map.of(\"Name\", \"test\"))\n .build());\n\n ctx.export(\"example1\", example.applyValue(getNetworkInterfacesResult -\u003e getNetworkInterfacesResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInterfaces\n Arguments:\n tags:\n Name: test\noutputs:\n example1: ${example.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example retrieves a network interface ids which associated\nwith specific subnet.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.ec2.getNetworkInterfaces({\n filters: [{\n name: \"subnet-id\",\n values: [test.id],\n }],\n });\n return {\n example: example.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_network_interfaces(filters=[{\n \"name\": \"subnet-id\",\n \"values\": [test[\"id\"]],\n}])\npulumi.export(\"example\", example.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetNetworkInterfaces.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetNetworkInterfacesFilterInputArgs\n {\n Name = \"subnet-id\",\n Values = new[]\n {\n test.Id,\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getNetworkInterfacesResult =\u003e getNetworkInterfacesResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := ec2.GetNetworkInterfaces(ctx, \u0026ec2.GetNetworkInterfacesArgs{\nFilters: []ec2.GetNetworkInterfacesFilter{\n{\nName: \"subnet-id\",\nValues: interface{}{\ntest.Id,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nctx.Export(\"example\", example.Ids)\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfacesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getNetworkInterfaces(GetNetworkInterfacesArgs.builder()\n .filters(GetNetworkInterfacesFilterArgs.builder()\n .name(\"subnet-id\")\n .values(test.id())\n .build())\n .build());\n\n ctx.export(\"example\", example.applyValue(getNetworkInterfacesResult -\u003e getNetworkInterfacesResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getNetworkInterfaces\n Arguments:\n filters:\n - name: subnet-id\n values:\n - ${test.id}\noutputs:\n example: ${example.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNetworkInterfaces.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired network interfaces.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getNetworkInterfaces.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getNetworkInterfacesFilter:getNetworkInterfacesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the network interface ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getPrefixList:getPrefixList": { "description": "`aws.ec2.getPrefixList` provides details about a specific AWS prefix list (PL)\nin the current region.\n\nThis can be used both to validate a prefix list given in a variable\nand to obtain the CIDR blocks (IP address ranges) for the associated\nAWS service. The latter may be useful e.g., for adding network ACL\nrules.\n\nThe aws.ec2.ManagedPrefixList data source is normally more appropriate to use given it can return customer-managed prefix list info, as well as additional attributes.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst privateS3VpcEndpoint = new aws.ec2.VpcEndpoint(\"private_s3\", {\n vpcId: foo.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n});\nconst privateS3 = aws.ec2.getPrefixListOutput({\n prefixListId: privateS3VpcEndpoint.prefixListId,\n});\nconst bar = new aws.ec2.NetworkAcl(\"bar\", {vpcId: foo.id});\nconst privateS3NetworkAclRule = new aws.ec2.NetworkAclRule(\"private_s3\", {\n networkAclId: bar.id,\n ruleNumber: 200,\n egress: false,\n protocol: \"tcp\",\n ruleAction: \"allow\",\n cidrBlock: privateS3.apply(privateS3 =\u003e privateS3.cidrBlocks?.[0]),\n fromPort: 443,\n toPort: 443,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprivate_s3_vpc_endpoint = aws.ec2.VpcEndpoint(\"private_s3\",\n vpc_id=foo[\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\")\nprivate_s3 = aws.ec2.get_prefix_list_output(prefix_list_id=private_s3_vpc_endpoint.prefix_list_id)\nbar = aws.ec2.NetworkAcl(\"bar\", vpc_id=foo[\"id\"])\nprivate_s3_network_acl_rule = aws.ec2.NetworkAclRule(\"private_s3\",\n network_acl_id=bar.id,\n rule_number=200,\n egress=False,\n protocol=\"tcp\",\n rule_action=\"allow\",\n cidr_block=private_s3.cidr_blocks[0],\n from_port=443,\n to_port=443)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var privateS3VpcEndpoint = new Aws.Ec2.VpcEndpoint(\"private_s3\", new()\n {\n VpcId = foo.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n });\n\n var privateS3 = Aws.Ec2.GetPrefixList.Invoke(new()\n {\n PrefixListId = privateS3VpcEndpoint.PrefixListId,\n });\n\n var bar = new Aws.Ec2.NetworkAcl(\"bar\", new()\n {\n VpcId = foo.Id,\n });\n\n var privateS3NetworkAclRule = new Aws.Ec2.NetworkAclRule(\"private_s3\", new()\n {\n NetworkAclId = bar.Id,\n RuleNumber = 200,\n Egress = false,\n Protocol = \"tcp\",\n RuleAction = \"allow\",\n CidrBlock = privateS3.Apply(getPrefixListResult =\u003e getPrefixListResult.CidrBlocks[0]),\n FromPort = 443,\n ToPort = 443,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprivateS3VpcEndpoint, err := ec2.NewVpcEndpoint(ctx, \"private_s3\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprivateS3 := ec2.GetPrefixListOutput(ctx, ec2.GetPrefixListOutputArgs{\n\t\t\tPrefixListId: privateS3VpcEndpoint.PrefixListId,\n\t\t}, nil)\n\t\tbar, err := ec2.NewNetworkAcl(ctx, \"bar\", \u0026ec2.NetworkAclArgs{\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewNetworkAclRule(ctx, \"private_s3\", \u0026ec2.NetworkAclRuleArgs{\n\t\t\tNetworkAclId: bar.ID(),\n\t\t\tRuleNumber: pulumi.Int(200),\n\t\t\tEgress: pulumi.Bool(false),\n\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\tRuleAction: pulumi.String(\"allow\"),\n\t\t\tCidrBlock: pulumi.String(privateS3.ApplyT(func(privateS3 ec2.GetPrefixListResult) (*string, error) {\n\t\t\t\treturn \u0026privateS3.CidrBlocks[0], nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\tFromPort: pulumi.Int(443),\n\t\t\tToPort: pulumi.Int(443),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPrefixListArgs;\nimport com.pulumi.aws.ec2.NetworkAcl;\nimport com.pulumi.aws.ec2.NetworkAclArgs;\nimport com.pulumi.aws.ec2.NetworkAclRule;\nimport com.pulumi.aws.ec2.NetworkAclRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var privateS3VpcEndpoint = new VpcEndpoint(\"privateS3VpcEndpoint\", VpcEndpointArgs.builder()\n .vpcId(foo.id())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .build());\n\n final var privateS3 = Ec2Functions.getPrefixList(GetPrefixListArgs.builder()\n .prefixListId(privateS3VpcEndpoint.prefixListId())\n .build());\n\n var bar = new NetworkAcl(\"bar\", NetworkAclArgs.builder()\n .vpcId(foo.id())\n .build());\n\n var privateS3NetworkAclRule = new NetworkAclRule(\"privateS3NetworkAclRule\", NetworkAclRuleArgs.builder()\n .networkAclId(bar.id())\n .ruleNumber(200)\n .egress(false)\n .protocol(\"tcp\")\n .ruleAction(\"allow\")\n .cidrBlock(privateS3.applyValue(getPrefixListResult -\u003e getPrefixListResult).applyValue(privateS3 -\u003e privateS3.applyValue(getPrefixListResult -\u003e getPrefixListResult.cidrBlocks()[0])))\n .fromPort(443)\n .toPort(443)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n privateS3VpcEndpoint:\n type: aws:ec2:VpcEndpoint\n name: private_s3\n properties:\n vpcId: ${foo.id}\n serviceName: com.amazonaws.us-west-2.s3\n bar:\n type: aws:ec2:NetworkAcl\n properties:\n vpcId: ${foo.id}\n privateS3NetworkAclRule:\n type: aws:ec2:NetworkAclRule\n name: private_s3\n properties:\n networkAclId: ${bar.id}\n ruleNumber: 200\n egress: false\n protocol: tcp\n ruleAction: allow\n cidrBlock: ${privateS3.cidrBlocks[0]}\n fromPort: 443\n toPort: 443\nvariables:\n privateS3:\n fn::invoke:\n Function: aws:ec2:getPrefixList\n Arguments:\n prefixListId: ${privateS3VpcEndpoint.prefixListId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getPrefixList({\n filters: [{\n name: \"prefix-list-id\",\n values: [\"pl-68a54001\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_prefix_list(filters=[{\n \"name\": \"prefix-list-id\",\n \"values\": [\"pl-68a54001\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetPrefixList.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetPrefixListFilterInputArgs\n {\n Name = \"prefix-list-id\",\n Values = new[]\n {\n \"pl-68a54001\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetPrefixList(ctx, \u0026ec2.GetPrefixListArgs{\n\t\t\tFilters: []ec2.GetPrefixListFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"prefix-list-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"pl-68a54001\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPrefixListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getPrefixList(GetPrefixListArgs.builder()\n .filters(GetPrefixListFilterArgs.builder()\n .name(\"prefix-list-id\")\n .values(\"pl-68a54001\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getPrefixList\n Arguments:\n filters:\n - name: prefix-list-id\n values:\n - pl-68a54001\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPrefixList.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getPrefixListFilter:getPrefixListFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "name": { "type": "string", "description": "Name of the prefix list to select.\n" }, "prefixListId": { "type": "string", "description": "ID of the prefix list to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPrefixList.\n", "properties": { "cidrBlocks": { "description": "List of CIDR blocks for the AWS service associated with the prefix list.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getPrefixListFilter:getPrefixListFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the selected prefix list.\n", "type": "string" }, "prefixListId": { "type": "string" } }, "required": [ "cidrBlocks", "name", "id" ], "type": "object" } }, "aws:ec2/getPublicIpv4Pool:getPublicIpv4Pool": { "description": "Provides details about a specific AWS EC2 Public IPv4 Pool.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getPublicIpv4Pool({\n poolId: \"ipv4pool-ec2-000df99cff0c1ec10\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_public_ipv4_pool(pool_id=\"ipv4pool-ec2-000df99cff0c1ec10\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetPublicIpv4Pool.Invoke(new()\n {\n PoolId = \"ipv4pool-ec2-000df99cff0c1ec10\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetPublicIpv4Pool(ctx, \u0026ec2.GetPublicIpv4PoolArgs{\n\t\t\tPoolId: \"ipv4pool-ec2-000df99cff0c1ec10\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPublicIpv4PoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getPublicIpv4Pool(GetPublicIpv4PoolArgs.builder()\n .poolId(\"ipv4pool-ec2-000df99cff0c1ec10\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getPublicIpv4Pool\n Arguments:\n poolId: ipv4pool-ec2-000df99cff0c1ec10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPublicIpv4Pool.\n", "properties": { "poolId": { "type": "string", "description": "AWS resource IDs of a public IPv4 pool (as a string) for which this data source will fetch detailed information.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any tags for the address pool.\n" } }, "type": "object", "required": [ "poolId" ] }, "outputs": { "description": "A collection of values returned by getPublicIpv4Pool.\n", "properties": { "description": { "description": "Description of the pool, if any.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "networkBorderGroup": { "description": "Name of the location from which the address pool is advertised.\n* pool_address_ranges` - List of Address Ranges in the Pool; each address range record contains:\n", "type": "string" }, "poolAddressRanges": { "items": { "$ref": "#/types/aws:ec2/getPublicIpv4PoolPoolAddressRange:getPublicIpv4PoolPoolAddressRange" }, "type": "array" }, "poolId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Any tags for the address pool.\n", "type": "object" }, "totalAddressCount": { "description": "Total number of addresses in the pool.\n", "type": "integer" }, "totalAvailableAddressCount": { "description": "Total number of available addresses in the pool.\n", "type": "integer" } }, "required": [ "description", "networkBorderGroup", "poolAddressRanges", "poolId", "tags", "totalAddressCount", "totalAvailableAddressCount", "id" ], "type": "object" } }, "aws:ec2/getPublicIpv4Pools:getPublicIpv4Pools": { "description": "Data source for getting information about AWS EC2 Public IPv4 Pools.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Returns all public IPv4 pools.\nconst example = aws.ec2.getPublicIpv4Pools({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Returns all public IPv4 pools.\nexample = aws.ec2.get_public_ipv4_pools()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Returns all public IPv4 pools.\n var example = Aws.Ec2.GetPublicIpv4Pools.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Returns all public IPv4 pools.\n\t\t_, err := ec2.GetPublicIpv4Pools(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPublicIpv4PoolsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Returns all public IPv4 pools.\n final var example = Ec2Functions.getPublicIpv4Pools();\n\n }\n}\n```\n```yaml\nvariables:\n # Returns all public IPv4 pools.\n example:\n fn::invoke:\n Function: aws:ec2:getPublicIpv4Pools\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getPublicIpv4Pools({\n filters: [{\n name: \"tag-key\",\n values: [\"ExampleTagKey\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_public_ipv4_pools(filters=[{\n \"name\": \"tag-key\",\n \"values\": [\"ExampleTagKey\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetPublicIpv4Pools.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetPublicIpv4PoolsFilterInputArgs\n {\n Name = \"tag-key\",\n Values = new[]\n {\n \"ExampleTagKey\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetPublicIpv4Pools(ctx, \u0026ec2.GetPublicIpv4PoolsArgs{\n\t\t\tFilters: []ec2.GetPublicIpv4PoolsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag-key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ExampleTagKey\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetPublicIpv4PoolsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getPublicIpv4Pools(GetPublicIpv4PoolsArgs.builder()\n .filters(GetPublicIpv4PoolsFilterArgs.builder()\n .name(\"tag-key\")\n .values(\"ExampleTagKey\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getPublicIpv4Pools\n Arguments:\n filters:\n - name: tag-key\n values:\n - ExampleTagKey\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPublicIpv4Pools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getPublicIpv4PoolsFilter:getPublicIpv4PoolsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired pools.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPublicIpv4Pools.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getPublicIpv4PoolsFilter:getPublicIpv4PoolsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "poolIds": { "description": "List of all the pool IDs found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "poolIds", "tags", "id" ], "type": "object" } }, "aws:ec2/getRoute:getRoute": { "description": "`aws.ec2.Route` provides details about a specific Route.\n\nThis resource can prove useful when finding the resource associated with a CIDR. For example, finding the peering connection associated with a CIDR value.\n\n## Example Usage\n\nThe following example shows how one might use a CIDR value to find a network interface id and use this to create a data source of that network interface.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.requireObject(\"subnetId\");\nconst selected = aws.ec2.getRouteTable({\n subnetId: subnetId,\n});\nconst route = aws.ec2.getRoute({\n routeTableId: selectedAwsRouteTable.id,\n destinationCidrBlock: \"10.0.1.0/24\",\n});\nconst interface = route.then(route =\u003e aws.ec2.getNetworkInterface({\n id: route.networkInterfaceId,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_route_table(subnet_id=subnet_id)\nroute = aws.ec2.get_route(route_table_id=selected_aws_route_table[\"id\"],\n destination_cidr_block=\"10.0.1.0/24\")\ninterface = aws.ec2.get_network_interface(id=route.network_interface_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Aws.Ec2.GetRouteTable.Invoke(new()\n {\n SubnetId = subnetId,\n });\n\n var route = Aws.Ec2.GetRoute.Invoke(new()\n {\n RouteTableId = selectedAwsRouteTable.Id,\n DestinationCidrBlock = \"10.0.1.0/24\",\n });\n\n var @interface = Aws.Ec2.GetNetworkInterface.Invoke(new()\n {\n Id = route.Apply(getRouteResult =\u003e getRouteResult.NetworkInterfaceId),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsubnetId := cfg.RequireObject(\"subnetId\")\n\t\t_, err := ec2.LookupRouteTable(ctx, \u0026ec2.LookupRouteTableArgs{\n\t\t\tSubnetId: pulumi.StringRef(subnetId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troute, err := ec2.LookupRoute(ctx, \u0026ec2.LookupRouteArgs{\n\t\t\tRouteTableId: selectedAwsRouteTable.Id,\n\t\t\tDestinationCidrBlock: pulumi.StringRef(\"10.0.1.0/24\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.LookupNetworkInterface(ctx, \u0026ec2.LookupNetworkInterfaceArgs{\n\t\t\tId: pulumi.StringRef(route.NetworkInterfaceId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetRouteTableArgs;\nimport com.pulumi.aws.ec2.inputs.GetRouteArgs;\nimport com.pulumi.aws.ec2.inputs.GetNetworkInterfaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var subnetId = config.get(\"subnetId\");\n final var selected = Ec2Functions.getRouteTable(GetRouteTableArgs.builder()\n .subnetId(subnetId)\n .build());\n\n final var route = Ec2Functions.getRoute(GetRouteArgs.builder()\n .routeTableId(selectedAwsRouteTable.id())\n .destinationCidrBlock(\"10.0.1.0/24\")\n .build());\n\n final var interface = Ec2Functions.getNetworkInterface(GetNetworkInterfaceArgs.builder()\n .id(route.applyValue(getRouteResult -\u003e getRouteResult.networkInterfaceId()))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n subnetId:\n type: dynamic\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getRouteTable\n Arguments:\n subnetId: ${subnetId}\n route:\n fn::invoke:\n Function: aws:ec2:getRoute\n Arguments:\n routeTableId: ${selectedAwsRouteTable.id}\n destinationCidrBlock: 10.0.1.0/24\n interface:\n fn::invoke:\n Function: aws:ec2:getNetworkInterface\n Arguments:\n id: ${route.networkInterfaceId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRoute.\n", "properties": { "carrierGatewayId": { "type": "string", "description": "EC2 Carrier Gateway ID of the Route belonging to the Route Table.\n" }, "coreNetworkArn": { "type": "string", "description": "Core network ARN of the Route belonging to the Route Table.\n" }, "destinationCidrBlock": { "type": "string", "description": "CIDR block of the Route belonging to the Route Table.\n" }, "destinationIpv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block of the Route belonging to the Route Table.\n" }, "destinationPrefixListId": { "type": "string", "description": "ID of a managed prefix list destination of the Route belonging to the Route Table.\n" }, "egressOnlyGatewayId": { "type": "string", "description": "Egress Only Gateway ID of the Route belonging to the Route Table.\n" }, "gatewayId": { "type": "string", "description": "Gateway ID of the Route belonging to the Route Table.\n" }, "instanceId": { "type": "string", "description": "Instance ID of the Route belonging to the Route Table.\n" }, "localGatewayId": { "type": "string", "description": "Local Gateway ID of the Route belonging to the Route Table.\n" }, "natGatewayId": { "type": "string", "description": "NAT Gateway ID of the Route belonging to the Route Table.\n" }, "networkInterfaceId": { "type": "string", "description": "Network Interface ID of the Route belonging to the Route Table.\n" }, "routeTableId": { "type": "string", "description": "ID of the specific Route Table containing the Route entry.\n\nThe following arguments are optional:\n" }, "transitGatewayId": { "type": "string", "description": "EC2 Transit Gateway ID of the Route belonging to the Route Table.\n" }, "vpcPeeringConnectionId": { "type": "string", "description": "VPC Peering Connection ID of the Route belonging to the Route Table.\n" } }, "type": "object", "required": [ "routeTableId" ] }, "outputs": { "description": "A collection of values returned by getRoute.\n", "properties": { "carrierGatewayId": { "type": "string" }, "coreNetworkArn": { "type": "string" }, "destinationCidrBlock": { "type": "string" }, "destinationIpv6CidrBlock": { "type": "string" }, "destinationPrefixListId": { "type": "string" }, "egressOnlyGatewayId": { "type": "string" }, "gatewayId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceId": { "type": "string" }, "localGatewayId": { "type": "string" }, "natGatewayId": { "type": "string" }, "networkInterfaceId": { "type": "string" }, "routeTableId": { "type": "string" }, "transitGatewayId": { "type": "string" }, "vpcPeeringConnectionId": { "type": "string" } }, "required": [ "carrierGatewayId", "coreNetworkArn", "destinationCidrBlock", "destinationIpv6CidrBlock", "destinationPrefixListId", "egressOnlyGatewayId", "gatewayId", "instanceId", "localGatewayId", "natGatewayId", "networkInterfaceId", "routeTableId", "transitGatewayId", "vpcPeeringConnectionId", "id" ], "type": "object" } }, "aws:ec2/getRouteTable:getRouteTable": { "description": "`aws.ec2.RouteTable` provides details about a specific Route Table.\n\nThis resource can prove useful when a module accepts a Subnet ID as an input variable and needs to, for example, add a route in the Route Table.\n\n## Example Usage\n\nThe following example shows how one might accept a Route Table ID as a variable and use this data source to obtain the data necessary to create a route.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.requireObject(\"subnetId\");\nconst selected = aws.ec2.getRouteTable({\n subnetId: subnetId,\n});\nconst route = new aws.ec2.Route(\"route\", {\n routeTableId: selected.then(selected =\u003e selected.id),\n destinationCidrBlock: \"10.0.1.0/22\",\n vpcPeeringConnectionId: \"pcx-45ff3dc1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_route_table(subnet_id=subnet_id)\nroute = aws.ec2.Route(\"route\",\n route_table_id=selected.id,\n destination_cidr_block=\"10.0.1.0/22\",\n vpc_peering_connection_id=\"pcx-45ff3dc1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Aws.Ec2.GetRouteTable.Invoke(new()\n {\n SubnetId = subnetId,\n });\n\n var route = new Aws.Ec2.Route(\"route\", new()\n {\n RouteTableId = selected.Apply(getRouteTableResult =\u003e getRouteTableResult.Id),\n DestinationCidrBlock = \"10.0.1.0/22\",\n VpcPeeringConnectionId = \"pcx-45ff3dc1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsubnetId := cfg.RequireObject(\"subnetId\")\n\t\tselected, err := ec2.LookupRouteTable(ctx, \u0026ec2.LookupRouteTableArgs{\n\t\t\tSubnetId: pulumi.StringRef(subnetId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewRoute(ctx, \"route\", \u0026ec2.RouteArgs{\n\t\t\tRouteTableId: pulumi.String(selected.Id),\n\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.1.0/22\"),\n\t\t\tVpcPeeringConnectionId: pulumi.String(\"pcx-45ff3dc1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetRouteTableArgs;\nimport com.pulumi.aws.ec2.Route;\nimport com.pulumi.aws.ec2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var subnetId = config.get(\"subnetId\");\n final var selected = Ec2Functions.getRouteTable(GetRouteTableArgs.builder()\n .subnetId(subnetId)\n .build());\n\n var route = new Route(\"route\", RouteArgs.builder()\n .routeTableId(selected.applyValue(getRouteTableResult -\u003e getRouteTableResult.id()))\n .destinationCidrBlock(\"10.0.1.0/22\")\n .vpcPeeringConnectionId(\"pcx-45ff3dc1\")\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n subnetId:\n type: dynamic\nresources:\n route:\n type: aws:ec2:Route\n properties:\n routeTableId: ${selected.id}\n destinationCidrBlock: 10.0.1.0/22\n vpcPeeringConnectionId: pcx-45ff3dc1\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getRouteTable\n Arguments:\n subnetId: ${subnetId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTableFilter:getRouteTableFilter" }, "description": "Configuration block. Detailed below.\n" }, "gatewayId": { "type": "string", "description": "ID of an Internet Gateway or Virtual Private Gateway which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "routeTableId": { "type": "string", "description": "ID of the specific Route Table to retrieve.\n" }, "subnetId": { "type": "string", "description": "ID of a Subnet which is connected to the Route Table (not exported if not passed as a parameter).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Route Table.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that the desired Route Table belongs to.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTable.\n", "properties": { "arn": { "description": "ARN of the route table.\n", "type": "string" }, "associations": { "description": "List of associations with attributes detailed below.\n", "items": { "$ref": "#/types/aws:ec2/getRouteTableAssociation:getRouteTableAssociation" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getRouteTableFilter:getRouteTableFilter" }, "type": "array" }, "gatewayId": { "description": "Gateway ID. Only set when associated with an Internet Gateway or Virtual Private Gateway.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ownerId": { "description": "ID of the AWS account that owns the route table.\n", "type": "string" }, "routeTableId": { "description": "Route Table ID.\n", "type": "string" }, "routes": { "description": "List of routes with attributes detailed below.\n", "items": { "$ref": "#/types/aws:ec2/getRouteTableRoute:getRouteTableRoute" }, "type": "array" }, "subnetId": { "description": "Subnet ID. Only set when associated with a subnet.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "arn", "associations", "gatewayId", "ownerId", "routeTableId", "routes", "subnetId", "tags", "vpcId", "id" ], "type": "object" } }, "aws:ec2/getRouteTables:getRouteTables": { "description": "This resource can be useful for getting back a list of route table ids to be referenced elsewhere.\n\n## Example Usage\n\nThe following adds a route for a particular cidr block to every (private\nkops) route table in a specified vpc to use a particular vpc peering\nconnection.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const rts = await aws.ec2.getRouteTables({\n vpcId: vpcId,\n filters: [{\n name: \"tag:kubernetes.io/kops/role\",\n values: [\"private*\"],\n }],\n });\n const r: aws.ec2.Route[] = [];\n for (const range = {value: 0}; range.value \u003c rts.ids.length; range.value++) {\n r.push(new aws.ec2.Route(`r-${range.value}`, {\n routeTableId: rts.ids[range.value],\n destinationCidrBlock: \"10.0.0.0/22\",\n vpcPeeringConnectionId: \"pcx-0e9a7a9ecd137dc54\",\n }));\n }\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nrts = aws.ec2.get_route_tables(vpc_id=vpc_id,\n filters=[{\n \"name\": \"tag:kubernetes.io/kops/role\",\n \"values\": [\"private*\"],\n }])\nr = []\nfor range in [{\"value\": i} for i in range(0, len(rts.ids))]:\n r.append(aws.ec2.Route(f\"r-{range['value']}\",\n route_table_id=rts.ids[range[\"value\"]],\n destination_cidr_block=\"10.0.0.0/22\",\n vpc_peering_connection_id=\"pcx-0e9a7a9ecd137dc54\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Threading.Tasks;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(async() =\u003e \n{\n var rts = await Aws.Ec2.GetRouteTables.InvokeAsync(new()\n {\n VpcId = vpcId,\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetRouteTablesFilterInputArgs\n {\n Name = \"tag:kubernetes.io/kops/role\",\n Values = new[]\n {\n \"private*\",\n },\n },\n },\n });\n\n var r = new List\u003cAws.Ec2.Route\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c rts.Ids.Length; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n r.Add(new Aws.Ec2.Route($\"r-{range.Value}\", new()\n {\n RouteTableId = rts.Ids[range.Value],\n DestinationCidrBlock = \"10.0.0.0/22\",\n VpcPeeringConnectionId = \"pcx-0e9a7a9ecd137dc54\",\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trts, err := ec2.GetRouteTables(ctx, \u0026ec2.GetRouteTablesArgs{\n\t\t\tVpcId: pulumi.StringRef(vpcId),\n\t\t\tFilters: []ec2.GetRouteTablesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:kubernetes.io/kops/role\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"private*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar r []*ec2.Route\n\t\tfor index := 0; index \u003c int(len(rts.Ids)); index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := ec2.NewRoute(ctx, fmt.Sprintf(\"r-%v\", key0), \u0026ec2.RouteArgs{\n\t\t\t\tRouteTableId: pulumi.String(rts.Ids[val0]),\n\t\t\t\tDestinationCidrBlock: pulumi.String(\"10.0.0.0/22\"),\n\t\t\t\tVpcPeeringConnectionId: pulumi.String(\"pcx-0e9a7a9ecd137dc54\"),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\tr = append(r, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetRouteTablesArgs;\nimport com.pulumi.aws.ec2.Route;\nimport com.pulumi.aws.ec2.RouteArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var rts = Ec2Functions.getRouteTables(GetRouteTablesArgs.builder()\n .vpcId(vpcId)\n .filters(GetRouteTablesFilterArgs.builder()\n .name(\"tag:kubernetes.io/kops/role\")\n .values(\"private*\")\n .build())\n .build());\n\n for (var i = 0; i \u003c rts.applyValue(getRouteTablesResult -\u003e getRouteTablesResult.ids()).length(); i++) {\n new Route(\"r-\" + i, RouteArgs.builder()\n .routeTableId(rts.applyValue(getRouteTablesResult -\u003e getRouteTablesResult.ids())[range.value()])\n .destinationCidrBlock(\"10.0.0.0/22\")\n .vpcPeeringConnectionId(\"pcx-0e9a7a9ecd137dc54\")\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getRouteTablesFilter:getRouteTablesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired route tables.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "vpcId": { "type": "string", "description": "VPC ID that you want to filter from.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTables.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getRouteTablesFilter:getRouteTablesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the route table ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getSecurityGroup:getSecurityGroup": { "description": "`aws.ec2.SecurityGroup` provides details about a specific Security Group.\n\nThis resource can prove useful when a module accepts a Security Group id as\nan input variable and needs to, for example, determine the id of the\nVPC that the security group belongs to.\n\n## Example Usage\n\nThe following example shows how one might accept a Security Group id as a variable\nand use this data source to obtain the data necessary to create a subnet.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst securityGroupId = config.requireObject(\"securityGroupId\");\nconst selected = aws.ec2.getSecurityGroup({\n id: securityGroupId,\n});\nconst subnet = new aws.ec2.Subnet(\"subnet\", {\n vpcId: selected.then(selected =\u003e selected.vpcId),\n cidrBlock: \"10.0.1.0/24\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsecurity_group_id = config.require_object(\"securityGroupId\")\nselected = aws.ec2.get_security_group(id=security_group_id)\nsubnet = aws.ec2.Subnet(\"subnet\",\n vpc_id=selected.vpc_id,\n cidr_block=\"10.0.1.0/24\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var securityGroupId = config.RequireObject\u003cdynamic\u003e(\"securityGroupId\");\n var selected = Aws.Ec2.GetSecurityGroup.Invoke(new()\n {\n Id = securityGroupId,\n });\n\n var subnet = new Aws.Ec2.Subnet(\"subnet\", new()\n {\n VpcId = selected.Apply(getSecurityGroupResult =\u003e getSecurityGroupResult.VpcId),\n CidrBlock = \"10.0.1.0/24\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsecurityGroupId := cfg.RequireObject(\"securityGroupId\")\n\t\tselected, err := ec2.LookupSecurityGroup(ctx, \u0026ec2.LookupSecurityGroupArgs{\n\t\t\tId: pulumi.StringRef(securityGroupId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"subnet\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: pulumi.String(selected.VpcId),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSecurityGroupArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var securityGroupId = config.get(\"securityGroupId\");\n final var selected = Ec2Functions.getSecurityGroup(GetSecurityGroupArgs.builder()\n .id(securityGroupId)\n .build());\n\n var subnet = new Subnet(\"subnet\", SubnetArgs.builder()\n .vpcId(selected.applyValue(getSecurityGroupResult -\u003e getSecurityGroupResult.vpcId()))\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n securityGroupId:\n type: dynamic\nresources:\n subnet:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${selected.vpcId}\n cidrBlock: 10.0.1.0/24\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getSecurityGroup\n Arguments:\n id: ${securityGroupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecurityGroup.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "Id of the specific security group to retrieve.\n" }, "name": { "type": "string", "description": "Name of the field to filter by, as defined by\n[the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired security group.\n" }, "vpcId": { "type": "string", "description": "Id of the VPC that the desired security group belongs to.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroup.\n", "properties": { "arn": { "description": "Computed ARN of the security group.\n", "type": "string" }, "description": { "description": "Description of the security group.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getSecurityGroupFilter:getSecurityGroupFilter" }, "type": "array" }, "id": { "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "arn", "description", "id", "name", "tags", "vpcId" ], "type": "object" } }, "aws:ec2/getSecurityGroups:getSecurityGroups": { "description": "Use this data source to get IDs and VPC membership of Security Groups that are created outside this provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getSecurityGroups({\n tags: {\n Application: \"k8s\",\n Environment: \"dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_security_groups(tags={\n \"Application\": \"k8s\",\n \"Environment\": \"dev\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetSecurityGroups.Invoke(new()\n {\n Tags = \n {\n { \"Application\", \"k8s\" },\n { \"Environment\", \"dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetSecurityGroups(ctx, \u0026ec2.GetSecurityGroupsArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Application\": \"k8s\",\n\t\t\t\t\"Environment\": \"dev\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSecurityGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getSecurityGroups(GetSecurityGroupsArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Application\", \"k8s\"),\n Map.entry(\"Environment\", \"dev\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getSecurityGroups\n Arguments:\n tags:\n Application: k8s\n Environment: dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getSecurityGroups({\n filters: [\n {\n name: \"group-name\",\n values: [\"*nodes*\"],\n },\n {\n name: \"vpc-id\",\n values: [vpcId],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_security_groups(filters=[\n {\n \"name\": \"group-name\",\n \"values\": [\"*nodes*\"],\n },\n {\n \"name\": \"vpc-id\",\n \"values\": [vpc_id],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetSecurityGroups.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSecurityGroupsFilterInputArgs\n {\n Name = \"group-name\",\n Values = new[]\n {\n \"*nodes*\",\n },\n },\n new Aws.Ec2.Inputs.GetSecurityGroupsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n vpcId,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := ec2.GetSecurityGroups(ctx, \u0026ec2.GetSecurityGroupsArgs{\nFilters: []ec2.GetSecurityGroupsFilter{\n{\nName: \"group-name\",\nValues: []string{\n\"*nodes*\",\n},\n},\n{\nName: \"vpc-id\",\nValues: interface{}{\nvpcId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSecurityGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getSecurityGroups(GetSecurityGroupsArgs.builder()\n .filters( \n GetSecurityGroupsFilterArgs.builder()\n .name(\"group-name\")\n .values(\"*nodes*\")\n .build(),\n GetSecurityGroupsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(vpcId)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getSecurityGroups\n Arguments:\n filters:\n - name: group-name\n values:\n - '*nodes*'\n - name: vpc-id\n values:\n - ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecurityGroups.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter" }, "description": "One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out [describe-security-groups in the AWS CLI reference][1].\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match for desired security groups.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroups.\n", "properties": { "arns": { "description": "ARNs of the matched security groups.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getSecurityGroupsFilter:getSecurityGroupsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the matches security groups.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcIds": { "description": "VPC IDs of the matched security groups. The data source's tag or filter *will span VPCs* unless the `vpc-id` filter is also used.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "ids", "tags", "vpcIds", "id" ], "type": "object" } }, "aws:ec2/getSerialConsoleAccess:getSerialConsoleAccess": { "description": "Provides a way to check whether serial console access is enabled for your AWS account in the current AWS region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.ec2.getSerialConsoleAccess({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.ec2.get_serial_console_access()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.Ec2.GetSerialConsoleAccess.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupSerialConsoleAccess(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = Ec2Functions.getSerialConsoleAccess();\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:ec2:getSerialConsoleAccess\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getSerialConsoleAccess.\n", "properties": { "enabled": { "description": "Whether or not serial console access is enabled. Returns as `true` or `false`.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "enabled", "id" ], "type": "object" } }, "aws:ec2/getSpotPrice:getSpotPrice": { "description": "Information about most recent Spot Price for a given EC2 instance.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getSpotPrice({\n instanceType: \"t3.medium\",\n availabilityZone: \"us-west-2a\",\n filters: [{\n name: \"product-description\",\n values: [\"Linux/UNIX\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_spot_price(instance_type=\"t3.medium\",\n availability_zone=\"us-west-2a\",\n filters=[{\n \"name\": \"product-description\",\n \"values\": [\"Linux/UNIX\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetSpotPrice.Invoke(new()\n {\n InstanceType = \"t3.medium\",\n AvailabilityZone = \"us-west-2a\",\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSpotPriceFilterInputArgs\n {\n Name = \"product-description\",\n Values = new[]\n {\n \"Linux/UNIX\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetSpotPrice(ctx, \u0026ec2.GetSpotPriceArgs{\n\t\t\tInstanceType: pulumi.StringRef(\"t3.medium\"),\n\t\t\tAvailabilityZone: pulumi.StringRef(\"us-west-2a\"),\n\t\t\tFilters: []ec2.GetSpotPriceFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"product-description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Linux/UNIX\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSpotPriceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getSpotPrice(GetSpotPriceArgs.builder()\n .instanceType(\"t3.medium\")\n .availabilityZone(\"us-west-2a\")\n .filters(GetSpotPriceFilterArgs.builder()\n .name(\"product-description\")\n .values(\"Linux/UNIX\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getSpotPrice\n Arguments:\n instanceType: t3.medium\n availabilityZone: us-west-2a\n filters:\n - name: product-description\n values:\n - Linux/UNIX\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSpotPrice.\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability zone in which to query Spot price information.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSpotPriceFilter:getSpotPriceFilter" }, "description": "One or more configuration blocks containing name-values filters. See the [EC2 API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotPriceHistory.html) for supported filters. Detailed below.\n" }, "instanceType": { "type": "string", "description": "Type of instance for which to query Spot Price information.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSpotPrice.\n", "properties": { "availabilityZone": { "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getSpotPriceFilter:getSpotPriceFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceType": { "type": "string" }, "spotPrice": { "description": "Most recent Spot Price value for the given instance type and AZ.\n", "type": "string" }, "spotPriceTimestamp": { "description": "The timestamp at which the Spot Price value was published.\n", "type": "string" } }, "required": [ "spotPrice", "spotPriceTimestamp", "id" ], "type": "object" } }, "aws:ec2/getSubnet:getSubnet": { "description": "`aws.ec2.Subnet` provides details about a specific VPC subnet.\n\nThis resource can prove useful when a module accepts a subnet ID as an input variable and needs to, for example, determine the ID of the VPC that the subnet belongs to.\n\n## Example Usage\n\nThe following example shows how one might accept a subnet ID as a variable and use this data source to obtain the data necessary to create a security group that allows connections from hosts in that subnet.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnetId = config.requireObject(\"subnetId\");\nconst selected = aws.ec2.getSubnet({\n id: subnetId,\n});\nconst subnet = new aws.ec2.SecurityGroup(\"subnet\", {\n vpcId: selected.then(selected =\u003e selected.vpcId),\n ingress: [{\n cidrBlocks: [selected.then(selected =\u003e selected.cidrBlock)],\n fromPort: 80,\n toPort: 80,\n protocol: \"tcp\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnet_id = config.require_object(\"subnetId\")\nselected = aws.ec2.get_subnet(id=subnet_id)\nsubnet = aws.ec2.SecurityGroup(\"subnet\",\n vpc_id=selected.vpc_id,\n ingress=[{\n \"cidr_blocks\": [selected.cidr_block],\n \"from_port\": 80,\n \"to_port\": 80,\n \"protocol\": \"tcp\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnetId = config.RequireObject\u003cdynamic\u003e(\"subnetId\");\n var selected = Aws.Ec2.GetSubnet.Invoke(new()\n {\n Id = subnetId,\n });\n\n var subnet = new Aws.Ec2.SecurityGroup(\"subnet\", new()\n {\n VpcId = selected.Apply(getSubnetResult =\u003e getSubnetResult.VpcId),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n CidrBlocks = new[]\n {\n selected.Apply(getSubnetResult =\u003e getSubnetResult.CidrBlock),\n },\n FromPort = 80,\n ToPort = 80,\n Protocol = \"tcp\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsubnetId := cfg.RequireObject(\"subnetId\")\n\t\tselected, err := ec2.LookupSubnet(ctx, \u0026ec2.LookupSubnetArgs{\n\t\t\tId: pulumi.StringRef(subnetId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroup(ctx, \"subnet\", \u0026ec2.SecurityGroupArgs{\n\t\t\tVpcId: pulumi.String(selected.VpcId),\n\t\t\tIngress: ec2.SecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.SecurityGroupIngressArgs{\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(selected.CidrBlock),\n\t\t\t\t\t},\n\t\t\t\t\tFromPort: pulumi.Int(80),\n\t\t\t\t\tToPort: pulumi.Int(80),\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var subnetId = config.get(\"subnetId\");\n final var selected = Ec2Functions.getSubnet(GetSubnetArgs.builder()\n .id(subnetId)\n .build());\n\n var subnet = new SecurityGroup(\"subnet\", SecurityGroupArgs.builder()\n .vpcId(selected.applyValue(getSubnetResult -\u003e getSubnetResult.vpcId()))\n .ingress(SecurityGroupIngressArgs.builder()\n .cidrBlocks(selected.applyValue(getSubnetResult -\u003e getSubnetResult.cidrBlock()))\n .fromPort(80)\n .toPort(80)\n .protocol(\"tcp\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n subnetId:\n type: dynamic\nresources:\n subnet:\n type: aws:ec2:SecurityGroup\n properties:\n vpcId: ${selected.vpcId}\n ingress:\n - cidrBlocks:\n - ${selected.cidrBlock}\n fromPort: 80\n toPort: 80\n protocol: tcp\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getSubnet\n Arguments:\n id: ${subnetId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Example\n\nIf you want to match against tag `Name`, use:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.ec2.getSubnet({\n filters: [{\n name: \"tag:Name\",\n values: [\"yakdriver\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.ec2.get_subnet(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"yakdriver\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Ec2.GetSubnet.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"yakdriver\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupSubnet(ctx, \u0026ec2.LookupSubnetArgs{\n\t\t\tFilters: []ec2.GetSubnetFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"yakdriver\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Ec2Functions.getSubnet(GetSubnetArgs.builder()\n .filters(GetSubnetFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"yakdriver\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getSubnet\n Arguments:\n filters:\n - name: tag:Name\n values:\n - yakdriver\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubnet.\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability zone where the subnet must reside.\n" }, "availabilityZoneId": { "type": "string", "description": "ID of the Availability Zone for the subnet. This argument is not supported in all regions or partitions. If necessary, use `availability_zone` instead.\n" }, "cidrBlock": { "type": "string", "description": "CIDR block of the desired subnet.\n" }, "defaultForAz": { "type": "boolean", "description": "Whether the desired subnet must be the default subnet for its associated availability zone.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetFilter:getSubnetFilter" }, "description": "Configuration block. Detailed below.\n" }, "id": { "type": "string", "description": "ID of the specific subnet to retrieve.\n" }, "ipv6CidrBlock": { "type": "string", "description": "IPv6 CIDR block of the desired subnet.\n" }, "state": { "type": "string", "description": "State that the desired subnet must have.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired subnet.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC that the desired subnet belongs to.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSubnet.\n", "properties": { "arn": { "description": "ARN of the subnet.\n", "type": "string" }, "assignIpv6AddressOnCreation": { "description": "Whether an IPv6 address is assigned on creation.\n", "type": "boolean" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "availableIpAddressCount": { "description": "Available IP addresses of the subnet.\n", "type": "integer" }, "cidrBlock": { "type": "string" }, "customerOwnedIpv4Pool": { "description": "Identifier of customer owned IPv4 address pool.\n", "type": "string" }, "defaultForAz": { "type": "boolean" }, "enableDns64": { "description": "Whether DNS queries made to the Amazon-provided DNS Resolver in this subnet return synthetic IPv6 addresses for IPv4-only destinations.\n", "type": "boolean" }, "enableLniAtDeviceIndex": { "description": "Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1). A local network interface cannot be the primary network interface (eth0).\n", "type": "integer" }, "enableResourceNameDnsARecordOnLaunch": { "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.\n", "type": "boolean" }, "enableResourceNameDnsAaaaRecordOnLaunch": { "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.\n", "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getSubnetFilter:getSubnetFilter" }, "type": "array" }, "id": { "type": "string" }, "ipv6CidrBlock": { "type": "string" }, "ipv6CidrBlockAssociationId": { "description": "Association ID of the IPv6 CIDR block.\n", "type": "string" }, "ipv6Native": { "description": "Whether this is an IPv6-only subnet.\n", "type": "boolean" }, "mapCustomerOwnedIpOnLaunch": { "description": "Whether customer owned IP addresses are assigned on network interface creation.\n", "type": "boolean" }, "mapPublicIpOnLaunch": { "description": "Whether public IP addresses are assigned on instance launch.\n", "type": "boolean" }, "outpostArn": { "description": "ARN of the Outpost.\n", "type": "string" }, "ownerId": { "description": "ID of the AWS account that owns the subnet.\n", "type": "string" }, "privateDnsHostnameTypeOnLaunch": { "description": "The type of hostnames assigned to instances in the subnet at launch.\n", "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "arn", "assignIpv6AddressOnCreation", "availabilityZone", "availabilityZoneId", "availableIpAddressCount", "cidrBlock", "customerOwnedIpv4Pool", "defaultForAz", "enableDns64", "enableLniAtDeviceIndex", "enableResourceNameDnsARecordOnLaunch", "enableResourceNameDnsAaaaRecordOnLaunch", "id", "ipv6CidrBlock", "ipv6CidrBlockAssociationId", "ipv6Native", "mapCustomerOwnedIpOnLaunch", "mapPublicIpOnLaunch", "outpostArn", "ownerId", "privateDnsHostnameTypeOnLaunch", "state", "tags", "vpcId" ], "type": "object" } }, "aws:ec2/getSubnets:getSubnets": { "description": "This resource can be useful for getting back a set of subnet IDs.\n\n", "inputs": { "description": "A collection of arguments for invoking getSubnets.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getSubnetsFilter:getSubnetsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired subnets.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSubnets.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getSubnetsFilter:getSubnetsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the subnet ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getTransitGatewayRouteTables:getTransitGatewayRouteTables": { "description": "Provides information for multiple EC2 Transit Gateway Route Tables, such as their identifiers.\n\n## Example Usage\n\nThe following shows outputting all Transit Gateway Route Table Ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.ec2.getTransitGatewayRouteTables({});\n return {\n example: example.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_transit_gateway_route_tables()\npulumi.export(\"example\", example.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetTransitGatewayRouteTables.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getTransitGatewayRouteTablesResult =\u003e getTransitGatewayRouteTablesResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.GetTransitGatewayRouteTables(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", example.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetTransitGatewayRouteTablesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getTransitGatewayRouteTables();\n\n ctx.export(\"example\", example.applyValue(getTransitGatewayRouteTablesResult -\u003e getTransitGatewayRouteTablesResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getTransitGatewayRouteTables\n Arguments: {}\noutputs:\n example: ${example.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTransitGatewayRouteTables.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getTransitGatewayRouteTablesFilter:getTransitGatewayRouteTablesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired transit gateway route table.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTransitGatewayRouteTables.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getTransitGatewayRouteTablesFilter:getTransitGatewayRouteTablesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of Transit Gateway Route Table identifiers.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getVpc:getVpc": { "description": "`aws.ec2.Vpc` provides details about a specific VPC.\n\nThis resource can prove useful when a module accepts a vpc id as\nan input variable and needs to, for example, determine the CIDR block of that\nVPC.\n\n## Example Usage\n\nThe following example shows how one might accept a VPC id as a variable\nand use this data source to obtain the data necessary to create a subnet\nwithin it.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst config = new pulumi.Config();\nconst vpcId = config.requireObject(\"vpcId\");\nconst selected = aws.ec2.getVpc({\n id: vpcId,\n});\nconst example = new aws.ec2.Subnet(\"example\", {\n vpcId: selected.then(selected =\u003e selected.id),\n availabilityZone: \"us-west-2a\",\n cidrBlock: selected.then(selected =\u003e std.cidrsubnet({\n input: selected.cidrBlock,\n newbits: 4,\n netnum: 1,\n })).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nconfig = pulumi.Config()\nvpc_id = config.require_object(\"vpcId\")\nselected = aws.ec2.get_vpc(id=vpc_id)\nexample = aws.ec2.Subnet(\"example\",\n vpc_id=selected.id,\n availability_zone=\"us-west-2a\",\n cidr_block=std.cidrsubnet(input=selected.cidr_block,\n newbits=4,\n netnum=1).result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpcId = config.RequireObject\u003cdynamic\u003e(\"vpcId\");\n var selected = Aws.Ec2.GetVpc.Invoke(new()\n {\n Id = vpcId,\n });\n\n var example = new Aws.Ec2.Subnet(\"example\", new()\n {\n VpcId = selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n AvailabilityZone = \"us-west-2a\",\n CidrBlock = Std.Cidrsubnet.Invoke(new()\n {\n Input = selected.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n Newbits = 4,\n Netnum = 1,\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tvpcId := cfg.RequireObject(\"vpcId\")\n\t\tselected, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\n\t\t\tId: pulumi.StringRef(vpcId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeCidrsubnet, err := std.Cidrsubnet(ctx, \u0026std.CidrsubnetArgs{\n\t\t\tInput: selected.CidrBlock,\n\t\t\tNewbits: 4,\n\t\t\tNetnum: 1,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: pulumi.String(selected.Id),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\tCidrBlock: pulumi.String(invokeCidrsubnet.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpcId = config.get(\"vpcId\");\n final var selected = Ec2Functions.getVpc(GetVpcArgs.builder()\n .id(vpcId)\n .build());\n\n var example = new Subnet(\"example\", SubnetArgs.builder()\n .vpcId(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .availabilityZone(\"us-west-2a\")\n .cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()\n .input(selected.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .newbits(4)\n .netnum(1)\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpcId:\n type: dynamic\nresources:\n example:\n type: aws:ec2:Subnet\n properties:\n vpcId: ${selected.id}\n availabilityZone: us-west-2a\n cidrBlock:\n fn::invoke:\n Function: std:cidrsubnet\n Arguments:\n input: ${selected.cidrBlock}\n newbits: 4\n netnum: 1\n Return: result\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n id: ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpc.\n", "properties": { "cidrBlock": { "type": "string", "description": "Cidr block of the desired VPC.\n" }, "default": { "type": "boolean", "description": "Boolean constraint on whether the desired VPC is\nthe default VPC for the region.\n" }, "dhcpOptionsId": { "type": "string", "description": "DHCP options id of the desired VPC.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcFilter:getVpcFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the specific VPC to retrieve.\n" }, "state": { "type": "string", "description": "Current state of the desired VPC.\nCan be either `\"pending\"` or `\"available\"`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired VPC.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpc.\n", "properties": { "arn": { "description": "ARN of VPC\n", "type": "string" }, "cidrBlock": { "description": "CIDR block for the association.\n", "type": "string" }, "cidrBlockAssociations": { "items": { "$ref": "#/types/aws:ec2/getVpcCidrBlockAssociation:getVpcCidrBlockAssociation" }, "type": "array" }, "default": { "type": "boolean" }, "dhcpOptionsId": { "type": "string" }, "enableDnsHostnames": { "description": "Whether or not the VPC has DNS hostname support\n", "type": "boolean" }, "enableDnsSupport": { "description": "Whether or not the VPC has DNS support\n", "type": "boolean" }, "enableNetworkAddressUsageMetrics": { "description": "Whether Network Address Usage metrics are enabled for your VPC\n", "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcFilter:getVpcFilter" }, "type": "array" }, "id": { "type": "string" }, "instanceTenancy": { "description": "Allowed tenancy of instances launched into the\nselected VPC. May be any of `\"default\"`, `\"dedicated\"`, or `\"host\"`.\n", "type": "string" }, "ipv6AssociationId": { "description": "Association ID for the IPv6 CIDR block.\n", "type": "string" }, "ipv6CidrBlock": { "description": "IPv6 CIDR block.\n", "type": "string" }, "mainRouteTableId": { "description": "ID of the main route table associated with this VPC.\n", "type": "string" }, "ownerId": { "description": "ID of the AWS account that owns the VPC.\n", "type": "string" }, "state": { "description": "State of the association.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "cidrBlock", "cidrBlockAssociations", "default", "dhcpOptionsId", "enableDnsHostnames", "enableDnsSupport", "enableNetworkAddressUsageMetrics", "id", "instanceTenancy", "ipv6AssociationId", "ipv6CidrBlock", "mainRouteTableId", "ownerId", "state", "tags" ], "type": "object" } }, "aws:ec2/getVpcDhcpOptions:getVpcDhcpOptions": { "description": "Retrieve information about an EC2 DHCP Options configuration.\n\n## Example Usage\n\n### Lookup by DHCP Options ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getVpcDhcpOptions({\n dhcpOptionsId: \"dopts-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_vpc_dhcp_options(dhcp_options_id=\"dopts-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetVpcDhcpOptions.Invoke(new()\n {\n DhcpOptionsId = \"dopts-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcDhcpOptions(ctx, \u0026ec2.LookupVpcDhcpOptionsArgs{\n\t\t\tDhcpOptionsId: pulumi.StringRef(\"dopts-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcDhcpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getVpcDhcpOptions(GetVpcDhcpOptionsArgs.builder()\n .dhcpOptionsId(\"dopts-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpcDhcpOptions\n Arguments:\n dhcpOptionsId: dopts-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lookup by Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getVpcDhcpOptions({\n filters: [\n {\n name: \"key\",\n values: [\"domain-name\"],\n },\n {\n name: \"value\",\n values: [\"example.com\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_vpc_dhcp_options(filters=[\n {\n \"name\": \"key\",\n \"values\": [\"domain-name\"],\n },\n {\n \"name\": \"value\",\n \"values\": [\"example.com\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetVpcDhcpOptions.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcDhcpOptionsFilterInputArgs\n {\n Name = \"key\",\n Values = new[]\n {\n \"domain-name\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcDhcpOptionsFilterInputArgs\n {\n Name = \"value\",\n Values = new[]\n {\n \"example.com\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcDhcpOptions(ctx, \u0026ec2.LookupVpcDhcpOptionsArgs{\n\t\t\tFilters: []ec2.GetVpcDhcpOptionsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"domain-name\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"value\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcDhcpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getVpcDhcpOptions(GetVpcDhcpOptionsArgs.builder()\n .filters( \n GetVpcDhcpOptionsFilterArgs.builder()\n .name(\"key\")\n .values(\"domain-name\")\n .build(),\n GetVpcDhcpOptionsFilterArgs.builder()\n .name(\"value\")\n .values(\"example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpcDhcpOptions\n Arguments:\n filters:\n - name: key\n values:\n - domain-name\n - name: value\n values:\n - example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcDhcpOptions.\n", "properties": { "dhcpOptionsId": { "type": "string", "description": "EC2 DHCP Options ID.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter" }, "description": "List of custom filters as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcDhcpOptions.\n", "properties": { "arn": { "description": "ARN of the DHCP Options Set.\n", "type": "string" }, "dhcpOptionsId": { "description": "EC2 DHCP Options ID\n", "type": "string" }, "domainName": { "description": "Suffix domain name to used when resolving non Fully Qualified Domain NamesE.g., the `search` value in the `/etc/resolv.conf` file.\n", "type": "string" }, "domainNameServers": { "description": "List of name servers.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcDhcpOptionsFilter:getVpcDhcpOptionsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipv6AddressPreferredLeaseTime": { "description": "How frequently, in seconds, a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal.\n", "type": "string" }, "netbiosNameServers": { "description": "List of NETBIOS name servers.\n", "items": { "type": "string" }, "type": "array" }, "netbiosNodeType": { "description": "NetBIOS node type (1, 2, 4, or 8). For more information about these node types, see [RFC 2132](http://www.ietf.org/rfc/rfc2132.txt).\n", "type": "string" }, "ntpServers": { "description": "List of NTP servers.\n", "items": { "type": "string" }, "type": "array" }, "ownerId": { "description": "ID of the AWS account that owns the DHCP options set.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "arn", "dhcpOptionsId", "domainName", "domainNameServers", "ipv6AddressPreferredLeaseTime", "netbiosNameServers", "netbiosNodeType", "ntpServers", "ownerId", "tags", "id" ], "type": "object" } }, "aws:ec2/getVpcEndpoint:getVpcEndpoint": { "description": "The VPC Endpoint data source provides details about\na specific VPC endpoint.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst s3 = aws.ec2.getVpcEndpoint({\n vpcId: foo.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n});\nconst privateS3 = new aws.ec2.VpcEndpointRouteTableAssociation(\"private_s3\", {\n vpcEndpointId: s3.then(s3 =\u003e s3.id),\n routeTableId: _private.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\ns3 = aws.ec2.get_vpc_endpoint(vpc_id=foo[\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\")\nprivate_s3 = aws.ec2.VpcEndpointRouteTableAssociation(\"private_s3\",\n vpc_endpoint_id=s3.id,\n route_table_id=private[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var s3 = Aws.Ec2.GetVpcEndpoint.Invoke(new()\n {\n VpcId = foo.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n });\n\n var privateS3 = new Aws.Ec2.VpcEndpointRouteTableAssociation(\"private_s3\", new()\n {\n VpcEndpointId = s3.Apply(getVpcEndpointResult =\u003e getVpcEndpointResult.Id),\n RouteTableId = @private.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Declare the data source\n\t\ts3, err := ec2.LookupVpcEndpoint(ctx, \u0026ec2.LookupVpcEndpointArgs{\n\t\t\tVpcId: pulumi.StringRef(foo.Id),\n\t\t\tServiceName: pulumi.StringRef(\"com.amazonaws.us-west-2.s3\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpointRouteTableAssociation(ctx, \"private_s3\", \u0026ec2.VpcEndpointRouteTableAssociationArgs{\n\t\t\tVpcEndpointId: pulumi.String(s3.Id),\n\t\t\tRouteTableId: pulumi.Any(private.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcEndpointArgs;\nimport com.pulumi.aws.ec2.VpcEndpointRouteTableAssociation;\nimport com.pulumi.aws.ec2.VpcEndpointRouteTableAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Declare the data source\n final var s3 = Ec2Functions.getVpcEndpoint(GetVpcEndpointArgs.builder()\n .vpcId(foo.id())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .build());\n\n var privateS3 = new VpcEndpointRouteTableAssociation(\"privateS3\", VpcEndpointRouteTableAssociationArgs.builder()\n .vpcEndpointId(s3.applyValue(getVpcEndpointResult -\u003e getVpcEndpointResult.id()))\n .routeTableId(private_.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n privateS3:\n type: aws:ec2:VpcEndpointRouteTableAssociation\n name: private_s3\n properties:\n vpcEndpointId: ${s3.id}\n routeTableId: ${private.id}\nvariables:\n # Declare the data source\n s3:\n fn::invoke:\n Function: aws:ec2:getVpcEndpoint\n Arguments:\n vpcId: ${foo.id}\n serviceName: com.amazonaws.us-west-2.s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcEndpoint.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the specific VPC Endpoint to retrieve.\n" }, "serviceName": { "type": "string", "description": "Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "state": { "type": "string", "description": "State of the specific VPC Endpoint to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the specific VPC Endpoint to retrieve.\n" }, "vpcId": { "type": "string", "description": "ID of the VPC in which the specific VPC Endpoint is used.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcEndpoint.\n", "properties": { "arn": { "description": "ARN of the VPC endpoint.\n", "type": "string" }, "cidrBlocks": { "description": "List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type `Gateway`.\n", "items": { "type": "string" }, "type": "array" }, "dnsEntries": { "description": "DNS entries for the VPC Endpoint. Applicable for endpoints of type `Interface`. DNS entry blocks are documented below.\n", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointDnsEntry:getVpcEndpointDnsEntry" }, "type": "array" }, "dnsOptions": { "description": "DNS options for the VPC Endpoint. DNS options blocks are documented below.\n", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointDnsOption:getVpcEndpointDnsOption" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcEndpointFilter:getVpcEndpointFilter" }, "type": "array" }, "id": { "type": "string" }, "ipAddressType": { "type": "string" }, "networkInterfaceIds": { "description": "One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type `Interface`.\n", "items": { "type": "string" }, "type": "array" }, "ownerId": { "description": "ID of the AWS account that owns the VPC endpoint.\n", "type": "string" }, "policy": { "description": "Policy document associated with the VPC Endpoint. Applicable for endpoints of type `Gateway`.\n", "type": "string" }, "prefixListId": { "description": "Prefix list ID of the exposed AWS service. Applicable for endpoints of type `Gateway`.\n", "type": "string" }, "privateDnsEnabled": { "description": "Whether or not the VPC is associated with a private hosted zone - `true` or `false`. Applicable for endpoints of type `Interface`.\n", "type": "boolean" }, "requesterManaged": { "description": "Whether or not the VPC Endpoint is being managed by its service - `true` or `false`.\n", "type": "boolean" }, "routeTableIds": { "description": "One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type `Gateway`.\n", "items": { "type": "string" }, "type": "array" }, "securityGroupIds": { "description": "One or more security groups associated with the network interfaces. Applicable for endpoints of type `Interface`.\n", "items": { "type": "string" }, "type": "array" }, "serviceName": { "type": "string" }, "state": { "type": "string" }, "subnetIds": { "description": "One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type `Interface`.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcEndpointType": { "description": "VPC Endpoint type, `Gateway` or `Interface`.\n", "type": "string" }, "vpcId": { "type": "string" } }, "required": [ "arn", "cidrBlocks", "dnsEntries", "dnsOptions", "id", "ipAddressType", "networkInterfaceIds", "ownerId", "policy", "prefixListId", "privateDnsEnabled", "requesterManaged", "routeTableIds", "securityGroupIds", "serviceName", "state", "subnetIds", "tags", "vpcEndpointType", "vpcId" ], "type": "object" } }, "aws:ec2/getVpcEndpointService:getVpcEndpointService": { "description": "The VPC Endpoint Service data source details about a specific service that\ncan be specified when creating a VPC endpoint within the region configured in the provider.\n\n## Example Usage\n\n### AWS Service\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst s3 = aws.ec2.getVpcEndpointService({\n service: \"s3\",\n serviceType: \"Gateway\",\n});\n// Create a VPC\nconst foo = new aws.ec2.Vpc(\"foo\", {cidrBlock: \"10.0.0.0/16\"});\n// Create a VPC endpoint\nconst ep = new aws.ec2.VpcEndpoint(\"ep\", {\n vpcId: foo.id,\n serviceName: s3.then(s3 =\u003e s3.serviceName),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\ns3 = aws.ec2.get_vpc_endpoint_service(service=\"s3\",\n service_type=\"Gateway\")\n# Create a VPC\nfoo = aws.ec2.Vpc(\"foo\", cidr_block=\"10.0.0.0/16\")\n# Create a VPC endpoint\nep = aws.ec2.VpcEndpoint(\"ep\",\n vpc_id=foo.id,\n service_name=s3.service_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var s3 = Aws.Ec2.GetVpcEndpointService.Invoke(new()\n {\n Service = \"s3\",\n ServiceType = \"Gateway\",\n });\n\n // Create a VPC\n var foo = new Aws.Ec2.Vpc(\"foo\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n // Create a VPC endpoint\n var ep = new Aws.Ec2.VpcEndpoint(\"ep\", new()\n {\n VpcId = foo.Id,\n ServiceName = s3.Apply(getVpcEndpointServiceResult =\u003e getVpcEndpointServiceResult.ServiceName),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Declare the data source\n\t\ts3, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tService: pulumi.StringRef(\"s3\"),\n\t\t\tServiceType: pulumi.StringRef(\"Gateway\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a VPC\n\t\tfoo, err := ec2.NewVpc(ctx, \"foo\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a VPC endpoint\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"ep\", \u0026ec2.VpcEndpointArgs{\n\t\t\tVpcId: foo.ID(),\n\t\t\tServiceName: pulumi.String(s3.ServiceName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcEndpointServiceArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.VpcEndpoint;\nimport com.pulumi.aws.ec2.VpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Declare the data source\n final var s3 = Ec2Functions.getVpcEndpointService(GetVpcEndpointServiceArgs.builder()\n .service(\"s3\")\n .serviceType(\"Gateway\")\n .build());\n\n // Create a VPC\n var foo = new Vpc(\"foo\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n // Create a VPC endpoint\n var ep = new VpcEndpoint(\"ep\", VpcEndpointArgs.builder()\n .vpcId(foo.id())\n .serviceName(s3.applyValue(getVpcEndpointServiceResult -\u003e getVpcEndpointServiceResult.serviceName()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a VPC\n foo:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n # Create a VPC endpoint\n ep:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${foo.id}\n serviceName: ${s3.serviceName}\nvariables:\n # Declare the data source\n s3:\n fn::invoke:\n Function: aws:ec2:getVpcEndpointService\n Arguments:\n service: s3\n serviceType: Gateway\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Non-AWS Service\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst custome = aws.ec2.getVpcEndpointService({\n serviceName: \"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncustome = aws.ec2.get_vpc_endpoint_service(service_name=\"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var custome = Aws.Ec2.GetVpcEndpointService.Invoke(new()\n {\n ServiceName = \"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tServiceName: pulumi.StringRef(\"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcEndpointServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var custome = Ec2Functions.getVpcEndpointService(GetVpcEndpointServiceArgs.builder()\n .serviceName(\"com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n custome:\n fn::invoke:\n Function: aws:ec2:getVpcEndpointService\n Arguments:\n serviceName: com.amazonaws.vpce.us-west-2.vpce-svc-0e87519c997c63cd8\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getVpcEndpointService({\n filters: [{\n name: \"service-name\",\n values: [\"some-service\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_endpoint_service(filters=[{\n \"name\": \"service-name\",\n \"values\": [\"some-service\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetVpcEndpointService.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcEndpointServiceFilterInputArgs\n {\n Name = \"service-name\",\n Values = new[]\n {\n \"some-service\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.LookupVpcEndpointService(ctx, \u0026ec2.LookupVpcEndpointServiceArgs{\n\t\t\tFilters: []ec2.GetVpcEndpointServiceFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"service-name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-service\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcEndpointServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getVpcEndpointService(GetVpcEndpointServiceArgs.builder()\n .filters(GetVpcEndpointServiceFilterArgs.builder()\n .name(\"service-name\")\n .values(\"some-service\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getVpcEndpointService\n Arguments:\n filters:\n - name: service-name\n values:\n - some-service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcEndpointService.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "service": { "type": "string", "description": "Common name of an AWS service (e.g., `s3`).\n" }, "serviceName": { "type": "string", "description": "Service name that is specified when creating a VPC endpoint. For AWS services the service name is usually in the form `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.\u003cregion\u003e.notebook`).\n" }, "serviceType": { "type": "string", "description": "Service type, `Gateway` or `Interface`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired VPC Endpoint Service.\n\n\u003e **NOTE:** Specifying `service` will not work for non-AWS services or AWS services that don't follow the standard `service_name` pattern of `com.amazonaws.\u003cregion\u003e.\u003cservice\u003e`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcEndpointService.\n", "properties": { "acceptanceRequired": { "description": "Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - `true` or `false`.\n", "type": "boolean" }, "arn": { "description": "ARN of the VPC endpoint service.\n", "type": "string" }, "availabilityZones": { "description": "Availability Zones in which the service is available.\n", "items": { "type": "string" }, "type": "array" }, "baseEndpointDnsNames": { "description": "The DNS names for the service.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcEndpointServiceFilter:getVpcEndpointServiceFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "managesVpcEndpoints": { "description": "Whether or not the service manages its VPC endpoints - `true` or `false`.\n", "type": "boolean" }, "owner": { "description": "AWS account ID of the service owner or `amazon`.\n", "type": "string" }, "privateDnsName": { "description": "Private DNS name for the service.\n", "type": "string" }, "service": { "type": "string" }, "serviceId": { "description": "ID of the endpoint service.\n", "type": "string" }, "serviceName": { "type": "string" }, "serviceType": { "type": "string" }, "supportedIpAddressTypes": { "description": "The supported IP address types.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" }, "vpcEndpointPolicySupported": { "description": "Whether or not the service supports endpoint policies - `true` or `false`.\n", "type": "boolean" } }, "required": [ "acceptanceRequired", "arn", "availabilityZones", "baseEndpointDnsNames", "managesVpcEndpoints", "owner", "privateDnsName", "serviceId", "serviceName", "serviceType", "supportedIpAddressTypes", "tags", "vpcEndpointPolicySupported", "id" ], "type": "object" } }, "aws:ec2/getVpcIamPool:getVpcIamPool": { "deprecationMessage": "aws.ec2/getvpciampool.getVpcIamPool has been deprecated in favor of aws.ec2/getvpcipampool.getVpcIpamPool", "description": "`aws.ec2.VpcIpamPool` provides details about an IPAM pool.\n\nThis resource can prove useful when an ipam pool was created in another root\nmodule and you need the pool's id as an input variable. For example, pools\ncan be shared via RAM and used to create vpcs with CIDRs from that pool.\n\n## Example Usage\n\nThe following example shows an account that has only 1 pool, perhaps shared\nvia RAM, and using that pool id to create a VPC with a CIDR derived from\nAWS IPAM.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getVpcIpamPool({\n filters: [\n {\n name: \"description\",\n values: [\"*test*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\nconst testVpc = new aws.ec2.Vpc(\"test\", {\n ipv4IpamPoolId: test.then(test =\u003e test.id),\n ipv4NetmaskLength: 28,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_ipam_pool(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*test*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\ntest_vpc = aws.ec2.Vpc(\"test\",\n ipv4_ipam_pool_id=test.id,\n ipv4_netmask_length=28)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetVpcIpamPool.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*test*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n var testVpc = new Aws.Ec2.Vpc(\"test\", new()\n {\n Ipv4IpamPoolId = test.Apply(getVpcIpamPoolResult =\u003e getVpcIpamPoolResult.Id),\n Ipv4NetmaskLength = 28,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.LookupVpcIpamPool(ctx, \u0026ec2.LookupVpcIpamPoolArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*test*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tIpv4IpamPoolId: pulumi.String(test.Id),\n\t\t\tIpv4NetmaskLength: pulumi.Int(28),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getVpcIpamPool(GetVpcIpamPoolArgs.builder()\n .filters( \n GetVpcIpamPoolFilterArgs.builder()\n .name(\"description\")\n .values(\"*test*\")\n .build(),\n GetVpcIpamPoolFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n var testVpc = new Vpc(\"testVpc\", VpcArgs.builder()\n .ipv4IpamPoolId(test.applyValue(getVpcIpamPoolResult -\u003e getVpcIpamPoolResult.id()))\n .ipv4NetmaskLength(28)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testVpc:\n type: aws:ec2:Vpc\n name: test\n properties:\n ipv4IpamPoolId: ${test.id}\n ipv4NetmaskLength: 28\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPool\n Arguments:\n filters:\n - name: description\n values:\n - '*test*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIamPool.\n", "properties": { "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolFilter:getVpcIamPoolFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the IPAM pool.\n" }, "ipamPoolId": { "type": "string", "description": "ID of the IPAM pool you would like information on.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcIamPool.\n", "properties": { "addressFamily": { "description": "IP protocol assigned to this pool.\n", "type": "string" }, "allocationDefaultNetmaskLength": { "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is `10.0.0.0/8` and you enter 16 here, new allocations will default to `10.0.0.0/16`.\n", "type": "integer" }, "allocationMaxNetmaskLength": { "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n", "type": "integer" }, "allocationMinNetmaskLength": { "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n", "type": "integer" }, "allocationResourceTags": { "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n", "type": "object" }, "arn": { "description": "ARN of the pool\n", "type": "string" }, "autoImport": { "description": "If enabled, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM.\n", "type": "boolean" }, "awsService": { "description": "Limits which service in AWS that the pool can be used in. `ec2` for example, allows users to use space for Elastic IP addresses and VPCs.\n", "type": "string" }, "description": { "description": "Description for the IPAM pool.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolFilter:getVpcIamPoolFilter" }, "type": "array" }, "id": { "description": "ID of the IPAM pool.\n", "type": "string" }, "ipamPoolId": { "type": "string" }, "ipamScopeId": { "description": "ID of the scope the pool belongs to.\n", "type": "string" }, "ipamScopeType": { "type": "string" }, "locale": { "description": "Locale is the Region where your pool is available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region.\n", "type": "string" }, "poolDepth": { "type": "integer" }, "publiclyAdvertisable": { "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet.\n", "type": "boolean" }, "sourceIpamPoolId": { "description": "ID of the source IPAM pool.\n", "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n", "type": "object" } }, "required": [ "addressFamily", "allocationDefaultNetmaskLength", "allocationMaxNetmaskLength", "allocationMinNetmaskLength", "allocationResourceTags", "arn", "autoImport", "awsService", "description", "ipamScopeId", "ipamScopeType", "locale", "poolDepth", "publiclyAdvertisable", "sourceIpamPoolId", "state", "tags" ], "type": "object" } }, "aws:ec2/getVpcIamPoolCidrs:getVpcIamPoolCidrs": { "deprecationMessage": "aws.ec2/getvpciampoolcidrs.getVpcIamPoolCidrs has been deprecated in favor of aws.ec2/getvpcipampoolcidrs.getVpcIpamPoolCidrs", "description": "`aws.ec2.getVpcIpamPoolCidrs` provides details about an IPAM pool.\n\nThis resource can prove useful when an ipam pool was shared to your account and you want to know all (or a filtered list) of the CIDRs that are provisioned into the pool.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst p = aws.ec2.getVpcIpamPool({\n filters: [\n {\n name: \"description\",\n values: [\"*mypool*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\nconst c = p.then(p =\u003e aws.ec2.getVpcIpamPoolCidrs({\n ipamPoolId: p.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\np = aws.ec2.get_vpc_ipam_pool(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*mypool*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\nc = aws.ec2.get_vpc_ipam_pool_cidrs(ipam_pool_id=p.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var p = Aws.Ec2.GetVpcIpamPool.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*mypool*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n var c = Aws.Ec2.GetVpcIpamPoolCidrs.Invoke(new()\n {\n IpamPoolId = p.Apply(getVpcIpamPoolResult =\u003e getVpcIpamPoolResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tp, err := ec2.LookupVpcIpamPool(ctx, \u0026ec2.LookupVpcIpamPoolArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*mypool*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.GetVpcIpamPoolCidrs(ctx, \u0026ec2.GetVpcIpamPoolCidrsArgs{\n\t\t\tIpamPoolId: p.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolCidrsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var p = Ec2Functions.getVpcIpamPool(GetVpcIpamPoolArgs.builder()\n .filters( \n GetVpcIpamPoolFilterArgs.builder()\n .name(\"description\")\n .values(\"*mypool*\")\n .build(),\n GetVpcIpamPoolFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n final var c = Ec2Functions.getVpcIpamPoolCidrs(GetVpcIpamPoolCidrsArgs.builder()\n .ipamPoolId(p.applyValue(getVpcIpamPoolResult -\u003e getVpcIpamPoolResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n c:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPoolCidrs\n Arguments:\n ipamPoolId: ${p.id}\n p:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPool\n Arguments:\n filters:\n - name: description\n values:\n - '*mypool*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFiltering:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst c = aws.ec2.getVpcIpamPoolCidrs({\n ipamPoolId: \"ipam-pool-123\",\n filters: [{\n name: \"cidr\",\n values: [\"10.*\"],\n }],\n});\nconst mycidrs = c.then(c =\u003e .filter(cidr =\u003e cidr.state == \"provisioned\").map(cidr =\u003e (cidr.cidr)));\nconst pls = new aws.ec2.ManagedPrefixList(\"pls\", {\n entries: mycidrs.map((v, k) =\u003e ({key: k, value: v})).then(entries =\u003e entries.map(entry =\u003e ({\n cidr: entry.value,\n description: entry.value,\n }))),\n name: `IPAM Pool (${test.id}) Cidrs`,\n addressFamily: \"IPv4\",\n maxEntries: mycidrs.length,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nc = aws.ec2.get_vpc_ipam_pool_cidrs(ipam_pool_id=\"ipam-pool-123\",\n filters=[{\n \"name\": \"cidr\",\n \"values\": [\"10.*\"],\n }])\nmycidrs = [cidr.cidr for cidr in c.ipam_pool_cidrs if cidr.state == \"provisioned\"]\npls = aws.ec2.ManagedPrefixList(\"pls\",\n entries=[{\n \"cidr\": entry[\"value\"],\n \"description\": entry[\"value\"],\n } for entry in [{\"key\": k, \"value\": v} for k, v in mycidrs]],\n name=f\"IPAM Pool ({test['id']}) Cidrs\",\n address_family=\"IPv4\",\n max_entries=len(mycidrs))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var c = Aws.Ec2.GetVpcIpamPoolCidrs.Invoke(new()\n {\n IpamPoolId = \"ipam-pool-123\",\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolCidrsFilterInputArgs\n {\n Name = \"cidr\",\n Values = new[]\n {\n \"10.*\",\n },\n },\n },\n });\n\n var mycidrs = .Where(cidr =\u003e cidr.State == \"provisioned\").Select(cidr =\u003e \n {\n return cidr.Cidr;\n }).ToList();\n\n var pls = new Aws.Ec2.ManagedPrefixList(\"pls\", new()\n {\n Entries = mycidrs.Select((v, k) =\u003e new { Key = k, Value = v }).Apply(entries =\u003e entries.Select(entry =\u003e \n {\n return \n {\n { \"cidr\", entry.Value },\n { \"description\", entry.Value },\n };\n }).ToList()),\n Name = $\"IPAM Pool ({test.Id}) Cidrs\",\n AddressFamily = \"IPv4\",\n MaxEntries = mycidrs.Length,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIamPoolCidrs.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolCidrsFilter:getVpcIamPoolCidrsFilter" }, "description": "Custom filter block as described below.\n" }, "ipamPoolId": { "type": "string", "description": "ID of the IPAM pool you would like the list of provisioned CIDRs.\n" } }, "type": "object", "required": [ "ipamPoolId" ] }, "outputs": { "description": "A collection of values returned by getVpcIamPoolCidrs.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolCidrsFilter:getVpcIamPoolCidrsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipamPoolCidrs": { "description": "The CIDRs provisioned into the IPAM pool, described below.\n", "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolCidrsIpamPoolCidr:getVpcIamPoolCidrsIpamPoolCidr" }, "type": "array" }, "ipamPoolId": { "type": "string" } }, "required": [ "ipamPoolCidrs", "ipamPoolId", "id" ], "type": "object" } }, "aws:ec2/getVpcIamPools:getVpcIamPools": { "deprecationMessage": "aws.ec2/getvpciampools.getVpcIamPools has been deprecated in favor of aws.ec2/getvpcipampools.getVpcIpamPools", "description": "`aws.ec2.getVpcIpamPools` provides details about IPAM pools.\n\nThis resource can prove useful when IPAM pools are created in another root\nmodule and you need the pool ids as input variables. For example, pools\ncan be shared via RAM and used to create vpcs with CIDRs from that pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getVpcIpamPools({\n filters: [\n {\n name: \"description\",\n values: [\"*test*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_ipam_pools(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*test*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetVpcIpamPools.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolsFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*test*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolsFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetVpcIpamPools(ctx, \u0026ec2.GetVpcIpamPoolsArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*test*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getVpcIpamPools(GetVpcIpamPoolsArgs.builder()\n .filters( \n GetVpcIpamPoolsFilterArgs.builder()\n .name(\"description\")\n .values(\"*test*\")\n .build(),\n GetVpcIpamPoolsFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPools\n Arguments:\n filters:\n - name: description\n values:\n - '*test*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIamPools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolsFilter:getVpcIamPoolsFilter" }, "description": "Custom filter block as described below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcIamPools.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolsFilter:getVpcIamPoolsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipamPools": { "description": "List of IPAM pools and their attributes. See below for details\n", "items": { "$ref": "#/types/aws:ec2/getVpcIamPoolsIpamPool:getVpcIamPoolsIpamPool" }, "type": "array" } }, "required": [ "ipamPools", "id" ], "type": "object" } }, "aws:ec2/getVpcIpamPool:getVpcIpamPool": { "description": "`aws.ec2.VpcIpamPool` provides details about an IPAM pool.\n\nThis resource can prove useful when an ipam pool was created in another root\nmodule and you need the pool's id as an input variable. For example, pools\ncan be shared via RAM and used to create vpcs with CIDRs from that pool.\n\n## Example Usage\n\nThe following example shows an account that has only 1 pool, perhaps shared\nvia RAM, and using that pool id to create a VPC with a CIDR derived from\nAWS IPAM.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getVpcIpamPool({\n filters: [\n {\n name: \"description\",\n values: [\"*test*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\nconst testVpc = new aws.ec2.Vpc(\"test\", {\n ipv4IpamPoolId: test.then(test =\u003e test.id),\n ipv4NetmaskLength: 28,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_ipam_pool(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*test*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\ntest_vpc = aws.ec2.Vpc(\"test\",\n ipv4_ipam_pool_id=test.id,\n ipv4_netmask_length=28)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetVpcIpamPool.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*test*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n var testVpc = new Aws.Ec2.Vpc(\"test\", new()\n {\n Ipv4IpamPoolId = test.Apply(getVpcIpamPoolResult =\u003e getVpcIpamPoolResult.Id),\n Ipv4NetmaskLength = 28,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := ec2.LookupVpcIpamPool(ctx, \u0026ec2.LookupVpcIpamPoolArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*test*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tIpv4IpamPoolId: pulumi.String(test.Id),\n\t\t\tIpv4NetmaskLength: pulumi.Int(28),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getVpcIpamPool(GetVpcIpamPoolArgs.builder()\n .filters( \n GetVpcIpamPoolFilterArgs.builder()\n .name(\"description\")\n .values(\"*test*\")\n .build(),\n GetVpcIpamPoolFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n var testVpc = new Vpc(\"testVpc\", VpcArgs.builder()\n .ipv4IpamPoolId(test.applyValue(getVpcIpamPoolResult -\u003e getVpcIpamPoolResult.id()))\n .ipv4NetmaskLength(28)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testVpc:\n type: aws:ec2:Vpc\n name: test\n properties:\n ipv4IpamPoolId: ${test.id}\n ipv4NetmaskLength: 28\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPool\n Arguments:\n filters:\n - name: description\n values:\n - '*test*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIpamPool.\n", "properties": { "allocationResourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolFilter:getVpcIpamPoolFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the IPAM pool.\n" }, "ipamPoolId": { "type": "string", "description": "ID of the IPAM pool you would like information on.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcIpamPool.\n", "properties": { "addressFamily": { "description": "IP protocol assigned to this pool.\n", "type": "string" }, "allocationDefaultNetmaskLength": { "description": "A default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is `10.0.0.0/8` and you enter 16 here, new allocations will default to `10.0.0.0/16`.\n", "type": "integer" }, "allocationMaxNetmaskLength": { "description": "The maximum netmask length that will be required for CIDR allocations in this pool.\n", "type": "integer" }, "allocationMinNetmaskLength": { "description": "The minimum netmask length that will be required for CIDR allocations in this pool.\n", "type": "integer" }, "allocationResourceTags": { "additionalProperties": { "type": "string" }, "description": "Tags that are required to create resources in using this pool.\n", "type": "object" }, "arn": { "description": "ARN of the pool\n", "type": "string" }, "autoImport": { "description": "If enabled, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM.\n", "type": "boolean" }, "awsService": { "description": "Limits which service in AWS that the pool can be used in. `ec2` for example, allows users to use space for Elastic IP addresses and VPCs.\n", "type": "string" }, "description": { "description": "Description for the IPAM pool.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolFilter:getVpcIpamPoolFilter" }, "type": "array" }, "id": { "description": "ID of the IPAM pool.\n", "type": "string" }, "ipamPoolId": { "type": "string" }, "ipamScopeId": { "description": "ID of the scope the pool belongs to.\n", "type": "string" }, "ipamScopeType": { "type": "string" }, "locale": { "description": "Locale is the Region where your pool is available for allocations. You can only create pools with locales that match the operating Regions of the IPAM. You can only create VPCs from a pool whose locale matches the VPC's Region.\n", "type": "string" }, "poolDepth": { "type": "integer" }, "publiclyAdvertisable": { "description": "Defines whether or not IPv6 pool space is publicly advertisable over the internet.\n", "type": "boolean" }, "sourceIpamPoolId": { "description": "ID of the source IPAM pool.\n", "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the resource.\n", "type": "object" } }, "required": [ "addressFamily", "allocationDefaultNetmaskLength", "allocationMaxNetmaskLength", "allocationMinNetmaskLength", "allocationResourceTags", "arn", "autoImport", "awsService", "description", "ipamScopeId", "ipamScopeType", "locale", "poolDepth", "publiclyAdvertisable", "sourceIpamPoolId", "state", "tags" ], "type": "object" } }, "aws:ec2/getVpcIpamPoolCidrs:getVpcIpamPoolCidrs": { "description": "`aws.ec2.getVpcIpamPoolCidrs` provides details about an IPAM pool.\n\nThis resource can prove useful when an ipam pool was shared to your account and you want to know all (or a filtered list) of the CIDRs that are provisioned into the pool.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst p = aws.ec2.getVpcIpamPool({\n filters: [\n {\n name: \"description\",\n values: [\"*mypool*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\nconst c = p.then(p =\u003e aws.ec2.getVpcIpamPoolCidrs({\n ipamPoolId: p.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\np = aws.ec2.get_vpc_ipam_pool(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*mypool*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\nc = aws.ec2.get_vpc_ipam_pool_cidrs(ipam_pool_id=p.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var p = Aws.Ec2.GetVpcIpamPool.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*mypool*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n var c = Aws.Ec2.GetVpcIpamPoolCidrs.Invoke(new()\n {\n IpamPoolId = p.Apply(getVpcIpamPoolResult =\u003e getVpcIpamPoolResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tp, err := ec2.LookupVpcIpamPool(ctx, \u0026ec2.LookupVpcIpamPoolArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*mypool*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.GetVpcIpamPoolCidrs(ctx, \u0026ec2.GetVpcIpamPoolCidrsArgs{\n\t\t\tIpamPoolId: p.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolCidrsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var p = Ec2Functions.getVpcIpamPool(GetVpcIpamPoolArgs.builder()\n .filters( \n GetVpcIpamPoolFilterArgs.builder()\n .name(\"description\")\n .values(\"*mypool*\")\n .build(),\n GetVpcIpamPoolFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n final var c = Ec2Functions.getVpcIpamPoolCidrs(GetVpcIpamPoolCidrsArgs.builder()\n .ipamPoolId(p.applyValue(getVpcIpamPoolResult -\u003e getVpcIpamPoolResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n c:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPoolCidrs\n Arguments:\n ipamPoolId: ${p.id}\n p:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPool\n Arguments:\n filters:\n - name: description\n values:\n - '*mypool*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFiltering:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst c = aws.ec2.getVpcIpamPoolCidrs({\n ipamPoolId: \"ipam-pool-123\",\n filters: [{\n name: \"cidr\",\n values: [\"10.*\"],\n }],\n});\nconst mycidrs = c.then(c =\u003e .filter(cidr =\u003e cidr.state == \"provisioned\").map(cidr =\u003e (cidr.cidr)));\nconst pls = new aws.ec2.ManagedPrefixList(\"pls\", {\n entries: mycidrs.map((v, k) =\u003e ({key: k, value: v})).then(entries =\u003e entries.map(entry =\u003e ({\n cidr: entry.value,\n description: entry.value,\n }))),\n name: `IPAM Pool (${test.id}) Cidrs`,\n addressFamily: \"IPv4\",\n maxEntries: mycidrs.length,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nc = aws.ec2.get_vpc_ipam_pool_cidrs(ipam_pool_id=\"ipam-pool-123\",\n filters=[{\n \"name\": \"cidr\",\n \"values\": [\"10.*\"],\n }])\nmycidrs = [cidr.cidr for cidr in c.ipam_pool_cidrs if cidr.state == \"provisioned\"]\npls = aws.ec2.ManagedPrefixList(\"pls\",\n entries=[{\n \"cidr\": entry[\"value\"],\n \"description\": entry[\"value\"],\n } for entry in [{\"key\": k, \"value\": v} for k, v in mycidrs]],\n name=f\"IPAM Pool ({test['id']}) Cidrs\",\n address_family=\"IPv4\",\n max_entries=len(mycidrs))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var c = Aws.Ec2.GetVpcIpamPoolCidrs.Invoke(new()\n {\n IpamPoolId = \"ipam-pool-123\",\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolCidrsFilterInputArgs\n {\n Name = \"cidr\",\n Values = new[]\n {\n \"10.*\",\n },\n },\n },\n });\n\n var mycidrs = .Where(cidr =\u003e cidr.State == \"provisioned\").Select(cidr =\u003e \n {\n return cidr.Cidr;\n }).ToList();\n\n var pls = new Aws.Ec2.ManagedPrefixList(\"pls\", new()\n {\n Entries = mycidrs.Select((v, k) =\u003e new { Key = k, Value = v }).Apply(entries =\u003e entries.Select(entry =\u003e \n {\n return \n {\n { \"cidr\", entry.Value },\n { \"description\", entry.Value },\n };\n }).ToList()),\n Name = $\"IPAM Pool ({test.Id}) Cidrs\",\n AddressFamily = \"IPv4\",\n MaxEntries = mycidrs.Length,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIpamPoolCidrs.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolCidrsFilter:getVpcIpamPoolCidrsFilter" }, "description": "Custom filter block as described below.\n" }, "ipamPoolId": { "type": "string", "description": "ID of the IPAM pool you would like the list of provisioned CIDRs.\n" } }, "type": "object", "required": [ "ipamPoolId" ] }, "outputs": { "description": "A collection of values returned by getVpcIpamPoolCidrs.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolCidrsFilter:getVpcIpamPoolCidrsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipamPoolCidrs": { "description": "The CIDRs provisioned into the IPAM pool, described below.\n", "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolCidrsIpamPoolCidr:getVpcIpamPoolCidrsIpamPoolCidr" }, "type": "array" }, "ipamPoolId": { "type": "string" } }, "required": [ "ipamPoolCidrs", "ipamPoolId", "id" ], "type": "object" } }, "aws:ec2/getVpcIpamPools:getVpcIpamPools": { "description": "`aws.ec2.getVpcIpamPools` provides details about IPAM pools.\n\nThis resource can prove useful when IPAM pools are created in another root\nmodule and you need the pool ids as input variables. For example, pools\ncan be shared via RAM and used to create vpcs with CIDRs from that pool.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2.getVpcIpamPools({\n filters: [\n {\n name: \"description\",\n values: [\"*test*\"],\n },\n {\n name: \"address-family\",\n values: [\"ipv4\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2.get_vpc_ipam_pools(filters=[\n {\n \"name\": \"description\",\n \"values\": [\"*test*\"],\n },\n {\n \"name\": \"address-family\",\n \"values\": [\"ipv4\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2.GetVpcIpamPools.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcIpamPoolsFilterInputArgs\n {\n Name = \"description\",\n Values = new[]\n {\n \"*test*\",\n },\n },\n new Aws.Ec2.Inputs.GetVpcIpamPoolsFilterInputArgs\n {\n Name = \"address-family\",\n Values = new[]\n {\n \"ipv4\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.GetVpcIpamPools(ctx, \u0026ec2.GetVpcIpamPoolsArgs{\n\t\t\tFilters: []ec2.GetVpcIpamPoolsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"description\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"*test*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"address-family\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ipv4\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcIpamPoolsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2Functions.getVpcIpamPools(GetVpcIpamPoolsArgs.builder()\n .filters( \n GetVpcIpamPoolsFilterArgs.builder()\n .name(\"description\")\n .values(\"*test*\")\n .build(),\n GetVpcIpamPoolsFilterArgs.builder()\n .name(\"address-family\")\n .values(\"ipv4\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2:getVpcIpamPools\n Arguments:\n filters:\n - name: description\n values:\n - '*test*'\n - name: address-family\n values:\n - ipv4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcIpamPools.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolsFilter:getVpcIpamPoolsFilter" }, "description": "Custom filter block as described below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcIpamPools.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolsFilter:getVpcIpamPoolsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipamPools": { "description": "List of IPAM pools and their attributes. See below for details\n", "items": { "$ref": "#/types/aws:ec2/getVpcIpamPoolsIpamPool:getVpcIpamPoolsIpamPool" }, "type": "array" } }, "required": [ "ipamPools", "id" ], "type": "object" } }, "aws:ec2/getVpcPeeringConnection:getVpcPeeringConnection": { "description": "The VPC Peering Connection data source provides details about\na specific VPC peering connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst pc = aws.ec2.getVpcPeeringConnection({\n vpcId: foo.id,\n peerCidrBlock: \"10.0.1.0/22\",\n});\n// Create a route table\nconst rt = new aws.ec2.RouteTable(\"rt\", {vpcId: foo.id});\n// Create a route\nconst r = new aws.ec2.Route(\"r\", {\n routeTableId: rt.id,\n destinationCidrBlock: pc.then(pc =\u003e pc.peerCidrBlock),\n vpcPeeringConnectionId: pc.then(pc =\u003e pc.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\npc = aws.ec2.get_vpc_peering_connection(vpc_id=foo[\"id\"],\n peer_cidr_block=\"10.0.1.0/22\")\n# Create a route table\nrt = aws.ec2.RouteTable(\"rt\", vpc_id=foo[\"id\"])\n# Create a route\nr = aws.ec2.Route(\"r\",\n route_table_id=rt.id,\n destination_cidr_block=pc.peer_cidr_block,\n vpc_peering_connection_id=pc.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var pc = Aws.Ec2.GetVpcPeeringConnection.Invoke(new()\n {\n VpcId = foo.Id,\n PeerCidrBlock = \"10.0.1.0/22\",\n });\n\n // Create a route table\n var rt = new Aws.Ec2.RouteTable(\"rt\", new()\n {\n VpcId = foo.Id,\n });\n\n // Create a route\n var r = new Aws.Ec2.Route(\"r\", new()\n {\n RouteTableId = rt.Id,\n DestinationCidrBlock = pc.Apply(getVpcPeeringConnectionResult =\u003e getVpcPeeringConnectionResult.PeerCidrBlock),\n VpcPeeringConnectionId = pc.Apply(getVpcPeeringConnectionResult =\u003e getVpcPeeringConnectionResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Declare the data source\n\t\tpc, err := ec2.LookupVpcPeeringConnection(ctx, \u0026ec2.LookupVpcPeeringConnectionArgs{\n\t\t\tVpcId: pulumi.StringRef(foo.Id),\n\t\t\tPeerCidrBlock: pulumi.StringRef(\"10.0.1.0/22\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a route table\n\t\trt, err := ec2.NewRouteTable(ctx, \"rt\", \u0026ec2.RouteTableArgs{\n\t\t\tVpcId: pulumi.Any(foo.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a route\n\t\t_, err = ec2.NewRoute(ctx, \"r\", \u0026ec2.RouteArgs{\n\t\t\tRouteTableId: rt.ID(),\n\t\t\tDestinationCidrBlock: pulumi.String(pc.PeerCidrBlock),\n\t\t\tVpcPeeringConnectionId: pulumi.String(pc.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcPeeringConnectionArgs;\nimport com.pulumi.aws.ec2.RouteTable;\nimport com.pulumi.aws.ec2.RouteTableArgs;\nimport com.pulumi.aws.ec2.Route;\nimport com.pulumi.aws.ec2.RouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Declare the data source\n final var pc = Ec2Functions.getVpcPeeringConnection(GetVpcPeeringConnectionArgs.builder()\n .vpcId(foo.id())\n .peerCidrBlock(\"10.0.1.0/22\")\n .build());\n\n // Create a route table\n var rt = new RouteTable(\"rt\", RouteTableArgs.builder()\n .vpcId(foo.id())\n .build());\n\n // Create a route\n var r = new Route(\"r\", RouteArgs.builder()\n .routeTableId(rt.id())\n .destinationCidrBlock(pc.applyValue(getVpcPeeringConnectionResult -\u003e getVpcPeeringConnectionResult.peerCidrBlock()))\n .vpcPeeringConnectionId(pc.applyValue(getVpcPeeringConnectionResult -\u003e getVpcPeeringConnectionResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a route table\n rt:\n type: aws:ec2:RouteTable\n properties:\n vpcId: ${foo.id}\n # Create a route\n r:\n type: aws:ec2:Route\n properties:\n routeTableId: ${rt.id}\n destinationCidrBlock: ${pc.peerCidrBlock}\n vpcPeeringConnectionId: ${pc.id}\nvariables:\n # Declare the data source\n pc:\n fn::invoke:\n Function: aws:ec2:getVpcPeeringConnection\n Arguments:\n vpcId: ${foo.id}\n peerCidrBlock: 10.0.1.0/22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcPeeringConnection.\n", "properties": { "cidrBlock": { "type": "string", "description": "Primary CIDR block of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the specific VPC Peering Connection to retrieve.\n" }, "ownerId": { "type": "string", "description": "AWS account ID of the owner of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerCidrBlock": { "type": "string", "description": "Primary CIDR block of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerOwnerId": { "type": "string", "description": "AWS account ID of the owner of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerRegion": { "type": "string", "description": "Region of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "peerVpcId": { "type": "string", "description": "ID of the accepter VPC of the specific VPC Peering Connection to retrieve.\n" }, "region": { "type": "string", "description": "Region of the requester VPC of the specific VPC Peering Connection to retrieve.\n" }, "status": { "type": "string", "description": "Status of the specific VPC Peering Connection to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired VPC Peering Connection.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "vpcId": { "type": "string", "description": "ID of the requester VPC of the specific VPC Peering Connection to retrieve.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcPeeringConnection.\n", "properties": { "accepter": { "additionalProperties": { "type": "boolean" }, "description": "Configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC.\n", "type": "object" }, "cidrBlock": { "description": "CIDR block associated to the VPC of the specific VPC Peering Connection.\n", "type": "string" }, "cidrBlockSets": { "description": "List of objects with IPv4 CIDR blocks of the requester VPC.\n", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionCidrBlockSet:getVpcPeeringConnectionCidrBlockSet" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionFilter:getVpcPeeringConnectionFilter" }, "type": "array" }, "id": { "type": "string" }, "ipv6CidrBlockSets": { "description": "List of objects with IPv6 CIDR blocks of the requester VPC.\n", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionIpv6CidrBlockSet:getVpcPeeringConnectionIpv6CidrBlockSet" }, "type": "array" }, "ownerId": { "type": "string" }, "peerCidrBlock": { "type": "string" }, "peerCidrBlockSets": { "description": "List of objects with IPv4 CIDR blocks of the accepter VPC.\n", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionPeerCidrBlockSet:getVpcPeeringConnectionPeerCidrBlockSet" }, "type": "array" }, "peerIpv6CidrBlockSets": { "description": "List of objects with IPv6 CIDR blocks of the accepter VPC.\n", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionPeerIpv6CidrBlockSet:getVpcPeeringConnectionPeerIpv6CidrBlockSet" }, "type": "array" }, "peerOwnerId": { "type": "string" }, "peerRegion": { "type": "string" }, "peerVpcId": { "type": "string" }, "region": { "type": "string" }, "requester": { "additionalProperties": { "type": "boolean" }, "description": "Configuration block that describes [VPC Peering Connection]\n(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC.\n", "type": "object" }, "status": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" } }, "required": [ "accepter", "cidrBlock", "cidrBlockSets", "id", "ipv6CidrBlockSets", "ownerId", "peerCidrBlock", "peerCidrBlockSets", "peerIpv6CidrBlockSets", "peerOwnerId", "peerRegion", "peerVpcId", "region", "requester", "status", "tags", "vpcId" ], "type": "object" } }, "aws:ec2/getVpcPeeringConnections:getVpcPeeringConnections": { "description": "Use this data source to get IDs of Amazon VPC peering connections\nTo get more details on each connection, use the data resource aws.ec2.VpcPeeringConnection\n\nNote: To use this data source in a count, the resources should exist before trying to access\nthe data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst pcs = aws.ec2.getVpcPeeringConnections({\n filters: [{\n name: \"requester-vpc-info.vpc-id\",\n values: [foo.id],\n }],\n});\n// get the details of each resource\nconst pc = .map(__index =\u003e (aws.ec2.getVpcPeeringConnection({\n id: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\npcs = aws.ec2.get_vpc_peering_connections(filters=[{\n \"name\": \"requester-vpc-info.vpc-id\",\n \"values\": [foo[\"id\"]],\n}])\n# get the details of each resource\npc = [aws.ec2.get_vpc_peering_connection(id=pcs.ids[__index]) for __index in range(len(pcs.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var pcs = Aws.Ec2.GetVpcPeeringConnections.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpcPeeringConnectionsFilterInputArgs\n {\n Name = \"requester-vpc-info.vpc-id\",\n Values = new[]\n {\n foo.Id,\n },\n },\n },\n });\n\n // get the details of each resource\n var pc = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcPeeringConnections.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionsFilter:getVpcPeeringConnectionsFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired VPC Peering Connection.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcPeeringConnections.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcPeeringConnectionsFilter:getVpcPeeringConnectionsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the VPC Peering Connections.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getVpcs:getVpcs": { "description": "This resource can be useful for getting back a list of VPC Ids for a region.\n\nThe following example retrieves a list of VPC Ids with a custom tag of `service` set to a value of \"production\".\n\n## Example Usage\n\nThe following shows outputting all VPC Ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const foo = await aws.ec2.getVpcs({\n tags: {\n service: \"production\",\n },\n });\n return {\n foo: foo.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_vpcs(tags={\n \"service\": \"production\",\n})\npulumi.export(\"foo\", foo.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ec2.GetVpcs.Invoke(new()\n {\n Tags = \n {\n { \"service\", \"production\" },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = foo.Apply(getVpcsResult =\u003e getVpcsResult.Ids),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.GetVpcs(ctx, \u0026ec2.GetVpcsArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"service\": \"production\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"foo\", foo.Ids)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = Ec2Functions.getVpcs(GetVpcsArgs.builder()\n .tags(Map.of(\"service\", \"production\"))\n .build());\n\n ctx.export(\"foo\", foo.applyValue(getVpcsResult -\u003e getVpcsResult.ids()));\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ec2:getVpcs\n Arguments:\n tags:\n service: production\noutputs:\n foo: ${foo.ids}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAn example use case would be interpolate the `aws.ec2.getVpcs` output into `count` of an aws.ec2.FlowLog resource.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const foo = await aws.ec2.getVpcs({});\n const fooGetVpc = .map(__index =\u003e (await aws.ec2.getVpc({\n id: foo.ids[__index],\n })));\n const testFlowLog: aws.ec2.FlowLog[] = [];\n for (const range = {value: 0}; range.value \u003c foo.ids.length; range.value++) {\n testFlowLog.push(new aws.ec2.FlowLog(`test_flow_log-${range.value}`, {vpcId: fooGetVpc[range.value].id}));\n }\n return {\n foo: foo.ids,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.get_vpcs()\nfoo_get_vpc = [aws.ec2.get_vpc(id=foo.ids[__index]) for __index in range(len(foo.ids))]\ntest_flow_log = []\nfor range in [{\"value\": i} for i in range(0, len(foo.ids))]:\n test_flow_log.append(aws.ec2.FlowLog(f\"test_flow_log-{range['value']}\", vpc_id=foo_get_vpc[range[\"value\"]].id))\npulumi.export(\"foo\", foo.ids)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Threading.Tasks;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(async() =\u003e \n{\n var foo = await Aws.Ec2.GetVpcs.InvokeAsync();\n\n var fooGetVpc = ;\n\n var testFlowLog = new List\u003cAws.Ec2.FlowLog\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c foo.Ids.Length; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n testFlowLog.Add(new Aws.Ec2.FlowLog($\"test_flow_log-{range.Value}\", new()\n {\n VpcId = fooGetVpc[range.Value].Id,\n }));\n }\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = foo.Ids,\n };\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcs.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpcsFilter:getVpcsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired vpcs.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcs.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2/getVpcsFilter:getVpcsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the VPC Ids found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2/getVpnGateway:getVpnGateway": { "description": "The VPN Gateway data source provides details about\na specific VPN gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.ec2.getVpnGateway({\n filters: [{\n name: \"tag:Name\",\n values: [\"vpn-gw\"],\n }],\n});\nexport const vpnGatewayId = selected.then(selected =\u003e selected.id);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.ec2.get_vpn_gateway(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"vpn-gw\"],\n}])\npulumi.export(\"vpnGatewayId\", selected.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Ec2.GetVpnGateway.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetVpnGatewayFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"vpn-gw\",\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"vpnGatewayId\"] = selected.Apply(getVpnGatewayResult =\u003e getVpnGatewayResult.Id),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := ec2.LookupVpnGateway(ctx, \u0026ec2.LookupVpnGatewayArgs{\n\t\t\tFilters: []ec2.GetVpnGatewayFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"vpn-gw\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"vpnGatewayId\", selected.Id)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpnGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Ec2Functions.getVpnGateway(GetVpnGatewayArgs.builder()\n .filters(GetVpnGatewayFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"vpn-gw\")\n .build())\n .build());\n\n ctx.export(\"vpnGatewayId\", selected.applyValue(getVpnGatewayResult -\u003e getVpnGatewayResult.id()));\n }\n}\n```\n```yaml\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getVpnGateway\n Arguments:\n filters:\n - name: tag:Name\n values:\n - vpn-gw\noutputs:\n vpnGatewayId: ${selected.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpnGateway.\n", "properties": { "amazonSideAsn": { "type": "string", "description": "Autonomous System Number (ASN) for the Amazon side of the specific VPN Gateway to retrieve.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "attachedVpcId": { "type": "string", "description": "ID of a VPC attached to the specific VPN Gateway to retrieve.\n" }, "availabilityZone": { "type": "string", "description": "Availability Zone of the specific VPN Gateway to retrieve.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter" }, "description": "Custom filter block as described below.\n" }, "id": { "type": "string", "description": "ID of the specific VPN Gateway to retrieve.\n" }, "state": { "type": "string", "description": "State of the specific VPN Gateway to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired VPN Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpnGateway.\n", "properties": { "amazonSideAsn": { "type": "string" }, "arn": { "type": "string" }, "attachedVpcId": { "type": "string" }, "availabilityZone": { "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2/getVpnGatewayFilter:getVpnGatewayFilter" }, "type": "array" }, "id": { "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "amazonSideAsn", "arn", "attachedVpcId", "availabilityZone", "id", "state", "tags" ], "type": "object" } }, "aws:ec2clientvpn/getEndpoint:getEndpoint": { "description": "Get information on an EC2 Client VPN endpoint.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2clientvpn.getEndpoint({\n filters: [{\n name: \"tag:Name\",\n values: [\"ExampleVpn\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.get_endpoint(filters=[{\n \"name\": \"tag:Name\",\n \"values\": [\"ExampleVpn\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2ClientVpn.GetEndpoint.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2ClientVpn.Inputs.GetEndpointFilterInputArgs\n {\n Name = \"tag:Name\",\n Values = new[]\n {\n \"ExampleVpn\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2clientvpn.LookupEndpoint(ctx, \u0026ec2clientvpn.LookupEndpointArgs{\n\t\t\tFilters: []ec2clientvpn.GetEndpointFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"tag:Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"ExampleVpn\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.Ec2clientvpnFunctions;\nimport com.pulumi.aws.ec2clientvpn.inputs.GetEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2clientvpnFunctions.getEndpoint(GetEndpointArgs.builder()\n .filters(GetEndpointFilterArgs.builder()\n .name(\"tag:Name\")\n .values(\"ExampleVpn\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2clientvpn:getEndpoint\n Arguments:\n filters:\n - name: tag:Name\n values:\n - ExampleVpn\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2clientvpn.getEndpoint({\n clientVpnEndpointId: \"cvpn-endpoint-083cf50d6eb314f21\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2clientvpn.get_endpoint(client_vpn_endpoint_id=\"cvpn-endpoint-083cf50d6eb314f21\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2ClientVpn.GetEndpoint.Invoke(new()\n {\n ClientVpnEndpointId = \"cvpn-endpoint-083cf50d6eb314f21\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2clientvpn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2clientvpn.LookupEndpoint(ctx, \u0026ec2clientvpn.LookupEndpointArgs{\n\t\t\tClientVpnEndpointId: pulumi.StringRef(\"cvpn-endpoint-083cf50d6eb314f21\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2clientvpn.Ec2clientvpnFunctions;\nimport com.pulumi.aws.ec2clientvpn.inputs.GetEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2clientvpnFunctions.getEndpoint(GetEndpointArgs.builder()\n .clientVpnEndpointId(\"cvpn-endpoint-083cf50d6eb314f21\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2clientvpn:getEndpoint\n Arguments:\n clientVpnEndpointId: cvpn-endpoint-083cf50d6eb314f21\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEndpoint.\n", "properties": { "clientVpnEndpointId": { "type": "string", "description": "ID of the Client VPN endpoint.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointFilter:getEndpointFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired endpoint.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEndpoint.\n", "properties": { "arn": { "description": "The ARN of the Client VPN endpoint.\n", "type": "string" }, "authenticationOptions": { "description": "Information about the authentication method used by the Client VPN endpoint.\n", "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointAuthenticationOption:getEndpointAuthenticationOption" }, "type": "array" }, "clientCidrBlock": { "description": "IPv4 address range, in CIDR notation, from which client IP addresses are assigned.\n", "type": "string" }, "clientConnectOptions": { "description": "The options for managing connection authorization for new client connections.\n", "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointClientConnectOption:getEndpointClientConnectOption" }, "type": "array" }, "clientLoginBannerOptions": { "description": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n", "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointClientLoginBannerOption:getEndpointClientLoginBannerOption" }, "type": "array" }, "clientVpnEndpointId": { "type": "string" }, "connectionLogOptions": { "description": "Information about the client connection logging options for the Client VPN endpoint.\n", "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointConnectionLogOption:getEndpointConnectionLogOption" }, "type": "array" }, "description": { "description": "Brief description of the endpoint.\n", "type": "string" }, "dnsName": { "description": "DNS name to be used by clients when connecting to the Client VPN endpoint.\n", "type": "string" }, "dnsServers": { "description": "Information about the DNS servers to be used for DNS resolution.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2clientvpn/getEndpointFilter:getEndpointFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "securityGroupIds": { "description": "IDs of the security groups for the target network associated with the Client VPN endpoint.\n", "items": { "type": "string" }, "type": "array" }, "selfServicePortal": { "description": "Whether the self-service portal for the Client VPN endpoint is enabled.\n", "type": "string" }, "selfServicePortalUrl": { "description": "The URL of the self-service portal.\n", "type": "string" }, "serverCertificateArn": { "description": "The ARN of the server certificate.\n", "type": "string" }, "sessionTimeoutHours": { "description": "The maximum VPN session duration time in hours.\n", "type": "integer" }, "splitTunnel": { "description": "Whether split-tunnel is enabled in the AWS Client VPN endpoint.\n", "type": "boolean" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "transportProtocol": { "description": "Transport protocol used by the Client VPN endpoint.\n", "type": "string" }, "vpcId": { "description": "ID of the VPC associated with the Client VPN endpoint.\n", "type": "string" }, "vpnPort": { "description": "Port number for the Client VPN endpoint.\n", "type": "integer" } }, "required": [ "arn", "authenticationOptions", "clientCidrBlock", "clientConnectOptions", "clientLoginBannerOptions", "clientVpnEndpointId", "connectionLogOptions", "description", "dnsName", "dnsServers", "securityGroupIds", "selfServicePortal", "selfServicePortalUrl", "serverCertificateArn", "sessionTimeoutHours", "splitTunnel", "tags", "transportProtocol", "vpcId", "vpnPort", "id" ], "type": "object" } }, "aws:ec2transitgateway/getAttachment:getAttachment": { "description": "Get information on an EC2 Transit Gateway's attachment to a resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getAttachment({\n filters: [\n {\n name: \"transit-gateway-id\",\n values: [exampleAwsEc2TransitGateway.id],\n },\n {\n name: \"resource-type\",\n values: [\"peering\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_attachment(filters=[\n {\n \"name\": \"transit-gateway-id\",\n \"values\": [example_aws_ec2_transit_gateway[\"id\"]],\n },\n {\n \"name\": \"resource-type\",\n \"values\": [\"peering\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetAttachment.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetAttachmentFilterInputArgs\n {\n Name = \"transit-gateway-id\",\n Values = new[]\n {\n exampleAwsEc2TransitGateway.Id,\n },\n },\n new Aws.Ec2TransitGateway.Inputs.GetAttachmentFilterInputArgs\n {\n Name = \"resource-type\",\n Values = new[]\n {\n \"peering\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := ec2transitgateway.GetAttachment(ctx, \u0026ec2transitgateway.GetAttachmentArgs{\nFilters: []ec2transitgateway.GetAttachmentFilter{\n{\nName: \"transit-gateway-id\",\nValues: interface{}{\nexampleAwsEc2TransitGateway.Id,\n},\n},\n{\nName: \"resource-type\",\nValues: []string{\n\"peering\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getAttachment(GetAttachmentArgs.builder()\n .filters( \n GetAttachmentFilterArgs.builder()\n .name(\"transit-gateway-id\")\n .values(exampleAwsEc2TransitGateway.id())\n .build(),\n GetAttachmentFilterArgs.builder()\n .name(\"resource-type\")\n .values(\"peering\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getAttachment\n Arguments:\n filters:\n - name: transit-gateway-id\n values:\n - ${exampleAwsEc2TransitGateway.id}\n - name: resource-type\n values:\n - peering\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getAttachmentFilter:getAttachmentFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment.\n" }, "transitGatewayAttachmentId": { "type": "string", "description": "ID of the attachment.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAttachment.\n", "properties": { "arn": { "description": "ARN of the attachment.\n", "type": "string" }, "associationState": { "description": "The state of the association (see [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TransitGatewayAttachmentAssociation.html) for valid values).\n", "type": "string" }, "associationTransitGatewayRouteTableId": { "description": "The ID of the route table for the transit gateway.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getAttachmentFilter:getAttachmentFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "resourceId": { "description": "ID of the resource.\n", "type": "string" }, "resourceOwnerId": { "description": "ID of the AWS account that owns the resource.\n", "type": "string" }, "resourceType": { "description": "Resource type.\n", "type": "string" }, "state": { "description": "Attachment state.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the attachment.\n", "type": "object" }, "transitGatewayAttachmentId": { "type": "string" }, "transitGatewayId": { "description": "ID of the transit gateway.\n", "type": "string" }, "transitGatewayOwnerId": { "description": "The ID of the AWS account that owns the transit gateway.\n", "type": "string" } }, "required": [ "arn", "associationState", "associationTransitGatewayRouteTableId", "resourceId", "resourceOwnerId", "resourceType", "state", "tags", "transitGatewayAttachmentId", "transitGatewayId", "transitGatewayOwnerId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getAttachments:getAttachments": { "description": "Get information on EC2 Transit Gateway Attachments.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filtered = aws.ec2transitgateway.getAttachments({\n filters: [\n {\n name: \"state\",\n values: [\"pendingAcceptance\"],\n },\n {\n name: \"resource-type\",\n values: [\"vpc\"],\n },\n ],\n});\nconst unit = .map(__index =\u003e (aws.ec2transitgateway.getAttachment({\n transitGatewayAttachmentId: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfiltered = aws.ec2transitgateway.get_attachments(filters=[\n {\n \"name\": \"state\",\n \"values\": [\"pendingAcceptance\"],\n },\n {\n \"name\": \"resource-type\",\n \"values\": [\"vpc\"],\n },\n])\nunit = [aws.ec2transitgateway.get_attachment(transit_gateway_attachment_id=filtered.ids[__index]) for __index in range(len(filtered.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filtered = Aws.Ec2TransitGateway.GetAttachments.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetAttachmentsFilterInputArgs\n {\n Name = \"state\",\n Values = new[]\n {\n \"pendingAcceptance\",\n },\n },\n new Aws.Ec2TransitGateway.Inputs.GetAttachmentsFilterInputArgs\n {\n Name = \"resource-type\",\n Values = new[]\n {\n \"vpc\",\n },\n },\n },\n });\n\n var unit = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAttachments.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getAttachmentsFilter:getAttachmentsFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAttachments.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getAttachmentsFilter:getAttachmentsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "A list of all attachments ids matching the filter. You can retrieve more information about the attachment using the [aws.ec2transitgateway.getAttachment][2] data source, searching by identifier.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "tags", "id" ], "type": "object" } }, "aws:ec2transitgateway/getConnect:getConnect": { "description": "Get information on an EC2 Transit Gateway Connect.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getConnect({\n filters: [{\n name: \"transport-transit-gateway-attachment-id\",\n values: [\"tgw-attach-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_connect(filters=[{\n \"name\": \"transport-transit-gateway-attachment-id\",\n \"values\": [\"tgw-attach-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetConnect.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetConnectFilterInputArgs\n {\n Name = \"transport-transit-gateway-attachment-id\",\n Values = new[]\n {\n \"tgw-attach-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupConnect(ctx, \u0026ec2transitgateway.LookupConnectArgs{\n\t\t\tFilters: []ec2transitgateway.GetConnectFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"transport-transit-gateway-attachment-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-attach-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetConnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getConnect(GetConnectArgs.builder()\n .filters(GetConnectFilterArgs.builder()\n .name(\"transport-transit-gateway-attachment-id\")\n .values(\"tgw-attach-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getConnect\n Arguments:\n filters:\n - name: transport-transit-gateway-attachment-id\n values:\n - tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getConnect({\n transitGatewayConnectId: \"tgw-attach-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_connect(transit_gateway_connect_id=\"tgw-attach-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetConnect.Invoke(new()\n {\n TransitGatewayConnectId = \"tgw-attach-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupConnect(ctx, \u0026ec2transitgateway.LookupConnectArgs{\n\t\t\tTransitGatewayConnectId: pulumi.StringRef(\"tgw-attach-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetConnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getConnect(GetConnectArgs.builder()\n .transitGatewayConnectId(\"tgw-attach-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getConnect\n Arguments:\n transitGatewayConnectId: tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnect.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getConnectFilter:getConnectFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect\n" }, "transitGatewayConnectId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Connect.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getConnect.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getConnectFilter:getConnectFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "protocol": { "description": "Tunnel protocol\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect\n", "type": "object" }, "transitGatewayConnectId": { "type": "string" }, "transitGatewayId": { "description": "EC2 Transit Gateway identifier\n", "type": "string" }, "transportAttachmentId": { "description": "The underlaying VPC attachment\n", "type": "string" } }, "required": [ "protocol", "tags", "transitGatewayConnectId", "transitGatewayId", "transportAttachmentId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getConnectPeer:getConnectPeer": { "description": "Get information on an EC2 Transit Gateway Connect Peer.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getConnectPeer({\n filters: [{\n name: \"transit-gateway-attachment-id\",\n values: [\"tgw-attach-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_connect_peer(filters=[{\n \"name\": \"transit-gateway-attachment-id\",\n \"values\": [\"tgw-attach-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetConnectPeer.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetConnectPeerFilterInputArgs\n {\n Name = \"transit-gateway-attachment-id\",\n Values = new[]\n {\n \"tgw-attach-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupConnectPeer(ctx, \u0026ec2transitgateway.LookupConnectPeerArgs{\n\t\t\tFilters: []ec2transitgateway.GetConnectPeerFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"transit-gateway-attachment-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-attach-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetConnectPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getConnectPeer(GetConnectPeerArgs.builder()\n .filters(GetConnectPeerFilterArgs.builder()\n .name(\"transit-gateway-attachment-id\")\n .values(\"tgw-attach-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getConnectPeer\n Arguments:\n filters:\n - name: transit-gateway-attachment-id\n values:\n - tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getConnectPeer({\n transitGatewayConnectPeerId: \"tgw-connect-peer-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_connect_peer(transit_gateway_connect_peer_id=\"tgw-connect-peer-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetConnectPeer.Invoke(new()\n {\n TransitGatewayConnectPeerId = \"tgw-connect-peer-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupConnectPeer(ctx, \u0026ec2transitgateway.LookupConnectPeerArgs{\n\t\t\tTransitGatewayConnectPeerId: pulumi.StringRef(\"tgw-connect-peer-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetConnectPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getConnectPeer(GetConnectPeerArgs.builder()\n .transitGatewayConnectPeerId(\"tgw-connect-peer-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getConnectPeer\n Arguments:\n transitGatewayConnectPeerId: tgw-connect-peer-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnectPeer.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getConnectPeerFilter:getConnectPeerFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect Peer\n" }, "transitGatewayConnectPeerId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Connect Peer.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getConnectPeer.\n", "properties": { "arn": { "description": "EC2 Transit Gateway Connect Peer ARN\n", "type": "string" }, "bgpAsn": { "description": "BGP ASN number assigned customer device\n", "type": "string" }, "bgpPeerAddress": { "description": "The IP address assigned to customer device, which is used as BGP IP address.\n", "type": "string" }, "bgpTransitGatewayAddresses": { "description": "The IP addresses assigned to Transit Gateway, which are used as BGP IP addresses.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getConnectPeerFilter:getConnectPeerFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "insideCidrBlocks": { "description": "CIDR blocks that will be used for addressing within the tunnel.\n", "items": { "type": "string" }, "type": "array" }, "peerAddress": { "description": "IP addressed assigned to customer device, which is used as tunnel endpoint\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Connect Peer\n", "type": "object" }, "transitGatewayAddress": { "description": "The IP address assigned to Transit Gateway, which is used as tunnel endpoint.\n", "type": "string" }, "transitGatewayAttachmentId": { "description": "The Transit Gateway Connect\n", "type": "string" }, "transitGatewayConnectPeerId": { "type": "string" } }, "required": [ "arn", "bgpAsn", "bgpPeerAddress", "bgpTransitGatewayAddresses", "insideCidrBlocks", "peerAddress", "tags", "transitGatewayAddress", "transitGatewayAttachmentId", "transitGatewayConnectPeerId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getDirectConnectGatewayAttachment:getDirectConnectGatewayAttachment": { "description": "Get information on an EC2 Transit Gateway's attachment to a Direct Connect Gateway.\n\n## Example Usage\n\n### By Transit Gateway and Direct Connect Gateway Identifiers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getDirectConnectGatewayAttachment({\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n dxGatewayId: exampleAwsDxGateway.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_direct_connect_gateway_attachment(transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"],\n dx_gateway_id=example_aws_dx_gateway[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetDirectConnectGatewayAttachment.Invoke(new()\n {\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n DxGatewayId = exampleAwsDxGateway.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetDirectConnectGatewayAttachment(ctx, \u0026ec2transitgateway.GetDirectConnectGatewayAttachmentArgs{\n\t\t\tTransitGatewayId: pulumi.StringRef(exampleAwsEc2TransitGateway.Id),\n\t\t\tDxGatewayId: pulumi.StringRef(exampleAwsDxGateway.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetDirectConnectGatewayAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getDirectConnectGatewayAttachment(GetDirectConnectGatewayAttachmentArgs.builder()\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .dxGatewayId(exampleAwsDxGateway.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getDirectConnectGatewayAttachment\n Arguments:\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n dxGatewayId: ${exampleAwsDxGateway.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDirectConnectGatewayAttachment.\n", "properties": { "dxGatewayId": { "type": "string", "description": "Identifier of the Direct Connect Gateway.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Transit Gateway Direct Connect Gateway Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDirectConnectGatewayAttachment.\n", "properties": { "dxGatewayId": { "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getDirectConnectGatewayAttachmentFilter:getDirectConnectGatewayAttachmentFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Attachment\n", "type": "object" }, "transitGatewayId": { "type": "string" } }, "required": [ "tags", "id" ], "type": "object" } }, "aws:ec2transitgateway/getMulticastDomain:getMulticastDomain": { "description": "Get information on an EC2 Transit Gateway Multicast Domain.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getMulticastDomain({\n filters: [{\n name: \"transit-gateway-multicast-domain-id\",\n values: [\"tgw-mcast-domain-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_multicast_domain(filters=[{\n \"name\": \"transit-gateway-multicast-domain-id\",\n \"values\": [\"tgw-mcast-domain-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetMulticastDomain.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetMulticastDomainFilterInputArgs\n {\n Name = \"transit-gateway-multicast-domain-id\",\n Values = new[]\n {\n \"tgw-mcast-domain-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupMulticastDomain(ctx, \u0026ec2transitgateway.LookupMulticastDomainArgs{\n\t\t\tFilters: []ec2transitgateway.GetMulticastDomainFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"transit-gateway-multicast-domain-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-mcast-domain-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetMulticastDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getMulticastDomain(GetMulticastDomainArgs.builder()\n .filters(GetMulticastDomainFilterArgs.builder()\n .name(\"transit-gateway-multicast-domain-id\")\n .values(\"tgw-mcast-domain-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getMulticastDomain\n Arguments:\n filters:\n - name: transit-gateway-multicast-domain-id\n values:\n - tgw-mcast-domain-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getMulticastDomain({\n transitGatewayMulticastDomainId: \"tgw-mcast-domain-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_multicast_domain(transit_gateway_multicast_domain_id=\"tgw-mcast-domain-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetMulticastDomain.Invoke(new()\n {\n TransitGatewayMulticastDomainId = \"tgw-mcast-domain-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupMulticastDomain(ctx, \u0026ec2transitgateway.LookupMulticastDomainArgs{\n\t\t\tTransitGatewayMulticastDomainId: pulumi.StringRef(\"tgw-mcast-domain-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetMulticastDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getMulticastDomain(GetMulticastDomainArgs.builder()\n .transitGatewayMulticastDomainId(\"tgw-mcast-domain-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getMulticastDomain\n Arguments:\n transitGatewayMulticastDomainId: tgw-mcast-domain-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMulticastDomain.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getMulticastDomainFilter:getMulticastDomainFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Multicast Domain.\n" }, "transitGatewayMulticastDomainId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Multicast Domain.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getMulticastDomain.\n", "properties": { "arn": { "description": "EC2 Transit Gateway Multicast Domain ARN.\n", "type": "string" }, "associations": { "description": "EC2 Transit Gateway Multicast Domain Associations\n", "items": { "$ref": "#/types/aws:ec2transitgateway/getMulticastDomainAssociation:getMulticastDomainAssociation" }, "type": "array" }, "autoAcceptSharedAssociations": { "description": "Whether to automatically accept cross-account subnet associations that are associated with the EC2 Transit Gateway Multicast Domain.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getMulticastDomainFilter:getMulticastDomainFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "igmpv2Support": { "description": "Whether to enable Internet Group Management Protocol (IGMP) version 2 for the EC2 Transit Gateway Multicast Domain.\n", "type": "string" }, "members": { "description": "EC2 Multicast Domain Group Members\n", "items": { "$ref": "#/types/aws:ec2transitgateway/getMulticastDomainMember:getMulticastDomainMember" }, "type": "array" }, "ownerId": { "description": "Identifier of the AWS account that owns the EC2 Transit Gateway Multicast Domain.\n", "type": "string" }, "sources": { "description": "EC2 Multicast Domain Group Sources\n", "items": { "$ref": "#/types/aws:ec2transitgateway/getMulticastDomainSource:getMulticastDomainSource" }, "type": "array" }, "state": { "type": "string" }, "staticSourcesSupport": { "description": "Whether to enable support for statically configuring multicast group sources for the EC2 Transit Gateway Multicast Domain.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Multicast Domain.\n", "type": "object" }, "transitGatewayAttachmentId": { "description": "The ID of the transit gateway attachment.\n", "type": "string" }, "transitGatewayId": { "description": "EC2 Transit Gateway identifier.\n", "type": "string" }, "transitGatewayMulticastDomainId": { "type": "string" } }, "required": [ "arn", "associations", "autoAcceptSharedAssociations", "igmpv2Support", "members", "ownerId", "sources", "state", "staticSourcesSupport", "tags", "transitGatewayAttachmentId", "transitGatewayId", "transitGatewayMulticastDomainId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getPeeringAttachment:getPeeringAttachment": { "description": "Get information on an EC2 Transit Gateway Peering Attachment.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getPeeringAttachment({\n filters: [{\n name: \"transit-gateway-attachment-id\",\n values: [\"tgw-attach-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_peering_attachment(filters=[{\n \"name\": \"transit-gateway-attachment-id\",\n \"values\": [\"tgw-attach-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetPeeringAttachment.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetPeeringAttachmentFilterInputArgs\n {\n Name = \"transit-gateway-attachment-id\",\n Values = new[]\n {\n \"tgw-attach-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupPeeringAttachment(ctx, \u0026ec2transitgateway.LookupPeeringAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetPeeringAttachmentFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"transit-gateway-attachment-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-attach-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetPeeringAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getPeeringAttachment(GetPeeringAttachmentArgs.builder()\n .filters(GetPeeringAttachmentFilterArgs.builder()\n .name(\"transit-gateway-attachment-id\")\n .values(\"tgw-attach-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getPeeringAttachment\n Arguments:\n filters:\n - name: transit-gateway-attachment-id\n values:\n - tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst attachment = aws.ec2transitgateway.getPeeringAttachment({\n id: \"tgw-attach-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nattachment = aws.ec2transitgateway.get_peering_attachment(id=\"tgw-attach-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var attachment = Aws.Ec2TransitGateway.GetPeeringAttachment.Invoke(new()\n {\n Id = \"tgw-attach-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupPeeringAttachment(ctx, \u0026ec2transitgateway.LookupPeeringAttachmentArgs{\n\t\t\tId: pulumi.StringRef(\"tgw-attach-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetPeeringAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var attachment = Ec2transitgatewayFunctions.getPeeringAttachment(GetPeeringAttachmentArgs.builder()\n .id(\"tgw-attach-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n attachment:\n fn::invoke:\n Function: aws:ec2transitgateway:getPeeringAttachment\n Arguments:\n id: tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPeeringAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Peering Attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the specific EC2 Transit Gateway Peering Attachment to retrieve.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPeeringAttachment.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentFilter:getPeeringAttachmentFilter" }, "type": "array" }, "id": { "type": "string" }, "peerAccountId": { "description": "Identifier of the peer AWS account\n", "type": "string" }, "peerRegion": { "description": "Identifier of the peer AWS region\n", "type": "string" }, "peerTransitGatewayId": { "description": "Identifier of the peer EC2 Transit Gateway\n", "type": "string" }, "state": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "transitGatewayId": { "description": "Identifier of the local EC2 Transit Gateway\n", "type": "string" } }, "required": [ "id", "peerAccountId", "peerRegion", "peerTransitGatewayId", "state", "tags", "transitGatewayId" ], "type": "object" } }, "aws:ec2transitgateway/getPeeringAttachments:getPeeringAttachments": { "description": "Get information on EC2 Transit Gateway Peering Attachments.\n\n## Example Usage\n\n### All Resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2transitgateway.getPeeringAttachments({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2transitgateway.get_peering_attachments()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2TransitGateway.GetPeeringAttachments.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetPeeringAttachments(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetPeeringAttachmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2transitgatewayFunctions.getPeeringAttachments();\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2transitgateway:getPeeringAttachments\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filtered = aws.ec2transitgateway.getPeeringAttachments({\n filters: [{\n name: \"state\",\n values: [\"pendingAcceptance\"],\n }],\n});\nconst unit = .map(__index =\u003e (aws.ec2transitgateway.getPeeringAttachment({\n id: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfiltered = aws.ec2transitgateway.get_peering_attachments(filters=[{\n \"name\": \"state\",\n \"values\": [\"pendingAcceptance\"],\n}])\nunit = [aws.ec2transitgateway.get_peering_attachment(id=filtered.ids[__index]) for __index in range(len(filtered.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filtered = Aws.Ec2TransitGateway.GetPeeringAttachments.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetPeeringAttachmentsFilterInputArgs\n {\n Name = \"state\",\n Values = new[]\n {\n \"pendingAcceptance\",\n },\n },\n },\n });\n\n var unit = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPeeringAttachments.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentsFilter:getPeeringAttachmentsFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPeeringAttachments.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getPeeringAttachmentsFilter:getPeeringAttachmentsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "A list of all attachments ids matching the filter. You can retrieve more information about the attachment using the [aws.ec2transitgateway.PeeringAttachment][2] data source, searching by identifier.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ec2transitgateway/getRouteTable:getRouteTable": { "description": "Get information on an EC2 Transit Gateway Route Table.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getRouteTable({\n filters: [\n {\n name: \"default-association-route-table\",\n values: [\"true\"],\n },\n {\n name: \"transit-gateway-id\",\n values: [\"tgw-12345678\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table(filters=[\n {\n \"name\": \"default-association-route-table\",\n \"values\": [\"true\"],\n },\n {\n \"name\": \"transit-gateway-id\",\n \"values\": [\"tgw-12345678\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetRouteTable.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetRouteTableFilterInputArgs\n {\n Name = \"default-association-route-table\",\n Values = new[]\n {\n \"true\",\n },\n },\n new Aws.Ec2TransitGateway.Inputs.GetRouteTableFilterInputArgs\n {\n Name = \"transit-gateway-id\",\n Values = new[]\n {\n \"tgw-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupRouteTable(ctx, \u0026ec2transitgateway.LookupRouteTableArgs{\n\t\t\tFilters: []ec2transitgateway.GetRouteTableFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"default-association-route-table\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"transit-gateway-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tgw-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetRouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getRouteTable(GetRouteTableArgs.builder()\n .filters( \n GetRouteTableFilterArgs.builder()\n .name(\"default-association-route-table\")\n .values(\"true\")\n .build(),\n GetRouteTableFilterArgs.builder()\n .name(\"transit-gateway-id\")\n .values(\"tgw-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getRouteTable\n Arguments:\n filters:\n - name: default-association-route-table\n values:\n - 'true'\n - name: transit-gateway-id\n values:\n - tgw-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getRouteTable({\n id: \"tgw-rtb-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table(id=\"tgw-rtb-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetRouteTable.Invoke(new()\n {\n Id = \"tgw-rtb-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupRouteTable(ctx, \u0026ec2transitgateway.LookupRouteTableArgs{\n\t\t\tId: pulumi.StringRef(\"tgw-rtb-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetRouteTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getRouteTable(GetRouteTableArgs.builder()\n .id(\"tgw-rtb-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getRouteTable\n Arguments:\n id: tgw-rtb-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteTable.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway Route Table.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRouteTable.\n", "properties": { "arn": { "description": "EC2 Transit Gateway Route Table ARN.\n", "type": "string" }, "defaultAssociationRouteTable": { "description": "Boolean whether this is the default association route table for the EC2 Transit Gateway\n", "type": "boolean" }, "defaultPropagationRouteTable": { "description": "Boolean whether this is the default propagation route table for the EC2 Transit Gateway\n", "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableFilter:getRouteTableFilter" }, "type": "array" }, "id": { "description": "EC2 Transit Gateway Route Table identifier\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway Route Table\n", "type": "object" }, "transitGatewayId": { "description": "EC2 Transit Gateway identifier\n", "type": "string" } }, "required": [ "arn", "defaultAssociationRouteTable", "defaultPropagationRouteTable", "id", "tags", "transitGatewayId" ], "type": "object" } }, "aws:ec2transitgateway/getRouteTableAssociations:getRouteTableAssociations": { "description": "Provides information for multiple EC2 Transit Gateway Route Table Associations, such as their identifiers.\n\n## Example Usage\n\n### By Transit Gateway Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getRouteTableAssociations({\n transitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table_associations(transit_gateway_route_table_id=example_aws_ec2_transit_gateway_route_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetRouteTableAssociations.Invoke(new()\n {\n TransitGatewayRouteTableId = exampleAwsEc2TransitGatewayRouteTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetRouteTableAssociations(ctx, \u0026ec2transitgateway.GetRouteTableAssociationsArgs{\n\t\t\tTransitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetRouteTableAssociationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getRouteTableAssociations(GetRouteTableAssociationsArgs.builder()\n .transitGatewayRouteTableId(exampleAwsEc2TransitGatewayRouteTable.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getRouteTableAssociations\n Arguments:\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGatewayRouteTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteTableAssociations.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableAssociationsFilter:getRouteTableAssociationsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "transitGatewayRouteTableId" ] }, "outputs": { "description": "A collection of values returned by getRouteTableAssociations.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableAssociationsFilter:getRouteTableAssociationsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of Transit Gateway Route Table Association identifiers.\n", "items": { "type": "string" }, "type": "array" }, "transitGatewayRouteTableId": { "type": "string" } }, "required": [ "ids", "transitGatewayRouteTableId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getRouteTablePropagations:getRouteTablePropagations": { "description": "Provides information for multiple EC2 Transit Gateway Route Table Propagations, such as their identifiers.\n\n## Example Usage\n\n### By Transit Gateway Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getRouteTablePropagations({\n transitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_route_table_propagations(transit_gateway_route_table_id=example_aws_ec2_transit_gateway_route_table[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetRouteTablePropagations.Invoke(new()\n {\n TransitGatewayRouteTableId = exampleAwsEc2TransitGatewayRouteTable.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetRouteTablePropagations(ctx, \u0026ec2transitgateway.GetRouteTablePropagationsArgs{\n\t\t\tTransitGatewayRouteTableId: exampleAwsEc2TransitGatewayRouteTable.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetRouteTablePropagationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getRouteTablePropagations(GetRouteTablePropagationsArgs.builder()\n .transitGatewayRouteTableId(exampleAwsEc2TransitGatewayRouteTable.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getRouteTablePropagations\n Arguments:\n transitGatewayRouteTableId: ${exampleAwsEc2TransitGatewayRouteTable.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteTablePropagations.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTablePropagationsFilter:getRouteTablePropagationsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "transitGatewayRouteTableId" ] }, "outputs": { "description": "A collection of values returned by getRouteTablePropagations.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTablePropagationsFilter:getRouteTablePropagationsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of Transit Gateway Route Table Association identifiers.\n", "items": { "type": "string" }, "type": "array" }, "transitGatewayRouteTableId": { "type": "string" } }, "required": [ "ids", "transitGatewayRouteTableId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getRouteTableRoutes:getRouteTableRoutes": { "description": "Provides informations for routes of a specific transit gateway, such as state, type, cidr\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2transitgateway.getRouteTableRoutes({\n filters: [{\n name: \"type\",\n values: [\"propagated\"],\n }],\n transitGatewayRouteTableId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2transitgateway.get_route_table_routes(filters=[{\n \"name\": \"type\",\n \"values\": [\"propagated\"],\n }],\n transit_gateway_route_table_id=example[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2TransitGateway.GetRouteTableRoutes.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetRouteTableRoutesFilterInputArgs\n {\n Name = \"type\",\n Values = new[]\n {\n \"propagated\",\n },\n },\n },\n TransitGatewayRouteTableId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetRouteTableRoutes(ctx, \u0026ec2transitgateway.GetRouteTableRoutesArgs{\n\t\t\tFilters: []ec2transitgateway.GetRouteTableRoutesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"type\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"propagated\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTransitGatewayRouteTableId: example.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetRouteTableRoutesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2transitgatewayFunctions.getRouteTableRoutes(GetRouteTableRoutesArgs.builder()\n .filters(GetRouteTableRoutesFilterArgs.builder()\n .name(\"type\")\n .values(\"propagated\")\n .build())\n .transitGatewayRouteTableId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2transitgateway:getRouteTableRoutes\n Arguments:\n filters:\n - name: type\n values:\n - propagated\n transitGatewayRouteTableId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n", "inputs": { "description": "A collection of arguments for invoking getRouteTableRoutes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableRoutesFilter:getRouteTableRoutesFilter" }, "description": "Custom filter block as described below.\n" }, "transitGatewayRouteTableId": { "type": "string", "description": "Identifier of EC2 Transit Gateway Route Table.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object", "required": [ "filters", "transitGatewayRouteTableId" ] }, "outputs": { "description": "A collection of values returned by getRouteTableRoutes.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableRoutesFilter:getRouteTableRoutesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "routes": { "description": "List of Transit Gateway Routes.\n", "items": { "$ref": "#/types/aws:ec2transitgateway/getRouteTableRoutesRoute:getRouteTableRoutesRoute" }, "type": "array" }, "transitGatewayRouteTableId": { "type": "string" } }, "required": [ "filters", "routes", "transitGatewayRouteTableId", "id" ], "type": "object" } }, "aws:ec2transitgateway/getTransitGateway:getTransitGateway": { "description": "Get information on an EC2 Transit Gateway.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getTransitGateway({\n filters: [{\n name: \"options.amazon-side-asn\",\n values: [\"64512\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_transit_gateway(filters=[{\n \"name\": \"options.amazon-side-asn\",\n \"values\": [\"64512\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetTransitGateway.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetTransitGatewayFilterInputArgs\n {\n Name = \"options.amazon-side-asn\",\n Values = new[]\n {\n \"64512\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupTransitGateway(ctx, \u0026ec2transitgateway.LookupTransitGatewayArgs{\n\t\t\tFilters: []ec2transitgateway.GetTransitGatewayFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"options.amazon-side-asn\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"64512\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetTransitGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getTransitGateway(GetTransitGatewayArgs.builder()\n .filters(GetTransitGatewayFilterArgs.builder()\n .name(\"options.amazon-side-asn\")\n .values(\"64512\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getTransitGateway\n Arguments:\n filters:\n - name: options.amazon-side-asn\n values:\n - '64512'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getTransitGateway({\n id: \"tgw-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_transit_gateway(id=\"tgw-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetTransitGateway.Invoke(new()\n {\n Id = \"tgw-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupTransitGateway(ctx, \u0026ec2transitgateway.LookupTransitGatewayArgs{\n\t\t\tId: pulumi.StringRef(\"tgw-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetTransitGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getTransitGateway(GetTransitGatewayArgs.builder()\n .id(\"tgw-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getTransitGateway\n Arguments:\n id: tgw-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTransitGateway.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTransitGateway.\n", "properties": { "amazonSideAsn": { "description": "Private Autonomous System Number (ASN) for the Amazon side of a BGP session\n", "type": "integer" }, "arn": { "description": "EC2 Transit Gateway ARN\n", "type": "string" }, "associationDefaultRouteTableId": { "description": "Identifier of the default association route table\n", "type": "string" }, "autoAcceptSharedAttachments": { "description": "Whether resource attachment requests are automatically accepted\n", "type": "string" }, "defaultRouteTableAssociation": { "description": "Whether resource attachments are automatically associated with the default association route table\n", "type": "string" }, "defaultRouteTablePropagation": { "description": "Whether resource attachments automatically propagate routes to the default propagation route table\n", "type": "string" }, "description": { "description": "Description of the EC2 Transit Gateway\n", "type": "string" }, "dnsSupport": { "description": "Whether DNS support is enabled\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getTransitGatewayFilter:getTransitGatewayFilter" }, "type": "array" }, "id": { "description": "EC2 Transit Gateway identifier\n", "type": "string" }, "multicastSupport": { "description": "Whether Multicast support is enabled\n", "type": "string" }, "ownerId": { "description": "Identifier of the AWS account that owns the EC2 Transit Gateway\n", "type": "string" }, "propagationDefaultRouteTableId": { "description": "Identifier of the default propagation route table\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway\n", "type": "object" }, "transitGatewayCidrBlocks": { "description": "The list of associated CIDR blocks\n", "items": { "type": "string" }, "type": "array" }, "vpnEcmpSupport": { "description": "Whether VPN Equal Cost Multipath Protocol support is enabled\n", "type": "string" } }, "required": [ "amazonSideAsn", "arn", "associationDefaultRouteTableId", "autoAcceptSharedAttachments", "defaultRouteTableAssociation", "defaultRouteTablePropagation", "description", "dnsSupport", "id", "multicastSupport", "ownerId", "propagationDefaultRouteTableId", "tags", "transitGatewayCidrBlocks", "vpnEcmpSupport" ], "type": "object" } }, "aws:ec2transitgateway/getVpcAttachment:getVpcAttachment": { "description": "Get information on an EC2 Transit Gateway VPC Attachment.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getVpcAttachment({\n filters: [{\n name: \"vpc-id\",\n values: [\"vpc-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpc_attachment(filters=[{\n \"name\": \"vpc-id\",\n \"values\": [\"vpc-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetVpcAttachment.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetVpcAttachmentFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n \"vpc-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupVpcAttachment(ctx, \u0026ec2transitgateway.LookupVpcAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetVpcAttachmentFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"vpc-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"vpc-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetVpcAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getVpcAttachment(GetVpcAttachmentArgs.builder()\n .filters(GetVpcAttachmentFilterArgs.builder()\n .name(\"vpc-id\")\n .values(\"vpc-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getVpcAttachment\n Arguments:\n filters:\n - name: vpc-id\n values:\n - vpc-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Identifier\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getVpcAttachment({\n id: \"tgw-attach-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpc_attachment(id=\"tgw-attach-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetVpcAttachment.Invoke(new()\n {\n Id = \"tgw-attach-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.LookupVpcAttachment(ctx, \u0026ec2transitgateway.LookupVpcAttachmentArgs{\n\t\t\tId: pulumi.StringRef(\"tgw-attach-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetVpcAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getVpcAttachment(GetVpcAttachmentArgs.builder()\n .id(\"tgw-attach-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getVpcAttachment\n Arguments:\n id: tgw-attach-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the EC2 Transit Gateway VPC Attachment.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcAttachment.\n", "properties": { "applianceModeSupport": { "description": "Whether Appliance Mode support is enabled.\n", "type": "string" }, "dnsSupport": { "description": "Whether DNS support is enabled.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentFilter:getVpcAttachmentFilter" }, "type": "array" }, "id": { "description": "EC2 Transit Gateway VPC Attachment identifier\n", "type": "string" }, "ipv6Support": { "description": "Whether IPv6 support is enabled.\n", "type": "string" }, "subnetIds": { "description": "Identifiers of EC2 Subnets.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPC Attachment\n", "type": "object" }, "transitGatewayId": { "description": "EC2 Transit Gateway identifier\n", "type": "string" }, "vpcId": { "description": "Identifier of EC2 VPC.\n", "type": "string" }, "vpcOwnerId": { "description": "Identifier of the AWS account that owns the EC2 VPC.\n", "type": "string" } }, "required": [ "applianceModeSupport", "dnsSupport", "id", "ipv6Support", "subnetIds", "tags", "transitGatewayId", "vpcId", "vpcOwnerId" ], "type": "object" } }, "aws:ec2transitgateway/getVpcAttachments:getVpcAttachments": { "description": "Get information on EC2 Transit Gateway VPC Attachments.\n\n## Example Usage\n\n### By Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst filtered = aws.ec2transitgateway.getVpcAttachments({\n filters: [{\n name: \"state\",\n values: [\"pendingAcceptance\"],\n }],\n});\nconst unit = .map(__index =\u003e (aws.ec2transitgateway.getVpcAttachment({\n id: _arg0_.ids[__index],\n})));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfiltered = aws.ec2transitgateway.get_vpc_attachments(filters=[{\n \"name\": \"state\",\n \"values\": [\"pendingAcceptance\"],\n}])\nunit = [aws.ec2transitgateway.get_vpc_attachment(id=filtered.ids[__index]) for __index in range(len(filtered.ids))]\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var filtered = Aws.Ec2TransitGateway.GetVpcAttachments.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetVpcAttachmentsFilterInputArgs\n {\n Name = \"state\",\n Values = new[]\n {\n \"pendingAcceptance\",\n },\n },\n },\n });\n\n var unit = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcAttachments.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentsFilter:getVpcAttachmentsFilter" }, "description": "One or more configuration blocks containing name-values filters. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpcAttachments.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getVpcAttachmentsFilter:getVpcAttachmentsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "A list of all attachments ids matching the filter. You can retrieve more information about the attachment using the [aws.ec2transitgateway.VpcAttachment][2] data source, searching by identifier.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ec2transitgateway/getVpnAttachment:getVpnAttachment": { "description": "Get information on an EC2 Transit Gateway VPN Attachment.\n\n\u003e EC2 Transit Gateway VPN Attachments are implicitly created by VPN Connections referencing an EC2 Transit Gateway so there is no managed resource. For ease, the `aws.ec2.VpnConnection` resource includes a `transit_gateway_attachment_id` attribute which can replace some usage of this data source. For tagging the attachment, see the `aws.ec2.Tag` resource.\n\n## Example Usage\n\n### By Transit Gateway and VPN Connection Identifiers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2transitgateway.getVpnAttachment({\n transitGatewayId: exampleAwsEc2TransitGateway.id,\n vpnConnectionId: exampleAwsVpnConnection.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2transitgateway.get_vpn_attachment(transit_gateway_id=example_aws_ec2_transit_gateway[\"id\"],\n vpn_connection_id=example_aws_vpn_connection[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2TransitGateway.GetVpnAttachment.Invoke(new()\n {\n TransitGatewayId = exampleAwsEc2TransitGateway.Id,\n VpnConnectionId = exampleAwsVpnConnection.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetVpnAttachment(ctx, \u0026ec2transitgateway.GetVpnAttachmentArgs{\n\t\t\tTransitGatewayId: pulumi.StringRef(exampleAwsEc2TransitGateway.Id),\n\t\t\tVpnConnectionId: pulumi.StringRef(exampleAwsVpnConnection.Id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetVpnAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2transitgatewayFunctions.getVpnAttachment(GetVpnAttachmentArgs.builder()\n .transitGatewayId(exampleAwsEc2TransitGateway.id())\n .vpnConnectionId(exampleAwsVpnConnection.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2transitgateway:getVpnAttachment\n Arguments:\n transitGatewayId: ${exampleAwsEc2TransitGateway.id}\n vpnConnectionId: ${exampleAwsVpnConnection.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ec2transitgateway.getVpnAttachment({\n filters: [{\n name: \"resource-id\",\n values: [\"some-resource\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ec2transitgateway.get_vpn_attachment(filters=[{\n \"name\": \"resource-id\",\n \"values\": [\"some-resource\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ec2TransitGateway.GetVpnAttachment.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2TransitGateway.Inputs.GetVpnAttachmentFilterInputArgs\n {\n Name = \"resource-id\",\n Values = new[]\n {\n \"some-resource\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2transitgateway.GetVpnAttachment(ctx, \u0026ec2transitgateway.GetVpnAttachmentArgs{\n\t\t\tFilters: []ec2transitgateway.GetVpnAttachmentFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"resource-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"some-resource\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2transitgateway.Ec2transitgatewayFunctions;\nimport com.pulumi.aws.ec2transitgateway.inputs.GetVpnAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = Ec2transitgatewayFunctions.getVpnAttachment(GetVpnAttachmentArgs.builder()\n .filters(GetVpnAttachmentFilterArgs.builder()\n .name(\"resource-id\")\n .values(\"some-resource\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ec2transitgateway:getVpnAttachment\n Arguments:\n filters:\n - name: resource-id\n values:\n - some-resource\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpnAttachment.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired Transit Gateway VPN Attachment.\n" }, "transitGatewayId": { "type": "string", "description": "Identifier of the EC2 Transit Gateway.\n" }, "vpnConnectionId": { "type": "string", "description": "Identifier of the EC2 VPN Connection.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVpnAttachment.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ec2transitgateway/getVpnAttachmentFilter:getVpnAttachmentFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the EC2 Transit Gateway VPN Attachment\n", "type": "object" }, "transitGatewayId": { "type": "string" }, "vpnConnectionId": { "type": "string" } }, "required": [ "tags", "id" ], "type": "object" } }, "aws:ecr/getAuthorizationToken:getAuthorizationToken": { "description": "The ECR Authorization Token data source allows the authorization token, proxy endpoint, token expiration date, user name and password to be retrieved for an ECR repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst token = aws.ecr.getAuthorizationToken({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntoken = aws.ecr.get_authorization_token()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var token = Aws.Ecr.GetAuthorizationToken.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.GetAuthorizationToken(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport com.pulumi.aws.ecr.inputs.GetAuthorizationTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var token = EcrFunctions.getAuthorizationToken();\n\n }\n}\n```\n```yaml\nvariables:\n token:\n fn::invoke:\n Function: aws:ecr:getAuthorizationToken\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAuthorizationToken.\n", "properties": { "registryId": { "type": "string", "description": "AWS account ID of the ECR Repository. If not specified the default account is assumed.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAuthorizationToken.\n", "properties": { "authorizationToken": { "description": "Temporary IAM authentication credentials to access the ECR repository encoded in base64 in the form of `user_name:password`.\n", "secret": true, "type": "string" }, "expiresAt": { "description": "Time in UTC RFC3339 format when the authorization token expires.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "password": { "description": "Password decoded from the authorization token.\n", "secret": true, "type": "string" }, "proxyEndpoint": { "description": "Registry URL to use in the docker login command.\n", "type": "string" }, "registryId": { "type": "string" }, "userName": { "description": "User name decoded from the authorization token.\n", "type": "string" } }, "required": [ "authorizationToken", "expiresAt", "password", "proxyEndpoint", "userName", "id" ], "type": "object" } }, "aws:ecr/getCredentials:getCredentials": { "inputs": { "description": "A collection of arguments for invoking getCredentials.\n", "properties": { "registryId": { "type": "string" } }, "type": "object", "required": [ "registryId" ] }, "outputs": { "description": "A collection of values returned by getCredentials.\n", "properties": { "authorizationToken": { "type": "string" }, "expiresAt": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "proxyEndpoint": { "type": "string" }, "registryId": { "type": "string" } }, "required": [ "authorizationToken", "expiresAt", "proxyEndpoint", "registryId", "id" ], "type": "object" } }, "aws:ecr/getImage:getImage": { "description": "The ECR Image data source allows the details of an image with a particular tag or digest to be retrieved.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceImage = aws.ecr.getImage({\n repositoryName: \"my/service\",\n imageTag: \"latest\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice_image = aws.ecr.get_image(repository_name=\"my/service\",\n image_tag=\"latest\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceImage = Aws.Ecr.GetImage.Invoke(new()\n {\n RepositoryName = \"my/service\",\n ImageTag = \"latest\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.GetImage(ctx, \u0026ecr.GetImageArgs{\n\t\t\tRepositoryName: \"my/service\",\n\t\t\tImageTag: pulumi.StringRef(\"latest\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport com.pulumi.aws.ecr.inputs.GetImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var serviceImage = EcrFunctions.getImage(GetImageArgs.builder()\n .repositoryName(\"my/service\")\n .imageTag(\"latest\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n serviceImage:\n fn::invoke:\n Function: aws:ecr:getImage\n Arguments:\n repositoryName: my/service\n imageTag: latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImage.\n", "properties": { "imageDigest": { "type": "string", "description": "Sha256 digest of the image manifest. At least one of `image_digest`, `image_tag`, or `most_recent` must be specified.\n" }, "imageTag": { "type": "string", "description": "Tag associated with this image. At least one of `image_digest`, `image_tag`, or `most_recent` must be specified.\n" }, "mostRecent": { "type": "boolean", "description": "Return the most recently pushed image. At least one of `image_digest`, `image_tag`, or `most_recent` must be specified.\n" }, "registryId": { "type": "string", "description": "ID of the Registry where the repository resides.\n" }, "repositoryName": { "type": "string", "description": "Name of the ECR Repository.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "outputs": { "description": "A collection of values returned by getImage.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageDigest": { "type": "string" }, "imagePushedAt": { "description": "Date and time, expressed as a unix timestamp, at which the current image was pushed to the repository.\n", "type": "integer" }, "imageSizeInBytes": { "description": "Size, in bytes, of the image in the repository.\n", "type": "integer" }, "imageTag": { "type": "string" }, "imageTags": { "description": "List of tags associated with this image.\n", "items": { "type": "string" }, "type": "array" }, "imageUri": { "description": "The URI for the specific image version specified by `image_tag` or `image_digest`.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "registryId": { "type": "string" }, "repositoryName": { "type": "string" } }, "required": [ "imageDigest", "imagePushedAt", "imageSizeInBytes", "imageTags", "imageUri", "registryId", "repositoryName", "id" ], "type": "object" } }, "aws:ecr/getLifecyclePolicyDocument:getLifecyclePolicyDocument": { "description": "Generates an ECR lifecycle policy document in JSON format. Can be used with resources such as the `aws.ecr.LifecyclePolicy` resource.\n\n\u003e For more information about building AWS ECR lifecycle policy documents, see the [AWS ECR Lifecycle Policy Document Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ecr.getLifecyclePolicyDocument({\n rules: [{\n priority: 1,\n description: \"This is a test.\",\n selection: {\n tagStatus: \"tagged\",\n tagPrefixLists: [\"prod\"],\n countType: \"imageCountMoreThan\",\n countNumber: 100,\n },\n }],\n});\nconst exampleLifecyclePolicy = new aws.ecr.LifecyclePolicy(\"example\", {\n repository: exampleAwsEcrRepository.name,\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecr.get_lifecycle_policy_document(rules=[{\n \"priority\": 1,\n \"description\": \"This is a test.\",\n \"selection\": {\n \"tag_status\": \"tagged\",\n \"tag_prefix_lists\": [\"prod\"],\n \"count_type\": \"imageCountMoreThan\",\n \"count_number\": 100,\n },\n}])\nexample_lifecycle_policy = aws.ecr.LifecyclePolicy(\"example\",\n repository=example_aws_ecr_repository[\"name\"],\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ecr.GetLifecyclePolicyDocument.Invoke(new()\n {\n Rules = new[]\n {\n new Aws.Ecr.Inputs.GetLifecyclePolicyDocumentRuleInputArgs\n {\n Priority = 1,\n Description = \"This is a test.\",\n Selection = new Aws.Ecr.Inputs.GetLifecyclePolicyDocumentRuleSelectionInputArgs\n {\n TagStatus = \"tagged\",\n TagPrefixLists = new[]\n {\n \"prod\",\n },\n CountType = \"imageCountMoreThan\",\n CountNumber = 100,\n },\n },\n },\n });\n\n var exampleLifecyclePolicy = new Aws.Ecr.LifecyclePolicy(\"example\", new()\n {\n Repository = exampleAwsEcrRepository.Name,\n Policy = example.Apply(getLifecyclePolicyDocumentResult =\u003e getLifecyclePolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ecr.GetLifecyclePolicyDocument(ctx, \u0026ecr.GetLifecyclePolicyDocumentArgs{\n\t\t\tRules: []ecr.GetLifecyclePolicyDocumentRule{\n\t\t\t\t{\n\t\t\t\t\tPriority: 1,\n\t\t\t\t\tDescription: pulumi.StringRef(\"This is a test.\"),\n\t\t\t\t\tSelection: {\n\t\t\t\t\t\tTagStatus: \"tagged\",\n\t\t\t\t\t\tTagPrefixLists: []string{\n\t\t\t\t\t\t\t\"prod\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\tCountType: \"imageCountMoreThan\",\n\t\t\t\t\t\tCountNumber: 100,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecr.NewLifecyclePolicy(ctx, \"example\", \u0026ecr.LifecyclePolicyArgs{\n\t\t\tRepository: pulumi.Any(exampleAwsEcrRepository.Name),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport com.pulumi.aws.ecr.inputs.GetLifecyclePolicyDocumentArgs;\nimport com.pulumi.aws.ecr.LifecyclePolicy;\nimport com.pulumi.aws.ecr.LifecyclePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EcrFunctions.getLifecyclePolicyDocument(GetLifecyclePolicyDocumentArgs.builder()\n .rules(GetLifecyclePolicyDocumentRuleArgs.builder()\n .priority(1)\n .description(\"This is a test.\")\n .selection(GetLifecyclePolicyDocumentRuleSelectionArgs.builder()\n .tagStatus(\"tagged\")\n .tagPrefixLists(\"prod\")\n .countType(\"imageCountMoreThan\")\n .countNumber(100)\n .build())\n .build())\n .build());\n\n var exampleLifecyclePolicy = new LifecyclePolicy(\"exampleLifecyclePolicy\", LifecyclePolicyArgs.builder()\n .repository(exampleAwsEcrRepository.name())\n .policy(example.applyValue(getLifecyclePolicyDocumentResult -\u003e getLifecyclePolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLifecyclePolicy:\n type: aws:ecr:LifecyclePolicy\n name: example\n properties:\n repository: ${exampleAwsEcrRepository.name}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:ecr:getLifecyclePolicyDocument\n Arguments:\n rules:\n - priority: 1\n description: This is a test.\n selection:\n tagStatus: tagged\n tagPrefixLists:\n - prod\n countType: imageCountMoreThan\n countNumber: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLifecyclePolicyDocument.\n", "properties": { "rules": { "type": "array", "items": { "$ref": "#/types/aws:ecr/getLifecyclePolicyDocumentRule:getLifecyclePolicyDocumentRule" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLifecyclePolicyDocument.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "The above arguments serialized as a standard JSON policy document.\n", "type": "string" }, "rules": { "items": { "$ref": "#/types/aws:ecr/getLifecyclePolicyDocumentRule:getLifecyclePolicyDocumentRule" }, "type": "array" } }, "required": [ "json", "id" ], "type": "object" } }, "aws:ecr/getPullThroughCacheRule:getPullThroughCacheRule": { "description": "The ECR Pull Through Cache Rule data source allows the upstream registry URL and registry ID to be retrieved for a Pull Through Cache Rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecrPublic = aws.ecr.getPullThroughCacheRule({\n ecrRepositoryPrefix: \"ecr-public\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necr_public = aws.ecr.get_pull_through_cache_rule(ecr_repository_prefix=\"ecr-public\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecrPublic = Aws.Ecr.GetPullThroughCacheRule.Invoke(new()\n {\n EcrRepositoryPrefix = \"ecr-public\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.LookupPullThroughCacheRule(ctx, \u0026ecr.LookupPullThroughCacheRuleArgs{\n\t\t\tEcrRepositoryPrefix: \"ecr-public\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport com.pulumi.aws.ecr.inputs.GetPullThroughCacheRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ecrPublic = EcrFunctions.getPullThroughCacheRule(GetPullThroughCacheRuleArgs.builder()\n .ecrRepositoryPrefix(\"ecr-public\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ecrPublic:\n fn::invoke:\n Function: aws:ecr:getPullThroughCacheRule\n Arguments:\n ecrRepositoryPrefix: ecr-public\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPullThroughCacheRule.\n", "properties": { "ecrRepositoryPrefix": { "type": "string", "description": "The repository name prefix to use when caching images from the source registry.\n", "willReplaceOnChanges": true } }, "type": "object", "required": [ "ecrRepositoryPrefix" ] }, "outputs": { "description": "A collection of values returned by getPullThroughCacheRule.\n", "properties": { "credentialArn": { "description": "ARN of the Secret which will be used to authenticate against the registry.\n", "type": "string" }, "ecrRepositoryPrefix": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "registryId": { "description": "The registry ID where the repository was created.\n", "type": "string" }, "upstreamRegistryUrl": { "description": "The registry URL of the upstream public registry to use as the source.\n", "type": "string" } }, "required": [ "credentialArn", "ecrRepositoryPrefix", "registryId", "upstreamRegistryUrl", "id" ], "type": "object" } }, "aws:ecr/getRepositories:getRepositories": { "description": "Data source for providing information on AWS ECR (Elastic Container Registry) Repositories.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ecr.getRepositories({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecr.get_repositories()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ecr.GetRepositories.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.GetRepositories(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EcrFunctions.getRepositories();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ecr:getRepositories\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getRepositories.\n", "properties": { "id": { "description": "AWS Region.\n", "type": "string" }, "names": { "description": "A list if AWS Elastic Container Registries for the region.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "id", "names" ], "type": "object" } }, "aws:ecr/getRepository:getRepository": { "description": "The ECR Repository data source allows the ARN, Repository URI and Registry ID to be retrieved for an ECR repository.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst service = aws.ecr.getRepository({\n name: \"ecr-repository\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice = aws.ecr.get_repository(name=\"ecr-repository\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var service = Aws.Ecr.GetRepository.Invoke(new()\n {\n Name = \"ecr-repository\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecr.LookupRepository(ctx, \u0026ecr.LookupRepositoryArgs{\n\t\t\tName: \"ecr-repository\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecr.EcrFunctions;\nimport com.pulumi.aws.ecr.inputs.GetRepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var service = EcrFunctions.getRepository(GetRepositoryArgs.builder()\n .name(\"ecr-repository\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n service:\n fn::invoke:\n Function: aws:ecr:getRepository\n Arguments:\n name: ecr-repository\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRepository.\n", "properties": { "name": { "type": "string", "description": "Name of the ECR Repository.\n" }, "registryId": { "type": "string", "description": "Registry ID where the repository was created.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRepository.\n", "properties": { "arn": { "description": "Full ARN of the repository.\n", "type": "string" }, "encryptionConfigurations": { "description": "Encryption configuration for the repository. See Encryption Configuration below.\n", "items": { "$ref": "#/types/aws:ecr/getRepositoryEncryptionConfiguration:getRepositoryEncryptionConfiguration" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageScanningConfigurations": { "description": "Configuration block that defines image scanning configuration for the repository. See Image Scanning Configuration below.\n", "items": { "$ref": "#/types/aws:ecr/getRepositoryImageScanningConfiguration:getRepositoryImageScanningConfiguration" }, "type": "array" }, "imageTagMutability": { "description": "The tag mutability setting for the repository.\n", "type": "string" }, "mostRecentImageTags": { "description": "List of image tags associated with the most recently pushed image in the repository.\n", "items": { "type": "string" }, "type": "array" }, "name": { "type": "string" }, "registryId": { "type": "string" }, "repositoryUrl": { "description": "URL of the repository (in the form `aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName`).\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "arn", "encryptionConfigurations", "imageScanningConfigurations", "imageTagMutability", "mostRecentImageTags", "name", "registryId", "repositoryUrl", "tags", "id" ], "type": "object" } }, "aws:ecrpublic/getAuthorizationToken:getAuthorizationToken": { "description": "The Public ECR Authorization Token data source allows the authorization token, token expiration date, user name, and password to be retrieved for a Public ECR repository.\n\n\u003e **NOTE:** This data source can only be used in the `us-east-1` region.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst token = aws.ecrpublic.getAuthorizationToken({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntoken = aws.ecrpublic.get_authorization_token()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var token = Aws.EcrPublic.GetAuthorizationToken.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecrpublic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecrpublic.GetAuthorizationToken(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecrpublic.EcrpublicFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var token = EcrpublicFunctions.getAuthorizationToken();\n\n }\n}\n```\n```yaml\nvariables:\n token:\n fn::invoke:\n Function: aws:ecrpublic:getAuthorizationToken\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getAuthorizationToken.\n", "properties": { "authorizationToken": { "description": "Temporary IAM authentication credentials to access the ECR repository encoded in base64 in the form of `user_name:password`.\n", "secret": true, "type": "string" }, "expiresAt": { "description": "Time in UTC RFC3339 format when the authorization token expires.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "password": { "description": "Password decoded from the authorization token.\n", "secret": true, "type": "string" }, "userName": { "description": "User name decoded from the authorization token.\n", "type": "string" } }, "required": [ "authorizationToken", "expiresAt", "password", "userName", "id" ], "type": "object" } }, "aws:ecs/getCluster:getCluster": { "description": "The ECS Cluster data source allows access to details of a specific\ncluster within an AWS ECS service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecs-mongo = aws.ecs.getCluster({\n clusterName: \"ecs-mongo-production\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_mongo = aws.ecs.get_cluster(cluster_name=\"ecs-mongo-production\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecs_mongo = Aws.Ecs.GetCluster.Invoke(new()\n {\n ClusterName = \"ecs-mongo-production\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.LookupCluster(ctx, \u0026ecs.LookupClusterArgs{\n\t\t\tClusterName: \"ecs-mongo-production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.EcsFunctions;\nimport com.pulumi.aws.ecs.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ecs-mongo = EcsFunctions.getCluster(GetClusterArgs.builder()\n .clusterName(\"ecs-mongo-production\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ecs-mongo:\n fn::invoke:\n Function: aws:ecs:getCluster\n Arguments:\n clusterName: ecs-mongo-production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the ECS Cluster\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n" } }, "type": "object", "required": [ "clusterName" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "description": "ARN of the ECS Cluster\n", "type": "string" }, "clusterName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "pendingTasksCount": { "description": "Number of pending tasks for the ECS Cluster\n", "type": "integer" }, "registeredContainerInstancesCount": { "description": "The number of registered container instances for the ECS Cluster\n", "type": "integer" }, "runningTasksCount": { "description": "Number of running tasks for the ECS Cluster\n", "type": "integer" }, "serviceConnectDefaults": { "description": "The default Service Connect namespace\n", "items": { "$ref": "#/types/aws:ecs/getClusterServiceConnectDefault:getClusterServiceConnectDefault" }, "type": "array" }, "settings": { "description": "Settings associated with the ECS Cluster\n", "items": { "$ref": "#/types/aws:ecs/getClusterSetting:getClusterSetting" }, "type": "array" }, "status": { "description": "Status of the ECS Cluster\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags\n", "type": "object" } }, "required": [ "arn", "clusterName", "pendingTasksCount", "registeredContainerInstancesCount", "runningTasksCount", "serviceConnectDefaults", "settings", "status", "tags", "id" ], "type": "object" } }, "aws:ecs/getContainerDefinition:getContainerDefinition": { "description": "The ECS container definition data source allows access to details of\na specific container within an AWS ECS service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ecs-mongo = aws.ecs.getContainerDefinition({\n taskDefinition: mongo.id,\n containerName: \"mongodb\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\necs_mongo = aws.ecs.get_container_definition(task_definition=mongo[\"id\"],\n container_name=\"mongodb\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ecs_mongo = Aws.Ecs.GetContainerDefinition.Invoke(new()\n {\n TaskDefinition = mongo.Id,\n ContainerName = \"mongodb\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.GetContainerDefinition(ctx, \u0026ecs.GetContainerDefinitionArgs{\n\t\t\tTaskDefinition: mongo.Id,\n\t\t\tContainerName: \"mongodb\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.EcsFunctions;\nimport com.pulumi.aws.ecs.inputs.GetContainerDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ecs-mongo = EcsFunctions.getContainerDefinition(GetContainerDefinitionArgs.builder()\n .taskDefinition(mongo.id())\n .containerName(\"mongodb\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n ecs-mongo:\n fn::invoke:\n Function: aws:ecs:getContainerDefinition\n Arguments:\n taskDefinition: ${mongo.id}\n containerName: mongodb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContainerDefinition.\n", "properties": { "containerName": { "type": "string", "description": "Name of the container definition\n" }, "taskDefinition": { "type": "string", "description": "ARN of the task definition which contains the container\n" } }, "type": "object", "required": [ "containerName", "taskDefinition" ] }, "outputs": { "description": "A collection of values returned by getContainerDefinition.\n", "properties": { "containerName": { "type": "string" }, "cpu": { "description": "CPU limit for this container definition\n", "type": "integer" }, "disableNetworking": { "description": "Indicator if networking is disabled\n", "type": "boolean" }, "dockerLabels": { "additionalProperties": { "type": "string" }, "description": "Set docker labels\n", "type": "object" }, "environment": { "additionalProperties": { "type": "string" }, "description": "Environment in use\n", "type": "object" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "image": { "description": "Docker image in use, including the digest\n", "type": "string" }, "imageDigest": { "description": "Digest of the docker image in use\n", "type": "string" }, "memory": { "description": "Memory limit for this container definition\n", "type": "integer" }, "memoryReservation": { "description": "Soft limit (in MiB) of memory to reserve for the container. When system memory is under contention, Docker attempts to keep the container memory to this soft limit\n", "type": "integer" }, "taskDefinition": { "type": "string" } }, "required": [ "containerName", "cpu", "disableNetworking", "dockerLabels", "environment", "image", "imageDigest", "memory", "memoryReservation", "taskDefinition", "id" ], "type": "object" } }, "aws:ecs/getService:getService": { "description": "The ECS Service data source allows access to details of a specific\nService within a AWS ECS Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ecs.getService({\n serviceName: \"example\",\n clusterArn: exampleAwsEcsCluster.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.get_service(service_name=\"example\",\n cluster_arn=example_aws_ecs_cluster[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ecs.GetService.Invoke(new()\n {\n ServiceName = \"example\",\n ClusterArn = exampleAwsEcsCluster.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.LookupService(ctx, \u0026ecs.LookupServiceArgs{\n\t\t\tServiceName: \"example\",\n\t\t\tClusterArn: exampleAwsEcsCluster.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.EcsFunctions;\nimport com.pulumi.aws.ecs.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EcsFunctions.getService(GetServiceArgs.builder()\n .serviceName(\"example\")\n .clusterArn(exampleAwsEcsCluster.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ecs:getService\n Arguments:\n serviceName: example\n clusterArn: ${exampleAwsEcsCluster.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "clusterArn": { "type": "string", "description": "ARN of the ECS Cluster\n" }, "serviceName": { "type": "string", "description": "Name of the ECS Service\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource tags.\n" } }, "type": "object", "required": [ "clusterArn", "serviceName" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "arn": { "description": "ARN of the ECS Service\n", "type": "string" }, "clusterArn": { "type": "string" }, "desiredCount": { "description": "Number of tasks for the ECS Service\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "launchType": { "description": "Launch type for the ECS Service\n", "type": "string" }, "schedulingStrategy": { "description": "Scheduling strategy for the ECS Service\n", "type": "string" }, "serviceName": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Resource tags.\n", "type": "object" }, "taskDefinition": { "description": "Family for the latest ACTIVE revision or full ARN of the task definition.\n", "type": "string" } }, "required": [ "arn", "clusterArn", "desiredCount", "launchType", "schedulingStrategy", "serviceName", "tags", "taskDefinition", "id" ], "type": "object" } }, "aws:ecs/getTaskDefinition:getTaskDefinition": { "description": "The ECS task definition data source allows access to details of\na specific AWS ECS task definition.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mongoTaskDefinition = new aws.ecs.TaskDefinition(\"mongo\", {\n family: \"mongodb\",\n containerDefinitions: `[\n {\n \"cpu\": 128,\n \"environment\": [{\n \"name\": \"SECRET\",\n \"value\": \"KEY\"\n }],\n \"essential\": true,\n \"image\": \"mongo:latest\",\n \"memory\": 128,\n \"memoryReservation\": 64,\n \"name\": \"mongodb\"\n }\n]\n`,\n});\n// Simply specify the family to find the latest ACTIVE revision in that family.\nconst mongo = aws.ecs.getTaskDefinitionOutput({\n taskDefinition: mongoTaskDefinition.family,\n});\nconst foo = new aws.ecs.Cluster(\"foo\", {name: \"foo\"});\nconst mongoService = new aws.ecs.Service(\"mongo\", {\n name: \"mongo\",\n cluster: foo.id,\n desiredCount: 2,\n taskDefinition: mongo.apply(mongo =\u003e mongo.arn),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmongo_task_definition = aws.ecs.TaskDefinition(\"mongo\",\n family=\"mongodb\",\n container_definitions=\"\"\"[\n {\n \"cpu\": 128,\n \"environment\": [{\n \"name\": \"SECRET\",\n \"value\": \"KEY\"\n }],\n \"essential\": true,\n \"image\": \"mongo:latest\",\n \"memory\": 128,\n \"memoryReservation\": 64,\n \"name\": \"mongodb\"\n }\n]\n\"\"\")\n# Simply specify the family to find the latest ACTIVE revision in that family.\nmongo = aws.ecs.get_task_definition_output(task_definition=mongo_task_definition.family)\nfoo = aws.ecs.Cluster(\"foo\", name=\"foo\")\nmongo_service = aws.ecs.Service(\"mongo\",\n name=\"mongo\",\n cluster=foo.id,\n desired_count=2,\n task_definition=mongo.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongoTaskDefinition = new Aws.Ecs.TaskDefinition(\"mongo\", new()\n {\n Family = \"mongodb\",\n ContainerDefinitions = @\"[\n {\n \"\"cpu\"\": 128,\n \"\"environment\"\": [{\n \"\"name\"\": \"\"SECRET\"\",\n \"\"value\"\": \"\"KEY\"\"\n }],\n \"\"essential\"\": true,\n \"\"image\"\": \"\"mongo:latest\"\",\n \"\"memory\"\": 128,\n \"\"memoryReservation\"\": 64,\n \"\"name\"\": \"\"mongodb\"\"\n }\n]\n\",\n });\n\n // Simply specify the family to find the latest ACTIVE revision in that family.\n var mongo = Aws.Ecs.GetTaskDefinition.Invoke(new()\n {\n TaskDefinition = mongoTaskDefinition.Family,\n });\n\n var foo = new Aws.Ecs.Cluster(\"foo\", new()\n {\n Name = \"foo\",\n });\n\n var mongoService = new Aws.Ecs.Service(\"mongo\", new()\n {\n Name = \"mongo\",\n Cluster = foo.Id,\n DesiredCount = 2,\n TaskDefinition = mongo.Apply(getTaskDefinitionResult =\u003e getTaskDefinitionResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmongoTaskDefinition, err := ecs.NewTaskDefinition(ctx, \"mongo\", \u0026ecs.TaskDefinitionArgs{\n\t\t\tFamily: pulumi.String(\"mongodb\"),\n\t\t\tContainerDefinitions: pulumi.String(`[\n {\n \"cpu\": 128,\n \"environment\": [{\n \"name\": \"SECRET\",\n \"value\": \"KEY\"\n }],\n \"essential\": true,\n \"image\": \"mongo:latest\",\n \"memory\": 128,\n \"memoryReservation\": 64,\n \"name\": \"mongodb\"\n }\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Simply specify the family to find the latest ACTIVE revision in that family.\n\t\tmongo := ecs.LookupTaskDefinitionOutput(ctx, ecs.GetTaskDefinitionOutputArgs{\n\t\t\tTaskDefinition: mongoTaskDefinition.Family,\n\t\t}, nil)\n\t\tfoo, err := ecs.NewCluster(ctx, \"foo\", \u0026ecs.ClusterArgs{\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ecs.NewService(ctx, \"mongo\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"mongo\"),\n\t\t\tCluster: foo.ID(),\n\t\t\tDesiredCount: pulumi.Int(2),\n\t\t\tTaskDefinition: pulumi.String(mongo.ApplyT(func(mongo ecs.GetTaskDefinitionResult) (*string, error) {\n\t\t\t\treturn \u0026mongo.Arn, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.TaskDefinition;\nimport com.pulumi.aws.ecs.TaskDefinitionArgs;\nimport com.pulumi.aws.ecs.EcsFunctions;\nimport com.pulumi.aws.ecs.inputs.GetTaskDefinitionArgs;\nimport com.pulumi.aws.ecs.Cluster;\nimport com.pulumi.aws.ecs.ClusterArgs;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongoTaskDefinition = new TaskDefinition(\"mongoTaskDefinition\", TaskDefinitionArgs.builder()\n .family(\"mongodb\")\n .containerDefinitions(\"\"\"\n[\n {\n \"cpu\": 128,\n \"environment\": [{\n \"name\": \"SECRET\",\n \"value\": \"KEY\"\n }],\n \"essential\": true,\n \"image\": \"mongo:latest\",\n \"memory\": 128,\n \"memoryReservation\": 64,\n \"name\": \"mongodb\"\n }\n]\n \"\"\")\n .build());\n\n // Simply specify the family to find the latest ACTIVE revision in that family.\n final var mongo = EcsFunctions.getTaskDefinition(GetTaskDefinitionArgs.builder()\n .taskDefinition(mongoTaskDefinition.family())\n .build());\n\n var foo = new Cluster(\"foo\", ClusterArgs.builder()\n .name(\"foo\")\n .build());\n\n var mongoService = new Service(\"mongoService\", ServiceArgs.builder()\n .name(\"mongo\")\n .cluster(foo.id())\n .desiredCount(2)\n .taskDefinition(mongo.applyValue(getTaskDefinitionResult -\u003e getTaskDefinitionResult).applyValue(mongo -\u003e mongo.applyValue(getTaskDefinitionResult -\u003e getTaskDefinitionResult.arn())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ecs:Cluster\n properties:\n name: foo\n mongoTaskDefinition:\n type: aws:ecs:TaskDefinition\n name: mongo\n properties:\n family: mongodb\n containerDefinitions: |\n [\n {\n \"cpu\": 128,\n \"environment\": [{\n \"name\": \"SECRET\",\n \"value\": \"KEY\"\n }],\n \"essential\": true,\n \"image\": \"mongo:latest\",\n \"memory\": 128,\n \"memoryReservation\": 64,\n \"name\": \"mongodb\"\n }\n ]\n mongoService:\n type: aws:ecs:Service\n name: mongo\n properties:\n name: mongo\n cluster: ${foo.id}\n desiredCount: 2 # Track the latest ACTIVE revision\n taskDefinition: ${mongo.arn}\nvariables:\n # Simply specify the family to find the latest ACTIVE revision in that family.\n mongo:\n fn::invoke:\n Function: aws:ecs:getTaskDefinition\n Arguments:\n taskDefinition: ${mongoTaskDefinition.family}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTaskDefinition.\n", "properties": { "taskDefinition": { "type": "string", "description": "Family for the latest ACTIVE revision, family and revision (family:revision) for a specific revision in the family, the ARN of the task definition to access to.\n" } }, "type": "object", "required": [ "taskDefinition" ] }, "outputs": { "description": "A collection of values returned by getTaskDefinition.\n", "properties": { "arn": { "description": "ARN of the task definition.\n", "type": "string" }, "arnWithoutRevision": { "description": "ARN of the Task Definition with the trailing `revision` removed. This may be useful for situations where the latest task definition is always desired. If a revision isn't specified, the latest ACTIVE revision is used. See the [AWS documentation](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StartTask.html#ECS-StartTask-request-taskDefinition) for details.\n", "type": "string" }, "executionRoleArn": { "description": "ARN of the task execution role that the Amazon ECS container agent and the Docker.\n", "type": "string" }, "family": { "description": "Family of this task definition.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "networkMode": { "description": "Docker networking mode to use for the containers in this task.\n", "type": "string" }, "revision": { "description": "Revision of this task definition.\n", "type": "integer" }, "status": { "description": "Status of this task definition.\n", "type": "string" }, "taskDefinition": { "type": "string" }, "taskRoleArn": { "description": "ARN of the IAM role that containers in this task can assume.\n", "type": "string" } }, "required": [ "arn", "arnWithoutRevision", "executionRoleArn", "family", "networkMode", "revision", "status", "taskDefinition", "taskRoleArn", "id" ], "type": "object" } }, "aws:ecs/getTaskExecution:getTaskExecution": { "description": "Data source for managing an AWS ECS (Elastic Container) Task Execution. This data source calls the [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API, allowing execution of one-time tasks that don't fit a standard resource lifecycle. See the feature request issue for additional context.\n\n\u003e **NOTE on preview operations:** This data source calls the `RunTask` API on every read operation, which means new task(s) may be created from a `pulumi preview` command if all attributes are known. Placing this functionality behind a data source is an intentional trade off to enable use cases requiring a one-time task execution without relying on provisioners. Caution should be taken to ensure the data source is only executed once, or that the resulting tasks can safely run in parallel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ecs.getTaskExecution({\n cluster: exampleAwsEcsCluster.id,\n taskDefinition: exampleAwsEcsTaskDefinition.arn,\n desiredCount: 1,\n launchType: \"FARGATE\",\n networkConfiguration: {\n subnets: exampleAwsSubnet.map(__item =\u003e __item.id),\n securityGroups: [exampleAwsSecurityGroup.id],\n assignPublicIp: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.get_task_execution(cluster=example_aws_ecs_cluster[\"id\"],\n task_definition=example_aws_ecs_task_definition[\"arn\"],\n desired_count=1,\n launch_type=\"FARGATE\",\n network_configuration={\n \"subnets\": [__item[\"id\"] for __item in example_aws_subnet],\n \"security_groups\": [example_aws_security_group[\"id\"]],\n \"assign_public_ip\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ecs.GetTaskExecution.Invoke(new()\n {\n Cluster = exampleAwsEcsCluster.Id,\n TaskDefinition = exampleAwsEcsTaskDefinition.Arn,\n DesiredCount = 1,\n LaunchType = \"FARGATE\",\n NetworkConfiguration = new Aws.Ecs.Inputs.GetTaskExecutionNetworkConfigurationInputArgs\n {\n Subnets = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n SecurityGroups = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n AssignPublicIp = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := ecs.GetTaskExecution(ctx, \u0026ecs.GetTaskExecutionArgs{\nCluster: exampleAwsEcsCluster.Id,\nTaskDefinition: exampleAwsEcsTaskDefinition.Arn,\nDesiredCount: pulumi.IntRef(1),\nLaunchType: pulumi.StringRef(\"FARGATE\"),\nNetworkConfiguration: ecs.GetTaskExecutionNetworkConfiguration{\nSubnets: []string(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:6,22-44)),\nSecurityGroups: interface{}{\nexampleAwsSecurityGroup.Id,\n},\nAssignPublicIp: pulumi.BoolRef(false),\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.EcsFunctions;\nimport com.pulumi.aws.ecs.inputs.GetTaskExecutionArgs;\nimport com.pulumi.aws.ecs.inputs.GetTaskExecutionNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EcsFunctions.getTaskExecution(GetTaskExecutionArgs.builder()\n .cluster(exampleAwsEcsCluster.id())\n .taskDefinition(exampleAwsEcsTaskDefinition.arn())\n .desiredCount(1)\n .launchType(\"FARGATE\")\n .networkConfiguration(GetTaskExecutionNetworkConfigurationArgs.builder()\n .subnets(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .securityGroups(exampleAwsSecurityGroup.id())\n .assignPublicIp(false)\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTaskExecution.\n", "properties": { "capacityProviderStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionCapacityProviderStrategy:getTaskExecutionCapacityProviderStrategy" }, "description": "Set of capacity provider strategies to use for the cluster. See below.\n" }, "clientToken": { "type": "string", "description": "An identifier that you provide to ensure the idempotency of the request. It must be unique and is case sensitive. Up to 64 characters are allowed. The valid characters are characters in the range of 33-126, inclusive. For more information, see [Ensuring idempotency](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/ECS_Idempotency.html).\n" }, "cluster": { "type": "string", "description": "Short name or full Amazon Resource Name (ARN) of the cluster to run the task on.\n" }, "desiredCount": { "type": "integer", "description": "Number of instantiations of the specified task to place on your cluster. You can specify up to 10 tasks for each call.\n" }, "enableEcsManagedTags": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n" }, "enableExecuteCommand": { "type": "boolean", "description": "Specifies whether to enable Amazon ECS Exec for the tasks within the service.\n" }, "group": { "type": "string", "description": "Name of the task group to associate with the task. The default value is the family name of the task definition.\n" }, "launchType": { "type": "string", "description": "Launch type on which to run your service. Valid values are `EC2`, `FARGATE`, and `EXTERNAL`.\n" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/getTaskExecutionNetworkConfiguration:getTaskExecutionNetworkConfiguration", "description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n" }, "overrides": { "$ref": "#/types/aws:ecs/getTaskExecutionOverrides:getTaskExecutionOverrides", "description": "A list of container overrides that specify the name of a container in the specified task definition and the overrides it should receive.\n" }, "placementConstraints": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionPlacementConstraint:getTaskExecutionPlacementConstraint" }, "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints for each task. See below.\n" }, "placementStrategies": { "type": "array", "items": { "$ref": "#/types/aws:ecs/getTaskExecutionPlacementStrategy:getTaskExecutionPlacementStrategy" }, "description": "The placement strategy objects to use for the task. You can specify a maximum of 5 strategy rules for each task. See below.\n" }, "platformVersion": { "type": "string", "description": "The platform version the task uses. A platform version is only specified for tasks hosted on Fargate. If one isn't specified, the `LATEST` platform version is used.\n" }, "propagateTags": { "type": "string", "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. An error will be received if you specify the `SERVICE` option when running a task. Valid values are `TASK_DEFINITION` or `NONE`.\n" }, "referenceId": { "type": "string", "description": "The reference ID to use for the task.\n" }, "startedBy": { "type": "string", "description": "An optional tag specified when a task is started.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "taskDefinition": { "type": "string", "description": "The `family` and `revision` (`family:revision`) or full ARN of the task definition to run. If a revision isn't specified, the latest `ACTIVE` revision is used.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "cluster", "taskDefinition" ] }, "outputs": { "description": "A collection of values returned by getTaskExecution.\n", "properties": { "capacityProviderStrategies": { "items": { "$ref": "#/types/aws:ecs/getTaskExecutionCapacityProviderStrategy:getTaskExecutionCapacityProviderStrategy" }, "type": "array" }, "clientToken": { "type": "string" }, "cluster": { "type": "string" }, "desiredCount": { "type": "integer" }, "enableEcsManagedTags": { "type": "boolean" }, "enableExecuteCommand": { "type": "boolean" }, "group": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "launchType": { "type": "string" }, "networkConfiguration": { "$ref": "#/types/aws:ecs/getTaskExecutionNetworkConfiguration:getTaskExecutionNetworkConfiguration" }, "overrides": { "$ref": "#/types/aws:ecs/getTaskExecutionOverrides:getTaskExecutionOverrides" }, "placementConstraints": { "items": { "$ref": "#/types/aws:ecs/getTaskExecutionPlacementConstraint:getTaskExecutionPlacementConstraint" }, "type": "array" }, "placementStrategies": { "items": { "$ref": "#/types/aws:ecs/getTaskExecutionPlacementStrategy:getTaskExecutionPlacementStrategy" }, "type": "array" }, "platformVersion": { "type": "string" }, "propagateTags": { "type": "string" }, "referenceId": { "type": "string" }, "startedBy": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "taskArns": { "description": "A list of the provisioned task ARNs.\n", "items": { "type": "string" }, "type": "array" }, "taskDefinition": { "type": "string" } }, "required": [ "cluster", "taskArns", "taskDefinition", "id" ], "type": "object" } }, "aws:efs/getAccessPoint:getAccessPoint": { "description": "Provides information about an Elastic File System (EFS) Access Point.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.efs.getAccessPoint({\n accessPointId: \"fsap-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.get_access_point(access_point_id=\"fsap-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Efs.GetAccessPoint.Invoke(new()\n {\n AccessPointId = \"fsap-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.LookupAccessPoint(ctx, \u0026efs.LookupAccessPointArgs{\n\t\t\tAccessPointId: \"fsap-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.EfsFunctions;\nimport com.pulumi.aws.efs.inputs.GetAccessPointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = EfsFunctions.getAccessPoint(GetAccessPointArgs.builder()\n .accessPointId(\"fsap-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:efs:getAccessPoint\n Arguments:\n accessPointId: fsap-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessPoint.\n", "properties": { "accessPointId": { "type": "string", "description": "ID that identifies the file system.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object", "required": [ "accessPointId" ] }, "outputs": { "description": "A collection of values returned by getAccessPoint.\n", "properties": { "accessPointId": { "type": "string" }, "arn": { "description": "Amazon Resource Name of the file system.\n", "type": "string" }, "fileSystemArn": { "description": "Amazon Resource Name of the file system.\n", "type": "string" }, "fileSystemId": { "description": "ID of the file system for which the access point is intended.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ownerId": { "type": "string" }, "posixUsers": { "description": "Single element list containing operating system user and group applied to all file system requests made using the access point.\n", "items": { "$ref": "#/types/aws:efs/getAccessPointPosixUser:getAccessPointPosixUser" }, "type": "array" }, "rootDirectories": { "description": "Single element list containing information on the directory on the Amazon EFS file system that the access point provides access to.\n", "items": { "$ref": "#/types/aws:efs/getAccessPointRootDirectory:getAccessPointRootDirectory" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n", "type": "object" } }, "required": [ "accessPointId", "arn", "fileSystemArn", "fileSystemId", "ownerId", "posixUsers", "rootDirectories", "tags", "id" ], "type": "object" } }, "aws:efs/getAccessPoints:getAccessPoints": { "description": "Provides information about multiple Elastic File System (EFS) Access Points.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.efs.getAccessPoints({\n fileSystemId: \"fs-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.efs.get_access_points(file_system_id=\"fs-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Efs.GetAccessPoints.Invoke(new()\n {\n FileSystemId = \"fs-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := efs.GetAccessPoints(ctx, \u0026efs.GetAccessPointsArgs{\n\t\t\tFileSystemId: \"fs-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.EfsFunctions;\nimport com.pulumi.aws.efs.inputs.GetAccessPointsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = EfsFunctions.getAccessPoints(GetAccessPointsArgs.builder()\n .fileSystemId(\"fs-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:efs:getAccessPoints\n Arguments:\n fileSystemId: fs-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessPoints.\n", "properties": { "fileSystemId": { "type": "string", "description": "EFS File System identifier.\n" } }, "type": "object", "required": [ "fileSystemId" ] }, "outputs": { "description": "A collection of values returned by getAccessPoints.\n", "properties": { "arns": { "description": "Set of Amazon Resource Names (ARNs).\n", "items": { "type": "string" }, "type": "array" }, "fileSystemId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of identifiers.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "fileSystemId", "ids", "id" ], "type": "object" } }, "aws:efs/getFileSystem:getFileSystem": { "description": "Provides information about an Elastic File System (EFS) File System.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst fileSystemId = config.get(\"fileSystemId\") || \"\";\nconst byId = aws.efs.getFileSystem({\n fileSystemId: fileSystemId,\n});\nconst byTag = aws.efs.getFileSystem({\n tags: {\n Environment: \"dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfile_system_id = config.get(\"fileSystemId\")\nif file_system_id is None:\n file_system_id = \"\"\nby_id = aws.efs.get_file_system(file_system_id=file_system_id)\nby_tag = aws.efs.get_file_system(tags={\n \"Environment\": \"dev\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var fileSystemId = config.Get(\"fileSystemId\") ?? \"\";\n var byId = Aws.Efs.GetFileSystem.Invoke(new()\n {\n FileSystemId = fileSystemId,\n });\n\n var byTag = Aws.Efs.GetFileSystem.Invoke(new()\n {\n Tags = \n {\n { \"Environment\", \"dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tfileSystemId := \"\"\n\t\tif param := cfg.Get(\"fileSystemId\"); param != \"\" {\n\t\t\tfileSystemId = param\n\t\t}\n\t\t_, err := efs.LookupFileSystem(ctx, \u0026efs.LookupFileSystemArgs{\n\t\t\tFileSystemId: pulumi.StringRef(fileSystemId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = efs.LookupFileSystem(ctx, \u0026efs.LookupFileSystemArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Environment\": \"dev\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.EfsFunctions;\nimport com.pulumi.aws.efs.inputs.GetFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var fileSystemId = config.get(\"fileSystemId\").orElse(\"\");\n final var byId = EfsFunctions.getFileSystem(GetFileSystemArgs.builder()\n .fileSystemId(fileSystemId)\n .build());\n\n final var byTag = EfsFunctions.getFileSystem(GetFileSystemArgs.builder()\n .tags(Map.of(\"Environment\", \"dev\"))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n fileSystemId:\n type: string\n default:\nvariables:\n byId:\n fn::invoke:\n Function: aws:efs:getFileSystem\n Arguments:\n fileSystemId: ${fileSystemId}\n byTag:\n fn::invoke:\n Function: aws:efs:getFileSystem\n Arguments:\n tags:\n Environment: dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFileSystem.\n", "properties": { "creationToken": { "type": "string", "description": "Restricts the list to the file system with this creation token.\n" }, "fileSystemId": { "type": "string", "description": "ID that identifies the file system (e.g., fs-ccfc0d65).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the file system with these tags.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getFileSystem.\n", "properties": { "arn": { "description": "Amazon Resource Name of the file system.\n", "type": "string" }, "availabilityZoneId": { "description": "The identifier of the Availability Zone in which the file system's One Zone storage classes exist.\n", "type": "string" }, "availabilityZoneName": { "description": "The Availability Zone name in which the file system's One Zone storage classes exist.\n", "type": "string" }, "creationToken": { "type": "string" }, "dnsName": { "description": "DNS name for the filesystem per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n", "type": "string" }, "encrypted": { "description": "Whether EFS is encrypted.\n", "type": "boolean" }, "fileSystemId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "ARN for the KMS encryption key.\n", "type": "string" }, "lifecyclePolicy": { "$ref": "#/types/aws:efs/getFileSystemLifecyclePolicy:getFileSystemLifecyclePolicy", "description": "File system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object.\n" }, "name": { "description": "The value of the file system's `Name` tag.\n", "type": "string" }, "performanceMode": { "description": "File system performance mode.\n", "type": "string" }, "protections": { "items": { "$ref": "#/types/aws:efs/getFileSystemProtection:getFileSystemProtection" }, "type": "array" }, "provisionedThroughputInMibps": { "description": "The throughput, measured in MiB/s, that you want to provision for the file system.\n", "type": "number" }, "sizeInBytes": { "description": "Current byte count used by the file system.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the file system.\n", "type": "object" }, "throughputMode": { "description": "Throughput mode for the file system.\n", "type": "string" } }, "required": [ "arn", "availabilityZoneId", "availabilityZoneName", "creationToken", "dnsName", "encrypted", "fileSystemId", "kmsKeyId", "lifecyclePolicy", "name", "performanceMode", "protections", "provisionedThroughputInMibps", "sizeInBytes", "tags", "throughputMode", "id" ], "type": "object" } }, "aws:efs/getMountTarget:getMountTarget": { "description": "Provides information about an Elastic File System Mount Target (EFS).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst mountTargetId = config.get(\"mountTargetId\") || \"\";\nconst byId = aws.efs.getMountTarget({\n mountTargetId: mountTargetId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nmount_target_id = config.get(\"mountTargetId\")\nif mount_target_id is None:\n mount_target_id = \"\"\nby_id = aws.efs.get_mount_target(mount_target_id=mount_target_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var mountTargetId = config.Get(\"mountTargetId\") ?? \"\";\n var byId = Aws.Efs.GetMountTarget.Invoke(new()\n {\n MountTargetId = mountTargetId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tmountTargetId := \"\"\n\t\tif param := cfg.Get(\"mountTargetId\"); param != \"\" {\n\t\t\tmountTargetId = param\n\t\t}\n\t\t_, err := efs.LookupMountTarget(ctx, \u0026efs.LookupMountTargetArgs{\n\t\t\tMountTargetId: pulumi.StringRef(mountTargetId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.EfsFunctions;\nimport com.pulumi.aws.efs.inputs.GetMountTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var mountTargetId = config.get(\"mountTargetId\").orElse(\"\");\n final var byId = EfsFunctions.getMountTarget(GetMountTargetArgs.builder()\n .mountTargetId(mountTargetId)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n mountTargetId:\n type: string\n default:\nvariables:\n byId:\n fn::invoke:\n Function: aws:efs:getMountTarget\n Arguments:\n mountTargetId: ${mountTargetId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMountTarget.\n", "properties": { "accessPointId": { "type": "string", "description": "ID or ARN of the access point whose mount target that you want to find. It must be included if a `file_system_id` and `mount_target_id` are not included.\n" }, "fileSystemId": { "type": "string", "description": "ID or ARN of the file system whose mount target that you want to find. It must be included if an `access_point_id` and `mount_target_id` are not included.\n" }, "mountTargetId": { "type": "string", "description": "ID or ARN of the mount target that you want to find. It must be included in your request if an `access_point_id` and `file_system_id` are not included.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getMountTarget.\n", "properties": { "accessPointId": { "type": "string" }, "availabilityZoneId": { "description": "The unique and consistent identifier of the Availability Zone (AZ) that the mount target resides in.\n", "type": "string" }, "availabilityZoneName": { "description": "The name of the Availability Zone (AZ) that the mount target resides in.\n", "type": "string" }, "dnsName": { "description": "DNS name for the EFS file system.\n", "type": "string" }, "fileSystemArn": { "description": "Amazon Resource Name of the file system for which the mount target is intended.\n", "type": "string" }, "fileSystemId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddress": { "description": "Address at which the file system may be mounted via the mount target.\n", "type": "string" }, "mountTargetDnsName": { "description": "The DNS name for the given subnet/AZ per [documented convention](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html).\n", "type": "string" }, "mountTargetId": { "type": "string" }, "networkInterfaceId": { "description": "The ID of the network interface that Amazon EFS created when it created the mount target.\n", "type": "string" }, "ownerId": { "description": "AWS account ID that owns the resource.\n", "type": "string" }, "securityGroups": { "description": "List of VPC security group IDs attached to the mount target.\n", "items": { "type": "string" }, "type": "array" }, "subnetId": { "description": "ID of the mount target's subnet.\n", "type": "string" } }, "required": [ "availabilityZoneId", "availabilityZoneName", "dnsName", "fileSystemArn", "fileSystemId", "ipAddress", "mountTargetDnsName", "mountTargetId", "networkInterfaceId", "ownerId", "securityGroups", "subnetId", "id" ], "type": "object" } }, "aws:eks/getAccessEntry:getAccessEntry": { "description": "Access Entry Configurations for an EKS Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.eks.getAccessEntry({\n clusterName: exampleAwsEksCluster.name,\n principalArn: exampleAwsIamRole.arn,\n});\nexport const eksAccessEntryOutputs = exampleAwsEksAccessEntry;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_access_entry(cluster_name=example_aws_eks_cluster[\"name\"],\n principal_arn=example_aws_iam_role[\"arn\"])\npulumi.export(\"eksAccessEntryOutputs\", example_aws_eks_access_entry)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetAccessEntry.Invoke(new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n PrincipalArn = exampleAwsIamRole.Arn,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"eksAccessEntryOutputs\"] = exampleAwsEksAccessEntry,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.LookupAccessEntry(ctx, \u0026eks.LookupAccessEntryArgs{\n\t\t\tClusterName: exampleAwsEksCluster.Name,\n\t\t\tPrincipalArn: exampleAwsIamRole.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"eksAccessEntryOutputs\", exampleAwsEksAccessEntry)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetAccessEntryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EksFunctions.getAccessEntry(GetAccessEntryArgs.builder()\n .clusterName(exampleAwsEksCluster.name())\n .principalArn(exampleAwsIamRole.arn())\n .build());\n\n ctx.export(\"eksAccessEntryOutputs\", exampleAwsEksAccessEntry);\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:eks:getAccessEntry\n Arguments:\n clusterName: ${exampleAwsEksCluster.name}\n principalArn: ${exampleAwsIamRole.arn}\noutputs:\n eksAccessEntryOutputs: ${exampleAwsEksAccessEntry}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessEntry.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "principalArn": { "type": "string", "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "clusterName", "principalArn" ] }, "outputs": { "description": "A collection of values returned by getAccessEntry.\n", "properties": { "accessEntryArn": { "description": "Amazon Resource Name (ARN) of the Access Entry.\n", "type": "string" }, "clusterName": { "type": "string" }, "createdAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kubernetesGroups": { "description": "List of string which can optionally specify the Kubernetes groups the user would belong to when creating an access entry.\n", "items": { "type": "string" }, "type": "array" }, "modifiedAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n", "type": "string" }, "principalArn": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "tagsAll": { "additionalProperties": { "type": "string" }, "description": "(Optional) Key-value map of resource tags, including those inherited from the provider `default_tags` configuration block.\n", "type": "object" }, "type": { "description": "Defaults to STANDARD which provides the standard workflow. EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX types disallow users to input a username or groups, and prevent associations.\n", "type": "string" }, "userName": { "description": "Defaults to principal ARN if user is principal else defaults to assume-role/session-name is role is used.\n", "type": "string" } }, "required": [ "accessEntryArn", "clusterName", "createdAt", "kubernetesGroups", "modifiedAt", "principalArn", "tagsAll", "type", "userName", "id" ], "type": "object" } }, "aws:eks/getAddon:getAddon": { "description": "Retrieve information about an EKS add-on.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.eks.getAddon({\n addonName: \"vpc-cni\",\n clusterName: exampleAwsEksCluster.name,\n});\nexport const eksAddonOutputs = exampleAwsEksAddon;\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_addon(addon_name=\"vpc-cni\",\n cluster_name=example_aws_eks_cluster[\"name\"])\npulumi.export(\"eksAddonOutputs\", example_aws_eks_addon)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetAddon.Invoke(new()\n {\n AddonName = \"vpc-cni\",\n ClusterName = exampleAwsEksCluster.Name,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"eksAddonOutputs\"] = exampleAwsEksAddon,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.LookupAddon(ctx, \u0026eks.LookupAddonArgs{\n\t\t\tAddonName: \"vpc-cni\",\n\t\t\tClusterName: exampleAwsEksCluster.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"eksAddonOutputs\", exampleAwsEksAddon)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetAddonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EksFunctions.getAddon(GetAddonArgs.builder()\n .addonName(\"vpc-cni\")\n .clusterName(exampleAwsEksCluster.name())\n .build());\n\n ctx.export(\"eksAddonOutputs\", exampleAwsEksAddon);\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:eks:getAddon\n Arguments:\n addonName: vpc-cni\n clusterName: ${exampleAwsEksCluster.name}\noutputs:\n eksAddonOutputs: ${exampleAwsEksAddon}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAddon.\n", "properties": { "addonName": { "type": "string", "description": "Name of the EKS add-on. The name must match one of\nthe names returned by [list-addon](https://docs.aws.amazon.com/cli/latest/reference/eks/list-addons.html).\n" }, "clusterName": { "type": "string", "description": "Name of the EKS Cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "addonName", "clusterName" ] }, "outputs": { "description": "A collection of values returned by getAddon.\n", "properties": { "addonName": { "type": "string" }, "addonVersion": { "description": "Version of EKS add-on.\n", "type": "string" }, "arn": { "description": "ARN of the EKS add-on.\n", "type": "string" }, "clusterName": { "type": "string" }, "configurationValues": { "description": "Configuration values for the addon with a single JSON string.\n", "type": "string" }, "createdAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "modifiedAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the EKS add-on was updated.\n", "type": "string" }, "serviceAccountRoleArn": { "description": "ARN of IAM role used for EKS add-on. If value is empty -\nthen add-on uses the IAM role assigned to the EKS Cluster node.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "addonName", "addonVersion", "arn", "clusterName", "configurationValues", "createdAt", "modifiedAt", "serviceAccountRoleArn", "tags", "id" ], "type": "object" } }, "aws:eks/getAddonVersion:getAddonVersion": { "description": "Retrieve information about a specific EKS add-on version compatible with an EKS cluster version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const default = await aws.eks.getAddonVersion({\n addonName: \"vpc-cni\",\n kubernetesVersion: example.version,\n });\n const latest = await aws.eks.getAddonVersion({\n addonName: \"vpc-cni\",\n kubernetesVersion: example.version,\n mostRecent: true,\n });\n const vpcCni = new aws.eks.Addon(\"vpc_cni\", {\n clusterName: example.name,\n addonName: \"vpc-cni\",\n addonVersion: latest.version,\n });\n return {\n \"default\": _default.version,\n latest: latest.version,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.eks.get_addon_version(addon_name=\"vpc-cni\",\n kubernetes_version=example[\"version\"])\nlatest = aws.eks.get_addon_version(addon_name=\"vpc-cni\",\n kubernetes_version=example[\"version\"],\n most_recent=True)\nvpc_cni = aws.eks.Addon(\"vpc_cni\",\n cluster_name=example[\"name\"],\n addon_name=\"vpc-cni\",\n addon_version=latest.version)\npulumi.export(\"default\", default.version)\npulumi.export(\"latest\", latest.version)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = Aws.Eks.GetAddonVersion.Invoke(new()\n {\n AddonName = \"vpc-cni\",\n KubernetesVersion = example.Version,\n });\n\n var latest = Aws.Eks.GetAddonVersion.Invoke(new()\n {\n AddonName = \"vpc-cni\",\n KubernetesVersion = example.Version,\n MostRecent = true,\n });\n\n var vpcCni = new Aws.Eks.Addon(\"vpc_cni\", new()\n {\n ClusterName = example.Name,\n AddonName = \"vpc-cni\",\n AddonVersion = latest.Apply(getAddonVersionResult =\u003e getAddonVersionResult.Version),\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"default\"] = @default.Apply(@default =\u003e @default.Apply(getAddonVersionResult =\u003e getAddonVersionResult.Version)),\n [\"latest\"] = latest.Apply(getAddonVersionResult =\u003e getAddonVersionResult.Version),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_default, err := eks.GetAddonVersion(ctx, \u0026eks.GetAddonVersionArgs{\n\t\t\tAddonName: \"vpc-cni\",\n\t\t\tKubernetesVersion: example.Version,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlatest, err := eks.GetAddonVersion(ctx, \u0026eks.GetAddonVersionArgs{\n\t\t\tAddonName: \"vpc-cni\",\n\t\t\tKubernetesVersion: example.Version,\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewAddon(ctx, \"vpc_cni\", \u0026eks.AddonArgs{\n\t\t\tClusterName: pulumi.Any(example.Name),\n\t\t\tAddonName: pulumi.String(\"vpc-cni\"),\n\t\t\tAddonVersion: pulumi.String(latest.Version),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"default\", _default.Version)\n\t\tctx.Export(\"latest\", latest.Version)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetAddonVersionArgs;\nimport com.pulumi.aws.eks.Addon;\nimport com.pulumi.aws.eks.AddonArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var default = EksFunctions.getAddonVersion(GetAddonVersionArgs.builder()\n .addonName(\"vpc-cni\")\n .kubernetesVersion(example.version())\n .build());\n\n final var latest = EksFunctions.getAddonVersion(GetAddonVersionArgs.builder()\n .addonName(\"vpc-cni\")\n .kubernetesVersion(example.version())\n .mostRecent(true)\n .build());\n\n var vpcCni = new Addon(\"vpcCni\", AddonArgs.builder()\n .clusterName(example.name())\n .addonName(\"vpc-cni\")\n .addonVersion(latest.applyValue(getAddonVersionResult -\u003e getAddonVersionResult.version()))\n .build());\n\n ctx.export(\"default\", default_.version());\n ctx.export(\"latest\", latest.applyValue(getAddonVersionResult -\u003e getAddonVersionResult.version()));\n }\n}\n```\n```yaml\nresources:\n vpcCni:\n type: aws:eks:Addon\n name: vpc_cni\n properties:\n clusterName: ${example.name}\n addonName: vpc-cni\n addonVersion: ${latest.version}\nvariables:\n default:\n fn::invoke:\n Function: aws:eks:getAddonVersion\n Arguments:\n addonName: vpc-cni\n kubernetesVersion: ${example.version}\n latest:\n fn::invoke:\n Function: aws:eks:getAddonVersion\n Arguments:\n addonName: vpc-cni\n kubernetesVersion: ${example.version}\n mostRecent: true\noutputs:\n default: ${default.version}\n latest: ${latest.version}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAddonVersion.\n", "properties": { "addonName": { "type": "string", "description": "Name of the EKS add-on. The name must match one of\nthe names returned by [list-addon](https://docs.aws.amazon.com/cli/latest/reference/eks/list-addons.html).\n" }, "kubernetesVersion": { "type": "string", "description": "Version of the EKS Cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\\-_]+$`).\n" }, "mostRecent": { "type": "boolean", "description": "Determines if the most recent or default version of the addon should be returned.\n" } }, "type": "object", "required": [ "addonName", "kubernetesVersion" ] }, "outputs": { "description": "A collection of values returned by getAddonVersion.\n", "properties": { "addonName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kubernetesVersion": { "type": "string" }, "mostRecent": { "type": "boolean" }, "version": { "description": "Version of the EKS add-on.\n", "type": "string" } }, "required": [ "addonName", "kubernetesVersion", "version", "id" ], "type": "object" } }, "aws:eks/getCluster:getCluster": { "description": "Retrieve information about an EKS Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.eks.getCluster({\n name: \"example\",\n });\n return {\n endpoint: example.endpoint,\n \"kubeconfig-certificate-authority-data\": example.certificateAuthorities?.[0]?.data,\n \"identity-oidc-issuer\": example.identities?.[0]?.oidcs?.[0]?.issuer,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_cluster(name=\"example\")\npulumi.export(\"endpoint\", example.endpoint)\npulumi.export(\"kubeconfig-certificate-authority-data\", example.certificate_authorities[0].data)\npulumi.export(\"identity-oidc-issuer\", example.identities[0].oidcs[0].issuer)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetCluster.Invoke(new()\n {\n Name = \"example\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"endpoint\"] = example.Apply(getClusterResult =\u003e getClusterResult.Endpoint),\n [\"kubeconfig-certificate-authority-data\"] = example.Apply(getClusterResult =\u003e getClusterResult.CertificateAuthorities[0]?.Data),\n [\"identity-oidc-issuer\"] = example.Apply(getClusterResult =\u003e getClusterResult.Identities[0]?.Oidcs[0]?.Issuer),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := eks.LookupCluster(ctx, \u0026eks.LookupClusterArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"endpoint\", example.Endpoint)\n\t\tctx.Export(\"kubeconfig-certificate-authority-data\", example.CertificateAuthorities[0].Data)\n\t\tctx.Export(\"identity-oidc-issuer\", example.Identities[0].Oidcs[0].Issuer)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EksFunctions.getCluster(GetClusterArgs.builder()\n .name(\"example\")\n .build());\n\n ctx.export(\"endpoint\", example.applyValue(getClusterResult -\u003e getClusterResult.endpoint()));\n ctx.export(\"kubeconfig-certificate-authority-data\", example.applyValue(getClusterResult -\u003e getClusterResult.certificateAuthorities()[0].data()));\n ctx.export(\"identity-oidc-issuer\", example.applyValue(getClusterResult -\u003e getClusterResult.identities()[0].oidcs()[0].issuer()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:eks:getCluster\n Arguments:\n name: example\noutputs:\n endpoint: ${example.endpoint}\n kubeconfig-certificate-authority-data: ${example.certificateAuthorities[0].data}\n # Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019.\n identity-oidc-issuer: ${example.identities[0].oidcs[0].issuer}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "name": { "type": "string", "description": "Name of the cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "accessConfigs": { "description": "Configuration block for access config.\n", "items": { "$ref": "#/types/aws:eks/getClusterAccessConfig:getClusterAccessConfig" }, "type": "array" }, "arn": { "description": "ARN of the cluster.\n", "type": "string" }, "certificateAuthorities": { "description": "Nested attribute containing `certificate-authority-data` for your cluster.\n", "items": { "$ref": "#/types/aws:eks/getClusterCertificateAuthority:getClusterCertificateAuthority" }, "type": "array" }, "clusterId": { "description": "The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.\n", "type": "string" }, "createdAt": { "description": "Unix epoch time stamp in seconds for when the cluster was created.\n", "type": "string" }, "enabledClusterLogTypes": { "description": "The enabled control plane logs.\n", "items": { "type": "string" }, "type": "array" }, "endpoint": { "description": "Endpoint for your Kubernetes API server.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identities": { "description": "Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For an example using this information to enable IAM Roles for Service Accounts, see the `aws.eks.Cluster` resource documentation.\n", "items": { "$ref": "#/types/aws:eks/getClusterIdentity:getClusterIdentity" }, "type": "array" }, "kubernetesNetworkConfigs": { "description": "Nested list containing Kubernetes Network Configuration.\n", "items": { "$ref": "#/types/aws:eks/getClusterKubernetesNetworkConfig:getClusterKubernetesNetworkConfig" }, "type": "array" }, "name": { "type": "string" }, "outpostConfigs": { "description": "Contains Outpost Configuration.\n", "items": { "$ref": "#/types/aws:eks/getClusterOutpostConfig:getClusterOutpostConfig" }, "type": "array" }, "platformVersion": { "description": "Platform version for the cluster.\n", "type": "string" }, "roleArn": { "description": "ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.\n", "type": "string" }, "status": { "description": "Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n", "type": "object" }, "version": { "description": "Kubernetes server version for the cluster.\n", "type": "string" }, "vpcConfig": { "$ref": "#/types/aws:eks/getClusterVpcConfig:getClusterVpcConfig", "description": "Nested list containing VPC configuration for the cluster.\n" } }, "required": [ "accessConfigs", "arn", "certificateAuthorities", "clusterId", "createdAt", "enabledClusterLogTypes", "endpoint", "identities", "kubernetesNetworkConfigs", "name", "outpostConfigs", "platformVersion", "roleArn", "status", "tags", "version", "vpcConfig", "id" ], "type": "object" } }, "aws:eks/getClusterAuth:getClusterAuth": { "description": "Get an authentication token to communicate with an EKS cluster.\n\nUses IAM credentials from the AWS provider to generate a temporary token that is compatible with\n[AWS IAM Authenticator](https://github.com/kubernetes-sigs/aws-iam-authenticator) authentication.\nThis can be used to authenticate to an EKS cluster or to a cluster that has the AWS IAM Authenticator\nserver configured.\n\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.eks.getCluster({\n name: \"example\",\n});\nconst exampleGetClusterAuth = aws.eks.getClusterAuth({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_cluster(name=\"example\")\nexample_get_cluster_auth = aws.eks.get_cluster_auth(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetCluster.Invoke(new()\n {\n Name = \"example\",\n });\n\n var exampleGetClusterAuth = Aws.Eks.GetClusterAuth.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.LookupCluster(ctx, \u0026eks.LookupClusterArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.GetClusterAuth(ctx, \u0026eks.GetClusterAuthArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetClusterArgs;\nimport com.pulumi.aws.eks.inputs.GetClusterAuthArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EksFunctions.getCluster(GetClusterArgs.builder()\n .name(\"example\")\n .build());\n\n final var exampleGetClusterAuth = EksFunctions.getClusterAuth(GetClusterAuthArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:eks:getCluster\n Arguments:\n name: example\n exampleGetClusterAuth:\n fn::invoke:\n Function: aws:eks:getClusterAuth\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getClusterAuth.\n", "properties": { "name": { "type": "string", "description": "Name of the cluster\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getClusterAuth.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "token": { "description": "Token to use to authenticate with the cluster.\n", "secret": true, "type": "string" } }, "required": [ "name", "token", "id" ], "type": "object" } }, "aws:eks/getClusters:getClusters": { "description": "Retrieve EKS Clusters list\n\n", "outputs": { "description": "A collection of values returned by getClusters.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of EKS clusters names\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "names", "id" ], "type": "object" } }, "aws:eks/getNodeGroup:getNodeGroup": { "description": "Retrieve information about an EKS Node Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.eks.getNodeGroup({\n clusterName: \"example\",\n nodeGroupName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_node_group(cluster_name=\"example\",\n node_group_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetNodeGroup.Invoke(new()\n {\n ClusterName = \"example\",\n NodeGroupName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.LookupNodeGroup(ctx, \u0026eks.LookupNodeGroupArgs{\n\t\t\tClusterName: \"example\",\n\t\t\tNodeGroupName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.EksFunctions;\nimport com.pulumi.aws.eks.inputs.GetNodeGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EksFunctions.getNodeGroup(GetNodeGroupArgs.builder()\n .clusterName(\"example\")\n .nodeGroupName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:eks:getNodeGroup\n Arguments:\n clusterName: example\n nodeGroupName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNodeGroup.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the cluster.\n" }, "nodeGroupName": { "type": "string", "description": "Name of the node group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "clusterName", "nodeGroupName" ] }, "outputs": { "description": "A collection of values returned by getNodeGroup.\n", "properties": { "amiType": { "description": "Type of Amazon Machine Image (AMI) associated with the EKS Node Group.\n", "type": "string" }, "arn": { "description": "ARN of the EKS Node Group.\n", "type": "string" }, "capacityType": { "description": "Type of capacity associated with the EKS Node Group. Valid values: `ON_DEMAND`, `SPOT`.\n", "type": "string" }, "clusterName": { "type": "string" }, "diskSize": { "description": "Disk size in GiB for worker nodes.\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceTypes": { "description": "Set of instance types associated with the EKS Node Group.\n", "items": { "type": "string" }, "type": "array" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.\n", "type": "object" }, "launchTemplates": { "description": "Nested attribute containing information about the launch template used to create the EKS Node Group.\n", "items": { "$ref": "#/types/aws:eks/getNodeGroupLaunchTemplate:getNodeGroupLaunchTemplate" }, "type": "array" }, "nodeGroupName": { "type": "string" }, "nodeRoleArn": { "description": "ARN of the IAM Role that provides permissions for the EKS Node Group.\n", "type": "string" }, "releaseVersion": { "description": "AMI version of the EKS Node Group.\n", "type": "string" }, "remoteAccesses": { "description": "Configuration block with remote access settings.\n", "items": { "$ref": "#/types/aws:eks/getNodeGroupRemoteAccess:getNodeGroupRemoteAccess" }, "type": "array" }, "resources": { "description": "List of objects containing information about underlying resources.\n", "items": { "$ref": "#/types/aws:eks/getNodeGroupResource:getNodeGroupResource" }, "type": "array" }, "scalingConfigs": { "description": "Configuration block with scaling settings.\n", "items": { "$ref": "#/types/aws:eks/getNodeGroupScalingConfig:getNodeGroupScalingConfig" }, "type": "array" }, "status": { "description": "Status of the EKS Node Group.\n", "type": "string" }, "subnetIds": { "description": "Identifiers of EC2 Subnets to associate with the EKS Node Group.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n", "type": "object" }, "taints": { "description": "List of objects containing information about taints applied to the nodes in the EKS Node Group.\n", "items": { "$ref": "#/types/aws:eks/getNodeGroupTaint:getNodeGroupTaint" }, "type": "array" }, "version": { "description": "Kubernetes version.\n", "type": "string" } }, "required": [ "amiType", "arn", "capacityType", "clusterName", "diskSize", "instanceTypes", "labels", "launchTemplates", "nodeGroupName", "nodeRoleArn", "releaseVersion", "remoteAccesses", "resources", "scalingConfigs", "status", "subnetIds", "tags", "taints", "version", "id" ], "type": "object" } }, "aws:eks/getNodeGroups:getNodeGroups": { "description": "Retrieve the EKS Node Groups associated with a named EKS cluster. This will allow you to pass a list of Node Group names to other resources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.eks.getNodeGroups({\n clusterName: \"example\",\n});\nconst exampleGetNodeGroup = example.then(example =\u003e .reduce((__obj, [, ]) =\u003e ({ ...__obj, [__key]: aws.eks.getNodeGroup({\n clusterName: \"example\",\n nodeGroupName: __value,\n}) })));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.get_node_groups(cluster_name=\"example\")\nexample_get_node_group = {__key: aws.eks.get_node_group(cluster_name=\"example\",\n node_group_name=__value) for __key, __value in example.names}\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Eks.GetNodeGroups.Invoke(new()\n {\n ClusterName = \"example\",\n });\n\n var exampleGetNodeGroup = ;\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNodeGroups.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the cluster.\n" } }, "type": "object", "required": [ "clusterName" ] }, "outputs": { "description": "A collection of values returned by getNodeGroups.\n", "properties": { "clusterName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of all node group names in an EKS Cluster.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "clusterName", "names", "id" ], "type": "object" } }, "aws:elasticache/getCluster:getCluster": { "description": "Use this data source to get information about an ElastiCache Cluster\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myCluster = aws.elasticache.getCluster({\n clusterId: \"my-cluster-id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_cluster = aws.elasticache.get_cluster(cluster_id=\"my-cluster-id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myCluster = Aws.ElastiCache.GetCluster.Invoke(new()\n {\n ClusterId = \"my-cluster-id\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupCluster(ctx, \u0026elasticache.LookupClusterArgs{\n\t\t\tClusterId: \"my-cluster-id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ElasticacheFunctions;\nimport com.pulumi.aws.elasticache.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myCluster = ElasticacheFunctions.getCluster(GetClusterArgs.builder()\n .clusterId(\"my-cluster-id\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myCluster:\n fn::invoke:\n Function: aws:elasticache:getCluster\n Arguments:\n clusterId: my-cluster-id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterId": { "type": "string", "description": "Group identifier.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n" } }, "type": "object", "required": [ "clusterId" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string" }, "availabilityZone": { "description": "Availability Zone for the cache cluster.\n", "type": "string" }, "cacheNodes": { "description": "List of node objects including `id`, `address`, `port`, `availability_zone` and `outpost_arn`.\nReferenceable e.g., as `${data.aws_elasticache_cluster.bar.cache_nodes.0.address}`\n", "items": { "$ref": "#/types/aws:elasticache/getClusterCacheNode:getClusterCacheNode" }, "type": "array" }, "clusterAddress": { "description": "(Memcached only) DNS name of the cache cluster without the port appended.\n", "type": "string" }, "clusterId": { "type": "string" }, "configurationEndpoint": { "description": "(Memcached only) Configuration endpoint to allow host discovery.\n", "type": "string" }, "engine": { "description": "Name of the cache engine.\n", "type": "string" }, "engineVersion": { "description": "Version number of the cache engine.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipDiscovery": { "description": "The IP version advertised in the discovery protocol.\n", "type": "string" }, "logDeliveryConfigurations": { "description": "Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log) delivery settings.\n", "items": { "$ref": "#/types/aws:elasticache/getClusterLogDeliveryConfiguration:getClusterLogDeliveryConfiguration" }, "type": "array" }, "maintenanceWindow": { "description": "Specifies the weekly time range for when maintenance\non the cache cluster is performed.\n", "type": "string" }, "networkType": { "description": "The IP versions for cache cluster connections.\n", "type": "string" }, "nodeType": { "description": "The cluster node type.\n", "type": "string" }, "notificationTopicArn": { "description": "An ARN of an\nSNS topic that ElastiCache notifications get sent to.\n", "type": "string" }, "numCacheNodes": { "description": "The number of cache nodes that the cache cluster has.\n", "type": "integer" }, "parameterGroupName": { "description": "Name of the parameter group associated with this cache cluster.\n", "type": "string" }, "port": { "description": "The port number on which each of the cache nodes will\naccept connections.\n", "type": "integer" }, "preferredOutpostArn": { "description": "The outpost ARN in which the cache cluster was created if created in outpost.\n", "type": "string" }, "replicationGroupId": { "description": "The replication group to which this cache cluster belongs.\n", "type": "string" }, "securityGroupIds": { "description": "List VPC security groups associated with the cache cluster.\n", "items": { "type": "string" }, "type": "array" }, "snapshotRetentionLimit": { "description": "The number of days for which ElastiCache will\nretain automatic cache cluster snapshots before deleting them.\n", "type": "integer" }, "snapshotWindow": { "description": "Daily time range (in UTC) during which ElastiCache will\nbegin taking a daily snapshot of the cache cluster.\n", "type": "string" }, "subnetGroupName": { "description": "Name of the subnet group associated to the cache cluster.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n", "type": "object" } }, "required": [ "arn", "availabilityZone", "cacheNodes", "clusterAddress", "clusterId", "configurationEndpoint", "engine", "engineVersion", "ipDiscovery", "logDeliveryConfigurations", "maintenanceWindow", "networkType", "nodeType", "notificationTopicArn", "numCacheNodes", "parameterGroupName", "port", "preferredOutpostArn", "replicationGroupId", "securityGroupIds", "snapshotRetentionLimit", "snapshotWindow", "subnetGroupName", "tags", "id" ], "type": "object" } }, "aws:elasticache/getReplicationGroup:getReplicationGroup": { "description": "Use this data source to get information about an ElastiCache Replication Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = aws.elasticache.getReplicationGroup({\n replicationGroupId: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elasticache.get_replication_group(replication_group_id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = Aws.ElastiCache.GetReplicationGroup.Invoke(new()\n {\n ReplicationGroupId = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupReplicationGroup(ctx, \u0026elasticache.LookupReplicationGroupArgs{\n\t\t\tReplicationGroupId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ElasticacheFunctions;\nimport com.pulumi.aws.elasticache.inputs.GetReplicationGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var bar = ElasticacheFunctions.getReplicationGroup(GetReplicationGroupArgs.builder()\n .replicationGroupId(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n bar:\n fn::invoke:\n Function: aws:elasticache:getReplicationGroup\n Arguments:\n replicationGroupId: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReplicationGroup.\n", "properties": { "replicationGroupId": { "type": "string", "description": "Identifier for the replication group.\n" } }, "type": "object", "required": [ "replicationGroupId" ] }, "outputs": { "description": "A collection of values returned by getReplicationGroup.\n", "properties": { "arn": { "description": "ARN of the created ElastiCache Replication Group.\n", "type": "string" }, "authTokenEnabled": { "description": "Whether an AuthToken (password) is enabled.\n", "type": "boolean" }, "automaticFailoverEnabled": { "description": "A flag whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails.\n", "type": "boolean" }, "clusterMode": { "description": "Whether cluster mode is enabled or disabled.\n", "type": "string" }, "configurationEndpointAddress": { "description": "The configuration endpoint address to allow host discovery.\n", "type": "string" }, "description": { "description": "Description of the replication group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "logDeliveryConfigurations": { "description": "Redis [SLOWLOG](https://redis.io/commands/slowlog) or Redis [Engine Log](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Log_Delivery.html#Log_contents-engine-log) delivery settings.\n", "items": { "$ref": "#/types/aws:elasticache/getReplicationGroupLogDeliveryConfiguration:getReplicationGroupLogDeliveryConfiguration" }, "type": "array" }, "memberClusters": { "description": "Identifiers of all the nodes that are part of this replication group.\n", "items": { "type": "string" }, "type": "array" }, "multiAzEnabled": { "description": "Whether Multi-AZ Support is enabled for the replication group.\n", "type": "boolean" }, "nodeType": { "description": "The cluster node type.\n", "type": "string" }, "numCacheClusters": { "description": "The number of cache clusters that the replication group has.\n", "type": "integer" }, "numNodeGroups": { "description": "Number of node groups (shards) for the replication group.\n", "type": "integer" }, "port": { "description": "The port number on which the configuration endpoint will accept connections.\n", "type": "integer" }, "primaryEndpointAddress": { "description": "The endpoint of the primary node in this node group (shard).\n", "type": "string" }, "readerEndpointAddress": { "description": "The endpoint of the reader node in this node group (shard).\n", "type": "string" }, "replicasPerNodeGroup": { "description": "Number of replica nodes in each node group.\n", "type": "integer" }, "replicationGroupId": { "type": "string" }, "snapshotRetentionLimit": { "description": "The number of days for which ElastiCache retains automatic cache cluster snapshots before deleting them.\n", "type": "integer" }, "snapshotWindow": { "description": "Daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n", "type": "string" } }, "required": [ "arn", "authTokenEnabled", "automaticFailoverEnabled", "clusterMode", "configurationEndpointAddress", "description", "logDeliveryConfigurations", "memberClusters", "multiAzEnabled", "nodeType", "numCacheClusters", "numNodeGroups", "port", "primaryEndpointAddress", "readerEndpointAddress", "replicasPerNodeGroup", "replicationGroupId", "snapshotRetentionLimit", "snapshotWindow", "id" ], "type": "object" } }, "aws:elasticache/getSubnetGroup:getSubnetGroup": { "description": "Provides information about a ElastiCache Subnet Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.elasticache.getSubnetGroup({\n name: \"my-subnet-group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticache.get_subnet_group(name=\"my-subnet-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ElastiCache.GetSubnetGroup.Invoke(new()\n {\n Name = \"my-subnet-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupSubnetGroup(ctx, \u0026elasticache.LookupSubnetGroupArgs{\n\t\t\tName: \"my-subnet-group\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ElasticacheFunctions;\nimport com.pulumi.aws.elasticache.inputs.GetSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ElasticacheFunctions.getSubnetGroup(GetSubnetGroupArgs.builder()\n .name(\"my-subnet-group\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:elasticache:getSubnetGroup\n Arguments:\n name: my-subnet-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubnetGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the subnet group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSubnetGroup.\n", "properties": { "arn": { "description": "ARN of the subnet group.\n", "type": "string" }, "description": { "description": "Description of the subnet group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "subnetIds": { "description": "Set of VPC Subnet ID-s of the subnet group.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the subnet group.\n", "type": "object" }, "vpcId": { "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the cache subnet group.\n", "type": "string" } }, "required": [ "arn", "description", "name", "subnetIds", "vpcId", "id" ], "type": "object" } }, "aws:elasticache/getUser:getUser": { "description": "Use this data source to get information about an ElastiCache User.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = aws.elasticache.getUser({\n userId: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.elasticache.get_user(user_id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = Aws.ElastiCache.GetUser.Invoke(new()\n {\n UserId = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticache\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticache.LookupUser(ctx, \u0026elasticache.LookupUserArgs{\n\t\t\tUserId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticache.ElasticacheFunctions;\nimport com.pulumi.aws.elasticache.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var bar = ElasticacheFunctions.getUser(GetUserArgs.builder()\n .userId(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n bar:\n fn::invoke:\n Function: aws:elasticache:getUser\n Arguments:\n userId: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "accessString": { "type": "string", "description": "String for what access a user possesses within the associated ElastiCache replication groups or clusters.\n" }, "authenticationModes": { "type": "array", "items": { "$ref": "#/types/aws:elasticache/getUserAuthenticationMode:getUserAuthenticationMode" } }, "engine": { "type": "string" }, "noPasswordRequired": { "type": "boolean" }, "passwords": { "type": "array", "items": { "type": "string" }, "secret": true }, "userId": { "type": "string", "description": "Identifier for the user.\n" }, "userName": { "type": "string", "description": "User name of the user.\n" } }, "type": "object", "required": [ "userId" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "accessString": { "description": "String for what access a user possesses within the associated ElastiCache replication groups or clusters.\n", "type": "string" }, "authenticationModes": { "items": { "$ref": "#/types/aws:elasticache/getUserAuthenticationMode:getUserAuthenticationMode" }, "type": "array" }, "engine": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "noPasswordRequired": { "type": "boolean" }, "passwords": { "items": { "type": "string" }, "secret": true, "type": "array" }, "userId": { "description": "Identifier for the user.\n", "type": "string" }, "userName": { "description": "User name of the user.\n", "type": "string" } }, "required": [ "userId", "id" ], "type": "object" } }, "aws:elasticbeanstalk/getApplication:getApplication": { "description": "Retrieve information about an Elastic Beanstalk Application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.elasticbeanstalk.getApplication({\n name: \"example\",\n});\nexport const arn = example.then(example =\u003e example.arn);\nexport const description = example.then(example =\u003e example.description);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticbeanstalk.get_application(name=\"example\")\npulumi.export(\"arn\", example.arn)\npulumi.export(\"description\", example.description)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ElasticBeanstalk.GetApplication.Invoke(new()\n {\n Name = \"example\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"arn\"] = example.Apply(getApplicationResult =\u003e getApplicationResult.Arn),\n [\"description\"] = example.Apply(getApplicationResult =\u003e getApplicationResult.Description),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := elasticbeanstalk.LookupApplication(ctx, \u0026elasticbeanstalk.LookupApplicationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"arn\", example.Arn)\n\t\tctx.Export(\"description\", example.Description)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.ElasticbeanstalkFunctions;\nimport com.pulumi.aws.elasticbeanstalk.inputs.GetApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ElasticbeanstalkFunctions.getApplication(GetApplicationArgs.builder()\n .name(\"example\")\n .build());\n\n ctx.export(\"arn\", example.applyValue(getApplicationResult -\u003e getApplicationResult.arn()));\n ctx.export(\"description\", example.applyValue(getApplicationResult -\u003e getApplicationResult.description()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:elasticbeanstalk:getApplication\n Arguments:\n name: example\noutputs:\n arn: ${example.arn}\n description: ${example.description}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplication.\n", "properties": { "name": { "type": "string", "description": "Name of the application\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getApplication.\n", "properties": { "appversionLifecycle": { "$ref": "#/types/aws:elasticbeanstalk/getApplicationAppversionLifecycle:getApplicationAppversionLifecycle" }, "arn": { "description": "ARN of the application.\n", "type": "string" }, "description": { "description": "Short description of the application\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "appversionLifecycle", "arn", "description", "name", "id" ], "type": "object" } }, "aws:elasticbeanstalk/getHostedZone:getHostedZone": { "description": "Use this data source to get the ID of an [elastic beanstalk hosted zone](http://docs.aws.amazon.com/general/latest/gr/rande.html#elasticbeanstalk_region).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.elasticbeanstalk.getHostedZone({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.elasticbeanstalk.get_hosted_zone()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.ElasticBeanstalk.GetHostedZone.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticbeanstalk.GetHostedZone(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.ElasticbeanstalkFunctions;\nimport com.pulumi.aws.elasticbeanstalk.inputs.GetHostedZoneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = ElasticbeanstalkFunctions.getHostedZone();\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:elasticbeanstalk:getHostedZone\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHostedZone.\n", "properties": { "region": { "type": "string", "description": "Region you'd like the zone for. By default, fetches the current region.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZone.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "description": "Region of the hosted zone.\n", "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:elasticbeanstalk/getSolutionStack:getSolutionStack": { "description": "Use this data source to get the name of a elastic beanstalk solution stack.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multiDocker = aws.elasticbeanstalk.getSolutionStack({\n mostRecent: true,\n nameRegex: \"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_docker = aws.elasticbeanstalk.get_solution_stack(most_recent=True,\n name_regex=\"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var multiDocker = Aws.ElasticBeanstalk.GetSolutionStack.Invoke(new()\n {\n MostRecent = true,\n NameRegex = \"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticbeanstalk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticbeanstalk.GetSolutionStack(ctx, \u0026elasticbeanstalk.GetSolutionStackArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tNameRegex: \"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticbeanstalk.ElasticbeanstalkFunctions;\nimport com.pulumi.aws.elasticbeanstalk.inputs.GetSolutionStackArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var multiDocker = ElasticbeanstalkFunctions.getSolutionStack(GetSolutionStackArgs.builder()\n .mostRecent(true)\n .nameRegex(\"^64bit Amazon Linux (.*) Multi-container Docker (.*)$\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n multiDocker:\n fn::invoke:\n Function: aws:elasticbeanstalk:getSolutionStack\n Arguments:\n mostRecent: true\n nameRegex: ^64bit Amazon Linux (.*) Multi-container Docker (.*)$\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSolutionStack.\n", "properties": { "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent solution stack.\n" }, "nameRegex": { "type": "string", "description": "Regex string to apply to the solution stack list returned\nby AWS. See [Elastic Beanstalk Supported Platforms][beanstalk-platforms] from\nAWS documentation for reference solution stack names.\n\n\u003e **NOTE:** If more or less than a single match is returned by the search,\nthis call will fail. Ensure that your search is specific enough to return\na single solution stack, or use `most_recent` to choose the most recent one.\n" } }, "type": "object", "required": [ "nameRegex" ] }, "outputs": { "description": "A collection of values returned by getSolutionStack.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "name": { "description": "Name of the solution stack.\n", "type": "string" }, "nameRegex": { "type": "string" } }, "required": [ "name", "nameRegex", "id" ], "type": "object" } }, "aws:elasticsearch/getDomain:getDomain": { "description": "Use this data source to get information about an Elasticsearch Domain\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDomain = aws.elasticsearch.getDomain({\n domainName: \"my-domain-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.elasticsearch.get_domain(domain_name=\"my-domain-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDomain = Aws.ElasticSearch.GetDomain.Invoke(new()\n {\n DomainName = \"my-domain-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.LookupDomain(ctx, \u0026elasticsearch.LookupDomainArgs{\n\t\t\tDomainName: \"my-domain-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.ElasticsearchFunctions;\nimport com.pulumi.aws.elasticsearch.inputs.GetDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myDomain = ElasticsearchFunctions.getDomain(GetDomainArgs.builder()\n .domainName(\"my-domain-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myDomain:\n fn::invoke:\n Function: aws:elasticsearch:getDomain\n Arguments:\n domainName: my-domain-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDomain.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the domain.\n" } }, "type": "object", "required": [ "domainName" ] }, "outputs": { "description": "A collection of values returned by getDomain.\n", "properties": { "accessPolicies": { "description": "The policy document attached to the domain.\n", "type": "string" }, "advancedOptions": { "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\n", "type": "object" }, "advancedSecurityOptions": { "description": "Status of the Elasticsearch domain's advanced security options. The block consists of the following attributes:\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainAdvancedSecurityOption:getDomainAdvancedSecurityOption" }, "type": "array" }, "arn": { "description": "The ARN of the domain.\n", "type": "string" }, "autoTuneOptions": { "description": "Configuration of the Auto-Tune options of the domain.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainAutoTuneOption:getDomainAutoTuneOption" }, "type": "array" }, "clusterConfigs": { "description": "Cluster configuration of the domain.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainClusterConfig:getDomainClusterConfig" }, "type": "array" }, "cognitoOptions": { "description": "Domain Amazon Cognito Authentication options for Kibana.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainCognitoOption:getDomainCognitoOption" }, "type": "array" }, "created": { "description": "Status of the creation of the domain.\n", "type": "boolean" }, "deleted": { "description": "Status of the deletion of the domain.\n", "type": "boolean" }, "domainId": { "description": "Unique identifier for the domain.\n", "type": "string" }, "domainName": { "type": "string" }, "ebsOptions": { "description": "EBS Options for the instances in the domain.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainEbsOption:getDomainEbsOption" }, "type": "array" }, "elasticsearchVersion": { "description": "Elasticsearch version for the domain.\n", "type": "string" }, "encryptionAtRests": { "description": "Domain encryption at rest related options.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest" }, "type": "array" }, "endpoint": { "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kibanaEndpoint": { "description": "Domain-specific endpoint used to access the Kibana application.\n", "type": "string" }, "logPublishingOptions": { "description": "Domain log publishing related options.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainLogPublishingOption:getDomainLogPublishingOption" }, "type": "array" }, "nodeToNodeEncryptions": { "description": "Domain in transit encryption related options.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption" }, "type": "array" }, "processing": { "description": "Status of a configuration change in the domain.\n", "type": "boolean" }, "snapshotOptions": { "description": "Domain snapshot related options.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainSnapshotOption:getDomainSnapshotOption" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the domain.\n", "type": "object" }, "vpcOptions": { "description": "VPC Options for private Elasticsearch domains.\n", "items": { "$ref": "#/types/aws:elasticsearch/getDomainVpcOption:getDomainVpcOption" }, "type": "array" } }, "required": [ "accessPolicies", "advancedOptions", "advancedSecurityOptions", "arn", "autoTuneOptions", "clusterConfigs", "cognitoOptions", "created", "deleted", "domainId", "domainName", "ebsOptions", "elasticsearchVersion", "encryptionAtRests", "endpoint", "kibanaEndpoint", "logPublishingOptions", "nodeToNodeEncryptions", "processing", "snapshotOptions", "tags", "vpcOptions", "id" ], "type": "object" } }, "aws:elb/getHostedZoneId:getHostedZoneId": { "description": "Use this data source to get the HostedZoneId of the AWS Elastic Load Balancing HostedZoneId\nin a given region for the purpose of using in an AWS Route53 Alias.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.elb.getHostedZoneId({});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"example.com\",\n type: aws.route53.RecordType.A,\n aliases: [{\n name: mainAwsElb.dnsName,\n zoneId: main.then(main =\u003e main.id),\n evaluateTargetHealth: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_hosted_zone_id()\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"example.com\",\n type=aws.route53.RecordType.A,\n aliases=[{\n \"name\": main_aws_elb[\"dnsName\"],\n \"zone_id\": main.id,\n \"evaluate_target_health\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.Elb.GetHostedZoneId.Invoke();\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"example.com\",\n Type = Aws.Route53.RecordType.A,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = mainAwsElb.DnsName,\n ZoneId = main.Apply(getHostedZoneIdResult =\u003e getHostedZoneIdResult.Id),\n EvaluateTargetHealth = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := elb.GetHostedZoneId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: pulumi.Any(mainAwsElb.DnsName),\n\t\t\t\t\tZoneId: pulumi.String(main.Id),\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.ElbFunctions;\nimport com.pulumi.aws.elb.inputs.GetHostedZoneIdArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = ElbFunctions.getHostedZoneId();\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"example.com\")\n .type(\"A\")\n .aliases(RecordAliasArgs.builder()\n .name(mainAwsElb.dnsName())\n .zoneId(main.applyValue(getHostedZoneIdResult -\u003e getHostedZoneIdResult.id()))\n .evaluateTargetHealth(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: example.com\n type: A\n aliases:\n - name: ${mainAwsElb.dnsName}\n zoneId: ${main.id}\n evaluateTargetHealth: true\nvariables:\n main:\n fn::invoke:\n Function: aws:elb:getHostedZoneId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHostedZoneId.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB HostedZoneId is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZoneId.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:elb/getLoadBalancer:getLoadBalancer": { "description": "Provides information about a \"classic\" Elastic Load Balancer (ELB).\nSee LB Data Source if you are looking for \"v2\"\nApplication Load Balancer (ALB) or Network Load Balancer (NLB).\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbName = config.get(\"lbName\") || \"\";\nconst test = aws.elb.getLoadBalancer({\n name: lbName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.elb.get_load_balancer(name=lb_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Aws.Elb.GetLoadBalancer.Invoke(new()\n {\n Name = lbName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbName := \"\"\n\t\tif param := cfg.Get(\"lbName\"); param != \"\" {\n\t\t\tlbName = param\n\t\t}\n\t\t_, err := elb.LookupLoadBalancer(ctx, \u0026elb.LookupLoadBalancerArgs{\n\t\t\tName: lbName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.ElbFunctions;\nimport com.pulumi.aws.elb.inputs.GetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbName = config.get(\"lbName\").orElse(\"\");\n final var test = ElbFunctions.getLoadBalancer(GetLoadBalancerArgs.builder()\n .name(lbName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:elb:getLoadBalancer\n Arguments:\n name: ${lbName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "name": { "type": "string", "description": "Unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:elb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "availabilityZones": { "items": { "type": "string" }, "type": "array" }, "connectionDraining": { "type": "boolean" }, "connectionDrainingTimeout": { "type": "integer" }, "crossZoneLoadBalancing": { "type": "boolean" }, "desyncMitigationMode": { "type": "string" }, "dnsName": { "type": "string" }, "healthCheck": { "$ref": "#/types/aws:elb/getLoadBalancerHealthCheck:getLoadBalancerHealthCheck" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idleTimeout": { "type": "integer" }, "instances": { "items": { "type": "string" }, "type": "array" }, "internal": { "type": "boolean" }, "listeners": { "items": { "$ref": "#/types/aws:elb/getLoadBalancerListener:getLoadBalancerListener" }, "type": "array" }, "name": { "type": "string" }, "securityGroups": { "items": { "type": "string" }, "type": "array" }, "sourceSecurityGroup": { "type": "string" }, "sourceSecurityGroupId": { "type": "string" }, "subnets": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "zoneId": { "type": "string" } }, "required": [ "accessLogs", "arn", "availabilityZones", "connectionDraining", "connectionDrainingTimeout", "crossZoneLoadBalancing", "desyncMitigationMode", "dnsName", "healthCheck", "idleTimeout", "instances", "internal", "listeners", "name", "securityGroups", "sourceSecurityGroup", "sourceSecurityGroupId", "subnets", "tags", "zoneId", "id" ], "type": "object" } }, "aws:elb/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy)\nin a given region for the purpose of permitting in S3 bucket policy.\n\n\u003e **Note:** For AWS Regions opened since Jakarta (`ap-southeast-3`) in December 2021, AWS [documents that](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) a [service principal name](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services) should be used instead of an AWS account ID in any relevant IAM policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.elb.getServiceAccount({});\nconst elbLogs = new aws.s3.BucketV2(\"elb_logs\", {bucket: \"my-elb-tf-test-bucket\"});\nconst elbLogsAcl = new aws.s3.BucketAclV2(\"elb_logs_acl\", {\n bucket: elbLogs.id,\n acl: \"private\",\n});\nconst allowElbLogging = pulumi.all([main, elbLogs.arn]).apply(([main, arn]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main.arn],\n }],\n actions: [\"s3:PutObject\"],\n resources: [`${arn}/AWSLogs/*`],\n }],\n}));\nconst allowElbLoggingBucketPolicy = new aws.s3.BucketPolicy(\"allow_elb_logging\", {\n bucket: elbLogs.id,\n policy: allowElbLogging.apply(allowElbLogging =\u003e allowElbLogging.json),\n});\nconst bar = new aws.elb.LoadBalancer(\"bar\", {\n name: \"my-foobar-elb\",\n availabilityZones: [\"us-west-2a\"],\n accessLogs: {\n bucket: elbLogs.id,\n interval: 5,\n },\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"http\",\n lbPort: 80,\n lbProtocol: \"http\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.elb.get_service_account()\nelb_logs = aws.s3.BucketV2(\"elb_logs\", bucket=\"my-elb-tf-test-bucket\")\nelb_logs_acl = aws.s3.BucketAclV2(\"elb_logs_acl\",\n bucket=elb_logs.id,\n acl=\"private\")\nallow_elb_logging = elb_logs.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [f\"{arn}/AWSLogs/*\"],\n}]))\nallow_elb_logging_bucket_policy = aws.s3.BucketPolicy(\"allow_elb_logging\",\n bucket=elb_logs.id,\n policy=allow_elb_logging.json)\nbar = aws.elb.LoadBalancer(\"bar\",\n name=\"my-foobar-elb\",\n availability_zones=[\"us-west-2a\"],\n access_logs={\n \"bucket\": elb_logs.id,\n \"interval\": 5,\n },\n listeners=[{\n \"instance_port\": 8000,\n \"instance_protocol\": \"http\",\n \"lb_port\": 80,\n \"lb_protocol\": \"http\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.Elb.GetServiceAccount.Invoke();\n\n var elbLogs = new Aws.S3.BucketV2(\"elb_logs\", new()\n {\n Bucket = \"my-elb-tf-test-bucket\",\n });\n\n var elbLogsAcl = new Aws.S3.BucketAclV2(\"elb_logs_acl\", new()\n {\n Bucket = elbLogs.Id,\n Acl = \"private\",\n });\n\n var allowElbLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getServiceAccountResult =\u003e getServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{elbLogs.Arn}/AWSLogs/*\",\n },\n },\n },\n });\n\n var allowElbLoggingBucketPolicy = new Aws.S3.BucketPolicy(\"allow_elb_logging\", new()\n {\n Bucket = elbLogs.Id,\n Policy = allowElbLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bar = new Aws.Elb.LoadBalancer(\"bar\", new()\n {\n Name = \"my-foobar-elb\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n },\n AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs\n {\n Bucket = elbLogs.Id,\n Interval = 5,\n },\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"http\",\n LbPort = 80,\n LbProtocol = \"http\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nmain, err := elb.GetServiceAccount(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nelbLogs, err := s3.NewBucketV2(ctx, \"elb_logs\", \u0026s3.BucketV2Args{\nBucket: pulumi.String(\"my-elb-tf-test-bucket\"),\n})\nif err != nil {\nreturn err\n}\n_, err = s3.NewBucketAclV2(ctx, \"elb_logs_acl\", \u0026s3.BucketAclV2Args{\nBucket: elbLogs.ID(),\nAcl: pulumi.String(\"private\"),\n})\nif err != nil {\nreturn err\n}\nallowElbLogging := elbLogs.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:PutObject\",\n},\nResources: []string{\nfmt.Sprintf(\"%v/AWSLogs/*\", arn),\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = s3.NewBucketPolicy(ctx, \"allow_elb_logging\", \u0026s3.BucketPolicyArgs{\nBucket: elbLogs.ID(),\nPolicy: pulumi.String(allowElbLogging.ApplyT(func(allowElbLogging iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026allowElbLogging.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\n_, err = elb.NewLoadBalancer(ctx, \"bar\", \u0026elb.LoadBalancerArgs{\nName: pulumi.String(\"my-foobar-elb\"),\nAvailabilityZones: pulumi.StringArray{\npulumi.String(\"us-west-2a\"),\n},\nAccessLogs: \u0026elb.LoadBalancerAccessLogsArgs{\nBucket: elbLogs.ID(),\nInterval: pulumi.Int(5),\n},\nListeners: elb.LoadBalancerListenerArray{\n\u0026elb.LoadBalancerListenerArgs{\nInstancePort: pulumi.Int(8000),\nInstanceProtocol: pulumi.String(\"http\"),\nLbPort: pulumi.Int(80),\nLbProtocol: pulumi.String(\"http\"),\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elb.ElbFunctions;\nimport com.pulumi.aws.elb.inputs.GetServiceAccountArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerAccessLogsArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = ElbFunctions.getServiceAccount();\n\n var elbLogs = new BucketV2(\"elbLogs\", BucketV2Args.builder()\n .bucket(\"my-elb-tf-test-bucket\")\n .build());\n\n var elbLogsAcl = new BucketAclV2(\"elbLogsAcl\", BucketAclV2Args.builder()\n .bucket(elbLogs.id())\n .acl(\"private\")\n .build());\n\n final var allowElbLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getServiceAccountResult -\u003e getServiceAccountResult.arn()))\n .build())\n .actions(\"s3:PutObject\")\n .resources(elbLogs.arn().applyValue(arn -\u003e String.format(\"%s/AWSLogs/*\", arn)))\n .build())\n .build());\n\n var allowElbLoggingBucketPolicy = new BucketPolicy(\"allowElbLoggingBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(elbLogs.id())\n .policy(allowElbLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(allowElbLogging -\u003e allowElbLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bar = new LoadBalancer(\"bar\", LoadBalancerArgs.builder()\n .name(\"my-foobar-elb\")\n .availabilityZones(\"us-west-2a\")\n .accessLogs(LoadBalancerAccessLogsArgs.builder()\n .bucket(elbLogs.id())\n .interval(5)\n .build())\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"http\")\n .lbPort(80)\n .lbProtocol(\"http\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n elbLogs:\n type: aws:s3:BucketV2\n name: elb_logs\n properties:\n bucket: my-elb-tf-test-bucket\n elbLogsAcl:\n type: aws:s3:BucketAclV2\n name: elb_logs_acl\n properties:\n bucket: ${elbLogs.id}\n acl: private\n allowElbLoggingBucketPolicy:\n type: aws:s3:BucketPolicy\n name: allow_elb_logging\n properties:\n bucket: ${elbLogs.id}\n policy: ${allowElbLogging.json}\n bar:\n type: aws:elb:LoadBalancer\n properties:\n name: my-foobar-elb\n availabilityZones:\n - us-west-2a\n accessLogs:\n bucket: ${elbLogs.id}\n interval: 5\n listeners:\n - instancePort: 8000\n instanceProtocol: http\n lbPort: 80\n lbProtocol: http\nvariables:\n main:\n fn::invoke:\n Function: aws:elb:getServiceAccount\n Arguments: {}\n allowElbLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:PutObject\n resources:\n - ${elbLogs.arn}/AWSLogs/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS ELB account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "description": "ARN of the AWS ELB service account in the selected region.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "arn", "id" ], "type": "object" } }, "aws:emr/getReleaseLabels:getReleaseLabels": { "description": "Retrieve information about EMR Release Labels.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.emr.getReleaseLabels({\n filters: {\n application: \"spark@2.1.0\",\n prefix: \"emr-5\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.get_release_labels(filters={\n \"application\": \"spark@2.1.0\",\n \"prefix\": \"emr-5\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Emr.GetReleaseLabels.Invoke(new()\n {\n Filters = new Aws.Emr.Inputs.GetReleaseLabelsFiltersInputArgs\n {\n Application = \"spark@2.1.0\",\n Prefix = \"emr-5\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.GetReleaseLabels(ctx, \u0026emr.GetReleaseLabelsArgs{\n\t\t\tFilters: emr.GetReleaseLabelsFilters{\n\t\t\t\tApplication: pulumi.StringRef(\"spark@2.1.0\"),\n\t\t\t\tPrefix: pulumi.StringRef(\"emr-5\"),\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.EmrFunctions;\nimport com.pulumi.aws.emr.inputs.GetReleaseLabelsArgs;\nimport com.pulumi.aws.emr.inputs.GetReleaseLabelsFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EmrFunctions.getReleaseLabels(GetReleaseLabelsArgs.builder()\n .filters(GetReleaseLabelsFiltersArgs.builder()\n .application(\"spark@2.1.0\")\n .prefix(\"emr-5\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:emr:getReleaseLabels\n Arguments:\n filters:\n application: spark@2.1.0\n prefix: emr-5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReleaseLabels.\n", "properties": { "filters": { "$ref": "#/types/aws:emr/getReleaseLabelsFilters:getReleaseLabelsFilters", "description": "Filters the results of the request. Prefix specifies the prefix of release labels to return. Application specifies the application (with/without version) of release labels to return. See Filters.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getReleaseLabels.\n", "properties": { "filters": { "$ref": "#/types/aws:emr/getReleaseLabelsFilters:getReleaseLabelsFilters" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "releaseLabels": { "description": "Returned release labels.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "releaseLabels", "id" ], "type": "object" } }, "aws:emr/getSupportedInstanceTypes:getSupportedInstanceTypes": { "description": "Data source for managing AWS EMR Supported Instance Types.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.emr.getSupportedInstanceTypes({\n releaseLabel: \"ebs-6.15.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emr.get_supported_instance_types(release_label=\"ebs-6.15.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Emr.GetSupportedInstanceTypes.Invoke(new()\n {\n ReleaseLabel = \"ebs-6.15.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := emr.GetSupportedInstanceTypes(ctx, \u0026emr.GetSupportedInstanceTypesArgs{\n\t\t\tReleaseLabel: \"ebs-6.15.0\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.EmrFunctions;\nimport com.pulumi.aws.emr.inputs.GetSupportedInstanceTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EmrFunctions.getSupportedInstanceTypes(GetSupportedInstanceTypesArgs.builder()\n .releaseLabel(\"ebs-6.15.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:emr:getSupportedInstanceTypes\n Arguments:\n releaseLabel: ebs-6.15.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With a Lifecycle Pre-Condition\n\nThis data source can be used with a lifecycle precondition to ensure a given instance type is supported by EMR.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instanceType = \"r7g.large\";\nconst releaseLabel = \"emr-6.15.0\";\nconst test = aws.emr.getSupportedInstanceTypes({\n releaseLabel: releaseLabel,\n});\nconst testCluster = new aws.emr.Cluster(\"test\", {\n releaseLabel: releaseLabel,\n masterInstanceGroup: {\n instanceType: instanceType,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance_type = \"r7g.large\"\nrelease_label = \"emr-6.15.0\"\ntest = aws.emr.get_supported_instance_types(release_label=release_label)\ntest_cluster = aws.emr.Cluster(\"test\",\n release_label=release_label,\n master_instance_group={\n \"instance_type\": instance_type,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var instanceType = \"r7g.large\";\n\n var releaseLabel = \"emr-6.15.0\";\n\n var test = Aws.Emr.GetSupportedInstanceTypes.Invoke(new()\n {\n ReleaseLabel = releaseLabel,\n });\n\n var testCluster = new Aws.Emr.Cluster(\"test\", new()\n {\n ReleaseLabel = releaseLabel,\n MasterInstanceGroup = new Aws.Emr.Inputs.ClusterMasterInstanceGroupArgs\n {\n InstanceType = instanceType,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinstanceType := \"r7g.large\"\n\t\treleaseLabel := \"emr-6.15.0\"\n\t\t_, err := emr.GetSupportedInstanceTypes(ctx, \u0026emr.GetSupportedInstanceTypesArgs{\n\t\t\tReleaseLabel: releaseLabel,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = emr.NewCluster(ctx, \"test\", \u0026emr.ClusterArgs{\n\t\t\tReleaseLabel: pulumi.String(releaseLabel),\n\t\t\tMasterInstanceGroup: \u0026emr.ClusterMasterInstanceGroupArgs{\n\t\t\t\tInstanceType: pulumi.String(instanceType),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emr.EmrFunctions;\nimport com.pulumi.aws.emr.inputs.GetSupportedInstanceTypesArgs;\nimport com.pulumi.aws.emr.Cluster;\nimport com.pulumi.aws.emr.ClusterArgs;\nimport com.pulumi.aws.emr.inputs.ClusterMasterInstanceGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var instanceType = \"r7g.large\";\n\n final var releaseLabel = \"emr-6.15.0\";\n\n final var test = EmrFunctions.getSupportedInstanceTypes(GetSupportedInstanceTypesArgs.builder()\n .releaseLabel(releaseLabel)\n .build());\n\n var testCluster = new Cluster(\"testCluster\", ClusterArgs.builder()\n .releaseLabel(releaseLabel)\n .masterInstanceGroup(ClusterMasterInstanceGroupArgs.builder()\n .instanceType(instanceType)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:emr:Cluster\n name: test\n properties:\n releaseLabel: ${releaseLabel}\n masterInstanceGroup:\n instanceType: ${instanceType}\nvariables:\n instanceType: r7g.large\n releaseLabel: emr-6.15.0\n test:\n fn::invoke:\n Function: aws:emr:getSupportedInstanceTypes\n Arguments:\n releaseLabel: ${releaseLabel}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSupportedInstanceTypes.\n", "properties": { "releaseLabel": { "type": "string", "description": "Amazon EMR release label. For more information about Amazon EMR releases and their included application versions and features, see the [Amazon EMR Release Guide](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html).\n" }, "supportedInstanceTypes": { "type": "array", "items": { "$ref": "#/types/aws:emr/getSupportedInstanceTypesSupportedInstanceType:getSupportedInstanceTypesSupportedInstanceType" }, "description": "List of supported instance types. See `supported_instance_types` below.\n" } }, "type": "object", "required": [ "releaseLabel" ] }, "outputs": { "description": "A collection of values returned by getSupportedInstanceTypes.\n", "properties": { "id": { "type": "string" }, "releaseLabel": { "type": "string" }, "supportedInstanceTypes": { "description": "List of supported instance types. See `supported_instance_types` below.\n", "items": { "$ref": "#/types/aws:emr/getSupportedInstanceTypesSupportedInstanceType:getSupportedInstanceTypesSupportedInstanceType" }, "type": "array" } }, "required": [ "id", "releaseLabel" ], "type": "object" } }, "aws:emrcontainers/getVirtualCluster:getVirtualCluster": { "description": "Retrieve information about an EMR Containers (EMR on EKS) Virtual Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.emrcontainers.getVirtualCluster({\n virtualClusterId: \"example id\",\n});\nexport const name = example.then(example =\u003e example.name);\nexport const arn = example.then(example =\u003e example.arn);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.emrcontainers.get_virtual_cluster(virtual_cluster_id=\"example id\")\npulumi.export(\"name\", example.name)\npulumi.export(\"arn\", example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.EmrContainers.GetVirtualCluster.Invoke(new()\n {\n VirtualClusterId = \"example id\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = example.Apply(getVirtualClusterResult =\u003e getVirtualClusterResult.Name),\n [\"arn\"] = example.Apply(getVirtualClusterResult =\u003e getVirtualClusterResult.Arn),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emrcontainers\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := emrcontainers.LookupVirtualCluster(ctx, \u0026emrcontainers.LookupVirtualClusterArgs{\n\t\t\tVirtualClusterId: \"example id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"name\", example.Name)\n\t\tctx.Export(\"arn\", example.Arn)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.emrcontainers.EmrcontainersFunctions;\nimport com.pulumi.aws.emrcontainers.inputs.GetVirtualClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = EmrcontainersFunctions.getVirtualCluster(GetVirtualClusterArgs.builder()\n .virtualClusterId(\"example id\")\n .build());\n\n ctx.export(\"name\", example.applyValue(getVirtualClusterResult -\u003e getVirtualClusterResult.name()));\n ctx.export(\"arn\", example.applyValue(getVirtualClusterResult -\u003e getVirtualClusterResult.arn()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:emrcontainers:getVirtualCluster\n Arguments:\n virtualClusterId: example id\noutputs:\n name: ${example.name}\n arn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVirtualCluster.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" }, "virtualClusterId": { "type": "string", "description": "ID of the cluster.\n" } }, "type": "object", "required": [ "virtualClusterId" ] }, "outputs": { "description": "A collection of values returned by getVirtualCluster.\n", "properties": { "arn": { "description": "ARN of the cluster.\n", "type": "string" }, "containerProviders": { "description": "Nested attribute containing information about the underlying container provider (EKS cluster) for your EMR Containers cluster.\n", "items": { "$ref": "#/types/aws:emrcontainers/getVirtualClusterContainerProvider:getVirtualClusterContainerProvider" }, "type": "array" }, "createdAt": { "description": "Unix epoch time stamp in seconds for when the cluster was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the cluster.\n", "type": "string" }, "state": { "description": "Status of the EKS cluster. One of `RUNNING`, `TERMINATING`, `TERMINATED`, `ARRESTED`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n", "type": "object" }, "virtualClusterId": { "type": "string" } }, "required": [ "arn", "containerProviders", "createdAt", "name", "state", "tags", "virtualClusterId", "id" ], "type": "object" } }, "aws:fsx/getOntapFileSystem:getOntapFileSystem": { "description": "Retrieve information on FSx ONTAP File System.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getOntapFileSystem({\n id: \"fs-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_ontap_file_system(id=\"fs-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetOntapFileSystem.Invoke(new()\n {\n Id = \"fs-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.LookupOntapFileSystem(ctx, \u0026fsx.LookupOntapFileSystemArgs{\n\t\t\tId: \"fs-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetOntapFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getOntapFileSystem(GetOntapFileSystemArgs.builder()\n .id(\"fs-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getOntapFileSystem\n Arguments:\n id: fs-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOntapFileSystem.\n", "properties": { "id": { "type": "string", "description": "Identifier of the file system (e.g. `fs-12345678`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags associated with the file system.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getOntapFileSystem.\n", "properties": { "arn": { "description": "Amazon Resource Name of the file system.\n", "type": "string" }, "automaticBackupRetentionDays": { "description": "The number of days to retain automatic backups.\n", "type": "integer" }, "dailyAutomaticBackupStartTime": { "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n", "type": "string" }, "deploymentType": { "description": "The file system deployment type.\n", "type": "string" }, "diskIopsConfigurations": { "description": "The SSD IOPS configuration for the Amazon FSx for NetApp ONTAP file system, specifying the number of provisioned IOPS and the provision mode. See Disk IOPS Below.\n", "items": { "$ref": "#/types/aws:fsx/getOntapFileSystemDiskIopsConfiguration:getOntapFileSystemDiskIopsConfiguration" }, "type": "array" }, "dnsName": { "description": "DNS name for the file system.\n", "type": "string" }, "endpointIpAddressRange": { "description": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system exist.\n", "type": "string" }, "endpoints": { "description": "The Management and Intercluster FileSystemEndpoints that are used to access data or to manage the file system using the NetApp ONTAP CLI, REST API, or NetApp SnapMirror. See FileSystemEndpoints below.\n", "items": { "$ref": "#/types/aws:fsx/getOntapFileSystemEndpoint:getOntapFileSystemEndpoint" }, "type": "array" }, "haPairs": { "description": "The number of HA pairs for the file system.\n", "type": "integer" }, "id": { "description": "Identifier of the file system (e.g. `fs-12345678`).\n", "type": "string" }, "kmsKeyId": { "description": "ARN for the KMS Key to encrypt the file system at rest.\n", "type": "string" }, "networkInterfaceIds": { "description": "The IDs of the elastic network interfaces from which a specific file system is accessible.\n", "items": { "type": "string" }, "type": "array" }, "ownerId": { "description": "AWS account identifier that created the file system.\n", "type": "string" }, "preferredSubnetId": { "description": "Specifies the subnet in which you want the preferred file server to be located.\n", "type": "string" }, "routeTableIds": { "description": "(Multi-AZ only) The VPC route tables in which your file system's endpoints exist.\n", "items": { "type": "string" }, "type": "array" }, "storageCapacity": { "description": "The storage capacity of the file system in gibibytes (GiB).\n", "type": "integer" }, "storageType": { "description": "The type of storage the file system is using. If set to `SSD`, the file system uses solid state drive storage. If set to `HDD`, the file system uses hard disk drive storage.\n", "type": "string" }, "subnetIds": { "description": "Specifies the IDs of the subnets that the file system is accessible from. For the MULTI_AZ_1 file system deployment type, there are two subnet IDs, one for the preferred file server and one for the standby file server. The preferred file server subnet identified in the `preferred_subnet_id` property.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "The tags associated with the file system.\n", "type": "object" }, "throughputCapacity": { "description": "The sustained throughput of an Amazon FSx file system in Megabytes per second (MBps). If the file system uses multiple HA pairs this will equal throuthput_capacity_per_ha_pair x ha_pairs\n", "type": "integer" }, "throughputCapacityPerHaPair": { "description": "The sustained throughput of each HA pair for an Amazon FSx file system in Megabytes per second (MBps).\n", "type": "integer" }, "vpcId": { "description": "The ID of the primary virtual private cloud (VPC) for the file system.\n", "type": "string" }, "weeklyMaintenanceStartTime": { "description": "The preferred start time (in `D:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n", "type": "string" } }, "required": [ "arn", "automaticBackupRetentionDays", "dailyAutomaticBackupStartTime", "deploymentType", "diskIopsConfigurations", "dnsName", "endpointIpAddressRange", "endpoints", "haPairs", "id", "kmsKeyId", "networkInterfaceIds", "ownerId", "preferredSubnetId", "routeTableIds", "storageCapacity", "storageType", "subnetIds", "tags", "throughputCapacity", "throughputCapacityPerHaPair", "vpcId", "weeklyMaintenanceStartTime" ], "type": "object" } }, "aws:fsx/getOntapStorageVirtualMachine:getOntapStorageVirtualMachine": { "description": "Retrieve information on FSx ONTAP Storage Virtual Machine (SVM).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getOntapStorageVirtualMachine({\n id: \"svm-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_ontap_storage_virtual_machine(id=\"svm-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetOntapStorageVirtualMachine.Invoke(new()\n {\n Id = \"svm-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.LookupOntapStorageVirtualMachine(ctx, \u0026fsx.LookupOntapStorageVirtualMachineArgs{\n\t\t\tId: pulumi.StringRef(\"svm-12345678\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetOntapStorageVirtualMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getOntapStorageVirtualMachine(GetOntapStorageVirtualMachineArgs.builder()\n .id(\"svm-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getOntapStorageVirtualMachine\n Arguments:\n id: svm-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getOntapStorageVirtualMachine({\n filters: [{\n name: \"file-system-id\",\n values: [\"fs-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_ontap_storage_virtual_machine(filters=[{\n \"name\": \"file-system-id\",\n \"values\": [\"fs-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetOntapStorageVirtualMachine.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Fsx.Inputs.GetOntapStorageVirtualMachineFilterInputArgs\n {\n Name = \"file-system-id\",\n Values = new[]\n {\n \"fs-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.LookupOntapStorageVirtualMachine(ctx, \u0026fsx.LookupOntapStorageVirtualMachineArgs{\n\t\t\tFilters: []fsx.GetOntapStorageVirtualMachineFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"file-system-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"fs-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetOntapStorageVirtualMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getOntapStorageVirtualMachine(GetOntapStorageVirtualMachineArgs.builder()\n .filters(GetOntapStorageVirtualMachineFilterArgs.builder()\n .name(\"file-system-id\")\n .values(\"fs-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getOntapStorageVirtualMachine\n Arguments:\n filters:\n - name: file-system-id\n values:\n - fs-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOntapStorageVirtualMachine.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineFilter:getOntapStorageVirtualMachineFilter" }, "description": "Configuration block. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the storage virtual machine (e.g. `svm-12345678`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOntapStorageVirtualMachine.\n", "properties": { "activeDirectoryConfigurations": { "description": "The Microsoft Active Directory configuration to which the SVM is joined, if applicable. See Active Directory Configuration below.\n", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineActiveDirectoryConfiguration:getOntapStorageVirtualMachineActiveDirectoryConfiguration" }, "type": "array" }, "arn": { "description": "Amazon Resource Name of the SVM.\n", "type": "string" }, "creationTime": { "description": "The time that the SVM was created.\n", "type": "string" }, "endpoints": { "description": "The endpoints that are used to access data or to manage the SVM using the NetApp ONTAP CLI, REST API, or NetApp CloudManager. They are the Iscsi, Management, Nfs, and Smb endpoints. See SVM Endpoints below.\n", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineEndpoint:getOntapStorageVirtualMachineEndpoint" }, "type": "array" }, "fileSystemId": { "description": "Identifier of the file system (e.g. `fs-12345678`).\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineFilter:getOntapStorageVirtualMachineFilter" }, "type": "array" }, "id": { "description": "The SVM's system generated unique ID.\n", "type": "string" }, "lifecycleStatus": { "description": "The SVM's lifecycle status.\n", "type": "string" }, "lifecycleTransitionReasons": { "description": "Describes why the SVM lifecycle state changed. See Lifecycle Transition Reason below.\n", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachineLifecycleTransitionReason:getOntapStorageVirtualMachineLifecycleTransitionReason" }, "type": "array" }, "name": { "description": "The name of the SVM, if provisioned.\n", "type": "string" }, "subtype": { "description": "The SVM's subtype.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "uuid": { "description": "The SVM's UUID.\n", "type": "string" } }, "required": [ "activeDirectoryConfigurations", "arn", "creationTime", "endpoints", "fileSystemId", "id", "lifecycleStatus", "lifecycleTransitionReasons", "name", "subtype", "tags", "uuid" ], "type": "object" } }, "aws:fsx/getOntapStorageVirtualMachines:getOntapStorageVirtualMachines": { "description": "This resource can be useful for getting back a set of FSx ONTAP Storage Virtual Machine (SVM) IDs.\n\n## Example Usage\n\nThe following shows outputting all SVM IDs for a given FSx ONTAP File System.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getOntapStorageVirtualMachines({\n filters: [{\n name: \"file-system-id\",\n values: [\"fs-12345678\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_ontap_storage_virtual_machines(filters=[{\n \"name\": \"file-system-id\",\n \"values\": [\"fs-12345678\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetOntapStorageVirtualMachines.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Fsx.Inputs.GetOntapStorageVirtualMachinesFilterInputArgs\n {\n Name = \"file-system-id\",\n Values = new[]\n {\n \"fs-12345678\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.GetOntapStorageVirtualMachines(ctx, \u0026fsx.GetOntapStorageVirtualMachinesArgs{\n\t\t\tFilters: []fsx.GetOntapStorageVirtualMachinesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"file-system-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"fs-12345678\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetOntapStorageVirtualMachinesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getOntapStorageVirtualMachines(GetOntapStorageVirtualMachinesArgs.builder()\n .filters(GetOntapStorageVirtualMachinesFilterArgs.builder()\n .name(\"file-system-id\")\n .values(\"fs-12345678\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getOntapStorageVirtualMachines\n Arguments:\n filters:\n - name: file-system-id\n values:\n - fs-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOntapStorageVirtualMachines.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachinesFilter:getOntapStorageVirtualMachinesFilter" }, "description": "Configuration block. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOntapStorageVirtualMachines.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:fsx/getOntapStorageVirtualMachinesFilter:getOntapStorageVirtualMachinesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all SVM IDs found.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:fsx/getOpenZfsSnapshot:getOpenZfsSnapshot": { "description": "Use this data source to get information about an Amazon FSx for OpenZFS Snapshot for use when provisioning new Volumes.\n\n## Example Usage\n\n### Root volume Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getOpenZfsSnapshot({\n mostRecent: true,\n filters: [{\n name: \"volume-id\",\n values: [\"fsvol-073a32b6098a73feb\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_open_zfs_snapshot(most_recent=True,\n filters=[{\n \"name\": \"volume-id\",\n \"values\": [\"fsvol-073a32b6098a73feb\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetOpenZfsSnapshot.Invoke(new()\n {\n MostRecent = true,\n Filters = new[]\n {\n new Aws.Fsx.Inputs.GetOpenZfsSnapshotFilterInputArgs\n {\n Name = \"volume-id\",\n Values = new[]\n {\n \"fsvol-073a32b6098a73feb\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.LookupOpenZfsSnapshot(ctx, \u0026fsx.LookupOpenZfsSnapshotArgs{\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t\tFilters: []fsx.GetOpenZfsSnapshotFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"volume-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"fsvol-073a32b6098a73feb\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetOpenZfsSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getOpenZfsSnapshot(GetOpenZfsSnapshotArgs.builder()\n .mostRecent(true)\n .filters(GetOpenZfsSnapshotFilterArgs.builder()\n .name(\"volume-id\")\n .values(\"fsvol-073a32b6098a73feb\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getOpenZfsSnapshot\n Arguments:\n mostRecent: true\n filters:\n - name: volume-id\n values:\n - fsvol-073a32b6098a73feb\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOpenZfsSnapshot.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:fsx/getOpenZfsSnapshotFilter:getOpenZfsSnapshotFilter" }, "description": "One or more name/value pairs to filter off of. The\nsupported names are file-system-id or volume-id.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most recent snapshot.\n" }, "name": { "type": "string", "description": "Name of the snapshot.\n" }, "snapshotIds": { "type": "array", "items": { "type": "string" }, "description": "Returns information on a specific snapshot_id.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of Tag values, with a maximum of 50 elements.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOpenZfsSnapshot.\n", "properties": { "arn": { "description": "Amazon Resource Name of the snapshot.\n", "type": "string" }, "creationTime": { "description": "Time that the resource was created.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:fsx/getOpenZfsSnapshotFilter:getOpenZfsSnapshotFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "name": { "description": "Name of the snapshot.\n", "type": "string" }, "snapshotId": { "description": "ID of the snapshot.\n", "type": "string" }, "snapshotIds": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "List of Tag values, with a maximum of 50 elements.\n", "type": "object" }, "volumeId": { "description": "ID of the volume that the snapshot is of.\n", "type": "string" } }, "required": [ "arn", "creationTime", "snapshotId", "tags", "volumeId", "id" ], "type": "object" } }, "aws:fsx/getWindowsFileSystem:getWindowsFileSystem": { "description": "Retrieve information on FSx Windows File System.\n\n## Example Usage\n\n### Root volume Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.fsx.getWindowsFileSystem({\n id: \"fs-12345678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.fsx.get_windows_file_system(id=\"fs-12345678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Fsx.GetWindowsFileSystem.Invoke(new()\n {\n Id = \"fs-12345678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := fsx.LookupWindowsFileSystem(ctx, \u0026fsx.LookupWindowsFileSystemArgs{\n\t\t\tId: \"fs-12345678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.fsx.FsxFunctions;\nimport com.pulumi.aws.fsx.inputs.GetWindowsFileSystemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = FsxFunctions.getWindowsFileSystem(GetWindowsFileSystemArgs.builder()\n .id(\"fs-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:fsx:getWindowsFileSystem\n Arguments:\n id: fs-12345678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWindowsFileSystem.\n", "properties": { "id": { "type": "string", "description": "Identifier of the file system (e.g. `fs-12345678`).\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags to associate with the file system.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getWindowsFileSystem.\n", "properties": { "activeDirectoryId": { "description": "The ID for Microsoft Active Directory instance that the file system is join to.\n", "type": "string" }, "aliases": { "description": "An array DNS alias names associated with the Amazon FSx file system.\n", "items": { "type": "string" }, "type": "array" }, "arn": { "description": "Amazon Resource Name of the file system.\n", "type": "string" }, "auditLogConfigurations": { "description": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.\n", "items": { "$ref": "#/types/aws:fsx/getWindowsFileSystemAuditLogConfiguration:getWindowsFileSystemAuditLogConfiguration" }, "type": "array" }, "automaticBackupRetentionDays": { "description": "The number of days to retain automatic backups.\n", "type": "integer" }, "backupId": { "type": "string" }, "copyTagsToBackups": { "description": "A boolean flag indicating whether tags on the file system should be copied to backups.\n", "type": "boolean" }, "dailyAutomaticBackupStartTime": { "description": "The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone.\n", "type": "string" }, "deploymentType": { "description": "The file system deployment type.\n", "type": "string" }, "diskIopsConfigurations": { "description": "The SSD IOPS configuration for the file system.\n", "items": { "$ref": "#/types/aws:fsx/getWindowsFileSystemDiskIopsConfiguration:getWindowsFileSystemDiskIopsConfiguration" }, "type": "array" }, "dnsName": { "description": "DNS name for the file system (e.g. `fs-12345678.corp.example.com`).\n", "type": "string" }, "id": { "description": "Identifier of the file system (e.g. `fs-12345678`).\n", "type": "string" }, "kmsKeyId": { "description": "ARN for the KMS Key to encrypt the file system at rest.\n", "type": "string" }, "networkInterfaceIds": { "items": { "type": "string" }, "type": "array" }, "ownerId": { "description": "AWS account identifier that created the file system.\n", "type": "string" }, "preferredFileServerIp": { "description": "The IP address of the primary, or preferred, file server.\n", "type": "string" }, "preferredSubnetId": { "description": "Specifies the subnet in which you want the preferred file server to be located.\n", "type": "string" }, "securityGroupIds": { "items": { "type": "string" }, "type": "array" }, "skipFinalBackup": { "type": "boolean" }, "storageCapacity": { "description": "The storage capacity of the file system in gibibytes (GiB).\n", "type": "integer" }, "storageType": { "description": "The type of storage the file system is using. If set to `SSD`, the file system uses solid state drive storage. If set to `HDD`, the file system uses hard disk drive storage.\n", "type": "string" }, "subnetIds": { "description": "Specifies the IDs of the subnets that the file system is accessible from.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "The tags to associate with the file system.\n", "type": "object" }, "throughputCapacity": { "description": "Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of `8` and maximum of `2048`.\n", "type": "integer" }, "vpcId": { "description": "The ID of the primary virtual private cloud (VPC) for the file system.\n", "type": "string" }, "weeklyMaintenanceStartTime": { "description": "The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone.\n", "type": "string" } }, "required": [ "activeDirectoryId", "aliases", "arn", "auditLogConfigurations", "automaticBackupRetentionDays", "backupId", "copyTagsToBackups", "dailyAutomaticBackupStartTime", "deploymentType", "diskIopsConfigurations", "dnsName", "id", "kmsKeyId", "networkInterfaceIds", "ownerId", "preferredFileServerIp", "preferredSubnetId", "securityGroupIds", "skipFinalBackup", "storageCapacity", "storageType", "subnetIds", "tags", "throughputCapacity", "vpcId", "weeklyMaintenanceStartTime" ], "type": "object" } }, "aws:globalaccelerator/getAccelerator:getAccelerator": { "description": "Provides information about a Global Accelerator accelerator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst acceleratorArn = config.get(\"acceleratorArn\") || \"\";\nconst acceleratorName = config.get(\"acceleratorName\") || \"\";\nconst example = aws.globalaccelerator.getAccelerator({\n arn: acceleratorArn,\n name: acceleratorName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\naccelerator_arn = config.get(\"acceleratorArn\")\nif accelerator_arn is None:\n accelerator_arn = \"\"\naccelerator_name = config.get(\"acceleratorName\")\nif accelerator_name is None:\n accelerator_name = \"\"\nexample = aws.globalaccelerator.get_accelerator(arn=accelerator_arn,\n name=accelerator_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var acceleratorArn = config.Get(\"acceleratorArn\") ?? \"\";\n var acceleratorName = config.Get(\"acceleratorName\") ?? \"\";\n var example = Aws.GlobalAccelerator.GetAccelerator.Invoke(new()\n {\n Arn = acceleratorArn,\n Name = acceleratorName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tacceleratorArn := \"\"\n\t\tif param := cfg.Get(\"acceleratorArn\"); param != \"\" {\n\t\t\tacceleratorArn = param\n\t\t}\n\t\tacceleratorName := \"\"\n\t\tif param := cfg.Get(\"acceleratorName\"); param != \"\" {\n\t\t\tacceleratorName = param\n\t\t}\n\t\t_, err := globalaccelerator.LookupAccelerator(ctx, \u0026globalaccelerator.LookupAcceleratorArgs{\n\t\t\tArn: pulumi.StringRef(acceleratorArn),\n\t\t\tName: pulumi.StringRef(acceleratorName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.GlobalacceleratorFunctions;\nimport com.pulumi.aws.globalaccelerator.inputs.GetAcceleratorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var acceleratorArn = config.get(\"acceleratorArn\").orElse(\"\");\n final var acceleratorName = config.get(\"acceleratorName\").orElse(\"\");\n final var example = GlobalacceleratorFunctions.getAccelerator(GetAcceleratorArgs.builder()\n .arn(acceleratorArn)\n .name(acceleratorName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n acceleratorArn:\n type: string\n default:\n acceleratorName:\n type: string\n default:\nvariables:\n example:\n fn::invoke:\n Function: aws:globalaccelerator:getAccelerator\n Arguments:\n arn: ${acceleratorArn}\n name: ${acceleratorName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccelerator.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the Global Accelerator.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Unique name of the Global Accelerator.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAccelerator.\n", "properties": { "arn": { "type": "string" }, "attributes": { "items": { "$ref": "#/types/aws:globalaccelerator/getAcceleratorAttribute:getAcceleratorAttribute" }, "type": "array" }, "dnsName": { "type": "string" }, "dualStackDnsName": { "type": "string" }, "enabled": { "type": "boolean" }, "hostedZoneId": { "type": "string" }, "id": { "type": "string" }, "ipAddressType": { "type": "string" }, "ipSets": { "items": { "$ref": "#/types/aws:globalaccelerator/getAcceleratorIpSet:getAcceleratorIpSet" }, "type": "array" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "attributes", "dnsName", "dualStackDnsName", "enabled", "hostedZoneId", "id", "ipAddressType", "ipSets", "name", "tags" ], "type": "object" } }, "aws:globalaccelerator/getCustomRoutingAccelerator:getCustomRoutingAccelerator": { "description": "Provides information about a Global Accelerator custom routing accelerator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst acceleratorArn = config.get(\"acceleratorArn\") || \"\";\nconst acceleratorName = config.get(\"acceleratorName\") || \"\";\nconst example = aws.globalaccelerator.getCustomRoutingAccelerator({\n arn: acceleratorArn,\n name: acceleratorName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\naccelerator_arn = config.get(\"acceleratorArn\")\nif accelerator_arn is None:\n accelerator_arn = \"\"\naccelerator_name = config.get(\"acceleratorName\")\nif accelerator_name is None:\n accelerator_name = \"\"\nexample = aws.globalaccelerator.get_custom_routing_accelerator(arn=accelerator_arn,\n name=accelerator_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var acceleratorArn = config.Get(\"acceleratorArn\") ?? \"\";\n var acceleratorName = config.Get(\"acceleratorName\") ?? \"\";\n var example = Aws.GlobalAccelerator.GetCustomRoutingAccelerator.Invoke(new()\n {\n Arn = acceleratorArn,\n Name = acceleratorName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/globalaccelerator\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tacceleratorArn := \"\"\n\t\tif param := cfg.Get(\"acceleratorArn\"); param != \"\" {\n\t\t\tacceleratorArn = param\n\t\t}\n\t\tacceleratorName := \"\"\n\t\tif param := cfg.Get(\"acceleratorName\"); param != \"\" {\n\t\t\tacceleratorName = param\n\t\t}\n\t\t_, err := globalaccelerator.LookupCustomRoutingAccelerator(ctx, \u0026globalaccelerator.LookupCustomRoutingAcceleratorArgs{\n\t\t\tArn: pulumi.StringRef(acceleratorArn),\n\t\t\tName: pulumi.StringRef(acceleratorName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.globalaccelerator.GlobalacceleratorFunctions;\nimport com.pulumi.aws.globalaccelerator.inputs.GetCustomRoutingAcceleratorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var acceleratorArn = config.get(\"acceleratorArn\").orElse(\"\");\n final var acceleratorName = config.get(\"acceleratorName\").orElse(\"\");\n final var example = GlobalacceleratorFunctions.getCustomRoutingAccelerator(GetCustomRoutingAcceleratorArgs.builder()\n .arn(acceleratorArn)\n .name(acceleratorName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n acceleratorArn:\n type: string\n default:\n acceleratorName:\n type: string\n default:\nvariables:\n example:\n fn::invoke:\n Function: aws:globalaccelerator:getCustomRoutingAccelerator\n Arguments:\n arn: ${acceleratorArn}\n name: ${acceleratorName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCustomRoutingAccelerator.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the custom routing accelerator.\n" }, "name": { "type": "string", "description": "Unique name of the custom routing accelerator.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCustomRoutingAccelerator.\n", "properties": { "arn": { "type": "string" }, "attributes": { "items": { "$ref": "#/types/aws:globalaccelerator/getCustomRoutingAcceleratorAttribute:getCustomRoutingAcceleratorAttribute" }, "type": "array" }, "dnsName": { "type": "string" }, "enabled": { "type": "boolean" }, "hostedZoneId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddressType": { "type": "string" }, "ipSets": { "items": { "$ref": "#/types/aws:globalaccelerator/getCustomRoutingAcceleratorIpSet:getCustomRoutingAcceleratorIpSet" }, "type": "array" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "attributes", "dnsName", "enabled", "hostedZoneId", "ipAddressType", "ipSets", "name", "tags", "id" ], "type": "object" } }, "aws:glue/getCatalogTable:getCatalogTable": { "description": "This data source can be used to fetch information about an AWS Glue Data Catalog Table.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.glue.getCatalogTable({\n name: \"MyCatalogTable\",\n databaseName: \"MyCatalogDatabase\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_catalog_table(name=\"MyCatalogTable\",\n database_name=\"MyCatalogDatabase\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Glue.GetCatalogTable.Invoke(new()\n {\n Name = \"MyCatalogTable\",\n DatabaseName = \"MyCatalogDatabase\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.LookupCatalogTable(ctx, \u0026glue.LookupCatalogTableArgs{\n\t\t\tName: \"MyCatalogTable\",\n\t\t\tDatabaseName: \"MyCatalogDatabase\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.GlueFunctions;\nimport com.pulumi.aws.glue.inputs.GetCatalogTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GlueFunctions.getCatalogTable(GetCatalogTableArgs.builder()\n .name(\"MyCatalogTable\")\n .databaseName(\"MyCatalogDatabase\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:glue:getCatalogTable\n Arguments:\n name: MyCatalogTable\n databaseName: MyCatalogDatabase\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCatalogTable.\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Glue Catalog and database where the table metadata resides. If omitted, this defaults to the current AWS Account ID.\n" }, "databaseName": { "type": "string", "description": "Name of the metadata database where the table metadata resides.\n" }, "name": { "type": "string", "description": "Name of the table.\n" }, "queryAsOfTime": { "type": "string", "description": "The time as of when to read the table contents. If not set, the most recent transaction commit time will be used. Cannot be specified along with `transaction_id`. Specified in RFC 3339 format, e.g. `2006-01-02T15:04:05Z07:00`.\n" }, "transactionId": { "type": "integer", "description": "The transaction ID at which to read the table contents.\n" } }, "type": "object", "required": [ "databaseName", "name" ] }, "outputs": { "description": "A collection of values returned by getCatalogTable.\n", "properties": { "arn": { "description": "The ARN of the Glue Table.\n", "type": "string" }, "catalogId": { "description": "ID of the Data Catalog in which the table resides.\n", "type": "string" }, "databaseName": { "description": "Name of the catalog database that contains the target table.\n", "type": "string" }, "description": { "description": "Description of the table.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the target table.\n", "type": "string" }, "owner": { "description": "Owner of the table.\n", "type": "string" }, "parameters": { "additionalProperties": { "type": "string" }, "description": "Map of initialization parameters for the SerDe, in key-value form.\n", "type": "object" }, "partitionIndices": { "description": "Configuration block for a maximum of 3 partition indexes. See `partition_index` below.\n", "items": { "$ref": "#/types/aws:glue/getCatalogTablePartitionIndex:getCatalogTablePartitionIndex" }, "type": "array" }, "partitionKeys": { "description": "Configuration block of columns by which the table is partitioned. Only primitive types are supported as partition keys. See `partition_keys` below.\n", "items": { "$ref": "#/types/aws:glue/getCatalogTablePartitionKey:getCatalogTablePartitionKey" }, "type": "array" }, "queryAsOfTime": { "type": "string" }, "retention": { "description": "Retention time for this table.\n", "type": "integer" }, "storageDescriptors": { "description": "Configuration block for information about the physical storage of this table. For more information, refer to the [Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-StorageDescriptor). See `storage_descriptor` below.\n", "items": { "$ref": "#/types/aws:glue/getCatalogTableStorageDescriptor:getCatalogTableStorageDescriptor" }, "type": "array" }, "tableType": { "description": "Type of this table (EXTERNAL_TABLE, VIRTUAL_VIEW, etc.). While optional, some Athena DDL queries such as `ALTER TABLE` and `SHOW CREATE TABLE` will fail if this argument is empty.\n", "type": "string" }, "targetTables": { "description": "Configuration block of a target table for resource linking. See `target_table` below.\n", "items": { "$ref": "#/types/aws:glue/getCatalogTableTargetTable:getCatalogTableTargetTable" }, "type": "array" }, "transactionId": { "type": "integer" }, "viewExpandedText": { "description": "If the table is a view, the expanded text of the view; otherwise null.\n", "type": "string" }, "viewOriginalText": { "description": "If the table is a view, the original text of the view; otherwise null.\n", "type": "string" } }, "required": [ "arn", "catalogId", "databaseName", "description", "name", "owner", "parameters", "partitionIndices", "partitionKeys", "retention", "storageDescriptors", "tableType", "targetTables", "viewExpandedText", "viewOriginalText", "id" ], "type": "object" } }, "aws:glue/getConnection:getConnection": { "description": "This data source can be used to fetch information about a specific Glue Connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.glue.getConnection({\n id: \"123456789123:connection\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_connection(id=\"123456789123:connection\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Glue.GetConnection.Invoke(new()\n {\n Id = \"123456789123:connection\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.LookupConnection(ctx, \u0026glue.LookupConnectionArgs{\n\t\t\tId: \"123456789123:connection\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.GlueFunctions;\nimport com.pulumi.aws.glue.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GlueFunctions.getConnection(GetConnectionArgs.builder()\n .id(\"123456789123:connection\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:glue:getConnection\n Arguments:\n id: 123456789123:connection\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnection.\n", "properties": { "id": { "type": "string", "description": "Concatenation of the catalog ID and connection name. For example, if your account ID is\n`123456789123` and the connection name is `conn` then the ID is `123456789123:conn`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getConnection.\n", "properties": { "arn": { "description": "ARN of the Glue Connection.\n", "type": "string" }, "catalogId": { "description": "Catalog ID of the Glue Connection.\n", "type": "string" }, "connectionProperties": { "additionalProperties": { "type": "string" }, "secret": true, "type": "object" }, "connectionType": { "description": "Type of Glue Connection.\n", "type": "string" }, "description": { "description": "Description of the connection.\n", "type": "string" }, "id": { "type": "string" }, "matchCriterias": { "description": "A list of criteria that can be used in selecting this connection.\n", "items": { "type": "string" }, "type": "array" }, "name": { "description": "Name of the Glue Connection.\n", "type": "string" }, "physicalConnectionRequirements": { "description": "A map of physical connection requirements, such as VPC and SecurityGroup.\n", "items": { "$ref": "#/types/aws:glue/getConnectionPhysicalConnectionRequirement:getConnectionPhysicalConnectionRequirement" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n", "type": "object" } }, "required": [ "arn", "catalogId", "connectionProperties", "connectionType", "description", "id", "matchCriterias", "name", "physicalConnectionRequirements", "tags" ], "type": "object" } }, "aws:glue/getDataCatalogEncryptionSettings:getDataCatalogEncryptionSettings": { "description": "This data source can be used to fetch information about AWS Glue Data Catalog Encryption Settings.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.GlueFunctions;\nimport com.pulumi.aws.glue.inputs.GetDataCatalogEncryptionSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GlueFunctions.getDataCatalogEncryptionSettings(GetDataCatalogEncryptionSettingsArgs.builder()\n .id(\"123456789123\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:glue:getDataCatalogEncryptionSettings\n Arguments:\n id: '123456789123'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDataCatalogEncryptionSettings.\n", "properties": { "catalogId": { "type": "string", "description": "ID of the Data Catalog. This is typically the AWS account ID.\n" } }, "type": "object", "required": [ "catalogId" ] }, "outputs": { "description": "A collection of values returned by getDataCatalogEncryptionSettings.\n", "properties": { "catalogId": { "type": "string" }, "dataCatalogEncryptionSettings": { "description": "The security configuration to set. see Data Catalog Encryption Settings.\n", "items": { "$ref": "#/types/aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSetting:getDataCatalogEncryptionSettingsDataCatalogEncryptionSetting" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "catalogId", "dataCatalogEncryptionSettings", "id" ], "type": "object" } }, "aws:glue/getScript:getScript": { "description": "Use this data source to generate a Glue script from a Directed Acyclic Graph (DAG).\n\n## Example Usage\n\n### Generate Python Script\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.glue.getScript({\n language: \"PYTHON\",\n dagEdges: [\n {\n source: \"datasource0\",\n target: \"applymapping1\",\n },\n {\n source: \"applymapping1\",\n target: \"selectfields2\",\n },\n {\n source: \"selectfields2\",\n target: \"resolvechoice3\",\n },\n {\n source: \"resolvechoice3\",\n target: \"datasink4\",\n },\n ],\n dagNodes: [\n {\n id: \"datasource0\",\n nodeType: \"DataSource\",\n args: [\n {\n name: \"database\",\n value: `\"${source.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${sourceAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n {\n id: \"applymapping1\",\n nodeType: \"ApplyMapping\",\n args: [{\n name: \"mapping\",\n value: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n },\n {\n id: \"selectfields2\",\n nodeType: \"SelectFields\",\n args: [{\n name: \"paths\",\n value: \"[\\\"column1\\\"]\",\n }],\n },\n {\n id: \"resolvechoice3\",\n nodeType: \"ResolveChoice\",\n args: [\n {\n name: \"choice\",\n value: \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n name: \"database\",\n value: `\"${destination.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${destinationAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n {\n id: \"datasink4\",\n nodeType: \"DataSink\",\n args: [\n {\n name: \"database\",\n value: `\"${destination.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${destinationAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n ],\n});\nexport const pythonScript = example.then(example =\u003e example.pythonScript);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_script(language=\"PYTHON\",\n dag_edges=[\n {\n \"source\": \"datasource0\",\n \"target\": \"applymapping1\",\n },\n {\n \"source\": \"applymapping1\",\n \"target\": \"selectfields2\",\n },\n {\n \"source\": \"selectfields2\",\n \"target\": \"resolvechoice3\",\n },\n {\n \"source\": \"resolvechoice3\",\n \"target\": \"datasink4\",\n },\n ],\n dag_nodes=[\n {\n \"id\": \"datasource0\",\n \"node_type\": \"DataSource\",\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{source['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{source_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n {\n \"id\": \"applymapping1\",\n \"node_type\": \"ApplyMapping\",\n \"args\": [{\n \"name\": \"mapping\",\n \"value\": \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n },\n {\n \"id\": \"selectfields2\",\n \"node_type\": \"SelectFields\",\n \"args\": [{\n \"name\": \"paths\",\n \"value\": \"[\\\"column1\\\"]\",\n }],\n },\n {\n \"id\": \"resolvechoice3\",\n \"node_type\": \"ResolveChoice\",\n \"args\": [\n {\n \"name\": \"choice\",\n \"value\": \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{destination['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{destination_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n {\n \"id\": \"datasink4\",\n \"node_type\": \"DataSink\",\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{destination['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{destination_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n ])\npulumi.export(\"pythonScript\", example.python_script)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Glue.GetScript.Invoke(new()\n {\n Language = \"PYTHON\",\n DagEdges = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"datasource0\",\n Target = \"applymapping1\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"applymapping1\",\n Target = \"selectfields2\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"selectfields2\",\n Target = \"resolvechoice3\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"resolvechoice3\",\n Target = \"datasink4\",\n },\n },\n DagNodes = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"datasource0\",\n NodeType = \"DataSource\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{source.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{sourceAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"applymapping1\",\n NodeType = \"ApplyMapping\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"mapping\",\n Value = \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"selectfields2\",\n NodeType = \"SelectFields\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"paths\",\n Value = \"[\\\"column1\\\"]\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"resolvechoice3\",\n NodeType = \"ResolveChoice\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"choice\",\n Value = \"\\\"MATCH_CATALOG\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{destinationAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"datasink4\",\n NodeType = \"DataSink\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{destinationAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"pythonScript\"] = example.Apply(getScriptResult =\u003e getScriptResult.PythonScript),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.GetScript(ctx, \u0026glue.GetScriptArgs{\n\t\t\tLanguage: pulumi.StringRef(\"PYTHON\"),\n\t\t\tDagEdges: []glue.GetScriptDagEdge{\n\t\t\t\t{\n\t\t\t\t\tSource: \"datasource0\",\n\t\t\t\t\tTarget: \"applymapping1\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"applymapping1\",\n\t\t\t\t\tTarget: \"selectfields2\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"selectfields2\",\n\t\t\t\t\tTarget: \"resolvechoice3\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"resolvechoice3\",\n\t\t\t\t\tTarget: \"datasink4\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tDagNodes: []glue.GetScriptDagNode{\n\t\t\t\t{\n\t\t\t\t\tId: \"datasource0\",\n\t\t\t\t\tNodeType: \"DataSource\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", source.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", sourceAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"applymapping1\",\n\t\t\t\t\tNodeType: \"ApplyMapping\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"mapping\",\n\t\t\t\t\t\t\tValue: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"selectfields2\",\n\t\t\t\t\tNodeType: \"SelectFields\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"paths\",\n\t\t\t\t\t\t\tValue: \"[\\\"column1\\\"]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"resolvechoice3\",\n\t\t\t\t\tNodeType: \"ResolveChoice\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"choice\",\n\t\t\t\t\t\t\tValue: \"\\\"MATCH_CATALOG\\\"\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destination.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destinationAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"datasink4\",\n\t\t\t\t\tNodeType: \"DataSink\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destination.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destinationAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"pythonScript\", example.PythonScript)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.GlueFunctions;\nimport com.pulumi.aws.glue.inputs.GetScriptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GlueFunctions.getScript(GetScriptArgs.builder()\n .language(\"PYTHON\")\n .dagEdges( \n GetScriptDagEdgeArgs.builder()\n .source(\"datasource0\")\n .target(\"applymapping1\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"applymapping1\")\n .target(\"selectfields2\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"selectfields2\")\n .target(\"resolvechoice3\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"resolvechoice3\")\n .target(\"datasink4\")\n .build())\n .dagNodes( \n GetScriptDagNodeArgs.builder()\n .id(\"datasource0\")\n .nodeType(\"DataSource\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", source.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", sourceAwsGlueCatalogTable.name()))\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"applymapping1\")\n .nodeType(\"ApplyMapping\")\n .args(GetScriptDagNodeArgArgs.builder()\n .name(\"mapping\")\n .value(\"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\")\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"selectfields2\")\n .nodeType(\"SelectFields\")\n .args(GetScriptDagNodeArgArgs.builder()\n .name(\"paths\")\n .value(\"[\\\"column1\\\"]\")\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"resolvechoice3\")\n .nodeType(\"ResolveChoice\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"choice\")\n .value(\"\\\"MATCH_CATALOG\\\"\")\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", destination.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", destinationAwsGlueCatalogTable.name()))\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"datasink4\")\n .nodeType(\"DataSink\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", destination.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", destinationAwsGlueCatalogTable.name()))\n .build())\n .build())\n .build());\n\n ctx.export(\"pythonScript\", example.applyValue(getScriptResult -\u003e getScriptResult.pythonScript()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:glue:getScript\n Arguments:\n language: PYTHON\n dagEdges:\n - source: datasource0\n target: applymapping1\n - source: applymapping1\n target: selectfields2\n - source: selectfields2\n target: resolvechoice3\n - source: resolvechoice3\n target: datasink4\n dagNodes:\n - id: datasource0\n nodeType: DataSource\n args:\n - name: database\n value: '\"${source.name}\"'\n - name: table_name\n value: '\"${sourceAwsGlueCatalogTable.name}\"'\n - id: applymapping1\n nodeType: ApplyMapping\n args:\n - name: mapping\n value: '[(\"column1\", \"string\", \"column1\", \"string\")]'\n - id: selectfields2\n nodeType: SelectFields\n args:\n - name: paths\n value: '[\"column1\"]'\n - id: resolvechoice3\n nodeType: ResolveChoice\n args:\n - name: choice\n value: '\"MATCH_CATALOG\"'\n - name: database\n value: '\"${destination.name}\"'\n - name: table_name\n value: '\"${destinationAwsGlueCatalogTable.name}\"'\n - id: datasink4\n nodeType: DataSink\n args:\n - name: database\n value: '\"${destination.name}\"'\n - name: table_name\n value: '\"${destinationAwsGlueCatalogTable.name}\"'\noutputs:\n pythonScript: ${example.pythonScript}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Generate Scala Code\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.glue.getScript({\n language: \"SCALA\",\n dagEdges: [\n {\n source: \"datasource0\",\n target: \"applymapping1\",\n },\n {\n source: \"applymapping1\",\n target: \"selectfields2\",\n },\n {\n source: \"selectfields2\",\n target: \"resolvechoice3\",\n },\n {\n source: \"resolvechoice3\",\n target: \"datasink4\",\n },\n ],\n dagNodes: [\n {\n id: \"datasource0\",\n nodeType: \"DataSource\",\n args: [\n {\n name: \"database\",\n value: `\"${source.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${sourceAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n {\n id: \"applymapping1\",\n nodeType: \"ApplyMapping\",\n args: [{\n name: \"mappings\",\n value: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n },\n {\n id: \"selectfields2\",\n nodeType: \"SelectFields\",\n args: [{\n name: \"paths\",\n value: \"[\\\"column1\\\"]\",\n }],\n },\n {\n id: \"resolvechoice3\",\n nodeType: \"ResolveChoice\",\n args: [\n {\n name: \"choice\",\n value: \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n name: \"database\",\n value: `\"${destination.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${destinationAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n {\n id: \"datasink4\",\n nodeType: \"DataSink\",\n args: [\n {\n name: \"database\",\n value: `\"${destination.name}\"`,\n },\n {\n name: \"table_name\",\n value: `\"${destinationAwsGlueCatalogTable.name}\"`,\n },\n ],\n },\n ],\n});\nexport const scalaCode = example.then(example =\u003e example.scalaCode);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.get_script(language=\"SCALA\",\n dag_edges=[\n {\n \"source\": \"datasource0\",\n \"target\": \"applymapping1\",\n },\n {\n \"source\": \"applymapping1\",\n \"target\": \"selectfields2\",\n },\n {\n \"source\": \"selectfields2\",\n \"target\": \"resolvechoice3\",\n },\n {\n \"source\": \"resolvechoice3\",\n \"target\": \"datasink4\",\n },\n ],\n dag_nodes=[\n {\n \"id\": \"datasource0\",\n \"node_type\": \"DataSource\",\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{source['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{source_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n {\n \"id\": \"applymapping1\",\n \"node_type\": \"ApplyMapping\",\n \"args\": [{\n \"name\": \"mappings\",\n \"value\": \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n }],\n },\n {\n \"id\": \"selectfields2\",\n \"node_type\": \"SelectFields\",\n \"args\": [{\n \"name\": \"paths\",\n \"value\": \"[\\\"column1\\\"]\",\n }],\n },\n {\n \"id\": \"resolvechoice3\",\n \"node_type\": \"ResolveChoice\",\n \"args\": [\n {\n \"name\": \"choice\",\n \"value\": \"\\\"MATCH_CATALOG\\\"\",\n },\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{destination['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{destination_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n {\n \"id\": \"datasink4\",\n \"node_type\": \"DataSink\",\n \"args\": [\n {\n \"name\": \"database\",\n \"value\": f\"\\\"{destination['name']}\\\"\",\n },\n {\n \"name\": \"table_name\",\n \"value\": f\"\\\"{destination_aws_glue_catalog_table['name']}\\\"\",\n },\n ],\n },\n ])\npulumi.export(\"scalaCode\", example.scala_code)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Glue.GetScript.Invoke(new()\n {\n Language = \"SCALA\",\n DagEdges = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"datasource0\",\n Target = \"applymapping1\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"applymapping1\",\n Target = \"selectfields2\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"selectfields2\",\n Target = \"resolvechoice3\",\n },\n new Aws.Glue.Inputs.GetScriptDagEdgeInputArgs\n {\n Source = \"resolvechoice3\",\n Target = \"datasink4\",\n },\n },\n DagNodes = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"datasource0\",\n NodeType = \"DataSource\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{source.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{sourceAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"applymapping1\",\n NodeType = \"ApplyMapping\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"mappings\",\n Value = \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"selectfields2\",\n NodeType = \"SelectFields\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"paths\",\n Value = \"[\\\"column1\\\"]\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"resolvechoice3\",\n NodeType = \"ResolveChoice\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"choice\",\n Value = \"\\\"MATCH_CATALOG\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{destinationAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n new Aws.Glue.Inputs.GetScriptDagNodeInputArgs\n {\n Id = \"datasink4\",\n NodeType = \"DataSink\",\n Args = new[]\n {\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"database\",\n Value = $\"\\\"{destination.Name}\\\"\",\n },\n new Aws.Glue.Inputs.GetScriptDagNodeArgInputArgs\n {\n Name = \"table_name\",\n Value = $\"\\\"{destinationAwsGlueCatalogTable.Name}\\\"\",\n },\n },\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"scalaCode\"] = example.Apply(getScriptResult =\u003e getScriptResult.ScalaCode),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := glue.GetScript(ctx, \u0026glue.GetScriptArgs{\n\t\t\tLanguage: pulumi.StringRef(\"SCALA\"),\n\t\t\tDagEdges: []glue.GetScriptDagEdge{\n\t\t\t\t{\n\t\t\t\t\tSource: \"datasource0\",\n\t\t\t\t\tTarget: \"applymapping1\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"applymapping1\",\n\t\t\t\t\tTarget: \"selectfields2\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"selectfields2\",\n\t\t\t\t\tTarget: \"resolvechoice3\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSource: \"resolvechoice3\",\n\t\t\t\t\tTarget: \"datasink4\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tDagNodes: []glue.GetScriptDagNode{\n\t\t\t\t{\n\t\t\t\t\tId: \"datasource0\",\n\t\t\t\t\tNodeType: \"DataSource\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", source.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", sourceAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"applymapping1\",\n\t\t\t\t\tNodeType: \"ApplyMapping\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"mappings\",\n\t\t\t\t\t\t\tValue: \"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"selectfields2\",\n\t\t\t\t\tNodeType: \"SelectFields\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"paths\",\n\t\t\t\t\t\t\tValue: \"[\\\"column1\\\"]\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"resolvechoice3\",\n\t\t\t\t\tNodeType: \"ResolveChoice\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"choice\",\n\t\t\t\t\t\t\tValue: \"\\\"MATCH_CATALOG\\\"\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destination.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destinationAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"datasink4\",\n\t\t\t\t\tNodeType: \"DataSink\",\n\t\t\t\t\tArgs: []glue.GetScriptDagNodeArg{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"database\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destination.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tName: \"table_name\",\n\t\t\t\t\t\t\tValue: fmt.Sprintf(\"\\\"%v\\\"\", destinationAwsGlueCatalogTable.Name),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"scalaCode\", example.ScalaCode)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.GlueFunctions;\nimport com.pulumi.aws.glue.inputs.GetScriptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GlueFunctions.getScript(GetScriptArgs.builder()\n .language(\"SCALA\")\n .dagEdges( \n GetScriptDagEdgeArgs.builder()\n .source(\"datasource0\")\n .target(\"applymapping1\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"applymapping1\")\n .target(\"selectfields2\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"selectfields2\")\n .target(\"resolvechoice3\")\n .build(),\n GetScriptDagEdgeArgs.builder()\n .source(\"resolvechoice3\")\n .target(\"datasink4\")\n .build())\n .dagNodes( \n GetScriptDagNodeArgs.builder()\n .id(\"datasource0\")\n .nodeType(\"DataSource\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", source.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", sourceAwsGlueCatalogTable.name()))\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"applymapping1\")\n .nodeType(\"ApplyMapping\")\n .args(GetScriptDagNodeArgArgs.builder()\n .name(\"mappings\")\n .value(\"[(\\\"column1\\\", \\\"string\\\", \\\"column1\\\", \\\"string\\\")]\")\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"selectfields2\")\n .nodeType(\"SelectFields\")\n .args(GetScriptDagNodeArgArgs.builder()\n .name(\"paths\")\n .value(\"[\\\"column1\\\"]\")\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"resolvechoice3\")\n .nodeType(\"ResolveChoice\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"choice\")\n .value(\"\\\"MATCH_CATALOG\\\"\")\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", destination.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", destinationAwsGlueCatalogTable.name()))\n .build())\n .build(),\n GetScriptDagNodeArgs.builder()\n .id(\"datasink4\")\n .nodeType(\"DataSink\")\n .args( \n GetScriptDagNodeArgArgs.builder()\n .name(\"database\")\n .value(String.format(\"\\\"%s\\\"\", destination.name()))\n .build(),\n GetScriptDagNodeArgArgs.builder()\n .name(\"table_name\")\n .value(String.format(\"\\\"%s\\\"\", destinationAwsGlueCatalogTable.name()))\n .build())\n .build())\n .build());\n\n ctx.export(\"scalaCode\", example.applyValue(getScriptResult -\u003e getScriptResult.scalaCode()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:glue:getScript\n Arguments:\n language: SCALA\n dagEdges:\n - source: datasource0\n target: applymapping1\n - source: applymapping1\n target: selectfields2\n - source: selectfields2\n target: resolvechoice3\n - source: resolvechoice3\n target: datasink4\n dagNodes:\n - id: datasource0\n nodeType: DataSource\n args:\n - name: database\n value: '\"${source.name}\"'\n - name: table_name\n value: '\"${sourceAwsGlueCatalogTable.name}\"'\n - id: applymapping1\n nodeType: ApplyMapping\n args:\n - name: mappings\n value: '[(\"column1\", \"string\", \"column1\", \"string\")]'\n - id: selectfields2\n nodeType: SelectFields\n args:\n - name: paths\n value: '[\"column1\"]'\n - id: resolvechoice3\n nodeType: ResolveChoice\n args:\n - name: choice\n value: '\"MATCH_CATALOG\"'\n - name: database\n value: '\"${destination.name}\"'\n - name: table_name\n value: '\"${destinationAwsGlueCatalogTable.name}\"'\n - id: datasink4\n nodeType: DataSink\n args:\n - name: database\n value: '\"${destination.name}\"'\n - name: table_name\n value: '\"${destinationAwsGlueCatalogTable.name}\"'\noutputs:\n scalaCode: ${example.scalaCode}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getScript.\n", "properties": { "dagEdges": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagEdge:getScriptDagEdge" }, "description": "List of the edges in the DAG. Defined below.\n" }, "dagNodes": { "type": "array", "items": { "$ref": "#/types/aws:glue/getScriptDagNode:getScriptDagNode" }, "description": "List of the nodes in the DAG. Defined below.\n" }, "language": { "type": "string", "description": "Programming language of the resulting code from the DAG. Defaults to `PYTHON`. Valid values are `PYTHON` and `SCALA`.\n" } }, "type": "object", "required": [ "dagEdges", "dagNodes" ] }, "outputs": { "description": "A collection of values returned by getScript.\n", "properties": { "dagEdges": { "items": { "$ref": "#/types/aws:glue/getScriptDagEdge:getScriptDagEdge" }, "type": "array" }, "dagNodes": { "items": { "$ref": "#/types/aws:glue/getScriptDagNode:getScriptDagNode" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "language": { "type": "string" }, "pythonScript": { "description": "Python script generated from the DAG when the `language` argument is set to `PYTHON`.\n", "type": "string" }, "scalaCode": { "description": "Scala code generated from the DAG when the `language` argument is set to `SCALA`.\n", "type": "string" } }, "required": [ "dagEdges", "dagNodes", "pythonScript", "scalaCode", "id" ], "type": "object" } }, "aws:grafana/getWorkspace:getWorkspace": { "description": "Provides an Amazon Managed Grafana workspace data source.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.grafana.getWorkspace({\n workspaceId: \"g-2054c75a02\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.grafana.get_workspace(workspace_id=\"g-2054c75a02\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Grafana.GetWorkspace.Invoke(new()\n {\n WorkspaceId = \"g-2054c75a02\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := grafana.LookupWorkspace(ctx, \u0026grafana.LookupWorkspaceArgs{\n\t\t\tWorkspaceId: \"g-2054c75a02\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.grafana.GrafanaFunctions;\nimport com.pulumi.aws.grafana.inputs.GetWorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GrafanaFunctions.getWorkspace(GetWorkspaceArgs.builder()\n .workspaceId(\"g-2054c75a02\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:grafana:getWorkspace\n Arguments:\n workspaceId: g-2054c75a02\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkspace.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n" }, "workspaceId": { "type": "string", "description": "Grafana workspace ID.\n" } }, "type": "object", "required": [ "workspaceId" ] }, "outputs": { "description": "A collection of values returned by getWorkspace.\n", "properties": { "accountAccessType": { "description": "(Required) Type of account access for the workspace. Valid values are `CURRENT_ACCOUNT` and `ORGANIZATION`. If `ORGANIZATION` is specified, then `organizational_units` must also be present.\n", "type": "string" }, "arn": { "description": "ARN of the Grafana workspace.\n", "type": "string" }, "authenticationProviders": { "description": "(Required) Authentication providers for the workspace. Valid values are `AWS_SSO`, `SAML`, or both.\n", "items": { "type": "string" }, "type": "array" }, "createdDate": { "description": "Creation date of the Grafana workspace.\n", "type": "string" }, "dataSources": { "description": "Data sources for the workspace.\n", "items": { "type": "string" }, "type": "array" }, "description": { "description": "Workspace description.\n", "type": "string" }, "endpoint": { "description": "Endpoint of the Grafana workspace.\n", "type": "string" }, "grafanaVersion": { "description": "Version of Grafana running on the workspace.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Last updated date of the Grafana workspace.\n", "type": "string" }, "name": { "description": "Grafana workspace name.\n", "type": "string" }, "notificationDestinations": { "description": "The notification destinations.\n", "items": { "type": "string" }, "type": "array" }, "organizationRoleName": { "description": "The role name that the workspace uses to access resources through Amazon Organizations.\n", "type": "string" }, "organizationalUnits": { "description": "The Amazon Organizations organizational units that the workspace is authorized to use data sources from.\n", "items": { "type": "string" }, "type": "array" }, "permissionType": { "description": "Permission type of the workspace.\n", "type": "string" }, "roleArn": { "description": "IAM role ARN that the workspace assumes.\n", "type": "string" }, "samlConfigurationStatus": { "type": "string" }, "stackSetName": { "description": "AWS CloudFormation stack set name that provisions IAM roles to be used by the workspace.\n", "type": "string" }, "status": { "description": "Status of the Grafana workspace.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the resource\n", "type": "object" }, "workspaceId": { "type": "string" } }, "required": [ "accountAccessType", "arn", "authenticationProviders", "createdDate", "dataSources", "description", "endpoint", "grafanaVersion", "lastUpdatedDate", "name", "notificationDestinations", "organizationRoleName", "organizationalUnits", "permissionType", "roleArn", "samlConfigurationStatus", "stackSetName", "status", "tags", "workspaceId", "id" ], "type": "object" } }, "aws:guardduty/getDetector:getDetector": { "description": "Retrieve information about a GuardDuty detector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.guardduty.getDetector({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.get_detector()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GuardDuty.GetDetector.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := guardduty.LookupDetector(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.GuarddutyFunctions;\nimport com.pulumi.aws.guardduty.inputs.GetDetectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GuarddutyFunctions.getDetector();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:guardduty:getDetector\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDetector.\n", "properties": { "id": { "type": "string", "description": "ID of the detector.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDetector.\n", "properties": { "features": { "description": "Current configuration of the detector features.\n", "items": { "$ref": "#/types/aws:guardduty/getDetectorFeature:getDetectorFeature" }, "type": "array" }, "findingPublishingFrequency": { "description": "The frequency of notifications sent about subsequent finding occurrences.\n", "type": "string" }, "id": { "type": "string" }, "serviceRoleArn": { "description": "Service-linked role that grants GuardDuty access to the resources in the AWS account.\n", "type": "string" }, "status": { "description": "Current status of the detector.\n", "type": "string" } }, "required": [ "features", "findingPublishingFrequency", "id", "serviceRoleArn", "status" ], "type": "object" } }, "aws:guardduty/getFindingIds:getFindingIds": { "description": "Data source for managing an AWS GuardDuty Finding Ids.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.guardduty.getFindingIds({\n detectorId: exampleAwsGuarddutyDetector.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.guardduty.get_finding_ids(detector_id=example_aws_guardduty_detector[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GuardDuty.GetFindingIds.Invoke(new()\n {\n DetectorId = exampleAwsGuarddutyDetector.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := guardduty.GetFindingIds(ctx, \u0026guardduty.GetFindingIdsArgs{\n\t\t\tDetectorId: exampleAwsGuarddutyDetector.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.GuarddutyFunctions;\nimport com.pulumi.aws.guardduty.inputs.GetFindingIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = GuarddutyFunctions.getFindingIds(GetFindingIdsArgs.builder()\n .detectorId(exampleAwsGuarddutyDetector.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:guardduty:getFindingIds\n Arguments:\n detectorId: ${exampleAwsGuarddutyDetector.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFindingIds.\n", "properties": { "detectorId": { "type": "string", "description": "ID of the GuardDuty detector.\n" } }, "type": "object", "required": [ "detectorId" ] }, "outputs": { "description": "A collection of values returned by getFindingIds.\n", "properties": { "detectorId": { "type": "string" }, "findingIds": { "description": "A list of finding IDs for the specified detector.\n", "items": { "type": "string" }, "type": "array" }, "hasFindings": { "description": "Indicates whether findings are present for the specified detector.\n", "type": "boolean" }, "id": { "type": "string" } }, "required": [ "detectorId", "findingIds", "hasFindings", "id" ], "type": "object" } }, "aws:iam/getAccessKeys:getAccessKeys": { "description": "This data source can be used to fetch information about IAM access keys of a\nspecific IAM user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getAccessKeys({\n user: \"an_example_user_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_access_keys(user=\"an_example_user_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetAccessKeys.Invoke(new()\n {\n User = \"an_example_user_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetAccessKeys(ctx, \u0026iam.GetAccessKeysArgs{\n\t\t\tUser: \"an_example_user_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetAccessKeysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getAccessKeys(GetAccessKeysArgs.builder()\n .user(\"an_example_user_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getAccessKeys\n Arguments:\n user: an_example_user_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccessKeys.\n", "properties": { "user": { "type": "string", "description": "Name of the IAM user associated with the access keys.\n" } }, "type": "object", "required": [ "user" ] }, "outputs": { "description": "A collection of values returned by getAccessKeys.\n", "properties": { "accessKeys": { "description": "List of the IAM access keys associated with the specified user. See below.\n", "items": { "$ref": "#/types/aws:iam/getAccessKeysAccessKey:getAccessKeysAccessKey" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "user": { "type": "string" } }, "required": [ "accessKeys", "user", "id" ], "type": "object" } }, "aws:iam/getAccountAlias:getAccountAlias": { "description": "The IAM Account Alias data source allows access to the account alias\nfor the effective account in which this provider is working.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.iam.getAccountAlias({});\nexport const accountAlias = current.then(current =\u003e current.accountAlias);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.iam.get_account_alias()\npulumi.export(\"accountAlias\", current.account_alias)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.Iam.GetAccountAlias.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"accountAlias\"] = current.Apply(getAccountAliasResult =\u003e getAccountAliasResult.AccountAlias),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := iam.LookupAccountAlias(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"accountAlias\", current.AccountAlias)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = IamFunctions.getAccountAlias();\n\n ctx.export(\"accountAlias\", current.applyValue(getAccountAliasResult -\u003e getAccountAliasResult.accountAlias()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:iam:getAccountAlias\n Arguments: {}\noutputs:\n accountAlias: ${current.accountAlias}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getAccountAlias.\n", "properties": { "accountAlias": { "description": "Alias associated with the AWS account.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "accountAlias", "id" ], "type": "object" } }, "aws:iam/getGroup:getGroup": { "description": "This data source can be used to fetch information about a specific\nIAM group. By using this data source, you can reference IAM group\nproperties without having to hard code ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getGroup({\n groupName: \"an_example_group_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_group(group_name=\"an_example_group_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetGroup.Invoke(new()\n {\n GroupName = \"an_example_group_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupGroup(ctx, \u0026iam.LookupGroupArgs{\n\t\t\tGroupName: \"an_example_group_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getGroup(GetGroupArgs.builder()\n .groupName(\"an_example_group_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getGroup\n Arguments:\n groupName: an_example_group_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "groupName": { "type": "string", "description": "Friendly IAM group name to match.\n" } }, "type": "object", "required": [ "groupName" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "arn": { "description": "User ARN.\n", "type": "string" }, "groupId": { "description": "Stable and unique string identifying the group.\n", "type": "string" }, "groupName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "path": { "description": "Path to the IAM user.\n", "type": "string" }, "users": { "description": "List of objects containing group member information. See below.\n", "items": { "$ref": "#/types/aws:iam/getGroupUser:getGroupUser" }, "type": "array" } }, "required": [ "arn", "groupId", "groupName", "path", "users", "id" ], "type": "object" } }, "aws:iam/getInstanceProfile:getInstanceProfile": { "description": "This data source can be used to fetch information about a specific\nIAM instance profile. By using this data source, you can reference IAM\ninstance profile properties without having to hard code ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getInstanceProfile({\n name: \"an_example_instance_profile_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_instance_profile(name=\"an_example_instance_profile_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetInstanceProfile.Invoke(new()\n {\n Name = \"an_example_instance_profile_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupInstanceProfile(ctx, \u0026iam.LookupInstanceProfileArgs{\n\t\t\tName: \"an_example_instance_profile_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetInstanceProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getInstanceProfile(GetInstanceProfileArgs.builder()\n .name(\"an_example_instance_profile_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getInstanceProfile\n Arguments:\n name: an_example_instance_profile_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceProfile.\n", "properties": { "name": { "type": "string", "description": "Friendly IAM instance profile name to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getInstanceProfile.\n", "properties": { "arn": { "description": "ARN.\n", "type": "string" }, "createDate": { "description": "String representation of the date the instance profile was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "path": { "description": "Path to the instance profile.\n", "type": "string" }, "roleArn": { "description": "Role ARN associated with this instance profile.\n", "type": "string" }, "roleId": { "description": "Role ID associated with this instance profile.\n", "type": "string" }, "roleName": { "description": "Role name associated with this instance profile.\n", "type": "string" } }, "required": [ "arn", "createDate", "name", "path", "roleArn", "roleId", "roleName", "id" ], "type": "object" } }, "aws:iam/getInstanceProfiles:getInstanceProfiles": { "description": "This data source can be used to fetch information about all\nIAM instance profiles under a role. By using this data source, you can reference IAM\ninstance profile properties without having to hard code ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getInstanceProfiles({\n roleName: \"an_example_iam_role_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_instance_profiles(role_name=\"an_example_iam_role_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetInstanceProfiles.Invoke(new()\n {\n RoleName = \"an_example_iam_role_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetInstanceProfiles(ctx, \u0026iam.GetInstanceProfilesArgs{\n\t\t\tRoleName: \"an_example_iam_role_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetInstanceProfilesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getInstanceProfiles(GetInstanceProfilesArgs.builder()\n .roleName(\"an_example_iam_role_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getInstanceProfiles\n Arguments:\n roleName: an_example_iam_role_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceProfiles.\n", "properties": { "roleName": { "type": "string", "description": "IAM role name.\n" } }, "type": "object", "required": [ "roleName" ] }, "outputs": { "description": "A collection of values returned by getInstanceProfiles.\n", "properties": { "arns": { "description": "Set of ARNs of instance profiles.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of IAM instance profile names.\n", "items": { "type": "string" }, "type": "array" }, "paths": { "description": "Set of IAM instance profile paths.\n", "items": { "type": "string" }, "type": "array" }, "roleName": { "type": "string" } }, "required": [ "arns", "names", "paths", "roleName", "id" ], "type": "object" } }, "aws:iam/getOpenIdConnectProvider:getOpenIdConnectProvider": { "description": "This data source can be used to fetch information about a specific\nIAM OpenID Connect provider. By using this data source, you can retrieve the\nthe resource information by either its `arn` or `url`.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getOpenIdConnectProvider({\n arn: \"arn:aws:iam::123456789012:oidc-provider/accounts.google.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_open_id_connect_provider(arn=\"arn:aws:iam::123456789012:oidc-provider/accounts.google.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetOpenIdConnectProvider.Invoke(new()\n {\n Arn = \"arn:aws:iam::123456789012:oidc-provider/accounts.google.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupOpenIdConnectProvider(ctx, \u0026iam.LookupOpenIdConnectProviderArgs{\n\t\t\tArn: pulumi.StringRef(\"arn:aws:iam::123456789012:oidc-provider/accounts.google.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetOpenIdConnectProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getOpenIdConnectProvider(GetOpenIdConnectProviderArgs.builder()\n .arn(\"arn:aws:iam::123456789012:oidc-provider/accounts.google.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getOpenIdConnectProvider\n Arguments:\n arn: arn:aws:iam::123456789012:oidc-provider/accounts.google.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getOpenIdConnectProvider({\n url: \"https://accounts.google.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_open_id_connect_provider(url=\"https://accounts.google.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetOpenIdConnectProvider.Invoke(new()\n {\n Url = \"https://accounts.google.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupOpenIdConnectProvider(ctx, \u0026iam.LookupOpenIdConnectProviderArgs{\n\t\t\tUrl: pulumi.StringRef(\"https://accounts.google.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetOpenIdConnectProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getOpenIdConnectProvider(GetOpenIdConnectProviderArgs.builder()\n .url(\"https://accounts.google.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getOpenIdConnectProvider\n Arguments:\n url: https://accounts.google.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOpenIdConnectProvider.\n", "properties": { "arn": { "type": "string", "description": "ARN of the OpenID Connect provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM OIDC provider.\n" }, "url": { "type": "string", "description": "URL of the OpenID Connect provider.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOpenIdConnectProvider.\n", "properties": { "arn": { "type": "string" }, "clientIdLists": { "description": "List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of resource tags for the IAM OIDC provider.\n", "type": "object" }, "thumbprintLists": { "description": "List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).\n", "items": { "type": "string" }, "type": "array" }, "url": { "type": "string" } }, "required": [ "arn", "clientIdLists", "tags", "thumbprintLists", "url", "id" ], "type": "object" } }, "aws:iam/getPolicy:getPolicy": { "description": "This data source can be used to fetch information about a specific\nIAM policy.\n\n## Example Usage\n\n### By ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicy({\n arn: \"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(arn=\"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Arn = \"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tArn: pulumi.StringRef(\"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .arn(\"arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n arn: arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicy({\n name: \"test_policy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(name=\"test_policy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Name = \"test_policy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"test_policy\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .name(\"test_policy\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n name: test_policy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPolicy.\n", "properties": { "arn": { "type": "string", "description": "ARN of the IAM policy.\nConflicts with `name` and `path_prefix`.\n" }, "name": { "type": "string", "description": "Name of the IAM policy.\nConflicts with `arn`.\n" }, "pathPrefix": { "type": "string", "description": "Prefix of the path to the IAM policy.\nDefaults to a slash (`/`).\nConflicts with `arn`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM Policy.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPolicy.\n", "properties": { "arn": { "description": "ARN of the policy.\n", "type": "string" }, "attachmentCount": { "description": "Number of entities (users, groups, and roles) that the policy is attached to.\n", "type": "integer" }, "description": { "description": "Description of the policy.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "path": { "description": "Path to the policy.\n", "type": "string" }, "pathPrefix": { "type": "string" }, "policy": { "description": "Policy document of the policy.\n", "type": "string" }, "policyId": { "description": "Policy's ID.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of tags for the IAM Policy.\n", "type": "object" } }, "required": [ "arn", "attachmentCount", "description", "name", "path", "policy", "policyId", "tags", "id" ], "type": "object" } }, "aws:iam/getPolicyDocument:getPolicyDocument": { "description": "Generates an IAM policy document in JSON format for use with resources that expect policy documents such as `aws.iam.Policy`.\n\nUsing this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"1\",\n actions: [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n resources: [\"arn:aws:s3:::*\"],\n },\n {\n actions: [\"s3:ListBucket\"],\n resources: [`arn:aws:s3:::${s3BucketName}`],\n conditions: [{\n test: \"StringLike\",\n variable: \"s3:prefix\",\n values: [\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n ],\n }],\n },\n {\n actions: [\"s3:*\"],\n resources: [\n `arn:aws:s3:::${s3BucketName}/home/\u0026{aws:username}`,\n `arn:aws:s3:::${s3BucketName}/home/\u0026{aws:username}/*`,\n ],\n },\n ],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"example_policy\",\n path: \"/\",\n policy: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"1\",\n \"actions\": [\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n ],\n \"resources\": [\"arn:aws:s3:::*\"],\n },\n {\n \"actions\": [\"s3:ListBucket\"],\n \"resources\": [f\"arn:aws:s3:::{s3_bucket_name}\"],\n \"conditions\": [{\n \"test\": \"StringLike\",\n \"variable\": \"s3:prefix\",\n \"values\": [\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n ],\n }],\n },\n {\n \"actions\": [\"s3:*\"],\n \"resources\": [\n f\"arn:aws:s3:::{s3_bucket_name}/home/\u0026{{aws:username}}\",\n f\"arn:aws:s3:::{s3_bucket_name}/home/\u0026{{aws:username}}/*\",\n ],\n },\n])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"example_policy\",\n path=\"/\",\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"1\",\n Actions = new[]\n {\n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n $\"arn:aws:s3:::{s3BucketName}\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringLike\",\n Variable = \"s3:prefix\",\n Values = new[]\n {\n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:s3:::{s3BucketName}/home/\u0026{{aws:username}}\",\n $\"arn:aws:s3:::{s3BucketName}/home/\u0026{{aws:username}}/*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"example_policy\",\n Path = \"/\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"1\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListAllMyBuckets\",\n\t\t\t\t\t\t\"s3:GetBucketLocation\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:s3:::*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:s3:::%v\", s3BucketName),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"StringLike\",\n\t\t\t\t\t\t\tVariable: \"s3:prefix\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"\",\n\t\t\t\t\t\t\t\t\"home/\",\n\t\t\t\t\t\t\t\t\"home/\u0026{aws:username}/\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:s3:::%v/home/\u0026{aws:username}\", s3BucketName),\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:s3:::%v/home/\u0026{aws:username}/*\", s3BucketName),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"example_policy\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"1\")\n .actions( \n \"s3:ListAllMyBuckets\",\n \"s3:GetBucketLocation\")\n .resources(\"arn:aws:s3:::*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:ListBucket\")\n .resources(String.format(\"arn:aws:s3:::%s\", s3BucketName))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringLike\")\n .variable(\"s3:prefix\")\n .values( \n \"\",\n \"home/\",\n \"home/\u0026{aws:username}/\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:*\")\n .resources( \n String.format(\"arn:aws:s3:::%s/home/\u0026{{aws:username}}\", s3BucketName),\n String.format(\"arn:aws:s3:::%s/home/\u0026{{aws:username}}/*\", s3BucketName))\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder()\n .name(\"example_policy\")\n .path(\"/\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: example_policy\n path: /\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: '1'\n actions:\n - s3:ListAllMyBuckets\n - s3:GetBucketLocation\n resources:\n - arn:aws:s3:::*\n - actions:\n - s3:ListBucket\n resources:\n - arn:aws:s3:::${s3BucketName}\n conditions:\n - test: StringLike\n variable: s3:prefix\n values:\n -\n - home/\n - home/\u0026{aws:username}/\n - actions:\n - s3:*\n resources:\n - arn:aws:s3:::${s3BucketName}/home/\u0026{aws:username}\n - arn:aws:s3:::${s3BucketName}/home/\u0026{aws:username}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Multiple Condition Keys and Values\n\nYou can specify a [condition with multiple keys and values](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_multi-value-conditions.html) by supplying multiple `condition` blocks with the same `test` value, but differing `variable` and `values` values.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleMultipleConditionKeysAndValues = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"kms:Decrypt\",\n \"kms:GenerateDataKey\",\n ],\n resources: [\"*\"],\n conditions: [\n {\n test: \"ForAnyValue:StringEquals\",\n variable: \"kms:EncryptionContext:service\",\n values: [\"pi\"],\n },\n {\n test: \"ForAnyValue:StringEquals\",\n variable: \"kms:EncryptionContext:aws:pi:service\",\n values: [\"rds\"],\n },\n {\n test: \"ForAnyValue:StringEquals\",\n variable: \"kms:EncryptionContext:aws:rds:db-id\",\n values: [\n \"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n \"db-EEEEEDDDDDCCCCCBBBBBAAAAA\",\n ],\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_multiple_condition_keys_and_values = aws.iam.get_policy_document(statements=[{\n \"actions\": [\n \"kms:Decrypt\",\n \"kms:GenerateDataKey\",\n ],\n \"resources\": [\"*\"],\n \"conditions\": [\n {\n \"test\": \"ForAnyValue:StringEquals\",\n \"variable\": \"kms:EncryptionContext:service\",\n \"values\": [\"pi\"],\n },\n {\n \"test\": \"ForAnyValue:StringEquals\",\n \"variable\": \"kms:EncryptionContext:aws:pi:service\",\n \"values\": [\"rds\"],\n },\n {\n \"test\": \"ForAnyValue:StringEquals\",\n \"variable\": \"kms:EncryptionContext:aws:rds:db-id\",\n \"values\": [\n \"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n \"db-EEEEEDDDDDCCCCCBBBBBAAAAA\",\n ],\n },\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleMultipleConditionKeysAndValues = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"kms:Decrypt\",\n \"kms:GenerateDataKey\",\n },\n Resources = new[]\n {\n \"*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ForAnyValue:StringEquals\",\n Variable = \"kms:EncryptionContext:service\",\n Values = new[]\n {\n \"pi\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ForAnyValue:StringEquals\",\n Variable = \"kms:EncryptionContext:aws:pi:service\",\n Values = new[]\n {\n \"rds\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ForAnyValue:StringEquals\",\n Variable = \"kms:EncryptionContext:aws:rds:db-id\",\n Values = new[]\n {\n \"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n \"db-EEEEEDDDDDCCCCCBBBBBAAAAA\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:Decrypt\",\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"ForAnyValue:StringEquals\",\n\t\t\t\t\t\t\tVariable: \"kms:EncryptionContext:service\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"pi\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"ForAnyValue:StringEquals\",\n\t\t\t\t\t\t\tVariable: \"kms:EncryptionContext:aws:pi:service\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"rds\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"ForAnyValue:StringEquals\",\n\t\t\t\t\t\t\tVariable: \"kms:EncryptionContext:aws:rds:db-id\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n\t\t\t\t\t\t\t\t\"db-EEEEEDDDDDCCCCCBBBBBAAAAA\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleMultipleConditionKeysAndValues = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"kms:Decrypt\",\n \"kms:GenerateDataKey\")\n .resources(\"*\")\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ForAnyValue:StringEquals\")\n .variable(\"kms:EncryptionContext:service\")\n .values(\"pi\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ForAnyValue:StringEquals\")\n .variable(\"kms:EncryptionContext:aws:pi:service\")\n .values(\"rds\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ForAnyValue:StringEquals\")\n .variable(\"kms:EncryptionContext:aws:rds:db-id\")\n .values( \n \"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n \"db-EEEEEDDDDDCCCCCBBBBBAAAAA\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n exampleMultipleConditionKeysAndValues:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - kms:Decrypt\n - kms:GenerateDataKey\n resources:\n - '*'\n conditions:\n - test: ForAnyValue:StringEquals\n variable: kms:EncryptionContext:service\n values:\n - pi\n - test: ForAnyValue:StringEquals\n variable: kms:EncryptionContext:aws:pi:service\n values:\n - rds\n - test: ForAnyValue:StringEquals\n variable: kms:EncryptionContext:aws:rds:db-id\n values:\n - db-AAAAABBBBBCCCCCDDDDDEEEEE\n - db-EEEEEDDDDDCCCCCBBBBBAAAAA\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.example_multiple_condition_keys_and_values.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:GenerateDataKey\",\n \"kms:Decrypt\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"ForAnyValue:StringEquals\": {\n \"kms:EncryptionContext:aws:pi:service\": \"rds\",\n \"kms:EncryptionContext:aws:rds:db-id\": [\n \"db-AAAAABBBBBCCCCCDDDDDEEEEE\",\n \"db-EEEEEDDDDDCCCCCBBBBBAAAAA\"\n ],\n \"kms:EncryptionContext:service\": \"pi\"\n }\n }\n }\n ]\n}\n```\n\n### Example Assume-Role Policy with Multiple Principals\n\nYou can specify multiple principal blocks with different types. You can also use this data source to generate an assume-role policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst eventStreamBucketRoleAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [\n {\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n },\n {\n type: \"AWS\",\n identifiers: [trustedRoleArn],\n },\n {\n type: \"Federated\",\n identifiers: [\n `arn:aws:iam::${accountId}:saml-provider/${providerName}`,\n \"cognito-identity.amazonaws.com\",\n ],\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nevent_stream_bucket_role_assume_role_policy = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [\n {\n \"type\": \"Service\",\n \"identifiers\": [\"firehose.amazonaws.com\"],\n },\n {\n \"type\": \"AWS\",\n \"identifiers\": [trusted_role_arn],\n },\n {\n \"type\": \"Federated\",\n \"identifiers\": [\n f\"arn:aws:iam::{account_id}:saml-provider/{provider_name}\",\n \"cognito-identity.amazonaws.com\",\n ],\n },\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var eventStreamBucketRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n trustedRoleArn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Federated\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{accountId}:saml-provider/{providerName}\",\n \"cognito-identity.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"sts:AssumeRole\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"firehose.amazonaws.com\",\n},\n},\n{\nType: \"AWS\",\nIdentifiers: interface{}{\ntrustedRoleArn,\n},\n},\n{\nType: \"Federated\",\nIdentifiers: []string{\nfmt.Sprintf(\"arn:aws:iam::%v:saml-provider/%v\", accountId, providerName),\n\"cognito-identity.amazonaws.com\",\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var eventStreamBucketRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals( \n GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build(),\n GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(trustedRoleArn)\n .build(),\n GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Federated\")\n .identifiers( \n String.format(\"arn:aws:iam::%s:saml-provider/%s\", accountId,providerName),\n \"cognito-identity.amazonaws.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n eventStreamBucketRoleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n - type: AWS\n identifiers:\n - ${trustedRoleArn}\n - type: Federated\n identifiers:\n - arn:aws:iam::${accountId}:saml-provider/${providerName}\n - cognito-identity.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Using A Source Document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst source = aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n sid: \"SidToOverride\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n },\n ],\n});\nconst sourceDocumentExample = source.then(source =\u003e aws.iam.getPolicyDocument({\n sourcePolicyDocuments: [source.json],\n statements: [{\n sid: \"SidToOverride\",\n actions: [\"s3:*\"],\n resources: [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n }],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsource = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"sid\": \"SidToOverride\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n },\n])\nsource_document_example = aws.iam.get_policy_document(source_policy_documents=[source.json],\n statements=[{\n \"sid\": \"SidToOverride\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var source = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SidToOverride\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var sourceDocumentExample = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n SourcePolicyDocuments = new[]\n {\n source.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SidToOverride\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nsource, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"ec2:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nSid: pulumi.StringRef(\"SidToOverride\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nSourcePolicyDocuments: interface{}{\nsource.Json,\n},\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"SidToOverride\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"arn:aws:s3:::somebucket\",\n\"arn:aws:s3:::somebucket/*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var source = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:*\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"SidToOverride\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var sourceDocumentExample = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .sourcePolicyDocuments(source.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"SidToOverride\")\n .actions(\"s3:*\")\n .resources( \n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n source:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - ec2:*\n resources:\n - '*'\n - sid: SidToOverride\n actions:\n - s3:*\n resources:\n - '*'\n sourceDocumentExample:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n sourcePolicyDocuments:\n - ${source.json}\n statements:\n - sid: SidToOverride\n actions:\n - s3:*\n resources:\n - arn:aws:s3:::somebucket\n - arn:aws:s3:::somebucket/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.source_document_example.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"SidToOverride\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:*\",\n \"Resource\": [\n \"arn:aws:s3:::somebucket/*\",\n \"arn:aws:s3:::somebucket\"\n ]\n }\n ]\n}\n```\n\n### Example Using An Override Document\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst override = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"SidToOverride\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n }],\n});\nconst overridePolicyDocumentExample = override.then(override =\u003e aws.iam.getPolicyDocument({\n overridePolicyDocuments: [override.json],\n statements: [\n {\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n sid: \"SidToOverride\",\n actions: [\"s3:*\"],\n resources: [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n },\n ],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noverride = aws.iam.get_policy_document(statements=[{\n \"sid\": \"SidToOverride\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n}])\noverride_policy_document_example = aws.iam.get_policy_document(override_policy_documents=[override.json],\n statements=[\n {\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"sid\": \"SidToOverride\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n ],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @override = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SidToOverride\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var overridePolicyDocumentExample = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n OverridePolicyDocuments = new[]\n {\n @override.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"SidToOverride\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\noverride, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"SidToOverride\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nOverridePolicyDocuments: interface{}{\noverride.Json,\n},\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"ec2:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nSid: pulumi.StringRef(\"SidToOverride\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"arn:aws:s3:::somebucket\",\n\"arn:aws:s3:::somebucket/*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var override = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"SidToOverride\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var overridePolicyDocumentExample = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .overridePolicyDocuments(override.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:*\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"SidToOverride\")\n .actions(\"s3:*\")\n .resources( \n \"arn:aws:s3:::somebucket\",\n \"arn:aws:s3:::somebucket/*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n override:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: SidToOverride\n actions:\n - s3:*\n resources:\n - '*'\n overridePolicyDocumentExample:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n overridePolicyDocuments:\n - ${override.json}\n statements:\n - actions:\n - ec2:*\n resources:\n - '*'\n - sid: SidToOverride\n actions:\n - s3:*\n resources:\n - arn:aws:s3:::somebucket\n - arn:aws:s3:::somebucket/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.override_policy_document_example.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"SidToOverride\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n```\n\n### Example with Both Source and Override Documents\n\nYou can also combine `source_policy_documents` and `override_policy_documents` in the same document.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst source = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"OverridePlaceholder\",\n actions: [\"ec2:DescribeAccountAttributes\"],\n resources: [\"*\"],\n }],\n});\nconst override = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"OverridePlaceholder\",\n actions: [\"s3:GetObject\"],\n resources: [\"*\"],\n }],\n});\nconst politik = Promise.all([source, override]).then(([source, override]) =\u003e aws.iam.getPolicyDocument({\n sourcePolicyDocuments: [source.json],\n overridePolicyDocuments: [override.json],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsource = aws.iam.get_policy_document(statements=[{\n \"sid\": \"OverridePlaceholder\",\n \"actions\": [\"ec2:DescribeAccountAttributes\"],\n \"resources\": [\"*\"],\n}])\noverride = aws.iam.get_policy_document(statements=[{\n \"sid\": \"OverridePlaceholder\",\n \"actions\": [\"s3:GetObject\"],\n \"resources\": [\"*\"],\n}])\npolitik = aws.iam.get_policy_document(source_policy_documents=[source.json],\n override_policy_documents=[override.json])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var source = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceholder\",\n Actions = new[]\n {\n \"ec2:DescribeAccountAttributes\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var @override = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceholder\",\n Actions = new[]\n {\n \"s3:GetObject\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var politik = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n SourcePolicyDocuments = new[]\n {\n source.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n OverridePolicyDocuments = new[]\n {\n @override.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nsource, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OverridePlaceholder\"),\nActions: []string{\n\"ec2:DescribeAccountAttributes\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\noverride, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OverridePlaceholder\"),\nActions: []string{\n\"s3:GetObject\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nSourcePolicyDocuments: interface{}{\nsource.Json,\n},\nOverridePolicyDocuments: interface{}{\noverride.Json,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var source = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceholder\")\n .actions(\"ec2:DescribeAccountAttributes\")\n .resources(\"*\")\n .build())\n .build());\n\n final var override = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceholder\")\n .actions(\"s3:GetObject\")\n .resources(\"*\")\n .build())\n .build());\n\n final var politik = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .sourcePolicyDocuments(source.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .overridePolicyDocuments(override.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n source:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: OverridePlaceholder\n actions:\n - ec2:DescribeAccountAttributes\n resources:\n - '*'\n override:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: OverridePlaceholder\n actions:\n - s3:GetObject\n resources:\n - '*'\n politik:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n sourcePolicyDocuments:\n - ${source.json}\n overridePolicyDocuments:\n - ${override.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.politik.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"OverridePlaceholder\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"*\"\n }\n ]\n}\n```\n\n### Example of Merging Source Documents\n\nMultiple documents can be combined using the `source_policy_documents` or `override_policy_documents` attributes. `source_policy_documents` requires that all documents have unique Sids, while `override_policy_documents` will iteratively override matching Sids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sourceOne = aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n sid: \"UniqueSidOne\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n },\n ],\n});\nconst sourceTwo = aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"UniqueSidTwo\",\n actions: [\"iam:*\"],\n resources: [\"*\"],\n },\n {\n actions: [\"lambda:*\"],\n resources: [\"*\"],\n },\n ],\n});\nconst combined = Promise.all([sourceOne, sourceTwo]).then(([sourceOne, sourceTwo]) =\u003e aws.iam.getPolicyDocument({\n sourcePolicyDocuments: [\n sourceOne.json,\n sourceTwo.json,\n ],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsource_one = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"sid\": \"UniqueSidOne\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n },\n])\nsource_two = aws.iam.get_policy_document(statements=[\n {\n \"sid\": \"UniqueSidTwo\",\n \"actions\": [\"iam:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\"lambda:*\"],\n \"resources\": [\"*\"],\n },\n])\ncombined = aws.iam.get_policy_document(source_policy_documents=[\n source_one.json,\n source_two.json,\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sourceOne = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"UniqueSidOne\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var sourceTwo = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"UniqueSidTwo\",\n Actions = new[]\n {\n \"iam:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"lambda:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var combined = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n SourcePolicyDocuments = new[]\n {\n sourceOne.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n sourceTwo.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nsourceOne, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"ec2:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nSid: pulumi.StringRef(\"UniqueSidOne\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nsourceTwo, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"UniqueSidTwo\"),\nActions: []string{\n\"iam:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nActions: []string{\n\"lambda:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nSourcePolicyDocuments: interface{}{\nsourceOne.Json,\nsourceTwo.Json,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var sourceOne = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:*\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"UniqueSidOne\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var sourceTwo = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"UniqueSidTwo\")\n .actions(\"iam:*\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions(\"lambda:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var combined = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .sourcePolicyDocuments( \n sourceOne.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()),\n sourceTwo.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n sourceOne:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - ec2:*\n resources:\n - '*'\n - sid: UniqueSidOne\n actions:\n - s3:*\n resources:\n - '*'\n sourceTwo:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: UniqueSidTwo\n actions:\n - iam:*\n resources:\n - '*'\n - actions:\n - lambda:*\n resources:\n - '*'\n combined:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n sourcePolicyDocuments:\n - ${sourceOne.json}\n - ${sourceTwo.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.combined.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"UniqueSidOne\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"UniqueSidTwo\",\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"lambda:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n```\n\n### Example of Merging Override Documents\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policyOne = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"OverridePlaceHolderOne\",\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\"*\"],\n }],\n});\nconst policyTwo = aws.iam.getPolicyDocument({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"ec2:*\"],\n resources: [\"*\"],\n },\n {\n sid: \"OverridePlaceHolderTwo\",\n effect: \"Allow\",\n actions: [\"iam:*\"],\n resources: [\"*\"],\n },\n ],\n});\nconst policyThree = aws.iam.getPolicyDocument({\n statements: [{\n sid: \"OverridePlaceHolderOne\",\n effect: \"Deny\",\n actions: [\"logs:*\"],\n resources: [\"*\"],\n }],\n});\nconst combined = Promise.all([policyOne, policyTwo, policyThree]).then(([policyOne, policyTwo, policyThree]) =\u003e aws.iam.getPolicyDocument({\n overridePolicyDocuments: [\n policyOne.json,\n policyTwo.json,\n policyThree.json,\n ],\n statements: [{\n sid: \"OverridePlaceHolderTwo\",\n effect: \"Deny\",\n actions: [\"*\"],\n resources: [\"*\"],\n }],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npolicy_one = aws.iam.get_policy_document(statements=[{\n \"sid\": \"OverridePlaceHolderOne\",\n \"effect\": \"Allow\",\n \"actions\": [\"s3:*\"],\n \"resources\": [\"*\"],\n}])\npolicy_two = aws.iam.get_policy_document(statements=[\n {\n \"effect\": \"Allow\",\n \"actions\": [\"ec2:*\"],\n \"resources\": [\"*\"],\n },\n {\n \"sid\": \"OverridePlaceHolderTwo\",\n \"effect\": \"Allow\",\n \"actions\": [\"iam:*\"],\n \"resources\": [\"*\"],\n },\n])\npolicy_three = aws.iam.get_policy_document(statements=[{\n \"sid\": \"OverridePlaceHolderOne\",\n \"effect\": \"Deny\",\n \"actions\": [\"logs:*\"],\n \"resources\": [\"*\"],\n}])\ncombined = aws.iam.get_policy_document(override_policy_documents=[\n policy_one.json,\n policy_two.json,\n policy_three.json,\n ],\n statements=[{\n \"sid\": \"OverridePlaceHolderTwo\",\n \"effect\": \"Deny\",\n \"actions\": [\"*\"],\n \"resources\": [\"*\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policyOne = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceHolderOne\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var policyTwo = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceHolderTwo\",\n Effect = \"Allow\",\n Actions = new[]\n {\n \"iam:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var policyThree = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceHolderOne\",\n Effect = \"Deny\",\n Actions = new[]\n {\n \"logs:*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var combined = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n OverridePolicyDocuments = new[]\n {\n policyOne.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n policyTwo.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n policyThree.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"OverridePlaceHolderTwo\",\n Effect = \"Deny\",\n Actions = new[]\n {\n \"*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\npolicyOne, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OverridePlaceHolderOne\"),\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"s3:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\npolicyTwo, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"ec2:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n{\nSid: pulumi.StringRef(\"OverridePlaceHolderTwo\"),\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"iam:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\npolicyThree, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OverridePlaceHolderOne\"),\nEffect: pulumi.StringRef(\"Deny\"),\nActions: []string{\n\"logs:*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nOverridePolicyDocuments: interface{}{\npolicyOne.Json,\npolicyTwo.Json,\npolicyThree.Json,\n},\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: pulumi.StringRef(\"OverridePlaceHolderTwo\"),\nEffect: pulumi.StringRef(\"Deny\"),\nActions: []string{\n\"*\",\n},\nResources: []string{\n\"*\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policyOne = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceHolderOne\")\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var policyTwo = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"ec2:*\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceHolderTwo\")\n .effect(\"Allow\")\n .actions(\"iam:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var policyThree = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceHolderOne\")\n .effect(\"Deny\")\n .actions(\"logs:*\")\n .resources(\"*\")\n .build())\n .build());\n\n final var combined = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .overridePolicyDocuments( \n policyOne.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()),\n policyTwo.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()),\n policyThree.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"OverridePlaceHolderTwo\")\n .effect(\"Deny\")\n .actions(\"*\")\n .resources(\"*\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policyOne:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: OverridePlaceHolderOne\n effect: Allow\n actions:\n - s3:*\n resources:\n - '*'\n policyTwo:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - ec2:*\n resources:\n - '*'\n - sid: OverridePlaceHolderTwo\n effect: Allow\n actions:\n - iam:*\n resources:\n - '*'\n policyThree:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: OverridePlaceHolderOne\n effect: Deny\n actions:\n - logs:*\n resources:\n - '*'\n combined:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n overridePolicyDocuments:\n - ${policyOne.json}\n - ${policyTwo.json}\n - ${policyThree.json}\n statements:\n - sid: OverridePlaceHolderTwo\n effect: Deny\n actions:\n - '*'\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_iam_policy_document.combined.json` will evaluate to:\n\n```json\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"OverridePlaceholderTwo\",\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"OverridePlaceholderOne\",\n \"Effect\": \"Deny\",\n \"Action\": \"logs:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:*\",\n \"Resource\": \"*\"\n },\n ]\n}\n```\n", "inputs": { "description": "A collection of arguments for invoking getPolicyDocument.\n", "properties": { "overrideJson": { "type": "string", "deprecationMessage": "Not used" }, "overridePolicyDocuments": { "type": "array", "items": { "type": "string" }, "description": "List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from `source_policy_documents`. Non-overriding statements will be added to the exported document.\n" }, "policyId": { "type": "string", "description": "ID for the policy document.\n" }, "sourceJson": { "type": "string", "deprecationMessage": "Not used" }, "sourcePolicyDocuments": { "type": "array", "items": { "type": "string" }, "description": "List of IAM policy documents that are merged together into the exported document. Statements defined in `source_policy_documents` must have unique `sid`s. Statements with the same `sid` from `override_policy_documents` will override source statements.\n" }, "statements": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement" }, "description": "Configuration block for a policy statement. Detailed below.\n" }, "version": { "type": "string", "description": "IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPolicyDocument.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "Standard JSON policy document rendered based on the arguments above.\n", "type": "string" }, "minifiedJson": { "description": "Minified JSON policy document rendered based on the arguments above.\n", "type": "string" }, "overrideJson": { "deprecationMessage": "Not used", "type": "string" }, "overridePolicyDocuments": { "items": { "type": "string" }, "type": "array" }, "policyId": { "type": "string" }, "sourceJson": { "deprecationMessage": "Not used", "type": "string" }, "sourcePolicyDocuments": { "items": { "type": "string" }, "type": "array" }, "statements": { "items": { "$ref": "#/types/aws:iam/getPolicyDocumentStatement:getPolicyDocumentStatement" }, "type": "array" }, "version": { "type": "string" } }, "required": [ "json", "minifiedJson", "id" ], "type": "object" } }, "aws:iam/getPrincipalPolicySimulation:getPrincipalPolicySimulation": { "description": "Runs a simulation of the IAM policies of a particular principal against a given hypothetical request.\n\nYou can use this data source in conjunction with\nPreconditions and Postconditions so that your configuration can test either whether it should have sufficient access to do its own work, or whether policies your configuration declares itself are sufficient for their intended use elsewhere.\n\n\u003e **Note:** Correctly using this data source requires familiarity with various details of AWS Identity and Access Management, and how various AWS services integrate with it. For general information on the AWS IAM policy simulator, see [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html). This data source wraps the `iam:SimulatePrincipalPolicy` API action described on that page.\n\n## Example Usage\n\n### Self Access-checking Example\n\nThe following example raises an error if the credentials passed to the AWS provider do not have access to perform the three actions `s3:GetObject`, `s3:PutObject`, and `s3:DeleteObject` on the S3 bucket with the given ARN.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst s3ObjectAccess = current.then(current =\u003e aws.iam.getPrincipalPolicySimulation({\n actionNames: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policySourceArn: current.arn,\n resourceArns: [\"arn:aws:s3:::my-test-bucket\"],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ns3_object_access = aws.iam.get_principal_policy_simulation(action_names=[\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policy_source_arn=current.arn,\n resource_arns=[\"arn:aws:s3:::my-test-bucket\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n PolicySourceArn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n ResourceArns = new[]\n {\n \"arn:aws:s3:::my-test-bucket\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.LookupPrincipalPolicySimulation(ctx, \u0026iam.LookupPrincipalPolicySimulationArgs{\n\t\t\tActionNames: []string{\n\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\"s3:DeleteObject\",\n\t\t\t},\n\t\t\tPolicySourceArn: current.Arn,\n\t\t\tResourceArns: []string{\n\t\t\t\t\"arn:aws:s3:::my-test-bucket\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .policySourceArn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .resourceArns(\"arn:aws:s3:::my-test-bucket\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n policySourceArn: ${current.arn}\n resourceArns:\n - arn:aws:s3:::my-test-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you intend to use this data source to quickly raise an error when the given credentials are insufficient then you must use `depends_on` inside any resource which would require those credentials, to ensure that the policy check will run first:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketObject(\"example\", {bucket: \"my-test-bucket\"}, {\n dependsOn: [s3ObjectAccess],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketObject(\"example\", bucket=\"my-test-bucket\",\nopts = pulumi.ResourceOptions(depends_on=[s3_object_access]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketObject(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n s3ObjectAccess,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"my-test-bucket\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ts3ObjectAccess,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketObject(\"example\", BucketObjectArgs.builder()\n .bucket(\"my-test-bucket\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(s3ObjectAccess)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketObject\n properties:\n bucket: my-test-bucket\n options:\n dependson:\n - ${s3ObjectAccess}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Testing the Effect of a Declared Policy\n\nThe following example declares an S3 bucket and a user that should have access to the bucket, and then uses `aws.iam.getPrincipalPolicySimulation` to verify that the user does indeed have access to perform needed operations against the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.iam.User(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"my-test-bucket\"});\nconst s3Access = new aws.iam.UserPolicy(\"s3_access\", {\n name: \"example_s3_access\",\n user: example.name,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"s3:GetObject\",\n Effect: \"Allow\",\n Resource: exampleBucketV2.arn,\n }],\n }),\n});\nconst accountAccess = new aws.s3.BucketPolicy(\"account_access\", {\n bucket: exampleBucketV2.bucket,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"s3:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e current.accountId),\n },\n Resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n }],\n }),\n});\nconst s3ObjectAccess = aws.iam.getPrincipalPolicySimulationOutput({\n actionNames: [\"s3:GetObject\"],\n policySourceArn: example.arn,\n resourceArns: [exampleBucketV2.arn],\n resourcePolicyJson: accountAccess.policy,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.User(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"my-test-bucket\")\ns3_access = aws.iam.UserPolicy(\"s3_access\",\n name=\"example_s3_access\",\n user=example.name,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"s3:GetObject\",\n \"Effect\": \"Allow\",\n \"Resource\": example_bucket_v2.arn,\n }],\n }))\naccount_access = aws.s3.BucketPolicy(\"account_access\",\n bucket=example_bucket_v2.bucket,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"s3:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": current.account_id,\n },\n \"Resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n }],\n }))\ns3_object_access = aws.iam.get_principal_policy_simulation_output(action_names=[\"s3:GetObject\"],\n policy_source_arn=example.arn,\n resource_arns=[example_bucket_v2.arn],\n resource_policy_json=account_access.policy)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.User(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n });\n\n var s3Access = new Aws.Iam.UserPolicy(\"s3_access\", new()\n {\n Name = \"example_s3_access\",\n User = example.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3:GetObject\",\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleBucketV2.Arn,\n },\n },\n })),\n });\n\n var accountAccess = new Aws.S3.BucketPolicy(\"account_access\", new()\n {\n Bucket = exampleBucketV2.Bucket,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"Resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n },\n },\n })),\n });\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n },\n PolicySourceArn = example.Arn,\n ResourceArns = new[]\n {\n exampleBucketV2.Arn,\n },\n ResourcePolicyJson = accountAccess.Policy,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewUser(ctx, \"example\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"s3_access\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"example_s3_access\"),\n\t\t\tUser: example.Name,\n\t\t\tPolicy: exampleBucketV2.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Action\": \"s3:GetObject\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccountAccess, err := s3.NewBucketPolicy(ctx, \"account_access\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.Bucket,\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Action\": \"s3:*\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = iam.LookupPrincipalPolicySimulationOutput(ctx, iam.GetPrincipalPolicySimulationOutputArgs{\n\t\t\tActionNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t},\n\t\t\tPolicySourceArn: example.Arn,\n\t\t\tResourceArns: pulumi.StringArray{\n\t\t\t\texampleBucketV2.Arn,\n\t\t\t},\n\t\t\tResourcePolicyJson: accountAccess.Policy,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new User(\"example\", UserArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder()\n .bucket(\"my-test-bucket\")\n .build());\n\n var s3Access = new UserPolicy(\"s3Access\", UserPolicyArgs.builder()\n .name(\"example_s3_access\")\n .user(example.name())\n .policy(exampleBucketV2.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3:GetObject\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n var accountAccess = new BucketPolicy(\"accountAccess\", BucketPolicyArgs.builder()\n .bucket(exampleBucketV2.bucket())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"Resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n ))\n )))\n ));\n }))\n .build());\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames(\"s3:GetObject\")\n .policySourceArn(example.arn())\n .resourceArns(exampleBucketV2.arn())\n .resourcePolicyJson(accountAccess.policy())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:User\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-bucket\n s3Access:\n type: aws:iam:UserPolicy\n name: s3_access\n properties:\n name: example_s3_access\n user: ${example.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: s3:GetObject\n Effect: Allow\n Resource: ${exampleBucketV2.arn}\n accountAccess:\n type: aws:s3:BucketPolicy\n name: account_access\n properties:\n bucket: ${exampleBucketV2.bucket}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: s3:*\n Effect: Allow\n Principal:\n AWS: ${current.accountId}\n Resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n policySourceArn: ${example.arn}\n resourceArns:\n - ${exampleBucketV2.arn}\n resourcePolicyJson: ${accountAccess.policy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWhen using `aws.iam.getPrincipalPolicySimulation` to test the effect of a policy declared elsewhere in the same configuration, it's important to use `depends_on` to make sure that the needed policy has been fully created or updated before running the simulation.\n", "inputs": { "description": "A collection of arguments for invoking getPrincipalPolicySimulation.\n", "properties": { "actionNames": { "type": "array", "items": { "type": "string" }, "description": "A set of IAM action names to run simulations for. Each entry in this set adds an additional hypothetical request to the simulation.\n\nAction names consist of a service prefix and an action verb separated by a colon, such as `s3:GetObject`. Refer to [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to see the full set of possible IAM action names across all AWS services.\n" }, "additionalPoliciesJsons": { "type": "array", "items": { "type": "string" }, "description": "A set of additional principal policy documents to include in the simulation. The simulator will behave as if each of these policies were associated with the object specified in `policy_source_arn`, allowing you to test the effect of hypothetical policies not yet created.\n" }, "callerArn": { "type": "string", "description": "The ARN of an user that will appear as the \"caller\" of the simulated requests. If you do not specify `caller_arn` then the simulation will use the `policy_source_arn` instead, if it contains a user ARN.\n" }, "contexts": { "type": "array", "items": { "$ref": "#/types/aws:iam/getPrincipalPolicySimulationContext:getPrincipalPolicySimulationContext" }, "description": "Each `context` block defines an entry in the table of additional context keys in the simulated request.\n\nIAM uses context keys for both custom conditions and for interpolating dynamic request-specific values into policy values. If you use policies that include those features then you will need to provide suitable example values for those keys to achieve a realistic simulation.\n" }, "permissionsBoundaryPoliciesJsons": { "type": "array", "items": { "type": "string" }, "description": "A set of [permissions boundary policy documents](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) to include in the simulation.\n" }, "policySourceArn": { "type": "string", "description": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM user, group, or role whose policies will be included in the simulation.\n\nYou must closely match the form of the real service request you are simulating in order to achieve a realistic result. You can use the following additional arguments to specify other characteristics of the simulated requests:\n" }, "resourceArns": { "type": "array", "items": { "type": "string" }, "description": "A set of ARNs of resources to include in the simulation.\n\nThis argument is important for actions that have either required or optional resource types listed in [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html), and you must provide ARNs that identify AWS objects of the appropriate types for the chosen actions.\n\nThe policy simulator only automatically loads policies associated with the `policy_source_arn`, so if your given resources have their own resource-level policy then you'll also need to provide that explicitly using the `resource_policy_json` argument to achieve a realistic simulation.\n" }, "resourceHandlingOption": { "type": "string", "description": "Specifies a special simulation type to run. Some EC2 actions require special simulation behaviors and a particular set of resource ARNs to achieve a realistic result.\n\nFor more details, see the `ResourceHandlingOption` request parameter for [the underlying `iam:SimulatePrincipalPolicy` action](https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html).\n" }, "resourceOwnerAccountId": { "type": "string", "description": "An AWS account ID to use for any resource ARN in `resource_arns` that doesn't include its own AWS account ID. If unspecified, the simulator will use the account ID from the `caller_arn` argument as a placeholder.\n" }, "resourcePolicyJson": { "type": "string", "description": "An IAM policy document representing the resource-level policy of all of the resources specified in `resource_arns`.\n\nThe policy simulator cannot automatically load policies that are associated with individual resources, as described in the documentation for `resource_arns` above.\n" } }, "type": "object", "required": [ "actionNames", "policySourceArn" ] }, "outputs": { "description": "A collection of values returned by getPrincipalPolicySimulation.\n", "properties": { "actionNames": { "items": { "type": "string" }, "type": "array" }, "additionalPoliciesJsons": { "items": { "type": "string" }, "type": "array" }, "allAllowed": { "description": "`true` if all of the simulation results have decision \"allowed\", or `false` otherwise.\n", "type": "boolean" }, "callerArn": { "type": "string" }, "contexts": { "items": { "$ref": "#/types/aws:iam/getPrincipalPolicySimulationContext:getPrincipalPolicySimulationContext" }, "type": "array" }, "id": { "type": "string" }, "permissionsBoundaryPoliciesJsons": { "items": { "type": "string" }, "type": "array" }, "policySourceArn": { "type": "string" }, "resourceArns": { "items": { "type": "string" }, "type": "array" }, "resourceHandlingOption": { "type": "string" }, "resourceOwnerAccountId": { "type": "string" }, "resourcePolicyJson": { "type": "string" }, "results": { "description": "A set of result objects, one for each of the simulated requests, with the following nested attributes:\n", "items": { "$ref": "#/types/aws:iam/getPrincipalPolicySimulationResult:getPrincipalPolicySimulationResult" }, "type": "array" } }, "required": [ "actionNames", "allAllowed", "id", "policySourceArn", "results" ], "type": "object" } }, "aws:iam/getRole:getRole": { "description": "This data source can be used to fetch information about a specific\nIAM role. By using this data source, you can reference IAM role\nproperties without having to hard code ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getRole({\n name: \"an_example_role_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_role(name=\"an_example_role_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetRole.Invoke(new()\n {\n Name = \"an_example_role_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupRole(ctx, \u0026iam.LookupRoleArgs{\n\t\t\tName: \"an_example_role_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getRole(GetRoleArgs.builder()\n .name(\"an_example_role_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getRole\n Arguments:\n name: an_example_role_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRole.\n", "properties": { "name": { "type": "string", "description": "Friendly IAM role name to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags attached to the role.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRole.\n", "properties": { "arn": { "description": "ARN of the role.\n", "type": "string" }, "assumeRolePolicy": { "description": "Policy document associated with the role.\n", "type": "string" }, "createDate": { "description": "Creation date of the role in RFC 3339 format.\n", "type": "string" }, "description": { "description": "Description for the role.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "maxSessionDuration": { "description": "Maximum session duration.\n", "type": "integer" }, "name": { "type": "string" }, "path": { "description": "Path to the role.\n", "type": "string" }, "permissionsBoundary": { "description": "The ARN of the policy that is used to set the permissions boundary for the role.\n", "type": "string" }, "roleLastUseds": { "description": "Contains information about the last time that an IAM role was used. See `role_last_used` for details.\n", "items": { "$ref": "#/types/aws:iam/getRoleRoleLastUsed:getRoleRoleLastUsed" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags attached to the role.\n", "type": "object" }, "uniqueId": { "description": "Stable and unique string identifying the role.\n", "type": "string" } }, "required": [ "arn", "assumeRolePolicy", "createDate", "description", "maxSessionDuration", "name", "path", "permissionsBoundary", "roleLastUseds", "tags", "uniqueId", "id" ], "type": "object" } }, "aws:iam/getRoles:getRoles": { "description": "Use this data source to get the ARNs and Names of IAM Roles.\n\n## Example Usage\n\n### All roles in an account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst roles = aws.iam.getRoles({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroles = aws.iam.get_roles()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var roles = Aws.Iam.GetRoles.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetRoles(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var roles = IamFunctions.getRoles();\n\n }\n}\n```\n```yaml\nvariables:\n roles:\n fn::invoke:\n Function: aws:iam:getRoles\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Roles filtered by name regex\n\nRoles whose role-name contains `project`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst roles = aws.iam.getRoles({\n nameRegex: \".*project.*\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroles = aws.iam.get_roles(name_regex=\".*project.*\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var roles = Aws.Iam.GetRoles.Invoke(new()\n {\n NameRegex = \".*project.*\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetRoles(ctx, \u0026iam.GetRolesArgs{\n\t\t\tNameRegex: pulumi.StringRef(\".*project.*\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var roles = IamFunctions.getRoles(GetRolesArgs.builder()\n .nameRegex(\".*project.*\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n roles:\n fn::invoke:\n Function: aws:iam:getRoles\n Arguments:\n nameRegex: .*project.*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Roles filtered by path prefix\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst roles = aws.iam.getRoles({\n pathPrefix: \"/custom-path\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroles = aws.iam.get_roles(path_prefix=\"/custom-path\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var roles = Aws.Iam.GetRoles.Invoke(new()\n {\n PathPrefix = \"/custom-path\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetRoles(ctx, \u0026iam.GetRolesArgs{\n\t\t\tPathPrefix: pulumi.StringRef(\"/custom-path\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var roles = IamFunctions.getRoles(GetRolesArgs.builder()\n .pathPrefix(\"/custom-path\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n roles:\n fn::invoke:\n Function: aws:iam:getRoles\n Arguments:\n pathPrefix: /custom-path\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Roles provisioned by AWS SSO\n\nRoles in the account filtered by path prefix\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst roles = aws.iam.getRoles({\n pathPrefix: \"/aws-reserved/sso.amazonaws.com/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroles = aws.iam.get_roles(path_prefix=\"/aws-reserved/sso.amazonaws.com/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var roles = Aws.Iam.GetRoles.Invoke(new()\n {\n PathPrefix = \"/aws-reserved/sso.amazonaws.com/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetRoles(ctx, \u0026iam.GetRolesArgs{\n\t\t\tPathPrefix: pulumi.StringRef(\"/aws-reserved/sso.amazonaws.com/\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var roles = IamFunctions.getRoles(GetRolesArgs.builder()\n .pathPrefix(\"/aws-reserved/sso.amazonaws.com/\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n roles:\n fn::invoke:\n Function: aws:iam:getRoles\n Arguments:\n pathPrefix: /aws-reserved/sso.amazonaws.com/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nSpecific role in the account filtered by name regex and path prefix\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst roles = aws.iam.getRoles({\n nameRegex: \"AWSReservedSSO_permission_set_name_.*\",\n pathPrefix: \"/aws-reserved/sso.amazonaws.com/\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nroles = aws.iam.get_roles(name_regex=\"AWSReservedSSO_permission_set_name_.*\",\n path_prefix=\"/aws-reserved/sso.amazonaws.com/\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var roles = Aws.Iam.GetRoles.Invoke(new()\n {\n NameRegex = \"AWSReservedSSO_permission_set_name_.*\",\n PathPrefix = \"/aws-reserved/sso.amazonaws.com/\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetRoles(ctx, \u0026iam.GetRolesArgs{\n\t\t\tNameRegex: pulumi.StringRef(\"AWSReservedSSO_permission_set_name_.*\"),\n\t\t\tPathPrefix: pulumi.StringRef(\"/aws-reserved/sso.amazonaws.com/\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetRolesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var roles = IamFunctions.getRoles(GetRolesArgs.builder()\n .nameRegex(\"AWSReservedSSO_permission_set_name_.*\")\n .pathPrefix(\"/aws-reserved/sso.amazonaws.com/\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n roles:\n fn::invoke:\n Function: aws:iam:getRoles\n Arguments:\n nameRegex: AWSReservedSSO_permission_set_name_.*\n pathPrefix: /aws-reserved/sso.amazonaws.com/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n", "inputs": { "description": "A collection of arguments for invoking getRoles.\n", "properties": { "nameRegex": { "type": "string", "description": "Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.\n" }, "pathPrefix": { "type": "string", "description": "Path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRoles.\n", "properties": { "arns": { "description": "Set of ARNs of the matched IAM roles.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "nameRegex": { "type": "string" }, "names": { "description": "Set of Names of the matched IAM roles.\n", "items": { "type": "string" }, "type": "array" }, "pathPrefix": { "type": "string" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:iam/getSamlProvider:getSamlProvider": { "description": "This data source can be used to fetch information about a specific\nIAM SAML provider. This will allow you to easily retrieve the metadata\ndocument of an existing SAML provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getSamlProvider({\n arn: \"arn:aws:iam::123456789:saml-provider/myprovider\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_saml_provider(arn=\"arn:aws:iam::123456789:saml-provider/myprovider\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetSamlProvider.Invoke(new()\n {\n Arn = \"arn:aws:iam::123456789:saml-provider/myprovider\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupSamlProvider(ctx, \u0026iam.LookupSamlProviderArgs{\n\t\t\tArn: \"arn:aws:iam::123456789:saml-provider/myprovider\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetSamlProviderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getSamlProvider(GetSamlProviderArgs.builder()\n .arn(\"arn:aws:iam::123456789:saml-provider/myprovider\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getSamlProvider\n Arguments:\n arn: arn:aws:iam::123456789:saml-provider/myprovider\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSamlProvider.\n", "properties": { "arn": { "type": "string", "description": "ARN assigned by AWS for the provider.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags attached to the SAML provider.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getSamlProvider.\n", "properties": { "arn": { "type": "string" }, "createDate": { "description": "Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the provider.\n", "type": "string" }, "samlMetadataDocument": { "description": "The XML document generated by an identity provider that supports SAML 2.0.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags attached to the SAML provider.\n", "type": "object" }, "validUntil": { "description": "Expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.\n", "type": "string" } }, "required": [ "arn", "createDate", "name", "samlMetadataDocument", "tags", "validUntil", "id" ], "type": "object" } }, "aws:iam/getServerCertificate:getServerCertificate": { "description": "Use this data source to lookup information about IAM Server Certificates.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst my-domain = aws.iam.getServerCertificate({\n namePrefix: \"my-domain.org\",\n latest: true,\n});\nconst elb = new aws.elb.LoadBalancer(\"elb\", {\n name: \"my-domain-elb\",\n listeners: [{\n instancePort: 8000,\n instanceProtocol: \"https\",\n lbPort: 443,\n lbProtocol: \"https\",\n sslCertificateId: my_domain.then(my_domain =\u003e my_domain.arn),\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.iam.get_server_certificate(name_prefix=\"my-domain.org\",\n latest=True)\nelb = aws.elb.LoadBalancer(\"elb\",\n name=\"my-domain-elb\",\n listeners=[{\n \"instance_port\": 8000,\n \"instance_protocol\": \"https\",\n \"lb_port\": 443,\n \"lb_protocol\": \"https\",\n \"ssl_certificate_id\": my_domain.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var my_domain = Aws.Iam.GetServerCertificate.Invoke(new()\n {\n NamePrefix = \"my-domain.org\",\n Latest = true,\n });\n\n var elb = new Aws.Elb.LoadBalancer(\"elb\", new()\n {\n Name = \"my-domain-elb\",\n Listeners = new[]\n {\n new Aws.Elb.Inputs.LoadBalancerListenerArgs\n {\n InstancePort = 8000,\n InstanceProtocol = \"https\",\n LbPort = 443,\n LbProtocol = \"https\",\n SslCertificateId = my_domain.Apply(my_domain =\u003e my_domain.Apply(getServerCertificateResult =\u003e getServerCertificateResult.Arn)),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmy_domain, err := iam.LookupServerCertificate(ctx, \u0026iam.LookupServerCertificateArgs{\n\t\t\tNamePrefix: pulumi.StringRef(\"my-domain.org\"),\n\t\t\tLatest: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elb.NewLoadBalancer(ctx, \"elb\", \u0026elb.LoadBalancerArgs{\n\t\t\tName: pulumi.String(\"my-domain-elb\"),\n\t\t\tListeners: elb.LoadBalancerListenerArray{\n\t\t\t\t\u0026elb.LoadBalancerListenerArgs{\n\t\t\t\t\tInstancePort: pulumi.Int(8000),\n\t\t\t\t\tInstanceProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tLbPort: pulumi.Int(443),\n\t\t\t\t\tLbProtocol: pulumi.String(\"https\"),\n\t\t\t\t\tSslCertificateId: pulumi.String(my_domain.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetServerCertificateArgs;\nimport com.pulumi.aws.elb.LoadBalancer;\nimport com.pulumi.aws.elb.LoadBalancerArgs;\nimport com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var my-domain = IamFunctions.getServerCertificate(GetServerCertificateArgs.builder()\n .namePrefix(\"my-domain.org\")\n .latest(true)\n .build());\n\n var elb = new LoadBalancer(\"elb\", LoadBalancerArgs.builder()\n .name(\"my-domain-elb\")\n .listeners(LoadBalancerListenerArgs.builder()\n .instancePort(8000)\n .instanceProtocol(\"https\")\n .lbPort(443)\n .lbProtocol(\"https\")\n .sslCertificateId(my_domain.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n elb:\n type: aws:elb:LoadBalancer\n properties:\n name: my-domain-elb\n listeners:\n - instancePort: 8000\n instanceProtocol: https\n lbPort: 443\n lbProtocol: https\n sslCertificateId: ${[\"my-domain\"].arn}\nvariables:\n my-domain:\n fn::invoke:\n Function: aws:iam:getServerCertificate\n Arguments:\n namePrefix: my-domain.org\n latest: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerCertificate.\n", "properties": { "latest": { "type": "boolean", "description": "sort results by expiration date. returns the certificate with expiration date in furthest in the future.\n" }, "name": { "type": "string", "description": "exact name of the cert to lookup\n" }, "namePrefix": { "type": "string", "description": "prefix of cert to filter by\n" }, "pathPrefix": { "type": "string", "description": "prefix of path to filter by\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServerCertificate.\n", "properties": { "arn": { "description": "is set to the ARN of the IAM Server Certificate\n", "type": "string" }, "certificateBody": { "description": "is the public key certificate (PEM-encoded). This is useful when [configuring back-end instance authentication](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html) policy for load balancer\n", "type": "string" }, "certificateChain": { "description": "is the public key certificate chain (PEM-encoded) if exists, empty otherwise\n", "type": "string" }, "expirationDate": { "description": "is set to the expiration date of the IAM Server Certificate\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "latest": { "type": "boolean" }, "name": { "type": "string" }, "namePrefix": { "type": "string" }, "path": { "description": "is set to the path of the IAM Server Certificate\n", "type": "string" }, "pathPrefix": { "type": "string" }, "uploadDate": { "description": "is the date when the server certificate was uploaded\n", "type": "string" } }, "required": [ "arn", "certificateBody", "certificateChain", "expirationDate", "name", "path", "uploadDate", "id" ], "type": "object" } }, "aws:iam/getSessionContext:getSessionContext": { "description": "This data source provides information on the IAM source role of an STS assumed role. For non-role ARNs, this data source simply passes the ARN through in `issuer_arn`.\n\nFor some AWS resources, multiple types of principals are allowed in the same argument (e.g., IAM users and IAM roles). However, these arguments often do not allow assumed-role (i.e., STS, temporary credential) principals. Given an STS ARN, this data source provides the ARN for the source IAM role.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getSessionContext({\n arn: \"arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_session_context(arn=\"arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetSessionContext.Invoke(new()\n {\n Arn = \"arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetSessionContext(ctx, \u0026iam.GetSessionContextArgs{\n\t\t\tArn: \"arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetSessionContextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getSessionContext(GetSessionContextArgs.builder()\n .arn(\"arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getSessionContext\n Arguments:\n arn: arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find the Runner's Source Role\n\nCombined with `aws.getCallerIdentity`, you can get the current user's source IAM role ARN (`issuer_arn`) if you're using an assumed role. If you're not using an assumed role, the caller's (e.g., an IAM user's) ARN will simply be passed through. In environments where both IAM users and individuals using assumed roles need to apply the same configurations, this data source enables seamless use.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = current.then(current =\u003e aws.iam.getSessionContext({\n arn: current.arn,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.get_session_context(arn=current.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetSessionContext.Invoke(new()\n {\n Arn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.GetSessionContext(ctx, \u0026iam.GetSessionContextArgs{\n\t\t\tArn: current.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetSessionContextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getSessionContext(GetSessionContextArgs.builder()\n .arn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getSessionContext\n Arguments:\n arn: ${current.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSessionContext.\n", "properties": { "arn": { "type": "string", "description": "ARN for an assumed role.\n\n\u003e If `arn` is a non-role ARN, Pulumi gives no error and `issuer_arn` will be equal to the `arn` value. For STS assumed-role ARNs, Pulumi gives an error if the identified IAM role does not exist.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getSessionContext.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "issuerArn": { "description": "IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuer_arn` is equal to `arn`.\n", "type": "string" }, "issuerId": { "description": "Unique identifier of the IAM role that issues the STS assumed role.\n", "type": "string" }, "issuerName": { "description": "Name of the source role. Only available if `arn` corresponds to an STS assumed role.\n", "type": "string" }, "sessionName": { "description": "Name of the STS session. Only available if `arn` corresponds to an STS assumed role.\n", "type": "string" } }, "required": [ "arn", "issuerArn", "issuerId", "issuerName", "sessionName", "id" ], "type": "object" } }, "aws:iam/getUser:getUser": { "description": "This data source can be used to fetch information about a specific\nIAM user. By using this data source, you can reference IAM user\nproperties without having to hard code ARNs or unique IDs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getUser({\n userName: \"an_example_user_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_user(user_name=\"an_example_user_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetUser.Invoke(new()\n {\n UserName = \"an_example_user_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupUser(ctx, \u0026iam.LookupUserArgs{\n\t\t\tUserName: \"an_example_user_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getUser(GetUserArgs.builder()\n .userName(\"an_example_user_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getUser\n Arguments:\n userName: an_example_user_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs associated with the user.\n" }, "userName": { "type": "string", "description": "Friendly IAM user name to match.\n" } }, "type": "object", "required": [ "userName" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "arn": { "description": "ARN assigned by AWS for this user.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "path": { "description": "Path in which this user was created.\n", "type": "string" }, "permissionsBoundary": { "description": "The ARN of the policy that is used to set the permissions boundary for the user.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs associated with the user.\n", "type": "object" }, "userId": { "description": "Unique ID assigned by AWS for this user.\n", "type": "string" }, "userName": { "description": "Name associated to this User\n", "type": "string" } }, "required": [ "arn", "path", "permissionsBoundary", "tags", "userId", "userName", "id" ], "type": "object" } }, "aws:iam/getUserSshKey:getUserSshKey": { "description": "Use this data source to get information about a SSH public key associated with the specified IAM user.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getUserSshKey({\n encoding: \"SSH\",\n sshPublicKeyId: \"APKARUZ32GUTKIGARLXE\",\n username: \"test-user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.get_user_ssh_key(encoding=\"SSH\",\n ssh_public_key_id=\"APKARUZ32GUTKIGARLXE\",\n username=\"test-user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetUserSshKey.Invoke(new()\n {\n Encoding = \"SSH\",\n SshPublicKeyId = \"APKARUZ32GUTKIGARLXE\",\n Username = \"test-user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetUserSshKey(ctx, \u0026iam.GetUserSshKeyArgs{\n\t\t\tEncoding: \"SSH\",\n\t\t\tSshPublicKeyId: \"APKARUZ32GUTKIGARLXE\",\n\t\t\tUsername: \"test-user\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetUserSshKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getUserSshKey(GetUserSshKeyArgs.builder()\n .encoding(\"SSH\")\n .sshPublicKeyId(\"APKARUZ32GUTKIGARLXE\")\n .username(\"test-user\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getUserSshKey\n Arguments:\n encoding: SSH\n sshPublicKeyId: APKARUZ32GUTKIGARLXE\n username: test-user\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUserSshKey.\n", "properties": { "encoding": { "type": "string", "description": "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.\n" }, "sshPublicKeyId": { "type": "string", "description": "Unique identifier for the SSH public key.\n" }, "username": { "type": "string", "description": "Name of the IAM user associated with the SSH public key.\n" } }, "type": "object", "required": [ "encoding", "sshPublicKeyId", "username" ] }, "outputs": { "description": "A collection of values returned by getUserSshKey.\n", "properties": { "encoding": { "type": "string" }, "fingerprint": { "description": "MD5 message digest of the SSH public key.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "publicKey": { "description": "SSH public key.\n", "type": "string" }, "sshPublicKeyId": { "type": "string" }, "status": { "description": "Status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.\n", "type": "string" }, "username": { "type": "string" } }, "required": [ "encoding", "fingerprint", "publicKey", "sshPublicKeyId", "status", "username", "id" ], "type": "object" } }, "aws:iam/getUsers:getUsers": { "description": "Use this data source to get the ARNs and Names of IAM Users.\n\n## Example Usage\n\n### All users in an account\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst users = aws.iam.getUsers({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nusers = aws.iam.get_users()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = Aws.Iam.GetUsers.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetUsers(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetUsersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var users = IamFunctions.getUsers();\n\n }\n}\n```\n```yaml\nvariables:\n users:\n fn::invoke:\n Function: aws:iam:getUsers\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Users filtered by name regex\n\nUsers whose username contains `abc`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst users = aws.iam.getUsers({\n nameRegex: \".*abc.*\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nusers = aws.iam.get_users(name_regex=\".*abc.*\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = Aws.Iam.GetUsers.Invoke(new()\n {\n NameRegex = \".*abc.*\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetUsers(ctx, \u0026iam.GetUsersArgs{\n\t\t\tNameRegex: pulumi.StringRef(\".*abc.*\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetUsersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var users = IamFunctions.getUsers(GetUsersArgs.builder()\n .nameRegex(\".*abc.*\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n users:\n fn::invoke:\n Function: aws:iam:getUsers\n Arguments:\n nameRegex: .*abc.*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Users filtered by path prefix\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst users = aws.iam.getUsers({\n pathPrefix: \"/custom-path\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nusers = aws.iam.get_users(path_prefix=\"/custom-path\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var users = Aws.Iam.GetUsers.Invoke(new()\n {\n PathPrefix = \"/custom-path\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.GetUsers(ctx, \u0026iam.GetUsersArgs{\n\t\t\tPathPrefix: pulumi.StringRef(\"/custom-path\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetUsersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var users = IamFunctions.getUsers(GetUsersArgs.builder()\n .pathPrefix(\"/custom-path\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n users:\n fn::invoke:\n Function: aws:iam:getUsers\n Arguments:\n pathPrefix: /custom-path\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUsers.\n", "properties": { "nameRegex": { "type": "string", "description": "Regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.\n" }, "pathPrefix": { "type": "string", "description": "Path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getUsers.\n", "properties": { "arns": { "description": "Set of ARNs of the matched IAM users.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "nameRegex": { "type": "string" }, "names": { "description": "Set of Names of the matched IAM users.\n", "items": { "type": "string" }, "type": "array" }, "pathPrefix": { "type": "string" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:identitystore/getGroup:getGroup": { "description": "Use this data source to get an Identity Store Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleGetGroup = example.then(example =\u003e aws.identitystore.getGroup({\n identityStoreId: example.identityStoreIds?.[0],\n alternateIdentifier: {\n uniqueAttribute: {\n attributePath: \"DisplayName\",\n attributeValue: \"ExampleGroup\",\n },\n },\n}));\nexport const groupId = exampleGetGroup.then(exampleGetGroup =\u003e exampleGetGroup.groupId);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_get_group = aws.identitystore.get_group(identity_store_id=example.identity_store_ids[0],\n alternate_identifier={\n \"unique_attribute\": {\n \"attribute_path\": \"DisplayName\",\n \"attribute_value\": \"ExampleGroup\",\n },\n })\npulumi.export(\"groupId\", example_get_group.group_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleGetGroup = Aws.IdentityStore.GetGroup.Invoke(new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n AlternateIdentifier = new Aws.IdentityStore.Inputs.GetGroupAlternateIdentifierInputArgs\n {\n UniqueAttribute = new Aws.IdentityStore.Inputs.GetGroupAlternateIdentifierUniqueAttributeInputArgs\n {\n AttributePath = \"DisplayName\",\n AttributeValue = \"ExampleGroup\",\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"groupId\"] = exampleGetGroup.Apply(getGroupResult =\u003e getGroupResult.GroupId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetGroup, err := identitystore.LookupGroup(ctx, \u0026identitystore.LookupGroupArgs{\n\t\t\tIdentityStoreId: example.IdentityStoreIds[0],\n\t\t\tAlternateIdentifier: identitystore.GetGroupAlternateIdentifier{\n\t\t\t\tUniqueAttribute: identitystore.GetGroupAlternateIdentifierUniqueAttribute{\n\t\t\t\t\tAttributePath: \"DisplayName\",\n\t\t\t\t\tAttributeValue: \"ExampleGroup\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"groupId\", exampleGetGroup.GroupId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.identitystore.IdentitystoreFunctions;\nimport com.pulumi.aws.identitystore.inputs.GetGroupArgs;\nimport com.pulumi.aws.identitystore.inputs.GetGroupAlternateIdentifierArgs;\nimport com.pulumi.aws.identitystore.inputs.GetGroupAlternateIdentifierUniqueAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n final var exampleGetGroup = IdentitystoreFunctions.getGroup(GetGroupArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .alternateIdentifier(GetGroupAlternateIdentifierArgs.builder()\n .uniqueAttribute(GetGroupAlternateIdentifierUniqueAttributeArgs.builder()\n .attributePath(\"DisplayName\")\n .attributeValue(\"ExampleGroup\")\n .build())\n .build())\n .build());\n\n ctx.export(\"groupId\", exampleGetGroup.applyValue(getGroupResult -\u003e getGroupResult.groupId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetGroup:\n fn::invoke:\n Function: aws:identitystore:getGroup\n Arguments:\n identityStoreId: ${example.identityStoreIds[0]}\n alternateIdentifier:\n uniqueAttribute:\n attributePath: DisplayName\n attributeValue: ExampleGroup\noutputs:\n groupId: ${exampleGetGroup.groupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { "alternateIdentifier": { "$ref": "#/types/aws:identitystore/getGroupAlternateIdentifier:getGroupAlternateIdentifier", "description": "A unique identifier for the group that is not the primary identifier. Conflicts with `group_id` and `filter`. Detailed below.\n" }, "filter": { "$ref": "#/types/aws:identitystore/getGroupFilter:getGroupFilter", "description": "Configuration block for filtering by a unique attribute of the group. Detailed below.\n", "deprecationMessage": "Use the alternate_identifier attribute instead." }, "groupId": { "type": "string", "description": "The identifier for a group in the Identity Store.\n\n\u003e Exactly one of the above arguments must be provided. Passing both `filter` and `group_id` is allowed for backwards compatibility.\n" }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On Instance.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "identityStoreId" ] }, "outputs": { "description": "A collection of values returned by getGroup.\n", "properties": { "alternateIdentifier": { "$ref": "#/types/aws:identitystore/getGroupAlternateIdentifier:getGroupAlternateIdentifier" }, "description": { "description": "Description of the specified group.\n", "type": "string" }, "displayName": { "description": "Group's display name value.\n", "type": "string" }, "externalIds": { "description": "List of identifiers issued to this resource by an external identity provider.\n", "items": { "$ref": "#/types/aws:identitystore/getGroupExternalId:getGroupExternalId" }, "type": "array" }, "filter": { "$ref": "#/types/aws:identitystore/getGroupFilter:getGroupFilter", "deprecationMessage": "Use the alternate_identifier attribute instead." }, "groupId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityStoreId": { "type": "string" } }, "required": [ "description", "displayName", "externalIds", "groupId", "identityStoreId", "id" ], "type": "object" } }, "aws:identitystore/getGroups:getGroups": { "description": "Data source for managing an AWS SSO Identity Store Groups.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleGetGroups = example.then(example =\u003e aws.identitystore.getGroups({\n identityStoreId: example.identityStoreIds?.[0],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_get_groups = aws.identitystore.get_groups(identity_store_id=example.identity_store_ids[0])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleGetGroups = Aws.IdentityStore.GetGroups.Invoke(new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identitystore.GetGroups(ctx, \u0026identitystore.GetGroupsArgs{\n\t\t\tIdentityStoreId: example.IdentityStoreIds[0],\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.identitystore.IdentitystoreFunctions;\nimport com.pulumi.aws.identitystore.inputs.GetGroupsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n final var exampleGetGroups = IdentitystoreFunctions.getGroups(GetGroupsArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetGroups:\n fn::invoke:\n Function: aws:identitystore:getGroups\n Arguments:\n identityStoreId: ${example.identityStoreIds[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGroups.\n", "properties": { "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On (SSO) Instance.\n" } }, "type": "object", "required": [ "identityStoreId" ] }, "outputs": { "description": "A collection of values returned by getGroups.\n", "properties": { "groups": { "description": "List of Identity Store Groups\n", "items": { "$ref": "#/types/aws:identitystore/getGroupsGroup:getGroupsGroup" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityStoreId": { "type": "string" } }, "required": [ "groups", "identityStoreId", "id" ], "type": "object" } }, "aws:identitystore/getUser:getUser": { "description": "Use this data source to get an Identity Store User.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleGetUser = example.then(example =\u003e aws.identitystore.getUser({\n identityStoreId: example.identityStoreIds?.[0],\n alternateIdentifier: {\n uniqueAttribute: {\n attributePath: \"UserName\",\n attributeValue: \"ExampleUser\",\n },\n },\n}));\nexport const userId = exampleGetUser.then(exampleGetUser =\u003e exampleGetUser.userId);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_get_user = aws.identitystore.get_user(identity_store_id=example.identity_store_ids[0],\n alternate_identifier={\n \"unique_attribute\": {\n \"attribute_path\": \"UserName\",\n \"attribute_value\": \"ExampleUser\",\n },\n })\npulumi.export(\"userId\", example_get_user.user_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleGetUser = Aws.IdentityStore.GetUser.Invoke(new()\n {\n IdentityStoreId = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n AlternateIdentifier = new Aws.IdentityStore.Inputs.GetUserAlternateIdentifierInputArgs\n {\n UniqueAttribute = new Aws.IdentityStore.Inputs.GetUserAlternateIdentifierUniqueAttributeInputArgs\n {\n AttributePath = \"UserName\",\n AttributeValue = \"ExampleUser\",\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"userId\"] = exampleGetUser.Apply(getUserResult =\u003e getUserResult.UserId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/identitystore\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetUser, err := identitystore.LookupUser(ctx, \u0026identitystore.LookupUserArgs{\n\t\t\tIdentityStoreId: example.IdentityStoreIds[0],\n\t\t\tAlternateIdentifier: identitystore.GetUserAlternateIdentifier{\n\t\t\t\tUniqueAttribute: identitystore.GetUserAlternateIdentifierUniqueAttribute{\n\t\t\t\t\tAttributePath: \"UserName\",\n\t\t\t\t\tAttributeValue: \"ExampleUser\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"userId\", exampleGetUser.UserId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.identitystore.IdentitystoreFunctions;\nimport com.pulumi.aws.identitystore.inputs.GetUserArgs;\nimport com.pulumi.aws.identitystore.inputs.GetUserAlternateIdentifierArgs;\nimport com.pulumi.aws.identitystore.inputs.GetUserAlternateIdentifierUniqueAttributeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n final var exampleGetUser = IdentitystoreFunctions.getUser(GetUserArgs.builder()\n .identityStoreId(example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]))\n .alternateIdentifier(GetUserAlternateIdentifierArgs.builder()\n .uniqueAttribute(GetUserAlternateIdentifierUniqueAttributeArgs.builder()\n .attributePath(\"UserName\")\n .attributeValue(\"ExampleUser\")\n .build())\n .build())\n .build());\n\n ctx.export(\"userId\", exampleGetUser.applyValue(getUserResult -\u003e getUserResult.userId()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetUser:\n fn::invoke:\n Function: aws:identitystore:getUser\n Arguments:\n identityStoreId: ${example.identityStoreIds[0]}\n alternateIdentifier:\n uniqueAttribute:\n attributePath: UserName\n attributeValue: ExampleUser\noutputs:\n userId: ${exampleGetUser.userId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "alternateIdentifier": { "$ref": "#/types/aws:identitystore/getUserAlternateIdentifier:getUserAlternateIdentifier", "description": "A unique identifier for a user or group that is not the primary identifier. Conflicts with `user_id` and `filter`. Detailed below.\n" }, "filter": { "$ref": "#/types/aws:identitystore/getUserFilter:getUserFilter", "description": "Configuration block for filtering by a unique attribute of the user. Detailed below.\n", "deprecationMessage": "Use the alternate_identifier attribute instead." }, "identityStoreId": { "type": "string", "description": "Identity Store ID associated with the Single Sign-On Instance.\n\nThe following arguments are optional:\n" }, "userId": { "type": "string", "description": "The identifier for a user in the Identity Store.\n\n\u003e Exactly one of the above arguments must be provided. Passing both `filter` and `user_id` is allowed for backwards compatibility.\n" } }, "type": "object", "required": [ "identityStoreId" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "addresses": { "description": "List of details about the user's address.\n", "items": { "$ref": "#/types/aws:identitystore/getUserAddress:getUserAddress" }, "type": "array" }, "alternateIdentifier": { "$ref": "#/types/aws:identitystore/getUserAlternateIdentifier:getUserAlternateIdentifier" }, "displayName": { "description": "The name that is typically displayed when the user is referenced.\n", "type": "string" }, "emails": { "description": "List of details about the user's email.\n", "items": { "$ref": "#/types/aws:identitystore/getUserEmail:getUserEmail" }, "type": "array" }, "externalIds": { "description": "List of identifiers issued to this resource by an external identity provider.\n", "items": { "$ref": "#/types/aws:identitystore/getUserExternalId:getUserExternalId" }, "type": "array" }, "filter": { "$ref": "#/types/aws:identitystore/getUserFilter:getUserFilter", "deprecationMessage": "Use the alternate_identifier attribute instead." }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityStoreId": { "type": "string" }, "locale": { "description": "The user's geographical region or location.\n", "type": "string" }, "names": { "description": "Details about the user's full name.\n", "items": { "$ref": "#/types/aws:identitystore/getUserName:getUserName" }, "type": "array" }, "nickname": { "description": "An alternate name for the user.\n", "type": "string" }, "phoneNumbers": { "description": "List of details about the user's phone number.\n", "items": { "$ref": "#/types/aws:identitystore/getUserPhoneNumber:getUserPhoneNumber" }, "type": "array" }, "preferredLanguage": { "description": "The preferred language of the user.\n", "type": "string" }, "profileUrl": { "description": "An URL that may be associated with the user.\n", "type": "string" }, "timezone": { "description": "The user's time zone.\n", "type": "string" }, "title": { "description": "The user's title.\n", "type": "string" }, "userId": { "type": "string" }, "userName": { "description": "User's user name value.\n", "type": "string" }, "userType": { "description": "The user type.\n", "type": "string" } }, "required": [ "addresses", "displayName", "emails", "externalIds", "identityStoreId", "locale", "names", "nickname", "phoneNumbers", "preferredLanguage", "profileUrl", "timezone", "title", "userId", "userName", "userType", "id" ], "type": "object" } }, "aws:imagebuilder/getComponent:getComponent": { "description": "Provides details about an Image Builder Component.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getComponent({\n arn: \"arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_component(arn=\"arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetComponent.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupComponent(ctx, \u0026imagebuilder.LookupComponentArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetComponentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getComponent(GetComponentArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getComponent\n Arguments:\n arn: arn:aws:imagebuilder:us-west-2:aws:component/amazon-cloudwatch-agent-linux/1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getComponent.\n", "properties": { "arn": { "type": "string", "description": "ARN of the component.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the component.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getComponent.\n", "properties": { "arn": { "type": "string" }, "changeDescription": { "description": "Change description of the component.\n", "type": "string" }, "data": { "description": "Data of the component.\n", "type": "string" }, "dateCreated": { "description": "Date the component was created.\n", "type": "string" }, "description": { "description": "Description of the component.\n", "type": "string" }, "encrypted": { "description": "Encryption status of the component.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "ARN of the Key Management Service (KMS) Key used to encrypt the component.\n", "type": "string" }, "name": { "description": "Name of the component.\n", "type": "string" }, "owner": { "description": "Owner of the component.\n", "type": "string" }, "platform": { "description": "Platform of the component.\n", "type": "string" }, "supportedOsVersions": { "description": "Operating Systems (OSes) supported by the component.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the component.\n", "type": "object" }, "type": { "description": "Type of the component.\n", "type": "string" }, "version": { "description": "Version of the component.\n", "type": "string" } }, "required": [ "arn", "changeDescription", "data", "dateCreated", "description", "encrypted", "kmsKeyId", "name", "owner", "platform", "supportedOsVersions", "tags", "type", "version", "id" ], "type": "object" } }, "aws:imagebuilder/getComponents:getComponents": { "description": "Use this data source to get the ARNs and names of Image Builder Components matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getComponents({\n owner: \"Self\",\n filters: [{\n name: \"platform\",\n values: [\"Linux\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_components(owner=\"Self\",\n filters=[{\n \"name\": \"platform\",\n \"values\": [\"Linux\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetComponents.Invoke(new()\n {\n Owner = \"Self\",\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetComponentsFilterInputArgs\n {\n Name = \"platform\",\n Values = new[]\n {\n \"Linux\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetComponents(ctx, \u0026imagebuilder.GetComponentsArgs{\n\t\t\tOwner: pulumi.StringRef(\"Self\"),\n\t\t\tFilters: []imagebuilder.GetComponentsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"platform\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Linux\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetComponentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getComponents(GetComponentsArgs.builder()\n .owner(\"Self\")\n .filters(GetComponentsFilterArgs.builder()\n .name(\"platform\")\n .values(\"Linux\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getComponents\n Arguments:\n owner: Self\n filters:\n - name: platform\n values:\n - Linux\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getComponents.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getComponentsFilter:getComponentsFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "owner": { "type": "string", "description": "Owner of the image recipes. Valid values are `Self`, `Shared`, `Amazon` and `ThirdParty`. Defaults to `Self`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getComponents.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Components.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getComponentsFilter:getComponentsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Components.\n", "items": { "type": "string" }, "type": "array" }, "owner": { "type": "string" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:imagebuilder/getContainerRecipe:getContainerRecipe": { "description": "Provides details about an Image builder Container Recipe.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getContainerRecipe({\n arn: \"arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_container_recipe(arn=\"arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetContainerRecipe.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupContainerRecipe(ctx, \u0026imagebuilder.LookupContainerRecipeArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetContainerRecipeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getContainerRecipe(GetContainerRecipeArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getContainerRecipe\n Arguments:\n arn: arn:aws:imagebuilder:us-east-1:aws:container-recipe/example/1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContainerRecipe.\n", "properties": { "arn": { "type": "string", "description": "ARN of the container recipe.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getContainerRecipe.\n", "properties": { "arn": { "type": "string" }, "components": { "description": "List of objects with components for the container recipe.\n", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeComponent:getContainerRecipeComponent" }, "type": "array" }, "containerType": { "description": "Type of the container.\n", "type": "string" }, "dateCreated": { "description": "Date the container recipe was created.\n", "type": "string" }, "description": { "description": "Description of the container recipe.\n", "type": "string" }, "dockerfileTemplateData": { "description": "Dockerfile template used to build the image.\n", "type": "string" }, "encrypted": { "description": "Whether to encrypt the volume. Defaults to unset, which is the value inherited from the parent image.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceConfigurations": { "description": "List of objects with instance configurations for building and testing container images.\n", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeInstanceConfiguration:getContainerRecipeInstanceConfiguration" }, "type": "array" }, "kmsKeyId": { "description": "KMS key used to encrypt the container image.\n", "type": "string" }, "name": { "description": "Name of the container recipe.\n", "type": "string" }, "owner": { "description": "Owner of the container recipe.\n", "type": "string" }, "parentImage": { "description": "Base image for the container recipe.\n", "type": "string" }, "platform": { "description": "Platform of the container recipe.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe.\n", "type": "object" }, "targetRepositories": { "description": "Destination repository for the container image.\n", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipeTargetRepository:getContainerRecipeTargetRepository" }, "type": "array" }, "version": { "description": "Version of the container recipe.\n", "type": "string" }, "workingDirectory": { "description": "Working directory used during build and test workflows.\n", "type": "string" } }, "required": [ "arn", "components", "containerType", "dateCreated", "description", "dockerfileTemplateData", "encrypted", "instanceConfigurations", "kmsKeyId", "name", "owner", "parentImage", "platform", "targetRepositories", "version", "workingDirectory", "id" ], "type": "object" } }, "aws:imagebuilder/getContainerRecipes:getContainerRecipes": { "description": "Use this data source to get the ARNs and names of Image Builder Container Recipes matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getContainerRecipes({\n owner: \"Self\",\n filters: [{\n name: \"platform\",\n values: [\"Linux\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_container_recipes(owner=\"Self\",\n filters=[{\n \"name\": \"platform\",\n \"values\": [\"Linux\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetContainerRecipes.Invoke(new()\n {\n Owner = \"Self\",\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetContainerRecipesFilterInputArgs\n {\n Name = \"platform\",\n Values = new[]\n {\n \"Linux\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetContainerRecipes(ctx, \u0026imagebuilder.GetContainerRecipesArgs{\n\t\t\tOwner: pulumi.StringRef(\"Self\"),\n\t\t\tFilters: []imagebuilder.GetContainerRecipesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"platform\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Linux\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetContainerRecipesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getContainerRecipes(GetContainerRecipesArgs.builder()\n .owner(\"Self\")\n .filters(GetContainerRecipesFilterArgs.builder()\n .name(\"platform\")\n .values(\"Linux\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getContainerRecipes\n Arguments:\n owner: Self\n filters:\n - name: platform\n values:\n - Linux\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContainerRecipes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipesFilter:getContainerRecipesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "owner": { "type": "string", "description": "Owner of the container recipes. Valid values are `Self`, `Shared`, `Amazon` and `ThirdParty`. Defaults to `Self`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getContainerRecipes.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Container Recipes.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getContainerRecipesFilter:getContainerRecipesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Container Recipes.\n", "items": { "type": "string" }, "type": "array" }, "owner": { "type": "string" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:imagebuilder/getDistributionConfiguration:getDistributionConfiguration": { "description": "Provides details about an Image Builder Distribution Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getDistributionConfiguration({\n arn: \"arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_distribution_configuration(arn=\"arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetDistributionConfiguration.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupDistributionConfiguration(ctx, \u0026imagebuilder.LookupDistributionConfigurationArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetDistributionConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getDistributionConfiguration(GetDistributionConfigurationArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getDistributionConfiguration\n Arguments:\n arn: arn:aws:imagebuilder:us-west-2:aws:distribution-configuration/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDistributionConfiguration.\n", "properties": { "arn": { "type": "string", "description": "ARN of the distribution configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the distribution configuration.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getDistributionConfiguration.\n", "properties": { "arn": { "type": "string" }, "dateCreated": { "description": "Date the distribution configuration was created.\n", "type": "string" }, "dateUpdated": { "description": "Date the distribution configuration was updated.\n", "type": "string" }, "description": { "description": "Description of the container distribution configuration.\n", "type": "string" }, "distributions": { "description": "Set of distributions.\n", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationDistribution:getDistributionConfigurationDistribution" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the distribution configuration.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the distribution configuration.\n", "type": "object" } }, "required": [ "arn", "dateCreated", "dateUpdated", "description", "distributions", "name", "tags", "id" ], "type": "object" } }, "aws:imagebuilder/getDistributionConfigurations:getDistributionConfigurations": { "description": "Use this data source to get the ARNs and names of Image Builder Distribution Configurations matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getDistributionConfigurations({\n filters: [{\n name: \"name\",\n values: [\"example\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_distribution_configurations(filters=[{\n \"name\": \"name\",\n \"values\": [\"example\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetDistributionConfigurations.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetDistributionConfigurationsFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetDistributionConfigurations(ctx, \u0026imagebuilder.GetDistributionConfigurationsArgs{\n\t\t\tFilters: []imagebuilder.GetDistributionConfigurationsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetDistributionConfigurationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getDistributionConfigurations(GetDistributionConfigurationsArgs.builder()\n .filters(GetDistributionConfigurationsFilterArgs.builder()\n .name(\"name\")\n .values(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getDistributionConfigurations\n Arguments:\n filters:\n - name: name\n values:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDistributionConfigurations.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationsFilter:getDistributionConfigurationsFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDistributionConfigurations.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Distribution Configurations.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getDistributionConfigurationsFilter:getDistributionConfigurationsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Distribution Configurations.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:imagebuilder/getImage:getImage": { "description": "Provides details about an Image Builder Image.\n\n## Example Usage\n\n### Latest\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getImage({\n arn: \"arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_image(arn=\"arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetImage.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupImage(ctx, \u0026imagebuilder.LookupImageArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getImage(GetImageArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getImage\n Arguments:\n arn: arn:aws:imagebuilder:us-west-2:aws:image/amazon-linux-2-x86/x.x.x\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImage.\n", "properties": { "arn": { "type": "string", "description": "ARN of the image. The suffix can either be specified with wildcards (`x.x.x`) to fetch the latest build version or a full build version (e.g., `2020.11.26/1`) to fetch an exact version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getImage.\n", "properties": { "arn": { "type": "string" }, "buildVersionArn": { "description": "Build version ARN of the image. This will always have the `#.#.#/#` suffix.\n", "type": "string" }, "containerRecipeArn": { "description": "ARN of the container recipe.\n", "type": "string" }, "dateCreated": { "description": "Date the image was created.\n", "type": "string" }, "distributionConfigurationArn": { "description": "ARN of the Image Builder Distribution Configuration.\n", "type": "string" }, "enhancedImageMetadataEnabled": { "description": "Whether additional information about the image being created is collected.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageRecipeArn": { "description": "ARN of the image recipe.\n", "type": "string" }, "imageScanningConfigurations": { "description": "List of an object with image scanning configuration fields.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImageImageScanningConfiguration:getImageImageScanningConfiguration" }, "type": "array" }, "imageTestsConfigurations": { "description": "List of an object with image tests configuration.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImageImageTestsConfiguration:getImageImageTestsConfiguration" }, "type": "array" }, "infrastructureConfigurationArn": { "description": "ARN of the Image Builder Infrastructure Configuration.\n", "type": "string" }, "name": { "description": "Name of the AMI.\n", "type": "string" }, "osVersion": { "description": "Operating System version of the image.\n", "type": "string" }, "outputResources": { "description": "List of objects with resources created by the image.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImageOutputResource:getImageOutputResource" }, "type": "array" }, "platform": { "description": "Platform of the image.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image.\n", "type": "object" }, "version": { "description": "Version of the image.\n", "type": "string" } }, "required": [ "arn", "buildVersionArn", "containerRecipeArn", "dateCreated", "distributionConfigurationArn", "enhancedImageMetadataEnabled", "imageRecipeArn", "imageScanningConfigurations", "imageTestsConfigurations", "infrastructureConfigurationArn", "name", "osVersion", "outputResources", "platform", "tags", "version", "id" ], "type": "object" } }, "aws:imagebuilder/getImagePipeline:getImagePipeline": { "description": "Provides details about an Image Builder Image Pipeline.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getImagePipeline({\n arn: \"arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_image_pipeline(arn=\"arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetImagePipeline.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupImagePipeline(ctx, \u0026imagebuilder.LookupImagePipelineArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetImagePipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getImagePipeline(GetImagePipelineArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getImagePipeline\n Arguments:\n arn: arn:aws:imagebuilder:us-west-2:aws:image-pipeline/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImagePipeline.\n", "properties": { "arn": { "type": "string", "description": "ARN of the image pipeline.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image pipeline.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getImagePipeline.\n", "properties": { "arn": { "type": "string" }, "containerRecipeArn": { "description": "ARN of the container recipe.\n", "type": "string" }, "dateCreated": { "description": "Date the image pipeline was created.\n", "type": "string" }, "dateLastRun": { "description": "Date the image pipeline was last run.\n", "type": "string" }, "dateNextRun": { "description": "Date the image pipeline will run next.\n", "type": "string" }, "dateUpdated": { "description": "Date the image pipeline was updated.\n", "type": "string" }, "description": { "description": "Description of the image pipeline.\n", "type": "string" }, "distributionConfigurationArn": { "description": "ARN of the Image Builder Distribution Configuration.\n", "type": "string" }, "enhancedImageMetadataEnabled": { "description": "Whether additional information about the image being created is collected.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageRecipeArn": { "description": "ARN of the image recipe.\n", "type": "string" }, "imageScanningConfigurations": { "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelineImageScanningConfiguration:getImagePipelineImageScanningConfiguration" }, "type": "array" }, "imageTestsConfigurations": { "description": "List of an object with image tests configuration.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelineImageTestsConfiguration:getImagePipelineImageTestsConfiguration" }, "type": "array" }, "infrastructureConfigurationArn": { "description": "ARN of the Image Builder Infrastructure Configuration.\n", "type": "string" }, "name": { "description": "Name of the image pipeline.\n", "type": "string" }, "platform": { "description": "Platform of the image pipeline.\n", "type": "string" }, "schedules": { "description": "List of an object with schedule settings.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelineSchedule:getImagePipelineSchedule" }, "type": "array" }, "status": { "description": "Status of the image pipeline.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image pipeline.\n", "type": "object" } }, "required": [ "arn", "containerRecipeArn", "dateCreated", "dateLastRun", "dateNextRun", "dateUpdated", "description", "distributionConfigurationArn", "enhancedImageMetadataEnabled", "imageRecipeArn", "imageScanningConfigurations", "imageTestsConfigurations", "infrastructureConfigurationArn", "name", "platform", "schedules", "status", "tags", "id" ], "type": "object" } }, "aws:imagebuilder/getImagePipelines:getImagePipelines": { "description": "Use this data source to get the ARNs and names of Image Builder Image Pipelines matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getImagePipelines({\n filters: [{\n name: \"name\",\n values: [\"example\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_image_pipelines(filters=[{\n \"name\": \"name\",\n \"values\": [\"example\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetImagePipelines.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetImagePipelinesFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetImagePipelines(ctx, \u0026imagebuilder.GetImagePipelinesArgs{\n\t\t\tFilters: []imagebuilder.GetImagePipelinesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetImagePipelinesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getImagePipelines(GetImagePipelinesArgs.builder()\n .filters(GetImagePipelinesFilterArgs.builder()\n .name(\"name\")\n .values(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getImagePipelines\n Arguments:\n filters:\n - name: name\n values:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImagePipelines.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelinesFilter:getImagePipelinesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getImagePipelines.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Image Pipelines.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getImagePipelinesFilter:getImagePipelinesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Image Pipelines.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:imagebuilder/getImageRecipe:getImageRecipe": { "description": "Provides details about an Image Builder Image Recipe.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getImageRecipe({\n arn: \"arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_image_recipe(arn=\"arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetImageRecipe.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupImageRecipe(ctx, \u0026imagebuilder.LookupImageRecipeArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetImageRecipeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getImageRecipe(GetImageRecipeArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getImageRecipe\n Arguments:\n arn: arn:aws:imagebuilder:us-east-1:aws:image-recipe/example/1.0.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImageRecipe.\n", "properties": { "arn": { "type": "string", "description": "ARN of the image recipe.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image recipe.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getImageRecipe.\n", "properties": { "arn": { "type": "string" }, "blockDeviceMappings": { "description": "Set of objects with block device mappings for the image recipe.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipeBlockDeviceMapping:getImageRecipeBlockDeviceMapping" }, "type": "array" }, "components": { "description": "List of objects with components for the image recipe.\n", "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipeComponent:getImageRecipeComponent" }, "type": "array" }, "dateCreated": { "description": "Date the image recipe was created.\n", "type": "string" }, "description": { "description": "Description of the image recipe.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the image recipe.\n", "type": "string" }, "owner": { "description": "Owner of the image recipe.\n", "type": "string" }, "parentImage": { "description": "Base image of the image recipe.\n", "type": "string" }, "platform": { "description": "Platform of the image recipe.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the image recipe.\n", "type": "object" }, "userDataBase64": { "description": "Base64 encoded contents of user data. Commands or a command script to run when build instance is launched.\n", "type": "string" }, "version": { "description": "Version of the image recipe.\n", "type": "string" }, "workingDirectory": { "description": "Working directory used during build and test workflows.\n", "type": "string" } }, "required": [ "arn", "blockDeviceMappings", "components", "dateCreated", "description", "name", "owner", "parentImage", "platform", "userDataBase64", "version", "workingDirectory", "id" ], "type": "object" } }, "aws:imagebuilder/getImageRecipes:getImageRecipes": { "description": "Use this data source to get the ARNs and names of Image Builder Image Recipes matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getImageRecipes({\n owner: \"Self\",\n filters: [{\n name: \"platform\",\n values: [\"Linux\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_image_recipes(owner=\"Self\",\n filters=[{\n \"name\": \"platform\",\n \"values\": [\"Linux\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetImageRecipes.Invoke(new()\n {\n Owner = \"Self\",\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetImageRecipesFilterInputArgs\n {\n Name = \"platform\",\n Values = new[]\n {\n \"Linux\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetImageRecipes(ctx, \u0026imagebuilder.GetImageRecipesArgs{\n\t\t\tOwner: pulumi.StringRef(\"Self\"),\n\t\t\tFilters: []imagebuilder.GetImageRecipesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"platform\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Linux\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetImageRecipesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getImageRecipes(GetImageRecipesArgs.builder()\n .owner(\"Self\")\n .filters(GetImageRecipesFilterArgs.builder()\n .name(\"platform\")\n .values(\"Linux\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getImageRecipes\n Arguments:\n owner: Self\n filters:\n - name: platform\n values:\n - Linux\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImageRecipes.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipesFilter:getImageRecipesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "owner": { "type": "string", "description": "Owner of the image recipes. Valid values are `Self`, `Shared`, `Amazon` and `ThirdParty`. Defaults to `Self`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getImageRecipes.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Image Recipes.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getImageRecipesFilter:getImageRecipesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Image Recipes.\n", "items": { "type": "string" }, "type": "array" }, "owner": { "type": "string" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:imagebuilder/getInfrastructureConfiguration:getInfrastructureConfiguration": { "description": "Provides details about an Image Builder Infrastructure Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getInfrastructureConfiguration({\n arn: \"arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_infrastructure_configuration(arn=\"arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetInfrastructureConfiguration.Invoke(new()\n {\n Arn = \"arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.LookupInfrastructureConfiguration(ctx, \u0026imagebuilder.LookupInfrastructureConfigurationArgs{\n\t\t\tArn: \"arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetInfrastructureConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getInfrastructureConfiguration(GetInfrastructureConfigurationArgs.builder()\n .arn(\"arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getInfrastructureConfiguration\n Arguments:\n arn: arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInfrastructureConfiguration.\n", "properties": { "arn": { "type": "string", "description": "ARN of the infrastructure configuration.\n" }, "resourceTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the infrastructure created by the infrastructure configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the infrastructure configuration.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getInfrastructureConfiguration.\n", "properties": { "arn": { "type": "string" }, "dateCreated": { "description": "Date the infrastructure configuration was updated.\n", "type": "string" }, "dateUpdated": { "type": "string" }, "description": { "description": "Description of the infrastructure configuration.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceMetadataOptions": { "description": "Nested list of instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances.\n", "items": { "$ref": "#/types/aws:imagebuilder/getInfrastructureConfigurationInstanceMetadataOption:getInfrastructureConfigurationInstanceMetadataOption" }, "type": "array" }, "instanceProfileName": { "description": "Name of the IAM Instance Profile associated with the configuration.\n", "type": "string" }, "instanceTypes": { "description": "Set of EC2 Instance Types associated with the configuration.\n", "items": { "type": "string" }, "type": "array" }, "keyPair": { "description": "Name of the EC2 Key Pair associated with the configuration.\n", "type": "string" }, "loggings": { "description": "Nested list of logging settings.\n", "items": { "$ref": "#/types/aws:imagebuilder/getInfrastructureConfigurationLogging:getInfrastructureConfigurationLogging" }, "type": "array" }, "name": { "description": "Name of the infrastructure configuration.\n", "type": "string" }, "resourceTags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the infrastructure created by the infrastructure configuration.\n", "type": "object" }, "securityGroupIds": { "description": "Set of EC2 Security Group identifiers associated with the configuration.\n", "items": { "type": "string" }, "type": "array" }, "snsTopicArn": { "description": "ARN of the SNS Topic associated with the configuration.\n", "type": "string" }, "subnetId": { "description": "Identifier of the EC2 Subnet associated with the configuration.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the infrastructure configuration.\n", "type": "object" }, "terminateInstanceOnFailure": { "description": "Whether instances are terminated on failure.\n", "type": "boolean" } }, "required": [ "arn", "dateCreated", "dateUpdated", "description", "instanceMetadataOptions", "instanceProfileName", "instanceTypes", "keyPair", "loggings", "name", "resourceTags", "securityGroupIds", "snsTopicArn", "subnetId", "tags", "terminateInstanceOnFailure", "id" ], "type": "object" } }, "aws:imagebuilder/getInfrastructureConfigurations:getInfrastructureConfigurations": { "description": "Use this data source to get the ARNs and names of Image Builder Infrastructure Configurations matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.imagebuilder.getInfrastructureConfigurations({\n filters: [{\n name: \"name\",\n values: [\"example\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.imagebuilder.get_infrastructure_configurations(filters=[{\n \"name\": \"name\",\n \"values\": [\"example\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ImageBuilder.GetInfrastructureConfigurations.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.ImageBuilder.Inputs.GetInfrastructureConfigurationsFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/imagebuilder\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := imagebuilder.GetInfrastructureConfigurations(ctx, \u0026imagebuilder.GetInfrastructureConfigurationsArgs{\n\t\t\tFilters: []imagebuilder.GetInfrastructureConfigurationsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.imagebuilder.ImagebuilderFunctions;\nimport com.pulumi.aws.imagebuilder.inputs.GetInfrastructureConfigurationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ImagebuilderFunctions.getInfrastructureConfigurations(GetInfrastructureConfigurationsArgs.builder()\n .filters(GetInfrastructureConfigurationsFilterArgs.builder()\n .name(\"name\")\n .values(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:imagebuilder:getInfrastructureConfigurations\n Arguments:\n filters:\n - name: name\n values:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInfrastructureConfigurations.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:imagebuilder/getInfrastructureConfigurationsFilter:getInfrastructureConfigurationsFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInfrastructureConfigurations.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Image Builder Infrastructure Configurations.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:imagebuilder/getInfrastructureConfigurationsFilter:getInfrastructureConfigurationsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Image Builder Infrastructure Configurations.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:index/getArn:getArn": { "description": "Parses an ARN into its constituent parts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dbInstance = aws.getArn({\n arn: \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndb_instance = aws.get_arn(arn=\"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbInstance = Aws.GetArn.Invoke(new()\n {\n Arn = \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetArn(ctx, \u0026aws.GetArnArgs{\n\t\t\tArn: \"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetArnArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var dbInstance = AwsFunctions.getArn(GetArnArgs.builder()\n .arn(\"arn:aws:rds:eu-west-1:123456789012:db:mysql-db\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n dbInstance:\n fn::invoke:\n Function: aws:getArn\n Arguments:\n arn: arn:aws:rds:eu-west-1:123456789012:db:mysql-db\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getArn.\n", "properties": { "arn": { "type": "string", "description": "ARN to parse.\n" }, "id": { "type": "string" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getArn.\n", "properties": { "account": { "description": "The [ID](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html) of the AWS account that owns the resource, without the hyphens.\n", "type": "string" }, "arn": { "type": "string" }, "id": { "type": "string" }, "partition": { "description": "Partition that the resource is in.\n", "type": "string" }, "region": { "description": "Region the resource resides in.\nNote that the ARNs for some resources do not require a region, so this component might be omitted.\n", "type": "string" }, "resource": { "description": "Content of this part of the ARN varies by service.\nIt often includes an indicator of the type of resource—for example, an IAM user or Amazon RDS database —followed by a slash (/) or a colon (:), followed by the resource name itself.\n", "type": "string" }, "service": { "description": "The [service namespace](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) that identifies the AWS product.\n", "type": "string" } }, "required": [ "account", "arn", "id", "partition", "region", "resource", "service" ], "type": "object" } }, "aws:index/getAvailabilityZone:getAvailabilityZone": { "description": "`aws.getAvailabilityZone` provides details about a specific availability zone (AZ)\nin the current region.\n\nThis can be used both to validate an availability zone given in a variable\nand to split the AZ name into its component parts of an AWS region and an\nAZ identifier letter. The latter may be useful e.g., for implementing a\nconsistent subnet numbering scheme across several regions by mapping both\nthe region and the subnet letter to network numbers.\n\nThis is different from the `aws.getAvailabilityZones` (plural) data source,\nwhich provides a list of the available zones.\n\n## Example Usage\n\nThe following example shows how this data source might be used to derive\nVPC and subnet CIDR prefixes systematically for an availability zone.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst config = new pulumi.Config();\nconst regionNumber = config.getObject(\"regionNumber\") || {\n \"ap-northeast-1\": 5,\n \"eu-central-1\": 4,\n \"us-east-1\": 1,\n \"us-west-1\": 2,\n \"us-west-2\": 3,\n};\nconst azNumber = config.getObject(\"azNumber\") || {\n a: 1,\n b: 2,\n c: 3,\n d: 4,\n e: 5,\n f: 6,\n};\n// Retrieve the AZ where we want to create network resources\n// This must be in the region selected on the AWS provider.\nconst example = aws.getAvailabilityZone({\n name: \"eu-central-1a\",\n});\n// Create a VPC for the region associated with the AZ\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: example.then(example =\u003e std.cidrsubnet({\n input: \"10.0.0.0/8\",\n newbits: 4,\n netnum: regionNumber[example.region],\n})).then(invoke =\u003e invoke.result)});\n// Create a subnet for the AZ within the regional VPC\nconst exampleSubnet = new aws.ec2.Subnet(\"example\", {\n vpcId: exampleVpc.id,\n cidrBlock: pulumi.all([exampleVpc.cidrBlock, example]).apply(([cidrBlock, example]) =\u003e std.cidrsubnetOutput({\n input: cidrBlock,\n newbits: 4,\n netnum: azNumber[example.nameSuffix],\n })).apply(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nconfig = pulumi.Config()\nregion_number = config.get_object(\"regionNumber\")\nif region_number is None:\n region_number = {\n \"ap-northeast-1\": 5,\n \"eu-central-1\": 4,\n \"us-east-1\": 1,\n \"us-west-1\": 2,\n \"us-west-2\": 3,\n }\naz_number = config.get_object(\"azNumber\")\nif az_number is None:\n az_number = {\n \"a\": 1,\n \"b\": 2,\n \"c\": 3,\n \"d\": 4,\n \"e\": 5,\n \"f\": 6,\n }\n# Retrieve the AZ where we want to create network resources\n# This must be in the region selected on the AWS provider.\nexample = aws.get_availability_zone(name=\"eu-central-1a\")\n# Create a VPC for the region associated with the AZ\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=std.cidrsubnet(input=\"10.0.0.0/8\",\n newbits=4,\n netnum=region_number[example.region]).result)\n# Create a subnet for the AZ within the regional VPC\nexample_subnet = aws.ec2.Subnet(\"example\",\n vpc_id=example_vpc.id,\n cidr_block=example_vpc.cidr_block.apply(lambda cidr_block: std.cidrsubnet_output(input=cidr_block,\n newbits=4,\n netnum=az_number[example.name_suffix])).apply(lambda invoke: invoke.result))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var regionNumber = config.GetObject\u003cdynamic\u003e(\"regionNumber\") ?? \n {\n { \"ap-northeast-1\", 5 },\n { \"eu-central-1\", 4 },\n { \"us-east-1\", 1 },\n { \"us-west-1\", 2 },\n { \"us-west-2\", 3 },\n };\n var azNumber = config.GetObject\u003cdynamic\u003e(\"azNumber\") ?? \n {\n { \"a\", 1 },\n { \"b\", 2 },\n { \"c\", 3 },\n { \"d\", 4 },\n { \"e\", 5 },\n { \"f\", 6 },\n };\n // Retrieve the AZ where we want to create network resources\n // This must be in the region selected on the AWS provider.\n var example = Aws.GetAvailabilityZone.Invoke(new()\n {\n Name = \"eu-central-1a\",\n });\n\n // Create a VPC for the region associated with the AZ\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = Std.Cidrsubnet.Invoke(new()\n {\n Input = \"10.0.0.0/8\",\n Newbits = 4,\n Netnum = regionNumber[example.Apply(getAvailabilityZoneResult =\u003e getAvailabilityZoneResult.Region)],\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n // Create a subnet for the AZ within the regional VPC\n var exampleSubnet = new Aws.Ec2.Subnet(\"example\", new()\n {\n VpcId = exampleVpc.Id,\n CidrBlock = Output.Tuple(exampleVpc.CidrBlock, example).Apply(values =\u003e\n {\n var cidrBlock = values.Item1;\n var example = values.Item2;\n return Std.Cidrsubnet.Invoke(new()\n {\n Input = cidrBlock,\n Newbits = 4,\n Netnum = azNumber[example.Apply(getAvailabilityZoneResult =\u003e getAvailabilityZoneResult.NameSuffix)],\n });\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tregionNumber := map[string]interface{}{\n\t\t\t\"ap-northeast-1\": 5,\n\t\t\t\"eu-central-1\": 4,\n\t\t\t\"us-east-1\": 1,\n\t\t\t\"us-west-1\": 2,\n\t\t\t\"us-west-2\": 3,\n\t\t}\n\t\tif param := cfg.GetObject(\"regionNumber\"); param != nil {\n\t\t\tregionNumber = param\n\t\t}\n\t\tazNumber := map[string]interface{}{\n\t\t\t\"a\": 1,\n\t\t\t\"b\": 2,\n\t\t\t\"c\": 3,\n\t\t\t\"d\": 4,\n\t\t\t\"e\": 5,\n\t\t\t\"f\": 6,\n\t\t}\n\t\tif param := cfg.GetObject(\"azNumber\"); param != nil {\n\t\t\tazNumber = param\n\t\t}\n\t\t// Retrieve the AZ where we want to create network resources\n\t\t// This must be in the region selected on the AWS provider.\n\t\texample, err := aws.GetAvailabilityZone(ctx, \u0026aws.GetAvailabilityZoneArgs{\n\t\t\tName: pulumi.StringRef(\"eu-central-1a\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeCidrsubnet, err := std.Cidrsubnet(ctx, \u0026std.CidrsubnetArgs{\n\t\t\tInput: \"10.0.0.0/8\",\n\t\t\tNewbits: 4,\n\t\t\tNetnum: regionNumber[example.Region],\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a VPC for the region associated with the AZ\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(invokeCidrsubnet.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a subnet for the AZ within the regional VPC\n\t\t_, err = ec2.NewSubnet(ctx, \"example\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(exampleVpc.CidrBlock.ApplyT(func(cidrBlock string) (std.CidrsubnetResult, error) {\n\t\t\t\treturn std.CidrsubnetResult(interface{}(std.CidrsubnetOutput(ctx, std.CidrsubnetOutputArgs{\n\t\t\t\t\tInput: cidrBlock,\n\t\t\t\t\tNewbits: 4,\n\t\t\t\t\tNetnum: pulumi.Int(azNumber[example.NameSuffix]),\n\t\t\t\t}, nil))), nil\n\t\t\t}).(std.CidrsubnetResultOutput).ApplyT(func(invoke std.CidrsubnetResult) (*string, error) {\n\t\t\t\treturn invoke.Result, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZoneArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var regionNumber = config.get(\"regionNumber\").orElse(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n final var azNumber = config.get(\"azNumber\").orElse(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference));\n // Retrieve the AZ where we want to create network resources\n // This must be in the region selected on the AWS provider.\n final var example = AwsFunctions.getAvailabilityZone(GetAvailabilityZoneArgs.builder()\n .name(\"eu-central-1a\")\n .build());\n\n // Create a VPC for the region associated with the AZ\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder()\n .cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()\n .input(\"10.0.0.0/8\")\n .newbits(4)\n .netnum(regionNumber[example.applyValue(getAvailabilityZoneResult -\u003e getAvailabilityZoneResult.region())])\n .build()).result())\n .build());\n\n // Create a subnet for the AZ within the regional VPC\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder()\n .vpcId(exampleVpc.id())\n .cidrBlock(exampleVpc.cidrBlock().applyValue(cidrBlock -\u003e StdFunctions.cidrsubnet()).applyValue(invoke -\u003e invoke.result()))\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAvailabilityZone.\n", "properties": { "allAvailabilityZones": { "type": "boolean", "description": "Set to `true` to include all Availability Zones and Local Zones regardless of your opt in status.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:index/getAvailabilityZoneFilter:getAvailabilityZoneFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "name": { "type": "string", "description": "Full name of the availability zone to select.\n" }, "state": { "type": "string", "description": "Specific availability zone state to require. May be any of `\"available\"`, `\"information\"` or `\"impaired\"`.\n" }, "zoneId": { "type": "string", "description": "Zone ID of the availability zone to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAvailabilityZone.\n", "properties": { "allAvailabilityZones": { "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:index/getAvailabilityZoneFilter:getAvailabilityZoneFilter" }, "type": "array" }, "groupName": { "description": "For Availability Zones, this is the same value as the Region name. For Local Zones, the name of the associated group, for example `us-west-2-lax-1`.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "nameSuffix": { "description": "Part of the AZ name that appears after the region name, uniquely identifying the AZ within its region.\nFor Availability Zones this is usually a single letter, for example `a` for the `us-west-2a` zone.\nFor Local and Wavelength Zones this is a longer string, for example `wl1-sfo-wlz-1` for the `us-west-2-wl1-sfo-wlz-1` zone.\n", "type": "string" }, "networkBorderGroup": { "description": "The name of the location from which the address is advertised.\n", "type": "string" }, "optInStatus": { "description": "For Availability Zones, this always has the value of `opt-in-not-required`. For Local Zones, this is the opt in status. The possible values are `opted-in` and `not-opted-in`.\n", "type": "string" }, "parentZoneId": { "description": "ID of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.\n", "type": "string" }, "parentZoneName": { "description": "Name of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.\n", "type": "string" }, "region": { "description": "Region where the selected availability zone resides. This is always the region selected on the provider, since this data source searches only within that region.\n", "type": "string" }, "state": { "type": "string" }, "zoneId": { "type": "string" }, "zoneType": { "description": "Type of zone. Values are `availability-zone`, `local-zone`, and `wavelength-zone`.\n", "type": "string" } }, "required": [ "groupName", "name", "nameSuffix", "networkBorderGroup", "optInStatus", "parentZoneId", "parentZoneName", "region", "state", "zoneId", "zoneType", "id" ], "type": "object" } }, "aws:index/getAvailabilityZones:getAvailabilityZones": { "description": "The Availability Zones data source allows access to the list of AWS\nAvailability Zones which can be accessed by an AWS account within the region\nconfigured in the provider.\n\nThis is different from the `aws.getAvailabilityZone` (singular) data source,\nwhich provides some details about a specific availability zone.\n\n\u003e When [Local Zones](https://aws.amazon.com/about-aws/global-infrastructure/localzones/) are enabled in a region, by default the API and this data source include both Local Zones and Availability Zones. To return only Availability Zones, see the example section below.\n\n## Example Usage\n\n### By State\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\n// e.g., Create subnets in the first two available availability zones\nconst primary = new aws.ec2.Subnet(\"primary\", {availabilityZone: available.then(available =\u003e available.names?.[0])});\nconst secondary = new aws.ec2.Subnet(\"secondary\", {availabilityZone: available.then(available =\u003e available.names?.[1])});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\navailable = aws.get_availability_zones(state=\"available\")\n# e.g., Create subnets in the first two available availability zones\nprimary = aws.ec2.Subnet(\"primary\", availability_zone=available.names[0])\nsecondary = aws.ec2.Subnet(\"secondary\", availability_zone=available.names[1])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n // e.g., Create subnets in the first two available availability zones\n var primary = new Aws.Ec2.Subnet(\"primary\", new()\n {\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n });\n\n var secondary = new Aws.Ec2.Subnet(\"secondary\", new()\n {\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[1]),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Declare the data source\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// e.g., Create subnets in the first two available availability zones\n\t\t_, err = ec2.NewSubnet(ctx, \"primary\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSubnet(ctx, \"secondary\", \u0026ec2.SubnetArgs{\n\t\t\tAvailabilityZone: pulumi.String(available.Names[1]),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Declare the data source\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n // e.g., Create subnets in the first two available availability zones\n var primary = new Subnet(\"primary\", SubnetArgs.builder()\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .build());\n\n var secondary = new Subnet(\"secondary\", SubnetArgs.builder()\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[1]))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # e.g., Create subnets in the first two available availability zones\n primary:\n type: aws:ec2:Subnet\n properties:\n availabilityZone: ${available.names[0]}\n secondary:\n type: aws:ec2:Subnet\n properties:\n availabilityZone: ${available.names[1]}\nvariables:\n # Declare the data source\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Filter\n\nAll Local Zones (regardless of opt-in status):\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.getAvailabilityZones({\n allAvailabilityZones: true,\n filters: [{\n name: \"opt-in-status\",\n values: [\n \"not-opted-in\",\n \"opted-in\",\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_availability_zones(all_availability_zones=True,\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\n \"not-opted-in\",\n \"opted-in\",\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GetAvailabilityZones.Invoke(new()\n {\n AllAvailabilityZones = true,\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"not-opted-in\",\n \"opted-in\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tAllAvailabilityZones: pulumi.BoolRef(true),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"not-opted-in\",\n\t\t\t\t\t\t\"opted-in\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .allAvailabilityZones(true)\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values( \n \"not-opted-in\",\n \"opted-in\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n allAvailabilityZones: true\n filters:\n - name: opt-in-status\n values:\n - not-opted-in\n - opted-in\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nOnly Availability Zones (no Local Zones):\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.getAvailabilityZones({\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_availability_zones(filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"opt-in-not-required\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GetAvailabilityZones.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAvailabilityZones.\n", "properties": { "allAvailabilityZones": { "type": "boolean", "description": "Set to `true` to include all Availability Zones and Local Zones regardless of your opt in status.\n" }, "excludeNames": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zone names to exclude.\n" }, "excludeZoneIds": { "type": "array", "items": { "type": "string" }, "description": "List of Availability Zone IDs to exclude.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:index/getAvailabilityZonesFilter:getAvailabilityZonesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "state": { "type": "string", "description": "Allows to filter list of Availability Zones based on their\ncurrent state. Can be either `\"available\"`, `\"information\"`, `\"impaired\"` or\n`\"unavailable\"`. By default the list includes a complete set of Availability Zones\nto which the underlying AWS account has access, regardless of their state.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAvailabilityZones.\n", "properties": { "allAvailabilityZones": { "type": "boolean" }, "excludeNames": { "items": { "type": "string" }, "type": "array" }, "excludeZoneIds": { "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:index/getAvailabilityZonesFilter:getAvailabilityZonesFilter" }, "type": "array" }, "groupNames": { "description": "A set of the Availability Zone Group names. For Availability Zones, this is the same value as the Region name. For Local Zones, the name of the associated group, for example `us-west-2-lax-1`.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "List of the Availability Zone names available to the account.\n", "items": { "type": "string" }, "type": "array" }, "state": { "type": "string" }, "zoneIds": { "description": "List of the Availability Zone IDs available to the account.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "groupNames", "names", "zoneIds", "id" ], "type": "object" } }, "aws:index/getBillingServiceAccount:getBillingServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Billing and Cost Management Service Account](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2) for the purpose of permitting in S3 bucket policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.getBillingServiceAccount({});\nconst billingLogs = new aws.s3.BucketV2(\"billing_logs\", {bucket: \"my-billing-tf-test-bucket\"});\nconst billingLogsAcl = new aws.s3.BucketAclV2(\"billing_logs_acl\", {\n bucket: billingLogs.id,\n acl: \"private\",\n});\nconst allowBillingLogging = pulumi.all([main, billingLogs.arn, main, billingLogs.arn]).apply(([main, billingLogsArn, main1, billingLogsArn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main.arn],\n }],\n actions: [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketPolicy\",\n ],\n resources: [billingLogsArn],\n },\n {\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main1.arn],\n }],\n actions: [\"s3:PutObject\"],\n resources: [`${billingLogsArn1}/*`],\n },\n ],\n}));\nconst allowBillingLoggingBucketPolicy = new aws.s3.BucketPolicy(\"allow_billing_logging\", {\n bucket: billingLogs.id,\n policy: allowBillingLogging.apply(allowBillingLogging =\u003e allowBillingLogging.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.get_billing_service_account()\nbilling_logs = aws.s3.BucketV2(\"billing_logs\", bucket=\"my-billing-tf-test-bucket\")\nbilling_logs_acl = aws.s3.BucketAclV2(\"billing_logs_acl\",\n bucket=billing_logs.id,\n acl=\"private\")\nallow_billing_logging = pulumi.Output.all(billing_logs.arn, billing_logs.arn).apply(lambda billingLogsArn, billingLogsArn1: aws.iam.get_policy_document_output(statements=[\n {\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketPolicy\",\n ],\n \"resources\": [billing_logs_arn],\n },\n {\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [f\"{billing_logs_arn1}/*\"],\n },\n]))\nallow_billing_logging_bucket_policy = aws.s3.BucketPolicy(\"allow_billing_logging\",\n bucket=billing_logs.id,\n policy=allow_billing_logging.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.GetBillingServiceAccount.Invoke();\n\n var billingLogs = new Aws.S3.BucketV2(\"billing_logs\", new()\n {\n Bucket = \"my-billing-tf-test-bucket\",\n });\n\n var billingLogsAcl = new Aws.S3.BucketAclV2(\"billing_logs_acl\", new()\n {\n Bucket = billingLogs.Id,\n Acl = \"private\",\n });\n\n var allowBillingLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getBillingServiceAccountResult =\u003e getBillingServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n \"s3:GetBucketPolicy\",\n },\n Resources = new[]\n {\n billingLogs.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getBillingServiceAccountResult =\u003e getBillingServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{billingLogs.Arn}/*\",\n },\n },\n },\n });\n\n var allowBillingLoggingBucketPolicy = new Aws.S3.BucketPolicy(\"allow_billing_logging\", new()\n {\n Bucket = billingLogs.Id,\n Policy = allowBillingLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nmain, err := aws.GetBillingServiceAccount(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nbillingLogs, err := s3.NewBucketV2(ctx, \"billing_logs\", \u0026s3.BucketV2Args{\nBucket: pulumi.String(\"my-billing-tf-test-bucket\"),\n})\nif err != nil {\nreturn err\n}\n_, err = s3.NewBucketAclV2(ctx, \"billing_logs_acl\", \u0026s3.BucketAclV2Args{\nBucket: billingLogs.ID(),\nAcl: pulumi.String(\"private\"),\n})\nif err != nil {\nreturn err\n}\nallowBillingLogging := pulumi.All(billingLogs.Arn,billingLogs.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\nbillingLogsArn := _args[0].(string)\nbillingLogsArn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:GetBucketAcl\",\n\"s3:GetBucketPolicy\",\n},\nResources: []string{\nbillingLogsArn,\n},\n},\n{\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:PutObject\",\n},\nResources: []string{\nfmt.Sprintf(\"%v/*\", billingLogsArn1),\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = s3.NewBucketPolicy(ctx, \"allow_billing_logging\", \u0026s3.BucketPolicyArgs{\nBucket: billingLogs.ID(),\nPolicy: pulumi.String(allowBillingLogging.ApplyT(func(allowBillingLogging iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026allowBillingLogging.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetBillingServiceAccountArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = AwsFunctions.getBillingServiceAccount();\n\n var billingLogs = new BucketV2(\"billingLogs\", BucketV2Args.builder()\n .bucket(\"my-billing-tf-test-bucket\")\n .build());\n\n var billingLogsAcl = new BucketAclV2(\"billingLogsAcl\", BucketAclV2Args.builder()\n .bucket(billingLogs.id())\n .acl(\"private\")\n .build());\n\n final var allowBillingLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getBillingServiceAccountResult -\u003e getBillingServiceAccountResult.arn()))\n .build())\n .actions( \n \"s3:GetBucketAcl\",\n \"s3:GetBucketPolicy\")\n .resources(billingLogs.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getBillingServiceAccountResult -\u003e getBillingServiceAccountResult.arn()))\n .build())\n .actions(\"s3:PutObject\")\n .resources(billingLogs.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var allowBillingLoggingBucketPolicy = new BucketPolicy(\"allowBillingLoggingBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(billingLogs.id())\n .policy(allowBillingLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(allowBillingLogging -\u003e allowBillingLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n billingLogs:\n type: aws:s3:BucketV2\n name: billing_logs\n properties:\n bucket: my-billing-tf-test-bucket\n billingLogsAcl:\n type: aws:s3:BucketAclV2\n name: billing_logs_acl\n properties:\n bucket: ${billingLogs.id}\n acl: private\n allowBillingLoggingBucketPolicy:\n type: aws:s3:BucketPolicy\n name: allow_billing_logging\n properties:\n bucket: ${billingLogs.id}\n policy: ${allowBillingLogging.json}\nvariables:\n main:\n fn::invoke:\n Function: aws:getBillingServiceAccount\n Arguments: {}\n allowBillingLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:GetBucketAcl\n - s3:GetBucketPolicy\n resources:\n - ${billingLogs.arn}\n - effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:PutObject\n resources:\n - ${billingLogs.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBillingServiceAccount.\n", "properties": { "id": { "type": "string", "description": "ID of the AWS billing service account.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBillingServiceAccount.\n", "properties": { "arn": { "description": "ARN of the AWS billing service account.\n", "type": "string" }, "id": { "description": "ID of the AWS billing service account.\n", "type": "string" } }, "required": [ "arn", "id" ], "type": "object" } }, "aws:index/getCallerIdentity:getCallerIdentity": { "description": "Use this data source to get the access to the effective Account ID, User ID, and ARN in\nwhich this provider is authorized.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nexport const accountId = current.then(current =\u003e current.accountId);\nexport const callerArn = current.then(current =\u003e current.arn);\nexport const callerUser = current.then(current =\u003e current.userId);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\npulumi.export(\"accountId\", current.account_id)\npulumi.export(\"callerArn\", current.arn)\npulumi.export(\"callerUser\", current.user_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"accountId\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n [\"callerArn\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n [\"callerUser\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.UserId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"accountId\", current.AccountId)\n\t\tctx.Export(\"callerArn\", current.Arn)\n\t\tctx.Export(\"callerUser\", current.UserId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n ctx.export(\"accountId\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()));\n ctx.export(\"callerArn\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()));\n ctx.export(\"callerUser\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.userId()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\noutputs:\n accountId: ${current.accountId}\n callerArn: ${current.arn}\n callerUser: ${current.userId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCallerIdentity.\n", "properties": { "id": { "type": "string", "description": "Account ID number of the account that owns or contains the calling entity.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCallerIdentity.\n", "properties": { "accountId": { "description": "AWS Account ID number of the account that owns or contains the calling entity.\n", "type": "string" }, "arn": { "description": "ARN associated with the calling entity.\n", "type": "string" }, "id": { "description": "Account ID number of the account that owns or contains the calling entity.\n", "type": "string" }, "userId": { "description": "Unique identifier of the calling entity.\n", "type": "string" } }, "required": [ "accountId", "arn", "id", "userId" ], "type": "object" } }, "aws:index/getDefaultTags:getDefaultTags": { "description": "Use this data source to get the default tags configured on the provider.\n\nWith this data source, you can apply default tags to resources not _directly_ managed by a resource, such as the instances underneath an Auto Scaling group or the volumes created for an EC2 instance.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.getDefaultTags({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_default_tags()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GetDefaultTags.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetDefaultTags(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetDefaultTagsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = AwsFunctions.getDefaultTags();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:getDefaultTags\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Dynamically Apply Default Tags to Auto Scaling Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.getDefaultTags({});\nconst exampleGroup = new aws.autoscaling.Group(\"example\", {tags: .map(entry =\u003e ({\n key: entry.key,\n value: entry.value,\n propagateAtLaunch: true,\n}))});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.get_default_tags()\nexample_group = aws.autoscaling.Group(\"example\", tags=[{\n \"key\": entry[\"key\"],\n \"value\": entry[\"value\"],\n \"propagate_at_launch\": True,\n} for entry in [{\"key\": k, \"value\": v} for k, v in example.tags]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.GetDefaultTags.Invoke();\n\n var exampleGroup = new Aws.AutoScaling.Group(\"example\", new()\n {\n Tags = ,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDefaultTags.\n", "properties": { "id": { "type": "string" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDefaultTags.\n", "properties": { "id": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of provider default tags.\n", "type": "object" } }, "required": [ "id", "tags" ], "type": "object" } }, "aws:index/getIpRanges:getIpRanges": { "description": "Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the [AWS IP Address Ranges documentation](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst europeanEc2 = aws.getIpRanges({\n regions: [\n \"eu-west-1\",\n \"eu-central-1\",\n ],\n services: [\"ec2\"],\n});\nconst fromEurope = new aws.ec2.SecurityGroup(\"from_europe\", {\n name: \"from_europe\",\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: europeanEc2.then(europeanEc2 =\u003e europeanEc2.cidrBlocks),\n ipv6CidrBlocks: europeanEc2.then(europeanEc2 =\u003e europeanEc2.ipv6CidrBlocks),\n }],\n tags: {\n CreateDate: europeanEc2.then(europeanEc2 =\u003e europeanEc2.createDate),\n SyncToken: europeanEc2.then(europeanEc2 =\u003e europeanEc2.syncToken),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\neuropean_ec2 = aws.get_ip_ranges(regions=[\n \"eu-west-1\",\n \"eu-central-1\",\n ],\n services=[\"ec2\"])\nfrom_europe = aws.ec2.SecurityGroup(\"from_europe\",\n name=\"from_europe\",\n ingress=[{\n \"from_port\": 443,\n \"to_port\": 443,\n \"protocol\": \"tcp\",\n \"cidr_blocks\": european_ec2.cidr_blocks,\n \"ipv6_cidr_blocks\": european_ec2.ipv6_cidr_blocks,\n }],\n tags={\n \"CreateDate\": european_ec2.create_date,\n \"SyncToken\": european_ec2.sync_token,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var europeanEc2 = Aws.GetIpRanges.Invoke(new()\n {\n Regions = new[]\n {\n \"eu-west-1\",\n \"eu-central-1\",\n },\n Services = new[]\n {\n \"ec2\",\n },\n });\n\n var fromEurope = new Aws.Ec2.SecurityGroup(\"from_europe\", new()\n {\n Name = \"from_europe\",\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = europeanEc2.Apply(getIpRangesResult =\u003e getIpRangesResult.CidrBlocks),\n Ipv6CidrBlocks = europeanEc2.Apply(getIpRangesResult =\u003e getIpRangesResult.Ipv6CidrBlocks),\n },\n },\n Tags = \n {\n { \"CreateDate\", europeanEc2.Apply(getIpRangesResult =\u003e getIpRangesResult.CreateDate) },\n { \"SyncToken\", europeanEc2.Apply(getIpRangesResult =\u003e getIpRangesResult.SyncToken) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\teuropeanEc2, err := aws.GetIpRanges(ctx, \u0026aws.GetIpRangesArgs{\n\t\t\tRegions: []string{\n\t\t\t\t\"eu-west-1\",\n\t\t\t\t\"eu-central-1\",\n\t\t\t},\n\t\t\tServices: []string{\n\t\t\t\t\"ec2\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSecurityGroup(ctx, \"from_europe\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"from_europe\"),\n\t\t\tIngress: ec2.SecurityGroupIngressArray{\n\t\t\t\t\u0026ec2.SecurityGroupIngressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(443),\n\t\t\t\t\tToPort: pulumi.Int(443),\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tCidrBlocks: interface{}(europeanEc2.CidrBlocks),\n\t\t\t\t\tIpv6CidrBlocks: interface{}(europeanEc2.Ipv6CidrBlocks),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"CreateDate\": pulumi.String(europeanEc2.CreateDate),\n\t\t\t\t\"SyncToken\": pulumi.Int(europeanEc2.SyncToken),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetIpRangesArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var europeanEc2 = AwsFunctions.getIpRanges(GetIpRangesArgs.builder()\n .regions( \n \"eu-west-1\",\n \"eu-central-1\")\n .services(\"ec2\")\n .build());\n\n var fromEurope = new SecurityGroup(\"fromEurope\", SecurityGroupArgs.builder()\n .name(\"from_europe\")\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(\"443\")\n .toPort(\"443\")\n .protocol(\"tcp\")\n .cidrBlocks(europeanEc2.applyValue(getIpRangesResult -\u003e getIpRangesResult.cidrBlocks()))\n .ipv6CidrBlocks(europeanEc2.applyValue(getIpRangesResult -\u003e getIpRangesResult.ipv6CidrBlocks()))\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"CreateDate\", europeanEc2.applyValue(getIpRangesResult -\u003e getIpRangesResult.createDate())),\n Map.entry(\"SyncToken\", europeanEc2.applyValue(getIpRangesResult -\u003e getIpRangesResult.syncToken()))\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n fromEurope:\n type: aws:ec2:SecurityGroup\n name: from_europe\n properties:\n name: from_europe\n ingress:\n - fromPort: '443'\n toPort: '443'\n protocol: tcp\n cidrBlocks: ${europeanEc2.cidrBlocks}\n ipv6CidrBlocks: ${europeanEc2.ipv6CidrBlocks}\n tags:\n CreateDate: ${europeanEc2.createDate}\n SyncToken: ${europeanEc2.syncToken}\nvariables:\n europeanEc2:\n fn::invoke:\n Function: aws:getIpRanges\n Arguments:\n regions:\n - eu-west-1\n - eu-central-1\n services:\n - ec2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIpRanges.\n", "properties": { "id": { "type": "string" }, "regions": { "type": "array", "items": { "type": "string" }, "description": "Filter IP ranges by regions (or include all regions, if\nomitted). Valid items are `global` (for `cloudfront`) as well as all AWS regions\n(e.g., `eu-central-1`)\n" }, "services": { "type": "array", "items": { "type": "string" }, "description": "Filter IP ranges by services. Valid items are `amazon`\n(for amazon.com), `amazon_connect`, `api_gateway`, `cloud9`, `cloudfront`,\n`codebuild`, `dynamodb`, `ec2`, `ec2_instance_connect`, `globalaccelerator`,\n`route53`, `route53_healthchecks`, `s3` and `workspaces_gateways`. See the\n[`service` attribute][2] documentation for other possible values.\n\n\u003e **NOTE:** If the specified combination of regions and services does not yield any\nCIDR blocks, this call will fail.\n" }, "url": { "type": "string", "description": "Custom URL for source JSON file. Syntax must match [AWS IP Address Ranges documentation](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html). Defaults to `https://ip-ranges.amazonaws.com/ip-ranges.json`.\n" } }, "type": "object", "required": [ "services" ] }, "outputs": { "description": "A collection of values returned by getIpRanges.\n", "properties": { "cidrBlocks": { "description": "Lexically ordered list of CIDR blocks.\n", "items": { "type": "string" }, "type": "array" }, "createDate": { "description": "Publication time of the IP ranges (e.g., `2016-08-03-23-46-05`).\n", "type": "string" }, "id": { "type": "string" }, "ipv6CidrBlocks": { "description": "Lexically ordered list of IPv6 CIDR blocks.\n", "items": { "type": "string" }, "type": "array" }, "regions": { "items": { "type": "string" }, "type": "array" }, "services": { "items": { "type": "string" }, "type": "array" }, "syncToken": { "description": "Publication time of the IP ranges, in Unix epoch time format\n(e.g., `1470267965`).\n", "type": "integer" }, "url": { "type": "string" } }, "required": [ "cidrBlocks", "createDate", "id", "ipv6CidrBlocks", "services", "syncToken" ], "type": "object" } }, "aws:index/getPartition:getPartition": { "description": "Use this data source to lookup information about the current AWS partition in\nwhich the provider is working.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getPartition({});\nconst s3Policy = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"1\",\n actions: [\"s3:ListBucket\"],\n resources: [`arn:${current.partition}:s3:::my-bucket`],\n }],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\ns3_policy = aws.iam.get_policy_document(statements=[{\n \"sid\": \"1\",\n \"actions\": [\"s3:ListBucket\"],\n \"resources\": [f\"arn:{current.partition}:s3:::my-bucket\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetPartition.Invoke();\n\n var s3Policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"1\",\n Actions = new[]\n {\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:s3:::my-bucket\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"1\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:%v:s3:::my-bucket\", current.Partition),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getPartition();\n\n final var s3Policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"1\")\n .actions(\"s3:ListBucket\")\n .resources(String.format(\"arn:%s:s3:::my-bucket\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n s3Policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: '1'\n actions:\n - s3:ListBucket\n resources:\n - arn:${current.partition}:s3:::my-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPartition.\n", "properties": { "id": { "type": "string", "description": "Identifier of the current partition (e.g., `aws` in AWS Commercial, `aws-cn` in AWS China).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getPartition.\n", "properties": { "dnsSuffix": { "description": "Base DNS domain name for the current partition (e.g., `amazonaws.com` in AWS Commercial, `amazonaws.com.cn` in AWS China).\n", "type": "string" }, "id": { "description": "Identifier of the current partition (e.g., `aws` in AWS Commercial, `aws-cn` in AWS China).\n", "type": "string" }, "partition": { "description": "Identifier of the current partition (e.g., `aws` in AWS Commercial, `aws-cn` in AWS China).\n", "type": "string" }, "reverseDnsPrefix": { "description": "Prefix of service names (e.g., `com.amazonaws` in AWS Commercial, `cn.com.amazonaws` in AWS China).\n", "type": "string" } }, "required": [ "dnsSuffix", "id", "partition", "reverseDnsPrefix" ], "type": "object" } }, "aws:index/getRegion:getRegion": { "description": "`aws.getRegion` provides details about a specific AWS region.\n\nAs well as validating a given region name this resource can be used to\ndiscover the name of the region configured within the provider. The latter\ncan be useful in a child module which is inheriting an AWS provider\nconfiguration from its parent module.\n\n## Example Usage\n\nThe following example shows how the resource might be used to obtain\nthe name of the AWS region configured on the provider.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRegion.\n", "properties": { "endpoint": { "type": "string", "description": "EC2 endpoint of the region to select.\n" }, "id": { "type": "string" }, "name": { "type": "string", "description": "Full name of the region to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRegion.\n", "properties": { "description": { "description": "Region's description in this format: \"Location (Region name)\".\n", "type": "string" }, "endpoint": { "description": "EC2 endpoint for the selected region.\n", "type": "string" }, "id": { "type": "string" }, "name": { "description": "Name of the selected region.\n", "type": "string" } }, "required": [ "description", "endpoint", "id", "name" ], "type": "object" } }, "aws:index/getRegions:getRegions": { "description": "Provides information about AWS Regions. Can be used to filter regions i.e., by Opt-In status or only regions enabled for current account. To get details like endpoint and description of each region the data source can be combined with the `aws.getRegion` data source.\n\n## Example Usage\n\nEnabled AWS Regions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegions({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegions.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegions();\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegions\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAll the regions regardless of the availability\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegions({\n allRegions: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions(all_regions=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegions.Invoke(new()\n {\n AllRegions = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegions(ctx, \u0026aws.GetRegionsArgs{\n\t\t\tAllRegions: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegions(GetRegionsArgs.builder()\n .allRegions(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegions\n Arguments:\n allRegions: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo see regions that are filtered by `\"not-opted-in\"`, the `all_regions` argument needs to be set to `true` or no results will be returned.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegions({\n allRegions: true,\n filters: [{\n name: \"opt-in-status\",\n values: [\"not-opted-in\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_regions(all_regions=True,\n filters=[{\n \"name\": \"opt-in-status\",\n \"values\": [\"not-opted-in\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegions.Invoke(new()\n {\n AllRegions = true,\n Filters = new[]\n {\n new Aws.Inputs.GetRegionsFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"not-opted-in\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetRegions(ctx, \u0026aws.GetRegionsArgs{\n\t\t\tAllRegions: pulumi.BoolRef(true),\n\t\t\tFilters: []aws.GetRegionsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"not-opted-in\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegions(GetRegionsArgs.builder()\n .allRegions(true)\n .filters(GetRegionsFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"not-opted-in\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegions\n Arguments:\n allRegions: true\n filters:\n - name: opt-in-status\n values:\n - not-opted-in\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRegions.\n", "properties": { "allRegions": { "type": "boolean", "description": "If true the source will query all regions regardless of availability.\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:index/getRegionsFilter:getRegionsFilter" }, "description": "Configuration block(s) to use as filters. Detailed below.\n" }, "id": { "type": "string", "description": "Identifier of the current partition (e.g., `aws` in AWS Commercial, `aws-cn` in AWS China).\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRegions.\n", "properties": { "allRegions": { "type": "boolean" }, "filters": { "items": { "$ref": "#/types/aws:index/getRegionsFilter:getRegionsFilter" }, "type": "array" }, "id": { "description": "Identifier of the current partition (e.g., `aws` in AWS Commercial, `aws-cn` in AWS China).\n", "type": "string" }, "names": { "description": "Names of regions that meets the criteria.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "id", "names" ], "type": "object" } }, "aws:index/getService:getService": { "description": "Use this data source to compose and decompose AWS service DNS names.\n\n## Example Usage\n\n### Get Service DNS Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst test = current.then(current =\u003e aws.getService({\n region: current.name,\n serviceId: \"ec2\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ntest = aws.get_service(region=current.name,\n service_id=\"ec2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var test = Aws.GetService.Invoke(new()\n {\n Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n ServiceId = \"ec2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.GetService(ctx, \u0026aws.GetServiceArgs{\n\t\t\tRegion: pulumi.StringRef(current.Name),\n\t\t\tServiceId: pulumi.StringRef(\"ec2\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var test = AwsFunctions.getService(GetServiceArgs.builder()\n .region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .serviceId(\"ec2\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n test:\n fn::invoke:\n Function: aws:getService\n Arguments:\n region: ${current.name}\n serviceId: ec2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Use Service Reverse DNS Name to Get Components\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = aws.getService({\n reverseDnsName: \"cn.com.amazonaws.cn-north-1.s3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.get_service(reverse_dns_name=\"cn.com.amazonaws.cn-north-1.s3\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = Aws.GetService.Invoke(new()\n {\n ReverseDnsName = \"cn.com.amazonaws.cn-north-1.s3\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetService(ctx, \u0026aws.GetServiceArgs{\n\t\t\tReverseDnsName: pulumi.StringRef(\"cn.com.amazonaws.cn-north-1.s3\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var s3 = AwsFunctions.getService(GetServiceArgs.builder()\n .reverseDnsName(\"cn.com.amazonaws.cn-north-1.s3\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n s3:\n fn::invoke:\n Function: aws:getService\n Arguments:\n reverseDnsName: cn.com.amazonaws.cn-north-1.s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Determine Regional Support for a Service\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = aws.getService({\n reverseDnsName: \"com.amazonaws.us-gov-west-1.waf\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.get_service(reverse_dns_name=\"com.amazonaws.us-gov-west-1.waf\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = Aws.GetService.Invoke(new()\n {\n ReverseDnsName = \"com.amazonaws.us-gov-west-1.waf\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetService(ctx, \u0026aws.GetServiceArgs{\n\t\t\tReverseDnsName: pulumi.StringRef(\"com.amazonaws.us-gov-west-1.waf\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var s3 = AwsFunctions.getService(GetServiceArgs.builder()\n .reverseDnsName(\"com.amazonaws.us-gov-west-1.waf\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n s3:\n fn::invoke:\n Function: aws:getService\n Arguments:\n reverseDnsName: com.amazonaws.us-gov-west-1.waf\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "dnsName": { "type": "string", "description": "DNS name of the service (_e.g.,_ `rds.us-east-1.amazonaws.com`). One of `dns_name`, `reverse_dns_name`, or `service_id` is required.\n" }, "id": { "type": "string" }, "region": { "type": "string", "description": "Region of the service (_e.g.,_ `us-west-2`, `ap-northeast-1`).\n" }, "reverseDnsName": { "type": "string", "description": "Reverse DNS name of the service (_e.g.,_ `com.amazonaws.us-west-2.s3`). One of `dns_name`, `reverse_dns_name`, or `service_id` is required.\n" }, "reverseDnsPrefix": { "type": "string", "description": "Prefix of the service (_e.g.,_ `com.amazonaws` in AWS Commercial, `cn.com.amazonaws` in AWS China).\n" }, "serviceId": { "type": "string", "description": "Service (_e.g.,_ `s3`, `rds`, `ec2`). One of `dns_name`, `reverse_dns_name`, or `service_id` is required.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "dnsName": { "type": "string" }, "id": { "type": "string" }, "partition": { "type": "string" }, "region": { "type": "string" }, "reverseDnsName": { "type": "string" }, "reverseDnsPrefix": { "type": "string" }, "serviceId": { "type": "string" }, "supported": { "description": "Whether the service is supported in the region's partition. New services may not be listed immediately as supported.\n", "type": "boolean" } }, "required": [ "dnsName", "id", "partition", "region", "reverseDnsName", "reverseDnsPrefix", "serviceId", "supported" ], "type": "object" } }, "aws:index/getServicePrincipal:getServicePrincipal": { "description": "Use this data source to create a Service Principal Name for a service in a given region. Service Principal Names should always end in the standard global format: `{servicename}.amazonaws.com`. However, in some AWS partitions, AWS may expect a different format.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getServicePrincipal({\n serviceName: \"s3\",\n});\nconst test = aws.getServicePrincipal({\n serviceName: \"s3\",\n region: \"us-iso-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_service_principal(service_name=\"s3\")\ntest = aws.get_service_principal(service_name=\"s3\",\n region=\"us-iso-east-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetServicePrincipal.Invoke(new()\n {\n ServiceName = \"s3\",\n });\n\n var test = Aws.GetServicePrincipal.Invoke(new()\n {\n ServiceName = \"s3\",\n Region = \"us-iso-east-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := aws.GetServicePrincipal(ctx, \u0026aws.GetServicePrincipalArgs{\n\t\t\tServiceName: \"s3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.GetServicePrincipal(ctx, \u0026aws.GetServicePrincipalArgs{\n\t\t\tServiceName: \"s3\",\n\t\t\tRegion: pulumi.StringRef(\"us-iso-east-1\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetServicePrincipalArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .serviceName(\"s3\")\n .build());\n\n final var test = AwsFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()\n .serviceName(\"s3\")\n .region(\"us-iso-east-1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getServicePrincipal\n Arguments:\n serviceName: s3\n test:\n fn::invoke:\n Function: aws:getServicePrincipal\n Arguments:\n serviceName: s3\n region: us-iso-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServicePrincipal.\n", "properties": { "region": { "type": "string", "description": "Region you'd like the SPN for. By default, uses the current region.\n" }, "serviceName": { "type": "string", "description": "Name of the service you want to generate a Service Principal Name for.\n" } }, "type": "object", "required": [ "serviceName" ] }, "outputs": { "description": "A collection of values returned by getServicePrincipal.\n", "properties": { "id": { "description": "Identifier of the current Service Principal (compound of service, region and suffix). (e.g. `logs.us-east-1.amazonaws.com`in AWS Commercial, `logs.cn-north-1.amazonaws.com.cn` in AWS China).\n", "type": "string" }, "name": { "description": "Service Principal Name (e.g., `logs.amazonaws.com` in AWS Commercial, `logs.amazonaws.com.cn` in AWS China).\n", "type": "string" }, "region": { "description": "Region identifier of the generated SPN (e.g., `us-east-1` in AWS Commercial, `cn-north-1` in AWS China).\n", "type": "string" }, "serviceName": { "type": "string" }, "suffix": { "description": "Suffix of the SPN (e.g., `amazonaws.com` in AWS Commercial, `amazonaws.com.cn` in AWS China).\n", "type": "string" } }, "required": [ "id", "name", "region", "serviceName", "suffix" ], "type": "object" } }, "aws:inspector/getRulesPackages:getRulesPackages": { "description": "The Amazon Inspector Classic Rules Packages data source allows access to the list of AWS\nInspector Rules Packages which can be used by Amazon Inspector Classic within the region\nconfigured in the provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Declare the data source\nconst rules = aws.inspector.getRulesPackages({});\n// e.g., Use in aws_inspector_assessment_template\nconst group = new aws.inspector.ResourceGroup(\"group\", {tags: {\n test: \"test\",\n}});\nconst assessment = new aws.inspector.AssessmentTarget(\"assessment\", {\n name: \"test\",\n resourceGroupArn: group.arn,\n});\nconst assessmentAssessmentTemplate = new aws.inspector.AssessmentTemplate(\"assessment\", {\n name: \"Test\",\n targetArn: assessment.arn,\n duration: 60,\n rulesPackageArns: rules.then(rules =\u003e rules.arns),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Declare the data source\nrules = aws.inspector.get_rules_packages()\n# e.g., Use in aws_inspector_assessment_template\ngroup = aws.inspector.ResourceGroup(\"group\", tags={\n \"test\": \"test\",\n})\nassessment = aws.inspector.AssessmentTarget(\"assessment\",\n name=\"test\",\n resource_group_arn=group.arn)\nassessment_assessment_template = aws.inspector.AssessmentTemplate(\"assessment\",\n name=\"Test\",\n target_arn=assessment.arn,\n duration=60,\n rules_package_arns=rules.arns)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Declare the data source\n var rules = Aws.Inspector.GetRulesPackages.Invoke();\n\n // e.g., Use in aws_inspector_assessment_template\n var @group = new Aws.Inspector.ResourceGroup(\"group\", new()\n {\n Tags = \n {\n { \"test\", \"test\" },\n },\n });\n\n var assessment = new Aws.Inspector.AssessmentTarget(\"assessment\", new()\n {\n Name = \"test\",\n ResourceGroupArn = @group.Arn,\n });\n\n var assessmentAssessmentTemplate = new Aws.Inspector.AssessmentTemplate(\"assessment\", new()\n {\n Name = \"Test\",\n TargetArn = assessment.Arn,\n Duration = 60,\n RulesPackageArns = rules.Apply(getRulesPackagesResult =\u003e getRulesPackagesResult.Arns),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/inspector\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Declare the data source\n\t\trules, err := inspector.GetRulesPackages(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// e.g., Use in aws_inspector_assessment_template\n\t\tgroup, err := inspector.NewResourceGroup(ctx, \"group\", \u0026inspector.ResourceGroupArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"test\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassessment, err := inspector.NewAssessmentTarget(ctx, \"assessment\", \u0026inspector.AssessmentTargetArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tResourceGroupArn: group.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = inspector.NewAssessmentTemplate(ctx, \"assessment\", \u0026inspector.AssessmentTemplateArgs{\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tTargetArn: assessment.Arn,\n\t\t\tDuration: pulumi.Int(60),\n\t\t\tRulesPackageArns: interface{}(rules.Arns),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.inspector.InspectorFunctions;\nimport com.pulumi.aws.inspector.ResourceGroup;\nimport com.pulumi.aws.inspector.ResourceGroupArgs;\nimport com.pulumi.aws.inspector.AssessmentTarget;\nimport com.pulumi.aws.inspector.AssessmentTargetArgs;\nimport com.pulumi.aws.inspector.AssessmentTemplate;\nimport com.pulumi.aws.inspector.AssessmentTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Declare the data source\n final var rules = InspectorFunctions.getRulesPackages();\n\n // e.g., Use in aws_inspector_assessment_template\n var group = new ResourceGroup(\"group\", ResourceGroupArgs.builder()\n .tags(Map.of(\"test\", \"test\"))\n .build());\n\n var assessment = new AssessmentTarget(\"assessment\", AssessmentTargetArgs.builder()\n .name(\"test\")\n .resourceGroupArn(group.arn())\n .build());\n\n var assessmentAssessmentTemplate = new AssessmentTemplate(\"assessmentAssessmentTemplate\", AssessmentTemplateArgs.builder()\n .name(\"Test\")\n .targetArn(assessment.arn())\n .duration(\"60\")\n .rulesPackageArns(rules.applyValue(getRulesPackagesResult -\u003e getRulesPackagesResult.arns()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # e.g., Use in aws_inspector_assessment_template\n group:\n type: aws:inspector:ResourceGroup\n properties:\n tags:\n test: test\n assessment:\n type: aws:inspector:AssessmentTarget\n properties:\n name: test\n resourceGroupArn: ${group.arn}\n assessmentAssessmentTemplate:\n type: aws:inspector:AssessmentTemplate\n name: assessment\n properties:\n name: Test\n targetArn: ${assessment.arn}\n duration: '60'\n rulesPackageArns: ${rules.arns}\nvariables:\n # Declare the data source\n rules:\n fn::invoke:\n Function: aws:inspector:getRulesPackages\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getRulesPackages.\n", "properties": { "arns": { "description": "List of the Amazon Inspector Classic Rules Packages arns available in the AWS region.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:iot/getEndpoint:getEndpoint": { "description": "Returns a unique endpoint specific to the AWS account making the call.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.IotFunctions;\nimport com.pulumi.aws.iot.inputs.GetEndpointArgs;\nimport com.pulumi.kubernetes.core_v1.Pod;\nimport com.pulumi.kubernetes.core_v1.PodArgs;\nimport com.pulumi.kubernetes.meta_v1.inputs.ObjectMetaArgs;\nimport com.pulumi.kubernetes.core_v1.inputs.PodSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IotFunctions.getEndpoint();\n\n var agent = new Pod(\"agent\", PodArgs.builder()\n .metadata(ObjectMetaArgs.builder()\n .name(\"my-device\")\n .build())\n .spec(PodSpecArgs.builder()\n .container(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n agent:\n type: kubernetes:core/v1:Pod\n properties:\n metadata:\n name: my-device\n spec:\n container:\n - image: gcr.io/my-project/image-name\n name: image-name\n env:\n - name: IOT_ENDPOINT\n value: ${example.endpointAddress}\nvariables:\n example:\n fn::invoke:\n Function: aws:iot:getEndpoint\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEndpoint.\n", "properties": { "endpointType": { "type": "string", "description": "Endpoint type. Valid values: `iot:CredentialProvider`, `iot:Data`, `iot:Data-ATS`, `iot:Jobs`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEndpoint.\n", "properties": { "endpointAddress": { "description": "Endpoint based on `endpoint_type`:\n* No `endpoint_type`: Either `iot:Data` or `iot:Data-ATS` [depending on region](https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/)\n* `iot:CredentialsProvider`: `IDENTIFIER.credentials.iot.REGION.amazonaws.com`\n* `iot:Data`: `IDENTIFIER.iot.REGION.amazonaws.com`\n* `iot:Data-ATS`: `IDENTIFIER-ats.iot.REGION.amazonaws.com`\n* `iot:Jobs`: `IDENTIFIER.jobs.iot.REGION.amazonaws.com`\n", "type": "string" }, "endpointType": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "endpointAddress", "id" ], "type": "object" } }, "aws:iot/getRegistrationCode:getRegistrationCode": { "description": "Gets a registration code used to register a CA certificate with AWS IoT.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as tls from \"@pulumi/tls\";\n\nconst example = aws.iot.getRegistrationCode({});\nconst verification = new tls.PrivateKey(\"verification\", {algorithm: \"RSA\"});\nconst verificationCertRequest = new tls.CertRequest(\"verification\", {\n keyAlgorithm: \"RSA\",\n privateKeyPem: verification.privateKeyPem,\n subject: {\n commonName: example.then(example =\u003e example.registrationCode),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_tls as tls\n\nexample = aws.iot.get_registration_code()\nverification = tls.PrivateKey(\"verification\", algorithm=\"RSA\")\nverification_cert_request = tls.CertRequest(\"verification\",\n key_algorithm=\"RSA\",\n private_key_pem=verification.private_key_pem,\n subject=tls.CertRequestSubjectArgs(\n common_name=example.registration_code,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iot.GetRegistrationCode.Invoke();\n\n var verification = new Tls.PrivateKey(\"verification\", new()\n {\n Algorithm = \"RSA\",\n });\n\n var verificationCertRequest = new Tls.CertRequest(\"verification\", new()\n {\n KeyAlgorithm = \"RSA\",\n PrivateKeyPem = verification.PrivateKeyPem,\n Subject = new Tls.Inputs.CertRequestSubjectArgs\n {\n CommonName = example.Apply(getRegistrationCodeResult =\u003e getRegistrationCodeResult.RegistrationCode),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iot.GetRegistrationCode(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tverification, err := tls.NewPrivateKey(ctx, \"verification\", \u0026tls.PrivateKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RSA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = tls.NewCertRequest(ctx, \"verification\", \u0026tls.CertRequestArgs{\n\t\t\tKeyAlgorithm: pulumi.String(\"RSA\"),\n\t\t\tPrivateKeyPem: verification.PrivateKeyPem,\n\t\t\tSubject: \u0026tls.CertRequestSubjectArgs{\n\t\t\t\tCommonName: pulumi.String(example.RegistrationCode),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.IotFunctions;\nimport com.pulumi.tls.PrivateKey;\nimport com.pulumi.tls.PrivateKeyArgs;\nimport com.pulumi.tls.CertRequest;\nimport com.pulumi.tls.CertRequestArgs;\nimport com.pulumi.tls.inputs.CertRequestSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IotFunctions.getRegistrationCode();\n\n var verification = new PrivateKey(\"verification\", PrivateKeyArgs.builder()\n .algorithm(\"RSA\")\n .build());\n\n var verificationCertRequest = new CertRequest(\"verificationCertRequest\", CertRequestArgs.builder()\n .keyAlgorithm(\"RSA\")\n .privateKeyPem(verification.privateKeyPem())\n .subject(CertRequestSubjectArgs.builder()\n .commonName(example.applyValue(getRegistrationCodeResult -\u003e getRegistrationCodeResult.registrationCode()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n verification:\n type: tls:PrivateKey\n properties:\n algorithm: RSA\n verificationCertRequest:\n type: tls:CertRequest\n name: verification\n properties:\n keyAlgorithm: RSA\n privateKeyPem: ${verification.privateKeyPem}\n subject:\n commonName: ${example.registrationCode}\nvariables:\n example:\n fn::invoke:\n Function: aws:iot:getRegistrationCode\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getRegistrationCode.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "registrationCode": { "description": "The CA certificate registration code.\n", "type": "string" } }, "required": [ "registrationCode", "id" ], "type": "object" } }, "aws:ivs/getStreamKey:getStreamKey": { "description": "Data source for managing an AWS IVS (Interactive Video) Stream Key.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ivs.getStreamKey({\n channelArn: \"arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ivs.get_stream_key(channel_arn=\"arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ivs.GetStreamKey.Invoke(new()\n {\n ChannelArn = \"arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ivs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ivs.GetStreamKey(ctx, \u0026ivs.GetStreamKeyArgs{\n\t\t\tChannelArn: \"arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ivs.IvsFunctions;\nimport com.pulumi.aws.ivs.inputs.GetStreamKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IvsFunctions.getStreamKey(GetStreamKeyArgs.builder()\n .channelArn(\"arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ivs:getStreamKey\n Arguments:\n channelArn: arn:aws:ivs:us-west-2:326937407773:channel/0Y1lcs4U7jk5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStreamKey.\n", "properties": { "channelArn": { "type": "string", "description": "ARN of the Channel.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "channelArn" ] }, "outputs": { "description": "A collection of values returned by getStreamKey.\n", "properties": { "arn": { "description": "ARN of the Stream Key.\n", "type": "string" }, "channelArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resource.\n", "type": "object" }, "value": { "description": "Stream Key value.\n", "type": "string" } }, "required": [ "arn", "channelArn", "tags", "value", "id" ], "type": "object" } }, "aws:kendra/getExperience:getExperience": { "description": "Provides details about a specific Amazon Kendra Experience.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.kendra.getExperience({\n experienceId: \"87654321-1234-4321-4321-321987654321\",\n indexId: \"12345678-1234-1234-1234-123456789123\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.get_experience(experience_id=\"87654321-1234-4321-4321-321987654321\",\n index_id=\"12345678-1234-1234-1234-123456789123\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Kendra.GetExperience.Invoke(new()\n {\n ExperienceId = \"87654321-1234-4321-4321-321987654321\",\n IndexId = \"12345678-1234-1234-1234-123456789123\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.LookupExperience(ctx, \u0026kendra.LookupExperienceArgs{\n\t\t\tExperienceId: \"87654321-1234-4321-4321-321987654321\",\n\t\t\tIndexId: \"12345678-1234-1234-1234-123456789123\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.KendraFunctions;\nimport com.pulumi.aws.kendra.inputs.GetExperienceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = KendraFunctions.getExperience(GetExperienceArgs.builder()\n .experienceId(\"87654321-1234-4321-4321-321987654321\")\n .indexId(\"12345678-1234-1234-1234-123456789123\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:kendra:getExperience\n Arguments:\n experienceId: 87654321-1234-4321-4321-321987654321\n indexId: 12345678-1234-1234-1234-123456789123\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getExperience.\n", "properties": { "experienceId": { "type": "string", "description": "Identifier of the Experience.\n" }, "indexId": { "type": "string", "description": "Identifier of the index that contains the Experience.\n" } }, "type": "object", "required": [ "experienceId", "indexId" ] }, "outputs": { "description": "A collection of values returned by getExperience.\n", "properties": { "arn": { "description": "ARN of the Experience.\n", "type": "string" }, "configurations": { "description": "Block that specifies the configuration information for your Amazon Kendra Experience. This includes `content_source_configuration`, which specifies the data source IDs and/or FAQ IDs, and `user_identity_configuration`, which specifies the user or group information to grant access to your Amazon Kendra Experience. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getExperienceConfiguration:getExperienceConfiguration" }, "type": "array" }, "createdAt": { "description": "Unix datetime that the Experience was created.\n", "type": "string" }, "description": { "description": "Description of the Experience.\n", "type": "string" }, "endpoints": { "description": "Shows the endpoint URLs for your Amazon Kendra Experiences. The URLs are unique and fully hosted by AWS. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getExperienceEndpoint:getExperienceEndpoint" }, "type": "array" }, "errorMessage": { "description": "Reason your Amazon Kendra Experience could not properly process.\n", "type": "string" }, "experienceId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "indexId": { "type": "string" }, "name": { "description": "Name of the Experience.\n", "type": "string" }, "roleArn": { "description": "Shows the ARN of a role with permission to access `Query` API, `QuerySuggestions` API, `SubmitFeedback` API, and AWS SSO that stores your user and group information.\n", "type": "string" }, "status": { "description": "Current processing status of your Amazon Kendra Experience. When the status is `ACTIVE`, your Amazon Kendra Experience is ready to use. When the status is `FAILED`, the `error_message` field contains the reason that this failed.\n", "type": "string" }, "updatedAt": { "description": "Date and time that the Experience was last updated.\n", "type": "string" } }, "required": [ "arn", "configurations", "createdAt", "description", "endpoints", "errorMessage", "experienceId", "indexId", "name", "roleArn", "status", "updatedAt", "id" ], "type": "object" } }, "aws:kendra/getFaq:getFaq": { "description": "Provides details about a specific Amazon Kendra Faq.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.kendra.getFaq({\n faqId: \"87654321-1234-4321-4321-321987654321\",\n indexId: \"12345678-1234-1234-1234-123456789123\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.kendra.get_faq(faq_id=\"87654321-1234-4321-4321-321987654321\",\n index_id=\"12345678-1234-1234-1234-123456789123\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Kendra.GetFaq.Invoke(new()\n {\n FaqId = \"87654321-1234-4321-4321-321987654321\",\n IndexId = \"12345678-1234-1234-1234-123456789123\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.LookupFaq(ctx, \u0026kendra.LookupFaqArgs{\n\t\t\tFaqId: \"87654321-1234-4321-4321-321987654321\",\n\t\t\tIndexId: \"12345678-1234-1234-1234-123456789123\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.KendraFunctions;\nimport com.pulumi.aws.kendra.inputs.GetFaqArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = KendraFunctions.getFaq(GetFaqArgs.builder()\n .faqId(\"87654321-1234-4321-4321-321987654321\")\n .indexId(\"12345678-1234-1234-1234-123456789123\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:kendra:getFaq\n Arguments:\n faqId: 87654321-1234-4321-4321-321987654321\n indexId: 12345678-1234-1234-1234-123456789123\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFaq.\n", "properties": { "faqId": { "type": "string", "description": "Identifier of the FAQ.\n" }, "indexId": { "type": "string", "description": "Identifier of the index that contains the FAQ.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the FAQs you create.\n" } }, "type": "object", "required": [ "faqId", "indexId" ] }, "outputs": { "description": "A collection of values returned by getFaq.\n", "properties": { "arn": { "description": "ARN of the FAQ.\n", "type": "string" }, "createdAt": { "description": "Unix datetime that the faq was created.\n", "type": "string" }, "description": { "description": "Description of the FAQ.\n", "type": "string" }, "errorMessage": { "description": "When the `status` field value is `FAILED`, this contains a message that explains why.\n", "type": "string" }, "faqId": { "type": "string" }, "fileFormat": { "description": "File format used by the input files for the FAQ. Valid Values are `CSV`, `CSV_WITH_HEADER`, `JSON`.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "indexId": { "type": "string" }, "languageCode": { "description": "Code for a language. This shows a supported language for the FAQ document. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html).\n", "type": "string" }, "name": { "description": "Name of the FAQ.\n", "type": "string" }, "roleArn": { "description": "ARN of a role with permission to access the S3 bucket that contains the FAQs. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n", "type": "string" }, "s3Paths": { "description": "S3 location of the FAQ input data. Detailed below.\n", "items": { "$ref": "#/types/aws:kendra/getFaqS3Path:getFaqS3Path" }, "type": "array" }, "status": { "description": "Status of the FAQ. It is ready to use when the status is ACTIVE.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the FAQs you create.\n", "type": "object" }, "updatedAt": { "description": "Date and time that the FAQ was last updated.\n", "type": "string" } }, "required": [ "arn", "createdAt", "description", "errorMessage", "faqId", "fileFormat", "indexId", "languageCode", "name", "roleArn", "s3Paths", "status", "tags", "updatedAt", "id" ], "type": "object" } }, "aws:kendra/getIndex:getIndex": { "description": "Provides details about a specific Amazon Kendra Index.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.kendra.getIndex({\n id: \"12345678-1234-1234-1234-123456789123\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.get_index(id=\"12345678-1234-1234-1234-123456789123\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Kendra.GetIndex.Invoke(new()\n {\n Id = \"12345678-1234-1234-1234-123456789123\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.LookupIndex(ctx, \u0026kendra.LookupIndexArgs{\n\t\t\tId: \"12345678-1234-1234-1234-123456789123\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.KendraFunctions;\nimport com.pulumi.aws.kendra.inputs.GetIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = KendraFunctions.getIndex(GetIndexArgs.builder()\n .id(\"12345678-1234-1234-1234-123456789123\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:kendra:getIndex\n Arguments:\n id: 12345678-1234-1234-1234-123456789123\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIndex.\n", "properties": { "id": { "type": "string", "description": "Returns information on a specific Index by id.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the Indices you create.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getIndex.\n", "properties": { "arn": { "description": "ARN of the Index.\n", "type": "string" }, "capacityUnits": { "description": "Block that sets the number of additional document storage and query capacity units that should be used by the index. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexCapacityUnit:getIndexCapacityUnit" }, "type": "array" }, "createdAt": { "description": "Unix datetime that the index was created.\n", "type": "string" }, "description": { "description": "Description of the Index.\n", "type": "string" }, "documentMetadataConfigurationUpdates": { "description": "One or more blocks that specify the configuration settings for any metadata applied to the documents in the index. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexDocumentMetadataConfigurationUpdate:getIndexDocumentMetadataConfigurationUpdate" }, "type": "array" }, "edition": { "description": "Amazon Kendra edition for the index.\n", "type": "string" }, "errorMessage": { "description": "When the Status field value is `FAILED`, this contains a message that explains why.\n", "type": "string" }, "id": { "description": "Identifier of the Index.\n", "type": "string" }, "indexStatistics": { "description": "Block that provides information about the number of FAQ questions and answers and the number of text documents indexed. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexIndexStatistic:getIndexIndexStatistic" }, "type": "array" }, "name": { "description": "Name of the index field. Minimum length of 1. Maximum length of 30.\n", "type": "string" }, "roleArn": { "description": "An AWS Identity and Access Management (IAM) role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role you use when you call the `BatchPutDocument` API to index documents from an Amazon S3 bucket.\n", "type": "string" }, "serverSideEncryptionConfigurations": { "description": "A block that specifies the identifier of the AWS KMS customer managed key (CMK) that's used to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexServerSideEncryptionConfiguration:getIndexServerSideEncryptionConfiguration" }, "type": "array" }, "status": { "description": "Current status of the index. When the value is `ACTIVE`, the index is ready for use. If the Status field value is `FAILED`, the `error_message` field contains a message that explains why.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the Indices you create.\n", "type": "object" }, "updatedAt": { "description": "Unix datetime that the index was last updated.\n", "type": "string" }, "userContextPolicy": { "description": "User context policy. Valid values are `ATTRIBUTE_FILTER` or `USER_TOKEN`. For more information, refer to [UserContextPolicy](https://docs.aws.amazon.com/kendra/latest/APIReference/API_CreateIndex.html#kendra-CreateIndex-request-UserContextPolicy).\n", "type": "string" }, "userGroupResolutionConfigurations": { "description": "A block that enables fetching access levels of groups and users from an AWS Single Sign-On identity source. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexUserGroupResolutionConfiguration:getIndexUserGroupResolutionConfiguration" }, "type": "array" }, "userTokenConfigurations": { "description": "A block that specifies the user token configuration. Documented below.\n", "items": { "$ref": "#/types/aws:kendra/getIndexUserTokenConfiguration:getIndexUserTokenConfiguration" }, "type": "array" } }, "required": [ "arn", "capacityUnits", "createdAt", "description", "documentMetadataConfigurationUpdates", "edition", "errorMessage", "id", "indexStatistics", "name", "roleArn", "serverSideEncryptionConfigurations", "status", "tags", "updatedAt", "userContextPolicy", "userGroupResolutionConfigurations", "userTokenConfigurations" ], "type": "object" } }, "aws:kendra/getQuerySuggestionsBlockList:getQuerySuggestionsBlockList": { "description": "Provides details about a specific Amazon Kendra block list used for query suggestions for an index.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.kendra.getQuerySuggestionsBlockList({\n indexId: \"12345678-1234-1234-1234-123456789123\",\n querySuggestionsBlockListId: \"87654321-1234-4321-4321-321987654321\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.get_query_suggestions_block_list(index_id=\"12345678-1234-1234-1234-123456789123\",\n query_suggestions_block_list_id=\"87654321-1234-4321-4321-321987654321\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Kendra.GetQuerySuggestionsBlockList.Invoke(new()\n {\n IndexId = \"12345678-1234-1234-1234-123456789123\",\n QuerySuggestionsBlockListId = \"87654321-1234-4321-4321-321987654321\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.LookupQuerySuggestionsBlockList(ctx, \u0026kendra.LookupQuerySuggestionsBlockListArgs{\n\t\t\tIndexId: \"12345678-1234-1234-1234-123456789123\",\n\t\t\tQuerySuggestionsBlockListId: \"87654321-1234-4321-4321-321987654321\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.KendraFunctions;\nimport com.pulumi.aws.kendra.inputs.GetQuerySuggestionsBlockListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = KendraFunctions.getQuerySuggestionsBlockList(GetQuerySuggestionsBlockListArgs.builder()\n .indexId(\"12345678-1234-1234-1234-123456789123\")\n .querySuggestionsBlockListId(\"87654321-1234-4321-4321-321987654321\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:kendra:getQuerySuggestionsBlockList\n Arguments:\n indexId: 12345678-1234-1234-1234-123456789123\n querySuggestionsBlockListId: 87654321-1234-4321-4321-321987654321\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQuerySuggestionsBlockList.\n", "properties": { "indexId": { "type": "string", "description": "Identifier of the index that contains the block list.\n" }, "querySuggestionsBlockListId": { "type": "string", "description": "Identifier of the block list.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the block list you create.\n" } }, "type": "object", "required": [ "indexId", "querySuggestionsBlockListId" ] }, "outputs": { "description": "A collection of values returned by getQuerySuggestionsBlockList.\n", "properties": { "arn": { "description": "ARN of the block list.\n", "type": "string" }, "createdAt": { "description": "Date-time a block list was created.\n", "type": "string" }, "description": { "description": "Description for the block list.\n", "type": "string" }, "errorMessage": { "description": "Error message containing details if there are issues processing the block list.\n", "type": "string" }, "fileSizeBytes": { "description": "Current size of the block list text file in S3.\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "indexId": { "type": "string" }, "itemCount": { "description": "Current number of valid, non-empty words or phrases in the block list text file.\n", "type": "integer" }, "name": { "description": "Name of the block list.\n", "type": "string" }, "querySuggestionsBlockListId": { "type": "string" }, "roleArn": { "description": "ARN of a role with permission to access the S3 bucket that contains the block list. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n", "type": "string" }, "sourceS3Paths": { "description": "S3 location of the block list input data. Detailed below.\n", "items": { "$ref": "#/types/aws:kendra/getQuerySuggestionsBlockListSourceS3Path:getQuerySuggestionsBlockListSourceS3Path" }, "type": "array" }, "status": { "description": "Current status of the block list. When the value is `ACTIVE`, the block list is ready for use.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the block list you create.\n", "type": "object" }, "updatedAt": { "description": "Date and time that the block list was last updated.\n", "type": "string" } }, "required": [ "arn", "createdAt", "description", "errorMessage", "fileSizeBytes", "indexId", "itemCount", "name", "querySuggestionsBlockListId", "roleArn", "sourceS3Paths", "status", "tags", "updatedAt", "id" ], "type": "object" } }, "aws:kendra/getThesaurus:getThesaurus": { "description": "Provides details about a specific Amazon Kendra Thesaurus.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.kendra.getThesaurus({\n indexId: \"12345678-1234-1234-1234-123456789123\",\n thesaurusId: \"87654321-1234-4321-4321-321987654321\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.get_thesaurus(index_id=\"12345678-1234-1234-1234-123456789123\",\n thesaurus_id=\"87654321-1234-4321-4321-321987654321\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Kendra.GetThesaurus.Invoke(new()\n {\n IndexId = \"12345678-1234-1234-1234-123456789123\",\n ThesaurusId = \"87654321-1234-4321-4321-321987654321\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.LookupThesaurus(ctx, \u0026kendra.LookupThesaurusArgs{\n\t\t\tIndexId: \"12345678-1234-1234-1234-123456789123\",\n\t\t\tThesaurusId: \"87654321-1234-4321-4321-321987654321\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.KendraFunctions;\nimport com.pulumi.aws.kendra.inputs.GetThesaurusArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = KendraFunctions.getThesaurus(GetThesaurusArgs.builder()\n .indexId(\"12345678-1234-1234-1234-123456789123\")\n .thesaurusId(\"87654321-1234-4321-4321-321987654321\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:kendra:getThesaurus\n Arguments:\n indexId: 12345678-1234-1234-1234-123456789123\n thesaurusId: 87654321-1234-4321-4321-321987654321\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getThesaurus.\n", "properties": { "indexId": { "type": "string", "description": "Identifier of the index that contains the Thesaurus.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the Thesaurus you create.\n" }, "thesaurusId": { "type": "string", "description": "Identifier of the Thesaurus.\n" } }, "type": "object", "required": [ "indexId", "thesaurusId" ] }, "outputs": { "description": "A collection of values returned by getThesaurus.\n", "properties": { "arn": { "description": "ARN of the Thesaurus.\n", "type": "string" }, "createdAt": { "description": "Unix datetime that the Thesaurus was created.\n", "type": "string" }, "description": { "description": "Description of the Thesaurus.\n", "type": "string" }, "errorMessage": { "description": "When the `status` field value is `FAILED`, this contains a message that explains why.\n", "type": "string" }, "fileSizeBytes": { "description": "Size of the Thesaurus file in bytes.\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "indexId": { "type": "string" }, "name": { "description": "Name of the Thesaurus.\n", "type": "string" }, "roleArn": { "description": "ARN of a role with permission to access the S3 bucket that contains the Thesaurus. For more information, see [IAM Roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html).\n", "type": "string" }, "sourceS3Paths": { "description": "S3 location of the Thesaurus input data. Detailed below.\n", "items": { "$ref": "#/types/aws:kendra/getThesaurusSourceS3Path:getThesaurusSourceS3Path" }, "type": "array" }, "status": { "description": "Status of the Thesaurus. It is ready to use when the status is `ACTIVE`.\n", "type": "string" }, "synonymRuleCount": { "description": "Number of synonym rules in the Thesaurus file.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Metadata that helps organize the Thesaurus you create.\n", "type": "object" }, "termCount": { "description": "Number of unique terms in the Thesaurus file. For example, the synonyms `a,b,c` and `a=\u003ed`, the term count would be 4.\n", "type": "integer" }, "thesaurusId": { "type": "string" }, "updatedAt": { "description": "Date and time that the Thesaurus was last updated.\n", "type": "string" } }, "required": [ "arn", "createdAt", "description", "errorMessage", "fileSizeBytes", "indexId", "name", "roleArn", "sourceS3Paths", "status", "synonymRuleCount", "tags", "termCount", "thesaurusId", "updatedAt", "id" ], "type": "object" } }, "aws:kinesis/getFirehoseDeliveryStream:getFirehoseDeliveryStream": { "description": "Use this data source to get information about a Kinesis Firehose Delivery Stream for use in other resources.\n\nFor more details, see the [Amazon Kinesis Firehose Documentation](https://aws.amazon.com/documentation/firehose/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst stream = aws.kinesis.getFirehoseDeliveryStream({\n name: \"stream-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstream = aws.kinesis.get_firehose_delivery_stream(name=\"stream-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var stream = Aws.Kinesis.GetFirehoseDeliveryStream.Invoke(new()\n {\n Name = \"stream-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.LookupFirehoseDeliveryStream(ctx, \u0026kinesis.LookupFirehoseDeliveryStreamArgs{\n\t\t\tName: \"stream-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.KinesisFunctions;\nimport com.pulumi.aws.kinesis.inputs.GetFirehoseDeliveryStreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var stream = KinesisFunctions.getFirehoseDeliveryStream(GetFirehoseDeliveryStreamArgs.builder()\n .name(\"stream-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n stream:\n fn::invoke:\n Function: aws:kinesis:getFirehoseDeliveryStream\n Arguments:\n name: stream-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFirehoseDeliveryStream.\n", "properties": { "name": { "type": "string", "description": "Name of the Kinesis Stream.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getFirehoseDeliveryStream.\n", "properties": { "arn": { "description": "ARN of the Kinesis Stream (same as id).\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "name", "id" ], "type": "object" } }, "aws:kinesis/getStream:getStream": { "description": "Use this data source to get information about a Kinesis Stream for use in other\nresources.\n\nFor more details, see the [Amazon Kinesis Documentation](https://aws.amazon.com/documentation/kinesis/).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst stream = aws.kinesis.getStream({\n name: \"stream-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nstream = aws.kinesis.get_stream(name=\"stream-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var stream = Aws.Kinesis.GetStream.Invoke(new()\n {\n Name = \"stream-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.LookupStream(ctx, \u0026kinesis.LookupStreamArgs{\n\t\t\tName: \"stream-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.KinesisFunctions;\nimport com.pulumi.aws.kinesis.inputs.GetStreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var stream = KinesisFunctions.getStream(GetStreamArgs.builder()\n .name(\"stream-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n stream:\n fn::invoke:\n Function: aws:kinesis:getStream\n Arguments:\n name: stream-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStream.\n", "properties": { "name": { "type": "string", "description": "Name of the Kinesis Stream.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the stream.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStream.\n", "properties": { "arn": { "description": "ARN of the Kinesis Stream (same as id).\n", "type": "string" }, "closedShards": { "description": "List of shard ids in the CLOSED state. See [Shard State](https://docs.aws.amazon.com/streams/latest/dev/kinesis-using-sdk-java-after-resharding.html#kinesis-using-sdk-java-resharding-data-routing) for more.\n", "items": { "type": "string" }, "type": "array" }, "creationTimestamp": { "description": "Approximate UNIX timestamp that the stream was created.\n", "type": "integer" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the Kinesis Stream.\n", "type": "string" }, "openShards": { "description": "List of shard ids in the OPEN state. See [Shard State](https://docs.aws.amazon.com/streams/latest/dev/kinesis-using-sdk-java-after-resharding.html#kinesis-using-sdk-java-resharding-data-routing) for more.\n", "items": { "type": "string" }, "type": "array" }, "retentionPeriod": { "description": "Length of time (in hours) data records are accessible after they are added to the stream.\n", "type": "integer" }, "shardLevelMetrics": { "description": "List of shard-level CloudWatch metrics which are enabled for the stream. See [Monitoring with CloudWatch](https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html) for more.\n", "items": { "type": "string" }, "type": "array" }, "status": { "description": "Current status of the stream. The stream status is one of CREATING, DELETING, ACTIVE, or UPDATING.\n", "type": "string" }, "streamModeDetails": { "description": "[Capacity mode](https://docs.aws.amazon.com/streams/latest/dev/how-do-i-size-a-stream.html) of the data stream. Detailed below.\n", "items": { "$ref": "#/types/aws:kinesis/getStreamStreamModeDetail:getStreamStreamModeDetail" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assigned to the stream.\n", "type": "object" } }, "required": [ "arn", "closedShards", "creationTimestamp", "name", "openShards", "retentionPeriod", "shardLevelMetrics", "status", "streamModeDetails", "tags", "id" ], "type": "object" } }, "aws:kinesis/getStreamConsumer:getStreamConsumer": { "description": "Provides details about a Kinesis Stream Consumer.\n\nFor more details, see the [Amazon Kinesis Stream Consumer Documentation](https://docs.aws.amazon.com/streams/latest/dev/amazon-kinesis-consumers.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.kinesis.getStreamConsumer({\n name: \"example-consumer\",\n streamArn: exampleAwsKinesisStream.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kinesis.get_stream_consumer(name=\"example-consumer\",\n stream_arn=example_aws_kinesis_stream[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Kinesis.GetStreamConsumer.Invoke(new()\n {\n Name = \"example-consumer\",\n StreamArn = exampleAwsKinesisStream.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.LookupStreamConsumer(ctx, \u0026kinesis.LookupStreamConsumerArgs{\n\t\t\tName: pulumi.StringRef(\"example-consumer\"),\n\t\t\tStreamArn: exampleAwsKinesisStream.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.KinesisFunctions;\nimport com.pulumi.aws.kinesis.inputs.GetStreamConsumerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = KinesisFunctions.getStreamConsumer(GetStreamConsumerArgs.builder()\n .name(\"example-consumer\")\n .streamArn(exampleAwsKinesisStream.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:kinesis:getStreamConsumer\n Arguments:\n name: example-consumer\n streamArn: ${exampleAwsKinesisStream.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStreamConsumer.\n", "properties": { "arn": { "type": "string", "description": "ARN of the stream consumer.\n" }, "name": { "type": "string", "description": "Name of the stream consumer.\n" }, "streamArn": { "type": "string", "description": "ARN of the data stream the consumer is registered with.\n" } }, "type": "object", "required": [ "streamArn" ] }, "outputs": { "description": "A collection of values returned by getStreamConsumer.\n", "properties": { "arn": { "type": "string" }, "creationTimestamp": { "description": "Approximate timestamp in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of when the stream consumer was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "status": { "description": "Current status of the stream consumer.\n", "type": "string" }, "streamArn": { "type": "string" } }, "required": [ "arn", "creationTimestamp", "name", "status", "streamArn", "id" ], "type": "object" } }, "aws:kms/getAlias:getAlias": { "description": "Use this data source to get the ARN of a KMS key alias.\nBy using this data source, you can reference key alias\nwithout having to hard code the ARN as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = aws.kms.getAlias({\n name: \"alias/aws/s3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.kms.get_alias(name=\"alias/aws/s3\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = Aws.Kms.GetAlias.Invoke(new()\n {\n Name = \"alias/aws/s3\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.LookupAlias(ctx, \u0026kms.LookupAliasArgs{\n\t\t\tName: \"alias/aws/s3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var s3 = KmsFunctions.getAlias(GetAliasArgs.builder()\n .name(\"alias/aws/s3\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n s3:\n fn::invoke:\n Function: aws:kms:getAlias\n Arguments:\n name: alias/aws/s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAlias.\n", "properties": { "name": { "type": "string", "description": "Display name of the alias. The name must start with the word \"alias\" followed by a forward slash (alias/)\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getAlias.\n", "properties": { "arn": { "description": "Amazon Resource Name(ARN) of the key alias.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the alias\n", "type": "string" }, "targetKeyArn": { "description": "ARN pointed to by the alias.\n", "type": "string" }, "targetKeyId": { "description": "Key identifier pointed to by the alias.\n", "type": "string" } }, "required": [ "arn", "name", "targetKeyArn", "targetKeyId", "id" ], "type": "object" } }, "aws:kms/getCipherText:getCipherText": { "description": "The KMS ciphertext data source allows you to encrypt plaintext into ciphertext\nby using an AWS KMS customer master key. The value returned by this data source\nchanges every apply. For a stable ciphertext value, see the `aws.kms.Ciphertext`\nresource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst oauthConfig = new aws.kms.Key(\"oauth_config\", {\n description: \"oauth config\",\n isEnabled: true,\n});\nconst oauth = aws.kms.getCipherTextOutput({\n keyId: oauthConfig.keyId,\n plaintext: `{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\noauth_config = aws.kms.Key(\"oauth_config\",\n description=\"oauth config\",\n is_enabled=True)\noauth = aws.kms.get_cipher_text_output(key_id=oauth_config.key_id,\n plaintext=\"\"\"{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oauthConfig = new Aws.Kms.Key(\"oauth_config\", new()\n {\n Description = \"oauth config\",\n IsEnabled = true,\n });\n\n var oauth = Aws.Kms.GetCipherText.Invoke(new()\n {\n KeyId = oauthConfig.KeyId,\n Plaintext = @\"{\n \"\"client_id\"\": \"\"e587dbae22222f55da22\"\",\n \"\"client_secret\"\": \"\"8289575d00000ace55e1815ec13673955721b8a5\"\"\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toauthConfig, err := kms.NewKey(ctx, \"oauth_config\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"oauth config\"),\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kms.GetCipherTextOutput(ctx, kms.GetCipherTextOutputArgs{\n\t\t\tKeyId: oauthConfig.KeyId,\n\t\t\tPlaintext: pulumi.String(\"{\\n \\\"client_id\\\": \\\"e587dbae22222f55da22\\\",\\n \\\"client_secret\\\": \\\"8289575d00000ace55e1815ec13673955721b8a5\\\"\\n}\\n\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetCipherTextArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oauthConfig = new Key(\"oauthConfig\", KeyArgs.builder()\n .description(\"oauth config\")\n .isEnabled(true)\n .build());\n\n final var oauth = KmsFunctions.getCipherText(GetCipherTextArgs.builder()\n .keyId(oauthConfig.keyId())\n .plaintext(\"\"\"\n{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n oauthConfig:\n type: aws:kms:Key\n name: oauth_config\n properties:\n description: oauth config\n isEnabled: true\nvariables:\n oauth:\n fn::invoke:\n Function: aws:kms:getCipherText\n Arguments:\n keyId: ${oauthConfig.keyId}\n plaintext: |\n {\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCipherText.\n", "properties": { "context": { "type": "object", "additionalProperties": { "type": "string" }, "description": "An optional mapping that makes up the encryption context.\n" }, "keyId": { "type": "string", "description": "Globally unique key ID for the customer master key.\n" }, "plaintext": { "type": "string", "description": "Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.\n", "secret": true } }, "type": "object", "required": [ "keyId", "plaintext" ] }, "outputs": { "description": "A collection of values returned by getCipherText.\n", "properties": { "ciphertextBlob": { "description": "Base64 encoded ciphertext\n", "type": "string" }, "context": { "additionalProperties": { "type": "string" }, "type": "object" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyId": { "type": "string" }, "plaintext": { "secret": true, "type": "string" } }, "required": [ "ciphertextBlob", "keyId", "plaintext", "id" ], "type": "object" } }, "aws:kms/getCustomKeyStore:getCustomKeyStore": { "description": "Use this data source to get the metadata KMS custom key store.\nBy using this data source, you can reference KMS custom key store\nwithout having to hard code the ID as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst keystore = aws.kms.getCustomKeyStore({\n customKeyStoreName: \"my_cloudhsm\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nkeystore = aws.kms.get_custom_key_store(custom_key_store_name=\"my_cloudhsm\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var keystore = Aws.Kms.GetCustomKeyStore.Invoke(new()\n {\n CustomKeyStoreName = \"my_cloudhsm\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.LookupCustomKeyStore(ctx, \u0026kms.LookupCustomKeyStoreArgs{\n\t\t\tCustomKeyStoreName: pulumi.StringRef(\"my_cloudhsm\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetCustomKeyStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var keystore = KmsFunctions.getCustomKeyStore(GetCustomKeyStoreArgs.builder()\n .customKeyStoreName(\"my_cloudhsm\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n keystore:\n fn::invoke:\n Function: aws:kms:getCustomKeyStore\n Arguments:\n customKeyStoreName: my_cloudhsm\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCustomKeyStore.\n", "properties": { "customKeyStoreId": { "type": "string", "description": "The ID for the custom key store.\n" }, "customKeyStoreName": { "type": "string", "description": "The user-specified friendly name for the custom key store.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCustomKeyStore.\n", "properties": { "cloudHsmClusterId": { "type": "string" }, "connectionState": { "description": "Indicates whether the custom key store is connected to its CloudHSM cluster.\n", "type": "string" }, "creationDate": { "description": "The date and time when the custom key store was created.\n", "type": "string" }, "customKeyStoreId": { "type": "string" }, "customKeyStoreName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "trustAnchorCertificate": { "description": "The trust anchor certificate of the associated CloudHSM cluster.\n", "type": "string" } }, "required": [ "cloudHsmClusterId", "connectionState", "creationDate", "customKeyStoreId", "customKeyStoreName", "trustAnchorCertificate", "id" ], "type": "object" } }, "aws:kms/getKey:getKey": { "description": "Use this data source to get detailed information about\nthe specified KMS Key with flexible key id input.\nThis can be useful to reference key alias\nwithout having to hard code the ARN as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byAlias = aws.kms.getKey({\n keyId: \"alias/my-key\",\n});\nconst byId = aws.kms.getKey({\n keyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n});\nconst byAliasArn = aws.kms.getKey({\n keyId: \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n});\nconst byKeyArn = aws.kms.getKey({\n keyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_alias = aws.kms.get_key(key_id=\"alias/my-key\")\nby_id = aws.kms.get_key(key_id=\"1234abcd-12ab-34cd-56ef-1234567890ab\")\nby_alias_arn = aws.kms.get_key(key_id=\"arn:aws:kms:us-east-1:111122223333:alias/my-key\")\nby_key_arn = aws.kms.get_key(key_id=\"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byAlias = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"alias/my-key\",\n });\n\n var byId = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n });\n\n var byAliasArn = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n });\n\n var byKeyArn = Aws.Kms.GetKey.Invoke(new()\n {\n KeyId = \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"alias/my-key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.LookupKey(ctx, \u0026kms.LookupKeyArgs{\n\t\t\tKeyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byAlias = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"alias/my-key\")\n .build());\n\n final var byId = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"1234abcd-12ab-34cd-56ef-1234567890ab\")\n .build());\n\n final var byAliasArn = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"arn:aws:kms:us-east-1:111122223333:alias/my-key\")\n .build());\n\n final var byKeyArn = KmsFunctions.getKey(GetKeyArgs.builder()\n .keyId(\"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byAlias:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: alias/my-key\n byId:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: 1234abcd-12ab-34cd-56ef-1234567890ab\n byAliasArn:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: arn:aws:kms:us-east-1:111122223333:alias/my-key\n byKeyArn:\n fn::invoke:\n Function: aws:kms:getKey\n Arguments:\n keyId: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getKey.\n", "properties": { "grantTokens": { "type": "array", "items": { "type": "string" }, "description": "List of grant tokens\n" }, "keyId": { "type": "string", "description": "Key identifier which can be one of the following format:\n* Key ID. E.g: `1234abcd-12ab-34cd-56ef-1234567890ab`\n* Key ARN. E.g.: `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n* Alias name. E.g.: `alias/my-key`\n* Alias ARN: E.g.: `arn:aws:kms:us-east-1:111122223333:alias/my-key`\n" } }, "type": "object", "required": [ "keyId" ] }, "outputs": { "description": "A collection of values returned by getKey.\n", "properties": { "arn": { "description": "The key ARN of a primary or replica key of a multi-Region key.\n", "type": "string" }, "awsAccountId": { "description": "The twelve-digit account ID of the AWS account that owns the key\n", "type": "string" }, "cloudHsmClusterId": { "description": "The cluster ID of the AWS CloudHSM cluster that contains the key material for the KMS key.\n", "type": "string" }, "creationDate": { "description": "The date and time when the key was created\n", "type": "string" }, "customKeyStoreId": { "description": "A unique identifier for the custom key store that contains the KMS key.\n", "type": "string" }, "customerMasterKeySpec": { "description": "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports\n", "type": "string" }, "deletionDate": { "description": "The date and time after which AWS KMS deletes the key. This value is present only when `key_state` is `PendingDeletion`, otherwise this value is 0\n", "type": "string" }, "description": { "description": "The description of the key.\n", "type": "string" }, "enabled": { "description": "Specifies whether the key is enabled. When `key_state` is `Enabled` this value is true, otherwise it is false\n", "type": "boolean" }, "expirationModel": { "description": "Specifies whether the Key's key material expires. This value is present only when `origin` is `EXTERNAL`, otherwise this value is empty\n", "type": "string" }, "grantTokens": { "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyId": { "type": "string" }, "keyManager": { "description": "The key's manager\n", "type": "string" }, "keySpec": { "description": "Describes the type of key material in the KMS key.\n", "type": "string" }, "keyState": { "description": "The state of the key\n", "type": "string" }, "keyUsage": { "description": "Specifies the intended use of the key\n", "type": "string" }, "multiRegion": { "description": "Indicates whether the KMS key is a multi-Region (`true`) or regional (`false`) key.\n", "type": "boolean" }, "multiRegionConfigurations": { "description": "Lists the primary and replica keys in same multi-Region key. Present only when the value of `multi_region` is `true`.\n", "items": { "$ref": "#/types/aws:kms/getKeyMultiRegionConfiguration:getKeyMultiRegionConfiguration" }, "type": "array" }, "origin": { "description": "When this value is `AWS_KMS`, AWS KMS created the key material. When this value is `EXTERNAL`, the key material was imported from your existing key management infrastructure or the CMK lacks key material\n", "type": "string" }, "pendingDeletionWindowInDays": { "description": "The waiting period before the primary key in a multi-Region key is deleted.\n", "type": "integer" }, "validTo": { "description": "The time at which the imported key material expires. This value is present only when `origin` is `EXTERNAL` and whose `expiration_model` is `KEY_MATERIAL_EXPIRES`, otherwise this value is 0\n", "type": "string" }, "xksKeyConfigurations": { "description": "Information about the external key that is associated with a KMS key in an external key store.\n", "items": { "$ref": "#/types/aws:kms/getKeyXksKeyConfiguration:getKeyXksKeyConfiguration" }, "type": "array" } }, "required": [ "arn", "awsAccountId", "cloudHsmClusterId", "creationDate", "customKeyStoreId", "customerMasterKeySpec", "deletionDate", "description", "enabled", "expirationModel", "keyId", "keyManager", "keySpec", "keyState", "keyUsage", "multiRegion", "multiRegionConfigurations", "origin", "pendingDeletionWindowInDays", "validTo", "xksKeyConfigurations", "id" ], "type": "object" } }, "aws:kms/getPublicKey:getPublicKey": { "description": "Use this data source to get the public key about the specified KMS Key with flexible key id input. This can be useful to reference key alias without having to hard code the ARN as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byAlias = aws.kms.getPublicKey({\n keyId: \"alias/my-key\",\n});\nconst byId = aws.kms.getPublicKey({\n keyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n});\nconst byAliasArn = aws.kms.getPublicKey({\n keyId: \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n});\nconst byKeyArn = aws.kms.getPublicKey({\n keyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_alias = aws.kms.get_public_key(key_id=\"alias/my-key\")\nby_id = aws.kms.get_public_key(key_id=\"1234abcd-12ab-34cd-56ef-1234567890ab\")\nby_alias_arn = aws.kms.get_public_key(key_id=\"arn:aws:kms:us-east-1:111122223333:alias/my-key\")\nby_key_arn = aws.kms.get_public_key(key_id=\"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byAlias = Aws.Kms.GetPublicKey.Invoke(new()\n {\n KeyId = \"alias/my-key\",\n });\n\n var byId = Aws.Kms.GetPublicKey.Invoke(new()\n {\n KeyId = \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n });\n\n var byAliasArn = Aws.Kms.GetPublicKey.Invoke(new()\n {\n KeyId = \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n });\n\n var byKeyArn = Aws.Kms.GetPublicKey.Invoke(new()\n {\n KeyId = \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.GetPublicKey(ctx, \u0026kms.GetPublicKeyArgs{\n\t\t\tKeyId: \"alias/my-key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.GetPublicKey(ctx, \u0026kms.GetPublicKeyArgs{\n\t\t\tKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.GetPublicKey(ctx, \u0026kms.GetPublicKeyArgs{\n\t\t\tKeyId: \"arn:aws:kms:us-east-1:111122223333:alias/my-key\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.GetPublicKey(ctx, \u0026kms.GetPublicKeyArgs{\n\t\t\tKeyId: \"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.KmsFunctions;\nimport com.pulumi.aws.kms.inputs.GetPublicKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byAlias = KmsFunctions.getPublicKey(GetPublicKeyArgs.builder()\n .keyId(\"alias/my-key\")\n .build());\n\n final var byId = KmsFunctions.getPublicKey(GetPublicKeyArgs.builder()\n .keyId(\"1234abcd-12ab-34cd-56ef-1234567890ab\")\n .build());\n\n final var byAliasArn = KmsFunctions.getPublicKey(GetPublicKeyArgs.builder()\n .keyId(\"arn:aws:kms:us-east-1:111122223333:alias/my-key\")\n .build());\n\n final var byKeyArn = KmsFunctions.getPublicKey(GetPublicKeyArgs.builder()\n .keyId(\"arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byAlias:\n fn::invoke:\n Function: aws:kms:getPublicKey\n Arguments:\n keyId: alias/my-key\n byId:\n fn::invoke:\n Function: aws:kms:getPublicKey\n Arguments:\n keyId: 1234abcd-12ab-34cd-56ef-1234567890ab\n byAliasArn:\n fn::invoke:\n Function: aws:kms:getPublicKey\n Arguments:\n keyId: arn:aws:kms:us-east-1:111122223333:alias/my-key\n byKeyArn:\n fn::invoke:\n Function: aws:kms:getPublicKey\n Arguments:\n keyId: arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPublicKey.\n", "properties": { "grantTokens": { "type": "array", "items": { "type": "string" }, "description": "List of grant tokens\n" }, "keyId": { "type": "string", "description": "Key identifier which can be one of the following format:\n* Key ID. E.g - `1234abcd-12ab-34cd-56ef-1234567890ab`\n* Key ARN. E.g. - `arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n* Alias name. E.g. - `alias/my-key`\n* Alias ARN - E.g. - `arn:aws:kms:us-east-1:111122223333:alias/my-key`\n" } }, "type": "object", "required": [ "keyId" ] }, "outputs": { "description": "A collection of values returned by getPublicKey.\n", "properties": { "arn": { "description": "Key ARN of the asymmetric CMK from which the public key was downloaded.\n", "type": "string" }, "customerMasterKeySpec": { "description": "Type of the public key that was downloaded.\n", "type": "string" }, "encryptionAlgorithms": { "description": "Encryption algorithms that AWS KMS supports for this key. Only set when the `key_usage` of the public key is `ENCRYPT_DECRYPT`.\n", "items": { "type": "string" }, "type": "array" }, "grantTokens": { "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keyId": { "type": "string" }, "keyUsage": { "description": "Permitted use of the public key. Valid values are `ENCRYPT_DECRYPT` or `SIGN_VERIFY`\n", "type": "string" }, "publicKey": { "description": "Exported public key. The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI), as defined in [RFC 5280](https://tools.ietf.org/html/rfc5280). The value is Base64-encoded.\n", "type": "string" }, "publicKeyPem": { "description": "Exported public key. The value is Privacy Enhanced Mail (PEM) encoded.\n", "type": "string" }, "signingAlgorithms": { "description": "Signing algorithms that AWS KMS supports for this key. Only set when the `key_usage` of the public key is `SIGN_VERIFY`.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "customerMasterKeySpec", "encryptionAlgorithms", "keyId", "keyUsage", "publicKey", "publicKeyPem", "signingAlgorithms", "id" ], "type": "object" } }, "aws:kms/getSecret:getSecret": { "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretSecret:getSecretSecret" } } }, "type": "object", "required": [ "secrets" ] }, "outputs": { "description": "A collection of values returned by getSecret.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "secrets": { "items": { "$ref": "#/types/aws:kms/getSecretSecret:getSecretSecret" }, "type": "array" } }, "required": [ "secrets", "id" ], "type": "object" } }, "aws:kms/getSecrets:getSecrets": { "description": "Decrypt multiple secrets from data encrypted with the AWS KMS service.\n\n## Example Usage\n\nIf you do not already have a `CiphertextBlob` from encrypting a KMS secret, you can use the below commands to obtain one using the [AWS CLI kms encrypt](https://docs.aws.amazon.com/cli/latest/reference/kms/encrypt.html) command. This requires you to have your AWS CLI setup correctly and replace the `--key-id` with your own. Alternatively you can use `--plaintext 'master-password'` (CLIv1) or `--plaintext fileb://\u003c(echo -n 'master-password')` (CLIv2) instead of reading from a file.\n\n\u003e If you have a newline character at the end of your file, it will be decrypted with this newline character intact. For most use cases this is undesirable and leads to incorrect passwords or invalid values, as well as possible changes in the plan. Be sure to use `echo -n` if necessary.\n\u003e If you are using asymmetric keys ensure you are using the right encryption algorithm when you encrypt and decrypt else you will get IncorrectKeyException during the decrypt phase.\n\n```console\n% echo -n 'master-password' \u003e plaintext-password\n% aws kms encrypt --key-id ab123456-c012-4567-890a-deadbeef123 --plaintext fileb://plaintext-password --encryption-context foo=bar --output text --query CiphertextBlob\nAQECAHgaPa0J8WadplGCqqVAr4HNvDaFSQ+NaiwIBhmm6qDSFwAAAGIwYAYJKoZIhvcNAQcGoFMwUQIBADBMBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDI+LoLdvYv8l41OhAAIBEIAfx49FFJCLeYrkfMfAw6XlnxP23MmDBdqP8dPp28OoAQ==\n% aws kms encrypt --key-id ab123456-c012-4567-890a-deadbeef123 --plaintext fileb://plaintext-password --encryption-algorithm RSAES_OAEP_SHA_256 --output text --query CiphertextBlob\nAQECAHgaPa0J8WadplGCqqVAr4HNvDaFSQ+NaiwIBhmm6qDSFwAAAGIwYAYJKoZIhvcNAQcGoFMwUQIBADBMBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDI+LoLdvYv8l41OhAAIBEIAfx49FFJCLeYrkfMfAw6XlnxP23MmDBdqP8dPp28OoAQ==\n```\n\nThat encrypted output can now be inserted into provider configurations without exposing the plaintext secret directly.\n\n", "inputs": { "description": "A collection of arguments for invoking getSecrets.\n", "properties": { "secrets": { "type": "array", "items": { "$ref": "#/types/aws:kms/getSecretsSecret:getSecretsSecret" }, "description": "One or more encrypted payload definitions from the KMS service. See the Secret Definitions below.\n" } }, "type": "object", "required": [ "secrets" ] }, "outputs": { "description": "A collection of values returned by getSecrets.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "plaintext": { "additionalProperties": { "type": "string" }, "description": "Map containing each `secret` `name` as the key with its decrypted plaintext value\n", "secret": true, "type": "object" }, "secrets": { "items": { "$ref": "#/types/aws:kms/getSecretsSecret:getSecretsSecret" }, "type": "array" } }, "required": [ "plaintext", "secrets", "id" ], "type": "object" } }, "aws:lakeformation/getDataLakeSettings:getDataLakeSettings": { "description": "Get Lake Formation principals designated as data lake administrators and lists of principal permission entries for default create database and default create table permissions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.lakeformation.getDataLakeSettings({\n catalogId: \"14916253649\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.get_data_lake_settings(catalog_id=\"14916253649\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.LakeFormation.GetDataLakeSettings.Invoke(new()\n {\n CatalogId = \"14916253649\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.LookupDataLakeSettings(ctx, \u0026lakeformation.LookupDataLakeSettingsArgs{\n\t\t\tCatalogId: pulumi.StringRef(\"14916253649\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LakeformationFunctions;\nimport com.pulumi.aws.lakeformation.inputs.GetDataLakeSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LakeformationFunctions.getDataLakeSettings(GetDataLakeSettingsArgs.builder()\n .catalogId(\"14916253649\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:lakeformation:getDataLakeSettings\n Arguments:\n catalogId: '14916253649'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDataLakeSettings.\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDataLakeSettings.\n", "properties": { "admins": { "description": "List of ARNs of AWS Lake Formation principals (IAM users or roles).\n", "items": { "type": "string" }, "type": "array" }, "allowExternalDataFiltering": { "description": "Whether to allow Amazon EMR clusters to access data managed by Lake Formation.\n", "type": "boolean" }, "allowFullTableExternalDataAccess": { "description": "Whether to allow a third-party query engine to get data access credentials without session tags when a caller has full data access permissions.\n", "type": "boolean" }, "authorizedSessionTagValueLists": { "description": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it.\n", "items": { "type": "string" }, "type": "array" }, "catalogId": { "type": "string" }, "createDatabaseDefaultPermissions": { "description": "Up to three configuration blocks of principal permissions for default create database permissions. Detailed below.\n", "items": { "$ref": "#/types/aws:lakeformation/getDataLakeSettingsCreateDatabaseDefaultPermission:getDataLakeSettingsCreateDatabaseDefaultPermission" }, "type": "array" }, "createTableDefaultPermissions": { "description": "Up to three configuration blocks of principal permissions for default create table permissions. Detailed below.\n", "items": { "$ref": "#/types/aws:lakeformation/getDataLakeSettingsCreateTableDefaultPermission:getDataLakeSettingsCreateTableDefaultPermission" }, "type": "array" }, "externalDataFilteringAllowLists": { "description": "A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "readOnlyAdmins": { "description": "List of ARNs of AWS Lake Formation principals (IAM users or roles) with only view access to the resources.\n", "items": { "type": "string" }, "type": "array" }, "trustedResourceOwners": { "description": "List of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs).\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "admins", "allowExternalDataFiltering", "allowFullTableExternalDataAccess", "authorizedSessionTagValueLists", "createDatabaseDefaultPermissions", "createTableDefaultPermissions", "externalDataFilteringAllowLists", "readOnlyAdmins", "trustedResourceOwners", "id" ], "type": "object" } }, "aws:lakeformation/getPermissions:getPermissions": { "description": "Get permissions for a principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. Permissions are granted to a principal, in a Data Catalog, relative to a Lake Formation resource, which includes the Data Catalog, databases, tables, LF-tags, and LF-tag policies. For more information, see [Security and Access Control to Metadata and Data in Lake Formation](https://docs.aws.amazon.com/lake-formation/latest/dg/security-data-access.html).\n\n\u003e **NOTE:** This data source deals with explicitly granted permissions. Lake Formation grants implicit permissions to data lake administrators, database creators, and table creators. For more information, see [Implicit Lake Formation Permissions](https://docs.aws.amazon.com/lake-formation/latest/dg/implicit-permissions.html).\n\n## Example Usage\n\n### Permissions For A Lake Formation S3 Resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.lakeformation.getPermissions({\n principal: workflowRole.arn,\n dataLocation: {\n arn: testAwsLakeformationResource.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lakeformation.get_permissions(principal=workflow_role[\"arn\"],\n data_location={\n \"arn\": test_aws_lakeformation_resource[\"arn\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.LakeFormation.GetPermissions.Invoke(new()\n {\n Principal = workflowRole.Arn,\n DataLocation = new Aws.LakeFormation.Inputs.GetPermissionsDataLocationInputArgs\n {\n Arn = testAwsLakeformationResource.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.LookupPermissions(ctx, \u0026lakeformation.LookupPermissionsArgs{\n\t\t\tPrincipal: workflowRole.Arn,\n\t\t\tDataLocation: lakeformation.GetPermissionsDataLocation{\n\t\t\t\tArn: testAwsLakeformationResource.Arn,\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LakeformationFunctions;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsDataLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()\n .principal(workflowRole.arn())\n .dataLocation(GetPermissionsDataLocationArgs.builder()\n .arn(testAwsLakeformationResource.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:lakeformation:getPermissions\n Arguments:\n principal: ${workflowRole.arn}\n dataLocation:\n arn: ${testAwsLakeformationResource.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Permissions For A Glue Catalog Database\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.lakeformation.getPermissions({\n principal: workflowRole.arn,\n database: {\n name: testAwsGlueCatalogDatabase.name,\n catalogId: \"110376042874\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lakeformation.get_permissions(principal=workflow_role[\"arn\"],\n database={\n \"name\": test_aws_glue_catalog_database[\"name\"],\n \"catalog_id\": \"110376042874\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.LakeFormation.GetPermissions.Invoke(new()\n {\n Principal = workflowRole.Arn,\n Database = new Aws.LakeFormation.Inputs.GetPermissionsDatabaseInputArgs\n {\n Name = testAwsGlueCatalogDatabase.Name,\n CatalogId = \"110376042874\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.LookupPermissions(ctx, \u0026lakeformation.LookupPermissionsArgs{\n\t\t\tPrincipal: workflowRole.Arn,\n\t\t\tDatabase: lakeformation.GetPermissionsDatabase{\n\t\t\t\tName: testAwsGlueCatalogDatabase.Name,\n\t\t\t\tCatalogId: \"110376042874\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LakeformationFunctions;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsDatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()\n .principal(workflowRole.arn())\n .database(GetPermissionsDatabaseArgs.builder()\n .name(testAwsGlueCatalogDatabase.name())\n .catalogId(\"110376042874\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:lakeformation:getPermissions\n Arguments:\n principal: ${workflowRole.arn}\n database:\n name: ${testAwsGlueCatalogDatabase.name}\n catalogId: '110376042874'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Permissions For Tag-Based Access Control\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.lakeformation.getPermissions({\n principal: workflowRole.arn,\n lfTagPolicy: {\n resourceType: \"DATABASE\",\n expressions: [\n {\n key: \"Team\",\n values: [\"Sales\"],\n },\n {\n key: \"Environment\",\n values: [\n \"Dev\",\n \"Production\",\n ],\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lakeformation.get_permissions(principal=workflow_role[\"arn\"],\n lf_tag_policy={\n \"resource_type\": \"DATABASE\",\n \"expressions\": [\n {\n \"key\": \"Team\",\n \"values\": [\"Sales\"],\n },\n {\n \"key\": \"Environment\",\n \"values\": [\n \"Dev\",\n \"Production\",\n ],\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.LakeFormation.GetPermissions.Invoke(new()\n {\n Principal = workflowRole.Arn,\n LfTagPolicy = new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyInputArgs\n {\n ResourceType = \"DATABASE\",\n Expressions = new[]\n {\n new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs\n {\n Key = \"Team\",\n Values = new[]\n {\n \"Sales\",\n },\n },\n new Aws.LakeFormation.Inputs.GetPermissionsLfTagPolicyExpressionInputArgs\n {\n Key = \"Environment\",\n Values = new[]\n {\n \"Dev\",\n \"Production\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.LookupPermissions(ctx, \u0026lakeformation.LookupPermissionsArgs{\n\t\t\tPrincipal: workflowRole.Arn,\n\t\t\tLfTagPolicy: lakeformation.GetPermissionsLfTagPolicy{\n\t\t\t\tResourceType: \"DATABASE\",\n\t\t\t\tExpressions: []lakeformation.GetPermissionsLfTagPolicyExpression{\n\t\t\t\t\t{\n\t\t\t\t\t\tKey: \"Team\",\n\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\"Sales\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tKey: \"Environment\",\n\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\"Dev\",\n\t\t\t\t\t\t\t\"Production\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LakeformationFunctions;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsArgs;\nimport com.pulumi.aws.lakeformation.inputs.GetPermissionsLfTagPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = LakeformationFunctions.getPermissions(GetPermissionsArgs.builder()\n .principal(workflowRole.arn())\n .lfTagPolicy(GetPermissionsLfTagPolicyArgs.builder()\n .resourceType(\"DATABASE\")\n .expressions( \n GetPermissionsLfTagPolicyExpressionArgs.builder()\n .key(\"Team\")\n .values(\"Sales\")\n .build(),\n GetPermissionsLfTagPolicyExpressionArgs.builder()\n .key(\"Environment\")\n .values( \n \"Dev\",\n \"Production\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:lakeformation:getPermissions\n Arguments:\n principal: ${workflowRole.arn}\n lfTagPolicy:\n resourceType: DATABASE\n expressions:\n - key: Team\n values:\n - Sales\n - key: Environment\n values:\n - Dev\n - Production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPermissions.\n", "properties": { "catalogId": { "type": "string", "description": "Identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.\n" }, "catalogResource": { "type": "boolean", "description": "Whether the permissions are to be granted for the Data Catalog. Defaults to `false`.\n" }, "dataCellsFilter": { "$ref": "#/types/aws:lakeformation/getPermissionsDataCellsFilter:getPermissionsDataCellsFilter", "description": "Configuration block for a data cells filter resource. Detailed below.\n" }, "dataLocation": { "$ref": "#/types/aws:lakeformation/getPermissionsDataLocation:getPermissionsDataLocation", "description": "Configuration block for a data location resource. Detailed below.\n" }, "database": { "$ref": "#/types/aws:lakeformation/getPermissionsDatabase:getPermissionsDatabase", "description": "Configuration block for a database resource. Detailed below.\n" }, "lfTag": { "$ref": "#/types/aws:lakeformation/getPermissionsLfTag:getPermissionsLfTag", "description": "Configuration block for an LF-tag resource. Detailed below.\n" }, "lfTagPolicy": { "$ref": "#/types/aws:lakeformation/getPermissionsLfTagPolicy:getPermissionsLfTagPolicy", "description": "Configuration block for an LF-tag policy resource. Detailed below.\n" }, "principal": { "type": "string", "description": "Principal to be granted the permissions on the resource. Supported principals are IAM users or IAM roles.\n\nOne of the following is required:\n" }, "table": { "$ref": "#/types/aws:lakeformation/getPermissionsTable:getPermissionsTable", "description": "Configuration block for a table resource. Detailed below.\n" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/getPermissionsTableWithColumns:getPermissionsTableWithColumns", "description": "Configuration block for a table with columns resource. Detailed below.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "principal" ] }, "outputs": { "description": "A collection of values returned by getPermissions.\n", "properties": { "catalogId": { "type": "string" }, "catalogResource": { "type": "boolean" }, "dataCellsFilter": { "$ref": "#/types/aws:lakeformation/getPermissionsDataCellsFilter:getPermissionsDataCellsFilter" }, "dataLocation": { "$ref": "#/types/aws:lakeformation/getPermissionsDataLocation:getPermissionsDataLocation" }, "database": { "$ref": "#/types/aws:lakeformation/getPermissionsDatabase:getPermissionsDatabase" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lfTag": { "$ref": "#/types/aws:lakeformation/getPermissionsLfTag:getPermissionsLfTag" }, "lfTagPolicy": { "$ref": "#/types/aws:lakeformation/getPermissionsLfTagPolicy:getPermissionsLfTagPolicy" }, "permissions": { "description": "List of permissions granted to the principal. For details on permissions, see [Lake Formation Permissions Reference](https://docs.aws.amazon.com/lake-formation/latest/dg/lf-permissions-reference.html).\n", "items": { "type": "string" }, "type": "array" }, "permissionsWithGrantOptions": { "description": "Subset of `permissions` which the principal can pass.\n", "items": { "type": "string" }, "type": "array" }, "principal": { "type": "string" }, "table": { "$ref": "#/types/aws:lakeformation/getPermissionsTable:getPermissionsTable" }, "tableWithColumns": { "$ref": "#/types/aws:lakeformation/getPermissionsTableWithColumns:getPermissionsTableWithColumns" } }, "required": [ "dataCellsFilter", "dataLocation", "database", "lfTag", "lfTagPolicy", "permissions", "permissionsWithGrantOptions", "principal", "table", "tableWithColumns", "id" ], "type": "object" } }, "aws:lakeformation/getResource:getResource": { "description": "Provides details about a Lake Formation resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.lakeformation.getResource({\n arn: \"arn:aws:s3:::tf-acc-test-9151654063908211878\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lakeformation.get_resource(arn=\"arn:aws:s3:::tf-acc-test-9151654063908211878\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.LakeFormation.GetResource.Invoke(new()\n {\n Arn = \"arn:aws:s3:::tf-acc-test-9151654063908211878\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lakeformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lakeformation.LookupResource(ctx, \u0026lakeformation.LookupResourceArgs{\n\t\t\tArn: \"arn:aws:s3:::tf-acc-test-9151654063908211878\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lakeformation.LakeformationFunctions;\nimport com.pulumi.aws.lakeformation.inputs.GetResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LakeformationFunctions.getResource(GetResourceArgs.builder()\n .arn(\"arn:aws:s3:::tf-acc-test-9151654063908211878\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:lakeformation:getResource\n Arguments:\n arn: arn:aws:s3:::tf-acc-test-9151654063908211878\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResource.\n", "properties": { "arn": { "type": "string", "description": "ARN of the resource, an S3 path.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getResource.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastModified": { "description": "Date and time the resource was last modified in [RFC 3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).\n", "type": "string" }, "roleArn": { "description": "Role that the resource was registered with.\n", "type": "string" } }, "required": [ "arn", "lastModified", "roleArn", "id" ], "type": "object" } }, "aws:lambda/getAlias:getAlias": { "description": "Provides information about a Lambda Alias.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst production = aws.lambda.getAlias({\n functionName: \"my-lambda-func\",\n name: \"production\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction = aws.lambda.get_alias(function_name=\"my-lambda-func\",\n name=\"production\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var production = Aws.Lambda.GetAlias.Invoke(new()\n {\n FunctionName = \"my-lambda-func\",\n Name = \"production\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.LookupAlias(ctx, \u0026lambda.LookupAliasArgs{\n\t\t\tFunctionName: \"my-lambda-func\",\n\t\t\tName: \"production\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport com.pulumi.aws.lambda.inputs.GetAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var production = LambdaFunctions.getAlias(GetAliasArgs.builder()\n .functionName(\"my-lambda-func\")\n .name(\"production\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n production:\n fn::invoke:\n Function: aws:lambda:getAlias\n Arguments:\n functionName: my-lambda-func\n name: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAlias.\n", "properties": { "functionName": { "type": "string", "description": "Name of the aliased Lambda function.\n" }, "name": { "type": "string", "description": "Name of the Lambda alias.\n" } }, "type": "object", "required": [ "functionName", "name" ] }, "outputs": { "description": "A collection of values returned by getAlias.\n", "properties": { "arn": { "description": "ARN identifying the Lambda function alias.\n", "type": "string" }, "description": { "description": "Description of alias.\n", "type": "string" }, "functionName": { "type": "string" }, "functionVersion": { "description": "Lambda function version which the alias uses.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "invokeArn": { "description": "ARN to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's `uri`.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "description", "functionName", "functionVersion", "invokeArn", "name", "id" ], "type": "object" } }, "aws:lambda/getCodeSigningConfig:getCodeSigningConfig": { "description": "Provides information about a Lambda Code Signing Config. A code signing configuration defines a list of allowed signing profiles and defines the code-signing validation policy (action to be taken if deployment validation checks fail).\n\nFor information about Lambda code signing configurations and how to use them, see [configuring code signing for Lambda functions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst existingCsc = aws.lambda.getCodeSigningConfig({\n arn: `arn:aws:lambda:${awsRegion}:${awsAccount}:code-signing-config:csc-0f6c334abcdea4d8b`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexisting_csc = aws.lambda.get_code_signing_config(arn=f\"arn:aws:lambda:{aws_region}:{aws_account}:code-signing-config:csc-0f6c334abcdea4d8b\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var existingCsc = Aws.Lambda.GetCodeSigningConfig.Invoke(new()\n {\n Arn = $\"arn:aws:lambda:{awsRegion}:{awsAccount}:code-signing-config:csc-0f6c334abcdea4d8b\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.LookupCodeSigningConfig(ctx, \u0026lambda.LookupCodeSigningConfigArgs{\n\t\t\tArn: fmt.Sprintf(\"arn:aws:lambda:%v:%v:code-signing-config:csc-0f6c334abcdea4d8b\", awsRegion, awsAccount),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport com.pulumi.aws.lambda.inputs.GetCodeSigningConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var existingCsc = LambdaFunctions.getCodeSigningConfig(GetCodeSigningConfigArgs.builder()\n .arn(String.format(\"arn:aws:lambda:%s:%s:code-signing-config:csc-0f6c334abcdea4d8b\", awsRegion,awsAccount))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n existingCsc:\n fn::invoke:\n Function: aws:lambda:getCodeSigningConfig\n Arguments:\n arn: arn:aws:lambda:${awsRegion}:${awsAccount}:code-signing-config:csc-0f6c334abcdea4d8b\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCodeSigningConfig.\n", "properties": { "arn": { "type": "string", "description": "ARN of the code signing configuration.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getCodeSigningConfig.\n", "properties": { "allowedPublishers": { "description": "List of allowed publishers as signing profiles for this code signing configuration.\n", "items": { "$ref": "#/types/aws:lambda/getCodeSigningConfigAllowedPublisher:getCodeSigningConfigAllowedPublisher" }, "type": "array" }, "arn": { "type": "string" }, "configId": { "description": "Unique identifier for the code signing configuration.\n", "type": "string" }, "description": { "description": "Code signing configuration description.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastModified": { "description": "Date and time that the code signing configuration was last modified.\n", "type": "string" }, "policies": { "description": "List of code signing policies that control the validation failure action for signature mismatch or expiry.\n", "items": { "$ref": "#/types/aws:lambda/getCodeSigningConfigPolicy:getCodeSigningConfigPolicy" }, "type": "array" } }, "required": [ "allowedPublishers", "arn", "configId", "description", "lastModified", "policies", "id" ], "type": "object" } }, "aws:lambda/getFunction:getFunction": { "description": "Provides information about a Lambda Function.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst functionName = config.require(\"functionName\");\nconst existing = aws.lambda.getFunction({\n functionName: functionName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfunction_name = config.require(\"functionName\")\nexisting = aws.lambda.get_function(function_name=function_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var functionName = config.Require(\"functionName\");\n var existing = Aws.Lambda.GetFunction.Invoke(new()\n {\n FunctionName = functionName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tfunctionName := cfg.Require(\"functionName\")\n\t\t_, err := lambda.LookupFunction(ctx, \u0026lambda.LookupFunctionArgs{\n\t\t\tFunctionName: functionName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport com.pulumi.aws.lambda.inputs.GetFunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var functionName = config.get(\"functionName\");\n final var existing = LambdaFunctions.getFunction(GetFunctionArgs.builder()\n .functionName(functionName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n functionName:\n type: string\nvariables:\n existing:\n fn::invoke:\n Function: aws:lambda:getFunction\n Arguments:\n functionName: ${functionName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFunction.\n", "properties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n" }, "qualifier": { "type": "string", "description": "Alias name or version number of the lambda functionE.g., `$LATEST`, `my-alias`, or `1`. When not included: the data source resolves to the most recent published version; if no published version exists: it resolves to the most recent unpublished version.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "functionName" ] }, "outputs": { "description": "A collection of values returned by getFunction.\n", "properties": { "architectures": { "description": "Instruction set architecture for the Lambda function.\n", "items": { "type": "string" }, "type": "array" }, "arn": { "description": "Unqualified (no `:QUALIFIER` or `:VERSION` suffix) ARN identifying your Lambda Function. See also `qualified_arn`.\n", "type": "string" }, "codeSha256": { "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n", "type": "string" }, "codeSigningConfigArn": { "description": "ARN for a Code Signing Configuration.\n", "type": "string" }, "deadLetterConfig": { "$ref": "#/types/aws:lambda/getFunctionDeadLetterConfig:getFunctionDeadLetterConfig", "description": "Configure the function's *dead letter queue*.\n" }, "description": { "description": "Description of what your Lambda Function does.\n", "type": "string" }, "environment": { "$ref": "#/types/aws:lambda/getFunctionEnvironment:getFunctionEnvironment", "description": "Lambda environment's configuration settings.\n" }, "ephemeralStorages": { "description": "Amount of Ephemeral storage(`/tmp`) allocated for the Lambda Function.\n", "items": { "$ref": "#/types/aws:lambda/getFunctionEphemeralStorage:getFunctionEphemeralStorage" }, "type": "array" }, "fileSystemConfigs": { "description": "Connection settings for an Amazon EFS file system.\n", "items": { "$ref": "#/types/aws:lambda/getFunctionFileSystemConfig:getFunctionFileSystemConfig" }, "type": "array" }, "functionName": { "type": "string" }, "handler": { "description": "Function entrypoint in your code.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageUri": { "description": "URI of the container image.\n", "type": "string" }, "invokeArn": { "description": "ARN to be used for invoking Lambda Function from API Gateway. **NOTE:** Starting with `v4.51.0` of the provider, this will *not* include the qualifier.\n", "type": "string" }, "kmsKeyArn": { "description": "ARN for the KMS encryption key.\n", "type": "string" }, "lastModified": { "description": "Date this resource was last modified.\n", "type": "string" }, "layers": { "description": "List of Lambda Layer ARNs attached to your Lambda Function.\n", "items": { "type": "string" }, "type": "array" }, "loggingConfigs": { "description": "Advanced logging settings.\n", "items": { "$ref": "#/types/aws:lambda/getFunctionLoggingConfig:getFunctionLoggingConfig" }, "type": "array" }, "memorySize": { "description": "Amount of memory in MB your Lambda Function can use at runtime.\n", "type": "integer" }, "qualifiedArn": { "description": "Qualified (`:QUALIFIER` or `:VERSION` suffix) ARN identifying your Lambda Function. See also `arn`.\n", "type": "string" }, "qualifiedInvokeArn": { "description": "Qualified (`:QUALIFIER` or `:VERSION` suffix) ARN to be used for invoking Lambda Function from API Gateway. See also `invoke_arn`.\n", "type": "string" }, "qualifier": { "type": "string" }, "reservedConcurrentExecutions": { "description": "The amount of reserved concurrent executions for this lambda function or `-1` if unreserved.\n", "type": "integer" }, "role": { "description": "IAM role attached to the Lambda Function.\n", "type": "string" }, "runtime": { "description": "Runtime environment for the Lambda function.\n", "type": "string" }, "signingJobArn": { "description": "ARN of a signing job.\n", "type": "string" }, "signingProfileVersionArn": { "description": "The ARN for a signing profile version.\n", "type": "string" }, "sourceCodeHash": { "deprecationMessage": "This attribute is deprecated and will be removed in a future major version. Use `code_sha256` instead.", "description": "(**Deprecated** use `code_sha256` instead) Base64-encoded representation of raw SHA-256 sum of the zip file.\n", "type": "string" }, "sourceCodeSize": { "description": "Size in bytes of the function .zip file.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "timeout": { "description": "Function execution time at which Lambda should terminate the function.\n", "type": "integer" }, "tracingConfig": { "$ref": "#/types/aws:lambda/getFunctionTracingConfig:getFunctionTracingConfig", "description": "Tracing settings of the function.\n" }, "version": { "description": "The version of the Lambda function returned. If `qualifier` is not set, this will resolve to the most recent published version. If no published version of the function exists, `version` will resolve to `$LATEST`.\n", "type": "string" }, "vpcConfig": { "$ref": "#/types/aws:lambda/getFunctionVpcConfig:getFunctionVpcConfig", "description": "VPC configuration associated with your Lambda function.\n" } }, "required": [ "architectures", "arn", "codeSha256", "codeSigningConfigArn", "deadLetterConfig", "description", "environment", "ephemeralStorages", "fileSystemConfigs", "functionName", "handler", "imageUri", "invokeArn", "kmsKeyArn", "lastModified", "layers", "loggingConfigs", "memorySize", "qualifiedArn", "qualifiedInvokeArn", "reservedConcurrentExecutions", "role", "runtime", "signingJobArn", "signingProfileVersionArn", "sourceCodeHash", "sourceCodeSize", "tags", "timeout", "tracingConfig", "version", "vpcConfig", "id" ], "type": "object" } }, "aws:lambda/getFunctionUrl:getFunctionUrl": { "description": "Provides information about a Lambda function URL.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst functionName = config.require(\"functionName\");\nconst existing = aws.lambda.getFunctionUrl({\n functionName: functionName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nfunction_name = config.require(\"functionName\")\nexisting = aws.lambda.get_function_url(function_name=function_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var functionName = config.Require(\"functionName\");\n var existing = Aws.Lambda.GetFunctionUrl.Invoke(new()\n {\n FunctionName = functionName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tfunctionName := cfg.Require(\"functionName\")\n\t\t_, err := lambda.LookupFunctionUrl(ctx, \u0026lambda.LookupFunctionUrlArgs{\n\t\t\tFunctionName: functionName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport com.pulumi.aws.lambda.inputs.GetFunctionUrlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var functionName = config.get(\"functionName\");\n final var existing = LambdaFunctions.getFunctionUrl(GetFunctionUrlArgs.builder()\n .functionName(functionName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n functionName:\n type: string\nvariables:\n existing:\n fn::invoke:\n Function: aws:lambda:getFunctionUrl\n Arguments:\n functionName: ${functionName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFunctionUrl.\n", "properties": { "functionName": { "type": "string", "description": "The name (or ARN) of the Lambda function.\n" }, "qualifier": { "type": "string", "description": "Alias name or `\"$LATEST\"`.\n" } }, "type": "object", "required": [ "functionName" ] }, "outputs": { "description": "A collection of values returned by getFunctionUrl.\n", "properties": { "authorizationType": { "description": "Type of authentication that the function URL uses.\n", "type": "string" }, "cors": { "description": "The [cross-origin resource sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for the function URL. See the `aws.lambda.FunctionUrl` resource documentation for more details.\n", "items": { "$ref": "#/types/aws:lambda/getFunctionUrlCor:getFunctionUrlCor" }, "type": "array" }, "creationTime": { "description": "When the function URL was created, in [ISO-8601 format](https://www.w3.org/TR/NOTE-datetime).\n", "type": "string" }, "functionArn": { "description": "ARN of the function.\n", "type": "string" }, "functionName": { "type": "string" }, "functionUrl": { "description": "HTTP URL endpoint for the function in the format `https://\u003curl_id\u003e.lambda-url.\u003cregion\u003e.on.aws/`.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "invokeMode": { "description": "Whether the Lambda function responds in `BUFFERED` or `RESPONSE_STREAM` mode.\n", "type": "string" }, "lastModifiedTime": { "description": "When the function URL configuration was last updated, in [ISO-8601 format](https://www.w3.org/TR/NOTE-datetime).\n", "type": "string" }, "qualifier": { "type": "string" }, "urlId": { "description": "Generated ID for the endpoint.\n", "type": "string" } }, "required": [ "authorizationType", "cors", "creationTime", "functionArn", "functionName", "functionUrl", "invokeMode", "lastModifiedTime", "urlId", "id" ], "type": "object" } }, "aws:lambda/getFunctions:getFunctions": { "description": "Data resource to get a list of Lambda Functions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst all = aws.lambda.getFunctions({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nall = aws.lambda.get_functions()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = Aws.Lambda.GetFunctions.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.GetFunctions(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = LambdaFunctions.getFunctions();\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n Function: aws:lambda:getFunctions\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getFunctions.\n", "properties": { "functionArns": { "description": "A list of Lambda Function ARNs.\n", "items": { "type": "string" }, "type": "array" }, "functionNames": { "description": "A list of Lambda Function names.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "functionArns", "functionNames", "id" ], "type": "object" } }, "aws:lambda/getInvocation:getInvocation": { "description": "Use this data source to invoke custom lambda functions as data source.\nThe lambda function is invoked with [RequestResponse](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax)\ninvocation type.\n\n\u003e **NOTE:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking an `aws.lambda.Function` with environment variables, the IAM role associated with the function may have been deleted and recreated _after_ the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to `taint` the function and `apply` your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n", "inputs": { "description": "A collection of arguments for invoking getInvocation.\n", "properties": { "functionName": { "type": "string", "description": "Name of the lambda function.\n" }, "input": { "type": "string", "description": "String in JSON format that is passed as payload to the lambda function.\n" }, "qualifier": { "type": "string", "description": "Qualifier (a.k.a version) of the lambda function. Defaults\nto `$LATEST`.\n" } }, "type": "object", "required": [ "functionName", "input" ] }, "outputs": { "description": "A collection of values returned by getInvocation.\n", "properties": { "functionName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "input": { "type": "string" }, "qualifier": { "type": "string" }, "result": { "description": "String result of the lambda function invocation.\n", "type": "string" } }, "required": [ "functionName", "input", "result", "id" ], "type": "object" } }, "aws:lambda/getLayerVersion:getLayerVersion": { "description": "Provides information about a Lambda Layer Version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst layerName = config.require(\"layerName\");\nconst existing = aws.lambda.getLayerVersion({\n layerName: layerName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlayer_name = config.require(\"layerName\")\nexisting = aws.lambda.get_layer_version(layer_name=layer_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var layerName = config.Require(\"layerName\");\n var existing = Aws.Lambda.GetLayerVersion.Invoke(new()\n {\n LayerName = layerName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlayerName := cfg.Require(\"layerName\")\n\t\t_, err := lambda.LookupLayerVersion(ctx, \u0026lambda.LookupLayerVersionArgs{\n\t\t\tLayerName: layerName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LambdaFunctions;\nimport com.pulumi.aws.lambda.inputs.GetLayerVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var layerName = config.get(\"layerName\");\n final var existing = LambdaFunctions.getLayerVersion(GetLayerVersionArgs.builder()\n .layerName(layerName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n layerName:\n type: string\nvariables:\n existing:\n fn::invoke:\n Function: aws:lambda:getLayerVersion\n Arguments:\n layerName: ${layerName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLayerVersion.\n", "properties": { "compatibleArchitecture": { "type": "string", "description": "Specific architecture the layer version could support. Conflicts with `version`. If specified, the latest available layer version supporting the provided architecture will be used.\n" }, "compatibleRuntime": { "type": "string", "description": "Specific runtime the layer version must support. Conflicts with `version`. If specified, the latest available layer version supporting the provided runtime will be used.\n" }, "layerName": { "type": "string", "description": "Name of the lambda layer.\n" }, "version": { "type": "integer", "description": "Specific layer version. Conflicts with `compatible_runtime` and `compatible_architecture`. If omitted, the latest available layer version will be used.\n" } }, "type": "object", "required": [ "layerName" ] }, "outputs": { "description": "A collection of values returned by getLayerVersion.\n", "properties": { "arn": { "description": "ARN of the Lambda Layer with version.\n", "type": "string" }, "codeSha256": { "description": "Base64-encoded representation of raw SHA-256 sum of the zip file.\n", "type": "string" }, "compatibleArchitecture": { "type": "string" }, "compatibleArchitectures": { "description": "A list of [Architectures](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html#SSS-GetLayerVersion-response-CompatibleArchitectures) the specific Lambda Layer version is compatible with.\n", "items": { "type": "string" }, "type": "array" }, "compatibleRuntime": { "type": "string" }, "compatibleRuntimes": { "description": "List of [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html#SSS-GetLayerVersion-response-CompatibleRuntimes) the specific Lambda Layer version is compatible with.\n", "items": { "type": "string" }, "type": "array" }, "createdDate": { "description": "Date this resource was created.\n", "type": "string" }, "description": { "description": "Description of the specific Lambda Layer version.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "layerArn": { "description": "ARN of the Lambda Layer without version.\n", "type": "string" }, "layerName": { "type": "string" }, "licenseInfo": { "description": "License info associated with the specific Lambda Layer version.\n", "type": "string" }, "signingJobArn": { "description": "ARN of a signing job.\n", "type": "string" }, "signingProfileVersionArn": { "description": "The ARN for a signing profile version.\n", "type": "string" }, "sourceCodeHash": { "deprecationMessage": "This attribute is deprecated and will be removed in a future major version. Use `code_sha256` instead.", "description": "(**Deprecated** use `code_sha256` instead) Base64-encoded representation of raw SHA-256 sum of the zip file.\n", "type": "string" }, "sourceCodeSize": { "description": "Size in bytes of the function .zip file.\n", "type": "integer" }, "version": { "description": "This Lambda Layer version.\n", "type": "integer" } }, "required": [ "arn", "codeSha256", "compatibleArchitectures", "compatibleRuntimes", "createdDate", "description", "layerArn", "layerName", "licenseInfo", "signingJobArn", "signingProfileVersionArn", "sourceCodeHash", "sourceCodeSize", "version", "id" ], "type": "object" } }, "aws:lb/getHostedZoneId:getHostedZoneId": { "description": "Use this data source to get the HostedZoneId of the AWS Elastic Load Balancing (ELB) in a given region for the purpose of using in an AWS Route53 Alias. Specify the ELB type (`network` or `application`) to return the relevant the associated HostedZoneId. Ref: [ELB service endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html#elb_region)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.lb.getHostedZoneId({});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: primary.zoneId,\n name: \"example.com\",\n type: aws.route53.RecordType.A,\n aliases: [{\n name: mainAwsLb.dnsName,\n zoneId: main.then(main =\u003e main.id),\n evaluateTargetHealth: true,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.lb.get_hosted_zone_id()\nwww = aws.route53.Record(\"www\",\n zone_id=primary[\"zoneId\"],\n name=\"example.com\",\n type=aws.route53.RecordType.A,\n aliases=[{\n \"name\": main_aws_lb[\"dnsName\"],\n \"zone_id\": main.id,\n \"evaluate_target_health\": True,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.LB.GetHostedZoneId.Invoke();\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = primary.ZoneId,\n Name = \"example.com\",\n Type = Aws.Route53.RecordType.A,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = mainAwsLb.DnsName,\n ZoneId = main.Apply(getHostedZoneIdResult =\u003e getHostedZoneIdResult.Id),\n EvaluateTargetHealth = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := lb.GetHostedZoneId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(primary.ZoneId),\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: pulumi.Any(mainAwsLb.DnsName),\n\t\t\t\t\tZoneId: pulumi.String(main.Id),\n\t\t\t\t\tEvaluateTargetHealth: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetHostedZoneIdArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = LbFunctions.getHostedZoneId();\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(primary.zoneId())\n .name(\"example.com\")\n .type(\"A\")\n .aliases(RecordAliasArgs.builder()\n .name(mainAwsLb.dnsName())\n .zoneId(main.applyValue(getHostedZoneIdResult -\u003e getHostedZoneIdResult.id()))\n .evaluateTargetHealth(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${primary.zoneId}\n name: example.com\n type: A\n aliases:\n - name: ${mainAwsLb.dnsName}\n zoneId: ${main.id}\n evaluateTargetHealth: true\nvariables:\n main:\n fn::invoke:\n Function: aws:lb:getHostedZoneId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHostedZoneId.\n", "properties": { "loadBalancerType": { "type": "string", "description": "Type of load balancer to create. Possible values are `application` or `network`. The default value is `application`.\n" }, "region": { "type": "string", "description": "Name of the region whose AWS ELB HostedZoneId is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getHostedZoneId.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "loadBalancerType": { "type": "string" }, "region": { "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:lb/getLbs:getLbs": { "description": "Use this data source to get a list of Load Balancer ARNs matching the specified criteria. Useful for passing to other\nresources.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.lb.getLbs({\n tags: {\n \"elbv2.k8s.aws/cluster\": \"my-cluster\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.get_lbs(tags={\n \"elbv2.k8s.aws/cluster\": \"my-cluster\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.LB.GetLbs.Invoke(new()\n {\n Tags = \n {\n { \"elbv2.k8s.aws/cluster\", \"my-cluster\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.GetLbs(ctx, \u0026lb.GetLbsArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"elbv2.k8s.aws/cluster\": \"my-cluster\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetLbsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LbFunctions.getLbs(GetLbsArgs.builder()\n .tags(Map.of(\"elbv2.k8s.aws/cluster\", \"my-cluster\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:lb:getLbs\n Arguments:\n tags:\n elbv2.k8s.aws/cluster: my-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLbs.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired Load Balancers.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLbs.\n", "properties": { "arns": { "description": "Set of Load Balancer ARNs.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:lb/getListener:getListener": { "description": "\u003e **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\nProvides information about a Load Balancer Listener.\n\nThis data source can prove useful when a module accepts an LB Listener as an input variable and needs to know the LB it is attached to, or other information specific to the listener in question.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst listenerArn = config.require(\"listenerArn\");\nconst listener = aws.lb.getListener({\n arn: listenerArn,\n});\n// get listener from load_balancer_arn and port\nconst selected = aws.lb.getLoadBalancer({\n name: \"default-public\",\n});\nconst selected443 = selected.then(selected =\u003e aws.lb.getListener({\n loadBalancerArn: selected.arn,\n port: 443,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlistener_arn = config.require(\"listenerArn\")\nlistener = aws.lb.get_listener(arn=listener_arn)\n# get listener from load_balancer_arn and port\nselected = aws.lb.get_load_balancer(name=\"default-public\")\nselected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,\n port=443)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var listenerArn = config.Require(\"listenerArn\");\n var listener = Aws.LB.GetListener.Invoke(new()\n {\n Arn = listenerArn,\n });\n\n // get listener from load_balancer_arn and port\n var selected = Aws.LB.GetLoadBalancer.Invoke(new()\n {\n Name = \"default-public\",\n });\n\n var selected443 = Aws.LB.GetListener.Invoke(new()\n {\n LoadBalancerArn = selected.Apply(getLoadBalancerResult =\u003e getLoadBalancerResult.Arn),\n Port = 443,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlistenerArn := cfg.Require(\"listenerArn\")\n\t\t_, err := lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tArn: pulumi.StringRef(listenerArn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// get listener from load_balancer_arn and port\n\t\tselected, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tName: pulumi.StringRef(\"default-public\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.LookupListener(ctx, \u0026lb.LookupListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.StringRef(selected.Arn),\n\t\t\tPort: pulumi.IntRef(443),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetListenerArgs;\nimport com.pulumi.aws.lb.inputs.GetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var listenerArn = config.get(\"listenerArn\");\n final var listener = LbFunctions.getListener(GetListenerArgs.builder()\n .arn(listenerArn)\n .build());\n\n // get listener from load_balancer_arn and port\n final var selected = LbFunctions.getLoadBalancer(GetLoadBalancerArgs.builder()\n .name(\"default-public\")\n .build());\n\n final var selected443 = LbFunctions.getListener(GetListenerArgs.builder()\n .loadBalancerArn(selected.applyValue(getLoadBalancerResult -\u003e getLoadBalancerResult.arn()))\n .port(443)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n # get listener from listener arn\n listenerArn:\n type: string\nvariables:\n listener:\n fn::invoke:\n Function: aws:lb:getListener\n Arguments:\n arn: ${listenerArn}\n # get listener from load_balancer_arn and port\n selected:\n fn::invoke:\n Function: aws:lb:getLoadBalancer\n Arguments:\n name: default-public\n selected443:\n fn::invoke:\n Function: aws:lb:getListener\n Arguments:\n loadBalancerArn: ${selected.arn}\n port: 443\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "arn": { "type": "string", "description": "ARN of the listener. Required if `load_balancer_arn` and `port` is not set.\n" }, "loadBalancerArn": { "type": "string", "description": "ARN of the load balancer. Required if `arn` is not set.\n" }, "port": { "type": "integer", "description": "Port of the listener. Required if `arn` is not set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "alpnPolicy": { "type": "string" }, "arn": { "type": "string" }, "certificateArn": { "type": "string" }, "defaultActions": { "items": { "$ref": "#/types/aws:lb/getListenerDefaultAction:getListenerDefaultAction" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "loadBalancerArn": { "type": "string" }, "mutualAuthentications": { "items": { "$ref": "#/types/aws:lb/getListenerMutualAuthentication:getListenerMutualAuthentication" }, "type": "array" }, "port": { "type": "integer" }, "protocol": { "type": "string" }, "sslPolicy": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "alpnPolicy", "arn", "certificateArn", "defaultActions", "loadBalancerArn", "mutualAuthentications", "port", "protocol", "sslPolicy", "tags", "id" ], "type": "object" } }, "aws:lb/getLoadBalancer:getLoadBalancer": { "description": "\u003e **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.\n\nProvides information about a Load Balancer.\n\nThis data source can prove useful when a module accepts an LB as an input\nvariable and needs to, for example, determine the security groups associated\nwith it, etc.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbArn = config.get(\"lbArn\") || \"\";\nconst lbName = config.get(\"lbName\") || \"\";\nconst test = aws.lb.getLoadBalancer({\n arn: lbArn,\n name: lbName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_arn = config.get(\"lbArn\")\nif lb_arn is None:\n lb_arn = \"\"\nlb_name = config.get(\"lbName\")\nif lb_name is None:\n lb_name = \"\"\ntest = aws.lb.get_load_balancer(arn=lb_arn,\n name=lb_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbArn = config.Get(\"lbArn\") ?? \"\";\n var lbName = config.Get(\"lbName\") ?? \"\";\n var test = Aws.LB.GetLoadBalancer.Invoke(new()\n {\n Arn = lbArn,\n Name = lbName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbArn := \"\"\n\t\tif param := cfg.Get(\"lbArn\"); param != \"\" {\n\t\t\tlbArn = param\n\t\t}\n\t\tlbName := \"\"\n\t\tif param := cfg.Get(\"lbName\"); param != \"\" {\n\t\t\tlbName = param\n\t\t}\n\t\t_, err := lb.LookupLoadBalancer(ctx, \u0026lb.LookupLoadBalancerArgs{\n\t\t\tArn: pulumi.StringRef(lbArn),\n\t\t\tName: pulumi.StringRef(lbName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetLoadBalancerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbArn = config.get(\"lbArn\").orElse(\"\");\n final var lbName = config.get(\"lbName\").orElse(\"\");\n final var test = LbFunctions.getLoadBalancer(GetLoadBalancerArgs.builder()\n .arn(lbArn)\n .name(lbName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbArn:\n type: string\n default:\n lbName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:lb:getLoadBalancer\n Arguments:\n arn: ${lbArn}\n name: ${lbName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLoadBalancer.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the load balancer.\n" }, "name": { "type": "string", "description": "Unique name of the load balancer.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match a pair on the desired load balancer.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence. `tags` has lowest precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLoadBalancer.\n", "properties": { "accessLogs": { "$ref": "#/types/aws:lb/getLoadBalancerAccessLogs:getLoadBalancerAccessLogs" }, "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "clientKeepAlive": { "type": "integer" }, "connectionLogs": { "items": { "$ref": "#/types/aws:lb/getLoadBalancerConnectionLog:getLoadBalancerConnectionLog" }, "type": "array" }, "customerOwnedIpv4Pool": { "type": "string" }, "desyncMitigationMode": { "type": "string" }, "dnsName": { "type": "string" }, "dnsRecordClientRoutingPolicy": { "type": "string" }, "dropInvalidHeaderFields": { "type": "boolean" }, "enableCrossZoneLoadBalancing": { "type": "boolean" }, "enableDeletionProtection": { "type": "boolean" }, "enableHttp2": { "type": "boolean" }, "enableTlsVersionAndCipherSuiteHeaders": { "type": "boolean" }, "enableWafFailOpen": { "type": "boolean" }, "enableXffClientPort": { "type": "boolean" }, "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idleTimeout": { "type": "integer" }, "internal": { "type": "boolean" }, "ipAddressType": { "type": "string" }, "loadBalancerType": { "type": "string" }, "name": { "type": "string" }, "preserveHostHeader": { "type": "boolean" }, "securityGroups": { "items": { "type": "string" }, "type": "array" }, "subnetMappings": { "items": { "$ref": "#/types/aws:lb/getLoadBalancerSubnetMapping:getLoadBalancerSubnetMapping" }, "type": "array" }, "subnets": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "type": "string" }, "xffHeaderProcessingMode": { "type": "string" }, "zoneId": { "type": "string" } }, "required": [ "accessLogs", "arn", "arnSuffix", "clientKeepAlive", "connectionLogs", "customerOwnedIpv4Pool", "desyncMitigationMode", "dnsName", "dnsRecordClientRoutingPolicy", "dropInvalidHeaderFields", "enableCrossZoneLoadBalancing", "enableDeletionProtection", "enableHttp2", "enableTlsVersionAndCipherSuiteHeaders", "enableWafFailOpen", "enableXffClientPort", "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic", "idleTimeout", "internal", "ipAddressType", "loadBalancerType", "name", "preserveHostHeader", "securityGroups", "subnetMappings", "subnets", "tags", "vpcId", "xffHeaderProcessingMode", "zoneId", "id" ], "type": "object" } }, "aws:lb/getTargetGroup:getTargetGroup": { "description": "\u003e **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\nProvides information about a Load Balancer Target Group.\n\nThis data source can prove useful when a module accepts an LB Target Group as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Target Group for use in other resources, given LB Target Group name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTgArn = config.get(\"lbTgArn\") || \"\";\nconst lbTgName = config.get(\"lbTgName\") || \"\";\nconst test = aws.lb.getTargetGroup({\n arn: lbTgArn,\n name: lbTgName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_tg_arn = config.get(\"lbTgArn\")\nif lb_tg_arn is None:\n lb_tg_arn = \"\"\nlb_tg_name = config.get(\"lbTgName\")\nif lb_tg_name is None:\n lb_tg_name = \"\"\ntest = aws.lb.get_target_group(arn=lb_tg_arn,\n name=lb_tg_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbTgArn = config.Get(\"lbTgArn\") ?? \"\";\n var lbTgName = config.Get(\"lbTgName\") ?? \"\";\n var test = Aws.LB.GetTargetGroup.Invoke(new()\n {\n Arn = lbTgArn,\n Name = lbTgName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbTgArn := \"\"\n\t\tif param := cfg.Get(\"lbTgArn\"); param != \"\" {\n\t\t\tlbTgArn = param\n\t\t}\n\t\tlbTgName := \"\"\n\t\tif param := cfg.Get(\"lbTgName\"); param != \"\" {\n\t\t\tlbTgName = param\n\t\t}\n\t\t_, err := lb.LookupTargetGroup(ctx, \u0026lb.LookupTargetGroupArgs{\n\t\t\tArn: pulumi.StringRef(lbTgArn),\n\t\t\tName: pulumi.StringRef(lbTgName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetTargetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbTgArn = config.get(\"lbTgArn\").orElse(\"\");\n final var lbTgName = config.get(\"lbTgName\").orElse(\"\");\n final var test = LbFunctions.getTargetGroup(GetTargetGroupArgs.builder()\n .arn(lbTgArn)\n .name(lbTgName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbTgArn:\n type: string\n default:\n lbTgName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:lb:getTargetGroup\n Arguments:\n arn: ${lbTgArn}\n name: ${lbTgName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTargetGroup.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the target group.\n" }, "loadBalancingAnomalyMitigation": { "type": "string" }, "name": { "type": "string", "description": "Unique name of the target group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match a pair on the desired target group.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence. `tags` has the lowest precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTargetGroup.\n", "properties": { "arn": { "type": "string" }, "arnSuffix": { "type": "string" }, "connectionTermination": { "type": "boolean" }, "deregistrationDelay": { "type": "string" }, "healthCheck": { "$ref": "#/types/aws:lb/getTargetGroupHealthCheck:getTargetGroupHealthCheck" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lambdaMultiValueHeadersEnabled": { "type": "boolean" }, "loadBalancerArns": { "items": { "type": "string" }, "type": "array" }, "loadBalancingAlgorithmType": { "type": "string" }, "loadBalancingAnomalyMitigation": { "type": "string" }, "loadBalancingCrossZoneEnabled": { "type": "string" }, "name": { "type": "string" }, "port": { "type": "integer" }, "preserveClientIp": { "type": "string" }, "protocol": { "type": "string" }, "protocolVersion": { "type": "string" }, "proxyProtocolV2": { "type": "boolean" }, "slowStart": { "type": "integer" }, "stickiness": { "$ref": "#/types/aws:lb/getTargetGroupStickiness:getTargetGroupStickiness" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "targetType": { "type": "string" }, "vpcId": { "type": "string" } }, "required": [ "arn", "arnSuffix", "connectionTermination", "deregistrationDelay", "healthCheck", "lambdaMultiValueHeadersEnabled", "loadBalancerArns", "loadBalancingAlgorithmType", "loadBalancingAnomalyMitigation", "loadBalancingCrossZoneEnabled", "name", "port", "preserveClientIp", "protocol", "protocolVersion", "proxyProtocolV2", "slowStart", "stickiness", "tags", "targetType", "vpcId", "id" ], "type": "object" } }, "aws:lb/getTrustStore:getTrustStore": { "description": "\u003e **Note:** `aws_alb_trust_store` is known as `aws.lb.TrustStore`. The functionality is identical.\n\nProvides information about a Load Balancer Trust Store.\n\nThis data source can prove useful when a module accepts an LB Trust Store as an\ninput variable and needs to know its attributes. It can also be used to get the ARN of\nan LB Trust Store for use in other resources, given LB Trust Store name.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lbTsArn = config.get(\"lbTsArn\") || \"\";\nconst lbTsName = config.get(\"lbTsName\") || \"\";\nconst test = aws.lb.getTrustStore({\n arn: lbTsArn,\n name: lbTsName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlb_ts_arn = config.get(\"lbTsArn\")\nif lb_ts_arn is None:\n lb_ts_arn = \"\"\nlb_ts_name = config.get(\"lbTsName\")\nif lb_ts_name is None:\n lb_ts_name = \"\"\ntest = aws.lb.get_trust_store(arn=lb_ts_arn,\n name=lb_ts_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lbTsArn = config.Get(\"lbTsArn\") ?? \"\";\n var lbTsName = config.Get(\"lbTsName\") ?? \"\";\n var test = Aws.LB.GetTrustStore.Invoke(new()\n {\n Arn = lbTsArn,\n Name = lbTsName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlbTsArn := \"\"\n\t\tif param := cfg.Get(\"lbTsArn\"); param != \"\" {\n\t\t\tlbTsArn = param\n\t\t}\n\t\tlbTsName := \"\"\n\t\tif param := cfg.Get(\"lbTsName\"); param != \"\" {\n\t\t\tlbTsName = param\n\t\t}\n\t\t_, err := lb.LookupTrustStore(ctx, \u0026lb.LookupTrustStoreArgs{\n\t\t\tArn: pulumi.StringRef(lbTsArn),\n\t\t\tName: pulumi.StringRef(lbTsName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LbFunctions;\nimport com.pulumi.aws.lb.inputs.GetTrustStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lbTsArn = config.get(\"lbTsArn\").orElse(\"\");\n final var lbTsName = config.get(\"lbTsName\").orElse(\"\");\n final var test = LbFunctions.getTrustStore(GetTrustStoreArgs.builder()\n .arn(lbTsArn)\n .name(lbTsName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lbTsArn:\n type: string\n default:\n lbTsName:\n type: string\n default:\nvariables:\n test:\n fn::invoke:\n Function: aws:lb:getTrustStore\n Arguments:\n arn: ${lbTsArn}\n name: ${lbTsName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTrustStore.\n", "properties": { "arn": { "type": "string", "description": "Full ARN of the trust store.\n" }, "name": { "type": "string", "description": "Unique name of the trust store.\n\n\u003e **NOTE:** When both `arn` and `name` are specified, `arn` takes precedence.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTrustStore.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "name", "id" ], "type": "object" } }, "aws:lex/getBot:getBot": { "description": "Provides details about a specific Amazon Lex Bot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowersBot = aws.lex.getBot({\n name: \"OrderFlowers\",\n version: \"$LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers_bot = aws.lex.get_bot(name=\"OrderFlowers\",\n version=\"$LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowersBot = Aws.Lex.GetBot.Invoke(new()\n {\n Name = \"OrderFlowers\",\n Version = \"$LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.LookupBot(ctx, \u0026lex.LookupBotArgs{\n\t\t\tName: \"OrderFlowers\",\n\t\t\tVersion: pulumi.StringRef(\"$LATEST\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.LexFunctions;\nimport com.pulumi.aws.lex.inputs.GetBotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var orderFlowersBot = LexFunctions.getBot(GetBotArgs.builder()\n .name(\"OrderFlowers\")\n .version(\"$LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n orderFlowersBot:\n fn::invoke:\n Function: aws:lex:getBot\n Arguments:\n name: OrderFlowers\n version: $LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBot.\n", "properties": { "name": { "type": "string", "description": "Name of the bot. The name is case sensitive.\n" }, "version": { "type": "string", "description": "Version or alias of the bot.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getBot.\n", "properties": { "arn": { "description": "ARN of the bot.\n", "type": "string" }, "checksum": { "description": "Checksum of the bot used to identify a specific revision of the bot's `$LATEST` version.\n", "type": "string" }, "childDirected": { "description": "If this Amazon Lex Bot is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA.\n", "type": "boolean" }, "createdDate": { "description": "Date that the bot was created.\n", "type": "string" }, "description": { "description": "Description of the bot.\n", "type": "string" }, "detectSentiment": { "description": "When set to true user utterances are sent to Amazon Comprehend for sentiment analysis.\n", "type": "boolean" }, "enableModelImprovements": { "description": "Set to true if natural language understanding improvements are enabled.\n", "type": "boolean" }, "failureReason": { "description": "If the `status` is `FAILED`, the reason why the bot failed to build.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idleSessionTtlInSeconds": { "description": "The maximum time in seconds that Amazon Lex retains the data gathered in a conversation.\n", "type": "integer" }, "lastUpdatedDate": { "description": "Date that the bot was updated.\n", "type": "string" }, "locale": { "description": "Target locale for the bot. Any intent used in the bot must be compatible with the locale of the bot.\n", "type": "string" }, "name": { "description": "Name of the bot, case sensitive.\n", "type": "string" }, "nluIntentConfidenceThreshold": { "description": "The threshold where Amazon Lex will insert the AMAZON.FallbackIntent, AMAZON.KendraSearchIntent, or both when returning alternative intents in a PostContent or PostText response. AMAZON.FallbackIntent and AMAZON.KendraSearchIntent are only inserted if they are configured for the bot.\n", "type": "number" }, "status": { "description": "Status of the bot.\n", "type": "string" }, "version": { "description": "Version of the bot. For a new bot, the version is always `$LATEST`.\n", "type": "string" }, "voiceId": { "description": "Amazon Polly voice ID that the Amazon Lex Bot uses for voice interactions with the user.\n", "type": "string" } }, "required": [ "arn", "checksum", "childDirected", "createdDate", "description", "detectSentiment", "enableModelImprovements", "failureReason", "idleSessionTtlInSeconds", "lastUpdatedDate", "locale", "name", "nluIntentConfidenceThreshold", "status", "voiceId", "id" ], "type": "object" } }, "aws:lex/getBotAlias:getBotAlias": { "description": "Provides details about a specific Amazon Lex Bot Alias.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowersProd = aws.lex.getBotAlias({\n botName: \"OrderFlowers\",\n name: \"OrderFlowersProd\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers_prod = aws.lex.get_bot_alias(bot_name=\"OrderFlowers\",\n name=\"OrderFlowersProd\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowersProd = Aws.Lex.GetBotAlias.Invoke(new()\n {\n BotName = \"OrderFlowers\",\n Name = \"OrderFlowersProd\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.LookupBotAlias(ctx, \u0026lex.LookupBotAliasArgs{\n\t\t\tBotName: \"OrderFlowers\",\n\t\t\tName: \"OrderFlowersProd\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.LexFunctions;\nimport com.pulumi.aws.lex.inputs.GetBotAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var orderFlowersProd = LexFunctions.getBotAlias(GetBotAliasArgs.builder()\n .botName(\"OrderFlowers\")\n .name(\"OrderFlowersProd\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n orderFlowersProd:\n fn::invoke:\n Function: aws:lex:getBotAlias\n Arguments:\n botName: OrderFlowers\n name: OrderFlowersProd\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBotAlias.\n", "properties": { "botName": { "type": "string", "description": "Name of the bot.\n" }, "name": { "type": "string", "description": "Name of the bot alias. The name is case sensitive.\n" } }, "type": "object", "required": [ "botName", "name" ] }, "outputs": { "description": "A collection of values returned by getBotAlias.\n", "properties": { "arn": { "description": "ARN of the bot alias.\n", "type": "string" }, "botName": { "description": "Name of the bot.\n", "type": "string" }, "botVersion": { "description": "Version of the bot that the alias points to.\n", "type": "string" }, "checksum": { "description": "Checksum of the bot alias.\n", "type": "string" }, "createdDate": { "description": "Date that the bot alias was created.\n", "type": "string" }, "description": { "description": "Description of the alias.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Date that the bot alias was updated. When you create a resource, the creation date and the last updated date are the same.\n", "type": "string" }, "name": { "description": "Name of the alias. The name is not case sensitive.\n", "type": "string" } }, "required": [ "arn", "botName", "botVersion", "checksum", "createdDate", "description", "lastUpdatedDate", "name", "id" ], "type": "object" } }, "aws:lex/getIntent:getIntent": { "description": "Provides details about a specific Amazon Lex Intent.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst orderFlowers = aws.lex.getIntent({\n name: \"OrderFlowers\",\n version: \"$LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norder_flowers = aws.lex.get_intent(name=\"OrderFlowers\",\n version=\"$LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var orderFlowers = Aws.Lex.GetIntent.Invoke(new()\n {\n Name = \"OrderFlowers\",\n Version = \"$LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.LookupIntent(ctx, \u0026lex.LookupIntentArgs{\n\t\t\tName: \"OrderFlowers\",\n\t\t\tVersion: pulumi.StringRef(\"$LATEST\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.LexFunctions;\nimport com.pulumi.aws.lex.inputs.GetIntentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var orderFlowers = LexFunctions.getIntent(GetIntentArgs.builder()\n .name(\"OrderFlowers\")\n .version(\"$LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n orderFlowers:\n fn::invoke:\n Function: aws:lex:getIntent\n Arguments:\n name: OrderFlowers\n version: $LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIntent.\n", "properties": { "name": { "type": "string", "description": "Name of the intent. The name is case sensitive.\n" }, "version": { "type": "string", "description": "Version of the intent.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getIntent.\n", "properties": { "arn": { "description": "ARN of the Lex intent.\n", "type": "string" }, "checksum": { "description": "Checksum identifying the version of the intent that was created. The checksum is not\nincluded as an argument because the resource will add it automatically when updating the intent.\n", "type": "string" }, "createdDate": { "description": "Date when the intent version was created.\n", "type": "string" }, "description": { "description": "Description of the intent.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Date when the $LATEST version of this intent was updated.\n", "type": "string" }, "name": { "description": "Name of the intent, not case sensitive.\n", "type": "string" }, "parentIntentSignature": { "description": "A unique identifier for the built-in intent to base this\nintent on. To find the signature for an intent, see\n[Standard Built-in Intents](https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/built-in-intent-ref/standard-intents)\nin the Alexa Skills Kit.\n", "type": "string" }, "version": { "description": "Version of the bot.\n", "type": "string" } }, "required": [ "arn", "checksum", "createdDate", "description", "lastUpdatedDate", "name", "parentIntentSignature", "id" ], "type": "object" } }, "aws:lex/getSlotType:getSlotType": { "description": "Provides details about a specific Amazon Lex Slot Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst flowerTypes = aws.lex.getSlotType({\n name: \"FlowerTypes\",\n version: \"1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nflower_types = aws.lex.get_slot_type(name=\"FlowerTypes\",\n version=\"1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var flowerTypes = Aws.Lex.GetSlotType.Invoke(new()\n {\n Name = \"FlowerTypes\",\n Version = \"1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lex.LookupSlotType(ctx, \u0026lex.LookupSlotTypeArgs{\n\t\t\tName: \"FlowerTypes\",\n\t\t\tVersion: pulumi.StringRef(\"1\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lex.LexFunctions;\nimport com.pulumi.aws.lex.inputs.GetSlotTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var flowerTypes = LexFunctions.getSlotType(GetSlotTypeArgs.builder()\n .name(\"FlowerTypes\")\n .version(\"1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n flowerTypes:\n fn::invoke:\n Function: aws:lex:getSlotType\n Arguments:\n name: FlowerTypes\n version: '1'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSlotType.\n", "properties": { "name": { "type": "string", "description": "Name of the slot type. The name is case sensitive.\n" }, "version": { "type": "string", "description": "Version of the slot type.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSlotType.\n", "properties": { "checksum": { "description": "Checksum identifying the version of the slot type that was created. The checksum is\nnot included as an argument because the resource will add it automatically when updating the slot type.\n", "type": "string" }, "createdDate": { "description": "Date when the slot type version was created.\n", "type": "string" }, "description": { "description": "Description of the slot type.\n", "type": "string" }, "enumerationValues": { "description": "Set of EnumerationValue objects that defines the values that\nthe slot type can take. Each value can have a set of synonyms, which are additional values that help\ntrain the machine learning model about the values that it resolves for a slot.\n", "items": { "$ref": "#/types/aws:lex/getSlotTypeEnumerationValue:getSlotTypeEnumerationValue" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedDate": { "description": "Date when the $LATEST version of this slot type was updated.\n", "type": "string" }, "name": { "description": "Name of the slot type. The name is not case sensitive.\n", "type": "string" }, "valueSelectionStrategy": { "description": "Determines the slot resolution strategy that Amazon Lex\nuses to return slot type values. `ORIGINAL_VALUE` returns the value entered by the user if the user\nvalue is similar to the slot value. `TOP_RESOLUTION` returns the first value in the resolution list\nif there is a resolution list for the slot, otherwise null is returned.\n", "type": "string" }, "version": { "description": "Version of the slot type.\n", "type": "string" } }, "required": [ "checksum", "createdDate", "description", "enumerationValues", "lastUpdatedDate", "name", "valueSelectionStrategy", "id" ], "type": "object" } }, "aws:licensemanager/getLicenseGrants:getLicenseGrants": { "description": "This resource can be used to get a set of license grant ARNs matching a filter.\n\n## Example Usage\n\nThe following shows getting all license grant ARNs granted to your account.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst test = current.then(current =\u003e aws.licensemanager.getLicenseGrants({\n filters: [{\n name: \"GranteePrincipalARN\",\n values: [`arn:aws:iam::${current.accountId}:root`],\n }],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ntest = aws.licensemanager.get_license_grants(filters=[{\n \"name\": \"GranteePrincipalARN\",\n \"values\": [f\"arn:aws:iam::{current.account_id}:root\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var test = Aws.LicenseManager.GetLicenseGrants.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.LicenseManager.Inputs.GetLicenseGrantsFilterInputArgs\n {\n Name = \"GranteePrincipalARN\",\n Values = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = licensemanager.GetLicenseGrants(ctx, \u0026licensemanager.GetLicenseGrantsArgs{\n\t\t\tFilters: []licensemanager.GetLicenseGrantsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"GranteePrincipalARN\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.licensemanager.LicensemanagerFunctions;\nimport com.pulumi.aws.licensemanager.inputs.GetLicenseGrantsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var test = LicensemanagerFunctions.getLicenseGrants(GetLicenseGrantsArgs.builder()\n .filters(GetLicenseGrantsFilterArgs.builder()\n .name(\"GranteePrincipalARN\")\n .values(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n test:\n fn::invoke:\n Function: aws:licensemanager:getLicenseGrants\n Arguments:\n filters:\n - name: GranteePrincipalARN\n values:\n - arn:aws:iam::${current.accountId}:root\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLicenseGrants.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:licensemanager/getLicenseGrantsFilter:getLicenseGrantsFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getLicenseGrants.\n", "properties": { "arns": { "description": "List of all the license grant ARNs found.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:licensemanager/getLicenseGrantsFilter:getLicenseGrantsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:licensemanager/getReceivedLicense:getReceivedLicense": { "description": "This resource can be used to get data on a received license using an ARN. This can be helpful for pulling in data on a license from the AWS marketplace and sharing that license with another account.\n\n## Example Usage\n\nThe following shows getting the received license data using and ARN.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.licensemanager.getReceivedLicense({\n licenseArn: \"arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.licensemanager.get_received_license(license_arn=\"arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.LicenseManager.GetReceivedLicense.Invoke(new()\n {\n LicenseArn = \"arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.GetReceivedLicense(ctx, \u0026licensemanager.GetReceivedLicenseArgs{\n\t\t\tLicenseArn: \"arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicensemanagerFunctions;\nimport com.pulumi.aws.licensemanager.inputs.GetReceivedLicenseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = LicensemanagerFunctions.getReceivedLicense(GetReceivedLicenseArgs.builder()\n .licenseArn(\"arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:licensemanager:getReceivedLicense\n Arguments:\n licenseArn: arn:aws:license-manager::111111111111:license:l-ecbaa94eb71a4830b6d7e49268fecaa0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReceivedLicense.\n", "properties": { "licenseArn": { "type": "string", "description": "The ARN of the received license you want data for.\n" } }, "type": "object", "required": [ "licenseArn" ] }, "outputs": { "description": "A collection of values returned by getReceivedLicense.\n", "properties": { "beneficiary": { "description": "Granted license beneficiary. This is in the form of the ARN of the root user of the account.\n", "type": "string" }, "consumptionConfigurations": { "description": "Configuration for consumption of the license. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseConsumptionConfiguration:getReceivedLicenseConsumptionConfiguration" }, "type": "array" }, "createTime": { "description": "Creation time of the granted license in RFC 3339 format.\n", "type": "string" }, "entitlements": { "description": "License entitlements. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseEntitlement:getReceivedLicenseEntitlement" }, "type": "array" }, "homeRegion": { "description": "Home Region of the granted license.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "issuers": { "description": "Granted license issuer. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseIssuer:getReceivedLicenseIssuer" }, "type": "array" }, "licenseArn": { "description": "Amazon Resource Name (ARN) of the license.\n", "type": "string" }, "licenseMetadatas": { "description": "Granted license metadata. This is in the form of a set of all meta data. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseLicenseMetadata:getReceivedLicenseLicenseMetadata" }, "type": "array" }, "licenseName": { "description": "License name.\n", "type": "string" }, "productName": { "description": "Product name.\n* `product_sku ` - Product SKU.\n", "type": "string" }, "productSku": { "type": "string" }, "receivedMetadatas": { "description": "Granted license received metadata. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseReceivedMetadata:getReceivedLicenseReceivedMetadata" }, "type": "array" }, "status": { "description": "Granted license status.\n", "type": "string" }, "validities": { "description": "Date and time range during which the granted license is valid, in ISO8601-UTC format. Detailed below\n", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicenseValidity:getReceivedLicenseValidity" }, "type": "array" }, "version": { "description": "Version of the granted license.\n", "type": "string" } }, "required": [ "beneficiary", "consumptionConfigurations", "createTime", "entitlements", "homeRegion", "issuers", "licenseArn", "licenseMetadatas", "licenseName", "productName", "productSku", "receivedMetadatas", "status", "validities", "version", "id" ], "type": "object" } }, "aws:licensemanager/getReceivedLicenses:getReceivedLicenses": { "description": "This resource can be used to get a set of license ARNs matching a filter.\n\n## Example Usage\n\nThe following shows getting all license ARNs issued from the AWS marketplace. Providing no filter, would provide all license ARNs for the entire account.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.licensemanager.getReceivedLicenses({\n filters: [{\n name: \"IssuerName\",\n values: [\"AWS/Marketplace\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.licensemanager.get_received_licenses(filters=[{\n \"name\": \"IssuerName\",\n \"values\": [\"AWS/Marketplace\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.LicenseManager.GetReceivedLicenses.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.LicenseManager.Inputs.GetReceivedLicensesFilterInputArgs\n {\n Name = \"IssuerName\",\n Values = new[]\n {\n \"AWS/Marketplace\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/licensemanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := licensemanager.GetReceivedLicenses(ctx, \u0026licensemanager.GetReceivedLicensesArgs{\n\t\t\tFilters: []licensemanager.GetReceivedLicensesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"IssuerName\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"AWS/Marketplace\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.licensemanager.LicensemanagerFunctions;\nimport com.pulumi.aws.licensemanager.inputs.GetReceivedLicensesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = LicensemanagerFunctions.getReceivedLicenses(GetReceivedLicensesArgs.builder()\n .filters(GetReceivedLicensesFilterArgs.builder()\n .name(\"IssuerName\")\n .values(\"AWS/Marketplace\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:licensemanager:getReceivedLicenses\n Arguments:\n filters:\n - name: IssuerName\n values:\n - AWS/Marketplace\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReceivedLicenses.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicensesFilter:getReceivedLicensesFilter" }, "description": "Custom filter block as described below.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getReceivedLicenses.\n", "properties": { "arns": { "description": "List of all the license ARNs found.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:licensemanager/getReceivedLicensesFilter:getReceivedLicensesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:location/getGeofenceCollection:getGeofenceCollection": { "description": "Retrieve information about a Location Service Geofence Collection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getGeofenceCollection({\n collectionName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_geofence_collection(collection_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetGeofenceCollection.Invoke(new()\n {\n CollectionName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.LookupGeofenceCollection(ctx, \u0026location.LookupGeofenceCollectionArgs{\n\t\t\tCollectionName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetGeofenceCollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getGeofenceCollection(GetGeofenceCollectionArgs.builder()\n .collectionName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getGeofenceCollection\n Arguments:\n collectionName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGeofenceCollection.\n", "properties": { "collectionName": { "type": "string", "description": "Name of the geofence collection.\n" }, "kmsKeyId": { "type": "string", "description": "Key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the geofence collection.\n" } }, "type": "object", "required": [ "collectionName" ] }, "outputs": { "description": "A collection of values returned by getGeofenceCollection.\n", "properties": { "collectionArn": { "description": "ARN for the geofence collection resource. Used when you need to specify a resource across all AWS.\n", "type": "string" }, "collectionName": { "type": "string" }, "createTime": { "description": "Timestamp for when the geofence collection resource was created in ISO 8601 format.\n", "type": "string" }, "description": { "description": "Optional description of the geofence collection resource.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "Key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the geofence collection.\n", "type": "object" }, "updateTime": { "description": "Timestamp for when the geofence collection resource was last updated in ISO 8601 format.\n", "type": "string" } }, "required": [ "collectionArn", "collectionName", "createTime", "description", "kmsKeyId", "tags", "updateTime", "id" ], "type": "object" } }, "aws:location/getMap:getMap": { "description": "Retrieve information about a Location Service Map.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getMap({\n mapName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_map(map_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetMap.Invoke(new()\n {\n MapName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.LookupMap(ctx, \u0026location.LookupMapArgs{\n\t\t\tMapName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetMapArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getMap(GetMapArgs.builder()\n .mapName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getMap\n Arguments:\n mapName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMap.\n", "properties": { "mapName": { "type": "string", "description": "Name of the map resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the map.\n" } }, "type": "object", "required": [ "mapName" ] }, "outputs": { "description": "A collection of values returned by getMap.\n", "properties": { "configurations": { "description": "List of configurations that specify the map tile style selected from a partner data provider.\n", "items": { "$ref": "#/types/aws:location/getMapConfiguration:getMapConfiguration" }, "type": "array" }, "createTime": { "description": "Timestamp for when the map resource was created in ISO 8601 format.\n", "type": "string" }, "description": { "description": "Optional description for the map resource.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "mapArn": { "description": "ARN for the map resource.\n", "type": "string" }, "mapName": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the map.\n", "type": "object" }, "updateTime": { "description": "Timestamp for when the map resource was last updated in ISO 8601 format.\n", "type": "string" } }, "required": [ "configurations", "createTime", "description", "mapArn", "mapName", "tags", "updateTime", "id" ], "type": "object" } }, "aws:location/getPlaceIndex:getPlaceIndex": { "description": "Retrieve information about a Location Service Place Index.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getPlaceIndex({\n indexName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_place_index(index_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetPlaceIndex.Invoke(new()\n {\n IndexName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.LookupPlaceIndex(ctx, \u0026location.LookupPlaceIndexArgs{\n\t\t\tIndexName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetPlaceIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getPlaceIndex(GetPlaceIndexArgs.builder()\n .indexName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getPlaceIndex\n Arguments:\n indexName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPlaceIndex.\n", "properties": { "indexName": { "type": "string", "description": "Name of the place index resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the place index.\n" } }, "type": "object", "required": [ "indexName" ] }, "outputs": { "description": "A collection of values returned by getPlaceIndex.\n", "properties": { "createTime": { "description": "Timestamp for when the place index resource was created in ISO 8601 format.\n", "type": "string" }, "dataSource": { "description": "Data provider of geospatial data.\n", "type": "string" }, "dataSourceConfigurations": { "description": "List of configurations that specify data storage option for requesting Places.\n", "items": { "$ref": "#/types/aws:location/getPlaceIndexDataSourceConfiguration:getPlaceIndexDataSourceConfiguration" }, "type": "array" }, "description": { "description": "Optional description for the place index resource.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "indexArn": { "description": "ARN for the place index resource.\n", "type": "string" }, "indexName": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the place index.\n", "type": "object" }, "updateTime": { "description": "Timestamp for when the place index resource was last updated in ISO 8601 format.\n", "type": "string" } }, "required": [ "createTime", "dataSource", "dataSourceConfigurations", "description", "indexArn", "indexName", "tags", "updateTime", "id" ], "type": "object" } }, "aws:location/getRouteCalculator:getRouteCalculator": { "description": "Retrieve information about a Location Service Route Calculator.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getRouteCalculator({\n calculatorName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_route_calculator(calculator_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetRouteCalculator.Invoke(new()\n {\n CalculatorName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.GetRouteCalculator(ctx, \u0026location.GetRouteCalculatorArgs{\n\t\t\tCalculatorName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetRouteCalculatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getRouteCalculator(GetRouteCalculatorArgs.builder()\n .calculatorName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getRouteCalculator\n Arguments:\n calculatorName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRouteCalculator.\n", "properties": { "calculatorName": { "type": "string", "description": "Name of the route calculator resource.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the route calculator.\n" } }, "type": "object", "required": [ "calculatorName" ] }, "outputs": { "description": "A collection of values returned by getRouteCalculator.\n", "properties": { "calculatorArn": { "description": "ARN for the Route calculator resource. Use the ARN when you specify a resource across AWS.\n", "type": "string" }, "calculatorName": { "type": "string" }, "createTime": { "description": "Timestamp for when the route calculator resource was created in ISO 8601 format.\n", "type": "string" }, "dataSource": { "description": "Data provider of traffic and road network data.\n", "type": "string" }, "description": { "description": "Optional description of the route calculator resource.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the route calculator.\n", "type": "object" }, "updateTime": { "description": "Timestamp for when the route calculator resource was last updated in ISO 8601 format.\n", "type": "string" } }, "required": [ "calculatorArn", "calculatorName", "createTime", "dataSource", "description", "tags", "updateTime", "id" ], "type": "object" } }, "aws:location/getTracker:getTracker": { "description": "Retrieve information about a Location Service Tracker.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getTracker({\n trackerName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_tracker(tracker_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetTracker.Invoke(new()\n {\n TrackerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.LookupTracker(ctx, \u0026location.LookupTrackerArgs{\n\t\t\tTrackerName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetTrackerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getTracker(GetTrackerArgs.builder()\n .trackerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getTracker\n Arguments:\n trackerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTracker.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the tracker.\n" }, "trackerName": { "type": "string", "description": "Name of the tracker resource.\n" } }, "type": "object", "required": [ "trackerName" ] }, "outputs": { "description": "A collection of values returned by getTracker.\n", "properties": { "createTime": { "description": "Timestamp for when the tracker resource was created in ISO 8601 format.\n", "type": "string" }, "description": { "description": "Optional description for the tracker resource.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "Key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.\n", "type": "string" }, "positionFiltering": { "description": "Position filtering method of the tracker resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the tracker.\n", "type": "object" }, "trackerArn": { "description": "ARN for the tracker resource. Used when you need to specify a resource across all AWS.\n", "type": "string" }, "trackerName": { "type": "string" }, "updateTime": { "description": "Timestamp for when the tracker resource was last updated in ISO 8601 format.\n", "type": "string" } }, "required": [ "createTime", "description", "kmsKeyId", "positionFiltering", "tags", "trackerArn", "trackerName", "updateTime", "id" ], "type": "object" } }, "aws:location/getTrackerAssociation:getTrackerAssociation": { "description": "Retrieve information about a Location Service Tracker Association.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getTrackerAssociation({\n consumerArn: \"arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\",\n trackerName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_tracker_association(consumer_arn=\"arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\",\n tracker_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetTrackerAssociation.Invoke(new()\n {\n ConsumerArn = \"arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\",\n TrackerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.LookupTrackerAssociation(ctx, \u0026location.LookupTrackerAssociationArgs{\n\t\t\tConsumerArn: \"arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\",\n\t\t\tTrackerName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetTrackerAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getTrackerAssociation(GetTrackerAssociationArgs.builder()\n .consumerArn(\"arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\")\n .trackerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getTrackerAssociation\n Arguments:\n consumerArn: arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer\n trackerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTrackerAssociation.\n", "properties": { "consumerArn": { "type": "string", "description": "ARN of the geofence collection associated to tracker resource.\n" }, "trackerName": { "type": "string", "description": "Name of the tracker resource associated with a geofence collection.\n" } }, "type": "object", "required": [ "consumerArn", "trackerName" ] }, "outputs": { "description": "A collection of values returned by getTrackerAssociation.\n", "properties": { "consumerArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "trackerName": { "type": "string" } }, "required": [ "consumerArn", "trackerName", "id" ], "type": "object" } }, "aws:location/getTrackerAssociations:getTrackerAssociations": { "description": "Retrieve information about Location Service Tracker Associations.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.location.getTrackerAssociations({\n trackerName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.location.get_tracker_associations(tracker_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Location.GetTrackerAssociations.Invoke(new()\n {\n TrackerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/location\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := location.GetTrackerAssociations(ctx, \u0026location.GetTrackerAssociationsArgs{\n\t\t\tTrackerName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.location.LocationFunctions;\nimport com.pulumi.aws.location.inputs.GetTrackerAssociationsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = LocationFunctions.getTrackerAssociations(GetTrackerAssociationsArgs.builder()\n .trackerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:location:getTrackerAssociations\n Arguments:\n trackerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTrackerAssociations.\n", "properties": { "trackerName": { "type": "string", "description": "Name of the tracker resource associated with a geofence collection.\n" } }, "type": "object", "required": [ "trackerName" ] }, "outputs": { "description": "A collection of values returned by getTrackerAssociations.\n", "properties": { "consumerArns": { "description": "List of geofence collection ARNs associated to the tracker resource.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "trackerName": { "type": "string" } }, "required": [ "consumerArns", "trackerName", "id" ], "type": "object" } }, "aws:mediaconvert/getQueue:getQueue": { "description": "Retrieve information about a AWS Elemental MediaConvert Queue.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.mediaconvert.getQueue({\n id: \"tf-example-queue\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mediaconvert.get_queue(id=\"tf-example-queue\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MediaConvert.GetQueue.Invoke(new()\n {\n Id = \"tf-example-queue\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mediaconvert\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mediaconvert.LookupQueue(ctx, \u0026mediaconvert.LookupQueueArgs{\n\t\t\tId: \"tf-example-queue\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mediaconvert.MediaconvertFunctions;\nimport com.pulumi.aws.mediaconvert.inputs.GetQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MediaconvertFunctions.getQueue(GetQueueArgs.builder()\n .id(\"tf-example-queue\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:mediaconvert:getQueue\n Arguments:\n id: tf-example-queue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQueue.\n", "properties": { "id": { "type": "string", "description": "Unique identifier of the queue. The same as `name`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getQueue.\n", "properties": { "arn": { "description": "The Arn of the queue.\n", "type": "string" }, "id": { "type": "string" }, "name": { "description": "The same as `id`.\n", "type": "string" }, "status": { "description": "The status of the queue.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "type": "object" } }, "required": [ "arn", "id", "name", "status", "tags" ], "type": "object" } }, "aws:medialive/getInput:getInput": { "description": "Data source for managing an AWS Elemental MediaLive Input.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.medialive.getInput({\n id: exampleAwsMedialiveInput.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.medialive.get_input(id=example_aws_medialive_input[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MediaLive.GetInput.Invoke(new()\n {\n Id = exampleAwsMedialiveInput.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/medialive\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := medialive.LookupInput(ctx, \u0026medialive.LookupInputArgs{\n\t\t\tId: exampleAwsMedialiveInput.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.medialive.MedialiveFunctions;\nimport com.pulumi.aws.medialive.inputs.GetInputArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MedialiveFunctions.getInput(GetInputArgs.builder()\n .id(exampleAwsMedialiveInput.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:medialive:getInput\n Arguments:\n id: ${exampleAwsMedialiveInput.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInput.\n", "properties": { "id": { "type": "string", "description": "The ID of the Input.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getInput.\n", "properties": { "arn": { "description": "ARN of the Input.\n", "type": "string" }, "attachedChannels": { "description": "Channels attached to Input.\n", "items": { "type": "string" }, "type": "array" }, "destinations": { "items": { "$ref": "#/types/aws:medialive/getInputDestination:getInputDestination" }, "type": "array" }, "id": { "type": "string" }, "inputClass": { "description": "The input class.\n", "type": "string" }, "inputDevices": { "description": "Settings for the devices.\n", "items": { "$ref": "#/types/aws:medialive/getInputInputDevice:getInputInputDevice" }, "type": "array" }, "inputPartnerIds": { "description": "A list of IDs for all Inputs which are partners of this one.\n", "items": { "type": "string" }, "type": "array" }, "inputSourceType": { "description": "Source type of the input.\n", "type": "string" }, "mediaConnectFlows": { "description": "A list of the MediaConnect Flows.\n", "items": { "$ref": "#/types/aws:medialive/getInputMediaConnectFlow:getInputMediaConnectFlow" }, "type": "array" }, "name": { "description": "Name of the input.\n", "type": "string" }, "roleArn": { "description": "The ARN of the role this input assumes during and after creation.\n", "type": "string" }, "securityGroups": { "description": "List of input security groups.\n", "items": { "type": "string" }, "type": "array" }, "sources": { "description": "The source URLs for a PULL-type input.\n", "items": { "$ref": "#/types/aws:medialive/getInputSource:getInputSource" }, "type": "array" }, "state": { "description": "The state of the input.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the Input.\n", "type": "object" }, "type": { "description": "The type of the input.\n", "type": "string" } }, "required": [ "arn", "attachedChannels", "destinations", "id", "inputClass", "inputDevices", "inputPartnerIds", "inputSourceType", "mediaConnectFlows", "name", "roleArn", "securityGroups", "sources", "state", "tags", "type" ], "type": "object" } }, "aws:memorydb/getAcl:getAcl": { "description": "Provides information about a MemoryDB ACL.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getAcl({\n name: \"my-acl\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_acl(name=\"my-acl\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetAcl.Invoke(new()\n {\n Name = \"my-acl\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupAcl(ctx, \u0026memorydb.LookupAclArgs{\n\t\t\tName: \"my-acl\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetAclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getAcl(GetAclArgs.builder()\n .name(\"my-acl\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getAcl\n Arguments:\n name: my-acl\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAcl.\n", "properties": { "name": { "type": "string", "description": "Name of the ACL.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the ACL.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getAcl.\n", "properties": { "arn": { "description": "ARN of the ACL.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "minimumEngineVersion": { "description": "The minimum engine version supported by the ACL.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the ACL.\n", "type": "object" }, "userNames": { "description": "Set of MemoryDB user names included in this ACL.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "minimumEngineVersion", "name", "tags", "userNames", "id" ], "type": "object" } }, "aws:memorydb/getCluster:getCluster": { "description": "Provides information about a MemoryDB Cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getCluster({\n name: \"my-cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_cluster(name=\"my-cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetCluster.Invoke(new()\n {\n Name = \"my-cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupCluster(ctx, \u0026memorydb.LookupClusterArgs{\n\t\t\tName: \"my-cluster\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getCluster(GetClusterArgs.builder()\n .name(\"my-cluster\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getCluster\n Arguments:\n name: my-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "name": { "type": "string", "description": "Name of the cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the cluster.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "aclName": { "description": "Name of the Access Control List associated with the cluster.\n", "type": "string" }, "arn": { "description": "ARN of the cluster.\n", "type": "string" }, "autoMinorVersionUpgrade": { "description": "True when the cluster allows automatic minor version upgrades.\n", "type": "boolean" }, "clusterEndpoints": { "items": { "$ref": "#/types/aws:memorydb/getClusterClusterEndpoint:getClusterClusterEndpoint" }, "type": "array" }, "dataTiering": { "description": "True when data tiering is enabled.\n", "type": "boolean" }, "description": { "description": "Description for the cluster.\n", "type": "string" }, "enginePatchVersion": { "description": "Patch version number of the Redis engine used by the cluster.\n", "type": "string" }, "engineVersion": { "description": "Version number of the Redis engine used by the cluster.\n", "type": "string" }, "finalSnapshotName": { "description": "Name of the final cluster snapshot to be created when this resource is deleted. If omitted, no final snapshot will be made.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyArn": { "description": "ARN of the KMS key used to encrypt the cluster at rest.\n", "type": "string" }, "maintenanceWindow": { "description": "Weekly time range during which maintenance on the cluster is performed. Specify as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). Example: `sun:23:00-mon:01:30`.\n", "type": "string" }, "name": { "description": "Name of this node.\n", "type": "string" }, "nodeType": { "description": "Compute and memory capacity of the nodes in the cluster.\n", "type": "string" }, "numReplicasPerShard": { "description": "The number of replicas to apply to each shard.\n", "type": "integer" }, "numShards": { "description": "Number of shards in the cluster.\n", "type": "integer" }, "parameterGroupName": { "description": "The name of the parameter group associated with the cluster.\n", "type": "string" }, "port": { "description": "Port number that this node is listening on.\n", "type": "integer" }, "securityGroupIds": { "description": "Set of VPC Security Group ID-s associated with this cluster.\n", "items": { "type": "string" }, "type": "array" }, "shards": { "description": "Set of shards in this cluster.\n", "items": { "$ref": "#/types/aws:memorydb/getClusterShard:getClusterShard" }, "type": "array" }, "snapshotRetentionLimit": { "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. When set to `0`, automatic backups are disabled.\n", "type": "integer" }, "snapshotWindow": { "description": "Daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: `05:00-09:00`.\n", "type": "string" }, "snsTopicArn": { "description": "ARN of the SNS topic to which cluster notifications are sent.\n", "type": "string" }, "subnetGroupName": { "description": "The name of the subnet group used for the cluster.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the cluster.\n", "type": "object" }, "tlsEnabled": { "description": "When true, in-transit encryption is enabled for the cluster.\n", "type": "boolean" } }, "required": [ "aclName", "arn", "autoMinorVersionUpgrade", "clusterEndpoints", "dataTiering", "description", "enginePatchVersion", "engineVersion", "finalSnapshotName", "kmsKeyArn", "maintenanceWindow", "name", "nodeType", "numReplicasPerShard", "numShards", "parameterGroupName", "port", "securityGroupIds", "shards", "snapshotRetentionLimit", "snapshotWindow", "snsTopicArn", "subnetGroupName", "tags", "tlsEnabled", "id" ], "type": "object" } }, "aws:memorydb/getParameterGroup:getParameterGroup": { "description": "Provides information about a MemoryDB Parameter Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getParameterGroup({\n name: \"my-parameter-group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_parameter_group(name=\"my-parameter-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetParameterGroup.Invoke(new()\n {\n Name = \"my-parameter-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupParameterGroup(ctx, \u0026memorydb.LookupParameterGroupArgs{\n\t\t\tName: \"my-parameter-group\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetParameterGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getParameterGroup(GetParameterGroupArgs.builder()\n .name(\"my-parameter-group\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getParameterGroup\n Arguments:\n name: my-parameter-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getParameterGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the parameter group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the parameter group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getParameterGroup.\n", "properties": { "arn": { "description": "ARN of the parameter group.\n", "type": "string" }, "description": { "description": "Description of the parameter group.\n", "type": "string" }, "family": { "description": "Engine version that the parameter group can be used with.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the parameter.\n", "type": "string" }, "parameters": { "description": "Set of user-defined MemoryDB parameters applied by the parameter group.\n", "items": { "$ref": "#/types/aws:memorydb/getParameterGroupParameter:getParameterGroupParameter" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the parameter group.\n", "type": "object" } }, "required": [ "arn", "description", "family", "name", "parameters", "tags", "id" ], "type": "object" } }, "aws:memorydb/getSnapshot:getSnapshot": { "description": "Provides information about a MemoryDB Snapshot.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getSnapshot({\n name: \"my-snapshot\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_snapshot(name=\"my-snapshot\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetSnapshot.Invoke(new()\n {\n Name = \"my-snapshot\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupSnapshot(ctx, \u0026memorydb.LookupSnapshotArgs{\n\t\t\tName: \"my-snapshot\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getSnapshot(GetSnapshotArgs.builder()\n .name(\"my-snapshot\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getSnapshot\n Arguments:\n name: my-snapshot\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSnapshot.\n", "properties": { "name": { "type": "string", "description": "Name of the snapshot.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the snapshot.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSnapshot.\n", "properties": { "arn": { "description": "ARN of the snapshot.\n", "type": "string" }, "clusterConfigurations": { "description": "The configuration of the cluster from which the snapshot was taken.\n", "items": { "$ref": "#/types/aws:memorydb/getSnapshotClusterConfiguration:getSnapshotClusterConfiguration" }, "type": "array" }, "clusterName": { "description": "Name of the MemoryDB cluster that this snapshot was taken from.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyArn": { "description": "ARN of the KMS key used to encrypt the snapshot at rest.\n", "type": "string" }, "name": { "description": "Name of the cluster.\n", "type": "string" }, "source": { "description": "Whether the snapshot is from an automatic backup (`automated`) or was created manually (`manual`).\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the snapshot.\n", "type": "object" } }, "required": [ "arn", "clusterConfigurations", "clusterName", "kmsKeyArn", "name", "source", "tags", "id" ], "type": "object" } }, "aws:memorydb/getSubnetGroup:getSubnetGroup": { "description": "Provides information about a MemoryDB Subnet Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getSubnetGroup({\n name: \"my-subnet-group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_subnet_group(name=\"my-subnet-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetSubnetGroup.Invoke(new()\n {\n Name = \"my-subnet-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupSubnetGroup(ctx, \u0026memorydb.LookupSubnetGroupArgs{\n\t\t\tName: \"my-subnet-group\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getSubnetGroup(GetSubnetGroupArgs.builder()\n .name(\"my-subnet-group\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getSubnetGroup\n Arguments:\n name: my-subnet-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubnetGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the subnet group.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the subnet group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSubnetGroup.\n", "properties": { "arn": { "description": "ARN of the subnet group.\n", "type": "string" }, "description": { "description": "Description of the subnet group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "subnetIds": { "description": "Set of VPC Subnet ID-s of the subnet group.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the subnet group.\n", "type": "object" }, "vpcId": { "description": "VPC in which the subnet group exists.\n", "type": "string" } }, "required": [ "arn", "description", "name", "subnetIds", "tags", "vpcId", "id" ], "type": "object" } }, "aws:memorydb/getUser:getUser": { "description": "Provides information about a MemoryDB User.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.memorydb.getUser({\n userName: \"my-user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.memorydb.get_user(user_name=\"my-user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MemoryDb.GetUser.Invoke(new()\n {\n UserName = \"my-user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/memorydb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := memorydb.LookupUser(ctx, \u0026memorydb.LookupUserArgs{\n\t\t\tUserName: \"my-user\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.memorydb.MemorydbFunctions;\nimport com.pulumi.aws.memorydb.inputs.GetUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MemorydbFunctions.getUser(GetUserArgs.builder()\n .userName(\"my-user\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:memorydb:getUser\n Arguments:\n userName: my-user\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getUser.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the user.\n" }, "userName": { "type": "string", "description": "Name of the user.\n" } }, "type": "object", "required": [ "userName" ] }, "outputs": { "description": "A collection of values returned by getUser.\n", "properties": { "accessString": { "description": "Access permissions string used for this user.\n", "type": "string" }, "arn": { "description": "ARN of the user.\n", "type": "string" }, "authenticationModes": { "description": "Denotes the user's authentication properties.\n", "items": { "$ref": "#/types/aws:memorydb/getUserAuthenticationMode:getUserAuthenticationMode" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "minimumEngineVersion": { "description": "Minimum engine version supported for the user.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the user.\n", "type": "object" }, "userName": { "type": "string" } }, "required": [ "accessString", "arn", "authenticationModes", "minimumEngineVersion", "tags", "userName", "id" ], "type": "object" } }, "aws:mq/getBroker:getBroker": { "description": "Provides information about a MQ Broker.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst brokerId = config.get(\"brokerId\") || \"\";\nconst brokerName = config.get(\"brokerName\") || \"\";\nconst byId = aws.mq.getBroker({\n brokerId: brokerId,\n});\nconst byName = aws.mq.getBroker({\n brokerName: brokerName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nbroker_id = config.get(\"brokerId\")\nif broker_id is None:\n broker_id = \"\"\nbroker_name = config.get(\"brokerName\")\nif broker_name is None:\n broker_name = \"\"\nby_id = aws.mq.get_broker(broker_id=broker_id)\nby_name = aws.mq.get_broker(broker_name=broker_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var brokerId = config.Get(\"brokerId\") ?? \"\";\n var brokerName = config.Get(\"brokerName\") ?? \"\";\n var byId = Aws.Mq.GetBroker.Invoke(new()\n {\n BrokerId = brokerId,\n });\n\n var byName = Aws.Mq.GetBroker.Invoke(new()\n {\n BrokerName = brokerName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tbrokerId := \"\"\n\t\tif param := cfg.Get(\"brokerId\"); param != \"\" {\n\t\t\tbrokerId = param\n\t\t}\n\t\tbrokerName := \"\"\n\t\tif param := cfg.Get(\"brokerName\"); param != \"\" {\n\t\t\tbrokerName = param\n\t\t}\n\t\t_, err := mq.LookupBroker(ctx, \u0026mq.LookupBrokerArgs{\n\t\t\tBrokerId: pulumi.StringRef(brokerId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.LookupBroker(ctx, \u0026mq.LookupBrokerArgs{\n\t\t\tBrokerName: pulumi.StringRef(brokerName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.MqFunctions;\nimport com.pulumi.aws.mq.inputs.GetBrokerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var brokerId = config.get(\"brokerId\").orElse(\"\");\n final var brokerName = config.get(\"brokerName\").orElse(\"\");\n final var byId = MqFunctions.getBroker(GetBrokerArgs.builder()\n .brokerId(brokerId)\n .build());\n\n final var byName = MqFunctions.getBroker(GetBrokerArgs.builder()\n .brokerName(brokerName)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n brokerId:\n type: string\n default:\n brokerName:\n type: string\n default:\nvariables:\n byId:\n fn::invoke:\n Function: aws:mq:getBroker\n Arguments:\n brokerId: ${brokerId}\n byName:\n fn::invoke:\n Function: aws:mq:getBroker\n Arguments:\n brokerName: ${brokerName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBroker.\n", "properties": { "brokerId": { "type": "string", "description": "Unique id of the mq broker.\n" }, "brokerName": { "type": "string", "description": "Unique name of the mq broker.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBroker.\n", "properties": { "arn": { "type": "string" }, "authenticationStrategy": { "type": "string" }, "autoMinorVersionUpgrade": { "type": "boolean" }, "brokerId": { "type": "string" }, "brokerName": { "type": "string" }, "configuration": { "$ref": "#/types/aws:mq/getBrokerConfiguration:getBrokerConfiguration" }, "deploymentMode": { "type": "string" }, "encryptionOptions": { "items": { "$ref": "#/types/aws:mq/getBrokerEncryptionOption:getBrokerEncryptionOption" }, "type": "array" }, "engineType": { "type": "string" }, "engineVersion": { "type": "string" }, "hostInstanceType": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instances": { "items": { "$ref": "#/types/aws:mq/getBrokerInstance:getBrokerInstance" }, "type": "array" }, "ldapServerMetadatas": { "items": { "$ref": "#/types/aws:mq/getBrokerLdapServerMetadata:getBrokerLdapServerMetadata" }, "type": "array" }, "logs": { "$ref": "#/types/aws:mq/getBrokerLogs:getBrokerLogs" }, "maintenanceWindowStartTime": { "$ref": "#/types/aws:mq/getBrokerMaintenanceWindowStartTime:getBrokerMaintenanceWindowStartTime" }, "publiclyAccessible": { "type": "boolean" }, "securityGroups": { "items": { "type": "string" }, "type": "array" }, "storageType": { "type": "string" }, "subnetIds": { "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "users": { "items": { "$ref": "#/types/aws:mq/getBrokerUser:getBrokerUser" }, "type": "array" } }, "required": [ "arn", "authenticationStrategy", "autoMinorVersionUpgrade", "brokerId", "brokerName", "configuration", "deploymentMode", "encryptionOptions", "engineType", "engineVersion", "hostInstanceType", "instances", "ldapServerMetadatas", "logs", "maintenanceWindowStartTime", "publiclyAccessible", "securityGroups", "storageType", "subnetIds", "tags", "users", "id" ], "type": "object" } }, "aws:mq/getBrokerEngineTypes:getBrokerEngineTypes": { "description": "Retrieve information about available broker engines.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.mq.getBrokerEngineTypes({\n engineType: \"ACTIVEMQ\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mq.get_broker_engine_types(engine_type=\"ACTIVEMQ\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Mq.GetBrokerEngineTypes.Invoke(new()\n {\n EngineType = \"ACTIVEMQ\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.GetBrokerEngineTypes(ctx, \u0026mq.GetBrokerEngineTypesArgs{\n\t\t\tEngineType: pulumi.StringRef(\"ACTIVEMQ\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.MqFunctions;\nimport com.pulumi.aws.mq.inputs.GetBrokerEngineTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MqFunctions.getBrokerEngineTypes(GetBrokerEngineTypesArgs.builder()\n .engineType(\"ACTIVEMQ\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:mq:getBrokerEngineTypes\n Arguments:\n engineType: ACTIVEMQ\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBrokerEngineTypes.\n", "properties": { "engineType": { "type": "string", "description": "The MQ engine type to return version details for.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBrokerEngineTypes.\n", "properties": { "brokerEngineTypes": { "description": "A list of available engine types and versions. See Engine Types.\n", "items": { "$ref": "#/types/aws:mq/getBrokerEngineTypesBrokerEngineType:getBrokerEngineTypesBrokerEngineType" }, "type": "array" }, "engineType": { "description": "The broker's engine type.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "brokerEngineTypes", "id" ], "type": "object" } }, "aws:mq/getInstanceTypeOfferings:getInstanceTypeOfferings": { "description": "Provides information about a MQ Broker Instance Offerings.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst empty = aws.mq.getInstanceTypeOfferings({});\nconst engine = aws.mq.getInstanceTypeOfferings({\n engineType: \"ACTIVEMQ\",\n});\nconst storage = aws.mq.getInstanceTypeOfferings({\n storageType: \"EBS\",\n});\nconst instance = aws.mq.getInstanceTypeOfferings({\n hostInstanceType: \"mq.m5.large\",\n});\nconst all = aws.mq.getInstanceTypeOfferings({\n hostInstanceType: \"mq.m5.large\",\n storageType: \"EBS\",\n engineType: \"ACTIVEMQ\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nempty = aws.mq.get_instance_type_offerings()\nengine = aws.mq.get_instance_type_offerings(engine_type=\"ACTIVEMQ\")\nstorage = aws.mq.get_instance_type_offerings(storage_type=\"EBS\")\ninstance = aws.mq.get_instance_type_offerings(host_instance_type=\"mq.m5.large\")\nall = aws.mq.get_instance_type_offerings(host_instance_type=\"mq.m5.large\",\n storage_type=\"EBS\",\n engine_type=\"ACTIVEMQ\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var empty = Aws.Mq.GetInstanceTypeOfferings.Invoke();\n\n var engine = Aws.Mq.GetInstanceTypeOfferings.Invoke(new()\n {\n EngineType = \"ACTIVEMQ\",\n });\n\n var storage = Aws.Mq.GetInstanceTypeOfferings.Invoke(new()\n {\n StorageType = \"EBS\",\n });\n\n var instance = Aws.Mq.GetInstanceTypeOfferings.Invoke(new()\n {\n HostInstanceType = \"mq.m5.large\",\n });\n\n var all = Aws.Mq.GetInstanceTypeOfferings.Invoke(new()\n {\n HostInstanceType = \"mq.m5.large\",\n StorageType = \"EBS\",\n EngineType = \"ACTIVEMQ\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mq.GetInstanceTypeOfferings(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.GetInstanceTypeOfferings(ctx, \u0026mq.GetInstanceTypeOfferingsArgs{\n\t\t\tEngineType: pulumi.StringRef(\"ACTIVEMQ\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.GetInstanceTypeOfferings(ctx, \u0026mq.GetInstanceTypeOfferingsArgs{\n\t\t\tStorageType: pulumi.StringRef(\"EBS\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.GetInstanceTypeOfferings(ctx, \u0026mq.GetInstanceTypeOfferingsArgs{\n\t\t\tHostInstanceType: pulumi.StringRef(\"mq.m5.large\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mq.GetInstanceTypeOfferings(ctx, \u0026mq.GetInstanceTypeOfferingsArgs{\n\t\t\tHostInstanceType: pulumi.StringRef(\"mq.m5.large\"),\n\t\t\tStorageType: pulumi.StringRef(\"EBS\"),\n\t\t\tEngineType: pulumi.StringRef(\"ACTIVEMQ\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mq.MqFunctions;\nimport com.pulumi.aws.mq.inputs.GetInstanceTypeOfferingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var empty = MqFunctions.getInstanceTypeOfferings();\n\n final var engine = MqFunctions.getInstanceTypeOfferings(GetInstanceTypeOfferingsArgs.builder()\n .engineType(\"ACTIVEMQ\")\n .build());\n\n final var storage = MqFunctions.getInstanceTypeOfferings(GetInstanceTypeOfferingsArgs.builder()\n .storageType(\"EBS\")\n .build());\n\n final var instance = MqFunctions.getInstanceTypeOfferings(GetInstanceTypeOfferingsArgs.builder()\n .hostInstanceType(\"mq.m5.large\")\n .build());\n\n final var all = MqFunctions.getInstanceTypeOfferings(GetInstanceTypeOfferingsArgs.builder()\n .hostInstanceType(\"mq.m5.large\")\n .storageType(\"EBS\")\n .engineType(\"ACTIVEMQ\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n empty:\n fn::invoke:\n Function: aws:mq:getInstanceTypeOfferings\n Arguments: {}\n engine:\n fn::invoke:\n Function: aws:mq:getInstanceTypeOfferings\n Arguments:\n engineType: ACTIVEMQ\n storage:\n fn::invoke:\n Function: aws:mq:getInstanceTypeOfferings\n Arguments:\n storageType: EBS\n instance:\n fn::invoke:\n Function: aws:mq:getInstanceTypeOfferings\n Arguments:\n hostInstanceType: mq.m5.large\n all:\n fn::invoke:\n Function: aws:mq:getInstanceTypeOfferings\n Arguments:\n hostInstanceType: mq.m5.large\n storageType: EBS\n engineType: ACTIVEMQ\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstanceTypeOfferings.\n", "properties": { "engineType": { "type": "string", "description": "Filter response by engine type.\n" }, "hostInstanceType": { "type": "string", "description": "Filter response by host instance type.\n" }, "storageType": { "type": "string", "description": "Filter response by storage type.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstanceTypeOfferings.\n", "properties": { "brokerInstanceOptions": { "description": "Option for host instance type. See Broker Instance Options below.\n", "items": { "$ref": "#/types/aws:mq/getInstanceTypeOfferingsBrokerInstanceOption:getInstanceTypeOfferingsBrokerInstanceOption" }, "type": "array" }, "engineType": { "description": "Broker's engine type.\n", "type": "string" }, "hostInstanceType": { "description": "Broker's instance type.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "storageType": { "description": "Broker's storage type.\n", "type": "string" } }, "required": [ "brokerInstanceOptions", "id" ], "type": "object" } }, "aws:msk/getBootstrapBrokers:getBootstrapBrokers": { "description": "Get a list of brokers that a client application can use to bootstrap.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.msk.getBootstrapBrokers({\n clusterArn: exampleAwsMskCluster.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_bootstrap_brokers(cluster_arn=example_aws_msk_cluster[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Msk.GetBootstrapBrokers.Invoke(new()\n {\n ClusterArn = exampleAwsMskCluster.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.GetBootstrapBrokers(ctx, \u0026msk.GetBootstrapBrokersArgs{\n\t\t\tClusterArn: exampleAwsMskCluster.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetBootstrapBrokersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskFunctions.getBootstrapBrokers(GetBootstrapBrokersArgs.builder()\n .clusterArn(exampleAwsMskCluster.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:msk:getBootstrapBrokers\n Arguments:\n clusterArn: ${exampleAwsMskCluster.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBootstrapBrokers.\n", "properties": { "clusterArn": { "type": "string", "description": "ARN of the cluster the nodes belong to.\n" } }, "type": "object", "required": [ "clusterArn" ] }, "outputs": { "description": "A collection of values returned by getBootstrapBrokers.\n", "properties": { "bootstrapBrokers": { "description": "Comma separated list of one or more hostname:port pairs of kafka brokers suitable to bootstrap connectivity to the kafka cluster.\n", "type": "string" }, "bootstrapBrokersPublicSaslIam": { "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs.\n", "type": "string" }, "bootstrapBrokersPublicSaslScram": { "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs.\n", "type": "string" }, "bootstrapBrokersPublicTls": { "description": "One or more DNS names (or IP addresses) and TLS port pairs.\n", "type": "string" }, "bootstrapBrokersSaslIam": { "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs.\n", "type": "string" }, "bootstrapBrokersSaslScram": { "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs.\n", "type": "string" }, "bootstrapBrokersTls": { "description": "One or more DNS names (or IP addresses) and TLS port pairs.\n", "type": "string" }, "bootstrapBrokersVpcConnectivitySaslIam": { "description": "A string containing one or more DNS names (or IP addresses) and SASL IAM port pairs for VPC connectivity.\n", "type": "string" }, "bootstrapBrokersVpcConnectivitySaslScram": { "description": "A string containing one or more DNS names (or IP addresses) and SASL SCRAM port pairs for VPC connectivity.\n", "type": "string" }, "bootstrapBrokersVpcConnectivityTls": { "description": "A string containing one or more DNS names (or IP addresses) and TLS port pairs for VPC connectivity.\n", "type": "string" }, "clusterArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "bootstrapBrokers", "bootstrapBrokersPublicSaslIam", "bootstrapBrokersPublicSaslScram", "bootstrapBrokersPublicTls", "bootstrapBrokersSaslIam", "bootstrapBrokersSaslScram", "bootstrapBrokersTls", "bootstrapBrokersVpcConnectivitySaslIam", "bootstrapBrokersVpcConnectivitySaslScram", "bootstrapBrokersVpcConnectivityTls", "clusterArn", "id" ], "type": "object" } }, "aws:msk/getBrokerNodes:getBrokerNodes": { "description": "Get information on an Amazon MSK Broker Nodes.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.msk.getBrokerNodes({\n clusterArn: exampleAwsMskCluster.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_broker_nodes(cluster_arn=example_aws_msk_cluster[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Msk.GetBrokerNodes.Invoke(new()\n {\n ClusterArn = exampleAwsMskCluster.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.GetBrokerNodes(ctx, \u0026msk.GetBrokerNodesArgs{\n\t\t\tClusterArn: exampleAwsMskCluster.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetBrokerNodesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskFunctions.getBrokerNodes(GetBrokerNodesArgs.builder()\n .clusterArn(exampleAwsMskCluster.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:msk:getBrokerNodes\n Arguments:\n clusterArn: ${exampleAwsMskCluster.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBrokerNodes.\n", "properties": { "clusterArn": { "type": "string", "description": "ARN of the cluster the nodes belong to.\n" } }, "type": "object", "required": [ "clusterArn" ] }, "outputs": { "description": "A collection of values returned by getBrokerNodes.\n", "properties": { "clusterArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "nodeInfoLists": { "items": { "$ref": "#/types/aws:msk/getBrokerNodesNodeInfoList:getBrokerNodesNodeInfoList" }, "type": "array" } }, "required": [ "clusterArn", "nodeInfoLists", "id" ], "type": "object" } }, "aws:msk/getCluster:getCluster": { "description": "Get information on an Amazon MSK Cluster.\n\n\u003e **Note:** This data sources returns information on _provisioned_ clusters.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.msk.getCluster({\n clusterName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_cluster(cluster_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Msk.GetCluster.Invoke(new()\n {\n ClusterName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.LookupCluster(ctx, \u0026msk.LookupClusterArgs{\n\t\t\tClusterName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskFunctions.getCluster(GetClusterArgs.builder()\n .clusterName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:msk:getCluster\n Arguments:\n clusterName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterName": { "type": "string", "description": "Name of the cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the cluster.\n" } }, "type": "object", "required": [ "clusterName" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "description": "ARN of the MSK cluster.\n", "type": "string" }, "bootstrapBrokers": { "description": "Comma separated list of one or more hostname:port pairs of kafka brokers suitable to bootstrap connectivity to the kafka cluster. Contains a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `PLAINTEXT` or `TLS_PLAINTEXT`. The resource sorts values alphabetically. AWS may not always return all endpoints so this value is not guaranteed to be stable across applies.\n", "type": "string" }, "bootstrapBrokersPublicSaslIam": { "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9198`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "bootstrapBrokersPublicSaslScram": { "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9196`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "bootstrapBrokersPublicTls": { "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-2-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194,b-3-public.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9194`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `broker_node_group_info.0.connectivity_info.0.public_access.0.type` is set to `SERVICE_PROVIDED_EIPS` and the cluster fulfill all other requirements for public access. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "bootstrapBrokersSaslIam": { "description": "One or more DNS names (or IP addresses) and SASL IAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9098`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.iam` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "bootstrapBrokersSaslScram": { "description": "One or more DNS names (or IP addresses) and SASL SCRAM port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9096`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS` and `client_authentication.0.sasl.0.scram` is set to `true`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "bootstrapBrokersTls": { "description": "One or more DNS names (or IP addresses) and TLS port pairs. For example, `b-1.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-2.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094,b-3.exampleClusterName.abcde.c2.kafka.us-east-1.amazonaws.com:9094`. This attribute will have a value if `encryption_info.0.encryption_in_transit.0.client_broker` is set to `TLS_PLAINTEXT` or `TLS`. The resource sorts the list alphabetically. AWS may not always return all endpoints so the values may not be stable across applies.\n", "type": "string" }, "brokerNodeGroupInfos": { "description": "Configuration block for the broker nodes of the Kafka cluster.\n", "items": { "$ref": "#/types/aws:msk/getClusterBrokerNodeGroupInfo:getClusterBrokerNodeGroupInfo" }, "type": "array" }, "clusterName": { "type": "string" }, "clusterUuid": { "description": "UUID of the MSK cluster, for use in IAM policies.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kafkaVersion": { "description": "Apache Kafka version.\n", "type": "string" }, "numberOfBrokerNodes": { "description": "Number of broker nodes in the cluster.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the cluster.\n", "type": "object" }, "zookeeperConnectString": { "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster. The returned values are sorted alphbetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n", "type": "string" }, "zookeeperConnectStringTls": { "description": "A comma separated list of one or more hostname:port pairs to use to connect to the Apache Zookeeper cluster via TLS. The returned values are sorted alphabetically. The AWS API may not return all endpoints, so this value is not guaranteed to be stable across applies.\n", "type": "string" } }, "required": [ "arn", "bootstrapBrokers", "bootstrapBrokersPublicSaslIam", "bootstrapBrokersPublicSaslScram", "bootstrapBrokersPublicTls", "bootstrapBrokersSaslIam", "bootstrapBrokersSaslScram", "bootstrapBrokersTls", "brokerNodeGroupInfos", "clusterName", "clusterUuid", "kafkaVersion", "numberOfBrokerNodes", "tags", "zookeeperConnectString", "zookeeperConnectStringTls", "id" ], "type": "object" } }, "aws:msk/getConfiguration:getConfiguration": { "description": "Get information on an Amazon MSK Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.msk.getConfiguration({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_configuration(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Msk.GetConfiguration.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.LookupConfiguration(ctx, \u0026msk.LookupConfigurationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskFunctions.getConfiguration(GetConfigurationArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:msk:getConfiguration\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConfiguration.\n", "properties": { "name": { "type": "string", "description": "Name of the configuration.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getConfiguration.\n", "properties": { "arn": { "description": "ARN of the configuration.\n", "type": "string" }, "description": { "description": "Description of the configuration.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kafkaVersions": { "description": "List of Apache Kafka versions which can use this configuration.\n", "items": { "type": "string" }, "type": "array" }, "latestRevision": { "description": "Latest revision of the configuration.\n", "type": "integer" }, "name": { "type": "string" }, "serverProperties": { "description": "Contents of the server.properties file.\n", "type": "string" } }, "required": [ "arn", "description", "kafkaVersions", "latestRevision", "name", "serverProperties", "id" ], "type": "object" } }, "aws:msk/getKafkaVersion:getKafkaVersion": { "description": "Get information on a Amazon MSK Kafka Version\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst preferred = aws.msk.getKafkaVersion({\n preferredVersions: [\n \"2.4.1.1\",\n \"2.4.1\",\n \"2.2.1\",\n ],\n});\nconst example = aws.msk.getKafkaVersion({\n version: \"2.8.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\npreferred = aws.msk.get_kafka_version(preferred_versions=[\n \"2.4.1.1\",\n \"2.4.1\",\n \"2.2.1\",\n])\nexample = aws.msk.get_kafka_version(version=\"2.8.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var preferred = Aws.Msk.GetKafkaVersion.Invoke(new()\n {\n PreferredVersions = new[]\n {\n \"2.4.1.1\",\n \"2.4.1\",\n \"2.2.1\",\n },\n });\n\n var example = Aws.Msk.GetKafkaVersion.Invoke(new()\n {\n Version = \"2.8.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.GetKafkaVersion(ctx, \u0026msk.GetKafkaVersionArgs{\n\t\t\tPreferredVersions: []string{\n\t\t\t\t\"2.4.1.1\",\n\t\t\t\t\"2.4.1\",\n\t\t\t\t\"2.2.1\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = msk.GetKafkaVersion(ctx, \u0026msk.GetKafkaVersionArgs{\n\t\t\tVersion: pulumi.StringRef(\"2.8.0\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetKafkaVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var preferred = MskFunctions.getKafkaVersion(GetKafkaVersionArgs.builder()\n .preferredVersions( \n \"2.4.1.1\",\n \"2.4.1\",\n \"2.2.1\")\n .build());\n\n final var example = MskFunctions.getKafkaVersion(GetKafkaVersionArgs.builder()\n .version(\"2.8.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n preferred:\n fn::invoke:\n Function: aws:msk:getKafkaVersion\n Arguments:\n preferredVersions:\n - 2.4.1.1\n - 2.4.1\n - 2.2.1\n example:\n fn::invoke:\n Function: aws:msk:getKafkaVersion\n Arguments:\n version: 2.8.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getKafkaVersion.\n", "properties": { "preferredVersions": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred Kafka versions. The first match in this list will be returned. Either `preferred_versions` or `version` must be set.\n" }, "version": { "type": "string", "description": "Version of MSK Kafka. For example 2.4.1.1 or \"2.2.1\" etc. Either `preferred_versions` or `version` must be set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getKafkaVersion.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "preferredVersions": { "items": { "type": "string" }, "type": "array" }, "status": { "description": "Status of the MSK Kafka version eg. `ACTIVE` or `DEPRECATED`.\n", "type": "string" }, "version": { "type": "string" } }, "required": [ "status", "version", "id" ], "type": "object" } }, "aws:msk/getVpcConnection:getVpcConnection": { "description": "Get information on an Amazon MSK VPC Connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.msk.getVpcConnection({\n arn: exampleAwsMskVpcConnection.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.msk.get_vpc_connection(arn=example_aws_msk_vpc_connection[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Msk.GetVpcConnection.Invoke(new()\n {\n Arn = exampleAwsMskVpcConnection.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := msk.LookupVpcConnection(ctx, \u0026msk.LookupVpcConnectionArgs{\n\t\t\tArn: exampleAwsMskVpcConnection.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.MskFunctions;\nimport com.pulumi.aws.msk.inputs.GetVpcConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskFunctions.getVpcConnection(GetVpcConnectionArgs.builder()\n .arn(exampleAwsMskVpcConnection.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:msk:getVpcConnection\n Arguments:\n arn: ${exampleAwsMskVpcConnection.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVpcConnection.\n", "properties": { "arn": { "type": "string", "description": "ARN of the VPC Connection.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the VPC Connection.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getVpcConnection.\n", "properties": { "arn": { "type": "string" }, "authentication": { "description": "The authentication type for the client VPC Connection.\n", "type": "string" }, "clientSubnets": { "description": "The list of subnets in the client VPC.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "securityGroups": { "description": "The security groups attached to the ENIs for the broker nodes.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key-value pairs assigned to the VPC Connection.\n", "type": "object" }, "targetClusterArn": { "description": "The Amazon Resource Name (ARN) of the cluster.\n", "type": "string" }, "vpcId": { "description": "The VPC ID of the remote client.\n", "type": "string" } }, "required": [ "arn", "authentication", "clientSubnets", "securityGroups", "tags", "targetClusterArn", "vpcId", "id" ], "type": "object" } }, "aws:mskconnect/getConnector:getConnector": { "description": "Get information on an Amazon MSK Connect Connector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.mskconnect.getConnector({\n name: \"example-mskconnector\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mskconnect.get_connector(name=\"example-mskconnector\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MskConnect.GetConnector.Invoke(new()\n {\n Name = \"example-mskconnector\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mskconnect.LookupConnector(ctx, \u0026mskconnect.LookupConnectorArgs{\n\t\t\tName: \"example-mskconnector\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mskconnect.MskconnectFunctions;\nimport com.pulumi.aws.mskconnect.inputs.GetConnectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskconnectFunctions.getConnector(GetConnectorArgs.builder()\n .name(\"example-mskconnector\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:mskconnect:getConnector\n Arguments:\n name: example-mskconnector\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnector.\n", "properties": { "name": { "type": "string", "description": "Name of the connector.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getConnector.\n", "properties": { "arn": { "description": "ARN of the connector.\n", "type": "string" }, "description": { "description": "Summary description of the connector.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n", "type": "object" }, "version": { "description": "Current version of the connector.\n", "type": "string" } }, "required": [ "arn", "description", "name", "tags", "version", "id" ], "type": "object" } }, "aws:mskconnect/getCustomPlugin:getCustomPlugin": { "description": "Get information on an Amazon MSK Connect custom plugin.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.mskconnect.getCustomPlugin({\n name: \"example-debezium-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mskconnect.get_custom_plugin(name=\"example-debezium-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MskConnect.GetCustomPlugin.Invoke(new()\n {\n Name = \"example-debezium-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mskconnect.LookupCustomPlugin(ctx, \u0026mskconnect.LookupCustomPluginArgs{\n\t\t\tName: \"example-debezium-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mskconnect.MskconnectFunctions;\nimport com.pulumi.aws.mskconnect.inputs.GetCustomPluginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskconnectFunctions.getCustomPlugin(GetCustomPluginArgs.builder()\n .name(\"example-debezium-1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:mskconnect:getCustomPlugin\n Arguments:\n name: example-debezium-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCustomPlugin.\n", "properties": { "name": { "type": "string", "description": "Name of the custom plugin.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getCustomPlugin.\n", "properties": { "arn": { "description": "the ARN of the custom plugin.\n", "type": "string" }, "description": { "description": "a summary description of the custom plugin.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "latestRevision": { "description": "an ID of the latest successfully created revision of the custom plugin.\n", "type": "integer" }, "name": { "type": "string" }, "state": { "description": "the state of the custom plugin.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "arn", "description", "latestRevision", "name", "state", "tags", "id" ], "type": "object" } }, "aws:mskconnect/getWorkerConfiguration:getWorkerConfiguration": { "description": "Get information on an Amazon MSK Connect Worker Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.mskconnect.getWorkerConfiguration({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.mskconnect.get_worker_configuration(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.MskConnect.GetWorkerConfiguration.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/mskconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := mskconnect.LookupWorkerConfiguration(ctx, \u0026mskconnect.LookupWorkerConfigurationArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.mskconnect.MskconnectFunctions;\nimport com.pulumi.aws.mskconnect.inputs.GetWorkerConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = MskconnectFunctions.getWorkerConfiguration(GetWorkerConfigurationArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:mskconnect:getWorkerConfiguration\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkerConfiguration.\n", "properties": { "name": { "type": "string", "description": "Name of the worker configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getWorkerConfiguration.\n", "properties": { "arn": { "description": "the ARN of the worker configuration.\n", "type": "string" }, "description": { "description": "a summary description of the worker configuration.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "latestRevision": { "description": "an ID of the latest successfully created revision of the worker configuration.\n", "type": "integer" }, "name": { "type": "string" }, "propertiesFileContent": { "description": "contents of connect-distributed.properties file.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n", "type": "object" } }, "required": [ "arn", "description", "latestRevision", "name", "propertiesFileContent", "tags", "id" ], "type": "object" } }, "aws:neptune/getEngineVersion:getEngineVersion": { "description": "Information about a Neptune engine version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.neptune.getEngineVersion({\n preferredVersions: [\n \"1.0.3.0\",\n \"1.0.2.2\",\n \"1.0.2.1\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.neptune.get_engine_version(preferred_versions=[\n \"1.0.3.0\",\n \"1.0.2.2\",\n \"1.0.2.1\",\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Neptune.GetEngineVersion.Invoke(new()\n {\n PreferredVersions = new[]\n {\n \"1.0.3.0\",\n \"1.0.2.2\",\n \"1.0.2.1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.GetEngineVersion(ctx, \u0026neptune.GetEngineVersionArgs{\n\t\t\tPreferredVersions: []string{\n\t\t\t\t\"1.0.3.0\",\n\t\t\t\t\"1.0.2.2\",\n\t\t\t\t\"1.0.2.1\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.NeptuneFunctions;\nimport com.pulumi.aws.neptune.inputs.GetEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = NeptuneFunctions.getEngineVersion(GetEngineVersionArgs.builder()\n .preferredVersions( \n \"1.0.3.0\",\n \"1.0.2.2\",\n \"1.0.2.1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:neptune:getEngineVersion\n Arguments:\n preferredVersions:\n - 1.0.3.0\n - 1.0.2.2\n - 1.0.2.1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEngineVersion.\n", "properties": { "engine": { "type": "string", "description": "DB engine. (Default: `neptune`)\n" }, "parameterGroupFamily": { "type": "string", "description": "Name of a specific DB parameter group family. An example parameter group family is `neptune1`.\n" }, "preferredVersions": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred engine versions. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned. If both the `version` and `preferred_versions` arguments are not configured, the data source will return the default version for the engine.\n" }, "version": { "type": "string", "description": "Version of the DB engine. For example, `1.0.1.0`, `1.0.2.2`, and `1.0.3.0`. If both the `version` and `preferred_versions` arguments are not configured, the data source will return the default version for the engine.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEngineVersion.\n", "properties": { "engine": { "type": "string" }, "engineDescription": { "description": "Description of the database engine.\n", "type": "string" }, "exportableLogTypes": { "description": "Set of log types that the database engine has available for export to CloudWatch Logs.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parameterGroupFamily": { "type": "string" }, "preferredVersions": { "items": { "type": "string" }, "type": "array" }, "supportedTimezones": { "description": "Set of the time zones supported by this engine.\n", "items": { "type": "string" }, "type": "array" }, "supportsLogExportsToCloudwatch": { "description": "Indicates whether the engine version supports exporting the log types specified by `exportable_log_types` to CloudWatch Logs.\n", "type": "boolean" }, "supportsReadReplica": { "description": "Indicates whether the database engine version supports read replicas.\n", "type": "boolean" }, "validUpgradeTargets": { "description": "Set of engine versions that this database engine version can be upgraded to.\n", "items": { "type": "string" }, "type": "array" }, "version": { "type": "string" }, "versionDescription": { "description": "Description of the database engine version.\n", "type": "string" } }, "required": [ "engineDescription", "exportableLogTypes", "parameterGroupFamily", "supportedTimezones", "supportsLogExportsToCloudwatch", "supportsReadReplica", "validUpgradeTargets", "version", "versionDescription", "id" ], "type": "object" } }, "aws:neptune/getOrderableDbInstance:getOrderableDbInstance": { "description": "Information about Neptune orderable DB instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.neptune.getOrderableDbInstance({\n engineVersion: \"1.0.3.0\",\n preferredInstanceClasses: [\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.neptune.get_orderable_db_instance(engine_version=\"1.0.3.0\",\n preferred_instance_classes=[\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Neptune.GetOrderableDbInstance.Invoke(new()\n {\n EngineVersion = \"1.0.3.0\",\n PreferredInstanceClasses = new[]\n {\n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := neptune.GetOrderableDbInstance(ctx, \u0026neptune.GetOrderableDbInstanceArgs{\n\t\t\tEngineVersion: pulumi.StringRef(\"1.0.3.0\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.r5.large\",\n\t\t\t\t\"db.r4.large\",\n\t\t\t\t\"db.t3.medium\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.NeptuneFunctions;\nimport com.pulumi.aws.neptune.inputs.GetOrderableDbInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = NeptuneFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engineVersion(\"1.0.3.0\")\n .preferredInstanceClasses( \n \"db.r5.large\",\n \"db.r4.large\",\n \"db.t3.medium\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:neptune:getOrderableDbInstance\n Arguments:\n engineVersion: 1.0.3.0\n preferredInstanceClasses:\n - db.r5.large\n - db.r4.large\n - db.t3.medium\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrderableDbInstance.\n", "properties": { "engine": { "type": "string", "description": "DB engine. (Default: `neptune`)\n" }, "engineVersion": { "type": "string", "description": "Version of the DB engine. For example, `1.0.1.0`, `1.0.1.2`, `1.0.2.2`, and `1.0.3.0`.\n" }, "instanceClass": { "type": "string", "description": "DB instance class. Examples of classes are `db.r5.large`, `db.r5.xlarge`, `db.r4.large`, `db.r5.4xlarge`, `db.r5.12xlarge`, `db.r4.xlarge`, and `db.t3.medium`.\n" }, "licenseModel": { "type": "string", "description": "License model. (Default: `amazon-license`)\n" }, "preferredInstanceClasses": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred Neptune DB instance classes. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned.\n" }, "vpc": { "type": "boolean", "description": "Enable to show only VPC offerings.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOrderableDbInstance.\n", "properties": { "availabilityZones": { "description": "Availability zones where the instance is available.\n", "items": { "type": "string" }, "type": "array" }, "engine": { "type": "string" }, "engineVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceClass": { "type": "string" }, "licenseModel": { "type": "string" }, "maxIopsPerDbInstance": { "description": "Maximum total provisioned IOPS for a DB instance.\n", "type": "integer" }, "maxIopsPerGib": { "description": "Maximum provisioned IOPS per GiB for a DB instance.\n", "type": "number" }, "maxStorageSize": { "description": "Maximum storage size for a DB instance.\n", "type": "integer" }, "minIopsPerDbInstance": { "description": "Minimum total provisioned IOPS for a DB instance.\n", "type": "integer" }, "minIopsPerGib": { "description": "Minimum provisioned IOPS per GiB for a DB instance.\n", "type": "number" }, "minStorageSize": { "description": "Minimum storage size for a DB instance.\n", "type": "integer" }, "multiAzCapable": { "description": "Whether a DB instance is Multi-AZ capable.\n", "type": "boolean" }, "preferredInstanceClasses": { "items": { "type": "string" }, "type": "array" }, "readReplicaCapable": { "description": "Whether a DB instance can have a read replica.\n", "type": "boolean" }, "storageType": { "description": "Storage type for a DB instance.\n", "type": "string" }, "supportsEnhancedMonitoring": { "description": "Whether a DB instance supports Enhanced Monitoring at intervals from 1 to 60 seconds.\n", "type": "boolean" }, "supportsIamDatabaseAuthentication": { "description": "Whether a DB instance supports IAM database authentication.\n", "type": "boolean" }, "supportsIops": { "description": "Whether a DB instance supports provisioned IOPS.\n", "type": "boolean" }, "supportsPerformanceInsights": { "description": "Whether a DB instance supports Performance Insights.\n", "type": "boolean" }, "supportsStorageEncryption": { "description": "Whether a DB instance supports encrypted storage.\n", "type": "boolean" }, "vpc": { "type": "boolean" } }, "required": [ "availabilityZones", "engineVersion", "instanceClass", "maxIopsPerDbInstance", "maxIopsPerGib", "maxStorageSize", "minIopsPerDbInstance", "minIopsPerGib", "minStorageSize", "multiAzCapable", "readReplicaCapable", "storageType", "supportsEnhancedMonitoring", "supportsIamDatabaseAuthentication", "supportsIops", "supportsPerformanceInsights", "supportsStorageEncryption", "vpc", "id" ], "type": "object" } }, "aws:networkfirewall/getFirewall:getFirewall": { "description": "Retrieve information about a firewall.\n\n## Example Usage\n\n### Find firewall policy by ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewall({\n arn: arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall(arn=arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewall.Invoke(new()\n {\n Arn = arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewall(ctx, \u0026networkfirewall.LookupFirewallArgs{\n\t\t\tArn: pulumi.StringRef(arn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewall(GetFirewallArgs.builder()\n .arn(arn)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewall\n Arguments:\n arn: ${arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find firewall policy by Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewall({\n name: \"Test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall(name=\"Test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewall.Invoke(new()\n {\n Name = \"Test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewall(ctx, \u0026networkfirewall.LookupFirewallArgs{\n\t\t\tName: pulumi.StringRef(\"Test\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewall(GetFirewallArgs.builder()\n .name(\"Test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewall\n Arguments:\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find firewall policy by ARN and Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewall({\n arn: arn,\n name: \"Test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall(arn=arn,\n name=\"Test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewall.Invoke(new()\n {\n Arn = arn,\n Name = \"Test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewall(ctx, \u0026networkfirewall.LookupFirewallArgs{\n\t\t\tArn: pulumi.StringRef(arn),\n\t\t\tName: pulumi.StringRef(\"Test\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewall(GetFirewallArgs.builder()\n .arn(arn)\n .name(\"Test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewall\n Arguments:\n arn: ${arn}\n name: Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getFirewall.\n", "properties": { "arn": { "type": "string", "description": "ARN of the firewall.\n" }, "name": { "type": "string", "description": "Descriptive name of the firewall.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getFirewall.\n", "properties": { "arn": { "description": "ARN of the firewall.\n", "type": "string" }, "deleteProtection": { "description": "A flag indicating whether the firewall is protected against deletion.\n", "type": "boolean" }, "description": { "description": "Description of the firewall.\n", "type": "string" }, "encryptionConfigurations": { "description": "AWS Key Management Service (AWS KMS) encryption settings for the firewall.\n", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallEncryptionConfiguration:getFirewallEncryptionConfiguration" }, "type": "array" }, "firewallPolicyArn": { "description": "ARN of the VPC Firewall policy.\n", "type": "string" }, "firewallPolicyChangeProtection": { "description": "A flag indicating whether the firewall is protected against a change to the firewall policy association.\n", "type": "boolean" }, "firewallStatuses": { "description": "Nested list of information about the current status of the firewall.\n", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallFirewallStatus:getFirewallFirewallStatus" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Descriptive name of the firewall.\n", "type": "string" }, "subnetChangeProtection": { "description": "A flag indicating whether the firewall is protected against changes to the subnet associations.\n", "type": "boolean" }, "subnetMappings": { "description": "Set of configuration blocks describing the public subnets. Each subnet must belong to a different Availability Zone in the VPC. AWS Network Firewall creates a firewall endpoint in each subnet.\n", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallSubnetMapping:getFirewallSubnetMapping" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of resource tags to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "type": "object" }, "updateToken": { "description": "String token used when updating a firewall.\n", "type": "string" }, "vpcId": { "description": "Unique identifier of the VPC where AWS Network Firewall should create the firewall.\n", "type": "string" } }, "required": [ "arn", "deleteProtection", "description", "encryptionConfigurations", "firewallPolicyArn", "firewallPolicyChangeProtection", "firewallStatuses", "name", "subnetChangeProtection", "subnetMappings", "tags", "updateToken", "vpcId", "id" ], "type": "object" } }, "aws:networkfirewall/getFirewallPolicy:getFirewallPolicy": { "description": "Retrieve information about a firewall policy.\n\n## Example Usage\n\n### Find firewall policy by name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewallPolicy({\n name: firewallPolicyName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall_policy(name=firewall_policy_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewallPolicy.Invoke(new()\n {\n Name = firewallPolicyName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewallPolicy(ctx, \u0026networkfirewall.LookupFirewallPolicyArgs{\n\t\t\tName: pulumi.StringRef(firewallPolicyName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewallPolicy(GetFirewallPolicyArgs.builder()\n .name(firewallPolicyName)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewallPolicy\n Arguments:\n name: ${firewallPolicyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find firewall policy by ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewallPolicy({\n arn: firewallPolicyArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall_policy(arn=firewall_policy_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewallPolicy.Invoke(new()\n {\n Arn = firewallPolicyArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewallPolicy(ctx, \u0026networkfirewall.LookupFirewallPolicyArgs{\n\t\t\tArn: pulumi.StringRef(firewallPolicyArn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewallPolicy(GetFirewallPolicyArgs.builder()\n .arn(firewallPolicyArn)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewallPolicy\n Arguments:\n arn: ${firewallPolicyArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Find firewall policy by name and ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getFirewallPolicy({\n arn: firewallPolicyArn,\n name: firewallPolicyName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_firewall_policy(arn=firewall_policy_arn,\n name=firewall_policy_name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetFirewallPolicy.Invoke(new()\n {\n Arn = firewallPolicyArn,\n Name = firewallPolicyName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupFirewallPolicy(ctx, \u0026networkfirewall.LookupFirewallPolicyArgs{\n\t\t\tArn: pulumi.StringRef(firewallPolicyArn),\n\t\t\tName: pulumi.StringRef(firewallPolicyName),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetFirewallPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getFirewallPolicy(GetFirewallPolicyArgs.builder()\n .arn(firewallPolicyArn)\n .name(firewallPolicyName)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getFirewallPolicy\n Arguments:\n arn: ${firewallPolicyArn}\n name: ${firewallPolicyName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAWS Network Firewall does not allow multiple firewall policies with the same name to be created in an account. It is possible, however, to have multiple firewall policies available in a single account with identical `name` values but distinct `arn` values, e.g. firewall policies shared via a [Resource Access Manager (RAM) share][1]. In that case specifying `arn`, or `name` and `arn`, is recommended.\n\n\u003e **Note:** If there are multiple firewall policies in an account with the same `name`, and `arn` is not specified, the default behavior will return the firewall policy with `name` that was created in the account.\n", "inputs": { "description": "A collection of arguments for invoking getFirewallPolicy.\n", "properties": { "arn": { "type": "string", "description": "ARN of the firewall policy.\n" }, "name": { "type": "string", "description": "Descriptive name of the firewall policy.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the firewall policy.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getFirewallPolicy.\n", "properties": { "arn": { "type": "string" }, "description": { "description": "Description of the firewall policy.\n", "type": "string" }, "firewallPolicies": { "description": "The [policy][2] for the specified firewall policy.\n", "items": { "$ref": "#/types/aws:networkfirewall/getFirewallPolicyFirewallPolicy:getFirewallPolicyFirewallPolicy" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the firewall policy.\n", "type": "object" }, "updateToken": { "description": "Token used for optimistic locking.\n", "type": "string" } }, "required": [ "description", "firewallPolicies", "tags", "updateToken", "id" ], "type": "object" } }, "aws:networkfirewall/getResourcePolicy:getResourcePolicy": { "description": "Retrieve information about a Network Firewall resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkfirewall.getResourcePolicy({\n resourceArn: resourcePolicyArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.get_resource_policy(resource_arn=resource_policy_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkFirewall.GetResourcePolicy.Invoke(new()\n {\n ResourceArn = resourcePolicyArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkfirewall.LookupResourcePolicy(ctx, \u0026networkfirewall.LookupResourcePolicyArgs{\n\t\t\tResourceArn: resourcePolicyArn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.NetworkfirewallFunctions;\nimport com.pulumi.aws.networkfirewall.inputs.GetResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkfirewallFunctions.getResourcePolicy(GetResourcePolicyArgs.builder()\n .resourceArn(resourcePolicyArn)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkfirewall:getResourcePolicy\n Arguments:\n resourceArn: ${resourcePolicyArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResourcePolicy.\n", "properties": { "resourceArn": { "type": "string", "description": "The Amazon Resource Name (ARN) that identifies the resource policy.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "outputs": { "description": "A collection of values returned by getResourcePolicy.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "policy": { "description": "The [policy][1] for the resource.\n", "type": "string" }, "resourceArn": { "type": "string" } }, "required": [ "policy", "resourceArn", "id" ], "type": "object" } }, "aws:networkmanager/getConnection:getConnection": { "description": "Retrieve information about a connection.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getConnection({\n globalNetworkId: globalNetworkId,\n connectionId: connectionId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_connection(global_network_id=global_network_id,\n connection_id=connection_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetConnection.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n ConnectionId = connectionId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.LookupConnection(ctx, \u0026networkmanager.LookupConnectionArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tConnectionId: connectionId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getConnection(GetConnectionArgs.builder()\n .globalNetworkId(globalNetworkId)\n .connectionId(connectionId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getConnection\n Arguments:\n globalNetworkId: ${globalNetworkId}\n connectionId: ${connectionId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnection.\n", "properties": { "connectionId": { "type": "string", "description": "ID of the specific connection to retrieve.\n" }, "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the connection to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the connection.\n" } }, "type": "object", "required": [ "connectionId", "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getConnection.\n", "properties": { "arn": { "description": "ARN of the connection.\n", "type": "string" }, "connectedDeviceId": { "description": "ID of the second device in the connection.\n", "type": "string" }, "connectedLinkId": { "description": "ID of the link for the second device.\n", "type": "string" }, "connectionId": { "type": "string" }, "description": { "description": "Description of the connection.\n", "type": "string" }, "deviceId": { "description": "ID of the first device in the connection.\n", "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "linkId": { "description": "ID of the link for the first device.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the connection.\n", "type": "object" } }, "required": [ "arn", "connectedDeviceId", "connectedLinkId", "connectionId", "description", "deviceId", "globalNetworkId", "linkId", "tags", "id" ], "type": "object" } }, "aws:networkmanager/getConnections:getConnections": { "description": "Retrieve information about connections.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getConnections({\n globalNetworkId: globalNetworkId,\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_connections(global_network_id=global_network_id,\n tags={\n \"Env\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetConnections.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetConnections(ctx, \u0026networkmanager.GetConnectionsArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetConnectionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getConnections(GetConnectionsArgs.builder()\n .globalNetworkId(globalNetworkId)\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getConnections\n Arguments:\n globalNetworkId: ${globalNetworkId}\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConnections.\n", "properties": { "deviceId": { "type": "string", "description": "ID of the device of the connections to retrieve.\n" }, "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the connections to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the connections with these tags.\n" } }, "type": "object", "required": [ "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getConnections.\n", "properties": { "deviceId": { "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the connections.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "globalNetworkId", "ids", "id" ], "type": "object" } }, "aws:networkmanager/getCoreNetworkPolicyDocument:getCoreNetworkPolicyDocument": { "description": "Generates a Core Network policy document in JSON format for use with resources that expect core network policy documents such as `awscc_networkmanager_core_network`. It follows the API definition from the [core-network-policy documentation](https://docs.aws.amazon.com/vpc/latest/cloudwan/cloudwan-policies-json.html).\n\nUsing this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.\n\n\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.networkmanager.getCoreNetworkPolicyDocument({\n coreNetworkConfigurations: [{\n vpnEcmpSupport: false,\n asnRanges: [\"64512-64555\"],\n edgeLocations: [\n {\n location: \"us-east-1\",\n asn: \"64512\",\n },\n {\n location: \"eu-central-1\",\n asn: \"64513\",\n },\n ],\n }],\n segments: [\n {\n name: \"shared\",\n description: \"Segment for shared services\",\n requireAttachmentAcceptance: true,\n },\n {\n name: \"prod\",\n description: \"Segment for prod services\",\n requireAttachmentAcceptance: true,\n },\n ],\n segmentActions: [{\n action: \"share\",\n mode: \"attachment-route\",\n segment: \"shared\",\n shareWiths: [\"*\"],\n }],\n attachmentPolicies: [\n {\n ruleNumber: 100,\n conditionLogic: \"or\",\n conditions: [{\n type: \"tag-value\",\n operator: \"equals\",\n key: \"segment\",\n value: \"shared\",\n }],\n action: {\n associationMethod: \"constant\",\n segment: \"shared\",\n },\n },\n {\n ruleNumber: 200,\n conditionLogic: \"or\",\n conditions: [{\n type: \"tag-value\",\n operator: \"equals\",\n key: \"segment\",\n value: \"prod\",\n }],\n action: {\n associationMethod: \"constant\",\n segment: \"prod\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.networkmanager.get_core_network_policy_document(core_network_configurations=[{\n \"vpn_ecmp_support\": False,\n \"asn_ranges\": [\"64512-64555\"],\n \"edge_locations\": [\n {\n \"location\": \"us-east-1\",\n \"asn\": \"64512\",\n },\n {\n \"location\": \"eu-central-1\",\n \"asn\": \"64513\",\n },\n ],\n }],\n segments=[\n {\n \"name\": \"shared\",\n \"description\": \"Segment for shared services\",\n \"require_attachment_acceptance\": True,\n },\n {\n \"name\": \"prod\",\n \"description\": \"Segment for prod services\",\n \"require_attachment_acceptance\": True,\n },\n ],\n segment_actions=[{\n \"action\": \"share\",\n \"mode\": \"attachment-route\",\n \"segment\": \"shared\",\n \"share_withs\": [\"*\"],\n }],\n attachment_policies=[\n {\n \"rule_number\": 100,\n \"condition_logic\": \"or\",\n \"conditions\": [{\n \"type\": \"tag-value\",\n \"operator\": \"equals\",\n \"key\": \"segment\",\n \"value\": \"shared\",\n }],\n \"action\": {\n \"association_method\": \"constant\",\n \"segment\": \"shared\",\n },\n },\n {\n \"rule_number\": 200,\n \"condition_logic\": \"or\",\n \"conditions\": [{\n \"type\": \"tag-value\",\n \"operator\": \"equals\",\n \"key\": \"segment\",\n \"value\": \"prod\",\n }],\n \"action\": {\n \"association_method\": \"constant\",\n \"segment\": \"prod\",\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.NetworkManager.GetCoreNetworkPolicyDocument.Invoke(new()\n {\n CoreNetworkConfigurations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationInputArgs\n {\n VpnEcmpSupport = false,\n AsnRanges = new[]\n {\n \"64512-64555\",\n },\n EdgeLocations = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"us-east-1\",\n Asn = \"64512\",\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationInputArgs\n {\n Location = \"eu-central-1\",\n Asn = \"64513\",\n },\n },\n },\n },\n Segments = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"shared\",\n Description = \"Segment for shared services\",\n RequireAttachmentAcceptance = true,\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentInputArgs\n {\n Name = \"prod\",\n Description = \"Segment for prod services\",\n RequireAttachmentAcceptance = true,\n },\n },\n SegmentActions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentSegmentActionInputArgs\n {\n Action = \"share\",\n Mode = \"attachment-route\",\n Segment = \"shared\",\n ShareWiths = new[]\n {\n \"*\",\n },\n },\n },\n AttachmentPolicies = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyInputArgs\n {\n RuleNumber = 100,\n ConditionLogic = \"or\",\n Conditions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyConditionInputArgs\n {\n Type = \"tag-value\",\n Operator = \"equals\",\n Key = \"segment\",\n Value = \"shared\",\n },\n },\n Action = new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyActionInputArgs\n {\n AssociationMethod = \"constant\",\n Segment = \"shared\",\n },\n },\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyInputArgs\n {\n RuleNumber = 200,\n ConditionLogic = \"or\",\n Conditions = new[]\n {\n new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyConditionInputArgs\n {\n Type = \"tag-value\",\n Operator = \"equals\",\n Key = \"segment\",\n Value = \"prod\",\n },\n },\n Action = new Aws.NetworkManager.Inputs.GetCoreNetworkPolicyDocumentAttachmentPolicyActionInputArgs\n {\n AssociationMethod = \"constant\",\n Segment = \"prod\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetCoreNetworkPolicyDocument(ctx, \u0026networkmanager.GetCoreNetworkPolicyDocumentArgs{\n\t\t\tCoreNetworkConfigurations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfiguration{\n\t\t\t\t{\n\t\t\t\t\tVpnEcmpSupport: pulumi.BoolRef(false),\n\t\t\t\t\tAsnRanges: []string{\n\t\t\t\t\t\t\"64512-64555\",\n\t\t\t\t\t},\n\t\t\t\t\tEdgeLocations: []networkmanager.GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocation{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tLocation: \"us-east-1\",\n\t\t\t\t\t\t\tAsn: pulumi.StringRef(\"64512\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tLocation: \"eu-central-1\",\n\t\t\t\t\t\t\tAsn: pulumi.StringRef(\"64513\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSegments: []networkmanager.GetCoreNetworkPolicyDocumentSegment{\n\t\t\t\t{\n\t\t\t\t\tName: \"shared\",\n\t\t\t\t\tDescription: pulumi.StringRef(\"Segment for shared services\"),\n\t\t\t\t\tRequireAttachmentAcceptance: pulumi.BoolRef(true),\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"prod\",\n\t\t\t\t\tDescription: pulumi.StringRef(\"Segment for prod services\"),\n\t\t\t\t\tRequireAttachmentAcceptance: pulumi.BoolRef(true),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSegmentActions: []networkmanager.GetCoreNetworkPolicyDocumentSegmentAction{\n\t\t\t\t{\n\t\t\t\t\tAction: \"share\",\n\t\t\t\t\tMode: pulumi.StringRef(\"attachment-route\"),\n\t\t\t\t\tSegment: \"shared\",\n\t\t\t\t\tShareWiths: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAttachmentPolicies: []networkmanager.GetCoreNetworkPolicyDocumentAttachmentPolicy{\n\t\t\t\t{\n\t\t\t\t\tRuleNumber: 100,\n\t\t\t\t\tConditionLogic: pulumi.StringRef(\"or\"),\n\t\t\t\t\tConditions: []networkmanager.GetCoreNetworkPolicyDocumentAttachmentPolicyCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"tag-value\",\n\t\t\t\t\t\t\tOperator: pulumi.StringRef(\"equals\"),\n\t\t\t\t\t\t\tKey: pulumi.StringRef(\"segment\"),\n\t\t\t\t\t\t\tValue: pulumi.StringRef(\"shared\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tAction: {\n\t\t\t\t\t\tAssociationMethod: pulumi.StringRef(\"constant\"),\n\t\t\t\t\t\tSegment: pulumi.StringRef(\"shared\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tRuleNumber: 200,\n\t\t\t\t\tConditionLogic: pulumi.StringRef(\"or\"),\n\t\t\t\t\tConditions: []networkmanager.GetCoreNetworkPolicyDocumentAttachmentPolicyCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"tag-value\",\n\t\t\t\t\t\t\tOperator: pulumi.StringRef(\"equals\"),\n\t\t\t\t\t\t\tKey: pulumi.StringRef(\"segment\"),\n\t\t\t\t\t\t\tValue: pulumi.StringRef(\"prod\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tAction: {\n\t\t\t\t\t\tAssociationMethod: pulumi.StringRef(\"constant\"),\n\t\t\t\t\t\tSegment: pulumi.StringRef(\"prod\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()\n .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()\n .vpnEcmpSupport(false)\n .asnRanges(\"64512-64555\")\n .edgeLocations( \n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"us-east-1\")\n .asn(64512)\n .build(),\n GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()\n .location(\"eu-central-1\")\n .asn(64513)\n .build())\n .build())\n .segments( \n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"shared\")\n .description(\"Segment for shared services\")\n .requireAttachmentAcceptance(true)\n .build(),\n GetCoreNetworkPolicyDocumentSegmentArgs.builder()\n .name(\"prod\")\n .description(\"Segment for prod services\")\n .requireAttachmentAcceptance(true)\n .build())\n .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()\n .action(\"share\")\n .mode(\"attachment-route\")\n .segment(\"shared\")\n .shareWiths(\"*\")\n .build())\n .attachmentPolicies( \n GetCoreNetworkPolicyDocumentAttachmentPolicyArgs.builder()\n .ruleNumber(100)\n .conditionLogic(\"or\")\n .conditions(GetCoreNetworkPolicyDocumentAttachmentPolicyConditionArgs.builder()\n .type(\"tag-value\")\n .operator(\"equals\")\n .key(\"segment\")\n .value(\"shared\")\n .build())\n .action(GetCoreNetworkPolicyDocumentAttachmentPolicyActionArgs.builder()\n .associationMethod(\"constant\")\n .segment(\"shared\")\n .build())\n .build(),\n GetCoreNetworkPolicyDocumentAttachmentPolicyArgs.builder()\n .ruleNumber(200)\n .conditionLogic(\"or\")\n .conditions(GetCoreNetworkPolicyDocumentAttachmentPolicyConditionArgs.builder()\n .type(\"tag-value\")\n .operator(\"equals\")\n .key(\"segment\")\n .value(\"prod\")\n .build())\n .action(GetCoreNetworkPolicyDocumentAttachmentPolicyActionArgs.builder()\n .associationMethod(\"constant\")\n .segment(\"prod\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:networkmanager:getCoreNetworkPolicyDocument\n Arguments:\n coreNetworkConfigurations:\n - vpnEcmpSupport: false\n asnRanges:\n - 64512-64555\n edgeLocations:\n - location: us-east-1\n asn: 64512\n - location: eu-central-1\n asn: 64513\n segments:\n - name: shared\n description: Segment for shared services\n requireAttachmentAcceptance: true\n - name: prod\n description: Segment for prod services\n requireAttachmentAcceptance: true\n segmentActions:\n - action: share\n mode: attachment-route\n segment: shared\n shareWiths:\n - '*'\n attachmentPolicies:\n - ruleNumber: 100\n conditionLogic: or\n conditions:\n - type: tag-value\n operator: equals\n key: segment\n value: shared\n action:\n associationMethod: constant\n segment: shared\n - ruleNumber: 200\n conditionLogic: or\n conditions:\n - type: tag-value\n operator: equals\n key: segment\n value: prod\n action:\n associationMethod: constant\n segment: prod\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n`data.aws_networkmanager_core_network_policy_document.test.json` will evaluate to:\n\n```json\n{\n \"version\": \"2021.12\",\n \"core-network-configuration\": {\n \"asn-ranges\": [\n \"64512-64555\"\n ],\n \"vpn-ecmp-support\": false,\n \"edge-locations\": [\n {\n \"location\": \"us-east-1\",\n \"asn\": 64512\n },\n {\n \"location\": \"eu-central-1\",\n \"asn\": 64513\n }\n ]\n },\n \"segments\": [\n {\n \"name\": \"shared\",\n \"description\": \"Segment for shared services\",\n \"require-attachment-acceptance\": true\n },\n {\n \"name\": \"prod\",\n \"description\": \"Segment for prod services\",\n \"require-attachment-acceptance\": true\n }\n ],\n \"attachment-policies\": [\n {\n \"rule-number\": 100,\n \"action\": {\n \"association-method\": \"constant\",\n \"segment\": \"shared\"\n },\n \"conditions\": [\n {\n \"type\": \"tag-value\",\n \"operator\": \"equals\",\n \"key\": \"segment\",\n \"value\": \"shared\"\n }\n ],\n \"condition-logic\": \"or\"\n },\n {\n \"rule-number\": 200,\n \"action\": {\n \"association-method\": \"constant\",\n \"segment\": \"prod\"\n },\n \"conditions\": [\n {\n \"type\": \"tag-value\",\n \"operator\": \"equals\",\n \"key\": \"segment\",\n \"value\": \"prod\"\n }\n ],\n \"condition-logic\": \"or\"\n }\n ],\n \"segment-actions\": [\n {\n \"action\": \"share\",\n \"mode\": \"attachment-route\",\n \"segment\": \"shared\",\n \"share-with\": \"*\"\n }\n ]\n}\n```\n", "inputs": { "description": "A collection of arguments for invoking getCoreNetworkPolicyDocument.\n", "properties": { "attachmentPolicies": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicy:getCoreNetworkPolicyDocumentAttachmentPolicy" }, "description": "In a core network, all attachments use the block argument `attachment_policies` section to map an attachment to a segment. Instead of manually associating a segment to each attachment, attachments use tags, and then the tags are used to associate the attachment to the specified segment. Detailed below.\n" }, "coreNetworkConfigurations": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentCoreNetworkConfiguration:getCoreNetworkPolicyDocumentCoreNetworkConfiguration" }, "description": "The core network configuration section defines the Regions where a core network should operate. For AWS Regions that are defined in the policy, the core network creates a Core Network Edge where you can connect attachments. After it's created, each Core Network Edge is peered with every other defined Region and is configured with consistent segment and routing across all Regions. Regions cannot be removed until the associated attachments are deleted. Detailed below.\n" }, "networkFunctionGroups": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentNetworkFunctionGroup:getCoreNetworkPolicyDocumentNetworkFunctionGroup" }, "description": "Block argument that defines the service insertion actions you want to include. Detailed below.\n" }, "segmentActions": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegmentAction:getCoreNetworkPolicyDocumentSegmentAction" }, "description": "A block argument, `segment_actions` define how routing works between segments. By default, attachments can only communicate with other attachments in the same segment. Detailed below.\n" }, "segments": { "type": "array", "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegment:getCoreNetworkPolicyDocumentSegment" }, "description": "Block argument that defines the different segments in the network. Here you can provide descriptions, change defaults, and provide explicit Regional operational and route filters. The names defined for each segment are used in the `segment_actions` and `attachment_policies` section. Each segment is created, and operates, as a completely separated routing domain. By default, attachments can only communicate with other attachments in the same segment. Detailed below.\n" }, "version": { "type": "string" } }, "type": "object", "required": [ "coreNetworkConfigurations", "segments" ] }, "outputs": { "description": "A collection of values returned by getCoreNetworkPolicyDocument.\n", "properties": { "attachmentPolicies": { "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentAttachmentPolicy:getCoreNetworkPolicyDocumentAttachmentPolicy" }, "type": "array" }, "coreNetworkConfigurations": { "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentCoreNetworkConfiguration:getCoreNetworkPolicyDocumentCoreNetworkConfiguration" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "Standard JSON policy document rendered based on the arguments above.\n", "type": "string" }, "networkFunctionGroups": { "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentNetworkFunctionGroup:getCoreNetworkPolicyDocumentNetworkFunctionGroup" }, "type": "array" }, "segmentActions": { "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegmentAction:getCoreNetworkPolicyDocumentSegmentAction" }, "type": "array" }, "segments": { "items": { "$ref": "#/types/aws:networkmanager/getCoreNetworkPolicyDocumentSegment:getCoreNetworkPolicyDocumentSegment" }, "type": "array" }, "version": { "type": "string" } }, "required": [ "coreNetworkConfigurations", "json", "segments", "id" ], "type": "object" } }, "aws:networkmanager/getDevice:getDevice": { "description": "Retrieve information about a device.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetDeviceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getDevice(GetDeviceArgs.builder()\n .globalNetworkIdId(globalNetworkId)\n .deviceId(deviceId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getDevice\n Arguments:\n globalNetworkIdId: ${globalNetworkId}\n deviceId: ${deviceId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDevice.\n", "properties": { "deviceId": { "type": "string", "description": "ID of the device.\n" }, "globalNetworkId": { "type": "string", "description": "ID of the global network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the device.\n" } }, "type": "object", "required": [ "deviceId", "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getDevice.\n", "properties": { "arn": { "description": "ARN of the device.\n", "type": "string" }, "awsLocations": { "description": "AWS location of the device. Documented below.\n", "items": { "$ref": "#/types/aws:networkmanager/getDeviceAwsLocation:getDeviceAwsLocation" }, "type": "array" }, "description": { "description": "Description of the device.\n", "type": "string" }, "deviceId": { "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "locations": { "description": "Location of the device. Documented below.\n", "items": { "$ref": "#/types/aws:networkmanager/getDeviceLocation:getDeviceLocation" }, "type": "array" }, "model": { "description": "Model of device.\n", "type": "string" }, "serialNumber": { "description": "Serial number of the device.\n", "type": "string" }, "siteId": { "description": "ID of the site.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the device.\n", "type": "object" }, "type": { "description": "Type of device.\n", "type": "string" }, "vendor": { "description": "Vendor of the device.\n", "type": "string" } }, "required": [ "arn", "awsLocations", "description", "deviceId", "globalNetworkId", "locations", "model", "serialNumber", "siteId", "tags", "type", "vendor", "id" ], "type": "object" } }, "aws:networkmanager/getDevices:getDevices": { "description": "Retrieve information about devices.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getDevices({\n globalNetworkId: globalNetworkId,\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_devices(global_network_id=global_network_id,\n tags={\n \"Env\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetDevices.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetDevices(ctx, \u0026networkmanager.GetDevicesArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetDevicesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getDevices(GetDevicesArgs.builder()\n .globalNetworkId(globalNetworkId)\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getDevices\n Arguments:\n globalNetworkId: ${globalNetworkId}\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDevices.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the devices to retrieve.\n" }, "siteId": { "type": "string", "description": "ID of the site of the devices to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the devices with these tags.\n" } }, "type": "object", "required": [ "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getDevices.\n", "properties": { "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the devices.\n", "items": { "type": "string" }, "type": "array" }, "siteId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "globalNetworkId", "ids", "id" ], "type": "object" } }, "aws:networkmanager/getGlobalNetwork:getGlobalNetwork": { "description": "Retrieve information about a global network.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getGlobalNetwork({\n globalNetworkId: globalNetworkId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_global_network(global_network_id=global_network_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetGlobalNetwork.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.LookupGlobalNetwork(ctx, \u0026networkmanager.LookupGlobalNetworkArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetGlobalNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getGlobalNetwork(GetGlobalNetworkArgs.builder()\n .globalNetworkId(globalNetworkId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getGlobalNetwork\n Arguments:\n globalNetworkId: ${globalNetworkId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGlobalNetwork.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the specific global network to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of resource tags.\n" } }, "type": "object", "required": [ "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getGlobalNetwork.\n", "properties": { "arn": { "description": "ARN of the global network.\n", "type": "string" }, "description": { "description": "Description of the global network.\n", "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of resource tags.\n", "type": "object" } }, "required": [ "arn", "description", "globalNetworkId", "tags", "id" ], "type": "object" } }, "aws:networkmanager/getGlobalNetworks:getGlobalNetworks": { "description": "Retrieve information about global networks.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getGlobalNetworks({\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_global_networks(tags={\n \"Env\": \"test\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetGlobalNetworks.Invoke(new()\n {\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetGlobalNetworks(ctx, \u0026networkmanager.GetGlobalNetworksArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetGlobalNetworksArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getGlobalNetworks(GetGlobalNetworksArgs.builder()\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getGlobalNetworks\n Arguments:\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getGlobalNetworks.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the global networks with these tags.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getGlobalNetworks.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the global networks.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:networkmanager/getLink:getLink": { "description": "Retrieve information about a link.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getLink({\n globalNetworkId: globalNetworkId,\n linkId: linkId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_link(global_network_id=global_network_id,\n link_id=link_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetLink.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n LinkId = linkId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.LookupLink(ctx, \u0026networkmanager.LookupLinkArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tLinkId: linkId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getLink(GetLinkArgs.builder()\n .globalNetworkId(globalNetworkId)\n .linkId(linkId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getLink\n Arguments:\n globalNetworkId: ${globalNetworkId}\n linkId: ${linkId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLink.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the link to retrieve.\n" }, "linkId": { "type": "string", "description": "ID of the specific link to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the link.\n" } }, "type": "object", "required": [ "globalNetworkId", "linkId" ] }, "outputs": { "description": "A collection of values returned by getLink.\n", "properties": { "arn": { "description": "ARN of the link.\n", "type": "string" }, "bandwidths": { "description": "Upload speed and download speed of the link as documented below\n", "items": { "$ref": "#/types/aws:networkmanager/getLinkBandwidth:getLinkBandwidth" }, "type": "array" }, "description": { "description": "Description of the link.\n", "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "linkId": { "type": "string" }, "providerName": { "description": "Provider of the link.\n", "type": "string" }, "siteId": { "description": "ID of the site.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the link.\n", "type": "object" }, "type": { "description": "Type of the link.\n", "type": "string" } }, "required": [ "arn", "bandwidths", "description", "globalNetworkId", "linkId", "providerName", "siteId", "tags", "type", "id" ], "type": "object" } }, "aws:networkmanager/getLinks:getLinks": { "description": "Retrieve information about link.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getLinks({\n globalNetworkId: globalNetworkId,\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_links(global_network_id=global_network_id,\n tags={\n \"Env\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetLinks.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetLinks(ctx, \u0026networkmanager.GetLinksArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetLinksArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getLinks(GetLinksArgs.builder()\n .globalNetworkId(globalNetworkId)\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getLinks\n Arguments:\n globalNetworkId: ${globalNetworkId}\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLinks.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the links to retrieve.\n" }, "providerName": { "type": "string", "description": "Link provider to retrieve.\n" }, "siteId": { "type": "string", "description": "ID of the site of the links to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the links with these tags.\n" }, "type": { "type": "string", "description": "Link type to retrieve.\n" } }, "type": "object", "required": [ "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getLinks.\n", "properties": { "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the links.\n", "items": { "type": "string" }, "type": "array" }, "providerName": { "type": "string" }, "siteId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "type": { "type": "string" } }, "required": [ "globalNetworkId", "ids", "id" ], "type": "object" } }, "aws:networkmanager/getSite:getSite": { "description": "Retrieve information about a site.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getSite({\n globalNetworkId: globalNetworkId,\n siteId: siteId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_site(global_network_id=global_network_id,\n site_id=site_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetSite.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n SiteId = siteId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.LookupSite(ctx, \u0026networkmanager.LookupSiteArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tSiteId: siteId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetSiteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getSite(GetSiteArgs.builder()\n .globalNetworkId(globalNetworkId)\n .siteId(siteId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getSite\n Arguments:\n globalNetworkId: ${globalNetworkId}\n siteId: ${siteId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSite.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the site to retrieve.\n" }, "siteId": { "type": "string", "description": "ID of the specific site to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Site.\n" } }, "type": "object", "required": [ "globalNetworkId", "siteId" ] }, "outputs": { "description": "A collection of values returned by getSite.\n", "properties": { "arn": { "description": "ARN of the site.\n", "type": "string" }, "description": { "description": "Description of the site.\n", "type": "string" }, "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "locations": { "description": "Site location as documented below.\n", "items": { "$ref": "#/types/aws:networkmanager/getSiteLocation:getSiteLocation" }, "type": "array" }, "siteId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value tags for the Site.\n", "type": "object" } }, "required": [ "arn", "description", "globalNetworkId", "locations", "siteId", "tags", "id" ], "type": "object" } }, "aws:networkmanager/getSites:getSites": { "description": "Retrieve information about sites.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.networkmanager.getSites({\n globalNetworkId: globalNetworkId,\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.get_sites(global_network_id=global_network_id,\n tags={\n \"Env\": \"test\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.NetworkManager.GetSites.Invoke(new()\n {\n GlobalNetworkId = globalNetworkId,\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networkmanager.GetSites(ctx, \u0026networkmanager.GetSitesArgs{\n\t\t\tGlobalNetworkId: globalNetworkId,\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.NetworkmanagerFunctions;\nimport com.pulumi.aws.networkmanager.inputs.GetSitesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = NetworkmanagerFunctions.getSites(GetSitesArgs.builder()\n .globalNetworkId(globalNetworkId)\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:networkmanager:getSites\n Arguments:\n globalNetworkId: ${globalNetworkId}\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSites.\n", "properties": { "globalNetworkId": { "type": "string", "description": "ID of the Global Network of the sites to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Restricts the list to the sites with these tags.\n" } }, "type": "object", "required": [ "globalNetworkId" ] }, "outputs": { "description": "A collection of values returned by getSites.\n", "properties": { "globalNetworkId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "IDs of the sites.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "globalNetworkId", "ids", "id" ], "type": "object" } }, "aws:oam/getLink:getLink": { "description": "Data source for managing an AWS CloudWatch Observability Access Manager Link.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.oam.getLink({\n linkIdentifier: \"arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.get_link(link_identifier=\"arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Oam.GetLink.Invoke(new()\n {\n LinkIdentifier = \"arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.LookupLink(ctx, \u0026oam.LookupLinkArgs{\n\t\t\tLinkIdentifier: \"arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.OamFunctions;\nimport com.pulumi.aws.oam.inputs.GetLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OamFunctions.getLink(GetLinkArgs.builder()\n .linkIdentifier(\"arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:oam:getLink\n Arguments:\n linkIdentifier: arn:aws:oam:us-west-1:111111111111:link/abcd1234-a123-456a-a12b-a123b456c789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLink.\n", "properties": { "linkIdentifier": { "type": "string", "description": "ARN of the link.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "linkIdentifier" ] }, "outputs": { "description": "A collection of values returned by getLink.\n", "properties": { "arn": { "description": "ARN of the link.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "label": { "description": "Label that is assigned to this link.\n", "type": "string" }, "labelTemplate": { "description": "Human-readable name used to identify this source account when you are viewing data from it in the monitoring account.\n", "type": "string" }, "linkConfigurations": { "description": "Configuration for creating filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account. See `link_configuration` Block for details.\n", "items": { "$ref": "#/types/aws:oam/getLinkLinkConfiguration:getLinkLinkConfiguration" }, "type": "array" }, "linkId": { "description": "ID string that AWS generated as part of the link ARN.\n", "type": "string" }, "linkIdentifier": { "type": "string" }, "resourceTypes": { "description": "Types of data that the source account shares with the monitoring account.\n", "items": { "type": "string" }, "type": "array" }, "sinkArn": { "description": "ARN of the sink that is used for this link.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "label", "labelTemplate", "linkConfigurations", "linkId", "linkIdentifier", "resourceTypes", "sinkArn", "tags", "id" ], "type": "object" } }, "aws:oam/getLinks:getLinks": { "description": "Data source for managing an AWS CloudWatch Observability Access Manager Links.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.oam.getLinks({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.get_links()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Oam.GetLinks.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.GetLinks(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.OamFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OamFunctions.getLinks();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:oam:getLinks\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getLinks.\n", "properties": { "arns": { "description": "Set of ARN of the Links.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:oam/getSink:getSink": { "description": "Data source for managing an AWS CloudWatch Observability Access Manager Sink.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.oam.getSink({\n sinkIdentifier: \"arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.get_sink(sink_identifier=\"arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Oam.GetSink.Invoke(new()\n {\n SinkIdentifier = \"arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.LookupSink(ctx, \u0026oam.LookupSinkArgs{\n\t\t\tSinkIdentifier: \"arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.OamFunctions;\nimport com.pulumi.aws.oam.inputs.GetSinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OamFunctions.getSink(GetSinkArgs.builder()\n .sinkIdentifier(\"arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:oam:getSink\n Arguments:\n sinkIdentifier: arn:aws:oam:us-west-1:111111111111:sink/abcd1234-a123-456a-a12b-a123b456c789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSink.\n", "properties": { "sinkIdentifier": { "type": "string", "description": "ARN of the sink.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the sink.\n" } }, "type": "object", "required": [ "sinkIdentifier" ] }, "outputs": { "description": "A collection of values returned by getSink.\n", "properties": { "arn": { "description": "ARN of the sink.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the sink.\n", "type": "string" }, "sinkId": { "description": "Random ID string that AWS generated as part of the sink ARN.\n", "type": "string" }, "sinkIdentifier": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the sink.\n", "type": "object" } }, "required": [ "arn", "name", "sinkId", "sinkIdentifier", "tags", "id" ], "type": "object" } }, "aws:oam/getSinks:getSinks": { "description": "Data source for managing an AWS CloudWatch Observability Access Manager Sinks.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.oam.getSinks({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.oam.get_sinks()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Oam.GetSinks.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := oam.GetSinks(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.OamFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OamFunctions.getSinks();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:oam:getSinks\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getSinks.\n", "properties": { "arns": { "description": "Set of ARN of the Sinks.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arns", "id" ], "type": "object" } }, "aws:opensearch/getDomain:getDomain": { "description": "Use this data source to get information about an OpenSearch Domain\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDomain = aws.opensearch.getDomain({\n domainName: \"my-domain-name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_domain = aws.opensearch.get_domain(domain_name=\"my-domain-name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDomain = Aws.OpenSearch.GetDomain.Invoke(new()\n {\n DomainName = \"my-domain-name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupDomain(ctx, \u0026opensearch.LookupDomainArgs{\n\t\t\tDomainName: \"my-domain-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetDomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myDomain = OpensearchFunctions.getDomain(GetDomainArgs.builder()\n .domainName(\"my-domain-name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myDomain:\n fn::invoke:\n Function: aws:opensearch:getDomain\n Arguments:\n domainName: my-domain-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDomain.\n", "properties": { "domainName": { "type": "string", "description": "Name of the domain.\n" }, "offPeakWindowOptions": { "$ref": "#/types/aws:opensearch/getDomainOffPeakWindowOptions:getDomainOffPeakWindowOptions", "description": "Off Peak update options\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags assigned to the domain.\n" } }, "type": "object", "required": [ "domainName" ] }, "outputs": { "description": "A collection of values returned by getDomain.\n", "properties": { "accessPolicies": { "description": "Policy document attached to the domain.\n", "type": "string" }, "advancedOptions": { "additionalProperties": { "type": "string" }, "description": "Key-value string pairs to specify advanced configuration options.\n", "type": "object" }, "advancedSecurityOptions": { "description": "Status of the OpenSearch domain's advanced security options. The block consists of the following attributes:\n", "items": { "$ref": "#/types/aws:opensearch/getDomainAdvancedSecurityOption:getDomainAdvancedSecurityOption" }, "type": "array" }, "arn": { "description": "ARN of the domain.\n", "type": "string" }, "autoTuneOptions": { "description": "Configuration of the Auto-Tune options of the domain.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainAutoTuneOption:getDomainAutoTuneOption" }, "type": "array" }, "clusterConfigs": { "description": "Cluster configuration of the domain.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainClusterConfig:getDomainClusterConfig" }, "type": "array" }, "cognitoOptions": { "description": "Domain Amazon Cognito Authentication options for Dashboard.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainCognitoOption:getDomainCognitoOption" }, "type": "array" }, "created": { "description": "Status of the creation of the domain.\n", "type": "boolean" }, "dashboardEndpoint": { "description": "Domain-specific endpoint used to access the [Dashboard application](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/dashboards.html).\n", "type": "string" }, "deleted": { "description": "Status of the deletion of the domain.\n", "type": "boolean" }, "domainId": { "description": "Unique identifier for the domain.\n", "type": "string" }, "domainName": { "type": "string" }, "ebsOptions": { "description": "EBS Options for the instances in the domain.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainEbsOption:getDomainEbsOption" }, "type": "array" }, "encryptionAtRests": { "description": "Domain encryption at rest related options.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainEncryptionAtRest:getDomainEncryptionAtRest" }, "type": "array" }, "endpoint": { "description": "Domain-specific endpoint used to submit index, search, and data upload requests.\n", "type": "string" }, "engineVersion": { "description": "OpenSearch version for the domain.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddressType": { "description": "Type of IP addresses supported by the endpoint for the domain.\n", "type": "string" }, "kibanaEndpoint": { "deprecationMessage": "use 'dashboard_endpoint' attribute instead", "description": "(**Deprecated**) Domain-specific endpoint for kibana without https scheme. Use the `dashboard_endpoint` attribute instead.\n", "type": "string" }, "logPublishingOptions": { "description": "Domain log publishing related options.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainLogPublishingOption:getDomainLogPublishingOption" }, "type": "array" }, "nodeToNodeEncryptions": { "description": "Domain in transit encryption related options.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainNodeToNodeEncryption:getDomainNodeToNodeEncryption" }, "type": "array" }, "offPeakWindowOptions": { "$ref": "#/types/aws:opensearch/getDomainOffPeakWindowOptions:getDomainOffPeakWindowOptions", "description": "Off Peak update options\n" }, "processing": { "description": "Status of a configuration change in the domain.\n", "type": "boolean" }, "snapshotOptions": { "description": "Domain snapshot related options.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainSnapshotOption:getDomainSnapshotOption" }, "type": "array" }, "softwareUpdateOptions": { "description": "Software update options for the domain\n", "items": { "$ref": "#/types/aws:opensearch/getDomainSoftwareUpdateOption:getDomainSoftwareUpdateOption" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags assigned to the domain.\n", "type": "object" }, "vpcOptions": { "description": "VPC Options for private OpenSearch domains.\n", "items": { "$ref": "#/types/aws:opensearch/getDomainVpcOption:getDomainVpcOption" }, "type": "array" } }, "required": [ "accessPolicies", "advancedOptions", "advancedSecurityOptions", "arn", "autoTuneOptions", "clusterConfigs", "cognitoOptions", "created", "dashboardEndpoint", "deleted", "domainId", "domainName", "ebsOptions", "encryptionAtRests", "endpoint", "engineVersion", "ipAddressType", "kibanaEndpoint", "logPublishingOptions", "nodeToNodeEncryptions", "processing", "snapshotOptions", "softwareUpdateOptions", "tags", "vpcOptions", "id" ], "type": "object" } }, "aws:opensearch/getServerlessAccessPolicy:getServerlessAccessPolicy": { "description": "Data source for managing an AWS OpenSearch Serverless Access Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessAccessPolicy({\n name: exampleAwsOpensearchserverlessAccessPolicy.name,\n type: exampleAwsOpensearchserverlessAccessPolicy.type,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_access_policy(name=example_aws_opensearchserverless_access_policy[\"name\"],\n type=example_aws_opensearchserverless_access_policy[\"type\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessAccessPolicy.Invoke(new()\n {\n Name = exampleAwsOpensearchserverlessAccessPolicy.Name,\n Type = exampleAwsOpensearchserverlessAccessPolicy.Type,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessAccessPolicy(ctx, \u0026opensearch.LookupServerlessAccessPolicyArgs{\n\t\t\tName: exampleAwsOpensearchserverlessAccessPolicy.Name,\n\t\t\tType: exampleAwsOpensearchserverlessAccessPolicy.Type,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessAccessPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessAccessPolicy(GetServerlessAccessPolicyArgs.builder()\n .name(exampleAwsOpensearchserverlessAccessPolicy.name())\n .type(exampleAwsOpensearchserverlessAccessPolicy.type())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessAccessPolicy\n Arguments:\n name: ${exampleAwsOpensearchserverlessAccessPolicy.name}\n type: ${exampleAwsOpensearchserverlessAccessPolicy.type}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessAccessPolicy.\n", "properties": { "name": { "type": "string", "description": "Name of the policy.\n" }, "type": { "type": "string", "description": "Type of access policy. Must be `data`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "outputs": { "description": "A collection of values returned by getServerlessAccessPolicy.\n", "properties": { "description": { "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n", "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "policy": { "description": "JSON policy document to use as the content for the new policy.\n", "type": "string" }, "policyVersion": { "description": "Version of the policy.\n", "type": "string" }, "type": { "type": "string" } }, "required": [ "description", "id", "name", "policy", "policyVersion", "type" ], "type": "object" } }, "aws:opensearch/getServerlessCollection:getServerlessCollection": { "description": "Data source for managing an AWS OpenSearch Serverless Collection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessCollection({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_collection(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessCollection.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessCollection(ctx, \u0026opensearch.LookupServerlessCollectionArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessCollectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessCollection(GetServerlessCollectionArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessCollection\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessCollection.\n", "properties": { "id": { "type": "string", "description": "ID of the collection. Either `id` or `name` must be provided.\n" }, "name": { "type": "string", "description": "Name of the collection. Either `name` or `id` must be provided.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServerlessCollection.\n", "properties": { "arn": { "description": "Amazon Resource Name (ARN) of the collection.\n", "type": "string" }, "collectionEndpoint": { "description": "Collection-specific endpoint used to submit index, search, and data upload requests to an OpenSearch Serverless collection.\n", "type": "string" }, "createdDate": { "description": "Date the Collection was created.\n", "type": "string" }, "dashboardEndpoint": { "description": "Collection-specific endpoint used to access OpenSearch Dashboards.\n", "type": "string" }, "description": { "description": "Description of the collection.\n", "type": "string" }, "id": { "type": "string" }, "kmsKeyArn": { "description": "The ARN of the Amazon Web Services KMS key used to encrypt the collection.\n", "type": "string" }, "lastModifiedDate": { "description": "Date the Collection was last modified.\n", "type": "string" }, "name": { "type": "string" }, "standbyReplicas": { "description": "Indicates whether standby replicas should be used for a collection.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the collection.\n", "type": "object" }, "type": { "description": "Type of collection.\n", "type": "string" } }, "required": [ "arn", "collectionEndpoint", "createdDate", "dashboardEndpoint", "description", "id", "kmsKeyArn", "lastModifiedDate", "name", "standbyReplicas", "tags", "type" ], "type": "object" } }, "aws:opensearch/getServerlessLifecyclePolicy:getServerlessLifecyclePolicy": { "description": "Data source for managing an AWS OpenSearch Serverless Lifecycle Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessLifecyclePolicy({\n name: \"example-lifecycle-policy\",\n type: \"retention\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_lifecycle_policy(name=\"example-lifecycle-policy\",\n type=\"retention\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessLifecyclePolicy.Invoke(new()\n {\n Name = \"example-lifecycle-policy\",\n Type = \"retention\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessLifecyclePolicy(ctx, \u0026opensearch.LookupServerlessLifecyclePolicyArgs{\n\t\t\tName: \"example-lifecycle-policy\",\n\t\t\tType: \"retention\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessLifecyclePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessLifecyclePolicy(GetServerlessLifecyclePolicyArgs.builder()\n .name(\"example-lifecycle-policy\")\n .type(\"retention\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessLifecyclePolicy\n Arguments:\n name: example-lifecycle-policy\n type: retention\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessLifecyclePolicy.\n", "properties": { "name": { "type": "string", "description": "Name of the policy\n" }, "type": { "type": "string", "description": "Type of lifecycle policy. Must be `retention`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "outputs": { "description": "A collection of values returned by getServerlessLifecyclePolicy.\n", "properties": { "createdDate": { "description": "The date the lifecycle policy was created.\n", "type": "string" }, "description": { "description": "Description of the policy. Typically used to store information about the permissions defined in the policy.\n", "type": "string" }, "id": { "type": "string" }, "lastModifiedDate": { "description": "The date the lifecycle policy was last modified.\n", "type": "string" }, "name": { "type": "string" }, "policy": { "description": "JSON policy document to use as the content for the new policy.\n", "type": "string" }, "policyVersion": { "description": "Version of the policy.\n", "type": "string" }, "type": { "type": "string" } }, "required": [ "createdDate", "description", "id", "lastModifiedDate", "name", "policy", "policyVersion", "type" ], "type": "object" } }, "aws:opensearch/getServerlessSecurityConfig:getServerlessSecurityConfig": { "description": "Data source for managing an AWS OpenSearch Serverless Security Config.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessSecurityConfig({\n id: \"saml/12345678912/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_security_config(id=\"saml/12345678912/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessSecurityConfig.Invoke(new()\n {\n Id = \"saml/12345678912/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessSecurityConfig(ctx, \u0026opensearch.LookupServerlessSecurityConfigArgs{\n\t\t\tId: \"saml/12345678912/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessSecurityConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessSecurityConfig(GetServerlessSecurityConfigArgs.builder()\n .id(\"saml/12345678912/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessSecurityConfig\n Arguments:\n id: saml/12345678912/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessSecurityConfig.\n", "properties": { "id": { "type": "string", "description": "The unique identifier of the security configuration.\n" }, "samlOptions": { "$ref": "#/types/aws:opensearch/getServerlessSecurityConfigSamlOptions:getServerlessSecurityConfigSamlOptions", "description": "SAML options for the security configuration.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getServerlessSecurityConfig.\n", "properties": { "configVersion": { "description": "The version of the security configuration.\n", "type": "string" }, "createdDate": { "description": "The date the configuration was created.\n", "type": "string" }, "description": { "description": "The description of the security configuration.\n", "type": "string" }, "id": { "type": "string" }, "lastModifiedDate": { "description": "The date the configuration was last modified.\n", "type": "string" }, "samlOptions": { "$ref": "#/types/aws:opensearch/getServerlessSecurityConfigSamlOptions:getServerlessSecurityConfigSamlOptions", "description": "SAML options for the security configuration.\n" }, "type": { "description": "The type of security configuration.\n", "type": "string" } }, "required": [ "configVersion", "createdDate", "description", "id", "lastModifiedDate", "type" ], "type": "object" } }, "aws:opensearch/getServerlessSecurityPolicy:getServerlessSecurityPolicy": { "description": "Use this data source to get information about an AWS OpenSearch Serverless Security Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessSecurityPolicy({\n name: \"example-security-policy\",\n type: \"encryption\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_security_policy(name=\"example-security-policy\",\n type=\"encryption\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessSecurityPolicy.Invoke(new()\n {\n Name = \"example-security-policy\",\n Type = \"encryption\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessSecurityPolicy(ctx, \u0026opensearch.LookupServerlessSecurityPolicyArgs{\n\t\t\tName: \"example-security-policy\",\n\t\t\tType: \"encryption\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessSecurityPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessSecurityPolicy(GetServerlessSecurityPolicyArgs.builder()\n .name(\"example-security-policy\")\n .type(\"encryption\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessSecurityPolicy\n Arguments:\n name: example-security-policy\n type: encryption\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessSecurityPolicy.\n", "properties": { "name": { "type": "string", "description": "Name of the policy\n" }, "type": { "type": "string", "description": "Type of security policy. One of `encryption` or `network`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "outputs": { "description": "A collection of values returned by getServerlessSecurityPolicy.\n", "properties": { "createdDate": { "description": "The date the security policy was created.\n", "type": "string" }, "description": { "description": "Description of the security policy.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastModifiedDate": { "description": "The date the security policy was last modified.\n", "type": "string" }, "name": { "type": "string" }, "policy": { "description": "The JSON policy document without any whitespaces.\n", "type": "string" }, "policyVersion": { "description": "Version of the policy.\n", "type": "string" }, "type": { "type": "string" } }, "required": [ "createdDate", "description", "lastModifiedDate", "name", "policy", "policyVersion", "type", "id" ], "type": "object" } }, "aws:opensearch/getServerlessVpcEndpoint:getServerlessVpcEndpoint": { "description": "Data source for managing an AWS OpenSearch Serverless VPC Endpoint.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.opensearch.getServerlessVpcEndpoint({\n vpcEndpointId: \"vpce-829a4487959e2a839\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.get_serverless_vpc_endpoint(vpc_endpoint_id=\"vpce-829a4487959e2a839\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.OpenSearch.GetServerlessVpcEndpoint.Invoke(new()\n {\n VpcEndpointId = \"vpce-829a4487959e2a839\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.LookupServerlessVpcEndpoint(ctx, \u0026opensearch.LookupServerlessVpcEndpointArgs{\n\t\t\tVpcEndpointId: \"vpce-829a4487959e2a839\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.OpensearchFunctions;\nimport com.pulumi.aws.opensearch.inputs.GetServerlessVpcEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OpensearchFunctions.getServerlessVpcEndpoint(GetServerlessVpcEndpointArgs.builder()\n .vpcEndpointId(\"vpce-829a4487959e2a839\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:opensearch:getServerlessVpcEndpoint\n Arguments:\n vpcEndpointId: vpce-829a4487959e2a839\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServerlessVpcEndpoint.\n", "properties": { "vpcEndpointId": { "type": "string", "description": "The unique identifier of the endpoint.\n" } }, "type": "object", "required": [ "vpcEndpointId" ] }, "outputs": { "description": "A collection of values returned by getServerlessVpcEndpoint.\n", "properties": { "createdDate": { "description": "The date the endpoint was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "The name of the endpoint.\n", "type": "string" }, "securityGroupIds": { "description": "The IDs of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.\n", "items": { "type": "string" }, "type": "array" }, "subnetIds": { "description": "The IDs of the subnets from which you access OpenSearch Serverless.\n", "items": { "type": "string" }, "type": "array" }, "vpcEndpointId": { "type": "string" }, "vpcId": { "description": "The ID of the VPC from which you access OpenSearch Serverless.\n", "type": "string" } }, "required": [ "createdDate", "name", "securityGroupIds", "subnetIds", "vpcEndpointId", "vpcId", "id" ], "type": "object" } }, "aws:organizations/getDelegatedAdministrators:getDelegatedAdministrators": { "description": "Get a list of AWS accounts that are designated as delegated administrators in this organization\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.organizations.getDelegatedAdministrators({\n servicePrincipal: \"SERVICE PRINCIPAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_delegated_administrators(service_principal=\"SERVICE PRINCIPAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Organizations.GetDelegatedAdministrators.Invoke(new()\n {\n ServicePrincipal = \"SERVICE PRINCIPAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.GetDelegatedAdministrators(ctx, \u0026organizations.GetDelegatedAdministratorsArgs{\n\t\t\tServicePrincipal: pulumi.StringRef(\"SERVICE PRINCIPAL\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetDelegatedAdministratorsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OrganizationsFunctions.getDelegatedAdministrators(GetDelegatedAdministratorsArgs.builder()\n .servicePrincipal(\"SERVICE PRINCIPAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:organizations:getDelegatedAdministrators\n Arguments:\n servicePrincipal: SERVICE PRINCIPAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDelegatedAdministrators.\n", "properties": { "servicePrincipal": { "type": "string", "description": "Specifies a service principal name. If specified, then the operation lists the delegated administrators only for the specified service. If you don't specify a service principal, the operation lists all delegated administrators for all services in your organization.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDelegatedAdministrators.\n", "properties": { "delegatedAdministrators": { "description": "The list of delegated administrators in your organization, which have the following attributes:\n", "items": { "$ref": "#/types/aws:organizations/getDelegatedAdministratorsDelegatedAdministrator:getDelegatedAdministratorsDelegatedAdministrator" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "servicePrincipal": { "type": "string" } }, "required": [ "delegatedAdministrators", "id" ], "type": "object" } }, "aws:organizations/getDelegatedServices:getDelegatedServices": { "description": "Get a list the AWS services for which the specified account is a delegated administrator\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.organizations.getDelegatedServices({\n accountId: \"AWS ACCOUNT ID\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_delegated_services(account_id=\"AWS ACCOUNT ID\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Organizations.GetDelegatedServices.Invoke(new()\n {\n AccountId = \"AWS ACCOUNT ID\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.GetDelegatedServices(ctx, \u0026organizations.GetDelegatedServicesArgs{\n\t\t\tAccountId: \"AWS ACCOUNT ID\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetDelegatedServicesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OrganizationsFunctions.getDelegatedServices(GetDelegatedServicesArgs.builder()\n .accountId(\"AWS ACCOUNT ID\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:organizations:getDelegatedServices\n Arguments:\n accountId: AWS ACCOUNT ID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDelegatedServices.\n", "properties": { "accountId": { "type": "string", "description": "Account ID number of a delegated administrator account in the organization.\n" } }, "type": "object", "required": [ "accountId" ] }, "outputs": { "description": "A collection of values returned by getDelegatedServices.\n", "properties": { "accountId": { "type": "string" }, "delegatedServices": { "description": "Services for which the account is a delegated administrator, which have the following attributes:\n", "items": { "$ref": "#/types/aws:organizations/getDelegatedServicesDelegatedService:getDelegatedServicesDelegatedService" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "accountId", "delegatedServices", "id" ], "type": "object" } }, "aws:organizations/getOrganization:getOrganization": { "description": "Get information about the organization that the user's account belongs to\n\n## Example Usage\n\n### List all account IDs for the organization\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.organizations.getOrganization({});\nexport const accountIds = example.then(example =\u003e example.accounts.map(__item =\u003e __item.id));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_organization()\npulumi.export(\"accountIds\", [__item.id for __item in example.accounts])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Organizations.GetOrganization.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"accountIds\"] = example.Apply(getOrganizationResult =\u003e getOrganizationResult.Accounts).Select(__item =\u003e __item.Id).ToList(),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := organizations.LookupOrganization(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nctx.Export(\"accountIds\", pulumi.StringArray(%!v(PANIC=Format method: fatal: A failure has occurred: unlowered splat expression @ example.pp:3,11-33)))\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OrganizationsFunctions.getOrganization();\n\n ctx.export(\"accountIds\", example.applyValue(getOrganizationResult -\u003e getOrganizationResult.accounts()).stream().map(element -\u003e element.id()).collect(toList()));\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS topic that can be interacted by the organization only\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.organizations.getOrganization({});\nconst snsTopic = new aws.sns.Topic(\"sns_topic\", {name: \"my-sns-topic\"});\nconst snsTopicPolicy = pulumi.all([example, snsTopic.arn]).apply(([example, arn]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:PrincipalOrgID\",\n values: [example.id],\n }],\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [arn],\n }],\n}));\nconst snsTopicPolicyTopicPolicy = new aws.sns.TopicPolicy(\"sns_topic_policy\", {\n arn: snsTopic.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.get_organization()\nsns_topic = aws.sns.Topic(\"sns_topic\", name=\"my-sns-topic\")\nsns_topic_policy = sns_topic.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n ],\n \"conditions\": [{\n \"test\": \"StringEquals\",\n \"variable\": \"aws:PrincipalOrgID\",\n \"values\": [example.id],\n }],\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [\"*\"],\n }],\n \"resources\": [arn],\n}]))\nsns_topic_policy_topic_policy = aws.sns.TopicPolicy(\"sns_topic_policy\",\n arn=sns_topic.arn,\n policy=sns_topic_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Organizations.GetOrganization.Invoke();\n\n var snsTopic = new Aws.Sns.Topic(\"sns_topic\", new()\n {\n Name = \"my-sns-topic\",\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:Publish\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:PrincipalOrgID\",\n Values = new[]\n {\n example.Apply(getOrganizationResult =\u003e getOrganizationResult.Id),\n },\n },\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n snsTopic.Arn,\n },\n },\n },\n });\n\n var snsTopicPolicyTopicPolicy = new Aws.Sns.TopicPolicy(\"sns_topic_policy\", new()\n {\n Arn = snsTopic.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := organizations.LookupOrganization(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nsnsTopic, err := sns.NewTopic(ctx, \"sns_topic\", \u0026sns.TopicArgs{\nName: pulumi.String(\"my-sns-topic\"),\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := snsTopic.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: \"Allow\",\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:Publish\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"aws:PrincipalOrgID\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: interface{}{\narn,\n},\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"sns_topic_policy\", \u0026sns.TopicPolicyArgs{\nArn: snsTopic.Arn,\nPolicy: pulumi.String(snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OrganizationsFunctions.getOrganization();\n\n var snsTopic = new Topic(\"snsTopic\", TopicArgs.builder()\n .name(\"my-sns-topic\")\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"SNS:Subscribe\",\n \"SNS:Publish\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:PrincipalOrgID\")\n .values(example.applyValue(getOrganizationResult -\u003e getOrganizationResult.id()))\n .build())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(snsTopic.arn())\n .build())\n .build());\n\n var snsTopicPolicyTopicPolicy = new TopicPolicy(\"snsTopicPolicyTopicPolicy\", TopicPolicyArgs.builder()\n .arn(snsTopic.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n snsTopic:\n type: aws:sns:Topic\n name: sns_topic\n properties:\n name: my-sns-topic\n snsTopicPolicyTopicPolicy:\n type: aws:sns:TopicPolicy\n name: sns_topic_policy\n properties:\n arn: ${snsTopic.arn}\n policy: ${snsTopicPolicy.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - SNS:Subscribe\n - SNS:Publish\n conditions:\n - test: StringEquals\n variable: aws:PrincipalOrgID\n values:\n - ${example.id}\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - ${snsTopic.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getOrganization.\n", "properties": { "accounts": { "description": "List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationAccount:getOrganizationAccount" }, "type": "array" }, "arn": { "description": "ARN of the root\n", "type": "string" }, "awsServiceAccessPrincipals": { "description": "A list of AWS service principal names that have integration enabled with your organization. Organization must have `feature_set` set to `ALL`. For additional information, see the [AWS Organizations User Guide](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html).\n", "items": { "type": "string" }, "type": "array" }, "enabledPolicyTypes": { "description": "A list of Organizations policy types that are enabled in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `SERVICE_CONTROL_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n", "items": { "type": "string" }, "type": "array" }, "featureSet": { "description": "FeatureSet of the organization.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "masterAccountArn": { "description": "ARN of the account that is designated as the master account for the organization.\n", "type": "string" }, "masterAccountEmail": { "description": "The email address that is associated with the AWS account that is designated as the master account for the organization.\n", "type": "string" }, "masterAccountId": { "description": "Unique identifier (ID) of the master account of an organization.\n", "type": "string" }, "masterAccountName": { "description": "Name of the master account of an organization.\n", "type": "string" }, "nonMasterAccounts": { "description": "List of organization accounts excluding the master account. For a list including the master account, see the `accounts` attribute. All elements have these attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationNonMasterAccount:getOrganizationNonMasterAccount" }, "type": "array" }, "roots": { "description": "List of organization roots. All elements have these attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationRoot:getOrganizationRoot" }, "type": "array" } }, "required": [ "accounts", "arn", "awsServiceAccessPrincipals", "enabledPolicyTypes", "featureSet", "masterAccountArn", "masterAccountEmail", "masterAccountId", "masterAccountName", "nonMasterAccounts", "roots", "id" ], "type": "object" } }, "aws:organizations/getOrganizationalUnit:getOrganizationalUnit": { "description": "Data source for getting an AWS Organizations Organizational Unit.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = aws.organizations.getOrganization({});\nconst ou = org.then(org =\u003e aws.organizations.getOrganizationalUnit({\n parentId: org.roots?.[0]?.id,\n name: \"dev\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.get_organization()\nou = aws.organizations.get_organizational_unit(parent_id=org.roots[0].id,\n name=\"dev\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = Aws.Organizations.GetOrganization.Invoke();\n\n var ou = Aws.Organizations.GetOrganizationalUnit.Invoke(new()\n {\n ParentId = org.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n Name = \"dev\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torg, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.LookupOrganizationalUnit(ctx, \u0026organizations.LookupOrganizationalUnitArgs{\n\t\t\tParentId: org.Roots[0].Id,\n\t\t\tName: \"dev\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetOrganizationalUnitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var org = OrganizationsFunctions.getOrganization();\n\n final var ou = OrganizationsFunctions.getOrganizationalUnit(GetOrganizationalUnitArgs.builder()\n .parentId(org.applyValue(getOrganizationResult -\u003e getOrganizationResult.roots()[0].id()))\n .name(\"dev\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n org:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n ou:\n fn::invoke:\n Function: aws:organizations:getOrganizationalUnit\n Arguments:\n parentId: ${org.roots[0].id}\n name: dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrganizationalUnit.\n", "properties": { "name": { "type": "string", "description": "Name of the organizational unit\n" }, "parentId": { "type": "string", "description": "Parent ID of the organizational unit.\n" } }, "type": "object", "required": [ "name", "parentId" ] }, "outputs": { "description": "A collection of values returned by getOrganizationalUnit.\n", "properties": { "arn": { "description": "ARN of the organizational unit\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "parentId": { "type": "string" } }, "required": [ "arn", "name", "parentId", "id" ], "type": "object" } }, "aws:organizations/getOrganizationalUnitChildAccounts:getOrganizationalUnitChildAccounts": { "description": "Get all direct child accounts under a parent organizational unit. This only provides immediate children, not all children.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = aws.organizations.getOrganization({});\nconst accounts = org.then(org =\u003e aws.organizations.getOrganizationalUnitChildAccounts({\n parentId: org.roots?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.get_organization()\naccounts = aws.organizations.get_organizational_unit_child_accounts(parent_id=org.roots[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = Aws.Organizations.GetOrganization.Invoke();\n\n var accounts = Aws.Organizations.GetOrganizationalUnitChildAccounts.Invoke(new()\n {\n ParentId = org.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torg, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.GetOrganizationalUnitChildAccounts(ctx, \u0026organizations.GetOrganizationalUnitChildAccountsArgs{\n\t\t\tParentId: org.Roots[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetOrganizationalUnitChildAccountsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var org = OrganizationsFunctions.getOrganization();\n\n final var accounts = OrganizationsFunctions.getOrganizationalUnitChildAccounts(GetOrganizationalUnitChildAccountsArgs.builder()\n .parentId(org.applyValue(getOrganizationResult -\u003e getOrganizationResult.roots()[0].id()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n org:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n accounts:\n fn::invoke:\n Function: aws:organizations:getOrganizationalUnitChildAccounts\n Arguments:\n parentId: ${org.roots[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrganizationalUnitChildAccounts.\n", "properties": { "parentId": { "type": "string", "description": "The parent ID of the accounts.\n" } }, "type": "object", "required": [ "parentId" ] }, "outputs": { "description": "A collection of values returned by getOrganizationalUnitChildAccounts.\n", "properties": { "accounts": { "description": "List of child accounts, which have the following attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationalUnitChildAccountsAccount:getOrganizationalUnitChildAccountsAccount" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parentId": { "type": "string" } }, "required": [ "accounts", "parentId", "id" ], "type": "object" } }, "aws:organizations/getOrganizationalUnitDescendantAccounts:getOrganizationalUnitDescendantAccounts": { "description": "Get all direct child accounts under a parent organizational unit. This provides all children.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = aws.organizations.getOrganization({});\nconst accounts = org.then(org =\u003e aws.organizations.getOrganizationalUnitDescendantAccounts({\n parentId: org.roots?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.get_organization()\naccounts = aws.organizations.get_organizational_unit_descendant_accounts(parent_id=org.roots[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = Aws.Organizations.GetOrganization.Invoke();\n\n var accounts = Aws.Organizations.GetOrganizationalUnitDescendantAccounts.Invoke(new()\n {\n ParentId = org.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torg, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.GetOrganizationalUnitDescendantAccounts(ctx, \u0026organizations.GetOrganizationalUnitDescendantAccountsArgs{\n\t\t\tParentId: org.Roots[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetOrganizationalUnitDescendantAccountsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var org = OrganizationsFunctions.getOrganization();\n\n final var accounts = OrganizationsFunctions.getOrganizationalUnitDescendantAccounts(GetOrganizationalUnitDescendantAccountsArgs.builder()\n .parentId(org.applyValue(getOrganizationResult -\u003e getOrganizationResult.roots()[0].id()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n org:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n accounts:\n fn::invoke:\n Function: aws:organizations:getOrganizationalUnitDescendantAccounts\n Arguments:\n parentId: ${org.roots[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrganizationalUnitDescendantAccounts.\n", "properties": { "parentId": { "type": "string", "description": "The parent ID of the accounts.\n" } }, "type": "object", "required": [ "parentId" ] }, "outputs": { "description": "A collection of values returned by getOrganizationalUnitDescendantAccounts.\n", "properties": { "accounts": { "description": "List of child accounts, which have the following attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationalUnitDescendantAccountsAccount:getOrganizationalUnitDescendantAccountsAccount" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parentId": { "type": "string" } }, "required": [ "accounts", "parentId", "id" ], "type": "object" } }, "aws:organizations/getOrganizationalUnits:getOrganizationalUnits": { "description": "Get all direct child organizational units under a parent organizational unit. This only provides immediate children, not all children.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst org = aws.organizations.getOrganization({});\nconst ou = org.then(org =\u003e aws.organizations.getOrganizationalUnits({\n parentId: org.roots?.[0]?.id,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\norg = aws.organizations.get_organization()\nou = aws.organizations.get_organizational_units(parent_id=org.roots[0].id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = Aws.Organizations.GetOrganization.Invoke();\n\n var ou = Aws.Organizations.GetOrganizationalUnits.Invoke(new()\n {\n ParentId = org.Apply(getOrganizationResult =\u003e getOrganizationResult.Roots[0]?.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\torg, err := organizations.LookupOrganization(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.GetOrganizationalUnits(ctx, \u0026organizations.GetOrganizationalUnitsArgs{\n\t\t\tParentId: org.Roots[0].Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetOrganizationalUnitsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var org = OrganizationsFunctions.getOrganization();\n\n final var ou = OrganizationsFunctions.getOrganizationalUnits(GetOrganizationalUnitsArgs.builder()\n .parentId(org.applyValue(getOrganizationResult -\u003e getOrganizationResult.roots()[0].id()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n org:\n fn::invoke:\n Function: aws:organizations:getOrganization\n Arguments: {}\n ou:\n fn::invoke:\n Function: aws:organizations:getOrganizationalUnits\n Arguments:\n parentId: ${org.roots[0].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrganizationalUnits.\n", "properties": { "parentId": { "type": "string", "description": "Parent ID of the organizational unit.\n" } }, "type": "object", "required": [ "parentId" ] }, "outputs": { "description": "A collection of values returned by getOrganizationalUnits.\n", "properties": { "children": { "description": "List of child organizational units, which have the following attributes:\n", "items": { "$ref": "#/types/aws:organizations/getOrganizationalUnitsChild:getOrganizationalUnitsChild" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "parentId": { "type": "string" } }, "required": [ "children", "parentId", "id" ], "type": "object" } }, "aws:organizations/getPolicies:getPolicies": { "description": "Data source for managing an AWS Organizations Policies.\n\n## Example Usage\n\n", "inputs": { "description": "A collection of arguments for invoking getPolicies.\n", "properties": { "filter": { "type": "string", "description": "The type of policies to be returned in the response. Valid values are `SERVICE_CONTROL_POLICY | TAG_POLICY | BACKUP_POLICY | AISERVICES_OPT_OUT_POLICY`\n" } }, "type": "object", "required": [ "filter" ] }, "outputs": { "description": "A collection of values returned by getPolicies.\n", "properties": { "filter": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the policy ids found.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "filter", "ids", "id" ], "type": "object" } }, "aws:organizations/getPoliciesForTarget:getPoliciesForTarget": { "description": "Data source for managing an AWS Organizations Policies For Target.\n\n## Example Usage\n\n", "inputs": { "description": "A collection of arguments for invoking getPoliciesForTarget.\n", "properties": { "filter": { "type": "string", "description": "Must supply one of the 4 different policy filters for a target (SERVICE_CONTROL_POLICY | TAG_POLICY | BACKUP_POLICY | AISERVICES_OPT_OUT_POLICY)\n" }, "targetId": { "type": "string", "description": "The root (string that begins with \"r-\" followed by 4-32 lowercase letters or digits), account (12 digit string), or Organizational Unit (string starting with \"ou-\" followed by 4-32 lowercase letters or digits. This string is followed by a second \"-\" dash and from 8-32 additional lowercase letters or digits.)\n" } }, "type": "object", "required": [ "filter", "targetId" ] }, "outputs": { "description": "A collection of values returned by getPoliciesForTarget.\n", "properties": { "filter": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of all the policy ids found.\n", "items": { "type": "string" }, "type": "array" }, "targetId": { "type": "string" } }, "required": [ "filter", "ids", "targetId", "id" ], "type": "object" } }, "aws:organizations/getPolicy:getPolicy": { "description": "Data source for managing an AWS Organizations Policy.\n\n## Example Usage\n\n", "inputs": { "description": "A collection of arguments for invoking getPolicy.\n", "properties": { "policyId": { "type": "string", "description": "The unique identifier (ID) of the policy that you want more details on. Policy id starts with a \"p-\" followed by 8-28 lowercase or uppercase letters, digits, and underscores.\n" } }, "type": "object", "required": [ "policyId" ] }, "outputs": { "description": "A collection of values returned by getPolicy.\n", "properties": { "arn": { "description": "The Amazon Resource Name of the policy.\n", "type": "string" }, "awsManaged": { "description": "Indicates if a policy is an AWS managed policy.\n", "type": "boolean" }, "content": { "description": "The text content of the policy.\n", "type": "string" }, "description": { "description": "The description of the policy.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "The friendly name of the policy.\n", "type": "string" }, "policyId": { "type": "string" }, "type": { "description": "The type of policy values can be `SERVICE_CONTROL_POLICY | TAG_POLICY | BACKUP_POLICY | AISERVICES_OPT_OUT_POLICY`\n", "type": "string" } }, "required": [ "arn", "awsManaged", "content", "description", "name", "policyId", "type", "id" ], "type": "object" } }, "aws:organizations/getResourceTags:getResourceTags": { "description": "Get tags attached to the specified AWS Organizations resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = aws.organizations.getResourceTags({\n resourceId: \"123456123846\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.organizations.get_resource_tags(resource_id=\"123456123846\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = Aws.Organizations.GetResourceTags.Invoke(new()\n {\n ResourceId = \"123456123846\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.GetResourceTags(ctx, \u0026organizations.GetResourceTagsArgs{\n\t\t\tResourceId: \"123456123846\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.OrganizationsFunctions;\nimport com.pulumi.aws.organizations.inputs.GetResourceTagsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var account = OrganizationsFunctions.getResourceTags(GetResourceTagsArgs.builder()\n .resourceId(\"123456123846\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n account:\n fn::invoke:\n Function: aws:organizations:getResourceTags\n Arguments:\n resourceId: '123456123846'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResourceTags.\n", "properties": { "resourceId": { "type": "string", "description": "ID of the resource with the tags to list. See details below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of key=value pairs for each tag set on the resource.\n" } }, "type": "object", "required": [ "resourceId" ] }, "outputs": { "description": "A collection of values returned by getResourceTags.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "resourceId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of key=value pairs for each tag set on the resource.\n", "type": "object" } }, "required": [ "resourceId", "tags", "id" ], "type": "object" } }, "aws:outposts/getAsset:getAsset": { "description": "Information about a specific hardware asset in an Outpost.\n\n", "inputs": { "description": "A collection of arguments for invoking getAsset.\n", "properties": { "arn": { "type": "string", "description": "Outpost ARN.\n" }, "assetId": { "type": "string", "description": "ID of the asset.\n" } }, "type": "object", "required": [ "arn", "assetId" ] }, "outputs": { "description": "A collection of values returned by getAsset.\n", "properties": { "arn": { "type": "string" }, "assetId": { "type": "string" }, "assetType": { "description": "Type of the asset.\n", "type": "string" }, "hostId": { "description": "Host ID of the Dedicated Hosts on the asset, if a Dedicated Host is provisioned.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "rackElevation": { "description": "Position of an asset in a rack measured in rack units.\n", "type": "integer" }, "rackId": { "description": "Rack ID of the asset.\n", "type": "string" } }, "required": [ "arn", "assetId", "assetType", "hostId", "rackElevation", "rackId", "id" ], "type": "object" } }, "aws:outposts/getAssets:getAssets": { "description": "Information about hardware assets in an Outpost.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getAssets({\n arn: exampleAwsOutpostsOutpost.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_assets(arn=example_aws_outposts_outpost[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetAssets.Invoke(new()\n {\n Arn = exampleAwsOutpostsOutpost.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetAssets(ctx, \u0026outposts.GetAssetsArgs{\n\t\t\tArn: exampleAwsOutpostsOutpost.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetAssetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getAssets(GetAssetsArgs.builder()\n .arn(exampleAwsOutpostsOutpost.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getAssets\n Arguments:\n arn: ${exampleAwsOutpostsOutpost.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Host ID Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getAssets({\n arn: exampleAwsOutpostsOutpost.arn,\n hostIdFilters: [\"h-x38g5n0yd2a0ueb61\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_assets(arn=example_aws_outposts_outpost[\"arn\"],\n host_id_filters=[\"h-x38g5n0yd2a0ueb61\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetAssets.Invoke(new()\n {\n Arn = exampleAwsOutpostsOutpost.Arn,\n HostIdFilters = new[]\n {\n \"h-x38g5n0yd2a0ueb61\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetAssets(ctx, \u0026outposts.GetAssetsArgs{\n\t\t\tArn: exampleAwsOutpostsOutpost.Arn,\n\t\t\tHostIdFilters: []string{\n\t\t\t\t\"h-x38g5n0yd2a0ueb61\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetAssetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getAssets(GetAssetsArgs.builder()\n .arn(exampleAwsOutpostsOutpost.arn())\n .hostIdFilters(\"h-x38g5n0yd2a0ueb61\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getAssets\n Arguments:\n arn: ${exampleAwsOutpostsOutpost.arn}\n hostIdFilters:\n - h-x38g5n0yd2a0ueb61\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Status ID Filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getAssets({\n arn: exampleAwsOutpostsOutpost.arn,\n statusIdFilters: [\"ACTIVE\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_assets(arn=example_aws_outposts_outpost[\"arn\"],\n status_id_filters=[\"ACTIVE\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetAssets.Invoke(new()\n {\n Arn = exampleAwsOutpostsOutpost.Arn,\n StatusIdFilters = new[]\n {\n \"ACTIVE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetAssets(ctx, \u0026outposts.GetAssetsArgs{\n\t\t\tArn: exampleAwsOutpostsOutpost.Arn,\n\t\t\tStatusIdFilters: []string{\n\t\t\t\t\"ACTIVE\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetAssetsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getAssets(GetAssetsArgs.builder()\n .arn(exampleAwsOutpostsOutpost.arn())\n .statusIdFilters(\"ACTIVE\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getAssets\n Arguments:\n arn: ${exampleAwsOutpostsOutpost.arn}\n statusIdFilters:\n - ACTIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAssets.\n", "properties": { "arn": { "type": "string", "description": "Outpost ARN.\n" }, "hostIdFilters": { "type": "array", "items": { "type": "string" }, "description": "Filters by list of Host IDs of a Dedicated Host.\n" }, "statusIdFilters": { "type": "array", "items": { "type": "string" }, "description": "Filters by list of state status. Valid values: \"ACTIVE\", \"RETIRING\".\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getAssets.\n", "properties": { "arn": { "type": "string" }, "assetIds": { "description": "List of all the asset ids found. This data source will fail if none are found.\n", "items": { "type": "string" }, "type": "array" }, "hostIdFilters": { "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "statusIdFilters": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "assetIds", "id" ], "type": "object" } }, "aws:outposts/getOutpost:getOutpost": { "description": "Provides details about an Outposts Outpost.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutpost({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outpost(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetOutpost.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetOutpost(ctx, \u0026outposts.GetOutpostArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetOutpostArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getOutpost(GetOutpostArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getOutpost\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOutpost.\n", "properties": { "arn": { "type": "string", "description": "ARN.\n" }, "id": { "type": "string", "description": "Identifier of the Outpost.\n" }, "name": { "type": "string", "description": "Name of the Outpost.\n" }, "ownerId": { "type": "string", "description": "AWS Account identifier of the Outpost owner.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Outpost tags.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOutpost.\n", "properties": { "arn": { "type": "string" }, "availabilityZone": { "description": "Availability Zone name.\n", "type": "string" }, "availabilityZoneId": { "description": "Availability Zone identifier.\n", "type": "string" }, "description": { "description": "The description of the Outpost.\n", "type": "string" }, "id": { "type": "string" }, "lifecycleStatus": { "description": "The life cycle status.\n", "type": "string" }, "name": { "type": "string" }, "ownerId": { "type": "string" }, "siteArn": { "description": "The Amazon Resource Name (ARN) of the site.\n", "type": "string" }, "siteId": { "description": "The ID of the site.\n", "type": "string" }, "supportedHardwareType": { "description": "The hardware type.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "The Outpost tags.\n", "type": "object" } }, "required": [ "arn", "availabilityZone", "availabilityZoneId", "description", "id", "lifecycleStatus", "name", "siteArn", "siteId", "supportedHardwareType", "tags" ], "type": "object" } }, "aws:outposts/getOutpostInstanceType:getOutpostInstanceType": { "description": "Information about single Outpost Instance Type.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutpostInstanceType({\n arn: exampleAwsOutpostsOutpost.arn,\n preferredInstanceTypes: [\n \"m5.large\",\n \"m5.4xlarge\",\n ],\n});\nconst exampleEc2Instance = new aws.index.Ec2Instance(\"example\", {instanceType: example.instanceType});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outpost_instance_type(arn=example_aws_outposts_outpost[\"arn\"],\n preferred_instance_types=[\n \"m5.large\",\n \"m5.4xlarge\",\n ])\nexample_ec2_instance = aws.index.Ec2Instance(\"example\", instance_type=example.instance_type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetOutpostInstanceType.Invoke(new()\n {\n Arn = exampleAwsOutpostsOutpost.Arn,\n PreferredInstanceTypes = new[]\n {\n \"m5.large\",\n \"m5.4xlarge\",\n },\n });\n\n var exampleEc2Instance = new Aws.Index.Ec2Instance(\"example\", new()\n {\n InstanceType = example.Apply(getOutpostInstanceTypeResult =\u003e getOutpostInstanceTypeResult.InstanceType),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := outposts.GetOutpostInstanceType(ctx, \u0026outposts.GetOutpostInstanceTypeArgs{\n\t\t\tArn: exampleAwsOutpostsOutpost.Arn,\n\t\t\tPreferredInstanceTypes: []string{\n\t\t\t\t\"m5.large\",\n\t\t\t\t\"m5.4xlarge\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewEc2Instance(ctx, \"example\", \u0026aws.Ec2InstanceArgs{\n\t\t\tInstanceType: example.InstanceType,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetOutpostInstanceTypeArgs;\nimport com.pulumi.aws.ec2Instance;\nimport com.pulumi.aws.Ec2InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getOutpostInstanceType(GetOutpostInstanceTypeArgs.builder()\n .arn(exampleAwsOutpostsOutpost.arn())\n .preferredInstanceTypes( \n \"m5.large\",\n \"m5.4xlarge\")\n .build());\n\n var exampleEc2Instance = new Ec2Instance(\"exampleEc2Instance\", Ec2InstanceArgs.builder()\n .instanceType(example.applyValue(getOutpostInstanceTypeResult -\u003e getOutpostInstanceTypeResult.instanceType()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleEc2Instance:\n type: aws:ec2Instance\n name: example\n properties:\n instanceType: ${example.instanceType}\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getOutpostInstanceType\n Arguments:\n arn: ${exampleAwsOutpostsOutpost.arn}\n preferredInstanceTypes:\n - m5.large\n - m5.4xlarge\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOutpostInstanceType.\n", "properties": { "arn": { "type": "string", "description": "Outpost ARN.\n\nThe following arguments are optional:\n" }, "instanceType": { "type": "string", "description": "Desired instance type. Conflicts with `preferred_instance_types`.\n" }, "preferredInstanceTypes": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred instance types. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned. Conflicts with `instance_type`.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getOutpostInstanceType.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceType": { "type": "string" }, "preferredInstanceTypes": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "instanceType", "id" ], "type": "object" } }, "aws:outposts/getOutpostInstanceTypes:getOutpostInstanceTypes": { "description": "Information about Outposts Instance Types.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutpostInstanceTypes({\n arn: exampleAwsOutpostsOutpost.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outpost_instance_types(arn=example_aws_outposts_outpost[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetOutpostInstanceTypes.Invoke(new()\n {\n Arn = exampleAwsOutpostsOutpost.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetOutpostInstanceTypes(ctx, \u0026outposts.GetOutpostInstanceTypesArgs{\n\t\t\tArn: exampleAwsOutpostsOutpost.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetOutpostInstanceTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getOutpostInstanceTypes(GetOutpostInstanceTypesArgs.builder()\n .arn(exampleAwsOutpostsOutpost.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getOutpostInstanceTypes\n Arguments:\n arn: ${exampleAwsOutpostsOutpost.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOutpostInstanceTypes.\n", "properties": { "arn": { "type": "string", "description": "Outpost ARN.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getOutpostInstanceTypes.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceTypes": { "description": "Set of instance types.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "instanceTypes", "id" ], "type": "object" } }, "aws:outposts/getOutposts:getOutposts": { "description": "Provides details about multiple Outposts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getOutposts({\n siteId: id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_outposts(site_id=id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetOutposts.Invoke(new()\n {\n SiteId = id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetOutposts(ctx, \u0026outposts.GetOutpostsArgs{\n\t\t\tSiteId: pulumi.StringRef(id),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetOutpostsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getOutposts(GetOutpostsArgs.builder()\n .siteId(id)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getOutposts\n Arguments:\n siteId: ${id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOutposts.\n", "properties": { "availabilityZone": { "type": "string", "description": "Availability Zone name.\n" }, "availabilityZoneId": { "type": "string", "description": "Availability Zone identifier.\n" }, "ownerId": { "type": "string", "description": "AWS Account identifier of the Outpost owner.\n" }, "siteId": { "type": "string", "description": "Site identifier.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOutposts.\n", "properties": { "arns": { "description": "Set of Amazon Resource Names (ARNs).\n", "items": { "type": "string" }, "type": "array" }, "availabilityZone": { "type": "string" }, "availabilityZoneId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of identifiers.\n", "items": { "type": "string" }, "type": "array" }, "ownerId": { "type": "string" }, "siteId": { "type": "string" } }, "required": [ "arns", "availabilityZone", "availabilityZoneId", "ids", "ownerId", "siteId", "id" ], "type": "object" } }, "aws:outposts/getSite:getSite": { "description": "Provides details about an Outposts Site.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.outposts.getSite({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.outposts.get_site(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Outposts.GetSite.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetSite(ctx, \u0026outposts.GetSiteArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport com.pulumi.aws.outposts.inputs.GetSiteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OutpostsFunctions.getSite(GetSiteArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:outposts:getSite\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSite.\n", "properties": { "id": { "type": "string", "description": "Identifier of the Site.\n" }, "name": { "type": "string", "description": "Name of the Site.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSite.\n", "properties": { "accountId": { "description": "AWS Account identifier.\n", "type": "string" }, "description": { "description": "Description.\n", "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" } }, "required": [ "accountId", "description", "id", "name" ], "type": "object" } }, "aws:outposts/getSites:getSites": { "description": "Provides details about multiple Outposts Sites.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst all = aws.outposts.getSites({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nall = aws.outposts.get_sites()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = Aws.Outposts.GetSites.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := outposts.GetSites(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.outposts.OutpostsFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = OutpostsFunctions.getSites();\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n Function: aws:outposts:getSites\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getSites.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of Outposts Site identifiers.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:polly/getVoices:getVoices": { "description": "Data source for managing an AWS Polly Voices.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.polly.getVoices({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.polly.get_voices()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Polly.GetVoices.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/polly\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := polly.GetVoices(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.polly.PollyFunctions;\nimport com.pulumi.aws.polly.inputs.GetVoicesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = PollyFunctions.getVoices();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:polly:getVoices\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Language Code\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.polly.getVoices({\n languageCode: \"en-GB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.polly.get_voices(language_code=\"en-GB\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Polly.GetVoices.Invoke(new()\n {\n LanguageCode = \"en-GB\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/polly\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := polly.GetVoices(ctx, \u0026polly.GetVoicesArgs{\n\t\t\tLanguageCode: pulumi.StringRef(\"en-GB\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.polly.PollyFunctions;\nimport com.pulumi.aws.polly.inputs.GetVoicesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = PollyFunctions.getVoices(GetVoicesArgs.builder()\n .languageCode(\"en-GB\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:polly:getVoices\n Arguments:\n languageCode: en-GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getVoices.\n", "properties": { "engine": { "type": "string", "description": "Engine used by Amazon Polly when processing input text for speech synthesis. Valid values are `standard`, `neural`, and `long-form`.\n" }, "includeAdditionalLanguageCodes": { "type": "boolean", "description": "Whether to return any bilingual voices that use the specified language as an additional language.\n" }, "languageCode": { "type": "string", "description": "Language identification tag for filtering the list of voices returned. If not specified, all available voices are returned.\n" }, "voices": { "type": "array", "items": { "$ref": "#/types/aws:polly/getVoicesVoice:getVoicesVoice" }, "description": "List of voices with their properties. See `voices` Attribute Reference below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getVoices.\n", "properties": { "engine": { "type": "string" }, "id": { "description": "Amazon Polly assigned voice ID.\n", "type": "string" }, "includeAdditionalLanguageCodes": { "type": "boolean" }, "languageCode": { "description": "Language code of the voice.\n", "type": "string" }, "voices": { "description": "List of voices with their properties. See `voices` Attribute Reference below.\n", "items": { "$ref": "#/types/aws:polly/getVoicesVoice:getVoicesVoice" }, "type": "array" } }, "required": [ "id" ], "type": "object" } }, "aws:pricing/getProduct:getProduct": { "description": "Use this data source to get the pricing information of all products in AWS.\nThis data source is only available in a us-east-1 or ap-south-1 provider.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.pricing.getProduct({\n serviceCode: \"AmazonEC2\",\n filters: [\n {\n field: \"instanceType\",\n value: \"c5.xlarge\",\n },\n {\n field: \"operatingSystem\",\n value: \"Linux\",\n },\n {\n field: \"location\",\n value: \"US East (N. Virginia)\",\n },\n {\n field: \"preInstalledSw\",\n value: \"NA\",\n },\n {\n field: \"licenseModel\",\n value: \"No License required\",\n },\n {\n field: \"tenancy\",\n value: \"Shared\",\n },\n {\n field: \"capacitystatus\",\n value: \"Used\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pricing.get_product(service_code=\"AmazonEC2\",\n filters=[\n {\n \"field\": \"instanceType\",\n \"value\": \"c5.xlarge\",\n },\n {\n \"field\": \"operatingSystem\",\n \"value\": \"Linux\",\n },\n {\n \"field\": \"location\",\n \"value\": \"US East (N. Virginia)\",\n },\n {\n \"field\": \"preInstalledSw\",\n \"value\": \"NA\",\n },\n {\n \"field\": \"licenseModel\",\n \"value\": \"No License required\",\n },\n {\n \"field\": \"tenancy\",\n \"value\": \"Shared\",\n },\n {\n \"field\": \"capacitystatus\",\n \"value\": \"Used\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Pricing.GetProduct.Invoke(new()\n {\n ServiceCode = \"AmazonEC2\",\n Filters = new[]\n {\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"instanceType\",\n Value = \"c5.xlarge\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"operatingSystem\",\n Value = \"Linux\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"location\",\n Value = \"US East (N. Virginia)\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"preInstalledSw\",\n Value = \"NA\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"licenseModel\",\n Value = \"No License required\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"tenancy\",\n Value = \"Shared\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"capacitystatus\",\n Value = \"Used\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pricing\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pricing.GetProduct(ctx, \u0026pricing.GetProductArgs{\n\t\t\tServiceCode: \"AmazonEC2\",\n\t\t\tFilters: []pricing.GetProductFilter{\n\t\t\t\t{\n\t\t\t\t\tField: \"instanceType\",\n\t\t\t\t\tValue: \"c5.xlarge\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"operatingSystem\",\n\t\t\t\t\tValue: \"Linux\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"location\",\n\t\t\t\t\tValue: \"US East (N. Virginia)\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"preInstalledSw\",\n\t\t\t\t\tValue: \"NA\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"licenseModel\",\n\t\t\t\t\tValue: \"No License required\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"tenancy\",\n\t\t\t\t\tValue: \"Shared\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"capacitystatus\",\n\t\t\t\t\tValue: \"Used\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pricing.PricingFunctions;\nimport com.pulumi.aws.pricing.inputs.GetProductArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = PricingFunctions.getProduct(GetProductArgs.builder()\n .serviceCode(\"AmazonEC2\")\n .filters( \n GetProductFilterArgs.builder()\n .field(\"instanceType\")\n .value(\"c5.xlarge\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"operatingSystem\")\n .value(\"Linux\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"location\")\n .value(\"US East (N. Virginia)\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"preInstalledSw\")\n .value(\"NA\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"licenseModel\")\n .value(\"No License required\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"tenancy\")\n .value(\"Shared\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"capacitystatus\")\n .value(\"Used\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:pricing:getProduct\n Arguments:\n serviceCode: AmazonEC2\n filters:\n - field: instanceType\n value: c5.xlarge\n - field: operatingSystem\n value: Linux\n - field: location\n value: US East (N. Virginia)\n - field: preInstalledSw\n value: NA\n - field: licenseModel\n value: No License required\n - field: tenancy\n value: Shared\n - field: capacitystatus\n value: Used\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.pricing.getProduct({\n serviceCode: \"AmazonRedshift\",\n filters: [\n {\n field: \"instanceType\",\n value: \"ds1.xlarge\",\n },\n {\n field: \"location\",\n value: \"US East (N. Virginia)\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pricing.get_product(service_code=\"AmazonRedshift\",\n filters=[\n {\n \"field\": \"instanceType\",\n \"value\": \"ds1.xlarge\",\n },\n {\n \"field\": \"location\",\n \"value\": \"US East (N. Virginia)\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Pricing.GetProduct.Invoke(new()\n {\n ServiceCode = \"AmazonRedshift\",\n Filters = new[]\n {\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"instanceType\",\n Value = \"ds1.xlarge\",\n },\n new Aws.Pricing.Inputs.GetProductFilterInputArgs\n {\n Field = \"location\",\n Value = \"US East (N. Virginia)\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pricing\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pricing.GetProduct(ctx, \u0026pricing.GetProductArgs{\n\t\t\tServiceCode: \"AmazonRedshift\",\n\t\t\tFilters: []pricing.GetProductFilter{\n\t\t\t\t{\n\t\t\t\t\tField: \"instanceType\",\n\t\t\t\t\tValue: \"ds1.xlarge\",\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tField: \"location\",\n\t\t\t\t\tValue: \"US East (N. Virginia)\",\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pricing.PricingFunctions;\nimport com.pulumi.aws.pricing.inputs.GetProductArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = PricingFunctions.getProduct(GetProductArgs.builder()\n .serviceCode(\"AmazonRedshift\")\n .filters( \n GetProductFilterArgs.builder()\n .field(\"instanceType\")\n .value(\"ds1.xlarge\")\n .build(),\n GetProductFilterArgs.builder()\n .field(\"location\")\n .value(\"US East (N. Virginia)\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:pricing:getProduct\n Arguments:\n serviceCode: AmazonRedshift\n filters:\n - field: instanceType\n value: ds1.xlarge\n - field: location\n value: US East (N. Virginia)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProduct.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:pricing/getProductFilter:getProductFilter" }, "description": "List of filters. Passed directly to the API (see GetProducts API reference). These filters must describe a single product, this resource will fail if more than one product is returned by the API.\n" }, "serviceCode": { "type": "string", "description": "Code of the service. Available service codes can be fetched using the DescribeServices pricing API call.\n" } }, "type": "object", "required": [ "filters", "serviceCode" ] }, "outputs": { "description": "A collection of values returned by getProduct.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:pricing/getProductFilter:getProductFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "result": { "description": "Set to the product returned from the API.\n", "type": "string" }, "serviceCode": { "type": "string" } }, "required": [ "filters", "result", "serviceCode", "id" ], "type": "object" } }, "aws:qldb/getLedger:getLedger": { "description": "Use this data source to fetch information about a Quantum Ledger Database.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.qldb.getLedger({\n name: \"an_example_ledger\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.qldb.get_ledger(name=\"an_example_ledger\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Qldb.GetLedger.Invoke(new()\n {\n Name = \"an_example_ledger\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/qldb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := qldb.LookupLedger(ctx, \u0026qldb.LookupLedgerArgs{\n\t\t\tName: \"an_example_ledger\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.qldb.QldbFunctions;\nimport com.pulumi.aws.qldb.inputs.GetLedgerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = QldbFunctions.getLedger(GetLedgerArgs.builder()\n .name(\"an_example_ledger\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:qldb:getLedger\n Arguments:\n name: an_example_ledger\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLedger.\n", "properties": { "name": { "type": "string", "description": "Friendly name of the ledger to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getLedger.\n", "properties": { "arn": { "type": "string" }, "deletionProtection": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKey": { "type": "string" }, "name": { "type": "string" }, "permissionsMode": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "deletionProtection", "kmsKey", "name", "permissionsMode", "tags", "id" ], "type": "object" } }, "aws:quicksight/getDataSet:getDataSet": { "description": "Data source for managing a QuickSight Data Set.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.quicksight.getDataSet({\n dataSetId: \"example-id\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.get_data_set(data_set_id=\"example-id\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Quicksight.GetDataSet.Invoke(new()\n {\n DataSetId = \"example-id\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.LookupDataSet(ctx, \u0026quicksight.LookupDataSetArgs{\n\t\t\tDataSetId: \"example-id\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.QuicksightFunctions;\nimport com.pulumi.aws.quicksight.inputs.GetDataSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = QuicksightFunctions.getDataSet(GetDataSetArgs.builder()\n .dataSetId(\"example-id\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:quicksight:getDataSet\n Arguments:\n dataSetId: example-id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDataSet.\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "columnLevelPermissionRules": { "type": "array", "items": { "$ref": "#/types/aws:quicksight/getDataSetColumnLevelPermissionRule:getDataSetColumnLevelPermissionRule" } }, "dataSetId": { "type": "string", "description": "Identifier for the data set.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "deprecationMessage": "this attribute has been deprecated" } }, "type": "object", "required": [ "dataSetId" ] }, "outputs": { "description": "A collection of values returned by getDataSet.\n", "properties": { "arn": { "type": "string" }, "awsAccountId": { "type": "string" }, "columnGroups": { "items": { "$ref": "#/types/aws:quicksight/getDataSetColumnGroup:getDataSetColumnGroup" }, "type": "array" }, "columnLevelPermissionRules": { "items": { "$ref": "#/types/aws:quicksight/getDataSetColumnLevelPermissionRule:getDataSetColumnLevelPermissionRule" }, "type": "array" }, "dataSetId": { "type": "string" }, "dataSetUsageConfigurations": { "items": { "$ref": "#/types/aws:quicksight/getDataSetDataSetUsageConfiguration:getDataSetDataSetUsageConfiguration" }, "type": "array" }, "fieldFolders": { "items": { "$ref": "#/types/aws:quicksight/getDataSetFieldFolder:getDataSetFieldFolder" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "importMode": { "type": "string" }, "logicalTableMaps": { "items": { "$ref": "#/types/aws:quicksight/getDataSetLogicalTableMap:getDataSetLogicalTableMap" }, "type": "array" }, "name": { "type": "string" }, "permissions": { "items": { "$ref": "#/types/aws:quicksight/getDataSetPermission:getDataSetPermission" }, "type": "array" }, "physicalTableMaps": { "items": { "$ref": "#/types/aws:quicksight/getDataSetPhysicalTableMap:getDataSetPhysicalTableMap" }, "type": "array" }, "rowLevelPermissionDataSets": { "items": { "$ref": "#/types/aws:quicksight/getDataSetRowLevelPermissionDataSet:getDataSetRowLevelPermissionDataSet" }, "type": "array" }, "rowLevelPermissionTagConfigurations": { "items": { "$ref": "#/types/aws:quicksight/getDataSetRowLevelPermissionTagConfiguration:getDataSetRowLevelPermissionTagConfiguration" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "tagsAll": { "additionalProperties": { "type": "string" }, "deprecationMessage": "this attribute has been deprecated", "type": "object" } }, "required": [ "arn", "awsAccountId", "columnGroups", "dataSetId", "dataSetUsageConfigurations", "fieldFolders", "importMode", "logicalTableMaps", "name", "permissions", "physicalTableMaps", "rowLevelPermissionDataSets", "rowLevelPermissionTagConfigurations", "tags", "tagsAll", "id" ], "type": "object" } }, "aws:quicksight/getQuicksightGroup:getQuicksightGroup": { "description": "This data source can be used to fetch information about a specific\nQuickSight group. By using this data source, you can reference QuickSight group\nproperties without having to hard code ARNs or unique IDs as input.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.quicksight.getQuicksightGroup({\n groupName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.get_quicksight_group(group_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Quicksight.GetQuicksightGroup.Invoke(new()\n {\n GroupName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.GetQuicksightGroup(ctx, \u0026quicksight.GetQuicksightGroupArgs{\n\t\t\tGroupName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.QuicksightFunctions;\nimport com.pulumi.aws.quicksight.inputs.GetQuicksightGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = QuicksightFunctions.getQuicksightGroup(GetQuicksightGroupArgs.builder()\n .groupName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:quicksight:getQuicksightGroup\n Arguments:\n groupName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQuicksightGroup.\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "groupName": { "type": "string", "description": "The name of the group that you want to match.\n\nThe following arguments are optional:\n" }, "namespace": { "type": "string", "description": "QuickSight namespace. Defaults to `default`.\n" } }, "type": "object", "required": [ "groupName" ] }, "outputs": { "description": "A collection of values returned by getQuicksightGroup.\n", "properties": { "arn": { "description": "The Amazon Resource Name (ARN) for the group.\n", "type": "string" }, "awsAccountId": { "type": "string" }, "description": { "description": "The group description.\n", "type": "string" }, "groupName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "namespace": { "type": "string" }, "principalId": { "description": "The principal ID of the group.\n", "type": "string" } }, "required": [ "arn", "awsAccountId", "description", "groupName", "principalId", "id" ], "type": "object" } }, "aws:quicksight/getQuicksightUser:getQuicksightUser": { "description": "This data source can be used to fetch information about a specific\nQuickSight user. By using this data source, you can reference QuickSight user\nproperties without having to hard code ARNs or unique IDs as input.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.quicksight.getQuicksightUser({\n userName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.get_quicksight_user(user_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Quicksight.GetQuicksightUser.Invoke(new()\n {\n UserName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.GetQuicksightUser(ctx, \u0026quicksight.GetQuicksightUserArgs{\n\t\t\tUserName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.QuicksightFunctions;\nimport com.pulumi.aws.quicksight.inputs.GetQuicksightUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = QuicksightFunctions.getQuicksightUser(GetQuicksightUserArgs.builder()\n .userName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:quicksight:getQuicksightUser\n Arguments:\n userName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQuicksightUser.\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "namespace": { "type": "string", "description": "QuickSight namespace. Defaults to `default`.\n" }, "userName": { "type": "string", "description": "The name of the user that you want to match.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "userName" ] }, "outputs": { "description": "A collection of values returned by getQuicksightUser.\n", "properties": { "active": { "description": "The active status of user. When you create an Amazon QuickSight user that’s not an IAM user or an Active Directory user, that user is inactive until they sign in and provide a password.\n", "type": "boolean" }, "arn": { "description": "The Amazon Resource Name (ARN) for the user.\n", "type": "string" }, "awsAccountId": { "type": "string" }, "email": { "description": "The user's email address.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityType": { "description": "The type of identity authentication used by the user.\n", "type": "string" }, "namespace": { "type": "string" }, "principalId": { "description": "The principal ID of the user.\n", "type": "string" }, "userName": { "type": "string" }, "userRole": { "description": "The Amazon QuickSight role for the user. The user role can be one of the following:.\n- `READER`: A user who has read-only access to dashboards.\n- `AUTHOR`: A user who can create data sources, datasets, analyzes, and dashboards.\n- `ADMIN`: A user who is an author, who can also manage Amazon QuickSight settings.\n", "type": "string" } }, "required": [ "active", "arn", "awsAccountId", "email", "identityType", "principalId", "userName", "userRole", "id" ], "type": "object" } }, "aws:quicksight/getTheme:getTheme": { "description": "Data source for managing an AWS QuickSight Theme.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.quicksight.getTheme({\n themeId: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.quicksight.get_theme(theme_id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Quicksight.GetTheme.Invoke(new()\n {\n ThemeId = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := quicksight.LookupTheme(ctx, \u0026quicksight.LookupThemeArgs{\n\t\t\tThemeId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.quicksight.QuicksightFunctions;\nimport com.pulumi.aws.quicksight.inputs.GetThemeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = QuicksightFunctions.getTheme(GetThemeArgs.builder()\n .themeId(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:quicksight:getTheme\n Arguments:\n themeId: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTheme.\n", "properties": { "awsAccountId": { "type": "string", "description": "AWS account ID.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n" }, "themeId": { "type": "string", "description": "Identifier of the theme.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "themeId" ] }, "outputs": { "description": "A collection of values returned by getTheme.\n", "properties": { "arn": { "description": "ARN of the theme.\n", "type": "string" }, "awsAccountId": { "type": "string" }, "baseThemeId": { "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight.\n", "type": "string" }, "configurations": { "description": "The theme configuration, which contains the theme display properties. See configuration.\n", "items": { "$ref": "#/types/aws:quicksight/getThemeConfiguration:getThemeConfiguration" }, "type": "array" }, "createdTime": { "description": "The time that the theme was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedTime": { "description": "The time that the theme was last updated.\n", "type": "string" }, "name": { "description": "Display name of the theme.\n", "type": "string" }, "permissions": { "description": "A set of resource permissions on the theme. See permissions.\n", "items": { "$ref": "#/types/aws:quicksight/getThemePermission:getThemePermission" }, "type": "array" }, "status": { "description": "The theme creation status.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "type": "object" }, "themeId": { "type": "string" }, "versionDescription": { "description": "A description of the current theme version being created/updated.\n", "type": "string" }, "versionNumber": { "description": "The version number of the theme version.\n", "type": "integer" } }, "required": [ "arn", "awsAccountId", "baseThemeId", "configurations", "createdTime", "lastUpdatedTime", "name", "permissions", "status", "tags", "themeId", "versionDescription", "versionNumber", "id" ], "type": "object" } }, "aws:ram/getResourceShare:getResourceShare": { "description": "`aws.ram.ResourceShare` Retrieve information about a RAM Resource Share.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ram.getResourceShare({\n name: \"example\",\n resourceOwner: \"SELF\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ram.get_resource_share(name=\"example\",\n resource_owner=\"SELF\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ram.GetResourceShare.Invoke(new()\n {\n Name = \"example\",\n ResourceOwner = \"SELF\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.LookupResourceShare(ctx, \u0026ram.LookupResourceShareArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t\tResourceOwner: \"SELF\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.RamFunctions;\nimport com.pulumi.aws.ram.inputs.GetResourceShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RamFunctions.getResourceShare(GetResourceShareArgs.builder()\n .name(\"example\")\n .resourceOwner(\"SELF\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ram:getResourceShare\n Arguments:\n name: example\n resourceOwner: SELF\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Search by filters\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst tagFilter = aws.ram.getResourceShare({\n resourceOwner: \"SELF\",\n filters: [{\n name: \"NameOfTag\",\n values: [\"exampleNameTagValue\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntag_filter = aws.ram.get_resource_share(resource_owner=\"SELF\",\n filters=[{\n \"name\": \"NameOfTag\",\n \"values\": [\"exampleNameTagValue\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var tagFilter = Aws.Ram.GetResourceShare.Invoke(new()\n {\n ResourceOwner = \"SELF\",\n Filters = new[]\n {\n new Aws.Ram.Inputs.GetResourceShareFilterInputArgs\n {\n Name = \"NameOfTag\",\n Values = new[]\n {\n \"exampleNameTagValue\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ram\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ram.LookupResourceShare(ctx, \u0026ram.LookupResourceShareArgs{\n\t\t\tResourceOwner: \"SELF\",\n\t\t\tFilters: []ram.GetResourceShareFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"NameOfTag\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"exampleNameTagValue\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ram.RamFunctions;\nimport com.pulumi.aws.ram.inputs.GetResourceShareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var tagFilter = RamFunctions.getResourceShare(GetResourceShareArgs.builder()\n .resourceOwner(\"SELF\")\n .filters(GetResourceShareFilterArgs.builder()\n .name(\"NameOfTag\")\n .values(\"exampleNameTagValue\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n tagFilter:\n fn::invoke:\n Function: aws:ram:getResourceShare\n Arguments:\n resourceOwner: SELF\n filters:\n - name: NameOfTag\n values:\n - exampleNameTagValue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResourceShare.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ram/getResourceShareFilter:getResourceShareFilter" }, "description": "Filter used to scope the list e.g., by tags. See [related docs] (https://docs.aws.amazon.com/ram/latest/APIReference/API_TagFilter.html).\n" }, "name": { "type": "string", "description": "Name of the resource share to retrieve.\n" }, "resourceOwner": { "type": "string", "description": "Owner of the resource share. Valid values are `SELF` or `OTHER-ACCOUNTS`.\n" }, "resourceShareStatus": { "type": "string", "description": "Specifies that you want to retrieve details of only those resource shares that have this status. Valid values are `PENDING`, `ACTIVE`, `FAILED`, `DELETING`, and `DELETED`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags attached to the resource share.\n" } }, "type": "object", "required": [ "resourceOwner" ] }, "outputs": { "description": "A collection of values returned by getResourceShare.\n", "properties": { "arn": { "description": "ARN of the resource share.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:ram/getResourceShareFilter:getResourceShareFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "owningAccountId": { "description": "ID of the AWS account that owns the resource share.\n", "type": "string" }, "resourceArns": { "description": "A list of resource ARNs associated with the resource share.\n", "items": { "type": "string" }, "type": "array" }, "resourceOwner": { "type": "string" }, "resourceShareStatus": { "type": "string" }, "status": { "description": "Status of the resource share.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags attached to the resource share.\n", "type": "object" } }, "required": [ "arn", "name", "owningAccountId", "resourceArns", "resourceOwner", "status", "tags", "id" ], "type": "object" } }, "aws:rds/getCertificate:getCertificate": { "description": "Information about an RDS Certificate.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.rds.getCertificate({\n latestValidTill: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_certificate(latest_valid_till=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetCertificate.Invoke(new()\n {\n LatestValidTill = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupCertificate(ctx, \u0026rds.LookupCertificateArgs{\n\t\t\tLatestValidTill: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getCertificate(GetCertificateArgs.builder()\n .latestValidTill(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getCertificate\n Arguments:\n latestValidTill: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCertificate.\n", "properties": { "id": { "type": "string", "description": "Certificate identifier. For example, `rds-ca-2019`.\n" }, "latestValidTill": { "type": "boolean", "description": "When enabled, returns the certificate with the latest `ValidTill`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getCertificate.\n", "properties": { "arn": { "description": "ARN of the certificate.\n", "type": "string" }, "certificateType": { "description": "Type of certificate. For example, `CA`.\n", "type": "string" }, "customerOverride": { "description": "Boolean whether there is an override for the default certificate identifier.\n", "type": "boolean" }, "customerOverrideValidTill": { "description": "If there is an override for the default certificate identifier, when the override expires.\n", "type": "string" }, "id": { "type": "string" }, "latestValidTill": { "type": "boolean" }, "thumbprint": { "description": "Thumbprint of the certificate.\n", "type": "string" }, "validFrom": { "description": "[RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of certificate starting validity date.\n", "type": "string" }, "validTill": { "description": "[RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) of certificate ending validity date.\n", "type": "string" } }, "required": [ "arn", "certificateType", "customerOverride", "customerOverrideValidTill", "id", "thumbprint", "validFrom", "validTill" ], "type": "object" } }, "aws:rds/getCluster:getCluster": { "description": "Provides information about an RDS cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst clusterName = aws.rds.getCluster({\n clusterIdentifier: \"clusterName\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncluster_name = aws.rds.get_cluster(cluster_identifier=\"clusterName\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var clusterName = Aws.Rds.GetCluster.Invoke(new()\n {\n ClusterIdentifier = \"clusterName\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupCluster(ctx, \u0026rds.LookupClusterArgs{\n\t\t\tClusterIdentifier: \"clusterName\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var clusterName = RdsFunctions.getCluster(GetClusterArgs.builder()\n .clusterIdentifier(\"clusterName\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n clusterName:\n fn::invoke:\n Function: aws:rds:getCluster\n Arguments:\n clusterIdentifier: clusterName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "Cluster identifier of the RDS cluster.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "arn": { "type": "string" }, "availabilityZones": { "items": { "type": "string" }, "type": "array" }, "backtrackWindow": { "type": "integer" }, "backupRetentionPeriod": { "type": "integer" }, "clusterIdentifier": { "type": "string" }, "clusterMembers": { "items": { "type": "string" }, "type": "array" }, "clusterResourceId": { "type": "string" }, "databaseName": { "type": "string" }, "dbClusterParameterGroupName": { "type": "string" }, "dbSubnetGroupName": { "type": "string" }, "dbSystemId": { "type": "string" }, "enabledCloudwatchLogsExports": { "items": { "type": "string" }, "type": "array" }, "endpoint": { "type": "string" }, "engine": { "type": "string" }, "engineMode": { "type": "string" }, "engineVersion": { "type": "string" }, "finalSnapshotIdentifier": { "type": "string" }, "hostedZoneId": { "type": "string" }, "iamDatabaseAuthenticationEnabled": { "type": "boolean" }, "iamRoles": { "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "type": "string" }, "masterUserSecrets": { "items": { "$ref": "#/types/aws:rds/getClusterMasterUserSecret:getClusterMasterUserSecret" }, "type": "array" }, "masterUsername": { "type": "string" }, "networkType": { "type": "string" }, "port": { "type": "integer" }, "preferredBackupWindow": { "type": "string" }, "preferredMaintenanceWindow": { "type": "string" }, "readerEndpoint": { "type": "string" }, "replicationSourceIdentifier": { "type": "string" }, "storageEncrypted": { "type": "boolean" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n", "type": "object" }, "vpcSecurityGroupIds": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "availabilityZones", "backtrackWindow", "backupRetentionPeriod", "clusterIdentifier", "clusterMembers", "clusterResourceId", "databaseName", "dbClusterParameterGroupName", "dbSubnetGroupName", "dbSystemId", "enabledCloudwatchLogsExports", "endpoint", "engine", "engineMode", "engineVersion", "finalSnapshotIdentifier", "hostedZoneId", "iamDatabaseAuthenticationEnabled", "iamRoles", "kmsKeyId", "masterUserSecrets", "masterUsername", "networkType", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "readerEndpoint", "replicationSourceIdentifier", "storageEncrypted", "tags", "vpcSecurityGroupIds", "id" ], "type": "object" } }, "aws:rds/getClusterSnapshot:getClusterSnapshot": { "description": "Use this data source to get information about a DB Cluster Snapshot for use when provisioning DB clusters.\n\n\u003e **NOTE:** This data source does not apply to snapshots created on DB Instances.\nSee the `aws.rds.Snapshot` data source for DB Instance snapshots.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst developmentFinalSnapshot = aws.rds.getClusterSnapshot({\n dbClusterIdentifier: \"development_cluster\",\n mostRecent: true,\n});\n// Use the last snapshot of the dev database before it was destroyed to create\n// a new dev database.\nconst aurora = new aws.rds.Cluster(\"aurora\", {\n clusterIdentifier: \"development_cluster\",\n snapshotIdentifier: developmentFinalSnapshot.then(developmentFinalSnapshot =\u003e developmentFinalSnapshot.id),\n dbSubnetGroupName: \"my_db_subnet_group\",\n});\nconst auroraClusterInstance = new aws.rds.ClusterInstance(\"aurora\", {\n clusterIdentifier: aurora.id,\n instanceClass: aws.rds.InstanceType.T2_Small,\n dbSubnetGroupName: \"my_db_subnet_group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndevelopment_final_snapshot = aws.rds.get_cluster_snapshot(db_cluster_identifier=\"development_cluster\",\n most_recent=True)\n# Use the last snapshot of the dev database before it was destroyed to create\n# a new dev database.\naurora = aws.rds.Cluster(\"aurora\",\n cluster_identifier=\"development_cluster\",\n snapshot_identifier=development_final_snapshot.id,\n db_subnet_group_name=\"my_db_subnet_group\")\naurora_cluster_instance = aws.rds.ClusterInstance(\"aurora\",\n cluster_identifier=aurora.id,\n instance_class=aws.rds.InstanceType.T2_SMALL,\n db_subnet_group_name=\"my_db_subnet_group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var developmentFinalSnapshot = Aws.Rds.GetClusterSnapshot.Invoke(new()\n {\n DbClusterIdentifier = \"development_cluster\",\n MostRecent = true,\n });\n\n // Use the last snapshot of the dev database before it was destroyed to create\n // a new dev database.\n var aurora = new Aws.Rds.Cluster(\"aurora\", new()\n {\n ClusterIdentifier = \"development_cluster\",\n SnapshotIdentifier = developmentFinalSnapshot.Apply(getClusterSnapshotResult =\u003e getClusterSnapshotResult.Id),\n DbSubnetGroupName = \"my_db_subnet_group\",\n });\n\n var auroraClusterInstance = new Aws.Rds.ClusterInstance(\"aurora\", new()\n {\n ClusterIdentifier = aurora.Id,\n InstanceClass = Aws.Rds.InstanceType.T2_Small,\n DbSubnetGroupName = \"my_db_subnet_group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdevelopmentFinalSnapshot, err := rds.LookupClusterSnapshot(ctx, \u0026rds.LookupClusterSnapshotArgs{\n\t\t\tDbClusterIdentifier: pulumi.StringRef(\"development_cluster\"),\n\t\t\tMostRecent: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Use the last snapshot of the dev database before it was destroyed to create\n\t\t// a new dev database.\n\t\taurora, err := rds.NewCluster(ctx, \"aurora\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"development_cluster\"),\n\t\t\tSnapshotIdentifier: pulumi.String(developmentFinalSnapshot.Id),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_db_subnet_group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"aurora\", \u0026rds.ClusterInstanceArgs{\n\t\t\tClusterIdentifier: aurora.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Small),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_db_subnet_group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetClusterSnapshotArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var developmentFinalSnapshot = RdsFunctions.getClusterSnapshot(GetClusterSnapshotArgs.builder()\n .dbClusterIdentifier(\"development_cluster\")\n .mostRecent(true)\n .build());\n\n // Use the last snapshot of the dev database before it was destroyed to create\n // a new dev database.\n var aurora = new Cluster(\"aurora\", ClusterArgs.builder()\n .clusterIdentifier(\"development_cluster\")\n .snapshotIdentifier(developmentFinalSnapshot.applyValue(getClusterSnapshotResult -\u003e getClusterSnapshotResult.id()))\n .dbSubnetGroupName(\"my_db_subnet_group\")\n .build());\n\n var auroraClusterInstance = new ClusterInstance(\"auroraClusterInstance\", ClusterInstanceArgs.builder()\n .clusterIdentifier(aurora.id())\n .instanceClass(\"db.t2.small\")\n .dbSubnetGroupName(\"my_db_subnet_group\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Use the last snapshot of the dev database before it was destroyed to create\n # a new dev database.\n aurora:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: development_cluster\n snapshotIdentifier: ${developmentFinalSnapshot.id}\n dbSubnetGroupName: my_db_subnet_group\n auroraClusterInstance:\n type: aws:rds:ClusterInstance\n name: aurora\n properties:\n clusterIdentifier: ${aurora.id}\n instanceClass: db.t2.small\n dbSubnetGroupName: my_db_subnet_group\nvariables:\n developmentFinalSnapshot:\n fn::invoke:\n Function: aws:rds:getClusterSnapshot\n Arguments:\n dbClusterIdentifier: development_cluster\n mostRecent: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getClusterSnapshot.\n", "properties": { "dbClusterIdentifier": { "type": "string", "description": "Returns the list of snapshots created by the specific db_cluster\n" }, "dbClusterSnapshotIdentifier": { "type": "string", "description": "Returns information on a specific snapshot_id.\n" }, "includePublic": { "type": "boolean", "description": "Set this value to true to include manual DB Cluster Snapshots that are public and can be\ncopied or restored by any AWS account, otherwise set this value to false. The default is `false`.\n" }, "includeShared": { "type": "boolean", "description": "Set this value to true to include shared manual DB Cluster Snapshots from other\nAWS accounts that this AWS account has been given permission to copy or restore, otherwise set this value to false.\nThe default is `false`.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most recent Snapshot.\n" }, "snapshotType": { "type": "string", "description": "Type of snapshots to be returned. If you don't specify a SnapshotType\nvalue, then both automated and manual DB cluster snapshots are returned. Shared and public DB Cluster Snapshots are not\nincluded in the returned results by default. Possible values are, `automated`, `manual`, `shared`, `public` and `awsbackup`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired DB cluster snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getClusterSnapshot.\n", "properties": { "allocatedStorage": { "description": "Allocated storage size in gigabytes (GB).\n", "type": "integer" }, "availabilityZones": { "description": "List of EC2 Availability Zones that instances in the DB cluster snapshot can be restored in.\n", "items": { "type": "string" }, "type": "array" }, "dbClusterIdentifier": { "description": "Specifies the DB cluster identifier of the DB cluster that this DB cluster snapshot was created from.\n", "type": "string" }, "dbClusterSnapshotArn": { "description": "The ARN for the DB Cluster Snapshot.\n", "type": "string" }, "dbClusterSnapshotIdentifier": { "type": "string" }, "engine": { "description": "Name of the database engine.\n", "type": "string" }, "engineVersion": { "description": "Version of the database engine for this DB cluster snapshot.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includePublic": { "type": "boolean" }, "includeShared": { "type": "boolean" }, "kmsKeyId": { "description": "If storage_encrypted is true, the AWS KMS key identifier for the encrypted DB cluster snapshot.\n", "type": "string" }, "licenseModel": { "description": "License model information for the restored DB cluster.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "port": { "description": "Port that the DB cluster was listening on at the time of the snapshot.\n", "type": "integer" }, "snapshotCreateTime": { "description": "Time when the snapshot was taken, in Universal Coordinated Time (UTC).\n", "type": "string" }, "snapshotType": { "type": "string" }, "sourceDbClusterSnapshotArn": { "type": "string" }, "status": { "description": "Status of this DB Cluster Snapshot.\n", "type": "string" }, "storageEncrypted": { "description": "Whether the DB cluster snapshot is encrypted.\n", "type": "boolean" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "vpcId": { "description": "VPC ID associated with the DB cluster snapshot.\n", "type": "string" } }, "required": [ "allocatedStorage", "availabilityZones", "dbClusterSnapshotArn", "engine", "engineVersion", "kmsKeyId", "licenseModel", "port", "snapshotCreateTime", "sourceDbClusterSnapshotArn", "status", "storageEncrypted", "tags", "vpcId", "id" ], "type": "object" } }, "aws:rds/getClusters:getClusters": { "description": "Data source for managing an AWS RDS (Relational Database) Clusters.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.rds.getClusters({\n filters: [{\n name: \"engine\",\n values: [\"aurora-postgresql\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_clusters(filters=[{\n \"name\": \"engine\",\n \"values\": [\"aurora-postgresql\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetClusters.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Rds.Inputs.GetClustersFilterInputArgs\n {\n Name = \"engine\",\n Values = new[]\n {\n \"aurora-postgresql\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetClusters(ctx, \u0026rds.GetClustersArgs{\n\t\t\tFilters: []rds.GetClustersFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"engine\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"aurora-postgresql\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetClustersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getClusters(GetClustersArgs.builder()\n .filters(GetClustersFilterArgs.builder()\n .name(\"engine\")\n .values(\"aurora-postgresql\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getClusters\n Arguments:\n filters:\n - name: engine\n values:\n - aurora-postgresql\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getClusters.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:rds/getClustersFilter:getClustersFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getClusters.\n", "properties": { "clusterArns": { "description": "Set of cluster ARNs of the matched RDS clusters.\n", "items": { "type": "string" }, "type": "array" }, "clusterIdentifiers": { "description": "Set of ARNs of cluster identifiers of the matched RDS clusters.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:rds/getClustersFilter:getClustersFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "clusterArns", "clusterIdentifiers", "id" ], "type": "object" } }, "aws:rds/getEngineVersion:getEngineVersion": { "description": "Information about an RDS engine version.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getEngineVersion({\n engine: \"mysql\",\n preferredVersions: [\n \"8.0.27\",\n \"8.0.26\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_engine_version(engine=\"mysql\",\n preferred_versions=[\n \"8.0.27\",\n \"8.0.26\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetEngineVersion.Invoke(new()\n {\n Engine = \"mysql\",\n PreferredVersions = new[]\n {\n \"8.0.27\",\n \"8.0.26\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetEngineVersion(ctx, \u0026rds.GetEngineVersionArgs{\n\t\t\tEngine: \"mysql\",\n\t\t\tPreferredVersions: []string{\n\t\t\t\t\"8.0.27\",\n\t\t\t\t\"8.0.26\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getEngineVersion(GetEngineVersionArgs.builder()\n .engine(\"mysql\")\n .preferredVersions( \n \"8.0.27\",\n \"8.0.26\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getEngineVersion\n Arguments:\n engine: mysql\n preferredVersions:\n - 8.0.27\n - 8.0.26\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `filter`\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getEngineVersion({\n engine: \"aurora-postgresql\",\n version: \"10.14\",\n includeAll: true,\n filters: [{\n name: \"engine-mode\",\n values: [\"serverless\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_engine_version(engine=\"aurora-postgresql\",\n version=\"10.14\",\n include_all=True,\n filters=[{\n \"name\": \"engine-mode\",\n \"values\": [\"serverless\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetEngineVersion.Invoke(new()\n {\n Engine = \"aurora-postgresql\",\n Version = \"10.14\",\n IncludeAll = true,\n Filters = new[]\n {\n new Aws.Rds.Inputs.GetEngineVersionFilterInputArgs\n {\n Name = \"engine-mode\",\n Values = new[]\n {\n \"serverless\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetEngineVersion(ctx, \u0026rds.GetEngineVersionArgs{\n\t\t\tEngine: \"aurora-postgresql\",\n\t\t\tVersion: pulumi.StringRef(\"10.14\"),\n\t\t\tIncludeAll: pulumi.BoolRef(true),\n\t\t\tFilters: []rds.GetEngineVersionFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"engine-mode\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"serverless\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetEngineVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getEngineVersion(GetEngineVersionArgs.builder()\n .engine(\"aurora-postgresql\")\n .version(\"10.14\")\n .includeAll(true)\n .filters(GetEngineVersionFilterArgs.builder()\n .name(\"engine-mode\")\n .values(\"serverless\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getEngineVersion\n Arguments:\n engine: aurora-postgresql\n version: '10.14'\n includeAll: true\n filters:\n - name: engine-mode\n values:\n - serverless\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEngineVersion.\n", "properties": { "defaultOnly": { "type": "boolean", "description": "Whether the engine version must be an AWS-defined default version. Some engines have multiple default versions, such as for each major version. Using `default_only` may help avoid `multiple RDS engine versions` errors. See also `latest`.\n" }, "engine": { "type": "string", "description": "Database engine. Engine values include `aurora`, `aurora-mysql`, `aurora-postgresql`, `docdb`, `mariadb`, `mysql`, `neptune`, `oracle-ee`, `oracle-se`, `oracle-se1`, `oracle-se2`, `postgres`, `sqlserver-ee`, `sqlserver-ex`, `sqlserver-se`, and `sqlserver-web`.\n\nThe following arguments are optional:\n" }, "filters": { "type": "array", "items": { "$ref": "#/types/aws:rds/getEngineVersionFilter:getEngineVersionFilter" }, "description": "One or more name/value pairs to use in filtering versions. There are several valid keys; for a full reference, check out [describe-db-engine-versions in the AWS CLI reference](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/describe-db-engine-versions.html).\n" }, "hasMajorTarget": { "type": "boolean", "description": "Whether the engine version must have one or more major upgrade targets. Not including `has_major_target` or setting it to `false` doesn't imply that there's no corresponding major upgrade target for the engine version.\n" }, "hasMinorTarget": { "type": "boolean", "description": "Whether the engine version must have one or more minor upgrade targets. Not including `has_minor_target` or setting it to `false` doesn't imply that there's no corresponding minor upgrade target for the engine version.\n" }, "includeAll": { "type": "boolean", "description": "Whether the engine version `status` can either be `deprecated` or `available`. When not set or set to `false`, the engine version `status` will always be `available`.\n" }, "latest": { "type": "boolean", "description": "Whether the engine version is the most recent version matching the other criteria. This is different from `default_only` in important ways: \"default\" relies on AWS-defined defaults, the latest version isn't always the default, and AWS might have multiple default versions for an engine. As a result, `default_only` might not prevent errors from `multiple RDS engine versions`, while `latest` will. (`latest` can be used with `default_only`.) **Note:** The data source uses a best-effort approach at selecting the latest version. Due to the complexity of version identifiers across engines and incomplete version date information provided by AWS, using `latest` may not always result in the engine version being the actual latest version.\n" }, "parameterGroupFamily": { "type": "string", "description": "Name of a specific database parameter group family. Examples of parameter group families are `mysql8.0`, `mariadb10.4`, and `postgres12`.\n" }, "preferredMajorTargets": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred major version upgrade targets. The engine version will be the first match in the list unless the `latest` parameter is set to `true`. The engine version will be the default version if you don't include any criteria, such as `preferred_major_targets`.\n" }, "preferredUpgradeTargets": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred version upgrade targets. The engine version will be the first match in this list unless the `latest` parameter is set to `true`. The engine version will be the default version if you don't include any criteria, such as `preferred_upgrade_targets`.\n" }, "preferredVersions": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred versions. The engine version will be the first match in this list unless the `latest` parameter is set to `true`. The engine version will be the default version if you don't include any criteria, such as `preferred_versions`.\n" }, "version": { "type": "string" } }, "type": "object", "required": [ "engine" ] }, "outputs": { "description": "A collection of values returned by getEngineVersion.\n", "properties": { "defaultCharacterSet": { "description": "Default character set for new instances of the engine version.\n", "type": "string" }, "defaultOnly": { "type": "boolean" }, "engine": { "type": "string" }, "engineDescription": { "description": "Description of the engine.\n", "type": "string" }, "exportableLogTypes": { "description": "Set of log types that the engine version has available for export to CloudWatch Logs.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:rds/getEngineVersionFilter:getEngineVersionFilter" }, "type": "array" }, "hasMajorTarget": { "type": "boolean" }, "hasMinorTarget": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includeAll": { "type": "boolean" }, "latest": { "type": "boolean" }, "parameterGroupFamily": { "type": "string" }, "preferredMajorTargets": { "items": { "type": "string" }, "type": "array" }, "preferredUpgradeTargets": { "items": { "type": "string" }, "type": "array" }, "preferredVersions": { "items": { "type": "string" }, "type": "array" }, "status": { "description": "Status of the engine version, either `available` or `deprecated`.\n", "type": "string" }, "supportedCharacterSets": { "description": "Set of character sets supported by th engine version.\n", "items": { "type": "string" }, "type": "array" }, "supportedFeatureNames": { "description": "Set of features supported by the engine version.\n", "items": { "type": "string" }, "type": "array" }, "supportedModes": { "description": "Set of supported engine version modes.\n", "items": { "type": "string" }, "type": "array" }, "supportedTimezones": { "description": "Set of the time zones supported by the engine version.\n", "items": { "type": "string" }, "type": "array" }, "supportsGlobalDatabases": { "description": "Whether you can use Aurora global databases with the engine version.\n", "type": "boolean" }, "supportsLimitlessDatabase": { "description": "Whether the engine version supports Aurora Limitless Database.\n", "type": "boolean" }, "supportsLogExportsToCloudwatch": { "description": "Whether the engine version supports exporting the log types specified by `exportable_log_types` to CloudWatch Logs.\n", "type": "boolean" }, "supportsParallelQuery": { "description": "Whether you can use Aurora parallel query with the engine version.\n", "type": "boolean" }, "supportsReadReplica": { "description": "Whether the engine version supports read replicas.\n", "type": "boolean" }, "validMajorTargets": { "description": "Set of versions that are valid major version upgrades for the engine version.\n", "items": { "type": "string" }, "type": "array" }, "validMinorTargets": { "description": "Set of versions that are valid minor version upgrades for the engine version.\n", "items": { "type": "string" }, "type": "array" }, "validUpgradeTargets": { "description": "Set of versions that are valid major or minor upgrades for the engine version.\n", "items": { "type": "string" }, "type": "array" }, "version": { "type": "string" }, "versionActual": { "description": "Complete engine version.\n", "type": "string" }, "versionDescription": { "description": "Description of the engine version.\n", "type": "string" } }, "required": [ "defaultCharacterSet", "engine", "engineDescription", "exportableLogTypes", "parameterGroupFamily", "status", "supportedCharacterSets", "supportedFeatureNames", "supportedModes", "supportedTimezones", "supportsGlobalDatabases", "supportsLimitlessDatabase", "supportsLogExportsToCloudwatch", "supportsParallelQuery", "supportsReadReplica", "validMajorTargets", "validMinorTargets", "validUpgradeTargets", "version", "versionActual", "versionDescription", "id" ], "type": "object" } }, "aws:rds/getEventCategories:getEventCategories": { "description": "## Example Usage\n\nList the event categories of all the RDS resources.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.rds.getEventCategories({});\n return {\n example: example.eventCategories,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_event_categories()\npulumi.export(\"example\", example.event_categories)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetEventCategories.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getEventCategoriesResult =\u003e getEventCategoriesResult.EventCategories),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.GetEventCategories(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", example.EventCategories)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetEventCategoriesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getEventCategories();\n\n ctx.export(\"example\", example.applyValue(getEventCategoriesResult -\u003e getEventCategoriesResult.eventCategories()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getEventCategories\n Arguments: {}\noutputs:\n example: ${example.eventCategories}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nList the event categories specific to the RDS resource `db-snapshot`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = await aws.rds.getEventCategories({\n sourceType: \"db-snapshot\",\n });\n return {\n example: example.eventCategories,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_event_categories(source_type=\"db-snapshot\")\npulumi.export(\"example\", example.event_categories)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetEventCategories.Invoke(new()\n {\n SourceType = \"db-snapshot\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"example\"] = example.Apply(getEventCategoriesResult =\u003e getEventCategoriesResult.EventCategories),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.GetEventCategories(ctx, \u0026rds.GetEventCategoriesArgs{\n\t\t\tSourceType: pulumi.StringRef(\"db-snapshot\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"example\", example.EventCategories)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetEventCategoriesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getEventCategories(GetEventCategoriesArgs.builder()\n .sourceType(\"db-snapshot\")\n .build());\n\n ctx.export(\"example\", example.applyValue(getEventCategoriesResult -\u003e getEventCategoriesResult.eventCategories()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getEventCategories\n Arguments:\n sourceType: db-snapshot\noutputs:\n example: ${example.eventCategories}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEventCategories.\n", "properties": { "sourceType": { "type": "string", "description": "Type of source that will be generating the events. Valid options are db-instance, db-security-group, db-parameter-group, db-snapshot, db-cluster or db-cluster-snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getEventCategories.\n", "properties": { "eventCategories": { "description": "List of the event categories.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "sourceType": { "type": "string" } }, "required": [ "eventCategories", "id" ], "type": "object" } }, "aws:rds/getInstance:getInstance": { "description": "Use this data source to get information about an RDS instance\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst database = aws.rds.getInstance({\n dbInstanceIdentifier: \"my-test-database\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndatabase = aws.rds.get_instance(db_instance_identifier=\"my-test-database\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var database = Aws.Rds.GetInstance.Invoke(new()\n {\n DbInstanceIdentifier = \"my-test-database\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupInstance(ctx, \u0026rds.LookupInstanceArgs{\n\t\t\tDbInstanceIdentifier: pulumi.StringRef(\"my-test-database\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var database = RdsFunctions.getInstance(GetInstanceArgs.builder()\n .dbInstanceIdentifier(\"my-test-database\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n database:\n fn::invoke:\n Function: aws:rds:getInstance\n Arguments:\n dbInstanceIdentifier: my-test-database\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstance.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "Name of the RDS instance.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired instance.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstance.\n", "properties": { "address": { "description": "Hostname of the RDS instance. See also `endpoint` and `port`.\n", "type": "string" }, "allocatedStorage": { "description": "Allocated storage size specified in gigabytes.\n", "type": "integer" }, "autoMinorVersionUpgrade": { "description": "Indicates that minor version patches are applied automatically.\n", "type": "boolean" }, "availabilityZone": { "description": "Name of the Availability Zone the DB instance is located in.\n", "type": "string" }, "backupRetentionPeriod": { "description": "Specifies the number of days for which automatic DB snapshots are retained.\n", "type": "integer" }, "caCertIdentifier": { "description": "Identifier of the CA certificate for the DB instance.\n", "type": "string" }, "dbClusterIdentifier": { "description": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.\n", "type": "string" }, "dbInstanceArn": { "description": "ARN for the DB instance.\n", "type": "string" }, "dbInstanceClass": { "description": "Contains the name of the compute and memory capacity class of the DB instance.\n", "type": "string" }, "dbInstanceIdentifier": { "type": "string" }, "dbInstancePort": { "description": "Port that the DB instance listens on.\n", "type": "integer" }, "dbName": { "description": "Contains the name of the initial database of this instance that was provided at create time, if one was specified when the DB instance was created. This same name is returned for the life of the DB instance.\n", "type": "string" }, "dbParameterGroups": { "description": "Provides the list of DB parameter groups applied to this DB instance.\n", "items": { "type": "string" }, "type": "array" }, "dbSubnetGroup": { "description": "Name of the subnet group associated with the DB instance.\n", "type": "string" }, "enabledCloudwatchLogsExports": { "description": "List of log types to export to cloudwatch.\n", "items": { "type": "string" }, "type": "array" }, "endpoint": { "description": "Connection endpoint in `address:port` format.\n", "type": "string" }, "engine": { "description": "Provides the name of the database engine to be used for this DB instance.\n", "type": "string" }, "engineVersion": { "description": "Database engine version.\n", "type": "string" }, "hostedZoneId": { "description": "Canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record).\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "iops": { "description": "Provisioned IOPS (I/O operations per second) value.\n", "type": "integer" }, "kmsKeyId": { "description": "The Amazon Web Services KMS key identifier that is used to encrypt the secret.\n", "type": "string" }, "licenseModel": { "description": "License model information for this DB instance.\n", "type": "string" }, "masterUserSecrets": { "description": "Provides the master user secret. Only available when `manage_master_user_password` is set to true. Documented below.\n", "items": { "$ref": "#/types/aws:rds/getInstanceMasterUserSecret:getInstanceMasterUserSecret" }, "type": "array" }, "masterUsername": { "description": "Contains the master username for the DB instance.\n", "type": "string" }, "maxAllocatedStorage": { "description": "The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.\n", "type": "integer" }, "monitoringInterval": { "description": "Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance.\n", "type": "integer" }, "monitoringRoleArn": { "description": "ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to CloudWatch Logs.\n", "type": "string" }, "multiAz": { "description": "If the DB instance is a Multi-AZ deployment.\n", "type": "boolean" }, "networkType": { "description": "Network type of the DB instance.\n", "type": "string" }, "optionGroupMemberships": { "description": "Provides the list of option group memberships for this DB instance.\n", "items": { "type": "string" }, "type": "array" }, "port": { "description": "Database endpoint port, primarily used by an Aurora DB cluster. For a conventional RDS DB instance, the `db_instance_port` is typically the preferred choice.\n", "type": "integer" }, "preferredBackupWindow": { "description": "Specifies the daily time range during which automated backups are created.\n", "type": "string" }, "preferredMaintenanceWindow": { "description": "Specifies the weekly time range during which system maintenance can occur in UTC.\n", "type": "string" }, "publiclyAccessible": { "description": "Accessibility options for the DB instance.\n", "type": "boolean" }, "replicateSourceDb": { "description": "Identifier of the source DB that this is a replica of.\n", "type": "string" }, "resourceId": { "description": "RDS Resource ID of this instance.\n", "type": "string" }, "storageEncrypted": { "description": "Whether the DB instance is encrypted.\n", "type": "boolean" }, "storageThroughput": { "description": "Storage throughput value for the DB instance.\n", "type": "integer" }, "storageType": { "description": "Storage type associated with DB instance.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "timezone": { "description": "Time zone of the DB instance.\n", "type": "string" }, "vpcSecurityGroups": { "description": "Provides a list of VPC security group elements that the DB instance belongs to.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "address", "allocatedStorage", "autoMinorVersionUpgrade", "availabilityZone", "backupRetentionPeriod", "caCertIdentifier", "dbClusterIdentifier", "dbInstanceArn", "dbInstanceClass", "dbInstanceIdentifier", "dbInstancePort", "dbName", "dbParameterGroups", "dbSubnetGroup", "enabledCloudwatchLogsExports", "endpoint", "engine", "engineVersion", "hostedZoneId", "iops", "kmsKeyId", "licenseModel", "masterUserSecrets", "masterUsername", "maxAllocatedStorage", "monitoringInterval", "monitoringRoleArn", "multiAz", "networkType", "optionGroupMemberships", "port", "preferredBackupWindow", "preferredMaintenanceWindow", "publiclyAccessible", "replicateSourceDb", "resourceId", "storageEncrypted", "storageThroughput", "storageType", "tags", "timezone", "vpcSecurityGroups", "id" ], "type": "object" } }, "aws:rds/getInstances:getInstances": { "description": "Data source for listing RDS Database Instances.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.rds.getInstances({\n filters: [{\n name: \"db-instance-id\",\n values: [\"my-database-id\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_instances(filters=[{\n \"name\": \"db-instance-id\",\n \"values\": [\"my-database-id\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetInstances.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Rds.Inputs.GetInstancesFilterInputArgs\n {\n Name = \"db-instance-id\",\n Values = new[]\n {\n \"my-database-id\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetInstances(ctx, \u0026rds.GetInstancesArgs{\n\t\t\tFilters: []rds.GetInstancesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"db-instance-id\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"my-database-id\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetInstancesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getInstances(GetInstancesArgs.builder()\n .filters(GetInstancesFilterArgs.builder()\n .name(\"db-instance-id\")\n .values(\"my-database-id\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getInstances\n Arguments:\n filters:\n - name: db-instance-id\n values:\n - my-database-id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.rds.getInstances({\n tags: {\n Env: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.get_instances(tags={\n \"Env\": \"test\",\n})\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Rds.GetInstances.Invoke(new()\n {\n Tags = \n {\n { \"Env\", \"test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetInstances(ctx, \u0026rds.GetInstancesArgs{\n\t\t\tTags: map[string]interface{}{\n\t\t\t\t\"Env\": \"test\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetInstancesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RdsFunctions.getInstances(GetInstancesArgs.builder()\n .tags(Map.of(\"Env\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:rds:getInstances\n Arguments:\n tags:\n Env: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstances.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:rds/getInstancesFilter:getInstancesFilter" }, "description": "Configuration block(s) used to filter instances with AWS supported attributes, such as `engine`, `db-cluster-id` or `db-instance-id` for example. Detailed below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match a pair on the desired instances.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstances.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:rds/getInstancesFilter:getInstancesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceArns": { "description": "ARNs of the matched RDS instances.\n", "items": { "type": "string" }, "type": "array" }, "instanceIdentifiers": { "description": "Identifiers of the matched RDS instances.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "instanceArns", "instanceIdentifiers", "tags", "id" ], "type": "object" } }, "aws:rds/getOrderableDbInstance:getOrderableDbInstance": { "description": "Information about RDS orderable DB instances and valid parameter combinations.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getOrderableDbInstance({\n engine: \"mysql\",\n engineVersion: \"5.7.22\",\n licenseModel: \"general-public-license\",\n storageType: \"standard\",\n preferredInstanceClasses: [\n \"db.r6.xlarge\",\n \"db.m4.large\",\n \"db.t3.small\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_orderable_db_instance(engine=\"mysql\",\n engine_version=\"5.7.22\",\n license_model=\"general-public-license\",\n storage_type=\"standard\",\n preferred_instance_classes=[\n \"db.r6.xlarge\",\n \"db.m4.large\",\n \"db.t3.small\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetOrderableDbInstance.Invoke(new()\n {\n Engine = \"mysql\",\n EngineVersion = \"5.7.22\",\n LicenseModel = \"general-public-license\",\n StorageType = \"standard\",\n PreferredInstanceClasses = new[]\n {\n \"db.r6.xlarge\",\n \"db.m4.large\",\n \"db.t3.small\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetOrderableDbInstance(ctx, \u0026rds.GetOrderableDbInstanceArgs{\n\t\t\tEngine: \"mysql\",\n\t\t\tEngineVersion: pulumi.StringRef(\"5.7.22\"),\n\t\t\tLicenseModel: pulumi.StringRef(\"general-public-license\"),\n\t\t\tStorageType: pulumi.StringRef(\"standard\"),\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.r6.xlarge\",\n\t\t\t\t\"db.m4.large\",\n\t\t\t\t\"db.t3.small\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(\"mysql\")\n .engineVersion(\"5.7.22\")\n .licenseModel(\"general-public-license\")\n .storageType(\"standard\")\n .preferredInstanceClasses( \n \"db.r6.xlarge\",\n \"db.m4.large\",\n \"db.t3.small\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getOrderableDbInstance\n Arguments:\n engine: mysql\n engineVersion: 5.7.22\n licenseModel: general-public-license\n storageType: standard\n preferredInstanceClasses:\n - db.r6.xlarge\n - db.m4.large\n - db.t3.small\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nValid parameter combinations can also be found with `preferred_engine_versions` and/or `preferred_instance_classes`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getOrderableDbInstance({\n engine: \"mysql\",\n licenseModel: \"general-public-license\",\n preferredEngineVersions: [\n \"5.6.35\",\n \"5.6.41\",\n \"5.6.44\",\n ],\n preferredInstanceClasses: [\n \"db.t2.small\",\n \"db.t3.medium\",\n \"db.t3.large\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_orderable_db_instance(engine=\"mysql\",\n license_model=\"general-public-license\",\n preferred_engine_versions=[\n \"5.6.35\",\n \"5.6.41\",\n \"5.6.44\",\n ],\n preferred_instance_classes=[\n \"db.t2.small\",\n \"db.t3.medium\",\n \"db.t3.large\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetOrderableDbInstance.Invoke(new()\n {\n Engine = \"mysql\",\n LicenseModel = \"general-public-license\",\n PreferredEngineVersions = new[]\n {\n \"5.6.35\",\n \"5.6.41\",\n \"5.6.44\",\n },\n PreferredInstanceClasses = new[]\n {\n \"db.t2.small\",\n \"db.t3.medium\",\n \"db.t3.large\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetOrderableDbInstance(ctx, \u0026rds.GetOrderableDbInstanceArgs{\n\t\t\tEngine: \"mysql\",\n\t\t\tLicenseModel: pulumi.StringRef(\"general-public-license\"),\n\t\t\tPreferredEngineVersions: []string{\n\t\t\t\t\"5.6.35\",\n\t\t\t\t\"5.6.41\",\n\t\t\t\t\"5.6.44\",\n\t\t\t},\n\t\t\tPreferredInstanceClasses: []string{\n\t\t\t\t\"db.t2.small\",\n\t\t\t\t\"db.t3.medium\",\n\t\t\t\t\"db.t3.large\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()\n .engine(\"mysql\")\n .licenseModel(\"general-public-license\")\n .preferredEngineVersions( \n \"5.6.35\",\n \"5.6.41\",\n \"5.6.44\")\n .preferredInstanceClasses( \n \"db.t2.small\",\n \"db.t3.medium\",\n \"db.t3.large\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getOrderableDbInstance\n Arguments:\n engine: mysql\n licenseModel: general-public-license\n preferredEngineVersions:\n - 5.6.35\n - 5.6.41\n - 5.6.44\n preferredInstanceClasses:\n - db.t2.small\n - db.t3.medium\n - db.t3.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrderableDbInstance.\n", "properties": { "availabilityZoneGroup": { "type": "string", "description": "Availability zone group.\n" }, "engine": { "type": "string", "description": "DB engine. Engine values include `aurora`, `aurora-mysql`, `aurora-postgresql`, `docdb`, `mariadb`, `mysql`, `neptune`, `oracle-ee`, `oracle-se`, `oracle-se1`, `oracle-se2`, `postgres`, `sqlserver-ee`, `sqlserver-ex`, `sqlserver-se`, and `sqlserver-web`.\n" }, "engineLatestVersion": { "type": "boolean", "description": "When set to `true`, the data source attempts to return the most recent version matching the other criteria you provide. You must use `engine_latest_version` with `preferred_instance_classes` and/or `preferred_engine_versions`. Using `engine_latest_version` will avoid `multiple RDS DB Instance Classes` errors. If you use `engine_latest_version` with `preferred_instance_classes`, the data source returns the latest version for the _first_ matching instance class (instance class priority). **Note:** The data source uses a best-effort approach at selecting the latest version but due to the complexity of version identifiers across engines, using `engine_latest_version` may _not_ return the latest version in every situation.\n" }, "engineVersion": { "type": "string", "description": "Version of the DB engine. If none is provided, the data source tries to use the AWS-defined default version that matches any other criteria.\n" }, "instanceClass": { "type": "string", "description": "DB instance class. Examples of classes are `db.m3.2xlarge`, `db.t2.small`, and `db.m3.medium`.\n" }, "licenseModel": { "type": "string", "description": "License model. Examples of license models are `general-public-license`, `bring-your-own-license`, and `amazon-license`.\n" }, "preferredEngineVersions": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred RDS DB instance engine versions. When `engine_latest_version` is not set, the data source will return the first match in this list that matches any other criteria. If the data source finds no preferred matches or multiple matches without `engine_latest_version`, it returns an error. **CAUTION:** We don't recommend using `preferred_engine_versions` without `preferred_instance_classes` since the data source returns an arbitrary `instance_class` based on the first one AWS returns that matches the engine version and any other criteria.\n" }, "preferredInstanceClasses": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred RDS DB instance classes. The data source will return the first match in this list that matches any other criteria. If the data source finds no preferred matches or multiple matches without `engine_latest_version`, it returns an error. If you use `preferred_instance_classes` without `preferred_engine_versions` or `engine_latest_version`, the data source returns an arbitrary `engine_version` based on the first one AWS returns matching the instance class and any other criteria.\n" }, "readReplicaCapable": { "type": "boolean", "description": "Whether a DB instance can have a read replica.\n" }, "storageType": { "type": "string", "description": "Storage types. Examples of storage types are `standard`, `io1`, `gp2`, and `aurora`.\n" }, "supportedEngineModes": { "type": "array", "items": { "type": "string" }, "description": "Use to limit results to engine modes such as `provisioned`.\n" }, "supportedNetworkTypes": { "type": "array", "items": { "type": "string" }, "description": "Use to limit results to network types `IPV4` or `DUAL`.\n" }, "supportsClusters": { "type": "boolean", "description": "Whether to limit results to instances that support clusters.\n" }, "supportsEnhancedMonitoring": { "type": "boolean", "description": "Enable this to ensure a DB instance supports Enhanced Monitoring at intervals from 1 to 60 seconds.\n" }, "supportsGlobalDatabases": { "type": "boolean", "description": "Enable this to ensure a DB instance supports Aurora global databases with a specific combination of other DB engine attributes.\n" }, "supportsIamDatabaseAuthentication": { "type": "boolean", "description": "Enable this to ensure a DB instance supports IAM database authentication.\n" }, "supportsIops": { "type": "boolean", "description": "Enable this to ensure a DB instance supports provisioned IOPS.\n" }, "supportsKerberosAuthentication": { "type": "boolean", "description": "Enable this to ensure a DB instance supports Kerberos Authentication.\n" }, "supportsMultiAz": { "type": "boolean", "description": "Whether to limit results to instances that are multi-AZ capable.\n" }, "supportsPerformanceInsights": { "type": "boolean", "description": "Enable this to ensure a DB instance supports Performance Insights.\n" }, "supportsStorageAutoscaling": { "type": "boolean", "description": "Enable this to ensure Amazon RDS can automatically scale storage for DB instances that use the specified DB instance class.\n" }, "supportsStorageEncryption": { "type": "boolean", "description": "Enable this to ensure a DB instance supports encrypted storage.\n" }, "vpc": { "type": "boolean", "description": "Boolean that indicates whether to show only VPC or non-VPC offerings.\n" } }, "type": "object", "required": [ "engine" ] }, "outputs": { "description": "A collection of values returned by getOrderableDbInstance.\n", "properties": { "availabilityZoneGroup": { "type": "string" }, "availabilityZones": { "description": "Availability zones where the instance is available.\n", "items": { "type": "string" }, "type": "array" }, "engine": { "type": "string" }, "engineLatestVersion": { "type": "boolean" }, "engineVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceClass": { "type": "string" }, "licenseModel": { "type": "string" }, "maxIopsPerDbInstance": { "description": "Maximum total provisioned IOPS for a DB instance.\n", "type": "integer" }, "maxIopsPerGib": { "description": "Maximum provisioned IOPS per GiB for a DB instance.\n", "type": "number" }, "maxStorageSize": { "description": "Maximum storage size for a DB instance.\n", "type": "integer" }, "minIopsPerDbInstance": { "description": "Minimum total provisioned IOPS for a DB instance.\n", "type": "integer" }, "minIopsPerGib": { "description": "Minimum provisioned IOPS per GiB for a DB instance.\n", "type": "number" }, "minStorageSize": { "description": "Minimum storage size for a DB instance.\n", "type": "integer" }, "multiAzCapable": { "description": "Whether a DB instance is Multi-AZ capable.\n", "type": "boolean" }, "outpostCapable": { "description": "Whether a DB instance supports RDS on Outposts.\n", "type": "boolean" }, "preferredEngineVersions": { "items": { "type": "string" }, "type": "array" }, "preferredInstanceClasses": { "items": { "type": "string" }, "type": "array" }, "readReplicaCapable": { "type": "boolean" }, "storageType": { "type": "string" }, "supportedEngineModes": { "items": { "type": "string" }, "type": "array" }, "supportedNetworkTypes": { "items": { "type": "string" }, "type": "array" }, "supportsClusters": { "type": "boolean" }, "supportsEnhancedMonitoring": { "type": "boolean" }, "supportsGlobalDatabases": { "type": "boolean" }, "supportsIamDatabaseAuthentication": { "type": "boolean" }, "supportsIops": { "type": "boolean" }, "supportsKerberosAuthentication": { "type": "boolean" }, "supportsMultiAz": { "type": "boolean" }, "supportsPerformanceInsights": { "type": "boolean" }, "supportsStorageAutoscaling": { "type": "boolean" }, "supportsStorageEncryption": { "type": "boolean" }, "vpc": { "type": "boolean" } }, "required": [ "availabilityZoneGroup", "availabilityZones", "engine", "engineVersion", "instanceClass", "licenseModel", "maxIopsPerDbInstance", "maxIopsPerGib", "maxStorageSize", "minIopsPerDbInstance", "minIopsPerGib", "minStorageSize", "multiAzCapable", "outpostCapable", "readReplicaCapable", "storageType", "supportedEngineModes", "supportedNetworkTypes", "supportsClusters", "supportsEnhancedMonitoring", "supportsGlobalDatabases", "supportsIamDatabaseAuthentication", "supportsIops", "supportsKerberosAuthentication", "supportsMultiAz", "supportsPerformanceInsights", "supportsStorageAutoscaling", "supportsStorageEncryption", "vpc", "id" ], "type": "object" } }, "aws:rds/getParameterGroup:getParameterGroup": { "description": "Information about a database parameter group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getParameterGroup({\n name: \"default.postgres15\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_parameter_group(name=\"default.postgres15\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetParameterGroup.Invoke(new()\n {\n Name = \"default.postgres15\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupParameterGroup(ctx, \u0026rds.LookupParameterGroupArgs{\n\t\t\tName: \"default.postgres15\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetParameterGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getParameterGroup(GetParameterGroupArgs.builder()\n .name(\"default.postgres15\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getParameterGroup\n Arguments:\n name: default.postgres15\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getParameterGroup.\n", "properties": { "name": { "type": "string", "description": "DB parameter group name.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getParameterGroup.\n", "properties": { "arn": { "description": "ARN of the parameter group.\n", "type": "string" }, "description": { "description": "Description of the parameter group.\n", "type": "string" }, "family": { "description": "Family of the parameter group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "description", "family", "name", "id" ], "type": "object" } }, "aws:rds/getProxy:getProxy": { "description": "Use this data source to get information about a DB Proxy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst proxy = aws.rds.getProxy({\n name: \"my-test-db-proxy\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproxy = aws.rds.get_proxy(name=\"my-test-db-proxy\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var proxy = Aws.Rds.GetProxy.Invoke(new()\n {\n Name = \"my-test-db-proxy\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupProxy(ctx, \u0026rds.LookupProxyArgs{\n\t\t\tName: \"my-test-db-proxy\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetProxyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var proxy = RdsFunctions.getProxy(GetProxyArgs.builder()\n .name(\"my-test-db-proxy\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n proxy:\n fn::invoke:\n Function: aws:rds:getProxy\n Arguments:\n name: my-test-db-proxy\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProxy.\n", "properties": { "name": { "type": "string", "description": "Name of the DB proxy.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getProxy.\n", "properties": { "arn": { "description": "ARN of the DB Proxy.\n", "type": "string" }, "auths": { "description": "Configuration(s) with authorization mechanisms to connect to the associated instance or cluster.\n", "items": { "$ref": "#/types/aws:rds/getProxyAuth:getProxyAuth" }, "type": "array" }, "debugLogging": { "description": "Whether the proxy includes detailed information about SQL statements in its logs.\n", "type": "boolean" }, "endpoint": { "description": "Endpoint that you can use to connect to the DB proxy.\n", "type": "string" }, "engineFamily": { "description": "Kinds of databases that the proxy can connect to.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "idleClientTimeout": { "description": "Number of seconds a connection to the proxy can have no activity before the proxy drops the client connection.\n", "type": "integer" }, "name": { "type": "string" }, "requireTls": { "description": "Whether Transport Layer Security (TLS) encryption is required for connections to the proxy.\n", "type": "boolean" }, "roleArn": { "description": "ARN for the IAM role that the proxy uses to access Amazon Secrets Manager.\n", "type": "string" }, "vpcId": { "description": "Provides the VPC ID of the DB proxy.\n", "type": "string" }, "vpcSecurityGroupIds": { "description": "Provides a list of VPC security groups that the proxy belongs to.\n", "items": { "type": "string" }, "type": "array" }, "vpcSubnetIds": { "description": "EC2 subnet IDs for the proxy.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "auths", "debugLogging", "endpoint", "engineFamily", "idleClientTimeout", "name", "requireTls", "roleArn", "vpcId", "vpcSecurityGroupIds", "vpcSubnetIds", "id" ], "type": "object" } }, "aws:rds/getReservedInstanceOffering:getReservedInstanceOffering": { "description": "Information about a single RDS Reserved Instance Offering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.rds.getReservedInstanceOffering({\n dbInstanceClass: \"db.t2.micro\",\n duration: 31536000,\n multiAz: false,\n offeringType: \"All Upfront\",\n productDescription: \"mysql\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.rds.get_reserved_instance_offering(db_instance_class=\"db.t2.micro\",\n duration=31536000,\n multi_az=False,\n offering_type=\"All Upfront\",\n product_description=\"mysql\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Rds.GetReservedInstanceOffering.Invoke(new()\n {\n DbInstanceClass = \"db.t2.micro\",\n Duration = 31536000,\n MultiAz = false,\n OfferingType = \"All Upfront\",\n ProductDescription = \"mysql\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.GetReservedInstanceOffering(ctx, \u0026rds.GetReservedInstanceOfferingArgs{\n\t\t\tDbInstanceClass: \"db.t2.micro\",\n\t\t\tDuration: 31536000,\n\t\t\tMultiAz: false,\n\t\t\tOfferingType: \"All Upfront\",\n\t\t\tProductDescription: \"mysql\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetReservedInstanceOfferingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RdsFunctions.getReservedInstanceOffering(GetReservedInstanceOfferingArgs.builder()\n .dbInstanceClass(\"db.t2.micro\")\n .duration(31536000)\n .multiAz(false)\n .offeringType(\"All Upfront\")\n .productDescription(\"mysql\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:rds:getReservedInstanceOffering\n Arguments:\n dbInstanceClass: db.t2.micro\n duration: 3.1536e+07\n multiAz: false\n offeringType: All Upfront\n productDescription: mysql\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReservedInstanceOffering.\n", "properties": { "dbInstanceClass": { "type": "string", "description": "DB instance class for the reserved DB instance.\n" }, "duration": { "type": "integer", "description": "Duration of the reservation in years or seconds. Valid values are `1`, `3`, `31536000`, `94608000`\n" }, "multiAz": { "type": "boolean", "description": "Whether the reservation applies to Multi-AZ deployments.\n" }, "offeringType": { "type": "string", "description": "Offering type of this reserved DB instance. Valid values are `No Upfront`, `Partial Upfront`, `All Upfront`.\n" }, "productDescription": { "type": "string", "description": "Description of the reserved DB instance.\n" } }, "type": "object", "required": [ "dbInstanceClass", "duration", "multiAz", "offeringType", "productDescription" ] }, "outputs": { "description": "A collection of values returned by getReservedInstanceOffering.\n", "properties": { "currencyCode": { "description": "Currency code for the reserved DB instance.\n", "type": "string" }, "dbInstanceClass": { "type": "string" }, "duration": { "type": "integer" }, "fixedPrice": { "description": "Fixed price charged for this reserved DB instance.\n", "type": "number" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "multiAz": { "type": "boolean" }, "offeringId": { "description": "Unique identifier for the reservation.\n", "type": "string" }, "offeringType": { "type": "string" }, "productDescription": { "type": "string" } }, "required": [ "currencyCode", "dbInstanceClass", "duration", "fixedPrice", "multiAz", "offeringId", "offeringType", "productDescription", "id" ], "type": "object" } }, "aws:rds/getSnapshot:getSnapshot": { "description": "Use this data source to get information about a DB Snapshot for use when provisioning DB instances\n\n\u003e **NOTE:** This data source does not apply to snapshots created on Aurora DB clusters.\nSee the `aws.rds.ClusterSnapshot` data source for DB Cluster snapshots.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst prod = new aws.rds.Instance(\"prod\", {\n allocatedStorage: 10,\n engine: \"mysql\",\n engineVersion: \"5.6.17\",\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"mydb\",\n username: \"foo\",\n password: \"bar\",\n dbSubnetGroupName: \"my_database_subnet_group\",\n parameterGroupName: \"default.mysql5.6\",\n});\nconst latestProdSnapshot = aws.rds.getSnapshotOutput({\n dbInstanceIdentifier: prod.identifier,\n mostRecent: true,\n});\n// Use the latest production snapshot to create a dev instance.\nconst dev = new aws.rds.Instance(\"dev\", {\n instanceClass: aws.rds.InstanceType.T2_Micro,\n dbName: \"mydbdev\",\n snapshotIdentifier: latestProdSnapshot.apply(latestProdSnapshot =\u003e latestProdSnapshot.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprod = aws.rds.Instance(\"prod\",\n allocated_storage=10,\n engine=\"mysql\",\n engine_version=\"5.6.17\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"mydb\",\n username=\"foo\",\n password=\"bar\",\n db_subnet_group_name=\"my_database_subnet_group\",\n parameter_group_name=\"default.mysql5.6\")\nlatest_prod_snapshot = aws.rds.get_snapshot_output(db_instance_identifier=prod.identifier,\n most_recent=True)\n# Use the latest production snapshot to create a dev instance.\ndev = aws.rds.Instance(\"dev\",\n instance_class=aws.rds.InstanceType.T2_MICRO,\n db_name=\"mydbdev\",\n snapshot_identifier=latest_prod_snapshot.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var prod = new Aws.Rds.Instance(\"prod\", new()\n {\n AllocatedStorage = 10,\n Engine = \"mysql\",\n EngineVersion = \"5.6.17\",\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"mydb\",\n Username = \"foo\",\n Password = \"bar\",\n DbSubnetGroupName = \"my_database_subnet_group\",\n ParameterGroupName = \"default.mysql5.6\",\n });\n\n var latestProdSnapshot = Aws.Rds.GetSnapshot.Invoke(new()\n {\n DbInstanceIdentifier = prod.Identifier,\n MostRecent = true,\n });\n\n // Use the latest production snapshot to create a dev instance.\n var dev = new Aws.Rds.Instance(\"dev\", new()\n {\n InstanceClass = Aws.Rds.InstanceType.T2_Micro,\n DbName = \"mydbdev\",\n SnapshotIdentifier = latestProdSnapshot.Apply(getSnapshotResult =\u003e getSnapshotResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprod, err := rds.NewInstance(ctx, \"prod\", \u0026rds.InstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.17\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"mydb\"),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"bar\"),\n\t\t\tDbSubnetGroupName: pulumi.String(\"my_database_subnet_group\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.6\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlatestProdSnapshot := rds.LookupSnapshotOutput(ctx, rds.GetSnapshotOutputArgs{\n\t\t\tDbInstanceIdentifier: prod.Identifier,\n\t\t\tMostRecent: pulumi.Bool(true),\n\t\t}, nil)\n\t\t// Use the latest production snapshot to create a dev instance.\n\t\t_, err = rds.NewInstance(ctx, \"dev\", \u0026rds.InstanceArgs{\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T2_Micro),\n\t\t\tDbName: pulumi.String(\"mydbdev\"),\n\t\t\tSnapshotIdentifier: pulumi.String(latestProdSnapshot.ApplyT(func(latestProdSnapshot rds.GetSnapshotResult) (*string, error) {\n\t\t\t\treturn \u0026latestProdSnapshot.Id, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetSnapshotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var prod = new Instance(\"prod\", InstanceArgs.builder()\n .allocatedStorage(10)\n .engine(\"mysql\")\n .engineVersion(\"5.6.17\")\n .instanceClass(\"db.t2.micro\")\n .dbName(\"mydb\")\n .username(\"foo\")\n .password(\"bar\")\n .dbSubnetGroupName(\"my_database_subnet_group\")\n .parameterGroupName(\"default.mysql5.6\")\n .build());\n\n final var latestProdSnapshot = RdsFunctions.getSnapshot(GetSnapshotArgs.builder()\n .dbInstanceIdentifier(prod.identifier())\n .mostRecent(true)\n .build());\n\n // Use the latest production snapshot to create a dev instance.\n var dev = new Instance(\"dev\", InstanceArgs.builder()\n .instanceClass(\"db.t2.micro\")\n .dbName(\"mydbdev\")\n .snapshotIdentifier(latestProdSnapshot.applyValue(getSnapshotResult -\u003e getSnapshotResult).applyValue(latestProdSnapshot -\u003e latestProdSnapshot.applyValue(getSnapshotResult -\u003e getSnapshotResult.id())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n prod:\n type: aws:rds:Instance\n properties:\n allocatedStorage: 10\n engine: mysql\n engineVersion: 5.6.17\n instanceClass: db.t2.micro\n dbName: mydb\n username: foo\n password: bar\n dbSubnetGroupName: my_database_subnet_group\n parameterGroupName: default.mysql5.6\n # Use the latest production snapshot to create a dev instance.\n dev:\n type: aws:rds:Instance\n properties:\n instanceClass: db.t2.micro\n dbName: mydbdev\n snapshotIdentifier: ${latestProdSnapshot.id}\nvariables:\n latestProdSnapshot:\n fn::invoke:\n Function: aws:rds:getSnapshot\n Arguments:\n dbInstanceIdentifier: ${prod.identifier}\n mostRecent: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSnapshot.\n", "properties": { "dbInstanceIdentifier": { "type": "string", "description": "Returns the list of snapshots created by the specific db_instance\n" }, "dbSnapshotIdentifier": { "type": "string", "description": "Returns information on a specific snapshot_id.\n" }, "includePublic": { "type": "boolean", "description": "Set this value to true to include manual DB snapshots that are public and can be\ncopied or restored by any AWS account, otherwise set this value to false. The default is `false`.\n" }, "includeShared": { "type": "boolean", "description": "Set this value to true to include shared manual DB snapshots from other\nAWS accounts that this AWS account has been given permission to copy or restore, otherwise set this value to false.\nThe default is `false`.\n" }, "mostRecent": { "type": "boolean", "description": "If more than one result is returned, use the most\nrecent Snapshot.\n" }, "snapshotType": { "type": "string", "description": "Type of snapshots to be returned. If you don't specify a SnapshotType\nvalue, then both automated and manual snapshots are returned. Shared and public DB snapshots are not\nincluded in the returned results by default. Possible values are, `automated`, `manual`, `shared`, `public` and `awsbackup`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of tags, each pair of which must exactly match\na pair on the desired DB snapshot.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSnapshot.\n", "properties": { "allocatedStorage": { "description": "Allocated storage size in gigabytes (GB).\n", "type": "integer" }, "availabilityZone": { "description": "Name of the Availability Zone the DB instance was located in at the time of the DB snapshot.\n", "type": "string" }, "dbInstanceIdentifier": { "type": "string" }, "dbSnapshotArn": { "description": "ARN for the DB snapshot.\n", "type": "string" }, "dbSnapshotIdentifier": { "type": "string" }, "encrypted": { "description": "Whether the DB snapshot is encrypted.\n", "type": "boolean" }, "engine": { "description": "Name of the database engine.\n", "type": "string" }, "engineVersion": { "description": "Version of the database engine.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includePublic": { "type": "boolean" }, "includeShared": { "type": "boolean" }, "iops": { "description": "Provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.\n", "type": "integer" }, "kmsKeyId": { "description": "ARN for the KMS encryption key.\n", "type": "string" }, "licenseModel": { "description": "License model information for the restored DB instance.\n", "type": "string" }, "mostRecent": { "type": "boolean" }, "optionGroupName": { "description": "Provides the option group name for the DB snapshot.\n", "type": "string" }, "originalSnapshotCreateTime": { "description": "Provides the time when the snapshot was taken, in Universal Coordinated Time (UTC). Doesn't change when the snapshot is copied.\n", "type": "string" }, "port": { "type": "integer" }, "snapshotCreateTime": { "description": "Provides the time when the snapshot was taken, in Universal Coordinated Time (UTC). Changes for the copy when the snapshot is copied.\n", "type": "string" }, "snapshotType": { "type": "string" }, "sourceDbSnapshotIdentifier": { "description": "DB snapshot ARN that the DB snapshot was copied from. It only has value in case of cross customer or cross region copy.\n", "type": "string" }, "sourceRegion": { "description": "Region that the DB snapshot was created in or copied from.\n", "type": "string" }, "status": { "description": "Status of this DB snapshot.\n", "type": "string" }, "storageType": { "description": "Storage type associated with DB snapshot.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "vpcId": { "description": "ID of the VPC associated with the DB snapshot.\n", "type": "string" } }, "required": [ "allocatedStorage", "availabilityZone", "dbSnapshotArn", "encrypted", "engine", "engineVersion", "iops", "kmsKeyId", "licenseModel", "optionGroupName", "originalSnapshotCreateTime", "port", "snapshotCreateTime", "sourceDbSnapshotIdentifier", "sourceRegion", "status", "storageType", "tags", "vpcId", "id" ], "type": "object" } }, "aws:rds/getSubnetGroup:getSubnetGroup": { "description": "Use this data source to get information about an RDS subnet group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst database = aws.rds.getSubnetGroup({\n name: \"my-test-database-subnet-group\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndatabase = aws.rds.get_subnet_group(name=\"my-test-database-subnet-group\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var database = Aws.Rds.GetSubnetGroup.Invoke(new()\n {\n Name = \"my-test-database-subnet-group\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.LookupSubnetGroup(ctx, \u0026rds.LookupSubnetGroupArgs{\n\t\t\tName: \"my-test-database-subnet-group\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.RdsFunctions;\nimport com.pulumi.aws.rds.inputs.GetSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var database = RdsFunctions.getSubnetGroup(GetSubnetGroupArgs.builder()\n .name(\"my-test-database-subnet-group\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n database:\n fn::invoke:\n Function: aws:rds:getSubnetGroup\n Arguments:\n name: my-test-database-subnet-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubnetGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the RDS database subnet group.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSubnetGroup.\n", "properties": { "arn": { "description": "ARN for the DB subnet group.\n", "type": "string" }, "description": { "description": "Provides the description of the DB subnet group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "status": { "description": "Provides the status of the DB subnet group.\n", "type": "string" }, "subnetIds": { "description": "Contains a list of subnet identifiers.\n", "items": { "type": "string" }, "type": "array" }, "supportedNetworkTypes": { "description": "The network type of the DB subnet group.\n", "items": { "type": "string" }, "type": "array" }, "vpcId": { "description": "Provides the VPC ID of the DB subnet group.\n", "type": "string" } }, "required": [ "arn", "description", "name", "status", "subnetIds", "supportedNetworkTypes", "vpcId", "id" ], "type": "object" } }, "aws:redshift/getCluster:getCluster": { "description": "Provides details about a specific redshift cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetClusterArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftFunctions.getCluster(GetClusterArgs.builder()\n .clusterIdentifier(\"example-cluster\")\n .build());\n\n var exampleStream = new FirehoseDeliveryStream(\"exampleStream\", FirehoseDeliveryStreamArgs.builder()\n .name(\"kinesis-firehose-example-stream\")\n .destination(\"redshift\")\n .redshiftConfiguration(FirehoseDeliveryStreamRedshiftConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .clusterJdbcurl(String.format(\"jdbc:redshift://%s/%s\", example.applyValue(getClusterResult -\u003e getClusterResult.endpoint()),example.applyValue(getClusterResult -\u003e getClusterResult.databaseName())))\n .username(\"exampleuser\")\n .password(\"Exampl3Pass\")\n .dataTableName(\"example-table\")\n .copyOptions(\"delimiter '|'\")\n .dataTableColumns(\"example-col\")\n .s3Configuration(FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferSize(10)\n .bufferInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: example_stream\n properties:\n name: kinesis-firehose-example-stream\n destination: redshift\n redshiftConfiguration:\n roleArn: ${firehoseRole.arn}\n clusterJdbcurl: jdbc:redshift://${example.endpoint}/${example.databaseName}\n username: exampleuser\n password: Exampl3Pass\n dataTableName: example-table\n copyOptions: delimiter '|'\n dataTableColumns: example-col\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferSize: 10\n bufferInterval: 400\n compressionFormat: GZIP\nvariables:\n example:\n fn::invoke:\n Function: aws:redshift:getCluster\n Arguments:\n clusterIdentifier: example-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCluster.\n", "properties": { "clusterIdentifier": { "type": "string", "description": "Cluster identifier\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags associated to the cluster\n" } }, "type": "object", "required": [ "clusterIdentifier" ] }, "outputs": { "description": "A collection of values returned by getCluster.\n", "properties": { "allowVersionUpgrade": { "description": "Whether major version upgrades can be applied during maintenance period\n", "type": "boolean" }, "aquaConfigurationStatus": { "description": "The value represents how the cluster is configured to use AQUA.\n", "type": "string" }, "arn": { "description": "ARN of cluster.\n", "type": "string" }, "automatedSnapshotRetentionPeriod": { "description": "The backup retention period\n", "type": "integer" }, "availabilityZone": { "description": "Availability zone of the cluster\n", "type": "string" }, "availabilityZoneRelocationEnabled": { "description": "Indicates whether the cluster is able to be relocated to another availability zone.\n", "type": "boolean" }, "bucketName": { "description": "Name of the S3 bucket where the log files are to be stored\n", "type": "string" }, "clusterIdentifier": { "description": "Cluster identifier\n", "type": "string" }, "clusterNamespaceArn": { "description": "The namespace Amazon Resource Name (ARN) of the cluster\n", "type": "string" }, "clusterNodes": { "description": "Nodes in the cluster. Cluster node blocks are documented below\n", "items": { "$ref": "#/types/aws:redshift/getClusterClusterNode:getClusterClusterNode" }, "type": "array" }, "clusterParameterGroupName": { "description": "The name of the parameter group to be associated with this cluster\n", "type": "string" }, "clusterPublicKey": { "description": "Public key for the cluster\n", "type": "string" }, "clusterRevisionNumber": { "description": "The cluster revision number\n", "type": "string" }, "clusterSubnetGroupName": { "description": "The name of a cluster subnet group to be associated with this cluster\n", "type": "string" }, "clusterType": { "description": "Cluster type\n", "type": "string" }, "clusterVersion": { "type": "string" }, "databaseName": { "description": "Name of the default database in the cluster\n", "type": "string" }, "defaultIamRoleArn": { "description": "The ARN for the IAM role that was set as default for the cluster when the cluster was created.\n", "type": "string" }, "elasticIp": { "description": "Elastic IP of the cluster\n", "type": "string" }, "enableLogging": { "description": "Whether cluster logging is enabled\n", "type": "boolean" }, "encrypted": { "description": "Whether the cluster data is encrypted\n", "type": "boolean" }, "endpoint": { "description": "Cluster endpoint\n", "type": "string" }, "enhancedVpcRouting": { "description": "Whether enhanced VPC routing is enabled\n", "type": "boolean" }, "iamRoles": { "description": "IAM roles associated to the cluster\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "KMS encryption key associated to the cluster\n", "type": "string" }, "logDestinationType": { "description": "The log destination type.\n", "type": "string" }, "logExports": { "description": "Collection of exported log types. Log types include the connection log, user log and user activity log.\n", "items": { "type": "string" }, "type": "array" }, "maintenanceTrackName": { "description": "The name of the maintenance track for the restored cluster.\n", "type": "string" }, "manualSnapshotRetentionPeriod": { "description": "(Optional) The default number of days to retain a manual snapshot.\n", "type": "integer" }, "masterUsername": { "description": "Username for the master DB user\n", "type": "string" }, "multiAz": { "description": "If the cluster is a Multi-AZ deployment\n", "type": "boolean" }, "nodeType": { "description": "Cluster node type\n", "type": "string" }, "numberOfNodes": { "description": "Number of nodes in the cluster\n", "type": "integer" }, "port": { "description": "Port the cluster responds on\n", "type": "integer" }, "preferredMaintenanceWindow": { "description": "The maintenance window\n", "type": "string" }, "publiclyAccessible": { "description": "Whether the cluster is publicly accessible\n", "type": "boolean" }, "s3KeyPrefix": { "description": "Folder inside the S3 bucket where the log files are stored\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags associated to the cluster\n", "type": "object" }, "vpcId": { "description": "VPC Id associated with the cluster\n", "type": "string" }, "vpcSecurityGroupIds": { "description": "The VPC security group Ids associated with the cluster\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "allowVersionUpgrade", "aquaConfigurationStatus", "arn", "automatedSnapshotRetentionPeriod", "availabilityZone", "availabilityZoneRelocationEnabled", "bucketName", "clusterIdentifier", "clusterNamespaceArn", "clusterNodes", "clusterParameterGroupName", "clusterPublicKey", "clusterRevisionNumber", "clusterSubnetGroupName", "clusterType", "clusterVersion", "databaseName", "defaultIamRoleArn", "elasticIp", "enableLogging", "encrypted", "endpoint", "enhancedVpcRouting", "iamRoles", "kmsKeyId", "logDestinationType", "logExports", "maintenanceTrackName", "manualSnapshotRetentionPeriod", "masterUsername", "multiAz", "nodeType", "numberOfNodes", "port", "preferredMaintenanceWindow", "publiclyAccessible", "s3KeyPrefix", "tags", "vpcId", "vpcSecurityGroupIds", "id" ], "type": "object" } }, "aws:redshift/getClusterCredentials:getClusterCredentials": { "description": "Provides redshift cluster temporary credentials.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshift.getClusterCredentials({\n clusterIdentifier: exampleAwsRedshiftCluster.clusterIdentifier,\n dbUser: exampleAwsRedshiftCluster.masterUsername,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.get_cluster_credentials(cluster_identifier=example_aws_redshift_cluster[\"clusterIdentifier\"],\n db_user=example_aws_redshift_cluster[\"masterUsername\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedShift.GetClusterCredentials.Invoke(new()\n {\n ClusterIdentifier = exampleAwsRedshiftCluster.ClusterIdentifier,\n DbUser = exampleAwsRedshiftCluster.MasterUsername,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.GetClusterCredentials(ctx, \u0026redshift.GetClusterCredentialsArgs{\n\t\t\tClusterIdentifier: exampleAwsRedshiftCluster.ClusterIdentifier,\n\t\t\tDbUser: exampleAwsRedshiftCluster.MasterUsername,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetClusterCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftFunctions.getClusterCredentials(GetClusterCredentialsArgs.builder()\n .clusterIdentifier(exampleAwsRedshiftCluster.clusterIdentifier())\n .dbUser(exampleAwsRedshiftCluster.masterUsername())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshift:getClusterCredentials\n Arguments:\n clusterIdentifier: ${exampleAwsRedshiftCluster.clusterIdentifier}\n dbUser: ${exampleAwsRedshiftCluster.masterUsername}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getClusterCredentials.\n", "properties": { "autoCreate": { "type": "boolean", "description": "Create a database user with the name specified for the user named in `db_user` if one does not exist.\n" }, "clusterIdentifier": { "type": "string", "description": "Unique identifier of the cluster that contains the database for which your are requesting credentials.\n" }, "dbGroups": { "type": "array", "items": { "type": "string" }, "description": "List of the names of existing database groups that the user named in `db_user` will join for the current session, in addition to any group memberships for an existing user. If not specified, a new user is added only to `PUBLIC`.\n" }, "dbName": { "type": "string", "description": "Name of a database that DbUser is authorized to log on to. If `db_name` is not specified, `db_user` can log on to any existing database.\n" }, "dbUser": { "type": "string", "description": "Name of a database user. If a user name matching `db_user` exists in the database, the temporary user credentials have the same permissions as the existing user. If `db_user` doesn't exist in the database and `auto_create` is `True`, a new user is created using the value for `db_user` with `PUBLIC` permissions. If a database user matching the value for `db_user` doesn't exist and `not` is `False`, then the command succeeds but the connection attempt will fail because the user doesn't exist in the database.\n" }, "durationSeconds": { "type": "integer", "description": "The number of seconds until the returned temporary password expires. Valid values are between `900` and `3600`. Default value is `900`.\n" } }, "type": "object", "required": [ "clusterIdentifier", "dbUser" ] }, "outputs": { "description": "A collection of values returned by getClusterCredentials.\n", "properties": { "autoCreate": { "type": "boolean" }, "clusterIdentifier": { "type": "string" }, "dbGroups": { "items": { "type": "string" }, "type": "array" }, "dbName": { "type": "string" }, "dbPassword": { "description": "Temporary password that authorizes the user name returned by `db_user` to log on to the database `db_name`.\n", "secret": true, "type": "string" }, "dbUser": { "type": "string" }, "durationSeconds": { "type": "integer" }, "expiration": { "description": "Date and time the password in `db_password` expires.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "clusterIdentifier", "dbPassword", "dbUser", "expiration", "id" ], "type": "object" } }, "aws:redshift/getDataShares:getDataShares": { "description": "Data source for managing AWS Redshift Data Shares.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshift.getDataShares({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.get_data_shares()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedShift.GetDataShares.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.GetDataShares(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetDataSharesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftFunctions.getDataShares();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshift:getDataShares\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDataShares.\n", "properties": { "dataShares": { "type": "array", "items": { "$ref": "#/types/aws:redshift/getDataSharesDataShare:getDataSharesDataShare" }, "description": "An array of all data shares in the current region. See `data_shares` below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getDataShares.\n", "properties": { "dataShares": { "description": "An array of all data shares in the current region. See `data_shares` below.\n", "items": { "$ref": "#/types/aws:redshift/getDataSharesDataShare:getDataSharesDataShare" }, "type": "array" }, "id": { "description": "AWS region.\n", "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:redshift/getOrderableCluster:getOrderableCluster": { "description": "Information about Redshift Orderable Clusters and valid parameter combinations.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.redshift.getOrderableCluster({\n clusterType: \"multi-node\",\n preferredNodeTypes: [\n \"dc2.large\",\n \"ds2.xlarge\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.redshift.get_orderable_cluster(cluster_type=\"multi-node\",\n preferred_node_types=[\n \"dc2.large\",\n \"ds2.xlarge\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.RedShift.GetOrderableCluster.Invoke(new()\n {\n ClusterType = \"multi-node\",\n PreferredNodeTypes = new[]\n {\n \"dc2.large\",\n \"ds2.xlarge\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.GetOrderableCluster(ctx, \u0026redshift.GetOrderableClusterArgs{\n\t\t\tClusterType: pulumi.StringRef(\"multi-node\"),\n\t\t\tPreferredNodeTypes: []string{\n\t\t\t\t\"dc2.large\",\n\t\t\t\t\"ds2.xlarge\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetOrderableClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = RedshiftFunctions.getOrderableCluster(GetOrderableClusterArgs.builder()\n .clusterType(\"multi-node\")\n .preferredNodeTypes( \n \"dc2.large\",\n \"ds2.xlarge\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:redshift:getOrderableCluster\n Arguments:\n clusterType: multi-node\n preferredNodeTypes:\n - dc2.large\n - ds2.xlarge\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getOrderableCluster.\n", "properties": { "clusterType": { "type": "string", "description": "Reshift Cluster typeE.g., `multi-node` or `single-node`\n" }, "clusterVersion": { "type": "string", "description": "Redshift Cluster versionE.g., `1.0`\n" }, "nodeType": { "type": "string", "description": "Redshift Cluster node typeE.g., `dc2.8xlarge`\n" }, "preferredNodeTypes": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of preferred Redshift Cluster node types. The first match in this list will be returned. If no preferred matches are found and the original search returned more than one result, an error is returned.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getOrderableCluster.\n", "properties": { "availabilityZones": { "description": "List of Availability Zone names where the Redshift Cluster is available.\n", "items": { "type": "string" }, "type": "array" }, "clusterType": { "type": "string" }, "clusterVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "nodeType": { "type": "string" }, "preferredNodeTypes": { "items": { "type": "string" }, "type": "array" } }, "required": [ "availabilityZones", "clusterType", "clusterVersion", "nodeType", "id" ], "type": "object" } }, "aws:redshift/getProducerDataShares:getProducerDataShares": { "description": "Data source for managing AWS Redshift Producer Data Shares.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshift.getProducerDataShares({\n producerArn: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.get_producer_data_shares(producer_arn=\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedShift.GetProducerDataShares.Invoke(new()\n {\n ProducerArn = \"\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.GetProducerDataShares(ctx, \u0026redshift.GetProducerDataSharesArgs{\n\t\t\tProducerArn: \"\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetProducerDataSharesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftFunctions.getProducerDataShares(GetProducerDataSharesArgs.builder()\n .producerArn(\"\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshift:getProducerDataShares\n Arguments:\n producerArn:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProducerDataShares.\n", "properties": { "dataShares": { "type": "array", "items": { "$ref": "#/types/aws:redshift/getProducerDataSharesDataShare:getProducerDataSharesDataShare" }, "description": "An array of all data shares in the producer. See `data_shares` below.\n" }, "producerArn": { "type": "string", "description": "Amazon Resource Name (ARN) of the producer namespace that returns in the list of datashares.\n\nThe following arguments are optional:\n" }, "status": { "type": "string", "description": "Status of a datashare in the producer. Valid values are `ACTIVE`, `AUTHORIZED`, `PENDING_AUTHORIZATION`, `DEAUTHORIZED`, and `REJECTED`. Omit this argument to return all statuses.\n" } }, "type": "object", "required": [ "producerArn" ] }, "outputs": { "description": "A collection of values returned by getProducerDataShares.\n", "properties": { "dataShares": { "description": "An array of all data shares in the producer. See `data_shares` below.\n", "items": { "$ref": "#/types/aws:redshift/getProducerDataSharesDataShare:getProducerDataSharesDataShare" }, "type": "array" }, "id": { "description": "Producer ARN.\n", "type": "string" }, "producerArn": { "description": "ARN (Amazon Resource Name) of the producer.\n", "type": "string" }, "status": { "type": "string" } }, "required": [ "id", "producerArn" ], "type": "object" } }, "aws:redshift/getServiceAccount:getServiceAccount": { "description": "Use this data source to get the Account ID of the [AWS Redshift Service Account](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)\nin a given region for the purpose of allowing Redshift to store audit data in S3.\n\n\u003e **Note:** AWS documentation [states that](https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-bucket-permissions) a [service principal name](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services) should be used instead of an AWS account ID in any relevant IAM policy.\nThe `aws.redshift.getServiceAccount` data source has been deprecated and will be removed in a future version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.redshift.getServiceAccount({});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {\n bucket: \"tf-redshift-logging-test-bucket\",\n forceDestroy: true,\n});\nconst allowAuditLogging = pulumi.all([main, bucket.arn, main]).apply(([main, arn, main1]) =\u003e aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"Put bucket policy needed for audit logging\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main.arn],\n }],\n actions: [\"s3:PutObject\"],\n resources: [`${arn}/*`],\n },\n {\n sid: \"Get bucket policy needed for audit logging\",\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [main1.arn],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: bucketAwsS3Bucket.arn,\n },\n ],\n}));\nconst allowAuditLoggingBucketPolicy = new aws.s3.BucketPolicy(\"allow_audit_logging\", {\n bucket: bucket.id,\n policy: allowAuditLogging.apply(allowAuditLogging =\u003e allowAuditLogging.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.redshift.get_service_account()\nbucket = aws.s3.BucketV2(\"bucket\",\n bucket=\"tf-redshift-logging-test-bucket\",\n force_destroy=True)\nallow_audit_logging = bucket.arn.apply(lambda arn: aws.iam.get_policy_document_output(statements=[\n {\n \"sid\": \"Put bucket policy needed for audit logging\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:PutObject\"],\n \"resources\": [f\"{arn}/*\"],\n },\n {\n \"sid\": \"Get bucket policy needed for audit logging\",\n \"effect\": \"Allow\",\n \"principals\": [{\n \"type\": \"AWS\",\n \"identifiers\": [main.arn],\n }],\n \"actions\": [\"s3:GetBucketAcl\"],\n \"resources\": bucket_aws_s3_bucket[\"arn\"],\n },\n]))\nallow_audit_logging_bucket_policy = aws.s3.BucketPolicy(\"allow_audit_logging\",\n bucket=bucket.id,\n policy=allow_audit_logging.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.RedShift.GetServiceAccount.Invoke();\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"tf-redshift-logging-test-bucket\",\n ForceDestroy = true,\n });\n\n var allowAuditLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Put bucket policy needed for audit logging\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getServiceAccountResult =\u003e getServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{bucket.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Get bucket policy needed for audit logging\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n main.Apply(getServiceAccountResult =\u003e getServiceAccountResult.Arn),\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = bucketAwsS3Bucket.Arn,\n },\n },\n });\n\n var allowAuditLoggingBucketPolicy = new Aws.S3.BucketPolicy(\"allow_audit_logging\", new()\n {\n Bucket = bucket.Id,\n Policy = allowAuditLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nmain, err := redshift.GetServiceAccount(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\nBucket: pulumi.String(\"tf-redshift-logging-test-bucket\"),\nForceDestroy: pulumi.Bool(true),\n})\nif err != nil {\nreturn err\n}\nallowAuditLogging := bucket.Arn.ApplyT(func(arn string) (iam.GetPolicyDocumentResult, error) {\nreturn iam.GetPolicyDocumentResult(interface{}(iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"Put bucket policy needed for audit logging\",\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:PutObject\",\n},\nResources: []string{\nfmt.Sprintf(\"%v/*\", arn),\n},\n},\n{\nSid: \"Get bucket policy needed for audit logging\",\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: interface{}{\nmain.Arn,\n},\n},\n},\nActions: []string{\n\"s3:GetBucketAcl\",\n},\nResources: bucketAwsS3Bucket.Arn,\n},\n},\n}, nil))), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = s3.NewBucketPolicy(ctx, \"allow_audit_logging\", \u0026s3.BucketPolicyArgs{\nBucket: bucket.ID(),\nPolicy: pulumi.String(allowAuditLogging.ApplyT(func(allowAuditLogging iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026allowAuditLogging.Json, nil\n}).(pulumi.StringPtrOutput)),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetServiceAccountArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = RedshiftFunctions.getServiceAccount();\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder()\n .bucket(\"tf-redshift-logging-test-bucket\")\n .forceDestroy(true)\n .build());\n\n final var allowAuditLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Put bucket policy needed for audit logging\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getServiceAccountResult -\u003e getServiceAccountResult.arn()))\n .build())\n .actions(\"s3:PutObject\")\n .resources(bucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Get bucket policy needed for audit logging\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(main.applyValue(getServiceAccountResult -\u003e getServiceAccountResult.arn()))\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(bucketAwsS3Bucket.arn())\n .build())\n .build());\n\n var allowAuditLoggingBucketPolicy = new BucketPolicy(\"allowAuditLoggingBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(bucket.id())\n .policy(allowAuditLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(allowAuditLogging -\u003e allowAuditLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-redshift-logging-test-bucket\n forceDestroy: true\n allowAuditLoggingBucketPolicy:\n type: aws:s3:BucketPolicy\n name: allow_audit_logging\n properties:\n bucket: ${bucket.id}\n policy: ${allowAuditLogging.json}\nvariables:\n main:\n fn::invoke:\n Function: aws:redshift:getServiceAccount\n Arguments: {}\n allowAuditLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Put bucket policy needed for audit logging\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:PutObject\n resources:\n - ${bucket.arn}/*\n - sid: Get bucket policy needed for audit logging\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - ${main.arn}\n actions:\n - s3:GetBucketAcl\n resources: ${bucketAwsS3Bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServiceAccount.\n", "properties": { "region": { "type": "string", "description": "Name of the region whose AWS Redshift account ID is desired.\nDefaults to the region from the AWS provider configuration.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getServiceAccount.\n", "properties": { "arn": { "description": "ARN of the AWS Redshift service account in the selected region.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "type": "string" } }, "required": [ "arn", "id" ], "type": "object" } }, "aws:redshift/getSubnetGroup:getSubnetGroup": { "description": "Provides details about a specific redshift subnet group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshift.getSubnetGroup({\n name: exampleAwsRedshiftSubnetGroup.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshift.get_subnet_group(name=example_aws_redshift_subnet_group[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedShift.GetSubnetGroup.Invoke(new()\n {\n Name = exampleAwsRedshiftSubnetGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshift.LookupSubnetGroup(ctx, \u0026redshift.LookupSubnetGroupArgs{\n\t\t\tName: exampleAwsRedshiftSubnetGroup.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.RedshiftFunctions;\nimport com.pulumi.aws.redshift.inputs.GetSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftFunctions.getSubnetGroup(GetSubnetGroupArgs.builder()\n .name(exampleAwsRedshiftSubnetGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshift:getSubnetGroup\n Arguments:\n name: ${exampleAwsRedshiftSubnetGroup.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubnetGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the cluster subnet group for which information is requested.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags associated to the Subnet Group\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSubnetGroup.\n", "properties": { "arn": { "description": "ARN of the Redshift Subnet Group name.\n", "type": "string" }, "description": { "description": "Description of the Redshift Subnet group.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "subnetIds": { "description": "An array of VPC subnet IDs.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags associated to the Subnet Group\n", "type": "object" } }, "required": [ "arn", "description", "name", "subnetIds", "tags", "id" ], "type": "object" } }, "aws:redshiftserverless/getCredentials:getCredentials": { "description": "Provides redshift serverless temporary credentials for a workgroup.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshiftserverless.getCredentials({\n workgroupName: exampleAwsRedshiftserverlessWorkgroup.workgroupName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.get_credentials(workgroup_name=example_aws_redshiftserverless_workgroup[\"workgroupName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedshiftServerless.GetCredentials.Invoke(new()\n {\n WorkgroupName = exampleAwsRedshiftserverlessWorkgroup.WorkgroupName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.GetCredentials(ctx, \u0026redshiftserverless.GetCredentialsArgs{\n\t\t\tWorkgroupName: exampleAwsRedshiftserverlessWorkgroup.WorkgroupName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.RedshiftserverlessFunctions;\nimport com.pulumi.aws.redshiftserverless.inputs.GetCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftserverlessFunctions.getCredentials(GetCredentialsArgs.builder()\n .workgroupName(exampleAwsRedshiftserverlessWorkgroup.workgroupName())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshiftserverless:getCredentials\n Arguments:\n workgroupName: ${exampleAwsRedshiftserverlessWorkgroup.workgroupName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getCredentials.\n", "properties": { "dbName": { "type": "string", "description": "The name of the database to get temporary authorization to log on to.\n" }, "durationSeconds": { "type": "integer", "description": "The number of seconds until the returned temporary password expires. The minimum is 900 seconds, and the maximum is 3600 seconds.\n" }, "workgroupName": { "type": "string", "description": "The name of the workgroup associated with the database.\n" } }, "type": "object", "required": [ "workgroupName" ] }, "outputs": { "description": "A collection of values returned by getCredentials.\n", "properties": { "dbName": { "type": "string" }, "dbPassword": { "description": "Temporary password that authorizes the user name returned by `db_user` to log on to the database `db_name`.\n", "secret": true, "type": "string" }, "dbUser": { "description": "A database user name that is authorized to log on to the database `db_name` using the password `db_password` . If the specified `db_user` exists in the database, the new user name has the same database privileges as the user named in `db_user` . By default, the user is added to PUBLIC. the user doesn't exist in the database.\n", "type": "string" }, "durationSeconds": { "type": "integer" }, "expiration": { "description": "Date and time the password in `db_password` expires.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "workgroupName": { "type": "string" } }, "required": [ "dbPassword", "dbUser", "expiration", "workgroupName", "id" ], "type": "object" } }, "aws:redshiftserverless/getNamespace:getNamespace": { "description": "Data source for managing an AWS Redshift Serverless Namespace.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshiftserverless.getNamespace({\n namespaceName: \"example-namespace\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.get_namespace(namespace_name=\"example-namespace\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedshiftServerless.GetNamespace.Invoke(new()\n {\n NamespaceName = \"example-namespace\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.LookupNamespace(ctx, \u0026redshiftserverless.LookupNamespaceArgs{\n\t\t\tNamespaceName: \"example-namespace\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.RedshiftserverlessFunctions;\nimport com.pulumi.aws.redshiftserverless.inputs.GetNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftserverlessFunctions.getNamespace(GetNamespaceArgs.builder()\n .namespaceName(\"example-namespace\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshiftserverless:getNamespace\n Arguments:\n namespaceName: example-namespace\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getNamespace.\n", "properties": { "namespaceName": { "type": "string", "description": "The name of the namespace.\n" } }, "type": "object", "required": [ "namespaceName" ] }, "outputs": { "description": "A collection of values returned by getNamespace.\n", "properties": { "adminUsername": { "description": "The username of the administrator for the first database created in the namespace.\n", "type": "string" }, "arn": { "description": "Amazon Resource Name (ARN) of the Redshift Serverless Namespace.\n", "type": "string" }, "dbName": { "description": "The name of the first database created in the namespace.\n", "type": "string" }, "defaultIamRoleArn": { "description": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace. When specifying `default_iam_role_arn`, it also must be part of `iam_roles`.\n", "type": "string" }, "iamRoles": { "description": "A list of IAM roles to associate with the namespace.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "The ARN of the Amazon Web Services Key Management Service key used to encrypt your data.\n", "type": "string" }, "logExports": { "description": "The types of logs the namespace can export. Available export types are `userlog`, `connectionlog`, and `useractivitylog`.\n", "items": { "type": "string" }, "type": "array" }, "namespaceId": { "description": "The Redshift Namespace ID.\n", "type": "string" }, "namespaceName": { "type": "string" } }, "required": [ "adminUsername", "arn", "dbName", "defaultIamRoleArn", "iamRoles", "kmsKeyId", "logExports", "namespaceId", "namespaceName", "id" ], "type": "object" } }, "aws:redshiftserverless/getWorkgroup:getWorkgroup": { "description": "Data source for managing an AWS Redshift Serverless Workgroup.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.redshiftserverless.getWorkgroup({\n workgroupName: exampleAwsRedshiftserverlessWorkgroup.workgroupName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.get_workgroup(workgroup_name=example_aws_redshiftserverless_workgroup[\"workgroupName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.RedshiftServerless.GetWorkgroup.Invoke(new()\n {\n WorkgroupName = exampleAwsRedshiftserverlessWorkgroup.WorkgroupName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := redshiftserverless.LookupWorkgroup(ctx, \u0026redshiftserverless.LookupWorkgroupArgs{\n\t\t\tWorkgroupName: exampleAwsRedshiftserverlessWorkgroup.WorkgroupName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.RedshiftserverlessFunctions;\nimport com.pulumi.aws.redshiftserverless.inputs.GetWorkgroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = RedshiftserverlessFunctions.getWorkgroup(GetWorkgroupArgs.builder()\n .workgroupName(exampleAwsRedshiftserverlessWorkgroup.workgroupName())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:redshiftserverless:getWorkgroup\n Arguments:\n workgroupName: ${exampleAwsRedshiftserverlessWorkgroup.workgroupName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkgroup.\n", "properties": { "workgroupName": { "type": "string", "description": "The name of the workgroup associated with the database.\n" } }, "type": "object", "required": [ "workgroupName" ] }, "outputs": { "description": "A collection of values returned by getWorkgroup.\n", "properties": { "arn": { "description": "Amazon Resource Name (ARN) of the Redshift Serverless Workgroup.\n", "type": "string" }, "endpoints": { "description": "The endpoint that is created from the workgroup. See `Endpoint` below.\n", "items": { "$ref": "#/types/aws:redshiftserverless/getWorkgroupEndpoint:getWorkgroupEndpoint" }, "type": "array" }, "enhancedVpcRouting": { "description": "The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC instead of over the internet.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "namespaceName": { "type": "string" }, "publiclyAccessible": { "description": "A value that specifies whether the workgroup can be accessed from a public network.\n", "type": "boolean" }, "securityGroupIds": { "description": "An array of security group IDs to associate with the workgroup.\n", "items": { "type": "string" }, "type": "array" }, "subnetIds": { "description": "An array of VPC subnet IDs to associate with the workgroup. When set, must contain at least three subnets spanning three Availability Zones. A minimum number of IP addresses is required and scales with the Base Capacity. For more information, see the following [AWS document](https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-known-issues.html).\n", "items": { "type": "string" }, "type": "array" }, "workgroupId": { "description": "The Redshift Workgroup ID.\n", "type": "string" }, "workgroupName": { "type": "string" } }, "required": [ "arn", "endpoints", "enhancedVpcRouting", "namespaceName", "publiclyAccessible", "securityGroupIds", "subnetIds", "workgroupId", "workgroupName", "id" ], "type": "object" } }, "aws:resourceexplorer/search:Search": { "description": "Data source for managing an AWS Resource Explorer Search.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.resourceexplorer.Search({\n queryString: \"region:us-west-2\",\n viewArn: test.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.resourceexplorer.search(query_string=\"region:us-west-2\",\n view_arn=test[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ResourceExplorer.Search.Invoke(new()\n {\n QueryString = \"region:us-west-2\",\n ViewArn = test.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourceexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourceexplorer.Search(ctx, \u0026resourceexplorer.SearchArgs{\n\t\t\tQueryString: \"region:us-west-2\",\n\t\t\tViewArn: pulumi.StringRef(test.Arn),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourceexplorer.ResourceexplorerFunctions;\nimport com.pulumi.aws.resourceexplorer.inputs.SearchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ResourceexplorerFunctions.Search(SearchArgs.builder()\n .queryString(\"region:us-west-2\")\n .viewArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:resourceexplorer:Search\n Arguments:\n queryString: region:us-west-2\n viewArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking Search.\n", "properties": { "queryString": { "type": "string", "description": "String that includes keywords and filters that specify the resources that you want to include in the results. For the complete syntax supported by the QueryString parameter, see Search query syntax reference for [Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html). The search is completely case insensitive. You can specify an empty string to return all results up to the limit of 1,000 total results. The operation can return only the first 1,000 results. If the resource you want is not included, then use a different value for QueryString to refine the results.\n\nThe following arguments are optional:\n" }, "viewArn": { "type": "string", "description": "Specifies the Amazon resource name (ARN) of the view to use for the query. If you don't specify a value for this parameter, then the operation automatically uses the default view for the AWS Region in which you called this operation. If the Region either doesn't have a default view or if you don't have permission to use the default view, then the operation fails with a `401 Unauthorized` exception.\n" } }, "type": "object", "required": [ "queryString" ] }, "outputs": { "description": "A collection of values returned by Search.\n", "properties": { "id": { "description": "Query String.\n", "type": "string" }, "queryString": { "type": "string" }, "resourceCounts": { "description": "Number of resources that match the query. See `resource_count` below.\n", "items": { "$ref": "#/types/aws:resourceexplorer/SearchResourceCount:SearchResourceCount" }, "type": "array" }, "resources": { "description": "List of structures that describe the resources that match the query. See `resources` below.\n", "items": { "$ref": "#/types/aws:resourceexplorer/SearchResource:SearchResource" }, "type": "array" }, "viewArn": { "type": "string" } }, "required": [ "id", "queryString", "resourceCounts", "resources", "viewArn" ], "type": "object" } }, "aws:resourcegroupstaggingapi/getResources:getResources": { "description": "Provides details about resource tagging.\n\n## Example Usage\n\n### Get All Resource Tag Mappings\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.resourcegroupstaggingapi.getResources({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.resourcegroupstaggingapi.get_resources()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ResourceGroupsTaggingApi.GetResources.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroupstaggingapi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourcegroupstaggingapi.GetResources(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroupstaggingapi.ResourcegroupstaggingapiFunctions;\nimport com.pulumi.aws.resourcegroupstaggingapi.inputs.GetResourcesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ResourcegroupstaggingapiFunctions.getResources();\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:resourcegroupstaggingapi:getResources\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter By Tag Key and Value\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.resourcegroupstaggingapi.getResources({\n tagFilters: [{\n key: \"tag-key\",\n values: [\n \"tag-value-1\",\n \"tag-value-2\",\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.resourcegroupstaggingapi.get_resources(tag_filters=[{\n \"key\": \"tag-key\",\n \"values\": [\n \"tag-value-1\",\n \"tag-value-2\",\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ResourceGroupsTaggingApi.GetResources.Invoke(new()\n {\n TagFilters = new[]\n {\n new Aws.ResourceGroupsTaggingApi.Inputs.GetResourcesTagFilterInputArgs\n {\n Key = \"tag-key\",\n Values = new[]\n {\n \"tag-value-1\",\n \"tag-value-2\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroupstaggingapi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourcegroupstaggingapi.GetResources(ctx, \u0026resourcegroupstaggingapi.GetResourcesArgs{\n\t\t\tTagFilters: []resourcegroupstaggingapi.GetResourcesTagFilter{\n\t\t\t\t{\n\t\t\t\t\tKey: \"tag-key\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"tag-value-1\",\n\t\t\t\t\t\t\"tag-value-2\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroupstaggingapi.ResourcegroupstaggingapiFunctions;\nimport com.pulumi.aws.resourcegroupstaggingapi.inputs.GetResourcesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ResourcegroupstaggingapiFunctions.getResources(GetResourcesArgs.builder()\n .tagFilters(GetResourcesTagFilterArgs.builder()\n .key(\"tag-key\")\n .values( \n \"tag-value-1\",\n \"tag-value-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:resourcegroupstaggingapi:getResources\n Arguments:\n tagFilters:\n - key: tag-key\n values:\n - tag-value-1\n - tag-value-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter By Resource Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.resourcegroupstaggingapi.getResources({\n resourceTypeFilters: [\"ec2:instance\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.resourcegroupstaggingapi.get_resources(resource_type_filters=[\"ec2:instance\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ResourceGroupsTaggingApi.GetResources.Invoke(new()\n {\n ResourceTypeFilters = new[]\n {\n \"ec2:instance\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroupstaggingapi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourcegroupstaggingapi.GetResources(ctx, \u0026resourcegroupstaggingapi.GetResourcesArgs{\n\t\t\tResourceTypeFilters: []string{\n\t\t\t\t\"ec2:instance\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroupstaggingapi.ResourcegroupstaggingapiFunctions;\nimport com.pulumi.aws.resourcegroupstaggingapi.inputs.GetResourcesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ResourcegroupstaggingapiFunctions.getResources(GetResourcesArgs.builder()\n .resourceTypeFilters(\"ec2:instance\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:resourcegroupstaggingapi:getResources\n Arguments:\n resourceTypeFilters:\n - ec2:instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResources.\n", "properties": { "excludeCompliantResources": { "type": "boolean", "description": "Specifies whether to exclude resources that are compliant with the tag policy. You can use this parameter only if the `include_compliance_details` argument is also set to `true`.\n" }, "includeComplianceDetails": { "type": "boolean", "description": "Specifies whether to include details regarding the compliance with the effective tag policy.\n" }, "resourceArnLists": { "type": "array", "items": { "type": "string" }, "description": "Specifies a list of ARNs of resources for which you want to retrieve tag data. Conflicts with `filter`.\n" }, "resourceTypeFilters": { "type": "array", "items": { "type": "string" }, "description": "Constraints on the resources that you want returned. The format of each resource type is `service:resourceType`. For example, specifying a resource type of `ec2` returns all Amazon EC2 resources (which includes EC2 instances). Specifying a resource type of `ec2:instance` returns only EC2 instances.\n" }, "tagFilters": { "type": "array", "items": { "$ref": "#/types/aws:resourcegroupstaggingapi/getResourcesTagFilter:getResourcesTagFilter" }, "description": "Specifies a list of Tag Filters (keys and values) to restrict the output to only those resources that have the specified tag and, if included, the specified value. See Tag Filter below. Conflicts with `resource_arn_list`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResources.\n", "properties": { "excludeCompliantResources": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includeComplianceDetails": { "type": "boolean" }, "resourceArnLists": { "items": { "type": "string" }, "type": "array" }, "resourceTagMappingLists": { "description": "List of objects matching the search criteria.\n", "items": { "$ref": "#/types/aws:resourcegroupstaggingapi/getResourcesResourceTagMappingList:getResourcesResourceTagMappingList" }, "type": "array" }, "resourceTypeFilters": { "items": { "type": "string" }, "type": "array" }, "tagFilters": { "items": { "$ref": "#/types/aws:resourcegroupstaggingapi/getResourcesTagFilter:getResourcesTagFilter" }, "type": "array" } }, "required": [ "resourceTagMappingLists", "id" ], "type": "object" } }, "aws:route53/getDelegationSet:getDelegationSet": { "description": "`aws.route53.DelegationSet` provides details about a specific Route 53 Delegation Set.\n\nThis data source allows to find a list of name servers associated with a specific delegation set.\n\n## Example Usage\n\nThe following example shows how to get a delegation set from its id.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dset = aws.route53.getDelegationSet({\n id: \"MQWGHCBFAKEID\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndset = aws.route53.get_delegation_set(id=\"MQWGHCBFAKEID\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dset = Aws.Route53.GetDelegationSet.Invoke(new()\n {\n Id = \"MQWGHCBFAKEID\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupDelegationSet(ctx, \u0026route53.LookupDelegationSetArgs{\n\t\t\tId: \"MQWGHCBFAKEID\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetDelegationSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var dset = Route53Functions.getDelegationSet(GetDelegationSetArgs.builder()\n .id(\"MQWGHCBFAKEID\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n dset:\n fn::invoke:\n Function: aws:route53:getDelegationSet\n Arguments:\n id: MQWGHCBFAKEID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDelegationSet.\n", "properties": { "id": { "type": "string", "description": "Delegation set ID.\n\nThe following attribute is additionally exported:\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getDelegationSet.\n", "properties": { "arn": { "type": "string" }, "callerReference": { "type": "string" }, "id": { "type": "string" }, "nameServers": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "callerReference", "id", "nameServers" ], "type": "object" } }, "aws:route53/getQueryLogConfig:getQueryLogConfig": { "description": "`aws.route53.ResolverQueryLogConfig` provides details about a specific Route53 Resolver Query Logging Configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getQueryLogConfig({\n resolverQueryLogConfigId: \"rqlc-1abc2345ef678g91h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_query_log_config(resolver_query_log_config_id=\"rqlc-1abc2345ef678g91h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetQueryLogConfig.Invoke(new()\n {\n ResolverQueryLogConfigId = \"rqlc-1abc2345ef678g91h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetQueryLogConfig(ctx, \u0026route53.GetQueryLogConfigArgs{\n\t\t\tResolverQueryLogConfigId: pulumi.StringRef(\"rqlc-1abc2345ef678g91h\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetQueryLogConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getQueryLogConfig(GetQueryLogConfigArgs.builder()\n .resolverQueryLogConfigId(\"rqlc-1abc2345ef678g91h\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getQueryLogConfig\n Arguments:\n resolverQueryLogConfigId: rqlc-1abc2345ef678g91h\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getQueryLogConfig({\n filters: [\n {\n name: \"Name\",\n values: [\"shared-query-log-config\"],\n },\n {\n name: \"ShareStatus\",\n values: [\"SHARED_WITH_ME\"],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_query_log_config(filters=[\n {\n \"name\": \"Name\",\n \"values\": [\"shared-query-log-config\"],\n },\n {\n \"name\": \"ShareStatus\",\n \"values\": [\"SHARED_WITH_ME\"],\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetQueryLogConfig.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Route53.Inputs.GetQueryLogConfigFilterInputArgs\n {\n Name = \"Name\",\n Values = new[]\n {\n \"shared-query-log-config\",\n },\n },\n new Aws.Route53.Inputs.GetQueryLogConfigFilterInputArgs\n {\n Name = \"ShareStatus\",\n Values = new[]\n {\n \"SHARED_WITH_ME\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetQueryLogConfig(ctx, \u0026route53.GetQueryLogConfigArgs{\n\t\t\tFilters: []route53.GetQueryLogConfigFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"Name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"shared-query-log-config\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tName: \"ShareStatus\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"SHARED_WITH_ME\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetQueryLogConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getQueryLogConfig(GetQueryLogConfigArgs.builder()\n .filters( \n GetQueryLogConfigFilterArgs.builder()\n .name(\"Name\")\n .values(\"shared-query-log-config\")\n .build(),\n GetQueryLogConfigFilterArgs.builder()\n .name(\"ShareStatus\")\n .values(\"SHARED_WITH_ME\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getQueryLogConfig\n Arguments:\n filters:\n - name: Name\n values:\n - shared-query-log-config\n - name: ShareStatus\n values:\n - SHARED_WITH_ME\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQueryLogConfig.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:route53/getQueryLogConfigFilter:getQueryLogConfigFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[Route53resolver Filter value in the AWS API reference][1].\n\nIn addition to all arguments above, the following attributes are exported:\n" }, "name": { "type": "string", "description": "The name of the query logging configuration.\n" }, "resolverQueryLogConfigId": { "type": "string", "description": "ID of the Route53 Resolver Query Logging Configuration.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the service.\n\n[1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_Filter.html\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getQueryLogConfig.\n", "properties": { "arn": { "type": "string" }, "destinationArn": { "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:route53/getQueryLogConfigFilter:getQueryLogConfigFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "ownerId": { "type": "string" }, "resolverQueryLogConfigId": { "type": "string" }, "shareStatus": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "destinationArn", "ownerId", "shareStatus", "tags", "id" ], "type": "object" } }, "aws:route53/getResolverEndpoint:getResolverEndpoint": { "description": "`aws.route53.ResolverEndpoint` provides details about a specific Route53 Resolver Endpoint.\n\nThis data source allows to find a list of IPaddresses associated with a specific Route53 Resolver Endpoint.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverEndpoint({\n resolverEndpointId: \"rslvr-in-1abc2345ef678g91h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_endpoint(resolver_endpoint_id=\"rslvr-in-1abc2345ef678g91h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverEndpoint.Invoke(new()\n {\n ResolverEndpointId = \"rslvr-in-1abc2345ef678g91h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverEndpoint(ctx, \u0026route53.LookupResolverEndpointArgs{\n\t\t\tResolverEndpointId: pulumi.StringRef(\"rslvr-in-1abc2345ef678g91h\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverEndpoint(GetResolverEndpointArgs.builder()\n .resolverEndpointId(\"rslvr-in-1abc2345ef678g91h\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverEndpoint\n Arguments:\n resolverEndpointId: rslvr-in-1abc2345ef678g91h\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverEndpoint({\n filters: [{\n name: \"NAME\",\n values: [\"MyResolverExampleName\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_endpoint(filters=[{\n \"name\": \"NAME\",\n \"values\": [\"MyResolverExampleName\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverEndpoint.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Route53.Inputs.GetResolverEndpointFilterInputArgs\n {\n Name = \"NAME\",\n Values = new[]\n {\n \"MyResolverExampleName\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverEndpoint(ctx, \u0026route53.LookupResolverEndpointArgs{\n\t\t\tFilters: []route53.GetResolverEndpointFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"NAME\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"MyResolverExampleName\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverEndpoint(GetResolverEndpointArgs.builder()\n .filters(GetResolverEndpointFilterArgs.builder()\n .name(\"NAME\")\n .values(\"MyResolverExampleName\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverEndpoint\n Arguments:\n filters:\n - name: NAME\n values:\n - MyResolverExampleName\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverEndpoint.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:route53/getResolverEndpointFilter:getResolverEndpointFilter" }, "description": "One or more name/value pairs to use as filters. There are\nseveral valid keys, for a full reference, check out\n[Route53resolver Filter value in the AWS API reference][1].\n\nIn addition to all arguments above, the following attributes are exported:\n" }, "resolverEndpointId": { "type": "string", "description": "ID of the Route53 Resolver Endpoint.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResolverEndpoint.\n", "properties": { "arn": { "type": "string" }, "direction": { "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:route53/getResolverEndpointFilter:getResolverEndpointFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddresses": { "items": { "type": "string" }, "type": "array" }, "name": { "type": "string" }, "protocols": { "items": { "type": "string" }, "type": "array" }, "resolverEndpointId": { "type": "string" }, "resolverEndpointType": { "type": "string" }, "status": { "type": "string" }, "vpcId": { "type": "string" } }, "required": [ "arn", "direction", "ipAddresses", "name", "protocols", "resolverEndpointType", "status", "vpcId", "id" ], "type": "object" } }, "aws:route53/getResolverFirewallConfig:getResolverFirewallConfig": { "description": "`aws.route53.ResolverFirewallConfig` provides details about a specific a Route 53 Resolver DNS Firewall config.\n\nThis data source allows to find a details about a specific a Route 53 Resolver DNS Firewall config.\n\n## Example Usage\n\nThe following example shows how to get a firewall config using the VPC ID.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverFirewallConfig({\n resourceId: \"vpc-exampleid\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_firewall_config(resource_id=\"vpc-exampleid\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverFirewallConfig.Invoke(new()\n {\n ResourceId = \"vpc-exampleid\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverFirewallConfig(ctx, \u0026route53.LookupResolverFirewallConfigArgs{\n\t\t\tResourceId: \"vpc-exampleid\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverFirewallConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverFirewallConfig(GetResolverFirewallConfigArgs.builder()\n .resourceId(\"vpc-exampleid\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverFirewallConfig\n Arguments:\n resourceId: vpc-exampleid\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverFirewallConfig.\n", "properties": { "resourceId": { "type": "string", "description": "The ID of the VPC from Amazon VPC that the configuration is for.\n\nThe following attribute is additionally exported:\n" } }, "type": "object", "required": [ "resourceId" ] }, "outputs": { "description": "A collection of values returned by getResolverFirewallConfig.\n", "properties": { "firewallFailOpen": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ownerId": { "type": "string" }, "resourceId": { "type": "string" } }, "required": [ "firewallFailOpen", "ownerId", "resourceId", "id" ], "type": "object" } }, "aws:route53/getResolverFirewallDomainList:getResolverFirewallDomainList": { "description": "`aws.route53.ResolverFirewallDomainList` Retrieves the specified firewall domain list.\n\nThis data source allows to retrieve details about a specific a Route 53 Resolver DNS Firewall domain list.\n\n## Example Usage\n\nThe following example shows how to get a firewall domain list from its ID.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverFirewallDomainList({\n firewallDomainListId: \"rslvr-fdl-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_firewall_domain_list(firewall_domain_list_id=\"rslvr-fdl-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverFirewallDomainList.Invoke(new()\n {\n FirewallDomainListId = \"rslvr-fdl-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverFirewallDomainList(ctx, \u0026route53.LookupResolverFirewallDomainListArgs{\n\t\t\tFirewallDomainListId: \"rslvr-fdl-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverFirewallDomainListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverFirewallDomainList(GetResolverFirewallDomainListArgs.builder()\n .firewallDomainListId(\"rslvr-fdl-example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverFirewallDomainList\n Arguments:\n firewallDomainListId: rslvr-fdl-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverFirewallDomainList.\n", "properties": { "firewallDomainListId": { "type": "string", "description": "The ID of the domain list.\n\nThe following attribute is additionally exported:\n" } }, "type": "object", "required": [ "firewallDomainListId" ] }, "outputs": { "description": "A collection of values returned by getResolverFirewallDomainList.\n", "properties": { "arn": { "type": "string" }, "creationTime": { "type": "string" }, "creatorRequestId": { "type": "string" }, "domainCount": { "type": "integer" }, "firewallDomainListId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "managedOwnerName": { "type": "string" }, "modificationTime": { "type": "string" }, "name": { "type": "string" }, "status": { "type": "string" }, "statusMessage": { "type": "string" } }, "required": [ "arn", "creationTime", "creatorRequestId", "domainCount", "firewallDomainListId", "managedOwnerName", "modificationTime", "name", "status", "statusMessage", "id" ], "type": "object" } }, "aws:route53/getResolverFirewallRuleGroup:getResolverFirewallRuleGroup": { "description": "`aws.route53.ResolverFirewallRuleGroup` Retrieves the specified firewall rule group.\n\nThis data source allows to retrieve details about a specific a Route 53 Resolver DNS Firewall rule group.\n\n## Example Usage\n\nThe following example shows how to get a firewall rule group from its ID.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverFirewallRuleGroup({\n firewallRuleGroupId: \"rslvr-frg-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_firewall_rule_group(firewall_rule_group_id=\"rslvr-frg-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverFirewallRuleGroup.Invoke(new()\n {\n FirewallRuleGroupId = \"rslvr-frg-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverFirewallRuleGroup(ctx, \u0026route53.LookupResolverFirewallRuleGroupArgs{\n\t\t\tFirewallRuleGroupId: \"rslvr-frg-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverFirewallRuleGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverFirewallRuleGroup(GetResolverFirewallRuleGroupArgs.builder()\n .firewallRuleGroupId(\"rslvr-frg-example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverFirewallRuleGroup\n Arguments:\n firewallRuleGroupId: rslvr-frg-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverFirewallRuleGroup.\n", "properties": { "firewallRuleGroupId": { "type": "string", "description": "The ID of the rule group.\n\nThe following attribute is additionally exported:\n" } }, "type": "object", "required": [ "firewallRuleGroupId" ] }, "outputs": { "description": "A collection of values returned by getResolverFirewallRuleGroup.\n", "properties": { "arn": { "type": "string" }, "creationTime": { "type": "string" }, "creatorRequestId": { "type": "string" }, "firewallRuleGroupId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "modificationTime": { "type": "string" }, "name": { "type": "string" }, "ownerId": { "type": "string" }, "ruleCount": { "type": "integer" }, "shareStatus": { "type": "string" }, "status": { "type": "string" }, "statusMessage": { "type": "string" } }, "required": [ "arn", "creationTime", "creatorRequestId", "firewallRuleGroupId", "modificationTime", "name", "ownerId", "ruleCount", "shareStatus", "status", "statusMessage", "id" ], "type": "object" } }, "aws:route53/getResolverFirewallRuleGroupAssociation:getResolverFirewallRuleGroupAssociation": { "description": "`aws.route53.ResolverFirewallRuleGroupAssociation` Retrieves the specified firewall rule group association.\n\nThis data source allows to retrieve details about a specific a Route 53 Resolver DNS Firewall rule group association.\n\n## Example Usage\n\nThe following example shows how to get a firewall rule group association from its id.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverFirewallRuleGroupAssociation({\n firewallRuleGroupAssociationId: \"rslvr-frgassoc-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_firewall_rule_group_association(firewall_rule_group_association_id=\"rslvr-frgassoc-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverFirewallRuleGroupAssociation.Invoke(new()\n {\n FirewallRuleGroupAssociationId = \"rslvr-frgassoc-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverFirewallRuleGroupAssociation(ctx, \u0026route53.LookupResolverFirewallRuleGroupAssociationArgs{\n\t\t\tFirewallRuleGroupAssociationId: \"rslvr-frgassoc-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverFirewallRuleGroupAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverFirewallRuleGroupAssociation(GetResolverFirewallRuleGroupAssociationArgs.builder()\n .firewallRuleGroupAssociationId(\"rslvr-frgassoc-example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverFirewallRuleGroupAssociation\n Arguments:\n firewallRuleGroupAssociationId: rslvr-frgassoc-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverFirewallRuleGroupAssociation.\n", "properties": { "firewallRuleGroupAssociationId": { "type": "string", "description": "The identifier for the association.\n\nThe following attribute is additionally exported:\n" } }, "type": "object", "required": [ "firewallRuleGroupAssociationId" ] }, "outputs": { "description": "A collection of values returned by getResolverFirewallRuleGroupAssociation.\n", "properties": { "arn": { "type": "string" }, "creationTime": { "type": "string" }, "creatorRequestId": { "type": "string" }, "firewallRuleGroupAssociationId": { "type": "string" }, "firewallRuleGroupId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "managedOwnerName": { "type": "string" }, "modificationTime": { "type": "string" }, "mutationProtection": { "type": "string" }, "name": { "type": "string" }, "priority": { "type": "integer" }, "status": { "type": "string" }, "statusMessage": { "type": "string" }, "vpcId": { "type": "string" } }, "required": [ "arn", "creationTime", "creatorRequestId", "firewallRuleGroupAssociationId", "firewallRuleGroupId", "managedOwnerName", "modificationTime", "mutationProtection", "name", "priority", "status", "statusMessage", "vpcId", "id" ], "type": "object" } }, "aws:route53/getResolverFirewallRules:getResolverFirewallRules": { "description": "`aws.route53.getResolverFirewallRules` Provides details about rules in a specific Route53 Resolver Firewall rule group.\n\n## Example Usage\n\nThe following example shows how to get Route53 Resolver Firewall rules based on its associated firewall group id.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverFirewallRules({\n firewallRuleGroupId: exampleAwsRoute53ResolverFirewallRuleGroup.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_firewall_rules(firewall_rule_group_id=example_aws_route53_resolver_firewall_rule_group[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverFirewallRules.Invoke(new()\n {\n FirewallRuleGroupId = exampleAwsRoute53ResolverFirewallRuleGroup.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetResolverFirewallRules(ctx, \u0026route53.GetResolverFirewallRulesArgs{\n\t\t\tFirewallRuleGroupId: exampleAwsRoute53ResolverFirewallRuleGroup.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverFirewallRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverFirewallRules(GetResolverFirewallRulesArgs.builder()\n .firewallRuleGroupId(exampleAwsRoute53ResolverFirewallRuleGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverFirewallRules\n Arguments:\n firewallRuleGroupId: ${exampleAwsRoute53ResolverFirewallRuleGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverFirewallRules.\n", "properties": { "action": { "type": "string", "description": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list.\n" }, "firewallRuleGroupId": { "type": "string", "description": "The unique identifier of the firewall rule group that you want to retrieve the rules for.\n" }, "priority": { "type": "integer", "description": "The setting that determines the processing order of the rules in a rule group.\n" } }, "type": "object", "required": [ "firewallRuleGroupId" ] }, "outputs": { "description": "A collection of values returned by getResolverFirewallRules.\n", "properties": { "action": { "type": "string" }, "firewallRuleGroupId": { "type": "string" }, "firewallRules": { "description": "List with information about the firewall rules. See details below.\n", "items": { "$ref": "#/types/aws:route53/getResolverFirewallRulesFirewallRule:getResolverFirewallRulesFirewallRule" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "priority": { "type": "integer" } }, "required": [ "firewallRuleGroupId", "firewallRules", "id" ], "type": "object" } }, "aws:route53/getResolverRule:getResolverRule": { "description": "`aws.route53.ResolverRule` provides details about a specific Route53 Resolver rule.\n\n## Example Usage\n\nThe following example shows how to get a Route53 Resolver rule based on its associated domain name and rule type.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverRule({\n domainName: \"subdomain.example.com\",\n ruleType: \"SYSTEM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rule(domain_name=\"subdomain.example.com\",\n rule_type=\"SYSTEM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverRule.Invoke(new()\n {\n DomainName = \"subdomain.example.com\",\n RuleType = \"SYSTEM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.LookupResolverRule(ctx, \u0026route53.LookupResolverRuleArgs{\n\t\t\tDomainName: pulumi.StringRef(\"subdomain.example.com\"),\n\t\t\tRuleType: pulumi.StringRef(\"SYSTEM\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverRule(GetResolverRuleArgs.builder()\n .domainName(\"subdomain.example.com\")\n .ruleType(\"SYSTEM\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverRule\n Arguments:\n domainName: subdomain.example.com\n ruleType: SYSTEM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverRule.\n", "properties": { "domainName": { "type": "string", "description": "Domain name the desired resolver rule forwards DNS queries for. Conflicts with `resolver_rule_id`.\n" }, "name": { "type": "string", "description": "Friendly name of the desired resolver rule. Conflicts with `resolver_rule_id`.\n" }, "resolverEndpointId": { "type": "string", "description": "ID of the outbound resolver endpoint of the desired resolver rule. Conflicts with `resolver_rule_id`.\n" }, "resolverRuleId": { "type": "string", "description": "ID of the desired resolver rule. Conflicts with `domain_name`, `name`, `resolver_endpoint_id` and `rule_type`.\n" }, "ruleType": { "type": "string", "description": "Rule type of the desired resolver rule. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`. Conflicts with `resolver_rule_id`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resolver rule.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResolverRule.\n", "properties": { "arn": { "description": "ARN (Amazon Resource Name) for the resolver rule.\n", "type": "string" }, "domainName": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "ownerId": { "description": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.\n", "type": "string" }, "resolverEndpointId": { "type": "string" }, "resolverRuleId": { "type": "string" }, "ruleType": { "type": "string" }, "shareStatus": { "description": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.\nValues are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the resolver rule.\n", "type": "object" } }, "required": [ "arn", "domainName", "name", "ownerId", "resolverEndpointId", "resolverRuleId", "ruleType", "shareStatus", "tags", "id" ], "type": "object" } }, "aws:route53/getResolverRules:getResolverRules": { "description": "`aws.route53.getResolverRules` provides details about a set of Route53 Resolver rules.\n\n## Example Usage\n\n### Retrieving the default resolver rule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverRules({\n ownerId: \"Route 53 Resolver\",\n ruleType: \"RECURSIVE\",\n shareStatus: \"NOT_SHARED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rules(owner_id=\"Route 53 Resolver\",\n rule_type=\"RECURSIVE\",\n share_status=\"NOT_SHARED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverRules.Invoke(new()\n {\n OwnerId = \"Route 53 Resolver\",\n RuleType = \"RECURSIVE\",\n ShareStatus = \"NOT_SHARED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetResolverRules(ctx, \u0026route53.GetResolverRulesArgs{\n\t\t\tOwnerId: pulumi.StringRef(\"Route 53 Resolver\"),\n\t\t\tRuleType: pulumi.StringRef(\"RECURSIVE\"),\n\t\t\tShareStatus: pulumi.StringRef(\"NOT_SHARED\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverRules(GetResolverRulesArgs.builder()\n .ownerId(\"Route 53 Resolver\")\n .ruleType(\"RECURSIVE\")\n .shareStatus(\"NOT_SHARED\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverRules\n Arguments:\n ownerId: Route 53 Resolver\n ruleType: RECURSIVE\n shareStatus: NOT_SHARED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Retrieving forward rules shared with me\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverRules({\n ruleType: \"FORWARD\",\n shareStatus: \"SHARED_WITH_ME\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rules(rule_type=\"FORWARD\",\n share_status=\"SHARED_WITH_ME\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverRules.Invoke(new()\n {\n RuleType = \"FORWARD\",\n ShareStatus = \"SHARED_WITH_ME\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetResolverRules(ctx, \u0026route53.GetResolverRulesArgs{\n\t\t\tRuleType: pulumi.StringRef(\"FORWARD\"),\n\t\t\tShareStatus: pulumi.StringRef(\"SHARED_WITH_ME\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverRules(GetResolverRulesArgs.builder()\n .ruleType(\"FORWARD\")\n .shareStatus(\"SHARED_WITH_ME\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverRules\n Arguments:\n ruleType: FORWARD\n shareStatus: SHARED_WITH_ME\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Retrieving rules by name regex\n\nResolver rules whose name contains `abc`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getResolverRules({\n nameRegex: \".*abc.*\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_resolver_rules(name_regex=\".*abc.*\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetResolverRules.Invoke(new()\n {\n NameRegex = \".*abc.*\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := route53.GetResolverRules(ctx, \u0026route53.GetResolverRulesArgs{\n\t\t\tNameRegex: pulumi.StringRef(\".*abc.*\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetResolverRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getResolverRules(GetResolverRulesArgs.builder()\n .nameRegex(\".*abc.*\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getResolverRules\n Arguments:\n nameRegex: .*abc.*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResolverRules.\n", "properties": { "nameRegex": { "type": "string", "description": "Regex string to filter resolver rule names.\nThe filtering is done locally, so could have a performance impact if the result is large.\nThis argument should be used along with other arguments to limit the number of results returned.\n" }, "ownerId": { "type": "string", "description": "When the desired resolver rules are shared with another AWS account, the account ID of the account that the rules are shared with.\n" }, "resolverEndpointId": { "type": "string", "description": "ID of the outbound resolver endpoint for the desired resolver rules.\n" }, "ruleType": { "type": "string", "description": "Rule type of the desired resolver rules. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.\n" }, "shareStatus": { "type": "string", "description": "Whether the desired resolver rules are shared and, if so, whether the current account is sharing the rules with another account, or another account is sharing the rules with the current account. Valid values are `NOT_SHARED`, `SHARED_BY_ME` or `SHARED_WITH_ME`\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getResolverRules.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "nameRegex": { "type": "string" }, "ownerId": { "type": "string" }, "resolverEndpointId": { "type": "string" }, "resolverRuleIds": { "description": "IDs of the matched resolver rules.\n", "items": { "type": "string" }, "type": "array" }, "ruleType": { "type": "string" }, "shareStatus": { "type": "string" } }, "required": [ "resolverRuleIds", "id" ], "type": "object" } }, "aws:route53/getTrafficPolicyDocument:getTrafficPolicyDocument": { "description": "Generates an Route53 traffic policy document in JSON format for use with resources that expect policy documents such as `aws.route53.TrafficPolicy`.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = Promise.all([current, current]).then(([current, current1]) =\u003e aws.route53.getTrafficPolicyDocument({\n recordType: \"A\",\n startRule: \"site_switch\",\n endpoints: [\n {\n id: \"my_elb\",\n type: \"elastic-load-balancer\",\n value: `elb-111111.${current.name}.elb.amazonaws.com`,\n },\n {\n id: \"site_down_banner\",\n type: \"s3-website\",\n region: current1.name,\n value: \"www.example.com\",\n },\n ],\n rules: [{\n id: \"site_switch\",\n type: \"failover\",\n primary: {\n endpointReference: \"my_elb\",\n },\n secondary: {\n endpointReference: \"site_down_banner\",\n },\n }],\n}));\nconst exampleTrafficPolicy = new aws.route53.TrafficPolicy(\"example\", {\n name: \"example\",\n comment: \"example comment\",\n document: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.route53.get_traffic_policy_document(record_type=\"A\",\n start_rule=\"site_switch\",\n endpoints=[\n {\n \"id\": \"my_elb\",\n \"type\": \"elastic-load-balancer\",\n \"value\": f\"elb-111111.{current.name}.elb.amazonaws.com\",\n },\n {\n \"id\": \"site_down_banner\",\n \"type\": \"s3-website\",\n \"region\": current.name,\n \"value\": \"www.example.com\",\n },\n ],\n rules=[{\n \"id\": \"site_switch\",\n \"type\": \"failover\",\n \"primary\": {\n \"endpoint_reference\": \"my_elb\",\n },\n \"secondary\": {\n \"endpoint_reference\": \"site_down_banner\",\n },\n }])\nexample_traffic_policy = aws.route53.TrafficPolicy(\"example\",\n name=\"example\",\n comment=\"example comment\",\n document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = Aws.Route53.GetTrafficPolicyDocument.Invoke(new()\n {\n RecordType = \"A\",\n StartRule = \"site_switch\",\n Endpoints = new[]\n {\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"my_elb\",\n Type = \"elastic-load-balancer\",\n Value = $\"elb-111111.{current.Apply(getRegionResult =\u003e getRegionResult.Name)}.elb.amazonaws.com\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"site_down_banner\",\n Type = \"s3-website\",\n Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n Value = \"www.example.com\",\n },\n },\n Rules = new[]\n {\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleInputArgs\n {\n Id = \"site_switch\",\n Type = \"failover\",\n Primary = new Aws.Route53.Inputs.GetTrafficPolicyDocumentRulePrimaryInputArgs\n {\n EndpointReference = \"my_elb\",\n },\n Secondary = new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleSecondaryInputArgs\n {\n EndpointReference = \"site_down_banner\",\n },\n },\n },\n });\n\n var exampleTrafficPolicy = new Aws.Route53.TrafficPolicy(\"example\", new()\n {\n Name = \"example\",\n Comment = \"example comment\",\n Document = example.Apply(getTrafficPolicyDocumentResult =\u003e getTrafficPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := route53.GetTrafficPolicyDocument(ctx, \u0026route53.GetTrafficPolicyDocumentArgs{\n\t\t\tRecordType: pulumi.StringRef(\"A\"),\n\t\t\tStartRule: pulumi.StringRef(\"site_switch\"),\n\t\t\tEndpoints: []route53.GetTrafficPolicyDocumentEndpoint{\n\t\t\t\t{\n\t\t\t\t\tId: \"my_elb\",\n\t\t\t\t\tType: pulumi.StringRef(\"elastic-load-balancer\"),\n\t\t\t\t\tValue: pulumi.StringRef(fmt.Sprintf(\"elb-111111.%v.elb.amazonaws.com\", current.Name)),\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"site_down_banner\",\n\t\t\t\t\tType: pulumi.StringRef(\"s3-website\"),\n\t\t\t\t\tRegion: pulumi.StringRef(current.Name),\n\t\t\t\t\tValue: pulumi.StringRef(\"www.example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRules: []route53.GetTrafficPolicyDocumentRule{\n\t\t\t\t{\n\t\t\t\t\tId: \"site_switch\",\n\t\t\t\t\tType: pulumi.StringRef(\"failover\"),\n\t\t\t\t\tPrimary: {\n\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"my_elb\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecondary: {\n\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"site_down_banner\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewTrafficPolicy(ctx, \"example\", \u0026route53.TrafficPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tComment: pulumi.String(\"example comment\"),\n\t\t\tDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetTrafficPolicyDocumentArgs;\nimport com.pulumi.aws.route53.TrafficPolicy;\nimport com.pulumi.aws.route53.TrafficPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var example = Route53Functions.getTrafficPolicyDocument(GetTrafficPolicyDocumentArgs.builder()\n .recordType(\"A\")\n .startRule(\"site_switch\")\n .endpoints( \n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"my_elb\")\n .type(\"elastic-load-balancer\")\n .value(String.format(\"elb-111111.%s.elb.amazonaws.com\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build(),\n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"site_down_banner\")\n .type(\"s3-website\")\n .region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .value(\"www.example.com\")\n .build())\n .rules(GetTrafficPolicyDocumentRuleArgs.builder()\n .id(\"site_switch\")\n .type(\"failover\")\n .primary(GetTrafficPolicyDocumentRulePrimaryArgs.builder()\n .endpointReference(\"my_elb\")\n .build())\n .secondary(GetTrafficPolicyDocumentRuleSecondaryArgs.builder()\n .endpointReference(\"site_down_banner\")\n .build())\n .build())\n .build());\n\n var exampleTrafficPolicy = new TrafficPolicy(\"exampleTrafficPolicy\", TrafficPolicyArgs.builder()\n .name(\"example\")\n .comment(\"example comment\")\n .document(example.applyValue(getTrafficPolicyDocumentResult -\u003e getTrafficPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrafficPolicy:\n type: aws:route53:TrafficPolicy\n name: example\n properties:\n name: example\n comment: example comment\n document: ${example.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:route53:getTrafficPolicyDocument\n Arguments:\n recordType: A\n startRule: site_switch\n endpoints:\n - id: my_elb\n type: elastic-load-balancer\n value: elb-111111.${current.name}.elb.amazonaws.com\n - id: site_down_banner\n type: s3-website\n region: ${current.name}\n value: www.example.com\n rules:\n - id: site_switch\n type: failover\n primary:\n endpointReference: my_elb\n secondary:\n endpointReference: site_down_banner\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complex Example\n\nThe following example showcases the use of nested rules within the traffic policy document and introduces the `geoproximity` rule type.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.route53.getTrafficPolicyDocument({\n recordType: \"A\",\n startRule: \"geoproximity_rule\",\n endpoints: [\n {\n id: \"na_endpoint_a\",\n type: \"elastic-load-balancer\",\n value: \"elb-111111.us-west-1.elb.amazonaws.com\",\n },\n {\n id: \"na_endpoint_b\",\n type: \"elastic-load-balancer\",\n value: \"elb-222222.us-west-1.elb.amazonaws.com\",\n },\n {\n id: \"eu_endpoint\",\n type: \"elastic-load-balancer\",\n value: \"elb-333333.eu-west-1.elb.amazonaws.com\",\n },\n {\n id: \"ap_endpoint\",\n type: \"elastic-load-balancer\",\n value: \"elb-444444.ap-northeast-2.elb.amazonaws.com\",\n },\n ],\n rules: [\n {\n id: \"na_rule\",\n type: \"failover\",\n primary: {\n endpointReference: \"na_endpoint_a\",\n },\n secondary: {\n endpointReference: \"na_endpoint_b\",\n },\n },\n {\n id: \"geoproximity_rule\",\n type: \"geoproximity\",\n geoProximityLocations: [\n {\n region: \"aws:route53:us-west-1\",\n bias: \"10\",\n evaluateTargetHealth: true,\n ruleReference: \"na_rule\",\n },\n {\n region: \"aws:route53:eu-west-1\",\n bias: \"10\",\n evaluateTargetHealth: true,\n endpointReference: \"eu_endpoint\",\n },\n {\n region: \"aws:route53:ap-northeast-2\",\n bias: \"0\",\n evaluateTargetHealth: true,\n endpointReference: \"ap_endpoint\",\n },\n ],\n },\n ],\n});\nconst exampleTrafficPolicy = new aws.route53.TrafficPolicy(\"example\", {\n name: \"example\",\n comment: \"example comment\",\n document: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.route53.get_traffic_policy_document(record_type=\"A\",\n start_rule=\"geoproximity_rule\",\n endpoints=[\n {\n \"id\": \"na_endpoint_a\",\n \"type\": \"elastic-load-balancer\",\n \"value\": \"elb-111111.us-west-1.elb.amazonaws.com\",\n },\n {\n \"id\": \"na_endpoint_b\",\n \"type\": \"elastic-load-balancer\",\n \"value\": \"elb-222222.us-west-1.elb.amazonaws.com\",\n },\n {\n \"id\": \"eu_endpoint\",\n \"type\": \"elastic-load-balancer\",\n \"value\": \"elb-333333.eu-west-1.elb.amazonaws.com\",\n },\n {\n \"id\": \"ap_endpoint\",\n \"type\": \"elastic-load-balancer\",\n \"value\": \"elb-444444.ap-northeast-2.elb.amazonaws.com\",\n },\n ],\n rules=[\n {\n \"id\": \"na_rule\",\n \"type\": \"failover\",\n \"primary\": {\n \"endpoint_reference\": \"na_endpoint_a\",\n },\n \"secondary\": {\n \"endpoint_reference\": \"na_endpoint_b\",\n },\n },\n {\n \"id\": \"geoproximity_rule\",\n \"type\": \"geoproximity\",\n \"geo_proximity_locations\": [\n {\n \"region\": \"aws:route53:us-west-1\",\n \"bias\": \"10\",\n \"evaluate_target_health\": True,\n \"rule_reference\": \"na_rule\",\n },\n {\n \"region\": \"aws:route53:eu-west-1\",\n \"bias\": \"10\",\n \"evaluate_target_health\": True,\n \"endpoint_reference\": \"eu_endpoint\",\n },\n {\n \"region\": \"aws:route53:ap-northeast-2\",\n \"bias\": \"0\",\n \"evaluate_target_health\": True,\n \"endpoint_reference\": \"ap_endpoint\",\n },\n ],\n },\n ])\nexample_traffic_policy = aws.route53.TrafficPolicy(\"example\",\n name=\"example\",\n comment=\"example comment\",\n document=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Route53.GetTrafficPolicyDocument.Invoke(new()\n {\n RecordType = \"A\",\n StartRule = \"geoproximity_rule\",\n Endpoints = new[]\n {\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"na_endpoint_a\",\n Type = \"elastic-load-balancer\",\n Value = \"elb-111111.us-west-1.elb.amazonaws.com\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"na_endpoint_b\",\n Type = \"elastic-load-balancer\",\n Value = \"elb-222222.us-west-1.elb.amazonaws.com\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"eu_endpoint\",\n Type = \"elastic-load-balancer\",\n Value = \"elb-333333.eu-west-1.elb.amazonaws.com\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentEndpointInputArgs\n {\n Id = \"ap_endpoint\",\n Type = \"elastic-load-balancer\",\n Value = \"elb-444444.ap-northeast-2.elb.amazonaws.com\",\n },\n },\n Rules = new[]\n {\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleInputArgs\n {\n Id = \"na_rule\",\n Type = \"failover\",\n Primary = new Aws.Route53.Inputs.GetTrafficPolicyDocumentRulePrimaryInputArgs\n {\n EndpointReference = \"na_endpoint_a\",\n },\n Secondary = new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleSecondaryInputArgs\n {\n EndpointReference = \"na_endpoint_b\",\n },\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleInputArgs\n {\n Id = \"geoproximity_rule\",\n Type = \"geoproximity\",\n GeoProximityLocations = new[]\n {\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleGeoProximityLocationInputArgs\n {\n Region = \"aws:route53:us-west-1\",\n Bias = \"10\",\n EvaluateTargetHealth = true,\n RuleReference = \"na_rule\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleGeoProximityLocationInputArgs\n {\n Region = \"aws:route53:eu-west-1\",\n Bias = \"10\",\n EvaluateTargetHealth = true,\n EndpointReference = \"eu_endpoint\",\n },\n new Aws.Route53.Inputs.GetTrafficPolicyDocumentRuleGeoProximityLocationInputArgs\n {\n Region = \"aws:route53:ap-northeast-2\",\n Bias = \"0\",\n EvaluateTargetHealth = true,\n EndpointReference = \"ap_endpoint\",\n },\n },\n },\n },\n });\n\n var exampleTrafficPolicy = new Aws.Route53.TrafficPolicy(\"example\", new()\n {\n Name = \"example\",\n Comment = \"example comment\",\n Document = example.Apply(getTrafficPolicyDocumentResult =\u003e getTrafficPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := route53.GetTrafficPolicyDocument(ctx, \u0026route53.GetTrafficPolicyDocumentArgs{\n\t\t\tRecordType: pulumi.StringRef(\"A\"),\n\t\t\tStartRule: pulumi.StringRef(\"geoproximity_rule\"),\n\t\t\tEndpoints: []route53.GetTrafficPolicyDocumentEndpoint{\n\t\t\t\t{\n\t\t\t\t\tId: \"na_endpoint_a\",\n\t\t\t\t\tType: pulumi.StringRef(\"elastic-load-balancer\"),\n\t\t\t\t\tValue: pulumi.StringRef(\"elb-111111.us-west-1.elb.amazonaws.com\"),\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"na_endpoint_b\",\n\t\t\t\t\tType: pulumi.StringRef(\"elastic-load-balancer\"),\n\t\t\t\t\tValue: pulumi.StringRef(\"elb-222222.us-west-1.elb.amazonaws.com\"),\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"eu_endpoint\",\n\t\t\t\t\tType: pulumi.StringRef(\"elastic-load-balancer\"),\n\t\t\t\t\tValue: pulumi.StringRef(\"elb-333333.eu-west-1.elb.amazonaws.com\"),\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"ap_endpoint\",\n\t\t\t\t\tType: pulumi.StringRef(\"elastic-load-balancer\"),\n\t\t\t\t\tValue: pulumi.StringRef(\"elb-444444.ap-northeast-2.elb.amazonaws.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRules: []route53.GetTrafficPolicyDocumentRule{\n\t\t\t\t{\n\t\t\t\t\tId: \"na_rule\",\n\t\t\t\t\tType: pulumi.StringRef(\"failover\"),\n\t\t\t\t\tPrimary: {\n\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"na_endpoint_a\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecondary: {\n\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"na_endpoint_b\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tId: \"geoproximity_rule\",\n\t\t\t\t\tType: pulumi.StringRef(\"geoproximity\"),\n\t\t\t\t\tGeoProximityLocations: []route53.GetTrafficPolicyDocumentRuleGeoProximityLocation{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tRegion: pulumi.StringRef(\"aws:route53:us-west-1\"),\n\t\t\t\t\t\t\tBias: pulumi.StringRef(\"10\"),\n\t\t\t\t\t\t\tEvaluateTargetHealth: pulumi.BoolRef(true),\n\t\t\t\t\t\t\tRuleReference: pulumi.StringRef(\"na_rule\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tRegion: pulumi.StringRef(\"aws:route53:eu-west-1\"),\n\t\t\t\t\t\t\tBias: pulumi.StringRef(\"10\"),\n\t\t\t\t\t\t\tEvaluateTargetHealth: pulumi.BoolRef(true),\n\t\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"eu_endpoint\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tRegion: pulumi.StringRef(\"aws:route53:ap-northeast-2\"),\n\t\t\t\t\t\t\tBias: pulumi.StringRef(\"0\"),\n\t\t\t\t\t\t\tEvaluateTargetHealth: pulumi.BoolRef(true),\n\t\t\t\t\t\t\tEndpointReference: pulumi.StringRef(\"ap_endpoint\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewTrafficPolicy(ctx, \"example\", \u0026route53.TrafficPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tComment: pulumi.String(\"example comment\"),\n\t\t\tDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetTrafficPolicyDocumentArgs;\nimport com.pulumi.aws.route53.TrafficPolicy;\nimport com.pulumi.aws.route53.TrafficPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Route53Functions.getTrafficPolicyDocument(GetTrafficPolicyDocumentArgs.builder()\n .recordType(\"A\")\n .startRule(\"geoproximity_rule\")\n .endpoints( \n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"na_endpoint_a\")\n .type(\"elastic-load-balancer\")\n .value(\"elb-111111.us-west-1.elb.amazonaws.com\")\n .build(),\n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"na_endpoint_b\")\n .type(\"elastic-load-balancer\")\n .value(\"elb-222222.us-west-1.elb.amazonaws.com\")\n .build(),\n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"eu_endpoint\")\n .type(\"elastic-load-balancer\")\n .value(\"elb-333333.eu-west-1.elb.amazonaws.com\")\n .build(),\n GetTrafficPolicyDocumentEndpointArgs.builder()\n .id(\"ap_endpoint\")\n .type(\"elastic-load-balancer\")\n .value(\"elb-444444.ap-northeast-2.elb.amazonaws.com\")\n .build())\n .rules( \n GetTrafficPolicyDocumentRuleArgs.builder()\n .id(\"na_rule\")\n .type(\"failover\")\n .primary(GetTrafficPolicyDocumentRulePrimaryArgs.builder()\n .endpointReference(\"na_endpoint_a\")\n .build())\n .secondary(GetTrafficPolicyDocumentRuleSecondaryArgs.builder()\n .endpointReference(\"na_endpoint_b\")\n .build())\n .build(),\n GetTrafficPolicyDocumentRuleArgs.builder()\n .id(\"geoproximity_rule\")\n .type(\"geoproximity\")\n .geoProximityLocations( \n GetTrafficPolicyDocumentRuleGeoProximityLocationArgs.builder()\n .region(\"aws:route53:us-west-1\")\n .bias(10)\n .evaluateTargetHealth(true)\n .ruleReference(\"na_rule\")\n .build(),\n GetTrafficPolicyDocumentRuleGeoProximityLocationArgs.builder()\n .region(\"aws:route53:eu-west-1\")\n .bias(10)\n .evaluateTargetHealth(true)\n .endpointReference(\"eu_endpoint\")\n .build(),\n GetTrafficPolicyDocumentRuleGeoProximityLocationArgs.builder()\n .region(\"aws:route53:ap-northeast-2\")\n .bias(0)\n .evaluateTargetHealth(true)\n .endpointReference(\"ap_endpoint\")\n .build())\n .build())\n .build());\n\n var exampleTrafficPolicy = new TrafficPolicy(\"exampleTrafficPolicy\", TrafficPolicyArgs.builder()\n .name(\"example\")\n .comment(\"example comment\")\n .document(example.applyValue(getTrafficPolicyDocumentResult -\u003e getTrafficPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrafficPolicy:\n type: aws:route53:TrafficPolicy\n name: example\n properties:\n name: example\n comment: example comment\n document: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:route53:getTrafficPolicyDocument\n Arguments:\n recordType: A\n startRule: geoproximity_rule\n endpoints:\n - id: na_endpoint_a\n type: elastic-load-balancer\n value: elb-111111.us-west-1.elb.amazonaws.com\n - id: na_endpoint_b\n type: elastic-load-balancer\n value: elb-222222.us-west-1.elb.amazonaws.com\n - id: eu_endpoint\n type: elastic-load-balancer\n value: elb-333333.eu-west-1.elb.amazonaws.com\n - id: ap_endpoint\n type: elastic-load-balancer\n value: elb-444444.ap-northeast-2.elb.amazonaws.com\n rules:\n - id: na_rule\n type: failover\n primary:\n endpointReference: na_endpoint_a\n secondary:\n endpointReference: na_endpoint_b\n - id: geoproximity_rule\n type: geoproximity\n geoProximityLocations:\n - region: aws:route53:us-west-1\n bias: 10\n evaluateTargetHealth: true\n ruleReference: na_rule\n - region: aws:route53:eu-west-1\n bias: 10\n evaluateTargetHealth: true\n endpointReference: eu_endpoint\n - region: aws:route53:ap-northeast-2\n bias: 0\n evaluateTargetHealth: true\n endpointReference: ap_endpoint\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTrafficPolicyDocument.\n", "properties": { "endpoints": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentEndpoint:getTrafficPolicyDocumentEndpoint" }, "description": "Configuration block for the definitions of the endpoints that you want to use in this traffic policy. See below\n" }, "recordType": { "type": "string", "description": "DNS type of all of the resource record sets that Amazon Route 53 will create based on this traffic policy.\n" }, "rules": { "type": "array", "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRule:getTrafficPolicyDocumentRule" }, "description": "Configuration block for definitions of the rules that you want to use in this traffic policy. See below\n" }, "startEndpoint": { "type": "string", "description": "An endpoint to be as the starting point for the traffic policy.\n" }, "startRule": { "type": "string", "description": "A rule to be as the starting point for the traffic policy.\n" }, "version": { "type": "string", "description": "Version of the traffic policy format.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getTrafficPolicyDocument.\n", "properties": { "endpoints": { "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentEndpoint:getTrafficPolicyDocumentEndpoint" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "Standard JSON policy document rendered based on the arguments above.\n", "type": "string" }, "recordType": { "type": "string" }, "rules": { "items": { "$ref": "#/types/aws:route53/getTrafficPolicyDocumentRule:getTrafficPolicyDocumentRule" }, "type": "array" }, "startEndpoint": { "type": "string" }, "startRule": { "type": "string" }, "version": { "type": "string" } }, "required": [ "json", "id" ], "type": "object" } }, "aws:route53/getZone:getZone": { "description": "`aws.route53.Zone` provides details about a specific Route 53 Hosted Zone.\n\nThis data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.\n\n## Example Usage\n\nThe following example shows how to get a Hosted Zone from its name and from this data how to create a Record Set.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.route53.getZone({\n name: \"test.com.\",\n privateZone: true,\n});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: selected.then(selected =\u003e selected.zoneId),\n name: selected.then(selected =\u003e `www.${selected.name}`),\n type: aws.route53.RecordType.A,\n ttl: 300,\n records: [\"10.0.0.1\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.route53.get_zone(name=\"test.com.\",\n private_zone=True)\nwww = aws.route53.Record(\"www\",\n zone_id=selected.zone_id,\n name=f\"www.{selected.name}\",\n type=aws.route53.RecordType.A,\n ttl=300,\n records=[\"10.0.0.1\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"test.com.\",\n PrivateZone = true,\n });\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = selected.Apply(getZoneResult =\u003e getZoneResult.ZoneId),\n Name = $\"www.{selected.Apply(getZoneResult =\u003e getZoneResult.Name)}\",\n Type = Aws.Route53.RecordType.A,\n Ttl = 300,\n Records = new[]\n {\n \"10.0.0.1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: pulumi.StringRef(\"test.com.\"),\n\t\t\tPrivateZone: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.String(selected.ZoneId),\n\t\t\tName: pulumi.String(fmt.Sprintf(\"www.%v\", selected.Name)),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Route53Functions.getZone(GetZoneArgs.builder()\n .name(\"test.com.\")\n .privateZone(true)\n .build());\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(selected.applyValue(getZoneResult -\u003e getZoneResult.zoneId()))\n .name(String.format(\"www.%s\", selected.applyValue(getZoneResult -\u003e getZoneResult.name())))\n .type(\"A\")\n .ttl(\"300\")\n .records(\"10.0.0.1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${selected.zoneId}\n name: www.${selected.name}\n type: A\n ttl: '300'\n records:\n - 10.0.0.1\nvariables:\n selected:\n fn::invoke:\n Function: aws:route53:getZone\n Arguments:\n name: test.com.\n privateZone: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getZone.\n", "properties": { "name": { "type": "string", "description": "Hosted Zone name of the desired Hosted Zone.\n" }, "privateZone": { "type": "boolean", "description": "Used with `name` field to get a private Hosted Zone.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.\n" }, "vpcId": { "type": "string", "description": "Used with `name` field to get a private Hosted Zone associated with the vpc_id (in this case, private_zone is not mandatory).\n" }, "zoneId": { "type": "string", "description": "Hosted Zone id of the desired Hosted Zone.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getZone.\n", "properties": { "arn": { "description": "ARN of the Hosted Zone.\n", "type": "string" }, "callerReference": { "description": "Caller Reference of the Hosted Zone.\n", "type": "string" }, "comment": { "description": "Comment field of the Hosted Zone.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "linkedServiceDescription": { "description": "The description provided by the service that created the Hosted Zone (e.g., `arn:aws:servicediscovery:us-east-1:1234567890:namespace/ns-xxxxxxxxxxxxxxxx`).\n", "type": "string" }, "linkedServicePrincipal": { "description": "The service that created the Hosted Zone (e.g., `servicediscovery.amazonaws.com`).\n", "type": "string" }, "name": { "description": "The Hosted Zone name.\n", "type": "string" }, "nameServers": { "description": "List of DNS name servers for the Hosted Zone.\n", "items": { "type": "string" }, "type": "array" }, "primaryNameServer": { "description": "The Route 53 name server that created the SOA record.\n", "type": "string" }, "privateZone": { "description": "Indicates whether this is a private hosted zone.\n", "type": "boolean" }, "resourceRecordSetCount": { "description": "The number of Record Set in the Hosted Zone.\n", "type": "integer" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the Hosted Zone.\n", "type": "object" }, "vpcId": { "type": "string" }, "zoneId": { "description": "The Hosted Zone identifier.\n", "type": "string" } }, "required": [ "arn", "callerReference", "comment", "linkedServiceDescription", "linkedServicePrincipal", "name", "nameServers", "primaryNameServer", "resourceRecordSetCount", "tags", "vpcId", "zoneId", "id" ], "type": "object" } }, "aws:s3/getAccountPublicAccessBlock:getAccountPublicAccessBlock": { "description": "The S3 account public access block data source returns account-level public access block configuration.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.s3.getAccountPublicAccessBlock({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.get_account_public_access_block()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.S3.GetAccountPublicAccessBlock.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.LookupAccountPublicAccessBlock(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetAccountPublicAccessBlockArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = S3Functions.getAccountPublicAccessBlock();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:s3:getAccountPublicAccessBlock\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAccountPublicAccessBlock.\n", "properties": { "accountId": { "type": "string", "description": "AWS account ID to configure. Defaults to automatically determined account ID of the AWS provider.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getAccountPublicAccessBlock.\n", "properties": { "accountId": { "type": "string" }, "blockPublicAcls": { "description": "Whether or not Amazon S3 should block public ACLs for buckets in this account is enabled. Returns as `true` or `false`.\n", "type": "boolean" }, "blockPublicPolicy": { "description": "Whether or not Amazon S3 should block public bucket policies for buckets in this account is enabled. Returns as `true` or `false`.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ignorePublicAcls": { "description": "Whether or not Amazon S3 should ignore public ACLs for buckets in this account is enabled. Returns as `true` or `false`.\n", "type": "boolean" }, "restrictPublicBuckets": { "description": "Whether or not Amazon S3 should restrict public bucket policies for buckets in this account is enabled. Returns as `true` or `false`.\n", "type": "boolean" } }, "required": [ "blockPublicAcls", "blockPublicPolicy", "ignorePublicAcls", "restrictPublicBuckets", "id" ], "type": "object" } }, "aws:s3/getBucket:getBucket": { "description": "Provides details about a specific S3 bucket.\n\nThis resource may prove useful when setting up a Route53 record, or an origin for a CloudFront\nDistribution.\n\n## Example Usage\n\n### Route53 Record\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.s3.getBucket({\n bucket: \"bucket.test.com\",\n});\nconst testZone = aws.route53.getZone({\n name: \"test.com.\",\n});\nconst example = new aws.route53.Record(\"example\", {\n zoneId: testZone.then(testZone =\u003e testZone.id),\n name: \"bucket\",\n type: aws.route53.RecordType.A,\n aliases: [{\n name: selected.then(selected =\u003e selected.websiteDomain),\n zoneId: selected.then(selected =\u003e selected.hostedZoneId),\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.s3.get_bucket(bucket=\"bucket.test.com\")\ntest_zone = aws.route53.get_zone(name=\"test.com.\")\nexample = aws.route53.Record(\"example\",\n zone_id=test_zone.id,\n name=\"bucket\",\n type=aws.route53.RecordType.A,\n aliases=[{\n \"name\": selected.website_domain,\n \"zone_id\": selected.hosted_zone_id,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"bucket.test.com\",\n });\n\n var testZone = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"test.com.\",\n });\n\n var example = new Aws.Route53.Record(\"example\", new()\n {\n ZoneId = testZone.Apply(getZoneResult =\u003e getZoneResult.Id),\n Name = \"bucket\",\n Type = Aws.Route53.RecordType.A,\n Aliases = new[]\n {\n new Aws.Route53.Inputs.RecordAliasArgs\n {\n Name = selected.Apply(getBucketResult =\u003e getBucketResult.WebsiteDomain),\n ZoneId = selected.Apply(getBucketResult =\u003e getBucketResult.HostedZoneId),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"bucket.test.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestZone, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: pulumi.StringRef(\"test.com.\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.String(testZone.Id),\n\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tAliases: route53.RecordAliasArray{\n\t\t\t\t\u0026route53.RecordAliasArgs{\n\t\t\t\t\tName: pulumi.String(selected.WebsiteDomain),\n\t\t\t\t\tZoneId: pulumi.String(selected.HostedZoneId),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.route53.inputs.RecordAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"bucket.test.com\")\n .build());\n\n final var testZone = Route53Functions.getZone(GetZoneArgs.builder()\n .name(\"test.com.\")\n .build());\n\n var example = new Record(\"example\", RecordArgs.builder()\n .zoneId(testZone.applyValue(getZoneResult -\u003e getZoneResult.id()))\n .name(\"bucket\")\n .type(\"A\")\n .aliases(RecordAliasArgs.builder()\n .name(selected.applyValue(getBucketResult -\u003e getBucketResult.websiteDomain()))\n .zoneId(selected.applyValue(getBucketResult -\u003e getBucketResult.hostedZoneId()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:route53:Record\n properties:\n zoneId: ${testZone.id}\n name: bucket\n type: A\n aliases:\n - name: ${selected.websiteDomain}\n zoneId: ${selected.hostedZoneId}\nvariables:\n selected:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: bucket.test.com\n testZone:\n fn::invoke:\n Function: aws:route53:getZone\n Arguments:\n name: test.com.\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudFront Origin\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.s3.getBucket({\n bucket: \"a-test-bucket\",\n});\nconst test = new aws.cloudfront.Distribution(\"test\", {origins: [{\n domainName: selected.then(selected =\u003e selected.bucketDomainName),\n originId: \"s3-selected-bucket\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.s3.get_bucket(bucket=\"a-test-bucket\")\ntest = aws.cloudfront.Distribution(\"test\", origins=[{\n \"domain_name\": selected.bucket_domain_name,\n \"origin_id\": \"s3-selected-bucket\",\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"a-test-bucket\",\n });\n\n var test = new Aws.CloudFront.Distribution(\"test\", new()\n {\n Origins = new[]\n {\n new Aws.CloudFront.Inputs.DistributionOriginArgs\n {\n DomainName = selected.Apply(getBucketResult =\u003e getBucketResult.BucketDomainName),\n OriginId = \"s3-selected-bucket\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"a-test-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfront.NewDistribution(ctx, \"test\", \u0026cloudfront.DistributionArgs{\n\t\t\tOrigins: cloudfront.DistributionOriginArray{\n\t\t\t\t\u0026cloudfront.DistributionOriginArgs{\n\t\t\t\t\tDomainName: pulumi.String(selected.BucketDomainName),\n\t\t\t\t\tOriginId: pulumi.String(\"s3-selected-bucket\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudfront.Distribution;\nimport com.pulumi.aws.cloudfront.DistributionArgs;\nimport com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"a-test-bucket\")\n .build());\n\n var test = new Distribution(\"test\", DistributionArgs.builder()\n .origins(DistributionOriginArgs.builder()\n .domainName(selected.applyValue(getBucketResult -\u003e getBucketResult.bucketDomainName()))\n .originId(\"s3-selected-bucket\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:cloudfront:Distribution\n properties:\n origins:\n - domainName: ${selected.bucketDomainName}\n originId: s3-selected-bucket\nvariables:\n selected:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: a-test-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBucket.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getBucket.\n", "properties": { "arn": { "description": "ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n", "type": "string" }, "bucket": { "type": "string" }, "bucketDomainName": { "description": "Bucket domain name. Will be of format `bucketname.s3.amazonaws.com`.\n", "type": "string" }, "bucketRegionalDomainName": { "description": "The bucket region-specific domain name. The bucket domain name including the region name. Please refer to the [S3 endpoints reference](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) for format. Note: AWS CloudFront allows specifying an S3 region-specific endpoint when creating an S3 origin. This will prevent redirect issues from CloudFront to the S3 Origin URL. For more information, see the [Virtual Hosted-Style Requests for Other Regions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#deprecated-global-endpoint) section in the AWS S3 User Guide.\n", "type": "string" }, "hostedZoneId": { "description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "region": { "description": "AWS region this bucket resides in.\n", "type": "string" }, "websiteDomain": { "description": "Domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n", "type": "string" }, "websiteEndpoint": { "description": "Website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n", "type": "string" } }, "required": [ "arn", "bucket", "bucketDomainName", "bucketRegionalDomainName", "hostedZoneId", "region", "websiteDomain", "websiteEndpoint", "id" ], "type": "object" } }, "aws:s3/getBucketObject:getBucketObject": { "description": "\u003e **NOTE:** The `aws.s3.BucketObject` data source is DEPRECATED and will be removed in a future version! Use `aws.s3.BucketObjectv2` instead, where new features and fixes will be added.\n\nThe S3 object data source allows access to the metadata and\n_optionally_ (see below) content of an object stored inside S3 bucket.\n\n\u003e **Note:** The content of an object (`body` field) is available only for objects which have a human-readable `Content-Type` (`text/*` and `application/json`). This is to prevent printing unsafe characters and potentially downloading large amount of data which would be thrown away in favor of metadata.\n\n## Example Usage\n\nThe following example retrieves a text object (which must have a `Content-Type`\nvalue starting with `text/`) and uses it as the `user_data` for an EC2 instance:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bootstrapScript = aws.s3.getBucketObject({\n bucket: \"ourcorp-deploy-config\",\n key: \"ec2-bootstrap-script.sh\",\n});\nconst example = new aws.ec2.Instance(\"example\", {\n instanceType: aws.ec2.InstanceType.T2_Micro,\n ami: \"ami-2757f631\",\n userData: bootstrapScript.then(bootstrapScript =\u003e bootstrapScript.body),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbootstrap_script = aws.s3.get_bucket_object(bucket=\"ourcorp-deploy-config\",\n key=\"ec2-bootstrap-script.sh\")\nexample = aws.ec2.Instance(\"example\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n ami=\"ami-2757f631\",\n user_data=bootstrap_script.body)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bootstrapScript = Aws.S3.GetBucketObject.Invoke(new()\n {\n Bucket = \"ourcorp-deploy-config\",\n Key = \"ec2-bootstrap-script.sh\",\n });\n\n var example = new Aws.Ec2.Instance(\"example\", new()\n {\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n Ami = \"ami-2757f631\",\n UserData = bootstrapScript.Apply(getBucketObjectResult =\u003e getBucketObjectResult.Body),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbootstrapScript, err := s3.LookupBucketObject(ctx, \u0026s3.LookupBucketObjectArgs{\n\t\t\tBucket: \"ourcorp-deploy-config\",\n\t\t\tKey: \"ec2-bootstrap-script.sh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"example\", \u0026ec2.InstanceArgs{\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tAmi: pulumi.String(\"ami-2757f631\"),\n\t\t\tUserData: pulumi.String(bootstrapScript.Body),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketObjectArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var bootstrapScript = S3Functions.getBucketObject(GetBucketObjectArgs.builder()\n .bucket(\"ourcorp-deploy-config\")\n .key(\"ec2-bootstrap-script.sh\")\n .build());\n\n var example = new Instance(\"example\", InstanceArgs.builder()\n .instanceType(\"t2.micro\")\n .ami(\"ami-2757f631\")\n .userData(bootstrapScript.applyValue(getBucketObjectResult -\u003e getBucketObjectResult.body()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n properties:\n instanceType: t2.micro\n ami: ami-2757f631\n userData: ${bootstrapScript.body}\nvariables:\n bootstrapScript:\n fn::invoke:\n Function: aws:s3:getBucketObject\n Arguments:\n bucket: ourcorp-deploy-config\n key: ec2-bootstrap-script.sh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following, more-complex example retrieves only the metadata for a zip\nfile stored in S3, which is then used to pass the most recent `version_id`\nto AWS Lambda for use as a function implementation. More information about\nLambda functions is available in the documentation for\n`aws.lambda.Function`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda = aws.s3.getBucketObject({\n bucket: \"ourcorp-lambda-functions\",\n key: \"hello-world.zip\",\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n s3Bucket: lambda.then(lambda =\u003e lambda.id),\n s3Key: lambda.then(lambda =\u003e lambda.key),\n s3ObjectVersion: lambda.then(lambda =\u003e lambda.versionId),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"exports.test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_ = aws.s3.get_bucket_object(bucket=\"ourcorp-lambda-functions\",\n key=\"hello-world.zip\")\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n s3_bucket=lambda_.id,\n s3_key=lambda_.key,\n s3_object_version=lambda_.version_id,\n name=\"lambda_function_name\",\n role=iam_for_lambda[\"arn\"],\n handler=\"exports.test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambda = Aws.S3.GetBucketObject.Invoke(new()\n {\n Bucket = \"ourcorp-lambda-functions\",\n Key = \"hello-world.zip\",\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n S3Bucket = lambda.Apply(getBucketObjectResult =\u003e getBucketObjectResult.Id),\n S3Key = lambda.Apply(getBucketObjectResult =\u003e getBucketObjectResult.Key),\n S3ObjectVersion = lambda.Apply(getBucketObjectResult =\u003e getBucketObjectResult.VersionId),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlambda, err := s3.LookupBucketObject(ctx, \u0026s3.LookupBucketObjectArgs{\n\t\t\tBucket: \"ourcorp-lambda-functions\",\n\t\t\tKey: \"hello-world.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tS3Bucket: pulumi.String(lambda.Id),\n\t\t\tS3Key: pulumi.String(lambda.Key),\n\t\t\tS3ObjectVersion: pulumi.String(lambda.VersionId),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: pulumi.Any(iamForLambda.Arn),\n\t\t\tHandler: pulumi.String(\"exports.test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketObjectArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var lambda = S3Functions.getBucketObject(GetBucketObjectArgs.builder()\n .bucket(\"ourcorp-lambda-functions\")\n .key(\"hello-world.zip\")\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .s3Bucket(lambda.applyValue(getBucketObjectResult -\u003e getBucketObjectResult.id()))\n .s3Key(lambda.applyValue(getBucketObjectResult -\u003e getBucketObjectResult.key()))\n .s3ObjectVersion(lambda.applyValue(getBucketObjectResult -\u003e getBucketObjectResult.versionId()))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n s3Bucket: ${lambda.id}\n s3Key: ${lambda.key}\n s3ObjectVersion: ${lambda.versionId}\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: exports.test\nvariables:\n lambda:\n fn::invoke:\n Function: aws:s3:getBucketObject\n Arguments:\n bucket: ourcorp-lambda-functions\n key: hello-world.zip\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBucketObject.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to read the object from. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n", "deprecationMessage": "Use the aws.s3.BucketObjectv2 data source instead" }, "key": { "type": "string", "description": "Full path to the object inside the bucket\n" }, "range": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the object.\n" }, "versionId": { "type": "string", "description": "Specific version ID of the object returned (defaults to latest version)\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "outputs": { "description": "A collection of values returned by getBucketObject.\n", "properties": { "arn": { "type": "string" }, "body": { "description": "Object data (see **limitations above** to understand cases in which this field is actually available)\n", "type": "string" }, "bucket": { "deprecationMessage": "Use the aws.s3.BucketObjectv2 data source instead", "type": "string" }, "bucketKeyEnabled": { "description": "(Optional) Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n", "type": "boolean" }, "cacheControl": { "description": "Caching behavior along the request/reply chain.\n", "type": "string" }, "contentDisposition": { "description": "Presentational information for the object.\n", "type": "string" }, "contentEncoding": { "description": "What content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.\n", "type": "string" }, "contentLanguage": { "description": "Language the content is in.\n", "type": "string" }, "contentLength": { "description": "Size of the body in bytes.\n", "type": "integer" }, "contentType": { "description": "Standard MIME type describing the format of the object data.\n", "type": "string" }, "etag": { "description": "[ETag](https://en.wikipedia.org/wiki/HTTP_ETag) generated for the object (an MD5 sum of the object content in case it's not encrypted)\n", "type": "string" }, "expiration": { "description": "If the object expiration is configured (see [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)), the field includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.\n", "type": "string" }, "expires": { "description": "Date and time at which the object is no longer cacheable.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "key": { "type": "string" }, "lastModified": { "description": "Last modified date of the object in RFC1123 format (e.g., `Mon, 02 Jan 2006 15:04:05 MST`)\n", "type": "string" }, "metadata": { "additionalProperties": { "type": "string" }, "description": "Map of metadata stored with the object in S3. Keys are always returned in lowercase.\n", "type": "object" }, "objectLockLegalHoldStatus": { "description": "Indicates whether this object has an active [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds). This field is only returned if you have permission to view an object's legal hold status.\n", "type": "string" }, "objectLockMode": { "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) currently in place for this object.\n", "type": "string" }, "objectLockRetainUntilDate": { "description": "The date and time when this object's object lock will expire.\n", "type": "string" }, "range": { "type": "string" }, "serverSideEncryption": { "description": "If the object is stored using server-side encryption (KMS or Amazon S3-managed encryption key), this field includes the chosen encryption and algorithm used.\n", "type": "string" }, "sseKmsKeyId": { "description": "If present, specifies the ID of the Key Management Service (KMS) master encryption key that was used for the object.\n", "type": "string" }, "storageClass": { "description": "[Storage class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) information of the object. Available for all objects except for `Standard` storage class objects.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the object.\n", "type": "object" }, "versionId": { "description": "Latest version ID of the object returned.\n", "type": "string" }, "websiteRedirectLocation": { "description": "If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.\n", "type": "string" } }, "required": [ "arn", "body", "bucket", "bucketKeyEnabled", "cacheControl", "contentDisposition", "contentEncoding", "contentLanguage", "contentLength", "contentType", "etag", "expiration", "expires", "key", "lastModified", "metadata", "objectLockLegalHoldStatus", "objectLockMode", "objectLockRetainUntilDate", "serverSideEncryption", "sseKmsKeyId", "storageClass", "tags", "versionId", "websiteRedirectLocation", "id" ], "type": "object" } }, "aws:s3/getBucketObjects:getBucketObjects": { "description": "\u003e **NOTE:** The `aws.s3.getBucketObjects` data source is DEPRECATED and will be removed in a future version! Use `aws.s3.getObjects` instead, where new features and fixes will be added.\n\n\u003e **NOTE on `max_keys`:** Retrieving very large numbers of keys can adversely affect this provider's performance.\n\nThe objects data source returns keys (i.e., file names) and other metadata about objects in an S3 bucket.\n\n", "inputs": { "description": "A collection of arguments for invoking getBucketObjects.\n", "properties": { "bucket": { "type": "string", "description": "Lists object keys in this S3 bucket. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n", "deprecationMessage": "Use the aws.s3.getObjects data source instead" }, "delimiter": { "type": "string", "description": "Character used to group keys (Default: none)\n" }, "encodingType": { "type": "string", "description": "Encodes keys using this method (Default: none; besides none, only \"url\" can be used)\n" }, "fetchOwner": { "type": "boolean", "description": "Boolean specifying whether to populate the owner list (Default: false)\n" }, "maxKeys": { "type": "integer", "description": "Maximum object keys to return (Default: 1000)\n" }, "prefix": { "type": "string", "description": "Limits results to object keys with this prefix (Default: none)\n" }, "startAfter": { "type": "string", "description": "Returns key names lexicographically after a specific object key in your bucket (Default: none; S3 lists object keys in UTF-8 character encoding in lexicographical order)\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getBucketObjects.\n", "properties": { "bucket": { "deprecationMessage": "Use the aws.s3.getObjects data source instead", "type": "string" }, "commonPrefixes": { "description": "List of any keys between `prefix` and the next occurrence of `delimiter` (i.e., similar to subdirectories of the `prefix` \"directory\"); the list is only returned when you specify `delimiter`\n", "items": { "type": "string" }, "type": "array" }, "delimiter": { "type": "string" }, "encodingType": { "type": "string" }, "fetchOwner": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keys": { "description": "List of strings representing object keys\n", "items": { "type": "string" }, "type": "array" }, "maxKeys": { "type": "integer" }, "owners": { "description": "List of strings representing object owner IDs (see `fetch_owner` above)\n", "items": { "type": "string" }, "type": "array" }, "prefix": { "type": "string" }, "startAfter": { "type": "string" } }, "required": [ "bucket", "commonPrefixes", "keys", "owners", "id" ], "type": "object" } }, "aws:s3/getBucketPolicy:getBucketPolicy": { "description": "The bucket policy data source returns IAM policy of an S3 bucket.\n\n## Example Usage\n\nThe following example retrieves IAM policy of a specified S3 bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.s3.getBucketPolicy({\n bucket: \"example-bucket-name\",\n});\nexport const foo = example.then(example =\u003e example.policy);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.get_bucket_policy(bucket=\"example-bucket-name\")\npulumi.export(\"foo\", example.policy)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.S3.GetBucketPolicy.Invoke(new()\n {\n Bucket = \"example-bucket-name\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = example.Apply(getBucketPolicyResult =\u003e getBucketPolicyResult.Policy),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.LookupBucketPolicy(ctx, \u0026s3.LookupBucketPolicyArgs{\n\t\t\tBucket: \"example-bucket-name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"foo\", example.Policy)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = S3Functions.getBucketPolicy(GetBucketPolicyArgs.builder()\n .bucket(\"example-bucket-name\")\n .build());\n\n ctx.export(\"foo\", example.applyValue(getBucketPolicyResult -\u003e getBucketPolicyResult.policy()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:s3:getBucketPolicy\n Arguments:\n bucket: example-bucket-name\noutputs:\n foo: ${example.policy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBucketPolicy.\n", "properties": { "bucket": { "type": "string", "description": "Bucket name.\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getBucketPolicy.\n", "properties": { "bucket": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "policy": { "description": "IAM bucket policy.\n", "type": "string" } }, "required": [ "bucket", "policy", "id" ], "type": "object" } }, "aws:s3/getCanonicalUserId:getCanonicalUserId": { "description": "The Canonical User ID data source allows access to the [canonical user ID](http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html)\nfor the effective account in which this provider is working. \n\n\u003e **NOTE:** To use this data source, you must have the `s3:ListAllMyBuckets` permission.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.s3.getCanonicalUserId({});\nexport const canonicalUserId = current.then(current =\u003e current.id);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.s3.get_canonical_user_id()\npulumi.export(\"canonicalUserId\", current.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.S3.GetCanonicalUserId.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"canonicalUserId\"] = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := s3.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"canonicalUserId\", current.Id)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = S3Functions.getCanonicalUserId();\n\n ctx.export(\"canonicalUserId\", current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()));\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:s3:getCanonicalUserId\n Arguments: {}\noutputs:\n canonicalUserId: ${current.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getCanonicalUserId.\n", "properties": { "displayName": { "description": "Human-friendly name linked to the canonical user ID. The bucket owner's display name. **NOTE:** [This value](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTServiceGET.html) is only included in the response in the US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Ireland), and South America (São Paulo) regions.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "displayName", "id" ], "type": "object" } }, "aws:s3/getDirectoryBuckets:getDirectoryBuckets": { "description": "Lists Amazon S3 Express directory buckets.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.s3.getDirectoryBuckets({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.get_directory_buckets()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.S3.GetDirectoryBuckets.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.GetDirectoryBuckets(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = S3Functions.getDirectoryBuckets();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:s3:getDirectoryBuckets\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getDirectoryBuckets.\n", "properties": { "arns": { "description": "Bucket ARNs.\n", "items": { "type": "string" }, "type": "array" }, "buckets": { "description": "Buckets names.\n", "items": { "type": "string" }, "type": "array" }, "id": { "type": "string" } }, "required": [ "arns", "buckets", "id" ], "type": "object" } }, "aws:s3/getObject:getObject": { "description": "The S3 object data source allows access to the metadata and\n_optionally_ (see below) content of an object stored inside S3 bucket.\n\n\u003e **Note:** The content of an object (`body` field) is available only for objects which have a human-readable `Content-Type` (`text/*` and `application/json`). This is to prevent printing unsafe characters and potentially downloading large amount of data which would be thrown away in favor of metadata.\n\n## Example Usage\n\nThe following example retrieves a text object (which must have a `Content-Type`\nvalue starting with `text/`) and uses it as the `user_data` for an EC2 instance:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bootstrapScript = aws.s3.getObject({\n bucket: \"ourcorp-deploy-config\",\n key: \"ec2-bootstrap-script.sh\",\n});\nconst example = new aws.ec2.Instance(\"example\", {\n instanceType: aws.ec2.InstanceType.T2_Micro,\n ami: \"ami-2757f631\",\n userData: bootstrapScript.then(bootstrapScript =\u003e bootstrapScript.body),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbootstrap_script = aws.s3.get_object(bucket=\"ourcorp-deploy-config\",\n key=\"ec2-bootstrap-script.sh\")\nexample = aws.ec2.Instance(\"example\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n ami=\"ami-2757f631\",\n user_data=bootstrap_script.body)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bootstrapScript = Aws.S3.GetObject.Invoke(new()\n {\n Bucket = \"ourcorp-deploy-config\",\n Key = \"ec2-bootstrap-script.sh\",\n });\n\n var example = new Aws.Ec2.Instance(\"example\", new()\n {\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n Ami = \"ami-2757f631\",\n UserData = bootstrapScript.Apply(getObjectResult =\u003e getObjectResult.Body),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbootstrapScript, err := s3.GetObject(ctx, \u0026s3.GetObjectArgs{\n\t\t\tBucket: \"ourcorp-deploy-config\",\n\t\t\tKey: \"ec2-bootstrap-script.sh\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"example\", \u0026ec2.InstanceArgs{\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tAmi: pulumi.String(\"ami-2757f631\"),\n\t\t\tUserData: pulumi.String(bootstrapScript.Body),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetObjectArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var bootstrapScript = S3Functions.getObject(GetObjectArgs.builder()\n .bucket(\"ourcorp-deploy-config\")\n .key(\"ec2-bootstrap-script.sh\")\n .build());\n\n var example = new Instance(\"example\", InstanceArgs.builder()\n .instanceType(\"t2.micro\")\n .ami(\"ami-2757f631\")\n .userData(bootstrapScript.applyValue(getObjectResult -\u003e getObjectResult.body()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n properties:\n instanceType: t2.micro\n ami: ami-2757f631\n userData: ${bootstrapScript.body}\nvariables:\n bootstrapScript:\n fn::invoke:\n Function: aws:s3:getObject\n Arguments:\n bucket: ourcorp-deploy-config\n key: ec2-bootstrap-script.sh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following, more-complex example retrieves only the metadata for a zip\nfile stored in S3, which is then used to pass the most recent `version_id`\nto AWS Lambda for use as a function implementation. More information about\nLambda functions is available in the documentation for\n`aws.lambda.Function`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda = aws.s3.getObject({\n bucket: \"ourcorp-lambda-functions\",\n key: \"hello-world.zip\",\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n s3Bucket: lambda.then(lambda =\u003e lambda.bucket),\n s3Key: lambda.then(lambda =\u003e lambda.key),\n s3ObjectVersion: lambda.then(lambda =\u003e lambda.versionId),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"exports.test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_ = aws.s3.get_object(bucket=\"ourcorp-lambda-functions\",\n key=\"hello-world.zip\")\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n s3_bucket=lambda_.bucket,\n s3_key=lambda_.key,\n s3_object_version=lambda_.version_id,\n name=\"lambda_function_name\",\n role=iam_for_lambda[\"arn\"],\n handler=\"exports.test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lambda = Aws.S3.GetObject.Invoke(new()\n {\n Bucket = \"ourcorp-lambda-functions\",\n Key = \"hello-world.zip\",\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n S3Bucket = lambda.Apply(getObjectResult =\u003e getObjectResult.Bucket),\n S3Key = lambda.Apply(getObjectResult =\u003e getObjectResult.Key),\n S3ObjectVersion = lambda.Apply(getObjectResult =\u003e getObjectResult.VersionId),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlambda, err := s3.GetObject(ctx, \u0026s3.GetObjectArgs{\n\t\t\tBucket: \"ourcorp-lambda-functions\",\n\t\t\tKey: \"hello-world.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tS3Bucket: pulumi.String(lambda.Bucket),\n\t\t\tS3Key: pulumi.String(lambda.Key),\n\t\t\tS3ObjectVersion: pulumi.String(lambda.VersionId),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: pulumi.Any(iamForLambda.Arn),\n\t\t\tHandler: pulumi.String(\"exports.test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetObjectArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var lambda = S3Functions.getObject(GetObjectArgs.builder()\n .bucket(\"ourcorp-lambda-functions\")\n .key(\"hello-world.zip\")\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder()\n .s3Bucket(lambda.applyValue(getObjectResult -\u003e getObjectResult.bucket()))\n .s3Key(lambda.applyValue(getObjectResult -\u003e getObjectResult.key()))\n .s3ObjectVersion(lambda.applyValue(getObjectResult -\u003e getObjectResult.versionId()))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n s3Bucket: ${lambda.bucket}\n s3Key: ${lambda.key}\n s3ObjectVersion: ${lambda.versionId}\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: exports.test\nvariables:\n lambda:\n fn::invoke:\n Function: aws:s3:getObject\n Arguments:\n bucket: ourcorp-lambda-functions\n key: hello-world.zip\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getObject.\n", "properties": { "bucket": { "type": "string", "description": "Name of the bucket to read the object from. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n" }, "checksumMode": { "type": "string", "description": "To retrieve the object's checksum, this argument must be `ENABLED`. If you enable `checksum_mode` and the object is encrypted with KMS, you must have permission to use the `kms:Decrypt` action. Valid values: `ENABLED`\n" }, "key": { "type": "string", "description": "Full path to the object inside the bucket\n" }, "range": { "type": "string" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the object.\n" }, "versionId": { "type": "string", "description": "Specific version ID of the object returned (defaults to latest version)\n" } }, "type": "object", "required": [ "bucket", "key" ] }, "outputs": { "description": "A collection of values returned by getObject.\n", "properties": { "arn": { "description": "ARN of the object.\n", "type": "string" }, "body": { "description": "Object data (see **limitations above** to understand cases in which this field is actually available)\n", "type": "string" }, "bucket": { "type": "string" }, "bucketKeyEnabled": { "description": "(Optional) Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n", "type": "boolean" }, "cacheControl": { "description": "Caching behavior along the request/reply chain.\n", "type": "string" }, "checksumCrc32": { "description": "The base64-encoded, 32-bit CRC32 checksum of the object.\n", "type": "string" }, "checksumCrc32c": { "description": "The base64-encoded, 32-bit CRC32C checksum of the object.\n", "type": "string" }, "checksumMode": { "type": "string" }, "checksumSha1": { "description": "The base64-encoded, 160-bit SHA-1 digest of the object.\n", "type": "string" }, "checksumSha256": { "description": "The base64-encoded, 256-bit SHA-256 digest of the object.\n", "type": "string" }, "contentDisposition": { "description": "Presentational information for the object.\n", "type": "string" }, "contentEncoding": { "description": "What content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.\n", "type": "string" }, "contentLanguage": { "description": "Language the content is in.\n", "type": "string" }, "contentLength": { "description": "Size of the body in bytes.\n", "type": "integer" }, "contentType": { "description": "Standard MIME type describing the format of the object data.\n", "type": "string" }, "etag": { "description": "[ETag](https://en.wikipedia.org/wiki/HTTP_ETag) generated for the object (an MD5 sum of the object content in case it's not encrypted)\n", "type": "string" }, "expiration": { "description": "If the object expiration is configured (see [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)), the field includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.\n", "type": "string" }, "expires": { "description": "Date and time at which the object is no longer cacheable.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "key": { "type": "string" }, "lastModified": { "description": "Last modified date of the object in RFC1123 format (e.g., `Mon, 02 Jan 2006 15:04:05 MST`)\n", "type": "string" }, "metadata": { "additionalProperties": { "type": "string" }, "description": "Map of metadata stored with the object in S3. Keys are always returned in lowercase.\n", "type": "object" }, "objectLockLegalHoldStatus": { "description": "Indicates whether this object has an active [legal hold](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-legal-holds). This field is only returned if you have permission to view an object's legal hold status.\n", "type": "string" }, "objectLockMode": { "description": "Object lock [retention mode](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes) currently in place for this object.\n", "type": "string" }, "objectLockRetainUntilDate": { "description": "The date and time when this object's object lock will expire.\n", "type": "string" }, "range": { "type": "string" }, "serverSideEncryption": { "description": "If the object is stored using server-side encryption (KMS or Amazon S3-managed encryption key), this field includes the chosen encryption and algorithm used.\n", "type": "string" }, "sseKmsKeyId": { "description": "If present, specifies the ID of the Key Management Service (KMS) master encryption key that was used for the object.\n", "type": "string" }, "storageClass": { "description": "[Storage class](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) information of the object. Available for all objects except for `Standard` storage class objects.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags assigned to the object.\n", "type": "object" }, "versionId": { "description": "Latest version ID of the object returned.\n", "type": "string" }, "websiteRedirectLocation": { "description": "If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.\n", "type": "string" } }, "required": [ "arn", "body", "bucket", "bucketKeyEnabled", "cacheControl", "checksumCrc32", "checksumCrc32c", "checksumSha1", "checksumSha256", "contentDisposition", "contentEncoding", "contentLanguage", "contentLength", "contentType", "etag", "expiration", "expires", "key", "lastModified", "metadata", "objectLockLegalHoldStatus", "objectLockMode", "objectLockRetainUntilDate", "serverSideEncryption", "sseKmsKeyId", "storageClass", "tags", "versionId", "websiteRedirectLocation", "id" ], "type": "object" } }, "aws:s3/getObjects:getObjects": { "description": "\u003e **NOTE on `max_keys`:** Retrieving very large numbers of keys can adversely affect the provider's performance.\n\nThe objects data source returns keys (i.e., file names) and other metadata about objects in an S3 bucket.\n\n", "inputs": { "description": "A collection of arguments for invoking getObjects.\n", "properties": { "bucket": { "type": "string", "description": "Lists object keys in this S3 bucket. Alternatively, an [S3 access point](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) ARN can be specified\n" }, "delimiter": { "type": "string", "description": "Character used to group keys (Default: none)\n" }, "encodingType": { "type": "string", "description": "Encodes keys using this method (Default: none; besides none, only \"url\" can be used)\n" }, "fetchOwner": { "type": "boolean", "description": "Boolean specifying whether to populate the owner list (Default: false)\n" }, "maxKeys": { "type": "integer", "description": "Maximum object keys to return (Default: 1000)\n" }, "prefix": { "type": "string", "description": "Limits results to object keys with this prefix (Default: none)\n" }, "requestPayer": { "type": "string", "description": "Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If included, the only valid value is `requester`.\n" }, "startAfter": { "type": "string", "description": "Returns key names lexicographically after a specific object key in your bucket (Default: none; S3 lists object keys in UTF-8 character encoding in lexicographical order)\n" } }, "type": "object", "required": [ "bucket" ] }, "outputs": { "description": "A collection of values returned by getObjects.\n", "properties": { "bucket": { "type": "string" }, "commonPrefixes": { "description": "List of any keys between `prefix` and the next occurrence of `delimiter` (i.e., similar to subdirectories of the `prefix` \"directory\"); the list is only returned when you specify `delimiter`\n", "items": { "type": "string" }, "type": "array" }, "delimiter": { "type": "string" }, "encodingType": { "type": "string" }, "fetchOwner": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "keys": { "description": "List of strings representing object keys\n", "items": { "type": "string" }, "type": "array" }, "maxKeys": { "type": "integer" }, "owners": { "description": "List of strings representing object owner IDs (see `fetch_owner` above)\n", "items": { "type": "string" }, "type": "array" }, "prefix": { "type": "string" }, "requestCharged": { "description": "If present, indicates that the requester was successfully charged for the request.\n", "type": "string" }, "requestPayer": { "type": "string" }, "startAfter": { "type": "string" } }, "required": [ "bucket", "commonPrefixes", "keys", "owners", "requestCharged", "id" ], "type": "object" } }, "aws:s3control/getMultiRegionAccessPoint:getMultiRegionAccessPoint": { "description": "Provides details on a specific S3 Multi-Region Access Point.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.s3control.getMultiRegionAccessPoint({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.get_multi_region_access_point(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.S3Control.GetMultiRegionAccessPoint.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.LookupMultiRegionAccessPoint(ctx, \u0026s3control.LookupMultiRegionAccessPointArgs{\n\t\t\tName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.S3controlFunctions;\nimport com.pulumi.aws.s3control.inputs.GetMultiRegionAccessPointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = S3controlFunctions.getMultiRegionAccessPoint(GetMultiRegionAccessPointArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:s3control:getMultiRegionAccessPoint\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMultiRegionAccessPoint.\n", "properties": { "accountId": { "type": "string", "description": "The AWS account ID of the S3 Multi-Region Access Point. Defaults to automatically determined account ID of the AWS provider.\n" }, "name": { "type": "string", "description": "The name of the Multi-Region Access Point.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getMultiRegionAccessPoint.\n", "properties": { "accountId": { "type": "string" }, "alias": { "description": "The alias for the Multi-Region Access Point.\n", "type": "string" }, "arn": { "description": "Amazon Resource Name (ARN) of the Multi-Region Access Point.\n", "type": "string" }, "createdAt": { "description": "Timestamp when the resource has been created.\n", "type": "string" }, "domainName": { "description": "The DNS domain name of the S3 Multi-Region Access Point in the format _`alias`_.accesspoint.s3-global.amazonaws.com. For more information, see the documentation on [Multi-Region Access Point Requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointRequests.html).\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "publicAccessBlocks": { "description": "Public Access Block of the Multi-Region Access Point. Detailed below.\n", "items": { "$ref": "#/types/aws:s3control/getMultiRegionAccessPointPublicAccessBlock:getMultiRegionAccessPointPublicAccessBlock" }, "type": "array" }, "regions": { "description": "A collection of the regions and buckets associated with the Multi-Region Access Point.\n", "items": { "$ref": "#/types/aws:s3control/getMultiRegionAccessPointRegion:getMultiRegionAccessPointRegion" }, "type": "array" }, "status": { "description": "The current status of the Multi-Region Access Point.\n", "type": "string" } }, "required": [ "accountId", "alias", "arn", "createdAt", "domainName", "name", "publicAccessBlocks", "regions", "status", "id" ], "type": "object" } }, "aws:sagemaker/getPrebuiltEcrImage:getPrebuiltEcrImage": { "description": "Get information about prebuilt Amazon SageMaker Docker images.\n\n\u003e **NOTE:** The AWS provider creates a validly constructed `registry_path` but does not verify that the `registry_path` corresponds to an existing image. For example, using a `registry_path` containing an `image_tag` that does not correspond to a Docker image in the ECR repository, will result in an error.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.sagemaker.getPrebuiltEcrImage({\n repositoryName: \"sagemaker-scikit-learn\",\n imageTag: \"2.2-1.0.11.0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sagemaker.get_prebuilt_ecr_image(repository_name=\"sagemaker-scikit-learn\",\n image_tag=\"2.2-1.0.11.0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Sagemaker.GetPrebuiltEcrImage.Invoke(new()\n {\n RepositoryName = \"sagemaker-scikit-learn\",\n ImageTag = \"2.2-1.0.11.0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.GetPrebuiltEcrImage(ctx, \u0026sagemaker.GetPrebuiltEcrImageArgs{\n\t\t\tRepositoryName: \"sagemaker-scikit-learn\",\n\t\t\tImageTag: pulumi.StringRef(\"2.2-1.0.11.0\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.SagemakerFunctions;\nimport com.pulumi.aws.sagemaker.inputs.GetPrebuiltEcrImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = SagemakerFunctions.getPrebuiltEcrImage(GetPrebuiltEcrImageArgs.builder()\n .repositoryName(\"sagemaker-scikit-learn\")\n .imageTag(\"2.2-1.0.11.0\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:sagemaker:getPrebuiltEcrImage\n Arguments:\n repositoryName: sagemaker-scikit-learn\n imageTag: 2.2-1.0.11.0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPrebuiltEcrImage.\n", "properties": { "dnsSuffix": { "type": "string", "description": "DNS suffix to use in the registry path. If not specified, the AWS provider sets it to the DNS suffix for the current region.\n" }, "imageTag": { "type": "string", "description": "Image tag for the Docker image. If not specified, the AWS provider sets the value to `1`, which for many repositories indicates the latest version. Some repositories, such as XGBoost, do not support `1` or `latest` and specific version must be used.\n" }, "region": { "type": "string", "description": "Region to use in the registry path. If not specified, the AWS provider sets it to the current region.\n" }, "repositoryName": { "type": "string", "description": "Name of the repository, which is generally the algorithm or library. Values include `blazingtext`, `factorization-machines`, `forecasting-deepar`, `image-classification`, `ipinsights`, `kmeans`, `knn`, `lda`, `linear-learner`, `mxnet-inference-eia`, `mxnet-inference`, `mxnet-training`, `ntm`, `object-detection`, `object2vec`, `pca`, `pytorch-inference-eia`, `pytorch-inference`, `pytorch-training`, `randomcutforest`, `sagemaker-scikit-learn`, `sagemaker-sparkml-serving`, `sagemaker-xgboost`, `semantic-segmentation`, `seq2seq`, `tensorflow-inference-eia`, `tensorflow-inference`, `tensorflow-training`, `huggingface-tensorflow-training`, `huggingface-tensorflow-inference`, `huggingface-pytorch-training`, and `huggingface-pytorch-inference`.\n" } }, "type": "object", "required": [ "repositoryName" ] }, "outputs": { "description": "A collection of values returned by getPrebuiltEcrImage.\n", "properties": { "dnsSuffix": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageTag": { "type": "string" }, "region": { "type": "string" }, "registryId": { "description": "Account ID containing the image. For example, `469771592824`.\n", "type": "string" }, "registryPath": { "description": "Docker image URL. For example, `341280168497.dkr.ecr.ca-central-1.amazonaws.com/sagemaker-sparkml-serving:2.4`.\n", "type": "string" }, "repositoryName": { "type": "string" } }, "required": [ "registryId", "registryPath", "repositoryName", "id" ], "type": "object" } }, "aws:secretsmanager/getRandomPassword:getRandomPassword": { "description": "Generate a random password.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.secretsmanager.getRandomPassword({\n passwordLength: 50,\n excludeNumbers: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.secretsmanager.get_random_password(password_length=50,\n exclude_numbers=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.SecretsManager.GetRandomPassword.Invoke(new()\n {\n PasswordLength = 50,\n ExcludeNumbers = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.GetRandomPassword(ctx, \u0026secretsmanager.GetRandomPasswordArgs{\n\t\t\tPasswordLength: pulumi.IntRef(50),\n\t\t\tExcludeNumbers: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetRandomPasswordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = SecretsmanagerFunctions.getRandomPassword(GetRandomPasswordArgs.builder()\n .passwordLength(50)\n .excludeNumbers(true)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:secretsmanager:getRandomPassword\n Arguments:\n passwordLength: 50\n excludeNumbers: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRandomPassword.\n", "properties": { "excludeCharacters": { "type": "string", "description": "String of the characters that you don't want in the password.\n" }, "excludeLowercase": { "type": "boolean", "description": "Specifies whether to exclude lowercase letters from the password.\n" }, "excludeNumbers": { "type": "boolean", "description": "Specifies whether to exclude numbers from the password.\n" }, "excludePunctuation": { "type": "boolean", "description": "Specifies whether to exclude the following punctuation characters from the password: ``! \" # $ % \u0026 ' ( ) * + , - . / : ; \u003c = \u003e ? @ [ \\ ] ^ _ ` { | } ~ .``\n" }, "excludeUppercase": { "type": "boolean", "description": "Specifies whether to exclude uppercase letters from the password.\n" }, "includeSpace": { "type": "boolean", "description": "Specifies whether to include the space character.\n" }, "passwordLength": { "type": "integer", "description": "Length of the password.\n" }, "requireEachIncludedType": { "type": "boolean", "description": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getRandomPassword.\n", "properties": { "excludeCharacters": { "type": "string" }, "excludeLowercase": { "type": "boolean" }, "excludeNumbers": { "type": "boolean" }, "excludePunctuation": { "type": "boolean" }, "excludeUppercase": { "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "includeSpace": { "type": "boolean" }, "passwordLength": { "type": "integer" }, "randomPassword": { "description": "Random password.\n", "type": "string" }, "requireEachIncludedType": { "type": "boolean" } }, "required": [ "randomPassword", "id" ], "type": "object" } }, "aws:secretsmanager/getSecret:getSecret": { "description": "Retrieve metadata information about a Secrets Manager secret. To retrieve a secret value, see the `aws.secretsmanager.SecretVersion` data source.\n\n## Example Usage\n\n### ARN\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by-arn = aws.secretsmanager.getSecret({\n arn: \"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_arn = aws.secretsmanager.get_secret(arn=\"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var by_arn = Aws.SecretsManager.GetSecret.Invoke(new()\n {\n Arn = \"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tArn: pulumi.StringRef(\"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var by-arn = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()\n .arn(\"arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n by-arn:\n fn::invoke:\n Function: aws:secretsmanager:getSecret\n Arguments:\n arn: arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by-name = aws.secretsmanager.getSecret({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_name = aws.secretsmanager.get_secret(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var by_name = Aws.SecretsManager.GetSecret.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecret(ctx, \u0026secretsmanager.LookupSecretArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var by-name = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n by-name:\n fn::invoke:\n Function: aws:secretsmanager:getSecret\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { "arn": { "type": "string", "description": "ARN of the secret to retrieve.\n" }, "name": { "type": "string", "description": "Name of the secret to retrieve.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags of the secret.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecret.\n", "properties": { "arn": { "description": "ARN of the secret.\n", "type": "string" }, "createdDate": { "description": "Created date of the secret in UTC.\n", "type": "string" }, "description": { "description": "Description of the secret.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.\n", "type": "string" }, "lastChangedDate": { "description": "Last updated date of the secret in UTC.\n", "type": "string" }, "name": { "type": "string" }, "policy": { "description": "Resource-based policy document that's attached to the secret.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags of the secret.\n", "type": "object" } }, "required": [ "arn", "createdDate", "description", "kmsKeyId", "lastChangedDate", "name", "policy", "tags", "id" ], "type": "object" } }, "aws:secretsmanager/getSecretRotation:getSecretRotation": { "description": "Retrieve information about a Secrets Manager secret rotation. To retrieve secret metadata, see the `aws.secretsmanager.Secret` data source. To retrieve a secret value, see the `aws.secretsmanager.SecretVersion` data source.\n\n## Example Usage\n\n### Retrieve Secret Rotation Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.secretsmanager.getSecretRotation({\n secretId: exampleAwsSecretsmanagerSecret.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.get_secret_rotation(secret_id=example_aws_secretsmanager_secret[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SecretsManager.GetSecretRotation.Invoke(new()\n {\n SecretId = exampleAwsSecretsmanagerSecret.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecretRotation(ctx, \u0026secretsmanager.LookupSecretRotationArgs{\n\t\t\tSecretId: exampleAwsSecretsmanagerSecret.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretRotationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SecretsmanagerFunctions.getSecretRotation(GetSecretRotationArgs.builder()\n .secretId(exampleAwsSecretsmanagerSecret.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:secretsmanager:getSecretRotation\n Arguments:\n secretId: ${exampleAwsSecretsmanagerSecret.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecretRotation.\n", "properties": { "secretId": { "type": "string", "description": "Specifies the secret containing the version that you want to retrieve. You can specify either the ARN or the friendly name of the secret.\n" } }, "type": "object", "required": [ "secretId" ] }, "outputs": { "description": "A collection of values returned by getSecretRotation.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "rotationEnabled": { "description": "ARN of the secret.\n", "type": "boolean" }, "rotationLambdaArn": { "description": "Decrypted part of the protected secret information that was originally provided as a string.\n", "type": "string" }, "rotationRules": { "description": "Decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.\n", "items": { "$ref": "#/types/aws:secretsmanager/getSecretRotationRotationRule:getSecretRotationRotationRule" }, "type": "array" }, "secretId": { "type": "string" } }, "required": [ "rotationEnabled", "rotationLambdaArn", "rotationRules", "secretId", "id" ], "type": "object" } }, "aws:secretsmanager/getSecretVersion:getSecretVersion": { "description": "Retrieve information about a Secrets Manager secret version, including its secret value. To retrieve secret metadata, see the `aws.secretsmanager.Secret` data source.\n\n## Example Usage\n\n### Retrieve Current Secret Version\n\nBy default, this data sources retrieves information based on the `AWSCURRENT` staging label.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst secret-version = aws.secretsmanager.getSecretVersion({\n secretId: example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsecret_version = aws.secretsmanager.get_secret_version(secret_id=example[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secret_version = Aws.SecretsManager.GetSecretVersion.Invoke(new()\n {\n SecretId = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecretVersion(ctx, \u0026secretsmanager.LookupSecretVersionArgs{\n\t\t\tSecretId: example.Id,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var secret-version = SecretsmanagerFunctions.getSecretVersion(GetSecretVersionArgs.builder()\n .secretId(example.id())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n secret-version:\n fn::invoke:\n Function: aws:secretsmanager:getSecretVersion\n Arguments:\n secretId: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Retrieve Specific Secret Version\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst by-version-stage = aws.secretsmanager.getSecretVersion({\n secretId: example.id,\n versionStage: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_version_stage = aws.secretsmanager.get_secret_version(secret_id=example[\"id\"],\n version_stage=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var by_version_stage = Aws.SecretsManager.GetSecretVersion.Invoke(new()\n {\n SecretId = example.Id,\n VersionStage = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.LookupSecretVersion(ctx, \u0026secretsmanager.LookupSecretVersionArgs{\n\t\t\tSecretId: example.Id,\n\t\t\tVersionStage: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var by-version-stage = SecretsmanagerFunctions.getSecretVersion(GetSecretVersionArgs.builder()\n .secretId(example.id())\n .versionStage(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n by-version-stage:\n fn::invoke:\n Function: aws:secretsmanager:getSecretVersion\n Arguments:\n secretId: ${example.id}\n versionStage: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n", "inputs": { "description": "A collection of arguments for invoking getSecretVersion.\n", "properties": { "secretId": { "type": "string", "description": "Specifies the secret containing the version that you want to retrieve. You can specify either the ARN or the friendly name of the secret.\n" }, "versionId": { "type": "string", "description": "Specifies the unique identifier of the version of the secret that you want to retrieve. Overrides `version_stage`.\n" }, "versionStage": { "type": "string", "description": "Specifies the secret version that you want to retrieve by the staging label attached to the version. Defaults to `AWSCURRENT`.\n" } }, "type": "object", "required": [ "secretId" ] }, "outputs": { "description": "A collection of values returned by getSecretVersion.\n", "properties": { "arn": { "description": "ARN of the secret.\n", "type": "string" }, "createdDate": { "description": "Created date of the secret in UTC.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "secretBinary": { "description": "Decrypted part of the protected secret information that was originally provided as a binary.\n", "secret": true, "type": "string" }, "secretId": { "type": "string" }, "secretString": { "description": "Decrypted part of the protected secret information that was originally provided as a string.\n", "secret": true, "type": "string" }, "versionId": { "description": "Unique identifier of this version of the secret.\n", "type": "string" }, "versionStage": { "type": "string" }, "versionStages": { "items": { "type": "string" }, "type": "array" } }, "required": [ "arn", "createdDate", "secretBinary", "secretId", "secretString", "versionId", "versionStages", "id" ], "type": "object" } }, "aws:secretsmanager/getSecrets:getSecrets": { "description": "Use this data source to get the ARNs and names of Secrets Manager secrets matching the specified criteria.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.secretsmanager.getSecrets({\n filters: [{\n name: \"name\",\n values: [\"example\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.get_secrets(filters=[{\n \"name\": \"name\",\n \"values\": [\"example\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SecretsManager.GetSecrets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.SecretsManager.Inputs.GetSecretsFilterInputArgs\n {\n Name = \"name\",\n Values = new[]\n {\n \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secretsmanager.GetSecrets(ctx, \u0026secretsmanager.GetSecretsArgs{\n\t\t\tFilters: []secretsmanager.GetSecretsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"name\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"example\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;\nimport com.pulumi.aws.secretsmanager.inputs.GetSecretsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SecretsmanagerFunctions.getSecrets(GetSecretsArgs.builder()\n .filters(GetSecretsFilterArgs.builder()\n .name(\"name\")\n .values(\"example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:secretsmanager:getSecrets\n Arguments:\n filters:\n - name: name\n values:\n - example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecrets.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:secretsmanager/getSecretsFilter:getSecretsFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecrets.\n", "properties": { "arns": { "description": "Set of ARNs of the matched Secrets Manager secrets.\n", "items": { "type": "string" }, "type": "array" }, "filters": { "items": { "$ref": "#/types/aws:secretsmanager/getSecretsFilter:getSecretsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "Set of names of the matched Secrets Manager secrets.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "names", "id" ], "type": "object" } }, "aws:serverlessrepository/getApplication:getApplication": { "description": "Use this data source to get information about an AWS Serverless Application Repository application. For example, this can be used to determine the required `capabilities` for an application.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.serverlessrepository.getApplication({\n applicationId: \"arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\",\n});\nconst exampleCloudFormationStack = new aws.serverlessrepository.CloudFormationStack(\"example\", {\n name: \"Example\",\n applicationId: example.then(example =\u003e example.applicationId),\n semanticVersion: example.then(example =\u003e example.semanticVersion),\n capabilities: example.then(example =\u003e example.requiredCapabilities),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.serverlessrepository.get_application(application_id=\"arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\")\nexample_cloud_formation_stack = aws.serverlessrepository.CloudFormationStack(\"example\",\n name=\"Example\",\n application_id=example.application_id,\n semantic_version=example.semantic_version,\n capabilities=example.required_capabilities)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServerlessRepository.GetApplication.Invoke(new()\n {\n ApplicationId = \"arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\",\n });\n\n var exampleCloudFormationStack = new Aws.ServerlessRepository.CloudFormationStack(\"example\", new()\n {\n Name = \"Example\",\n ApplicationId = example.Apply(getApplicationResult =\u003e getApplicationResult.ApplicationId),\n SemanticVersion = example.Apply(getApplicationResult =\u003e getApplicationResult.SemanticVersion),\n Capabilities = example.Apply(getApplicationResult =\u003e getApplicationResult.RequiredCapabilities),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/serverlessrepository\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := serverlessrepository.GetApplication(ctx, \u0026serverlessrepository.GetApplicationArgs{\n\t\t\tApplicationId: \"arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = serverlessrepository.NewCloudFormationStack(ctx, \"example\", \u0026serverlessrepository.CloudFormationStackArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tApplicationId: pulumi.String(example.ApplicationId),\n\t\t\tSemanticVersion: pulumi.String(example.SemanticVersion),\n\t\t\tCapabilities: interface{}(example.RequiredCapabilities),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.serverlessrepository.ServerlessrepositoryFunctions;\nimport com.pulumi.aws.serverlessrepository.inputs.GetApplicationArgs;\nimport com.pulumi.aws.serverlessrepository.CloudFormationStack;\nimport com.pulumi.aws.serverlessrepository.CloudFormationStackArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServerlessrepositoryFunctions.getApplication(GetApplicationArgs.builder()\n .applicationId(\"arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\")\n .build());\n\n var exampleCloudFormationStack = new CloudFormationStack(\"exampleCloudFormationStack\", CloudFormationStackArgs.builder()\n .name(\"Example\")\n .applicationId(example.applyValue(getApplicationResult -\u003e getApplicationResult.applicationId()))\n .semanticVersion(example.applyValue(getApplicationResult -\u003e getApplicationResult.semanticVersion()))\n .capabilities(example.applyValue(getApplicationResult -\u003e getApplicationResult.requiredCapabilities()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCloudFormationStack:\n type: aws:serverlessrepository:CloudFormationStack\n name: example\n properties:\n name: Example\n applicationId: ${example.applicationId}\n semanticVersion: ${example.semanticVersion}\n capabilities: ${example.requiredCapabilities}\nvariables:\n example:\n fn::invoke:\n Function: aws:serverlessrepository:getApplication\n Arguments:\n applicationId: arn:aws:serverlessrepo:us-east-1:123456789012:applications/ExampleApplication\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplication.\n", "properties": { "applicationId": { "type": "string", "description": "ARN of the application.\n" }, "semanticVersion": { "type": "string", "description": "Requested version of the application. By default, retrieves the latest version.\n" } }, "type": "object", "required": [ "applicationId" ] }, "outputs": { "description": "A collection of values returned by getApplication.\n", "properties": { "applicationId": { "description": "ARN of the application.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the application.\n", "type": "string" }, "requiredCapabilities": { "description": "A list of capabilities describing the permissions needed to deploy the application.\n", "items": { "type": "string" }, "type": "array" }, "semanticVersion": { "type": "string" }, "sourceCodeUrl": { "description": "URL pointing to the source code of the application version.\n", "type": "string" }, "templateUrl": { "description": "URL pointing to the Cloud Formation template for the application version.\n", "type": "string" } }, "required": [ "applicationId", "name", "requiredCapabilities", "semanticVersion", "sourceCodeUrl", "templateUrl", "id" ], "type": "object" } }, "aws:servicecatalog/getAppregistryApplication:getAppregistryApplication": { "description": "Data source for managing an AWS Service Catalog AppRegistry Application.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getAppregistryApplication({\n id: \"application-1234\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_appregistry_application(id=\"application-1234\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetAppregistryApplication.Invoke(new()\n {\n Id = \"application-1234\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.LookupAppregistryApplication(ctx, \u0026servicecatalog.LookupAppregistryApplicationArgs{\n\t\t\tId: \"application-1234\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetAppregistryApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getAppregistryApplication(GetAppregistryApplicationArgs.builder()\n .id(\"application-1234\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getAppregistryApplication\n Arguments:\n id: application-1234\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAppregistryApplication.\n", "properties": { "id": { "type": "string", "description": "Application identifier.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getAppregistryApplication.\n", "properties": { "applicationTag": { "additionalProperties": { "type": "string" }, "description": "A map with a single tag key-value pair used to associate resources with the application.\n", "type": "object" }, "arn": { "description": "ARN (Amazon Resource Name) of the application.\n", "type": "string" }, "description": { "description": "Description of the application.\n", "type": "string" }, "id": { "type": "string" }, "name": { "description": "Name of the application.\n", "type": "string" } }, "required": [ "applicationTag", "arn", "description", "id", "name" ], "type": "object" } }, "aws:servicecatalog/getConstraint:getConstraint": { "description": "Provides information on a Service Catalog Constraint.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getConstraint({\n acceptLanguage: \"en\",\n id: \"cons-hrvy0335\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_constraint(accept_language=\"en\",\n id=\"cons-hrvy0335\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetConstraint.Invoke(new()\n {\n AcceptLanguage = \"en\",\n Id = \"cons-hrvy0335\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.LookupConstraint(ctx, \u0026servicecatalog.LookupConstraintArgs{\n\t\t\tAcceptLanguage: pulumi.StringRef(\"en\"),\n\t\t\tId: \"cons-hrvy0335\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetConstraintArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getConstraint(GetConstraintArgs.builder()\n .acceptLanguage(\"en\")\n .id(\"cons-hrvy0335\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getConstraint\n Arguments:\n acceptLanguage: en\n id: cons-hrvy0335\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConstraint.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "description": { "type": "string", "description": "Description of the constraint.\n" }, "id": { "type": "string", "description": "Constraint identifier.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getConstraint.\n", "properties": { "acceptLanguage": { "type": "string" }, "description": { "description": "Description of the constraint.\n", "type": "string" }, "id": { "type": "string" }, "owner": { "description": "Owner of the constraint.\n", "type": "string" }, "parameters": { "description": "Constraint parameters in JSON format.\n", "type": "string" }, "portfolioId": { "description": "Portfolio identifier.\n", "type": "string" }, "productId": { "description": "Product identifier.\n", "type": "string" }, "status": { "description": "Constraint status.\n", "type": "string" }, "type": { "description": "Type of constraint. Valid values are `LAUNCH`, `NOTIFICATION`, `RESOURCE_UPDATE`, `STACKSET`, and `TEMPLATE`.\n", "type": "string" } }, "required": [ "description", "id", "owner", "parameters", "portfolioId", "productId", "status", "type" ], "type": "object" } }, "aws:servicecatalog/getLaunchPaths:getLaunchPaths": { "description": "Lists the paths to the specified product. A path is how the user has access to a specified product, and is necessary when provisioning a product. A path also determines the constraints put on the product.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getLaunchPaths({\n productId: \"prod-yakog5pdriver\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_launch_paths(product_id=\"prod-yakog5pdriver\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetLaunchPaths.Invoke(new()\n {\n ProductId = \"prod-yakog5pdriver\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.GetLaunchPaths(ctx, \u0026servicecatalog.GetLaunchPathsArgs{\n\t\t\tProductId: \"prod-yakog5pdriver\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetLaunchPathsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getLaunchPaths(GetLaunchPathsArgs.builder()\n .productId(\"prod-yakog5pdriver\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getLaunchPaths\n Arguments:\n productId: prod-yakog5pdriver\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLaunchPaths.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "productId": { "type": "string", "description": "Product identifier.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "productId" ] }, "outputs": { "description": "A collection of values returned by getLaunchPaths.\n", "properties": { "acceptLanguage": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "productId": { "type": "string" }, "summaries": { "description": "Block with information about the launch path. See details below.\n", "items": { "$ref": "#/types/aws:servicecatalog/getLaunchPathsSummary:getLaunchPathsSummary" }, "type": "array" } }, "required": [ "productId", "summaries", "id" ], "type": "object" } }, "aws:servicecatalog/getPortfolio:getPortfolio": { "description": "Provides information for a Service Catalog Portfolio.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst portfolio = aws.servicecatalog.getPortfolio({\n id: \"port-07052002\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nportfolio = aws.servicecatalog.get_portfolio(id=\"port-07052002\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var portfolio = Aws.ServiceCatalog.GetPortfolio.Invoke(new()\n {\n Id = \"port-07052002\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.LookupPortfolio(ctx, \u0026servicecatalog.LookupPortfolioArgs{\n\t\t\tId: \"port-07052002\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetPortfolioArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var portfolio = ServicecatalogFunctions.getPortfolio(GetPortfolioArgs.builder()\n .id(\"port-07052002\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n portfolio:\n fn::invoke:\n Function: aws:servicecatalog:getPortfolio\n Arguments:\n id: port-07052002\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPortfolio.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "id": { "type": "string", "description": "Portfolio identifier.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags applied to the portfolio.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getPortfolio.\n", "properties": { "acceptLanguage": { "type": "string" }, "arn": { "description": "Portfolio ARN.\n", "type": "string" }, "createdTime": { "description": "Time the portfolio was created.\n", "type": "string" }, "description": { "description": "Description of the portfolio\n", "type": "string" }, "id": { "type": "string" }, "name": { "description": "Portfolio name.\n", "type": "string" }, "providerName": { "description": "Name of the person or organization who owns the portfolio.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags applied to the portfolio.\n", "type": "object" } }, "required": [ "arn", "createdTime", "description", "id", "name", "providerName", "tags" ], "type": "object" } }, "aws:servicecatalog/getPortfolioConstraints:getPortfolioConstraints": { "description": "Provides information on Service Catalog Portfolio Constraints.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getPortfolioConstraints({\n portfolioId: \"port-3lli3b3an\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_portfolio_constraints(portfolio_id=\"port-3lli3b3an\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetPortfolioConstraints.Invoke(new()\n {\n PortfolioId = \"port-3lli3b3an\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.GetPortfolioConstraints(ctx, \u0026servicecatalog.GetPortfolioConstraintsArgs{\n\t\t\tPortfolioId: \"port-3lli3b3an\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetPortfolioConstraintsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getPortfolioConstraints(GetPortfolioConstraintsArgs.builder()\n .portfolioId(\"port-3lli3b3an\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getPortfolioConstraints\n Arguments:\n portfolioId: port-3lli3b3an\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPortfolioConstraints.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "portfolioId": { "type": "string", "description": "Portfolio identifier.\n\nThe following arguments are optional:\n" }, "productId": { "type": "string", "description": "Product identifier.\n" } }, "type": "object", "required": [ "portfolioId" ] }, "outputs": { "description": "A collection of values returned by getPortfolioConstraints.\n", "properties": { "acceptLanguage": { "type": "string" }, "details": { "description": "List of information about the constraints. See details below.\n", "items": { "$ref": "#/types/aws:servicecatalog/getPortfolioConstraintsDetail:getPortfolioConstraintsDetail" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "portfolioId": { "description": "Identifier of the portfolio the product resides in. The constraint applies only to the instance of the product that lives within this portfolio.\n", "type": "string" }, "productId": { "description": "Identifier of the product the constraint applies to. A constraint applies to a specific instance of a product within a certain portfolio.\n", "type": "string" } }, "required": [ "details", "portfolioId", "id" ], "type": "object" } }, "aws:servicecatalog/getProduct:getProduct": { "description": "Use this data source to retrieve information about a Service Catalog product.\n\n\u003e **NOTE:** A \"provisioning artifact\" is also known as a \"version,\" and a \"distributor\" is also known as a \"vendor.\"\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getProduct({\n id: \"prod-dnigbtea24ste\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_product(id=\"prod-dnigbtea24ste\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetProduct.Invoke(new()\n {\n Id = \"prod-dnigbtea24ste\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.LookupProduct(ctx, \u0026servicecatalog.LookupProductArgs{\n\t\t\tId: \"prod-dnigbtea24ste\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetProductArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getProduct(GetProductArgs.builder()\n .id(\"prod-dnigbtea24ste\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getProduct\n Arguments:\n id: prod-dnigbtea24ste\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProduct.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values are `en` (English), `jp` (Japanese), `zh` (Chinese). The default value is `en`.\n" }, "id": { "type": "string", "description": "ID of the product.\n\nThe following arguments are optional:\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags applied to the product.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getProduct.\n", "properties": { "acceptLanguage": { "type": "string" }, "arn": { "description": "ARN of the product.\n", "type": "string" }, "createdTime": { "description": "Time when the product was created.\n", "type": "string" }, "description": { "description": "Description of the product.\n", "type": "string" }, "distributor": { "description": "Vendor of the product.\n", "type": "string" }, "hasDefaultPath": { "description": "Whether the product has a default path.\n", "type": "boolean" }, "id": { "type": "string" }, "name": { "description": "Name of the product.\n", "type": "string" }, "owner": { "description": "Owner of the product.\n", "type": "string" }, "status": { "description": "Status of the product.\n", "type": "string" }, "supportDescription": { "description": "Field that provides support information about the product.\n", "type": "string" }, "supportEmail": { "description": "Contact email for product support.\n", "type": "string" }, "supportUrl": { "description": "Contact URL for product support.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags applied to the product.\n", "type": "object" }, "type": { "description": "Type of product.\n", "type": "string" } }, "required": [ "arn", "createdTime", "description", "distributor", "hasDefaultPath", "id", "name", "owner", "status", "supportDescription", "supportEmail", "supportUrl", "tags", "type" ], "type": "object" } }, "aws:servicecatalog/getProvisioningArtifacts:getProvisioningArtifacts": { "description": "Lists the provisioning artifacts for the specified product.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicecatalog.getProvisioningArtifacts({\n productId: \"prod-yakog5pdriver\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicecatalog.get_provisioning_artifacts(product_id=\"prod-yakog5pdriver\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceCatalog.GetProvisioningArtifacts.Invoke(new()\n {\n ProductId = \"prod-yakog5pdriver\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicecatalog\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicecatalog.GetProvisioningArtifacts(ctx, \u0026servicecatalog.GetProvisioningArtifactsArgs{\n\t\t\tProductId: \"prod-yakog5pdriver\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicecatalog.ServicecatalogFunctions;\nimport com.pulumi.aws.servicecatalog.inputs.GetProvisioningArtifactsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicecatalogFunctions.getProvisioningArtifacts(GetProvisioningArtifactsArgs.builder()\n .productId(\"prod-yakog5pdriver\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicecatalog:getProvisioningArtifacts\n Arguments:\n productId: prod-yakog5pdriver\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getProvisioningArtifacts.\n", "properties": { "acceptLanguage": { "type": "string", "description": "Language code. Valid values: `en` (English), `jp` (Japanese), `zh` (Chinese). Default value is `en`.\n" }, "productId": { "type": "string", "description": "Product identifier.\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "productId" ] }, "outputs": { "description": "A collection of values returned by getProvisioningArtifacts.\n", "properties": { "acceptLanguage": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "productId": { "type": "string" }, "provisioningArtifactDetails": { "description": "List with information about the provisioning artifacts. See details below.\n", "items": { "$ref": "#/types/aws:servicecatalog/getProvisioningArtifactsProvisioningArtifactDetail:getProvisioningArtifactsProvisioningArtifactDetail" }, "type": "array" } }, "required": [ "productId", "provisioningArtifactDetails", "id" ], "type": "object" } }, "aws:servicediscovery/getDnsNamespace:getDnsNamespace": { "description": "Retrieves information about a Service Discovery private or public DNS namespace.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.servicediscovery.getDnsNamespace({\n name: \"example.service.local\",\n type: \"DNS_PRIVATE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.servicediscovery.get_dns_namespace(name=\"example.service.local\",\n type=\"DNS_PRIVATE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ServiceDiscovery.GetDnsNamespace.Invoke(new()\n {\n Name = \"example.service.local\",\n Type = \"DNS_PRIVATE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicediscovery.GetDnsNamespace(ctx, \u0026servicediscovery.GetDnsNamespaceArgs{\n\t\t\tName: \"example.service.local\",\n\t\t\tType: \"DNS_PRIVATE\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.ServicediscoveryFunctions;\nimport com.pulumi.aws.servicediscovery.inputs.GetDnsNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ServicediscoveryFunctions.getDnsNamespace(GetDnsNamespaceArgs.builder()\n .name(\"example.service.local\")\n .type(\"DNS_PRIVATE\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:servicediscovery:getDnsNamespace\n Arguments:\n name: example.service.local\n type: DNS_PRIVATE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDnsNamespace.\n", "properties": { "name": { "type": "string", "description": "Name of the namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" }, "type": { "type": "string", "description": "Type of the namespace. Allowed values are `DNS_PUBLIC` or `DNS_PRIVATE`.\n" } }, "type": "object", "required": [ "name", "type" ] }, "outputs": { "description": "A collection of values returned by getDnsNamespace.\n", "properties": { "arn": { "description": "ARN of the namespace.\n", "type": "string" }, "description": { "description": "Description of the namespace.\n", "type": "string" }, "hostedZone": { "description": "ID for the hosted zone that Amazon Route 53 creates when you create a namespace.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "type": { "type": "string" } }, "required": [ "arn", "description", "hostedZone", "name", "tags", "type", "id" ], "type": "object" } }, "aws:servicediscovery/getHttpNamespace:getHttpNamespace": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicediscovery.getHttpNamespace({\n name: \"development\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicediscovery.get_http_namespace(name=\"development\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceDiscovery.GetHttpNamespace.Invoke(new()\n {\n Name = \"development\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicediscovery.LookupHttpNamespace(ctx, \u0026servicediscovery.LookupHttpNamespaceArgs{\n\t\t\tName: \"development\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.ServicediscoveryFunctions;\nimport com.pulumi.aws.servicediscovery.inputs.GetHttpNamespaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicediscoveryFunctions.getHttpNamespace(GetHttpNamespaceArgs.builder()\n .name(\"development\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicediscovery:getHttpNamespace\n Arguments:\n name: development\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getHttpNamespace.\n", "properties": { "name": { "type": "string", "description": "Name of the http namespace.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getHttpNamespace.\n", "properties": { "arn": { "description": "ARN that Amazon Route 53 assigns to the namespace when you create it.\n", "type": "string" }, "description": { "description": "Description that you specify for the namespace when you create it.\n", "type": "string" }, "httpName": { "description": "Name of an HTTP namespace.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" } }, "required": [ "arn", "description", "httpName", "name", "tags", "id" ], "type": "object" } }, "aws:servicediscovery/getService:getService": { "description": "Retrieves information about a Service Discovery Service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.servicediscovery.getService({\n name: \"example\",\n namespaceId: \"NAMESPACE_ID_VALUE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.servicediscovery.get_service(name=\"example\",\n namespace_id=\"NAMESPACE_ID_VALUE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.ServiceDiscovery.GetService.Invoke(new()\n {\n Name = \"example\",\n NamespaceId = \"NAMESPACE_ID_VALUE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicediscovery\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicediscovery.LookupService(ctx, \u0026servicediscovery.LookupServiceArgs{\n\t\t\tName: \"example\",\n\t\t\tNamespaceId: \"NAMESPACE_ID_VALUE\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicediscovery.ServicediscoveryFunctions;\nimport com.pulumi.aws.servicediscovery.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = ServicediscoveryFunctions.getService(GetServiceArgs.builder()\n .name(\"example\")\n .namespaceId(\"NAMESPACE_ID_VALUE\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:servicediscovery:getService\n Arguments:\n name: example\n namespaceId: NAMESPACE_ID_VALUE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "name": { "type": "string", "description": "Name of the service.\n" }, "namespaceId": { "type": "string", "description": "ID of the namespace that the service belongs to.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" }, "tagsAll": { "type": "object", "additionalProperties": { "type": "string" }, "description": "(**Deprecated**) Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "deprecationMessage": "this attribute has been deprecated" } }, "type": "object", "required": [ "name", "namespaceId" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "arn": { "description": "ARN of the service.\n", "type": "string" }, "description": { "description": "Description of the service.\n", "type": "string" }, "dnsConfigs": { "description": "Complex type that contains information about the resource record sets that you want Amazon Route 53 to create when you register an instance. See `dns_config` Block for details.\n", "items": { "$ref": "#/types/aws:servicediscovery/getServiceDnsConfig:getServiceDnsConfig" }, "type": "array" }, "healthCheckConfigs": { "description": "Complex type that contains settings for an optional health check. Only for Public DNS namespaces. See `health_check_config` Block for details.\n", "items": { "$ref": "#/types/aws:servicediscovery/getServiceHealthCheckConfig:getServiceHealthCheckConfig" }, "type": "array" }, "healthCheckCustomConfigs": { "description": "A complex type that contains settings for ECS managed health checks. See `health_check_custom_config` Block for details.\n", "items": { "$ref": "#/types/aws:servicediscovery/getServiceHealthCheckCustomConfig:getServiceHealthCheckCustomConfig" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "namespaceId": { "description": "ID of the namespace to use for DNS configuration.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the service. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n", "type": "object" }, "tagsAll": { "additionalProperties": { "type": "string" }, "deprecationMessage": "this attribute has been deprecated", "description": "(**Deprecated**) Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.\n", "type": "object" } }, "required": [ "arn", "description", "dnsConfigs", "healthCheckConfigs", "healthCheckCustomConfigs", "name", "namespaceId", "tagsAll", "id" ], "type": "object" } }, "aws:servicequotas/getService:getService": { "description": "Retrieve information about a Service Quotas Service.\n\n\u003e **NOTE:** Global quotas apply to all AWS regions, but can only be accessed in `us-east-1` in the Commercial partition or `us-gov-west-1` in the GovCloud partition. In other regions, the AWS API will return the error `The request failed because the specified service does not exist.`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicequotas.getService({\n serviceName: \"Amazon Virtual Private Cloud (Amazon VPC)\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.get_service(service_name=\"Amazon Virtual Private Cloud (Amazon VPC)\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceQuotas.GetService.Invoke(new()\n {\n ServiceName = \"Amazon Virtual Private Cloud (Amazon VPC)\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.GetService(ctx, \u0026servicequotas.GetServiceArgs{\n\t\t\tServiceName: \"Amazon Virtual Private Cloud (Amazon VPC)\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.ServicequotasFunctions;\nimport com.pulumi.aws.servicequotas.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicequotasFunctions.getService(GetServiceArgs.builder()\n .serviceName(\"Amazon Virtual Private Cloud (Amazon VPC)\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicequotas:getService\n Arguments:\n serviceName: Amazon Virtual Private Cloud (Amazon VPC)\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "serviceName": { "type": "string", "description": "Service name to lookup within Service Quotas. Available values can be found with the [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" } }, "type": "object", "required": [ "serviceName" ] }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "serviceCode": { "description": "Code of the service.\n", "type": "string" }, "serviceName": { "type": "string" } }, "required": [ "serviceCode", "serviceName", "id" ], "type": "object" } }, "aws:servicequotas/getServiceQuota:getServiceQuota": { "description": "Retrieve information about a Service Quota.\n\n\u003e **NOTE:** Global quotas apply to all AWS regions, but can only be accessed in `us-east-1` in the Commercial partition or `us-gov-west-1` in the GovCloud partition. In other regions, the AWS API will return the error `The request failed because the specified service does not exist.`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byQuotaCode = aws.servicequotas.getServiceQuota({\n quotaCode: \"L-F678F1CE\",\n serviceCode: \"vpc\",\n});\nconst byQuotaName = aws.servicequotas.getServiceQuota({\n quotaName: \"VPCs per Region\",\n serviceCode: \"vpc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_quota_code = aws.servicequotas.get_service_quota(quota_code=\"L-F678F1CE\",\n service_code=\"vpc\")\nby_quota_name = aws.servicequotas.get_service_quota(quota_name=\"VPCs per Region\",\n service_code=\"vpc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byQuotaCode = Aws.ServiceQuotas.GetServiceQuota.Invoke(new()\n {\n QuotaCode = \"L-F678F1CE\",\n ServiceCode = \"vpc\",\n });\n\n var byQuotaName = Aws.ServiceQuotas.GetServiceQuota.Invoke(new()\n {\n QuotaName = \"VPCs per Region\",\n ServiceCode = \"vpc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.LookupServiceQuota(ctx, \u0026servicequotas.LookupServiceQuotaArgs{\n\t\t\tQuotaCode: pulumi.StringRef(\"L-F678F1CE\"),\n\t\t\tServiceCode: \"vpc\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = servicequotas.LookupServiceQuota(ctx, \u0026servicequotas.LookupServiceQuotaArgs{\n\t\t\tQuotaName: pulumi.StringRef(\"VPCs per Region\"),\n\t\t\tServiceCode: \"vpc\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.ServicequotasFunctions;\nimport com.pulumi.aws.servicequotas.inputs.GetServiceQuotaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byQuotaCode = ServicequotasFunctions.getServiceQuota(GetServiceQuotaArgs.builder()\n .quotaCode(\"L-F678F1CE\")\n .serviceCode(\"vpc\")\n .build());\n\n final var byQuotaName = ServicequotasFunctions.getServiceQuota(GetServiceQuotaArgs.builder()\n .quotaName(\"VPCs per Region\")\n .serviceCode(\"vpc\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n byQuotaCode:\n fn::invoke:\n Function: aws:servicequotas:getServiceQuota\n Arguments:\n quotaCode: L-F678F1CE\n serviceCode: vpc\n byQuotaName:\n fn::invoke:\n Function: aws:servicequotas:getServiceQuota\n Arguments:\n quotaName: VPCs per Region\n serviceCode: vpc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServiceQuota.\n", "properties": { "quotaCode": { "type": "string", "description": "Quota code within the service. When configured, the data source directly looks up the service quota. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html). One of `quota_code` or `quota_name` must be specified.\n" }, "quotaName": { "type": "string", "description": "Quota name within the service. When configured, the data source searches through all service quotas to find the matching quota name. Available values can be found with the [AWS CLI service-quotas list-service-quotas command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html). One of `quota_name` or `quota_code` must be specified.\n" }, "serviceCode": { "type": "string", "description": "Service code for the quota. Available values can be found with the `aws.servicequotas.getService` data source or [AWS CLI service-quotas list-services command](https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-services.html).\n" } }, "type": "object", "required": [ "serviceCode" ] }, "outputs": { "description": "A collection of values returned by getServiceQuota.\n", "properties": { "adjustable": { "description": "Whether the service quota is adjustable.\n", "type": "boolean" }, "arn": { "description": "ARN of the service quota.\n", "type": "string" }, "defaultValue": { "description": "Default value of the service quota.\n", "type": "number" }, "globalQuota": { "description": "Whether the service quota is global for the AWS account.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "quotaCode": { "type": "string" }, "quotaName": { "type": "string" }, "serviceCode": { "type": "string" }, "serviceName": { "description": "Name of the service.\n", "type": "string" }, "usageMetrics": { "description": "Information about the measurement.\n", "items": { "$ref": "#/types/aws:servicequotas/getServiceQuotaUsageMetric:getServiceQuotaUsageMetric" }, "type": "array" }, "value": { "description": "Current value of the service quota.\n", "type": "number" } }, "required": [ "adjustable", "arn", "defaultValue", "globalQuota", "quotaCode", "quotaName", "serviceCode", "serviceName", "usageMetrics", "value", "id" ], "type": "object" } }, "aws:servicequotas/getTemplates:getTemplates": { "description": "Data source for managing an AWS Service Quotas Templates.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.servicequotas.getTemplates({\n region: \"us-east-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.servicequotas.get_templates(region=\"us-east-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.ServiceQuotas.GetTemplates.Invoke(new()\n {\n Region = \"us-east-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/servicequotas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := servicequotas.GetTemplates(ctx, \u0026servicequotas.GetTemplatesArgs{\n\t\t\tRegion: \"us-east-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.servicequotas.ServicequotasFunctions;\nimport com.pulumi.aws.servicequotas.inputs.GetTemplatesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = ServicequotasFunctions.getTemplates(GetTemplatesArgs.builder()\n .region(\"us-east-1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:servicequotas:getTemplates\n Arguments:\n region: us-east-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTemplates.\n", "properties": { "region": { "type": "string", "description": "AWS Region to which the quota increases apply.\n" }, "templates": { "type": "array", "items": { "$ref": "#/types/aws:servicequotas/getTemplatesTemplate:getTemplatesTemplate" }, "description": "A list of quota increase templates for specified region. See `templates`.\n" } }, "type": "object", "required": [ "region" ] }, "outputs": { "description": "A collection of values returned by getTemplates.\n", "properties": { "id": { "type": "string" }, "region": { "description": "AWS Region to which the template applies.\n", "type": "string" }, "templates": { "description": "A list of quota increase templates for specified region. See `templates`.\n", "items": { "$ref": "#/types/aws:servicequotas/getTemplatesTemplate:getTemplatesTemplate" }, "type": "array" } }, "required": [ "id", "region" ], "type": "object" } }, "aws:ses/getActiveReceiptRuleSet:getActiveReceiptRuleSet": { "description": "Retrieve the active SES receipt rule set\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.ses.getActiveReceiptRuleSet({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ses.get_active_receipt_rule_set()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.Ses.GetActiveReceiptRuleSet.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.LookupActiveReceiptRuleSet(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.SesFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = SesFunctions.getActiveReceiptRuleSet();\n\n }\n}\n```\n```yaml\nvariables:\n main:\n fn::invoke:\n Function: aws:ses:getActiveReceiptRuleSet\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getActiveReceiptRuleSet.\n", "properties": { "arn": { "description": "SES receipt rule set ARN.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ruleSetName": { "description": "Name of the rule set\n", "type": "string" } }, "required": [ "arn", "ruleSetName", "id" ], "type": "object" } }, "aws:ses/getDomainIdentity:getDomainIdentity": { "description": "Retrieve the SES domain identity\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ses.getDomainIdentity({\n domain: \"example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.get_domain_identity(domain=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ses.GetDomainIdentity.Invoke(new()\n {\n Domain = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.LookupDomainIdentity(ctx, \u0026ses.LookupDomainIdentityArgs{\n\t\t\tDomain: \"example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.SesFunctions;\nimport com.pulumi.aws.ses.inputs.GetDomainIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SesFunctions.getDomainIdentity(GetDomainIdentityArgs.builder()\n .domain(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ses:getDomainIdentity\n Arguments:\n domain: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDomainIdentity.\n", "properties": { "domain": { "type": "string", "description": "Name of the domain\n" } }, "type": "object", "required": [ "domain" ] }, "outputs": { "description": "A collection of values returned by getDomainIdentity.\n", "properties": { "arn": { "description": "ARN of the domain identity.\n", "type": "string" }, "domain": { "description": "Name of the domain\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "verificationToken": { "description": "Code which when added to the domain as a TXT record will signal to SES that the owner of the domain has authorized SES to act on their behalf.\n", "type": "string" } }, "required": [ "arn", "domain", "verificationToken", "id" ], "type": "object" } }, "aws:ses/getEmailIdentity:getEmailIdentity": { "description": "Retrieve the active SES email identity\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ses.getEmailIdentity({\n email: \"awesome@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.get_email_identity(email=\"awesome@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ses.GetEmailIdentity.Invoke(new()\n {\n Email = \"awesome@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ses.LookupEmailIdentity(ctx, \u0026ses.LookupEmailIdentityArgs{\n\t\t\tEmail: \"awesome@example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.SesFunctions;\nimport com.pulumi.aws.ses.inputs.GetEmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SesFunctions.getEmailIdentity(GetEmailIdentityArgs.builder()\n .email(\"awesome@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ses:getEmailIdentity\n Arguments:\n email: awesome@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEmailIdentity.\n", "properties": { "email": { "type": "string", "description": "Email identity.\n" } }, "type": "object", "required": [ "email" ] }, "outputs": { "description": "A collection of values returned by getEmailIdentity.\n", "properties": { "arn": { "description": "The ARN of the email identity.\n", "type": "string" }, "email": { "description": "Email identity.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "arn", "email", "id" ], "type": "object" } }, "aws:sesv2/getConfigurationSet:getConfigurationSet": { "description": "Data source for managing an AWS SESv2 (Simple Email V2) Configuration Set.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sesv2.getConfigurationSet({\n configurationSetName: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.get_configuration_set(configuration_set_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SesV2.GetConfigurationSet.Invoke(new()\n {\n ConfigurationSetName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.LookupConfigurationSet(ctx, \u0026sesv2.LookupConfigurationSetArgs{\n\t\t\tConfigurationSetName: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.Sesv2Functions;\nimport com.pulumi.aws.sesv2.inputs.GetConfigurationSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Sesv2Functions.getConfigurationSet(GetConfigurationSetArgs.builder()\n .configurationSetName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sesv2:getConfigurationSet\n Arguments:\n configurationSetName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getConfigurationSet.\n", "properties": { "configurationSetName": { "type": "string", "description": "The name of the configuration set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe.\n" } }, "type": "object", "required": [ "configurationSetName" ] }, "outputs": { "description": "A collection of values returned by getConfigurationSet.\n", "properties": { "arn": { "type": "string" }, "configurationSetName": { "type": "string" }, "deliveryOptions": { "description": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetDeliveryOption:getConfigurationSetDeliveryOption" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "reputationOptions": { "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetReputationOption:getConfigurationSetReputationOption" }, "type": "array" }, "sendingOptions": { "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetSendingOption:getConfigurationSetSendingOption" }, "type": "array" }, "suppressionOptions": { "description": "An object that contains information about the suppression list preferences for your account.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetSuppressionOption:getConfigurationSetSuppressionOption" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags for the container recipe.\n", "type": "object" }, "trackingOptions": { "description": "An object that defines the open and click tracking options for emails that you send using the configuration set.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetTrackingOption:getConfigurationSetTrackingOption" }, "type": "array" }, "vdmOptions": { "description": "An object that contains information about the VDM preferences for your configuration set.\n", "items": { "$ref": "#/types/aws:sesv2/getConfigurationSetVdmOption:getConfigurationSetVdmOption" }, "type": "array" } }, "required": [ "arn", "configurationSetName", "deliveryOptions", "reputationOptions", "sendingOptions", "suppressionOptions", "tags", "trackingOptions", "vdmOptions", "id" ], "type": "object" } }, "aws:sesv2/getDedicatedIpPool:getDedicatedIpPool": { "description": "Data source for managing an AWS SESv2 (Simple Email V2) Dedicated IP Pool.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sesv2.getDedicatedIpPool({\n poolName: \"my-pool\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.get_dedicated_ip_pool(pool_name=\"my-pool\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SesV2.GetDedicatedIpPool.Invoke(new()\n {\n PoolName = \"my-pool\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.LookupDedicatedIpPool(ctx, \u0026sesv2.LookupDedicatedIpPoolArgs{\n\t\t\tPoolName: \"my-pool\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.Sesv2Functions;\nimport com.pulumi.aws.sesv2.inputs.GetDedicatedIpPoolArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Sesv2Functions.getDedicatedIpPool(GetDedicatedIpPoolArgs.builder()\n .poolName(\"my-pool\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sesv2:getDedicatedIpPool\n Arguments:\n poolName: my-pool\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDedicatedIpPool.\n", "properties": { "poolName": { "type": "string", "description": "Name of the dedicated IP pool.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags attached to the pool.\n" } }, "type": "object", "required": [ "poolName" ] }, "outputs": { "description": "A collection of values returned by getDedicatedIpPool.\n", "properties": { "arn": { "description": "ARN of the Dedicated IP Pool.\n", "type": "string" }, "dedicatedIps": { "description": "A list of objects describing the pool's dedicated IP's. See `dedicated_ips`.\n", "items": { "$ref": "#/types/aws:sesv2/getDedicatedIpPoolDedicatedIp:getDedicatedIpPoolDedicatedIp" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "poolName": { "type": "string" }, "scalingMode": { "description": "(Optional) IP pool scaling mode. Valid values: `STANDARD`, `MANAGED`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags attached to the pool.\n", "type": "object" } }, "required": [ "arn", "dedicatedIps", "poolName", "scalingMode", "tags", "id" ], "type": "object" } }, "aws:sesv2/getEmailIdentity:getEmailIdentity": { "description": "Data source for managing an AWS SESv2 (Simple Email V2) Email Identity.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sesv2.getEmailIdentity({\n emailIdentity: \"example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.get_email_identity(email_identity=\"example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SesV2.GetEmailIdentity.Invoke(new()\n {\n EmailIdentity = \"example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sesv2.LookupEmailIdentity(ctx, \u0026sesv2.LookupEmailIdentityArgs{\n\t\t\tEmailIdentity: \"example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.Sesv2Functions;\nimport com.pulumi.aws.sesv2.inputs.GetEmailIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Sesv2Functions.getEmailIdentity(GetEmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sesv2:getEmailIdentity\n Arguments:\n emailIdentity: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEmailIdentity.\n", "properties": { "emailIdentity": { "type": "string", "description": "The name of the email identity.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n" } }, "type": "object", "required": [ "emailIdentity" ] }, "outputs": { "description": "A collection of values returned by getEmailIdentity.\n", "properties": { "arn": { "description": "ARN of the Email Identity.\n", "type": "string" }, "configurationSetName": { "type": "string" }, "dkimSigningAttributes": { "description": "A list of objects that contains at most one element with information about the private key and selector that you want to use to configure DKIM for the identity for Bring Your Own DKIM (BYODKIM) for the identity, or, configures the key length to be used for Easy DKIM.\n", "items": { "$ref": "#/types/aws:sesv2/getEmailIdentityDkimSigningAttribute:getEmailIdentityDkimSigningAttribute" }, "type": "array" }, "emailIdentity": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityType": { "description": "The email identity type. Valid values: `EMAIL_ADDRESS`, `DOMAIN`.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value mapping of resource tags.\n", "type": "object" }, "verifiedForSendingStatus": { "description": "Specifies whether or not the identity is verified.\n", "type": "boolean" } }, "required": [ "arn", "configurationSetName", "dkimSigningAttributes", "emailIdentity", "identityType", "tags", "verifiedForSendingStatus", "id" ], "type": "object" } }, "aws:sesv2/getEmailIdentityMailFromAttributes:getEmailIdentityMailFromAttributes": { "description": "Data source for managing an AWS SESv2 (Simple Email V2) Email Identity Mail From Attributes.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sesv2.getEmailIdentity({\n emailIdentity: \"example.com\",\n});\nconst exampleGetEmailIdentityMailFromAttributes = example.then(example =\u003e aws.sesv2.getEmailIdentityMailFromAttributes({\n emailIdentity: example.emailIdentity,\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sesv2.get_email_identity(email_identity=\"example.com\")\nexample_get_email_identity_mail_from_attributes = aws.sesv2.get_email_identity_mail_from_attributes(email_identity=example.email_identity)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SesV2.GetEmailIdentity.Invoke(new()\n {\n EmailIdentity = \"example.com\",\n });\n\n var exampleGetEmailIdentityMailFromAttributes = Aws.SesV2.GetEmailIdentityMailFromAttributes.Invoke(new()\n {\n EmailIdentity = example.Apply(getEmailIdentityResult =\u003e getEmailIdentityResult.EmailIdentity),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sesv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sesv2.LookupEmailIdentity(ctx, \u0026sesv2.LookupEmailIdentityArgs{\n\t\t\tEmailIdentity: \"example.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sesv2.LookupEmailIdentityMailFromAttributes(ctx, \u0026sesv2.LookupEmailIdentityMailFromAttributesArgs{\n\t\t\tEmailIdentity: example.EmailIdentity,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sesv2.Sesv2Functions;\nimport com.pulumi.aws.sesv2.inputs.GetEmailIdentityArgs;\nimport com.pulumi.aws.sesv2.inputs.GetEmailIdentityMailFromAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Sesv2Functions.getEmailIdentity(GetEmailIdentityArgs.builder()\n .emailIdentity(\"example.com\")\n .build());\n\n final var exampleGetEmailIdentityMailFromAttributes = Sesv2Functions.getEmailIdentityMailFromAttributes(GetEmailIdentityMailFromAttributesArgs.builder()\n .emailIdentity(example.applyValue(getEmailIdentityResult -\u003e getEmailIdentityResult.emailIdentity()))\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sesv2:getEmailIdentity\n Arguments:\n emailIdentity: example.com\n exampleGetEmailIdentityMailFromAttributes:\n fn::invoke:\n Function: aws:sesv2:getEmailIdentityMailFromAttributes\n Arguments:\n emailIdentity: ${example.emailIdentity}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getEmailIdentityMailFromAttributes.\n", "properties": { "emailIdentity": { "type": "string", "description": "The name of the email identity.\n" } }, "type": "object", "required": [ "emailIdentity" ] }, "outputs": { "description": "A collection of values returned by getEmailIdentityMailFromAttributes.\n", "properties": { "behaviorOnMxFailure": { "description": "The action to take if the required MX record isn't found when you send an email. Valid values: `USE_DEFAULT_VALUE`, `REJECT_MESSAGE`.\n", "type": "string" }, "emailIdentity": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "mailFromDomain": { "description": "The custom MAIL FROM domain that you want the verified identity to use.\n", "type": "string" } }, "required": [ "behaviorOnMxFailure", "emailIdentity", "mailFromDomain", "id" ], "type": "object" } }, "aws:sfn/getActivity:getActivity": { "description": "Provides a Step Functions Activity data source\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sfnActivity = aws.sfn.getActivity({\n name: \"my-activity\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsfn_activity = aws.sfn.get_activity(name=\"my-activity\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sfnActivity = Aws.Sfn.GetActivity.Invoke(new()\n {\n Name = \"my-activity\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.LookupActivity(ctx, \u0026sfn.LookupActivityArgs{\n\t\t\tName: pulumi.StringRef(\"my-activity\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.SfnFunctions;\nimport com.pulumi.aws.sfn.inputs.GetActivityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var sfnActivity = SfnFunctions.getActivity(GetActivityArgs.builder()\n .name(\"my-activity\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n sfnActivity:\n fn::invoke:\n Function: aws:sfn:getActivity\n Arguments:\n name: my-activity\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getActivity.\n", "properties": { "arn": { "type": "string", "description": "ARN that identifies the activity.\n" }, "name": { "type": "string", "description": "Name that identifies the activity.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getActivity.\n", "properties": { "arn": { "type": "string" }, "creationDate": { "description": "Date the activity was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "creationDate", "name", "id" ], "type": "object" } }, "aws:sfn/getAlias:getAlias": { "description": "Data source for managing an AWS SFN (Step Functions) State Machine Alias.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sfn.getAlias({\n name: \"my_sfn_alias\",\n statemachineArn: sfnTest.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sfn.get_alias(name=\"my_sfn_alias\",\n statemachine_arn=sfn_test[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Sfn.GetAlias.Invoke(new()\n {\n Name = \"my_sfn_alias\",\n StatemachineArn = sfnTest.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.LookupAlias(ctx, \u0026sfn.LookupAliasArgs{\n\t\t\tName: \"my_sfn_alias\",\n\t\t\tStatemachineArn: sfnTest.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.SfnFunctions;\nimport com.pulumi.aws.sfn.inputs.GetAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SfnFunctions.getAlias(GetAliasArgs.builder()\n .name(\"my_sfn_alias\")\n .statemachineArn(sfnTest.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sfn:getAlias\n Arguments:\n name: my_sfn_alias\n statemachineArn: ${sfnTest.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAlias.\n", "properties": { "description": { "type": "string", "description": "Description of state machine alias.\n" }, "name": { "type": "string", "description": "Name of the State Machine alias.\n" }, "statemachineArn": { "type": "string", "description": "ARN of the State Machine.\n" } }, "type": "object", "required": [ "name", "statemachineArn" ] }, "outputs": { "description": "A collection of values returned by getAlias.\n", "properties": { "arn": { "description": "ARN identifying the State Machine alias.\n", "type": "string" }, "creationDate": { "description": "Date the state machine Alias was created.\n", "type": "string" }, "description": { "description": "Description of state machine alias.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "routingConfigurations": { "description": "Routing Configuration of state machine alias\n", "items": { "$ref": "#/types/aws:sfn/getAliasRoutingConfiguration:getAliasRoutingConfiguration" }, "type": "array" }, "statemachineArn": { "type": "string" } }, "required": [ "arn", "creationDate", "name", "routingConfigurations", "statemachineArn", "id" ], "type": "object" } }, "aws:sfn/getStateMachine:getStateMachine": { "description": "Use this data source to get the ARN of a State Machine in AWS Step\nFunction (SFN). By using this data source, you can reference a\nstate machine without having to hard code the ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sfn.getStateMachine({\n name: \"an_example_sfn_name\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sfn.get_state_machine(name=\"an_example_sfn_name\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Sfn.GetStateMachine.Invoke(new()\n {\n Name = \"an_example_sfn_name\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.LookupStateMachine(ctx, \u0026sfn.LookupStateMachineArgs{\n\t\t\tName: \"an_example_sfn_name\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.SfnFunctions;\nimport com.pulumi.aws.sfn.inputs.GetStateMachineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SfnFunctions.getStateMachine(GetStateMachineArgs.builder()\n .name(\"an_example_sfn_name\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sfn:getStateMachine\n Arguments:\n name: an_example_sfn_name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStateMachine.\n", "properties": { "name": { "type": "string", "description": "Friendly name of the state machine to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getStateMachine.\n", "properties": { "arn": { "description": "Set to the arn of the state function.\n", "type": "string" }, "creationDate": { "description": "Date the state machine was created.\n", "type": "string" }, "definition": { "description": "Set to the state machine definition.\n", "type": "string" }, "description": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "revisionId": { "description": "The revision identifier for the state machine.\n", "type": "string" }, "roleArn": { "description": "Set to the role_arn used by the state function.\n", "type": "string" }, "status": { "description": "Set to the current status of the state machine.\n", "type": "string" } }, "required": [ "arn", "creationDate", "definition", "description", "name", "revisionId", "roleArn", "status", "id" ], "type": "object" } }, "aws:sfn/getStateMachineVersions:getStateMachineVersions": { "description": "Data source for managing an AWS SFN (Step Functions) State Machine Versions.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.sfn.getStateMachineVersions({\n statemachineArn: testAwsSfnStateMachine.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.sfn.get_state_machine_versions(statemachine_arn=test_aws_sfn_state_machine[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Sfn.GetStateMachineVersions.Invoke(new()\n {\n StatemachineArn = testAwsSfnStateMachine.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sfn\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sfn.GetStateMachineVersions(ctx, \u0026sfn.GetStateMachineVersionsArgs{\n\t\t\tStatemachineArn: testAwsSfnStateMachine.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sfn.SfnFunctions;\nimport com.pulumi.aws.sfn.inputs.GetStateMachineVersionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = SfnFunctions.getStateMachineVersions(GetStateMachineVersionsArgs.builder()\n .statemachineArn(testAwsSfnStateMachine.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:sfn:getStateMachineVersions\n Arguments:\n statemachineArn: ${testAwsSfnStateMachine.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getStateMachineVersions.\n", "properties": { "statemachineArn": { "type": "string", "description": "ARN of the State Machine.\n" } }, "type": "object", "required": [ "statemachineArn" ] }, "outputs": { "description": "A collection of values returned by getStateMachineVersions.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "statemachineArn": { "type": "string" }, "statemachineVersions": { "description": "ARN List identifying the statemachine versions.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "statemachineArn", "statemachineVersions", "id" ], "type": "object" } }, "aws:signer/getSigningJob:getSigningJob": { "description": "Provides information about a Signer Signing Job.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst buildSigningJob = aws.signer.getSigningJob({\n jobId: \"9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbuild_signing_job = aws.signer.get_signing_job(job_id=\"9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var buildSigningJob = Aws.Signer.GetSigningJob.Invoke(new()\n {\n JobId = \"9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/signer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := signer.LookupSigningJob(ctx, \u0026signer.LookupSigningJobArgs{\n\t\t\tJobId: \"9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.signer.SignerFunctions;\nimport com.pulumi.aws.signer.inputs.GetSigningJobArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var buildSigningJob = SignerFunctions.getSigningJob(GetSigningJobArgs.builder()\n .jobId(\"9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n buildSigningJob:\n fn::invoke:\n Function: aws:signer:getSigningJob\n Arguments:\n jobId: 9ed7e5c3-b8d4-4da0-8459-44e0b068f7ee\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSigningJob.\n", "properties": { "jobId": { "type": "string", "description": "ID of the signing job on output.\n" } }, "type": "object", "required": [ "jobId" ] }, "outputs": { "description": "A collection of values returned by getSigningJob.\n", "properties": { "completedAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was completed.\n", "type": "string" }, "createdAt": { "description": "Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the signing job was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "jobId": { "type": "string" }, "jobInvoker": { "description": "IAM entity that initiated the signing job.\n", "type": "string" }, "jobOwner": { "description": "AWS account ID of the job owner.\n", "type": "string" }, "platformDisplayName": { "description": "A human-readable name for the signing platform associated with the signing job.\n", "type": "string" }, "platformId": { "description": "Platform to which your signed code image will be distributed.\n", "type": "string" }, "profileName": { "description": "Name of the profile that initiated the signing operation.\n", "type": "string" }, "profileVersion": { "description": "Version of the signing profile used to initiate the signing job.\n", "type": "string" }, "requestedBy": { "description": "IAM principal that requested the signing job.\n", "type": "string" }, "revocationRecords": { "description": "Revocation record if the signature generated by the signing job has been revoked. Contains a timestamp and the ID of the IAM entity that revoked the signature.\n", "items": { "$ref": "#/types/aws:signer/getSigningJobRevocationRecord:getSigningJobRevocationRecord" }, "type": "array" }, "signatureExpiresAt": { "description": "The time when the signature of a signing job expires.\n", "type": "string" }, "signedObjects": { "description": "Name of the S3 bucket where the signed code image is saved by code signing.\n", "items": { "$ref": "#/types/aws:signer/getSigningJobSignedObject:getSigningJobSignedObject" }, "type": "array" }, "sources": { "description": "Object that contains the name of your S3 bucket or your raw code.\n", "items": { "$ref": "#/types/aws:signer/getSigningJobSource:getSigningJobSource" }, "type": "array" }, "status": { "description": "Status of the signing job.\n", "type": "string" }, "statusReason": { "description": "String value that contains the status reason.\n", "type": "string" } }, "required": [ "completedAt", "createdAt", "jobId", "jobInvoker", "jobOwner", "platformDisplayName", "platformId", "profileName", "profileVersion", "requestedBy", "revocationRecords", "signatureExpiresAt", "signedObjects", "sources", "status", "statusReason", "id" ], "type": "object" } }, "aws:signer/getSigningProfile:getSigningProfile": { "description": "Provides information about a Signer Signing Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst productionSigningProfile = aws.signer.getSigningProfile({\n name: \"prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nproduction_signing_profile = aws.signer.get_signing_profile(name=\"prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var productionSigningProfile = Aws.Signer.GetSigningProfile.Invoke(new()\n {\n Name = \"prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/signer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := signer.LookupSigningProfile(ctx, \u0026signer.LookupSigningProfileArgs{\n\t\t\tName: \"prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.signer.SignerFunctions;\nimport com.pulumi.aws.signer.inputs.GetSigningProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var productionSigningProfile = SignerFunctions.getSigningProfile(GetSigningProfileArgs.builder()\n .name(\"prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n productionSigningProfile:\n fn::invoke:\n Function: aws:signer:getSigningProfile\n Arguments:\n name: prod_profile_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSigningProfile.\n", "properties": { "name": { "type": "string", "description": "Name of the target signing profile.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags associated with the signing profile.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getSigningProfile.\n", "properties": { "arn": { "description": "ARN for the signing profile.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "platformDisplayName": { "description": "A human-readable name for the signing platform associated with the signing profile.\n", "type": "string" }, "platformId": { "description": "ID of the platform that is used by the target signing profile.\n", "type": "string" }, "revocationRecords": { "description": "Revocation information for a signing profile.\n", "items": { "$ref": "#/types/aws:signer/getSigningProfileRevocationRecord:getSigningProfileRevocationRecord" }, "type": "array" }, "signatureValidityPeriods": { "description": "The validity period for a signing job.\n", "items": { "$ref": "#/types/aws:signer/getSigningProfileSignatureValidityPeriod:getSigningProfileSignatureValidityPeriod" }, "type": "array" }, "status": { "description": "Status of the target signing profile.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "List of tags associated with the signing profile.\n", "type": "object" }, "version": { "description": "Current version of the signing profile.\n", "type": "string" }, "versionArn": { "description": "Signing profile ARN, including the profile version.\n", "type": "string" } }, "required": [ "arn", "name", "platformDisplayName", "platformId", "revocationRecords", "signatureValidityPeriods", "status", "tags", "version", "versionArn", "id" ], "type": "object" } }, "aws:sns/getTopic:getTopic": { "description": "Use this data source to get the ARN of a topic in AWS Simple Notification\nService (SNS). By using this data source, you can reference SNS topics\nwithout having to hard code the ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sns.getTopic({\n name: \"an_example_topic\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sns.get_topic(name=\"an_example_topic\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Sns.GetTopic.Invoke(new()\n {\n Name = \"an_example_topic\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.LookupTopic(ctx, \u0026sns.LookupTopicArgs{\n\t\t\tName: \"an_example_topic\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.SnsFunctions;\nimport com.pulumi.aws.sns.inputs.GetTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SnsFunctions.getTopic(GetTopicArgs.builder()\n .name(\"an_example_topic\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sns:getTopic\n Arguments:\n name: an_example_topic\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTopic.\n", "properties": { "name": { "type": "string", "description": "Friendly name of the topic to match.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getTopic.\n", "properties": { "arn": { "description": "ARN of the found topic, suitable for referencing in other resources that support SNS topics.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "name", "id" ], "type": "object" } }, "aws:sqs/getQueue:getQueue": { "description": "Use this data source to get the ARN and URL of queue in AWS Simple Queue Service (SQS).\nBy using this data source, you can reference SQS queues without having to hardcode\nthe ARNs as input.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sqs.getQueue({\n name: \"queue\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sqs.get_queue(name=\"queue\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Sqs.GetQueue.Invoke(new()\n {\n Name = \"queue\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.LookupQueue(ctx, \u0026sqs.LookupQueueArgs{\n\t\t\tName: \"queue\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.SqsFunctions;\nimport com.pulumi.aws.sqs.inputs.GetQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SqsFunctions.getQueue(GetQueueArgs.builder()\n .name(\"queue\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sqs:getQueue\n Arguments:\n name: queue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQueue.\n", "properties": { "name": { "type": "string", "description": "Name of the queue to match.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getQueue.\n", "properties": { "arn": { "description": "ARN of the queue.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags for the resource.\n", "type": "object" }, "url": { "description": "URL of the queue.\n", "type": "string" } }, "required": [ "arn", "name", "tags", "url", "id" ], "type": "object" } }, "aws:sqs/getQueues:getQueues": { "description": "Data source for managing an AWS SQS (Simple Queue) Queues.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.sqs.getQueues({\n queueNamePrefix: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sqs.get_queues(queue_name_prefix=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Sqs.GetQueues.Invoke(new()\n {\n QueueNamePrefix = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sqs.GetQueues(ctx, \u0026sqs.GetQueuesArgs{\n\t\t\tQueueNamePrefix: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.SqsFunctions;\nimport com.pulumi.aws.sqs.inputs.GetQueuesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SqsFunctions.getQueues(GetQueuesArgs.builder()\n .queueNamePrefix(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:sqs:getQueues\n Arguments:\n queueNamePrefix: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getQueues.\n", "properties": { "queueNamePrefix": { "type": "string", "description": "A string to use for filtering the list results. Only those queues whose name begins with the specified string are returned. Queue URLs and names are case-sensitive.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getQueues.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "queueNamePrefix": { "type": "string" }, "queueUrls": { "description": "A list of queue URLs.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "queueUrls", "id" ], "type": "object" } }, "aws:ssm/getContactsRotation:getContactsRotation": { "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssm.getContactsRotation({\n arn: \"arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.get_contacts_rotation(arn=\"arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ssm.GetContactsRotation.Invoke(new()\n {\n Arn = \"arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupContactsRotation(ctx, \u0026ssm.LookupContactsRotationArgs{\n\t\t\tArn: \"arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetContactsRotationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmFunctions.getContactsRotation(GetContactsRotationArgs.builder()\n .arn(\"arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssm:getContactsRotation\n Arguments:\n arn: arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContactsRotation.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the rotation.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getContactsRotation.\n", "properties": { "arn": { "type": "string" }, "contactIds": { "description": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation. The order in which you list the contacts is their shift order in the rotation schedule.\n", "items": { "type": "string" }, "type": "array" }, "id": { "type": "string" }, "name": { "description": "The name for the rotation.\n", "type": "string" }, "recurrences": { "description": "Information about when an on-call rotation is in effect and how long the rotation period lasts.\n", "items": { "$ref": "#/types/aws:ssm/getContactsRotationRecurrence:getContactsRotationRecurrence" }, "type": "array" }, "startTime": { "description": "The date and time, in RFC 3339 format, that the rotation goes into effect.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags to assign to the resource.\n", "type": "object" }, "timeZoneId": { "description": "The time zone to base the rotation’s activity on in Internet Assigned Numbers Authority (IANA) format.\n", "type": "string" } }, "required": [ "arn", "contactIds", "id", "name", "recurrences", "startTime", "tags", "timeZoneId" ], "type": "object" } }, "aws:ssm/getDocument:getDocument": { "description": "Gets the contents of the specified Systems Manager document.\n\n## Example Usage\n\nTo get the contents of the document owned by AWS.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.ssm.getDocument({\n name: \"AWS-GatherSoftwareInventory\",\n documentFormat: \"YAML\",\n});\nexport const content = foo.then(foo =\u003e foo.content);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.get_document(name=\"AWS-GatherSoftwareInventory\",\n document_format=\"YAML\")\npulumi.export(\"content\", foo.content)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ssm.GetDocument.Invoke(new()\n {\n Name = \"AWS-GatherSoftwareInventory\",\n DocumentFormat = \"YAML\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"content\"] = foo.Apply(getDocumentResult =\u003e getDocumentResult.Content),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ssm.LookupDocument(ctx, \u0026ssm.LookupDocumentArgs{\n\t\t\tName: \"AWS-GatherSoftwareInventory\",\n\t\t\tDocumentFormat: pulumi.StringRef(\"YAML\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"content\", foo.Content)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = SsmFunctions.getDocument(GetDocumentArgs.builder()\n .name(\"AWS-GatherSoftwareInventory\")\n .documentFormat(\"YAML\")\n .build());\n\n ctx.export(\"content\", foo.applyValue(getDocumentResult -\u003e getDocumentResult.content()));\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ssm:getDocument\n Arguments:\n name: AWS-GatherSoftwareInventory\n documentFormat: YAML\noutputs:\n content: ${foo.content}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo get the contents of the custom document.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ssm.getDocument({\n name: testAwsSsmDocument.name,\n documentFormat: \"JSON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ssm.get_document(name=test_aws_ssm_document[\"name\"],\n document_format=\"JSON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.Ssm.GetDocument.Invoke(new()\n {\n Name = testAwsSsmDocument.Name,\n DocumentFormat = \"JSON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupDocument(ctx, \u0026ssm.LookupDocumentArgs{\n\t\t\tName: testAwsSsmDocument.Name,\n\t\t\tDocumentFormat: pulumi.StringRef(\"JSON\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetDocumentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = SsmFunctions.getDocument(GetDocumentArgs.builder()\n .name(testAwsSsmDocument.name())\n .documentFormat(\"JSON\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ssm:getDocument\n Arguments:\n name: ${testAwsSsmDocument.name}\n documentFormat: JSON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDocument.\n", "properties": { "documentFormat": { "type": "string", "description": "The format of the document. Valid values: `JSON`, `TEXT`, `YAML`.\n" }, "documentVersion": { "type": "string", "description": "The document version.\n" }, "name": { "type": "string", "description": "The name of the document.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getDocument.\n", "properties": { "arn": { "description": "ARN of the document. If the document is an AWS managed document, this value will be set to the name of the document instead.\n", "type": "string" }, "content": { "description": "The content for the SSM document in JSON or YAML format.\n", "type": "string" }, "documentFormat": { "type": "string" }, "documentType": { "description": "The type of the document.\n", "type": "string" }, "documentVersion": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "arn", "content", "documentType", "name", "id" ], "type": "object" } }, "aws:ssm/getInstances:getInstances": { "description": "Use this data source to get the instance IDs of SSM managed instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssm.getInstances({\n filters: [{\n name: \"PlatformTypes\",\n values: [\"Linux\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.get_instances(filters=[{\n \"name\": \"PlatformTypes\",\n \"values\": [\"Linux\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ssm.GetInstances.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ssm.Inputs.GetInstancesFilterInputArgs\n {\n Name = \"PlatformTypes\",\n Values = new[]\n {\n \"Linux\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.GetInstances(ctx, \u0026ssm.GetInstancesArgs{\n\t\t\tFilters: []ssm.GetInstancesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"PlatformTypes\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"Linux\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetInstancesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmFunctions.getInstances(GetInstancesArgs.builder()\n .filters(GetInstancesFilterArgs.builder()\n .name(\"PlatformTypes\")\n .values(\"Linux\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssm:getInstances\n Arguments:\n filters:\n - name: PlatformTypes\n values:\n - Linux\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getInstances.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getInstancesFilter:getInstancesFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getInstances.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ssm/getInstancesFilter:getInstancesFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "Set of instance IDs of the matched SSM managed instances.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ssm/getMaintenanceWindows:getMaintenanceWindows": { "description": "Use this data source to get the window IDs of SSM maintenance windows.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssm.getMaintenanceWindows({\n filters: [{\n name: \"Enabled\",\n values: [\"true\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.get_maintenance_windows(filters=[{\n \"name\": \"Enabled\",\n \"values\": [\"true\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ssm.GetMaintenanceWindows.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ssm.Inputs.GetMaintenanceWindowsFilterInputArgs\n {\n Name = \"Enabled\",\n Values = new[]\n {\n \"true\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.GetMaintenanceWindows(ctx, \u0026ssm.GetMaintenanceWindowsArgs{\n\t\t\tFilters: []ssm.GetMaintenanceWindowsFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"Enabled\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"true\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetMaintenanceWindowsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmFunctions.getMaintenanceWindows(GetMaintenanceWindowsArgs.builder()\n .filters(GetMaintenanceWindowsFilterArgs.builder()\n .name(\"Enabled\")\n .values(\"true\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssm:getMaintenanceWindows\n Arguments:\n filters:\n - name: Enabled\n values:\n - 'true'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getMaintenanceWindows.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:ssm/getMaintenanceWindowsFilter:getMaintenanceWindowsFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getMaintenanceWindows.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:ssm/getMaintenanceWindowsFilter:getMaintenanceWindowsFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ids": { "description": "List of window IDs of the matched SSM maintenance windows.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "ids", "id" ], "type": "object" } }, "aws:ssm/getParameter:getParameter": { "description": "Provides an SSM Parameter data source.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = aws.ssm.getParameter({\n name: \"foo\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ssm.get_parameter(name=\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = Aws.Ssm.GetParameter.Invoke(new()\n {\n Name = \"foo\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupParameter(ctx, \u0026ssm.LookupParameterArgs{\n\t\t\tName: \"foo\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var foo = SsmFunctions.getParameter(GetParameterArgs.builder()\n .name(\"foo\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n foo:\n fn::invoke:\n Function: aws:ssm:getParameter\n Arguments:\n name: foo\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** The unencrypted value of a SecureString will be stored in the raw state as plain-text.\n", "inputs": { "description": "A collection of arguments for invoking getParameter.\n", "properties": { "name": { "type": "string", "description": "Name of the parameter.\n" }, "withDecryption": { "type": "boolean", "description": "Whether to return decrypted `SecureString` value. Defaults to `true`.\n\nIn addition to all arguments above, the following attributes are exported:\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getParameter.\n", "properties": { "arn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "insecureValue": { "type": "string" }, "name": { "type": "string" }, "type": { "type": "string" }, "value": { "secret": true, "type": "string" }, "version": { "type": "integer" }, "withDecryption": { "type": "boolean" } }, "required": [ "arn", "insecureValue", "name", "type", "value", "version", "id" ], "type": "object" } }, "aws:ssm/getParametersByPath:getParametersByPath": { "inputs": { "description": "A collection of arguments for invoking getParametersByPath.\n", "properties": { "path": { "type": "string", "description": "The hierarchy for the parameter. Hierarchies start with a forward slash (/). The hierarchy is the parameter name except the last part of the parameter. The last part of the parameter name can't be in the path. A parameter name hierarchy can have a maximum of 15 levels. **Note:** If the parameter name (e.g., `/my-app/my-param`) is specified, the data source will not retrieve any value as designed, unless there are other parameters that happen to use the former path in their hierarchy (e.g., `/my-app/my-param/my-actual-param`).\n" }, "recursive": { "type": "boolean", "description": "Whether to retrieve all parameters within the hirerachy. Defaults to `false`.\n" }, "withDecryption": { "type": "boolean", "description": "Whether to retrieve all parameters in the hierarchy, particularly those of `SecureString` type, with their value decrypted. Defaults to `true`.\n" } }, "type": "object", "required": [ "path" ] }, "outputs": { "description": "A collection of values returned by getParametersByPath.\n", "properties": { "arns": { "description": "A list that contains the Amazon Resource Names (ARNs) of the retrieved parameters.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "names": { "description": "A list that contains the names of the retrieved parameters.\n", "items": { "type": "string" }, "type": "array" }, "path": { "type": "string" }, "recursive": { "type": "boolean" }, "types": { "description": "A list that contains the types (`String`, `StringList`, or `SecureString`) of retrieved parameters.\n", "items": { "type": "string" }, "type": "array" }, "values": { "description": "A list that contains the retrieved parameter values. **Note:** This value is always marked as sensitive in the pulumi preview output, regardless of whether any retrieved parameters are of `SecureString` type. Use the `nonsensitive` function to override the behavior at your own risk and discretion, if you are certain that there are no sensitive values being retrieved.\n", "items": { "type": "string" }, "secret": true, "type": "array" }, "withDecryption": { "type": "boolean" } }, "required": [ "arns", "names", "path", "types", "values", "id" ], "type": "object" } }, "aws:ssm/getPatchBaseline:getPatchBaseline": { "description": "Provides an SSM Patch Baseline data source. Useful if you wish to reuse the default baselines provided.\n\n## Example Usage\n\nTo retrieve a baseline provided by AWS:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst centos = aws.ssm.getPatchBaseline({\n owner: \"AWS\",\n namePrefix: \"AWS-\",\n operatingSystem: \"CENTOS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncentos = aws.ssm.get_patch_baseline(owner=\"AWS\",\n name_prefix=\"AWS-\",\n operating_system=\"CENTOS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var centos = Aws.Ssm.GetPatchBaseline.Invoke(new()\n {\n Owner = \"AWS\",\n NamePrefix = \"AWS-\",\n OperatingSystem = \"CENTOS\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupPatchBaseline(ctx, \u0026ssm.LookupPatchBaselineArgs{\n\t\t\tOwner: \"AWS\",\n\t\t\tNamePrefix: pulumi.StringRef(\"AWS-\"),\n\t\t\tOperatingSystem: pulumi.StringRef(\"CENTOS\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetPatchBaselineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var centos = SsmFunctions.getPatchBaseline(GetPatchBaselineArgs.builder()\n .owner(\"AWS\")\n .namePrefix(\"AWS-\")\n .operatingSystem(\"CENTOS\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n centos:\n fn::invoke:\n Function: aws:ssm:getPatchBaseline\n Arguments:\n owner: AWS\n namePrefix: AWS-\n operatingSystem: CENTOS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo retrieve a baseline on your account:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst defaultCustom = aws.ssm.getPatchBaseline({\n owner: \"Self\",\n namePrefix: \"MyCustomBaseline\",\n defaultBaseline: true,\n operatingSystem: \"WINDOWS\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault_custom = aws.ssm.get_patch_baseline(owner=\"Self\",\n name_prefix=\"MyCustomBaseline\",\n default_baseline=True,\n operating_system=\"WINDOWS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultCustom = Aws.Ssm.GetPatchBaseline.Invoke(new()\n {\n Owner = \"Self\",\n NamePrefix = \"MyCustomBaseline\",\n DefaultBaseline = true,\n OperatingSystem = \"WINDOWS\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.LookupPatchBaseline(ctx, \u0026ssm.LookupPatchBaselineArgs{\n\t\t\tOwner: \"Self\",\n\t\t\tNamePrefix: pulumi.StringRef(\"MyCustomBaseline\"),\n\t\t\tDefaultBaseline: pulumi.BoolRef(true),\n\t\t\tOperatingSystem: pulumi.StringRef(\"WINDOWS\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetPatchBaselineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var defaultCustom = SsmFunctions.getPatchBaseline(GetPatchBaselineArgs.builder()\n .owner(\"Self\")\n .namePrefix(\"MyCustomBaseline\")\n .defaultBaseline(true)\n .operatingSystem(\"WINDOWS\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n defaultCustom:\n fn::invoke:\n Function: aws:ssm:getPatchBaseline\n Arguments:\n owner: Self\n namePrefix: MyCustomBaseline\n defaultBaseline: true\n operatingSystem: WINDOWS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPatchBaseline.\n", "properties": { "defaultBaseline": { "type": "boolean", "description": "Filters the results against the baselines default_baseline field.\n" }, "namePrefix": { "type": "string", "description": "Filter results by the baseline name prefix.\n" }, "operatingSystem": { "type": "string", "description": "Specified OS for the baseline. Valid values: `AMAZON_LINUX`, `AMAZON_LINUX_2`, `UBUNTU`, `REDHAT_ENTERPRISE_LINUX`, `SUSE`, `CENTOS`, `ORACLE_LINUX`, `DEBIAN`, `MACOS`, `RASPBIAN` and `ROCKY_LINUX`.\n" }, "owner": { "type": "string", "description": "Owner of the baseline. Valid values: `All`, `AWS`, `Self` (the current account).\n\nThe following arguments are optional:\n" } }, "type": "object", "required": [ "owner" ] }, "outputs": { "description": "A collection of values returned by getPatchBaseline.\n", "properties": { "approvalRules": { "description": "List of rules used to include patches in the baseline.\n", "items": { "$ref": "#/types/aws:ssm/getPatchBaselineApprovalRule:getPatchBaselineApprovalRule" }, "type": "array" }, "approvedPatches": { "description": "List of explicitly approved patches for the baseline.\n", "items": { "type": "string" }, "type": "array" }, "approvedPatchesComplianceLevel": { "description": "Compliance level for approved patches.\n", "type": "string" }, "approvedPatchesEnableNonSecurity": { "description": "Indicates whether the list of approved patches includes non-security updates that should be applied to the instances.\n", "type": "boolean" }, "defaultBaseline": { "type": "boolean" }, "description": { "description": "Description of the baseline.\n", "type": "string" }, "globalFilters": { "description": "Set of global filters used to exclude patches from the baseline.\n", "items": { "$ref": "#/types/aws:ssm/getPatchBaselineGlobalFilter:getPatchBaselineGlobalFilter" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "json": { "description": "JSON representation of the baseline.\n", "type": "string" }, "name": { "description": "Name specified to identify the patch source.\n", "type": "string" }, "namePrefix": { "type": "string" }, "operatingSystem": { "type": "string" }, "owner": { "type": "string" }, "rejectedPatches": { "description": "List of rejected patches.\n", "items": { "type": "string" }, "type": "array" }, "rejectedPatchesAction": { "description": "Action specified to take on patches included in the `rejected_patches` list.\n", "type": "string" }, "sources": { "description": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories.\n", "items": { "$ref": "#/types/aws:ssm/getPatchBaselineSource:getPatchBaselineSource" }, "type": "array" } }, "required": [ "approvalRules", "approvedPatches", "approvedPatchesComplianceLevel", "approvedPatchesEnableNonSecurity", "description", "globalFilters", "json", "name", "owner", "rejectedPatches", "rejectedPatchesAction", "sources", "id" ], "type": "object" } }, "aws:ssmcontacts/getContact:getContact": { "description": "Data source for managing an AWS SSM Contact.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssmcontacts.getContact({\n arn: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.get_contact(arn=\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsmContacts.GetContact.Invoke(new()\n {\n Arn = \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.LookupContact(ctx, \u0026ssmcontacts.LookupContactArgs{\n\t\t\tArn: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.SsmcontactsFunctions;\nimport com.pulumi.aws.ssmcontacts.inputs.GetContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmcontactsFunctions.getContact(GetContactArgs.builder()\n .arn(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssmcontacts:getContact\n Arguments:\n arn: arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContact.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getContact.\n", "properties": { "alias": { "description": "A unique and identifiable alias of the contact or escalation plan.\n", "type": "string" }, "arn": { "type": "string" }, "displayName": { "description": "Full friendly name of the contact or escalation plan.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Map of tags to assign to the resource.\n", "type": "object" }, "type": { "description": "The type of contact engaged. A single contact is type `PERSONAL` and an escalation plan is type `ESCALATION`.\n", "type": "string" } }, "required": [ "alias", "arn", "displayName", "tags", "type", "id" ], "type": "object" } }, "aws:ssmcontacts/getContactChannel:getContactChannel": { "description": "Data source for managing an AWS SSM Contacts Contact Channel.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssmcontacts.getContactChannel({\n arn: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.get_contact_channel(arn=\"arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsmContacts.GetContactChannel.Invoke(new()\n {\n Arn = \"arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.LookupContactChannel(ctx, \u0026ssmcontacts.LookupContactChannelArgs{\n\t\t\tArn: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.SsmcontactsFunctions;\nimport com.pulumi.aws.ssmcontacts.inputs.GetContactChannelArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmcontactsFunctions.getContactChannel(GetContactChannelArgs.builder()\n .arn(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssmcontacts:getContactChannel\n Arguments:\n arn: arn:aws:ssm-contacts:us-west-2:123456789012:contact-channel/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getContactChannel.\n", "properties": { "arn": { "type": "string", "description": "Amazon Resource Name (ARN) of the contact channel.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getContactChannel.\n", "properties": { "activationStatus": { "description": "Whether the contact channel is activated.\n", "type": "string" }, "arn": { "type": "string" }, "contactId": { "description": "Amazon Resource Name (ARN) of the AWS SSM Contact that the contact channel belongs to.\n", "type": "string" }, "deliveryAddresses": { "description": "Details used to engage the contact channel.\n", "items": { "$ref": "#/types/aws:ssmcontacts/getContactChannelDeliveryAddress:getContactChannelDeliveryAddress" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the contact channel.\n", "type": "string" }, "type": { "description": "Type of the contact channel.\n", "type": "string" } }, "required": [ "activationStatus", "arn", "contactId", "deliveryAddresses", "name", "type", "id" ], "type": "object" } }, "aws:ssmcontacts/getPlan:getPlan": { "description": "Data source for managing a Plan of an AWS SSM Contact.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.ssmcontacts.getPlan({\n contactId: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.ssmcontacts.get_plan(contact_id=\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.SsmContacts.GetPlan.Invoke(new()\n {\n ContactId = \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.LookupPlan(ctx, \u0026ssmcontacts.LookupPlanArgs{\n\t\t\tContactId: \"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.SsmcontactsFunctions;\nimport com.pulumi.aws.ssmcontacts.inputs.GetPlanArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = SsmcontactsFunctions.getPlan(GetPlanArgs.builder()\n .contactId(\"arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:ssmcontacts:getPlan\n Arguments:\n contactId: arn:aws:ssm-contacts:us-west-2:123456789012:contact/contactalias\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPlan.\n", "properties": { "contactId": { "type": "string", "description": "The Amazon Resource Name (ARN) of the contact or escalation plan.\n" } }, "type": "object", "required": [ "contactId" ] }, "outputs": { "description": "A collection of values returned by getPlan.\n", "properties": { "contactId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "stages": { "description": "List of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.\n", "items": { "$ref": "#/types/aws:ssmcontacts/getPlanStage:getPlanStage" }, "type": "array" } }, "required": [ "contactId", "stages", "id" ], "type": "object" } }, "aws:ssmincidents/getReplicationSet:getReplicationSet": { "description": "\u003e **NOTE:** The AWS Region specified by a provider must always be one of the Regions specified for the replication set.\n\nUse this data source to manage a replication set in AWS Systems Manager Incident Manager.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssmincidents.getReplicationSet({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.get_replication_set()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsmIncidents.GetReplicationSet.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.LookupReplicationSet(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.SsmincidentsFunctions;\nimport com.pulumi.aws.ssmincidents.inputs.GetReplicationSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsmincidentsFunctions.getReplicationSet();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssmincidents:getReplicationSet\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getReplicationSet.\n", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "All tags applied to the replication set.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getReplicationSet.\n", "properties": { "arn": { "description": "The Amazon Resouce Name (ARN) of the replication set.\n", "type": "string" }, "createdBy": { "description": "The ARN of the user who created the replication set.\n", "type": "string" }, "deletionProtected": { "description": "If `true`, the last remaining Region in a replication set can’t be deleted.\n", "type": "boolean" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastModifiedBy": { "description": "The ARN of the user who last modified the replication set.\n", "type": "string" }, "regions": { "items": { "$ref": "#/types/aws:ssmincidents/getReplicationSetRegion:getReplicationSetRegion" }, "type": "array" }, "status": { "description": "The current status of the Region.\n* Valid Values: `ACTIVE` | `CREATING` | `UPDATING` | `DELETING` | `FAILED`\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "All tags applied to the replication set.\n", "type": "object" } }, "required": [ "arn", "createdBy", "deletionProtected", "lastModifiedBy", "regions", "status", "tags", "id" ], "type": "object" } }, "aws:ssmincidents/getResponsePlan:getResponsePlan": { "description": "Use this data source to manage a response plan in AWS Systems Manager Incident Manager.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n arn: exampleARN\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResponsePlan.\n", "properties": { "arn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the response plan.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The tags applied to the response plan.\n" } }, "type": "object", "required": [ "arn" ] }, "outputs": { "description": "A collection of values returned by getResponsePlan.\n", "properties": { "actions": { "description": "(Optional) The actions that the response plan starts at the beginning of an incident.\n", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanAction:getResponsePlanAction" }, "type": "array" }, "arn": { "type": "string" }, "chatChannels": { "description": "The Chatbot chat channel used for collaboration during an incident.\n", "items": { "type": "string" }, "type": "array" }, "displayName": { "description": "The long format of the response plan name. This field can contain spaces.\n", "type": "string" }, "engagements": { "description": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "incidentTemplates": { "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanIncidentTemplate:getResponsePlanIncidentTemplate" }, "type": "array" }, "integrations": { "description": "Information about third-party services integrated into the response plan. The following values are supported:\n", "items": { "$ref": "#/types/aws:ssmincidents/getResponsePlanIntegration:getResponsePlanIntegration" }, "type": "array" }, "name": { "description": "The name of the PagerDuty configuration.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "The tags applied to the response plan.\n", "type": "object" } }, "required": [ "actions", "arn", "chatChannels", "displayName", "engagements", "incidentTemplates", "integrations", "name", "tags", "id" ], "type": "object" } }, "aws:ssoadmin/getApplication:getApplication": { "description": "Data source for managing an AWS SSO Admin Application.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getApplication({\n applicationArn: \"arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_application(application_arn=\"arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetApplication.Invoke(new()\n {\n ApplicationArn = \"arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.LookupApplication(ctx, \u0026ssoadmin.LookupApplicationArgs{\n\t\t\tApplicationArn: \"arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getApplication(GetApplicationArgs.builder()\n .applicationArn(\"arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getApplication\n Arguments:\n applicationArn: arn:aws:sso::012345678901:application/ssoins-1234/apl-5678\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplication.\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "portalOptions": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationPortalOption:getApplicationPortalOption" }, "description": "Options for the portal associated with an application. See the `aws.ssoadmin.Application` resource documentation. The attributes are the same.\n" } }, "type": "object", "required": [ "applicationArn" ] }, "outputs": { "description": "A collection of values returned by getApplication.\n", "properties": { "applicationAccount": { "description": "AWS account ID.\n", "type": "string" }, "applicationArn": { "type": "string" }, "applicationProviderArn": { "description": "ARN of the application provider.\n", "type": "string" }, "description": { "description": "Description of the application.\n", "type": "string" }, "id": { "description": "ARN of the application.\n", "type": "string" }, "instanceArn": { "description": "ARN of the instance of IAM Identity Center.\n", "type": "string" }, "name": { "description": "Name of the application.\n", "type": "string" }, "portalOptions": { "description": "Options for the portal associated with an application. See the `aws.ssoadmin.Application` resource documentation. The attributes are the same.\n", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationPortalOption:getApplicationPortalOption" }, "type": "array" }, "status": { "description": "Status of the application.\n", "type": "string" } }, "required": [ "applicationAccount", "applicationArn", "applicationProviderArn", "description", "id", "instanceArn", "name", "status" ], "type": "object" } }, "aws:ssoadmin/getApplicationAssignments:getApplicationAssignments": { "description": "Data source for managing AWS SSO Admin Application Assignments.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getApplicationAssignments({\n applicationArn: exampleAwsSsoadminApplication.applicationArn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_application_assignments(application_arn=example_aws_ssoadmin_application[\"applicationArn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetApplicationAssignments.Invoke(new()\n {\n ApplicationArn = exampleAwsSsoadminApplication.ApplicationArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.GetApplicationAssignments(ctx, \u0026ssoadmin.GetApplicationAssignmentsArgs{\n\t\t\tApplicationArn: exampleAwsSsoadminApplication.ApplicationArn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetApplicationAssignmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getApplicationAssignments(GetApplicationAssignmentsArgs.builder()\n .applicationArn(exampleAwsSsoadminApplication.applicationArn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getApplicationAssignments\n Arguments:\n applicationArn: ${exampleAwsSsoadminApplication.applicationArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplicationAssignments.\n", "properties": { "applicationArn": { "type": "string", "description": "ARN of the application.\n" }, "applicationAssignments": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationAssignmentsApplicationAssignment:getApplicationAssignmentsApplicationAssignment" }, "description": "List of principals assigned to the application. See the `application_assignments` attribute reference below.\n" } }, "type": "object", "required": [ "applicationArn" ] }, "outputs": { "description": "A collection of values returned by getApplicationAssignments.\n", "properties": { "applicationArn": { "description": "ARN of the application.\n", "type": "string" }, "applicationAssignments": { "description": "List of principals assigned to the application. See the `application_assignments` attribute reference below.\n", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationAssignmentsApplicationAssignment:getApplicationAssignmentsApplicationAssignment" }, "type": "array" }, "id": { "type": "string" } }, "required": [ "applicationArn", "id" ], "type": "object" } }, "aws:ssoadmin/getApplicationProviders:getApplicationProviders": { "description": "Data source for managing AWS SSO Admin Application Providers.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getApplicationProviders({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_application_providers()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetApplicationProviders.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.GetApplicationProviders(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetApplicationProvidersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getApplicationProviders();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getApplicationProviders\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getApplicationProviders.\n", "properties": { "applicationProviders": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationProvidersApplicationProvider:getApplicationProvidersApplicationProvider" }, "description": "A list of application providers available in the current region. See `application_providers` below.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getApplicationProviders.\n", "properties": { "applicationProviders": { "description": "A list of application providers available in the current region. See `application_providers` below.\n", "items": { "$ref": "#/types/aws:ssoadmin/getApplicationProvidersApplicationProvider:getApplicationProvidersApplicationProvider" }, "type": "array" }, "id": { "description": "AWS region.\n", "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:ssoadmin/getInstances:getInstances": { "description": "Use this data source to get ARNs and Identity Store IDs of Single Sign-On (SSO) Instances.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nexport const arn = example.then(example =\u003e example.arns?.[0]);\nexport const identityStoreId = example.then(example =\u003e example.identityStoreIds?.[0]);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\npulumi.export(\"arn\", example.arns[0])\npulumi.export(\"identityStoreId\", example.identity_store_ids[0])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"arn\"] = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n [\"identityStoreId\"] = example.Apply(getInstancesResult =\u003e getInstancesResult.IdentityStoreIds[0]),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"arn\", example.Arns[0])\n\t\tctx.Export(\"identityStoreId\", example.IdentityStoreIds[0])\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n ctx.export(\"arn\", example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]));\n ctx.export(\"identityStoreId\", example.applyValue(getInstancesResult -\u003e getInstancesResult.identityStoreIds()[0]));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\noutputs:\n arn: ${example.arns[0]}\n identityStoreId: ${example.identityStoreIds[0]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { "description": "A collection of values returned by getInstances.\n", "properties": { "arns": { "description": "Set of Amazon Resource Names (ARNs) of the SSO Instances.\n", "items": { "type": "string" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityStoreIds": { "description": "Set of identifiers of the identity stores connected to the SSO Instances.\n", "items": { "type": "string" }, "type": "array" } }, "required": [ "arns", "identityStoreIds", "id" ], "type": "object" } }, "aws:ssoadmin/getPermissionSet:getPermissionSet": { "description": "Use this data source to get a Single Sign-On (SSO) Permission Set.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getInstances({});\nconst exampleGetPermissionSet = example.then(example =\u003e aws.ssoadmin.getPermissionSet({\n instanceArn: example.arns?.[0],\n name: \"Example\",\n}));\nexport const arn = exampleGetPermissionSet.then(exampleGetPermissionSet =\u003e exampleGetPermissionSet.arn);\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_instances()\nexample_get_permission_set = aws.ssoadmin.get_permission_set(instance_arn=example.arns[0],\n name=\"Example\")\npulumi.export(\"arn\", example_get_permission_set.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetInstances.Invoke();\n\n var exampleGetPermissionSet = Aws.SsoAdmin.GetPermissionSet.Invoke(new()\n {\n InstanceArn = example.Apply(getInstancesResult =\u003e getInstancesResult.Arns[0]),\n Name = \"Example\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"arn\"] = exampleGetPermissionSet.Apply(getPermissionSetResult =\u003e getPermissionSetResult.Arn),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ssoadmin.GetInstances(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleGetPermissionSet, err := ssoadmin.LookupPermissionSet(ctx, \u0026ssoadmin.LookupPermissionSetArgs{\n\t\t\tInstanceArn: example.Arns[0],\n\t\t\tName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"arn\", exampleGetPermissionSet.Arn)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetPermissionSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getInstances();\n\n final var exampleGetPermissionSet = SsoadminFunctions.getPermissionSet(GetPermissionSetArgs.builder()\n .instanceArn(example.applyValue(getInstancesResult -\u003e getInstancesResult.arns()[0]))\n .name(\"Example\")\n .build());\n\n ctx.export(\"arn\", exampleGetPermissionSet.applyValue(getPermissionSetResult -\u003e getPermissionSetResult.arn()));\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getInstances\n Arguments: {}\n exampleGetPermissionSet:\n fn::invoke:\n Function: aws:ssoadmin:getPermissionSet\n Arguments:\n instanceArn: ${example.arns[0]}\n name: Example\noutputs:\n arn: ${exampleGetPermissionSet.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPermissionSet.\n", "properties": { "arn": { "type": "string", "description": "ARN of the permission set.\n" }, "instanceArn": { "type": "string", "description": "ARN of the SSO Instance associated with the permission set.\n" }, "name": { "type": "string", "description": "Name of the SSO Permission Set.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n" } }, "type": "object", "required": [ "instanceArn" ] }, "outputs": { "description": "A collection of values returned by getPermissionSet.\n", "properties": { "arn": { "type": "string" }, "createdDate": { "type": "string" }, "description": { "description": "Description of the Permission Set.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "instanceArn": { "type": "string" }, "name": { "type": "string" }, "relayState": { "description": "Relay state URL used to redirect users within the application during the federation authentication process.\n", "type": "string" }, "sessionDuration": { "description": "Length of time that the application user sessions are valid in the ISO-8601 standard.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Key-value map of resource tags.\n", "type": "object" } }, "required": [ "arn", "createdDate", "description", "instanceArn", "name", "relayState", "sessionDuration", "tags", "id" ], "type": "object" } }, "aws:ssoadmin/getPrincipalApplicationAssignments:getPrincipalApplicationAssignments": { "description": "Data source for viewing AWS SSO Admin Principal Application Assignments.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ssoadmin.getPrincipalApplicationAssignments({\n instanceArn: test.arns[0],\n principalId: testAwsIdentitystoreUser.userId,\n principalType: \"USER\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssoadmin.get_principal_application_assignments(instance_arn=test[\"arns\"],\n principal_id=test_aws_identitystore_user[\"userId\"],\n principal_type=\"USER\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.SsoAdmin.GetPrincipalApplicationAssignments.Invoke(new()\n {\n InstanceArn = test.Arns[0],\n PrincipalId = testAwsIdentitystoreUser.UserId,\n PrincipalType = \"USER\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssoadmin.GetPrincipalApplicationAssignments(ctx, \u0026ssoadmin.GetPrincipalApplicationAssignmentsArgs{\n\t\t\tInstanceArn: test.Arns[0],\n\t\t\tPrincipalId: testAwsIdentitystoreUser.UserId,\n\t\t\tPrincipalType: \"USER\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssoadmin.SsoadminFunctions;\nimport com.pulumi.aws.ssoadmin.inputs.GetPrincipalApplicationAssignmentsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = SsoadminFunctions.getPrincipalApplicationAssignments(GetPrincipalApplicationAssignmentsArgs.builder()\n .instanceArn(test.arns()[0])\n .principalId(testAwsIdentitystoreUser.userId())\n .principalType(\"USER\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:ssoadmin:getPrincipalApplicationAssignments\n Arguments:\n instanceArn: ${test.arns[0]}\n principalId: ${testAwsIdentitystoreUser.userId}\n principalType: USER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPrincipalApplicationAssignments.\n", "properties": { "applicationAssignments": { "type": "array", "items": { "$ref": "#/types/aws:ssoadmin/getPrincipalApplicationAssignmentsApplicationAssignment:getPrincipalApplicationAssignmentsApplicationAssignment" }, "description": "List of principals assigned to the application. See the `application_assignments` attribute reference below.\n" }, "instanceArn": { "type": "string", "description": "ARN of the instance of IAM Identity Center.\n" }, "principalId": { "type": "string", "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n" }, "principalType": { "type": "string", "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n" } }, "type": "object", "required": [ "instanceArn", "principalId", "principalType" ] }, "outputs": { "description": "A collection of values returned by getPrincipalApplicationAssignments.\n", "properties": { "applicationAssignments": { "description": "List of principals assigned to the application. See the `application_assignments` attribute reference below.\n", "items": { "$ref": "#/types/aws:ssoadmin/getPrincipalApplicationAssignmentsApplicationAssignment:getPrincipalApplicationAssignmentsApplicationAssignment" }, "type": "array" }, "id": { "type": "string" }, "instanceArn": { "type": "string" }, "principalId": { "description": "An identifier for an object in IAM Identity Center, such as a user or group.\n", "type": "string" }, "principalType": { "description": "Entity type for which the assignment will be created. Valid values are `USER` or `GROUP`.\n", "type": "string" } }, "required": [ "id", "instanceArn", "principalId", "principalType" ], "type": "object" } }, "aws:storagegateway/getLocalDisk:getLocalDisk": { "description": "Retrieve information about a Storage Gateway local disk. The disk identifier is useful for adding the disk as a cache or upload buffer to a gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.storagegateway.getLocalDisk({\n diskPath: testAwsVolumeAttachment.deviceName,\n gatewayArn: testAwsStoragegatewayGateway.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.storagegateway.get_local_disk(disk_path=test_aws_volume_attachment[\"deviceName\"],\n gateway_arn=test_aws_storagegateway_gateway[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.StorageGateway.GetLocalDisk.Invoke(new()\n {\n DiskPath = testAwsVolumeAttachment.DeviceName,\n GatewayArn = testAwsStoragegatewayGateway.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.GetLocalDisk(ctx, \u0026storagegateway.GetLocalDiskArgs{\n\t\t\tDiskPath: pulumi.StringRef(testAwsVolumeAttachment.DeviceName),\n\t\t\tGatewayArn: testAwsStoragegatewayGateway.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.StoragegatewayFunctions;\nimport com.pulumi.aws.storagegateway.inputs.GetLocalDiskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = StoragegatewayFunctions.getLocalDisk(GetLocalDiskArgs.builder()\n .diskPath(testAwsVolumeAttachment.deviceName())\n .gatewayArn(testAwsStoragegatewayGateway.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:storagegateway:getLocalDisk\n Arguments:\n diskPath: ${testAwsVolumeAttachment.deviceName}\n gatewayArn: ${testAwsStoragegatewayGateway.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getLocalDisk.\n", "properties": { "diskNode": { "type": "string", "description": "Device node of the local disk to retrieve. For example, `/dev/sdb`.\n" }, "diskPath": { "type": "string", "description": "Device path of the local disk to retrieve. For example, `/dev/xvdb` or `/dev/nvme1n1`.\n" }, "gatewayArn": { "type": "string", "description": "ARN of the gateway.\n" } }, "type": "object", "required": [ "gatewayArn" ] }, "outputs": { "description": "A collection of values returned by getLocalDisk.\n", "properties": { "diskId": { "description": "Disk identifierE.g., `pci-0000:03:00.0-scsi-0:0:0:0`\n", "type": "string" }, "diskNode": { "type": "string" }, "diskPath": { "type": "string" }, "gatewayArn": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" } }, "required": [ "diskId", "diskNode", "diskPath", "gatewayArn", "id" ], "type": "object" } }, "aws:timestreamwrite/getDatabase:getDatabase": { "description": "Data source for managing an AWS Timestream Write Database.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.timestreamwrite.getDatabase({\n name: \"database-example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.timestreamwrite.get_database(name=\"database-example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.TimestreamWrite.GetDatabase.Invoke(new()\n {\n Name = \"database-example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.LookupDatabase(ctx, \u0026timestreamwrite.LookupDatabaseArgs{\n\t\t\tName: \"database-example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.TimestreamwriteFunctions;\nimport com.pulumi.aws.timestreamwrite.inputs.GetDatabaseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = TimestreamwriteFunctions.getDatabase(GetDatabaseArgs.builder()\n .name(\"database-example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:timestreamwrite:getDatabase\n Arguments:\n name: database-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDatabase.\n", "properties": { "name": { "type": "string" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getDatabase.\n", "properties": { "arn": { "description": "The ARN that uniquely identifies this database.\n", "type": "string" }, "createdTime": { "description": "Creation time of database.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "kmsKeyId": { "description": "The ARN of the KMS key used to encrypt the data stored in the database.\n", "type": "string" }, "lastUpdatedTime": { "description": "Last time database was updated.\n", "type": "string" }, "name": { "type": "string" }, "tableCount": { "description": "Total number of tables in the Timestream database.\n", "type": "integer" } }, "required": [ "arn", "createdTime", "kmsKeyId", "lastUpdatedTime", "name", "tableCount", "id" ], "type": "object" } }, "aws:timestreamwrite/getTable:getTable": { "description": "Data source for managing an AWS Timestream Write Table.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.timestreamwrite.getTable({\n databaseName: testAwsTimestreamwriteDatabase.databaseName,\n name: testAwsTimestreamwriteTable.tableName,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.timestreamwrite.get_table(database_name=test_aws_timestreamwrite_database[\"databaseName\"],\n name=test_aws_timestreamwrite_table[\"tableName\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.TimestreamWrite.GetTable.Invoke(new()\n {\n DatabaseName = testAwsTimestreamwriteDatabase.DatabaseName,\n Name = testAwsTimestreamwriteTable.TableName,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/timestreamwrite\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreamwrite.LookupTable(ctx, \u0026timestreamwrite.LookupTableArgs{\n\t\t\tDatabaseName: testAwsTimestreamwriteDatabase.DatabaseName,\n\t\t\tName: testAwsTimestreamwriteTable.TableName,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreamwrite.TimestreamwriteFunctions;\nimport com.pulumi.aws.timestreamwrite.inputs.GetTableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = TimestreamwriteFunctions.getTable(GetTableArgs.builder()\n .databaseName(testAwsTimestreamwriteDatabase.databaseName())\n .name(testAwsTimestreamwriteTable.tableName())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:timestreamwrite:getTable\n Arguments:\n databaseName: ${testAwsTimestreamwriteDatabase.databaseName}\n name: ${testAwsTimestreamwriteTable.tableName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getTable.\n", "properties": { "databaseName": { "type": "string", "description": "Name of the Timestream database.\n" }, "name": { "type": "string", "description": "Name of the Timestream table.\n" } }, "type": "object", "required": [ "databaseName", "name" ] }, "outputs": { "description": "A collection of values returned by getTable.\n", "properties": { "arn": { "description": "ARN that uniquely identifies the table.\n", "type": "string" }, "creationTime": { "description": "Time that table was created.\n", "type": "string" }, "databaseName": { "description": "Name of database.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedTime": { "description": "Last time table was updated.\n", "type": "string" }, "magneticStoreWriteProperties": { "description": "Object containing the following attributes to desribe magnetic store writes.\n", "items": { "$ref": "#/types/aws:timestreamwrite/getTableMagneticStoreWriteProperty:getTableMagneticStoreWriteProperty" }, "type": "array" }, "name": { "description": "Name of the table.\n", "type": "string" }, "retentionProperties": { "description": "Object containing the following attributes to describe the retention duration for the memory and magnetic stores.\n", "items": { "$ref": "#/types/aws:timestreamwrite/getTableRetentionProperty:getTableRetentionProperty" }, "type": "array" }, "schemas": { "description": "Object containing the following attributes to describe the schema of the table.\n", "items": { "$ref": "#/types/aws:timestreamwrite/getTableSchema:getTableSchema" }, "type": "array" }, "tableStatus": { "description": "Current state of table.\n", "type": "string" } }, "required": [ "arn", "creationTime", "databaseName", "lastUpdatedTime", "magneticStoreWriteProperties", "name", "retentionProperties", "schemas", "tableStatus", "id" ], "type": "object" } }, "aws:transfer/getConnector:getConnector": { "description": "Data source for managing an AWS Transfer Family Connector.\n", "inputs": { "description": "A collection of arguments for invoking getConnector.\n", "properties": { "id": { "type": "string", "description": "Unique identifier for connector\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getConnector.\n", "properties": { "accessRole": { "description": "ARN of the AWS Identity and Access Management role.\n", "type": "string" }, "arn": { "description": "ARN of the Connector.\n", "type": "string" }, "as2Configs": { "description": "Structure containing the parameters for an AS2 connector object. Contains the following attributes:\n", "items": { "$ref": "#/types/aws:transfer/getConnectorAs2Config:getConnectorAs2Config" }, "type": "array" }, "id": { "type": "string" }, "loggingRole": { "description": "ARN of the IAM role that allows a connector to turn on CLoudwatch logging for Amazon S3 events.\n", "type": "string" }, "securityPolicyName": { "description": "Name of security policy.\n", "type": "string" }, "serviceManagedEgressIpAddresses": { "description": "List of egress Ip addresses.\n", "items": { "type": "string" }, "type": "array" }, "sftpConfigs": { "description": "Object containing the following attributes:\n", "items": { "$ref": "#/types/aws:transfer/getConnectorSftpConfig:getConnectorSftpConfig" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Object containing the following attributes:\n", "type": "object" }, "url": { "description": "URL of the partner's AS2 or SFTP endpoint.\n", "type": "string" } }, "required": [ "accessRole", "arn", "as2Configs", "id", "loggingRole", "securityPolicyName", "serviceManagedEgressIpAddresses", "sftpConfigs", "tags", "url" ], "type": "object" } }, "aws:transfer/getServer:getServer": { "description": "Use this data source to get the ARN of an AWS Transfer Server for use in other\nresources.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.transfer.getServer({\n serverId: \"s-1234567\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.transfer.get_server(server_id=\"s-1234567\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Transfer.GetServer.Invoke(new()\n {\n ServerId = \"s-1234567\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transfer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transfer.LookupServer(ctx, \u0026transfer.LookupServerArgs{\n\t\t\tServerId: \"s-1234567\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.transfer.TransferFunctions;\nimport com.pulumi.aws.transfer.inputs.GetServerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = TransferFunctions.getServer(GetServerArgs.builder()\n .serverId(\"s-1234567\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:transfer:getServer\n Arguments:\n serverId: s-1234567\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServer.\n", "properties": { "serverId": { "type": "string", "description": "ID for an SFTP server.\n" } }, "type": "object", "required": [ "serverId" ] }, "outputs": { "description": "A collection of values returned by getServer.\n", "properties": { "arn": { "description": "ARN of Transfer Server.\n", "type": "string" }, "certificate": { "description": "ARN of any certificate.\n", "type": "string" }, "domain": { "description": "The domain of the storage system that is used for file transfers.\n", "type": "string" }, "endpoint": { "description": "Endpoint of the Transfer Server (e.g., `s-12345678.server.transfer.REGION.amazonaws.com`).\n", "type": "string" }, "endpointType": { "description": "Type of endpoint that the server is connected to.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "identityProviderType": { "description": "The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice.\n", "type": "string" }, "invocationRole": { "description": "ARN of the IAM role used to authenticate the user account with an `identity_provider_type` of `API_GATEWAY`.\n", "type": "string" }, "loggingRole": { "description": "ARN of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes.\n", "type": "string" }, "protocols": { "description": "File transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint.\n", "items": { "type": "string" }, "type": "array" }, "securityPolicyName": { "description": "The name of the security policy that is attached to the server.\n", "type": "string" }, "serverId": { "type": "string" }, "structuredLogDestinations": { "description": "A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs.\n", "items": { "type": "string" }, "type": "array" }, "url": { "description": "URL of the service endpoint used to authenticate users with an `identity_provider_type` of `API_GATEWAY`.\n", "type": "string" } }, "required": [ "arn", "certificate", "domain", "endpoint", "endpointType", "identityProviderType", "invocationRole", "loggingRole", "protocols", "securityPolicyName", "serverId", "structuredLogDestinations", "url", "id" ], "type": "object" } }, "aws:verifiedpermissions/getPolicyStore:getPolicyStore": { "description": "Data source for managing an AWS Verified Permissions Policy Store.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.verifiedpermissions.getPolicyStore({\n id: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.verifiedpermissions.get_policy_store(id=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.VerifiedPermissions.GetPolicyStore.Invoke(new()\n {\n Id = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedpermissions\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := verifiedpermissions.LookupPolicyStore(ctx, \u0026verifiedpermissions.LookupPolicyStoreArgs{\n\t\t\tId: \"example\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.verifiedpermissions.VerifiedpermissionsFunctions;\nimport com.pulumi.aws.verifiedpermissions.inputs.GetPolicyStoreArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VerifiedpermissionsFunctions.getPolicyStore(GetPolicyStoreArgs.builder()\n .id(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:verifiedpermissions:getPolicyStore\n Arguments:\n id: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getPolicyStore.\n", "properties": { "id": { "type": "string", "description": "The ID of the Policy Store.\n" } }, "type": "object", "required": [ "id" ] }, "outputs": { "description": "A collection of values returned by getPolicyStore.\n", "properties": { "arn": { "description": "The ARN of the Policy Store.\n", "type": "string" }, "createdDate": { "description": "The date the Policy Store was created.\n", "type": "string" }, "description": { "type": "string" }, "id": { "type": "string" }, "lastUpdatedDate": { "description": "The date the Policy Store was last updated.\n", "type": "string" }, "validationSettings": { "description": "Validation settings for the policy store.\n", "items": { "$ref": "#/types/aws:verifiedpermissions/getPolicyStoreValidationSetting:getPolicyStoreValidationSetting" }, "type": "array" } }, "required": [ "arn", "createdDate", "description", "id", "lastUpdatedDate", "validationSettings" ], "type": "object" } }, "aws:vpc/getSecurityGroupRule:getSecurityGroupRule": { "description": "`aws.vpc.getSecurityGroupRule` provides details about a specific security group rule.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpc.getSecurityGroupRule({\n securityGroupRuleId: securityGroupRuleId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpc.get_security_group_rule(security_group_rule_id=security_group_rule_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Vpc.GetSecurityGroupRule.Invoke(new()\n {\n SecurityGroupRuleId = securityGroupRuleId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpc.GetSecurityGroupRule(ctx, \u0026vpc.GetSecurityGroupRuleArgs{\n\t\t\tSecurityGroupRuleId: pulumi.StringRef(securityGroupRuleId),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpc.VpcFunctions;\nimport com.pulumi.aws.vpc.inputs.GetSecurityGroupRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpcFunctions.getSecurityGroupRule(GetSecurityGroupRuleArgs.builder()\n .securityGroupRuleId(securityGroupRuleId)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpc:getSecurityGroupRule\n Arguments:\n securityGroupRuleId: ${securityGroupRuleId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecurityGroupRule.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:vpc/getSecurityGroupRuleFilter:getSecurityGroupRuleFilter" }, "description": "Configuration block(s) for filtering. Detailed below.\n" }, "securityGroupRuleId": { "type": "string", "description": "ID of the security group rule to select.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroupRule.\n", "properties": { "arn": { "description": "The Amazon Resource Name (ARN) of the security group rule.\n", "type": "string" }, "cidrIpv4": { "description": "The destination IPv4 CIDR range.\n", "type": "string" }, "cidrIpv6": { "description": "The destination IPv6 CIDR range.\n", "type": "string" }, "description": { "description": "The security group rule description.\n", "type": "string" }, "filters": { "items": { "$ref": "#/types/aws:vpc/getSecurityGroupRuleFilter:getSecurityGroupRuleFilter" }, "type": "array" }, "fromPort": { "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.\n", "type": "integer" }, "id": { "type": "string" }, "ipProtocol": { "description": "The IP protocol name or number. Use `-1` to specify all protocols.\n", "type": "string" }, "isEgress": { "description": "Indicates whether the security group rule is an outbound rule.\n", "type": "boolean" }, "prefixListId": { "description": "The ID of the destination prefix list.\n", "type": "string" }, "referencedSecurityGroupId": { "description": "The destination security group that is referenced in the rule.\n", "type": "string" }, "securityGroupId": { "description": "The ID of the security group.\n", "type": "string" }, "securityGroupRuleId": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the resource.\n", "type": "object" }, "toPort": { "description": "(Optional) The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.\n", "type": "integer" } }, "required": [ "arn", "cidrIpv4", "cidrIpv6", "description", "fromPort", "id", "ipProtocol", "isEgress", "prefixListId", "referencedSecurityGroupId", "securityGroupId", "securityGroupRuleId", "tags", "toPort" ], "type": "object" } }, "aws:vpc/getSecurityGroupRules:getSecurityGroupRules": { "description": "This resource can be useful for getting back a set of security group rule IDs.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpc.getSecurityGroupRules({\n filters: [{\n name: \"group-id\",\n values: [securityGroupId],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpc.get_security_group_rules(filters=[{\n \"name\": \"group-id\",\n \"values\": [security_group_id],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Vpc.GetSecurityGroupRules.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Vpc.Inputs.GetSecurityGroupRulesFilterInputArgs\n {\n Name = \"group-id\",\n Values = new[]\n {\n securityGroupId,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n_, err := vpc.GetSecurityGroupRules(ctx, \u0026vpc.GetSecurityGroupRulesArgs{\nFilters: []vpc.GetSecurityGroupRulesFilter{\n{\nName: \"group-id\",\nValues: interface{}{\nsecurityGroupId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpc.VpcFunctions;\nimport com.pulumi.aws.vpc.inputs.GetSecurityGroupRulesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpcFunctions.getSecurityGroupRules(GetSecurityGroupRulesArgs.builder()\n .filters(GetSecurityGroupRulesFilterArgs.builder()\n .name(\"group-id\")\n .values(securityGroupId)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpc:getSecurityGroupRules\n Arguments:\n filters:\n - name: group-id\n values:\n - ${securityGroupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSecurityGroupRules.\n", "properties": { "filters": { "type": "array", "items": { "$ref": "#/types/aws:vpc/getSecurityGroupRulesFilter:getSecurityGroupRulesFilter" }, "description": "Custom filter block as described below.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of tags, each pair of which must exactly match\na pair on the desired security group rule.\n\nMore complex filters can be expressed using one or more `filter` sub-blocks,\nwhich take the following arguments:\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSecurityGroupRules.\n", "properties": { "filters": { "items": { "$ref": "#/types/aws:vpc/getSecurityGroupRulesFilter:getSecurityGroupRulesFilter" }, "type": "array" }, "id": { "type": "string" }, "ids": { "description": "List of all the security group rule IDs found.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "id", "ids" ], "type": "object" } }, "aws:vpclattice/getAuthPolicy:getAuthPolicy": { "description": "Data source for managing an AWS VPC Lattice Auth Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = aws.vpclattice.getAuthPolicy({\n resourceIdentifier: testAwsVpclatticeAuthPolicy.resourceIdentifier,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.vpclattice.get_auth_policy(resource_identifier=test_aws_vpclattice_auth_policy[\"resourceIdentifier\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Aws.VpcLattice.GetAuthPolicy.Invoke(new()\n {\n ResourceIdentifier = testAwsVpclatticeAuthPolicy.ResourceIdentifier,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.LookupAuthPolicy(ctx, \u0026vpclattice.LookupAuthPolicyArgs{\n\t\t\tResourceIdentifier: testAwsVpclatticeAuthPolicy.ResourceIdentifier,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.VpclatticeFunctions;\nimport com.pulumi.aws.vpclattice.inputs.GetAuthPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = VpclatticeFunctions.getAuthPolicy(GetAuthPolicyArgs.builder()\n .resourceIdentifier(testAwsVpclatticeAuthPolicy.resourceIdentifier())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: aws:vpclattice:getAuthPolicy\n Arguments:\n resourceIdentifier: ${testAwsVpclatticeAuthPolicy.resourceIdentifier}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getAuthPolicy.\n", "properties": { "policy": { "type": "string", "description": "The auth policy. The policy string in JSON must not contain newlines or blank lines.\n" }, "resourceIdentifier": { "type": "string", "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.\n" }, "state": { "type": "string", "description": "The state of the auth policy. The auth policy is only active when the auth type is set to AWS_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is NONE, then, any auth policy you provide will remain inactive.\n" } }, "type": "object", "required": [ "resourceIdentifier" ] }, "outputs": { "description": "A collection of values returned by getAuthPolicy.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "policy": { "description": "The auth policy. The policy string in JSON must not contain newlines or blank lines.\n", "type": "string" }, "resourceIdentifier": { "type": "string" }, "state": { "description": "The state of the auth policy. The auth policy is only active when the auth type is set to AWS_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is NONE, then, any auth policy you provide will remain inactive.\n", "type": "string" } }, "required": [ "resourceIdentifier", "id" ], "type": "object" } }, "aws:vpclattice/getListener:getListener": { "description": "Data source for managing an AWS VPC Lattice Listener.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpclattice.getListener({});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.get_listener()\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.VpcLattice.GetListener.Invoke();\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.LookupListener(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.VpclatticeFunctions;\nimport com.pulumi.aws.vpclattice.inputs.GetListenerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpclatticeFunctions.getListener();\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpclattice:getListener\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getListener.\n", "properties": { "listenerIdentifier": { "type": "string", "description": "ID or Amazon Resource Name (ARN) of the listener\n" }, "serviceIdentifier": { "type": "string", "description": "ID or Amazon Resource Name (ARN) of the service network\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags associated with the listener.\n" } }, "type": "object", "required": [ "listenerIdentifier", "serviceIdentifier" ] }, "outputs": { "description": "A collection of values returned by getListener.\n", "properties": { "arn": { "description": "ARN of the listener.\n", "type": "string" }, "createdAt": { "description": "The date and time that the listener was created.\n", "type": "string" }, "defaultActions": { "description": "The actions for the default listener rule.\n", "items": { "$ref": "#/types/aws:vpclattice/getListenerDefaultAction:getListenerDefaultAction" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedAt": { "description": "The date and time the listener was last updated.\n", "type": "string" }, "listenerId": { "description": "The ID of the listener.\n", "type": "string" }, "listenerIdentifier": { "type": "string" }, "name": { "description": "The name of the listener.\n", "type": "string" }, "port": { "description": "The listener port.\n", "type": "integer" }, "protocol": { "description": "The listener protocol. Either `HTTPS` or `HTTP`.\n", "type": "string" }, "serviceArn": { "description": "The ARN of the service.\n", "type": "string" }, "serviceId": { "description": "The ID of the service.\n", "type": "string" }, "serviceIdentifier": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "List of tags associated with the listener.\n", "type": "object" } }, "required": [ "arn", "createdAt", "defaultActions", "lastUpdatedAt", "listenerId", "listenerIdentifier", "name", "port", "protocol", "serviceArn", "serviceId", "serviceIdentifier", "tags", "id" ], "type": "object" } }, "aws:vpclattice/getResourcePolicy:getResourcePolicy": { "description": "Data source for managing an AWS VPC Lattice Resource Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpclattice.getResourcePolicy({\n resourceArn: exampleAwsVpclatticeServiceNetwork.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.get_resource_policy(resource_arn=example_aws_vpclattice_service_network[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.VpcLattice.GetResourcePolicy.Invoke(new()\n {\n ResourceArn = exampleAwsVpclatticeServiceNetwork.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.LookupResourcePolicy(ctx, \u0026vpclattice.LookupResourcePolicyArgs{\n\t\t\tResourceArn: exampleAwsVpclatticeServiceNetwork.Arn,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.VpclatticeFunctions;\nimport com.pulumi.aws.vpclattice.inputs.GetResourcePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpclatticeFunctions.getResourcePolicy(GetResourcePolicyArgs.builder()\n .resourceArn(exampleAwsVpclatticeServiceNetwork.arn())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpclattice:getResourcePolicy\n Arguments:\n resourceArn: ${exampleAwsVpclatticeServiceNetwork.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getResourcePolicy.\n", "properties": { "resourceArn": { "type": "string", "description": "Resource ARN of the resource for which a policy is retrieved.\n" } }, "type": "object", "required": [ "resourceArn" ] }, "outputs": { "description": "A collection of values returned by getResourcePolicy.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "policy": { "description": "JSON-encoded string representation of the applied resource policy.\n", "type": "string" }, "resourceArn": { "type": "string" } }, "required": [ "policy", "resourceArn", "id" ], "type": "object" } }, "aws:vpclattice/getService:getService": { "description": "Data source for managing an AWS VPC Lattice Service.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpclattice.getService({\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.get_service(name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.VpcLattice.GetService.Invoke(new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.LookupService(ctx, \u0026vpclattice.LookupServiceArgs{\n\t\t\tName: pulumi.StringRef(\"example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.VpclatticeFunctions;\nimport com.pulumi.aws.vpclattice.inputs.GetServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpclatticeFunctions.getService(GetServiceArgs.builder()\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpclattice:getService\n Arguments:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getService.\n", "properties": { "name": { "type": "string", "description": "Service name.\n" }, "serviceIdentifier": { "type": "string", "description": "ID or Amazon Resource Name (ARN) of the service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of tags associated with the service.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getService.\n", "properties": { "arn": { "description": "ARN of the service.\n", "type": "string" }, "authType": { "description": "Type of IAM policy. Either `NONE` or `AWS_IAM`.\n", "type": "string" }, "certificateArn": { "description": "Amazon Resource Name (ARN) of the certificate.\n", "type": "string" }, "customDomainName": { "description": "Custom domain name of the service.\n", "type": "string" }, "dnsEntries": { "description": "DNS name of the service.\n", "items": { "$ref": "#/types/aws:vpclattice/getServiceDnsEntry:getServiceDnsEntry" }, "type": "array" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "serviceIdentifier": { "type": "string" }, "status": { "description": "Status of the service.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "description": "List of tags associated with the service.\n", "type": "object" } }, "required": [ "arn", "authType", "certificateArn", "customDomainName", "dnsEntries", "name", "serviceIdentifier", "status", "tags", "id" ], "type": "object" } }, "aws:vpclattice/getServiceNetwork:getServiceNetwork": { "description": "Data source for managing an AWS VPC Lattice Service Network.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.vpclattice.getServiceNetwork({\n serviceNetworkIdentifier: \"snsa-01112223334445556\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.get_service_network(service_network_identifier=\"snsa-01112223334445556\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.VpcLattice.GetServiceNetwork.Invoke(new()\n {\n ServiceNetworkIdentifier = \"snsa-01112223334445556\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.LookupServiceNetwork(ctx, \u0026vpclattice.LookupServiceNetworkArgs{\n\t\t\tServiceNetworkIdentifier: \"snsa-01112223334445556\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.VpclatticeFunctions;\nimport com.pulumi.aws.vpclattice.inputs.GetServiceNetworkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VpclatticeFunctions.getServiceNetwork(GetServiceNetworkArgs.builder()\n .serviceNetworkIdentifier(\"snsa-01112223334445556\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:vpclattice:getServiceNetwork\n Arguments:\n serviceNetworkIdentifier: snsa-01112223334445556\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getServiceNetwork.\n", "properties": { "serviceNetworkIdentifier": { "type": "string", "description": "Identifier of the service network.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "serviceNetworkIdentifier" ] }, "outputs": { "description": "A collection of values returned by getServiceNetwork.\n", "properties": { "arn": { "description": "ARN of the Service Network.\n", "type": "string" }, "authType": { "description": "Authentication type for the service network. Either `NONE` or `AWS_IAM`.\n", "type": "string" }, "createdAt": { "description": "Date and time the service network was created.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "lastUpdatedAt": { "description": "Date and time the service network was last updated.\n", "type": "string" }, "name": { "description": "Name of the service network.\n", "type": "string" }, "numberOfAssociatedServices": { "description": "Number of services associated with this service network.\n", "type": "integer" }, "numberOfAssociatedVpcs": { "description": "Number of VPCs associated with this service network.\n", "type": "integer" }, "serviceNetworkIdentifier": { "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" } }, "required": [ "arn", "authType", "createdAt", "lastUpdatedAt", "name", "numberOfAssociatedServices", "numberOfAssociatedVpcs", "serviceNetworkIdentifier", "tags", "id" ], "type": "object" } }, "aws:waf/getIpset:getIpset": { "description": "`aws.waf.IpSet` Retrieves a WAF IP Set Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.waf.getIpset({\n name: \"tfWAFIPSet\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_ipset(name=\"tfWAFIPSet\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Waf.GetIpset.Invoke(new()\n {\n Name = \"tfWAFIPSet\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.GetIpset(ctx, \u0026waf.GetIpsetArgs{\n\t\t\tName: \"tfWAFIPSet\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WafFunctions;\nimport com.pulumi.aws.waf.inputs.GetIpsetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafFunctions.getIpset(GetIpsetArgs.builder()\n .name(\"tfWAFIPSet\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:waf:getIpset\n Arguments:\n name: tfWAFIPSet\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIpset.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF IP set.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getIpset.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:waf/getRateBasedRule:getRateBasedRule": { "description": "`aws.waf.RateBasedRule` Retrieves a WAF Rate Based Rule Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.waf.getRateBasedRule({\n name: \"tfWAFRateBasedRule\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_rate_based_rule(name=\"tfWAFRateBasedRule\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Waf.GetRateBasedRule.Invoke(new()\n {\n Name = \"tfWAFRateBasedRule\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupRateBasedRule(ctx, \u0026waf.LookupRateBasedRuleArgs{\n\t\t\tName: \"tfWAFRateBasedRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WafFunctions;\nimport com.pulumi.aws.waf.inputs.GetRateBasedRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafFunctions.getRateBasedRule(GetRateBasedRuleArgs.builder()\n .name(\"tfWAFRateBasedRule\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:waf:getRateBasedRule\n Arguments:\n name: tfWAFRateBasedRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRateBasedRule.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF rate based rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRateBasedRule.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:waf/getRule:getRule": { "description": "`aws.waf.Rule` Retrieves a WAF Rule Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.waf.getRule({\n name: \"tfWAFRule\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_rule(name=\"tfWAFRule\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Waf.GetRule.Invoke(new()\n {\n Name = \"tfWAFRule\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupRule(ctx, \u0026waf.LookupRuleArgs{\n\t\t\tName: \"tfWAFRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WafFunctions;\nimport com.pulumi.aws.waf.inputs.GetRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafFunctions.getRule(GetRuleArgs.builder()\n .name(\"tfWAFRule\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:waf:getRule\n Arguments:\n name: tfWAFRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRule.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRule.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:waf/getSubscribedRuleGroup:getSubscribedRuleGroup": { "description": "`aws.waf.getSubscribedRuleGroup` retrieves information about a Managed WAF Rule Group from AWS Marketplace (needs to be subscribed to first).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byName = aws.waf.getSubscribedRuleGroup({\n name: \"F5 Bot Detection Signatures For AWS WAF\",\n});\nconst byMetricName = aws.waf.getSubscribedRuleGroup({\n metricName: \"F5BotDetectionSignatures\",\n});\nconst acl = new aws.waf.WebAcl(\"acl\", {rules: [\n {\n priority: 1,\n ruleId: byName.then(byName =\u003e byName.id),\n type: \"GROUP\",\n },\n {\n priority: 2,\n ruleId: byMetricName.then(byMetricName =\u003e byMetricName.id),\n type: \"GROUP\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_name = aws.waf.get_subscribed_rule_group(name=\"F5 Bot Detection Signatures For AWS WAF\")\nby_metric_name = aws.waf.get_subscribed_rule_group(metric_name=\"F5BotDetectionSignatures\")\nacl = aws.waf.WebAcl(\"acl\", rules=[\n {\n \"priority\": 1,\n \"rule_id\": by_name.id,\n \"type\": \"GROUP\",\n },\n {\n \"priority\": 2,\n \"rule_id\": by_metric_name.id,\n \"type\": \"GROUP\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byName = Aws.Waf.GetSubscribedRuleGroup.Invoke(new()\n {\n Name = \"F5 Bot Detection Signatures For AWS WAF\",\n });\n\n var byMetricName = Aws.Waf.GetSubscribedRuleGroup.Invoke(new()\n {\n MetricName = \"F5BotDetectionSignatures\",\n });\n\n var acl = new Aws.Waf.WebAcl(\"acl\", new()\n {\n Rules = new[]\n {\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Priority = 1,\n RuleId = byName.Apply(getSubscribedRuleGroupResult =\u003e getSubscribedRuleGroupResult.Id),\n Type = \"GROUP\",\n },\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Priority = 2,\n RuleId = byMetricName.Apply(getSubscribedRuleGroupResult =\u003e getSubscribedRuleGroupResult.Id),\n Type = \"GROUP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbyName, err := waf.GetSubscribedRuleGroup(ctx, \u0026waf.GetSubscribedRuleGroupArgs{\n\t\t\tName: pulumi.StringRef(\"F5 Bot Detection Signatures For AWS WAF\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbyMetricName, err := waf.GetSubscribedRuleGroup(ctx, \u0026waf.GetSubscribedRuleGroupArgs{\n\t\t\tMetricName: pulumi.StringRef(\"F5BotDetectionSignatures\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewWebAcl(ctx, \"acl\", \u0026waf.WebAclArgs{\n\t\t\tRules: waf.WebAclRuleArray{\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: pulumi.String(byName.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t},\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tRuleId: pulumi.String(byMetricName.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WafFunctions;\nimport com.pulumi.aws.waf.inputs.GetSubscribedRuleGroupArgs;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byName = WafFunctions.getSubscribedRuleGroup(GetSubscribedRuleGroupArgs.builder()\n .name(\"F5 Bot Detection Signatures For AWS WAF\")\n .build());\n\n final var byMetricName = WafFunctions.getSubscribedRuleGroup(GetSubscribedRuleGroupArgs.builder()\n .metricName(\"F5BotDetectionSignatures\")\n .build());\n\n var acl = new WebAcl(\"acl\", WebAclArgs.builder()\n .rules( \n WebAclRuleArgs.builder()\n .priority(1)\n .ruleId(byName.applyValue(getSubscribedRuleGroupResult -\u003e getSubscribedRuleGroupResult.id()))\n .type(\"GROUP\")\n .build(),\n WebAclRuleArgs.builder()\n .priority(2)\n .ruleId(byMetricName.applyValue(getSubscribedRuleGroupResult -\u003e getSubscribedRuleGroupResult.id()))\n .type(\"GROUP\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n acl:\n type: aws:waf:WebAcl\n properties:\n rules:\n - priority: 1\n ruleId: ${byName.id}\n type: GROUP\n - priority: 2\n ruleId: ${byMetricName.id}\n type: GROUP\nvariables:\n byName:\n fn::invoke:\n Function: aws:waf:getSubscribedRuleGroup\n Arguments:\n name: F5 Bot Detection Signatures For AWS WAF\n byMetricName:\n fn::invoke:\n Function: aws:waf:getSubscribedRuleGroup\n Arguments:\n metricName: F5BotDetectionSignatures\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubscribedRuleGroup.\n", "properties": { "metricName": { "type": "string", "description": "Name of the WAF rule group.\n" }, "name": { "type": "string", "description": "Name of the WAF rule group.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSubscribedRuleGroup.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "metricName": { "type": "string" }, "name": { "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:waf/getWebAcl:getWebAcl": { "description": "`aws.waf.WebAcl` Retrieves a WAF Web ACL Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.waf.getWebAcl({\n name: \"tfWAFWebACL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.get_web_acl(name=\"tfWAFWebACL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Waf.GetWebAcl.Invoke(new()\n {\n Name = \"tfWAFWebACL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.LookupWebAcl(ctx, \u0026waf.LookupWebAclArgs{\n\t\t\tName: \"tfWAFWebACL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WafFunctions;\nimport com.pulumi.aws.waf.inputs.GetWebAclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafFunctions.getWebAcl(GetWebAclArgs.builder()\n .name(\"tfWAFWebACL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:waf:getWebAcl\n Arguments:\n name: tfWAFWebACL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF Web ACL.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:wafregional/getIpset:getIpset": { "description": "`aws.wafregional.IpSet` Retrieves a WAF Regional IP Set Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafregional.getIpset({\n name: \"tfWAFRegionalIPSet\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_ipset(name=\"tfWAFRegionalIPSet\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafRegional.GetIpset.Invoke(new()\n {\n Name = \"tfWAFRegionalIPSet\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.GetIpset(ctx, \u0026wafregional.GetIpsetArgs{\n\t\t\tName: \"tfWAFRegionalIPSet\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WafregionalFunctions;\nimport com.pulumi.aws.wafregional.inputs.GetIpsetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafregionalFunctions.getIpset(GetIpsetArgs.builder()\n .name(\"tfWAFRegionalIPSet\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafregional:getIpset\n Arguments:\n name: tfWAFRegionalIPSet\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIpset.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF Regional IP set.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getIpset.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:wafregional/getRateBasedMod:getRateBasedMod": { "description": "`aws.wafregional.RateBasedRule` Retrieves a WAF Regional Rate Based Rule Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafregional.getRateBasedMod({\n name: \"tfWAFRegionalRateBasedRule\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_rate_based_mod(name=\"tfWAFRegionalRateBasedRule\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafRegional.GetRateBasedMod.Invoke(new()\n {\n Name = \"tfWAFRegionalRateBasedRule\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.GetRateBasedMod(ctx, \u0026wafregional.GetRateBasedModArgs{\n\t\t\tName: \"tfWAFRegionalRateBasedRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WafregionalFunctions;\nimport com.pulumi.aws.wafregional.inputs.GetRateBasedModArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafregionalFunctions.getRateBasedMod(GetRateBasedModArgs.builder()\n .name(\"tfWAFRegionalRateBasedRule\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafregional:getRateBasedMod\n Arguments:\n name: tfWAFRegionalRateBasedRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRateBasedMod.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF Regional rate based rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRateBasedMod.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:wafregional/getRule:getRule": { "description": "`aws.wafregional.Rule` Retrieves a WAF Regional Rule Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafregional.getRule({\n name: \"tfWAFRegionalRule\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_rule(name=\"tfWAFRegionalRule\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafRegional.GetRule.Invoke(new()\n {\n Name = \"tfWAFRegionalRule\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.LookupRule(ctx, \u0026wafregional.LookupRuleArgs{\n\t\t\tName: \"tfWAFRegionalRule\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WafregionalFunctions;\nimport com.pulumi.aws.wafregional.inputs.GetRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafregionalFunctions.getRule(GetRuleArgs.builder()\n .name(\"tfWAFRegionalRule\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafregional:getRule\n Arguments:\n name: tfWAFRegionalRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRule.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF Regional rule.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getRule.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:wafregional/getSubscribedRuleGroup:getSubscribedRuleGroup": { "description": "`aws.wafregional.getSubscribedRuleGroup` retrieves information about a Managed WAF Rule Group from AWS Marketplace for use in WAF Regional (needs to be subscribed to first).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byName = aws.wafregional.getSubscribedRuleGroup({\n name: \"F5 Bot Detection Signatures For AWS WAF\",\n});\nconst byMetricName = aws.wafregional.getSubscribedRuleGroup({\n metricName: \"F5BotDetectionSignatures\",\n});\nconst acl = new aws.wafregional.WebAcl(\"acl\", {rules: [\n {\n priority: 1,\n ruleId: byName.then(byName =\u003e byName.id),\n type: \"GROUP\",\n },\n {\n priority: 2,\n ruleId: byMetricName.then(byMetricName =\u003e byMetricName.id),\n type: \"GROUP\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nby_name = aws.wafregional.get_subscribed_rule_group(name=\"F5 Bot Detection Signatures For AWS WAF\")\nby_metric_name = aws.wafregional.get_subscribed_rule_group(metric_name=\"F5BotDetectionSignatures\")\nacl = aws.wafregional.WebAcl(\"acl\", rules=[\n {\n \"priority\": 1,\n \"rule_id\": by_name.id,\n \"type\": \"GROUP\",\n },\n {\n \"priority\": 2,\n \"rule_id\": by_metric_name.id,\n \"type\": \"GROUP\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byName = Aws.WafRegional.GetSubscribedRuleGroup.Invoke(new()\n {\n Name = \"F5 Bot Detection Signatures For AWS WAF\",\n });\n\n var byMetricName = Aws.WafRegional.GetSubscribedRuleGroup.Invoke(new()\n {\n MetricName = \"F5BotDetectionSignatures\",\n });\n\n var acl = new Aws.WafRegional.WebAcl(\"acl\", new()\n {\n Rules = new[]\n {\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Priority = 1,\n RuleId = byName.Apply(getSubscribedRuleGroupResult =\u003e getSubscribedRuleGroupResult.Id),\n Type = \"GROUP\",\n },\n new Aws.WafRegional.Inputs.WebAclRuleArgs\n {\n Priority = 2,\n RuleId = byMetricName.Apply(getSubscribedRuleGroupResult =\u003e getSubscribedRuleGroupResult.Id),\n Type = \"GROUP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbyName, err := wafregional.GetSubscribedRuleGroup(ctx, \u0026wafregional.GetSubscribedRuleGroupArgs{\n\t\t\tName: pulumi.StringRef(\"F5 Bot Detection Signatures For AWS WAF\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbyMetricName, err := wafregional.GetSubscribedRuleGroup(ctx, \u0026wafregional.GetSubscribedRuleGroupArgs{\n\t\t\tMetricName: pulumi.StringRef(\"F5BotDetectionSignatures\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewWebAcl(ctx, \"acl\", \u0026wafregional.WebAclArgs{\n\t\t\tRules: wafregional.WebAclRuleArray{\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: pulumi.String(byName.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t},\n\t\t\t\t\u0026wafregional.WebAclRuleArgs{\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tRuleId: pulumi.String(byMetricName.Id),\n\t\t\t\t\tType: pulumi.String(\"GROUP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WafregionalFunctions;\nimport com.pulumi.aws.wafregional.inputs.GetSubscribedRuleGroupArgs;\nimport com.pulumi.aws.wafregional.WebAcl;\nimport com.pulumi.aws.wafregional.WebAclArgs;\nimport com.pulumi.aws.wafregional.inputs.WebAclRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var byName = WafregionalFunctions.getSubscribedRuleGroup(GetSubscribedRuleGroupArgs.builder()\n .name(\"F5 Bot Detection Signatures For AWS WAF\")\n .build());\n\n final var byMetricName = WafregionalFunctions.getSubscribedRuleGroup(GetSubscribedRuleGroupArgs.builder()\n .metricName(\"F5BotDetectionSignatures\")\n .build());\n\n var acl = new WebAcl(\"acl\", WebAclArgs.builder()\n .rules( \n WebAclRuleArgs.builder()\n .priority(1)\n .ruleId(byName.applyValue(getSubscribedRuleGroupResult -\u003e getSubscribedRuleGroupResult.id()))\n .type(\"GROUP\")\n .build(),\n WebAclRuleArgs.builder()\n .priority(2)\n .ruleId(byMetricName.applyValue(getSubscribedRuleGroupResult -\u003e getSubscribedRuleGroupResult.id()))\n .type(\"GROUP\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n acl:\n type: aws:wafregional:WebAcl\n properties:\n rules:\n - priority: 1\n ruleId: ${byName.id}\n type: GROUP\n - priority: 2\n ruleId: ${byMetricName.id}\n type: GROUP\nvariables:\n byName:\n fn::invoke:\n Function: aws:wafregional:getSubscribedRuleGroup\n Arguments:\n name: F5 Bot Detection Signatures For AWS WAF\n byMetricName:\n fn::invoke:\n Function: aws:wafregional:getSubscribedRuleGroup\n Arguments:\n metricName: F5BotDetectionSignatures\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getSubscribedRuleGroup.\n", "properties": { "metricName": { "type": "string", "description": "Name of the WAF rule group.\n" }, "name": { "type": "string", "description": "Name of the WAF rule group.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getSubscribedRuleGroup.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "metricName": { "type": "string" }, "name": { "type": "string" } }, "required": [ "id" ], "type": "object" } }, "aws:wafregional/getWebAcl:getWebAcl": { "description": "`aws.wafregional.WebAcl` Retrieves a WAF Regional Web ACL Resource Id.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafregional.getWebAcl({\n name: \"tfWAFRegionalWebACL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafregional.get_web_acl(name=\"tfWAFRegionalWebACL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafRegional.GetWebAcl.Invoke(new()\n {\n Name = \"tfWAFRegionalWebACL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafregional.LookupWebAcl(ctx, \u0026wafregional.LookupWebAclArgs{\n\t\t\tName: \"tfWAFRegionalWebACL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.WafregionalFunctions;\nimport com.pulumi.aws.wafregional.inputs.GetWebAclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WafregionalFunctions.getWebAcl(GetWebAclArgs.builder()\n .name(\"tfWAFRegionalWebACL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafregional:getWebAcl\n Arguments:\n name: tfWAFRegionalWebACL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "Name of the WAF Regional Web ACL.\n" } }, "type": "object", "required": [ "name" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" } }, "required": [ "name", "id" ], "type": "object" } }, "aws:wafv2/getIpSet:getIpSet": { "description": "Retrieves the summary of a WAFv2 IP Set.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafv2.getIpSet({\n name: \"some-ip-set\",\n scope: \"REGIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_ip_set(name=\"some-ip-set\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafV2.GetIpSet.Invoke(new()\n {\n Name = \"some-ip-set\",\n Scope = \"REGIONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupIpSet(ctx, \u0026wafv2.LookupIpSetArgs{\n\t\t\tName: \"some-ip-set\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.Wafv2Functions;\nimport com.pulumi.aws.wafv2.inputs.GetIpSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Wafv2Functions.getIpSet(GetIpSetArgs.builder()\n .name(\"some-ip-set\")\n .scope(\"REGIONAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafv2:getIpSet\n Arguments:\n name: some-ip-set\n scope: REGIONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getIpSet.\n", "properties": { "name": { "type": "string", "description": "Name of the WAFv2 IP Set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getIpSet.\n", "properties": { "addresses": { "description": "An array of strings that specifies zero or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation.\n", "items": { "type": "string" }, "type": "array" }, "arn": { "description": "ARN of the entity.\n", "type": "string" }, "description": { "description": "Description of the set that helps with identification.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddressVersion": { "description": "IP address version of the set.\n", "type": "string" }, "name": { "type": "string" }, "scope": { "type": "string" } }, "required": [ "addresses", "arn", "description", "ipAddressVersion", "name", "scope", "id" ], "type": "object" } }, "aws:wafv2/getRegexPatternSet:getRegexPatternSet": { "description": "Retrieves the summary of a WAFv2 Regex Pattern Set.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafv2.getRegexPatternSet({\n name: \"some-regex-pattern-set\",\n scope: \"REGIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_regex_pattern_set(name=\"some-regex-pattern-set\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafV2.GetRegexPatternSet.Invoke(new()\n {\n Name = \"some-regex-pattern-set\",\n Scope = \"REGIONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupRegexPatternSet(ctx, \u0026wafv2.LookupRegexPatternSetArgs{\n\t\t\tName: \"some-regex-pattern-set\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.Wafv2Functions;\nimport com.pulumi.aws.wafv2.inputs.GetRegexPatternSetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Wafv2Functions.getRegexPatternSet(GetRegexPatternSetArgs.builder()\n .name(\"some-regex-pattern-set\")\n .scope(\"REGIONAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafv2:getRegexPatternSet\n Arguments:\n name: some-regex-pattern-set\n scope: REGIONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRegexPatternSet.\n", "properties": { "name": { "type": "string", "description": "Name of the WAFv2 Regex Pattern Set.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getRegexPatternSet.\n", "properties": { "arn": { "description": "ARN of the entity.\n", "type": "string" }, "description": { "description": "Description of the set that helps with identification.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "regularExpressions": { "description": "One or more blocks of regular expression patterns that AWS WAF is searching for. See Regular Expression below for details.\n", "items": { "$ref": "#/types/aws:wafv2/getRegexPatternSetRegularExpression:getRegexPatternSetRegularExpression" }, "type": "array" }, "scope": { "type": "string" } }, "required": [ "arn", "description", "name", "regularExpressions", "scope", "id" ], "type": "object" } }, "aws:wafv2/getRuleGroup:getRuleGroup": { "description": "Retrieves the summary of a WAFv2 Rule Group.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafv2.getRuleGroup({\n name: \"some-rule-group\",\n scope: \"REGIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_rule_group(name=\"some-rule-group\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafV2.GetRuleGroup.Invoke(new()\n {\n Name = \"some-rule-group\",\n Scope = \"REGIONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupRuleGroup(ctx, \u0026wafv2.LookupRuleGroupArgs{\n\t\t\tName: \"some-rule-group\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.Wafv2Functions;\nimport com.pulumi.aws.wafv2.inputs.GetRuleGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Wafv2Functions.getRuleGroup(GetRuleGroupArgs.builder()\n .name(\"some-rule-group\")\n .scope(\"REGIONAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafv2:getRuleGroup\n Arguments:\n name: some-rule-group\n scope: REGIONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRuleGroup.\n", "properties": { "name": { "type": "string", "description": "Name of the WAFv2 Rule Group.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getRuleGroup.\n", "properties": { "arn": { "description": "ARN of the entity.\n", "type": "string" }, "description": { "description": "Description of the rule group that helps with identification.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "scope": { "type": "string" } }, "required": [ "arn", "description", "name", "scope", "id" ], "type": "object" } }, "aws:wafv2/getWebAcl:getWebAcl": { "description": "Retrieves the summary of a WAFv2 Web ACL.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.wafv2.getWebAcl({\n name: \"some-web-acl\",\n scope: \"REGIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.get_web_acl(name=\"some-web-acl\",\n scope=\"REGIONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.WafV2.GetWebAcl.Invoke(new()\n {\n Name = \"some-web-acl\",\n Scope = \"REGIONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.LookupWebAcl(ctx, \u0026wafv2.LookupWebAclArgs{\n\t\t\tName: \"some-web-acl\",\n\t\t\tScope: \"REGIONAL\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.Wafv2Functions;\nimport com.pulumi.aws.wafv2.inputs.GetWebAclArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Wafv2Functions.getWebAcl(GetWebAclArgs.builder()\n .name(\"some-web-acl\")\n .scope(\"REGIONAL\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:wafv2:getWebAcl\n Arguments:\n name: some-web-acl\n scope: REGIONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWebAcl.\n", "properties": { "name": { "type": "string", "description": "Name of the WAFv2 Web ACL.\n" }, "scope": { "type": "string", "description": "Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.\n" } }, "type": "object", "required": [ "name", "scope" ] }, "outputs": { "description": "A collection of values returned by getWebAcl.\n", "properties": { "arn": { "description": "ARN of the entity.\n", "type": "string" }, "description": { "description": "Description of the WebACL that helps with identification.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "type": "string" }, "scope": { "type": "string" } }, "required": [ "arn", "description", "name", "scope", "id" ], "type": "object" } }, "aws:workspaces/getBundle:getBundle": { "description": "Retrieve information about an AWS WorkSpaces bundle.\n\n## Example Usage\n\n### By ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getBundle({\n bundleId: \"wsb-b0s22j3d7\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_bundle(bundle_id=\"wsb-b0s22j3d7\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetBundle.Invoke(new()\n {\n BundleId = \"wsb-b0s22j3d7\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.GetBundle(ctx, \u0026workspaces.GetBundleArgs{\n\t\t\tBundleId: pulumi.StringRef(\"wsb-b0s22j3d7\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetBundleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getBundle(GetBundleArgs.builder()\n .bundleId(\"wsb-b0s22j3d7\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getBundle\n Arguments:\n bundleId: wsb-b0s22j3d7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### By Owner \u0026 Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getBundle({\n owner: \"AMAZON\",\n name: \"Value with Windows 10 and Office 2016\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_bundle(owner=\"AMAZON\",\n name=\"Value with Windows 10 and Office 2016\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetBundle.Invoke(new()\n {\n Owner = \"AMAZON\",\n Name = \"Value with Windows 10 and Office 2016\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.GetBundle(ctx, \u0026workspaces.GetBundleArgs{\n\t\t\tOwner: pulumi.StringRef(\"AMAZON\"),\n\t\t\tName: pulumi.StringRef(\"Value with Windows 10 and Office 2016\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetBundleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getBundle(GetBundleArgs.builder()\n .owner(\"AMAZON\")\n .name(\"Value with Windows 10 and Office 2016\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getBundle\n Arguments:\n owner: AMAZON\n name: Value with Windows 10 and Office 2016\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getBundle.\n", "properties": { "bundleId": { "type": "string", "description": "ID of the bundle.\n" }, "name": { "type": "string", "description": "Name of the bundle. You cannot combine this parameter with `bundle_id`.\n" }, "owner": { "type": "string", "description": "Owner of the bundles. You have to leave it blank for own bundles. You cannot combine this parameter with `bundle_id`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getBundle.\n", "properties": { "bundleId": { "description": "The ID of the bundle.\n", "type": "string" }, "computeTypes": { "description": "The compute type. See supported fields below.\n", "items": { "$ref": "#/types/aws:workspaces/getBundleComputeType:getBundleComputeType" }, "type": "array" }, "description": { "description": "The description of the bundle.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "name": { "description": "Name of the compute type.\n", "type": "string" }, "owner": { "description": "The owner of the bundle.\n", "type": "string" }, "rootStorages": { "description": "The root volume. See supported fields below.\n", "items": { "$ref": "#/types/aws:workspaces/getBundleRootStorage:getBundleRootStorage" }, "type": "array" }, "userStorages": { "description": "The user storage. See supported fields below.\n", "items": { "$ref": "#/types/aws:workspaces/getBundleUserStorage:getBundleUserStorage" }, "type": "array" } }, "required": [ "computeTypes", "description", "rootStorages", "userStorages", "id" ], "type": "object" } }, "aws:workspaces/getDirectory:getDirectory": { "description": "Retrieve information about an AWS WorkSpaces directory.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getDirectory({\n directoryId: \"d-9067783251\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_directory(directory_id=\"d-9067783251\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetDirectory.Invoke(new()\n {\n DirectoryId = \"d-9067783251\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.LookupDirectory(ctx, \u0026workspaces.LookupDirectoryArgs{\n\t\t\tDirectoryId: \"d-9067783251\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetDirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getDirectory(GetDirectoryArgs.builder()\n .directoryId(\"d-9067783251\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getDirectory\n Arguments:\n directoryId: d-9067783251\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getDirectory.\n", "properties": { "directoryId": { "type": "string", "description": "Directory identifier for registration in WorkSpaces service.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory.\n" } }, "type": "object", "required": [ "directoryId" ] }, "outputs": { "description": "A collection of values returned by getDirectory.\n", "properties": { "alias": { "description": "Directory alias.\n", "type": "string" }, "customerUserName": { "description": "User name for the service account.\n", "type": "string" }, "directoryId": { "type": "string" }, "directoryName": { "description": "Name of the directory.\n", "type": "string" }, "directoryType": { "description": "Directory type.\n", "type": "string" }, "dnsIpAddresses": { "description": "IP addresses of the DNS servers for the directory.\n", "items": { "type": "string" }, "type": "array" }, "iamRoleId": { "description": "Identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipGroupIds": { "description": "Identifiers of the IP access control groups associated with the directory.\n", "items": { "type": "string" }, "type": "array" }, "registrationCode": { "description": "Registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.\n", "type": "string" }, "selfServicePermissions": { "description": "The permissions to enable or disable self-service capabilities.\n", "items": { "$ref": "#/types/aws:workspaces/getDirectorySelfServicePermission:getDirectorySelfServicePermission" }, "type": "array" }, "subnetIds": { "description": "Identifiers of the subnets where the directory resides.\n", "items": { "type": "string" }, "type": "array" }, "tags": { "additionalProperties": { "type": "string" }, "description": "A map of tags assigned to the WorkSpaces directory.\n", "type": "object" }, "workspaceAccessProperties": { "description": "(Optional) Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.\n", "items": { "$ref": "#/types/aws:workspaces/getDirectoryWorkspaceAccessProperty:getDirectoryWorkspaceAccessProperty" }, "type": "array" }, "workspaceCreationProperties": { "description": "The default properties that are used for creating WorkSpaces. Defined below.\n", "items": { "$ref": "#/types/aws:workspaces/getDirectoryWorkspaceCreationProperty:getDirectoryWorkspaceCreationProperty" }, "type": "array" }, "workspaceSecurityGroupId": { "description": "The identifier of the security group that is assigned to new WorkSpaces. Defined below.\n", "type": "string" } }, "required": [ "alias", "customerUserName", "directoryId", "directoryName", "directoryType", "dnsIpAddresses", "iamRoleId", "ipGroupIds", "registrationCode", "selfServicePermissions", "subnetIds", "workspaceAccessProperties", "workspaceCreationProperties", "workspaceSecurityGroupId", "id" ], "type": "object" } }, "aws:workspaces/getImage:getImage": { "description": "Use this data source to get information about a Workspaces image.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getImage({\n imageId: \"wsi-ten5h0y19\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_image(image_id=\"wsi-ten5h0y19\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetImage.Invoke(new()\n {\n ImageId = \"wsi-ten5h0y19\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.GetImage(ctx, \u0026workspaces.GetImageArgs{\n\t\t\tImageId: \"wsi-ten5h0y19\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getImage(GetImageArgs.builder()\n .imageId(\"wsi-ten5h0y19\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getImage\n Arguments:\n imageId: wsi-ten5h0y19\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getImage.\n", "properties": { "imageId": { "type": "string", "description": "ID of the image.\n" } }, "type": "object", "required": [ "imageId" ] }, "outputs": { "description": "A collection of values returned by getImage.\n", "properties": { "description": { "description": "The description of the image.\n", "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "imageId": { "type": "string" }, "name": { "description": "The name of the image.\n", "type": "string" }, "operatingSystemType": { "type": "string" }, "requiredTenancy": { "description": "Specifies whether the image is running on dedicated hardware. When Bring Your Own License (BYOL) is enabled, this value is set to DEDICATED. For more information, see [Bring Your Own Windows Desktop Images](https://docs.aws.amazon.com/workspaces/latest/adminguide/byol-windows-images.html).\n", "type": "string" }, "state": { "description": "The status of the image.\n", "type": "string" } }, "required": [ "description", "imageId", "name", "operatingSystemType", "requiredTenancy", "state", "id" ], "type": "object" } }, "aws:workspaces/getWorkspace:getWorkspace": { "description": "Use this data source to get information about a workspace in [AWS Workspaces](https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html) Service.\n\n## Example Usage\n\n### Filter By Workspace ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getWorkspace({\n workspaceId: \"ws-cj5xcxsz5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_workspace(workspace_id=\"ws-cj5xcxsz5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetWorkspace.Invoke(new()\n {\n WorkspaceId = \"ws-cj5xcxsz5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.LookupWorkspace(ctx, \u0026workspaces.LookupWorkspaceArgs{\n\t\t\tWorkspaceId: pulumi.StringRef(\"ws-cj5xcxsz5\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetWorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getWorkspace(GetWorkspaceArgs.builder()\n .workspaceId(\"ws-cj5xcxsz5\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getWorkspace\n Arguments:\n workspaceId: ws-cj5xcxsz5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter By Directory ID \u0026 User Name\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.workspaces.getWorkspace({\n directoryId: \"d-9967252f57\",\n userName: \"Example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.workspaces.get_workspace(directory_id=\"d-9967252f57\",\n user_name=\"Example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Workspaces.GetWorkspace.Invoke(new()\n {\n DirectoryId = \"d-9967252f57\",\n UserName = \"Example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := workspaces.LookupWorkspace(ctx, \u0026workspaces.LookupWorkspaceArgs{\n\t\t\tDirectoryId: pulumi.StringRef(\"d-9967252f57\"),\n\t\t\tUserName: pulumi.StringRef(\"Example\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.WorkspacesFunctions;\nimport com.pulumi.aws.workspaces.inputs.GetWorkspaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = WorkspacesFunctions.getWorkspace(GetWorkspaceArgs.builder()\n .directoryId(\"d-9967252f57\")\n .userName(\"Example\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: aws:workspaces:getWorkspace\n Arguments:\n directoryId: d-9967252f57\n userName: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getWorkspace.\n", "properties": { "directoryId": { "type": "string", "description": "ID of the directory for the WorkSpace. You have to specify `user_name` along with `directory_id`. You cannot combine this parameter with `workspace_id`.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags for the WorkSpace.\n" }, "userName": { "type": "string", "description": "User name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace. You cannot combine this parameter with `workspace_id`.\n" }, "workspaceId": { "type": "string", "description": "ID of the WorkSpace. You cannot combine this parameter with `directory_id`.\n" } }, "type": "object" }, "outputs": { "description": "A collection of values returned by getWorkspace.\n", "properties": { "bundleId": { "type": "string" }, "computerName": { "description": "Name of the WorkSpace, as seen by the operating system.\n", "type": "string" }, "directoryId": { "type": "string" }, "id": { "description": "The provider-assigned unique ID for this managed resource.\n", "type": "string" }, "ipAddress": { "description": "IP address of the WorkSpace.\n", "type": "string" }, "rootVolumeEncryptionEnabled": { "type": "boolean" }, "state": { "description": "Operational state of the WorkSpace.\n", "type": "string" }, "tags": { "additionalProperties": { "type": "string" }, "type": "object" }, "userName": { "type": "string" }, "userVolumeEncryptionEnabled": { "type": "boolean" }, "volumeEncryptionKey": { "type": "string" }, "workspaceId": { "type": "string" }, "workspaceProperties": { "items": { "$ref": "#/types/aws:workspaces/getWorkspaceWorkspaceProperty:getWorkspaceWorkspaceProperty" }, "type": "array" } }, "required": [ "bundleId", "computerName", "directoryId", "ipAddress", "rootVolumeEncryptionEnabled", "state", "tags", "userName", "userVolumeEncryptionEnabled", "volumeEncryptionKey", "workspaceId", "workspaceProperties", "id" ], "type": "object" } } } }